summaryrefslogtreecommitdiffstats
path: root/extra
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--extra/mariabackup/CMakeLists.txt2
-rw-r--r--extra/mariabackup/backup_copy.cc3
-rw-r--r--extra/mariabackup/backup_copy.h1
-rw-r--r--extra/mariabackup/backup_mysql.cc28
-rw-r--r--extra/mariabackup/fil_cur.cc2
-rw-r--r--extra/mariabackup/wsrep.cc10
-rw-r--r--extra/mariabackup/xtrabackup.cc85
-rw-r--r--extra/mariabackup/xtrabackup.h2
-rw-r--r--extra/my_print_defaults.c1
-rw-r--r--extra/wolfssl/user_settings.h.in5
-rw-r--r--extra/wolfssl/wolfssl/.editorconfig10
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/async.yml7
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/curl.yml61
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml2
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml4
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/hitch.yml94
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/hostap.yml6
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/krb5.yml79
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/main.yml16
-rwxr-xr-xextra/wolfssl/wolfssl/.github/workflows/memcached.sh14
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/memcached.yml107
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml54
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml21
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/nginx.yml206
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/openvpn.yml4
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/os-check.yml25
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/packaging.yml45
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/stunnel.yml4
-rw-r--r--extra/wolfssl/wolfssl/.github/workflows/zephyr.yml104
-rw-r--r--extra/wolfssl/wolfssl/.gitignore22
-rw-r--r--extra/wolfssl/wolfssl/CMakeLists.txt308
-rw-r--r--extra/wolfssl/wolfssl/ChangeLog.md152
-rw-r--r--extra/wolfssl/wolfssl/Docker/Dockerfile34
-rw-r--r--extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler11
-rwxr-xr-xextra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh20
-rw-r--r--extra/wolfssl/wolfssl/Docker/README.md9
-rwxr-xr-xextra/wolfssl/wolfssl/Docker/buildAndPush.sh37
-rw-r--r--extra/wolfssl/wolfssl/Docker/include.am2
-rw-r--r--extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile6
-rw-r--r--extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile3
-rwxr-xr-xextra/wolfssl/wolfssl/Docker/run.sh6
-rw-r--r--extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile2
-rw-r--r--extra/wolfssl/wolfssl/IDE/ARDUINO/README.md11
-rw-r--r--extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino231
-rwxr-xr-xextra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh179
-rw-r--r--extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h3
-rw-r--r--extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h1
-rw-r--r--extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h1
-rw-r--r--extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md70
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md197
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md1
-rwxr-xr-xextra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh3
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md120
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt73
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md72
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj269
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt524
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h428
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt102
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_class.h)8
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/main.c (renamed from extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_first.c)45
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv31
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults35
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt23
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md88
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj4
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt616
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h450
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt7
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk6
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h (renamed from extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h)7
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c88
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv31
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt93
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md57
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md512
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md52
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln31
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln56
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj (renamed from extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj)20
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt613
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h427
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt41
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild12
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c424
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h71
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h (renamed from extra/wolfssl/wolfssl/cyassl/error-ssl.h)7
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h54
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h84
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c267
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c333
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c329
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv31
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt93
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md93
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md512
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md52
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln (renamed from extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln)8
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj (renamed from extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj)22
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt613
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h435
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt43
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild9
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h (renamed from extra/wolfssl/wolfssl/cyassl/callbacks.h)7
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h60
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h54
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h81
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c257
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c347
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c333
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c336
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv31
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt69
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md51
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt615
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h450
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt5
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h (renamed from extra/wolfssl/wolfssl/cyassl/crl.h)7
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h (renamed from extra/wolfssl/wolfssl/cyassl/options.h.in)18
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c125
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c1
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv34
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md10
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c12
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt6
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h368
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/README.md161
-rw-r--r--extra/wolfssl/wolfssl/IDE/Espressif/include.am95
-rw-r--r--extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h23
-rw-r--r--extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common6
-rw-r--r--extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld8
-rw-r--r--extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore9
-rw-r--r--extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore6
-rw-r--r--extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md4
-rw-r--r--extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c6
-rw-r--r--extra/wolfssl/wolfssl/IDE/M68K/Makefile2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch44
-rw-r--r--extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch12
-rw-r--r--extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c28
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h70
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h69
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h71
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c6
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h93
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx6
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h497
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c91
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx12
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h497
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c66
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h495
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c68
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h497
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c108
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h497
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c112
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h497
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c73
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c54
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c24
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx6
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h497
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx2
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md60
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c4
-rw-r--r--extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am9
-rw-r--r--extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt4
-rw-r--r--extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/QNX/README.md2
-rw-r--r--extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h1
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md4
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c8
-rwxr-xr-xextra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md6
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h40
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h6
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject13
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h6
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c104
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c190
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c22
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c353
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject244
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project16
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h30
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c11
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c18
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project5
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi14
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project5
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h25
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c16
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md12
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md4
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c6
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject32
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project5
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c76
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c23
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg10
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project5
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project5
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h75
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c14
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c340
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md538
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h115
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h108
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am17
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject1219
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project440
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld243
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c438
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c184
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c210
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c1325
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore2
-rw-r--r--extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/wc_port.h)19
-rw-r--r--extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c2
-rw-r--r--extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h4
-rw-r--r--extra/wolfssl/wolfssl/IDE/STM32Cube/README.md3
-rw-r--r--extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md250
-rw-r--r--extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl36
-rw-r--r--extra/wolfssl/wolfssl/IDE/STM32Cube/main.c4
-rw-r--r--extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md92
-rw-r--r--extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am7
-rw-r--r--extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c244
-rw-r--r--extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h521
-rw-r--r--extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h1
-rw-r--r--extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h1
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN/README.txt18
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj16
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN/user_settings.h3
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj34
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN10/README.txt10
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj2
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h12
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc10
-rw-r--r--extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj15
-rw-r--r--extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h3
-rw-r--r--extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h2
-rw-r--r--extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj363
-rw-r--r--extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj484
-rw-r--r--extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md2
-rwxr-xr-xextra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh2
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore1
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/README.md92
-rwxr-xr-xextra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh110
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/include.am24
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj403
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json11
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json63
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json6
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/arc4.h)39
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c149
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/misc.h)13
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h (renamed from extra/wolfssl/wolfssl/cyassl/openssl/ssl.h)18
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements14
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/dsa.h)21
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c62
-rw-r--r--extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/coding.h)13
-rw-r--r--extra/wolfssl/wolfssl/IDE/include.am6
-rw-r--r--extra/wolfssl/wolfssl/INSTALL178
-rw-r--r--extra/wolfssl/wolfssl/Makefile.am4
-rw-r--r--extra/wolfssl/wolfssl/README211
-rw-r--r--extra/wolfssl/wolfssl/README.md210
-rw-r--r--extra/wolfssl/wolfssl/SCRIPTS-LIST2
-rwxr-xr-xextra/wolfssl/wolfssl/async-check.sh127
-rwxr-xr-xextra/wolfssl/wolfssl/autogen.sh40
-rw-r--r--extra/wolfssl/wolfssl/certs/1024/ca-cert.derbin1037 -> 1037 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/1024/ca-cert.pem38
-rw-r--r--extra/wolfssl/wolfssl/certs/1024/client-cert.derbin1052 -> 1052 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/1024/client-cert.pem40
-rw-r--r--extra/wolfssl/wolfssl/certs/1024/server-cert.derbin1014 -> 1014 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/1024/server-cert.pem72
-rw-r--r--extra/wolfssl/wolfssl/certs/3072/client-cert.derbin1569 -> 1569 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/3072/client-cert.pem78
-rw-r--r--extra/wolfssl/wolfssl/certs/4096/client-cert.derbin1823 -> 1825 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/4096/client-cert.pem139
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-cert-chain.derbin1022 -> 1022 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-cert.derbin1283 -> 1283 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-cert.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-ecc-cert.derbin666 -> 665 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem22
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-ecc384-cert.derbin725 -> 726 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem30
-rw-r--r--extra/wolfssl/wolfssl/certs/client-absolute-urn.pem60
-rw-r--r--extra/wolfssl/wolfssl/certs/client-ca.pem88
-rw-r--r--extra/wolfssl/wolfssl/certs/client-cert-ext.derbin1292 -> 1292 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/client-cert-ext.pem60
-rw-r--r--extra/wolfssl/wolfssl/certs/client-cert.derbin1313 -> 1313 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/client-cert.pem60
-rw-r--r--extra/wolfssl/wolfssl/certs/client-crl-dist.derbin1011 -> 1011 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/client-crl-dist.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/client-ecc-cert.derbin866 -> 865 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/client-ecc-cert.pem28
-rw-r--r--extra/wolfssl/wolfssl/certs/client-ecc384-cert.derbin754 -> 757 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem28
-rw-r--r--extra/wolfssl/wolfssl/certs/client-relative-uri.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/client-uri-cert.pem58
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem10
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/ca-int.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem8
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/ca-int2.pem16
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem12
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/caEccCrl.derbin0 -> 341 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem10
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/cliCrl.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem12
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/client-int.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/crl.derbin520 -> 520 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/crl.pem52
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/crl.revoked56
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/crl2.derbin520 -> 520 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/crl2.pem102
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem26
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem32
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem13
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem13
-rwxr-xr-xextra/wolfssl/wolfssl/certs/crl/gencrls.sh48
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/include.am45
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem12
-rw-r--r--extra/wolfssl/wolfssl/certs/crl/server-int.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/csr.dsa.derbin0 -> 590 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc-params.der1
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc-params.pem3
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem12
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc-privkey.der2
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12bin2310 -> 2310 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.derbin122 -> 122 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem6
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.derbin717 -> 719 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem62
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.derbin710 -> 712 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem62
-rwxr-xr-xextra/wolfssl/wolfssl/certs/ecc/genecc.sh22
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.derbin118 -> 118 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem6
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.derbin898 -> 900 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem74
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.derbin888 -> 890 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem74
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.derbin617 -> 617 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem20
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.derbin931 -> 931 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem30
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der2
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem3
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/include.am4
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.derbin613 -> 613 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem22
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem20
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.derbin683 -> 683 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem40
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/ca-ed448.derbin684 -> 684 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem30
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/client-ed448.derbin994 -> 994 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem36
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/root-ed448.derbin680 -> 680 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem32
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem26
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/server-ed448.derbin750 -> 750 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem110
-rw-r--r--extra/wolfssl/wolfssl/certs/fpki-cert.derbin1363 -> 1363 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/include.am210
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.derbin1051 -> 1051 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem108
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.derbin663 -> 663 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem42
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.derbin1063 -> 1063 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem110
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.derbin675 -> 676 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem46
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem82
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem120
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.derbin2054 -> 2055 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem42
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-chain.derbin3217 -> 3217 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem80
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.derbin1103 -> 1103 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem58
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.derbin716 -> 716 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem26
-rwxr-xr-xextra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh4
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/include.am1
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem86
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem120
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.derbin2225 -> 2225 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem46
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain.derbin3384 -> 3384 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem80
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.derbin1270 -> 1270 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem58
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.derbin887 -> 886 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem30
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem102
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem102
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem102
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem102
-rwxr-xr-xextra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh12
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem52
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem150
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem150
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem150
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem150
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem150
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.derbin1961 -> 1961 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.derbin1860 -> 1860 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.derbin1909 -> 1909 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/ocsp/test-response.derbin1860 -> 1860 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/ca-p521.derbin805 -> 805 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/ca-p521.pem30
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/client-p521.derbin1113 -> 1113 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/client-p521.pem42
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/root-p521.derbin799 -> 800 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/root-p521.pem34
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem32
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/server-p521.derbin871 -> 870 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/p521/server-p521.pem62
-rwxr-xr-xextra/wolfssl/wolfssl/certs/renewcerts.sh24
-rw-r--r--extra/wolfssl/wolfssl/certs/rid-cert.derbin1164 -> 1164 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.derbin0 -> 294 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.derbin0 -> 91 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rpk/include.am9
-rw-r--r--extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.derbin0 -> 294 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.derbin0 -> 91 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.derbin1427 -> 1427 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem68
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.derbin1219 -> 1219 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.derbin1737 -> 1737 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem78
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.derbin1529 -> 1529 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.derbin1425 -> 1425 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem74
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.derbin1217 -> 1217 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem70
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.derbin1491 -> 1491 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem138
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem52
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem50
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.derbin1283 -> 1283 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem98
-rw-r--r--extra/wolfssl/wolfssl/certs/server-cert-chain.derbin2543 -> 2543 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-cert.derbin1260 -> 1260 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-cert.pem112
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc-comp.derbin891 -> 891 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc-comp.pem30
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc-rsa.derbin1070 -> 1070 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc-self.derbin863 -> 868 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc-self.pem59
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc.derbin677 -> 678 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc.pem40
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc384-cert.derbin931 -> 931 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem36
-rw-r--r--extra/wolfssl/wolfssl/certs/server-keyPub.derbin0 -> 294 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/server-keyPub.pem4
-rw-r--r--extra/wolfssl/wolfssl/certs/server-revoked-cert.pem112
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.derbin0 -> 92 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem4
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.derbin0 -> 121 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem5
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/ca-sm2.derbin0 -> 666 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem51
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.derbin0 -> 92 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem4
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.derbin0 -> 121 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem5
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/client-sm2.derbin0 -> 973 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem63
-rwxr-xr-xextra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh124
-rwxr-xr-xextra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh16
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/include.am37
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.derbin0 -> 92 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem4
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.derbin0 -> 121 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem5
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/root-sm2.derbin0 -> 661 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem52
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem52
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem4
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem6
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem57
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.derbin0 -> 92 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem4
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.derbin0 -> 121 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem5
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2.derbin0 -> 732 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem108
-rw-r--r--extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.derbin115 -> 115 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.derbin166 -> 166 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.derbin214 -> 214 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.derbin115 -> 115 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.derbin166 -> 166 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.derbin214 -> 214 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test-degenerate.p7bbin1362 -> 1362 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem104
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem154
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem50
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem104
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem104
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem104
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem154
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem50
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem394
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem50
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem250
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem50
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem200
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem248
-rw-r--r--extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem48
-rw-r--r--extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12bin5517 -> 5517 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test-servercert.p12bin5517 -> 5517 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ia.derbin1031 -> 1031 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-joi.derbin1376 -> 1376 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.derbin1097 -> 1097 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.derbin1436 -> 1436 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-nc.derbin1081 -> 1081 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.derbin1095 -> 1095 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.derbin1092 -> 1092 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-nct.derbin1052 -> 1052 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.derbin1281 -> 1281 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem18
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.derbin1260 -> 1260 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem20
-rw-r--r--extra/wolfssl/wolfssl/certs/test/digsigku.pem20
-rw-r--r--extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msgbin379 -> 379 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badaltname.derbin950 -> 950 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badaltname.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badaltnull.derbin946 -> 946 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem57
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badcn.derbin918 -> 918 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badcn.pem56
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badcnnull.derbin984 -> 984 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.derbin677 -> 678 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem40
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.derbin1260 -> 1260 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem112
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem112
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-garbage.derbin928 -> 928 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-garbage.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodalt.derbin944 -> 944 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodalt.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodaltwild.derbin945 -> 945 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodcn.derbin904 -> 904 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodcn.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodcnwild.derbin906 -> 906 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-localhost.derbin930 -> 930 bytes
-rw-r--r--extra/wolfssl/wolfssl/certs/test/server-localhost.pem54
-rw-r--r--extra/wolfssl/wolfssl/certs/x942dh2048.derbin0 -> 557 bytes
-rw-r--r--extra/wolfssl/wolfssl/cmake/README.md7
-rw-r--r--extra/wolfssl/wolfssl/cmake/functions.cmake86
-rw-r--r--extra/wolfssl/wolfssl/cmake/include.am2
-rw-r--r--extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake108
-rw-r--r--extra/wolfssl/wolfssl/configure.ac1160
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln38
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj319
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/aes.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/des3.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/random.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/sha.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c1
-rw-r--r--extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c1
-rw-r--r--extra/wolfssl/wolfssl/cyassl/certs_test.h10
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h61
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h48
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h75
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h43
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h44
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h45
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h39
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h36
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h38
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h49
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h69
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h33
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h59
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h45
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am52
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h35
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h41
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h43
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h38
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h45
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h42
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h53
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h39
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h29
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h37
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h39
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h38
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h58
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h702
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h69
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h37
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h46
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h41
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h42
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h39
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h73
-rw-r--r--extra/wolfssl/wolfssl/cyassl/include.am31
-rw-r--r--extra/wolfssl/wolfssl/cyassl/internal.h23
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ocsp.h23
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/asn1.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/bio.h4
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/bn.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/conf.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/crypto.h4
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/dh.h4
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/dsa.h12
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ec.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ec448.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ed448.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/engine.h5
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/err.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/evp.h41
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/include.am42
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/lhash.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/md4.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/md5.h5
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/pem.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/rand.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/rsa.h12
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/sha.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/stack.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/ui.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/x509.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/sniffer.h23
-rw-r--r--extra/wolfssl/wolfssl/cyassl/sniffer_error.h23
-rw-r--r--extra/wolfssl/wolfssl/cyassl/sniffer_error.rc93
-rw-r--r--extra/wolfssl/wolfssl/cyassl/ssl.h722
-rw-r--r--extra/wolfssl/wolfssl/cyassl/test.h3
-rw-r--r--extra/wolfssl/wolfssl/cyassl/version.h27
-rw-r--r--extra/wolfssl/wolfssl/cyassl/version.h.in23
-rw-r--r--extra/wolfssl/wolfssl/debian/changelog.in7
-rw-r--r--extra/wolfssl/wolfssl/debian/control.in44
-rw-r--r--extra/wolfssl/wolfssl/debian/copyright217
-rw-r--r--extra/wolfssl/wolfssl/debian/include.am77
-rw-r--r--extra/wolfssl/wolfssl/doc/QUIC.md2
-rwxr-xr-xextra/wolfssl/wolfssl/doc/check_api.sh2
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h330
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h1932
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h29
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h101
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h12
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h12
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h2
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h102
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h407
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h14
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h24
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h141
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h26
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h4160
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h685
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h4
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h63
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h3
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h1
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h40
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h225
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h2
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h11
-rw-r--r--extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h429
-rw-r--r--extra/wolfssl/wolfssl/examples/README.md6
-rw-r--r--extra/wolfssl/wolfssl/examples/asn1/asn1.c44
-rw-r--r--extra/wolfssl/wolfssl/examples/async/README.md34
-rw-r--r--extra/wolfssl/wolfssl/examples/async/async_client.c277
-rw-r--r--extra/wolfssl/wolfssl/examples/async/async_server.c363
-rw-r--r--extra/wolfssl/wolfssl/examples/async/async_tls.c158
-rw-r--r--extra/wolfssl/wolfssl/examples/async/async_tls.h (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/dh.h)30
-rw-r--r--extra/wolfssl/wolfssl/examples/async/include.am24
-rw-r--r--extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c190
-rw-r--r--extra/wolfssl/wolfssl/examples/client/client.c233
-rw-r--r--extra/wolfssl/wolfssl/examples/client/client.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/examples/client/client.vcxproj16
-rw-r--r--extra/wolfssl/wolfssl/examples/configs/README.md1
-rw-r--r--extra/wolfssl/wolfssl/examples/configs/include.am1
-rw-r--r--extra/wolfssl/wolfssl/examples/configs/user_settings_EBSnet.h (renamed from extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_last.c)48
-rw-r--r--extra/wolfssl/wolfssl/examples/configs/user_settings_all.h2
-rw-r--r--extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h133
-rw-r--r--extra/wolfssl/wolfssl/examples/configs/user_settings_template.h30
-rw-r--r--extra/wolfssl/wolfssl/examples/echoclient/echoclient.c52
-rw-r--r--extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj16
-rw-r--r--extra/wolfssl/wolfssl/examples/echoserver/echoserver.c162
-rw-r--r--extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj16
-rw-r--r--extra/wolfssl/wolfssl/examples/include.am2
-rw-r--r--extra/wolfssl/wolfssl/examples/pem/include.am12
-rw-r--r--extra/wolfssl/wolfssl/examples/pem/pem.c1044
-rw-r--r--extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c8
-rw-r--r--extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c8
-rw-r--r--extra/wolfssl/wolfssl/examples/server/server.c177
-rw-r--r--extra/wolfssl/wolfssl/examples/server/server.h2
-rw-r--r--extra/wolfssl/wolfssl/examples/server/server.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/examples/server/server.vcxproj16
-rwxr-xr-xextra/wolfssl/wolfssl/fips-check.sh683
-rwxr-xr-xextra/wolfssl/wolfssl/gencertbuf.pl54
-rw-r--r--extra/wolfssl/wolfssl/linuxkm/Kbuild2
-rw-r--r--extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h6
-rw-r--r--extra/wolfssl/wolfssl/linuxkm/module_exports.c.template4
-rw-r--r--extra/wolfssl/wolfssl/linuxkm/module_hooks.c8
-rw-r--r--extra/wolfssl/wolfssl/mcapi/crypto.h4
-rw-r--r--extra/wolfssl/wolfssl/mcapi/mcapi_test.c14
-rw-r--r--extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c4
-rw-r--r--extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h8
-rw-r--r--extra/wolfssl/wolfssl/rpm/include.am7
-rw-r--r--extra/wolfssl/wolfssl/rpm/spec.in261
-rw-r--r--extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh201
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/crl-revoked.test5
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/dtls.test169
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/dtls13.test171
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/external.test11
-rw-r--r--extra/wolfssl/wolfssl/scripts/include.am8
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/makedistsmall.sh7
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/ocsp-stapling.test10
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/openssl.test4
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/pem.test459
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/sniffer-gen.sh168
-rwxr-xr-xextra/wolfssl/wolfssl/scripts/sniffer-testsuite.test72
-rw-r--r--extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out7
-rw-r--r--extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcapbin0 -> 15325 bytes
-rw-r--r--extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog4
-rw-r--r--extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out9
-rw-r--r--extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcapbin0 -> 23046 bytes
-rw-r--r--extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog24
-rw-r--r--extra/wolfssl/wolfssl/src/bio.c131
-rw-r--r--extra/wolfssl/wolfssl/src/conf.c6
-rw-r--r--extra/wolfssl/wolfssl/src/crl.c705
-rw-r--r--extra/wolfssl/wolfssl/src/dtls.c122
-rw-r--r--extra/wolfssl/wolfssl/src/dtls13.c170
-rw-r--r--extra/wolfssl/wolfssl/src/include.am278
-rw-r--r--extra/wolfssl/wolfssl/src/internal.c4159
-rw-r--r--extra/wolfssl/wolfssl/src/keys.c521
-rw-r--r--extra/wolfssl/wolfssl/src/ocsp.c246
-rw-r--r--extra/wolfssl/wolfssl/src/pk.c214
-rw-r--r--extra/wolfssl/wolfssl/src/quic.c33
-rw-r--r--extra/wolfssl/wolfssl/src/sniffer.c550
-rw-r--r--extra/wolfssl/wolfssl/src/ssl.c6009
-rw-r--r--extra/wolfssl/wolfssl/src/ssl_asn1.c26
-rw-r--r--extra/wolfssl/wolfssl/src/ssl_bn.c12
-rw-r--r--extra/wolfssl/wolfssl/src/ssl_certman.c2372
-rw-r--r--extra/wolfssl/wolfssl/src/ssl_crypto.c3499
-rw-r--r--extra/wolfssl/wolfssl/src/ssl_misc.c13
-rw-r--r--extra/wolfssl/wolfssl/src/tls.c1402
-rw-r--r--extra/wolfssl/wolfssl/src/tls13.c936
-rw-r--r--extra/wolfssl/wolfssl/src/wolfio.c87
-rw-r--r--extra/wolfssl/wolfssl/src/x509.c238
-rw-r--r--extra/wolfssl/wolfssl/src/x509_str.c153
-rw-r--r--extra/wolfssl/wolfssl/sslSniffer/README.md88
-rw-r--r--extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj8
-rw-r--r--extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c151
-rw-r--r--extra/wolfssl/wolfssl/tests/api.c50002
-rw-r--r--extra/wolfssl/wolfssl/tests/include.am6
-rw-r--r--extra/wolfssl/wolfssl/tests/quic.c9
-rw-r--r--extra/wolfssl/wolfssl/tests/srp.c12
-rw-r--r--extra/wolfssl/wolfssl/tests/suites.c66
-rw-r--r--extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf23
-rw-r--r--extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf24
-rw-r--r--extra/wolfssl/wolfssl/tests/test-sm2.conf189
-rw-r--r--extra/wolfssl/wolfssl/tests/unit.c73
-rw-r--r--extra/wolfssl/wolfssl/tests/unit.h114
-rw-r--r--extra/wolfssl/wolfssl/tests/utils.h385
-rw-r--r--extra/wolfssl/wolfssl/tests/w64wrapper.c2
-rw-r--r--extra/wolfssl/wolfssl/testsuite/testsuite.c302
-rw-r--r--extra/wolfssl/wolfssl/testsuite/testsuite.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj16
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c4572
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h10
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/aes.c5130
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S161
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm64
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S1194
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm1630
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S1449
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/asm.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/asn.c3161
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c13
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c8
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c49
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/compress.c1
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c126
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c27
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/des3.c86
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/dh.c30
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c8
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c648
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c17
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c22
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/error.c14
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/evp.c2575
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c972
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c981
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c252
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S17284
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c1103
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c22
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c263
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/hash.c110
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c148
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c41
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/include.am11
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/integer.c105
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c493
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/logging.c48
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/md2.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/memory.c222
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/misc.c55
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c9
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c375
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S6
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md69
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c427
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c3194
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c1190
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c641
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c362
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c816
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c322
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c686
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c (renamed from extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_util.c)470
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c589
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c437
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c267
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c85
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c302
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c18
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c647
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c18
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c298
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c599
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S4586
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c4794
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S13951
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c14345
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S319
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c527
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S1808
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c2159
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c13643
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S12007
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c11826
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c81
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c5
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c9
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c17
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S3360
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c3014
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S6485
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c6910
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S1490
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c1477
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S3677
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c3592
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c63
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c97
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c25
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c158
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c6
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c2
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md9
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c327
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c138
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c536
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c3
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c38
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c30
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/random.c230
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c218
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c20
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha.c265
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c405
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c1
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c296
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S4
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/signature.c11
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c8
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sm2.c (renamed from extra/wolfssl/wolfssl/ctaocrypt/src/misc.c)18
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c35137
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c5411
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c3378
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c1377
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c1427
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c61239
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c18
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c689
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S33
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c2295
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S778
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm645
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c26
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c392
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c26
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c13
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c700
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c26
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c10
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/test/test.c6038
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/test/test.h31
-rw-r--r--extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c10
-rw-r--r--extra/wolfssl/wolfssl/wolfssl.rcbin4918 -> 4918 bytes
-rw-r--r--extra/wolfssl/wolfssl/wolfssl.vcproj4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl.vcxproj17
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/certs_test.h1570
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/crl.h3
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/error-ssl.h3
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/internal.h483
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/ocsp.h14
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/aes.h10
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/bio.h5
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/bn.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h2
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/ec.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/engine.h3
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/evp.h188
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/objects.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h2
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/sha.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h40
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/x509.h38
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h5
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/quic.h2
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/sniffer.h29
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/sniffer_error.h2
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc8
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/ssl.h222
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/test.h981
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/version.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h236
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h138
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h44
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h20
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h9
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h14
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h9
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h1
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h29
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h65
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h56
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h22
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h10
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h33
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h16
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h11
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am21
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h11
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h36
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h144
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h35
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h161
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h182
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h33
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h1
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h786
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h345
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h325
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h278
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h87
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h7
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h3
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h80
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h69
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h7
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h2
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h3
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h4
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h15
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h74
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h10
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h6
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h22
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h325
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h24
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h46
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h63
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm2.h (renamed from extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_superclass.h)8
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm3.h (renamed from extra/wolfssl/wolfssl/cyassl/openssl/des.h)9
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm4.h (renamed from extra/wolfssl/wolfssl/cyassl/openssl/hmac.h)9
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h70
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h38
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h36
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h25
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h358
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h13
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h23
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h65
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h23
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h152
-rw-r--r--extra/wolfssl/wolfssl/wolfssl/wolfio.h16
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/README.md116
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c105
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/client.gpr78
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/default.gpr90
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc1
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/include.am17
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb138
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads137
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb18
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads43
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb328
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads37
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb33
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb330
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads39
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb39
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h385
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb688
-rw-r--r--extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads606
-rw-r--r--extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs4
-rw-r--r--extra/wolfssl/wolfssl/wrapper/include.am1
-rw-r--r--extra/wolfssl/wolfssl/zephyr/CMakeLists.txt9
-rw-r--r--extra/wolfssl/wolfssl/zephyr/Kconfig2
-rw-r--r--extra/wolfssl/wolfssl/zephyr/README.md8
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf2
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml13
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf2
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml15
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf5
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml17
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c30
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf2
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml19
-rw-r--r--extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c31
-rw-r--r--extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h8
-rw-r--r--extra/wolfssl/wolfssl/zephyr/user_settings.h8
1167 files changed, 286553 insertions, 147907 deletions
diff --git a/extra/mariabackup/CMakeLists.txt b/extra/mariabackup/CMakeLists.txt
index 66293dac..f1c9dca7 100644
--- a/extra/mariabackup/CMakeLists.txt
+++ b/extra/mariabackup/CMakeLists.txt
@@ -36,7 +36,7 @@ INCLUDE_DIRECTORIES(
)
IF(NOT HAVE_SYSTEM_REGEX)
- INCLUDE_DIRECTORIES(${PCRE_INCLUDES})
+ INCLUDE_DIRECTORIES(${PCRE_INCLUDE_DIRS})
ADD_DEFINITIONS(${PCRE2_DEBIAN_HACK})
ENDIF()
diff --git a/extra/mariabackup/backup_copy.cc b/extra/mariabackup/backup_copy.cc
index dbf12ced..f8d315d9 100644
--- a/extra/mariabackup/backup_copy.cc
+++ b/extra/mariabackup/backup_copy.cc
@@ -1618,6 +1618,7 @@ ibx_copy_incremental_over_full()
NULL};
const char *sup_files[] = {"xtrabackup_binlog_info",
"xtrabackup_galera_info",
+ "donor_galera_info",
"xtrabackup_slave_info",
"xtrabackup_info",
"ib_lru_dump",
@@ -2290,7 +2291,7 @@ ds_ctxt_t::make_hardlink(const char *from_path, const char *to_path)
}
else
{
- strncpy(to_path_full, to_path, sizeof(to_path_full));
+ strncpy(to_path_full, to_path, sizeof(to_path_full)-1);
}
#ifdef _WIN32
return CreateHardLink(to_path_full, from_path, NULL);
diff --git a/extra/mariabackup/backup_copy.h b/extra/mariabackup/backup_copy.h
index b4a323f2..b5aaf312 100644
--- a/extra/mariabackup/backup_copy.h
+++ b/extra/mariabackup/backup_copy.h
@@ -9,6 +9,7 @@
/* special files */
#define XTRABACKUP_SLAVE_INFO "xtrabackup_slave_info"
#define XTRABACKUP_GALERA_INFO "xtrabackup_galera_info"
+#define XTRABACKUP_DONOR_GALERA_INFO "donor_galera_info"
#define XTRABACKUP_BINLOG_INFO "xtrabackup_binlog_info"
#define XTRABACKUP_INFO "xtrabackup_info"
diff --git a/extra/mariabackup/backup_mysql.cc b/extra/mariabackup/backup_mysql.cc
index cf8a5051..c2f15da4 100644
--- a/extra/mariabackup/backup_mysql.cc
+++ b/extra/mariabackup/backup_mysql.cc
@@ -1360,6 +1360,7 @@ write_galera_info(ds_ctxt *datasink, MYSQL *connection)
{
char *state_uuid = NULL, *state_uuid55 = NULL;
char *last_committed = NULL, *last_committed55 = NULL;
+ char *domain_id = NULL, *domain_id55 = NULL;
bool result;
mysql_variable status[] = {
@@ -1370,6 +1371,12 @@ write_galera_info(ds_ctxt *datasink, MYSQL *connection)
{NULL, NULL}
};
+ mysql_variable value[] = {
+ {"Wsrep_gtid_domain_id", &domain_id},
+ {"wsrep_gtid_domain_id", &domain_id55},
+ {NULL, NULL}
+ };
+
/* When backup locks are supported by the server, we should skip
creating xtrabackup_galera_info file on the backup stage, because
wsrep_local_state_uuid and wsrep_last_committed will be inconsistent
@@ -1388,9 +1395,26 @@ write_galera_info(ds_ctxt *datasink, MYSQL *connection)
goto cleanup;
}
+ read_mysql_variables(connection, "SHOW VARIABLES LIKE 'wsrep%'", value, true);
+
+ if (domain_id == NULL && domain_id55 == NULL) {
+ msg("Warning: failed to get master wsrep state from SHOW VARIABLES.");
+ result = true;
+ goto cleanup;
+ }
+
result = datasink->backup_file_printf(XTRABACKUP_GALERA_INFO,
- "%s:%s\n", state_uuid ? state_uuid : state_uuid55,
- last_committed ? last_committed : last_committed55);
+ "%s:%s %s\n", state_uuid ? state_uuid : state_uuid55,
+ last_committed ? last_committed : last_committed55,
+ domain_id ? domain_id : domain_id55);
+
+ if (result)
+ {
+ result= datasink->backup_file_printf(XTRABACKUP_DONOR_GALERA_INFO,
+ "%s:%s %s\n", state_uuid ? state_uuid : state_uuid55,
+ last_committed ? last_committed : last_committed55,
+ domain_id ? domain_id : domain_id55);
+ }
if (result)
{
write_current_binlog_file(datasink, connection);
diff --git a/extra/mariabackup/fil_cur.cc b/extra/mariabackup/fil_cur.cc
index e0a4711a..4f5d67a5 100644
--- a/extra/mariabackup/fil_cur.cc
+++ b/extra/mariabackup/fil_cur.cc
@@ -199,11 +199,13 @@ xb_fil_cur_open(
return(XB_FIL_CUR_SKIP);
}
+#ifdef HAVE_FCNTL_DIRECT
if (srv_file_flush_method == SRV_O_DIRECT
|| srv_file_flush_method == SRV_O_DIRECT_NO_FSYNC) {
os_file_set_nocache(cursor->file, node->name, "OPEN");
}
+#endif
posix_fadvise(cursor->file, 0, 0, POSIX_FADV_SEQUENTIAL);
diff --git a/extra/mariabackup/wsrep.cc b/extra/mariabackup/wsrep.cc
index 1b93e9ed..acaf5c50 100644
--- a/extra/mariabackup/wsrep.cc
+++ b/extra/mariabackup/wsrep.cc
@@ -53,6 +53,7 @@ permission notice:
/*! Name of file where Galera info is stored on recovery */
#define XB_GALERA_INFO_FILENAME "xtrabackup_galera_info"
+#define XB_GALERA_DONOR_INFO_FILENAME "donor_galera_info"
/***********************************************************************
Store Galera checkpoint info in the 'xtrabackup_galera_info' file, if that
@@ -67,7 +68,7 @@ xb_write_galera_info(bool incremental_prepare)
long long seqno;
MY_STAT statinfo;
- /* Do not overwrite existing an existing file to be compatible with
+ /* Do not overwrite an existing file to be compatible with
servers with older server versions */
if (!incremental_prepare &&
my_stat(XB_GALERA_INFO_FILENAME, &statinfo, MYF(0)) != NULL) {
@@ -101,10 +102,11 @@ xb_write_galera_info(bool incremental_prepare)
seqno = wsrep_xid_seqno(&xid);
- msg("mariabackup: Recovered WSREP position: %s:%lld\n",
- uuid_str, (long long) seqno);
+ msg("mariabackup: Recovered WSREP position: %s:%lld domain_id: %lld\n",
+ uuid_str, (long long) seqno, (long long)wsrep_get_domain_id());
- if (fprintf(fp, "%s:%lld", uuid_str, (long long) seqno) < 0) {
+ if (fprintf(fp, "%s:%lld %lld", uuid_str, (long long) seqno,
+ (long long)wsrep_get_domain_id()) < 0) {
die(
"could not write to " XB_GALERA_INFO_FILENAME
diff --git a/extra/mariabackup/xtrabackup.cc b/extra/mariabackup/xtrabackup.cc
index 9e359257..485cb143 100644
--- a/extra/mariabackup/xtrabackup.cc
+++ b/extra/mariabackup/xtrabackup.cc
@@ -127,7 +127,8 @@ int sd_notifyf() { return 0; }
int sys_var_init();
/* === xtrabackup specific options === */
-char xtrabackup_real_target_dir[FN_REFLEN] = "./xtrabackup_backupfiles/";
+#define DEFAULT_TARGET_DIR "./xtrabackup_backupfiles/"
+char xtrabackup_real_target_dir[FN_REFLEN] = DEFAULT_TARGET_DIR;
char *xtrabackup_target_dir= xtrabackup_real_target_dir;
static my_bool xtrabackup_version;
static my_bool verbose;
@@ -409,6 +410,9 @@ uint opt_safe_slave_backup_timeout = 0;
const char *opt_history = NULL;
+/* Whether xtrabackup_binlog_info should be created on recovery */
+static bool recover_binlog_info;
+
char mariabackup_exe[FN_REFLEN];
char orig_argv1[FN_REFLEN];
@@ -1266,22 +1270,25 @@ struct my_option xb_client_options[]= {
{"compress", OPT_XTRA_COMPRESS,
"Compress individual backup files using the "
- "specified compression algorithm. Currently the only supported algorithm "
- "is 'quicklz'. It is also the default algorithm, i.e. the one used when "
- "--compress is used without an argument.",
+ "specified compression algorithm. It uses no longer maintained QuickLZ "
+ "library hence this option was deprecated with MariaDB 10.1.31 and 10.2.13.",
(G_PTR *) &xtrabackup_compress_alg, (G_PTR *) &xtrabackup_compress_alg, 0,
GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
{"compress-threads", OPT_XTRA_COMPRESS_THREADS,
"Number of threads for parallel data compression. The default value is "
- "1.",
+ "1. "
+ "This option was deprecated as it relies on the no longer "
+ "maintained QuickLZ library.",
(G_PTR *) &xtrabackup_compress_threads,
(G_PTR *) &xtrabackup_compress_threads, 0, GET_UINT, REQUIRED_ARG, 1, 1,
UINT_MAX, 0, 0, 0},
{"compress-chunk-size", OPT_XTRA_COMPRESS_CHUNK_SIZE,
"Size of working buffer(s) for compression threads in bytes. The default "
- "value is 64K.",
+ "value is 64K. "
+ "This option was deprecated as it relies on the no longer "
+ "maintained QuickLZ library.",
(G_PTR *) &xtrabackup_compress_chunk_size,
(G_PTR *) &xtrabackup_compress_chunk_size, 0, GET_ULL, REQUIRED_ARG,
(1 << 16), 1024, ULONGLONG_MAX, 0, 0, 0},
@@ -1402,7 +1409,9 @@ struct my_option xb_client_options[]= {
{"decompress", OPT_DECOMPRESS,
"Decompresses all files with the .qp "
- "extension in a backup previously made with the --compress option.",
+ "extension in a backup previously made with the --compress option. "
+ "This option was deprecated as it relies on the no longer "
+ "maintained QuickLZ library.",
(uchar *) &opt_decompress, (uchar *) &opt_decompress, 0, GET_BOOL, NO_ARG,
0, 0, 0, 0, 0, 0},
@@ -1686,8 +1695,11 @@ struct my_option xb_server_options[] =
"Path to InnoDB log files.", &srv_log_group_home_dir,
&srv_log_group_home_dir, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
{"innodb_max_dirty_pages_pct", OPT_INNODB_MAX_DIRTY_PAGES_PCT,
- "Percentage of dirty pages allowed in bufferpool.", (G_PTR*) &srv_max_buf_pool_modified_pct,
- (G_PTR*) &srv_max_buf_pool_modified_pct, 0, GET_ULONG, REQUIRED_ARG, 90, 0, 100, 0, 0, 0},
+ "Percentage of dirty pages allowed in bufferpool.",
+ (G_PTR*) &srv_max_buf_pool_modified_pct,
+ (G_PTR*) &srv_max_buf_pool_modified_pct, 0, GET_DOUBLE, REQUIRED_ARG,
+ (longlong)getopt_double2ulonglong(90), (longlong)getopt_double2ulonglong(0),
+ getopt_double2ulonglong(100), 0, 0, 0},
{"innodb_use_native_aio", OPT_INNODB_USE_NATIVE_AIO,
"Use native AIO if supported on this platform.",
(G_PTR*) &srv_use_native_aio,
@@ -2179,7 +2191,7 @@ static bool innodb_init_param()
/* Check that values don't overflow on 32-bit systems. */
if (sizeof(ulint) == 4) {
- if (xtrabackup_use_memory > UINT_MAX32) {
+ if (xtrabackup_use_memory > (longlong) UINT_MAX32) {
msg("mariabackup: use-memory can't be over 4GB"
" on 32-bit systems");
}
@@ -2458,6 +2470,7 @@ xtrabackup_read_metadata(char *filename)
{
FILE *fp;
my_bool r = TRUE;
+ int t;
fp = fopen(filename,"r");
if(!fp) {
@@ -2488,6 +2501,9 @@ xtrabackup_read_metadata(char *filename)
}
/* Optional fields */
+ if (fscanf(fp, "recover_binlog_info = %d\n", &t) == 1) {
+ recover_binlog_info = (t == 1);
+ }
end:
fclose(fp);
@@ -2506,11 +2522,13 @@ xtrabackup_print_metadata(char *buf, size_t buf_len)
"backup_type = %s\n"
"from_lsn = " UINT64PF "\n"
"to_lsn = " UINT64PF "\n"
- "last_lsn = " UINT64PF "\n",
+ "last_lsn = " UINT64PF "\n"
+ "recover_binlog_info = %d\n",
metadata_type,
metadata_from_lsn,
metadata_to_lsn,
- metadata_last_lsn);
+ metadata_last_lsn,
+ MY_TEST(opt_binlog_info == BINLOG_INFO_LOCKLESS));
}
/***********************************************************************
@@ -5942,6 +5960,26 @@ static ibool prepare_handle_del_files(const char *datadir, const char *db, const
return TRUE;
}
+
+/**************************************************************************
+Store the current binary log coordinates in a specified file.
+@return 'false' on error. */
+static bool
+store_binlog_info(const char *filename, const char* name, ulonglong pos)
+{
+ FILE *fp = fopen(filename, "w");
+
+ if (!fp) {
+ msg("mariabackup: failed to open '%s'\n", filename);
+ return(false);
+ }
+
+ fprintf(fp, "%s\t%llu\n", name, pos);
+ fclose(fp);
+
+ return(true);
+}
+
/** Implement --prepare
@return whether the operation succeeded */
static bool xtrabackup_prepare_func(char** argv)
@@ -6133,6 +6171,20 @@ error:
msg("Last binlog file %s, position %lld",
trx_sys.recovered_binlog_filename,
longlong(trx_sys.recovered_binlog_offset));
+
+ /* output to xtrabackup_binlog_pos_innodb and (if
+ backup_safe_binlog_info was available on the server) to
+ xtrabackup_binlog_info. In the latter case
+ xtrabackup_binlog_pos_innodb becomes redundant and is created
+ only for compatibility. */
+ ok = store_binlog_info(
+ "xtrabackup_binlog_pos_innodb",
+ trx_sys.recovered_binlog_filename,
+ trx_sys.recovered_binlog_offset)
+ && (!recover_binlog_info || store_binlog_info(
+ XTRABACKUP_BINLOG_INFO,
+ trx_sys.recovered_binlog_filename,
+ trx_sys.recovered_binlog_offset));
}
/* Check whether the log is applied enough or not. */
@@ -6334,7 +6386,7 @@ static bool check_all_privileges()
}
/* KILL ... */
- if (!opt_no_lock && (opt_kill_long_queries_timeout || opt_kill_long_query_type)) {
+ if (!opt_no_lock && opt_kill_long_queries_timeout) {
check_result |= check_privilege(
granted_privileges,
"CONNECTION ADMIN", "*", "*",
@@ -6355,7 +6407,7 @@ static bool check_all_privileges()
if (opt_galera_info || opt_slave_info
|| opt_safe_slave_backup) {
check_result |= check_privilege(granted_privileges,
- "SLAVE MONITOR", "*", "*",
+ "REPLICA MONITOR", "*", "*",
PRIVILEGE_WARNING);
}
@@ -6568,9 +6620,10 @@ void handle_options(int argc, char **argv, char ***argv_server,
server_default_groups.push_back(NULL);
snprintf(conf_file, sizeof(conf_file), "my");
- if (prepare && target_dir) {
+ if (prepare) {
snprintf(conf_file, sizeof(conf_file),
- "%s/backup-my.cnf", target_dir);
+ "%s/backup-my.cnf", target_dir ? target_dir:
+ DEFAULT_TARGET_DIR);
if (!strncmp(argv[1], "--defaults-file=", 16)) {
/* Remove defaults-file*/
for (int i = 2; ; i++) {
diff --git a/extra/mariabackup/xtrabackup.h b/extra/mariabackup/xtrabackup.h
index 53784a3f..d091c474 100644
--- a/extra/mariabackup/xtrabackup.h
+++ b/extra/mariabackup/xtrabackup.h
@@ -171,7 +171,7 @@ extern uint opt_safe_slave_backup_timeout;
extern const char *opt_history;
-enum binlog_info_enum { BINLOG_INFO_OFF, BINLOG_INFO_ON,
+enum binlog_info_enum { BINLOG_INFO_OFF, BINLOG_INFO_LOCKLESS, BINLOG_INFO_ON,
BINLOG_INFO_AUTO};
extern ulong opt_binlog_info;
diff --git a/extra/my_print_defaults.c b/extra/my_print_defaults.c
index 115eb8e7..260662b2 100644
--- a/extra/my_print_defaults.c
+++ b/extra/my_print_defaults.c
@@ -175,6 +175,7 @@ int main(int argc, char **argv)
if ((error= load_defaults(config_file, (const char **) load_default_groups,
&count, &arguments)))
{
+ my_free(load_default_groups);
my_end(0);
if (error == 4)
return 0;
diff --git a/extra/wolfssl/user_settings.h.in b/extra/wolfssl/user_settings.h.in
index 425f6f15..baa64fcd 100644
--- a/extra/wolfssl/user_settings.h.in
+++ b/extra/wolfssl/user_settings.h.in
@@ -28,6 +28,11 @@
#define NO_OLD_TIMEVAL_NAME
#define HAVE_SECURE_RENEGOTIATION
#define HAVE_EXTENDED_MASTER
+/*
+ Following is workaround about a WolfSSL 5.6.6 bug.
+ The bug is about undefined sessionCtxSz during compilation.
+*/
+#define WOLFSSL_SESSION_ID_CTX
/* TLSv1.3 definitions (all needed to build) */
#define WOLFSSL_TLS13
diff --git a/extra/wolfssl/wolfssl/.editorconfig b/extra/wolfssl/wolfssl/.editorconfig
new file mode 100644
index 00000000..0ea0cc46
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.editorconfig
@@ -0,0 +1,10 @@
+# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
diff --git a/extra/wolfssl/wolfssl/.github/workflows/async.yml b/extra/wolfssl/wolfssl/.github/workflows/async.yml
index 8ded7695..84eb4c58 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/async.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/async.yml
@@ -10,17 +10,20 @@ jobs:
config: [
# Add new configs here
'--enable-asynccrypt --enable-all --enable-dtls13',
- '--enable-asynccrypt-sw',
+ '--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2',
+ '--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
]
name: make check
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 6
steps:
- uses: actions/checkout@v3
name: Checkout wolfSSL
- name: Test wolfSSL async
run: |
- ./async-check.sh setup
+ ./async-check.sh install
./configure ${{ matrix.config }}
make check
diff --git a/extra/wolfssl/wolfssl/.github/workflows/curl.yml b/extra/wolfssl/wolfssl/.github/workflows/curl.yml
new file mode 100644
index 00000000..fe6350e7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/curl.yml
@@ -0,0 +1,61 @@
+name: curl Test
+
+on:
+ workflow_call:
+
+jobs:
+ build_wolfssl:
+ name: Build wolfSSL
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
+ steps:
+ - name: Build wolfSSL
+ uses: wolfSSL/actions-build-autotools-project@v1
+ with:
+ path: wolfssl
+ configure: --enable-curl
+ install: true
+
+ - name: Upload built lib
+ uses: actions/upload-artifact@v3
+ with:
+ name: wolf-install-curl
+ path: build-dir
+ retention-days: 1
+
+ test_curl:
+ name: ${{ matrix.curl_ref }}
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 15
+ needs: build_wolfssl
+ strategy:
+ fail-fast: false
+ matrix:
+ curl_ref: [ 'master', 'curl-8_4_0' ]
+ steps:
+ - name: Install test dependencies
+ run: |
+ sudo apt-get update
+ sudo apt-get install nghttp2
+ sudo pip install impacket
+
+ - name: Download lib
+ uses: actions/download-artifact@v3
+ with:
+ name: wolf-install-curl
+ path: build-dir
+
+ - name: Build curl
+ uses: wolfSSL/actions-build-autotools-project@v1
+ with:
+ repository: curl/curl
+ path: curl
+ ref: ${{ matrix.curl_ref }}
+ configure: --with-wolfssl=$GITHUB_WORKSPACE/build-dir
+ check: false
+
+ - name: Test curl
+ working-directory: curl
+ run: make -j test-ci
diff --git a/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml b/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml
index 4b100bbf..9b9b9be2 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml
@@ -6,6 +6,8 @@ jobs:
espressif_latest:
name: latest Docker container
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 12
container:
image: espressif/idf:latest
steps:
diff --git a/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml b/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml
index 25508b4c..aa827895 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml
@@ -9,6 +9,8 @@ jobs:
build_library:
name: Compile libwolfssl.so
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
container:
image: alpine:latest
steps:
@@ -26,6 +28,8 @@ jobs:
compile_container:
name: Compile container
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 2
needs: build_library
strategy:
fail-fast: false
diff --git a/extra/wolfssl/wolfssl/.github/workflows/hitch.yml b/extra/wolfssl/wolfssl/.github/workflows/hitch.yml
new file mode 100644
index 00000000..a7f745db
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/hitch.yml
@@ -0,0 +1,94 @@
+name: hitch Tests
+
+on:
+ workflow_call:
+
+jobs:
+ build_wolfssl:
+ name: Build wolfSSL
+ # Just to keep it the same as the testing target
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
+ steps:
+ - name: Build wolfSSL
+ uses: wolfSSL/actions-build-autotools-project@v1
+ with:
+ path: wolfssl
+ configure: --enable-hitch
+ install: true
+
+ - name: Upload built lib
+ uses: actions/upload-artifact@v3
+ with:
+ name: wolf-install-hitch
+ path: build-dir
+ retention-days: 1
+
+ hitch_check:
+ strategy:
+ fail-fast: false
+ matrix:
+ # List of releases to test
+ include:
+ - ref: 1.7.3
+ ignore-tests: >-
+ test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
+ name: ${{ matrix.ref }}
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
+ needs: build_wolfssl
+ steps:
+ - name: Download lib
+ uses: actions/download-artifact@v3
+ with:
+ name: wolf-install-hitch
+ path: build-dir
+
+ - name: Checkout OSP
+ uses: actions/checkout@v3
+ with:
+ repository: wolfssl/osp
+ path: osp
+
+ - name: Install dependencies
+ run: |
+ export DEBIAN_FRONTEND=noninteractive
+ sudo apt-get update
+ sudo apt-get install -y libev-dev libssl-dev automake python3-docutils flex bison pkg-config make
+
+ - name: Checkout hitch
+ uses: actions/checkout@v3
+ with:
+ repository: varnish/hitch
+ ref: 1.7.3
+ path: hitch
+
+ # Do this before configuring so that it only detects the updated list of
+ # tests
+ - if: ${{ matrix.ignore-tests }}
+ name: Remove tests that we want to ignore
+ working-directory: ./hitch/src/tests
+ run: |
+ rm ${{ matrix.ignore-tests }}
+
+ - name: Configure and build hitch
+ run: |
+ cd $GITHUB_WORKSPACE/hitch/
+ patch -p1 < $GITHUB_WORKSPACE/osp/hitch/hitch_1.7.3.patch
+ autoreconf -ivf
+ SSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" SSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir/ --enable-silent-rules --enable-documentation --enable-warnings --with-lex --with-yacc --prefix=$GITHUB_WORKSPACE/build-dir
+ make -j$(nproc)
+
+ - name: Confirm hitch built with wolfSSL
+ working-directory: ./hitch
+ run: |
+ export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+ ldd src/hitch | grep wolfssl
+
+ - name: Run hitch tests, skipping ignored tests
+ working-directory: ./hitch
+ run: |
+ export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+ make check \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/.github/workflows/hostap.yml b/extra/wolfssl/wolfssl/.github/workflows/hostap.yml
index ffa270cb..84ea1009 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/hostap.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/hostap.yml
@@ -15,6 +15,8 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-20.04
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
steps:
# No way to view the full strategy in the browser (really weird)
- name: Print strategy
@@ -90,6 +92,8 @@ jobs:
name: hwsim test
# For openssl 1.1
runs-on: ubuntu-20.04
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 12
needs: build_wolfssl
steps:
# No way to view the full strategy in the browser (really weird)
@@ -246,7 +250,7 @@ jobs:
TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
# Retry up to three times
for i in {1..3}; do
- HWSIM_RES=0
+ HWSIM_RES=0 # Not set when command succeeds
# Logs can grow quickly especially in debug mode
sudo rm -rf logs
sudo ./start.sh
diff --git a/extra/wolfssl/wolfssl/.github/workflows/krb5.yml b/extra/wolfssl/wolfssl/.github/workflows/krb5.yml
new file mode 100644
index 00000000..f03237c8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/krb5.yml
@@ -0,0 +1,79 @@
+name: Kerberos 5 Tests
+
+on:
+ workflow_call:
+
+jobs:
+ build_wolfssl:
+ name: Build wolfSSL
+ # Just to keep it the same as the testing target
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 5
+ steps:
+ - name: Build wolfSSL
+ uses: wolfSSL/actions-build-autotools-project@v1
+ with:
+ path: wolfssl
+ configure: --enable-krb CFLAGS='-fsanitize=address'
+ install: true
+
+ - name: Upload built lib
+ uses: actions/upload-artifact@v3
+ with:
+ name: wolf-install-krb5
+ path: build-dir
+ retention-days: 1
+
+ krb5_check:
+ strategy:
+ fail-fast: false
+ matrix:
+ # List of releases to test
+ ref: [ 1.21.1 ]
+ name: ${{ matrix.ref }}
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 8
+ needs: build_wolfssl
+ steps:
+ - name: Download lib
+ uses: actions/download-artifact@v3
+ with:
+ name: wolf-install-krb5
+ path: build-dir
+
+ - name: Checkout OSP
+ uses: actions/checkout@v3
+ with:
+ repository: wolfssl/osp
+ path: osp
+
+ - name: Checkout krb5
+ uses: actions/checkout@v3
+ with:
+ repository: krb5/krb5
+ ref: krb5-${{ matrix.ref }}-final
+ path: krb5
+
+ - name: Apply patch
+ working-directory: ./krb5
+ run: |
+ patch -p1 < $GITHUB_WORKSPACE/osp/krb5/Patch-for-Kerberos-5-${{ matrix.ref }}.patch
+
+ - name: Build krb5
+ working-directory: ./krb5/src
+ run: |
+ autoreconf -ivf
+ # Using rpath because LD_LIBRARY_PATH is overwritten during testing
+ export WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include -I$GITHUB_WORKSPACE/build-dir/include/wolfssl -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+ export WOLFSSL_LIBS="-lwolfssl -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+ ./configure --with-crypto-impl=wolfssl --with-tls-impl=wolfssl --disable-pkinit \
+ CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address'
+ CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j
+
+ - name: Run tests
+ working-directory: ./krb5/src
+ run: |
+ CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j check
+
diff --git a/extra/wolfssl/wolfssl/.github/workflows/main.yml b/extra/wolfssl/wolfssl/.github/workflows/main.yml
index a7944f9d..b1e63a32 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/main.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/main.yml
@@ -14,6 +14,8 @@ jobs:
uses: ./.github/workflows/docker-Espressif.yml
multi-compiler:
uses: ./.github/workflows/multi-compiler.yml
+ multi-arch:
+ uses: ./.github/workflows/multi-arch.yml
openwrt:
uses: ./.github/workflows/docker-OpenWrt.yml
os-check:
@@ -26,6 +28,20 @@ jobs:
uses: ./.github/workflows/openvpn.yml
hostap:
uses: ./.github/workflows/hostap.yml
+ nginx:
+ uses: ./.github/workflows/nginx.yml
+ zephyr:
+ uses: ./.github/workflows/zephyr.yml
+ hitch:
+ uses: ./.github/workflows/hitch.yml
+ curl:
+ uses: ./.github/workflows/curl.yml
+ krb5:
+ uses: ./.github/workflows/krb5.yml
+ packaging:
+ uses: ./.github/workflows/packaging.yml
+ memcached:
+ uses: ./.github/workflows/memcached.yml
# TODO: Currently this test fails. Enable it once it becomes passing.
# haproxy:
# uses: ./.github/workflows/haproxy.yml
diff --git a/extra/wolfssl/wolfssl/.github/workflows/memcached.sh b/extra/wolfssl/wolfssl/.github/workflows/memcached.sh
new file mode 100755
index 00000000..ee563ebd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/memcached.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -z "$GITHUB_WORKSPACE" ]; then
+ echo '$GITHUB_WORKSPACE is not set'
+ exit 1
+fi
+
+if [ -z "$HOST_ROOT" ]; then
+ echo '$HOST_ROOT is not set'
+ exit 1
+fi
+
+chroot $HOST_ROOT make -C $GITHUB_WORKSPACE/memcached \
+ -j$(nproc) PARALLEL=$(nproc) test_tls
diff --git a/extra/wolfssl/wolfssl/.github/workflows/memcached.yml b/extra/wolfssl/wolfssl/.github/workflows/memcached.yml
new file mode 100644
index 00000000..9a4c8131
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/memcached.yml
@@ -0,0 +1,107 @@
+name: memcached Tests
+
+on:
+ workflow_call:
+
+jobs:
+ build_wolfssl:
+ name: Build wolfSSL
+ # Just to keep it the same as the testing target
+ runs-on: ubuntu-latest
+ steps:
+ - name: Build wolfSSL
+ uses: wolfSSL/actions-build-autotools-project@v1
+ with:
+ path: wolfssl
+ configure: --enable-memcached
+ install: true
+
+ - name: Bundle Docker entry point
+ run: cp wolfssl/.github/workflows/memcached.sh build-dir/bin
+
+ - name: Upload built lib
+ uses: actions/upload-artifact@v3
+ with:
+ name: wolf-install-memcached
+ path: build-dir
+ retention-days: 1
+
+ memcached_check:
+ strategy:
+ fail-fast: false
+ matrix:
+ # List of releases to test
+ include:
+ - ref: 1.6.22
+ name: ${{ matrix.ref }}
+ runs-on: ubuntu-latest
+ needs: build_wolfssl
+ steps:
+ - name: Download lib
+ uses: actions/download-artifact@v3
+ with:
+ name: wolf-install-memcached
+ path: build-dir
+
+ - name: Checkout OSP
+ uses: actions/checkout@v3
+ with:
+ repository: wolfssl/osp
+ path: osp
+
+ - name: Install dependencies
+ run: |
+ export DEBIAN_FRONTEND=noninteractive
+ sudo apt-get update
+ sudo apt-get install -y libevent-dev libevent-2.1-7 automake pkg-config make libio-socket-ssl-perl
+
+ - name: Checkout memcached
+ uses: actions/checkout@v3
+ with:
+ repository: memcached/memcached
+ ref: 1.6.22
+ path: memcached
+
+ - name: Configure and build memcached
+ run: |
+ cd $GITHUB_WORKSPACE/memcached/
+ patch -p1 < $GITHUB_WORKSPACE/osp/memcached/memcached_1.6.22.patch
+ ./autogen.sh
+ export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+ PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig ./configure --enable-wolfssl
+ make -j$(nproc)
+
+ - name: Confirm memcached built with wolfSSL
+ working-directory: ./memcached
+ run: |
+ export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+ ldd memcached | grep wolfssl
+
+ - name: Run memcached tests
+ working-directory: ./memcached
+ run: |
+ # Retry up to three times
+ # Using docker because interrupting the tests doesn't close running
+ # background servers. They can become daemonized and then all re-runs
+ # will always fail.
+ chmod +x $GITHUB_WORKSPACE/build-dir/bin/memcached.sh
+ for i in {1..3}; do
+ echo "-------- RUNNING TESTS --------"
+ MEMCACHED_RES=0 # Not set when command succeeds
+ # Tests should usually take less than 4 minutes. If already taking
+ # 5 minutes then they are probably stuck. Interrupt and re-run.
+ time timeout -s SIGKILL 5m docker run -v /:/host \
+ -v $GITHUB_WORKSPACE/build-dir/bin/memcached.sh:/memcached.sh \
+ -e GITHUB_WORKSPACE=$GITHUB_WORKSPACE \
+ -e HOST_ROOT=/host \
+ -e LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH \
+ alpine:latest /memcached.sh || MEMCACHED_RES=$?
+
+ if [ "$MEMCACHED_RES" -eq "0" ]; then
+ break
+ fi
+ done
+ echo "test ran $i times"
+ if [ "$MEMCACHED_RES" -ne "0" ]; then
+ exit $MEMCACHED_RES
+ fi
diff --git a/extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml b/extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml
new file mode 100644
index 00000000..e5b9859a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml
@@ -0,0 +1,54 @@
+name: Multiple architectures
+
+on:
+ workflow_call:
+
+jobs:
+ my_matrix:
+ name: Multi-arch test
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - HOST: aarch64-linux-gnu
+ CC: aarch64-linux-gnu-gcc
+ ARCH: arm64
+ EXTRA_OPTS: --enable-sp-asm --enable-armasm
+ - HOST: arm-linux-gnueabihf
+ CC: arm-linux-gnueabihf-gcc
+ ARCH: armhf
+ EXTRA_OPTS: --enable-sp-asm
+ - HOST: riscv64-linux-gnu
+ CC: riscv64-linux-gnu-gcc
+ ARCH: riscv64
+ # Config to ensure CPUs without Thumb instructions compiles
+ - HOST: arm-linux-gnueabi
+ CC: arm-linux-gnueabi-gcc
+ CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
+ ARCH: armel
+ EXTRA_OPTS: --enable-sp-asm
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 10
+ steps:
+ - name: Install Compiler
+ run: |
+ sudo apt update
+ sudo apt install -y crossbuild-essential-${{ matrix.ARCH }} qemu-user
+ - uses: actions/checkout@v3
+ - name: Build
+ env:
+ CC: ${{ matrix.CC }}
+ CFLAGS: ${{ matrix.CFLAGS }}
+ QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+ run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples ${{ matrix.EXTRA_OPTS }} && make
+ - name: Print errors
+ if: ${{ failure() }}
+ run: |
+ if [ -f config.log ] ; then
+ cat config.log
+ fi
+ - name: Run WolfCrypt Tests
+ env:
+ QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+ run: ./wolfcrypt/test/testwolfcrypt
diff --git a/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml b/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml
index ed4003ed..48512df2 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml
@@ -12,19 +12,34 @@ jobs:
include:
- CC: gcc-9
CXX: g++-9
+ OS: ubuntu-latest
- CC: gcc-10
CXX: g++-10
+ OS: ubuntu-latest
- CC: gcc-11
CXX: g++-11
+ OS: ubuntu-latest
- CC: gcc-12
CXX: g++-12
+ OS: ubuntu-latest
+ - CC: clang-10
+ CXX: clang++-10
+ OS: ubuntu-20.04
+ - CC: clang-11
+ CXX: clang++-11
+ OS: ubuntu-20.04
- CC: clang-12
CXX: clang++-12
+ OS: ubuntu-20.04
- CC: clang-13
CXX: clang++-13
+ OS: ubuntu-latest
- CC: clang-14
CXX: clang++-14
- runs-on: ubuntu-latest
+ OS: ubuntu-latest
+ runs-on: ${{ matrix.OS }}
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
steps:
- uses: actions/checkout@v3
- name: Build
@@ -32,3 +47,7 @@ jobs:
CC: ${{ matrix.CC }}
CXX: ${{ matrix.CXX }}
run: ./autogen.sh && ./configure && make && make dist
+ - name: Show log on errors
+ if: ${{ failure() }}
+ run: |
+ cat config.log
diff --git a/extra/wolfssl/wolfssl/.github/workflows/nginx.yml b/extra/wolfssl/wolfssl/.github/workflows/nginx.yml
new file mode 100644
index 00000000..05f2ed7c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/nginx.yml
@@ -0,0 +1,206 @@
+name: nginx Tests
+
+on:
+ workflow_call:
+
+jobs:
+ build_wolfssl:
+ name: Build wolfSSL
+ # Just to keep it the same as the testing target
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
+ steps:
+ - if: ${{ runner.debug }}
+ name: Enable wolfSSL debug logging
+ run: |
+ # We don't use --enable-debug since it makes the logs too loud
+ echo "wolf_debug_flags= CFLAGS='-g3 -O0'" >> $GITHUB_ENV
+
+ - name: Build wolfSSL
+ uses: wolfSSL/actions-build-autotools-project@v1
+ with:
+ path: wolfssl
+ configure: --enable-nginx ${{ env.wolf_debug_flags }}
+ install: true
+
+ - name: Upload built lib
+ uses: actions/upload-artifact@v3
+ with:
+ name: wolf-install-nginx
+ path: build-dir
+ retention-days: 1
+
+ nginx_check:
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ # in general we want to pass all tests that match *ssl*
+ - ref: 1.25.0
+ test-ref: 5b2894ea1afd01a26c589ce11f310df118e42592
+ # Following tests pass with sanitizer on
+ sanitize-ok: >-
+ h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+ mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t
+ mail_ssl.t proxy_ssl_certificate_empty.t proxy_ssl_certificate.t
+ proxy_ssl_certificate_vars.t proxy_ssl_conf_command.t proxy_ssl_name.t
+ ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+ ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t
+ ssl_crl.t ssl_curve.t ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t
+ ssl_proxy_protocol.t ssl_proxy_upgrade.t ssl_reject_handshake.t
+ ssl_session_reuse.t ssl_session_ticket_key.t ssl_sni_reneg.t
+ ssl_sni_sessions.t ssl_sni.t ssl_stapling.t ssl.t ssl_verify_client.t
+ ssl_verify_depth.t stream_proxy_ssl_certificate.t stream_proxy_ssl_certificate_vars.t
+ stream_proxy_ssl_conf_command.t stream_proxy_ssl_name_complex.t
+ stream_proxy_ssl_name.t stream_ssl_certificate.t stream_ssl_conf_command.t
+ stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t stream_ssl_preread.t
+ stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t stream_ssl_variables.t
+ stream_ssl_verify_client.t stream_upstream_zone_ssl.t upstream_zone_ssl.t
+ uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t uwsgi_ssl.t
+ uwsgi_ssl_verify.t
+ # Following tests do not pass with sanitizer on (with OpenSSL too)
+ sanitize-not-ok: >-
+ grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+ proxy_request_buffering_ssl.t proxy_ssl_keepalive.t proxy_ssl.t
+ proxy_ssl_verify.t stream_proxy_protocol_ssl.t stream_proxy_ssl.t
+ stream_proxy_ssl_verify.t stream_ssl_alpn.t
+ - ref: 1.24.0
+ test-ref: 212d9d003886e3a24542855fb60355a417f037de
+ # Following tests pass with sanitizer on
+ sanitize-ok: >-
+ h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+ mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t mail_ssl.t
+ proxy_ssl_certificate_empty.t proxy_ssl_certificate.t proxy_ssl_certificate_vars.t
+ proxy_ssl_name.t ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+ ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t ssl_crl.t
+ ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t ssl_proxy_protocol.t
+ ssl_proxy_upgrade.t ssl_reject_handshake.t ssl_session_reuse.t
+ ssl_session_ticket_key.t ssl_sni_reneg.t ssl_sni_sessions.t ssl_sni.t
+ ssl_stapling.t ssl.t ssl_verify_client.t stream_proxy_ssl_certificate.t
+ stream_proxy_ssl_certificate_vars.t stream_proxy_ssl_name_complex.t
+ stream_proxy_ssl_name.t stream_ssl_alpn.t stream_ssl_certificate.t
+ stream_ssl_conf_command.t stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t
+ stream_ssl_preread.t stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t
+ stream_ssl_variables.t stream_ssl_verify_client.t stream_upstream_zone_ssl.t
+ upstream_zone_ssl.t uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t
+ uwsgi_ssl.t uwsgi_ssl_verify.t
+ # Following tests do not pass with sanitizer on (with OpenSSL too)
+ sanitize-not-ok: >-
+ grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+ proxy_request_buffering_ssl.t proxy_ssl_conf_command.t proxy_ssl_keepalive.t
+ proxy_ssl.t proxy_ssl_verify.t ssl_curve.t ssl_verify_depth.t
+ stream_proxy_protocol_ssl.t stream_proxy_ssl_conf_command.t stream_proxy_ssl.t
+ stream_proxy_ssl_verify.t
+ name: ${{ matrix.ref }}
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 6
+ needs: build_wolfssl
+ steps:
+ - name: Download lib
+ uses: actions/download-artifact@v3
+ with:
+ name: wolf-install-nginx
+ path: build-dir
+
+ - name: Install dependencies
+ run: |
+ sudo cpan -iT Proc::Find Net::SSLeay IO::Socket::SSL
+
+ - name: Checkout wolfssl-nginx
+ uses: actions/checkout@v3
+ with:
+ repository: wolfssl/wolfssl-nginx
+ path: wolfssl-nginx
+
+ - name: Checkout nginx
+ uses: actions/checkout@v3
+ with:
+ repository: nginx/nginx
+ path: nginx
+ ref: release-${{ matrix.ref }}
+
+ - name: Apply nginx patch
+ working-directory: nginx
+ run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl.patch
+
+ - if: ${{ runner.debug }}
+ name: Apply nginx debug patch
+ working-directory: nginx
+ run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl-debug.patch
+
+ - name: Checkout nginx-tests
+ uses: actions/checkout@v3
+ with:
+ repository: nginx/nginx-tests
+ path: nginx-tests
+ ref: ${{ matrix.test-ref }}
+
+ - name: Apply nginx-tests patch
+ working-directory: nginx-tests
+ run: patch -p1 < ../wolfssl-nginx/nginx-tests-patches/*${{ matrix.test-ref }}.patch
+
+ - name: Build nginx without sanitizer
+ working-directory: nginx
+ run: |
+ ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+ --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+ --with-http_v2_module --with-mail --with-mail_ssl_module
+ make -j
+
+ - name: Confirm nginx built with wolfSSL
+ working-directory: nginx
+ run: ldd objs/nginx | grep wolfssl
+
+ - if: ${{ runner.debug }}
+ name: Run nginx-tests without sanitizer (debug)
+ working-directory: nginx-tests
+ run: |
+ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+ TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+ TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-not-ok }}
+
+ - if: ${{ !runner.debug }}
+ name: Run nginx-tests without sanitizer
+ working-directory: nginx-tests
+ run: |
+ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+ TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+ prove ${{ matrix.sanitize-not-ok }}
+
+ - if: ${{ runner.debug }}
+ name: Enable wolfSSL debug logging
+ run: |
+ echo "nginx_c_flags=-O0" >> $GITHUB_ENV
+
+ - name: Build nginx with sanitizer
+ working-directory: nginx
+ run: |
+ ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+ --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+ --with-http_v2_module --with-mail --with-mail_ssl_module \
+ --with-cc-opt='-fsanitize=address -DNGX_DEBUG_PALLOC=1 -g3 ${{ env.nginx_c_flags }}' \
+ --with-ld-opt='-fsanitize=address ${{ env.nginx_c_flags }}'
+ make -j
+
+ - name: Confirm nginx built with wolfSSL
+ working-directory: nginx
+ run: ldd objs/nginx | grep wolfssl
+
+ - if: ${{ runner.debug }}
+ name: Run nginx-tests with sanitizer (debug)
+ working-directory: nginx-tests
+ run: |
+ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+ TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+ TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-ok }}
+
+ - if: ${{ !runner.debug }}
+ name: Run nginx-tests with sanitizer
+ working-directory: nginx-tests
+ run: |
+ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+ TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+ prove ${{ matrix.sanitize-ok }}
+ \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml b/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml
index cf943544..10f206ff 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml
@@ -8,6 +8,8 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
@@ -31,6 +33,8 @@ jobs:
ref: [ master, release/2.6, v2.6.0 ]
name: ${{ matrix.ref }}
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 6
needs: build_wolfssl
steps:
- name: Download lib
diff --git a/extra/wolfssl/wolfssl/.github/workflows/os-check.yml b/extra/wolfssl/wolfssl/.github/workflows/os-check.yml
index 6a8c34fd..08134c4a 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/os-check.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/os-check.yml
@@ -16,12 +16,19 @@ jobs:
'--enable-all --enable-asn=original',
'--enable-harden-tls',
'--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13
- --enable-opensslextra --enable-sessioncerts
- CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE
- -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
+ --enable-opensslextra --enable-sessioncerts
+ CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE
+ -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
+ '--enable-all --enable-secure-renegotiation',
+ '--enable-all --enable-haproxy --enable-quic',
+ '--enable-dtls --enable-dtls13 --enable-earlydata
+ --enable-session-ticket --enable-psk
+ CPPFLAGS=''-DWOLFSSL_DTLS13_NO_HRR_ON_RESUME'' ',
]
name: make check
runs-on: ${{ matrix.os }}
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 14
steps:
- name: Build and test wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
@@ -40,6 +47,8 @@ jobs:
]
name: make user_setting.h
runs-on: ${{ matrix.os }}
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 14
steps:
- name: Build and test wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
@@ -61,6 +70,8 @@ jobs:
]
name: make user_setting.h (testwolfcrypt only)
runs-on: ${{ matrix.os }}
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 14
steps:
- name: Build and test wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
@@ -80,6 +91,8 @@ jobs:
os: [ ubuntu-latest, macos-latest ]
name: make user_setting.h (with sed)
runs-on: ${{ matrix.os }}
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 14
steps:
- uses: actions/checkout@v3
- if: ${{ matrix.os == 'macos-latest' }}
@@ -96,6 +109,8 @@ jobs:
windows_build:
name: Windows Build Test
runs-on: windows-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 6
env:
# Path to the solution file relative to the root of the project.
SOLUTION_FILE_PATH: wolfssl64.sln
@@ -120,3 +135,7 @@ jobs:
# Add additional options to the MSBuild command line here (like platform or verbosity level).
# See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
+
+ - name: Run Test
+ working-directory: ${{env.GITHUB_WORKSPACE}}
+ run: Release/x64/testsuite.exe
diff --git a/extra/wolfssl/wolfssl/.github/workflows/packaging.yml b/extra/wolfssl/wolfssl/.github/workflows/packaging.yml
new file mode 100644
index 00000000..42e21359
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/packaging.yml
@@ -0,0 +1,45 @@
+name: Packaging Tests
+
+on:
+ workflow_call:
+
+jobs:
+ build_wolfssl:
+ name: Package wolfSSL
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 10
+ steps:
+ - name: Checkout wolfSSL
+ uses: actions/checkout@v3
+
+ - name: Configure wolfSSL
+ run: |
+ autoreconf -ivf
+ ./configure --enable-distro --enable-all \
+ --disable-openssl-compatible-defaults --enable-intelasm \
+ --enable-dtls13 --enable-dtls-mtu \
+ --enable-sp-asm --disable-examples --disable-silent-rules
+
+ - name: Make sure OPENSSL_COMPATIBLE_DEFAULTS is not present in options.h
+ run: |
+ ! grep OPENSSL_COMPATIBLE_DEFAULTS wolfssl/options.h
+
+ - name: Build wolfSSL .deb
+ run: make deb-docker
+
+ - name: Build wolfSSL .rpm
+ run: make rpm-docker
+
+ - name: Confirm packages built
+ run: |
+ DEB_COUNT=$(find -name 'libwolfssl*.deb' | wc -l)
+ if [ "$DEB_COUNT" != "2" ]; then
+ echo Did not find exactly two deb packages!!!
+ exit 1
+ fi
+ RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
+ if [ "$RPM_COUNT" != "4" ]; then
+ echo Did not find exactly four rpm packages!!!
+ exit 1
+ fi
diff --git a/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml b/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml
index 2f8f1de4..ac25126d 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml
@@ -8,6 +8,8 @@ jobs:
name: Build wolfSSL
# Just to keep it the same as the testing target
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
@@ -31,6 +33,8 @@ jobs:
ref: [ 5.67 ]
name: ${{ matrix.ref }}
runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 4
needs: build_wolfssl
steps:
- name: Download lib
diff --git a/extra/wolfssl/wolfssl/.github/workflows/zephyr.yml b/extra/wolfssl/wolfssl/.github/workflows/zephyr.yml
new file mode 100644
index 00000000..decdba25
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/zephyr.yml
@@ -0,0 +1,104 @@
+name: Zephyr tests
+
+on:
+ workflow_call:
+
+jobs:
+ run_test:
+ name: Build and run
+ strategy:
+ fail-fast: false
+ matrix:
+ config:
+ - zephyr-ref: v3.4.0
+ zephyr-sdk: 0.16.1
+ - zephyr-ref: v3.5.0
+ zephyr-sdk: 0.16.3
+ runs-on: ubuntu-latest
+ # This should be a safe limit for the tests to run.
+ timeout-minutes: 15
+ steps:
+ - name: Install dependencies
+ run: |
+ # Don't prompt for anything
+ export DEBIAN_FRONTEND=noninteractive
+ sudo apt-get update
+ # most of the ci-base zephyr docker image packages
+ sudo apt-get install -y zip bridge-utils uml-utilities \
+ git cmake ninja-build gperf ccache dfu-util device-tree-compiler wget \
+ python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \
+ make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \
+ autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \
+ cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \
+ gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \
+ libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
+ libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
+ net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
+ python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
+ texinfo unzip wget ovmf xz-utils
+
+ - name: Install west
+ run: sudo pip install west
+
+ - name: Init west workspace
+ run: west init --mr ${{ matrix.config.zephyr-ref }} zephyr
+
+ - name: Update west.yml
+ working-directory: zephyr/zephyr
+ run: |
+ REF=$(echo '${{ github.ref }}' | sed -e 's/\//\\\//g')
+ sed -e 's/remotes:/remotes:\n \- name: wolfssl\n url\-base: https:\/\/github.com\/${{ github.repository_owner }}/' -i west.yml
+ sed -e "s/projects:/projects:\n \- name: wolfssl\n path: modules\/crypto\/wolfssl\n remote: wolfssl\n revision: $REF/" -i west.yml
+
+ - name: Update west workspace
+ working-directory: zephyr
+ run: west update -n -o=--depth=1
+
+ - name: Export zephyr
+ working-directory: zephyr
+ run: west zephyr-export
+
+ - name: Install pip dependencies
+ working-directory: zephyr
+ run: sudo pip install -r zephyr/scripts/requirements.txt
+
+ - name: Install zephyr SDK
+ run: |
+ wget -q https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${{ matrix.config.zephyr-sdk }}/zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+ tar xf zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+ cd zephyr-sdk-${{ matrix.config.zephyr-sdk }}
+ ./setup.sh -h -c
+
+ - name: Run wolfssl test
+ id: wolfssl-test
+ working-directory: zephyr
+ run: |
+ ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
+ rm -rf zephyr/twister-out
+
+ - name: Run wolfssl TLS sock test
+ id: wolfssl-tls-sock
+ working-directory: zephyr
+ run: |
+ ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
+ rm -rf zephyr/twister-out
+
+ - name: Run wolfssl TLS thread test
+ id: wolfssl-tls-thread
+ working-directory: zephyr
+ run: |
+ ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_thread/sample.crypto.wolfssl_tls_thread -vvv
+ rm -rf zephyr/twister-out
+
+ - name: Zip failure logs
+ if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+ run: |
+ zip -9 -r logs.zip zephyr/twister-out
+
+ - name: Upload failure logs
+ if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+ uses: actions/upload-artifact@v3
+ with:
+ name: zephyr-client-test-logs
+ path: logs.zip
+ retention-days: 5
diff --git a/extra/wolfssl/wolfssl/.gitignore b/extra/wolfssl/wolfssl/.gitignore
index d6e72cb5..5adfbf31 100644
--- a/extra/wolfssl/wolfssl/.gitignore
+++ b/extra/wolfssl/wolfssl/.gitignore
@@ -64,6 +64,8 @@ ctaocrypt/benchmark/benchmark
ctaocrypt/test/testctaocrypt
wolfcrypt/benchmark/benchmark
wolfcrypt/test/testwolfcrypt
+examples/async/async_client
+examples/async/async_server
examples/benchmark/tls_bench
examples/client/client
examples/echoclient/echoclient
@@ -74,6 +76,7 @@ examples/sctp/sctp-server-dtls
examples/sctp/sctp-client
examples/sctp/sctp-client-dtls
examples/asn1/asn1
+examples/pem/pem
server_ready
snifftest
output
@@ -84,6 +87,7 @@ testsuite/testsuite.test
tests/unit.test
tests/bio_write_test.txt
tests/test-log-dump-to-file.txt
+tests/cert_cache.tmp
test-write-dhparams.pem
testsuite/*.der
testsuite/*.pem
@@ -343,6 +347,8 @@ doc/pdf
# XCODE Index
IDE/XCODE/Index
+IDE/**/xcshareddata
+IDE/**/DerivedData
# ARM DS-5 && Eclipse
\.settings/
@@ -403,7 +409,8 @@ libFuzzer
XXX-fips-test
# ASYNC
-async
+/wolfAsyncCrypt
+/async
# Generated user_settings_asm.h.
user_settings_asm.h
@@ -414,6 +421,19 @@ user_settings_asm.h
# Espressif sdk config default should be saved in sdkconfig.defaults
# we won't track the actual working sdkconfig files
/IDE/Espressif/**/sdkconfig
+/IDE/Espressif/**/sdkconfig.old
# auto-created CMake backups
**/CMakeLists.txt.old
+
+# MagicCrypto (ARIA Cipher)
+MagicCrypto
+
+# CMake build directory
+/out
+/out_temp
+
+# debian packaging
+debian/changelog
+debian/control
+*.deb
diff --git a/extra/wolfssl/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/CMakeLists.txt
index f67b67a0..337b0d61 100644
--- a/extra/wolfssl/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/CMakeLists.txt
@@ -28,16 +28,27 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
You must delete them, or cmake will refuse to work.")
endif()
-project(wolfssl VERSION 5.6.3 LANGUAGES C ASM)
+project(wolfssl VERSION 5.6.6 LANGUAGES C ASM)
+
+# Set WOLFSSL_ROOT if not already defined
+if ("${WOLFSSL_ROOT}" STREQUAL "")
+ # we'll assume this CMakeLists.txt is in the root of wolfSSL
+ if (EXISTS "${CMAKE_SOURCE_DIR}/wolfcrypt/src/")
+ get_filename_component(WOLFSSL_ROOT "${CMAKE_SOURCE_DIR}" ABSOLUTE)
+ message(STATUS "Found WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+ endif()
+else()
+ message(STATUS "Using predefined WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+endif()
# shared library versioning
# increment if interfaces have been added, removed or changed
-set(LIBTOOL_CURRENT 40)
+set(LIBTOOL_CURRENT 42)
# increment if source code has changed set to zero if current is incremented
-set(LIBTOOL_REVISION 1)
+set(LIBTOOL_REVISION 0)
# increment if interfaces have been added set to zero if interfaces have been
# removed or changed
-set(LIBTOOL_AGE 5)
+set(LIBTOOL_AGE 0)
math(EXPR LIBTOOL_SO_VERSION "${LIBTOOL_CURRENT} - ${LIBTOOL_AGE}")
set(LIBTOOL_FULL_VERSION ${LIBTOOL_SO_VERSION}.${LIBTOOL_AGE}.${LIBTOOL_REVISION})
@@ -116,6 +127,7 @@ check_type_size("time_t" SIZEOF_TIME_T)
# but we want it as 1.
if(HAVE___UINT128_T)
set(HAVE___UINT128_T "1" CACHE INTERNAL "Result of TRY_COMPILE" FORCE)
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE___UINT128_T")
endif()
include(TestBigEndian)
@@ -257,6 +269,18 @@ if(NOT WOLFSSL_SINGLE_THREADED)
endif()
endif()
+# DTLS-SRTP
+add_option("WOLFSSL_SRTP"
+ "Enables wolfSSL DTLS-SRTP (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_SRTP)
+ list(APPEND WOLFSSL_DEFINITIONS
+ "-DWOLFSSL_SRTP")
+ set(WOLFSSL_DTLS "yes")
+ set(WOLFSSL_KEYING_MATERIAL "yes")
+endif()
+
# DTLS
add_option("WOLFSSL_DTLS"
@@ -353,6 +377,83 @@ if(NOT WOLFSSL_RNG)
list(APPEND WOLFSSL_DEFINITIONS "-DWC_NO_RNG")
endif()
+# QUIC
+add_option(WOLFSSL_QUIC
+ "Enable QUIC support (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_QUIC)
+ set(WOLFSSL_ALPN "yes")
+ set(WOLFSSL_OPENSSLEXTRA "yes")
+ set(WOLFSSL_AESCTR "yes")
+ set(WOLFSSL_CURVE25519 "yes")
+ set(WOLFSSL_SNI "yes")
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_QUIC" "-DHAVE_EX_DATA")
+endif()
+
+# Curl
+add_option(WOLFSSL_CURL
+ "Enable CURL support (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_CURL)
+ set(WOLFSSL_MD4 "yes")
+ set(WOLFSSL_DES3 "yes")
+ set(WOLFSSL_ALPN "yes")
+ set(WOLFSSL_OPENSSLEXTRA "yes")
+ set(WOLFSSL_CRL "yes")
+ set(WOLFSSL_OCSP "yes")
+ set(WOLFSSL_OCSPSTAPLING "yes")
+ set(WOLFSSL_OCSPSTAPLING_V2 "yes")
+ set(WOLFSSL_SNI "yes")
+ set(WOLFSSL_ALT_CERT_CHAINS "yes")
+ set(WOLFSSL_IP_ALT_NAME "yes")
+ set(WOLFSSL_SESSION_TICKET "yes")
+ set(WOLFSSL_WOLFSSH "yes")
+ list(APPEND WOLFSSL_DEFINITIONS
+ "-DNO_SESSION_CACHE_REF" "-DWOLFSSL_DES_ECB")
+endif()
+
+# ALPN
+add_option(WOLFSSL_ALPN
+ "Enable ALPN support (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_ALPN)
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ALPN" "-DHAVE_TLS_EXTENSIONS")
+endif()
+
+# altcertchains
+add_option(WOLFSSL_ALT_CERT_CHAINS
+ "Enable support for Alternate certification chains (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_ALT_CERT_CHAINS)
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_ALT_CERT_CHAINS")
+endif()
+
+# ip-alt-name
+add_option(WOLFSSL_IP_ALT_NAME
+ "Enable support for IP alternative name (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_IP_ALT_NAME)
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_IP_ALT_NAME")
+endif()
+
+# wolfSSH
+add_option(WOLFSSL_WOLFSSH
+ "Enable support for wolfSSH (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_WOLFSSH)
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_WOLFSSH")
+endif()
+
+if(WOLFSSL_WOLFSSH OR WOLFSSL_WPAS)
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_PUBLIC_MP")
+endif()
+
# TODO: - DTLS-SCTP
# - DTLS multicast
# - OpenSSH
@@ -362,14 +463,11 @@ endif()
# - wpa_supplicant
# - Fortress
# - libwebsockets
-# - IP alternative name
# - Qt
# - SSL bump
# - sniffer
# - Signal
# - OpenSSL coexist
-# - OpenSSL compatibility all
-# - OpenSSL compatibility extra
# - Max strength
# Harden, enable Timing Resistance and Blinding by default
@@ -411,12 +509,7 @@ endif()
if (WOLFSSL_OPENSSLEXTRA AND NOT WOLFSSL_OPENSSLCOEXIST)
list(APPEND WOLFSSL_DEFINITIONS
- "-DOPENSSL_EXTRA"
- "-DWOLFSSL_ALWAYS_VERIFY_CB"
- "-DWOLFSSL_VERIFY_CB_ALL_CERTS"
- "-DWOLFSSL_EXTRA_ALERTS"
- "-DHAVE_EXT_CACHE"
- "-DWOLFSSL_FORCE_CACHE_ON_TICKET")
+ "-DOPENSSL_EXTRA")
endif()
if (WOLFSSL_OPENSSLALL)
@@ -426,7 +519,6 @@ if (WOLFSSL_OPENSSLALL)
"-DWOLFSSL_ERROR_CODE_OPENSSL" "-DWOLFSSL_CERT_NAME_ALL")
endif()
-
# TODO: - IPv6 test apps
set(WOLFSSL_SLOW_MATH "yes")
@@ -510,6 +602,15 @@ if(WOLFSSL_AESGCM)
list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_AESGCM")
endif()
+if(WOLFSSL_QUIC)
+ if(NOT WOLFSSL_TLS13)
+ message(FATAL_ERROR "TLS 1.3 is disabled - necessary for QUIC")
+ endif()
+ if(NOT WOLFSSL_AESGCM)
+ message(FATAL_ERROR "AES-GCM is disabled - necessary for QUIC")
+ endif()
+endif()
+
# AES-SIV
add_option("WOLFSSL_AESSIV"
"Enable wolfSSL AES-SIV support (default: disabled)"
@@ -536,6 +637,11 @@ if(WOLFSSL_AESCTR AND NOT WOLFSSL_FORTRESS)
"-DWOLFSSL_AES_DIRECT")
endif()
+# ARIA
+add_option("WOLFSSL_ARIA"
+ "Enable wolfSSL ARIA support (default: disabled)"
+ "no" "yes;no")
+
# AES-CCM
add_option("WOLFSSL_AESCCM"
"Enable wolfSSL AES-CCM support (default: disabled)"
@@ -1299,7 +1405,6 @@ endif()
# - CRL monitor
# - User crypto
# - Whitewood netRandom client library
-# - SNI
# - Max fragment length
# - ALPN
# - Trusted CA indication
@@ -1315,8 +1420,14 @@ add_option(WOLFSSL_CRL
"Enable CRL (Use =io for inline CRL HTTP GET) (default: disabled)"
"no" "yes;no;io")
+
+set(SNI_DEFAULT "no")
+if(("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "x86_64|x86|AMD64|arm64") OR
+ ("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "aarch64"))
+ set(SNI_DEFAULT "yes")
+endif()
set(WOLFSSL_SNI_HELP_STRING "Enable SNI (default: disabled)")
-add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} "no" "yes;no")
+add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} ${SNI_DEFAULT} "yes;no")
set(WOLFSSL_TLSX_HELP_STRING "Enable all TLS Extensions (default: disabled)")
add_option(WOLFSSL_TLSX ${WOLFSSL_TLSX_HELP_STRING} "no" "yes;no")
@@ -1406,7 +1517,6 @@ endif()
# TODO: - TLS extensions
# - Early data handshake
-# - wolfSSH options
# - SCEP
# - Secure remote password
# - Indefinite length encoded messages
@@ -1561,8 +1671,11 @@ endif()
# TODO: - Fast huge math
+# Set processor-specific build macros
if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "x86_64|AMD64")
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_X86_64_BUILD")
+elseif("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "aarch64|arm64")
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_AARCH64_BUILD")
endif()
# SP math all
@@ -1704,22 +1817,38 @@ if(WOLFSSL_SYS_CA_CERTS)
message("Can't enable system CA certs without a filesystem.")
override_cache(WOLFSSL_SYS_CA_CERTS "no")
elseif(APPLE)
+ # Headers used for MacOS default system CA certs behavior. Only MacOS SDK will have this header
check_include_file("Security/SecTrustSettings.h" HAVE_SECURITY_SECTRUSTSETTINGS_H)
- if(NOT HAVE_SECURITY_SECTRUSTSETTINGS_H)
- message("Can't enable system CA certs without Security/SecTrustSettings.h.")
- override_cache(WOLFSSL_SYS_CA_CERTS "no")
- else()
+ # Headers used for Apple native cert validation. All device SDKs should have these headers
+ check_include_file("Security/SecCertificate.h" HAVE_SECURITY_SECCERTIFICATE_H)
+ check_include_file("Security/SecTrust.h" HAVE_SECURITY_SECTRUST_H)
+ check_include_file("Security/SecPolicy.h" HAVE_SECURITY_SECPOLICY_H)
+ # Either Security/SecTrustSettings (for MacOS cert loading), or the
+ # trio of Security/SecCertificate.h, Security/SecTrust.h, and
+ # Security/SecPolicy.h (for native trust APIs on other apple devices)
+ # must be present. Default to SecTrustSettings method on MacOS.
+ if(HAVE_SECURITY_SECTRUSTSETTINGS_H OR (HAVE_SECURITY_SECCERTIFICATE_H
+ AND HAVE_SECURITY_SECTRUST_H
+ AND HAVE_SECURITY_SECPOLICY_H))
find_library(CORE_FOUNDATION_FRAMEWORK CoreFoundation)
if(NOT CORE_FOUNDATION_FRAMEWORK)
- message("Can't enable system CA certs without CoreFoundation framework.")
- override_cache(WOLFSSL_SYS_CA_CERTS "no")
+ message(FATAL_ERROR "Can't enable system CA certs without CoreFoundation framework.")
else()
find_library(SECURITY_FRAMEWORK Security)
if(NOT SECURITY_FRAMEWORK)
- message("Can't enable system CA certs without Security framework.")
- override_cache(WOLFSSL_SYS_CA_CERTS "no")
+ message(FATAL_ERROR "Can't enable system CA certs without Security framework.")
endif()
endif()
+
+ # MacOS should not use native cert validation by default, but other apple devices should.
+ if(NOT HAVE_SECURITY_SECTRUSTSETTINGS_H AND HAVE_SECURITY_SECCERTIFICATE_H
+ AND HAVE_SECURITY_SECTRUST_H
+ AND HAVE_SECURITY_SECPOLICY_H)
+ list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_APPLE_NATIVE_CERT_VALIDATION")
+ endif()
+
+ else()
+ message(FATAL_ERROR "Can't enable system CA certs without Apple Security.framework headers.")
endif()
endif()
@@ -1774,6 +1903,42 @@ if(WOLFSSL_AESKEYWRAP)
)
endif()
+# Hybrid Public Key Encryption (RFC9180)
+add_option("WOLFSSL_HPKE"
+ "Enable wolfSSL hybrid public key encryption (default: disabled)"
+ "no" "yes;no")
+
+# Encrypted Client Hello (ECH)
+add_option("WOLFSSL_ECH"
+ "Enable wolfSSL encrypted client hello (default: disabled)"
+ "no" "yes;no")
+
+# Keying Material Exporter / TLS Exporter
+add_option("WOLFSSL_KEYING_MATERIAL"
+ "Enable wolfSSL keying material export (default: disabled)"
+ "no" "yes;no")
+
+if(WOLFSSL_HPKE)
+ if(NOT WOLFSSL_ECC)
+ message(FATAL_ERROR "HPKE supported only with ECC (WOLFSSL_ECC)")
+ endif()
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_HPKE")
+ override_cache(WOLFSSL_HKDF "yes")
+endif()
+
+if(WOLFSSL_ECH)
+ if(NOT WOLFSSL_HPKE)
+ message(FATAL_ERROR "ECH supported only with HPKE (WOLFSSL_HPKE)")
+ endif()
+ if(NOT WOLFSSL_SNI)
+ message(FATAL_ERROR "ECH supported only with SNI (WOLFSSL_SNI)")
+ endif()
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECH")
+endif()
+
+if(WOLFSSL_KEYING_MATERIAL)
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_KEYING_MATERIAL")
+endif()
if(WOLFSSL_KEYGEN)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_KEY_GEN")
@@ -1841,6 +2006,9 @@ if (WOLFSSL_CAAM)
list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_CAAM")
endif()
+if (WOLFSSL_ARIA)
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ARIA")
+endif()
# Generates the BUILD_* flags. These control what source files are included in
# the library. A series of AM_CONDITIONALs handle this in configure.ac.
@@ -1922,7 +2090,6 @@ else()
set(WOLFSSL_OUTPUT_BASE ${CMAKE_CURRENT_SOURCE_DIR})
endif()
set(OPTION_FILE "${WOLFSSL_OUTPUT_BASE}/wolfssl/options.h")
-set(CYASSL_OPTION_FILE "${WOLFSSL_OUTPUT_BASE}/cyassl/options.h")
file(REMOVE ${OPTION_FILE})
@@ -1952,14 +2119,6 @@ file(APPEND ${OPTION_FILE} "}\n")
file(APPEND ${OPTION_FILE} "#endif\n\n\n")
file(APPEND ${OPTION_FILE} "#endif /* WOLFSSL_OPTIONS_H */\n\n")
-# backwards compatibility for those who have included options or version
-file(REMOVE ${CYASSL_OPTION_FILE})
-file(APPEND ${CYASSL_OPTION_FILE} "/* cyassl options.h\n")
-file(APPEND ${CYASSL_OPTION_FILE} " * generated from wolfssl/options.h\n")
-file(APPEND ${CYASSL_OPTION_FILE} " */\n")
-file(READ ${OPTION_FILE} OPTION_FILE_CONTENTS)
-file(APPEND ${CYASSL_OPTION_FILE} ${OPTION_FILE_CONTENTS})
-
####################################################
# Library Target
####################################################
@@ -1974,13 +2133,69 @@ set(LIB_SOURCES "")
# in the *.am files.
generate_lib_src_list("${LIB_SOURCES}")
if(BUILD_SHARED_LIBS)
+ message(STATUS "BUILD_SHARED_LIBS enabled: ${LIB_SOURCES}")
add_library(wolfssl SHARED ${LIB_SOURCES})
else()
+ message(STATUS "Static Libs: ${LIB_SOURCES}")
add_library(wolfssl STATIC ${LIB_SOURCES})
endif()
add_library(wolfssl::wolfssl ALIAS wolfssl)
+if (NOT "$ENV{ARIA_DIR}" STREQUAL "")
+ message(STATUS "Found Environment variable ARIA_DIR=$ENV{ARIA_DIR}")
+ if(WOLFSSL_ARIA)
+ message(STATUS "wolfSSL WOLFSSL_ARIA is enabled")
+ else()
+ message(STATUS "wolfSSL WOLFSSL_ARIA is not enabled. To enable, specify a user_settings.h file or run: cmake .. -DWOLFSSL_ARIA=yes")
+ message(STATUS "Clear the ARIA_DIR environment variable to otherwise suppress this message when not using ARIA ciphers.")
+ endif()
+endif()
+
+# ARIA Check
+if(WOLFSSL_ARIA)
+ message(STATUS "WOLFSSL_ARIA is enabled")
+
+ find_package(ARIA)
+
+ if(ARIA_FOUND)
+ message(STATUS "ARIA find_package() success.")
+ else()
+ message(FATAL_ERROR "WOLFSSL_ARIA is enabled, but find_package() did not find ARIA MagicCrypto.\n"
+ "Check ARIA_DIR environment variable and/or copy MagicCrypto directory locally.")
+ endif()
+
+ list(APPEND WOLFSSL_LINK_LIBS "${ARIA_LIB_FILE}")
+
+ # The cmake target_include_directories() will complain about local directories,
+ # so we'll handle MagicCrypto differently when found in wolfssl.
+ # see below to use include_directories() instead.
+ if(ARIA_IS_LOCAL)
+ # there's also a wolfssl port API to include, plus local ARIA include
+ include_directories("wolfssl/wolfcrypt/port/aria" "MagicCrypto/include")
+ else()
+ # see below for target_include_directories() instead
+ include_directories("wolfssl/wolfcrypt/port/aria")
+ message(STATUS "ARIA_IS_LOCAL is false, appending ${ARIA_INCLUDE_DIR} to WOLFSSL_INCLUDE_DIRS")
+ list(APPEND WOLFSSL_INCLUDE_DIRS "${ARIA_INCLUDE_DIR}")
+ endif()
+
+ add_library(MagicCrypto_lib
+ ${CMAKE_CURRENT_SOURCE_DIR}/wolfcrypt/src/port/aria/aria-crypt.c
+ ${CMAKE_CURRENT_SOURCE_DIR}/wolfcrypt/src/port/aria/aria-cryptocb.c
+ )
+
+ set_target_properties(MagicCrypto_lib PROPERTIES OUTPUT_NAME "MagicCrypto")
+ target_link_libraries(MagicCrypto_lib wolfssl)
+ target_compile_options(MagicCrypto_lib PRIVATE "-DHAVE_ARIA")
+
+ # ARIA was enabled and we successfully found it.
+ set(HAVE_ARIA 1)
+ list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ARIA")
+
+ message(STATUS "ARIA Check: WOLFSSL_LINK_LIBS = ${WOLFSSL_LINK_LIBS}")
+endif()
+
set_target_properties(wolfssl
PROPERTIES
SOVERSION ${LIBTOOL_SO_VERSION}
@@ -1997,6 +2212,12 @@ target_compile_definitions(wolfssl PUBLIC ${WOLFSSL_DEFINITIONS})
# Include Directories
####################################################
+if("${WOLFSSL_INCLUDE_DIRS}" STREQUAL "")
+ message(STATUS "WOLFSSL_INCLUDE_DIRS is blank. No additional directories will be added.")
+else()
+ message(STATUS "WOLFSSL_INCLUDE_DIRS = ${WOLFSSL_INCLUDE_DIRS}")
+endif()
+
target_include_directories(wolfssl
PUBLIC
$<INSTALL_INTERFACE:include>
@@ -2034,7 +2255,9 @@ endif()
# Tests and Examples
####################################################
+enable_testing()
if(WOLFSSL_EXAMPLES)
+
# Build wolfSSL client example
add_executable(client
${CMAKE_CURRENT_SOURCE_DIR}/examples/client/client.c)
@@ -2090,6 +2313,7 @@ if(WOLFSSL_EXAMPLES)
tests/suites.c
tests/w64wrapper.c
tests/unit.c
+ tests/quic.c
examples/server/server.c
examples/client/client.c)
target_include_directories(unit_test PRIVATE
@@ -2103,6 +2327,9 @@ if(WOLFSSL_EXAMPLES)
set_property(TARGET unit_test
PROPERTY RUNTIME_OUTPUT_NAME
unit.test)
+ add_test(NAME unit_test
+ COMMAND $<TARGET_FILE:unit_test>
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
endif()
if(WOLFSSL_CRYPT_TESTS)
@@ -2142,6 +2369,9 @@ if(WOLFSSL_CRYPT_TESTS)
if(WOLFSSL_CRYPT_TESTS_HELP)
target_compile_options(wolfcrypttest PRIVATE "-DHAVE_WOLFCRYPT_TEST_OPTIONS")
endif()
+ add_test(NAME wolfcrypttest
+ COMMAND $<TARGET_FILE:wolfcrypttest>
+ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
# Build wolfCrypt benchmark executable.
add_executable(wolfcryptbench
@@ -2165,7 +2395,6 @@ include(GNUInstallDirs)
set(HEADER_EXCLUDE
"internal.h"
- "cyassl/ctaocrypt/port"
"wolfssl/wolfcrypt/port/nrf51.h"
"wolfssl/wolfcrypt/port/arm"
"wolfssl/wolfcrypt/port/cypress"
@@ -2310,19 +2539,10 @@ install(DIRECTORY ${WOLFSSL_OUTPUT_BASE}/wolfssl/
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl
FILES_MATCHING PATTERN "*.h"
REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-install(DIRECTORY ${WOLFSSL_OUTPUT_BASE}/cyassl/
- DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl
- FILES_MATCHING PATTERN "*.h"
- REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl
FILES_MATCHING PATTERN "*.h"
REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/cyassl/
- DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl
- FILES_MATCHING PATTERN "*.h"
- REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-
# Install the examples
install(FILES ${INSTALLED_EXAMPLES}
diff --git a/extra/wolfssl/wolfssl/ChangeLog.md b/extra/wolfssl/wolfssl/ChangeLog.md
index 440c52d0..586adaa4 100644
--- a/extra/wolfssl/wolfssl/ChangeLog.md
+++ b/extra/wolfssl/wolfssl/ChangeLog.md
@@ -1,3 +1,152 @@
+# wolfSSL Release 5.6.6 (Dec 19, 2023)
+
+Release 5.6.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+
+REMINDER: When working with AES Block Cipher algorithms, `wc_AesInit()` should
+always be called first to initialize the `Aes` structure, before calling other
+Aes API functions. Recently we found several places in our documentation,
+comments, and codebase where this pattern was not observed. We have since
+fixed this omission in several PRs for this release.
+
+## Vulnerabilities
+
+* [Medium] CVE-2023-6935: After review of the previous RSA timing fix in wolfSSL 5.6.4, additional changes were found to be required. A complete resistant change is delivered in this release. This fix is for the Marvin attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a very large number of trial connections. This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL (even with `--enable-all`). Static RSA cipher suites were also removed from the TLS 1.3 protocol and are only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It is recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. Thanks to Hubert Kario for the report. The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6955.
+
+* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional `WOLFSSL_CALLBACKS` has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of `WOLFSSL_CALLBACKS` on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
+
+* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “`--enable-aes-bitsliced`†configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
+
+* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
+
+## New Feature Additions
+
+* Build option for disabling CRL date checks (`WOLFSSL_NO_CRL_DATE_CHECK`) (PR 6927)
+* Support for STM32WL55 and improvements to PKA ECC support (PR 6937)
+* Add option to skip cookie exchange on DTLS 1.3 session resumption (PR 6929)
+* Add implementation of SRTP KDF and SRTCP KDF (`--enable-srtp-kdf`) (PR 6888)
+* Add `wolfSSL_EXTENDED_KEY_USAGE_free()` (PR 6916)
+* Add AES bitsliced implementation that is cache attack safe (`--enable-aes-bitsliced`) (PR 6854)
+* Add memcached support and automated testing (PR 6430, 7022)
+* Add Hardware Encryption Acceleration for ESP32-C3, ESP32-C6, and ESP32-S2 (PR 6990)
+* Add (D)TLS 1.3 support for 0.5-RTT data (PR 7010)
+
+## Enhancements and Optimizations
+
+* Better built in testing of “`--sys-ca-certs`†configure option (PR 6910)
+* Updated CMakeLists.txt for Espressif wolfSSL component usage (PR 6877)
+* Disable TLS 1.1 by default (unless SSL 3.0 or TLS 1.0 is enabled) (PR 6946)
+* Add “`--enable-quic`†to “`--enable-all`†configure option (PR 6957)
+* Add support to SP C implementation for RSA exponent up to 64-bits (PR 6959)
+* Add result of “`HAVE___UINT128_T`†to options.h for CMake builds (PR 6965)
+* Add optimized assembly for AES-GCM on ARM64 using hardware crypto instructions (PR 6967)
+* Add built-in cipher suite tests for DTLS 1.3 PQC (PR 6952)
+* Add wolfCrypt test and unit test to ctest (PR 6977)
+* Move OpenSSL compatibility crypto APIs into `ssl_crypto.c` file (PR 6935)
+* Validate time generated from XGMTIME() (PR 6958)
+* Allow wolfCrypt benchmark to run with microsecond accuracy (PR 6868)
+* Add GitHub Actions testing with nginx 1.24.0 (PR 6982)
+* Allow encoding of CA:FALSE BasicConstraint during cert generation (PR 6953)
+* Add CMake option to enable DTLS-SRTP (PR 6991)
+* Add CMake options for enabling QUIC and cURL (PR 7049)
+* Improve RSA blinding to make code more constant time (PR 6955)
+* Refactor AES-NI implementation macros to allow dynamic fallback to C (PR 6981)
+* Default to native Windows threading API on MinGW (PR 7015)
+* Return better error codes from OCSP response check (PR 7028)
+* Updated Espressif ESP32 TLS client and server examples (PR 6844)
+* Add/clean up support for ESP-IDF v5.1 for a variety of ESP32 chips (PR 7035, 7037)
+* Add API to choose dynamic certs based on client ciphers/sigalgs (PR 6963)
+* Improve Arduino IDE 1.5 project file to match recursive style (PR 7007)
+* Simplify and improve apple-universal build script (PR 7025)
+
+## Fixes
+
+* Fix for async edge case with Intel QuickAssist/Cavium Nitrox (PR 6931)
+* Fix for building PKCS#7 with RSA disabled (PR 6902)
+* Fix for advancing output pointer in `wolfSSL_i2d_X509()` (PR 6891)
+* Fix for `EVP_EncodeBlock()` appending a newline (PR 6900)
+* Fix for `wolfSSL_RSA_verify_PKCS1_PSS()` with `RSA_PSS_SALTLEN_AUTO` (PR 6938)
+* Fixes for CODESonar reports around `isalpha()` and `isalnum()` calls (PR 6810)
+* Fix for SP ARM64 integer math to avoid compiler optimization issues (PR 6942)
+* Fix for SP Thumb2 inline assembly to add IAR build support (PR 6943, 6971)
+* Fix for SP Thumb2 to make functions not inlined (PR 6993)
+* Fix for SP Cortex-M assembly large build with IAR (PR 6954)
+* Fix for SP ARM64 assembly montgomery reduction by 4 (PR 6947)
+* Fix for SP ARM64 P-256 for not inlining functions for iOS compatibility (PR 6979)
+* Fix for `WOLFSSL_CALLBACKS` and potential memory error (PR 6949)
+* Fixes for wolfSSL’s Zephyr OS port (PR 6930)
+* Fix for build errors when building for NXP mmCAU (`FREESCALE_MMCAU`) (PR 6970)
+* Fix for TLS 1.3 `SendBuffered()` return code in non-blocking mode (PR 7001)
+* Fix for TLS `Hmac_UpdateFinal()` when padding byte is invalid (PR 6998)
+* Fix for ARMv8 AES-GCM streaming to check size of IV before storing (PR 6996)
+* Add missing calls to `wc_AesInit()` before `wc_AesSetKey()` (PR 7011)
+* Fix build errors with DTLS 1.3 enabled but TLS 1.2 disabled (PR 6976)
+* Fixes for building wolfSSL in Visual Studio (PR 7040)
+
+# wolfSSL Release 5.6.4 (Oct 30, 2023)
+
+Release 5.6.4 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+ * Old CyaSSL/CtaoCrypt shim layer was removed in this release (5.6.4)
+
+## Vulnerabilities
+
+* [Medium] A fix was added, but still under review for completeness, for a Bleichenbacher style attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a large number of trial connections. This issue is around RSA decryption and affects static RSA cipher suites on the server side, which are not recommended to be used and are off by default. Static RSA cipher suites were also removed from the TLS 1.3 protocol and only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It's recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. The fix is located in this pull request (https://github.com/wolfSSL/wolfssl/pull/6896)
+
+## New Feature Additions
+
+* DTLS 1.3 PQC: support fragmenting the second ClientHello message. This allows arbitrarily long keys to be used, opening up support for all PQC ciphersuites in DTLS 1.3.
+* SM2/SM3/SM4: Chinese cipher support including TLS 1.3 and 1.2 cipher suites. SM2 SP implementation available.
+* Ability to parse ASN1 only with SMIME_read_PKCS7
+* Added support for MemUse Entropy on Windows
+* Added Ada Bindings for wolfSSL
+* Added a PEM example that converts to and from DER/PEM.
+* Added LMS/HSS and XMSS/XMSS^MT wolfcrypt hooks, both normal and verify-only options.
+* Added support for the AES EAX mode of operation
+* Port for use with Hitch (https://github.com/varnish/hitch) added
+* Add XTS API's to handle multiple sectors in new port to VeraCrypt
+
+## Enhancements and Optimizations
+
+* Turned on SNI by default on hosts with resources
+* Improved support for Silicon Labs Simplicity Studio and the ERF32 Gecko SDK
+* Thumb-2 and ARM32 Curve25519 and Ed25519 assembly have significantly improved performance.
+* Thumb-2 AES assembly code added.
+* Thumb-2 and ARM32 SP implementations of RSA, DH and ECC have significantly improved performance.
+* Minor performance improvements to SP ECC for Intel x64.
+* AES-XTS assembly code added for Intel x64, Aarch64 and ARM32.
+* Added support for X963 KDFs to ECIES.
+* Added 32-bit type only implementation of AES GMULT using tables.
+* Add support for nginx version 1.25.0
+* Add support for Kerberos version 5 1.21.1
+* Check all CRL entries in case a single issuer has multiple CRL's loaded
+* CRL verify the entire chain including loaded CA's
+* Added example for building wolfSSL as an Apple universal binary framework using configure
+* Sniffer tool now supports decrypting TLS sessions using secrets obtained from a SSLKEYLOGFILE
+* Updates made for EBSNET port
+* Update "--enable-jni" to include additional defines for expanded JNI support. Also includes JCE and JSSE builds under the single enable option now.
+
+## Fixes
+
+* Fixed error handling when decrypted pre-master secret is too long when using static RSA.
+* Added a fix for keymod use with i.MX RT1170 CAAM blobs
+* Added a fix for AES-GCM use with Petalinux Xilinx
+* Fixed `wc_SignatureGenerate_ex` to not call verify twice
+* Fixed wolfCrypt FIPS DLL on Win32
+* Fixed TFM math library big-endian reading implementation when a zero length buffer is passed in.
+* Fixed NO_CERT configurations to build correctly.
+* Fixed ARM AES-GCM streaming assembly when –enable-opensslextra defined.
+* Added modulus checks to heap math implementation of mp_exptmod().
+* Fixed Windows assembly code to handle that certain XMM registers are non-volatile.
+* Aarch64 SP ECC implementation of sp_256_mont_dbl_4 has the register list for the assembly code fixed to include all used registers.
+* mp_sqrt_mod_prime fixed to limit the number of iterations of a loop to handle malicious non-prime values being passed in.
+* Ignore session ID's shorter than 32 bytes instead of erroring out
+
# wolfSSL Release 5.6.3 (Jun 16, 2023)
Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
@@ -7,7 +156,6 @@ Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
* Improvements to SendAlert for getting output buffer.
-
# wolfSSL Release 5.6.2 (Jun 09, 2023)
Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
@@ -3255,7 +3403,7 @@ More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html
a) If using wolfSSL for DTLS on the server side of a publicly accessible
machine you MUST update.
b) If using wolfSSL for TLS on the server side with private RSA keys allowing
- ephemeral key exchange without low memory optimziations you MUST update and
+ ephemeral key exchange without low memory optimizations you MUST update and
regenerate the private RSA keys.
Please see https://www.wolfssl.com/wolfSSL/Blog/Blog.html for more details
diff --git a/extra/wolfssl/wolfssl/Docker/Dockerfile b/extra/wolfssl/wolfssl/Docker/Dockerfile
index 60c69247..388169e6 100644
--- a/extra/wolfssl/wolfssl/Docker/Dockerfile
+++ b/extra/wolfssl/wolfssl/Docker/Dockerfile
@@ -5,21 +5,49 @@ USER root
ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev libuv1-dev libpam0g-dev valgrind git linux-headers-generic gcc-multilib g++-multilib libpcap-dev bubblewrap gdb iputils-ping lldb bsdmainutils netcat binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
+ARG DEPS_UDP_PROXY="wget libevent-dev"
ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump"
+ARG DEPS_TOOLS="ccache"
RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
- && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_TESTS} \
+ && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
&& apt clean -y && rm -rf /var/lib/apt/lists/*
+# Add 'docker' user
ARG USER=docker
ARG UID=1000
ARG GID=1000
RUN groupadd -f -g ${GID} docker && ( getent passwd ${UID} || useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} )
+# Add github.com as an SSH known host
+RUN ssh -o StrictHostKeyChecking=no -T git@github.com; cat ~/.ssh/known_hosts >> /etc/ssh/ssh_known_hosts
+
+# install ccache
+RUN mkdir -p /opt/ccache/bin && for prog in gcc g++ cc c++ cpp arm-none-eabi-c++ arm-none-eabi-cpp arm-none-eabi-gcc arm-none-eabi-g++; do ln -s /usr/bin/ccache /opt/ccache/bin/$(basename $prog); done
+ENV PATH /opt/ccache/bin:$PATH
+
# install liboqs
-RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout af76ca3b1f2fbc1f4f0967595f3bb07692fb3d82 \
+RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout db08f12b5a96aa6582a82aac7f65cf8a4d8b231f \
&& mkdir build && cd build && cmake -DOQS_DIST_BUILD=ON -DOQS_USE_CPUFEATURE_INSTRUCTIONS=OFF -DOQS_USE_OPENSSL=0 .. && make -j8 all && make install && cd ../.. && rm -rf liboqs
+RUN mkdir /opt/sources
+
+# install liblms
+RUN cd /opt/sources && git clone --single-branch https://github.com/cisco/hash-sigs.git && cd hash-sigs && git checkout b0631b8891295bf2929e68761205337b7c031726 \
+ && sed -i 's/USE_OPENSSL 1/USE_OPENSSL 0/g' sha256.h && make -j4 hss_lib_thread.a
+
+# Install pkixssh to /opt/pkixssh for X509 interop testing with wolfSSH
+RUN mkdir /var/empty
+RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-14.1.1.tar.gz | tar xzf - && cd pkixssh-14.1.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
+
+# Install udp/tcp-proxy
+RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
+
# Allow non-root to use tcpdump (will need NET_RAW and NET_ADMIN capability when running the container)
RUN setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/tcpdump
+# Allow non-root to use gdb on processes (will need SYS_PTRACE capability when running the container)
+RUN setcap 'CAP_SYS_PTRACE+eip' /usr/bin/gdb
+
+# Add in Jenkins userID
+RUN for i in $(seq 1001 1010); do ( getent passwd ${i} || useradd -ms /bin/bash jenkins${i} -u ${i} -g ${GID} ); done
-USER ${UID}:${GID} \ No newline at end of file
+USER ${UID}:${GID}
diff --git a/extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler b/extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler
new file mode 100644
index 00000000..a89a9d5b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler
@@ -0,0 +1,11 @@
+ARG DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder
+FROM $DOCKER_BASE_IMAGE
+
+USER root
+
+ARG DEPS_TESTING="gcc-arm-linux-gnueabi gcc-aarch64-linux-gnu"
+RUN DEBIAN_FRONTEND=noninteractive apt update \
+ && apt install -y ${DEPS_TESTING} \
+ && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+USER docker
diff --git a/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh b/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh
index 15ee3fc9..1585da5d 100755
--- a/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh
+++ b/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh
@@ -1,23 +1,27 @@
#!/bin/sh
runCMD() { # usage: runCMD "<command>" "<retVal>"
- eval $1 >/dev/null 2>&1
+ TMP_FILE=$(mktemp)
+ eval $1 > $TMP_FILE 2>&1
RETVAL=$?
if [ "$RETVAL" != "$2" ]; then
- echo "Command ($1) returned ${RETVAL}, but expected $2. Rerunning with output to terminal:"
- eval $1
+ echo "Command ($1) returned ${RETVAL}, but expected $2. Error output:"
+ cat $TMP_FILE
exit 1
fi
}
# Successful tests
runCMD "ldd /lib/libustream-ssl.so" 0
+# Temporary workaround: comment out missing kmods repo line for 21.02 specifically.
+# Remove after fixed upstream.
+runCMD "sed '\/src\/gz openwrt_kmods https:\/\/downloads.openwrt.org\/releases\/21.02-SNAPSHOT\/targets\/x86\/64\/kmods\/5.4.238-1-5a722da41bc36de95a7195be6fce1b45/s//#&/' -i /etc/opkg/distfeeds.conf" 0
runCMD "opkg update" 0
-runCMD "uclient-fetch -O /dev/null 'https://letsencrypt.org'" 0
+runCMD "uclient-fetch 'https://letsencrypt.org'" 0
# Negative tests
-runCMD "uclient-fetch --ca-certificate=/dev/null -O /dev/null 'https://letsencrypt.org'" 5
-runCMD "uclient-fetch -O /dev/null 'https://self-signed.badssl.com/'" 5
-runCMD "uclient-fetch -O /dev/null 'https://untrusted-root.badssl.com/'" 5
-runCMD "uclient-fetch -O /dev/null 'https://expired.badssl.com/'" 5
+runCMD "uclient-fetch --ca-certificate=/dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch 'https://expired.badssl.com/'" 5
echo "All tests passed."
diff --git a/extra/wolfssl/wolfssl/Docker/README.md b/extra/wolfssl/wolfssl/Docker/README.md
index 8855aba3..8cb3d603 100644
--- a/extra/wolfssl/wolfssl/Docker/README.md
+++ b/extra/wolfssl/wolfssl/Docker/README.md
@@ -1,7 +1,10 @@
# Overview
-This is a simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
+This is a Docker environment for compiling, testing and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
-When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment.
+When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. Additional tests can be run as well as debugging of code.
+
+# Docker Hub
+These images are also uploaded to the wolfSSL's [Docker Hub page](https://hub.docker.com/orgs/wolfssl/repositories). There is a convenience script here `buildAndPush.sh` that will create the appropriate containers and push them to the repo.
# FAQ
## permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock
@@ -10,4 +13,4 @@ You need to be added to the `docker` group to run Docker containers. Run `sudo u
## Unable to access symlinked files outside of WolfSSL
The volume mounted in the Docker container needs to have all files that your compilation will need. To solve this, you have a couple options:
1. Change the `WOLFSSL_DIR` variable in the `run.sh` to one higher up (by adding `/..` to the path). Then update the `docker build` to include the correct path to the Dockerfile and the `docker run` argument to the working directory (`-w`) to the WolfSSL source directory
-2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work. \ No newline at end of file
+2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.
diff --git a/extra/wolfssl/wolfssl/Docker/buildAndPush.sh b/extra/wolfssl/wolfssl/Docker/buildAndPush.sh
new file mode 100755
index 00000000..d66e2c84
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/buildAndPush.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Assume we're in wolfssl/Docker
+WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
+
+DOCKER_BUILD_OPTIONS="$1"
+if [ "${DOCKER_BASE_IMAGE}" != "" ]; then
+ DOCKER_BUILD_OPTIONS+=" --build-arg DOCKER_BASE_IMAGE=${DOCKER_BASE_IMAGE}"
+fi
+
+NUM_FAILURES=0
+
+CUR_DATE=$(date -u +%F)
+echo "Building wolfssl/wolfssl-builder:${CUR_DATE} as ${DOCKER_BUILD_OPTIONS}"
+docker build -t wolfssl/wolfssl-builder:${CUR_DATE} ${DOCKER_BUILD_OPTIONS} "${WOLFSSL_DIR}/Docker" && \
+ docker tag wolfssl/wolfssl-builder:${CUR_DATE} wolfssl/wolfssl-builder:latest && \
+ docker build --build-arg DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder:${CUR_DATE} -t wolfssl/testing-cross-compiler:${CUR_DATE} "${WOLFSSL_DIR}/Docker" -f Dockerfile.cross-compiler && \
+ docker tag wolfssl/testing-cross-compiler:${CUR_DATE} wolfssl/testing-cross-compiler:latest
+
+if [ $? -eq 0 ]; then
+ echo "Pushing containers to DockerHub"
+ docker push wolfssl/wolfssl-builder:${CUR_DATE} && docker push wolfssl/wolfssl-builder:latest && \
+ docker push wolfssl/testing-cross-compiler:${CUR_DATE} && docker push wolfssl/testing-cross-compiler:latest
+else
+ echo "Warning: Build wolfssl/wolfssl-builder failed. Continuing"
+ ((NUM_FAILURES++))
+fi
+
+echo "Building wolfssl/wolfCLU:${CUR_DATE}"
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:${CUR_DATE} --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU" && \
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:latest --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU"
+if [ $? -ne 0 ]; then
+ echo "Warning: Build wolfssl/wolfclu failed. Continuing"
+ ((NUM_FAILURES++))
+fi
+
+echo "Script completed in $SECONDS seconds. Had $NUM_FAILURES failures."
diff --git a/extra/wolfssl/wolfssl/Docker/include.am b/extra/wolfssl/wolfssl/Docker/include.am
index dd78194d..4dc5f5ff 100644
--- a/extra/wolfssl/wolfssl/Docker/include.am
+++ b/extra/wolfssl/wolfssl/Docker/include.am
@@ -3,9 +3,11 @@
# All paths should be given relative to the root
EXTRA_DIST+= Docker/Dockerfile
+EXTRA_DIST+= Docker/Dockerfile.cross-compiler
EXTRA_DIST+= Docker/run.sh
EXTRA_DIST+= Docker/README.md
+ignore_files+=Docker/buildAndPush.sh
ignore_files+=Docker/OpenWRT/Dockerfile
ignore_files+=Docker/OpenWRT/runTests.sh
ignore_files+=Docker/OpenWRT/README.md
diff --git a/extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile b/extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile
new file mode 100644
index 00000000..87b0c1c8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile
@@ -0,0 +1,6 @@
+FROM debian:latest
+
+RUN apt-get -y update
+RUN apt-get -y upgrade
+RUN apt-get install -y build-essential autoconf gawk debhelper lintian
+
diff --git a/extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile b/extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile
new file mode 100644
index 00000000..3a403b34
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile
@@ -0,0 +1,3 @@
+FROM fedora:latest
+
+RUN dnf install -y make automake gcc rpmdevtools
diff --git a/extra/wolfssl/wolfssl/Docker/run.sh b/extra/wolfssl/wolfssl/Docker/run.sh
index c2f41ac2..3820425b 100755
--- a/extra/wolfssl/wolfssl/Docker/run.sh
+++ b/extra/wolfssl/wolfssl/Docker/run.sh
@@ -5,9 +5,9 @@ echo "Running with \"${*}\"..."
# Assume we're in wolfssl/Docker
WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
-docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
- docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
- docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash
+docker build -t wolfssl/wolfssl-builder --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
+ docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
+ docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash
exitval=$?
echo "Exited with error code $exitval"
diff --git a/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile b/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile
index deb388d8..4c07e853 100644
--- a/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile
+++ b/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile
@@ -21,6 +21,6 @@ USER root
COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
RUN ldconfig
-CMD ["/usr/local/bin/wolfssl"]
+ENTRYPOINT ["/usr/local/bin/wolfssl"]
LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl
LABEL org.opencontainers.image.description="Simple wolfCLU in a container"
diff --git a/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md b/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md
index f7d9788b..4c4e10da 100644
--- a/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md
+++ b/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md
@@ -2,10 +2,11 @@
##### Reformatting wolfSSL as a compatible Arduino Library
This is a shell script that will re-organize the wolfSSL library to be
-compatible with Arduino projects. The Arduino IDE requires a library's source
-files to be in the library's root directory with a header file in the name of
-the library. This script moves all src/ files to the `IDE/ARDUINO/wolfSSL`
-directory and creates a stub header file called `wolfssl.h`.
+compatible with Arduino projects that use Arduino IDE 1.5.0 or newer.
+The Arduino IDE requires a library's source files to be in the library's root
+directory with a header file in the name of the library. This script moves all
+src/ files to the `IDE/ARDUINO/wolfSSL/src` directory and creates a stub header
+file called `wolfssl.h` inside that directory.
Step 1: To configure wolfSSL with Arduino, enter the following from within the
wolfssl/IDE/ARDUINO directory:
@@ -15,7 +16,7 @@ wolfssl/IDE/ARDUINO directory:
Step 2: Copy the directory wolfSSL that was just created to:
`~/Documents/Arduino/libraries/` directory so the Arduino IDE can find it.
-Step 3: Edit `<arduino-libraries>/wolfSSL/user_settings.h`
+Step 3: Edit `<arduino-libraries>/wolfSSL/src/user_settings.h`
If building for Intel Galileo platform add: `#define INTEL_GALILEO`.
Add any other custom settings, for a good start see the examples in wolfssl root
"/examples/configs/user_settings_*.h"
diff --git a/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino b/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
index b50e9f12..61362ae9 100644
--- a/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
+++ b/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
@@ -19,10 +19,18 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+ This was original tested with Intel Galileo acting as the Client, with a
+laptop acting as a server using the server example provided in examples/server.
+Legacy Ardunio v1.86 was used to compile and program the Galileo
+*/
+#define USE_CERT_BUFFERS_2048
#include <wolfssl.h>
#include <wolfssl/ssl.h>
#include <Ethernet.h>
+#include <wolfssl/certs_test.h>
+
const char host[] = "192.168.1.148"; /* server to connect to */
const int port = 11111; /* port on server to connect to */
@@ -37,123 +45,132 @@ WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
void setup() {
- WOLFSSL_METHOD* method;
-
- Serial.begin(9600);
-
- method = wolfTLSv1_2_client_method();
- if (method == NULL) {
- Serial.println("unable to get method");
+ WOLFSSL_METHOD* method;
+ /* Initialize Return Code */
+ int rc;
+ Serial.begin(9600);
+ /* Delay need to ensure connection to server */
+ delay(4000);
+
+ method = wolfTLSv1_2_client_method();
+ if (method == NULL) {
+ Serial.println("unable to get method");
return;
- }
- ctx = wolfSSL_CTX_new(method);
- if (ctx == NULL) {
- Serial.println("unable to get ctx");
+ }
+ ctx = wolfSSL_CTX_new(method);
+ if (ctx == NULL) {
+ Serial.println("unable to get ctx");
+ return;
+ }
+ /* initialize wolfSSL using callback functions */
+ wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
+ rc = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,\
+ sizeof_ca_cert_der_2048,\
+ WOLFSSL_FILETYPE_ASN1);
+ Serial.print("\n\n Return code of load_verify is:");
+ Serial.println(rc);
+ Serial.println("");
+ rc = wolfSSL_CTX_use_certificate_buffer(ctx, client_cert_der_2048,\
+ sizeof_client_cert_der_2048,\
+ WOLFSSL_FILETYPE_ASN1);
+ Serial.print("\n\n Return code of use_certificate_buffer is:");
+ Serial.println(rc);
+ Serial.println("");
+ rc = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,\
+ sizeof_client_key_der_2048,\
+ WOLFSSL_FILETYPE_ASN1);
+ Serial.print("\n\n Return code of use_PrivateKey_buffer is:");
+ Serial.println(rc);
+ Serial.println("");
+ wolfSSL_SetIOSend(ctx, EthernetSend);
+ wolfSSL_SetIORecv(ctx, EthernetReceive);
return;
- }
- /* initialize wolfSSL using callback functions */
- wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
- wolfSSL_SetIOSend(ctx, EthernetSend);
- wolfSSL_SetIORecv(ctx, EthernetReceive);
-
- return;
}
int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
- int sent = 0;
-
- sent = client.write((byte*)msg, sz);
-
- return sent;
+ int sent = 0;
+ sent = client.write((byte*)msg, sz);
+ return sent;
}
int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
- int ret = 0;
-
- while (client.available() > 0 && ret < sz) {
- reply[ret++] = client.read();
- }
-
- return ret;
+ int ret = 0;
+ while (client.available() > 0 && ret < sz) {
+ reply[ret++] = client.read();
+ }
+ return ret;
}
void loop() {
- int err = 0;
- int input = 0;
- int total_input = 0;
- char msg[32] = "hello wolfssl!";
- int msgSz = (int)strlen(msg);
- char errBuf[80];
- char reply[80];
- const char* cipherName;
-
- if (reconnect) {
- reconnect--;
-
- if (client.connect(host, port)) {
-
- Serial.print("Connected to ");
- Serial.println(host);
-
- ssl = wolfSSL_new(ctx);
- if (ssl == NULL) {
- Serial.println("Unable to allocate SSL object");
- return;
- }
-
- err = wolfSSL_connect(ssl);
- if (err != WOLFSSL_SUCCESS) {
- err = wolfSSL_get_error(ssl, 0);
- wolfSSL_ERR_error_string(err, errBuf);
- Serial.print("TLS Connect Error: ");
- Serial.println(errBuf);
- }
-
- Serial.print("SSL version is ");
- Serial.println(wolfSSL_get_version(ssl));
-
- cipherName = wolfSSL_get_cipher(ssl);
- Serial.print("SSL cipher suite is ");
- Serial.println(cipherName);
-
- if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
-
- Serial.print("Server response: ");
- /* wait for data */
- while (!client.available()) {}
- /* read data */
- while (wolfSSL_pending(ssl)) {
- input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
- total_input += input;
- if (input < 0) {
- err = wolfSSL_get_error(ssl, 0);
- wolfSSL_ERR_error_string(err, errBuf);
- Serial.print("TLS Read Error: ");
- Serial.println(errBuf);
- break;
- } else if (input > 0) {
- reply[input] = '\0';
- Serial.print(reply);
- } else {
- Serial.println();
- }
- }
- } else {
- err = wolfSSL_get_error(ssl, 0);
- wolfSSL_ERR_error_string(err, errBuf);
- Serial.print("TLS Write Error: ");
- Serial.println(errBuf);
- }
-
- wolfSSL_shutdown(ssl);
- wolfSSL_free(ssl);
-
- client.stop();
- Serial.println("Connection complete.");
- reconnect = 0;
- } else {
- Serial.println("Trying to reconnect...");
+ int err = 0;
+ int input = 0;
+ int total_input = 0;
+ char msg[32] = "hello wolfssl!";
+ int msgSz = (int)strlen(msg);
+ char errBuf[80];
+ char reply[80];
+ const char* cipherName;
+ if (reconnect) {
+ reconnect--;
+ if (client.connect(host, port)) {
+ Serial.print("Connected to ");
+ Serial.println(host);
+ ssl = wolfSSL_new(ctx);
+ if (ssl == NULL) {
+ Serial.println("Unable to allocate SSL object");
+ return;
+ }
+ err = wolfSSL_connect(ssl);
+ if (err != WOLFSSL_SUCCESS) {
+ err = wolfSSL_get_error(ssl, 0);
+ wolfSSL_ERR_error_string(err, errBuf);
+ Serial.print("TLS Connect Error: ");
+ Serial.println(errBuf);
+ }
+ Serial.print("SSL version is ");
+ Serial.println(wolfSSL_get_version(ssl));
+ cipherName = wolfSSL_get_cipher(ssl);
+ Serial.print("SSL cipher suite is ");
+ Serial.println(cipherName);
+ if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
+ Serial.print("Server response: ");
+ /* wait for data */
+ while (!client.available()) {}
+ /* read data */
+ while (wolfSSL_pending(ssl)) {
+ input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
+ total_input += input;
+ if (input < 0) {
+ err = wolfSSL_get_error(ssl, 0);
+ wolfSSL_ERR_error_string(err, errBuf);
+ Serial.print("TLS Read Error: ");
+ Serial.println(errBuf);
+ break;
+ }
+ else if (input > 0) {
+ reply[input] = '\0';
+ Serial.print(reply);
+ }
+ else {
+ Serial.println();
+ }
+ }
+ }
+ else {
+ err = wolfSSL_get_error(ssl, 0);
+ wolfSSL_ERR_error_string(err, errBuf);
+ Serial.print("TLS Write Error: ");
+ Serial.println(errBuf);
+ }
+ wolfSSL_shutdown(ssl);
+ wolfSSL_free(ssl);
+ client.stop();
+ Serial.println("Connection complete.");
+ reconnect = 0;
+ }
+ else {
+ Serial.println("Trying to reconnect...");
+ }
}
- }
- delay(1000);
+ delay(1000);
}
diff --git a/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh b/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh
index e1267a86..107f99b1 100755
--- a/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh
+++ b/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh
@@ -4,86 +4,141 @@
# an Arduino project
# run as bash ./wolfssl-arduino.sh
-DIR=${PWD##*/}
+ROOT_DIR="/wolfSSL"
+ROOT_SRC_DIR="${ROOT_DIR}/src"
+WOLFSSL_SRC="${ROOT_SRC_DIR}/src"
+WOLFSSL_HEADERS="${ROOT_SRC_DIR}/wolfssl"
+WOLFCRYPT_ROOT="${ROOT_SRC_DIR}/wolfcrypt"
+WOLFCRYPT_SRC="${WOLFCRYPT_ROOT}/src"
+WOLFCRYPT_HEADERS="${WOLFSSL_HEADERS}/wolfcrypt"
+OPENSSL_DIR="${WOLFSSL_HEADERS}/openssl"
+WOLFSSL_VERSION="5.6.4"
-space(){
- echo "" >> "$1"
-}
+# TOP indicates the file directory comes from the top level of the wolfssl repo
+TOP_DIR="../.."
+WOLFSSL_SRC_TOP="${TOP_DIR}/src"
+WOLFSSL_HEADERS_TOP="${TOP_DIR}/wolfssl"
+WOLFCRYPT_ROOT_TOP="${TOP_DIR}/wolfcrypt"
+WOLFCRYPT_SRC_TOP="${WOLFCRYPT_ROOT_TOP}/src"
+WOLFCRYPT_HEADERS_TOP="${WOLFSSL_HEADERS_TOP}/wolfcrypt"
+OPENSSL_DIR_TOP="${WOLFSSL_HEADERS_TOP}/openssl"
-if [ "$DIR" = "ARDUINO" ]; then
- if [ ! -d "wolfSSL" ]; then
- mkdir wolfSSL
- fi
- cp ../../src/*.c ./wolfSSL
- cp ../../wolfcrypt/src/*.c ./wolfSSL
+# TODO: Parse version number
+WOLFSSL_VERSION=$(grep -i "LIBWOLFSSL_VERSION_STRING" ${TOP_DIR}/wolfssl/version.h | cut -d '"' -f 2)
+
- if [ ! -d "wolfSSL/wolfssl" ]; then
- mkdir wolfSSL/wolfssl
+DIR=${PWD##*/}
+
+if [ "$DIR" = "ARDUINO" ]; then
+ if [ ! -d ".${ROOT_DIR}" ]; then
+ mkdir .${ROOT_DIR}
fi
- cp ../../wolfssl/*.h ./wolfSSL/wolfssl
- if [ ! -d "wolfSSL/wolfssl/wolfcrypt" ]; then
- mkdir wolfSSL/wolfssl/wolfcrypt
+ if [ ! -d ".${ROOT_SRC_DIR}" ]; then
+ mkdir .${ROOT_SRC_DIR}
fi
- cp ../../wolfssl/wolfcrypt/*.h ./wolfSSL/wolfssl/wolfcrypt
- # support misc.c as include in wolfcrypt/src
- if [ ! -d "./wolfSSL/wolfcrypt" ]; then
- mkdir ./wolfSSL/wolfcrypt
+ if [ ! -d ".${WOLFSSL_HEADERS}" ]; then
+ mkdir .${WOLFSSL_HEADERS}
fi
- if [ ! -d "./wolfSSL/wolfcrypt/src" ]; then
- mkdir ./wolfSSL/wolfcrypt/src
+
+ cp ${WOLFSSL_HEADERS_TOP}/*.h .${WOLFSSL_HEADERS}
+ if [ ! -d ".${WOLFCRYPT_HEADERS}" ]; then
+ mkdir .${WOLFCRYPT_HEADERS}
fi
- cp ../../wolfcrypt/src/misc.c ./wolfSSL/wolfcrypt/src
- cp ../../wolfcrypt/src/asm.c ./wolfSSL/wolfcrypt/src
+ cp ${WOLFCRYPT_HEADERS_TOP}/*.h .${WOLFCRYPT_HEADERS}
+ # Add in source files to wolfcrypt/src
+ if [ ! -d ".${WOLFCRYPT_ROOT}" ]; then
+ mkdir .${WOLFCRYPT_ROOT}
+ fi
+ if [ ! -d ".${WOLFCRYPT_SRC}" ]; then
+ mkdir .${WOLFCRYPT_SRC}
+ fi
+ cp ${WOLFCRYPT_SRC_TOP}/*.c .${WOLFCRYPT_SRC}
+
+ # Add in source files to top level src folders
+ if [ ! -d ".${WOLFSSL_SRC}" ]; then
+ mkdir .${WOLFSSL_SRC}
+ fi
+ cp ${WOLFSSL_SRC_TOP}/*.c .${WOLFSSL_SRC}
# put bio and evp as includes
- mv ./wolfSSL/bio.c ./wolfSSL/wolfssl
- mv ./wolfSSL/evp.c ./wolfSSL/wolfssl
+ cp .${WOLFSSL_SRC}/bio.c .${WOLFSSL_HEADERS}
+ cp .${WOLFCRYPT_SRC}/evp.c .${WOLFSSL_HEADERS}
# make a copy of evp.c and bio.c for ssl.c to include inline
- cp ./wolfSSL/wolfssl/evp.c ./wolfSSL/wolfcrypt/src/evp.c
- cp ./wolfSSL/wolfssl/bio.c ./wolfSSL/wolfcrypt/src/bio.c
+ cp .${WOLFSSL_HEADERS}/evp.c .${WOLFCRYPT_SRC}/evp.c
+ cp .${WOLFSSL_HEADERS}/bio.c .${WOLFCRYPT_SRC}/bio.c
# copy openssl compatibility headers to their appropriate location
- if [ ! -d "./wolfSSL/wolfssl/openssl" ]; then
- mkdir ./wolfSSL/wolfssl/openssl
+ if [ ! -d ".${OPENSSL_DIR}" ]; then
+ mkdir .${OPENSSL_DIR}
fi
- cp ../../wolfssl/openssl/* ./wolfSSL/wolfssl/openssl
-
- echo "/* Generated wolfSSL header file for Arduino */" > ./wolfSSL/wolfssl.h
- echo "#include <user_settings.h>" >> ./wolfSSL/wolfssl.h
- echo "#include <wolfssl/wolfcrypt/settings.h>" >> ./wolfSSL/wolfssl.h
- echo "#include <wolfssl/ssl.h>" >> ./wolfSSL/wolfssl.h
-
- if [ ! -f "./wolfSSL/user_settings.h" ]; then
- echo "/* Generated wolfSSL user_settings.h file for Arduino */" > ./wolfSSL/user_settings.h
- echo "#ifndef ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
- echo "#define ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
- space ./wolfSSL/user_settings.h
- echo "/* Platform */" >> ./wolfSSL/user_settings.h
- echo "#define WOLFSSL_ARDUINO" >> ./wolfSSL/user_settings.h
- space ./wolfSSL/user_settings.h
- echo "/* Math library (remove this to use normal math)*/" >> ./wolfSSL/user_settings.h
- echo "#define USE_FAST_MATH" >> ./wolfSSL/user_settings.h
- echo "#define TFM_NO_ASM" >> ./wolfSSL/user_settings.h
- space ./wolfSSL/user_settings.h
- echo "/* RNG DEFAULT !!FOR TESTING ONLY!! */" >> ./wolfSSL/user_settings.h
- echo "/* comment out the error below to get started w/ bad entropy source" >> ./wolfSSL/user_settings.h
- echo " * This will need fixed before distribution but is OK to test with */" >> ./wolfSSL/user_settings.h
- echo "#error \"needs solved, see: https://www.wolfssl.com/docs/porting-guide/\"" >> ./wolfSSL/user_settings.h
- echo "#define WOLFSSL_GENSEED_FORTEST" >> ./wolfSSL/user_settings.h
- space ./wolfSSL/user_settings.h
- echo "#endif /* ARDUINO_USER_SETTINGS_H */" >> ./wolfSSL/user_settings.h
+ cp ${OPENSSL_DIR_TOP}/* .${OPENSSL_DIR}
+
+
+ cat > .${ROOT_SRC_DIR}/wolfssl.h <<EOF
+/* Generated wolfSSL header file for Arduino */
+#include <user_settings.h>
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+EOF
+
+
+# Creates user_settings file if one does not exist
+ if [ ! -f ".${ROOT_SRC_DIR}/user_settings.h" ]; then
+ cat > .${ROOT_SRC_DIR}/user_settings.h <<EOF
+/* Generated wolfSSL user_settings.h file for Arduino */
+#ifndef ARDUINO_USER_SETTINGS_H
+#define ARDUINO_USER_SETTINGS_H
+
+/* Platform */
+#define WOLFSSL_ARDUINO
+
+/* Math library (remove this to use normal math)*/
+#define USE_FAST_MATH
+#define TFM_NO_ASM
+#define NO_ASN_TIME
+
+/* When using Intel Galileo Uncomment the line below */
+/* #define INTEL_GALILEO */
+
+/* RNG DEFAULT !!FOR TESTING ONLY!! */
+/* comment out the error below to get started w/ bad entropy source
+ * This will need fixed before distribution but is OK to test with */
+#error "needs solved, see: https://www.wolfssl.com/docs/porting-guide/"
+#define WOLFSSL_GENSEED_FORTEST
+
+#endif /* ARDUINO_USER_SETTINGS_H */
+EOF
fi
- cp wolfSSL/wolfssl/wolfcrypt/settings.h wolfSSL/wolfssl/wolfcrypt/settings.h.bak
- echo " /* wolfSSL Generated ARDUINO settings */" > ./wolfSSL/wolfssl/wolfcrypt/settings.h
- echo "#ifndef WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
- echo " #define WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
- echo "#endif /* WOLFSSL_USER_SETTINGS */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
- echo " /* wolfSSL Generated ARDUINO settings: END */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
- cat ./wolfSSL/wolfssl/wolfcrypt/settings.h.bak >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
+ cp .${WOLFCRYPT_HEADERS}/settings.h .${WOLFCRYPT_HEADERS}/settings.h.bak
+ cat > .${WOLFCRYPT_HEADERS}/settings.h <<EOF
+/*wolfSSL Generated ARDUINO settings */
+#ifndef WOLFSSL_USER_SETTINGS
+ #define WOLFSSL_USER_SETTINGS
+#endif /* WOLFSSL_USER_SETTINGS */
+/*wolfSSL Generated ARDUINO settings: END */
+
+EOF
+ cat .${WOLFCRYPT_HEADERS}/settings.h.bak >> .${WOLFCRYPT_HEADERS}/settings.h
+
+ #Creating library.properties file based off of:
+ #https://arduino.github.io/arduino-cli/0.35/library-specification/#libraryproperties-file-format
+
+ cat > .${ROOT_DIR}/library.properties <<EOF
+name=wolfSSL
+version=${WOLFSSL_VERSION}
+author=wolfSSL inc
+maintainer=wolfSSL inc <support@wolfssl.com>
+sentence=A lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments.
+paragraph=Manual: https://www.wolfssl.com/documentation/manuals/wolfssl/index.html.
+category=Communication
+url=https://www.wolfssl.com/
+architectures=*
+
+EOF
else
echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
diff --git a/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h b/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h
index 216bb379..4b41446b 100644
--- a/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h
@@ -98,7 +98,6 @@ extern unsigned int my_rng_seed_gen(void);
#define WOLFSSL_SP_NO_MALLOC
//#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
- //#define WOLFSSL_SP_CACHE_RESISTANT
/* use smaller version of code */
#define WOLFSSL_SP_SMALL
@@ -205,7 +204,7 @@ extern unsigned int my_rng_seed_gen(void);
/* use heap allocation for ECC points */
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c
index ea2ea943..baabf535 100644
--- a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c
+++ b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c
@@ -27,7 +27,7 @@
/* wolfCrypt_Init/wolfCrypt_Cleanup to turn CryptoCell hardware on/off */
#include <wolfssl/wolfcrypt/wc_port.h>
-/* SEGGER_RTT_Init, you can potential replace it with other serial terminal */
+/* SEGGER_RTT_Init, you can potentially replace it with other serial terminal */
#include "SEGGER_RTT.h"
int main(void)
diff --git a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h
index 8af4f54f..dc9822f5 100644
--- a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h
@@ -88,7 +88,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
- #define WOLFSSL_SP_CACHE_RESISTANT
//#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
/* Assembly */
diff --git a/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h b/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h
index a22d0a32..ca68a2a9 100644
--- a/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h
@@ -85,7 +85,6 @@ You can get the current time from https://www.unixtimestamp.com/ */
#define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
#define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
- //#define WOLFSSL_SP_CACHE_RESISTANT
#define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
//#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
diff --git a/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md b/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md
index 8932c813..bd0c8bc9 100644
--- a/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md
+++ b/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md
@@ -118,41 +118,41 @@ memcb test passed!
wolfSSL version 3.15.5
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG 225 KB tooks 1.026 seconds, 219.313 KB/s
-AES-128-CBC-enc 250 KB toks 1.105 seconds 226.210 KB/s
-AES-128-CBC-dec 225 KB tooks 1.005 seconds, 223.922 KB/s
-AES-192-CBC-enc 225 KB tooks 1.076 seconds, 209.104 KB/s
-AES-192-CBC-dec 225 KB tooks 1.077 seconds, 208.981 K/s
-AES-56-CBC-enc 200 KB tooks 1.029 seconds, 19.396 KB/s
-AES-256-CBC-dec 200 KB toks 1.022 seconds, 195.785 KB/s
-AES-128-GCM-enc 125 KB tooks 1.28 secnds, 101.70 KB/s
-AES-128-GC-dec 125 KB tooks 1.228 seconds 101.756 KB/s
-AES-192-GCM-enc 100 KB tooks 1.026 seconds, 97.493 KB/s
-AES-192-GCM-dec 100 KB tooks 1.026 seconds, 97.480 KB/s
-AES-256-GCM-enc 100 KB tooks 1.065 seconds, 93.909 KB/s
-AES-256-GC-dec 100 KB tooks 1.065 seconds, 93.897 KB/s
-RABBIT 2 MB tooks 1.011 seconds, 2.19 MB/s
-3DES 100 KB tooks 1.007 sconds, 99.312 KB/s
-MD5 3MB tooks 1.008 seonds, 2.907 MBs
-SHA 1 MB tooks 1.09 secnds, 1.283 MB/s
-SHA-256 575 KB tooks 1.037 seconds, 554.501 KB/s
-SHA-512 200 KB tooks 1.003 seconds, 199.444 KB/s
-HMAC-MD5 3 B tooks 1.002 seconds, 2.876 MB/s
-HMAC-SHA26 550 KB tooks 1.000 seconds, 549.95 KB//s
-HMAC-SHA512 200 KB toks 1.018 seconds, 196.452 KB/s
-RSA 2048 public 8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
-RSA 2048 private 2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
-DH 2048 key en 2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
-DH 2048 agree 2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
-ECC 256 key gen 3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
-ECDHE 256 agree 4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
-ECSA 256 sign 4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
-ECDSA 256verif 2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
-CURVE 25519 key gen 2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
-CURE 25519 agree 2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
-ED 2519 key gen 2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
-ED 25519 sign 2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
-ED 25519 verify 2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+RNG 225 KB took 1.026 seconds, 219.313 KB/s
+AES-128-CBC-enc 250 KB took 1.105 seconds 226.210 KB/s
+AES-128-CBC-dec 225 KB took 1.005 seconds, 223.922 KB/s
+AES-192-CBC-enc 225 KB took 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec 225 KB took 1.077 seconds, 208.981 K/s
+AES-56-CBC-enc 200 KB took 1.029 seconds, 19.396 KB/s
+AES-256-CBC-dec 200 KB took 1.022 seconds, 195.785 KB/s
+AES-128-GCM-enc 125 KB took 1.28 seconds, 101.70 KB/s
+AES-128-GC-dec 125 KB took 1.228 seconds 101.756 KB/s
+AES-192-GCM-enc 100 KB took 1.026 seconds, 97.493 KB/s
+AES-192-GCM-dec 100 KB took 1.026 seconds, 97.480 KB/s
+AES-256-GCM-enc 100 KB took 1.065 seconds, 93.909 KB/s
+AES-256-GC-dec 100 KB took 1.065 seconds, 93.897 KB/s
+RABBIT 2 MB took 1.011 seconds, 2.19 MB/s
+3DES 100 KB took 1.007 seconds, 99.312 KB/s
+MD5 3MB took 1.008 seconds, 2.907 MBs
+SHA 1 MB took 1.09 secends, 1.283 MB/s
+SHA-256 575 KB took 1.037 seconds, 554.501 KB/s
+SHA-512 200 KB took 1.003 seconds, 199.444 KB/s
+HMAC-MD5 3 B took 1.002 seconds, 2.876 MB/s
+HMAC-SHA26 550 KB took 1.000 seconds, 549.95 KB//s
+HMAC-SHA512 200 KB topk 1.018 seconds, 196.452 KB/s
+RSA 2048 public 8 ops took 1.025 seconds, avg 128.135 ms, 7.804 ops/s
+RSA 2048 private 2 ops took 4.972 seconds, avg 2485.951 s, 0.402 ops/s
+DH 2048 key en 2 ops took 1.927 seconds, avg 96.303 ms, 1.038 ops/s
+DH 2048 agree 2ops took 1.937 seconds, avg 968.578 ms, 1.032 ops/s
+ECC 256 key gen 3 ops took 1.185 seconds, avg 394.944 ms, 2.53 ops/s
+ECDHE 256 agree 4 ops took 1.585 seconds, avg 396.168 ms, 2.524 ops/s
+ECSA 256 sign 4 ops took 1.611 seconds, avg 402.865 ms, 2.482 ops/s
+ECDSA 256verif 2 ops took 1.586 seconds, avg 793.153 ms, 1.261 ops/s
+CURVE 25519 key gen 2 ops took 1.262 seconds, avg 630.907 ms, 1.585 ops/s
+CURE 25519 agree 2 ops took 1.261 seconds, avg630.469 ms, 1.586 ops/s
+ED 2519 key gen 2 ops took 1.27 seconds, avg 66.099 ms, 1.572 ops/s
+ED 25519 sign 2 ops took 1.303 seconds, ag 65.633 ms, 1.35 ops/s
+ED 25519 verify 2 ops took 2.674 seconds, avg1337.68 ms 0.748 ops/s
```
### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md
index a0cc1c9e..65eef865 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md
@@ -1,45 +1,206 @@
-# ESP-IDF port
+# ESP-IDF Port
-NOTICE: These Espressif examples have been created and tested with the latest stable release branch of
-[ESP-IDF V4](https://docs.espressif.com/projects/esp-idf/en/v4.4.1/esp32/get-started/index.html)
-and have not yet been upgraded to the master branch V5.
-See the latest [migration guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
+These Espressif examples have been created and tested with the latest stable release branch of
+[ESP-IDF V5.1](https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/get-started/index.html).
+The prior version 4.4 ESP-IDF is still supported, however version 5.1 or greater is recommended.
+Espressif has [a list of all ESP-IDF versions](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html).
-## Overview
- ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+See the latest [Espressif Migration Guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
-Including the following examples:
+## Examples
-* Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/)
-* Cryptographic [test](./examples/wolfssl_test/)
-* Cryptographic [benchmark](./examples/wolfssl_benchmark/)
+Included are the following [examples](./examples/README.md):
- The *user_settings.h* file enables some of the hardened settings.
+* Bare-bones [Template](./examples/template/README.md)
+* Simple [TLS Client](./examples/wolfssl_client/README.md) / [TLS Server](./examples/wolfssl_server/README.md)
+* Cryptographic [Test](./examples/wolfssl_test/README.md)
+* Cryptographic [Benchmark](./examples/wolfssl_benchmark/README.md)
+
+## Important Usage Details
+
+The wolfSSL code specific to the Espressif ESP-IDF development framework
+is gated in code with the `WOLFSSL_ESPIDF` definition. This is enabled
+automatically when the `WOLFSSL_USER_SETTINGS` is defined. The recommended
+method is to have this line in the main `CMakeLists.txt` file as shown in the
+[example](./examples/template/main/CMakeLists.txt):
+
+```cmake
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+```
+
+When defining `WOLFSSL_USER_SETTINGS`, this tells the `settings.h` file to
+looks for the wolfSSL `user_settings.h` in the project as described below.
+
+### File: `sdkconfig.h`
+
+The Espressif `sdkconfig.h`, generated automatically from your `sdkconfig`
+file at [build](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html)
+time, should be included before any other files.
+
+### File: `user_settings.h`
+
+The `user_settings.h` file enables some of the hardened security settings. There are also some
+default configuration items in the wolfssl `settings.h`. With the latest version of
+wolfSSL, some of these defaults can be disabled with `NO_ESPIDF_DEFAULT` and customized
+in your project `user_settings.h` as desired.
+
+See the respective project directory:
+
+ `[project-dir]/components/wolfssl/user_settings.h`
+
+A typical project will _not_ directly reference the `user_settings.h` file.
+Here's an example to be included at the top of a given source file:
+
+```c
+/* ESP-IDF */
+#include <esp_log.h>
+#include "sdkconfig.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
+/* Do not explicitly include wolfSSL user_settings.h */
+#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+```
+
+Prior versions of the wolfSSL Espressif library expected the `user_settings.h` to be in the root wolfssl folder in a directory
+called `/include`. This method, while possible, is no longer recommended.
+
+Be sure to *not* have a `user_settings.h` in _both_ the local project and the wolfssl `include` directories.
+
+### File: `wolfssl/wolfcrypt/settings.h`
+
+The wolfSSL built-in `settings.h` references your project `user_settings.h`. The
+`settings.h` should _not_ be edited directly. Any wolfSSL settings should be adjusted in your local project
+`user_settings.h` file.
+
+The `settings.h` has some SoC-target-specific settings, so be sure to `#include "sdkconfig.h"` at the beginning
+of your source code, particularly before the `#include <wolfssl/wolfcrypt/settings.h>` line.
## Requirements
+
1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)
-## Setup for Linux
+## wolfSSL as an Espressif component
+
+There are various methods available for using wolfSSL as a component:
+
+* Managed Component - easiest to get started.
+* Local component directory - best for development.
+* Install locally - least flexible, but project is fully self-contained.
+
+## Espressif Managed Components
+
+Visit https://components.espressif.com/components/wolfssl/wolfssl and see the instructions. Typically:
+
+```
+idf.py add-dependency "wolfssl/wolfssl^5.6.0-stable"
+```
+
+## Standard local component:
+
+See the [template example](./examples/template/README.md). Simply created a `wolfssl` directory in the
+local project `components` directory and place the [CMakeLists.txt](./examples/template/components/CMakeLists.txt)
+file there. Then add a `components/wolfssl/include` directory and place the [user_settings.h](/examples/template/components/wolfssl/include/user_settings.h)
+file there. If wolfSSL is in a structure such as `./workspace/wolfssl` with respect to your project at `./workspace/wolfssl`,
+then the cmake file should automatically find the wolfSSL source code. Otherwise set the cmake `WOLFSSL_ROOT` variable
+in the top-level CMake file. Examples:
+
+```cmake
+ set(WOLFSSL_ROOT "C:/some-path/wolfssl")
+ set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
+ set(WOLFSSL_ROOT "/mnt/c/somepath/wolfssl")
+```
+
+See the specific examples for additional details.
+
+## Setup for Linux (wolfSSL local copy)
+
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree
2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
- 3. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
+ 3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
## Setup for Windows
+
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`
3. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
4. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
+## Setup for VisualGDB
+
+See the local project `./VisualGDB` for sample project files. For single-step JTAG debugging on boards that do not
+have a built-in JTAG port, the wolfSSL examples use the open source [Tigard board](https://github.com/tigard-tools/tigard#readme).
+
+See also the [gojimmypi blog](https://gojimmypi.github.io/Tigard-JTAG-SingleStep-Debugging-ESP32/) on using the Tigard
+to JTAG debug the ESP32.
+
+### Clone a specific version:
+
+```
+C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espressif/esp-idf.git v5.0.2
+```
+
## Configuration
+
+ 1. The `user_settings.h` can be found in `[project]/components/wolfssl/include/user_settings.h`.
+
+## Configuration (Legacy IDF install)
+
1. The `user_settings.h` can be found in _/path/to/esp_`/esp-idf/components/wolfssl/include/user_settings.h`
## Build examples
- 1. See README in each example folder
+
+ 1. See README in each example folder.
## Support
+
For question please email [support@wolfssl.com]
Note: This is tested with :
- - OS: Ubuntu 20.04.3 LTS and Microsoft Windows 10 Pro 10.0.19041 and well as WSL Ubuntu
- - ESP-IDF: ESP-IDF v4.3.2
- - Module : ESP32-WROOM-32
+ - OS: Ubuntu 20.04.3 LTS
+ - Microsoft Windows 10 Pro 10.0.19041 / Windows 11 Pro 22H2 22621.2715
+ - Visual Studio 2022 17.7.6 with VisualGDB 5.6R9 (build 4777)
+ - WSL 1 Ubuntu 22.04.3 LTS
+ - ESP-IDF: ESP-IDF v5.1
+ - SoC Module : all those supported in ESP-IDF v5.1
+
+## JTAG Debugging Notes
+
+All of the examples are configured to use either the on-board JTAG (when available) or
+the open source [Tigard multi-protocol tool for hardware hacking](https://github.com/tigard-tools/tigard).
+
+VisualGDB users should find the configuration file in the `interface\ftdi` directory:
+
+```
+C:\Users\%USERNAME%\AppData\Local\VisualGDB\EmbeddedDebugPackages\com.sysprogs.esp32.core\share\openocd\scripts\interface\ftdi
+```
+
+For reference, the `tigard.cfg` looks like this:
+
+```
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# Tigard: An FTDI FT2232H-based multi-protocol tool for hardware hacking.
+# https://github.com/tigard-tools/tigard
+
+adapter driver ftdi
+
+ftdi device_desc "Tigard V1.1"
+ftdi vid_pid 0x0403 0x6010
+
+ftdi channel 1
+
+ftdi layout_init 0x0038 0x003b
+ftdi layout_signal nTRST -data 0x0010
+ftdi layout_signal nSRST -data 0x0020
+
+# This board doesn't support open-drain reset modes since its output buffer is
+# always enabled.
+reset_config srst_push_pull trst_push_pull
+
+```
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md
index cb5171fc..af440a8b 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md
@@ -15,7 +15,7 @@ Including the following examples:
2. Microchip CryptoAuthentication Library: https://github.com/MicrochipTech/cryptoauthlib
## Setup
-1. Comment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
+1. Comment out `#define WOLFSSL_ESP32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
Uncomment out `#define WOLFSSL_ESPWROOM32SE` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`
* **Note:** crypt test will fail if enabled `WOLFSSL_ESPWROOM32SE`
3. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md
index 63d3bce7..010054e9 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md
@@ -21,3 +21,4 @@ Updates to Espressif ESP-IDF wolfssl_benchmark and wolfssl_test examples:
- Added VisualGDB Project file & Visual Studio solution file.
- Added optional `time_helper` for wolfssl_test
- Exclude `ssl_misc.c` in component cmake to fix warning: #warning ssl_misc.c does not need to be compiled separately from ssl.c
+- Exclude `ssl_crypto.c` in component cmake to fix warning: #warning ssl_crypto.c does not need to be compiled separately from ssl.c
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh
index bc8dff78..536dc295 100755
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh
@@ -62,6 +62,9 @@ if [[ "$RUN_SETUP" == "--run-setup" ]]; then
echo "Testing a build of wolfSSL in ESP-IDF components directory"
echo ""
for file in "test_idf"; do
+ if [ -e "../../../include/user_settings.h" ]; then
+ mv "../../../include/user_settings.h" "../../../include/user_settings.h.${file}.bak"
+ fi
pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
THIS_ERR=$?
popd
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md
new file mode 100644
index 00000000..e0414d2f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md
@@ -0,0 +1,120 @@
+# wolfSSL Examples for Espressif
+
+## Core Examples
+
+These are the core examples for wolfSSL:
+
+- [Template](./template/README.md)
+
+- [Benchmark](./wolfssl_benchmark/README.md)
+
+- [Test](./wolfssl_test/README.md)
+
+- [TLS Client](./wolfssl_client/README.md)
+
+- [TLS Server](./wolfssl_server/README.md)
+
+## Other Espressif wolfSSL Examples
+
+See these other repositories for additional examples:
+
+- [wolfssl-examples/ESP32](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+
+- [wolfssh/Espressif](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif)
+
+- [wolfssh-examples/Espressif](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+## Interaction with wolfSSL CLI
+
+See the [server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
+and [client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client)
+examples.
+
+Here are some examples using wolfSSL from Linux to communicate with an
+ESP32 TLS client or server:
+
+TLS1.3 Linux Server
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.3 Linux Client to Linux Server: `TLS_AES_128_GCM_SHA256` (default)
+```
+./examples/client/client -v 4 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Server
+```
+./examples/server/server -v 3 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.2 Linux Client to Linux Server: `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` (default)
+```
+./examples/client/client -v 3 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Client to ESP32 Server: `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 3 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.3 Linux Client to ESP32 Server: `TLS_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 4 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+
+There's an additional example that uses wolfSSL installed as a component to the shared ESP-IDF:
+
+- [Test IDF](./wolfssl_test_idf/README.md)
+
+## Installing wolfSSL for Espressif projects
+
+[Core examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
+have a local `components/wolfssl` directory with a special CMakeFile.txt that does not require
+wolfSSL to be installed.
+
+If you want to install wolfSSL, see the setup for [wolfSSL](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF#setup-for-linux)
+and [wolfSSH](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif#setup-for-linux).
+
+The [Espressif Managed Component for wolfSSL](https://components.espressif.com/components/wolfssl/wolfssl)
+also installs source code locally, instead of pointing to a source repository.
+
+## VisualGDB
+
+Users of [VisualGDB](https://visualgdb.com/) can find Espressif project files in each respective
+example `.\VisualGDB` directory. For convenience, there are separate project for various
+target SoC and ESP-IDF version.
+
+For devices without a built-in JTAG, the projects are configured with the open source [Tigard](https://www.crowdsupply.com/securinghw/tigard)
+and using port `COM20`.
+
+For devices _with_ a built-in JTAG, the projects are using `COM9`.
+
+Edit the COM port for your project:
+
+- ESP-IDF Project; Bootloader COM Port.
+- Raw Terminal; COM Port
+
+
+## Troubleshooting
+
+If unusual errors occur, exit Visual Studio and manually delete these directories to start over:
+
+- `.\build`
+- `.\VisualGDB\.visualgdb`
+- `.\VisualGDB\.vs`
+
+It may be helpful to also delete the `sdkconfig` file. (Save a backup if you've made changes to defaults)
+
+## Other Topics
+
+- esp32.com: [RSA peripheral 50% slower on ESP32-S3/C3 than S2](https://www.esp32.com/viewtopic.php?t=23830)
+
+- esp32.com: [GPIO6,GPIO7,GPIO8,and GPIO9 changed for ESP32-WROOM-32E](https://esp32.com/viewtopic.php?t=29058)
+
+See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf).
+
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
new file mode 100644
index 00000000..649a7366
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
@@ -0,0 +1,73 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+# v1.0
+#
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+# WSL: /mnt/c/workspace
+# Linux: ~/workspace
+# Windows: C:\workspace
+#
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+ # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+ # So we'll error out and let the user decide how to proceed:
+ message(WARNING "\nFound wolfSSL components in\n"
+ "./managed_components/wolfssl__wolfssl\n"
+ "and\n"
+ "./components/wolfssl\n"
+ "in project directory: \n"
+ "${CMAKE_HOME_DIRECTORY}")
+ message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+ "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+ "or rename the idf_component.yml file typically found in ./main/")
+else()
+ message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+project(wolfssl_template)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md
new file mode 100644
index 00000000..274e22de
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md
@@ -0,0 +1,72 @@
+# wolfSSL Template Project
+
+This is an example of a minimally viable wolfSSL template to get started with your own project.
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+### Prerequisites
+
+It is assumed the [ESP-IDF environment](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/) has been installed.
+
+### Files Included
+
+- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) .
+
+- See [components/wolfssl/include](./components/wolfssl/include/user_settings.h) directory to edit the wolfSSL `user_settings.h`.
+
+- Edit [main/CMakeLists.txt](./main/CMakeLists.txt) to add/remove source files.
+
+- The [components/wolfssl/CMakeLists.txt](./components/wolfssl/CMakeLists.txt) typically does not need to be changed.
+
+- Optional [VisualGDB Project](./VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj) for Visual Studio using ESP32 and ESP-IDF v5.1.
+
+- Edit the project [CMakeLists.txt](./CMakeLists.txt) to optionally point this project's wolfSSL component source code at a different directory:
+
+```
+set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+```
+
+
+## Getting Started:
+
+Here's an example using the command-line [idf.py](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-py.html).
+
+Edit your `WRK_IDF_PATH`to point to your ESP-IDF install directory.
+
+```
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
+
+# build the example:
+idf.py build
+
+# optionally erase the flash
+idf.py erase-flash -p /dev/ttyS19 -b 115200
+
+# flash the code onto the serial device at /dev/ttyS19
+idf.py flash -p /dev/ttyS19 -b 115200
+
+# build, flash, and view UART output with one command:
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+```
+
+Press `Ctrl+]` to exit `idf.py monitor`. See [additional monitor keyboard commands](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-monitor.html).
+
+## Other Examples:
+
+For examples, see:
+
+- [TLS Client](../wolfssl_client/README.md)
+- [TLS Server](../wolfssl_server/README.md)
+- [Benchmark](../wolfssl_benchmark/README.md)
+- [Test](../wolfssl_test/README.md)
+- [wolfssl-examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+- [wolfssh-examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
new file mode 100644
index 00000000..dad932c5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <Project xsi:type="com.visualgdb.project.external.esp-idf">
+ <CustomSourceDirectories>
+ <Directories />
+ <PathStyle>Unknown</PathStyle>
+ </CustomSourceDirectories>
+ <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+ <ProjectModeSettings>
+ <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+ <GroupSourcesByTypes>true</GroupSourcesByTypes>
+ <GroupSourcesByPaths>true</GroupSourcesByPaths>
+ <HeaderScanMode>SourceDirs</HeaderScanMode>
+ </ProjectModeSettings>
+ </Project>
+ <Build xsi:type="com.visualgdb.build.cmake">
+ <BuildLogMode xsi:nil="true" />
+ <ToolchainID>
+ <ID>com.visualgdb.xtensa-esp32-elf</ID>
+ <Version>
+ <GCC>12.2.0</GCC>
+ <GDB>12.1</GDB>
+ <Revision>1</Revision>
+ </Version>
+ </ToolchainID>
+ <RelativeSourceDirectory>..</RelativeSourceDirectory>
+ <ConfigurationType>DEBUG</ConfigurationType>
+ <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+ <MakeCommandTemplate>
+ <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+ <Command>$(ToolchainNinja)</Command>
+ <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+ <BackgroundMode xsi:nil="true" />
+ </MakeCommandTemplate>
+ <CMakeCommand>
+ <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+ <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+ <BackgroundMode xsi:nil="true" />
+ </CMakeCommand>
+ <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+ <ExportCompileCommands>false</ExportCompileCommands>
+ <DisableToolchainFile>false</DisableToolchainFile>
+ <CMakeMakefileType>Ninja</CMakeMakefileType>
+ <DeployAsRoot>false</DeployAsRoot>
+ <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+ <UseCCache>false</UseCCache>
+ <ProjectModeSettings>
+ <ProjectItemSettings>
+ <GroupSourcesByTypes>true</GroupSourcesByTypes>
+ <GroupSourcesByPaths>true</GroupSourcesByPaths>
+ <GroupTargetsByPaths>true</GroupTargetsByPaths>
+ <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+ <AutoRefreshProject>true</AutoRefreshProject>
+ <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+ <SortTargetsByName>true</SortTargetsByName>
+ <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+ <SortSourcesByName>true</SortSourcesByName>
+ <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+ <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+ </ProjectItemSettings>
+ <TargetSpecificSettings />
+ <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+ <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+ <VirtualFolders />
+ <ConfigurationNameCase>Upper</ConfigurationNameCase>
+ <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+ <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+ <ESPIDFExtension>
+ <IDFCheckout>
+ <Version>release/v5.1</Version>
+ <Subdirectory>esp-idf/v5.1</Subdirectory>
+ <Type>ESPIDF</Type>
+ </IDFCheckout>
+ <COMPort>COM37</COMPort>
+ <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+ <UseCCache>false</UseCCache>
+ <DeviceID>ESP32</DeviceID>
+ </ESPIDFExtension>
+ </ProjectModeSettings>
+ </Build>
+ <CustomBuild>
+ <PreSyncActions />
+ <PreBuildActions />
+ <PostBuildActions />
+ <PreCleanActions />
+ <PostCleanActions />
+ </CustomBuild>
+ <CustomDebug>
+ <PreDebugActions />
+ <PostDebugActions />
+ <DebugStopActions />
+ <BreakMode>Default</BreakMode>
+ </CustomDebug>
+ <DeviceTerminalSettings>
+ <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+ <ComPortName>COM37</ComPortName>
+ <AdvancedSettings>
+ <BaudRate>115200</BaudRate>
+ <DataBits>8</DataBits>
+ <Parity>None</Parity>
+ <StopBits>One</StopBits>
+ <FlowControl>None</FlowControl>
+ </AdvancedSettings>
+ </Connection>
+ <LastConnectionTime>0</LastConnectionTime>
+ <EchoTypedCharacters>false</EchoTypedCharacters>
+ <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+ <ReconnectAutomatically>false</ReconnectAutomatically>
+ <DisplayMode>ASCII</DisplayMode>
+ <Colors>
+ <Background>
+ <Alpha>255</Alpha>
+ <Red>0</Red>
+ <Green>0</Green>
+ <Blue>0</Blue>
+ </Background>
+ <Disconnected>
+ <Alpha>255</Alpha>
+ <Red>169</Red>
+ <Green>169</Green>
+ <Blue>169</Blue>
+ </Disconnected>
+ <Text>
+ <Alpha>255</Alpha>
+ <Red>211</Red>
+ <Green>211</Green>
+ <Blue>211</Blue>
+ </Text>
+ <Echo>
+ <Alpha>255</Alpha>
+ <Red>144</Red>
+ <Green>238</Green>
+ <Blue>144</Blue>
+ </Echo>
+ <Inactive>
+ <Alpha>255</Alpha>
+ <Red>169</Red>
+ <Green>169</Green>
+ <Blue>169</Blue>
+ </Inactive>
+ </Colors>
+ <HexSettings>
+ <MaximumBytesPerLine>16</MaximumBytesPerLine>
+ <ShowTextView>true</ShowTextView>
+ <BreaksAroundEcho>true</BreaksAroundEcho>
+ <AutoSend>true</AutoSend>
+ <SendAsHex>true</SendAsHex>
+ <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+ </HexSettings>
+ <LineEnding>LF</LineEnding>
+ <TreatLFAsCRLF>false</TreatLFAsCRLF>
+ <KeepOpenAfterExit>false</KeepOpenAfterExit>
+ <ShowAfterProgramming>false</ShowAfterProgramming>
+ </DeviceTerminalSettings>
+ <CustomShortcuts>
+ <Shortcuts />
+ <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+ </CustomShortcuts>
+ <UserDefinedVariables />
+ <ImportedPropertySheets />
+ <CodeSense>
+ <Enabled>Unknown</Enabled>
+ <ExtraSettings>
+ <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+ <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+ <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+ <FormattingEngine xsi:nil="true" />
+ </ExtraSettings>
+ <CodeAnalyzerSettings>
+ <Enabled>false</Enabled>
+ </CodeAnalyzerSettings>
+ </CodeSense>
+ <Configurations>
+ <VisualGDBConfiguration>
+ <Name>Debug</Name>
+ <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+ </VisualGDBConfiguration>
+ <VisualGDBConfiguration>
+ <Name>Release</Name>
+ <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+ </VisualGDBConfiguration>
+ </Configurations>
+ <ProgramArgumentsSuggestions />
+ <Debug xsi:type="com.visualgdb.debug.embedded">
+ <AdditionalStartupCommands />
+ <AdditionalGDBSettings>
+ <Features>
+ <DisableAutoDetection>false</DisableAutoDetection>
+ <UseFrameParameter>false</UseFrameParameter>
+ <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+ <ListLocalsSupported>false</ListLocalsSupported>
+ <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+ <ThreadInfoSupported>false</ThreadInfoSupported>
+ <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+ <SupportTargetCommand>false</SupportTargetCommand>
+ <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+ </Features>
+ <EnableSmartStepping>false</EnableSmartStepping>
+ <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+ <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+ <UseAppleExtensions>false</UseAppleExtensions>
+ <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+ <MakeLogFile>false</MakeLogFile>
+ <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+ <UseRelativePathsOnly>false</UseRelativePathsOnly>
+ <ExitAction>None</ExitAction>
+ <DisableDisassembly>false</DisableDisassembly>
+ <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+ <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+ <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+ <DisableSignals>false</DisableSignals>
+ <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+ <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+ <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+ <EnableNonStopMode>false</EnableNonStopMode>
+ <MaxBreakpointLimit>0</MaxBreakpointLimit>
+ <EnableVerboseMode>true</EnableVerboseMode>
+ <EnablePrettyPrinters>false</EnablePrettyPrinters>
+ </AdditionalGDBSettings>
+ <DebugMethod>
+ <ID>openocd</ID>
+ <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+ <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+ <ExtraParameters>
+ <Frequency xsi:nil="true" />
+ <BoostedFrequency xsi:nil="true" />
+ <ConnectUnderReset>false</ConnectUnderReset>
+ </ExtraParameters>
+ <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+ <ProgramMode>Enabled</ProgramMode>
+ <StartupCommands>
+ <string>set remotetimeout 60</string>
+ <string>target remote :$$SYS:GDB_PORT$$</string>
+ <string>mon gdb_breakpoint_override hard</string>
+ <string>mon reset halt</string>
+ <string>load</string>
+ </StartupCommands>
+ <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+ <PreferredGDBPort>0</PreferredGDBPort>
+ <PreferredTelnetPort>0</PreferredTelnetPort>
+ <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+ <SelectedCoreIndex xsi:nil="true" />
+ <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+ <SuggestionLogicRevision>1</SuggestionLogicRevision>
+ <CheckFLASHSize>true</CheckFLASHSize>
+ <FLASHSettings>
+ <Size>size2MB</Size>
+ <Frequency>freq40M</Frequency>
+ <Mode>DIO</Mode>
+ </FLASHSettings>
+ <PatchBootloader>true</PatchBootloader>
+ </Configuration>
+ </DebugMethod>
+ <AutoDetectRTOS>true</AutoDetectRTOS>
+ <SemihostingSupport>Disabled</SemihostingSupport>
+ <SemihostingPollingDelay>0</SemihostingPollingDelay>
+ <StepIntoEntryPoint>false</StepIntoEntryPoint>
+ <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+ <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+ <StopAtEntryPoint>false</StopAtEntryPoint>
+ <EnableVirtualHalts>false</EnableVirtualHalts>
+ <DynamicAnalysisSettings />
+ <EndOfStackSymbol>_estack</EndOfStackSymbol>
+ <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+ <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+ <UnusedStackFillPattern xsi:nil="true" />
+ <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+ </Debug>
+</VisualGDBProjectSettings2> \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
new file mode 100644
index 00000000..e82e19b6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
@@ -0,0 +1,524 @@
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl Espressif projects
+#
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if( "$ENV{USER}" STREQUAL "" ) # the bash user
+ if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+ message(STATUS "could not find USER or USERNAME")
+ else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USERNAME}")
+ endif()
+else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
+
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+# set(WOLFSSL_ROOT "C:/some path/with/spaces")
+# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
+# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
+# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+# or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+
+# function: IS_WOLFSSL_SOURCE
+# parameter: DIRECTORY_PARAMETER - the directory to test
+# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+ if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+ set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+ else()
+ set(${RESULT} "" PARENT_SCOPE)
+ endif()
+endfunction()
+
+# function: FIND_WOLFSSL_DIRECTORY
+# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+ message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+ set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+ if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+ message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+ else()
+ get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if("${FOUND_WOLFSSL}")
+ message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+ else()
+ message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+ message(STATUS "$ENV{WOLFSSL_ROOT}")
+ endif()
+ endif()
+
+ # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+ message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+ message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+
+ # loop through all the parents, looking for wolfssl
+ while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+ # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
+
+ if( THIS_USER )
+ # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+ message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
+
+ #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+ return()
+ endif()
+ endif()
+
+ # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+ # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
+
+ # Move up one directory level
+ set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+ message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+ # when the search directory is empty, we'll give up
+ set(CURRENT_SEARCH_DIR "")
+ endif()
+ endwhile()
+
+ # If not found, set the output variable to empty before exiting
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
+
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+ message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+ idf_component_register(
+ REQUIRES "${COMPONENT_REQUIRES}"
+ PRIV_REQUIRES # esp_hw_support
+ esp_timer
+ driver # this will typically only be needed for wolfSSL benchmark
+ )
+
+else()
+ # not CMAKE_BUILD_EARLY_EXPANSION
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config:")
+ message(STATUS "************************************************************************************************")
+
+ # search for wolfSSL
+ FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+ if(WOLFSSL_ROOT)
+ message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+ else()
+ message(STATUS "NEW wolfssl directory not found.")
+ # Abort. We need wolfssl _somewhere_.
+ message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+ "Try setting WOLFSSL_ROOT environment variable or git clone.")
+ endif()
+
+ set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+ endif()
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+ endif()
+
+ set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+ "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+ ) # COMPONENT_SRCDIRS
+
+ message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+ set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+ add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+ # Espressif may take several passes through this makefile. Check to see if we found IDF
+ string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+ # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+ file(GLOB EXCLUDE_ASM *.S)
+ file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+ message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+ message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+ #
+ # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+ #
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ #
+ # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+ #
+ message(STATUS "")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+ message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "")
+ message(STATUS "To proceed: ")
+ message(STATUS "")
+ message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+ message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+ message(STATUS "")
+ message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+ message(STATUS "")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+
+ # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+ else()
+ if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ #
+ # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+ #
+ message(STATUS "")
+ message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "")
+ else()
+ #
+ # wolfSSL is not an ESP-IDF component.
+ # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+ # or if wolfSSL is simply installed as a local component.
+ #
+
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
+ #
+ # wolfSSL found in local project.
+ #
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+ message(STATUS "")
+ message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
+ #
+ # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+ #
+ # We won't do anything else here, as it will be assumed the original install completed successfully.
+ #
+ else() # full wolfSSL not installed in local project
+ #
+ # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+ # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ #
+ message(STATUS "")
+ message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
+
+ message(STATUS "************************************************************************************************")
+ # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+ # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+ #
+ # first check if there's a [root]/include/user_settings.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+ message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+ "${WOLFSSL_ROOT}/include/user_settings.h "
+ " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+ message(STATUS "Using existing wolfSSL user_settings.h in "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ else()
+ message(STATUS "Installing wolfSSL user_settings.h to "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+ DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+ endif()
+ endif() # user_settings.h
+
+ # next check if there's a [root]/include/config.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "Using existing wolfSSL config.h ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ else()
+ message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+ file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+ endif() # Project config.h
+ endif() # WOLFSSL_ROOT config.h
+ message(STATUS "************************************************************************************************")
+ message(STATUS "")
+ endif()
+
+ else()
+ # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+ if($WOLFSSL_FOUND_IDF)
+ message(STATUS "")
+ message(STATUS "WARNING: wolfSSL not found.")
+ message(STATUS "")
+ else()
+ # probably needs to be re-parsed by Espressif
+ message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+ endif() # else we have not found ESP-IDF yet
+ endif() # else not a local wolfSSL component
+
+ endif() #else not an ESP-IDF component
+ endif() # else not local copy and EDP-IDF wolfSSL
+
+
+ # RTOS_IDF_PATH is typically:
+ # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+ # depending on the environment, we may need to swap backslashes with forward slashes
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+ string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ # ESP-IDF prior version 4.4x has a different RTOS directory structure
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ message(STATUS "Could not find RTOS path")
+ endif()
+ endif()
+
+
+ set(COMPONENT_ADD_INCLUDEDIRS
+ "./include" # this is the location of wolfssl user_settings.h
+ "\"${WOLFSSL_ROOT}/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+ "\"${RTOS_IDF_PATH}/\""
+ )
+
+
+ if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+ endif()
+
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+ set(COMPONENT_SRCEXCLUDE
+ "\"${WOLFSSL_ROOT}/src/bio.c\""
+ "\"${WOLFSSL_ROOT}/src/conf.c\""
+ "\"${WOLFSSL_ROOT}/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/src/pk.c\""
+ "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/x509.c\""
+ "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+ "\"${EXCLUDE_ASM}\""
+ )
+
+ spaces2list(COMPONENT_REQUIRES)
+
+ separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+ separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+ separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+ #
+ # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+ #
+ message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+ message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+ message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+ message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+ #
+ # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+ #
+ set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+ idf_component_register(
+ SRC_DIRS "${COMPONENT_SRCDIRS}"
+ INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+ REQUIRES "${COMPONENT_REQUIRES}"
+ EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+ PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+ )
+ # some optional diagnostics
+ if (1)
+ get_cmake_property(_variableNames VARIABLES)
+ list (SORT _variableNames)
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES BEGIN")
+ message(STATUS "")
+ foreach (_variableName ${_variableNames})
+ message(STATUS "${_variableName}=${${_variableName}}")
+ endforeach()
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES END")
+ message(STATUS "")
+ endif()
+
+ # target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ message(STATUS "")
+ message(STATUS "")
+ message(STATUS "********************************************************************")
+ message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "********************************************************************")
+ message(STATUS "")
+endif()
+# end multiple component check
+
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT: the name of the macro to define
+# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+ # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+ string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+ # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+ if(${IS_VALID_VALUE})
+ # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+ string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
+
+ # we'll could percolate the value to the parent for possible later use
+ # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+ # but we're only using it here in this function
+ set(${VAR_OUPUT} ${VAR_VALUE})
+
+ # we'll print what we found to the console
+ message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+ # the interesting part is defining the VAR_OUPUT name a value to use in the app
+ add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+ else()
+ # if we get here, check the execute_process command and parameters.
+ message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+ set(${VAR_OUPUT} "Unknown")
+ endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+ set (git_cmd "git")
+ message(STATUS "Adding macro definitions:")
+
+ # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config complete!")
+ message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..819ce60b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
@@ -0,0 +1,428 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+/* Reminder: ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* Optional OPENSSL compatibility */
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+ #define HAVE_AES_KEYWRAP
+ #define HAVE_X963_KDF
+ #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use AES counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+ #define WOLFSSL_ATECC508A
+ #define HAVE_PK_CALLBACKS
+ /* when you want to use a custom slot allocation for ATECC608A */
+ /* unless your configuration is unusual, you can use default */
+ /* implementation. */
+ /* #define CUSTOM_SLOT_ALLOCATION */
+#endif
+
+/* RSA primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+ /* Define USE_FAST_MATH and SMALL_STACK */
+ #define ESP32_USE_RSA_PRIMITIVE
+
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+
+ /* NOTE HW unreliable for small values! */
+ /* threshold for performance adjustment for HW primitive use */
+ /* X bits of G^X mod P greater than */
+ #undef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 32
+
+ /* X and Y of X * Y mod P greater than */
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+
+ #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG */
+
+/* date/time */
+/* if it cannot adjust time in the device, */
+/* enable macro below */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT 0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/***** Use SP_MATH *****/
+/* #undef USE_FAST_MATH */
+/* #define SP_MATH */
+/* #define WOLFSSL_SP_MATH_ALL */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef WOLFSSL_KEY_GEN
+#undef WOLFSSL_CERT_REQ
+#undef WOLFSSL_CERT_GEN
+#undef WOLFSSL_CERT_EXT
+#undef WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
+
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
+
+ /* There's no AES or RSA/Math accelerator on the ESP32-C2
+ * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* wolfSSL Hardware Acceleration not yet implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+ /* TODO: Revisit ESP8266 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP266 *****/
+#else
+ /* Anything else encountered, disable HW accleration */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+#else
+ #define USE_CERT_BUFFERS_2048
+ #define USE_CERT_BUFFERS_256
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
new file mode 100644
index 00000000..a038d035
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
@@ -0,0 +1,102 @@
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+# v1.0
+#
+# wolfssl template
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ #
+ # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+ #
+ message(STATUS "")
+ message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
+## register_component()
+idf_component_register(SRCS main.c
+ INCLUDE_DIRS "."
+ "./include")
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT: the name of the macro to define
+# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+ # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+ string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+ # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+ if(${IS_VALID_VALUE})
+ # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+ string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
+
+ # we'll could percolate the value to the parent for possible later use
+ # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+ # but we're only using it here in this function
+ set(${VAR_OUPUT} ${VAR_VALUE})
+
+ # we'll print what we found to the console
+ message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+ # the interesting part is defining the VAR_OUPUT name a value to use in the app
+ add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+ else()
+ # if we get here, check the execute_process command and parameters.
+ message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+ set(${VAR_OUPUT} "Unknown")
+ endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+ # LIBWOLFSSL_VERSION_GIT_HASH
+ execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+ execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+ execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_class.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
index 5c05f46e..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_class.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
@@ -1,4 +1,4 @@
-/* mpi_class.h
+/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,7 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef _MAIN_H_
+#define _MAIN_H_
-
-#include <wolfssl/wolfcrypt/mpi_class.h>
-
+#endif
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_first.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/main.c
index cfbe5a17..5e41a28f 100644
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_first.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/main.c
@@ -1,4 +1,4 @@
-/* wolfcrypt_first.c
+/* main.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,36 +19,31 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/* Espressif */
+#include <esp_log.h>
-/* This file needs to be linked first in order to work correctly */
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
-#ifdef HAVE_CONFIG_H
- #include <config.h>
-#endif
+/* project */
+#include "main.h"
-/* in case user set HAVE_FIPS there */
-#include <cyassl/ctaocrypt/settings.h>
+static const char* const TAG = "My Project";
-#ifdef HAVE_FIPS
+void app_main(void)
+{
+ ESP_LOGI(TAG, "Hello wolfSSL!");
-#ifdef USE_WINDOWS_API
- #pragma code_seg(".fipsA$a")
- #pragma const_seg(".fipsB$a")
+#ifdef HAVE_VERSION_EXTENDED_INFO
+ esp_ShowExtendedSystemInfo();
#endif
+#if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
+ esp_hw_show_metrics();
+#endif
-/* read only start address */
-const unsigned int wolfCrypt_FIPS_ro_start[] =
-{ 0x1a2b3c4d, 0x00000001 };
-
-
-/* first function of text/code segment */
-int wolfCrypt_FIPS_first(void);
-int wolfCrypt_FIPS_first(void)
-{
- return 0;
+ ESP_LOGI(TAG, "\n\nDone!"
+ "If running from idf.py monitor, press twice: Ctrl+]\n\n"
+ "WOLFSSL_COMPLETE\n" /* exit keyword for wolfssl_monitor.py */
+ );
}
-
-
-#endif /* HAVE_FIPS */
-
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type, SubType, Offset, Size, Flags
+nvs, data, nvs, 0x9000, 24K,
+phy_init,data, phy, 0xf000, 4K,
+factory, app, factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x6000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x4000,
+# otadata, data, ota, 0xd000, 0x2000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+# ota_0, app, ota_0, 0x110000, 1M,
+# ota_1, app, ota_1, 0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
new file mode 100644
index 00000000..88f1e113
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
@@ -0,0 +1,35 @@
+CONFIG_FREERTOS_HZ=1000
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+
+#
+# Default main stack size
+#
+# This is typically way bigger than needed for stack size. See user_settings.h
+#
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
+
+# Legacy stack size for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=10500
+
+#
+# Compiler options
+#
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
+CONFIG_COMPILER_HIDE_PATHS_MACROS=y
+CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+#
+# Partition Table
+#
+# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
+CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
+# CONFIG_PARTITION_TABLE_TWO_OTA is not set
+# CONFIG_PARTITION_TABLE_CUSTOM is not set
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
+CONFIG_PARTITION_TABLE_OFFSET=0x8000
+CONFIG_PARTITION_TABLE_MD5=y
+# end of Partition Table
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
index 430386e8..b49373e6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
@@ -1,6 +1,27 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+# v1.0
+#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+# WSL: /mnt/c/workspace
+# Linux: ~/workspace
+# Windows: C:\workspace
+#
+
+# Optionally specify a location for wolfSSL component source code
+# set(WOLFSSL_ROOT "c:/test/blogtest/wolfssl" )
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
index 17485107..7decc9aa 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
@@ -1,6 +1,59 @@
# wolfSSL Benchmark Example
-The Example contains of wolfSSL benchmark program.
+This ESP32 example uses the [wolfSSL wolfcrypt Benchmark Application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/benchmark).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## Espressif ESP Component Registry
+
+See the wolfSSL namespace at [components.espressif.com](https://components.espressif.com/components?q=wolfssl)
+
+
+## Windows COM Port
+
+All of these examples use COM20 on Windows. The DOS `change port` command can be use to assign any
+other local port to `COM20` as needed:
+
+```
+change port com20=com23
+```
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users,
+as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/)
+using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet | ESP-IDF v4.4 | ESP-IDF v5.1 |
+-------- |------------- |------------- |
+ESP32 | x | |
+ESP32-S2 | | |
+ESP32-S3 | x | x |
+ESP32-C3 | x | x |
+ESP32-C6 | | |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+Windows ports assigned with the `change port` command may not appear in the VisualGDB dropdowns but can still
+be used when manually typed.
+See the [feature request](https://sysprogs.com/w/forums/topic/feature-request-show-windows-change-port-results-in-com-port-dropdown-lists/).
+
+## ESP-IDF Commandline
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
@@ -22,17 +75,30 @@ Reminder than when building on WSL in `/mnt/c` there will be a noticeable perfor
Example build on WSL:
```
-Optionally install wolfSSL component
-# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
-./setup.sh
+Optionally update toolchain
+
+cd /mnt/c/SysGCC/esp32/esp-idf/master
+git fetch
+git pull
+git submodule update --init --recursive
cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
-# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32-8.4/esp-idf/v4.4.1
+WRK_IDF_PATH=~/esp/esp-idf
+
+. $WRK_IDF_PATH/export.sh
+# Set target SoC
+idf.py set-target esp32c3
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+# Optionally erase
+
+# Build and flash
+idf.py build flash -p /dev/ttyS20 -b 115200 monitor
```
## Example Output
@@ -42,7 +108,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
-Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 921600 monitor`:
+Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:
```
--- idf_monitor on /dev/ttyS7 115200 ---
@@ -186,5 +252,7 @@ compilation terminated.
A 'clean` may be needed after freshly installing a new component:
```
-idf.py clean build flash -p /dev/ttyS7 -b 921600 monitor
-``` \ No newline at end of file
+idf.py clean build flash -p /dev/ttyS7 -b 115200 monitor
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
index 3ce7c9b4..2ddadf89 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Project xsi:type="com.visualgdb.project.external.esp-idf">
<CustomSourceDirectories>
<Directories />
@@ -220,7 +220,7 @@
<DebugMethod>
<ID>openocd</ID>
<Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
- <CommandLine>-f interface/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+ <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
<ExtraParameters>
<Frequency xsi:nil="true" />
<BoostedFrequency xsi:nil="true" />
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
index eff35918..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
@@ -17,209 +17,435 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
#
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if( "$ENV{USER}" STREQUAL "" ) # the bash user
+ if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+ message(STATUS "could not find USER or USERNAME")
+ else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USERNAME}")
+ endif()
+else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+# set(WOLFSSL_ROOT "C:/some path/with/spaces")
+# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
+# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
+# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+# or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT "../../../../../../../" ABSOLUTE)
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+# parameter: DIRECTORY_PARAMETER - the directory to test
+# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+ if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+ set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+ else()
+ set(${RESULT} "" PARENT_SCOPE)
+ endif()
+endfunction()
-if($WOLFSSL_FOUND_IDF)
- message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
- message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
- message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+ message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+ set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+ if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+ message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+ else()
+ get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if("${FOUND_WOLFSSL}")
+ message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+ else()
+ message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+ message(STATUS "$ENV{WOLFSSL_ROOT}")
+ endif()
+ endif()
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+ # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+ message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+ message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
- message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+ # loop through all the parents, looking for wolfssl
+ while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+ # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+ if( THIS_USER )
+ # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+ message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
- "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
- "${WOLFSSL_ROOT}/wolfcrypt/test/"
- )
+ #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+ return()
+ endif()
+ endif()
-set(COMPONENT_REQUIRES lwip)
+ # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+ # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
+ # Move up one directory level
+ set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+ message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+ # when the search directory is empty, we'll give up
+ set(CURRENT_SEARCH_DIR "")
+ endif()
+ endwhile()
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
- #
- # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
- #
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
- message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
- message(STATUS "")
- message(STATUS "To proceed: ")
- message(STATUS "")
- message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
- message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
- message(STATUS "")
- message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
+ # If not found, set the output variable to empty before exiting
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
- # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+ message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+ idf_component_register(
+ REQUIRES "${COMPONENT_REQUIRES}"
+ PRIV_REQUIRES # esp_hw_support
+ esp_timer
+ driver # this will typically only be needed for wolfSSL benchmark
+ )
else()
- if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ # not CMAKE_BUILD_EARLY_EXPANSION
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config:")
+ message(STATUS "************************************************************************************************")
+
+ # search for wolfSSL
+ FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+ if(WOLFSSL_ROOT)
+ message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+ else()
+ message(STATUS "NEW wolfssl directory not found.")
+ # Abort. We need wolfssl _somewhere_.
+ message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+ "Try setting WOLFSSL_ROOT environment variable or git clone.")
+ endif()
+
+ set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+ endif()
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+ endif()
+
+ set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+ "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+ ) # COMPONENT_SRCDIRS
+
+ message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+ set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+ add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+ # Espressif may take several passes through this makefile. Check to see if we found IDF
+ string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+ # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+ file(GLOB EXCLUDE_ASM *.S)
+ file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+ message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+ message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+ #
+ # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+ #
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+ # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
- message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+ message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "")
+ message(STATUS "To proceed: ")
message(STATUS "")
+ message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+ message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+ message(STATUS "")
+ message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+ message(STATUS "")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+
+ # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
else()
- #
- # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
- # or if wolfSSL is simply installed as a local component.
- #
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+ if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in local project.
+ # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
#
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
- message(STATUS "")
- message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
- #
- # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
- #
- # We won't do anything else here, as it will be assumed the original install completed successfully.
- #
- else()
+ message(STATUS "")
+ message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "")
+ else()
+ #
+ # wolfSSL is not an ESP-IDF component.
+ # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+ # or if wolfSSL is simply installed as a local component.
+ #
+
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
#
- # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
- # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ # wolfSSL found in local project.
#
- message(STATUS "")
- message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+ message(STATUS "")
+ message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
+ #
+ # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+ #
+ # We won't do anything else here, as it will be assumed the original install completed successfully.
+ #
+ else() # full wolfSSL not installed in local project
+ #
+ # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+ # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ #
+ message(STATUS "")
+ message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
- message(STATUS "************************************************************************************************")
- # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
- # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
- #
- # first check if there's a [root]/include/user_settings.h
- if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
- # we won't overwrite an existing user settings file, just note that we already have one:
- message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
- else()
- message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
- endif() # user_settings.h
+ message(STATUS "************************************************************************************************")
+ # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+ # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+ #
+ # first check if there's a [root]/include/user_settings.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+ message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+ "${WOLFSSL_ROOT}/include/user_settings.h "
+ " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+ message(STATUS "Using existing wolfSSL user_settings.h in "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ else()
+ message(STATUS "Installing wolfSSL user_settings.h to "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+ DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+ endif()
+ endif() # user_settings.h
- # next check if there's a [root]/include/config.h
- if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
- message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
- else()
- message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
- file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
- endif() # config.h
- message(STATUS "************************************************************************************************")
- message(STATUS "")
- endif()
+ # next check if there's a [root]/include/config.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "Using existing wolfSSL config.h ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ else()
+ message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+ file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+ endif() # Project config.h
+ endif() # WOLFSSL_ROOT config.h
+ message(STATUS "************************************************************************************************")
+ message(STATUS "")
+ endif()
- else()
- # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
- if($WOLFSSL_FOUND_IDF)
- message(STATUS "")
- message(STATUS "WARNING: wolfSSL not found.")
- message(STATUS "")
else()
- # probably needs to be re-parsed by Espressif
- message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
- endif() # else we have not found ESP-IDF yet
- endif() # else not a local wolfSSL component
+ # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+ if($WOLFSSL_FOUND_IDF)
+ message(STATUS "")
+ message(STATUS "WARNING: wolfSSL not found.")
+ message(STATUS "")
+ else()
+ # probably needs to be re-parsed by Espressif
+ message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+ endif() # else we have not found ESP-IDF yet
+ endif() # else not a local wolfSSL component
+
+ endif() #else not an ESP-IDF component
+ endif() # else not local copy and EDP-IDF wolfSSL
- endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
+ # RTOS_IDF_PATH is typically:
+ # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+ # depending on the environment, we may need to swap backslashes with forward slashes
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ # ESP-IDF prior version 4.4x has a different RTOS directory structure
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ message(STATUS "Could not find RTOS path")
+ endif()
+ endif()
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH5}"
- "${WOLFSSL_ROOT}"
- )
-else()
+ "./include" # this is the location of wolfssl user_settings.h
+ "\"${WOLFSSL_ROOT}/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+ "\"${RTOS_IDF_PATH}/\""
+ )
- set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH}"
- "${WOLFSSL_ROOT}"
- )
-endif()
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
- list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+ if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+ endif()
+
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+ set(COMPONENT_SRCEXCLUDE
+ "\"${WOLFSSL_ROOT}/src/bio.c\""
+ "\"${WOLFSSL_ROOT}/src/conf.c\""
+ "\"${WOLFSSL_ROOT}/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/src/pk.c\""
+ "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/x509.c\""
+ "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+ "\"${EXCLUDE_ASM}\""
+ )
+
+ spaces2list(COMPONENT_REQUIRES)
+
+ separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+ separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+ separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+ #
+ # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+ #
+ message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+ message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+ message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+ message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+ #
+ # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+ #
+ set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+ idf_component_register(
+ SRC_DIRS "${COMPONENT_SRCDIRS}"
+ INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+ REQUIRES "${COMPONENT_REQUIRES}"
+ EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+ PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+ )
+ # some optional diagnostics
+ if (1)
+ get_cmake_property(_variableNames VARIABLES)
+ list (SORT _variableNames)
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES BEGIN")
+ message(STATUS "")
+ foreach (_variableName ${_variableNames})
+ message(STATUS "${_variableName}=${${_variableName}}")
+ endforeach()
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES END")
+ message(STATUS "")
+ endif()
+
+ # target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
-set(COMPONENT_SRCEXCLUDE
- "${WOLFSSL_ROOT}/src/bio.c"
- "${WOLFSSL_ROOT}/src/conf.c"
- "${WOLFSSL_ROOT}/src/misc.c"
- "${WOLFSSL_ROOT}/src/pk.c"
- "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/x509.c"
- "${WOLFSSL_ROOT}/src/x509_str.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
- "${EXCLUDE_ASM}"
- )
-set(COMPONENT_PRIV_INCLUDEDIRS ${IDF_PATH}/components/driver/include)
-
-register_component()
-
-# some optional diagnostics
-if (0)
- get_cmake_property(_variableNames VARIABLES)
- list (SORT _variableNames)
- message(STATUS "")
- message(STATUS "ALL VARIABLES BEGIN")
- message(STATUS "")
- foreach (_variableName ${_variableNames})
- message(STATUS "${_variableName}=${${_variableName}}")
- endforeach()
- message(STATUS "")
- message(STATUS "ALL VARIABLES END")
- message(STATUS "")
-endif()
# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
message(STATUS "")
message(STATUS "")
message(STATUS "********************************************************************")
@@ -230,3 +456,69 @@ endif()
# end multiple component check
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT: the name of the macro to define
+# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+ # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+ string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+ # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+ if(${IS_VALID_VALUE})
+ # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+ string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
+
+ # we'll could percolate the value to the parent for possible later use
+ # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+ # but we're only using it here in this function
+ set(${VAR_OUPUT} ${VAR_VALUE})
+
+ # we'll print what we found to the console
+ message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+ # the interesting part is defining the VAR_OUPUT name a value to use in the app
+ add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+ else()
+ # if we get here, check the execute_process command and parameters.
+ message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+ set(${VAR_OUPUT} "Unknown")
+ endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+ set (git_cmd "git")
+ message(STATUS "Adding macro definitions:")
+
+ # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config complete!")
+ message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..cc9bae6b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
@@ -0,0 +1,450 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+ /* ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+ #define HAVE_AES_KEYWRAP
+ #define HAVE_X963_KDF
+ #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+ #define WOLFSSL_ATECC508A
+ #define HAVE_PK_CALLBACKS
+ /* when you want to use a custom slot allocation for ATECC608A */
+ /* unless your configuration is unusual, you can use default */
+ /* implementation. */
+ /* #define CUSTOM_SLOT_ALLOCATION */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+ /* Define USE_FAST_MATH and SMALL_STACK */
+ #define ESP32_USE_RSA_PRIMITIVE
+
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+
+ /* NOTE HW unreliable for small values! */
+ /* threshold for performance adjustment for HW primitive use */
+ /* X bits of G^X mod P greater than */
+ #undef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 32
+
+ /* X and Y of X * Y mod P greater than */
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+
+ #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG */
+
+/* date/time */
+/* if it cannot adjust time in the device, */
+/* enable macro below */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT 0x349F00
+
+/* hash limit for test.c */
+#define HASH_SIZE_LIMIT
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/***** Use SP_MATH *****/
+/* #undef USE_FAST_MATH */
+/* #define SP_MATH */
+/* #define WOLFSSL_SP_MATH_ALL */
+/* #define WOLFSSL_SP_RISCV32 */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef WOLFSSL_KEY_GEN
+#undef WOLFSSL_CERT_REQ
+#undef WOLFSSL_CERT_GEN
+#undef WOLFSSL_CERT_EXT
+#undef WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
+
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
+
+ /* There's no AES or RSA/Math accelerator on the ESP32-C2
+ * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* wolfSSL Hardware Acceleration not yet implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+ /* TODO: Revisit ESP8266 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+ /* There's no Hardware Acceleration available on ESP8684 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP8684 *****/
+
+#else
+ /* Anything else encountered, disable HW accleration */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+/* Pause in a loop rather than exit. */
+#define WOLFSSL_ESPIDF_ERROR_PAUSE
+
+#define WOLFSSL_HW_METRICS
+
+/* for test.c */
+/* #define HASH_SIZE_LIMIT */
+
+/* Optionally turn off HW math checks */
+/* #define NO_HW_MATH_TEST */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+#else
+ #define USE_CERT_BUFFERS_2048
+ #define USE_CERT_BUFFERS_256
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
+
+/* See settings.h for some of the possible hardening options:
+ *
+ * #define NO_ESPIDF_DEFAULT
+ * #define WC_NO_CACHE_RESISTANT
+ * #define WC_AES_BITSLICED
+ * #define HAVE_AES_ECB
+ * #define HAVE_AES_DIRECT
+ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
index c107b46a..e37c4d5f 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
@@ -1,10 +1,9 @@
-
#
# wolfssl benchmark test
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
-set(COMPONENT_SRCS main.c)
+set(COMPONENT_SRCS "main.c")
set(COMPONENT_ADD_INCLUDEDIRS ".")
set (git_cmd "git")
@@ -19,7 +18,9 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
-register_component()
+idf_component_register(SRCS main.c
+ INCLUDE_DIRS "."
+ "./include")
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
index e19e22a5..0adf4564 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
@@ -1,8 +1,8 @@
#
# Main component makefile.
#
-# This Makefile can be left empty. By default, it will take the sources in the
-# src/ directory, compile them and link them into lib(subdirectory_name).a
+# This Makefile can be left empty. By default, it will take the sources in the
+# src/ directory, compile them and link them into lib(subdirectory_name).a
# in the build directory. This behaviour is entirely configurable,
# please read the ESP-IDF documents if you need to do this.
-# \ No newline at end of file
+#
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
index 21858920..219eb15d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
@@ -1,4 +1,3 @@
-#pragma once
/* benchmark main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
@@ -20,10 +19,12 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef _MAIN_
+#define _MAIN_
+
void app_main(void);
/* see wolfssl/wolfcrypt/benchmark/benchmark.h */
extern void wolf_benchmark_task();
-
-
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
index dc14bf23..855105e7 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+
/* ESP-IDF */
#include <esp_log.h>
#include "sdkconfig.h"
@@ -26,17 +27,23 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/version.h>
+#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#ifndef WOLFSSL_ESPIDF
- #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+ #warning "Problem with wolfSSL user_settings."
+ #warning "Check components/wolfssl/include"
#endif
#include <wolfssl/wolfcrypt/types.h>
#include <wolfcrypt/benchmark/benchmark.h>
+/* set to 0 for one benchmark,
+** set to 1 for continous benchmark loop */
+#define BENCHMARK_LOOP 1
+
/* check BENCH_ARGV in sdkconfig to determine need to set WOLFSSL_BENCH_ARGV */
#ifdef CONFIG_BENCH_ARGV
-#define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
-#define WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS 22 /* arbitrary number of max args */
+ #define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
+ #define WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS 22 /* arbitrary number of max args */
#endif
/*
@@ -67,6 +74,8 @@ static const char* const TAG = "wolfssl_benchmark";
static byte mSlotList[ATECC_MAX_SLOT];
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
/* initialize slot array */
void my_atmel_slotInit()
{
@@ -183,51 +192,18 @@ int construct_argv()
/* entry point */
void app_main(void)
{
+ int stack_start = 0;
+ ESP_LOGI(TAG, "---------------- wolfSSL Benchmark Example ------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
- ESP_LOGI(TAG, "");
- ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
- ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
- ESP_LOGI(TAG, "");
-#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
-#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
-#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
-#endif
-
- /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
- /* not available for C3 at this time */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
- ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#else
- ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#ifdef HAVE_VERSION_EXTENDED_INFO
+ esp_ShowExtendedSystemInfo();
#endif
- /* all platforms: stack high water mark check */
- ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
ESP_LOGI(TAG, "app_main CONFIG_BENCH_ARGV = %s", WOLFSSL_BENCH_ARGV);
/* when using atecc608a on esp32-wroom-32se */
@@ -251,15 +227,37 @@ void app_main(void)
/* although wolfCrypt_Init() may be explicitly called above,
** note it is still always called in wolf_benchmark_task.
*/
- wolf_benchmark_task();
- /* wolfCrypt_Cleanup should always be called at completion,
- ** and is called in wolf_benchmark_task().
- */
+ stack_start = uxTaskGetStackHighWaterMark(NULL);
+
+ do {
+ ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+
+ wolf_benchmark_task();
+ ESP_LOGI(TAG, "Stack used: %d\n",
+ stack_start - uxTaskGetStackHighWaterMark(NULL));
+
+ #ifdef WOLFSSL_HW_METRICS_DISABLED/* Remove _DISABLED upon #6990 Merge */
+ esp_hw_show_metrics();
+ #endif
+ } while (BENCHMARK_LOOP);
+ /* Reminder: wolfCrypt_Cleanup should always be called at completion,
+ ** and is called in wolf_benchmark_task(). */
+
+#if defined(SINGLE_THREADED)
+ /* need stack monitor for single thread */
+#else
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+#endif
+
+ ESP_LOGI(TAG, "\n\nDone!\n\n"
+ "If running from idf.py monitor, press twice: Ctrl+]");
/* after the test, we'll just wait */
while (1) {
- /* nothing */
+ /* do something other than nothing to help next program/debug session*/
+#ifndef SINGLE_THREADED
+ vTaskDelay(1000);
+#endif
}
#endif /* NO_CRYPT_BENCHMARK */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type, SubType, Offset, Size, Flags
+nvs, data, nvs, 0x9000, 24K,
+phy_init,data, phy, 0xf000, 4K,
+factory, app, factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x6000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x4000,
+# otadata, data, ota, 0xd000, 0x2000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+# ota_0, app, ota_0, 0x110000, 1M,
+# ota_1, app, ota_1, 0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
index 7312c0db..14d08bf9 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
@@ -1,11 +1,96 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+# v1.0
+#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+# WSL: /mnt/c/workspace
+# Linux: ~/workspace
+# Windows: C:\workspace
+#
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+ message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+ message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+ # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+ # So we'll error out and let the user decide how to proceed:
+ message(WARNING "\nFound wolfSSL components in\n"
+ "./managed_components/wolfssl__wolfssl\n"
+ "and\n"
+ "./components/wolfssl\n"
+ "in project directory: \n"
+ "${CMAKE_HOME_DIRECTORY}")
+ message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+ "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+ "or rename the idf_component.yml file typically found in ./main/")
+else()
+ message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
-# (Not part of the boilerplate)
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
-# disable the following line if there isn't the directory
-set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+ message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+ message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
project(wolfssl_client)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
index ee834071..21855add 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
@@ -1,6 +1,20 @@
-#wolfSSL Example
+# wolfSSL TLS Client Example
+
+This is the wolfSSL TLS Client demo, typically used with the [Espressif TLS Server](../wolfssl_server/README.md)
+or the CLI [Server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server).
+
+When using the CLI, see the [example parameters](/IDE/Espressif/ESP-IDF/examples#interaction-with-wolfssl-cli).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+## ESP-IDF Commandline
-The Example contains of wolfSSL tls client demo.
1. `idf.py menuconfig` to config the project
@@ -24,4 +38,41 @@ When you want to test the wolfSSL client
e.g. Launch ./examples/server/server -v 4 -b -i -d
-See the README.md file in the upper level 'examples' directory for more information about examples.
+## SM Ciphers
+
+#### Working Linux Client to ESP32 Server
+
+Command:
+
+```
+cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+
+```
+
+```
+cd /mnt/c/workspace/wolfssl-$USER
+
+./examples/client/client -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+```
+
+Output:
+
+```text
+SSL version is TLSv1.3
+SSL cipher suite is TLS_SM4_GCM_SM3
+SSL curve name is SM2P256V1
+I hear you fa shizzle!
+```
+
+#### Linux client to Linux server:
+
+```
+./examples/client/client -h 127.0.0.1 -v 4 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+./examples/server/server -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
new file mode 100644
index 00000000..01dd6baf
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
@@ -0,0 +1,512 @@
+# SM Cipher Notes
+
+
+### Install SM
+```
+cd /mnt/c/workspace/wolfsm-$USER
+./install.sh ../wolfssl-$USER
+```
+
+
+### Build Linux SM Examples
+```
+./autogen.sh
+./configure --enable-sm3 --enable-sm4-gcm --enable-sm2 \
+ --enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr \
+ --enable-sm4-gcm --enable-sm4-ccm
+make clean && make
+```
+
+### TLS 1.3 Server
+
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+### TLS 1.3 Client
+
+```
+./examples/client/client -h 127.0.0.1 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+```
+
+### TLS 1.2 Client to Local Linux Server
+
+```
+./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
+ -c ./certs/sm2/client-sm2.pem \
+ -k ./certs/sm2/client-sm2-priv.pem \
+ -A ./certs/sm2/root-sm2.pem -C
+```
+
+### TLS 1.2 Client to ESP32 Server
+
+```
+./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
+ -c ./certs/sm2/client-sm2.pem \
+ -k ./certs/sm2/client-sm2-priv.pem \
+ -A ./certs/sm2/root-sm2.pem -C
+```
+### Others...
+
+```
+# Success: Linux Client to ESP32 Server TLS1.2
+./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Success: Linux Client to ESP32 Server TLS1.3
+
+# Reported as TLS_SM4_GCM_SM3, but parameter is TLS13-SM4-GCM-SM3
+./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Reported as TLS-SM4-CCM-SM3, but parameter is TLS13-SM4-CCM-SM3
+./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+```
+
+```
+ESP32-to-ESP32
+TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+```
+
+Tried both PEM and DER format.
+
+The latest server is PEM format, triple-checked to have the embedded server
+be the same as the Linux server files.
+
+
+| Usage | Certificate | Key | Certificate Authority file, default ./certs/client-cert.pem |
+| ----- | ---------------------------------- | ----------------------------------- | --------------------------------- |
+| server | -c ./certs/sm2/server-sm2.pem | -k ./certs/sm2/server-sm2-priv.pem | -A ./certs/sm2/client-sm2.pem -V |
+| client | -c ./certs/sm2/client-sm2.pem | -k ./certs/sm2/client-sm2-priv.pem | -A ./certs/sm2/root-sm2.pem -C |
+| emdedded:
+| server | wolfSSL_CTX_use_certificate_buffer<br/> server_sm2 | wolfSSL_CTX_use_PrivateKey_buffer<br/> server_sm2_priv | wolfSSL_CTX_load_verify_buffer<br/> client-sm2 |
+
+### Code
+
+See [source code](https://github.com/gojimmypi/wolfssl/blob/2c4f443aec7b151f945cb9dfe2dad6ee30449cf0/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c#L187):
+
+![code](./code.png)
+
+
+### Linux client talking to embedded server:
+
+```
+/examples/client/client -h 192.168.1.108 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+wolfSSL_connect error -188, ASN no signer error to confirm failure
+wolfSSL error: wolfSSL_connect failed
+```
+
+Output:
+```
+ets Jul 29 2019 12:21:46
+
+rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:7000
+load:0x40078000,len:15452
+ho 0 tail 12 room 4
+load:0x40080400,len:3840
+entry 0x4008064c
+I (29) boot: ESP-IDF v5.0-dirty 2nd stage bootloader
+I (29) boot: compile time 13:40:31
+I (29) boot: chip revision: v3.0
+I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0
+I (39) boot.esp32: SPI Speed : 40MHz
+I (44) boot.esp32: SPI Mode : DIO
+I (48) boot.esp32: SPI Flash Size : 2MB
+I (53) boot: Enabling RNG early entropy source...
+I (58) boot: Partition Table:
+I (62) boot: ## Label Usage Type ST Offset Length
+I (69) boot: 0 nvs WiFi data 01 02 00009000 00006000
+I (77) boot: 1 phy_init RF data 01 01 0000f000 00001000
+I (84) boot: 2 factory factory app 00 00 00010000 00177000
+I (92) boot: End of partition table
+I (96) boot_comm: chip revision: 3, min. application chip revision: 0
+I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=338d8h (211160) map
+I (188) esp_image: segment 1: paddr=00043900 vaddr=3ffb0000 size=03b78h ( 15224) load
+I (194) esp_image: segment 2: paddr=00047480 vaddr=40080000 size=08b98h ( 35736) load
+I (209) esp_image: segment 3: paddr=00050020 vaddr=400d0020 size=c591ch (809244) map
+I (501) esp_image: segment 4: paddr=00115944 vaddr=40088b98 size=0c230h ( 49712) load
+I (522) esp_image: segment 5: paddr=00121b7c vaddr=50000000 size=00010h ( 16) load
+I (533) boot: Loaded app from partition at offset 0x10000
+I (533) boot: Disabling RNG early entropy source...
+I (545) cpu_start: Pro cpu up.
+I (545) cpu_start: Starting app cpu, entry point is 0x400812f4
+I (532) cpu_start: App cpu up.
+I (561) cpu_start: Pro cpu start user code
+I (561) cpu_start: cpu freq: 160000000 Hz
+I (561) cpu_start: Application information:
+I (566) cpu_start: Project name: wolfssl_server
+I (571) cpu_start: App version: v5.6.3-stable-1088-g560c84b2b-d
+I (578) cpu_start: Compile time: Jul 19 2023 22:20:09
+I (585) cpu_start: ELF file SHA256: 3e6e571c9e87bf44...
+I (591) cpu_start: ESP-IDF: v5.0-dirty
+I (596) heap_init: Initializing. RAM available for dynamic allocation:
+I (603) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (609) heap_init: At 3FFBDA68 len 00022598 (137 KiB): DRAM
+I (615) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (622) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (628) heap_init: At 40094DC8 len 0000B238 (44 KiB): IRAM
+I (636) spi_flash: detected chip: generic
+I (639) spi_flash: flash io: dio
+W (643) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the
+size in the binary image header.
+I (657) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+I (725) tls_server: ESP_WIFI_MODE_STA
+I (735) wifi:wifi driver task: 3ffcb738, prio:23, stack:6656, core=0
+I (735) system_api: Base MAC address is not set
+I (735) system_api: read default base MAC address from EFUSE
+I (755) wifi:wifi firmware version: 0d470ef
+I (755) wifi:wifi certification version: v7.0
+I (755) wifi:config NVS flash: enabled
+I (755) wifi:config nano formating: disabled
+I (755) wifi:Init data frame dynamic rx buffer num: 32
+I (765) wifi:Init management frame dynamic rx buffer num: 32
+I (765) wifi:Init management short buffer num: 32
+I (775) wifi:Init dynamic tx buffer num: 32
+I (775) wifi:Init static rx buffer size: 1600
+I (775) wifi:Init static rx buffer num: 10
+I (785) wifi:Init dynamic rx buffer num: 32
+I (785) wifi_init: rx ba win: 6
+I (795) wifi_init: tcpip mbox: 32
+I (795) wifi_init: udp mbox: 6
+I (795) wifi_init: tcp mbox: 6
+I (805) wifi_init: tcp tx win: 5744
+I (805) wifi_init: tcp rx win: 5744
+I (815) wifi_init: tcp mss: 1440
+I (815) wifi_init: WiFi IRAM OP enabled
+I (815) wifi_init: WiFi RX IRAM OP enabled
+I (825) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07
+I (925) wifi:mode : sta (24:d7:eb:41:7b:68)
+I (935) wifi:enable tsf
+I (935) tls_server: wifi_init_sta finished.
+I (945) wifi:new:<4,0>, old:<1,0>, ap:<255,255>, sta:<4,0>, prof:1
+I (945) wifi:state: init -> auth (b0)
+I (945) wifi:state: auth -> assoc (0)
+I (955) wifi:state: assoc -> run (10)
+W (955) wifi:<ba-add>idx:0 (ifx:0, c8:d7:19:cd:00:17), tid:0, ssn:0, winSize:64
+I (985) wifi:connected with testbench, aid = 1, channel 4, BW20, bssid = c8:d7:19:cd:00:17
+I (985) wifi:security: WPA2-PSK, phy: bgn, rssi: -45
+I (995) wifi:pm start, type: 1
+
+I (1065) wifi:AP's beacon interval = 102400 us, DTIM period = 1
+I (3225) esp_netif_handlers: sta ip: 192.168.1.108, mask: 255.255.255.0, gw: 192.168.1.10
+I (3225) tls_server: got ip:192.168.1.108
+I (3235) Time Helper: sntp_setservername:
+I (3235) Time Helper: pool.ntp.org
+I (3245) Time Helper: time.nist.gov
+I (3245) Time Helper: utcnist.colorado.edu
+I (3255) Time Helper: sntp_init done.
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3315) wolfssl: Start wolfSSL_Init()
+I (3315) wolfssl: wolfSSL Entering wolfSSL_Init
+I (3325) wolfssl: wolfSSL Entering wolfCrypt_Init
+I (3325) wolfssl: start socket())
+I (3335) wolfssl: Create and initialize WOLFSSL_CTX
+I (3335) wolfssl: wolfSSL Entering wolfSSLv23_server_method_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CTX_new_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CertManagerNew
+I (3355) wolfssl: wolfSSL Leaving wolfSSL_CTX_new_ex, return 0
+I (3365) tls_server: Start SM2
+
+I (3365) wolfssl: wolfSSL Entering wolfSSL_CTX_set_cipher_list
+I (3375) tls_server: Set cipher list: ECDHE-ECDSA-SM4-CBC-SM3
+
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3435) wolfssl: Loading certificate...
+I (3435) wolfssl: wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
+I (3445) wolfssl: wolfSSL Entering PemToDer
+I (3455) wolfssl: Checking cert signature type
+I (3455) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3465) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3465) wolfssl: Got Cert Header
+I (3475) wolfssl: wolfSSL Entering GetObjectId
+I (3475) wolfssl: Got Algo ID
+I (3475) wolfssl: Getting Name
+I (3485) wolfssl: Getting Cert Name
+I (3485) wolfssl: Getting Name
+I (3495) wolfssl: Getting Cert Name
+I (3495) wolfssl: Got Subject Name
+I (3495) wolfssl: wolfSSL Entering GetAlgoId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3515) wolfssl: Got Key
+I (3515) wolfssl: ECDSA/ED25519/ED448 cert signature
+I (3525) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_certificate_buffer, return 1
+I (3535) tls_server: Loaded server_sm2
+
+I (3535) wolfssl: Loading key info...
+I (3535) wolfssl: wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
+I (3545) wolfssl: wolfSSL Entering PemToDer
+I (3555) wolfssl: wolfSSL Entering GetAlgoId
+I (3555) wolfssl: wolfSSL Entering GetObjectId
+I (3565) wolfssl: wolfSSL Entering GetAlgoId
+I (3565) wolfssl: wolfSSL Entering GetObjectId
+I (3575) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_PrivateKey_buffer, return 1
+I (3575) tls_server: Loaded PrivateKey_buffer server_sm2_priv
+
+I (3585) wolfssl: wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
+I (3595) wolfssl: Processing CA PEM file
+I (3595) wolfssl: wolfSSL Entering PemToDer
+I (3605) wolfssl: Adding a CA
+I (3605) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3615) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3615) wolfssl: Got Cert Header
+I (3625) wolfssl: wolfSSL Entering GetObjectId
+I (3625) wolfssl: Got Algo ID
+I (3635) wolfssl: Getting Name
+I (3635) wolfssl: Getting Cert Name
+I (3635) wolfssl: Getting Name
+I (3645) wolfssl: Getting Cert Name
+I (3645) wolfssl: Got Subject Name
+I (3655) wolfssl: wolfSSL Entering GetAlgoId
+I (3655) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: Got Key
+I (3665) wolfssl: Parsed Past Key
+I (3675) wolfssl: wolfSSL Entering DecodeCertExtensions
+I (3675) wolfssl: wolfSSL Entering GetObjectId
+I (3685) wolfssl: wolfSSL Entering DecodeSubjKeyId
+I (3685) wolfssl: wolfSSL Entering GetObjectId
+I (3695) wolfssl: wolfSSL Entering DecodeAuthKeyId
+I (3705) wolfssl: wolfSSL Entering GetObjectId
+I (3705) wolfssl: wolfSSL Entering DecodeBasicCaConstraint
+I (3715) wolfssl: wolfSSL Entering GetObjectId
+I (3715) wolfssl: wolfSSL Entering DecodeAltNames
+I (3725) wolfssl: Unsupported name type, skipping
+I (3725) wolfssl: wolfSSL Entering GetObjectId
+I (3735) wolfssl: wolfSSL Entering DecodeExtKeyUsage
+I (3735) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3755) wolfssl: Parsed new CA
+I (3755) wolfssl: No key size check done on CA
+I (3765) wolfssl: Freeing Parsed CA
+I (3765) wolfssl: Freeing der CA
+I (3775) wolfssl: OK Freeing der CA
+I (3775) wolfssl: wolfSSL Leaving AddCA, return 0
+I (3785) wolfssl: Processed a CA
+I (3785) wolfssl: Processed at least one valid CA. Other stuff OK
+I (3795) wolfssl: wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return 1
+I (3795) tls_server: Success: load verify buffer
+
+I (3805) tls_server: Finish SM2
+
+I (3805) tls_server: accept clients...
+I (3815) wolfssl: Waiting for a connection...
+I (14485) wolfssl: wolfSSL Entering wolfSSL_new
+I (14495) wolfssl: wolfSSL Entering ReinitSSL
+I (14495) wolfssl: wolfSSL Entering SetSSL_CTX
+I (14495) wolfssl: wolfSSL Entering wolfSSL_NewSession
+I (14505) wolfssl: wolfSSL Leaving wolfSSL_new, return 0
+I (14505) wolfssl: wolfSSL Entering wolfSSL_set_fd
+I (14515) wolfssl: wolfSSL Entering wolfSSL_set_read_fd
+I (14515) wolfssl: wolfSSL Leaving wolfSSL_set_read_fd, return 1
+I (14525) wolfssl: wolfSSL Entering wolfSSL_set_write_fd
+I (14535) wolfssl: wolfSSL Leaving wolfSSL_set_write_fd, return 1
+I (14535) wolfssl: wolfSSL Entering wolfSSL_accept
+I (14545) wolfssl: wolfSSL Entering ReinitSSL
+I (14545) wolfssl: growing input buffer
+I (14555) wolfssl: received record layer msg
+I (14555) wolfssl: got HANDSHAKE
+I (14565) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14565) wolfssl: wolfSSL Entering DoTls13HandShakeMsg
+I (14575) wolfssl: wolfSSL Entering DoTls13HandShakeMsgType
+I (14575) wolfssl: processing client hello
+I (14585) wolfssl: wolfSSL Entering DoTls13ClientHello
+I (14595) wolfssl: wolfSSL Entering DoClientHello
+I (14595) wolfssl: downgrading to TLSv1.2
+I (14605) wolfssl: Matched No Compression
+I (14605) wolfssl: Adding signature algorithms extension
+I (14615) wolfssl: Signature Algorithms extension received
+I (14615) wolfssl: Point Formats extension received
+I (14625) wolfssl: Supported Groups extension received
+I (14625) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: wolfSSL Entering MatchSuite
+I (14645) wolfssl: wolfSSL Entering VerifyServerSuite
+I (14645) wolfssl: Requires ECC
+I (14655) wolfssl: Verified suite validity
+I (14655) wolfssl: wolfSSL Leaving DoClientHello, return 0
+I (14665) wolfssl: wolfSSL Leaving DoTls13ClientHello, return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsgType(), return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsg, return 0
+I (14685) wolfssl: Shrinking input buffer
+I (14685) wolfssl: accept state ACCEPT_CLIENT_HELLO_DONE
+I (14695) wolfssl: accept state ACCEPT_FIRST_REPLY_DONE
+I (14705) wolfssl: wolfSSL Entering SendServerHello
+I (14705) wolfssl: growing output buffer
+I (14715) internal.c: GrowOutputBuffer ok
+I (14715) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14725) wolfssl: Point Formats extension to write
+W (14735) wolfio: ssl->wflags = 0
+I (14735) wolfio: 16 03 03 00 52 02 00 00 4e 03 03 af 87 e2 58 57
+I (14735) wolfio: 73 c3 c1 35 1a 59 39 b2 03 9d 14 03 e0 b8 fb e8
+I (14745) wolfio: 9d 5b 9c 44 4f 57 4e 47 52 44 01 20 85 77 75 20
+I (14755) wolfio: 95 dd 00 e2 91 f8 42 33 f8 61 3f 1f de 81 15 58
+I (14755) wolfio: 23 0c e7 1e 71 e6 10 e5 67 23 e0 40 e0 11 00 00
+I (14765) wolfio: 06 00 0b 00 02 01 00
+W (14775) wolfio: sz = 87
+I (14775) wolfssl: Shrinking output buffer
+I (14775) wolfssl: wolfSSL Leaving SendServerHello, return 0
+I (14785) wolfssl: accept state SERVER_HELLO_SENT
+I (14795) wolfssl: wolfSSL Entering SendCertificate
+I (14795) wolfssl: growing output buffer
+I (14805) internal.c: GrowOutputBuffer ok
+W (14815) wolfio: ssl->wflags = 0
+I (14815) wolfio: 16 03 03 02 e6 0b 00 02 e2 00 02 df 00 02 dc 30
+I (14815) wolfio: 82 02 d8 30 82 02 7e a0 03 02 01 02 02 01 01 30
+I (14825) wolfio: 0a 06 08 2a 81 1c cf 55 01 83 75 30 81 ac 31 0b
+I (14835) wolfio: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06
+I (14835) wolfio: 03 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30
+I (14845) wolfio: 0e 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31
+I (14855) wolfio: 14 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53
+I (14855) wolfio: 4c 5f 73 6d 32 31 0f 30 0d 06 03 55 04 0b 0c 06
+I (14865) wolfio: 43 41 2d 73 6d 32 31 18 30 16 06 03 55 04 03 0c
+I (14875) wolfio: 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 63 6f 6d
+I (14875) wolfio: 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16
+I (14885) wolfio: 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 2e 63 6f
+I (14895) wolfio: 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 2c 64 01
+I (14895) wolfio: 01 0c 07 77 6f 6c 66 53 53 4c 30 1e 17 0d 32 33
+I (14905) wolfio: 30 32 31 35 30 36 32 33 30 37 5a 17 0d 32 35 31
+I (14915) wolfio: 31 31 31 30 36 32 33 30 37 5a 30 81 b0 31 0b 30
+I (14915) wolfio: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03
+I (14925) wolfio: 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 0e
+I (14935) wolfio: 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 14
+I (14945) wolfio: 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 4c
+I (14945) wolfio: 5f 73 6d 32 31 13 30 11 06 03 55 04 0b 0c 0a 53
+I (14955) wolfio: 65 72 76 65 72 2d 73 6d 32 31 18 30 16 06 03 55
+I (14965) wolfio: 04 03 0c 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e
+I (14965) wolfio: 63 6f 6d 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01
+I (14975) wolfio: 09 01 16 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c
+I (14985) wolfio: 2e 63 6f 6d 31 17 30 15 06 0a 09 92 26 89 93 f2
+I (14985) wolfio: 2c 64 01 01 0c 07 77 6f 6c 66 53 53 4c 30 5a 30
+I (14995) wolfio: 14 06 08 2a 81 1c cf 55 01 82 2d 06 08 2a 81 1c
+I (15005) wolfio: cf 55 01 82 2d 03 42 00 04 94 70 2b 46 e4 5e 0f
+I (15005) wolfio: 41 fb 8f 2d 34 0a 41 40 19 5e fb d4 1d 11 ac fa
+I (15015) wolfio: f5 93 37 c6 fa 87 08 f7 16 1f 2c ce 30 40 9d 4f
+I (15025) wolfio: a6 2a 0a a1 d6 95 33 c3 a6 03 98 e6 8d 05 34 b0
+I (15025) wolfio: 97 0c de a4 c7 cf 53 8f d1 a3 81 89 30 81 86 30
+I (15035) wolfio: 1d 06 03 55 1d 0e 04 16 04 14 67 ae 60 ff 7e 1b
+I (15045) wolfio: 0f 95 ae 1f 82 59 f2 6c 56 2d 93 ef 17 32 30 1f
+I (15045) wolfio: 06 03 55 1d 23 04 18 30 16 80 14 47 0a 48 7e bb
+I (15055) wolfio: 02 a8 5a 26 57 2b 19 a9 7b 61 8b 7f 5d 99 6e 30
+I (15065) wolfio: 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0e 06
+I (15075) wolfio: 03 55 1d 0f 01 01 ff 04 04 03 02 03 a8 30 13 06
+I (15075) wolfio: 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07
+I (15085) wolfio: 03 01 30 11 06 09 60 86 48 01 86 f8 42 01 01 04
+I (15095) wolfio: 04 03 02 06 40 30 0a 06 08 2a 81 1c cf 55 01 83
+I (15095) wolfio: 75 03 48 00 30 45 02 20 1b ca 94 28 7f f6 b2 0d
+I (15105) wolfio: 31 43 50 e1 d5 34 17 dd af 3a de 81 06 67 9a b3
+I (15115) wolfio: 06 22 7e 64 ec fd 0e b9 02 21 00 a1 48 a8 32 d1
+I (15115) wolfio: 05 09 6b 1c eb 89 12 66 d8 38 a1 c4 5c 89 09 0f
+I (15125) wolfio: fd e9 c0 3b 1d fb cd b5 4c 31 68
+W (15135) wolfio: sz = 747
+I (15135) wolfssl: Shrinking output buffer
+I (15135) wolfssl: wolfSSL Leaving SendCertificate, return 0
+I (15145) wolfssl: accept state CERT_SENT
+I (15155) wolfssl: wolfSSL Entering SendCertificateStatus
+I (15155) wolfssl: wolfSSL Leaving SendCertificateStatus, return 0
+I (15165) wolfssl: accept state CERT_STATUS_SENT
+I (15165) wolfssl: wolfSSL Entering SendServerKeyExchange
+I (15175) wolfssl: Using ephemeral ECDH
+I (15175) wolfssl: wolfSSL Entering EccMakeKey
+I (15535) wolfssl: wolfSSL Leaving EccMakeKey, return 0
+I (15535) wolfssl: Trying ECC private key, RSA didn't work
+I (15535) wolfssl: wolfSSL Entering GetAlgoId
+I (15545) wolfssl: wolfSSL Entering GetObjectId
+I (15555) wolfssl: Using ECC private key
+I (15555) wolfssl: wolfSSL Entering Sm2wSm3Sign
+I (15915) wolfssl: wolfSSL Leaving Sm2wSm3Sign, return 0
+I (15915) wolfssl: wolfSSL Entering SendHandshakeMsg
+I (15925) wolfssl: growing output buffer
+I (15925) internal.c: GrowOutputBuffer ok
+W (15925) wolfio: ssl->wflags = 0
+I (15935) wolfio: 16 03 03 00 95 0c 00 00 91 03 00 29 41 04 fd f5
+I (15935) wolfio: 5e 74 15 30 1d f3 84 ae a5 69 96 a9 5b dd 27 b3
+I (15945) wolfio: 00 7d 40 3a 59 93 93 6f 4d 1f 62 dc 60 48 34 1f
+I (15955) wolfio: a8 1d 34 b8 76 8f 8b 27 4a 1b 77 64 8e 2e d5 27
+I (15955) wolfio: 03 95 8b 9d a5 ed a4 a6 b9 40 1b ea aa 10 07 08
+I (15965) wolfio: 00 48 30 46 02 21 00 cb 89 61 e9 21 f9 c6 4d ad
+I (15975) wolfio: aa e7 f1 3f 6f 27 46 f0 35 ec 45 4e 8a ae f3 ac
+I (15985) wolfio: 7c c0 cf 68 11 44 e2 02 21 00 f6 40 5c bc 66 5a
+I (15985) wolfio: 74 1e 92 5d 9a 03 75 e7 7f 16 c2 b3 c8 fe 8d 5c
+I (15995) wolfio: 63 35 36 da 61 38 76 dc 4e d6
+W (15995) wolfio: sz = 154
+I (16005) wolfssl: Shrinking output buffer
+I (16005) wolfssl: wolfSSL Leaving SendServerKeyExchange, return 0
+I (16015) wolfssl: accept state KEY_EXCHANGE_SENT
+I (16025) wolfssl: accept state CERT_REQ_SENT
+I (16025) wolfssl: wolfSSL Entering SendServerHelloDone
+I (16035) wolfssl: growing output buffer
+I (16035) internal.c: GrowOutputBuffer ok
+W (16045) wolfio: ssl->wflags = 0
+I (16045) wolfio: 16 03 03 00 04 0e 00 00 00
+W (16045) wolfio: sz = 9
+I (16055) wolfssl: Embed Send error
+I (16055) wolfssl: Connection reset
+I (16065) int: Sent = -3
+W (16065) int: WOLFSSL_CBIO_ERR_CONN_RST
+E (16075) int: SOCKET_ERROR_E 2
+I (16075) wolfssl: wolfSSL Leaving SendServerHelloDone, return -308
+I (16085) wolfssl: wolfSSL error occurred, error = -308
+I (16085) wolfssl: wolfSSL Entering wolfSSL_get_error
+I (16095) wolfssl: wolfSSL Leaving wolfSSL_get_error, return -308
+E (16085) tls_server: wolfSSL_accept error -308
+I (16105) wolfssl: Client connected successfully
+I (16105) wolfssl: wolfSSL Entering wolfSSL_read
+I (16115) wolfssl: wolfSSL Entering wolfSSL_read_internal
+I (16125) wolfssl: wolfSSL Entering ReceiveData
+I (16125) wolfssl: User calling wolfSSL_read in error state, not allowed
+I (16135) wolfssl: wolfSSL Leaving wolfSSL_read_internal, return -308
+E (16145) tls_server: ERROR: failed to read
+I (16145) wolfssl: Client sends:
+I (16145) wolfssl:
+I (16155) wolfssl: wolfSSL Entering wolfSSL_write
+I (16155) wolfssl: handshake not complete, trying to finish
+I (16165) wolfssl: wolfSSL Entering wolfSSL_negotiate
+I (16165) wolfssl: wolfSSL Entering wolfSSL_accept
+I (16175) wolfssl: wolfSSL Entering ReinitSSL
+W (16185) wolfio: ssl->wflags = 0
+I (16185) wolfio: 16 03 03 00 04 0e 00 00 00
+W (16185) wolfio: sz = 9
+I (16195) wolfssl: Embed Send error
+I (16195) wolfssl: General error
+I (16205) int: Sent = -1
+E (16205) int: SOCKET_ERROR_E
+I (16205) wolfssl: wolfSSL error occurred, error = -308
+I (16215) wolfssl: wolfSSL Leaving wolfSSL_negotiate, return -1
+I (16225) wolfssl: wolfSSL Leaving wolfSSL_write, return -1
+E (16225) tls_server: ERROR: failed to write
+I (16235) wolfssl: wolfSSL Entering wolfSSL_free
+I (16235) wolfssl: Free'ing server ssl
+I (16245) wolfssl: Shrinking output buffer
+I (16245) wolfssl: wolfSSL Entering ClientSessionToSession
+I (16255) wolfssl: wolfSSL Entering wolfSSL_FreeSession
+I (16255) wolfssl: wolfSSL_FreeSession full free
+I (16265) wolfssl: CTX ref count not 0 yet, no free
+I (16265) wolfssl: wolfSSL Leaving wolfSSL_free, return 0
+I (16275) wolfssl: Waiting for a connection...
+```
+
+### Wireshark:
+
+![wireshark](./wireshark.png)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
new file mode 100644
index 00000000..701f38b6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
@@ -0,0 +1,52 @@
+# wolfSSL Project Files for Visual Studio 2022 with VisualGDB Extension
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users, as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/) using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet | ESP-IDF v4.4 | ESP-IDF v5.0 |
+-------- |------------- |------------- |
+ESP32 | x | |
+ESP32-S2 | | |
+ESP32-S3 | x | x |
+ESP32-C3 | x | x |
+ESP32-C6 | | |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+## Resources
+
+- [wolfSSL Website](https://www.wolfssl.com/)
+
+- [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
+
+- [FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
+
+- [wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
+
+- [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
+
+- [wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
+
+- [wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
+
+- [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
+
+- [wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
+
+- [Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
+
+## Support
+
+For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)
+
+<-- edit 5.6.0001 see https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB -->
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln
deleted file mode 100644
index 4314fe8d..00000000
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln
+++ /dev/null
@@ -1,31 +0,0 @@
-
-Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.33027.164
-MinimumVisualStudioVersion = 10.0.40219.1
-Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_client", "VisualGDB_wolfssl_client.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
-EndProject
-Global
- GlobalSection(SolutionConfigurationPlatforms) = preSolution
- Debug|VisualGDB = Debug|VisualGDB
- Release|VisualGDB = Release|VisualGDB
- Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
- Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
- EndGlobalSection
- GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
- {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
- EndGlobalSection
- GlobalSection(SolutionProperties) = preSolution
- HideSolutionNode = FALSE
- EndGlobalSection
- GlobalSection(ExtensibilityGlobals) = postSolution
- SolutionGuid = {D510376F-F313-4EF6-8EF5-248D1949DFEB}
- EndGlobalSection
-EndGlobal
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
new file mode 100644
index 00000000..a2be094c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
@@ -0,0 +1,56 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.6.33829.357
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_client_IDF_v5_ESP32", "wolfssl_client_IDF_v5_ESP32.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfssl", "wolfssl", "{5D78034B-FAE6-4B8D-8003-EC2B0993F286}"
+ ProjectSection(SolutionItems) = preProject
+ ..\..\..\..\..\..\wolfssl\error-ssl.h = ..\..\..\..\..\..\wolfssl\error-ssl.h
+ EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{53267705-B3FE-418C-975D-CD898BAF1F46}"
+ ProjectSection(SolutionItems) = preProject
+ ..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
+ ..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
+ EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{A51226B3-88A7-4463-B443-0E321C4A3D53}"
+ ProjectSection(SolutionItems) = preProject
+ ..\..\..\..\..\..\..\my_private_config.h = ..\..\..\..\..\..\..\my_private_config.h
+ ..\partitions_singleapp_large.csv = ..\partitions_singleapp_large.csv
+ ..\README.md = ..\README.md
+ ..\sdkconfig = ..\sdkconfig
+ ..\build\VisualGDB\Debug\config\sdkconfig.cmake = ..\build\VisualGDB\Debug\config\sdkconfig.cmake
+ ..\sdkconfig.defaults = ..\sdkconfig.defaults
+ ..\build\VisualGDB\Debug\config\sdkconfig.h = ..\build\VisualGDB\Debug\config\sdkconfig.h
+ EndProjectSection
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|VisualGDB = Debug|VisualGDB
+ Release|VisualGDB = Release|VisualGDB
+ Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+ Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+ {E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+ GlobalSection(NestedProjects) = preSolution
+ {53267705-B3FE-418C-975D-CD898BAF1F46} = {5D78034B-FAE6-4B8D-8003-EC2B0993F286}
+ EndGlobalSection
+ GlobalSection(ExtensibilityGlobals) = postSolution
+ SolutionGuid = {BA06FD8D-BEFD-429B-9F82-B6F34B43272E}
+ EndGlobalSection
+EndGlobal
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
index 69743018..4c2cf6dc 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Project xsi:type="com.visualgdb.project.external.esp-idf">
<CustomSourceDirectories>
<Directories />
@@ -18,9 +18,9 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
- <GCC>11.2.0</GCC>
- <GDB>9.2.90</GDB>
- <Revision>2</Revision>
+ <GCC>12.2.0</GCC>
+ <GDB>12.1</GDB>
+ <Revision>1</Revision>
</Version>
</ToolchainID>
<RelativeSourceDirectory>..</RelativeSourceDirectory>
@@ -67,11 +67,11 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
- <Version>release/v5.0</Version>
- <Subdirectory>esp-idf/v5.0</Subdirectory>
+ <Version>release/v5.1</Version>
+ <Subdirectory>esp-idf/v5.1</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
- <COMPort>COM20</COMPort>
+ <COMPort>COM19</COMPort>
<SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
<UseCCache>false</UseCCache>
<DeviceID>ESP32</DeviceID>
@@ -93,7 +93,7 @@
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
- <ComPortName>COM20</ComPortName>
+ <ComPortName>COM19</ComPortName>
<AdvancedSettings>
<BaudRate>115200</BaudRate>
<DataBits>8</DataBits>
@@ -104,7 +104,7 @@
</Connection>
<LastConnectionTime>0</LastConnectionTime>
<EchoTypedCharacters>false</EchoTypedCharacters>
- <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+ <ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
<ReconnectAutomatically>false</ReconnectAutomatically>
<DisplayMode>ASCII</DisplayMode>
<Colors>
@@ -220,7 +220,7 @@
<DebugMethod>
<ID>openocd</ID>
<Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
- <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+ <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f interface/ftdi/tigard.cfg -f target/esp32.cfg</CommandLine>
<ExtraParameters>
<Frequency xsi:nil="true" />
<BoostedFrequency xsi:nil="true" />
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
index 2423b802..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
@@ -17,206 +17,435 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
#
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if( "$ENV{USER}" STREQUAL "" ) # the bash user
+ if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+ message(STATUS "could not find USER or USERNAME")
+ else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USERNAME}")
+ endif()
+else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+# set(WOLFSSL_ROOT "C:/some path/with/spaces")
+# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
+# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
+# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+# or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT "../../../../../../../" ABSOLUTE)
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+# parameter: DIRECTORY_PARAMETER - the directory to test
+# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+ if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+ set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+ else()
+ set(${RESULT} "" PARENT_SCOPE)
+ endif()
+endfunction()
-if($WOLFSSL_FOUND_IDF)
- message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
- message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
- message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+ message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+ set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+ if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+ message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+ else()
+ get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if("${FOUND_WOLFSSL}")
+ message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+ else()
+ message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+ message(STATUS "$ENV{WOLFSSL_ROOT}")
+ endif()
+ endif()
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+ # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+ message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+ message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
- message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+ # loop through all the parents, looking for wolfssl
+ while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+ # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+ if( THIS_USER )
+ # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+ message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
- "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
- "${WOLFSSL_ROOT}/wolfcrypt/test/"
- )
+ #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+ return()
+ endif()
+ endif()
-set(COMPONENT_REQUIRES lwip)
+ # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+ # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
+ # Move up one directory level
+ set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+ message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+ # when the search directory is empty, we'll give up
+ set(CURRENT_SEARCH_DIR "")
+ endif()
+ endwhile()
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
- #
- # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
- #
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
- message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
- message(STATUS "")
- message(STATUS "To proceed: ")
- message(STATUS "")
- message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
- message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
- message(STATUS "")
- message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
+ # If not found, set the output variable to empty before exiting
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
- # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+ message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+ idf_component_register(
+ REQUIRES "${COMPONENT_REQUIRES}"
+ PRIV_REQUIRES # esp_hw_support
+ esp_timer
+ driver # this will typically only be needed for wolfSSL benchmark
+ )
else()
- if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ # not CMAKE_BUILD_EARLY_EXPANSION
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config:")
+ message(STATUS "************************************************************************************************")
+
+ # search for wolfSSL
+ FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+ if(WOLFSSL_ROOT)
+ message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+ else()
+ message(STATUS "NEW wolfssl directory not found.")
+ # Abort. We need wolfssl _somewhere_.
+ message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+ "Try setting WOLFSSL_ROOT environment variable or git clone.")
+ endif()
+
+ set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+ endif()
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+ endif()
+
+ set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+ "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+ ) # COMPONENT_SRCDIRS
+
+ message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+ set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+ add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+ # Espressif may take several passes through this makefile. Check to see if we found IDF
+ string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+ # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+ file(GLOB EXCLUDE_ASM *.S)
+ file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+ message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+ message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+ #
+ # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+ #
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+ # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
- message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+ message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "")
+ message(STATUS "To proceed: ")
message(STATUS "")
+ message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+ message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+ message(STATUS "")
+ message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+ message(STATUS "")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+
+ # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
else()
- #
- # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
- # or if wolfSSL is simply installed as a local component.
- #
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+ if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in local project.
+ # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
#
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
- message(STATUS "")
- message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
- #
- # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
- #
- # We won't do anything else here, as it will be assumed the original install completed successfully.
- #
- else()
+ message(STATUS "")
+ message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "")
+ else()
+ #
+ # wolfSSL is not an ESP-IDF component.
+ # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+ # or if wolfSSL is simply installed as a local component.
+ #
+
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
#
- # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
- # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ # wolfSSL found in local project.
#
- message(STATUS "")
- message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+ message(STATUS "")
+ message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
+ #
+ # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+ #
+ # We won't do anything else here, as it will be assumed the original install completed successfully.
+ #
+ else() # full wolfSSL not installed in local project
+ #
+ # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+ # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ #
+ message(STATUS "")
+ message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
- message(STATUS "************************************************************************************************")
- # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
- # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
- #
- # first check if there's a [root]/include/user_settings.h
- if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
- # we won't overwrite an existing user settings file, just note that we already have one:
- message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
- else()
- message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
- endif() # user_settings.h
+ message(STATUS "************************************************************************************************")
+ # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+ # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+ #
+ # first check if there's a [root]/include/user_settings.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+ message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+ "${WOLFSSL_ROOT}/include/user_settings.h "
+ " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+ message(STATUS "Using existing wolfSSL user_settings.h in "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ else()
+ message(STATUS "Installing wolfSSL user_settings.h to "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+ DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+ endif()
+ endif() # user_settings.h
- # next check if there's a [root]/include/config.h
- if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
- message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
- else()
- message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
- file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
- endif() # config.h
- message(STATUS "************************************************************************************************")
- message(STATUS "")
- endif()
+ # next check if there's a [root]/include/config.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "Using existing wolfSSL config.h ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ else()
+ message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+ file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+ endif() # Project config.h
+ endif() # WOLFSSL_ROOT config.h
+ message(STATUS "************************************************************************************************")
+ message(STATUS "")
+ endif()
- else()
- # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
- if($WOLFSSL_FOUND_IDF)
- message(STATUS "")
- message(STATUS "WARNING: wolfSSL not found.")
- message(STATUS "")
else()
- # probably needs to be re-parsed by Espressif
- message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
- endif() # else we have not found ESP-IDF yet
- endif() # else not a local wolfSSL component
+ # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+ if($WOLFSSL_FOUND_IDF)
+ message(STATUS "")
+ message(STATUS "WARNING: wolfSSL not found.")
+ message(STATUS "")
+ else()
+ # probably needs to be re-parsed by Espressif
+ message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+ endif() # else we have not found ESP-IDF yet
+ endif() # else not a local wolfSSL component
+
+ endif() #else not an ESP-IDF component
+ endif() # else not local copy and EDP-IDF wolfSSL
- endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
+ # RTOS_IDF_PATH is typically:
+ # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+ # depending on the environment, we may need to swap backslashes with forward slashes
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ # ESP-IDF prior version 4.4x has a different RTOS directory structure
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ message(STATUS "Could not find RTOS path")
+ endif()
+ endif()
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH5}"
- "${WOLFSSL_ROOT}"
- )
-else()
+ "./include" # this is the location of wolfssl user_settings.h
+ "\"${WOLFSSL_ROOT}/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+ "\"${RTOS_IDF_PATH}/\""
+ )
- set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH}"
- "${WOLFSSL_ROOT}"
- )
-endif()
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
- list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+ if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+ endif()
+
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+ set(COMPONENT_SRCEXCLUDE
+ "\"${WOLFSSL_ROOT}/src/bio.c\""
+ "\"${WOLFSSL_ROOT}/src/conf.c\""
+ "\"${WOLFSSL_ROOT}/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/src/pk.c\""
+ "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/x509.c\""
+ "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+ "\"${EXCLUDE_ASM}\""
+ )
+
+ spaces2list(COMPONENT_REQUIRES)
+
+ separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+ separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+ separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+ #
+ # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+ #
+ message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+ message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+ message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+ message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+ #
+ # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+ #
+ set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+ idf_component_register(
+ SRC_DIRS "${COMPONENT_SRCDIRS}"
+ INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+ REQUIRES "${COMPONENT_REQUIRES}"
+ EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+ PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+ )
+ # some optional diagnostics
+ if (1)
+ get_cmake_property(_variableNames VARIABLES)
+ list (SORT _variableNames)
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES BEGIN")
+ message(STATUS "")
+ foreach (_variableName ${_variableNames})
+ message(STATUS "${_variableName}=${${_variableName}}")
+ endforeach()
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES END")
+ message(STATUS "")
+ endif()
+
+ # target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
-set(COMPONENT_SRCEXCLUDE
- "${WOLFSSL_ROOT}/src/bio.c"
- "${WOLFSSL_ROOT}/src/conf.c"
- "${WOLFSSL_ROOT}/src/misc.c"
- "${WOLFSSL_ROOT}/src/pk.c"
- "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/x509.c"
- "${WOLFSSL_ROOT}/src/x509_str.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
- "${EXCLUDE_ASM}"
- )
-
-register_component()
-
-# some optional diagnostics
-if (0)
- get_cmake_property(_variableNames VARIABLES)
- list (SORT _variableNames)
- message(STATUS "")
- message(STATUS "ALL VARIABLES BEGIN")
- message(STATUS "")
- foreach (_variableName ${_variableNames})
- message(STATUS "${_variableName}=${${_variableName}}")
- endforeach()
- message(STATUS "")
- message(STATUS "ALL VARIABLES END")
- message(STATUS "")
-endif()
# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
message(STATUS "")
message(STATUS "")
message(STATUS "********************************************************************")
@@ -227,3 +456,69 @@ endif()
# end multiple component check
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT: the name of the macro to define
+# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+ # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+ string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+ # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+ if(${IS_VALID_VALUE})
+ # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+ string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
+
+ # we'll could percolate the value to the parent for possible later use
+ # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+ # but we're only using it here in this function
+ set(${VAR_OUPUT} ${VAR_VALUE})
+
+ # we'll print what we found to the console
+ message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+ # the interesting part is defining the VAR_OUPUT name a value to use in the app
+ add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+ else()
+ # if we get here, check the execute_process command and parameters.
+ message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+ set(${VAR_OUPUT} "Unknown")
+ endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+ set (git_cmd "git")
+ message(STATUS "Adding macro definitions:")
+
+ # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config complete!")
+ message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..de5e247c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
@@ -0,0 +1,427 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+#define HAVE_ED25519 /* ED25519 requires SHA512 */
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+ #define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+ #define HAVE_AES_KEYWRAP
+ #define HAVE_X963_KDF
+ #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+ #define WOLFSSL_ATECC508A
+ #define HAVE_PK_CALLBACKS
+ /* when you want to use a custom slot allocation for ATECC608A */
+ /* unless your configuration is unusual, you can use default */
+ /* implementation. */
+ /* #define CUSTOM_SLOT_ALLOCATION */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+ /* Define USE_FAST_MATH and SMALL_STACK */
+ #define ESP32_USE_RSA_PRIMITIVE
+
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+
+ /* NOTE HW unreliable for small values! */
+ /* threshold for performance adjustment for HW primitive use */
+ /* X bits of G^X mod P greater than */
+ #undef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 32
+
+ /* X and Y of X * Y mod P greater than */
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+
+ #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG */
+
+/* date/time */
+/* if it cannot adjust time in the device, */
+/* enable macro below */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT 0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/***** Use SP_MATH *****/
+/* #undef USE_FAST_MATH */
+/* #define SP_MATH */
+/* #define WOLFSSL_SP_MATH_ALL */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef WOLFSSL_KEY_GEN
+#undef WOLFSSL_CERT_REQ
+#undef WOLFSSL_CERT_GEN
+#undef WOLFSSL_CERT_EXT
+#undef WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
+
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
+
+ /* There's no AES or RSA/Math accelerator on the ESP32-C2
+ * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* wolfSSL Hardware Acceleration not yet implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+ /* TODO: Revisit ESP8266 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#else
+ /* Anything else encountered, disable HW accleration */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+#else
+ #define USE_CERT_BUFFERS_2048
+ #define USE_CERT_BUFFERS_256
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
index 60bb32a3..621eb870 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
@@ -1,12 +1,36 @@
-
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+# v1.0
#
# wolfssl client test
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
-set(COMPONENT_SRCS "client-tls.c" "wifi_connect.c")
-set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
-
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
set (git_cmd "git")
if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -19,7 +43,14 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
-register_component()
+## register_component()
+idf_component_register(SRCS main.c
+ wifi_connect.c
+ time_helper.c
+ client-tls.c
+ INCLUDE_DIRS "."
+ "./include")
+#
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
index 080abdb7..83dcd643 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
@@ -1,9 +1,15 @@
menu "Example Configuration"
-config TARGET_HOST
+config WOLFSSL_TARGET_HOST
string "Target host"
- default "127.0.01.1"
+ default "127.0.0.1"
help
host address for the example to connect
-
+
+config WOLFSSL_TARGET_PORT
+ int "Target port"
+ default 11111
+ help
+ host port for the example to connect
+
endmenu
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
index 5c2efde6..9d5d26db 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
@@ -1,4 +1,4 @@
-/* client-tls-callback.c
+/* client-tls.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,40 +18,108 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-/* the usual suspects */
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
-/* ESP specific */
-#include "wifi_connect.h"
+#include "client-tls.h"
+
+/* Espressif FreeRTOS */
+#ifndef SINGLE_THREADED
+ #include <freertos/FreeRTOS.h>
+ #include <freertos/task.h>
+ #include <freertos/event_groups.h>
+#endif
/* socket includes */
-#include "lwip/netdb.h"
-#include "lwip/sockets.h"
+#include <lwip/netdb.h>
+#include <lwip/sockets.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
+#include "user_settings.h"
#include <wolfssl/ssl.h>
-#include <wolfssl/certs_test.h>
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
+#ifndef NO_DH
+ /* see also wolfssl/test.h */
+ #undef DEFAULT_MIN_DHKEY_BITS
+ #define DEFAULT_MIN_DHKEY_BITS 1024
+
+ #undef DEFAULT_MAX_DHKEY_BITS
+ #define DEFAULT_MAX_DHKEY_BITS 2048
+#endif
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_CLIENT_CERT client_sm2
+ #define CTX_CLIENT_CERT_SIZE sizeof_client_sm2
+ #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_CLIENT_KEY client_sm2_priv
+ #define CTX_CLIENT_KEY_SIZE sizeof_client_sm2_priv
+ #define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_PEM
+#else
+ #include <wolfssl/certs_test.h>
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_CLIENT_CERT client_cert_der_2048
+ #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
+ #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_CLIENT_KEY client_key_der_2048
+ #define CTX_CLIENT_KEY_SIZE sizeof_client_key_der_2048
+ #define CTX_CLIENT_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
+
+/* Project */
+#include "wifi_connect.h"
+#include "time_helper.h"
+
+/* working TLS 1.2 VS client app commandline param:
+ *
+ * -h 192.168.1.128 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+ *
+ * working Linux, non-working VS c app
+ *
+ * -h 192.168.1.128 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+ *
+ **/
static const char* const TAG = "tls_client";
#if defined(DEBUG_WOLFSSL)
+int stack_start = -1;
-static void ShowCiphers(void)
+int ShowCiphers(WOLFSSL* ssl)
{
- char ciphers[4096];
-
- int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+ #define CLIENT_TLS_MAX_CIPHER_LENGTH 4096
+ char ciphers[CLIENT_TLS_MAX_CIPHER_LENGTH];
+ const char* cipher_used;
+ int ret = 0;
+
+ if (ssl == NULL) {
+ ESP_LOGI(TAG, "WOLFSSL* ssl is NULL, so no cipher in use");
+ ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+ if (ret == WOLFSSL_SUCCESS) {
+ for (int i = 0; i < CLIENT_TLS_MAX_CIPHER_LENGTH; i++) {
+ if (ciphers[i] == ':') {
+ ciphers[i] = '\n';
+ }
+ }
+ ESP_LOGI(TAG, "Available Ciphers:\n%s\n", ciphers);
+ }
+ else {
+ ESP_LOGE(TAG, "Failed to call wolfSSL_get_ciphers. Error %d", ret);
+ }
+ }
+ else {
+ cipher_used = wolfSSL_get_cipher_name(ssl);
+ ESP_LOGI(TAG, "WOLFSSL* ssl using %s", cipher_used);
+ }
- if (ret == WOLFSSL_SUCCESS)
- printf("%s\n", ciphers);
+ return ret;
}
#endif
@@ -69,13 +137,13 @@ static void ShowCiphers(void)
static byte mSlotList[ATECC_MAX_SLOT];
int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
- atmel_slot_dealloc_cb dealloc);
+ atmel_slot_dealloc_cb dealloc);
/* initialize slot array */
void my_atmel_slotInit()
{
int i;
- for(i=0;i<ATECC_MAX_SLOT; i++) {
+ for (i = 0; i < ATECC_MAX_SLOT; i++) {
mSlotList[i] = ATECC_INVALID_SLOT;
}
}
@@ -84,7 +152,7 @@ int my_atmel_alloc(int slotType)
{
int i, slot = -1;
- switch(slotType){
+ switch (slotType) {
case ATMEL_SLOT_ENCKEY:
slot = 2;
break;
@@ -98,8 +166,8 @@ int my_atmel_alloc(int slotType)
slot = 4;
break;
case ATMEL_SLOT_ANY:
- for(i=0;i<ATECC_MAX_SLOT;i++){
- if(mSlotList[i] == ATECC_INVALID_SLOT){
+ for (i = 0; i < ATECC_MAX_SLOT; i++) {
+ if (mSlotList[i] == ATECC_INVALID_SLOT) {
slot = i;
break;
}
@@ -111,88 +179,173 @@ int my_atmel_alloc(int slotType)
/* free slot array */
void my_atmel_free(int slotId)
{
- if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+ if (slotId >= 0 && slotId < ATECC_MAX_SLOT) {
mSlotList[slotId] = ATECC_INVALID_SLOT;
}
}
-#endif /* CUSTOM_SLOT_ALLOCATION */
+#endif /* CUSTOM_SLOT_ALLOCATION */
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
/* client task */
-void tls_smp_client_task()
+WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
{
- int ret;
+#if defined(SINGLE_THREADED)
+ int ret = ESP_OK;
+ #define TLS_SMP_CLIENT_TASK_RET ret
+#else
+ #define TLS_SMP_CLIENT_TASK_RET
+#endif
+ char buff[256];
+ const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n";
+ const char* ch = TLS_SMP_TARGET_HOST; /* see wifi_connect.h */
+ struct sockaddr_in servAddr;
+
+ struct hostent *hp;
+ struct ip4_addr *ip4_addr;
+ int ret_i; /* interim return values */
int sockfd;
int doPeerCheck;
int sendGet;
- struct sockaddr_in servAddr;
- char buff[256];
- const char* ch = TLS_SMP_TARGET_HOST;
+#ifndef NO_DH
+ int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
+#endif
size_t len;
- struct hostent *hp;
- struct ip4_addr *ip4_addr;
- const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n";
/* declare wolfSSL objects */
- WOLFSSL_CTX *ctx;
- WOLFSSL *ssl;
+ WOLFSSL_CTX* ctx;
+ WOLFSSL* ssl;
- WOLFSSL_ENTER("tls_smp_client_task");
+ wolfSSL_Debugging_ON();
+ WOLFSSL_ENTER(TLS_SMP_CLIENT_TASK_NAME);
- doPeerCheck = 0;
+ doPeerCheck = 1;
sendGet = 0;
#ifdef DEBUG_WOLFSSL
WOLFSSL_MSG("Debug ON");
- wolfSSL_Debugging_ON();
- ShowCiphers();
+ ShowCiphers(NULL);
#endif
/* Initialize wolfSSL */
wolfSSL_Init();
- /* Create a socket that uses an internet IPv4 address,
+ /* Create a socket that uses an Internet IPv4 address,
* Sets the socket to be stream based (TCP),
* 0 means choose the default protocol. */
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
- ESP_LOGE(TAG,"ERROR: failed to create the socket\n");
+ ESP_LOGE(TAG, "ERROR: failed to create the socket\n");
}
ESP_LOGI(TAG, "get target IP address");
hp = gethostbyname(TLS_SMP_TARGET_HOST);
if (!hp) {
- ESP_LOGE(TAG, "Failed to get host name.");
- ip4_addr = NULL;
- } else {
-
- ip4_addr = (struct ip4_addr *)hp->h_addr;
- ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
+ ESP_LOGE(TAG, "Failed to get host name.");
+ ip4_addr = NULL;
}
+ else {
+ ip4_addr = (struct ip4_addr *)hp->h_addr;
+ }
+
/* Create and initialize WOLFSSL_CTX */
- if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
- ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL_CTX\n");
+ ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); /* SSL 3.0 - TLS 1.3. */
+ /* options: */
+ /* ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); only TLS 1.2 */
+ /* ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); only TLS 1.3 */
+ /* wolfSSL_CTX_NoTicketTLSv12(); */
+ /* wolfSSL_NoTicketTLSv12(); */
+ if (ctx == NULL) {
+ ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX\n");
}
- WOLFSSL_MSG("Loading...cert");
- /* Load client certificates into WOLFSSL_CTX */
- if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
- sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
- ESP_LOGE(TAG,"ERROR: failed to load %d, please check the file.\n",ret);
+
+#if defined(WOLFSSL_ESP32_CIPHER_SUITE)
+ ESP_LOGI(TAG, "Start SM2\n");
+
+/*
+ *
+ * reference code for SM Ciphers:
+ *
+ #if defined(HAVE_AESGCM) && !defined(NO_DH)
+ #ifdef WOLFSSL_TLS13
+ defaultCipherList = "TLS13-AES128-GCM-SHA256"
+ #ifndef WOLFSSL_NO_TLS12
+ ":DHE-PSK-AES128-GCM-SHA256"
+ #endif
+ ;
+ #else
+ defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
+ #endif
+ #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13)
+ defaultCipherList = "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256"
+ #ifndef WOLFSSL_NO_TLS12
+ ":PSK-AES128-GCM-SHA256"
+ #endif
+ ;
+ #elif defined(HAVE_NULL_CIPHER)
+ defaultCipherList = "PSK-NULL-SHA256";
+ #elif !defined(NO_AES_CBC)
+ defaultCipherList = "PSK-AES128-CBC-SHA256";
+ #else
+ defaultCipherList = "PSK-AES128-GCM-SHA256";
+ #endif
+*/
+
+ ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE);
+ if (ret == WOLFSSL_SUCCESS) {
+ ESP_LOGI(TAG, "Set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
}
- /* not peer check */
- if( doPeerCheck == 0 ){
+ else {
+ ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
+ }
+#endif
+
+#ifdef DEBUG_WOLFSSL
+ ShowCiphers(NULL);
+ ESP_LOGI(TAG,
+ "Stack used: %d\n",
+ CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+#endif
+
+/* see user_settings PROJECT_DH for HAVE_DH and HAVE_FFDHE_2048 */
+#ifndef NO_DH
+ ret = wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
+ if (ret != SSL_SUCCESS) {
+ ESP_LOGE(TAG, "Error setting minimum DH key size");
+ }
+#endif
+
+ /* no peer check */
+ if (doPeerCheck == 0) {
+ ESP_LOGW(TAG, "doPeerCheck == 0");
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
- } else {
+ }
+ else {
+ ESP_LOGW(TAG, "doPeerCheck != 0");
WOLFSSL_MSG("Loading... our cert");
/* load our certificate */
- if ((ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, client_cert_der_2048,
- sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
- ESP_LOGE(TAG,"ERROR: failed to load chain %d, please check the file.\n",ret);
+ ret_i = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
+ CTX_CLIENT_CERT,
+ CTX_CLIENT_CERT_SIZE,
+ CTX_CLIENT_CERT_TYPE);
+ if (ret_i != SSL_SUCCESS) {
+ ESP_LOGE(TAG, "ERROR: failed to load chain %d, please check the file.\n", ret_i);
}
- if ((ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,
- sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
- wolfSSL_CTX_free(ctx); ctx = NULL;
- ESP_LOGE(TAG,"ERROR: failed to load key %d, please check the file.\n", ret);
+ /* Load client certificates into WOLFSSL_CTX */
+ WOLFSSL_MSG("Loading...cert");
+ ret_i = wolfSSL_CTX_load_verify_buffer(ctx,
+ CTX_CA_CERT,
+ CTX_CA_CERT_SIZE,
+ CTX_CA_CERT_TYPE);
+
+ ret_i = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+ CTX_CLIENT_KEY,
+ CTX_CLIENT_KEY_SIZE,
+ CTX_CLIENT_KEY_TYPE);
+ if(ret_i != SSL_SUCCESS) {
+ wolfSSL_CTX_free(ctx) ; ctx = NULL ;
+ ESP_LOGE(TAG, "ERROR: failed to load key %d, "
+ "please check the file.\n", ret_i) ;
}
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, 0);
@@ -202,37 +355,60 @@ void tls_smp_client_task()
memset(&servAddr, 0, sizeof(servAddr));
/* Fill in the server address */
- servAddr.sin_family = AF_INET; /* using IPv4 */
- servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+ servAddr.sin_family = AF_INET; /* using IPv4 */
+ servAddr.sin_port = htons(TLS_SMP_DEFAULT_PORT); /* on DEFAULT_PORT */
- if(*ch >= '1' && *ch <= '9') {
+ if (*ch >= '1' && *ch <= '9') {
/* Get the server IPv4 address from the command line call */
WOLFSSL_MSG("inet_pton");
- if ((ret = inet_pton(AF_INET, TLS_SMP_TARGET_HOST,
- &servAddr.sin_addr)) != 1) {
- ESP_LOGE(TAG,"ERROR: invalid address ret=%d\n", ret);
+ if ((ret_i = inet_pton(AF_INET,
+ TLS_SMP_TARGET_HOST,
+ &servAddr.sin_addr)) != 1) {
+ ESP_LOGE(TAG, "ERROR: invalid address ret=%d\n", ret_i);
}
- } else {
+ }
+ else {
servAddr.sin_addr.s_addr = ip4_addr->addr;
}
/* Connect to the server */
- sprintf(buff, "Connecting to server....%s(port:%d)", TLS_SMP_TARGET_HOST
- , DEFAULT_PORT);
+ sprintf(buff,
+ "Connecting to server....%s(port:%d)",
+ TLS_SMP_TARGET_HOST,
+ TLS_SMP_DEFAULT_PORT);
WOLFSSL_MSG(buff);
- printf("%s\n",buff);
- if ((ret = connect(sockfd, (struct sockaddr *)&servAddr,
- sizeof(servAddr))) == -1){
- ESP_LOGE(TAG,"ERROR: failed to connect ret=%d\n", ret);
+ printf("%s\n", buff);
+
+ if ((ret_i = connect(sockfd,
+ (struct sockaddr *)&servAddr,
+ sizeof(servAddr))) == -1) {
+ ESP_LOGE(TAG, "ERROR: failed to connect ret=%d\n", ret_i);
}
WOLFSSL_MSG("Create a WOLFSSL object");
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
- ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL object\n");
+ ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object\n");
+ }
+ else {
+#ifdef DEBUG_WOLFSSL
+ ESP_LOGI(TAG, "\nCreated WOLFSSL object:");
+ ShowCiphers(ssl);
+#endif
}
- /* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_SM2)
+ /* SM TLS1.3 Cipher needs to have key share explicitly set. */
+ ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
+ if (ret == WOLFSSL_SUCCESS) {
+ ESP_LOGI(TAG, "Successfully set WOLFSSL_ECC_SM2P256V1");
+ }
+ else {
+ ESP_LOGE(TAG, "FAILED to set WOLFSSL_ECC_SM2P256V1");
+ }
+#endif
+ /* when using atecc608a on esp32-wroom-32se */
+
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
atcatls_set_callbacks(ctx);
@@ -248,37 +424,46 @@ void tls_smp_client_task()
WOLFSSL_MSG("Connect to wolfSSL on the server side");
/* Connect to wolfSSL on the server side */
- if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
- ESP_LOGE(TAG,"ERROR: failed to connect to wolfSSL\n");
- }
+ if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
+#ifdef DEBUG_WOLFSSL
+ ShowCiphers(ssl);
+#endif
+ /* Get a message for the server from stdin */
+ WOLFSSL_MSG("Message for server: ");
+ memset(buff, 0, sizeof(buff));
+
+ if (sendGet) {
+ printf("SSL connect ok, sending GET...\n");
+ len = XSTRLEN(sndMsg);
+ strncpy(buff, sndMsg, len);
+ buff[len] = '\0';
+ }
+ else {
+ sprintf(buff, "message from esp32 tls client\n");
+ len = strnlen(buff, sizeof(buff));
+ }
+ /* Send the message to the server */
+ if (wolfSSL_write(ssl, buff, len) != len) {
+ ESP_LOGE(TAG, "ERROR: failed to write\n");
+ }
- /* Get a message for the server from stdin */
- WOLFSSL_MSG("Message for server: ");
- memset(buff, 0, sizeof(buff));
-
- if(sendGet){
- printf("SSL connect ok, sending GET...\n");
- len = XSTRLEN(sndMsg);
- strncpy(buff, sndMsg, len);
- buff[len] = '\0';
- } else {
- sprintf(buff, "message from esp32 tls client\n");
- len = strnlen(buff, sizeof(buff));
- }
- /* Send the message to the server */
- if (wolfSSL_write(ssl, buff, len) != len) {
- ESP_LOGE(TAG,"ERROR: failed to write\n");
- }
+ /* Read the server data into our buff array */
+ memset(buff, 0, sizeof(buff));
+ if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
+ ESP_LOGE(TAG, "ERROR: failed to read\n");
+ }
- /* Read the server data into our buff array */
- memset(buff, 0, sizeof(buff));
- if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
- ESP_LOGE(TAG,"ERROR: failed to read\n");
+ /* Print to stdout any data the server sends */
+ printf("Server: ");
+ printf("%s\n", buff);
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL\n");
}
+#ifdef DEBUG_WOLFSSL
+ ShowCiphers(ssl);
+#endif
- /* Print to stdout any data the server sends */
- printf("Server:");
- printf("%s", buff);
/* Cleanup and return */
wolfSSL_free(ssl); /* Free the wolfSSL object */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
@@ -287,5 +472,32 @@ void tls_smp_client_task()
vTaskDelete(NULL);
- return; /* Return reporting a success */
+ return TLS_SMP_CLIENT_TASK_RET;
+}
+
+#if defined(SINGLE_THREADED)
+ /* we don't initialize a single thread, so no init function here */
+#else
+/* create task */
+WOLFSSL_ESP_TASK tls_smp_client_init(void* args)
+{
+ int ret;
+#if ESP_IDF_VERSION_MAJOR >= 4
+ TaskHandle_t _handle;
+#else
+ xTaskHandle _handle;
+#endif
+ /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+ ret = xTaskCreate(tls_smp_client_task,
+ TLS_SMP_CLIENT_TASK_NAME,
+ TLS_SMP_CLIENT_TASK_WORDS,
+ NULL,
+ TLS_SMP_CLIENT_TASK_PRIORITY,
+ &_handle);
+
+ if (ret != pdPASS) {
+ ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
+ }
+ return TLS_SMP_CLIENT_TASK_RET;
}
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
new file mode 100644
index 00000000..1188ee36
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
@@ -0,0 +1,71 @@
+/* server-tls.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _SERVER_TLS_
+#define _SERVER_TLS_
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include "sdkconfig.h"
+
+/* See main/Kconfig.projbuild for default configuration settings */
+#ifdef CONFIG_WOLFSSL_TARGET_HOST
+ #define TLS_SMP_TARGET_HOST CONFIG_WOLFSSL_TARGET_HOST
+#else
+ #define TLS_SMP_TARGET_HOST "192.168.1.38"
+#endif
+
+#ifdef CONFIG_WOLFSSL_TARGET_PORT
+ #define TLS_SMP_DEFAULT_PORT CONFIG_WOLFSSL_TARGET_PORT
+#else
+ #define TLS_SMP_DEFAULT_PORT 11111
+#endif
+
+#define TLS_SMP_CLIENT_TASK_NAME "tls_client_example"
+#define TLS_SMP_CLIENT_TASK_WORDS 22240
+#define TLS_SMP_CLIENT_TASK_PRIORITY 8
+
+#if defined(SINGLE_THREADED)
+ #define WOLFSSL_ESP_TASK int
+#else
+ #include "freertos/FreeRTOS.h"
+ #define WOLFSSL_ESP_TASK void
+#endif
+
+typedef struct {
+ int port;
+ int loops;
+} tls_args;
+
+/* Function to show the ciphers available / in use. */
+#if defined(DEBUG_WOLFSSL)
+ int ShowCiphers(WOLFSSL* ssl);
+#endif
+
+/* This is the TLS Client function, possibly in an RTOS thread. */
+WOLFSSL_ESP_TASK tls_smp_client_task(void* args);
+
+/* init will create an RTOS task, otherwise server is simply function call. */
+#if defined(SINGLE_THREADED)
+ /* no init neded */
+#else
+ WOLFSSL_ESP_TASK tls_smp_client_init(void* args);
+#endif
+#endif /* _SERVER_TLS_ */
diff --git a/extra/wolfssl/wolfssl/cyassl/error-ssl.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
index 4546d5e1..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/error-ssl.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
@@ -1,4 +1,4 @@
-/* error-ssl.h
+/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef _MAIN_H_
+#define _MAIN_H_
-
-#include <wolfssl/error-ssl.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
new file mode 100644
index 00000000..a47f9400
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.001 */
+
+#ifndef _TIME_HELPER_H
+#define _TIME_HELPER_H
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* a function to show the current data and time */
+int esp_show_current_datetime();
+
+/* worst case, if GitHub time not available, used fixed time */
+int set_fixed_default_time(void);
+
+/* set time from string (e.g. GitHub commit time) */
+int set_time_from_string(char* time_buffer);
+
+/* set time from NTP servers,
+ * also initially calls set_fixed_default_time or set_time_from_string */
+int set_time(void);
+
+/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
+int set_time_wait_for_ntp(void);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* #ifndef _TIME_HELPER_H */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
index 7b85be22..644ce00d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
@@ -1,4 +1,4 @@
-/* user_settings.h
+/* wifi_connect.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,26 +18,76 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-#ifndef _TLS_WIFI_H_
-#define _TLS_WIFI_H_
-
-#include "esp_idf_version.h"
-#include "esp_log.h"
-#include "esp_wifi.h"
-#if ESP_IDF_VERSION_MAJOR >= 4
- #include "esp_event.h"
-#else
- #include "esp_event_loop.h"
-#endif
+#ifndef _WIFI_CONNECT_H_
+#define _WIFI_CONNECT_H_
-#define DEFAULT_PORT 11111
+#include <esp_idf_version.h>
+#include <esp_log.h>
-#define TLS_SMP_CLIENT_TASK_NAME "tls_client_example"
-#define TLS_SMP_CLIENT_TASK_WORDS 10240
-#define TLS_SMP_CLIENT_TASK_PRIORITY 8
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#define TLS_SMP_WIFI_SSID CONFIG_WIFI_SSID
#define TLS_SMP_WIFI_PASS CONFIG_WIFI_PASSWORD
-#define TLS_SMP_TARGET_HOST CONFIG_TARGET_HOST
+#define USE_WIFI_EXAMPLE
+#ifdef USE_WIFI_EXAMPLE
+ #include "esp_netif.h"
+ #include "protocol_examples_common.h" /* see project CMakeLists.txt */
#endif
+
+/**
+ ******************************************************************************
+ ******************************************************************************
+ ** USER APPLICATION SETTINGS BEGIN
+ ******************************************************************************
+ ******************************************************************************
+ **/
+
+/* when using a private config with plain text passwords,
+ * file my_private_config.h should be excluded from git updates */
+/* #define USE_MY_PRIVATE_CONFIG */
+
+#ifdef USE_MY_PRIVATE_CONFIG
+ #if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
+ #include "/workspace/my_private_config.h"
+ #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
+ #include "/mnt/c/workspace/my_private_config.h"
+ #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
+ #include "~/workspace/my_private_config.h"
+ #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
+ #include "~/Documents/my_private_config.h"
+ #else
+ #warning "did not detect environment. using ~/my_private_config.h"
+ #include "~/my_private_config.h"
+ #endif
+#else
+
+ /*
+ ** The examples use WiFi configuration that you can set via project
+ ** configuration menu
+ **
+ ** If you'd rather not, just change the below entries to strings with
+ ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
+ */
+ #ifdef CONFIG_ESP_WIFI_SSID
+ #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
+ #else
+ #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
+ #endif
+
+ #ifdef CONFIG_ESP_WIFI_PASSWORD
+ #define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
+ #else
+ #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
+ #endif
+#endif
+
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
+
+int wifi_init_sta(void);
+
+int wifi_show_ip(void);
+
+#endif /* _WIFI_CONNECT_H_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
new file mode 100644
index 00000000..add43ada
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
@@ -0,0 +1,267 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "sdkconfig.h"
+#include "main.h"
+
+/* ESP specific */
+#include <nvs_flash.h>
+#include <esp_log.h>
+#include <esp_event.h>
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <user_settings.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#ifndef WOLFSSL_ESPIDF
+ #warning "Problem with wolfSSL user_settings."
+ #warning "Check components/wolfssl/include"
+#endif
+
+/* this project */
+#include "client-tls.h"
+#include "time_helper.h"
+
+#ifndef CONFIG_IDF_TARGET_ESP32H2
+ /* There's no WiFi on ESP32-H2.
+ * For wired ethernet, see:
+ * https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
+ #include "wifi_connect.h"
+#endif
+
+#ifdef WOLFSSL_TRACK_MEMORY
+ #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "TLS Client";
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+ && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use a custom slot allocation */
+/* enable the definition CUSTOM_SLOT_ALLOCATION. */
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+ int i;
+ for(i = 0;i < ATECC_MAX_SLOT;i++) {
+ mSlotList[i] = ATECC_INVALID_SLOT;
+ }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+ int i, slot = -1;
+
+ switch(slotType){
+ case ATMEL_SLOT_ENCKEY:
+ slot = 4;
+ break;
+ case ATMEL_SLOT_DEVICE:
+ slot = 0;
+ break;
+ case ATMEL_SLOT_ECDHE:
+ slot = 0;
+ break;
+ case ATMEL_SLOT_ECDHE_ENC:
+ slot = 4;
+ break;
+ case ATMEL_SLOT_ANY:
+ for(i = 0;i < ATECC_MAX_SLOT;i++){
+ if(mSlotList[i] == ATECC_INVALID_SLOT){
+ slot = i;
+ break;
+ }
+ }
+ }
+
+ return slot;
+}
+
+/* free slot array */
+void my_atmel_free(int slotId)
+{
+ if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+ mSlotList[slotId] = ATECC_INVALID_SLOT;
+ }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* for FreeRTOS */
+void app_main(void)
+{
+ int stack_start = 0;
+ esp_err_t ret = 0;
+ ESP_LOGI(TAG, "---------------- wolfSSL TLS Client Example ------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+#ifdef ESP_TASK_MAIN_STACK
+ ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
+#endif
+#ifdef TASK_EXTRA_STACK_SIZE
+ ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
+#endif
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
+ CONFIG_ESP_MAIN_TASK_STACK_SIZE,
+ (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
+
+ /* Returns the high water mark of the stack associated with xTask. That is,
+ * the minimum free stack space there has been (in bytes not words, unlike
+ * vanilla FreeRTOS) since the task started. The smaller the returned
+ * number the closer the task has come to overflowing its stack.
+ * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
+ */
+ stack_start = uxTaskGetStackHighWaterMark(NULL);
+ ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
+#endif
+
+#ifdef HAVE_VERSION_EXTENDED_INFO
+ esp_ShowExtendedSystemInfo();
+#endif
+
+ /* Set time for cert validation.
+ * Some lwIP APIs, including SNTP functions, are not thread safe. */
+ ret = set_time(); /* need to setup NTP before WiFi */
+
+ /* Optionally erase flash */
+ /* ESP_ERROR_CHECK(nvs_flash_erase()); */
+
+#ifdef FOUND_PROTOCOL_EXAMPLES_DIR
+ ESP_LOGI(TAG, "FOUND_PROTOCOL_EXAMPLES_DIR active, using example code.");
+ ESP_ERROR_CHECK(nvs_flash_init());
+
+ #if defined(CONFIG_IDF_TARGET_ESP32H2)
+ ESP_LOGE(TAG, "There's no WiFi on ESP32-H2.");
+ #else
+ #ifdef CONFIG_EXAMPLE_WIFI_SSID
+ if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is myssid.");
+ ESP_LOGW(TAG, " Do you have a WiFi AP called myssid, or ");
+ ESP_LOGW(TAG, " did you forget the ESP-IDF configuration?");
+ }
+ #else
+ #define CONFIG_EXAMPLE_WIFI_SSID "myssid"
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+ #endif
+ ESP_ERROR_CHECK(esp_netif_init());
+ ESP_ERROR_CHECK(esp_event_loop_create_default());
+ ESP_ERROR_CHECK(example_connect());
+ #endif
+#else
+ ESP_ERROR_CHECK(nvs_flash_init());
+
+ /* Initialize NVS */
+ ret = nvs_flash_init();
+ if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
+ ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
+ ESP_ERROR_CHECK(nvs_flash_erase());
+ ret = nvs_flash_init();
+ }
+ ESP_ERROR_CHECK(ret);
+
+ #if defined(CONFIG_IDF_TARGET_ESP32H2)
+ ESP_LOGE(TAG, "There's no WiFi on ESP32-H2. ");
+ #else
+ /* Initialize WiFi */
+ ESP_LOGI(TAG, "ESP_WIFI_MODE_STA");
+ ret = wifi_init_sta();
+ while (ret != 0) {
+ ESP_LOGI(TAG, "Waiting...");
+ vTaskDelay(60000 / portTICK_PERIOD_MS);
+ ESP_LOGI(TAG, "Trying WiFi again...");
+ ret = wifi_init_sta();
+ }
+ #endif
+#endif
+
+ /* Once we are connected to the network, start & wait for NTP time */
+ ret = set_time_wait_for_ntp();
+
+ if (ret < -1) {
+ /* a value of -1 means there was no NTP server, so no need to wait */
+ ESP_LOGI(TAG, "Waiting 10 more seconds for NTP to complete." );
+ vTaskDelay(10000 / portTICK_PERIOD_MS); /* brute-force solution */
+ esp_show_current_datetime();
+ }
+
+ /* HWM is maximum amount of stack space that has been unused, in bytes
+ * not words (unlike vanilla freeRTOS). */
+ ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
+ CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - (uxTaskGetStackHighWaterMark(NULL))
+ );
+ ESP_LOGI(TAG, "Starting TLS Client task ...\n");
+
+#if defined(SINGLE_THREADED)
+ /* just call the task */
+ tls_smp_client_task((void*)NULL);
+#else
+ tls_args args[1] = {0};
+ /* start a thread with the task */
+ args[0].loops = 10;
+ args[0].port = 11111;
+ tls_smp_client_init(args);
+/* optional additional client threads
+ tls_smp_client_init(args);
+ tls_smp_client_init(args);
+ tls_smp_client_init(args);
+ tls_smp_client_init(args);
+ tls_smp_client_init(args);
+ tls_smp_client_init(args);
+ tls_smp_client_init(args);
+*/
+#endif
+
+ ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
+ vTaskDelete(NULL);
+ /* done */
+ while (1) {
+ ESP_LOGV(TAG, "\n\nLoop...\n\n");
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+ ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - (uxTaskGetStackHighWaterMark(NULL) ));
+#endif
+
+#if defined(SINGLE_THREADED)
+ ESP_LOGV(TAG, "\n\nDone!\n\n");
+ while (1);
+#else
+ vTaskDelay(60000);
+#endif
+ } /* done whle */
+
+} /* app_main */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
new file mode 100644
index 00000000..5149d2e6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
@@ -0,0 +1,333 @@
+/* time_helper.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.002 */
+#include "esp_idf_version.h"
+#include "sdkconfig.h"
+#include "time_helper.h"
+
+#include <esp_log.h>
+
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+ #if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
+ #define HAS_ESP_NETIF_SNTP 1
+ #include <lwip/apps/sntp.h>
+ #include <esp_netif_sntp.h>
+ #else
+ #include <string.h>
+ #include <esp_sntp.h>
+ #endif
+#else
+ /* TODO Consider pre IDF v5? */
+#endif
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+const static char* TAG = "time_helper";
+
+/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
+#ifndef TIME_ZONE
+/*
+ * PST represents Pacific Standard Time.
+ * +8 specifies the offset from UTC (Coordinated Universal Time), indicating
+ * that Pacific Time is UTC-8 during standard time.
+ * PDT represents Pacific Daylight Time.
+ * M3.2.0 indicates that Daylight Saving Time (DST) starts on the
+ * second (2) Sunday (0) of March (3).
+ * M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11)
+ */
+ #define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
+#endif /* not defined: TIME_ZONE, so we are setting our own */
+
+#define NTP_RETRY_COUNT 10
+
+/* NELEMS(x) number of elements
+ * To determine the number of elements in the array, we can divide the total
+ * size of the array by the size of the array element.
+ * See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
+ **/
+#define NELEMS(x) ( (int)(sizeof(x) / sizeof((x)[0])) )
+
+/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
+#define NTP_SERVER_LIST ( (char*[]) { \
+ "pool.ntp.org", \
+ "time.nist.gov", \
+ "utcnist.colorado.edu" \
+ } \
+ )
+/* #define NTP_SERVER_COUNT using NELEMS:
+ *
+ * (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
+ */
+#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
+
+#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
+ /* We should find max value in sdkconfig, if not set it to our count:*/
+ #define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
+#endif
+
+char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
+
+/* our NTP server list is global info */
+extern char* ntpServerList[NTP_SERVER_COUNT];
+
+/* Show the current date and time */
+int esp_show_current_datetime()
+{
+ time_t now;
+ char strftime_buf[64];
+ struct tm timeinfo;
+
+ time(&now);
+ setenv("TZ", TIME_ZONE, 1);
+ tzset();
+
+ localtime_r(&now, &timeinfo);
+ strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+ ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+ return 0;
+}
+
+/* the worst-case scenario is a hard-coded date/time */
+int set_fixed_default_time(void)
+{
+ /* ideally, we'd like to set time from network,
+ * but let's set a default time, just in case */
+ struct tm timeinfo = {
+ .tm_year = 2023 - 1900,
+ .tm_mon = 10,
+ .tm_mday = 02,
+ .tm_hour = 13,
+ .tm_min = 01,
+ .tm_sec = 05
+ };
+ struct timeval now;
+ time_t interim_time;
+ int ret = -1;
+
+ /* set interim static time */
+ interim_time = mktime(&timeinfo);
+
+ ESP_LOGI(TAG, "Adjusting time from fixed value");
+ now = (struct timeval){ .tv_sec = interim_time };
+ ret = settimeofday(&now, NULL);
+
+ return ret;
+}
+
+/* set_time_from_string(s)
+ *
+ * returns 0 = success if able to set the time from the provided string
+ * error for any other value, typically -1 */
+int set_time_from_string(char* time_buffer)
+{
+ /* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
+ const char *format = "%3s %3s %d %d:%d:%d %d %s";
+ struct tm this_timeinfo;
+ struct timeval now;
+ time_t interim_time;
+ char offset[6]; /* expecting trailing single quote, not used */
+ char day_str[4];
+ char month_str[4];
+ int day, year, hour, minute, second;
+ int quote_offset = 0;
+ int ret = 0;
+
+ /* we are expecting the string to be encapsulated in single quotes */
+ if (*time_buffer == 0x27) {
+ quote_offset = 1;
+ }
+
+ ret = sscanf(time_buffer + quote_offset,
+ format,
+ day_str, month_str,
+ &day, &hour, &minute, &second, &year, &offset);
+
+ if (ret == 8) {
+ /* we found a match for all componets */
+
+ const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+
+ for (int i = 0; i < 12; i++) {
+ if (strcmp(month_str, months[i]) == 0) {
+ this_timeinfo.tm_mon = i;
+ break;
+ }
+ }
+
+ this_timeinfo.tm_mday = day;
+ this_timeinfo.tm_hour = hour;
+ this_timeinfo.tm_min = minute;
+ this_timeinfo.tm_sec = second;
+ this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
+
+ interim_time = mktime(&this_timeinfo);
+ now = (struct timeval){ .tv_sec = interim_time };
+ ret = settimeofday(&now, NULL);
+ ESP_LOGI(TAG, "Time updated to %s", time_buffer);
+ }
+ else {
+ ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
+ ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
+ set_fixed_default_time();
+ ret = -1;
+ }
+ return ret;
+}
+
+/* set time; returns 0 if succecssfully configured with NTP */
+int set_time(void)
+{
+#ifndef NTP_SERVER_COUNT
+ ESP_LOGW(TAG, "Warning: no sntp server names defined. "
+ "Setting to empty list");
+ #define NTP_SERVER_COUNT 0
+ #warning "NTP not properly configured"
+#endif /* not defined: NTP_SERVER_COUNT */
+
+#ifdef HAS_ESP_NETIF_SNTP
+ #if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
+ esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
+ NTP_SERVER_COUNT,
+ ESP_SNTP_SERVER_LIST(ntpServerList[0])
+ );
+ #else
+ esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
+ #endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
+#endif /* HAS_ESP_NETIF_SNTP */
+
+ int ret = 0;
+ int i = 0; /* counter for time servers */
+
+ ESP_LOGI(TAG, "Setting the time. Startup time:");
+ esp_show_current_datetime();
+
+#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
+ /* initialy set a default approximate time from recent git commit */
+ ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
+ set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+ esp_show_current_datetime();
+
+ ret = -4;
+#else
+ /* otherwise set a fixed time that was hard coded */
+ set_fixed_default_time();
+ ret = -3;
+#endif
+
+#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
+ config.smooth_sync = true;
+#endif
+
+ if (NTP_SERVER_COUNT) {
+ /* next, let's setup NTP time servers
+ *
+ * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
+ *
+ * WARNING: do not set operating mode while SNTP client is running!
+ */
+ /* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL); */
+ sntp_setoperatingmode(SNTP_OPMODE_POLL);
+ if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
+ ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
+ "CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
+ NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
+ }
+ ESP_LOGI(TAG, "sntp_setservername:");
+ for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
+ const char* thisServer = ntpServerList[i];
+ if (strncmp(thisServer, "\x00", 1) == 0) {
+ /* just in case we run out of NTP servers */
+ break;
+ }
+ ESP_LOGI(TAG, "%s", thisServer);
+ sntp_setservername(i, thisServer);
+ }
+ #ifdef HAS_ESP_NETIF_SNTP
+ ret = esp_netif_sntp_init(&config);
+ #else
+ ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
+ "of updated SNTP libraries");
+ #endif
+ if (ret == ESP_OK) {
+ ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
+ }
+
+ sntp_init();
+ switch (ret) {
+ case ESP_ERR_INVALID_STATE:
+ break;
+ default:
+ break;
+ }
+ ESP_LOGI(TAG, "sntp_init done.");
+ }
+ else {
+ ESP_LOGW(TAG, "No sntp time servers found.");
+ ret = -1;
+ }
+ return ret;
+}
+
+/* wait for NTP to actually set the time */
+int set_time_wait_for_ntp(void)
+{
+ int ret = 0;
+#ifdef HAS_ESP_NETIF_SNTP
+ int ntp_retry = 0;
+ const int ntp_retry_count = NTP_RETRY_COUNT;
+
+ ret = esp_netif_sntp_start();
+
+ ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
+#endif /* HAS_ESP_NETIF_SNTP */
+ esp_show_current_datetime();
+
+#ifdef HAS_ESP_NETIF_SNTP
+ while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
+ ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
+ ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
+ ntp_retry,
+ ntp_retry_count);
+ esp_show_current_datetime();
+ }
+#endif /* HAS_ESP_NETIF_SNTP */
+
+#ifdef TIME_ZONE
+ setenv("TZ", TIME_ZONE, 1);
+ tzset();
+#endif
+
+ if (ret == ESP_OK) {
+ ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
+ }
+ else {
+ ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
+ "result = 0x%0x: %s",
+ ret, esp_err_to_name(ret));
+ }
+ return ret;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
index eb0c3c66..b9f9ab73 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
@@ -18,92 +18,52 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-/*ESP specific */
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-#include "wifi_connect.h"
-#include "lwip/sockets.h"
-#include "lwip/netdb.h"
-#include "lwip/apps/sntp.h"
-#include "nvs_flash.h"
+ #include "wifi_connect.h"
+
+#include <freertos/FreeRTOS.h>
+#include <freertos/task.h>
+#include <freertos/event_groups.h>
+#include <esp_wifi.h>
+#include <esp_log.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
-#include <user_settings.h>
+#include "user_settings.h"
#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifndef WOLFSSL_ESPIDF
- #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+ #warning "Problem with wolfSSL user_settings."
+ #warning "Check components/wolfssl/include"
#endif
-#if ESP_IDF_VERSION_MAJOR >= 4
+#if ESP_IDF_VERSION_MAJOR >= 5
+#elif ESP_IDF_VERSION_MAJOR >= 4
#include "protocol_examples_common.h"
#else
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
-/* proto-type */
-extern void tls_smp_client_task();
-static void tls_smp_client_init();
-
-const static char *TAG = "tls_client";
-
-static void set_time()
-{
- /* set dummy wallclock time. */
- struct timeval utctime;
- struct timezone tz;
- struct strftime_buf;
- time_t now;
- struct tm timeinfo;
- char strftime_buf[64];
- /* please update the time if seeing unknown failure when loading cert. */
- /* this could cause TLS communication failure due to time expiration */
- /* incleasing 31536000 seconds is close to spend 356 days. */
- utctime.tv_sec = 1645797600; /* dummy time: Fri 25 Feb 2022 02:00:00 2022 */
- utctime.tv_usec = 0;
- tz.tz_minuteswest = 0;
- tz.tz_dsttime = 0;
-
- settimeofday(&utctime, &tz);
-
- time(&now);
- localtime_r(&now, &timeinfo);
-
- strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
- ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
-
-#if ESP_IDF_VERSION_MAJOR < 4
- /* wait until wifi connect */
- xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
- false, true, portMAX_DELAY);
-#endif
- /* now we start client tasks. */
- tls_smp_client_init();
-}
-
-/* create task */
-static void tls_smp_client_init(void)
-{
- int ret;
-#if ESP_IDF_VERSION_MAJOR >= 4
- TaskHandle_t _handle;
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+ #if ESP_IDF_VERSION_MAJOR >= 4
+ /* likely using examples, see wifi_connect.h */
+ #else
+ /* TODO - still supporting pre V4 ? */
+ const static int CONNECTED_BIT = BIT0;
+ static EventGroupHandle_t wifi_event_group;
+ #endif
+ #if (ESP_IDF_VERSION_MAJOR == 5)
+ #define HAS_WPA3_FEATURES
+ #else
+ #undef HAS_WPA3_FEATURES
+ #endif
#else
- xTaskHandle _handle;
+ /* TODO Consider pre IDF v5? */
#endif
- /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
- ret = xTaskCreate(tls_smp_client_task,
- TLS_SMP_CLIENT_TASK_NAME,
- TLS_SMP_CLIENT_TASK_WORDS,
- NULL,
- TLS_SMP_CLIENT_TASK_PRIORITY,
- &_handle);
-
- if (ret != pdPASS) {
- ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
- }
-}
+
+/* breadcrumb prefix for logging */
+const static char *TAG = "wifi_connect";
+
#if ESP_IDF_VERSION_MAJOR < 4
/* event handler for wifi events */
static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
@@ -121,7 +81,7 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
ESP_LOGI(TAG, "got ip:%s",
ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
#endif
- /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+ /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
break;
case SYSTEM_EVENT_STA_DISCONNECTED:
@@ -133,99 +93,184 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
}
return ESP_OK;
}
-#endif
-/* entry point */
-void app_main(void)
-{
- ESP_LOGI(TAG, "Start app_main...");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
- ESP_LOGI(TAG, "");
- ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
- ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
- ESP_LOGI(TAG, "");
-#endif
+#else
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#ifdef CONFIG_ESP_MAXIMUM_RETRY
+ #define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
+#else
+ #define CONFIG_ESP_MAXIMUM_RETRY 5
#endif
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#if CONFIG_ESP_WIFI_AUTH_OPEN
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
+#elif CONFIG_ESP_WIFI_AUTH_WEP
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
+#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
#endif
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
+ #define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
+ #define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#endif
+/* FreeRTOS event group to signal when we are connected*/
+static EventGroupHandle_t s_wifi_event_group;
- /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
- /* not available for C3 at this time */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
- ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#else
- ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#endif
+/* The event group allows multiple bits for each event, but we only care about two events:
+ * - we are connected to the AP with an IP
+ * - we failed to connect after the maximum amount of retries */
+#define WIFI_CONNECTED_BIT BIT0
+#define WIFI_FAIL_BIT BIT1
- /* all platforms: stack high water mark check */
- ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+static int s_retry_num = 0;
+ip_event_got_ip_t* event;
- ESP_ERROR_CHECK(nvs_flash_init());
- ESP_LOGI(TAG, "Initialize wifi");
-#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
- (ESP_IDF_VERSION_MAJOR >= 5)
- esp_netif_init();
-#else
- tcpip_adapter_init();
-#endif
+static void event_handler(void* arg,
+ esp_event_base_t event_base,
+ int32_t event_id,
+ void* event_data)
+{
+ if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
+ esp_wifi_connect();
+ }
+ else if (event_base == WIFI_EVENT &&
+ event_id == WIFI_EVENT_STA_DISCONNECTED) {
+ if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
+ esp_wifi_connect();
+ s_retry_num++;
+ ESP_LOGI(TAG, "retry to connect to the AP");
+ }
+ else {
+ xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
+ }
+ ESP_LOGI(TAG, "connect to the AP fail");
+ }
+ else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
+ event = (ip_event_got_ip_t*) event_data;
+ wifi_show_ip();
+ s_retry_num = 0;
+ xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
+ }
+}
+
+int wifi_init_sta(void)
+{
+ int ret = ESP_OK;
+
+ s_wifi_event_group = xEventGroupCreate();
+
+ ESP_ERROR_CHECK(esp_netif_init());
+
+ ESP_ERROR_CHECK(esp_event_loop_create_default());
+ esp_netif_create_default_wifi_sta();
- /* */
-#if ESP_IDF_VERSION_MAJOR >= 4
- ESP_ERROR_CHECK(esp_event_loop_create_default());
- /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
- * Read "Establishing Wi-Fi or Ethernet Connection" section in
- * examples/protocols/README.md for more information about this function.
- */
- ESP_ERROR_CHECK(example_connect());
-#else
- wifi_event_group = xEventGroupCreate();
- ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+ esp_event_handler_instance_t instance_any_id;
+ esp_event_handler_instance_t instance_got_ip;
+ ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
+ ESP_EVENT_ANY_ID,
+ &event_handler,
+ NULL,
+ &instance_any_id));
+ ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
+ IP_EVENT_STA_GOT_IP,
+ &event_handler,
+ NULL,
+ &instance_got_ip));
+
wifi_config_t wifi_config = {
.sta = {
- .ssid = TLS_SMP_WIFI_SSID,
- .password = TLS_SMP_WIFI_PASS,
+ .ssid = EXAMPLE_ESP_WIFI_SSID,
+ .password = EXAMPLE_ESP_WIFI_PASS,
+ /* Authmode threshold resets to WPA2 as default if password matches
+ * WPA2 standards (pasword len => 8). If you want to connect the
+ * device to deprecated WEP/WPA networks, Please set the threshold
+ * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
+ * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
+ * standards. */
+ .threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
+ #ifdef HAS_WPA3_FEATURES
+ .sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
+ #endif
},
};
- /* WiFi station mode */
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
- /* Wifi Set the configuration of the ESP32 STA or AP */
- ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
- /* Start Wifi */
+ ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+
+#ifdef CONFIG_EXAMPLE_WIFI_SSID
+ if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
+ ESP_LOGW(TAG, " Do you have a WiFi AP called \"myssid\", ");
+ ESP_LOGW(TAG, " or did you forget the ESP-IDF configuration?");
+ }
+#else
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+#endif
+
ESP_ERROR_CHECK(esp_wifi_start() );
ESP_LOGI(TAG, "wifi_init_sta finished.");
- ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
- TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+
+ /* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
+ * or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
+ * The bits are set by event_handler() (see above) */
+ EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
+ WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
+ pdFALSE,
+ pdFALSE,
+ portMAX_DELAY);
+
+ /* xEventGroupWaitBits() returns the bits before the call returned,
+ * hence we can test which event actually happened. */
+#if defined(SHOW_SSID_AND_PASSWORD)
+ ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
+ if (bits & WIFI_CONNECTED_BIT) {
+ ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
+ EXAMPLE_ESP_WIFI_SSID,
+ EXAMPLE_ESP_WIFI_PASS);
+ }
+ else if (bits & WIFI_FAIL_BIT) {
+ ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
+ EXAMPLE_ESP_WIFI_SSID,
+ EXAMPLE_ESP_WIFI_PASS);
+ }
+ else {
+ ESP_LOGE(TAG, "UNEXPECTED EVENT");
+ }
+#else
+ if (bits & WIFI_CONNECTED_BIT) {
+ ESP_LOGI(TAG, "Connected to AP");
+ }
+ else if (bits & WIFI_FAIL_BIT) {
+ ESP_LOGI(TAG, "Failed to connect to AP");
+ ret = -1;
+ }
+ else {
+ ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
+ ret = -2;
+ }
#endif
- ESP_LOGI(TAG, "Set dummy time...");
- set_time();
+ return ret;
}
+
+int wifi_show_ip(void)
+{
+ /* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
+ return 0;
+}
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type, SubType, Offset, Size, Flags
+nvs, data, nvs, 0x9000, 24K,
+phy_init,data, phy, 0xf000, 4K,
+factory, app, factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x6000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x4000,
+# otadata, data, ota, 0xd000, 0x2000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+# ota_0, app, ota_0, 0x110000, 1M,
+# ota_1, app, ota_1, 0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
index 0d591ea0..11a9e467 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
@@ -1,11 +1,96 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+# v1.0
+#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+# WSL: /mnt/c/workspace
+# Linux: ~/workspace
+# Windows: C:\workspace
+#
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+ message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+ message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+ # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+ # So we'll error out and let the user decide how to proceed:
+ message(WARNING "\nFound wolfSSL components in\n"
+ "./managed_components/wolfssl__wolfssl\n"
+ "and\n"
+ "./components/wolfssl\n"
+ "in project directory: \n"
+ "${CMAKE_HOME_DIRECTORY}")
+ message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+ "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+ "or rename the idf_component.yml file typically found in ./main/")
+else()
+ message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
-# (Not part of the boilerplate)
# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
-# disable the following line if there isn't the directory
-set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+ message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+ message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
project(wolfssl_server)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
index 50a1859c..3380c0f2 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
@@ -1,8 +1,23 @@
-# wolfSSL Server Example
+# wolfSSL TLS Server Example
+
+This is the wolfSSL TLS Server demo, typically used with the [Espressif TLS Client](../wolfssl_client/README.md)
+or the CLI [Client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client).
+
+When using the CLI, see the [example parameters](/IDE/Espressif/ESP-IDF/examples#interaction-with-wolfssl-cli).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+## ESP-IDF Commandline
The Example contains a wolfSSL simple server.
-1. `idf.py menuconfigure` to configure the project
+1. `idf.py menuconfig` to configure the project
1-1. Example Connection Configuration ->
@@ -20,3 +35,77 @@ When you want to test the wolfSSL simple server demo
e.g ./example/client/client -h xx.xx.xx
See the README.md file in the upper level 'examples' directory for more information about examples.
+
+
+```
+# . /mnt/c/SysGCC/esp32/esp-idf/master/export.sh
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
+cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server
+
+# optionally erase
+idf.py erase-flash -p /dev/ttyS19 -b 115200
+
+# Program flash
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+```
+
+
+Linux Client to x108 SM server
+
+```
+cd /mnt/c/workspace/wolfssl-$USER
+
+# show the ciphers
+./examples/client/client -e
+
+./examples/client/client -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+```
+
+
+Linux Server
+
+```
+./examples/server/server -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+
+Cipers to consider
+
+```
+TLS13-AES128-GCM-SHA256:
+TLS13-AES256-GCM-SHA384:
+TLS13-CHACHA20-POLY1305-SHA256:
+
+TLS13-SM4-GCM-SM3:
+TLS13-SM4-CCM-SM3:
+ECDHE-ECDSA-SM4-CBC-SM3:
+ECDHE-ECDSA-SM4-GCM-SM3:
+ECDHE-ECDSA-SM4-CCM-SM3
+
+DHE-RSA-AES128-SHA:
+DHE-RSA-AES256-SHA:
+ECDHE-RSA-AES128-SHA:
+ECDHE-RSA-AES256-SHA:
+ECDHE-ECDSA-AES128-SHA:
+ECDHE-ECDSA-AES256-SHA:
+DHE-RSA-AES128-SHA256:
+DHE-RSA-AES256-SHA256:
+DHE-RSA-AES128-GCM-SHA256:
+DHE-RSA-AES256-GCM-SHA384:
+ECDHE-RSA-AES128-GCM-SHA256:
+ECDHE-RSA-AES256-GCM-SHA384:
+ECDHE-ECDSA-AES128-GCM-SHA256:
+ECDHE-ECDSA-AES256-GCM-SHA384:
+ECDHE-RSA-AES128-SHA256:
+ECDHE-ECDSA-AES128-SHA256:
+ECDHE-RSA-AES256-SHA384:
+ECDHE-ECDSA-AES256-SHA384:
+ECDHE-RSA-CHACHA20-POLY1305:
+ECDHE-ECDSA-CHACHA20-POLY1305:
+DHE-RSA-CHACHA20-POLY1305:
+ECDHE-RSA-CHACHA20-POLY1305-OLD:
+ECDHE-ECDSA-CHACHA20-POLY1305-OLD:
+DHE-RSA-CHACHA20-POLY1305-OLD:
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
new file mode 100644
index 00000000..01dd6baf
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
@@ -0,0 +1,512 @@
+# SM Cipher Notes
+
+
+### Install SM
+```
+cd /mnt/c/workspace/wolfsm-$USER
+./install.sh ../wolfssl-$USER
+```
+
+
+### Build Linux SM Examples
+```
+./autogen.sh
+./configure --enable-sm3 --enable-sm4-gcm --enable-sm2 \
+ --enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr \
+ --enable-sm4-gcm --enable-sm4-ccm
+make clean && make
+```
+
+### TLS 1.3 Server
+
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+### TLS 1.3 Client
+
+```
+./examples/client/client -h 127.0.0.1 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+```
+
+### TLS 1.2 Client to Local Linux Server
+
+```
+./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
+ -c ./certs/sm2/client-sm2.pem \
+ -k ./certs/sm2/client-sm2-priv.pem \
+ -A ./certs/sm2/root-sm2.pem -C
+```
+
+### TLS 1.2 Client to ESP32 Server
+
+```
+./examples/client/client -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 \
+ -c ./certs/sm2/client-sm2.pem \
+ -k ./certs/sm2/client-sm2-priv.pem \
+ -A ./certs/sm2/root-sm2.pem -C
+```
+### Others...
+
+```
+# Success: Linux Client to ESP32 Server TLS1.2
+./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Success: Linux Client to ESP32 Server TLS1.3
+
+# Reported as TLS_SM4_GCM_SM3, but parameter is TLS13-SM4-GCM-SM3
+./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Reported as TLS-SM4-CCM-SM3, but parameter is TLS13-SM4-CCM-SM3
+./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+./examples/client/client -h 192.168.1.113 -v 4 -l TLS13-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+```
+
+```
+ESP32-to-ESP32
+TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+```
+
+Tried both PEM and DER format.
+
+The latest server is PEM format, triple-checked to have the embedded server
+be the same as the Linux server files.
+
+
+| Usage | Certificate | Key | Certificate Authority file, default ./certs/client-cert.pem |
+| ----- | ---------------------------------- | ----------------------------------- | --------------------------------- |
+| server | -c ./certs/sm2/server-sm2.pem | -k ./certs/sm2/server-sm2-priv.pem | -A ./certs/sm2/client-sm2.pem -V |
+| client | -c ./certs/sm2/client-sm2.pem | -k ./certs/sm2/client-sm2-priv.pem | -A ./certs/sm2/root-sm2.pem -C |
+| emdedded:
+| server | wolfSSL_CTX_use_certificate_buffer<br/> server_sm2 | wolfSSL_CTX_use_PrivateKey_buffer<br/> server_sm2_priv | wolfSSL_CTX_load_verify_buffer<br/> client-sm2 |
+
+### Code
+
+See [source code](https://github.com/gojimmypi/wolfssl/blob/2c4f443aec7b151f945cb9dfe2dad6ee30449cf0/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c#L187):
+
+![code](./code.png)
+
+
+### Linux client talking to embedded server:
+
+```
+/examples/client/client -h 192.168.1.108 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+wolfSSL_connect error -188, ASN no signer error to confirm failure
+wolfSSL error: wolfSSL_connect failed
+```
+
+Output:
+```
+ets Jul 29 2019 12:21:46
+
+rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:7000
+load:0x40078000,len:15452
+ho 0 tail 12 room 4
+load:0x40080400,len:3840
+entry 0x4008064c
+I (29) boot: ESP-IDF v5.0-dirty 2nd stage bootloader
+I (29) boot: compile time 13:40:31
+I (29) boot: chip revision: v3.0
+I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0
+I (39) boot.esp32: SPI Speed : 40MHz
+I (44) boot.esp32: SPI Mode : DIO
+I (48) boot.esp32: SPI Flash Size : 2MB
+I (53) boot: Enabling RNG early entropy source...
+I (58) boot: Partition Table:
+I (62) boot: ## Label Usage Type ST Offset Length
+I (69) boot: 0 nvs WiFi data 01 02 00009000 00006000
+I (77) boot: 1 phy_init RF data 01 01 0000f000 00001000
+I (84) boot: 2 factory factory app 00 00 00010000 00177000
+I (92) boot: End of partition table
+I (96) boot_comm: chip revision: 3, min. application chip revision: 0
+I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=338d8h (211160) map
+I (188) esp_image: segment 1: paddr=00043900 vaddr=3ffb0000 size=03b78h ( 15224) load
+I (194) esp_image: segment 2: paddr=00047480 vaddr=40080000 size=08b98h ( 35736) load
+I (209) esp_image: segment 3: paddr=00050020 vaddr=400d0020 size=c591ch (809244) map
+I (501) esp_image: segment 4: paddr=00115944 vaddr=40088b98 size=0c230h ( 49712) load
+I (522) esp_image: segment 5: paddr=00121b7c vaddr=50000000 size=00010h ( 16) load
+I (533) boot: Loaded app from partition at offset 0x10000
+I (533) boot: Disabling RNG early entropy source...
+I (545) cpu_start: Pro cpu up.
+I (545) cpu_start: Starting app cpu, entry point is 0x400812f4
+I (532) cpu_start: App cpu up.
+I (561) cpu_start: Pro cpu start user code
+I (561) cpu_start: cpu freq: 160000000 Hz
+I (561) cpu_start: Application information:
+I (566) cpu_start: Project name: wolfssl_server
+I (571) cpu_start: App version: v5.6.3-stable-1088-g560c84b2b-d
+I (578) cpu_start: Compile time: Jul 19 2023 22:20:09
+I (585) cpu_start: ELF file SHA256: 3e6e571c9e87bf44...
+I (591) cpu_start: ESP-IDF: v5.0-dirty
+I (596) heap_init: Initializing. RAM available for dynamic allocation:
+I (603) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (609) heap_init: At 3FFBDA68 len 00022598 (137 KiB): DRAM
+I (615) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (622) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (628) heap_init: At 40094DC8 len 0000B238 (44 KiB): IRAM
+I (636) spi_flash: detected chip: generic
+I (639) spi_flash: flash io: dio
+W (643) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the
+size in the binary image header.
+I (657) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+I (725) tls_server: ESP_WIFI_MODE_STA
+I (735) wifi:wifi driver task: 3ffcb738, prio:23, stack:6656, core=0
+I (735) system_api: Base MAC address is not set
+I (735) system_api: read default base MAC address from EFUSE
+I (755) wifi:wifi firmware version: 0d470ef
+I (755) wifi:wifi certification version: v7.0
+I (755) wifi:config NVS flash: enabled
+I (755) wifi:config nano formating: disabled
+I (755) wifi:Init data frame dynamic rx buffer num: 32
+I (765) wifi:Init management frame dynamic rx buffer num: 32
+I (765) wifi:Init management short buffer num: 32
+I (775) wifi:Init dynamic tx buffer num: 32
+I (775) wifi:Init static rx buffer size: 1600
+I (775) wifi:Init static rx buffer num: 10
+I (785) wifi:Init dynamic rx buffer num: 32
+I (785) wifi_init: rx ba win: 6
+I (795) wifi_init: tcpip mbox: 32
+I (795) wifi_init: udp mbox: 6
+I (795) wifi_init: tcp mbox: 6
+I (805) wifi_init: tcp tx win: 5744
+I (805) wifi_init: tcp rx win: 5744
+I (815) wifi_init: tcp mss: 1440
+I (815) wifi_init: WiFi IRAM OP enabled
+I (815) wifi_init: WiFi RX IRAM OP enabled
+I (825) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07
+I (925) wifi:mode : sta (24:d7:eb:41:7b:68)
+I (935) wifi:enable tsf
+I (935) tls_server: wifi_init_sta finished.
+I (945) wifi:new:<4,0>, old:<1,0>, ap:<255,255>, sta:<4,0>, prof:1
+I (945) wifi:state: init -> auth (b0)
+I (945) wifi:state: auth -> assoc (0)
+I (955) wifi:state: assoc -> run (10)
+W (955) wifi:<ba-add>idx:0 (ifx:0, c8:d7:19:cd:00:17), tid:0, ssn:0, winSize:64
+I (985) wifi:connected with testbench, aid = 1, channel 4, BW20, bssid = c8:d7:19:cd:00:17
+I (985) wifi:security: WPA2-PSK, phy: bgn, rssi: -45
+I (995) wifi:pm start, type: 1
+
+I (1065) wifi:AP's beacon interval = 102400 us, DTIM period = 1
+I (3225) esp_netif_handlers: sta ip: 192.168.1.108, mask: 255.255.255.0, gw: 192.168.1.10
+I (3225) tls_server: got ip:192.168.1.108
+I (3235) Time Helper: sntp_setservername:
+I (3235) Time Helper: pool.ntp.org
+I (3245) Time Helper: time.nist.gov
+I (3245) Time Helper: utcnist.colorado.edu
+I (3255) Time Helper: sntp_init done.
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3315) wolfssl: Start wolfSSL_Init()
+I (3315) wolfssl: wolfSSL Entering wolfSSL_Init
+I (3325) wolfssl: wolfSSL Entering wolfCrypt_Init
+I (3325) wolfssl: start socket())
+I (3335) wolfssl: Create and initialize WOLFSSL_CTX
+I (3335) wolfssl: wolfSSL Entering wolfSSLv23_server_method_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CTX_new_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CertManagerNew
+I (3355) wolfssl: wolfSSL Leaving wolfSSL_CTX_new_ex, return 0
+I (3365) tls_server: Start SM2
+
+I (3365) wolfssl: wolfSSL Entering wolfSSL_CTX_set_cipher_list
+I (3375) tls_server: Set cipher list: ECDHE-ECDSA-SM4-CBC-SM3
+
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3435) wolfssl: Loading certificate...
+I (3435) wolfssl: wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
+I (3445) wolfssl: wolfSSL Entering PemToDer
+I (3455) wolfssl: Checking cert signature type
+I (3455) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3465) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3465) wolfssl: Got Cert Header
+I (3475) wolfssl: wolfSSL Entering GetObjectId
+I (3475) wolfssl: Got Algo ID
+I (3475) wolfssl: Getting Name
+I (3485) wolfssl: Getting Cert Name
+I (3485) wolfssl: Getting Name
+I (3495) wolfssl: Getting Cert Name
+I (3495) wolfssl: Got Subject Name
+I (3495) wolfssl: wolfSSL Entering GetAlgoId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3515) wolfssl: Got Key
+I (3515) wolfssl: ECDSA/ED25519/ED448 cert signature
+I (3525) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_certificate_buffer, return 1
+I (3535) tls_server: Loaded server_sm2
+
+I (3535) wolfssl: Loading key info...
+I (3535) wolfssl: wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
+I (3545) wolfssl: wolfSSL Entering PemToDer
+I (3555) wolfssl: wolfSSL Entering GetAlgoId
+I (3555) wolfssl: wolfSSL Entering GetObjectId
+I (3565) wolfssl: wolfSSL Entering GetAlgoId
+I (3565) wolfssl: wolfSSL Entering GetObjectId
+I (3575) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_PrivateKey_buffer, return 1
+I (3575) tls_server: Loaded PrivateKey_buffer server_sm2_priv
+
+I (3585) wolfssl: wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
+I (3595) wolfssl: Processing CA PEM file
+I (3595) wolfssl: wolfSSL Entering PemToDer
+I (3605) wolfssl: Adding a CA
+I (3605) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3615) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3615) wolfssl: Got Cert Header
+I (3625) wolfssl: wolfSSL Entering GetObjectId
+I (3625) wolfssl: Got Algo ID
+I (3635) wolfssl: Getting Name
+I (3635) wolfssl: Getting Cert Name
+I (3635) wolfssl: Getting Name
+I (3645) wolfssl: Getting Cert Name
+I (3645) wolfssl: Got Subject Name
+I (3655) wolfssl: wolfSSL Entering GetAlgoId
+I (3655) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: Got Key
+I (3665) wolfssl: Parsed Past Key
+I (3675) wolfssl: wolfSSL Entering DecodeCertExtensions
+I (3675) wolfssl: wolfSSL Entering GetObjectId
+I (3685) wolfssl: wolfSSL Entering DecodeSubjKeyId
+I (3685) wolfssl: wolfSSL Entering GetObjectId
+I (3695) wolfssl: wolfSSL Entering DecodeAuthKeyId
+I (3705) wolfssl: wolfSSL Entering GetObjectId
+I (3705) wolfssl: wolfSSL Entering DecodeBasicCaConstraint
+I (3715) wolfssl: wolfSSL Entering GetObjectId
+I (3715) wolfssl: wolfSSL Entering DecodeAltNames
+I (3725) wolfssl: Unsupported name type, skipping
+I (3725) wolfssl: wolfSSL Entering GetObjectId
+I (3735) wolfssl: wolfSSL Entering DecodeExtKeyUsage
+I (3735) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3755) wolfssl: Parsed new CA
+I (3755) wolfssl: No key size check done on CA
+I (3765) wolfssl: Freeing Parsed CA
+I (3765) wolfssl: Freeing der CA
+I (3775) wolfssl: OK Freeing der CA
+I (3775) wolfssl: wolfSSL Leaving AddCA, return 0
+I (3785) wolfssl: Processed a CA
+I (3785) wolfssl: Processed at least one valid CA. Other stuff OK
+I (3795) wolfssl: wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return 1
+I (3795) tls_server: Success: load verify buffer
+
+I (3805) tls_server: Finish SM2
+
+I (3805) tls_server: accept clients...
+I (3815) wolfssl: Waiting for a connection...
+I (14485) wolfssl: wolfSSL Entering wolfSSL_new
+I (14495) wolfssl: wolfSSL Entering ReinitSSL
+I (14495) wolfssl: wolfSSL Entering SetSSL_CTX
+I (14495) wolfssl: wolfSSL Entering wolfSSL_NewSession
+I (14505) wolfssl: wolfSSL Leaving wolfSSL_new, return 0
+I (14505) wolfssl: wolfSSL Entering wolfSSL_set_fd
+I (14515) wolfssl: wolfSSL Entering wolfSSL_set_read_fd
+I (14515) wolfssl: wolfSSL Leaving wolfSSL_set_read_fd, return 1
+I (14525) wolfssl: wolfSSL Entering wolfSSL_set_write_fd
+I (14535) wolfssl: wolfSSL Leaving wolfSSL_set_write_fd, return 1
+I (14535) wolfssl: wolfSSL Entering wolfSSL_accept
+I (14545) wolfssl: wolfSSL Entering ReinitSSL
+I (14545) wolfssl: growing input buffer
+I (14555) wolfssl: received record layer msg
+I (14555) wolfssl: got HANDSHAKE
+I (14565) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14565) wolfssl: wolfSSL Entering DoTls13HandShakeMsg
+I (14575) wolfssl: wolfSSL Entering DoTls13HandShakeMsgType
+I (14575) wolfssl: processing client hello
+I (14585) wolfssl: wolfSSL Entering DoTls13ClientHello
+I (14595) wolfssl: wolfSSL Entering DoClientHello
+I (14595) wolfssl: downgrading to TLSv1.2
+I (14605) wolfssl: Matched No Compression
+I (14605) wolfssl: Adding signature algorithms extension
+I (14615) wolfssl: Signature Algorithms extension received
+I (14615) wolfssl: Point Formats extension received
+I (14625) wolfssl: Supported Groups extension received
+I (14625) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: wolfSSL Entering MatchSuite
+I (14645) wolfssl: wolfSSL Entering VerifyServerSuite
+I (14645) wolfssl: Requires ECC
+I (14655) wolfssl: Verified suite validity
+I (14655) wolfssl: wolfSSL Leaving DoClientHello, return 0
+I (14665) wolfssl: wolfSSL Leaving DoTls13ClientHello, return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsgType(), return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsg, return 0
+I (14685) wolfssl: Shrinking input buffer
+I (14685) wolfssl: accept state ACCEPT_CLIENT_HELLO_DONE
+I (14695) wolfssl: accept state ACCEPT_FIRST_REPLY_DONE
+I (14705) wolfssl: wolfSSL Entering SendServerHello
+I (14705) wolfssl: growing output buffer
+I (14715) internal.c: GrowOutputBuffer ok
+I (14715) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14725) wolfssl: Point Formats extension to write
+W (14735) wolfio: ssl->wflags = 0
+I (14735) wolfio: 16 03 03 00 52 02 00 00 4e 03 03 af 87 e2 58 57
+I (14735) wolfio: 73 c3 c1 35 1a 59 39 b2 03 9d 14 03 e0 b8 fb e8
+I (14745) wolfio: 9d 5b 9c 44 4f 57 4e 47 52 44 01 20 85 77 75 20
+I (14755) wolfio: 95 dd 00 e2 91 f8 42 33 f8 61 3f 1f de 81 15 58
+I (14755) wolfio: 23 0c e7 1e 71 e6 10 e5 67 23 e0 40 e0 11 00 00
+I (14765) wolfio: 06 00 0b 00 02 01 00
+W (14775) wolfio: sz = 87
+I (14775) wolfssl: Shrinking output buffer
+I (14775) wolfssl: wolfSSL Leaving SendServerHello, return 0
+I (14785) wolfssl: accept state SERVER_HELLO_SENT
+I (14795) wolfssl: wolfSSL Entering SendCertificate
+I (14795) wolfssl: growing output buffer
+I (14805) internal.c: GrowOutputBuffer ok
+W (14815) wolfio: ssl->wflags = 0
+I (14815) wolfio: 16 03 03 02 e6 0b 00 02 e2 00 02 df 00 02 dc 30
+I (14815) wolfio: 82 02 d8 30 82 02 7e a0 03 02 01 02 02 01 01 30
+I (14825) wolfio: 0a 06 08 2a 81 1c cf 55 01 83 75 30 81 ac 31 0b
+I (14835) wolfio: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06
+I (14835) wolfio: 03 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30
+I (14845) wolfio: 0e 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31
+I (14855) wolfio: 14 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53
+I (14855) wolfio: 4c 5f 73 6d 32 31 0f 30 0d 06 03 55 04 0b 0c 06
+I (14865) wolfio: 43 41 2d 73 6d 32 31 18 30 16 06 03 55 04 03 0c
+I (14875) wolfio: 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 63 6f 6d
+I (14875) wolfio: 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16
+I (14885) wolfio: 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 2e 63 6f
+I (14895) wolfio: 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 2c 64 01
+I (14895) wolfio: 01 0c 07 77 6f 6c 66 53 53 4c 30 1e 17 0d 32 33
+I (14905) wolfio: 30 32 31 35 30 36 32 33 30 37 5a 17 0d 32 35 31
+I (14915) wolfio: 31 31 31 30 36 32 33 30 37 5a 30 81 b0 31 0b 30
+I (14915) wolfio: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03
+I (14925) wolfio: 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 0e
+I (14935) wolfio: 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 14
+I (14945) wolfio: 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 4c
+I (14945) wolfio: 5f 73 6d 32 31 13 30 11 06 03 55 04 0b 0c 0a 53
+I (14955) wolfio: 65 72 76 65 72 2d 73 6d 32 31 18 30 16 06 03 55
+I (14965) wolfio: 04 03 0c 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e
+I (14965) wolfio: 63 6f 6d 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01
+I (14975) wolfio: 09 01 16 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c
+I (14985) wolfio: 2e 63 6f 6d 31 17 30 15 06 0a 09 92 26 89 93 f2
+I (14985) wolfio: 2c 64 01 01 0c 07 77 6f 6c 66 53 53 4c 30 5a 30
+I (14995) wolfio: 14 06 08 2a 81 1c cf 55 01 82 2d 06 08 2a 81 1c
+I (15005) wolfio: cf 55 01 82 2d 03 42 00 04 94 70 2b 46 e4 5e 0f
+I (15005) wolfio: 41 fb 8f 2d 34 0a 41 40 19 5e fb d4 1d 11 ac fa
+I (15015) wolfio: f5 93 37 c6 fa 87 08 f7 16 1f 2c ce 30 40 9d 4f
+I (15025) wolfio: a6 2a 0a a1 d6 95 33 c3 a6 03 98 e6 8d 05 34 b0
+I (15025) wolfio: 97 0c de a4 c7 cf 53 8f d1 a3 81 89 30 81 86 30
+I (15035) wolfio: 1d 06 03 55 1d 0e 04 16 04 14 67 ae 60 ff 7e 1b
+I (15045) wolfio: 0f 95 ae 1f 82 59 f2 6c 56 2d 93 ef 17 32 30 1f
+I (15045) wolfio: 06 03 55 1d 23 04 18 30 16 80 14 47 0a 48 7e bb
+I (15055) wolfio: 02 a8 5a 26 57 2b 19 a9 7b 61 8b 7f 5d 99 6e 30
+I (15065) wolfio: 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0e 06
+I (15075) wolfio: 03 55 1d 0f 01 01 ff 04 04 03 02 03 a8 30 13 06
+I (15075) wolfio: 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07
+I (15085) wolfio: 03 01 30 11 06 09 60 86 48 01 86 f8 42 01 01 04
+I (15095) wolfio: 04 03 02 06 40 30 0a 06 08 2a 81 1c cf 55 01 83
+I (15095) wolfio: 75 03 48 00 30 45 02 20 1b ca 94 28 7f f6 b2 0d
+I (15105) wolfio: 31 43 50 e1 d5 34 17 dd af 3a de 81 06 67 9a b3
+I (15115) wolfio: 06 22 7e 64 ec fd 0e b9 02 21 00 a1 48 a8 32 d1
+I (15115) wolfio: 05 09 6b 1c eb 89 12 66 d8 38 a1 c4 5c 89 09 0f
+I (15125) wolfio: fd e9 c0 3b 1d fb cd b5 4c 31 68
+W (15135) wolfio: sz = 747
+I (15135) wolfssl: Shrinking output buffer
+I (15135) wolfssl: wolfSSL Leaving SendCertificate, return 0
+I (15145) wolfssl: accept state CERT_SENT
+I (15155) wolfssl: wolfSSL Entering SendCertificateStatus
+I (15155) wolfssl: wolfSSL Leaving SendCertificateStatus, return 0
+I (15165) wolfssl: accept state CERT_STATUS_SENT
+I (15165) wolfssl: wolfSSL Entering SendServerKeyExchange
+I (15175) wolfssl: Using ephemeral ECDH
+I (15175) wolfssl: wolfSSL Entering EccMakeKey
+I (15535) wolfssl: wolfSSL Leaving EccMakeKey, return 0
+I (15535) wolfssl: Trying ECC private key, RSA didn't work
+I (15535) wolfssl: wolfSSL Entering GetAlgoId
+I (15545) wolfssl: wolfSSL Entering GetObjectId
+I (15555) wolfssl: Using ECC private key
+I (15555) wolfssl: wolfSSL Entering Sm2wSm3Sign
+I (15915) wolfssl: wolfSSL Leaving Sm2wSm3Sign, return 0
+I (15915) wolfssl: wolfSSL Entering SendHandshakeMsg
+I (15925) wolfssl: growing output buffer
+I (15925) internal.c: GrowOutputBuffer ok
+W (15925) wolfio: ssl->wflags = 0
+I (15935) wolfio: 16 03 03 00 95 0c 00 00 91 03 00 29 41 04 fd f5
+I (15935) wolfio: 5e 74 15 30 1d f3 84 ae a5 69 96 a9 5b dd 27 b3
+I (15945) wolfio: 00 7d 40 3a 59 93 93 6f 4d 1f 62 dc 60 48 34 1f
+I (15955) wolfio: a8 1d 34 b8 76 8f 8b 27 4a 1b 77 64 8e 2e d5 27
+I (15955) wolfio: 03 95 8b 9d a5 ed a4 a6 b9 40 1b ea aa 10 07 08
+I (15965) wolfio: 00 48 30 46 02 21 00 cb 89 61 e9 21 f9 c6 4d ad
+I (15975) wolfio: aa e7 f1 3f 6f 27 46 f0 35 ec 45 4e 8a ae f3 ac
+I (15985) wolfio: 7c c0 cf 68 11 44 e2 02 21 00 f6 40 5c bc 66 5a
+I (15985) wolfio: 74 1e 92 5d 9a 03 75 e7 7f 16 c2 b3 c8 fe 8d 5c
+I (15995) wolfio: 63 35 36 da 61 38 76 dc 4e d6
+W (15995) wolfio: sz = 154
+I (16005) wolfssl: Shrinking output buffer
+I (16005) wolfssl: wolfSSL Leaving SendServerKeyExchange, return 0
+I (16015) wolfssl: accept state KEY_EXCHANGE_SENT
+I (16025) wolfssl: accept state CERT_REQ_SENT
+I (16025) wolfssl: wolfSSL Entering SendServerHelloDone
+I (16035) wolfssl: growing output buffer
+I (16035) internal.c: GrowOutputBuffer ok
+W (16045) wolfio: ssl->wflags = 0
+I (16045) wolfio: 16 03 03 00 04 0e 00 00 00
+W (16045) wolfio: sz = 9
+I (16055) wolfssl: Embed Send error
+I (16055) wolfssl: Connection reset
+I (16065) int: Sent = -3
+W (16065) int: WOLFSSL_CBIO_ERR_CONN_RST
+E (16075) int: SOCKET_ERROR_E 2
+I (16075) wolfssl: wolfSSL Leaving SendServerHelloDone, return -308
+I (16085) wolfssl: wolfSSL error occurred, error = -308
+I (16085) wolfssl: wolfSSL Entering wolfSSL_get_error
+I (16095) wolfssl: wolfSSL Leaving wolfSSL_get_error, return -308
+E (16085) tls_server: wolfSSL_accept error -308
+I (16105) wolfssl: Client connected successfully
+I (16105) wolfssl: wolfSSL Entering wolfSSL_read
+I (16115) wolfssl: wolfSSL Entering wolfSSL_read_internal
+I (16125) wolfssl: wolfSSL Entering ReceiveData
+I (16125) wolfssl: User calling wolfSSL_read in error state, not allowed
+I (16135) wolfssl: wolfSSL Leaving wolfSSL_read_internal, return -308
+E (16145) tls_server: ERROR: failed to read
+I (16145) wolfssl: Client sends:
+I (16145) wolfssl:
+I (16155) wolfssl: wolfSSL Entering wolfSSL_write
+I (16155) wolfssl: handshake not complete, trying to finish
+I (16165) wolfssl: wolfSSL Entering wolfSSL_negotiate
+I (16165) wolfssl: wolfSSL Entering wolfSSL_accept
+I (16175) wolfssl: wolfSSL Entering ReinitSSL
+W (16185) wolfio: ssl->wflags = 0
+I (16185) wolfio: 16 03 03 00 04 0e 00 00 00
+W (16185) wolfio: sz = 9
+I (16195) wolfssl: Embed Send error
+I (16195) wolfssl: General error
+I (16205) int: Sent = -1
+E (16205) int: SOCKET_ERROR_E
+I (16205) wolfssl: wolfSSL error occurred, error = -308
+I (16215) wolfssl: wolfSSL Leaving wolfSSL_negotiate, return -1
+I (16225) wolfssl: wolfSSL Leaving wolfSSL_write, return -1
+E (16225) tls_server: ERROR: failed to write
+I (16235) wolfssl: wolfSSL Entering wolfSSL_free
+I (16235) wolfssl: Free'ing server ssl
+I (16245) wolfssl: Shrinking output buffer
+I (16245) wolfssl: wolfSSL Entering ClientSessionToSession
+I (16255) wolfssl: wolfSSL Entering wolfSSL_FreeSession
+I (16255) wolfssl: wolfSSL_FreeSession full free
+I (16265) wolfssl: CTX ref count not 0 yet, no free
+I (16265) wolfssl: wolfSSL Leaving wolfSSL_free, return 0
+I (16275) wolfssl: Waiting for a connection...
+```
+
+### Wireshark:
+
+![wireshark](./wireshark.png)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
new file mode 100644
index 00000000..701f38b6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
@@ -0,0 +1,52 @@
+# wolfSSL Project Files for Visual Studio 2022 with VisualGDB Extension
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users, as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/) using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet | ESP-IDF v4.4 | ESP-IDF v5.0 |
+-------- |------------- |------------- |
+ESP32 | x | |
+ESP32-S2 | | |
+ESP32-S3 | x | x |
+ESP32-C3 | x | x |
+ESP32-C6 | | |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+## Resources
+
+- [wolfSSL Website](https://www.wolfssl.com/)
+
+- [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
+
+- [FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
+
+- [wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
+
+- [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
+
+- [wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
+
+- [wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
+
+- [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
+
+- [wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
+
+- [Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
+
+## Support
+
+For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)
+
+<-- edit 5.6.0001 see https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB -->
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
index 77ec87f9..31235a31 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
@@ -1,9 +1,9 @@

Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.33027.164
+# Visual Studio Version 17
+VisualStudioVersion = 17.7.34031.279
MinimumVisualStudioVersion = 10.0.40219.1
-Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_server", "VisualGDB_wolfssl_server.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_server_IDF_v5_ESP32", "wolfssl_server_IDF_v5_ESP32.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -26,6 +26,6 @@ Global
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
- SolutionGuid = {719A8CBE-E881-4B20-89F3-9910520E1067}
+ SolutionGuid = {8024AC13-8021-400B-976F-30C392D5BBD3}
EndGlobalSection
EndGlobal
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
index 70a43fe7..86df266d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
-<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Project xsi:type="com.visualgdb.project.external.esp-idf">
<CustomSourceDirectories>
<Directories />
@@ -18,9 +18,9 @@
<ToolchainID>
<ID>com.visualgdb.xtensa-esp32-elf</ID>
<Version>
- <GCC>8.4.0</GCC>
- <GDB>8.1.0</GDB>
- <Revision>9</Revision>
+ <GCC>12.2.0</GCC>
+ <GDB>12.1</GDB>
+ <Revision>1</Revision>
</Version>
</ToolchainID>
<RelativeSourceDirectory>..</RelativeSourceDirectory>
@@ -67,11 +67,11 @@
<EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
<ESPIDFExtension>
<IDFCheckout>
- <Version>v4.4.1</Version>
- <Subdirectory>esp-idf/v4.4.1</Subdirectory>
+ <Version>release/v5.1</Version>
+ <Subdirectory>esp-idf/v5.1</Subdirectory>
<Type>ESPIDF</Type>
</IDFCheckout>
- <COMPort>COM20</COMPort>
+ <COMPort>COM19</COMPort>
<SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
<UseCCache>false</UseCCache>
<DeviceID>ESP32</DeviceID>
@@ -93,7 +93,7 @@
</CustomDebug>
<DeviceTerminalSettings>
<Connection xsi:type="com.sysprogs.terminal.connection.serial">
- <ComPortName>COM20</ComPortName>
+ <ComPortName>COM19</ComPortName>
<AdvancedSettings>
<BaudRate>115200</BaudRate>
<DataBits>8</DataBits>
@@ -104,7 +104,7 @@
</Connection>
<LastConnectionTime>0</LastConnectionTime>
<EchoTypedCharacters>false</EchoTypedCharacters>
- <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+ <ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
<ReconnectAutomatically>false</ReconnectAutomatically>
<DisplayMode>ASCII</DisplayMode>
<Colors>
@@ -220,7 +220,7 @@
<DebugMethod>
<ID>openocd</ID>
<Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
- <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+ <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f interface/ftdi/tigard.cfg -f target/esp32.cfg</CommandLine>
<ExtraParameters>
<Frequency xsi:nil="true" />
<BoostedFrequency xsi:nil="true" />
@@ -252,7 +252,7 @@
</Configuration>
</DebugMethod>
<AutoDetectRTOS>true</AutoDetectRTOS>
- <SemihostingSupport>Auto</SemihostingSupport>
+ <SemihostingSupport>Disabled</SemihostingSupport>
<SemihostingPollingDelay>0</SemihostingPollingDelay>
<StepIntoEntryPoint>false</StepIntoEntryPoint>
<ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
index 2423b802..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
@@ -17,206 +17,435 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
#
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if( "$ENV{USER}" STREQUAL "" ) # the bash user
+ if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+ message(STATUS "could not find USER or USERNAME")
+ else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USERNAME}")
+ endif()
+else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+# set(WOLFSSL_ROOT "C:/some path/with/spaces")
+# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
+# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
+# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+# or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT "../../../../../../../" ABSOLUTE)
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+# parameter: DIRECTORY_PARAMETER - the directory to test
+# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+ if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+ set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+ else()
+ set(${RESULT} "" PARENT_SCOPE)
+ endif()
+endfunction()
-if($WOLFSSL_FOUND_IDF)
- message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
- message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
- message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+ message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+ set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+ if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+ message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+ else()
+ get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if("${FOUND_WOLFSSL}")
+ message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+ else()
+ message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+ message(STATUS "$ENV{WOLFSSL_ROOT}")
+ endif()
+ endif()
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+ # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+ message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+ message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
- message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+ # loop through all the parents, looking for wolfssl
+ while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+ # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+ if( THIS_USER )
+ # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+ message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
- "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
- "${WOLFSSL_ROOT}/wolfcrypt/test/"
- )
+ #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+ return()
+ endif()
+ endif()
-set(COMPONENT_REQUIRES lwip)
+ # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+ # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
+ # Move up one directory level
+ set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+ message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+ # when the search directory is empty, we'll give up
+ set(CURRENT_SEARCH_DIR "")
+ endif()
+ endwhile()
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
- #
- # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
- #
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
- message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
- message(STATUS "")
- message(STATUS "To proceed: ")
- message(STATUS "")
- message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
- message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
- message(STATUS "")
- message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
+ # If not found, set the output variable to empty before exiting
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
- # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+ message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+ idf_component_register(
+ REQUIRES "${COMPONENT_REQUIRES}"
+ PRIV_REQUIRES # esp_hw_support
+ esp_timer
+ driver # this will typically only be needed for wolfSSL benchmark
+ )
else()
- if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ # not CMAKE_BUILD_EARLY_EXPANSION
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config:")
+ message(STATUS "************************************************************************************************")
+
+ # search for wolfSSL
+ FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+ if(WOLFSSL_ROOT)
+ message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+ else()
+ message(STATUS "NEW wolfssl directory not found.")
+ # Abort. We need wolfssl _somewhere_.
+ message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+ "Try setting WOLFSSL_ROOT environment variable or git clone.")
+ endif()
+
+ set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+ endif()
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+ endif()
+
+ set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+ "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+ ) # COMPONENT_SRCDIRS
+
+ message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+ set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+ add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+ # Espressif may take several passes through this makefile. Check to see if we found IDF
+ string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+ # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+ file(GLOB EXCLUDE_ASM *.S)
+ file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+ message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+ message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+ #
+ # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+ #
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+ # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
- message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+ message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "")
+ message(STATUS "To proceed: ")
message(STATUS "")
+ message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+ message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+ message(STATUS "")
+ message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+ message(STATUS "")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+
+ # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
else()
- #
- # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
- # or if wolfSSL is simply installed as a local component.
- #
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+ if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in local project.
+ # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
#
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
- message(STATUS "")
- message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
- #
- # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
- #
- # We won't do anything else here, as it will be assumed the original install completed successfully.
- #
- else()
+ message(STATUS "")
+ message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "")
+ else()
+ #
+ # wolfSSL is not an ESP-IDF component.
+ # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+ # or if wolfSSL is simply installed as a local component.
+ #
+
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
#
- # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
- # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ # wolfSSL found in local project.
#
- message(STATUS "")
- message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+ message(STATUS "")
+ message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
+ #
+ # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+ #
+ # We won't do anything else here, as it will be assumed the original install completed successfully.
+ #
+ else() # full wolfSSL not installed in local project
+ #
+ # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+ # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ #
+ message(STATUS "")
+ message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
- message(STATUS "************************************************************************************************")
- # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
- # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
- #
- # first check if there's a [root]/include/user_settings.h
- if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
- # we won't overwrite an existing user settings file, just note that we already have one:
- message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
- else()
- message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
- endif() # user_settings.h
+ message(STATUS "************************************************************************************************")
+ # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+ # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+ #
+ # first check if there's a [root]/include/user_settings.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+ message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+ "${WOLFSSL_ROOT}/include/user_settings.h "
+ " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+ message(STATUS "Using existing wolfSSL user_settings.h in "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ else()
+ message(STATUS "Installing wolfSSL user_settings.h to "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+ DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+ endif()
+ endif() # user_settings.h
- # next check if there's a [root]/include/config.h
- if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
- message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
- else()
- message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
- file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
- endif() # config.h
- message(STATUS "************************************************************************************************")
- message(STATUS "")
- endif()
+ # next check if there's a [root]/include/config.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "Using existing wolfSSL config.h ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ else()
+ message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+ file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+ endif() # Project config.h
+ endif() # WOLFSSL_ROOT config.h
+ message(STATUS "************************************************************************************************")
+ message(STATUS "")
+ endif()
- else()
- # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
- if($WOLFSSL_FOUND_IDF)
- message(STATUS "")
- message(STATUS "WARNING: wolfSSL not found.")
- message(STATUS "")
else()
- # probably needs to be re-parsed by Espressif
- message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
- endif() # else we have not found ESP-IDF yet
- endif() # else not a local wolfSSL component
+ # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+ if($WOLFSSL_FOUND_IDF)
+ message(STATUS "")
+ message(STATUS "WARNING: wolfSSL not found.")
+ message(STATUS "")
+ else()
+ # probably needs to be re-parsed by Espressif
+ message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+ endif() # else we have not found ESP-IDF yet
+ endif() # else not a local wolfSSL component
+
+ endif() #else not an ESP-IDF component
+ endif() # else not local copy and EDP-IDF wolfSSL
- endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
+ # RTOS_IDF_PATH is typically:
+ # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+ # depending on the environment, we may need to swap backslashes with forward slashes
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ # ESP-IDF prior version 4.4x has a different RTOS directory structure
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ message(STATUS "Could not find RTOS path")
+ endif()
+ endif()
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH5}"
- "${WOLFSSL_ROOT}"
- )
-else()
+ "./include" # this is the location of wolfssl user_settings.h
+ "\"${WOLFSSL_ROOT}/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+ "\"${RTOS_IDF_PATH}/\""
+ )
- set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH}"
- "${WOLFSSL_ROOT}"
- )
-endif()
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
- list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+ if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+ endif()
+
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+ set(COMPONENT_SRCEXCLUDE
+ "\"${WOLFSSL_ROOT}/src/bio.c\""
+ "\"${WOLFSSL_ROOT}/src/conf.c\""
+ "\"${WOLFSSL_ROOT}/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/src/pk.c\""
+ "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/x509.c\""
+ "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+ "\"${EXCLUDE_ASM}\""
+ )
+
+ spaces2list(COMPONENT_REQUIRES)
+
+ separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+ separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+ separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+ #
+ # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+ #
+ message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+ message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+ message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+ message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+ #
+ # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+ #
+ set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+ idf_component_register(
+ SRC_DIRS "${COMPONENT_SRCDIRS}"
+ INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+ REQUIRES "${COMPONENT_REQUIRES}"
+ EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+ PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+ )
+ # some optional diagnostics
+ if (1)
+ get_cmake_property(_variableNames VARIABLES)
+ list (SORT _variableNames)
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES BEGIN")
+ message(STATUS "")
+ foreach (_variableName ${_variableNames})
+ message(STATUS "${_variableName}=${${_variableName}}")
+ endforeach()
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES END")
+ message(STATUS "")
+ endif()
+
+ # target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
-set(COMPONENT_SRCEXCLUDE
- "${WOLFSSL_ROOT}/src/bio.c"
- "${WOLFSSL_ROOT}/src/conf.c"
- "${WOLFSSL_ROOT}/src/misc.c"
- "${WOLFSSL_ROOT}/src/pk.c"
- "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/x509.c"
- "${WOLFSSL_ROOT}/src/x509_str.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
- "${EXCLUDE_ASM}"
- )
-
-register_component()
-
-# some optional diagnostics
-if (0)
- get_cmake_property(_variableNames VARIABLES)
- list (SORT _variableNames)
- message(STATUS "")
- message(STATUS "ALL VARIABLES BEGIN")
- message(STATUS "")
- foreach (_variableName ${_variableNames})
- message(STATUS "${_variableName}=${${_variableName}}")
- endforeach()
- message(STATUS "")
- message(STATUS "ALL VARIABLES END")
- message(STATUS "")
-endif()
# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
message(STATUS "")
message(STATUS "")
message(STATUS "********************************************************************")
@@ -227,3 +456,69 @@ endif()
# end multiple component check
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT: the name of the macro to define
+# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+ # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+ string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+ # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+ if(${IS_VALID_VALUE})
+ # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+ string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
+
+ # we'll could percolate the value to the parent for possible later use
+ # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+ # but we're only using it here in this function
+ set(${VAR_OUPUT} ${VAR_VALUE})
+
+ # we'll print what we found to the console
+ message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+ # the interesting part is defining the VAR_OUPUT name a value to use in the app
+ add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+ else()
+ # if we get here, check the execute_process command and parameters.
+ message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+ set(${VAR_OUPUT} "Unknown")
+ endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+ set (git_cmd "git")
+ message(STATUS "Adding macro definitions:")
+
+ # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config complete!")
+ message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..8a49155d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
@@ -0,0 +1,435 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+#define HAVE_ED25519 /* ED25519 requires SHA512 */
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+ #define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+ #define HAVE_AES_KEYWRAP
+ #define HAVE_X963_KDF
+ #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+ #define WOLFSSL_ATECC508A
+ #define HAVE_PK_CALLBACKS
+ /* when you want to use a custom slot allocation for ATECC608A */
+ /* unless your configuration is unusual, you can use default */
+ /* implementation. */
+ /* #define CUSTOM_SLOT_ALLOCATION */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+ /* Define USE_FAST_MATH and SMALL_STACK */
+ #define ESP32_USE_RSA_PRIMITIVE
+
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+
+ /* NOTE HW unreliable for small values! */
+ /* threshold for performance adjustment for HW primitive use */
+ /* X bits of G^X mod P greater than */
+ #undef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 32
+
+ /* X and Y of X * Y mod P greater than */
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+
+ #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG */
+
+/* date/time */
+/* if it cannot adjust time in the device, */
+/* enable macro below */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT 0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/***** Use SP_MATH *****/
+/* #undef USE_FAST_MATH */
+/* #define SP_MATH */
+/* #define WOLFSSL_SP_MATH_ALL */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef WOLFSSL_KEY_GEN
+#undef WOLFSSL_CERT_REQ
+#undef WOLFSSL_CERT_GEN
+#undef WOLFSSL_CERT_EXT
+#undef WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
+
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
+
+ /* There's no AES or RSA/Math accelerator on the ESP32-C2
+ * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* wolfSSL Hardware Acceleration not yet implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+ /* TODO: Revisit ESP8266 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+ /* There's no Hardware Acceleration available on ESP8684 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP8684 *****/
+
+#else
+ /* Anything else encountered, disable HW accleration */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+#else
+ #define USE_CERT_BUFFERS_2048
+ #define USE_CERT_BUFFERS_256
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
index e754ae0f..798cecce 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
@@ -1,12 +1,36 @@
-
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+# v1.0
#
# wolfssl server test
#
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
-set(COMPONENT_SRCS "server-tls.c" "wifi_connect.c")
-set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
-
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
set (git_cmd "git")
if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -19,8 +43,14 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
-
-register_component()
+## register_component()
+idf_component_register(SRCS main.c
+ wifi_connect.c
+ time_helper.c
+ server-tls.c
+ INCLUDE_DIRS "."
+ "./include")
+#
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -73,3 +103,4 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
endif()
message(STATUS "")
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
new file mode 100644
index 00000000..64406069
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
@@ -0,0 +1,9 @@
+menu "Example Configuration"
+
+config WOLFSSL_TARGET_PORT
+ int "Target port"
+ default 11111
+ help
+ Host listening port for the example to connect.
+
+endmenu
diff --git a/extra/wolfssl/wolfssl/cyassl/callbacks.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
index 7a288c02..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/callbacks.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
@@ -1,4 +1,4 @@
-/* callbacks.h
+/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef _MAIN_H_
+#define _MAIN_H_
-
-#include <wolfssl/callbacks.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
new file mode 100644
index 00000000..ea9126fe
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
@@ -0,0 +1,60 @@
+/* server-tls.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _SERVER_TLS_
+#define _SERVER_TLS_
+
+#include <wolfssl/wolfcrypt/settings.h> /* includes wolfSSL user-settings.h */
+#include <wolfssl/ssl.h>
+#include "sdkconfig.h"
+
+#if defined(SINGLE_THREADED)
+ #define WOLFSSL_ESP_TASK int
+#else
+ #include "freertos/FreeRTOS.h"
+ #define WOLFSSL_ESP_TASK void
+#endif
+
+#ifdef CONFIG_WOLFSSL_TARGET_PORT
+ #define TLS_SMP_DEFAULT_PORT CONFIG_WOLFSSL_TARGET_PORT
+#else
+ #define TLS_SMP_DEFAULT_PORT 11111
+#endif
+
+typedef struct {
+ int port;
+ int loops;
+} tls_args;
+
+/* Function to show the ciphers available / in use. */
+#if defined(DEBUG_WOLFSSL)
+ int ShowCiphers(WOLFSSL* ssl);
+#endif
+
+/* This is the TLS Server function, possibly in an RTOS thread. */
+WOLFSSL_ESP_TASK tls_smp_server_task(void *args);
+
+/* init will create an RTOS task, otherwise server is simply function call. */
+#if defined(SINGLE_THREADED)
+ /* no init neded */
+#else
+ WOLFSSL_ESP_TASK tls_smp_server_init(void* args);
+#endif
+#endif /* _SERVER_TLS_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
new file mode 100644
index 00000000..a47f9400
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.001 */
+
+#ifndef _TIME_HELPER_H
+#define _TIME_HELPER_H
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* a function to show the current data and time */
+int esp_show_current_datetime();
+
+/* worst case, if GitHub time not available, used fixed time */
+int set_fixed_default_time(void);
+
+/* set time from string (e.g. GitHub commit time) */
+int set_time_from_string(char* time_buffer);
+
+/* set time from NTP servers,
+ * also initially calls set_fixed_default_time or set_time_from_string */
+int set_time(void);
+
+/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
+int set_time_wait_for_ntp(void);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* #ifndef _TIME_HELPER_H */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
index c8a27577..a045b23b 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
@@ -18,25 +18,80 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-#ifndef _TLS_WIFI_H_
-#define _TLS_WIFI_H_
-
-#include "esp_idf_version.h"
-#include "esp_log.h"
-#include "esp_wifi.h"
-#if ESP_IDF_VERSION_MAJOR >= 4
-#include "esp_event.h"
-#else
-#include "esp_event_loop.h"
-#endif
+#ifndef _WIFI_CONNECT_H_
+#define _WIFI_CONNECT_H_
-#define DEFAULT_PORT 11111
+#include <esp_idf_version.h>
+#include <esp_log.h>
+
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
#define TLS_SMP_SERVER_TASK_NAME "tls_sever_example"
-#define TLS_SMP_SERVER_TASK_WORDS 10240
+#define TLS_SMP_SERVER_TASK_WORDS 22240
#define TLS_SMP_SERVER_TASK_PRIORITY 8
#define TLS_SMP_WIFI_SSID CONFIG_WIFI_SSID
#define TLS_SMP_WIFI_PASS CONFIG_WIFI_PASSWORD
+#define USE_WIFI_EXAMPLE
+#ifdef USE_WIFI_EXAMPLE
+ #include "esp_netif.h"
+ #include "protocol_examples_common.h" /* see project CMakeLists.txt */
+#endif
+
+/**
+ ******************************************************************************
+ ******************************************************************************
+ ** USER APPLICATION SETTINGS BEGIN
+ ******************************************************************************
+ ******************************************************************************
+ **/
+
+/* when using a private config with plain text passwords,
+ * file my_private_config.h should be excluded from git updates */
+/* #define USE_MY_PRIVATE_CONFIG */
+
+#ifdef USE_MY_PRIVATE_CONFIG
+ #if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
+ #include "/workspace/my_private_config.h"
+ #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
+ #include "/mnt/c/workspace/my_private_config.h"
+ #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
+ #include "~/workspace/my_private_config.h"
+ #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
+ #include "~/Documents/my_private_config.h"
+ #else
+ #warning "did not detect environment. using ~/my_private_config.h"
+ #include "~/my_private_config.h"
+ #endif
+#else
+
+ /*
+ ** The examples use WiFi configuration that you can set via project
+ ** configuration menu
+ **
+ ** If you'd rather not, just change the below entries to strings with
+ ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
+ */
+ #ifdef CONFIG_ESP_WIFI_SSID
+ #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
+ #else
+ #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
+ #endif
+
+ #ifdef CONFIG_ESP_WIFI_PASSWORD
+ #define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
+ #else
+ #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
+ #endif
#endif
+
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
+
+int wifi_init_sta(void);
+
+int wifi_show_ip(void);
+
+#endif /* _WIFI_CONNECT_H_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
new file mode 100644
index 00000000..1c0d537e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
@@ -0,0 +1,257 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "sdkconfig.h"
+#include "main.h"
+
+/* ESP specific */
+#include <nvs_flash.h>
+#include <esp_log.h>
+#include <esp_event.h>
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h> /* includes wolfSSL user-settings.h */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#ifndef WOLFSSL_ESPIDF
+ #warning "Problem with wolfSSL user_settings."
+ #warning "Check components/wolfssl/include"
+#endif
+
+/* this project */
+#include "server-tls.h"
+#include "time_helper.h"
+
+#ifndef CONFIG_IDF_TARGET_ESP32H2
+ /* There's no WiFi on ESP32-H2.
+ * For wired ethernet, see:
+ * https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
+ #include "wifi_connect.h"
+#endif
+
+#ifdef WOLFSSL_TRACK_MEMORY
+ #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "TLS Client";
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+ && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use a custom slot allocation */
+/* enable the definition CUSTOM_SLOT_ALLOCATION. */
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+ int i;
+ for(i = 0;i < ATECC_MAX_SLOT;i++) {
+ mSlotList[i] = ATECC_INVALID_SLOT;
+ }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+ int i, slot = -1;
+
+ switch(slotType){
+ case ATMEL_SLOT_ENCKEY:
+ slot = 4;
+ break;
+ case ATMEL_SLOT_DEVICE:
+ slot = 0;
+ break;
+ case ATMEL_SLOT_ECDHE:
+ slot = 0;
+ break;
+ case ATMEL_SLOT_ECDHE_ENC:
+ slot = 4;
+ break;
+ case ATMEL_SLOT_ANY:
+ for(i = 0;i < ATECC_MAX_SLOT;i++){
+ if(mSlotList[i] == ATECC_INVALID_SLOT){
+ slot = i;
+ break;
+ }
+ }
+ }
+
+ return slot;
+}
+
+/* free slot array */
+void my_atmel_free(int slotId)
+{
+ if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+ mSlotList[slotId] = ATECC_INVALID_SLOT;
+ }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* for FreeRTOS */
+void app_main(void)
+{
+ int stack_start = 0;
+ esp_err_t ret = 0;
+ ESP_LOGI(TAG, "---------------- wolfSSL TLS Server Example ------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+#ifdef ESP_TASK_MAIN_STACK
+ ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
+#endif
+#ifdef TASK_EXTRA_STACK_SIZE
+ ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
+#endif
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
+ CONFIG_ESP_MAIN_TASK_STACK_SIZE,
+ (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
+
+ /* Returns the high water mark of the stack associated with xTask. That is,
+ * the minimum free stack space there has been (in bytes not words, unlike
+ * vanilla FreeRTOS) since the task started. The smaller the returned
+ * number the closer the task has come to overflowing its stack.
+ * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
+ */
+ stack_start = uxTaskGetStackHighWaterMark(NULL);
+ ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
+#endif
+
+#ifdef HAVE_VERSION_EXTENDED_INFO
+ esp_ShowExtendedSystemInfo();
+#endif
+
+ /* Set time for cert validation.
+ * Some lwIP APIs, including SNTP functions, are not thread safe. */
+ ret = set_time(); /* need to setup NTP before WiFi */
+
+ /* Optionally erase flash */
+ /* ESP_ERROR_CHECK(nvs_flash_erase()); */
+
+#ifdef FOUND_PROTOCOL_EXAMPLES_DIR
+ ESP_LOGI(TAG, "FOUND_PROTOCOL_EXAMPLES_DIR active, using example code.");
+ ESP_ERROR_CHECK(nvs_flash_init());
+
+ #if defined(CONFIG_IDF_TARGET_ESP32H2)
+ ESP_LOGE(TAG, "There's no WiFi on ESP32-H2.");
+ #else
+ #ifdef CONFIG_EXAMPLE_WIFI_SSID
+ if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is myssid.");
+ ESP_LOGW(TAG, " Do you have a WiFi AP called myssid, or ");
+ ESP_LOGW(TAG, " did you forget the ESP-IDF configuration?");
+ }
+ #else
+ #define CONFIG_EXAMPLE_WIFI_SSID "myssid"
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+ #endif
+ ESP_ERROR_CHECK(esp_netif_init());
+ ESP_ERROR_CHECK(esp_event_loop_create_default());
+ ESP_ERROR_CHECK(example_connect());
+ #endif
+#else
+ ESP_ERROR_CHECK(nvs_flash_init());
+
+ /* Initialize NVS */
+ ret = nvs_flash_init();
+ if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
+ ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
+ ESP_ERROR_CHECK(nvs_flash_erase());
+ ret = nvs_flash_init();
+ }
+ ESP_ERROR_CHECK(ret);
+
+ #if defined(CONFIG_IDF_TARGET_ESP32H2)
+ ESP_LOGE(TAG, "There's no WiFi on ESP32-H2. ");
+ #else
+ /* Initialize WiFi */
+ ESP_LOGI(TAG, "ESP_WIFI_MODE_STA");
+ ret = wifi_init_sta();
+ while (ret != 0) {
+ ESP_LOGI(TAG, "Waiting...");
+ vTaskDelay(60000 / portTICK_PERIOD_MS);
+ ESP_LOGI(TAG, "Trying WiFi again...");
+ ret = wifi_init_sta();
+ }
+ #endif
+#endif
+
+ /* Once we are connected to the network, start & wait for NTP time */
+ ret = set_time_wait_for_ntp();
+
+ if (ret < -1) {
+ /* a value of -1 means there was no NTP server, so no need to wait */
+ ESP_LOGI(TAG, "Waiting 10 more seconds for NTP to complete." );
+ vTaskDelay(10000 / portTICK_PERIOD_MS); /* brute-force solution */
+ esp_show_current_datetime();
+ }
+
+ /* HWM is maximum amount of stack space that has been unused, in bytes
+ * not words (unlike vanilla freeRTOS). */
+ ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
+ CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - (uxTaskGetStackHighWaterMark(NULL))
+ );
+ ESP_LOGI(TAG, "Starting TLS Server...\n");
+
+#if defined(SINGLE_THREADED)
+ /* just call the task */
+ tls_smp_server_task((void*)NULL);
+#else
+ tls_args args[1] = {0};
+ /* start a thread with the task */
+ tls_smp_server_init(args); /* NULL will use the DEFAULT_PORT value */
+#endif
+
+ /* done */
+ while (1) {
+ ESP_LOGV(TAG, "\n\nLoop...\n\n");
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+ ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+ ESP_LOGI(TAG, "Stack delta: %d\n", stack_start
+ - uxTaskGetStackHighWaterMark(NULL));
+#endif
+
+#if defined(SINGLE_THREADED)
+ ESP_LOGV(TAG, "\n\nDone!\n\n");
+ while (1);
+#else
+ vTaskDelay(60000);
+ ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
+ vTaskDelete(NULL);
+#endif
+ } /* done whle */
+
+} /* app_main */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
index 8a6f85c3..9df8283d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
@@ -1,4 +1,4 @@
-/* server-tls-callback.c
+/* server-tls.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,122 +18,121 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-/* the usual suspects */
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
+
+#include "server-tls.h"
+
+/* Espressif FreeRTOS */
+#ifndef SINGLE_THREADED
+ #include <freertos/FreeRTOS.h>
+ #include <freertos/task.h>
+ #include <freertos/event_groups.h>
+#endif
/* socket includes */
-#include <sys/socket.h>
-#include <arpa/inet.h>
-#include <netinet/in.h>
-#include <unistd.h>
+#include <lwip/netdb.h>
+#include <lwip/sockets.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
+#include "user_settings.h"
#include <wolfssl/ssl.h>
-#include <wolfssl/certs_test.h>
-
-/* ESP specific */
-#include "wifi_connect.h"
#ifdef WOLFSSL_TRACK_MEMORY
#include <wolfssl/wolfcrypt/mem_track.h>
#endif
-static const char* const TAG = "tls_server";
-
-#if defined(DEBUG_WOLFSSL)
-
-static void ShowCiphers(void)
-{
- char ciphers[4096];
-
- int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
-
- if (ret == WOLFSSL_SUCCESS)
- printf("%s\n", ciphers);
-}
+#ifndef NO_DH
+ /* see also wolfssl/test.h */
+ #undef DEFAULT_MIN_DHKEY_BITS
+ #define DEFAULT_MIN_DHKEY_BITS 1024
+ #undef DEFAULT_MAX_DHKEY_BITS
+ #define DEFAULT_MAX_DHKEY_BITS 2048
#endif
-#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
- && defined(WOLFSSL_ATECC508A)
-
-#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
-
-/* when you want to use a custom slot allocation */
-/* enable the definition CUSTOM_SLOT_ALLOCATION. */
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+#else
+ #include <wolfssl/certs_test.h>
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
-#if defined(CUSTOM_SLOT_ALLOCATION)
+/* Project */
+#include "wifi_connect.h"
+#include "time_helper.h"
-static byte mSlotList[ATECC_MAX_SLOT];
-int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+static const char* const TAG = "server-tls";
+int stack_start = -1;
-/* initialize slot array */
-void my_atmel_slotInit()
+int ShowCiphers(WOLFSSL* ssl)
{
- int i;
-
- for(i=0;i<ATECC_MAX_SLOT; i++) {
- mSlotList[i] = ATECC_INVALID_SLOT;
- }
-}
-
-/* allocate slot depending on slotType */
-int my_atmel_alloc(int slotType)
-{
- int i, slot = -1;
-
- switch(slotType){
- case ATMEL_SLOT_ENCKEY:
- slot = 4;
- break;
- case ATMEL_SLOT_DEVICE:
- slot = 0;
- break;
- case ATMEL_SLOT_ECDHE:
- slot = 0;
- break;
- case ATMEL_SLOT_ECDHE_ENC:
- slot = 4;
- break;
- case ATMEL_SLOT_ANY:
- for(i=0;i<ATECC_MAX_SLOT;i++){
- if(mSlotList[i] == ATECC_INVALID_SLOT){
- slot = i;
- break;
+ #define CLIENT_TLS_MAX_CIPHER_LENGTH 4096
+ char ciphers[CLIENT_TLS_MAX_CIPHER_LENGTH];
+ const char* cipher_used;
+ int ret = 0;
+
+ if (ssl == NULL) {
+ ESP_LOGI(TAG, "WOLFSSL* ssl is NULL, so no cipher in use");
+ ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+ if (ret == WOLFSSL_SUCCESS) {
+ for (int i = 0; i < CLIENT_TLS_MAX_CIPHER_LENGTH; i++) {
+ if (ciphers[i] == ':') {
+ ciphers[i] = '\n';
}
}
+ ESP_LOGI(TAG, "Available Ciphers:\n%s\n", ciphers);
+ }
+ else {
+ ESP_LOGE(TAG, "Failed to call wolfSSL_get_ciphers. Error: %d", ret);
+ }
+ }
+ else {
+ cipher_used = wolfSSL_get_cipher_name(ssl);
+ ESP_LOGI(TAG, "WOLFSSL* ssl using %s", cipher_used);
}
- return slot;
+ return ret;
}
-/* free slot array */
-void my_atmel_free(int slotId)
-{
- if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
- mSlotList[slotId] = ATECC_INVALID_SLOT;
- }
-}
-#endif /* CUSTOM_SLOT_ALLOCATION */
-#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
-void tls_smp_server_task()
+/* FreeRTOS */
+/* server task */
+WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
{
- int sockfd;
- int connd;
+#if defined(SINGLE_THREADED)
+ #define TLS_SMP_SERVER_TASK_RET ret
+#else
+ #define TLS_SMP_SERVER_TASK_RET
+#endif
+ char buff[256];
+ const char msg[] = "I hear you fa shizzle!";
+
struct sockaddr_in servAddr;
struct sockaddr_in clientAddr;
- socklen_t size = sizeof(clientAddr);
- char buff[256];
- size_t len;
+ int sockfd;
+ int connd;
int shutdown = 0;
int ret;
- const char msg[] = "I hear you fa shizzle!";
+ socklen_t size = sizeof(clientAddr);
+ size_t len;
/* declare wolfSSL objects */
WOLFSSL_CTX* ctx;
@@ -142,9 +141,8 @@ void tls_smp_server_task()
WOLFSSL_ENTER("tls_smp_server_task");
#ifdef DEBUG_WOLFSSL
- WOLFSSL_MSG("Debug ON");
wolfSSL_Debugging_ON();
- ShowCiphers();
+ ShowCiphers(NULL);
#endif
/* Initialize wolfSSL */
@@ -161,9 +159,99 @@ void tls_smp_server_task()
/* Create and initialize WOLFSSL_CTX */
WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
+ // ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); /* only TLS 1.3 */
+ if (ctx == NULL) {
+ ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
+ }
+#else
+ /* TODO remove duplicate */
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
}
+#endif
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ ESP_LOGI(TAG, "Start SM3\n");
+
+ /* Optional set explicit ciphers
+ ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE);
+ if (ret == SSL_SUCCESS) {
+ ESP_LOGI(TAG, "Set cipher list: "WOLFSSL_ESP32_CIPHER_SUITE"\n");
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: failed to set cipher list: "WOLFSSL_ESP32_CIPHER_SUITE"\n");
+ }
+ */
+ ShowCiphers(NULL);
+ ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+
+ WOLFSSL_MSG("Loading certificate...");
+ /* -c Load server certificates into WOLFSSL_CTX */
+ ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
+ CTX_SERVER_CERT,
+ CTX_SERVER_CERT_SIZE,
+ CTX_SERVER_CERT_TYPE
+ );
+
+/* optional wolfSSL_CTX_use_certificate_buffer
+ ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+ server_sm2,
+ sizeof_server_sm2,
+ WOLFSSL_FILETYPE_PEM);
+*/
+ if (ret == SSL_SUCCESS) {
+ ESP_LOGI(TAG, "Loaded server_sm2\n");
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: failed to load cert\n");
+ }
+ ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+
+#ifndef NO_DH
+ #define DEFAULT_MIN_DHKEY_BITS 1024
+ #define DEFAULT_MAX_DHKEY_BITS 2048
+ int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
+ ret = wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
+#endif
+#ifndef NO_RSA
+ #define DEFAULT_MIN_RSAKEY_BITS 1024
+ short minRsaKeyBits = DEFAULT_MIN_RSAKEY_BITS;
+ ret = wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits);
+#endif
+
+ WOLFSSL_MSG("Loading key info...");
+ /* -k Load server key into WOLFSSL_CTX */
+ ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+ CTX_SERVER_KEY,
+ CTX_SERVER_KEY_SIZE,
+ CTX_SERVER_KEY_TYPE);
+
+ if (ret == SSL_SUCCESS) {
+ ESP_LOGI(TAG, "Loaded PrivateKey_buffer server_sm2_priv\n");
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: failed to load "
+ "PrivateKey_buffer server_sm2_priv\n");
+ }
+ ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+ /* -A load authority */
+ ret = wolfSSL_CTX_load_verify_buffer(ctx,
+ client_sm2,
+ sizeof_client_sm2,
+ WOLFSSL_FILETYPE_PEM);
+ if (ret == SSL_SUCCESS) {
+ ESP_LOGI(TAG, "Success: load verify buffer\n");
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: failed to load verify buffer\n");
+ }
+ ESP_LOGI(TAG, "Finish SM2\n");
+#else
WOLFSSL_MSG("Loading certificate...");
/* Load server certificates into WOLFSSL_CTX */
@@ -181,14 +269,17 @@ void tls_smp_server_task()
ESP_LOGE(TAG, "ERROR: failed to load privatekey");
}
- /* TO DO when using ECDSA, it loads the provisioned certificate and present it.*/
- /* TO DO when using ECDSA, it uses the generated key instead of loading key */
+#endif
+
+
+ /* TODO when using ECDSA,it loads the provisioned certificate and present it.
+ TODO when using ECDSA,it uses the generated key instead of loading key */
/* Initialize the server address struct with zeros */
memset(&servAddr, 0, sizeof(servAddr));
/* Fill in the server address */
servAddr.sin_family = AF_INET; /* using IPv4 */
- servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+ servAddr.sin_port = htons(TLS_SMP_DEFAULT_PORT); /* on port */
servAddr.sin_addr.s_addr = INADDR_ANY; /* from anywhere */
/* Bind the server socket to our port */
@@ -210,33 +301,50 @@ void tls_smp_server_task()
atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
#endif
#endif
-
+ ESP_LOGI(TAG, "accept clients...");
/* Continue to accept clients until shutdown is issued */
while (!shutdown) {
- WOLFSSL_MSG("Waiting for a connection...");
- /* Accept client connections */
+ ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+ WOLFSSL_MSG("Waiting for a connection...");
+ wifi_show_ip();
+
+ /* Accept client socket connections */
if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
== -1) {
ESP_LOGE(TAG, "ERROR: failed to accept the connection");
}
/* Create a WOLFSSL object */
if ((ssl = wolfSSL_new(ctx)) == NULL) {
- ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
+ ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
}
+
+ /* show what cipher connected for this WOLFSSL* object */
+ ShowCiphers(ssl);
+
/* Attach wolfSSL to the socket */
wolfSSL_set_fd(ssl, connd);
/* Establish TLS connection */
ret = wolfSSL_accept(ssl);
- if (ret != SSL_SUCCESS) {
- ESP_LOGE(TAG, "wolfSSL_accept error %d", wolfSSL_get_error(ssl, ret));
+ if (ret == SSL_SUCCESS) {
+ ShowCiphers(ssl);
+ }
+ else {
+ ESP_LOGE(TAG, "wolfSSL_accept error %d",
+ wolfSSL_get_error(ssl, ret));
}
WOLFSSL_MSG("Client connected successfully");
+ ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
+
/* Read the client data into our buff array */
memset(buff, 0, sizeof(buff));
if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
ESP_LOGE(TAG, "ERROR: failed to read");
}
/* Print to stdout any data the client sends */
+ ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - uxTaskGetStackHighWaterMark(NULL));
WOLFSSL_MSG("Client sends:");
WOLFSSL_MSG(buff);
/* Check for server shutdown command */
@@ -257,11 +365,54 @@ void tls_smp_server_task()
close(connd); /* Close the connection to the client */
}
/* Cleanup and return */
+ wolfSSL_free(ssl); /* Free the wolfSSL object */
wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
close(sockfd); /* Close the socket listening for clients */
vTaskDelete(NULL);
- return; /* Return reporting a success */
+ return TLS_SMP_SERVER_TASK_RET;
+}
+
+#if defined(SINGLE_THREADED)
+ /* we don't initialize a thread */
+#else
+/* create task */
+WOLFSSL_ESP_TASK tls_smp_server_init(void* args)
+{
+#if defined(SINGLE_THREADED)
+ #define TLS_SMP_CLIENT_TASK_RET ret
+#else
+ #define TLS_SMP_CLIENT_TASK_RET
+#endif
+ int thisPort = 0;
+ int ret_i = 0; /* interim return result */
+ if (thisPort == 0) {
+ thisPort = TLS_SMP_DEFAULT_PORT;
+ }
+
+#if ESP_IDF_VERSION_MAJOR >= 4
+ TaskHandle_t _handle;
+#else
+ xTaskHandle _handle;
+#endif
+ /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+ ESP_LOGI(TAG, "Creating tls_smp_server_task with stack size = %d",
+ TLS_SMP_SERVER_TASK_WORDS);
+ ret_i = xTaskCreate(tls_smp_server_task,
+ TLS_SMP_SERVER_TASK_NAME,
+ TLS_SMP_SERVER_TASK_WORDS, /* not bytes! */
+ (void*)&thisPort,
+ TLS_SMP_SERVER_TASK_PRIORITY,
+ &_handle);
+
+ if (ret_i != pdPASS) {
+ ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
+ }
+
+ /* vTaskStartScheduler(); // called automatically in ESP-IDF */
+ return TLS_SMP_CLIENT_TASK_RET;
}
+#endif
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
new file mode 100644
index 00000000..1f16e4be
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
@@ -0,0 +1,333 @@
+/* time_helper.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.002 */
+#include "sdkconfig.h"
+#include "time_helper.h"
+
+#include <esp_log.h>
+#include <esp_idf_version.h>
+
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+ #if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
+ #define HAS_ESP_NETIF_SNTP 1
+ #include <lwip/apps/sntp.h>
+ #include <esp_netif_sntp.h>
+ #else
+ #include <string.h>
+ #include <esp_sntp.h>
+ #endif
+#else
+ /* TODO Consider pre IDF v5? */
+#endif
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+const static char* TAG = "time_helper";
+
+/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
+#ifndef TIME_ZONE
+/*
+ * PST represents Pacific Standard Time.
+ * +8 specifies the offset from UTC (Coordinated Universal Time), indicating
+ * that Pacific Time is UTC-8 during standard time.
+ * PDT represents Pacific Daylight Time.
+ * M3.2.0 indicates that Daylight Saving Time (DST) starts on the
+ * second (2) Sunday (0) of March (3).
+ * M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11)
+ */
+ #define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
+#endif /* not defined: TIME_ZONE, so we are setting our own */
+
+#define NTP_RETRY_COUNT 10
+
+/* NELEMS(x) number of elements
+ * To determine the number of elements in the array, we can divide the total
+ * size of the array by the size of the array element.
+ * See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
+ **/
+#define NELEMS(x) ( (int)(sizeof(x) / sizeof((x)[0])) )
+
+/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
+#define NTP_SERVER_LIST ( (char*[]) { \
+ "pool.ntp.org", \
+ "time.nist.gov", \
+ "utcnist.colorado.edu" \
+ } \
+ )
+/* #define NTP_SERVER_COUNT using NELEMS:
+ *
+ * (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
+ */
+#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
+
+#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
+ /* We should find max value in sdkconfig, if not set it to our count:*/
+ #define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
+#endif
+
+char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
+
+/* our NTP server list is global info */
+extern char* ntpServerList[NTP_SERVER_COUNT];
+
+/* Show the current date and time */
+int esp_show_current_datetime()
+{
+ time_t now;
+ char strftime_buf[64];
+ struct tm timeinfo;
+
+ time(&now);
+ setenv("TZ", TIME_ZONE, 1);
+ tzset();
+
+ localtime_r(&now, &timeinfo);
+ strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+ ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+ return 0;
+}
+
+/* the worst-case scenario is a hard-coded date/time */
+int set_fixed_default_time(void)
+{
+ /* ideally, we'd like to set time from network,
+ * but let's set a default time, just in case */
+ struct tm timeinfo = {
+ .tm_year = 2023 - 1900,
+ .tm_mon = 10,
+ .tm_mday = 02,
+ .tm_hour = 13,
+ .tm_min = 01,
+ .tm_sec = 05
+ };
+ struct timeval now;
+ time_t interim_time;
+ int ret = -1;
+
+ /* set interim static time */
+ interim_time = mktime(&timeinfo);
+
+ ESP_LOGI(TAG, "Adjusting time from fixed value");
+ now = (struct timeval){ .tv_sec = interim_time };
+ ret = settimeofday(&now, NULL);
+
+ return ret;
+}
+
+/* set_time_from_string(s)
+ *
+ * returns 0 = success if able to set the time from the provided string
+ * error for any other value, typically -1 */
+int set_time_from_string(char* time_buffer)
+{
+ /* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
+ const char *format = "%3s %3s %d %d:%d:%d %d %s";
+ struct tm this_timeinfo;
+ struct timeval now;
+ time_t interim_time;
+ char offset[6]; /* expecting trailing single quote, not used */
+ char day_str[4];
+ char month_str[4];
+ int day, year, hour, minute, second;
+ int quote_offset = 0;
+ int ret = 0;
+
+ /* we are expecting the string to be encapsulated in single quotes */
+ if (*time_buffer == 0x27) {
+ quote_offset = 1;
+ }
+
+ ret = sscanf(time_buffer + quote_offset,
+ format,
+ day_str, month_str,
+ &day, &hour, &minute, &second, &year, &offset);
+
+ if (ret == 8) {
+ /* we found a match for all componets */
+
+ const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+
+ for (int i = 0; i < 12; i++) {
+ if (strcmp(month_str, months[i]) == 0) {
+ this_timeinfo.tm_mon = i;
+ break;
+ }
+ }
+
+ this_timeinfo.tm_mday = day;
+ this_timeinfo.tm_hour = hour;
+ this_timeinfo.tm_min = minute;
+ this_timeinfo.tm_sec = second;
+ this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
+
+ interim_time = mktime(&this_timeinfo);
+ now = (struct timeval){ .tv_sec = interim_time };
+ ret = settimeofday(&now, NULL);
+ ESP_LOGI(TAG, "Time updated to %s", time_buffer);
+ }
+ else {
+ ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
+ ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
+ set_fixed_default_time();
+ ret = -1;
+ }
+ return ret;
+}
+
+/* set time; returns 0 if succecssfully configured with NTP */
+int set_time(void)
+{
+#ifndef NTP_SERVER_COUNT
+ ESP_LOGW(TAG, "Warning: no sntp server names defined. "
+ "Setting to empty list");
+ #define NTP_SERVER_COUNT 0
+ #warning "NTP not properly configured"
+#endif /* not defined: NTP_SERVER_COUNT */
+
+#ifdef HAS_ESP_NETIF_SNTP
+ #if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
+ esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
+ NTP_SERVER_COUNT,
+ ESP_SNTP_SERVER_LIST(ntpServerList[0])
+ );
+ #else
+ esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
+ #endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
+#endif /* HAS_ESP_NETIF_SNTP */
+
+ int ret = 0;
+ int i = 0; /* counter for time servers */
+
+ ESP_LOGI(TAG, "Setting the time. Startup time:");
+ esp_show_current_datetime();
+
+#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
+ /* initialy set a default approximate time from recent git commit */
+ ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
+ set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+ esp_show_current_datetime();
+
+ ret = -4;
+#else
+ /* otherwise set a fixed time that was hard coded */
+ set_fixed_default_time();
+ ret = -3;
+#endif
+
+#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
+ config.smooth_sync = true;
+#endif
+
+ if (NTP_SERVER_COUNT) {
+ /* next, let's setup NTP time servers
+ *
+ * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
+ *
+ * WARNING: do not set operating mode while SNTP client is running!
+ */
+ /* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL); */
+ sntp_setoperatingmode(SNTP_OPMODE_POLL);
+ if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
+ ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
+ "CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
+ NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
+ }
+ ESP_LOGI(TAG, "sntp_setservername:");
+ for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
+ const char* thisServer = ntpServerList[i];
+ if (strncmp(thisServer, "\x00", 1) == 0) {
+ /* just in case we run out of NTP servers */
+ break;
+ }
+ ESP_LOGI(TAG, "%s", thisServer);
+ sntp_setservername(i, thisServer);
+ }
+ #ifdef HAS_ESP_NETIF_SNTP
+ ret = esp_netif_sntp_init(&config);
+ #else
+ ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
+ "of updated SNTP libraries");
+ #endif
+ if (ret == ESP_OK) {
+ ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
+ }
+ else {
+ ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
+ }
+
+ sntp_init();
+ switch (ret) {
+ case ESP_ERR_INVALID_STATE:
+ break;
+ default:
+ break;
+ }
+ ESP_LOGI(TAG, "sntp_init done.");
+ }
+ else {
+ ESP_LOGW(TAG, "No sntp time servers found.");
+ ret = -1;
+ }
+ return ret;
+}
+
+/* wait for NTP to actually set the time */
+int set_time_wait_for_ntp(void)
+{
+ int ret = 0;
+#ifdef HAS_ESP_NETIF_SNTP
+ int ntp_retry = 0;
+ const int ntp_retry_count = NTP_RETRY_COUNT;
+
+ ret = esp_netif_sntp_start();
+
+ ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
+#endif /* HAS_ESP_NETIF_SNTP */
+ esp_show_current_datetime();
+
+#ifdef HAS_ESP_NETIF_SNTP
+ while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
+ ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
+ ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
+ ntp_retry,
+ ntp_retry_count);
+ esp_show_current_datetime();
+ }
+#endif /* HAS_ESP_NETIF_SNTP */
+
+#ifdef TIME_ZONE
+ setenv("TZ", TIME_ZONE, 1);
+ tzset();
+#endif
+
+ if (ret == ESP_OK) {
+ ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
+ }
+ else {
+ ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
+ "result = 0x%0x: %s",
+ ret, esp_err_to_name(ret));
+ }
+ return ret;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
index 37c636b5..7401c5d7 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
@@ -18,92 +18,51 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-/*ESP specific */
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-#include "wifi_connect.h"
-#include "lwip/sockets.h"
-#include "lwip/netdb.h"
-#include "lwip/apps/sntp.h"
-#include "nvs_flash.h"
+ #include "wifi_connect.h"
+
+#include <freertos/FreeRTOS.h>
+#include <freertos/task.h>
+#include <freertos/event_groups.h>
+#include <esp_wifi.h>
+#include <esp_log.h>
/* wolfSSL */
#include <wolfssl/wolfcrypt/settings.h>
-#include <user_settings.h>
#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifndef WOLFSSL_ESPIDF
- #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+ #warning "Problem with wolfSSL user_settings."
+ #warning "Check components/wolfssl/include"
#endif
-#if ESP_IDF_VERSION_MAJOR >= 4
+#if ESP_IDF_VERSION_MAJOR >= 5
+#elif ESP_IDF_VERSION_MAJOR >= 4
#include "protocol_examples_common.h"
#else
const static int CONNECTED_BIT = BIT0;
static EventGroupHandle_t wifi_event_group;
#endif
-/* prefix for logging */
-const static char *TAG = "tls_server";
-/* proto-type definition */
-extern void tls_smp_server_task();
-static void tls_smp_server_init();
-
-static void set_time()
-{
- /* set dummy wallclock time. */
- struct timeval utctime;
- struct timezone tz;
- struct strftime_buf;
- time_t now;
- struct tm timeinfo;
- char strftime_buf[64];
- /* please update the time if seeing unknown failure when loading cert. */
- /* this could cause TLS communication failure due to time expiration */
- /* incleasing 31536000 seconds is close to spend 356 days. */
- utctime.tv_sec = 1645797600; /* dummy time: Fri 25 Feb 2022 02:00:00 2022 */
- utctime.tv_usec = 0;
- tz.tz_minuteswest = 0;
- tz.tz_dsttime = 0;
-
- settimeofday(&utctime, &tz);
-
- time(&now);
- localtime_r(&now, &timeinfo);
-
- strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
- ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
-
-#if ESP_IDF_VERSION_MAJOR < 4
- /* wait until wifi connect */
- xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
- false, true, portMAX_DELAY);
-#endif
- /* now we start client tasks. */
- tls_smp_server_init();
-}
-
-/* create task */
-static void tls_smp_server_init(void)
-{
- int ret;
-#if ESP_IDF_VERSION_MAJOR >= 4
- TaskHandle_t _handle;
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+ #if ESP_IDF_VERSION_MAJOR >= 4
+ /* likely using examples, see wifi_connect.h */
+ #else
+ /* TODO - still supporting pre V4 ? */
+ const static int CONNECTED_BIT = BIT0;
+ static EventGroupHandle_t wifi_event_group;
+ #endif
+ #if (ESP_IDF_VERSION_MAJOR == 5)
+ #define HAS_WPA3_FEATURES
+ #else
+ #undef HAS_WPA3_FEATURES
+ #endif
#else
- xTaskHandle _handle;
+ /* TODO Consider pre IDF v5? */
#endif
- /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
- ret = xTaskCreate(tls_smp_server_task,
- TLS_SMP_SERVER_TASK_NAME,
- TLS_SMP_SERVER_TASK_WORDS,
- NULL,
- TLS_SMP_SERVER_TASK_PRIORITY,
- &_handle);
-
- if (ret != pdPASS) {
- ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
- }
-}
+
+/* breadcrumb prefix for logging */
+const static char *TAG = "wifi_connect";
+
#if ESP_IDF_VERSION_MAJOR < 4
/* event handler for wifi events */
static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
@@ -114,14 +73,14 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
esp_wifi_connect();
break;
case SYSTEM_EVENT_STA_GOT_IP:
-#if ESP_IDF_VERSION_MAJOR >= 4
+ #if ESP_IDF_VERSION_MAJOR >= 4
ESP_LOGI(TAG, "got ip:" IPSTR "\n",
IP2STR(&event->event_info.got_ip.ip_info.ip));
-#else
+ #else
ESP_LOGI(TAG, "got ip:%s",
ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
-#endif
- /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+ #endif
+ /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
break;
case SYSTEM_EVENT_STA_DISCONNECTED:
@@ -133,97 +92,184 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
}
return ESP_OK;
}
-#endif
-/* entry point */
-void app_main(void)
-{
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "--------------------------------------------------------");
- ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
- ESP_LOGI(TAG, "");
- ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
- ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
- ESP_LOGI(TAG, "");
-#endif
+#else
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#ifdef CONFIG_ESP_MAXIMUM_RETRY
+ #define EXAMPLE_ESP_MAXIMUM_RETRY CONFIG_ESP_MAXIMUM_RETRY
+#else
+ #define CONFIG_ESP_MAXIMUM_RETRY 5
#endif
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#if CONFIG_ESP_WIFI_AUTH_OPEN
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
+#elif CONFIG_ESP_WIFI_AUTH_WEP
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
+#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
#endif
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
+ #define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
+ #define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
#endif
+/* FreeRTOS event group to signal when we are connected*/
+static EventGroupHandle_t s_wifi_event_group;
- /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
- /* not available for C3 at this time */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
- ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#else
- ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#endif
+/* The event group allows multiple bits for each event, but we only care about two events:
+ * - we are connected to the AP with an IP
+ * - we failed to connect after the maximum amount of retries */
+#define WIFI_CONNECTED_BIT BIT0
+#define WIFI_FAIL_BIT BIT1
- /* all platforms: stack high water mark check */
- ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
- ESP_ERROR_CHECK(nvs_flash_init());
+static int s_retry_num = 0;
+ip_event_got_ip_t* event;
+
+
+static void event_handler(void* arg,
+ esp_event_base_t event_base,
+ int32_t event_id,
+ void* event_data)
+{
+ if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
+ esp_wifi_connect();
+ }
+ else if (event_base == WIFI_EVENT &&
+ event_id == WIFI_EVENT_STA_DISCONNECTED) {
+ if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
+ esp_wifi_connect();
+ s_retry_num++;
+ ESP_LOGI(TAG, "retry to connect to the AP");
+ }
+ else {
+ xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
+ }
+ ESP_LOGI(TAG, "connect to the AP fail");
+ }
+ else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
+ event = (ip_event_got_ip_t*) event_data;
+ wifi_show_ip();
+ s_retry_num = 0;
+ xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
+ }
+}
+
+int wifi_init_sta(void)
+{
+ int ret = ESP_OK;
+
+ s_wifi_event_group = xEventGroupCreate();
+
+ ESP_ERROR_CHECK(esp_netif_init());
+
+ ESP_ERROR_CHECK(esp_event_loop_create_default());
+ esp_netif_create_default_wifi_sta();
- ESP_LOGI(TAG, "Initialize wifi");
- /* TCP/IP adapter initialization */
-#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
- (ESP_IDF_VERSION_MAJOR >= 5)
- esp_netif_init();
-#else
- tcpip_adapter_init();
-#endif
- /* */
-#if ESP_IDF_VERSION_MAJOR >= 4
- ESP_ERROR_CHECK(esp_event_loop_create_default());
- /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
- * Read "Establishing Wi-Fi or Ethernet Connection" section in
- * examples/protocols/README.md for more information about this function.
- */
- ESP_ERROR_CHECK(example_connect());
-#else
- wifi_event_group = xEventGroupCreate();
- ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
ESP_ERROR_CHECK(esp_wifi_init(&cfg));
+ esp_event_handler_instance_t instance_any_id;
+ esp_event_handler_instance_t instance_got_ip;
+ ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
+ ESP_EVENT_ANY_ID,
+ &event_handler,
+ NULL,
+ &instance_any_id));
+ ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
+ IP_EVENT_STA_GOT_IP,
+ &event_handler,
+ NULL,
+ &instance_got_ip));
+
wifi_config_t wifi_config = {
.sta = {
- .ssid = TLS_SMP_WIFI_SSID,
- .password = TLS_SMP_WIFI_PASS,
+ .ssid = EXAMPLE_ESP_WIFI_SSID,
+ .password = EXAMPLE_ESP_WIFI_PASS,
+ /* Authmode threshold resets to WPA2 as default if password matches
+ * WPA2 standards (pasword len => 8). If you want to connect the
+ * device to deprecated WEP/WPA networks, Please set the threshold
+ * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
+ * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
+ * standards. */
+ .threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
+ #ifdef HAS_WPA3_FEATURES
+ .sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
+ #endif
},
};
- /* WiFi station mode */
ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
- /* Wifi Set the configuration of the ESP32 STA or AP */
- ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
- /* Start Wifi */
+ ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+
+#ifdef CONFIG_EXAMPLE_WIFI_SSID
+ if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
+ ESP_LOGW(TAG, " Do you have a WiFi AP called \"myssid\", ");
+ ESP_LOGW(TAG, " or did you forget the ESP-IDF configuration?");
+ }
+#else
+ ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+#endif
+
ESP_ERROR_CHECK(esp_wifi_start() );
ESP_LOGI(TAG, "wifi_init_sta finished.");
- ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
- TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+
+ /* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
+ * or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
+ * The bits are set by event_handler() (see above) */
+ EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
+ WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
+ pdFALSE,
+ pdFALSE,
+ portMAX_DELAY);
+
+ /* xEventGroupWaitBits() returns the bits before the call returned,
+ * hence we can test which event actually happened. */
+#if defined(SHOW_SSID_AND_PASSWORD)
+ ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
+ if (bits & WIFI_CONNECTED_BIT) {
+ ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
+ EXAMPLE_ESP_WIFI_SSID,
+ EXAMPLE_ESP_WIFI_PASS);
+ }
+ else if (bits & WIFI_FAIL_BIT) {
+ ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
+ EXAMPLE_ESP_WIFI_SSID,
+ EXAMPLE_ESP_WIFI_PASS);
+ }
+ else {
+ ESP_LOGE(TAG, "UNEXPECTED EVENT");
+ }
+#else
+ if (bits & WIFI_CONNECTED_BIT) {
+ ESP_LOGI(TAG, "Connected to AP");
+ }
+ else if (bits & WIFI_FAIL_BIT) {
+ ESP_LOGI(TAG, "Failed to connect to AP");
+ ret = -1;
+ }
+ else {
+ ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
+ ret = -2;
+ }
#endif
- ESP_LOGI(TAG, "Set dummy time...");
- set_time();
+ return ret;
}
+
+int wifi_show_ip(void)
+{
+ /* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
+ return 0;
+}
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type, SubType, Offset, Size, Flags
+nvs, data, nvs, 0x9000, 24K,
+phy_init,data, phy, 0xf000, 4K,
+factory, app, factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x6000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x4000,
+# otadata, data, ota, 0xd000, 0x2000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+# ota_0, app, ota_0, 0x110000, 1M,
+# ota_1, app, ota_1, 0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
index 914efa6c..0dadfac6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
@@ -1,12 +1,79 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+# v1.0
+#
# The following lines of boilerplate have to be in your project's
# CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+# WSL: /mnt/c/workspace
+# Linux: ~/workspace
+# Windows: C:\workspace
+#
+if(WIN32)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+ message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+ message("Detected UNIX")
+endif()
+if(APPLE)
+ message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+ message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+ message("Detected Linux")
+endif()
+if(APPLE)
+ # Windows-specific configuration here
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+ message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+ # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+ # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+ # So we'll error out and let the user decide how to proceed:
+ message(WARNING "\nFound wolfSSL components in\n"
+ "./managed_components/wolfssl__wolfssl\n"
+ "and\n"
+ "./components/wolfssl\n"
+ "in project directory: \n"
+ "${CMAKE_HOME_DIRECTORY}")
+ message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+ "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+ "or rename the idf_component.yml file typically found in ./main/")
+else()
+ message(STATUS "No conflicting wolfSSL components found.")
+endif()
include($ENV{IDF_PATH}/tools/cmake/project.cmake)
set(COMPONENTS
main
wolfssl
+ # cryptoauthlib
) # set components
project(wolfssl_test)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
index 5be9875e..e4e79dce 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
@@ -1,6 +1,28 @@
# wolfSSL Crypt Test Example
-The Example contains of wolfSSL test program.
+This is the ESP32 Version of the [wolfSSL wolfcrypt test application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/test).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## ESP Registry
+
+The easiest way to get started with wolfSSL is by using the
+[ESP Registry](https://components.espressif.com/components/wolfssl/wolfssl/) examples.
+
+```
+. ~/esp/esp-idf/export.sh
+idf.py create-project-from-example "wolfssl/wolfssl^5.6.0-stable:wolfssl_test"
+cd wolfssl_benchmark
+idf.py -b 115200 flash monitor
+```
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the [VisualGDB directory](./VisualGDB/README.md) and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+## ESP-IDF Commandline
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
@@ -20,18 +42,27 @@ Reminder than when building on WSL in `/mnt/c` there will be a noticeable perfor
Example build on WSL, assuming `git clone` from `c:\workspace`:
```
-# Optionally install wolfSSL component
-# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
-./setup.sh
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
# switch to test example
cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
-# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
-# build and flash, in this example to COM20
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+# set target chipset
+idf.py set-target esp32s3
+
+# erase
+idf.py erase-flash -p /dev/ttyS24 -b 115200
+
+# start with a low upload speed, then increase as found operational
+idf.py
+# build and flash, in this example to COM24
+idf.py build flash -p /dev/ttyS24 -b 115200 monitor
```
## Example Output
@@ -41,7 +72,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
-Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 921600 monitor`:
+Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:
```
ets Jun 8 2016 00:22:57
@@ -140,3 +171,5 @@ I (136548) wolfcrypt_test: Exiting main with return code: 0
I (136548) wolfssl_test: wolf_test_task complete success result code = 0
```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
index a916faca..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
@@ -17,208 +17,435 @@
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
#
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
#
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if( "$ENV{USER}" STREQUAL "" ) # the bash user
+ if( "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+ message(STATUS "could not find USER or USERNAME")
+ else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USERNAME}")
+ endif()
+else()
+ # the bash user is not blank, so we'll use it.
+ set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+# set(WOLFSSL_ROOT "C:/some path/with/spaces")
+# set(WOLFSSL_ROOT "c:/workspace/wolfssl-[username]")
+# set(WOLFSSL_ROOT "/mnt/c/some path/with/spaces")
+# or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+# or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
# The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT "../../../../../../../" ABSOLUTE)
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+# parameter: DIRECTORY_PARAMETER - the directory to test
+# output: RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+ if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+ set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+ else()
+ set(${RESULT} "" PARENT_SCOPE)
+ endif()
+endfunction()
-if($WOLFSSL_FOUND_IDF)
- message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
- message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
- message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+# parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+ message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+ set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+ if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+ message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+ else()
+ get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if("${FOUND_WOLFSSL}")
+ message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+ else()
+ message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+ message(STATUS "$ENV{WOLFSSL_ROOT}")
+ endif()
+ endif()
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+ # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+ message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+ message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
- message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+ # loop through all the parents, looking for wolfssl
+ while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+ string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+ # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+ if( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+ if( THIS_USER )
+ # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+ message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
- "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
- "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
- "${WOLFSSL_ROOT}/wolfcrypt/test/"
- )
+ #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+ return()
+ endif()
+ endif()
-set(COMPONENT_REQUIRES lwip)
+ # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+ set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+ # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+ IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+ if ( FOUND_WOLFSSL )
+ message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+ return()
+ endif()
+ # Move up one directory level
+ set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+ get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+ message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+ if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+ # when the search directory is empty, we'll give up
+ set(CURRENT_SEARCH_DIR "")
+ endif()
+ endwhile()
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
- #
- # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
- #
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
- message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
- message(STATUS "")
- message(STATUS "To proceed: ")
- message(STATUS "")
- message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
- message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
- message(STATUS "")
- message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
- message(STATUS "")
- message(STATUS "**************************************************************************************")
- message(STATUS "")
+ # If not found, set the output variable to empty before exiting
+ set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
- # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+ message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+ idf_component_register(
+ REQUIRES "${COMPONENT_REQUIRES}"
+ PRIV_REQUIRES # esp_hw_support
+ esp_timer
+ driver # this will typically only be needed for wolfSSL benchmark
+ )
else()
- if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+ # not CMAKE_BUILD_EARLY_EXPANSION
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config:")
+ message(STATUS "************************************************************************************************")
+
+ # search for wolfSSL
+ FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+ if(WOLFSSL_ROOT)
+ message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+ else()
+ message(STATUS "NEW wolfssl directory not found.")
+ # Abort. We need wolfssl _somewhere_.
+ message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+ "Try setting WOLFSSL_ROOT environment variable or git clone.")
+ endif()
+
+ set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+ endif()
+
+ if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+ set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+ endif()
+
+ set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+ "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+ ) # COMPONENT_SRCDIRS
+
+ message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+ set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+ add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+ # Espressif may take several passes through this makefile. Check to see if we found IDF
+ string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+ # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+ file(GLOB EXCLUDE_ASM *.S)
+ file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+ message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+ message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+ #
+ # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+ #
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+ # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
#
message(STATUS "")
- message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+ message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+ message(STATUS "")
+ message(STATUS "To proceed: ")
message(STATUS "")
+ message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+ message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+ message(STATUS "")
+ message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+ message(STATUS "")
+ message(STATUS "**************************************************************************************")
+ message(STATUS "")
+
+ # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
else()
- #
- # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
- # or if wolfSSL is simply installed as a local component.
- #
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+ if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
#
- # wolfSSL found in local project.
+ # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
#
- if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
- message(STATUS "")
- message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
- #
- # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
- #
- # We won't do anything else here, as it will be assumed the original install completed successfully.
- #
- else()
+ message(STATUS "")
+ message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+ message(STATUS "")
+ else()
+ #
+ # wolfSSL is not an ESP-IDF component.
+ # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+ # or if wolfSSL is simply installed as a local component.
+ #
+
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
#
- # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
- # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ # wolfSSL found in local project.
#
- message(STATUS "")
- message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
- message(STATUS "")
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+ message(STATUS "")
+ message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
+ #
+ # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+ #
+ # We won't do anything else here, as it will be assumed the original install completed successfully.
+ #
+ else() # full wolfSSL not installed in local project
+ #
+ # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+ # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+ #
+ message(STATUS "")
+ message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+ message(STATUS "")
- message(STATUS "************************************************************************************************")
- # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
- # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
- #
- # first check if there's a [root]/include/user_settings.h
- if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
- # we won't overwrite an existing user settings file, just note that we already have one:
- message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
- else()
- message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
- endif() # user_settings.h
+ message(STATUS "************************************************************************************************")
+ # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+ # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+ #
+ # first check if there's a [root]/include/user_settings.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+ message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+ "${WOLFSSL_ROOT}/include/user_settings.h "
+ " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+ message(STATUS "Using existing wolfSSL user_settings.h in "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ else()
+ message(STATUS "Installing wolfSSL user_settings.h to "
+ "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+ DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+ endif()
+ endif() # user_settings.h
- # next check if there's a [root]/include/config.h
- if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
- message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
- else()
- message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
- file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
- file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
- endif() # config.h
- message(STATUS "************************************************************************************************")
- message(STATUS "")
- endif()
+ # next check if there's a [root]/include/config.h
+ if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h" )
+ message(STATUS " Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "******************************************************************************")
+ message(STATUS "******************************************************************************")
+ else()
+ # we won't overwrite an existing user settings file, just note that we already have one:
+ if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+ message(STATUS "Using existing wolfSSL config.h ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ else()
+ message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_PROJECT_DIR}/include/config.h")
+ file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+ file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+ endif() # Project config.h
+ endif() # WOLFSSL_ROOT config.h
+ message(STATUS "************************************************************************************************")
+ message(STATUS "")
+ endif()
- else()
- # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
- if($WOLFSSL_FOUND_IDF)
- message(STATUS "")
- message(STATUS "WARNING: wolfSSL not found.")
- message(STATUS "")
else()
- # probably needs to be re-parsed by Espressif
- message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
- endif() # else we have not found ESP-IDF yet
- endif() # else not a local wolfSSL component
+ # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+ if($WOLFSSL_FOUND_IDF)
+ message(STATUS "")
+ message(STATUS "WARNING: wolfSSL not found.")
+ message(STATUS "")
+ else()
+ # probably needs to be re-parsed by Espressif
+ message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+ endif() # else we have not found ESP-IDF yet
+ endif() # else not a local wolfSSL component
+
+ endif() #else not an ESP-IDF component
+ endif() # else not local copy and EDP-IDF wolfSSL
- endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
+ # RTOS_IDF_PATH is typically:
+ # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+ # depending on the environment, we may need to swap backslashes with forward slashes
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ # ESP-IDF prior version 4.4x has a different RTOS directory structure
+ string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+ if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+ message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+ else()
+ message(STATUS "Could not find RTOS path")
+ endif()
+ endif()
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH5}"
- "${WOLFSSL_ROOT}"
- )
-else()
+ "./include" # this is the location of wolfssl user_settings.h
+ "\"${WOLFSSL_ROOT}/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/\""
+ "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+ "\"${RTOS_IDF_PATH}/\""
+ )
- set(COMPONENT_ADD_INCLUDEDIRS
- "."
- "${WOLFSSL_ROOT}/include"
- "${RTOS_IDF_PATH}"
- "${WOLFSSL_ROOT}"
- )
-endif()
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
- list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+ if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+ endif()
+
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+ list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+ set(COMPONENT_SRCEXCLUDE
+ "\"${WOLFSSL_ROOT}/src/bio.c\""
+ "\"${WOLFSSL_ROOT}/src/conf.c\""
+ "\"${WOLFSSL_ROOT}/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/src/pk.c\""
+ "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_bn.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/ssl_misc.c\"" # included by ssl.c
+ "\"${WOLFSSL_ROOT}/src/x509.c\""
+ "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+ "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+ "\"${EXCLUDE_ASM}\""
+ )
+
+ spaces2list(COMPONENT_REQUIRES)
+
+ separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+ separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+ separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+ #
+ # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+ #
+ message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+ message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+ message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+ message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+ #
+ # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+ #
+ set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+ idf_component_register(
+ SRC_DIRS "${COMPONENT_SRCDIRS}"
+ INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+ REQUIRES "${COMPONENT_REQUIRES}"
+ EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+ PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+ )
+ # some optional diagnostics
+ if (1)
+ get_cmake_property(_variableNames VARIABLES)
+ list (SORT _variableNames)
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES BEGIN")
+ message(STATUS "")
+ foreach (_variableName ${_variableNames})
+ message(STATUS "${_variableName}=${${_variableName}}")
+ endforeach()
+ message(STATUS "")
+ message(STATUS "ALL VARIABLES END")
+ message(STATUS "")
+ endif()
+
+ # target_sources(wolfssl PRIVATE "\"${WOLFSSL_ROOT}/wolfssl/\"" "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
-set(COMPONENT_SRCEXCLUDE
- "${WOLFSSL_ROOT}/src/bio.c"
- "${WOLFSSL_ROOT}/src/conf.c"
- "${WOLFSSL_ROOT}/src/misc.c"
- "${WOLFSSL_ROOT}/src/pk.c"
- "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
- "${WOLFSSL_ROOT}/src/x509.c"
- "${WOLFSSL_ROOT}/src/x509_str.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
- "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
- "${EXCLUDE_ASM}"
- )
-
-register_component()
-
-# some optional diagnostics
-if (0)
- get_cmake_property(_variableNames VARIABLES)
- list (SORT _variableNames)
- message(STATUS "")
- message(STATUS "ALL VARIABLES BEGIN")
- message(STATUS "")
- foreach (_variableName ${_variableNames})
- message(STATUS "${_variableName}=${${_variableName}}")
- endforeach()
- message(STATUS "")
- message(STATUS "ALL VARIABLES END")
- message(STATUS "")
-endif()
# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
message(STATUS "")
message(STATUS "")
message(STATUS "********************************************************************")
@@ -229,3 +456,69 @@ endif()
# end multiple component check
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT: the name of the macro to define
+# THIS_VAR: the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+ # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+ string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+ # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+ if(${IS_VALID_VALUE})
+ # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+ string(REPLACE "\n" "" VAR_VALUE ${THIS_VAR})
+
+ # we'll could percolate the value to the parent for possible later use
+ # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+ # but we're only using it here in this function
+ set(${VAR_OUPUT} ${VAR_VALUE})
+
+ # we'll print what we found to the console
+ message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+ # the interesting part is defining the VAR_OUPUT name a value to use in the app
+ add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+ else()
+ # if we get here, check the execute_process command and parameters.
+ message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+ set(${VAR_OUPUT} "Unknown")
+ endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+ set (git_cmd "git")
+ message(STATUS "Adding macro definitions:")
+
+ # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+ # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+ execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES )
+ LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+ message(STATUS "************************************************************************************************")
+ message(STATUS "wolfssl component config complete!")
+ message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..d6eeebbb
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
@@ -0,0 +1,450 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+ /* ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+ #define HAVE_AES_KEYWRAP
+ #define HAVE_X963_KDF
+ #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+ #define WOLFSSL_ATECC508A
+ #define HAVE_PK_CALLBACKS
+ /* when you want to use a custom slot allocation for ATECC608A */
+ /* unless your configuration is unusual, you can use default */
+ /* implementation. */
+ /* #define CUSTOM_SLOT_ALLOCATION */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+ /* Define USE_FAST_MATH and SMALL_STACK */
+ #define ESP32_USE_RSA_PRIMITIVE
+
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+
+ /* NOTE HW unreliable for small values! */
+ /* threshold for performance adjustment for HW primitive use */
+ /* X bits of G^X mod P greater than */
+ #undef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 32
+
+ /* X and Y of X * Y mod P greater than */
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+
+ #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG */
+
+/* date/time */
+/* if it cannot adjust time in the device, */
+/* enable macro below */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT 0x249F00
+
+/* hash limit for test.c */
+#define HASH_SIZE_LIMIT
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/***** Use SP_MATH *****/
+/* #undef USE_FAST_MATH */
+/* #define SP_MATH */
+/* #define WOLFSSL_SP_MATH_ALL */
+/* #define WOLFSSL_SP_RISCV32 */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef WOLFSSL_KEY_GEN
+#undef WOLFSSL_CERT_REQ
+#undef WOLFSSL_CERT_GEN
+#undef WOLFSSL_CERT_EXT
+#undef WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
+
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
+
+ /* There's no AES or RSA/Math accelerator on the ESP32-C2
+ * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* wolfSSL Hardware Acceleration not yet implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+ /* TODO: Revisit ESP8266 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+ /* There's no Hardware Acceleration available on ESP8684 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP8684 *****/
+
+#else
+ /* Anything else encountered, disable HW accleration */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+/* Pause in a loop rather than exit. */
+#define WOLFSSL_ESPIDF_ERROR_PAUSE
+
+#define WOLFSSL_HW_METRICS
+
+/* for test.c */
+/* #define HASH_SIZE_LIMIT */
+
+/* Optionally turn off HW math checks */
+/* #define NO_HW_MATH_TEST */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+#else
+ #define USE_CERT_BUFFERS_2048
+ #define USE_CERT_BUFFERS_256
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
+
+/* See settings.h for some of the possible hardening options:
+ *
+ * #define NO_ESPIDF_DEFAULT
+ * #define WC_NO_CACHE_RESISTANT
+ * #define WC_AES_BITSLICED
+ * #define HAVE_AES_ECB
+ * #define HAVE_AES_DIRECT
+ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
index 5c945223..8787e3b8 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
@@ -1,4 +1,3 @@
-
#
# wolfssl crypt test
#
@@ -23,7 +22,9 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
endif()
-register_component()
+idf_component_register(SRCS main.c
+ INCLUDE_DIRS "."
+ "./include")
#
# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
diff --git a/extra/wolfssl/wolfssl/cyassl/crl.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
index 8a8da6f4..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/crl.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
@@ -1,4 +1,4 @@
-/* crl.h
+/* template main.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef _MAIN_H_
+#define _MAIN_H_
-
-#include <wolfssl/crl.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/cyassl/options.h.in b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
index 19179a8e..37b77041 100644
--- a/extra/wolfssl/wolfssl/cyassl/options.h.in
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
@@ -1,5 +1,4 @@
-/* options.h.in
- *
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
@@ -18,23 +17,16 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-
-
-/* default blank options for autoconf */
-
-#ifndef CYASSL_OPTIONS_H
-#define CYASSL_OPTIONS_H
-
+#ifndef _TIME_HELPER_H
#ifdef __cplusplus
extern "C" {
#endif
+int set_time(void);
#ifdef __cplusplus
-}
+} /* extern "C" */
#endif
-
-#endif /* CYASSL_OPTIONS_H */
-
+#endif /* #ifndef _TIME_HELPER_H */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
index 5adb7530..1c21bd93 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
@@ -27,11 +27,14 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <user_settings.h>
#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/types.h>
+
#ifndef WOLFSSL_ESPIDF
#warning "problem with wolfSSL user settings. Check components/wolfssl/include"
#endif
#include <wolfcrypt/test/test.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
/*
** the wolfssl component can be installed in either:
@@ -59,7 +62,6 @@
/* see wolfssl/wolfcrypt/test/test.h */
extern void wolf_crypt_task();
-
static const char* const TAG = "wolfssl_test";
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
@@ -123,75 +125,90 @@ void my_atmel_free(int slotId)
#endif /* CUSTOM_SLOT_ALLOCATION */
#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
-
/* entry point */
void app_main(void)
{
- int rc = 0;
+ int stack_start = 0;
+ esp_err_t ret = 0;
+ ESP_LOGI(TAG, "------------------ wolfSSL Test Example ----------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
ESP_LOGI(TAG, "--------------------------------------------------------");
-
- ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#ifdef ESP_TASK_MAIN_STACK
+ ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#ifdef TASK_EXTRA_STACK_SIZE
+ ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
- ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
+ CONFIG_ESP_MAIN_TASK_STACK_SIZE,
+ (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
+
+ /* Returns the high water mark of the stack associated with xTask. That is,
+ * the minimum free stack space there has been (in bytes not words, unlike
+ * vanilla FreeRTOS) since the task started. The smaller the returned
+ * number the closer the task has come to overflowing its stack.
+ * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
+ */
+ stack_start = uxTaskGetStackHighWaterMark(NULL);
+ ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
#endif
+#ifdef HAVE_VERSION_EXTENDED_INFO
+ esp_ShowExtendedSystemInfo();
+#endif
/* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
- /* not available for C3 at this time */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+ );
+ ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
+ );
+ ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
);
ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
#else
- ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
- CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
- );
- ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+ /* not available for other platformas at this time */
#endif
/* all platforms: stack high water mark check */
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
- /* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
- ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+ /* check to see if we are using hardware encryption
+ * TODO: move this to esp_util.c */
+#if defined(NO_ESP32_CRYPT)
+ ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
#else
#if defined(CONFIG_IDF_TARGET_ESP32C3)
- #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+ ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-C3.");
+
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
- #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+ ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S2.");
+
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
- /* #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3" */
- ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled for ESP32-S3.");
+ ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S3.");
+
#else
- ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+ ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
#endif
#endif
-
-
#if defined (WOLFSSL_USE_TIME_HELPER)
set_time();
#endif
-/* when using atecc608a on esp32-wroom-32se */
+/* when using atecc608a on esp32-WROOM-32se */
#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
&& defined(WOLFSSL_ATECC508A)
#if defined(CUSTOM_SLOT_ALLOCATION)
@@ -211,22 +228,54 @@ void app_main(void)
/* Although wolfCrypt_Init() may be explicitly called above,
** Note it is still always called in wolf_test_task.
*/
- rc = wolf_test_task();
+ int loops = 0;
+ do {
+ #if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
+ esp_hw_show_metrics();
+ #endif
+ ret = wolf_test_task();
+ ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+ ESP_LOGI(TAG, "loops = %d", loops);
+
+ loops++;
+ }
+ while (ret == 0);
+ ESP_LOGI(TAG, "loops = %d", loops);
+
/* note wolfCrypt_Cleanup() should always be called when finished.
** This is called at the end of wolf_test_task();
*/
- if (rc == 0) {
- ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", rc);
+ if (ret == 0) {
+ ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", ret);
}
else {
- ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", rc);
+ ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", ret);
/* see wolfssl/wolfcrypt/error-crypt.h */
}
+#if defined(DEBUG_WOLFSSL) && !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+ esp_hw_show_mp_metrics();
+#endif
+
/* after the test, we'll just wait */
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+ ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+ - (uxTaskGetStackHighWaterMark(NULL)));
+#endif
+
+ ESP_LOGI(TAG, "\n\nDone!\n\n"
+ "If running from idf.py monitor, press twice: Ctrl+]");
+
+ /* done */
while (1) {
- /* nothing */
- }
+#if defined(SINGLE_THREADED)
+ while (1);
+#else
+ vTaskDelay(60000);
+#endif
+ } /* done while */
#endif
}
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
index c3cccde4..8b7da74a 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
@@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+
#include <string.h>
#include <lwip/apps/sntp.h>
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
new file mode 100644
index 00000000..41b4846e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
@@ -0,0 +1,34 @@
+# This tag is used to include this file in the ESP Component Registry:
+# __ESP_COMPONENT_SOURCE__
+
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type, SubType, Offset, Size, Flags
+nvs, data, nvs, 0x9000, 24K,
+phy_init,data, phy, 0xf000, 4K,
+factory, app, factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the “Single factory app, no OTA” configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x6000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the “Factory app, two OTA definitions” configuration:
+#
+# # ESP-IDF Partition Table
+# # Name, Type, SubType, Offset, Size, Flags
+# nvs, data, nvs, 0x9000, 0x4000,
+# otadata, data, ota, 0xd000, 0x2000,
+# phy_init, data, phy, 0xf000, 0x1000,
+# factory, app, factory, 0x10000, 1M,
+# ota_0, app, ota_0, 0x110000, 1M,
+# ota_1, app, ota_1, 0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
index ccb7820e..17097709 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
@@ -1,3 +1,5 @@
+# This tag is used to include this file in the ESP Component Registry:
+
#
# Default main stack size
#
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
index e34220d9..f2efc2f3 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
@@ -6,6 +6,12 @@ This IDF version does NOT contain a local component and exists only to test wolf
The recommended configuration is to have only the CMakeLists.txt in the local project components\wolfssl directory. See the [wolfssl_test](../wolfssl_test/README.md) example.
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+
+## ESP-IDF Commandline
+
1. `idf.py menuconfig` to configure the program.
1-1. Example Configuration ->
@@ -35,7 +41,7 @@ cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
# build and flash, in this example to COM20
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+idf.py build flash -p /dev/ttyS20 -b 115200 monitor
```
## Example Output
@@ -45,7 +51,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
for help in optimizing for your particular application, or see the
[docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
-Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 921600 monitor`:
+Compiled and flashed with `idf.py build flash -p /dev/ttyS7 -b 115200 monitor`:
```
ets Jun 8 2016 00:22:57
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
index 01538f72..5d384420 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
@@ -170,17 +170,17 @@ void app_main(void)
ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
/* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
- ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+#if defined(NO_ESP32_CRYPT)
+ ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
#else
#if defined(CONFIG_IDF_TARGET_ESP32C3)
- #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+ #error "ESP32_CRYPT not yet supported on ESP32-C3"
#elif defined(CONFIG_IDF_TARGET_ESP32S2)
- #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+ #error "ESP32_CRYPT not yet supported on ESP32-S2"
#elif defined(CONFIG_IDF_TARGET_ESP32S3)
- #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3"
+ #error "ESP32_CRYPT not yet supported on ESP32-S3"
#else
- ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+ ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
#endif
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
index 4f0f4e8a..ab9cb25f 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
@@ -71,7 +71,11 @@ set(COMPONENT_SRCEXCLUDE
"./src/conf.c"
"./src/misc.c"
"./src/pk.c"
- "./src/ssl_misc.c" # included by ssl.c
+ "./src/ssl_asn1.c" # included by ssl.c
+ "./src/ssl_bn.c" # included by ssl.c
+ "./src/ssl_certman.c" # included by ssl.c
+ "./src/ssl_crypto.c" # included by ssl.c
+ "./src/ssl_misc.c" # included by ssl.c
"./src/x509.c"
"./src/x509_str.c"
"./wolfcrypt/src/evp.c"
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat
index 2e279ad9..89528a8f 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat
@@ -73,7 +73,7 @@ dir %WOLFSSL_ESPIDFDIR%\*.xyzzy 2> nul | findstr \
echo;
echo Equivalalent source directory paths:
-:: show the path of the equivalent %VALUE% (search for files that don't exist, supress error, and look for string with "\")
+:: show the path of the equivalent %VALUE% (search for files that don't exist, suppress error, and look for string with "\")
dir %BASEDIR%\*.xyzzy 2> nul | findstr \
dir %WOLFSSLLIB_TRG_DIR%\*.xyzzy 2> nul | findstr \
dir %WOLFSSLEXP_TRG_DIR%\*.xyzzy 2> nul | findstr \
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h
index 215b3769..4b292341 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h
@@ -18,25 +18,47 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-#undef WOLFSSL_ESPIDF
-#undef WOLFSSL_ESPWROOM32
-#undef WOLFSSL_ESPWROOM32SE
-#undef WOLFSSL_ESPWROOM32
-#undef WOLFSSL_ESP8266
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef WOLFSSL_ESPIDF
#define WOLFSSL_ESPIDF
/*
* choose ONE of these Espressif chips to define:
*
- * WOLFSSL_ESPWROOM32
+ * WOLFSSL_ESP32
* WOLFSSL_ESPWROOM32SE
* WOLFSSL_ESP8266
*/
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
-#define WOLFSSL_ESPWROOM32
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
-/* #define DEBUG_WOLFSSL_VERBOSE */
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
#define BENCH_EMBEDDED
#define USE_CERT_BUFFERS_2048
@@ -49,29 +71,48 @@
#define HAVE_AEAD
#define HAVE_SUPPORTED_CURVES
-/* when you want to use SINGLE THREAD */
-/* #define SINGLE_THREADED */
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
#define NO_FILESYSTEM
+#define NO_OLD_TLS
+
#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
/* when you want to use SHA384 */
-/* #define WOLFSSL_SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+#define HAVE_ED25519 /* ED25519 requires SHA512 */
+
#define HAVE_ECC
#define HAVE_CURVE25519
#define CURVE25519_SMALL
#define HAVE_ED25519
+/* Optional OPENSSL compatibility */
+#define OPENSSL_EXTRA
/* when you want to use pkcs7 */
/* #define HAVE_PKCS7 */
+#define HAVE_PKCS7
+
#if defined(HAVE_PKCS7)
#define HAVE_AES_KEYWRAP
#define HAVE_X963_KDF
#define WOLFSSL_AES_DIRECT
#endif
-/* when you want to use aes counter mode */
+/* when you want to use AES counter mode */
/* #define WOLFSSL_AES_DIRECT */
/* #define WOLFSSL_AES_COUNTER */
@@ -85,21 +126,29 @@
/* #define CUSTOM_SLOT_ALLOCATION */
#endif
-/* rsa primitive specific definition */
-#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+/* RSA primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Define USE_FAST_MATH and SMALL_STACK */
#define ESP32_USE_RSA_PRIMITIVE
- /* threshold for performance adjustment for hw primitive use */
- /* X bits of G^X mod P greater than */
- #define EPS_RSA_EXPT_XBTIS 36
- /* X and Y of X * Y mod P greater than */
- #define ESP_RSA_MULM_BITS 2000
+
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+
+ /* NOTE HW unreliable for small values! */
+ /* threshold for performance adjustment for HW primitive use */
+ /* X bits of G^X mod P greater than */
+ #undef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 32
+
+ /* X and Y of X * Y mod P greater than */
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+
+ #endif
#endif
-/* debug options */
-/* #define DEBUG_WOLFSSL */
-/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
-/* #define WOLFSSL_ATECC508A_DEBUG */
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG */
/* date/time */
/* if it cannot adjust time in the device, */
@@ -107,11 +156,272 @@
/* #define NO_ASN_TIME */
/* #define XTIME time */
-/* when you want not to use HW acceleration */
-/* #define NO_ESP32WROOM32_CRYPT */
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */
-/* adjust wait-timeout count if you see timeout in rsa hw acceleration */
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
#define ESP_RSA_TIMEOUT_CNT 0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/***** Use SP_MATH *****/
+/* #undef USE_FAST_MATH */
+/* #define SP_MATH */
+/* #define WOLFSSL_SP_MATH_ALL */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef WOLFSSL_KEY_GEN
+#undef WOLFSSL_CERT_REQ
+#undef WOLFSSL_CERT_GEN
+#undef WOLFSSL_CERT_EXT
+#undef WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32 */
+
+ #undef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+ /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C2 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C2 */
+
+ /* There's no AES or RSA/Math accelerator on the ESP32-C2
+ * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */ /* to disable all SHA HW */
+
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* These are defined automatically in esp32-crypt.h, here for clarity: */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384 /* no SHA384 HW on C6 */
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512 /* no SHA512 HW on C6 */
+
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ /* wolfSSL Hardware Acceleration not yet implemented */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+ /* TODO: Revisit ESP8266 */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ /***** END CONFIG_IDF_TARGET_ESP266 *****/
+#else
+ /* Anything else encountered, disable HW accleration */
+ #define NO_ESP32_CRYPT
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod() */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ #include <wolfssl/certs_test_sm.h>
+ #define CTX_CA_CERT root_sm2
+ #define CTX_CA_CERT_SIZE sizeof_root_sm2
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_CERT server_sm2
+ #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+ #define CTX_SERVER_KEY server_sm2_priv
+ #define CTX_SERVER_KEY_SIZE sizeof_server_sm2_priv
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_PEM
+
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16
+#else
+ #define USE_CERT_BUFFERS_2048
+ #define USE_CERT_BUFFERS_256
+ #define CTX_CA_CERT ca_cert_der_2048
+ #define CTX_CA_CERT_SIZE sizeof_ca_cert_der_2048
+ #define CTX_CA_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_CERT server_cert_der_2048
+ #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+ #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+ #define CTX_SERVER_KEY server_key_der_2048
+ #define CTX_SERVER_KEY_SIZE sizeof_server_key_der_2048
+ #define CTX_SERVER_KEY_TYPE WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/README.md
new file mode 100644
index 00000000..dea3b36a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/README.md
@@ -0,0 +1,161 @@
+
+
+# wolfSSL Espressif IDE
+
+This directory contains documentation and examples for the Espressif SoC devices.
+
+Although wolfSSL _should_ work on any Espressif device, there's explicit support for these:
+
+- esp32
+- esp32c2
+- esp32c3
+- esp32c6
+- esp32s2
+- esp32s3
+- esp32h2
+
+
+## Getting Started
+
+If you are new to wolfSSL on the Espressif ESP32, [this video](https://www.youtube.com/watch?v=CzwA3ZBZBZ8)
+can help to get started:
+
+[![Video Preview](https://img.youtube.com/vi/CzwA3ZBZBZ8/0.jpg)](https://www.youtube.com/watch?v=CzwA3ZBZBZ8)
+
+Additional ESP-IDF specifics can be found in [Espressif/ESP-IDF](./ESP-IDF/README.md). The [wolfSSL Manual](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html) is also a useful
+resource.
+
+## Requirements
+
+The wolfSSL Espressif code requires the ESP-IDF to be installed for
+[Windows](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/windows-setup.html)
+or [Linux / MacOS](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/linux-macos-setup.html).
+
+See the [Espressif Getting Started Guide](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/).
+
+Any editor can be used. See also the [Espressif Third-Party Tools](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/resources.html)
+for a list of feature-rich Integrated Development Environments.
+The [wolfSSL examples](./ESP-IDF/examples/README.md) all include a `./VisualGDB` directory with SoC-specific configurations
+to help get started quickly.
+
+Although not required, a [JTAG Adapter](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/jtag-debugging/index.html)
+can be helpful for development. When not using a built-in JTAG from Espressif, the examples typically
+use the open source [Tigard board](https://github.com/tigard-tools/tigard#readme).
+
+## Examples:
+
+There are a variety of examples to help get started:
+
+* [ESP-IDF Examples](./ESP-IDF/README.md)
+
+## Managed Component
+
+The wolfSSL library can be installed as a managed component:
+
+* [Espressif Managed Component Registry](https://components.espressif.com/components/wolfssl/wolfssl)
+
+## Notes:
+
+WSL environment:
+
+Contents of `/etc/wsl.conf`:
+```text
+[automount]
+options = "metadata"
+```
+
+To ignore changes in file attributes, see https://github.com/microsoft/WSL/issues/936#issuecomment-1751469229
+
+```
+git config core.filemode false
+```
+
+
+Quick start
+```
+
+WORKSPACE=/mnt/c/workspace
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+WRK_WOLFSSL_PATH=${WORKSPACE}/wolfssl-$USER
+WRK_PROJECT_DIR=${WRK_WOLFSSL_PATH}/IDE/Espressif/ESP-IDF/examples/wolfssl_test
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
+
+echo "Build and flash project in ${WRK_PROJECT_DIR}"
+cd ${WRK_PROJECT_DIR}
+idf.py build flash -p /dev/ttyS9 -b 115200 monitor
+```
+
+Bad chip version:
+
+```
+ESP-ROM:esp32c3-20200918
+Build:Sep 18 2020
+rst:0x3 (RTC_SW_SYS_RST),boot:0xc (SPI_FAST_FLASH_BOOT)
+Saved PC:0x403d151e
+SPIWP:0xee
+mode:DIO, clock div:2
+load:0x3fcd6100,len:0x16c8
+load:0x403ce000,len:0x930
+load:0x403d0000,len:0x2d28
+entry 0x403ce000
+I (34) boot: ESP-IDF v4.4.2-1-g0aba20e63d-dirty 2nd stage bootloader
+I (35) boot: compile time 08:29:06
+I (35) boot: chip revision: 2
+E (38) boot_comm: This chip is revision 2 but the application is configured for minimum revision 3. Can't run.
+```
+
+If you've encountered a chip version earlier than that confirmed to be working
+at wolfSSL, try adjusting the settings in `menuconfig`.
+
+#### A fatal error occurred: This chip is esp[X] not esp[Y]
+
+```
+A fatal error occurred: This chip is ESP32-S3 not ESP32-C3. Wrong --chip argument?
+CMake Error at run_serial_tool.cmake:56 (message):
+ /home/gojimmypi/.espressif/python_env/idf4.4_py3.8_env/bin/python
+ /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/components/esptool_py/esptool/esptool.py
+ --chip esp32c3 failed
+```
+
+Delete the `./build` and rename/delete your `sdkconfig` file, then run
+`idf.py set-target`, in this example setting to `esp32c3`:
+
+```bash
+idf.py set-target esp32c3
+```
+
+#### Cmake Cache Warning
+
+```
+Executing action: clean
+Project sdkconfig was generated for target 'esp32s3', but CMakeCache.txt contains 'esp32c3'. To keep the setting in sdkconfig (esp32s3) and re-generate CMakeCache.txt, run 'idf.py fullclean'. To re-generate sdkconfig for 'esp32c3' target, run 'idf.py set-target esp32c3'.
+```
+
+As indicated, run `idf.py set-target` and/or delete the `./build` directory.
+
+#### Connecting, but fails to connect.
+
+Some devices, particularly 3rd party, non-Espressif dev boards may not have implemented
+the reset-program hardware properly, causing devices to not be programmed with the
+`idf.py flash` command:
+
+```
+Connecting......................................
+
+A fatal error occurred: Failed to connect to ESP32: Wrong boot mode detected (0x13)! The chip needs to be in download mode.
+For troubleshooting steps visit: https://docs.espressif.com/projects/esptool/en/latest/troubleshooting.html
+CMake Error at run_serial_tool.cmake:56 (message):
+ /home/gojimmypi/.espressif/python_env/idf4.4_py3.8_env/bin/python
+ /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/components/esptool_py/esptool/esptool.py
+ --chip esp32 failed
+```
+
+Solution:
+
+Press and hold`EN` button, press and release `IO0` button, then release `EN` button.
+
+#### Other Solutions
+
+See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/include.am b/extra/wolfssl/wolfssl/IDE/Espressif/include.am
index bbf104e9..66203415 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/include.am
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/include.am
@@ -6,6 +6,8 @@
# distribution file set will not contain GitHub info
#
# see: https://github.com/wolfSSL/wolfssl/pull/5955
+#
+# Don't list any config.h files here
EXTRA_DIST+= IDE/Espressif/ESP-IDF/compileAllExamples.sh
EXTRA_DIST+= IDE/Espressif/ESP-IDF/dummy_config_h
@@ -17,20 +19,45 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/setup_win.bat
EXTRA_DIST+= IDE/Espressif/ESP-IDF/UPDATE.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/user_settings.h
+# Template
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/main.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
+
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
+
# Benchmark
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
-
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.sln
@@ -42,47 +69,91 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_
# TLS Client
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
+
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
# TLS Server
+
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
+
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
# wolfSSL Test
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/Kconfig.projbuild
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32.sln
EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32C3.sln
diff --git a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h
index dad14832..f1f8fd6d 100644
--- a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h
@@ -70,7 +70,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
- //#define WOLFSSL_SP_CACHE_RESISTANT
#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
/* SP Assembly Speedups */
@@ -85,11 +84,24 @@ extern "C" {
/* FIPS - Requires eval or license from wolfSSL */
/* ------------------------------------------------------------------------- */
#undef HAVE_FIPS
+#undef HAVE_FIPS_VERSION
+#undef HAVE_FIPS_VERSION_MINOR
#if 0
#define HAVE_FIPS
- #undef HAVE_FIPS_VERSION
- #define HAVE_FIPS_VERSION 2
+ /* Choose a FIPS version */
+ #if 0
+ /* FIPS 140-2 */
+ #define HAVE_FIPS_VERSION 2
+ #elif 0
+ /* FIPS 140-3 */
+ #define HAVE_FIPS_VERSION 5
+ #define HAVE_FIPS_VERSION_MINOR 2
+ #elif 0
+ /* FIPS Ready */
+ #define HAVE_FIPS_VERSION 5
+ #define HAVE_FIPS_VERSION_MINOR 3
+ #endif
#ifdef SINGLE_THREADED
#undef NO_THREAD_LS
@@ -182,6 +194,9 @@ extern "C" {
#undef WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_IMPORT /* Validate import */
+
+ #undef WOLFSSL_ECDSA_SET_K
+ #define WOLFSSL_ECDSA_SET_K
#endif
/* Compressed Key Support */
@@ -198,7 +213,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common
index 479a2f5a..742b350d 100644
--- a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common
+++ b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common
@@ -1,11 +1,11 @@
# Set to @ if you want to suppress command echo
-CMD_ECHO =
+CMD_ECHO =
# Important directories
BUILD_DIR = ./Build
# Toolchain location and prefix
-#TOOLCHAIN =
+#TOOLCHAIN =
TOOLCHAIN ?= /opt/gcc-arm-none-eabi/bin/arm-none-eabi-
# Tools selection
@@ -101,6 +101,7 @@ SRC_C += ../../wolfcrypt/src/des3.c
SRC_C += ../../wolfcrypt/src/dh.c
SRC_C += ../../wolfcrypt/src/ecc.c
SRC_C += ../../wolfcrypt/src/hmac.c
+SRC_C += ../../wolfcrypt/src/kdf.c
SRC_C += ../../wolfcrypt/src/random.c
SRC_C += ../../wolfcrypt/src/rsa.c
SRC_C += ../../wolfcrypt/src/sha.c
@@ -138,7 +139,6 @@ SRC_C += ../../wolfcrypt/src/ge_448.c
SRC_C += ../../wolfcrypt/src/ge_low_mem.c
SRC_C += ../../wolfcrypt/src/ge_operations.c
SRC_C += ../../wolfcrypt/src/hash.c
-SRC_C += ../../wolfcrypt/src/kdf.c
SRC_C += ../../wolfcrypt/src/integer.c
SRC_C += ../../wolfcrypt/src/logging.c
SRC_C += ../../wolfcrypt/src/md5.c
diff --git a/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld b/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld
index 84155b12..ce278614 100644
--- a/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld
+++ b/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld
@@ -54,23 +54,23 @@ SECTIONS
. = ALIGN(4);
} > FLASH
- /* Custom section for wolfCrypt and LibC to prevent FIPS hash from changing
+ /* Custom section for wolfCrypt and LibC to prevent FIPS hash from changing
when application code changes are made */
.wolfCryptNonFIPS_text :
{
. = ALIGN(4);
- KEEP(*wolf*src*.o(.text .text*))
lib_a* ( .text .text*)
+ *wolf*src*.o(.text .text*)
. = ALIGN(4);
} > FLASH
.wolfCryptNonFIPS_rodata :
{
. = ALIGN(4);
- KEEP(*wolf*src*.o(.rodata .rodata*))
lib_a* (.rodata .rodata*)
+ *wolf*src*.o(.rodata .rodata*)
. = ALIGN(4);
} > FLASH
-
+
.sys : { *(.sys*) } > FLASH
.text : { *(.text*) } > FLASH
.rodata : { *(.text*) } > FLASH
diff --git a/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c b/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c
index c87f915b..24f91257 100644
--- a/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c
+++ b/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c
@@ -133,7 +133,7 @@ static int hash_firmware_verify_dsp(int numThreads, int domain)
ret = wolfSSL_open(sp_URI_value, &(handle[i]));
if (ret != 0) {
printf("unable to open CDSP? retVal = %d\n", ret);
- return -1;
+ return -1;
}
wc_ecc_set_handle(&(eccKey[i]), handle[i]);
}
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore
new file mode 100644
index 00000000..bdd9313c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore
@@ -0,0 +1,9 @@
+# Unused project setting files
+*.ewt
+# Build products
+ewarm/
+Debug/
+Release/
+# Auto generated files
+settings/
+*.dep
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore
deleted file mode 100644
index 426cd0c0..00000000
--- a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-*.bat
-*.xcl
-*.crun
-*.dbgdt
-*.dni
-
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h
index 185497c6..57373abe 100644
--- a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h
+++ b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h
@@ -87,7 +87,7 @@
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
/* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (528 * 2)
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md
index ff9f53b8..b7303143 100644
--- a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md
+++ b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md
@@ -78,10 +78,10 @@ Bob init
Successfully generated a common secret
Alices' Secret: 85f3c7f599620c768e6dbb77dc2f8f764254cc1821aeb0a30503632dbc9bdb54
Bobs' Secret: 85f3c7f599620c768e6dbb77dc2f8f764254cc1821aeb0a30503632dbc9bdb54
-ChaCha20/Poly1305 Encryption Start, 1000 itterations, 1024 bytes
+ChaCha20/Poly1305 Encryption Start, 1000 iterations, 1024 bytes
............................................
End 44 seconds
-ChaCha20/Poly1305 Decryption Start, 1000 itterations
+ChaCha20/Poly1305 Decryption Start, 1000 iterations
............................................
End 44 seconds
end
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c
index 64eeedbb..fbf51b57 100644
--- a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c
+++ b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c
@@ -36,7 +36,7 @@
#include <msp430f5659.h>
/* Without __root on some of the functions, IAR's "Discard Unused Publics"
- will optimze out some of the functions
+ will optimize out some of the functions
*/
#if defined(__IAR_SYSTEMS_ICC__)
#define IAR_KEEP __root
@@ -304,7 +304,7 @@ only_rng:
wc_FreeRng(&rng);
printf(
- "ChaCha20/Poly1305 Encryption Start, 1000 itterations, %d bytes\r\n",
+ "ChaCha20/Poly1305 Encryption Start, 1000 iterations, %d bytes\r\n",
(int)strlen((const char*)plaintext));
start = seconds;
for (int i=0; i <= 1000; i++) {
@@ -319,7 +319,7 @@ only_rng:
printf("\r\nEnd %d seconds\r\n", seconds - start);
start = seconds;
- printf("ChaCha20/Poly1305 Decryption Start, 1000 itterations\r\n");
+ printf("ChaCha20/Poly1305 Decryption Start, 1000 iterations\r\n");
start = seconds;
for (int i=0; i <= 1000; i++) {
ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad),
diff --git a/extra/wolfssl/wolfssl/IDE/M68K/Makefile b/extra/wolfssl/wolfssl/IDE/M68K/Makefile
index ee507dc9..23030e53 100644
--- a/extra/wolfssl/wolfssl/IDE/M68K/Makefile
+++ b/extra/wolfssl/wolfssl/IDE/M68K/Makefile
@@ -84,7 +84,7 @@ clean: rmo
rm -f $(OUTPUT)/$(NAME).a
help:
- @echo "all : exectue compile, link, rmo"
+ @echo "all : execute compile, link, rmo"
@echo "compile : create .o files"
@echo "link : create .a library from .o files"
@echo "rmo : remove all .o files"
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch
index 50590a0d..f345d098 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch
@@ -1,6 +1,6 @@
---- fsl_caam-orig.c 2022-10-21 15:50:35.709951000 -0700
-+++ fsl_caam.c 2022-12-28 06:30:34.788316189 -0800
-@@ -7872,3 +7872,462 @@
+--- fsl_caam.c 2023-01-12 23:39:04.000000000 -0800
++++ fsl_caam-expanded.c 2023-06-23 00:18:14.395128903 -0700
+@@ -7872,3 +7872,476 @@
}
return status;
}
@@ -117,7 +117,7 @@
+ /* initialize descriptor from template */
+ (void)caam_memcpy(descriptor, templateKeyPairECC, sizeof(templateKeyPairECC));
+
-+ /* add descriptor lenght in bytes to HEADER descriptor command */
++ /* add descriptor length in bytes to HEADER descriptor command */
+ DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
+
+ DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_KEYGEN_PD | keyType));
@@ -128,7 +128,9 @@
+ descriptor[4] |= enc;
+
+ /* schedule the job */
-+ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ do {
++ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ } while (status == kStatus_CAAM_Again);
+ if (status == kStatus_Success) {
+ status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
+ }
@@ -198,7 +200,7 @@
+ /* initialize descriptor from template */
+ (void)caam_memcpy(descriptor, templateSignECC, sizeof(templateSignECC));
+
-+ /* add descriptor lenght in bytes to HEADER descriptor command */
++ /* add descriptor length in bytes to HEADER descriptor command */
+ DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
+
+ DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_PD | keyType));
@@ -212,7 +214,9 @@
+ descriptor[7] |= enc;
+
+ /* schedule the job */
-+ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ do {
++ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ } while (status == kStatus_CAAM_Again);
+ if (status == kStatus_Success) {
+ status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
+ }
@@ -271,7 +275,7 @@
+ /* initialize descriptor from template */
+ (void)caam_memcpy(descriptor, templateVerifyECC, sizeof(templateVerifyECC));
+
-+ /* add descriptor lenght in bytes to HEADER descriptor command */
++ /* add descriptor length in bytes to HEADER descriptor command */
+ DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
+
+ DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_PD | keyType));
@@ -283,7 +287,9 @@
+ DESC_ADD_LEN(descriptor[7], sizeHash);
+
+ /* schedule the job */
-+ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ do {
++ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ } while (status == kStatus_CAAM_Again);
+ if (status == kStatus_Success) {
+ status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
+ }
@@ -338,7 +344,7 @@
+ /* initialize descriptor from template */
+ (void)caam_memcpy(descriptor, templateAgreeECC, sizeof(templateAgreeECC));
+
-+ /* add descriptor lenght in bytes to HEADER descriptor command */
++ /* add descriptor length in bytes to HEADER descriptor command */
+ DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
+
+ DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_KEYGEN_PD | keyType));
@@ -350,7 +356,9 @@
+ descriptor[5] |= enc;
+
+ /* schedule the job */
-+ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ do {
++ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ } while (status == kStatus_CAAM_Again);
+ if (status == kStatus_Success) {
+ status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
+ }
@@ -367,7 +375,7 @@
+/* Handle BLOB create and open */
+static const uint32_t templateBlob[] = {
+ /* 00 */ 0xB0800000u, /* HEADER */
-+ /* 01 */ 0x14400000u, /* class */
++ /* 01 */ 0x04000000u, /* class */
+ /* 02 */ 0x00000000u, /* key mod */
+ /* 03 */ 0xF0000000u, /* SEQ input size */
+ /* 04 */ 0x00000000u, /* input */
@@ -425,6 +433,10 @@
+ return status;
+ }
+
++ if (keyModSz != CAAM_SM_KEYMODSZ && keyModSz != CAAM_KEYMODSZ) {
++ return status;
++ }
++
+ if (dir == CAAM_DECAP_BLOB &&
+ (sizeOut > sizeIn - CAAM_PADDING_SIZE_BLOB)) {
+ return status;
@@ -433,9 +445,9 @@
+ /* initialize descriptor from template */
+ (void)caam_memcpy(descriptor, templateBlob, sizeof(templateBlob));
+
-+ /* add descriptor lenght in bytes to HEADER descriptor command */
++ /* add descriptor length in bytes to HEADER descriptor command */
+ DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
-+ descriptor[1] |= color; /* add color of blob */
++ descriptor[1] |= keyModSz;
+ DESC_SET_ADDR(descriptor[2], keyMod);
+ DESC_ADD_LEN(descriptor[3], sizeIn);
+ DESC_SET_ADDR(descriptor[4], in);
@@ -450,7 +462,9 @@
+ }
+
+ /* schedule the job */
-+ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ do {
++ status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++ } while (status == kStatus_CAAM_Again);
+ if (status == kStatus_Success) {
+ status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
+ }
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch
index 965b930c..23d43cc2 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch
@@ -1,6 +1,6 @@
---- fsl_caam-orig.h 2022-10-21 15:50:35.745560000 -0700
-+++ fsl_caam.h 2022-12-28 08:10:29.413415216 -0800
-@@ -3038,6 +3038,162 @@
+--- fsl_caam.h 2023-06-23 00:08:46.491699533 -0700
++++ fsl_caam-expanded.h 2023-06-23 00:10:22.702730462 -0700
+@@ -3038,6 +3038,164 @@
*@}
*/ /* end of caam_driver_pkha */
@@ -127,10 +127,12 @@
+
+/* define for application to check for ECC CAAM additions */
+#define CAAM_BLOB_EXPANSION
-+#define CAAM_RED_BLOB 0x00000C08
-+#define CAAM_BLACK_BLOB 0x00000010
++#define CAAM_RED_BLOB 1
++#define CAAM_BLACK_BLOB 2
+#define CAAM_ENCAP_BLOB 0x07000000
+#define CAAM_DECAP_BLOB 0x06000000
++#define CAAM_SM_KEYMODSZ 8
++#define CAAM_KEYMODSZ 16
+#define CAAM_PADDING_SIZE_BLOB 48
+
+/*!
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c
index 8ac6428a..c4132513 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c
@@ -78,7 +78,7 @@ static void doBenchmark(void* params)
wolfCrypt_Cleanup();
}
else {
- PRINTF("Failied to initialize wolfCrypt\r\n");
+ PRINTF("Failed to initialize wolfCrypt\r\n");
}
}
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c
index aea3d1d6..08a0d432 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c
@@ -136,7 +136,7 @@ int main(void)
wolfCrypt_Cleanup();
}
else {
- PRINTF("Failied to initialize wolfCrypt\r\n");
+ PRINTF("Failed to initialize wolfCrypt\r\n");
}
#if defined(FREESCALE_KSDK_2_0_TRNG) && defined(FREESCALE_RTC)
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c
index 258f8a43..1e7fba4f 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c
@@ -34,9 +34,9 @@
static void init_RTC()
{
- /* Enable GPIO register interface clock */
- LPC_CCU1->CLK_M4_GPIO_CFG |= 1;
- while (!(LPC_CCU1->CLK_M4_GPIO_STAT & 1)) ;
+ /* Enable GPIO register interface clock */
+ LPC_CCU1->CLK_M4_GPIO_CFG |= 1;
+ while (!(LPC_CCU1->CLK_M4_GPIO_STAT & 1)) ;
/* RTC Block section ------------------------------------------------------ */
/* Init RTC module */
@@ -82,7 +82,7 @@ double current_time()
void init_time(void) {
- init_RTC() ;
+ init_RTC() ;
init_TIM() ;
}
@@ -93,7 +93,7 @@ struct tm *Cyassl_MDK_gmtime(const time_t *c)
static struct tm date ;
RTC_TIME_Type RTCFullTime;
- RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+ RTC_GetFullTime (LPC_RTC, &RTCFullTime);
date.tm_year = RTCFullTime.YEAR + 100 ;
date.tm_mon = RTCFullTime.MONTH - 1 ;
@@ -104,7 +104,7 @@ struct tm *Cyassl_MDK_gmtime(const time_t *c)
#if defined(DEBUG_CYASSL)
{
- extern void CYASSL_MSG(char *msg) ;
+ extern void CYASSL_MSG(char *msg) ;
char msg[100] ;
sprintf(msg, "Debug::Cyassl_KEIL_gmtime(DATE=/%4d/%02d/%02d TIME=%02d:%02d:%02d)\n",
RTCFullTime.YEAR+2000, RTCFullTime.MONTH, RTCFullTime.DOM,
@@ -127,14 +127,14 @@ typedef struct func_args {
void time_main(void *args)
{
char * datetime ;
- int year ;
+ int year ;
RTC_TIME_Type RTCFullTime;
if( args == NULL || ((func_args *)args)->argc == 1) {
- RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+ RTC_GetFullTime (LPC_RTC, &RTCFullTime);
printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n",
- RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000,
- RTCFullTime.HOUR, RTCFullTime.MIN, RTCFullTime.SEC) ;
+ RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000,
+ RTCFullTime.HOUR, RTCFullTime.MIN, RTCFullTime.SEC) ;
} else if(((func_args *)args)->argc == 3 &&
((func_args *)args)->argv[1][0] == '-' &&
((func_args *)args)->argv[1][1] == 'd' ) {
@@ -143,13 +143,13 @@ void time_main(void *args)
sscanf(datetime, "%d/%d/%d",
(int *)&RTCFullTime.MONTH, (int *)&RTCFullTime.DOM, &year) ;
RTCFullTime.YEAR = year - 2000 ;
- RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH);
+ RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH);
RTC_SetTime (LPC_RTC, RTC_TIMETYPE_YEAR, RTCFullTime.YEAR);
RTC_SetTime (LPC_RTC, RTC_TIMETYPE_DAYOFMONTH, RTCFullTime.DOM);
} else if(((func_args *)args)->argc == 3 &&
((func_args *)args)->argv[1][0] == '-' &&
((func_args *)args)->argv[1][1] == 't' ) {
- RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+ RTC_GetFullTime (LPC_RTC, &RTCFullTime);
datetime = ((func_args *)args)->argv[2];
sscanf(datetime, "%d:%d:%d",
(int *)&RTCFullTime.HOUR,
@@ -161,7 +161,3 @@ void time_main(void *args)
RTC_SetTime (LPC_RTC, RTC_TIMETYPE_HOUR, RTCFullTime.HOUR);
} else printf("Invalid argument\n") ;
}
-
-
-
-
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h
index 1d882ca9..ca367816 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h
@@ -165,7 +165,7 @@
#endif
// </e>
// <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
@@ -204,6 +204,59 @@
// </e>
// </h>
+// <h>Math / Memory
+// <o> Math Library
+// <0=>SP Math All (sp_int.c)
+// <1=>Fast Math (tfm.c)
+// <2=>Heap Math (integer.c)
+// <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+// <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+ #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+ #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+ #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+ #define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
+ #define WOLFSSL_HAVE_SP_RSA
+ #define WOLFSSL_HAVE_SP_DH
+ #define WOLFSSL_HAVE_SP_ECC
+
+ //#define WOLFSSL_SP_NO_2048
+ //#define WOLFSSL_SP_NO_3072
+ #define WOLFSSL_SP_4096
+ //#define WOLFSSL_SP_NO_256
+ //#define WOLFSSL_SP_384
+ //#define WOLFSSL_SP_521
+
+ #define WOLFSSL_SP_SMALL /* use smaller version of code */
+ //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+ //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+ #if MDK_CONF_MATH == 4
+ /* SP Assembly Speedups - specific to chip type */
+ #define WOLFSSL_SP_ASM
+
+ //#define WOLFSSL_SP_ARM32_ASM
+ //#define WOLFSSL_SP_ARM64_ASM
+ //#define WOLFSSL_SP_ARM_THUMB_ASM
+ //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+ #endif
+#endif
+
+// <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+ #define NO_WOLFSSL_SMALL_STACK
+ //#define WOLFSSL_SP_NO_MALLOC
+#else
+ #define WOLFSSL_SMALL_STACK
+#endif
+// </e>
+// </h>
+
// <h>Others
// <e>Inline
@@ -253,22 +306,9 @@
#define NO_ERROR_STRINGS
#endif
// </e>
-
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 0
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#endif
-// </e>
+// </h>
-// </h>
//</h>
// <<< end of configuration section >>>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h
index 256fff09..45b8c1b3 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h
@@ -202,7 +202,7 @@
#endif
// </e>
// <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
@@ -241,6 +241,59 @@
// </e>
// </h>
+// <h>Math / Memory
+// <o> Math Library
+// <0=>SP Math All (sp_int.c)
+// <1=>Fast Math (tfm.c)
+// <2=>Heap Math (integer.c)
+// <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+// <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+ #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+ #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+ #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+ #define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
+ #define WOLFSSL_HAVE_SP_RSA
+ #define WOLFSSL_HAVE_SP_DH
+ #define WOLFSSL_HAVE_SP_ECC
+
+ //#define WOLFSSL_SP_NO_2048
+ //#define WOLFSSL_SP_NO_3072
+ #define WOLFSSL_SP_4096
+ //#define WOLFSSL_SP_NO_256
+ //#define WOLFSSL_SP_384
+ //#define WOLFSSL_SP_521
+
+ #define WOLFSSL_SP_SMALL /* use smaller version of code */
+ //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+ //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+ #if MDK_CONF_MATH == 4
+ /* SP Assembly Speedups - specific to chip type */
+ #define WOLFSSL_SP_ASM
+
+ //#define WOLFSSL_SP_ARM32_ASM
+ //#define WOLFSSL_SP_ARM64_ASM
+ //#define WOLFSSL_SP_ARM_THUMB_ASM
+ //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+ #endif
+#endif
+
+// <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+ #define NO_WOLFSSL_SMALL_STACK
+ //#define WOLFSSL_SP_NO_MALLOC
+#else
+ #define WOLFSSL_SMALL_STACK
+#endif
+// </e>
+// </h>
+
// <h>Others
// <e>Inline
@@ -291,20 +344,6 @@
#endif
// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 0
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#endif
-// </e>
-
-
// </h>
//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h
index 11f1de7e..a96e5d78 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h
@@ -224,7 +224,7 @@
#endif
// </e>
// <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
@@ -263,6 +263,59 @@
// </e>
// </h>
+// <h>Math / Memory
+// <o> Math Library
+// <0=>SP Math All (sp_int.c)
+// <1=>Fast Math (tfm.c)
+// <2=>Heap Math (integer.c)
+// <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+// <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+ #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+ #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+ #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+ #define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
+ #define WOLFSSL_HAVE_SP_RSA
+ #define WOLFSSL_HAVE_SP_DH
+ #define WOLFSSL_HAVE_SP_ECC
+
+ //#define WOLFSSL_SP_NO_2048
+ //#define WOLFSSL_SP_NO_3072
+ #define WOLFSSL_SP_4096
+ //#define WOLFSSL_SP_NO_256
+ //#define WOLFSSL_SP_384
+ //#define WOLFSSL_SP_521
+
+ #define WOLFSSL_SP_SMALL /* use smaller version of code */
+ //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+ //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+ #if MDK_CONF_MATH == 4
+ /* SP Assembly Speedups - specific to chip type */
+ #define WOLFSSL_SP_ASM
+
+ //#define WOLFSSL_SP_ARM32_ASM
+ //#define WOLFSSL_SP_ARM64_ASM
+ //#define WOLFSSL_SP_ARM_THUMB_ASM
+ //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+ #endif
+#endif
+
+// <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+ #define NO_WOLFSSL_SMALL_STACK
+ //#define WOLFSSL_SP_NO_MALLOC
+#else
+ #define WOLFSSL_SMALL_STACK
+#endif
+// </e>
+// </h>
+
// <h>Others
// <e>Inline
@@ -312,22 +365,6 @@
#define NO_ERROR_STRINGS
#endif
// </e>
-
-// <e>Small Stack
-#define MDK_CONF_SMALL_STACK 1
-#if MDK_CONF_SMALL_STACK == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-
-
// </h>
//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c
index b4d20bba..de71e994 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c
@@ -99,7 +99,7 @@ extern void benchmark_test(void) ;
extern void SER_Init(void) ;
/*-----------------------------------------------------------------------------
- * mian entry
+ * main entry
*----------------------------------------------------------------------------*/
/*** This is the parent task entry ***/
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c
index efb031e7..63e2cdc2 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c
@@ -301,7 +301,7 @@ static struct {
"", NULL
} ;
-enum jobtype { FORGROUND, BACKGROUND } ;
+enum jobtype { FOREGROUND, BACKGROUND } ;
#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
@@ -326,7 +326,7 @@ static int getline(char * line, int sz, func_args *args, int*bf_flg)
(*bf_flg) = BACKGROUND ;
line[strlen(line)-2] = '\n' ;
} else {
- (*bf_flg) = FORGROUND ;
+ (*bf_flg) = FOREGROUND ;
}
args->argc = 0 ;
for(i=0; i<sz; i++) {
@@ -542,7 +542,7 @@ void shell_main(void) {
for(i=0; commandTable[i].func != NULL; i++) {
if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
args.argv[0] = (char *) commandTable[i].func ;
- if(bf_flg == FORGROUND) {
+ if(bf_flg == FOREGROUND) {
#ifdef HAVE_KEIL_RTX
wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c
index bf88ad07..08dcbdf8 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c
@@ -32,7 +32,7 @@
*----------------------------------------------------------------------------*/
#include "stm32f2xx.h"
-#define assert_param(a)
+#define assert_param(a) /* null expansion */
#define RTC_RSF_MASK ((uint32_t)0xFFFFFF5F)
#define SYNCHRO_TIMEOUT ((uint32_t) 0x00008000)
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h
index 6aecf095..c58b5fb6 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h
@@ -21,21 +21,20 @@
#define NO_MAIN_DRIVER
#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
#define SIZEOF_LONG_LONG 8
#define NO_WRITEV
#define NO_DEV_RANDOM
+#define WOLFSSL_IGNORE_FILE_WARN
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
+#define WOLFSSL_CURRTIME_OSTICK /* use OS tick for current_time */
#define WOLFSSL_GMTIME
-
#define NO_MULTIBYTE_PRINT
+
// <<< Use Configuration Wizard in Context Menu >>>
@@ -99,7 +98,7 @@
// <e>File System
-#define MDK_CONF_FILESYSTEM 1
+#define MDK_CONF_FILESYSTEM 0
#if MDK_CONF_FILESYSTEM == 0
#define NO_FILESYSTEM
#else
@@ -109,7 +108,9 @@
// </e>
// <o> Network<0=>None <1=>RLnet <2=>User I/O
+#ifndef MDK_CONF_NETWORK
#define MDK_CONF_NETWORK 1
+#endif
#if MDK_CONF_NETWORK == 0
#elif MDK_CONF_NETWORK == 1
#define WOLFSSL_KEIL_TCP_NET
@@ -150,7 +151,7 @@
// <h> wolfCrypt Configuration
-// <h>Hash/Crypt Algrithm
+// <h>Hash/Crypt Algorithm
// <e>MD2
#define MDK_CONF_MD2 0
@@ -201,7 +202,7 @@
#endif
// </e>
// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
+#define MDK_CONF_RIPEMD 0
#if MDK_CONF_RIPEMD == 1
#define WOLFSSL_RIPEMD
#endif
@@ -275,7 +276,7 @@
// </e>
// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
+#define MDK_CONF_CAMELLIA 0
#if MDK_CONF_CAMELLIA == 1
#define HAVE_CAMELLIA
#endif
@@ -287,8 +288,19 @@
#define NO_DH
#endif
// </e>
+
+// <e>RSA
+#define MDK_CONF_RSA 1
+#if MDK_CONF_RSA == 1
+/* #define RSA_LOW_MEM */
+#else
+#define NO_RSA
+#endif
+// </e>
+
+
// <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
#if MDK_CONF_DSA == 0
#define NO_DSA
#endif
@@ -297,7 +309,7 @@
// <e>SRP
#define MDK_CONF_SRP 1
#if MDK_CONF_SRP == 1
-#define HAVE_SRP
+#define WOLFCRYPT_HAVE_SRP
#endif
// </e>
@@ -412,7 +424,7 @@
// </e>
// </h>
-// <h>Cert/Key Strage
+// <h>Cert/Key Storage
// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
#define MDK_CONF_CERT_BUFF 0
#if MDK_CONF_CERT_BUFF== 1
@@ -432,25 +444,63 @@
#define MDK_CONF_KEY_GEN 0
#if MDK_CONF_KEY_GEN == 1
#define WOLFSSL_KEY_GEN
+#define WOLFSSL_OLD_PRIME_CHECK /* use older prime check (faster) */
#endif
// </e>
// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
+
+// <h>Math / Memory
+// <o> Math Library
+// <0=>SP Math All (sp_int.c)
+// <1=>Fast Math (tfm.c)
+// <2=>Heap Math (integer.c)
+// <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+// <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+ #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+ #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+ #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+ #define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
+ #define WOLFSSL_HAVE_SP_RSA
+ #define WOLFSSL_HAVE_SP_DH
+ #define WOLFSSL_HAVE_SP_ECC
+
+ //#define WOLFSSL_SP_NO_2048
+ //#define WOLFSSL_SP_NO_3072
+ #define WOLFSSL_SP_4096
+ //#define WOLFSSL_SP_NO_256
+ //#define WOLFSSL_SP_384
+ //#define WOLFSSL_SP_521
+
+ #define WOLFSSL_SP_SMALL /* use smaller version of code */
+ //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+ //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+ #if MDK_CONF_MATH == 4
+ /* SP Assembly Speedups - specific to chip type */
+ #define WOLFSSL_SP_ASM
+
+ //#define WOLFSSL_SP_ARM32_ASM
+ //#define WOLFSSL_SP_ARM64_ASM
+ //#define WOLFSSL_SP_ARM_THUMB_ASM
+ //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+ #endif
#endif
-// </e>
+
// <e>Small Stack
#define MDK_CONF_SmallStack 1
#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
+ #define NO_WOLFSSL_SMALL_STACK
+#else
+ #define WOLFSSL_SMALL_STACK
#endif
-// </e>
-
+// </e>
+// </h>
// </h>
-
/**** wolfSSL Configuration ****/
@@ -465,6 +515,7 @@
#define WC_RSA_PSS
#define HAVE_HKDF
#define HAVE_FFDHE_2048
+//#define HAVE_FFDHE_3072
#endif
// </e>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
index 673d4537..e6d314a7 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
@@ -1,4 +1,4 @@
-/* wolfssl_KEIL_ARM.h
+/* wolfssl_MDK_ARM.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -70,7 +70,7 @@ typedef int socklen_t ;
#define tcp_listen wolfssl_tcp_listen
#define connect(a,b,c) connect(a, (SOCKADDR *)(b), c)
#define SOCKADDR struct sockaddr
-
+
/** KEIL-RL TCPnet ****/
/* TCPnet BSD socket does not have following functions. */
extern char *inet_ntoa(struct in_addr in);
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx
index e598c556..2b06bcce 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx
@@ -233,7 +233,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx
index 095377e6..3ef1956d 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx
@@ -334,7 +334,7 @@
<v6Rtti>0</v6Rtti>
<VariousControls>
<MiscControls></MiscControls>
- <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS</Define>
+ <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS MDK_CONF_NETWORK=0</Define>
<Undefine></Undefine>
<IncludePath></IncludePath>
</VariousControls>
@@ -383,7 +383,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -791,7 +791,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index f206ad22..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define WOLFSSL_MDK5_COMPLv5
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS<4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet<9=>MQX
-// <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 0
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c
index 002677f6..1b055e7f 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c
@@ -37,11 +37,11 @@
#endif
/* Dummy definition for test RTC */
-#define RTC_YEAR 2019
+#define RTC_YEAR 2023
#define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY 1
#define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY 1
#if defined(STM32F7xx)
#include "stm32f7xx_hal.h"
@@ -72,22 +72,22 @@ extern uint32_t os_time;
uint32_t HAL_GetTick(void)
{
- #if defined(WOLFSSL_CMSIS_RTOS)
- return os_time;
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- return osKernelGetTickCount();
- #endif
+ #if defined(WOLFSSL_CMSIS_RTOS)
+ return os_time;
+ #elif defined(WOLFSSL_CMSIS_RTOSv2)
+ return osKernelGetTickCount();
+ #endif
}
double current_time(int reset)
{
if (reset)
return 0;
- #if defined(WOLFSSL_CMSIS_RTOS)
- return (double)os_time / 1000.0;
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- return (double)osKernelGetTickCount() / 1000.0;
- #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+ return (double)os_time / 1000.0;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ return (double)osKernelGetTickCount() / 1000.0;
+#endif
}
#else
@@ -96,28 +96,28 @@ double current_time(int reset)
#define DWT ((DWT_Type *) (0xE0001000UL) )
typedef struct
{
- uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
- uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
+ uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
+ uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
} DWT_Type;
-extern uint32_t SystemCoreClock ;
+extern uint32_t SystemCoreClock;
double current_time(int reset)
{
- if(reset) DWT->CYCCNT = 0 ;
- return ((double)DWT->CYCCNT/SystemCoreClock) ;
+ if (reset) DWT->CYCCNT = 0;
+ return ((double)DWT->CYCCNT/SystemCoreClock);
}
#endif
static time_t epochTime;
time_t time(time_t *t)
{
- return epochTime;
+ return epochTime;
}
void setTime(time_t t)
{
- epochTime = t;
+ epochTime = t;
}
/*-----------------------------------------------------------------------------
@@ -126,48 +126,51 @@ void setTime(time_t t)
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h" /* FileSystem definitions */
-static void init_filesystem (void) {
- int32_t retv;
+static void init_filesystem(void)
+{
+ int32_t retv;
- retv = finit ("M0:");
- if (retv == fsOK) {
- retv = fmount ("M0:");
+ retv = finit ("M0:");
if (retv == fsOK) {
- printf ("Drive M0 ready!\n");
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed(%d)!\n", retv);
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
/*-----------------------------------------------------------------------------
- * mian entry
+ * main entry
*----------------------------------------------------------------------------*/
-void benchmark_test(void *arg) ;
+void benchmark_test(void *arg);
int main()
{
- void * arg = NULL ;
-
- MPU_Config();
+ void * arg = NULL;
+
+ MPU_Config();
CPU_CACHE_Enable();
HAL_Init(); /* Initialize the HAL Library */
SystemClock_Config(); /* Configure the System Clock */
- #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
-
- setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+#endif
- printf("=== Start: Crypt Benchmark ===\n") ;
- benchmark_test(arg) ;
- printf("=== End: Crypt Benchmark ===\n") ;
+ setTime((RTC_YEAR-1970)*365*24*60*60 +
+ RTC_MONTH*30*24*60*60 +
+ RTC_DAY*24*60*60);
-}
+ printf("=== Start: Crypt Benchmark ===\n");
+ benchmark_test(arg);
+ printf("=== End: Crypt Benchmark ===\n");
+ return 0;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx
index e3db5d53..59202259 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx
@@ -298,7 +298,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx
index 8e4dcd59..6c1d17fe 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx
@@ -334,7 +334,7 @@
<v6Rtti>0</v6Rtti>
<VariousControls>
<MiscControls></MiscControls>
- <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS</Define>
+ <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS MDK_CONF_NETWORK=0</Define>
<Undefine></Undefine>
<IncludePath></IncludePath>
</VariousControls>
@@ -413,7 +413,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -760,14 +760,8 @@
<package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.4.1"/>
<targetInfos/>
</file>
- <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\config-Crypt.h">
- <instance index="0" removed="1">RTE\wolfSSL\config-Crypt.h</instance>
- <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="" condition="wolfCrypt-Core"/>
- <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.13.0"/>
- <targetInfos/>
- </file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index 80af5e2f..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet <9=>MQX
-// <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 0
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c
index 3222cc5d..6425e654 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c
@@ -34,9 +34,9 @@
#include "cmsis_os2.h"
#endif
/* Dummy definition for test RTC */
-#define RTC_YEAR 2019
+#define RTC_YEAR 2023
#define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY 1
#if defined(STM32F7xx)
#include "stm32f7xx_hal.h"
@@ -65,19 +65,19 @@ extern uint32_t os_time;
#endif
uint32_t HAL_GetTick(void) {
- #if defined(WOLFSSL_CMSIS_RTOS)
- return os_time;
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- return osKernelGetTickCount();
- #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+ return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ return osKernelGetTickCount();
+#endif
}
static time_t epochTime;
-time_t time(time_t *t){
- return epochTime ;
+time_t time(time_t *t) {
+ return epochTime;
}
-void setTime(time_t t){
+void setTime(time_t t) {
epochTime = t;
}
@@ -87,48 +87,52 @@ void setTime(time_t t){
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h" /* FileSystem definitions */
-static void init_filesystem (void) {
- int32_t retv;
+static void init_filesystem(void)
+{
+ int32_t retv;
- retv = finit ("M0:");
- if (retv == fsOK) {
- retv = fmount ("M0:");
+ retv = finit ("M0:");
if (retv == fsOK) {
- printf ("Drive M0 ready!\n");
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed(%d)!\n", retv);
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
/*-----------------------------------------------------------------------------
- * mian entry
+ * main entry
*----------------------------------------------------------------------------*/
-void wolfcrypt_test(void *arg) ;
+void wolfcrypt_test(void *arg);
int main()
{
- void * arg = NULL ;
+ void * arg = NULL;
- MPU_Config();
+ MPU_Config();
CPU_CACHE_Enable();
HAL_Init(); /* Initialize the HAL Library */
SystemClock_Config(); /* Configure the System Clock */
- #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
+#endif
- setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+ setTime((RTC_YEAR-1970)*365*24*60*60 +
+ RTC_MONTH*30*24*60*60 +
+ RTC_DAY*24*60*60);
- printf("=== Start: Crypt test === \n") ;
- wolfcrypt_test(arg) ;
- printf("=== End: Crypt test ===\n") ;
+ printf("=== Start: Crypt test === \n");
+ wolfcrypt_test(arg);
+ printf("=== End: Crypt test ===\n");
+ return 0;
}
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
index 0348f083..8a7d23a3 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
@@ -328,7 +328,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
index fdaf1715..735b3c8a 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
@@ -413,7 +413,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -880,7 +880,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index 4a714d7e..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,495 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet <9=>MQX
-// <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 14
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
index 63d87dc0..22f27cb1 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
@@ -26,7 +26,7 @@
#include "wolfssl/wolfcrypt/settings.h"
#include "cmsis_os.h" /* CMSIS RTOS definitions */
-#include "rl_net.h" /* Network definitions */
+#include "rl_net.h" /* Network definitions */
#include <time.h>
#if defined(STM32F7xx)
@@ -40,12 +40,9 @@
//-------- <<< Use Configuration Wizard in Context Menu >>> -----------------
// <h>RTC: for validate certificate date
-// <o>Year <1970-2099>
-#define RTC_YEAR 2018
-// <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR 2023
#define RTC_MONTH 1
-// <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY 1
// </h>
//------------- <<< end of configuration section >>> -----------------------
@@ -69,29 +66,30 @@ static void CPU_CACHE_Enable (void) {
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h" /* FileSystem definitions */
-static void init_filesystem (void) {
- int32_t retv;
+static void init_filesystem(void)
+{
+ int32_t retv;
- retv = finit ("M0:");
- if (retv == fsOK) {
- retv = fmount ("M0:");
+ retv = finit ("M0:");
if (retv == fsOK) {
- printf ("Drive M0 ready!\n");
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed(%d)!\n", retv);
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
void net_loop(void const *arg)
{
- while(1) {
+ while (1) {
net_main ();
osThreadYield ();
}
@@ -103,8 +101,8 @@ osThreadDef(net_loop, osPriorityLow, 2, 0);
extern uint32_t os_time;
static time_t epochTime;
-uint32_t HAL_GetTick(void) {
- return os_time;
+uint32_t HAL_GetTick(void) {
+ return os_time;
}
time_t time(time_t *t){
@@ -133,15 +131,15 @@ double current_time(int reset)
#define DWT ((DWT_Type *) (0xE0001000UL) )
typedef struct
{
- uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
- uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
+ uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
+ uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
} DWT_Type;
extern uint32_t SystemCoreClock ;
double current_time(int reset)
{
- if(reset) DWT->CYCCNT = 0 ;
+ if (reset) DWT->CYCCNT = 0 ;
return ((double)DWT->CYCCNT/SystemCoreClock) ;
}
#endif
@@ -160,20 +158,21 @@ extern void echoclient_test(func_args * args) ;
int myoptind = 0;
char* myoptarg = NULL;
-int main (void) {
+int main (void)
+{
static char *argv[] =
{ "client" } ;
static func_args args =
{ 1, argv } ;
- MPU_Config(); /* Configure the MPU */
- CPU_CACHE_Enable(); /* Enable the CPU Cache */
- HAL_Init(); /* Initialize the HAL Library */
- SystemClock_Config(); /* Configure the System Clock */
+ MPU_Config(); /* Configure the MPU */
+ CPU_CACHE_Enable(); /* Enable the CPU Cache */
+ HAL_Init(); /* Initialize the HAL Library */
+ SystemClock_Config(); /* Configure the System Clock */
- #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
+#endif
net_initialize ();
#if defined(DEBUG_WOLFSSL)
@@ -181,14 +180,15 @@ int main (void) {
wolfSSL_Debugging_ON() ;
#endif
- setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+ setTime((RTC_YEAR-1970)*365*24*60*60 +
+ RTC_MONTH*30*24*60*60 +
+ RTC_DAY*24*60*60);
osThreadCreate (osThread(net_loop), NULL);
echoclient_test(&args) ;
- while(1)
+ while (1) {
osDelay(1000);
-
+ }
}
-
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
index 78b69354..65e7c61c 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
@@ -279,7 +279,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
index 0650169d..9471fa6b 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
@@ -413,7 +413,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -886,7 +886,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index f4c47bf7..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet <9=>MQX
-// <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 14
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
index deb800f8..53a27bec 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
@@ -26,7 +26,7 @@
#include "wolfssl/wolfcrypt/settings.h"
#include "cmsis_os.h" /* CMSIS RTOS definitions */
-#include "rl_net.h" /* Network definitions */
+#include "rl_net.h" /* Network definitions */
#include <time.h>
#if defined(STM32F7xx)
@@ -58,12 +58,9 @@
// </h>
// <h>RTC: for validate certificate date
-// <o>Year <1970-2099>
-#define RTC_YEAR 2018
-// <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR 2023
#define RTC_MONTH 1
-// <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY 1
// </h>
//------------- <<< end of configuration section >>> -----------------------
@@ -88,22 +85,23 @@ static void CPU_CACHE_Enable (void) {
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h" /* FileSystem definitions */
-static void init_filesystem (void) {
- int32_t retv;
+static void init_filesystem(void)
+{
+ int32_t retv;
- retv = finit ("M0:");
- if (retv == fsOK) {
- retv = fmount ("M0:");
+ retv = finit ("M0:");
if (retv == fsOK) {
- printf ("Drive M0 ready!\n");
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed(%d)!\n", retv);
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
@@ -120,20 +118,20 @@ osThreadDef(net_loop, osPriorityLow, 2, 0);
#ifdef RTE_CMSIS_RTOS_RTX
extern uint32_t os_time;
-static time_t epochTime;
+static time_t epochTime;
-uint32_t HAL_GetTick(void) {
- return os_time;
+uint32_t HAL_GetTick(void) {
+ return os_time;
}
-time_t time(time_t *t){
- return epochTime ;
+time_t time(time_t *t) {
+ return epochTime;
}
-void setTime(time_t t){
+void setTime(time_t t) {
epochTime = t;
}
-#endif
+#endif /* RTE_CMSIS_RTOS_RTX */
#ifdef WOLFSSL_CURRTIME_OSTICK
@@ -143,28 +141,27 @@ extern uint32_t os_time;
double current_time(int reset)
{
- if(reset) os_time = 0 ;
- return (double)os_time /1000.0;
+ if (reset) os_time = 0;
+ return (double)os_time /1000.0;
}
#else
#include <stdint.h>
#define DWT ((DWT_Type *) (0xE0001000UL) )
-typedef struct
-{
- uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
- uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
+typedef struct {
+ uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
+ uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
} DWT_Type;
-extern uint32_t SystemCoreClock ;
+extern uint32_t SystemCoreClock;
double current_time(int reset)
{
- if(reset) DWT->CYCCNT = 0 ;
- return ((double)DWT->CYCCNT/SystemCoreClock) ;
+ if (reset) DWT->CYCCNT = 0;
+ return ((double)DWT->CYCCNT/SystemCoreClock);
}
-#endif
+#endif /* WOLFSSL_CURRTIME_OSTICK */
/*----------------------------------------------------------------------------
Main Thread 'main': Run Network
@@ -175,39 +172,42 @@ typedef struct func_args {
char** argv;
} func_args;
-extern void echoserver_test(func_args * args) ;
+extern void echoserver_test(func_args * args);
int myoptind = 0;
char* myoptarg = NULL;
-int main (void) {
+int main (void)
+{
static char *argv[] =
- { "server" } ;
- static func_args args = { 1, argv } ;
+ { "server" };
+ static func_args args = { 1, argv };
- MPU_Config(); /* Configure the MPU */
- CPU_CACHE_Enable(); /* Enable the CPU Cache */
- HAL_Init(); /* Initialize the HAL Library */
- SystemClock_Config(); /* Configure the System Clock */
+ MPU_Config(); /* Configure the MPU */
+ CPU_CACHE_Enable(); /* Enable the CPU Cache */
+ HAL_Init(); /* Initialize the HAL Library */
+ SystemClock_Config(); /* Configure the System Clock */
- #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
+#endif
net_initialize ();
- #if defined(DEBUG_WOLFSSL)
- printf("Turning ON Debug message\n") ;
- wolfSSL_Debugging_ON() ;
- #endif
+#if defined(DEBUG_WOLFSSL)
+ printf("Turning ON Debug message\n");
+ wolfSSL_Debugging_ON();
+#endif
- setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+ setTime((RTC_YEAR-1970)*365*24*60*60 +
+ RTC_MONTH*30*24*60*60 +
+ RTC_DAY*24*60*60);
osThreadCreate (osThread(net_loop), NULL);
- echoserver_test(&args) ;
- printf("echoserver: Terminated\n") ;
- while(1)
- osDelay(1000);
+ echoserver_test(&args);
+ printf("echoserver: Terminated\n");
+ while (1) {
+ osDelay(1000);
+ }
}
-
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index c14e4724..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet <9=>MQX
-// <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
index 38fdb540..47f64d8b 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
@@ -298,7 +298,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx
index 913abe82..7bf9356e 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx
@@ -413,7 +413,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -912,7 +912,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.15.7">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
index 43454585..04615470 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
@@ -68,12 +68,9 @@
// </h>
// <h>RTC: for validate certificate date
-// <o>Year <1970-2099>
-#define RTC_YEAR 2019
-// <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aug<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR 2023
#define RTC_MONTH 1
-// <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY 1
// </h>
//------------- <<< end of configuration section >>> -----------------------
@@ -96,19 +93,19 @@ extern uint32_t os_time;
#endif
uint32_t HAL_GetTick(void) {
- #if defined(WOLFSSL_CMSIS_RTOS)
- return os_time;
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- return osKernelGetTickCount();
- #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+ return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ return osKernelGetTickCount();
+#endif
}
static time_t epochTime;
-time_t time(time_t *t){
- return epochTime ;
+time_t time(time_t *t) {
+ return epochTime;
}
-void setTime(time_t t){
+void setTime(time_t t) {
epochTime = t;
}
@@ -129,22 +126,23 @@ double current_time(int reset)
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h" /* FileSystem definitions */
-static void init_filesystem (void) {
- int32_t retv;
+static void init_filesystem(void)
+{
+ int32_t retv;
- retv = finit ("M0:");
- if (retv == fsOK) {
- retv = fmount ("M0:");
+ retv = finit ("M0:");
if (retv == fsOK) {
- printf ("Drive M0 ready!\n");
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed(%d)!\n", retv);
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
@@ -156,9 +154,10 @@ void app_main(void *arg)
void app_main(void const*arg)
#endif
{
- if(netInitialize () == netOK)
- client_test(arg);
- else printf("ERROR: netInitialize\n");
+ if (netInitialize () == netOK)
+ client_test(arg);
+ else
+ printf("ERROR: netInitialize\n");
}
#if defined(WOLFSSL_CMSIS_RTOS)
@@ -178,48 +177,51 @@ typedef struct func_args {
int myoptind = 0;
char* myoptarg = NULL;
-int main (void) {
+int main (void)
+{
static char *argv[] =
{ "client", "-h", REMOTE_IP, "-p", REMOTE_PORT,
- "-v", " ", OTHER_OPTIONS } ;
+ "-v", " ", OTHER_OPTIONS };
static func_args args =
- { sizeof(argv)/sizeof(*argv[0]), argv } ;
+ { sizeof(argv)/sizeof(*argv[0]), argv };
char *verStr[] = { "SSL3", "TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"};
#define VERSIZE 2
static char ver[VERSIZE];
-
- MPU_Config(); /* Configure the MPU */
- CPU_CACHE_Enable(); /* Enable the CPU Cache */
- HAL_Init(); /* Initialize the HAL Library */
- SystemClock_Config(); /* Configure the System Clock */
- #if defined(WOLFSSL_CMSIS_RTOSv2)
+
+ MPU_Config(); /* Configure the MPU */
+ CPU_CACHE_Enable(); /* Enable the CPU Cache */
+ HAL_Init(); /* Initialize the HAL Library */
+ SystemClock_Config(); /* Configure the System Clock */
+#if defined(WOLFSSL_CMSIS_RTOSv2)
osKernelInitialize();
- #endif
-
- #if !defined(NO_FILESYSTEM)
+#endif
+
+#if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
+#endif
- #if defined(DEBUG_WOLFSSL)
- printf("Turning ON Debug message\n") ;
- wolfSSL_Debugging_ON() ;
- #endif
+#if defined(DEBUG_WOLFSSL)
+ printf("Turning ON Debug message\n");
+ wolfSSL_Debugging_ON();
+#endif
snprintf(ver, VERSIZE, "%d", TLS_VER);
argv[6] = ver;
- printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0]))) ;
- printf(" Remote IP: %s, Port: %s\n Version: %s\n", argv[2], argv[4], verStr[TLS_VER]) ;
- printf(" Other options: %s\n", OTHER_OPTIONS);
- setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
-
- #if defined(WOLFSSL_CMSIS_RTOS)
- osThreadCreate (osThread(app_main), (void *)&args);
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- osThreadNew(app_main, (void *)&args, NULL);
- #endif
- osKernelStart();
+ printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0])));
+ printf(" Remote IP: %s, Port: %s\n Version: %s\n",
+ argv[2], argv[4], verStr[TLS_VER]);
+ printf(" Other options: %s\n", OTHER_OPTIONS);
+ setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) +
+ RTC_MONTH*30*24*60*60 +
+ RTC_DAY*24*60*60);
+#if defined(WOLFSSL_CMSIS_RTOS)
+ osThreadCreate (osThread(app_main), (void *)&args);
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ osThreadNew(app_main, (void *)&args, NULL);
+#endif
+ osKernelStart();
}
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index c14e4724..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet <9=>MQX
-// <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
index 793053da..2f13b806 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
@@ -298,7 +298,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
index 33c84cb0..659c22d0 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
@@ -413,7 +413,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -912,7 +912,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.15.7">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
index 3f8c196c..973fdbbe 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
@@ -66,11 +66,9 @@
// <h>RTC: for validate certificate date
// <o>Year <1970-2099>
-#define RTC_YEAR 2019
-// <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR 2023
#define RTC_MONTH 1
-// <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY 1
// </h>
//------------- <<< end of configuration section >>> -----------------------
@@ -94,22 +92,23 @@ static void CPU_CACHE_Enable (void) {
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h" /* FileSystem definitions */
-static void init_filesystem (void) {
- int32_t retv;
+static void init_filesystem(void)
+{
+ int32_t retv;
- retv = finit ("M0:");
- if (retv == fsOK) {
- retv = fmount ("M0:");
+ retv = finit ("M0:");
if (retv == fsOK) {
- printf ("Drive M0 ready!\n");
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed(%d)!\n", retv);
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
@@ -121,20 +120,20 @@ extern uint32_t os_time;
uint32_t HAL_GetTick(void)
{
- #if defined(WOLFSSL_CMSIS_RTOS)
- return os_time;
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- return osKernelGetTickCount();
- #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+ return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ return osKernelGetTickCount();
+#endif
}
double current_time(int reset)
{
- #if defined(WOLFSSL_CMSIS_RTOS)
- return (double)os_time / 1000.0;
- #elif defined(WOLFSSL_CMSIS_RTOSv2)
- return (double)osKernelGetTickCount() / 1000.0;
- #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+ return (double)os_time / 1000.0;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+ return (double)osKernelGetTickCount() / 1000.0;
+#endif
}
#else
@@ -143,8 +142,8 @@ double current_time(int reset)
#define DWT ((DWT_Type *) (0xE0001000UL) )
typedef struct
{
- uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
- uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
+ uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */
+ uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */
} DWT_Type;
extern uint32_t SystemCoreClock;
@@ -203,22 +202,22 @@ int main(void)
{
static char *argv[] =
{ "server", "-p", SERVER_PORT,
- "-v", " ", OTHER_OPTIONS } ;
+ "-v", " ", OTHER_OPTIONS };
static func_args args =
- { sizeof(argv)/sizeof(*argv[0]), argv } ;
+ { sizeof(argv)/sizeof(*argv[0]), argv };
char *verStr[] = { "SSL3", "TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"};
#define VERSIZE 2
char ver[VERSIZE];
-
+
MPU_Config(); /* Configure the MPU */
CPU_CACHE_Enable(); /* Enable the CPU Cache */
HAL_Init(); /* Initialize the HAL Library */
SystemClock_Config(); /* Configure the System Clock */
- #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
+#endif
#if defined(WOLFSSL_CMSIS_RTOSv2)
osKernelInitialize();
@@ -232,10 +231,12 @@ int main(void)
snprintf(ver, VERSIZE, "%d", TLS_VER);
argv[4] = ver;
- printf("SSL/TLS Server\n ") ;
- printf(" Server Port: %s\n Version: %s\n", argv[2], verStr[TLS_VER]) ;
- printf(" Other options: %s\n", OTHER_OPTIONS);
- setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+ printf("SSL/TLS Server\n ");
+ printf(" Server Port: %s\n Version: %s\n", argv[2], verStr[TLS_VER]);
+ printf(" Other options: %s\n", OTHER_OPTIONS);
+ setTime((RTC_YEAR-1970)*365*24*60*60 +
+ RTC_MONTH*30*24*60*60 +
+ RTC_DAY*24*60*60);
#if defined(WOLFSSL_CMSIS_RTOS)
osThreadCreate(osThread(app_main), (void *)&args);
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c
index 43bd7298..9eab03cc 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c
@@ -51,22 +51,24 @@ void SystemClock_Config(void) {
*----------------------------------------------------------------------------*/
#if !defined(NO_FILESYSTEM)
#include "rl_fs.h"
-static void init_filesystem (void) {
- int32_t retv;
-
- retv = finit ("M0:");
- if (retv == 0) {
- retv = fmount ("M0:");
- if (retv == 0) {
- printf ("Drive M0 ready!\n");
+
+static void init_filesystem(void)
+{
+ int32_t retv;
+
+ retv = finit ("M0:");
+ if (retv == fsOK) {
+ retv = fmount ("M0:");
+ if (retv == fsOK) {
+ printf ("Drive M0 ready!\n");
+ }
+ else {
+ printf ("Drive M0 mount failed(%d)!\n", retv);
+ }
}
else {
- printf ("Drive M0 mount failed!\n");
+ printf ("Drive M0 initialization failed!\n");
}
- }
- else {
- printf ("Drive M0 initialization failed!\n");
- }
}
#endif
@@ -76,31 +78,31 @@ typedef struct func_args {
} func_args;
-extern void shell_main(func_args * args) ;
+extern void shell_main(func_args * args);
/*-----------------------------------------------------------------------------
- * mian entry
+ * main entry
*----------------------------------------------------------------------------*/
int myoptind = 0;
char* myoptarg = NULL;
int main()
{
- void *arg = NULL ;
+ void *arg = NULL;
- SystemClock_Config() ;
- #if !defined(NO_FILESYSTEM)
+ SystemClock_Config();
+ #if !defined(NO_FILESYSTEM)
init_filesystem ();
- #endif
+ #endif
- netInitialize() ;
- osDelay(300) ;
+ netInitialize();
+ osDelay(300);
- #if defined(DEBUG_WOLFSSL)
- printf("Turning ON Debug message\n") ;
- wolfSSL_Debugging_ON() ;
- #endif
+#if defined(DEBUG_WOLFSSL)
+ printf("Turning ON Debug message\n");
+ wolfSSL_Debugging_ON();
+#endif
- shell_main(arg) ;
+ shell_main(arg);
}
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c
index c3c449d5..3958f4a2 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c
@@ -308,7 +308,7 @@ static struct {
"", NULL
} ;
-enum jobtype { FORGROUND, BACKGROUND } ;
+enum jobtype { FOREGROUND, BACKGROUND } ;
#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
@@ -368,7 +368,7 @@ static int getline(char * line, int sz, func_args *args, int*bf_flg)
(*bf_flg) = BACKGROUND ;
line[strlen(line)-2] = '\n' ;
} else {
- (*bf_flg) = FORGROUND ;
+ (*bf_flg) = FOREGROUND ;
}
args->argc = 0 ;
for(i=0; i<sz; i++) {
@@ -531,7 +531,7 @@ static wolfSSL_Mutex command_mutex ;
#endif
void exit_command(void) {
- printf("Command Aborted\n") ;
+ printf("Command Aborted\n") ;
#ifdef WOLFSSL_CMSIS_RTOS
osThreadTerminate(osThreadGetId()) ;
#else
@@ -617,7 +617,7 @@ void shell_main(void *arg) {
func_args args ;
int bf_flg ;
#if defined(WOLFSSL_CMSIS_RTOS)
- osThreadId cmd ;
+ osThreadId cmd ;
#endif
i = BackGround ;
/* Dummy for avoiding warning: BackGround is defined but not used. */
@@ -633,7 +633,7 @@ void shell_main(void *arg) {
for(i=0; commandTable[i].func != NULL; i++) {
if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
args.argv[0] = (char *) commandTable[i].func ;
- if(bf_flg == FORGROUND) {
+ if(bf_flg == FOREGROUND) {
#if defined(HAVE_KEIL_RTX) && !defined(WOLFSSL_CMSIS_RTOS)
wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
@@ -641,14 +641,14 @@ void shell_main(void *arg) {
os_tsk_pass ();
#else
#if defined(WOLFSSL_CMSIS_RTOS)
- wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
- cmd = osThreadCreate (osThread (command_invoke) , &args);
- if(cmd == NULL) {
- printf("Cannon create command thread\n") ;
- }
- osThreadYield ();
+ wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
+ cmd = osThreadCreate (osThread (command_invoke) , &args);
+ if(cmd == NULL) {
+ printf("Cannon create command thread\n") ;
+ }
+ osThreadYield ();
#else
- command_invoke(&args) ;
+ command_invoke(&args) ;
#endif
#endif
#ifdef HAVE_KEIL_RTX
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx
index 91b3e7f9..d9d99e3f 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx
@@ -300,7 +300,7 @@
<Focus>0</Focus>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
@@ -308,7 +308,7 @@
</Group>
<Group>
- <GroupName>Dcumentation</GroupName>
+ <GroupName>Documentation</GroupName>
<tvExp>1</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<cbSel>0</cbSel>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx
index e3830325..4b04749c 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx
@@ -441,12 +441,12 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
<Group>
- <GroupName>Dcumentation</GroupName>
+ <GroupName>Documentation</GroupName>
<Files>
<File>
<FileName>Abstract.txt</FileName>
@@ -972,7 +972,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.9.0" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.0" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.9.0"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index c14e4724..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-// <h>Common options
-// <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if MDK_CONF_MPU == 0
-
-#elif MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-// <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-// <5=>PThread <6=>ThreadX
-// <7=>Micrium <8=>EBSnet <9=>MQX
-// <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-// <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-// <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-// </e>
-
-// <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-// <h>Debug options
-
-// <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-// </e>
-// <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-// </e>
-// <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-// </e>
-// <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-// </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-// <h>Hash/Crypt Algrithm
-
-// <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-// </e>
-// <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-// </e>
-// <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-// </e>
-// <e>SHA
-#define MDK_CONF_SHA 1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-// </e>
-// <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-// </e>
-// <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-// </e>
-// <e>SHA-512
-#define MDK_CONF_SHA512 1
-#if MDK_CONF_SHA512 == 1
-#define WOLFSSL_SHA512
-#endif
-// </e>
-// <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-// </e>
-// <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-// </e>
-// <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-// </e>
-// <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-// </e>
-// <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-// </e>
-
-// <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-// </e>
-// <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-// </e>
-
-// <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-// </e>
-
-// <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-// </e>
-
-// <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-// </e>
-
-// <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-// </e>
-
-// <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-// </e>
-
-// <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-// </e>
-
-// <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-// </e>
-// <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-// </e>
-
-// <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-// </e>
-
-// <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-// </e>
-
-// <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-// </e>
-
-// <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-// </e>
-// <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-// </e>
-// <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-// </e>
-// <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-// </e>
-// </h>
-
-// <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-// </e>
-
-// <h>Hardware Crypt (See document for usage)
-// <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-// </e>
-// </h>
-
-// <h>Cert/Key Strage
-// <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-// <h>Cert/Key Generation
-// <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-// </e>
-// <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-// </e>
-// </h>
-// <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-// </e>
-// <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-// </e>
-
-// </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-// <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-// </e>
-
-// <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-// </e>
-// <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-// </e>
-// <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-// </e>
-// <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-// </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx
index 1f0fdd69..d11940ef 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx
@@ -226,7 +226,7 @@
<tvExp>0</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<bDave2>0</bDave2>
- <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+ <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
<FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
<RteFlg>0</RteFlg>
<bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx
index 0d046e50..34f3cba6 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx
@@ -383,7 +383,7 @@
<File>
<FileName>user_settings.h</FileName>
<FileType>5</FileType>
- <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+ <FilePath>..\..\Conf\user_settings.h</FilePath>
</File>
</Files>
</Group>
@@ -832,7 +832,7 @@
<targetInfos/>
</file>
<file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.9.0">
- <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+ <instance index="0">..\..\Conf\user_settings.h</instance>
<component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
<package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
<targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md
new file mode 100644
index 00000000..f78365f7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md
@@ -0,0 +1,60 @@
+# ARM Keil MDK 5 wolfSSL Support
+
+wolfSSL has a Keil CMSIS pack available that is updated for each release.
+
+This CMSIS pack contains the wolfCrypt and wolfSSL (TLS) libraries including test, benchmark and example applications.
+
+## To install the wolfSSL pack
+
+1) Open the Keil "Pack Installer"
+2) Under Generic locate "wolfSSL::wolfSSL"
+3) Click "Install"
+
+## To add the pack to your project
+
+1) Project -> Manage -> "Runtime Environment"
+2) Expand "wolfSSL" and check the boxes for wolfCrypt CORE and wolfSSL CORE.
+3) If running the wolfCrypt test or any of the TLS examples check those as well.
+
+Note: By default the pack's user_settings.h assumes the CMSIS RTOS v2 and Keil TCP packs are also installed. See below for how to change these settings (`MDK_CONF_THREAD` and `MDK_CONF_NETWORK`).
+
+If the wolfSSL::wolfSSL pack isn't showing:
+1) Project -> Manage -> "Select Software Packs"
+2) Make sure wolfSSL:wolfSSL is selected to "latest"
+3) Hit "OK"
+
+## To configure wolfSSL
+
+1) Add a pre-processor macro `WOLFSSL_USER_SETTINGS`
+ - Project -> Options for Target... -> C/C++ -> Preprocessor Symbols -> Define.
+ - Add `WOLFSSL_USER_SETTINGS`
+2) Open the `user_settings.h` file. In wolfSSL -> user_settings.h
+3) Configure math library (`MDK_CONF_MATH`). Default 0=SP Math all (sp_int.c)
+4) Configure MPU (`MDK_CONF_MPU`): If not STM32, use 0 for none.
+5) Configure the RTOS (`MDK_CONF_THREAD`): By default 15 = "CMSIS RTOSv2". For bare-metal use 0. For FreeRTOS use 1.
+6) Configure the TCP stack (`MDK_CONF_NETWORK`). By default uses Keil TCP `WOLFSSL_KEIL_TCP_NET`. Use 0 for none or 2 for user io callbacks.
+6) For wolfCrypt only (no TLS) add `#define WOLFCRYPT_ONLY` (resolves GetCA errors)
+7) Increase stack/heap (if needed). This is typically in the startup.s, but for RTX is in the `RTX_Config.h`. For CMSIS RTOSv2 stack is set in `osThreadAttr_t` on call to `osThreadNew`.
+
+## Building
+
+If getting an error for an unknown type `inline`, change your project C standard to c99 in the C/C++ options. Alternatively,
+add `#define WC_INLINE __inline` to `user_settings.h` to stick to c89 or the default c90.
+
+If getting error for missing GetCA or GetCAByName then include `Src/ssl-dummy.c` or define `WOLFCRYPT_ONLY`.
+
+If getting an error with missing `current_time` then please implement a function to return elapsed seconds (used by benchmark) like this:
+
+```c
+extern uint32_t os_time;
+double current_time(int reset)
+{
+ if (reset) os_time = 0 ;
+ return (double)os_time /1000.0;
+}
+```
+
+
+## For Support
+
+For question email support@wolfssl.com
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
index fdd71c96..7cfd82ec 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
@@ -29,11 +29,11 @@
Signer* GetCA(void* vp, byte* hash)
{
- return NULL ;
+ return NULL;
}
Signer* GetCAByName(void* vp, byte* hash)
{
- return NULL ;
+ return NULL;
}
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am
new file mode 100644
index 00000000..ffd0d42e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am
@@ -0,0 +1,9 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/MDK5-ARM/README.md
+EXTRA_DIST+= IDE/MDK5-ARM/Conf/user_settings.h
+EXTRA_DIST+= IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
+EXTRA_DIST+= IDE/MDK5-ARM/Projects
+EXTRA_DIST+= IDE/MDK5-ARM/Src/ssl-dummy.c
diff --git a/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
index 40066d91..902050c2 100644
--- a/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
@@ -37,6 +37,10 @@ list( REMOVE_ITEM SSL_SOURCES ../../../src/conf.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/x509.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/x509_str.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/pk.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_asn1.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_bn.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_certman.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_crypto.c )
list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_misc.c )
aux_source_directory( ${CRYPTO_SRC_DIR} CRYPTO_SOURCES )
list( REMOVE_ITEM CRYPTO_SOURCES ../../../wolfcrypt/src/evp.c )
diff --git a/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h b/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h
index 8c6ac773..ceb70ec6 100644
--- a/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h
@@ -198,7 +198,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/QNX/README.md b/extra/wolfssl/wolfssl/IDE/QNX/README.md
index 4ff5c13c..fb79abf6 100644
--- a/extra/wolfssl/wolfssl/IDE/QNX/README.md
+++ b/extra/wolfssl/wolfssl/IDE/QNX/README.md
@@ -17,7 +17,7 @@ source ~/qnx700/qnxsdp-env.sh
make
```
-Once the wolfSSL library has been built cd to IDE/QNX/CAAM-DRIVER and run "make". This will produce the wolfCrypt resource manager. It should be started on the device with root permisions. Once wolfCrypt is running on the device with root permisions then any user with access to open a connection to /dev/wolfCrypt can make use of the driver.
+Once the wolfSSL library has been built cd to IDE/QNX/CAAM-DRIVER and run "make". This will produce the wolfCrypt resource manager. It should be started on the device with root permissions. Once wolfCrypt is running on the device with root permissions then any user with access to open a connection to /dev/wolfCrypt can make use of the driver.
### Momentics
To build in momentics IDE:
diff --git a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
index 26381848..2e1d7707 100644
--- a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
+++ b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
@@ -51,7 +51,7 @@ void memcpy32(uint32_t* src, uint32_t* dst_beg, uint32_t* dst_end)
void meminit32(uint32_t* start, uint32_t* end)
{
while (start < end) {
- *start++ = 0;
+ *start++ = 0;
}
}
diff --git a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
index c26107b5..93157db5 100644
--- a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
@@ -53,7 +53,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
- //#define WOLFSSL_SP_CACHE_RESISTANT
#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
/* SP Assembly Speedups */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt b/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
index 492d2c7f..6e2a3bcc 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
@@ -12,7 +12,7 @@ Setup process:
- Unzip wolfssl under the same directory
2. Set up wolfSSL
- - open wolfssl\IDE\Renesas\cs+\Projec/wolfssl\lib.mtpj with CS+ and build
+ - open wolfssl\IDE\Renesas\cs+\Projects\wolfssl\lib.mtpj with CS+ and build
- open t4_demo.mtpj and build. This create demo program library.
3. Set up AlphaProject
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md
index 2d685816..622457d4 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md
@@ -18,7 +18,7 @@
- Generate the changes by clicking on "Generate Project Content"
- Exclude src/wolfcrypt/port and all src/wolfcrypt/*.S and src/wolfcrypt/*.asm files from the build
- Exclude src/wolfcrypt/evp.c, src/wolfcrypt/misc.c and src/wolfssl/bio.c
-- Set the Preprocessor define in wolfssl proejct to have WOLFSSL_USER_SETTINGS. Right click on wolfssl project "Properties -> C/C++ Build -> GNU ARM Cross C Compiler -> Preprocessor" add WOLFSSL_USER_SETTINGS under "Defined symbols"
+- Set the Preprocessor define in wolfssl project to have WOLFSSL_USER_SETTINGS. Right click on wolfssl project "Properties -> C/C++ Build -> GNU ARM Cross C Compiler -> Preprocessor" add WOLFSSL_USER_SETTINGS under "Defined symbols"
- Set include to wolfssl directory. Right click on project "Properties -> C/C++Build -> GNU ARM Cross Compiler -> Includes". Add "${ProjDirPath}/../../../../.." and "${ProjDirPath}/../"
- Build wolfssl by right clicking on wolfssl project and selecting "Build Project"
@@ -29,7 +29,7 @@
- Copy in the .cproject, .project and source file from the template desired i.e. wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfcrypttest-template/
- Right click on the created project and select "Build Project"
-The example_server loops looking to accept connections and closes immediatly after a successful connection was made.
+The example_server loops looking to accept connections and closes immediately after a successful connection was made.
The benchmark example tries to do a TCP connection to SERVER_IP on port 11112 and a TLS connection to SERVER_IP on port 11111 then does wolfCrypt benchmark collection.
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c
index e0ba1bfd..b65ecacc 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c
@@ -41,10 +41,10 @@ extern void initialise_monitor_handles(void);
#define TLS_PORT 11111
#define TCP_PORT 11112
-static double miliseconds = 0;
+static double milliseconds = 0;
void timer_callback(timer_callback_args_t * args)
{
- miliseconds++;
+ milliseconds++;
(void)args;
}
@@ -127,7 +127,7 @@ static void benchmark_TLS(int version, char* suites, int group)
printf("Trying to connect to 0x%lX on port %d\n", TEST_IP, TEST_PORT);
- miliseconds = 0;
+ milliseconds = 0;
g_timer0.p_api->open(g_timer0.p_ctrl, g_timer0.p_cfg);
g_timer0.p_api->start(g_timer0.p_ctrl);
@@ -195,7 +195,7 @@ static void benchmark_TLS(int version, char* suites, int group)
g_timer0.p_api->close(g_timer0.p_ctrl);
printf("%d TLS connections took %f seconds and %f tx_time ticks\n",
- CONNECTION_TIMES, (miliseconds / 10), start);
+ CONNECTION_TIMES, (milliseconds / 10), start);
wolfSSL_CTX_free(ctx);
}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh
index f8b0e219..3c1f3003 100755
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh
@@ -29,6 +29,6 @@ openssl dgst -sha256 -sign $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -out $3.sign $3
echo verify by private key
openssl dgst -sha256 -prverify $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature $3.sign $3
-echo verifiy by public key
+echo verify by public key
openssl dgst -sha256 -verify $2 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature $3.sign $3
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md
index de391e29..a1cc8b9e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md
@@ -122,7 +122,7 @@ The following steps explain how to generate the missing files and where to place
+ Build wolfSSL_RA6M3.
5.) Copy files from `dummy_app` into each executable projects\
-+ Select and Copy the followng folder inside dummy_app\
++ Select and Copy the following folder inside dummy_app\
`script/`
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md
index 2f425aa0..0a68c656 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md
@@ -106,7 +106,7 @@ The following steps explain how to generate the missing files and where to place
6.) Copy files from `dummy_app` into `./IDE/Renesas/e2studio/RA6M3/common/ra6m3g/`
**NOTE:** This may need to be done outside of the e2studio environment (e.g. File Explorer).
-+ Select and Copy the followng folder inside dummy_app
++ Select and Copy the following folder inside dummy_app
`src/`
`script/`
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md
index 629d72cf..4ce63ab3 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md
@@ -102,7 +102,7 @@ The wolfssl Project Summary is listed below and is relevant for every project.
+ Enter `dummy_application` as the project name. Click Next.
+ Under `RA library project`, select `wolfSSL_RA6M4`.
+ Click Finish.
-+ Copy the followng folder and file at `dummy_application` to `test_RA6M4`\
++ Copy the following folder and file at `dummy_application` to `test_RA6M4`\
script/\
src/sce_tst_thread_entry.c
@@ -136,7 +136,7 @@ The wolfssl Project Summary is listed below and is relevant for every project.
you can specify "RTT control block" to 0x20020000 0x10000 by Search Range
## Run Client
-1.) Enable TLS_CLIENT definition in wolfssl_demo.h of test_RA6M4 projet
+1.) Enable TLS_CLIENT definition in wolfssl_demo.h of test_RA6M4 project
2.) Client IP address and Server IP address
@@ -233,7 +233,7 @@ You will see the following message on J-LinK RTT Viewer when using ECDSA sign an
### Run Multi Client Session example
-1.) Enable TLS_CLIENT and TLS_MULTITHREAD_TEST definition in wolfssl_demo.h of test_RA6M4 projet
+1.) Enable TLS_CLIENT and TLS_MULTITHREAD_TEST definition in wolfssl_demo.h of test_RA6M4 project
2.) Follow [Run Client](#run-client) instruction
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h
index 38345055..4263164e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h
@@ -18,6 +18,32 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ /* FSP SM stands for Flexible Software Package Security Module
+ * WOLFSSL_RENESAS_FSPSM enables fundamental code when it uses.
+ * e.g. Open/Close/Random generator
+ * WOLFSSL_RENESAS_FSPSPM_TLS enables TLS related code for FSP SM
+ * e.g. Certificate verification, Master Secret Generation
+ * WOLFSSL_RENESAS_SCEPROTECT enables specific code for SCE if needed
+ */
+ #define WOLFSSL_RENESAS_FSPSM
+ #define WOLFSSL_RENESAS_FSPSM_TLS
+#endif
+
+ /* XXX_CRYPTONLY definition enables FSP SM module for Crypto only use.
+ * Therefore, it disables TLS related API use
+ */
+/* #define WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+ #undef WOLFSSL_RENESAS_FSPSM_TLS
+ #define WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+
+ #if !defined(WOLFSSL_RENESAS_SCEPROTECT)
+ #define WOLFSSL_RENESAS_SCEPROTECT
+ #endif
+#endif
+
/* Operating Environment and Threading */
#define FREERTOS
#define FREERTOS_TCP
@@ -25,6 +51,7 @@
#define NO_MAIN_DRIVER
#define BENCH_EMBEDDED
#define NO_WRITEV
+#define WOLFSSL_NO_FLOAT_FMT
#define NO_DEV_RANDOM
#define SIZEOF_LONG_LONG 8
@@ -61,6 +88,9 @@
#define printf myprintf
#endif
+/* Enable the following definition to use TLS 1.3
+ * For TLS1.3 use "extended-master" needs to turn on
+ */
/* #define WOLFSSL_TLS13 */
#if defined(WOLFSSL_TLS13)
@@ -73,12 +103,16 @@
#endif
#define WOLF_CRYPTO_CB
-/* Enable SCEKEY_INSTALLED if keys are installed */
-#define SCEKEY_INSTALLED
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED)
+#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#define HAVE_RENESAS_SYNC
+ #define WC_USE_DEVID 7890
+ #define NO_AES_192
+ #define NO_SW_BENCH
#endif
#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#define WOLFSSL_KEY_GEN
#endif
+
+#define CUSTOM_RAND_GENERATE_BLOCK wc_fspsm_GenerateRandBlock
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
index beff9bf1..dd56fc1e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
@@ -36,7 +36,7 @@
#define DIRECT_KEY_ADDRESS_128 FLASH_HP_DF_BLOCK_2
/* Client connects to the server with these details. */
-#define SERVER_IP "192.168.11.49"
+#define SERVER_IP "192.168.11.4"
#define DEFAULT_PORT 11111
/* Enable wolfcrypt test */
@@ -45,7 +45,7 @@
/* Enable benchmark */
/* can be enabled with cyrpt test */
-/*#define BENCHMARK*/
+/* #define BENCHMARK */
/* Enable TLS client */
/* cannot enable with CRYPT_TEST or BENCHMARK */
@@ -82,7 +82,7 @@ typedef struct tagTestInfo
void sce_test();
void TCPInit();
void wolfSSL_TLS_client_init();
-void wolfSSL_TLS_client_do(void *pvParam);
+int wolfSSL_TLS_client_do(void *pvParam);
void wolfSSL_TLS_cleanup();
extern WOLFSSL_CTX *client_ctx;
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject
index 7d3b1437..61375953 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject
@@ -40,7 +40,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.178955027" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" useByScannerDiscovery="true" value="true" valueType="boolean"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1177346912" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" useByScannerDiscovery="false" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1658562819" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
- <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2007288726" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2007288726" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1355173081" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1436314985" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" useByScannerDiscovery="false" value="arm-none-eabi-" valueType="string"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1433936598" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" useByScannerDiscovery="false" value="gcc" valueType="string"/>
@@ -54,7 +54,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.471325724" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1503256330" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.811017489" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
- <builder buildPath="${workspace_loc:/test_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.608777168" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+ <builder buildPath="${workspace_loc:/test_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.608777168" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.2061639686" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1479290947" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" useByScannerDiscovery="false" value="true" valueType="boolean"/>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.732220121" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" useByScannerDiscovery="true" valueType="includePath">
@@ -94,7 +94,7 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/inc/api}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/inc/instances}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/rm_freertos_port}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/arm/CMSIS_5/CMSIS/Core/Include}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra_gen}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra_cfg/fsp_cfg/bsp}&quot;"/>
@@ -103,8 +103,8 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/inc/api}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/inc/instances}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1484044149" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
@@ -203,7 +203,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1063751013" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" useByScannerDiscovery="true" value="true" valueType="boolean"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1910016626" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.801840864" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
- <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2047222938" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2047222938" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.2111760464" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.245261797" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1373152617" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
@@ -217,7 +217,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1442836615" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1821706502" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.1380043931" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
- <builder buildPath="${workspace_loc:/test_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.874881970" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+ <builder buildPath="${workspace_loc:/test_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.874881970" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.655483094" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.513875977" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.671461231" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
@@ -331,4 +331,5 @@
</storageModule>
<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
<storageModule moduleId="refreshScope"/>
+ <storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
</cproject> \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
index 78d660a7..3ac56441 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
@@ -3,10 +3,10 @@
#include "r_sce.h"
-/** Firmware update data and user key datas */
+/** Firmware update data and user key data */
typedef struct user_key_block_data
{
- /* Provisioning key wapped by Renesas DLM */
+ /* Provisioning key wrapped by Renesas DLM */
uint8_t encrypted_provisioning_key[HW_SCE_AES_CBC_IV_BYTE_SIZE * 2];
/* Initial vector to be used when creating encrypted key */
uint8_t iv[HW_SCE_AES_CBC_IV_BYTE_SIZE];
@@ -17,4 +17,4 @@ typedef struct user_key_block_data
extern const unsigned char ca_cert_der_sign[];
extern const unsigned char ca_ecc_cert_der_sign[];
-#endif /* __KEY_DATA_H__ */ \ No newline at end of file
+#endif /* __KEY_DATA_H__ */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
index 45e9de19..41fb29c0 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
@@ -72,32 +72,32 @@ const st_user_key_block_data_t g_key_block_data =
* This is used for Root Certificate verify by SCE */
const unsigned char ca_cert_der_sign[] =
{
- 0x19, 0xB4, 0xD1, 0x53, 0xBB, 0x87, 0x0B, 0xD8, 0xD8, 0xFC,
- 0x22, 0x21, 0xA6, 0xC1, 0xE5, 0xB2, 0x7A, 0xEF, 0xAF, 0x89,
- 0x8B, 0x92, 0xC9, 0x4E, 0x59, 0xF0, 0x0B, 0xAB, 0x24, 0x84,
- 0x60, 0x2D, 0x81, 0x42, 0x4A, 0x05, 0x2F, 0x2D, 0xAB, 0x20,
- 0x3F, 0x8D, 0xCA, 0x9F, 0x37, 0x4B, 0xDF, 0xE3, 0x2A, 0xA3,
- 0x3F, 0x4E, 0x09, 0x20, 0x08, 0xD4, 0x46, 0xD9, 0xF0, 0xD8,
- 0xA7, 0x43, 0x60, 0xE2, 0x1D, 0xF7, 0x25, 0x64, 0x38, 0xD2,
- 0xB1, 0x4E, 0x1F, 0x84, 0xFC, 0xC5, 0x55, 0x2C, 0x1A, 0xA2,
- 0xCE, 0x99, 0xD0, 0x21, 0x93, 0xA5, 0xDB, 0x6F, 0x14, 0x2C,
- 0xDF, 0x9A, 0x01, 0x6A, 0x9A, 0xCC, 0xB0, 0x08, 0xD8, 0xCF,
- 0xA8, 0x94, 0x41, 0x23, 0xBB, 0xC2, 0xA3, 0x8B, 0x77, 0x35,
- 0x27, 0x0D, 0x94, 0x16, 0xF3, 0xCA, 0x16, 0xA2, 0x4C, 0x2F,
- 0xB0, 0x8D, 0xE6, 0x38, 0xCC, 0x9C, 0x34, 0xE8, 0xDC, 0xDC,
- 0x1C, 0x5C, 0x88, 0x52, 0x97, 0x47, 0xC6, 0xB6, 0x66, 0xCF,
- 0xCE, 0xBF, 0xF0, 0x24, 0x19, 0x0F, 0x07, 0xA5, 0xC4, 0xC6,
- 0x37, 0x0D, 0x2A, 0x11, 0x6A, 0x66, 0x64, 0x62, 0x0E, 0xE6,
- 0xCB, 0xAF, 0xFB, 0x2E, 0x8E, 0x37, 0x1E, 0x6D, 0xD1, 0xAD,
- 0xE4, 0x16, 0x06, 0xFB, 0x43, 0x2E, 0x4D, 0x64, 0x18, 0xB2,
- 0x4C, 0xE7, 0xD3, 0xE9, 0x9B, 0x95, 0x13, 0x7D, 0x7D, 0x93,
- 0xC2, 0x34, 0x43, 0x0C, 0xFF, 0x58, 0xD3, 0xA7, 0x21, 0x8E,
- 0x2B, 0xB3, 0x36, 0x90, 0xF1, 0x1E, 0x0E, 0x87, 0x41, 0x48,
- 0xC9, 0x69, 0x57, 0x89, 0xD0, 0xF7, 0x86, 0x47, 0x8F, 0xF5,
- 0xA8, 0x13, 0x24, 0x0A, 0x7E, 0xE3, 0xBB, 0x9F, 0xF1, 0xDF,
- 0x30, 0xE7, 0x88, 0x70, 0x8A, 0x46, 0xD9, 0x1A, 0x50, 0x42,
- 0x4F, 0xCF, 0xC3, 0xCB, 0xCF, 0xE4, 0xA7, 0xA3, 0x74, 0x0A,
- 0xDE, 0x14, 0xAF, 0xA5, 0x7F, 0xE2
+ 0x70, 0x4D, 0x6C, 0xCC, 0xAD, 0xD0, 0x74, 0x34, 0x10, 0xB3,
+ 0x1F, 0x26, 0x49, 0x31, 0xD0, 0xD5, 0x0B, 0x4F, 0x50, 0xD4,
+ 0x21, 0x7D, 0x3D, 0xE6, 0x9D, 0x5A, 0xF1, 0xE4, 0x48, 0xBD,
+ 0x6D, 0xB3, 0x58, 0xB4, 0x07, 0xF1, 0x06, 0xA7, 0x3D, 0xB7,
+ 0x24, 0x60, 0xBD, 0x72, 0xB2, 0x7B, 0xA8, 0x4F, 0xFC, 0x47,
+ 0x64, 0xF0, 0x04, 0xBE, 0xC7, 0xAE, 0xB6, 0x6F, 0xA5, 0xD6,
+ 0x65, 0xE9, 0xB5, 0x3D, 0x8A, 0xC8, 0x27, 0x9A, 0x3B, 0x4C,
+ 0x98, 0xB0, 0x5F, 0x1E, 0x54, 0xA5, 0xEF, 0xBC, 0x61, 0xA7,
+ 0x3F, 0xB7, 0x5D, 0x36, 0x5A, 0x27, 0x1C, 0x5A, 0xAF, 0x65,
+ 0x7A, 0x89, 0x4F, 0x00, 0xB1, 0x75, 0xA7, 0xA9, 0x5C, 0xE8,
+ 0xC8, 0x0E, 0x5C, 0x83, 0x12, 0x47, 0x11, 0xD1, 0xBD, 0xF4,
+ 0x10, 0x7D, 0x7B, 0xD6, 0x05, 0xF7, 0xBE, 0xD2, 0x70, 0x05,
+ 0x56, 0xD6, 0x84, 0x70, 0x11, 0x3D, 0x67, 0x93, 0x2E, 0xB0,
+ 0x93, 0xBA, 0x34, 0xD0, 0xDE, 0xB8, 0x16, 0x7B, 0x0D, 0x67,
+ 0x16, 0x92, 0x91, 0x79, 0xAC, 0x3C, 0xC9, 0x4D, 0x8A, 0xEE,
+ 0x31, 0xCC, 0xFC, 0xF7, 0x78, 0xB3, 0x1B, 0x0F, 0x54, 0xCE,
+ 0xF4, 0xBB, 0xE7, 0xF4, 0xAC, 0x80, 0xEF, 0xDD, 0xFF, 0x84,
+ 0x7A, 0x37, 0xED, 0xC4, 0x45, 0x3D, 0x7C, 0x19, 0x81, 0x95,
+ 0x2E, 0x71, 0xE7, 0x1B, 0x1C, 0x75, 0x67, 0xBC, 0x62, 0x0F,
+ 0xAA, 0x90, 0x41, 0x01, 0x53, 0xD0, 0x3A, 0x6E, 0xE9, 0xC9,
+ 0xAA, 0x2F, 0xD1, 0xD8, 0xB3, 0x3B, 0x80, 0xCA, 0xE5, 0xA1,
+ 0x1B, 0x7F, 0xCF, 0xF5, 0xBF, 0x2C, 0x2B, 0xBE, 0x1F, 0x77,
+ 0x89, 0x21, 0xD7, 0x76, 0x51, 0xA8, 0xD0, 0x31, 0xE1, 0x97,
+ 0xD1, 0x63, 0x84, 0xA2, 0xAA, 0x6E, 0x9A, 0x33, 0x43, 0x65,
+ 0x2A, 0x6B, 0x40, 0x03, 0x84, 0x6F, 0xC7, 0xB3, 0xE5, 0xD8,
+ 0x64, 0x30, 0x12, 0x2A, 0x45, 0x1D
};
const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign);
@@ -108,32 +108,32 @@ const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign);
*/
const unsigned char ca_ecc_cert_der_sign[] =
{
- 0x66, 0x96, 0xB4, 0x9F, 0x0B, 0x56, 0x60, 0x1F, 0x01, 0x7A,
- 0xDE, 0x65, 0xD6, 0x8C, 0x2A, 0xE2, 0x20, 0xA0, 0xE8, 0x19,
- 0x99, 0x70, 0x8B, 0x17, 0x1B, 0xDA, 0x8C, 0x3A, 0x87, 0x07,
- 0xE7, 0xF9, 0x1B, 0x7C, 0xC1, 0x32, 0x55, 0x38, 0x15, 0x9C,
- 0x7B, 0x89, 0xDA, 0x9D, 0x57, 0x80, 0x50, 0xCF, 0xA6, 0x4C,
- 0x51, 0x71, 0xBA, 0x52, 0xFA, 0x58, 0x4C, 0xE7, 0x33, 0x08,
- 0xB9, 0xE7, 0x5F, 0x7E, 0x8A, 0x1D, 0xCC, 0xA8, 0x4A, 0xA9,
- 0xAF, 0xE5, 0xA1, 0x87, 0x59, 0xD0, 0xF7, 0x23, 0xAE, 0xC5,
- 0x42, 0x99, 0xFA, 0x4A, 0xAB, 0xFA, 0x08, 0xF9, 0x7C, 0x8D,
- 0xD3, 0xB1, 0xF7, 0xD8, 0x01, 0x3C, 0x06, 0xD5, 0x2C, 0xBF,
- 0x18, 0xF1, 0x45, 0x47, 0x5D, 0xA4, 0x7F, 0x90, 0x4E, 0x0C,
- 0x86, 0x41, 0x5F, 0x26, 0x25, 0x8B, 0x8A, 0xD8, 0x3F, 0x4B,
- 0xAF, 0xD5, 0xBE, 0xD9, 0xC6, 0x46, 0x2A, 0x2B, 0xC3, 0x10,
- 0x93, 0xCB, 0x1E, 0xFB, 0x3D, 0x8A, 0x39, 0xB6, 0x03, 0x9D,
- 0xC2, 0x16, 0xA1, 0xB5, 0x9C, 0x0D, 0x05, 0x5E, 0x1B, 0x30,
- 0x9F, 0x53, 0xEE, 0xF2, 0x27, 0xE1, 0xE3, 0x2F, 0xD9, 0xEB,
- 0xF2, 0xFE, 0xD3, 0x6C, 0x71, 0xCE, 0x28, 0x56, 0x9F, 0x85,
- 0x34, 0xAD, 0x9D, 0x3D, 0x22, 0x3A, 0x33, 0x3B, 0x9F, 0x55,
- 0x4F, 0x10, 0xA9, 0xD2, 0xAB, 0xE0, 0x29, 0x7A, 0x09, 0xF3,
- 0x4E, 0xC1, 0x21, 0xA7, 0xF4, 0xE5, 0x34, 0x6D, 0x68, 0x36,
- 0xE9, 0x7B, 0xD4, 0x42, 0x0A, 0xBC, 0xC4, 0x1F, 0x6C, 0x58,
- 0xB6, 0x65, 0x3F, 0x9F, 0x92, 0x65, 0xF9, 0x83, 0x7A, 0x94,
- 0x66, 0x7C, 0xB2, 0x03, 0x16, 0x65, 0x9E, 0xBF, 0x8C, 0x77,
- 0xB8, 0xA4, 0x13, 0x8B, 0xD3, 0x82, 0x39, 0x94, 0xD1, 0x2A,
- 0xE3, 0x3E, 0x51, 0xEB, 0x56, 0xE2, 0x92, 0x5C, 0x6B, 0xD1,
- 0x30, 0xD1, 0x91, 0x77, 0x6E, 0x28
+ 0xB9, 0x59, 0x94, 0xE6, 0xD1, 0x5B, 0xFD, 0x59, 0xBB, 0x4F,
+ 0x14, 0x0B, 0x9E, 0x30, 0x61, 0xF9, 0xFA, 0x2C, 0xD8, 0xE2,
+ 0x7F, 0xD0, 0x1F, 0x47, 0xDE, 0x14, 0x8E, 0xD1, 0x78, 0x86,
+ 0xA4, 0x9B, 0xDC, 0x86, 0x64, 0x2A, 0xD9, 0xBC, 0xBE, 0x61,
+ 0x60, 0xB8, 0x1C, 0x46, 0xCE, 0x66, 0x97, 0xC0, 0x32, 0x04,
+ 0x38, 0x3B, 0xCB, 0xB7, 0x38, 0x89, 0x11, 0xCE, 0xBA, 0x64,
+ 0xE1, 0xDD, 0x4E, 0x3C, 0x6F, 0xA0, 0x48, 0xFA, 0x9F, 0x8F,
+ 0xEC, 0x6A, 0xCA, 0xAC, 0x29, 0x4B, 0xD9, 0xF7, 0xE3, 0x03,
+ 0xF7, 0xBA, 0xB8, 0xCC, 0x2C, 0xD1, 0xC8, 0x84, 0xFA, 0xF6,
+ 0xFA, 0xE4, 0x72, 0xAF, 0x8D, 0x07, 0xF0, 0x3D, 0xD7, 0x58,
+ 0x95, 0x08, 0x6F, 0xD5, 0x77, 0x1B, 0x92, 0x81, 0x99, 0x69,
+ 0x5C, 0x4D, 0x8F, 0x98, 0xC6, 0x09, 0xC1, 0xEB, 0xB5, 0x86,
+ 0x87, 0x47, 0xD7, 0x68, 0x73, 0xE8, 0x1D, 0x1B, 0xFE, 0xA5,
+ 0x9C, 0x7A, 0x4B, 0xAD, 0x1A, 0x54, 0x46, 0xA0, 0xC8, 0xF7,
+ 0x6C, 0xDD, 0xA6, 0xEF, 0x16, 0x21, 0x18, 0xCE, 0xF8, 0xDE,
+ 0x3D, 0xB4, 0x56, 0x0C, 0xBA, 0xB7, 0x95, 0xD1, 0x6D, 0x0D,
+ 0x49, 0xE7, 0x78, 0x64, 0x65, 0xC7, 0x24, 0x26, 0x81, 0xCD,
+ 0x56, 0xB7, 0xB2, 0x31, 0xF2, 0xD7, 0x64, 0x55, 0x89, 0xCC,
+ 0xDB, 0x69, 0x56, 0xED, 0x9B, 0x07, 0x9E, 0xD4, 0x07, 0x5E,
+ 0xAF, 0xF0, 0x98, 0x94, 0xD6, 0x87, 0x0C, 0x22, 0xE1, 0x3A,
+ 0x88, 0xE1, 0xC4, 0xBC, 0x51, 0x4B, 0x07, 0x4D, 0x2A, 0xCE,
+ 0xA8, 0xE8, 0x9F, 0xF7, 0xA2, 0x8A, 0xEA, 0x90, 0x32, 0x20,
+ 0xFC, 0xB6, 0x32, 0xE6, 0x8A, 0x47, 0x2B, 0xF4, 0xB4, 0x0F,
+ 0x96, 0x7A, 0xC9, 0x0B, 0xF6, 0xBF, 0x69, 0x51, 0x9B, 0x44,
+ 0xC2, 0xE2, 0xD6, 0x2D, 0xB1, 0x17, 0xAC, 0x7B, 0x32, 0xF2,
+ 0x0E, 0x7A, 0x28, 0x67, 0xAB, 0xA5
};
static const int sizeof_ca_ecc_cert_der_sign = sizeof(ca_ecc_cert_der_sign);
#endif /* USE_CERT_BUFFERS_256 */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
index 7d7f8ee3..e6dca444 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
@@ -27,12 +27,12 @@
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
#if defined(TLS_MULTITHREAD_TEST)
- User_SCEPKCbInfo guser_PKCbInfo_taskA;
- User_SCEPKCbInfo guser_PKCbInfo_taskB;
+ FSPSM_ST guser_PKCbInfo_taskA;
+ FSPSM_ST guser_PKCbInfo_taskB;
#else
- User_SCEPKCbInfo guser_PKCbInfo;
+ FSPSM_ST guser_PKCbInfo;
#endif
#endif
@@ -48,11 +48,6 @@ void abort(void);
#if defined(SCE_CRYPT_UNIT_TEST)
int sce_crypt_test();
- int sce_crypt_sha256_multitest();
- int sce_crypt_AesCbc_multitest();
- int sce_crypt_AesGcm_multitest();
- int sce_crypt_Sha_AesCbcGcm_multitest();
- void tskSha256_Test1(void *pvParam);
#endif
void R_BSP_WarmStart(bsp_warm_start_event_t event);
@@ -128,35 +123,53 @@ static void my_Logging_cb(const int logLevel, const char *const logMessage)
}
#endif
-void Clr_CallbackCtx(User_SCEPKCbInfo *g)
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+void Clr_CallbackCtx(FSPSM_ST *g);
+void SCE_KeyGeneration(FSPSM_ST *g);
+
+void SCE_KeyGeneration(FSPSM_ST *g)
{
- if (g->sce_wrapped_key_aes256 != NULL)
- XFREE(g->sce_wrapped_key_aes256,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ fsp_err_t err = FSP_SUCCESS;
+
+ if (g->wrapped_key_aes128 != NULL) {
+ err = R_SCE_AES128_WrappedKeyGenerate(g->wrapped_key_aes128);
+ if (err == FSP_SUCCESS)
+ g->keyflgs_crypt.bits.aes128_installedkey_set = 1;
+ }
+
+ if (g->wrapped_key_aes256 != NULL) {
+ err = R_SCE_AES256_WrappedKeyGenerate(g->wrapped_key_aes256);
+ if (err == FSP_SUCCESS)
+ g->keyflgs_crypt.bits.aes256_installedkey_set = 1;
+ }
+
+
+}
+
+void Clr_CallbackCtx(FSPSM_ST *g)
+{
+ (void) g;
- if (g->sce_wrapped_key_aes128 != NULL)
- XFREE(g->sce_wrapped_key_aes128,
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- if (g->sce_wrapped_key_rsapri2048 != NULL)
- XFREE(g->sce_wrapped_key_rsapri2048,
+ if (g->wrapped_key_rsapri2048 != NULL)
+ XFREE(g->wrapped_key_rsapri2048,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (g->sce_wrapped_key_rsapub2048 != NULL)
- XFREE(g->sce_wrapped_key_rsapub2048,
+ if (g->wrapped_key_rsapub2048 != NULL)
+ XFREE(g->wrapped_key_rsapub2048,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (g->sce_wrapped_key_rsapri1024 != NULL)
- XFREE(g->sce_wrapped_key_rsapri1024,
+ if (g->wrapped_key_rsapri1024 != NULL)
+ XFREE(g->wrapped_key_rsapri1024,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (g->sce_wrapped_key_rsapub2048 != NULL)
- XFREE(g->sce_wrapped_key_rsapub1024,
+ if (g->wrapped_key_rsapub2048 != NULL)
+ XFREE(g->wrapped_key_rsapub1024,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
- XMEMSET(g, 0, sizeof(User_SCEPKCbInfo));
+ XMEMSET(g, 0, sizeof(FSPSM_ST));
}
+#endif
void sce_test(void)
{
@@ -176,25 +189,6 @@ void sce_test(void)
sce_crypt_test();
printf(" \n");
- printf(" multi sha thread test\n");
-
- sce_crypt_sha256_multitest();
-
- printf(" \n");
- printf(" multi aes cbc thread test\n");
-
- sce_crypt_AesCbc_multitest();
-
- printf(" \n");
- printf(" multi aes gcm thread test\n");
-
- sce_crypt_AesGcm_multitest();
-
- printf(" \n");
- printf(" multi sha aescbc aesgcm thread test\n");
- sce_crypt_Sha_AesCbcGcm_multitest();
-
- printf(" \n");
printf("End wolf sce crypt Test\n");
if ((ret = wolfCrypt_Cleanup()) != 0) {
@@ -211,6 +205,26 @@ void sce_test(void)
printf("wolfCrypt_Init failed %d\n", ret);
}
+#if defined(HAVE_RENESAS_SYNC) && \
+ defined(HAVE_AES_CBC)
+
+ Clr_CallbackCtx(&guser_PKCbInfo);
+
+ #if defined(WOLFSSL_AES_128)
+ sce_aes_wrapped_key_t user_aes128_key_index;
+ guser_PKCbInfo.wrapped_key_aes128 = &user_aes128_key_index;
+ #endif
+
+ #if defined(WOLFSSL_AES_256)
+ sce_aes_wrapped_key_t user_aes256_key_index;
+ guser_PKCbInfo.wrapped_key_aes256 = &user_aes256_key_index;
+ #endif
+ /* Generate Wrapped aes key */
+ SCE_KeyGeneration(&guser_PKCbInfo);
+#endif
+
+
+
printf("Start wolfCrypt Test\n");
wolfcrypt_test(args);
printf("End wolfCrypt Test\n");
@@ -227,44 +241,29 @@ void sce_test(void)
#include "hal_data.h"
#include "r_sce.h"
- printf("Prepare Installed key\n");
-
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED)
-
- /* aes 256 */
- XMEMSET(&guser_PKCbInfo, 0, sizeof(guser_PKCbInfo));
- sce_aes_wrapped_key_t *p1 = NULL;
- sce_aes_wrapped_key_t *p2 = NULL;
+ int ret;
+ if ((ret = wolfCrypt_Init()) != 0) {
+ printf("wolfCrypt_Init failed %d\n", ret);
+ }
+
+#if defined(HAVE_RENESAS_SYNC) && \
+ defined(HAVE_AES_CBC)
- guser_PKCbInfo.sce_wrapped_key_aes256 =
- (sce_aes_wrapped_key_t*)XMALLOC(sizeof(sce_aes_wrapped_key_t),
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- p1 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.sce_wrapped_key_aes256;
+ Clr_CallbackCtx(&guser_PKCbInfo);
- guser_PKCbInfo.sce_wrapped_key_aes128 =
- (sce_aes_wrapped_key_t*)XMALLOC(sizeof(sce_aes_wrapped_key_t),
- NULL, DYNAMIC_TYPE_TMP_BUFFER);
- p2 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.sce_wrapped_key_aes128;
+ #if defined(WOLFSSL_AES_128)
+ sce_aes_wrapped_key_t user_aes128_key_index;
+ guser_PKCbInfo.wrapped_key_aes128 = &user_aes128_key_index;
+ #endif
- if ( p1 == NULL || p2 == NULL) {
- printf("failed to alloc memory!");
- }
- else {
- memcpy(p1->value,
- (uint32_t *)DIRECT_KEY_ADDRESS_256,
- HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4);
- p1->type = SCE_KEY_INDEX_TYPE_AES256;
- guser_PKCbInfo.keyflgs_crypt.bits.aes256_installedkey_set = 1;
-
- /* aes 128 */
- memcpy(p2->value,
- (uint32_t *)DIRECT_KEY_ADDRESS_128,
- HW_SCE_AES128_KEY_INDEX_WORD_SIZE*4);
-
- p2->type = SCE_KEY_INDEX_TYPE_AES128;
- guser_PKCbInfo.keyflgs_crypt.bits.aes128_installedkey_set = 1;
- }
+ #if defined(WOLFSSL_AES_256)
+ sce_aes_wrapped_key_t user_aes256_key_index;
+ guser_PKCbInfo.wrapped_key_aes256 = &user_aes256_key_index;
#endif
+ /* Generate Wrapped aes key */
+ SCE_KeyGeneration(&guser_PKCbInfo);
+#endif
+
printf("Start wolfCrypt Benchmark\n");
benchmark_test(NULL);
printf("End wolfCrypt Benchmark\n");
@@ -276,6 +275,16 @@ void sce_test(void)
#include "hal_data.h"
#include "r_sce.h"
+#if defined(WOLFSSL_TLS13)
+ /* TLS1.3 needs RSA_PSS enabled.
+ * SCE doesn't support RSA PSS Padding
+ */
+ const char* cipherlist[] = {
+ NULL
+ };
+ const int cipherlist_sz = 1;
+ TestInfo info[cipherlist_sz];
+#else
#if defined(USE_CERT_BUFFERS_256)
#if !defined(TLS_MULTITHREAD_TEST)
const char* cipherlist[] = {
@@ -317,6 +326,7 @@ void sce_test(void)
TestInfo info[cipherlist_sz];
#endif
#endif
+#endif
#ifdef TLS_MULTITHREAD_TEST
BaseType_t xReturned;
@@ -381,22 +391,26 @@ void sce_test(void)
#else
+ int TCP_connect_retry = 0;
wolfSSL_TLS_client_init();
do {
- info[i].port = DEFAULT_PORT;
- info[i].cipher = cipherlist[i];
- info[i].ctx = client_ctx;
- info[i].id = i;
+ info[i].port = DEFAULT_PORT;
+ info[i].cipher = cipherlist[i];
+ info[i].ctx = client_ctx;
+ info[i].id = i;
- memset(info[i].name, 0, sizeof(info[i].name));
- sprintf(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
-
- wolfSSL_TLS_client_do(&info[i]);
+ XMEMSET(info[i].name, 0, sizeof(info[i].name));
+ XSPRINTF(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
+ if(wolfSSL_TLS_client_do(&info[i]) == -116) {
+ TCP_connect_retry++;
+ continue;
+ }
+ TCP_connect_retry = 0;
i++;
- } while (i < cipherlist_sz);
+ } while (i < cipherlist_sz && TCP_connect_retry < 100);
#endif /* SCE_MULTITHREAD_TEST */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
index e7149d22..5a920a25 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
@@ -41,10 +41,14 @@ static const byte ucDNSServerAddress[4] = { 192, 168, 11, 1 };
#ifdef TLS_MULTITHREAD_TEST
xSemaphoreHandle exit_semaph;
- extern User_SCEPKCbInfo guser_PKCbInfo_taskA;
- extern User_SCEPKCbInfo guser_PKCbInfo_taskB;
+# ifdef WOLFSSL_RENESAS_SCEPROTECT
+ extern FSPSM_ST guser_PKCbInfo_taskA;
+ extern FSPSM_ST guser_PKCbInfo_taskB;
+# endif
#else
- extern User_SCEPKCbInfo guser_PKCbInfo;
+# ifdef WOLFSSL_RENESAS_SCEPROTECT
+ extern FSPSM_ST guser_PKCbInfo;
+# endif
#endif
int SEGGER_RTT_vprintf(unsigned BufferIndex, const char * sFormat, va_list * pParamList);
@@ -125,7 +129,7 @@ void wolfSSL_TLS_client_init()
#endif
}
-void wolfSSL_TLS_client_do(void *pvParam)
+int wolfSSL_TLS_client_do(void *pvParam)
{
int ret;
@@ -192,17 +196,17 @@ void wolfSSL_TLS_client_do(void *pvParam)
/* Set callback CTX */
#if !defined(TLS_MULTITHREAD_TEST)
- memset(&guser_PKCbInfo, 0, sizeof(User_SCEPKCbInfo));
+ XMEMSET(&guser_PKCbInfo, 0, sizeof(FSPSM_ST));
guser_PKCbInfo.devId = 0;
wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo);
#else
if (p->port - DEFAULT_PORT == 0) {
- memset(&guser_PKCbInfo_taskA, 0, sizeof(User_SCEPKCbInfo));
+ XMEMSET(&guser_PKCbInfo_taskA, 0, sizeof(FSPSM_ST));
wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskA);
}
else {
- memset(&guser_PKCbInfo_taskB, 0, sizeof(User_SCEPKCbInfo));
+ XMEMSET(&guser_PKCbInfo_taskB, 0, sizeof(FSPSM_ST));
wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskB);
}
#endif
@@ -257,7 +261,9 @@ void wolfSSL_TLS_client_do(void *pvParam)
wolfSSL_free(ssl);
ssl = NULL;
/* need to reset callback */
+#ifdef WOLFSSL_RENESAS_SCEPROTECT
wc_sce_set_callbacks(client_ctx);
+#endif
}
/* clean up socket */
if (xClientSocket) {
@@ -270,7 +276,7 @@ void wolfSSL_TLS_client_do(void *pvParam)
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
#endif
-
+ return ret;
}
void wolfSSL_TLS_cleanup()
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
index a785720f..f3cef8ff 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
@@ -25,14 +25,20 @@
#include <stdlib.h>
#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
+
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
#include "FreeRTOS.h"
+static const int devId = 7890;
+
#ifndef NO_SHA
int sha_test();
#endif
@@ -62,8 +68,14 @@ int sce_crypt_AesGcm_multitest();
int sce_crypt_Sha_AesCbcGcm_multitest();
int sce_crypt_sha_multitest();
int sce_crypt_test();
+int sce_crypt_sha256_multitest();
+void tskSha256_Test1(void *pvParam);
+
+void Clr_CallbackCtx(FSPSM_ST *g);
+void SCE_KeyGeneration(FSPSM_ST *g);
-extern User_SCEPKCbInfo guser_PKCbInfo;
+FSPSM_ST gCbInfo;
+FSPSM_ST gCbInfo_a; /* for multi testing */
#if defined(HAVE_AES_CBC)
@@ -80,7 +92,8 @@ extern User_SCEPKCbInfo guser_PKCbInfo;
#endif
#if !defined(NO_RSA)
- sce_rsa2048_wrapped_pair_key_t g_wrapped_pair_key;
+ sce_rsa1024_wrapped_pair_key_t g_wrapped_pair_1024key;
+ sce_rsa2048_wrapped_pair_key_t g_wrapped_pair_2048key;
#endif
typedef struct tagInfo
{
@@ -89,7 +102,7 @@ typedef struct tagInfo
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
-static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
+static int sce_aes_cbc_test(int prnt, FSPSM_AES_PWKEY aes_key)
{
Aes aes[1];
@@ -104,7 +117,6 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
- byte key[] = "0123456789abcdef "; /* align */
byte iv[] = "1234567890abcdef "; /* align */
XMEMSET(cipher, 0, AES_BLOCK_SIZE);
@@ -114,15 +126,12 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
printf(" sce_aes_cbc_test() ");
}
- ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+ ret = wc_AesInit(aes, NULL, devId);
if (ret == 0) {
- ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
- XMEMCPY(&aes->ctx.sce_wrapped_key, aes_key,
- sizeof(sce_aes_wrapped_key_t));
-
- aes->ctx.keySize = (word32)aes->keylen;
+ ret = wc_AesSetKey(aes, (byte*)aes_key,
+ AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
if (ret == 0) {
- ret = wc_sce_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
+ ret = wc_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
}
wc_AesFree(aes);
@@ -132,14 +141,12 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
ret = -1;
#ifdef HAVE_AES_DECRYPT
- ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+ ret = wc_AesInit(aes, NULL, devId);
if (ret == 0) {
- ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
- XMEMCPY(&aes->ctx.sce_wrapped_key, aes_key,
- sizeof(sce_aes_wrapped_key_t));
- aes->ctx.keySize = (word32)aes->keylen;
+ ret = wc_AesSetKey(aes, (byte*)aes_key,
+ AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
if (ret == 0)
- ret = wc_sce_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
+ ret = wc_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
wc_AesFree(aes);
}
@@ -179,7 +186,7 @@ static void tskAes128_Cbc_Test(void *pvParam)
#endif
#ifdef WOLFSSL_AES_256
-static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
+static int sce_aes256_test(int prnt, FSPSM_AES_PWKEY aes_key)
{
Aes enc[1];
byte cipher[AES_BLOCK_SIZE];
@@ -193,14 +200,6 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
};
-
-
- WOLFSSL_SMALL_STACK_STATIC byte key[] = {
- 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
- 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
- 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
- 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
- };
WOLFSSL_SMALL_STACK_STATIC byte iv[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
@@ -209,38 +208,32 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
if (prnt)
printf(" sce_aes256_test() ");
- if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
+ if (wc_AesInit(enc, NULL, devId) != 0) {
ret = -1;
goto out;
}
- if (wc_AesInit(dec, NULL, INVALID_DEVID) != 0){
+ if (wc_AesInit(dec, NULL, devId) != 0){
ret = -2;
goto out;
}
- ret = wc_AesSetKey(enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
+ ret = wc_AesSetKey(enc, (byte*)aes_key,
+ AES_BLOCK_SIZE*2, iv, AES_ENCRYPTION);
if (ret != 0){
ret = -3;
goto out;
- } else {
- XMEMCPY(&enc->ctx.sce_wrapped_key, aes_key,
- sizeof(sce_aes_wrapped_key_t));
- enc->ctx.keySize = (word32)enc->keylen;
}
- ret = wc_AesSetKey(dec, key, (int) sizeof(key), iv, AES_DECRYPTION);
+ ret = wc_AesSetKey(dec, (byte*)aes_key,
+ AES_BLOCK_SIZE*2, iv, AES_DECRYPTION);
if (ret != 0) {
ret = -4;
goto out;
- } else {
- XMEMCPY(&dec->ctx.sce_wrapped_key, aes_key,
- sizeof(sce_aes_wrapped_key_t));
- dec->ctx.keySize = (word32)dec->keylen;
}
XMEMSET(cipher, 0, AES_BLOCK_SIZE);
- ret = wc_sce_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+ ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
if (ret != 0) {
ret = -5;
@@ -248,7 +241,7 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
}
XMEMSET(plain, 0, AES_BLOCK_SIZE);
- ret = wc_sce_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+ ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
if (ret != 0){
ret = -6;
@@ -291,11 +284,11 @@ static void tskAes256_Cbc_Test(void *pvParam)
#endif /* WOLFSSL_AES_256 */
#if defined(WOLFSSL_AES_256)
-static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
+static int sce_aesgcm256_test(int prnt, FSPSM_AES_PWKEY aes256_key)
{
Aes enc[1];
Aes dec[1];
- User_SCEPKCbInfo userContext;
+ FSPSM_ST userContext;
/*
@@ -322,14 +315,6 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
0xab, 0xad, 0xda, 0xd2
};
- WOLFSSL_SMALL_STACK_STATIC const byte k1[] =
- {
- 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
- 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
- 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
- 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
- };
-
WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
{
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
@@ -369,39 +354,36 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
XMEMSET(resultT, 0, sizeof(resultT));
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
- XMEMSET(&userContext, 0, sizeof(User_SCEPKCbInfo));
+ XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
- if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
+ if (wc_AesInit(enc, NULL, devId) != 0) {
ret = -1;
goto out;
}
- if (wc_AesInit(dec, NULL, INVALID_DEVID) != 0) {
+ if (wc_AesInit(dec, NULL, devId) != 0) {
ret = -2;
goto out;
}
- result = wc_AesGcmSetKey(enc, k1, sizeof(k1));
+ result = wc_AesGcmSetKey(enc,
+ (byte*)aes256_key, AES_BLOCK_SIZE*2);
if (result != 0) {
ret = -3;
goto out;
- } else {
- userContext.sce_wrapped_key_aes256 = (void*)aes256_key;
- userContext.keyflgs_crypt.bits.aes256_installedkey_set = 1;
- enc->ctx.keySize = (word32)enc->keylen;
}
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
- result = wc_sce_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+ result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
(byte*)iv1, sizeof(iv1),
- resultT, sizeof(resultT),
- a, sizeof(a), &userContext);
+ resultT, sizeof(resultT), a, sizeof(a));
if (result != 0) {
ret = -4;
goto out;
}
- result = wc_AesGcmSetKey(dec, k1, sizeof(k1));
+ result = wc_AesGcmSetKey(dec,
+ (byte*)aes256_key, AES_BLOCK_SIZE*2);
if (result != 0) {
ret = -7;
goto out;
@@ -409,9 +391,9 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
dec->ctx.keySize = (word32)enc->keylen;
}
- result = wc_sce_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
+ result = wc_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
iv1, sizeof(iv1), resultT, sizeof(resultT),
- a, sizeof(a), &userContext);
+ a, sizeof(a));
if (result != 0){
ret = -8;
goto out;
@@ -425,20 +407,21 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
- wc_AesGcmSetKey(enc, k1, sizeof(k1));
+ wc_AesGcmSetKey(enc,
+ (byte*)aes256_key, AES_BLOCK_SIZE*2);
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
- result = wc_sce_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+ result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
(byte*)iv1, sizeof(iv1),
resultT + 1, sizeof(resultT) - 1,
- a, sizeof(a), &userContext);
+ a, sizeof(a));
if (result != 0) {
ret = -10;
goto out;
}
- result = wc_sce_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
+ result = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1,
- a, sizeof(a), &userContext);
+ a, sizeof(a));
if (result != 0) {
ret = -11;
@@ -483,11 +466,11 @@ static void tskAes256_Gcm_Test(void *pvParam)
#if defined(WOLFSSL_AES_128)
-static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
+static int sce_aesgcm128_test(int prnt, FSPSM_AES_PWKEY aes128_key)
{
Aes enc[1];
Aes dec[1];
- User_SCEPKCbInfo userContext;
+ FSPSM_ST userContext;
/*
* This is Test Case 16 from the document Galois/
@@ -520,12 +503,6 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
0x8e, 0x1a, 0xa2, 0x3b, 0x77, 0xcb, 0xaf, 0xe2
};
- WOLFSSL_SMALL_STACK_STATIC const byte k3[] =
- {
- 0xbb, 0x01, 0xd7, 0x03, 0x81, 0x1c, 0x10, 0x1a,
- 0x35, 0xe0, 0xff, 0xd2, 0x91, 0xba, 0xf2, 0x4b
- };
-
WOLFSSL_SMALL_STACK_STATIC const byte iv3[] =
{
0xca
@@ -564,26 +541,22 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
XMEMSET(resultT, 0, sizeof(resultT));
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
- XMEMSET(&userContext, 0, sizeof(User_SCEPKCbInfo));
+ XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
- if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
+ if (wc_AesInit(enc, NULL, devId) != 0) {
ret = -1;
goto out;
}
- if (wc_AesInit(dec, NULL, INVALID_DEVID) != 0) {
+ if (wc_AesInit(dec, NULL, devId) != 0) {
ret = -2;
goto out;
}
- wc_AesGcmSetKey(enc, k3, sizeof(k3));
+ wc_AesGcmSetKey(enc, (byte*)aes128_key, AES_BLOCK_SIZE);
if (result != 0) {
ret = -3;
goto out;
- } else {
- userContext.sce_wrapped_key_aes128 = aes128_key;
- userContext.keyflgs_crypt.bits.aes128_installedkey_set = 1;
- enc->ctx.keySize = (word32)enc->keylen;
}
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
result = wc_AesGcmEncrypt(enc, resultC, p3, sizeof(p3), iv3, sizeof(iv3),
@@ -665,7 +638,9 @@ static int sce_rsa_test(int prnt, int keySize)
in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out2 = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
+
+ (void) prnt;
+
if (key == NULL || in == NULL || out == NULL ||
in2 == NULL || out2 == NULL) {
ret = -1;
@@ -700,7 +675,7 @@ static int sce_rsa_test(int prnt, int keySize)
goto out;
}
- ret = wc_RsaPrivateDecrypt(out, keySize/8, out2, outSz, key);
+ ret = wc_RsaPrivateDecrypt(out, (word32)(keySize/8), out2, outSz, key);
if (ret < 0) {
ret = -1;
goto out;
@@ -779,20 +754,20 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
goto out;
}
- guser_PKCbInfo.keyflgs_crypt.bits.message_type = 0;
+ gCbInfo.keyflgs_crypt.bits.message_type = 0;
ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
if (ret < 0) {
goto out;
}
/* this should fail */
- ret = wc_RsaSSL_Verify(in2, inLen, out, keySize/8, key);
+ ret = wc_RsaSSL_Verify(in2, inLen, out, (word32)(keySize/8), key);
if (ret != FSP_ERR_CRYPTO_SCE_AUTHENTICATION) {
ret = -1;
goto out;
}
/* this should succeed */
- ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key);
+ ret = wc_RsaSSL_Verify(in, inLen, out, (word32)(keySize/8), key);
if (ret < 0) {
ret = -1;
goto out;
@@ -820,105 +795,121 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
int sce_crypt_test()
{
int ret = 0;
- fsp_err_t sce_error_code;
-
- /* Generate AES sce Key */
- sce_error_code = R_SCE_AES128_WrappedKeyGenerate(&g_user_aes128_key_index1);
-
- if (sce_error_code == FSP_SUCCESS)
- sce_error_code = R_SCE_AES128_WrappedKeyGenerate(
- &g_user_aes128_key_index2);
-
- if (sce_error_code == FSP_SUCCESS)
- sce_error_code = R_SCE_AES256_WrappedKeyGenerate(
- &g_user_aes256_key_index1);
-
- if (sce_error_code == FSP_SUCCESS)
- sce_error_code = R_SCE_AES256_WrappedKeyGenerate(
- &g_user_aes256_key_index2);
-
- if (sce_error_code == FSP_SUCCESS) {
- #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- /* set up Crypt Call back */
-
- Clr_CallbackCtx(&guser_PKCbInfo);
-
- ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &guser_PKCbInfo);
-
- if ( ret > 0)
- ret = 0;
-
- if (ret == 0) {
- printf(" sce_rsa_test(512)(this will be done"
- " by SW because SCE doesn't support 512 bits key size.)");
- ret = sce_rsa_test(1, 512);
- RESULT_STR(ret)
- }
-
- if (ret == 0) {
- printf(" sce_rsa_test(1024)");
- ret = sce_rsa_test(1, 1024);
- RESULT_STR(ret)
- }
-
- if (ret == 0) {
- printf(" sce_rsa_SignVerify_test(512)(this will be done"
- " by SW because SCE doesn't support 512 bits key size.)");
- ret = sce_rsa_SignVerify_test(1, 512);
- RESULT_STR(ret)
- }
-
- if (ret == 0) {
- printf(" sce_rsa_SignVerify_test(1024)");
- ret = sce_rsa_SignVerify_test(1, 1024);
- RESULT_STR(ret)
- }
-
- Clr_CallbackCtx(&guser_PKCbInfo);
-
- if (ret == 0) {
- printf(" sce_rsa_test(2048)");
- ret = sce_rsa_test(1, 2048);
- RESULT_STR(ret)
- }
+ fsp_err_t err;
+
+ Clr_CallbackCtx(&gCbInfo);
+ Clr_CallbackCtx(&gCbInfo_a);
+
+ /* sets wrapped aes key */
+ gCbInfo.wrapped_key_aes128 = &g_user_aes128_key_index1;
+ gCbInfo.wrapped_key_aes256 = &g_user_aes256_key_index1;
+ /* Aes Key Gen */
+ SCE_KeyGeneration(&gCbInfo);
+
+ /* Rsa Key Gen */
+ err = R_SCE_RSA1024_WrappedKeyPairGenerate(&g_wrapped_pair_1024key);
+ if (err == FSP_SUCCESS) {
+ /* sets wrapped rsa 1024 bits key */
+ gCbInfo.wrapped_key_rsapri1024 =
+ &g_wrapped_pair_1024key.priv_key;
+ gCbInfo.keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
+ gCbInfo.wrapped_key_rsapub1024 =
+ &g_wrapped_pair_1024key.pub_key;
+ gCbInfo.keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
+ }
+
+ err = R_SCE_RSA2048_WrappedKeyPairGenerate(&g_wrapped_pair_2048key);
+ if (err == FSP_SUCCESS) {
+ /* sets wrapped rsa 1024 bits key */
+ gCbInfo.wrapped_key_rsapri2048 =
+ &g_wrapped_pair_2048key.priv_key;
+ gCbInfo.keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
- if (ret == 0 && sce_error_code == FSP_SUCCESS) {
- printf(" sce_rsa_SignVerify_test(2048)");
- ret = sce_rsa_SignVerify_test(1, 2048);
- RESULT_STR(ret)
- }
+ gCbInfo.wrapped_key_rsapub2048 =
+ &g_wrapped_pair_2048key.pub_key;
+ gCbInfo.keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
+ }
+
+ /* Key generation for multi testing */
+ gCbInfo_a.wrapped_key_aes128 = &g_user_aes128_key_index2;
+ gCbInfo_a.wrapped_key_aes256 = &g_user_aes256_key_index2;
+ SCE_KeyGeneration(&gCbInfo_a);
+
+ ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &gCbInfo);
+ if ( ret > 0)
+ ret = 0;
- #endif /* WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+ if (ret == 0) {
+ printf(" sce_rsa_test(512)(this will be done"
+ " by SW because SCE doesn't support 512 bits key size.)");
+ ret = sce_rsa_test(1, 512);
+ RESULT_STR(ret)
+ }
- #ifndef NO_SHA256
- printf(" sha256_test()");
- ret = sha256_test();
+ if (ret == 0) {
+ printf(" sce_rsa_test(1024)");
+ ret = sce_rsa_test(1, 1024);
RESULT_STR(ret)
- #endif
-
- ret = sce_aes_cbc_test(1, &g_user_aes128_key_index1);
-
- if (ret == 0) {
-
- ret = sce_aes256_test(1, &g_user_aes256_key_index1);
-
- }
-
- if (ret == 0) {
-
- ret = sce_aesgcm128_test(1, &g_user_aes128_key_index1);
+ }
- }
+ if (ret == 0) {
+ printf(" sce_rsa_SignVerify_test(1024)");
+ ret = sce_rsa_SignVerify_test(1, 1024);
+ RESULT_STR(ret)
+ }
- if (ret == 0) {
+ if (ret == 0) {
+ printf(" sce_rsa_test(2048)");
+ ret = sce_rsa_test(1, 2048);
+ RESULT_STR(ret)
+ }
- ret = sce_aesgcm256_test(1, &g_user_aes256_key_index1);
+ if (ret == 0 && err == FSP_SUCCESS) {
+ printf(" sce_rsa_SignVerify_test(2048)");
+ ret = sce_rsa_SignVerify_test(1, 2048);
+ RESULT_STR(ret)
+ }
- }
+#ifndef NO_SHA256
+ printf(" sha256_test()");
+ ret = sha256_test();
+ RESULT_STR(ret)
+#endif
+ ret = sce_aes_cbc_test(1, &g_user_aes128_key_index1);
+ if (ret == 0) {
+ ret = sce_aes256_test(1, &g_user_aes256_key_index1);
}
- else
+ if (ret == 0) {
+ ret = sce_aesgcm128_test(1, &g_user_aes128_key_index1);
+ }
+
+ if (ret == 0) {
+ ret = sce_aesgcm256_test(1, &g_user_aes256_key_index1);
+ }
+ printf(" \n");
+ if (ret == 0) {
+ printf(" multi sha thread test\n");
+ ret = sce_crypt_sha256_multitest();
+ }
+ if (ret == 0) {
+ printf(" multi Aes cbc thread test\n");
+ ret = sce_crypt_AesCbc_multitest();
+ }
+ if (ret == 0) {
+ printf(" multi Aes Gcm thread test\n");
+ ret = sce_crypt_AesGcm_multitest();
+ }
+ if (ret == 0) {
+ printf(" multi sha aescbc aesgcm thread test\n");
+ sce_crypt_Sha_AesCbcGcm_multitest();
+ } else
ret = -1;
-
+
+ #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ Clr_CallbackCtx(&gCbInfo);
+ Clr_CallbackCtx(&gCbInfo_a);
+ #endif
+
return ret;
}
@@ -1282,4 +1273,4 @@ int sce_crypt_Sha_AesCbcGcm_multitest()
return ret;
}
-
+#endif /* WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject
index b3a924d7..7684a0b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject
@@ -41,7 +41,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
- <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
@@ -59,7 +59,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.1766975825" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
- <builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.1696106404" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+ <builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.1696106404" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.535305377" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1562659327" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.1992643773" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
@@ -79,9 +79,12 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.1008320129" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
+ <listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
</option>
<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1332222526" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
</tool>
@@ -106,12 +109,15 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1740279599" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
<listOptionValue builtIn="false" value="WOLFSSL_RENESAS_SCEPROTECT"/>
<listOptionValue builtIn="false" value="WOLFSSL_RENESAS_RA6M4"/>
<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+ <listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
</option>
<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.214105753" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
</tool>
@@ -150,6 +156,118 @@
</tool>
</toolChain>
</folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.970500279./ra/aws" name="aws" resourcePath="ra/aws">
+ <toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug.827691749" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128.963893755" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439.1300019050" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762.1049315935" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244.1792288537" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621.1072340684" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390.1010011465" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485.1046763668" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464.1310826281" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892.1394919523" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144.67567238" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021.125452987" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447.1653564956" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736.2053040899" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307.813039065" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481.1387519068" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723.893277149" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412.555186237" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520.1945200360" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511.1703768677" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124.197234562" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979.1751546408" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432.1991270158" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695.719307047" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460.1169433219" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647.2093884662" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371.1577959933" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641.1721635114" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279.1428642988" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268.631620494" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079.1096975863" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274.1871655356" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282.933260083" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820.1804664248" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144.95499414" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201.1558650433" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1222251697" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.535305377">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1481001786" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1931598028" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.758673917">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.1422328670" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1753815936" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1168221869" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.764823506">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.185972096" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.661870747" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.63989951"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1238967318" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1469493512"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.802330776" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1022207837"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1995111374" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.513431201"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1225972140" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1729201850"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.988286685" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.861824755"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.970500279./ra/arm" name="arm" resourcePath="ra/arm">
+ <toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug.1961970861" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128.1784028466" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439.552149060" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762.527760084" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244.1584057880" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621.459487214" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390.1635334426" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485.506317384" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464.1815414837" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892.921072498" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144.1748584034" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021.2011576019" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447.651711661" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736.1720682181" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307.100903295" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481.1972412035" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723.1591250370" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412.555537596" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520.1215597853" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511.2071354040" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124.1085865173" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979.1585656039" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432.531079102" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695.588445570" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460.1199654979" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647.418447522" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371.1030070055" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641.677551627" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279.135906683" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268.422266922" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079.1167028401" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274.1791455519" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282.852157450" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820.826307741" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144.1931877484" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201.1005849177" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1182488861" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.535305377">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.2021758024" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.595320972" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.758673917">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.1627761083" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.800601953" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.941895012" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.764823506">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.1064863388" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1765163843" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.63989951"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.2034616674" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1469493512"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1398750420" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1022207837"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.769774611" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.513431201"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.313835290" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1729201850"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.327753338" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.861824755"/>
+ </toolChain>
+ </folderInfo>
<sourceEntries>
<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra"/>
<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra_gen"/>
@@ -203,7 +321,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
- <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
@@ -221,7 +339,7 @@
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.1913516426" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
- <builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.238824769" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+ <builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.238824769" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1458313447" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1575652994" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.817572458" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
@@ -241,9 +359,12 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.98883299" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
+ <listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
</option>
<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1801561027" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
</tool>
@@ -266,9 +387,12 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1403729518" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
+ <listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
</option>
<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1088287076" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
</tool>
@@ -307,6 +431,118 @@
</tool>
</toolChain>
</folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1000694995./ra/aws" name="aws" resourcePath="ra/aws">
+ <toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release.224277999" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358.703009647" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176.1887917140" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435.572039712" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612.2014656655" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279.594549429" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009.433402377" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675.1126256021" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689.1625640463" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670.1331163776" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893.2118191219" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540.1939758516" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858.1340211341" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791.911541120" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159.235695086" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942.731807780" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722.1767414418" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789.1685325907" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081.239604783" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978.1385090432" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067.286457188" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705.532517118" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951.351754040" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758.775859450" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446.359225839" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434.1746846715" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809.1402760461" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803.1313431310" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906.1684075407" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889.1419647951" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942.1215591101" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392.130009923" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522.48101656" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685.1984020077" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944.666890066" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035.1086817508" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.2144269885" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1458313447">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1505998767" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1736995384" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1294119565">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.523665461" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1981400490" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.646612385" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1823072247">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.758030296" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.892008103" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1837136696"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1278013907" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.957163491"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.148395907" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.380386144"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1357669427" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.849256967"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1001241802" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.446753671"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.988227579" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.799087256"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1000694995./ra/arm" name="arm" resourcePath="ra/arm">
+ <toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release.294206647" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358.1488735191" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176.1387526888" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435.1027662579" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612.907141840" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279.704079662" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009.102265769" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675.729992978" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689.1603109888" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670.1576279696" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893.550346303" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540.1313634431" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858.1763550668" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791.1838682127" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159.2001305442" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942.1582345443" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722.840001711" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789.294802158" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081.1396608979" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978.1008218488" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067.1979249921" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705.1143451431" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951.1300417668" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758.1008969964" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446.1785165800" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434.775729444" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809.1242426387" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803.1221664270" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906.640202776" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889.1767833264" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942.763248899" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392.1440177228" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522.1854098750" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685.2007396743" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944.1259018734" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035.406452768" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1121767234" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1458313447">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.622325430" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.58324685" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1294119565">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.630203819" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.510266600" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.858643922" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1823072247">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.132948817" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+ </tool>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1804604482" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1837136696"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.874826291" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.957163491"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.920778807" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.380386144"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1901415441" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.849256967"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.182150012" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.446753671"/>
+ <tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.1706961930" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.799087256"/>
+ </toolChain>
+ </folderInfo>
<sourceEntries>
<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra"/>
<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra_gen"/>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project
index 5c202482..3e3a73d2 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project
@@ -397,24 +397,24 @@
<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_common.c</locationURI>
</link>
<link>
- <name>wolfCrypt/port/renesas_sce_aes.c</name>
+ <name>wolfCrypt/port/renesas_fspsm_aes.c</name>
<type>1</type>
- <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_aes.c</locationURI>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c</locationURI>
</link>
<link>
- <name>wolfCrypt/port/renesas_sce_rsa.c</name>
+ <name>wolfCrypt/port/renesas_fspsm_rsa.c</name>
<type>1</type>
- <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c</locationURI>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c</locationURI>
</link>
<link>
- <name>wolfCrypt/port/renesas_sce_sha.c</name>
+ <name>wolfCrypt/port/renesas_fspsm_sha.c</name>
<type>1</type>
- <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_sha.c</locationURI>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c</locationURI>
</link>
<link>
- <name>wolfCrypt/port/renesas_sce_util.c</name>
+ <name>wolfCrypt/port/renesas_fspsm_util.c</name>
<type>1</type>
- <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_util.c</locationURI>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c</locationURI>
</link>
</linkedResources>
</projectDescription>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h
index 0c78c518..fa80de84 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h
@@ -150,7 +150,7 @@
* -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
*
* Note. In your actual products, do not forget to comment-out
- * "NO_ASN_TIME" macro. And prepare time function to get calender time,
+ * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
* otherwise, certificate expiration validation will not work.
*/
/*#define NO_ASN_TIME*/
@@ -220,13 +220,28 @@
#if defined(WOLFSSL_RENESAS_TSIP)
+ /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
+ /* Enable TSIP TLS (default)
+ * TSIP CRYPTONLY is also enabled.
+ * Disable TSIP TLS
+ * TSIP CRYPTONLY is only enabled.
+ */
+ #define WOLFSSL_RENESAS_TSIP_TLS
+
#if !defined(NO_RENESAS_TSIP_CRYPT)
- #define WOLFSSL_RENESAS_TSIP_CRYPT
- #define WOLFSSL_RENESAS_TSIP_TLS
- #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #define WOLFSSL_RENESAS_TSIP_CRYPTONLY
#define HAVE_PK_CALLBACKS
#define WOLF_CRYPTO_CB
- #define WOLF_PRIVATE_KEY_ID
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #define WOLF_PRIVATE_KEY_ID
+ #endif
+ #endif
+
+ #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ # undef WOLFSSL_RENESAS_TSIP_TLS
+ # undef WOLFSSL_RENESAS_TSIP_CRYPT
#endif
#else
@@ -244,3 +259,8 @@
#define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
+
+#if !defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #define min(x,y) ((x)<(y)?(x):(y))
+#endif
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c
index 84501e84..251d6481 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c
@@ -21,7 +21,7 @@
#include <wolfssl/wolfcrypt/wc_port.h>
-#define YEAR 2022
+#define YEAR 2023
#define MON 6
static int tick = 0;
@@ -40,3 +40,12 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz)
return 1;
return 0;
}
+
+#if !defined(WOLFSSL_RENESAS_TSIP)
+/* dummy return true when char is alphanumeric character */
+int isascii(const char *s)
+{
+ return isalnum(s);
+}
+#endif
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c
index a6317176..76cfb41a 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c
@@ -136,13 +136,13 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
if ((client_ctx = wolfSSL_CTX_new_ex(wolfSSLv23_client_method_ex(heapHint),
heapHint)) == NULL) {
- printf("ERROR: faild to create WOLFSSL_CTX\n");
+ printf("ERROR: failed to create WOLFSSL_CTX\n");
return;
}
if ((wolfSSL_CTX_load_static_memory(&client_ctx, NULL, heapBufIO,
sizeof(heapBufIO), WOLFMEM_IO_POOL, 10)) != WOLFSSL_SUCCESS) {
- printf("ERROR: faild to set static memory for IO\n");
+ printf("ERROR: failed to set static memory for IO\n");
return;
}
@@ -285,18 +285,18 @@ void wolfSSL_TLS_client( )
#ifdef WOLFSSL_RENESAS_TSIP_TLS
/* TSIP specific ECC private key */
- if (tsip_use_PrivateKey_buffer(ssl,
+ if (tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_private_key,
sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
TSIP_ECCP256) != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer\n");
+ printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
goto out;
}
#else
/* DER format ECC private key */
- if (wolfSSL_use_PrivateKey_buffer(ssl,
+ if (wolfSSL_use_PrivateKey_buffer(ssl,
ecc_clikey_der_256,
sizeof_ecc_clikey_der_256,
WOLFSSL_FILETYPE_ASN1) != SSL_SUCCESS) {
@@ -314,20 +314,20 @@ void wolfSSL_TLS_client( )
/* Note: TSIP asks client key pair for client authentication. */
/* TSIP specific RSA private key */
- if (tsip_use_PrivateKey_buffer(ssl,
+ if (tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
TSIP_RSA2048) != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer\n");
+ printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
goto out;
}
/* TSIP specific RSA public key */
- if (tsip_use_PublicKey_buffer(ssl,
+ if (tsip_use_PublicKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
TSIP_RSA2048) != 0) {
- printf("ERROR tsip_use_PublicKey_buffer\n");
+ printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
goto out;
}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project
index 9642014f..e5977870 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project
@@ -80,6 +80,11 @@
<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
</link>
<link>
+ <name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+ </link>
+ <link>
<name>wolfcrypt/port/renesas_tsip_sha.c</name>
<type>1</type>
<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc
index 6c0ad04d..23d781bd 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc
@@ -22,6 +22,7 @@
<Category Name="port">
<Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_common.c</Path>
<Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_aes.c</Path>
+ <Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_rsa.c</Path>
<Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_sha.c</Path>
<Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_util.c</Path>
</Category>
@@ -143,6 +144,7 @@
<Path>Debug\wolfio.obj</Path>
<Path>Debug\renesas_common.obj</Path>
<Path>Debug\renesas_tsip_aes.obj</Path>
+ <Path>Debug\renesas_tsip_rsa.obj</Path>
<Path>Debug\renesas_tsip_sha.obj</Path>
<Path>Debug\renesas_tsip_util.obj</Path>
<Path>Debug\aes.obj</Path>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi
index 0b7370d5..1008cf2e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi
@@ -8,18 +8,24 @@
<sections name="R_2"/>
<sections name="R"/>
<sections name="RPFRAM2"/>
+ <sections name="B_ETHERNET_BUFFERS_1">
+ <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="65536"/>
+ </sections>
+ <sections name="B_RX_DESC_1"/>
+ <sections name="B_TX_DESC_1"/>
+ <sections name="C_FIRMWARE_UPDATE_CONTROL_BLOCK">
+ <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="1048576"/>
+ </sections>
+ <sections name="C_FIRMWARE_UPDATE_CONTROL_BLOCK_MIRROR"/>
<sections name="C_PKCS11_STORAGE*">
<sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="1050624"/>
</sections>
<sections name="C_SYSTEM_CONFIG*">
<sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="1067008"/>
</sections>
- <sections name="B_ETHERNET_BUFFERS_1">
+ <sections name="B">
<sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="8388608"/>
</sections>
- <sections name="B_RX_DESC_1"/>
- <sections name="B_TX_DESC_1"/>
- <sections name="B"/>
<sections name="B_1"/>
<sections name="B_2"/>
<sections name="C_1">
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project
index 9642014f..e5977870 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project
@@ -80,6 +80,11 @@
<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
</link>
<link>
+ <name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+ </link>
+ <link>
<name>wolfcrypt/port/renesas_tsip_sha.c</name>
<type>1</type>
<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c
index b53c8763..b43216c1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c
@@ -267,6 +267,4 @@ const unsigned char client_cert_der_sign[] =
};
const int sizeof_client_cert_der_sign = sizeof(client_cert_der_sign);
-uint32_t s_inst1[R_TSIP_SINST_WORD_SIZE] = { 0 };
-uint32_t s_inst2[R_TSIP_SINST2_WORD_SIZE]= { 0 };
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h
index 9aeb3e4e..f856d4e5 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h
@@ -149,7 +149,7 @@
* -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
*
* Note. In your actual products, do not forget to comment-out
- * "NO_ASN_TIME" macro. And prepare time function to get calender time,
+ * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
* otherwise, certificate expiration validation will not work.
*/
/*#define NO_ASN_TIME*/
@@ -224,13 +224,28 @@
#if defined(WOLFSSL_RENESAS_TSIP)
+ /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
+ /* Enable TSIP TLS (default)
+ * TSIP CRYPTONLY is also enabled.
+ * Disable TSIP TLS
+ * TSIP CRYPTONLY is only enabled.
+ */
+ #define WOLFSSL_RENESAS_TSIP_TLS
+
#if !defined(NO_RENESAS_TSIP_CRYPT)
- #define WOLFSSL_RENESAS_TSIP_CRYPT
- #define WOLFSSL_RENESAS_TSIP_TLS
- #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #define WOLFSSL_RENESAS_TSIP_CRYPTONLY
#define HAVE_PK_CALLBACKS
#define WOLF_CRYPTO_CB
- #define WOLF_PRIVATE_KEY_ID
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #define WOLF_PRIVATE_KEY_ID
+ #endif
+ #endif
+
+ #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ # undef WOLFSSL_RENESAS_TSIP_TLS
+ # undef WOLFSSL_RENESAS_TSIP_CRYPT
#endif
#else
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
index e61512c1..5614f3f1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
@@ -294,22 +294,22 @@ static void Tls_client()
/* TSIP specific ECC private key */
if (ret == 0){
- ret = tsip_use_PrivateKey_buffer(ssl,
+ ret = tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_private_key,
sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
TSIP_ECCP256);
if (ret != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer\n");
+ printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
}
}
# if defined(WOLFSSL_CHECK_SIG_FAULTS)
if (ret == 0){
- ret = tsip_use_PublicKey_buffer(ssl,
+ ret = tsip_use_PublicKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_public_key,
sizeof(g_key_block_data.encrypted_user_ecc256_public_key),
TSIP_ECCP256);
if (ret != 0) {
- printf("ERROR tsip_use_PublicKey_buffer\n");
+ printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
}
}
#endif /* WOLFSSL_CHECK_SIG_FAULTS */
@@ -339,21 +339,21 @@ static void Tls_client()
/* TSIP specific RSA private key */
if (ret == 0) {
- ret = tsip_use_PrivateKey_buffer(ssl,
+ ret = tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
TSIP_RSA2048);
if (ret != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer :%d\n", ret);
+ printf("ERROR tsip_use_PrivateKey_buffer_TLS :%d\n", ret);
}
}
if (ret == 0) {
- ret = tsip_use_PublicKey_buffer(ssl,
+ ret = tsip_use_PublicKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
TSIP_RSA2048);
if (ret != 0) {
- printf("ERROR tsip_use_PublicKey_buffer: %d\n", ret);
+ printf("ERROR tsip_use_PublicKey_buffer_TLS: %d\n", ret);
}
}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md
index c9f75399..be61aec0 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md
@@ -114,14 +114,14 @@ Now that the test application is ready to build.
## 7. Running test application as Client
-----
### 7.1 Run Client as TCP
-When it enables SIMPLE_TCP_CLIENT, we can run TCP clint on the board. We are able to use [this TCP server allication](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tcp.c) as the opposite TCP server. To complie and run the server,
+When it enables SIMPLE_TCP_CLIENT, we can run TCP clint on the board. We are able to use [this TCP server allication](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tcp.c) as the opposite TCP server. To compile and run the server,
```
$ gcc server-tcp.c -o server-tcp
$ ./server-tcp
```
If needed, it updates server IP address and port. Those are defined by `SIMPLE_TCPSERVER_IP` and `SIMPLE_TCPSERVER_PORT` in `test/src/simple_tcp.c`
-You will see messages on Reneas Virtual Console when its communication succedes.
+You will see messages on Reneas Virtual Console when its communication succeeds.
```
Received : I hear ya fa shizzle!
@@ -140,7 +140,7 @@ Waiting for a connection...
When it enables SIMPLE_TLS_CLIENT, we can run TLS client on the board.If needed, it updates server IP address and port. Those are defined by `SIMPLE_TLSSERVER_IP` and `SIMPLE_TLSSERVER_PORT` in `test/src/simple_tls_tsip.c`. After changing it, you need to re-compile test project.
-As the opposite TLS server, we can use an example server in wolfSSL soure tree. To configure and build it,
+As the opposite TLS server, we can use an example server in wolfSSL source tree. To configure and build it,
```
$ cd <wolfssl-folder>
@@ -159,7 +159,7 @@ Therefore, for an example server, it needs to specify ECC certificate correspond
./examples/server/server -v 4 -b -i -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem -A ./certs/client-ecc-cert.pem
```
-You will see messages on Renesas Debug Virtual Consol
+You will see messages on Renesas Debug Virtual Console
```
cipher : TLS13-AES128-GCM-SHA256
Received: I hear you fa shizzle!
@@ -243,7 +243,7 @@ When you want to run test project by TLS 1.3, it enables `#define WOLFSSL_TLS13`
## 8. Running test application as Server
### 8.1 Run Server as TCP Server
-When it enables `SIMPLE_TCP_SERVER`, we can run TCP server on the board. We are able to use [this TCP client](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tcp.c) as the opposite TCP client. To complie and run the server,
+When it enables `SIMPLE_TCP_SERVER`, we can run TCP server on the board. We are able to use [this TCP client](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tcp.c) as the opposite TCP client. To compile and run the server,
```
$ gcc client-tcp.c -o client-tcp
@@ -306,4 +306,4 @@ The above limitations 1 through 4 are expected to be improved by TSIP from the n
# 11. Support
-For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well. \ No newline at end of file
+For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well.
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md
index 05d9ba1c..e870bba0 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md
@@ -237,7 +237,7 @@ $ ./configure CFLAGS="-DWOLFSSL_STATIC_RSA"
$ ./examples/server/server -b -i
```
-実行ã™ã‚‹ã¨ã€ä¸‹è¨˜ã®ã‚ˆã†ãªãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒRenesas Debug Virtual Consol ã«è¡¨ç¤ºã•ã‚Œã¾ã™ã€‚
+実行ã™ã‚‹ã¨ã€ä¸‹è¨˜ã®ã‚ˆã†ãªãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒRenesas Debug Virtual Console ã«è¡¨ç¤ºã•ã‚Œã¾ã™ã€‚
```
cipher : ECDHE-RSA-AES128-GCM-SHA256
@@ -298,7 +298,7 @@ SSL curve name is SECP256R1
hello wolfssl!
```
-Renesas Debug Virtual Consol ã«ä¸‹è¨˜ã®ã‚ˆã†ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚Œã°ã€ãƒœãƒ¼ãƒ‰ä¸Šã® TLS サーãƒãƒ¼ã¨ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆé–“ã§TLS通信ãŒè¡Œã‚ã‚Œã¦ã„ã¾ã™ã€‚
+Renesas Debug Virtual Console ã«ä¸‹è¨˜ã®ã‚ˆã†ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚Œã°ã€ãƒœãƒ¼ãƒ‰ä¸Šã® TLS サーãƒãƒ¼ã¨ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆé–“ã§TLS通信ãŒè¡Œã‚ã‚Œã¦ã„ã¾ã™ã€‚
```
Received: hello wolfssl!
```
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
index c6d70e75..2c48ed51 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
@@ -21,8 +21,8 @@
#include <wolfssl/wolfcrypt/wc_port.h>
-#define YEAR 2022
-#define MON 6
+#define YEAR 2023
+#define MON 5
static int tick = 0;
@@ -43,5 +43,5 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz)
/* dummy return true when char is alphanumeric character */
int isascii(const char *s)
{
- return isalnum(s);
+ return isalnum(s);
}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject
index 46007209..5f7ceb0e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject
@@ -54,11 +54,7 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -66,6 +62,10 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define.511269805" name="プリプロセッサ・マクロã®å®šç¾© (-define)" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define" useByScannerDiscovery="false" valueType="definedSymbols">
<listOptionValue builtIn="false" value="DEBUG_CONSOLE"/>
@@ -97,11 +97,7 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -109,6 +105,10 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
</option>
<inputType id="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType.502444415" name="Assembler InputType" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType"/>
</tool>
@@ -267,11 +267,7 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -279,6 +275,10 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
</option>
<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define.935611572" name="プリプロセッサ・マクロã®å®šç¾© (-define)" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define" valueType="definedSymbols">
<listOptionValue builtIn="false" value="DEBUG_CONSOLE"/>
@@ -307,11 +307,7 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
- <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -319,6 +315,10 @@
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
</option>
<inputType id="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType.1482916460" name="Assembler InputType" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType"/>
</tool>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project
index 2616e947..10951ff4 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project
@@ -40,6 +40,11 @@
<locationURI>PARENT-2-PROJECT_LOC/wolfssl_demo/user_settings.h</locationURI>
</link>
<link>
+ <name>src/wolfssl_tsip_unit_test.c</name>
+ <type>1</type>
+ <locationURI>PARENT-2-PROJECT_LOC/wolfssl_demo/wolfssl_tsip_unit_test.c</locationURI>
+ </link>
+ <link>
<name>src/key_data/key_data.c</name>
<type>1</type>
<locationURI>PARENT-2-PROJECT_LOC/wolfssl_demo/key_data.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
index 946aaeeb..0bc5caa1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
@@ -31,7 +31,7 @@
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#endif
-#define SIMPLE_TLSSEVER_IP "192.168.10.10"
+#define SIMPLE_TLSSEVER_IP "192.168.11.9"
#define SIMPLE_TLSSERVER_PORT "11111"
ER t4_tcp_callback(ID cepid, FN fncd , VP p_parblk);
@@ -103,7 +103,7 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
char *cert = "./certs/ca-cert.pem";
#endif
#else
- #if defined(USE_ECC_CERT) && defined(USE_CERT_BUFFERS_256)
+ #if defined(USE_ECC_CERT) && defined(USE_CERT_BUFFERS_256)
const unsigned char *cert = ca_ecc_cert_der_256;
#define SIZEOF_CERT sizeof_ca_ecc_cert_der_256
#else
@@ -118,7 +118,7 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
#endif
/* Create and initialize WOLFSSL_CTX */
- if ((client_ctx =
+ if ((client_ctx =
wolfSSL_CTX_new(wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
printf("ERROR: failed to create WOLFSSL_CTX\n");
return;
@@ -134,7 +134,7 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
return;
}
#else
- if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT,
+ if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT,
SSL_FILETYPE_ASN1) != SSL_SUCCESS){
printf("ERROR: can't load certificate data\n");
return;
@@ -151,24 +151,6 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
return;
}
- /* set client private key data */
- #if defined(WOLFSSL_TLS13) && defined(SIMPLE_TLS_TSIP_CLIENT)
- if (tsip_set_clientPrivateKeyEnc(
- g_key_block_data.encrypted_user_ecc256_private_key,
- TSIP_ECCP256) != 0) {
- printf("ERROR: can't load client-private key\n");
- return;
- }
- #else
- if (wolfSSL_CTX_use_PrivateKey_buffer(client_ctx,
- ecc_clikey_der_256,
- sizeof_ecc_clikey_der_256,
- SSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
- printf("ERROR: can't load private-key data.\n");
- return;
- }
- #endif /* WOLFSSL_TLS13 */
-
#else
if (wolfSSL_CTX_use_certificate_chain_buffer_format(client_ctx,
client_cert_der_2048,
@@ -195,15 +177,15 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
wolfSSL_SetIOSend(client_ctx, my_IOSend);
/* use specific cipher */
- if (cipherlist != NULL &&
+ if (cipherlist != NULL &&
wolfSSL_CTX_set_cipher_list(client_ctx, cipherlist) != WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(client_ctx); client_ctx = NULL;
printf("client can't set cipher list");
return;
}
-
+
#if defined(WOLFSSL_TLS13)
- if (wolfSSL_CTX_UseSupportedCurve(client_ctx, WOLFSSL_ECC_SECP256R1)
+ if (wolfSSL_CTX_UseSupportedCurve(client_ctx, WOLFSSL_ECC_SECP256R1)
!= WOLFSSL_SUCCESS) {
wolfSSL_CTX_free(client_ctx); client_ctx = NULL;
printf("client can't set use supported curves\n");
@@ -222,11 +204,11 @@ void wolfSSL_TLS_client( )
#define BUFF_SIZE 256
static const char sendBuff[]= "Hello Server\n" ;
-
+
char rcvBuff[BUFF_SIZE] = {0};
-
+
static T_IPV4EP my_addr = { 0, 0 };
-
+
T_IPV4EP dst_addr;
if((dst_addr.ipaddr = getIPaddr(SIMPLE_TLSSEVER_IP)) == 0){
@@ -248,9 +230,45 @@ void wolfSSL_TLS_client( )
goto out;
}
- #ifdef SIMPLE_TLS_TSIP_CLIENT
+#ifdef SIMPLE_TLS_TSIP_CLIENT
tsip_set_callback_ctx(ssl, &userContext);
+#endif
+
+ /* set client private key data */
+#if defined(WOLFSSL_TLS13) && defined(SIMPLE_TLS_TSIP_CLIENT)
+ #if defined(USE_ECC_CERT)
+ if (tsip_use_PrivateKey_buffer_TLS(ssl,
+ (const char*)g_key_block_data.encrypted_user_ecc256_private_key,
+ sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
+ TSIP_ECCP256) != 0) {
+ printf("ERROR: can't load client-private key\n");
+ return;
+ }
+ #else
+ if (tsip_use_PrivateKey_buffer_TLS(ssl,
+ (const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
+ sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
+ TSIP_RSA2048) != 0) {
+ printf("ERROR: can't load client-private key\n");
+ return;
+ }
+ ret = tsip_use_PublicKey_buffer_TLS(ssl,
+ (const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
+ sizeof(g_key_block_data.encrypted_user_rsa2048_public_key), TSIP_RSA2048);
+ if (ret != 0) {
+ printf("ERROR tsip_use_PublicKey_buffer: %d\n", ret);
+ return;
+ }
#endif
+#else
+ if (wolfSSL_use_PrivateKey_buffer(ssl,
+ ecc_clikey_der_256,
+ sizeof_ecc_clikey_der_256,
+ SSL_FILETYPE_ASN1) != WOLFSSL_SUCCESS) {
+ printf("ERROR: can't load private-key data.\n");
+ return;
+ }
+#endif /* WOLFSSL_TLS13 */
/* set callback context */
wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
index cb629a38..42d62359 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
@@ -27,7 +27,7 @@
#include "wolfssl/wolfcrypt/types.h"
#if defined(SIMPLE_TCP_CLIENT) || defined(SIMPLE_TLS_CLIENT) || \
- defined(SIMPLE_TLS_TSIP_CLIENT)
+ defined(SIMPLE_TLS_TSIP_CLIENT)
#define SIMPLE_CLIENT
#endif
@@ -251,7 +251,7 @@ void main(void)
printf("End wolfCrypt Benchmark\n");
#endif
#elif defined(SIMPLE_TCP_CLIENT) || defined(SIMPLE_TLS_CLIENT) || \
- defined(SIMPLE_TLS_TSIP_CLIENT)
+ defined(SIMPLE_TLS_TSIP_CLIENT)
#include "r_cmt_rx_if.h"
Open_tcp();
@@ -265,7 +265,7 @@ void main(void)
#if defined(SIMPLE_TCP_CLIENT)
simple_tcp_client();
#elif defined(SIMPLE_TLS_CLIENT) || defined(SIMPLE_TLS_TSIP_CLIENT)
- if(cipherlist_sz > 0 ) printf("cipher : %s\n", cipherlist[i]);
+ if(cipherlist_sz > 0 ) printf("cipher : %s\n", cipherlist[i]);
wolfSSL_TLS_client_init(cipherlist[i]);
wolfSSL_TLS_client();
@@ -287,6 +287,23 @@ void main(void)
wolfSSL_TLS_server();
#endif
Close_tcp();
+#elif defined(TSIP_CRYPT_UNIT_TEST)
+ if ((ret = wolfCrypt_Init()) != 0) {
+ printf("wolfCrypt_Init failed %d\n", ret);
+ }
+
+ printf("Start wolf tsip crypt Test\n");
+
+ printf(" \n");
+ printf(" simple crypt test by using TSIP\n");
+ tsip_crypt_test();
+
+ printf(" \n");
+ printf("End wolf tsip crypt Test\n");
+
+ if ((ret = wolfCrypt_Cleanup()) != 0) {
+ printf("wolfCrypt_Cleanup failed %d\n", ret);
+ }
#endif
}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h
index 21e9849a..c62cd4a3 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h
@@ -54,7 +54,7 @@ void wolfSSL_TLS_server();
void simple_tcp_server();
#if defined(SIMPLE_TCP_CLIENT) || defined(SIMPLE_TLS_CLIENT) || \
- defined(SIMPLE_TCP_SERVER) || defined(SIMPLE_TLS_SERVER)
+ defined(SIMPLE_TCP_SERVER) || defined(SIMPLE_TLS_SERVER)
#define min(x,y) ((x)<(y)?(x):(y))
int isascii(const char *s);
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg
index a0b715db..bf7fe092 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg
@@ -950,11 +950,6 @@
<source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
<source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
</configuration>
- <configuration inuse="true" name="r_tsip_rx">
- <component description="ä¾å­˜ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«: r_bsp ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 7.00&#10;Support functions: AES, GCM, CCM, CMAC, SHA, MD5, Triple-DES, ARC4, RSA, ECC, Random number generate, Key management, secure boot/secure firmware update.&#10;The &quot;.l&quot; in version number means library version." detailDescription="TSIP(Trusted Secure IP) driver." display="r_tsip_rx" id="r_tsip_rx1.15.l" version="1.15.l"/>
- <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
- <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
- </configuration>
<configuration inuse="true" name="r_bsp">
<component description="ä¾å­˜ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«: ãªã—&#10;The r_bsp package provides a foundation for code to be built on top of. It provides startup code, iodefines, and MCU information for different boards. There are 2 folders that make up the r_bsp package. The 'mcu' folder contains files that are common to a MCU group. These files provide functionality such as easy register access, CPU functions, and a file named 'mcu_info.h' for each MCU group. The 'mcu_info.h' file has information about the MCU on the board and is configured based on the information given in r_bsp_config.h. The information in 'mcu_info.h' is used to help configure Renesas middleware that uses the r_bsp package. The 'board' folder has a folder with startup code for each supported board. Which MCU and board is chosen is decided by the settings in 'platform.h'. The user can choose which board they are using by uncommenting the include path that applies to their board. For example, if you are using the RSK+RX64M then you would uncomment the #include &quot;./board/generic_rx64m/r_bsp.h&quot; include path. Users are encouraged to add their own boards to the 'board' directory. BSPs are configured by using the r_bsp_config.h file. Each board will have a reference configuration file named r_bsp_config_reference.h. The user should copy this file to their project, rename it to r_bsp_config.h, and use the options inside the file to configure the BSP for their project." detailDescription="Board Support Packages." display="r_bsp" id="r_bsp7.20" version="7.20">
<gridItem id="BSP_CFG_USER_STACK_ENABLE" selectedIndex="1"/>
@@ -1136,6 +1131,11 @@
<source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
<source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
</configuration>
+ <configuration inuse="true" name="r_tsip_rx">
+ <component description="ä¾å­˜ãƒ¢ã‚¸ãƒ¥ãƒ¼ãƒ«: r_bsp ãƒãƒ¼ã‚¸ãƒ§ãƒ³ 7.30&#10;Support functions: AES, GCM, CCM, CMAC, SHA, MD5, Triple-DES, ARC4, RSA, ECC, Random number generate, Key management, secure boot/secure firmware update.&#10;The &quot;.l&quot; in version number means library version." detailDescription="TSIP(Trusted Secure IP) driver." display="r_tsip_rx" id="r_tsip_rx1.18.l" version="1.18.l"/>
+ <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
+ <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
+ </configuration>
</tool>
<tool id="System">
<section id="ocd">
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project
index 2c1641be..068886b4 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project
@@ -80,6 +80,11 @@
<locationURI>PARENT-7-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
</link>
<link>
+ <name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-7-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+ </link>
+ <link>
<name>wolfcrypt/port/renesas_tsip_sha.c</name>
<type>1</type>
<locationURI>PARENT-7-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc
index e86cb0e8..6e8f27d1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc
@@ -22,6 +22,7 @@
<Category Name="port">
<Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_common.c</Path>
<Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_aes.c</Path>
+ <Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_rsa.c</Path>
<Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_sha.c</Path>
<Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_util.c</Path>
</Category>
@@ -145,6 +146,7 @@
<Path>Debug\wolfio.obj</Path>
<Path>Debug\renesas_common.obj</Path>
<Path>Debug\renesas_tsip_aes.obj</Path>
+ <Path>Debug\renesas_tsip_rsa.obj</Path>
<Path>Debug\renesas_tsip_sha.obj</Path>
<Path>Debug\renesas_tsip_util.obj</Path>
<Path>Debug\aes.obj</Path>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project
index 9642014f..e5977870 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project
@@ -80,6 +80,11 @@
<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
</link>
<link>
+ <name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+ </link>
+ <link>
<name>wolfcrypt/port/renesas_tsip_sha.c</name>
<type>1</type>
<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
index e5cd3333..516bbfe8 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
@@ -28,11 +28,10 @@
*----------------------------------------------------------------------------*/
#define WOLFSSL_RENESAS_RX72N
-
/*-- Renesas TSIP usage and its version ---------------------------------------
*
* "WOLFSSL_RENESAS_TSIP" definition makes wolfSSL to use H/W acceleration
- * for cipher operations.
+ * for cipher operations.
* TSIP definition asks to have its version number.
* "WOLFSSL_RENESAS_TSIP_VER" takes following value:
* 106: TSIPv1.06
@@ -45,6 +44,7 @@
#define WOLFSSL_RENESAS_TSIP
#define WOLFSSL_RENESAS_TSIP_VER 117
+
#if defined(SIMPLE_TLS_CLIENT) || defined(SIMPLE_TLS_SERVER)
#undef WOLFSSL_RENESAS_TSIP
#undef WOLFSSL_RENESAS_TSIP_VER
@@ -54,16 +54,16 @@
*
* wolfSSL supports TLSv1.2 by default. In case you want your system to support
* TLSv1.3, uncomment line below.
- *
+ *
*----------------------------------------------------------------------------*/
#define WOLFSSL_TLS13
/*-- Operating System related definitions --------------------------------------
- *
+ *
* In case any real-time OS is used, define its name(e.g. FREERTOS).
* Otherwise, define "SINGLE_THREADED". They are exclusive each other.
- *
+ *
*----------------------------------------------------------------------------*/
#if !defined(RENESAS_T4_USE)
#define FREERTOS
@@ -114,23 +114,23 @@
/* USE_ECC_CERT
* This macro is for selecting root CA certificate to load, it is valid only
- * in example applications. wolfSSL does not refer this macro.
- * If you want to use cipher suites including ECDSA authentication in
+ * in example applications. wolfSSL does not refer this macro.
+ * If you want to use cipher suites including ECDSA authentication in
* the example applications with TSIP, enable this macro.
- * In TSIP 1.13 or later version, following cipher suites are
+ * In TSIP 1.13 or later version, following cipher suites are
* available:
* - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
* - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SAH256
- *
+ *
* Note that, this macro disables cipher suites including RSA
* authentication such as:
* - TLS_RSA_WITH_AES_128_CBC_SHA
- * - TLS_RSA_WITH_AES_256_CBC_SHA
+ * - TLS_RSA_WITH_AES_256_CBC_SHA
* - TLS_RSA_WITH_AES_128_CBC_SHA256
* - TLS_RSA_WITH_AES_256_CBC_SHA256
* - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
* - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
- *
+ *
*/
#define USE_ECC_CERT
@@ -139,14 +139,14 @@
*/
/*#define WOLFSSL_CHECK_SIG_FAULTS*/
- /* In this example application, Root CA cert buffer named
- * "ca_ecc_cert_der_256" is used under the following macro definition
+ /* In this example application, Root CA cert buffer named
+ * "ca_ecc_cert_der_256" is used under the following macro definition
* for ECDSA.
*/
#define USE_CERT_BUFFERS_256
- /* In this example application, Root CA cert buffer named
- * "ca_cert_der_2048" is used under the following macro definition
+ /* In this example application, Root CA cert buffer named
+ * "ca_cert_der_2048" is used under the following macro definition
* for RSA authentication.
*/
#define USE_CERT_BUFFERS_2048
@@ -157,26 +157,27 @@
*----------------------------------------------------------------------------*/
#define SIZEOF_LONG_LONG 8
+ #define WOLFSSL_SMALL_STACK
- /*
+ /*
* -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
- *
- * Note. In your actual products, do not forget to comment-out
- * "NO_ASN_TIME" macro. And prepare time function to get calender time,
- * otherwise, certificate expiration validation will not work.
+ *
+ * Note. In your actual products, do not forget to comment-out
+ * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
+ * otherwise, certificate expiration validation will not work.
*/
/*#define NO_ASN_TIME*/
-
+
#define NO_MAIN_DRIVER
#define BENCH_EMBEDDED
- #define NO_WOLFSSL_DIR
+ #define NO_WOLFSSL_DIR
#define WOLFSSL_NO_CURRDIR
#define NO_FILESYSTEM
#define WOLFSSL_LOG_PRINTF
#define WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MAX
#define NO_WRITEV
-
+
#define WOLFSSL_USER_CURRTIME /* for benchmark */
#define TIME_OVERRIDES
@@ -209,7 +210,7 @@
/*-- Definitions for functionality negation -----------------------------------
*
- *
+ *
*----------------------------------------------------------------------------*/
/*#define NO_RENESAS_TSIP_CRYPT*/
@@ -220,7 +221,7 @@
#endif
/*-- Consistency checking between definitions ---------------------------------
*
- *
+ *
*----------------------------------------------------------------------------*/
/*-- TSIP TLS specific definitions --*/
@@ -236,14 +237,28 @@
*----------------------------------------------------------------------------*/
#if defined(WOLFSSL_RENESAS_TSIP)
+ /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
+ /* Enable TSIP TLS (default)
+ * TSIP CRYPTONLY is also enabled.
+ * Disable TSIP TLS
+ * TSIP CRYPTONLY is only enabled.
+ */
+ #define WOLFSSL_RENESAS_TSIP_TLS
#if !defined(NO_RENESAS_TSIP_CRYPT)
- #define WOLFSSL_RENESAS_TSIP_CRYPT
- #define WOLFSSL_RENESAS_TSIP_TLS
- #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #define WOLFSSL_RENESAS_TSIP_CRYPTONLY
#define HAVE_PK_CALLBACKS
#define WOLF_CRYPTO_CB
- #define WOLF_PRIVATE_KEY_ID
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+ #define WOLF_PRIVATE_KEY_ID
+ #endif
+ #endif
+
+ #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ # undef WOLFSSL_RENESAS_TSIP_TLS
+ # undef WOLFSSL_RENESAS_TSIP_CRYPT
#endif
#else
@@ -261,3 +276,5 @@
/*-- strcasecmp */
#define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
+
+#define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
index f32e119c..5d1f9136 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
@@ -382,15 +382,15 @@ static void Tls_client(void *pvParam)
#if defined(USE_ECC_CERT)
/* Client authentication using ECDSA certificate can be handled by TSIP.
* Therefore, the client private key should be TSIP-specific format
- * and be set by tsip_use_PrivateKey_buffer.
+ * and be set by tsip_use_PrivateKey_buffer_TLS.
*/
if (ret == 0){
- ret = tsip_use_PrivateKey_buffer(ssl,
+ ret = tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_ecc256_private_key,
sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
TSIP_ECCP256);
if (ret != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer\n");
+ printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
}
}
# if defined(WOLFSSL_CHECK_SIG_FAULTS)
@@ -409,16 +409,16 @@ static void Tls_client(void *pvParam)
/* Client authentication using RSA certificate can be handled by TSIP.
* Note that the internal verification of the signature process requires
* not only the client's private key but also its public key, so pass them
- * using tsip_use_PrivateKey_buffer and tsip_use_PublicKey_buffer
+ * using tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS
* respectively.
*/
if (ret == 0) {
- ret = tsip_use_PrivateKey_buffer(ssl,
+ ret = tsip_use_PrivateKey_buffer_TLS(ssl,
(const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
TSIP_RSA2048);
if (ret != 0) {
- printf("ERROR tsip_use_PrivateKey_buffer :%d\n", ret);
+ printf("ERROR tsip_use_PrivateKey_buffer_TLS :%d\n", ret);
}
}
if (ret == 0) {
@@ -536,7 +536,7 @@ static void Tls_client_demo(void)
"TLS13-AES128-GCM-SHA256",
"TLS13-AES128-CCM-SHA256",
#endif
- "ECDHE-ECDSA-AES128-SHA256",
+ "ECDHE-ECDSA-AES128-SHA256",
"ECDHE-ECDSA-AES128-GCM-SHA256",
};
#if defined(WOLFSSL_TLS13)
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h
index d621bbd3..c11e59c8 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h
@@ -45,7 +45,7 @@
#define LIBRARY_LOG_LEVEL LOG_INFO
#endif
#include "logging_stack.h"
-
+#include "wolfssl/ssl.h"
/* Enable wolfcrypt test demo */
/*#define CRYPT_TEST */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
index 35c64476..f89b48cf 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
@@ -19,6 +19,14 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#include <wolfssl_simple_demo.h>
+
+#ifdef TSIP_CRYPT_UNIT_TEST
+
+#include "r_bsp_config.h"
+#if BSP_CFG_USTACK_BYTES < 0x4000
+# error "more than 0x4000 stack needed to run the unit tests."
+#endif
#include <stdio.h>
#include <string.h>
@@ -28,6 +36,7 @@
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
@@ -36,12 +45,14 @@
#endif
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
+#ifdef FREERTOS
#include "FreeRTOS.h"
-#if defined(FREERTOS_TCP)
+# if defined(FREERTOS_TCP)
#include "FreeRTOS_IP.h"
#include "FreeRTOS_Sockets.h"
#include "platform/iot_network.h"
#include "platform.h"
+# endif
#endif
#ifndef NO_SHA
@@ -59,7 +70,7 @@
printf(" passed \n");\
else \
printf(" failed \n");
-
+#ifdef FREERTOS
static xSemaphoreHandle exit_semaph;
static byte exit_loop = 0;
static byte sha_multTst_rslt = 0;
@@ -68,26 +79,55 @@ static byte Aes128_Cbc_multTst_rslt = 0;
static byte Aes256_Cbc_multTst_rslt = 0;
static byte Aes128_Gcm_multTst_rslt = 0;
static byte Aes256_Gcm_multTst_rslt = 0;
+#endif /* FREERTOS */
#if defined(HAVE_AES_CBC)
-#if defined(WOLFSSL_AES_128)
-static tsip_aes_key_index_t g_user_aes128_key_index1;
-static tsip_aes_key_index_t g_user_aes128_key_index2;
-#endif
+# if defined(WOLFSSL_AES_128)
+ static tsip_aes_key_index_t g_user_aes128_key_index1;
+ static tsip_aes_key_index_t g_user_aes128_key_index2;
+# endif
-#if defined(WOLFSSL_AES_256)
-static tsip_aes_key_index_t g_user_aes256_key_index1;
-static tsip_aes_key_index_t g_user_aes256_key_index2;
-#endif
+# if defined(WOLFSSL_AES_256)
+ static tsip_aes_key_index_t g_user_aes256_key_index1;
+ static tsip_aes_key_index_t g_user_aes256_key_index2;
+# endif
#endif
+
+
typedef struct tagInfo
{
tsip_aes_key_index_t aes_key;
} Info;
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ static TsipUserCtx userContext;
+
+ void Clr_CallbackCtx(TsipUserCtx *g)
+ {
+
+ if (g->rsa1024pri_keyIdx != NULL)
+ XFREE(g->rsa1024pri_keyIdx,
+ NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (g->rsa1024pub_keyIdx != NULL)
+ XFREE(g->rsa1024pub_keyIdx,
+ NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (g->rsa2048pri_keyIdx != NULL)
+ XFREE(g->rsa2048pri_keyIdx,
+ NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (g->rsa2048pub_keyIdx != NULL)
+ XFREE(g->rsa2048pub_keyIdx,
+ NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ XMEMSET(g, 0, sizeof(TsipUserCtx));
+ }
+
+#endif
+
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
static int tsip_aes_cbc_test(int prnt, tsip_aes_key_index_t* aes_key)
@@ -160,6 +200,7 @@ static int tsip_aes_cbc_test(int prnt, tsip_aes_key_index_t* aes_key)
return ret;
}
+#ifdef FREERTOS
static void tskAes128_Cbc_Test(void *pvParam)
{
int ret = 0;
@@ -177,7 +218,7 @@ static void tskAes128_Cbc_Test(void *pvParam)
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
-
+#endif /* FREERTOS */
#endif
#ifdef WOLFSSL_AES_256
@@ -212,6 +253,7 @@ static int tsip_aes256_test(int prnt, tsip_aes_key_index_t* aes_key)
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
};
+ (void)verify;
if (prnt)
printf(" tsip_aes256_test() ");
@@ -276,7 +318,7 @@ out:
return ret;
}
-
+#ifdef FREERTOS
static void tskAes256_Cbc_Test(void *pvParam)
{
int ret = 0;
@@ -294,7 +336,7 @@ static void tskAes256_Cbc_Test(void *pvParam)
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
-
+#endif /* FREERTOS */
#endif /* WOLFSSL_AES_256 */
#if defined(WOLFSSL_AES_256)
@@ -368,6 +410,8 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
int ret;
(void) result;
+ (void) c1;
+ (void) t1;
if (prnt) {
printf(" tsip_aes256_gcm_test() ");
@@ -467,7 +511,7 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
return ret;
}
-
+#ifdef FREERTOS
static void tskAes256_Gcm_Test(void *pvParam)
{
int ret = 0;
@@ -485,6 +529,7 @@ static void tskAes256_Gcm_Test(void *pvParam)
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
+#endif /* FREERTOS */
#endif
#if defined(WOLFSSL_AES_128)
@@ -539,7 +584,8 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
int ret;
(void) result;
-
+ (void) c3;
+ (void) t3;
if (prnt) {
printf(" tsip_aes128_gcm_test() ");
}
@@ -602,7 +648,7 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
return ret;
}
-
+#ifdef FREERTOS
static void tskAes128_Gcm_Test(void *pvParam)
{
int ret = 0;
@@ -620,69 +666,11 @@ static void tskAes128_Gcm_Test(void *pvParam)
xSemaphoreGive(exit_semaph);
vTaskDelete(NULL);
}
-
+#endif /* FREERTOS */
#endif
-int tsip_crypt_test()
-{
- int ret = 0;
- e_tsip_err_t tsip_error_code;
-
- /* Generate AES tsip Key */
- tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
- &g_user_aes128_key_index1);
-
- if (tsip_error_code == TSIP_SUCCESS)
- tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
- &g_user_aes128_key_index2);
-
- if (tsip_error_code == TSIP_SUCCESS)
- tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
- &g_user_aes256_key_index1);
-
- if (tsip_error_code == TSIP_SUCCESS)
- tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
- &g_user_aes256_key_index2);
-
- if (tsip_error_code == TSIP_SUCCESS) {
- #ifndef NO_SHA
- printf(" sha_test()");
- ret = sha_test();
- RESULT_STR(ret)
- #endif
-
- #ifndef NO_SHA256
- printf(" sha256_test()");
- ret = sha256_test();
- RESULT_STR(ret)
- #endif
-
- ret = tsip_aes_cbc_test(1, &g_user_aes128_key_index1);
-
- if (ret == 0) {
-
- ret = tsip_aes256_test(1, &g_user_aes256_key_index1);
-
- }
-
- if (ret == 0) {
-
- ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1);
-
- }
-
- if (ret == 0) {
-
- ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);
-
- }
- }
- else
- ret = -1;
-
- return ret;
-}
+#ifdef FREERTOS
#ifndef NO_SHA
@@ -722,7 +710,102 @@ static void tskSha256_Test(void *pvParam)
vTaskDelete(NULL);
}
#endif
+#endif /* FREERTOS */
+
+#if !defined(NO_RSA)
+
+/* testing rsa sign/verify w/ rsa 2048 bit key */
+#define TEST_STRING "Everyone gets Friday off."
+#define TEST_STRING2 "Everyone gets Friday ofv."
+#define TEST_STRING_SZ 25
+#define RSA_TEST_BYTES 256 /* up to 2048-bit key */
+
+static int tsip_rsa_SignVerify_test(int prnt, int keySize)
+{
+ int ret = 0;
+
+ RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ WC_RNG rng;
+ const char inStr [] = TEST_STRING;
+ const char inStr2[] = TEST_STRING2;
+ const word32 inLen = (word32)TEST_STRING_SZ;
+ const word32 outSz = RSA_TEST_BYTES;
+
+ byte *in = NULL;
+ byte *in2 = NULL;
+ byte *out= NULL;
+
+ in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+ (void) prnt;
+
+ if (key == NULL || in == NULL || out == NULL) {
+ ret = -1;
+ goto out;
+ }
+
+ XMEMSET(&rng, 0, sizeof(rng));
+ XMEMSET(key, 0, sizeof *key);
+ XMEMCPY(in, inStr, inLen);
+ XMEMCPY(in2, inStr2, inLen);
+
+ ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+ if (ret != 0) {
+ goto out;
+ }
+
+ if ((ret = wc_InitRng(&rng)) != 0)
+ goto out;
+
+ if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+ goto out;
+
+ /* make rsa key by SCE */
+ if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+ goto out;
+ }
+
+ ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
+ if (ret < 0) {
+ goto out;
+ }
+ /* this should fail */
+ ret = wc_RsaSSL_Verify(in2, inLen, out, keySize/8, key);
+ if (ret != SIG_VERIFY_E) {
+ ret = -1;
+ goto out;
+ }
+ /* this should succeed */
+ ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key);
+ if (ret < 0) {
+ ret = -1;
+ goto out;
+ }
+ ret = 0;
+ out:
+ if (key != NULL) {
+ wc_FreeRsaKey(key);
+ XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (in != NULL) {
+ XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (in2 != NULL) {
+ XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (out != NULL) {
+ XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+
+ return ret;
+}
+#endif /* NO_RSA */
+
+
+#ifdef TSIP_MULTIUNIT_TEST
int tsip_crypt_sha_multitest()
{
int ret = 0;
@@ -1018,4 +1101,109 @@ int tsip_crypt_Sha_AesCbcGcm_multitest()
return ret;
}
+#endif
+
+
+int tsip_crypt_test()
+{
+ int ret = 0;
+ e_tsip_err_t tsip_error_code;
+
+ /* Generate AES tsip Key */
+ tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
+ &g_user_aes128_key_index1);
+
+ if (tsip_error_code == TSIP_SUCCESS)
+ tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
+ &g_user_aes128_key_index2);
+
+ if (tsip_error_code == TSIP_SUCCESS)
+ tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
+ &g_user_aes256_key_index1);
+
+ if (tsip_error_code == TSIP_SUCCESS)
+ tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
+ &g_user_aes256_key_index2);
+
+ if (tsip_error_code == TSIP_SUCCESS) {
+
+ #ifndef NO_SHA
+ printf(" sha_test()");
+ ret = sha_test();
+ RESULT_STR(ret)
+ #endif
+
+ #ifndef NO_SHA256
+ printf(" sha256_test()");
+ ret = sha256_test();
+ RESULT_STR(ret)
+ #endif
+
+ ret = tsip_aes_cbc_test(1, &g_user_aes128_key_index1);
+
+ if (ret == 0) {
+
+ ret = tsip_aes256_test(1, &g_user_aes256_key_index1);
+
+ }
+
+ if (ret == 0) {
+
+ ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1);
+
+ }
+
+ if (ret == 0) {
+
+ ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);
+
+ }
+ #if defined(WOLFSSL_KEY_GEN)&& \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+
+ if (ret == 0) {
+
+ Clr_CallbackCtx(&userContext);
+
+ ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &userContext);
+
+ if (ret > 0)
+ ret = 0;
+ }
+
+ if (ret == 0) {
+
+ printf(" tsip_rsa_SignVerify_test(1024)");
+
+ userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA1024;
+ userContext.sing_hash_type = sha256_mac;
+ userContext.keyflgs_crypt.bits.message_type = 0;
+
+ ret = tsip_rsa_SignVerify_test(1, 1024);
+ RESULT_STR(ret)
+ }
+
+ Clr_CallbackCtx(&userContext);
+
+ if (ret == 0) {
+ printf(" tsip_rsa_SignVerify_test(2048)");
+
+ userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA2048;
+ userContext.sing_hash_type = sha256_mac;
+ userContext.keyflgs_crypt.bits.message_type = 0;
+
+ ret = tsip_rsa_SignVerify_test(1, 2048);
+ RESULT_STR(ret)
+ }
+
+ Clr_CallbackCtx(&userContext);
+ #endif
+ }
+ else
+ ret = -1;
+
+
+ return ret;
+}
+#endif /* TSIP_CRYPT_UNIT_TEST */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md
new file mode 100644
index 00000000..55df4f2c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md
@@ -0,0 +1,538 @@
+wolfSSL for Renesas RZN2L Board
+=================================================
+
+## Description
+
+This directory contains e2studio projects targeted at the Renesas RZ MCUs.
+The example projects include a wolfSSL TLS client and server.
+They also include benchmark and cryptography tests for the wolfCrypt library.
+
+The example project contains both the wolfSSL and wolfCrypt libraries.
+It is built as a `Renesas RZ/N C/C++ FSP Project` and contains the Renesas RZ
+configuration. The wolfssl project uses `Renesas Secure IP on RZ`
+as hardware acceleration for cyptography.
+
+**Limitation**
+
+Due to lacking of TLS related feature on RSIP driver version, TLS connection examples below use `SHA` and `Random generation` of RSIP driver.
+
+The example project summary is listed below and is relevant for every project.
+
+### Project Summary
+|Item|Name/Version|
+|:--|:--|
+|Board|RZN2L|
+|Device|R9A07G084M04GBG|
+|Toolchain|GCC for Renesas RZ|
+|Toolchain Version|10.3.1.20210824|
+|FSP Version|1.2.0|
+
+#### Selected software components
+
+|Components|Version|Note|
+|:--|:--|:--|
+|Board Support Package Common Files|v1.20||
+|I/O Port|v1.2.0||
+|Arm CMSIS Version 5 - Core (M)|v5.7.0+renesas.1||
+|Board support package for R9A07G084M04GBG|v1.2.0||
+|Board support package for RZN2L|v1.2.0||
+|Board support package for RZN2L - FSP Data|v1.2.0||
+|RSK+RZN2L Board Support Files (RAM execution without flash memory)|v1.2.0||
+|FreeRTOS - Buffer Allocation 2|v1.2.0||
+|FreeRTOS - Memory Management - Heap 4|v1.2.0||
+|FreeRTOS+TCP|v1.2.0||
+|Ethernet PHY |v1.2.0||
+|Ethernet Selector|v1.2.0||
+|Ethernet|v1.2.0||
+|Ethernet Switch|v1.2.0||
+|SCI UART|v1.2.0||
+|r_ether to FreeRTOS+TCP Wrapper|v1.2.0||
+|Renesas Secure IP Driver|v1.3.0+fsp.1.2.0|Need to contact Renesas to get RSIP module|
+|RSIP Engine for RZ/N2L|v1.3.0+fsp.1.2.0|Need to contact Renesas to get RSIP module|
+
+
+## Setup Steps and Build wolfSSL Library
+
+1.) Import projects from [File]->[Open projects from File System]
+
++ Select folder at /path/to/wolfssl/IDE/Renesas/e2studio/RZN2L/test
+
+2.) Create a `dummy_application` Renesas RZ/N C/C++ FSP Project.
+
++ Click File->New->`RZ/N C/C++ FSP Project`.
++ Enter project name `dummy_application`.
++ Select Board: to `RSK+RZN2L (RAM execution without flash memory)`.
++ Select Device: to `R9A07G084M04GBG`. Click Next.
++ Check to `Executable`
++ Select FreeRTOS from RTOS selection. Click Finish.
++ Check `FreeRTOS minimal - Static Allocation`. Click Finish.
++ Open FSP Configurator by clicking configuration.xml in the project -->
++ Go to `Stacks` tab
++ Add new thread by clicking `New Thread`, and set properties below
+
+|Property|Value|
+|:--|:--|
+|Thread Symbol|rzn2l_tst_thread|
+|Thread Name|rzn2l_tst_thread|
+|Thread Stack size|increase depending on your environment<br> e.g. 0xA000|
+|Thread MemoryAllocation|Dyamic|
+|Common General Use Mutexes|Enabled|
+|Common General Enable Backward Compatibility|Enabled|
+|Common Memory Allocation Support Dynamic Allocation|Enabled|
+|Common Memory Allocation Total Heap Size|increase depending on your environment<br> e.g. 0x20000|
+
++ Add `Heap 4` stack to rzn2l_tst_thread from `New Stack` -> `FreeRTOS` -> `FreeRTOS Heap 4`
++ Add `UART Driver` stack to rzn2l_tst_thread from `New Stack` -> `Connectivity` -> `UART Driver`
++ Add `FreeRTOS + TCP` stack to rzn2l_tst_thread from `New Stack` -> -> `FreeRTOS` -> `Libraries` -> `FreeRTOS+TCP` and set properties
+
++ Save `dummy_application` FSP configuration
++ Copy <u>configuration.xml</u> under `dummy_application` to `test_RZN2L`
++ Open FSP configuration by clicking copied configuration.xml at `test_RZN2L`
++ Click `Generate Project Content` on FSP configuration GUI
+
+3.) Prepare UART to logging
+
++ Download Sample package from [BACnet Start-Up](https://www.renesas.com/us/en/products/microcontrollers-microprocessors/rz-mpus/bacnet-start-rzn2l-rsk)
++ Copy the following C source files from the project to src/serial_io folder of `test_RZN2L`
+ + um_serial_io_uart.c
+ + um_serial_io_task_writer.c
+ + um_serial_io_cfg.h
+ + um_common_api.h
+ + um_common_cfg.h
+ + um_serial_io.c
+ + um_serial_io.h
+ + um_serial_io_api.h
+ + um_serial_io_internal.h
++ Open um_serial_io_task_writer.c and re-name printf to uart_printf
+
+3.) Build `test_RZN2L` project
+
+## Run `test_RZN2L`
+
+1). Right click the project and Select menu `Debug` -> `Renesas GDB Hardware debugging`
+
+2). Select J-Link ARM and R9A07G084M04
+
+3). Break at Entory point. Change `cpsr` register value from 0xXXXXX1yy to 0xXXXXX1da
+
+## Run TLS 1.3 Client
+1.) Enable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_CLIENT` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Client IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4] = { 192, 168, 11, 241 };
+```
++ Server IP address can be changed by the following line in wolf_client.c.
+```
+#define SERVER_IP "192.168.11.65"
+```
+
+3.) Build test_RZN2L project
+
+4.) Prepare peer wolfssl server
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
++ Run peer wolfSSL server
+
++ RSA sign and verify use, launch server with the following option
+```
+$./examples/server/server -b -d -i -v 4
+```
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server with the following option.
+```
+$./examples/server/server -b -d -i -v 4 -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem
+```
+
+5.) Run the example Client
+
+You will see the following message on a UART terminal when using RSA sign and verify or ECDSA sign and verify.
+```
+ Started Serial I/O interface.
+ Start TLS Connection to 192.168.11.65 port(11111)
+ Error [-116]: FreeRTOS_connect. <-- A number of messages will be showed by depending on number of connection failures.
+ Start to connect to the server.
+ Cipher : TLS13-AES128-GCM-SHA256
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+ Cipher : TLS13-AES256-GCM-SHA384
+ Received: I hear you fa shizzle!
+
+ End of Client Example
+```
+
+## Run TLS 1.2 Client
+1.) Disable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_CLIENT` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Client IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4] = { 192, 168, 11, 241 };
+```
++ Server IP address can be changed by the following line in wolf_client.c.
+```
+#define SERVER_IP "192.168.11.65"
+```
+
+3.) Build test_RZN2L project
+
+4.) Prepare peer wolfssl server
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
++ Run peer wolfSSL server
+
++ RSA sign and verify use, launch server with the following option
+```
+$./examples/server/server -b -d -i -v 3
+```
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server with the following option.
+```
+$./examples/server/server -b -d -i -v 3 -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem
+```
+
+5.) Run the example Client
+
+You will see the following message on a UART terminal when using RSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Connection to 192.168.11.65 port(11111)
+ Error [-116]: FreeRTOS_connect.
+ Start to connect to the server.
+ Cipher : ECDHE-RSA-AES128-GCM-SHA256
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+ Cipher : ECDHE-RSA-AES256-SHA
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+ Cipher : ECDHE-RSA-AES128-SHA256
+ Received: I hear you fa shizzle!
+
+
+ End of Client Example
+```
+
+You will see the following message on a UART terminal when using ECDSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Connection to 192.168.11.65 port(11111)
+ Error [-116]: FreeRTOS_connect.
+ Start to connect to the server.
+ Cipher : ECDHE-ECDSA-AES128-GCM-SHA256
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+ Cipher : ECDHE-ECDSA-AES256-SHA
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+ Cipher : ECDHE-ECDSA-AES128-SHA256
+ Received: I hear you fa shizzle!
+
+
+ End of Client Example
+```
+
+## Run TLS 1.3 Server
+1.) Enable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_SERVER` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Server IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4] = { 192, 168, 11, 241 };
+```
+
+3.) Build test_RZN2L project
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server from e2studio
+
+4.) Prepare peer wolfssl client
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
+5.) Run peer wolfSSL client
+
++ RSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 4
+```
+
+You will see the following message on a UART terminal when using RSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 4
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+
++ ECDSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 3 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem -k ./certs/ecc-client-key.pem
+```
+
+You will see the following message on a UART terminal when using ECDSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 4 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem -k ./cert
+s/ecc-client-key.pem
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+
+## Run TLS 1.2 Server
+1.) Disable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_SERVER` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Server IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4] = { 192, 168, 11, 241 };
+```
+
+3.) Build test_RZN2L project
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server from e2studio
+
+4.) Prepare peer wolfssl client
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
+5.) Run peer wolfSSL client
+
++ RSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 4
+```
+
+You will see the following message on a UART terminal when using RSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 3
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+
++ ECDSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 3 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem -k ./certs/ecc-client-key.pem
+```
+
+You will see the following message on a UART terminal when using ECDSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 3 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem -k ./certs/ecc-client-key.pem
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+## Run Crypt test
+1.) Enable `CRYPT_TEST` macro in `wolfssl_demo.h`
+
+2.) Run `test_RZN2L` from e2studio
+
+Sample Output
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.3
+------------------------------------------------------------------------------
+error test passed!
+MEMORY test passed!
+base64 test passed!
+asn test passed!
+RANDOM test passed!
+MD5 test passed!
+MD4 test passed!
+SHA test passed!
+SHA-224 test passed!
+SHA-256 test passed!
+SHA-384 test passed!
+SHA-512 test passed!
+SHA-512/224 test passed!
+SHA-512/256 test passed!
+Hash test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HMAC-SHA224 test passed!
+HMAC-SHA256 test passed!
+HMAC-SHA384 test passed!
+HMAC-SHA512 test passed!
+HMAC-KDF test passed!
+TLSv1.3 KDF test passed!
+DES test passed!
+DES3 test passed!
+AES test passed!
+AES256 test passed!
+AES-GCM test passed!
+RSA test passed!
+PWDBASED test passed!
+ECC test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+logging test passed!
+time test passed!
+mutex test passed!
+crypto callback test passed!
+Test complete
+ End wolfCrypt Test
+```
+
+**Note**
+`SHA1/224/256/384/512` and `Random generation` of RSIP driver are enabled at the sampele output above while running wolfCrypt test.
+
+## Run Benchmark
+
+1.) Enable `BENCHMARK` macro in `wolfssl_demo.h`
+
+2.) Run `test_RZN2L` from e2studio
+
+Sample Output
+```
+Started Serial I/O interface. Start wolfCrypt Benchmark
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG 2.0 MiB took 1.000 seconds, 2.393 MiB/s
+AES-128-CBC-enc 2.0 MiB took 1.009 seconds, 2.032 MiB/s
+AES-128-CBC-dec 2.0 MiB took 1.002 seconds, 2.022 MiB/s
+AES-192-CBC-enc 1.1 MiB took 1.001 seconds, 1.732 MiB/s
+AES-192-CBC-dec 1.1 MiB took 1.008 seconds, 1.720 MiB/s
+AES-256-CBC-enc 1.1 MiB took 1.014 seconds, 1.517 MiB/s
+AES-256-CBC-dec 1.1 MiB took 1.008 seconds, 1.502 MiB/s
+AES-128-GCM-enc 675.0 KiB took 1.023 seconds, 659.824 KiB/s
+AES-128-GCM-dec 675.0 KiB took 1.022 seconds, 660.470 KiB/s
+AES-192-GCM-enc 625.0 KiB took 1.000 seconds, 625.000 KiB/s
+AES-192-GCM-dec 650.0 KiB took 1.039 seconds, 625.602 KiB/s
+AES-256-GCM-enc 600.0 KiB took 1.008 seconds, 595.238 KiB/s
+AES-256-GCM-dec 600.0 KiB took 1.007 seconds, 595.829 KiB/s
+AES-128-GCM-enc-no_AAD 675.0 KiB took 1.012 seconds, 666.996 KiB/s
+AES-128-GCM-dec-no_AAD 675.0 KiB took 1.011 seconds, 667.656 KiB/s
+AES-192-GCM-enc-no_AAD 650.0 KiB took 1.029 seconds, 631.681 KiB/s
+AES-192-GCM-dec-no_AAD 650.0 KiB took 1.028 seconds, 632.296 KiB/s
+AES-256-GCM-enc-no_AAD 625.0 KiB took 1.040 seconds, 600.962 KiB/s
+AES-256-GCM-dec-no_AAD 625.0 KiB took 1.039 seconds, 601.540 KiB/s
+GMAC Default 977.0 KiB took 1.000 seconds, 977.000 KiB/s
+3DES 450.0 KiB took 1.022 seconds, 440.313 KiB/s
+MD5 12.1 MiB took 1.001 seconds, 12.756 MiB/s
+SHA 21.0 MiB took 1.000 seconds, 21.240 MiB/s
+SHA-224 21.0 MiB took 1.000 seconds, 21.069 MiB/s
+SHA-256 20.1 MiB took 1.000 seconds, 20.923 MiB/s
+SHA-384 19.1 MiB took 1.000 seconds, 19.604 MiB/s
+SHA-512 19.1 MiB took 1.001 seconds, 19.561 MiB/s
+SHA-512/224 19.1 MiB took 1.000 seconds, 19.873 MiB/s
+SHA-512/256 19.1 MiB took 1.000 seconds, 19.751 MiB/s
+HMAC-MD5 12.0 MiB took 1.000 seconds, 12.451 MiB/s
+HMAC-SHA 19.1 MiB took 1.001 seconds, 19.512 MiB/s
+HMAC-SHA224 19.0 MiB took 1.000 seconds, 19.385 MiB/s
+HMAC-SHA256 19.0 MiB took 1.001 seconds, 19.219 MiB/s
+HMAC-SHA384 18.0 MiB took 1.000 seconds, 18.018 MiB/s
+HMAC-SHA512 17.1 MiB took 1.000 seconds, 17.944 MiB/s
+PBKDF2 224.0 bytes took 1.044 seconds, 214.559 bytes/s
+RSA 2048 public 40 ops took 1.020 sec, avg 25.500 ms, 39.216 ops/sec
+RSA 2048 private 2 ops took 3.196 sec, avg 1598.000 ms, 0.626 ops/sec
+ECC [ SECP256R1] 256 key gen 2 ops took 2.196 sec, avg 1097.1000 ms, 0.911 ops/sec
+ECDHE [ SECP256R1] 256 agree 2 ops took 2.186 sec, avg 1093.000 ms, 0.915 ops/sec
+ECDSA [ SECP256R1] 256 sign 2 ops took 2.215 sec, avg 1107.500 ms, 0.903 ops/sec
+ECDSA [ SECP256R1] 256 verify 2 ops took 4.210 sec, avg 2105.000 ms, 0.475 ops/sec
+CURVE 25519 key gen 3 ops took 1.255 sec, avg 418.333 ms, 2.390 ops/sec
+CURVE 25519 agree 4 ops took 1.672 sec, avg 418.000 ms, 2.392 ops/sec
+Benchmark complete
+ End wolfCrypt Benchmark
+```
+**Note**
+`SHA1/224/256/384/512` and `Random generation` of RSIP driver are enabled at the sampele output above.
+## Support
+
+For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well.
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h
new file mode 100644
index 00000000..48e45224
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h
@@ -0,0 +1,115 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/* Operating Environment and Threading */
+#if defined(WOLFSSL_RENESAS_RSIP)
+ /* FSP SM stands for Flexible Software Package Security Module
+ * WOLFSSL_RENESAS_FSPSM enables fundamental code when it uses.
+ * e.g. Open/Close/Random generator
+ * WOLFSSL_RENESAS_FSPSPM_TLS enables TLS related code for FSP SM
+ * e.g. Certificate verification, Master Secret Generation
+ * WOLFSSL_RENESAS_SCEPROTECT enables specific code for SCE if needed
+ */
+ #define WOLFSSL_RENESAS_FSPSM
+ /* Not yet supported TLS related capabilities */
+ /* # define WOLFSSL_RENESAS_FSPSM_TLS */
+
+#endif
+
+ /* XXX_CRYPTONLY definition enables FSP SM module for Crypto only use.
+ * Therefore, it disables TLS related API use
+ */
+/* #define WOLFSSL_RENESAS_RSIP_CRYPTONLY */
+
+#if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ #undef WOLFSSL_RENESAS_FSPSM_TLS
+ #define WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+
+ #if !defined(WOLFSSL_RENESAS_RSPI)
+ #define WOLFSSL_RENESAS_RSPI
+ #endif
+#endif
+
+#define FREERTOS
+#define FREERTOS_TCP
+
+#define NO_MAIN_DRIVER
+#define BENCH_EMBEDDED
+#define NO_WRITEV
+#define WOLFSSL_NO_FLOAT_FMT
+
+#define NO_DEV_RANDOM
+#define SIZEOF_LONG_LONG 8
+#define NO_WOLFSSL_DIR
+#define WOLFSSL_NO_CURRDIR
+#define NO_WOLF_C99
+#define NO_MULTIBYTE_PRINT
+#define NO_FILESYSTEM
+
+#define XVALIDATEDATE(d, f,t) (0)
+
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+
+#define WOLFSSL_SMALL_STACK
+#define USE_FAST_MATH
+
+/* static RSA */
+#define WOLFSSL_STATIC_RSA
+
+/* Enable to use TLS1.3 */
+#define WOLFSSL_TLS13
+
+#if defined(WOLFSSL_TLS13)
+ #include <sys/time.h>
+ #define HAVE_FFDHE_2048
+ #define HAVE_HKDF
+ #define WC_RSA_PSS
+ #define HAVE_TLS_EXTENSIONS
+ #define HAVE_SUPPORTED_CURVES
+#endif
+
+#define WOLF_CRYPTO_CB
+#if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ #define HAVE_RENESAS_SYNC
+ #define WC_USE_DEVID 7890
+ #define NO_AES_192
+ #define NO_SW_BENCH
+#endif
+
+#if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ #define WOLFSSL_KEY_GEN
+#endif
+
+int uart_printf (const char *__restrict format, ...);
+#undef printf
+#define printf uart_printf
+
+#define TEST_SLEEP() vTaskDelay(50)
+#define CUSTOM_RAND_GENERATE_BLOCK wc_fspsm_GenerateRandBlock
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h
new file mode 100644
index 00000000..9f5a8cd0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h
@@ -0,0 +1,108 @@
+/* wolfssl_demo.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef WOLFSSL_DEMO_H_
+#define WOLFSSL_DEMO_H_
+
+#include <wolfssl/ssl.h>
+#include "FreeRTOS_IP.h"
+#include "FreeRTOS_Sockets.h"
+
+#define FREQ 10000 /* Hz */
+
+/* Client connects to the server with these details. */
+#define SERVER_IP "192.168.11.65"
+#define DEFAULT_PORT 11111
+
+typedef struct tagTestInfo
+{
+ int id;
+ int port;
+ char name[32];
+ const char* cipher;
+ WOLFSSL_CTX* ctx;
+} TestInfo;
+
+/* Enable Crypt Unit Test */
+/* #define UNIT_TEST */
+
+/* Enable wolfcrypt test */
+/* can be enabled with benchmark test */
+#define CRYPT_TEST
+
+/* Enable benchmark */
+/* can be enabled with cyrpt test */
+/* #define BENCHMARK */
+
+/* Enable TLS client */
+/* #define TLS_CLIENT */
+
+/* Enable TLS Server */
+/* #define TLS_SERVER */
+
+#if defined(TLS_CLIENT)
+ extern WOLFSSL_CTX *client_ctx;
+
+ /* Use RSA certificates */
+ #define USE_CERT_BUFFERS_2048
+ /* Use ECC certificates */
+ /*#define USE_CERT_BUFFERS_256*/
+#endif
+
+#if defined(TLS_SERVER)
+ extern WOLFSSL_CTX *server_ctx;
+
+ /* Use RSA certificates */
+ #define USE_CERT_BUFFERS_2048
+ /* Use ECC certificates */
+ /*#define USE_CERT_BUFFERS_256*/
+#endif
+
+#if defined(USE_CERT_BUFFERS_2048) && defined(USE_CERT_BUFFERS_256)
+ #error please set either macro USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_256
+#endif
+
+#define FR_SOCKET_SUCCESS 0
+
+static void util_Cleanup(WOLFSSL_CTX *ctx, WOLFSSL *ssl) {
+ printf("Cleaning up socket and wolfSSL objects.\n");
+ if (ssl != NULL)
+ wolfSSL_free(ssl);
+ if (ctx != NULL)
+ wolfSSL_CTX_free(ctx);
+ wolfSSL_Cleanup();
+}
+
+static inline void util_inf_loop(WOLFSSL_CTX *ctx, WOLFSSL *ssl) {
+ util_Cleanup(ctx, ssl);
+ printf("Reached infinite loop.\n");
+ while (1)
+ ;
+}
+
+void TCPInit();
+void wolfSSL_TLS_client_init();
+int wolfSSL_TLS_client_do(void *pvParam);
+void wolfSSL_TLS_server_init();
+int wolfSSL_TLS_server_do(void *pvParam);
+void wolfSSL_TLS_cleanup();
+
+#endif /* WOLFSSL_DEMO_H_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am
new file mode 100644
index 00000000..af40725c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am
@@ -0,0 +1,17 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/README.md
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/.cproject
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/.project
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/common/user_settings.h \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject
new file mode 100644
index 00000000..98caa784
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject
@@ -0,0 +1,1219 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+ <storageModule moduleId="org.eclipse.cdt.core.settings">
+ <cconfiguration id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794">
+ <storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+ <externalSettings/>
+ <extensions>
+ <extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+ <extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+ <extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+ <extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+ <extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+ </extensions>
+ </storageModule>
+ <storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo">
+ <option id="toolchain.id" value="gcc-arm-embedded"/>
+ <option id="toolchain.version" value="10.3.1.20210824"/>
+ <option id="toolchain.enable" value="true"/>
+ </storageModule>
+ <storageModule moduleId="cdtBuildSystem" version="4.0.0">
+ <configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" description="" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794" name="Debug" parent="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update">
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794." name="/" resourcePath="">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1646034880" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format" value="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.dwarf4" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName" value="R9A07G084M04GBG" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-r52" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.neonfparmv8" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.235609987" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <builder buildPath="${workspace_loc:/test_RZN2L}/Debug" id="com.renesas.cdt.managedbuild.gcc.rz.builder.371425022" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="GCC for Renesas Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gcc.rz.builder"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1445692924" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.878213280" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+ <listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+ <listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include.1404470165" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include" valueType="includePath">
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.920863118" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.2054256250" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.737680653" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+ <listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+ <listOptionValue builtIn="false" value="WOLFSSL_RENESAS_RSIP"/>
+ <listOptionValue builtIn="false" value="WOLFSSL_RENESAS_RZN2L"/>
+ <listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+ <listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include.1392028571" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include" useByScannerDiscovery="false" valueType="includePath">
+ <listOptionValue builtIn="false" value="&quot;${ProjDirPath}/generate&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/serial_io}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${ProjDirPath}/../common&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${ProjDirPath}/../../../../../&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${ProjDirPath}/src&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1188589179" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP">
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.501898805" name="Language standard" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language" useByScannerDiscovery="true" value="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.cpp11" valueType="enumerated"/>
+ </tool>
+ <tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1517459084" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath.1314620766" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath" valueType="libPaths"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.1707323954" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint.2121320154" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript.35544828" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath.1169036561" name="User defined archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/script&quot;"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.linkageOrder.964023710" name="Linkage Order List" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linkageOrder" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/crl.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/internal.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/keys.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/ocsp.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/sniffer.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/ssl.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/tls.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/tls13.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfSSL/wolfio.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/aes.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/arc4.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/asm.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/asn.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/blake2b.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/camellia.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/chacha.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/chacha20_poly1305.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/cmac.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/coding.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/compress.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/cpuid.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/cryptocb.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/curve25519.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/des3.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/dh.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/dsa.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ecc.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ecc_fp.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ed25519.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/error.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/fe_low_mem.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/fe_operations.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ge_low_mem.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ge_operations.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/hash.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/hmac.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/integer.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/kdf.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/logging.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/md2.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/md4.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/md5.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/memory.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/pkcs12.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/pkcs7.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/poly1305.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/random.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/rsa.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha256.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha3.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha512.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/signature.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_arm32.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_arm64.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_armthumb.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_c32.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_c64.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_cortexm.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_dsp32.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_int.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_x86_64.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/srp.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/tfm.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_dsp.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_encrypt.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_pkcs11.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_port.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wolfevent.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wolfmath.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/hal_entry.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;src/rzn2l_tst_thread_entry.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn_gen/common_data.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn_gen/hal_data.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn_gen/main.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn_gen/pin_data.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn_gen/rzn2l_tst_thread.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn_gen/vector_data.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/rm_freertos_port/port.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/rm_freertos_plus_tcp/NetworkInterface.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_sci_uart/r_sci_uart.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/private/r_rsip_otp.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/private/r_rsip_private.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func010.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func011.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func012.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func013.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func016.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func017.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func022.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func023.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func040.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func041.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func043.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func044.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func045.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func046.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func047.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func060.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func066.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func073.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func084.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func085.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func086.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func087.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func088.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func100.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func101.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func102.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func103.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func205.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func206.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func400.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p00.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p01.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p02.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p03.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p04.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p06.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p07.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p08.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0b.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0c.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0d.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0e.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p10.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p15.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p16.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p17.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p18.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p19.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1a.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1b.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1c.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1d.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1e.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p20.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p21.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p24.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p25.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29a.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29t.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p2a.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p2b.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p2c.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32a.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32t.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34a.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34t.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36a.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36t.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p40.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p41f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p41i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p41u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p44f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p44i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p44u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p47f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p47i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p47u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p48f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p48i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p48u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p50f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p50i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p50u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p53.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p53_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p54.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p54_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p56.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p56_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p57.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p57_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p59.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p59_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p60.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p60_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p62.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p62_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p63.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p63_enhanced.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p71.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p72.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p73.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p76.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p80.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb3f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb3i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb3u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb6f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb6i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb6u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb9f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb9i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb9u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pc2f.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pc2i.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pc2u.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pdc.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf0.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf1.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf3.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf4.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pfa.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/r_rsip_data.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_api.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_cmn.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_cmn_drv.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_manifest.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_sb.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src/r_cip_drv_api.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src/rsip_check_param.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/otp/src/r_otp_drv.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_aes.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_ecc.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_rsa.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_rzt2n2.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_sha.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/private/r_rsip_reg.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ioport/r_ioport.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_gmac/r_gmac.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ethsw/r_ethsw.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ether_selector/r_ether_selector.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ether_phy/r_ether_phy.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/rzn2l/bsp_cache.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/rzn2l/bsp_loader_param.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_clocks.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_common.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_delay.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_io.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_irq.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_register_protection.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_reset.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_sbrk.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/cmsis/Device/RENESAS/Source/startup.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/cmsis/Device/RENESAS/Source/system.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/board/rzn2l_rsk/board_init.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/board/rzn2l_rsk/board_leds.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/portable/BufferManagement/BufferAllocation_2.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_ARP.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_DHCP.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_DNS.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_IP.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_Sockets.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_Stream_Buffer.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_TCP_IP.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_TCP_WIN.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_UDP_IP.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/portable/MemMang/heap_4.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/event_groups.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/list.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/queue.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/stream_buffer.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/tasks.o&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/timers.o&quot;"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.includeFiles.1438841261" name="Standard archive (library) files (-l)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.includeFiles" valueType="stringList"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnosys.1028106860" name="Do not use syscalls (--specs=nosys.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnosys" value="false" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.useprintffloat.584424940" name="Use float with nano printf (-u _printf_float)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.useprintffloat" value="false" valueType="boolean"/>
+ <inputType id="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c.1165207646" superClass="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c">
+ <additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+ <additionalInput kind="additionalinputdependency" paths="$(LIBRARY_GENERATOR_OUTPUTTYPE_OUTPUTS)"/>
+ <additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+ </inputType>
+ </tool>
+ <tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1337774964" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath.756288659" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath" valueType="libPaths"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano.1744364271" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint.1291406965" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript.310553223" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash">
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice.1427749577" name="Output file format (-O)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.421010994" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.1221065540" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.1429014953" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.451808212" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.395841504" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1081826627" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen">
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType.1164150425" name="Library type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.libraryType.preBuilt" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary.1673047545" name="Select Library" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.selectLibrary.newLib" valueType="enumerated"/>
+ </tool>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/fsp/src/r_rsip" name="r_rsip" resourcePath="rzn/fsp/src/r_rsip">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1395369224" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.1071339816" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.1331708998" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.1831328053" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.365699331" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.1819123575" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.403603681" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.643513568" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.1098203939" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.2074385996" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.752213395" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1752213841" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.1127031778" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.1105441658" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.880088916" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.904114020" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.652622255" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.1967387297" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.1978781251" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.358045362" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.427490301" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.1687715422" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.181745876" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.1671888469" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.794012212" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.1663735523" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.761525203" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.638760998" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.958309222" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.431526564" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.1354067517" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.1494685771" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.446430137" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.274108541" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.1169746389" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.848299048" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.205611915" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.1023444171" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.182123650" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1531877982" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1547316676" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1342956776" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.641000101" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1948114392" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.50898878" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1317377008" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1553868522" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1281074817" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1863377525" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.768401282" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2020248736" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.1272030231" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1737052899" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/fsp/src/rm_freertos_port" name="rm_freertos_port" resourcePath="rzn/fsp/src/rm_freertos_port">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1523259473" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.336428840" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.395815157" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.440765205" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.1340652781" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.1616957638" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.2011623354" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.2112268196" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.1980381012" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.2090768851" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.2549663" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1146722525" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.1221404318" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.186937928" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.330329119" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.30461289" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.716293411" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.2000041049" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.1065099156" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.717338453" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.1935379814" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.2002524928" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.1261900030" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.561786453" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.2068146979" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.1003417982" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.1630176766" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.667412661" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.1477869635" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.1514401196" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.91956938" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.774700376" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.367785538" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.313731419" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.1523651429" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.564837400" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.918118731" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.406359297" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.1999417238" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1681995986" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.565267107" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1258062177" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1465640145" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.876007366" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.239795482" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.892156765" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1139423725" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.238062688" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.834695780" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.2096621463" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2118424702" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2082487619" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.784786060" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/aws" name="aws" resourcePath="rzn/aws">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1149348878" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.362529713" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.1932444170" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.1262200544" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.476328099" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.801403333" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.1900325214" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.2078268753" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.426583064" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.520690112" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.1305824312" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1173907719" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.801391698" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.541684863" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.1714599141" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.1337937670" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.670370160" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.1100338590" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.1774279722" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.441168637" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.176888508" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.1954397806" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.476988269" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.719278643" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.2111201393" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.1705986437" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.663663927" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.1493923769" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.1516575155" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.457656564" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.1269461534" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.1486201287" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.1189141211" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.1006395659" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.913131744" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.949251499" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.1919830146" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.1157451195" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.490684901" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1883924890" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.202422758" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.204186308" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1724680938" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1758752052" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1495068833" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1509919788" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1137257624" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.551760459" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1796558256" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1237986710" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1780835869" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.1889695121" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.326110318" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/arm" name="arm" resourcePath="rzn/arm">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1817151912" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.1040662795" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.1232807680" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.8365988" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.1904476778" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.384006156" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.1853721101" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.316385495" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.967379669" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.1401820060" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.1003347397" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1281051395" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.815540782" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.2009828075" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.202931399" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.1287099006" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.2145474557" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.2038437081" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.234661609" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.19102270" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.427275396" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.684285041" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.1136217243" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.2134902749" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.1191405963" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.150664323" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.862320695" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.552202924" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.1352685939" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.1307433488" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.1847960832" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.11245639" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.381910869" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.484994307" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.921925344" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.139681266" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.213813504" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.960148763" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.2053583333" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.693401016" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1938438904" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.365017269" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1597078062" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1022150615" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1953230089" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.611756315" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.500108808" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.512411668" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.316691623" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.990976938" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.771278060" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.443724269" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.951162315" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+ </toolChain>
+ </folderInfo>
+ <sourceEntries>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="common"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn_gen"/>
+ <entry excluding="test|serial_io|wolfCrypt|wolfSSL" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/serial_io"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/test"/>
+ <entry excluding="port" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt/port"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfSSL"/>
+ </sourceEntries>
+ </configuration>
+ </storageModule>
+ <storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+ <storageModule moduleId="com.renesas.cdt.managedbuild.core.boardInfo"/>
+ </cconfiguration>
+ <cconfiguration id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413">
+ <storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413" moduleId="org.eclipse.cdt.core.settings" name="Release">
+ <externalSettings/>
+ <extensions>
+ <extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+ <extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+ <extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+ <extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+ <extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+ </extensions>
+ </storageModule>
+ <storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo">
+ <option id="toolchain.id" value="gcc-arm-embedded"/>
+ <option id="toolchain.version" value="9.3.1.20200408"/>
+ </storageModule>
+ <storageModule moduleId="cdtBuildSystem" version="4.0.0">
+ <configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.release" description="" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413" name="Release" parent="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update">
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413." name="/" resourcePath="">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.770956647" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format" value="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.dwarf4" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName" value="R9A07G084M04GBG" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-r52" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.neonfparmv8" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.583978247" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <builder buildPath="${workspace_loc:/test_RZN2L}/Release" id="com.renesas.cdt.managedbuild.gcc.rz.builder.557849021" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="GCC for Renesas Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gcc.rz.builder"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1175869025" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.305259748" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+ <listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+ <listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include.1749182888" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include" valueType="includePath">
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.456671311" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.687297081" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.856881917" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+ <listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+ <listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include.1411892430" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include" useByScannerDiscovery="false" valueType="includePath">
+ <listOptionValue builtIn="false" value="&quot;${ProjDirPath}/generate&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${ProjDirPath}/src&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.179835817" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP">
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.1492193481" name="Language standard" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language" useByScannerDiscovery="true" value="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.cpp11" valueType="enumerated"/>
+ </tool>
+ <tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1200386063" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath.3491622" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath" valueType="libPaths"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.2140522055" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint.2072792159" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript.1599876065" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+ </option>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath.1202803303" name="User defined archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/script&quot;"/>
+ </option>
+ <inputType id="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c.899703779" superClass="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c">
+ <additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+ <additionalInput kind="additionalinputdependency" paths="$(LIBRARY_GENERATOR_OUTPUTTYPE_OUTPUTS)"/>
+ <additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+ </inputType>
+ </tool>
+ <tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.484519932" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath.1726817531" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath" valueType="libPaths"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano.1225392189" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano" value="true" valueType="boolean"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint.827697822" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript.963403495" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript" valueType="stringList">
+ <listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash">
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice.1901619579" name="Output file format (-O)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.639759299" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.1032066303" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.675409827" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.229300003" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.2016086530" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1270800738" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen">
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType.1221039153" name="Library type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.libraryType.preBuilt" valueType="enumerated"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary.738037052" name="Select Library" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.selectLibrary.newLib" valueType="enumerated"/>
+ </tool>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/fsp/src/r_rsip" name="r_rsip" resourcePath="rzn/fsp/src/r_rsip">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.1805500879" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.739724666" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.2061203420" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1406894157" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.2030749683" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.790656282" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.1356391314" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.1351541905" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.2020020097" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.1177269684" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.1916633009" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.2013552145" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.1407385964" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.623430997" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.1144156355" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.1600479748" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.625830093" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.352772718" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.1351030431" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.1327033446" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.964360091" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.1756533831" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.1345627862" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.757689803" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.274868436" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.1251789087" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1264668413" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.432626970" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.1289142314" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.1119489128" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.910572528" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.1825512020" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.1958450962" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.943311469" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.51286933" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.1587041260" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.1056755502" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.1865484770" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.1416496788" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1348720370" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.376062854" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1007502461" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.541145938" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.2122390839" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1953373052" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.785654378" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1777942871" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.105544834" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.2034626298" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.952048634" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1880138113" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.864803322" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1999521134" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/fsp/src/rm_freertos_port" name="rm_freertos_port" resourcePath="rzn/fsp/src/rm_freertos_port">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.1780955727" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.1515988655" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.98426643" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1368670284" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.1255025832" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.1805808218" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.1580110529" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.1015078072" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.187277427" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.516240309" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.841361088" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.695463787" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.573190969" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.171281485" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.1227415680" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.787216557" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.1616125551" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.275796807" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.136998500" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.755077597" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.2074777613" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.1118603308" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.699262263" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.1738044861" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.1552093548" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.1260464147" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1535159110" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.531911065" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.1660248898" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.87315642" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.1354657845" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.438074263" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.811475061" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.119883407" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.905726066" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.329638876" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.412871590" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.391550557" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.973431454" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1563943334" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1922787239" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1738421288" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.86380647" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.942795373" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.850792710" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1337171250" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1932158153" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1432352756" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.70927854" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.899047981" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.937830769" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.707006312" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.497834944" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/aws" name="aws" resourcePath="rzn/aws">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.157403712" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.1295975321" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.237633346" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1890195381" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.77889737" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.1309753706" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.15722697" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.1592570168" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.1526537674" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.1885735518" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.836857696" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.660001253" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.1721588588" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.1152568021" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.308986896" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.1956123633" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.1901935883" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.420050635" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.1749362881" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.359351989" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.169410393" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.157951181" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.623479485" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.1472170937" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.2002516508" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.592979565" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1618034723" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.636904387" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.800189701" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.44793537" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.1141730343" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.457214733" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.1207411951" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.354529679" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.234468684" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.681148796" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.1814879062" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.1477995526" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.245514874" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1386642519" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1349234873" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1286853864" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.189846499" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1177969784" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.693656395" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1379653425" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.45297935" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.522138222" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1732589368" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1455868703" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2127614422" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.816427867" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.911927446" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+ </toolChain>
+ </folderInfo>
+ <folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/arm" name="arm" resourcePath="rzn/arm">
+ <toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.1889887927" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.1718318238" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.590487448" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1225297799" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.2005188152" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.1017132798" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.1239149903" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.59681840" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.1597464965" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.1505267256" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.28067641" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.143007318" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.1835033923" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.2120363008" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.1856190339" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.1794023378" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.312528496" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.1308744120" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.648352829" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.1978627619" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.1443177685" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.1283912442" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.24431814" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.1786814536" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.772389813" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.402794539" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1036945350" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.789985843" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.498732864" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.195982447" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.1622400694" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.405103113" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.2141430682" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.524212942" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.832796011" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.1262895352" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+ <option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.1093138460" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.978798942" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+ <option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.1190577806" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+ <targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.54253754" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.437701253" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.974292199" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1258871705" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ <inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1545961253" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1262039585" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+ <option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.224364759" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+ <listOptionValue builtIn="false" value="-w"/>
+ </option>
+ </tool>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.667545810" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1731036365" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.439531068" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.355655278" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2113610447" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.1840785923" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+ <tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.328381856" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+ </toolChain>
+ </folderInfo>
+ <sourceEntries>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="common"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn_gen"/>
+ <entry excluding="test|serial_io|wolfCrypt|wolfSSL" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/serial_io"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/test"/>
+ <entry excluding="port" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt/port"/>
+ <entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfSSL"/>
+ </sourceEntries>
+ </configuration>
+ </storageModule>
+ <storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+ </cconfiguration>
+ </storageModule>
+ <storageModule moduleId="cdtBuildSystem" version="4.0.0">
+ <project id="test_RZN2L.com.renesas.cdt.managedbuild.gcc.rz.projectType.update.380525196" name="Executable" projectType="com.renesas.cdt.managedbuild.gcc.rz.projectType.update"/>
+ </storageModule>
+ <storageModule moduleId="scannerConfiguration">
+ <autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+ <scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413;com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413.;com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.179835817">
+ <autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+ </scannerConfigBuildInfo>
+ <scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794;com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794.;com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1188589179">
+ <autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+ </scannerConfigBuildInfo>
+ </storageModule>
+ <storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+ <storageModule moduleId="refreshScope"/>
+ <storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
+</cproject> \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project
new file mode 100644
index 00000000..9610054e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project
@@ -0,0 +1,440 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>test_RZN2L</name>
+ <comment></comment>
+ <projects>
+ </projects>
+ <buildSpec>
+ <buildCommand>
+ <name>com.renesas.cdt.ddsc.contentgen.ddscBuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+ <triggers>clean,full,incremental,</triggers>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+ <triggers>full,incremental,</triggers>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>com.renesas.cdt.ddsc.contentgen.ddscInterlockBundleBuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.cdt.core.cnature</nature>
+ <nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+ <nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+ <nature>com.renesas.cdt.ddsc.contentgen.ddscNature</nature>
+ <nature>com.renesas.cdt.rz.ddsc.contentgen.rznNature</nature>
+ </natures>
+ <linkedResources>
+ <link>
+ <name>common/user_settings.h</name>
+ <type>1</type>
+ <locationURI>PARENT-1-PROJECT_LOC/common/user_settings.h</locationURI>
+ </link>
+ <link>
+ <name>common/wolfssl_demo.h</name>
+ <type>1</type>
+ <locationURI>PARENT-1-PROJECT_LOC/common/wolfssl_demo.h</locationURI>
+ </link>
+ <link>
+ <name>src/test/benchmark.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/benchmark/benchmark.c</locationURI>
+ </link>
+ <link>
+ <name>src/test/test.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/test/test.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/aes.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/aes.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/arc4.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/arc4.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/asm.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/asm.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/asn.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/asn.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/blake2b.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/blake2b.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/camellia.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/camellia.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/chacha.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/chacha20_poly1305.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha20_poly1305.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/cmac.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cmac.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/coding.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/coding.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/compress.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/compress.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/cpuid.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cpuid.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/cryptocb.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptocb.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/curve25519.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/curve25519.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/des3.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/des3.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/dh.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dh.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/dsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dsa.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/ecc.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/ecc_fp.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc_fp.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/ed25519.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ed25519.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/error.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/error.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/fe_low_mem.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_low_mem.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/fe_operations.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_operations.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/ge_low_mem.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_low_mem.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/ge_operations.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_operations.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/hash.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hash.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/hmac.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hmac.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/integer.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/integer.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/kdf.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/kdf.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/logging.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/logging.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/md2.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md2.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/md4.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md4.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/md5.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md5.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/memory.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/memory.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/pkcs12.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs12.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/pkcs7.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs7.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/poly1305.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/poly1305.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/pwdbased.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pwdbased.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/random.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/random.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/rsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/rsa.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sha.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sha256.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha256.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sha3.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha3.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sha512.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha512.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/signature.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/signature.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_arm32.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm32.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_arm64.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm64.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_armthumb.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_armthumb.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_c32.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c32.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_c64.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c64.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_cortexm.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_cortexm.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_dsp32.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_dsp32.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_int.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_int.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/sp_x86_64.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_x86_64.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/srp.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/srp.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/tfm.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/tfm.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/wc_dsp.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_dsp.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/wc_encrypt.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_encrypt.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/wc_pkcs11.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_pkcs11.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/wc_port.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_port.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/wolfevent.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfevent.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/wolfmath.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfmath.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/crl.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/crl.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/internal.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/internal.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/keys.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/keys.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/ocsp.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/ocsp.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/sniffer.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/sniffer.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/ssl.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/ssl.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/tls.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/tls.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/tls13.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/tls13.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfSSL/wolfio.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/src/wolfio.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/port/renesas_common.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_common.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/port/renesas_fspsm_aes.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/port/renesas_fspsm_rsa.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/port/renesas_fspsm_sha.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c</locationURI>
+ </link>
+ <link>
+ <name>src/wolfCrypt/port/renesas_fspsm_util.c</name>
+ <type>1</type>
+ <locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c</locationURI>
+ </link>
+ </linkedResources>
+</projectDescription>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld
new file mode 100644
index 00000000..8f373e0a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld
@@ -0,0 +1,243 @@
+/*
+ Linker File for Renesas RZ/N2L FSP
+*/
+
+MEMORY
+{
+ ATCM : ORIGIN = 0x00000000, LENGTH = 0x00020000
+ BTCM : ORIGIN = 0x00100000, LENGTH = 0x00020000
+ SYSTEM_RAM : ORIGIN = 0x10000000, LENGTH = 0x00180000
+ SYSTEM_RAM_MIRROR : ORIGIN = 0x30000000, LENGTH = 0x00180000
+ xSPI0_CS0_SPACE_MIRROR : ORIGIN = 0x40000000, LENGTH = 0x04000000
+ xSPI0_CS1_SPACE_MIRROR : ORIGIN = 0x44000000, LENGTH = 0x04000000
+ xSPI1_CS0_SPACE_MIRROR : ORIGIN = 0x48000000, LENGTH = 0x04000000
+ xSPI1_CS1_SPACE_MIRROR : ORIGIN = 0x4C000000, LENGTH = 0x04000000
+ CS0_SPACE_MIRROR : ORIGIN = 0x50000000, LENGTH = 0x04000000
+ CS2_SPACE_MIRROR : ORIGIN = 0x54000000, LENGTH = 0x04000000
+ CS3_SPACE_MIRROR : ORIGIN = 0x58000000, LENGTH = 0x04000000
+ CS5_SPACE_MIRROR : ORIGIN = 0x5C000000, LENGTH = 0x04000000
+ xSPI0_CS0_SPACE : ORIGIN = 0x60000000, LENGTH = 0x04000000
+ xSPI0_CS1_SPACE : ORIGIN = 0x64000000, LENGTH = 0x04000000
+ xSPI1_CS0_SPACE : ORIGIN = 0x68000000, LENGTH = 0x04000000
+ xSPI1_CS1_SPACE : ORIGIN = 0x6C000000, LENGTH = 0x04000000
+ CS0_SPACE : ORIGIN = 0x70000000, LENGTH = 0x04000000
+ CS2_SPACE : ORIGIN = 0x74000000, LENGTH = 0x04000000
+ CS3_SPACE : ORIGIN = 0x78000000, LENGTH = 0x04000000
+ CS5_SPACE : ORIGIN = 0x7C000000, LENGTH = 0x04000000
+}
+
+SECTIONS
+{
+ .loader_text 0x00102000 : AT (0x00102000)
+ {
+ *(.loader_text)
+ */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(.text*)
+ */fsp/src/bsp/mcu/all/bsp_clocks.o(.text*)
+ */fsp/src/bsp/mcu/all/bsp_irq.o(.text*)
+ */fsp/src/bsp/mcu/all/bsp_register_protection.o(.text*)
+ */fsp/src/r_ioport/r_ioport.o(.text*)
+ KEEP(*(.warm_start))
+ } > BTCM
+ .loader_data :
+ {
+ */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(.data*)
+ */fsp/src/bsp/mcu/all/bsp_clocks.o(.data*)
+ */fsp/src/bsp/mcu/all/bsp_irq.o(.data*)
+ */fsp/src/bsp/mcu/all/bsp_register_protection.o(.data*)
+ */fsp/src/r_ioport/r_ioport.o(.data*)
+ __loader_bss_start = .;
+ */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(.bss*)
+ */fsp/src/bsp/mcu/all/bsp_clocks.o(.bss*)
+ */fsp/src/bsp/mcu/all/bsp_irq.o(.bss*)
+ */fsp/src/bsp/mcu/all/bsp_register_protection.o(.bss*)
+ */fsp/src/r_ioport/r_ioport.o(.bss*)
+ */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(COMMON)
+ */fsp/src/bsp/mcu/all/bsp_clocks.o(COMMON)
+ */fsp/src/bsp/mcu/all/bsp_irq.o(COMMON)
+ */fsp/src/bsp/mcu/all/bsp_register_protection.o(.COMMON)
+ */fsp/src/r_ioport/r_ioport.o(.COMMON)
+ __loader_bss_end = . ;
+ } > BTCM
+ .intvec 0x00000000 : AT (0x00000000)
+ {
+ _fvector_start = .;
+ KEEP(*(.intvec))
+ _fvector_end = .;
+ } > ATCM
+ .text 0x30000000 : AT (0x30000000)
+ {
+ _text_start = .;
+ *(.text*)
+
+ KEEP(*(.init))
+ KEEP(*(.fini))
+
+ /* .ctors */
+ *crtbegin.o(.ctors)
+ *crtbegin?.o(.ctors)
+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors)
+ *(SORT(.ctors.*))
+ *(.ctors)
+ _ctor_end = .;
+
+ /* .dtors */
+ *crtbegin.o(.dtors)
+ *crtbegin?.o(.dtors)
+ *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors)
+ *(SORT(.dtors.*))
+ *(.dtors)
+ _dtor_end = .;
+
+ *(.rodata*)
+ _erodata = .;
+ KEEP(*(.eh_frame*))
+ } > SYSTEM_RAM_MIRROR
+ .rvectors :
+ {
+ _rvectors_start = .;
+ KEEP(*(.rvectors))
+ _rvectors_end = .;
+ } > SYSTEM_RAM_MIRROR
+ .ARM.extab :
+ {
+ *(.ARM.extab* .gnu.linkonce.armextab.*)
+ } > SYSTEM_RAM_MIRROR
+ __exidx_start = .;
+ .ARM.exidx :
+ {
+ *(.ARM.exidx* .gnu.linkonce.armexidx.*)
+ } > SYSTEM_RAM_MIRROR
+ __exidx_end = .;
+ .got :
+ {
+ *(.got)
+ *(.got.plt)
+ _text_end = .;
+ } > SYSTEM_RAM_MIRROR
+ .data :
+ {
+ _data_start = .;
+
+ *(vtable)
+ *(.data.*)
+ *(.data)
+
+ . = ALIGN(4);
+ /* preinit data */
+ PROVIDE_HIDDEN (__preinit_array_start = .);
+ KEEP(*(.preinit_array))
+ PROVIDE_HIDDEN (__preinit_array_end = .);
+
+ . = ALIGN(4);
+ /* init data */
+ PROVIDE_HIDDEN (__init_array_start = .);
+ KEEP(*(SORT(.init_array.*)))
+ KEEP(*(.init_array))
+ PROVIDE_HIDDEN (__init_array_end = .);
+
+ . = ALIGN(4);
+ /* finit data */
+ PROVIDE_HIDDEN (__fini_array_start = .);
+ KEEP(*(SORT(.fini_array.*)))
+ KEEP(*(.fini_array))
+ PROVIDE_HIDDEN (__fini_array_end = .);
+
+ KEEP(*(.jcr*))
+
+ . = ALIGN(4);
+
+ /* All data end */
+ _data_end = .;
+ } > SYSTEM_RAM_MIRROR
+ .bss :
+ {
+ . = ALIGN(4);
+ __bss_start__ = .;
+ _bss = .;
+ *(.bss*)
+ *(COMMON)
+ . = ALIGN(4);
+ __bss_end__ = .;
+ _ebss = .;
+ _end = .;
+ } > SYSTEM_RAM_MIRROR
+ .heap (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __HeapBase = .;
+ /* Place the STD heap here. */
+ KEEP(*(.heap))
+ __HeapLimit = .;
+ } > SYSTEM_RAM_MIRROR
+ .thread_stack (NOLOAD):
+ {
+ . = ALIGN(8);
+ __ThreadStackBase = .;
+ /* Place the Thread stacks here. */
+ KEEP(*(.stack*))
+ __ThreadStackLimit = .;
+ } > SYSTEM_RAM_MIRROR
+ .sys_stack (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __SysStackBase = .;
+ /* Place the sys_stack here. */
+ KEEP(*(.sys_stack))
+ __SysStackLimit = .;
+ } > BTCM
+ .svc_stack (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __SvcStackBase = .;
+ /* Place the svc_stack here. */
+ KEEP(*(.svc_stack))
+ __SvcStackLimit = .;
+ } > BTCM
+ .irq_stack (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __IrqStackBase = .;
+ /* Place the irq_stack here. */
+ KEEP(*(.irq_stack))
+ __IrqStackLimit = .;
+ } > BTCM
+ .fiq_stack (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __FiqStackBase = .;
+ /* Place the fiq_stack here. */
+ KEEP(*(.fiq_stack))
+ __FiqStackLimit = .;
+ } > BTCM
+ .und_stack (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __UndStackBase = .;
+ /* Place the und_stack here. */
+ KEEP(*(.und_stack))
+ __UndStackLimit = .;
+ } > BTCM
+ .abt_stack (NOLOAD) :
+ {
+ . = ALIGN(8);
+ __AbtStackBase = .;
+ /* Place the abt_stack here. */
+ KEEP(*(.abt_stack))
+ __AbtStackLimit = .;
+ } > BTCM
+ .shared_noncache_buffer 0x300C0000 : AT (0x300C0000)
+ {
+ . = ALIGN(32);
+ _sncbuffer_start = .;
+ KEEP(*(.shared_noncache_buffer*))
+ _sncbuffer_end = .;
+ } > SYSTEM_RAM_MIRROR
+ .noncache_buffer 0x30100000 : AT (0x30100000)
+ {
+ . = ALIGN(32);
+ _ncbuffer_start = .;
+ KEEP(*(.noncache_buffer*))
+ _ncbuffer_end = .;
+ } > SYSTEM_RAM_MIRROR
+}
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c
new file mode 100644
index 00000000..0e4c459e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c
@@ -0,0 +1,438 @@
+/* rzn2l_tst_thread_entry.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "rzn2l_tst_thread.h"
+
+#include "um_common_cfg.h"
+#include "um_common_api.h"
+#include "um_serial_io_api.h"
+#include "um_serial_io.h"
+
+#include "wolfssl_demo.h"
+#include "user_settings.h"
+
+typedef struct func_args {
+ int argc;
+ char** argv;
+ int return_code;
+} func_args;
+
+static serial_io_instance_ctrl_t g_serial_io0_ctrl;
+static serial_io_cfg_t const g_serial_io0_cfg =
+{
+ .p_uart_instance = &g_uart0,
+};
+serial_io_instance_t const g_serial_io0 =
+{
+ .p_ctrl = &g_serial_io0_ctrl,
+ .p_cfg = &g_serial_io0_cfg,
+ .p_api = &g_serial_io_on_serial_io,
+};
+
+FSP_CPP_HEADER
+void R_BSP_WarmStart(bsp_warm_start_event_t event)
+BSP_PLACE_IN_SECTION(".warm_start");
+FSP_CPP_FOOTER
+
+void R_BSP_WarmStart(bsp_warm_start_event_t event)
+{
+ if (BSP_WARM_START_RESET == event) {
+ }
+
+ if (BSP_WARM_START_POST_C == event){
+ R_IOPORT_Open (&g_ioport_ctrl, &g_bsp_pin_cfg);
+ }
+}
+
+#if defined(TLS_CLIENT) || \
+ defined(TLS_SERVER)
+ extern uint8_t g_ether0_mac_address[6];
+ const byte ucIPAddress[4] = { 192, 168, 11, 241 };
+ const byte ucNetMask[4] = { 255, 255, 255, 0 };
+ const byte ucGatewayAddress[4] = { 192, 168, 11, 1 };
+ const byte ucDNSServerAddress[4] = { 192, 168, 11, 1 };
+#endif
+
+#if defined(WOLFSSL_RENESAS_FSPSM) && \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
+#if defined(UNIT_TEST)
+ int rsip_crypt_test();
+#endif
+
+#if (defined(BENCHMARK) || defined(CRYPT_TEST)) \
+ && defined(HAVE_RENESAS_SYNC) && defined(HAVE_AES_CBC)
+ FSPSM_ST guser_PKCbInfo;
+#endif
+
+void Clr_CallbackCtx(FSPSM_ST *g);
+void RSIP_KeyGeneration(FSPSM_ST *g);
+
+void RSIP_KeyGeneration(FSPSM_ST *g)
+{
+ fsp_err_t rsip_error_code = FSP_SUCCESS;
+
+ if (g->wrapped_key_aes128 != NULL) {
+ rsip_error_code = R_RSIP_KeyGenerate(&gFSPSM_ctrl,
+ RSIP_KEY_TYPE_AES_128,
+ g->wrapped_key_aes128);
+ if (rsip_error_code == FSP_SUCCESS)
+ g->keyflgs_crypt.bits.aes128_installedkey_set = 1;
+ }
+
+ if (g->wrapped_key_aes256 != NULL) {
+ rsip_error_code = R_RSIP_KeyGenerate(&gFSPSM_ctrl,
+ RSIP_KEY_TYPE_AES_256,
+ g->wrapped_key_aes256);
+ if (rsip_error_code == FSP_SUCCESS)
+ g->keyflgs_crypt.bits.aes256_installedkey_set = 1;
+ }
+
+ if (g->wrapped_key_rsapri1024 != NULL &&
+ g->wrapped_key_rsapub1024 != NULL) {
+ rsip_error_code = R_RSIP_KeyPairGenerate(&gFSPSM_ctrl,
+ RSIP_KEY_PAIR_TYPE_RSA_1024,
+ g->wrapped_key_rsapub1024,
+ g->wrapped_key_rsapri1024);
+ if (rsip_error_code == FSP_SUCCESS) {
+ g->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
+ g->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
+ }
+ }
+
+ if (g->wrapped_key_rsapri2048 != NULL &&
+ g->wrapped_key_rsapub2048 != NULL) {
+ rsip_error_code = R_RSIP_KeyPairGenerate(&gFSPSM_ctrl,
+ RSIP_KEY_PAIR_TYPE_RSA_2048,
+ g->wrapped_key_rsapub2048,
+ g->wrapped_key_rsapri2048);
+ if (rsip_error_code == FSP_SUCCESS) {
+ g->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
+ g->keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
+ }
+ }
+}
+
+/* only pointer sets to NULL */
+/* owner of keys should be freed */
+void Clr_CallbackCtx(FSPSM_ST *g)
+{
+ (void) g;
+
+ if (g->wrapped_key_aes256 != NULL)
+ g->wrapped_key_aes256 = NULL;
+
+ if (g->wrapped_key_aes128 != NULL)
+ g->wrapped_key_aes128 = NULL;
+
+ #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ if (g->wrapped_key_rsapri2048 != NULL)
+ g->wrapped_key_rsapri2048 = NULL;
+
+ if (g->wrapped_key_rsapub2048 != NULL)
+ g->wrapped_key_rsapub2048 = NULL;
+
+ if (g->wrapped_key_rsapri1024 != NULL)
+ g->wrapped_key_rsapri1024 = NULL;
+
+ if (g->wrapped_key_rsapub2048 != NULL)
+ g->wrapped_key_rsapub2048 = NULL;
+ #endif
+
+ XMEMSET(g, 0, sizeof(FSPSM_ST));
+}
+#endif
+
+
+#if defined(TLS_CLIENT) || \
+ defined(TLS_SERVER)
+
+extern WOLFSSL_CTX *client_ctx;
+extern WOLFSSL_CTX *server_ctx;
+
+void TCPInit( )
+{
+ BaseType_t fr_status;
+
+ /* FreeRTOS+TCP Ethernet and IP Setup */
+ fr_status = FreeRTOS_IPInit(ucIPAddress,
+ ucNetMask,
+ ucGatewayAddress,
+ ucDNSServerAddress,
+ g_ether0_mac_address);
+
+ if (pdPASS != fr_status) {
+ printf("Error [%ld]: FreeRTOS_IPInit.\n",fr_status);
+ }
+}
+
+
+void wolfSSL_TLS_cleanup()
+{
+#if defined(TLS_CLIENT)
+ if (client_ctx) {
+ wolfSSL_CTX_free(client_ctx);
+ }
+#endif
+#if defined(TLS_SERVER)
+ if (server_ctx) {
+ wolfSSL_CTX_free(server_ctx);
+ }
+#endif
+ wolfSSL_Cleanup();
+}
+
+#endif
+
+serial_io_instance_t const * gp_serial_io0 = &g_serial_io0;
+static void serial_init()
+{
+ usr_err_t usr_err;
+
+ /** Open Serial I/O module. */
+ usr_err = gp_serial_io0->p_api->open
+ (gp_serial_io0->p_ctrl, gp_serial_io0->p_cfg );
+ if( USR_SUCCESS != usr_err )
+ {
+ USR_DEBUG_BLOCK_CPU();
+ }
+
+ /** Start Serial I/O module. */
+ usr_err = gp_serial_io0->p_api->start( gp_serial_io0->p_ctrl );
+ if( USR_SUCCESS != usr_err )
+ {
+ USR_DEBUG_BLOCK_CPU();
+ }
+ printf( " Started Serial I/O interface." );
+}
+
+/* rzn2l_tst_thread entry function */
+/* pvParameters contains TaskHandle_t */
+void rzn2l_tst_thread_entry(void *pvParameters)
+{
+ FSP_PARAMETER_NOT_USED (pvParameters);
+
+
+ serial_init();
+
+#if defined(UNIT_TEST)
+
+ int ret;
+
+ printf("\n");
+ printf("\n Start wolf RSIP Crypt Test\n");
+
+ if ((ret = wolfCrypt_Init()) != 0) {
+ printf(" wolfCrypt_Init failed %d\n", ret);
+ }
+#if defined(WOLFSSL_RENESAS_FSPSM) && \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ printf(" \n");
+ printf(" RSIP Unit Test\n");
+ rsip_crypt_test();
+#else
+ printf(" \n");
+ printf(" RSIP Unit Test Not Run\n");
+#endif
+ printf(" \n");
+ printf(" End wolf RSIP crypt Test\n");
+
+ if ((ret = wolfCrypt_Cleanup()) != 0) {
+ printf("wolfCrypt_Cleanup failed %d\n", ret);
+ }
+
+#elif defined(CRYPT_TEST)
+ #include "wolfcrypt/test/test.h"
+#if defined(HAVE_RENESAS_SYNC) && \
+ defined(HAVE_AES_CBC)
+
+ Clr_CallbackCtx(&guser_PKCbInfo);
+
+ #if defined(WOLFSSL_AES_128)
+ uint8_t wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+ FSPSM_AES_PWKEY user_aes128_key_index =
+ (FSPSM_AES_PWKEY)wrapped_key1;
+ guser_PKCbInfo.wrapped_key_aes128 = user_aes128_key_index;
+ #endif
+
+ #if defined(WOLFSSL_AES_256)
+ uint8_t wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+ FSPSM_AES_PWKEY user_aes256_key_index =
+ (FSPSM_AES_PWKEY)wrapped_key2;
+ guser_PKCbInfo.wrapped_key_aes256 = user_aes256_key_index;
+ #endif
+ /* Generate Wrapped aes key */
+ RSIP_KeyGeneration(&guser_PKCbInfo);
+#endif
+
+ int ret;
+
+ func_args args = { 0 };
+
+ if ((ret = wolfCrypt_Init()) != 0) {
+ printf("wolfCrypt_Init failed %d\n", ret);
+ }
+
+ printf("\n");
+ printf("\n Start wolfCrypt Test\n");
+ wolfcrypt_test((void*)&args);
+ printf(" End wolfCrypt Test\n");
+
+ if ((ret = wolfCrypt_Cleanup()) != 0) {
+ printf("wolfCrypt_Cleanup failed %d\n", ret);
+ }
+#if defined(HAVE_RENESAS_SYNC) && \
+ defined(HAVE_AES_CBC)
+ Clr_CallbackCtx(&guser_PKCbInfo);
+#endif
+
+#elif defined(BENCHMARK)
+#if defined(HAVE_RENESAS_SYNC) && \
+ defined(HAVE_AES_CBC)
+
+ Clr_CallbackCtx(&guser_PKCbInfo);
+
+ #if defined(WOLFSSL_AES_128)
+ uint8_t wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+ FSPSM_AES_PWKEY user_aes128_key_index =
+ (FSPSM_AES_PWKEY)wrapped_key1;
+ guser_PKCbInfo.wrapped_key_aes128 = user_aes128_key_index;
+ #endif
+
+ #if defined(WOLFSSL_AES_256)
+ uint8_t wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+ FSPSM_AES_PWKEY user_aes256_key_index =
+ (FSPSM_AES_PWKEY)wrapped_key2;
+ guser_PKCbInfo.wrapped_key_aes256 = user_aes256_key_index;
+ #endif
+ /* Generate Wrapped aes key */
+ RSIP_KeyGeneration(&guser_PKCbInfo);
+#endif
+ printf(" Start wolfCrypt Benchmark\n");
+
+ benchmark_test(NULL);
+
+ printf(" End wolfCrypt Benchmark\n");
+#if defined(HAVE_RENESAS_SYNC) && \
+ defined(HAVE_AES_CBC)
+ Clr_CallbackCtx(&guser_PKCbInfo);
+#endif
+
+#elif defined(TLS_CLIENT)
+
+ int i = 0;
+ const int Max_Retry = 10;
+
+ #if defined(WOLFSSL_TLS13)
+ const char* cipherlist[] = {
+ "TLS13-AES128-GCM-SHA256",
+ "TLS13-AES256-GCM-SHA384",
+ };
+ const int cipherlist_sz = 2;
+ TestInfo info[cipherlist_sz];
+ #elif defined(USE_CERT_BUFFERS_2048)
+ const char* cipherlist[] = {
+ "ECDHE-RSA-AES128-GCM-SHA256",
+ "ECDHE-RSA-AES256-SHA",
+ "ECDHE-RSA-AES128-SHA256"
+ };
+ const int cipherlist_sz = 3;
+ TestInfo info[cipherlist_sz];
+ #elif defined(USE_CERT_BUFFERS_256)
+ const char* cipherlist[] = {
+ "ECDHE-ECDSA-AES128-GCM-SHA256",
+ "ECDHE-ECDSA-AES256-SHA",
+ "ECDHE-ECDSA-AES128-SHA256"
+ };
+ const int cipherlist_sz = 3;
+ TestInfo info[cipherlist_sz];
+ #endif
+
+ TCPInit();
+
+ int TCP_connect_retry = 0;
+
+ printf("\n Start TLS Connection to %s port(%d)\n", SERVER_IP, DEFAULT_PORT);
+ wolfSSL_TLS_client_init();
+
+ do {
+
+ info[i].port = DEFAULT_PORT;
+ info[i].cipher = cipherlist[i];
+ info[i].ctx = client_ctx;
+ info[i].id = i;
+
+ XMEMSET(info[i].name, 0, sizeof(info[i].name));
+ XSPRINTF(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
+
+ if(wolfSSL_TLS_client_do(&info[i]) == -116) {
+ TCP_connect_retry++;
+ continue;
+ }
+ TCP_connect_retry = 0;
+ i++;
+ } while (i < cipherlist_sz && TCP_connect_retry < Max_Retry);
+
+ printf("\n End of Client Example");
+
+ wolfSSL_TLS_cleanup();
+#elif defined(TLS_SERVER)
+
+ int i = 0;
+ const int Max_Retry = 10;
+ TestInfo info;
+
+ TCPInit();
+
+ int TCP_connect_retry = 0;
+
+ printf("\n Start TLS Accept at %03d.%03d.%03d.%03d port(%d)\n",
+ ucIPAddress[0],
+ ucIPAddress[1],
+ ucIPAddress[2],
+ ucIPAddress[3],DEFAULT_PORT);
+ wolfSSL_TLS_server_init();
+
+ do {
+
+ info.port = DEFAULT_PORT;
+ info.cipher = NULL;
+ info.ctx = server_ctx;
+ info.id = i;
+
+ XMEMSET(info.name, 0, sizeof(info.name));
+ XSPRINTF(info.name, "wolfSSL_TLS_server_do(%02d)",
+ TCP_connect_retry);
+ if(wolfSSL_TLS_server_do(&info) == -116) {
+ TCP_connect_retry++;
+ continue;
+ }
+ TCP_connect_retry = 0;
+ } while (TCP_connect_retry < Max_Retry);
+
+ printf("\n End of Client Example");
+
+#endif
+ /* TODO: add your own code here */
+ while (1)
+ {
+ vTaskDelay (1);
+ }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore
new file mode 100644
index 00000000..c96a04f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c
new file mode 100644
index 00000000..f2d610da
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c
@@ -0,0 +1,184 @@
+/* wolf_client.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "wolfssl_demo.h"
+
+#if defined(TLS_CLIENT)
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/time.h>
+#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/ssl.h"
+#include "wolfssl/certs_test.h"
+
+WOLFSSL_CTX *client_ctx = NULL;
+
+void wolfSSL_TLS_client_init()
+{
+ #ifndef NO_FILESYSTEM
+ #ifdef USE_ECC_CERT
+ char *cert = "./certs/ca-ecc-cert.pem";
+ #else
+ char *cert = "./certs/ca-cert.pem";
+ #endif
+ #else
+ #ifdef USE_CERT_BUFFERS_256
+ const unsigned char *cert = ca_ecc_cert_der_256;
+ #define SIZEOF_CERT sizeof_ca_ecc_cert_der_256
+ #else
+ const unsigned char *cert = ca_cert_der_2048;
+ #define SIZEOF_CERT sizeof_ca_cert_der_2048
+ #endif
+ #endif
+
+ wolfSSL_Init();
+
+ /* Create and initialize WOLFSSL_CTX */
+ if ((client_ctx = wolfSSL_CTX_new(
+ wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
+ printf("ERROR: failed to create WOLFSSL_CTX\n");
+ return;
+ }
+
+ #if !defined(NO_FILESYSTEM)
+ if (wolfSSL_CTX_load_verify_locations(client_ctx, cert, 0) != SSL_SUCCESS) {
+ printf("ERROR: can't load \"%s\"\n", cert);
+ return NULL;
+ }
+ #else
+ if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT,
+ SSL_FILETYPE_ASN1) != SSL_SUCCESS){
+ printf("ERROR: can't load certificate data\n");
+ return;
+ }
+ #endif
+}
+
+int wolfSSL_TLS_client_do(void *pvParam)
+{
+
+ int ret;
+
+ TestInfo* p = (TestInfo*)pvParam;
+ /* FreeRTOS+TCP Objects */
+ socklen_t xSize = sizeof(struct freertos_sockaddr);
+ xSocket_t xClientSocket = NULL;
+ struct freertos_sockaddr xRemoteAddress;
+
+ WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)p->ctx;
+ WOLFSSL *ssl = NULL;
+
+ #define BUFF_SIZE 256
+ static const char sendBuff[]= "Hello Server\n" ;
+
+ char rcvBuff[BUFF_SIZE] = {0};
+
+ /* Client Socket Setup */
+ xRemoteAddress.sin_port = FreeRTOS_htons(p->port);
+ xRemoteAddress.sin_addr = FreeRTOS_inet_addr(SERVER_IP);
+
+ /* Create a FreeRTOS TCP Socket and connect */
+ xClientSocket = FreeRTOS_socket(FREERTOS_AF_INET,
+ FREERTOS_SOCK_STREAM,
+ FREERTOS_IPPROTO_TCP);
+
+ configASSERT(xClientSocket != FREERTOS_INVALID_SOCKET);
+
+ FreeRTOS_bind(xClientSocket, NULL, sizeof(xSize));
+
+ /* Client Socket Connect */
+ ret = FreeRTOS_connect(xClientSocket,
+ &xRemoteAddress,
+ sizeof(xRemoteAddress));
+
+ if (ret != FR_SOCKET_SUCCESS) {
+ printf(" Error [%d]: FreeRTOS_connect.\n", ret);
+ goto out;
+ }
+
+ printf(" Start to connect to the server.\n");
+
+ if((ssl = wolfSSL_new(ctx)) == NULL) {
+ printf(" ERROR wolfSSL_new: %d\n", wolfSSL_get_error(ssl, 0));
+ goto out;
+ }
+
+ /* Attach wolfSSL to the socket */
+ ret = wolfSSL_set_fd(ssl, (int) xClientSocket);
+ if (ret != WOLFSSL_SUCCESS) {
+ printf(" Error [%d]: wolfSSL_set_fd.\n",ret);
+ }
+
+ printf(" Cipher : %s\n",
+ (p->cipher == NULL) ? "NULL" : p->cipher);
+ /* use specific cipher */
+ if (p->cipher != NULL && wolfSSL_set_cipher_list(ssl, p->cipher)
+ != WOLFSSL_SUCCESS) {
+ printf(" client can't set cipher list 1");
+ goto out;
+ }
+
+ #ifdef DEBUG_WOLFSSL
+ wolfSSL_Debugging_ON();
+ #endif
+
+ if(wolfSSL_connect(ssl) != SSL_SUCCESS) {
+ printf(" ERROR SSL connect: %d\n", wolfSSL_get_error(ssl, 0));
+ goto out;
+ }
+
+ #ifdef DEBUG_WOLFSSL
+ wolfSSL_Debugging_OFF();
+ #endif
+
+ if (wolfSSL_write(ssl, sendBuff, (int)strlen(sendBuff))
+ != (int)strlen(sendBuff)) {
+ printf(" ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
+ goto out;
+ }
+
+ if ((ret=wolfSSL_read(ssl, rcvBuff, BUFF_SIZE)) < 0) {
+ printf(" ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
+ goto out;
+ }
+
+ rcvBuff[ret] = '\0' ;
+ printf(" Received: %s\n\n", rcvBuff);
+
+ out:
+ if (ssl) {
+ wolfSSL_shutdown(ssl);
+ wolfSSL_free(ssl);
+ ssl = NULL;
+ /* need to reset callback */
+ }
+ /* clean up socket */
+ if (xClientSocket) {
+ FreeRTOS_shutdown(xClientSocket, FREERTOS_SHUT_RDWR);
+ FreeRTOS_closesocket(xClientSocket);
+ xClientSocket = NULL;
+ }
+
+ return ret;
+}
+
+#endif /* TLS_CLIENT */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c
new file mode 100644
index 00000000..b4ce624c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c
@@ -0,0 +1,210 @@
+/* wolf_server.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "wolfssl_demo.h"
+
+#if defined(TLS_SERVER)
+
+#include <stdio.h>
+#include <string.h>
+
+#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/ssl.h"
+#include "wolfssl/certs_test.h"
+#include "wolfssl_demo.h"
+
+WOLFSSL_CTX *server_ctx = NULL;
+
+void wolfSSL_TLS_server_init()
+{
+
+ int ret;
+
+ #if defined(USE_CERT_BUFFERS_256)
+ const unsigned char *cert = serv_ecc_der_256;
+ #define sizeof_cert sizeof_serv_ecc_der_256
+ const unsigned char *key = ecc_key_der_256;
+ #define sizeof_key sizeof_serv_ecc_der_256
+ const unsigned char *clientCert = cliecc_cert_der_256;
+ #define sizeof_clicert sizeof_cliecc_cert_der_256
+ #else
+ const unsigned char *cert = server_cert_der_2048;
+ #define sizeof_cert sizeof_server_cert_der_2048
+ const unsigned char *key = server_key_der_2048;
+ #define sizeof_key sizeof_server_key_der_2048
+ const unsigned char *clientCert = client_cert_der_2048;
+ #define sizeof_clicert sizeof_client_cert_der_2048
+ #endif
+
+ wolfSSL_Init();
+
+ #ifdef DEBUG_WOLFSSL
+ wolfSSL_Debugging_ON();
+ #endif
+
+ /* Create and initialize WOLFSSL_CTX */
+ if ((server_ctx = wolfSSL_CTX_new(
+ wolfSSLv23_server_method_ex((void *)NULL))) == NULL) {
+ printf("ERROR: failed to create WOLFSSL_CTX\n");
+ return;
+ }
+
+ ret = wolfSSL_CTX_use_certificate_buffer(server_ctx, cert,
+ sizeof_cert, SSL_FILETYPE_ASN1);
+ if (ret != SSL_SUCCESS) {
+ printf("Error %d loading server-cert!\n", ret);
+ return;
+ }
+
+ /* Load server key into WOLFSSL_CTX */
+ ret = wolfSSL_CTX_use_PrivateKey_buffer(server_ctx, key, sizeof_key,
+ SSL_FILETYPE_ASN1);
+ if (ret != SSL_SUCCESS) {
+ printf("Error %d loading server-key!\n", ret);
+ return;
+ }
+
+ if (1) {
+ wolfSSL_CTX_set_verify(server_ctx, WOLFSSL_VERIFY_PEER |
+ WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
+ if (wolfSSL_CTX_load_verify_buffer(server_ctx, clientCert,
+ sizeof_clicert,
+ SSL_FILETYPE_ASN1) != SSL_SUCCESS)
+ printf("can't load ca file, Please run from wolfSSL home dir\n");
+ }
+}
+
+int wolfSSL_TLS_server_do(void *pvParam)
+{
+ int ret;
+ WOLFSSL *ssl = NULL;
+ word32 len;
+ #define BUFF_SIZE 256
+ char buff[BUFF_SIZE];
+
+ TestInfo* p = (TestInfo*)pvParam;
+ WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)p->ctx;;
+
+ /* FreeRTOS+TCP parameters and objects */
+ struct freertos_sockaddr xClient, xBindAddress;
+ Socket_t xListeningSocket, xConnectedSocket;
+ socklen_t xSize = sizeof(xClient);
+ const BaseType_t xBacklog = 1; /* Max number of connections */
+ static const TickType_t xReceiveTimeOut = portMAX_DELAY;
+
+ /* Send/Receive Message */
+ const char *reply = "I hear ya fa shizzle!\n";
+ len = (word32)XSTRLEN(*reply);
+
+ /* Attempt to open the socket. */
+ xListeningSocket = FreeRTOS_socket(FREERTOS_AF_INET,
+ FREERTOS_SOCK_STREAM,
+ FREERTOS_IPPROTO_TCP);
+ configASSERT(xListeningSocket != FREERTOS_INVALID_SOCKET);
+
+ /* Set a time out so accept() will just wait for a connection. */
+ FreeRTOS_setsockopt(xListeningSocket, 0,
+ FREERTOS_SO_RCVTIMEO, &xReceiveTimeOut, sizeof(xReceiveTimeOut));
+
+ xBindAddress.sin_port = (uint16_t) DEFAULT_PORT;
+ xBindAddress.sin_port = FreeRTOS_htons(xBindAddress.sin_port);
+
+ configASSERT(xListeningSocket != FREERTOS_INVALID_SOCKET);
+
+ ret = FreeRTOS_bind(xListeningSocket, &xBindAddress, sizeof(xBindAddress));
+ if (ret == FR_SOCKET_SUCCESS)
+ ret = FreeRTOS_listen(xListeningSocket, xBacklog);
+
+ if (ret != FR_SOCKET_SUCCESS) {
+ printf("Error [%d]: FreeRTOS_bind.\n",ret);
+ goto out;
+ }
+
+ while (1) {
+ ret = WOLFSSL_FAILURE;
+ xConnectedSocket = FreeRTOS_accept(xListeningSocket, &xClient, &xSize);
+ configASSERT(xConnectedSocket != FREERTOS_INVALID_SOCKET);
+
+ if((ssl = wolfSSL_new(ctx)) == NULL) {
+ printf("ERROR: failed wolfSSL_new\n");
+ goto out;
+ }
+ /* Attach wolfSSL to the socket */
+ ret = wolfSSL_set_fd(ssl, (int) xConnectedSocket);
+ /* Establish TLS connection */
+ if (ret != WOLFSSL_SUCCESS) {
+ printf("Error [%d]: wolfSSL_set_fd.\n",ret);
+ goto out;
+ }
+
+ if (wolfSSL_accept(ssl) < 0) {
+ printf("ERROR: SSL Accept(%d)\n", wolfSSL_get_error(ssl, 0));
+ goto out;
+ }
+
+
+ if ((len = wolfSSL_read(ssl, buff, sizeof(buff) - 1)) < 0) {
+ printf("ERROR: SSL Read(%d)\n", wolfSSL_get_error(ssl, 0));
+ goto out;
+ }
+
+ buff[len] = '\0';
+ printf("Received: %s\n", buff);
+
+ /* Write our reply into buff */
+ memset(buff, 0, sizeof(buff));
+ memcpy(buff, reply, len);
+
+ /* Reply back to the client */
+ if (wolfSSL_write(ssl, buff, len) != len) {
+ printf("ERROR: SSL Write(%d)\n", wolfSSL_get_error(ssl, 0));
+ }
+
+ /* Cleanup after this connection */
+ printf("Cleaning up socket and wolfSSL objects.\n");
+ if (xConnectedSocket != NULL)
+ FreeRTOS_closesocket(xConnectedSocket);
+ if (ssl != NULL)
+ wolfSSL_free(ssl);
+
+ printf("Waiting connection....");
+ }
+
+out:
+ if (ssl) {
+ wolfSSL_shutdown(ssl);
+ wolfSSL_free(ssl);
+ }
+
+ /* clean up socket */
+ if (xConnectedSocket) {
+ FreeRTOS_shutdown(xConnectedSocket, FREERTOS_SHUT_RDWR);
+ FreeRTOS_closesocket(xConnectedSocket);
+ xConnectedSocket = NULL;
+ }
+ if (xListeningSocket) {
+ FreeRTOS_shutdown(xListeningSocket, FREERTOS_SHUT_RDWR);
+ FreeRTOS_closesocket(xListeningSocket);
+ xListeningSocket = NULL;
+ }
+
+ return ret;
+}
+#endif /* TLS_SERVER */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c
new file mode 100644
index 00000000..4f437bc7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c
@@ -0,0 +1,1325 @@
+/* wolfssl_sce_unit_test.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_RENESAS_FSPSM) && \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
+#include <wolfssl/wolfcrypt/sha.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+
+#include "FreeRTOS.h"
+
+extern FSPSM_INSTANCE gFSPSM_ctrl;
+int devId1 = INVALID_DEVID;
+
+#ifndef NO_SHA
+ int sha_test();
+#endif
+
+#ifndef NO_SHA256
+ int sha256_test();
+ void tskSha256_Test1(void *pvParam);
+ int rsip_crypt_sha256_multitest();
+#endif
+#ifdef WOLFSSL_SHA224
+ int sha224_test();
+#endif
+#ifdef WOLFSSL_SHA384
+ int sha384_test();
+#endif
+#ifdef WOLFSSL_SHA512
+ int sha512_test();
+#endif
+
+#define STACK_SIZE (1 * 1024)
+
+#define RESULT_STR(ret) if (ret == 0)\
+ printf(" \tPassed \n");\
+ else \
+ printf(" \tFailed \n");
+
+static xSemaphoreHandle exit_semaph;
+static byte exit_loop = 0;
+static byte sha256_multTst_rslt1 = 0;
+static byte sha256_multTst_rslt2 = 0;
+static byte Aes128_Cbc_multTst_rslt = 0;
+static byte Aes256_Cbc_multTst_rslt = 0;
+static byte Aes128_Gcm_multTst_rslt = 0;
+static byte Aes256_Gcm_multTst_rslt = 0;
+
+int rsip_crypt_AesCbc_multitest();
+int rsip_crypt_AesGcm_multitest();
+int rsip_crypt_Sha_AesCbcGcm_multitest();
+int rsip_crypt_sha_multitest();
+int rsip_crypt_test();
+
+void Clr_CallbackCtx(FSPSM_ST *g);
+
+FSPSM_ST gCbInfo;
+FSPSM_ST gCbInfo_a; /* for multi testing */
+
+#if defined(HAVE_AES_CBC)
+
+#if defined(WOLFSSL_AES_128)
+ uint8_t wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+ uint8_t wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+ FSPSM_AES_PWKEY g_user_aes128_key_index1 =
+ (FSPSM_AES_PWKEY)wrapped_key1;
+ FSPSM_AES_PWKEY g_user_aes128_key_index2 =
+ (FSPSM_AES_PWKEY)wrapped_key2;
+#endif
+
+#if defined(WOLFSSL_AES_256)
+ uint8_t wrapped_key3[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+ uint8_t wrapped_key4[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+ FSPSM_AES_PWKEY g_user_aes256_key_index1 =
+ (FSPSM_AES_PWKEY)wrapped_key3;
+ FSPSM_AES_PWKEY g_user_aes256_key_index2 =
+ (FSPSM_AES_PWKEY)wrapped_key4;
+#endif
+
+#endif
+
+#if !defined(NO_RSA)
+ uint8_t rsa1024_wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC];
+ uint8_t rsa1024_wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE ];
+ uint8_t rsa2048_wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC];
+ uint8_t rsa2048_wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE ];
+
+ FSPSM_RSA1024_WPB_KEY* g_user_rsa1024_public_key =
+ (FSPSM_RSA1024_WPB_KEY*)rsa1024_wrapped_key1;
+ FSPSM_RSA1024_WPI_KEY* g_user_rsa1024_private_key =
+ (FSPSM_RSA1024_WPI_KEY*)rsa1024_wrapped_key2;
+ FSPSM_RSA2048_WPB_KEY* g_user_rsa2048_public_key =
+ (FSPSM_RSA2048_WPB_KEY*)rsa2048_wrapped_key1;
+ FSPSM_RSA2048_WPI_KEY* g_user_rsa2048_private_key =
+ (FSPSM_RSA2048_WPI_KEY*)rsa2048_wrapped_key2;
+#endif
+typedef struct tagInfo
+{
+ FSPSM_AES_PWKEY aes_key;
+} Info;
+
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+
+static int rsip_aes128_cbc_test(int prnt, FSPSM_AES_PWKEY aes_key)
+{
+
+ Aes aes[1];
+
+ byte cipher[AES_BLOCK_SIZE];
+ byte plain[AES_BLOCK_SIZE];
+ word32 keySz = (word32)(128/8);
+ int ret = 0;
+
+ WOLFSSL_SMALL_STACK_STATIC const byte msg[] = {
+ /* "Now is the time for all " w/o trailing 0 */
+ 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+ 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+ 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+ byte iv[] = "1234567890abcdef "; /* align */
+
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+
+ if (prnt) {
+ printf(" rsip_aes_cbc_test() ");
+ }
+
+ ret = wc_AesInit(aes, NULL, devId1);
+ if (ret == 0) {
+ ret = wc_AesSetKey(aes, (byte*)aes_key, keySz,
+ iv, AES_ENCRYPTION);
+ if (ret == 0) {
+ ret = wc_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
+ }
+
+ wc_AesFree(aes);
+ }
+
+ if (ret != 0)
+ ret = -1;
+
+#ifdef HAVE_AES_DECRYPT
+ ret = wc_AesInit(aes, NULL, devId1);
+ if (ret == 0) {
+ ret = wc_AesSetKey(aes, (byte*)aes_key, keySz,
+ iv, AES_DECRYPTION);
+ if (ret == 0)
+ ret = wc_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
+
+ wc_AesFree(aes);
+ }
+ if (ret != 0)
+ ret = -2;
+ if (XMEMCMP(plain, msg, AES_BLOCK_SIZE) != 0)
+ ret = -3;
+#endif /* HAVE_AES_DECRYPT */
+
+ (void)plain;
+
+ if (prnt) {
+ RESULT_STR(ret)
+ }
+
+ return ret;
+}
+
+static void tskAes128_Cbc_Test(void *pvParam)
+{
+ int ret = 0;
+ Info *p = (Info*)pvParam;
+
+ while (exit_loop == 0) {
+ ret = rsip_aes128_cbc_test(0, p->aes_key);
+ vTaskDelay(10/portTICK_PERIOD_MS);
+ if (ret != 0) {
+ printf(" result was not good(%d). rsip_aes_cbc_test\n", ret);
+ Aes128_Cbc_multTst_rslt = 1;
+ }
+ }
+
+ xSemaphoreGive(exit_semaph);
+ vTaskDelete(NULL);
+}
+
+#endif
+
+#ifdef WOLFSSL_AES_256
+static int rsip_aes256_cbc_test(int prnt, FSPSM_AES_PWKEY aes_key)
+{
+ Aes enc[1];
+ byte cipher[AES_BLOCK_SIZE];
+ byte plain[AES_BLOCK_SIZE];
+ Aes dec[1];
+ const word32 keySz = (word32)(256/8);
+ int ret = 0;
+
+ /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
+ * Appendix F.2.5 */
+ WOLFSSL_SMALL_STACK_STATIC const byte msg[] = {
+ 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+ };
+ WOLFSSL_SMALL_STACK_STATIC byte iv[] = {
+ 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
+ };
+
+ if (prnt)
+ printf(" rsip_aes256_test() ");
+
+ if (wc_AesInit(enc, NULL, devId1) != 0) {
+ ret = -1;
+ goto out;
+ }
+
+ if (wc_AesInit(dec, NULL, devId1) != 0){
+ ret = -2;
+ goto out;
+ }
+
+ ret = wc_AesSetKey(enc, (uint8_t*)aes_key,
+ keySz, iv, AES_ENCRYPTION);
+ if (ret != 0){
+ ret = -3;
+ goto out;
+ }
+
+ ret = wc_AesSetKey(dec, (uint8_t*)aes_key,
+ keySz, iv, AES_DECRYPTION);
+ if (ret != 0) {
+ ret = -4;
+ goto out;
+ }
+
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+
+ if (ret != 0) {
+ ret = -5;
+ goto out;
+ }
+
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+ ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+
+ if (ret != 0){
+ ret = -6;
+ goto out;
+ }
+ if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
+ ret = -7;
+ goto out;
+ }
+
+out:
+ wc_AesFree(enc);
+ wc_AesFree(dec);
+
+ if (prnt) {
+ RESULT_STR(ret)
+ }
+
+ return ret;
+}
+
+static void tskAes256_Cbc_Test(void *pvParam)
+{
+ int ret = 0;
+ Info *p = (Info*)pvParam;
+
+ while (exit_loop == 0) {
+ ret = rsip_aes256_cbc_test(0, p->aes_key);
+ vTaskDelay(10/portTICK_PERIOD_MS);
+ if (ret != 0) {
+ printf(" result was not good(%d). rsip_aes256_test\n", ret);
+ Aes256_Cbc_multTst_rslt = 1;
+ }
+ }
+
+ xSemaphoreGive(exit_semaph);
+ vTaskDelete(NULL);
+}
+
+#endif /* WOLFSSL_AES_256 */
+
+#if defined(WOLFSSL_AES_256)
+static int rsip_aesgcm256_test(int prnt, FSPSM_AES_PWKEY aes256_key)
+{
+ Aes enc[1];
+ Aes dec[1];
+ FSPSM_ST userContext;
+ word32 keySz = (word32)(256/8);
+ /*
+ * This is Test Case 16 from the document Galois/
+ * Counter Mode of Operation (GCM) by McGrew and
+ * Viega.
+ */
+ WOLFSSL_SMALL_STACK_STATIC const byte p[] =
+ {
+ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+ 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+ 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+ 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+ 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+ 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+ 0xba, 0x63, 0x7b, 0x39
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte a[] =
+ {
+ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+ 0xab, 0xad, 0xda, 0xd2
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
+ {
+ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+ 0xde, 0xca, 0xf8, 0x88
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte c1[] =
+ {
+ 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+ 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+ 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+ 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+ 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+ 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+ 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+ 0xbc, 0xc9, 0xf6, 0x62
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte t1[] =
+ {
+ 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+ 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+ };
+
+ byte resultT[sizeof(t1)];
+ byte resultP[sizeof(p) + AES_BLOCK_SIZE];
+ byte resultC[sizeof(p) + AES_BLOCK_SIZE];
+ int result = 0;
+ int ret;
+
+ (void) result;
+
+ if (prnt) {
+ printf(" rsip_aes256_gcm_test() ");
+ }
+
+ XMEMSET(resultT, 0, sizeof(resultT));
+ XMEMSET(resultC, 0, sizeof(resultC));
+ XMEMSET(resultP, 0, sizeof(resultP));
+ XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
+
+ if (wc_AesInit(enc, NULL, devId1) != 0) {
+ ret = -1;
+ goto out;
+ }
+ if (wc_AesInit(dec, NULL, devId1) != 0) {
+ ret = -2;
+ goto out;
+ }
+
+ result = wc_AesGcmSetKey(enc, (byte*)aes256_key,
+ keySz);
+ if (result != 0) {
+ ret = -3;
+ goto out;
+ }
+
+ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+ result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+ (byte*)iv1, sizeof(iv1),
+ resultT, sizeof(resultT),
+ a, sizeof(a));
+
+ if (result != 0) {
+ ret = -4;
+ goto out;
+ }
+
+ result = wc_AesGcmSetKey(dec, (byte*)aes256_key,
+ keySz);
+ if (result != 0) {
+ ret = -7;
+ goto out;
+ }
+
+ result = wc_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
+ iv1, sizeof(iv1), resultT, sizeof(resultT),
+ a, sizeof(a));
+ if (result != 0){
+ ret = -8;
+ goto out;
+ }
+ if (XMEMCMP(p, resultP, sizeof(p))) {
+ ret = -9;
+ goto out;
+ }
+
+ XMEMSET(resultT, 0, sizeof(resultT));
+ XMEMSET(resultC, 0, sizeof(resultC));
+ XMEMSET(resultP, 0, sizeof(resultP));
+
+ wc_AesGcmSetKey(enc, (byte*)aes256_key,
+ RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256);
+ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+ result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+ (byte*)iv1, sizeof(iv1),
+ resultT + 1, sizeof(resultT) - 1,
+ a, sizeof(a));
+ if (result != 0) {
+ ret = -10;
+ goto out;
+ }
+
+ result = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
+ iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1,
+ a, sizeof(a));
+
+ if (result != 0) {
+ ret = -11;
+ goto out;
+ }
+ if (XMEMCMP(p, resultP, sizeof(p))) {
+ ret = -12;
+ goto out;
+ }
+
+ ret = 0;
+
+ out:
+ wc_AesFree(enc);
+ wc_AesFree(dec);
+
+ if (prnt) {
+ RESULT_STR(ret)
+ }
+
+ return ret;
+}
+
+static void tskAes256_Gcm_Test(void *pvParam)
+{
+ int ret = 0;
+ Info *p = (Info*)pvParam;
+
+ while (exit_loop == 0) {
+ ret = rsip_aesgcm256_test(0, p->aes_key);
+ vTaskDelay(10/portTICK_PERIOD_MS);
+ if (ret != 0) {
+ printf(" result was not good(%d). rsip_aesgcm256_test\n", ret);
+ Aes256_Gcm_multTst_rslt = 1;
+ }
+ }
+
+ xSemaphoreGive(exit_semaph);
+ vTaskDelete(NULL);
+}
+#endif
+
+#if defined(WOLFSSL_AES_128)
+
+static int rsip_aesgcm128_test(int prnt, FSPSM_AES_PWKEY aes128_key)
+{
+ Aes enc[1];
+ Aes dec[1];
+ FSPSM_ST userContext;
+ word32 keySz = (word32)(128/8);
+ /*
+ * This is Test Case 16 from the document Galois/
+ * Counter Mode of Operation (GCM) by McGrew and
+ * Viega.
+ */
+ WOLFSSL_SMALL_STACK_STATIC const byte p[] =
+ {
+ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+ 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+ 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+ 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+ 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+ 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+ 0xba, 0x63, 0x7b, 0x39
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte t1[] =
+ {
+ 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+ 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+ };
+
+ /* The following is an interesting test case from the example
+ * FIPS test vectors for AES-GCM. IVlen = 1 byte */
+ WOLFSSL_SMALL_STACK_STATIC const byte p3[] =
+ {
+ 0x57, 0xce, 0x45, 0x1f, 0xa5, 0xe2, 0x35, 0xa5,
+ 0x8e, 0x1a, 0xa2, 0x3b, 0x77, 0xcb, 0xaf, 0xe2
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte iv3[] =
+ {
+ 0xca
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte c3[] =
+ {
+ 0x6b, 0x5f, 0xb3, 0x9d, 0xc1, 0xc5, 0x7a, 0x4f,
+ 0xf3, 0x51, 0x4d, 0xc2, 0xd5, 0xf0, 0xd0, 0x07
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte a3[] =
+ {
+ 0x40, 0xfc, 0xdc, 0xd7, 0x4a, 0xd7, 0x8b, 0xf1,
+ 0x3e, 0x7c, 0x60, 0x55, 0x50, 0x51, 0xdd, 0x54
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC const byte t3[] =
+ {
+ 0x06, 0x90, 0xed, 0x01, 0x34, 0xdd, 0xc6, 0x95,
+ 0x31, 0x2e, 0x2a, 0xf9, 0x57, 0x7a, 0x1e, 0xa6
+ };
+
+ byte resultT[sizeof(t1)];
+ byte resultP[sizeof(p) + AES_BLOCK_SIZE];
+ byte resultC[sizeof(p) + AES_BLOCK_SIZE];
+ int result = 0;
+ int ret;
+
+ (void) result;
+
+ if (prnt) {
+ printf(" rsip_aes128_gcm_test() ");
+ }
+
+ XMEMSET(resultT, 0, sizeof(resultT));
+ XMEMSET(resultC, 0, sizeof(resultC));
+ XMEMSET(resultP, 0, sizeof(resultP));
+ XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
+
+ if (wc_AesInit(enc, NULL, devId1) != 0) {
+ ret = -1;
+ goto out;
+ }
+
+ if (wc_AesInit(dec, NULL, devId1) != 0) {
+ ret = -2;
+ goto out;
+ }
+
+ wc_AesGcmSetKey(enc, (byte*)aes128_key, keySz);
+ if (result != 0) {
+ ret = -3;
+ goto out;
+ }
+ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+ result = wc_AesGcmEncrypt(enc, resultC, p3, sizeof(p3), iv3, sizeof(iv3),
+ resultT, sizeof(t3), a3, sizeof(a3));
+ if (result != 0) {
+ ret = -4;
+ goto out;
+ }
+
+
+ result = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(c3),
+ iv3, sizeof(iv3), resultT, sizeof(t3), a3, sizeof(a3));
+ if (result != 0) {
+ ret = -5;
+ goto out;
+ }
+ if (XMEMCMP(p3, resultP, sizeof(p3))) {
+ ret = -6;
+ goto out;
+ }
+
+ ret = 0;
+
+ out:
+ wc_AesFree(enc);
+ wc_AesFree(dec);
+
+ if (prnt) {
+ RESULT_STR(ret)
+ }
+
+ return ret;
+}
+
+static void tskAes128_Gcm_Test(void *pvParam)
+{
+ int ret = 0;
+ Info *p = (Info*)pvParam;
+
+ while (exit_loop == 0) {
+ ret = rsip_aesgcm128_test(0, p->aes_key);
+ vTaskDelay(10/portTICK_PERIOD_MS);
+ if (ret != 0) {
+ printf(" result was not good(%d). rsip_aesgcm128_test\n", ret);
+ Aes128_Gcm_multTst_rslt = 1;
+ }
+ }
+
+ xSemaphoreGive(exit_semaph);
+ vTaskDelete(NULL);
+}
+
+#endif
+
+#if !defined(NO_RSA)
+
+/* testing rsa sign/verify w/ rsa 2048 bit key */
+#define TEST_STRING "Everyone gets Friday off."
+#define TEST_STRING2 "Everyone gets Friday ofv."
+#define TEST_STRING_SZ 25
+#define RSA_TEST_BYTES 256 /* up to 2048-bit key */
+
+static int rsip_rsa_test(int prnt, int keySize)
+{
+ int ret = 0;
+
+ RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ WC_RNG rng;
+ const char inStr [] = TEST_STRING;
+ const char inStr2[] = TEST_STRING2;
+ const word32 inLen = (word32)TEST_STRING_SZ;
+ const word32 outSz = RSA_TEST_BYTES;
+ word32 out_actual_len = 0;
+ byte *in = NULL;
+ byte *in2 = NULL;
+ byte *out= NULL;
+ byte *out2 = NULL;
+
+ in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ out2 = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (key == NULL || in == NULL || out == NULL ||
+ in2 == NULL || out2 == NULL) {
+ ret = -1;
+ goto out;
+ }
+
+ XMEMSET(&rng, 0, sizeof(rng));
+ XMEMSET(key, 0, sizeof *key);
+ XMEMCPY(in, inStr, inLen);
+ XMEMCPY(in2, inStr2, inLen);
+ XMEMSET(out, 0, outSz);
+ XMEMSET(out2, 0, outSz);
+
+ ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+ if (ret != 0) {
+ goto out;
+ }
+
+ if ((ret = wc_InitRng(&rng)) != 0)
+ goto out;
+
+ if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+ goto out;
+
+ /* Set Rsa Key created by RSIP in Advance */
+ if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+ goto out;
+ }
+
+ ret = wc_RsaPublicEncrypt(in, inLen, out, outSz, key, &rng);
+ if (ret < 0) {
+ goto out;
+ }
+
+ ret = wc_RsaPrivateDecrypt(out, (word32)(keySize/8), out2, outSz, key);
+ if (ret < 0) {
+ ret = -1;
+ goto out;
+ }
+
+ if (XMEMCMP(in, out2, inLen) != 0) {
+ ret = -2;
+ goto out;
+ }
+
+ ret = 0;
+out:
+ if (key != NULL) {
+ wc_FreeRsaKey(key);
+ XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (in != NULL) {
+ XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (in2 != NULL) {
+ XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (out != NULL) {
+ XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (out2 != NULL) {
+ XFREE(out2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+
+ (void) prnt;
+ return ret;
+}
+
+static int rsip_rsa_SignVerify_test(int prnt, int keySize)
+{
+ int ret = 0;
+
+ RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ WC_RNG rng;
+ word32 sigSz;
+ const char inStr [] = TEST_STRING;
+ const char inStr2[] = TEST_STRING2;
+ const word32 inLen = (word32)TEST_STRING_SZ;
+ const word32 outSz = RSA_TEST_BYTES;
+
+ byte *in = NULL;
+ byte *in2 = NULL;
+ byte *out= NULL;
+ byte *plain = NULL;
+
+ in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ plain= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ (void) prnt;
+
+ if (key == NULL || in == NULL || out == NULL || plain == NULL) {
+ ret = -1;
+ goto out;
+ }
+
+ XMEMSET(&rng, 0, sizeof(rng));
+ XMEMSET(key, 0, sizeof *key);
+ XMEMCPY(in, inStr, inLen);
+ XMEMCPY(in2, inStr2, inLen);
+
+ ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+ if (ret != 0) {
+ goto out;
+ }
+
+ if ((ret = wc_InitRng(&rng)) != 0)
+ goto out;
+
+ if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+ goto out;
+
+ /* make rsa key by SCE */
+ if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+ goto out;
+ }
+
+ gCbInfo.keyflgs_crypt.bits.message_type = 0;
+ ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
+ if (ret < 0) {
+ goto out;
+ }
+ sigSz = (word32)ret;
+ //* this should fail */
+ ret = wc_RsaSSL_Verify(in2, inLen, out, (word32)(keySize/8), key);
+ if (ret != FSP_ERR_CRYPTO_RSIP_FAIL) {
+ ret = -1;
+ goto out;
+ }
+ /* this should succeed */
+ ret = wc_RsaSSL_Verify(in, inLen, out, (word32)(keySize/8), key);
+ if (ret < 0) {
+ ret = -1;
+ goto out;
+ }
+ ret = 0;
+ out:
+ if (key != NULL) {
+ wc_FreeRsaKey(key);
+ XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (in != NULL) {
+ XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (in2 != NULL) {
+ XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (out != NULL) {
+ XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+
+ return ret;
+}
+#endif
+
+
+
+#ifndef NO_SHA256
+
+void tskSha256_Test1(void *pvParam)
+{
+ int ret = 0;
+ (void)pvParam;
+
+ while (exit_loop == 0) {
+ ret = sha256_test();
+ vTaskDelay(10/portTICK_PERIOD_MS);
+ if (ret != 0) {
+ printf(" result was not good(%d). sha_test\n", ret);
+ sha256_multTst_rslt1 = 1;
+ }
+ }
+
+ xSemaphoreGive(exit_semaph);
+ vTaskDelete(NULL);
+}
+
+static void tskSha256_Test2(void *pvParam)
+{
+ int ret = 0;
+ (void)pvParam;
+
+ while (exit_loop == 0) {
+ ret = sha256_test();
+ vTaskDelay(10/portTICK_PERIOD_MS);
+ if (ret != 0) {
+ printf(" result was not good(%d). sha256_test\n", ret);
+ sha256_multTst_rslt2 = 1;
+ }
+ }
+
+ xSemaphoreGive(exit_semaph);
+ vTaskDelete(NULL);
+}
+#endif
+
+int rsip_crypt_sha256_multitest()
+{
+ int ret = 0;
+ int num = 0;
+ int i;
+ BaseType_t xRet;
+
+#ifndef NO_SHA256
+ num+=2;
+#endif
+ exit_loop = 0;
+ sha256_multTst_rslt1 = 0;
+ sha256_multTst_rslt2 = 0;
+
+ exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+ xRet = pdPASS;
+
+#ifndef NO_SHA256
+ xRet = xTaskCreate(tskSha256_Test1, "sha256_test1",
+ STACK_SIZE, NULL, 2, NULL);
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskSha256_Test2, "sha256_test2",
+ STACK_SIZE, NULL, 3, NULL);
+#endif
+
+ if (xRet == pdPASS) {
+ printf(" Waiting for completing tasks ...");
+ vTaskDelay(10000/portTICK_PERIOD_MS);
+ exit_loop = true;
+
+ for (i = 0; i < num; i++) {
+ if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+ printf("exit semaphore not released by test task");
+ ret = -1;
+ xRet = pdFAIL;
+ }
+ }
+ }
+
+ vSemaphoreDelete(exit_semaph);
+
+ if ((xRet == pdPASS) &&
+ (sha256_multTst_rslt1 == 0 && sha256_multTst_rslt2 == 0))
+ ret = 0;
+ else
+ ret = -1;
+
+ RESULT_STR(ret)
+
+ return ret;
+}
+
+
+int rsip_crypt_AesCbc_multitest()
+{
+ int ret = 0;
+ int num = 0;
+ int i;
+ Info info_aes1;
+ Info info_aes2;
+ Info info_aes256_1;
+ Info info_aes256_2;
+ BaseType_t xRet;
+
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+ num+=2;
+#endif
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
+ num+=2;
+#endif
+ exit_loop = 0;
+ Aes128_Cbc_multTst_rslt = 0;
+ Aes256_Cbc_multTst_rslt = 0;
+
+ exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+ xRet = pdPASS;
+
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+ XMEMCPY(&info_aes1.aes_key, &g_user_aes128_key_index1,
+ sizeof(FSPSM_AES_PWKEY));
+ xRet = xTaskCreate(tskAes128_Cbc_Test, "aes_cbc_tes1t",
+ STACK_SIZE, &info_aes1, 3, NULL);
+#endif
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+ XMEMCPY(&info_aes2.aes_key, &g_user_aes128_key_index2,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes128_Cbc_Test, "aes_cbc_test2",
+ STACK_SIZE, &info_aes2, 3, NULL);
+#endif
+
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
+ XMEMCPY(&info_aes256_1.aes_key, &g_user_aes256_key_index1,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes256_Cbc_Test, "aes256_cbc_test1",
+ STACK_SIZE, &info_aes256_1, 3, NULL);
+#endif
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
+ XMEMCPY(&info_aes256_2.aes_key, &g_user_aes256_key_index2,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes256_Cbc_Test, "aes256_cbc_test2",
+ STACK_SIZE, &info_aes256_2, 3, NULL);
+#endif
+
+ if (xRet == pdPASS) {
+ printf(" Waiting for completing tasks ... ");
+ vTaskDelay(10000/portTICK_PERIOD_MS);
+ exit_loop = 1;
+
+ for (i = 0; i < num; i++) {
+ if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+ printf("exit semaphore not released by test task");
+ ret = -1;
+ xRet = pdFAIL;
+ }
+ }
+ }
+
+ vSemaphoreDelete(exit_semaph);
+
+ if ((xRet == pdPASS) &&
+ (Aes128_Cbc_multTst_rslt == 0 && Aes256_Cbc_multTst_rslt == 0))
+ ret = 0;
+ else
+ ret = -1;
+
+ RESULT_STR(ret)
+
+ return ret;
+}
+
+
+int rsip_crypt_AesGcm_multitest()
+{
+ int ret = 0;
+ int num = 0;
+ int i;
+ Info info_aes1;
+ Info info_aes2;
+ Info info_aes256_1;
+ Info info_aes256_2;
+ BaseType_t xRet;
+
+#if defined(WOLFSSL_AES_128)
+ num+=2;
+#endif
+#if defined(WOLFSSL_AES_256)
+ num+=2;
+#endif
+
+ exit_loop = 0;
+ Aes128_Gcm_multTst_rslt = 0;
+ Aes256_Gcm_multTst_rslt = 0;
+
+ exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+ xRet = pdPASS;
+
+#if defined(WOLFSSL_AES_128)
+ XMEMCPY(&info_aes1.aes_key, &g_user_aes128_key_index1,
+ sizeof(FSPSM_AES_PWKEY));
+ xTaskCreate(tskAes128_Gcm_Test, "aes128_gcm_test1",
+ STACK_SIZE, &info_aes1, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_128)
+ XMEMCPY(&info_aes2.aes_key, &g_user_aes128_key_index2,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes128_Gcm_Test, "aes128_gcm_test2",
+ STACK_SIZE, &info_aes2, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+ XMEMCPY(&info_aes256_1.aes_key, &g_user_aes256_key_index1,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes256_Gcm_Test, "aes256_gcm_test1",
+ STACK_SIZE, &info_aes256_1, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+ XMEMCPY(&info_aes256_2.aes_key, &g_user_aes256_key_index2,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes256_Gcm_Test, "aes256_gcm_test2",
+ STACK_SIZE, &info_aes256_2, 3, NULL);
+#endif
+
+ if (xRet == pdPASS) {
+ printf(" Waiting for completing tasks ... ");
+ vTaskDelay(10000/portTICK_PERIOD_MS);
+ exit_loop = 1;
+
+ for (i = 0; i < num; i++) {
+ if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+ printf("exit semaphore not released by test task");
+ ret = -1;
+ xRet = pdFAIL;
+ }
+ }
+ }
+
+ vSemaphoreDelete(exit_semaph);
+
+ if ((xRet == pdPASS) &&
+ (Aes128_Gcm_multTst_rslt == 0 && Aes256_Gcm_multTst_rslt == 0))
+ ret = 0;
+ else
+ ret = -1;
+
+ RESULT_STR(ret)
+
+ return ret;
+}
+
+int rsip_crypt_Sha_AesCbcGcm_multitest()
+{
+ int ret = 0;
+ int num = 0;
+ int i;
+ Info info_aes128cbc;
+ Info info_aes128gcm;
+ Info info_aes256cbc;
+ Info info_aes256gcm;
+ BaseType_t xRet;
+
+#ifndef NO_SHA256
+ num+=2;
+#endif
+
+#if defined(WOLFSSL_AES_128)
+ num+=2;
+#endif
+#if defined(WOLFSSL_AES_256)
+ num+=2;
+#endif
+
+ exit_loop = 0;
+ sha256_multTst_rslt1 = 0;
+ sha256_multTst_rslt2 = 0;
+ Aes128_Cbc_multTst_rslt = 0;
+ Aes256_Cbc_multTst_rslt = 0;
+ Aes128_Gcm_multTst_rslt = 0;
+ Aes256_Gcm_multTst_rslt = 0;
+
+ exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+ xRet = pdPASS;
+
+#ifndef NO_SHA256
+ xRet = xTaskCreate(tskSha256_Test1, "sha256_test1",
+ STACK_SIZE, NULL, 3, NULL);
+
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskSha256_Test2, "sha256_test2",
+ STACK_SIZE, NULL, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_128)
+ XMEMCPY(&info_aes128cbc.aes_key, &g_user_aes128_key_index1,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes128_Cbc_Test, "aes128_cbc_test1",
+ STACK_SIZE, &info_aes128cbc, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_128)
+ XMEMCPY(&info_aes128gcm.aes_key, &g_user_aes128_key_index2,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes128_Gcm_Test, "aes128_gcm_test2",
+ STACK_SIZE, &info_aes128gcm, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+ XMEMCPY(&info_aes256cbc.aes_key, &g_user_aes256_key_index1,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes256_Cbc_Test, "aes256_cbc_test1",
+ STACK_SIZE, &info_aes256cbc, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+ XMEMCPY(&info_aes256gcm.aes_key, &g_user_aes256_key_index2,
+ sizeof(FSPSM_AES_PWKEY));
+ if (xRet == pdPASS)
+ xRet = xTaskCreate(tskAes256_Gcm_Test, "aes256_gcm_test2",
+ STACK_SIZE, &info_aes256gcm, 3, NULL);
+#endif
+
+ if (xRet == pdPASS) {
+ printf(" Waiting for completing tasks ... ");
+ vTaskDelay(10000/portTICK_PERIOD_MS);
+ exit_loop = 1;
+
+ for (i = 0; i < num; i++) {
+ if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+ printf("exit semaphore not released by test task");
+ ret = -1;
+ xRet = pdFAIL;
+ }
+ }
+ }
+
+ vSemaphoreDelete(exit_semaph);
+
+ if ((xRet == pdPASS) &&
+ (Aes128_Gcm_multTst_rslt == 0 && Aes256_Gcm_multTst_rslt == 0) &&
+ (sha256_multTst_rslt1 == 0 && sha256_multTst_rslt2 == 0)) {
+
+ ret = 0;
+ }
+ else {
+ ret = -1;
+ }
+
+ RESULT_STR(ret)
+
+ return ret;
+}
+
+int rsip_crypt_test()
+{
+ int ret = 0;
+ fsp_err_t rsip_error_code = FSP_SUCCESS;
+
+ /* Generate AES sce Key */
+
+ if (rsip_error_code == FSP_SUCCESS) {
+ #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ /* set up Crypt Call back */
+ Clr_CallbackCtx(&gCbInfo);
+ Clr_CallbackCtx(&gCbInfo_a);
+
+ /* sets wrapped aes key */
+ gCbInfo.wrapped_key_aes128 = g_user_aes128_key_index1;
+ gCbInfo.wrapped_key_aes256 = g_user_aes256_key_index1;
+ /* sets wrapped rsa key */
+ gCbInfo.wrapped_key_rsapri1024 = g_user_rsa1024_private_key;
+ gCbInfo.wrapped_key_rsapub1024 = g_user_rsa1024_public_key;
+ gCbInfo.wrapped_key_rsapri2048 = g_user_rsa2048_private_key;
+ gCbInfo.wrapped_key_rsapub2048 = g_user_rsa2048_public_key;
+
+ RSIP_KeyGeneration(&gCbInfo);
+
+ /* Key generation for multi testing */
+ gCbInfo_a.wrapped_key_aes128 = g_user_aes128_key_index2;
+ gCbInfo_a.wrapped_key_aes256 = g_user_aes256_key_index2;
+ RSIP_KeyGeneration(&gCbInfo_a);
+
+ /* set callback ctx */
+ ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &gCbInfo);
+
+ if ( ret > 0) {
+ devId1 = ret;
+ ret = 0;
+ }
+
+ if (ret == 0) {
+ printf(" rsip_rsa_test(512)(this will be done"
+ " by SW because RSIP doesn't support 512 bits key size.)");
+ ret = rsip_rsa_test(1, 512);
+ RESULT_STR(ret)
+ }
+
+ if (ret == 0) {
+ printf(" rsip_rsa_test(1024)");
+ ret = rsip_rsa_test(1, 1024);
+ RESULT_STR(ret)
+ }
+
+ if (ret == 0) {
+ printf(" rsip_rsa_test(2048)");
+ ret = rsip_rsa_test(1, 2048);
+ RESULT_STR(ret)
+ }
+
+ if (ret == 0) {
+ gCbInfo.hash_type = RSIP_HASH_TYPE_SHA256 ;
+ printf(" rsip_rsa_SignVerify_test(1024)");
+ ret = rsip_rsa_SignVerify_test(1, 1024);
+ RESULT_STR(ret)
+ }
+
+ if (ret == 0 && rsip_error_code == FSP_SUCCESS) {
+ printf(" rsip_rsa_SignVerify_test(2048)");
+ ret = rsip_rsa_SignVerify_test(1, 2048);
+ RESULT_STR(ret)
+ }
+
+ #endif /* WOLFSSL_RENESAS_RSIP_CRYPTONLY */
+
+ #ifndef NO_SHA256
+ printf(" sha256_test()");
+ ret = sha256_test();
+ RESULT_STR(ret)
+ #endif
+ #ifdef WOLFSSL_SHA224
+ printf(" sha224_test()");
+ ret = sha224_test();
+ RESULT_STR(ret)
+ #endif
+ #ifdef WOLFSSL_SHA384
+ printf(" sha384_test()");
+ ret = sha384_test();
+ RESULT_STR(ret)
+ #endif
+ #ifdef WOLFSSL_SHA512
+ printf(" sha512_test()");
+ ret = sha512_test();
+ RESULT_STR(ret)
+ #endif
+
+ ret = rsip_aes128_cbc_test(1, g_user_aes128_key_index1);
+
+ if (ret == 0) {
+ ret = rsip_aes256_cbc_test(1, g_user_aes256_key_index1);
+ }
+
+ if (ret == 0) {
+ ret = rsip_aesgcm128_test(1, g_user_aes128_key_index1);
+ }
+
+ if (ret == 0) {
+ ret = rsip_aesgcm256_test(1, g_user_aes256_key_index1);
+ }
+
+ if (ret == 0) {
+ printf(" multi sha thread test\n");
+ ret = rsip_crypt_sha256_multitest();
+ }
+
+ if (ret == 0) {
+ printf(" multi Aes cbc thread test\n");
+ ret = rsip_crypt_AesCbc_multitest();
+ }
+
+ if (ret == 0) {
+ printf(" multi Aes Gcm thread test\n");
+ ret = rsip_crypt_AesGcm_multitest();
+ }
+
+ if (ret == 0) {
+ printf("rsip_crypt_Sha_AesCbcGcm_multitest\n");
+ ret = rsip_crypt_Sha_AesCbcGcm_multitest();
+ }
+
+ #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+ Clr_CallbackCtx(&gCbInfo);
+ Clr_CallbackCtx(&gCbInfo_a);
+ #endif
+ }
+ else
+ ret = -1;
+
+ return ret;
+}
+
+#endif /* WOLFSSL_RENESAS_RSIP */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore
new file mode 100644
index 00000000..c96a04f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore
new file mode 100644
index 00000000..c96a04f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/wc_port.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c
index 9613b732..2b9642c0 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/wc_port.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c
@@ -1,4 +1,4 @@
-/* port.h
+/* wolfssl_dummy.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,14 +19,15 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-
-
-#ifndef CTAO_CRYPT_PORT_H
-#define CTAO_CRYPT_PORT_H
-
-#include <cyassl/ctaocrypt/visibility.h>
#include <wolfssl/wolfcrypt/wc_port.h>
-#define CyaSSL_Mutex wolfSSL_Mutex
-#endif /* CTAO_CRYPT_PORT_H */
+#define YEAR 2023
+#define MON 9
+
+static int tick = 0;
+time_t time(time_t *t)
+{
+ (void)t;
+ return ((YEAR-1970)*365+30*MON)*24*60*60 + tick++;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c b/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c
index a8ef00af..72c3613f 100644
--- a/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c
+++ b/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c
@@ -293,7 +293,7 @@ int testharness_main()
process_a_file(strcat(path, "AES_CBC_47242.json")); // Failed to allocate buffer large enough for file, fixed by chopping into smaller sections
process_a_file(strcat(path, "AES_CCM_47247.json")); // Failed, increase stack/heap
process_a_file(strcat(path, "AES_CCM_47247-part1.json")); // Failed to write out the entire response (got 104 of 370 tgId's in the response)
- process_a_file(strcat(path, "AES_CCM_47247-part2.json")); // Failed ot write out the entire response (started at 371 and got to 429 of 741 tgId's in the response) looks like alloc failures, increase HEAP
+ process_a_file(strcat(path, "AES_CCM_47247-part2.json")); // Failed to write out the entire response (started at 371 and got to 429 of 741 tgId's in the response) looks like alloc failures, increase HEAP
process_a_file(strcat(path, "DSA_keyGen_47253.json")); // Success
process_a_file(strcat(path, "RSA_DecPrim_47306.json")); // Success
process_a_file(strcat(path, "ECDSA_sigVer_47258.json")); // Success
diff --git a/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h b/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h
index 8be26569..e62f12d6 100644
--- a/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h
@@ -39,7 +39,7 @@ extern "C" {
#undef WOLFSSL_STARCORE
#define WOLFSSL_STARCORE
-/* Endianess */
+/* Endianness */
#undef BIG_ENDIAN_ORDER
#define BIG_ENDIAN_ORDER
@@ -204,7 +204,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
/* #undef FP_MAX_BITS_ECC */
/* #define FP_MAX_BITS_ECC (256 * 2) */
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md b/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md
index 8a5bcea4..7268d81f 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md
@@ -31,7 +31,7 @@ You need both the STM32 IDE and the STM32 initialization code generator (STM32Cu
2. Under “Software Packs†choose “Select Componentsâ€.
3. Find and check all components for the wolfSSL.wolfSSL packs (wolfSSL / Core, wolfCrypt / Core and wolfCrypt / Test). Close
4. Under the “Software Packs†section click on “wolfSSL.wolfSSL†and configure the parameters.
-5. For Cortex-M recommend “Math Configuration†-> “Single Precision Cortex-M Math†for the fastest option.
+5. For Cortex-M recommend “Math Configuration†-> “Single Precision Cortex-M Math†for the fastest option. If seeing `error: r7 cannot be used in 'asm` add `-fomit-frame-pointer` to the CFLAGS. This only happens in debug builds, because r7 is used for debug.
6. Hit the "Generate Code" button
7. Open the project in STM32CubeIDE
8. The Benchmark example uses float. To enable go to "Project Properties" -> "C/C++ Build" -> "Settings" -> "Tool Settings" -> "MCU Settings" -> Check "Use float with printf".
@@ -87,6 +87,7 @@ The section for "Hardware platform" may need to be adjusted depending on your pr
* To enable STM32L5 support define `WOLFSSL_STM32L5`.
* To enable STM32H7 support define `WOLFSSL_STM32H7`.
* To enable STM32WB support define `WOLFSSL_STM32WB`.
+* To enable STM32WL support define `WOLFSSL_STM32WL`.
* To enable STM32U5 support define `WOLFSSL_STM32U5`.
* To enable STM32H5 support define `WOLFSSL_STM32H5`.
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md b/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md
index 3f429407..129cbdd4 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md
@@ -2,6 +2,7 @@
* [STM32H753ZI](#stm32h753zi)
* [STM32WB55](#stm32wb55)
+* [STM32WL55](#stm32wl55)
* [STM32F437](#stm32f437)
* [STM32L4A6Z](#stm32l4a6z)
* [STM32L562E](#stm32l562e)
@@ -10,6 +11,7 @@
* [STM32H563ZI](#stm32h563zi)
* [STM32G071RB](#stm32g071rb)
+
## STM32H753ZI
Supports RNG, AES CBC/GCM and SHA-2 acceleration.
@@ -94,6 +96,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
+
## STM32WB55
Supports RNG, ECC P-256, AES-CBC and SHA-256 acceleration.
@@ -211,6 +214,86 @@ Benchmark complete
Benchmark Test: Return code 0
```
+
+## STM32WL55
+
+Supports RNG, ECC P-256 and AES-CBC acceleration.
+Note: SP math beats PKA HW. HW RNG on for all tests
+
+Board: NUCLEO-WL55JC1 (MB1389-HIGHBAND-E02)
+CPU: Cortex-M4 at 64 MHz
+IDE: STM32CubeIDE
+RTOS: Bare-Metal
+
+### STM32WL55 (STM AES-CBC Acceleration, -Os, SP-ASM Cortex-M WOLF_CONF_MATH=4)
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.4
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG 200 KiB took 1.012 seconds, 197.628 KiB/s
+AES-128-CBC-enc 2 MiB took 1.000 seconds, 2.246 MiB/s
+AES-128-CBC-dec 2 MiB took 1.004 seconds, 2.213 MiB/s
+AES-256-CBC-enc 2 MiB took 1.008 seconds, 2.228 MiB/s
+AES-256-CBC-dec 2 MiB took 1.000 seconds, 2.197 MiB/s
+SHA-256 600 KiB took 1.000 seconds, 600.000 KiB/s
+HMAC-SHA256 600 KiB took 1.012 seconds, 592.885 KiB/s
+ECC [ SECP256R1] 256 key gen 56 ops took 1.023 sec, avg 18.268 ms, 54.741 ops/sec
+ECDHE [ SECP256R1] 256 agree 26 ops took 1.024 sec, avg 39.385 ms, 25.391 ops/sec
+ECDSA [ SECP256R1] 256 sign 30 ops took 1.019 sec, avg 33.967 ms, 29.441 ops/sec
+ECDSA [ SECP256R1] 256 verify 18 ops took 1.098 sec, avg 61.000 ms, 16.393 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+### STM32WL55 (STM AES-CBC Acceleration and PKA ECC, -Os)
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.4
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG 200 KiB took 1.000 seconds, 200.000 KiB/s
+AES-128-CBC-enc 2 MiB took 1.000 seconds, 2.295 MiB/s
+AES-128-CBC-dec 2 MiB took 1.007 seconds, 2.279 MiB/s
+AES-256-CBC-enc 2 MiB took 1.000 seconds, 2.295 MiB/s
+AES-256-CBC-dec 2 MiB took 1.008 seconds, 2.252 MiB/s
+SHA-256 575 KiB took 1.043 seconds, 551.294 KiB/s
+HMAC-SHA256 550 KiB took 1.000 seconds, 550.000 KiB/s
+ECC [ SECP256R1] 256 key gen 4 ops took 1.172 sec, avg 293.000 ms, 3.413 ops/sec
+ECDHE [ SECP256R1] 256 agree 4 ops took 1.165 sec, avg 291.250 ms, 3.433 ops/sec
+ECDSA [ SECP256R1] 256 sign 10 ops took 1.070 sec, avg 107.000 ms, 9.346 ops/sec
+ECDSA [ SECP256R1] 256 verify 6 ops took 1.275 sec, avg 212.500 ms, 4.706 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+### STM32WL55 (No HW Crypto, -Os, SP Math All (WOLF_CONF_MATH=6))
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.4
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG 200 KiB took 1.015 seconds, 197.044 KiB/s
+AES-128-CBC-enc 400 KiB took 1.004 seconds, 398.406 KiB/s
+AES-128-CBC-dec 400 KiB took 1.000 seconds, 400.000 KiB/s
+AES-192-CBC-enc 350 KiB took 1.031 seconds, 339.476 KiB/s
+AES-192-CBC-dec 350 KiB took 1.028 seconds, 340.467 KiB/s
+AES-256-CBC-enc 300 KiB took 1.007 seconds, 297.915 KiB/s
+AES-256-CBC-dec 300 KiB took 1.004 seconds, 298.805 KiB/s
+SHA-256 550 KiB took 1.016 seconds, 541.339 KiB/s
+HMAC-SHA256 550 KiB took 1.024 seconds, 537.109 KiB/s
+ECC [ SECP256R1] 256 key gen 4 ops took 1.180 sec, avg 295.000 ms, 3.390 ops/sec
+ECDHE [ SECP256R1] 256 agree 4 ops took 1.181 sec, avg 295.250 ms, 3.387 ops/sec
+ECDSA [ SECP256R1] 256 sign 4 ops took 1.306 sec, avg 326.500 ms, 3.063 ops/sec
+ECDSA [ SECP256R1] 256 verify 2 ops took 1.188 sec, avg 594.000 ms, 1.684 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+
## STM32F437
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -295,6 +378,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
+
## STM32L4A6Z
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -304,78 +388,137 @@ Board: NUCLEO-L4A6ZG
CPU: Cortex-M4 at 80 MHz
IDE: STM32CubeIDE
RTOS: FreeRTOS
+Compiler: GCC with -Os
-### STM32L4A6Z (STM Crypto/Hash Acceleration, -Os, SP-ASM Cortex-M)
+### STM32L4A6Z (STM Crypto/Hash Acceleration, SP-ASM Cortex-M Small and ARM ASM Thumb speedups)
+Build options used:
+
+```c
+#define WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#define WOLFSSL_SP_384
+#define WOLFSSL_SP_SMALL
+#define WOLFSSL_SP_NO_MALLOC
+
+#define WOLFSSL_ARMASM
+#define WOLFSSL_ARMASM_INLINE
+#define WOLFSSL_ARMASM_NO_HW_CRYPTO
+#define WOLFSSL_ARMASM_NO_NEON
+#define WOLFSSL_ARM_ARCH 7
+```
```
------------------------------------------------------------------------------
- wolfSSL version 4.4.1
+ wolfSSL version 5.6.4
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG 250 KB took 1.083 seconds, 230.840 KB/s
-AES-128-CBC-enc 4 MB took 1.000 seconds, 4.175 MB/s
-AES-128-CBC-dec 3 MB took 1.000 seconds, 3.442 MB/s
-AES-256-CBC-enc 3 MB took 1.000 seconds, 3.247 MB/s
-AES-256-CBC-dec 3 MB took 1.008 seconds, 2.664 MB/s
-AES-128-GCM-enc 4 MB took 1.000 seconds, 3.589 MB/s
-AES-128-GCM-dec 4 MB took 1.004 seconds, 3.575 MB/s
-AES-256-GCM-enc 3 MB took 1.004 seconds, 2.869 MB/s
-AES-256-GCM-dec 3 MB took 1.000 seconds, 2.856 MB/s
-CHACHA 2 MB took 1.008 seconds, 2.010 MB/s
-CHA-POLY 1 MB took 1.004 seconds, 1.337 MB/s
-POLY1305 6 MB took 1.000 seconds, 6.030 MB/s
-SHA-256 4 MB took 1.004 seconds, 3.623 MB/s
-HMAC-SHA256 4 MB took 1.000 seconds, 3.540 MB/s
-RSA 2048 public 36 ops took 1.020 sec, avg 28.333 ms, 35.294 ops/sec
-RSA 2048 private 2 ops took 2.031 sec, avg 1015.500 ms, 0.985 ops/sec
-DH 2048 key gen 3 ops took 1.353 sec, avg 451.000 ms, 2.217 ops/sec
-DH 2048 agree 4 ops took 1.804 sec, avg 451.000 ms, 2.217 ops/sec
-ECC 256 key gen 33 ops took 1.011 sec, avg 30.636 ms, 32.641 ops/sec
-ECDHE 256 agree 16 ops took 1.078 sec, avg 67.375 ms, 14.842 ops/sec
-ECDSA 256 sign 24 ops took 1.012 sec, avg 42.167 ms, 23.715 ops/sec
-ECDSA 256 verify 12 ops took 1.165 sec, avg 97.083 ms, 10.300 ops/sec
+RNG 225 KiB took 1.078 seconds, 208.720 KiB/s
+AES-128-CBC-enc 4 MiB took 1.000 seconds, 4.150 MiB/s
+AES-128-CBC-dec 3 MiB took 1.004 seconds, 3.234 MiB/s
+AES-256-CBC-enc 3 MiB took 1.000 seconds, 3.247 MiB/s
+AES-256-CBC-dec 3 MiB took 1.008 seconds, 2.543 MiB/s
+AES-128-GCM-enc 4 MiB took 1.000 seconds, 3.687 MiB/s
+AES-128-GCM-dec 4 MiB took 1.000 seconds, 3.638 MiB/s
+AES-256-GCM-enc 3 MiB took 1.000 seconds, 2.930 MiB/s
+AES-256-GCM-dec 3 MiB took 1.004 seconds, 2.894 MiB/s
+AES-128-GCM-enc-no_AAD 4 MiB took 1.000 seconds, 3.687 MiB/s
+AES-128-GCM-dec-no_AAD 4 MiB took 1.000 seconds, 3.662 MiB/s
+AES-256-GCM-enc-no_AAD 3 MiB took 1.003 seconds, 2.945 MiB/s
+AES-256-GCM-dec-no_AAD 3 MiB took 1.004 seconds, 2.918 MiB/s
+GMAC Table 4-bit 952 KiB took 1.000 seconds, 952.000 KiB/s
+CHACHA 3 MiB took 1.004 seconds, 2.894 MiB/s
+CHA-POLY 2 MiB took 1.004 seconds, 1.775 MiB/s
+POLY1305 7 MiB took 1.000 seconds, 7.227 MiB/s
+SHA-256 7 MiB took 1.000 seconds, 7.104 MiB/s
+SHA-512 350 KiB took 1.036 seconds, 337.838 KiB/s
+SHA-512/224 350 KiB took 1.035 seconds, 338.164 KiB/s
+SHA-512/256 350 KiB took 1.035 seconds, 338.164 KiB/s
+HMAC-SHA256 7 MiB took 1.000 seconds, 6.763 MiB/s
+HMAC-SHA512 350 KiB took 1.047 seconds, 334.288 KiB/s
+RSA 2048 public 36 ops took 1.008 sec, avg 28.000 ms, 35.714 ops/sec
+RSA 2048 private 2 ops took 2.016 sec, avg 1008.000 ms, 0.992 ops/sec
+DH 2048 key gen 3 ops took 1.416 sec, avg 472.000 ms, 2.119 ops/sec
+DH 2048 agree 4 ops took 1.890 sec, avg 472.500 ms, 2.116 ops/sec
+ECC [ SECP256R1] 256 key gen 32 ops took 1.000 sec, avg 31.250 ms, 32.000 ops/sec
+ECDHE [ SECP256R1] 256 agree 16 ops took 1.101 sec, avg 68.812 ms, 14.532 ops/sec
+ECDSA [ SECP256R1] 256 sign 24 ops took 1.020 sec, avg 42.500 ms, 23.529 ops/sec
+ECDSA [ SECP256R1] 256 verify 12 ops took 1.133 sec, avg 94.417 ms, 10.591 ops/sec
+ECC [ SECP384R1] 384 key gen 10 ops took 1.232 sec, avg 123.200 ms, 8.117 ops/sec
+ECDHE [ SECP384R1] 384 agree 4 ops took 1.063 sec, avg 265.750 ms, 3.763 ops/sec
+ECDSA [ SECP384R1] 384 sign 8 ops took 1.223 sec, avg 152.875 ms, 6.541 ops/sec
+ECDSA [ SECP384R1] 384 verify 4 ops took 1.388 sec, avg 347.000 ms, 2.882 ops/sec
+CURVE 25519 key gen 32 ops took 1.023 sec, avg 31.969 ms, 31.281 ops/sec
+CURVE 25519 agree 32 ops took 1.012 sec, avg 31.625 ms, 31.621 ops/sec
+ED 25519 key gen 80 ops took 1.008 sec, avg 12.600 ms, 79.365 ops/sec
+ED 25519 sign 64 ops took 1.027 sec, avg 16.047 ms, 62.317 ops/sec
+ED 25519 verify 28 ops took 1.024 sec, avg 36.571 ms, 27.344 ops/sec
Benchmark complete
Benchmark Test: Return code 0
```
-### STM32L4A6Z (No HW Crypto, -Os, FastMath)
+### STM32L4A6Z (No HW Crypto, SP Math All (sp_int.c) NO ASM)
+
+```
+#define WOLFSSL_SP_MATH_ALL
+#define WOLFSSL_SP_SMALL
+#define WOLFSSL_NO_ASM
+#define WOLFSSL_SP_NO_MALLOC
+#define CURVED25519_SMALL
+```
```
------------------------------------------------------------------------------
- wolfSSL version 4.4.1
+ wolfSSL version 5.6.4
------------------------------------------------------------------------------
wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG 450 KB took 1.048 seconds, 429.389 KB/s
-AES-128-CBC-enc 625 KB took 1.008 seconds, 620.040 KB/s
-AES-128-CBC-dec 675 KB took 1.008 seconds, 669.643 KB/s
-AES-192-CBC-enc 550 KB took 1.023 seconds, 537.634 KB/s
-AES-192-CBC-dec 575 KB took 1.012 seconds, 568.182 KB/s
-AES-256-CBC-enc 475 KB took 1.004 seconds, 473.108 KB/s
-AES-256-CBC-dec 500 KB took 1.008 seconds, 496.032 KB/s
-AES-128-GCM-enc 50 KB took 1.440 seconds, 34.722 KB/s
-AES-128-GCM-dec 50 KB took 1.435 seconds, 34.843 KB/s
-AES-192-GCM-enc 50 KB took 1.466 seconds, 34.106 KB/s
-AES-192-GCM-dec 50 KB took 1.463 seconds, 34.176 KB/s
-AES-256-GCM-enc 50 KB took 1.482 seconds, 33.738 KB/s
-AES-256-GCM-dec 50 KB took 1.478 seconds, 33.829 KB/s
-CHACHA 2 MB took 1.008 seconds, 2.010 MB/s
-CHA-POLY 1 MB took 1.008 seconds, 1.332 MB/s
-POLY1305 6 MB took 1.000 seconds, 6.006 MB/s
-SHA-256 1 MB took 1.000 seconds, 1.123 MB/s
-HMAC-SHA256 1 MB took 1.008 seconds, 1.114 MB/s
-RSA 2048 public 16 ops took 1.028 sec, avg 64.250 ms, 15.564 ops/sec
-RSA 2048 private 2 ops took 7.491 sec, avg 3745.500 ms, 0.267 ops/sec
-DH 2048 key gen 2 ops took 1.440 sec, avg 720.000 ms, 1.389 ops/sec
-DH 2048 agree 2 ops took 2.882 sec, avg 1441.000 ms, 0.694 ops/sec
-ECC 256 key gen 2 ops took 1.918 sec, avg 959.000 ms, 1.043 ops/sec
-ECDHE 256 agree 2 ops took 1.914 sec, avg 957.000 ms, 1.045 ops/sec
-ECDSA 256 sign 2 ops took 1.941 sec, avg 970.500 ms, 1.030 ops/sec
-ECDSA 256 verify 2 ops took 1.294 sec, avg 647.000 ms, 1.546 ops/sec
+RNG 325 KiB took 1.059 seconds, 306.893 KiB/s
+AES-128-CBC-enc 425 KiB took 1.000 seconds, 425.000 KiB/s
+AES-128-CBC-dec 450 KiB took 1.028 seconds, 437.743 KiB/s
+AES-192-CBC-enc 375 KiB took 1.035 seconds, 362.319 KiB/s
+AES-192-CBC-dec 375 KiB took 1.015 seconds, 369.458 KiB/s
+AES-256-CBC-enc 325 KiB took 1.032 seconds, 314.922 KiB/s
+AES-256-CBC-dec 325 KiB took 1.004 seconds, 323.705 KiB/s
+AES-128-GCM-enc 325 KiB took 1.063 seconds, 305.738 KiB/s
+AES-128-GCM-dec 325 KiB took 1.066 seconds, 304.878 KiB/s
+AES-192-GCM-enc 275 KiB took 1.020 seconds, 269.608 KiB/s
+AES-192-GCM-dec 275 KiB took 1.015 seconds, 270.936 KiB/s
+AES-256-GCM-enc 250 KiB took 1.028 seconds, 243.191 KiB/s
+AES-256-GCM-dec 250 KiB took 1.027 seconds, 243.427 KiB/s
+AES-128-GCM-enc-no_AAD 325 KiB took 1.059 seconds, 306.893 KiB/s
+AES-128-GCM-dec-no_AAD 325 KiB took 1.062 seconds, 306.026 KiB/s
+AES-192-GCM-enc-no_AAD 275 KiB took 1.012 seconds, 271.739 KiB/s
+AES-192-GCM-dec-no_AAD 275 KiB took 1.015 seconds, 270.936 KiB/s
+AES-256-GCM-enc-no_AAD 250 KiB took 1.020 seconds, 245.098 KiB/s
+AES-256-GCM-dec-no_AAD 250 KiB took 1.023 seconds, 244.379 KiB/s
+GMAC Table 4-bit 1 MiB took 1.000 seconds, 1.064 MiB/s
+CHACHA 3 MiB took 1.000 seconds, 2.832 MiB/s
+CHA-POLY 2 MiB took 1.004 seconds, 1.751 MiB/s
+POLY1305 7 MiB took 1.000 seconds, 7.104 MiB/s
+SHA-256 850 KiB took 1.003 seconds, 847.458 KiB/s
+SHA-512 350 KiB took 1.036 seconds, 337.838 KiB/s
+SHA-512/224 350 KiB took 1.035 seconds, 338.164 KiB/s
+SHA-512/256 350 KiB took 1.035 seconds, 338.164 KiB/s
+HMAC-SHA256 850 KiB took 1.012 seconds, 839.921 KiB/s
+HMAC-SHA512 350 KiB took 1.051 seconds, 333.016 KiB/s
+RSA 2048 public 24 ops took 1.067 sec, avg 44.458 ms, 22.493 ops/sec
+RSA 2048 private 2 ops took 5.643 sec, avg 2821.500 ms, 0.354 ops/sec
+DH 2048 key gen 2 ops took 1.078 sec, avg 539.000 ms, 1.855 ops/sec
+DH 2048 agree 2 ops took 2.455 sec, avg 1227.500 ms, 0.815 ops/sec
+ECC [ SECP256R1] 256 key gen 4 ops took 1.808 sec, avg 452.000 ms, 2.212 ops/sec
+ECDHE [ SECP256R1] 256 agree 4 ops took 1.807 sec, avg 451.750 ms, 2.214 ops/sec
+ECDSA [ SECP256R1] 256 sign 4 ops took 1.828 sec, avg 457.000 ms, 2.188 ops/sec
+ECDSA [ SECP256R1] 256 verify 4 ops took 1.224 sec, avg 306.000 ms, 3.268 ops/sec
+CURVE 25519 key gen 2 ops took 1.392 sec, avg 696.000 ms, 1.437 ops/sec
+CURVE 25519 agree 2 ops took 1.384 sec, avg 692.000 ms, 1.445 ops/sec
+ED 25519 key gen 2 ops took 1.412 sec, avg 706.000 ms, 1.416 ops/sec
+ED 25519 sign 2 ops took 1.435 sec, avg 717.500 ms, 1.394 ops/sec
+ED 25519 verify 2 ops took 2.949 sec, avg 1474.500 ms, 0.678 ops/sec
Benchmark complete
Benchmark Test: Return code 0
```
+
## STM32L562E
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -489,6 +632,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
+
## STM32F777
Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -573,6 +717,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
+
## STM32U585
Supports RNG, AES CBC/GCM and SHA-1,SHA-2 acceleration.
@@ -711,6 +856,7 @@ Benchmark complete
Benchmark Test: Return code 0
```
+
## STM32H563ZI
Cortex-M33 at 150MHz
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl b/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl
index 71ba570b..015a2851 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl
@@ -33,9 +33,9 @@
[#list SWIPdatas as SWIP]
[#-- Global variables --]
[#if SWIP.variables??]
- [#list SWIP.variables as variable]
+ [#list SWIP.variables as variable]
extern ${variable.value} ${variable.name};
- [/#list]
+ [/#list]
[/#if]
[#-- Global variables --]
@@ -45,16 +45,16 @@ extern ${variable.value} ${variable.name};
[#assign version = SWIP.version]
/**
- MiddleWare name : ${instName}
- MiddleWare fileName : ${fileName}
- MiddleWare version : ${version}
+ MiddleWare name : ${instName}
+ MiddleWare fileName : ${fileName}
+ MiddleWare version : ${version}
*/
[#if SWIP.defines??]
- [#list SWIP.defines as definition]
+ [#list SWIP.defines as definition]
/*---------- [#if definition.comments??]${definition.comments}[/#if] -----------*/
#define ${definition.name} #t#t ${definition.value}
[#if definition.description??]${definition.description} [/#if]
- [/#list]
+ [/#list]
[/#if]
@@ -76,6 +76,11 @@ extern ${variable.value} ${variable.name};
#define WOLFSSL_STM32_PKA
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart1
+#elif defined(STM32WL55xx)
+ #define WOLFSSL_STM32WL
+ #define WOLFSSL_STM32_PKA
+ #undef NO_STM32_CRYPTO
+ #define HAL_CONSOLE_UART huart2
#elif defined(STM32F407xx)
#define WOLFSSL_STM32F4
#define HAL_CONSOLE_UART huart2
@@ -102,7 +107,7 @@ extern ${variable.value} ${variable.name};
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart3
-#elif defined(STM32H723xx)
+#elif defined(STM32H723xx) || defined(STM32H725xx)
#define WOLFSSL_STM32H7
#define HAL_CONSOLE_UART huart3
#elif defined(STM32L4A6xx)
@@ -177,7 +182,8 @@ extern ${variable.value} ${variable.name};
//#define NO_STM32_RNG
//#undef NO_STM32_HASH
//#undef NO_STM32_CRYPTO
- //#define WOLFSSL_GENSEED_FORTEST /* if no HW RNG is available use test seed */
+ /* if no HW RNG is available use test seed */
+ //#define WOLFSSL_GENSEED_FORTEST
//#define STM32_HAL_V2
#endif
@@ -242,14 +248,14 @@ extern ${variable.value} ${variable.name};
#define WOLFSSL_HAVE_SP_ECC
#endif
#if WOLF_CONF_MATH == 6 || WOLF_CONF_MATH == 7
+ #define WOLFSSL_SP_MATH_ALL /* use sp_int.c multi precision math */
+ #else
#define WOLFSSL_SP_MATH /* disable non-standard curves / key sizes */
#endif
#define SP_WORD_SIZE 32
/* Enable to put all math on stack (no heap) */
//#define WOLFSSL_SP_NO_MALLOC
- /* Enable for SP cache resistance (not usually enabled for embedded micros) */
- //#define WOLFSSL_SP_CACHE_RESISTANT
#if WOLF_CONF_MATH == 4 || WOLF_CONF_MATH == 5
#define WOLFSSL_SP_ASM /* required if using the ASM versions */
@@ -505,12 +511,12 @@ extern ${variable.value} ${variable.name};
/* Sha3 */
#undef WOLFSSL_SHA3
#if defined(WOLF_CONF_SHA3) && WOLF_CONF_SHA3 == 1
- #define WOLFSSL_SHA3
+ #define WOLFSSL_SHA3
#endif
/* MD5 */
#if defined(WOLF_CONF_MD5) && WOLF_CONF_MD5 == 1
- /* enabled */
+ /* enabled */
#else
#define NO_MD5
#endif
@@ -535,8 +541,8 @@ extern ${variable.value} ${variable.name};
#if 0
#define USE_WOLFSSL_MEMORY
#define WOLFSSL_TRACK_MEMORY
- #define WOLFSSL_DEBUG_MEMORY
- #define WOLFSSL_DEBUG_MEMORY_PRINT
+ #define WOLFSSL_DEBUG_MEMORY
+ #define WOLFSSL_DEBUG_MEMORY_PRINT
#endif
#else
//#define NO_WOLFSSL_MEMORY
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c b/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c
index 3d7c66f1..f056c8cd 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c
@@ -142,7 +142,7 @@ static void SystemClock_Config(void)
*/
__HAL_RCC_PWR_CLK_ENABLE();
__HAL_PWR_VOLTAGESCALING_CONFIG(PWR_REGULATOR_VOLTAGE_SCALE1);
- /** Initializes the CPU, AHB and APB busses clocks
+ /** Initializes the CPU, AHB and APB buses clocks
*/
RCC_OscInitStruct.OscillatorType = RCC_OSCILLATORTYPE_HSI|RCC_OSCILLATORTYPE_LSI;
RCC_OscInitStruct.HSIState = RCC_HSI_ON;
@@ -157,7 +157,7 @@ static void SystemClock_Config(void)
if (HAL_RCC_OscConfig(&RCC_OscInitStruct) != HAL_OK) {
Error_Handler();
}
- /** Initializes the CPU, AHB and APB busses clocks
+ /** Initializes the CPU, AHB and APB buses clocks
*/
RCC_ClkInitStruct.ClockType = RCC_CLOCKTYPE_HCLK|RCC_CLOCKTYPE_SYSCLK|RCC_CLOCKTYPE_PCLK1|RCC_CLOCKTYPE_PCLK2;
RCC_ClkInitStruct.SYSCLKSource = RCC_SYSCLKSOURCE_PLLCLK;
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md
new file mode 100644
index 00000000..89d7b504
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md
@@ -0,0 +1,92 @@
+# Silicon Labs Simplicity Studio
+
+Tested with ERF32xG21 Starter Kit and Gecko SDK v3.2.2 and v4.2.3.
+
+## Simplicity Studio Example
+
+Based on `cli_kernel_freertos`.
+* Create a new example project for your board based on the CLI FreeRTOS example.
+* Create a new `wolfssl` and put wolfSSL into it. Tip: Use `./scripts/makedistsmall.sh` to produce a reduced bundle.
+* Exclude (or delete) all .S and asm.c files.
+* Exclude (or delete) directory not used (only the `src`, `wolfcrypt` and `wolfssl` directory are used).
+* Add the `IDE/SimplicityStudio/user_settings.h` into `wolfssl/user_settings.h`.
+* Add the `IDE/SimplicityStudio/test_wolf.c` to the project root.
+* Add C preprocessor `WOLFSSL_USER_SETTINGS`.
+* Add C include path `wolfssl`.
+* Disable UART flow control: `config/sl_iostream_usart_vcom_config.h` -> `#define SL_IOSTREAM_USART_VCOM_FLOW_CONTROL_TYPE usartHwFlowControlNone`
+* Adjust stack and heap to larger size 12KB:
+ - Adjust the CLI stack. Edit `config/sl_cli_config_inst.h` to `#define SL_CLI_INST_TASK_STACK_SIZE (12*1024)`
+ - Adjust the FreeRTOS heap. Edit `config/FreeRTOSConfig.h` to `#define configTOTAL_HEAP_SIZE (12*1024)`
+* Add the following code to `cli.c`:
+
+```c
+extern void wolf_test(sl_cli_command_arg_t *arguments);
+extern void wolf_bench(sl_cli_command_arg_t *arguments);
+
+static const sl_cli_command_info_t cmd_wolf_test =
+ SL_CLI_COMMAND(wolf_test, "Run wolfCrypt tests", "",
+ { SL_CLI_ARG_WILDCARD, SL_CLI_ARG_END, });
+
+static const sl_cli_command_info_t cmd_wolf_bench =
+ SL_CLI_COMMAND(wolf_bench, "Run wolfCrypt benchmarks", "",
+ { SL_CLI_ARG_WILDCARD, SL_CLI_ARG_END, });
+
+static sl_cli_command_entry_t a_table[] = {
+ { "wolf_test", &cmd_wolf_test, false },
+ { "wolf_bench", &cmd_wolf_bench, false },
+ { NULL, NULL, false },
+};
+```
+
+* If running wolfCrypt benchmark enable printf float
+ - `C/C++ Build Settings` -> `Settings` -> `Tool Settings` -> `GNU ARM C Linker` -> `General` -> `C Library "Printf float"`.
+
+## SE Manager
+
+For SE Manager cryptography hardware acceleration see [/wolfcrypt/src/port/silabs/README.md](/wolfcrypt/src/port/silabs/README.md).
+
+Enabled with `WOLFSSL_SILABS_SE_ACCEL`. Requires the "SE Manager" component to be installed.
+
+## Benchmarks with SE Accel
+
+Tested on ERF32xG21 Starter Kit (Cortex M33 at 80 MHz) and Gecko SDK v3.2.2 (-Os).
+
+```
+Benchmark Test
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG 200 KiB took 1.057 seconds, 189.215 KiB/s
+AES-128-CBC-enc 6 MiB took 1.000 seconds, 5.542 MiB/s
+AES-128-CBC-dec 6 MiB took 1.000 seconds, 5.518 MiB/s
+AES-192-CBC-enc 5 MiB took 1.001 seconds, 5.415 MiB/s
+AES-192-CBC-dec 5 MiB took 1.001 seconds, 5.390 MiB/s
+AES-256-CBC-enc 5 MiB took 1.004 seconds, 5.301 MiB/s
+AES-256-CBC-dec 5 MiB took 1.001 seconds, 5.268 MiB/s
+AES-128-GCM-enc 5 MiB took 1.003 seconds, 4.844 MiB/s
+AES-128-GCM-dec 5 MiB took 1.003 seconds, 4.625 MiB/s
+AES-192-GCM-enc 5 MiB took 1.002 seconds, 4.751 MiB/s
+AES-192-GCM-dec 5 MiB took 1.002 seconds, 4.532 MiB/s
+AES-256-GCM-enc 5 MiB took 1.002 seconds, 4.654 MiB/s
+AES-256-GCM-dec 4 MiB took 1.000 seconds, 4.443 MiB/s
+AES-128-GCM-enc-no_AAD 5 MiB took 1.004 seconds, 4.888 MiB/s
+AES-128-GCM-dec-no_AAD 5 MiB took 1.001 seconds, 4.658 MiB/s
+AES-192-GCM-enc-no_AAD 5 MiB took 1.000 seconds, 4.785 MiB/s
+AES-192-GCM-dec-no_AAD 5 MiB took 1.000 seconds, 4.565 MiB/s
+AES-256-GCM-enc-no_AAD 5 MiB took 1.004 seconds, 4.693 MiB/s
+AES-256-GCM-dec-no_AAD 4 MiB took 1.003 seconds, 4.479 MiB/s
+GMAC Small 5 MiB took 1.000 seconds, 4.653 MiB/s
+CHACHA 2 MiB took 1.012 seconds, 1.809 MiB/s
+CHA-POLY 1 MiB took 1.006 seconds, 1.189 MiB/s
+POLY1305 5 MiB took 1.004 seconds, 5.082 MiB/s
+SHA 8 MiB took 1.000 seconds, 7.812 MiB/s
+SHA-256 8 MiB took 1.000 seconds, 8.032 MiB/s
+HMAC-SHA 7 MiB took 1.000 seconds, 7.056 MiB/s
+HMAC-SHA256 7 MiB took 1.002 seconds, 7.237 MiB/s
+RSA 2048 public 30 ops took 1.022 sec, avg 34.067 ms, 29.354 ops/sec
+RSA 2048 private 2 ops took 2.398 sec, avg 1199.000 ms, 0.834 ops/sec
+ECC [ SECP256R1] 256 key gen 172 ops took 1.004 sec, avg 5.837 ms, 171.315 ops/sec
+ECDHE [ SECP256R1] 256 agree 186 ops took 1.005 sec, avg 5.403 ms, 185.075 ops/sec
+ECDSA [ SECP256R1] 256 sign 174 ops took 1.007 sec, avg 5.787 ms, 172.790 ops/sec
+ECDSA [ SECP256R1] 256 verify 160 ops took 1.003 sec, avg 6.269 ms, 159.521 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am
new file mode 100644
index 00000000..0b010c36
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am
@@ -0,0 +1,7 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/SimplicityStudio/README.md
+EXTRA_DIST+= IDE/SimplicityStudio/test_wolf.c
+EXTRA_DIST+= IDE/SimplicityStudio/user_settings.h
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c
new file mode 100644
index 00000000..e52266ac
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c
@@ -0,0 +1,244 @@
+/* test_wolf.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Example for running wolfCrypt test and benchmark from
+ * SiLabs Simplicity Studio's CLI example */
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/signature.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+#include <stdio.h>
+
+#include "sl_cli.h"
+#include "sl_cli_instances.h"
+#include "sl_cli_arguments.h"
+#include "sl_cli_handles.h"
+
+#ifndef NO_CRYPT_TEST
+typedef struct func_args {
+ int argc;
+ char** argv;
+ int return_code;
+} func_args;
+
+static func_args args = { 0 };
+#endif
+
+void wolf_test(sl_cli_command_arg_t *arguments)
+{
+ int ret;
+#ifndef NO_CRYPT_TEST
+ wolfCrypt_Init();
+
+ printf("\nCrypt Test\n");
+ wolfcrypt_test(&args);
+ ret = args.return_code;
+ printf("Crypt Test: Return code %d\n", ret);
+
+ wolfCrypt_Cleanup();
+#else
+ ret = NOT_COMPILED_IN;
+#endif
+ (void)arguments;
+ (void)ret;
+}
+
+void wolf_bench(sl_cli_command_arg_t *arguments)
+{
+ int ret;
+#ifndef NO_CRYPT_BENCHMARK
+ wolfCrypt_Init();
+
+ printf("\nBenchmark Test\n");
+ benchmark_test(&args);
+ ret = args.return_code;
+ printf("Benchmark Test: Return code %d\n", ret);
+
+ wolfCrypt_Cleanup();
+#else
+ ret = NOT_COMPILED_IN;
+#endif
+ (void)arguments;
+ (void)ret;
+}
+
+/* ecc key gen, sign and verify examples */
+#define TEST_ECC_KEYSZ 32
+#define TEST_DATA_SIZE 128
+#define TEST_KEYGEN_TRIES 100
+#define TEST_ECDSA_TRIES 100
+/* #define TEST_VERIFY_ONLY */
+/* #define TEST_PRIVATE_IMPORT */
+
+void wolf_ecc_test(sl_cli_command_arg_t *arguments)
+{
+ int ret = 0, i, j;
+ byte data[TEST_DATA_SIZE];
+ word32 dataLen = (word32)sizeof(data);
+ WC_RNG rng;
+ ecc_key eccKey;
+ word32 inOutIdx;
+#ifdef TEST_PRIVATE_IMPORT
+ /* ./certs/ecc-client-key.der, ECC */
+ const unsigned char ecc_clikey_der_256[] = {
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xF8, 0xCF, 0x92,
+ 0x6B, 0xBD, 0x1E, 0x28, 0xF1, 0xA8, 0xAB, 0xA1, 0x23, 0x4F,
+ 0x32, 0x74, 0x18, 0x88, 0x50, 0xAD, 0x7E, 0xC7, 0xEC, 0x92,
+ 0xF8, 0x8F, 0x97, 0x4D, 0xAF, 0x56, 0x89, 0x65, 0xC7, 0xA0,
+ 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x07, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4,
+ 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5,
+ 0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80,
+ 0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA,
+ 0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56,
+ 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42,
+ 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F,
+ 0xB4
+ };
+ const int sizeof_ecc_clikey_der_256 = sizeof(ecc_clikey_der_256);
+#endif
+#ifdef TEST_VERIFY_ONLY
+ /* ./certs/ecc-client-keyPub.der, ECC */
+ const unsigned char ecc_clikeypub_der_256[] = {
+ 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
+ 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
+ 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4,
+ 0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5,
+ 0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80,
+ 0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA,
+ 0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56,
+ 0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42,
+ 0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F,
+ 0xB4
+ };
+ const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256);
+
+ /* Signature for hash of 128-bytes data 0,1,2.... */
+ const byte sig[] = {
+ 0x30, 0x45,
+ 0x02, 0x20,
+ 0x5e, 0x01, 0x3d, 0xfb, 0x18, 0x61, 0xe3, 0xe3,
+ 0xa0, 0xff, 0x9b, 0x99, 0xb5, 0x2f, 0x89, 0xba,
+ 0xb3, 0xbb, 0x62, 0x08, 0x9b, 0x94, 0x0e, 0x61,
+ 0x9c, 0x00, 0x7b, 0x43, 0x9c, 0x28, 0xcb, 0xf6,
+ 0x02, 0x21,
+ 0x00,
+ 0xb4, 0x72, 0x2f, 0x22, 0x92, 0xa2, 0x8d, 0x01,
+ 0x6b, 0x01, 0x35, 0x5c, 0xcb, 0x34, 0xa2, 0x21,
+ 0x32, 0xe2, 0xe6, 0x66, 0xd0, 0x9e, 0x3e, 0x8e,
+ 0x84, 0x5d, 0xa4, 0x69, 0x54, 0x52, 0xfc, 0xef
+ };
+ word32 sigLen = (word32)sizeof(sig);
+#else
+ byte sig[ECC_MAX_SIG_SIZE];
+ word32 sigLen;
+#endif
+
+ memset(&rng, 0, sizeof(rng));
+ memset(&eccKey, 0, sizeof(eccKey));
+
+ wolfSSL_Debugging_ON();
+
+ wolfCrypt_Init();
+
+ /* test data */
+ for (i=0; i<(int)dataLen; i++) {
+ data[i] = (byte)i;
+ }
+
+ ret = wc_InitRng(&rng);
+ if (ret != 0) {
+ goto exit;
+ }
+
+ for (i=0; i<TEST_KEYGEN_TRIES; i++) {
+ ret = wc_ecc_init_ex(&eccKey, NULL, 0);
+ if (ret == 0) {
+ inOutIdx = 0;
+#ifdef TEST_VERIFY_ONLY
+ ret = wc_EccPublicKeyDecode(ecc_clikeypub_der_256, &inOutIdx,
+ &eccKey, sizeof_ecc_clikeypub_der_256);
+#else
+ #if (defined(_SILICON_LABS_SECURITY_FEATURE) && \
+ _SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+ /* Load ecc_key with vault's public key.
+ * When only the public area of a key is loaded silabs_ecc.c
+ * (silabs_ecc_sign_hash) will use the vault key to sign */
+ ret = silabs_ecc_load_vault(&eccKey);
+ #elif defined(TEST_PRIVATE_IMPORT)
+ ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &inOutIdx,
+ &eccKey, sizeof_ecc_clikey_der_256);
+ #else
+ ret = wc_ecc_make_key(&rng, TEST_ECC_KEYSZ, &eccKey);
+ #endif
+#endif
+ }
+
+ for (j=0; j<TEST_ECDSA_TRIES; j++) {
+#ifndef TEST_VERIFY_ONLY
+ if (ret == 0) {
+ /* generate signature using ecc key */
+ sigLen = (word32)sizeof(sig);
+
+ ret = wc_SignatureGenerate(
+ WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
+ data, dataLen,
+ sig, &sigLen,
+ &eccKey, (word32)sizeof(eccKey),
+ &rng);
+ }
+#endif
+ if (ret == 0) {
+ ret = wc_SignatureVerify(
+ WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
+ data, dataLen,
+ sig, sigLen,
+ &eccKey, (word32)sizeof(eccKey));
+ }
+
+ if (ret == 0) {
+ fprintf(stderr, "Verification Passed %d %d\n", i, j);
+ }
+ else {
+ fprintf(stderr, "Verification failed!! (ret %d) %d %d\n",
+ ret, i, j);
+ break;
+ }
+ } /* sign/verify tries */
+
+ wc_ecc_free(&eccKey);
+ if (ret != 0)
+ break;
+ } /* key gen tries */
+
+exit:
+ wc_FreeRng(&rng);
+
+ wolfCrypt_Cleanup();
+
+ (void)arguments;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h
new file mode 100644
index 00000000..cfe138a6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h
@@ -0,0 +1,521 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Template based on examples/config/user_settings_template.h, but modified to
+ * include `WOLFSSL_SILABS_SE_ACCEL` and tune for ARM Cortex M. */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Silicon Labs ERF32 Hardware Acceleration */
+#define WOLFSSL_SILABS_SE_ACCEL
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+#define WOLFSSL_GENERAL_ALIGNMENT 4
+#define SIZEOF_LONG_LONG 8
+#define HAVE_STRINGS_H
+
+/* Use FreeRTOS */
+#if 1
+ #define FREERTOS
+#else
+ /* disable mutex locking */
+ #define SINGLE_THREADED
+#endif
+
+/* reduce stack use. For variables over 100 bytes allocate from heap */
+#define WOLFSSL_SMALL_STACK
+
+/* Disable the built-in socket support and use the IO callbacks.
+ * Set IO callbacks with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
+ */
+#define WOLFSSL_USER_IO
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+/* Math Choices: SP (preferred), TFM or Normal (heap) */
+#if 1
+ /* Wolf Single Precision Math */
+ #define WOLFSSL_HAVE_SP_RSA
+ #define WOLFSSL_HAVE_SP_DH
+ #define WOLFSSL_HAVE_SP_ECC
+ //#define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
+ //#define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
+
+ //#define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
+ #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+
+ //#define WOLFSSL_SP_NO_MALLOC
+ //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+ /* use smaller version of code */
+ #define WOLFSSL_SP_SMALL
+
+ /* SP Assembly Speedups - specific to chip type */
+ #define WOLFSSL_SP_ASM
+ #define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#elif 1
+ /* Fast Math (tfm.c) (stack based and timing resistant) */
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+#else
+ /* Normal (integer.c) (heap based, not timing resistant) - not recommended*/
+ #define USE_INTEGER_HEAP_MATH
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* RSA */
+#undef NO_RSA
+#if 1
+ #ifdef USE_FAST_MATH
+ /* Maximum math bits (Max RSA key bits * 2) */
+ #define FP_MAX_BITS 4096
+ #endif
+
+ /* half as much memory but twice as slow */
+ //#define RSA_LOW_MEM
+
+ /* Enables blinding mode, to prevent timing attacks */
+ #define WC_RSA_BLINDING
+
+ /* RSA PSS Support */
+ #define WC_RSA_PSS
+#else
+ #define NO_RSA
+#endif
+
+/* DH */
+#undef NO_DH
+#if 1
+ /* Use table for DH instead of -lm (math) lib dependency */
+ #if 1
+ #define WOLFSSL_DH_CONST
+ #define HAVE_FFDHE_2048
+ //#define HAVE_FFDHE_4096
+ //#define HAVE_FFDHE_6144
+ //#define HAVE_FFDHE_8192
+ #endif
+#else
+ #define NO_DH
+#endif
+
+/* ECC */
+#undef HAVE_ECC
+#if 1
+ #define HAVE_ECC
+
+ /* Manually define enabled curves */
+ #define ECC_USER_CURVES
+
+ #ifdef ECC_USER_CURVES
+ /* Manual Curve Selection */
+ //#define HAVE_ECC192
+ //#define HAVE_ECC224
+ #undef NO_ECC256
+ //#define HAVE_ECC384
+ //#define HAVE_ECC521
+ #endif
+
+ /* Fixed point cache (speeds repeated operations against same private key) */
+ //#define FP_ECC
+ #ifdef FP_ECC
+ /* Bits / Entries */
+ #define FP_ENTRIES 2
+ #define FP_LUT 4
+ #endif
+
+ /* Optional ECC calculation method */
+ /* Note: doubles heap usage, but slightly faster */
+ #define ECC_SHAMIR
+
+ /* Reduces heap usage, but slower */
+ #define ECC_TIMING_RESISTANT
+
+ /* Compressed ECC Key Support */
+ //#define HAVE_COMP_KEY
+
+ /* Use alternate ECC size for ECC math */
+ #ifdef USE_FAST_MATH
+ /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
+ #if defined(NO_RSA) && defined(NO_DH)
+ /* Custom fastmath size if not using RSA/DH */
+ #define FP_MAX_BITS (256 * 2)
+ #else
+ /* use heap allocation for ECC points */
+ #define ALT_ECC_SIZE
+
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
+ //#define FP_MAX_BITS_ECC (256 * 2)
+ #endif
+
+ /* Speedups specific to curve */
+ #ifndef NO_ECC256
+ #define TFM_ECC256
+ #endif
+ #endif
+#endif
+
+
+/* AES */
+#undef NO_AES
+#if 1
+ #define HAVE_AES_CBC
+
+ /* GCM Method: GCM_TABLE_4BIT, GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+ #define HAVE_AESGCM
+ #define GCM_SMALL
+
+ //#define WOLFSSL_AES_DIRECT
+ //#define HAVE_AES_ECB
+ //#define WOLFSSL_AES_COUNTER
+ //#define HAVE_AESCCM
+#else
+ #define NO_AES
+#endif
+
+
+/* DES3 */
+#undef NO_DES3
+#if 0
+#else
+ #define NO_DES3
+#endif
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 1
+ #define HAVE_CHACHA
+ #define HAVE_POLY1305
+
+ /* Needed for Poly1305 */
+ #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+ #define HAVE_CURVE25519
+ #define HAVE_ED25519 /* ED25519 Requires SHA512 */
+
+ /* Optionally use small math (less flash usage, but much slower) */
+ #if 1
+ #define CURVED25519_SMALL
+ #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+ /* 1k smaller, but 25% slower */
+ //#define USE_SLOW_SHA
+#else
+ #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+ /* not unrolled - ~2k smaller and ~25% slower */
+ //#define USE_SLOW_SHA256
+
+ /* Sha224 */
+ #if 0
+ #define WOLFSSL_SHA224
+ #endif
+#else
+ #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 0
+ #define WOLFSSL_SHA512
+
+ /* Sha384 */
+ #undef WOLFSSL_SHA384
+ #if 0
+ #define WOLFSSL_SHA384
+ #endif
+
+ /* over twice as small, but 50% slower */
+ //#define USE_SLOW_SHA512
+#endif
+
+/* Sha3 */
+#undef WOLFSSL_SHA3
+#if 0
+ #define WOLFSSL_SHA3
+#endif
+
+/* MD5 */
+#undef NO_MD5
+#if 0
+
+#else
+ #define NO_MD5
+#endif
+
+/* HKDF */
+#undef HAVE_HKDF
+#if 1
+ #define HAVE_HKDF
+#endif
+
+/* CMAC */
+#undef WOLFSSL_CMAC
+#if 0
+ #define WOLFSSL_CMAC
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#define BENCH_EMBEDDED
+
+/* Use test buffers from array (not filesystem) */
+#define USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_2048
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+
+#undef DEBUG_WOLFSSL
+#undef NO_ERROR_STRINGS
+#if 0
+ #define DEBUG_WOLFSSL
+#else
+ #if 0
+ #define NO_ERROR_STRINGS
+ #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Memory */
+/* ------------------------------------------------------------------------- */
+
+/* Override Memory API's */
+#if 0
+ #define XMALLOC_OVERRIDE
+
+ /* prototypes for user heap override functions */
+ /* Note: Realloc only required for normal math */
+ #include <stddef.h> /* for size_t */
+ extern void *myMalloc(size_t n, void* heap, int type);
+ extern void myFree(void *p, void* heap, int type);
+ extern void *myRealloc(void *p, size_t n, void* heap, int type);
+
+ #define XMALLOC(n, h, t) myMalloc(n, h, t)
+ #define XFREE(p, h, t) myFree(p, h, t)
+ #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
+#endif
+
+#if 0
+ /* Static memory requires fast math */
+ #define WOLFSSL_STATIC_MEMORY
+
+ /* Disable fallback malloc/free */
+ #define WOLFSSL_NO_MALLOC
+ #if 1
+ #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
+ #endif
+#endif
+
+/* Memory callbacks */
+#if 0
+ #undef USE_WOLFSSL_MEMORY
+ #define USE_WOLFSSL_MEMORY
+
+ /* Use this to measure / print heap usage */
+ #if 0
+ #define WOLFSSL_TRACK_MEMORY
+ #define WOLFSSL_DEBUG_MEMORY
+ #endif
+#else
+ #ifndef WOLFSSL_STATIC_MEMORY
+ #define NO_WOLFSSL_MEMORY
+ /* Otherwise we will use stdlib malloc, free and realloc */
+ #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Port */
+/* ------------------------------------------------------------------------- */
+
+/* Override Current Time */
+#if 0
+ /* Allows custom "custom_time()" function to be used for benchmark */
+ #define WOLFSSL_USER_CURRTIME
+ #define WOLFSSL_GMTIME
+ #define USER_TICKS
+ extern unsigned long my_time(unsigned long* timer);
+ #define XTIME my_time
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* RNG */
+/* ------------------------------------------------------------------------- */
+
+/* Choose RNG method */
+#if 1
+ /* Custom Seed Source */
+ #if 0
+ /* Size of returned HW RNG value */
+ #define CUSTOM_RAND_TYPE unsigned int
+ extern unsigned int my_rng_seed_gen(void);
+ #undef CUSTOM_RAND_GENERATE
+ #define CUSTOM_RAND_GENERATE my_rng_seed_gen
+ #endif
+
+ /* Use built-in P-RNG (SHA256 based) with HW RNG */
+ /* P-RNG + HW RNG (P-RNG is ~8K) */
+ #undef HAVE_HASHDRBG
+ #define HAVE_HASHDRBG
+#else
+ #undef WC_NO_HASHDRBG
+ #define WC_NO_HASHDRBG
+
+ /* Bypass P-RNG and use only HW RNG */
+ extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
+ #undef CUSTOM_RAND_GENERATE_BLOCK
+ #define CUSTOM_RAND_GENERATE_BLOCK my_rng_gen_block
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Custom Standard Lib */
+/* ------------------------------------------------------------------------- */
+/* Allows override of all standard library functions */
+#undef STRING_USER
+#if 0
+ #define STRING_USER
+
+ #include <string.h>
+
+ #define USE_WOLF_STRSEP
+ #define XSTRSEP(s1,d) wc_strsep((s1),(d))
+
+ #define USE_WOLF_STRTOK
+ #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
+
+ #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
+
+ #define XMEMCPY(d,s,l) memcpy((d),(s),(l))
+ #define XMEMSET(b,c,l) memset((b),(c),(l))
+ #define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
+ #define XMEMMOVE(d,s,l) memmove((d),(s),(l))
+
+ #define XSTRLEN(s1) strlen((s1))
+ #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
+ #define XSTRSTR(s1,s2) strstr((s1),(s2))
+
+ #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
+ #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
+ #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
+
+ #define XSNPRINTF snprintf
+#endif
+
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+
+#define WOLFSSL_TLS13
+#define WOLFSSL_OLD_PRIME_CHECK /* Use faster DH prime checking */
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_PUB_PEM_TO_DER
+
+//#define WOLFSSL_KEY_GEN /* For RSA Key gen only */
+//#define KEEP_PEER_CERT
+//#define HAVE_COMP_KEY
+
+/* TLS Session Cache */
+#if 0
+ #define SMALL_SESSION_CACHE
+#else
+ #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+//#define NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_CLIENT
+//#define NO_CRYPT_TEST
+//#define NO_CRYPT_BENCHMARK
+//#define WOLFCRYPT_ONLY
+
+/* do not warm when file is included to be built and not required to be */
+#define WOLFSSL_IGNORE_FILE_WARN
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+//#define NO_INLINE
+
+#define NO_FILESYSTEM
+#define NO_WRITEV
+#define NO_MAIN_DRIVER
+#define NO_DEV_RANDOM
+
+#define NO_OLD_TLS
+#define NO_PSK
+
+#define NO_DSA
+#define NO_RC4
+#define NO_MD4
+#define NO_PWDBASED
+//#define NO_CODING
+//#define NO_ASN_TIME
+//#define NO_CERTS
+//#define NO_SIG_WRAPPER
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h b/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h
index d745515a..2ce8e1eb 100644
--- a/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h
@@ -77,7 +77,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
- #define WOLFSSL_SP_CACHE_RESISTANT
//#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
/* 64 or 32 bit version */
diff --git a/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h b/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h
index 7d30a35b..70ce019d 100644
--- a/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h
@@ -75,7 +75,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
- #define WOLFSSL_SP_CACHE_RESISTANT
//#define WOLFSSL_SP_MATH
/* 64 or 32 bit version */
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/README.txt b/extra/wolfssl/wolfssl/IDE/WIN/README.txt
index 25e4d7e8..4c86dc19 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/README.txt
+++ b/extra/wolfssl/wolfssl/IDE/WIN/README.txt
@@ -3,7 +3,7 @@
First, if you did not get the FIPS files with your archive, you must contact
wolfSSL to obtain them.
-The IDE/WIN/wolfssl-fips.sln solution is for the original FIPS #2425 certificate.
+The IDE/WIN/wolfssl-fips.sln solution is for the original FIPS #2425 certificate.
See IDE/WIN10/wolfssl-fips.sln for the FIPS v2 #3389 or later Visual Studio solution.
# Building the wolfssl-fips project
@@ -30,11 +30,13 @@ The In Core Memory test calculates a checksum (HMAC-SHA256) of the wolfCrypt
FIPS library code and constant data and compares it with a known value in
the code.
-The Randomized Base Address setting needs to be disabled on the 32-bit builds
-but can be enabled on the 64-bit builds. In the 32-bit mode the addresses
-being different throws off the in-core memory calculation. It looks like in
-64-bit mode the library uses all offsets, so the core hash calculation
-is the same every time.
+The following wolfCrypt FIPS project linker settings are required for the DLL Win32 configuration:
+1) The [Randomized Base Address setting (ASLR)](https://learn.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization?view=msvc-170)
+needs to be disabled on all builds as the feature throws off the in-core memory calculation causing the test to fail.
+2) The [Incremental Link](https://learn.microsoft.com/en-us/cpp/build/reference/incremental-link-incrementally?view=msvc-170)
+option need turned off so function pointers go to actual code, not a jump instruction.
+3) The [FixedBaseAddress](https://learn.microsoft.com/en-us/cpp/build/reference/fixed-fixed-base-address?view=msvc-170)
+option to YES, which disables the support for ASLR.
The "verifyCore" check value in the source fips_test.c needs to be updated when
building the code. The POS performs this check and the default failure callback
@@ -71,13 +73,13 @@ These settings are defined in IDE/WIN/user_settings.h.
# Notes on enabling DTLS including DTLS version 1.3
-The file IDE/WIN/user_settings_dtls.h contains the needed build options for
+The file IDE/WIN/user_settings_dtls.h contains the needed build options for
enabling DTLS and DTLS version 1.3.
To incorporate the build options:
* Rename IDE/WIN/user_settings.h to IDE/WIN/user_settings.h.bak
* Rename IDE/WIN/user_settings_dtls.h to IDE/WIN/user_settings.h
-
+
Alternatively, copy the DTLS labeled section from IDE/WIN/user_settings_dtls.h
in to IDE/WIN/user_settings.h. \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj
index 81b3668b..21759755 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj
@@ -111,7 +111,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader />
@@ -130,7 +130,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader />
@@ -147,7 +147,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />
<WarningLevel>Level3</WarningLevel>
@@ -168,7 +168,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />
<WarningLevel>Level3</WarningLevel>
@@ -188,7 +188,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader />
@@ -208,7 +208,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader />
@@ -226,7 +226,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|Win32'">
<ClCompile>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />
<WarningLevel>Level3</WarningLevel>
@@ -246,7 +246,7 @@
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|x64'">
<ClCompile>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<PrecompiledHeader />
<WarningLevel>Level3</WarningLevel>
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h b/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h
index 919924e9..22510894 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h
@@ -37,6 +37,9 @@
#define WC_RSA_BLINDING
#define NO_MULTIBYTE_PRINT
+ #define HAVE_CRL
+ #define HAVE_CRL_MONITOR
+
#if defined(WOLFSSL_LIB)
/* The lib */
#define OPENSSL_EXTRA
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj
index 3bfb4cd3..b91c6efe 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj
@@ -117,11 +117,23 @@
<OutDir>$(SolutionDir)$(Configuration)\$(Platform)\</OutDir>
<IntDir>$(Configuration)\$(Platform)\obj\</IntDir>
</PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<WarningLevel>Level4</WarningLevel>
@@ -133,7 +145,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -146,13 +158,14 @@
<BaseAddress>0x5A000000</BaseAddress>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
<DataExecutionPrevention>false</DataExecutionPrevention>
+ <FixedBaseAddress>true</FixedBaseAddress>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<WarningLevel>Level4</WarningLevel>
@@ -164,7 +177,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -174,7 +187,7 @@
</ClCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
- <RandomizedBaseAddress>true</RandomizedBaseAddress>
+ <RandomizedBaseAddress>false</RandomizedBaseAddress>
<DataExecutionPrevention>false</DataExecutionPrevention>
</Link>
</ItemDefinitionGroup>
@@ -183,7 +196,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<WarningLevel>Level3</WarningLevel>
@@ -196,7 +209,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<WarningLevel>Level3</WarningLevel>
@@ -206,6 +219,7 @@
<AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
<BaseAddress>0x5A000000</BaseAddress>
+ <FixedBaseAddress>true</FixedBaseAddress>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@@ -213,7 +227,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<WarningLevel>Level3</WarningLevel>
@@ -226,7 +240,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<WarningLevel>Level3</WarningLevel>
@@ -234,7 +248,7 @@
</ClCompile>
<Link>
<AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
- <RandomizedBaseAddress>true</RandomizedBaseAddress>
+ <RandomizedBaseAddress>false</RandomizedBaseAddress>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/README.txt b/extra/wolfssl/wolfssl/IDE/WIN10/README.txt
index 80c6ec47..4ef0a145 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/README.txt
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/README.txt
@@ -29,8 +29,13 @@ The In Core Memory test calculates a checksum (HMAC-SHA256) of the wolfCrypt
FIPS library code and constant data and compares it with a known value in
the code.
-The Randomized Base Address setting needs to be disabled on all builds as the
-feature throws off the in-core memory calculation causing the test to fail.
+The following wolfCrypt FIPS project linker settings are required for the DLL Win32 configuration:
+1) The [Randomized Base Address setting (ASLR)](https://learn.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization?view=msvc-170)
+needs to be disabled on all builds as the feature throws off the in-core memory calculation causing the test to fail.
+2) The [Incremental Link](https://learn.microsoft.com/en-us/cpp/build/reference/incremental-link-incrementally?view=msvc-170)
+option need turned off so function pointers go to actual code, not a jump instruction.
+3) The [FixedBaseAddress](https://learn.microsoft.com/en-us/cpp/build/reference/fixed-fixed-base-address?view=msvc-170)
+option to YES, which disables the support for ASLR.
The "verifyCore" check value in the source fips_test.c needs to be updated when
building the code. The POS performs this check and the default failure callback
@@ -39,7 +44,6 @@ value and paste it back into your code in the verifyCore initializer then
rebuild the code. When statically linking, you may have to recalculate your
check value when changing your application.
-
# Build Options
The default build options should be the proper default set of options:
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj
index 850354bb..36657348 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj
@@ -208,7 +208,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;HAVE_FIPS_VERSION=5;HAVE_FIPS_VERSION_MINOR=1;USE_CERT_BUFFERS_2048;USE_CERT_BUFFERS_256;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;HAVE_FIPS_VERSION=5;HAVE_FIPS_VERSION_MINOR=1;USE_CERT_BUFFERS_2048;USE_CERT_BUFFERS_256;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader />
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h b/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h
index 32d747e3..cc1c34ed 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h
@@ -1,6 +1,16 @@
#ifndef _WIN_USER_SETTINGS_H_
#define _WIN_USER_SETTINGS_H_
+/* For FIPS 140-2 3389 build set to "#if 1" */
+#if 0
+#undef HAVE_FIPS
+#define HAVE_FIPS
+#undef HAVE_FIPS_VERSION
+#define HAVE_FIPS_VERSION 2
+#undef HAVE_FIPS_VERSION_MINOR
+#define HAVE_FIPS_VERSION_MINOR 0
+#endif
+
/* Set the following to 1 for WCv5.0-RC12 build. */
#if 0
#undef HAVE_FIPS
@@ -67,8 +77,10 @@
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#define HAVE_PUBLIC_FFDHE
+ #ifdef _WIN64
#define WOLFSSL_AESNI
#define HAVE_INTEL_RDSEED
+ #endif
#define FORCE_FAILURE_RDSEED
#endif /* FIPS v2 */
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc
index 99d539cd..4da10de8 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc
@@ -51,8 +51,8 @@ END
//
VS_VERSION_INFO VERSIONINFO
- FILEVERSION 5,6,3,0
- PRODUCTVERSION 5,6,3,0
+ FILEVERSION 5,6,6,0
+ PRODUCTVERSION 5,6,6,0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
@@ -69,12 +69,12 @@ BEGIN
BEGIN
VALUE "CompanyName", "wolfSSL Inc."
VALUE "FileDescription", "The wolfSSL FIPS embedded SSL library is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set."
- VALUE "FileVersion", "5.6.3.0"
+ VALUE "FileVersion", "5.6.6.0"
VALUE "InternalName", "wolfssl-fips"
- VALUE "LegalCopyright", "Copyright (C) 2022"
+ VALUE "LegalCopyright", "Copyright (C) 2023"
VALUE "OriginalFilename", "wolfssl-fips.dll"
VALUE "ProductName", "wolfSSL FIPS"
- VALUE "ProductVersion", "5.6.3.0"
+ VALUE "ProductVersion", "5.6.6.0"
END
END
BLOCK "VarFileInfo"
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj
index 92d1dda8..5d0122ea 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj
@@ -117,6 +117,18 @@
<OutDir>$(SolutionDir)$(Configuration)\$(Platform)\</OutDir>
<IntDir>$(Configuration)\$(Platform)\$(ProjectName)_obj\</IntDir>
</PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|Win32'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|x64'">
+ <LinkIncremental>false</LinkIncremental>
+ </PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<Optimization>Disabled</Optimization>
@@ -146,6 +158,7 @@
<BaseAddress>0x5A000000</BaseAddress>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
<DataExecutionPrevention>false</DataExecutionPrevention>
+ <FixedBaseAddress>true</FixedBaseAddress>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
@@ -206,6 +219,7 @@
<AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<RandomizedBaseAddress>false</RandomizedBaseAddress>
<BaseAddress>0x5A000000</BaseAddress>
+ <FixedBaseAddress>true</FixedBaseAddress>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@@ -258,6 +272,7 @@
<ClCompile Include="..\..\wolfcrypt\src\hash.c" />
<ClCompile Include="..\..\wolfcrypt\src\hmac.c" />
<ClCompile Include="..\..\wolfcrypt\src\integer.c" />
+ <ClCompile Include="..\..\wolfcrypt\src\pkcs7.c" />
<ClCompile Include="..\..\wolfcrypt\src\tfm.c" />
<ClCompile Include="..\..\src\internal.c" />
<ClCompile Include="..\..\src\wolfio.c" />
diff --git a/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h b/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h
index f4ca1c1d..2c472db8 100644
--- a/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h
@@ -36,7 +36,6 @@
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
#define WOLFSSL_HAVE_SP_ECC
- //#define WOLFSSL_SP_CACHE_RESISTANT
//#define WOLFSSL_SP_MATH /* only SP math - eliminates fast math code */
/* SP Assembly Speedups */
@@ -187,7 +186,7 @@
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h
index 03a51593..28df853c 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h
@@ -194,7 +194,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h
index dfa74249..f7c5693c 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h
@@ -205,7 +205,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h
index cffd801d..031f54b5 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h
@@ -205,7 +205,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h
index 917b6908..aff1e444 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h
@@ -223,7 +223,7 @@ extern "C" {
#else
#undef ALT_ECC_SIZE
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#undef FP_MAX_BITS_ECC
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
index a5905880..63c889fe 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
+++ b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
@@ -96,57 +96,6 @@
521646F51A8A7FF30062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
521646F61A8A7FF30062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
- 521646F81A8A80030062516A /* callbacks.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
- 521646F91A8A80030062516A /* certs_test.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
- 521646FA1A8A80030062516A /* crl.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
- 521646FB1A8A80030062516A /* error-ssl.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
- 521646FC1A8A80030062516A /* internal.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
- 521646FD1A8A80030062516A /* ocsp.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
- 521646FE1A8A80030062516A /* ssl.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
- 521646FF1A8A80030062516A /* test.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
- 521647001A8A80030062516A /* version.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
- 521647011A8A80100062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
- 521647021A8A80100062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
- 521647031A8A80100062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
- 521647041A8A80100062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
- 521647051A8A80100062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
- 521647061A8A80100062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
- 521647071A8A80100062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
- 521647081A8A80100062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
- 521647091A8A80100062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
- 5216470A1A8A80100062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
- 5216470B1A8A80100062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
- 5216470C1A8A80100062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
- 5216470D1A8A80100062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
- 5216470E1A8A80100062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
- 5216470F1A8A80100062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
- 521647101A8A80100062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
- 521647111A8A80100062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
- 521647131A8A80100062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
- 521647141A8A80100062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
- 521647151A8A80100062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
- 521647161A8A80100062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
- 521647171A8A80100062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
- 521647181A8A80100062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
- 521647191A8A80100062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
- 5216471A1A8A80100062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
- 5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
- 5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
- 5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
- 5216471E1A8A80100062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
- 5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
- 521647211A8A80100062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
- 521647221A8A80100062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
- 521647231A8A80100062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
- 521647241A8A80100062516A /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
- 521647251A8A80100062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
- 521647261A8A80100062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
- 521647271A8A80100062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
- 521647281A8A80100062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
- 521647291A8A80100062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
- 5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
- 5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
- 5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
5216481D1A8AC2990062516A /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648101A8AC2990062516A /* aes.c */; };
5216481E1A8AC2990062516A /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648111A8AC2990062516A /* des3.c */; };
5216481F1A8AC2990062516A /* fips_test.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648121A8AC2990062516A /* fips_test.c */; };
@@ -316,57 +265,6 @@
A4A54E641BC5C3E0002866CD /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
A4A54E651BC5C3E0002866CD /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
A4A54E661BC5C3E0002866CD /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
- A4A54E681BC5C3E0002866CD /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
- A4A54E691BC5C3E0002866CD /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
- A4A54E6A1BC5C3E0002866CD /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
- A4A54E6B1BC5C3E0002866CD /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
- A4A54E6C1BC5C3E0002866CD /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
- A4A54E6D1BC5C3E0002866CD /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
- A4A54E6E1BC5C3E0002866CD /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
- A4A54E6F1BC5C3E0002866CD /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
- A4A54E701BC5C3E0002866CD /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
- A4A54E721BC5C3E0002866CD /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
- A4A54E731BC5C3E0002866CD /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
- A4A54E741BC5C3E0002866CD /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
- A4A54E751BC5C3E0002866CD /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
- A4A54E761BC5C3E0002866CD /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
- A4A54E771BC5C3E0002866CD /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
- A4A54E781BC5C3E0002866CD /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
- A4A54E791BC5C3E0002866CD /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
- A4A54E7A1BC5C3E0002866CD /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
- A4A54E7B1BC5C3E0002866CD /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
- A4A54E7C1BC5C3E0002866CD /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
- A4A54E7D1BC5C3E0002866CD /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
- A4A54E7E1BC5C3E0002866CD /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
- A4A54E7F1BC5C3E0002866CD /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
- A4A54E801BC5C3E0002866CD /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
- A4A54E811BC5C3E0002866CD /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
- A4A54E821BC5C3E0002866CD /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
- A4A54E841BC5C3E0002866CD /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
- A4A54E851BC5C3E0002866CD /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
- A4A54E861BC5C3E0002866CD /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
- A4A54E871BC5C3E0002866CD /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
- A4A54E881BC5C3E0002866CD /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
- A4A54E891BC5C3E0002866CD /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
- A4A54E8A1BC5C3E0002866CD /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
- A4A54E8B1BC5C3E0002866CD /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
- A4A54E8C1BC5C3E0002866CD /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
- A4A54E8D1BC5C3E0002866CD /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
- A4A54E8E1BC5C3E0002866CD /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
- A4A54E8F1BC5C3E0002866CD /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
- A4A54E901BC5C3E0002866CD /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
- A4A54E921BC5C3E0002866CD /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
- A4A54E931BC5C3E0002866CD /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
- A4A54E941BC5C3E0002866CD /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
- A4A54E951BC5C3E0002866CD /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
- A4A54E961BC5C3E0002866CD /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
- A4A54E971BC5C3E0002866CD /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
- A4A54E981BC5C3E0002866CD /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
- A4A54E991BC5C3E0002866CD /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
- A4A54E9A1BC5C3E0002866CD /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
- A4A54E9B1BC5C3E0002866CD /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
- A4A54E9C1BC5C3E0002866CD /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
- A4A54E9D1BC5C3E0002866CD /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
/* End PBXBuildFile section */
/* Begin PBXCopyFilesBuildPhase section */
@@ -460,76 +358,6 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
- 521646C21A8A7B3B0062516A /* Copy Files */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl;
- dstSubfolderSpec = 7;
- files = (
- 521646F81A8A80030062516A /* callbacks.h in Copy Files */,
- 521646F91A8A80030062516A /* certs_test.h in Copy Files */,
- 521646FA1A8A80030062516A /* crl.h in Copy Files */,
- 521646FB1A8A80030062516A /* error-ssl.h in Copy Files */,
- 521646FC1A8A80030062516A /* internal.h in Copy Files */,
- 521646FD1A8A80030062516A /* ocsp.h in Copy Files */,
- 521646FE1A8A80030062516A /* ssl.h in Copy Files */,
- 521646FF1A8A80030062516A /* test.h in Copy Files */,
- 521647001A8A80030062516A /* version.h in Copy Files */,
- );
- name = "Copy Files";
- runOnlyForDeploymentPostprocessing = 0;
- };
- 521646C31A8A7B3D0062516A /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl/ctaocrypt;
- dstSubfolderSpec = 7;
- files = (
- 521647011A8A80100062516A /* aes.h in CopyFiles */,
- 521647021A8A80100062516A /* arc4.h in CopyFiles */,
- 521647031A8A80100062516A /* asn_public.h in CopyFiles */,
- 521647041A8A80100062516A /* asn.h in CopyFiles */,
- 521647051A8A80100062516A /* blake2-impl.h in CopyFiles */,
- 521647061A8A80100062516A /* blake2-int.h in CopyFiles */,
- 521647071A8A80100062516A /* blake2.h in CopyFiles */,
- 521647081A8A80100062516A /* camellia.h in CopyFiles */,
- 521647091A8A80100062516A /* chacha.h in CopyFiles */,
- 5216470A1A8A80100062516A /* coding.h in CopyFiles */,
- 5216470B1A8A80100062516A /* compress.h in CopyFiles */,
- 5216470C1A8A80100062516A /* des3.h in CopyFiles */,
- 5216470D1A8A80100062516A /* dh.h in CopyFiles */,
- 5216470E1A8A80100062516A /* dsa.h in CopyFiles */,
- 5216470F1A8A80100062516A /* ecc.h in CopyFiles */,
- 521647101A8A80100062516A /* error-crypt.h in CopyFiles */,
- 521647111A8A80100062516A /* fips_test.h in CopyFiles */,
- 521647131A8A80100062516A /* hmac.h in CopyFiles */,
- 521647141A8A80100062516A /* integer.h in CopyFiles */,
- 521647151A8A80100062516A /* logging.h in CopyFiles */,
- 521647161A8A80100062516A /* md2.h in CopyFiles */,
- 521647171A8A80100062516A /* md4.h in CopyFiles */,
- 521647181A8A80100062516A /* md5.h in CopyFiles */,
- 521647191A8A80100062516A /* memory.h in CopyFiles */,
- 5216471A1A8A80100062516A /* misc.h in CopyFiles */,
- 5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */,
- 5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */,
- 5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */,
- 5216471E1A8A80100062516A /* poly1305.h in CopyFiles */,
- 5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */,
- 521647211A8A80100062516A /* random.h in CopyFiles */,
- 521647221A8A80100062516A /* ripemd.h in CopyFiles */,
- 521647231A8A80100062516A /* rsa.h in CopyFiles */,
- 521647241A8A80100062516A /* settings_comp.h in CopyFiles */,
- 521647251A8A80100062516A /* settings.h in CopyFiles */,
- 521647261A8A80100062516A /* sha.h in CopyFiles */,
- 521647271A8A80100062516A /* sha256.h in CopyFiles */,
- 521647281A8A80100062516A /* sha512.h in CopyFiles */,
- 521647291A8A80100062516A /* tfm.h in CopyFiles */,
- 5216472A1A8A80100062516A /* types.h in CopyFiles */,
- 5216472B1A8A80100062516A /* visibility.h in CopyFiles */,
- 5216472C1A8A80100062516A /* wc_port.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
@@ -618,75 +446,6 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
- A4A54E671BC5C3E0002866CD /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl;
- dstSubfolderSpec = 7;
- files = (
- A4A54E681BC5C3E0002866CD /* callbacks.h in CopyFiles */,
- A4A54E691BC5C3E0002866CD /* certs_test.h in CopyFiles */,
- A4A54E6A1BC5C3E0002866CD /* crl.h in CopyFiles */,
- A4A54E6B1BC5C3E0002866CD /* error-ssl.h in CopyFiles */,
- A4A54E6C1BC5C3E0002866CD /* internal.h in CopyFiles */,
- A4A54E6D1BC5C3E0002866CD /* ocsp.h in CopyFiles */,
- A4A54E6E1BC5C3E0002866CD /* ssl.h in CopyFiles */,
- A4A54E6F1BC5C3E0002866CD /* test.h in CopyFiles */,
- A4A54E701BC5C3E0002866CD /* version.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
- A4A54E711BC5C3E0002866CD /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl/ctaocrypt;
- dstSubfolderSpec = 7;
- files = (
- A4A54E721BC5C3E0002866CD /* aes.h in CopyFiles */,
- A4A54E731BC5C3E0002866CD /* arc4.h in CopyFiles */,
- A4A54E741BC5C3E0002866CD /* asn_public.h in CopyFiles */,
- A4A54E751BC5C3E0002866CD /* asn.h in CopyFiles */,
- A4A54E761BC5C3E0002866CD /* blake2-impl.h in CopyFiles */,
- A4A54E771BC5C3E0002866CD /* blake2-int.h in CopyFiles */,
- A4A54E781BC5C3E0002866CD /* blake2.h in CopyFiles */,
- A4A54E791BC5C3E0002866CD /* camellia.h in CopyFiles */,
- A4A54E7A1BC5C3E0002866CD /* chacha.h in CopyFiles */,
- A4A54E7B1BC5C3E0002866CD /* coding.h in CopyFiles */,
- A4A54E7C1BC5C3E0002866CD /* compress.h in CopyFiles */,
- A4A54E7D1BC5C3E0002866CD /* des3.h in CopyFiles */,
- A4A54E7E1BC5C3E0002866CD /* dh.h in CopyFiles */,
- A4A54E7F1BC5C3E0002866CD /* dsa.h in CopyFiles */,
- A4A54E801BC5C3E0002866CD /* ecc.h in CopyFiles */,
- A4A54E811BC5C3E0002866CD /* error-crypt.h in CopyFiles */,
- A4A54E821BC5C3E0002866CD /* fips_test.h in CopyFiles */,
- A4A54E841BC5C3E0002866CD /* hmac.h in CopyFiles */,
- A4A54E851BC5C3E0002866CD /* integer.h in CopyFiles */,
- A4A54E861BC5C3E0002866CD /* logging.h in CopyFiles */,
- A4A54E871BC5C3E0002866CD /* md2.h in CopyFiles */,
- A4A54E881BC5C3E0002866CD /* md4.h in CopyFiles */,
- A4A54E891BC5C3E0002866CD /* md5.h in CopyFiles */,
- A4A54E8A1BC5C3E0002866CD /* memory.h in CopyFiles */,
- A4A54E8B1BC5C3E0002866CD /* misc.h in CopyFiles */,
- A4A54E8C1BC5C3E0002866CD /* mpi_class.h in CopyFiles */,
- A4A54E8D1BC5C3E0002866CD /* mpi_superclass.h in CopyFiles */,
- A4A54E8E1BC5C3E0002866CD /* pkcs7.h in CopyFiles */,
- A4A54E8F1BC5C3E0002866CD /* poly1305.h in CopyFiles */,
- A4A54E901BC5C3E0002866CD /* pwdbased.h in CopyFiles */,
- A4A54E921BC5C3E0002866CD /* random.h in CopyFiles */,
- A4A54E931BC5C3E0002866CD /* ripemd.h in CopyFiles */,
- A4A54E941BC5C3E0002866CD /* rsa.h in CopyFiles */,
- A4A54E951BC5C3E0002866CD /* settings_comp.h in CopyFiles */,
- A4A54E961BC5C3E0002866CD /* settings.h in CopyFiles */,
- A4A54E971BC5C3E0002866CD /* sha.h in CopyFiles */,
- A4A54E981BC5C3E0002866CD /* sha256.h in CopyFiles */,
- A4A54E991BC5C3E0002866CD /* sha512.h in CopyFiles */,
- A4A54E9A1BC5C3E0002866CD /* tfm.h in CopyFiles */,
- A4A54E9B1BC5C3E0002866CD /* types.h in CopyFiles */,
- A4A54E9C1BC5C3E0002866CD /* visibility.h in CopyFiles */,
- A4A54E9D1BC5C3E0002866CD /* wc_port.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
/* End PBXCopyFilesBuildPhase section */
/* Begin PBXFileReference section */
@@ -779,57 +538,6 @@
521646871A8993770062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../wolfssl/wolfcrypt/types.h; sourceTree = "<group>"; };
521646881A8993770062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../wolfssl/wolfcrypt/visibility.h; sourceTree = "<group>"; };
521646891A8993770062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../wolfssl/wolfcrypt/wc_port.h; sourceTree = "<group>"; };
- 5216468A1A8993BB0062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../cyassl/callbacks.h; sourceTree = "<group>"; };
- 5216468B1A8993BB0062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../cyassl/certs_test.h; sourceTree = "<group>"; };
- 5216468C1A8993BB0062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../cyassl/crl.h; sourceTree = "<group>"; };
- 5216468D1A8993BB0062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../cyassl/error-ssl.h"; sourceTree = "<group>"; };
- 5216468E1A8993BB0062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../cyassl/internal.h; sourceTree = "<group>"; };
- 5216468F1A8993BB0062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../cyassl/ocsp.h; sourceTree = "<group>"; };
- 521646921A8993BB0062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../cyassl/ssl.h; sourceTree = "<group>"; };
- 521646931A8993BB0062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../cyassl/test.h; sourceTree = "<group>"; };
- 521646941A8993BB0062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../cyassl/version.h; sourceTree = "<group>"; };
- 521646951A8993F50062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../cyassl/ctaocrypt/aes.h; sourceTree = "<group>"; };
- 521646961A8993F50062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../cyassl/ctaocrypt/arc4.h; sourceTree = "<group>"; };
- 521646971A8993F50062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../cyassl/ctaocrypt/asn_public.h; sourceTree = "<group>"; };
- 521646981A8993F50062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../cyassl/ctaocrypt/asn.h; sourceTree = "<group>"; };
- 521646991A8993F50062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../cyassl/ctaocrypt/blake2-impl.h"; sourceTree = "<group>"; };
- 5216469A1A8993F50062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../cyassl/ctaocrypt/blake2-int.h"; sourceTree = "<group>"; };
- 5216469B1A8993F50062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../cyassl/ctaocrypt/blake2.h; sourceTree = "<group>"; };
- 5216469C1A8993F50062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../cyassl/ctaocrypt/camellia.h; sourceTree = "<group>"; };
- 5216469D1A8993F50062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../cyassl/ctaocrypt/chacha.h; sourceTree = "<group>"; };
- 5216469E1A8993F50062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../cyassl/ctaocrypt/coding.h; sourceTree = "<group>"; };
- 5216469F1A8993F50062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../cyassl/ctaocrypt/compress.h; sourceTree = "<group>"; };
- 521646A01A8993F50062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../cyassl/ctaocrypt/des3.h; sourceTree = "<group>"; };
- 521646A11A8993F50062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../cyassl/ctaocrypt/dh.h; sourceTree = "<group>"; };
- 521646A21A8993F50062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../cyassl/ctaocrypt/dsa.h; sourceTree = "<group>"; };
- 521646A31A8993F50062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../cyassl/ctaocrypt/ecc.h; sourceTree = "<group>"; };
- 521646A41A8993F50062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../cyassl/ctaocrypt/error-crypt.h"; sourceTree = "<group>"; };
- 521646A51A8993F50062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../cyassl/ctaocrypt/fips_test.h; sourceTree = "<group>"; };
- 521646A71A8993F50062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../cyassl/ctaocrypt/hmac.h; sourceTree = "<group>"; };
- 521646A81A8993F50062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../cyassl/ctaocrypt/integer.h; sourceTree = "<group>"; };
- 521646A91A8993F50062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../cyassl/ctaocrypt/logging.h; sourceTree = "<group>"; };
- 521646AA1A8993F50062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../cyassl/ctaocrypt/md2.h; sourceTree = "<group>"; };
- 521646AB1A8993F50062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../cyassl/ctaocrypt/md4.h; sourceTree = "<group>"; };
- 521646AC1A8993F50062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../cyassl/ctaocrypt/md5.h; sourceTree = "<group>"; };
- 521646AD1A8993F50062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../cyassl/ctaocrypt/memory.h; sourceTree = "<group>"; };
- 521646AE1A8993F50062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../cyassl/ctaocrypt/misc.h; sourceTree = "<group>"; };
- 521646AF1A8993F50062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../cyassl/ctaocrypt/mpi_class.h; sourceTree = "<group>"; };
- 521646B01A8993F50062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../cyassl/ctaocrypt/mpi_superclass.h; sourceTree = "<group>"; };
- 521646B11A8993F50062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../cyassl/ctaocrypt/pkcs7.h; sourceTree = "<group>"; };
- 521646B21A8993F50062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../cyassl/ctaocrypt/poly1305.h; sourceTree = "<group>"; };
- 521646B31A8993F50062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../cyassl/ctaocrypt/pwdbased.h; sourceTree = "<group>"; };
- 521646B51A8993F50062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../cyassl/ctaocrypt/random.h; sourceTree = "<group>"; };
- 521646B61A8993F50062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../cyassl/ctaocrypt/ripemd.h; sourceTree = "<group>"; };
- 521646B71A8993F50062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../cyassl/ctaocrypt/rsa.h; sourceTree = "<group>"; };
- 521646B81A8993F50062516A /* settings_comp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings_comp.h; path = ../../cyassl/ctaocrypt/settings_comp.h; sourceTree = "<group>"; };
- 521646B91A8993F50062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../cyassl/ctaocrypt/settings.h; sourceTree = "<group>"; };
- 521646BA1A8993F50062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../cyassl/ctaocrypt/sha.h; sourceTree = "<group>"; };
- 521646BB1A8993F50062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../cyassl/ctaocrypt/sha256.h; sourceTree = "<group>"; };
- 521646BC1A8993F50062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../cyassl/ctaocrypt/sha512.h; sourceTree = "<group>"; };
- 521646BD1A8993F50062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../cyassl/ctaocrypt/tfm.h; sourceTree = "<group>"; };
- 521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = "<group>"; };
- 521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = "<group>"; };
- 521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = "<group>"; };
521648101A8AC2990062516A /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = ../../ctaocrypt/src/aes.c; sourceTree = "<group>"; };
521648111A8AC2990062516A /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = ../../ctaocrypt/src/des3.c; sourceTree = "<group>"; };
521648121A8AC2990062516A /* fips_test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fips_test.c; path = ../../ctaocrypt/src/fips_test.c; sourceTree = "<group>"; };
@@ -917,77 +625,10 @@
children = (
521645F91A89916E0062516A /* wolfSSL */,
521645F81A89916A0062516A /* wolfCrypt */,
- 521645F71A8991680062516A /* CyaSSL */,
- 521645F61A8991640062516A /* CtaoCrypt */,
);
name = Headers;
sourceTree = SOURCE_ROOT;
};
- 521645F61A8991640062516A /* CtaoCrypt */ = {
- isa = PBXGroup;
- children = (
- 521646951A8993F50062516A /* aes.h */,
- 521646961A8993F50062516A /* arc4.h */,
- 521646971A8993F50062516A /* asn_public.h */,
- 521646981A8993F50062516A /* asn.h */,
- 521646991A8993F50062516A /* blake2-impl.h */,
- 5216469A1A8993F50062516A /* blake2-int.h */,
- 5216469B1A8993F50062516A /* blake2.h */,
- 5216469C1A8993F50062516A /* camellia.h */,
- 5216469D1A8993F50062516A /* chacha.h */,
- 5216469E1A8993F50062516A /* coding.h */,
- 5216469F1A8993F50062516A /* compress.h */,
- 521646A01A8993F50062516A /* des3.h */,
- 521646A11A8993F50062516A /* dh.h */,
- 521646A21A8993F50062516A /* dsa.h */,
- 521646A31A8993F50062516A /* ecc.h */,
- 521646A41A8993F50062516A /* error-crypt.h */,
- 521646A51A8993F50062516A /* fips_test.h */,
- 521646A71A8993F50062516A /* hmac.h */,
- 521646A81A8993F50062516A /* integer.h */,
- 521646A91A8993F50062516A /* logging.h */,
- 521646AA1A8993F50062516A /* md2.h */,
- 521646AB1A8993F50062516A /* md4.h */,
- 521646AC1A8993F50062516A /* md5.h */,
- 521646AD1A8993F50062516A /* memory.h */,
- 521646AE1A8993F50062516A /* misc.h */,
- 521646AF1A8993F50062516A /* mpi_class.h */,
- 521646B01A8993F50062516A /* mpi_superclass.h */,
- 521646B11A8993F50062516A /* pkcs7.h */,
- 521646B21A8993F50062516A /* poly1305.h */,
- 521646B31A8993F50062516A /* pwdbased.h */,
- 521646B51A8993F50062516A /* random.h */,
- 521646B61A8993F50062516A /* ripemd.h */,
- 521646B71A8993F50062516A /* rsa.h */,
- 521646B81A8993F50062516A /* settings_comp.h */,
- 521646B91A8993F50062516A /* settings.h */,
- 521646BA1A8993F50062516A /* sha.h */,
- 521646BB1A8993F50062516A /* sha256.h */,
- 521646BC1A8993F50062516A /* sha512.h */,
- 521646BD1A8993F50062516A /* tfm.h */,
- 521646BE1A8993F50062516A /* types.h */,
- 521646BF1A8993F50062516A /* visibility.h */,
- 521646C01A8993F50062516A /* wc_port.h */,
- );
- name = CtaoCrypt;
- sourceTree = SOURCE_ROOT;
- };
- 521645F71A8991680062516A /* CyaSSL */ = {
- isa = PBXGroup;
- children = (
- 5216468A1A8993BB0062516A /* callbacks.h */,
- 5216468B1A8993BB0062516A /* certs_test.h */,
- 5216468C1A8993BB0062516A /* crl.h */,
- 5216468D1A8993BB0062516A /* error-ssl.h */,
- 5216468E1A8993BB0062516A /* internal.h */,
- 5216468F1A8993BB0062516A /* ocsp.h */,
- 521646921A8993BB0062516A /* ssl.h */,
- 521646931A8993BB0062516A /* test.h */,
- 521646941A8993BB0062516A /* version.h */,
- );
- name = CyaSSL;
- sourceTree = SOURCE_ROOT;
- };
521645F81A89916A0062516A /* wolfCrypt */ = {
isa = PBXGroup;
children = (
@@ -1210,8 +851,6 @@
52B1344A16F3C9E800C07B32 /* Frameworks */,
52B1344B16F3C9E800C07B32 /* CopyFiles */,
521646C11A8A7B380062516A /* CopyFiles */,
- 521646C21A8A7B3B0062516A /* Copy Files */,
- 521646C31A8A7B3D0062516A /* CopyFiles */,
52B1344916F3C9E800C07B32 /* Sources */,
);
buildRules = (
@@ -1231,8 +870,6 @@
A4A54E2E1BC5C3E0002866CD /* Frameworks */,
A4A54E2F1BC5C3E0002866CD /* CopyFiles */,
A4A54E391BC5C3E0002866CD /* CopyFiles */,
- A4A54E671BC5C3E0002866CD /* CopyFiles */,
- A4A54E711BC5C3E0002866CD /* CopyFiles */,
);
buildRules = (
);
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj
index 7c135155..33c55dcc 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj
+++ b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj
@@ -114,57 +114,6 @@
30B060B51C6DDB6200D46008 /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
30B060B61C6DDB6200D46008 /* wc_encrypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 522DBE0E1B7927290031F454 /* wc_encrypt.h */; };
30B060B71C6DDB6200D46008 /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
- 30B060B81C6DDB7D00D46008 /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
- 30B060B91C6DDB7D00D46008 /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
- 30B060BA1C6DDB7D00D46008 /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
- 30B060BB1C6DDB7D00D46008 /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
- 30B060BC1C6DDB7D00D46008 /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
- 30B060BD1C6DDB7D00D46008 /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
- 30B060BE1C6DDB7D00D46008 /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
- 30B060BF1C6DDB7D00D46008 /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
- 30B060C01C6DDB7D00D46008 /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
- 30B060C11C6DDB9800D46008 /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
- 30B060C21C6DDB9800D46008 /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
- 30B060C31C6DDB9800D46008 /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
- 30B060C41C6DDB9800D46008 /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
- 30B060C51C6DDB9800D46008 /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
- 30B060C61C6DDB9800D46008 /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
- 30B060C71C6DDB9800D46008 /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
- 30B060C81C6DDB9800D46008 /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
- 30B060C91C6DDB9800D46008 /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
- 30B060CA1C6DDB9800D46008 /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
- 30B060CB1C6DDB9800D46008 /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
- 30B060CC1C6DDB9800D46008 /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
- 30B060CD1C6DDB9800D46008 /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
- 30B060CE1C6DDB9800D46008 /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
- 30B060CF1C6DDB9800D46008 /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
- 30B060D01C6DDB9800D46008 /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
- 30B060D11C6DDB9800D46008 /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
- 30B060D31C6DDB9800D46008 /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
- 30B060D41C6DDB9800D46008 /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
- 30B060D51C6DDB9800D46008 /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
- 30B060D61C6DDB9800D46008 /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
- 30B060D71C6DDB9800D46008 /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
- 30B060D81C6DDB9800D46008 /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
- 30B060D91C6DDB9800D46008 /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
- 30B060DA1C6DDB9800D46008 /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
- 30B060DB1C6DDB9800D46008 /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
- 30B060DC1C6DDB9800D46008 /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
- 30B060DD1C6DDB9800D46008 /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
- 30B060DE1C6DDB9800D46008 /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
- 30B060DF1C6DDB9800D46008 /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
- 30B060E11C6DDB9800D46008 /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
- 30B060E21C6DDB9800D46008 /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
- 30B060E31C6DDB9800D46008 /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
- 30B060E41C6DDB9800D46008 /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
- 30B060E51C6DDB9800D46008 /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
- 30B060E61C6DDB9800D46008 /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
- 30B060E71C6DDB9800D46008 /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
- 30B060E81C6DDB9800D46008 /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
- 30B060E91C6DDB9800D46008 /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
- 30B060EA1C6DDB9800D46008 /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
- 30B060EB1C6DDB9800D46008 /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
- 30B060EC1C6DDB9800D46008 /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
520775A32239ABBE00087711 /* sp_c32.c in Sources */ = {isa = PBXBuildFile; fileRef = 1E8BEB70212F4C340063DCC1 /* sp_c32.c */; };
520775A42239ABBE00087711 /* sp_c32.c in Sources */ = {isa = PBXBuildFile; fileRef = 1E8BEB70212F4C340063DCC1 /* sp_c32.c */; };
520775A52239ABBE00087711 /* sp_c32.c in Sources */ = {isa = PBXBuildFile; fileRef = 1E8BEB70212F4C340063DCC1 /* sp_c32.c */; };
@@ -289,57 +238,6 @@
521646F51A8A7FF30062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
521646F61A8A7FF30062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
- 521646F81A8A80030062516A /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
- 521646F91A8A80030062516A /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
- 521646FA1A8A80030062516A /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
- 521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
- 521646FC1A8A80030062516A /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
- 521646FD1A8A80030062516A /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
- 521646FE1A8A80030062516A /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
- 521646FF1A8A80030062516A /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
- 521647001A8A80030062516A /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
- 521647011A8A80100062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
- 521647021A8A80100062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
- 521647031A8A80100062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
- 521647041A8A80100062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
- 521647051A8A80100062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
- 521647061A8A80100062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
- 521647071A8A80100062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
- 521647081A8A80100062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
- 521647091A8A80100062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
- 5216470A1A8A80100062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
- 5216470B1A8A80100062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
- 5216470C1A8A80100062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
- 5216470D1A8A80100062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
- 5216470E1A8A80100062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
- 5216470F1A8A80100062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
- 521647101A8A80100062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
- 521647111A8A80100062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
- 521647131A8A80100062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
- 521647141A8A80100062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
- 521647151A8A80100062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
- 521647161A8A80100062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
- 521647171A8A80100062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
- 521647181A8A80100062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
- 521647191A8A80100062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
- 5216471A1A8A80100062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
- 5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
- 5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
- 5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
- 5216471E1A8A80100062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
- 5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
- 521647211A8A80100062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
- 521647221A8A80100062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
- 521647231A8A80100062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
- 521647241A8A80100062516A /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
- 521647251A8A80100062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
- 521647261A8A80100062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
- 521647271A8A80100062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
- 521647281A8A80100062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
- 521647291A8A80100062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
- 5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
- 5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
- 5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
522DBE0D1B7926FB0031F454 /* wc_encrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 522DBE0C1B7926FB0031F454 /* wc_encrypt.c */; };
522DBE0F1B7927A50031F454 /* wc_encrypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 522DBE0E1B7927290031F454 /* wc_encrypt.h */; };
525BE5341B3869110054BBCD /* hash.c in Sources */ = {isa = PBXBuildFile; fileRef = 525BE5331B3869110054BBCD /* hash.c */; };
@@ -634,57 +532,6 @@
A4F318B11BC58B1700FDF2BB /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
A4F318B21BC58B1700FDF2BB /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
A4F318B31BC58B1700FDF2BB /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
- A4F318B51BC58B1700FDF2BB /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
- A4F318B61BC58B1700FDF2BB /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
- A4F318B71BC58B1700FDF2BB /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
- A4F318B81BC58B1700FDF2BB /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
- A4F318B91BC58B1700FDF2BB /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
- A4F318BA1BC58B1700FDF2BB /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
- A4F318BB1BC58B1700FDF2BB /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
- A4F318BC1BC58B1700FDF2BB /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
- A4F318BD1BC58B1700FDF2BB /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
- A4F318BF1BC58B1700FDF2BB /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
- A4F318C01BC58B1700FDF2BB /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
- A4F318C11BC58B1700FDF2BB /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
- A4F318C21BC58B1700FDF2BB /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
- A4F318C31BC58B1700FDF2BB /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
- A4F318C41BC58B1700FDF2BB /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
- A4F318C51BC58B1700FDF2BB /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
- A4F318C61BC58B1700FDF2BB /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
- A4F318C71BC58B1700FDF2BB /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
- A4F318C81BC58B1700FDF2BB /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
- A4F318C91BC58B1700FDF2BB /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
- A4F318CA1BC58B1700FDF2BB /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
- A4F318CB1BC58B1700FDF2BB /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
- A4F318CC1BC58B1700FDF2BB /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
- A4F318CD1BC58B1700FDF2BB /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
- A4F318CE1BC58B1700FDF2BB /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
- A4F318CF1BC58B1700FDF2BB /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
- A4F318D11BC58B1700FDF2BB /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
- A4F318D21BC58B1700FDF2BB /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
- A4F318D31BC58B1700FDF2BB /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
- A4F318D41BC58B1700FDF2BB /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
- A4F318D51BC58B1700FDF2BB /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
- A4F318D61BC58B1700FDF2BB /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
- A4F318D71BC58B1700FDF2BB /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
- A4F318D81BC58B1700FDF2BB /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
- A4F318D91BC58B1700FDF2BB /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
- A4F318DA1BC58B1700FDF2BB /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
- A4F318DB1BC58B1700FDF2BB /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
- A4F318DC1BC58B1700FDF2BB /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
- A4F318DD1BC58B1700FDF2BB /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
- A4F318DF1BC58B1700FDF2BB /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
- A4F318E01BC58B1700FDF2BB /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
- A4F318E11BC58B1700FDF2BB /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
- A4F318E21BC58B1700FDF2BB /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
- A4F318E31BC58B1700FDF2BB /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
- A4F318E41BC58B1700FDF2BB /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
- A4F318E51BC58B1700FDF2BB /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
- A4F318E61BC58B1700FDF2BB /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
- A4F318E71BC58B1700FDF2BB /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
- A4F318E81BC58B1700FDF2BB /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
- A4F318E91BC58B1700FDF2BB /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
- A4F318EA1BC58B1700FDF2BB /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
/* End PBXBuildFile section */
/* Begin PBXCopyFilesBuildPhase section */
@@ -761,75 +608,6 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
- 30B060891C6DDB5400D46008 /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl;
- dstSubfolderSpec = 7;
- files = (
- 30B060B81C6DDB7D00D46008 /* callbacks.h in CopyFiles */,
- 30B060B91C6DDB7D00D46008 /* certs_test.h in CopyFiles */,
- 30B060BA1C6DDB7D00D46008 /* crl.h in CopyFiles */,
- 30B060BB1C6DDB7D00D46008 /* error-ssl.h in CopyFiles */,
- 30B060BC1C6DDB7D00D46008 /* internal.h in CopyFiles */,
- 30B060BD1C6DDB7D00D46008 /* ocsp.h in CopyFiles */,
- 30B060BE1C6DDB7D00D46008 /* ssl.h in CopyFiles */,
- 30B060BF1C6DDB7D00D46008 /* test.h in CopyFiles */,
- 30B060C01C6DDB7D00D46008 /* version.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
- 30B0608A1C6DDB5500D46008 /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl/ctaocrypt;
- dstSubfolderSpec = 7;
- files = (
- 30B060C11C6DDB9800D46008 /* aes.h in CopyFiles */,
- 30B060C21C6DDB9800D46008 /* arc4.h in CopyFiles */,
- 30B060C31C6DDB9800D46008 /* asn_public.h in CopyFiles */,
- 30B060C41C6DDB9800D46008 /* asn.h in CopyFiles */,
- 30B060C51C6DDB9800D46008 /* blake2-impl.h in CopyFiles */,
- 30B060C61C6DDB9800D46008 /* blake2-int.h in CopyFiles */,
- 30B060C71C6DDB9800D46008 /* blake2.h in CopyFiles */,
- 30B060C81C6DDB9800D46008 /* camellia.h in CopyFiles */,
- 30B060C91C6DDB9800D46008 /* chacha.h in CopyFiles */,
- 30B060CA1C6DDB9800D46008 /* coding.h in CopyFiles */,
- 30B060CB1C6DDB9800D46008 /* compress.h in CopyFiles */,
- 30B060CC1C6DDB9800D46008 /* des3.h in CopyFiles */,
- 30B060CD1C6DDB9800D46008 /* dh.h in CopyFiles */,
- 30B060CE1C6DDB9800D46008 /* dsa.h in CopyFiles */,
- 30B060CF1C6DDB9800D46008 /* ecc.h in CopyFiles */,
- 30B060D01C6DDB9800D46008 /* error-crypt.h in CopyFiles */,
- 30B060D11C6DDB9800D46008 /* fips_test.h in CopyFiles */,
- 30B060D31C6DDB9800D46008 /* hmac.h in CopyFiles */,
- 30B060D41C6DDB9800D46008 /* integer.h in CopyFiles */,
- 30B060D51C6DDB9800D46008 /* logging.h in CopyFiles */,
- 30B060D61C6DDB9800D46008 /* md2.h in CopyFiles */,
- 30B060D71C6DDB9800D46008 /* md4.h in CopyFiles */,
- 30B060D81C6DDB9800D46008 /* md5.h in CopyFiles */,
- 30B060D91C6DDB9800D46008 /* memory.h in CopyFiles */,
- 30B060DA1C6DDB9800D46008 /* misc.h in CopyFiles */,
- 30B060DB1C6DDB9800D46008 /* mpi_class.h in CopyFiles */,
- 30B060DC1C6DDB9800D46008 /* mpi_superclass.h in CopyFiles */,
- 30B060DD1C6DDB9800D46008 /* pkcs7.h in CopyFiles */,
- 30B060DE1C6DDB9800D46008 /* poly1305.h in CopyFiles */,
- 30B060DF1C6DDB9800D46008 /* pwdbased.h in CopyFiles */,
- 30B060E11C6DDB9800D46008 /* random.h in CopyFiles */,
- 30B060E21C6DDB9800D46008 /* ripemd.h in CopyFiles */,
- 30B060E31C6DDB9800D46008 /* rsa.h in CopyFiles */,
- 30B060E41C6DDB9800D46008 /* settings_comp.h in CopyFiles */,
- 30B060E51C6DDB9800D46008 /* settings.h in CopyFiles */,
- 30B060E61C6DDB9800D46008 /* sha.h in CopyFiles */,
- 30B060E71C6DDB9800D46008 /* sha256.h in CopyFiles */,
- 30B060E81C6DDB9800D46008 /* sha512.h in CopyFiles */,
- 30B060E91C6DDB9800D46008 /* tfm.h in CopyFiles */,
- 30B060EA1C6DDB9800D46008 /* types.h in CopyFiles */,
- 30B060EB1C6DDB9800D46008 /* visibility.h in CopyFiles */,
- 30B060EC1C6DDB9800D46008 /* wc_port.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
521646C11A8A7B380062516A /* CopyFiles */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
@@ -920,75 +698,6 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
- 521646C21A8A7B3B0062516A /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl;
- dstSubfolderSpec = 7;
- files = (
- 521646F81A8A80030062516A /* callbacks.h in CopyFiles */,
- 521646F91A8A80030062516A /* certs_test.h in CopyFiles */,
- 521646FA1A8A80030062516A /* crl.h in CopyFiles */,
- 521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */,
- 521646FC1A8A80030062516A /* internal.h in CopyFiles */,
- 521646FD1A8A80030062516A /* ocsp.h in CopyFiles */,
- 521646FE1A8A80030062516A /* ssl.h in CopyFiles */,
- 521646FF1A8A80030062516A /* test.h in CopyFiles */,
- 521647001A8A80030062516A /* version.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
- 521646C31A8A7B3D0062516A /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl/ctaocrypt;
- dstSubfolderSpec = 7;
- files = (
- 521647011A8A80100062516A /* aes.h in CopyFiles */,
- 521647021A8A80100062516A /* arc4.h in CopyFiles */,
- 521647031A8A80100062516A /* asn_public.h in CopyFiles */,
- 521647041A8A80100062516A /* asn.h in CopyFiles */,
- 521647051A8A80100062516A /* blake2-impl.h in CopyFiles */,
- 521647061A8A80100062516A /* blake2-int.h in CopyFiles */,
- 521647071A8A80100062516A /* blake2.h in CopyFiles */,
- 521647081A8A80100062516A /* camellia.h in CopyFiles */,
- 521647091A8A80100062516A /* chacha.h in CopyFiles */,
- 5216470A1A8A80100062516A /* coding.h in CopyFiles */,
- 5216470B1A8A80100062516A /* compress.h in CopyFiles */,
- 5216470C1A8A80100062516A /* des3.h in CopyFiles */,
- 5216470D1A8A80100062516A /* dh.h in CopyFiles */,
- 5216470E1A8A80100062516A /* dsa.h in CopyFiles */,
- 5216470F1A8A80100062516A /* ecc.h in CopyFiles */,
- 521647101A8A80100062516A /* error-crypt.h in CopyFiles */,
- 521647111A8A80100062516A /* fips_test.h in CopyFiles */,
- 521647131A8A80100062516A /* hmac.h in CopyFiles */,
- 521647141A8A80100062516A /* integer.h in CopyFiles */,
- 521647151A8A80100062516A /* logging.h in CopyFiles */,
- 521647161A8A80100062516A /* md2.h in CopyFiles */,
- 521647171A8A80100062516A /* md4.h in CopyFiles */,
- 521647181A8A80100062516A /* md5.h in CopyFiles */,
- 521647191A8A80100062516A /* memory.h in CopyFiles */,
- 5216471A1A8A80100062516A /* misc.h in CopyFiles */,
- 5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */,
- 5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */,
- 5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */,
- 5216471E1A8A80100062516A /* poly1305.h in CopyFiles */,
- 5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */,
- 521647211A8A80100062516A /* random.h in CopyFiles */,
- 521647221A8A80100062516A /* ripemd.h in CopyFiles */,
- 521647231A8A80100062516A /* rsa.h in CopyFiles */,
- 521647241A8A80100062516A /* settings_comp.h in CopyFiles */,
- 521647251A8A80100062516A /* settings.h in CopyFiles */,
- 521647261A8A80100062516A /* sha.h in CopyFiles */,
- 521647271A8A80100062516A /* sha256.h in CopyFiles */,
- 521647281A8A80100062516A /* sha512.h in CopyFiles */,
- 521647291A8A80100062516A /* tfm.h in CopyFiles */,
- 5216472A1A8A80100062516A /* types.h in CopyFiles */,
- 5216472B1A8A80100062516A /* visibility.h in CopyFiles */,
- 5216472C1A8A80100062516A /* wc_port.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
@@ -1150,75 +859,6 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
- A4F318B41BC58B1700FDF2BB /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl;
- dstSubfolderSpec = 7;
- files = (
- A4F318B51BC58B1700FDF2BB /* callbacks.h in CopyFiles */,
- A4F318B61BC58B1700FDF2BB /* certs_test.h in CopyFiles */,
- A4F318B71BC58B1700FDF2BB /* crl.h in CopyFiles */,
- A4F318B81BC58B1700FDF2BB /* error-ssl.h in CopyFiles */,
- A4F318B91BC58B1700FDF2BB /* internal.h in CopyFiles */,
- A4F318BA1BC58B1700FDF2BB /* ocsp.h in CopyFiles */,
- A4F318BB1BC58B1700FDF2BB /* ssl.h in CopyFiles */,
- A4F318BC1BC58B1700FDF2BB /* test.h in CopyFiles */,
- A4F318BD1BC58B1700FDF2BB /* version.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
- A4F318BE1BC58B1700FDF2BB /* CopyFiles */ = {
- isa = PBXCopyFilesBuildPhase;
- buildActionMask = 2147483647;
- dstPath = include/cyassl/ctaocrypt;
- dstSubfolderSpec = 7;
- files = (
- A4F318BF1BC58B1700FDF2BB /* aes.h in CopyFiles */,
- A4F318C01BC58B1700FDF2BB /* arc4.h in CopyFiles */,
- A4F318C11BC58B1700FDF2BB /* asn_public.h in CopyFiles */,
- A4F318C21BC58B1700FDF2BB /* asn.h in CopyFiles */,
- A4F318C31BC58B1700FDF2BB /* blake2-impl.h in CopyFiles */,
- A4F318C41BC58B1700FDF2BB /* blake2-int.h in CopyFiles */,
- A4F318C51BC58B1700FDF2BB /* blake2.h in CopyFiles */,
- A4F318C61BC58B1700FDF2BB /* camellia.h in CopyFiles */,
- A4F318C71BC58B1700FDF2BB /* chacha.h in CopyFiles */,
- A4F318C81BC58B1700FDF2BB /* coding.h in CopyFiles */,
- A4F318C91BC58B1700FDF2BB /* compress.h in CopyFiles */,
- A4F318CA1BC58B1700FDF2BB /* des3.h in CopyFiles */,
- A4F318CB1BC58B1700FDF2BB /* dh.h in CopyFiles */,
- A4F318CC1BC58B1700FDF2BB /* dsa.h in CopyFiles */,
- A4F318CD1BC58B1700FDF2BB /* ecc.h in CopyFiles */,
- A4F318CE1BC58B1700FDF2BB /* error-crypt.h in CopyFiles */,
- A4F318CF1BC58B1700FDF2BB /* fips_test.h in CopyFiles */,
- A4F318D11BC58B1700FDF2BB /* hmac.h in CopyFiles */,
- A4F318D21BC58B1700FDF2BB /* integer.h in CopyFiles */,
- A4F318D31BC58B1700FDF2BB /* logging.h in CopyFiles */,
- A4F318D41BC58B1700FDF2BB /* md2.h in CopyFiles */,
- A4F318D51BC58B1700FDF2BB /* md4.h in CopyFiles */,
- A4F318D61BC58B1700FDF2BB /* md5.h in CopyFiles */,
- A4F318D71BC58B1700FDF2BB /* memory.h in CopyFiles */,
- A4F318D81BC58B1700FDF2BB /* misc.h in CopyFiles */,
- A4F318D91BC58B1700FDF2BB /* mpi_class.h in CopyFiles */,
- A4F318DA1BC58B1700FDF2BB /* mpi_superclass.h in CopyFiles */,
- A4F318DB1BC58B1700FDF2BB /* pkcs7.h in CopyFiles */,
- A4F318DC1BC58B1700FDF2BB /* poly1305.h in CopyFiles */,
- A4F318DD1BC58B1700FDF2BB /* pwdbased.h in CopyFiles */,
- A4F318DF1BC58B1700FDF2BB /* random.h in CopyFiles */,
- A4F318E01BC58B1700FDF2BB /* ripemd.h in CopyFiles */,
- A4F318E11BC58B1700FDF2BB /* rsa.h in CopyFiles */,
- A4F318E21BC58B1700FDF2BB /* settings_comp.h in CopyFiles */,
- A4F318E31BC58B1700FDF2BB /* settings.h in CopyFiles */,
- A4F318E41BC58B1700FDF2BB /* sha.h in CopyFiles */,
- A4F318E51BC58B1700FDF2BB /* sha256.h in CopyFiles */,
- A4F318E61BC58B1700FDF2BB /* sha512.h in CopyFiles */,
- A4F318E71BC58B1700FDF2BB /* tfm.h in CopyFiles */,
- A4F318E81BC58B1700FDF2BB /* types.h in CopyFiles */,
- A4F318E91BC58B1700FDF2BB /* visibility.h in CopyFiles */,
- A4F318EA1BC58B1700FDF2BB /* wc_port.h in CopyFiles */,
- );
- runOnlyForDeploymentPostprocessing = 0;
- };
/* End PBXCopyFilesBuildPhase section */
/* Begin PBXFileReference section */
@@ -1329,57 +969,6 @@
521646871A8993770062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../wolfssl/wolfcrypt/types.h; sourceTree = "<group>"; };
521646881A8993770062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../wolfssl/wolfcrypt/visibility.h; sourceTree = "<group>"; };
521646891A8993770062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../wolfssl/wolfcrypt/wc_port.h; sourceTree = "<group>"; };
- 5216468A1A8993BB0062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../cyassl/callbacks.h; sourceTree = "<group>"; };
- 5216468B1A8993BB0062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../cyassl/certs_test.h; sourceTree = "<group>"; };
- 5216468C1A8993BB0062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../cyassl/crl.h; sourceTree = "<group>"; };
- 5216468D1A8993BB0062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../cyassl/error-ssl.h"; sourceTree = "<group>"; };
- 5216468E1A8993BB0062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../cyassl/internal.h; sourceTree = "<group>"; };
- 5216468F1A8993BB0062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../cyassl/ocsp.h; sourceTree = "<group>"; };
- 521646921A8993BB0062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../cyassl/ssl.h; sourceTree = "<group>"; };
- 521646931A8993BB0062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../cyassl/test.h; sourceTree = "<group>"; };
- 521646941A8993BB0062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../cyassl/version.h; sourceTree = "<group>"; };
- 521646951A8993F50062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../cyassl/ctaocrypt/aes.h; sourceTree = "<group>"; };
- 521646961A8993F50062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../cyassl/ctaocrypt/arc4.h; sourceTree = "<group>"; };
- 521646971A8993F50062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../cyassl/ctaocrypt/asn_public.h; sourceTree = "<group>"; };
- 521646981A8993F50062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../cyassl/ctaocrypt/asn.h; sourceTree = "<group>"; };
- 521646991A8993F50062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../cyassl/ctaocrypt/blake2-impl.h"; sourceTree = "<group>"; };
- 5216469A1A8993F50062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../cyassl/ctaocrypt/blake2-int.h"; sourceTree = "<group>"; };
- 5216469B1A8993F50062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../cyassl/ctaocrypt/blake2.h; sourceTree = "<group>"; };
- 5216469C1A8993F50062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../cyassl/ctaocrypt/camellia.h; sourceTree = "<group>"; };
- 5216469D1A8993F50062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../cyassl/ctaocrypt/chacha.h; sourceTree = "<group>"; };
- 5216469E1A8993F50062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../cyassl/ctaocrypt/coding.h; sourceTree = "<group>"; };
- 5216469F1A8993F50062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../cyassl/ctaocrypt/compress.h; sourceTree = "<group>"; };
- 521646A01A8993F50062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../cyassl/ctaocrypt/des3.h; sourceTree = "<group>"; };
- 521646A11A8993F50062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../cyassl/ctaocrypt/dh.h; sourceTree = "<group>"; };
- 521646A21A8993F50062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../cyassl/ctaocrypt/dsa.h; sourceTree = "<group>"; };
- 521646A31A8993F50062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../cyassl/ctaocrypt/ecc.h; sourceTree = "<group>"; };
- 521646A41A8993F50062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../cyassl/ctaocrypt/error-crypt.h"; sourceTree = "<group>"; };
- 521646A51A8993F50062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../cyassl/ctaocrypt/fips_test.h; sourceTree = "<group>"; };
- 521646A71A8993F50062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../cyassl/ctaocrypt/hmac.h; sourceTree = "<group>"; };
- 521646A81A8993F50062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../cyassl/ctaocrypt/integer.h; sourceTree = "<group>"; };
- 521646A91A8993F50062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../cyassl/ctaocrypt/logging.h; sourceTree = "<group>"; };
- 521646AA1A8993F50062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../cyassl/ctaocrypt/md2.h; sourceTree = "<group>"; };
- 521646AB1A8993F50062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../cyassl/ctaocrypt/md4.h; sourceTree = "<group>"; };
- 521646AC1A8993F50062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../cyassl/ctaocrypt/md5.h; sourceTree = "<group>"; };
- 521646AD1A8993F50062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../cyassl/ctaocrypt/memory.h; sourceTree = "<group>"; };
- 521646AE1A8993F50062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../cyassl/ctaocrypt/misc.h; sourceTree = "<group>"; };
- 521646AF1A8993F50062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../cyassl/ctaocrypt/mpi_class.h; sourceTree = "<group>"; };
- 521646B01A8993F50062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../cyassl/ctaocrypt/mpi_superclass.h; sourceTree = "<group>"; };
- 521646B11A8993F50062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../cyassl/ctaocrypt/pkcs7.h; sourceTree = "<group>"; };
- 521646B21A8993F50062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../cyassl/ctaocrypt/poly1305.h; sourceTree = "<group>"; };
- 521646B31A8993F50062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../cyassl/ctaocrypt/pwdbased.h; sourceTree = "<group>"; };
- 521646B51A8993F50062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../cyassl/ctaocrypt/random.h; sourceTree = "<group>"; };
- 521646B61A8993F50062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../cyassl/ctaocrypt/ripemd.h; sourceTree = "<group>"; };
- 521646B71A8993F50062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../cyassl/ctaocrypt/rsa.h; sourceTree = "<group>"; };
- 521646B81A8993F50062516A /* settings_comp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings_comp.h; path = ../../cyassl/ctaocrypt/settings_comp.h; sourceTree = "<group>"; };
- 521646B91A8993F50062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../cyassl/ctaocrypt/settings.h; sourceTree = "<group>"; };
- 521646BA1A8993F50062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../cyassl/ctaocrypt/sha.h; sourceTree = "<group>"; };
- 521646BB1A8993F50062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../cyassl/ctaocrypt/sha256.h; sourceTree = "<group>"; };
- 521646BC1A8993F50062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../cyassl/ctaocrypt/sha512.h; sourceTree = "<group>"; };
- 521646BD1A8993F50062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../cyassl/ctaocrypt/tfm.h; sourceTree = "<group>"; };
- 521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = "<group>"; };
- 521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = "<group>"; };
- 521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = "<group>"; };
522DBE0C1B7926FB0031F454 /* wc_encrypt.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_encrypt.c; path = ../../wolfcrypt/src/wc_encrypt.c; sourceTree = SOURCE_ROOT; };
522DBE0E1B7927290031F454 /* wc_encrypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_encrypt.h; path = ../../wolfssl/wolfcrypt/wc_encrypt.h; sourceTree = "<group>"; };
525BE5331B3869110054BBCD /* hash.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hash.c; path = ../../wolfcrypt/src/hash.c; sourceTree = "<group>"; };
@@ -1549,78 +1138,11 @@
children = (
521645F91A89916E0062516A /* wolfSSL */,
521645F81A89916A0062516A /* wolfCrypt */,
- 521645F71A8991680062516A /* CyaSSL */,
- 521645F61A8991640062516A /* CtaoCrypt */,
700F0C502A2FBE3600755BA7 /* OpenSSL */,
);
name = Headers;
sourceTree = SOURCE_ROOT;
};
- 521645F61A8991640062516A /* CtaoCrypt */ = {
- isa = PBXGroup;
- children = (
- 521646951A8993F50062516A /* aes.h */,
- 521646961A8993F50062516A /* arc4.h */,
- 521646971A8993F50062516A /* asn_public.h */,
- 521646981A8993F50062516A /* asn.h */,
- 521646991A8993F50062516A /* blake2-impl.h */,
- 5216469A1A8993F50062516A /* blake2-int.h */,
- 5216469B1A8993F50062516A /* blake2.h */,
- 5216469C1A8993F50062516A /* camellia.h */,
- 5216469D1A8993F50062516A /* chacha.h */,
- 5216469E1A8993F50062516A /* coding.h */,
- 5216469F1A8993F50062516A /* compress.h */,
- 521646A01A8993F50062516A /* des3.h */,
- 521646A11A8993F50062516A /* dh.h */,
- 521646A21A8993F50062516A /* dsa.h */,
- 521646A31A8993F50062516A /* ecc.h */,
- 521646A41A8993F50062516A /* error-crypt.h */,
- 521646A51A8993F50062516A /* fips_test.h */,
- 521646A71A8993F50062516A /* hmac.h */,
- 521646A81A8993F50062516A /* integer.h */,
- 521646A91A8993F50062516A /* logging.h */,
- 521646AA1A8993F50062516A /* md2.h */,
- 521646AB1A8993F50062516A /* md4.h */,
- 521646AC1A8993F50062516A /* md5.h */,
- 521646AD1A8993F50062516A /* memory.h */,
- 521646AE1A8993F50062516A /* misc.h */,
- 521646AF1A8993F50062516A /* mpi_class.h */,
- 521646B01A8993F50062516A /* mpi_superclass.h */,
- 521646B11A8993F50062516A /* pkcs7.h */,
- 521646B21A8993F50062516A /* poly1305.h */,
- 521646B31A8993F50062516A /* pwdbased.h */,
- 521646B51A8993F50062516A /* random.h */,
- 521646B61A8993F50062516A /* ripemd.h */,
- 521646B71A8993F50062516A /* rsa.h */,
- 521646B81A8993F50062516A /* settings_comp.h */,
- 521646B91A8993F50062516A /* settings.h */,
- 521646BA1A8993F50062516A /* sha.h */,
- 521646BB1A8993F50062516A /* sha256.h */,
- 521646BC1A8993F50062516A /* sha512.h */,
- 521646BD1A8993F50062516A /* tfm.h */,
- 521646BE1A8993F50062516A /* types.h */,
- 521646BF1A8993F50062516A /* visibility.h */,
- 521646C01A8993F50062516A /* wc_port.h */,
- );
- name = CtaoCrypt;
- sourceTree = SOURCE_ROOT;
- };
- 521645F71A8991680062516A /* CyaSSL */ = {
- isa = PBXGroup;
- children = (
- 5216468A1A8993BB0062516A /* callbacks.h */,
- 5216468B1A8993BB0062516A /* certs_test.h */,
- 5216468C1A8993BB0062516A /* crl.h */,
- 5216468D1A8993BB0062516A /* error-ssl.h */,
- 5216468E1A8993BB0062516A /* internal.h */,
- 5216468F1A8993BB0062516A /* ocsp.h */,
- 521646921A8993BB0062516A /* ssl.h */,
- 521646931A8993BB0062516A /* test.h */,
- 521646941A8993BB0062516A /* version.h */,
- );
- name = CyaSSL;
- sourceTree = SOURCE_ROOT;
- };
521645F81A89916A0062516A /* wolfCrypt */ = {
isa = PBXGroup;
children = (
@@ -1935,8 +1457,6 @@
30B060481C6DDAEA00D46008 /* Frameworks */,
30B060491C6DDAEA00D46008 /* CopyFiles */,
30B060881C6DDB5200D46008 /* CopyFiles */,
- 30B060891C6DDB5400D46008 /* CopyFiles */,
- 30B0608A1C6DDB5500D46008 /* CopyFiles */,
30B060471C6DDAEA00D46008 /* Sources */,
);
buildRules = (
@@ -1955,8 +1475,6 @@
52B1344A16F3C9E800C07B32 /* Frameworks */,
52B1344B16F3C9E800C07B32 /* CopyFiles */,
521646C11A8A7B380062516A /* CopyFiles */,
- 521646C21A8A7B3B0062516A /* CopyFiles */,
- 521646C31A8A7B3D0062516A /* CopyFiles */,
700F0C8B2A2FBEB400755BA7 /* CopyFiles */,
52B1344916F3C9E800C07B32 /* Sources */,
);
@@ -1976,8 +1494,6 @@
A4F3187B1BC58B1700FDF2BB /* Frameworks */,
A4F3187C1BC58B1700FDF2BB /* CopyFiles */,
A4F318861BC58B1700FDF2BB /* CopyFiles */,
- A4F318B41BC58B1700FDF2BB /* CopyFiles */,
- A4F318BE1BC58B1700FDF2BB /* CopyFiles */,
A4F3184F1BC58B1700FDF2BB /* Sources */,
);
buildRules = (
diff --git a/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md b/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md
index e8c4ddf8..49ae2811 100644
--- a/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md
+++ b/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md
@@ -70,7 +70,7 @@ This shows the necessary steps on the basis of using the VMK180 development boar
2. Repeat the same steps of the previous step 3 for the newly created domain.
- In the tree-view select "freertos10_xilinx" and then open the "kernel_behavior" sub-entry.
- Change `minimal_stack_size` to `8000`, `tick_rate` to `1000` and `total_heap_size` to `8388608`. "Big chunk sizes" have not been tested under FreeRTOS.
-3. Repeat the same steps of the preivous steps 4 to 6, but with the `wolfCrypt_FreeRTOS_example` resp. `wolfCrypt_FreeRTOS_example_system`.
+3. Repeat the same steps of the previous steps 4 to 6, but with the `wolfCrypt_FreeRTOS_example` resp. `wolfCrypt_FreeRTOS_example_system`.
## Troubleshooting
diff --git a/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh b/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh
index 944e4ca7..d903bdca 100755
--- a/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh
+++ b/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh
@@ -66,7 +66,7 @@ aad_sizes["default"]="16 Bytes"
# not pretty but works for me :)
# CBC&GCM encryption is in software a lot faster than decryption,
-# therefor use the same Range on the Y-Axis to also have a visual indication.
+# therefore use the same Range on the Y-Axis to also have a visual indication.
# This will break if something changes, so let the user override the value
cbc_yrange="${cbc_yrange:=1400}"
gcm_yrange="${gcm_yrange:=500}"
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore b/extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore
new file mode 100644
index 00000000..de153db3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore
@@ -0,0 +1 @@
+artifacts
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/README.md b/extra/wolfssl/wolfssl/IDE/apple-universal/README.md
new file mode 100644
index 00000000..7a4d38da
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/README.md
@@ -0,0 +1,92 @@
+# Overview
+This example shows how to build a wolfSSL static library for Apple targets on all architectures using GNU autotools/`configure` and demonstrates how to create a [universal binary framework]() suitable for use in an Xcode project. It also provides a demo Xcode project using the wolfSSL framework in a simple multiplatform app.
+
+The example was created using Xcode version 14.3.1.
+
+# Why?
+Configuring and building wolfSSL through the `configure` interface can be simpler and more user friendly than manually adding the wolfSSL source files to your project and customizing through `user_settings.h`. Building via `configure` also streamlines integration with other open-source projects that expect an installation directory, such as `cURL`'s `--with-wolfssl` option. Finally, some developer teams might prefer to build wolfSSL once with the desired settings and then distribute it as a library framework for app developers to use. Packaging wolfSSL as a framework makes it highly portable and allows for drag-and-drop integration into Xcode projects without needing to worry about compiling the library every time they build their app.
+
+However, if you do want to compile wolfSSL from source manually in your Xcode project using `user_settings.h`, see the example in [IDE/XCODE](https://github.com/wolfSSL/wolfssl/tree/master/IDE/XCODE).
+
+# Example overview
+This example consists of a build script and an Xcode example project. The build script generates a static library framework for all Apple targets. The Example project shows how to incorporate the framework into an Xcode project and wolfSSL framework in a simple application.
+
+## The build script
+`build-wolfssl-framework.sh` compiles wolfSSL as static library for all modern Apple platforms and simulators. This includes MacOS (`arm64`,`x86_64`), iPhone (`arm64`), iPhoneSimulator (`arm64`,`x86_64`), appleTV (`arm64`), appleTVSimulator (`arm64`,`x86_64`), appleWatch (`arm64`), and appleWatchSimulator (`arm64`,`x86_64`). The script compiles wolfSSL for each platform, creates universal binaries for platforms that support multiple architectures (macOS and simulators) using [lipo](https://developer.apple.com/documentation/apple-silicon/building-a-universal-macos-binary), then combines all the static libraries together into an `xcframework` that can be imported into Xcode. It is meant to be used as an example rather than a build tool, and chooses simplicity and readability over flexibility (no command line options). For an explanation of how the script cross compiles wolfSSL, see the [Technical Details](technical-details) section.
+
+To use the build script, you can run it without arguments to build a default configuration, or you can use the `-c` option to pass in a quoted string containing any additional flags to `configure` that you need. Note that `--enable-static --disable-shared` is always passed to `configure` by default. Consider the following usage example, with descriptions in the comments:
+
+```
+# default configuration
+./build-wolfssl-framework.sh
+
+# hardened configuration with curl support and FIPS-ready crypto
+./build-wolfssl-framework.sh -c "--enable-harden --enable-curl --enable-fips=ready"
+
+```
+
+## Example project
+`wolfssl-multiplatform` is an xcode project containing a simple swiftUI "hello world" app that has been modified to run the wolfCrypt tests and establish a TLS connection to `www.wolfssl.com` on startup. It also provides an example for basic Swift/C interoperability using a "bridging header". When the app launches, the swiftUI initialization handler calls a C test driver function, which is responsible for running the wolfSSL examples. An overview of the additional files is as follows:
+
+```
+.
+└── wolfssl-multiplatform
+ ├── wolfssl-multiplatform
+ │   ├── ContentView.swift # <-- boilerplate swiftUI modified to call wolfSSL test driver on UI init
+ │   ├── wolfssl_multiplatformApp.swift # <-- basic swift hello world
+
+ │   ├── simple_client_example.c # <-- Simple TLS example that connects to wolfssl.com
+ │   ├── simple_client_example.h
+
+ │   ├── wolfssl-multiplatform-Bridging-Header.h # <-- "bridging header" that exposes wolfssl_test_driver app to swift
+ │   ├── wolfssl_test_driver.c # <-- test driver function that runs wolfCrypt tests then calls simple_client_example
+ │   └── wolfssl_test_driver.h
+```
+
+For a basic overview on how to call C code from Swift in an Xcode project, see this excellent blog post tutorial:
+- [https://rlaguilar.com/posts/integrate-c-library-ios-project-swift](https://rlaguilar.com/posts/integrate-c-library-ios-project-swift)
+
+More detailed information on swift/C interoperability can be found in the Apple swift language guide, as well as in the official swift documentation:
+- [https://developer.apple.com/documentation/swift/c-interoperability](https://developer.apple.com/documentation/swift/c-interoperability)
+- [https://www.swift.org/documentation/cxx-interop](https://www.swift.org/documentation/cxx-interop)
+
+## Adding the framework to an Xcode project
+In order to add the framework to any Xcode project, you can simply drag-and-drop the `artifacts/xcframework/libwolfssl.xcframework` directory into Xcode's project source navigator pane. This should automatically add it to the linked libraries for your application.
+
+# Technical Details
+
+## Cross compilation
+If you are developing on a macOS machine and want to compile wolfSSL to run on macOS, then you can simply use `configure` without further customisation. However, if you wish to build wolfSSL to run on a different Apple device, then you need to cross-compile wolfSSL. Thankfully, `configure` makes cross compilation relatively straightforward by using the `--host` argument to pass the "[target triple](https://wiki.osdev.org/Target_Triplet)" describing the platform of the system on which you wish the binary to run, as well as a few other options which will are described below. For more details on cross-compilation, please see the [GNU cross-compilation documentation](https://www.gnu.org/software/automake/manual/html_node/Cross_002dCompilation.html) and the [wolfSSL manual page on cross-compiling with configure](https://www.wolfssl.com/documentation/manuals/wolfssl/chapter02.html#building-with-configure-with-cross-compile). Note that `clang` is the default compiler on macOS (symlinked to `/usr/bin/gcc`) and natively supports cross compilation for all Apple devices without requiring you to download a separate compiler. This means you do not need to override the system `CC`/`AR`/`RANLIB` etc. when using configure.
+
+The generic `configure` invocation required to cross compile a static library for an Apple device is as follows:
+
+```
+./configure --disable-shared --enable-static \
+ --prefix=${INSTALL_DIR} \
+ --host=${HOST} \
+ CFLAGS="-arch ${ARCH} -isysroot ${SDK_ROOT}"
+
+```
+where the
+- `${INSTALL_DIR}` holds the path to the output directory for the wolfSSL install (which we will later include in the framework)
+- `--host=${HOST}` is the triple describing the platform. It should be set to `${ARCH}-apple-darwin` for all targets
+- `-arch ${ARCH}` is the CPU architecture of the platform. It should be `x86_64` for intel Macs and `arm64` for iPhone, appleTV, appleWatch, and Apple silicon Macs.
+- `-isysroot ${SDK_ROOT}` is the path to the new sysroot for the target platform of cross compilation, which is where the compiler should look for system headers and libraries (which are usually different for the target system than for the host system when cross compiling). You can use the Xcode command line tools to query the SDK root path for a given target by running `xcrun --sdk <target> --show-sdk-path`. To get a list of installed targets, run `xcodebuild -showsdks`.
+
+
+## Universal binaries
+Apple intoduced two technologies to facilitate packaging portable libraries: "universal binaries" and "frameworks".
+
+Universal binaries (a.k.a "fat" binaries) allow `elf` files targeting multiple CPU architectures to be combined into a single file (e.g. `x86_64` and `arm64`). These binaries are created using a tool called `lipo`. For more information on lipo and universal binaries, see [Creating Universal Binaries](https://developer.apple.com/documentation/apple-silicon/building-a-universal-macos-binary).
+
+## Frameworks
+In order to facilitate distribution binaries and dependencies, Apple introduced the concept of an `xcframework` bundle, which is a distribution format that allows developers to bundle binaries targeting multiple architectures together with their headers and other metadata. All builds of a library under all target platforms and architectures complete with their dependencies now can be packed ino one single bundle under the `.xcframework` extension.
+
+## Issues with the process
+Low-level programming in the Apple ecosystem is sparsely documented, and certain things that you think "should just work" don't. Here are a few issues we had with the process that need to be documented.
+
+1. Apps meant to run on a simulator require building for/linking against universal binaries containing architecture slices for both `x86_64` and `arm64`. Even if you have the correct architecture (e.g. compiling on `arm64` and targeting an `arm64` simulator host) Xcode will complain that you have compiled the binary for the wrong host if the elf file does not include an `x86_64` architecture slice. Therefore, `build-wolfssl-framework.sh` builds all libraries for simulator targets for both `x86_64` and `arm64` architectures and links them as universal binaries with `lipo`. Again, it DOES NOT MATTER if you are targeting the correct architecture with your cross-compilation, Xcode will not recognize the binary as targeting the correct architecture unless it contains both.
+
+2. Cross compiling for the **iOS simulator** with a min version specifier present (`-miphoneos-version-min`) requires the `-target ${ARCH}-apple-ios-simulator` compiler flag in order to build . It is unclear why this is required, as The GNU documentation claims that the `target` option is only required if cross-compiling a compiler to run on architecture X but emit code for architecture Y (known as a canadian cross-compilation scenario). Regardless, if you do not include a `-target` option, the build will generate a large number of warnings when linking against system libraries with messages like: `ld: warning: building for iOS, but linking in .tbd file (/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator16.4.sdk/usr/lib/libnetwork.tbd) built for iOS Simulator`. It was thought that perhaps the host option should instead be `--host=${ARCH}-apple-ios-simulator` but this is not a valid option, and `configure` will fail with a different error: `checking host system type... Invalid configuration 'arm64-apple-ios-simulator': Kernel 'ios' not known to work with OS 'simulator`. If you do not specify a min iOS version, this is not required. Mysteriously, the other simulators (tvOS, watchOS) do not have this issue....
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh b/extra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh
new file mode 100755
index 00000000..a3ff12a6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh
@@ -0,0 +1,110 @@
+#!/bin/bash
+
+# build-wolfssl-framework.sh
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+
+set -euo pipefail
+
+WOLFSSL_DIR=$(pwd)/../../
+OUTDIR=$(pwd)/artifacts
+LIPODIR=${OUTDIR}/lib
+SDK_OUTPUT_DIR=${OUTDIR}/xcframework
+
+CFLAGS_COMMON=""
+# Base configure flags
+CONF_OPTS="--disable-shared --enable-static"
+
+helpFunction()
+{
+ echo ""
+ echo "Usage: $0 [-c <config flags>]"
+ echo -e "\t-c Extra flags to be passed to ./configure"
+ exit 1 # Exit script after printing help
+}
+
+# Parse command line arguments
+while getopts ":c:" opt; do
+ case $opt in
+ c)
+ CONF_OPTS+=" $OPTARG"
+ ;;
+ \?)
+ echo "Invalid option: -$OPTARG" >&2; helpFunction
+ ;;
+ esac
+done
+
+rm -rf $OUTDIR
+mkdir -p $LIPODIR
+mkdir -p $SDK_OUTPUT_DIR
+
+build() { # <ARCH=arm64|x86_64> <TYPE=iphonesimulator|iphoneos|macosx|watchos|watchsimulator|appletvos|appletvsimulator>
+ set -x
+ pushd .
+ cd $WOLFSSL_DIR
+
+ ARCH=$1
+ HOST="${ARCH}-apple-darwin"
+ TYPE=$2
+ SDK_ROOT=$(xcrun --sdk ${TYPE} --show-sdk-path)
+
+ ./configure -prefix=${OUTDIR}/wolfssl-${TYPE}-${ARCH} ${CONF_OPTS} --host=${HOST} \
+ CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
+ make -j src/libwolfssl.la
+ make install
+
+ popd
+ set +x
+}
+
+XCFRAMEWORKS=
+for type in iphonesimulator macosx appletvsimulator watchsimulator ; do
+ build arm64 ${type}
+ build x86_64 ${type}
+
+ # Create universal binaries from architecture-specific static libraries
+ lipo \
+ "$OUTDIR/wolfssl-${type}-x86_64/lib/libwolfssl.a" \
+ "$OUTDIR/wolfssl-${type}-arm64/lib/libwolfssl.a" \
+ -create -output $LIPODIR/libwolfssl-${type}.a
+
+ echo "Checking libraries"
+ xcrun -sdk ${type} lipo -info $LIPODIR/libwolfssl-${type}.a
+ XCFRAMEWORKS+=" -library ${LIPODIR}/libwolfssl-${type}.a -headers ${OUTDIR}/wolfssl-${type}-arm64/include"
+done
+
+for type in iphoneos appletvos ; do
+ build arm64 ${type}
+
+ # Create universal binaries from architecture-specific static libraries
+ lipo \
+ "$OUTDIR/wolfssl-${type}-arm64/lib/libwolfssl.a" \
+ -create -output $LIPODIR/libwolfssl-${type}.a
+
+ echo "Checking libraries"
+ xcrun -sdk ${type} lipo -info $LIPODIR/libwolfssl-${type}.a
+ XCFRAMEWORKS+=" -library ${LIPODIR}/libwolfssl-${type}.a -headers ${OUTDIR}/wolfssl-${type}-arm64/include"
+done
+
+############################################################################################################################################
+# ********** BUILD FRAMEWORK
+############################################################################################################################################
+
+xcodebuild -create-xcframework ${XCFRAMEWORKS} -output ${SDK_OUTPUT_DIR}/libwolfssl.xcframework
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/include.am b/extra/wolfssl/wolfssl/IDE/apple-universal/include.am
new file mode 100644
index 00000000..a275b073
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/include.am
@@ -0,0 +1,24 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST+= IDE/apple-universal/README.md
+EXTRA_DIST+= IDE/apple-universal/build-wolfssl-framework.sh
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements
+
+
+
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj
new file mode 100644
index 00000000..2a20aa77
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj
@@ -0,0 +1,403 @@
+// !$*UTF8*$!
+{
+ archiveVersion = 1;
+ classes = {
+ };
+ objectVersion = 56;
+ objects = {
+
+/* Begin PBXBuildFile section */
+ 8BC456822A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456812A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift */; };
+ 8BC456842A5DCC3D008A4AF7 /* ContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456832A5DCC3D008A4AF7 /* ContentView.swift */; };
+ 8BC456862A5DCC3F008A4AF7 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 8BC456852A5DCC3F008A4AF7 /* Assets.xcassets */; };
+ 8BC456922A5DD04E008A4AF7 /* libwolfssl.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = 8BC456912A5DD04E008A4AF7 /* libwolfssl.xcframework */; };
+ 8BC456972A5DD1F2008A4AF7 /* wolfssl_test_driver.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456962A5DD1F2008A4AF7 /* wolfssl_test_driver.c */; };
+ 8BC456AB2A5DF7A6008A4AF7 /* test.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456AA2A5DF7A6008A4AF7 /* test.c */; settings = {COMPILER_FLAGS = "-DUSE_FLAT_TEST_H -DNO_MAIN_DRIVER -DNO_FILESYSTEM -DSINGLE_THREADED"; }; };
+ 8BC456AE2A5DF7BA008A4AF7 /* benchmark.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456AC2A5DF7BA008A4AF7 /* benchmark.c */; settings = {COMPILER_FLAGS = "-DUSE_FLAT_BENCHMARK_H -DNO_MAIN_DRIVER -DSINGLE_THREADED"; }; };
+ 8BC456F32A5F20C8008A4AF7 /* simple_client_example.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456F12A5F20C8008A4AF7 /* simple_client_example.c */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXFileReference section */
+ 8BC4567E2A5DCC3D008A4AF7 /* wolfssl-multiplatform.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "wolfssl-multiplatform.app"; sourceTree = BUILT_PRODUCTS_DIR; };
+ 8BC456812A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = wolfssl_multiplatformApp.swift; sourceTree = "<group>"; };
+ 8BC456832A5DCC3D008A4AF7 /* ContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContentView.swift; sourceTree = "<group>"; };
+ 8BC456852A5DCC3F008A4AF7 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
+ 8BC456872A5DCC3F008A4AF7 /* wolfssl_multiplatform.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = wolfssl_multiplatform.entitlements; sourceTree = "<group>"; };
+ 8BC456912A5DD04E008A4AF7 /* libwolfssl.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = libwolfssl.xcframework; path = ../artifacts/xcframework/libwolfssl.xcframework; sourceTree = "<group>"; };
+ 8BC456942A5DD1F2008A4AF7 /* wolfssl-multiplatform-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "wolfssl-multiplatform-Bridging-Header.h"; sourceTree = "<group>"; };
+ 8BC456952A5DD1F2008A4AF7 /* wolfssl_test_driver.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = wolfssl_test_driver.h; sourceTree = "<group>"; };
+ 8BC456962A5DD1F2008A4AF7 /* wolfssl_test_driver.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = wolfssl_test_driver.c; sourceTree = "<group>"; };
+ 8BC456A92A5DF7A6008A4AF7 /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../../../wolfcrypt/test/test.h; sourceTree = "<group>"; };
+ 8BC456AA2A5DF7A6008A4AF7 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = test.c; path = ../../../../wolfcrypt/test/test.c; sourceTree = "<group>"; };
+ 8BC456AC2A5DF7BA008A4AF7 /* benchmark.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = benchmark.c; path = ../../../../wolfcrypt/benchmark/benchmark.c; sourceTree = "<group>"; };
+ 8BC456AD2A5DF7BA008A4AF7 /* benchmark.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = benchmark.h; path = ../../../../wolfcrypt/benchmark/benchmark.h; sourceTree = "<group>"; };
+ 8BC456F12A5F20C8008A4AF7 /* simple_client_example.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = simple_client_example.c; sourceTree = "<group>"; };
+ 8BC456F22A5F20C8008A4AF7 /* simple_client_example.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = simple_client_example.h; sourceTree = "<group>"; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+ 8BC4567B2A5DCC3D008A4AF7 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 8BC456922A5DD04E008A4AF7 /* libwolfssl.xcframework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+ 8BC456752A5DCC3D008A4AF7 = {
+ isa = PBXGroup;
+ children = (
+ 8BC456802A5DCC3D008A4AF7 /* wolfssl-multiplatform */,
+ 8BC4567F2A5DCC3D008A4AF7 /* Products */,
+ 8BC456902A5DD04E008A4AF7 /* Frameworks */,
+ );
+ sourceTree = "<group>";
+ };
+ 8BC4567F2A5DCC3D008A4AF7 /* Products */ = {
+ isa = PBXGroup;
+ children = (
+ 8BC4567E2A5DCC3D008A4AF7 /* wolfssl-multiplatform.app */,
+ );
+ name = Products;
+ sourceTree = "<group>";
+ };
+ 8BC456802A5DCC3D008A4AF7 /* wolfssl-multiplatform */ = {
+ isa = PBXGroup;
+ children = (
+ 8BC456A82A5DF787008A4AF7 /* wolfssl-test-apps */,
+ 8BC456812A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift */,
+ 8BC456832A5DCC3D008A4AF7 /* ContentView.swift */,
+ 8BC456852A5DCC3F008A4AF7 /* Assets.xcassets */,
+ 8BC456872A5DCC3F008A4AF7 /* wolfssl_multiplatform.entitlements */,
+ 8BC456952A5DD1F2008A4AF7 /* wolfssl_test_driver.h */,
+ 8BC456962A5DD1F2008A4AF7 /* wolfssl_test_driver.c */,
+ 8BC456942A5DD1F2008A4AF7 /* wolfssl-multiplatform-Bridging-Header.h */,
+ );
+ path = "wolfssl-multiplatform";
+ sourceTree = "<group>";
+ };
+ 8BC456902A5DD04E008A4AF7 /* Frameworks */ = {
+ isa = PBXGroup;
+ children = (
+ 8BC456912A5DD04E008A4AF7 /* libwolfssl.xcframework */,
+ );
+ name = Frameworks;
+ sourceTree = "<group>";
+ };
+ 8BC456A82A5DF787008A4AF7 /* wolfssl-test-apps */ = {
+ isa = PBXGroup;
+ children = (
+ 8BC456F12A5F20C8008A4AF7 /* simple_client_example.c */,
+ 8BC456F22A5F20C8008A4AF7 /* simple_client_example.h */,
+ 8BC456AC2A5DF7BA008A4AF7 /* benchmark.c */,
+ 8BC456AD2A5DF7BA008A4AF7 /* benchmark.h */,
+ 8BC456AA2A5DF7A6008A4AF7 /* test.c */,
+ 8BC456A92A5DF7A6008A4AF7 /* test.h */,
+ );
+ name = "wolfssl-test-apps";
+ sourceTree = "<group>";
+ };
+/* End PBXGroup section */
+
+/* Begin PBXNativeTarget section */
+ 8BC4567D2A5DCC3D008A4AF7 /* wolfssl-multiplatform */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 8BC4568D2A5DCC3F008A4AF7 /* Build configuration list for PBXNativeTarget "wolfssl-multiplatform" */;
+ buildPhases = (
+ 8BC4567A2A5DCC3D008A4AF7 /* Sources */,
+ 8BC4567B2A5DCC3D008A4AF7 /* Frameworks */,
+ 8BC4567C2A5DCC3D008A4AF7 /* Resources */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = "wolfssl-multiplatform";
+ productName = "wolfssl-multiplatform";
+ productReference = 8BC4567E2A5DCC3D008A4AF7 /* wolfssl-multiplatform.app */;
+ productType = "com.apple.product-type.application";
+ };
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+ 8BC456762A5DCC3D008A4AF7 /* Project object */ = {
+ isa = PBXProject;
+ attributes = {
+ BuildIndependentTargetsInParallel = 1;
+ LastSwiftUpdateCheck = 1430;
+ LastUpgradeCheck = 1430;
+ TargetAttributes = {
+ 8BC4567D2A5DCC3D008A4AF7 = {
+ CreatedOnToolsVersion = 14.3.1;
+ LastSwiftMigration = 1430;
+ };
+ };
+ };
+ buildConfigurationList = 8BC456792A5DCC3D008A4AF7 /* Build configuration list for PBXProject "wolfssl-multiplatform" */;
+ compatibilityVersion = "Xcode 14.0";
+ developmentRegion = en;
+ hasScannedForEncodings = 0;
+ knownRegions = (
+ en,
+ Base,
+ );
+ mainGroup = 8BC456752A5DCC3D008A4AF7;
+ productRefGroup = 8BC4567F2A5DCC3D008A4AF7 /* Products */;
+ projectDirPath = "";
+ projectRoot = "";
+ targets = (
+ 8BC4567D2A5DCC3D008A4AF7 /* wolfssl-multiplatform */,
+ );
+ };
+/* End PBXProject section */
+
+/* Begin PBXResourcesBuildPhase section */
+ 8BC4567C2A5DCC3D008A4AF7 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 8BC456862A5DCC3F008A4AF7 /* Assets.xcassets in Resources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXResourcesBuildPhase section */
+
+/* Begin PBXSourcesBuildPhase section */
+ 8BC4567A2A5DCC3D008A4AF7 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 8BC456972A5DD1F2008A4AF7 /* wolfssl_test_driver.c in Sources */,
+ 8BC456842A5DCC3D008A4AF7 /* ContentView.swift in Sources */,
+ 8BC456F32A5F20C8008A4AF7 /* simple_client_example.c in Sources */,
+ 8BC456822A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift in Sources */,
+ 8BC456AB2A5DF7A6008A4AF7 /* test.c in Sources */,
+ 8BC456AE2A5DF7BA008A4AF7 /* benchmark.c in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXSourcesBuildPhase section */
+
+/* Begin XCBuildConfiguration section */
+ 8BC4568B2A5DCC3F008A4AF7 /* Debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ALWAYS_SEARCH_USER_PATHS = NO;
+ CLANG_ANALYZER_NONNULL = YES;
+ CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
+ CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
+ CLANG_ENABLE_MODULES = YES;
+ CLANG_ENABLE_OBJC_ARC = YES;
+ CLANG_ENABLE_OBJC_WEAK = YES;
+ CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
+ CLANG_WARN_BOOL_CONVERSION = YES;
+ CLANG_WARN_COMMA = YES;
+ CLANG_WARN_CONSTANT_CONVERSION = YES;
+ CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
+ CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
+ CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
+ CLANG_WARN_EMPTY_BODY = YES;
+ CLANG_WARN_ENUM_CONVERSION = YES;
+ CLANG_WARN_INFINITE_RECURSION = YES;
+ CLANG_WARN_INT_CONVERSION = YES;
+ CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
+ CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
+ CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
+ CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+ CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
+ CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
+ CLANG_WARN_STRICT_PROTOTYPES = YES;
+ CLANG_WARN_SUSPICIOUS_MOVE = YES;
+ CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
+ CLANG_WARN_UNREACHABLE_CODE = YES;
+ CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+ COPY_PHASE_STRIP = NO;
+ DEBUG_INFORMATION_FORMAT = dwarf;
+ ENABLE_STRICT_OBJC_MSGSEND = YES;
+ ENABLE_TESTABILITY = YES;
+ GCC_C_LANGUAGE_STANDARD = gnu11;
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_NO_COMMON_BLOCKS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "DEBUG=1",
+ "$(inherited)",
+ );
+ GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
+ GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
+ GCC_WARN_UNDECLARED_SELECTOR = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
+ MTL_FAST_MATH = YES;
+ ONLY_ACTIVE_ARCH = YES;
+ SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
+ SWIFT_OPTIMIZATION_LEVEL = "-Onone";
+ };
+ name = Debug;
+ };
+ 8BC4568C2A5DCC3F008A4AF7 /* Release */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ALWAYS_SEARCH_USER_PATHS = NO;
+ CLANG_ANALYZER_NONNULL = YES;
+ CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
+ CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
+ CLANG_ENABLE_MODULES = YES;
+ CLANG_ENABLE_OBJC_ARC = YES;
+ CLANG_ENABLE_OBJC_WEAK = YES;
+ CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
+ CLANG_WARN_BOOL_CONVERSION = YES;
+ CLANG_WARN_COMMA = YES;
+ CLANG_WARN_CONSTANT_CONVERSION = YES;
+ CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
+ CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
+ CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
+ CLANG_WARN_EMPTY_BODY = YES;
+ CLANG_WARN_ENUM_CONVERSION = YES;
+ CLANG_WARN_INFINITE_RECURSION = YES;
+ CLANG_WARN_INT_CONVERSION = YES;
+ CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
+ CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
+ CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
+ CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+ CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
+ CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
+ CLANG_WARN_STRICT_PROTOTYPES = YES;
+ CLANG_WARN_SUSPICIOUS_MOVE = YES;
+ CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
+ CLANG_WARN_UNREACHABLE_CODE = YES;
+ CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+ COPY_PHASE_STRIP = NO;
+ DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
+ ENABLE_NS_ASSERTIONS = NO;
+ ENABLE_STRICT_OBJC_MSGSEND = YES;
+ GCC_C_LANGUAGE_STANDARD = gnu11;
+ GCC_NO_COMMON_BLOCKS = YES;
+ GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
+ GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
+ GCC_WARN_UNDECLARED_SELECTOR = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ MTL_ENABLE_DEBUG_INFO = NO;
+ MTL_FAST_MATH = YES;
+ SWIFT_COMPILATION_MODE = wholemodule;
+ SWIFT_OPTIMIZATION_LEVEL = "-O";
+ };
+ name = Release;
+ };
+ 8BC4568E2A5DCC3F008A4AF7 /* Debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
+ ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
+ CLANG_ENABLE_MODULES = YES;
+ CODE_SIGN_ENTITLEMENTS = "wolfssl-multiplatform/wolfssl_multiplatform.entitlements";
+ CODE_SIGN_STYLE = Automatic;
+ CURRENT_PROJECT_VERSION = 1;
+ DEVELOPMENT_ASSET_PATHS = "";
+ ENABLE_PREVIEWS = NO;
+ GCC_PREPROCESSOR_DEFINITIONS = "CERT_PATH=\\\"$PROJECT_DIR/../../../certs/wolfssl-website-ca.pem\\\"";
+ GENERATE_INFOPLIST_FILE = YES;
+ "INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphoneos*]" = YES;
+ "INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphonesimulator*]" = YES;
+ "INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphoneos*]" = YES;
+ "INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphonesimulator*]" = YES;
+ "INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphoneos*]" = YES;
+ "INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphonesimulator*]" = YES;
+ "INFOPLIST_KEY_UIStatusBarStyle[sdk=iphoneos*]" = UIStatusBarStyleDefault;
+ "INFOPLIST_KEY_UIStatusBarStyle[sdk=iphonesimulator*]" = UIStatusBarStyleDefault;
+ INFOPLIST_KEY_UISupportedInterfaceOrientations_iPad = "UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+ INFOPLIST_KEY_UISupportedInterfaceOrientations_iPhone = "UIInterfaceOrientationPortrait UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+ IPHONEOS_DEPLOYMENT_TARGET = 16.4;
+ LD_RUNPATH_SEARCH_PATHS = "@executable_path/Frameworks";
+ "LD_RUNPATH_SEARCH_PATHS[sdk=macosx*]" = "@executable_path/../Frameworks";
+ MACOSX_DEPLOYMENT_TARGET = 13.3;
+ MARKETING_VERSION = 1.0;
+ OTHER_CFLAGS = "";
+ PRODUCT_BUNDLE_IDENTIFIER = "wolfSSL.wolfssl-multiplatform";
+ PRODUCT_NAME = "$(TARGET_NAME)";
+ SDKROOT = auto;
+ SUPPORTED_PLATFORMS = "appletvos appletvsimulator iphoneos iphonesimulator macosx";
+ SUPPORTS_MACCATALYST = NO;
+ SUPPORTS_MAC_DESIGNED_FOR_IPHONE_IPAD = NO;
+ SWIFT_EMIT_LOC_STRINGS = YES;
+ SWIFT_OBJC_BRIDGING_HEADER = "wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h";
+ SWIFT_OPTIMIZATION_LEVEL = "-Onone";
+ SWIFT_VERSION = 5.0;
+ TARGETED_DEVICE_FAMILY = "1,2,3";
+ };
+ name = Debug;
+ };
+ 8BC4568F2A5DCC3F008A4AF7 /* Release */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
+ ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
+ CLANG_ENABLE_MODULES = YES;
+ CODE_SIGN_ENTITLEMENTS = "wolfssl-multiplatform/wolfssl_multiplatform.entitlements";
+ CODE_SIGN_STYLE = Automatic;
+ CURRENT_PROJECT_VERSION = 1;
+ DEVELOPMENT_ASSET_PATHS = "";
+ ENABLE_PREVIEWS = NO;
+ GCC_PREPROCESSOR_DEFINITIONS = "CERT_PATH=\\\"$PROJECT_DIR/../../../certs/wolfssl-website-ca.pem\\\"";
+ GENERATE_INFOPLIST_FILE = YES;
+ "INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphoneos*]" = YES;
+ "INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphonesimulator*]" = YES;
+ "INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphoneos*]" = YES;
+ "INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphonesimulator*]" = YES;
+ "INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphoneos*]" = YES;
+ "INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphonesimulator*]" = YES;
+ "INFOPLIST_KEY_UIStatusBarStyle[sdk=iphoneos*]" = UIStatusBarStyleDefault;
+ "INFOPLIST_KEY_UIStatusBarStyle[sdk=iphonesimulator*]" = UIStatusBarStyleDefault;
+ INFOPLIST_KEY_UISupportedInterfaceOrientations_iPad = "UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+ INFOPLIST_KEY_UISupportedInterfaceOrientations_iPhone = "UIInterfaceOrientationPortrait UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+ IPHONEOS_DEPLOYMENT_TARGET = 16.4;
+ LD_RUNPATH_SEARCH_PATHS = "@executable_path/Frameworks";
+ "LD_RUNPATH_SEARCH_PATHS[sdk=macosx*]" = "@executable_path/../Frameworks";
+ MACOSX_DEPLOYMENT_TARGET = 13.3;
+ MARKETING_VERSION = 1.0;
+ OTHER_CFLAGS = "";
+ PRODUCT_BUNDLE_IDENTIFIER = "wolfSSL.wolfssl-multiplatform";
+ PRODUCT_NAME = "$(TARGET_NAME)";
+ SDKROOT = auto;
+ SUPPORTED_PLATFORMS = "appletvos appletvsimulator iphoneos iphonesimulator macosx";
+ SUPPORTS_MACCATALYST = NO;
+ SUPPORTS_MAC_DESIGNED_FOR_IPHONE_IPAD = NO;
+ SWIFT_EMIT_LOC_STRINGS = YES;
+ SWIFT_OBJC_BRIDGING_HEADER = "wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h";
+ SWIFT_VERSION = 5.0;
+ TARGETED_DEVICE_FAMILY = "1,2,3";
+ };
+ name = Release;
+ };
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+ 8BC456792A5DCC3D008A4AF7 /* Build configuration list for PBXProject "wolfssl-multiplatform" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 8BC4568B2A5DCC3F008A4AF7 /* Debug */,
+ 8BC4568C2A5DCC3F008A4AF7 /* Release */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Release;
+ };
+ 8BC4568D2A5DCC3F008A4AF7 /* Build configuration list for PBXNativeTarget "wolfssl-multiplatform" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 8BC4568E2A5DCC3F008A4AF7 /* Debug */,
+ 8BC4568F2A5DCC3F008A4AF7 /* Release */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Release;
+ };
+/* End XCConfigurationList section */
+ };
+ rootObject = 8BC456762A5DCC3D008A4AF7 /* Project object */;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json
new file mode 100644
index 00000000..eb878970
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json
@@ -0,0 +1,11 @@
+{
+ "colors" : [
+ {
+ "idiom" : "universal"
+ }
+ ],
+ "info" : {
+ "author" : "xcode",
+ "version" : 1
+ }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json
new file mode 100644
index 00000000..532cd729
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json
@@ -0,0 +1,63 @@
+{
+ "images" : [
+ {
+ "idiom" : "universal",
+ "platform" : "ios",
+ "size" : "1024x1024"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "1x",
+ "size" : "16x16"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "2x",
+ "size" : "16x16"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "1x",
+ "size" : "32x32"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "2x",
+ "size" : "32x32"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "1x",
+ "size" : "128x128"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "2x",
+ "size" : "128x128"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "1x",
+ "size" : "256x256"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "2x",
+ "size" : "256x256"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "1x",
+ "size" : "512x512"
+ },
+ {
+ "idiom" : "mac",
+ "scale" : "2x",
+ "size" : "512x512"
+ }
+ ],
+ "info" : {
+ "author" : "xcode",
+ "version" : 1
+ }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json
new file mode 100644
index 00000000..73c00596
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json
@@ -0,0 +1,6 @@
+{
+ "info" : {
+ "author" : "xcode",
+ "version" : 1
+ }
+}
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/arc4.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift
index c30f0b64..6e452c50 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/arc4.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift
@@ -1,4 +1,4 @@
-/* arc4.h
+/* ContentView.swift
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,18 +19,29 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+import SwiftUI
-#ifndef CTAO_CRYPT_ARC4_H
-#define CTAO_CRYPT_ARC4_H
-
-/* for arc4 reverse compatibility */
-#ifndef NO_RC4
-#include <wolfssl/wolfcrypt/arc4.h>
- #define Arc4Process wc_Arc4Process
- #define Arc4SetKey wc_Arc4SetKey
- #define Arc4AsyncInit wc_Arc4AsyncInit
- #define Arc4AsyncFree wc_Arc4AsyncFree
-#endif
-
-#endif /* CTAO_CRYPT_ARC4_H */
+struct ContentView: View {
+
+ /* Call our test function in the initialization of the view */
+ init() {
+ wolfssl_test();
+ }
+
+
+ var body: some View {
+ VStack {
+ Image(systemName: "globe")
+ .imageScale(.large)
+ .foregroundColor(.accentColor)
+ Text("Hello, world!")
+ }
+ .padding()
+ }
+}
+struct ContentView_Previews: PreviewProvider {
+ static var previews: some View {
+ ContentView()
+ }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c
new file mode 100644
index 00000000..b18d058d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c
@@ -0,0 +1,149 @@
+/* simple_client_example.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "simple_client_example.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
+#ifndef WOLFSSL_USER_SETTINGS
+#include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+
+#define SERVER_HOST "www.wolfssl.com"
+#define SERVER_PORT "443"
+
+int simple_client_example(void)
+{
+ WOLFSSL_CTX* ctx;
+ WOLFSSL* ssl;
+ int sockfd, ret;
+
+ /* Resolve the server address */
+ struct addrinfo hints, *server_addr;
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = AF_UNSPEC;
+ hints.ai_socktype = SOCK_STREAM;
+
+ ret = getaddrinfo(SERVER_HOST, SERVER_PORT, &hints, &server_addr);
+ if (ret != 0) {
+ printf("Failed to resolve server address: %s\n", gai_strerror(ret));
+ return 1;
+ }
+
+ /* Create a TCP socket */
+ sockfd = socket(server_addr->ai_family,
+ server_addr->ai_socktype,
+ server_addr->ai_protocol);
+ if (sockfd == -1) {
+ perror("Failed to create socket");
+ freeaddrinfo(server_addr);
+ return 1;
+ }
+
+ /* Connect to the server */
+ ret = connect(sockfd, server_addr->ai_addr, server_addr->ai_addrlen);
+ if (ret == -1) {
+ perror("Failed to connect to server");
+ freeaddrinfo(server_addr);
+ close(sockfd);
+ return 1;
+ }
+
+ freeaddrinfo(server_addr);
+
+ /* Initialize wolfSSL library */
+ wolfSSL_Init();
+
+ /* Create a new SSL context */
+ ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
+ if (ctx == NULL) {
+ printf("Unable to create SSL context.\n");
+ close(sockfd);
+ return 1;
+ }
+
+ /* Load CA certificate into WOLFSSL_CTX
+ * NOTE: CERT_PATH macro is set relative to Xcode $(PROJECT_DIR) environment
+ * variable in the preprocessor macros section of the project build settings
+ * to avoid hardcoding a path in the source code. The CA cert is located at
+ * wolfssl/certs/wolfssl-website-ca.pem. */
+ ret = wolfSSL_CTX_load_verify_locations(ctx, CERT_PATH, NULL);
+ if (ret != WOLFSSL_SUCCESS) {
+ printf("ERROR: failed to load %s, please check the file.\n", CERT_PATH);
+ wolfSSL_CTX_free(ctx);
+ close(sockfd);
+ return 1;
+ }
+
+ /* Create a new SSL object */
+ ssl = wolfSSL_new(ctx);
+ if (ssl == NULL) {
+ printf("Unable to create SSL object.\n");
+ wolfSSL_CTX_free(ctx);
+ close(sockfd);
+ return 1;
+ }
+
+ /* Attach the SSL object to the socket file descriptor */
+ wolfSSL_set_fd(ssl, sockfd);
+
+ /* Perform the SSL handshake */
+ ret = wolfSSL_connect(ssl);
+ if (ret != SSL_SUCCESS) {
+ printf("SSL connection failed: %d\n", wolfSSL_get_error(ssl, ret));
+ wolfSSL_free(ssl);
+ wolfSSL_CTX_free(ctx);
+ close(sockfd);
+ return 1;
+ }
+
+ /* Send an HTTP request */
+ const char* request = "GET / HTTP/1.1\r\nHost: www.wolfssl.com\r\n\r\n";
+ ret = wolfSSL_write(ssl, request, (int)strlen(request));
+ if (ret < 0) {
+ printf("Failed to send HTTP request.\n");
+ }
+
+ /* Receive and print the server's response */
+ char buffer[1024];
+ ret = wolfSSL_read(ssl, buffer, sizeof(buffer) - 1);
+ if (ret > 0) {
+ buffer[ret] = '\0';
+ printf("Received %d bytes:\n%s\n", ret, buffer);
+ } else {
+ printf("Failed to receive server response.\n");
+ }
+
+ /* Clean up and close the connection */
+ wolfSSL_shutdown(ssl);
+ wolfSSL_free(ssl);
+ wolfSSL_CTX_free(ctx);
+ wolfSSL_Cleanup();
+ close(sockfd);
+
+ return 0;
+}
+
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/misc.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
index 918c8c04..ce889582 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/misc.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
@@ -1,4 +1,4 @@
-/* misc.h
+/* simple_client_example.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,12 +19,9 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef simple_client_example_h
+#define simple_client_example_h
+int simple_client_example(void);
-#ifndef CTAO_CRYPT_MISC_H
-#define CTAO_CRYPT_MISC_H
-
-#include <wolfssl/wolfcrypt/misc.h>
-
-#endif /* CTAO_CRYPT_MISC_H */
-
+#endif /* simple_client_example_h */
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ssl.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h
index 8a52cd5d..f232f13b 100644
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ssl.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h
@@ -1,4 +1,4 @@
-/* ssl.h
+/* wolfssl-multiplatform-Bridging-Header.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,16 +19,8 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-
-
-/* ssl.h defines openssl compatibility layer
- *
+/*
+ * Use this file to import your target's public headers that you would like to
+ * expose to Swift.
*/
-#ifndef CYASSL_OPENSSL_H_
-#define CYASSL_OPENSSL_H_
-
-#include <cyassl/ssl.h>
-#include <wolfssl/openssl/ssl.h>
-
-#endif
-
+#import "wolfssl_test_driver.h"
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements
new file mode 100644
index 00000000..997a18c9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>com.apple.security.app-sandbox</key>
+ <false/>
+ <key>com.apple.security.files.user-selected.read-only</key>
+ <true/>
+ <key>com.apple.security.network.client</key>
+ <true/>
+ <key>com.apple.security.network.server</key>
+ <true/>
+</dict>
+</plist>
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dsa.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift
index a64a7eb4..acf2a03a 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dsa.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift
@@ -1,4 +1,4 @@
-/* dsa.h
+/* wolfssl_multiplatformApp.swift
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,15 +19,14 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+import SwiftUI
-
-#ifndef NO_DSA
-
-#ifndef CTAO_CRYPT_DSA_H
-#define CTAO_CRYPT_DSA_H
-
-#include <wolfssl/wolfcrypt/dsa.h>
-
-#endif /* CTAO_CRYPT_DSA_H */
-#endif /* NO_DSA */
+@main
+struct wolfssl_multiplatformApp: App {
+ var body: some Scene {
+ WindowGroup {
+ ContentView()
+ }
+ }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c
new file mode 100644
index 00000000..50655c83
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c
@@ -0,0 +1,62 @@
+/* wolfssl_test_driver.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "wolfssl_test_driver.h"
+
+#ifndef WOLFSSL_USER_SETTINGS
+#include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+
+#include "test.h"
+#include "benchmark.h"
+#include "simple_client_example.h"
+
+typedef struct test_func_args {
+ int argc;
+ char** argv;
+ int return_code;
+} test_func_args;
+
+
+
+void wolfssl_test(void)
+{
+ int ret;
+ test_func_args args = {0};
+
+#ifdef WC_RNG_SEED_CB
+ wc_SetSeed_Cb(wc_GenerateSeed);
+#endif
+
+ printf("Run wolfCrypt Test:\n");
+ ret = wolfcrypt_test(&args);
+ printf("\nResult of wolfcrypt_test() = %d\n\n", ret);
+
+ printf("Run wolfCrypt Benchmark:\n");
+ ret = benchmark_test(&args);
+ printf("\nResult of benchmark_test() = %d\n\n", ret);
+
+ printf("Run simple client test:\n");
+ ret = simple_client_example();
+ printf("\nResult of simple_client_test() = %d\n\n", ret);
+
+}
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/coding.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
index 3536fba4..a3104e64 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/coding.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
@@ -1,4 +1,4 @@
-/* coding.h
+/* wolfssl_test_driver.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,12 +19,9 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifndef wolfssl_test_driver_h
+#define wolfssl_test_driver_h
+void wolfssl_test(void);
-#ifndef CTAO_CRYPT_CODING_H
-#define CTAO_CRYPT_CODING_H
-
-#include <wolfssl/wolfcrypt/coding.h>
-
-#endif /* CTAO_CRYPT_CODING_H */
-
+#endif /* wolfssl_test_driver_h */
diff --git a/extra/wolfssl/wolfssl/IDE/include.am b/extra/wolfssl/wolfssl/IDE/include.am
index 379400d7..4f84b43f 100644
--- a/extra/wolfssl/wolfssl/IDE/include.am
+++ b/extra/wolfssl/wolfssl/IDE/include.am
@@ -35,6 +35,7 @@ include IDE/Renesas/e2studio/RX65N/GR-ROSE/include.am
include IDE/Renesas/e2studio/RX72N/EnvisionKit/include.am
include IDE/Renesas/e2studio/RX65N/RSK/include.am
include IDE/Renesas/e2studio/RA6M4/include.am
+include IDE/Renesas/e2studio/RZN2L/include.am
include IDE/WICED-STUDIO/include.am
include IDE/CRYPTOCELL/include.am
include IDE/M68K/include.am
@@ -53,6 +54,9 @@ include IDE/AURIX/include.am
include IDE/MCUEXPRESSO/include.am
include IDE/Espressif/include.am
include IDE/STARCORE/include.am
+include IDE/MDK5-ARM/include.am
+include IDE/SimplicityStudio/include.am
+include IDE/apple-universal/include.am
-EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif
+EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif
EXTRA_DIST+= IDE/OPENSTM32/README.md
diff --git a/extra/wolfssl/wolfssl/INSTALL b/extra/wolfssl/wolfssl/INSTALL
index 2f54ac18..d4034323 100644
--- a/extra/wolfssl/wolfssl/INSTALL
+++ b/extra/wolfssl/wolfssl/INSTALL
@@ -110,6 +110,53 @@
To build with debugging use: `cmake .. -DCMAKE_BUILD_TYPE=Debug`.
+ In the simplest form:
+
+ # create a root directory for wolfssl repo
+ git clone https://github.com/wolfSSL/wolfssl.git
+ cd wolfssl
+
+
+ # From the root of the wolfSSL repo:
+
+ mkdir -p out
+ pushd out
+ cmake ..
+ cmake --build .
+
+ # View the available ciphers with:
+ ./examples/client/client -e
+ popd
+
+
+ ARIA Cipher Suite.
+
+ The ARIA cipher needs a 3rd party source binary, typically called
+ `MagicCrypto.tar.gz`.
+
+ The MagicCrypto files can be either copied to the local `wolfssl` directory,
+ or an environment variable `ARIA_DIR` can be set to point to the location.
+
+ Simply having the environment variable or local `MagicCrypto` directory
+ will not automatically enable the ARIA Ciphers.
+
+ To enable ARIA Ciphers in wolfSSL for `CMake`:
+
+ # From the root of the wolfSSL repo:
+
+ # set to your path
+ export ARIA_DIR=~/workspace/MagicCrypto
+
+ mkdir -p out
+ pushd out
+ cmake .. -DWOLFSSL_ARIA=yes
+ cmake --build .
+
+ # View the available ciphers with:
+ ./examples/client/client -e
+ popd
+
+
Windows (Visual Studio)
---
1) Go to this page, download the appropriate Windows installer, and install
@@ -132,7 +179,7 @@
Windows (command line)
---
1) Open Command Prompt
- 2) Run the Visual Studio batch to setup command line variables, e.g. C:\Program Files (x86)\Microsoft Visual
+ 2) Run the Visual Studio batch to setup command line variables, e.g. C:\Program Files (x86)\Microsoft Visual
Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat
3) Follow steps in "Unix-based Platforms" above.
@@ -150,7 +197,7 @@
$ cd ~/oqs
$ git clone --single-branch https://github.com/open-quantum-safe/liboqs.git
$ cd liboqs/
- $ git checkout af76ca3b1f2fbc1f4f0967595f3bb07692fb3d82
+ $ git checkout 0.8.0
$ mkdir build
$ cd build
$ cmake -DOQS_USE_OPENSSL=0 ..
@@ -254,3 +301,130 @@
The wolfssl port in vcpkg is kept up to date by wolfSSL.
We also have vcpkg ports for wolftpm, wolfmqtt and curl.
+
+17. Building with hash-sigs lib for LMS/HSS support [EXPERIMENTAL]
+
+ Using LMS/HSS requires that the hash-sigs lib has been built on
+ your system. We support hash-sigs lib at this git commit:
+ b0631b8891295bf2929e68761205337b7c031726
+ At the time of writing this, this is the HEAD of the master
+ branch of the hash-sigs project.
+
+ Currently the hash-sigs project only builds static libraries:
+ - hss_verify.a: a single-threaded verify-only static lib.
+ - hss_lib.a: a single-threaded static lib.
+ - hss_lib_thread.a: a multi-threaded static lib.
+
+ The multi-threaded version will mainly have speedups for key
+ generation and signing.
+
+ The default LMS build (--enable-lms) will look for
+ hss_lib.a first, and hss_lib_thread.a second, in a specified
+ hash-sigs dir.
+
+ The LMS verify-only build (--enable-lms=verify-only) will look
+ for hss_verify.a only, which is a slimmer library that includes
+ only the minimal functions necessary for signature verification.
+
+ How to get and build the hash-sigs library:
+ $ mkdir ~/hash_sigs
+ $ cd ~/hash_sigs
+ $ git clone https://github.com/cisco/hash-sigs.git src
+ $ cd src
+ $ git checkout b0631b8891295bf2929e68761205337b7c031726
+
+ In sha256.h, set USE_OPENSSL to 0:
+ #define USE_OPENSSL 0
+
+ To build the single-threaded version:
+ $ make hss_lib.a
+ $ ls *.a
+ hss_lib.a
+
+ To build multi-threaded:
+ $ make hss_lib_thread.a
+ $ ls *.a
+ hss_lib_thread.a
+
+ To build verify-only:
+ $ make hss_verify.a
+ $ ls *.a
+ hss_verify.a
+
+ Build wolfSSL with
+ $ ./configure \
+ --enable-static \
+ --disable-shared \
+ --enable-lms \
+ --with-liblms=<path to dir containing hss_lib.a or hss_lib_thread.a>
+ $ make
+
+ Run the benchmark against LMS/HSS with:
+ $ ./wolfcrypt/benchmark/benchmark -lms_hss
+
+18. Building for Debian, Ubuntu, Linux Mint, and derivatives
+
+ To generate a .deb package, configure wolfSSL with the desired
+ configuration. Then run `make deb` to generate a Debian package
+ with the current configuration. To build the package inside a
+ Docker container, use `make deb-docker`. In both cases the
+ resulting packages are placed in the root directory of the
+ project.
+
+19. Building for RHEL, Fedora, CentOS, SUSE, and openSUSE
+
+ To generate a .rpm package, configure wolfSSL with the desired
+ configuration. Then run `make rpm` to generate a .rpm package
+ with the current configuration. To build the package inside a
+ Docker container, use `make rpm-docker`. In both cases the
+ resulting packages are placed in the root directory of the
+ project.
+
+20. Building with xmss-reference lib for XMSS/XMSS^MT support [EXPERIMENTAL]
+
+ Experimental support for XMSS/XMSS^MT has been achieved by integration
+ with the xmss-reference implementation from RFC 8391 (XMSS: eXtended
+ Merkle Signature Scheme). We support a patched version of xmss-reference
+ based on this git commit:
+ 171ccbd26f098542a67eb5d2b128281c80bd71a6
+ At the time of writing this, this is the HEAD of the master branch of
+ the xmss-reference project.
+
+ How to get the xmss-reference library:
+ $ mkdir ~/xmss
+ $ cd ~/xmss
+ $ git clone https://github.com/XMSS/xmss-reference.git src
+ $ cd src
+ $ git checkout 171ccbd26f098542a67eb5d2b128281c80bd71a6
+ $ git apply <path to xmss reference patch>
+
+ The patch may be found in the wolfssl-examples repo here:
+ pq/stateful_hash_sig/0001-Patch-to-support-wolfSSL-xmss-reference-integration.patch
+
+ To build patched xmss-reference:
+ $ make xmss_lib.a
+
+ To build verify-only patched xmss-reference:
+ $ make xmss_verify_lib.a
+
+ Note that this patch changes xmss-reference to use wolfCrypt SHA256 hashing,
+ by registering a SHA callback function in xmss-reference. It
+ thus benefits from all the same asm speedups as wolfCrypt SHA hashing.
+ Depending on architecture you may build with --enable-intelasm, or
+ --enable-armasm, and see 30-40% speedups in XMSS/XMSS^MT.
+
+ For full keygen, signing, verifying, and benchmarking support, build
+ wolfSSL with:
+ $ ./configure \
+ --enable-xmss \
+ --with-libxmss=<path to xmss src dir>
+ $ make
+
+ Run the benchmark against XMSS/XMSS^MT with:
+ $ ./wolfcrypt/benchmark/benchmark -xmss_xmssmt
+
+ For a leaner xmss verify-only build, build with
+ $ ./configure \
+ --enable-xmss=verify-only \
+ --with-libxmss=<path to xmss src dir>
+ $ make
diff --git a/extra/wolfssl/wolfssl/Makefile.am b/extra/wolfssl/wolfssl/Makefile.am
index f3decb03..07a2496e 100644
--- a/extra/wolfssl/wolfssl/Makefile.am
+++ b/extra/wolfssl/wolfssl/Makefile.am
@@ -161,7 +161,6 @@ EXTRA_DIST+= m4/ax_atomic.m4
include cmake/include.am
include wrapper/include.am
-include cyassl/include.am
include wolfssl/include.am
include certs/include.am
include doc/include.am
@@ -177,6 +176,7 @@ include examples/include.am
include testsuite/include.am
include tests/include.am
include sslSniffer/sslSnifferTest/include.am
+include debian/include.am
include rpm/include.am
include linuxkm/include.am
include zephyr/include.am
@@ -245,7 +245,6 @@ test: check
tests/unit.log: testsuite/testsuite.log
scripts/unit.log: testsuite/testsuite.log
-DISTCLEANFILES+= cyassl-config
DISTCLEANFILES+= wolfssl-config
MAINTAINERCLEANFILES+= wolfssl/wolfcrypt/async.h
@@ -267,7 +266,6 @@ maintainer-clean-local:
-rm build-aux/install-sh
-rm build-aux/ltmain.sh
-rm build-aux/missing
- -rm cyassl-config
-rmdir build-aux
-rm configure
-rm config.log
diff --git a/extra/wolfssl/wolfssl/README b/extra/wolfssl/wolfssl/README
index 9b870f5b..c344bf80 100644
--- a/extra/wolfssl/wolfssl/README
+++ b/extra/wolfssl/wolfssl/README
@@ -5,7 +5,7 @@ library written in ANSI C and targeted for embedded, RTOS, and
resource-constrained environments - primarily because of its small size, speed,
and feature set. It is commonly used in standard operating environments as well
because of its royalty-free pricing and excellent cross platform support.
-wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2
+wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers
such as ChaCha20, Curve25519, and Blake2b. User benchmarking and feedback
reports dramatically better performance when using wolfSSL over OpenSSL.
@@ -20,11 +20,11 @@ certificate #3389). For additional information, visit the wolfCrypt FIPS FAQ
There are many reasons to choose wolfSSL as your embedded SSL solution. Some of
the top reasons include size (typical footprint sizes range from 20-100 kB),
support for the newest standards (SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3,
-DTLS 1.0, and DTLS 1.2), current and progressive cipher support (including
-stream ciphers), multi-platform, royalty free, and an OpenSSL compatibility API
-to ease porting into existing applications which have previously used the
-OpenSSL package. For a complete feature list, see chapter 4 of the wolfSSL
-manual. (https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
+DTLS 1.0, DTLS 1.2, and DTLS 1.3), current and progressive cipher support
+(including stream ciphers), multi-platform, royalty free, and an OpenSSL
+compatibility API to ease porting into existing applications which have
+previously used the OpenSSL package. For a complete feature list, see chapter 4
+of the wolfSSL manual. (https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
*** Notes, Please read ***
@@ -70,150 +70,93 @@ should be used for the enum name.
*** end Notes ***
-# wolfSSL Release 5.6.3 (Jun 20, 2023)
+# wolfSSL Release 5.6.6 (Dec 19, 2023)
-Release 5.6.3 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
-
-Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
+Release 5.6.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
-* Fix for setting the atomic macro options introduced in release 5.6.2. This issue affects GNU gcc autoconf builds. The fix resolves a potential mismatch of the generated macros defined in options.h file and the macros used when the wolfSSL library is compiled. In version 5.6.2 this mismatch could result in unstable runtime behavior.
-* Fix for invalid suffix error with Windows build using the macro GCM_TABLE_4BIT.
-* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
-* Improvements to SendAlert for getting output buffer.
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+REMINDER: When working with AES Block Cipher algorithms, wc_AesInit() should
+always be called first to initialize the `Aes` structure, before calling other
+Aes API functions. Recently we found several places in our documentation,
+comments, and codebase where this pattern was not observed. We have since
+fixed this omission in several PRs for this release.
-# wolfSSL Release 5.6.2 (Jun 09, 2023)
+## Vulnerabilities
-Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
-https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+* [Medium] CVE-2023-6935: After review of the previous RSA timing fix in wolfSSL 5.6.4, additional changes were found to be required. A complete resistant change is delivered in this release. This fix is for the Marvin attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a very large number of trial connections. This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL (even with --enable-all). Static RSA cipher suites were also removed from the TLS 1.3 protocol and are only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It is recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. Thanks to Hubert Kario for the report. The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6955.
-NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional WOLFSSL_CALLBACKS has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of WOLFSSL_CALLBACKS on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
-Release 5.6.2 of wolfSSL embedded TLS has bug fixes and new features including:
+* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “--enable-aes-bitsliced†configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
-## Vulnerabilities
-* [Low] In cases where a malicious agent could analyze cache timing at a very detailed level, information about the AES key used could be leaked during T/S Box lookups. One such case was shown on RISC-V hardware using the MicroWalk tool (https://github.com/microwalk-project/Microwalk). A hardened version of T/S Box lookups was added in wolfSSL to help mitigate this potential attack and is now on by default with RISC-V builds and can be enabled on other builds if desired by compiling wolfSSL with the macro WOLFSSL_AES_TOUCH_LINES. Thanks to Jan Wichelmann, Christopher Peredy, Florian Sieck, Anna Pätschke, Thomas Eisenbarth (University of Lübeck): MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6309
-* [High] In previous versions of wolfSSL if a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing surreptitious access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. We recommend that TLS 1.3 client side users update the version of wolfSSL used. Thanks to Johannes from Sectra Communications and Linköping University for the report. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6412
+* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
## New Feature Additions
-### New Ports and Expansions
-* Add support for STM32H5
-* Add support for Renesas TSIP v1.17
-* Add Renesas SCE RSA crypto-only support
-* STARCORE DSP port and example builds added
-* Add the function wc_PKCS7_SetDefaultSignedAttribs for setting PKCS7 signed attributes to use with PKCS7 bundle creation
-* NXP IMX6Q CAAM port with QNX and performance optimizations for AES-CTR
-
-### New Build Options
-* ASN.1 print utility to decode ASN.1 syntax and print out human readable text --enable-asn-print. Utility app is located in the directory ./examples/asn1/
-* Add introspection for math build, wc_GetMathInfo() to get information about the math library compiled into the linked wolfSSL library
-* Implement TLS recommendations from RFC 9325 for hardening TLS/DTLS security. Enabled with the autoconf flag --enable-harden-tls.
-* Add option to support disabling thread local storage, --disable-threadlocal
-* Added wc_DsaSign_ex() and wc_DsaVerify_ex() for handling alternative digest algorithms with DSA Sign/Verify
-* Implement atomic operations interface. Macros auto-detect if atomic operations are expected to be available, can be turned off with the macro WOLFSSL_NO_ATOMICS
-* Added support for DTLS 1.3 Authentication and Integrity-Only Cipher Suites
-* Expand crypto callback to have a device ID find callback function with wc_CryptoCb_SetDeviceFindCb. Enabled with the macro WOLF_CRYPTO_CB_FIND
+* Build option for disabling CRL date checks (WOLFSSL_NO_CRL_DATE_CHECK) (PR 6927)
+* Support for STM32WL55 and improvements to PKA ECC support (PR 6937)
+* Add option to skip cookie exchange on DTLS 1.3 session resumption (PR 6929)
+* Add implementation of SRTP KDF and SRTCP KDF (--enable-srtp-kdf) (PR 6888)
+* Add wolfSSL_EXTENDED_KEY_USAGE_free() (PR 6916)
+* Add AES bitsliced implementation that is cache attack safe (--enable-aes-bitsliced) (PR 6854)
+* Add memcached support and automated testing (PR 6430, 7022)
+* Add Hardware Encryption Acceleration for ESP32-C3, ESP32-C6, and ESP32-S2 (PR 6990)
+* Add (D)TLS 1.3 support for 0.5-RTT data (PR 7010)
## Enhancements and Optimizations
-### Optimizations
-* Increased performance with ChaCha20 C implementation and general XOR operations
-* Added integer type to the ASN.1 sequencing with ASN.1 Integer sequence
-* With wolfSSL_get_x509_next_altname reset alt name list to head once cycled through if compiling with the macro WOLFSSL_MULTICIRCULATE_ALTNAMELIST
-* Additional key validity sanity checks on input to wolfSSL_EC_KEY_set_private_key
-* adds support for TLSv1.3 stateful session tickets when using SSL_OP_NO_TICKET
-
-### Memory Optimizations
-* Improvements to stack usage and management with SP int math library
-* Optimization to TLS 1.3 server to remove caching messages for Ed25519/Ed448
-* Added a HAVE_CURL macro build for building a subset of the wolfSSL library when linking with cURL
-* Memory usage improvement with reducing the size of alignment needed with AES
-* Reduce run time memory used with ECC operations and ALT_ECC_SIZE
-* Fixes and improvements for building edge cases such as crypto callback without hash-drbg with low footprint options
-* Support HAVE_SESSION_TICKET build option without depending on realloc
-
-### Documentation
-* Instructions for GPDMA on STM32 configuration added
-* Add in instructions for compiling with zephyr on STM32
-* Documentation fixup for wolfSSL_get_chain_cert()
-* Fix the file pointed to in the TI RTOS documentation that we maintain
-* Documentation for wolfSSL_CertManagerFreeCRL
-* Updates made to AES and Chacha documentation
-* Update Japanese comments for Ed25519, AES, and other miscellaneous items
-
-### Tests
-* Add in an option for easily testing malloc failures when building with WOLFSSL_MEM_FAIL_COUNT macro
-* Updated in process for using Expect vs Assert to facilitate more malloc failure tests
-* Enhance wolfCrypt test for builds that do not have ECC SECP curves enabled
-* ESP32 platform-specific VisualGDB test & benchmark projects
-* Update to dependencies in docker container file used for tests
-* Fix up for base 10 output with bundled benchmark application
-
-### Port Updates
-* Zephyr port update, compile time warning fixes, misc. fixes when used with TLS and update of includes
-* Update RIOT-OS to not compile out use of writev by default
-* Update Micrium port to enable use of STM32_RNG
-* Micrium updates for XMEMOVE and XSTRTOK use
-* Various Espressif HW crypto, SHA2, AES, MP updates
-* Added in ASIO build option with CMake builds
-
-### General Enhancements
-* Global codebase cleanup for C89 compliance and wolfCrypt -Wconversion hygiene
-* PKCS#11 enhancement adding a callback for RSA key size when using a hardware key, by default 2048 bit key is used
-* Allow for unknown OIDs in extensions in wolfSSL_X509_set_ext()
-* Allow user to override XSTAT by defining the macro XSTAT when compiling
-* Support UPN and SID with x509 certificate extensions and custom OID build
-* Write next IV in wolfSSL_DES_ede3_cbc_encrypt for better handling of inline encryption
-* Adding NO_ASN_TIME_CHECK build option for compiling out certificate before/after checks
-* Improve different peer recvfrom handling and error reporting with ipv4 vs ipv6
+* Better built in testing of “--sys-ca-certs†configure option (PR 6910)
+* Updated CMakeLists.txt for Espressif wolfSSL component usage (PR 6877)
+* Disable TLS 1.1 by default (unless SSL 3.0 or TLS 1.0 is enabled) (PR 6946)
+* Add “--enable-quic†to “--enable-all†configure option (PR 6957)
+* Add support to SP C implementation for RSA exponent up to 64-bits (PR 6959)
+* Add result of “HAVE___UINT128_T†to options.h for CMake builds (PR 6965)
+* Add optimized assembly for AES-GCM on ARM64 using hardware crypto instructions (PR 6967)
+* Add built-in cipher suite tests for DTLS 1.3 PQC (PR 6952)
+* Add wolfCrypt test and unit test to ctest (PR 6977)
+* Move OpenSSL compatibility crypto APIs into ssl_crypto.c file (PR 6935)
+* Validate time generated from XGMTIME() (PR 6958)
+* Allow wolfCrypt benchmark to run with microsecond accuracy (PR 6868)
+* Add GitHub Actions testing with nginx 1.24.0 (PR 6982)
+* Allow encoding of CA:FALSE BasicConstraint during cert generation (PR 6953)
+* Add CMake option to enable DTLS-SRTP (PR 6991)
+* Add CMake options for enabling QUIC and cURL (PR 7049)
+* Improve RSA blinding to make code more constant time (PR 6955)
+* Refactor AES-NI implementation macros to allow dynamic fallback to C (PR 6981)
+* Default to native Windows threading API on MinGW (PR 7015)
+* Return better error codes from OCSP response check (PR 7028)
+* Updated Espressif ESP32 TLS client and server examples (PR 6844)
+* Add/clean up support for ESP-IDF v5.1 for a variety of ESP32 chips (PR 7035, 7037)
+* Add API to choose dynamic certs based on client ciphers/sigalgs (PR 6963)
+* Improve Arduino IDE 1.5 project file to match recursive style (PR 7007)
+* Simplify and improve apple-universal build script (PR 7025)
## Fixes
-* Fix for STM32 ECC sign and verify out of bounds buffer write when the hash length passed in is larger than the key size. Thanks to Maximilian for the report.
-* Fix to skip Async_DevCtxInit when using init rsa/ecc label/id api's
-* Revert WOLFSSL_NO_ASN_STRICT macro guard around alternate names directory list
-* In async mode, don't retry decrypting if a valid error is encountered on a packet parse attempt
-* Add additional sanity check on PKCS7 index value in wc_PKCS7_DecryptKekri
-* Fix for padding when using an AuthEnvelope PKCS7 type with GCM/CCM stream ciphers
-* Fix siphash assembly so that no register is left behind
-* Fix to not send a TLS 1.3 session ID resume response when resuming and downgrading to a protocol less than TLS 1.3
-* Fix overwriting serialNumber by favouriteDrink when generating a certificate using Cert struct
-* Fix for the default realloc used with EspressIf builds
-* Track SetDigest usage to avoid invalid free under error conditions
-* DTLS v1.3 fix for epoch 0 check on plaintext message
-* Fix for session ticket memory leak in wolfSSL_Cleanup
-* Fixes for propagating SendAlert errors when the peer disconnects
-* Replace XMEMCPY with XMEMMOVE to fix valgrind-3.15.0 reports "Source and destination overlap in memcpy" when using --enable-aesgcm-stream
-* Fix for potential out-of-bounds write edge case in fp_mod_2d with --enable-fastmath math library
-* Fix getting ECC key size in stm32_ecc_sign_hash_ex
-* Fix for case where wc_PeekErrorNodeLineData was not unlocking error queue on error
-* Fix for async ECC shared secret state
-* Fix for better error checking with sp_gcd with SP int math library
-* Fix memory leak in TLSX_KeyShare_Setup when handling an error case
-* Fix for double free edge case in InitOCSPRequest when handling a memory allocation failure
-* X509 NAME Entry fix for leaking memory on error case
-* Fix wolfssl_asn1_time_to_tm setting unexpected fields in tm struct
-* Fix for FIPS ECC integrity check with crypto callback set
-* BN_to_ASN1_INTEGER fix for handling leading zero byte padding when needed
-* Fix a typo in PP macro and add a ceiling to guard against implementation bugs
-* DTLS 1.3 fix for using the correct label when deriving the resumption key
-* OCSP fix for GetDateInfo edge case with non ASN template builds
-* Allow a user set certificate callback function to override the skipAddCA flag when parsing a certificate
-* SP int: sp_radix_size when radix 10 fix temp size for handling edge case
-* Fixes and improvements for handling failures with memory allocations
-* Fix for DecodeECC_DSA_Sig to handle r and s being initialized
-* Fix for wc_ecc_is_point to ensure that the x and y are in range [0, p-1] and z is one (affine ordinates)
-
-### Build Fixes
-* Fix for building on Windows with CMake and using USER_SETTINGS and fix for options.h creation with CMake when using USER_SETTINGS
-* CMake fixes and improvements for use with mingw32
-* Fix for building with wpas and x509 small options
-* Check if colrm is available for options.h creation when using autoconf
-* Clean up NO_BIG_INT build, removing WOLFSSL_SP_MATH macro and heapmath compile
-* Fix PKCS#7 build with NO_PKCS7_STREAM
-* Fix compilation error in CC-RX and remove unnecessary public key import
-* SP Build fixes for ARM assembly with ARMv6 clz and ARM thumb debug build
-* For to not advertise support for RSA in TLS extensions when compiled with NO_RSA
+
+* Fix for async edge case with Intel QuickAssist/Cavium Nitrox (PR 6931)
+* Fix for building PKCS#7 with RSA disabled (PR 6902)
+* Fix for advancing output pointer in wolfSSL_i2d_X509() (PR 6891)
+* Fix for EVP_EncodeBlock() appending a newline (PR 6900)
+* Fix for wolfSSL_RSA_verify_PKCS1_PSS() with RSA_PSS_SALTLEN_AUTO (PR 6938)
+* Fixes for CODESonar reports around isalpha() and isalnum() calls (PR 6810)
+* Fix for SP ARM64 integer math to avoid compiler optimization issues (PR 6942)
+* Fix for SP Thumb2 inline assembly to add IAR build support (PR 6943, 6971)
+* Fix for SP Thumb2 to make functions not inlined (PR 6993)
+* Fix for SP Cortex-M assembly large build with IAR (PR 6954)
+* Fix for SP ARM64 assembly montgomery reduction by 4 (PR 6947)
+* Fix for SP ARM64 P-256 for not inlining functions for iOS compatibility (PR 6979)
+* Fix for WOLFSSL_CALLBACKS and potential memory error (PR 6949)
+* Fixes for wolfSSL’s Zephyr OS port (PR 6930)
+* Fix for build errors when building for NXP mmCAU (FREESCALE_MMCAU) (PR 6970)
+* Fix for TLS 1.3 SendBuffered() return code in non-blocking mode (PR 7001)
+* Fix for TLS Hmac_UpdateFinal() when padding byte is invalid (PR 6998)
+* Fix for ARMv8 AES-GCM streaming to check size of IV before storing (PR 6996)
+* Add missing calls to wc_AesInit() before wc_AesSetKey() (PR 7011)
+* Fix build errors with DTLS 1.3 enabled but TLS 1.2 disabled (PR 6976)
+* Fixes for building wolfSSL in Visual Studio (PR 7040)
For additional vulnerability information visit the vulnerability page at:
https://www.wolfssl.com/docs/security-vulnerabilities/
diff --git a/extra/wolfssl/wolfssl/README.md b/extra/wolfssl/wolfssl/README.md
index 18b3665f..381a05fb 100644
--- a/extra/wolfssl/wolfssl/README.md
+++ b/extra/wolfssl/wolfssl/README.md
@@ -1,7 +1,3 @@
-<a href="https://repology.org/project/wolfssl/versions">
- <img src="https://repology.org/badge/vertical-allrepos/wolfssl.svg" alt="Packaging status" align="right">
-</a>
-
# wolfSSL Embedded SSL/TLS Library
The [wolfSSL embedded SSL library](https://www.wolfssl.com/products/wolfssl/)
@@ -10,7 +6,7 @@ targeted for embedded, RTOS, and resource-constrained environments - primarily
because of its small size, speed, and feature set. It is commonly used in
standard operating environments as well because of its royalty-free pricing
and excellent cross platform support. wolfSSL supports industry standards up
-to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.2, is up to
+to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.3, is up to
20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20,
Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and
feedback reports dramatically better performance when using wolfSSL over
@@ -27,8 +23,8 @@ or contact fips@wolfssl.com.
There are many reasons to choose wolfSSL as your embedded, desktop, mobile, or
enterprise SSL/TLS solution. Some of the top reasons include size (typical
footprint sizes range from 20-100 kB), support for the newest standards
-(SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, DTLS 1.0, and DTLS 1.2), current
-and progressive cipher support (including stream ciphers), multi-platform,
+(SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, DTLS 1.0, DTLS 1.2, and DTLS 1.3),
+current and progressive cipher support (including stream ciphers), multi-platform,
royalty free, and an OpenSSL compatibility API to ease porting into existing
applications which have previously used the OpenSSL package. For a complete
feature list, see [Chapter 4](https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
@@ -79,150 +75,93 @@ single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` a
`WC_SHA512` should be used for the enum name.
-# wolfSSL Release 5.6.3 (Jun 20, 2023)
-
-Release 5.6.3 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
+# wolfSSL Release 5.6.6 (Dec 19, 2023)
-Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
+Release 5.6.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
-* Fix for setting the atomic macro options introduced in release 5.6.2. This issue affects GNU gcc autoconf builds. The fix resolves a potential mismatch of the generated macros defined in options.h file and the macros used when the wolfSSL library is compiled. In version 5.6.2 this mismatch could result in unstable runtime behavior.
-* Fix for invalid suffix error with Windows build using the macro GCM_TABLE_4BIT.
-* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
-* Improvements to SendAlert for getting output buffer.
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+REMINDER: When working with AES Block Cipher algorithms, `wc_AesInit()` should
+always be called first to initialize the `Aes` structure, before calling other
+Aes API functions. Recently we found several places in our documentation,
+comments, and codebase where this pattern was not observed. We have since
+fixed this omission in several PRs for this release.
-# wolfSSL Release 5.6.2 (Jun 09, 2023)
+## Vulnerabilities
-Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
-https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+* [Medium] CVE-2023-6935: After review of the previous RSA timing fix in wolfSSL 5.6.4, additional changes were found to be required. A complete resistant change is delivered in this release. This fix is for the Marvin attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a very large number of trial connections. This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL (even with `--enable-all`). Static RSA cipher suites were also removed from the TLS 1.3 protocol and are only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It is recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. Thanks to Hubert Kario for the report. The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6955.
-NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional `WOLFSSL_CALLBACKS` has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of `WOLFSSL_CALLBACKS` on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
-Release 5.6.2 of wolfSSL embedded TLS has bug fixes and new features including:
+* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “`--enable-aes-bitsliced`†configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
-## Vulnerabilities
-* [Low] In cases where a malicious agent could analyze cache timing at a very detailed level, information about the AES key used could be leaked during T/S Box lookups. One such case was shown on RISC-V hardware using the MicroWalk tool (https://github.com/microwalk-project/Microwalk). A hardened version of T/S Box lookups was added in wolfSSL to help mitigate this potential attack and is now on by default with RISC-V builds and can be enabled on other builds if desired by compiling wolfSSL with the macro WOLFSSL_AES_TOUCH_LINES. Thanks to Jan Wichelmann, Christopher Peredy, Florian Sieck, Anna Pätschke, Thomas Eisenbarth (University of Lübeck): MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6309
-* [High] In previous versions of wolfSSL if a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing surreptitious access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. We recommend that TLS 1.3 client side users update the version of wolfSSL used. Thanks to Johannes from Sectra Communications and Linköping University for the report. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6412
+* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
## New Feature Additions
-### New Ports and Expansions
-* Add support for STM32H5
-* Add support for Renesas TSIP v1.17
-* Add Renesas SCE RSA crypto-only support
-* STARCORE DSP port and example builds added
-* Add the function wc_PKCS7_SetDefaultSignedAttribs for setting PKCS7 signed attributes to use with PKCS7 bundle creation
-* NXP IMX6Q CAAM port with QNX and performance optimizations for AES-CTR
-
-### New Build Options
-* ASN.1 print utility to decode ASN.1 syntax and print out human readable text --enable-asn-print. Utility app is located in the directory ./examples/asn1/
-* Add introspection for math build, wc_GetMathInfo() to get information about the math library compiled into the linked wolfSSL library
-* Implement TLS recommendations from RFC 9325 for hardening TLS/DTLS security. Enabled with the autoconf flag --enable-harden-tls.
-* Add option to support disabling thread local storage, --disable-threadlocal
-* Added wc_DsaSign_ex() and wc_DsaVerify_ex() for handling alternative digest algorithms with DSA Sign/Verify
-* Implement atomic operations interface. Macros auto-detect if atomic operations are expected to be available, can be turned off with the macro WOLFSSL_NO_ATOMICS
-* Added support for DTLS 1.3 Authentication and Integrity-Only Cipher Suites
-* Expand crypto callback to have a device ID find callback function with wc_CryptoCb_SetDeviceFindCb. Enabled with the macro WOLF_CRYPTO_CB_FIND
+* Build option for disabling CRL date checks (`WOLFSSL_NO_CRL_DATE_CHECK`) (PR 6927)
+* Support for STM32WL55 and improvements to PKA ECC support (PR 6937)
+* Add option to skip cookie exchange on DTLS 1.3 session resumption (PR 6929)
+* Add implementation of SRTP KDF and SRTCP KDF (`--enable-srtp-kdf`) (PR 6888)
+* Add `wolfSSL_EXTENDED_KEY_USAGE_free()` (PR 6916)
+* Add AES bitsliced implementation that is cache attack safe (`--enable-aes-bitsliced`) (PR 6854)
+* Add memcached support and automated testing (PR 6430, 7022)
+* Add Hardware Encryption Acceleration for ESP32-C3, ESP32-C6, and ESP32-S2 (PR 6990)
+* Add (D)TLS 1.3 support for 0.5-RTT data (PR 7010)
## Enhancements and Optimizations
-### Optimizations
-* Increased performance with ChaCha20 C implementation and general XOR operations
-* Added integer type to the ASN.1 sequencing with ASN.1 Integer sequence
-* With wolfSSL_get_x509_next_altname reset alt name list to head once cycled through if compiling with the macro WOLFSSL_MULTICIRCULATE_ALTNAMELIST
-* Additional key validity sanity checks on input to wolfSSL_EC_KEY_set_private_key
-* adds support for TLSv1.3 stateful session tickets when using SSL_OP_NO_TICKET
-
-### Memory Optimizations
-* Improvements to stack usage and management with SP int math library
-* Optimization to TLS 1.3 server to remove caching messages for Ed25519/Ed448
-* Added a HAVE_CURL macro build for building a subset of the wolfSSL library when linking with cURL
-* Memory usage improvement with reducing the size of alignment needed with AES
-* Reduce run time memory used with ECC operations and ALT_ECC_SIZE
-* Fixes and improvements for building edge cases such as crypto callback without hash-drbg with low footprint options
-* Support HAVE_SESSION_TICKET build option without depending on realloc
-
-### Documentation
-* Instructions for GPDMA on STM32 configuration added
-* Add in instructions for compiling with zephyr on STM32
-* Documentation fixup for wolfSSL_get_chain_cert()
-* Fix the file pointed to in the TI RTOS documentation that we maintain
-* Documentation for wolfSSL_CertManagerFreeCRL
-* Updates made to AES and Chacha documentation
-* Update Japanese comments for Ed25519, AES, and other miscellaneous items
-
-### Tests
-* Add in an option for easily testing malloc failures when building with WOLFSSL_MEM_FAIL_COUNT macro
-* Updated in process for using Expect vs Assert to facilitate more malloc failure tests
-* Enhance wolfCrypt test for builds that do not have ECC SECP curves enabled
-* ESP32 platform-specific VisualGDB test & benchmark projects
-* Update to dependencies in docker container file used for tests
-* Fix up for base 10 output with bundled benchmark application
-
-### Port Updates
-* Zephyr port update, compile time warning fixes, misc. fixes when used with TLS and update of includes
-* Update RIOT-OS to not compile out use of writev by default
-* Update Micrium port to enable use of STM32_RNG
-* Micrium updates for XMEMOVE and XSTRTOK use
-* Various Espressif HW crypto, SHA2, AES, MP updates
-* Added in ASIO build option with CMake builds
-
-### General Enhancements
-* Global codebase cleanup for C89 compliance and wolfCrypt -Wconversion hygiene
-* PKCS#11 enhancement adding a callback for RSA key size when using a hardware key, by default 2048 bit key is used
-* Allow for unknown OIDs in extensions in wolfSSL_X509_set_ext()
-* Allow user to override XSTAT by defining the macro XSTAT when compiling
-* Support UPN and SID with x509 certificate extensions and custom OID build
-* Write next IV in wolfSSL_DES_ede3_cbc_encrypt for better handling of inline encryption
-* Adding NO_ASN_TIME_CHECK build option for compiling out certificate before/after checks
-* Improve different peer recvfrom handling and error reporting with ipv4 vs ipv6
+* Better built in testing of “`--sys-ca-certs`†configure option (PR 6910)
+* Updated CMakeLists.txt for Espressif wolfSSL component usage (PR 6877)
+* Disable TLS 1.1 by default (unless SSL 3.0 or TLS 1.0 is enabled) (PR 6946)
+* Add “`--enable-quic`†to “`--enable-all`†configure option (PR 6957)
+* Add support to SP C implementation for RSA exponent up to 64-bits (PR 6959)
+* Add result of “`HAVE___UINT128_T`†to options.h for CMake builds (PR 6965)
+* Add optimized assembly for AES-GCM on ARM64 using hardware crypto instructions (PR 6967)
+* Add built-in cipher suite tests for DTLS 1.3 PQC (PR 6952)
+* Add wolfCrypt test and unit test to ctest (PR 6977)
+* Move OpenSSL compatibility crypto APIs into `ssl_crypto.c` file (PR 6935)
+* Validate time generated from XGMTIME() (PR 6958)
+* Allow wolfCrypt benchmark to run with microsecond accuracy (PR 6868)
+* Add GitHub Actions testing with nginx 1.24.0 (PR 6982)
+* Allow encoding of CA:FALSE BasicConstraint during cert generation (PR 6953)
+* Add CMake option to enable DTLS-SRTP (PR 6991)
+* Add CMake options for enabling QUIC and cURL (PR 7049)
+* Improve RSA blinding to make code more constant time (PR 6955)
+* Refactor AES-NI implementation macros to allow dynamic fallback to C (PR 6981)
+* Default to native Windows threading API on MinGW (PR 7015)
+* Return better error codes from OCSP response check (PR 7028)
+* Updated Espressif ESP32 TLS client and server examples (PR 6844)
+* Add/clean up support for ESP-IDF v5.1 for a variety of ESP32 chips (PR 7035, 7037)
+* Add API to choose dynamic certs based on client ciphers/sigalgs (PR 6963)
+* Improve Arduino IDE 1.5 project file to match recursive style (PR 7007)
+* Simplify and improve apple-universal build script (PR 7025)
## Fixes
-* Fix for STM32 ECC sign and verify out of bounds buffer write when the hash length passed in is larger than the key size. Thanks to Maximilian for the report.
-* Fix to skip Async_DevCtxInit when using init rsa/ecc label/id api's
-* Revert WOLFSSL_NO_ASN_STRICT macro guard around alternate names directory list
-* In async mode, don't retry decrypting if a valid error is encountered on a packet parse attempt
-* Add additional sanity check on PKCS7 index value in wc_PKCS7_DecryptKekri
-* Fix for padding when using an AuthEnvelope PKCS7 type with GCM/CCM stream ciphers
-* Fix siphash assembly so that no register is left behind
-* Fix to not send a TLS 1.3 session ID resume response when resuming and downgrading to a protocol less than TLS 1.3
-* Fix overwriting serialNumber by favouriteDrink when generating a certificate using Cert struct
-* Fix for the default realloc used with EspressIf builds
-* Track SetDigest usage to avoid invalid free under error conditions
-* DTLS v1.3 fix for epoch 0 check on plaintext message
-* Fix for session ticket memory leak in wolfSSL_Cleanup
-* Fixes for propagating SendAlert errors when the peer disconnects
-* Replace XMEMCPY with XMEMMOVE to fix valgrind-3.15.0 reports "Source and destination overlap in memcpy" when using --enable-aesgcm-stream
-* Fix for potential out-of-bounds write edge case in fp_mod_2d with --enable-fastmath math library
-* Fix getting ECC key size in stm32_ecc_sign_hash_ex
-* Fix for case where wc_PeekErrorNodeLineData was not unlocking error queue on error
-* Fix for async ECC shared secret state
-* Fix for better error checking with sp_gcd with SP int math library
-* Fix memory leak in TLSX_KeyShare_Setup when handling an error case
-* Fix for double free edge case in InitOCSPRequest when handling a memory allocation failure
-* X509 NAME Entry fix for leaking memory on error case
-* Fix wolfssl_asn1_time_to_tm setting unexpected fields in tm struct
-* Fix for FIPS ECC integrity check with crypto callback set
-* BN_to_ASN1_INTEGER fix for handling leading zero byte padding when needed
-* Fix a typo in PP macro and add a ceiling to guard against implementation bugs
-* DTLS 1.3 fix for using the correct label when deriving the resumption key
-* OCSP fix for GetDateInfo edge case with non ASN template builds
-* Allow a user set certificate callback function to override the skipAddCA flag when parsing a certificate
-* SP int: sp_radix_size when radix 10 fix temp size for handling edge case
-* Fixes and improvements for handling failures with memory allocations
-* Fix for DecodeECC_DSA_Sig to handle r and s being initialized
-* Fix for wc_ecc_is_point to ensure that the x and y are in range [0, p-1] and z is one (affine ordinates)
-
-### Build Fixes
-* Fix for building on Windows with CMake and using USER_SETTINGS and fix for options.h creation with CMake when using USER_SETTINGS
-* CMake fixes and improvements for use with mingw32
-* Fix for building with wpas and x509 small options
-* Check if colrm is available for options.h creation when using autoconf
-* Clean up NO_BIG_INT build, removing WOLFSSL_SP_MATH macro and heapmath compile
-* Fix PKCS#7 build with NO_PKCS7_STREAM
-* Fix compilation error in CC-RX and remove unnecessary public key import
-* SP Build fixes for ARM assembly with ARMv6 clz and ARM thumb debug build
-* For to not advertise support for RSA in TLS extensions when compiled with NO_RSA
+
+* Fix for async edge case with Intel QuickAssist/Cavium Nitrox (PR 6931)
+* Fix for building PKCS#7 with RSA disabled (PR 6902)
+* Fix for advancing output pointer in `wolfSSL_i2d_X509()` (PR 6891)
+* Fix for `EVP_EncodeBlock()` appending a newline (PR 6900)
+* Fix for `wolfSSL_RSA_verify_PKCS1_PSS()` with `RSA_PSS_SALTLEN_AUTO` (PR 6938)
+* Fixes for CODESonar reports around `isalpha()` and `isalnum()` calls (PR 6810)
+* Fix for SP ARM64 integer math to avoid compiler optimization issues (PR 6942)
+* Fix for SP Thumb2 inline assembly to add IAR build support (PR 6943, 6971)
+* Fix for SP Thumb2 to make functions not inlined (PR 6993)
+* Fix for SP Cortex-M assembly large build with IAR (PR 6954)
+* Fix for SP ARM64 assembly montgomery reduction by 4 (PR 6947)
+* Fix for SP ARM64 P-256 for not inlining functions for iOS compatibility (PR 6979)
+* Fix for `WOLFSSL_CALLBACKS` and potential memory error (PR 6949)
+* Fixes for wolfSSL’s Zephyr OS port (PR 6930)
+* Fix for build errors when building for NXP mmCAU (`FREESCALE_MMCAU`) (PR 6970)
+* Fix for TLS 1.3 `SendBuffered()` return code in non-blocking mode (PR 7001)
+* Fix for TLS `Hmac_UpdateFinal()` when padding byte is invalid (PR 6998)
+* Fix for ARMv8 AES-GCM streaming to check size of IV before storing (PR 6996)
+* Add missing calls to `wc_AesInit()` before `wc_AesSetKey()` (PR 7011)
+* Fix build errors with DTLS 1.3 enabled but TLS 1.2 disabled (PR 6976)
+* Fixes for building wolfSSL in Visual Studio (PR 7040)
For additional vulnerability information visit the vulnerability page at:
https://www.wolfssl.com/docs/security-vulnerabilities/
@@ -230,7 +169,6 @@ https://www.wolfssl.com/docs/security-vulnerabilities/
See INSTALL file for build instructions.
More info can be found on-line at: https://wolfssl.com/wolfSSL/Docs.html
-
# Resources
[wolfSSL Website](https://www.wolfssl.com/)
diff --git a/extra/wolfssl/wolfssl/SCRIPTS-LIST b/extra/wolfssl/wolfssl/SCRIPTS-LIST
index d0a781cf..03f5cf6a 100644
--- a/extra/wolfssl/wolfssl/SCRIPTS-LIST
+++ b/extra/wolfssl/wolfssl/SCRIPTS-LIST
@@ -1,7 +1,7 @@
autogen.sh - creates ./configure from source checkout, sets up git hooks
pre-commit.sh - our pre commit hook, saves current state before running commit
- tests to allow a resotre back to current state
+ tests to allow a restore back to current state
commit-tests.sh - our commit tests, must pass before a commit is accepted, use
-n (--no-verify) to disable
diff --git a/extra/wolfssl/wolfssl/async-check.sh b/extra/wolfssl/wolfssl/async-check.sh
index 206fd4ff..ccfce052 100755
--- a/extra/wolfssl/wolfssl/async-check.sh
+++ b/extra/wolfssl/wolfssl/async-check.sh
@@ -1,34 +1,23 @@
#!/bin/bash
-# async-check.sh
-
# This script creates symbolic links to the required asynchronous
# file for using the asynchronous simulator and make check
-#
-# $ ./async-check [keep|clean|setup]
-#
-# - keep: (default off) ./async and links kept around for inspection
-# - clean: (default off) only cleanup existing ./async and links
-# - setup: (default off) only setup ./async and links but don't run config
-# or make
-#
+
+# Fail on any error in script
+set -e
ASYNC_REPO=https://github.com/wolfSSL/wolfAsyncCrypt.git
+ASYNC_DIR=${ASYNC_DIR:-wolfAsyncCrypt}
function Usage() {
- printf '\n%s\n\n' "Usage: $0 [keep|clean|setup]"
- printf '%s\n' "Where \"keep\" means keep (default off) async files around for inspection"
- printf '%s\n' "Where \"clean\" means only clean (default off) the async files"
- printf '%s\n\n' "Where \"setup\" means only setup (default off) the async files"
- printf '%s\n' "EXAMPLE:"
- printf '%s\n' "---------------------------------"
- printf '%s\n' "./async-check.sh keep"
- printf '%s\n' "./async-check.sh clean"
- printf '%s\n' "./async-check.sh setup"
- printf '%s\n\n' "---------------------------------"
+ printf "Usage: $0 [install|uninstall|test|remove]\n"
+ printf "\tinstall - get and set up links to wolfAsyncCrypt files\n"
+ printf "\tuninstall - remove the links to wolfAsyncCrypt\n"
+ printf "\ttest - install and run 'make check'\n"
+ printf "\tremove - uninstall and remove wolfAsyncCrypt\n"
}
-function CleanUp() {
+function UnlinkFiles() {
unlink ./wolfcrypt/src/async.c
unlink ./wolfssl/wolfcrypt/async.h
unlink ./wolfcrypt/src/port/intel/quickassist.c
@@ -40,8 +29,6 @@ function CleanUp() {
unlink ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
unlink ./wolfcrypt/src/port/cavium/README.md
- rm -rf ./async
-
# restore original README.md files
git checkout -- wolfcrypt/src/port/cavium/README.md
git checkout -- wolfcrypt/src/port/intel/README.md
@@ -49,16 +36,46 @@ function CleanUp() {
function LinkFiles() {
# link files
- ln -s -f ../../async/wolfcrypt/src/async.c ./wolfcrypt/src/async.c
- ln -s -f ../../async/wolfssl/wolfcrypt/async.h ./wolfssl/wolfcrypt/async.h
- ln -s -f ../../../../async/wolfcrypt/src/port/intel/quickassist.c ./wolfcrypt/src/port/intel/quickassist.c
- ln -s -f ../../../../async/wolfcrypt/src/port/intel/quickassist_mem.c ./wolfcrypt/src/port/intel/quickassist_mem.c
- ln -s -f ../../../../async/wolfcrypt/src/port/intel/README.md ./wolfcrypt/src/port/intel/README.md
- ln -s -f ../../../../async/wolfssl/wolfcrypt/port/intel/quickassist.h ./wolfssl/wolfcrypt/port/intel/quickassist.h
- ln -s -f ../../../../async/wolfssl/wolfcrypt/port/intel/quickassist_mem.h ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
- ln -s -f ../../../../async/wolfcrypt/src/port/cavium/cavium_nitrox.c ./wolfcrypt/src/port/cavium/cavium_nitrox.c
- ln -s -f ../../../../async/wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
- ln -s -f ../../../../async/wolfcrypt/src/port/cavium/README.md ./wolfcrypt/src/port/cavium/README.md
+ ln -s -f ../../${ASYNC_DIR}/wolfcrypt/src/async.c ./wolfcrypt/src/async.c
+ ln -s -f ../../${ASYNC_DIR}/wolfssl/wolfcrypt/async.h ./wolfssl/wolfcrypt/async.h
+ ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/quickassist.c ./wolfcrypt/src/port/intel/quickassist.c
+ ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/quickassist_mem.c ./wolfcrypt/src/port/intel/quickassist_mem.c
+ ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/README.md ./wolfcrypt/src/port/intel/README.md
+ ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/intel/quickassist.h ./wolfssl/wolfcrypt/port/intel/quickassist.h
+ ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/intel/quickassist_mem.h ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
+ ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/cavium/cavium_nitrox.c ./wolfcrypt/src/port/cavium/cavium_nitrox.c
+ ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
+ ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/cavium/README.md ./wolfcrypt/src/port/cavium/README.md
+}
+
+function Install() {
+ if [ -d $ASYNC_DIR ];
+ then
+ echo "Using existing async repo"
+ else
+ # make a clone of the wolfAsyncCrypt repository
+ git clone --depth 1 $ASYNC_REPO $ASYNC_DIR
+ fi
+
+# setup auto-conf
+ ./autogen.sh
+ LinkFiles
+}
+
+function Uninstall() {
+ UnlinkFiles
+}
+
+function Test() {
+ Install
+ ./configure --enable-asynccrypt --enable-all
+ make check
+}
+
+function Remove() {
+ UnlinkFiles
+
+ rm -rf ${ASYNC_DIR}
}
if [ "$#" -gt 1 ]; then
@@ -66,19 +83,18 @@ if [ "$#" -gt 1 ]; then
exit 1
fi
-KEEP=no
-ONLY_SETUP=no
-
case "x$1" in
- "xkeep")
- KEEP=yes
+ "xinstall")
+ Install
;;
- "xclean")
- CleanUp
- exit 0
+ "xuninstall")
+ Uninstall
;;
- "xsetup")
- ONLY_SETUP=yes
+ "xremove")
+ Remove
+ ;;
+ "xtest")
+ Test
;;
*)
Usage
@@ -86,28 +102,3 @@ case "x$1" in
;;
esac
-# Fail on any error in script from now on
-set -e
-
-if [ -d ./async ];
-then
- echo "\n\nUsing existing async repo\n\n"
-else
- # make a clone of the wolfAsyncCrypt repository
- git clone --depth 1 $ASYNC_REPO async
-fi
-
-# setup auto-conf
-./autogen.sh
-LinkFiles
-if [ "x$ONLY_SETUP" == "xno" ];
-then
- ./configure --enable-asynccrypt --enable-all
- make check
- # Clean up
- if [ "x$KEEP" == "xno" ];
- then
- CleanUp
- fi
-fi
-
diff --git a/extra/wolfssl/wolfssl/autogen.sh b/extra/wolfssl/wolfssl/autogen.sh
index c5d55d0d..d9ae0881 100755
--- a/extra/wolfssl/wolfssl/autogen.sh
+++ b/extra/wolfssl/wolfssl/autogen.sh
@@ -3,16 +3,44 @@
# Create configure and makefile stuff...
#
+# Check environment
+if [ -n "$WSL_DISTRO_NAME" ]; then
+ # we found a non-blank WSL environment distro name
+ current_path="$(pwd)"
+ pattern="/mnt/?"
+ if [ "$(echo "$current_path" | grep -E "^$pattern")" ]; then
+ # if we are in WSL and shared Windows file system, 'ln' does not work.
+ no_links=true
+ else
+ no_links=
+ fi
+fi
+
# Git hooks should come before autoreconf.
if [ -d .git ]; then
if [ ! -d .git/hooks ]; then
mkdir .git/hooks || exit $?
fi
- if [ ! -e .git/hooks/pre-commit ]; then
- ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $?
- fi
- if [ ! -e .git/hooks/pre-push ]; then
- ln -s ../../pre-push.sh .git/hooks/pre-push || exit $?
+
+ if [ -n "$no_links" ]; then
+ echo "Linux ln does not work on shared Windows file system in WSL."
+ if [ ! -e .git/hooks/pre-commit ]; then
+ echo "The pre-commit.sh file will not be copied to .git/hooks/pre-commit"
+ # shell scripts do not work on Windows; TODO create equivalent batch file
+ # cp ./pre-commit.sh .git/hooks/pre-commit || exit $?
+ fi
+ if [ ! -e .git/hooks/pre-push ]; then
+ echo "The pre-push.sh file will not be copied to .git/hooks/pre-commit"
+ # shell scripts do not work on Windows; TODO create equivalent batch file
+ # cp ./pre-push.sh .git/hooks/pre-push || exit $?
+ fi
+ else
+ if [ ! -e .git/hooks/pre-commit ]; then
+ ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $?
+ fi
+ if [ ! -e .git/hooks/pre-push ]; then
+ ln -s ../../pre-push.sh .git/hooks/pre-push || exit $?
+ fi
fi
fi
@@ -30,8 +58,6 @@ done
for file in \
./wolfssl/options.h \
- ./ctaocrypt/src/fips.c \
- ./ctaocrypt/src/fips_test.c \
./wolfcrypt/src/fips.c \
./wolfcrypt/src/fips_test.c \
./wolfcrypt/src/wolfcrypt_first.c \
diff --git a/extra/wolfssl/wolfssl/certs/1024/ca-cert.der b/extra/wolfssl/wolfssl/certs/1024/ca-cert.der
index 938b5518..3324aee9 100644
--- a/extra/wolfssl/wolfssl/certs/1024/ca-cert.der
+++ b/extra/wolfssl/wolfssl/certs/1024/ca-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem b/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem
index 4a899b94..2bc54e6f 100644
--- a/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 0e:75:3b:39:ad:1f:53:d1:85:3b:05:3b:11:62:4f:dc:7b:11:72:11
+ 5c:44:2b:bf:d3:a8:2a:d8:fd:54:c9:cd:aa:7f:f7:d4:59:07:aa:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -29,7 +29,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11
+ serial:5C:44:2B:BF:D3:A8:2A:D8:FD:54:C9:CD:AA:7F:F7:D4:59:07:AA:DD
X509v3 Basic Constraints:
CA:TRUE
@@ -38,20 +38,20 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- b8:80:bf:b2:f5:83:95:51:81:6a:7e:41:87:29:d7:c3:c9:c6:
- 9b:60:e4:65:a1:04:97:1d:1b:3b:e9:27:fa:43:d6:89:6a:3c:
- 9e:bf:28:d1:75:37:21:f3:0d:64:17:b2:a3:2d:83:52:ff:57:
- f0:42:a9:48:aa:d8:84:ea:0d:80:05:71:0a:aa:23:b4:6c:c6:
- d6:7f:13:4a:f4:82:b9:e2:81:ae:46:8c:59:fb:c3:8c:6d:5b:
- f3:32:ec:86:f0:6e:da:2a:78:ab:f2:36:fb:48:fa:74:09:0e:
- 19:c2:bf:eb:cc:fb:a9:05:c1:c9:e1:ab:8b:79:f6:f1:ad:4a:
- 9f:aa
+ 70:7d:83:94:d0:ee:e1:19:8b:17:ca:79:87:12:5b:7f:70:a3:
+ 51:20:4f:21:99:71:69:21:28:55:61:70:85:54:21:a9:70:a2:
+ a9:12:db:44:11:44:e7:41:00:70:80:b5:37:0c:7e:78:8f:88:
+ 64:bc:e5:c0:44:a7:a5:3d:db:62:c4:d6:cd:aa:4b:ac:fb:01:
+ 46:bb:ec:cb:6f:01:67:b4:65:f3:5e:53:39:64:99:9b:68:80:
+ 14:91:a4:a4:eb:04:f3:76:9a:7d:b4:38:05:9c:a5:e0:bc:7e:
+ d9:d2:d3:d4:e8:c3:9f:38:4b:6c:29:94:be:35:bd:30:1f:b5:
+ b7:3d
-----BEGIN CERTIFICATE-----
-MIIECTCCA3KgAwIBAgIUDnU7Oa0fU9GFOwU7EWJP3HsRchEwDQYJKoZIhvcNAQEL
+MIIECTCCA3KgAwIBAgIUXEQrv9OoKtj9VMnNqn/31FkHqt0wDQYJKoZIhvcNAQEL
BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+Zm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCB
mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -63,10 +63,10 @@ Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9
ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx
EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D
b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUDnU7Oa0fU9GFOwU7EWJP3HsRchEw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUXEQrv9OoKtj9VMnNqn/31FkHqt0w
DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAuIC/
-svWDlVGBan5BhynXw8nGm2DkZaEElx0bO+kn+kPWiWo8nr8o0XU3IfMNZBeyoy2D
-Uv9X8EKpSKrYhOoNgAVxCqojtGzG1n8TSvSCueKBrkaMWfvDjG1b8zLshvBu2ip4
-q/I2+0j6dAkOGcK/68z7qQXByeGri3n28a1Kn6o=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAcH2D
+lNDu4RmLF8p5hxJbf3CjUSBPIZlxaSEoVWFwhVQhqXCiqRLbRBFE50EAcIC1Nwx+
+eI+IZLzlwESnpT3bYsTWzapLrPsBRrvsy28BZ7Rl815TOWSZm2iAFJGkpOsE83aa
+fbQ4BZyl4Lx+2dLT1OjDnzhLbCmUvjW9MB+1tz0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/1024/client-cert.der b/extra/wolfssl/wolfssl/certs/1024/client-cert.der
index 9fc0d288..898d298e 100644
--- a/extra/wolfssl/wolfssl/certs/1024/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/1024/client-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/1024/client-cert.pem b/extra/wolfssl/wolfssl/certs/1024/client-cert.pem
index 92a88b67..b78c3834 100644
--- a/extra/wolfssl/wolfssl/certs/1024/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/1024/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 41:1f:ec:cf:49:20:14:81:dc:ab:32:02:01:6a:cd:18:bd:f5:e3:53
+ 59:f2:ea:44:08:b5:12:30:a0:96:93:d1:d1:7f:e1:ec:49:75:9b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_1024, OU = Programming-1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_1024, OU = Programming-1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -29,7 +29,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_1024/OU=Programming-1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:41:1F:EC:CF:49:20:14:81:DC:AB:32:02:01:6A:CD:18:BD:F5:E3:53
+ serial:59:F2:EA:44:08:B5:12:30:A0:96:93:D1:D1:7F:E1:EC:49:75:9B:A2
X509v3 Basic Constraints:
CA:TRUE
@@ -38,21 +38,21 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- 64:0e:1b:a2:b2:39:cc:df:9c:63:48:4b:58:2c:e5:af:e2:ba:
- d2:74:37:f8:a0:c8:2f:62:36:84:49:55:d6:8d:2b:4d:96:4f:
- b4:2e:83:f9:00:e8:cb:7e:04:f1:19:f2:00:24:0d:2b:ba:30:
- 89:7f:8a:e3:64:e2:d5:1b:5a:0a:9d:26:db:e8:6a:60:c2:79:
- aa:ad:8d:f1:1c:2a:33:d4:66:42:98:7a:94:d4:b7:2d:0b:cb:
- f5:b5:62:ae:e1:88:47:ad:ee:8d:32:b5:60:1a:5b:a1:d3:a1:
- 58:cc:0c:40:30:0d:05:cb:4b:d2:e1:d7:ca:63:de:a8:78:56:
- 96:e7
+ 45:63:6f:f9:ed:f4:12:3c:3c:c5:2c:51:08:94:61:7e:08:e8:
+ 32:46:2b:22:02:d0:e8:2b:a4:23:15:48:47:87:5d:72:ab:38:
+ d5:34:b9:fc:f4:86:93:49:95:d8:81:32:1c:21:e3:ef:b8:40:
+ c5:87:02:e8:28:aa:54:93:2d:8a:e9:1e:dd:5d:11:f8:bf:ca:
+ 4e:33:20:56:4e:6f:53:bb:79:b0:da:65:a1:4b:9f:c8:55:fa:
+ 53:26:84:c6:1e:0a:5e:7a:6e:f2:2d:2a:81:a5:d0:2b:ec:d5:
+ 8e:b9:f0:c7:57:d7:d6:14:1a:3b:dc:09:41:b4:9d:0d:72:20:
+ 44:79
-----BEGIN CERTIFICATE-----
-MIIEGDCCA4GgAwIBAgIUQR/sz0kgFIHcqzICAWrNGL3141MwDQYJKoZIhvcNAQEL
+MIIEGDCCA4GgAwIBAgIUWfLqRAi1EjCglpPR0X/h7El1m6IwDQYJKoZIhvcNAQEL
BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzEwMjQxGTAXBgNVBAsMEFByb2dyYW1t
aW5nLTEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFt
bWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
@@ -63,10 +63,10 @@ BgNVHQ4EFgQUgWkP+N/dzzQp1Wd1cYXHdRBpWewwgd4GA1UdIwSB1jCB04AUgWkP
+N/dzzQp1Wd1cYXHdRBpWeyhgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzEw
MjQxGTAXBgNVBAsMEFByb2dyYW1taW5nLTEwMjQxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUQR/sz0kg
-FIHcqzICAWrNGL3141MwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUWfLqRAi1
+EjCglpPR0X/h7El1m6IwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
LmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZI
-hvcNAQELBQADgYEAZA4borI5zN+cY0hLWCzlr+K60nQ3+KDIL2I2hElV1o0rTZZP
-tC6D+QDoy34E8RnyACQNK7owiX+K42Ti1RtaCp0m2+hqYMJ5qq2N8RwqM9RmQph6
-lNS3LQvL9bViruGIR63ujTK1YBpbodOhWMwMQDANBctL0uHXymPeqHhWluc=
+hvcNAQELBQADgYEARWNv+e30Ejw8xSxRCJRhfgjoMkYrIgLQ6CukIxVIR4ddcqs4
+1TS5/PSGk0mV2IEyHCHj77hAxYcC6CiqVJMtiuke3V0R+L/KTjMgVk5vU7t5sNpl
+oUufyFX6UyaExh4KXnpu8i0qgaXQK+zVjrnwx1fX1hQaO9wJQbSdDXIgRHk=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/1024/server-cert.der b/extra/wolfssl/wolfssl/certs/1024/server-cert.der
index fb421b0c..f4faeb58 100644
--- a/extra/wolfssl/wolfssl/certs/1024/server-cert.der
+++ b/extra/wolfssl/wolfssl/certs/1024/server-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/1024/server-cert.pem b/extra/wolfssl/wolfssl/certs/1024/server-cert.pem
index 296df820..0c0fc714 100644
--- a/extra/wolfssl/wolfssl/certs/1024/server-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/1024/server-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -28,7 +28,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11
+ serial:5C:44:2B:BF:D3:A8:2A:D8:FD:54:C9:CD:AA:7F:F7:D4:59:07:AA:DD
X509v3 Basic Constraints:
CA:TRUE
@@ -37,20 +37,20 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- c0:94:34:0d:41:a3:03:17:05:08:d9:54:d9:a2:f0:e9:22:58:
- 25:50:10:6d:da:09:2d:7d:fc:0d:c0:13:35:0e:96:7f:1e:38:
- a1:11:97:42:df:83:07:05:ce:d6:de:90:22:ab:0f:6d:56:90:
- 02:9a:a5:cf:5a:9b:96:66:0f:71:ed:b2:72:7a:e4:9d:61:9f:
- 2a:45:b8:51:b9:a6:ee:d6:73:2a:03:f4:03:32:6e:19:6e:70:
- 48:6b:72:29:30:19:87:06:30:d6:2f:19:f5:39:78:2f:2f:c2:
- 49:38:5a:d8:38:06:f9:fe:bf:45:ea:7b:e6:7b:a6:0b:b5:ba:
- 06:80
+ 35:2e:7b:57:7b:64:70:53:e0:81:ed:f4:ac:b3:3a:3b:ba:82:
+ 8d:a2:31:d9:d4:ac:d1:8a:6d:35:41:15:b3:e8:06:91:ca:2a:
+ f7:ff:28:0e:3d:cd:e7:28:f0:07:c0:78:62:9e:88:3d:dc:98:
+ f0:8c:89:a7:1c:5b:77:37:b2:55:38:b2:60:42:e8:02:81:bf:
+ 7c:c3:54:86:7e:e4:2f:7d:74:74:27:f7:9a:e2:8d:a9:2f:7c:
+ 82:31:41:f1:cb:48:a0:05:00:26:3d:a4:6b:27:43:4c:3f:6f:
+ 2f:41:2e:ee:ba:0d:8f:39:42:0d:2d:76:00:12:4c:f9:49:2d:
+ 7f:ed
-----BEGIN CERTIFICATE-----
MIID8jCCA1ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0y
-MjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3NDlaMIGVMQswCQYDVQQGEwJVUzEQMA4G
+MzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5MjhaMIGVMQswCQYDVQQGEwJVUzEQMA4G
A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT
TDEVMBMGA1UECwwMU3VwcG9ydF8xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcN
@@ -62,23 +62,23 @@ A1UdIwSB0TCBzoAU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+kgZwwgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYD
VQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQD
DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b22CFA51OzmtH1PRhTsFOxFiT9x7EXIRMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUw
+b22CFFxEK7/TqCrY/VTJzap/99RZB6rdMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUw
E4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
-BwMCMA0GCSqGSIb3DQEBCwUAA4GBAMCUNA1BowMXBQjZVNmi8OkiWCVQEG3aCS19
-/A3AEzUOln8eOKERl0LfgwcFztbekCKrD21WkAKapc9am5ZmD3HtsnJ65J1hnypF
-uFG5pu7WcyoD9AMybhlucEhrcikwGYcGMNYvGfU5eC8vwkk4Wtg4Bvn+v0Xqe+Z7
-pgu1ugaA
+BwMCMA0GCSqGSIb3DQEBCwUAA4GBADUue1d7ZHBT4IHt9KyzOju6go2iMdnUrNGK
+bTVBFbPoBpHKKvf/KA49zeco8AfAeGKeiD3cmPCMiaccW3c3slU4smBC6AKBv3zD
+VIZ+5C99dHQn95rijakvfIIxQfHLSKAFACY9pGsnQ0w/by9BLu66DY85Qg0tdgAS
+TPlJLX/t
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 0e:75:3b:39:ad:1f:53:d1:85:3b:05:3b:11:62:4f:dc:7b:11:72:11
+ 5c:44:2b:bf:d3:a8:2a:d8:fd:54:c9:cd:aa:7f:f7:d4:59:07:aa:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -100,7 +100,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11
+ serial:5C:44:2B:BF:D3:A8:2A:D8:FD:54:C9:CD:AA:7F:F7:D4:59:07:AA:DD
X509v3 Basic Constraints:
CA:TRUE
@@ -109,20 +109,20 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- b8:80:bf:b2:f5:83:95:51:81:6a:7e:41:87:29:d7:c3:c9:c6:
- 9b:60:e4:65:a1:04:97:1d:1b:3b:e9:27:fa:43:d6:89:6a:3c:
- 9e:bf:28:d1:75:37:21:f3:0d:64:17:b2:a3:2d:83:52:ff:57:
- f0:42:a9:48:aa:d8:84:ea:0d:80:05:71:0a:aa:23:b4:6c:c6:
- d6:7f:13:4a:f4:82:b9:e2:81:ae:46:8c:59:fb:c3:8c:6d:5b:
- f3:32:ec:86:f0:6e:da:2a:78:ab:f2:36:fb:48:fa:74:09:0e:
- 19:c2:bf:eb:cc:fb:a9:05:c1:c9:e1:ab:8b:79:f6:f1:ad:4a:
- 9f:aa
+ 70:7d:83:94:d0:ee:e1:19:8b:17:ca:79:87:12:5b:7f:70:a3:
+ 51:20:4f:21:99:71:69:21:28:55:61:70:85:54:21:a9:70:a2:
+ a9:12:db:44:11:44:e7:41:00:70:80:b5:37:0c:7e:78:8f:88:
+ 64:bc:e5:c0:44:a7:a5:3d:db:62:c4:d6:cd:aa:4b:ac:fb:01:
+ 46:bb:ec:cb:6f:01:67:b4:65:f3:5e:53:39:64:99:9b:68:80:
+ 14:91:a4:a4:eb:04:f3:76:9a:7d:b4:38:05:9c:a5:e0:bc:7e:
+ d9:d2:d3:d4:e8:c3:9f:38:4b:6c:29:94:be:35:bd:30:1f:b5:
+ b7:3d
-----BEGIN CERTIFICATE-----
-MIIECTCCA3KgAwIBAgIUDnU7Oa0fU9GFOwU7EWJP3HsRchEwDQYJKoZIhvcNAQEL
+MIIECTCCA3KgAwIBAgIUXEQrv9OoKtj9VMnNqn/31FkHqt0wDQYJKoZIhvcNAQEL
BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+Zm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCB
mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -134,10 +134,10 @@ Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9
ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx
EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D
b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUDnU7Oa0fU9GFOwU7EWJP3HsRchEw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUXEQrv9OoKtj9VMnNqn/31FkHqt0w
DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAuIC/
-svWDlVGBan5BhynXw8nGm2DkZaEElx0bO+kn+kPWiWo8nr8o0XU3IfMNZBeyoy2D
-Uv9X8EKpSKrYhOoNgAVxCqojtGzG1n8TSvSCueKBrkaMWfvDjG1b8zLshvBu2ip4
-q/I2+0j6dAkOGcK/68z7qQXByeGri3n28a1Kn6o=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAcH2D
+lNDu4RmLF8p5hxJbf3CjUSBPIZlxaSEoVWFwhVQhqXCiqRLbRBFE50EAcIC1Nwx+
+eI+IZLzlwESnpT3bYsTWzapLrPsBRrvsy28BZ7Rl815TOWSZm2iAFJGkpOsE83aa
+fbQ4BZyl4Lx+2dLT1OjDnzhLbCmUvjW9MB+1tz0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/3072/client-cert.der b/extra/wolfssl/wolfssl/certs/3072/client-cert.der
index a3f98ceb..329d03cf 100644
--- a/extra/wolfssl/wolfssl/certs/3072/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/3072/client-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/3072/client-cert.pem b/extra/wolfssl/wolfssl/certs/3072/client-cert.pem
index 27073a84..fbd8d99d 100644
--- a/extra/wolfssl/wolfssl/certs/3072/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/3072/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 03:33:56:6e:5f:e0:69:69:99:6b:eb:d0:eb:47:cf:f2:05:3f:98:15
+ 0b:5c:9f:12:25:90:aa:52:c0:df:e1:e1:1f:ed:a9:31:01:0a:09:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -46,7 +46,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:3D:D1:84:C2:AF:B0:20:49:BC:74:87:41:38:AB:BA:D2:D4:0C:A3:A8
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_3072/OU=Programming-3072/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:03:33:56:6E:5F:E0:69:69:99:6B:EB:D0:EB:47:CF:F2:05:3F:98:15
+ serial:0B:5C:9F:12:25:90:AA:52:C0:DF:E1:E1:1F:ED:A9:31:01:0A:09:8B
X509v3 Basic Constraints:
CA:TRUE
@@ -55,35 +55,35 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- 90:e4:43:8e:be:9d:de:45:4e:df:df:8d:e7:7c:2d:1b:a9:1a:
- ef:90:15:fb:d3:a9:99:a8:5b:d7:f9:b8:95:19:fe:e0:00:09:
- c1:e3:e8:27:82:11:7c:39:23:92:38:45:86:6d:77:c2:83:8c:
- 1a:0f:4b:c5:94:0d:e9:17:28:8c:cf:8f:6d:e9:43:82:0f:31:
- 67:bb:d5:d7:3f:0b:ce:ce:22:f4:a8:5b:84:8d:fd:d2:cb:d6:
- dc:ee:31:f3:e7:26:b7:58:6a:c5:9e:ff:89:5f:f6:70:fb:6b:
- 02:ba:79:6a:9a:12:1b:82:94:1b:02:22:30:7d:74:44:46:25:
- 85:a1:a8:7d:a0:ab:c3:a7:9e:08:a3:d7:5c:42:a2:af:96:42:
- 9c:76:9b:8d:ec:08:68:71:95:92:a5:b9:aa:12:f9:c5:62:ac:
- 8e:4f:df:cc:b7:53:e3:c4:70:74:9b:38:d2:e9:da:3f:ef:c4:
- 55:01:9a:b9:3e:c4:33:e7:33:db:0f:ba:55:84:0f:3c:4c:a5:
- 85:ec:5a:f2:98:75:e0:eb:47:b8:4b:d3:85:63:dc:b0:29:85:
- 51:62:bf:6a:61:9b:40:01:66:0d:72:42:bd:4f:e0:c6:31:a6:
- 06:df:c1:e9:8a:a0:57:c7:4d:4f:e7:c0:45:7f:7f:a7:53:ca:
- 90:1d:70:a8:46:95:99:ef:19:ee:e2:45:35:1a:dc:0d:cb:c3:
- b0:d5:88:8b:b9:9f:b5:ea:c1:fe:5e:7a:c1:83:c8:74:f5:1a:
- 29:52:38:5d:14:ea:17:2d:39:f6:19:16:c4:91:b0:e7:18:36:
- 56:a0:64:75:8d:66:57:48:1b:38:f2:a0:01:b1:44:32:34:a5:
- 0e:bc:28:46:77:ed:65:c1:75:34:f8:06:12:45:1a:70:78:81:
- d1:55:27:cf:ad:b3:d4:5a:97:43:88:02:bb:93:ba:17:42:51:
- 59:52:13:ec:fc:ef:6b:53:f7:f2:41:8a:42:06:56:e2:f4:97:
- d2:22:31:02:2a:47
+ 14:27:57:47:12:a4:78:a2:c9:dc:93:f8:47:ee:f4:fd:66:80:
+ 13:43:9e:de:23:8c:f7:3f:fe:46:9c:85:58:2a:6f:8d:22:92:
+ 8c:d6:36:ca:90:4f:45:c3:ab:78:ca:3c:fe:d0:f5:0f:6d:00:
+ fe:3b:42:b0:86:0b:75:f2:7c:d3:c7:db:0b:70:e8:ec:b7:bf:
+ 26:30:a8:19:67:bd:74:03:cf:d1:08:8e:9c:d5:1b:45:28:b2:
+ 67:8e:3a:a5:27:c9:1b:6a:e9:93:ce:94:c0:00:0c:e8:f1:76:
+ 02:a4:30:72:a8:fd:55:1c:d1:b8:25:f1:62:f6:ba:28:fd:30:
+ b1:11:63:f7:b3:78:54:09:04:c1:66:12:c7:01:ae:99:e3:55:
+ c4:29:bd:1b:1a:da:b9:77:fd:04:db:b1:68:56:35:65:e1:aa:
+ 67:c8:ac:be:e5:f8:27:fb:b4:51:4f:38:e5:de:09:a6:81:a9:
+ ef:dc:d6:4a:96:47:b8:38:14:f8:25:5d:ac:f3:e5:3b:f2:1b:
+ 70:32:3b:2d:fa:20:ca:2e:a5:ca:13:9d:84:d2:d4:35:16:58:
+ 6e:52:5e:09:61:83:c2:e2:56:2c:ab:52:bf:54:dc:bd:f3:bf:
+ a7:16:6e:0e:ca:68:54:d1:5c:4d:06:7a:93:47:1c:cc:a9:66:
+ da:69:0f:f9:1f:25:64:29:40:97:50:3b:cf:0c:50:9b:4d:ff:
+ 60:bc:d3:e4:a0:b7:64:c6:66:2a:f6:02:e2:3f:92:31:3b:d7:
+ ea:1a:c3:1a:0c:19:88:ab:5f:74:b7:9d:7b:8d:4d:3a:84:43:
+ f2:67:b1:be:a0:9e:fd:3d:aa:c1:38:1a:df:ac:30:fe:63:69:
+ af:d6:f2:21:63:11:63:29:ac:63:9e:9f:9f:c4:53:b3:db:78:
+ c0:2d:79:68:1f:d2:d1:36:d1:fb:e3:c0:a7:31:eb:15:63:99:
+ 0b:93:9d:87:c7:fe:56:5d:fc:e7:29:2a:9e:15:be:ef:54:e7:
+ 0f:6d:9b:36:b6:17
-----BEGIN CERTIFICATE-----
-MIIGHTCCBIWgAwIBAgIUAzNWbl/gaWmZa+vQ60fP8gU/mBUwDQYJKoZIhvcNAQEL
+MIIGHTCCBIWgAwIBAgIUC1yfEiWQqlLA3+HhH+2pMQEKCYswDQYJKoZIhvcNAQEL
BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1t
aW5nLTMwNzIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFt
bWluZy0zMDcyMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK
@@ -100,15 +100,15 @@ qDCB3gYDVR0jBIHWMIHTgBQ90YTCr7AgSbx0h0E4q7rS1AyjqKGBpKSBoTCBnjEL
MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
FTATBgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3
MjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tghQDM1ZuX+BpaZlr69DrR8/yBT+YFTAMBgNVHRMEBTADAQH/
+QHdvbGZzc2wuY29tghQLXJ8SJZCqUsDf4eEf7akxAQoJizAMBgNVHRMEBTADAQH/
MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAYEAkORDjr6d3kVO39+N53wt
-G6ka75AV+9Opmahb1/m4lRn+4AAJwePoJ4IRfDkjkjhFhm13woOMGg9LxZQN6Rco
-jM+PbelDgg8xZ7vV1z8Lzs4i9KhbhI390svW3O4x8+cmt1hqxZ7/iV/2cPtrArp5
-apoSG4KUGwIiMH10REYlhaGofaCrw6eeCKPXXEKir5ZCnHabjewIaHGVkqW5qhL5
-xWKsjk/fzLdT48RwdJs40unaP+/EVQGauT7EM+cz2w+6VYQPPEylhexa8ph14OtH
-uEvThWPcsCmFUWK/amGbQAFmDXJCvU/gxjGmBt/B6YqgV8dNT+fARX9/p1PKkB1w
-qEaVme8Z7uJFNRrcDcvDsNWIi7mfterB/l56wYPIdPUaKVI4XRTqFy059hkWxJGw
-5xg2VqBkdY1mV0gbOPKgAbFEMjSlDrwoRnftZcF1NPgGEkUacHiB0VUnz62z1FqX
-Q4gCu5O6F0JRWVIT7Pzva1P38kGKQgZW4vSX0iIxAipH
+BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAYEAFCdXRxKkeKLJ3JP4R+70
+/WaAE0Oe3iOM9z/+RpyFWCpvjSKSjNY2ypBPRcOreMo8/tD1D20A/jtCsIYLdfJ8
+08fbC3Do7Le/JjCoGWe9dAPP0QiOnNUbRSiyZ446pSfJG2rpk86UwAAM6PF2AqQw
+cqj9VRzRuCXxYva6KP0wsRFj97N4VAkEwWYSxwGumeNVxCm9GxrauXf9BNuxaFY1
+ZeGqZ8isvuX4J/u0UU845d4JpoGp79zWSpZHuDgU+CVdrPPlO/IbcDI7Lfogyi6l
+yhOdhNLUNRZYblJeCWGDwuJWLKtSv1TcvfO/pxZuDspoVNFcTQZ6k0cczKlm2mkP
++R8lZClAl1A7zwxQm03/YLzT5KC3ZMZmKvYC4j+SMTvX6hrDGgwZiKtfdLede41N
+OoRD8mexvqCe/T2qwTga36ww/mNpr9byIWMRYymsY56fn8RTs9t4wC15aB/S0TbR
+++PApzHrFWOZC5Odh8f+Vl385ykqnhW+71TnD22bNrYX
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/4096/client-cert.der b/extra/wolfssl/wolfssl/certs/4096/client-cert.der
index 832d51e4..5a5a7eef 100644
--- a/extra/wolfssl/wolfssl/certs/4096/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/4096/client-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/4096/client-cert.pem b/extra/wolfssl/wolfssl/certs/4096/client-cert.pem
index a2ee770d..e5739800 100644
--- a/extra/wolfssl/wolfssl/certs/4096/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/4096/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 31:fe:22:af:75:2f:dc:63:bd:e4:94:f2:94:38:c3:0d:7d:9a:d1
+ 2f:36:54:05:64:52:dd:0e:75:75:33:7c:b2:ce:9f:5c:48:9b:ab:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_4096, OU = Programming-4096, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_4096, OU = Programming-4096, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -55,7 +55,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:FA:54:89:67:E5:5F:B7:31:40:EA:FD:E7:F6:A3:C6:5A:56:16:A5:6E
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_4096/OU=Programming-4096/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:31:FE:22:AF:75:2F:DC:63:BD:E4:94:F2:94:38:C3:0D:7D:9A:D1
+ serial:2F:36:54:05:64:52:DD:0E:75:75:33:7C:B2:CE:9F:5C:48:9B:AB:0E
X509v3 Basic Constraints:
CA:TRUE
@@ -64,72 +64,73 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- dd:6b:7f:ca:dc:80:e0:6d:e2:5f:6c:32:01:2f:8f:3a:e9:41:
- 5f:35:c6:bb:a9:a5:84:57:ee:a4:21:4f:b3:b9:ae:24:dc:d1:
- 80:30:7a:2a:7f:7e:fc:6c:be:50:d3:5a:51:2d:e6:fd:15:db:
- 9d:ff:fa:ca:c0:cf:be:97:59:d0:83:20:ce:3a:d8:10:fe:41:
- d5:a9:6b:19:e2:9f:28:fe:c0:21:75:47:46:94:31:6a:c4:c4:
- 52:3b:02:73:c4:47:2a:b5:ce:65:6d:58:c7:fa:3e:0a:6f:e1:
- a8:a1:3b:33:8a:6f:ca:4a:ef:52:88:09:ca:b2:f2:1d:3d:69:
- f5:5b:80:4f:29:66:b1:25:c7:eb:d1:bb:df:cf:91:c8:ce:58:
- 3b:9d:10:5b:8e:55:93:5a:32:ed:0b:c7:7f:c8:f5:f2:7f:0a:
- ce:ad:bb:db:43:2a:92:f6:f2:a0:34:8e:7c:22:4a:5a:f9:84:
- b0:88:e3:a4:2a:bf:23:3a:ec:aa:32:77:c9:ab:bc:4b:bb:82:
- bc:c0:07:e6:fc:cf:33:72:8f:b2:4e:da:2b:7e:08:44:72:2b:
- a0:c7:3a:7e:6f:b4:31:b1:3a:34:c3:5c:be:9c:85:d8:82:99:
- 35:92:b4:b4:31:24:31:df:fb:17:db:1d:3b:a7:d1:e2:a4:44:
- c7:3f:6b:17:1c:32:cc:f9:48:f0:c0:38:45:e8:f5:84:6c:59:
- 29:5a:ec:38:43:10:97:67:76:b5:60:b7:8c:42:11:44:9a:62:
- 87:db:02:aa:e7:1e:ec:9f:6b:7f:c5:fa:9e:03:80:73:74:20:
- e9:7a:e1:3f:49:41:bb:c4:9a:70:14:a1:13:2a:90:ef:06:cc:
- 9d:ba:32:94:8c:a9:95:45:a4:89:04:d2:68:b9:13:fd:73:43:
- ea:c5:ee:7f:00:75:f0:ca:4d:91:d3:04:72:e6:af:c8:ad:43:
- 11:70:36:45:aa:b5:46:a6:bf:ac:6c:20:86:3e:5e:66:a5:15:
- 6a:a2:58:e6:6f:e8:ae:b4:1d:67:da:18:d6:ad:de:11:9c:f3:
- d1:a4:06:3f:d5:01:fd:3d:b8:fd:14:0f:1a:e8:7e:b4:a3:2b:
- 8b:52:4c:71:72:5e:7c:9e:23:ff:50:83:7d:5b:ec:60:d5:ad:
- a5:44:0b:dd:66:cc:a5:f8:0c:65:db:b2:76:1e:1c:01:87:cb:
- 1c:76:17:5d:12:cd:28:dc:20:e0:3a:c8:65:fe:dd:e3:bc:6a:
- 8b:24:6b:86:a7:2d:bc:4f:26:3f:d7:3f:04:bf:a4:5d:06:52:
- b5:e4:fd:85:b0:2c:52:ac:99:49:ef:56:76:2a:7c:e3:d8:8e:
- e4:eb:b2:db:c1:54:20:64
+ c2:72:38:27:f0:5c:45:04:4b:09:0e:5d:98:6e:38:6a:bc:fb:
+ a8:85:4f:f2:04:38:63:4f:86:4f:3c:f5:fd:f8:cd:89:09:76:
+ 72:47:97:df:f8:17:6a:81:3a:b2:b4:fc:ac:e9:fc:e2:47:9b:
+ 07:6d:9c:53:ed:d8:64:bc:6c:4d:a9:bd:3e:5e:cd:61:bc:8e:
+ 82:20:b2:50:bc:9e:72:e6:9f:40:ff:6c:4b:38:f8:4b:82:0f:
+ 7e:49:cd:45:5c:cd:44:de:47:25:b3:57:d0:1a:0d:8d:4d:c7:
+ ea:23:fa:03:e8:86:d8:37:89:84:2e:e8:53:7a:77:be:94:ec:
+ 70:e7:c4:7b:8f:6f:28:67:33:89:ec:c9:df:98:6d:4a:d9:c6:
+ 7b:d3:b5:82:d0:8a:ce:8f:06:bf:a2:f7:de:4a:45:22:6f:ff:
+ 41:6f:08:f5:c3:65:25:27:fb:43:3e:cc:25:0a:d3:3d:d2:34:
+ 9f:89:6b:e2:97:9c:42:d9:3e:64:03:45:5f:07:95:ed:1a:70:
+ 6a:be:3e:7f:7f:16:be:47:a6:6d:3b:0d:27:b3:89:b1:f1:f6:
+ ce:99:71:18:b6:c0:c5:9e:76:7a:8e:fb:4a:be:4f:cd:bc:21:
+ a9:4e:9c:fc:48:86:ff:e4:63:14:96:3a:eb:c8:48:ae:27:bd:
+ 43:0c:27:85:e1:25:1a:69:48:6c:e7:11:f8:f3:68:9d:ee:15:
+ 1a:be:ad:46:33:24:3d:be:b8:0e:6e:4d:ef:12:b6:ae:1b:88:
+ bd:0e:a6:ff:91:08:dc:ed:af:fa:13:2b:f2:b4:2c:ea:72:c2:
+ 85:d6:ee:64:09:e1:4e:1a:5a:bd:c2:44:c2:95:82:59:0a:d8:
+ 27:bc:48:4a:8a:a3:c3:77:ac:92:b6:8b:0b:13:e2:87:ec:21:
+ 7e:7e:52:29:51:5c:59:e1:c8:db:05:ce:9e:f4:36:d8:63:42:
+ 45:71:9a:ee:0e:24:b0:ba:a5:a5:aa:c9:ee:9e:a3:e3:e9:7f:
+ c6:64:6c:9e:65:78:88:f2:61:6f:d3:3b:9e:0d:16:fa:ad:c2:
+ 58:ac:bc:14:b1:f7:6f:db:b9:7e:79:81:f1:f8:e9:41:5b:fe:
+ d9:e2:89:86:5c:01:03:5d:0c:d9:a9:d6:df:4b:26:5c:ae:e6:
+ df:b5:c9:f0:86:ca:7b:80:db:6a:86:fd:a9:00:46:32:39:5a:
+ 72:c4:67:20:db:d8:7a:5d:2d:78:b9:a7:de:7f:f4:7a:5b:0f:
+ 38:b0:9e:1a:ae:c5:cc:ff:61:5e:ec:f1:0d:f7:0a:22:bb:cb:
+ 08:2b:91:58:77:1f:90:2b:a3:78:be:ef:4d:d8:8d:e8:f7:31:
+ f8:92:84:e5:b2:2a:e8:3a
-----BEGIN CERTIFICATE-----
-MIIHGzCCBQOgAwIBAgITMf4ir3Uv3GO95JTylDjDDX2a0TANBgkqhkiG9w0BAQsF
-ADCBnjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
-emVtYW4xFTATBgNVBAoMDHdvbGZTU0xfNDA5NjEZMBcGA1UECwwQUHJvZ3JhbW1p
-bmctNDA5NjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
-FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0
-OVowgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+MIIHHTCCBQWgAwIBAgIULzZUBWRS3Q51dTN8ss6fXEibqw4wDQYJKoZIhvcNAQEL
+BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzQwOTYxGTAXBgNVBAsMEFByb2dyYW1t
aW5nLTQwOTYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAPXQMeRxWVizB1DdFnn8xpVQ/EYOVxKGcY3jm0oz6k/ZFxNtSGnfWREIAp2v
-K8cwvgzch9RaEgkjXeF2WmI3RnTvAwW7Hm0pdWwunYcNj4fLFJWbvhdrUdFM2teR
-ZsU26+AHGnZNsPvB9V4F27rLJdmZExzANdxA6TbNxNV6QXAPNuulThcF1XUbZGJ6
-Pw0oSGrjrJyoj+nt980koLGgA6zjA/U/0Zb/Kn4IsdPgGBTsZTdQQ8JqjPRb/sTL
-jT+BAvfC3eTBjoAMBCUtgFouDyI1SvSF7VHYq22PojskAG6B4h521qwxEtvzjgeh
-3olKOWB3xarxUeYG8ZVWKuGOkjCf/lhErEby/Zr8qB2h01U3Sov8nDP4p2FIQXyc
-dz/1gCN9Q7TViArJdddEGU13bAsKSaocL9ZaRKZHTeU2lkCZLFYmsfKSMVnXLNS0
-IdZlEws++/8E67mFudjYKE9cF5ajUb7+fQsbSEAldpTcQfu/c3ba67Ni58HIVGqT
-4Y0x6D4+37yHAjAiV8TgGHrTruQCm6q9TklHcumNEy1UmwCnkWFxycxIT+7fXhsa
-32fTIOZERZh+5w5jFoPJJl2QweUqXEVUE7KBGAYgLi5mWrV7btYMTokBVnC7rt7p
-mV7RuTq3bBe2A6kI3Zz0FMnJWTly1H4CNzHNDqc9+PLPaxWrAgMBAAGjggFOMIIB
-SjAdBgNVHQ4EFgQU+lSJZ+VftzFA6v3n9qPGWlYWpW4wgd0GA1UdIwSB1TCB0oAU
-+lSJZ+VftzFA6v3n9qPGWlYWpW6hgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYD
-VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NM
-XzQwOTYxGTAXBgNVBAsMEFByb2dyYW1taW5nLTQwOTYxGDAWBgNVBAMMD3d3dy53
-b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYITMf4i
-r3Uv3GO95JTylDjDDX2a0TAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1w
-bGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkq
-hkiG9w0BAQsFAAOCAgEA3Wt/ytyA4G3iX2wyAS+POulBXzXGu6mlhFfupCFPs7mu
-JNzRgDB6Kn9+/Gy+UNNaUS3m/RXbnf/6ysDPvpdZ0IMgzjrYEP5B1alrGeKfKP7A
-IXVHRpQxasTEUjsCc8RHKrXOZW1Yx/o+Cm/hqKE7M4pvykrvUogJyrLyHT1p9VuA
-TylmsSXH69G738+RyM5YO50QW45Vk1oy7QvHf8j18n8Kzq2720MqkvbyoDSOfCJK
-WvmEsIjjpCq/IzrsqjJ3yau8S7uCvMAH5vzPM3KPsk7aK34IRHIroMc6fm+0MbE6
-NMNcvpyF2IKZNZK0tDEkMd/7F9sdO6fR4qRExz9rFxwyzPlI8MA4Rej1hGxZKVrs
-OEMQl2d2tWC3jEIRRJpih9sCquce7J9rf8X6ngOAc3Qg6XrhP0lBu8SacBShEyqQ
-7wbMnboylIyplUWkiQTSaLkT/XND6sXufwB18MpNkdMEcuavyK1DEXA2Raq1Rqa/
-rGwghj5eZqUVaqJY5m/orrQdZ9oY1q3eEZzz0aQGP9UB/T24/RQPGuh+tKMri1JM
-cXJefJ4j/1CDfVvsYNWtpUQL3WbMpfgMZduydh4cAYfLHHYXXRLNKNwg4DrIZf7d
-47xqiyRrhqctvE8mP9c/BL+kXQZSteT9hbAsUqyZSe9Wdip849iO5Ouy28FUIGQ=
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF80MDk2MRkwFwYDVQQLDBBQcm9ncmFt
+bWluZy00MDk2MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
+CQEWEGluZm9Ad29sZnNzbC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQD10DHkcVlYswdQ3RZ5/MaVUPxGDlcShnGN45tKM+pP2RcTbUhp31kRCAKd
+ryvHML4M3IfUWhIJI13hdlpiN0Z07wMFux5tKXVsLp2HDY+HyxSVm74Xa1HRTNrX
+kWbFNuvgBxp2TbD7wfVeBdu6yyXZmRMcwDXcQOk2zcTVekFwDzbrpU4XBdV1G2Ri
+ej8NKEhq46ycqI/p7ffNJKCxoAOs4wP1P9GW/yp+CLHT4BgU7GU3UEPCaoz0W/7E
+y40/gQL3wt3kwY6ADAQlLYBaLg8iNUr0he1R2Kttj6I7JABugeIedtasMRLb844H
+od6JSjlgd8Wq8VHmBvGVVirhjpIwn/5YRKxG8v2a/KgdodNVN0qL/Jwz+KdhSEF8
+nHc/9YAjfUO01YgKyXXXRBlNd2wLCkmqHC/WWkSmR03lNpZAmSxWJrHykjFZ1yzU
+tCHWZRMLPvv/BOu5hbnY2ChPXBeWo1G+/n0LG0hAJXaU3EH7v3N22uuzYufByFRq
+k+GNMeg+Pt+8hwIwIlfE4Bh6067kApuqvU5JR3LpjRMtVJsAp5FhccnMSE/u314b
+Gt9n0yDmREWYfucOYxaDySZdkMHlKlxFVBOygRgGIC4uZlq1e27WDE6JAVZwu67e
+6Zle0bk6t2wXtgOpCN2c9BTJyVk5ctR+AjcxzQ6nPfjyz2sVqwIDAQABo4IBTzCC
+AUswHQYDVR0OBBYEFPpUiWflX7cxQOr95/ajxlpWFqVuMIHeBgNVHSMEgdYwgdOA
+FPpUiWflX7cxQOr95/ajxlpWFqVuoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4G
+A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNT
+TF80MDk2MRkwFwYDVQQLDBBQcm9ncmFtbWluZy00MDk2MRgwFgYDVQQDDA93d3cu
+d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFC82
+VAVkUt0OdXUzfLLOn1xIm6sOMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhh
+bXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0G
+CSqGSIb3DQEBCwUAA4ICAQDCcjgn8FxFBEsJDl2YbjhqvPuohU/yBDhjT4ZPPPX9
++M2JCXZyR5ff+BdqgTqytPys6fziR5sHbZxT7dhkvGxNqb0+Xs1hvI6CILJQvJ5y
+5p9A/2xLOPhLgg9+Sc1FXM1E3kcls1fQGg2NTcfqI/oD6IbYN4mELuhTene+lOxw
+58R7j28oZzOJ7MnfmG1K2cZ707WC0IrOjwa/ovfeSkUib/9Bbwj1w2UlJ/tDPswl
+CtM90jSfiWvil5xC2T5kA0VfB5XtGnBqvj5/fxa+R6ZtOw0ns4mx8fbOmXEYtsDF
+nnZ6jvtKvk/NvCGpTpz8SIb/5GMUljrryEiuJ71DDCeF4SUaaUhs5xH482id7hUa
+vq1GMyQ9vrgObk3vErauG4i9Dqb/kQjc7a/6EyvytCzqcsKF1u5kCeFOGlq9wkTC
+lYJZCtgnvEhKiqPDd6yStosLE+KH7CF+flIpUVxZ4cjbBc6e9DbYY0JFcZruDiSw
+uqWlqsnunqPj6X/GZGyeZXiI8mFv0zueDRb6rcJYrLwUsfdv27l+eYHx+OlBW/7Z
+4omGXAEDXQzZqdbfSyZcrubftcnwhsp7gNtqhv2pAEYyOVpyxGcg29h6XS14uafe
+f/R6Ww84sJ4arsXM/2Fe7PEN9woiu8sIK5FYdx+QK6N4vu9N2I3o9zH4koTlsiro
+Og==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ca-cert-chain.der b/extra/wolfssl/wolfssl/certs/ca-cert-chain.der
index 39a0ced3..199c049e 100644
--- a/extra/wolfssl/wolfssl/certs/ca-cert-chain.der
+++ b/extra/wolfssl/wolfssl/certs/ca-cert-chain.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ca-cert.der b/extra/wolfssl/wolfssl/certs/ca-cert.der
index 1cf7e365..bdb2f876 100644
--- a/extra/wolfssl/wolfssl/certs/ca-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ca-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ca-cert.pem b/extra/wolfssl/wolfssl/certs/ca-cert.pem
index 58688a0e..33d90791 100644
--- a/extra/wolfssl/wolfssl/certs/ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ca-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+ 33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -47,27 +47,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
- d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
- 03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
- 75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
- 1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
- ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
- 3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
- 6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
- 11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
- 51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
- b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
- 55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
- b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
- 86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
- d4:b8:9a:2c
+ 2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+ 14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+ ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+ df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+ 06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+ c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+ a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+ f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+ 46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+ 38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+ b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+ b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+ 6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+ d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+ b9:a2:fe:35
-----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -82,12 +82,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der
index c1c874f7..bc9abe25 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem
index e4e4c7c5..d088d30a 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 65:67:42:4c:06:e7:e4:c3:68:01:a9:94:a9:07:e6:fe:bd:2c:d6:3d
+ 0f:17:46:70:fd:c2:70:d1:f9:42:49:9c:1a:c3:5d:dd:30:c8:5f:85
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -31,16 +31,16 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
- 30:46:02:21:00:b0:12:16:03:26:79:d4:6b:94:d9:7e:ca:e1:
- 2d:24:64:ef:11:6e:f2:12:81:e4:ce:1d:77:7d:ca:5c:47:50:
- 62:02:21:00:80:bf:46:3c:5d:d8:e5:ab:47:ce:a2:19:bd:21:
- de:85:6f:ab:c9:8f:01:f3:ab:1b:b9:e1:53:d6:24:77:a6:4d
+ 30:45:02:21:00:c8:64:7f:ee:4b:be:83:48:13:ea:92:f8:1a:
+ 82:1e:85:b1:5a:a4:1c:e3:e8:ea:25:44:6f:e7:70:fd:eb:f3:
+ 76:02:20:44:02:a2:ec:c5:a1:ae:e2:a4:8a:d9:13:95:2b:a6:
+ 5b:09:57:86:61:42:96:97:f0:95:62:0c:03:e6:53:04:25
-----BEGIN CERTIFICATE-----
-MIICljCCAjugAwIBAgIUZWdCTAbn5MNoAamUqQfm/r0s1j0wCgYIKoZIzj0EAwIw
+MIIClTCCAjugAwIBAgIUDxdGcP3CcNH5QkmcGsNd3TDIX4UwCgYIKoZIzj0EAwIw
gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZcxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -48,6 +48,6 @@ Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAtPZbtYBjkXIuZAx5cBM456t
KTiYuhDW6QkqgKkuFyq5ir8zg0bjlQvkd0C1O0NFMw9hU3w3RMHL/IDK6EPqp6Nj
MGEwHQYDVR0OBBYEFFaOmsPwQt4YuUVVbvmTz+rD86UhMB8GA1UdIwQYMBaAFFaO
msPwQt4YuUVVbvmTz+rD86UhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgGGMAoGCCqGSM49BAMCA0kAMEYCIQCwEhYDJnnUa5TZfsrhLSRk7xFu8hKB5M4d
-d33KXEdQYgIhAIC/Rjxd2OWrR86iGb0h3oVvq8mPAfOrG7nhU9Ykd6ZN
+AgGGMAoGCCqGSM49BAMCA0gAMEUCIQDIZH/uS76DSBPqkvgagh6FsVqkHOPo6iVE
+b+dw/evzdgIgRAKi7MWhruKkitkTlSumWwlXhmFClpfwlWIMA+ZTBCU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der
index a159e8a6..6897c683 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem
index 112ff080..a103a367 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 0a:f8:c7:ee:86:55:2f:18:21:bf:88:49:50:03:5a:fc:2d:93:31:0a
+ 2e:ea:f0:11:40:1e:ad:fa:a7:85:68:65:7a:25:2b:13:b7:61:d7:80
Signature Algorithm: ecdsa-with-SHA384
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -33,18 +33,18 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA384
- 30:64:02:30:03:31:8c:d3:04:f5:b2:bf:bd:a2:27:6a:ff:dd:
- 7f:bd:88:d5:3e:09:9a:cf:da:79:95:6b:32:6f:fa:98:d8:48:
- 8b:99:91:fe:39:9e:7b:35:2c:78:32:ba:a3:0b:65:1c:02:30:
- 3e:6a:10:8c:57:47:85:73:3c:eb:2a:02:b2:27:62:1f:44:52:
- 2b:b1:34:3f:9c:78:70:0a:59:01:3e:ad:c0:08:bc:d5:d1:a6:
- c0:dd:2c:8b:2a:8b:f4:04:ad:d3:01:e6
+ 30:65:02:31:00:bd:2e:67:71:54:be:b8:5e:29:19:d3:18:f7:
+ e1:ae:79:f0:cc:09:c3:91:c0:81:ab:d7:b7:21:f8:4f:da:bc:
+ ad:0e:fc:3d:54:32:21:3a:67:c5:26:35:e9:33:b2:58:d2:02:
+ 30:64:2f:fb:10:d0:65:b5:ac:bb:b3:41:64:24:eb:0a:6b:ae:
+ a4:ed:3e:c8:62:81:45:97:92:ad:61:eb:69:54:ce:42:83:bb:
+ 68:23:20:f7:b2:5a:55:0c:d4:e6:13:42:61
-----BEGIN CERTIFICATE-----
-MIIC0TCCAligAwIBAgIUCvjH7oZVLxghv4hJUANa/C2TMQowCgYIKoZIzj0EAwMw
+MIIC0jCCAligAwIBAgIULurwEUAerfqnhWhleiUrE7dh14AwCgYIKoZIzj0EAwMw
gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZcxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -52,8 +52,8 @@ Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE7oLUOZqxJ4L01+rGvAMdTYNh9AOu
fr3YWqW58I6ipdrOhztaq0QWnPWfYt32IM2cdjxAsT+XF99Z9s3ezUY1wO1eLki2
ZpFxdLcMP7mat4O9kz9fUC1wP941JeGQO4bgo2MwYTAdBgNVHQ4EFgQUq+DDJkwY
1HK70oSMnAoFkoASU1IwHwYDVR0jBBgwFoAUq+DDJkwY1HK70oSMnAoFkoASU1Iw
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDZwAw
-ZAIwAzGM0wT1sr+9oidq/91/vYjVPgmaz9p5lWsyb/qY2EiLmZH+OZ57NSx4Mrqj
-C2UcAjA+ahCMV0eFczzrKgKyJ2IfRFIrsTQ/nHhwClkBPq3ACLzV0abA3SyLKov0
-BK3TAeY=
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaAAw
+ZQIxAL0uZ3FUvrheKRnTGPfhrnnwzAnDkcCBq9e3IfhP2rytDvw9VDIhOmfFJjXp
+M7JY0gIwZC/7ENBltay7s0FkJOsKa66k7T7IYoFFl5KtYetpVM5Cg7toIyD3slpV
+DNTmE0Jh
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem b/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem
index 657abd66..6393b355 100644
--- a/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem
+++ b/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem
@@ -2,16 +2,16 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 69:47:62:4d:e0:35:e0:a0:bb:c5:b4:2d:33:e4:05:d1:02:16:bc:81
+ 5a:3e:54:33:b4:88:fe:ad:22:40:07:62:9b:28:b1:56:7b:af:a6:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = ABSOLUTE_URN, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Mar 16 21:46:10 2023 GMT
- Not After : Dec 10 21:46:10 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = ABSOLUTE_URN, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- Public-Key: (2048 bit)
+ RSA Public-Key: (2048 bit)
Modulus:
00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
@@ -38,34 +38,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=ABSOLUTE_URN/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:69:47:62:4D:E0:35:E0:A0:BB:C5:B4:2D:33:E4:05:D1:02:16:BC:81
+ serial:5A:3E:54:33:B4:88:FE:AD:22:40:07:62:9B:28:B1:56:7B:AF:A6:EB
+
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
URI:urn:example:test
Signature Algorithm: sha256WithRSAEncryption
- Signature Value:
- 79:d1:97:51:a7:36:84:1b:35:b0:e0:e9:00:b4:af:8c:d1:1f:
- 8e:d0:db:37:9f:fe:7e:93:d0:0a:55:34:a3:70:8d:f0:de:84:
- 3a:94:f0:e1:a8:6c:4b:9c:fc:19:84:aa:d9:80:81:71:10:a6:
- 73:80:60:7b:9b:0a:4b:df:e9:85:c2:f5:03:1a:54:99:4d:21:
- 88:aa:f7:8f:fc:39:6e:a6:2e:70:39:57:0c:f2:8d:04:ec:54:
- f7:18:f7:4c:86:e8:34:a6:63:7c:c0:d3:d5:99:44:38:64:30:
- 0c:c6:cc:0a:a4:8e:4c:dd:9b:c4:12:11:f9:04:c5:a9:f5:db:
- 9a:bb:39:29:cf:cd:b0:ab:1e:9a:5b:90:56:30:6f:01:75:87:
- c8:ce:df:2a:43:db:5d:6c:1c:52:3b:69:23:d4:2d:8a:c5:90:
- 9f:f9:06:c1:df:d0:7e:28:52:2d:2b:ec:5d:d2:a0:5c:e3:7f:
- 18:cc:65:8a:8a:c2:1e:8b:c7:8e:2c:05:19:49:72:f4:3e:43:
- d8:43:9f:b5:fa:53:8b:b1:f7:9c:c5:a4:8e:db:7c:da:05:0c:
- cc:e2:7f:42:4b:8f:90:49:98:73:b0:96:1a:98:33:d4:18:7e:
- 0d:89:55:70:9f:51:6b:8e:91:27:32:55:38:e7:5b:99:71:15:
- 5e:a1:10:38
+ 28:ec:66:1b:7e:f7:62:fe:44:8e:b3:65:0a:9c:10:d3:c3:72:
+ a1:97:85:1d:5a:1c:de:74:1f:28:63:18:f6:28:d0:d1:8e:55:
+ c3:98:7d:c2:21:a8:a2:6f:7e:9a:98:dd:2f:2c:ab:51:69:9b:
+ 27:1f:04:9e:01:22:ce:fb:3a:a6:c6:37:27:c7:0f:11:93:f8:
+ 74:9c:18:88:2a:f7:d4:50:da:fc:54:00:f8:5e:57:08:52:fb:
+ 47:48:d0:a3:7d:9f:3e:87:09:b4:4f:07:c7:46:89:e3:52:a5:
+ d9:a8:e9:04:51:58:99:ef:61:9c:51:f4:98:fe:89:fa:d0:1a:
+ bd:9f:63:81:e2:9a:f3:67:17:6d:df:8c:be:34:e8:c2:96:a2:
+ fc:28:e7:5a:23:fe:c1:02:c8:af:bd:db:4a:d0:8c:28:fd:c9:
+ a3:1c:1e:ab:ca:e6:d3:90:b7:25:c5:29:04:b9:76:08:f2:f1:
+ 14:e5:e7:8a:30:06:0b:bc:5d:30:4f:b0:12:3b:93:d7:99:a2:
+ de:57:0f:85:b8:c8:47:ee:dc:5b:6a:71:b7:7e:85:a1:fd:9d:
+ 3a:d2:fa:2b:0f:7c:51:8c:d9:ef:9e:37:c9:3a:4a:75:85:b1:
+ 16:ef:f9:cc:48:b4:15:8e:08:5f:ea:82:5b:32:07:a9:56:d4:
+ 76:5e:bc:a4
-----BEGIN CERTIFICATE-----
-MIIE7jCCA9agAwIBAgIUaUdiTeA14KC7xbQtM+QF0QIWvIEwDQYJKoZIhvcNAQEL
+MIIE7jCCA9agAwIBAgIUWj5UM7SI/q0iQAdimyixVnuvpuswDQYJKoZIhvcNAQEL
BQAwgZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDEFCU09MVVRF
X1VSTjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBp
-bmZvQHdvbGZzc2wuY29tMB4XDTIzMDMxNjIxNDYxMFoXDTI1MTIxMDIxNDYxMFow
+bmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFow
gZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDEFCU09MVVRFX1VS
TjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
@@ -80,12 +80,12 @@ cCeRxybXhWXAMIHaBgNVHSMEgdIwgc+AFDPYRWbXaIcYflQNcCeRxybXhWXAoYGg
pIGdMIGaMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRUwEwYDVQQLDAxBQlNPTFVU
RV9VUk4xGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
-aW5mb0B3b2xmc3NsLmNvbYIUaUdiTeA14KC7xbQtM+QF0QIWvIEwCQYDVR0TBAIw
+aW5mb0B3b2xmc3NsLmNvbYIUWj5UM7SI/q0iQAdimyixVnuvpuswCQYDVR0TBAIw
ADAbBgNVHREEFDAShhB1cm46ZXhhbXBsZTp0ZXN0MA0GCSqGSIb3DQEBCwUAA4IB
-AQB50ZdRpzaEGzWw4OkAtK+M0R+O0Ns3n/5+k9AKVTSjcI3w3oQ6lPDhqGxLnPwZ
-hKrZgIFxEKZzgGB7mwpL3+mFwvUDGlSZTSGIqveP/Dlupi5wOVcM8o0E7FT3GPdM
-hug0pmN8wNPVmUQ4ZDAMxswKpI5M3ZvEEhH5BMWp9duauzkpz82wqx6aW5BWMG8B
-dYfIzt8qQ9tdbBxSO2kj1C2KxZCf+QbB39B+KFItK+xd0qBc438YzGWKisIei8eO
-LAUZSXL0PkPYQ5+1+lOLsfecxaSO23zaBQzM4n9CS4+QSZhzsJYamDPUGH4NiVVw
-n1FrjpEnMlU451uZcRVeoRA4
+AQAo7GYbfvdi/kSOs2UKnBDTw3Khl4UdWhzedB8oYxj2KNDRjlXDmH3CIaiib36a
+mN0vLKtRaZsnHwSeASLO+zqmxjcnxw8Rk/h0nBiIKvfUUNr8VAD4XlcIUvtHSNCj
+fZ8+hwm0TwfHRonjUqXZqOkEUViZ72GcUfSY/on60Bq9n2OB4przZxdt34y+NOjC
+lqL8KOdaI/7BAsivvdtK0Iwo/cmjHB6ryubTkLclxSkEuXYI8vEU5eeKMAYLvF0w
+T7ASO5PXmaLeVw+FuMhH7txbanG3foWh/Z060vorD3xRjNnvnjfJOkp1hbEW7/nM
+SLQVjghf6oJbMgepVtR2Xryk
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-ca.pem b/extra/wolfssl/wolfssl/certs/client-ca.pem
index d2b067df..f670cb41 100644
--- a/extra/wolfssl/wolfssl/certs/client-ca.pem
+++ b/extra/wolfssl/wolfssl/certs/client-ca.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 73:fb:54:d6:03:7d:4c:07:84:e2:00:11:8c:dd:90:dc:48:8d:ea:53
+ 08:b0:54:7a:03:5a:ec:55:8a:12:e8:f9:8e:34:b6:13:d9:59:b8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:73:FB:54:D6:03:7D:4C:07:84:E2:00:11:8C:DD:90:DC:48:8D:EA:53
+ serial:08:B0:54:7A:03:5A:EC:55:8A:12:E8:F9:8E:34:B6:13:D9:59:B8:E8
X509v3 Basic Constraints:
CA:TRUE
@@ -47,28 +47,28 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- 36:cb:bc:c5:52:9a:66:cd:91:4d:8f:27:9f:b3:64:80:0e:64:
- b4:cb:1a:cd:75:9e:82:7c:55:67:d8:9f:90:a3:34:96:99:43:
- f7:49:53:a2:58:85:a0:b3:83:4f:af:b8:15:8a:88:1e:f3:60:
- f4:7c:94:b5:58:68:f1:2a:13:80:34:c2:6f:a5:f8:7e:76:16:
- 81:4f:36:8b:c3:59:bd:51:dd:60:87:d7:1d:96:44:69:07:3c:
- 8f:28:56:b1:11:5c:4e:81:3f:57:25:fd:65:dd:07:cf:17:0a:
- 01:7e:4e:3f:8e:73:db:fe:f4:f2:c5:ff:a3:76:a8:74:46:2e:
- 47:0d:b0:ed:0a:c0:c5:0a:65:d3:dc:62:b2:e0:1e:8e:bd:f3:
- bd:af:af:66:84:36:92:e2:3b:80:d0:57:a6:41:a3:62:d1:a6:
- 6d:14:6c:cd:82:b1:c1:c1:35:55:ae:59:49:a8:26:52:bd:ef:
- 1b:2c:1f:9d:39:04:d2:82:a0:6b:39:71:59:33:82:ba:55:6c:
- 97:f2:1b:5b:e0:4d:e2:cf:89:e7:26:b8:2c:6c:9f:83:d6:ed:
- 4e:2f:75:a9:30:4e:01:95:0d:4f:83:5e:c8:af:7f:67:ea:53:
- bf:ca:9b:1f:d4:ff:36:97:02:71:8e:33:de:e2:58:27:aa:70:
- 0c:5b:de:0e
+ 89:84:eb:6a:70:3b:2a:6e:a8:8b:f2:92:79:97:5c:bd:98:8b:
+ 71:db:db:7c:df:db:a4:2c:59:d3:a6:75:41:c2:06:b6:17:1e:
+ 0c:1f:7d:0b:7f:58:3e:c1:e7:0c:f0:62:92:77:ab:99:79:7b:
+ 85:f4:d9:6c:d0:0e:e5:8b:13:35:65:9e:d7:9a:51:98:e4:49:
+ 44:51:c8:e3:e0:9a:ff:c2:cb:3d:81:eb:ee:f4:1a:d1:96:4b:
+ e9:7d:de:5b:f2:64:40:ad:e1:d9:d6:b7:e1:eb:a9:3a:52:29:
+ 89:aa:07:37:96:44:e3:23:49:f3:be:f3:0d:70:d1:a2:ce:78:
+ 86:22:fc:76:00:84:1d:fa:8b:8a:d2:43:93:88:fa:ee:22:cc:
+ a6:86:f5:3f:24:f1:d4:70:05:4f:3b:18:32:50:67:c1:80:77:
+ 0d:3c:78:75:35:d0:fd:60:f3:ed:a1:30:d0:62:25:99:6b:80:
+ 56:17:3d:b4:af:1d:df:ab:48:21:c1:d2:0b:6b:94:a7:33:d1:
+ d0:82:b7:3b:92:eb:9d:d6:6c:32:81:5e:07:3c:46:34:32:7b:
+ ea:22:db:a6:a3:18:69:7c:ad:17:e4:c8:a9:8f:a8:ba:67:af:
+ 99:39:ef:6e:0c:f8:a9:b3:bd:ab:71:94:e0:41:aa:a4:2d:72:
+ 60:51:d1:5c
-----BEGIN CERTIFICATE-----
-MIIFHTCCBAWgAwIBAgIUc/tU1gN9TAeE4gARjN2Q3EiN6lMwDQYJKoZIhvcNAQEL
+MIIFHTCCBAWgAwIBAgIUCLBUegNa7FWKEuj5jjS2E9lZuOgwDQYJKoZIhvcNAQEL
BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
@@ -82,26 +82,26 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUc/tU1gN9TAeE4gARjN2Q3EiN
-6lMwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUCLBUegNa7FWKEuj5jjS2E9lZ
+uOgwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB
-ADbLvMVSmmbNkU2PJ5+zZIAOZLTLGs11noJ8VWfYn5CjNJaZQ/dJU6JYhaCzg0+v
-uBWKiB7zYPR8lLVYaPEqE4A0wm+l+H52FoFPNovDWb1R3WCH1x2WRGkHPI8oVrER
-XE6BP1cl/WXdB88XCgF+Tj+Oc9v+9PLF/6N2qHRGLkcNsO0KwMUKZdPcYrLgHo69
-872vr2aENpLiO4DQV6ZBo2LRpm0UbM2CscHBNVWuWUmoJlK97xssH505BNKCoGs5
-cVkzgrpVbJfyG1vgTeLPiecmuCxsn4PW7U4vdakwTgGVDU+DXsivf2fqU7/Kmx/U
-/zaXAnGOM97iWCeqcAxb3g4=
+AImE62pwOypuqIvyknmXXL2Yi3Hb23zf26QsWdOmdUHCBrYXHgwffQt/WD7B5wzw
+YpJ3q5l5e4X02WzQDuWLEzVlnteaUZjkSURRyOPgmv/Cyz2B6+70GtGWS+l93lvy
+ZECt4dnWt+HrqTpSKYmqBzeWROMjSfO+8w1w0aLOeIYi/HYAhB36i4rSQ5OI+u4i
+zKaG9T8k8dRwBU87GDJQZ8GAdw08eHU10P1g8+2hMNBiJZlrgFYXPbSvHd+rSCHB
+0gtrlKcz0dCCtzuS653WbDKBXgc8RjQye+oi26ajGGl8rRfkyKmPqLpnr5k5724M
++KmzvatxlOBBqqQtcmBR0Vw=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 59:e6:5a:21:e0:c4:3f:67:06:9b:21:43:3e:76:ca:f0:3f:68:5b:53
+ 37:67:2a:05:24:b5:2b:b6:ae:40:6b:e1:75:e0:97:cc:1d:12:8b:2a
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -120,7 +120,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:59:E6:5A:21:E0:C4:3F:67:06:9B:21:43:3E:76:CA:F0:3F:68:5B:53
+ serial:37:67:2A:05:24:B5:2B:B6:AE:40:6B:E1:75:E0:97:CC:1D:12:8B:2A
X509v3 Basic Constraints:
CA:TRUE
@@ -129,16 +129,16 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:20:70:f8:0e:6e:91:c9:09:77:25:8c:ba:99:6d:54:
- 2d:a8:52:87:17:51:24:8b:13:92:89:7d:c9:ba:b4:43:2e:48:
- 02:21:00:ab:41:13:3a:d5:eb:68:66:36:56:7c:75:5d:37:e3:
- f6:27:7f:54:d5:42:80:29:db:e5:9b:16:8a:d3:c2:ad:d6
+ 30:44:02:20:7a:6d:c5:bd:6f:9d:54:4f:c5:4c:d0:12:8c:31:
+ 3b:b6:17:80:9e:c7:34:f8:c5:da:fb:61:23:35:e6:93:35:b4:
+ 02:20:1b:6a:86:c4:11:be:7c:15:a7:5e:ab:85:ee:b7:8c:20:
+ dc:eb:17:a3:f2:66:63:aa:6b:67:e0:62:1f:17:3e:ac
-----BEGIN CERTIFICATE-----
-MIIDXjCCAwSgAwIBAgIUWeZaIeDEP2cGmyFDPnbK8D9oW1MwCgYIKoZIzj0EAwIw
+MIIDXTCCAwSgAwIBAgIUN2cqBSS1K7auQGvhdeCXzB0SiyowCgYIKoZIzj0EAwIw
gY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAMBgNVBAcMBVNhbGVt
MRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0MRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjTELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBjTELMAkGA1UEBhMCVVMx
DzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVu
dCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf
MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG
@@ -148,9 +148,9 @@ WWuVYT9RV7YETYlBiERcq/Iwgc0GA1UdIwSBxTCBwoAU69RLWWuVYT9RV7YETYlB
iERcq/KhgZOkgZAwgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAM
BgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0
MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb22CFFnmWiHgxD9nBpshQz52yvA/aFtTMAwGA1UdEwQFMAMBAf8w
+d29sZnNzbC5jb22CFDdnKgUktSu2rkBr4XXgl8wdEosqMAwGA1UdEwQFMAMBAf8w
HAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUH
-AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0gAMEUCIHD4Dm6RyQl3JYy6mW1ULahS
-hxdRJIsTkol9ybq0Qy5IAiEAq0ETOtXraGY2Vnx1XTfj9id/VNVCgCnb5ZsWitPC
-rdY=
+AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0cAMEQCIHptxb1vnVRPxUzQEowxO7YX
+gJ7HNPjF2vthIzXmkzW0AiAbaobEEb58Fadeq4Xut4wg3OsXo/JmY6prZ+BiHxc+
+rA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-cert-ext.der b/extra/wolfssl/wolfssl/certs/client-cert-ext.der
index 9dfe9cfb..82aac96d 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert-ext.der
+++ b/extra/wolfssl/wolfssl/certs/client-cert-ext.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/client-cert-ext.pem b/extra/wolfssl/wolfssl/certs/client-cert-ext.pem
index c98c3094..07ca05d0 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert-ext.pem
+++ b/extra/wolfssl/wolfssl/certs/client-cert-ext.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 45:9c:f1:fd:f9:b8:de:31:65:89:f7:e4:d9:e4:24:25:6a:41:8e:81
+ 12:37:de:bf:76:06:c4:e6:74:0c:38:84:53:e2:19:d4:b9:d3:68:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:45:9C:F1:FD:F9:B8:DE:31:65:89:F7:E4:D9:E4:24:25:6A:41:8E:81
+ serial:12:37:DE:BF:76:06:C4:E6:74:0C:38:84:53:E2:19:D4:B9:D3:68:D3
X509v3 Basic Constraints:
CA:TRUE
@@ -47,28 +47,28 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- a9:d7:de:27:5e:35:fb:a2:0d:f1:c5:9e:d7:d4:d7:d3:11:c7:
- 78:39:1c:e6:b9:af:44:34:ed:c8:b6:b8:b3:e0:31:75:1b:3a:
- f8:f0:1e:58:f5:02:44:4e:39:f6:39:52:0a:a2:a1:d9:ad:98:
- 46:65:ec:f1:c4:c3:26:91:d0:98:51:45:55:91:49:52:11:27:
- e8:c5:82:ca:b9:a1:09:75:1d:b2:8f:33:76:3d:d6:8e:7c:37:
- 03:ec:95:6a:43:95:5c:96:84:f1:c5:d0:b2:47:0a:78:53:c4:
- 3b:04:a8:1a:73:7c:da:b6:0f:4d:80:7f:77:0a:0c:6c:8a:6b:
- 78:98:c3:cc:19:90:e6:c7:9e:31:f5:f9:90:2c:72:8e:bd:7c:
- 9d:3d:68:50:9d:30:32:c7:26:27:e4:52:cc:bd:c3:c6:e5:8a:
- 3f:44:70:63:f1:da:ae:a0:fd:18:6a:d6:e5:12:e5:04:55:89:
- 20:a9:47:67:4a:4e:4f:dc:3b:eb:06:83:81:98:7c:a4:33:61:
- e0:f4:03:33:1c:1d:65:e3:43:e2:f2:08:ca:59:ee:13:4f:32:
- 5e:48:7e:62:48:2c:c9:95:7b:00:ea:a2:c1:2a:50:b5:a4:91:
- 40:3f:6a:df:84:e3:66:0e:2f:a1:c8:02:c7:13:88:15:77:2a:
- d3:38:6e:0f
+ ac:be:4c:63:00:b5:d9:d5:9e:b1:83:61:a3:7a:1f:a8:b7:ad:
+ e0:0a:c8:c4:42:b2:ff:96:18:99:3d:16:b9:58:05:94:7b:1b:
+ da:66:27:e3:48:5b:e6:4d:7b:0f:51:c5:8e:e4:b5:c3:0b:48:
+ 96:56:95:bb:3c:4d:91:c9:2c:51:61:24:37:d2:ef:ec:6c:97:
+ 92:cc:b4:fc:4f:fc:db:f7:7d:71:a9:3c:3a:a1:fb:e1:14:1a:
+ c2:a3:51:e8:fc:c5:fb:57:44:73:97:93:bd:79:9a:10:9e:27:
+ e1:f2:cd:43:94:8f:6a:01:ce:40:51:e4:fa:06:d2:de:0a:10:
+ 93:ff:0f:10:44:85:8a:00:60:2b:bf:86:40:5b:2e:28:11:e9:
+ 8e:8a:ad:00:e9:0e:c6:67:ee:fc:53:8d:19:6a:33:91:0e:42:
+ 16:83:5e:67:3b:24:05:85:b8:2a:bf:16:5b:d4:b0:a7:02:de:
+ 29:6b:7b:fc:45:c1:1e:9f:d9:91:3c:92:9d:2e:c6:a7:a0:ea:
+ d7:b0:97:d6:58:14:03:4c:12:d5:f1:81:e3:a9:07:94:3f:53:
+ 78:d1:61:e9:44:87:59:8b:b8:e7:c1:cc:3f:11:eb:00:e9:b5:
+ b7:6a:05:49:f7:5c:e0:e8:b4:6c:7c:f0:fc:67:5a:67:35:7e:
+ 85:43:cb:b6
-----BEGIN CERTIFICATE-----
-MIIFCDCCA/CgAwIBAgIURZzx/fm43jFliffk2eQkJWpBjoEwDQYJKoZIhvcNAQEL
+MIIFCDCCA/CgAwIBAgIUEjfev3YGxOZ0DDiEU+IZ1LnTaNMwDQYJKoZIhvcNAQEL
BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
@@ -82,12 +82,12 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIURZzx/fm43jFliffk2eQkJWpB
-joEwDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B
-Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAKnX3ideNfuiDfHFntfU19MRx3g5
-HOa5r0Q07ci2uLPgMXUbOvjwHlj1AkROOfY5UgqiodmtmEZl7PHEwyaR0JhRRVWR
-SVIRJ+jFgsq5oQl1HbKPM3Y91o58NwPslWpDlVyWhPHF0LJHCnhTxDsEqBpzfNq2
-D02Af3cKDGyKa3iYw8wZkObHnjH1+ZAsco69fJ09aFCdMDLHJifkUsy9w8blij9E
-cGPx2q6g/Rhq1uUS5QRViSCpR2dKTk/cO+sGg4GYfKQzYeD0AzMcHWXjQ+LyCMpZ
-7hNPMl5IfmJILMmVewDqosEqULWkkUA/at+E42YOL6HIAscTiBV3KtM4bg8=
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUEjfev3YGxOZ0DDiEU+IZ1LnT
+aNMwDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B
+Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAKy+TGMAtdnVnrGDYaN6H6i3reAK
+yMRCsv+WGJk9FrlYBZR7G9pmJ+NIW+ZNew9RxY7ktcMLSJZWlbs8TZHJLFFhJDfS
+7+xsl5LMtPxP/Nv3fXGpPDqh++EUGsKjUej8xftXRHOXk715mhCeJ+HyzUOUj2oB
+zkBR5PoG0t4KEJP/DxBEhYoAYCu/hkBbLigR6Y6KrQDpDsZn7vxTjRlqM5EOQhaD
+Xmc7JAWFuCq/FlvUsKcC3ilre/xFwR6f2ZE8kp0uxqeg6tewl9ZYFANMEtXxgeOp
+B5Q/U3jRYelEh1mLuOfBzD8R6wDptbdqBUn3XODotGx88PxnWmc1foVDy7Y=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-cert.der b/extra/wolfssl/wolfssl/certs/client-cert.der
index aa7e2686..b1024593 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/client-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/client-cert.pem b/extra/wolfssl/wolfssl/certs/client-cert.pem
index 4bf36d37..88955531 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 73:fb:54:d6:03:7d:4c:07:84:e2:00:11:8c:dd:90:dc:48:8d:ea:53
+ 08:b0:54:7a:03:5a:ec:55:8a:12:e8:f9:8e:34:b6:13:d9:59:b8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:73:FB:54:D6:03:7D:4C:07:84:E2:00:11:8C:DD:90:DC:48:8D:EA:53
+ serial:08:B0:54:7A:03:5A:EC:55:8A:12:E8:F9:8E:34:B6:13:D9:59:B8:E8
X509v3 Basic Constraints:
CA:TRUE
@@ -47,28 +47,28 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- 36:cb:bc:c5:52:9a:66:cd:91:4d:8f:27:9f:b3:64:80:0e:64:
- b4:cb:1a:cd:75:9e:82:7c:55:67:d8:9f:90:a3:34:96:99:43:
- f7:49:53:a2:58:85:a0:b3:83:4f:af:b8:15:8a:88:1e:f3:60:
- f4:7c:94:b5:58:68:f1:2a:13:80:34:c2:6f:a5:f8:7e:76:16:
- 81:4f:36:8b:c3:59:bd:51:dd:60:87:d7:1d:96:44:69:07:3c:
- 8f:28:56:b1:11:5c:4e:81:3f:57:25:fd:65:dd:07:cf:17:0a:
- 01:7e:4e:3f:8e:73:db:fe:f4:f2:c5:ff:a3:76:a8:74:46:2e:
- 47:0d:b0:ed:0a:c0:c5:0a:65:d3:dc:62:b2:e0:1e:8e:bd:f3:
- bd:af:af:66:84:36:92:e2:3b:80:d0:57:a6:41:a3:62:d1:a6:
- 6d:14:6c:cd:82:b1:c1:c1:35:55:ae:59:49:a8:26:52:bd:ef:
- 1b:2c:1f:9d:39:04:d2:82:a0:6b:39:71:59:33:82:ba:55:6c:
- 97:f2:1b:5b:e0:4d:e2:cf:89:e7:26:b8:2c:6c:9f:83:d6:ed:
- 4e:2f:75:a9:30:4e:01:95:0d:4f:83:5e:c8:af:7f:67:ea:53:
- bf:ca:9b:1f:d4:ff:36:97:02:71:8e:33:de:e2:58:27:aa:70:
- 0c:5b:de:0e
+ 89:84:eb:6a:70:3b:2a:6e:a8:8b:f2:92:79:97:5c:bd:98:8b:
+ 71:db:db:7c:df:db:a4:2c:59:d3:a6:75:41:c2:06:b6:17:1e:
+ 0c:1f:7d:0b:7f:58:3e:c1:e7:0c:f0:62:92:77:ab:99:79:7b:
+ 85:f4:d9:6c:d0:0e:e5:8b:13:35:65:9e:d7:9a:51:98:e4:49:
+ 44:51:c8:e3:e0:9a:ff:c2:cb:3d:81:eb:ee:f4:1a:d1:96:4b:
+ e9:7d:de:5b:f2:64:40:ad:e1:d9:d6:b7:e1:eb:a9:3a:52:29:
+ 89:aa:07:37:96:44:e3:23:49:f3:be:f3:0d:70:d1:a2:ce:78:
+ 86:22:fc:76:00:84:1d:fa:8b:8a:d2:43:93:88:fa:ee:22:cc:
+ a6:86:f5:3f:24:f1:d4:70:05:4f:3b:18:32:50:67:c1:80:77:
+ 0d:3c:78:75:35:d0:fd:60:f3:ed:a1:30:d0:62:25:99:6b:80:
+ 56:17:3d:b4:af:1d:df:ab:48:21:c1:d2:0b:6b:94:a7:33:d1:
+ d0:82:b7:3b:92:eb:9d:d6:6c:32:81:5e:07:3c:46:34:32:7b:
+ ea:22:db:a6:a3:18:69:7c:ad:17:e4:c8:a9:8f:a8:ba:67:af:
+ 99:39:ef:6e:0c:f8:a9:b3:bd:ab:71:94:e0:41:aa:a4:2d:72:
+ 60:51:d1:5c
-----BEGIN CERTIFICATE-----
-MIIFHTCCBAWgAwIBAgIUc/tU1gN9TAeE4gARjN2Q3EiN6lMwDQYJKoZIhvcNAQEL
+MIIFHTCCBAWgAwIBAgIUCLBUegNa7FWKEuj5jjS2E9lZuOgwDQYJKoZIhvcNAQEL
BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
@@ -82,13 +82,13 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUc/tU1gN9TAeE4gARjN2Q3EiN
-6lMwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUCLBUegNa7FWKEuj5jjS2E9lZ
+uOgwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB
-ADbLvMVSmmbNkU2PJ5+zZIAOZLTLGs11noJ8VWfYn5CjNJaZQ/dJU6JYhaCzg0+v
-uBWKiB7zYPR8lLVYaPEqE4A0wm+l+H52FoFPNovDWb1R3WCH1x2WRGkHPI8oVrER
-XE6BP1cl/WXdB88XCgF+Tj+Oc9v+9PLF/6N2qHRGLkcNsO0KwMUKZdPcYrLgHo69
-872vr2aENpLiO4DQV6ZBo2LRpm0UbM2CscHBNVWuWUmoJlK97xssH505BNKCoGs5
-cVkzgrpVbJfyG1vgTeLPiecmuCxsn4PW7U4vdakwTgGVDU+DXsivf2fqU7/Kmx/U
-/zaXAnGOM97iWCeqcAxb3g4=
+AImE62pwOypuqIvyknmXXL2Yi3Hb23zf26QsWdOmdUHCBrYXHgwffQt/WD7B5wzw
+YpJ3q5l5e4X02WzQDuWLEzVlnteaUZjkSURRyOPgmv/Cyz2B6+70GtGWS+l93lvy
+ZECt4dnWt+HrqTpSKYmqBzeWROMjSfO+8w1w0aLOeIYi/HYAhB36i4rSQ5OI+u4i
+zKaG9T8k8dRwBU87GDJQZ8GAdw08eHU10P1g8+2hMNBiJZlrgFYXPbSvHd+rSCHB
+0gtrlKcz0dCCtzuS653WbDKBXgc8RjQye+oi26ajGGl8rRfkyKmPqLpnr5k5724M
++KmzvatxlOBBqqQtcmBR0Vw=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-crl-dist.der b/extra/wolfssl/wolfssl/certs/client-crl-dist.der
index b8fde691..23bd7cac 100644
--- a/extra/wolfssl/wolfssl/certs/client-crl-dist.der
+++ b/extra/wolfssl/wolfssl/certs/client-crl-dist.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/client-crl-dist.pem b/extra/wolfssl/wolfssl/certs/client-crl-dist.pem
index cfdc7c74..b8eba767 100644
--- a/extra/wolfssl/wolfssl/certs/client-crl-dist.pem
+++ b/extra/wolfssl/wolfssl/certs/client-crl-dist.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 74:65:e7:ce:97:a7:4c:9e:ec:b7:35:9a:21:93:6d:b1:f8:a1:53:95
+ 4b:fb:e6:7a:af:6c:19:2e:6a:b9:4c:cc:af:a9:1e:8e:7c:de:ea:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = CRL_DIST, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = CRL_DIST, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -39,27 +39,27 @@ Certificate:
URI:http://www.wolfssl.com/crl.pem
Signature Algorithm: sha256WithRSAEncryption
- 83:23:c3:dc:8e:65:2d:00:a3:09:24:f0:c5:6a:68:a6:b7:53:
- 9a:4d:7c:bb:3c:e6:c5:a0:e5:0e:2e:47:33:70:a5:41:a5:3b:
- be:62:61:9f:a9:58:f2:6a:d3:e7:8b:38:57:34:65:b1:5f:64:
- 37:6b:81:46:f7:f5:ba:28:3a:c8:76:7b:b2:74:6c:45:de:7e:
- 1c:57:8e:17:f1:b1:98:99:5e:21:6a:bd:c1:cd:3a:43:33:2f:
- aa:a9:a8:37:63:0e:ee:8c:83:3d:60:0f:79:45:20:5d:78:08:
- d8:c2:7d:6d:95:31:1e:ca:88:bc:9f:d3:c5:e9:e6:76:9e:72:
- c2:93:75:61:63:e2:c6:2e:0a:56:1f:1e:e0:ea:31:05:30:da:
- 68:11:85:3c:c2:4c:68:98:0a:ed:11:6f:a8:f5:25:d1:81:bd:
- 98:d1:b5:53:e0:09:dc:f4:e8:49:f0:56:ce:f7:f2:a4:f6:56:
- e4:18:4b:99:04:9b:2c:48:62:19:6c:8c:38:17:95:8e:98:7d:
- b8:12:05:fb:6c:a2:d3:b5:b2:f8:34:b9:ba:c2:76:47:75:1a:
- 73:cc:61:0c:b1:f2:12:52:41:fc:3f:aa:85:b6:24:b6:bd:c8:
- 7b:0c:11:bd:03:89:eb:38:45:db:18:6d:e3:56:30:41:f3:14:
- 2e:f9:ea:b1
+ 2d:cc:22:e7:1f:88:8f:59:86:50:9d:98:17:64:1b:7f:20:5d:
+ 5d:41:11:c1:b4:17:1f:93:64:b6:55:ae:a2:48:b9:60:ff:6f:
+ e4:1e:5f:70:31:50:95:b5:b0:85:9b:48:13:e7:ea:18:1a:04:
+ 33:cd:bc:ae:32:83:eb:e6:78:77:73:25:a2:eb:c2:fc:6f:09:
+ 0e:5e:85:9d:93:98:9d:19:b9:48:3c:8c:29:c6:83:b2:8c:3c:
+ dd:47:8b:89:f1:da:ab:0e:73:64:43:61:45:74:bf:b7:8c:72:
+ 79:b5:6e:29:7b:5d:df:36:9f:92:57:eb:23:ba:96:93:ba:e6:
+ 53:75:ec:77:0f:9b:7d:fa:9f:2a:37:6d:fd:ce:9e:59:31:bb:
+ 19:b0:72:ce:e8:34:9e:73:ae:4a:d3:47:36:b7:1c:52:a7:4a:
+ f0:86:fe:4c:51:6e:f4:d1:51:f3:5c:6f:83:c7:d1:15:07:d8:
+ c3:47:2a:80:23:fd:65:eb:38:14:5c:32:77:ff:3c:35:02:d4:
+ 95:99:31:40:43:42:5b:b1:8b:30:f2:dc:6a:fe:81:08:d1:c8:
+ 8e:58:9a:e5:42:91:eb:8b:4a:ae:cd:85:c6:62:f5:05:ff:5a:
+ 6c:d3:27:47:32:94:60:16:96:94:25:be:82:08:fd:0c:ae:71:
+ 5c:cd:aa:18
-----BEGIN CERTIFICATE-----
-MIID7zCCAtegAwIBAgIUdGXnzpenTJ7stzWaIZNtsfihU5UwDQYJKoZIhvcNAQEL
+MIID7zCCAtegAwIBAgIUS/vmeq9sGS5quUzMr6kejnze6gkwDQYJKoZIhvcNAQEL
BQAwgZYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxETAPBgNVBAsMCENSTF9ESVNU
MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBljEL
+d29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBljEL
MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
FTATBgNVBAoMDHdvbGZTU0xfMjA0ODERMA8GA1UECwwIQ1JMX0RJU1QxGDAWBgNV
BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
@@ -70,11 +70,11 @@ us8N+e/s8YEee5sDR5q/Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN
b42GwohAmTaDuh5AciIX11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZ
DIWz2YrZVCbbbfqsu/8lTMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb
5fuhutMCAwEAAaMzMDEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3d3dy53b2xm
-c3NsLmNvbS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQCDI8PcjmUtAKMJJPDF
-amimt1OaTXy7PObFoOUOLkczcKVBpTu+YmGfqVjyatPnizhXNGWxX2Q3a4FG9/W6
-KDrIdnuydGxF3n4cV44X8bGYmV4har3BzTpDMy+qqag3Yw7ujIM9YA95RSBdeAjY
-wn1tlTEeyoi8n9PF6eZ2nnLCk3VhY+LGLgpWHx7g6jEFMNpoEYU8wkxomArtEW+o
-9SXRgb2Y0bVT4Anc9OhJ8FbO9/Kk9lbkGEuZBJssSGIZbIw4F5WOmH24EgX7bKLT
-tbL4NLm6wnZHdRpzzGEMsfISUkH8P6qFtiS2vch7DBG9A4nrOEXbGG3jVjBB8xQu
-+eqx
+c3NsLmNvbS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQAtzCLnH4iPWYZQnZgX
+ZBt/IF1dQRHBtBcfk2S2Va6iSLlg/2/kHl9wMVCVtbCFm0gT5+oYGgQzzbyuMoPr
+5nh3cyWi68L8bwkOXoWdk5idGblIPIwpxoOyjDzdR4uJ8dqrDnNkQ2FFdL+3jHJ5
+tW4pe13fNp+SV+sjupaTuuZTdex3D5t9+p8qN239zp5ZMbsZsHLO6DSec65K00c2
+txxSp0rwhv5MUW700VHzXG+Dx9EVB9jDRyqAI/1l6zgUXDJ3/zw1AtSVmTFAQ0Jb
+sYsw8txq/oEI0ciOWJrlQpHri0quzYXGYvUF/1ps0ydHMpRgFpaUJb6CCP0MrnFc
+zaoY
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc-cert.der b/extra/wolfssl/wolfssl/certs/client-ecc-cert.der
index 571745cd..11df5e2c 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/client-ecc-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem
index 83d69192..cb835236 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 59:e6:5a:21:e0:c4:3f:67:06:9b:21:43:3e:76:ca:f0:3f:68:5b:53
+ 37:67:2a:05:24:b5:2b:b6:ae:40:6b:e1:75:e0:97:cc:1d:12:8b:2a
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -26,7 +26,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:59:E6:5A:21:E0:C4:3F:67:06:9B:21:43:3E:76:CA:F0:3F:68:5B:53
+ serial:37:67:2A:05:24:B5:2B:B6:AE:40:6B:E1:75:E0:97:CC:1D:12:8B:2A
X509v3 Basic Constraints:
CA:TRUE
@@ -35,16 +35,16 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:20:70:f8:0e:6e:91:c9:09:77:25:8c:ba:99:6d:54:
- 2d:a8:52:87:17:51:24:8b:13:92:89:7d:c9:ba:b4:43:2e:48:
- 02:21:00:ab:41:13:3a:d5:eb:68:66:36:56:7c:75:5d:37:e3:
- f6:27:7f:54:d5:42:80:29:db:e5:9b:16:8a:d3:c2:ad:d6
+ 30:44:02:20:7a:6d:c5:bd:6f:9d:54:4f:c5:4c:d0:12:8c:31:
+ 3b:b6:17:80:9e:c7:34:f8:c5:da:fb:61:23:35:e6:93:35:b4:
+ 02:20:1b:6a:86:c4:11:be:7c:15:a7:5e:ab:85:ee:b7:8c:20:
+ dc:eb:17:a3:f2:66:63:aa:6b:67:e0:62:1f:17:3e:ac
-----BEGIN CERTIFICATE-----
-MIIDXjCCAwSgAwIBAgIUWeZaIeDEP2cGmyFDPnbK8D9oW1MwCgYIKoZIzj0EAwIw
+MIIDXTCCAwSgAwIBAgIUN2cqBSS1K7auQGvhdeCXzB0SiyowCgYIKoZIzj0EAwIw
gY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAMBgNVBAcMBVNhbGVt
MRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0MRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjTELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBjTELMAkGA1UEBhMCVVMx
DzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVu
dCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf
MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG
@@ -54,9 +54,9 @@ WWuVYT9RV7YETYlBiERcq/Iwgc0GA1UdIwSBxTCBwoAU69RLWWuVYT9RV7YETYlB
iERcq/KhgZOkgZAwgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAM
BgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0
MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb22CFFnmWiHgxD9nBpshQz52yvA/aFtTMAwGA1UdEwQFMAMBAf8w
+d29sZnNzbC5jb22CFDdnKgUktSu2rkBr4XXgl8wdEosqMAwGA1UdEwQFMAMBAf8w
HAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUH
-AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0gAMEUCIHD4Dm6RyQl3JYy6mW1ULahS
-hxdRJIsTkol9ybq0Qy5IAiEAq0ETOtXraGY2Vnx1XTfj9id/VNVCgCnb5ZsWitPC
-rdY=
+AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0cAMEQCIHptxb1vnVRPxUzQEowxO7YX
+gJ7HNPjF2vthIzXmkzW0AiAbaobEEb58Fadeq4Xut4wg3OsXo/JmY6prZ+BiHxc+
+rA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der
index 2d341097..9d65ac34 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der
+++ b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem
index 38cd8ffb..cdd8e7d0 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem
@@ -1,18 +1,18 @@
-----BEGIN CERTIFICATE-----
-MIIC7jCCAnWgAwIBAgICEAIwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
+MIIC8TCCAnagAwIBAgICEAIwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIyMTIx
-NjIxMTc0OVoYDzIwNTIxMjA4MjExNzQ5WjCBljELMAkGA1UEBhMCVVMxEzARBgNV
-BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0
-aWMxEzARBgNVBAsMCkVDQzM4NENsaXQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
-bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqGSM49AgEG
-BSuBBAAiA2IABGbECD1mp6EV1FMKI7OtC86PyPSYHabYsm4iEfq575nA+ik+SAD5
-/sKmShunEqhrkEwcu6xdbg5iznAg90N32JfHdNNo/onsd8sZL4lKHXf5l0tmAmil
-Yq+VgcvjJDbrhaOBkDCBjTAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAd
-BgNVHQ4EFgQUHvLQG/j8pcs/3Ir1lypCU7BC+dQwHwYDVR0jBBgwFoAUq+DDJkwY
-1HK70oSMnAoFkoASU1IwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUF
-BwMCBggrBgEFBQcDBDAKBggqhkjOPQQDAwNnADBkAjAPQMgZxsqXF0GGM9ENosCY
-W1DkocrsibpBK8OR3ATI+FYZPshPUW5CeyczH+NkZaYCMDzZ+hqoQhVY0VL93fa2
-IwAeR5QzHT3Vm802Zbormsdhso44wEqmByPbZrseWKK9ig==
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIzMTIx
+MzIyMTkyN1oYDzIwNTMxMjA1MjIxOTI3WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlw
+dGljMRMwEQYDVQQLDApFQ0MzODRDbGl0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wdjAQBgcqhkjOPQIB
+BgUrgQQAIgNiAARmxAg9ZqehFdRTCiOzrQvOj8j0mB2m2LJuIhH6ue+ZwPopPkgA
++f7CpkobpxKoa5BMHLusXW4OYs5wIPdDd9iXx3TTaP6J7HfLGS+JSh13+ZdLZgJo
+pWKvlYHL4yQ264WjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAw
+HQYDVR0OBBYEFB7y0Bv4/KXLP9yK9ZcqQlOwQvnUMB8GA1UdIwQYMBaAFKvgwyZM
+GNRyu9KEjJwKBZKAElNSMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
+BQcDAgYIKwYBBQUHAwQwCgYIKoZIzj0EAwMDaQAwZgIxANNvyNaU668jcKTlo9iz
+ZiaHuFxJmE0DGHTBYJClnOiXXWOYXzFbwurGYGTX3YzmtgIxALtl1Hctz2t+kLwY
+K+PYqHKH5fPWpnf8hMb9hdF/AeZqXSlutQpXG2Wppj6T6zSjLg==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-relative-uri.pem b/extra/wolfssl/wolfssl/certs/client-relative-uri.pem
index 665bfde0..f1c1303c 100644
--- a/extra/wolfssl/wolfssl/certs/client-relative-uri.pem
+++ b/extra/wolfssl/wolfssl/certs/client-relative-uri.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 24:30:a2:59:c1:a0:67:cb:4c:58:f7:69:e0:0b:15:23:ff:a3:8e:19
+ 28:2c:d3:e8:22:39:f9:1d:be:90:1c:5e:99:59:bb:59:d7:0e:25:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = RELATIVE_URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = RELATIVE_URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -38,34 +38,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=RELATIVE_URI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:24:30:A2:59:C1:A0:67:CB:4C:58:F7:69:E0:0B:15:23:FF:A3:8E:19
+ serial:28:2C:D3:E8:22:39:F9:1D:BE:90:1C:5E:99:59:BB:59:D7:0E:25:DE
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
URI:../relative/page.html
Signature Algorithm: sha256WithRSAEncryption
- 2d:b8:d7:52:e5:73:42:36:8a:a9:97:ed:5f:da:4b:28:40:92:
- fa:b3:05:13:67:e1:d8:9d:93:7e:d3:03:d0:21:6d:50:db:5a:
- 6f:40:de:06:f6:ff:6f:67:89:61:6d:e8:3d:3e:7f:47:a9:10:
- f4:40:cf:74:1b:e7:5d:1c:2e:e3:5f:a1:d6:7a:c4:1c:98:2e:
- 55:8a:b5:99:2a:2f:de:82:33:1f:e0:35:b0:e6:e9:89:47:9a:
- 77:03:bb:96:a3:6c:21:02:ea:2c:6a:a8:bc:3a:f7:b9:66:53:
- 55:36:98:a6:20:28:c0:f8:ef:91:7b:2b:dc:a9:5c:6e:b1:83:
- be:27:a5:7c:9a:d2:a7:a8:31:a3:f3:0d:8d:21:cf:d3:28:40:
- 7c:83:18:a1:97:fa:b2:7e:54:cb:fd:33:d6:28:17:47:c1:6c:
- 8a:c3:4d:f3:9c:33:df:ed:5f:ba:4b:6c:82:dc:7b:17:94:cc:
- 12:a8:ed:92:64:5d:6a:37:9e:12:65:76:5a:22:76:61:00:59:
- 22:4c:2a:e2:7b:a8:48:45:70:13:7d:f5:45:90:70:9b:3a:4e:
- df:d5:a7:a4:72:74:9f:e3:ca:32:4f:cb:f8:e2:8b:eb:ce:35:
- 75:dc:de:a1:4d:d2:3e:6a:a9:96:77:26:00:d4:a5:19:e4:44:
- 41:d4:0e:1a
+ 9a:6f:69:6c:4a:a8:1a:c7:42:04:ae:d8:d3:d0:b0:ce:ae:d6:
+ 68:5c:e6:91:37:39:d8:6c:64:43:11:fd:a9:ea:4a:47:e8:bc:
+ 6c:dc:12:b9:70:94:12:a8:5e:21:1a:e9:a2:fa:cf:c2:19:47:
+ 22:5d:6c:9e:4e:a3:6a:1d:7f:75:8f:a7:06:56:2f:c2:ac:d6:
+ 2e:56:90:ef:53:01:70:5f:a2:e0:6d:28:79:ab:bb:24:40:cd:
+ 62:6e:18:b5:5d:33:6a:d0:1c:84:c6:8f:82:77:1d:7b:85:c9:
+ 60:db:41:b2:6e:d2:4a:3e:ed:eb:76:62:59:82:93:21:1c:b5:
+ 8f:d6:9e:c2:5c:d8:a3:ca:cf:2f:16:a0:03:2d:7c:d9:3c:ec:
+ 1b:55:57:da:22:49:67:c6:9d:da:9a:1a:27:d8:1f:ea:e5:74:
+ 53:14:a2:9d:ba:a3:fa:0a:c9:52:fc:50:33:2a:d5:b5:25:39:
+ 5a:b4:e4:8a:2e:b8:c5:5f:f7:ac:2b:b0:ec:fe:cf:a5:23:58:
+ 6c:18:2c:68:2d:56:c5:16:2d:8a:0a:c1:2d:aa:cd:33:15:1c:
+ 80:e3:af:91:30:f6:f4:ce:28:57:4c:32:b8:09:ac:29:b7:07:
+ 47:1d:7d:bd:4a:5a:5d:97:0b:4b:c8:22:bc:f9:35:29:72:58:
+ 0f:f6:34:a3
-----BEGIN CERTIFICATE-----
-MIIE8zCCA9ugAwIBAgIUJDCiWcGgZ8tMWPdp4AsVI/+jjhkwDQYJKoZIhvcNAQEL
+MIIE8zCCA9ugAwIBAgIUKCzT6CI5+R2+kBxemVm7WdcOJd4wDQYJKoZIhvcNAQEL
BQAwgZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDFJFTEFUSVZF
X1VSSTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBp
-bmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVow
+bmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFow
gZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDFJFTEFUSVZFX1VS
STEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
@@ -80,12 +80,12 @@ cCeRxybXhWXAMIHaBgNVHSMEgdIwgc+AFDPYRWbXaIcYflQNcCeRxybXhWXAoYGg
pIGdMIGaMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRUwEwYDVQQLDAxSRUxBVElW
RV9VUkkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
-aW5mb0B3b2xmc3NsLmNvbYIUJDCiWcGgZ8tMWPdp4AsVI/+jjhkwCQYDVR0TBAIw
+aW5mb0B3b2xmc3NsLmNvbYIUKCzT6CI5+R2+kBxemVm7WdcOJd4wCQYDVR0TBAIw
ADAgBgNVHREEGTAXhhUuLi9yZWxhdGl2ZS9wYWdlLmh0bWwwDQYJKoZIhvcNAQEL
-BQADggEBAC2411Llc0I2iqmX7V/aSyhAkvqzBRNn4didk37TA9AhbVDbWm9A3gb2
-/29niWFt6D0+f0epEPRAz3Qb510cLuNfodZ6xByYLlWKtZkqL96CMx/gNbDm6YlH
-mncDu5ajbCEC6ixqqLw697lmU1U2mKYgKMD475F7K9ypXG6xg74npXya0qeoMaPz
-DY0hz9MoQHyDGKGX+rJ+VMv9M9YoF0fBbIrDTfOcM9/tX7pLbILcexeUzBKo7ZJk
-XWo3nhJldloidmEAWSJMKuJ7qEhFcBN99UWQcJs6Tt/Vp6RydJ/jyjJPy/jii+vO
-NXXc3qFN0j5qqZZ3JgDUpRnkREHUDho=
+BQADggEBAJpvaWxKqBrHQgSu2NPQsM6u1mhc5pE3OdhsZEMR/anqSkfovGzcErlw
+lBKoXiEa6aL6z8IZRyJdbJ5Oo2odf3WPpwZWL8Ks1i5WkO9TAXBfouBtKHmruyRA
+zWJuGLVdM2rQHITGj4J3HXuFyWDbQbJu0ko+7et2YlmCkyEctY/WnsJc2KPKzy8W
+oAMtfNk87BtVV9oiSWfGndqaGifYH+rldFMUop26o/oKyVL8UDMq1bUlOVq05Iou
+uMVf96wrsOz+z6UjWGwYLGgtVsUWLYoKwS2qzTMVHIDjr5Ew9vTOKFdMMrgJrCm3
+B0cdfb1KWl2XC0vIIrz5NSlyWA/2NKM=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-uri-cert.pem b/extra/wolfssl/wolfssl/certs/client-uri-cert.pem
index 321e9e2b..266eb518 100644
--- a/extra/wolfssl/wolfssl/certs/client-uri-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-uri-cert.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 31:01:44:60:7d:f5:1c:e0:55:a6:4f:c9:fd:9a:11:8b:31:40:77:3b
+ 7a:65:40:12:3e:1c:49:57:0a:f7:c6:7d:63:b7:25:6a:d7:cb:83:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -38,34 +38,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=URI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:31:01:44:60:7D:F5:1C:E0:55:A6:4F:C9:FD:9A:11:8B:31:40:77:3B
+ serial:7A:65:40:12:3E:1C:49:57:0A:F7:C6:7D:63:B7:25:6A:D7:CB:83:38
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
URI:https://www.wolfssl.com
Signature Algorithm: sha256WithRSAEncryption
- 1c:c6:a7:c5:f4:80:8b:30:5e:17:44:27:82:4b:bb:6a:37:ba:
- e2:89:6a:f6:b2:30:b3:9b:4a:77:b0:c7:4c:a6:7d:e3:51:48:
- 00:88:60:f0:50:8a:a0:48:ac:0d:14:05:e9:c3:98:d2:84:a9:
- de:39:4e:dc:48:85:32:96:99:52:75:9e:5c:d9:c8:6a:b7:da:
- f0:e9:a3:86:95:1c:17:70:23:40:88:e8:1e:79:96:92:98:5c:
- d6:b0:83:6e:61:9c:5a:c1:72:f9:2a:12:a2:8c:b1:f8:39:dd:
- 56:9a:1b:c9:57:4f:83:8f:48:77:c5:f9:31:5f:7c:05:b0:f3:
- a9:08:e1:de:c9:8c:bb:e8:3b:12:ee:29:a9:21:97:0b:d0:d9:
- 75:d4:b5:5b:9f:1a:c6:44:de:e4:64:d0:de:9b:c6:08:08:33:
- ab:c1:a5:3d:7d:fd:b9:f2:0f:6e:96:e1:7f:d3:c0:c6:47:67:
- 71:b2:00:87:eb:e3:6b:a6:2f:95:5d:5d:3e:3f:0f:fc:ad:68:
- a9:19:43:6b:45:dc:e3:d1:53:53:3b:25:aa:af:af:c2:95:c4:
- 4a:19:29:56:bc:20:51:92:bd:93:d4:f9:bc:14:07:42:a7:9f:
- 9d:fa:68:ae:a9:76:f3:64:98:5f:04:ef:2b:b1:fe:d0:cb:e4:
- 2f:04:f0:62
+ 5d:a4:3a:35:ae:40:5b:fb:1e:7b:09:41:32:4b:0b:0e:88:6e:
+ 77:04:87:6c:dd:f6:bb:48:f0:38:25:d1:62:e8:fc:b8:b9:32:
+ ad:bf:2d:66:92:8e:fb:62:2b:f2:f9:64:8f:c0:48:93:1b:d5:
+ a5:34:10:da:09:27:a3:c0:67:80:4e:b6:69:0a:56:8d:63:12:
+ 90:21:8b:a1:74:a0:5e:60:a3:3e:b5:4b:bf:12:a4:9f:37:ad:
+ 4e:1f:08:fa:3c:b0:ab:64:ba:78:70:da:4a:b8:5a:0b:8f:ca:
+ 19:3d:7d:0e:c6:20:d7:7d:99:19:26:26:d5:fd:dd:df:30:69:
+ 89:ff:4d:0c:94:6c:11:2e:ff:6d:71:42:b3:76:5a:c3:f4:a4:
+ 17:83:d0:1a:85:58:12:04:9b:77:39:f3:34:0b:75:bd:1f:98:
+ 96:6c:b9:6a:9f:e7:49:ed:ca:5d:09:f9:3a:62:82:57:f3:ba:
+ 5d:73:b6:da:c3:bd:7c:31:9e:e4:92:41:6c:8b:64:4f:cd:bd:
+ 9d:02:73:29:53:2d:e0:2b:83:36:3d:c5:a2:34:43:c0:7a:03:
+ 1b:74:e3:75:02:84:ef:92:bf:e8:a5:43:53:04:0c:ea:bb:ba:
+ 3a:e1:28:b6:c8:15:dd:5a:bb:ae:b0:47:81:5b:09:c2:47:5b:
+ f8:7a:87:bc
-----BEGIN CERTIFICATE-----
-MIIE2jCCA8KgAwIBAgIUMQFEYH31HOBVpk/J/ZoRizFAdzswDQYJKoZIhvcNAQEL
+MIIE2jCCA8KgAwIBAgIUemVAEj4cSVcK98Z9Y7clatfLgzgwDQYJKoZIhvcNAQEL
BQAwgZExCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxDDAKBgNVBAsMA1VSSTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
-c2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZExCzAJBgNV
+c2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZExCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYD
VQQKDAx3b2xmU1NMXzIwNDgxDDAKBgNVBAsMA1VSSTEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -79,12 +79,12 @@ o4IBJjCCASIwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMIHRBgNVHSME
gckwgcaAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGXpIGUMIGRMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwM
d29sZlNTTF8yMDQ4MQwwCgYDVQQLDANVUkkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
-LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUMQFEYH31HOBV
-pk/J/ZoRizFAdzswCQYDVR0TBAIwADAiBgNVHREEGzAZhhdodHRwczovL3d3dy53
-b2xmc3NsLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAHManxfSAizBeF0Qngku7aje6
-4olq9rIws5tKd7DHTKZ941FIAIhg8FCKoEisDRQF6cOY0oSp3jlO3EiFMpaZUnWe
-XNnIarfa8OmjhpUcF3AjQIjoHnmWkphc1rCDbmGcWsFy+SoSooyx+DndVpobyVdP
-g49Id8X5MV98BbDzqQjh3smMu+g7Eu4pqSGXC9DZddS1W58axkTe5GTQ3pvGCAgz
-q8GlPX39ufIPbpbhf9PAxkdncbIAh+vja6YvlV1dPj8P/K1oqRlDa0Xc49FTUzsl
-qq+vwpXEShkpVrwgUZK9k9T5vBQHQqefnfporql282SYXwTvK7H+0MvkLwTwYg==
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUemVAEj4cSVcK
+98Z9Y7clatfLgzgwCQYDVR0TBAIwADAiBgNVHREEGzAZhhdodHRwczovL3d3dy53
+b2xmc3NsLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAXaQ6Na5AW/seewlBMksLDohu
+dwSHbN32u0jwOCXRYuj8uLkyrb8tZpKO+2Ir8vlkj8BIkxvVpTQQ2gkno8BngE62
+aQpWjWMSkCGLoXSgXmCjPrVLvxKknzetTh8I+jywq2S6eHDaSrhaC4/KGT19DsYg
+132ZGSYm1f3d3zBpif9NDJRsES7/bXFCs3Zaw/SkF4PQGoVYEgSbdznzNAt1vR+Y
+lmy5ap/nSe3KXQn5OmKCV/O6XXO22sO9fDGe5JJBbItkT829nQJzKVMt4CuDNj3F
+ojRDwHoDG3TjdQKE75K/6KVDUwQM6ru6OuEotsgV3Vq7rrBHgVsJwkdb+HqHvA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem
index 778b4dca..4dfa62b2 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem
@@ -1,10 +1,10 @@
-----BEGIN X509 CRL-----
-MIIBYDCCAQUCAQEwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+MIIBXjCCAQUCAQEwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0y
-MDA2MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBQTtXlZ
-MrO7tEezNA6AwIMeqoLIWzALBgNVHRQEBAICIAQwCgYIKoZIzj0EAwIDSQAwRgIh
-AI0Fl7b1oh6x96i14akYhMMcVHPi7VdLh7fXSf9bMoeqAiEAzxqdobdrD2e53V5b
-0o4HUOCgRB1dzH1m+LcRe+LPUnI=
+MzA5MjcxMjEwMDlaFw0yNjA2MjMxMjEwMDlaoDAwLjAfBgNVHSMEGDAWgBSXHWDD
+hyJZm2AfhLSZHIhNv9oebjALBgNVHRQEBAICIAQwCgYIKoZIzj0EAwIDRwAwRAIg
+C6Wlwom5faQm2pTYRBI2DVTdy7DYv1QYsi/y6ZDhPAQCIEfioB8LqiTO0gjSzUVN
+KPkEXx3y4Ih3HHcrTwWOVuGv
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int.pem
index 0dcb10dd..f4b2208f 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int.pem
@@ -2,13 +2,13 @@
MIICHDCCAQQCAQEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRl
-cm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIw
-MDYxNjE5MTc1OFoXDTIzMDMxMzE5MTc1OFqgMDAuMB8GA1UdIwQYMBaAFIMc8ZiF
-7G4GRTTeUcC6tytnMmZNMAsGA1UdFAQEAgIgADANBgkqhkiG9w0BAQsFAAOCAQEA
-VQ6Am+DuDpBbUs2yEIe0MDwgVZacmOwEB6wZM/c62qW+tGitjUnj1UD6wNQZwYpP
-OGNYOdbiIskilSC97WJgXW4dJVrRHiV8nAzzi/8tZO96oUbLx1hmfx1/hCxqtm50
-bbYUuS25qoiVFKYkx1tocY+ESLfam09T8ZP3m5m38h5YTe+s6dmHdonEM+JlNEdT
-itvZtSfUU29xCQIXVSWFJHsRGjqdvCpndtY1Kmb8aYdB60zpk2JgOGljg2uF7Iq0
-lquWWfhDl77r0qdlRYHTQ+0FetU4gCZ+ZVGH07+FD/p+GxPh4P0D3i2gFq2Z/0en
-396xKNy+NiBbFw/CUFbLDw==
+cm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIz
+MDkyNzEyMTAwOVoXDTI2MDYyMzEyMTAwOVqgMDAuMB8GA1UdIwQYMBaAFO9p4PfV
+HeaZ7Nxt0PfiuVxkcYM1MAsGA1UdFAQEAgIgADANBgkqhkiG9w0BAQsFAAOCAQEA
+S39FIBb1dxg1cLXT/tg/G5AO96rcOYWz31KoZee1ATTDmgG/Wfl5eZyzqIrj6yNB
+r0itqwEK4rcJRz5CGRPCa81M3VRcQncj908boEuVsaiWzobWYz1TYTFUvnlQpRO3
+Z124+mBucZ+VxiClZqcCfR/0I8tJFMYDltwWtap8VYeIV6qhqKw7EWTPhwG+me18
+jyhclPaq6sHiUBanecQODzrlXsLGgC64E9h0zbFc7xQXrnLWRurfuLA4vY2xoyyj
+xwTcdSLDL4rlqA2dVEx/FrbA1SBjgUrJy4XJthsFIu4M2fiY81cWKQmEC/2q7qPK
+NrGG8b24EkPvFXepUtleJQ==
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem
index ae048dee..917c6891 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem
@@ -3,8 +3,8 @@ MIIBYTCCAQYCAQEwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJbnRlcm1l
ZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcN
-MjAwNjE2MTkxNzU4WhcNMjMwMzEzMTkxNzU4WqAwMC4wHwYDVR0jBBgwFoAUG/S9
-kCh0ZOMzXotkp/yvuvK5VeUwCwYDVR0UBAQCAiAFMAoGCCqGSM49BAMCA0kAMEYC
-IQDBYNHurBS8JV1DkJLVaVXD5lrvjdCA13poIGJxVvx0NwIhALJQRBbMvQCLZ4ci
-sE1dD+cpe4NdK/x2iH4QJ8XJX8uc
+MjMwOTI3MTIxMDA5WhcNMjYwNjIzMTIxMDA5WqAwMC4wHwYDVR0jBBgwFoAUn657
+enCABFUrxrcMW3nkEkFlMSkwCwYDVR0UBAQCAiAFMAoGCCqGSM49BAMCA0kAMEYC
+IQCIZv1TFoij0ezl8/TaA4wq4cNRnYZaKf+W4ROnAfghZwIhALog+BqrxkhP0C3C
+LEWWD4Q7rOIZdNfK8ABwrg+vWneJ
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem
index c0d26522..7d606ec4 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem
@@ -3,12 +3,12 @@ MIICHTCCAQUCAQEwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNTTCBJbnRl
cm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0y
-MDA2MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBR6ix1O
-o0DIzlhfjfz/Rix1QdkDXjALBgNVHRQEBAICIAEwDQYJKoZIhvcNAQELBQADggEB
-AJeG0+IjjS5Rf2gAJu/ldHzCwMJccTKt17mHjyQhQnzOQN8Df+zAUDWIVF99d0vO
-cQFx5SYWpFYkT6kSRYHdYmZp8s6Yl0oQJ+isQ1wsFnkF2z+I/g1f/uDX9LWnKxnj
-UE2UttU6fKGQl2F8SDnloDsQjjGnxssyGVeNCTBGjkCHHH9QSpZv5xjTN7INYCso
-3GkWnXwGkghwleXGtgMwW2IMsNVMIFJlHQQzk9P6gqTtvhkCNp6rjAHieU8GqBkh
-1zCMDTgk2LjFaRF/OnbOk1/j+LZZxox9KUIhUF4d33+PhoUd9YegvJJfdVXAKnVc
-HwoO9FjX3jBcnfvs6qPBKLc=
+MzA5MjcxMjEwMDlaFw0yNjA2MjMxMjEwMDlaoDAwLjAfBgNVHSMEGDAWgBQNyWAg
+Q1iB4Joh72YW3G4hJd8rRTALBgNVHRQEBAICIAEwDQYJKoZIhvcNAQELBQADggEB
+AFZgStFKb9hSbaI7ysWXXDNBNPvb97aHd8A3T4HgYVf6MqlnyI2gJbe5VUYtoJTF
+VTIrfM7tJQf68pGCpCbo6N8ai9xAvfU+AeWk2SHgBFRj2LRprx7tDwt0/Y6YlZ2a
+PHhTqyOLEhrW0Qh6NLOJ3e0zS/GQ7Oy8muPUcBbeq+XkLK2JH6gKVrzjn7QptNDr
+7zEdntQArofx1+twNrn800pdltNjV0etC1Ags5ocg10Xp1dD9NPFdLsY5cASHitP
+xpek4sZiBvEB0YKOs+eY8tYtFAPRzEfz5JeZNwUL3jhLH8/4d0mioVSH1+k0xkBz
+MRdmZc1yQaIQe6U0tgzw9SM=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem b/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem
index e83d959f..ab0833e0 100644
--- a/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem
@@ -1,10 +1,10 @@
-----BEGIN X509 CRL-----
-MIIBcTCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+MIIBcjCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx
FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFqgLzAtMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA
-ElNSMAoGA1UdFAQDAgEKMAoGCCqGSM49BAMCA2gAMGUCMCbmiewu7ikmrUaNHKUE
-6oqf9mULJeeG7FfVnGXZll7gTCM3R4nThSrxLle4e8IIMgIxAIccPNJG5N7KK4lQ
-DjHWMuKNQUJ2B5w+S5OCX99KhhoBBH+SzQgd+3XcQTpVZ2kKNw==
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1qgLzAtMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA
+ElNSMAoGA1UdFAQDAgEMMAoGCCqGSM49BAMCA2kAMGYCMQDiAhgtXMrlvYjxh1+q
+uqluR12ThFI1k8wTdFiGF0yToo3zpoxbaN5w33vBYVUZzCYCMQD76v5cIfO8RUBc
+f5tVsV7n7fGhwMPREOw0f0nmtl+qwNWSDDegMLtTdZyYF9ERdV0=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/caEccCrl.der b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.der
new file mode 100644
index 00000000..9f025a15
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem
index b8832dce..4729407b 100644
--- a/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem
@@ -2,9 +2,9 @@
MIIBUTCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx
FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFqgLzAtMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD
-86UhMAoGA1UdFAQDAgEJMAoGCCqGSM49BAMCA0gAMEUCIGhDySSru33cJYxzkQsE
-TRiRigzyNzpor3a3t5VzqmY8AiEA8WCuamxgE0S+Pas7uuUJPzXlq7JAwmCVwP+h
-nH1nWYM=
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1qgLzAtMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD
+86UhMAoGA1UdFAQDAgELMAoGCCqGSM49BAMCA0gAMEUCICFj5IcBuGatpURtIwMU
+hSKkP11GeUUb5crLMcBKI2u9AiEArWyOTYXvODOGebzJONGEy7UQ9d+HUba3ROqc
+aGu35HE=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem b/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem
index 10fe5819..00c48537 100644
--- a/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem
@@ -2,41 +2,41 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
- 6
+ 8
Revoked Certificates:
Serial Number: 02
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Signature Algorithm: sha256WithRSAEncryption
- bf:d3:f7:5b:70:94:5a:11:50:b2:7d:7b:f9:c8:0f:aa:1b:82:
- f9:24:5f:79:a6:ab:9d:71:53:83:a2:29:93:a4:91:9d:70:0e:
- b7:b7:e2:67:b8:ee:1c:fb:81:be:f7:e6:a7:d7:c0:df:5d:d3:
- 4b:df:50:1c:08:c3:95:20:bd:6c:0e:f8:c9:70:66:cd:42:19:
- d8:a5:75:bf:cc:b4:fb:f4:fc:85:58:06:95:07:fd:a5:c2:a8:
- ac:a3:e9:eb:0c:99:98:f8:62:a8:59:22:d5:72:71:05:8a:ca:
- 6a:5a:96:c1:a3:29:b2:ea:78:30:1d:8c:c5:17:26:b5:d4:87:
- 79:c9:f6:51:2e:c9:e9:b5:f4:17:2a:8e:ba:3d:e9:8d:e0:66:
- 87:7b:8f:36:8c:62:45:7a:07:2b:b2:da:02:ba:27:b9:e6:18:
- d8:84:5f:4d:8f:cd:03:91:e8:53:c8:10:c8:d9:51:af:3d:e3:
- 35:25:cd:3e:44:7e:fd:8f:74:46:4a:b9:03:da:41:2b:b1:4d:
- 4c:39:af:14:fa:9c:4f:54:4c:4b:9f:a8:4a:b6:99:24:95:54:
- 37:05:ab:45:7b:7b:25:20:d1:99:b1:5e:aa:98:a0:1e:b9:b1:
- a3:fe:e5:2c:f8:49:d8:94:07:05:79:b5:9b:19:0e:53:c8:b3:
- ce:60:d0:bc
+ 74:17:9b:40:81:d2:a0:f3:26:68:44:5b:f8:a2:6c:3f:7e:71:
+ 75:a2:7f:c6:e6:71:cb:f9:08:57:42:cd:3e:3f:ab:cd:0c:85:
+ 36:45:58:8b:59:28:81:d9:b0:6b:10:4a:d0:7d:59:ad:cf:53:
+ 05:cb:13:c7:c1:ec:65:64:6b:4d:e6:87:0b:ae:06:60:ab:8a:
+ 3c:ae:c1:7d:ed:8f:ee:09:02:7a:3a:f2:21:bf:89:ef:cd:14:
+ b1:03:64:2d:b2:b6:45:15:da:2d:ee:2d:c0:15:3b:a8:01:a8:
+ 4f:30:61:ae:99:b9:16:07:b5:8b:71:8f:38:ac:69:82:39:90:
+ 92:ff:d6:41:33:3b:92:5b:f2:dd:56:5a:8f:82:d1:1f:76:ee:
+ ca:01:a2:ac:c0:22:41:dd:6e:e1:ce:06:b0:6f:bc:e2:da:91:
+ 11:c1:a0:41:16:7d:ba:7e:a1:53:13:14:4b:54:3b:b9:44:cf:
+ 4f:1c:ef:ce:a8:bd:e8:ab:ba:de:97:f7:b7:7d:4f:ab:7a:e7:
+ 73:65:97:a1:d9:a3:f3:92:f1:95:06:6d:52:7b:6e:fd:26:56:
+ 55:83:c7:71:f7:a4:8f:9a:2c:52:04:dd:9f:85:ab:9c:88:e1:
+ 30:c6:4a:88:7d:20:1b:c6:47:8b:82:cc:9d:0f:51:69:b1:90:
+ b2:8a:9c:74
-----BEGIN X509 CRL-----
MIICDjCB9wIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEy
-MTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMBQwEgIBAhcNMjIxMjE2MjExNzUwWqAO
-MAwwCgYDVR0UBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAL/T91twlFoRULJ9e/nI
-D6obgvkkX3mmq51xU4OiKZOkkZ1wDre34me47hz7gb735qfXwN9d00vfUBwIw5Ug
-vWwO+MlwZs1CGdildb/MtPv0/IVYBpUH/aXCqKyj6esMmZj4YqhZItVycQWKympa
-lsGjKbLqeDAdjMUXJrXUh3nJ9lEuyem19Bcqjro96Y3gZod7jzaMYkV6Byuy2gK6
-J7nmGNiEX02PzQOR6FPIEMjZUa894zUlzT5Efv2PdEZKuQPaQSuxTUw5rxT6nE9U
-TEufqEq2mSSVVDcFq0V7eyUg0ZmxXqqYoB65saP+5Sz4SdiUBwV5tZsZDlPIs85g
-0Lw=
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEy
+MTMyMjE5MzNaFw0yNjA5MDgyMjE5MzNaMBQwEgIBAhcNMjMxMjEzMjIxOTMzWqAO
+MAwwCgYDVR0UBAMCAQgwDQYJKoZIhvcNAQELBQADggEBAHQXm0CB0qDzJmhEW/ii
+bD9+cXWif8bmccv5CFdCzT4/q80MhTZFWItZKIHZsGsQStB9Wa3PUwXLE8fB7GVk
+a03mhwuuBmCrijyuwX3tj+4JAno68iG/ie/NFLEDZC2ytkUV2i3uLcAVO6gBqE8w
+Ya6ZuRYHtYtxjzisaYI5kJL/1kEzO5Jb8t1WWo+C0R927soBoqzAIkHdbuHOBrBv
+vOLakRHBoEEWfbp+oVMTFEtUO7lEz08c786oveirut6X97d9T6t653Nll6HZo/OS
+8ZUGbVJ7bv0mVlWDx3H3pI+aLFIE3Z+Fq5yI4TDGSoh9IBvGR4uCzJ0PUWmxkLKK
+nHQ=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem
index e3ead624..c00803db 100644
--- a/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem
@@ -1,10 +1,10 @@
-----BEGIN X509 CRL-----
-MIIBXDCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+MIIBWzCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNTTCBDbGllbnQg
-Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMDA2
-MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBTr1EtZa5Vh
-P1FXtgRNiUGIRFyr8jALBgNVHRQEBAICIAcwCgYIKoZIzj0EAwIDSAAwRQIhAJiz
-His7baFwO9NAwNTMMpNJbYd1XClf1q9lOdO9S/sqAiBfh8Qy7Lri1brEaafDCxe3
-3PgVHR+m9QkJssAuOEIK2A==
+Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzA5
+MjcxMjEwMTBaFw0yNjA2MjMxMjEwMTBaoDAwLjAfBgNVHSMEGDAWgBTr1EtZa5Vh
+P1FXtgRNiUGIRFyr8jALBgNVHRQEBAICIAcwCgYIKoZIzj0EAwIDRwAwRAIgN4x2
+Lb57tlFYEhVyiNJ+7vmlTSn5IgDY2aMbw5bSi+wCIA7KlbvpkAzSA+lKwUD8wmfW
+r4AwiWgQOz5RfhRx1rXC
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/client-int.pem b/extra/wolfssl/wolfssl/certs/crl/client-int.pem
index e11c30bb..0cbde2d7 100644
--- a/extra/wolfssl/wolfssl/certs/crl/client-int.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/client-int.pem
@@ -2,13 +2,13 @@
MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZwxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29sZlNTTCBDbGll
-bnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIwMDYx
-NjE5MTc1OFoXDTIzMDMxMzE5MTc1OFqgMDAuMB8GA1UdIwQYMBaAFDPYRWbXaIcY
-flQNcCeRxybXhWXAMAsGA1UdFAQEAgIgAzANBgkqhkiG9w0BAQsFAAOCAQEARom6
-mppTxCF+GWAEHFbn9EJee2uCCrQ9dd4JLA1Hc4XYGHOoN54jPKZEvTTYB5XKImCg
-NvbOb98l88Gpr0fUDTuAdBQZrM7Vs3IBPoOJdjMNuwQzxvQ+WdY2Jft/4CaR4/mq
-oMJrmhlz1PmWNTqqfFS/GQv/NYDdCXhP4bNuWRMZoSYROyby+bqr2SgNbZ+0GA3/
-jeSCXmdngwEB7z5SoqqRscVOS7Sw1S3e6X/QNQ6rNNR6MWKH95Ra8ke9A12r+3zu
-ZqbIYtbaF49tvOJsvzKQeC8J2oTzpEbRvNudJ4mXLpNEw5I/RL1sum0bJIn0wL+/
-7q1EaGe14zTsPsx06g==
+bnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMDky
+NzEyMTAwOVoXDTI2MDYyMzEyMTAwOVqgMDAuMB8GA1UdIwQYMBaAFDPYRWbXaIcY
+flQNcCeRxybXhWXAMAsGA1UdFAQEAgIgAzANBgkqhkiG9w0BAQsFAAOCAQEAquOQ
+8p0OUhEcAy2RKuXz9mJ+/NpBf4O3f4DmIlNjKC+Vm6dkV/wYFI63/trUZ7zOsL2A
+GCDuFtXqcmWJcl6A3Fi2sUqSrwaz+J7n0fRARlvAHNIiSZX02pPYt+zzBxUUdvmp
+VcFyAPs5VTbCGXQEgqPsH2bpeVtDvEqEhS4fv6GtOQ59nOiDMJqHl6iUKAD/Jw4x
+M/eemrpnGS4K2JG/IBmQN8bZ/3pX+4bAymNqaj+Wz0PQxkOvr7Kv+U9M/Jr8QXPz
+zPAZQfPU5caUA+DhGwPK9NNJu07seuUTi7D0qRP28p0k4rOR7AtRmi47KhP1Rxm1
+7aYL9GnvRcuHob7NtQ==
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl.der b/extra/wolfssl/wolfssl/certs/crl/crl.der
index f1396b8a..c6ec65c4 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl.der
+++ b/extra/wolfssl/wolfssl/certs/crl/crl.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl.pem b/extra/wolfssl/wolfssl/certs/crl/crl.pem
index 9da22d86..a4a09f0a 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/crl.pem
@@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
2
Revoked Certificates:
Serial Number: 02
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Signature Algorithm: sha256WithRSAEncryption
- 39:44:ff:39:f4:04:45:79:7e:73:e2:42:48:db:85:66:fd:99:
- 76:94:7c:b5:79:5d:15:71:36:a9:87:f0:73:05:50:08:6b:1c:
- 6e:de:96:45:31:c3:c0:ba:ba:f5:08:1d:05:4a:52:39:e9:03:
- ef:59:c8:1d:4a:f2:86:05:99:7b:4b:74:f6:d3:75:8d:b2:57:
- ba:ac:a7:11:14:d6:6c:71:c4:4c:1c:68:bc:49:78:f0:c9:52:
- 8a:e7:8b:54:e6:20:58:20:60:66:f5:14:d8:cb:ff:e0:a0:45:
- bc:b4:81:ad:1d:bc:cf:f8:8e:a8:87:24:55:99:d9:ce:47:f7:
- 5b:4a:33:6d:db:bf:93:64:1a:a6:46:5f:27:dc:d8:d4:f9:c2:
- 42:2a:7e:b2:7c:dd:98:77:f5:88:7d:15:25:08:bc:e0:d0:8d:
- f4:c3:c3:04:41:a4:d1:b1:39:4a:6b:2c:b5:2e:9a:65:43:0d:
- 0e:73:f4:06:e1:b3:49:34:94:b0:b7:ff:c0:27:c1:b5:ea:06:
- f7:71:71:97:bb:bc:c7:1a:9f:eb:f6:3d:a5:7b:55:a7:bf:dd:
- d7:ee:97:b8:9d:dc:cd:e3:06:db:9a:2c:60:bf:70:84:fa:6b:
- 8d:70:7d:de:e8:b7:ab:b0:38:68:6c:c0:b1:e1:ba:45:e0:d7:
- 12:3d:71:5b
+ 48:36:98:18:42:9c:0c:81:51:19:75:4b:26:9a:e0:07:18:89:
+ a2:a1:bd:b6:4e:91:f2:44:93:1a:50:a1:8f:72:1f:c4:ae:99:
+ 81:c5:00:3a:94:03:de:00:24:98:d4:2c:17:e5:ba:f2:29:3a:
+ 43:c8:23:ba:73:6a:5c:99:5d:ba:80:dd:bd:4f:cd:53:a6:cf:
+ 33:11:31:30:27:e2:d2:31:06:65:b8:3e:cf:fe:00:21:ff:0d:
+ 18:4f:fc:fd:d5:80:75:72:7c:2e:44:c1:a1:26:a6:8a:88:c8:
+ c0:66:1a:d4:99:36:ca:8f:67:42:8f:7c:f2:1a:e7:1b:d0:90:
+ 05:22:0d:29:d3:35:57:23:8c:bb:d2:53:c1:a8:00:3c:d4:b3:
+ 97:23:8a:4f:1d:8b:c9:73:6a:96:40:b0:a4:b1:c7:de:06:4d:
+ a3:5d:6a:d2:f5:5c:1e:f0:21:0f:d1:fd:21:89:e2:9e:3d:c1:
+ b2:f0:0f:5e:79:1e:47:48:92:bf:eb:96:28:ad:0b:89:5e:3b:
+ ed:97:29:bb:8d:24:c2:e6:26:e5:33:ef:88:17:c1:1a:97:fa:
+ 51:44:a2:cc:b2:64:e5:5c:94:54:ed:3b:7d:8f:34:4a:4b:d3:
+ ca:62:f9:20:00:86:26:ea:1b:a9:b4:df:8f:f4:4d:d8:3e:95:
+ aa:3b:43:1c
-----BEGIN X509 CRL-----
MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFowFDASAgECFw0yMjEyMTYyMTE3NTBaoA4wDDAKBgNVHRQE
-AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAOUT/OfQERXl+c+JCSNuFZv2ZdpR8tXld
-FXE2qYfwcwVQCGscbt6WRTHDwLq69QgdBUpSOekD71nIHUryhgWZe0t09tN1jbJX
-uqynERTWbHHETBxovEl48MlSiueLVOYgWCBgZvUU2Mv/4KBFvLSBrR28z/iOqIck
-VZnZzkf3W0ozbdu/k2QapkZfJ9zY1PnCQip+snzdmHf1iH0VJQi84NCN9MPDBEGk
-0bE5SmsstS6aZUMNDnP0BuGzSTSUsLf/wCfBteoG93Fxl7u8xxqf6/Y9pXtVp7/d
-1+6XuJ3czeMG25osYL9whPprjXB93ui3q7A4aGzAseG6ReDXEj1xWw==
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFDASAgECFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE
+AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEASDaYGEKcDIFRGXVLJprgBxiJoqG9tk6R
+8kSTGlChj3IfxK6ZgcUAOpQD3gAkmNQsF+W68ik6Q8gjunNqXJlduoDdvU/NU6bP
+MxExMCfi0jEGZbg+z/4AIf8NGE/8/dWAdXJ8LkTBoSamiojIwGYa1Jk2yo9nQo98
+8hrnG9CQBSINKdM1VyOMu9JTwagAPNSzlyOKTx2LyXNqlkCwpLHH3gZNo11q0vVc
+HvAhD9H9IYninj3BsvAPXnkeR0iSv+uWKK0LiV477Zcpu40kwuYm5TPviBfBGpf6
+UUSizLJk5VyUVO07fY80SkvTymL5IACGJuobqbTfj/RN2D6VqjtDHA==
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl.revoked b/extra/wolfssl/wolfssl/certs/crl/crl.revoked
index b85ca36d..73252614 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl.revoked
+++ b/extra/wolfssl/wolfssl/certs/crl/crl.revoked
@@ -2,43 +2,43 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
3
Revoked Certificates:
Serial Number: 01
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Serial Number: 02
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Signature Algorithm: sha256WithRSAEncryption
- 1f:6c:1c:50:42:8a:55:bc:41:f6:a9:15:b6:ad:90:53:0a:b8:
- 73:71:8b:dd:0e:8f:95:0f:97:6d:82:24:09:6d:d5:9f:57:47:
- ab:c2:10:ad:df:27:0b:6c:d4:1f:c2:d5:4b:56:4b:44:01:3e:
- 5f:d3:08:6c:da:5b:94:40:00:47:e2:c9:f5:93:3d:c6:b0:28:
- b6:48:ff:32:9e:7b:d9:2d:71:5c:c4:53:13:50:8d:c7:e8:d0:
- 6f:28:ee:71:a0:8a:3e:da:9a:c4:e1:ad:a7:36:ce:87:ff:1f:
- 32:f1:32:ca:ff:81:d9:b8:d1:ca:39:7f:08:90:77:da:45:23:
- 56:49:ad:08:99:ef:75:23:5f:92:9a:b4:34:ef:5c:b1:68:71:
- 0d:06:31:28:5e:b1:34:56:a3:d6:47:8a:ba:2b:e2:be:28:29:
- d0:6a:12:60:5e:5c:93:7d:0d:54:bf:ee:72:7f:31:e6:9a:ab:
- 56:fc:34:45:06:e9:bd:fc:39:1d:37:91:77:d2:da:96:01:a0:
- 0d:9f:cf:b6:26:98:6b:fb:d9:ef:51:1d:df:41:6c:3c:61:5c:
- 38:83:e4:71:51:1d:62:57:53:8b:0b:0a:b1:ac:df:5c:22:26:
- b6:67:51:62:06:5b:97:ed:94:f4:40:7e:48:4e:3b:fd:b7:75:
- 40:17:ec:48
+ 72:6e:a4:64:36:6b:e8:e0:c5:1d:98:ef:ab:7e:7a:14:f2:8d:
+ 99:d0:57:4b:76:ac:f4:89:60:cd:89:23:9d:01:34:f3:83:e5:
+ 82:21:b3:48:c4:42:25:7f:ea:9f:74:5f:e8:b8:d6:71:bb:a2:
+ 39:d8:ef:46:a8:13:ba:7d:44:ab:d6:13:65:18:de:b5:03:85:
+ a7:c6:4f:0a:a0:6a:78:ba:7b:f7:ce:6e:ba:1c:ef:6f:b1:04:
+ a8:ac:c6:de:3b:76:77:3e:3d:8b:ae:8b:2b:7e:c9:4f:77:31:
+ 7f:1f:f5:04:2c:e9:cf:a1:56:c2:59:e9:be:49:9f:e8:67:a3:
+ 42:66:05:21:02:64:82:b2:74:a7:4b:89:89:7d:43:1a:41:fd:
+ 53:8c:d6:4f:27:04:2a:48:6b:9e:62:fa:4a:42:83:22:53:3f:
+ 53:07:4f:bc:cd:8d:8d:cc:15:c6:ff:3c:af:7d:db:ab:dd:fa:
+ 8f:65:86:86:2a:89:5e:3f:d5:4b:39:80:78:3f:6e:38:3b:6d:
+ a5:5e:2c:9e:1d:2f:9c:62:12:b1:34:f2:95:64:37:dc:4b:20:
+ dc:27:f3:de:81:67:b2:04:b0:14:b9:47:e3:65:e3:2f:35:27:
+ c2:fc:22:db:24:bd:04:58:88:17:e3:42:3c:a5:ef:53:39:15:
+ 54:52:ac:a1
-----BEGIN X509 CRL-----
MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEyMTYyMTE3NTBa
-Fw0yNTA5MTEyMTE3NTBaMCgwEgIBARcNMjIxMjE2MjExNzUwWjASAgECFw0yMjEy
-MTYyMTE3NTBaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAH2wc
-UEKKVbxB9qkVtq2QUwq4c3GL3Q6PlQ+XbYIkCW3Vn1dHq8IQrd8nC2zUH8LVS1ZL
-RAE+X9MIbNpblEAAR+LJ9ZM9xrAotkj/Mp572S1xXMRTE1CNx+jQbyjucaCKPtqa
-xOGtpzbOh/8fMvEyyv+B2bjRyjl/CJB32kUjVkmtCJnvdSNfkpq0NO9csWhxDQYx
-KF6xNFaj1keKuivivigp0GoSYF5ck30NVL/ucn8x5pqrVvw0RQbpvfw5HTeRd9La
-lgGgDZ/PtiaYa/vZ71Ed30FsPGFcOIPkcVEdYldTiwsKsazfXCImtmdRYgZbl+2U
-9EB+SE47/bd1QBfsSA==
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEyMTMyMjE5MzNa
+Fw0yNjA5MDgyMjE5MzNaMCgwEgIBARcNMjMxMjEzMjIxOTMzWjASAgECFw0yMzEy
+MTMyMjE5MzNaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAcm6k
+ZDZr6ODFHZjvq356FPKNmdBXS3as9IlgzYkjnQE084PlgiGzSMRCJX/qn3Rf6LjW
+cbuiOdjvRqgTun1Eq9YTZRjetQOFp8ZPCqBqeLp7985uuhzvb7EEqKzG3jt2dz49
+i66LK37JT3cxfx/1BCzpz6FWwlnpvkmf6GejQmYFIQJkgrJ0p0uJiX1DGkH9U4zW
+TycEKkhrnmL6SkKDIlM/UwdPvM2NjcwVxv88r33bq936j2WGhiqJXj/VSzmAeD9u
+ODttpV4snh0vnGISsTTylWQ33Esg3Cfz3oFnsgSwFLlH42XjLzUnwvwi2yS9BFiI
+F+NCPKXvUzkVVFKsoQ==
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl2.der b/extra/wolfssl/wolfssl/certs/crl/crl2.der
index f1396b8a..c6ec65c4 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl2.der
+++ b/extra/wolfssl/wolfssl/certs/crl/crl2.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl2.pem b/extra/wolfssl/wolfssl/certs/crl/crl2.pem
index 667ef84c..eb71f194 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl2.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/crl2.pem
@@ -2,79 +2,79 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
2
Revoked Certificates:
Serial Number: 02
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Signature Algorithm: sha256WithRSAEncryption
- 39:44:ff:39:f4:04:45:79:7e:73:e2:42:48:db:85:66:fd:99:
- 76:94:7c:b5:79:5d:15:71:36:a9:87:f0:73:05:50:08:6b:1c:
- 6e:de:96:45:31:c3:c0:ba:ba:f5:08:1d:05:4a:52:39:e9:03:
- ef:59:c8:1d:4a:f2:86:05:99:7b:4b:74:f6:d3:75:8d:b2:57:
- ba:ac:a7:11:14:d6:6c:71:c4:4c:1c:68:bc:49:78:f0:c9:52:
- 8a:e7:8b:54:e6:20:58:20:60:66:f5:14:d8:cb:ff:e0:a0:45:
- bc:b4:81:ad:1d:bc:cf:f8:8e:a8:87:24:55:99:d9:ce:47:f7:
- 5b:4a:33:6d:db:bf:93:64:1a:a6:46:5f:27:dc:d8:d4:f9:c2:
- 42:2a:7e:b2:7c:dd:98:77:f5:88:7d:15:25:08:bc:e0:d0:8d:
- f4:c3:c3:04:41:a4:d1:b1:39:4a:6b:2c:b5:2e:9a:65:43:0d:
- 0e:73:f4:06:e1:b3:49:34:94:b0:b7:ff:c0:27:c1:b5:ea:06:
- f7:71:71:97:bb:bc:c7:1a:9f:eb:f6:3d:a5:7b:55:a7:bf:dd:
- d7:ee:97:b8:9d:dc:cd:e3:06:db:9a:2c:60:bf:70:84:fa:6b:
- 8d:70:7d:de:e8:b7:ab:b0:38:68:6c:c0:b1:e1:ba:45:e0:d7:
- 12:3d:71:5b
+ 48:36:98:18:42:9c:0c:81:51:19:75:4b:26:9a:e0:07:18:89:
+ a2:a1:bd:b6:4e:91:f2:44:93:1a:50:a1:8f:72:1f:c4:ae:99:
+ 81:c5:00:3a:94:03:de:00:24:98:d4:2c:17:e5:ba:f2:29:3a:
+ 43:c8:23:ba:73:6a:5c:99:5d:ba:80:dd:bd:4f:cd:53:a6:cf:
+ 33:11:31:30:27:e2:d2:31:06:65:b8:3e:cf:fe:00:21:ff:0d:
+ 18:4f:fc:fd:d5:80:75:72:7c:2e:44:c1:a1:26:a6:8a:88:c8:
+ c0:66:1a:d4:99:36:ca:8f:67:42:8f:7c:f2:1a:e7:1b:d0:90:
+ 05:22:0d:29:d3:35:57:23:8c:bb:d2:53:c1:a8:00:3c:d4:b3:
+ 97:23:8a:4f:1d:8b:c9:73:6a:96:40:b0:a4:b1:c7:de:06:4d:
+ a3:5d:6a:d2:f5:5c:1e:f0:21:0f:d1:fd:21:89:e2:9e:3d:c1:
+ b2:f0:0f:5e:79:1e:47:48:92:bf:eb:96:28:ad:0b:89:5e:3b:
+ ed:97:29:bb:8d:24:c2:e6:26:e5:33:ef:88:17:c1:1a:97:fa:
+ 51:44:a2:cc:b2:64:e5:5c:94:54:ed:3b:7d:8f:34:4a:4b:d3:
+ ca:62:f9:20:00:86:26:ea:1b:a9:b4:df:8f:f4:4d:d8:3e:95:
+ aa:3b:43:1c
-----BEGIN X509 CRL-----
MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFowFDASAgECFw0yMjEyMTYyMTE3NTBaoA4wDDAKBgNVHRQE
-AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAOUT/OfQERXl+c+JCSNuFZv2ZdpR8tXld
-FXE2qYfwcwVQCGscbt6WRTHDwLq69QgdBUpSOekD71nIHUryhgWZe0t09tN1jbJX
-uqynERTWbHHETBxovEl48MlSiueLVOYgWCBgZvUU2Mv/4KBFvLSBrR28z/iOqIck
-VZnZzkf3W0ozbdu/k2QapkZfJ9zY1PnCQip+snzdmHf1iH0VJQi84NCN9MPDBEGk
-0bE5SmsstS6aZUMNDnP0BuGzSTSUsLf/wCfBteoG93Fxl7u8xxqf6/Y9pXtVp7/d
-1+6XuJ3czeMG25osYL9whPprjXB93ui3q7A4aGzAseG6ReDXEj1xWw==
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFDASAgECFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE
+AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEASDaYGEKcDIFRGXVLJprgBxiJoqG9tk6R
+8kSTGlChj3IfxK6ZgcUAOpQD3gAkmNQsF+W68ik6Q8gjunNqXJlduoDdvU/NU6bP
+MxExMCfi0jEGZbg+z/4AIf8NGE/8/dWAdXJ8LkTBoSamiojIwGYa1Jk2yo9nQo98
+8hrnG9CQBSINKdM1VyOMu9JTwagAPNSzlyOKTx2LyXNqlkCwpLHH3gZNo11q0vVc
+HvAhD9H9IYninj3BsvAPXnkeR0iSv+uWKK0LiV477Zcpu40kwuYm5TPviBfBGpf6
+UUSizLJk5VyUVO07fY80SkvTymL5IACGJuobqbTfj/RN2D6VqjtDHA==
-----END X509 CRL-----
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
1
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
- 31:07:d5:eb:5e:d7:89:0e:c1:29:ab:4b:49:0e:58:9d:f8:7e:
- 27:59:48:2d:68:a5:06:e1:c9:46:f8:b8:97:bc:6d:71:f2:d9:
- cd:f2:2d:2c:7b:86:6d:8e:7d:75:c8:94:33:fd:5f:67:57:74:
- fe:48:3a:4a:4e:73:7b:55:b9:85:46:9a:1d:69:e6:7a:1e:d3:
- 73:aa:76:34:d1:5f:be:b3:47:28:b6:e5:80:c2:c3:f0:b9:c0:
- 79:58:32:0e:0a:45:9b:d7:4b:2a:e4:ea:53:ff:7d:a7:34:35:
- 5e:ae:bb:6b:16:3b:cd:b3:ae:8c:d0:10:22:ae:c1:04:c6:0c:
- 2c:f1:4b:d0:de:20:47:33:74:88:61:db:e4:c2:e9:cd:59:65:
- ce:a0:e3:07:0d:25:df:b3:b6:ab:c6:0f:0d:07:7b:e2:c7:a5:
- 9e:7c:80:6b:c4:86:0b:d8:4d:ea:f6:a8:14:b4:41:84:5d:ea:
- 58:92:12:a7:6a:e2:2d:8e:35:d7:39:4c:b9:00:c5:46:0d:02:
- 4d:17:0a:fb:5c:0b:80:27:e5:01:af:5f:a5:70:ab:26:13:b7:
- a0:76:2e:e7:fa:c5:dc:5a:7d:50:22:0c:e6:44:1a:a6:5a:64:
- e7:84:13:af:ef:2d:47:1a:db:88:9c:62:b9:23:3f:7d:3f:17:
- 19:0c:bc:97
+ 38:bd:b1:ed:0c:8b:5d:f2:e3:de:48:7b:03:16:a7:09:4c:98:
+ 03:9d:a7:50:1d:56:57:a6:6f:e1:7d:4c:32:31:f3:55:28:4a:
+ d3:b5:55:a7:7d:f8:43:46:cf:7c:64:66:2e:0e:bc:e6:43:41:
+ c1:b8:b4:a0:db:68:92:3b:d4:a1:ef:47:44:fe:f6:e4:33:45:
+ 18:62:cb:e5:04:44:44:07:83:e4:62:c4:d0:52:63:94:b0:1a:
+ 43:bf:01:91:de:05:66:ae:6d:88:78:94:d9:c6:5e:a9:28:52:
+ 93:2b:24:00:3f:d3:f7:6c:ca:27:b6:9b:8e:8f:61:a3:ac:3b:
+ e5:62:54:09:6f:c5:52:fb:87:9a:36:e0:51:14:5d:52:f9:42:
+ 48:f1:18:20:bf:b3:98:c2:d4:a2:55:9e:7e:42:9b:01:59:fc:
+ 64:3c:bb:05:46:09:ab:16:8a:f8:08:b7:f7:3d:01:8e:1b:60:
+ ba:e0:8f:e8:fe:6b:38:bc:23:af:52:31:bc:f3:a0:60:71:c4:
+ 9a:29:49:46:5b:c2:f8:ff:c9:f6:8a:1a:c6:5c:9f:e5:bb:c0:
+ bf:6e:7b:26:8b:5a:6a:91:80:82:40:2e:48:96:b7:6a:8f:74:
+ 75:6d:54:d7:4d:2a:81:7f:01:02:bd:6e:cf:37:50:de:bb:52:
+ b6:40:eb:ad
-----BEGIN X509 CRL-----
MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEy
-MTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG
-9w0BAQsFAAOCAQEAMQfV617XiQ7BKatLSQ5Ynfh+J1lILWilBuHJRvi4l7xtcfLZ
-zfItLHuGbY59dciUM/1fZ1d0/kg6Sk5ze1W5hUaaHWnmeh7Tc6p2NNFfvrNHKLbl
-gMLD8LnAeVgyDgpFm9dLKuTqU/99pzQ1Xq67axY7zbOujNAQIq7BBMYMLPFL0N4g
-RzN0iGHb5MLpzVllzqDjBw0l37O2q8YPDQd74selnnyAa8SGC9hN6vaoFLRBhF3q
-WJISp2riLY411zlMuQDFRg0CTRcK+1wLgCflAa9fpXCrJhO3oHYu5/rF3Fp9UCIM
-5kQaplpk54QTr+8tRxrbiJxiuSM/fT8XGQy8lw==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEy
+MTMyMjE5MzNaFw0yNjA5MDgyMjE5MzNaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG
+9w0BAQsFAAOCAQEAOL2x7QyLXfLj3kh7AxanCUyYA52nUB1WV6Zv4X1MMjHzVShK
+07VVp334Q0bPfGRmLg685kNBwbi0oNtokjvUoe9HRP725DNFGGLL5QRERAeD5GLE
+0FJjlLAaQ78Bkd4FZq5tiHiU2cZeqShSkyskAD/T92zKJ7abjo9ho6w75WJUCW/F
+UvuHmjbgURRdUvlCSPEYIL+zmMLUolWefkKbAVn8ZDy7BUYJqxaK+Ai39z0Bjhtg
+uuCP6P5rOLwjr1IxvPOgYHHEmilJRlvC+P/J9ooaxlyf5bvAv257JotaapGAgkAu
+SJa3ao90dW1U100qgX8BAr1uzzdQ3rtStkDrrQ==
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem b/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem
index 0b51168d..86fa84a0 100644
--- a/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem
@@ -2,25 +2,25 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
- 7
+ 9
Revoked Certificates:
Serial Number: 02
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Signature Algorithm: ecdsa-with-SHA256
- 30:46:02:21:00:de:52:96:3d:ab:bf:56:6f:1b:a5:61:f2:43:
- 38:09:61:35:be:c3:8a:7b:17:77:2c:6a:a2:94:be:db:eb:c9:
- 54:02:21:00:8f:38:ad:28:29:42:e6:5c:65:73:d8:2e:2c:b1:
- ba:ec:15:d9:c6:fe:48:07:bd:d9:46:1a:24:0c:0a:da:e7:8c
+ 30:45:02:21:00:dc:a7:bf:34:1b:68:b6:54:0c:38:8d:46:41:
+ 84:bf:fa:f0:96:00:89:a6:81:4a:0f:15:12:ef:15:98:f7:51:
+ 95:02:20:08:57:33:0d:c1:a5:c6:83:63:49:96:8c:71:41:7b:
+ 40:92:67:80:d6:23:62:2a:c2:f2:43:5a:92:9b:9b:d6:83
-----BEGIN X509 CRL-----
-MIIBPTCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
+MIIBPDCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL
BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3
-DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjEx
-NzUwWjAUMBICAQIXDTIyMTIxNjIxMTc1MFqgDjAMMAoGA1UdFAQDAgEHMAoGCCqG
-SM49BAMCA0kAMEYCIQDeUpY9q79WbxulYfJDOAlhNb7DinsXdyxqopS+2+vJVAIh
-AI84rSgpQuZcZXPYLiyxuuwV2cb+SAe92UYaJAwK2ueM
+DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIx
+OTMzWjAUMBICAQIXDTIzMTIxMzIyMTkzM1qgDjAMMAoGA1UdFAQDAgEJMAoGCCqG
+SM49BAMCA0gAMEUCIQDcp780G2i2VAw4jUZBhL/68JYAiaaBSg8VEu8VmPdRlQIg
+CFczDcGlxoNjSZaMcUF7QJJngNYjYirC8kNakpub1oM=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem b/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem
index cf3b068d..8cd5091c 100644
--- a/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem
@@ -1,26 +1,26 @@
Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: ecdsa-with-SHA256
- Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Last Update: Dec 13 22:19:33 2023 GMT
+ Next Update: Sep 8 22:19:33 2026 GMT
CRL extensions:
X509v3 CRL Number:
- 8
+ 10
Revoked Certificates:
Serial Number: 02
- Revocation Date: Dec 16 21:17:50 2022 GMT
+ Revocation Date: Dec 13 22:19:33 2023 GMT
Signature Algorithm: ecdsa-with-SHA256
- 30:46:02:21:00:df:3b:2d:3e:14:df:73:4d:43:71:47:aa:5b:
- a3:2f:19:8f:26:8c:e7:20:60:20:75:d7:4b:68:9e:d6:a9:f4:
- 44:02:21:00:ec:32:6d:22:c4:bd:98:85:1b:66:9c:00:2b:5e:
- c3:0f:cd:cc:54:a4:0a:2c:e9:bb:32:18:8f:27:d3:a3:d4:84
+ 30:45:02:21:00:a9:26:ab:1a:4a:be:5c:92:da:9d:17:0a:b5:
+ f6:40:ea:84:93:ce:57:b8:af:68:75:e8:e9:de:a7:27:e7:79:
+ 48:02:20:11:d4:03:97:19:2a:28:04:70:28:bb:5e:6a:b7:f6:
+ 32:90:f1:92:ff:48:7c:cf:e7:94:0f:ce:63:de:f8:fc:6c
-----BEGIN X509 CRL-----
-MIIBPzCB5QIBATAKBggqhkjOPQQDAjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
-Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
-DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEy
-MTE3NTBaMBQwEgIBAhcNMjIxMjE2MjExNzUwWqAOMAwwCgYDVR0UBAMCAQgwCgYI
-KoZIzj0EAwIDSQAwRgIhAN87LT4U33NNQ3FHqlujLxmPJoznIGAgdddLaJ7WqfRE
-AiEA7DJtIsS9mIUbZpwAK17DD83MVKQKLOm7MhiPJ9Oj1IQ=
+MIIBPzCB5gIBATAKBggqhkjOPQQDAjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4
+MjIxOTMzWjAUMBICAQIXDTIzMTIxMzIyMTkzM1qgDjAMMAoGA1UdFAQDAgEKMAoG
+CCqGSM49BAMCA0gAMEUCIQCpJqsaSr5cktqdFwq19kDqhJPOV7ivaHXo6d6nJ+d5
+SAIgEdQDlxkqKARwKLtearf2MpDxkv9IfM/nlA/OY974/Gw=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem b/extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem
new file mode 100644
index 00000000..16b02cd9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem
@@ -0,0 +1,13 @@
+-----BEGIN X509 CRL-----
+MIICBTCB7gIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
+MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFTATAgIQABcNMjMxMjEzMjIxOTMzWqAOMAwwCgYDVR0U
+BAMCAQUwDQYJKoZIhvcNAQELBQADggEBACmOUprDH201Mv2gW5wiighBTzH10Lwv
+tKJtoehgsTPgsWPk7BaDTsgzLqrk5g7Nlhe1by5UNGgRbHNBzK+TQgeOtdEE0npr
+PITh7Kmtk8rAKygYjDHPtamJLc0oJcpRkVIB7PiyKs8LUlVr+Cv3m6F5I9K5pxc8
+9FXVlrVfAuN8KDC68SPlmpCsWh8v11lXRyy7sMg/ScLvBxTYiehe54kS/IUnjx1E
+eKbgRGKf0alznvdQizMhkX4XJ1gbxdeAzbxO0vsCdgevj4uSyizYKzuMkilqzure
+KGgSLade8ZwS952XPRLHGmPEeVfaDs5qdXBC6Ov9Tg+IVfmY9FO2Tp4=
+-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem b/extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem
new file mode 100644
index 00000000..d547b88f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem
@@ -0,0 +1,13 @@
+-----BEGIN X509 CRL-----
+MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
+MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFDASAgEBFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE
+AwIBBDANBgkqhkiG9w0BAQsFAAOCAQEAkoJhgjUEmUasZKFCVTZ0yLC+AoCpm10E
+den4O2yCm6N6NNlOuCbJr34iHSFHeS4Dal0phM6fl6wQTiC5zdVlG4Tnq+RlBVNk
+/15jGnjTH20bEc+2KS855GvTe9LhP/HgwS1usLhfR8YwVMSFL2NbFO+HEMD9ULx5
+UkGg9I9ehAcp42uR8RpWkeoLoWzbiw+YaBNZPdzYIylW4RqeLX3D+QhDGEnk3pR/
+Zvl3NcmLKMghXy9hMFEqu0A/G0lC5U2Oo+7jWcjO2Kn8QzCfbXrieIJ/0R4i2tUj
+wtmZ4mKVqaD66x/mSXYPpX52p5RTD7R3k+04w9FzLk73LuM69WQr5w==
+-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/gencrls.sh b/extra/wolfssl/wolfssl/certs/crl/gencrls.sh
index 4f2e22ad..e509d962 100755
--- a/extra/wolfssl/wolfssl/certs/crl/gencrls.sh
+++ b/extra/wolfssl/wolfssl/certs/crl/gencrls.sh
@@ -95,17 +95,37 @@ mv tmp crl.revoked
# remove revoked so next time through the normal CA won't have server revoked
cp blank.index.txt demoCA/index.txt
-# caEccCrl
+# revoke the general server cert
echo "Step 10"
-openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
check_result $?
echo "Step 11"
+openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out extra-crls/general-server-crl.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+check_result $?
+
+# remove revoked so next time through the normal CA won't have server revoked
+cp blank.index.txt demoCA/index.txt
+
+echo "Step 12"
+# revoke an intermediate cert
+openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../intermediate/ca-int-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out extra-crls/ca-int-cert-revoked.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+
+# remove revoked so next time through the normal CA won't have server revoked
+cp blank.index.txt demoCA/index.txt
+
+# caEccCrl
+echo "Step 13"
+openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+check_result $?
+
+echo "Step 14"
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
check_result $?
# metadata
-echo "Step 12"
+echo "Step 15"
openssl crl -in caEccCrl.pem -text > tmp
check_result $?
mv tmp caEccCrl.pem
@@ -116,12 +136,12 @@ mv tmp caEccCrl.pem
# server-revoked-cert.pem is already revoked in Step 10
#openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
-echo "Step 13"
+echo "Step 16"
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
check_result $?
# metadata
-echo "Step 14"
+echo "Step 17"
openssl crl -in caEcc384Crl.pem -text > tmp
check_result $?
mv tmp caEcc384Crl.pem
@@ -129,12 +149,12 @@ mv tmp caEcc384Crl.pem
#cp caEcc384Crl.pem ~/wolfssl/certs/crl/caEcc384Crl.pem
# cliCrl
-echo "Step 15"
+echo "Step 18"
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out cliCrl.pem -keyfile ../client-key.pem -cert ../client-cert.pem
check_result $?
# metadata
-echo "Step 16"
+echo "Step 19"
openssl crl -in cliCrl.pem -text > tmp
check_result $?
mv tmp cliCrl.pem
@@ -142,12 +162,12 @@ mv tmp cliCrl.pem
#cp cliCrl.pem ~/wolfssl/certs/crl/cliCrl.pem
# eccCliCRL
-echo "Step 17"
+echo "Step 20"
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out eccCliCRL.pem -keyfile ../ecc-client-key.pem -cert ../client-ecc-cert.pem
check_result $?
# metadata
-echo "Step 18"
+echo "Step 21"
openssl crl -in eccCliCRL.pem -text > tmp
check_result $?
mv tmp eccCliCRL.pem
@@ -155,12 +175,12 @@ mv tmp eccCliCRL.pem
#cp eccCliCRL.pem ~/wolfssl/certs/crl/eccCliCRL.pem
# eccSrvCRL
-echo "Step 19"
+echo "Step 22"
openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out eccSrvCRL.pem -keyfile ../ecc-key.pem -cert ../server-ecc.pem
check_result $?
# metadata
-echo "Step 20"
+echo "Step 23"
openssl crl -in eccSrvCRL.pem -text > tmp
check_result $?
mv tmp eccSrvCRL.pem
@@ -168,17 +188,17 @@ mv tmp eccSrvCRL.pem
#cp eccSrvCRL.pem ~/wolfssl/certs/crl/eccSrvCRL.pem
# caEccCrl
-echo "Step 21"
+echo "Step 24"
openssl ca -config ./wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
check_result $?
# ca-ecc384-cert
-echo "Step 22"
+echo "Step 25"
openssl ca -config ./wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
check_result $?
# create crl and crl2 der files for unit test
-echo "Step 23"
+echo "Step 26"
openssl crl -in crl.pem -inform PEM -out crl.der -outform DER
openssl crl -in crl2.pem -inform PEM -out crl2.der -outform DER
diff --git a/extra/wolfssl/wolfssl/certs/crl/include.am b/extra/wolfssl/wolfssl/certs/crl/include.am
index e41d0017..91f09bd0 100644
--- a/extra/wolfssl/wolfssl/certs/crl/include.am
+++ b/extra/wolfssl/wolfssl/certs/crl/include.am
@@ -3,29 +3,32 @@
#
EXTRA_DIST += \
- certs/crl/hash_pem/0fdb2da4.r0 \
- certs/crl/hash_der/0fdb2da4.r0 \
- certs/crl/crl.pem \
- certs/crl/cliCrl.pem \
- certs/crl/eccSrvCRL.pem \
- certs/crl/eccCliCRL.pem \
- certs/crl/crl2.pem \
- certs/crl/caEccCrl.pem \
- certs/crl/caEcc384Crl.pem \
- certs/crl/wolfssl.cnf \
- certs/crl/crl.der \
- certs/crl/crl2.der
+ certs/crl/hash_pem/0fdb2da4.r0 \
+ certs/crl/hash_der/0fdb2da4.r0 \
+ certs/crl/crl.pem \
+ certs/crl/cliCrl.pem \
+ certs/crl/eccSrvCRL.pem \
+ certs/crl/eccCliCRL.pem \
+ certs/crl/crl2.pem \
+ certs/crl/caEccCrl.der \
+ certs/crl/caEccCrl.pem \
+ certs/crl/caEcc384Crl.pem \
+ certs/crl/wolfssl.cnf \
+ certs/crl/crl.der \
+ certs/crl/crl2.der
EXTRA_DIST += \
- certs/crl/crl.revoked
+ certs/crl/crl.revoked \
+ certs/crl/extra-crls/ca-int-cert-revoked.pem \
+ certs/crl/extra-crls/general-server-crl.pem
# Intermediate cert CRL's
EXTRA_DIST += \
- certs/crl/ca-int.pem \
- certs/crl/ca-int2.pem \
- certs/crl/client-int.pem \
- certs/crl/server-int.pem \
- certs/crl/ca-int-ecc.pem \
- certs/crl/ca-int2-ecc.pem \
- certs/crl/client-int-ecc.pem \
- certs/crl/server-int-ecc.pem
+ certs/crl/ca-int.pem \
+ certs/crl/ca-int2.pem \
+ certs/crl/client-int.pem \
+ certs/crl/server-int.pem \
+ certs/crl/ca-int-ecc.pem \
+ certs/crl/ca-int2-ecc.pem \
+ certs/crl/client-int-ecc.pem \
+ certs/crl/server-int-ecc.pem
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem
index cb1963e8..6305d4f3 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:29 2023 GMT
+ Next Update: Sep 8 22:19:29 2026 GMT
CRL extensions:
X509v3 CRL Number:
1
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
- 22:05:56:57:ea:16:40:fa:18:c2:cd:2d:b8:64:8f:3a:e5:39:
- a4:43:d2:14:39:78:b7:c7:c3:81:78:4c:b5:b1:c2:b0:e7:b3:
- 6c:5a:e3:f7:e3:a1:78:0e:e9:3d:02:18:96:e3:f0:99:74:17:
- d7:c6:b9:76:fb:08:31:90:1c:13:f2:51:aa:6d:3e:f6:ac:05:
- 68:72:b9:b6:7b:3a:c5:51:0a:81:95:4a:b3:1c:3b:1e:75:c5:
- 46:29:14:36:91:14:50:00:65:17:ae:c0:10:37:cf:27:5b:95:
- ae:8e:b7:21:1f:b1:66:f1:e9:6d:a1:32:ea:14:86:df:74:3b:
- 99:97:17:a9:f8:65:fb:e5:15:9b:a3:05:17:44:06:aa:15:10:
- 83:47:78:0d:fd:ec:76:d4:af:2a:5f:b2:17:01:13:ca:c8:7f:
- ce:4d:ba:6c:ef:e8:4a:b7:ce:4a:d1:e4:35:6e:3e:d8:0f:2a:
- d0:94:b4:a7:cb:e5:50:bc:2a:9c:1b:39:a8:6e:8a:99:b6:b8:
- 1e:4e:59:ad:fe:2e:db:22:79:8a:37:ed:b0:c5:6b:ce:e6:55:
- 6a:eb:11:e6:34:ad:c0:ca:7b:1c:b0:15:ef:1c:fa:6c:36:2b:
- 3f:b6:f1:e2:04:90:48:36:a4:ef:26:2e:83:3e:00:4b:c7:78:
- c7:72:98:d1
+ 30:f4:19:0d:3b:23:d8:e3:b9:55:f5:aa:91:6d:20:a3:71:7d:
+ a2:c8:2e:92:18:17:fb:73:5c:52:f0:44:32:67:87:43:82:93:
+ 94:53:62:c3:32:c6:6e:4a:93:a6:99:44:f7:95:b0:24:98:95:
+ 8a:e9:62:6b:30:18:46:b4:00:1c:f1:75:e5:87:dc:5c:c3:b3:
+ 35:2b:3a:8a:2a:a6:99:73:88:e5:07:d8:cb:ec:d9:ba:06:69:
+ 1c:2f:38:37:44:e2:b4:d5:e1:f6:38:56:b3:45:ff:66:7a:da:
+ 00:0c:d4:4c:d3:2f:90:e8:4a:c2:0a:1f:4a:6b:1a:87:57:a9:
+ 31:f9:78:2b:1f:8c:9c:ed:ef:08:d1:15:49:8d:fa:8d:57:80:
+ 36:b4:42:1f:58:62:80:9f:2f:66:cc:b3:4c:64:18:9e:8e:9d:
+ b7:cb:a3:7c:47:67:bf:ec:68:a7:10:f6:68:b0:a8:7a:d4:a5:
+ eb:77:6a:0c:de:3a:16:6b:9c:87:6c:aa:5b:e1:e2:03:d9:ac:
+ 33:3a:51:56:de:b1:61:c2:01:70:2b:96:e1:b4:0f:08:a2:f4:
+ 49:79:51:eb:1c:56:a9:9e:a4:f7:f9:6a:69:2a:d7:d7:77:45:
+ 7a:97:12:bb:d6:6b:6e:07:aa:05:87:b5:6f:b7:b2:1f:e6:84:
+ 33:87:16:14
-----BEGIN X509 CRL-----
MIIB3DCBxQIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMRgwFgYDVQQDDA93d3cubm9tYXRjaC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFqgDjAM
-MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAiBVZX6hZA+hjCzS24ZI86
-5TmkQ9IUOXi3x8OBeEy1scKw57NsWuP346F4Duk9AhiW4/CZdBfXxrl2+wgxkBwT
-8lGqbT72rAVocrm2ezrFUQqBlUqzHDsedcVGKRQ2kRRQAGUXrsAQN88nW5Wujrch
-H7Fm8eltoTLqFIbfdDuZlxep+GX75RWbowUXRAaqFRCDR3gN/ex21K8qX7IXARPK
-yH/OTbps7+hKt85K0eQ1bj7YDyrQlLSny+VQvCqcGzmoboqZtrgeTlmt/i7bInmK
-N+2wxWvO5lVq6xHmNK3AynscsBXvHPpsNis/tvHiBJBINqTvJi6DPgBLx3jHcpjR
+Zm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVqgDjAM
+MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAw9BkNOyPY47lV9aqRbSCj
+cX2iyC6SGBf7c1xS8EQyZ4dDgpOUU2LDMsZuSpOmmUT3lbAkmJWK6WJrMBhGtAAc
+8XXlh9xcw7M1KzqKKqaZc4jlB9jL7Nm6BmkcLzg3ROK01eH2OFazRf9metoADNRM
+0y+Q6ErCCh9KaxqHV6kx+XgrH4yc7e8I0RVJjfqNV4A2tEIfWGKAny9mzLNMZBie
+jp23y6N8R2e/7GinEPZosKh61KXrd2oM3joWa5yHbKpb4eID2awzOlFW3rFhwgFw
+K5bhtA8IovRJeVHrHFapnqT3+WppKtfXd0V6lxK71mtuB6oFh7Vvt7If5oQzhxYU
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem
index cb1963e8..6305d4f3 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:29 2023 GMT
+ Next Update: Sep 8 22:19:29 2026 GMT
CRL extensions:
X509v3 CRL Number:
1
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
- 22:05:56:57:ea:16:40:fa:18:c2:cd:2d:b8:64:8f:3a:e5:39:
- a4:43:d2:14:39:78:b7:c7:c3:81:78:4c:b5:b1:c2:b0:e7:b3:
- 6c:5a:e3:f7:e3:a1:78:0e:e9:3d:02:18:96:e3:f0:99:74:17:
- d7:c6:b9:76:fb:08:31:90:1c:13:f2:51:aa:6d:3e:f6:ac:05:
- 68:72:b9:b6:7b:3a:c5:51:0a:81:95:4a:b3:1c:3b:1e:75:c5:
- 46:29:14:36:91:14:50:00:65:17:ae:c0:10:37:cf:27:5b:95:
- ae:8e:b7:21:1f:b1:66:f1:e9:6d:a1:32:ea:14:86:df:74:3b:
- 99:97:17:a9:f8:65:fb:e5:15:9b:a3:05:17:44:06:aa:15:10:
- 83:47:78:0d:fd:ec:76:d4:af:2a:5f:b2:17:01:13:ca:c8:7f:
- ce:4d:ba:6c:ef:e8:4a:b7:ce:4a:d1:e4:35:6e:3e:d8:0f:2a:
- d0:94:b4:a7:cb:e5:50:bc:2a:9c:1b:39:a8:6e:8a:99:b6:b8:
- 1e:4e:59:ad:fe:2e:db:22:79:8a:37:ed:b0:c5:6b:ce:e6:55:
- 6a:eb:11:e6:34:ad:c0:ca:7b:1c:b0:15:ef:1c:fa:6c:36:2b:
- 3f:b6:f1:e2:04:90:48:36:a4:ef:26:2e:83:3e:00:4b:c7:78:
- c7:72:98:d1
+ 30:f4:19:0d:3b:23:d8:e3:b9:55:f5:aa:91:6d:20:a3:71:7d:
+ a2:c8:2e:92:18:17:fb:73:5c:52:f0:44:32:67:87:43:82:93:
+ 94:53:62:c3:32:c6:6e:4a:93:a6:99:44:f7:95:b0:24:98:95:
+ 8a:e9:62:6b:30:18:46:b4:00:1c:f1:75:e5:87:dc:5c:c3:b3:
+ 35:2b:3a:8a:2a:a6:99:73:88:e5:07:d8:cb:ec:d9:ba:06:69:
+ 1c:2f:38:37:44:e2:b4:d5:e1:f6:38:56:b3:45:ff:66:7a:da:
+ 00:0c:d4:4c:d3:2f:90:e8:4a:c2:0a:1f:4a:6b:1a:87:57:a9:
+ 31:f9:78:2b:1f:8c:9c:ed:ef:08:d1:15:49:8d:fa:8d:57:80:
+ 36:b4:42:1f:58:62:80:9f:2f:66:cc:b3:4c:64:18:9e:8e:9d:
+ b7:cb:a3:7c:47:67:bf:ec:68:a7:10:f6:68:b0:a8:7a:d4:a5:
+ eb:77:6a:0c:de:3a:16:6b:9c:87:6c:aa:5b:e1:e2:03:d9:ac:
+ 33:3a:51:56:de:b1:61:c2:01:70:2b:96:e1:b4:0f:08:a2:f4:
+ 49:79:51:eb:1c:56:a9:9e:a4:f7:f9:6a:69:2a:d7:d7:77:45:
+ 7a:97:12:bb:d6:6b:6e:07:aa:05:87:b5:6f:b7:b2:1f:e6:84:
+ 33:87:16:14
-----BEGIN X509 CRL-----
MIIB3DCBxQIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMRgwFgYDVQQDDA93d3cubm9tYXRjaC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFqgDjAM
-MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAiBVZX6hZA+hjCzS24ZI86
-5TmkQ9IUOXi3x8OBeEy1scKw57NsWuP346F4Duk9AhiW4/CZdBfXxrl2+wgxkBwT
-8lGqbT72rAVocrm2ezrFUQqBlUqzHDsedcVGKRQ2kRRQAGUXrsAQN88nW5Wujrch
-H7Fm8eltoTLqFIbfdDuZlxep+GX75RWbowUXRAaqFRCDR3gN/ex21K8qX7IXARPK
-yH/OTbps7+hKt85K0eQ1bj7YDyrQlLSny+VQvCqcGzmoboqZtrgeTlmt/i7bInmK
-N+2wxWvO5lVq6xHmNK3AynscsBXvHPpsNis/tvHiBJBINqTvJi6DPgBLx3jHcpjR
+Zm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVqgDjAM
+MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAw9BkNOyPY47lV9aqRbSCj
+cX2iyC6SGBf7c1xS8EQyZ4dDgpOUU2LDMsZuSpOmmUT3lbAkmJWK6WJrMBhGtAAc
+8XXlh9xcw7M1KzqKKqaZc4jlB9jL7Nm6BmkcLzg3ROK01eH2OFazRf9metoADNRM
+0y+Q6ErCCh9KaxqHV6kx+XgrH4yc7e8I0RVJjfqNV4A2tEIfWGKAny9mzLNMZBie
+jp23y6N8R2e/7GinEPZosKh61KXrd2oM3joWa5yHbKpb4eID2awzOlFW3rFhwgFw
+K5bhtA8IovRJeVHrHFapnqT3+WppKtfXd0V6lxK71mtuB6oFh7Vvt7If5oQzhxYU
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem
index 0813058c..96752362 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:29 2023 GMT
+ Next Update: Sep 8 22:19:29 2026 GMT
CRL extensions:
X509v3 CRL Number:
1
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
- 31:51:b7:05:e8:10:b7:de:06:b6:be:93:22:ee:13:bb:f5:e6:
- 8a:18:8b:34:b3:dd:e2:fd:e0:99:ff:d5:af:31:7f:42:a6:94:
- 44:49:6e:57:41:45:34:46:23:5b:c6:09:a4:8a:e2:90:64:2c:
- ee:e3:4b:fa:3c:a0:5b:1d:b5:b8:4f:fc:fc:41:4c:c1:bf:9a:
- b9:bb:45:b4:9d:8b:4e:66:dd:16:c9:d4:4c:65:53:b3:71:df:
- 9f:f6:a6:d6:50:4f:20:fa:92:d2:1b:6b:fb:7b:a1:1c:7c:d8:
- f4:ee:5c:66:9a:b4:99:3b:ca:aa:84:b6:10:8a:96:cf:34:17:
- 54:1f:49:d1:25:74:34:ad:1d:05:89:62:48:2f:37:b0:38:72:
- 2e:5e:d7:b5:ae:d9:b5:d3:06:71:da:b7:f3:97:c2:d6:25:b2:
- 86:c3:3d:da:ff:98:06:76:68:a9:34:44:53:85:3e:c1:f8:d1:
- d3:f0:c8:5d:53:ec:47:7b:df:e1:bc:f1:f4:af:74:81:e4:87:
- d3:94:94:5e:15:13:25:33:76:00:78:f2:95:65:fd:7c:23:1f:
- 94:ae:15:1d:fd:48:c8:43:55:db:ea:31:bd:52:e4:b7:90:ab:
- 5c:c3:93:c7:d0:23:52:eb:46:90:b3:a0:48:a7:90:16:93:6f:
- cc:a0:fa:a3
+ b7:22:47:45:ee:bb:63:91:42:29:23:33:af:eb:d7:46:41:be:
+ 66:89:0e:62:ff:b7:c0:9a:09:46:95:98:33:36:63:ec:2a:10:
+ 01:2c:a9:9d:6c:1a:45:b9:95:e8:62:3d:10:ee:65:a0:6c:8d:
+ aa:d0:41:6f:b1:d9:a9:59:dd:e9:40:c1:36:73:89:3a:59:02:
+ 42:c3:77:33:59:a0:52:18:4b:0c:64:bd:f6:10:cc:50:3f:ad:
+ bb:95:02:13:73:5a:95:a0:15:08:ec:dc:0f:53:3a:29:de:1b:
+ 3e:b4:4a:8c:3a:14:0d:48:f6:88:05:b7:55:ff:c0:e9:aa:e2:
+ 49:26:8e:ba:b5:88:3a:c1:5a:48:68:ed:bb:b9:ae:1e:ad:18:
+ 44:60:08:15:4f:ef:8e:7f:db:63:60:aa:36:9a:7b:1a:92:34:
+ 43:65:b8:d2:6c:85:4d:62:75:c8:5b:45:60:c2:b2:72:c6:79:
+ 9d:19:24:2e:bf:8f:75:24:7c:60:83:bf:98:e0:dc:98:b4:18:
+ ef:41:c7:10:46:89:2b:88:73:40:f4:f1:7b:17:5e:2b:fa:bd:
+ 28:9e:8e:b9:9a:d5:ba:a0:29:65:b8:df:27:b0:c5:51:b6:61:
+ 7b:69:0f:be:17:4b:14:48:73:60:14:ea:96:fd:9c:4c:62:bd:
+ ea:cf:b0:b1
-----BEGIN X509 CRL-----
MIIB1TCBvgIBATANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzEQMA4GA1UE
CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxEjAQBgNVBAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
-c3NsLmNvbRcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWqAOMAwwCgYDVR0U
-BAMCAQEwDQYJKoZIhvcNAQELBQADggEBADFRtwXoELfeBra+kyLuE7v15ooYizSz
-3eL94Jn/1a8xf0KmlERJbldBRTRGI1vGCaSK4pBkLO7jS/o8oFsdtbhP/PxBTMG/
-mrm7RbSdi05m3RbJ1ExlU7Nx35/2ptZQTyD6ktIba/t7oRx82PTuXGaatJk7yqqE
-thCKls80F1QfSdEldDStHQWJYkgvN7A4ci5e17Wu2bXTBnHat/OXwtYlsobDPdr/
-mAZ2aKk0RFOFPsH40dPwyF1T7Ed73+G88fSvdIHkh9OUlF4VEyUzdgB48pVl/Xwj
-H5SuFR39SMhDVdvqMb1S5LeQq1zDk8fQI1LrRpCzoEinkBaTb8yg+qM=
+c3NsLmNvbRcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WqAOMAwwCgYDVR0U
+BAMCAQEwDQYJKoZIhvcNAQELBQADggEBALciR0Xuu2ORQikjM6/r10ZBvmaJDmL/
+t8CaCUaVmDM2Y+wqEAEsqZ1sGkW5lehiPRDuZaBsjarQQW+x2alZ3elAwTZziTpZ
+AkLDdzNZoFIYSwxkvfYQzFA/rbuVAhNzWpWgFQjs3A9TOineGz60Sow6FA1I9ogF
+t1X/wOmq4kkmjrq1iDrBWkho7bu5rh6tGERgCBVP745/22NgqjaaexqSNENluNJs
+hU1idchbRWDCsnLGeZ0ZJC6/j3UkfGCDv5jg3Ji0GO9BxxBGiSuIc0D08XsXXiv6
+vSiejrma1bqgKWW43yewxVG2YXtpD74XSxRIc2AU6pb9nExiverPsLE=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem
index 731b5c96..ae2fc9ea 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
Version 2 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com
- Last Update: Dec 16 21:17:50 2022 GMT
- Next Update: Sep 11 21:17:50 2025 GMT
+ Last Update: Dec 13 22:19:29 2023 GMT
+ Next Update: Sep 8 22:19:29 2026 GMT
CRL extensions:
X509v3 CRL Number:
1
No Revoked Certificates.
Signature Algorithm: sha256WithRSAEncryption
- 2e:cf:37:c3:7c:d1:e7:3a:6d:c1:46:1e:5a:0f:35:b2:74:40:
- 56:a5:0a:c3:1e:a5:40:77:b6:93:91:c5:6e:44:31:26:5a:b4:
- 60:2f:66:ce:65:dc:90:60:b3:cd:1c:e5:b4:0c:79:18:79:38:
- f2:6c:b4:9e:98:62:f0:35:3b:f9:59:ec:0d:06:07:08:42:82:
- ae:4b:e7:f2:9f:7c:71:87:02:eb:ac:ea:1e:93:22:c5:7b:80:
- 1f:fe:76:ac:e1:bc:4b:b9:e8:31:28:48:3b:fe:23:1e:5b:41:
- 63:1e:ba:48:13:78:80:d2:b0:30:57:9b:73:ae:4a:53:4f:2d:
- 25:c8:66:cc:8d:26:64:b1:04:3f:be:31:f5:83:1d:c5:ea:cf:
- ef:56:0c:62:ad:85:3b:65:9c:1b:80:ee:3f:3e:c9:5b:58:3e:
- 63:98:16:c2:f4:68:62:08:a3:41:3d:4e:0e:26:2a:b2:d9:77:
- e7:9f:0e:f3:af:1f:34:13:10:ec:69:f1:fb:12:ec:9a:fc:0d:
- fe:58:a7:d8:1b:a0:23:70:f1:6f:71:a2:a4:8f:e2:21:f3:14:
- 55:db:8d:86:92:5a:cf:56:c2:6b:48:bd:94:5d:07:0b:c1:5b:
- fc:fc:c0:c5:4b:bd:74:43:f3:07:ed:0c:44:69:d1:01:79:a2:
- e8:4b:a1:ed
+ 36:0f:c7:e0:9c:1d:71:f6:09:24:51:e8:49:5e:db:38:d5:6b:
+ 90:68:62:c7:5f:a0:eb:c5:c9:63:69:ca:56:30:d7:92:3d:0e:
+ 38:d3:34:97:35:df:16:4f:de:2f:ba:1f:38:00:9d:99:28:ea:
+ 11:bb:dd:ec:42:03:ec:03:d1:05:84:9e:35:d5:ad:d1:36:91:
+ d0:49:4d:c5:e7:50:84:77:f6:8c:c5:47:1c:f4:9c:88:87:ac:
+ af:81:70:3e:05:d1:33:5a:07:0c:ac:39:e2:ca:c7:3d:ea:80:
+ 41:4e:9c:37:dd:ac:76:b3:14:58:f9:88:20:2b:b2:f4:0f:01:
+ 18:73:31:88:c4:c6:66:59:d7:fc:61:44:98:c3:33:ee:74:10:
+ 8f:58:78:91:06:53:a3:eb:99:2e:f8:91:e7:32:e0:17:f5:ea:
+ b6:56:27:68:a2:2b:30:05:a8:0c:02:e8:0f:84:20:37:0e:2c:
+ a5:34:af:09:85:e3:85:d9:8e:78:e4:9e:75:be:27:3b:81:72:
+ c5:87:2c:f9:1f:73:60:ce:2c:3b:d3:95:df:a8:16:6a:da:45:
+ ea:ab:5c:7a:bb:8a:7a:b3:f3:34:ec:e4:7c:62:36:4f:dd:1f:
+ 89:86:05:ac:1e:42:11:b7:29:b3:97:f9:ad:cb:73:1f:02:8d:
+ 4c:80:ef:f8
-----BEGIN X509 CRL-----
MIIB1jCBvwIBATANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJVUzEQMA4GA1UE
CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxEzARBgNVBAMMCipsb2NhbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
-ZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFqgDjAMMAoGA1Ud
-FAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAuzzfDfNHnOm3BRh5aDzWydEBWpQrD
-HqVAd7aTkcVuRDEmWrRgL2bOZdyQYLPNHOW0DHkYeTjybLSemGLwNTv5WewNBgcI
-QoKuS+fyn3xxhwLrrOoekyLFe4Af/nas4bxLuegxKEg7/iMeW0FjHrpIE3iA0rAw
-V5tzrkpTTy0lyGbMjSZksQQ/vjH1gx3F6s/vVgxirYU7ZZwbgO4/PslbWD5jmBbC
-9GhiCKNBPU4OJiqy2Xfnnw7zrx80ExDsafH7Euya/A3+WKfYG6AjcPFvcaKkj+Ih
-8xRV242GklrPVsJrSL2UXQcLwVv8/MDFS710Q/MH7QxEadEBeaLoS6Ht
+ZnNzbC5jb20XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVqgDjAMMAoGA1Ud
+FAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQA2D8fgnB1x9gkkUehJXts41WuQaGLH
+X6DrxcljacpWMNeSPQ440zSXNd8WT94vuh84AJ2ZKOoRu93sQgPsA9EFhJ411a3R
+NpHQSU3F51CEd/aMxUcc9JyIh6yvgXA+BdEzWgcMrDniysc96oBBTpw33ax2sxRY
++YggK7L0DwEYczGIxMZmWdf8YUSYwzPudBCPWHiRBlOj65ku+JHnMuAX9eq2Vido
+oiswBagMAugPhCA3DiylNK8JheOF2Y545J51vic7gXLFhyz5H3Ngziw705XfqBZq
+2kXqq1x6u4p6s/M07OR8YjZP3R+JhgWsHkIRtymzl/mty3MfAo1MgO/4
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem
index 8acdb994..0038896c 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem
@@ -1,10 +1,10 @@
-----BEGIN X509 CRL-----
-MIIBXDCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+MIIBXTCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNTTCBTZXJ2ZXIg
-Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMDA2
-MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBRdXSbvrH42
-+Zt2FStKJQIj77KJMDALBgNVHRQEBAICIAYwCgYIKoZIzj0EAwIDSAAwRQIgeQwr
-cMQD2CE83QHYP6QoAqN3FlxOmPC9f4QQVlpOozUCIQDTDxH4UsFLCy8QgtjtfkFC
-TmVI1ubZPFDiRHGDWI2LaA==
+Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzA5
+MjcxMjEwMDlaFw0yNjA2MjMxMjEwMDlaoDAwLjAfBgNVHSMEGDAWgBRdXSbvrH42
++Zt2FStKJQIj77KJMDALBgNVHRQEBAICIAYwCgYIKoZIzj0EAwIDSQAwRgIhAMfw
+Zdxg+ZHfkUB2CGl10FTK07QsadcvaWfPTm9DR+HKAiEA05BIg3SELG8Y3y5cpZ7o
+MoDq1dISrrjXFSoDE94DUeM=
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-int.pem b/extra/wolfssl/wolfssl/certs/crl/server-int.pem
index d8b6986e..916ec957 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-int.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-int.pem
@@ -2,13 +2,13 @@
MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZwxCzAJBgNVBAYTAlVTMRMwEQYD
VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29sZlNTTCBTZXJ2
-ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIwMDYx
-NjE5MTc1OFoXDTIzMDMxMzE5MTc1OFqgMDAuMB8GA1UdIwQYMBaAFLMRMsmSmITi
-yfjQO24DQsofDo48MAsGA1UdFAQEAgIgAjANBgkqhkiG9w0BAQsFAAOCAQEAtEEG
-Z05j/ygGi+DNPkjevKDcZlkPYRcYMQpM1RTkVyzbO6YG1i0ZoCH1MKBxB0MPS3xa
-qb96jYIfpDZOUb/o2ZXOefXcirm53eJTSoa72dFoxawH74J1f/HgRT8UYISvJ+1a
-L4NtAcn3lNxZWtg0gvT0pdy1zCpEsxonz4mJEaN5796qIUj1z47r/D0P9w8TFshC
-9Kow+FNEjZT7A8E9EAdfePTlws8FXNcJEUbyxEJUOe6QTssXr4Ib20opQKREvhfY
-5S6MsQibpO/EEv+Tg5JYeqjWOpqfO/gKBo4Xa9ImbC8N1OdCkd0ZHqvcC8IC6S00
-V0/Td56mV5BZJXG0pw==
+ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMDky
+NzEyMTAwOVoXDTI2MDYyMzEyMTAwOVqgMDAuMB8GA1UdIwQYMBaAFLMRMsmSmITi
+yfjQO24DQsofDo48MAsGA1UdFAQEAgIgAjANBgkqhkiG9w0BAQsFAAOCAQEACBCr
+TAzAlmfF6tnhf/P5l+tg9Jd/J3SB0vNw8Pw5yQcb0/mCkYNfdjCGGp9KqiToeS1G
+uhKW5oENKY/n3CsXXBnRfhAHtwUyxrzjuc4iPF8ymgwlHGjlr/74a2CYu2iXTIIM
+2P37m1p+u5FhcyH+qncgR6I6n4FeIZFSz4aXHeruTVEDliUshWC4PVpkqokk1u5/
+V2RUYTiPGyxrlpRIFtTPbnRcwItmmtPrq6YO20soDPvjtjFOgGzlP31QzVSpP7wU
+O/z9Thzw0CBckJN3DZIQqGJd5GkmOw63KD0auf1FrtjuFY64OEU4+LsZwwQO6aVD
+nSKMhOpc5T6VumKS8w==
-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/csr.dsa.der b/extra/wolfssl/wolfssl/certs/csr.dsa.der
new file mode 100644
index 00000000..7a0b581b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/csr.dsa.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc-params.der b/extra/wolfssl/wolfssl/certs/ecc-params.der
new file mode 100644
index 00000000..3f3c3e20
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ecc-params.der
@@ -0,0 +1 @@
+*†HÎ= \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/certs/ecc-params.pem b/extra/wolfssl/wolfssl/certs/ecc-params.pem
new file mode 100644
index 00000000..a76e47d9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ecc-params.pem
@@ -0,0 +1,3 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem b/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem
index 0fe7a637..f18e738c 100644
--- a/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem
@@ -1,9 +1,9 @@
-----BEGIN CERTIFICATE-----
-MIIBLTCB1QIUBD5OPBXcBmt9lxsyc/06XPLiMnAwCgYIKoZIzj0EAwIwGjELMAkG
-A1UECgwCV1IxCzAJBgNVBAMMAkRFMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIx
-MTc0OVowGjELMAkGA1UECgwCV1IxCzAJBgNVBAMMAkRFMFkwEwYHKoZIzj0CAQYI
+MIIBLTCB1QIUFZUiOVDYKhAz2ksNPuWt6EFKbLMwCgYIKoZIzj0EAwIwGjELMAkG
+A1UECgwCV1IxCzAJBgNVBAMMAkRFMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIy
+MTkyOFowGjELMAkGA1UECgwCV1IxCzAJBgNVBAMMAkRFMFkwEwYHKoZIzj0CAQYI
KoZIzj0DAQcDQgAEJcD9Frgr8rgKHt2szmJSfFgKYH1Xddq9EcHVKupUa3bmPTb3
-3VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAKBggqhkjOPQQDAgNHADBEAiAn
-jkZMFWEfhkjAX6t3n86gyxStNjBXdbLCvI+HujxOUQIgEDyGlWqlsXYk/2sU4R//
-M9Ryl55mWFC6ALg6ho5N56E=
+3VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAKBggqhkjOPQQDAgNHADBEAiAA
+wvW2qa2RaryuYXg0+1jbMhaBHaDK3c0f+iFkfi2GdAIgGYqXzpGf+AGtTuxKM01+
+jbJnp9B4e2sXK8Ez3tKDFKw=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc-privkey.der b/extra/wolfssl/wolfssl/certs/ecc-privkey.der
new file mode 100644
index 00000000..3312dedb
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ecc-privkey.der
@@ -0,0 +1,2 @@
+01 E¶isœl…¡8[rèèǬÄS5úl(Ü4ᨠŒ 
+*†HÎ= \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12 b/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12
index adb57151..f24ae69b 100644
--- a/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12
+++ b/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der
index b36fedd3..4b0dbfd8 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem
index 82954ee2..6ea06573 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem
@@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
-MHgCAQEEIHeA8CA7RibN9lOnDIlFqqkiDdDljIJONZlivNNdarxhoAsGCSskAwMC
-CAEBB6FEA0IABKdz5H0fO5rsmAqwNIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK
-3zamlt3tjZQ5cdiROFhZjcg3vaqvBa8tTcM=
+MHgCAQEEIJRV3i5+OVZxT5077AjYis31KM4viZoaS4QSxLxZB0VUoAsGCSskAwMC
+CAEBB6FEA0IABFHw7OBcOIJ6V8HLTzKj0N2ifNki/neXBTeF+0FX3/uWFBl/eUhw
+8Hjodp814a10sYCM+upii2nHK7tpMxca80g=
-----END EC PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der
index 98896dcb..72b5cde7 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem
index 5f572284..3d8b72d9 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 57:c6:cf:ae:b4:f6:93:af:70:b4:35:16:c8:9b:c9:d8:40:6a:04:a6
+ 74:41:b9:37:a8:bf:42:e7:b6:16:1c:4f:7e:8c:24:06:81:78:1a:02
Signature Algorithm: ecdsa-with-SHA256
- Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Dec 13 21:17:49 2032 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Dec 10 22:19:28 2033 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
- 04:a7:73:e4:7d:1f:3b:9a:ec:98:0a:b0:34:88:e1:
- 70:c9:3c:fc:18:51:1a:6f:34:40:87:72:64:d8:13:
- d3:ca:db:33:91:94:db:f3:4a:df:36:a6:96:dd:ed:
- 8d:94:39:71:d8:91:38:58:59:8d:c8:37:bd:aa:af:
- 05:af:2d:4d:c3
+ 04:51:f0:ec:e0:5c:38:82:7a:57:c1:cb:4f:32:a3:
+ d0:dd:a2:7c:d9:22:fe:77:97:05:37:85:fb:41:57:
+ df:fb:96:14:19:7f:79:48:70:f0:78:e8:76:9f:35:
+ e1:ad:74:b1:80:8c:fa:ea:62:8b:69:c7:2b:bb:69:
+ 33:17:1a:f3:48
ASN1 OID: brainpoolP256r1
X509v3 extensions:
X509v3 Basic Constraints:
@@ -25,33 +25,33 @@ Certificate:
Netscape Cert Type:
SSL Client, S/MIME
X509v3 Subject Key Identifier:
- 44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
+ 77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
X509v3 Authority Key Identifier:
- keyid:44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
+ keyid:77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: ecdsa-with-SHA256
- 30:44:02:20:32:85:b0:73:61:43:4c:33:24:fe:08:c3:54:73:
- d9:37:33:ec:39:67:2c:ee:c7:c0:ea:99:63:45:a2:a7:65:e4:
- 02:20:36:e3:0a:3b:74:ce:94:6b:8e:c0:02:a0:6e:da:27:fa:
- 13:a0:bb:21:00:f1:4b:ce:3e:86:11:93:da:95:10:8c
+ 30:44:02:20:20:e0:c6:8e:4d:c2:50:c4:7a:a1:6c:02:63:d2:
+ cd:2b:30:23:01:1d:51:cd:4b:14:07:45:39:1f:16:1e:0a:3a:
+ 02:20:6b:a8:42:ac:90:9a:d9:8d:2c:dd:1c:bd:f1:90:d8:4d:
+ 7b:aa:40:f0:f3:7f:45:83:dc:b9:1c:b5:de:2e:75:a7
-----BEGIN CERTIFICATE-----
-MIICyTCCAnCgAwIBAgIUV8bPrrT2k69wtDUWyJvJ2EBqBKYwCgYIKoZIzj0EAwIw
-gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNM
-STEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTMyMTIxMzIxMTc0OVowgZox
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
-dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNMSTEY
-MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABKdz5H0fO5rsmAqw
-NIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK3zamlt3tjZQ5cdiROFhZjcg3vaqv
-Ba8tTcOjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0O
-BBYEFERNa+IkfTMats6r5mDIn5bm2hpnMB8GA1UdIwQYMBaAFERNa+IkfTMats6r
-5mDIn5bm2hpnMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwQwCgYIKoZIzj0EAwIDRwAwRAIgMoWwc2FDTDMk/gjDVHPZNzPsOWcs
-7sfA6pljRaKnZeQCIDbjCjt0zpRrjsACoG7aJ/oToLshAPFLzj6GEZPalRCM
+MIICyzCCAnKgAwIBAgIUdEG5N6i/Que2FhxPfowkBoF4GgIwCgYIKoZIzj0EAwIw
+gZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEXMBUGA1UECwwORUNDMjU2QlBSMS1D
+TEkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
+b0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0zMzEyMTAyMjE5MjhaMIGb
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh
+dHRsZTERMA8GA1UECgwIRWxsaXB0aWMxFzAVBgNVBAsMDkVDQzI1NkJQUjEtQ0xJ
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wWjAUBgcqhkjOPQIBBgkrJAMDAggBAQcDQgAEUfDs4Fw4gnpX
+wctPMqPQ3aJ82SL+d5cFN4X7QVff+5YUGX95SHDweOh2nzXhrXSxgIz66mKLaccr
+u2kzFxrzSKOBkDCBjTAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAdBgNV
+HQ4EFgQUd7ZGlrm3DVSjA+gh9Y03aT2JrfowHwYDVR0jBBgwFoAUd7ZGlrm3DVSj
+A+gh9Y03aT2JrfowDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDBDAKBggqhkjOPQQDAgNHADBEAiAg4MaOTcJQxHqhbAJj0s0rMCMB
+HVHNSxQHRTkfFh4KOgIga6hCrJCa2Y0s3Ry98ZDYTXuqQPDzf0WD3Lkctd4udac=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der
index d49393ce..32329db1 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem
index e804c0c0..ddab3098 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 02:9c:30:ec:ee:53:da:f2:24:a6:2c:bb:81:07:09:cb:30:e5:8e:94
+ 0a:24:55:a0:81:ab:0b:92:b7:e5:59:50:3e:7f:8d:0b:d0:15:0a:75
Signature Algorithm: ecdsa-with-SHA256
- Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Dec 13 21:17:49 2032 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Dec 10 22:19:28 2033 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
- 04:b1:4d:01:8b:58:19:36:3b:ed:bb:89:5e:d1:86:
- 05:c6:6a:d4:88:44:fc:59:80:f6:16:32:9d:54:5d:
- b8:af:c0:5c:24:0e:cc:ee:e8:65:45:44:7a:ee:43:
- 89:49:7c:eb:db:11:ac:23:ea:e5:17:6b:59:6d:78:
- 19:61:98:5f:47
+ 04:be:d0:47:66:a6:6a:6c:21:b6:72:71:ce:20:67:
+ 61:05:b3:ef:b9:07:2c:31:6a:bb:6f:53:12:50:e9:
+ 06:06:64:4b:14:bb:56:61:b3:0c:3f:72:f2:45:f7:
+ 3b:96:39:76:57:52:93:e9:12:83:f1:d8:c5:87:11:
+ aa:5e:8e:a5:c9
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Basic Constraints:
@@ -25,33 +25,33 @@ Certificate:
Netscape Cert Type:
SSL Client, S/MIME
X509v3 Subject Key Identifier:
- 55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
+ 6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
X509v3 Authority Key Identifier:
- keyid:55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
+ keyid:6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:20:23:dc:b7:ce:8d:09:31:e4:52:0e:89:fb:3e:59:
- 92:8b:57:d7:7b:3f:6c:b8:61:fb:d7:eb:fc:87:cb:4f:b9:19:
- 02:21:00:ec:67:9b:5f:41:e1:47:af:3d:ac:d0:a6:b1:d0:24:
- b0:a6:a0:b7:d6:2d:5b:a2:e3:c2:6e:c1:76:08:d3:69:87
+ 30:45:02:21:00:89:22:af:09:dd:58:96:9b:a2:e3:fa:2e:13:
+ 2c:af:69:55:b3:83:f3:4b:85:14:1a:df:28:74:5f:d9:ed:b3:
+ 75:02:20:18:13:45:af:82:e7:65:f8:8c:8f:b3:6d:01:25:73:
+ 6c:8c:c9:ff:e9:43:b8:eb:ef:df:25:9a:62:f8:d7:ac:04
-----BEGIN CERTIFICATE-----
-MIICwjCCAmigAwIBAgIUApww7O5T2vIkpiy7gQcJyzDljpQwCgYIKoZIzj0EAwIw
-gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1DTEkx
-GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGYMQsw
-CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs
-ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtQ0xJMRgwFgYD
-VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASxTQGLWBk2O+27iV7RhgXGatSI
-RPxZgPYWMp1UXbivwFwkDszu6GVFRHruQ4lJfOvbEawj6uUXa1lteBlhmF9Ho4GQ
-MIGNMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMB0GA1UdDgQWBBRVQ/DQ
-0wSYDOt86oPTvfSBRjHRDzAfBgNVHSMEGDAWgBRVQ/DQ0wSYDOt86oPTvfSBRjHR
-DzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME
-MAoGCCqGSM49BAMCA0gAMEUCICPct86NCTHkUg6J+z5ZkotX13s/bLhh+9fr/IfL
-T7kZAiEA7GebX0HhR689rNCmsdAksKagt9YtW6Ljwm7BdgjTaYc=
+MIICxDCCAmqgAwIBAgIUCiRVoIGrC5K35VlQPn+NC9AVCnUwCgYIKoZIzj0EAwIw
+gZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtQ0xJ
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMzMxMjEwMjIxOTI4WjCBmTEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0
+bGUxETAPBgNVBAoMCEVsbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1DTEkxGDAW
+BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
+c3NsLmNvbTBWMBAGByqGSM49AgEGBSuBBAAKA0IABL7QR2amamwhtnJxziBnYQWz
+77kHLDFqu29TElDpBgZkSxS7VmGzDD9y8kX3O5Y5dldSk+kSg/HYxYcRql6Opcmj
+gZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYEFG2a
+CtZMyUNrEinEsLVJin+9QkuHMB8GA1UdIwQYMBaAFG2aCtZMyUNrEinEsLVJin+9
+QkuHMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwCgYIKoZIzj0EAwIDSAAwRQIhAIkirwndWJabouP6LhMsr2lVs4PzS4UUGt8o
+dF/Z7bN1AiAYE0Wvgudl+IyPs20BJXNsjMn/6UO46+/fJZpi+NesBA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/genecc.sh b/extra/wolfssl/wolfssl/certs/ecc/genecc.sh
index e17ad446..f90c5cbe 100755
--- a/extra/wolfssl/wolfssl/certs/ecc/genecc.sh
+++ b/extra/wolfssl/wolfssl/certs/ecc/genecc.sh
@@ -32,7 +32,7 @@ openssl ca -batch -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./c
# Generate ECC 256-bit server cert
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pem -out ./certs/server-ecc-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pem -out ./certs/server-ecc-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/server-ecc-req.pem -CA ./certs/ca-ecc-cert.pem -CAkey ./certs/ca-ecc-key.pem -CAcreateserial -out ./certs/server-ecc.pem -sha256
# Sign server certificate
@@ -70,14 +70,14 @@ openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out
# Generate ECC 384-bit server cert
if [ -f ./certs/server-ecc384-key.pem ]; then
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
- -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+ -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
else
openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
- -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+ -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
fi
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
- -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+ -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER
# Sign server certificate
@@ -90,14 +90,14 @@ rm ./certs/server-ecc384-key.par
# Generate ECC 384-bit client cert
if [ -f ./certs/client-ecc384-key.pem ]; then
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
- -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+ -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
else
openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
- -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+ -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
fi
openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
- -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+ -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER
# Sign client certificate
@@ -114,12 +114,12 @@ if [ -f ./certs/ecc/secp256k1-key.pem ]; then
openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER
fi
# Create self-signed ECC Kerberos certificates
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/server-secp256k1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc/secp256k1-key.pem -text -out ./certs/ecc/server-secp256k1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/server-secp256k1-cert.pem -outform der -out ./certs/ecc/server-secp256k1-cert.der
rm ./certs/ecc/server-secp256k1-req.pem
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/client-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/client-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256K1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/client-secp256k1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions usr_cert -signkey ./certs/ecc/secp256k1-key.pem -text -out ./certs/ecc/client-secp256k1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/client-secp256k1-cert.pem -outform der -out ./certs/ecc/client-secp256k1-cert.der
rm ./certs/ecc/client-secp256k1-req.pem
@@ -130,12 +130,12 @@ if [ -f ./certs/ecc/bp256r1-key.pem ]; then
openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER
fi
# Create self-signed ECC Brainpool certificates
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/server-bp256r1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc/bp256r1-key.pem -text -out ./certs/ecc/server-bp256r1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/server-bp256r1-cert.pem -outform der -out ./certs/ecc/server-bp256r1-cert.der
rm ./certs/ecc/server-bp256r1-req.pem
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/client-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/client-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256BPR1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
openssl x509 -req -in ./certs/ecc/client-bp256r1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions usr_cert -signkey ./certs/ecc/bp256r1-key.pem -text -out ./certs/ecc/client-bp256r1-cert.pem
openssl x509 -inform pem -in ./certs/ecc/client-bp256r1-cert.pem -outform der -out ./certs/ecc/client-bp256r1-cert.der
rm ./certs/ecc/client-bp256r1-req.pem
diff --git a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der
index ff057a62..81344941 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem
index 887b418f..f27a7acd 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem
@@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
-MHQCAQEEICTreBjyv+lbvmHMdmlhGIgC8YFT2d8aDeFXJY8gm6K0oAcGBSuBBAAK
-oUQDQgAEsU0Bi1gZNjvtu4le0YYFxmrUiET8WYD2FjKdVF24r8BcJA7M7uhlRUR6
-7kOJSXzr2xGsI+rlF2tZbXgZYZhfRw==
+MHQCAQEEIE+dRTV5HyFrkYXxlCq98Ojh6m+szQbktzQwSBUEs4s3oAcGBSuBBAAK
+oUQDQgAEvtBHZqZqbCG2cnHOIGdhBbPvuQcsMWq7b1MSUOkGBmRLFLtWYbMMP3Ly
+Rfc7ljl2V1KT6RKD8djFhxGqXo6lyQ==
-----END EC PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der
index 54e8f261..c3558a1a 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem
index a00d259d..0e4c211f 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 27:2c:3b:52:7f:63:95:4f:23:ff:51:44:ec:ae:27:ae:e5:e7:02:85
+ 08:c3:a6:c3:3e:ba:4d:27:34:46:64:c6:e7:79:6c:68:25:e2:e8:d2
Signature Algorithm: ecdsa-with-SHA256
- Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Dec 13 21:17:49 2032 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Dec 10 22:19:28 2033 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
- 04:a7:73:e4:7d:1f:3b:9a:ec:98:0a:b0:34:88:e1:
- 70:c9:3c:fc:18:51:1a:6f:34:40:87:72:64:d8:13:
- d3:ca:db:33:91:94:db:f3:4a:df:36:a6:96:dd:ed:
- 8d:94:39:71:d8:91:38:58:59:8d:c8:37:bd:aa:af:
- 05:af:2d:4d:c3
+ 04:51:f0:ec:e0:5c:38:82:7a:57:c1:cb:4f:32:a3:
+ d0:dd:a2:7c:d9:22:fe:77:97:05:37:85:fb:41:57:
+ df:fb:96:14:19:7f:79:48:70:f0:78:e8:76:9f:35:
+ e1:ad:74:b1:80:8c:fa:ea:62:8b:69:c7:2b:bb:69:
+ 33:17:1a:f3:48
ASN1 OID: brainpoolP256r1
X509v3 extensions:
X509v3 Basic Constraints:
@@ -25,39 +25,39 @@ Certificate:
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
- 44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
+ 77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
X509v3 Authority Key Identifier:
- keyid:44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
- DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:27:2C:3B:52:7F:63:95:4F:23:FF:51:44:EC:AE:27:AE:E5:E7:02:85
+ keyid:77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
+ DirName:/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+ serial:08:C3:A6:C3:3E:BA:4D:27:34:46:64:C6:E7:79:6C:68:25:E2:E8:D2
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:21:00:a1:4c:75:71:fd:dc:f1:ff:9d:45:32:50:c2:
- 04:84:c5:a8:af:55:a0:4c:b8:54:31:04:fb:ce:e3:00:07:28:
- 81:02:20:05:10:20:8e:17:94:78:05:f8:48:27:df:26:79:c2:
- 6e:18:b0:60:74:39:5c:1d:da:11:0b:62:54:f6:bf:e6:fa
+ 30:44:02:20:69:b5:0e:9a:17:cc:4d:5e:3b:b7:9d:ee:e8:76:
+ a6:c0:94:c1:1f:e3:34:3a:cb:6a:9b:09:b1:55:0d:db:3a:c0:
+ 02:20:5b:8d:09:46:fd:7c:73:ca:c8:18:3c:ed:1a:84:9c:c9:
+ 02:f4:50:3a:26:8a:eb:76:6b:82:a7:7f:95:18:ba:10
-----BEGIN CERTIFICATE-----
-MIIDfjCCAySgAwIBAgIUJyw7Un9jlU8j/1FE7K4nruXnAoUwCgYIKoZIzj0EAwIw
-gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNS
-VjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTMyMTIxMzIxMTc0OVowgZox
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
-dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEY
-MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABKdz5H0fO5rsmAqw
-NIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK3zamlt3tjZQ5cdiROFhZjcg3vaqv
-Ba8tTcOjggFDMIIBPzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNV
-HQ4EFgQURE1r4iR9Mxq2zqvmYMiflubaGmcwgdoGA1UdIwSB0jCBz4AURE1r4iR9
-Mxq2zqvmYMiflubaGmehgaCkgZ0wgZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX
-YXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcw
-FQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQnLDtSf2OVTyP/UUTs
-rieu5ecChTAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYI
-KoZIzj0EAwIDSAAwRQIhAKFMdXH93PH/nUUyUMIEhMWor1WgTLhUMQT7zuMAByiB
-AiAFECCOF5R4BfhIJ98mecJuGLBgdDlcHdoRC2JU9r/m+g==
+MIIDgDCCAyegAwIBAgIUCMOmwz66TSc0RmTG53lsaCXi6NIwCgYIKoZIzj0EAwIw
+gZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEXMBUGA1UECwwORUNDMjU2QlBSMS1T
+UlYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
+b0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0zMzEyMTAyMjE5MjhaMIGb
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh
+dHRsZTERMA8GA1UECgwIRWxsaXB0aWMxFzAVBgNVBAsMDkVDQzI1NkJQUjEtU1JW
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wWjAUBgcqhkjOPQIBBgkrJAMDAggBAQcDQgAEUfDs4Fw4gnpX
+wctPMqPQ3aJ82SL+d5cFN4X7QVff+5YUGX95SHDweOh2nzXhrXSxgIz66mKLaccr
+u2kzFxrzSKOCAUQwggFAMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMB0G
+A1UdDgQWBBR3tkaWubcNVKMD6CH1jTdpPYmt+jCB2wYDVR0jBIHTMIHQgBR3tkaW
+ubcNVKMD6CH1jTdpPYmt+qGBoaSBnjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQIw6bDPrpNJzRG
+ZMbneWxoJeLo0jAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
+CgYIKoZIzj0EAwIDRwAwRAIgabUOmhfMTV47t53u6HamwJTBH+M0OstqmwmxVQ3b
+OsACIFuNCUb9fHPKyBg87RqEnMkC9FA6JorrdmuCp3+VGLoQ
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der
index c4ac8e03..ad0ab8e4 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem
index d27d4771..ad54e670 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 6f:5e:bd:82:85:40:71:f7:15:53:aa:04:43:b0:ae:7d:e7:5e:70:f3
+ 2e:df:46:12:94:ee:71:51:00:dc:bb:41:41:80:ae:1a:f1:11:68:26
Signature Algorithm: ecdsa-with-SHA256
- Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Dec 13 21:17:49 2032 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Dec 10 22:19:28 2033 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
- 04:b1:4d:01:8b:58:19:36:3b:ed:bb:89:5e:d1:86:
- 05:c6:6a:d4:88:44:fc:59:80:f6:16:32:9d:54:5d:
- b8:af:c0:5c:24:0e:cc:ee:e8:65:45:44:7a:ee:43:
- 89:49:7c:eb:db:11:ac:23:ea:e5:17:6b:59:6d:78:
- 19:61:98:5f:47
+ 04:be:d0:47:66:a6:6a:6c:21:b6:72:71:ce:20:67:
+ 61:05:b3:ef:b9:07:2c:31:6a:bb:6f:53:12:50:e9:
+ 06:06:64:4b:14:bb:56:61:b3:0c:3f:72:f2:45:f7:
+ 3b:96:39:76:57:52:93:e9:12:83:f1:d8:c5:87:11:
+ aa:5e:8e:a5:c9
ASN1 OID: secp256k1
X509v3 extensions:
X509v3 Basic Constraints:
@@ -25,39 +25,39 @@ Certificate:
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
- 55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
+ 6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
X509v3 Authority Key Identifier:
- keyid:55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
- DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:6F:5E:BD:82:85:40:71:F7:15:53:AA:04:43:B0:AE:7D:E7:5E:70:F3
+ keyid:6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
+ DirName:/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+ serial:2E:DF:46:12:94:EE:71:51:00:DC:BB:41:41:80:AE:1A:F1:11:68:26
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:21:00:e2:fb:1e:0b:92:fd:b1:10:4e:bd:dc:2c:5c:
- d1:23:59:12:4c:b0:f3:5d:4a:fc:69:ad:b9:3b:c8:06:17:11:
- 63:02:20:5c:63:ab:3a:67:dc:2b:08:ca:39:9f:88:43:e7:82:
- d0:9c:e7:05:4e:f2:b6:f2:ce:e0:8c:3d:b6:c6:8f:81:8a
+ 30:44:02:20:58:e1:97:fe:81:7a:54:8d:d1:46:41:fd:1a:cf:
+ 1d:c1:d8:f5:cb:00:21:df:66:21:09:eb:ce:a2:cb:db:d0:63:
+ 02:20:3a:2b:e8:46:e3:1c:c3:23:e8:ee:8c:f9:22:57:30:d5:
+ 8a:9b:6d:f3:a7:fb:e5:09:aa:38:ba:9a:84:e6:37:7b
-----BEGIN CERTIFICATE-----
-MIIDdDCCAxqgAwIBAgIUb169goVAcfcVU6oEQ7CufedecPMwCgYIKoZIzj0EAwIw
-gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1TUlYx
-GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGYMQsw
-CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs
-ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtU1JWMRgwFgYD
-VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASxTQGLWBk2O+27iV7RhgXGatSI
-RPxZgPYWMp1UXbivwFwkDszu6GVFRHruQ4lJfOvbEawj6uUXa1lteBlhmF9Ho4IB
-QTCCAT0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwHQYDVR0OBBYEFFVD
-8NDTBJgM63zqg9O99IFGMdEPMIHYBgNVHSMEgdAwgc2AFFVD8NDTBJgM63zqg9O9
-9IFGMdEPoYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3Rv
-bjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwM
-RUNDMjU2SzEtU1JWMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
-9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFG9evYKFQHH3FVOqBEOwrn3nXnDzMA4G
-A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNI
-ADBFAiEA4vseC5L9sRBOvdwsXNEjWRJMsPNdSvxprbk7yAYXEWMCIFxjqzpn3CsI
-yjmfiEPngtCc5wVO8rbyzuCMPbbGj4GK
+MIIDdjCCAx2gAwIBAgIULt9GEpTucVEA3LtBQYCuGvERaCYwCgYIKoZIzj0EAwIw
+gZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtU1JW
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMzMxMjEwMjIxOTI4WjCBmTEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0
+bGUxETAPBgNVBAoMCEVsbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1TUlYxGDAW
+BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
+c3NsLmNvbTBWMBAGByqGSM49AgEGBSuBBAAKA0IABL7QR2amamwhtnJxziBnYQWz
+77kHLDFqu29TElDpBgZkSxS7VmGzDD9y8kX3O5Y5dldSk+kSg/HYxYcRql6Opcmj
+ggFCMIIBPjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4EFgQU
+bZoK1kzJQ2sSKcSwtUmKf71CS4cwgdkGA1UdIwSB0TCBzoAUbZoK1kzJQ2sSKcSw
+tUmKf71CS4ehgZ+kgZwwgZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5n
+dG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEVMBMGA1UE
+CwwMRUNDMjU2SzEtU1JWMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
+hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFC7fRhKU7nFRANy7QUGArhrxEWgm
+MA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQD
+AgNHADBEAiBY4Zf+gXpUjdFGQf0azx3B2PXLACHfZiEJ686iy9vQYwIgOivoRuMc
+wyPo7oz5Ilcw1YqbbfOn++UJqji6moTmN3s=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der
index 5ac78811..b1e98d73 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem
index 644b9716..20221652 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED25519
@@ -26,22 +26,22 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED25519
- 40:01:0f:0b:8d:d6:aa:dc:2c:b3:40:22:e7:78:ef:1c:8b:08:
- 27:ee:d9:d7:b6:91:b3:2d:3d:ac:b9:50:fb:2f:b5:25:63:5a:
- 1a:3d:3e:cd:81:a1:a9:e7:d5:a1:4a:19:b8:4c:b0:1d:3c:8a:
- e3:47:c0:f6:41:95:e6:59:23:08
+ e6:71:a0:59:63:b4:31:31:1f:75:06:ce:f1:89:f0:e7:a2:db:
+ a8:c1:e4:c8:61:38:0c:e6:e9:e7:b9:9f:ce:e2:f5:49:a3:f5:
+ 04:1e:85:f7:7d:10:fb:1d:ee:b6:dc:5e:51:f1:82:33:a4:ed:
+ e0:0a:65:09:2b:0e:1e:b2:af:0b
-----BEGIN CERTIFICATE-----
MIICZTCCAhegAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk
MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
8ixkAQEMB3dvbGZTU0wwKjAFBgMrZXADIQBCO3r5gs/53xnd8/AyKW36/XZPaMLC
4GxHrsJVaKwNTaNjMGEwHQYDVR0OBBYEFHTVOBleg7kD+AGKNTW7iUxJtCPpMB8G
A1UdIwQYMBaAFPq6W3Yd8R0dTXRI2Jg7Vu+zFPPeMA8GA1UdEwEB/wQFMAMBAf8w
-DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAEABDwuN1qrcLLNAIud47xyLCCfu2de2
-kbMtPay5UPsvtSVjWho9Ps2Boann1aFKGbhMsB08iuNHwPZBleZZIwg=
+DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAOZxoFljtDExH3UGzvGJ8Oei26jB5Mhh
+OAzm6ee5n87i9Umj9QQehfd9EPsd7rbcXlHxgjOk7eAKZQkrDh6yrws=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der
index 64978eea..82347a28 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem
index 7706b1a7..9d35f82d 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 69:ac:b8:b4:f7:e4:11:cb:c5:63:b2:cc:2a:a8:e2:0f:55:ee:86:86
+ 31:e6:4a:b1:6b:4e:2e:77:7b:d6:e3:94:8a:cf:02:b7:58:5a:fb:ab
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED25519
@@ -22,7 +22,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed25519/OU=Client-ed25519/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
- serial:69:AC:B8:B4:F7:E4:11:CB:C5:63:B2:CC:2A:A8:E2:0F:55:EE:86:86
+ serial:31:E6:4A:B1:6B:4E:2E:77:7B:D6:E3:94:8A:CF:02:B7:58:5A:FB:AB
X509v3 Basic Constraints:
CA:TRUE
@@ -31,17 +31,17 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ED25519
- 2e:4a:b8:2a:f0:75:ee:31:6a:51:0a:6a:54:5b:45:6e:ac:03:
- a8:a9:9a:d4:d6:38:02:eb:76:b6:a7:66:86:ea:e9:f3:6f:31:
- 4e:e4:50:d1:75:fe:88:3f:23:9d:76:d9:9c:07:14:13:16:30:
- c3:40:51:06:da:a5:39:5f:0a:09
+ 92:ac:52:cf:34:c2:76:8a:78:f7:ef:da:3f:79:e9:66:d1:de:
+ e1:d7:56:b5:4b:cf:a7:c2:03:af:cc:23:11:4b:44:0c:33:ce:
+ 45:e0:33:eb:cc:c9:f8:38:5b:19:6f:86:4d:97:30:d1:55:6e:
+ cb:5f:39:c9:a3:22:16:66:5f:07
-----BEGIN CERTIFICATE-----
-MIIDnzCCA1GgAwIBAgIUaay4tPfkEcvFY7LMKqjiD1XuhoYwBQYDK2VwMIG4MQsw
+MIIDnzCCA1GgAwIBAgIUMeZKsWtOLnd71uOUis8Ct1ha+6swBQYDK2VwMIG4MQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
MBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUx
OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0yMjEyMTYy
-MTE3NTBaFw0yNTA5MTEyMTE3NTBaMIG4MQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
+QHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0yMzEyMTMy
+MjE5MjlaFw0yNjA5MDgyMjE5MjlaMIG4MQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1
NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZIm
@@ -51,9 +51,9 @@ EdaKMIH4BgNVHSMEgfAwge2AFP5BXj6B4i5Gsz5HiZDUwrSOEdaKoYG+pIG7MIG4
MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1h
bjEYMBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQy
NTUxOTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBp
-bmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTIIUaay4tPfk
-EcvFY7LMKqjiD1XuhoYwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
+bmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTIIUMeZKsWtO
+Lnd71uOUis8Ct1ha+6swDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
LmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwBQYDK2Vw
-A0EALkq4KvB17jFqUQpqVFtFbqwDqKma1NY4Aut2tqdmhurp828xTuRQ0XX+iD8j
-nXbZnAcUExYww0BRBtqlOV8KCQ==
+A0EAkqxSzzTCdop49+/aP3npZtHe4ddWtUvPp8IDr8wjEUtEDDPOReAz68zJ+Dhb
+GW+GTZcw0VVuy185yaMiFmZfBw==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der
new file mode 100644
index 00000000..1c08775e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der
@@ -0,0 +1,2 @@
+0%
+ ÔîrÛùXJÕ¶Øñ÷iø­:þ|(ËñÔûà—¨DuXB \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem
new file mode 100644
index 00000000..496fc47f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem
@@ -0,0 +1,3 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MCUKAQEEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
+-----END EDDSA PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/include.am b/extra/wolfssl/wolfssl/certs/ed25519/include.am
index 5739596c..de4c3488 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/include.am
+++ b/extra/wolfssl/wolfssl/certs/ed25519/include.am
@@ -27,7 +27,9 @@ EXTRA_DIST += \
certs/ed25519/server-ed25519-key.der \
certs/ed25519/server-ed25519-key.pem \
certs/ed25519/server-ed25519-priv.der \
- certs/ed25519/server-ed25519-priv.pem
+ certs/ed25519/server-ed25519-priv.pem \
+ certs/ed25519/eddsa-ed25519.der \
+ certs/ed25519/eddsa-ed25519.pem
EXTRA_DIST += \
certs/ed25519/gen-ed25519.sh \
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der
index 4013c673..d83657cb 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem
index 13240e8b..f24691e3 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 4b:b3:7e:42:e1:d1:6c:16:28:33:87:4f:4f:b8:fb:44:1f:cf:7a:18
+ 46:46:59:7b:c4:b5:a1:60:04:ac:02:eb:e1:90:18:64:d9:1c:dc:bd
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED25519
@@ -27,22 +27,22 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED25519
- 3d:94:fc:b8:6a:4a:d4:34:91:8b:84:c2:c6:ac:7b:93:60:44:
- 24:e0:0e:19:79:a5:73:49:72:af:85:82:5b:1a:05:2a:69:6a:
- 13:01:69:26:b6:64:99:22:b4:8e:13:ec:91:13:44:b4:14:eb:
- 51:21:b1:5b:78:85:c8:c6:db:0f
+ ac:a3:8f:0c:8a:5d:96:a3:87:54:2f:0e:f3:9b:ce:e4:6e:33:
+ 84:ff:e6:79:ff:9a:3d:c6:86:12:c8:47:4e:64:ba:c1:8b:55:
+ 0e:cd:61:33:d3:0a:54:ce:d4:51:3e:cd:7f:6f:00:f8:5c:26:
+ 6d:a8:25:dc:f7:39:73:a9:92:05
-----BEGIN CERTIFICATE-----
-MIICYTCCAhOgAwIBAgIUS7N+QuHRbBYoM4dPT7j7RB/PehgwBQYDK2VwMIGdMQsw
+MIICYTCCAhOgAwIBAgIURkZZe8S1oWAErALr4ZAYZNkc3L0wBQYDK2VwMIGdMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3NDlaMIGdMQsw
+b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGdMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbTAqMAUGAytlcAMhAOmzb3xwiqvKVCBOZHY8Gk/3+l5K//PbuWQt
EKUMWj/ao2MwYTAdBgNVHQ4EFgQU+rpbdh3xHR1NdEjYmDtW77MU894wHwYDVR0j
BBgwFoAU+rpbdh3xHR1NdEjYmDtW77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNV
-HQ8BAf8EBAMCAYYwBQYDK2VwA0EAPZT8uGpK1DSRi4TCxqx7k2BEJOAOGXmlc0ly
-r4WCWxoFKmlqEwFpJrZkmSK0jhPskRNEtBTrUSGxW3iFyMbbDw==
+HQ8BAf8EBAMCAYYwBQYDK2VwA0EArKOPDIpdlqOHVC8O85vO5G4zhP/mef+aPcaG
+EshHTmS6wYtVDs1hM9MKVM7UUT7Nf28A+Fwmbagl3Pc5c6mSBQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem
index cce5f924..d08b56a0 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED25519
@@ -30,16 +30,16 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ED25519
- 36:3f:8d:2f:28:bd:51:83:b8:d8:9c:09:64:c4:77:fd:cd:c6:
- c3:86:b0:8d:81:e3:e9:ce:7a:2a:32:15:e9:f9:6a:75:1a:a0:
- 5e:71:62:72:de:46:11:a8:9d:db:80:6b:73:38:61:0c:f3:24:
- 11:45:c9:a1:d3:d2:3b:05:d5:05
+ 22:d7:34:ac:33:65:8b:18:a4:34:f9:3a:e6:ce:c1:77:a6:3d:
+ 2a:2a:ee:22:ad:6e:fc:36:fc:98:8d:8a:fd:3f:cb:a9:74:01:
+ 25:96:05:e1:39:13:8b:d9:05:6d:c9:ba:0e:5d:36:bf:39:03:
+ 57:2a:55:fc:e3:53:c3:1b:e1:0b
-----BEGIN CERTIFICATE-----
MIICpzCCAlmgAwIBAgIBATAFBgMrZXAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
-8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCB
uDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xGDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOU2VydmVyLWVk
MjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
@@ -47,7 +47,7 @@ aW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0wwKjAFBgMr
ZXADIQAjqk1gUOAT0zrtq/apzEr+100v0lsaEAXvWkElzhtTeKOBiTCBhjAdBgNV
HQ4EFgQUoymB55BvuWD4r8wVeq7XofS0hrowHwYDVR0jBBgwFoAUdNU4GV6DuQP4
AYo1NbuJTEm0I+kwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0l
-BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBADY/jS8o
-vVGDuNicCWTEd/3NxsOGsI2B4+nOeioyFen5anUaoF5xYnLeRhGonduAa3M4YQzz
-JBFFyaHT0jsF1QU=
+BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBACLXNKwz
+ZYsYpDT5OubOwXemPSoq7iKtbvw2/JiNiv0/y6l0ASWWBeE5E4vZBW3Jug5dNr85
+A1cqVfzjU8Mb4Qs=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der
index 21f0814c..d4b8eca3 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem
index 8c2636bc..9d4cfbe6 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED25519
@@ -30,16 +30,16 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ED25519
- 36:3f:8d:2f:28:bd:51:83:b8:d8:9c:09:64:c4:77:fd:cd:c6:
- c3:86:b0:8d:81:e3:e9:ce:7a:2a:32:15:e9:f9:6a:75:1a:a0:
- 5e:71:62:72:de:46:11:a8:9d:db:80:6b:73:38:61:0c:f3:24:
- 11:45:c9:a1:d3:d2:3b:05:d5:05
+ 22:d7:34:ac:33:65:8b:18:a4:34:f9:3a:e6:ce:c1:77:a6:3d:
+ 2a:2a:ee:22:ad:6e:fc:36:fc:98:8d:8a:fd:3f:cb:a9:74:01:
+ 25:96:05:e1:39:13:8b:d9:05:6d:c9:ba:0e:5d:36:bf:39:03:
+ 57:2a:55:fc:e3:53:c3:1b:e1:0b
-----BEGIN CERTIFICATE-----
MIICpzCCAlmgAwIBAgIBATAFBgMrZXAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
-8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCB
uDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xGDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOU2VydmVyLWVk
MjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
@@ -47,9 +47,9 @@ aW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0wwKjAFBgMr
ZXADIQAjqk1gUOAT0zrtq/apzEr+100v0lsaEAXvWkElzhtTeKOBiTCBhjAdBgNV
HQ4EFgQUoymB55BvuWD4r8wVeq7XofS0hrowHwYDVR0jBBgwFoAUdNU4GV6DuQP4
AYo1NbuJTEm0I+kwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0l
-BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBADY/jS8o
-vVGDuNicCWTEd/3NxsOGsI2B4+nOeioyFen5anUaoF5xYnLeRhGonduAa3M4YQzz
-JBFFyaHT0jsF1QU=
+BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBACLXNKwz
+ZYsYpDT5OubOwXemPSoq7iKtbvw2/JiNiv0/y6l0ASWWBeE5E4vZBW3Jug5dNr85
+A1cqVfzjU8Mb4Qs=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -58,8 +58,8 @@ Certificate:
Signature Algorithm: ED25519
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED25519
@@ -79,22 +79,22 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED25519
- 40:01:0f:0b:8d:d6:aa:dc:2c:b3:40:22:e7:78:ef:1c:8b:08:
- 27:ee:d9:d7:b6:91:b3:2d:3d:ac:b9:50:fb:2f:b5:25:63:5a:
- 1a:3d:3e:cd:81:a1:a9:e7:d5:a1:4a:19:b8:4c:b0:1d:3c:8a:
- e3:47:c0:f6:41:95:e6:59:23:08
+ e6:71:a0:59:63:b4:31:31:1f:75:06:ce:f1:89:f0:e7:a2:db:
+ a8:c1:e4:c8:61:38:0c:e6:e9:e7:b9:9f:ce:e2:f5:49:a3:f5:
+ 04:1e:85:f7:7d:10:fb:1d:ee:b6:dc:5e:51:f1:82:33:a4:ed:
+ e0:0a:65:09:2b:0e:1e:b2:af:0b
-----BEGIN CERTIFICATE-----
MIICZTCCAhegAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk
MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
8ixkAQEMB3dvbGZTU0wwKjAFBgMrZXADIQBCO3r5gs/53xnd8/AyKW36/XZPaMLC
4GxHrsJVaKwNTaNjMGEwHQYDVR0OBBYEFHTVOBleg7kD+AGKNTW7iUxJtCPpMB8G
A1UdIwQYMBaAFPq6W3Yd8R0dTXRI2Jg7Vu+zFPPeMA8GA1UdEwEB/wQFMAMBAf8w
-DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAEABDwuN1qrcLLNAIud47xyLCCfu2de2
-kbMtPay5UPsvtSVjWho9Ps2Boann1aFKGbhMsB08iuNHwPZBleZZIwg=
+DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAOZxoFljtDExH3UGzvGJ8Oei26jB5Mhh
+OAzm6ee5n87i9Umj9QQehfd9EPsd7rbcXlHxgjOk7eAKZQkrDh6yrws=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der
index b9493ac8..25085505 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem
index c090c44a..a384c30a 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ED448
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED448
@@ -27,27 +27,27 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED448
- 44:dc:1a:ae:76:a6:28:68:81:e9:27:c5:53:ea:96:92:04:0f:
- a0:a9:cc:97:7c:9f:05:62:d7:bb:a2:df:5e:3d:52:87:ab:15:
- 35:cd:c5:e1:e7:c2:9a:c6:d8:20:46:6b:62:4b:0d:28:41:d2:
- 5e:11:80:4f:41:c2:23:bd:2b:b0:e1:e0:66:58:c1:aa:24:f8:
- 7b:98:99:79:31:2b:33:5e:95:3a:87:cc:cf:49:a5:87:3b:38:
- 9e:c2:be:de:45:34:55:25:78:3c:19:03:f3:62:14:a7:2a:9a:
- 2e:78:8b:6a:3a:00
+ 24:d8:26:28:60:11:09:c1:a5:f9:a9:7f:a7:40:ed:a5:07:cb:
+ cb:3e:a1:6a:d3:45:6d:4c:e1:66:36:37:57:6a:34:5d:33:45:
+ b3:17:e1:18:76:57:df:fe:44:b4:ec:04:16:74:52:82:24:52:
+ 1f:99:00:2d:42:a9:5c:45:1b:8d:b8:95:ce:0d:82:cb:52:8f:
+ e2:bd:20:19:6a:8a:79:29:f6:20:d3:e6:35:8c:27:1a:a4:64:
+ b7:ff:91:09:21:57:c6:11:c5:01:9a:98:54:31:37:7a:7b:ed:
+ 35:a9:4d:13:19:00
-----BEGIN CERTIFICATE-----
MIICqDCCAiigAwIBAgIBATAFBgMrZXEwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX0Vk
NDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
-b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjEx
-NzUwWhcNMjUwOTExMjExNzUwWjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIx
+OTI5WhcNMjYwOTA4MjIxOTI5WjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
bnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFjAUBgNVBAoMDXdvbGZTU0xfZWQ0NDgx
ETAPBgNVBAsMCENBLWVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd
BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3
b2xmU1NMMEMwBQYDK2VxAzoADuK0duXSzMJLe7ApvpL7w69ppZS6cCToo+/IY5rd
pq9YQzgEJPAQkb6nAZFU889phUy5l4ykN6oAo2MwYTAdBgNVHQ4EFgQUOFlF6N1E
LLV9pSXWC8w58HLAlGMwHwYDVR0jBBgwFoAU2mmYySZKdftZXlOaY0sMuIgLDx4w
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MARNwarnam
-KGiB6SfFU+qWkgQPoKnMl3yfBWLXu6LfXj1Sh6sVNc3F4efCmsbYIEZrYksNKEHS
-XhGAT0HCI70rsOHgZljBqiT4e5iZeTErM16VOofMz0mlhzs4nsK+3kU0VSV4PBkD
-82IUpyqaLniLajoA
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MAJNgmKGAR
+CcGl+al/p0DtpQfLyz6hatNFbUzhZjY3V2o0XTNFsxfhGHZX3/5EtOwEFnRSgiRS
+H5kALUKpXEUbjbiVzg2Cy1KP4r0gGWqKeSn2INPmNYwnGqRkt/+RCSFXxhHFAZqY
+VDE3envtNalNExkA
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der
index 48d6d4fe..e220065a 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem
index f20ac5e3..ec2bf3da 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 41:cb:cd:b4:41:06:a7:13:d4:27:66:bf:c9:a7:44:64:18:84:d5:eb
+ 1e:73:eb:26:79:34:8f:f6:ba:9b:e5:8d:b4:e1:1a:73:6b:91:a6:6b
Signature Algorithm: ED448
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Client-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Client-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED448
@@ -23,7 +23,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:F3:C7:66:93:0D:CB:0E:1B:80:08:00:CF:E3:4E:11:4D:58:2B:4B:D4
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed448/OU=Client-ed448/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
- serial:41:CB:CD:B4:41:06:A7:13:D4:27:66:BF:C9:A7:44:64:18:84:D5:EB
+ serial:1E:73:EB:26:79:34:8F:F6:BA:9B:E5:8D:B4:E1:1A:73:6B:91:A6:6B
X509v3 Basic Constraints:
CA:TRUE
@@ -32,20 +32,20 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ED448
- 00:99:ac:61:ff:f7:f9:cd:d9:75:74:6f:16:8d:65:12:60:77:
- 6d:1a:ee:42:bb:aa:31:cc:c9:57:c7:2e:78:a3:a5:48:73:ac:
- b2:d9:2b:ca:f5:35:14:a3:e9:64:40:de:b7:2a:24:d3:73:f9:
- 17:fe:80:32:dd:7b:7f:39:29:87:a3:de:d3:48:27:84:b2:50:
- 0b:c4:02:36:cd:10:62:88:61:a4:74:c9:b6:5d:c7:94:f0:83:
- 28:36:73:5c:a0:66:62:06:63:c1:41:2d:c3:23:24:e6:4f:f9:
- 19:85:2f:8d:30:00
+ c8:1a:84:b3:0f:6c:53:1b:21:49:44:ce:5d:46:30:1a:9a:eb:
+ 9e:cb:22:40:89:09:a8:4a:23:69:27:05:f3:cf:5d:7a:d0:9b:
+ a7:fd:b9:52:d2:4e:b1:e4:ed:8f:de:7f:75:49:07:f5:df:ec:
+ ac:34:00:d4:12:b1:b4:1e:49:1c:da:ae:34:db:4c:d6:2b:40:
+ 00:2a:ed:3f:37:09:26:62:ab:32:34:f4:81:19:d4:6b:ef:07:
+ 19:0c:6c:d9:e9:69:24:c7:e5:b2:73:b0:6d:14:ba:3e:8a:86:
+ 5d:24:dc:80:3c:00
-----BEGIN CERTIFICATE-----
-MIID3jCCA16gAwIBAgIUQcvNtEEGpxPUJ2a/yadEZBiE1eswBQYDK2VxMIG0MQsw
+MIID3jCCA16gAwIBAgIUHnPrJnk0j/a6m+WNtOEac2uRpmswBQYDK2VxMIG0MQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMQ2xpZW50LWVkNDQ4MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
-ZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIxMTc1
-MFoXDTI1MDkxMTIxMTc1MFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
+ZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIyMTky
+OVoXDTI2MDkwODIyMTkyOVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2VkNDQ4MRUw
EwYDVQQLDAxDbGllbnQtZWQ0NDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf
MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEM
@@ -56,9 +56,9 @@ VzXIdrOzMI+HeOYmWifYDDieezwTL8ykKWyA74CjggFlMIIBYTAdBgNVHQ4EFgQU
MRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2VkNDQ4MRUwEwYD
VQQLDAxDbGllbnQtZWQ0NDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dv
-bGZTU0yCFEHLzbRBBqcT1Cdmv8mnRGQYhNXrMAwGA1UdEwQFMAMBAf8wHAYDVR0R
+bGZTU0yCFB5z6yZ5NI/2upvljbThGnNrkaZrMAwGA1UdEwQFMAMBAf8wHAYDVR0R
BBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
-AQUFBwMCMAUGAytlcQNzAACZrGH/9/nN2XV0bxaNZRJgd20a7kK7qjHMyVfHLnij
-pUhzrLLZK8r1NRSj6WRA3rcqJNNz+Rf+gDLde385KYej3tNIJ4SyUAvEAjbNEGKI
-YaR0ybZdx5Twgyg2c1ygZmIGY8FBLcMjJOZP+RmFL40wAA==
+AQUFBwMCMAUGAytlcQNzAMgahLMPbFMbIUlEzl1GMBqa657LIkCJCahKI2knBfPP
+XXrQm6f9uVLSTrHk7Y/ef3VJB/Xf7Kw0ANQSsbQeSRzarjTbTNYrQAAq7T83CSZi
+qzI09IEZ1GvvBxkMbNnpaSTH5bJzsG0Uuj6Khl0k3IA8AA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der
index 055ea06e..959c9d89 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem
index d9d289de..15ea8227 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 15:10:83:9c:88:f8:38:05:d2:56:c9:ff:8d:c8:a7:bb:c3:ee:a1:d5
+ 13:86:16:ce:8f:3e:19:34:76:2d:dd:88:13:01:34:86:73:7b:5a:9a
Signature Algorithm: ED448
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: ED448
@@ -28,27 +28,27 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED448
- e0:a1:1b:d8:b9:fe:48:22:0c:ec:a4:8d:7b:b1:dd:b7:a2:b7:
- 8c:48:49:0d:d7:39:5f:13:97:16:0c:2a:d1:3d:c8:f6:fb:f6:
- 81:55:f0:5f:ff:cb:94:eb:29:6a:9d:2d:16:4c:2b:bd:13:9f:
- 22:87:80:42:17:c3:de:2b:fb:87:a1:1d:79:29:bf:59:12:c7:
- 71:68:ca:78:33:ae:bf:1a:8d:8c:f1:68:e1:92:7e:6b:65:5a:
- 49:ef:a6:47:4d:e6:70:93:61:58:fa:63:23:63:d4:09:c3:49:
- e5:b1:f9:27:1c:00
+ 58:fd:39:b5:c2:38:86:da:aa:72:ec:35:44:d1:8a:b6:7c:28:
+ 9f:c4:75:c9:bf:09:d8:49:c0:18:34:9d:10:c3:e9:f3:54:9b:
+ 3d:8a:c7:9c:bd:a1:9d:33:88:17:f2:55:9c:bb:00:63:d8:40:
+ a2:ed:80:7d:e9:95:1d:f0:fb:9f:7c:43:ba:b1:63:4e:48:7e:
+ 87:ea:82:21:bb:3f:a5:2f:6e:43:77:90:4b:e3:e4:29:a8:a1:
+ c0:c4:22:a5:6c:49:ef:c7:e9:36:1c:39:3f:71:3d:6d:51:27:
+ 89:99:fa:c6:1c:00
-----BEGIN CERTIFICATE-----
-MIICpDCCAiSgAwIBAgIUFRCDnIj4OAXSVsn/jcinu8PuodUwBQYDK2VxMIGZMQsw
+MIICpDCCAiSgAwIBAgIUE4YWzo8+GTR2Ld2IEwE0hnN7WpowBQYDK2VxMIGZMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
MBQGA1UECgwNd29sZlNTTF9FZDQ0ODETMBEGA1UECwwKUm9vdC1FZDQ0ODEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
-c2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZkxCzAJBgNV
+c2wuY29tMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgZkxCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYD
VQQKDA13b2xmU1NMX0VkNDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQD
DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b20wQzAFBgMrZXEDOgALZCYoz7VGm+4/6jv1Znoy1P59+IBfWFds13nuZqI9VI+N
CK/LuEOUUF3lU2JpyHWCpl5EyktbCwCjYzBhMB0GA1UdDgQWBBTaaZjJJkp1+1le
U5pjSwy4iAsPHjAfBgNVHSMEGDAWgBTaaZjJJkp1+1leU5pjSwy4iAsPHjAPBgNV
-HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAFBgMrZXEDcwDgoRvYuf5IIgzs
-pI17sd23oreMSEkN1zlfE5cWDCrRPcj2+/aBVfBf/8uU6ylqnS0WTCu9E58ih4BC
-F8PeK/uHoR15Kb9ZEsdxaMp4M66/Go2M8Wjhkn5rZVpJ76ZHTeZwk2FY+mMjY9QJ
-w0nlsfknHAA=
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAFBgMrZXEDcwBY/Tm1wjiG2qpy
+7DVE0Yq2fCifxHXJvwnYScAYNJ0Qw+nzVJs9isecvaGdM4gX8lWcuwBj2ECi7YB9
+6ZUd8PuffEO6sWNOSH6H6oIhuz+lL25Dd5BL4+QpqKHAxCKlbEnvx+k2HDk/cT1t
+USeJmfrGHAA=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem b/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem
index c18e147a..43085091 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ED448
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Server-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED448
@@ -31,19 +31,19 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ED448
- 85:87:37:04:21:3e:2a:09:c2:e3:ca:28:12:28:f5:a4:98:e8:
- 14:54:ea:13:1e:fc:bc:ca:eb:1c:7f:e0:c1:53:ac:be:0d:ff:
- d3:49:00:30:4f:74:10:da:6e:0a:a9:01:4a:b6:10:a5:77:8d:
- 63:a7:80:a7:7b:7c:73:d4:e5:87:b6:64:32:96:2c:0b:b9:84:
- b7:a5:3b:f2:55:b7:6a:fe:7b:dc:8a:20:75:77:0d:37:14:25:
- b4:88:d2:da:7c:2e:6a:67:c9:a6:cd:19:80:49:53:90:d7:21:
- 29:c7:97:b3:1e:00
+ f9:2a:92:55:05:3d:74:24:8f:57:f4:91:e5:66:85:7c:53:11:
+ 88:22:82:ea:a3:50:0f:c2:a6:8e:39:85:85:14:a3:d4:ac:4f:
+ 66:fc:7e:b4:b3:f4:d7:5d:7c:9b:7f:c4:8e:3b:bc:d9:3a:cc:
+ 91:91:00:5d:da:26:04:2c:ba:f9:c4:45:3a:d3:4f:80:1e:46:
+ 9b:86:b8:56:ee:b2:e8:ba:26:47:28:2a:3d:cc:6a:51:33:c3:
+ 8e:8b:c4:01:8c:cc:25:fd:b4:cb:c2:a3:46:ad:b7:9d:14:e6:
+ a6:02:39:07:34:00
-----BEGIN CERTIFICATE-----
MIIC6jCCAmqgAwIBAgIBATAFBgMrZXEwgbAxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2Vk
NDQ4MREwDwYDVQQLDAhDQS1lZDQ0ODEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQB
-AQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIG0MQsw
+AQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIG0MQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMU2VydmVyLWVkNDQ4MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -52,7 +52,7 @@ Aes32akHzQG8nXAWwiwrdVtj2+46LUSSRrR7BwNPoq6GhtyLSyx/6GsUjVjdbedv
OgWVqO8Ao4GJMIGGMB0GA1UdDgQWBBR8q1wSqWjYGBAofZLFSrhMTHYO2zAfBgNV
HSMEGDAWgBQ4WUXo3UQstX2lJdYLzDnwcsCUYzAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMC
-BkAwBQYDK2VxA3MAhYc3BCE+KgnC48ooEij1pJjoFFTqEx78vMrrHH/gwVOsvg3/
-00kAME90ENpuCqkBSrYQpXeNY6eAp3t8c9Tlh7ZkMpYsC7mEt6U78lW3av573Iog
-dXcNNxQltIjS2nwuamfJps0ZgElTkNchKceXsx4A
+BkAwBQYDK2VxA3MA+SqSVQU9dCSPV/SR5WaFfFMRiCKC6qNQD8KmjjmFhRSj1KxP
+Zvx+tLP01118m3/Ejju82TrMkZEAXdomBCy6+cRFOtNPgB5Gm4a4Vu6y6LomRygq
+PcxqUTPDjovEAYzMJf20y8KjRq23nRTmpgI5BzQA
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der
index 8c5ddf7b..c287ff39 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem
index 88921cc9..ed589ec4 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ED448
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Server-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED448
@@ -31,19 +31,19 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ED448
- 85:87:37:04:21:3e:2a:09:c2:e3:ca:28:12:28:f5:a4:98:e8:
- 14:54:ea:13:1e:fc:bc:ca:eb:1c:7f:e0:c1:53:ac:be:0d:ff:
- d3:49:00:30:4f:74:10:da:6e:0a:a9:01:4a:b6:10:a5:77:8d:
- 63:a7:80:a7:7b:7c:73:d4:e5:87:b6:64:32:96:2c:0b:b9:84:
- b7:a5:3b:f2:55:b7:6a:fe:7b:dc:8a:20:75:77:0d:37:14:25:
- b4:88:d2:da:7c:2e:6a:67:c9:a6:cd:19:80:49:53:90:d7:21:
- 29:c7:97:b3:1e:00
+ f9:2a:92:55:05:3d:74:24:8f:57:f4:91:e5:66:85:7c:53:11:
+ 88:22:82:ea:a3:50:0f:c2:a6:8e:39:85:85:14:a3:d4:ac:4f:
+ 66:fc:7e:b4:b3:f4:d7:5d:7c:9b:7f:c4:8e:3b:bc:d9:3a:cc:
+ 91:91:00:5d:da:26:04:2c:ba:f9:c4:45:3a:d3:4f:80:1e:46:
+ 9b:86:b8:56:ee:b2:e8:ba:26:47:28:2a:3d:cc:6a:51:33:c3:
+ 8e:8b:c4:01:8c:cc:25:fd:b4:cb:c2:a3:46:ad:b7:9d:14:e6:
+ a6:02:39:07:34:00
-----BEGIN CERTIFICATE-----
MIIC6jCCAmqgAwIBAgIBATAFBgMrZXEwgbAxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2Vk
NDQ4MREwDwYDVQQLDAhDQS1lZDQ0ODEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQB
-AQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIG0MQsw
+AQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIG0MQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMU2VydmVyLWVkNDQ4MRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -52,9 +52,9 @@ Aes32akHzQG8nXAWwiwrdVtj2+46LUSSRrR7BwNPoq6GhtyLSyx/6GsUjVjdbedv
OgWVqO8Ao4GJMIGGMB0GA1UdDgQWBBR8q1wSqWjYGBAofZLFSrhMTHYO2zAfBgNV
HSMEGDAWgBQ4WUXo3UQstX2lJdYLzDnwcsCUYzAMBgNVHRMBAf8EAjAAMA4GA1Ud
DwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMC
-BkAwBQYDK2VxA3MAhYc3BCE+KgnC48ooEij1pJjoFFTqEx78vMrrHH/gwVOsvg3/
-00kAME90ENpuCqkBSrYQpXeNY6eAp3t8c9Tlh7ZkMpYsC7mEt6U78lW3av573Iog
-dXcNNxQltIjS2nwuamfJps0ZgElTkNchKceXsx4A
+BkAwBQYDK2VxA3MA+SqSVQU9dCSPV/SR5WaFfFMRiCKC6qNQD8KmjjmFhRSj1KxP
+Zvx+tLP01118m3/Ejju82TrMkZEAXdomBCy6+cRFOtNPgB5Gm4a4Vu6y6LomRygq
+PcxqUTPDjovEAYzMJf20y8KjRq23nRTmpgI5BzQA
-----END CERTIFICATE-----
Certificate:
Data:
@@ -63,8 +63,8 @@ Certificate:
Signature Algorithm: ED448
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: ED448
@@ -85,27 +85,27 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ED448
- 44:dc:1a:ae:76:a6:28:68:81:e9:27:c5:53:ea:96:92:04:0f:
- a0:a9:cc:97:7c:9f:05:62:d7:bb:a2:df:5e:3d:52:87:ab:15:
- 35:cd:c5:e1:e7:c2:9a:c6:d8:20:46:6b:62:4b:0d:28:41:d2:
- 5e:11:80:4f:41:c2:23:bd:2b:b0:e1:e0:66:58:c1:aa:24:f8:
- 7b:98:99:79:31:2b:33:5e:95:3a:87:cc:cf:49:a5:87:3b:38:
- 9e:c2:be:de:45:34:55:25:78:3c:19:03:f3:62:14:a7:2a:9a:
- 2e:78:8b:6a:3a:00
+ 24:d8:26:28:60:11:09:c1:a5:f9:a9:7f:a7:40:ed:a5:07:cb:
+ cb:3e:a1:6a:d3:45:6d:4c:e1:66:36:37:57:6a:34:5d:33:45:
+ b3:17:e1:18:76:57:df:fe:44:b4:ec:04:16:74:52:82:24:52:
+ 1f:99:00:2d:42:a9:5c:45:1b:8d:b8:95:ce:0d:82:cb:52:8f:
+ e2:bd:20:19:6a:8a:79:29:f6:20:d3:e6:35:8c:27:1a:a4:64:
+ b7:ff:91:09:21:57:c6:11:c5:01:9a:98:54:31:37:7a:7b:ed:
+ 35:a9:4d:13:19:00
-----BEGIN CERTIFICATE-----
MIICqDCCAiigAwIBAgIBATAFBgMrZXEwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX0Vk
NDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
-b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjEx
-NzUwWhcNMjUwOTExMjExNzUwWjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIx
+OTI5WhcNMjYwOTA4MjIxOTI5WjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
bnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFjAUBgNVBAoMDXdvbGZTU0xfZWQ0NDgx
ETAPBgNVBAsMCENBLWVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd
BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3
b2xmU1NMMEMwBQYDK2VxAzoADuK0duXSzMJLe7ApvpL7w69ppZS6cCToo+/IY5rd
pq9YQzgEJPAQkb6nAZFU889phUy5l4ykN6oAo2MwYTAdBgNVHQ4EFgQUOFlF6N1E
LLV9pSXWC8w58HLAlGMwHwYDVR0jBBgwFoAU2mmYySZKdftZXlOaY0sMuIgLDx4w
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MARNwarnam
-KGiB6SfFU+qWkgQPoKnMl3yfBWLXu6LfXj1Sh6sVNc3F4efCmsbYIEZrYksNKEHS
-XhGAT0HCI70rsOHgZljBqiT4e5iZeTErM16VOofMz0mlhzs4nsK+3kU0VSV4PBkD
-82IUpyqaLniLajoA
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MAJNgmKGAR
+CcGl+al/p0DtpQfLyz6hatNFbUzhZjY3V2o0XTNFsxfhGHZX3/5EtOwEFnRSgiRS
+H5kALUKpXEUbjbiVzg2Cy1KP4r0gGWqKeSn2INPmNYwnGqRkt/+RCSFXxhHFAZqY
+VDE3envtNalNExkA
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem b/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem
index c4f712cc..ebd3e2dd 100644
--- a/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = NoCaBool, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:FALSE, pathlen:0
@@ -46,27 +46,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
Signature Algorithm: sha256WithRSAEncryption
- 22:6e:8b:b8:04:1b:db:85:37:85:51:80:3a:7f:68:19:e4:08:
- d5:dc:e3:a3:2a:a0:20:d4:bd:fa:d5:78:58:10:40:92:e1:ea:
- 17:36:d7:9c:71:6c:df:e3:ed:71:78:e3:8c:82:b5:dc:cb:82:
- 7d:26:65:b5:31:98:b4:8b:76:19:c5:72:18:9d:b5:fc:de:2d:
- eb:8e:07:db:5a:d9:13:34:ed:73:89:74:22:d2:b4:f9:bd:75:
- 4f:5a:ab:6d:fc:e8:8d:cd:32:22:f8:b2:a7:60:dd:3e:6e:a4:
- 1d:7f:02:53:c8:50:36:0e:90:55:43:73:6a:a3:ec:82:50:af:
- 56:0a:93:39:a9:43:48:55:fe:e8:94:84:d8:41:81:b8:3b:3e:
- 01:95:d7:69:b8:ec:a6:b4:73:73:2d:a4:30:d0:09:ad:6d:2c:
- 20:da:cd:30:ce:00:9f:81:cc:52:71:0e:32:1c:10:a4:f4:c4:
- 55:c5:b2:b2:66:97:bf:3b:d0:ae:1b:9b:1d:6c:4c:3f:2d:1a:
- 76:9c:31:96:dc:53:45:22:b1:e8:52:c6:54:25:85:d5:89:1f:
- db:3a:e7:97:b4:1e:0d:17:94:21:1e:f9:be:d6:b7:c1:92:a7:
- e2:d6:51:f4:c0:40:2f:17:6a:ab:85:5e:c4:0c:6e:cb:75:df:
- f7:ba:0d:f0
+ 44:6a:a0:11:85:71:72:c5:7c:84:36:aa:31:c4:4a:c0:99:0e:
+ fd:b9:78:69:0b:8c:58:b4:4c:01:04:65:f3:dd:ea:db:a2:1f:
+ d7:9d:cd:b4:6f:18:da:79:b8:35:c4:25:5e:61:a4:02:26:29:
+ 33:be:72:e5:35:8f:2b:68:0a:87:03:97:3e:9e:00:e2:37:7f:
+ 7a:c9:29:d8:fc:61:6b:3f:36:47:e2:66:e0:93:77:b7:75:46:
+ bb:0c:57:5c:af:7d:62:07:d9:0c:93:b7:5f:81:a6:9e:49:7b:
+ f8:0a:82:2a:2a:80:39:d8:91:c5:01:cb:aa:f4:d7:15:64:78:
+ 5c:1e:b4:57:35:6c:19:f6:36:b8:35:96:ce:c6:a7:cb:12:56:
+ c1:58:0b:10:54:b0:d7:b0:1f:48:50:b2:16:96:c8:88:32:88:
+ 25:bb:40:c3:c5:df:a2:74:04:84:21:c4:fe:fe:d3:08:50:4f:
+ 85:f7:b2:6e:5e:b5:3e:47:19:c9:1a:81:0a:24:33:a5:04:90:
+ 3f:c1:4d:f7:94:86:8f:78:82:4c:51:4e:37:84:1f:98:f2:91:
+ 07:58:c0:f9:dc:4f:b6:a8:54:a0:b9:0b:43:3b:bd:b2:3c:d6:
+ ad:52:05:6d:95:6b:c5:9c:5f:f5:87:f9:3b:e2:b8:3a:3a:3f:
+ 3f:06:df:10
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBkTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxETAP
BgNVBAsMCE5vQ2FCb29sMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
@@ -80,25 +80,25 @@ FgQU7/SLhs5179zh+CMeGrg7jZgJiOcwgdQGA1UdIwSBzDCByYAUJ45nEXTDJh0/
7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UE
CwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7bR50HZpI9aNfKrJBPymlBSzAM
+hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqobAHs9mDycFEKTNEU+rzpRDAM
BgNVHRMEBTADAgEAMAsGA1UdDwQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBACJui7gEG9uFN4VRgDp/aBnkCNXc
-46MqoCDUvfrVeFgQQJLh6hc215xxbN/j7XF444yCtdzLgn0mZbUxmLSLdhnFchid
-tfzeLeuOB9ta2RM07XOJdCLStPm9dU9aq2386I3NMiL4sqdg3T5upB1/AlPIUDYO
-kFVDc2qj7IJQr1YKkzmpQ0hV/uiUhNhBgbg7PgGV12m47Ka0c3MtpDDQCa1tLCDa
-zTDOAJ+BzFJxDjIcEKT0xFXFsrJml7870K4bmx1sTD8tGnacMZbcU0UisehSxlQl
-hdWJH9s655e0Hg0XlCEe+b7Wt8GSp+LWUfTAQC8XaquFXsQMbst13/e6DfA=
+KwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAERqoBGFcXLFfIQ2qjHESsCZDv25
+eGkLjFi0TAEEZfPd6tuiH9edzbRvGNp5uDXEJV5hpAImKTO+cuU1jytoCocDlz6e
+AOI3f3rJKdj8YWs/NkfiZuCTd7d1RrsMV1yvfWIH2QyTt1+Bpp5Je/gKgioqgDnY
+kcUBy6r01xVkeFwetFc1bBn2Nrg1ls7Gp8sSVsFYCxBUsNewH0hQshaWyIgyiCW7
+QMPF36J0BIQhxP7+0whQT4X3sm5etT5HGckagQokM6UEkD/BTfeUho94gkxRTjeE
+H5jykQdYwPncT7aoVKC5C0M7vbI81q1SBW2Va8WcX/WH+TviuDo6Pz8G3xA=
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+ 33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -129,7 +129,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -138,27 +138,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
- d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
- 03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
- 75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
- 1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
- ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
- 3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
- 6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
- 11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
- 51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
- b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
- 55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
- b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
- 86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
- d4:b8:9a:2c
+ 2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+ 14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+ ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+ df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+ 06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+ c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+ a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+ f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+ 46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+ 38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+ b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+ b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+ 6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+ d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+ b9:a2:fe:35
-----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -173,12 +173,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/fpki-cert.der b/extra/wolfssl/wolfssl/certs/fpki-cert.der
index c55dfcb3..560e31c0 100644
--- a/extra/wolfssl/wolfssl/certs/fpki-cert.der
+++ b/extra/wolfssl/wolfssl/certs/fpki-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/include.am b/extra/wolfssl/wolfssl/certs/include.am
index aeea7ee9..637b6b2d 100644
--- a/extra/wolfssl/wolfssl/certs/include.am
+++ b/extra/wolfssl/wolfssl/certs/include.am
@@ -3,115 +3,121 @@
#
EXTRA_DIST += \
- certs/ca-cert-chain.der \
- certs/ca-cert.pem \
- certs/ca-key.pem \
- certs/client-cert.pem \
- certs/client-keyEnc.pem \
- certs/client-key.pem \
- certs/client-uri-cert.pem \
- certs/client-absolute-urn.pem \
- certs/client-relative-uri.pem \
- certs/client-crl-dist.pem \
- certs/client-crl-dist.der \
- certs/ecc-key.pem \
- certs/ecc-keyPub.pem \
- certs/ecc-privkey.pem \
- certs/ecc-privkeyPkcs8.der \
- certs/ecc-privkeyPkcs8.pem \
- certs/ecc-keyPkcs8Enc.pem \
- certs/ecc-keyPkcs8Enc.der \
- certs/ecc-key-comp.pem \
- certs/ecc-keyPkcs8.pem \
- certs/ecc-keyPkcs8.der \
- certs/ecc-client-key.pem \
- certs/ecc-client-keyPub.pem \
- certs/client-ecc-cert.pem \
- certs/client-ca.pem \
- certs/dh2048.pem \
- certs/server-cert.pem \
- certs/server-ecc.pem \
- certs/server-ecc-self.pem \
- certs/server-ecc-comp.pem \
- certs/server-ecc-rsa.pem \
- certs/server-keyEnc.pem \
- certs/server-key.pem \
- certs/server-keyPub.pem \
- certs/server-keyPkcs8.der \
- certs/server-keyPkcs8Enc12.pem \
- certs/server-keyPkcs8Enc2.pem \
- certs/server-keyPkcs8Enc.pem \
- certs/server-keyPkcs8Enc.der \
- certs/server-keyPkcs8.pem \
- certs/server-revoked-cert.pem \
- certs/server-revoked-key.pem \
- certs/wolfssl-website-ca.pem \
- certs/test-degenerate.p7b \
- certs/test-ber-exp02-05-2022.p7b \
- certs/test-servercert.p12 \
- certs/test-servercert-rc2.p12 \
- certs/ecc-rsa-server.p12 \
- certs/dsaparams.der \
- certs/dsaparams.pem \
- certs/ecc-privOnlyKey.pem \
- certs/ecc-privOnlyCert.pem \
- certs/dh3072.pem \
- certs/dh4096.pem \
- certs/client-cert-ext.pem \
- certs/csr.attr.der \
- certs/csr.dsa.pem \
- certs/csr.signed.der \
- certs/csr.ext.der \
- certs/entity-no-ca-bool-cert.pem \
- certs/entity-no-ca-bool-key.pem \
- certs/x942dh2048.pem \
- certs/fpki-cert.der \
- certs/rid-cert.der
+ certs/ca-cert-chain.der \
+ certs/ca-cert.pem \
+ certs/ca-key.pem \
+ certs/client-cert.pem \
+ certs/client-keyEnc.pem \
+ certs/client-key.pem \
+ certs/client-uri-cert.pem \
+ certs/client-absolute-urn.pem \
+ certs/client-relative-uri.pem \
+ certs/client-crl-dist.pem \
+ certs/client-crl-dist.der \
+ certs/ecc-key.pem \
+ certs/ecc-keyPub.pem \
+ certs/ecc-params.der \
+ certs/ecc-params.pem \
+ certs/ecc-privkey.der \
+ certs/ecc-privkey.pem \
+ certs/ecc-privkeyPkcs8.der \
+ certs/ecc-privkeyPkcs8.pem \
+ certs/ecc-keyPkcs8Enc.pem \
+ certs/ecc-keyPkcs8Enc.der \
+ certs/ecc-key-comp.pem \
+ certs/ecc-keyPkcs8.pem \
+ certs/ecc-keyPkcs8.der \
+ certs/ecc-client-key.pem \
+ certs/ecc-client-keyPub.pem \
+ certs/client-ecc-cert.pem \
+ certs/client-ca.pem \
+ certs/dh2048.pem \
+ certs/server-cert.pem \
+ certs/server-ecc.pem \
+ certs/server-ecc-self.pem \
+ certs/server-ecc-comp.pem \
+ certs/server-ecc-rsa.pem \
+ certs/server-keyEnc.pem \
+ certs/server-key.pem \
+ certs/server-keyPub.der \
+ certs/server-keyPub.pem \
+ certs/server-keyPkcs8.der \
+ certs/server-keyPkcs8Enc12.pem \
+ certs/server-keyPkcs8Enc2.pem \
+ certs/server-keyPkcs8Enc.pem \
+ certs/server-keyPkcs8Enc.der \
+ certs/server-keyPkcs8.pem \
+ certs/server-revoked-cert.pem \
+ certs/server-revoked-key.pem \
+ certs/wolfssl-website-ca.pem \
+ certs/test-degenerate.p7b \
+ certs/test-ber-exp02-05-2022.p7b \
+ certs/test-servercert.p12 \
+ certs/test-servercert-rc2.p12 \
+ certs/ecc-rsa-server.p12 \
+ certs/dsaparams.der \
+ certs/dsaparams.pem \
+ certs/ecc-privOnlyKey.pem \
+ certs/ecc-privOnlyCert.pem \
+ certs/dh3072.pem \
+ certs/dh4096.pem \
+ certs/client-cert-ext.pem \
+ certs/csr.attr.der \
+ certs/csr.dsa.der \
+ certs/csr.dsa.pem \
+ certs/csr.signed.der \
+ certs/csr.ext.der \
+ certs/entity-no-ca-bool-cert.pem \
+ certs/entity-no-ca-bool-key.pem \
+ certs/x942dh2048.der \
+ certs/x942dh2048.pem \
+ certs/fpki-cert.der \
+ certs/rid-cert.der
EXTRA_DIST += \
- certs/ca-key.der \
- certs/ca-cert.der \
- certs/client-cert.der \
- certs/client-key.der \
- certs/client-ecc-cert.der \
- certs/client-keyPub.der \
- certs/client-keyPub.pem \
- certs/dh2048.der \
- certs/dh3072.der \
- certs/dh4096.der \
- certs/dh-pubkey-2048.der \
- certs/rsa2048.der \
- certs/rsa-pub-2048.pem \
- certs/rsa3072.der \
- certs/dsa2048.der \
- certs/dsa3072.der \
- certs/dsa-pubkey-2048.der \
- certs/ecc-client-key.der \
- certs/ecc-client-keyPub.der \
- certs/ecc-key.der \
- certs/ecc-keyPub.der \
- certs/server-key.der \
- certs/server-cert.der \
- certs/server-ecc-comp.der \
- certs/server-ecc.der \
- certs/server-ecc-self.der \
- certs/server-ecc-rsa.der \
- certs/server-cert-chain.der \
- certs/client-cert-ext.der
+ certs/ca-key.der \
+ certs/ca-cert.der \
+ certs/client-cert.der \
+ certs/client-key.der \
+ certs/client-ecc-cert.der \
+ certs/client-keyPub.der \
+ certs/client-keyPub.pem \
+ certs/dh2048.der \
+ certs/dh3072.der \
+ certs/dh4096.der \
+ certs/dh-pubkey-2048.der \
+ certs/rsa2048.der \
+ certs/rsa-pub-2048.pem \
+ certs/rsa3072.der \
+ certs/dsa2048.der \
+ certs/dsa3072.der \
+ certs/dsa-pubkey-2048.der \
+ certs/ecc-client-key.der \
+ certs/ecc-client-keyPub.der \
+ certs/ecc-key.der \
+ certs/ecc-keyPub.der \
+ certs/server-key.der \
+ certs/server-cert.der \
+ certs/server-ecc-comp.der \
+ certs/server-ecc.der \
+ certs/server-ecc-self.der \
+ certs/server-ecc-rsa.der \
+ certs/server-cert-chain.der \
+ certs/client-cert-ext.der
# ECC CA prime256v1
EXTRA_DIST += \
- certs/ca-ecc-cert.der \
- certs/ca-ecc-cert.pem \
- certs/ca-ecc-key.der \
- certs/ca-ecc-key.pem
+ certs/ca-ecc-cert.der \
+ certs/ca-ecc-cert.pem \
+ certs/ca-ecc-key.der \
+ certs/ca-ecc-key.pem
# ECC CA SECP384R1
EXTRA_DIST += \
- certs/ca-ecc384-cert.der \
- certs/ca-ecc384-cert.pem \
- certs/ca-ecc384-key.der \
- certs/ca-ecc384-key.pem
+ certs/ca-ecc384-cert.der \
+ certs/ca-ecc384-cert.pem \
+ certs/ca-ecc384-key.der \
+ certs/ca-ecc384-key.pem
dist_doc_DATA+= certs/taoCert.txt
@@ -123,6 +129,7 @@ include certs/ecc/include.am
include certs/ed25519/include.am
include certs/ed448/include.am
include certs/p521/include.am
+include certs/sm2/include.am
include certs/external/include.am
include certs/ocsp/include.am
include certs/statickeys/include.am
@@ -133,4 +140,5 @@ include certs/falcon/include.am
include certs/rsapss/include.am
include certs/dilithium/include.am
include certs/sphincs/include.am
+include certs/rpk/include.am
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der
index 860e92d5..39abb1b1 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem
index 5e9afd58..94750522 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem
@@ -5,79 +5,79 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:57 2020 GMT
- Not After : Jun 11 19:17:57 2040 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 22 12:10:09 2043 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public-Key: (2048 bit)
+ Public-Key: (2048 bit)
Modulus:
- 00:f2:23:28:f7:81:43:f0:63:b9:f2:77:7e:30:1a:
- 40:6b:e1:dd:6b:41:36:ee:7d:58:23:dc:56:e9:bb:
- e8:3b:11:58:c3:c3:b7:eb:98:5a:e9:76:12:cd:ef:
- 77:09:25:d3:6c:e6:3a:49:68:50:90:d7:32:e0:18:
- d6:05:df:f7:9e:d2:8f:7b:b5:91:5c:bf:3e:09:81:
- dd:79:ed:44:c2:93:f5:9d:a4:cb:0a:6b:63:b4:f0:
- ee:d1:dd:6c:e7:c6:b7:f1:30:d4:b7:54:28:18:11:
- fc:25:ac:5b:f1:b3:19:13:47:7d:7e:d9:45:97:3c:
- bb:b9:42:70:06:94:55:23:15:0b:84:ca:0c:15:c1:
- 6e:1a:1c:f9:54:c9:e6:e3:b8:c1:45:e5:5a:89:e1:
- f1:1b:1d:81:b7:34:07:17:28:5b:10:c7:a6:21:eb:
- 5d:89:11:a3:d0:39:60:34:ea:e1:75:fa:b8:7c:ee:
- c5:3f:64:6a:1d:b8:d8:a4:b2:82:98:31:11:e8:b5:
- 20:2d:03:e5:d1:61:35:a4:4b:b5:ad:a6:b7:72:71:
- 3e:86:38:0e:38:b6:5d:b5:ab:bf:3a:ba:1e:32:76:
- ba:54:4d:05:ca:4e:e2:83:df:30:64:11:9e:99:93:
- 3b:a6:fb:3b:df:7d:90:02:f4:b4:f1:e8:41:31:78:
- 02:3f
+ 00:c3:a2:73:5d:21:62:20:ce:3a:71:38:a7:94:bb:
+ db:87:04:1c:5a:1b:9e:4b:0d:3e:ca:f8:a5:f7:0d:
+ 6a:dc:23:90:22:6a:2b:58:63:4a:28:6a:48:a8:e7:
+ 73:1f:a2:55:d8:4d:02:3b:e2:cb:6b:e2:83:c9:51:
+ 8f:77:fd:dc:2d:5d:23:b7:23:9a:7e:b6:29:68:e8:
+ 2a:4e:a9:fe:32:70:31:9e:f0:ef:ee:f8:8d:e3:fc:
+ f3:d7:28:dd:7a:1d:9e:ad:23:2b:f1:a6:7f:34:52:
+ 29:66:d2:e5:64:55:64:d6:dd:4b:41:3b:55:83:6e:
+ c0:11:0e:6e:20:c2:16:73:eb:30:ff:09:46:bb:e7:
+ cc:c6:03:44:41:11:c6:c1:6c:36:2f:4a:f9:91:55:
+ ca:58:5e:37:b8:28:10:30:89:40:96:77:cf:70:66:
+ a4:55:fb:69:0b:e7:d9:b2:33:65:db:72:3a:77:b7:
+ 2b:49:fc:b6:cd:58:10:8d:ab:aa:cb:40:45:77:02:
+ 39:18:b3:8f:33:01:48:77:50:be:8e:73:a7:de:36:
+ a0:49:8e:2c:16:af:b9:fb:42:2d:35:6a:db:34:37:
+ d5:14:59:7d:65:72:e5:8b:65:55:4b:20:5e:47:f9:
+ f8:3a:d3:6c:d9:3a:f5:c7:01:46:31:c3:79:9a:18:
+ be:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 83:1C:F1:98:85:EC:6E:06:45:34:DE:51:C0:BA:B7:2B:67:32:66:4D
+ EF:69:E0:F7:D5:1D:E6:99:EC:DC:6D:D0:F7:E2:B9:5C:64:71:83:35
X509v3 Authority Key Identifier:
- keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
-
+ 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 7d:0d:5c:2a:19:e7:ee:5f:ca:2d:d4:59:54:b9:ca:33:18:3a:
- e3:22:2c:18:70:bb:c5:58:45:d9:82:bc:80:5d:90:d9:02:34:
- 6c:1a:4f:f1:6b:59:4e:cd:e1:ea:27:80:e6:e2:d8:7e:af:2b:
- ac:c1:62:e0:4d:e9:e6:74:99:fe:c0:50:cb:d3:7d:e5:2b:82:
- 0d:67:0d:14:b5:2c:6a:a2:7a:c2:dd:08:a7:40:2a:8f:a1:bf:
- 4d:53:75:5d:dd:c3:82:e5:e4:1f:04:b0:b6:a7:cc:55:6c:b4:
- d4:74:9e:9a:36:37:f0:32:69:97:44:fb:d2:22:1a:8b:95:34:
- 44:32:cc:2a:a9:76:f7:12:c7:b9:9b:f1:e5:a7:c7:d5:6d:12:
- ec:00:1d:21:b2:13:f2:33:e0:ea:e0:c8:63:7c:dd:06:c7:3c:
- ba:a4:bd:a0:9b:8d:a1:1a:7d:3a:d7:c9:f3:35:4e:c5:76:6b:
- 6d:50:d1:95:23:e8:c0:7f:3d:3f:45:08:10:77:6b:29:68:cc:
- dd:b6:20:f8:c1:15:4c:6f:e2:ab:9d:61:13:dd:bc:c5:e7:98:
- cc:23:29:ba:1c:b6:21:c0:b0:b6:e9:de:2b:43:d7:ca:7b:28:
- 6a:fa:4c:c9:39:4d:e1:40:ed:e6:c0:16:9d:69:b2:f9:bf:db:
- 50:27:3c:b3
+ Signature Value:
+ 83:d7:44:cb:2d:2e:1e:83:47:9b:e0:24:24:89:90:12:96:a8:
+ f4:c7:ac:ea:8c:dc:ff:93:40:bb:a2:3a:57:60:fd:94:b1:e2:
+ c9:56:be:a5:12:b5:b9:2a:50:57:48:fd:5b:90:96:7b:52:d3:
+ a4:3f:a2:3c:cb:2e:2d:a9:19:17:9a:30:b0:49:cd:78:25:98:
+ 1e:f5:3b:37:fa:ec:cb:4d:45:46:b8:45:7f:97:b6:f3:79:e6:
+ 2d:31:75:2c:80:f9:db:3b:af:94:31:6b:63:e4:5b:78:7f:6d:
+ 52:84:22:60:56:3b:37:0f:8b:7b:5f:5c:f6:f3:f0:1f:d9:00:
+ 8b:2a:ca:df:0e:03:94:90:d0:f4:ef:a5:47:8a:b6:7c:db:cf:
+ 05:47:70:73:5d:b2:41:44:a0:a0:0e:62:39:7f:cc:06:87:13:
+ 35:74:8c:9e:2c:46:2e:e5:0a:d3:92:7a:83:8d:22:8c:06:b3:
+ 2f:0d:5c:26:9a:e4:19:cb:61:45:5a:2a:cb:8e:91:e6:63:58:
+ 38:c3:14:db:07:8d:1a:9e:dd:f1:07:58:71:de:3d:0b:6c:c1:
+ 98:8b:66:33:26:d9:61:db:01:c7:30:b8:e8:0a:bf:7a:58:6b:
+ 98:6c:a7:3c:2c:f8:60:b7:05:7b:73:8b:d6:c5:c8:d5:5a:25:
+ 03:df:e7:fc
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der
index 4daec9a0..5cee2eab 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem
index 279ecc60..c8542f03 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem
@@ -5,48 +5,48 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:58 2020 GMT
- Not After : Jun 11 19:17:58 2040 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 22 12:10:09 2043 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA ECC, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
- 04:c6:9c:cd:8f:e5:ec:5b:d8:b0:fc:91:20:e2:0b:
- 3b:51:53:54:4b:89:43:8e:00:de:91:ae:d3:90:f3:
- 85:dc:cc:3d:11:08:15:76:82:e2:92:35:4a:d4:45:
- 8e:83:36:82:62:b8:4d:07:85:0b:a5:54:e0:14:e8:
- 93:de:7f:92:e8
+ 04:95:df:1c:b2:9e:20:a9:1d:a2:5b:ab:5c:9b:a8:
+ 66:06:29:e6:b2:d8:e3:14:a6:c3:c1:b4:ad:4d:44:
+ 18:20:1e:5d:67:fd:15:1d:6d:25:e1:17:b1:71:ca:
+ 85:03:f0:d2:af:41:66:46:36:6d:ea:41:cb:4f:c8:
+ 4a:d0:a0:61:8c
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
- 13:B5:79:59:32:B3:BB:B4:47:B3:34:0E:80:C0:83:1E:AA:82:C8:5B
+ 97:1D:60:C3:87:22:59:9B:60:1F:84:B4:99:1C:88:4D:BF:DA:1E:6E
X509v3 Authority Key Identifier:
- keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
-
+ 56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
- 30:46:02:21:00:8a:51:91:f6:92:c5:4a:69:65:db:5b:90:c3:
- 90:6a:c0:96:e7:26:7a:af:18:91:2c:6b:67:55:40:18:6c:c1:
- a6:02:21:00:96:cc:9d:37:ad:ea:79:52:6e:4d:41:93:db:64:
- 7f:e7:42:b9:f1:12:90:f4:84:5c:73:b1:21:d8:fb:55:fe:6f
+ Signature Value:
+ 30:46:02:21:00:e1:e7:6f:05:9e:1d:62:41:4e:9d:1e:38:67:
+ e9:9e:3b:65:dc:15:fc:eb:32:85:84:5e:02:f3:8e:7b:12:f7:
+ 99:02:21:00:92:77:65:b1:bd:fb:b2:a4:41:87:c9:9e:3d:e0:
+ 39:02:f3:db:42:31:bf:fb:6d:fd:74:be:a3:e3:74:fc:f5:64
-----BEGIN CERTIFICATE-----
MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der
index 564f83a2..f6af1f13 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem
index 4411ea1d..9f74b4f9 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem
@@ -5,80 +5,80 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:57 2020 GMT
- Not After : Jun 11 19:17:57 2040 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 22 12:10:09 2043 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public-Key: (2048 bit)
+ Public-Key: (2048 bit)
Modulus:
- 00:a0:2f:a1:02:30:5d:19:a1:8e:44:86:d4:93:f7:
- f1:53:ba:3f:d2:24:df:ff:cb:af:8f:a6:e7:f9:87:
- 9a:1f:00:cc:8f:40:86:78:3a:1b:9a:78:0e:e3:6e:
- da:f3:e7:6c:57:76:31:cf:03:21:9a:c8:79:29:60:
- db:ee:d8:a9:15:b4:67:5b:77:9a:86:f9:db:43:cc:
- a2:0f:91:e6:70:4f:1e:6e:14:b1:8d:f0:a1:e5:39:
- 77:a1:92:97:88:4a:26:f1:88:98:24:6c:fd:46:e2:
- 71:07:5d:af:d4:bc:a8:8c:5d:ee:43:08:da:a7:ec:
- 09:51:ed:ad:cd:75:8b:58:c7:a1:98:56:e7:19:78:
- 93:4b:53:77:b7:da:79:7d:70:84:bb:1d:e9:a0:3c:
- 02:bc:a7:96:fa:bb:98:90:ae:35:19:d0:e7:64:1e:
- 9d:09:a1:06:f2:c2:fd:cb:a3:29:2c:c0:79:f8:e9:
- e9:93:67:8c:35:2e:a1:49:a0:34:6c:38:1d:6b:4c:
- a5:ba:c7:84:80:95:17:12:cb:dd:a7:f6:2e:2c:c7:
- 0f:c1:54:1f:97:6c:01:3b:da:2e:c7:dc:53:c9:26:
- e6:9a:66:a8:7f:55:fa:cd:72:18:69:87:4e:8c:e4:
- 02:dd:f7:31:1a:a3:6e:cd:88:43:70:b4:34:6d:a6:
- 86:75
+ 00:cf:c9:3d:59:01:9f:1d:77:91:56:cb:ab:06:82:
+ c1:81:31:9a:e2:f9:c6:f9:a3:40:2d:86:42:d7:5f:
+ 41:a5:05:42:0f:5f:2b:6b:bd:29:92:e5:52:c6:5c:
+ f9:7e:9d:fb:8e:d6:69:8c:03:91:87:1c:1f:bf:24:
+ 59:44:cc:ef:af:92:2a:06:e1:a1:01:5b:04:57:8a:
+ 1a:b6:04:e2:c2:3c:10:3c:42:31:01:aa:c3:f2:32:
+ 1e:01:95:d0:91:a7:66:c1:22:68:36:53:2a:52:03:
+ eb:b5:9b:82:01:24:f9:d1:ae:fb:53:4c:5a:06:e5:
+ 6e:5a:d6:ac:5b:28:1a:53:e8:d7:a5:ce:6e:9c:34:
+ c3:08:0b:cb:2f:8e:df:ef:8c:35:f5:b0:bc:5d:0f:
+ ae:0a:4a:cf:54:01:d2:3c:b4:78:ee:48:10:56:80:
+ 4f:83:87:4e:67:1f:4f:17:2e:3e:2d:f5:6d:c9:07:
+ a2:3e:32:92:0f:1e:a4:0b:55:a6:1f:84:ef:9d:75:
+ ef:66:7c:75:f7:e7:40:3a:9c:c1:33:42:3d:2f:7f:
+ 99:5d:7b:04:d5:a9:6c:41:e8:89:16:58:fd:3a:a0:
+ 04:bd:77:d6:63:5e:6a:13:59:37:5f:f1:59:01:45:
+ 48:9c:8b:f7:16:f4:50:f7:5a:b4:5a:33:f6:f5:41:
+ c1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
- 7A:8B:1D:4E:A3:40:C8:CE:58:5F:8D:FC:FF:46:2C:75:41:D9:03:5E
+ 0D:C9:60:20:43:58:81:E0:9A:21:EF:66:16:DC:6E:21:25:DF:2B:45
X509v3 Authority Key Identifier:
- keyid:83:1C:F1:98:85:EC:6E:06:45:34:DE:51:C0:BA:B7:2B:67:32:66:4D
-
+ EF:69:E0:F7:D5:1D:E6:99:EC:DC:6D:D0:F7:E2:B9:5C:64:71:83:35
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0c:72:99:ed:e7:03:58:c2:2b:88:d2:aa:43:31:84:18:2f:de:
- c5:5d:e0:20:d8:54:3c:5e:2b:87:2a:9f:96:b1:ef:be:d7:c7:
- 27:71:68:ac:71:61:b8:6e:d1:aa:4b:2f:ef:d4:37:e7:bb:87:
- 90:63:48:38:9b:20:15:bd:bc:af:8a:b4:af:53:91:8e:84:11:
- 14:ea:6f:85:f4:4e:ba:0a:49:91:b3:19:99:2a:d1:f9:a7:a7:
- 6b:fd:7f:78:88:7b:d3:7d:2c:b1:9f:70:15:1a:db:86:9b:ce:
- b7:07:25:ec:39:8c:59:a3:d2:d1:cc:18:15:14:a0:85:4d:4f:
- fb:9a:47:2f:dc:66:c7:7d:7c:12:89:48:58:d4:cb:1a:1b:12:
- ba:9c:ed:5c:8c:bf:72:0e:5f:8e:42:34:4b:6c:3e:04:6f:d9:
- 50:e3:28:93:6b:13:fd:6b:d6:2d:1b:cd:fb:fe:0b:a3:8c:df:
- c8:e6:ad:9e:69:8a:93:96:d7:84:31:bb:ca:f2:db:e2:18:c9:
- f1:91:8a:c7:06:9f:c2:0a:e9:b4:5f:e3:7b:20:fc:1a:16:1c:
- 02:53:12:cd:66:45:55:6e:b1:c0:95:2d:2b:d6:19:b8:99:4e:
- 1f:1b:9c:fb:b9:fe:8c:7e:32:57:f3:80:e9:f8:be:25:2f:03:
- 46:3c:b3:0a
+ Signature Value:
+ 86:c3:f8:62:d2:10:a0:b4:da:78:e9:85:c5:99:04:24:9e:77:
+ 1a:58:a4:9f:26:c7:58:5b:b8:76:80:57:ce:20:a4:e5:de:21:
+ 21:3d:70:01:4d:0f:6d:5a:f6:3d:48:68:d2:38:c5:ea:d4:9f:
+ a4:00:b2:e4:de:70:6b:58:b9:a2:a9:9b:dd:a6:a6:8e:6c:c4:
+ f9:5f:d7:17:45:85:be:e8:2f:fb:d2:82:d2:ab:2c:e2:ff:35:
+ 20:b4:6c:06:7e:08:51:7a:af:19:73:58:f3:a8:48:65:0a:4f:
+ 67:44:7e:c0:fd:4b:94:94:b1:4c:56:85:7a:31:af:09:03:fa:
+ cc:5d:85:55:0b:ac:1b:6a:c9:aa:c4:bb:e4:e0:ad:42:38:f1:
+ 6f:74:d7:db:0c:ca:01:e0:f3:4a:c7:eb:f2:6e:30:c6:8e:a3:
+ cf:5a:45:0f:7f:98:92:31:20:fc:26:21:34:15:06:4f:29:a3:
+ 5c:15:11:5b:04:94:d5:2c:9b:1e:5b:61:65:dc:6e:6c:00:05:
+ 01:ce:2b:48:54:f9:91:2b:4c:8c:bb:db:94:b5:08:53:11:97:
+ 15:01:bc:65:28:b6:a2:83:5f:f0:d8:79:84:17:27:75:2a:54:
+ c8:07:31:d7:50:05:51:07:4f:57:c8:bf:49:75:35:a1:39:af:
+ 66:ec:26:e1
-----BEGIN CERTIFICATE-----
MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der
index aecf9592..a6904cc0 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem
index f2022a4e..20a06351 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem
@@ -5,49 +5,49 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA ECC, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:58 2020 GMT
- Not After : Jun 11 19:17:58 2040 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 22 12:10:09 2043 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA ECC, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
- 04:ea:16:28:2c:27:5e:41:99:05:28:8b:99:fa:c5:
- a2:74:3c:15:4d:52:f4:4b:2d:83:34:82:8e:d5:b6:
- 3f:61:d0:87:eb:f8:4c:06:5e:ed:66:1e:8c:ca:a4:
- f6:2a:76:4f:d7:26:09:4c:1e:89:b9:18:8e:d2:a3:
- 66:3c:1b:3d:cb
+ 04:c7:b4:a9:9f:32:fb:a2:8f:6a:f3:2e:c1:5d:ca:
+ 08:ec:c6:9f:13:ad:f5:3e:9d:75:f7:e4:f2:16:99:
+ 37:f7:89:73:cf:54:81:5f:16:0c:04:78:85:33:ef:
+ 92:a2:f7:86:3f:c7:a1:ba:0a:74:17:c2:45:7a:77:
+ 13:a9:13:fd:d3
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Subject Key Identifier:
- 1B:F4:BD:90:28:74:64:E3:33:5E:8B:64:A7:FC:AF:BA:F2:B9:55:E5
+ 9F:AE:7B:7A:70:80:04:55:2B:C6:B7:0C:5B:79:E4:12:41:65:31:29
X509v3 Authority Key Identifier:
- keyid:13:B5:79:59:32:B3:BB:B4:47:B3:34:0E:80:C0:83:1E:AA:82:C8:5B
-
+ 97:1D:60:C3:87:22:59:9B:60:1F:84:B4:99:1C:88:4D:BF:DA:1E:6E
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:1
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:20:4f:1b:d1:e1:d7:8e:73:b5:8b:f7:4d:0b:3d:fc:
- 12:bc:6f:7c:ad:b9:12:70:30:37:41:27:ec:6b:35:06:8e:47:
- 02:21:00:a1:55:91:b7:68:1e:32:66:37:68:10:0a:9f:36:ee:
- c3:97:2b:85:b8:3c:47:3c:4a:ed:13:c5:5b:59:bc:b5:29
+ Signature Value:
+ 30:46:02:21:00:85:d2:26:f9:75:6a:4b:e9:76:88:bb:37:d0:
+ 96:e6:bc:24:d0:8f:67:51:18:cf:69:58:b7:da:7b:c1:a3:da:
+ 41:02:21:00:fd:b7:36:be:ac:7c:43:6c:88:a8:b2:9b:2a:36:
+ 21:2e:64:20:dc:b5:9d:09:95:5b:33:29:93:88:9b:67:cb:0d
-----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem
index f3da8682..b6c7ce2a 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem
@@ -3,70 +3,70 @@ MIICyDCCAm2gAwIBAgICEAcwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
bGZTU0wgQ2xpZW50IENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW/9A9EUJo9zpu38MVN
9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJDhHYWxlaVBswBqb32dRpC972psjYiX8dd
f7SjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYE
-FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFBv0vZAodGTjM16LZKf8
-r7ryuVXlMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
-BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAK6CPTUWc9Ue5ac0zydwQpncWVqKNiU3
-gYnFhKaVgJ2tAiEA2Y4dfm0koH4xgiUJ6OHYtrpOmV+5TeNmPhFhuuIqeuM=
+FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFJ+ue3pwgARVK8a3DFt5
+5BJBZTEpMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAOD7alvrubi1X6XcihvnRLWc+kSktUr/
+ijQ9hxJst+ILAiEA8J5CctyYX1GIKkTeUthW0yMfRBIEyuBsPkOeRcZE3Gg=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem
index d1e4672c..5a6f4d13 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem
@@ -3,7 +3,7 @@ MIIESzCCAzOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
ZlNTTCBDbGllbnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,83 +14,83 @@ QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ6KgIMIGvIAtDFMV0Z7Qygm+N
hsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8ASA9ROcg1QbTujO6OZXp3I2QyF
s9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4wxJeEhi1WL9cV93/ArvX8W+X7
obrTAgMBAAGjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
-VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFHqLHU6jQMjO
-WF+N/P9GLHVB2QNeMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
-AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAD37nA7EM00jkoUtSldJc0AV
-Kv/Ce+VmdWoG3r0Ji/3yQeW4r5Zc1Z5voFL6EBKwcY0gQ5kWKjlG7fU6swM1nYUe
-5+75YUudIKIWdmlndwaD9cCXDNmxtdZ9d8CTJ6kn8DG0rI1zPPFzGXSv92cHaL3F
-KJOI3ZCxEp9kprrEwEZ84wrbrsc5bJwBCrpk23TlAnI4zY6yLu8YwqbnbT+PxJLK
-reAMivJIyuEcySCm3tPFI1R9EMfb9Yw5snlRP/PXFfIiR5t7ANhU48BzIWh81vLM
-+rMnhagqZcdthdF3YnnPZD0kbMzSW7z++qmj6YWFH4eNbW/b8KS2WajxN6WNP50=
+VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFA3JYCBDWIHg
+miHvZhbcbiEl3ytFMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAMVo04Y2fc78PfvmRBzmYJuK
+Q+zpya5skGuORdHkG44IQoksOYHD2kfNWwvZW9KXK2sSACTr5AodtXxQ4YzH8/+B
+x4yF5VALgx3gqhxyjjhjsfeQWNKd46XDAyfL88ntKE9hm+oJZdUJ/PZXfm9wVRNm
++gZmchzaTRM0YAuHnyuyVqxigG7nWjCj6yw4LKmoegixFomZVEyOizD5QmZPX3Yr
+oYWZ3Nai1TVYfqvgi59ba8HivCDfesspp9xen2KKY/Mh5hlcmqp1JvTxqKlXOeWD
+ZuRW0xH9O/oER/Pf5KC0COxPKf/shBdi9215zVIYYJXboR8agBEmc9ve60de5Ks=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der
index 5607711f..e377962f 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem
index bc3a2a33..4fba298d 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem
@@ -3,48 +3,48 @@ MIICyDCCAm2gAwIBAgICEAcwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
bGZTU0wgQ2xpZW50IENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW/9A9EUJo9zpu38MVN
9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJDhHYWxlaVBswBqb32dRpC972psjYiX8dd
f7SjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYE
-FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFBv0vZAodGTjM16LZKf8
-r7ryuVXlMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
-BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAK6CPTUWc9Ue5ac0zydwQpncWVqKNiU3
-gYnFhKaVgJ2tAiEA2Y4dfm0koH4xgiUJ6OHYtrpOmV+5TeNmPhFhuuIqeuM=
+FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFJ+ue3pwgARVK8a3DFt5
+5BJBZTEpMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAOD7alvrubi1X6XcihvnRLWc+kSktUr/
+ijQ9hxJst+ILAiEA8J5CctyYX1GIKkTeUthW0yMfRBIEyuBsPkOeRcZE3Gg=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der
index 3e38c936..9a7af954 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem
index 328737b2..c8646b29 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem
@@ -3,7 +3,7 @@ MIIESzCCAzOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
ZlNTTCBDbGllbnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,61 +14,61 @@ QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ6KgIMIGvIAtDFMV0Z7Qygm+N
hsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8ASA9ROcg1QbTujO6OZXp3I2QyF
s9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4wxJeEhi1WL9cV93/ArvX8W+X7
obrTAgMBAAGjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
-VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFHqLHU6jQMjO
-WF+N/P9GLHVB2QNeMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
-AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAD37nA7EM00jkoUtSldJc0AV
-Kv/Ce+VmdWoG3r0Ji/3yQeW4r5Zc1Z5voFL6EBKwcY0gQ5kWKjlG7fU6swM1nYUe
-5+75YUudIKIWdmlndwaD9cCXDNmxtdZ9d8CTJ6kn8DG0rI1zPPFzGXSv92cHaL3F
-KJOI3ZCxEp9kprrEwEZ84wrbrsc5bJwBCrpk23TlAnI4zY6yLu8YwqbnbT+PxJLK
-reAMivJIyuEcySCm3tPFI1R9EMfb9Yw5snlRP/PXFfIiR5t7ANhU48BzIWh81vLM
-+rMnhagqZcdthdF3YnnPZD0kbMzSW7z++qmj6YWFH4eNbW/b8KS2WajxN6WNP50=
+VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFA3JYCBDWIHg
+miHvZhbcbiEl3ytFMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAMVo04Y2fc78PfvmRBzmYJuK
+Q+zpya5skGuORdHkG44IQoksOYHD2kfNWwvZW9KXK2sSACTr5AodtXxQ4YzH8/+B
+x4yF5VALgx3gqhxyjjhjsfeQWNKd46XDAyfL88ntKE9hm+oJZdUJ/PZXfm9wVRNm
++gZmchzaTRM0YAuHnyuyVqxigG7nWjCj6yw4LKmoegixFomZVEyOizD5QmZPX3Yr
+oYWZ3Nai1TVYfqvgi59ba8HivCDfesspp9xen2KKY/Mh5hlcmqp1JvTxqKlXOeWD
+ZuRW0xH9O/oER/Pf5KC0COxPKf/shBdi9215zVIYYJXboR8agBEmc9ve60de5Ks=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der
index e9f26c9e..f0c079e9 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem
index 0a999e3a..ecca9d96 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem
@@ -5,12 +5,12 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:58 2020 GMT
- Not After : Jun 14 19:17:58 2030 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 24 12:10:09 2033 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Client Chain, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public-Key: (2048 bit)
+ Public-Key: (2048 bit)
Modulus:
00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
@@ -39,34 +39,34 @@ Certificate:
X509v3 Subject Key Identifier:
33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
X509v3 Authority Key Identifier:
- keyid:7A:8B:1D:4E:A3:40:C8:CE:58:5F:8D:FC:FF:46:2C:75:41:D9:03:5E
-
+ 0D:C9:60:20:43:58:81:E0:9A:21:EF:66:16:DC:6E:21:25:DF:2B:45
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: sha256WithRSAEncryption
- 3d:fb:9c:0e:c4:33:4d:23:92:85:2d:4a:57:49:73:40:15:2a:
- ff:c2:7b:e5:66:75:6a:06:de:bd:09:8b:fd:f2:41:e5:b8:af:
- 96:5c:d5:9e:6f:a0:52:fa:10:12:b0:71:8d:20:43:99:16:2a:
- 39:46:ed:f5:3a:b3:03:35:9d:85:1e:e7:ee:f9:61:4b:9d:20:
- a2:16:76:69:67:77:06:83:f5:c0:97:0c:d9:b1:b5:d6:7d:77:
- c0:93:27:a9:27:f0:31:b4:ac:8d:73:3c:f1:73:19:74:af:f7:
- 67:07:68:bd:c5:28:93:88:dd:90:b1:12:9f:64:a6:ba:c4:c0:
- 46:7c:e3:0a:db:ae:c7:39:6c:9c:01:0a:ba:64:db:74:e5:02:
- 72:38:cd:8e:b2:2e:ef:18:c2:a6:e7:6d:3f:8f:c4:92:ca:ad:
- e0:0c:8a:f2:48:ca:e1:1c:c9:20:a6:de:d3:c5:23:54:7d:10:
- c7:db:f5:8c:39:b2:79:51:3f:f3:d7:15:f2:22:47:9b:7b:00:
- d8:54:e3:c0:73:21:68:7c:d6:f2:cc:fa:b3:27:85:a8:2a:65:
- c7:6d:85:d1:77:62:79:cf:64:3d:24:6c:cc:d2:5b:bc:fe:fa:
- a9:a3:e9:85:85:1f:87:8d:6d:6f:db:f0:a4:b6:59:a8:f1:37:
- a5:8d:3f:9d
+ Signature Value:
+ c5:68:d3:86:36:7d:ce:fc:3d:fb:e6:44:1c:e6:60:9b:8a:43:
+ ec:e9:c9:ae:6c:90:6b:8e:45:d1:e4:1b:8e:08:42:89:2c:39:
+ 81:c3:da:47:cd:5b:0b:d9:5b:d2:97:2b:6b:12:00:24:eb:e4:
+ 0a:1d:b5:7c:50:e1:8c:c7:f3:ff:81:c7:8c:85:e5:50:0b:83:
+ 1d:e0:aa:1c:72:8e:38:63:b1:f7:90:58:d2:9d:e3:a5:c3:03:
+ 27:cb:f3:c9:ed:28:4f:61:9b:ea:09:65:d5:09:fc:f6:57:7e:
+ 6f:70:55:13:66:fa:06:66:72:1c:da:4d:13:34:60:0b:87:9f:
+ 2b:b2:56:ac:62:80:6e:e7:5a:30:a3:eb:2c:38:2c:a9:a8:7a:
+ 08:b1:16:89:99:54:4c:8e:8b:30:f9:42:66:4f:5f:76:2b:a1:
+ 85:99:dc:d6:a2:d5:35:58:7e:ab:e0:8b:9f:5b:6b:c1:e2:bc:
+ 20:df:7a:cb:29:a7:dc:5e:9f:62:8a:63:f3:21:e6:19:5c:9a:
+ aa:75:26:f4:f1:a8:a9:57:39:e5:83:66:e4:56:d3:11:fd:3b:
+ fa:04:47:f3:df:e4:a0:b4:08:ec:4f:29:ff:ec:84:17:62:f7:
+ 6d:79:cd:52:18:60:95:db:a1:1f:1a:80:11:26:73:db:de:eb:
+ 47:5e:e4:ab
-----BEGIN CERTIFICATE-----
MIIESzCCAzOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
ZlNTTCBDbGllbnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,12 +77,12 @@ QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ6KgIMIGvIAtDFMV0Z7Qygm+N
hsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8ASA9ROcg1QbTujO6OZXp3I2QyF
s9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4wxJeEhi1WL9cV93/ArvX8W+X7
obrTAgMBAAGjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
-VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFHqLHU6jQMjO
-WF+N/P9GLHVB2QNeMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
-AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAD37nA7EM00jkoUtSldJc0AV
-Kv/Ce+VmdWoG3r0Ji/3yQeW4r5Zc1Z5voFL6EBKwcY0gQ5kWKjlG7fU6swM1nYUe
-5+75YUudIKIWdmlndwaD9cCXDNmxtdZ9d8CTJ6kn8DG0rI1zPPFzGXSv92cHaL3F
-KJOI3ZCxEp9kprrEwEZ84wrbrsc5bJwBCrpk23TlAnI4zY6yLu8YwqbnbT+PxJLK
-reAMivJIyuEcySCm3tPFI1R9EMfb9Yw5snlRP/PXFfIiR5t7ANhU48BzIWh81vLM
-+rMnhagqZcdthdF3YnnPZD0kbMzSW7z++qmj6YWFH4eNbW/b8KS2WajxN6WNP50=
+VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFA3JYCBDWIHg
+miHvZhbcbiEl3ytFMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAMVo04Y2fc78PfvmRBzmYJuK
+Q+zpya5skGuORdHkG44IQoksOYHD2kfNWwvZW9KXK2sSACTr5AodtXxQ4YzH8/+B
+x4yF5VALgx3gqhxyjjhjsfeQWNKd46XDAyfL88ntKE9hm+oJZdUJ/PZXfm9wVRNm
++gZmchzaTRM0YAuHnyuyVqxigG7nWjCj6yw4LKmoegixFomZVEyOizD5QmZPX3Yr
+oYWZ3Nai1TVYfqvgi59ba8HivCDfesspp9xen2KKY/Mh5hlcmqp1JvTxqKlXOeWD
+ZuRW0xH9O/oER/Pf5KC0COxPKf/shBdi9215zVIYYJXboR8agBEmc9ve60de5Ks=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der
index 794f5eea..05fc6b8e 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem
index e69590f1..b43c07c7 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA ECC, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:58 2020 GMT
- Not After : Jun 14 19:17:58 2030 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 24 12:10:09 2033 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Client Chain ECC, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -27,31 +27,31 @@ Certificate:
X509v3 Subject Key Identifier:
EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
X509v3 Authority Key Identifier:
- keyid:1B:F4:BD:90:28:74:64:E3:33:5E:8B:64:A7:FC:AF:BA:F2:B9:55:E5
-
+ 9F:AE:7B:7A:70:80:04:55:2B:C6:B7:0C:5B:79:E4:12:41:65:31:29
X509v3 Key Usage: critical
Digital Signature, Non Repudiation, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, E-mail Protection
Signature Algorithm: ecdsa-with-SHA256
- 30:46:02:21:00:ae:82:3d:35:16:73:d5:1e:e5:a7:34:cf:27:
- 70:42:99:dc:59:5a:8a:36:25:37:81:89:c5:84:a6:95:80:9d:
- ad:02:21:00:d9:8e:1d:7e:6d:24:a0:7e:31:82:25:09:e8:e1:
- d8:b6:ba:4e:99:5f:b9:4d:e3:66:3e:11:61:ba:e2:2a:7a:e3
+ Signature Value:
+ 30:46:02:21:00:e0:fb:6a:5b:eb:b9:b8:b5:5f:a5:dc:8a:1b:
+ e7:44:b5:9c:fa:44:a4:b5:4a:ff:8a:34:3d:87:12:6c:b7:e2:
+ 0b:02:21:00:f0:9e:42:72:dc:98:5f:51:88:2a:44:de:52:d8:
+ 56:d3:23:1f:44:12:04:ca:e0:6c:3e:43:9e:45:c6:44:dc:68
-----BEGIN CERTIFICATE-----
MIICyDCCAm2gAwIBAgICEAcwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
bGZTU0wgQ2xpZW50IENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW/9A9EUJo9zpu38MVN
9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJDhHYWxlaVBswBqb32dRpC972psjYiX8dd
f7SjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYE
-FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFBv0vZAodGTjM16LZKf8
-r7ryuVXlMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
-BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAK6CPTUWc9Ue5ac0zydwQpncWVqKNiU3
-gYnFhKaVgJ2tAiEA2Y4dfm0koH4xgiUJ6OHYtrpOmV+5TeNmPhFhuuIqeuM=
+FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFJ+ue3pwgARVK8a3DFt5
+5BJBZTEpMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAOD7alvrubi1X6XcihvnRLWc+kSktUr/
+ijQ9hxJst+ILAiEA8J5CctyYX1GIKkTeUthW0yMfRBIEyuBsPkOeRcZE3Gg=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh b/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh
index 68e61dd3..8ed892f2 100755
--- a/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh
+++ b/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh
@@ -262,6 +262,10 @@ echo "Assemble test chains - peer first, then intermediate2, then intermediate"
openssl x509 -in ./certs/intermediate/server-int-cert.pem > ./certs/intermediate/server-chain.pem
openssl x509 -in ./certs/intermediate/ca-int2-cert.pem >> ./certs/intermediate/server-chain.pem
openssl x509 -in ./certs/intermediate/ca-int-cert.pem >> ./certs/intermediate/server-chain.pem
+
+openssl x509 -in ./certs/intermediate/server-int-cert.pem > ./certs/intermediate/server-chain-short.pem
+openssl x509 -in ./certs/intermediate/ca-int2-cert.pem >> ./certs/intermediate/server-chain-short.pem
+
cat ./certs/intermediate/server-int-cert.der ./certs/intermediate/ca-int2-cert.der ./certs/intermediate/ca-int-cert.der > ./certs/intermediate/server-chain.der
openssl x509 -in ./certs/intermediate/client-int-cert.pem > ./certs/intermediate/client-chain.pem
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/include.am b/extra/wolfssl/wolfssl/certs/intermediate/include.am
index d3c469e9..f480880d 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/include.am
+++ b/extra/wolfssl/wolfssl/certs/intermediate/include.am
@@ -34,6 +34,7 @@ EXTRA_DIST += \
certs/intermediate/server-chain-alt.pem \
certs/intermediate/server-chain-ecc.der \
certs/intermediate/server-chain-ecc.pem \
+ certs/intermediate/server-chain-short.pem \
certs/intermediate/server-chain.der \
certs/intermediate/server-chain.pem \
certs/intermediate/server-int-cert.der \
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem
index 0121960e..68cfad9f 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem
@@ -1,76 +1,76 @@
-----BEGIN CERTIFICATE-----
-MIIDczCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
+MIIDcjCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
bGZTU0wgU2VydmVyIENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzze
nzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0
idijggE6MIIBNjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4E
-FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUG/S9kCh0ZOMz
-Xotkp/yvuvK5VeWhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
+FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUn657enCABFUr
+xrcMW3nkEkFlMSmhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
aW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYD
VQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1lZGlhdGUg
Q0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggIQBTAOBgNV
-HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAw
-RgIhAJjQ4vmJyrJ0NqczC/4UkBBFei1tQETbCOxFeYtOkeDVAiEA6hEbwbWVvL/Z
-9Zk30dLmuKoZvZdCCbsKUWxOomFy6EQ=
+HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSAAw
+RQIhAM2Jz84maR/vYDetyePIYQb6+rhvPGsSVaD/4vqf+EeTAiBpSi4/DcbnTtEp
+5TcCA6ktiL74CL4eyw0GoyGPqGCjtQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem
index 4adc6348..74cf132f 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem
@@ -3,7 +3,7 @@ MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,87 +14,87 @@ Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
/WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
-BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUeosd
-TqNAyM5YX438/0YsdUHZA16hgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
-AAOCAQEAkpC/Vl2YIc7WCo18r7qbWdgzwSEPbzEcE8Wf3qh97+XFC4t+GMud2N7J
-PTLu/9CJmDszaNvNZl6d7tpTNGUh40P2p7J5tXksLiM/PmFZgIj9w8UE6a1SqVh9
-78WnhRpVYOENfhHIulnYxh02BGOOfa8o/RN6MvUp1wrvBjyFkLbGTzmxGO6+F6VE
-F4ezlKE0Ykx3yAaTyAP18qpb/9CarfOyyluBVO8bOfjGd/GAUA8MbpQUYqP8mY7S
-4za4JRttVdIbIZfThOaW7p+zAERwOp/8YuJCGpMe/J7sjRx6GrETRk7rDSi5TQjm
-CTHAuy4H4MupWgaHxI66ay91VIU29Q==
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der
index 38a81511..735ae9a5 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem
index b70b27d1..82a0b147 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem
@@ -1,54 +1,54 @@
-----BEGIN CERTIFICATE-----
-MIIDczCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
+MIIDcjCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
bGZTU0wgU2VydmVyIENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzze
nzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0
idijggE6MIIBNjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4E
-FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUG/S9kCh0ZOMz
-Xotkp/yvuvK5VeWhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
+FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUn657enCABFUr
+xrcMW3nkEkFlMSmhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
aW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYD
VQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1lZGlhdGUg
Q0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggIQBTAOBgNV
-HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAw
-RgIhAJjQ4vmJyrJ0NqczC/4UkBBFei1tQETbCOxFeYtOkeDVAiEA6hEbwbWVvL/Z
-9Zk30dLmuKoZvZdCCbsKUWxOomFy6EQ=
+HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSAAw
+RQIhAM2Jz84maR/vYDetyePIYQb6+rhvPGsSVaD/4vqf+EeTAiBpSi4/DcbnTtEp
+5TcCA6ktiL74CL4eyw0GoyGPqGCjtQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem
new file mode 100644
index 00000000..778bd9c0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem
@@ -0,0 +1,54 @@
+-----BEGIN CERTIFICATE-----
+MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
+DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
+TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
+AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
+VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
+ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVB
+JwFlxkWu8rwkMLiVzi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2So
+F/zKXXu64CHlci5vLobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCg
+Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
+/WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
+I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
+T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
+MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
+ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
+A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
+DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
+TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
+BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
+U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der
index 7bf08926..64579ed5 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem
index 3a583b93..5a9239af 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem
@@ -3,7 +3,7 @@ MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,65 +14,65 @@ Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
/WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
-BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUeosd
-TqNAyM5YX438/0YsdUHZA16hgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
-AAOCAQEAkpC/Vl2YIc7WCo18r7qbWdgzwSEPbzEcE8Wf3qh97+XFC4t+GMud2N7J
-PTLu/9CJmDszaNvNZl6d7tpTNGUh40P2p7J5tXksLiM/PmFZgIj9w8UE6a1SqVh9
-78WnhRpVYOENfhHIulnYxh02BGOOfa8o/RN6MvUp1wrvBjyFkLbGTzmxGO6+F6VE
-F4ezlKE0Ykx3yAaTyAP18qpb/9CarfOyyluBVO8bOfjGd/GAUA8MbpQUYqP8mY7S
-4za4JRttVdIbIZfThOaW7p+zAERwOp/8YuJCGpMe/J7sjRx6GrETRk7rDSi5TQjm
-CTHAuy4H4MupWgaHxI66ay91VIU29Q==
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der
index b070160d..79ea3b64 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem
index 507c5d53..b736ebf4 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem
@@ -5,12 +5,12 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:58 2020 GMT
- Not After : Jun 14 19:17:58 2030 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 24 12:10:09 2033 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Server Chain, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
- RSA Public-Key: (2048 bit)
+ Public-Key: (2048 bit)
Modulus:
00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
@@ -39,36 +39,36 @@ Certificate:
X509v3 Subject Key Identifier:
B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
X509v3 Authority Key Identifier:
- keyid:7A:8B:1D:4E:A3:40:C8:CE:58:5F:8D:FC:FF:46:2C:75:41:D9:03:5E
+ keyid:0D:C9:60:20:43:58:81:E0:9A:21:EF:66:16:DC:6E:21:25:DF:2B:45
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=wolfSSL Intermediate CA/emailAddress=info@wolfssl.com
serial:10:01
-
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: sha256WithRSAEncryption
- 92:90:bf:56:5d:98:21:ce:d6:0a:8d:7c:af:ba:9b:59:d8:33:
- c1:21:0f:6f:31:1c:13:c5:9f:de:a8:7d:ef:e5:c5:0b:8b:7e:
- 18:cb:9d:d8:de:c9:3d:32:ee:ff:d0:89:98:3b:33:68:db:cd:
- 66:5e:9d:ee:da:53:34:65:21:e3:43:f6:a7:b2:79:b5:79:2c:
- 2e:23:3f:3e:61:59:80:88:fd:c3:c5:04:e9:ad:52:a9:58:7d:
- ef:c5:a7:85:1a:55:60:e1:0d:7e:11:c8:ba:59:d8:c6:1d:36:
- 04:63:8e:7d:af:28:fd:13:7a:32:f5:29:d7:0a:ef:06:3c:85:
- 90:b6:c6:4f:39:b1:18:ee:be:17:a5:44:17:87:b3:94:a1:34:
- 62:4c:77:c8:06:93:c8:03:f5:f2:aa:5b:ff:d0:9a:ad:f3:b2:
- ca:5b:81:54:ef:1b:39:f8:c6:77:f1:80:50:0f:0c:6e:94:14:
- 62:a3:fc:99:8e:d2:e3:36:b8:25:1b:6d:55:d2:1b:21:97:d3:
- 84:e6:96:ee:9f:b3:00:44:70:3a:9f:fc:62:e2:42:1a:93:1e:
- fc:9e:ec:8d:1c:7a:1a:b1:13:46:4e:eb:0d:28:b9:4d:08:e6:
- 09:31:c0:bb:2e:07:e0:cb:a9:5a:06:87:c4:8e:ba:6b:2f:75:
- 54:85:36:f5
+ Signature Value:
+ 49:27:f0:d8:01:dc:ea:a6:f0:94:bf:22:6d:c7:a6:f9:1f:08:
+ 7e:75:b1:96:ac:56:51:e0:72:8b:65:2c:39:b7:74:78:97:da:
+ 21:52:d1:43:4c:d7:09:0e:13:80:8a:e8:45:90:0f:39:e4:72:
+ df:40:08:21:f4:b5:69:a5:c2:04:21:57:d8:6b:91:17:d4:55:
+ dc:73:6e:d7:cc:c7:d8:c1:66:ee:94:6f:18:47:8d:23:cf:c2:
+ a4:3d:a4:45:d2:1a:7c:b8:23:79:e2:b4:ac:71:26:a4:1a:e3:
+ a2:97:da:c8:85:00:e7:1f:7b:b2:05:db:ed:95:d8:16:59:0b:
+ 7b:23:01:eb:e6:4f:70:c2:ae:b7:7e:5b:2c:5a:73:6e:d2:a8:
+ a6:3e:1b:9e:78:b5:3b:7d:1f:5f:a9:4b:ca:83:41:7f:48:18:
+ b6:99:b9:8f:56:6c:33:0a:70:ca:6e:a6:f0:93:5d:3a:92:31:
+ 2d:c7:7c:1a:50:40:49:5d:d4:b2:8d:9a:d0:18:37:4e:25:a1:
+ 98:3c:ff:5f:3b:13:5e:4a:bc:f9:1c:c9:2a:9f:f2:f6:70:f2:
+ f6:ec:e2:23:26:27:c8:8a:e8:0a:81:70:5f:6a:67:fc:57:6c:
+ 6f:da:fe:33:3f:21:96:65:b6:4f:f8:89:5a:92:0e:e1:2e:fd:
+ 0e:16:f5:6e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -79,16 +79,16 @@ Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
/WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
-BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUeosd
-TqNAyM5YX438/0YsdUHZA16hgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
-AAOCAQEAkpC/Vl2YIc7WCo18r7qbWdgzwSEPbzEcE8Wf3qh97+XFC4t+GMud2N7J
-PTLu/9CJmDszaNvNZl6d7tpTNGUh40P2p7J5tXksLiM/PmFZgIj9w8UE6a1SqVh9
-78WnhRpVYOENfhHIulnYxh02BGOOfa8o/RN6MvUp1wrvBjyFkLbGTzmxGO6+F6VE
-F4ezlKE0Ykx3yAaTyAP18qpb/9CarfOyyluBVO8bOfjGd/GAUA8MbpQUYqP8mY7S
-4za4JRttVdIbIZfThOaW7p+zAERwOp/8YuJCGpMe/J7sjRx6GrETRk7rDSi5TQjm
-CTHAuy4H4MupWgaHxI66ay91VIU29Q==
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der
index 3ea01614..f039ff20 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem
index 35039829..d9c96baf 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA ECC, emailAddress = info@wolfssl.com
Validity
- Not Before: Jun 16 19:17:58 2020 GMT
- Not After : Jun 14 19:17:58 2030 GMT
+ Not Before: Sep 27 12:10:09 2023 GMT
+ Not After : Sep 24 12:10:09 2033 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Server Chain ECC, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -27,37 +27,37 @@ Certificate:
X509v3 Subject Key Identifier:
5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
X509v3 Authority Key Identifier:
- keyid:1B:F4:BD:90:28:74:64:E3:33:5E:8B:64:A7:FC:AF:BA:F2:B9:55:E5
+ keyid:9F:AE:7B:7A:70:80:04:55:2B:C6:B7:0C:5B:79:E4:12:41:65:31:29
DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=wolfSSL Intermediate CA ECC/emailAddress=info@wolfssl.com
serial:10:05
-
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:46:02:21:00:98:d0:e2:f9:89:ca:b2:74:36:a7:33:0b:fe:
- 14:90:10:45:7a:2d:6d:40:44:db:08:ec:45:79:8b:4e:91:e0:
- d5:02:21:00:ea:11:1b:c1:b5:95:bc:bf:d9:f5:99:37:d1:d2:
- e6:b8:aa:19:bd:97:42:09:bb:0a:51:6c:4e:a2:61:72:e8:44
+ Signature Value:
+ 30:45:02:21:00:cd:89:cf:ce:26:69:1f:ef:60:37:ad:c9:e3:
+ c8:61:06:fa:fa:b8:6f:3c:6b:12:55:a0:ff:e2:fa:9f:f8:47:
+ 93:02:20:69:4a:2e:3f:0d:c6:e7:4e:d1:29:e5:37:02:03:a9:
+ 2d:88:be:f8:08:be:1e:cb:0d:06:a3:21:8f:a8:60:a3:b5
-----BEGIN CERTIFICATE-----
-MIIDczCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
+MIIDcjCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
bGZTU0wgU2VydmVyIENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzze
nzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0
idijggE6MIIBNjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4E
-FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUG/S9kCh0ZOMz
-Xotkp/yvuvK5VeWhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
+FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUn657enCABFUr
+xrcMW3nkEkFlMSmhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
aW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYD
VQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1lZGlhdGUg
Q0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggIQBTAOBgNV
-HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAw
-RgIhAJjQ4vmJyrJ0NqczC/4UkBBFei1tQETbCOxFeYtOkeDVAiEA6hEbwbWVvL/Z
-9Zk30dLmuKoZvZdCCbsKUWxOomFy6EQ=
+HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSAAw
+RQIhAM2Jz84maR/vYDetyePIYQb6+rhvPGsSVaD/4vqf+EeTAiBpSi4/DcbnTtEp
+5TcCA6ktiL74CL4eyw0GoyGPqGCjtQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem
index 97ed94ba..ebf186e6 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 5e:61:82:66:fd:b6:45:75:94:55:50:b9:ee:97:1a:48:73:ad:
- 24:ba:19:ee:ce:e9:f3:07:ac:51:32:10:56:6a:c8:94:d0:ff:
- 8b:37:e9:a9:de:29:e3:99:39:9f:84:f5:2b:de:57:de:d2:d9:
- 44:b1:2b:03:9a:88:d2:d5:a8:48:f9:29:04:3d:f6:c0:60:06:
- 13:c3:2e:4c:73:c2:c9:6a:07:0a:70:4f:4c:2e:8c:02:63:97:
- 9e:70:2c:9c:fa:fb:cf:a9:2e:9c:e5:2f:14:43:3f:fb:61:6d:
- fd:17:b9:94:f2:cd:c7:24:7e:e2:ba:3e:b9:76:df:52:d0:f7:
- 2b:64:c1:31:e2:80:0f:ff:b1:7c:d2:af:14:4b:ec:dd:79:a7:
- 23:c9:68:6a:e7:c6:2d:67:27:e7:37:d1:f8:93:37:58:e2:f3:
- 9c:4d:38:5d:58:03:d1:30:f7:a6:ff:45:fe:69:11:d6:39:1e:
- 11:d6:5b:42:75:c7:6c:cd:27:1f:59:98:88:03:a0:0f:fa:ad:
- 28:2d:50:7b:b4:dc:7c:d4:5b:92:03:d0:55:dc:62:26:8f:50:
- d0:6b:f8:c4:89:2b:8b:d1:77:5b:e9:68:b6:0a:15:1f:de:97:
- f2:4d:a5:ad:d0:3c:d6:68:e8:4c:f8:a1:ac:44:a8:82:55:76:
- 61:18:af:2d
+ 1c:06:f6:58:ee:a2:4d:11:dd:ce:51:2a:ea:3c:1e:13:62:2b:
+ e2:04:6d:ca:67:2b:14:1b:de:3e:72:7b:d2:12:29:59:e9:bd:
+ 3f:37:1f:9b:9c:15:84:40:10:c2:7b:1c:1f:16:2c:4e:f5:b7:
+ bb:7e:24:79:7a:e6:6b:6e:66:cf:4f:04:e5:31:b9:63:12:80:
+ 89:61:fc:ae:47:b3:bd:b0:63:d8:aa:77:ba:25:53:e5:f7:ca:
+ 63:d5:7f:6e:80:ed:75:c9:47:59:df:7a:82:87:2e:b8:cf:87:
+ c4:9a:0c:2f:ee:a9:a8:5a:7e:2b:55:30:e9:8b:05:f3:ab:60:
+ 7f:49:bd:16:de:73:8d:8f:72:48:35:23:a1:88:88:a8:9a:01:
+ 19:6c:6e:06:cf:c3:47:d9:68:0e:42:c3:84:d9:23:71:36:73:
+ c4:9d:bc:ed:f7:9b:e3:a0:8d:89:ac:ec:e7:75:22:1f:99:74:
+ 5b:4c:5b:b5:25:e1:7f:02:f3:07:ae:4f:b1:0b:21:f9:17:78:
+ 1a:b4:c6:8f:03:91:fb:b2:95:ff:6d:de:37:39:4a:57:c1:8c:
+ da:91:3a:4c:cc:fa:27:9a:4f:42:cb:4c:15:c7:08:34:8f:03:
+ a8:f1:2e:df:64:c5:ec:57:e1:90:77:2f:49:90:c1:23:4d:7b:
+ 9e:44:fb:08
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -84,12 +84,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAF5hgmb9tkV1lFVQue6XGkhzrSS6Ge7O6fMHrFEyEFZqyJTQ/4s36aneKeOZ
-OZ+E9SveV97S2USxKwOaiNLVqEj5KQQ99sBgBhPDLkxzwslqBwpwT0wujAJjl55w
-LJz6+8+pLpzlLxRDP/thbf0XuZTyzcckfuK6Prl231LQ9ytkwTHigA//sXzSrxRL
-7N15pyPJaGrnxi1nJ+c30fiTN1ji85xNOF1YA9Ew96b/Rf5pEdY5HhHWW0J1x2zN
-Jx9ZmIgDoA/6rSgtUHu03HzUW5ID0FXcYiaPUNBr+MSJK4vRd1vpaLYKFR/el/JN
-pa3QPNZo6Ez4oaxEqIJVdmEYry0=
+ggEBABwG9ljuok0R3c5RKuo8HhNiK+IEbcpnKxQb3j5ye9ISKVnpvT83H5ucFYRA
+EMJ7HB8WLE71t7t+JHl65mtuZs9PBOUxuWMSgIlh/K5Hs72wY9iqd7olU+X3ymPV
+f26A7XXJR1nfeoKHLrjPh8SaDC/uqahafitVMOmLBfOrYH9JvRbec42Pckg1I6GI
+iKiaARlsbgbPw0fZaA5Cw4TZI3E2c8SdvO33m+OgjYms7Od1Ih+ZdFtMW7Ul4X8C
+8weuT7ELIfkXeBq0xo8Dkfuylf9t3jc5SlfBjNqROkzM+ieaT0LLTBXHCDSPA6jx
+Lt9kxexX4ZB3L0mQwSNNe55E+wg=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem
index e983f710..bd5a6a04 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 07:cd:8a:f3:e6:37:76:a8:e8:3b:2a:0f:20:f9:3c:3b:65:f4:
- fc:0a:c2:83:cd:f9:d8:19:82:6c:42:01:65:ad:a8:80:6a:20:
- a2:00:d4:e2:bd:61:8c:b1:1d:1f:39:5a:40:3d:9a:5b:47:1c:
- 20:a0:b9:1a:d0:b1:8d:9f:50:d1:04:b8:bd:a4:9c:75:86:e8:
- 1a:c6:da:d8:08:ee:ae:da:0d:12:cb:9e:42:f2:16:5c:c0:bc:
- 0f:f5:e4:1f:59:13:ff:21:4f:3a:66:0f:5d:e0:5c:32:1e:5c:
- f7:23:4c:ef:6e:5f:e7:97:f1:91:88:36:89:1d:71:19:83:96:
- 9d:92:36:2b:c3:e5:2d:9f:e2:82:e6:53:7c:4a:40:62:67:20:
- 58:c5:d2:f3:b8:21:10:65:a9:6f:cb:2f:20:6f:96:b4:19:ce:
- 94:af:9c:8f:39:0d:18:41:14:0c:87:1d:c0:83:6a:ee:d4:f7:
- 5b:cf:03:a9:9e:65:26:91:2a:c1:f5:dd:03:f3:81:5a:5e:a5:
- b8:79:2a:9c:16:81:de:d8:19:41:7c:9e:eb:3b:0c:6e:90:be:
- a0:35:18:ee:4e:05:ae:10:96:38:23:12:8b:68:02:a4:e0:40:
- 48:4b:e0:d0:2f:28:5c:3b:85:4c:39:fa:3b:d5:25:4e:7f:12:
- 71:c0:56:12
+ 3b:38:b5:57:a7:f6:d6:b1:19:55:b8:da:47:74:cf:9a:6b:6e:
+ ff:0a:5d:06:17:33:db:db:38:e5:d1:9c:dd:c7:3e:c2:2e:87:
+ 20:52:48:d0:ad:0c:12:3e:f7:66:41:64:d2:ca:b3:4c:a1:0a:
+ 6c:4b:4b:33:94:74:83:2e:2d:44:5a:13:ae:da:9a:18:87:64:
+ 30:cf:69:70:e8:38:47:de:55:27:06:86:9b:24:d5:b0:8f:17:
+ 3b:95:87:7e:4a:45:45:2e:6d:70:27:90:32:62:a8:36:3e:47:
+ 47:0f:0e:1b:93:cf:3d:3e:9b:2c:9a:ff:0c:ee:a7:1b:40:c4:
+ dc:f2:66:74:eb:d9:11:9d:60:b8:24:b4:89:c1:e4:61:20:3d:
+ 38:af:45:ad:e8:ee:69:c3:96:8a:a5:c1:cd:dd:14:87:97:dc:
+ f8:32:84:a8:3b:0a:eb:61:0e:7c:4c:65:69:3d:02:92:db:c4:
+ bf:21:6f:89:fe:cc:76:df:c5:84:fb:c4:ea:1a:60:da:d0:c8:
+ 27:7c:65:1b:cb:23:20:5a:e2:23:90:bd:f5:5c:0a:85:51:37:
+ 84:47:a7:80:f4:e0:a0:72:8d:7a:b8:71:03:44:59:c6:cf:2c:
+ ae:df:91:a9:74:72:eb:a7:31:b2:81:65:19:e6:df:c3:4b:b7:
+ fc:9c:2c:f0
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -84,12 +84,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAAfNivPmN3ao6DsqDyD5PDtl9PwKwoPN+dgZgmxCAWWtqIBqIKIA1OK9YYyx
-HR85WkA9mltHHCCguRrQsY2fUNEEuL2knHWG6BrG2tgI7q7aDRLLnkLyFlzAvA/1
-5B9ZE/8hTzpmD13gXDIeXPcjTO9uX+eX8ZGINokdcRmDlp2SNivD5S2f4oLmU3xK
-QGJnIFjF0vO4IRBlqW/LLyBvlrQZzpSvnI85DRhBFAyHHcCDau7U91vPA6meZSaR
-KsH13QPzgVpepbh5KpwWgd7YGUF8nus7DG6QvqA1GO5OBa4QljgjEotoAqTgQEhL
-4NAvKFw7hUw5+jvVJU5/EnHAVhI=
+ggEBADs4tVen9taxGVW42kd0z5prbv8KXQYXM9vbOOXRnN3HPsIuhyBSSNCtDBI+
+92ZBZNLKs0yhCmxLSzOUdIMuLURaE67amhiHZDDPaXDoOEfeVScGhpsk1bCPFzuV
+h35KRUUubXAnkDJiqDY+R0cPDhuTzz0+myya/wzupxtAxNzyZnTr2RGdYLgktInB
+5GEgPTivRa3o7mnDloqlwc3dFIeX3PgyhKg7CuthDnxMZWk9ApLbxL8hb4n+zHbf
+xYT7xOoaYNrQyCd8ZRvLIyBa4iOQvfVcCoVRN4RHp4D04KByjXq4cQNEWcbPLK7f
+kal0cuunMbKBZRnm38NLt/ycLPA=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem
index aed2938f..932f2459 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- a4:9b:e4:ec:56:45:77:92:36:91:66:cc:25:11:1a:1d:48:d5:
- f8:4a:32:04:6f:ea:76:c7:0c:27:8a:8c:f1:ef:08:d4:47:60:
- 66:5e:3f:61:76:fc:a2:84:c1:42:01:89:b6:17:d9:eb:14:e6:
- 61:7e:8e:18:2e:64:be:14:ef:2d:ce:63:10:d6:b3:00:ec:f3:
- fc:4f:a0:1b:6f:e7:75:18:fe:ca:ef:47:12:dc:c8:ae:f9:05:
- 2b:84:14:d5:ad:df:58:84:81:33:51:90:5d:29:b8:ff:48:6b:
- f5:bb:e9:c7:be:6f:e1:6a:ca:71:47:1f:97:7f:1d:00:56:9a:
- 59:f6:78:4e:95:6c:e8:51:73:8e:9d:f3:62:00:f7:65:bd:09:
- d7:e4:ae:7e:04:ee:1e:eb:f3:83:3f:2a:44:f4:98:f8:ef:31:
- ed:06:77:60:e3:f2:6b:b6:dd:3e:ed:45:aa:07:a9:7f:99:f5:
- 2d:9b:ce:10:16:3a:cd:96:fb:40:1b:18:f4:eb:6f:f0:dc:ee:
- e8:aa:30:13:3c:d6:1e:46:7d:55:1f:0b:86:5c:13:f9:2f:83:
- b8:65:55:8d:3e:56:8b:d9:b7:e1:1b:2d:ab:f2:e7:3a:c4:6f:
- 2a:c9:f0:f9:96:82:93:ac:a7:06:1c:0e:bb:2a:ff:6a:be:eb:
- 91:b0:8c:dc
+ 2f:e1:b0:99:a9:71:0e:41:f8:b1:9d:38:c8:f4:3d:7c:79:ce:
+ d2:94:01:2a:b6:71:1b:4c:64:19:27:02:71:b4:43:64:42:f9:
+ 2b:71:39:6e:64:4e:e8:32:b1:1e:1b:fd:7d:22:cb:8a:9c:34:
+ ce:ef:bb:dd:f2:4f:83:58:33:34:01:cb:b4:35:e2:ba:c6:cc:
+ aa:2f:ed:2e:e9:04:ec:cd:7f:06:50:b3:4e:37:cd:fe:96:69:
+ da:a3:fe:63:78:83:c5:86:7e:03:b2:11:e5:94:f8:56:e9:d1:
+ dd:5d:b4:05:4d:26:0e:09:c2:50:32:ce:6d:da:6b:b7:ee:e1:
+ 1b:a9:b0:0f:59:d6:03:16:ee:47:16:2f:1f:58:f9:f8:48:d9:
+ 59:ed:61:a1:af:7e:92:38:2e:40:0c:9b:e7:21:90:3b:10:6f:
+ 61:ad:e0:95:57:e2:d5:39:dc:83:54:88:99:4a:5e:21:94:ce:
+ f9:0f:5e:e9:22:10:55:bb:97:f4:51:3f:50:83:ed:63:fb:ab:
+ d2:02:b3:aa:26:f7:fc:72:1c:84:e9:a0:a3:fa:b2:22:90:c8:
+ ac:61:84:2a:bd:3f:75:1f:1b:bf:83:a8:90:ce:4c:de:ee:eb:
+ 65:b4:ff:f0:7a:b2:11:7a:78:60:c4:6e:da:e3:c8:a3:57:5b:
+ 8f:58:e4:49
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -84,12 +84,12 @@ DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcN
-AQELBQADggEBAKSb5OxWRXeSNpFmzCURGh1I1fhKMgRv6nbHDCeKjPHvCNRHYGZe
-P2F2/KKEwUIBibYX2esU5mF+jhguZL4U7y3OYxDWswDs8/xPoBtv53UY/srvRxLc
-yK75BSuEFNWt31iEgTNRkF0puP9Ia/W76ce+b+FqynFHH5d/HQBWmln2eE6VbOhR
-c46d82IA92W9Cdfkrn4E7h7r84M/KkT0mPjvMe0Gd2Dj8mu23T7tRaoHqX+Z9S2b
-zhAWOs2W+0AbGPTrb/Dc7uiqMBM81h5GfVUfC4ZcE/kvg7hlVY0+VovZt+EbLavy
-5zrEbyrJ8PmWgpOspwYcDrsq/2q+65GwjNw=
+AQELBQADggEBAC/hsJmpcQ5B+LGdOMj0PXx5ztKUASq2cRtMZBknAnG0Q2RC+Stx
+OW5kTugysR4b/X0iy4qcNM7vu93yT4NYMzQBy7Q14rrGzKov7S7pBOzNfwZQs043
+zf6Wadqj/mN4g8WGfgOyEeWU+Fbp0d1dtAVNJg4JwlAyzm3aa7fu4RupsA9Z1gMW
+7kcWLx9Y+fhI2VntYaGvfpI4LkAMm+chkDsQb2Gt4JVX4tU53INUiJlKXiGUzvkP
+XukiEFW7l/RRP1CD7WP7q9ICs6om9/xyHITpoKP6siKQyKxhhCq9P3UfG7+DqJDO
+TN7u62W0//B6shF6eGDEbtrjyKNXW49Y5Ek=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem
index 64873ee1..0eb95e09 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL OCSP Responder, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Extended Key Usage:
OCSP Signing
Signature Algorithm: sha256WithRSAEncryption
- 2f:b7:6b:ec:b7:12:63:b9:57:dc:04:4d:9c:67:74:98:06:28:
- 68:37:34:c2:50:e9:2a:d4:1a:b2:32:1a:9d:2b:4f:23:50:ea:
- b4:95:86:c3:b9:5f:34:3e:99:91:a7:80:5f:6e:1b:6e:db:e9:
- 02:38:6f:df:c5:9b:0d:a3:1c:a9:15:76:16:66:a8:4e:fb:d3:
- 43:76:f1:72:b7:d1:fa:ee:39:a6:96:c1:a2:93:a4:9b:1e:9f:
- ba:71:8f:ba:bd:67:6a:f2:15:5f:f1:64:e7:cf:26:b8:4c:c0:
- eb:85:04:58:d9:4a:6b:d9:86:f5:80:21:bf:91:c8:4b:9f:04:
- ed:57:7a:d2:58:ac:5b:47:af:4d:7f:5b:1d:6d:68:9b:84:98:
- 2a:31:02:2c:e9:1b:af:11:0b:78:49:be:68:68:cb:9c:41:56:
- e8:b5:59:da:ff:ca:59:99:17:3e:11:0a:8f:49:24:0b:81:42:
- 63:cd:4f:f6:2b:9d:d1:79:75:d7:4a:cc:4c:b7:2b:d7:e8:e7:
- d4:48:3c:14:3b:1c:28:e8:46:7a:dc:11:9d:7f:1c:ab:10:95:
- 17:b2:c7:7a:bb:17:44:59:69:8e:16:05:94:8c:88:d9:dc:9a:
- fd:f2:93:be:68:ba:3c:d6:2b:61:3a:8b:f7:66:cb:54:e8:e4:
- db:9f:cc:9e
+ 0a:a4:ec:1a:eb:2e:bc:d0:62:b6:84:72:92:8a:1a:e4:04:31:
+ 1c:68:17:ae:6c:18:44:ad:23:73:0d:63:73:9b:47:97:ae:21:
+ aa:ac:ab:f4:9e:64:78:62:bb:b5:70:29:31:eb:53:b2:f6:20:
+ 35:ff:43:06:f0:3f:84:d8:aa:be:6d:a9:59:ef:f5:6b:8e:da:
+ 78:77:22:70:43:c8:e5:b5:55:2f:c8:31:5e:87:d2:2d:a5:0f:
+ 0a:aa:01:00:76:22:17:73:72:9a:59:fb:c8:1f:a3:b9:d6:99:
+ 7f:16:90:03:ec:20:bf:f5:8a:c5:e2:a7:1c:4b:bf:c5:7c:45:
+ 18:de:e3:93:a1:41:b0:33:ed:d2:6e:4f:14:58:6e:af:12:be:
+ 3b:ed:6e:20:4b:6d:11:89:9d:c6:2a:ab:1e:24:3f:d2:56:98:
+ 5c:8f:d1:fe:d2:92:6b:7b:ed:15:84:3a:b3:aa:5c:c6:b4:6d:
+ 5d:cb:ce:81:37:e5:ef:96:25:92:ef:04:3c:38:0c:f0:6d:64:
+ ef:33:51:4f:98:6f:55:3d:0e:cc:07:ea:2c:0b:3e:09:a0:23:
+ 0b:45:2c:02:a0:49:70:d8:a8:a7:36:07:68:c6:82:5e:d4:78:
+ be:cf:5b:11:79:6b:bf:e2:5d:56:79:19:a5:64:b2:e8:86:a4:
+ 27:74:cf:55
-----BEGIN CERTIFICATE-----
MIIEvjCCA6agAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBnjELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBnjELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQDDBZ3b2xmU1NMIE9DU1Ag
UmVzcG9uZGVyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -80,12 +80,12 @@ CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG
A1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFjMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
-AQAvt2vstxJjuVfcBE2cZ3SYBihoNzTCUOkq1BqyMhqdK08jUOq0lYbDuV80PpmR
-p4Bfbhtu2+kCOG/fxZsNoxypFXYWZqhO+9NDdvFyt9H67jmmlsGik6SbHp+6cY+6
-vWdq8hVf8WTnzya4TMDrhQRY2Upr2Yb1gCG/kchLnwTtV3rSWKxbR69Nf1sdbWib
-hJgqMQIs6RuvEQt4Sb5oaMucQVbotVna/8pZmRc+EQqPSSQLgUJjzU/2K53ReXXX
-SsxMtyvX6OfUSDwUOxwo6EZ63BGdfxyrEJUXssd6uxdEWWmOFgWUjIjZ3Jr98pO+
-aLo81ithOov3ZstU6OTbn8ye
+AQAKpOwa6y680GK2hHKSihrkBDEcaBeubBhErSNzDWNzm0eXriGqrKv0nmR4Yru1
+cCkx61Oy9iA1/0MG8D+E2Kq+balZ7/Vrjtp4dyJwQ8jltVUvyDFeh9ItpQ8KqgEA
+diIXc3KaWfvIH6O51pl/FpAD7CC/9YrF4qccS7/FfEUY3uOToUGwM+3Sbk8UWG6v
+Er477W4gS20RiZ3GKqseJD/SVphcj9H+0pJre+0VhDqzqlzGtG1dy86BN+XvliWS
+7wQ8OAzwbWTvM1FPmG9VPQ7MB+osCz4JoCMLRSwCoElw2KinNgdoxoJe1Hi+z1sR
+eWu/4l1WeRmlZLLohqQndM9V
-----END CERTIFICATE-----
Certificate:
Data:
@@ -94,8 +94,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -136,27 +136,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -172,11 +172,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh b/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh
index 22103c4d..f377a1fd 100755
--- a/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh
+++ b/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh
@@ -1,5 +1,14 @@
#!/bin/sh
+# bwrap execution environment to avoid port conflicts
+if [ "${AM_BWRAPPED-}" != "yes" ]; then
+ bwrap_path="$(command -v bwrap)"
+ if [ -n "$bwrap_path" ]; then
+ export AM_BWRAPPED=yes
+ exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
+ fi
+fi
+
check_result(){
if [ $1 -ne 0 ]; then
if [ -n "$2" ]; then
@@ -80,10 +89,10 @@ update_cert server3 "www3.wolfssl.com" intermediate2-ca
update_cert server4 "www4.wolfssl.com" intermediate2-ca v3_req2 08 # REVOKED
update_cert server5 "www5.wolfssl.com" intermediate3-ca v3_req3 09
-
# Create response DER buffer for test
openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -partial_chain &
PID=$!
+sleep 1 # Make sure server is ready
openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response.der -noverify
openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-nointern.der -no_intern -noverify
@@ -95,6 +104,7 @@ wait $PID
# now start up a responder that signs using rsa-pss
openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -rsigopt rsa_padding_mode:pss &
PID=$!
+sleep 1 # Make sure server is ready
openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-rsapss.der -noverify
# can verify with the following command
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem
index c51306f0..4dd84808 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -83,11 +83,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem
index 0e07e2f6..641d41f1 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www1.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22221
Signature Algorithm: sha256WithRSAEncryption
- 1a:d1:4a:17:b8:a4:ad:57:8a:6d:91:eb:ee:1f:25:5b:83:4c:
- f2:64:9e:f3:c9:1c:c9:02:f3:b8:c8:8d:43:f0:7b:9a:12:0c:
- d0:35:8c:22:c3:46:3b:ec:da:ae:4a:e2:70:16:57:10:35:57:
- f0:7d:74:c8:37:19:69:ba:a6:f6:dc:3a:1d:82:d8:ea:21:c1:
- 35:a7:2c:fa:07:ee:20:01:5c:de:c3:ff:60:c1:af:df:9f:db:
- 5b:e5:e6:2c:56:78:7c:5c:49:d8:d3:67:62:ba:d7:59:ee:83:
- 6b:b6:bb:60:17:1b:c3:ac:f4:b3:5a:95:b6:cb:1c:1b:42:86:
- a0:2c:d5:35:85:0d:22:6a:f4:94:cc:f6:bd:43:bc:ae:9c:d5:
- 2f:be:f5:1d:85:6a:21:44:06:1c:f8:aa:d8:21:0a:66:2f:26:
- a2:06:c3:9d:ec:61:18:d9:f4:af:48:b9:a1:45:f3:f2:66:12:
- 3b:46:76:bd:3d:a5:ec:a8:8a:4c:d1:e3:6d:c5:cb:73:d2:66:
- 7e:5e:db:f9:9a:ab:f3:c2:6f:cc:6d:c9:de:76:2f:a3:d1:3a:
- 2c:40:c2:01:2d:d2:15:a7:4e:f1:43:6a:88:cf:f8:00:16:48:
- 3d:85:f5:d5:c5:17:3e:ef:7a:8f:35:47:3b:21:92:8e:1d:f2:
- 29:76:e4:5c
+ 2c:4a:52:45:c2:c6:40:fe:e1:c0:38:89:63:a1:24:44:f8:8c:
+ 1b:28:dc:55:69:19:b1:d0:53:46:01:36:f6:ee:b0:ac:71:3a:
+ a9:43:cb:43:99:73:f0:a7:c2:cb:73:d2:9a:02:6c:5b:12:c8:
+ ea:d7:87:18:cc:5a:a3:15:53:0f:94:b2:97:eb:78:e8:6e:8d:
+ 4d:3b:d4:23:88:98:7d:35:09:74:95:a8:05:49:57:d0:2a:3c:
+ 1b:96:1f:d0:5d:37:0a:a3:01:55:36:bb:17:6e:d9:9f:81:ee:
+ 7d:12:bc:ff:e0:22:ca:49:1e:f5:c4:06:8c:29:28:20:3a:b0:
+ a4:6e:82:6c:74:3b:56:37:e0:bb:42:9e:65:3f:19:b8:d2:2a:
+ 15:9e:92:39:8b:17:f2:ef:7f:d2:b8:79:a5:12:20:50:a2:31:
+ 55:52:a4:74:91:02:bc:0e:d0:43:01:c5:7c:4d:4e:b0:00:88:
+ a4:10:c5:9c:93:38:cb:05:48:c8:87:6a:54:f6:9c:38:77:2a:
+ 6f:ad:ab:b4:a2:23:bc:23:af:41:57:d3:f4:d6:27:b0:a6:f9:
+ 58:9c:76:76:4d:83:d2:27:ac:0e:af:95:2d:3a:9d:6c:1c:55:
+ 98:5a:a8:e0:1f:dd:13:a5:fc:72:e4:be:95:aa:57:99:3c:2e:
+ 16:70:e9:d1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
MS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
-AQAa0UoXuKStV4ptkevuHyVbg0zyZJ7zyRzJAvO4yI1D8HuaEgzQNYwiw0Y77Nqu
-SuJwFlcQNVfwfXTINxlpuqb23DodgtjqIcE1pyz6B+4gAVzew/9gwa/fn9tb5eYs
-Vnh8XEnY02diutdZ7oNrtrtgFxvDrPSzWpW2yxwbQoagLNU1hQ0iavSUzPa9Q7yu
-nNUvvvUdhWohRAYc+KrYIQpmLyaiBsOd7GEY2fSvSLmhRfPyZhI7Rna9PaXsqIpM
-0eNtxctz0mZ+Xtv5mqvzwm/Mbcnedi+j0TosQMIBLdIVp07xQ2qIz/gAFkg9hfXV
-xRc+73qPNUc7IZKOHfIpduRc
+AQAsSlJFwsZA/uHAOIljoSRE+IwbKNxVaRmx0FNGATb27rCscTqpQ8tDmXPwp8LL
+c9KaAmxbEsjq14cYzFqjFVMPlLKX63jobo1NO9QjiJh9NQl0lagFSVfQKjwblh/Q
+XTcKowFVNrsXbtmfge59Erz/4CLKSR71xAaMKSggOrCkboJsdDtWN+C7Qp5lPxm4
+0ioVnpI5ixfy73/SuHmlEiBQojFVUqR0kQK8DtBDAcV8TU6wAIikEMWckzjLBUjI
+h2pU9pw4dypvrau0oiO8I69BV9P01iewpvlYnHZ2TYPSJ6wOr5UtOp1sHFWYWqjg
+H90Tpfxy5L6VqleZPC4WcOnR
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 5e:61:82:66:fd:b6:45:75:94:55:50:b9:ee:97:1a:48:73:ad:
- 24:ba:19:ee:ce:e9:f3:07:ac:51:32:10:56:6a:c8:94:d0:ff:
- 8b:37:e9:a9:de:29:e3:99:39:9f:84:f5:2b:de:57:de:d2:d9:
- 44:b1:2b:03:9a:88:d2:d5:a8:48:f9:29:04:3d:f6:c0:60:06:
- 13:c3:2e:4c:73:c2:c9:6a:07:0a:70:4f:4c:2e:8c:02:63:97:
- 9e:70:2c:9c:fa:fb:cf:a9:2e:9c:e5:2f:14:43:3f:fb:61:6d:
- fd:17:b9:94:f2:cd:c7:24:7e:e2:ba:3e:b9:76:df:52:d0:f7:
- 2b:64:c1:31:e2:80:0f:ff:b1:7c:d2:af:14:4b:ec:dd:79:a7:
- 23:c9:68:6a:e7:c6:2d:67:27:e7:37:d1:f8:93:37:58:e2:f3:
- 9c:4d:38:5d:58:03:d1:30:f7:a6:ff:45:fe:69:11:d6:39:1e:
- 11:d6:5b:42:75:c7:6c:cd:27:1f:59:98:88:03:a0:0f:fa:ad:
- 28:2d:50:7b:b4:dc:7c:d4:5b:92:03:d0:55:dc:62:26:8f:50:
- d0:6b:f8:c4:89:2b:8b:d1:77:5b:e9:68:b6:0a:15:1f:de:97:
- f2:4d:a5:ad:d0:3c:d6:68:e8:4c:f8:a1:ac:44:a8:82:55:76:
- 61:18:af:2d
+ 1c:06:f6:58:ee:a2:4d:11:dd:ce:51:2a:ea:3c:1e:13:62:2b:
+ e2:04:6d:ca:67:2b:14:1b:de:3e:72:7b:d2:12:29:59:e9:bd:
+ 3f:37:1f:9b:9c:15:84:40:10:c2:7b:1c:1f:16:2c:4e:f5:b7:
+ bb:7e:24:79:7a:e6:6b:6e:66:cf:4f:04:e5:31:b9:63:12:80:
+ 89:61:fc:ae:47:b3:bd:b0:63:d8:aa:77:ba:25:53:e5:f7:ca:
+ 63:d5:7f:6e:80:ed:75:c9:47:59:df:7a:82:87:2e:b8:cf:87:
+ c4:9a:0c:2f:ee:a9:a8:5a:7e:2b:55:30:e9:8b:05:f3:ab:60:
+ 7f:49:bd:16:de:73:8d:8f:72:48:35:23:a1:88:88:a8:9a:01:
+ 19:6c:6e:06:cf:c3:47:d9:68:0e:42:c3:84:d9:23:71:36:73:
+ c4:9d:bc:ed:f7:9b:e3:a0:8d:89:ac:ec:e7:75:22:1f:99:74:
+ 5b:4c:5b:b5:25:e1:7f:02:f3:07:ae:4f:b1:0b:21:f9:17:78:
+ 1a:b4:c6:8f:03:91:fb:b2:95:ff:6d:de:37:39:4a:57:c1:8c:
+ da:91:3a:4c:cc:fa:27:9a:4f:42:cb:4c:15:c7:08:34:8f:03:
+ a8:f1:2e:df:64:c5:ec:57:e1:90:77:2f:49:90:c1:23:4d:7b:
+ 9e:44:fb:08
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAF5hgmb9tkV1lFVQue6XGkhzrSS6Ge7O6fMHrFEyEFZqyJTQ/4s36aneKeOZ
-OZ+E9SveV97S2USxKwOaiNLVqEj5KQQ99sBgBhPDLkxzwslqBwpwT0wujAJjl55w
-LJz6+8+pLpzlLxRDP/thbf0XuZTyzcckfuK6Prl231LQ9ytkwTHigA//sXzSrxRL
-7N15pyPJaGrnxi1nJ+c30fiTN1ji85xNOF1YA9Ew96b/Rf5pEdY5HhHWW0J1x2zN
-Jx9ZmIgDoA/6rSgtUHu03HzUW5ID0FXcYiaPUNBr+MSJK4vRd1vpaLYKFR/el/JN
-pa3QPNZo6Ez4oaxEqIJVdmEYry0=
+ggEBABwG9ljuok0R3c5RKuo8HhNiK+IEbcpnKxQb3j5ye9ISKVnpvT83H5ucFYRA
+EMJ7HB8WLE71t7t+JHl65mtuZs9PBOUxuWMSgIlh/K5Hs72wY9iqd7olU+X3ymPV
+f26A7XXJR1nfeoKHLrjPh8SaDC/uqahafitVMOmLBfOrYH9JvRbec42Pckg1I6GI
+iKiaARlsbgbPw0fZaA5Cw4TZI3E2c8SdvO33m+OgjYms7Od1Ih+ZdFtMW7Ul4X8C
+8weuT7ELIfkXeBq0xo8Dkfuylf9t3jc5SlfBjNqROkzM+ieaT0LLTBXHCDSPA6jx
+Lt9kxexX4ZB3L0mQwSNNe55E+wg=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -191,8 +191,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem
index a4317d5a..1d2b0c91 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www2.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22221
Signature Algorithm: sha256WithRSAEncryption
- 3f:9f:3d:c8:e3:a8:70:32:c1:81:67:64:b8:df:3b:e4:73:8f:
- 99:84:9c:d5:d5:70:a2:6e:de:5d:a0:42:52:80:a0:01:09:49:
- 6b:c3:fd:79:12:7c:9e:42:44:a5:74:d7:bc:ad:2a:3a:6b:a9:
- e4:1d:b8:cc:16:25:2f:4b:47:67:b5:a2:94:ce:e0:a4:20:95:
- 94:29:e2:66:01:4c:86:62:79:37:dd:58:de:f1:32:fe:d8:f8:
- a0:ee:7c:e3:1f:e5:cd:dc:be:fd:30:10:3b:e1:8c:35:fa:89:
- 85:83:57:45:80:b1:7c:36:7c:87:0a:89:80:8f:15:6b:33:f1:
- c8:93:cf:fe:ac:18:d0:cf:4f:e0:7e:eb:b4:b1:b9:63:30:5c:
- f3:7f:e2:29:81:09:18:7a:d7:70:a0:81:15:2e:82:33:89:d2:
- 1d:70:73:9c:3d:d9:0c:6a:03:09:6c:b2:11:fd:d2:a8:9b:d8:
- 67:17:80:66:c3:7a:eb:28:26:ac:12:8f:87:64:07:a2:e6:e4:
- 00:01:94:db:8c:82:6e:4f:41:1d:bd:3f:2b:e7:de:8d:84:dd:
- 8c:66:88:f4:af:8d:ae:ef:7e:6c:a1:1d:be:61:74:6e:61:24:
- de:5a:6f:d8:56:66:45:24:5c:4f:f5:0b:b0:d4:92:78:2c:d8:
- 2a:02:0e:12
+ ba:b8:a9:5b:b2:3b:55:29:f6:8e:08:d9:48:7b:12:4e:45:65:
+ bb:4a:d0:23:82:c8:2b:f1:2e:fd:34:d1:e8:d0:b9:89:35:f3:
+ 49:e4:67:6b:bf:72:ae:26:48:20:1e:0d:22:11:11:d1:b3:b2:
+ 9f:d2:47:b5:b0:64:37:03:0b:aa:62:9b:26:b1:c5:52:72:80:
+ 12:d8:67:20:3b:f4:59:72:06:99:f6:ff:92:f7:50:05:46:30:
+ 11:d3:b4:e2:5b:03:cc:f8:01:d2:8e:de:2b:0a:52:6a:76:66:
+ a8:e3:80:06:a3:60:e2:c5:6b:62:4d:12:0d:9a:43:a6:c7:e5:
+ 87:1d:02:65:f2:35:66:e2:07:05:66:32:df:5f:14:7f:9b:89:
+ 60:61:41:8c:bb:ad:1c:9e:92:7d:19:4c:8a:3c:d9:9f:6c:d7:
+ c3:a9:13:b3:13:2c:38:e0:e6:e1:0c:4c:55:f0:25:42:73:6a:
+ c1:79:82:0a:a5:95:ef:2a:0e:29:cd:76:88:af:e4:da:e6:95:
+ 22:55:dc:8f:67:3e:eb:c8:6b:4a:86:1f:2a:13:40:ee:a2:5e:
+ 59:61:77:3b:c7:81:d2:6e:ed:ea:08:55:ea:c4:1f:11:d8:50:
+ c5:a1:c7:46:57:c7:02:4c:ce:3b:e5:1b:9d:cf:59:73:24:7c:
+ 07:cf:8f:f6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
Mi53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
-AQA/nz3I46hwMsGBZ2S43zvkc4+ZhJzV1XCibt5doEJSgKABCUlrw/15EnyeQkSl
-dNe8rSo6a6nkHbjMFiUvS0dntaKUzuCkIJWUKeJmAUyGYnk33Vje8TL+2Pig7nzj
-H+XN3L79MBA74Yw1+omFg1dFgLF8NnyHComAjxVrM/HIk8/+rBjQz0/gfuu0sblj
-MFzzf+IpgQkYetdwoIEVLoIzidIdcHOcPdkMagMJbLIR/dKom9hnF4Bmw3rrKCas
-Eo+HZAei5uQAAZTbjIJuT0EdvT8r596NhN2MZoj0r42u735soR2+YXRuYSTeWm/Y
-VmZFJFxP9Quw1JJ4LNgqAg4S
+AQC6uKlbsjtVKfaOCNlIexJORWW7StAjgsgr8S79NNHo0LmJNfNJ5Gdrv3KuJkgg
+Hg0iERHRs7Kf0ke1sGQ3AwuqYpsmscVScoAS2GcgO/RZcgaZ9v+S91AFRjAR07Ti
+WwPM+AHSjt4rClJqdmao44AGo2DixWtiTRINmkOmx+WHHQJl8jVm4gcFZjLfXxR/
+m4lgYUGMu60cnpJ9GUyKPNmfbNfDqROzEyw44ObhDExV8CVCc2rBeYIKpZXvKg4p
+zXaIr+Ta5pUiVdyPZz7ryGtKhh8qE0Duol5ZYXc7x4HSbu3qCFXqxB8R2FDFocdG
+V8cCTM475Rudz1lzJHwHz4/2
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 5e:61:82:66:fd:b6:45:75:94:55:50:b9:ee:97:1a:48:73:ad:
- 24:ba:19:ee:ce:e9:f3:07:ac:51:32:10:56:6a:c8:94:d0:ff:
- 8b:37:e9:a9:de:29:e3:99:39:9f:84:f5:2b:de:57:de:d2:d9:
- 44:b1:2b:03:9a:88:d2:d5:a8:48:f9:29:04:3d:f6:c0:60:06:
- 13:c3:2e:4c:73:c2:c9:6a:07:0a:70:4f:4c:2e:8c:02:63:97:
- 9e:70:2c:9c:fa:fb:cf:a9:2e:9c:e5:2f:14:43:3f:fb:61:6d:
- fd:17:b9:94:f2:cd:c7:24:7e:e2:ba:3e:b9:76:df:52:d0:f7:
- 2b:64:c1:31:e2:80:0f:ff:b1:7c:d2:af:14:4b:ec:dd:79:a7:
- 23:c9:68:6a:e7:c6:2d:67:27:e7:37:d1:f8:93:37:58:e2:f3:
- 9c:4d:38:5d:58:03:d1:30:f7:a6:ff:45:fe:69:11:d6:39:1e:
- 11:d6:5b:42:75:c7:6c:cd:27:1f:59:98:88:03:a0:0f:fa:ad:
- 28:2d:50:7b:b4:dc:7c:d4:5b:92:03:d0:55:dc:62:26:8f:50:
- d0:6b:f8:c4:89:2b:8b:d1:77:5b:e9:68:b6:0a:15:1f:de:97:
- f2:4d:a5:ad:d0:3c:d6:68:e8:4c:f8:a1:ac:44:a8:82:55:76:
- 61:18:af:2d
+ 1c:06:f6:58:ee:a2:4d:11:dd:ce:51:2a:ea:3c:1e:13:62:2b:
+ e2:04:6d:ca:67:2b:14:1b:de:3e:72:7b:d2:12:29:59:e9:bd:
+ 3f:37:1f:9b:9c:15:84:40:10:c2:7b:1c:1f:16:2c:4e:f5:b7:
+ bb:7e:24:79:7a:e6:6b:6e:66:cf:4f:04:e5:31:b9:63:12:80:
+ 89:61:fc:ae:47:b3:bd:b0:63:d8:aa:77:ba:25:53:e5:f7:ca:
+ 63:d5:7f:6e:80:ed:75:c9:47:59:df:7a:82:87:2e:b8:cf:87:
+ c4:9a:0c:2f:ee:a9:a8:5a:7e:2b:55:30:e9:8b:05:f3:ab:60:
+ 7f:49:bd:16:de:73:8d:8f:72:48:35:23:a1:88:88:a8:9a:01:
+ 19:6c:6e:06:cf:c3:47:d9:68:0e:42:c3:84:d9:23:71:36:73:
+ c4:9d:bc:ed:f7:9b:e3:a0:8d:89:ac:ec:e7:75:22:1f:99:74:
+ 5b:4c:5b:b5:25:e1:7f:02:f3:07:ae:4f:b1:0b:21:f9:17:78:
+ 1a:b4:c6:8f:03:91:fb:b2:95:ff:6d:de:37:39:4a:57:c1:8c:
+ da:91:3a:4c:cc:fa:27:9a:4f:42:cb:4c:15:c7:08:34:8f:03:
+ a8:f1:2e:df:64:c5:ec:57:e1:90:77:2f:49:90:c1:23:4d:7b:
+ 9e:44:fb:08
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAF5hgmb9tkV1lFVQue6XGkhzrSS6Ge7O6fMHrFEyEFZqyJTQ/4s36aneKeOZ
-OZ+E9SveV97S2USxKwOaiNLVqEj5KQQ99sBgBhPDLkxzwslqBwpwT0wujAJjl55w
-LJz6+8+pLpzlLxRDP/thbf0XuZTyzcckfuK6Prl231LQ9ytkwTHigA//sXzSrxRL
-7N15pyPJaGrnxi1nJ+c30fiTN1ji85xNOF1YA9Ew96b/Rf5pEdY5HhHWW0J1x2zN
-Jx9ZmIgDoA/6rSgtUHu03HzUW5ID0FXcYiaPUNBr+MSJK4vRd1vpaLYKFR/el/JN
-pa3QPNZo6Ez4oaxEqIJVdmEYry0=
+ggEBABwG9ljuok0R3c5RKuo8HhNiK+IEbcpnKxQb3j5ye9ISKVnpvT83H5ucFYRA
+EMJ7HB8WLE71t7t+JHl65mtuZs9PBOUxuWMSgIlh/K5Hs72wY9iqd7olU+X3ymPV
+f26A7XXJR1nfeoKHLrjPh8SaDC/uqahafitVMOmLBfOrYH9JvRbec42Pckg1I6GI
+iKiaARlsbgbPw0fZaA5Cw4TZI3E2c8SdvO33m+OgjYms7Od1Ih+ZdFtMW7Ul4X8C
+8weuT7ELIfkXeBq0xo8Dkfuylf9t3jc5SlfBjNqROkzM+ieaT0LLTBXHCDSPA6jx
+Lt9kxexX4ZB3L0mQwSNNe55E+wg=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -191,8 +191,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem
index abbbb64e..a16ca9a2 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www3.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22222
Signature Algorithm: sha256WithRSAEncryption
- 53:1b:11:4b:be:f0:22:0d:83:25:ba:b6:6e:c9:52:0f:3e:57:
- 1c:6a:05:8e:2f:9e:04:be:6a:30:8c:cb:49:18:d8:49:cd:5f:
- f1:05:c4:ea:80:18:bf:ac:7c:4b:a6:b0:a7:88:4d:92:9a:5e:
- 86:77:2d:8b:4e:c8:96:2d:69:c9:9a:9f:ce:02:be:c2:72:ad:
- d1:a3:ba:b1:9d:90:c6:4c:7b:bb:4f:62:37:96:51:c1:36:e3:
- 23:1d:58:47:4a:d3:e9:66:39:db:81:3d:24:4a:ba:52:37:47:
- 3a:5c:b3:86:74:5d:18:11:6c:4b:d5:ff:ff:22:08:39:2f:f6:
- 60:ba:df:0a:c9:0f:d8:f0:ac:91:42:94:90:6e:04:cc:2d:25:
- 36:cd:39:0c:a4:fb:04:93:19:c6:d7:af:21:00:cf:d2:ce:ff:
- bb:ea:42:e9:09:1e:2e:94:bb:d3:05:0c:06:2f:ac:52:9f:9d:
- 37:0e:40:a1:67:c6:d3:dc:5d:a8:38:1b:42:90:94:8b:72:4f:
- b1:c6:2f:06:59:9e:22:de:d9:3e:82:02:b9:5a:db:e4:c6:76:
- ae:01:70:72:0e:80:a6:eb:1d:a5:95:92:16:23:a5:7f:4a:68:
- 5c:3b:57:7c:44:16:d0:30:fa:0a:a7:23:6d:be:c9:3f:87:86:
- 62:b9:5c:8c
+ 64:30:09:ad:e2:e1:ee:8d:00:a6:54:80:95:3c:89:fe:cf:40:
+ 2f:28:4a:e0:54:e5:51:79:88:90:95:27:61:9a:3f:3c:a0:b3:
+ a1:9f:01:44:ad:45:a2:cf:cc:2a:10:cc:31:28:48:f4:1a:c7:
+ 01:f0:e4:3f:5d:89:39:20:b0:ad:52:0c:f9:f1:d7:82:a6:fa:
+ b2:61:53:1e:97:35:63:15:58:52:fa:1d:88:09:b2:74:6e:5b:
+ 76:ab:e9:07:05:e9:97:57:df:f5:73:ec:e2:07:46:f6:5f:fe:
+ 03:25:0b:0b:c0:9d:6e:7a:a6:c2:b3:18:79:2f:93:a4:8c:25:
+ 71:d1:d8:fe:6d:d1:4a:af:4e:8d:a4:fc:33:f0:78:18:38:3a:
+ dd:e6:1b:7c:94:68:d3:13:9f:a3:56:2c:02:d1:5d:1a:2d:ad:
+ c6:28:4e:58:5d:5f:d6:d6:7c:2c:68:c4:74:71:ab:64:92:75:
+ a7:ba:1f:77:b1:96:fa:0c:e2:81:1f:9e:17:4e:b9:da:1a:33:
+ 40:33:12:74:cb:6d:28:e3:cc:0b:c1:30:58:c5:ba:65:66:a8:
+ a1:71:82:76:e7:03:43:8f:7f:03:0f:56:bb:1c:24:93:fb:34:
+ 97:1f:09:71:f9:f0:1f:46:42:fb:fe:9d:68:be:25:ea:17:a8:
+ 6d:4c:a1:05
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
My53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
-AQBTGxFLvvAiDYMlurZuyVIPPlccagWOL54EvmowjMtJGNhJzV/xBcTqgBi/rHxL
-prCniE2Sml6Gdy2LTsiWLWnJmp/OAr7Ccq3Ro7qxnZDGTHu7T2I3llHBNuMjHVhH
-StPpZjnbgT0kSrpSN0c6XLOGdF0YEWxL1f//Igg5L/Zgut8KyQ/Y8KyRQpSQbgTM
-LSU2zTkMpPsEkxnG168hAM/Szv+76kLpCR4ulLvTBQwGL6xSn503DkChZ8bT3F2o
-OBtCkJSLck+xxi8GWZ4i3tk+ggK5WtvkxnauAXByDoCm6x2llZIWI6V/SmhcO1d8
-RBbQMPoKpyNtvsk/h4ZiuVyM
+AQBkMAmt4uHujQCmVICVPIn+z0AvKErgVOVReYiQlSdhmj88oLOhnwFErUWiz8wq
+EMwxKEj0GscB8OQ/XYk5ILCtUgz58deCpvqyYVMelzVjFVhS+h2ICbJ0blt2q+kH
+BemXV9/1c+ziB0b2X/4DJQsLwJ1ueqbCsxh5L5OkjCVx0dj+bdFKr06NpPwz8HgY
+ODrd5ht8lGjTE5+jViwC0V0aLa3GKE5YXV/W1nwsaMR0catkknWnuh93sZb6DOKB
+H54XTrnaGjNAMxJ0y20o48wLwTBYxbplZqihcYJ25wNDj38DD1a7HCST+zSXHwlx
++fAfRkL7/p1oviXqF6htTKEF
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 07:cd:8a:f3:e6:37:76:a8:e8:3b:2a:0f:20:f9:3c:3b:65:f4:
- fc:0a:c2:83:cd:f9:d8:19:82:6c:42:01:65:ad:a8:80:6a:20:
- a2:00:d4:e2:bd:61:8c:b1:1d:1f:39:5a:40:3d:9a:5b:47:1c:
- 20:a0:b9:1a:d0:b1:8d:9f:50:d1:04:b8:bd:a4:9c:75:86:e8:
- 1a:c6:da:d8:08:ee:ae:da:0d:12:cb:9e:42:f2:16:5c:c0:bc:
- 0f:f5:e4:1f:59:13:ff:21:4f:3a:66:0f:5d:e0:5c:32:1e:5c:
- f7:23:4c:ef:6e:5f:e7:97:f1:91:88:36:89:1d:71:19:83:96:
- 9d:92:36:2b:c3:e5:2d:9f:e2:82:e6:53:7c:4a:40:62:67:20:
- 58:c5:d2:f3:b8:21:10:65:a9:6f:cb:2f:20:6f:96:b4:19:ce:
- 94:af:9c:8f:39:0d:18:41:14:0c:87:1d:c0:83:6a:ee:d4:f7:
- 5b:cf:03:a9:9e:65:26:91:2a:c1:f5:dd:03:f3:81:5a:5e:a5:
- b8:79:2a:9c:16:81:de:d8:19:41:7c:9e:eb:3b:0c:6e:90:be:
- a0:35:18:ee:4e:05:ae:10:96:38:23:12:8b:68:02:a4:e0:40:
- 48:4b:e0:d0:2f:28:5c:3b:85:4c:39:fa:3b:d5:25:4e:7f:12:
- 71:c0:56:12
+ 3b:38:b5:57:a7:f6:d6:b1:19:55:b8:da:47:74:cf:9a:6b:6e:
+ ff:0a:5d:06:17:33:db:db:38:e5:d1:9c:dd:c7:3e:c2:2e:87:
+ 20:52:48:d0:ad:0c:12:3e:f7:66:41:64:d2:ca:b3:4c:a1:0a:
+ 6c:4b:4b:33:94:74:83:2e:2d:44:5a:13:ae:da:9a:18:87:64:
+ 30:cf:69:70:e8:38:47:de:55:27:06:86:9b:24:d5:b0:8f:17:
+ 3b:95:87:7e:4a:45:45:2e:6d:70:27:90:32:62:a8:36:3e:47:
+ 47:0f:0e:1b:93:cf:3d:3e:9b:2c:9a:ff:0c:ee:a7:1b:40:c4:
+ dc:f2:66:74:eb:d9:11:9d:60:b8:24:b4:89:c1:e4:61:20:3d:
+ 38:af:45:ad:e8:ee:69:c3:96:8a:a5:c1:cd:dd:14:87:97:dc:
+ f8:32:84:a8:3b:0a:eb:61:0e:7c:4c:65:69:3d:02:92:db:c4:
+ bf:21:6f:89:fe:cc:76:df:c5:84:fb:c4:ea:1a:60:da:d0:c8:
+ 27:7c:65:1b:cb:23:20:5a:e2:23:90:bd:f5:5c:0a:85:51:37:
+ 84:47:a7:80:f4:e0:a0:72:8d:7a:b8:71:03:44:59:c6:cf:2c:
+ ae:df:91:a9:74:72:eb:a7:31:b2:81:65:19:e6:df:c3:4b:b7:
+ fc:9c:2c:f0
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAAfNivPmN3ao6DsqDyD5PDtl9PwKwoPN+dgZgmxCAWWtqIBqIKIA1OK9YYyx
-HR85WkA9mltHHCCguRrQsY2fUNEEuL2knHWG6BrG2tgI7q7aDRLLnkLyFlzAvA/1
-5B9ZE/8hTzpmD13gXDIeXPcjTO9uX+eX8ZGINokdcRmDlp2SNivD5S2f4oLmU3xK
-QGJnIFjF0vO4IRBlqW/LLyBvlrQZzpSvnI85DRhBFAyHHcCDau7U91vPA6meZSaR
-KsH13QPzgVpepbh5KpwWgd7YGUF8nus7DG6QvqA1GO5OBa4QljgjEotoAqTgQEhL
-4NAvKFw7hUw5+jvVJU5/EnHAVhI=
+ggEBADs4tVen9taxGVW42kd0z5prbv8KXQYXM9vbOOXRnN3HPsIuhyBSSNCtDBI+
+92ZBZNLKs0yhCmxLSzOUdIMuLURaE67amhiHZDDPaXDoOEfeVScGhpsk1bCPFzuV
+h35KRUUubXAnkDJiqDY+R0cPDhuTzz0+myya/wzupxtAxNzyZnTr2RGdYLgktInB
+5GEgPTivRa3o7mnDloqlwc3dFIeX3PgyhKg7CuthDnxMZWk9ApLbxL8hb4n+zHbf
+xYT7xOoaYNrQyCd8ZRvLIyBa4iOQvfVcCoVRN4RHp4D04KByjXq4cQNEWcbPLK7f
+kal0cuunMbKBZRnm38NLt/ycLPA=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -191,8 +191,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem
index fc2e36a4..d11d065a 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www4.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22222
Signature Algorithm: sha256WithRSAEncryption
- 9c:41:a8:e6:45:2a:be:8c:8a:57:16:8f:b8:5a:b8:b9:e8:13:
- 6e:72:68:50:de:c3:7b:8f:39:37:be:01:ed:17:fb:6b:eb:44:
- 9d:e0:c0:81:37:93:18:88:12:7a:08:b0:7e:69:e9:2d:35:6b:
- 67:6d:22:ff:5c:f0:1f:2e:cd:96:99:ba:c5:42:0d:b1:22:3c:
- 86:ed:88:dc:2e:a4:71:81:22:4d:b8:c5:0c:cb:d6:31:86:34:
- cb:5d:f3:7e:f2:fb:49:ed:6a:c6:0b:73:39:de:93:cd:15:41:
- 80:b9:c2:94:8b:71:57:09:dd:1e:84:30:e5:a1:77:79:18:26:
- b6:06:d7:75:5b:ef:2e:cb:be:be:a3:8e:69:69:12:60:fa:46:
- 35:cb:2a:c3:31:65:64:af:da:a9:a1:e9:31:78:39:fa:01:f2:
- 41:c5:5f:3d:db:19:14:6f:10:38:fb:c5:fe:e5:c6:6d:38:c3:
- bd:f3:73:38:42:93:46:e4:3e:76:f1:eb:98:32:d2:dd:0a:2a:
- a0:2a:7b:67:e8:cd:ea:52:f7:eb:7c:51:65:e8:25:28:3f:71:
- c0:2b:fd:7f:b3:ad:e2:a9:3a:f8:0f:72:08:0f:2a:ab:e7:61:
- 2a:b0:45:5c:a0:40:dd:db:1b:13:c3:c2:63:a3:14:42:bb:00:
- c7:1e:6c:0d
+ 78:ac:f7:40:1e:05:a5:e6:46:e0:d9:f7:e6:1b:c8:d2:76:7a:
+ e3:e6:b9:5d:0a:73:47:78:4b:e0:58:e1:d7:86:8d:b0:cc:e1:
+ 17:f5:88:c1:84:5a:0f:de:ab:d1:b6:ed:ce:c3:d2:e3:cd:ef:
+ 50:6c:90:67:fd:c6:5c:1e:25:28:d6:1f:4e:75:67:b2:9b:16:
+ e7:74:f5:a2:a5:f6:a8:8f:da:de:20:51:c8:60:35:48:f9:0d:
+ 5f:b1:45:62:a7:2d:ff:12:f9:29:6c:66:1b:80:33:30:6c:f0:
+ be:f7:22:47:a5:f9:75:e5:fb:1b:0c:fe:f5:09:31:a9:d8:7c:
+ 0a:90:7e:92:48:b7:0d:11:a3:eb:39:d1:a8:fe:bd:8b:a6:81:
+ 1e:38:7b:73:c7:cd:2e:c6:52:1b:68:60:2f:7d:ca:5e:32:4a:
+ ec:89:8a:50:fd:bc:81:d3:ea:8e:47:3b:8b:77:e7:d8:69:27:
+ 86:25:da:24:0f:26:cc:a2:16:04:53:29:4a:55:26:3b:f5:13:
+ f2:5d:01:08:5f:9e:b9:81:48:28:3c:e7:36:6f:f9:76:07:16:
+ b9:79:b7:31:75:35:7e:c3:f0:0b:e2:0f:58:1a:3d:64:70:13:
+ 2e:e1:3c:0b:70:08:69:15:bf:58:5c:ca:f3:fa:65:72:77:f7:
+ 05:61:d4:d7
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
NC53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
-AQCcQajmRSq+jIpXFo+4Wri56BNucmhQ3sN7jzk3vgHtF/tr60Sd4MCBN5MYiBJ6
-CLB+aektNWtnbSL/XPAfLs2WmbrFQg2xIjyG7YjcLqRxgSJNuMUMy9YxhjTLXfN+
-8vtJ7WrGC3M53pPNFUGAucKUi3FXCd0ehDDloXd5GCa2Btd1W+8uy76+o45paRJg
-+kY1yyrDMWVkr9qpoekxeDn6AfJBxV892xkUbxA4+8X+5cZtOMO983M4QpNG5D52
-8euYMtLdCiqgKntn6M3qUvfrfFFl6CUoP3HAK/1/s63iqTr4D3IIDyqr52EqsEVc
-oEDd2xsTw8JjoxRCuwDHHmwN
+AQB4rPdAHgWl5kbg2ffmG8jSdnrj5rldCnNHeEvgWOHXho2wzOEX9YjBhFoP3qvR
+tu3Ow9Ljze9QbJBn/cZcHiUo1h9OdWeymxbndPWipfaoj9reIFHIYDVI+Q1fsUVi
+py3/EvkpbGYbgDMwbPC+9yJHpfl15fsbDP71CTGp2HwKkH6SSLcNEaPrOdGo/r2L
+poEeOHtzx80uxlIbaGAvfcpeMkrsiYpQ/byB0+qORzuLd+fYaSeGJdokDybMohYE
+UylKVSY79RPyXQEIX565gUgoPOc2b/l2Bxa5ebcxdTV+w/AL4g9YGj1kcBMu4TwL
+cAhpFb9YXMrz+mVyd/cFYdTX
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 07:cd:8a:f3:e6:37:76:a8:e8:3b:2a:0f:20:f9:3c:3b:65:f4:
- fc:0a:c2:83:cd:f9:d8:19:82:6c:42:01:65:ad:a8:80:6a:20:
- a2:00:d4:e2:bd:61:8c:b1:1d:1f:39:5a:40:3d:9a:5b:47:1c:
- 20:a0:b9:1a:d0:b1:8d:9f:50:d1:04:b8:bd:a4:9c:75:86:e8:
- 1a:c6:da:d8:08:ee:ae:da:0d:12:cb:9e:42:f2:16:5c:c0:bc:
- 0f:f5:e4:1f:59:13:ff:21:4f:3a:66:0f:5d:e0:5c:32:1e:5c:
- f7:23:4c:ef:6e:5f:e7:97:f1:91:88:36:89:1d:71:19:83:96:
- 9d:92:36:2b:c3:e5:2d:9f:e2:82:e6:53:7c:4a:40:62:67:20:
- 58:c5:d2:f3:b8:21:10:65:a9:6f:cb:2f:20:6f:96:b4:19:ce:
- 94:af:9c:8f:39:0d:18:41:14:0c:87:1d:c0:83:6a:ee:d4:f7:
- 5b:cf:03:a9:9e:65:26:91:2a:c1:f5:dd:03:f3:81:5a:5e:a5:
- b8:79:2a:9c:16:81:de:d8:19:41:7c:9e:eb:3b:0c:6e:90:be:
- a0:35:18:ee:4e:05:ae:10:96:38:23:12:8b:68:02:a4:e0:40:
- 48:4b:e0:d0:2f:28:5c:3b:85:4c:39:fa:3b:d5:25:4e:7f:12:
- 71:c0:56:12
+ 3b:38:b5:57:a7:f6:d6:b1:19:55:b8:da:47:74:cf:9a:6b:6e:
+ ff:0a:5d:06:17:33:db:db:38:e5:d1:9c:dd:c7:3e:c2:2e:87:
+ 20:52:48:d0:ad:0c:12:3e:f7:66:41:64:d2:ca:b3:4c:a1:0a:
+ 6c:4b:4b:33:94:74:83:2e:2d:44:5a:13:ae:da:9a:18:87:64:
+ 30:cf:69:70:e8:38:47:de:55:27:06:86:9b:24:d5:b0:8f:17:
+ 3b:95:87:7e:4a:45:45:2e:6d:70:27:90:32:62:a8:36:3e:47:
+ 47:0f:0e:1b:93:cf:3d:3e:9b:2c:9a:ff:0c:ee:a7:1b:40:c4:
+ dc:f2:66:74:eb:d9:11:9d:60:b8:24:b4:89:c1:e4:61:20:3d:
+ 38:af:45:ad:e8:ee:69:c3:96:8a:a5:c1:cd:dd:14:87:97:dc:
+ f8:32:84:a8:3b:0a:eb:61:0e:7c:4c:65:69:3d:02:92:db:c4:
+ bf:21:6f:89:fe:cc:76:df:c5:84:fb:c4:ea:1a:60:da:d0:c8:
+ 27:7c:65:1b:cb:23:20:5a:e2:23:90:bd:f5:5c:0a:85:51:37:
+ 84:47:a7:80:f4:e0:a0:72:8d:7a:b8:71:03:44:59:c6:cf:2c:
+ ae:df:91:a9:74:72:eb:a7:31:b2:81:65:19:e6:df:c3:4b:b7:
+ fc:9c:2c:f0
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAAfNivPmN3ao6DsqDyD5PDtl9PwKwoPN+dgZgmxCAWWtqIBqIKIA1OK9YYyx
-HR85WkA9mltHHCCguRrQsY2fUNEEuL2knHWG6BrG2tgI7q7aDRLLnkLyFlzAvA/1
-5B9ZE/8hTzpmD13gXDIeXPcjTO9uX+eX8ZGINokdcRmDlp2SNivD5S2f4oLmU3xK
-QGJnIFjF0vO4IRBlqW/LLyBvlrQZzpSvnI85DRhBFAyHHcCDau7U91vPA6meZSaR
-KsH13QPzgVpepbh5KpwWgd7YGUF8nus7DG6QvqA1GO5OBa4QljgjEotoAqTgQEhL
-4NAvKFw7hUw5+jvVJU5/EnHAVhI=
+ggEBADs4tVen9taxGVW42kd0z5prbv8KXQYXM9vbOOXRnN3HPsIuhyBSSNCtDBI+
+92ZBZNLKs0yhCmxLSzOUdIMuLURaE67amhiHZDDPaXDoOEfeVScGhpsk1bCPFzuV
+h35KRUUubXAnkDJiqDY+R0cPDhuTzz0+myya/wzupxtAxNzyZnTr2RGdYLgktInB
+5GEgPTivRa3o7mnDloqlwc3dFIeX3PgyhKg7CuthDnxMZWk9ApLbxL8hb4n+zHbf
+xYT7xOoaYNrQyCd8ZRvLIyBa4iOQvfVcCoVRN4RHp4D04KByjXq4cQNEWcbPLK7f
+kal0cuunMbKBZRnm38NLt/ycLPA=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -191,8 +191,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem
index 0d2bfa2f..0f42ba25 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www5.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22223
Signature Algorithm: sha256WithRSAEncryption
- 0f:48:1f:2c:44:58:6e:56:07:19:c2:7e:5e:80:60:c6:b8:df:
- fb:71:6e:ae:e9:a4:1d:2a:4c:6a:ef:41:78:20:df:15:3b:82:
- 7c:5c:c3:00:51:f5:27:41:58:50:dc:bb:a8:71:0a:d6:3e:d8:
- 9b:27:03:70:39:01:08:7a:06:59:e2:51:1d:b4:74:c4:e3:ae:
- 1b:0e:1f:9c:d2:95:df:79:51:4c:a5:d2:48:8d:9a:ed:1e:21:
- fd:59:e4:45:b4:bd:ac:d7:1a:1a:e7:9f:c6:ac:17:4f:2c:0d:
- e6:39:fd:c3:68:37:c7:c8:42:ca:da:83:42:73:76:ae:64:20:
- f7:99:46:7c:d8:a4:1c:f6:27:3b:06:e2:25:7b:e7:98:83:8c:
- d0:8a:0c:69:ce:7a:c7:19:a7:5b:25:52:bd:4e:d6:2d:2e:1b:
- 02:29:17:c9:d9:5a:d2:f8:4c:ff:98:1a:50:d5:08:78:45:af:
- ad:6b:a6:92:b5:fc:d4:5f:34:48:b7:9d:6a:f9:22:bd:b0:23:
- 99:6b:f1:63:00:ac:68:59:63:88:01:ba:1b:00:81:1c:cd:3a:
- b2:77:95:e6:65:d4:06:a8:95:22:a4:81:9b:8c:0f:44:94:73:
- 1c:ee:2a:89:38:f1:c9:bd:9f:24:b4:f8:b8:71:cc:1a:f4:d0:
- d6:f4:d5:2a
+ 84:bf:97:d9:fd:33:9a:1b:36:a4:48:58:45:f6:97:3b:58:4d:
+ 40:ba:46:d0:7a:e3:53:40:d3:45:7f:1e:87:fd:66:bb:c0:43:
+ 93:34:76:0b:68:31:e5:fb:89:15:d5:b3:59:c5:a3:f5:e7:79:
+ 65:b3:1d:38:d2:cd:af:4d:7d:ea:9e:3e:ce:7e:51:90:83:b6:
+ 19:2e:30:d5:0e:94:03:d2:5c:a0:d9:25:3f:8d:c2:97:67:ea:
+ 4a:a6:f0:32:b3:e7:b6:bf:dc:a6:7a:5c:23:b8:46:05:52:80:
+ b1:9e:1e:53:05:a7:93:ce:2a:43:ae:f5:58:61:2d:d8:2d:77:
+ c9:50:7e:4a:47:36:04:0b:4c:23:b3:c8:f5:99:97:5c:5d:f1:
+ d9:f2:9a:5e:78:72:02:61:4f:eb:55:53:f1:bd:1c:45:75:fd:
+ 7c:2e:db:41:ef:54:47:9b:9a:b9:60:fd:77:f9:9b:36:76:93:
+ ee:73:12:49:3e:bb:62:8a:3f:02:58:ba:73:16:e7:53:81:c2:
+ 5c:f3:21:32:fe:60:42:dc:d5:8a:6a:9f:60:cc:1c:76:5a:e4:
+ 9c:30:da:9e:32:d0:ca:d6:a5:d6:3e:28:9d:09:68:dc:6e:d9:
+ fd:54:92:5e:0d:20:4c:96:ff:f2:01:b5:72:22:cb:f1:fc:ed:
+ c7:cf:b1:54
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NM
IFJFVk9LRUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UE
AwwQd3d3NS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
@@ -84,12 +84,12 @@ A1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5l
ZXJpbmcxGDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQ
aW5mb0B3b2xmc3NsLmNvbYIBAzALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAk
MCIGCCsGAQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIzMA0GCSqGSIb3DQEB
-CwUAA4IBAQAPSB8sRFhuVgcZwn5egGDGuN/7cW6u6aQdKkxq70F4IN8VO4J8XMMA
-UfUnQVhQ3LuocQrWPtibJwNwOQEIegZZ4lEdtHTE464bDh+c0pXfeVFMpdJIjZrt
-HiH9WeRFtL2s1xoa55/GrBdPLA3mOf3DaDfHyELK2oNCc3auZCD3mUZ82KQc9ic7
-BuIle+eYg4zQigxpznrHGadbJVK9TtYtLhsCKRfJ2VrS+Ez/mBpQ1Qh4Ra+ta6aS
-tfzUXzRIt51q+SK9sCOZa/FjAKxoWWOIAbobAIEczTqyd5XmZdQGqJUipIGbjA9E
-lHMc7iqJOPHJvZ8ktPi4ccwa9NDW9NUq
+CwUAA4IBAQCEv5fZ/TOaGzakSFhF9pc7WE1AukbQeuNTQNNFfx6H/Wa7wEOTNHYL
+aDHl+4kV1bNZxaP153llsx040s2vTX3qnj7OflGQg7YZLjDVDpQD0lyg2SU/jcKX
+Z+pKpvAys+e2v9ymelwjuEYFUoCxnh5TBaeTzipDrvVYYS3YLXfJUH5KRzYEC0wj
+s8j1mZdcXfHZ8ppeeHICYU/rVVPxvRxFdf18LttB71RHm5q5YP13+Zs2dpPucxJJ
+Prtiij8CWLpzFudTgcJc8yEy/mBC3NWKap9gzBx2WuScMNqeMtDK1qXWPiidCWjc
+btn9VJJeDSBMlv/yAbVyIsvx/O3Hz7FU
-----END CERTIFICATE-----
Certificate:
Data:
@@ -98,8 +98,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- a4:9b:e4:ec:56:45:77:92:36:91:66:cc:25:11:1a:1d:48:d5:
- f8:4a:32:04:6f:ea:76:c7:0c:27:8a:8c:f1:ef:08:d4:47:60:
- 66:5e:3f:61:76:fc:a2:84:c1:42:01:89:b6:17:d9:eb:14:e6:
- 61:7e:8e:18:2e:64:be:14:ef:2d:ce:63:10:d6:b3:00:ec:f3:
- fc:4f:a0:1b:6f:e7:75:18:fe:ca:ef:47:12:dc:c8:ae:f9:05:
- 2b:84:14:d5:ad:df:58:84:81:33:51:90:5d:29:b8:ff:48:6b:
- f5:bb:e9:c7:be:6f:e1:6a:ca:71:47:1f:97:7f:1d:00:56:9a:
- 59:f6:78:4e:95:6c:e8:51:73:8e:9d:f3:62:00:f7:65:bd:09:
- d7:e4:ae:7e:04:ee:1e:eb:f3:83:3f:2a:44:f4:98:f8:ef:31:
- ed:06:77:60:e3:f2:6b:b6:dd:3e:ed:45:aa:07:a9:7f:99:f5:
- 2d:9b:ce:10:16:3a:cd:96:fb:40:1b:18:f4:eb:6f:f0:dc:ee:
- e8:aa:30:13:3c:d6:1e:46:7d:55:1f:0b:86:5c:13:f9:2f:83:
- b8:65:55:8d:3e:56:8b:d9:b7:e1:1b:2d:ab:f2:e7:3a:c4:6f:
- 2a:c9:f0:f9:96:82:93:ac:a7:06:1c:0e:bb:2a:ff:6a:be:eb:
- 91:b0:8c:dc
+ 2f:e1:b0:99:a9:71:0e:41:f8:b1:9d:38:c8:f4:3d:7c:79:ce:
+ d2:94:01:2a:b6:71:1b:4c:64:19:27:02:71:b4:43:64:42:f9:
+ 2b:71:39:6e:64:4e:e8:32:b1:1e:1b:fd:7d:22:cb:8a:9c:34:
+ ce:ef:bb:dd:f2:4f:83:58:33:34:01:cb:b4:35:e2:ba:c6:cc:
+ aa:2f:ed:2e:e9:04:ec:cd:7f:06:50:b3:4e:37:cd:fe:96:69:
+ da:a3:fe:63:78:83:c5:86:7e:03:b2:11:e5:94:f8:56:e9:d1:
+ dd:5d:b4:05:4d:26:0e:09:c2:50:32:ce:6d:da:6b:b7:ee:e1:
+ 1b:a9:b0:0f:59:d6:03:16:ee:47:16:2f:1f:58:f9:f8:48:d9:
+ 59:ed:61:a1:af:7e:92:38:2e:40:0c:9b:e7:21:90:3b:10:6f:
+ 61:ad:e0:95:57:e2:d5:39:dc:83:54:88:99:4a:5e:21:94:ce:
+ f9:0f:5e:e9:22:10:55:bb:97:f4:51:3f:50:83:ed:63:fb:ab:
+ d2:02:b3:aa:26:f7:fc:72:1c:84:e9:a0:a3:fa:b2:22:90:c8:
+ ac:61:84:2a:bd:3f:75:1f:1b:bf:83:a8:90:ce:4c:de:ee:eb:
+ 65:b4:ff:f0:7a:b2:11:7a:78:60:c4:6e:da:e3:c8:a3:57:5b:
+ 8f:58:e4:49
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -177,12 +177,12 @@ DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcN
-AQELBQADggEBAKSb5OxWRXeSNpFmzCURGh1I1fhKMgRv6nbHDCeKjPHvCNRHYGZe
-P2F2/KKEwUIBibYX2esU5mF+jhguZL4U7y3OYxDWswDs8/xPoBtv53UY/srvRxLc
-yK75BSuEFNWt31iEgTNRkF0puP9Ia/W76ce+b+FqynFHH5d/HQBWmln2eE6VbOhR
-c46d82IA92W9Cdfkrn4E7h7r84M/KkT0mPjvMe0Gd2Dj8mu23T7tRaoHqX+Z9S2b
-zhAWOs2W+0AbGPTrb/Dc7uiqMBM81h5GfVUfC4ZcE/kvg7hlVY0+VovZt+EbLavy
-5zrEbyrJ8PmWgpOspwYcDrsq/2q+65GwjNw=
+AQELBQADggEBAC/hsJmpcQ5B+LGdOMj0PXx5ztKUASq2cRtMZBknAnG0Q2RC+Stx
+OW5kTugysR4b/X0iy4qcNM7vu93yT4NYMzQBy7Q14rrGzKov7S7pBOzNfwZQs043
+zf6Wadqj/mN4g8WGfgOyEeWU+Fbp0d1dtAVNJg4JwlAyzm3aa7fu4RupsA9Z1gMW
+7kcWLx9Y+fhI2VntYaGvfpI4LkAMm+chkDsQb2Gt4JVX4tU53INUiJlKXiGUzvkP
+XukiEFW7l/RRP1CD7WP7q9ICs6om9/xyHITpoKP6siKQyKxhhCq9P3UfG7+DqJDO
+TN7u62W0//B6shF6eGDEbtrjyKNXW49Y5Ek=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -191,8 +191,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
OCSP - URI:http://127.0.0.1:22220
Signature Algorithm: sha256WithRSAEncryption
- 61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
- 05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
- 87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
- ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
- 95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
- 0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
- 81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
- d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
- 84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
- f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
- 81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
- 90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
- 85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
- e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
- 25:f7:16:61
+ 63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+ 8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+ 0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+ bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+ 9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+ f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+ 14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+ 9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+ 68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+ e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+ 1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+ 94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+ 05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+ 60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+ e0:5e:3e:c3
-----BEGIN CERTIFICATE-----
MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der b/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der
index f9642d3c..2456e055 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der b/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der
index e3a93287..0214d02a 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der b/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der
index 32d419d8..6c77e21c 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-response.der b/extra/wolfssl/wolfssl/certs/ocsp/test-response.der
index f0d5fc8f..6fffc3e7 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-response.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-response.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/p521/ca-p521.der b/extra/wolfssl/wolfssl/certs/p521/ca-p521.der
index cf56b0c4..20d9279c 100644
--- a/extra/wolfssl/wolfssl/certs/p521/ca-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/ca-p521.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem b/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem
index f9cbcad4..992cdbfd 100644
--- a/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -34,20 +34,20 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
- 30:81:88:02:42:01:ac:ed:31:5e:dc:f2:66:a1:d4:26:4a:82:
- 31:b2:24:46:93:db:4c:62:bc:77:30:97:96:ef:a2:2d:21:45:
- 0a:18:0c:bc:a6:1c:6c:68:69:63:a0:60:66:18:63:e9:ee:4c:
- cc:6c:8f:c8:45:b9:32:d2:3c:9b:6e:f7:6b:8c:bd:08:5f:02:
- 42:01:53:85:38:dc:06:3a:75:be:c7:9c:7d:02:77:e5:8b:ba:
- a6:f8:9f:e1:80:79:cb:e1:4a:44:e3:f8:8b:00:46:2c:66:b0:
- 95:1c:d7:2f:59:70:6a:c9:47:d6:c9:74:16:1f:8a:90:ad:f8:
- bd:5f:df:97:ad:c9:f8:0b:bc:3c:ca:c7:cc
+ 30:81:88:02:42:01:7a:a6:21:f5:b6:c2:fa:e1:44:c6:03:f5:
+ 54:2d:35:ef:d9:55:f6:61:45:90:48:8c:c2:3e:81:76:30:06:
+ 05:c2:db:32:19:b5:df:37:44:a6:3f:33:fa:3a:c7:91:ae:0f:
+ fb:10:8b:b8:4d:41:b3:ed:c2:d2:5c:37:28:eb:d7:b7:6c:02:
+ 42:01:47:23:40:e8:e2:ca:61:74:29:e0:a6:71:5b:0a:c9:45:
+ 17:04:7d:5d:11:02:d7:f0:af:60:e0:4c:0a:97:96:09:2e:e0:
+ 25:f8:50:d8:9c:f9:bd:17:3d:d3:50:cc:49:06:81:7e:af:fa:
+ 85:b8:1f:80:c4:64:08:56:53:39:8d:2f:40
-----BEGIN CERTIFICATE-----
MIIDITCCAoKgAwIBAgIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
U0xfUDUyMTESMBAGA1UECwwJUm9vdC1QNTIxMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xfcDUy
MTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w
HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwH
@@ -57,7 +57,7 @@ x7L8AYaR7UNdOOAMJY2z27Hc3rchgM+H3mT0IT4tr3m99tAAS4F5+vcQqhnNQNce
dTRTKQPtSFQh5Y+VtZtBjV/dctJao2MwYTAdBgNVHQ4EFgQUQIkdMF4MbtU9xtUl
kNq2Qmft6YIwHwYDVR0jBBgwFoAUZKdolVMzGKIgkrxkVaarynZom8gwDwYDVR0T
AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDgYwAMIGIAkIB
-rO0xXtzyZqHUJkqCMbIkRpPbTGK8dzCXlu+iLSFFChgMvKYcbGhpY6BgZhhj6e5M
-zGyPyEW5MtI8m273a4y9CF8CQgFThTjcBjp1vsecfQJ35Yu6pvif4YB5y+FKROP4
-iwBGLGawlRzXL1lwaslH1sl0Fh+KkK34vV/fl63J+Au8PMrHzA==
+eqYh9bbC+uFExgP1VC0179lV9mFFkEiMwj6BdjAGBcLbMhm13zdEpj8z+jrHka4P
++xCLuE1Bs+3C0lw3KOvXt2wCQgFHI0Do4sphdCngpnFbCslFFwR9XREC1/CvYOBM
+CpeWCS7gJfhQ2Jz5vRc901DMSQaBfq/6hbgfgMRkCFZTOY0vQA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/client-p521.der b/extra/wolfssl/wolfssl/certs/p521/client-p521.der
index 68ff3b3f..2a7afad0 100644
--- a/extra/wolfssl/wolfssl/certs/p521/client-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/client-p521.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/p521/client-p521.pem b/extra/wolfssl/wolfssl/certs/p521/client-p521.pem
index 41560eb6..43abb654 100644
--- a/extra/wolfssl/wolfssl/certs/p521/client-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/client-p521.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 1b:e7:ad:f2:5f:af:5f:50:fd:42:84:2e:ea:1b:dc:6f:c5:1a:8b:4c
+ 55:89:bc:f6:2c:af:36:2b:2f:5f:8c:ec:da:ed:37:60:89:d1:7f:81
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Client-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Client-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -30,7 +30,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:20:E1:BF:57:E5:F3:C3:0C:72:84:6A:C6:DF:BC:22:D0:B7:25:E5:A4
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_p521/OU=Client-p521/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
- serial:1B:E7:AD:F2:5F:AF:5F:50:FD:42:84:2E:EA:1B:DC:6F:C5:1A:8B:4C
+ serial:55:89:BC:F6:2C:AF:36:2B:2F:5F:8C:EC:DA:ED:37:60:89:D1:7F:81
X509v3 Basic Constraints:
CA:TRUE
@@ -39,21 +39,21 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:81:88:02:42:01:cc:61:be:73:0b:51:f7:60:c9:52:97:d8:
- 69:4f:ce:33:17:36:0e:04:a6:aa:28:c5:2d:78:95:6a:85:7e:
- 40:c7:04:ab:62:70:1c:3d:8c:94:99:57:ce:27:6b:39:8d:47:
- ef:d2:cc:b7:57:1c:f4:0a:d0:ea:30:5f:2b:37:9c:c1:80:02:
- 42:01:02:71:1e:00:5e:8f:d1:b0:e4:fd:7b:eb:be:13:8d:84:
- 6e:6c:7b:23:60:d5:33:3a:38:2d:5d:82:1c:b1:cd:ba:be:e2:
- 2c:32:67:95:e9:c6:c3:07:a0:7c:ba:14:f3:1e:b5:aa:63:1e:
- 69:5e:a0:21:b7:8f:7b:af:38:6a:4e:ae:25
+ 30:81:88:02:42:01:3f:4e:19:e3:8b:f6:83:21:55:cb:49:cf:
+ bf:35:16:9c:cd:fb:5d:d8:d3:34:a2:35:ff:67:40:b6:3e:3d:
+ 6e:2f:1d:01:78:7a:87:b1:ae:ad:cb:b3:8a:9a:4a:5b:a4:e2:
+ c9:6e:42:10:39:20:64:98:64:9b:2f:da:15:94:c8:51:ea:02:
+ 42:00:bf:77:aa:d8:22:6b:b8:a0:9b:bf:5e:89:5d:f0:54:8e:
+ 3c:08:a7:cb:28:11:c5:e1:45:17:d1:bf:d5:dc:bb:65:37:f1:
+ 90:12:6c:62:d5:b5:b2:8f:73:e8:1b:ac:a8:80:03:a7:22:5d:
+ dc:1b:7d:c2:62:c4:f7:e4:ec:73:65:21:9f
-----BEGIN CERTIFICATE-----
-MIIEVTCCA7agAwIBAgIUG+et8l+vX1D9QoQu6hvcb8Uai0wwCgYIKoZIzj0EAwIw
+MIIEVTCCA7agAwIBAgIUVYm89iyvNisvX4zs2u03YInRf4EwCgYIKoZIzj0EAwIw
gbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjExFDASBgNVBAsMC0NsaWVudC1wNTIx
MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIx
-MTc1MFoXDTI1MDkxMTIxMTc1MFowgbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
+d29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIy
+MTkyOVoXDTI2MDkwODIyMTkyOVowgbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjEx
FDASBgNVBAsMC0NsaWVudC1wNTIxMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEB
@@ -65,11 +65,11 @@ wwxyhGrG37wi0Lcl5aQwgfIGA1UdIwSB6jCB54AUIOG/V+XzwwxyhGrG37wi0Lcl
5aShgbikgbUwgbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD
VQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjExFDASBgNVBAsMC0Ns
aWVudC1wNTIxMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
-CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMghQb
-563yX69fUP1ChC7qG9xvxRqLTDAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4
+CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMghRV
+ibz2LK82Ky9fjOza7TdgidF/gTAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4
YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAK
-BggqhkjOPQQDAgOBjAAwgYgCQgHMYb5zC1H3YMlSl9hpT84zFzYOBKaqKMUteJVq
-hX5AxwSrYnAcPYyUmVfOJ2s5jUfv0sy3Vxz0CtDqMF8rN5zBgAJCAQJxHgBej9Gw
-5P17674TjYRubHsjYNUzOjgtXYIcsc26vuIsMmeV6cbDB6B8uhTzHrWqYx5pXqAh
-t497rzhqTq4l
+BggqhkjOPQQDAgOBjAAwgYgCQgE/Thnji/aDIVXLSc+/NRaczftd2NM0ojX/Z0C2
+Pj1uLx0BeHqHsa6ty7OKmkpbpOLJbkIQOSBkmGSbL9oVlMhR6gJCAL93qtgia7ig
+m79eiV3wVI48CKfLKBHF4UUX0b/V3LtlN/GQEmxi1bWyj3PoG6yogAOnIl3cG33C
+YsT35OxzZSGf
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/root-p521.der b/extra/wolfssl/wolfssl/certs/p521/root-p521.der
index f1f52b2a..a2c9eaef 100644
--- a/extra/wolfssl/wolfssl/certs/p521/root-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/root-p521.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/p521/root-p521.pem b/extra/wolfssl/wolfssl/certs/p521/root-p521.pem
index 6162afc9..94c67397 100644
--- a/extra/wolfssl/wolfssl/certs/p521/root-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/root-p521.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 5e:2d:39:08:4a:69:db:18:5b:e0:10:c7:3a:14:36:d2:7b:09:55:60
+ 5a:b0:33:c0:79:0a:75:aa:a7:98:c9:77:e2:a0:3b:25:21:9c:19:85
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -35,20 +35,20 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
- 30:81:86:02:41:23:19:29:57:83:27:13:0e:21:b2:35:d2:a9:
- 32:56:86:88:78:9f:54:a2:f2:17:b1:d1:44:ee:53:2a:90:b2:
- 5e:0e:00:c9:9f:7e:94:59:47:28:13:a0:3b:8d:8e:b2:b5:25:
- 61:37:d1:94:b8:3b:d1:6f:5f:91:e1:3b:69:f2:8d:04:02:41:
- 10:e8:8d:c1:25:2e:64:1d:93:50:eb:b1:77:f1:93:83:48:d6:
- 6b:b0:d2:ae:8f:4f:14:1e:f2:93:df:2b:4d:53:df:8f:a6:ea:
- 0a:48:67:08:c2:a4:29:f3:b4:7f:63:0b:2f:46:63:7b:6b:4f:
- e4:b6:f0:df:24:82:e4:a4:e3:78:80
+ 30:81:87:02:42:00:f8:22:58:d1:cc:73:6f:28:15:7f:86:18:
+ d9:af:ed:44:51:bb:0a:6b:43:99:9d:97:b3:6e:ae:ac:61:09:
+ f5:55:6a:3c:35:fd:b5:2f:7f:d5:e2:93:10:93:99:ae:d7:75:
+ 05:be:68:ca:13:b1:e5:d1:05:24:f9:5f:6a:f9:c2:7b:4a:02:
+ 41:60:8b:76:dd:e0:02:de:2e:e7:ff:3b:33:f8:ef:6d:ca:31:
+ 45:cb:cd:9e:73:f4:f1:26:eb:2a:6c:6c:ea:3f:81:f3:78:55:
+ 5e:25:74:27:cb:57:8c:60:be:39:80:f6:e3:43:d8:80:b5:f9:
+ c5:8d:6d:c2:a8:6e:3e:67:50:5a:97:8e
-----BEGIN CERTIFICATE-----
-MIIDGzCCAn6gAwIBAgIUXi05CEpp2xhb4BDHOhQ20nsJVWAwCgYIKoZIzj0EAwIw
+MIIDHDCCAn6gAwIBAgIUWrAzwHkKdaqnmMl34qA7JSGcGYUwCgYIKoZIzj0EAwIw
gZcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMRUwEwYDVQQKDAx3b2xmU1NMX1A1MjExEjAQBgNVBAsMCVJvb3QtUDUyMTEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgZcxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUw
EwYDVQQKDAx3b2xmU1NMX1A1MjExEjAQBgNVBAsMCVJvb3QtUDUyMTEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -57,8 +57,8 @@ UxW9X1Pvy3OpyBRsb33FfLS7jlbCQ0X7WBzGRT1/5U6AzETBBnp14WnJiqgBet8A
RElznC9QP4OgHovRqvsIDJAFDQwXMVE+1oU7CRKC0aYIzchPalrIjI5dv9rMW5Wh
6FopeCKyukmhhcZIinFTjYmjYzBhMB0GA1UdDgQWBBRkp2iVUzMYoiCSvGRVpqvK
dmibyDAfBgNVHSMEGDAWgBRkp2iVUzMYoiCSvGRVpqvKdmibyDAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBigAwgYYCQSMZKVeD
-JxMOIbI10qkyVoaIeJ9UovIXsdFE7lMqkLJeDgDJn36UWUcoE6A7jY6ytSVhN9GU
-uDvRb1+R4Ttp8o0EAkEQ6I3BJS5kHZNQ67F38ZODSNZrsNKuj08UHvKT3ytNU9+P
-puoKSGcIwqQp87R/YwsvRmN7a0/ktvDfJILkpON4gA==
+BTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBiwAwgYcCQgD4IljR
+zHNvKBV/hhjZr+1EUbsKa0OZnZezbq6sYQn1VWo8Nf21L3/V4pMQk5mu13UFvmjK
+E7Hl0QUk+V9q+cJ7SgJBYIt23eAC3i7n/zsz+O9tyjFFy82ec/TxJusqbGzqP4Hz
+eFVeJXQny1eMYL45gPbjQ9iAtfnFjW3CqG4+Z1Bal44=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem b/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem
index 18476c9c..5bc07c73 100644
--- a/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Server-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -38,20 +38,20 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ecdsa-with-SHA256
- 30:81:88:02:42:01:ab:16:c5:5c:76:07:6c:fd:5f:ca:01:bd:
- a4:22:7a:ab:be:9a:9c:3b:c7:6b:bb:5a:c1:60:9b:21:4d:c8:
- c6:1c:bd:22:e3:20:ff:69:16:2a:12:2d:62:ea:36:57:fa:30:
- 9b:d0:bf:fe:84:68:6b:6c:0c:e2:e7:bc:0d:dd:78:06:ab:02:
- 42:00:cc:ec:88:c4:e2:45:9e:97:df:a7:e9:9c:02:be:8e:7f:
- a7:70:11:40:7b:5b:b9:8c:04:94:82:5a:8a:41:9f:77:ac:90:
- dc:f6:0a:d8:79:b2:ca:5a:c7:26:23:f8:3e:01:e4:db:0a:17:
- 84:44:5d:34:69:1f:b6:88:55:a3:86:8a:0f
+ 30:81:87:02:41:51:c1:26:8c:3f:53:fe:7c:28:f5:3f:81:e6:
+ de:7b:ae:ad:f3:6e:be:c2:3a:88:91:f7:31:e8:24:5c:67:08:
+ 7d:34:f5:54:2e:0a:50:f4:f7:9d:d5:96:19:ec:49:2c:da:a8:
+ a0:2a:08:71:cd:b7:17:1a:e3:10:b2:bf:41:8d:aa:b2:02:42:
+ 01:00:b1:0d:96:19:a0:b1:76:d6:e1:a5:44:41:d4:c8:53:5a:
+ 57:4a:b9:4a:a4:6a:ef:cd:97:e9:e4:4d:7c:c8:ea:37:37:61:
+ 1a:ec:c7:1e:20:cd:2c:05:64:dd:54:e2:06:7b:74:af:05:0d:
+ 59:5c:e9:cd:e8:a8:61:92:cb:8c:d9:f0
-----BEGIN CERTIFICATE-----
-MIIDYzCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
+MIIDYjCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
U0xfcDUyMTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPy
-LGQBAQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGy
+LGQBAQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGy
MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1h
bjEVMBMGA1UECgwMd29sZlNTTF9wNTIxMRQwEgYDVQQLDAtTZXJ2ZXItcDUyMTEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -62,8 +62,8 @@ RpMf1WBjpi59jeo/4FvlyG4fp9mjWeWWJyL0AiuvW3gfE6gii+yuAX3AYROkNQoh
o4GJMIGGMB0GA1UdDgQWBBSFhp+uc1+Udyc7FRXGeQeoQkse8zAfBgNVHSMEGDAW
gBRAiR0wXgxu1T3G1SWQ2rZCZ+3pgjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
AwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAwCgYI
-KoZIzj0EAwIDgYwAMIGIAkIBqxbFXHYHbP1fygG9pCJ6q76anDvHa7tawWCbIU3I
-xhy9IuMg/2kWKhItYuo2V/owm9C//oRoa2wM4ue8Dd14BqsCQgDM7IjE4kWel9+n
-6ZwCvo5/p3ARQHtbuYwElIJaikGfd6yQ3PYK2HmyylrHJiP4PgHk2woXhERdNGkf
-tohVo4aKDw==
+KoZIzj0EAwIDgYsAMIGHAkFRwSaMP1P+fCj1P4Hm3nuurfNuvsI6iJH3MegkXGcI
+fTT1VC4KUPT3ndWWGexJLNqooCoIcc23FxrjELK/QY2qsgJCAQCxDZYZoLF21uGl
+REHUyFNaV0q5SqRq782X6eRNfMjqNzdhGuzHHiDNLAVk3VTiBnt0rwUNWVzpzeio
+YZLLjNnw
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/server-p521.der b/extra/wolfssl/wolfssl/certs/p521/server-p521.der
index ca7ff6fe..784af1bb 100644
--- a/extra/wolfssl/wolfssl/certs/p521/server-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/server-p521.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/p521/server-p521.pem b/extra/wolfssl/wolfssl/certs/p521/server-p521.pem
index b0a8d6ec..36f61e3e 100644
--- a/extra/wolfssl/wolfssl/certs/p521/server-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/server-p521.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Server-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -38,20 +38,20 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ecdsa-with-SHA256
- 30:81:88:02:42:01:ab:16:c5:5c:76:07:6c:fd:5f:ca:01:bd:
- a4:22:7a:ab:be:9a:9c:3b:c7:6b:bb:5a:c1:60:9b:21:4d:c8:
- c6:1c:bd:22:e3:20:ff:69:16:2a:12:2d:62:ea:36:57:fa:30:
- 9b:d0:bf:fe:84:68:6b:6c:0c:e2:e7:bc:0d:dd:78:06:ab:02:
- 42:00:cc:ec:88:c4:e2:45:9e:97:df:a7:e9:9c:02:be:8e:7f:
- a7:70:11:40:7b:5b:b9:8c:04:94:82:5a:8a:41:9f:77:ac:90:
- dc:f6:0a:d8:79:b2:ca:5a:c7:26:23:f8:3e:01:e4:db:0a:17:
- 84:44:5d:34:69:1f:b6:88:55:a3:86:8a:0f
+ 30:81:87:02:41:51:c1:26:8c:3f:53:fe:7c:28:f5:3f:81:e6:
+ de:7b:ae:ad:f3:6e:be:c2:3a:88:91:f7:31:e8:24:5c:67:08:
+ 7d:34:f5:54:2e:0a:50:f4:f7:9d:d5:96:19:ec:49:2c:da:a8:
+ a0:2a:08:71:cd:b7:17:1a:e3:10:b2:bf:41:8d:aa:b2:02:42:
+ 01:00:b1:0d:96:19:a0:b1:76:d6:e1:a5:44:41:d4:c8:53:5a:
+ 57:4a:b9:4a:a4:6a:ef:cd:97:e9:e4:4d:7c:c8:ea:37:37:61:
+ 1a:ec:c7:1e:20:cd:2c:05:64:dd:54:e2:06:7b:74:af:05:0d:
+ 59:5c:e9:cd:e8:a8:61:92:cb:8c:d9:f0
-----BEGIN CERTIFICATE-----
-MIIDYzCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
+MIIDYjCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
U0xfcDUyMTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPy
-LGQBAQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGy
+LGQBAQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGy
MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1h
bjEVMBMGA1UECgwMd29sZlNTTF9wNTIxMRQwEgYDVQQLDAtTZXJ2ZXItcDUyMTEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -62,10 +62,10 @@ RpMf1WBjpi59jeo/4FvlyG4fp9mjWeWWJyL0AiuvW3gfE6gii+yuAX3AYROkNQoh
o4GJMIGGMB0GA1UdDgQWBBSFhp+uc1+Udyc7FRXGeQeoQkse8zAfBgNVHSMEGDAW
gBRAiR0wXgxu1T3G1SWQ2rZCZ+3pgjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
AwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAwCgYI
-KoZIzj0EAwIDgYwAMIGIAkIBqxbFXHYHbP1fygG9pCJ6q76anDvHa7tawWCbIU3I
-xhy9IuMg/2kWKhItYuo2V/owm9C//oRoa2wM4ue8Dd14BqsCQgDM7IjE4kWel9+n
-6ZwCvo5/p3ARQHtbuYwElIJaikGfd6yQ3PYK2HmyylrHJiP4PgHk2woXhERdNGkf
-tohVo4aKDw==
+KoZIzj0EAwIDgYsAMIGHAkFRwSaMP1P+fCj1P4Hm3nuurfNuvsI6iJH3MegkXGcI
+fTT1VC4KUPT3ndWWGexJLNqooCoIcc23FxrjELK/QY2qsgJCAQCxDZYZoLF21uGl
+REHUyFNaV0q5SqRq782X6eRNfMjqNzdhGuzHHiDNLAVk3VTiBnt0rwUNWVzpzeio
+YZLLjNnw
-----END CERTIFICATE-----
Certificate:
Data:
@@ -74,8 +74,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -103,20 +103,20 @@ Certificate:
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
Signature Algorithm: ecdsa-with-SHA256
- 30:81:88:02:42:01:ac:ed:31:5e:dc:f2:66:a1:d4:26:4a:82:
- 31:b2:24:46:93:db:4c:62:bc:77:30:97:96:ef:a2:2d:21:45:
- 0a:18:0c:bc:a6:1c:6c:68:69:63:a0:60:66:18:63:e9:ee:4c:
- cc:6c:8f:c8:45:b9:32:d2:3c:9b:6e:f7:6b:8c:bd:08:5f:02:
- 42:01:53:85:38:dc:06:3a:75:be:c7:9c:7d:02:77:e5:8b:ba:
- a6:f8:9f:e1:80:79:cb:e1:4a:44:e3:f8:8b:00:46:2c:66:b0:
- 95:1c:d7:2f:59:70:6a:c9:47:d6:c9:74:16:1f:8a:90:ad:f8:
- bd:5f:df:97:ad:c9:f8:0b:bc:3c:ca:c7:cc
+ 30:81:88:02:42:01:7a:a6:21:f5:b6:c2:fa:e1:44:c6:03:f5:
+ 54:2d:35:ef:d9:55:f6:61:45:90:48:8c:c2:3e:81:76:30:06:
+ 05:c2:db:32:19:b5:df:37:44:a6:3f:33:fa:3a:c7:91:ae:0f:
+ fb:10:8b:b8:4d:41:b3:ed:c2:d2:5c:37:28:eb:d7:b7:6c:02:
+ 42:01:47:23:40:e8:e2:ca:61:74:29:e0:a6:71:5b:0a:c9:45:
+ 17:04:7d:5d:11:02:d7:f0:af:60:e0:4c:0a:97:96:09:2e:e0:
+ 25:f8:50:d8:9c:f9:bd:17:3d:d3:50:cc:49:06:81:7e:af:fa:
+ 85:b8:1f:80:c4:64:08:56:53:39:8d:2f:40
-----BEGIN CERTIFICATE-----
MIIDITCCAoKgAwIBAgIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
U0xfUDUyMTESMBAGA1UECwwJUm9vdC1QNTIxMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xfcDUy
MTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w
HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwH
@@ -126,7 +126,7 @@ x7L8AYaR7UNdOOAMJY2z27Hc3rchgM+H3mT0IT4tr3m99tAAS4F5+vcQqhnNQNce
dTRTKQPtSFQh5Y+VtZtBjV/dctJao2MwYTAdBgNVHQ4EFgQUQIkdMF4MbtU9xtUl
kNq2Qmft6YIwHwYDVR0jBBgwFoAUZKdolVMzGKIgkrxkVaarynZom8gwDwYDVR0T
AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDgYwAMIGIAkIB
-rO0xXtzyZqHUJkqCMbIkRpPbTGK8dzCXlu+iLSFFChgMvKYcbGhpY6BgZhhj6e5M
-zGyPyEW5MtI8m273a4y9CF8CQgFThTjcBjp1vsecfQJ35Yu6pvif4YB5y+FKROP4
-iwBGLGawlRzXL1lwaslH1sl0Fh+KkK34vV/fl63J+Au8PMrHzA==
+eqYh9bbC+uFExgP1VC0179lV9mFFkEiMwj6BdjAGBcLbMhm13zdEpj8z+jrHka4P
++xCLuE1Bs+3C0lw3KOvXt2wCQgFHI0Do4sphdCngpnFbCslFFwR9XREC1/CvYOBM
+CpeWCS7gJfhQ2Jz5vRc901DMSQaBfq/6hbgfgMRkCFZTOY0vQA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/renewcerts.sh b/extra/wolfssl/wolfssl/certs/renewcerts.sh
index ece320c7..a25385d5 100755
--- a/extra/wolfssl/wolfssl/certs/renewcerts.sh
+++ b/extra/wolfssl/wolfssl/certs/renewcerts.sh
@@ -516,7 +516,7 @@ run_renewcerts(){
echo "Updating server-ecc.pem"
echo ""
#pipe the following arguments to openssl req...
- echo -e "US\\nWashington\\nSeattle\\nEliptic\\nECC\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes -out server-ecc.csr
+ echo -e "US\\nWashington\\nSeattle\\nElliptic\\nECC\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes -out server-ecc.csr
check_result $? "Step 1"
openssl x509 -req -in server-ecc.csr -days 1000 -extfile wolfssl.cnf -extensions server_ecc -CA ca-ecc-cert.pem -CAkey ca-ecc-key.pem -set_serial 03 -out server-ecc.pem
@@ -688,6 +688,28 @@ run_renewcerts(){
echo "---------------------------------------------------------------------"
############################################################
+ ########## update Raw Public Key certificates ##############
+ ############################################################
+ echo "Updating certificates"
+ echo "Updating client-cert-rpk.der"
+ cp client-keyPub.der ./rpk/client-cert-rpk.der
+ check_result $? "Step 1"
+
+ echo "Updating client-ecc-cert-rpk.der"
+ cp ecc-client-keyPub.der ./rpk/ecc-client-cert-rpk.der
+ check_result $? "Step 2"
+
+ echo "Updating server-cert-rpk.der"
+ openssl rsa -inform pem -in server-key.pem -outform der -out ./rpk/server-cert-rpk.der -pubout
+ check_result $? "Step 3"
+
+ echo "Updating server-ecc-cert-rpk.der"
+ openssl ec -inform pem -in ecc-key.pem -outform der -out ./rpk/server-ecc-cert-rpk.der -pubout
+ check_result $? "Step 4"
+
+ echo "End of section"
+ echo "---------------------------------------------------------------------"
+ ############################################################
###### update the ecc-rsa-server.p12 file ##################
############################################################
echo "Updating ecc-rsa-server.p12 (password is \"\")"
diff --git a/extra/wolfssl/wolfssl/certs/rid-cert.der b/extra/wolfssl/wolfssl/certs/rid-cert.der
index cbc33c24..3ec3b8c0 100644
--- a/extra/wolfssl/wolfssl/certs/rid-cert.der
+++ b/extra/wolfssl/wolfssl/certs/rid-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.der
new file mode 100644
index 00000000..b27f0e9b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.der
new file mode 100644
index 00000000..5dace05a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rpk/include.am b/extra/wolfssl/wolfssl/certs/rpk/include.am
new file mode 100644
index 00000000..6274be45
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/include.am
@@ -0,0 +1,9 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+ certs/rpk/client-cert-rpk.der \
+ certs/rpk/client-ecc-cert-rpk.der \
+ certs/rpk/server-cert-rpk.der \
+ certs/rpk/server-ecc-cert-rpk.der
diff --git a/extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.der
new file mode 100644
index 00000000..b6d8fbe6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.der
new file mode 100644
index 00000000..91aa79be
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der
index 7bac1cc5..c25d4e46 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem
index 837c905a..65f0c14c 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -60,35 +60,35 @@ Certificate:
Salt Length: 0x014E
Trailer Field: 0xBC (default)
- 39:46:e9:1d:16:25:a1:15:6d:65:88:54:ef:7e:33:b3:0e:44:
- f2:11:cd:23:ad:73:2f:80:3c:aa:10:bd:7e:3c:45:1b:c9:8c:
- d7:2c:71:99:87:b4:e3:81:57:a8:c2:86:6c:80:ec:7c:4a:fb:
- da:01:ed:e1:f6:b2:15:16:e1:3f:cd:de:85:d2:25:3b:11:31:
- f6:a1:54:52:57:25:6c:41:99:d3:dd:92:af:ca:ed:c6:28:d4:
- e5:6d:88:a5:c5:37:3f:6f:50:43:54:21:c9:cd:77:71:5c:81:
- 6e:ec:96:b4:ea:04:41:d7:db:ec:43:d2:65:a3:2d:a8:33:1d:
- 27:01:1e:28:16:2a:93:61:a6:af:8f:9d:31:e2:34:89:f8:9a:
- cf:a0:c9:12:95:1b:9f:93:e6:10:90:e0:bc:d9:a3:72:40:30:
- cb:c4:b4:ac:3f:17:42:3b:a1:ab:ff:3a:d4:c3:2b:22:56:fb:
- 77:93:c9:32:7f:bd:18:ff:c0:60:bc:dd:ce:09:d1:e9:22:44:
- f2:9b:85:8b:20:fa:77:b0:95:aa:b5:9c:de:83:2b:58:7c:ec:
- fb:aa:9c:b9:57:5d:32:32:a3:81:66:a4:1f:0f:2b:08:1b:65:
- 1c:d4:e1:4f:7f:d9:ee:39:a9:ae:99:6e:0a:3b:e4:ef:11:d6:
- c9:e9:6f:89:27:c4:25:28:be:5a:e5:17:87:e7:56:0a:f4:32:
- 38:f2:86:84:d7:b6:66:47:f3:46:46:55:80:08:d6:8e:c0:08:
- a0:3f:04:62:77:1c:6e:dd:80:7e:57:82:0e:60:81:6e:59:ff:
- ad:39:6e:a0:fe:66:1a:1b:d1:4c:bf:14:c9:82:83:0a:95:57:
- 53:3b:79:be:74:01:d7:a7:62:64:6f:5a:8a:a6:7d:ab:9f:90:
- fb:95:89:24:d3:55:02:ef:f1:5f:d4:de:46:0c:5b:9a:60:d6:
- 6e:64:cb:11:ae:fa:7f:4f:54:44:c0:ff:af:32:45:92:32:6e:
- 5b:cb:9d:2c:03:6e
+ 1f:c0:ae:b2:47:af:ec:86:67:3a:b6:8f:44:65:4a:af:29:fc:
+ 17:92:a4:8f:03:6a:76:63:8d:65:4a:f6:52:23:a2:08:46:17:
+ c6:2c:87:76:2b:05:21:c1:70:2d:4d:65:ef:de:af:87:21:7e:
+ 88:98:45:8b:06:8f:f8:56:4f:6a:29:f3:f4:72:5d:c3:f4:5a:
+ ee:6c:52:dc:40:72:4a:1a:4c:3b:84:b0:5a:64:cc:3a:62:c3:
+ d3:56:a9:e3:fd:4e:a2:3b:57:22:b7:f9:71:f7:5c:80:aa:4c:
+ 26:ef:d5:10:e5:d9:ae:89:ff:90:82:2e:0a:ad:1c:da:a6:9c:
+ 99:44:d5:fc:a0:3c:42:ad:e7:dd:8a:d0:c7:b8:d0:83:bb:4b:
+ 00:e2:50:e5:81:6f:03:b8:bc:4d:d2:86:4d:8a:33:79:ca:e8:
+ a0:df:70:c1:3a:c3:55:05:f0:ac:d8:ab:55:0b:cf:44:60:b4:
+ af:03:f4:88:d9:49:81:7c:78:6a:af:5f:cd:28:e2:e1:37:f3:
+ 28:b8:0e:05:5d:72:b3:b5:5b:f4:72:52:a3:7e:99:99:23:95:
+ 26:17:cb:9c:66:83:21:d6:ac:f8:c8:b2:49:22:dc:32:9b:f2:
+ fc:5d:f7:fe:c0:a6:81:62:1c:43:25:2a:d3:66:37:76:db:15:
+ 31:c4:6b:df:e8:70:a9:f9:96:8c:ec:94:d1:b2:fb:73:03:1b:
+ 5d:7f:2b:1b:ab:47:72:ea:1b:9d:2d:43:d4:90:df:ca:c5:98:
+ 9a:a2:01:6a:d3:55:1c:ad:d1:37:46:93:fe:e8:56:8c:6a:1c:
+ 45:bf:cb:12:d1:aa:1c:98:08:af:f7:67:ed:41:65:3b:98:d0:
+ 42:29:b0:68:ab:94:52:6e:72:e2:f4:df:8a:68:b5:1b:6d:3f:
+ 35:d5:01:b8:60:eb:fe:f2:e9:33:90:db:59:5a:c4:d6:52:c6:
+ c7:1b:a8:a1:ef:64:db:96:ac:ce:fc:8d:e2:ac:75:f4:0d:bc:
+ 49:36:8a:12:36:83
-----BEGIN CERTIFICATE-----
MIIFjzCCA8agAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgZ0xCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93
b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3QtUlNBLVBTUzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
-MB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbIxCzAJBgNVBAYTAlVT
+MB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbIxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
@@ -104,13 +104,13 @@ KQOhvlXkTPglp6ij4z8yH66nKptrVt3JWrEaAaAT0o6aLNt+/VsOLu+Sac7y3u/Q
LwkOZwIDAQABo2MwYTAdBgNVHQ4EFgQU+ELMiMnIGPnTsCRlBkz/Vau/Dn8wHwYD
VR0jBBgwFoAUqnHTsYpLu0cVR1+b0Ctp0W+FXvYwDwYDVR0TAQH/BAUwAwEB/zAO
BgNVHQ8BAf8EBAMCAYYwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAY
-BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQA5RukdFiWhFW1liFTv
-fjOzDkTyEc0jrXMvgDyqEL1+PEUbyYzXLHGZh7TjgVeowoZsgOx8SvvaAe3h9rIV
-FuE/zd6F0iU7ETH2oVRSVyVsQZnT3ZKvyu3GKNTlbYilxTc/b1BDVCHJzXdxXIFu
-7Ja06gRB19vsQ9Jloy2oMx0nAR4oFiqTYaavj50x4jSJ+JrPoMkSlRufk+YQkOC8
-2aNyQDDLxLSsPxdCO6Gr/zrUwysiVvt3k8kyf70Y/8BgvN3OCdHpIkTym4WLIPp3
-sJWqtZzegytYfOz7qpy5V10yMqOBZqQfDysIG2Uc1OFPf9nuOamumW4KO+TvEdbJ
-6W+JJ8QlKL5a5ReH51YK9DI48oaE17ZmR/NGRlWACNaOwAigPwRidxxu3YB+V4IO
-YIFuWf+tOW6g/mYaG9FMvxTJgoMKlVdTO3m+dAHXp2Jkb1qKpn2rn5D7lYkk01UC
-7/Ff1N5GDFuaYNZuZMsRrvp/T1REwP+vMkWSMm5by50sA24=
+BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQAfwK6yR6/shmc6to9E
+ZUqvKfwXkqSPA2p2Y41lSvZSI6IIRhfGLId2KwUhwXAtTWXv3q+HIX6ImEWLBo/4
+Vk9qKfP0cl3D9FrubFLcQHJKGkw7hLBaZMw6YsPTVqnj/U6iO1cit/lx91yAqkwm
+79UQ5dmuif+Qgi4KrRzappyZRNX8oDxCrefditDHuNCDu0sA4lDlgW8DuLxN0oZN
+ijN5yuig33DBOsNVBfCs2KtVC89EYLSvA/SI2UmBfHhqr1/NKOLhN/MouA4FXXKz
+tVv0clKjfpmZI5UmF8ucZoMh1qz4yLJJItwym/L8Xff+wKaBYhxDJSrTZjd22xUx
+xGvf6HCp+ZaM7JTRsvtzAxtdfysbq0dy6hudLUPUkN/KxZiaogFq01UcrdE3RpP+
+6FaMahxFv8sS0aocmAiv92ftQWU7mNBCKbBoq5RSbnLi9N+KaLUbbT811QG4YOv+
+8ukzkNtZWsTWUsbHG6ih72TblqzO/I3irHX0DbxJNooSNoM=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der
index c3015680..97738da6 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem
index cd22134a..1a69b8c9 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -56,28 +56,28 @@ Certificate:
Salt Length: 0x20
Trailer Field: 0xBC (default)
- 49:a5:ef:22:47:73:30:e6:41:67:79:c9:8c:ac:58:a2:d0:bf:
- ed:50:c9:e8:26:44:16:d0:64:c7:f9:f0:50:1f:8b:25:f7:ba:
- 32:f0:1d:14:9f:d7:ad:2b:81:14:7d:60:ec:b3:f6:ad:0a:99:
- b6:1d:eb:f2:8e:d5:bf:1b:a9:1e:3e:8b:6c:c8:c0:ee:dd:1b:
- 2e:34:dd:bd:cd:14:60:2e:14:60:b8:f1:f3:bc:af:87:5a:75:
- 55:72:18:2d:a3:9d:01:73:aa:52:a6:44:4e:5c:a2:b5:57:8f:
- 4b:36:5e:2a:f2:c1:e2:de:88:29:24:8d:62:81:d4:6d:42:e3:
- 50:e3:a9:46:fe:78:be:95:83:bd:cc:2c:9a:ad:da:4f:c1:de:
- 34:01:53:21:5b:c6:ec:6f:6b:2e:fd:d4:71:c7:15:4e:26:30:
- 6a:de:c7:21:22:14:ae:80:c0:00:89:72:83:89:3c:30:15:3b:
- 68:67:97:b0:93:7b:7a:95:54:1d:45:8e:ae:d2:97:0c:f9:32:
- 3b:61:2d:9e:b2:b0:2e:4f:d5:cc:ab:05:5d:ce:14:8a:fe:7b:
- e4:59:33:fe:e0:42:d9:a6:99:f8:f2:7f:98:fa:09:dc:d5:ab:
- 2b:7b:08:c2:24:4c:59:49:e0:9e:23:85:d8:32:c7:5b:d4:01:
- d2:20:c5:9c
+ 6c:79:0e:40:30:74:f6:02:08:61:df:c0:89:25:10:30:ea:e4:
+ e9:14:c8:c6:47:01:55:a4:f2:ed:ee:3f:55:da:62:39:04:cb:
+ 3d:a1:78:56:76:30:fd:14:ea:b3:d8:21:99:c6:ca:ed:9f:18:
+ 7d:15:4d:d2:cf:db:c3:a1:b4:56:0d:04:b1:72:9c:68:81:1f:
+ 01:02:b8:8f:d6:d8:ed:47:3a:72:f2:e0:a5:9b:7b:50:75:00:
+ a4:ab:23:62:48:1f:bc:f4:50:86:ef:06:b3:f8:8b:6e:e0:39:
+ d1:8c:3b:8f:1f:ef:c5:ff:8c:2d:b2:1b:5d:82:32:b1:81:92:
+ 02:7c:c9:ad:16:86:63:6c:95:41:ed:80:70:96:41:13:11:03:
+ 9a:c1:41:d4:ca:e0:fd:7f:2d:d9:5b:60:d6:42:fe:aa:ac:73:
+ 4e:6d:26:67:03:ec:53:e9:97:2f:73:3a:f5:c4:ba:cf:dc:db:
+ 6c:f0:79:80:b1:52:f4:bf:12:c9:a7:ce:b1:2f:8d:6a:6a:a8:
+ 9e:27:e9:d1:55:26:6b:20:8c:1f:90:57:6d:5e:dc:9e:ca:4c:
+ 76:fc:35:76:dc:5a:06:90:50:88:7e:ad:9f:58:e3:39:10:e3:
+ 64:19:9f:ea:fb:86:04:84:79:d6:20:ac:c8:45:8b:03:8c:eb:
+ b6:d4:e7:e4
-----BEGIN CERTIFICATE-----
MIIEvzCCA3egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBnTELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dv
bGZTU0xfUlNBLVBTUzEVMBMGA1UECwwMUm9vdC1SU0EtUFNTMRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBsjELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBsjELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -92,10 +92,10 @@ pyvhDzjmM+qyEA4UyD+Hn/+LKMwdAgMBAAGjYzBhMB0GA1UdDgQWBBSeDODT37ZL
8xljXMpsk4aiFFORMTAfBgNVHSMEGDAWgBRk1eyCh4DeWu1JmNgMVH1GnqU81jAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA9BgkqhkiG9w0BAQowMKAN
MAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOC
-AQEASaXvIkdzMOZBZ3nJjKxYotC/7VDJ6CZEFtBkx/nwUB+LJfe6MvAdFJ/XrSuB
-FH1g7LP2rQqZth3r8o7VvxupHj6LbMjA7t0bLjTdvc0UYC4UYLjx87yvh1p1VXIY
-LaOdAXOqUqZETlyitVePSzZeKvLB4t6IKSSNYoHUbULjUOOpRv54vpWDvcwsmq3a
-T8HeNAFTIVvG7G9rLv3UcccVTiYwat7HISIUroDAAIlyg4k8MBU7aGeXsJN7epVU
-HUWOrtKXDPkyO2EtnrKwLk/VzKsFXc4Uiv575Fkz/uBC2aaZ+PJ/mPoJ3NWrK3sI
-wiRMWUngniOF2DLHW9QB0iDFnA==
+AQEAbHkOQDB09gIIYd/AiSUQMOrk6RTIxkcBVaTy7e4/VdpiOQTLPaF4VnYw/RTq
+s9ghmcbK7Z8YfRVN0s/bw6G0Vg0EsXKcaIEfAQK4j9bY7Uc6cvLgpZt7UHUApKsj
+YkgfvPRQhu8Gs/iLbuA50Yw7jx/vxf+MLbIbXYIysYGSAnzJrRaGY2yVQe2AcJZB
+ExEDmsFB1Mrg/X8t2Vtg1kL+qqxzTm0mZwPsU+mXL3M69cS6z9zbbPB5gLFS9L8S
+yafOsS+Namqonifp0VUmayCMH5BXbV7cnspMdvw1dtxaBpBQiH6tn1jjORDjZBmf
+6vuGBIR51iCsyEWLA4zrttTn5A==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der
index fef0e48e..5f04bf3e 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem
index 0483a9b2..0de6bc88 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 04:fb:6a:d0:0a:86:db:19:b8:c7:f8:dc:8b:70:ed:b4:4e:e0:e2:02
+ 06:54:4f:66:0b:e2:32:6e:09:ab:a6:90:84:b3:1a:59:79:89:1a:9a
Signature Algorithm: rsassaPss
Hash Algorithm: sha384
Mask Algorithm: mgf1 with sha384
@@ -10,8 +10,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -51,7 +51,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:8C:01:9F:4E:11:24:28:BF:3E:EA:82:EA:54:2A:C9:0F:F5:E4:C5:47
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_RSAPSS/OU=Client-RSAPSS/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
- serial:04:FB:6A:D0:0A:86:DB:19:B8:C7:F8:DC:8B:70:ED:B4:4E:E0:E2:02
+ serial:06:54:4F:66:0B:E2:32:6E:09:AB:A6:90:84:B3:1A:59:79:89:1A:9A
X509v3 Basic Constraints:
CA:TRUE
@@ -65,36 +65,36 @@ Certificate:
Salt Length: 0x014E
Trailer Field: 0xBC (default)
- 32:f2:6a:d2:c9:02:8e:eb:45:8f:13:02:4d:2c:0f:c1:3a:ea:
- be:e3:f9:92:a2:2d:1b:fb:e8:b9:2f:d2:d0:e0:16:cd:b7:67:
- e2:e3:61:a2:8d:c2:c9:64:f2:6a:8a:d2:62:9b:25:25:3d:72:
- b1:07:1f:2c:a3:03:64:32:d4:23:84:08:03:60:ed:90:98:7a:
- 50:1b:19:b4:c1:a8:3b:d1:00:57:82:fc:e9:ef:15:c7:c1:ed:
- b5:af:6c:60:84:48:d3:d4:8b:09:3f:2e:cc:f7:dd:62:ff:ad:
- fe:8a:fe:7c:2a:12:fa:ca:24:6a:15:5b:56:46:06:6d:d4:08:
- 17:d9:94:78:8a:88:b3:92:6b:39:9e:79:6d:fe:9e:c3:d4:cb:
- dd:be:06:b0:b8:5e:4e:dc:26:64:8d:25:ed:b7:1f:16:d1:64:
- 71:bf:e2:ed:f3:a2:2b:38:fb:e7:75:c6:65:62:72:65:ce:1b:
- 77:d7:9e:31:01:1b:07:fc:e7:8c:50:5a:9c:74:2b:a5:38:e1:
- b0:ca:dd:e1:2d:27:c0:91:f2:bc:33:a0:1a:d4:06:21:af:c2:
- cf:93:96:9d:aa:9b:49:f5:1e:9a:21:76:97:fe:63:4b:9f:ba:
- b1:e7:d4:04:d5:d5:65:28:6a:8b:6c:74:4b:55:52:0e:ef:ba:
- 48:57:02:48:22:79:88:1c:cc:bb:22:4b:82:ac:5b:7d:d8:de:
- 6d:0d:4d:37:f4:69:b3:97:28:0e:fd:5c:29:9f:26:a3:cc:59:
- 91:97:36:54:2f:f9:4b:24:fc:a9:d8:bc:02:ae:21:5a:38:8b:
- a4:8c:f1:8c:31:ef:5d:60:1b:f2:47:39:ea:e7:1b:b1:38:48:
- dc:47:82:e1:b8:79:97:87:b6:ad:4b:d3:3b:24:c1:0f:19:4e:
- 41:b0:bc:7e:d4:d0:d8:dc:95:75:8d:e6:b3:63:21:02:f9:16:
- f6:23:56:86:61:6c:17:74:8a:83:f5:b1:5f:6c:59:a0:03:1e:
- b5:69:44:26:ff:0d
+ 0b:90:18:ff:19:9d:5e:bc:34:de:1f:90:e8:27:89:1e:61:84:
+ 79:84:e1:e7:b5:df:dc:b8:68:6b:59:02:33:b0:c8:0c:a7:31:
+ e3:95:b6:09:41:6b:e0:63:93:f5:9f:53:17:04:6d:08:e7:fe:
+ 38:9e:27:82:29:55:46:f7:7a:65:61:7d:1e:8f:8c:35:70:8a:
+ 2a:94:dc:62:c5:db:16:b8:bf:67:9c:f7:e1:09:fc:08:d7:95:
+ ae:9d:9c:27:f4:7c:71:37:62:c8:09:0b:b6:06:56:37:ff:fa:
+ fc:ba:c2:25:65:e5:c2:01:b4:37:8a:f5:1e:d6:d7:56:f6:df:
+ 77:fa:99:26:16:61:8b:b2:f6:5f:de:cc:46:97:80:e8:55:36:
+ 79:9a:c7:01:36:7b:73:3a:cc:ae:05:00:a1:91:2d:fb:57:0a:
+ 72:e8:70:ab:4d:82:df:8d:5a:c5:67:fb:17:06:d9:a1:c4:66:
+ 29:c6:58:d4:81:b9:89:d3:d1:8e:97:61:59:3a:be:4d:18:3a:
+ 21:cf:94:0e:c7:20:30:35:a6:ed:a9:a1:de:bd:b7:ee:02:5f:
+ af:b0:8c:2e:57:15:7b:87:fd:d9:77:18:63:cc:d1:95:98:e2:
+ bd:d2:f4:15:38:98:13:dc:f1:ae:37:35:9e:1b:74:23:a3:20:
+ 2a:3e:6a:d0:67:67:79:65:c0:6b:e3:08:66:8f:79:c6:1c:68:
+ 68:b5:c4:f5:ec:8e:bc:c3:0b:73:6d:8b:61:33:17:90:f0:cb:
+ 69:1c:2e:42:f1:c3:a0:4a:0d:8b:79:94:8e:40:97:c6:c0:4e:
+ f1:95:42:12:d9:ad:84:d5:9c:7b:52:4a:a9:e5:82:8f:5c:9f:
+ d4:c8:0e:14:0a:c2:27:33:57:1e:d9:60:5a:e6:2a:83:bb:91:
+ 01:85:a0:14:b8:e4:bf:4a:43:7d:4f:40:36:d9:24:8b:a7:f3:
+ 7c:a9:b1:cf:f0:ba:6b:d0:73:0a:aa:47:13:06:8f:ad:df:26:
+ 0d:47:07:27:27:8f
-----BEGIN CERTIFICATE-----
-MIIGxTCCBPygAwIBAgIUBPtq0AqG2xm4x/jci3DttE7g4gIwPgYJKoZIhvcNAQEK
+MIIGxTCCBPygAwIBAgIUBlRPZgviMm4Jq6aQhLMaWXmJGpowPgYJKoZIhvcNAQEK
MDGgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQC
AgFOMIG2MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEXMBUGA1UECgwOd29sZlNTTF9SU0FQU1MxFjAUBgNVBAsMDUNsaWVu
dC1SU0FQU1MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
ARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0wwHhcN
-MjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBtjELMAkGA1UEBhMCVVMxEDAO
+MjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCBtjELMAkGA1UEBhMCVVMxEDAO
BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndvbGZT
U0xfUlNBUFNTMRYwFAYDVQQLDA1DbGllbnQtUlNBUFNTMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
@@ -112,17 +112,17 @@ MIH2BgNVHSMEge4wgeuAFIwBn04RJCi/PuqC6lQqyQ/15MVHoYG8pIG5MIG2MQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEX
MBUGA1UECgwOd29sZlNTTF9SU0FQU1MxFjAUBgNVBAsMDUNsaWVudC1SU0FQU1Mx
GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0yCFAT7atAKhtsZuMf4
-3Itw7bRO4OICMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22H
+b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0yCFAZUT2YL4jJuCaum
+kISzGll5iRqaMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22H
BH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GCSqGSIb3DQEB
CjAxoA0wCwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIE
-AgIBTgOCAYEAMvJq0skCjutFjxMCTSwPwTrqvuP5kqItG/vouS/S0OAWzbdn4uNh
-oo3CyWTyaorSYpslJT1ysQcfLKMDZDLUI4QIA2DtkJh6UBsZtMGoO9EAV4L86e8V
-x8Htta9sYIRI09SLCT8uzPfdYv+t/or+fCoS+sokahVbVkYGbdQIF9mUeIqIs5Jr
-OZ55bf6ew9TL3b4GsLheTtwmZI0l7bcfFtFkcb/i7fOiKzj753XGZWJyZc4bd9ee
-MQEbB/znjFBanHQrpTjhsMrd4S0nwJHyvDOgGtQGIa/Cz5OWnaqbSfUemiF2l/5j
-S5+6sefUBNXVZShqi2x0S1VSDu+6SFcCSCJ5iBzMuyJLgqxbfdjebQ1NN/Rps5co
-Dv1cKZ8mo8xZkZc2VC/5SyT8qdi8Aq4hWjiLpIzxjDHvXWAb8kc56ucbsThI3EeC
-4bh5l4e2rUvTOyTBDxlOQbC8ftTQ2NyVdY3ms2MhAvkW9iNWhmFsF3SKg/WxX2xZ
-oAMetWlEJv8N
+AgIBTgOCAYEAC5AY/xmdXrw03h+Q6CeJHmGEeYTh57Xf3Lhoa1kCM7DIDKcx45W2
+CUFr4GOT9Z9TFwRtCOf+OJ4ngilVRvd6ZWF9Ho+MNXCKKpTcYsXbFri/Z5z34Qn8
+CNeVrp2cJ/R8cTdiyAkLtgZWN//6/LrCJWXlwgG0N4r1HtbXVvbfd/qZJhZhi7L2
+X97MRpeA6FU2eZrHATZ7czrMrgUAoZEt+1cKcuhwq02C341axWf7FwbZocRmKcZY
+1IG5idPRjpdhWTq+TRg6Ic+UDscgMDWm7amh3r237gJfr7CMLlcVe4f92XcYY8zR
+lZjivdL0FTiYE9zxrjc1nht0I6MgKj5q0GdneWXAa+MIZo95xhxoaLXE9eyOvMML
+c22LYTMXkPDLaRwuQvHDoEoNi3mUjkCXxsBO8ZVCEtmthNWce1JKqeWCj1yf1MgO
+FArCJzNXHtlgWuYqg7uRAYWgFLjkv0pDfU9ANtkki6fzfKmxz/C6a9BzCqpHEwaP
+rd8mDUcHJyeP
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der
index 20e1883a..56a5cc87 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem
index 0afd1cae..a2e0d319 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 08:97:d5:a9:82:55:09:02:75:62:2e:dc:dc:38:a5:be:b7:fc:34:4b
+ 66:c1:2c:85:1b:16:4c:37:fa:23:50:5c:f1:4b:99:11:2f:2c:ea:e0
Signature Algorithm: rsassaPss
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
@@ -10,8 +10,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -47,7 +47,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:59:71:87:88:D0:3E:C7:EE:08:4D:80:F2:C9:FC:CF:3D:76:E6:A5:62
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_RSAPSS/OU=Client-RSAPSS/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
- serial:08:97:D5:A9:82:55:09:02:75:62:2E:DC:DC:38:A5:BE:B7:FC:34:4B
+ serial:66:C1:2C:85:1B:16:4C:37:FA:23:50:5C:F1:4B:99:11:2F:2C:EA:E0
X509v3 Basic Constraints:
CA:TRUE
@@ -61,29 +61,29 @@ Certificate:
Salt Length: 0x20
Trailer Field: 0xBC (default)
- 53:ab:77:45:54:4f:cd:f0:28:9c:97:52:09:1c:77:4f:b5:9e:
- c6:97:e3:f1:fd:be:a3:8e:75:f4:d5:af:00:ae:5f:fe:5c:e6:
- 01:ac:6f:d1:3c:d5:1b:85:23:cc:2e:25:41:05:2f:8e:e3:b8:
- a4:c2:28:66:7c:4f:e3:72:bc:4a:71:8d:05:73:a5:98:67:6d:
- ea:ae:ed:e5:97:63:46:57:83:24:15:1d:83:93:27:e6:cb:0f:
- ea:bf:d2:39:a1:8b:38:68:1a:95:5e:48:9d:ea:86:76:5a:8d:
- 61:4f:55:fd:05:d6:05:4b:e7:de:d3:b0:35:d0:b0:ef:52:06:
- c3:53:c8:a9:d5:be:97:6b:12:eb:9d:01:5b:ac:7f:b6:00:d5:
- 4f:c2:90:ce:4f:49:59:ea:76:68:b2:73:81:28:17:2c:44:99:
- f3:67:0e:3d:78:71:5d:52:96:9f:0c:8d:73:ef:8c:ea:9a:6e:
- 5e:9c:09:fc:2f:15:75:fb:f9:0c:14:96:86:19:90:ba:ba:ed:
- 9f:61:ff:4c:49:2e:3c:c6:f5:63:fe:b4:ce:1c:3d:27:37:31:
- ac:69:c3:96:e5:ca:db:05:99:f7:9c:32:8a:b0:2b:f0:3e:0a:
- 6c:23:99:03:60:df:b9:34:b1:8f:85:fa:42:a2:d8:de:ff:d4:
- 78:1e:ba:64
+ b0:79:5c:92:53:67:6c:04:98:74:61:9e:10:7d:17:59:0e:a6:
+ 41:0b:84:df:a7:8a:2e:5e:c5:5b:2a:f9:1f:bc:34:36:94:d5:
+ d4:cf:fd:91:b6:7c:ee:db:07:21:12:ef:d1:06:ba:99:d1:4c:
+ e7:c5:db:96:00:dc:87:a7:40:54:0d:6a:a1:2e:31:34:59:bd:
+ 02:78:40:85:cb:ea:fc:8c:bc:d6:1a:89:c9:3a:5c:06:c0:b2:
+ e6:cc:d2:ba:99:8a:62:81:f0:54:b6:18:56:91:2e:62:e4:16:
+ 83:30:68:70:1b:bd:18:49:a0:14:a1:8d:10:b5:67:22:09:7d:
+ c1:f5:52:cd:9e:7b:bb:9d:64:78:fe:e9:f4:b7:9c:91:23:d5:
+ eb:73:f6:64:f8:b2:ec:be:90:da:e1:f0:6e:71:e4:ec:19:91:
+ 3d:c4:e2:d9:f8:24:0c:93:47:16:57:03:67:1f:81:ac:d3:fb:
+ 0c:04:d8:20:e1:74:0d:7c:20:99:dd:c5:dc:fd:eb:1e:49:5d:
+ 1a:e6:7b:fc:77:b0:66:08:7c:c3:9b:9a:77:b6:b9:f7:8c:65:
+ 21:0c:e8:12:f7:93:a1:c7:2d:03:0e:91:e4:f9:98:68:47:d2:
+ 5d:c4:53:e7:96:02:76:75:63:f0:d0:67:ca:77:75:bc:1a:87:
+ d3:94:99:b1
-----BEGIN CERTIFICATE-----
-MIIF9TCCBK2gAwIBAgIUCJfVqYJVCQJ1Yi7c3Dilvrf8NEswPQYJKoZIhvcNAQEK
+MIIF9TCCBK2gAwIBAgIUZsEshRsWTDf6I1Bc8UuZES8s6uAwPQYJKoZIhvcNAQEK
MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
ASAwgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UECwwNQ2xpZW50
LVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0y
-MjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3NDlaMIG2MQswCQYDVQQGEwJVUzEQMA4G
+MzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5MjhaMIG2MQswCQYDVQQGEwJVUzEQMA4G
A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEXMBUGA1UECgwOd29sZlNT
TF9SU0FQU1MxFjAUBgNVBAsMDUNsaWVudC1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -100,13 +100,13 @@ PXbmpWKhgbykgbkwgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
DgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UE
CwwNQ2xpZW50LVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJ
KoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29s
-ZlNTTIIUCJfVqYJVCQJ1Yi7c3Dilvrf8NEswDAYDVR0TBAUwAwEB/zAcBgNVHREE
+ZlNTTIIUZsEshRsWTDf6I1Bc8UuZES8s6uAwDAYDVR0TBAUwAwEB/zAcBgNVHREE
FTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0B
-AQgwCwYJYIZIAWUDBAIBogMCASADggEBAFOrd0VUT83wKJyXUgkcd0+1nsaX4/H9
-vqOOdfTVrwCuX/5c5gGsb9E81RuFI8wuJUEFL47juKTCKGZ8T+NyvEpxjQVzpZhn
-bequ7eWXY0ZXgyQVHYOTJ+bLD+q/0jmhizhoGpVeSJ3qhnZajWFPVf0F1gVL597T
-sDXQsO9SBsNTyKnVvpdrEuudAVusf7YA1U/CkM5PSVnqdmiyc4EoFyxEmfNnDj14
-cV1Slp8MjXPvjOqabl6cCfwvFXX7+QwUloYZkLq67Z9h/0xJLjzG9WP+tM4cPSc3
-Maxpw5blytsFmfecMoqwK/A+CmwjmQNg37k0sY+F+kKi2N7/1HgeumQ=
+AQgwCwYJYIZIAWUDBAIBogMCASADggEBALB5XJJTZ2wEmHRhnhB9F1kOpkELhN+n
+ii5exVsq+R+8NDaU1dTP/ZG2fO7bByES79EGupnRTOfF25YA3IenQFQNaqEuMTRZ
+vQJ4QIXL6vyMvNYaick6XAbAsubM0rqZimKB8FS2GFaRLmLkFoMwaHAbvRhJoBSh
+jRC1ZyIJfcH1Us2ee7udZHj+6fS3nJEj1etz9mT4suy+kNrh8G5x5OwZkT3E4tn4
+JAyTRxZXA2cfgazT+wwE2CDhdA18IJndxdz96x5JXRrme/x3sGYIfMObmne2ufeM
+ZSEM6BL3k6HHLQMOkeT5mGhH0l3EU+eWAnZ1Y/DQZ8p3dbwah9OUmbE=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der
index 46886006..265945fb 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem
index 8678a18d..77e18041 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 16:f5:d9:4e:98:03:1d:e8:9e:1a:04:6e:b9:8a:bf:14:4d:1f:79:b1
+ 25:af:7b:c5:57:c8:31:42:fc:85:76:76:7a:01:a9:ca:68:a3:6a:d7
Signature Algorithm: rsassaPss
Hash Algorithm: sha384
Mask Algorithm: mgf1 with sha384
@@ -10,8 +10,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -61,36 +61,36 @@ Certificate:
Salt Length: 0x014E
Trailer Field: 0xBC (default)
- 14:4c:66:28:6a:b0:97:a1:1e:2b:45:bc:43:47:2b:42:f5:47:
- 4b:07:02:51:d0:6d:8e:8e:01:72:2f:10:72:6c:ff:fb:59:46:
- a2:7d:ce:a1:11:fa:9e:54:40:54:77:d0:15:c9:ce:36:15:08:
- c6:24:d2:9c:45:ef:26:bf:f6:1e:ad:e3:de:cd:d5:87:bb:e7:
- 6c:9b:61:24:5a:ec:5c:57:dc:b2:f1:74:3d:1d:b6:0f:97:b3:
- 65:9b:c2:e0:b0:06:c7:00:11:c0:b8:e8:4b:c4:d4:ff:0c:54:
- bb:7b:72:f7:b6:52:2c:19:1e:de:21:92:57:f2:14:75:ba:e2:
- f9:4b:d7:db:be:cf:f6:9e:2d:65:77:f8:fc:5d:68:6e:1a:65:
- 81:a1:e2:a2:3f:5e:a2:f6:c1:42:4b:2d:84:b3:c2:68:9d:ae:
- ef:48:f7:ce:f0:c0:18:6b:b9:27:ba:1f:a1:b5:a7:cb:f2:96:
- 99:b8:07:3e:1a:0a:d5:dd:ee:95:4e:98:a0:3e:b8:33:88:b9:
- f8:1c:5b:9b:76:fa:2b:90:8e:a9:95:47:b1:cc:e2:67:5e:dd:
- 9d:41:f9:50:43:f7:95:fb:8a:45:8a:cf:9b:63:ea:aa:ef:38:
- 03:56:4d:b1:73:07:39:a8:01:a7:78:83:5a:43:09:08:7d:ac:
- 7e:63:74:01:bb:16:4f:0d:32:6b:3f:b2:93:c8:21:d2:0b:45:
- 0b:02:78:50:5f:f2:39:67:49:1a:ab:f8:e9:04:c0:8f:5f:21:
- 92:08:b0:a8:5e:5d:26:70:43:92:21:3c:42:02:b6:80:a2:45:
- a5:6a:f0:fe:bb:76:60:7b:b2:0a:9b:25:a4:ed:fd:9e:15:79:
- e5:5a:b7:6e:11:09:d3:68:73:b1:ec:d6:30:87:66:3f:dd:0e:
- 92:0b:01:05:1e:0e:b3:56:93:96:1f:4b:0a:2e:a9:5c:cd:54:
- 5d:71:54:22:28:db:8b:28:b0:b8:a8:1e:f1:da:60:25:81:53:
- 85:9f:d0:86:4e:3a
+ 8f:d2:c7:8f:7f:7d:4e:ca:13:59:51:bb:2d:51:c7:bc:70:3c:
+ 2d:a7:44:e2:b7:14:f2:1f:6f:9e:81:92:8d:f4:65:45:7d:72:
+ 91:37:8f:21:b2:cf:aa:94:a2:cc:fe:63:a5:96:a3:a4:9c:f4:
+ ae:da:bd:b0:33:61:0b:54:05:da:7b:5a:7b:cc:5d:1a:59:a7:
+ 59:ad:29:73:e2:ec:e8:ac:f4:89:f4:3b:4d:17:a8:72:ae:d0:
+ 78:a1:f2:57:2a:15:e1:07:6c:c1:69:92:6a:a4:ea:24:30:bc:
+ fb:d4:95:6f:b9:dc:0e:4f:3e:a3:1f:e5:2e:2e:b0:5a:0a:1a:
+ 39:e3:a8:7a:2c:03:32:c2:f7:b5:55:a6:2b:dc:6c:de:13:fc:
+ fa:bd:5f:ee:fe:af:a8:4b:c1:2e:2b:da:c1:29:d3:92:a6:3a:
+ dc:04:84:67:84:63:f8:b0:f0:4b:8f:5e:16:cd:97:22:32:28:
+ 2d:bb:2d:07:74:49:1b:78:ce:4e:4b:ac:57:f8:21:f2:f6:2a:
+ 0d:ad:ea:2a:3f:ed:c1:fc:9e:dc:62:b3:f3:43:bd:1d:14:e3:
+ 97:51:1b:ef:df:0d:b4:04:b4:7a:8b:7a:16:be:d5:40:77:07:
+ cf:87:e3:2e:5e:df:ee:a2:bd:3c:50:af:a7:d1:34:84:50:9f:
+ 73:2d:89:12:4b:8f:34:d6:6b:80:94:36:16:16:b0:5c:bc:36:
+ 36:12:44:8b:f4:20:ef:08:3d:8c:d6:81:66:61:0e:57:85:54:
+ 82:b3:f8:e3:98:21:44:ea:4a:a6:ff:ec:aa:b5:58:23:6a:03:
+ ed:c2:8c:22:f5:3d:14:7e:ff:f6:16:76:2e:20:2e:1a:1b:9c:
+ 4c:6c:8d:f5:de:1c:09:59:67:ce:73:47:11:c7:ed:43:df:05:
+ 07:75:e0:8e:15:96:61:4a:e9:32:0d:35:86:cc:1b:a1:7a:3a:
+ a3:8f:58:e2:21:fd:4b:d9:62:82:83:56:ed:dc:61:c2:13:79:
+ 80:1c:89:f7:fc:02
-----BEGIN CERTIFICATE-----
-MIIFjTCCA8SgAwIBAgIUFvXZTpgDHeieGgRuuYq/FE0febEwPgYJKoZIhvcNAQEK
+MIIFjTCCA8SgAwIBAgIUJa97xVfIMUL8hXZ2egGpymijatcwPgYJKoZIhvcNAQEK
MDGgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQC
AgFOMIGdMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9SU0EtUFNTMRUwEwYDVQQLDAxSb290
LVJTQS1QU1MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGdMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGdMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
Qm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9SU0EtUFNTMRUwEwYDVQQLDAxSb290
LVJTQS1QU1MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
ARYQaW5mb0B3b2xmc3NsLmNvbTCCAaAwCwYJKoZIhvcNAQEKA4IBjwAwggGKAoIB
@@ -105,13 +105,13 @@ YUC/RSjStS/BCK++1gMAzxlp46CwkuwmQl4CpdEtz7hj386zImwa012JFZrEd5jN
lX8CAwEAAaNjMGEwHQYDVR0OBBYEFKpx07GKS7tHFUdfm9AradFvhV72MB8GA1Ud
IwQYMBaAFKpx07GKS7tHFUdfm9AradFvhV72MA8GA1UdEwEB/wQFMAMBAf8wDgYD
VR0PAQH/BAQDAgGGMD4GCSqGSIb3DQEBCjAxoA0wCwYJYIZIAWUDBAICoRowGAYJ
-KoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOCAYEAFExmKGqwl6EeK0W8Q0cr
-QvVHSwcCUdBtjo4Bci8Qcmz/+1lGon3OoRH6nlRAVHfQFcnONhUIxiTSnEXvJr/2
-Hq3j3s3Vh7vnbJthJFrsXFfcsvF0PR22D5ezZZvC4LAGxwARwLjoS8TU/wxUu3ty
-97ZSLBke3iGSV/IUdbri+UvX277P9p4tZXf4/F1obhplgaHioj9eovbBQksthLPC
-aJ2u70j3zvDAGGu5J7ofobWny/KWmbgHPhoK1d3ulU6YoD64M4i5+Bxbm3b6K5CO
-qZVHscziZ17dnUH5UEP3lfuKRYrPm2Pqqu84A1ZNsXMHOagBp3iDWkMJCH2sfmN0
-AbsWTw0yaz+yk8gh0gtFCwJ4UF/yOWdJGqv46QTAj18hkgiwqF5dJnBDkiE8QgK2
-gKJFpWrw/rt2YHuyCpslpO39nhV55Vq3bhEJ02hzsezWMIdmP90OkgsBBR4Os1aT
-lh9LCi6pXM1UXXFUIijbiyiwuKge8dpgJYFThZ/Qhk46
+KoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOCAYEAj9LHj399TsoTWVG7LVHH
+vHA8LadE4rcU8h9vnoGSjfRlRX1ykTePIbLPqpSizP5jpZajpJz0rtq9sDNhC1QF
+2ntae8xdGlmnWa0pc+Ls6Kz0ifQ7TReocq7QeKHyVyoV4QdswWmSaqTqJDC8+9SV
+b7ncDk8+ox/lLi6wWgoaOeOoeiwDMsL3tVWmK9xs3hP8+r1f7v6vqEvBLivawSnT
+kqY63ASEZ4Rj+LDwS49eFs2XIjIoLbstB3RJG3jOTkusV/gh8vYqDa3qKj/twfye
+3GKz80O9HRTjl1Eb798NtAS0eot6Fr7VQHcHz4fjLl7f7qK9PFCvp9E0hFCfcy2J
+EkuPNNZrgJQ2FhawXLw2NhJEi/Qg7wg9jNaBZmEOV4VUgrP445ghROpKpv/sqrVY
+I2oD7cKMIvU9FH7/9hZ2LiAuGhucTGyN9d4cCVlnznNHEcftQ98FB3XgjhWWYUrp
+Mg01hswboXo6o49Y4iH9S9ligoNW7dxhwhN5gByJ9/wC
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der
index cd081f8d..5538f102 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem
index 8d7805d4..d22f5b04 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 59:97:7c:29:94:e1:4d:a1:1e:91:68:90:e6:67:3e:26:13:f9:6c:ac
+ 73:13:23:bb:43:e9:76:b0:ce:25:f7:d5:65:b4:8f:7a:e5:7f:be:4f
Signature Algorithm: rsassaPss
Hash Algorithm: sha256
Mask Algorithm: mgf1 with sha256
@@ -10,8 +10,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -57,29 +57,29 @@ Certificate:
Salt Length: 0x20
Trailer Field: 0xBC (default)
- 08:08:92:4e:3c:fb:9e:5d:3e:b3:5d:31:d0:4d:00:7d:1c:dd:
- 28:e1:dd:e9:2c:24:35:43:8b:e4:8d:48:fd:63:9f:ef:a7:c7:
- a7:df:ea:2b:e2:17:7a:b8:2f:79:e3:15:00:68:63:d7:64:82:
- 00:67:e1:d6:4b:d7:b3:e6:f7:dd:48:3e:64:9e:74:51:0f:d0:
- 83:df:91:5c:6e:99:e8:4c:d1:61:0e:83:84:01:78:85:45:b3:
- d3:f2:b9:d5:39:02:38:ed:ac:1a:fa:b1:60:08:a5:9b:ea:c9:
- 39:f7:fa:23:3c:34:4b:36:e1:99:cf:1b:ce:36:ea:30:9b:df:
- b4:9a:8e:65:d2:62:ba:28:e0:24:db:28:2c:d5:76:28:e0:3f:
- eb:e3:0c:32:c3:75:e0:4c:30:83:9b:49:b5:0a:c3:68:8f:5e:
- ea:1e:14:a9:92:5b:e9:24:7b:da:47:94:b2:a1:98:6d:b0:e3:
- 35:fb:ae:c3:d8:24:b4:24:6b:64:8d:38:7b:0b:0e:aa:59:ee:
- 68:05:4b:af:33:45:6d:7e:c3:27:8b:99:8e:56:ed:35:d2:a7:
- 6a:67:db:c0:f7:03:00:a4:5c:ca:5f:ea:fb:20:15:01:43:9f:
- 5d:4e:7e:30:08:37:fd:6e:12:7e:d6:37:2e:58:2f:9c:3e:c3:
- bd:e8:bb:e1
+ 0f:1c:2d:bd:46:35:3b:80:d7:d1:45:74:d4:54:8d:ff:b0:29:
+ 06:be:e4:c7:cc:93:06:9d:2c:0f:7d:82:2a:76:ed:36:4a:71:
+ cd:6b:47:94:e9:c9:29:c7:17:4e:c4:0a:0d:4a:53:92:fb:72:
+ b8:a7:a1:bb:87:fc:e1:7e:51:1b:b5:d7:34:63:7e:9f:ff:70:
+ 2a:45:3c:db:fc:0a:d6:59:3a:76:30:09:81:40:94:28:4b:ca:
+ 36:62:1f:d9:8a:58:3d:b1:3e:8e:9e:c2:01:2c:f9:aa:71:61:
+ 0c:6f:46:99:c8:cb:a6:c5:9e:4a:40:3d:84:af:2f:0c:45:59:
+ f5:a9:c5:44:b6:4d:b7:d5:fd:5d:f3:5b:8d:0b:6a:69:e7:30:
+ 76:76:ef:ee:ad:80:e3:45:92:a9:fa:32:43:bc:2c:c5:51:f4:
+ 6e:3a:42:8e:fc:a1:eb:03:ca:3c:c5:fc:d7:62:cb:d5:34:92:
+ 59:2d:f7:d0:fc:f2:e1:2c:5c:c2:94:f4:9d:3b:8f:d8:46:ed:
+ 29:21:5c:1b:c6:da:30:71:8d:9f:00:03:82:34:33:1d:d7:20:
+ e8:4f:9f:9e:bd:91:25:fa:f7:0b:6a:64:99:ad:f3:f7:66:a4:
+ cd:b3:6d:e7:ec:06:9b:88:ce:a7:ef:59:e3:d0:6c:22:af:b8:
+ ce:7a:3b:60
-----BEGIN CERTIFICATE-----
-MIIEvTCCA3WgAwIBAgIUWZd8KZThTaEekWiQ5mc+JhP5bKwwPQYJKoZIhvcNAQEK
+MIIEvTCCA3WgAwIBAgIUcxMju0PpdrDOJffVZbSPeuV/vk8wPQYJKoZIhvcNAQEK
MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
ASAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3Qt
UlNBLVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
-FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0
-OVowgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTky
+OFowgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3Qt
UlNBLVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFl
@@ -93,10 +93,10 @@ CGK+q9xIDIW1XvsSyZ7Au/EKGGwV+edEShUJc0nYDJb33NACYsqRgfSyPLolqZiE
SZjYDFR9Rp6lPNYwHwYDVR0jBBgwFoAUZNXsgoeA3lrtSZjYDFR9Rp6lPNYwDwYD
VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwPQYJKoZIhvcNAQEKMDCgDTAL
BglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEB
-AAgIkk48+55dPrNdMdBNAH0c3Sjh3eksJDVDi+SNSP1jn++nx6ff6iviF3q4L3nj
-FQBoY9dkggBn4dZL17Pm991IPmSedFEP0IPfkVxumehM0WEOg4QBeIVFs9PyudU5
-AjjtrBr6sWAIpZvqyTn3+iM8NEs24ZnPG8426jCb37SajmXSYroo4CTbKCzVdijg
-P+vjDDLDdeBMMIObSbUKw2iPXuoeFKmSW+kke9pHlLKhmG2w4zX7rsPYJLQka2SN
-OHsLDqpZ7mgFS68zRW1+wyeLmY5W7TXSp2pn28D3AwCkXMpf6vsgFQFDn11OfjAI
-N/1uEn7WNy5YL5w+w73ou+E=
+AA8cLb1GNTuA19FFdNRUjf+wKQa+5MfMkwadLA99gip27TZKcc1rR5TpySnHF07E
+Cg1KU5L7crinobuH/OF+URu11zRjfp//cCpFPNv8CtZZOnYwCYFAlChLyjZiH9mK
+WD2xPo6ewgEs+apxYQxvRpnIy6bFnkpAPYSvLwxFWfWpxUS2TbfV/V3zW40Lamnn
+MHZ27+6tgONFkqn6MkO8LMVR9G46Qo78oesDyjzF/Ndiy9U0klkt99D88uEsXMKU
+9J07j9hG7SkhXBvG2jBxjZ8AA4I0Mx3XIOhPn569kSX69wtqZJmt8/dmpM2zbefs
+BpuIzqfvWePQbCKvuM56O2A=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem
index da823cd1..600e757c 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -64,36 +64,36 @@ Certificate:
Salt Length: 0x014E
Trailer Field: 0xBC (default)
- a3:6f:52:58:b0:d4:8f:e5:95:ec:7d:25:a7:67:a2:a1:2a:5f:
- 11:aa:8c:cb:62:fc:75:e2:78:7d:ee:3b:ec:ac:30:80:3b:c5:
- b7:7b:ce:6e:e3:91:ea:54:d4:cd:e5:07:55:f2:10:e8:e8:86:
- 68:e8:01:c0:53:ca:b3:7f:7b:79:e6:31:82:aa:e9:02:c5:ca:
- e4:f2:df:a6:5a:99:f1:bc:59:3d:4c:b2:bc:92:e6:15:4a:49:
- 0b:b6:10:ca:12:48:03:d9:b7:87:d0:f8:ba:c9:c3:c2:fc:29:
- 8a:a7:c1:4c:26:42:9f:1a:ce:f3:31:a2:4a:f7:25:8c:ed:40:
- 71:77:7b:06:cc:4c:6f:bb:4e:34:c4:b5:e2:24:06:56:f3:ef:
- 9b:05:78:5a:e3:f3:c2:42:f4:eb:3e:28:f6:88:29:68:65:61:
- 60:d2:61:ac:a1:4e:ec:6a:c1:15:87:1a:8c:06:2d:34:e7:66:
- bf:4f:5d:4d:23:46:33:67:2b:1d:97:f2:9a:e6:2e:90:1b:87:
- 93:03:2d:51:d8:7d:3d:0e:59:8a:30:34:8b:b2:09:92:99:03:
- b7:ad:a4:c5:ad:6d:bb:e6:5e:c2:e4:86:d2:63:3b:c8:8e:0a:
- a3:39:bd:9c:e9:a5:cf:65:65:85:8e:08:8e:d9:85:36:3e:1d:
- c6:66:3a:6d:a6:9d:be:e0:d8:e9:dd:17:1c:df:75:04:3e:24:
- a9:c0:19:17:a1:ef:6e:db:a6:bd:fc:1d:99:8d:11:0c:3c:5b:
- 44:b0:da:f4:0a:e2:c6:39:13:5f:f1:6a:20:ae:07:07:41:95:
- d4:10:92:b4:32:01:27:74:ef:aa:97:0e:9f:73:67:29:5c:40:
- d2:5b:31:bb:c5:70:c0:c3:b6:7b:39:c4:76:b8:ec:67:c9:0a:
- bd:d3:dc:c8:4f:41:62:5e:46:3a:d4:e6:65:12:4d:c0:7e:68:
- 6c:9d:6a:ec:4f:da:e3:b3:94:58:be:ad:b6:85:01:e3:94:a4:
- 4b:7d:28:00:0e:f3
+ a1:de:92:ed:d2:4f:c8:85:21:4f:96:af:a2:74:a9:e7:3d:c7:
+ f5:84:8e:4c:6c:29:2b:ed:24:5e:60:ea:bb:43:c0:7f:b3:5d:
+ e5:d9:44:34:b3:d0:e1:d2:04:c1:f4:88:e3:7a:c8:a5:cb:85:
+ 3e:27:52:d9:f4:c2:9e:45:35:e8:2b:ca:2d:c3:d4:30:53:c5:
+ c1:f4:9c:d1:98:bf:80:c2:91:88:da:37:f5:ed:6f:5f:73:83:
+ e7:3c:94:c9:b8:fe:e5:aa:0b:18:f4:69:92:a9:38:58:42:6a:
+ 8b:2e:c0:37:aa:3e:50:8e:e9:93:26:ba:cd:28:da:79:fb:cf:
+ 4d:8f:03:b8:e3:bd:5f:d2:c6:ad:42:66:9f:4d:51:fc:16:1a:
+ e9:80:45:45:c5:fe:e2:1e:15:08:5f:e8:dc:2d:03:e9:08:03:
+ ae:1a:dd:a0:3b:b9:65:98:c3:01:4a:4b:4f:ad:3d:20:cd:d0:
+ 60:b8:7a:7b:26:4d:cb:ff:b4:f0:d2:9b:cf:ce:8e:d3:32:14:
+ 23:a2:52:c8:20:fc:9c:23:21:13:e9:eb:2e:c0:1b:18:e8:09:
+ ac:e9:c9:2e:5e:63:6f:c4:60:b5:2c:61:12:25:a0:72:fe:ed:
+ 7d:74:62:b5:2e:7a:91:83:96:64:ff:c2:ef:6f:8c:a8:7e:22:
+ d8:79:d1:16:d9:96:87:9e:9e:c4:34:71:cd:0c:ec:ac:e1:60:
+ 44:29:b3:72:94:46:ea:08:82:c2:fa:05:55:c7:e5:16:5f:3b:
+ 16:02:34:3c:ca:44:f8:a4:ba:c8:ae:7b:83:79:d7:20:45:14:
+ 6a:5a:b7:85:80:ce:aa:cb:dc:46:41:70:01:54:dd:f4:58:20:
+ da:1d:df:2f:61:53:d4:57:de:53:4c:56:d0:70:60:59:1f:f8:
+ 84:25:11:74:b1:12:1c:90:ef:11:07:65:ec:a3:64:df:0b:51:
+ d0:65:70:9c:a1:2f:9b:dd:10:dc:33:b3:1a:8e:5a:8a:68:43:
+ 7f:9e:6b:b8:a4:33
-----BEGIN CERTIFICATE-----
MIIFzzCCBAagAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgbIxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
-BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIx
-MTc0OVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
+BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIy
+MTkyOVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
DAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UECwwNU2Vy
dmVyLVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDCC
@@ -110,13 +110,13 @@ FgQUyPHpHmAByCPM15izu2V6MsRLkzkwHwYDVR0jBBgwFoAU+ELMiMnIGPnTsCRl
Bkz/Vau/Dn8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAww
CgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMD4GCSqGSIb3DQEBCjAxoA0w
CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOC
-AYEAo29SWLDUj+WV7H0lp2eioSpfEaqMy2L8deJ4fe477KwwgDvFt3vObuOR6lTU
-zeUHVfIQ6OiGaOgBwFPKs397eeYxgqrpAsXK5PLfplqZ8bxZPUyyvJLmFUpJC7YQ
-yhJIA9m3h9D4usnDwvwpiqfBTCZCnxrO8zGiSvcljO1AcXd7BsxMb7tONMS14iQG
-VvPvmwV4WuPzwkL06z4o9ogpaGVhYNJhrKFO7GrBFYcajAYtNOdmv09dTSNGM2cr
-HZfymuYukBuHkwMtUdh9PQ5ZijA0i7IJkpkDt62kxa1tu+ZewuSG0mM7yI4Kozm9
-nOmlz2VlhY4IjtmFNj4dxmY6baadvuDY6d0XHN91BD4kqcAZF6HvbtumvfwdmY0R
-DDxbRLDa9ArixjkTX/FqIK4HB0GV1BCStDIBJ3TvqpcOn3NnKVxA0lsxu8VwwMO2
-eznEdrjsZ8kKvdPcyE9BYl5GOtTmZRJNwH5obJ1q7E/a47OUWL6ttoUB45SkS30o
-AA7z
+AYEAod6S7dJPyIUhT5avonSp5z3H9YSOTGwpK+0kXmDqu0PAf7Nd5dlENLPQ4dIE
+wfSI43rIpcuFPidS2fTCnkU16CvKLcPUMFPFwfSc0Zi/gMKRiNo39e1vX3OD5zyU
+ybj+5aoLGPRpkqk4WEJqiy7AN6o+UI7pkya6zSjaefvPTY8DuOO9X9LGrUJmn01R
+/BYa6YBFRcX+4h4VCF/o3C0D6QgDrhrdoDu5ZZjDAUpLT609IM3QYLh6eyZNy/+0
+8NKbz86O0zIUI6JSyCD8nCMhE+nrLsAbGOgJrOnJLl5jb8RgtSxhEiWgcv7tfXRi
+tS56kYOWZP/C72+MqH4i2HnRFtmWh56exDRxzQzsrOFgRCmzcpRG6giCwvoFVcfl
+Fl87FgI0PMpE+KS6yK57g3nXIEUUalq3hYDOqsvcRkFwAVTd9Fgg2h3fL2FT1Ffe
+U0xW0HBgWR/4hCURdLESHJDvEQdl7KNk3wtR0GVwnKEvm90Q3DOzGo5aimhDf55r
+uKQz
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der
index d13982e4..5df8b41b 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem
index cb2b97ae..d3d85bae 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -64,36 +64,36 @@ Certificate:
Salt Length: 0x014E
Trailer Field: 0xBC (default)
- a3:6f:52:58:b0:d4:8f:e5:95:ec:7d:25:a7:67:a2:a1:2a:5f:
- 11:aa:8c:cb:62:fc:75:e2:78:7d:ee:3b:ec:ac:30:80:3b:c5:
- b7:7b:ce:6e:e3:91:ea:54:d4:cd:e5:07:55:f2:10:e8:e8:86:
- 68:e8:01:c0:53:ca:b3:7f:7b:79:e6:31:82:aa:e9:02:c5:ca:
- e4:f2:df:a6:5a:99:f1:bc:59:3d:4c:b2:bc:92:e6:15:4a:49:
- 0b:b6:10:ca:12:48:03:d9:b7:87:d0:f8:ba:c9:c3:c2:fc:29:
- 8a:a7:c1:4c:26:42:9f:1a:ce:f3:31:a2:4a:f7:25:8c:ed:40:
- 71:77:7b:06:cc:4c:6f:bb:4e:34:c4:b5:e2:24:06:56:f3:ef:
- 9b:05:78:5a:e3:f3:c2:42:f4:eb:3e:28:f6:88:29:68:65:61:
- 60:d2:61:ac:a1:4e:ec:6a:c1:15:87:1a:8c:06:2d:34:e7:66:
- bf:4f:5d:4d:23:46:33:67:2b:1d:97:f2:9a:e6:2e:90:1b:87:
- 93:03:2d:51:d8:7d:3d:0e:59:8a:30:34:8b:b2:09:92:99:03:
- b7:ad:a4:c5:ad:6d:bb:e6:5e:c2:e4:86:d2:63:3b:c8:8e:0a:
- a3:39:bd:9c:e9:a5:cf:65:65:85:8e:08:8e:d9:85:36:3e:1d:
- c6:66:3a:6d:a6:9d:be:e0:d8:e9:dd:17:1c:df:75:04:3e:24:
- a9:c0:19:17:a1:ef:6e:db:a6:bd:fc:1d:99:8d:11:0c:3c:5b:
- 44:b0:da:f4:0a:e2:c6:39:13:5f:f1:6a:20:ae:07:07:41:95:
- d4:10:92:b4:32:01:27:74:ef:aa:97:0e:9f:73:67:29:5c:40:
- d2:5b:31:bb:c5:70:c0:c3:b6:7b:39:c4:76:b8:ec:67:c9:0a:
- bd:d3:dc:c8:4f:41:62:5e:46:3a:d4:e6:65:12:4d:c0:7e:68:
- 6c:9d:6a:ec:4f:da:e3:b3:94:58:be:ad:b6:85:01:e3:94:a4:
- 4b:7d:28:00:0e:f3
+ a1:de:92:ed:d2:4f:c8:85:21:4f:96:af:a2:74:a9:e7:3d:c7:
+ f5:84:8e:4c:6c:29:2b:ed:24:5e:60:ea:bb:43:c0:7f:b3:5d:
+ e5:d9:44:34:b3:d0:e1:d2:04:c1:f4:88:e3:7a:c8:a5:cb:85:
+ 3e:27:52:d9:f4:c2:9e:45:35:e8:2b:ca:2d:c3:d4:30:53:c5:
+ c1:f4:9c:d1:98:bf:80:c2:91:88:da:37:f5:ed:6f:5f:73:83:
+ e7:3c:94:c9:b8:fe:e5:aa:0b:18:f4:69:92:a9:38:58:42:6a:
+ 8b:2e:c0:37:aa:3e:50:8e:e9:93:26:ba:cd:28:da:79:fb:cf:
+ 4d:8f:03:b8:e3:bd:5f:d2:c6:ad:42:66:9f:4d:51:fc:16:1a:
+ e9:80:45:45:c5:fe:e2:1e:15:08:5f:e8:dc:2d:03:e9:08:03:
+ ae:1a:dd:a0:3b:b9:65:98:c3:01:4a:4b:4f:ad:3d:20:cd:d0:
+ 60:b8:7a:7b:26:4d:cb:ff:b4:f0:d2:9b:cf:ce:8e:d3:32:14:
+ 23:a2:52:c8:20:fc:9c:23:21:13:e9:eb:2e:c0:1b:18:e8:09:
+ ac:e9:c9:2e:5e:63:6f:c4:60:b5:2c:61:12:25:a0:72:fe:ed:
+ 7d:74:62:b5:2e:7a:91:83:96:64:ff:c2:ef:6f:8c:a8:7e:22:
+ d8:79:d1:16:d9:96:87:9e:9e:c4:34:71:cd:0c:ec:ac:e1:60:
+ 44:29:b3:72:94:46:ea:08:82:c2:fa:05:55:c7:e5:16:5f:3b:
+ 16:02:34:3c:ca:44:f8:a4:ba:c8:ae:7b:83:79:d7:20:45:14:
+ 6a:5a:b7:85:80:ce:aa:cb:dc:46:41:70:01:54:dd:f4:58:20:
+ da:1d:df:2f:61:53:d4:57:de:53:4c:56:d0:70:60:59:1f:f8:
+ 84:25:11:74:b1:12:1c:90:ef:11:07:65:ec:a3:64:df:0b:51:
+ d0:65:70:9c:a1:2f:9b:dd:10:dc:33:b3:1a:8e:5a:8a:68:43:
+ 7f:9e:6b:b8:a4:33
-----BEGIN CERTIFICATE-----
MIIFzzCCBAagAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgbIxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
-BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIx
-MTc0OVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
+BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIy
+MTkyOVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
DAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UECwwNU2Vy
dmVyLVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDCC
@@ -110,15 +110,15 @@ FgQUyPHpHmAByCPM15izu2V6MsRLkzkwHwYDVR0jBBgwFoAU+ELMiMnIGPnTsCRl
Bkz/Vau/Dn8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAww
CgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMD4GCSqGSIb3DQEBCjAxoA0w
CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOC
-AYEAo29SWLDUj+WV7H0lp2eioSpfEaqMy2L8deJ4fe477KwwgDvFt3vObuOR6lTU
-zeUHVfIQ6OiGaOgBwFPKs397eeYxgqrpAsXK5PLfplqZ8bxZPUyyvJLmFUpJC7YQ
-yhJIA9m3h9D4usnDwvwpiqfBTCZCnxrO8zGiSvcljO1AcXd7BsxMb7tONMS14iQG
-VvPvmwV4WuPzwkL06z4o9ogpaGVhYNJhrKFO7GrBFYcajAYtNOdmv09dTSNGM2cr
-HZfymuYukBuHkwMtUdh9PQ5ZijA0i7IJkpkDt62kxa1tu+ZewuSG0mM7yI4Kozm9
-nOmlz2VlhY4IjtmFNj4dxmY6baadvuDY6d0XHN91BD4kqcAZF6HvbtumvfwdmY0R
-DDxbRLDa9ArixjkTX/FqIK4HB0GV1BCStDIBJ3TvqpcOn3NnKVxA0lsxu8VwwMO2
-eznEdrjsZ8kKvdPcyE9BYl5GOtTmZRJNwH5obJ1q7E/a47OUWL6ttoUB45SkS30o
-AA7z
+AYEAod6S7dJPyIUhT5avonSp5z3H9YSOTGwpK+0kXmDqu0PAf7Nd5dlENLPQ4dIE
+wfSI43rIpcuFPidS2fTCnkU16CvKLcPUMFPFwfSc0Zi/gMKRiNo39e1vX3OD5zyU
+ybj+5aoLGPRpkqk4WEJqiy7AN6o+UI7pkya6zSjaefvPTY8DuOO9X9LGrUJmn01R
+/BYa6YBFRcX+4h4VCF/o3C0D6QgDrhrdoDu5ZZjDAUpLT609IM3QYLh6eyZNy/+0
+8NKbz86O0zIUI6JSyCD8nCMhE+nrLsAbGOgJrOnJLl5jb8RgtSxhEiWgcv7tfXRi
+tS56kYOWZP/C72+MqH4i2HnRFtmWh56exDRxzQzsrOFgRCmzcpRG6giCwvoFVcfl
+Fl87FgI0PMpE+KS6yK57g3nXIEUUalq3hYDOqsvcRkFwAVTd9Fgg2h3fL2FT1Ffe
+U0xW0HBgWR/4hCURdLESHJDvEQdl7KNk3wtR0GVwnKEvm90Q3DOzGo5aimhDf55r
+uKQz
-----END CERTIFICATE-----
Certificate:
Data:
@@ -131,8 +131,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -182,35 +182,35 @@ Certificate:
Salt Length: 0x014E
Trailer Field: 0xBC (default)
- 39:46:e9:1d:16:25:a1:15:6d:65:88:54:ef:7e:33:b3:0e:44:
- f2:11:cd:23:ad:73:2f:80:3c:aa:10:bd:7e:3c:45:1b:c9:8c:
- d7:2c:71:99:87:b4:e3:81:57:a8:c2:86:6c:80:ec:7c:4a:fb:
- da:01:ed:e1:f6:b2:15:16:e1:3f:cd:de:85:d2:25:3b:11:31:
- f6:a1:54:52:57:25:6c:41:99:d3:dd:92:af:ca:ed:c6:28:d4:
- e5:6d:88:a5:c5:37:3f:6f:50:43:54:21:c9:cd:77:71:5c:81:
- 6e:ec:96:b4:ea:04:41:d7:db:ec:43:d2:65:a3:2d:a8:33:1d:
- 27:01:1e:28:16:2a:93:61:a6:af:8f:9d:31:e2:34:89:f8:9a:
- cf:a0:c9:12:95:1b:9f:93:e6:10:90:e0:bc:d9:a3:72:40:30:
- cb:c4:b4:ac:3f:17:42:3b:a1:ab:ff:3a:d4:c3:2b:22:56:fb:
- 77:93:c9:32:7f:bd:18:ff:c0:60:bc:dd:ce:09:d1:e9:22:44:
- f2:9b:85:8b:20:fa:77:b0:95:aa:b5:9c:de:83:2b:58:7c:ec:
- fb:aa:9c:b9:57:5d:32:32:a3:81:66:a4:1f:0f:2b:08:1b:65:
- 1c:d4:e1:4f:7f:d9:ee:39:a9:ae:99:6e:0a:3b:e4:ef:11:d6:
- c9:e9:6f:89:27:c4:25:28:be:5a:e5:17:87:e7:56:0a:f4:32:
- 38:f2:86:84:d7:b6:66:47:f3:46:46:55:80:08:d6:8e:c0:08:
- a0:3f:04:62:77:1c:6e:dd:80:7e:57:82:0e:60:81:6e:59:ff:
- ad:39:6e:a0:fe:66:1a:1b:d1:4c:bf:14:c9:82:83:0a:95:57:
- 53:3b:79:be:74:01:d7:a7:62:64:6f:5a:8a:a6:7d:ab:9f:90:
- fb:95:89:24:d3:55:02:ef:f1:5f:d4:de:46:0c:5b:9a:60:d6:
- 6e:64:cb:11:ae:fa:7f:4f:54:44:c0:ff:af:32:45:92:32:6e:
- 5b:cb:9d:2c:03:6e
+ 1f:c0:ae:b2:47:af:ec:86:67:3a:b6:8f:44:65:4a:af:29:fc:
+ 17:92:a4:8f:03:6a:76:63:8d:65:4a:f6:52:23:a2:08:46:17:
+ c6:2c:87:76:2b:05:21:c1:70:2d:4d:65:ef:de:af:87:21:7e:
+ 88:98:45:8b:06:8f:f8:56:4f:6a:29:f3:f4:72:5d:c3:f4:5a:
+ ee:6c:52:dc:40:72:4a:1a:4c:3b:84:b0:5a:64:cc:3a:62:c3:
+ d3:56:a9:e3:fd:4e:a2:3b:57:22:b7:f9:71:f7:5c:80:aa:4c:
+ 26:ef:d5:10:e5:d9:ae:89:ff:90:82:2e:0a:ad:1c:da:a6:9c:
+ 99:44:d5:fc:a0:3c:42:ad:e7:dd:8a:d0:c7:b8:d0:83:bb:4b:
+ 00:e2:50:e5:81:6f:03:b8:bc:4d:d2:86:4d:8a:33:79:ca:e8:
+ a0:df:70:c1:3a:c3:55:05:f0:ac:d8:ab:55:0b:cf:44:60:b4:
+ af:03:f4:88:d9:49:81:7c:78:6a:af:5f:cd:28:e2:e1:37:f3:
+ 28:b8:0e:05:5d:72:b3:b5:5b:f4:72:52:a3:7e:99:99:23:95:
+ 26:17:cb:9c:66:83:21:d6:ac:f8:c8:b2:49:22:dc:32:9b:f2:
+ fc:5d:f7:fe:c0:a6:81:62:1c:43:25:2a:d3:66:37:76:db:15:
+ 31:c4:6b:df:e8:70:a9:f9:96:8c:ec:94:d1:b2:fb:73:03:1b:
+ 5d:7f:2b:1b:ab:47:72:ea:1b:9d:2d:43:d4:90:df:ca:c5:98:
+ 9a:a2:01:6a:d3:55:1c:ad:d1:37:46:93:fe:e8:56:8c:6a:1c:
+ 45:bf:cb:12:d1:aa:1c:98:08:af:f7:67:ed:41:65:3b:98:d0:
+ 42:29:b0:68:ab:94:52:6e:72:e2:f4:df:8a:68:b5:1b:6d:3f:
+ 35:d5:01:b8:60:eb:fe:f2:e9:33:90:db:59:5a:c4:d6:52:c6:
+ c7:1b:a8:a1:ef:64:db:96:ac:ce:fc:8d:e2:ac:75:f4:0d:bc:
+ 49:36:8a:12:36:83
-----BEGIN CERTIFICATE-----
MIIFjzCCA8agAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgZ0xCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93
b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3QtUlNBLVBTUzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
-MB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbIxCzAJBgNVBAYTAlVT
+MB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbIxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
@@ -226,13 +226,13 @@ KQOhvlXkTPglp6ij4z8yH66nKptrVt3JWrEaAaAT0o6aLNt+/VsOLu+Sac7y3u/Q
LwkOZwIDAQABo2MwYTAdBgNVHQ4EFgQU+ELMiMnIGPnTsCRlBkz/Vau/Dn8wHwYD
VR0jBBgwFoAUqnHTsYpLu0cVR1+b0Ctp0W+FXvYwDwYDVR0TAQH/BAUwAwEB/zAO
BgNVHQ8BAf8EBAMCAYYwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAY
-BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQA5RukdFiWhFW1liFTv
-fjOzDkTyEc0jrXMvgDyqEL1+PEUbyYzXLHGZh7TjgVeowoZsgOx8SvvaAe3h9rIV
-FuE/zd6F0iU7ETH2oVRSVyVsQZnT3ZKvyu3GKNTlbYilxTc/b1BDVCHJzXdxXIFu
-7Ja06gRB19vsQ9Jloy2oMx0nAR4oFiqTYaavj50x4jSJ+JrPoMkSlRufk+YQkOC8
-2aNyQDDLxLSsPxdCO6Gr/zrUwysiVvt3k8kyf70Y/8BgvN3OCdHpIkTym4WLIPp3
-sJWqtZzegytYfOz7qpy5V10yMqOBZqQfDysIG2Uc1OFPf9nuOamumW4KO+TvEdbJ
-6W+JJ8QlKL5a5ReH51YK9DI48oaE17ZmR/NGRlWACNaOwAigPwRidxxu3YB+V4IO
-YIFuWf+tOW6g/mYaG9FMvxTJgoMKlVdTO3m+dAHXp2Jkb1qKpn2rn5D7lYkk01UC
-7/Ff1N5GDFuaYNZuZMsRrvp/T1REwP+vMkWSMm5by50sA24=
+BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQAfwK6yR6/shmc6to9E
+ZUqvKfwXkqSPA2p2Y41lSvZSI6IIRhfGLId2KwUhwXAtTWXv3q+HIX6ImEWLBo/4
+Vk9qKfP0cl3D9FrubFLcQHJKGkw7hLBaZMw6YsPTVqnj/U6iO1cit/lx91yAqkwm
+79UQ5dmuif+Qgi4KrRzappyZRNX8oDxCrefditDHuNCDu0sA4lDlgW8DuLxN0oZN
+ijN5yuig33DBOsNVBfCs2KtVC89EYLSvA/SI2UmBfHhqr1/NKOLhN/MouA4FXXKz
+tVv0clKjfpmZI5UmF8ucZoMh1qz4yLJJItwym/L8Xff+wKaBYhxDJSrTZjd22xUx
+xGvf6HCp+ZaM7JTRsvtzAxtdfysbq0dy6hudLUPUkN/KxZiaogFq01UcrdE3RpP+
+6FaMahxFv8sS0aocmAiv92ftQWU7mNBCKbBoq5RSbnLi9N+KaLUbbT811QG4YOv+
+8ukzkNtZWsTWUsbHG6ih72TblqzO/I3irHX0DbxJNooSNoM=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem
index 2181143c..10cf45f5 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-MIX-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -55,28 +55,28 @@ Certificate:
Salt Length: 0xDE
Trailer Field: 0xBC (default)
- 3c:41:e4:e3:a2:f2:8d:f7:ba:f3:c3:51:c6:b2:71:2d:d4:4d:
- c3:10:b1:0c:1b:c2:e5:cd:48:13:a9:2f:cc:13:f3:db:25:85:
- c3:83:0a:77:00:ff:16:58:c0:2a:12:20:11:5a:86:87:db:1e:
- 47:ac:9d:c5:7c:87:c3:13:79:c8:ea:35:33:a0:a3:bf:d5:64:
- 09:5b:60:45:e9:b1:a4:3c:9a:31:14:fb:76:ae:ef:3c:56:cc:
- 9b:3d:de:74:16:ac:5f:9b:f2:1b:28:8f:fe:d6:0a:4f:bc:72:
- c2:23:c6:c5:da:c2:aa:80:ac:90:c4:31:93:99:f5:c7:c1:cc:
- ec:09:45:02:90:4e:b3:47:59:f6:80:6c:c0:bb:66:f7:fb:e1:
- 16:56:7b:6e:ef:e6:b6:93:e5:95:d4:e3:76:c0:de:64:6b:1c:
- 72:0d:0d:7b:85:2f:b4:e2:9e:01:44:6f:85:53:30:78:bf:c3:
- 4e:33:21:0b:f9:a6:66:85:a0:ef:60:8d:07:7d:ac:fb:3c:11:
- aa:f9:7f:5b:f9:0e:af:27:d4:a9:fb:b2:b3:fe:8d:4c:d0:9f:
- 83:9a:79:32:7f:b2:11:af:b5:35:a3:62:4a:4a:03:c8:cd:f0:
- f7:5e:98:9d:5e:d0:7f:e9:cf:8a:1f:bd:28:c7:25:8e:7b:63:
- 30:83:6c:00
+ 14:99:93:0c:53:6c:7e:43:6d:28:73:f0:11:fa:80:13:79:af:
+ 2d:c2:64:71:1d:90:5d:b2:2e:1f:4c:bf:30:21:12:16:82:a4:
+ 8d:90:e7:e3:3c:ee:3a:d1:50:ba:18:e0:d5:e7:cb:6b:87:ae:
+ 24:e1:0b:7c:c7:83:28:98:56:dc:63:d7:6e:d1:f6:a9:92:3e:
+ d5:aa:83:f3:c4:fe:53:26:d0:b3:e8:f2:0b:34:bb:cb:5d:53:
+ 28:36:b9:ab:b8:13:a2:b3:53:ac:ab:c7:41:92:f5:e4:c7:66:
+ c6:af:15:f9:c2:a5:9c:c3:07:81:c9:c0:41:2c:40:11:5b:86:
+ 63:c0:6e:1d:c7:e4:3f:41:a4:8d:18:2c:da:1a:fa:d7:39:d3:
+ b6:8f:be:87:0f:2b:a1:90:6a:d7:ba:df:cf:97:20:05:7e:8c:
+ a7:f8:90:bf:ec:b6:a6:44:08:81:57:19:15:a9:a9:0f:1c:5c:
+ 78:ab:b8:35:5b:b0:8c:7d:48:f5:21:38:e7:a2:51:27:fc:24:
+ ea:2f:9f:f7:19:62:e6:1f:cf:1c:5d:9c:e2:b5:e7:b2:4c:ac:
+ fc:64:fd:0e:bd:5d:3b:02:44:94:ec:5e:1c:24:d1:3d:37:3b:
+ eb:23:2f:7a:46:c6:45:4d:55:1e:50:d2:6f:c2:16:5b:78:a7:
+ 06:e1:ee:36
-----BEGIN CERTIFICATE-----
MIIEtzCCA26gAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgboxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgboxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JT
QVBTUzEaMBgGA1UECwwRU2VydmVyLU1JWC1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -90,11 +90,11 @@ ILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgYkwgYYwHQYDVR0OBBYEFLMRMsmS
mITiyfjQO24DQsofDo48MB8GA1UdIwQYMBaAFCeOZxF0wyYdP+0zY7Ok2B0w5ejV
MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUF
BwMBMBEGCWCGSAGG+EIBAQQEAwIGQDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFl
-AwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBADxB5OOi
-8o33uvPDUcaycS3UTcMQsQwbwuXNSBOpL8wT89slhcODCncA/xZYwCoSIBFahofb
-HkesncV8h8MTecjqNTOgo7/VZAlbYEXpsaQ8mjEU+3au7zxWzJs93nQWrF+b8hso
-j/7WCk+8csIjxsXawqqArJDEMZOZ9cfBzOwJRQKQTrNHWfaAbMC7Zvf74RZWe27v
-5raT5ZXU43bA3mRrHHINDXuFL7TingFEb4VTMHi/w04zIQv5pmaFoO9gjQd9rPs8
-Ear5f1v5Dq8n1Kn7srP+jUzQn4OaeTJ/shGvtTWjYkpKA8jN8PdemJ1e0H/pz4of
-vSjHJY57YzCDbAA=
+AwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBABSZkwxT
+bH5DbShz8BH6gBN5ry3CZHEdkF2yLh9MvzAhEhaCpI2Q5+M87jrRULoY4NXny2uH
+riThC3zHgyiYVtxj127R9qmSPtWqg/PE/lMm0LPo8gs0u8tdUyg2uau4E6KzU6yr
+x0GS9eTHZsavFfnCpZzDB4HJwEEsQBFbhmPAbh3H5D9BpI0YLNoa+tc507aPvocP
+K6GQate638+XIAV+jKf4kL/stqZECIFXGRWpqQ8cXHiruDVbsIx9SPUhOOeiUSf8
+JOovn/cZYuYfzxxdnOK157JMrPxk/Q69XTsCRJTsXhwk0T03O+sjL3pGxkVNVR5Q
+0m/CFlt4pwbh7jY=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem
index 5a44a0df..2502ae95 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -60,29 +60,29 @@ Certificate:
Salt Length: 0x20
Trailer Field: 0xBC (default)
- a3:9a:85:01:f5:22:c0:a3:8e:80:da:04:5e:a3:51:71:97:ba:
- 77:9f:96:19:33:6d:52:9e:ff:ce:05:a3:a6:87:05:d4:24:13:
- 91:1e:75:0b:af:d7:6c:0c:75:d9:63:27:a1:9b:1b:fd:f9:16:
- 70:fc:a1:f7:03:ad:e4:5f:f0:52:66:f8:b2:b6:4e:39:85:c6:
- d3:8f:90:7f:de:21:a2:ef:9b:64:a2:77:a7:f2:82:02:4e:da:
- 93:4d:53:de:0c:26:fb:b9:87:05:8c:32:d2:96:b3:ab:58:ef:
- ba:7c:f8:f6:0d:a5:82:ca:18:4e:21:77:ec:bc:9a:e6:68:e9:
- bc:7d:65:27:ad:cd:4b:e1:09:8c:aa:10:76:d1:98:31:89:67:
- 8f:c9:ed:78:cd:a5:33:0a:8a:b4:86:48:fe:e9:47:7a:59:fa:
- 91:56:5f:9c:72:35:a8:3a:63:7b:3f:7b:9b:a0:1b:e1:c5:69:
- b3:0d:90:8b:4d:eb:3f:26:63:4c:bd:10:0d:c4:63:4c:45:4e:
- f7:80:f8:e7:8a:24:4b:ee:7c:88:1b:b9:6c:33:57:de:14:7a:
- 48:ee:85:58:5a:94:6e:64:68:3c:b8:9f:76:da:15:0e:96:41:
- 0b:e7:54:04:f6:49:ed:94:8d:fc:0d:08:e2:28:5d:e2:1a:13:
- 3d:73:f6:eb
+ 44:ba:5d:7a:83:e4:65:ff:23:b8:4b:7c:9f:ab:2e:f7:dc:59:
+ 7e:6b:40:67:54:09:42:9f:41:1d:a1:7e:a8:f9:47:48:c1:00:
+ 63:cc:92:06:2c:3c:eb:f4:83:32:c2:2e:d1:78:f3:1e:52:60:
+ 32:26:8e:b3:b3:62:3d:ba:2b:8d:74:ef:01:5c:cc:1b:7c:ac:
+ 40:64:07:79:eb:f9:36:26:0e:e9:a8:55:5d:e5:10:87:17:0d:
+ 69:63:34:4b:5b:09:c8:54:dd:43:1c:1a:62:bb:ac:00:eb:3f:
+ a8:fe:b3:b6:e0:8b:9e:1c:a5:f4:09:8a:f0:7b:2f:da:13:92:
+ af:ad:c0:f0:c5:16:18:30:53:a6:5d:b9:1f:97:4b:a6:ac:4c:
+ 80:dc:01:28:d9:9f:45:73:bd:6c:30:d1:c7:73:33:c5:cc:df:
+ 56:f4:72:04:00:78:dd:5f:d8:92:bb:87:e9:15:01:e3:f0:6e:
+ bb:aa:3e:85:f9:68:22:7a:1e:d3:4c:43:bf:01:ee:0a:aa:9c:
+ 73:0b:38:d4:77:cf:b7:11:ca:5c:aa:e6:e6:25:9d:bf:41:8d:
+ 79:37:0c:fa:53:41:c5:86:cf:10:29:9d:7a:7c:96:c5:e5:6c:
+ 57:7b:89:e6:14:84:5b:54:22:c4:5c:81:a0:bf:a4:fc:76:71:
+ 97:34:62:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA7egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBsjELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
-CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjEx
-NzQ5WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
+CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIx
+OTI4WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
B0JvemVtYW4xFzAVBgNVBAoMDndvbGZTU0xfUlNBUFNTMRYwFAYDVQQLDA1TZXJ2
ZXItUlNBUFNTMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMIIB
@@ -97,10 +97,10 @@ AQABo4GJMIGGMB0GA1UdDgQWBBQtB2mwoW+fDPolBbLKlwhE3w6XqDAfBgNVHSME
GDAWgBSeDODT37ZL8xljXMpsk4aiFFORMTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAw
PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ
-YIZIAWUDBAIBogMCASADggEBAKOahQH1IsCjjoDaBF6jUXGXuneflhkzbVKe/84F
-o6aHBdQkE5EedQuv12wMddljJ6GbG/35FnD8ofcDreRf8FJm+LK2TjmFxtOPkH/e
-IaLvm2Sid6fyggJO2pNNU94MJvu5hwWMMtKWs6tY77p8+PYNpYLKGE4hd+y8muZo
-6bx9ZSetzUvhCYyqEHbRmDGJZ4/J7XjNpTMKirSGSP7pR3pZ+pFWX5xyNag6Y3s/
-e5ugG+HFabMNkItN6z8mY0y9EA3EY0xFTveA+OeKJEvufIgbuWwzV94UekjuhVha
-lG5kaDy4n3baFQ6WQQvnVAT2Se2UjfwNCOIoXeIaEz1z9us=
+YIZIAWUDBAIBogMCASADggEBAES6XXqD5GX/I7hLfJ+rLvfcWX5rQGdUCUKfQR2h
+fqj5R0jBAGPMkgYsPOv0gzLCLtF48x5SYDImjrOzYj26K4107wFczBt8rEBkB3nr
++TYmDumoVV3lEIcXDWljNEtbCchU3UMcGmK7rADrP6j+s7bgi54cpfQJivB7L9oT
+kq+twPDFFhgwU6ZduR+XS6asTIDcASjZn0VzvWww0cdzM8XM31b0cgQAeN1f2JK7
+h+kVAePwbruqPoX5aCJ6HtNMQ78B7gqqnHMLONR3z7cRylyq5uYlnb9BjXk3DPpT
+QcWGzxApnXp8lsXlbFd7ieYUhFtUIsRcgaC/pPx2cZc0Yn0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der
index f8f41f26..1015ec6b 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem
index c3610ada..77c7f0fd 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -60,29 +60,29 @@ Certificate:
Salt Length: 0x20
Trailer Field: 0xBC (default)
- a3:9a:85:01:f5:22:c0:a3:8e:80:da:04:5e:a3:51:71:97:ba:
- 77:9f:96:19:33:6d:52:9e:ff:ce:05:a3:a6:87:05:d4:24:13:
- 91:1e:75:0b:af:d7:6c:0c:75:d9:63:27:a1:9b:1b:fd:f9:16:
- 70:fc:a1:f7:03:ad:e4:5f:f0:52:66:f8:b2:b6:4e:39:85:c6:
- d3:8f:90:7f:de:21:a2:ef:9b:64:a2:77:a7:f2:82:02:4e:da:
- 93:4d:53:de:0c:26:fb:b9:87:05:8c:32:d2:96:b3:ab:58:ef:
- ba:7c:f8:f6:0d:a5:82:ca:18:4e:21:77:ec:bc:9a:e6:68:e9:
- bc:7d:65:27:ad:cd:4b:e1:09:8c:aa:10:76:d1:98:31:89:67:
- 8f:c9:ed:78:cd:a5:33:0a:8a:b4:86:48:fe:e9:47:7a:59:fa:
- 91:56:5f:9c:72:35:a8:3a:63:7b:3f:7b:9b:a0:1b:e1:c5:69:
- b3:0d:90:8b:4d:eb:3f:26:63:4c:bd:10:0d:c4:63:4c:45:4e:
- f7:80:f8:e7:8a:24:4b:ee:7c:88:1b:b9:6c:33:57:de:14:7a:
- 48:ee:85:58:5a:94:6e:64:68:3c:b8:9f:76:da:15:0e:96:41:
- 0b:e7:54:04:f6:49:ed:94:8d:fc:0d:08:e2:28:5d:e2:1a:13:
- 3d:73:f6:eb
+ 44:ba:5d:7a:83:e4:65:ff:23:b8:4b:7c:9f:ab:2e:f7:dc:59:
+ 7e:6b:40:67:54:09:42:9f:41:1d:a1:7e:a8:f9:47:48:c1:00:
+ 63:cc:92:06:2c:3c:eb:f4:83:32:c2:2e:d1:78:f3:1e:52:60:
+ 32:26:8e:b3:b3:62:3d:ba:2b:8d:74:ef:01:5c:cc:1b:7c:ac:
+ 40:64:07:79:eb:f9:36:26:0e:e9:a8:55:5d:e5:10:87:17:0d:
+ 69:63:34:4b:5b:09:c8:54:dd:43:1c:1a:62:bb:ac:00:eb:3f:
+ a8:fe:b3:b6:e0:8b:9e:1c:a5:f4:09:8a:f0:7b:2f:da:13:92:
+ af:ad:c0:f0:c5:16:18:30:53:a6:5d:b9:1f:97:4b:a6:ac:4c:
+ 80:dc:01:28:d9:9f:45:73:bd:6c:30:d1:c7:73:33:c5:cc:df:
+ 56:f4:72:04:00:78:dd:5f:d8:92:bb:87:e9:15:01:e3:f0:6e:
+ bb:aa:3e:85:f9:68:22:7a:1e:d3:4c:43:bf:01:ee:0a:aa:9c:
+ 73:0b:38:d4:77:cf:b7:11:ca:5c:aa:e6:e6:25:9d:bf:41:8d:
+ 79:37:0c:fa:53:41:c5:86:cf:10:29:9d:7a:7c:96:c5:e5:6c:
+ 57:7b:89:e6:14:84:5b:54:22:c4:5c:81:a0:bf:a4:fc:76:71:
+ 97:34:62:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA7egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBsjELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
-CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjEx
-NzQ5WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
+CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIx
+OTI4WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
B0JvemVtYW4xFzAVBgNVBAoMDndvbGZTU0xfUlNBUFNTMRYwFAYDVQQLDA1TZXJ2
ZXItUlNBUFNTMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMIIB
@@ -97,12 +97,12 @@ AQABo4GJMIGGMB0GA1UdDgQWBBQtB2mwoW+fDPolBbLKlwhE3w6XqDAfBgNVHSME
GDAWgBSeDODT37ZL8xljXMpsk4aiFFORMTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAw
PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ
-YIZIAWUDBAIBogMCASADggEBAKOahQH1IsCjjoDaBF6jUXGXuneflhkzbVKe/84F
-o6aHBdQkE5EedQuv12wMddljJ6GbG/35FnD8ofcDreRf8FJm+LK2TjmFxtOPkH/e
-IaLvm2Sid6fyggJO2pNNU94MJvu5hwWMMtKWs6tY77p8+PYNpYLKGE4hd+y8muZo
-6bx9ZSetzUvhCYyqEHbRmDGJZ4/J7XjNpTMKirSGSP7pR3pZ+pFWX5xyNag6Y3s/
-e5ugG+HFabMNkItN6z8mY0y9EA3EY0xFTveA+OeKJEvufIgbuWwzV94UekjuhVha
-lG5kaDy4n3baFQ6WQQvnVAT2Se2UjfwNCOIoXeIaEz1z9us=
+YIZIAWUDBAIBogMCASADggEBAES6XXqD5GX/I7hLfJ+rLvfcWX5rQGdUCUKfQR2h
+fqj5R0jBAGPMkgYsPOv0gzLCLtF48x5SYDImjrOzYj26K4107wFczBt8rEBkB3nr
++TYmDumoVV3lEIcXDWljNEtbCchU3UMcGmK7rADrP6j+s7bgi54cpfQJivB7L9oT
+kq+twPDFFhgwU6ZduR+XS6asTIDcASjZn0VzvWww0cdzM8XM31b0cgQAeN1f2JK7
+h+kVAePwbruqPoX5aCJ6HtNMQ78B7gqqnHMLONR3z7cRylyq5uYlnb9BjXk3DPpT
+QcWGzxApnXp8lsXlbFd7ieYUhFtUIsRcgaC/pPx2cZc0Yn0=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -115,8 +115,8 @@ Certificate:
Trailer Field: 0xBC (default)
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
Subject Public Key Info:
Public Key Algorithm: rsassaPss
@@ -162,28 +162,28 @@ Certificate:
Salt Length: 0x20
Trailer Field: 0xBC (default)
- 49:a5:ef:22:47:73:30:e6:41:67:79:c9:8c:ac:58:a2:d0:bf:
- ed:50:c9:e8:26:44:16:d0:64:c7:f9:f0:50:1f:8b:25:f7:ba:
- 32:f0:1d:14:9f:d7:ad:2b:81:14:7d:60:ec:b3:f6:ad:0a:99:
- b6:1d:eb:f2:8e:d5:bf:1b:a9:1e:3e:8b:6c:c8:c0:ee:dd:1b:
- 2e:34:dd:bd:cd:14:60:2e:14:60:b8:f1:f3:bc:af:87:5a:75:
- 55:72:18:2d:a3:9d:01:73:aa:52:a6:44:4e:5c:a2:b5:57:8f:
- 4b:36:5e:2a:f2:c1:e2:de:88:29:24:8d:62:81:d4:6d:42:e3:
- 50:e3:a9:46:fe:78:be:95:83:bd:cc:2c:9a:ad:da:4f:c1:de:
- 34:01:53:21:5b:c6:ec:6f:6b:2e:fd:d4:71:c7:15:4e:26:30:
- 6a:de:c7:21:22:14:ae:80:c0:00:89:72:83:89:3c:30:15:3b:
- 68:67:97:b0:93:7b:7a:95:54:1d:45:8e:ae:d2:97:0c:f9:32:
- 3b:61:2d:9e:b2:b0:2e:4f:d5:cc:ab:05:5d:ce:14:8a:fe:7b:
- e4:59:33:fe:e0:42:d9:a6:99:f8:f2:7f:98:fa:09:dc:d5:ab:
- 2b:7b:08:c2:24:4c:59:49:e0:9e:23:85:d8:32:c7:5b:d4:01:
- d2:20:c5:9c
+ 6c:79:0e:40:30:74:f6:02:08:61:df:c0:89:25:10:30:ea:e4:
+ e9:14:c8:c6:47:01:55:a4:f2:ed:ee:3f:55:da:62:39:04:cb:
+ 3d:a1:78:56:76:30:fd:14:ea:b3:d8:21:99:c6:ca:ed:9f:18:
+ 7d:15:4d:d2:cf:db:c3:a1:b4:56:0d:04:b1:72:9c:68:81:1f:
+ 01:02:b8:8f:d6:d8:ed:47:3a:72:f2:e0:a5:9b:7b:50:75:00:
+ a4:ab:23:62:48:1f:bc:f4:50:86:ef:06:b3:f8:8b:6e:e0:39:
+ d1:8c:3b:8f:1f:ef:c5:ff:8c:2d:b2:1b:5d:82:32:b1:81:92:
+ 02:7c:c9:ad:16:86:63:6c:95:41:ed:80:70:96:41:13:11:03:
+ 9a:c1:41:d4:ca:e0:fd:7f:2d:d9:5b:60:d6:42:fe:aa:ac:73:
+ 4e:6d:26:67:03:ec:53:e9:97:2f:73:3a:f5:c4:ba:cf:dc:db:
+ 6c:f0:79:80:b1:52:f4:bf:12:c9:a7:ce:b1:2f:8d:6a:6a:a8:
+ 9e:27:e9:d1:55:26:6b:20:8c:1f:90:57:6d:5e:dc:9e:ca:4c:
+ 76:fc:35:76:dc:5a:06:90:50:88:7e:ad:9f:58:e3:39:10:e3:
+ 64:19:9f:ea:fb:86:04:84:79:d6:20:ac:c8:45:8b:03:8c:eb:
+ b6:d4:e7:e4
-----BEGIN CERTIFICATE-----
MIIEvzCCA3egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBnTELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dv
bGZTU0xfUlNBLVBTUzEVMBMGA1UECwwMUm9vdC1SU0EtUFNTMRgwFgYDVQQDDA93
d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBsjELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBsjELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -198,10 +198,10 @@ pyvhDzjmM+qyEA4UyD+Hn/+LKMwdAgMBAAGjYzBhMB0GA1UdDgQWBBSeDODT37ZL
8xljXMpsk4aiFFORMTAfBgNVHSMEGDAWgBRk1eyCh4DeWu1JmNgMVH1GnqU81jAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA9BgkqhkiG9w0BAQowMKAN
MAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOC
-AQEASaXvIkdzMOZBZ3nJjKxYotC/7VDJ6CZEFtBkx/nwUB+LJfe6MvAdFJ/XrSuB
-FH1g7LP2rQqZth3r8o7VvxupHj6LbMjA7t0bLjTdvc0UYC4UYLjx87yvh1p1VXIY
-LaOdAXOqUqZETlyitVePSzZeKvLB4t6IKSSNYoHUbULjUOOpRv54vpWDvcwsmq3a
-T8HeNAFTIVvG7G9rLv3UcccVTiYwat7HISIUroDAAIlyg4k8MBU7aGeXsJN7epVU
-HUWOrtKXDPkyO2EtnrKwLk/VzKsFXc4Uiv575Fkz/uBC2aaZ+PJ/mPoJ3NWrK3sI
-wiRMWUngniOF2DLHW9QB0iDFnA==
+AQEAbHkOQDB09gIIYd/AiSUQMOrk6RTIxkcBVaTy7e4/VdpiOQTLPaF4VnYw/RTq
+s9ghmcbK7Z8YfRVN0s/bw6G0Vg0EsXKcaIEfAQK4j9bY7Uc6cvLgpZt7UHUApKsj
+YkgfvPRQhu8Gs/iLbuA50Yw7jx/vxf+MLbIbXYIysYGSAnzJrRaGY2yVQe2AcJZB
+ExEDmsFB1Mrg/X8t2Vtg1kL+qqxzTm0mZwPsU+mXL3M69cS6z9zbbPB5gLFS9L8S
+yafOsS+Namqonifp0VUmayCMH5BXbV7cnspMdvw1dtxaBpBQiH6tn1jjORDjZBmf
+6vuGBIR51iCsyEWLA4zrttTn5A==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-cert-chain.der b/extra/wolfssl/wolfssl/certs/server-cert-chain.der
index 15b1d288..effd41c1 100644
--- a/extra/wolfssl/wolfssl/certs/server-cert-chain.der
+++ b/extra/wolfssl/wolfssl/certs/server-cert-chain.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-cert.der b/extra/wolfssl/wolfssl/certs/server-cert.der
index 30cd28d9..e5cb198f 100644
--- a/extra/wolfssl/wolfssl/certs/server-cert.der
+++ b/extra/wolfssl/wolfssl/certs/server-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-cert.pem b/extra/wolfssl/wolfssl/certs/server-cert.pem
index de754a26..c0e639fe 100644
--- a/extra/wolfssl/wolfssl/certs/server-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/server-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -46,27 +46,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- b9:10:f0:be:fe:c8:67:5e:7d:0f:36:33:c7:17:2a:01:c4:bb:
- 74:83:4c:bc:bb:e2:ba:92:82:3a:d9:2d:8c:0e:e3:75:1b:c0:
- 14:aa:40:1e:a8:11:7d:94:9c:3d:74:7a:3b:16:7b:d8:9d:f0:
- e8:7d:1d:fa:3b:14:42:20:e3:05:a3:fd:b1:0c:f1:2a:c4:00:
- 50:8d:1e:97:93:6a:de:82:13:24:9e:2b:fa:08:85:e3:4f:40:
- fd:63:c7:3d:e9:bd:6f:7c:03:98:85:fe:b4:51:5d:7f:8c:83:
- b3:ad:4a:88:e9:f3:4c:33:84:77:d3:02:35:59:e3:4e:64:a1:
- b7:bb:fb:f8:fb:14:2a:ae:36:bf:d9:82:e7:cb:98:48:16:c8:
- 81:d6:a0:f1:74:14:e3:74:4a:72:4a:f1:6f:dd:be:86:1e:20:
- f3:05:16:83:1f:aa:7c:59:35:97:24:b8:27:b7:56:9f:30:2e:
- 90:e0:19:e0:21:ca:9d:3f:da:99:07:94:79:49:53:14:5c:a2:
- 2c:56:5b:b2:55:68:5c:1f:91:58:9a:cd:53:b5:ea:63:5a:72:
- 49:41:cc:76:9f:88:35:86:0d:60:5d:e5:91:bd:ac:6f:cf:d5:
- 92:27:72:4a:21:f4:58:98:8e:3b:d2:29:e6:ee:fa:e6:b0:6c:
- 8b:1e:e0:54
+ 4a:ff:b9:e5:85:9b:da:53:66:7f:07:22:bf:b6:19:ea:42:eb:
+ a4:11:07:62:ff:39:5f:33:37:3a:87:26:71:3d:13:b2:ca:b8:
+ 64:38:7b:8a:99:48:0e:a5:a4:6b:b1:99:6e:e0:46:51:bd:19:
+ 52:ad:bc:a6:7e:2a:7a:7c:23:a7:cc:db:5e:43:7d:6b:04:c8:
+ b7:dd:95:ad:f0:91:80:59:c5:19:91:26:27:91:b8:48:1c:eb:
+ 55:b6:aa:7d:a4:38:f1:03:bc:6c:8b:aa:94:d6:3c:05:7a:96:
+ c5:06:f1:26:14:2e:75:fb:dd:e5:35:b3:01:2c:b3:ad:62:5a:
+ 21:9a:08:be:56:fc:f9:a2:42:87:86:e5:a9:c5:99:cf:ae:14:
+ be:e0:b9:08:24:0d:1d:5c:d6:14:e1:4c:9f:40:b3:a9:e9:2d:
+ 52:8b:4c:bf:ac:44:31:67:c1:8d:06:85:ec:0f:e4:99:d7:4b:
+ 7b:21:06:66:d4:e4:f5:9d:ff:8e:f0:86:39:58:1d:a4:5b:e2:
+ 63:ef:7c:c9:18:87:a8:02:25:10:3e:87:28:f9:f5:ef:47:9e:
+ a5:80:08:11:90:68:fe:d1:a3:a8:51:b9:37:ff:d5:ca:7c:87:
+ 7f:6b:bc:2c:12:c8:c5:85:8b:fc:0c:c6:b9:86:b8:c9:04:c3:
+ 51:37:d2:4f
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
@@ -80,26 +80,26 @@ BBSzETLJkpiE4sn40DtuA0LKHw6OPDCB1AYDVR0jBIHMMIHJgBQnjmcRdMMmHT/t
M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
-9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFCyAzttHnQdmkj1o18qskE/KaUFLMAwG
+9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFDNEGqhsAez2YPJwUQpM0RT6vOlEMAwG
A1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0l
-BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQC5EPC+
-/shnXn0PNjPHFyoBxLt0g0y8u+K6koI62S2MDuN1G8AUqkAeqBF9lJw9dHo7FnvY
-nfDofR36OxRCIOMFo/2xDPEqxABQjR6Xk2reghMkniv6CIXjT0D9Y8c96b1vfAOY
-hf60UV1/jIOzrUqI6fNMM4R30wI1WeNOZKG3u/v4+xQqrja/2YLny5hIFsiB1qDx
-dBTjdEpySvFv3b6GHiDzBRaDH6p8WTWXJLgnt1afMC6Q4BngIcqdP9qZB5R5SVMU
-XKIsVluyVWhcH5FYms1TtepjWnJJQcx2n4g1hg1gXeWRvaxvz9WSJ3JKIfRYmI47
-0inm7vrmsGyLHuBU
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBK/7nl
+hZvaU2Z/ByK/thnqQuukEQdi/zlfMzc6hyZxPROyyrhkOHuKmUgOpaRrsZlu4EZR
+vRlSrbymfip6fCOnzNteQ31rBMi33ZWt8JGAWcUZkSYnkbhIHOtVtqp9pDjxA7xs
+i6qU1jwFepbFBvEmFC51+93lNbMBLLOtYlohmgi+Vvz5okKHhuWpxZnPrhS+4LkI
+JA0dXNYU4UyfQLOp6S1Si0y/rEQxZ8GNBoXsD+SZ10t7IQZm1OT1nf+O8IY5WB2k
+W+Jj73zJGIeoAiUQPoco+fXvR56lgAgRkGj+0aOoUbk3/9XKfId/a7wsEsjFhYv8
+DMa5hrjJBMNRN9JP
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+ 33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -130,7 +130,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -139,27 +139,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
- d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
- 03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
- 75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
- 1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
- ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
- 3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
- 6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
- 11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
- 51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
- b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
- 55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
- b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
- 86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
- d4:b8:9a:2c
+ 2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+ 14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+ ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+ df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+ 06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+ c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+ a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+ f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+ 46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+ 38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+ b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+ b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+ 6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+ d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+ b9:a2:fe:35
-----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -174,12 +174,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-comp.der b/extra/wolfssl/wolfssl/certs/server-ecc-comp.der
index 79421796..b7e15586 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-comp.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-comp.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem b/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem
index 3e0aa663..8af59ab6 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 04:d0:ee:f8:6f:67:42:a9:6f:3f:d2:7d:6e:7b:ce:29:ce:14:d2:1b
+ 21:d7:53:80:24:5c:eb:bf:c0:a4:40:f4:42:19:3b:83:fd:58:c5:a6
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Montana, L = Bozeman, O = Elliptic - comp, OU = Server ECC-comp, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Elliptic - comp, OU = Server ECC-comp, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -24,7 +24,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18
DirName:/C=US/ST=Montana/L=Bozeman/O=Elliptic - comp/OU=Server ECC-comp/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:04:D0:EE:F8:6F:67:42:A9:6F:3F:D2:7D:6E:7B:CE:29:CE:14:D2:1B
+ serial:21:D7:53:80:24:5C:EB:BF:C0:A4:40:F4:42:19:3B:83:FD:58:C5:A6
X509v3 Basic Constraints:
CA:TRUE
@@ -33,17 +33,17 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:21:00:8d:97:8f:d4:70:bf:10:7a:3f:f4:35:bb:8e:
- 6d:39:5b:a1:02:ee:32:da:02:91:57:02:0b:43:08:3e:61:da:
- f1:02:20:73:55:17:84:06:34:0e:9b:cd:55:c4:6d:3b:26:a3:
- ed:3a:8b:ba:22:e3:dc:35:fb:8c:0f:b7:ba:6c:63:9d:e1
+ 30:45:02:20:57:1a:59:bc:c9:45:0a:46:e6:16:da:17:ce:c3:
+ 0a:57:57:f2:3d:15:cd:ca:1b:a7:a8:39:2e:9d:09:f3:3e:a0:
+ 02:21:00:de:a3:3a:4d:88:38:2b:3a:84:de:2f:0a:81:14:57:
+ 7f:7f:2e:d6:a5:4d:61:10:69:b9:a2:c6:51:cd:80:4a:63
-----BEGIN CERTIFICATE-----
-MIIDdzCCAx2gAwIBAgIUBNDu+G9nQqlvP9J9bnvOKc4U0hswCgYIKoZIzj0EAwIw
+MIIDdzCCAx2gAwIBAgIUIddTgCRc67/ApED0Qhk7g/1YxaYwCgYIKoZIzj0EAwIw
gaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAxGDAWBgNVBAsMD1NlcnZlciBF
Q0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
-FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0
-OVowgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTky
+OFowgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAxGDAWBgNVBAsMD1NlcnZl
ciBFQ0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
AQkBFhBpbmZvQHdvbGZzc2wuY29tMDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgAC
@@ -52,9 +52,9 @@ FgQUjDg6a7gkt99u9FmsVk6q4limWhgwgeAGA1UdIwSB2DCB1YAUjDg6a7gkt99u
9FmsVk6q4limWhihgaakgaMwgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAx
GDAWBgNVBAsMD1NlcnZlciBFQ0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
-Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQE0O74b2dCqW8/
-0n1ue84pzhTSGzAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29t
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQh11OAJFzrv8Ck
+QPRCGTuD/VjFpjAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29t
hwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggqhkjOPQQD
-AgNIADBFAiEAjZeP1HC/EHo/9DW7jm05W6EC7jLaApFXAgtDCD5h2vECIHNVF4QG
-NA6bzVXEbTsmo+06i7oi49w1+4wPt7psY53h
+AgNIADBFAiBXGlm8yUUKRuYW2hfOwwpXV/I9Fc3KG6eoOS6dCfM+oAIhAN6jOk2I
+OCs6hN4vCoEUV39/LtalTWEQabmixlHNgEpj
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der
index 8af4cc27..3c958432 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem
index 0d4b19d5..6db0901d 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Elliptic - RSAsig, OU = ECC-RSAsig, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -25,7 +25,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -34,27 +34,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- 44:da:4d:a2:d3:96:51:31:35:74:21:d5:27:0d:ab:72:eb:d8:
- 24:11:3c:52:07:01:51:e8:26:11:39:da:ac:57:ca:e3:8d:8c:
- 91:16:28:e3:7b:fe:58:76:0a:3e:9d:ac:f3:ce:9f:5a:ff:07:
- c9:a1:27:9a:9a:5c:db:82:ba:0e:d0:80:bc:cf:b1:34:6a:26:
- af:15:7a:21:f6:a9:48:3c:c6:02:d0:4e:32:ac:75:17:60:19:
- 45:12:37:5d:75:65:84:ca:e8:40:73:f5:1c:71:82:ae:e2:3a:
- 1c:d7:4c:59:f2:83:16:1f:77:02:91:cc:9c:aa:c9:e7:72:6b:
- ff:40:7e:da:35:65:47:bd:55:90:c8:c8:21:b2:fb:89:d4:d4:
- cc:39:02:54:20:83:17:46:eb:5f:60:58:35:4e:ca:24:8d:0b:
- 77:10:b0:4a:2a:51:a9:d0:74:27:35:61:76:0f:94:2c:0b:10:
- 1d:b8:4a:3e:38:95:17:0a:0a:7e:c6:35:c3:68:89:c0:82:8b:
- 61:b8:e6:2f:f9:c8:58:96:c7:1f:eb:1d:2f:09:34:5f:bf:76:
- af:00:6c:33:80:10:5b:a0:d2:76:6f:e2:4c:96:b6:2d:dc:c0:
- 21:43:6e:f3:58:2a:4b:a6:ef:15:b5:ca:00:28:1a:c6:e0:31:
- f0:5d:99:70
+ 16:b7:d3:9c:7c:6e:d2:b7:79:aa:5a:16:0b:1e:da:d0:f7:df:
+ 64:c9:3c:b8:41:24:4b:1b:c2:83:5e:df:de:a8:8a:7c:eb:07:
+ 75:20:f6:f3:4c:bd:3f:2e:f0:f0:da:4b:c5:d2:c4:f8:db:34:
+ 75:e2:32:b4:34:92:8a:7f:d7:84:ea:df:99:ca:64:e6:7c:68:
+ 05:1c:75:de:3f:06:65:5d:fc:29:c9:73:0f:4a:ad:fd:bc:0d:
+ 91:37:67:63:55:65:93:99:56:84:25:1b:f1:50:03:31:2d:48:
+ ad:a3:38:91:29:88:b8:72:08:4c:11:36:35:20:13:78:98:d8:
+ 84:30:c5:7b:70:24:45:8c:e1:55:80:06:5f:19:57:89:58:1c:
+ 2a:40:fb:f3:a6:bf:ea:41:7a:79:2c:ab:fe:b6:16:5d:d5:fa:
+ 32:50:9d:89:f2:cc:87:7a:57:cf:4d:38:c4:d5:33:9a:4d:83:
+ c9:00:b8:36:66:14:76:20:c1:7a:c7:f7:0a:94:69:ce:0a:0f:
+ 81:04:12:5f:71:d0:d1:ff:08:d0:89:6f:ac:45:d3:06:23:a0:
+ 76:88:ad:5d:9a:7a:8c:1f:61:d4:d8:21:1d:8e:05:89:d1:d4:
+ d6:86:5b:4b:43:e6:03:4a:10:48:f4:1b:9d:3b:76:d8:2c:ad:
+ fa:33:a5:70
-----BEGIN CERTIFICATE-----
MIIEKjCCAxKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g
UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz
bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO
@@ -64,13 +64,13 @@ BBYEFF1dJu+sfjb5m3YVK0olAiPvsokwMIHUBgNVHSMEgcwwgcmAFCeOZxF0wyYd
P+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u
dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgxEzARBgNV
BAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20edB2aSPWjXyqyQT8ppQUsw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB7PZg8nBRCkzRFPq86UQw
DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAETa
-TaLTllExNXQh1ScNq3Lr2CQRPFIHAVHoJhE52qxXyuONjJEWKON7/lh2Cj6drPPO
-n1r/B8mhJ5qaXNuCug7QgLzPsTRqJq8VeiH2qUg8xgLQTjKsdRdgGUUSN111ZYTK
-6EBz9Rxxgq7iOhzXTFnygxYfdwKRzJyqyedya/9Afto1ZUe9VZDIyCGy+4nU1Mw5
-AlQggxdG619gWDVOyiSNC3cQsEoqUanQdCc1YXYPlCwLEB24Sj44lRcKCn7GNcNo
-icCCi2G45i/5yFiWxx/rHS8JNF+/dq8AbDOAEFug0nZv4kyWti3cwCFDbvNYKkum
-7xW1ygAoGsbgMfBdmXA=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBABa3
+05x8btK3eapaFgse2tD332TJPLhBJEsbwoNe396oinzrB3Ug9vNMvT8u8PDaS8XS
+xPjbNHXiMrQ0kop/14Tq35nKZOZ8aAUcdd4/BmVd/CnJcw9Krf28DZE3Z2NVZZOZ
+VoQlG/FQAzEtSK2jOJEpiLhyCEwRNjUgE3iY2IQwxXtwJEWM4VWABl8ZV4lYHCpA
++/Omv+pBenksq/62Fl3V+jJQnYnyzId6V89NOMTVM5pNg8kAuDZmFHYgwXrH9wqU
+ac4KD4EEEl9x0NH/CNCJb6xF0wYjoHaIrV2aeowfYdTYIR2OBYnR1NaGW0tD5gNK
+EEj0G507dtgsrfozpXA=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-self.der b/extra/wolfssl/wolfssl/certs/server-ecc-self.der
index deb6921d..fe076d68 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-self.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-self.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-self.pem b/extra/wolfssl/wolfssl/certs/server-ecc-self.pem
index d644b25a..663c1948 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-self.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-self.pem
@@ -2,13 +2,13 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2d:70:a6:06:58:4b:2c:a4:38:f2:94:39:94:46:70:99:ca:bf:25:89
+ 7e:ce:94:a4:69:82:50:e3:fe:e1:ca:d8:ff:0e:5f:8f:c9:b5:2b:5c
Signature Algorithm: ecdsa-with-SHA256
- Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Dec 13 21:17:49 2032 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:27 2023 GMT
+ Not After : Dec 10 22:19:27 2033 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
@@ -29,35 +29,36 @@ Certificate:
5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
X509v3 Authority Key Identifier:
keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
- DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2D:70:A6:06:58:4B:2C:A4:38:F2:94:39:94:46:70:99:CA:BF:25:89
+ DirName:/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+ serial:7E:CE:94:A4:69:82:50:E3:FE:E1:CA:D8:FF:0E:5F:8F:C9:B5:2B:5C
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
TLS Web Server Authentication
Signature Algorithm: ecdsa-with-SHA256
- 30:44:02:20:3f:7e:67:7c:2a:52:f3:12:eb:3c:f3:3d:cb:d0:
- 08:e0:9f:21:10:b7:1c:e6:c9:53:a9:04:65:38:76:cb:8d:ff:
- 02:20:09:ac:bd:98:ac:8f:58:ad:2c:51:8d:cd:bf:56:77:23:
- ac:b0:37:90:fb:8e:84:5a:a2:06:21:9d:4c:50:39:c3
+ 30:46:02:21:00:b1:ef:00:eb:7b:d1:e0:a8:95:1c:80:c8:11:
+ e3:66:46:fb:ff:f8:55:2f:45:20:98:72:b1:5b:e4:b6:3b:ce:
+ 35:02:21:00:d7:b3:b6:bb:fd:41:86:04:a1:61:bd:2b:1c:5f:
+ a0:3d:52:51:97:e3:90:d0:5e:a6:c8:09:23:ae:3d:5c:2a:3c
-----BEGIN CERTIFICATE-----
-MIIDWzCCAwKgAwIBAgIULXCmBlhLLKQ48pQ5lEZwmcq/JYkwCgYIKoZIzj0EAwIw
-gY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMM
-D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv
-bTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGPMQswCQYDVQQGEwJV
-UzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UE
-CgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
-b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIB
-BggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBboYQLp
-r03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBODCCATQwCQYDVR0TBAIw
-ADARBglghkgBhvhCAQEEBAMCBkAwHQYDVR0OBBYEFF1dJu+sfjb5m3YVK0olAiPv
-sokwMIHPBgNVHSMEgccwgcSAFF1dJu+sfjb5m3YVK0olAiPvsokwoYGVpIGSMIGP
-MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh
-dHRsZTEQMA4GA1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93
-d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22C
-FC1wpgZYSyykOPKUOZRGcJnKvyWJMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAK
-BggrBgEFBQcDATAKBggqhkjOPQQDAgNHADBEAiA/fmd8KlLzEus88z3L0AjgnyEQ
-txzmyVOpBGU4dsuN/wIgCay9mKyPWK0sUY3Nv1Z3I6ywN5D7joRaogYhnUxQOcM=
+MIIDYDCCAwWgAwIBAgIUfs6UpGmCUOP+4crY/w5fj8m1K1wwCgYIKoZIzj0EAwIw
+gZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQD
+DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wHhcNMjMxMjEzMjIxOTI3WhcNMzMxMjEwMjIxOTI3WjCBkDELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNV
+BAoMCEVsbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhh
+AumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0idijggE5MIIBNTAJBgNVHRME
+AjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4EFgQUXV0m76x+NvmbdhUrSiUC
+I++yiTAwgdAGA1UdIwSByDCBxYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZakgZMw
+gZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQD
+DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b22CFH7OlKRpglDj/uHK2P8OX4/JtStcMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUE
+DDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNJADBGAiEAse8A63vR4KiVHIDIEeNm
+Rvv/+FUvRSCYcrFb5LY7zjUCIQDXs7a7/UGGBKFhvSscX6A9UlGX45DQXqbICSOu
+PVwqPA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc.der b/extra/wolfssl/wolfssl/certs/server-ecc.der
index 2b08135b..7d5e07e6 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc.pem b/extra/wolfssl/wolfssl/certs/server-ecc.pem
index d2f48f90..94978a55 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc.pem
@@ -5,9 +5,9 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
@@ -34,24 +34,24 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:21:00:cf:3a:17:97:d4:be:7c:50:e1:be:1b:53:95:
- 7b:a3:b8:c6:73:c4:34:e0:73:5a:db:3e:cb:3a:b6:a8:f1:cd:
- bf:02:20:2b:e6:f9:65:b2:ab:0f:bb:2b:36:5c:cc:2e:19:a9:
- 59:1c:6f:6f:ce:9b:7a:e6:5b:65:31:33:80:05:cb:7c:96
+ 30:45:02:21:00:86:bd:87:16:d2:9c:66:e7:5e:5c:28:0e:5f:
+ ef:94:61:2f:d4:21:6d:8e:c3:94:0a:1e:b5:6a:1d:c6:04:87:
+ c6:02:20:66:46:c4:29:d9:8e:eb:0b:f7:5b:32:13:eb:0a:ea:
+ 47:99:4b:74:56:ba:21:97:b1:67:75:5c:f3:f3:c0:88:aa
-----BEGIN CERTIFICATE-----
-MIICoTCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
+MIICojCCAkigAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv
bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
-Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
-DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
-QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
-f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
-SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T
-AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ
-YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0gAMEUCIQDPOheX1L58UOG+G1OV
-e6O4xnPENOBzWts+yzq2qPHNvwIgK+b5ZbKrD7srNlzMLhmpWRxvb86beuZbZTEz
-gAXLfJY=
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
+IX/wzxjakRECNIboIFgzC4A0idijgYkwgYYwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
+K0olAiPvsokwMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD86UhMAwGA1Ud
+EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBEG
+CWCGSAGG+EIBAQQEAwIGQDAKBggqhkjOPQQDAgNIADBFAiEAhr2HFtKcZudeXCgO
+X++UYS/UIW2Ow5QKHrVqHcYEh8YCIGZGxCnZjusL91syE+sK6keZS3RWuiGXsWd1
+XPPzwIiq
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der
index d8385dc1..b4410ad4 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem
index e3656ed3..21d89098 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem
@@ -1,22 +1,22 @@
-----BEGIN CERTIFICATE-----
-MIIDnzCCAyWgAwIBAgICEAEwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
+MIIDnzCCAyagAwIBAgICEAEwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIyMTIx
-NjIxMTc0OVoYDzIwNTIxMjA4MjExNzQ5WjCBlTELMAkGA1UEBhMCVVMxEzARBgNV
-BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0
-aWMxEjAQBgNVBAsMCUVDQzM4NFNydjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMHYwEAYHKoZIzj0CAQYF
-K4EEACIDYgAE6s+TTywJuzkUD1Zkw0C03w5jruVxSwDMBJf/4ek4lrtfkbJqzLU5
-X49wWfEB9lorAWxoC89VJa9tmEgKqHTJqRegDMP70yNo/gQ8Y1CIO7lPfGc09zup
-c+cbw1FeIhjso4IBQDCCATwwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAw
-HQYDVR0OBBYEFII78mUv87QAxrwG/XlCdUtl0c68MIHXBgNVHSMEgc8wgcyAFKvg
-wyZMGNRyu9KEjJwKBZKAElNSoYGdpIGaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UE
-CAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNT
-TDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
-bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUYnDODA5oOu/2nBqW
-Ozpy/5ngviUwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoG
-CCqGSM49BAMDA2gAMGUCMQCypGLmlyMf62PmMwlYdqMWVEcPdKsHkKBh7uNpXZCC
-Ww3dN8jZXeLRqv5hxWHrLKYCMDQ45DuZ+uBhyv3fK+Dsk7Hshp7DN07yHZ4+9rQA
-jnHz/v78cK/NDpYULc0ilNGYJg==
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIzMTIx
+MzIyMTkyN1oYDzIwNTMxMjA1MjIxOTI3WjCBljELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlw
+dGljMRIwEAYDVQQLDAlFQ0MzODRTcnYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqGSM49AgEG
+BSuBBAAiA2IABOrPk08sCbs5FA9WZMNAtN8OY67lcUsAzASX/+HpOJa7X5Gyasy1
+OV+PcFnxAfZaKwFsaAvPVSWvbZhICqh0yakXoAzD+9MjaP4EPGNQiDu5T3xnNPc7
+qXPnG8NRXiIY7KOCAUAwggE8MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA
+MB0GA1UdDgQWBBSCO/JlL/O0AMa8Bv15QnVLZdHOvDCB1wYDVR0jBIHPMIHMgBSr
+4MMmTBjUcrvShIycCgWSgBJTUqGBnaSBmjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
+U0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFEXB9YZPVPLQmp3y
+n1IKRmavozXTMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAK
+BggqhkjOPQQDAwNnADBkAjA4AvK6JvDpyPBqda/IkyzM90qQIHKbomr7ayhuAG0k
+VENqh4nn4BED4EjmgEZ8FjoCMF4UuUIDJtYCMA8lqknSfpfxmWdSfbKw7eaM/ivj
+z5PuNjtIU2GSWQ1njRNDyi+keg==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-keyPub.der b/extra/wolfssl/wolfssl/certs/server-keyPub.der
new file mode 100644
index 00000000..b6d8fbe6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/server-keyPub.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/server-keyPub.pem b/extra/wolfssl/wolfssl/certs/server-keyPub.pem
index c90f5c4f..0707336a 100644
--- a/extra/wolfssl/wolfssl/certs/server-keyPub.pem
+++ b/extra/wolfssl/wolfssl/certs/server-keyPub.pem
@@ -1,4 +1,4 @@
------BEGIN RSA PUBLIC KEY-----
+-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScB
ZcZFrvK8JDC4lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8
yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF
@@ -6,4 +6,4 @@ yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF
UQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOV
oXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t
1wIDAQAB
------END RSA PUBLIC KEY-----
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem b/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem
index e84a8cbe..45629737 100644
--- a/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_revoked, OU = Support_revoked, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -46,27 +46,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:2e:5e:19:0f:49:37:fe:ce:10:c1:c9:55:8a:cb:c9:04:ee:
- 88:57:98:f2:ba:a0:50:61:55:12:03:cd:01:6a:8a:74:8c:ff:
- e4:10:25:14:41:73:10:99:2f:77:27:21:e9:db:9d:b4:5b:d4:
- df:bc:b2:29:8d:41:35:c4:65:82:18:8f:a2:03:10:65:cc:82:
- 7d:e0:59:fc:55:82:96:02:32:aa:c1:c6:6a:c4:1b:3c:04:e7:
- 35:72:67:1b:ba:29:c1:3d:ac:82:7c:23:66:eb:ae:7c:1b:a7:
- 8c:05:4e:f3:c4:8e:58:58:f6:9c:3e:68:9b:80:da:45:8c:0b:
- db:85:da:de:fb:cb:78:20:3e:e5:99:a0:ac:09:1e:9d:13:67:
- 3d:51:77:d3:47:38:6a:00:d3:d5:b3:20:bc:a5:61:fb:79:20:
- 13:f5:a6:16:a4:08:60:4e:c5:28:59:fe:fa:4c:52:a5:db:da:
- b9:a5:5e:3a:60:25:2b:e8:a5:cf:d3:5a:29:d4:52:8f:99:f3:
- 6b:4b:ad:42:b8:02:af:ab:56:57:36:c3:69:18:1b:88:9f:a4:
- f2:58:dc:53:bb:55:70:11:ae:af:f3:e5:64:c4:40:58:53:19:
- f6:96:ef:d0:f1:7c:e2:10:0d:f7:ed:c6:24:4e:a8:9f:db:72:
- 7a:9e:e7:0d
+ 5c:ae:98:a1:97:b7:b7:57:1b:47:32:9d:86:df:aa:5a:95:03:
+ 8f:de:04:9f:27:1f:b3:bc:6d:50:63:53:6a:02:83:3d:5b:f6:
+ 16:04:4a:04:84:65:d4:68:7c:f3:1d:8f:dc:ff:76:e1:b0:ce:
+ 88:b1:31:57:c9:5c:14:bf:ae:b9:ee:82:a0:b0:c3:25:bb:5f:
+ 0f:a7:00:fc:dd:73:27:8b:b8:dd:72:63:00:47:38:cb:09:66:
+ 7a:0e:fb:8f:c3:6e:de:23:23:47:cd:7f:f0:4c:fa:31:fa:f5:
+ 28:cb:2e:1c:3e:0a:92:8a:b2:c7:bd:37:21:39:d2:f6:ee:c4:
+ 9c:28:7a:0a:88:8c:ca:ce:7d:e8:c3:a7:3f:bc:44:52:fb:e0:
+ 68:95:f2:46:30:0f:1b:fa:ea:92:4c:86:c2:fe:62:48:91:5a:
+ ea:5a:9a:76:8a:23:dd:56:37:27:d8:91:2f:eb:77:eb:b8:30:
+ 8e:5a:46:71:96:a2:24:f0:fa:1a:eb:39:cd:70:dc:ea:4e:bd:
+ 49:88:4c:57:95:ff:f8:9e:b0:b7:13:10:26:51:3c:4b:bc:70:
+ 3a:fc:1d:a2:6f:13:bf:ab:d4:3c:9e:06:ae:3b:6d:03:09:41:
+ e0:07:b0:85:22:09:c1:5d:39:d2:59:04:90:9d:46:20:0b:24:
+ 82:82:c3:36
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2
b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s
ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
@@ -80,26 +80,26 @@ ggFFMIIBQTAdBgNVHQ4EFgQU2AkrWeEq7tnuQKqcq/BdKAlPIrswgdQGA1UdIwSB
zDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVT
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7bR50H
-ZpI9aNfKrJBPymlBSzAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUu
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqobAHs
+9mDycFEKTNEU+rzpRDAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUu
Y29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG
-9w0BAQsFAAOCAQEAri5eGQ9JN/7OEMHJVYrLyQTuiFeY8rqgUGFVEgPNAWqKdIz/
-5BAlFEFzEJkvdych6dudtFvU37yyKY1BNcRlghiPogMQZcyCfeBZ/FWClgIyqsHG
-asQbPATnNXJnG7opwT2sgnwjZuuufBunjAVO88SOWFj2nD5om4DaRYwL24Xa3vvL
-eCA+5ZmgrAkenRNnPVF300c4agDT1bMgvKVh+3kgE/WmFqQIYE7FKFn++kxSpdva
-uaVeOmAlK+ilz9NaKdRSj5nza0utQrgCr6tWVzbDaRgbiJ+k8ljcU7tVcBGur/Pl
-ZMRAWFMZ9pbv0PF84hAN9+3GJE6on9tyep7nDQ==
+9w0BAQsFAAOCAQEAXK6YoZe3t1cbRzKdht+qWpUDj94Enycfs7xtUGNTagKDPVv2
+FgRKBIRl1Gh88x2P3P924bDOiLExV8lcFL+uue6CoLDDJbtfD6cA/N1zJ4u43XJj
+AEc4ywlmeg77j8Nu3iMjR81/8Ez6Mfr1KMsuHD4Kkoqyx703ITnS9u7EnCh6CoiM
+ys596MOnP7xEUvvgaJXyRjAPG/rqkkyGwv5iSJFa6lqadooj3VY3J9iRL+t367gw
+jlpGcZaiJPD6Gus5zXDc6k69SYhMV5X/+J6wtxMQJlE8S7xwOvwdom8Tv6vUPJ4G
+rjttAwlB4AewhSIJwV050lkEkJ1GIAskgoLDNg==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+ 33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -130,7 +130,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -139,27 +139,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
- d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
- 03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
- 75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
- 1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
- ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
- 3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
- 6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
- 11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
- 51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
- b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
- 55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
- b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
- 86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
- d4:b8:9a:2c
+ 2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+ 14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+ ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+ df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+ 06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+ c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+ a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+ f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+ 46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+ 38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+ b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+ b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+ 6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+ d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+ b9:a2:fe:35
-----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -174,12 +174,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.der
new file mode 100644
index 00000000..56b92e5a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem
new file mode 100644
index 00000000..8a567eb4
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABCGS98sk32RNuqtme4N1qSnn/2Rj
+ttVCgCC94uICEjuOtACVCYDLVu1Lyo1X5q4F03YnY3E5ibdp5kiArtGpSBI=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.der
new file mode 100644
index 00000000..ffbae08d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem
new file mode 100644
index 00000000..73df5676
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEII+5uEAZDiE56+gI
+fP3YoQWTpDUs0YDjv35IR+QFDQlBoUQDQgAEIZL3yyTfZE26q2Z7g3WpKef/ZGO2
+1UKAIL3i4gISO460AJUJgMtW7UvKjVfmrgXTdidjcTmJt2nmSICu0alIEg==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.der
new file mode 100644
index 00000000..050c1b1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem
new file mode 100644
index 00000000..2451a522
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem
@@ -0,0 +1,51 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Validity
+ Not Before: Feb 15 06:23:07 2023 GMT
+ Not After : Nov 11 06:23:07 2025 GMT
+ Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Subject Public Key Info:
+ Public Key Algorithm: sm2
+ Public-Key: (256 bit)
+ pub:
+ 04:21:92:f7:cb:24:df:64:4d:ba:ab:66:7b:83:75:
+ a9:29:e7:ff:64:63:b6:d5:42:80:20:bd:e2:e2:02:
+ 12:3b:8e:b4:00:95:09:80:cb:56:ed:4b:ca:8d:57:
+ e6:ae:05:d3:76:27:63:71:39:89:b7:69:e6:48:80:
+ ae:d1:a9:48:12
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+ X509v3 Authority Key Identifier:
+ 34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature, Certificate Sign, CRL Sign
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:45:02:20:47:4e:00:03:ab:34:a1:af:59:39:8f:60:36:bf:
+ 89:88:42:41:27:c1:dd:57:c9:79:cb:1f:56:5c:16:b5:28:bd:
+ 02:21:00:8b:2e:25:eb:21:9b:a9:2b:a6:6a:5b:db:a7:c7:2b:
+ 11:df:73:15:ad:e4:c5:c3:c2:f3:b4:b4:67:af:d7:51:1c
+-----BEGIN CERTIFICATE-----
+MIICljCCAjygAwIBAgIBATAKBggqgRzPVQGDdTCBlTELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfU00yMREwDwYDVQQLDAhSb290LVNNMjEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDIxNTA2
+MjMwN1oXDTI1MTExMTA2MjMwN1owgawxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
+b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQKDAt3b2xmU1NMX3NtMjEP
+MA0GA1UECwwGQ0Etc20yMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
+hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xm
+U1NMMFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABCGS98sk32RNuqtme4N1qSnn
+/2RjttVCgCC94uICEjuOtACVCYDLVu1Lyo1X5q4F03YnY3E5ibdp5kiArtGpSBKj
+YzBhMB0GA1UdDgQWBBRHCkh+uwKoWiZXKxmpe2GLf12ZbjAfBgNVHSMEGDAWgBQ0
+HXlEFXmhsWOZ4+1lfGSJgP+47DAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBhjAKBggqgRzPVQGDdQNIADBFAiBHTgADqzShr1k5j2A2v4mIQkEnwd1XyXnL
+H1ZcFrUovQIhAIsuJeshm6krpmpb26fHKxHfcxWt5MXDwvO0tGev11Ec
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.der
new file mode 100644
index 00000000..9630aa90
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem
new file mode 100644
index 00000000..63e70e3d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABDod6MtL0y4/Swc/sCH+xZ7ZyjqT
+k5V2HTDZC/VW7Rlg7QFM9mcd8ayodA2yd8hJOOT/TO+NbYf2Tsf4OXRwcLU=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.der
new file mode 100644
index 00000000..e1ab54fd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem
new file mode 100644
index 00000000..12f76901
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEINCi30l6Ld8Cyc63
+8jcCDd38CLjeFJN6UyZJ1f4C2fNxoUQDQgAEOh3oy0vTLj9LBz+wIf7FntnKOpOT
+lXYdMNkL9VbtGWDtAUz2Zx3xrKh0DbJ3yEk45P9M741th/ZOx/g5dHBwtQ==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.der
new file mode 100644
index 00000000..195cdb14
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem
new file mode 100644
index 00000000..2f3f49ef
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem
@@ -0,0 +1,63 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 60:a0:4a:0b:36:eb:7d:e1:3f:74:29:a9:29:b4:05:6c:17:f7:a6:d4
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Client-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Validity
+ Not Before: Feb 15 06:23:07 2023 GMT
+ Not After : Nov 11 06:23:07 2025 GMT
+ Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Client-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Subject Public Key Info:
+ Public Key Algorithm: sm2
+ Public-Key: (256 bit)
+ pub:
+ 04:3a:1d:e8:cb:4b:d3:2e:3f:4b:07:3f:b0:21:fe:
+ c5:9e:d9:ca:3a:93:93:95:76:1d:30:d9:0b:f5:56:
+ ed:19:60:ed:01:4c:f6:67:1d:f1:ac:a8:74:0d:b2:
+ 77:c8:49:38:e4:ff:4c:ef:8d:6d:87:f6:4e:c7:f8:
+ 39:74:70:70:b5
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ E4:21:B2:C5:E5:D4:9E:82:CA:F8:67:F2:28:99:F6:85:E8:F1:55:EF
+ X509v3 Authority Key Identifier:
+ keyid:E4:21:B2:C5:E5:D4:9E:82:CA:F8:67:F2:28:99:F6:85:E8:F1:55:EF
+ DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_sm2/OU=Client-sm2/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
+ serial:60:A0:4A:0B:36:EB:7D:E1:3F:74:29:A9:29:B4:05:6C:17:F7:A6:D4
+ X509v3 Basic Constraints:
+ CA:TRUE
+ X509v3 Subject Alternative Name:
+ DNS:example.com, IP Address:127.0.0.1
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication, TLS Web Client Authentication
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:46:02:21:00:8f:b2:b5:95:8f:79:f6:5e:75:e5:c5:e9:9a:
+ 12:d2:0f:78:9f:c0:1d:8d:1c:be:6b:0c:f1:f5:57:60:db:91:
+ 4f:02:21:00:87:5e:7d:e4:d6:3a:bb:7b:98:27:85:de:7a:f0:
+ 21:e2:66:a1:9f:26:e0:dd:86:23:b4:c8:c0:46:5a:f2:49:8d
+-----BEGIN CERTIFICATE-----
+MIIDyTCCA26gAwIBAgIUYKBKCzbrfeE/dCmpKbQFbBf3ptQwCgYIKoEcz1UBg3Uw
+gbAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
+bWFuMRQwEgYDVQQKDAt3b2xmU1NMX3NtMjETMBEGA1UECwwKQ2xpZW50LXNtMjEY
+MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
+bGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0yMzAyMTUwNjIz
+MDdaFw0yNTExMTEwNjIzMDdaMIGwMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u
+dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECgwLd29sZlNTTF9zbTIxEzAR
+BgNVBAsMCkNsaWVudC1zbTIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dv
+bGZTU0wwWjAUBggqgRzPVQGCLQYIKoEcz1UBgi0DQgAEOh3oy0vTLj9LBz+wIf7F
+ntnKOpOTlXYdMNkL9VbtGWDtAUz2Zx3xrKh0DbJ3yEk45P9M741th/ZOx/g5dHBw
+taOCAWEwggFdMB0GA1UdDgQWBBTkIbLF5dSegsr4Z/IomfaF6PFV7zCB8AYDVR0j
+BIHoMIHlgBTkIbLF5dSegsr4Z/IomfaF6PFV76GBtqSBszCBsDELMAkGA1UEBhMC
+VVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoM
+C3dvbGZTU0xfc20yMRMwEQYDVQQLDApDbGllbnQtc20yMRgwFgYDVQQDDA93d3cu
+d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
+BgoJkiaJk/IsZAEBDAd3b2xmU1NMghRgoEoLNut94T90KakptAVsF/em1DAMBgNV
+HRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggqgRzPVQGDdQNJADBGAiEAj7K1lY95
+9l515cXpmhLSD3ifwB2NHL5rDPH1V2DbkU8CIQCHXn3k1jq7e5gnhd568CHiZqGf
+JuDdhiO0yMBGWvJJjQ==
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh
new file mode 100755
index 00000000..af8ad9be
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh
@@ -0,0 +1,124 @@
+#!/bin/bash
+
+check_result(){
+ if [ $1 -ne 0 ]; then
+ echo "Failed at \"$2\", Abort"
+ exit 1
+ else
+ echo "Step Succeeded!"
+ fi
+}
+
+openssl pkey -in root-sm2-priv.pem -noout >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+ echo "OpenSSL does not support SM2"
+ echo "Skipping SM2 certificate renewal"
+ exit 0
+fi
+
+############################################################
+###### update the self-signed root-sm2.pem #############
+############################################################
+echo "Updating root-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_SM2\\nRoot-SM2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | \
+openssl req -new -key root-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out root-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in root-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions ca_ecc_cert -signkey root-sm2-priv.pem -out root-sm2.pem
+check_result $? "Generate certificate"
+rm root-sm2.csr
+
+openssl x509 -in root-sm2.pem -outform DER > root-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in root-sm2.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem root-sm2.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update ca-sm2.pem signed by root ################
+############################################################
+echo "Updating ca-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_sm2\\nCA-sm2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key ca-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out ca-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in ca-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions ca_ecc_cert -CA root-sm2.pem -CAkey root-sm2-priv.pem -set_serial 01 -out ca-sm2.pem
+check_result $? "Generate certificate"
+rm ca-sm2.csr
+
+openssl x509 -in ca-sm2.pem -outform DER > ca-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in ca-sm2.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem ca-sm2.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update self-sm2-cert.pem ##############
+############################################################
+echo "Updating self-sm2-cert.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "AU\\nQLD\\n.\\nwolfSSL\\nTesting\\nwolfssl-dev-sm2\\n\\n\\n\\n\\n" | openssl req -new -key self-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out self-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in self-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions ca_ecc_cert -signkey self-sm2-priv.pem -out self-sm2-cert.pem
+check_result $? "Generate certificate"
+rm self-sm2.csr
+
+openssl x509 -in self-sm2-cert.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem self-sm2-cert.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update server-sm2.pem signed by ca ##############
+############################################################
+echo "Updating server-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_sm2\\nServer-sm2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key server-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out server-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in server-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions server_ecc -CA ca-sm2.pem -CAkey ca-sm2-priv.pem -set_serial 01 -out server-sm2-cert.pem
+check_result $? "Generate certificate"
+rm server-sm2.csr
+
+openssl x509 -in server-sm2-cert.pem -outform DER > server-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in server-sm2-cert.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem server-sm2-cert.pem
+cat server-sm2-cert.pem ca-sm2.pem > server-sm2.pem
+check_result $? "Add CA into server cert"
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update the self-signed client-sm2.pem ###########
+############################################################
+echo "Updating client-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_sm2\\nClient-sm2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key client-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out client-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in client-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions wolfssl_opts -signkey client-sm2-priv.pem -out client-sm2.pem
+check_result $? "Generate certificate"
+rm client-sm2.csr
+
+openssl x509 -in client-sm2.pem -outform DER > client-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in client-sm2.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem client-sm2.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
diff --git a/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh
new file mode 100755
index 00000000..503c2581
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+for key in root ca server client
+do
+
+ openssl genpkey -algorithm sm2 > ${key}-sm2-priv.pem
+
+ openssl pkey -in ${key}-sm2-priv.pem -outform DER -out ${key}-sm2-priv.der
+
+ openssl pkey -in ${key}-sm2-priv.pem -outform PEM -pubout -out ${key}-sm2-key.pem
+
+ openssl pkey -in ${key}-sm2-priv.pem -outform DER -pubout -out ${key}-sm2-key.der
+
+done
+
+
diff --git a/extra/wolfssl/wolfssl/certs/sm2/include.am b/extra/wolfssl/wolfssl/certs/sm2/include.am
new file mode 100644
index 00000000..9028b5ad
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/include.am
@@ -0,0 +1,37 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+ certs/sm2/ca-sm2.der \
+ certs/sm2/ca-sm2.pem \
+ certs/sm2/ca-sm2-key.der \
+ certs/sm2/ca-sm2-key.pem \
+ certs/sm2/ca-sm2-priv.der \
+ certs/sm2/ca-sm2-priv.pem \
+ certs/sm2/client-sm2.der \
+ certs/sm2/client-sm2.pem \
+ certs/sm2/client-sm2-key.der \
+ certs/sm2/client-sm2-key.pem \
+ certs/sm2/client-sm2-priv.der \
+ certs/sm2/client-sm2-priv.pem \
+ certs/sm2/root-sm2.der \
+ certs/sm2/root-sm2.pem \
+ certs/sm2/root-sm2-key.der \
+ certs/sm2/root-sm2-key.pem \
+ certs/sm2/root-sm2-priv.der \
+ certs/sm2/root-sm2-priv.pem \
+ certs/sm2/server-sm2.der \
+ certs/sm2/server-sm2.pem \
+ certs/sm2/server-sm2-cert.pem \
+ certs/sm2/server-sm2-key.der \
+ certs/sm2/server-sm2-key.pem \
+ certs/sm2/server-sm2-priv.der \
+ certs/sm2/server-sm2-priv.pem \
+ certs/sm2/self-sm2-cert.pem \
+ certs/sm2/self-sm2-key.pem \
+ certs/sm2/self-sm2-priv.pem
+
+EXTRA_DIST += \
+ certs/sm2/gen-sm2-certs.sh \
+ certs/sm2/gen-sm2-keys.sh
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.der
new file mode 100644
index 00000000..e2d9adcd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem
new file mode 100644
index 00000000..45b4a332
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABLucdYz3F/hIq/f22w2ajZ/C0UeX
+lQtO5lfsxfhXVHE5PHnhQD+2Uel8x9ot79LoeYF7q6NfaypslxpejtnQzAQ=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.der
new file mode 100644
index 00000000..efc18f96
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem
new file mode 100644
index 00000000..b8e70856
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEIMZrNEwzN1tkFlp/
+BPn8hzDRFbpYeO4HmCAm4QaNUYoooUQDQgAEu5x1jPcX+Eir9/bbDZqNn8LRR5eV
+C07mV+zF+FdUcTk8eeFAP7ZR6XzH2i3v0uh5gXuro19rKmyXGl6O2dDMBA==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.der
new file mode 100644
index 00000000..63c04077
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem
new file mode 100644
index 00000000..91b149af
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem
@@ -0,0 +1,52 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 74:9c:dd:a4:b2:67:26:57:29:fb:e9:13:54:e0:34:08:03:2b:70:a9
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Validity
+ Not Before: Feb 15 06:23:07 2023 GMT
+ Not After : Nov 11 06:23:07 2025 GMT
+ Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Subject Public Key Info:
+ Public Key Algorithm: sm2
+ Public-Key: (256 bit)
+ pub:
+ 04:bb:9c:75:8c:f7:17:f8:48:ab:f7:f6:db:0d:9a:
+ 8d:9f:c2:d1:47:97:95:0b:4e:e6:57:ec:c5:f8:57:
+ 54:71:39:3c:79:e1:40:3f:b6:51:e9:7c:c7:da:2d:
+ ef:d2:e8:79:81:7b:ab:a3:5f:6b:2a:6c:97:1a:5e:
+ 8e:d9:d0:cc:04
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+ X509v3 Authority Key Identifier:
+ 34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature, Certificate Sign, CRL Sign
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:44:02:20:03:27:29:f0:ef:78:26:a1:1a:6a:1e:88:81:e7:
+ 83:72:5f:3e:e6:08:e8:14:68:bf:4b:0f:68:52:92:aa:8f:a1:
+ 02:20:0b:fe:1b:14:ba:51:82:65:06:bb:22:d8:1a:a7:9f:54:
+ 62:eb:8d:b2:d5:13:b3:b8:a2:f3:14:44:b2:a0:21:d0
+-----BEGIN CERTIFICATE-----
+MIICkTCCAjigAwIBAgIUdJzdpLJnJlcp++kTVOA0CAMrcKkwCgYIKoEcz1UBg3Uw
+gZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
+bWFuMRQwEgYDVQQKDAt3b2xmU1NMX1NNMjERMA8GA1UECwwIUm9vdC1TTTIxGDAW
+BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
+c3NsLmNvbTAeFw0yMzAyMTUwNjIzMDdaFw0yNTExMTEwNjIzMDdaMIGVMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIG
+A1UECgwLd29sZlNTTF9TTTIxETAPBgNVBAsMCFJvb3QtU00yMRgwFgYDVQQDDA93
+d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
+WjAUBggqgRzPVQGCLQYIKoEcz1UBgi0DQgAEu5x1jPcX+Eir9/bbDZqNn8LRR5eV
+C07mV+zF+FdUcTk8eeFAP7ZR6XzH2i3v0uh5gXuro19rKmyXGl6O2dDMBKNjMGEw
+HQYDVR0OBBYEFDQdeUQVeaGxY5nj7WV8ZImA/7jsMB8GA1UdIwQYMBaAFDQdeUQV
+eaGxY5nj7WV8ZImA/7jsMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG
+MAoGCCqBHM9VAYN1A0cAMEQCIAMnKfDveCahGmoeiIHng3JfPuYI6BRov0sPaFKS
+qo+hAiAL/hsUulGCZQa7Itgap59UYuuNstUTs7ii8xREsqAh0A==
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem
new file mode 100644
index 00000000..b8d484d9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem
@@ -0,0 +1,52 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number:
+ 06:7b:3a:5d:cf:22:a9:6d:6d:78:2b:10:01:51:b6:4c:d4:82:a2:a1
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = AU, ST = QLD, O = wolfSSL, OU = Testing, CN = wolfssl-dev-sm2, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Validity
+ Not Before: Nov 22 21:28:37 2023 GMT
+ Not After : Aug 18 21:28:37 2026 GMT
+ Subject: C = AU, ST = QLD, O = wolfSSL, OU = Testing, CN = wolfssl-dev-sm2, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Subject Public Key Info:
+ Public Key Algorithm: id-ecPublicKey
+ Public-Key: (256 bit)
+ pub:
+ 04:d8:c4:a1:f1:0b:8b:8d:c4:7d:dc:d4:65:b9:a5:
+ 55:4e:fb:ac:33:ab:9b:43:94:4c:48:40:1b:33:d9:
+ 1b:cc:31:c1:82:56:3f:b0:c0:6b:95:40:51:fd:88:
+ 02:01:b1:b0:94:6c:06:eb:a7:da:8e:ee:70:b6:e5:
+ bb:b4:1e:e7:b4
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 6E:97:E8:98:B6:5B:B6:AE:87:04:DB:14:56:66:16:F4:B8:2D:8C:F2
+ X509v3 Authority Key Identifier:
+ 6E:97:E8:98:B6:5B:B6:AE:87:04:DB:14:56:66:16:F4:B8:2D:8C:F2
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature, Certificate Sign, CRL Sign
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:44:02:20:0f:c3:2c:36:e3:9f:1c:e9:68:1c:3b:43:18:5b:
+ c9:8f:e4:fa:dd:33:c1:b8:1c:d3:d4:61:33:f8:37:9d:5a:f4:
+ 02:20:3a:b9:a8:43:80:cf:38:25:e9:64:d8:26:47:9d:50:04:
+ 0c:8a:e8:a2:42:e8:63:dd:53:94:7d:38:6d:52:70:fd
+-----BEGIN CERTIFICATE-----
+MIICjDCCAjOgAwIBAgIUBns6Xc8iqW1teCsQAVG2TNSCoqEwCgYIKoEcz1UBg3Uw
+gZMxCzAJBgNVBAYTAkFVMQwwCgYDVQQIDANRTEQxEDAOBgNVBAoMB3dvbGZTU0wx
+EDAOBgNVBAsMB1Rlc3RpbmcxGDAWBgNVBAMMD3dvbGZzc2wtZGV2LXNtMjEfMB0G
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dv
+bGZTU0wwHhcNMjMxMTIyMjEyODM3WhcNMjYwODE4MjEyODM3WjCBkzELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgMA1FMRDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwH
+VGVzdGluZzEYMBYGA1UEAwwPd29sZnNzbC1kZXYtc20yMR8wHQYJKoZIhvcNAQkB
+FhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDBZMBMG
+ByqGSM49AgEGCCqBHM9VAYItA0IABNjEofELi43EfdzUZbmlVU77rDOrm0OUTEhA
+GzPZG8wxwYJWP7DAa5VAUf2IAgGxsJRsBuun2o7ucLblu7Qe57SjYzBhMB0GA1Ud
+DgQWBBRul+iYtlu2rocE2xRWZhb0uC2M8jAfBgNVHSMEGDAWgBRul+iYtlu2rocE
+2xRWZhb0uC2M8jAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggq
+gRzPVQGDdQNHADBEAiAPwyw2458c6WgcO0MYW8mP5PrdM8G4HNPUYTP4N51a9AIg
+OrmoQ4DPOCXpZNgmR51QBAyK6KJC6GPdU5R9OG1ScP0=
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem
new file mode 100644
index 00000000..f4ec6525
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE2MSh8QuLjcR93NRluaVVTvusM6ub
+Q5RMSEAbM9kbzDHBglY/sMBrlUBR/YgCAbGwlGwG66faju5wtuW7tB7ntA==
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem
new file mode 100644
index 00000000..35798c0a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem
@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQg0JwoWhXWJQ22X9Gh
+AW60DtA2+hX8qQTlF6HQLynW/mqgCgYIKoEcz1UBgi2hRANCAATYxKHxC4uNxH3c
+1GW5pVVO+6wzq5tDlExIQBsz2RvMMcGCVj+wwGuVQFH9iAIBsbCUbAbrp9qO7nC2
+5bu0Hue0
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem
new file mode 100644
index 00000000..23c49c91
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem
@@ -0,0 +1,57 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Validity
+ Not Before: Feb 15 06:23:07 2023 GMT
+ Not After : Nov 11 06:23:07 2025 GMT
+ Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Server-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Subject Public Key Info:
+ Public Key Algorithm: sm2
+ Public-Key: (256 bit)
+ pub:
+ 04:94:70:2b:46:e4:5e:0f:41:fb:8f:2d:34:0a:41:
+ 40:19:5e:fb:d4:1d:11:ac:fa:f5:93:37:c6:fa:87:
+ 08:f7:16:1f:2c:ce:30:40:9d:4f:a6:2a:0a:a1:d6:
+ 95:33:c3:a6:03:98:e6:8d:05:34:b0:97:0c:de:a4:
+ c7:cf:53:8f:d1
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 67:AE:60:FF:7E:1B:0F:95:AE:1F:82:59:F2:6C:56:2D:93:EF:17:32
+ X509v3 Authority Key Identifier:
+ 47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment, Key Agreement
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ Netscape Cert Type:
+ SSL Server
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:45:02:20:1b:ca:94:28:7f:f6:b2:0d:31:43:50:e1:d5:34:
+ 17:dd:af:3a:de:81:06:67:9a:b3:06:22:7e:64:ec:fd:0e:b9:
+ 02:21:00:a1:48:a8:32:d1:05:09:6b:1c:eb:89:12:66:d8:38:
+ a1:c4:5c:89:09:0f:fd:e9:c0:3b:1d:fb:cd:b5:4c:31:68
+-----BEGIN CERTIFICATE-----
+MIIC2DCCAn6gAwIBAgIBATAKBggqgRzPVQGDdTCBrDELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfc20yMQ8wDQYDVQQLDAZDQS1zbTIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixk
+AQEMB3dvbGZTU0wwHhcNMjMwMjE1MDYyMzA3WhcNMjUxMTExMDYyMzA3WjCBsDEL
+MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
+FDASBgNVBAoMC3dvbGZTU0xfc20yMRMwEQYDVQQLDApTZXJ2ZXItc20yMRgwFgYD
+VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
+bC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMFowFAYIKoEcz1UBgi0GCCqB
+HM9VAYItA0IABJRwK0bkXg9B+48tNApBQBle+9QdEaz69ZM3xvqHCPcWHyzOMECd
+T6YqCqHWlTPDpgOY5o0FNLCXDN6kx89Tj9GjgYkwgYYwHQYDVR0OBBYEFGeuYP9+
+Gw+Vrh+CWfJsVi2T7xcyMB8GA1UdIwQYMBaAFEcKSH67AqhaJlcrGal7YYt/XZlu
+MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAKBggqgRzPVQGDdQNIADBFAiAbypQof/ay
+DTFDUOHVNBfdrzregQZnmrMGIn5k7P0OuQIhAKFIqDLRBQlrHOuJEmbYOKHEXIkJ
+D/3pwDsd+821TDFo
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.der
new file mode 100644
index 00000000..bbc58b15
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem
new file mode 100644
index 00000000..b0c34dc1
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABJRwK0bkXg9B+48tNApBQBle+9Qd
+Eaz69ZM3xvqHCPcWHyzOMECdT6YqCqHWlTPDpgOY5o0FNLCXDN6kx89Tj9E=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.der
new file mode 100644
index 00000000..0ff08cec
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem
new file mode 100644
index 00000000..d2df01af
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEINczwaFxmNpDgQ1w
+Qohj0Ex+D4qbLdoVqg5a+u13OkOooUQDQgAElHArRuReD0H7jy00CkFAGV771B0R
+rPr1kzfG+ocI9xYfLM4wQJ1PpioKodaVM8OmA5jmjQU0sJcM3qTHz1OP0Q==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.der
new file mode 100644
index 00000000..878296d9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem
new file mode 100644
index 00000000..95877f0d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem
@@ -0,0 +1,108 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Validity
+ Not Before: Feb 15 06:23:07 2023 GMT
+ Not After : Nov 11 06:23:07 2025 GMT
+ Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Server-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Subject Public Key Info:
+ Public Key Algorithm: sm2
+ Public-Key: (256 bit)
+ pub:
+ 04:94:70:2b:46:e4:5e:0f:41:fb:8f:2d:34:0a:41:
+ 40:19:5e:fb:d4:1d:11:ac:fa:f5:93:37:c6:fa:87:
+ 08:f7:16:1f:2c:ce:30:40:9d:4f:a6:2a:0a:a1:d6:
+ 95:33:c3:a6:03:98:e6:8d:05:34:b0:97:0c:de:a4:
+ c7:cf:53:8f:d1
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 67:AE:60:FF:7E:1B:0F:95:AE:1F:82:59:F2:6C:56:2D:93:EF:17:32
+ X509v3 Authority Key Identifier:
+ 47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Key Usage: critical
+ Digital Signature, Key Encipherment, Key Agreement
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ Netscape Cert Type:
+ SSL Server
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:45:02:20:1b:ca:94:28:7f:f6:b2:0d:31:43:50:e1:d5:34:
+ 17:dd:af:3a:de:81:06:67:9a:b3:06:22:7e:64:ec:fd:0e:b9:
+ 02:21:00:a1:48:a8:32:d1:05:09:6b:1c:eb:89:12:66:d8:38:
+ a1:c4:5c:89:09:0f:fd:e9:c0:3b:1d:fb:cd:b5:4c:31:68
+-----BEGIN CERTIFICATE-----
+MIIC2DCCAn6gAwIBAgIBATAKBggqgRzPVQGDdTCBrDELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfc20yMQ8wDQYDVQQLDAZDQS1zbTIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixk
+AQEMB3dvbGZTU0wwHhcNMjMwMjE1MDYyMzA3WhcNMjUxMTExMDYyMzA3WjCBsDEL
+MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
+FDASBgNVBAoMC3dvbGZTU0xfc20yMRMwEQYDVQQLDApTZXJ2ZXItc20yMRgwFgYD
+VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
+bC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMFowFAYIKoEcz1UBgi0GCCqB
+HM9VAYItA0IABJRwK0bkXg9B+48tNApBQBle+9QdEaz69ZM3xvqHCPcWHyzOMECd
+T6YqCqHWlTPDpgOY5o0FNLCXDN6kx89Tj9GjgYkwgYYwHQYDVR0OBBYEFGeuYP9+
+Gw+Vrh+CWfJsVi2T7xcyMB8GA1UdIwQYMBaAFEcKSH67AqhaJlcrGal7YYt/XZlu
+MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAKBggqgRzPVQGDdQNIADBFAiAbypQof/ay
+DTFDUOHVNBfdrzregQZnmrMGIn5k7P0OuQIhAKFIqDLRBQlrHOuJEmbYOKHEXIkJ
+D/3pwDsd+821TDFo
+-----END CERTIFICATE-----
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: SM2-with-SM3
+ Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Validity
+ Not Before: Feb 15 06:23:07 2023 GMT
+ Not After : Nov 11 06:23:07 2025 GMT
+ Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+ Subject Public Key Info:
+ Public Key Algorithm: sm2
+ Public-Key: (256 bit)
+ pub:
+ 04:21:92:f7:cb:24:df:64:4d:ba:ab:66:7b:83:75:
+ a9:29:e7:ff:64:63:b6:d5:42:80:20:bd:e2:e2:02:
+ 12:3b:8e:b4:00:95:09:80:cb:56:ed:4b:ca:8d:57:
+ e6:ae:05:d3:76:27:63:71:39:89:b7:69:e6:48:80:
+ ae:d1:a9:48:12
+ ASN1 OID: SM2
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ 47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+ X509v3 Authority Key Identifier:
+ 34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+ X509v3 Basic Constraints: critical
+ CA:TRUE
+ X509v3 Key Usage: critical
+ Digital Signature, Certificate Sign, CRL Sign
+ Signature Algorithm: SM2-with-SM3
+ Signature Value:
+ 30:45:02:20:47:4e:00:03:ab:34:a1:af:59:39:8f:60:36:bf:
+ 89:88:42:41:27:c1:dd:57:c9:79:cb:1f:56:5c:16:b5:28:bd:
+ 02:21:00:8b:2e:25:eb:21:9b:a9:2b:a6:6a:5b:db:a7:c7:2b:
+ 11:df:73:15:ad:e4:c5:c3:c2:f3:b4:b4:67:af:d7:51:1c
+-----BEGIN CERTIFICATE-----
+MIICljCCAjygAwIBAgIBATAKBggqgRzPVQGDdTCBlTELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfU00yMREwDwYDVQQLDAhSb290LVNNMjEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDIxNTA2
+MjMwN1oXDTI1MTExMTA2MjMwN1owgawxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
+b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQKDAt3b2xmU1NMX3NtMjEP
+MA0GA1UECwwGQ0Etc20yMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
+hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xm
+U1NMMFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABCGS98sk32RNuqtme4N1qSnn
+/2RjttVCgCC94uICEjuOtACVCYDLVu1Lyo1X5q4F03YnY3E5ibdp5kiArtGpSBKj
+YzBhMB0GA1UdDgQWBBRHCkh+uwKoWiZXKxmpe2GLf12ZbjAfBgNVHSMEGDAWgBQ0
+HXlEFXmhsWOZ4+1lfGSJgP+47DAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBhjAKBggqgRzPVQGDdQNIADBFAiBHTgADqzShr1k5j2A2v4mIQkEnwd1XyXnL
+H1ZcFrUovQIhAIsuJeshm6krpmpb26fHKxHfcxWt5MXDwvO0tGev11Ec
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der
index fa3dd5b2..2b343d4f 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der
index 4aac5328..cd691372 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der
index 8fa2a324..19f4f4da 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der
index 72f750c5..5133d7bc 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der
index 1b3d3256..691d52e5 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der
index ba78786a..c90cdf68 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test-degenerate.p7b b/extra/wolfssl/wolfssl/certs/test-degenerate.p7b
index e6d03a0f..80a4ad9e 100644
--- a/extra/wolfssl/wolfssl/certs/test-degenerate.p7b
+++ b/extra/wolfssl/wolfssl/certs/test-degenerate.p7b
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem
index 970569f8..43660b28 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:0
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 24:f8:97:5a:ff:43:de:e4:fe:0c:a4:8e:e4:b3:fb:97:22:81:
- f0:1c:83:37:56:d8:7e:ea:d5:a9:74:3f:df:49:01:6a:4d:dc:
- ec:9a:08:a7:30:ec:5b:86:bf:bd:74:c4:b7:1e:ba:e5:f0:b0:
- 58:75:8a:22:49:0e:c2:6c:bd:2f:25:e1:a5:a2:61:77:7a:19:
- 8f:d6:87:ef:3d:2b:32:d1:6f:21:59:04:00:76:60:c9:ae:7b:
- 57:41:d7:31:97:da:4c:3e:e3:c2:49:a8:18:80:97:dd:31:97:
- f3:e6:72:ee:29:83:93:f6:19:03:84:c8:e5:47:1d:da:cf:2c:
- d5:95:cb:23:83:34:4b:ea:06:dd:46:60:fb:0f:da:0d:75:63:
- 0c:53:36:3e:3e:03:79:d8:71:c9:ee:97:d6:31:8a:52:98:de:
- dd:35:58:64:a9:7c:50:84:c3:42:63:ec:71:44:f6:b1:e2:07:
- 90:c5:4e:58:17:5d:51:ab:aa:a4:ef:aa:b3:42:90:5e:fc:aa:
- db:1f:5e:0e:91:e7:16:5a:11:ce:98:b8:84:3f:f0:61:76:73:
- 76:09:cf:63:01:ba:79:53:35:c5:e9:76:6e:19:70:f9:46:85:
- 81:8e:81:14:84:c4:bf:f8:1b:cd:cc:d9:ef:1b:d2:4e:fb:1a:
- 36:de:70:35
+ 2d:e4:7d:d6:d2:cc:93:aa:93:86:cd:e7:da:bb:02:f6:82:e3:
+ 09:29:f5:54:0f:e1:d5:51:c1:98:1f:b8:ca:96:9e:1e:f6:5b:
+ e3:67:bb:42:b1:48:2f:61:c6:1f:c4:a6:f4:05:0f:de:65:7f:
+ d5:cc:35:09:fb:48:16:e8:cd:47:1f:63:e2:0f:f9:de:97:6e:
+ 76:a2:29:ba:27:cc:0e:f1:b7:31:02:0f:50:ee:c6:80:8a:af:
+ 0f:ae:76:51:91:2e:f5:a4:a9:e4:33:cc:9b:07:3c:36:b8:ff:
+ 2a:62:86:09:90:b0:ac:f2:8e:7e:59:d0:11:2b:74:53:1a:9b:
+ a6:26:f6:d9:aa:01:81:32:0a:18:be:96:21:be:e7:a2:c9:40:
+ 6c:fd:24:8b:6d:28:e5:e9:27:48:ae:8d:d0:5e:6f:c1:de:ef:
+ e3:3d:b6:11:07:42:0e:11:86:6b:03:86:fd:06:69:c5:ac:1d:
+ 92:03:be:26:d1:db:78:4c:f0:93:89:32:60:ba:be:83:99:ac:
+ 26:c5:aa:35:34:a1:9e:b5:e1:6a:15:83:4b:50:1e:62:3d:5b:
+ 65:77:28:0c:24:23:e4:29:0b:90:7c:d4:2f:14:39:01:42:cc:
+ 0b:19:a3:bd:46:db:a1:bd:67:5e:0e:41:db:a4:63:8d:22:ed:
+ 64:75:d3:99
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex
LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBACT4l1r/Q97k/gykjuSz+5cigfAcgzdW2H7q1al0P99J
-AWpN3OyaCKcw7FuGv710xLceuuXwsFh1iiJJDsJsvS8l4aWiYXd6GY/Wh+89KzLR
-byFZBAB2YMmue1dB1zGX2kw+48JJqBiAl90xl/Pmcu4pg5P2GQOEyOVHHdrPLNWV
-yyODNEvqBt1GYPsP2g11YwxTNj4+A3nYccnul9YxilKY3t01WGSpfFCEw0Jj7HFE
-9rHiB5DFTlgXXVGrqqTvqrNCkF78qtsfXg6R5xZaEc6YuIQ/8GF2c3YJz2MBunlT
-NcXpdm4ZcPlGhYGOgRSExL/4G83M2e8b0k77GjbecDU=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAC3kfdbSzJOqk4bN59q7AvaC4wkp9VQP4dVRwZgfuMqW
+nh72W+Nnu0KxSC9hxh/EpvQFD95lf9XMNQn7SBbozUcfY+IP+d6XbnaiKbonzA7x
+tzECD1DuxoCKrw+udlGRLvWkqeQzzJsHPDa4/ypihgmQsKzyjn5Z0BErdFMam6Ym
+9tmqAYEyChi+liG+56LJQGz9JIttKOXpJ0iujdBeb8He7+M9thEHQg4RhmsDhv0G
+acWsHZIDvibR23hM8JOJMmC6voOZrCbFqjU0oZ614WoVg0tQHmI9W2V3KAwkI+Qp
+C5B81C8UOQFCzAsZo71G26G9Z14OQdukY40i7WR105k=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem
index 2d3781d6..84f6d231 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- ae:9c:2c:ae:2d:09:58:73:d6:3d:20:d4:42:f0:26:98:b8:67:
- 3e:60:5c:95:f2:5d:b9:b2:11:52:3b:fd:f6:94:a3:32:1c:36:
- 0b:6f:b9:ac:44:6a:e1:fa:ae:8f:92:e9:c5:c0:32:2b:8e:e1:
- 21:84:72:c2:35:fd:00:bd:a5:58:4e:bc:e5:fc:5a:71:89:33:
- f8:fd:99:62:11:42:57:80:74:56:25:fe:48:be:3b:6c:45:cb:
- f9:d2:4f:8c:23:0a:f8:0a:5d:ef:85:f2:98:71:a7:0a:36:91:
- 20:af:8e:64:51:63:72:12:5b:4e:23:9f:ae:93:c3:9a:ec:c7:
- eb:3f:21:50:83:8a:a3:c9:a7:a9:f2:40:2d:91:b8:24:be:f1:
- 63:77:8b:4f:f5:b8:f2:a6:b7:a1:4c:07:ce:96:cc:12:af:da:
- c3:db:af:99:7a:fb:40:38:6c:4e:b3:3a:76:db:24:e4:1f:c5:
- ea:79:fd:a0:19:20:87:fb:e9:f3:91:16:e0:82:56:9e:f9:cf:
- 09:75:a6:1b:38:e7:eb:3f:3f:bc:e3:7d:b7:42:85:4a:de:42:
- f6:e6:b8:f2:cb:5c:44:95:ba:b6:45:1f:fe:39:19:e7:a9:cd:
- 75:52:81:d3:b5:df:bd:bd:d9:e6:e8:36:a2:28:62:5a:89:ee:
- 8a:0b:21:85
+ 22:20:83:3b:37:08:72:c7:c8:e1:69:f6:01:df:ec:70:8b:60:
+ c4:94:81:37:1d:f4:2a:d3:92:3e:1c:6c:b9:bd:a9:ba:61:b2:
+ 1b:1f:b9:71:de:07:b0:5a:50:33:7b:83:22:44:e1:a5:4d:7e:
+ 75:5a:09:ee:f2:c4:9a:8a:5d:7d:ad:69:81:bb:a9:86:cf:65:
+ e8:f6:50:2c:1e:e5:15:2b:0b:85:6a:02:26:c0:38:51:04:0f:
+ 0a:6f:d1:b8:b4:e4:a4:b5:ae:a2:e6:ce:2c:41:b6:a2:6b:47:
+ 82:0d:8a:2b:dd:91:d0:67:09:15:57:03:1e:95:4f:57:06:1a:
+ 2a:e8:b6:fd:a7:1f:80:a0:f7:20:39:8b:3f:08:cd:7a:05:c4:
+ 7c:72:92:d7:ff:40:a4:6c:10:64:2d:a8:a5:cc:ef:34:ea:49:
+ b0:d9:28:69:5c:c7:d4:41:f5:21:3d:60:74:c7:35:3d:5f:80:
+ 78:34:09:60:06:f0:c8:3b:9c:b8:76:64:8e:ea:78:c1:e8:fc:
+ 2c:a0:9a:9e:d7:2c:5f:1b:90:05:73:5f:58:c8:ad:2a:ef:b6:
+ a0:f2:f1:9e:f2:7c:48:d8:11:77:e3:0a:d4:26:7d:ad:0f:c1:
+ 29:4b:9e:51:bc:a2:4d:98:ad:27:51:f3:1d:b3:2b:6e:00:95:
+ 16:ae:3c:11
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,12 +77,12 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEArpwsri0JWHPWPSDUQvAmmLhn
-PmBclfJdubIRUjv99pSjMhw2C2+5rERq4fquj5LpxcAyK47hIYRywjX9AL2lWE68
-5fxacYkz+P2ZYhFCV4B0ViX+SL47bEXL+dJPjCMK+Apd74XymHGnCjaRIK+OZFFj
-chJbTiOfrpPDmuzH6z8hUIOKo8mnqfJALZG4JL7xY3eLT/W48qa3oUwHzpbMEq/a
-w9uvmXr7QDhsTrM6dtsk5B/F6nn9oBkgh/vp85EW4IJWnvnPCXWmGzjn6z8/vON9
-t0KFSt5C9ua48stcRJW6tkUf/jkZ56nNdVKB07Xfvb3Z5ug2oihiWonuigshhQ==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAIiCDOzcIcsfI4Wn2Ad/scItg
+xJSBNx30KtOSPhxsub2pumGyGx+5cd4HsFpQM3uDIkThpU1+dVoJ7vLEmopdfa1p
+gbuphs9l6PZQLB7lFSsLhWoCJsA4UQQPCm/RuLTkpLWuoubOLEG2omtHgg2KK92R
+0GcJFVcDHpVPVwYaKui2/acfgKD3IDmLPwjNegXEfHKS1/9ApGwQZC2opczvNOpJ
+sNkoaVzH1EH1IT1gdMc1PV+AeDQJYAbwyDucuHZkjup4wej8LKCantcsXxuQBXNf
+WMitKu+2oPLxnvJ8SNgRd+MK1CZ9rQ/BKUueUbyiTZitJ1HzHbMrbgCVFq48EQ==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -91,8 +91,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:0
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 24:f8:97:5a:ff:43:de:e4:fe:0c:a4:8e:e4:b3:fb:97:22:81:
- f0:1c:83:37:56:d8:7e:ea:d5:a9:74:3f:df:49:01:6a:4d:dc:
- ec:9a:08:a7:30:ec:5b:86:bf:bd:74:c4:b7:1e:ba:e5:f0:b0:
- 58:75:8a:22:49:0e:c2:6c:bd:2f:25:e1:a5:a2:61:77:7a:19:
- 8f:d6:87:ef:3d:2b:32:d1:6f:21:59:04:00:76:60:c9:ae:7b:
- 57:41:d7:31:97:da:4c:3e:e3:c2:49:a8:18:80:97:dd:31:97:
- f3:e6:72:ee:29:83:93:f6:19:03:84:c8:e5:47:1d:da:cf:2c:
- d5:95:cb:23:83:34:4b:ea:06:dd:46:60:fb:0f:da:0d:75:63:
- 0c:53:36:3e:3e:03:79:d8:71:c9:ee:97:d6:31:8a:52:98:de:
- dd:35:58:64:a9:7c:50:84:c3:42:63:ec:71:44:f6:b1:e2:07:
- 90:c5:4e:58:17:5d:51:ab:aa:a4:ef:aa:b3:42:90:5e:fc:aa:
- db:1f:5e:0e:91:e7:16:5a:11:ce:98:b8:84:3f:f0:61:76:73:
- 76:09:cf:63:01:ba:79:53:35:c5:e9:76:6e:19:70:f9:46:85:
- 81:8e:81:14:84:c4:bf:f8:1b:cd:cc:d9:ef:1b:d2:4e:fb:1a:
- 36:de:70:35
+ 2d:e4:7d:d6:d2:cc:93:aa:93:86:cd:e7:da:bb:02:f6:82:e3:
+ 09:29:f5:54:0f:e1:d5:51:c1:98:1f:b8:ca:96:9e:1e:f6:5b:
+ e3:67:bb:42:b1:48:2f:61:c6:1f:c4:a6:f4:05:0f:de:65:7f:
+ d5:cc:35:09:fb:48:16:e8:cd:47:1f:63:e2:0f:f9:de:97:6e:
+ 76:a2:29:ba:27:cc:0e:f1:b7:31:02:0f:50:ee:c6:80:8a:af:
+ 0f:ae:76:51:91:2e:f5:a4:a9:e4:33:cc:9b:07:3c:36:b8:ff:
+ 2a:62:86:09:90:b0:ac:f2:8e:7e:59:d0:11:2b:74:53:1a:9b:
+ a6:26:f6:d9:aa:01:81:32:0a:18:be:96:21:be:e7:a2:c9:40:
+ 6c:fd:24:8b:6d:28:e5:e9:27:48:ae:8d:d0:5e:6f:c1:de:ef:
+ e3:3d:b6:11:07:42:0e:11:86:6b:03:86:fd:06:69:c5:ac:1d:
+ 92:03:be:26:d1:db:78:4c:f0:93:89:32:60:ba:be:83:99:ac:
+ 26:c5:aa:35:34:a1:9e:b5:e1:6a:15:83:4b:50:1e:62:3d:5b:
+ 65:77:28:0c:24:23:e4:29:0b:90:7c:d4:2f:14:39:01:42:cc:
+ 0b:19:a3:bd:46:db:a1:bd:67:5e:0e:41:db:a4:63:8d:22:ed:
+ 64:75:d3:99
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex
LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -164,12 +164,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBACT4l1r/Q97k/gykjuSz+5cigfAcgzdW2H7q1al0P99J
-AWpN3OyaCKcw7FuGv710xLceuuXwsFh1iiJJDsJsvS8l4aWiYXd6GY/Wh+89KzLR
-byFZBAB2YMmue1dB1zGX2kw+48JJqBiAl90xl/Pmcu4pg5P2GQOEyOVHHdrPLNWV
-yyODNEvqBt1GYPsP2g11YwxTNj4+A3nYccnul9YxilKY3t01WGSpfFCEw0Jj7HFE
-9rHiB5DFTlgXXVGrqqTvqrNCkF78qtsfXg6R5xZaEc6YuIQ/8GF2c3YJz2MBunlT
-NcXpdm4ZcPlGhYGOgRSExL/4G83M2e8b0k77GjbecDU=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAC3kfdbSzJOqk4bN59q7AvaC4wkp9VQP4dVRwZgfuMqW
+nh72W+Nnu0KxSC9hxh/EpvQFD95lf9XMNQn7SBbozUcfY+IP+d6XbnaiKbonzA7x
+tzECD1DuxoCKrw+udlGRLvWkqeQzzJsHPDa4/ypihgmQsKzyjn5Z0BErdFMam6Ym
+9tmqAYEyChi+liG+56LJQGz9JIttKOXpJ0iujdBeb8He7+M9thEHQg4RhmsDhv0G
+acWsHZIDvibR23hM8JOJMmC6voOZrCbFqjU0oZ614WoVg0tQHmI9W2V3KAwkI+Qp
+C5B81C8UOQFCzAsZo71G26G9Z14OQdukY40i7WR105k=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem
index ed08337e..52ed4c9d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- ae:9c:2c:ae:2d:09:58:73:d6:3d:20:d4:42:f0:26:98:b8:67:
- 3e:60:5c:95:f2:5d:b9:b2:11:52:3b:fd:f6:94:a3:32:1c:36:
- 0b:6f:b9:ac:44:6a:e1:fa:ae:8f:92:e9:c5:c0:32:2b:8e:e1:
- 21:84:72:c2:35:fd:00:bd:a5:58:4e:bc:e5:fc:5a:71:89:33:
- f8:fd:99:62:11:42:57:80:74:56:25:fe:48:be:3b:6c:45:cb:
- f9:d2:4f:8c:23:0a:f8:0a:5d:ef:85:f2:98:71:a7:0a:36:91:
- 20:af:8e:64:51:63:72:12:5b:4e:23:9f:ae:93:c3:9a:ec:c7:
- eb:3f:21:50:83:8a:a3:c9:a7:a9:f2:40:2d:91:b8:24:be:f1:
- 63:77:8b:4f:f5:b8:f2:a6:b7:a1:4c:07:ce:96:cc:12:af:da:
- c3:db:af:99:7a:fb:40:38:6c:4e:b3:3a:76:db:24:e4:1f:c5:
- ea:79:fd:a0:19:20:87:fb:e9:f3:91:16:e0:82:56:9e:f9:cf:
- 09:75:a6:1b:38:e7:eb:3f:3f:bc:e3:7d:b7:42:85:4a:de:42:
- f6:e6:b8:f2:cb:5c:44:95:ba:b6:45:1f:fe:39:19:e7:a9:cd:
- 75:52:81:d3:b5:df:bd:bd:d9:e6:e8:36:a2:28:62:5a:89:ee:
- 8a:0b:21:85
+ 22:20:83:3b:37:08:72:c7:c8:e1:69:f6:01:df:ec:70:8b:60:
+ c4:94:81:37:1d:f4:2a:d3:92:3e:1c:6c:b9:bd:a9:ba:61:b2:
+ 1b:1f:b9:71:de:07:b0:5a:50:33:7b:83:22:44:e1:a5:4d:7e:
+ 75:5a:09:ee:f2:c4:9a:8a:5d:7d:ad:69:81:bb:a9:86:cf:65:
+ e8:f6:50:2c:1e:e5:15:2b:0b:85:6a:02:26:c0:38:51:04:0f:
+ 0a:6f:d1:b8:b4:e4:a4:b5:ae:a2:e6:ce:2c:41:b6:a2:6b:47:
+ 82:0d:8a:2b:dd:91:d0:67:09:15:57:03:1e:95:4f:57:06:1a:
+ 2a:e8:b6:fd:a7:1f:80:a0:f7:20:39:8b:3f:08:cd:7a:05:c4:
+ 7c:72:92:d7:ff:40:a4:6c:10:64:2d:a8:a5:cc:ef:34:ea:49:
+ b0:d9:28:69:5c:c7:d4:41:f5:21:3d:60:74:c7:35:3d:5f:80:
+ 78:34:09:60:06:f0:c8:3b:9c:b8:76:64:8e:ea:78:c1:e8:fc:
+ 2c:a0:9a:9e:d7:2c:5f:1b:90:05:73:5f:58:c8:ad:2a:ef:b6:
+ a0:f2:f1:9e:f2:7c:48:d8:11:77:e3:0a:d4:26:7d:ad:0f:c1:
+ 29:4b:9e:51:bc:a2:4d:98:ad:27:51:f3:1d:b3:2b:6e:00:95:
+ 16:ae:3c:11
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEArpwsri0JWHPWPSDUQvAmmLhn
-PmBclfJdubIRUjv99pSjMhw2C2+5rERq4fquj5LpxcAyK47hIYRywjX9AL2lWE68
-5fxacYkz+P2ZYhFCV4B0ViX+SL47bEXL+dJPjCMK+Apd74XymHGnCjaRIK+OZFFj
-chJbTiOfrpPDmuzH6z8hUIOKo8mnqfJALZG4JL7xY3eLT/W48qa3oUwHzpbMEq/a
-w9uvmXr7QDhsTrM6dtsk5B/F6nn9oBkgh/vp85EW4IJWnvnPCXWmGzjn6z8/vON9
-t0KFSt5C9ua48stcRJW6tkUf/jkZ56nNdVKB07Xfvb3Z5ug2oihiWonuigshhQ==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAIiCDOzcIcsfI4Wn2Ad/scItg
+xJSBNx30KtOSPhxsub2pumGyGx+5cd4HsFpQM3uDIkThpU1+dVoJ7vLEmopdfa1p
+gbuphs9l6PZQLB7lFSsLhWoCJsA4UQQPCm/RuLTkpLWuoubOLEG2omtHgg2KK92R
+0GcJFVcDHpVPVwYaKui2/acfgKD3IDmLPwjNegXEfHKS1/9ApGwQZC2opczvNOpJ
+sNkoaVzH1EH1IT1gdMc1PV+AeDQJYAbwyDucuHZkjup4wej8LKCantcsXxuQBXNf
+WMitKu+2oPLxnvJ8SNgRd+MK1CZ9rQ/BKUueUbyiTZitJ1HzHbMrbgCVFq48EQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem
index e2d7e1ca..f850ed0d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 63:ae:90:26:72:85:db:01:cb:b9:f2:51:f2:43:8d:b5:4f:95:
- ab:e0:5d:9d:67:65:1c:24:ba:b0:0c:82:4e:ed:5f:9b:89:5d:
- 7d:7f:b3:67:a2:09:8d:39:b5:af:9c:f5:c2:40:b3:ba:4e:73:
- 72:cf:13:dd:3c:e8:3e:92:6f:46:8c:76:f9:47:71:5e:e4:81:
- 68:cb:97:b3:73:35:ae:34:10:2a:ab:e7:cc:3a:0d:a7:a2:97:
- 97:49:54:b2:a0:05:1c:18:5a:af:76:f0:23:b5:ff:c6:cc:1a:
- 67:1a:5a:7c:57:50:cb:f8:53:78:b8:53:6a:8c:3d:dc:b2:f1:
- b7:aa:f8:f2:73:a1:22:97:04:bc:d5:6e:29:5b:86:ac:63:f1:
- 62:b2:2d:a5:c0:ff:2d:3f:79:e4:d0:81:fd:01:30:91:53:94:
- 43:35:c8:c7:4c:b9:27:23:54:54:69:76:86:f0:c3:a0:86:c2:
- 32:1b:6b:22:6c:8e:5f:9b:b1:20:73:ac:8d:da:c8:0f:ec:63:
- 61:5d:e3:1f:7f:cc:b5:30:4a:1c:9b:c5:53:cb:5e:8f:b0:cc:
- 52:01:75:d0:a8:d1:85:20:ef:4d:d9:2d:c7:0f:1e:ed:82:8a:
- 1e:f6:ab:ed:9f:65:57:a9:3b:08:de:66:ad:a2:2e:51:37:0a:
- 10:5d:04:a0
+ 6c:32:8c:c0:5a:4b:18:32:75:8d:04:83:3a:7d:0a:53:81:31:
+ ef:7e:47:8b:f3:69:c4:c5:16:82:70:fb:26:9f:f7:c9:d9:07:
+ 80:45:40:e5:fd:22:f4:a9:90:b4:53:89:20:7d:8c:71:77:35:
+ 50:79:39:8d:1c:a4:e5:0a:cb:d4:07:34:fd:76:3b:e7:4e:b5:
+ ca:6b:97:4b:e4:48:3c:28:5c:7b:6f:34:fc:f8:34:65:5a:d4:
+ 33:a8:4f:6c:a7:c5:c9:2b:95:48:1a:d2:da:50:45:50:2a:b9:
+ 16:dc:6a:6a:64:f1:52:55:7c:25:f8:35:4e:8e:86:f1:01:78:
+ 56:11:10:6e:92:d0:45:6a:9d:03:a0:a3:b8:3b:97:fb:2d:a8:
+ 1f:83:9d:d0:d9:af:8b:77:08:a2:0d:8e:15:18:97:7e:4b:d9:
+ 6f:48:cd:a5:6e:04:29:e4:ba:c4:63:e7:a1:b1:bf:22:71:75:
+ 24:da:6f:73:0f:d3:fc:84:af:68:3c:3d:c5:e0:72:f3:b8:2e:
+ 8b:5f:d9:00:c6:7e:59:4e:b9:f4:12:a7:df:88:d0:67:f9:40:
+ 17:4f:25:af:72:b7:a5:ee:b2:69:3b:b2:fe:a7:1b:6b:39:e6:
+ be:89:0e:ed:74:87:7e:25:bd:3d:c7:f6:f1:d9:10:47:1c:54:
+ 47:0c:77:31
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAGOukCZyhdsBy7nyUfJDjbVPlavgXZ1nZRwkurAMgk7tX5uJXX1/
-s2eiCY05ta+c9cJAs7pOc3LPE9086D6Sb0aMdvlHcV7kgWjLl7NzNa40ECqr58w6
-Daeil5dJVLKgBRwYWq928CO1/8bMGmcaWnxXUMv4U3i4U2qMPdyy8beq+PJzoSKX
-BLzVbilbhqxj8WKyLaXA/y0/eeTQgf0BMJFTlEM1yMdMuScjVFRpdobww6CGwjIb
-ayJsjl+bsSBzrI3ayA/sY2Fd4x9/zLUwShybxVPLXo+wzFIBddCo0YUg703ZLccP
-Hu2Cih72q+2fZVepOwjeZq2iLlE3ChBdBKA=
+AQELBQADggEBAGwyjMBaSxgydY0Egzp9ClOBMe9+R4vzacTFFoJw+yaf98nZB4BF
+QOX9IvSpkLRTiSB9jHF3NVB5OY0cpOUKy9QHNP12O+dOtcprl0vkSDwoXHtvNPz4
+NGVa1DOoT2ynxckrlUga0tpQRVAquRbcampk8VJVfCX4NU6OhvEBeFYREG6S0EVq
+nQOgo7g7l/stqB+DndDZr4t3CKINjhUYl35L2W9IzaVuBCnkusRj56GxvyJxdSTa
+b3MP0/yEr2g8PcXgcvO4Lotf2QDGfllOufQSp9+I0Gf5QBdPJa9yt6Xusmk7sv6n
+G2s55r6JDu10h34lvT3H9vHZEEccVEcMdzE=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem
index 903de701..a394e296 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:1
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- a0:92:d4:03:7b:b4:f5:cb:d8:7f:ca:e9:ff:0e:17:62:e9:72:
- 82:ca:c0:84:2c:26:d3:ff:35:aa:aa:e6:1d:0d:5f:86:40:94:
- 12:01:30:dc:7c:c9:84:02:9f:d5:de:a8:47:38:e9:74:c1:73:
- 63:a3:37:88:3f:c5:d6:24:03:d1:9c:8b:7e:c1:62:ae:5c:ad:
- c1:bc:28:b6:c7:ad:0b:ef:89:eb:87:0d:25:74:a0:f3:fa:e9:
- 03:68:7a:9f:88:42:72:b8:56:e5:f7:98:d3:da:79:1e:a2:ad:
- 16:0b:31:ae:52:bb:12:1d:1a:cd:a6:d2:04:e8:94:cb:37:a9:
- 6c:07:3a:74:e3:90:44:56:76:36:31:7e:23:69:be:dd:b2:79:
- bf:8f:72:ab:19:09:b5:5b:a8:52:db:d6:a7:63:cb:30:75:50:
- 41:28:92:86:c2:46:17:00:1a:22:3c:fa:13:ea:bc:01:e8:62:
- 4d:bf:8a:41:81:a2:06:0f:bb:f3:73:36:fa:1c:39:3b:db:50:
- ee:83:70:96:3f:67:ab:35:cf:a5:07:f9:35:50:54:58:12:60:
- 4d:ec:a9:25:97:39:b7:14:83:03:d5:8e:d9:75:7f:d8:cc:ce:
- 4d:d6:43:a3:ae:19:3d:75:61:0e:fa:fe:31:e5:5e:ee:56:5a:
- c8:c9:68:b0
+ 10:af:3a:e5:49:81:7e:0f:ef:ad:b4:62:02:de:5b:2f:d7:bd:
+ 9c:59:b4:d3:ae:6c:60:12:ba:23:86:ee:34:4e:d5:29:00:1b:
+ 6e:1e:6b:05:96:0d:2c:4e:5c:91:74:83:ad:ba:8b:fe:cd:a6:
+ 9b:86:94:f7:7f:b4:5e:c9:cb:e6:6e:90:30:53:cb:44:27:f5:
+ 0b:37:b9:f0:bc:37:cd:b9:fc:fb:77:03:54:82:b5:d2:97:12:
+ 01:36:48:1f:a7:ae:7d:a3:c6:55:9e:c4:0e:0b:76:dc:e8:3c:
+ b0:cc:06:88:be:74:2e:03:82:72:38:80:ca:14:dc:63:82:6e:
+ 73:3b:77:e8:c0:4d:e7:0e:8f:7e:9c:65:36:1c:d6:47:40:74:
+ ef:ce:fe:6d:60:83:77:18:c9:3c:9f:f6:06:a5:16:e6:07:53:
+ 66:f0:49:42:dd:04:49:59:a9:b9:12:1f:a4:e9:c7:15:fb:34:
+ df:a5:19:62:93:65:6c:ef:66:90:61:fe:0e:19:56:0d:b2:5d:
+ b1:ee:55:40:32:7c:36:ff:54:6e:e4:55:16:7e:57:bd:82:f8:
+ b1:38:de:86:a8:e8:4d:7e:b2:b8:59:ef:79:89:a3:0e:63:39:
+ 61:3f:f2:ab:b4:50:eb:74:7c:79:e7:f9:66:91:ff:ea:61:27:
+ df:be:c2:89
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey
LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAKCS1AN7tPXL2H/K6f8OF2LpcoLKwIQsJtP/Naqq5h0N
-X4ZAlBIBMNx8yYQCn9XeqEc46XTBc2OjN4g/xdYkA9Gci37BYq5crcG8KLbHrQvv
-ieuHDSV0oPP66QNoep+IQnK4VuX3mNPaeR6irRYLMa5SuxIdGs2m0gTolMs3qWwH
-OnTjkERWdjYxfiNpvt2yeb+PcqsZCbVbqFLb1qdjyzB1UEEokobCRhcAGiI8+hPq
-vAHoYk2/ikGBogYPu/NzNvocOTvbUO6DcJY/Z6s1z6UH+TVQVFgSYE3sqSWXObcU
-gwPVjtl1f9jMzk3WQ6OuGT11YQ76/jHlXu5WWsjJaLA=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBABCvOuVJgX4P7620YgLeWy/XvZxZtNOubGASuiOG7jRO
+1SkAG24eawWWDSxOXJF0g626i/7NppuGlPd/tF7Jy+ZukDBTy0Qn9Qs3ufC8N825
+/Pt3A1SCtdKXEgE2SB+nrn2jxlWexA4LdtzoPLDMBoi+dC4DgnI4gMoU3GOCbnM7
+d+jATecOj36cZTYc1kdAdO/O/m1gg3cYyTyf9galFuYHU2bwSULdBElZqbkSH6Tp
+xxX7NN+lGWKTZWzvZpBh/g4ZVg2yXbHuVUAyfDb/VG7kVRZ+V72C+LE43oao6E1+
+srhZ73mJow5jOWE/8qu0UOt0fHnn+WaR/+phJ9++wok=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem
index cbe379bd..836d817d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 4c:f5:67:b4:d0:b3:0d:bf:83:54:88:1b:f4:db:73:e2:11:2e:
- 39:2f:60:86:6c:4a:f1:41:3e:18:6b:c9:df:28:0d:3c:4c:d3:
- c2:52:83:07:14:84:30:4c:05:1c:23:b2:7d:45:c3:ed:ee:cb:
- b0:33:e7:ff:5a:62:78:7a:db:f2:61:d7:d4:40:3a:f7:ba:3f:
- 91:de:bb:7c:f9:14:0f:6e:39:82:c1:73:c7:ab:d3:72:f4:09:
- 83:92:c4:fd:7b:8b:a4:f9:08:f7:c7:60:0f:d5:7a:d0:49:44:
- 64:e7:13:da:8f:90:f7:ec:d5:17:7b:bc:a1:f8:04:f9:81:5a:
- 57:a0:2c:e1:d0:16:96:ae:52:fb:af:6d:23:54:78:fd:97:1a:
- c5:c5:6c:19:11:78:54:0e:ec:b7:d8:48:93:89:29:77:68:a7:
- 2a:fa:08:82:b3:51:e9:87:b0:d1:02:c1:10:75:55:41:51:3d:
- 30:e9:40:c6:a8:c2:e6:ee:09:26:e4:98:79:9e:ca:45:55:e8:
- fb:f3:51:09:1c:21:22:d9:5f:33:61:7b:63:f2:c9:c2:c3:71:
- 2b:70:56:5a:8a:66:1b:f6:d5:53:88:59:19:61:4e:ec:e7:72:
- a9:56:04:9c:26:c9:e7:20:be:dd:52:55:1c:cb:d9:79:c5:d3:
- ff:36:a2:e4
+ 58:2b:2e:33:ed:42:7d:ce:8a:9f:2e:25:2f:7a:66:6f:d0:8a:
+ 32:ee:70:b6:a0:ee:6f:ec:0c:52:af:d8:8c:2a:11:9f:f0:f3:
+ 6a:41:bd:da:43:ad:82:5d:52:95:e2:6b:95:42:d1:24:09:ba:
+ 7d:b5:6b:73:a2:96:3d:72:ba:65:cd:9c:c6:65:52:fb:68:65:
+ cb:55:5d:f5:44:fa:66:72:8c:1c:33:92:a6:37:77:44:16:86:
+ ed:f2:d3:a9:49:ff:aa:05:96:c8:e0:1c:b7:0a:60:e7:46:5e:
+ 94:9d:c8:7a:31:41:98:96:38:17:a0:79:e3:1d:a3:13:06:17:
+ 2d:b8:fd:6f:34:ed:e3:6d:36:e7:d4:5d:cf:00:4a:ce:a6:ff:
+ 1c:87:d8:48:1b:65:b0:d0:72:70:48:15:bd:f1:3c:a9:06:f9:
+ 7e:11:c1:43:6c:0b:60:d9:d9:5c:d3:3b:c2:18:eb:3f:82:eb:
+ fd:a5:1a:b2:a2:23:10:c3:30:af:4a:e9:d9:05:f1:e2:4e:e9:
+ 41:bd:d7:dd:98:db:91:f2:15:54:4c:82:3d:22:aa:18:e5:e6:
+ df:9b:85:21:63:74:3d:08:a9:2e:35:e2:5e:61:32:78:04:49:
+ 91:0d:8c:05:12:90:ec:f5:c5:d2:71:8a:2a:65:5c:b1:d4:14:
+ 53:de:9b:98
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAEz1Z7TQ
-sw2/g1SIG/Tbc+IRLjkvYIZsSvFBPhhryd8oDTxM08JSgwcUhDBMBRwjsn1Fw+3u
-y7Az5/9aYnh62/Jh19RAOve6P5Heu3z5FA9uOYLBc8er03L0CYOSxP17i6T5CPfH
-YA/VetBJRGTnE9qPkPfs1Rd7vKH4BPmBWlegLOHQFpauUvuvbSNUeP2XGsXFbBkR
-eFQO7LfYSJOJKXdopyr6CIKzUemHsNECwRB1VUFRPTDpQMaowubuCSbkmHmeykVV
-6PvzUQkcISLZXzNhe2PyycLDcStwVlqKZhv21VOIWRlhTuzncqlWBJwmyecgvt1S
-VRzL2XnF0/82ouQ=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAFgrLjPt
+Qn3Oip8uJS96Zm/QijLucLag7m/sDFKv2IwqEZ/w82pBvdpDrYJdUpXia5VC0SQJ
+un21a3Oilj1yumXNnMZlUvtoZctVXfVE+mZyjBwzkqY3d0QWhu3y06lJ/6oFlsjg
+HLcKYOdGXpSdyHoxQZiWOBegeeMdoxMGFy24/W807eNtNufUXc8ASs6m/xyH2Egb
+ZbDQcnBIFb3xPKkG+X4RwUNsC2DZ2VzTO8IY6z+C6/2lGrKiIxDDMK9K6dkF8eJO
+6UG9192Y25HyFVRMgj0iqhjl5t+bhSFjdD0IqS414l5hMngESZENjAUSkOz1xdJx
+iiplXLHUFFPem5g=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -92,8 +92,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 63:ae:90:26:72:85:db:01:cb:b9:f2:51:f2:43:8d:b5:4f:95:
- ab:e0:5d:9d:67:65:1c:24:ba:b0:0c:82:4e:ed:5f:9b:89:5d:
- 7d:7f:b3:67:a2:09:8d:39:b5:af:9c:f5:c2:40:b3:ba:4e:73:
- 72:cf:13:dd:3c:e8:3e:92:6f:46:8c:76:f9:47:71:5e:e4:81:
- 68:cb:97:b3:73:35:ae:34:10:2a:ab:e7:cc:3a:0d:a7:a2:97:
- 97:49:54:b2:a0:05:1c:18:5a:af:76:f0:23:b5:ff:c6:cc:1a:
- 67:1a:5a:7c:57:50:cb:f8:53:78:b8:53:6a:8c:3d:dc:b2:f1:
- b7:aa:f8:f2:73:a1:22:97:04:bc:d5:6e:29:5b:86:ac:63:f1:
- 62:b2:2d:a5:c0:ff:2d:3f:79:e4:d0:81:fd:01:30:91:53:94:
- 43:35:c8:c7:4c:b9:27:23:54:54:69:76:86:f0:c3:a0:86:c2:
- 32:1b:6b:22:6c:8e:5f:9b:b1:20:73:ac:8d:da:c8:0f:ec:63:
- 61:5d:e3:1f:7f:cc:b5:30:4a:1c:9b:c5:53:cb:5e:8f:b0:cc:
- 52:01:75:d0:a8:d1:85:20:ef:4d:d9:2d:c7:0f:1e:ed:82:8a:
- 1e:f6:ab:ed:9f:65:57:a9:3b:08:de:66:ad:a2:2e:51:37:0a:
- 10:5d:04:a0
+ 6c:32:8c:c0:5a:4b:18:32:75:8d:04:83:3a:7d:0a:53:81:31:
+ ef:7e:47:8b:f3:69:c4:c5:16:82:70:fb:26:9f:f7:c9:d9:07:
+ 80:45:40:e5:fd:22:f4:a9:90:b4:53:89:20:7d:8c:71:77:35:
+ 50:79:39:8d:1c:a4:e5:0a:cb:d4:07:34:fd:76:3b:e7:4e:b5:
+ ca:6b:97:4b:e4:48:3c:28:5c:7b:6f:34:fc:f8:34:65:5a:d4:
+ 33:a8:4f:6c:a7:c5:c9:2b:95:48:1a:d2:da:50:45:50:2a:b9:
+ 16:dc:6a:6a:64:f1:52:55:7c:25:f8:35:4e:8e:86:f1:01:78:
+ 56:11:10:6e:92:d0:45:6a:9d:03:a0:a3:b8:3b:97:fb:2d:a8:
+ 1f:83:9d:d0:d9:af:8b:77:08:a2:0d:8e:15:18:97:7e:4b:d9:
+ 6f:48:cd:a5:6e:04:29:e4:ba:c4:63:e7:a1:b1:bf:22:71:75:
+ 24:da:6f:73:0f:d3:fc:84:af:68:3c:3d:c5:e0:72:f3:b8:2e:
+ 8b:5f:d9:00:c6:7e:59:4e:b9:f4:12:a7:df:88:d0:67:f9:40:
+ 17:4f:25:af:72:b7:a5:ee:b2:69:3b:b2:fe:a7:1b:6b:39:e6:
+ be:89:0e:ed:74:87:7e:25:bd:3d:c7:f6:f1:d9:10:47:1c:54:
+ 47:0c:77:31
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAGOukCZyhdsBy7nyUfJDjbVPlavgXZ1nZRwkurAMgk7tX5uJXX1/
-s2eiCY05ta+c9cJAs7pOc3LPE9086D6Sb0aMdvlHcV7kgWjLl7NzNa40ECqr58w6
-Daeil5dJVLKgBRwYWq928CO1/8bMGmcaWnxXUMv4U3i4U2qMPdyy8beq+PJzoSKX
-BLzVbilbhqxj8WKyLaXA/y0/eeTQgf0BMJFTlEM1yMdMuScjVFRpdobww6CGwjIb
-ayJsjl+bsSBzrI3ayA/sY2Fd4x9/zLUwShybxVPLXo+wzFIBddCo0YUg703ZLccP
-Hu2Cih72q+2fZVepOwjeZq2iLlE3ChBdBKA=
+AQELBQADggEBAGwyjMBaSxgydY0Egzp9ClOBMe9+R4vzacTFFoJw+yaf98nZB4BF
+QOX9IvSpkLRTiSB9jHF3NVB5OY0cpOUKy9QHNP12O+dOtcprl0vkSDwoXHtvNPz4
+NGVa1DOoT2ynxckrlUga0tpQRVAquRbcampk8VJVfCX4NU6OhvEBeFYREG6S0EVq
+nQOgo7g7l/stqB+DndDZr4t3CKINjhUYl35L2W9IzaVuBCnkusRj56GxvyJxdSTa
+b3MP0/yEr2g8PcXgcvO4Lotf2QDGfllOufQSp9+I0Gf5QBdPJa9yt6Xusmk7sv6n
+G2s55r6JDu10h34lvT3H9vHZEEccVEcMdzE=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -181,8 +181,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -213,34 +213,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:1
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- a0:92:d4:03:7b:b4:f5:cb:d8:7f:ca:e9:ff:0e:17:62:e9:72:
- 82:ca:c0:84:2c:26:d3:ff:35:aa:aa:e6:1d:0d:5f:86:40:94:
- 12:01:30:dc:7c:c9:84:02:9f:d5:de:a8:47:38:e9:74:c1:73:
- 63:a3:37:88:3f:c5:d6:24:03:d1:9c:8b:7e:c1:62:ae:5c:ad:
- c1:bc:28:b6:c7:ad:0b:ef:89:eb:87:0d:25:74:a0:f3:fa:e9:
- 03:68:7a:9f:88:42:72:b8:56:e5:f7:98:d3:da:79:1e:a2:ad:
- 16:0b:31:ae:52:bb:12:1d:1a:cd:a6:d2:04:e8:94:cb:37:a9:
- 6c:07:3a:74:e3:90:44:56:76:36:31:7e:23:69:be:dd:b2:79:
- bf:8f:72:ab:19:09:b5:5b:a8:52:db:d6:a7:63:cb:30:75:50:
- 41:28:92:86:c2:46:17:00:1a:22:3c:fa:13:ea:bc:01:e8:62:
- 4d:bf:8a:41:81:a2:06:0f:bb:f3:73:36:fa:1c:39:3b:db:50:
- ee:83:70:96:3f:67:ab:35:cf:a5:07:f9:35:50:54:58:12:60:
- 4d:ec:a9:25:97:39:b7:14:83:03:d5:8e:d9:75:7f:d8:cc:ce:
- 4d:d6:43:a3:ae:19:3d:75:61:0e:fa:fe:31:e5:5e:ee:56:5a:
- c8:c9:68:b0
+ 10:af:3a:e5:49:81:7e:0f:ef:ad:b4:62:02:de:5b:2f:d7:bd:
+ 9c:59:b4:d3:ae:6c:60:12:ba:23:86:ee:34:4e:d5:29:00:1b:
+ 6e:1e:6b:05:96:0d:2c:4e:5c:91:74:83:ad:ba:8b:fe:cd:a6:
+ 9b:86:94:f7:7f:b4:5e:c9:cb:e6:6e:90:30:53:cb:44:27:f5:
+ 0b:37:b9:f0:bc:37:cd:b9:fc:fb:77:03:54:82:b5:d2:97:12:
+ 01:36:48:1f:a7:ae:7d:a3:c6:55:9e:c4:0e:0b:76:dc:e8:3c:
+ b0:cc:06:88:be:74:2e:03:82:72:38:80:ca:14:dc:63:82:6e:
+ 73:3b:77:e8:c0:4d:e7:0e:8f:7e:9c:65:36:1c:d6:47:40:74:
+ ef:ce:fe:6d:60:83:77:18:c9:3c:9f:f6:06:a5:16:e6:07:53:
+ 66:f0:49:42:dd:04:49:59:a9:b9:12:1f:a4:e9:c7:15:fb:34:
+ df:a5:19:62:93:65:6c:ef:66:90:61:fe:0e:19:56:0d:b2:5d:
+ b1:ee:55:40:32:7c:36:ff:54:6e:e4:55:16:7e:57:bd:82:f8:
+ b1:38:de:86:a8:e8:4d:7e:b2:b8:59:ef:79:89:a3:0e:63:39:
+ 61:3f:f2:ab:b4:50:eb:74:7c:79:e7:f9:66:91:ff:ea:61:27:
+ df:be:c2:89
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey
LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -254,12 +254,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAKCS1AN7tPXL2H/K6f8OF2LpcoLKwIQsJtP/Naqq5h0N
-X4ZAlBIBMNx8yYQCn9XeqEc46XTBc2OjN4g/xdYkA9Gci37BYq5crcG8KLbHrQvv
-ieuHDSV0oPP66QNoep+IQnK4VuX3mNPaeR6irRYLMa5SuxIdGs2m0gTolMs3qWwH
-OnTjkERWdjYxfiNpvt2yeb+PcqsZCbVbqFLb1qdjyzB1UEEokobCRhcAGiI8+hPq
-vAHoYk2/ikGBogYPu/NzNvocOTvbUO6DcJY/Z6s1z6UH+TVQVFgSYE3sqSWXObcU
-gwPVjtl1f9jMzk3WQ6OuGT11YQ76/jHlXu5WWsjJaLA=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBABCvOuVJgX4P7620YgLeWy/XvZxZtNOubGASuiOG7jRO
+1SkAG24eawWWDSxOXJF0g626i/7NppuGlPd/tF7Jy+ZukDBTy0Qn9Qs3ufC8N825
+/Pt3A1SCtdKXEgE2SB+nrn2jxlWexA4LdtzoPLDMBoi+dC4DgnI4gMoU3GOCbnM7
+d+jATecOj36cZTYc1kdAdO/O/m1gg3cYyTyf9galFuYHU2bwSULdBElZqbkSH6Tp
+xxX7NN+lGWKTZWzvZpBh/g4ZVg2yXbHuVUAyfDb/VG7kVRZ+V72C+LE43oao6E1+
+srhZ73mJow5jOWE/8qu0UOt0fHnn+WaR/+phJ9++wok=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem
index 5a0bf47f..d4783531 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 4c:f5:67:b4:d0:b3:0d:bf:83:54:88:1b:f4:db:73:e2:11:2e:
- 39:2f:60:86:6c:4a:f1:41:3e:18:6b:c9:df:28:0d:3c:4c:d3:
- c2:52:83:07:14:84:30:4c:05:1c:23:b2:7d:45:c3:ed:ee:cb:
- b0:33:e7:ff:5a:62:78:7a:db:f2:61:d7:d4:40:3a:f7:ba:3f:
- 91:de:bb:7c:f9:14:0f:6e:39:82:c1:73:c7:ab:d3:72:f4:09:
- 83:92:c4:fd:7b:8b:a4:f9:08:f7:c7:60:0f:d5:7a:d0:49:44:
- 64:e7:13:da:8f:90:f7:ec:d5:17:7b:bc:a1:f8:04:f9:81:5a:
- 57:a0:2c:e1:d0:16:96:ae:52:fb:af:6d:23:54:78:fd:97:1a:
- c5:c5:6c:19:11:78:54:0e:ec:b7:d8:48:93:89:29:77:68:a7:
- 2a:fa:08:82:b3:51:e9:87:b0:d1:02:c1:10:75:55:41:51:3d:
- 30:e9:40:c6:a8:c2:e6:ee:09:26:e4:98:79:9e:ca:45:55:e8:
- fb:f3:51:09:1c:21:22:d9:5f:33:61:7b:63:f2:c9:c2:c3:71:
- 2b:70:56:5a:8a:66:1b:f6:d5:53:88:59:19:61:4e:ec:e7:72:
- a9:56:04:9c:26:c9:e7:20:be:dd:52:55:1c:cb:d9:79:c5:d3:
- ff:36:a2:e4
+ 58:2b:2e:33:ed:42:7d:ce:8a:9f:2e:25:2f:7a:66:6f:d0:8a:
+ 32:ee:70:b6:a0:ee:6f:ec:0c:52:af:d8:8c:2a:11:9f:f0:f3:
+ 6a:41:bd:da:43:ad:82:5d:52:95:e2:6b:95:42:d1:24:09:ba:
+ 7d:b5:6b:73:a2:96:3d:72:ba:65:cd:9c:c6:65:52:fb:68:65:
+ cb:55:5d:f5:44:fa:66:72:8c:1c:33:92:a6:37:77:44:16:86:
+ ed:f2:d3:a9:49:ff:aa:05:96:c8:e0:1c:b7:0a:60:e7:46:5e:
+ 94:9d:c8:7a:31:41:98:96:38:17:a0:79:e3:1d:a3:13:06:17:
+ 2d:b8:fd:6f:34:ed:e3:6d:36:e7:d4:5d:cf:00:4a:ce:a6:ff:
+ 1c:87:d8:48:1b:65:b0:d0:72:70:48:15:bd:f1:3c:a9:06:f9:
+ 7e:11:c1:43:6c:0b:60:d9:d9:5c:d3:3b:c2:18:eb:3f:82:eb:
+ fd:a5:1a:b2:a2:23:10:c3:30:af:4a:e9:d9:05:f1:e2:4e:e9:
+ 41:bd:d7:dd:98:db:91:f2:15:54:4c:82:3d:22:aa:18:e5:e6:
+ df:9b:85:21:63:74:3d:08:a9:2e:35:e2:5e:61:32:78:04:49:
+ 91:0d:8c:05:12:90:ec:f5:c5:d2:71:8a:2a:65:5c:b1:d4:14:
+ 53:de:9b:98
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAEz1Z7TQ
-sw2/g1SIG/Tbc+IRLjkvYIZsSvFBPhhryd8oDTxM08JSgwcUhDBMBRwjsn1Fw+3u
-y7Az5/9aYnh62/Jh19RAOve6P5Heu3z5FA9uOYLBc8er03L0CYOSxP17i6T5CPfH
-YA/VetBJRGTnE9qPkPfs1Rd7vKH4BPmBWlegLOHQFpauUvuvbSNUeP2XGsXFbBkR
-eFQO7LfYSJOJKXdopyr6CIKzUemHsNECwRB1VUFRPTDpQMaowubuCSbkmHmeykVV
-6PvzUQkcISLZXzNhe2PyycLDcStwVlqKZhv21VOIWRlhTuzncqlWBJwmyecgvt1S
-VRzL2XnF0/82ouQ=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAFgrLjPt
+Qn3Oip8uJS96Zm/QijLucLag7m/sDFKv2IwqEZ/w82pBvdpDrYJdUpXia5VC0SQJ
+un21a3Oilj1yumXNnMZlUvtoZctVXfVE+mZyjBwzkqY3d0QWhu3y06lJ/6oFlsjg
+HLcKYOdGXpSdyHoxQZiWOBegeeMdoxMGFy24/W807eNtNufUXc8ASs6m/xyH2Egb
+ZbDQcnBIFb3xPKkG+X4RwUNsC2DZ2VzTO8IY6z+C6/2lGrKiIxDDMK9K6dkF8eJO
+6UG9192Y25HyFVRMgj0iqhjl5t+bhSFjdD0IqS414l5hMngESZENjAUSkOz1xdJx
+iiplXLHUFFPem5g=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem
index 699ea62d..bfd767cb 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:1
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 85:07:b7:5d:63:bb:41:42:b4:d4:b7:26:cc:c8:70:90:38:aa:
- 08:58:77:21:dc:34:06:63:43:47:22:4f:9d:3d:bc:6a:da:9a:
- b7:0c:7a:1a:bf:76:8b:32:34:b5:42:ad:60:d6:38:6a:91:df:
- d7:49:e3:a2:1e:53:0b:0e:dc:56:44:dd:bf:7a:c4:72:82:c9:
- 77:76:b4:52:84:2f:1e:5b:a6:58:b1:58:d9:67:9c:43:cf:28:
- 3e:f4:cd:2d:9c:af:bc:e9:ec:82:2c:42:da:40:06:55:a8:1f:
- f3:e4:dd:8a:a4:ba:9f:45:71:f1:b9:35:a0:fa:77:4b:67:f2:
- 0d:78:7e:bf:db:f7:32:41:a3:0d:e4:38:ce:ec:fb:a4:5e:19:
- 8a:7c:d6:ff:ee:cd:a7:de:d8:6a:e7:b5:30:6c:2b:a1:d9:9c:
- 04:28:ee:5a:d6:83:84:15:f3:39:25:1e:9d:bc:12:09:1e:99:
- 69:ae:0e:9e:92:92:69:2e:12:a3:d4:40:0a:0a:66:5a:0a:ec:
- e3:7c:2a:55:b5:30:60:a7:fa:ed:26:f4:b3:b8:c7:70:01:ed:
- ed:dd:cc:1d:d1:43:c1:a2:72:b1:cd:20:89:a7:95:ea:e8:ca:
- 01:17:73:ab:99:67:35:f6:d5:e9:1a:06:c9:15:b2:47:2d:8c:
- 35:5b:57:12
+ 52:84:69:eb:36:71:76:74:41:ab:d8:70:ae:18:64:3f:b1:8d:
+ ef:ad:2f:6b:6b:e5:c3:5e:41:ca:6c:30:23:b5:6b:26:c2:18:
+ fa:b4:97:95:9f:50:16:29:94:5e:91:1b:90:22:db:1e:a8:7f:
+ eb:db:b9:38:d8:7d:8d:f9:1b:b2:c4:ab:0e:10:d4:ae:8e:a3:
+ 56:c5:e0:ed:f9:37:eb:ce:1f:93:70:32:2a:aa:30:90:38:02:
+ 58:e4:e7:e7:bb:80:64:a0:ef:8d:2f:15:2d:8b:d0:d8:b0:72:
+ 0c:63:76:ba:cb:c8:1c:79:34:d9:d3:23:15:c2:b2:da:89:1a:
+ c6:24:16:60:2f:8a:80:fd:ac:cf:3d:0d:eb:1b:e1:ca:aa:37:
+ e5:a1:80:8d:14:e1:ca:94:f2:c4:7c:22:4a:54:f6:e4:e5:db:
+ 57:13:a3:fb:9a:63:13:2c:6e:4b:33:cc:1e:de:73:7e:00:b9:
+ 8f:3d:bf:ff:af:81:83:31:2e:42:b2:c9:df:23:ae:9a:35:cf:
+ 3d:f4:98:fd:dc:58:15:01:41:a7:c0:6c:09:cd:88:39:24:71:
+ 10:97:f3:e5:0e:ad:59:77:83:00:a0:03:9e:c8:cb:26:18:d1:
+ a1:60:bd:8a:53:a8:4e:08:0e:57:1e:5b:1d:df:a5:bd:04:01:
+ 66:dd:30:2d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex
LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAIUHt11ju0FCtNS3JszIcJA4qghYdyHcNAZjQ0ciT509
-vGramrcMehq/dosyNLVCrWDWOGqR39dJ46IeUwsO3FZE3b96xHKCyXd2tFKELx5b
-plixWNlnnEPPKD70zS2cr7zp7IIsQtpABlWoH/Pk3Yqkup9FcfG5NaD6d0tn8g14
-fr/b9zJBow3kOM7s+6ReGYp81v/uzafe2GrntTBsK6HZnAQo7lrWg4QV8zklHp28
-EgkemWmuDp6SkmkuEqPUQAoKZloK7ON8KlW1MGCn+u0m9LO4x3AB7e3dzB3RQ8Gi
-crHNIImnleroygEXc6uZZzX21ekaBskVskctjDVbVxI=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAFKEaes2cXZ0QavYcK4YZD+xje+tL2tr5cNeQcpsMCO1
+aybCGPq0l5WfUBYplF6RG5Ai2x6of+vbuTjYfY35G7LEqw4Q1K6Oo1bF4O35N+vO
+H5NwMiqqMJA4Aljk5+e7gGSg740vFS2L0NiwcgxjdrrLyBx5NNnTIxXCstqJGsYk
+FmAvioD9rM89Desb4cqqN+WhgI0U4cqU8sR8IkpU9uTl21cTo/uaYxMsbkszzB7e
+c34AuY89v/+vgYMxLkKyyd8jrpo1zz30mP3cWBUBQafAbAnNiDkkcRCX8+UOrVl3
+gwCgA57IyyYY0aFgvYpTqE4IDlceWx3fpb0EAWbdMC0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem
index ee686ba8..55e61fa4 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 93:2b:f0:ef:0b:81:7e:80:7e:46:ba:e4:21:85:d6:aa:ac:b3:
- 22:9f:0e:99:48:5c:bb:68:30:c3:98:24:14:fc:9c:63:4d:2f:
- 9d:82:03:61:cf:d5:9d:82:91:58:ba:45:6a:e1:aa:81:d4:e8:
- 0c:a8:06:0a:a5:5e:56:84:0a:25:81:43:1c:db:e3:8d:b6:1c:
- 16:a8:79:bf:9e:ac:61:a2:39:41:16:0f:e6:49:3c:26:34:a7:
- 95:e6:20:41:2e:d5:e9:3e:fa:8c:fe:6e:2e:25:d8:a8:08:18:
- 92:a6:e5:9a:91:b2:40:94:64:ef:8d:55:7a:b3:71:f8:0f:af:
- 2c:40:73:f2:74:1b:c0:9e:f2:1c:98:7d:37:e1:04:07:8c:b9:
- 8d:bf:5f:1a:0a:24:ac:26:b3:5f:0c:31:78:a0:ab:9d:88:51:
- aa:b6:0c:7c:6f:3d:d6:d1:93:81:5e:38:32:a3:95:8c:04:be:
- 24:d0:32:8b:94:d5:f9:71:c8:04:f1:c5:85:59:c2:d4:20:0d:
- ef:bc:f2:3d:4a:86:05:92:14:bb:42:95:c3:45:e5:97:e1:33:
- 74:52:93:c8:38:30:b5:b8:97:e2:ba:bb:73:2a:3d:25:d0:c6:
- 09:19:3b:f6:02:f9:9c:0b:4f:8b:10:03:83:36:59:7d:b8:a1:
- 12:60:e5:67
+ b0:8e:f5:a6:d7:df:13:fb:72:58:82:1e:b8:e8:34:aa:12:cc:
+ 39:4e:ad:b7:ff:b7:1b:d4:91:25:12:4f:af:f4:f0:9a:bf:e4:
+ 0f:f1:3d:bb:46:e9:c1:61:a5:b1:42:f3:13:75:b1:60:df:ba:
+ 36:62:f4:4d:e1:2c:23:ff:92:db:81:dc:72:71:74:00:6b:a2:
+ 29:cd:6f:ff:3c:db:35:6c:8c:bf:d5:d4:af:20:78:65:6c:f3:
+ 5c:e5:84:22:b6:1c:06:6e:fa:b1:fb:07:3e:76:60:58:36:73:
+ 3c:97:ab:5a:27:56:d6:f9:ef:43:34:67:af:57:3e:d2:dc:2e:
+ e7:e4:1c:8b:cb:90:11:1a:b9:8e:01:3f:e4:a2:6c:93:b3:90:
+ cd:6c:05:1e:d7:2f:7a:00:de:00:be:e6:35:4c:25:fc:19:96:
+ 27:9f:0d:0b:a8:9d:14:d9:89:4b:13:ec:53:e9:f9:31:b7:3f:
+ 95:61:7e:b3:bb:32:a3:f1:94:53:49:b4:f5:c8:ee:83:0d:69:
+ 5c:89:c3:21:e4:a5:d0:9c:af:30:af:64:e3:78:53:d5:5e:72:
+ 2b:d8:d7:7a:45:03:ba:9f:93:c9:fb:8d:cc:94:41:d5:2a:eb:
+ 87:ee:9f:c8:bf:ca:d1:6e:92:6b:96:af:20:6e:a5:42:9b:1d:
+ 8b:2b:ad:d5
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,12 +77,12 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAkyvw7wuBfoB+RrrkIYXWqqyz
-Ip8OmUhcu2gww5gkFPycY00vnYIDYc/VnYKRWLpFauGqgdToDKgGCqVeVoQKJYFD
-HNvjjbYcFqh5v56sYaI5QRYP5kk8JjSnleYgQS7V6T76jP5uLiXYqAgYkqblmpGy
-QJRk741VerNx+A+vLEBz8nQbwJ7yHJh9N+EEB4y5jb9fGgokrCazXwwxeKCrnYhR
-qrYMfG891tGTgV44MqOVjAS+JNAyi5TV+XHIBPHFhVnC1CAN77zyPUqGBZIUu0KV
-w0Xll+EzdFKTyDgwtbiX4rq7cyo9JdDGCRk79gL5nAtPixADgzZZfbihEmDlZw==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAsI71ptffE/tyWIIeuOg0qhLM
+OU6tt/+3G9SRJRJPr/Twmr/kD/E9u0bpwWGlsULzE3WxYN+6NmL0TeEsI/+S24Hc
+cnF0AGuiKc1v/zzbNWyMv9XUryB4ZWzzXOWEIrYcBm76sfsHPnZgWDZzPJerWidW
+1vnvQzRnr1c+0twu5+Qci8uQERq5jgE/5KJsk7OQzWwFHtcvegDeAL7mNUwl/BmW
+J58NC6idFNmJSxPsU+n5Mbc/lWF+s7syo/GUU0m09cjugw1pXInDIeSl0JyvMK9k
+43hT1V5yK9jXekUDup+TyfuNzJRB1Srrh+6fyL/K0W6Sa5avIG6lQpsdiyut1Q==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -91,8 +91,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:1
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 85:07:b7:5d:63:bb:41:42:b4:d4:b7:26:cc:c8:70:90:38:aa:
- 08:58:77:21:dc:34:06:63:43:47:22:4f:9d:3d:bc:6a:da:9a:
- b7:0c:7a:1a:bf:76:8b:32:34:b5:42:ad:60:d6:38:6a:91:df:
- d7:49:e3:a2:1e:53:0b:0e:dc:56:44:dd:bf:7a:c4:72:82:c9:
- 77:76:b4:52:84:2f:1e:5b:a6:58:b1:58:d9:67:9c:43:cf:28:
- 3e:f4:cd:2d:9c:af:bc:e9:ec:82:2c:42:da:40:06:55:a8:1f:
- f3:e4:dd:8a:a4:ba:9f:45:71:f1:b9:35:a0:fa:77:4b:67:f2:
- 0d:78:7e:bf:db:f7:32:41:a3:0d:e4:38:ce:ec:fb:a4:5e:19:
- 8a:7c:d6:ff:ee:cd:a7:de:d8:6a:e7:b5:30:6c:2b:a1:d9:9c:
- 04:28:ee:5a:d6:83:84:15:f3:39:25:1e:9d:bc:12:09:1e:99:
- 69:ae:0e:9e:92:92:69:2e:12:a3:d4:40:0a:0a:66:5a:0a:ec:
- e3:7c:2a:55:b5:30:60:a7:fa:ed:26:f4:b3:b8:c7:70:01:ed:
- ed:dd:cc:1d:d1:43:c1:a2:72:b1:cd:20:89:a7:95:ea:e8:ca:
- 01:17:73:ab:99:67:35:f6:d5:e9:1a:06:c9:15:b2:47:2d:8c:
- 35:5b:57:12
+ 52:84:69:eb:36:71:76:74:41:ab:d8:70:ae:18:64:3f:b1:8d:
+ ef:ad:2f:6b:6b:e5:c3:5e:41:ca:6c:30:23:b5:6b:26:c2:18:
+ fa:b4:97:95:9f:50:16:29:94:5e:91:1b:90:22:db:1e:a8:7f:
+ eb:db:b9:38:d8:7d:8d:f9:1b:b2:c4:ab:0e:10:d4:ae:8e:a3:
+ 56:c5:e0:ed:f9:37:eb:ce:1f:93:70:32:2a:aa:30:90:38:02:
+ 58:e4:e7:e7:bb:80:64:a0:ef:8d:2f:15:2d:8b:d0:d8:b0:72:
+ 0c:63:76:ba:cb:c8:1c:79:34:d9:d3:23:15:c2:b2:da:89:1a:
+ c6:24:16:60:2f:8a:80:fd:ac:cf:3d:0d:eb:1b:e1:ca:aa:37:
+ e5:a1:80:8d:14:e1:ca:94:f2:c4:7c:22:4a:54:f6:e4:e5:db:
+ 57:13:a3:fb:9a:63:13:2c:6e:4b:33:cc:1e:de:73:7e:00:b9:
+ 8f:3d:bf:ff:af:81:83:31:2e:42:b2:c9:df:23:ae:9a:35:cf:
+ 3d:f4:98:fd:dc:58:15:01:41:a7:c0:6c:09:cd:88:39:24:71:
+ 10:97:f3:e5:0e:ad:59:77:83:00:a0:03:9e:c8:cb:26:18:d1:
+ a1:60:bd:8a:53:a8:4e:08:0e:57:1e:5b:1d:df:a5:bd:04:01:
+ 66:dd:30:2d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex
LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -164,12 +164,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAIUHt11ju0FCtNS3JszIcJA4qghYdyHcNAZjQ0ciT509
-vGramrcMehq/dosyNLVCrWDWOGqR39dJ46IeUwsO3FZE3b96xHKCyXd2tFKELx5b
-plixWNlnnEPPKD70zS2cr7zp7IIsQtpABlWoH/Pk3Yqkup9FcfG5NaD6d0tn8g14
-fr/b9zJBow3kOM7s+6ReGYp81v/uzafe2GrntTBsK6HZnAQo7lrWg4QV8zklHp28
-EgkemWmuDp6SkmkuEqPUQAoKZloK7ON8KlW1MGCn+u0m9LO4x3AB7e3dzB3RQ8Gi
-crHNIImnleroygEXc6uZZzX21ekaBskVskctjDVbVxI=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAFKEaes2cXZ0QavYcK4YZD+xje+tL2tr5cNeQcpsMCO1
+aybCGPq0l5WfUBYplF6RG5Ai2x6of+vbuTjYfY35G7LEqw4Q1K6Oo1bF4O35N+vO
+H5NwMiqqMJA4Aljk5+e7gGSg740vFS2L0NiwcgxjdrrLyBx5NNnTIxXCstqJGsYk
+FmAvioD9rM89Desb4cqqN+WhgI0U4cqU8sR8IkpU9uTl21cTo/uaYxMsbkszzB7e
+c34AuY89v/+vgYMxLkKyyd8jrpo1zz30mP3cWBUBQafAbAnNiDkkcRCX8+UOrVl3
+gwCgA57IyyYY0aFgvYpTqE4IDlceWx3fpb0EAWbdMC0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem
index ab1092be..f361a897 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 93:2b:f0:ef:0b:81:7e:80:7e:46:ba:e4:21:85:d6:aa:ac:b3:
- 22:9f:0e:99:48:5c:bb:68:30:c3:98:24:14:fc:9c:63:4d:2f:
- 9d:82:03:61:cf:d5:9d:82:91:58:ba:45:6a:e1:aa:81:d4:e8:
- 0c:a8:06:0a:a5:5e:56:84:0a:25:81:43:1c:db:e3:8d:b6:1c:
- 16:a8:79:bf:9e:ac:61:a2:39:41:16:0f:e6:49:3c:26:34:a7:
- 95:e6:20:41:2e:d5:e9:3e:fa:8c:fe:6e:2e:25:d8:a8:08:18:
- 92:a6:e5:9a:91:b2:40:94:64:ef:8d:55:7a:b3:71:f8:0f:af:
- 2c:40:73:f2:74:1b:c0:9e:f2:1c:98:7d:37:e1:04:07:8c:b9:
- 8d:bf:5f:1a:0a:24:ac:26:b3:5f:0c:31:78:a0:ab:9d:88:51:
- aa:b6:0c:7c:6f:3d:d6:d1:93:81:5e:38:32:a3:95:8c:04:be:
- 24:d0:32:8b:94:d5:f9:71:c8:04:f1:c5:85:59:c2:d4:20:0d:
- ef:bc:f2:3d:4a:86:05:92:14:bb:42:95:c3:45:e5:97:e1:33:
- 74:52:93:c8:38:30:b5:b8:97:e2:ba:bb:73:2a:3d:25:d0:c6:
- 09:19:3b:f6:02:f9:9c:0b:4f:8b:10:03:83:36:59:7d:b8:a1:
- 12:60:e5:67
+ b0:8e:f5:a6:d7:df:13:fb:72:58:82:1e:b8:e8:34:aa:12:cc:
+ 39:4e:ad:b7:ff:b7:1b:d4:91:25:12:4f:af:f4:f0:9a:bf:e4:
+ 0f:f1:3d:bb:46:e9:c1:61:a5:b1:42:f3:13:75:b1:60:df:ba:
+ 36:62:f4:4d:e1:2c:23:ff:92:db:81:dc:72:71:74:00:6b:a2:
+ 29:cd:6f:ff:3c:db:35:6c:8c:bf:d5:d4:af:20:78:65:6c:f3:
+ 5c:e5:84:22:b6:1c:06:6e:fa:b1:fb:07:3e:76:60:58:36:73:
+ 3c:97:ab:5a:27:56:d6:f9:ef:43:34:67:af:57:3e:d2:dc:2e:
+ e7:e4:1c:8b:cb:90:11:1a:b9:8e:01:3f:e4:a2:6c:93:b3:90:
+ cd:6c:05:1e:d7:2f:7a:00:de:00:be:e6:35:4c:25:fc:19:96:
+ 27:9f:0d:0b:a8:9d:14:d9:89:4b:13:ec:53:e9:f9:31:b7:3f:
+ 95:61:7e:b3:bb:32:a3:f1:94:53:49:b4:f5:c8:ee:83:0d:69:
+ 5c:89:c3:21:e4:a5:d0:9c:af:30:af:64:e3:78:53:d5:5e:72:
+ 2b:d8:d7:7a:45:03:ba:9f:93:c9:fb:8d:cc:94:41:d5:2a:eb:
+ 87:ee:9f:c8:bf:ca:d1:6e:92:6b:96:af:20:6e:a5:42:9b:1d:
+ 8b:2b:ad:d5
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE
BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAkyvw7wuBfoB+RrrkIYXWqqyz
-Ip8OmUhcu2gww5gkFPycY00vnYIDYc/VnYKRWLpFauGqgdToDKgGCqVeVoQKJYFD
-HNvjjbYcFqh5v56sYaI5QRYP5kk8JjSnleYgQS7V6T76jP5uLiXYqAgYkqblmpGy
-QJRk741VerNx+A+vLEBz8nQbwJ7yHJh9N+EEB4y5jb9fGgokrCazXwwxeKCrnYhR
-qrYMfG891tGTgV44MqOVjAS+JNAyi5TV+XHIBPHFhVnC1CAN77zyPUqGBZIUu0KV
-w0Xll+EzdFKTyDgwtbiX4rq7cyo9JdDGCRk79gL5nAtPixADgzZZfbihEmDlZw==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAsI71ptffE/tyWIIeuOg0qhLM
+OU6tt/+3G9SRJRJPr/Twmr/kD/E9u0bpwWGlsULzE3WxYN+6NmL0TeEsI/+S24Hc
+cnF0AGuiKc1v/zzbNWyMv9XUryB4ZWzzXOWEIrYcBm76sfsHPnZgWDZzPJerWidW
+1vnvQzRnr1c+0twu5+Qci8uQERq5jgE/5KJsk7OQzWwFHtcvegDeAL7mNUwl/BmW
+J58NC6idFNmJSxPsU+n5Mbc/lWF+s7syo/GUU0m09cjugw1pXInDIeSl0JyvMK9k
+43hT1V5yK9jXekUDup+TyfuNzJRB1Srrh+6fyL/K0W6Sa5avIG6lQpsdiyut1Q==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem
index 05f2115f..a9d4c15b 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:127
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 14:5a:3c:65:84:c3:96:6c:0a:15:61:18:89:b8:b5:0b:66:41:
- 17:bd:d9:09:03:d5:7f:fc:3c:8a:1b:2e:64:60:8d:8a:a3:47:
- 55:c7:63:d1:e4:ab:15:76:d6:d3:82:84:d6:19:05:08:f5:c7:
- f2:ad:d3:de:32:03:f7:bc:b6:43:5a:e7:fd:9e:7b:b5:9d:c9:
- ba:0a:5a:7f:08:cf:15:f5:a1:50:89:29:fb:49:b2:78:60:30:
- 28:36:2c:81:b2:0a:e0:ec:a7:d9:9f:fe:f7:38:2f:b6:6f:5a:
- bb:29:b2:a5:cc:23:09:5c:f8:00:05:3a:53:3f:37:41:5d:7c:
- dd:fc:69:00:3a:91:e5:c4:42:b0:0a:db:90:2a:cd:f6:99:2e:
- ae:04:b7:6d:df:e8:71:9b:7f:5b:6f:78:4d:9b:78:83:01:40:
- e1:fc:fa:e3:f0:fe:5a:f3:ae:a9:30:9e:da:ba:9e:6e:aa:e0:
- a5:98:d1:f0:24:96:c7:37:c4:3e:5d:1b:b1:ff:5d:a1:8f:7f:
- d7:78:c7:0d:c6:ce:20:e3:73:15:b0:23:24:12:e0:d7:f0:b3:
- f8:b2:c0:c7:e9:53:0e:d7:b3:a6:a2:54:06:76:c0:09:31:17:
- 73:42:07:e8:25:fd:6d:11:1d:1f:4d:2a:1f:06:52:68:5f:e6:
- 66:c2:6a:cf
+ ae:70:5a:14:f9:fb:c6:c5:5e:19:92:18:5e:fc:6d:7a:9c:90:
+ 34:2f:d4:7e:42:cf:88:80:3c:65:96:f7:4e:b7:26:c5:aa:6c:
+ 6c:a0:31:51:7b:ad:92:42:9c:16:7e:5c:1a:f7:0b:d1:8a:b6:
+ 41:fa:d1:a1:fc:86:6f:32:15:88:a8:b2:69:a6:38:2a:16:57:
+ 55:d8:be:8f:6e:fa:4b:e6:a1:2b:db:4d:64:0c:08:76:31:37:
+ ec:c4:6d:2b:3a:62:a2:2e:9a:0d:29:57:95:3a:76:e4:b2:63:
+ 90:07:72:04:f4:59:6e:be:94:00:13:0d:13:99:f8:97:df:16:
+ b5:70:32:d8:9f:84:07:3d:9d:be:87:50:33:3e:4e:ae:51:f1:
+ 12:33:96:c4:d5:d1:df:cd:bf:eb:f5:20:a3:4c:36:9e:bd:d3:
+ 5e:7f:56:05:e9:24:65:77:59:65:c0:53:c4:59:5f:3e:b3:37:
+ 41:89:f4:f4:4a:ff:6c:97:f6:f1:49:09:9c:a2:a9:cf:17:27:
+ 31:2e:db:04:52:f9:18:a5:67:6c:d2:0d:12:2a:ff:33:26:83:
+ 20:1e:0e:81:e8:a4:b6:93:f9:d0:a3:b6:48:a1:5a:3e:b7:f0:
+ cd:b7:fe:66:6e:07:99:b0:6e:e6:a6:2b:93:7b:de:bc:41:5e:
+ 0d:d3:22:65
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex
LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -78,12 +78,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgdQGA1Ud
IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAFFo8ZYTDlmwKFWEYibi1C2ZBF73ZCQPVf/w8ihsu
-ZGCNiqNHVcdj0eSrFXbW04KE1hkFCPXH8q3T3jID97y2Q1rn/Z57tZ3JugpafwjP
-FfWhUIkp+0myeGAwKDYsgbIK4Oyn2Z/+9zgvtm9auymypcwjCVz4AAU6Uz83QV18
-3fxpADqR5cRCsArbkCrN9pkurgS3bd/ocZt/W294TZt4gwFA4fz64/D+WvOuqTCe
-2rqebqrgpZjR8CSWxzfEPl0bsf9doY9/13jHDcbOIONzFbAjJBLg1/Cz+LLAx+lT
-DtezpqJUBnbACTEXc0IH6CX9bREdH00qHwZSaF/mZsJqzw==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEArnBaFPn7xsVeGZIYXvxtepyQNC/UfkLPiIA8ZZb3
+TrcmxapsbKAxUXutkkKcFn5cGvcL0Yq2QfrRofyGbzIViKiyaaY4KhZXVdi+j276
+S+ahK9tNZAwIdjE37MRtKzpioi6aDSlXlTp25LJjkAdyBPRZbr6UABMNE5n4l98W
+tXAy2J+EBz2dvodQMz5OrlHxEjOWxNXR382/6/Ugo0w2nr3TXn9WBekkZXdZZcBT
+xFlfPrM3QYn09Er/bJf28UkJnKKpzxcnMS7bBFL5GKVnbNINEir/MyaDIB4Ogeik
+tpP50KO2SKFaPrfwzbf+Zm4HmbBu5qYrk3vevEFeDdMiZQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem
index 58ac4685..df69897f 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 07:a9:44:44:fc:dc:51:bc:be:74:cf:5a:7e:ee:42:62:ab:9d:
- 46:7f:5a:fe:01:f5:2e:3b:ba:60:91:84:96:61:ee:73:33:57:
- f3:bc:26:0c:87:66:e5:f0:c2:ea:27:bc:17:d2:2e:16:70:6a:
- 6c:24:e2:a9:8e:75:12:58:0f:a0:1c:98:18:6a:71:42:4b:d4:
- 57:61:8e:e4:13:45:4b:93:e1:dc:7a:82:df:32:9f:de:7d:e4:
- 79:2f:6f:39:75:ed:f3:b5:5d:ce:e7:d3:3f:b0:8c:43:81:bf:
- 65:d5:52:95:a8:d2:ed:69:21:af:db:10:2d:51:5f:8b:48:0a:
- 70:92:d2:63:7e:a7:ba:7c:2c:b3:1c:93:da:3d:bd:20:fc:47:
- 24:12:43:a6:24:ed:6f:43:3c:a5:8a:50:7e:9c:bd:ec:92:5f:
- 62:f5:e2:d6:70:78:bf:47:70:ff:c6:81:12:e1:2a:4f:3f:e3:
- 2f:ee:9a:63:96:dc:a8:2c:3c:da:de:60:07:66:a5:cf:c7:93:
- eb:9c:62:28:2e:d4:fa:b6:04:94:a2:7e:06:74:b0:27:c8:55:
- e6:7d:e3:a3:c8:17:d0:6e:10:3e:b8:7a:8d:7e:a8:a1:0e:a2:
- de:58:4c:04:4e:d8:9e:43:56:0b:31:2e:9f:62:3e:9d:a8:cb:
- 68:16:f9:69
+ 91:9a:e9:78:f5:c5:e1:87:94:b2:37:cb:fd:36:af:25:ad:9d:
+ 00:33:93:3c:ea:29:04:75:9f:a0:b8:4a:d8:68:3d:9e:94:6b:
+ ac:6e:51:6b:83:92:48:c1:c8:c8:01:48:d9:ac:e5:85:35:4c:
+ 43:c2:66:a3:3b:9c:97:71:ea:89:91:38:48:ab:d5:c5:c5:fb:
+ 70:40:db:1e:03:9b:a8:fc:2c:93:d6:d1:fb:42:f2:64:7a:43:
+ 09:59:3e:ed:71:9e:9d:62:a8:04:c8:52:5a:fd:d2:24:34:2d:
+ 22:72:62:27:ca:fb:88:e2:b7:a9:14:b7:0a:89:9d:2d:4f:ea:
+ 03:fc:a1:20:d6:98:73:1d:7a:96:42:47:d3:0c:7e:84:3d:1c:
+ f0:5b:90:6c:d0:2b:88:44:03:cc:a6:79:45:4f:bb:29:6b:73:
+ 47:ae:4f:70:b0:b4:b6:d1:c7:ec:8e:db:df:81:d9:67:57:67:
+ 82:3c:47:5f:92:1f:f0:58:61:9d:0b:9b:c4:4d:1f:4d:b7:d2:
+ 80:e6:f7:48:40:91:87:1c:b9:47:c8:68:24:30:a0:ba:ef:e8:
+ 7b:2e:33:85:3d:9c:d4:6b:7e:b1:1f:b7:c0:70:5d:77:49:73:
+ a2:f1:58:62:d6:a4:c9:37:d1:52:a4:d6:c6:9a:6e:a3:0c:f9:
+ 16:2a:f0:76
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,12 +77,12 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHqURE/NxRvL50z1p+7kJi
-q51Gf1r+AfUuO7pgkYSWYe5zM1fzvCYMh2bl8MLqJ7wX0i4WcGpsJOKpjnUSWA+g
-HJgYanFCS9RXYY7kE0VLk+HceoLfMp/efeR5L285de3ztV3O59M/sIxDgb9l1VKV
-qNLtaSGv2xAtUV+LSApwktJjfqe6fCyzHJPaPb0g/EckEkOmJO1vQzylilB+nL3s
-kl9i9eLWcHi/R3D/xoES4SpPP+Mv7ppjltyoLDza3mAHZqXPx5PrnGIoLtT6tgSU
-on4GdLAnyFXmfeOjyBfQbhA+uHqNfqihDqLeWEwETtieQ1YLMS6fYj6dqMtoFvlp
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCRmul49cXhh5SyN8v9Nq8l
+rZ0AM5M86ikEdZ+guErYaD2elGusblFrg5JIwcjIAUjZrOWFNUxDwmajO5yXceqJ
+kThIq9XFxftwQNseA5uo/CyT1tH7QvJkekMJWT7tcZ6dYqgEyFJa/dIkNC0icmIn
+yvuI4repFLcKiZ0tT+oD/KEg1phzHXqWQkfTDH6EPRzwW5Bs0CuIRAPMpnlFT7sp
+a3NHrk9wsLS20cfsjtvfgdlnV2eCPEdfkh/wWGGdC5vETR9Nt9KA5vdIQJGHHLlH
+yGgkMKC67+h7LjOFPZzUa36xH7fAcF13SXOi8Vhi1qTJN9FSpNbGmm6jDPkWKvB2
-----END CERTIFICATE-----
Certificate:
Data:
@@ -91,8 +91,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:127
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 14:5a:3c:65:84:c3:96:6c:0a:15:61:18:89:b8:b5:0b:66:41:
- 17:bd:d9:09:03:d5:7f:fc:3c:8a:1b:2e:64:60:8d:8a:a3:47:
- 55:c7:63:d1:e4:ab:15:76:d6:d3:82:84:d6:19:05:08:f5:c7:
- f2:ad:d3:de:32:03:f7:bc:b6:43:5a:e7:fd:9e:7b:b5:9d:c9:
- ba:0a:5a:7f:08:cf:15:f5:a1:50:89:29:fb:49:b2:78:60:30:
- 28:36:2c:81:b2:0a:e0:ec:a7:d9:9f:fe:f7:38:2f:b6:6f:5a:
- bb:29:b2:a5:cc:23:09:5c:f8:00:05:3a:53:3f:37:41:5d:7c:
- dd:fc:69:00:3a:91:e5:c4:42:b0:0a:db:90:2a:cd:f6:99:2e:
- ae:04:b7:6d:df:e8:71:9b:7f:5b:6f:78:4d:9b:78:83:01:40:
- e1:fc:fa:e3:f0:fe:5a:f3:ae:a9:30:9e:da:ba:9e:6e:aa:e0:
- a5:98:d1:f0:24:96:c7:37:c4:3e:5d:1b:b1:ff:5d:a1:8f:7f:
- d7:78:c7:0d:c6:ce:20:e3:73:15:b0:23:24:12:e0:d7:f0:b3:
- f8:b2:c0:c7:e9:53:0e:d7:b3:a6:a2:54:06:76:c0:09:31:17:
- 73:42:07:e8:25:fd:6d:11:1d:1f:4d:2a:1f:06:52:68:5f:e6:
- 66:c2:6a:cf
+ ae:70:5a:14:f9:fb:c6:c5:5e:19:92:18:5e:fc:6d:7a:9c:90:
+ 34:2f:d4:7e:42:cf:88:80:3c:65:96:f7:4e:b7:26:c5:aa:6c:
+ 6c:a0:31:51:7b:ad:92:42:9c:16:7e:5c:1a:f7:0b:d1:8a:b6:
+ 41:fa:d1:a1:fc:86:6f:32:15:88:a8:b2:69:a6:38:2a:16:57:
+ 55:d8:be:8f:6e:fa:4b:e6:a1:2b:db:4d:64:0c:08:76:31:37:
+ ec:c4:6d:2b:3a:62:a2:2e:9a:0d:29:57:95:3a:76:e4:b2:63:
+ 90:07:72:04:f4:59:6e:be:94:00:13:0d:13:99:f8:97:df:16:
+ b5:70:32:d8:9f:84:07:3d:9d:be:87:50:33:3e:4e:ae:51:f1:
+ 12:33:96:c4:d5:d1:df:cd:bf:eb:f5:20:a3:4c:36:9e:bd:d3:
+ 5e:7f:56:05:e9:24:65:77:59:65:c0:53:c4:59:5f:3e:b3:37:
+ 41:89:f4:f4:4a:ff:6c:97:f6:f1:49:09:9c:a2:a9:cf:17:27:
+ 31:2e:db:04:52:f9:18:a5:67:6c:d2:0d:12:2a:ff:33:26:83:
+ 20:1e:0e:81:e8:a4:b6:93:f9:d0:a3:b6:48:a1:5a:3e:b7:f0:
+ cd:b7:fe:66:6e:07:99:b0:6e:e6:a6:2b:93:7b:de:bc:41:5e:
+ 0d:d3:22:65
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex
LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -164,12 +164,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgdQGA1Ud
IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAFFo8ZYTDlmwKFWEYibi1C2ZBF73ZCQPVf/w8ihsu
-ZGCNiqNHVcdj0eSrFXbW04KE1hkFCPXH8q3T3jID97y2Q1rn/Z57tZ3JugpafwjP
-FfWhUIkp+0myeGAwKDYsgbIK4Oyn2Z/+9zgvtm9auymypcwjCVz4AAU6Uz83QV18
-3fxpADqR5cRCsArbkCrN9pkurgS3bd/ocZt/W294TZt4gwFA4fz64/D+WvOuqTCe
-2rqebqrgpZjR8CSWxzfEPl0bsf9doY9/13jHDcbOIONzFbAjJBLg1/Cz+LLAx+lT
-DtezpqJUBnbACTEXc0IH6CX9bREdH00qHwZSaF/mZsJqzw==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEArnBaFPn7xsVeGZIYXvxtepyQNC/UfkLPiIA8ZZb3
+TrcmxapsbKAxUXutkkKcFn5cGvcL0Yq2QfrRofyGbzIViKiyaaY4KhZXVdi+j276
+S+ahK9tNZAwIdjE37MRtKzpioi6aDSlXlTp25LJjkAdyBPRZbr6UABMNE5n4l98W
+tXAy2J+EBz2dvodQMz5OrlHxEjOWxNXR382/6/Ugo0w2nr3TXn9WBekkZXdZZcBT
+xFlfPrM3QYn09Er/bJf28UkJnKKpzxcnMS7bBFL5GKVnbNINEir/MyaDIB4Ogeik
+tpP50KO2SKFaPrfwzbf+Zm4HmbBu5qYrk3vevEFeDdMiZQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem
index 783155a9..97f88a7d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 07:a9:44:44:fc:dc:51:bc:be:74:cf:5a:7e:ee:42:62:ab:9d:
- 46:7f:5a:fe:01:f5:2e:3b:ba:60:91:84:96:61:ee:73:33:57:
- f3:bc:26:0c:87:66:e5:f0:c2:ea:27:bc:17:d2:2e:16:70:6a:
- 6c:24:e2:a9:8e:75:12:58:0f:a0:1c:98:18:6a:71:42:4b:d4:
- 57:61:8e:e4:13:45:4b:93:e1:dc:7a:82:df:32:9f:de:7d:e4:
- 79:2f:6f:39:75:ed:f3:b5:5d:ce:e7:d3:3f:b0:8c:43:81:bf:
- 65:d5:52:95:a8:d2:ed:69:21:af:db:10:2d:51:5f:8b:48:0a:
- 70:92:d2:63:7e:a7:ba:7c:2c:b3:1c:93:da:3d:bd:20:fc:47:
- 24:12:43:a6:24:ed:6f:43:3c:a5:8a:50:7e:9c:bd:ec:92:5f:
- 62:f5:e2:d6:70:78:bf:47:70:ff:c6:81:12:e1:2a:4f:3f:e3:
- 2f:ee:9a:63:96:dc:a8:2c:3c:da:de:60:07:66:a5:cf:c7:93:
- eb:9c:62:28:2e:d4:fa:b6:04:94:a2:7e:06:74:b0:27:c8:55:
- e6:7d:e3:a3:c8:17:d0:6e:10:3e:b8:7a:8d:7e:a8:a1:0e:a2:
- de:58:4c:04:4e:d8:9e:43:56:0b:31:2e:9f:62:3e:9d:a8:cb:
- 68:16:f9:69
+ 91:9a:e9:78:f5:c5:e1:87:94:b2:37:cb:fd:36:af:25:ad:9d:
+ 00:33:93:3c:ea:29:04:75:9f:a0:b8:4a:d8:68:3d:9e:94:6b:
+ ac:6e:51:6b:83:92:48:c1:c8:c8:01:48:d9:ac:e5:85:35:4c:
+ 43:c2:66:a3:3b:9c:97:71:ea:89:91:38:48:ab:d5:c5:c5:fb:
+ 70:40:db:1e:03:9b:a8:fc:2c:93:d6:d1:fb:42:f2:64:7a:43:
+ 09:59:3e:ed:71:9e:9d:62:a8:04:c8:52:5a:fd:d2:24:34:2d:
+ 22:72:62:27:ca:fb:88:e2:b7:a9:14:b7:0a:89:9d:2d:4f:ea:
+ 03:fc:a1:20:d6:98:73:1d:7a:96:42:47:d3:0c:7e:84:3d:1c:
+ f0:5b:90:6c:d0:2b:88:44:03:cc:a6:79:45:4f:bb:29:6b:73:
+ 47:ae:4f:70:b0:b4:b6:d1:c7:ec:8e:db:df:81:d9:67:57:67:
+ 82:3c:47:5f:92:1f:f0:58:61:9d:0b:9b:c4:4d:1f:4d:b7:d2:
+ 80:e6:f7:48:40:91:87:1c:b9:47:c8:68:24:30:a0:ba:ef:e8:
+ 7b:2e:33:85:3d:9c:d4:6b:7e:b1:1f:b7:c0:70:5d:77:49:73:
+ a2:f1:58:62:d6:a4:c9:37:d1:52:a4:d6:c6:9a:6e:a3:0c:f9:
+ 16:2a:f0:76
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHqURE/NxRvL50z1p+7kJi
-q51Gf1r+AfUuO7pgkYSWYe5zM1fzvCYMh2bl8MLqJ7wX0i4WcGpsJOKpjnUSWA+g
-HJgYanFCS9RXYY7kE0VLk+HceoLfMp/efeR5L285de3ztV3O59M/sIxDgb9l1VKV
-qNLtaSGv2xAtUV+LSApwktJjfqe6fCyzHJPaPb0g/EckEkOmJO1vQzylilB+nL3s
-kl9i9eLWcHi/R3D/xoES4SpPP+Mv7ppjltyoLDza3mAHZqXPx5PrnGIoLtT6tgSU
-on4GdLAnyFXmfeOjyBfQbhA+uHqNfqihDqLeWEwETtieQ1YLMS6fYj6dqMtoFvlp
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCRmul49cXhh5SyN8v9Nq8l
+rZ0AM5M86ikEdZ+guErYaD2elGusblFrg5JIwcjIAUjZrOWFNUxDwmajO5yXceqJ
+kThIq9XFxftwQNseA5uo/CyT1tH7QvJkekMJWT7tcZ6dYqgEyFJa/dIkNC0icmIn
+yvuI4repFLcKiZ0tT+oD/KEg1phzHXqWQkfTDH6EPRzwW5Bs0CuIRAPMpnlFT7sp
+a3NHrk9wsLS20cfsjtvfgdlnV2eCPEdfkh/wWGGdC5vETR9Nt9KA5vdIQJGHHLlH
+yGgkMKC67+h7LjOFPZzUa36xH7fAcF13SXOi8Vhi1qTJN9FSpNbGmm6jDPkWKvB2
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem
index 1bead141..9093f9ef 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:128
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 95:1a:fa:1a:2b:42:fd:9f:a3:10:f7:06:f5:51:20:3b:bd:e3:
- fe:04:fb:ac:7c:f9:5a:af:fc:46:f3:74:55:c8:5b:72:c0:2d:
- f9:e5:64:09:e2:82:e0:5f:19:a4:7e:02:47:7f:1d:6f:12:7c:
- 81:1c:68:3a:34:8b:f7:86:03:71:d1:8f:36:21:25:80:fb:60:
- 49:1b:27:b4:f1:a6:1e:bf:cb:8b:97:96:2a:76:1f:ee:3e:73:
- 13:9b:02:d4:6e:54:57:9b:fb:39:d7:fa:45:37:ba:dd:a8:d0:
- 58:c7:aa:9c:a0:ac:ef:eb:be:ff:5c:f0:10:6c:78:6b:ee:27:
- db:1e:0e:cf:91:d2:30:79:a9:8c:67:77:08:c0:72:f1:db:67:
- 7a:34:70:c3:17:88:19:f9:be:ef:1c:23:7d:2f:04:b9:bd:83:
- 1b:06:55:a1:c5:40:97:ff:71:50:10:6c:a2:d8:bc:7e:4e:4e:
- b6:42:74:7e:a6:23:54:1b:c5:01:29:40:8c:d9:8a:1f:b6:2d:
- 7c:8d:da:96:99:2a:05:63:11:ea:09:50:4b:f9:ea:8b:12:dc:
- a7:0f:78:e1:9c:16:24:83:74:36:ac:45:df:57:f6:21:ea:23:
- 80:88:a1:45:5c:11:d4:5b:87:2a:3d:fe:c0:eb:e4:c4:9b:34:
- 89:22:a7:ec
+ 95:df:c8:9f:0d:1a:2a:2b:8a:79:0c:c4:a9:05:4f:fc:a4:04:
+ d3:79:37:84:77:8d:17:db:d7:14:6b:1c:f5:f7:e8:04:6a:02:
+ ce:b3:63:39:f3:6e:9c:9d:0b:96:d1:dc:46:d0:3c:57:a1:19:
+ f9:aa:74:b0:16:15:18:91:c1:e9:9e:d6:52:b1:f0:d5:ac:0e:
+ cb:ca:06:e5:88:b1:4c:ad:af:a4:29:db:ce:ae:ce:d3:30:db:
+ 99:f3:2a:77:e7:64:cc:07:2a:f0:e5:a9:27:97:ea:d6:a6:59:
+ a5:0c:42:4f:02:a4:31:42:fc:9b:92:de:8b:52:d3:92:8c:fd:
+ 04:c2:d5:7b:80:bb:7a:90:ba:be:33:10:fd:07:d6:53:7f:b9:
+ 86:93:9f:1b:4c:66:75:d4:d1:0b:cd:10:76:23:0e:37:a2:d6:
+ c1:5f:91:2b:d0:14:c3:2f:e7:46:e4:e9:6d:2d:f0:05:e5:78:
+ 25:3c:7d:1d:1c:23:9a:cb:ba:30:c2:52:98:4e:16:ad:f4:30:
+ 22:4a:41:e5:1c:c7:da:b1:79:ed:cd:b2:c3:83:42:a6:26:6e:
+ ee:4f:9f:14:f7:6e:f2:e9:70:07:0b:c9:59:5a:8f:50:10:cf:
+ 09:77:a3:e1:96:47:e8:85:86:cd:8a:11:30:a0:72:05:11:50:
+ 7e:ee:0b:e6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex
LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -78,12 +78,12 @@ AAGjggEZMIIBFTAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgdQGA1Ud
IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
-DQYJKoZIhvcNAQELBQADggEBAJUa+horQv2foxD3BvVRIDu94/4E+6x8+Vqv/Ebz
-dFXIW3LALfnlZAniguBfGaR+Akd/HW8SfIEcaDo0i/eGA3HRjzYhJYD7YEkbJ7Tx
-ph6/y4uXlip2H+4+cxObAtRuVFeb+znX+kU3ut2o0FjHqpygrO/rvv9c8BBseGvu
-J9seDs+R0jB5qYxndwjAcvHbZ3o0cMMXiBn5vu8cI30vBLm9gxsGVaHFQJf/cVAQ
-bKLYvH5OTrZCdH6mI1QbxQEpQIzZih+2LXyN2paZKgVjEeoJUEv56osS3KcPeOGc
-FiSDdDasRd9X9iHqI4CIoUVcEdRbhyo9/sDr5MSbNIkip+w=
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
+DQYJKoZIhvcNAQELBQADggEBAJXfyJ8NGiorinkMxKkFT/ykBNN5N4R3jRfb1xRr
+HPX36ARqAs6zYznzbpydC5bR3EbQPFehGfmqdLAWFRiRweme1lKx8NWsDsvKBuWI
+sUytr6Qp286uztMw25nzKnfnZMwHKvDlqSeX6tamWaUMQk8CpDFC/JuS3otS05KM
+/QTC1XuAu3qQur4zEP0H1lN/uYaTnxtMZnXU0QvNEHYjDjei1sFfkSvQFMMv50bk
+6W0t8AXleCU8fR0cI5rLujDCUphOFq30MCJKQeUcx9qxee3NssODQqYmbu5PnxT3
+bvLpcAcLyVlaj1AQzwl3o+GWR+iFhs2KETCgcgURUH7uC+Y=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem
index a3ccac6e..bc868c38 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 46:b8:f0:73:85:69:12:f3:16:00:76:1b:2e:b1:28:20:ee:13:
- 54:66:28:82:62:b5:a8:ff:d8:7b:ed:6b:8a:9e:cb:28:58:df:
- db:be:7b:54:ce:22:74:45:ed:02:3d:f8:bf:77:90:1a:1b:cf:
- b3:5f:37:41:c3:ea:1a:24:b2:00:2e:28:ae:43:dd:c2:cd:d9:
- 51:05:43:04:bb:ea:37:82:b2:e1:23:0a:0c:4f:5b:0f:a7:bd:
- 4f:a1:c9:4f:6a:63:3e:58:81:0f:66:38:0a:c8:50:2f:f2:74:
- 7f:e6:5a:bc:ba:e4:02:6d:e4:8a:43:ab:d3:6c:4b:aa:cf:e8:
- 94:2b:8d:54:22:e1:51:87:fa:59:1d:6d:aa:d8:8a:e4:04:1a:
- 8d:42:2b:f0:12:6e:5f:77:cf:e5:6a:d3:a9:8e:be:72:bc:3a:
- 16:fa:82:81:f4:65:2d:fd:81:c9:96:f7:36:0f:11:1a:13:55:
- ae:97:d5:67:f3:e4:03:13:db:1a:0e:ea:5e:75:21:7f:f7:c9:
- 96:8d:c8:e9:94:90:79:19:7e:9a:c9:4f:d1:69:4f:8c:3c:88:
- 5d:97:61:f0:12:86:36:2e:b2:5a:c5:8b:79:35:5f:16:b1:d8:
- 9c:cc:ce:ba:b3:a4:92:0e:8f:5b:fb:27:96:fc:19:50:0c:28:
- 45:e0:e8:81
+ 65:49:39:85:07:68:20:fe:f9:28:cb:c8:ec:2a:c9:6b:2c:06:
+ da:1b:92:b0:d7:c4:5c:37:7b:a5:48:16:15:77:08:05:0a:55:
+ 2f:b7:f7:2b:ef:dd:dc:63:ab:04:f1:24:bf:ef:f4:73:43:1d:
+ 5d:2a:1a:69:f5:a9:e8:af:d2:56:77:79:c0:46:07:95:b6:af:
+ b3:cb:2e:6b:6b:ed:99:29:cd:cc:4d:f4:f9:e6:25:1f:5b:e3:
+ a0:82:a9:5b:c3:73:6c:9a:c4:0b:5a:80:8a:16:5d:32:99:5d:
+ c2:85:ab:bb:94:f7:54:62:f4:8e:d5:7f:dd:ff:84:50:de:55:
+ e2:0d:67:52:32:5e:48:e0:36:b3:aa:a5:d6:57:35:cb:7a:2b:
+ d3:4e:42:75:15:56:f2:2f:45:9c:99:c5:4c:e7:2d:45:6e:86:
+ 2f:4b:84:bf:49:1d:b2:fb:85:53:0a:99:28:fd:7a:3f:e8:b4:
+ a5:b9:6c:c2:55:cd:f3:82:c0:a3:ef:85:ed:69:28:78:1d:81:
+ 0e:19:bd:a8:fb:a6:b7:ff:09:36:54:a6:44:96:cf:15:0c:45:
+ 7e:ba:9a:50:4d:14:82:dc:ba:c2:97:08:74:89:a7:ff:ed:52:
+ 89:ac:65:65:70:9a:8e:8a:43:86:46:a1:f8:23:96:e2:0a:65:
+ 3f:2d:94:35
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,12 +77,12 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBGuPBzhWkS8xYAdhsusSgg
-7hNUZiiCYrWo/9h77WuKnssoWN/bvntUziJ0Re0CPfi/d5AaG8+zXzdBw+oaJLIA
-LiiuQ93CzdlRBUMEu+o3grLhIwoMT1sPp71PoclPamM+WIEPZjgKyFAv8nR/5lq8
-uuQCbeSKQ6vTbEuqz+iUK41UIuFRh/pZHW2q2IrkBBqNQivwEm5fd8/latOpjr5y
-vDoW+oKB9GUt/YHJlvc2DxEaE1Wul9Vn8+QDE9saDupedSF/98mWjcjplJB5GX6a
-yU/RaU+MPIhdl2HwEoY2LrJaxYt5NV8WsdiczM66s6SSDo9b+yeW/BlQDChF4OiB
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlSTmFB2gg/vkoy8jsKslr
+LAbaG5Kw18RcN3ulSBYVdwgFClUvt/cr793cY6sE8SS/7/RzQx1dKhpp9anor9JW
+d3nARgeVtq+zyy5ra+2ZKc3MTfT55iUfW+Oggqlbw3NsmsQLWoCKFl0ymV3Chau7
+lPdUYvSO1X/d/4RQ3lXiDWdSMl5I4DazqqXWVzXLeivTTkJ1FVbyL0WcmcVM5y1F
+boYvS4S/SR2y+4VTCpko/Xo/6LSluWzCVc3zgsCj74XtaSh4HYEOGb2o+6a3/wk2
+VKZEls8VDEV+uppQTRSC3LrClwh0iaf/7VKJrGVlcJqOikOGRqH4I5biCmU/LZQ1
-----END CERTIFICATE-----
Certificate:
Data:
@@ -91,8 +91,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:128
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 95:1a:fa:1a:2b:42:fd:9f:a3:10:f7:06:f5:51:20:3b:bd:e3:
- fe:04:fb:ac:7c:f9:5a:af:fc:46:f3:74:55:c8:5b:72:c0:2d:
- f9:e5:64:09:e2:82:e0:5f:19:a4:7e:02:47:7f:1d:6f:12:7c:
- 81:1c:68:3a:34:8b:f7:86:03:71:d1:8f:36:21:25:80:fb:60:
- 49:1b:27:b4:f1:a6:1e:bf:cb:8b:97:96:2a:76:1f:ee:3e:73:
- 13:9b:02:d4:6e:54:57:9b:fb:39:d7:fa:45:37:ba:dd:a8:d0:
- 58:c7:aa:9c:a0:ac:ef:eb:be:ff:5c:f0:10:6c:78:6b:ee:27:
- db:1e:0e:cf:91:d2:30:79:a9:8c:67:77:08:c0:72:f1:db:67:
- 7a:34:70:c3:17:88:19:f9:be:ef:1c:23:7d:2f:04:b9:bd:83:
- 1b:06:55:a1:c5:40:97:ff:71:50:10:6c:a2:d8:bc:7e:4e:4e:
- b6:42:74:7e:a6:23:54:1b:c5:01:29:40:8c:d9:8a:1f:b6:2d:
- 7c:8d:da:96:99:2a:05:63:11:ea:09:50:4b:f9:ea:8b:12:dc:
- a7:0f:78:e1:9c:16:24:83:74:36:ac:45:df:57:f6:21:ea:23:
- 80:88:a1:45:5c:11:d4:5b:87:2a:3d:fe:c0:eb:e4:c4:9b:34:
- 89:22:a7:ec
+ 95:df:c8:9f:0d:1a:2a:2b:8a:79:0c:c4:a9:05:4f:fc:a4:04:
+ d3:79:37:84:77:8d:17:db:d7:14:6b:1c:f5:f7:e8:04:6a:02:
+ ce:b3:63:39:f3:6e:9c:9d:0b:96:d1:dc:46:d0:3c:57:a1:19:
+ f9:aa:74:b0:16:15:18:91:c1:e9:9e:d6:52:b1:f0:d5:ac:0e:
+ cb:ca:06:e5:88:b1:4c:ad:af:a4:29:db:ce:ae:ce:d3:30:db:
+ 99:f3:2a:77:e7:64:cc:07:2a:f0:e5:a9:27:97:ea:d6:a6:59:
+ a5:0c:42:4f:02:a4:31:42:fc:9b:92:de:8b:52:d3:92:8c:fd:
+ 04:c2:d5:7b:80:bb:7a:90:ba:be:33:10:fd:07:d6:53:7f:b9:
+ 86:93:9f:1b:4c:66:75:d4:d1:0b:cd:10:76:23:0e:37:a2:d6:
+ c1:5f:91:2b:d0:14:c3:2f:e7:46:e4:e9:6d:2d:f0:05:e5:78:
+ 25:3c:7d:1d:1c:23:9a:cb:ba:30:c2:52:98:4e:16:ad:f4:30:
+ 22:4a:41:e5:1c:c7:da:b1:79:ed:cd:b2:c3:83:42:a6:26:6e:
+ ee:4f:9f:14:f7:6e:f2:e9:70:07:0b:c9:59:5a:8f:50:10:cf:
+ 09:77:a3:e1:96:47:e8:85:86:cd:8a:11:30:a0:72:05:11:50:
+ 7e:ee:0b:e6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex
LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -164,12 +164,12 @@ AAGjggEZMIIBFTAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgdQGA1Ud
IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
-DQYJKoZIhvcNAQELBQADggEBAJUa+horQv2foxD3BvVRIDu94/4E+6x8+Vqv/Ebz
-dFXIW3LALfnlZAniguBfGaR+Akd/HW8SfIEcaDo0i/eGA3HRjzYhJYD7YEkbJ7Tx
-ph6/y4uXlip2H+4+cxObAtRuVFeb+znX+kU3ut2o0FjHqpygrO/rvv9c8BBseGvu
-J9seDs+R0jB5qYxndwjAcvHbZ3o0cMMXiBn5vu8cI30vBLm9gxsGVaHFQJf/cVAQ
-bKLYvH5OTrZCdH6mI1QbxQEpQIzZih+2LXyN2paZKgVjEeoJUEv56osS3KcPeOGc
-FiSDdDasRd9X9iHqI4CIoUVcEdRbhyo9/sDr5MSbNIkip+w=
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
+DQYJKoZIhvcNAQELBQADggEBAJXfyJ8NGiorinkMxKkFT/ykBNN5N4R3jRfb1xRr
+HPX36ARqAs6zYznzbpydC5bR3EbQPFehGfmqdLAWFRiRweme1lKx8NWsDsvKBuWI
+sUytr6Qp286uztMw25nzKnfnZMwHKvDlqSeX6tamWaUMQk8CpDFC/JuS3otS05KM
+/QTC1XuAu3qQur4zEP0H1lN/uYaTnxtMZnXU0QvNEHYjDjei1sFfkSvQFMMv50bk
+6W0t8AXleCU8fR0cI5rLujDCUphOFq30MCJKQeUcx9qxee3NssODQqYmbu5PnxT3
+bvLpcAcLyVlaj1AQzwl3o+GWR+iFhs2KETCgcgURUH7uC+Y=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem
index f7b68d2d..aa46f00a 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 46:b8:f0:73:85:69:12:f3:16:00:76:1b:2e:b1:28:20:ee:13:
- 54:66:28:82:62:b5:a8:ff:d8:7b:ed:6b:8a:9e:cb:28:58:df:
- db:be:7b:54:ce:22:74:45:ed:02:3d:f8:bf:77:90:1a:1b:cf:
- b3:5f:37:41:c3:ea:1a:24:b2:00:2e:28:ae:43:dd:c2:cd:d9:
- 51:05:43:04:bb:ea:37:82:b2:e1:23:0a:0c:4f:5b:0f:a7:bd:
- 4f:a1:c9:4f:6a:63:3e:58:81:0f:66:38:0a:c8:50:2f:f2:74:
- 7f:e6:5a:bc:ba:e4:02:6d:e4:8a:43:ab:d3:6c:4b:aa:cf:e8:
- 94:2b:8d:54:22:e1:51:87:fa:59:1d:6d:aa:d8:8a:e4:04:1a:
- 8d:42:2b:f0:12:6e:5f:77:cf:e5:6a:d3:a9:8e:be:72:bc:3a:
- 16:fa:82:81:f4:65:2d:fd:81:c9:96:f7:36:0f:11:1a:13:55:
- ae:97:d5:67:f3:e4:03:13:db:1a:0e:ea:5e:75:21:7f:f7:c9:
- 96:8d:c8:e9:94:90:79:19:7e:9a:c9:4f:d1:69:4f:8c:3c:88:
- 5d:97:61:f0:12:86:36:2e:b2:5a:c5:8b:79:35:5f:16:b1:d8:
- 9c:cc:ce:ba:b3:a4:92:0e:8f:5b:fb:27:96:fc:19:50:0c:28:
- 45:e0:e8:81
+ 65:49:39:85:07:68:20:fe:f9:28:cb:c8:ec:2a:c9:6b:2c:06:
+ da:1b:92:b0:d7:c4:5c:37:7b:a5:48:16:15:77:08:05:0a:55:
+ 2f:b7:f7:2b:ef:dd:dc:63:ab:04:f1:24:bf:ef:f4:73:43:1d:
+ 5d:2a:1a:69:f5:a9:e8:af:d2:56:77:79:c0:46:07:95:b6:af:
+ b3:cb:2e:6b:6b:ed:99:29:cd:cc:4d:f4:f9:e6:25:1f:5b:e3:
+ a0:82:a9:5b:c3:73:6c:9a:c4:0b:5a:80:8a:16:5d:32:99:5d:
+ c2:85:ab:bb:94:f7:54:62:f4:8e:d5:7f:dd:ff:84:50:de:55:
+ e2:0d:67:52:32:5e:48:e0:36:b3:aa:a5:d6:57:35:cb:7a:2b:
+ d3:4e:42:75:15:56:f2:2f:45:9c:99:c5:4c:e7:2d:45:6e:86:
+ 2f:4b:84:bf:49:1d:b2:fb:85:53:0a:99:28:fd:7a:3f:e8:b4:
+ a5:b9:6c:c2:55:cd:f3:82:c0:a3:ef:85:ed:69:28:78:1d:81:
+ 0e:19:bd:a8:fb:a6:b7:ff:09:36:54:a6:44:96:cf:15:0c:45:
+ 7e:ba:9a:50:4d:14:82:dc:ba:c2:97:08:74:89:a7:ff:ed:52:
+ 89:ac:65:65:70:9a:8e:8a:43:86:46:a1:f8:23:96:e2:0a:65:
+ 3f:2d:94:35
-----BEGIN CERTIFICATE-----
MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBGuPBzhWkS8xYAdhsusSgg
-7hNUZiiCYrWo/9h77WuKnssoWN/bvntUziJ0Re0CPfi/d5AaG8+zXzdBw+oaJLIA
-LiiuQ93CzdlRBUMEu+o3grLhIwoMT1sPp71PoclPamM+WIEPZjgKyFAv8nR/5lq8
-uuQCbeSKQ6vTbEuqz+iUK41UIuFRh/pZHW2q2IrkBBqNQivwEm5fd8/latOpjr5y
-vDoW+oKB9GUt/YHJlvc2DxEaE1Wul9Vn8+QDE9saDupedSF/98mWjcjplJB5GX6a
-yU/RaU+MPIhdl2HwEoY2LrJaxYt5NV8WsdiczM66s6SSDo9b+yeW/BlQDChF4OiB
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlSTmFB2gg/vkoy8jsKslr
+LAbaG5Kw18RcN3ulSBYVdwgFClUvt/cr793cY6sE8SS/7/RzQx1dKhpp9anor9JW
+d3nARgeVtq+zyy5ra+2ZKc3MTfT55iUfW+Oggqlbw3NsmsQLWoCKFl0ymV3Chau7
+lPdUYvSO1X/d/4RQ3lXiDWdSMl5I4DazqqXWVzXLeivTTkJ1FVbyL0WcmcVM5y1F
+boYvS4S/SR2y+4VTCpko/Xo/6LSluWzCVc3zgsCj74XtaSh4HYEOGb2o+6a3/wk2
+VKZEls8VDEV+uppQTRSC3LrClwh0iaf/7VKJrGVlcJqOikOGRqH4I5biCmU/LZQ1
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem
index 930446b9..e2a14fe4 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 45:0e:29:8c:cb:ba:ea:b6:f9:ef:95:7b:e2:4d:e2:da:8a:4f:
- fe:3a:49:0b:6f:0a:db:64:31:8d:f7:0e:bb:31:16:30:29:d2:
- 3e:41:2f:c1:df:28:60:af:0f:2e:18:c4:b6:b0:3b:dd:d9:c5:
- bf:43:4b:71:e4:9e:97:26:01:ec:12:5e:75:fe:64:10:ac:76:
- 19:da:be:15:7d:cb:cd:18:da:1f:86:c2:f4:1e:aa:ae:ef:98:
- f1:7e:dc:95:51:f2:a8:b1:41:dc:b3:08:22:1f:96:21:5b:40:
- a8:01:d7:80:e9:fd:51:c0:51:0a:b2:15:7d:a0:64:8f:ee:4e:
- bf:13:a9:3d:aa:22:05:2a:e8:11:ee:db:0d:72:98:e2:07:2c:
- 06:be:88:7c:3a:49:c7:18:1a:ae:c1:4f:c4:b9:c8:37:d9:20:
- f8:df:cf:b9:7f:68:44:35:36:70:44:05:87:29:99:37:55:b0:
- f1:de:3b:e1:e9:d8:ef:79:79:43:41:c6:5b:58:51:78:6c:13:
- 0c:bb:f6:31:4a:b4:c4:23:c1:67:99:a7:9e:8c:0c:fa:4b:ad:
- 7b:f0:12:3c:3e:ac:fa:ee:7a:f6:4a:a2:da:ac:50:50:46:bb:
- 37:03:94:c3:dd:01:4a:ac:05:6b:9c:03:cf:b2:43:be:52:25:
- 1b:af:d7:f9
+ b3:d8:4b:f8:59:d5:7a:95:55:af:eb:07:0c:ac:db:b5:cc:b8:
+ aa:0d:81:1b:31:d4:0f:8a:ef:da:28:0e:52:f1:8b:25:54:47:
+ 11:d8:62:a2:5b:5e:d5:fb:6d:b5:57:b4:a3:b6:d2:e0:e1:50:
+ 8b:e1:7e:cd:3b:48:54:4b:55:48:18:12:fe:55:3b:1e:e2:b8:
+ 34:b2:77:f7:21:05:9f:32:43:34:db:e4:d4:e3:d2:74:98:3e:
+ 1f:39:97:ef:e3:89:d9:e2:c0:77:f9:d4:74:a5:13:c0:ce:9e:
+ 3e:42:bc:0d:44:73:c5:76:47:81:dc:40:f4:06:bf:29:66:51:
+ 7b:41:c5:35:73:fe:5c:7a:9c:bf:4c:19:c5:2b:7b:02:1f:45:
+ 66:0c:64:01:29:77:a8:a2:ef:ba:61:19:27:a1:56:41:a6:73:
+ 5d:9f:39:86:38:e9:0a:31:23:55:f1:02:54:ce:96:18:32:ae:
+ 22:03:1d:fb:cb:90:45:54:8f:d2:29:17:9d:44:65:68:8c:d2:
+ 25:df:a8:c2:29:1e:66:2c:c4:57:a1:ab:93:c7:34:a2:e3:94:
+ bd:dc:8f:51:d2:08:a6:3c:63:c9:c1:ee:90:de:39:92:fc:5e:
+ 85:d4:f9:f0:b8:6e:09:30:0c:25:ce:c8:86:c1:75:5d:e8:e8:
+ 90:90:ad:0d
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAEUOKYzLuuq2+e+Ve+JN4tqKT/46SQtvCttkMY33DrsxFjAp0j5B
-L8HfKGCvDy4YxLawO93Zxb9DS3HknpcmAewSXnX+ZBCsdhnavhV9y80Y2h+GwvQe
-qq7vmPF+3JVR8qixQdyzCCIfliFbQKgB14Dp/VHAUQqyFX2gZI/uTr8TqT2qIgUq
-6BHu2w1ymOIHLAa+iHw6SccYGq7BT8S5yDfZIPjfz7l/aEQ1NnBEBYcpmTdVsPHe
-O+Hp2O95eUNBxltYUXhsEwy79jFKtMQjwWeZp56MDPpLrXvwEjw+rPruevZKotqs
-UFBGuzcDlMPdAUqsBWucA8+yQ75SJRuv1/k=
+AQELBQADggEBALPYS/hZ1XqVVa/rBwys27XMuKoNgRsx1A+K79ooDlLxiyVURxHY
+YqJbXtX7bbVXtKO20uDhUIvhfs07SFRLVUgYEv5VOx7iuDSyd/chBZ8yQzTb5NTj
+0nSYPh85l+/jidniwHf51HSlE8DOnj5CvA1Ec8V2R4HcQPQGvylmUXtBxTVz/lx6
+nL9MGcUrewIfRWYMZAEpd6ii77phGSehVkGmc12fOYY46QoxI1XxAlTOlhgyriID
+HfvLkEVUj9IpF51EZWiM0iXfqMIpHmYsxFehq5PHNKLjlL3cj1HSCKY8Y8nB7pDe
+OZL8XoXU+fC4bgkwDCXOyIbBdV3o6JCQrQ0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem
index 350df301..09e2a423 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:0
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0d:51:ba:f9:87:88:e3:72:cd:79:15:4e:21:bb:c7:cd:6a:fd:
- f3:1c:be:00:22:69:72:27:15:2a:43:ee:7b:3e:db:80:6b:61:
- de:65:74:30:07:73:fd:82:ea:b8:b8:d1:66:08:ed:c6:87:0f:
- 46:14:a9:57:dc:26:7b:cb:da:9b:bb:a2:0d:30:d8:94:ca:b8:
- ae:9d:2b:e6:14:dc:63:9f:fb:6c:be:69:d9:2e:84:a0:05:1c:
- b8:55:60:25:34:fb:ac:1e:3b:f5:55:14:8f:dc:65:79:51:b6:
- 8f:61:08:6c:90:bf:39:a2:51:b2:43:27:db:8b:4e:9a:7b:a1:
- 31:16:70:32:b9:c5:02:fe:8a:de:4c:76:5b:f9:50:0a:05:e2:
- 02:b6:dd:3a:2c:6d:d3:f9:81:1b:0e:7d:e4:41:6a:b3:81:80:
- 9c:f0:1e:f0:e3:d9:30:11:c8:23:79:b0:d7:c1:05:be:36:90:
- 08:78:c9:08:cd:63:b0:ec:df:4b:81:50:ab:42:c8:ee:86:d6:
- be:5b:ec:30:a6:60:d1:8d:0a:a5:d0:23:54:e6:c4:05:59:0e:
- 74:2f:1e:d5:3c:8f:da:8f:d2:00:20:12:b5:cf:f9:d9:11:18:
- 64:5d:6a:6e:37:48:58:cd:d7:48:f9:5d:6f:bb:33:d9:6f:fd:
- 10:1a:18:31
+ 9b:28:44:f3:e9:c3:e9:38:03:1a:19:ac:80:f8:ef:e8:a6:3e:
+ 83:80:71:30:48:6c:8e:28:10:f8:84:d3:12:0b:35:fc:f3:51:
+ 87:9b:ef:48:9a:fd:5b:ca:b2:4e:61:94:ae:5b:a7:a7:36:2e:
+ e2:da:83:19:82:e4:cb:70:5d:c5:1a:de:4c:b6:be:c6:6e:d9:
+ f8:6c:6e:64:b4:96:7f:18:ba:b5:54:f1:8a:6f:75:27:e3:51:
+ 98:50:f7:92:ff:a3:e8:65:ae:62:ab:7f:94:7c:e3:f9:3a:f5:
+ 6d:9a:d7:98:6a:3b:5a:b3:1f:73:92:ad:f2:6b:7e:e5:10:ee:
+ 3d:5a:73:28:18:0f:5c:e0:99:6f:1e:5f:61:da:e1:a4:d4:a1:
+ e7:69:b1:e0:9b:ba:e9:1b:6d:60:e2:b5:c6:9e:19:9f:21:d4:
+ d6:2f:da:56:15:d8:4f:b5:82:b2:62:83:a0:cd:70:05:2c:21:
+ 61:6d:92:9a:91:fa:16:4e:0c:e1:4a:72:6f:ad:41:d1:d4:ed:
+ 45:4d:07:8c:cf:79:9e:e5:95:3b:d6:27:cc:7d:f5:44:1d:6f:
+ 90:4b:ef:0d:f5:7f:4a:3e:87:82:ad:db:01:40:42:85:4a:b0:
+ 85:9b:cd:6b:0b:c3:a2:5e:48:c9:21:47:9d:f1:b0:2d:bc:5e:
+ d1:5f:a2:f5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey
LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAA1RuvmHiONyzXkVTiG7x81q/fMcvgAiaXInFSpD7ns+
-24BrYd5ldDAHc/2C6ri40WYI7caHD0YUqVfcJnvL2pu7og0w2JTKuK6dK+YU3GOf
-+2y+adkuhKAFHLhVYCU0+6weO/VVFI/cZXlRto9hCGyQvzmiUbJDJ9uLTpp7oTEW
-cDK5xQL+it5Mdlv5UAoF4gK23TosbdP5gRsOfeRBarOBgJzwHvDj2TARyCN5sNfB
-Bb42kAh4yQjNY7Ds30uBUKtCyO6G1r5b7DCmYNGNCqXQI1TmxAVZDnQvHtU8j9qP
-0gAgErXP+dkRGGRdam43SFjN10j5XW+7M9lv/RAaGDE=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAJsoRPPpw+k4AxoZrID47+imPoOAcTBIbI4oEPiE0xIL
+NfzzUYeb70ia/VvKsk5hlK5bp6c2LuLagxmC5MtwXcUa3ky2vsZu2fhsbmS0ln8Y
+urVU8YpvdSfjUZhQ95L/o+hlrmKrf5R84/k69W2a15hqO1qzH3OSrfJrfuUQ7j1a
+cygYD1zgmW8eX2Ha4aTUoedpseCbuukbbWDitcaeGZ8h1NYv2lYV2E+1grJig6DN
+cAUsIWFtkpqR+hZODOFKcm+tQdHU7UVNB4zPeZ7llTvWJ8x99UQdb5BL7w31f0o+
+h4Kt2wFAQoVKsIWbzWsLw6JeSMkhR53xsC28XtFfovU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem
index 284ba4d4..aae43d35 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 16:f8:bf:80:31:00:65:e5:68:87:29:25:68:df:90:8c:7e:92:
- 58:74:92:76:b3:b8:3b:16:ce:a6:8d:c1:98:6a:5c:2f:80:50:
- 35:fc:d9:bf:3d:71:ae:9e:ed:35:65:a9:b5:21:2a:95:14:18:
- 1c:79:d2:a9:2f:30:ec:3d:71:ce:61:9b:80:c3:14:ad:a4:ed:
- a2:a0:74:79:b8:70:ec:ac:62:b1:8c:f4:9c:cb:1c:02:23:fc:
- 28:51:34:dc:da:ab:3a:bb:de:03:6f:79:3e:44:b2:0c:7e:bc:
- 47:4f:8d:f4:4a:be:17:a1:27:4e:a5:e2:45:bd:5b:e0:4d:1a:
- 6d:f6:fb:c2:5c:6d:01:66:fa:e0:00:49:e2:13:96:ef:9d:30:
- 44:d2:ee:26:a7:d9:48:a6:1e:92:5d:ed:b1:40:8d:88:e5:73:
- 4c:7f:a7:a7:e0:a3:45:29:5f:36:d7:72:9c:b6:25:d2:b8:db:
- 5c:43:1e:ba:65:bf:e7:93:b7:e6:df:c4:a1:ff:b9:03:96:81:
- 9e:ae:8c:88:73:2d:27:8a:e9:32:a2:c5:43:f0:96:e5:83:a0:
- df:f6:1b:03:40:a5:14:2d:67:1f:43:c3:ee:cd:64:58:0f:9c:
- 4d:21:3d:6e:32:30:ea:0e:c4:8c:0e:67:31:15:45:9d:b2:50:
- a6:1b:57:c3
+ a3:86:46:c1:10:c2:92:fe:7d:9d:ce:49:ed:8c:bd:65:74:5e:
+ b7:19:53:d8:79:84:ca:f3:f3:e7:30:b7:b9:e1:61:b1:f3:77:
+ 95:14:7b:fd:fe:d9:d0:eb:aa:05:30:d2:71:dc:fa:03:ea:08:
+ e2:c9:07:ec:bf:f6:41:1f:d3:39:a4:1b:7b:23:c7:a1:a7:fd:
+ c0:f6:0e:07:94:91:0e:b7:8e:92:40:05:fc:09:2e:c5:ba:46:
+ ce:94:e5:3e:09:04:e9:b7:c3:52:3e:2d:c1:01:11:d8:2f:b6:
+ 10:1f:2d:3b:b1:1d:b0:c5:11:92:66:4d:52:2a:4e:d1:29:d3:
+ 4f:fd:0d:2e:4a:60:ed:35:8c:02:91:35:77:3d:21:a5:03:3d:
+ d2:bc:4e:68:0e:f6:4d:f7:87:a4:85:e5:51:33:38:b7:1f:4c:
+ 07:85:30:13:32:d9:d9:42:4f:ef:5f:a3:26:e0:60:79:c0:8a:
+ 7b:00:8b:9f:18:4b:8e:b3:9e:3f:6b:69:70:03:4c:43:21:1a:
+ 4d:80:04:48:a2:a0:ae:99:61:a8:84:35:35:99:c7:24:81:d8:
+ 55:95:6b:93:dd:eb:e7:04:de:9f:d4:b9:82:4e:bd:a7:c7:c7:
+ 80:5f:c4:78:d8:7b:65:4f:58:8e:d0:17:c8:90:1a:1c:8d:54:
+ 1c:3d:d5:f4
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBABb4v4Ax
-AGXlaIcpJWjfkIx+klh0knazuDsWzqaNwZhqXC+AUDX82b89ca6e7TVlqbUhKpUU
-GBx50qkvMOw9cc5hm4DDFK2k7aKgdHm4cOysYrGM9JzLHAIj/ChRNNzaqzq73gNv
-eT5Esgx+vEdPjfRKvhehJ06l4kW9W+BNGm32+8JcbQFm+uAASeITlu+dMETS7ian
-2UimHpJd7bFAjYjlc0x/p6fgo0UpXzbXcpy2JdK421xDHrplv+eTt+bfxKH/uQOW
-gZ6ujIhzLSeK6TKixUPwluWDoN/2GwNApRQtZx9Dw+7NZFgPnE0hPW4yMOoOxIwO
-ZzEVRZ2yUKYbV8M=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKOGRsEQ
+wpL+fZ3OSe2MvWV0XrcZU9h5hMrz8+cwt7nhYbHzd5UUe/3+2dDrqgUw0nHc+gPq
+COLJB+y/9kEf0zmkG3sjx6Gn/cD2DgeUkQ63jpJABfwJLsW6Rs6U5T4JBOm3w1I+
+LcEBEdgvthAfLTuxHbDFEZJmTVIqTtEp00/9DS5KYO01jAKRNXc9IaUDPdK8TmgO
+9k33h6SF5VEzOLcfTAeFMBMy2dlCT+9foybgYHnAinsAi58YS46znj9raXADTEMh
+Gk2ABEiioK6ZYaiENTWZxySB2FWVa5Pd6+cE3p/UuYJOvafHx4BfxHjYe2VPWI7Q
+F8iQGhyNVBw91fQ=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -92,8 +92,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 45:0e:29:8c:cb:ba:ea:b6:f9:ef:95:7b:e2:4d:e2:da:8a:4f:
- fe:3a:49:0b:6f:0a:db:64:31:8d:f7:0e:bb:31:16:30:29:d2:
- 3e:41:2f:c1:df:28:60:af:0f:2e:18:c4:b6:b0:3b:dd:d9:c5:
- bf:43:4b:71:e4:9e:97:26:01:ec:12:5e:75:fe:64:10:ac:76:
- 19:da:be:15:7d:cb:cd:18:da:1f:86:c2:f4:1e:aa:ae:ef:98:
- f1:7e:dc:95:51:f2:a8:b1:41:dc:b3:08:22:1f:96:21:5b:40:
- a8:01:d7:80:e9:fd:51:c0:51:0a:b2:15:7d:a0:64:8f:ee:4e:
- bf:13:a9:3d:aa:22:05:2a:e8:11:ee:db:0d:72:98:e2:07:2c:
- 06:be:88:7c:3a:49:c7:18:1a:ae:c1:4f:c4:b9:c8:37:d9:20:
- f8:df:cf:b9:7f:68:44:35:36:70:44:05:87:29:99:37:55:b0:
- f1:de:3b:e1:e9:d8:ef:79:79:43:41:c6:5b:58:51:78:6c:13:
- 0c:bb:f6:31:4a:b4:c4:23:c1:67:99:a7:9e:8c:0c:fa:4b:ad:
- 7b:f0:12:3c:3e:ac:fa:ee:7a:f6:4a:a2:da:ac:50:50:46:bb:
- 37:03:94:c3:dd:01:4a:ac:05:6b:9c:03:cf:b2:43:be:52:25:
- 1b:af:d7:f9
+ b3:d8:4b:f8:59:d5:7a:95:55:af:eb:07:0c:ac:db:b5:cc:b8:
+ aa:0d:81:1b:31:d4:0f:8a:ef:da:28:0e:52:f1:8b:25:54:47:
+ 11:d8:62:a2:5b:5e:d5:fb:6d:b5:57:b4:a3:b6:d2:e0:e1:50:
+ 8b:e1:7e:cd:3b:48:54:4b:55:48:18:12:fe:55:3b:1e:e2:b8:
+ 34:b2:77:f7:21:05:9f:32:43:34:db:e4:d4:e3:d2:74:98:3e:
+ 1f:39:97:ef:e3:89:d9:e2:c0:77:f9:d4:74:a5:13:c0:ce:9e:
+ 3e:42:bc:0d:44:73:c5:76:47:81:dc:40:f4:06:bf:29:66:51:
+ 7b:41:c5:35:73:fe:5c:7a:9c:bf:4c:19:c5:2b:7b:02:1f:45:
+ 66:0c:64:01:29:77:a8:a2:ef:ba:61:19:27:a1:56:41:a6:73:
+ 5d:9f:39:86:38:e9:0a:31:23:55:f1:02:54:ce:96:18:32:ae:
+ 22:03:1d:fb:cb:90:45:54:8f:d2:29:17:9d:44:65:68:8c:d2:
+ 25:df:a8:c2:29:1e:66:2c:c4:57:a1:ab:93:c7:34:a2:e3:94:
+ bd:dc:8f:51:d2:08:a6:3c:63:c9:c1:ee:90:de:39:92:fc:5e:
+ 85:d4:f9:f0:b8:6e:09:30:0c:25:ce:c8:86:c1:75:5d:e8:e8:
+ 90:90:ad:0d
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAEUOKYzLuuq2+e+Ve+JN4tqKT/46SQtvCttkMY33DrsxFjAp0j5B
-L8HfKGCvDy4YxLawO93Zxb9DS3HknpcmAewSXnX+ZBCsdhnavhV9y80Y2h+GwvQe
-qq7vmPF+3JVR8qixQdyzCCIfliFbQKgB14Dp/VHAUQqyFX2gZI/uTr8TqT2qIgUq
-6BHu2w1ymOIHLAa+iHw6SccYGq7BT8S5yDfZIPjfz7l/aEQ1NnBEBYcpmTdVsPHe
-O+Hp2O95eUNBxltYUXhsEwy79jFKtMQjwWeZp56MDPpLrXvwEjw+rPruevZKotqs
-UFBGuzcDlMPdAUqsBWucA8+yQ75SJRuv1/k=
+AQELBQADggEBALPYS/hZ1XqVVa/rBwys27XMuKoNgRsx1A+K79ooDlLxiyVURxHY
+YqJbXtX7bbVXtKO20uDhUIvhfs07SFRLVUgYEv5VOx7iuDSyd/chBZ8yQzTb5NTj
+0nSYPh85l+/jidniwHf51HSlE8DOnj5CvA1Ec8V2R4HcQPQGvylmUXtBxTVz/lx6
+nL9MGcUrewIfRWYMZAEpd6ii77phGSehVkGmc12fOYY46QoxI1XxAlTOlhgyriID
+HfvLkEVUj9IpF51EZWiM0iXfqMIpHmYsxFehq5PHNKLjlL3cj1HSCKY8Y8nB7pDe
+OZL8XoXU+fC4bgkwDCXOyIbBdV3o6JCQrQ0=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -181,8 +181,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -213,34 +213,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:0
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0d:51:ba:f9:87:88:e3:72:cd:79:15:4e:21:bb:c7:cd:6a:fd:
- f3:1c:be:00:22:69:72:27:15:2a:43:ee:7b:3e:db:80:6b:61:
- de:65:74:30:07:73:fd:82:ea:b8:b8:d1:66:08:ed:c6:87:0f:
- 46:14:a9:57:dc:26:7b:cb:da:9b:bb:a2:0d:30:d8:94:ca:b8:
- ae:9d:2b:e6:14:dc:63:9f:fb:6c:be:69:d9:2e:84:a0:05:1c:
- b8:55:60:25:34:fb:ac:1e:3b:f5:55:14:8f:dc:65:79:51:b6:
- 8f:61:08:6c:90:bf:39:a2:51:b2:43:27:db:8b:4e:9a:7b:a1:
- 31:16:70:32:b9:c5:02:fe:8a:de:4c:76:5b:f9:50:0a:05:e2:
- 02:b6:dd:3a:2c:6d:d3:f9:81:1b:0e:7d:e4:41:6a:b3:81:80:
- 9c:f0:1e:f0:e3:d9:30:11:c8:23:79:b0:d7:c1:05:be:36:90:
- 08:78:c9:08:cd:63:b0:ec:df:4b:81:50:ab:42:c8:ee:86:d6:
- be:5b:ec:30:a6:60:d1:8d:0a:a5:d0:23:54:e6:c4:05:59:0e:
- 74:2f:1e:d5:3c:8f:da:8f:d2:00:20:12:b5:cf:f9:d9:11:18:
- 64:5d:6a:6e:37:48:58:cd:d7:48:f9:5d:6f:bb:33:d9:6f:fd:
- 10:1a:18:31
+ 9b:28:44:f3:e9:c3:e9:38:03:1a:19:ac:80:f8:ef:e8:a6:3e:
+ 83:80:71:30:48:6c:8e:28:10:f8:84:d3:12:0b:35:fc:f3:51:
+ 87:9b:ef:48:9a:fd:5b:ca:b2:4e:61:94:ae:5b:a7:a7:36:2e:
+ e2:da:83:19:82:e4:cb:70:5d:c5:1a:de:4c:b6:be:c6:6e:d9:
+ f8:6c:6e:64:b4:96:7f:18:ba:b5:54:f1:8a:6f:75:27:e3:51:
+ 98:50:f7:92:ff:a3:e8:65:ae:62:ab:7f:94:7c:e3:f9:3a:f5:
+ 6d:9a:d7:98:6a:3b:5a:b3:1f:73:92:ad:f2:6b:7e:e5:10:ee:
+ 3d:5a:73:28:18:0f:5c:e0:99:6f:1e:5f:61:da:e1:a4:d4:a1:
+ e7:69:b1:e0:9b:ba:e9:1b:6d:60:e2:b5:c6:9e:19:9f:21:d4:
+ d6:2f:da:56:15:d8:4f:b5:82:b2:62:83:a0:cd:70:05:2c:21:
+ 61:6d:92:9a:91:fa:16:4e:0c:e1:4a:72:6f:ad:41:d1:d4:ed:
+ 45:4d:07:8c:cf:79:9e:e5:95:3b:d6:27:cc:7d:f5:44:1d:6f:
+ 90:4b:ef:0d:f5:7f:4a:3e:87:82:ad:db:01:40:42:85:4a:b0:
+ 85:9b:cd:6b:0b:c3:a2:5e:48:c9:21:47:9d:f1:b0:2d:bc:5e:
+ d1:5f:a2:f5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey
LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -254,12 +254,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAA1RuvmHiONyzXkVTiG7x81q/fMcvgAiaXInFSpD7ns+
-24BrYd5ldDAHc/2C6ri40WYI7caHD0YUqVfcJnvL2pu7og0w2JTKuK6dK+YU3GOf
-+2y+adkuhKAFHLhVYCU0+6weO/VVFI/cZXlRto9hCGyQvzmiUbJDJ9uLTpp7oTEW
-cDK5xQL+it5Mdlv5UAoF4gK23TosbdP5gRsOfeRBarOBgJzwHvDj2TARyCN5sNfB
-Bb42kAh4yQjNY7Ds30uBUKtCyO6G1r5b7DCmYNGNCqXQI1TmxAVZDnQvHtU8j9qP
-0gAgErXP+dkRGGRdam43SFjN10j5XW+7M9lv/RAaGDE=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAJsoRPPpw+k4AxoZrID47+imPoOAcTBIbI4oEPiE0xIL
+NfzzUYeb70ia/VvKsk5hlK5bp6c2LuLagxmC5MtwXcUa3ky2vsZu2fhsbmS0ln8Y
+urVU8YpvdSfjUZhQ95L/o+hlrmKrf5R84/k69W2a15hqO1qzH3OSrfJrfuUQ7j1a
+cygYD1zgmW8eX2Ha4aTUoedpseCbuukbbWDitcaeGZ8h1NYv2lYV2E+1grJig6DN
+cAUsIWFtkpqR+hZODOFKcm+tQdHU7UVNB4zPeZ7llTvWJ8x99UQdb5BL7w31f0o+
+h4Kt2wFAQoVKsIWbzWsLw6JeSMkhR53xsC28XtFfovU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem
index 1aee2546..e63ff252 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 16:f8:bf:80:31:00:65:e5:68:87:29:25:68:df:90:8c:7e:92:
- 58:74:92:76:b3:b8:3b:16:ce:a6:8d:c1:98:6a:5c:2f:80:50:
- 35:fc:d9:bf:3d:71:ae:9e:ed:35:65:a9:b5:21:2a:95:14:18:
- 1c:79:d2:a9:2f:30:ec:3d:71:ce:61:9b:80:c3:14:ad:a4:ed:
- a2:a0:74:79:b8:70:ec:ac:62:b1:8c:f4:9c:cb:1c:02:23:fc:
- 28:51:34:dc:da:ab:3a:bb:de:03:6f:79:3e:44:b2:0c:7e:bc:
- 47:4f:8d:f4:4a:be:17:a1:27:4e:a5:e2:45:bd:5b:e0:4d:1a:
- 6d:f6:fb:c2:5c:6d:01:66:fa:e0:00:49:e2:13:96:ef:9d:30:
- 44:d2:ee:26:a7:d9:48:a6:1e:92:5d:ed:b1:40:8d:88:e5:73:
- 4c:7f:a7:a7:e0:a3:45:29:5f:36:d7:72:9c:b6:25:d2:b8:db:
- 5c:43:1e:ba:65:bf:e7:93:b7:e6:df:c4:a1:ff:b9:03:96:81:
- 9e:ae:8c:88:73:2d:27:8a:e9:32:a2:c5:43:f0:96:e5:83:a0:
- df:f6:1b:03:40:a5:14:2d:67:1f:43:c3:ee:cd:64:58:0f:9c:
- 4d:21:3d:6e:32:30:ea:0e:c4:8c:0e:67:31:15:45:9d:b2:50:
- a6:1b:57:c3
+ a3:86:46:c1:10:c2:92:fe:7d:9d:ce:49:ed:8c:bd:65:74:5e:
+ b7:19:53:d8:79:84:ca:f3:f3:e7:30:b7:b9:e1:61:b1:f3:77:
+ 95:14:7b:fd:fe:d9:d0:eb:aa:05:30:d2:71:dc:fa:03:ea:08:
+ e2:c9:07:ec:bf:f6:41:1f:d3:39:a4:1b:7b:23:c7:a1:a7:fd:
+ c0:f6:0e:07:94:91:0e:b7:8e:92:40:05:fc:09:2e:c5:ba:46:
+ ce:94:e5:3e:09:04:e9:b7:c3:52:3e:2d:c1:01:11:d8:2f:b6:
+ 10:1f:2d:3b:b1:1d:b0:c5:11:92:66:4d:52:2a:4e:d1:29:d3:
+ 4f:fd:0d:2e:4a:60:ed:35:8c:02:91:35:77:3d:21:a5:03:3d:
+ d2:bc:4e:68:0e:f6:4d:f7:87:a4:85:e5:51:33:38:b7:1f:4c:
+ 07:85:30:13:32:d9:d9:42:4f:ef:5f:a3:26:e0:60:79:c0:8a:
+ 7b:00:8b:9f:18:4b:8e:b3:9e:3f:6b:69:70:03:4c:43:21:1a:
+ 4d:80:04:48:a2:a0:ae:99:61:a8:84:35:35:99:c7:24:81:d8:
+ 55:95:6b:93:dd:eb:e7:04:de:9f:d4:b9:82:4e:bd:a7:c7:c7:
+ 80:5f:c4:78:d8:7b:65:4f:58:8e:d0:17:c8:90:1a:1c:8d:54:
+ 1c:3d:d5:f4
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBABb4v4Ax
-AGXlaIcpJWjfkIx+klh0knazuDsWzqaNwZhqXC+AUDX82b89ca6e7TVlqbUhKpUU
-GBx50qkvMOw9cc5hm4DDFK2k7aKgdHm4cOysYrGM9JzLHAIj/ChRNNzaqzq73gNv
-eT5Esgx+vEdPjfRKvhehJ06l4kW9W+BNGm32+8JcbQFm+uAASeITlu+dMETS7ian
-2UimHpJd7bFAjYjlc0x/p6fgo0UpXzbXcpy2JdK421xDHrplv+eTt+bfxKH/uQOW
-gZ6ujIhzLSeK6TKixUPwluWDoN/2GwNApRQtZx9Dw+7NZFgPnE0hPW4yMOoOxIwO
-ZzEVRZ2yUKYbV8M=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKOGRsEQ
+wpL+fZ3OSe2MvWV0XrcZU9h5hMrz8+cwt7nhYbHzd5UUe/3+2dDrqgUw0nHc+gPq
+COLJB+y/9kEf0zmkG3sjx6Gn/cD2DgeUkQ63jpJABfwJLsW6Rs6U5T4JBOm3w1I+
+LcEBEdgvthAfLTuxHbDFEZJmTVIqTtEp00/9DS5KYO01jAKRNXc9IaUDPdK8TmgO
+9k33h6SF5VEzOLcfTAeFMBMy2dlCT+9foybgYHnAinsAi58YS46znj9raXADTEMh
+Gk2ABEiioK6ZYaiENTWZxySB2FWVa5Pd6+cE3p/UuYJOvafHx4BfxHjYe2VPWI7Q
+F8iQGhyNVBw91fQ=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem
index e124afa8..29420ebe 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- a8:e1:75:09:71:57:28:d6:27:3a:92:89:0c:47:57:05:3a:92:
- 81:d3:23:00:92:fd:f3:77:24:60:67:af:86:ba:b2:17:1a:9f:
- 5e:3a:ee:ba:a3:fa:1f:76:69:b9:18:4d:89:97:ac:54:5a:9f:
- e2:ad:7a:37:d3:e1:35:fa:39:32:7f:d9:14:98:48:16:4d:99:
- e6:d5:61:0e:31:df:d1:a7:cd:c1:fd:6b:72:59:80:f7:8c:77:
- ef:45:c9:53:ed:b6:a4:73:06:1e:d3:d6:40:01:c8:c7:3c:48:
- 71:38:ac:66:a8:f6:e2:5f:75:87:a8:93:28:db:ef:3f:e2:c6:
- 2b:0d:ac:63:33:9c:1c:65:8d:9a:b2:3e:c8:2b:0d:3c:96:ef:
- b3:e2:4d:b8:fe:6d:8b:59:66:02:3f:f9:a8:0b:08:a3:30:a7:
- 9c:81:74:3d:88:cb:3f:f7:93:95:93:9f:38:53:ac:d9:a5:ae:
- 43:46:30:17:25:b1:cb:bf:2d:fe:df:32:17:ec:b0:54:33:c7:
- 1c:31:78:86:8c:fd:16:9e:0c:a4:71:3f:d0:a4:0e:26:90:39:
- 68:34:bf:34:f7:73:fb:7b:64:14:3f:b4:41:95:c2:da:16:dc:
- 20:a4:cc:3e:fa:64:dd:ce:d6:48:11:9d:ab:6b:a7:3e:c6:67:
- 1d:ac:f6:0b
+ 6e:12:75:fb:ac:2b:b3:b5:f3:f8:0c:2b:61:c3:22:c0:1f:16:
+ cf:36:8c:b2:fc:be:83:ad:81:3d:e9:4e:76:e3:85:db:34:b4:
+ b1:a6:ed:fe:82:ee:b2:7c:64:14:e4:1f:d6:fb:16:3e:36:d7:
+ a1:f3:99:99:7c:48:96:50:d0:e4:29:43:42:93:7c:8e:24:fc:
+ ba:6b:89:1c:1b:c8:39:d2:62:5e:7f:ac:0c:e8:7d:f4:90:94:
+ a3:dc:5d:d4:25:60:07:6f:97:6c:a1:4f:5a:ec:84:70:46:de:
+ 4d:74:a8:5c:48:32:94:6d:69:81:65:c6:c4:ef:3e:31:fc:40:
+ f5:5c:10:29:23:49:a7:ca:27:27:33:ed:3f:65:1a:95:f0:57:
+ 5a:32:19:b4:4d:66:c5:19:15:4b:a9:79:c9:fb:cd:02:57:04:
+ c2:33:6d:6c:85:67:14:16:7a:d2:32:a0:66:c4:b9:0d:43:bd:
+ 57:52:27:da:af:f1:df:68:27:74:b9:dd:d3:3c:ba:79:d0:46:
+ 2c:91:fc:1c:65:a4:3a:ea:82:25:c9:b1:2f:7d:78:85:62:1f:
+ a4:4c:69:fc:a3:95:c3:0a:ce:ed:10:24:ec:f7:17:bf:22:42:
+ 44:ac:0d:77:a1:3d:9d:d0:fb:03:1b:b7:79:8a:ba:6e:3c:a4:
+ 3e:1c:0a:54
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ
ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAqOF1CXFXKNYnOpKJDEdXBTqSgdMjAJL9
-83ckYGevhrqyFxqfXjruuqP6H3ZpuRhNiZesVFqf4q16N9PhNfo5Mn/ZFJhIFk2Z
-5tVhDjHf0afNwf1rclmA94x370XJU+22pHMGHtPWQAHIxzxIcTisZqj24l91h6iT
-KNvvP+LGKw2sYzOcHGWNmrI+yCsNPJbvs+JNuP5ti1lmAj/5qAsIozCnnIF0PYjL
-P/eTlZOfOFOs2aWuQ0YwFyWxy78t/t8yF+ywVDPHHDF4hoz9Fp4MpHE/0KQOJpA5
-aDS/NPdz+3tkFD+0QZXC2hbcIKTMPvpk3c7WSBGdq2unPsZnHaz2Cw==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAbhJ1+6wrs7Xz+AwrYcMiwB8WzzaMsvy+
+g62BPelOduOF2zS0sabt/oLusnxkFOQf1vsWPjbXofOZmXxIllDQ5ClDQpN8jiT8
+umuJHBvIOdJiXn+sDOh99JCUo9xd1CVgB2+XbKFPWuyEcEbeTXSoXEgylG1pgWXG
+xO8+MfxA9VwQKSNJp8onJzPtP2UalfBXWjIZtE1mxRkVS6l5yfvNAlcEwjNtbIVn
+FBZ60jKgZsS5DUO9V1In2q/x32gndLnd0zy6edBGLJH8HGWkOuqCJcmxL314hWIf
+pExp/KOVwwrO7RAk7PcXvyJCRKwNd6E9ndD7Axu3eYq6bjykPhwKVA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem
index d7875ac7..f7c7956e 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 56:b8:f2:49:b8:e6:65:25:db:46:5f:f4:72:40:14:a5:27:39:
- 27:28:9b:f9:cc:5a:02:7f:76:05:e7:18:45:1f:29:c6:cb:ce:
- 77:50:35:74:0c:95:ed:3a:7e:a0:87:8a:7d:8f:6f:2f:3c:5d:
- 03:86:da:c2:2c:b3:2f:6d:7b:af:a4:83:c7:f3:6e:5b:48:c3:
- d9:4a:e5:af:e1:86:e1:81:68:45:2e:fb:09:19:94:be:91:dd:
- 8f:f4:e7:94:fb:9e:54:4c:a7:c9:10:87:8d:f0:08:14:08:c9:
- d7:92:44:56:59:03:10:27:2c:fb:7e:24:01:8b:9f:cc:e0:6a:
- 31:5c:67:e3:96:88:f8:86:3f:ec:1e:bd:07:d2:fc:34:1d:ff:
- 8d:72:c1:2d:de:09:7f:e4:c4:dd:98:70:73:ed:84:a6:4f:f8:
- ec:a5:18:b6:0c:55:e2:a4:aa:0c:37:60:52:3d:76:f5:dd:ab:
- 0a:7c:fd:4d:81:a6:a9:c6:49:14:e7:51:00:f4:6a:d9:dc:15:
- ef:72:d1:79:c3:65:e2:e1:f5:23:c4:90:ba:4a:e2:01:d9:09:
- 83:e5:34:0f:c3:ea:03:cf:62:b9:bb:18:26:30:54:77:b1:a6:
- 63:99:35:0a:40:2b:df:2a:2c:3a:e0:0c:2c:f6:1b:6a:de:e2:
- 02:31:9d:c0
+ 50:65:9b:1d:8b:6a:ae:9b:d4:f1:ff:57:ac:51:48:fd:c8:9e:
+ 19:bb:b2:00:bf:54:ee:c8:d4:2f:eb:5b:ff:17:1e:7c:aa:1d:
+ d4:01:9f:e8:cb:c4:8c:e5:ee:99:04:33:e8:16:3a:fc:44:bd:
+ 56:a5:45:e7:e9:fb:88:25:11:4b:07:73:5d:37:21:47:47:9d:
+ f8:e0:89:e0:e4:c0:6a:f4:64:25:e7:b7:d9:47:53:ff:d5:6f:
+ f3:e4:8d:b2:33:f6:ce:46:5b:80:82:8f:05:18:f4:bc:90:5a:
+ af:4a:7f:9d:67:08:f7:41:27:05:c5:34:46:03:fc:14:2e:4e:
+ 81:f3:ca:3d:67:9e:a9:53:ec:5b:df:38:d4:b5:92:3d:55:94:
+ df:88:be:a1:e7:14:18:a2:9d:22:5d:10:69:f8:54:c3:a9:14:
+ ef:8e:af:e1:8a:f8:cd:6d:7e:26:30:2c:40:bc:50:49:e5:9f:
+ bc:8f:de:30:23:93:c4:25:b3:e6:fb:b5:64:82:57:41:ac:79:
+ 1e:58:9e:6c:67:dc:18:ed:c4:60:79:06:b1:ee:9f:4c:2c:a3:
+ 9c:61:d7:77:33:b5:64:50:65:88:33:a0:30:57:99:0f:a9:aa:
+ a7:b3:a8:0d:b1:c5:ce:5a:34:a8:31:47:e4:66:62:b2:11:0e:
+ b9:58:4f:06
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -80,10 +80,10 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ
ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVrjySbjmZSXbRl/0ckAUpSc5Jyib+cxa
-An92BecYRR8pxsvOd1A1dAyV7Tp+oIeKfY9vLzxdA4bawiyzL217r6SDx/NuW0jD
-2Urlr+GG4YFoRS77CRmUvpHdj/TnlPueVEynyRCHjfAIFAjJ15JEVlkDECcs+34k
-AYufzOBqMVxn45aI+IY/7B69B9L8NB3/jXLBLd4Jf+TE3Zhwc+2Epk/47KUYtgxV
-4qSqDDdgUj129d2rCnz9TYGmqcZJFOdRAPRq2dwV73LRecNl4uH1I8SQukriAdkJ
-g+U0D8PqA89iubsYJjBUd7GmY5k1CkAr3yosOuAMLPYbat7iAjGdwA==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAUGWbHYtqrpvU8f9XrFFI/cieGbuyAL9U
+7sjUL+tb/xcefKod1AGf6MvEjOXumQQz6BY6/ES9VqVF5+n7iCURSwdzXTchR0ed
++OCJ4OTAavRkJee32UdT/9Vv8+SNsjP2zkZbgIKPBRj0vJBar0p/nWcI90EnBcU0
+RgP8FC5OgfPKPWeeqVPsW9841LWSPVWU34i+oecUGKKdIl0QafhUw6kU746v4Yr4
+zW1+JjAsQLxQSeWfvI/eMCOTxCWz5vu1ZIJXQax5HliebGfcGO3EYHkGse6fTCyj
+nGHXdzO1ZFBliDOgMFeZD6mqp7OoDbHFzlo0qDFH5GZishEOuVhPBg==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem
index 717efde1..cbfb848d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 7b:72:02:a6:a9:ab:c5:08:f6:39:85:63:df:3a:b6:25:6f:94:
- 72:97:c9:64:e5:a8:c8:e9:e1:09:cd:ae:d2:95:7c:de:fb:8d:
- 64:b4:51:a4:86:af:a9:5d:50:37:e8:41:87:3a:8e:0c:77:6b:
- 35:0f:db:78:0e:92:bf:f9:ca:82:d5:d0:e9:27:71:6b:ac:02:
- 34:86:e2:c2:0b:b2:42:06:91:d3:f6:02:55:23:71:33:57:a9:
- 58:db:0d:1d:fe:d3:9b:ca:c4:c9:b8:6e:6f:32:cb:12:b8:9f:
- 6d:44:2b:fd:22:cf:8f:c0:53:f9:5a:b5:3a:e9:48:37:f3:0d:
- d8:77:5b:cb:1d:97:5b:a9:3b:b3:b9:b5:5e:c2:c0:d6:8d:66:
- f0:19:e9:4a:ca:e3:f0:93:f3:82:93:e7:7d:7f:21:51:4e:ef:
- ce:82:d7:52:91:dd:5f:74:ff:84:fe:0a:d9:c3:3d:9a:62:da:
- f4:c9:5b:fc:f8:60:db:d3:69:08:7c:09:fd:04:10:7b:48:b8:
- 9b:ed:eb:58:f1:1f:aa:87:a9:bf:60:f8:7a:df:96:b3:77:4b:
- 4d:db:b6:6f:34:b3:8d:4d:e3:a4:cd:01:b4:15:0f:8c:12:06:
- 96:e7:36:46:ac:7f:1f:ca:af:e4:2d:f8:90:ab:ce:6f:b1:b4:
- 9e:2f:5a:2a
+ 0b:ad:52:52:31:8c:12:70:07:6c:05:83:b3:84:cf:c2:64:da:
+ 43:d2:cc:6c:db:ef:a5:ae:9b:44:96:4e:fe:fd:b9:61:56:59:
+ e2:f2:52:c8:1b:52:2c:36:79:5d:6a:83:a1:c8:03:9a:7a:80:
+ 4f:ee:9d:48:87:f4:cb:9b:5e:84:c8:f8:b8:0c:77:e1:cb:40:
+ ac:28:eb:58:07:e4:06:a7:50:e2:44:48:bc:a3:2f:5d:f1:fa:
+ 0c:4d:1d:84:0a:57:e5:0c:b9:bb:41:b9:12:17:09:25:9f:99:
+ 02:6b:9e:83:fb:07:f8:3f:59:b2:04:62:b7:12:e7:61:8b:48:
+ a7:cc:29:ce:11:f9:7c:64:dd:5c:51:d3:ac:0c:54:4b:22:7e:
+ 29:de:98:50:80:f8:1a:65:64:3c:fb:a6:07:bb:e8:b1:a4:e8:
+ f1:7b:07:fd:e2:50:07:67:f5:7a:fa:76:4d:1c:7f:1a:e3:52:
+ ad:13:a6:b5:89:9e:f5:11:68:12:13:dc:59:86:9d:f9:83:18:
+ 52:ee:09:24:6a:37:e9:85:95:ac:93:09:23:09:0e:f3:66:a8:
+ 85:ee:d1:e4:40:01:f3:c2:c3:1f:48:74:76:2b:7e:4c:9b:a9:
+ a2:2f:c8:7c:74:60:2d:98:e8:63:09:cf:8f:a8:c8:8a:7f:c4:
+ d4:f3:34:ad
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaIxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaIxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD
DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHtyAqapq8UI9jmFY986tiVvlHKXyWTl
-qMjp4QnNrtKVfN77jWS0UaSGr6ldUDfoQYc6jgx3azUP23gOkr/5yoLV0OkncWus
-AjSG4sILskIGkdP2AlUjcTNXqVjbDR3+05vKxMm4bm8yyxK4n21EK/0iz4/AU/la
-tTrpSDfzDdh3W8sdl1upO7O5tV7CwNaNZvAZ6UrK4/CT84KT531/IVFO786C11KR
-3V90/4T+CtnDPZpi2vTJW/z4YNvTaQh8Cf0EEHtIuJvt61jxH6qHqb9g+HrflrN3
-S03btm80s41N46TNAbQVD4wSBpbnNkasfx/Kr+Qt+JCrzm+xtJ4vWio=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAutUlIxjBJwB2wFg7OEz8Jk2kPSzGzb
+76Wum0SWTv79uWFWWeLyUsgbUiw2eV1qg6HIA5p6gE/unUiH9MubXoTI+LgMd+HL
+QKwo61gH5AanUOJESLyjL13x+gxNHYQKV+UMubtBuRIXCSWfmQJrnoP7B/g/WbIE
+YrcS52GLSKfMKc4R+Xxk3VxR06wMVEsifinemFCA+BplZDz7pge76LGk6PF7B/3i
+UAdn9Xr6dk0cfxrjUq0TprWJnvURaBIT3FmGnfmDGFLuCSRqN+mFlayTCSMJDvNm
+qIXu0eRAAfPCwx9IdHYrfkybqaIvyHx0YC2Y6GMJz4+oyIp/xNTzNK0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem
index 2b96e3c1..2b56f422 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 04:f9:2d:12:27:73:f5:79:fd:73:35:ec:7c:dd:fb:fc:66:07:
- b6:ce:a6:2a:25:c2:12:6f:c7:9f:15:fa:b4:1f:3c:b9:c3:ea:
- 9c:ee:85:02:d9:f3:66:19:10:e5:7f:57:76:e7:07:77:86:34:
- 44:84:e8:89:a5:98:b8:b6:21:8f:f0:60:95:96:38:ce:be:ab:
- ee:a6:1d:47:dc:bf:37:c2:ca:d5:54:0c:8b:6f:11:e5:52:b6:
- 52:36:95:d1:ef:e0:18:7f:b2:00:8d:b4:dd:94:69:41:fc:7d:
- d4:43:55:bd:e8:e3:5f:1a:71:9a:1a:fa:4a:d3:d7:bd:ce:ac:
- e6:83:6b:47:31:60:90:96:d8:4c:34:0e:ba:25:d7:f2:40:3a:
- 37:bb:27:4c:de:40:9a:20:a5:0e:23:9b:ef:90:7f:1c:23:fd:
- 62:c7:f5:c1:35:de:73:f4:09:e6:e6:a2:15:64:53:93:95:38:
- 06:2b:64:59:7d:56:8c:88:3c:6f:f5:b7:8f:21:9c:a8:a7:46:
- da:66:5e:5c:e5:6a:4b:81:69:97:e3:5c:ed:7c:01:90:5e:bd:
- 06:47:e7:48:db:e8:13:18:f9:2e:6b:a0:26:61:d7:49:83:b7:
- 9d:b9:98:b7:c0:40:c7:0d:e8:5e:2a:f7:67:85:36:24:0e:68:
- 8d:ca:8e:78
+ a6:f3:32:99:ee:fd:de:b1:46:ad:68:a7:6f:d8:55:91:63:2d:
+ 07:ce:91:2f:e3:ff:8f:03:e3:cf:c2:33:76:91:33:5f:13:70:
+ 10:e4:e2:3b:70:02:fc:d2:7d:39:d2:1a:1e:82:2d:40:d8:a7:
+ bb:69:19:51:fb:c1:32:41:e5:cf:4f:39:f6:f8:dd:b4:cb:f2:
+ 11:3e:dc:8d:c7:a6:90:27:14:4b:28:6f:20:9a:58:92:3a:42:
+ 8c:c7:40:36:b5:c0:4a:7e:27:0b:37:a7:71:e4:fd:f4:8d:24:
+ 8d:fe:3d:4a:59:4e:7e:86:02:f2:e2:09:95:59:ca:19:b9:23:
+ 84:1e:c6:14:d9:c4:05:7a:93:77:b4:4a:f4:91:75:3f:89:43:
+ 8b:b1:5f:a5:36:0a:2a:b0:a1:7b:8f:33:01:92:4d:c1:d9:51:
+ 98:a3:1b:14:f9:34:8e:7c:db:a5:5c:2c:b2:cd:23:b6:f6:65:
+ 25:aa:2c:5c:cc:38:49:b2:77:aa:8f:73:3b:00:1f:33:94:43:
+ fd:c2:34:ba:ee:ac:7d:0d:62:58:72:4d:ea:78:29:b5:b1:29:
+ 99:70:8c:00:22:1c:a3:93:ca:cd:c8:02:21:57:2d:19:fd:a7:
+ fb:c7:1c:12:0c:49:04:73:4c:7e:dd:9f:9e:1c:5b:e4:2a:53:
+ b6:cf:7e:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAT5LRInc/V5/XM17Hzd+/xmB7bOpiol
-whJvx58V+rQfPLnD6pzuhQLZ82YZEOV/V3bnB3eGNESE6ImlmLi2IY/wYJWWOM6+
-q+6mHUfcvzfCytVUDItvEeVStlI2ldHv4Bh/sgCNtN2UaUH8fdRDVb3o418acZoa
-+krT173OrOaDa0cxYJCW2Ew0Drol1/JAOje7J0zeQJogpQ4jm++Qfxwj/WLH9cE1
-3nP0CebmohVkU5OVOAYrZFl9VoyIPG/1t48hnKinRtpmXlzlakuBaZfjXO18AZBe
-vQZH50jb6BMY+S5roCZh10mDt525mLfAQMcN6F4q92eFNiQOaI3Kjng=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKbzMpnu/d6xRq1op2/YVZFjLQfOkS/j
+/48D48/CM3aRM18TcBDk4jtwAvzSfTnSGh6CLUDYp7tpGVH7wTJB5c9POfb43bTL
+8hE+3I3HppAnFEsobyCaWJI6QozHQDa1wEp+Jws3p3Hk/fSNJI3+PUpZTn6GAvLi
+CZVZyhm5I4QexhTZxAV6k3e0SvSRdT+JQ4uxX6U2CiqwoXuPMwGSTcHZUZijGxT5
+NI5826VcLLLNI7b2ZSWqLFzMOEmyd6qPczsAHzOUQ/3CNLrurH0NYlhyTep4KbWx
+KZlwjAAiHKOTys3IAiFXLRn9p/vHHBIMSQRzTH7dn54cW+QqU7bPfsQ=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem
index 3b7ba449..ff85cabc 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0f:b1:e3:0e:db:7f:2c:93:25:66:ef:c4:84:a6:65:86:54:58:
- ff:59:ba:07:80:0f:56:cd:ae:15:39:64:8c:3d:05:c2:dc:3d:
- e2:9e:e8:b9:ec:55:15:c8:4f:0c:e0:41:65:8a:86:ff:f4:7f:
- a4:e0:aa:ea:a6:54:0c:3d:a2:82:d9:5c:c1:82:aa:d8:48:32:
- 84:ca:96:a5:21:b5:36:de:97:50:3b:9e:00:78:2a:af:30:09:
- f4:b7:6b:56:d7:38:a0:1c:b1:8b:d7:db:71:eb:46:b2:e2:c7:
- 42:d2:02:6d:03:dc:9d:83:ba:aa:be:23:62:73:98:16:74:3b:
- 8a:89:00:e8:b0:04:21:31:4c:0f:df:ef:3b:1e:fd:28:c5:07:
- 6b:b3:87:d1:78:4a:4b:97:8f:5b:09:39:b4:09:d5:62:c0:72:
- 31:0b:fa:7d:81:5f:dd:2f:3a:e1:61:d2:c0:b4:54:eb:01:e4:
- 94:90:30:8d:fa:8f:94:04:b2:9f:ca:3a:b1:c1:b9:72:24:f1:
- 0c:f9:09:1e:a0:5b:d9:28:a6:d4:ee:aa:bf:37:ea:ee:4d:85:
- 8a:f8:b0:6c:98:7e:a4:17:0d:01:03:46:7d:82:80:2a:48:17:
- a9:d6:4b:57:38:f1:53:54:54:00:5a:83:d6:96:b6:fe:c6:dc:
- 65:40:60:c9
+ d9:f9:09:10:86:29:c0:72:a4:93:87:4d:d3:79:ce:fa:f3:8a:
+ 79:9a:d0:eb:6d:42:06:00:fc:2c:c3:fa:35:c5:b6:6d:a4:7f:
+ 66:29:d2:ad:ed:50:a5:a8:1e:1b:24:db:f3:52:bf:54:b8:3f:
+ 67:c2:be:f4:a4:fc:d2:77:74:a4:02:74:0d:fe:c5:e0:42:bd:
+ 2b:7c:16:ae:a1:68:6f:e5:80:29:07:f3:5e:e4:0e:96:d2:ee:
+ cd:d2:82:00:22:a7:72:d7:c5:38:71:a0:ac:2a:38:03:c4:c1:
+ 23:62:1e:fa:b3:24:32:0f:01:a4:64:a8:ab:79:60:55:77:da:
+ ca:76:00:14:2f:e0:e1:74:f9:72:e2:7d:aa:3d:6b:9f:50:ab:
+ 72:31:40:4b:19:9d:b9:9a:12:de:db:15:c3:36:90:9d:48:6f:
+ 7a:98:47:7a:65:a2:d5:5b:0c:f3:90:5d:dd:4e:1c:ba:72:b4:
+ ac:be:ca:1b:87:16:7f:f2:b0:33:9b:7a:26:37:eb:1f:cb:4d:
+ bf:c7:f1:01:80:b7:60:c4:ae:71:bb:ab:cc:bd:8a:ba:c4:23:
+ 87:15:1e:b9:c7:6d:2d:44:fd:67:25:45:e2:cd:76:4d:87:a1:
+ 80:e0:a2:e6:60:23:51:4d:17:b0:82:51:ef:0c:88:75:64:c1:
+ 7b:8e:c2:29
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGiMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGiMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE
AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -80,10 +80,10 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl
cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud
-DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAD7HjDtt/LJMlZu/EhKZlhlRY/1m6
-B4APVs2uFTlkjD0Fwtw94p7ouexVFchPDOBBZYqG//R/pOCq6qZUDD2igtlcwYKq
-2EgyhMqWpSG1Nt6XUDueAHgqrzAJ9LdrVtc4oByxi9fbcetGsuLHQtICbQPcnYO6
-qr4jYnOYFnQ7iokA6LAEITFMD9/vOx79KMUHa7OH0XhKS5ePWwk5tAnVYsByMQv6
-fYFf3S864WHSwLRU6wHklJAwjfqPlASyn8o6scG5ciTxDPkJHqBb2Sim1O6qvzfq
-7k2FiviwbJh+pBcNAQNGfYKAKkgXqdZLVzjxU1RUAFqD1pa2/sbcZUBgyQ==
+DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEA2fkJEIYpwHKkk4dN03nO+vOKeZrQ
+621CBgD8LMP6NcW2baR/ZinSre1QpageGyTb81K/VLg/Z8K+9KT80nd0pAJ0Df7F
+4EK9K3wWrqFob+WAKQfzXuQOltLuzdKCACKnctfFOHGgrCo4A8TBI2Ie+rMkMg8B
+pGSoq3lgVXfaynYAFC/g4XT5cuJ9qj1rn1CrcjFASxmduZoS3tsVwzaQnUhvephH
+emWi1VsM85Bd3U4cunK0rL7KG4cWf/KwM5t6JjfrH8tNv8fxAYC3YMSucburzL2K
+usQjhxUeucdtLUT9ZyVF4s12TYehgOCi5mAjUU0XsIJR7wyIdWTBe47CKQ==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem
index c3cf8e29..8f35c384 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- b8:32:b6:b5:8a:90:09:c7:d2:11:7d:f7:8f:14:5d:61:80:cf:
- e8:ac:65:bf:d7:08:51:3c:60:16:15:9e:e0:ec:7a:9b:87:0c:
- bc:ad:56:67:de:1b:a5:d4:54:53:da:73:e8:27:8f:02:77:73:
- 12:86:99:22:3a:32:77:50:48:38:2b:c1:9f:46:81:26:10:0a:
- ee:24:a2:ae:42:dc:81:14:d3:b7:10:2f:11:aa:bb:70:ba:9c:
- 82:29:c8:2c:3e:e0:6b:8e:fb:e4:39:33:fc:ef:2f:d7:70:3a:
- 09:f5:d3:85:af:b3:59:00:b4:c6:2b:c5:1a:6b:3a:a7:4b:bb:
- 74:87:e1:dd:8f:9c:05:47:08:7b:0d:86:b6:35:97:67:a5:ac:
- 8c:d2:fc:dd:e0:0b:ab:8c:15:82:0c:c8:38:f1:37:83:86:b4:
- 0e:24:e8:5b:df:5e:e4:6b:e3:43:dc:b2:d9:c7:52:ca:cb:bd:
- a2:e0:3d:75:8a:03:4c:5d:a7:2f:7e:ba:64:2f:69:e7:df:a7:
- 09:22:f8:b7:a0:59:94:fd:95:31:ee:d6:5f:5e:f9:84:3c:fe:
- ba:75:f8:8f:59:80:0c:da:64:21:43:7b:44:4a:fd:ae:f4:43:
- 7d:b9:4a:30:8c:21:c5:11:1c:0b:e9:3c:cd:3e:ea:49:5a:c5:
- 10:ff:00:c1
+ 74:9d:3a:da:91:b6:e0:2d:7d:89:b6:6d:16:7d:f0:28:ba:9f:
+ e5:52:a0:21:92:06:77:77:9a:9a:78:47:56:de:39:4d:64:43:
+ 1c:e7:06:02:fd:00:42:1d:2d:71:ef:6e:a3:4f:39:1a:e9:fc:
+ 8d:9c:94:32:60:a9:56:12:ee:69:7f:59:ef:30:5f:c4:d6:56:
+ 26:1a:9a:bb:c4:ec:01:09:0a:e3:14:ab:44:41:08:75:2a:6b:
+ 80:69:58:5d:2e:1a:2a:00:26:0c:b0:36:cd:fb:c1:87:7e:b8:
+ 58:ce:4d:32:57:e5:62:2e:64:e3:c9:52:67:21:28:40:16:88:
+ b2:37:19:e0:93:c8:4c:ca:f9:2b:1d:2c:d9:91:82:ac:b4:79:
+ d9:90:79:e5:95:76:03:a2:6b:d8:ef:24:66:1d:a3:3b:6f:c6:
+ 0c:95:f2:c3:59:37:f9:87:db:e6:a6:e5:f1:6f:70:92:60:e0:
+ 6d:cd:b8:14:69:95:26:56:2c:cc:0e:7e:d4:39:dd:6e:44:32:
+ eb:27:15:00:0f:fa:02:60:32:a5:6c:69:f0:cd:31:c6:b8:ff:
+ 1c:59:2f:0f:4d:28:9b:67:79:ea:4f:2c:a6:e0:f1:cf:19:3f:
+ 4f:44:2c:61:2e:08:48:cb:11:e2:82:8a:c0:88:53:ad:6b:ba:
+ 7e:d6:fa:61
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBojELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBojELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV
BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -80,10 +80,10 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI
-hvcNAQELBQADggEBALgytrWKkAnH0hF9948UXWGAz+isZb/XCFE8YBYVnuDsepuH
-DLytVmfeG6XUVFPac+gnjwJ3cxKGmSI6MndQSDgrwZ9GgSYQCu4koq5C3IEU07cQ
-LxGqu3C6nIIpyCw+4GuO++Q5M/zvL9dwOgn104Wvs1kAtMYrxRprOqdLu3SH4d2P
-nAVHCHsNhrY1l2elrIzS/N3gC6uMFYIMyDjxN4OGtA4k6FvfXuRr40PcstnHUsrL
-vaLgPXWKA0xdpy9+umQvaeffpwki+LegWZT9lTHu1l9e+YQ8/rp1+I9ZgAzaZCFD
-e0RK/a70Q325SjCMIcURHAvpPM0+6klaxRD/AME=
+hvcNAQELBQADggEBAHSdOtqRtuAtfYm2bRZ98Ci6n+VSoCGSBnd3mpp4R1beOU1k
+QxznBgL9AEIdLXHvbqNPORrp/I2clDJgqVYS7ml/We8wX8TWViYamrvE7AEJCuMU
+q0RBCHUqa4BpWF0uGioAJgywNs37wYd+uFjOTTJX5WIuZOPJUmchKEAWiLI3GeCT
+yEzK+SsdLNmRgqy0edmQeeWVdgOia9jvJGYdoztvxgyV8sNZN/mH2+am5fFvcJJg
+4G3NuBRplSZWLMwOftQ53W5EMusnFQAP+gJgMqVsafDNMca4/xxZLw9NKJtneepP
+LKbg8c8ZP09ELGEuCEjLEeKCisCIU61run7W+mE=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem
index ace2c8e2..1a3bed29 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:100
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 63:fb:c6:05:34:72:7a:ac:41:40:db:7d:45:03:24:24:fc:52:
- 15:95:24:05:f9:26:89:ba:59:21:5e:6a:e6:86:86:28:85:f0:
- cf:46:3f:90:a1:46:3a:3b:0f:bd:2f:91:b6:59:6f:f1:b6:25:
- 12:85:7a:e0:eb:18:9e:21:a1:dd:4a:68:df:91:01:47:35:02:
- 4e:8a:f7:4b:15:30:e2:d1:bf:94:6e:c2:7a:d1:78:b3:ff:6d:
- 23:4f:83:bb:3c:f7:aa:1d:07:09:d9:9a:1d:96:77:e3:3d:4b:
- 4f:de:d9:29:1a:9c:d7:a4:03:ac:55:6f:59:b6:6a:5d:4e:ae:
- 02:42:15:4c:9e:7c:57:a5:a6:35:c6:6a:44:ea:59:36:87:68:
- 1d:16:4c:63:96:c0:9f:7c:5d:fd:cd:bb:fe:5c:d6:08:86:9a:
- 60:ae:60:b6:2d:b2:a1:f6:6e:0a:47:d6:e2:95:f5:ff:5d:0d:
- 46:a4:b5:1d:bf:96:25:11:84:07:77:1f:29:8e:4f:22:8e:65:
- 07:e0:e8:c2:47:e8:c6:3a:9d:ff:df:19:f3:9f:83:be:b4:91:
- 8c:0b:84:e0:2a:9e:8b:7a:e0:cf:72:d5:3e:2a:5a:ff:24:eb:
- 92:7b:ed:0c:42:5c:ca:cc:ee:aa:04:37:87:63:f2:22:95:e3:
- ea:5b:00:b9
+ 18:8c:dc:f0:e2:14:b8:33:68:ed:a7:5e:f9:12:72:93:58:a0:
+ 91:2a:d5:87:77:21:24:e9:b6:af:d3:af:55:8b:31:1c:a8:bb:
+ 3a:30:94:bb:aa:d4:5e:bb:17:d1:93:57:51:e6:32:f0:c7:e6:
+ 76:86:06:6d:c7:2a:35:c2:a3:2f:54:d6:bf:b1:25:7e:e4:0b:
+ 1a:dd:62:ce:34:d5:18:b4:4d:d0:76:52:d4:63:00:8b:90:72:
+ 4e:77:ff:c1:1b:bf:31:d1:6d:d2:75:69:5a:0c:a6:b2:42:e7:
+ 97:c9:a1:47:50:16:89:ee:20:ee:e7:c0:c8:06:7f:5e:55:0a:
+ 79:90:ed:2d:11:83:49:23:f0:89:08:cb:9c:84:6e:f5:6b:fe:
+ b2:2c:16:0e:74:d9:a8:35:9b:1d:1c:6a:ab:58:dd:32:09:d2:
+ 67:c2:eb:27:18:8e:70:31:58:c2:f1:20:06:98:ac:39:5a:c2:
+ 0b:43:60:a8:74:35:b1:32:bd:83:4b:df:db:18:46:e1:ac:7e:
+ 13:4a:09:6b:05:98:7a:98:e9:e0:1a:1d:a7:88:34:c6:4b:06:
+ 14:69:78:8d:29:83:c2:ee:52:af:00:a3:4d:d8:61:04:5a:0c:
+ e5:62:f4:c7:ac:8a:f3:7d:90:10:08:7c:15:d1:37:01:3c:bc:
+ 89:f8:60:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3
LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -78,12 +78,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgdQGA1Ud
IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAY/vGBTRyeqxBQNt9RQMkJPxSFZUkBfkmibpZIV5q
-5oaGKIXwz0Y/kKFGOjsPvS+Rtllv8bYlEoV64OsYniGh3Upo35EBRzUCTor3SxUw
-4tG/lG7CetF4s/9tI0+Duzz3qh0HCdmaHZZ34z1LT97ZKRqc16QDrFVvWbZqXU6u
-AkIVTJ58V6WmNcZqROpZNodoHRZMY5bAn3xd/c27/lzWCIaaYK5gti2yofZuCkfW
-4pX1/10NRqS1Hb+WJRGEB3cfKY5PIo5lB+Dowkfoxjqd/98Z85+DvrSRjAuE4Cqe
-i3rgz3LVPipa/yTrknvtDEJcyszuqgQ3h2PyIpXj6lsAuQ==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEAGIzc8OIUuDNo7ade+RJyk1igkSrVh3chJOm2r9Ov
+VYsxHKi7OjCUu6rUXrsX0ZNXUeYy8MfmdoYGbccqNcKjL1TWv7ElfuQLGt1izjTV
+GLRN0HZS1GMAi5ByTnf/wRu/MdFt0nVpWgymskLnl8mhR1AWie4g7ufAyAZ/XlUK
+eZDtLRGDSSPwiQjLnIRu9Wv+siwWDnTZqDWbHRxqq1jdMgnSZ8LrJxiOcDFYwvEg
+BpisOVrCC0NgqHQ1sTK9g0vf2xhG4ax+E0oJawWYepjp4Bodp4g0xksGFGl4jSmD
+wu5SrwCjTdhhBFoM5WL0x6yK832QEAh8FdE3ATy8ifhgJA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem
index c1d57403..c8990912 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- a9:28:b3:d9:91:da:b9:0b:35:94:8d:b0:53:7c:6c:0d:b7:ab:
- 41:7b:72:42:48:5b:13:6f:15:4b:df:cd:69:48:01:f4:b7:6d:
- 4d:c3:be:85:91:31:1b:f7:54:e8:3e:6c:b7:ad:29:16:9b:f7:
- 99:f4:67:a6:cb:96:7e:5b:8a:32:41:20:89:88:8d:a0:f2:81:
- 3a:50:14:66:06:9b:eb:c0:ee:bb:d1:0c:84:7c:e3:bb:b6:92:
- 62:68:3b:b0:0d:c2:ed:f4:d1:7f:8f:15:8c:1a:fd:fe:9d:be:
- 84:0d:47:53:ad:c6:d7:60:52:71:5d:65:0a:28:aa:22:03:73:
- cf:1f:d6:e1:1a:5c:b7:54:83:93:c8:38:bc:3b:64:50:91:f5:
- ff:65:fd:3e:4b:fc:8c:96:80:c0:51:1f:14:16:3a:35:f2:93:
- 67:99:dd:e3:8d:10:52:25:a9:1b:9f:43:7a:9a:31:ae:f1:9e:
- 49:cb:17:e8:8b:17:59:42:7d:15:82:d8:4b:a4:02:d9:ea:96:
- 69:0e:01:de:8c:47:63:54:88:b1:df:31:fd:16:8c:53:22:81:
- 62:e3:96:10:b2:21:af:4b:72:82:66:aa:d1:06:09:f4:bd:00:
- b6:f1:7a:4a:48:82:61:f5:de:c3:04:17:3a:83:46:38:b7:ff:
- db:26:0e:f9
+ 27:b7:93:b7:fd:71:ab:7c:a5:a2:8e:e7:4c:77:67:4c:f2:28:
+ b7:82:bb:4a:85:95:bf:84:57:04:49:ac:be:02:cc:6b:fd:0f:
+ d8:66:c8:a0:eb:40:55:cf:a1:e3:d1:e0:fe:9a:40:b5:2e:ee:
+ b2:bf:48:fa:20:57:fd:c7:df:de:68:8f:82:5d:58:ec:25:0a:
+ a8:97:73:dc:e6:66:f5:49:64:9a:e9:b1:e2:86:4e:d1:04:59:
+ 0f:32:e1:c5:dd:d4:39:b0:ad:e9:cc:ad:87:ef:ab:8e:fe:74:
+ 4c:7e:b2:cb:41:3c:54:ed:b7:8d:4b:fd:97:6e:26:22:32:9e:
+ 94:26:aa:45:7d:65:c1:c8:10:67:63:09:09:42:04:04:9d:0c:
+ 53:bb:18:f6:ce:af:dc:e7:63:d4:c8:bb:b4:6a:86:52:45:6a:
+ 96:a1:54:3d:8c:25:7d:1a:b1:16:65:7a:8b:ec:01:fa:c4:73:
+ 98:49:3c:c3:18:2f:48:3e:45:10:45:c0:85:2c:16:88:65:2b:
+ 02:0b:0b:02:67:d2:2a:1d:bd:66:14:f5:8d:d1:8e:f8:eb:7a:
+ b5:db:4e:f7:ce:fa:6f:67:a0:a2:6b:37:85:7a:f7:34:8a:71:
+ 9a:e5:34:2a:fd:6a:4a:ec:3e:38:e3:30:89:f3:e6:c4:a9:a6:
+ a4:79:35:9b
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKkos9mR
-2rkLNZSNsFN8bA23q0F7ckJIWxNvFUvfzWlIAfS3bU3DvoWRMRv3VOg+bLetKRab
-95n0Z6bLln5bijJBIImIjaDygTpQFGYGm+vA7rvRDIR847u2kmJoO7ANwu300X+P
-FYwa/f6dvoQNR1OtxtdgUnFdZQooqiIDc88f1uEaXLdUg5PIOLw7ZFCR9f9l/T5L
-/IyWgMBRHxQWOjXyk2eZ3eONEFIlqRufQ3qaMa7xnknLF+iLF1lCfRWC2EukAtnq
-lmkOAd6MR2NUiLHfMf0WjFMigWLjlhCyIa9LcoJmqtEGCfS9ALbxekpIgmH13sME
-FzqDRji3/9smDvk=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACe3k7f9
+cat8paKO50x3Z0zyKLeCu0qFlb+EVwRJrL4CzGv9D9hmyKDrQFXPoePR4P6aQLUu
+7rK/SPogV/3H395oj4JdWOwlCqiXc9zmZvVJZJrpseKGTtEEWQ8y4cXd1DmwrenM
+rYfvq47+dEx+sstBPFTtt41L/ZduJiIynpQmqkV9ZcHIEGdjCQlCBASdDFO7GPbO
+r9znY9TIu7RqhlJFapahVD2MJX0asRZleovsAfrEc5hJPMMYL0g+RRBFwIUsFohl
+KwILCwJn0iodvWYU9Y3RjvjrerXbTvfO+m9noKJrN4V69zSKcZrlNCr9akrsPjjj
+MInz5sSppqR5NZs=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -92,8 +92,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- a8:e1:75:09:71:57:28:d6:27:3a:92:89:0c:47:57:05:3a:92:
- 81:d3:23:00:92:fd:f3:77:24:60:67:af:86:ba:b2:17:1a:9f:
- 5e:3a:ee:ba:a3:fa:1f:76:69:b9:18:4d:89:97:ac:54:5a:9f:
- e2:ad:7a:37:d3:e1:35:fa:39:32:7f:d9:14:98:48:16:4d:99:
- e6:d5:61:0e:31:df:d1:a7:cd:c1:fd:6b:72:59:80:f7:8c:77:
- ef:45:c9:53:ed:b6:a4:73:06:1e:d3:d6:40:01:c8:c7:3c:48:
- 71:38:ac:66:a8:f6:e2:5f:75:87:a8:93:28:db:ef:3f:e2:c6:
- 2b:0d:ac:63:33:9c:1c:65:8d:9a:b2:3e:c8:2b:0d:3c:96:ef:
- b3:e2:4d:b8:fe:6d:8b:59:66:02:3f:f9:a8:0b:08:a3:30:a7:
- 9c:81:74:3d:88:cb:3f:f7:93:95:93:9f:38:53:ac:d9:a5:ae:
- 43:46:30:17:25:b1:cb:bf:2d:fe:df:32:17:ec:b0:54:33:c7:
- 1c:31:78:86:8c:fd:16:9e:0c:a4:71:3f:d0:a4:0e:26:90:39:
- 68:34:bf:34:f7:73:fb:7b:64:14:3f:b4:41:95:c2:da:16:dc:
- 20:a4:cc:3e:fa:64:dd:ce:d6:48:11:9d:ab:6b:a7:3e:c6:67:
- 1d:ac:f6:0b
+ 6e:12:75:fb:ac:2b:b3:b5:f3:f8:0c:2b:61:c3:22:c0:1f:16:
+ cf:36:8c:b2:fc:be:83:ad:81:3d:e9:4e:76:e3:85:db:34:b4:
+ b1:a6:ed:fe:82:ee:b2:7c:64:14:e4:1f:d6:fb:16:3e:36:d7:
+ a1:f3:99:99:7c:48:96:50:d0:e4:29:43:42:93:7c:8e:24:fc:
+ ba:6b:89:1c:1b:c8:39:d2:62:5e:7f:ac:0c:e8:7d:f4:90:94:
+ a3:dc:5d:d4:25:60:07:6f:97:6c:a1:4f:5a:ec:84:70:46:de:
+ 4d:74:a8:5c:48:32:94:6d:69:81:65:c6:c4:ef:3e:31:fc:40:
+ f5:5c:10:29:23:49:a7:ca:27:27:33:ed:3f:65:1a:95:f0:57:
+ 5a:32:19:b4:4d:66:c5:19:15:4b:a9:79:c9:fb:cd:02:57:04:
+ c2:33:6d:6c:85:67:14:16:7a:d2:32:a0:66:c4:b9:0d:43:bd:
+ 57:52:27:da:af:f1:df:68:27:74:b9:dd:d3:3c:ba:79:d0:46:
+ 2c:91:fc:1c:65:a4:3a:ea:82:25:c9:b1:2f:7d:78:85:62:1f:
+ a4:4c:69:fc:a3:95:c3:0a:ce:ed:10:24:ec:f7:17:bf:22:42:
+ 44:ac:0d:77:a1:3d:9d:d0:fb:03:1b:b7:79:8a:ba:6e:3c:a4:
+ 3e:1c:0a:54
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ
ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAqOF1CXFXKNYnOpKJDEdXBTqSgdMjAJL9
-83ckYGevhrqyFxqfXjruuqP6H3ZpuRhNiZesVFqf4q16N9PhNfo5Mn/ZFJhIFk2Z
-5tVhDjHf0afNwf1rclmA94x370XJU+22pHMGHtPWQAHIxzxIcTisZqj24l91h6iT
-KNvvP+LGKw2sYzOcHGWNmrI+yCsNPJbvs+JNuP5ti1lmAj/5qAsIozCnnIF0PYjL
-P/eTlZOfOFOs2aWuQ0YwFyWxy78t/t8yF+ywVDPHHDF4hoz9Fp4MpHE/0KQOJpA5
-aDS/NPdz+3tkFD+0QZXC2hbcIKTMPvpk3c7WSBGdq2unPsZnHaz2Cw==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAbhJ1+6wrs7Xz+AwrYcMiwB8WzzaMsvy+
+g62BPelOduOF2zS0sabt/oLusnxkFOQf1vsWPjbXofOZmXxIllDQ5ClDQpN8jiT8
+umuJHBvIOdJiXn+sDOh99JCUo9xd1CVgB2+XbKFPWuyEcEbeTXSoXEgylG1pgWXG
+xO8+MfxA9VwQKSNJp8onJzPtP2UalfBXWjIZtE1mxRkVS6l5yfvNAlcEwjNtbIVn
+FBZ60jKgZsS5DUO9V1In2q/x32gndLnd0zy6edBGLJH8HGWkOuqCJcmxL314hWIf
+pExp/KOVwwrO7RAk7PcXvyJCRKwNd6E9ndD7Axu3eYq6bjykPhwKVA==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -181,8 +181,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 56:b8:f2:49:b8:e6:65:25:db:46:5f:f4:72:40:14:a5:27:39:
- 27:28:9b:f9:cc:5a:02:7f:76:05:e7:18:45:1f:29:c6:cb:ce:
- 77:50:35:74:0c:95:ed:3a:7e:a0:87:8a:7d:8f:6f:2f:3c:5d:
- 03:86:da:c2:2c:b3:2f:6d:7b:af:a4:83:c7:f3:6e:5b:48:c3:
- d9:4a:e5:af:e1:86:e1:81:68:45:2e:fb:09:19:94:be:91:dd:
- 8f:f4:e7:94:fb:9e:54:4c:a7:c9:10:87:8d:f0:08:14:08:c9:
- d7:92:44:56:59:03:10:27:2c:fb:7e:24:01:8b:9f:cc:e0:6a:
- 31:5c:67:e3:96:88:f8:86:3f:ec:1e:bd:07:d2:fc:34:1d:ff:
- 8d:72:c1:2d:de:09:7f:e4:c4:dd:98:70:73:ed:84:a6:4f:f8:
- ec:a5:18:b6:0c:55:e2:a4:aa:0c:37:60:52:3d:76:f5:dd:ab:
- 0a:7c:fd:4d:81:a6:a9:c6:49:14:e7:51:00:f4:6a:d9:dc:15:
- ef:72:d1:79:c3:65:e2:e1:f5:23:c4:90:ba:4a:e2:01:d9:09:
- 83:e5:34:0f:c3:ea:03:cf:62:b9:bb:18:26:30:54:77:b1:a6:
- 63:99:35:0a:40:2b:df:2a:2c:3a:e0:0c:2c:f6:1b:6a:de:e2:
- 02:31:9d:c0
+ 50:65:9b:1d:8b:6a:ae:9b:d4:f1:ff:57:ac:51:48:fd:c8:9e:
+ 19:bb:b2:00:bf:54:ee:c8:d4:2f:eb:5b:ff:17:1e:7c:aa:1d:
+ d4:01:9f:e8:cb:c4:8c:e5:ee:99:04:33:e8:16:3a:fc:44:bd:
+ 56:a5:45:e7:e9:fb:88:25:11:4b:07:73:5d:37:21:47:47:9d:
+ f8:e0:89:e0:e4:c0:6a:f4:64:25:e7:b7:d9:47:53:ff:d5:6f:
+ f3:e4:8d:b2:33:f6:ce:46:5b:80:82:8f:05:18:f4:bc:90:5a:
+ af:4a:7f:9d:67:08:f7:41:27:05:c5:34:46:03:fc:14:2e:4e:
+ 81:f3:ca:3d:67:9e:a9:53:ec:5b:df:38:d4:b5:92:3d:55:94:
+ df:88:be:a1:e7:14:18:a2:9d:22:5d:10:69:f8:54:c3:a9:14:
+ ef:8e:af:e1:8a:f8:cd:6d:7e:26:30:2c:40:bc:50:49:e5:9f:
+ bc:8f:de:30:23:93:c4:25:b3:e6:fb:b5:64:82:57:41:ac:79:
+ 1e:58:9e:6c:67:dc:18:ed:c4:60:79:06:b1:ee:9f:4c:2c:a3:
+ 9c:61:d7:77:33:b5:64:50:65:88:33:a0:30:57:99:0f:a9:aa:
+ a7:b3:a8:0d:b1:c5:ce:5a:34:a8:31:47:e4:66:62:b2:11:0e:
+ b9:58:4f:06
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -256,12 +256,12 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ
ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVrjySbjmZSXbRl/0ckAUpSc5Jyib+cxa
-An92BecYRR8pxsvOd1A1dAyV7Tp+oIeKfY9vLzxdA4bawiyzL217r6SDx/NuW0jD
-2Urlr+GG4YFoRS77CRmUvpHdj/TnlPueVEynyRCHjfAIFAjJ15JEVlkDECcs+34k
-AYufzOBqMVxn45aI+IY/7B69B9L8NB3/jXLBLd4Jf+TE3Zhwc+2Epk/47KUYtgxV
-4qSqDDdgUj129d2rCnz9TYGmqcZJFOdRAPRq2dwV73LRecNl4uH1I8SQukriAdkJ
-g+U0D8PqA89iubsYJjBUd7GmY5k1CkAr3yosOuAMLPYbat7iAjGdwA==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAUGWbHYtqrpvU8f9XrFFI/cieGbuyAL9U
+7sjUL+tb/xcefKod1AGf6MvEjOXumQQz6BY6/ES9VqVF5+n7iCURSwdzXTchR0ed
++OCJ4OTAavRkJee32UdT/9Vv8+SNsjP2zkZbgIKPBRj0vJBar0p/nWcI90EnBcU0
+RgP8FC5OgfPKPWeeqVPsW9841LWSPVWU34i+oecUGKKdIl0QafhUw6kU746v4Yr4
+zW1+JjAsQLxQSeWfvI/eMCOTxCWz5vu1ZIJXQax5HliebGfcGO3EYHkGse6fTCyj
+nGHXdzO1ZFBliDOgMFeZD6mqp7OoDbHFzlo0qDFH5GZishEOuVhPBg==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -270,8 +270,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -309,27 +309,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 7b:72:02:a6:a9:ab:c5:08:f6:39:85:63:df:3a:b6:25:6f:94:
- 72:97:c9:64:e5:a8:c8:e9:e1:09:cd:ae:d2:95:7c:de:fb:8d:
- 64:b4:51:a4:86:af:a9:5d:50:37:e8:41:87:3a:8e:0c:77:6b:
- 35:0f:db:78:0e:92:bf:f9:ca:82:d5:d0:e9:27:71:6b:ac:02:
- 34:86:e2:c2:0b:b2:42:06:91:d3:f6:02:55:23:71:33:57:a9:
- 58:db:0d:1d:fe:d3:9b:ca:c4:c9:b8:6e:6f:32:cb:12:b8:9f:
- 6d:44:2b:fd:22:cf:8f:c0:53:f9:5a:b5:3a:e9:48:37:f3:0d:
- d8:77:5b:cb:1d:97:5b:a9:3b:b3:b9:b5:5e:c2:c0:d6:8d:66:
- f0:19:e9:4a:ca:e3:f0:93:f3:82:93:e7:7d:7f:21:51:4e:ef:
- ce:82:d7:52:91:dd:5f:74:ff:84:fe:0a:d9:c3:3d:9a:62:da:
- f4:c9:5b:fc:f8:60:db:d3:69:08:7c:09:fd:04:10:7b:48:b8:
- 9b:ed:eb:58:f1:1f:aa:87:a9:bf:60:f8:7a:df:96:b3:77:4b:
- 4d:db:b6:6f:34:b3:8d:4d:e3:a4:cd:01:b4:15:0f:8c:12:06:
- 96:e7:36:46:ac:7f:1f:ca:af:e4:2d:f8:90:ab:ce:6f:b1:b4:
- 9e:2f:5a:2a
+ 0b:ad:52:52:31:8c:12:70:07:6c:05:83:b3:84:cf:c2:64:da:
+ 43:d2:cc:6c:db:ef:a5:ae:9b:44:96:4e:fe:fd:b9:61:56:59:
+ e2:f2:52:c8:1b:52:2c:36:79:5d:6a:83:a1:c8:03:9a:7a:80:
+ 4f:ee:9d:48:87:f4:cb:9b:5e:84:c8:f8:b8:0c:77:e1:cb:40:
+ ac:28:eb:58:07:e4:06:a7:50:e2:44:48:bc:a3:2f:5d:f1:fa:
+ 0c:4d:1d:84:0a:57:e5:0c:b9:bb:41:b9:12:17:09:25:9f:99:
+ 02:6b:9e:83:fb:07:f8:3f:59:b2:04:62:b7:12:e7:61:8b:48:
+ a7:cc:29:ce:11:f9:7c:64:dd:5c:51:d3:ac:0c:54:4b:22:7e:
+ 29:de:98:50:80:f8:1a:65:64:3c:fb:a6:07:bb:e8:b1:a4:e8:
+ f1:7b:07:fd:e2:50:07:67:f5:7a:fa:76:4d:1c:7f:1a:e3:52:
+ ad:13:a6:b5:89:9e:f5:11:68:12:13:dc:59:86:9d:f9:83:18:
+ 52:ee:09:24:6a:37:e9:85:95:ac:93:09:23:09:0e:f3:66:a8:
+ 85:ee:d1:e4:40:01:f3:c2:c3:1f:48:74:76:2b:7e:4c:9b:a9:
+ a2:2f:c8:7c:74:60:2d:98:e8:63:09:cf:8f:a8:c8:8a:7f:c4:
+ d4:f3:34:ad
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaIxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaIxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD
DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -345,12 +345,12 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHtyAqapq8UI9jmFY986tiVvlHKXyWTl
-qMjp4QnNrtKVfN77jWS0UaSGr6ldUDfoQYc6jgx3azUP23gOkr/5yoLV0OkncWus
-AjSG4sILskIGkdP2AlUjcTNXqVjbDR3+05vKxMm4bm8yyxK4n21EK/0iz4/AU/la
-tTrpSDfzDdh3W8sdl1upO7O5tV7CwNaNZvAZ6UrK4/CT84KT531/IVFO786C11KR
-3V90/4T+CtnDPZpi2vTJW/z4YNvTaQh8Cf0EEHtIuJvt61jxH6qHqb9g+HrflrN3
-S03btm80s41N46TNAbQVD4wSBpbnNkasfx/Kr+Qt+JCrzm+xtJ4vWio=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAutUlIxjBJwB2wFg7OEz8Jk2kPSzGzb
+76Wum0SWTv79uWFWWeLyUsgbUiw2eV1qg6HIA5p6gE/unUiH9MubXoTI+LgMd+HL
+QKwo61gH5AanUOJESLyjL13x+gxNHYQKV+UMubtBuRIXCSWfmQJrnoP7B/g/WbIE
+YrcS52GLSKfMKc4R+Xxk3VxR06wMVEsifinemFCA+BplZDz7pge76LGk6PF7B/3i
+UAdn9Xr6dk0cfxrjUq0TprWJnvURaBIT3FmGnfmDGFLuCSRqN+mFlayTCSMJDvNm
+qIXu0eRAAfPCwx9IdHYrfkybqaIvyHx0YC2Y6GMJz4+oyIp/xNTzNK0=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -359,8 +359,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -398,27 +398,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 04:f9:2d:12:27:73:f5:79:fd:73:35:ec:7c:dd:fb:fc:66:07:
- b6:ce:a6:2a:25:c2:12:6f:c7:9f:15:fa:b4:1f:3c:b9:c3:ea:
- 9c:ee:85:02:d9:f3:66:19:10:e5:7f:57:76:e7:07:77:86:34:
- 44:84:e8:89:a5:98:b8:b6:21:8f:f0:60:95:96:38:ce:be:ab:
- ee:a6:1d:47:dc:bf:37:c2:ca:d5:54:0c:8b:6f:11:e5:52:b6:
- 52:36:95:d1:ef:e0:18:7f:b2:00:8d:b4:dd:94:69:41:fc:7d:
- d4:43:55:bd:e8:e3:5f:1a:71:9a:1a:fa:4a:d3:d7:bd:ce:ac:
- e6:83:6b:47:31:60:90:96:d8:4c:34:0e:ba:25:d7:f2:40:3a:
- 37:bb:27:4c:de:40:9a:20:a5:0e:23:9b:ef:90:7f:1c:23:fd:
- 62:c7:f5:c1:35:de:73:f4:09:e6:e6:a2:15:64:53:93:95:38:
- 06:2b:64:59:7d:56:8c:88:3c:6f:f5:b7:8f:21:9c:a8:a7:46:
- da:66:5e:5c:e5:6a:4b:81:69:97:e3:5c:ed:7c:01:90:5e:bd:
- 06:47:e7:48:db:e8:13:18:f9:2e:6b:a0:26:61:d7:49:83:b7:
- 9d:b9:98:b7:c0:40:c7:0d:e8:5e:2a:f7:67:85:36:24:0e:68:
- 8d:ca:8e:78
+ a6:f3:32:99:ee:fd:de:b1:46:ad:68:a7:6f:d8:55:91:63:2d:
+ 07:ce:91:2f:e3:ff:8f:03:e3:cf:c2:33:76:91:33:5f:13:70:
+ 10:e4:e2:3b:70:02:fc:d2:7d:39:d2:1a:1e:82:2d:40:d8:a7:
+ bb:69:19:51:fb:c1:32:41:e5:cf:4f:39:f6:f8:dd:b4:cb:f2:
+ 11:3e:dc:8d:c7:a6:90:27:14:4b:28:6f:20:9a:58:92:3a:42:
+ 8c:c7:40:36:b5:c0:4a:7e:27:0b:37:a7:71:e4:fd:f4:8d:24:
+ 8d:fe:3d:4a:59:4e:7e:86:02:f2:e2:09:95:59:ca:19:b9:23:
+ 84:1e:c6:14:d9:c4:05:7a:93:77:b4:4a:f4:91:75:3f:89:43:
+ 8b:b1:5f:a5:36:0a:2a:b0:a1:7b:8f:33:01:92:4d:c1:d9:51:
+ 98:a3:1b:14:f9:34:8e:7c:db:a5:5c:2c:b2:cd:23:b6:f6:65:
+ 25:aa:2c:5c:cc:38:49:b2:77:aa:8f:73:3b:00:1f:33:94:43:
+ fd:c2:34:ba:ee:ac:7d:0d:62:58:72:4d:ea:78:29:b5:b1:29:
+ 99:70:8c:00:22:1c:a3:93:ca:cd:c8:02:21:57:2d:19:fd:a7:
+ fb:c7:1c:12:0c:49:04:73:4c:7e:dd:9f:9e:1c:5b:e4:2a:53:
+ b6:cf:7e:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -434,12 +434,12 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B
CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAT5LRInc/V5/XM17Hzd+/xmB7bOpiol
-whJvx58V+rQfPLnD6pzuhQLZ82YZEOV/V3bnB3eGNESE6ImlmLi2IY/wYJWWOM6+
-q+6mHUfcvzfCytVUDItvEeVStlI2ldHv4Bh/sgCNtN2UaUH8fdRDVb3o418acZoa
-+krT173OrOaDa0cxYJCW2Ew0Drol1/JAOje7J0zeQJogpQ4jm++Qfxwj/WLH9cE1
-3nP0CebmohVkU5OVOAYrZFl9VoyIPG/1t48hnKinRtpmXlzlakuBaZfjXO18AZBe
-vQZH50jb6BMY+S5roCZh10mDt525mLfAQMcN6F4q92eFNiQOaI3Kjng=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKbzMpnu/d6xRq1op2/YVZFjLQfOkS/j
+/48D48/CM3aRM18TcBDk4jtwAvzSfTnSGh6CLUDYp7tpGVH7wTJB5c9POfb43bTL
+8hE+3I3HppAnFEsobyCaWJI6QozHQDa1wEp+Jws3p3Hk/fSNJI3+PUpZTn6GAvLi
+CZVZyhm5I4QexhTZxAV6k3e0SvSRdT+JQ4uxX6U2CiqwoXuPMwGSTcHZUZijGxT5
+NI5826VcLLLNI7b2ZSWqLFzMOEmyd6qPczsAHzOUQ/3CNLrurH0NYlhyTep4KbWx
+KZlwjAAiHKOTys3IAiFXLRn9p/vHHBIMSQRzTH7dn54cW+QqU7bPfsQ=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -448,8 +448,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -487,27 +487,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0f:b1:e3:0e:db:7f:2c:93:25:66:ef:c4:84:a6:65:86:54:58:
- ff:59:ba:07:80:0f:56:cd:ae:15:39:64:8c:3d:05:c2:dc:3d:
- e2:9e:e8:b9:ec:55:15:c8:4f:0c:e0:41:65:8a:86:ff:f4:7f:
- a4:e0:aa:ea:a6:54:0c:3d:a2:82:d9:5c:c1:82:aa:d8:48:32:
- 84:ca:96:a5:21:b5:36:de:97:50:3b:9e:00:78:2a:af:30:09:
- f4:b7:6b:56:d7:38:a0:1c:b1:8b:d7:db:71:eb:46:b2:e2:c7:
- 42:d2:02:6d:03:dc:9d:83:ba:aa:be:23:62:73:98:16:74:3b:
- 8a:89:00:e8:b0:04:21:31:4c:0f:df:ef:3b:1e:fd:28:c5:07:
- 6b:b3:87:d1:78:4a:4b:97:8f:5b:09:39:b4:09:d5:62:c0:72:
- 31:0b:fa:7d:81:5f:dd:2f:3a:e1:61:d2:c0:b4:54:eb:01:e4:
- 94:90:30:8d:fa:8f:94:04:b2:9f:ca:3a:b1:c1:b9:72:24:f1:
- 0c:f9:09:1e:a0:5b:d9:28:a6:d4:ee:aa:bf:37:ea:ee:4d:85:
- 8a:f8:b0:6c:98:7e:a4:17:0d:01:03:46:7d:82:80:2a:48:17:
- a9:d6:4b:57:38:f1:53:54:54:00:5a:83:d6:96:b6:fe:c6:dc:
- 65:40:60:c9
+ d9:f9:09:10:86:29:c0:72:a4:93:87:4d:d3:79:ce:fa:f3:8a:
+ 79:9a:d0:eb:6d:42:06:00:fc:2c:c3:fa:35:c5:b6:6d:a4:7f:
+ 66:29:d2:ad:ed:50:a5:a8:1e:1b:24:db:f3:52:bf:54:b8:3f:
+ 67:c2:be:f4:a4:fc:d2:77:74:a4:02:74:0d:fe:c5:e0:42:bd:
+ 2b:7c:16:ae:a1:68:6f:e5:80:29:07:f3:5e:e4:0e:96:d2:ee:
+ cd:d2:82:00:22:a7:72:d7:c5:38:71:a0:ac:2a:38:03:c4:c1:
+ 23:62:1e:fa:b3:24:32:0f:01:a4:64:a8:ab:79:60:55:77:da:
+ ca:76:00:14:2f:e0:e1:74:f9:72:e2:7d:aa:3d:6b:9f:50:ab:
+ 72:31:40:4b:19:9d:b9:9a:12:de:db:15:c3:36:90:9d:48:6f:
+ 7a:98:47:7a:65:a2:d5:5b:0c:f3:90:5d:dd:4e:1c:ba:72:b4:
+ ac:be:ca:1b:87:16:7f:f2:b0:33:9b:7a:26:37:eb:1f:cb:4d:
+ bf:c7:f1:01:80:b7:60:c4:ae:71:bb:ab:cc:bd:8a:ba:c4:23:
+ 87:15:1e:b9:c7:6d:2d:44:fd:67:25:45:e2:cd:76:4d:87:a1:
+ 80:e0:a2:e6:60:23:51:4d:17:b0:82:51:ef:0c:88:75:64:c1:
+ 7b:8e:c2:29
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGiMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGiMQswCQYDVQQG
EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE
AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -523,12 +523,12 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl
cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud
-DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAD7HjDtt/LJMlZu/EhKZlhlRY/1m6
-B4APVs2uFTlkjD0Fwtw94p7ouexVFchPDOBBZYqG//R/pOCq6qZUDD2igtlcwYKq
-2EgyhMqWpSG1Nt6XUDueAHgqrzAJ9LdrVtc4oByxi9fbcetGsuLHQtICbQPcnYO6
-qr4jYnOYFnQ7iokA6LAEITFMD9/vOx79KMUHa7OH0XhKS5ePWwk5tAnVYsByMQv6
-fYFf3S864WHSwLRU6wHklJAwjfqPlASyn8o6scG5ciTxDPkJHqBb2Sim1O6qvzfq
-7k2FiviwbJh+pBcNAQNGfYKAKkgXqdZLVzjxU1RUAFqD1pa2/sbcZUBgyQ==
+DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEA2fkJEIYpwHKkk4dN03nO+vOKeZrQ
+621CBgD8LMP6NcW2baR/ZinSre1QpageGyTb81K/VLg/Z8K+9KT80nd0pAJ0Df7F
+4EK9K3wWrqFob+WAKQfzXuQOltLuzdKCACKnctfFOHGgrCo4A8TBI2Ie+rMkMg8B
+pGSoq3lgVXfaynYAFC/g4XT5cuJ9qj1rn1CrcjFASxmduZoS3tsVwzaQnUhvephH
+emWi1VsM85Bd3U4cunK0rL7KG4cWf/KwM5t6JjfrH8tNv8fxAYC3YMSucburzL2K
+usQjhxUeucdtLUT9ZyVF4s12TYehgOCi5mAjUU0XsIJR7wyIdWTBe47CKQ==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -537,8 +537,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -576,27 +576,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- b8:32:b6:b5:8a:90:09:c7:d2:11:7d:f7:8f:14:5d:61:80:cf:
- e8:ac:65:bf:d7:08:51:3c:60:16:15:9e:e0:ec:7a:9b:87:0c:
- bc:ad:56:67:de:1b:a5:d4:54:53:da:73:e8:27:8f:02:77:73:
- 12:86:99:22:3a:32:77:50:48:38:2b:c1:9f:46:81:26:10:0a:
- ee:24:a2:ae:42:dc:81:14:d3:b7:10:2f:11:aa:bb:70:ba:9c:
- 82:29:c8:2c:3e:e0:6b:8e:fb:e4:39:33:fc:ef:2f:d7:70:3a:
- 09:f5:d3:85:af:b3:59:00:b4:c6:2b:c5:1a:6b:3a:a7:4b:bb:
- 74:87:e1:dd:8f:9c:05:47:08:7b:0d:86:b6:35:97:67:a5:ac:
- 8c:d2:fc:dd:e0:0b:ab:8c:15:82:0c:c8:38:f1:37:83:86:b4:
- 0e:24:e8:5b:df:5e:e4:6b:e3:43:dc:b2:d9:c7:52:ca:cb:bd:
- a2:e0:3d:75:8a:03:4c:5d:a7:2f:7e:ba:64:2f:69:e7:df:a7:
- 09:22:f8:b7:a0:59:94:fd:95:31:ee:d6:5f:5e:f9:84:3c:fe:
- ba:75:f8:8f:59:80:0c:da:64:21:43:7b:44:4a:fd:ae:f4:43:
- 7d:b9:4a:30:8c:21:c5:11:1c:0b:e9:3c:cd:3e:ea:49:5a:c5:
- 10:ff:00:c1
+ 74:9d:3a:da:91:b6:e0:2d:7d:89:b6:6d:16:7d:f0:28:ba:9f:
+ e5:52:a0:21:92:06:77:77:9a:9a:78:47:56:de:39:4d:64:43:
+ 1c:e7:06:02:fd:00:42:1d:2d:71:ef:6e:a3:4f:39:1a:e9:fc:
+ 8d:9c:94:32:60:a9:56:12:ee:69:7f:59:ef:30:5f:c4:d6:56:
+ 26:1a:9a:bb:c4:ec:01:09:0a:e3:14:ab:44:41:08:75:2a:6b:
+ 80:69:58:5d:2e:1a:2a:00:26:0c:b0:36:cd:fb:c1:87:7e:b8:
+ 58:ce:4d:32:57:e5:62:2e:64:e3:c9:52:67:21:28:40:16:88:
+ b2:37:19:e0:93:c8:4c:ca:f9:2b:1d:2c:d9:91:82:ac:b4:79:
+ d9:90:79:e5:95:76:03:a2:6b:d8:ef:24:66:1d:a3:3b:6f:c6:
+ 0c:95:f2:c3:59:37:f9:87:db:e6:a6:e5:f1:6f:70:92:60:e0:
+ 6d:cd:b8:14:69:95:26:56:2c:cc:0e:7e:d4:39:dd:6e:44:32:
+ eb:27:15:00:0f:fa:02:60:32:a5:6c:69:f0:cd:31:c6:b8:ff:
+ 1c:59:2f:0f:4d:28:9b:67:79:ea:4f:2c:a6:e0:f1:cf:19:3f:
+ 4f:44:2c:61:2e:08:48:cb:11:e2:82:8a:c0:88:53:ad:6b:ba:
+ 7e:d6:fa:61
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBojELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBojELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV
BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -612,12 +612,12 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI
-hvcNAQELBQADggEBALgytrWKkAnH0hF9948UXWGAz+isZb/XCFE8YBYVnuDsepuH
-DLytVmfeG6XUVFPac+gnjwJ3cxKGmSI6MndQSDgrwZ9GgSYQCu4koq5C3IEU07cQ
-LxGqu3C6nIIpyCw+4GuO++Q5M/zvL9dwOgn104Wvs1kAtMYrxRprOqdLu3SH4d2P
-nAVHCHsNhrY1l2elrIzS/N3gC6uMFYIMyDjxN4OGtA4k6FvfXuRr40PcstnHUsrL
-vaLgPXWKA0xdpy9+umQvaeffpwki+LegWZT9lTHu1l9e+YQ8/rp1+I9ZgAzaZCFD
-e0RK/a70Q325SjCMIcURHAvpPM0+6klaxRD/AME=
+hvcNAQELBQADggEBAHSdOtqRtuAtfYm2bRZ98Ci6n+VSoCGSBnd3mpp4R1beOU1k
+QxznBgL9AEIdLXHvbqNPORrp/I2clDJgqVYS7ml/We8wX8TWViYamrvE7AEJCuMU
+q0RBCHUqa4BpWF0uGioAJgywNs37wYd+uFjOTTJX5WIuZOPJUmchKEAWiLI3GeCT
+yEzK+SsdLNmRgqy0edmQeeWVdgOia9jvJGYdoztvxgyV8sNZN/mH2+am5fFvcJJg
+4G3NuBRplSZWLMwOftQ53W5EMusnFQAP+gJgMqVsafDNMca4/xxZLw9NKJtneepP
+LKbg8c8ZP09ELGEuCEjLEeKCisCIU61run7W+mE=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -626,8 +626,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -658,34 +658,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:100
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 63:fb:c6:05:34:72:7a:ac:41:40:db:7d:45:03:24:24:fc:52:
- 15:95:24:05:f9:26:89:ba:59:21:5e:6a:e6:86:86:28:85:f0:
- cf:46:3f:90:a1:46:3a:3b:0f:bd:2f:91:b6:59:6f:f1:b6:25:
- 12:85:7a:e0:eb:18:9e:21:a1:dd:4a:68:df:91:01:47:35:02:
- 4e:8a:f7:4b:15:30:e2:d1:bf:94:6e:c2:7a:d1:78:b3:ff:6d:
- 23:4f:83:bb:3c:f7:aa:1d:07:09:d9:9a:1d:96:77:e3:3d:4b:
- 4f:de:d9:29:1a:9c:d7:a4:03:ac:55:6f:59:b6:6a:5d:4e:ae:
- 02:42:15:4c:9e:7c:57:a5:a6:35:c6:6a:44:ea:59:36:87:68:
- 1d:16:4c:63:96:c0:9f:7c:5d:fd:cd:bb:fe:5c:d6:08:86:9a:
- 60:ae:60:b6:2d:b2:a1:f6:6e:0a:47:d6:e2:95:f5:ff:5d:0d:
- 46:a4:b5:1d:bf:96:25:11:84:07:77:1f:29:8e:4f:22:8e:65:
- 07:e0:e8:c2:47:e8:c6:3a:9d:ff:df:19:f3:9f:83:be:b4:91:
- 8c:0b:84:e0:2a:9e:8b:7a:e0:cf:72:d5:3e:2a:5a:ff:24:eb:
- 92:7b:ed:0c:42:5c:ca:cc:ee:aa:04:37:87:63:f2:22:95:e3:
- ea:5b:00:b9
+ 18:8c:dc:f0:e2:14:b8:33:68:ed:a7:5e:f9:12:72:93:58:a0:
+ 91:2a:d5:87:77:21:24:e9:b6:af:d3:af:55:8b:31:1c:a8:bb:
+ 3a:30:94:bb:aa:d4:5e:bb:17:d1:93:57:51:e6:32:f0:c7:e6:
+ 76:86:06:6d:c7:2a:35:c2:a3:2f:54:d6:bf:b1:25:7e:e4:0b:
+ 1a:dd:62:ce:34:d5:18:b4:4d:d0:76:52:d4:63:00:8b:90:72:
+ 4e:77:ff:c1:1b:bf:31:d1:6d:d2:75:69:5a:0c:a6:b2:42:e7:
+ 97:c9:a1:47:50:16:89:ee:20:ee:e7:c0:c8:06:7f:5e:55:0a:
+ 79:90:ed:2d:11:83:49:23:f0:89:08:cb:9c:84:6e:f5:6b:fe:
+ b2:2c:16:0e:74:d9:a8:35:9b:1d:1c:6a:ab:58:dd:32:09:d2:
+ 67:c2:eb:27:18:8e:70:31:58:c2:f1:20:06:98:ac:39:5a:c2:
+ 0b:43:60:a8:74:35:b1:32:bd:83:4b:df:db:18:46:e1:ac:7e:
+ 13:4a:09:6b:05:98:7a:98:e9:e0:1a:1d:a7:88:34:c6:4b:06:
+ 14:69:78:8d:29:83:c2:ee:52:af:00:a3:4d:d8:61:04:5a:0c:
+ e5:62:f4:c7:ac:8a:f3:7d:90:10:08:7c:15:d1:37:01:3c:bc:
+ 89:f8:60:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3
LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -699,12 +699,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgdQGA1Ud
IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAY/vGBTRyeqxBQNt9RQMkJPxSFZUkBfkmibpZIV5q
-5oaGKIXwz0Y/kKFGOjsPvS+Rtllv8bYlEoV64OsYniGh3Upo35EBRzUCTor3SxUw
-4tG/lG7CetF4s/9tI0+Duzz3qh0HCdmaHZZ34z1LT97ZKRqc16QDrFVvWbZqXU6u
-AkIVTJ58V6WmNcZqROpZNodoHRZMY5bAn3xd/c27/lzWCIaaYK5gti2yofZuCkfW
-4pX1/10NRqS1Hb+WJRGEB3cfKY5PIo5lB+Dowkfoxjqd/98Z85+DvrSRjAuE4Cqe
-i3rgz3LVPipa/yTrknvtDEJcyszuqgQ3h2PyIpXj6lsAuQ==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEAGIzc8OIUuDNo7ade+RJyk1igkSrVh3chJOm2r9Ov
+VYsxHKi7OjCUu6rUXrsX0ZNXUeYy8MfmdoYGbccqNcKjL1TWv7ElfuQLGt1izjTV
+GLRN0HZS1GMAi5ByTnf/wRu/MdFt0nVpWgymskLnl8mhR1AWie4g7ufAyAZ/XlUK
+eZDtLRGDSSPwiQjLnIRu9Wv+siwWDnTZqDWbHRxqq1jdMgnSZ8LrJxiOcDFYwvEg
+BpisOVrCC0NgqHQ1sTK9g0vf2xhG4ax+E0oJawWYepjp4Bodp4g0xksGFGl4jSmD
+wu5SrwCjTdhhBFoM5WL0x6yK832QEAh8FdE3ATy8ifhgJA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem
index 471caf30..e1b5a307 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- a9:28:b3:d9:91:da:b9:0b:35:94:8d:b0:53:7c:6c:0d:b7:ab:
- 41:7b:72:42:48:5b:13:6f:15:4b:df:cd:69:48:01:f4:b7:6d:
- 4d:c3:be:85:91:31:1b:f7:54:e8:3e:6c:b7:ad:29:16:9b:f7:
- 99:f4:67:a6:cb:96:7e:5b:8a:32:41:20:89:88:8d:a0:f2:81:
- 3a:50:14:66:06:9b:eb:c0:ee:bb:d1:0c:84:7c:e3:bb:b6:92:
- 62:68:3b:b0:0d:c2:ed:f4:d1:7f:8f:15:8c:1a:fd:fe:9d:be:
- 84:0d:47:53:ad:c6:d7:60:52:71:5d:65:0a:28:aa:22:03:73:
- cf:1f:d6:e1:1a:5c:b7:54:83:93:c8:38:bc:3b:64:50:91:f5:
- ff:65:fd:3e:4b:fc:8c:96:80:c0:51:1f:14:16:3a:35:f2:93:
- 67:99:dd:e3:8d:10:52:25:a9:1b:9f:43:7a:9a:31:ae:f1:9e:
- 49:cb:17:e8:8b:17:59:42:7d:15:82:d8:4b:a4:02:d9:ea:96:
- 69:0e:01:de:8c:47:63:54:88:b1:df:31:fd:16:8c:53:22:81:
- 62:e3:96:10:b2:21:af:4b:72:82:66:aa:d1:06:09:f4:bd:00:
- b6:f1:7a:4a:48:82:61:f5:de:c3:04:17:3a:83:46:38:b7:ff:
- db:26:0e:f9
+ 27:b7:93:b7:fd:71:ab:7c:a5:a2:8e:e7:4c:77:67:4c:f2:28:
+ b7:82:bb:4a:85:95:bf:84:57:04:49:ac:be:02:cc:6b:fd:0f:
+ d8:66:c8:a0:eb:40:55:cf:a1:e3:d1:e0:fe:9a:40:b5:2e:ee:
+ b2:bf:48:fa:20:57:fd:c7:df:de:68:8f:82:5d:58:ec:25:0a:
+ a8:97:73:dc:e6:66:f5:49:64:9a:e9:b1:e2:86:4e:d1:04:59:
+ 0f:32:e1:c5:dd:d4:39:b0:ad:e9:cc:ad:87:ef:ab:8e:fe:74:
+ 4c:7e:b2:cb:41:3c:54:ed:b7:8d:4b:fd:97:6e:26:22:32:9e:
+ 94:26:aa:45:7d:65:c1:c8:10:67:63:09:09:42:04:04:9d:0c:
+ 53:bb:18:f6:ce:af:dc:e7:63:d4:c8:bb:b4:6a:86:52:45:6a:
+ 96:a1:54:3d:8c:25:7d:1a:b1:16:65:7a:8b:ec:01:fa:c4:73:
+ 98:49:3c:c3:18:2f:48:3e:45:10:45:c0:85:2c:16:88:65:2b:
+ 02:0b:0b:02:67:d2:2a:1d:bd:66:14:f5:8d:d1:8e:f8:eb:7a:
+ b5:db:4e:f7:ce:fa:6f:67:a0:a2:6b:37:85:7a:f7:34:8a:71:
+ 9a:e5:34:2a:fd:6a:4a:ec:3e:38:e3:30:89:f3:e6:c4:a9:a6:
+ a4:79:35:9b
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKkos9mR
-2rkLNZSNsFN8bA23q0F7ckJIWxNvFUvfzWlIAfS3bU3DvoWRMRv3VOg+bLetKRab
-95n0Z6bLln5bijJBIImIjaDygTpQFGYGm+vA7rvRDIR847u2kmJoO7ANwu300X+P
-FYwa/f6dvoQNR1OtxtdgUnFdZQooqiIDc88f1uEaXLdUg5PIOLw7ZFCR9f9l/T5L
-/IyWgMBRHxQWOjXyk2eZ3eONEFIlqRufQ3qaMa7xnknLF+iLF1lCfRWC2EukAtnq
-lmkOAd6MR2NUiLHfMf0WjFMigWLjlhCyIa9LcoJmqtEGCfS9ALbxekpIgmH13sME
-FzqDRji3/9smDvk=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACe3k7f9
+cat8paKO50x3Z0zyKLeCu0qFlb+EVwRJrL4CzGv9D9hmyKDrQFXPoePR4P6aQLUu
+7rK/SPogV/3H395oj4JdWOwlCqiXc9zmZvVJZJrpseKGTtEEWQ8y4cXd1DmwrenM
+rYfvq47+dEx+sstBPFTtt41L/ZduJiIynpQmqkV9ZcHIEGdjCQlCBASdDFO7GPbO
+r9znY9TIu7RqhlJFapahVD2MJX0asRZleovsAfrEc5hJPMMYL0g+RRBFwIUsFohl
+KwILCwJn0iodvWYU9Y3RjvjrerXbTvfO+m9noKJrN4V69zSKcZrlNCr9akrsPjjj
+MInz5sSppqR5NZs=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem
index 5d82aa7e..6ffe410d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 67:71:5e:c4:8d:05:a0:36:70:9d:32:66:44:00:69:81:ff:a0:
- ff:2d:63:e2:79:5f:5e:c1:1b:8c:97:6d:e3:82:b2:a4:ca:fb:
- 2b:e5:9d:bb:07:67:1d:b2:a9:84:fb:b9:cd:54:31:dc:2f:c2:
- 70:8b:ec:fb:92:c6:38:9b:a8:d4:9d:98:5d:a4:fc:92:5e:c5:
- 1c:ac:fd:76:31:11:59:0b:c2:b8:e0:b5:19:dd:4c:ec:fc:81:
- 63:31:4c:00:72:e5:87:f5:aa:4a:a5:e9:b4:db:52:0d:7c:62:
- 00:36:c4:ac:e1:bf:1d:ea:f8:9f:6c:a1:bc:8c:7a:4f:71:dc:
- 7c:32:0e:de:c1:05:99:72:3c:a9:f6:9a:b9:f3:0d:09:db:74:
- 1b:8e:0a:3e:84:93:21:2c:2d:38:2b:53:84:3b:8b:b3:49:07:
- c9:ea:f0:09:2a:1f:f9:f9:f4:ad:17:df:ca:09:74:98:51:3f:
- 91:a3:d3:7d:61:79:55:00:0a:51:74:7d:96:0b:b3:95:04:32:
- e2:55:41:f7:fd:a3:12:2a:2f:92:14:d5:19:c7:50:8e:38:42:
- 71:fe:4c:e0:31:56:7d:e4:a2:28:60:ea:b0:ac:75:47:69:fb:
- 84:af:2b:62:14:8f:d3:bb:48:19:80:53:56:ae:2c:39:92:ca:
- 3f:b6:22:72
+ 84:70:f5:e6:36:95:d1:b9:43:99:0b:7e:a9:b1:2f:5a:4a:58:
+ 3f:73:83:a1:90:9e:b5:86:10:fb:0e:46:22:38:92:f2:07:19:
+ 20:c3:82:f0:8d:38:4f:39:38:6b:bc:43:15:fe:b4:c2:78:49:
+ d4:78:2e:6e:41:cb:f8:c6:ed:b9:8c:76:ad:b6:d4:68:fa:82:
+ 55:cc:b2:60:d5:ce:8c:bb:7a:dd:19:29:4e:c8:c6:f8:2a:1a:
+ b4:e7:8e:31:e8:63:76:bf:6e:77:98:3e:98:70:18:fb:d7:f5:
+ cc:47:da:35:54:d8:77:6e:54:db:3c:b0:b8:81:f0:ae:e2:a1:
+ 92:ea:c4:dd:0c:4b:fa:15:82:e0:4b:c8:cc:81:1d:54:2b:53:
+ c9:ed:06:00:28:e7:c5:37:d0:46:14:24:5c:6f:d4:a8:d9:c6:
+ e5:57:8d:0a:66:27:89:93:fc:c3:46:0c:40:b6:eb:f3:52:16:
+ d5:ed:21:ee:20:89:bd:ff:12:6d:7b:8e:7d:9d:1a:41:f4:0c:
+ 1c:ef:2d:ee:82:cf:9b:ca:8e:3e:fa:6c:13:79:13:5a:93:c4:
+ d8:99:1a:88:f0:c7:4c:76:4e:e7:b9:f3:1a:ec:77:42:c8:60:
+ f8:f6:2a:50:df:16:fa:bc:00:06:57:23:a9:34:c5:6f:d9:82:
+ 00:78:1b:58
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBncV7EjQWgNnCdMmZEAGmB/6D/LWPieV9e
-wRuMl23jgrKkyvsr5Z27B2cdsqmE+7nNVDHcL8Jwi+z7ksY4m6jUnZhdpPySXsUc
-rP12MRFZC8K44LUZ3Uzs/IFjMUwAcuWH9apKpem021INfGIANsSs4b8d6vifbKG8
-jHpPcdx8Mg7ewQWZcjyp9pq58w0J23Qbjgo+hJMhLC04K1OEO4uzSQfJ6vAJKh/5
-+fStF9/KCXSYUT+Ro9N9YXlVAApRdH2WC7OVBDLiVUH3/aMSKi+SFNUZx1COOEJx
-/kzgMVZ95KIoYOqwrHVHafuErytiFI/Tu0gZgFNWriw5kso/tiJy
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCEcPXmNpXRuUOZC36psS9aSlg/c4OhkJ61
+hhD7DkYiOJLyBxkgw4LwjThPOThrvEMV/rTCeEnUeC5uQcv4xu25jHatttRo+oJV
+zLJg1c6Mu3rdGSlOyMb4Khq0544x6GN2v253mD6YcBj71/XMR9o1VNh3blTbPLC4
+gfCu4qGS6sTdDEv6FYLgS8jMgR1UK1PJ7QYAKOfFN9BGFCRcb9So2cblV40KZieJ
+k/zDRgxAtuvzUhbV7SHuIIm9/xJte459nRpB9Awc7y3ugs+byo4++mwTeRNak8TY
+mRqI8MdMdk7nufMa7HdCyGD49ipQ3xb6vAAGVyOpNMVv2YIAeBtY
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem
index 59a4a9d7..c9426490 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 3d:c2:65:7b:7b:a6:66:c7:30:5d:48:24:b1:ac:ca:7f:88:d8:
- ee:9a:cd:52:b2:96:59:b2:dd:f1:c4:9b:23:35:66:f2:25:7c:
- 53:b2:1f:30:53:7d:64:d7:27:4a:dd:83:01:bf:3d:26:d3:d3:
- fc:f4:84:8a:23:78:f9:b4:b3:f4:d1:9b:6e:a3:22:ec:fe:6e:
- 04:0f:00:54:ed:57:53:88:b9:03:3b:b3:e9:ba:6b:cd:78:f6:
- f1:d9:da:10:41:fb:84:a2:e9:1b:05:0b:14:bd:74:9a:c2:41:
- 2c:b7:4b:bf:49:3f:db:48:5b:00:58:21:b3:0b:e2:e9:d5:76:
- fc:86:da:73:23:a1:7a:28:33:f8:cb:29:9d:c1:0e:a0:39:dc:
- 81:17:c0:04:a1:1e:46:c8:d4:8f:88:79:0b:a8:98:32:ae:13:
- 98:92:72:74:55:7c:9c:33:f4:4c:65:4d:cc:28:6f:3a:8e:77:
- dc:cd:40:97:d5:33:b0:6c:26:02:1b:be:69:9b:77:11:ac:42:
- 85:85:e1:9a:5a:1e:60:49:45:14:85:3e:8c:ca:1f:49:96:5e:
- 0c:d3:1a:7e:f0:90:8e:10:71:1c:70:19:57:53:3b:bd:75:db:
- 27:a5:3f:ba:9d:a2:1b:e1:f2:cc:1b:cf:48:b7:b8:f0:23:e8:
- e6:02:86:7a
+ 8f:ee:27:f5:45:63:56:eb:66:f5:c7:4f:b0:4a:16:ca:2a:e1:
+ de:75:7d:8b:09:12:0c:65:fe:a2:59:66:5e:b1:9f:1a:fc:e5:
+ a5:e5:c9:9b:4f:77:f1:87:8a:a7:36:2d:67:4d:ec:19:13:e3:
+ c1:9c:95:a5:90:ec:0f:39:5b:da:42:9f:73:6c:56:1f:aa:a8:
+ fb:69:82:a7:b2:21:b5:f7:fe:4e:1d:02:fc:30:e8:08:14:d8:
+ 86:db:ca:31:da:4d:b8:9c:91:2b:45:b4:70:6b:87:9e:e5:4c:
+ ea:b4:7a:75:18:1e:4c:db:e8:b1:e7:f0:50:43:59:38:31:46:
+ 57:59:ae:60:f8:8d:68:b6:49:3c:a5:4e:19:4c:e3:03:ef:5b:
+ bd:c0:9d:12:ba:b3:cb:f2:35:7a:81:a8:3b:95:9c:66:35:a2:
+ 94:79:bb:c0:cd:cd:cb:32:d2:8d:ef:89:c6:1c:28:f1:c2:6c:
+ 53:c7:fc:de:5e:c9:de:7e:11:61:d9:d7:b1:5e:61:d7:f1:a7:
+ e8:62:e1:f5:0f:f3:17:e8:e5:43:98:3b:cc:b7:cf:a4:ae:92:
+ 6b:16:51:ea:38:5f:5e:59:74:87:72:aa:5e:5f:21:dd:d8:6c:
+ 8a:e2:7d:11:5b:c1:5c:e9:76:aa:4f:60:46:51:5e:c0:b2:d3:
+ 9b:f6:ba:ca
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA9wmV7e6ZmxzBdSCSxrMp/iNjums1SspZZ
-st3xxJsjNWbyJXxTsh8wU31k1ydK3YMBvz0m09P89ISKI3j5tLP00ZtuoyLs/m4E
-DwBU7VdTiLkDO7PpumvNePbx2doQQfuEoukbBQsUvXSawkEst0u/ST/bSFsAWCGz
-C+Lp1Xb8htpzI6F6KDP4yymdwQ6gOdyBF8AEoR5GyNSPiHkLqJgyrhOYknJ0VXyc
-M/RMZU3MKG86jnfczUCX1TOwbCYCG75pm3cRrEKFheGaWh5gSUUUhT6Myh9Jll4M
-0xp+8JCOEHEccBlXUzu9ddsnpT+6naIb4fLMG89It7jwI+jmAoZ6
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCP7if1RWNW62b1x0+wShbKKuHedX2LCRIM
+Zf6iWWZesZ8a/OWl5cmbT3fxh4qnNi1nTewZE+PBnJWlkOwPOVvaQp9zbFYfqqj7
+aYKnsiG19/5OHQL8MOgIFNiG28ox2k24nJErRbRwa4ee5UzqtHp1GB5M2+ix5/BQ
+Q1k4MUZXWa5g+I1otkk8pU4ZTOMD71u9wJ0SurPL8jV6gag7lZxmNaKUebvAzc3L
+MtKN74nGHCjxwmxTx/zeXsnefhFh2dexXmHX8afoYuH1D/MX6OVDmDvMt8+krpJr
+FlHqOF9eWXSHcqpeXyHd2GyK4n0RW8Fc6XaqT2BGUV7AstOb9rrK
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem
index de800b1c..f28899d6 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 7a:d0:31:91:2e:bb:e2:77:ba:ae:e1:66:18:43:51:d5:28:ad:
- 63:41:4d:35:9a:98:ea:c0:87:5d:71:f0:1f:d2:3f:56:d0:1f:
- 82:04:d2:c1:72:ec:3f:93:6d:b4:36:5a:db:0c:9f:70:d9:65:
- 81:6e:12:31:f9:24:e1:c7:2e:32:5a:e4:96:fd:53:ec:6b:1f:
- 6d:2c:dc:04:1c:1a:dc:8a:5d:04:1b:16:fc:15:8a:7c:8c:e9:
- c1:dd:c6:dc:71:8d:72:6f:b1:c9:93:f7:ca:a3:14:54:93:44:
- 92:58:41:a4:8a:fc:55:fd:63:42:1d:0f:5f:72:aa:38:b6:02:
- cb:e1:b1:e3:57:e7:87:a1:05:c8:9c:9b:49:73:0e:58:9d:30:
- b5:fb:75:0c:8c:44:86:e0:c2:bc:90:60:ce:2c:ea:0a:39:fc:
- 7c:e4:d1:44:55:34:e8:ce:04:a4:19:ad:00:2c:05:f1:65:24:
- 6b:c7:d1:76:37:dd:33:91:86:3c:ad:b7:bc:53:4d:4a:50:ff:
- d0:9c:89:4b:19:aa:40:d0:45:80:e8:d4:96:82:5b:54:68:ac:
- d5:6c:77:46:b2:8d:82:ff:b5:81:71:90:84:6e:94:4b:e2:02:
- 9f:c5:24:97:8e:0a:2e:71:57:8f:03:19:cb:a2:39:c0:1d:14:
- e0:52:04:af
+ 75:ad:f2:f8:79:a5:c6:0d:4a:35:07:f6:75:1c:6c:0e:bf:3d:
+ d7:fc:81:de:57:9f:3f:f0:c9:8e:75:b8:23:0d:36:22:d6:d9:
+ 57:dc:c0:5b:a4:9a:fa:ef:2a:b5:ad:e2:c5:96:84:1a:84:49:
+ a8:17:b7:2e:fd:45:21:8f:e4:f1:8a:e5:64:bb:50:96:31:62:
+ d7:4a:11:f4:fa:78:5b:bb:0d:0a:0e:91:bb:84:e8:c6:5d:1a:
+ 03:1e:4b:50:5d:c5:03:f5:a3:32:fa:6c:5e:a8:c5:12:b4:5a:
+ c4:e6:ff:36:c3:4d:a7:1a:d1:b2:71:dd:89:1a:b2:08:46:60:
+ bb:8e:bb:df:bd:b9:0f:45:3d:25:06:eb:a7:95:11:a6:32:ee:
+ a0:2c:4c:2f:81:54:6f:54:16:d7:c3:85:6e:c4:78:43:a3:48:
+ 2f:81:03:81:c2:02:0a:84:9d:a8:b5:3f:02:b4:c0:fd:b5:d5:
+ 2f:f0:48:d7:0f:98:cb:0f:ca:e4:9c:1a:d8:1c:10:31:4b:9e:
+ 9b:a9:44:63:03:a0:a0:de:bc:bd:0f:d9:5a:fa:81:f2:d5:7d:
+ de:4b:06:88:b8:0e:98:5c:fb:60:a2:10:e9:ad:38:c7:05:09:
+ 9d:c9:bc:24:89:29:84:a5:3a:76:d9:ec:b8:9c:c7:9a:02:7e:
+ 23:d6:1b:65
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAHrQMZEuu+J3uq7hZhhDUdUorWNBTTWamOrAh11x8B/SP1bQH4IE
-0sFy7D+TbbQ2WtsMn3DZZYFuEjH5JOHHLjJa5Jb9U+xrH20s3AQcGtyKXQQbFvwV
-inyM6cHdxtxxjXJvscmT98qjFFSTRJJYQaSK/FX9Y0IdD19yqji2AsvhseNX54eh
-Bcicm0lzDlidMLX7dQyMRIbgwryQYM4s6go5/Hzk0URVNOjOBKQZrQAsBfFlJGvH
-0XY33TORhjytt7xTTUpQ/9CciUsZqkDQRYDo1JaCW1RorNVsd0ayjYL/tYFxkIRu
-lEviAp/FJJeOCi5xV48DGcuiOcAdFOBSBK8=
+AQELBQADggEBAHWt8vh5pcYNSjUH9nUcbA6/Pdf8gd5Xnz/wyY51uCMNNiLW2Vfc
+wFukmvrvKrWt4sWWhBqESagXty79RSGP5PGK5WS7UJYxYtdKEfT6eFu7DQoOkbuE
+6MZdGgMeS1BdxQP1ozL6bF6oxRK0WsTm/zbDTaca0bJx3YkasghGYLuOu9+9uQ9F
+PSUG66eVEaYy7qAsTC+BVG9UFtfDhW7EeEOjSC+BA4HCAgqEnai1PwK0wP211S/w
+SNcPmMsPyuScGtgcEDFLnpupRGMDoKDevL0P2Vr6gfLVfd5LBoi4Dphc+2CiEOmt
+OMcFCZ3JvCSJKYSlOnbZ7Licx5oCfiPWG2U=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem
index 0d68334c..6f7c4e2c 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:2
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 05:f4:24:ed:e2:f9:84:cf:1b:3d:6c:79:4f:3c:25:6b:3c:96:
- ab:15:90:b3:77:07:90:f8:3e:82:e6:e4:3e:d9:a5:a7:81:d2:
- fd:34:23:1d:ed:97:b5:33:aa:5d:7c:ab:06:12:03:e4:18:21:
- 7b:83:f0:17:cd:43:12:d6:e6:4d:a3:a9:48:71:b8:f8:0c:af:
- 25:ff:72:4d:f0:37:9d:c4:46:3f:3c:69:96:3d:00:96:31:30:
- 96:9f:44:9a:eb:22:22:64:ae:7e:2f:a8:c7:3d:44:58:8b:8f:
- 82:9d:4d:e7:9a:45:fe:b3:d4:bd:54:3c:5a:24:c2:8f:39:50:
- 4d:24:0d:be:e1:4d:b8:1d:1d:a8:54:b5:6e:a0:d5:7f:96:ed:
- c9:4d:7a:e3:e7:ec:0a:0f:2a:50:3b:90:ed:97:3f:df:2b:e1:
- c3:fc:84:58:26:2d:1d:99:2b:3d:6f:aa:96:ae:01:76:86:0e:
- 55:c5:bb:17:24:20:74:c7:b1:9c:69:7b:41:c0:4e:5b:e1:5c:
- a2:62:34:29:e1:4b:42:62:fd:0e:f3:68:48:b6:a2:6f:d2:f6:
- 15:2a:a4:a1:c1:86:88:9b:22:af:95:40:2a:64:26:e1:8e:4c:
- f5:03:e0:ef:89:6d:ec:e0:46:46:32:7d:4b:6e:87:63:33:66:
- f3:84:1d:7e
+ a1:6c:a3:2e:95:bb:e7:f0:f4:70:b8:8c:5a:a7:29:54:13:6a:
+ 5b:13:e3:62:6a:b5:06:68:41:91:2f:84:97:1f:25:c1:db:18:
+ 5d:09:26:04:ab:aa:2d:4d:59:2e:96:70:8f:0e:5d:0b:b8:b0:
+ db:5f:14:70:9e:00:d8:31:1f:65:54:47:69:5c:11:e8:0c:97:
+ 2e:ff:0d:2e:ee:45:18:5b:aa:83:21:b1:5d:66:f0:b7:b3:99:
+ 09:c6:fd:11:7e:b5:67:a0:d2:3b:a2:e9:b0:96:1d:42:ac:6e:
+ ce:f2:80:4e:8c:87:36:af:b5:c4:bc:fb:5d:18:40:d4:7d:3a:
+ 0f:c8:9f:f1:95:bb:8a:ad:18:f8:3c:e0:49:da:36:26:17:8c:
+ 87:75:79:80:5f:c4:5a:48:93:ed:62:93:73:55:a3:73:d4:ba:
+ 3c:54:f4:b2:ad:70:af:8f:93:4f:a7:15:49:e0:cf:88:2a:1f:
+ bf:18:f5:13:e4:5b:d3:37:29:12:db:8c:4d:b6:93:0b:02:70:
+ 47:84:cc:0a:e8:28:de:89:a1:43:0f:16:28:a9:be:85:6e:62:
+ 44:5c:69:a0:33:67:bf:ee:80:37:46:25:e4:d2:ec:56:07:67:
+ e4:d6:e0:92:a1:2f:7c:d8:18:d0:7a:02:82:5b:48:3d:61:9b:
+ 5f:65:db:af
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0
LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAAX0JO3i+YTPGz1seU88JWs8lqsVkLN3B5D4PoLm5D7Z
-paeB0v00Ix3tl7Uzql18qwYSA+QYIXuD8BfNQxLW5k2jqUhxuPgMryX/ck3wN53E
-Rj88aZY9AJYxMJafRJrrIiJkrn4vqMc9RFiLj4KdTeeaRf6z1L1UPFokwo85UE0k
-Db7hTbgdHahUtW6g1X+W7clNeuPn7AoPKlA7kO2XP98r4cP8hFgmLR2ZKz1vqpau
-AXaGDlXFuxckIHTHsZxpe0HATlvhXKJiNCnhS0Ji/Q7zaEi2om/S9hUqpKHBhoib
-Iq+VQCpkJuGOTPUD4O+JbezgRkYyfUtuh2MzZvOEHX4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAKFsoy6Vu+fw9HC4jFqnKVQTalsT42JqtQZoQZEvhJcf
+JcHbGF0JJgSrqi1NWS6WcI8OXQu4sNtfFHCeANgxH2VUR2lcEegMly7/DS7uRRhb
+qoMhsV1m8LezmQnG/RF+tWeg0jui6bCWHUKsbs7ygE6MhzavtcS8+10YQNR9Og/I
+n/GVu4qtGPg84EnaNiYXjId1eYBfxFpIk+1ik3NVo3PUujxU9LKtcK+Pk0+nFUng
+z4gqH78Y9RPkW9M3KRLbjE22kwsCcEeEzAroKN6JoUMPFiipvoVuYkRcaaAzZ7/u
+gDdGJeTS7FYHZ+TW4JKhL3zYGNB6AoJbSD1hm19l268=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem
index d22cca53..8b3bc622 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 8c:b5:c8:f8:28:8c:cc:27:7c:21:36:75:2a:bc:af:5e:d6:7a:
- d1:22:d5:1b:7a:a2:1a:5e:30:b5:38:64:2e:71:09:1c:db:a0:
- 99:44:5c:e8:c2:b5:06:ac:c1:ec:d8:30:74:65:62:f5:db:c2:
- 03:fa:54:e0:0f:c9:8a:d8:02:11:d3:58:a6:bc:7f:54:07:3b:
- f7:6d:7d:db:18:d9:2a:01:57:38:fc:d4:18:86:84:38:8b:d0:
- 5c:8c:d7:47:2e:76:d3:92:c3:75:61:93:03:56:93:74:60:ff:
- 16:84:4a:70:f0:cc:0c:ed:d3:53:f9:fc:f7:b8:34:6a:5c:25:
- 78:ab:27:3f:ad:04:8f:c6:01:29:a8:b7:61:09:b0:7b:51:9b:
- ca:6c:23:5b:0c:18:f3:63:ea:96:56:b9:1a:0f:ec:80:cd:29:
- f6:fb:d1:df:65:34:e8:1f:62:c8:95:fa:be:27:cb:40:e7:26:
- 7f:18:7e:cc:5d:7d:19:9e:12:90:0b:d7:32:12:0d:cb:97:8e:
- e8:3e:c3:1b:f6:a3:3c:e8:d0:35:63:de:66:89:5a:a3:ef:64:
- 3a:8f:e3:5f:d2:e6:64:82:7b:2f:2e:26:78:13:34:39:ed:9c:
- f8:ad:f5:d6:75:d1:60:48:aa:19:41:98:1f:4e:ce:01:76:9d:
- af:0f:6b:8d
+ 06:45:21:fd:a8:95:fa:d4:96:c7:4f:83:6b:6c:c1:24:fa:b0:
+ 14:42:db:7a:5c:7b:f4:8f:4e:66:78:bc:ff:65:bd:4a:a7:8e:
+ d0:78:33:6f:d2:aa:bb:9b:25:26:15:4d:9d:8e:39:16:99:70:
+ 25:6a:2d:ee:78:54:80:13:71:f3:e1:6a:ec:56:57:1a:25:db:
+ 8f:b3:64:22:d2:04:d1:b2:aa:ff:2c:d9:ae:6d:74:66:18:74:
+ 58:38:4b:ec:77:69:f6:83:ed:4d:7d:4a:60:71:35:8e:14:02:
+ 72:9e:93:22:a5:ca:d9:33:7e:12:c4:41:34:cf:c4:14:66:9a:
+ fa:04:aa:1f:e2:d9:5e:d3:42:9e:fa:c9:71:6e:f0:43:08:a7:
+ 60:bc:eb:19:8e:70:09:24:12:6b:9a:10:60:fc:44:61:e3:f4:
+ 0d:08:15:9e:a6:b3:7e:9b:be:d5:f9:63:9d:2f:be:c3:81:c6:
+ ef:e8:56:99:a2:58:f3:32:7c:c2:c2:b1:d9:6a:bd:51:79:eb:
+ 18:02:44:b4:4e:e8:7c:3e:96:a4:ae:86:79:94:11:6f:1b:eb:
+ 80:71:07:1f:4c:5d:88:67:39:62:6d:c2:0d:64:2a:07:66:48:
+ ca:b4:76:06:da:1c:40:24:77:34:a9:8b:26:d0:20:6b:94:25:
+ 75:73:84:e7
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAIy1yPgo
-jMwnfCE2dSq8r17WetEi1Rt6ohpeMLU4ZC5xCRzboJlEXOjCtQaswezYMHRlYvXb
-wgP6VOAPyYrYAhHTWKa8f1QHO/dtfdsY2SoBVzj81BiGhDiL0FyM10cudtOSw3Vh
-kwNWk3Rg/xaESnDwzAzt01P5/Pe4NGpcJXirJz+tBI/GASmot2EJsHtRm8psI1sM
-GPNj6pZWuRoP7IDNKfb70d9lNOgfYsiV+r4ny0DnJn8YfsxdfRmeEpAL1zISDcuX
-jug+wxv2ozzo0DVj3maJWqPvZDqP41/S5mSCey8uJngTNDntnPit9dZ10WBIqhlB
-mB9OzgF2na8Pa40=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAZFIf2o
+lfrUlsdPg2tswST6sBRC23pce/SPTmZ4vP9lvUqnjtB4M2/SqrubJSYVTZ2OORaZ
+cCVqLe54VIATcfPhauxWVxol24+zZCLSBNGyqv8s2a5tdGYYdFg4S+x3afaD7U19
+SmBxNY4UAnKekyKlytkzfhLEQTTPxBRmmvoEqh/i2V7TQp76yXFu8EMIp2C86xmO
+cAkkEmuaEGD8RGHj9A0IFZ6ms36bvtX5Y50vvsOBxu/oVpmiWPMyfMLCsdlqvVF5
+6xgCRLRO6Hw+lqSuhnmUEW8b64BxBx9MXYhnOWJtwg1kKgdmSMq0dgbaHEAkdzSp
+iybQIGuUJXVzhOc=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -92,8 +92,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 67:71:5e:c4:8d:05:a0:36:70:9d:32:66:44:00:69:81:ff:a0:
- ff:2d:63:e2:79:5f:5e:c1:1b:8c:97:6d:e3:82:b2:a4:ca:fb:
- 2b:e5:9d:bb:07:67:1d:b2:a9:84:fb:b9:cd:54:31:dc:2f:c2:
- 70:8b:ec:fb:92:c6:38:9b:a8:d4:9d:98:5d:a4:fc:92:5e:c5:
- 1c:ac:fd:76:31:11:59:0b:c2:b8:e0:b5:19:dd:4c:ec:fc:81:
- 63:31:4c:00:72:e5:87:f5:aa:4a:a5:e9:b4:db:52:0d:7c:62:
- 00:36:c4:ac:e1:bf:1d:ea:f8:9f:6c:a1:bc:8c:7a:4f:71:dc:
- 7c:32:0e:de:c1:05:99:72:3c:a9:f6:9a:b9:f3:0d:09:db:74:
- 1b:8e:0a:3e:84:93:21:2c:2d:38:2b:53:84:3b:8b:b3:49:07:
- c9:ea:f0:09:2a:1f:f9:f9:f4:ad:17:df:ca:09:74:98:51:3f:
- 91:a3:d3:7d:61:79:55:00:0a:51:74:7d:96:0b:b3:95:04:32:
- e2:55:41:f7:fd:a3:12:2a:2f:92:14:d5:19:c7:50:8e:38:42:
- 71:fe:4c:e0:31:56:7d:e4:a2:28:60:ea:b0:ac:75:47:69:fb:
- 84:af:2b:62:14:8f:d3:bb:48:19:80:53:56:ae:2c:39:92:ca:
- 3f:b6:22:72
+ 84:70:f5:e6:36:95:d1:b9:43:99:0b:7e:a9:b1:2f:5a:4a:58:
+ 3f:73:83:a1:90:9e:b5:86:10:fb:0e:46:22:38:92:f2:07:19:
+ 20:c3:82:f0:8d:38:4f:39:38:6b:bc:43:15:fe:b4:c2:78:49:
+ d4:78:2e:6e:41:cb:f8:c6:ed:b9:8c:76:ad:b6:d4:68:fa:82:
+ 55:cc:b2:60:d5:ce:8c:bb:7a:dd:19:29:4e:c8:c6:f8:2a:1a:
+ b4:e7:8e:31:e8:63:76:bf:6e:77:98:3e:98:70:18:fb:d7:f5:
+ cc:47:da:35:54:d8:77:6e:54:db:3c:b0:b8:81:f0:ae:e2:a1:
+ 92:ea:c4:dd:0c:4b:fa:15:82:e0:4b:c8:cc:81:1d:54:2b:53:
+ c9:ed:06:00:28:e7:c5:37:d0:46:14:24:5c:6f:d4:a8:d9:c6:
+ e5:57:8d:0a:66:27:89:93:fc:c3:46:0c:40:b6:eb:f3:52:16:
+ d5:ed:21:ee:20:89:bd:ff:12:6d:7b:8e:7d:9d:1a:41:f4:0c:
+ 1c:ef:2d:ee:82:cf:9b:ca:8e:3e:fa:6c:13:79:13:5a:93:c4:
+ d8:99:1a:88:f0:c7:4c:76:4e:e7:b9:f3:1a:ec:77:42:c8:60:
+ f8:f6:2a:50:df:16:fa:bc:00:06:57:23:a9:34:c5:6f:d9:82:
+ 00:78:1b:58
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBncV7EjQWgNnCdMmZEAGmB/6D/LWPieV9e
-wRuMl23jgrKkyvsr5Z27B2cdsqmE+7nNVDHcL8Jwi+z7ksY4m6jUnZhdpPySXsUc
-rP12MRFZC8K44LUZ3Uzs/IFjMUwAcuWH9apKpem021INfGIANsSs4b8d6vifbKG8
-jHpPcdx8Mg7ewQWZcjyp9pq58w0J23Qbjgo+hJMhLC04K1OEO4uzSQfJ6vAJKh/5
-+fStF9/KCXSYUT+Ro9N9YXlVAApRdH2WC7OVBDLiVUH3/aMSKi+SFNUZx1COOEJx
-/kzgMVZ95KIoYOqwrHVHafuErytiFI/Tu0gZgFNWriw5kso/tiJy
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCEcPXmNpXRuUOZC36psS9aSlg/c4OhkJ61
+hhD7DkYiOJLyBxkgw4LwjThPOThrvEMV/rTCeEnUeC5uQcv4xu25jHatttRo+oJV
+zLJg1c6Mu3rdGSlOyMb4Khq0544x6GN2v253mD6YcBj71/XMR9o1VNh3blTbPLC4
+gfCu4qGS6sTdDEv6FYLgS8jMgR1UK1PJ7QYAKOfFN9BGFCRcb9So2cblV40KZieJ
+k/zDRgxAtuvzUhbV7SHuIIm9/xJte459nRpB9Awc7y3ugs+byo4++mwTeRNak8TY
+mRqI8MdMdk7nufMa7HdCyGD49ipQ3xb6vAAGVyOpNMVv2YIAeBtY
-----END CERTIFICATE-----
Certificate:
Data:
@@ -181,8 +181,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 3d:c2:65:7b:7b:a6:66:c7:30:5d:48:24:b1:ac:ca:7f:88:d8:
- ee:9a:cd:52:b2:96:59:b2:dd:f1:c4:9b:23:35:66:f2:25:7c:
- 53:b2:1f:30:53:7d:64:d7:27:4a:dd:83:01:bf:3d:26:d3:d3:
- fc:f4:84:8a:23:78:f9:b4:b3:f4:d1:9b:6e:a3:22:ec:fe:6e:
- 04:0f:00:54:ed:57:53:88:b9:03:3b:b3:e9:ba:6b:cd:78:f6:
- f1:d9:da:10:41:fb:84:a2:e9:1b:05:0b:14:bd:74:9a:c2:41:
- 2c:b7:4b:bf:49:3f:db:48:5b:00:58:21:b3:0b:e2:e9:d5:76:
- fc:86:da:73:23:a1:7a:28:33:f8:cb:29:9d:c1:0e:a0:39:dc:
- 81:17:c0:04:a1:1e:46:c8:d4:8f:88:79:0b:a8:98:32:ae:13:
- 98:92:72:74:55:7c:9c:33:f4:4c:65:4d:cc:28:6f:3a:8e:77:
- dc:cd:40:97:d5:33:b0:6c:26:02:1b:be:69:9b:77:11:ac:42:
- 85:85:e1:9a:5a:1e:60:49:45:14:85:3e:8c:ca:1f:49:96:5e:
- 0c:d3:1a:7e:f0:90:8e:10:71:1c:70:19:57:53:3b:bd:75:db:
- 27:a5:3f:ba:9d:a2:1b:e1:f2:cc:1b:cf:48:b7:b8:f0:23:e8:
- e6:02:86:7a
+ 8f:ee:27:f5:45:63:56:eb:66:f5:c7:4f:b0:4a:16:ca:2a:e1:
+ de:75:7d:8b:09:12:0c:65:fe:a2:59:66:5e:b1:9f:1a:fc:e5:
+ a5:e5:c9:9b:4f:77:f1:87:8a:a7:36:2d:67:4d:ec:19:13:e3:
+ c1:9c:95:a5:90:ec:0f:39:5b:da:42:9f:73:6c:56:1f:aa:a8:
+ fb:69:82:a7:b2:21:b5:f7:fe:4e:1d:02:fc:30:e8:08:14:d8:
+ 86:db:ca:31:da:4d:b8:9c:91:2b:45:b4:70:6b:87:9e:e5:4c:
+ ea:b4:7a:75:18:1e:4c:db:e8:b1:e7:f0:50:43:59:38:31:46:
+ 57:59:ae:60:f8:8d:68:b6:49:3c:a5:4e:19:4c:e3:03:ef:5b:
+ bd:c0:9d:12:ba:b3:cb:f2:35:7a:81:a8:3b:95:9c:66:35:a2:
+ 94:79:bb:c0:cd:cd:cb:32:d2:8d:ef:89:c6:1c:28:f1:c2:6c:
+ 53:c7:fc:de:5e:c9:de:7e:11:61:d9:d7:b1:5e:61:d7:f1:a7:
+ e8:62:e1:f5:0f:f3:17:e8:e5:43:98:3b:cc:b7:cf:a4:ae:92:
+ 6b:16:51:ea:38:5f:5e:59:74:87:72:aa:5e:5f:21:dd:d8:6c:
+ 8a:e2:7d:11:5b:c1:5c:e9:76:aa:4f:60:46:51:5e:c0:b2:d3:
+ 9b:f6:ba:ca
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -256,12 +256,12 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA9wmV7e6ZmxzBdSCSxrMp/iNjums1SspZZ
-st3xxJsjNWbyJXxTsh8wU31k1ydK3YMBvz0m09P89ISKI3j5tLP00ZtuoyLs/m4E
-DwBU7VdTiLkDO7PpumvNePbx2doQQfuEoukbBQsUvXSawkEst0u/ST/bSFsAWCGz
-C+Lp1Xb8htpzI6F6KDP4yymdwQ6gOdyBF8AEoR5GyNSPiHkLqJgyrhOYknJ0VXyc
-M/RMZU3MKG86jnfczUCX1TOwbCYCG75pm3cRrEKFheGaWh5gSUUUhT6Myh9Jll4M
-0xp+8JCOEHEccBlXUzu9ddsnpT+6naIb4fLMG89It7jwI+jmAoZ6
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCP7if1RWNW62b1x0+wShbKKuHedX2LCRIM
+Zf6iWWZesZ8a/OWl5cmbT3fxh4qnNi1nTewZE+PBnJWlkOwPOVvaQp9zbFYfqqj7
+aYKnsiG19/5OHQL8MOgIFNiG28ox2k24nJErRbRwa4ee5UzqtHp1GB5M2+ix5/BQ
+Q1k4MUZXWa5g+I1otkk8pU4ZTOMD71u9wJ0SurPL8jV6gag7lZxmNaKUebvAzc3L
+MtKN74nGHCjxwmxTx/zeXsnefhFh2dexXmHX8afoYuH1D/MX6OVDmDvMt8+krpJr
+FlHqOF9eWXSHcqpeXyHd2GyK4n0RW8Fc6XaqT2BGUV7AstOb9rrK
-----END CERTIFICATE-----
Certificate:
Data:
@@ -270,8 +270,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -309,27 +309,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 7a:d0:31:91:2e:bb:e2:77:ba:ae:e1:66:18:43:51:d5:28:ad:
- 63:41:4d:35:9a:98:ea:c0:87:5d:71:f0:1f:d2:3f:56:d0:1f:
- 82:04:d2:c1:72:ec:3f:93:6d:b4:36:5a:db:0c:9f:70:d9:65:
- 81:6e:12:31:f9:24:e1:c7:2e:32:5a:e4:96:fd:53:ec:6b:1f:
- 6d:2c:dc:04:1c:1a:dc:8a:5d:04:1b:16:fc:15:8a:7c:8c:e9:
- c1:dd:c6:dc:71:8d:72:6f:b1:c9:93:f7:ca:a3:14:54:93:44:
- 92:58:41:a4:8a:fc:55:fd:63:42:1d:0f:5f:72:aa:38:b6:02:
- cb:e1:b1:e3:57:e7:87:a1:05:c8:9c:9b:49:73:0e:58:9d:30:
- b5:fb:75:0c:8c:44:86:e0:c2:bc:90:60:ce:2c:ea:0a:39:fc:
- 7c:e4:d1:44:55:34:e8:ce:04:a4:19:ad:00:2c:05:f1:65:24:
- 6b:c7:d1:76:37:dd:33:91:86:3c:ad:b7:bc:53:4d:4a:50:ff:
- d0:9c:89:4b:19:aa:40:d0:45:80:e8:d4:96:82:5b:54:68:ac:
- d5:6c:77:46:b2:8d:82:ff:b5:81:71:90:84:6e:94:4b:e2:02:
- 9f:c5:24:97:8e:0a:2e:71:57:8f:03:19:cb:a2:39:c0:1d:14:
- e0:52:04:af
+ 75:ad:f2:f8:79:a5:c6:0d:4a:35:07:f6:75:1c:6c:0e:bf:3d:
+ d7:fc:81:de:57:9f:3f:f0:c9:8e:75:b8:23:0d:36:22:d6:d9:
+ 57:dc:c0:5b:a4:9a:fa:ef:2a:b5:ad:e2:c5:96:84:1a:84:49:
+ a8:17:b7:2e:fd:45:21:8f:e4:f1:8a:e5:64:bb:50:96:31:62:
+ d7:4a:11:f4:fa:78:5b:bb:0d:0a:0e:91:bb:84:e8:c6:5d:1a:
+ 03:1e:4b:50:5d:c5:03:f5:a3:32:fa:6c:5e:a8:c5:12:b4:5a:
+ c4:e6:ff:36:c3:4d:a7:1a:d1:b2:71:dd:89:1a:b2:08:46:60:
+ bb:8e:bb:df:bd:b9:0f:45:3d:25:06:eb:a7:95:11:a6:32:ee:
+ a0:2c:4c:2f:81:54:6f:54:16:d7:c3:85:6e:c4:78:43:a3:48:
+ 2f:81:03:81:c2:02:0a:84:9d:a8:b5:3f:02:b4:c0:fd:b5:d5:
+ 2f:f0:48:d7:0f:98:cb:0f:ca:e4:9c:1a:d8:1c:10:31:4b:9e:
+ 9b:a9:44:63:03:a0:a0:de:bc:bd:0f:d9:5a:fa:81:f2:d5:7d:
+ de:4b:06:88:b8:0e:98:5c:fb:60:a2:10:e9:ad:38:c7:05:09:
+ 9d:c9:bc:24:89:29:84:a5:3a:76:d9:ec:b8:9c:c7:9a:02:7e:
+ 23:d6:1b:65
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -345,12 +345,12 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAHrQMZEuu+J3uq7hZhhDUdUorWNBTTWamOrAh11x8B/SP1bQH4IE
-0sFy7D+TbbQ2WtsMn3DZZYFuEjH5JOHHLjJa5Jb9U+xrH20s3AQcGtyKXQQbFvwV
-inyM6cHdxtxxjXJvscmT98qjFFSTRJJYQaSK/FX9Y0IdD19yqji2AsvhseNX54eh
-Bcicm0lzDlidMLX7dQyMRIbgwryQYM4s6go5/Hzk0URVNOjOBKQZrQAsBfFlJGvH
-0XY33TORhjytt7xTTUpQ/9CciUsZqkDQRYDo1JaCW1RorNVsd0ayjYL/tYFxkIRu
-lEviAp/FJJeOCi5xV48DGcuiOcAdFOBSBK8=
+AQELBQADggEBAHWt8vh5pcYNSjUH9nUcbA6/Pdf8gd5Xnz/wyY51uCMNNiLW2Vfc
+wFukmvrvKrWt4sWWhBqESagXty79RSGP5PGK5WS7UJYxYtdKEfT6eFu7DQoOkbuE
+6MZdGgMeS1BdxQP1ozL6bF6oxRK0WsTm/zbDTaca0bJx3YkasghGYLuOu9+9uQ9F
+PSUG66eVEaYy7qAsTC+BVG9UFtfDhW7EeEOjSC+BA4HCAgqEnai1PwK0wP211S/w
+SNcPmMsPyuScGtgcEDFLnpupRGMDoKDevL0P2Vr6gfLVfd5LBoi4Dphc+2CiEOmt
+OMcFCZ3JvCSJKYSlOnbZ7Licx5oCfiPWG2U=
-----END CERTIFICATE-----
Certificate:
Data:
@@ -359,8 +359,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:32 2023 GMT
+ Not After : Sep 8 22:19:32 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -391,34 +391,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:2
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 05:f4:24:ed:e2:f9:84:cf:1b:3d:6c:79:4f:3c:25:6b:3c:96:
- ab:15:90:b3:77:07:90:f8:3e:82:e6:e4:3e:d9:a5:a7:81:d2:
- fd:34:23:1d:ed:97:b5:33:aa:5d:7c:ab:06:12:03:e4:18:21:
- 7b:83:f0:17:cd:43:12:d6:e6:4d:a3:a9:48:71:b8:f8:0c:af:
- 25:ff:72:4d:f0:37:9d:c4:46:3f:3c:69:96:3d:00:96:31:30:
- 96:9f:44:9a:eb:22:22:64:ae:7e:2f:a8:c7:3d:44:58:8b:8f:
- 82:9d:4d:e7:9a:45:fe:b3:d4:bd:54:3c:5a:24:c2:8f:39:50:
- 4d:24:0d:be:e1:4d:b8:1d:1d:a8:54:b5:6e:a0:d5:7f:96:ed:
- c9:4d:7a:e3:e7:ec:0a:0f:2a:50:3b:90:ed:97:3f:df:2b:e1:
- c3:fc:84:58:26:2d:1d:99:2b:3d:6f:aa:96:ae:01:76:86:0e:
- 55:c5:bb:17:24:20:74:c7:b1:9c:69:7b:41:c0:4e:5b:e1:5c:
- a2:62:34:29:e1:4b:42:62:fd:0e:f3:68:48:b6:a2:6f:d2:f6:
- 15:2a:a4:a1:c1:86:88:9b:22:af:95:40:2a:64:26:e1:8e:4c:
- f5:03:e0:ef:89:6d:ec:e0:46:46:32:7d:4b:6e:87:63:33:66:
- f3:84:1d:7e
+ a1:6c:a3:2e:95:bb:e7:f0:f4:70:b8:8c:5a:a7:29:54:13:6a:
+ 5b:13:e3:62:6a:b5:06:68:41:91:2f:84:97:1f:25:c1:db:18:
+ 5d:09:26:04:ab:aa:2d:4d:59:2e:96:70:8f:0e:5d:0b:b8:b0:
+ db:5f:14:70:9e:00:d8:31:1f:65:54:47:69:5c:11:e8:0c:97:
+ 2e:ff:0d:2e:ee:45:18:5b:aa:83:21:b1:5d:66:f0:b7:b3:99:
+ 09:c6:fd:11:7e:b5:67:a0:d2:3b:a2:e9:b0:96:1d:42:ac:6e:
+ ce:f2:80:4e:8c:87:36:af:b5:c4:bc:fb:5d:18:40:d4:7d:3a:
+ 0f:c8:9f:f1:95:bb:8a:ad:18:f8:3c:e0:49:da:36:26:17:8c:
+ 87:75:79:80:5f:c4:5a:48:93:ed:62:93:73:55:a3:73:d4:ba:
+ 3c:54:f4:b2:ad:70:af:8f:93:4f:a7:15:49:e0:cf:88:2a:1f:
+ bf:18:f5:13:e4:5b:d3:37:29:12:db:8c:4d:b6:93:0b:02:70:
+ 47:84:cc:0a:e8:28:de:89:a1:43:0f:16:28:a9:be:85:6e:62:
+ 44:5c:69:a0:33:67:bf:ee:80:37:46:25:e4:d2:ec:56:07:67:
+ e4:d6:e0:92:a1:2f:7c:d8:18:d0:7a:02:82:5b:48:3d:61:9b:
+ 5f:65:db:af
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0
LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -432,12 +432,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAAX0JO3i+YTPGz1seU88JWs8lqsVkLN3B5D4PoLm5D7Z
-paeB0v00Ix3tl7Uzql18qwYSA+QYIXuD8BfNQxLW5k2jqUhxuPgMryX/ck3wN53E
-Rj88aZY9AJYxMJafRJrrIiJkrn4vqMc9RFiLj4KdTeeaRf6z1L1UPFokwo85UE0k
-Db7hTbgdHahUtW6g1X+W7clNeuPn7AoPKlA7kO2XP98r4cP8hFgmLR2ZKz1vqpau
-AXaGDlXFuxckIHTHsZxpe0HATlvhXKJiNCnhS0Ji/Q7zaEi2om/S9hUqpKHBhoib
-Iq+VQCpkJuGOTPUD4O+JbezgRkYyfUtuh2MzZvOEHX4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAKFsoy6Vu+fw9HC4jFqnKVQTalsT42JqtQZoQZEvhJcf
+JcHbGF0JJgSrqi1NWS6WcI8OXQu4sNtfFHCeANgxH2VUR2lcEegMly7/DS7uRRhb
+qoMhsV1m8LezmQnG/RF+tWeg0jui6bCWHUKsbs7ygE6MhzavtcS8+10YQNR9Og/I
+n/GVu4qtGPg84EnaNiYXjId1eYBfxFpIk+1ik3NVo3PUujxU9LKtcK+Pk0+nFUng
+z4gqH78Y9RPkW9M3KRLbjE22kwsCcEeEzAroKN6JoUMPFiipvoVuYkRcaaAzZ7/u
+gDdGJeTS7FYHZ+TW4JKhL3zYGNB6AoJbSD1hm19l268=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem
index 8df3fa16..42512cc1 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 8c:b5:c8:f8:28:8c:cc:27:7c:21:36:75:2a:bc:af:5e:d6:7a:
- d1:22:d5:1b:7a:a2:1a:5e:30:b5:38:64:2e:71:09:1c:db:a0:
- 99:44:5c:e8:c2:b5:06:ac:c1:ec:d8:30:74:65:62:f5:db:c2:
- 03:fa:54:e0:0f:c9:8a:d8:02:11:d3:58:a6:bc:7f:54:07:3b:
- f7:6d:7d:db:18:d9:2a:01:57:38:fc:d4:18:86:84:38:8b:d0:
- 5c:8c:d7:47:2e:76:d3:92:c3:75:61:93:03:56:93:74:60:ff:
- 16:84:4a:70:f0:cc:0c:ed:d3:53:f9:fc:f7:b8:34:6a:5c:25:
- 78:ab:27:3f:ad:04:8f:c6:01:29:a8:b7:61:09:b0:7b:51:9b:
- ca:6c:23:5b:0c:18:f3:63:ea:96:56:b9:1a:0f:ec:80:cd:29:
- f6:fb:d1:df:65:34:e8:1f:62:c8:95:fa:be:27:cb:40:e7:26:
- 7f:18:7e:cc:5d:7d:19:9e:12:90:0b:d7:32:12:0d:cb:97:8e:
- e8:3e:c3:1b:f6:a3:3c:e8:d0:35:63:de:66:89:5a:a3:ef:64:
- 3a:8f:e3:5f:d2:e6:64:82:7b:2f:2e:26:78:13:34:39:ed:9c:
- f8:ad:f5:d6:75:d1:60:48:aa:19:41:98:1f:4e:ce:01:76:9d:
- af:0f:6b:8d
+ 06:45:21:fd:a8:95:fa:d4:96:c7:4f:83:6b:6c:c1:24:fa:b0:
+ 14:42:db:7a:5c:7b:f4:8f:4e:66:78:bc:ff:65:bd:4a:a7:8e:
+ d0:78:33:6f:d2:aa:bb:9b:25:26:15:4d:9d:8e:39:16:99:70:
+ 25:6a:2d:ee:78:54:80:13:71:f3:e1:6a:ec:56:57:1a:25:db:
+ 8f:b3:64:22:d2:04:d1:b2:aa:ff:2c:d9:ae:6d:74:66:18:74:
+ 58:38:4b:ec:77:69:f6:83:ed:4d:7d:4a:60:71:35:8e:14:02:
+ 72:9e:93:22:a5:ca:d9:33:7e:12:c4:41:34:cf:c4:14:66:9a:
+ fa:04:aa:1f:e2:d9:5e:d3:42:9e:fa:c9:71:6e:f0:43:08:a7:
+ 60:bc:eb:19:8e:70:09:24:12:6b:9a:10:60:fc:44:61:e3:f4:
+ 0d:08:15:9e:a6:b3:7e:9b:be:d5:f9:63:9d:2f:be:c3:81:c6:
+ ef:e8:56:99:a2:58:f3:32:7c:c2:c2:b1:d9:6a:bd:51:79:eb:
+ 18:02:44:b4:4e:e8:7c:3e:96:a4:ae:86:79:94:11:6f:1b:eb:
+ 80:71:07:1f:4c:5d:88:67:39:62:6d:c2:0d:64:2a:07:66:48:
+ ca:b4:76:06:da:1c:40:24:77:34:a9:8b:26:d0:20:6b:94:25:
+ 75:73:84:e7
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgZoxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAIy1yPgo
-jMwnfCE2dSq8r17WetEi1Rt6ohpeMLU4ZC5xCRzboJlEXOjCtQaswezYMHRlYvXb
-wgP6VOAPyYrYAhHTWKa8f1QHO/dtfdsY2SoBVzj81BiGhDiL0FyM10cudtOSw3Vh
-kwNWk3Rg/xaESnDwzAzt01P5/Pe4NGpcJXirJz+tBI/GASmot2EJsHtRm8psI1sM
-GPNj6pZWuRoP7IDNKfb70d9lNOgfYsiV+r4ny0DnJn8YfsxdfRmeEpAL1zISDcuX
-jug+wxv2ozzo0DVj3maJWqPvZDqP41/S5mSCey8uJngTNDntnPit9dZ10WBIqhlB
-mB9OzgF2na8Pa40=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAZFIf2o
+lfrUlsdPg2tswST6sBRC23pce/SPTmZ4vP9lvUqnjtB4M2/SqrubJSYVTZ2OORaZ
+cCVqLe54VIATcfPhauxWVxol24+zZCLSBNGyqv8s2a5tdGYYdFg4S+x3afaD7U19
+SmBxNY4UAnKekyKlytkzfhLEQTTPxBRmmvoEqh/i2V7TQp76yXFu8EMIp2C86xmO
+cAkkEmuaEGD8RGHj9A0IFZ6ms36bvtX5Y50vvsOBxu/oVpmiWPMyfMLCsdlqvVF5
+6xgCRLRO6Hw+lqSuhnmUEW8b64BxBx9MXYhnOWJtwg1kKgdmSMq0dgbaHEAkdzSp
+iybQIGuUJXVzhOc=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem
index 154e8e1f..1f075ac7 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 78:50:73:20:80:87:ae:ad:44:08:3a:09:a3:82:03:3f:ea:21:
- c9:2f:e5:14:c1:7e:19:76:e8:f3:a8:a8:51:26:86:00:f0:a9:
- c4:e9:9b:12:ab:3e:4d:c4:1b:b6:87:39:69:77:cd:7b:d8:57:
- b9:7f:f4:07:32:bf:07:cb:22:c4:35:fd:1b:a6:83:d6:ab:a4:
- 76:b8:1d:de:72:16:e4:21:d3:31:fa:99:bd:6b:0d:8e:1b:8c:
- 5a:02:53:ad:3b:f3:c4:25:fd:c7:ca:64:28:f6:49:54:2a:d6:
- f8:85:bc:c1:a5:c1:aa:68:f5:00:a1:47:8f:c3:25:5b:e1:98:
- da:75:2f:bb:a0:c5:9b:65:d8:ca:1f:3c:87:ec:d0:82:75:11:
- 57:9c:db:b0:3c:d5:80:87:4d:67:44:d9:39:af:f1:88:de:be:
- 45:68:56:bb:97:d3:20:1b:5a:f5:fa:f1:bf:c0:51:f6:b9:a3:
- 9f:1b:11:ec:c9:b3:1d:b3:8e:a8:b3:0d:2c:35:77:ad:07:46:
- 17:4c:83:f3:e3:7b:91:fe:e7:d9:e5:9f:c3:45:d0:14:9b:a8:
- cb:5c:38:b0:d3:45:8a:e2:30:d6:71:6a:a0:16:26:69:d5:63:
- 08:fa:69:bd:86:0d:67:31:f0:2d:c0:80:7c:14:c0:63:93:ac:
- c1:8c:5a:b5
+ 04:ad:23:1a:c8:33:0d:3a:b7:a2:db:58:ab:51:89:0f:48:11:
+ 53:88:36:74:51:c3:69:9a:ed:26:9f:24:f9:9b:a1:5d:31:26:
+ 29:ce:3c:91:ce:37:d4:d6:50:30:e1:85:65:35:71:bc:20:f9:
+ 27:22:5c:cf:aa:83:32:ff:f5:77:2b:79:31:d7:5f:21:8b:34:
+ 14:83:d5:f4:e5:fc:f3:76:4a:09:d0:e8:d4:1b:c4:03:4e:a0:
+ a8:8a:e9:db:2e:33:e2:0b:58:70:76:37:d8:78:60:a2:78:9b:
+ af:62:0e:b4:cb:d9:51:0d:5f:dd:a5:c7:49:60:30:8d:35:46:
+ d1:7c:02:c0:2e:ae:74:36:dd:ef:ee:16:46:05:d2:16:ff:24:
+ e0:27:f5:35:01:4d:86:76:52:b4:81:c8:69:f1:62:c1:a1:28:
+ a5:0e:ae:d3:8f:80:a6:51:69:d6:db:8b:04:a0:cd:81:97:a2:
+ b5:09:e7:4f:21:75:07:30:fe:19:c5:8b:26:2d:6c:61:92:b0:
+ 0c:01:3d:78:50:18:12:66:58:d9:66:a7:79:72:87:52:12:bd:
+ 16:cf:fb:ab:6e:7b:8f:ac:0d:84:16:36:f6:87:27:95:6c:62:
+ b2:60:94:cb:83:69:42:96:98:5d:d2:a8:c4:b4:89:c0:f8:b8:
+ 7a:f0:7b:b8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -80,10 +80,10 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAeFBzIICHrq1ECDoJo4IDP+ohyS/lFMF+
-GXbo86ioUSaGAPCpxOmbEqs+TcQbtoc5aXfNe9hXuX/0BzK/B8sixDX9G6aD1quk
-drgd3nIW5CHTMfqZvWsNjhuMWgJTrTvzxCX9x8pkKPZJVCrW+IW8waXBqmj1AKFH
-j8MlW+GY2nUvu6DFm2XYyh88h+zQgnURV5zbsDzVgIdNZ0TZOa/xiN6+RWhWu5fT
-IBta9frxv8BR9rmjnxsR7MmzHbOOqLMNLDV3rQdGF0yD8+N7kf7n2eWfw0XQFJuo
-y1w4sNNFiuIw1nFqoBYmadVjCPppvYYNZzHwLcCAfBTAY5OswYxatQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABK0jGsgzDTq3ottYq1GJD0gRU4g2dFHD
+aZrtJp8k+ZuhXTEmKc48kc431NZQMOGFZTVxvCD5JyJcz6qDMv/1dyt5MddfIYs0
+FIPV9OX883ZKCdDo1BvEA06gqIrp2y4z4gtYcHY32Hhgonibr2IOtMvZUQ1f3aXH
+SWAwjTVG0XwCwC6udDbd7+4WRgXSFv8k4Cf1NQFNhnZStIHIafFiwaEopQ6u04+A
+plFp1tuLBKDNgZeitQnnTyF1BzD+GcWLJi1sYZKwDAE9eFAYEmZY2WaneXKHUhK9
+Fs/7q257j6wNhBY29ocnlWxismCUy4NpQpaYXdKoxLSJwPi4evB7uA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem
index 3ce50c65..5d5e8900 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0b:80:62:fa:ce:ce:c0:cc:0c:ac:20:c7:15:4f:0f:64:b6:17:
- 9b:e8:f1:aa:3d:db:b7:cc:18:10:63:24:86:f7:9b:40:d5:05:
- c8:9e:c3:0b:d5:1e:e3:dc:34:a7:66:2a:75:1e:bb:5d:31:ff:
- dd:79:f6:41:68:9a:5e:4d:9b:61:02:6b:c6:62:da:ca:46:3b:
- b2:ac:6a:74:bb:91:0e:a6:d2:7d:51:5e:c0:11:6e:7f:e3:da:
- 58:48:58:ed:fa:70:8d:bd:c2:ef:9e:df:b1:51:4b:ee:c8:e8:
- e4:2c:e3:d3:96:0b:e9:ea:82:9d:e4:78:d6:cb:84:c0:b3:39:
- 3f:dd:2f:e2:e8:9c:09:58:58:d3:f4:64:9c:35:b0:ee:bf:6e:
- f3:a2:f6:0e:31:7b:78:df:d6:d0:e6:29:1d:d1:af:fc:ee:c3:
- 54:7b:9a:8c:8d:47:eb:40:01:4f:2b:08:bd:d7:17:b1:bc:ce:
- 2c:de:db:1a:d4:6b:ad:c2:c2:42:86:5b:63:71:95:ec:88:f2:
- 71:86:c9:b7:99:85:1f:06:dc:43:05:a2:37:17:c7:65:88:75:
- 46:23:4c:ce:fa:1d:e6:29:ba:76:ba:42:ed:ea:5e:5c:7d:a2:
- 2a:54:10:3a:72:ef:c0:52:2d:9f:a4:c7:2a:29:53:b7:a9:51:
- aa:51:0a:59
+ 14:61:ba:15:45:07:60:d4:c9:6d:ef:6f:74:2a:44:b5:34:a4:
+ df:0e:d9:f1:7b:7c:cb:50:db:d7:17:d3:9d:91:64:01:1b:93:
+ 0d:b5:51:07:16:77:5f:2a:b5:9a:24:39:19:fc:ee:4d:79:4f:
+ c3:a3:9f:a1:07:e8:a3:0c:7e:04:0c:b0:33:a1:96:21:d2:ce:
+ 88:41:28:88:82:39:7f:9d:54:2d:4c:56:df:41:8e:4a:59:69:
+ 84:0b:fc:5d:47:06:84:ec:ae:4d:52:34:b2:1a:e8:61:e0:51:
+ 8c:87:ad:c9:5d:f3:2e:bb:5b:36:d2:91:71:7f:f9:cf:f9:7f:
+ c3:2d:e5:7d:a7:fb:8a:2f:47:24:6c:3a:75:72:9b:c8:74:6f:
+ 17:95:a4:d4:96:b4:3e:91:bf:c1:eb:89:18:ba:c3:e1:52:f8:
+ e8:a4:92:1b:c9:d8:a7:11:40:bf:62:9a:e6:ee:70:0a:f5:a3:
+ 6d:06:0f:59:ad:53:8a:f6:b8:93:dc:39:59:b7:97:c2:3c:e2:
+ 3b:e8:9f:5a:c9:42:35:d2:39:32:d8:9a:1d:3f:52:e6:cd:0b:
+ f9:d0:be:d8:ad:09:11:d7:6b:c2:c3:2e:d2:9b:92:99:a0:a8:
+ c9:0e:30:41:0e:73:77:48:ac:8b:69:28:3b:1c:76:b3:da:7f:
+ bd:04:95:07
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -80,10 +80,10 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQALgGL6zs7AzAysIMcVTw9ktheb6PGqPdu3zBgQYySG95tA1QXInsML
-1R7j3DSnZip1HrtdMf/defZBaJpeTZthAmvGYtrKRjuyrGp0u5EOptJ9UV7AEW5/
-49pYSFjt+nCNvcLvnt+xUUvuyOjkLOPTlgvp6oKd5HjWy4TAszk/3S/i6JwJWFjT
-9GScNbDuv27zovYOMXt439bQ5ikd0a/87sNUe5qMjUfrQAFPKwi91xexvM4s3tsa
-1GutwsJChltjcZXsiPJxhsm3mYUfBtxDBaI3F8dliHVGI0zO+h3mKbp2ukLt6l5c
-faIqVBA6cu/AUi2fpMcqKVO3qVGqUQpZ
+CwUAA4IBAQAUYboVRQdg1Mlt7290KkS1NKTfDtnxe3zLUNvXF9OdkWQBG5MNtVEH
+FndfKrWaJDkZ/O5NeU/Do5+hB+ijDH4EDLAzoZYh0s6IQSiIgjl/nVQtTFbfQY5K
+WWmEC/xdRwaE7K5NUjSyGuhh4FGMh63JXfMuu1s20pFxf/nP+X/DLeV9p/uKL0ck
+bDp1cpvIdG8XlaTUlrQ+kb/B64kYusPhUvjopJIbydinEUC/Yprm7nAK9aNtBg9Z
+rVOK9riT3DlZt5fCPOI76J9ayUI10jky2JodP1LmzQv50L7YrQkR12vCwy7Sm5KZ
+oKjJDjBBDnN3SKyLaSg7HHaz2n+9BJUH
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem
index 037fd713..a80d5cbf 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:2
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 2f:e9:19:e4:18:04:44:46:80:ee:e5:9f:a0:48:72:75:2e:c5:
- dd:d1:6b:53:68:36:f3:2b:7c:78:2c:7f:1e:1b:2d:24:79:76:
- 75:48:c6:4e:73:99:4b:a1:3b:40:e0:c8:7b:eb:b4:80:ae:49:
- 65:4c:e1:13:39:a2:97:b6:e8:19:66:9c:34:31:d9:57:3f:ea:
- d0:9b:3e:f1:6b:ec:7d:86:cf:13:d4:f4:4e:d8:da:5c:17:6b:
- 0a:10:c3:8c:89:de:b5:50:f3:3d:68:9e:36:47:09:44:b9:e5:
- 6c:43:8c:16:f9:da:32:e7:2a:32:df:7a:55:94:33:10:fd:82:
- bb:94:c1:76:04:c8:0e:89:0b:ac:dd:a1:ce:61:02:a7:0d:81:
- c7:33:d8:98:4a:26:97:8b:e8:0f:24:ad:3e:32:73:10:02:23:
- 77:52:ca:92:bf:16:de:cf:bc:87:bf:cc:6f:2b:28:f9:77:4e:
- 32:02:82:a8:2e:3a:37:6f:b7:26:2c:84:d4:66:ea:da:27:37:
- ba:26:16:40:a0:4a:f6:31:c0:de:5f:e9:b1:79:94:44:4d:29:
- cb:3d:32:45:45:a4:e9:ef:a8:18:f5:b4:66:86:45:42:e2:59:
- 6c:ae:38:09:81:23:4e:19:7c:f8:b7:71:eb:a8:33:28:7c:88:
- 2c:0e:5e:ae
+ 0b:91:da:f2:ae:94:93:70:85:33:26:3d:4b:23:65:52:a3:be:
+ 0a:ed:7c:04:16:fa:f1:5f:3b:e2:06:f7:8e:03:41:46:bc:e9:
+ 79:41:ff:09:a0:77:6c:58:a6:c7:0c:1d:8b:c0:f7:6c:82:93:
+ 74:96:18:8a:ce:a0:00:19:46:0a:0c:d1:7a:40:66:46:ad:14:
+ 9b:7f:bb:2f:88:c2:94:39:49:05:36:e7:f2:b0:04:44:49:e8:
+ 99:07:6e:50:f0:61:18:a3:4a:e0:35:06:6a:7d:af:ac:f1:93:
+ fd:43:92:12:41:66:fc:60:8f:37:12:43:45:c6:38:9e:8a:e8:
+ 4c:1d:48:7a:62:d2:e1:f4:99:12:5b:98:5a:2e:59:07:86:64:
+ af:4d:33:2e:e7:26:f2:68:7b:1e:4e:1b:60:bd:5d:19:d3:7c:
+ 04:32:26:ea:23:33:6f:8d:30:27:84:4a:3d:8a:63:4f:02:81:
+ 5a:ab:ea:ae:58:0a:ce:7e:74:a1:75:6a:c4:64:ae:a7:0a:31:
+ 2f:41:ed:c5:12:7c:4a:34:e8:6d:22:f4:9f:3d:f2:4a:8c:ee:
+ 7c:e7:81:50:e0:e5:f0:52:7d:28:79:3a:5a:c4:85:fb:7b:e6:
+ 26:1f:71:47:c6:97:8b:4d:39:eb:4b:46:4c:d7:d7:d3:15:b6:
+ 82:78:83:17
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez
LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAC/pGeQYBERGgO7ln6BIcnUuxd3Ra1NoNvMrfHgsfx4b
-LSR5dnVIxk5zmUuhO0DgyHvrtICuSWVM4RM5ope26BlmnDQx2Vc/6tCbPvFr7H2G
-zxPU9E7Y2lwXawoQw4yJ3rVQ8z1onjZHCUS55WxDjBb52jLnKjLfelWUMxD9gruU
-wXYEyA6JC6zdoc5hAqcNgccz2JhKJpeL6A8krT4ycxACI3dSypK/Ft7PvIe/zG8r
-KPl3TjICgqguOjdvtyYshNRm6tonN7omFkCgSvYxwN5f6bF5lERNKcs9MkVFpOnv
-qBj1tGaGRULiWWyuOAmBI04ZfPi3ceuoMyh8iCwOXq4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAAuR2vKulJNwhTMmPUsjZVKjvgrtfAQW+vFfO+IG944D
+QUa86XlB/wmgd2xYpscMHYvA92yCk3SWGIrOoAAZRgoM0XpAZkatFJt/uy+IwpQ5
+SQU25/KwBERJ6JkHblDwYRijSuA1Bmp9r6zxk/1DkhJBZvxgjzcSQ0XGOJ6K6Ewd
+SHpi0uH0mRJbmFouWQeGZK9NMy7nJvJoex5OG2C9XRnTfAQyJuojM2+NMCeESj2K
+Y08CgVqr6q5YCs5+dKF1asRkrqcKMS9B7cUSfEo06G0i9J898kqM7nzngVDg5fBS
+fSh5OlrEhft75iYfcUfGl4tNOetLRkzX19MVtoJ4gxc=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem
index a63afa3b..5166cebc 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 7a:19:8d:a9:ab:4e:b7:89:d0:db:65:49:18:dc:23:9e:71:bf:
- 28:c6:54:de:dd:e4:9a:bf:89:be:2b:3e:fb:1f:47:dc:1e:e9:
- 8f:3d:b1:4e:7d:63:3b:48:12:8c:cc:c9:98:6f:35:c1:9f:26:
- ed:f6:e5:50:55:84:94:c0:8e:e3:78:49:8d:21:33:41:03:10:
- 9a:16:27:0b:33:90:18:3a:f4:1e:59:75:3e:c2:9d:b8:58:fe:
- 52:26:11:95:f1:14:f9:17:2f:f6:6a:a5:e3:03:af:94:a4:18:
- 71:82:63:aa:ad:d0:55:08:48:bd:80:16:cf:36:8a:f2:69:2f:
- fd:e0:72:96:2e:b3:75:c5:8f:60:b9:46:a0:e0:ad:a2:54:2e:
- b9:f9:c0:ab:a5:e2:88:47:9a:ec:a7:c9:e3:74:22:90:57:a4:
- 03:b4:2f:33:bf:e6:58:35:3f:75:b3:5f:b7:aa:f8:d5:2a:7f:
- 4a:bd:55:4e:d6:e6:a4:25:67:aa:99:57:4b:ca:28:7a:d8:78:
- 08:51:a2:95:53:e1:04:6a:48:3f:85:57:f0:81:53:9b:80:87:
- 24:da:d9:7e:c0:6c:a8:f1:75:50:7f:d4:0c:ba:c6:9a:16:f1:
- 00:5e:25:c5:99:7f:44:f1:39:c6:72:bd:e5:4a:ff:3a:89:15:
- 25:3c:2e:28
+ 03:42:31:e4:a2:3f:2a:7a:a6:7e:87:61:8b:2c:a1:10:af:b4:
+ 06:db:3f:77:85:88:c4:db:df:78:3d:d2:aa:aa:ac:cd:19:c1:
+ a7:47:66:e2:91:9b:59:ab:70:e0:74:1a:a7:b4:5c:30:3f:ea:
+ a3:14:6a:aa:3e:82:38:7d:2f:db:6f:43:60:db:20:cb:e4:69:
+ 62:73:75:d8:22:db:c3:92:cb:96:d3:7c:5a:ca:d5:3a:d1:91:
+ 20:2c:37:0f:3d:ef:8e:ca:0b:8b:73:af:79:66:ec:84:93:41:
+ 71:a1:6d:86:57:1b:d9:83:7e:c0:18:b6:4f:3c:85:89:59:c8:
+ 99:1e:e7:53:5d:2b:41:7c:24:d0:9a:73:43:b3:ee:69:de:60:
+ 08:b9:f0:b2:ac:b5:24:70:06:b7:1e:7b:fd:30:07:80:24:45:
+ c5:4f:84:e7:a6:67:99:0b:42:45:38:54:90:01:49:b2:14:31:
+ 48:09:2b:83:3e:37:2e:d5:fd:92:7b:4f:cb:2f:ea:0d:e7:d7:
+ 07:62:6e:2e:c3:a4:64:e2:54:52:6e:66:41:a9:0d:68:3f:76:
+ 8f:e9:42:3d:a2:23:b9:ed:fc:52:f5:d4:96:29:81:fd:80:39:
+ 71:16:3c:df:c9:2f:ad:c3:83:56:f5:85:55:89:e6:c9:23:f6:
+ eb:0e:c7:34
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,12 +78,12 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-ehmNqatOt4nQ22VJGNwjnnG/KMZU3t3kmr+Jvis++x9H3B7pjz2xTn1jO0gSjMzJ
-mG81wZ8m7fblUFWElMCO43hJjSEzQQMQmhYnCzOQGDr0Hll1PsKduFj+UiYRlfEU
-+Rcv9mql4wOvlKQYcYJjqq3QVQhIvYAWzzaK8mkv/eByli6zdcWPYLlGoOCtolQu
-ufnAq6XiiEea7KfJ43QikFekA7QvM7/mWDU/dbNft6r41Sp/Sr1VTtbmpCVnqplX
-S8ooeth4CFGilVPhBGpIP4VX8IFTm4CHJNrZfsBsqPF1UH/UDLrGmhbxAF4lxZl/
-RPE5xnK95Ur/OokVJTwuKA==
+A0Ix5KI/KnqmfodhiyyhEK+0Bts/d4WIxNvfeD3SqqqszRnBp0dm4pGbWatw4HQa
+p7RcMD/qoxRqqj6COH0v229DYNsgy+RpYnN12CLbw5LLltN8WsrVOtGRICw3Dz3v
+jsoLi3OveWbshJNBcaFthlcb2YN+wBi2TzyFiVnImR7nU10rQXwk0JpzQ7Puad5g
+CLnwsqy1JHAGtx57/TAHgCRFxU+E56ZnmQtCRThUkAFJshQxSAkrgz43LtX9kntP
+yy/qDefXB2JuLsOkZOJUUm5mQakNaD92j+lCPaIjue38UvXUlimB/YA5cRY838kv
+rcODVvWFVYnmySP26w7HNA==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -92,8 +92,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 78:50:73:20:80:87:ae:ad:44:08:3a:09:a3:82:03:3f:ea:21:
- c9:2f:e5:14:c1:7e:19:76:e8:f3:a8:a8:51:26:86:00:f0:a9:
- c4:e9:9b:12:ab:3e:4d:c4:1b:b6:87:39:69:77:cd:7b:d8:57:
- b9:7f:f4:07:32:bf:07:cb:22:c4:35:fd:1b:a6:83:d6:ab:a4:
- 76:b8:1d:de:72:16:e4:21:d3:31:fa:99:bd:6b:0d:8e:1b:8c:
- 5a:02:53:ad:3b:f3:c4:25:fd:c7:ca:64:28:f6:49:54:2a:d6:
- f8:85:bc:c1:a5:c1:aa:68:f5:00:a1:47:8f:c3:25:5b:e1:98:
- da:75:2f:bb:a0:c5:9b:65:d8:ca:1f:3c:87:ec:d0:82:75:11:
- 57:9c:db:b0:3c:d5:80:87:4d:67:44:d9:39:af:f1:88:de:be:
- 45:68:56:bb:97:d3:20:1b:5a:f5:fa:f1:bf:c0:51:f6:b9:a3:
- 9f:1b:11:ec:c9:b3:1d:b3:8e:a8:b3:0d:2c:35:77:ad:07:46:
- 17:4c:83:f3:e3:7b:91:fe:e7:d9:e5:9f:c3:45:d0:14:9b:a8:
- cb:5c:38:b0:d3:45:8a:e2:30:d6:71:6a:a0:16:26:69:d5:63:
- 08:fa:69:bd:86:0d:67:31:f0:2d:c0:80:7c:14:c0:63:93:ac:
- c1:8c:5a:b5
+ 04:ad:23:1a:c8:33:0d:3a:b7:a2:db:58:ab:51:89:0f:48:11:
+ 53:88:36:74:51:c3:69:9a:ed:26:9f:24:f9:9b:a1:5d:31:26:
+ 29:ce:3c:91:ce:37:d4:d6:50:30:e1:85:65:35:71:bc:20:f9:
+ 27:22:5c:cf:aa:83:32:ff:f5:77:2b:79:31:d7:5f:21:8b:34:
+ 14:83:d5:f4:e5:fc:f3:76:4a:09:d0:e8:d4:1b:c4:03:4e:a0:
+ a8:8a:e9:db:2e:33:e2:0b:58:70:76:37:d8:78:60:a2:78:9b:
+ af:62:0e:b4:cb:d9:51:0d:5f:dd:a5:c7:49:60:30:8d:35:46:
+ d1:7c:02:c0:2e:ae:74:36:dd:ef:ee:16:46:05:d2:16:ff:24:
+ e0:27:f5:35:01:4d:86:76:52:b4:81:c8:69:f1:62:c1:a1:28:
+ a5:0e:ae:d3:8f:80:a6:51:69:d6:db:8b:04:a0:cd:81:97:a2:
+ b5:09:e7:4f:21:75:07:30:fe:19:c5:8b:26:2d:6c:61:92:b0:
+ 0c:01:3d:78:50:18:12:66:58:d9:66:a7:79:72:87:52:12:bd:
+ 16:cf:fb:ab:6e:7b:8f:ac:0d:84:16:36:f6:87:27:95:6c:62:
+ b2:60:94:cb:83:69:42:96:98:5d:d2:a8:c4:b4:89:c0:f8:b8:
+ 7a:f0:7b:b8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -167,12 +167,12 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAeFBzIICHrq1ECDoJo4IDP+ohyS/lFMF+
-GXbo86ioUSaGAPCpxOmbEqs+TcQbtoc5aXfNe9hXuX/0BzK/B8sixDX9G6aD1quk
-drgd3nIW5CHTMfqZvWsNjhuMWgJTrTvzxCX9x8pkKPZJVCrW+IW8waXBqmj1AKFH
-j8MlW+GY2nUvu6DFm2XYyh88h+zQgnURV5zbsDzVgIdNZ0TZOa/xiN6+RWhWu5fT
-IBta9frxv8BR9rmjnxsR7MmzHbOOqLMNLDV3rQdGF0yD8+N7kf7n2eWfw0XQFJuo
-y1w4sNNFiuIw1nFqoBYmadVjCPppvYYNZzHwLcCAfBTAY5OswYxatQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABK0jGsgzDTq3ottYq1GJD0gRU4g2dFHD
+aZrtJp8k+ZuhXTEmKc48kc431NZQMOGFZTVxvCD5JyJcz6qDMv/1dyt5MddfIYs0
+FIPV9OX883ZKCdDo1BvEA06gqIrp2y4z4gtYcHY32Hhgonibr2IOtMvZUQ1f3aXH
+SWAwjTVG0XwCwC6udDbd7+4WRgXSFv8k4Cf1NQFNhnZStIHIafFiwaEopQ6u04+A
+plFp1tuLBKDNgZeitQnnTyF1BzD+GcWLJi1sYZKwDAE9eFAYEmZY2WaneXKHUhK9
+Fs/7q257j6wNhBY29ocnlWxismCUy4NpQpaYXdKoxLSJwPi4evB7uA==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -181,8 +181,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 0b:80:62:fa:ce:ce:c0:cc:0c:ac:20:c7:15:4f:0f:64:b6:17:
- 9b:e8:f1:aa:3d:db:b7:cc:18:10:63:24:86:f7:9b:40:d5:05:
- c8:9e:c3:0b:d5:1e:e3:dc:34:a7:66:2a:75:1e:bb:5d:31:ff:
- dd:79:f6:41:68:9a:5e:4d:9b:61:02:6b:c6:62:da:ca:46:3b:
- b2:ac:6a:74:bb:91:0e:a6:d2:7d:51:5e:c0:11:6e:7f:e3:da:
- 58:48:58:ed:fa:70:8d:bd:c2:ef:9e:df:b1:51:4b:ee:c8:e8:
- e4:2c:e3:d3:96:0b:e9:ea:82:9d:e4:78:d6:cb:84:c0:b3:39:
- 3f:dd:2f:e2:e8:9c:09:58:58:d3:f4:64:9c:35:b0:ee:bf:6e:
- f3:a2:f6:0e:31:7b:78:df:d6:d0:e6:29:1d:d1:af:fc:ee:c3:
- 54:7b:9a:8c:8d:47:eb:40:01:4f:2b:08:bd:d7:17:b1:bc:ce:
- 2c:de:db:1a:d4:6b:ad:c2:c2:42:86:5b:63:71:95:ec:88:f2:
- 71:86:c9:b7:99:85:1f:06:dc:43:05:a2:37:17:c7:65:88:75:
- 46:23:4c:ce:fa:1d:e6:29:ba:76:ba:42:ed:ea:5e:5c:7d:a2:
- 2a:54:10:3a:72:ef:c0:52:2d:9f:a4:c7:2a:29:53:b7:a9:51:
- aa:51:0a:59
+ 14:61:ba:15:45:07:60:d4:c9:6d:ef:6f:74:2a:44:b5:34:a4:
+ df:0e:d9:f1:7b:7c:cb:50:db:d7:17:d3:9d:91:64:01:1b:93:
+ 0d:b5:51:07:16:77:5f:2a:b5:9a:24:39:19:fc:ee:4d:79:4f:
+ c3:a3:9f:a1:07:e8:a3:0c:7e:04:0c:b0:33:a1:96:21:d2:ce:
+ 88:41:28:88:82:39:7f:9d:54:2d:4c:56:df:41:8e:4a:59:69:
+ 84:0b:fc:5d:47:06:84:ec:ae:4d:52:34:b2:1a:e8:61:e0:51:
+ 8c:87:ad:c9:5d:f3:2e:bb:5b:36:d2:91:71:7f:f9:cf:f9:7f:
+ c3:2d:e5:7d:a7:fb:8a:2f:47:24:6c:3a:75:72:9b:c8:74:6f:
+ 17:95:a4:d4:96:b4:3e:91:bf:c1:eb:89:18:ba:c3:e1:52:f8:
+ e8:a4:92:1b:c9:d8:a7:11:40:bf:62:9a:e6:ee:70:0a:f5:a3:
+ 6d:06:0f:59:ad:53:8a:f6:b8:93:dc:39:59:b7:97:c2:3c:e2:
+ 3b:e8:9f:5a:c9:42:35:d2:39:32:d8:9a:1d:3f:52:e6:cd:0b:
+ f9:d0:be:d8:ad:09:11:d7:6b:c2:c3:2e:d2:9b:92:99:a0:a8:
+ c9:0e:30:41:0e:73:77:48:ac:8b:69:28:3b:1c:76:b3:da:7f:
+ bd:04:95:07
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -256,12 +256,12 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQALgGL6zs7AzAysIMcVTw9ktheb6PGqPdu3zBgQYySG95tA1QXInsML
-1R7j3DSnZip1HrtdMf/defZBaJpeTZthAmvGYtrKRjuyrGp0u5EOptJ9UV7AEW5/
-49pYSFjt+nCNvcLvnt+xUUvuyOjkLOPTlgvp6oKd5HjWy4TAszk/3S/i6JwJWFjT
-9GScNbDuv27zovYOMXt439bQ5ikd0a/87sNUe5qMjUfrQAFPKwi91xexvM4s3tsa
-1GutwsJChltjcZXsiPJxhsm3mYUfBtxDBaI3F8dliHVGI0zO+h3mKbp2ukLt6l5c
-faIqVBA6cu/AUi2fpMcqKVO3qVGqUQpZ
+CwUAA4IBAQAUYboVRQdg1Mlt7290KkS1NKTfDtnxe3zLUNvXF9OdkWQBG5MNtVEH
+FndfKrWaJDkZ/O5NeU/Do5+hB+ijDH4EDLAzoZYh0s6IQSiIgjl/nVQtTFbfQY5K
+WWmEC/xdRwaE7K5NUjSyGuhh4FGMh63JXfMuu1s20pFxf/nP+X/DLeV9p/uKL0ck
+bDp1cpvIdG8XlaTUlrQ+kb/B64kYusPhUvjopJIbydinEUC/Yprm7nAK9aNtBg9Z
+rVOK9riT3DlZt5fCPOI76J9ayUI10jky2JodP1LmzQv50L7YrQkR12vCwy7Sm5KZ
+oKjJDjBBDnN3SKyLaSg7HHaz2n+9BJUH
-----END CERTIFICATE-----
Certificate:
Data:
@@ -270,8 +270,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -302,34 +302,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:2
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 2f:e9:19:e4:18:04:44:46:80:ee:e5:9f:a0:48:72:75:2e:c5:
- dd:d1:6b:53:68:36:f3:2b:7c:78:2c:7f:1e:1b:2d:24:79:76:
- 75:48:c6:4e:73:99:4b:a1:3b:40:e0:c8:7b:eb:b4:80:ae:49:
- 65:4c:e1:13:39:a2:97:b6:e8:19:66:9c:34:31:d9:57:3f:ea:
- d0:9b:3e:f1:6b:ec:7d:86:cf:13:d4:f4:4e:d8:da:5c:17:6b:
- 0a:10:c3:8c:89:de:b5:50:f3:3d:68:9e:36:47:09:44:b9:e5:
- 6c:43:8c:16:f9:da:32:e7:2a:32:df:7a:55:94:33:10:fd:82:
- bb:94:c1:76:04:c8:0e:89:0b:ac:dd:a1:ce:61:02:a7:0d:81:
- c7:33:d8:98:4a:26:97:8b:e8:0f:24:ad:3e:32:73:10:02:23:
- 77:52:ca:92:bf:16:de:cf:bc:87:bf:cc:6f:2b:28:f9:77:4e:
- 32:02:82:a8:2e:3a:37:6f:b7:26:2c:84:d4:66:ea:da:27:37:
- ba:26:16:40:a0:4a:f6:31:c0:de:5f:e9:b1:79:94:44:4d:29:
- cb:3d:32:45:45:a4:e9:ef:a8:18:f5:b4:66:86:45:42:e2:59:
- 6c:ae:38:09:81:23:4e:19:7c:f8:b7:71:eb:a8:33:28:7c:88:
- 2c:0e:5e:ae
+ 0b:91:da:f2:ae:94:93:70:85:33:26:3d:4b:23:65:52:a3:be:
+ 0a:ed:7c:04:16:fa:f1:5f:3b:e2:06:f7:8e:03:41:46:bc:e9:
+ 79:41:ff:09:a0:77:6c:58:a6:c7:0c:1d:8b:c0:f7:6c:82:93:
+ 74:96:18:8a:ce:a0:00:19:46:0a:0c:d1:7a:40:66:46:ad:14:
+ 9b:7f:bb:2f:88:c2:94:39:49:05:36:e7:f2:b0:04:44:49:e8:
+ 99:07:6e:50:f0:61:18:a3:4a:e0:35:06:6a:7d:af:ac:f1:93:
+ fd:43:92:12:41:66:fc:60:8f:37:12:43:45:c6:38:9e:8a:e8:
+ 4c:1d:48:7a:62:d2:e1:f4:99:12:5b:98:5a:2e:59:07:86:64:
+ af:4d:33:2e:e7:26:f2:68:7b:1e:4e:1b:60:bd:5d:19:d3:7c:
+ 04:32:26:ea:23:33:6f:8d:30:27:84:4a:3d:8a:63:4f:02:81:
+ 5a:ab:ea:ae:58:0a:ce:7e:74:a1:75:6a:c4:64:ae:a7:0a:31:
+ 2f:41:ed:c5:12:7c:4a:34:e8:6d:22:f4:9f:3d:f2:4a:8c:ee:
+ 7c:e7:81:50:e0:e5:f0:52:7d:28:79:3a:5a:c4:85:fb:7b:e6:
+ 26:1f:71:47:c6:97:8b:4d:39:eb:4b:46:4c:d7:d7:d3:15:b6:
+ 82:78:83:17
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez
LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -343,12 +343,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAC/pGeQYBERGgO7ln6BIcnUuxd3Ra1NoNvMrfHgsfx4b
-LSR5dnVIxk5zmUuhO0DgyHvrtICuSWVM4RM5ope26BlmnDQx2Vc/6tCbPvFr7H2G
-zxPU9E7Y2lwXawoQw4yJ3rVQ8z1onjZHCUS55WxDjBb52jLnKjLfelWUMxD9gruU
-wXYEyA6JC6zdoc5hAqcNgccz2JhKJpeL6A8krT4ycxACI3dSypK/Ft7PvIe/zG8r
-KPl3TjICgqguOjdvtyYshNRm6tonN7omFkCgSvYxwN5f6bF5lERNKcs9MkVFpOnv
-qBj1tGaGRULiWWyuOAmBI04ZfPi3ceuoMyh8iCwOXq4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAAuR2vKulJNwhTMmPUsjZVKjvgrtfAQW+vFfO+IG944D
+QUa86XlB/wmgd2xYpscMHYvA92yCk3SWGIrOoAAZRgoM0XpAZkatFJt/uy+IwpQ5
+SQU25/KwBERJ6JkHblDwYRijSuA1Bmp9r6zxk/1DkhJBZvxgjzcSQ0XGOJ6K6Ewd
+SHpi0uH0mRJbmFouWQeGZK9NMy7nJvJoex5OG2C9XRnTfAQyJuojM2+NMCeESj2K
+Y08CgVqr6q5YCs5+dKF1asRkrqcKMS9B7cUSfEo06G0i9J898kqM7nzngVDg5fBS
+fSh5OlrEhft75iYfcUfGl4tNOetLRkzX19MVtoJ4gxc=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem
index 155f24b5..9bc25f03 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 7a:19:8d:a9:ab:4e:b7:89:d0:db:65:49:18:dc:23:9e:71:bf:
- 28:c6:54:de:dd:e4:9a:bf:89:be:2b:3e:fb:1f:47:dc:1e:e9:
- 8f:3d:b1:4e:7d:63:3b:48:12:8c:cc:c9:98:6f:35:c1:9f:26:
- ed:f6:e5:50:55:84:94:c0:8e:e3:78:49:8d:21:33:41:03:10:
- 9a:16:27:0b:33:90:18:3a:f4:1e:59:75:3e:c2:9d:b8:58:fe:
- 52:26:11:95:f1:14:f9:17:2f:f6:6a:a5:e3:03:af:94:a4:18:
- 71:82:63:aa:ad:d0:55:08:48:bd:80:16:cf:36:8a:f2:69:2f:
- fd:e0:72:96:2e:b3:75:c5:8f:60:b9:46:a0:e0:ad:a2:54:2e:
- b9:f9:c0:ab:a5:e2:88:47:9a:ec:a7:c9:e3:74:22:90:57:a4:
- 03:b4:2f:33:bf:e6:58:35:3f:75:b3:5f:b7:aa:f8:d5:2a:7f:
- 4a:bd:55:4e:d6:e6:a4:25:67:aa:99:57:4b:ca:28:7a:d8:78:
- 08:51:a2:95:53:e1:04:6a:48:3f:85:57:f0:81:53:9b:80:87:
- 24:da:d9:7e:c0:6c:a8:f1:75:50:7f:d4:0c:ba:c6:9a:16:f1:
- 00:5e:25:c5:99:7f:44:f1:39:c6:72:bd:e5:4a:ff:3a:89:15:
- 25:3c:2e:28
+ 03:42:31:e4:a2:3f:2a:7a:a6:7e:87:61:8b:2c:a1:10:af:b4:
+ 06:db:3f:77:85:88:c4:db:df:78:3d:d2:aa:aa:ac:cd:19:c1:
+ a7:47:66:e2:91:9b:59:ab:70:e0:74:1a:a7:b4:5c:30:3f:ea:
+ a3:14:6a:aa:3e:82:38:7d:2f:db:6f:43:60:db:20:cb:e4:69:
+ 62:73:75:d8:22:db:c3:92:cb:96:d3:7c:5a:ca:d5:3a:d1:91:
+ 20:2c:37:0f:3d:ef:8e:ca:0b:8b:73:af:79:66:ec:84:93:41:
+ 71:a1:6d:86:57:1b:d9:83:7e:c0:18:b6:4f:3c:85:89:59:c8:
+ 99:1e:e7:53:5d:2b:41:7c:24:d0:9a:73:43:b3:ee:69:de:60:
+ 08:b9:f0:b2:ac:b5:24:70:06:b7:1e:7b:fd:30:07:80:24:45:
+ c5:4f:84:e7:a6:67:99:0b:42:45:38:54:90:01:49:b2:14:31:
+ 48:09:2b:83:3e:37:2e:d5:fd:92:7b:4f:cb:2f:ea:0d:e7:d7:
+ 07:62:6e:2e:c3:a4:64:e2:54:52:6e:66:41:a9:0d:68:3f:76:
+ 8f:e9:42:3d:a2:23:b9:ed:fc:52:f5:d4:96:29:81:fd:80:39:
+ 71:16:3c:df:c9:2f:ad:c3:83:56:f5:85:55:89:e6:c9:23:f6:
+ eb:0e:c7:34
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,10 +78,10 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-ehmNqatOt4nQ22VJGNwjnnG/KMZU3t3kmr+Jvis++x9H3B7pjz2xTn1jO0gSjMzJ
-mG81wZ8m7fblUFWElMCO43hJjSEzQQMQmhYnCzOQGDr0Hll1PsKduFj+UiYRlfEU
-+Rcv9mql4wOvlKQYcYJjqq3QVQhIvYAWzzaK8mkv/eByli6zdcWPYLlGoOCtolQu
-ufnAq6XiiEea7KfJ43QikFekA7QvM7/mWDU/dbNft6r41Sp/Sr1VTtbmpCVnqplX
-S8ooeth4CFGilVPhBGpIP4VX8IFTm4CHJNrZfsBsqPF1UH/UDLrGmhbxAF4lxZl/
-RPE5xnK95Ur/OokVJTwuKA==
+A0Ix5KI/KnqmfodhiyyhEK+0Bts/d4WIxNvfeD3SqqqszRnBp0dm4pGbWatw4HQa
+p7RcMD/qoxRqqj6COH0v229DYNsgy+RpYnN12CLbw5LLltN8WsrVOtGRICw3Dz3v
+jsoLi3OveWbshJNBcaFthlcb2YN+wBi2TzyFiVnImR7nU10rQXwk0JpzQ7Puad5g
+CLnwsqy1JHAGtx57/TAHgCRFxU+E56ZnmQtCRThUkAFJshQxSAkrgz43LtX9kntP
+yy/qDefXB2JuLsOkZOJUUm5mQakNaD92j+lCPaIjue38UvXUlimB/YA5cRY838kv
+rcODVvWFVYnmySP26w7HNA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem
index a834078a..8daca2a5 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 8a:c2:bd:e8:d2:53:df:a2:01:71:2d:bd:24:c0:ce:3a:41:bc:
- 86:24:51:4a:66:06:9e:1f:1f:c7:45:e2:db:ab:60:e8:89:ba:
- 97:77:fe:d0:16:80:19:af:00:d0:2c:43:c3:b9:8c:6e:ff:5c:
- 08:01:4a:a1:2c:ba:ba:db:96:f8:a1:d9:e7:65:2a:ee:d9:6d:
- 73:7a:19:67:ed:67:69:30:13:fe:63:67:ec:e4:8c:89:37:11:
- 82:c8:d5:3e:7b:bb:26:02:a0:10:44:72:51:d6:ea:33:9e:54:
- 01:1a:5b:ed:0e:be:43:8f:a0:5b:dc:26:fa:e9:7c:20:e4:9a:
- 6d:5b:87:c9:95:e5:7a:5b:2d:9a:9a:ab:65:37:9f:88:79:2c:
- 10:83:82:32:76:1d:4f:f9:bf:8d:fd:2f:16:a7:d7:bb:64:41:
- 6a:6d:02:9d:f5:f5:31:44:c5:64:56:9a:b8:a4:dd:88:ed:79:
- 3b:f4:23:d7:0f:8a:2a:f3:f4:92:47:f5:f6:0f:19:e9:7c:6a:
- fe:f0:62:c3:43:45:a2:6c:f5:2e:0b:c3:c5:8b:21:70:68:fc:
- 58:63:91:1d:a4:35:eb:5b:4c:67:df:1d:4a:a3:a3:9e:16:a5:
- 6b:e3:05:66:00:1e:03:aa:3f:0d:f8:2f:f7:f6:78:08:e0:b6:
- 1f:20:0e:3d
+ 98:29:a6:c0:de:6c:d0:3d:c3:ff:d0:57:5f:83:48:bd:e0:80:
+ 1c:7a:e0:81:a9:5e:43:17:01:1b:c0:d6:89:30:eb:21:47:9e:
+ 8a:38:73:37:74:52:04:37:37:6e:7e:11:0e:f8:cb:c7:7c:4f:
+ 43:4f:07:64:56:7a:f7:66:4f:98:2f:6a:01:ae:04:72:64:03:
+ 32:88:e7:7e:60:ae:1e:16:93:4d:51:44:41:a7:b6:3e:19:e6:
+ 20:c9:30:3a:8f:86:77:b9:9c:c2:b8:f1:d9:7a:a9:10:cc:ce:
+ 95:46:bb:62:0d:d8:c8:78:37:51:51:2e:83:a8:5b:ef:fa:a0:
+ 34:bb:a3:93:66:b6:4f:72:25:fc:e2:39:1a:3a:3f:74:c5:94:
+ 88:0c:34:90:1e:f9:b0:d9:23:e4:29:33:4a:2f:59:c7:88:52:
+ c9:69:a9:6d:c7:8d:da:92:c3:4e:f3:c9:3c:5e:28:e1:ae:e0:
+ b7:ef:b4:07:18:70:b7:ea:2c:8a:e1:92:31:1c:71:26:cf:d5:
+ 5b:c6:fd:88:db:8b:30:36:41:91:b1:fd:63:c3:3e:b2:e2:64:
+ 5e:b2:ac:90:0c:6f:d5:21:4c:22:85:c5:0e:65:23:46:31:52:
+ 31:f5:42:d8:b3:78:bb:3e:d2:f0:69:61:b9:45:4e:6b:79:78:
+ a8:60:23:7a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -80,10 +80,10 @@ gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCKwr3o0lPfogFxLb0kwM46QbyGJFFK
-ZgaeHx/HReLbq2DoibqXd/7QFoAZrwDQLEPDuYxu/1wIAUqhLLq625b4odnnZSru
-2W1zehln7WdpMBP+Y2fs5IyJNxGCyNU+e7smAqAQRHJR1uoznlQBGlvtDr5Dj6Bb
-3Cb66Xwg5JptW4fJleV6Wy2amqtlN5+IeSwQg4Iydh1P+b+N/S8Wp9e7ZEFqbQKd
-9fUxRMVkVpq4pN2I7Xk79CPXD4oq8/SSR/X2DxnpfGr+8GLDQ0WibPUuC8PFiyFw
-aPxYY5EdpDXrW0xn3x1Ko6OeFqVr4wVmAB4Dqj8N+C/39ngI4LYfIA49
+BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCYKabA3mzQPcP/0Fdfg0i94IAceuCB
+qV5DFwEbwNaJMOshR56KOHM3dFIENzdufhEO+MvHfE9DTwdkVnr3Zk+YL2oBrgRy
+ZAMyiOd+YK4eFpNNUURBp7Y+GeYgyTA6j4Z3uZzCuPHZeqkQzM6VRrtiDdjIeDdR
+US6DqFvv+qA0u6OTZrZPciX84jkaOj90xZSIDDSQHvmw2SPkKTNKL1nHiFLJaalt
+x43aksNO88k8XijhruC377QHGHC36iyK4ZIxHHEmz9Vbxv2I24swNkGRsf1jwz6y
+4mResqyQDG/VIUwihcUOZSNGMVIx9ULYs3i7PtLwaWG5RU5reXioYCN6
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem
index 64b0d0e4..0b9b86ac 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 64:05:b5:78:b4:eb:f3:d5:be:5f:ec:27:6e:7d:ad:74:6c:da:
- c4:2c:cf:fc:b9:4f:52:7f:b1:78:3a:de:f6:9a:97:f5:aa:a4:
- ce:b0:2a:84:b5:33:5f:b4:55:b9:f9:03:58:ba:7a:86:8d:b7:
- ff:e5:dd:69:b9:e8:40:76:cf:5b:8e:9c:a5:0b:df:35:da:d6:
- 8c:72:b5:a6:92:d5:e5:7b:75:10:6c:89:33:0a:34:2d:ef:bb:
- 72:6d:be:89:b0:b3:71:b4:50:a1:00:b7:01:d8:31:bf:db:40:
- df:d1:1f:a8:16:e6:4b:2e:04:98:66:8c:73:43:50:95:73:80:
- 0b:84:8f:2d:be:cb:6b:1b:1b:a1:78:d4:bd:b0:a5:b9:34:a9:
- 3f:56:b0:0b:b2:dc:34:0f:e6:5f:42:8e:be:57:9d:40:49:6b:
- 1d:f8:4d:03:30:4c:e4:d9:25:ad:3f:96:8c:3e:ac:e1:8f:34:
- ee:65:50:a0:79:b0:1e:2c:85:0c:11:6d:02:d8:be:1c:d9:0a:
- c5:01:4f:8b:a8:b3:91:0a:76:3a:a2:b0:cd:24:10:6e:e1:7f:
- 0e:35:71:97:56:18:15:61:11:e1:4d:90:ff:67:2b:52:54:e9:
- 44:27:2c:4f:fc:59:0f:e0:87:69:44:92:8d:d0:b6:db:8a:e2:
- 70:0d:12:05
+ 44:d2:b6:d0:85:31:bf:1f:a2:b1:91:6b:ee:dc:80:ac:29:81:
+ 0e:b4:c3:e8:8e:91:be:66:f2:44:61:8b:6c:44:17:d9:cd:15:
+ 40:bd:ce:7c:ca:7d:ad:c8:e1:81:90:a4:28:57:88:71:49:9f:
+ 03:bb:4b:8c:ff:02:08:98:d2:e4:b0:ca:be:f2:df:08:18:24:
+ f7:3c:22:be:f2:23:10:96:95:2b:f0:a0:ed:16:08:1a:1e:ce:
+ df:1d:f7:b3:35:af:f4:86:f2:16:b5:2c:90:bd:0a:f8:64:61:
+ da:c6:2e:4b:1f:05:30:1a:72:d3:51:33:26:61:5d:0d:14:0f:
+ b8:b9:dc:6f:78:57:a0:63:4c:f0:16:49:fd:48:54:c3:92:1e:
+ c0:04:8a:16:c0:9a:35:08:be:49:f2:dd:90:6a:90:48:d5:9f:
+ 48:82:18:f2:04:d6:d8:07:55:17:99:8e:27:cf:86:8d:1b:a6:
+ 02:72:42:a8:53:e6:5d:20:5a:8d:2e:d3:fc:a7:71:4c:b2:21:
+ 9d:14:8c:f1:49:3c:ca:e7:e6:c6:51:7f:41:3c:37:1a:38:21:
+ a4:ee:9e:1b:cc:8b:09:df:35:de:18:c4:7a:89:32:b9:8d:15:
+ eb:07:5b:2b:5c:55:a5:44:db:fb:f2:15:16:1c:01:16:dd:de:
+ d9:7a:bf:dc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -80,10 +80,10 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZAW1eLTr89W+X+wnbn2tdGzaxCzP/LlP
-Un+xeDre9pqX9aqkzrAqhLUzX7RVufkDWLp6ho23/+XdabnoQHbPW46cpQvfNdrW
-jHK1ppLV5Xt1EGyJMwo0Le+7cm2+ibCzcbRQoQC3Adgxv9tA39EfqBbmSy4EmGaM
-c0NQlXOAC4SPLb7LaxsboXjUvbCluTSpP1awC7LcNA/mX0KOvledQElrHfhNAzBM
-5NklrT+WjD6s4Y807mVQoHmwHiyFDBFtAti+HNkKxQFPi6izkQp2OqKwzSQQbuF/
-DjVxl1YYFWER4U2Q/2crUlTpRCcsT/xZD+CHaUSSjdC224ricA0SBQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEARNK20IUxvx+isZFr7tyArCmBDrTD6I6R
+vmbyRGGLbEQX2c0VQL3OfMp9rcjhgZCkKFeIcUmfA7tLjP8CCJjS5LDKvvLfCBgk
+9zwivvIjEJaVK/Cg7RYIGh7O3x33szWv9IbyFrUskL0K+GRh2sYuSx8FMBpy01Ez
+JmFdDRQPuLncb3hXoGNM8BZJ/UhUw5IewASKFsCaNQi+SfLdkGqQSNWfSIIY8gTW
+2AdVF5mOJ8+GjRumAnJCqFPmXSBajS7T/KdxTLIhnRSM8Uk8yufmxlF/QTw3Gjgh
+pO6eG8yLCd813hjEeokyuY0V6wdbK1xVpUTb+/IVFhwBFt3e2Xq/3A==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem
index 2b09049a..a11ff487 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 6c:4e:a1:bd:fd:0a:46:ac:b3:94:e7:4b:20:99:1f:3e:4a:10:
- 95:1d:21:f9:71:da:f6:4a:c9:dc:78:14:a9:5e:01:6b:40:8f:
- 18:40:6e:6d:a5:82:91:19:79:0a:d1:5e:15:16:46:c0:05:5a:
- 67:56:8a:14:8e:9c:09:61:bc:11:f8:4d:f8:66:8d:84:c5:7d:
- e3:28:3d:ff:db:37:c4:08:48:4e:ce:0c:89:49:a6:a8:fc:d5:
- 14:6f:e4:ae:cf:64:f4:21:3a:a9:58:fe:50:b2:5b:c2:14:a8:
- 0f:3b:c7:c7:ae:ef:40:48:8c:35:cc:09:87:2d:6b:b3:95:a8:
- ff:e9:c1:3a:88:48:a2:64:6c:2a:1c:a4:19:34:69:76:0d:e4:
- 71:fc:46:f0:2f:17:fa:17:ed:c8:d4:af:d8:cc:d2:97:f1:93:
- 5e:4c:37:a7:06:b0:c3:9e:a7:e3:f9:1d:ca:bf:e0:3d:8e:b1:
- 30:8c:bc:4e:94:8c:0e:fa:41:29:e5:21:ba:77:f2:74:31:58:
- fe:7c:c1:03:f5:28:2a:68:2b:ab:ba:87:61:b9:85:54:21:4d:
- c0:22:35:4d:18:c2:a1:f3:70:56:e9:4b:a2:95:86:f5:c4:da:
- 70:d6:bc:17:67:c8:f2:3d:1f:80:0f:78:85:52:30:5b:6e:eb:
- 6f:b7:bb:a2
+ 47:22:2e:50:b3:0b:ed:17:f9:70:a3:71:3e:8d:55:d4:2f:16:
+ 4a:9e:b4:c9:1d:b4:fa:20:10:2b:0f:db:71:b9:50:bf:52:f6:
+ f8:ad:0d:65:69:13:99:e3:eb:ef:98:7e:9c:e7:f9:5d:ff:d4:
+ 9b:76:44:ba:d6:ce:7d:c1:cb:03:c7:a0:30:b8:76:05:fe:a9:
+ ca:7d:fe:6f:da:4a:2b:a2:18:bc:98:f2:00:68:72:4a:93:ae:
+ 85:e0:c0:01:f9:ca:ac:f5:11:26:72:e3:48:34:3a:ce:ac:de:
+ dc:4e:cf:8c:ea:78:72:40:0e:08:42:ec:6e:3e:f5:13:ce:fa:
+ d5:38:65:88:f7:e5:61:6b:85:18:e1:ec:5b:fb:6d:1c:52:df:
+ 99:16:01:00:70:a8:1d:1e:89:39:df:c3:fb:de:17:cd:69:68:
+ bc:78:1f:21:9d:f3:69:bc:76:ee:00:e4:ea:ea:73:b4:4f:89:
+ 07:14:3e:94:77:28:f1:75:97:c7:43:72:2d:79:f5:a0:36:b1:
+ e5:26:50:c6:23:6b:88:83:57:13:74:4d:27:8a:11:f6:98:64:
+ a7:b2:9e:3e:18:c6:a2:85:60:22:7a:a0:5a:70:38:08:7b:2c:
+ 9a:1c:b9:32:e4:08:14:1b:a5:a1:ab:03:f6:60:8b:3d:b3:72:
+ c2:d8:de:ab
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -80,10 +80,10 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQBsTqG9/QpGrLOU50sgmR8+ShCVHSH5cdr2SsnceBSpXgFrQI8YQG5t
-pYKRGXkK0V4VFkbABVpnVooUjpwJYbwR+E34Zo2ExX3jKD3/2zfECEhOzgyJSaao
-/NUUb+Suz2T0ITqpWP5QslvCFKgPO8fHru9ASIw1zAmHLWuzlaj/6cE6iEiiZGwq
-HKQZNGl2DeRx/EbwLxf6F+3I1K/YzNKX8ZNeTDenBrDDnqfj+R3Kv+A9jrEwjLxO
-lIwO+kEp5SG6d/J0MVj+fMED9SgqaCuruodhuYVUIU3AIjVNGMKh83BW6UuilYb1
-xNpw1rwXZ8jyPR+AD3iFUjBbbutvt7ui
+CwUAA4IBAQBHIi5QswvtF/lwo3E+jVXULxZKnrTJHbT6IBArD9txuVC/Uvb4rQ1l
+aROZ4+vvmH6c5/ld/9SbdkS61s59wcsDx6AwuHYF/qnKff5v2korohi8mPIAaHJK
+k66F4MAB+cqs9REmcuNINDrOrN7cTs+M6nhyQA4IQuxuPvUTzvrVOGWI9+Vha4UY
+4exb+20cUt+ZFgEAcKgdHok538P73hfNaWi8eB8hnfNpvHbuAOTq6nO0T4kHFD6U
+dyjxdZfHQ3ItefWgNrHlJlDGI2uIg1cTdE0nihH2mGSnsp4+GMaihWAieqBacDgI
+eyyaHLky5AgUG6WhqwP2YIs9s3LC2N6r
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem
index 5951c8a3..885a35ba 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:2
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 3b:8b:b7:2b:1d:58:68:22:70:84:71:02:0f:80:9e:f8:04:7a:
- 0c:aa:ab:60:ce:d0:ef:a5:0d:1f:6f:be:cf:06:8d:a2:52:3b:
- 3f:3d:22:6c:6a:37:a3:2e:be:b2:6c:c6:5f:95:7b:68:df:22:
- 9a:31:6e:eb:c1:5d:80:0c:2c:34:44:b4:3a:6a:f9:1c:8c:68:
- 39:1d:52:05:47:b9:a3:23:87:72:19:d4:d3:87:59:df:eb:b8:
- ef:19:b3:15:e0:c4:65:5a:9b:b2:42:67:f9:01:5a:2d:a1:73:
- 8c:2e:02:f9:56:20:57:23:03:3f:f9:13:ec:14:51:d0:9e:d4:
- 49:ec:9e:f1:47:b2:19:19:03:59:cc:3f:f0:ef:d1:3d:8a:06:
- 37:f2:3c:70:f4:c4:c8:b0:57:4c:c1:18:4d:a1:c0:c6:3e:c7:
- b3:1f:66:50:39:3f:f7:12:cf:b1:ff:26:ad:59:86:d6:18:d3:
- 24:b7:6f:75:b7:8d:60:c4:63:e2:22:52:ff:b3:ea:03:b8:eb:
- b9:a2:2b:38:97:70:e9:5c:0d:a4:88:d0:85:b0:2b:b2:f7:75:
- 3c:7d:2b:15:56:b4:78:ce:66:71:bc:62:60:24:72:3b:37:07:
- 8f:75:ba:29:6e:25:9d:80:66:7b:41:f7:8a:e0:ce:8a:41:3c:
- 24:1e:fc:34
+ 38:0c:f8:b9:53:67:57:a3:18:3c:0a:74:2d:13:79:32:7b:e2:
+ 4b:4f:82:5a:0e:7f:bb:ca:87:63:09:02:bd:31:62:2b:74:c4:
+ 47:fe:96:4a:8b:97:ee:43:ea:be:d4:0d:07:3f:57:dd:e5:ea:
+ da:d8:30:94:64:73:b6:fd:d7:4f:72:41:ce:13:fc:65:c6:b1:
+ f7:5c:b7:60:d9:55:bd:c4:89:49:57:90:15:be:cc:93:ee:3e:
+ bd:37:22:7a:98:9d:17:69:4f:87:62:82:f6:03:2d:ee:52:22:
+ 8c:86:bb:ba:93:9e:23:d8:d9:a2:4b:7e:ef:7d:59:d8:01:00:
+ 8d:f8:e6:b0:ac:ef:41:72:ff:ab:0d:b1:4f:cd:1e:73:81:3a:
+ 19:5a:3e:ac:da:f0:7f:be:b3:98:5f:22:08:96:2a:c4:41:43:
+ 0b:83:30:07:c1:25:eb:2d:5f:60:a2:e5:b4:57:45:71:59:f9:
+ 5b:b7:fd:3b:b3:4e:f0:cf:18:b9:0f:03:88:43:1d:9e:be:7b:
+ b1:a4:1f:e4:bc:ee:59:b7:2c:fe:a2:a6:08:96:f8:df:63:80:
+ 02:a5:61:a8:16:86:d1:28:c5:db:c6:0a:bb:4a:e4:61:ec:50:
+ 6c:58:c3:b0:0b:ba:be:fa:14:8c:36:59:ef:a3:6b:57:4a:6c:
+ 3e:33:6e:8a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0
LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBADuLtysdWGgicIRxAg+AnvgEegyqq2DO0O+lDR9vvs8G
-jaJSOz89ImxqN6MuvrJsxl+Ve2jfIpoxbuvBXYAMLDREtDpq+RyMaDkdUgVHuaMj
-h3IZ1NOHWd/ruO8ZsxXgxGVam7JCZ/kBWi2hc4wuAvlWIFcjAz/5E+wUUdCe1Ens
-nvFHshkZA1nMP/Dv0T2KBjfyPHD0xMiwV0zBGE2hwMY+x7MfZlA5P/cSz7H/Jq1Z
-htYY0yS3b3W3jWDEY+IiUv+z6gO467miKziXcOlcDaSI0IWwK7L3dTx9KxVWtHjO
-ZnG8YmAkcjs3B491uiluJZ2AZntB94rgzopBPCQe/DQ=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBADgM+LlTZ1ejGDwKdC0TeTJ74ktPgloOf7vKh2MJAr0x
+Yit0xEf+lkqLl+5D6r7UDQc/V93l6trYMJRkc7b9109yQc4T/GXGsfdct2DZVb3E
+iUlXkBW+zJPuPr03InqYnRdpT4digvYDLe5SIoyGu7qTniPY2aJLfu99WdgBAI34
+5rCs70Fy/6sNsU/NHnOBOhlaPqza8H++s5hfIgiWKsRBQwuDMAfBJestX2Ci5bRX
+RXFZ+Vu3/TuzTvDPGLkPA4hDHZ6+e7GkH+S87lm3LP6ipgiW+N9jgAKlYagWhtEo
+xdvGCrtK5GHsUGxYw7ALur76FIw2We+ja1dKbD4zboo=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem
index da2f3f6f..33394ec6 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 80:3e:0c:a6:77:8f:f3:d3:e5:b8:d9:7e:73:95:f7:c1:1b:6d:
- 00:2b:51:a8:02:2e:11:47:1e:b7:c8:ed:04:e4:63:fc:93:6a:
- a5:7c:78:b5:4c:38:36:9e:5c:60:44:92:d0:0c:e1:af:0e:7d:
- 14:f6:2a:9d:13:97:92:5e:13:e6:e9:d2:88:cd:89:a2:90:58:
- 2b:5d:ef:33:3e:99:19:11:f1:f5:53:17:11:ed:4c:ec:10:c6:
- 7f:eb:af:81:47:d4:45:dd:40:4c:34:a4:62:ab:0d:d8:2e:fe:
- eb:81:3c:7d:8d:75:81:b1:47:64:0f:87:c6:7b:c4:13:a4:40:
- 8f:b9:da:be:c8:1c:15:18:58:b6:a3:f6:81:6e:0f:f3:c0:4c:
- d2:77:d5:4d:ed:9f:43:58:9d:e2:f7:e7:d6:a0:dd:f3:c5:5f:
- 7e:54:12:ac:4f:53:8a:60:45:d7:fc:22:df:79:1e:a3:26:78:
- c6:6e:b9:f5:44:9c:71:40:16:41:18:d4:d2:79:7a:13:d7:2d:
- e0:a8:25:55:67:92:66:dd:18:bf:46:40:5b:fb:be:d1:fb:ed:
- db:3c:b1:c5:0f:ff:89:95:0a:a5:1e:cb:18:4d:2c:ba:ac:e9:
- d3:28:af:82:21:ff:78:d5:a8:a0:3a:ce:f3:21:9a:b6:d6:61:
- 4b:bd:73:14
+ 46:5c:9c:45:3c:a5:1d:27:7f:4b:b6:2d:7d:aa:03:28:53:a5:
+ e3:cb:5a:63:16:58:5c:fe:97:65:c4:1e:d3:34:fe:8f:46:6e:
+ 09:e4:2f:18:c9:fd:d0:7b:90:ab:f6:a5:89:fb:d0:0c:3a:f8:
+ 3c:53:d5:3b:3a:2e:c0:dd:59:e1:6f:ed:e8:d4:1f:d3:9f:5e:
+ c8:1f:50:ba:6d:16:1f:25:ab:e0:aa:74:8f:38:50:e8:98:f9:
+ 07:0f:71:3f:16:ce:cc:51:f8:ff:61:47:33:b4:98:36:63:19:
+ 06:3e:0c:a1:69:ba:67:64:9c:46:8a:ea:3e:62:27:c0:b3:60:
+ 7a:37:2b:fc:e2:c5:a8:8f:82:69:48:ff:4f:be:c4:8a:22:a3:
+ 53:db:df:ee:c5:87:b7:da:55:f7:cd:48:e1:45:e7:22:f2:ec:
+ bd:94:2c:a5:e5:ea:9c:60:c6:b8:83:6a:6a:9a:c9:46:9b:6e:
+ 88:38:d2:56:65:42:a6:5a:0f:d0:60:92:06:f4:1f:d9:5f:cd:
+ 07:93:04:00:1a:c1:eb:d8:a8:78:80:9f:c2:b7:b2:e9:4d:8c:
+ 6d:09:85:f0:87:c1:d6:d9:12:72:13:68:71:16:f7:53:f4:92:
+ 9b:d4:46:31:b5:45:32:7b:f8:e6:dd:bf:d1:f9:aa:da:d3:7e:
+ 06:2b:dd:fa
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,12 +78,12 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-gD4MpneP89PluNl+c5X3wRttACtRqAIuEUcet8jtBORj/JNqpXx4tUw4Np5cYESS
-0Azhrw59FPYqnROXkl4T5unSiM2JopBYK13vMz6ZGRHx9VMXEe1M7BDGf+uvgUfU
-Rd1ATDSkYqsN2C7+64E8fY11gbFHZA+HxnvEE6RAj7navsgcFRhYtqP2gW4P88BM
-0nfVTe2fQ1id4vfn1qDd88VfflQSrE9TimBF1/wi33keoyZ4xm659USccUAWQRjU
-0nl6E9ct4KglVWeSZt0Yv0ZAW/u+0fvt2zyxxQ//iZUKpR7LGE0suqzp0yivgiH/
-eNWooDrO8yGattZhS71zFA==
+RlycRTylHSd/S7YtfaoDKFOl48taYxZYXP6XZcQe0zT+j0ZuCeQvGMn90HuQq/al
+ifvQDDr4PFPVOzouwN1Z4W/t6NQf059eyB9Qum0WHyWr4Kp0jzhQ6Jj5Bw9xPxbO
+zFH4/2FHM7SYNmMZBj4MoWm6Z2ScRorqPmInwLNgejcr/OLFqI+CaUj/T77EiiKj
+U9vf7sWHt9pV981I4UXnIvLsvZQspeXqnGDGuINqaprJRptuiDjSVmVCploP0GCS
+BvQf2V/NB5MEABrB69ioeICfwrey6U2MbQmF8IfB1tkSchNocRb3U/SSm9RGMbVF
+Mnv45t2/0fmq2tN+Bivd+g==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -92,8 +92,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 8a:c2:bd:e8:d2:53:df:a2:01:71:2d:bd:24:c0:ce:3a:41:bc:
- 86:24:51:4a:66:06:9e:1f:1f:c7:45:e2:db:ab:60:e8:89:ba:
- 97:77:fe:d0:16:80:19:af:00:d0:2c:43:c3:b9:8c:6e:ff:5c:
- 08:01:4a:a1:2c:ba:ba:db:96:f8:a1:d9:e7:65:2a:ee:d9:6d:
- 73:7a:19:67:ed:67:69:30:13:fe:63:67:ec:e4:8c:89:37:11:
- 82:c8:d5:3e:7b:bb:26:02:a0:10:44:72:51:d6:ea:33:9e:54:
- 01:1a:5b:ed:0e:be:43:8f:a0:5b:dc:26:fa:e9:7c:20:e4:9a:
- 6d:5b:87:c9:95:e5:7a:5b:2d:9a:9a:ab:65:37:9f:88:79:2c:
- 10:83:82:32:76:1d:4f:f9:bf:8d:fd:2f:16:a7:d7:bb:64:41:
- 6a:6d:02:9d:f5:f5:31:44:c5:64:56:9a:b8:a4:dd:88:ed:79:
- 3b:f4:23:d7:0f:8a:2a:f3:f4:92:47:f5:f6:0f:19:e9:7c:6a:
- fe:f0:62:c3:43:45:a2:6c:f5:2e:0b:c3:c5:8b:21:70:68:fc:
- 58:63:91:1d:a4:35:eb:5b:4c:67:df:1d:4a:a3:a3:9e:16:a5:
- 6b:e3:05:66:00:1e:03:aa:3f:0d:f8:2f:f7:f6:78:08:e0:b6:
- 1f:20:0e:3d
+ 98:29:a6:c0:de:6c:d0:3d:c3:ff:d0:57:5f:83:48:bd:e0:80:
+ 1c:7a:e0:81:a9:5e:43:17:01:1b:c0:d6:89:30:eb:21:47:9e:
+ 8a:38:73:37:74:52:04:37:37:6e:7e:11:0e:f8:cb:c7:7c:4f:
+ 43:4f:07:64:56:7a:f7:66:4f:98:2f:6a:01:ae:04:72:64:03:
+ 32:88:e7:7e:60:ae:1e:16:93:4d:51:44:41:a7:b6:3e:19:e6:
+ 20:c9:30:3a:8f:86:77:b9:9c:c2:b8:f1:d9:7a:a9:10:cc:ce:
+ 95:46:bb:62:0d:d8:c8:78:37:51:51:2e:83:a8:5b:ef:fa:a0:
+ 34:bb:a3:93:66:b6:4f:72:25:fc:e2:39:1a:3a:3f:74:c5:94:
+ 88:0c:34:90:1e:f9:b0:d9:23:e4:29:33:4a:2f:59:c7:88:52:
+ c9:69:a9:6d:c7:8d:da:92:c3:4e:f3:c9:3c:5e:28:e1:ae:e0:
+ b7:ef:b4:07:18:70:b7:ea:2c:8a:e1:92:31:1c:71:26:cf:d5:
+ 5b:c6:fd:88:db:8b:30:36:41:91:b1:fd:63:c3:3e:b2:e2:64:
+ 5e:b2:ac:90:0c:6f:d5:21:4c:22:85:c5:0e:65:23:46:31:52:
+ 31:f5:42:d8:b3:78:bb:3e:d2:f0:69:61:b9:45:4e:6b:79:78:
+ a8:60:23:7a
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -167,12 +167,12 @@ gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI
hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCKwr3o0lPfogFxLb0kwM46QbyGJFFK
-ZgaeHx/HReLbq2DoibqXd/7QFoAZrwDQLEPDuYxu/1wIAUqhLLq625b4odnnZSru
-2W1zehln7WdpMBP+Y2fs5IyJNxGCyNU+e7smAqAQRHJR1uoznlQBGlvtDr5Dj6Bb
-3Cb66Xwg5JptW4fJleV6Wy2amqtlN5+IeSwQg4Iydh1P+b+N/S8Wp9e7ZEFqbQKd
-9fUxRMVkVpq4pN2I7Xk79CPXD4oq8/SSR/X2DxnpfGr+8GLDQ0WibPUuC8PFiyFw
-aPxYY5EdpDXrW0xn3x1Ko6OeFqVr4wVmAB4Dqj8N+C/39ngI4LYfIA49
+BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCYKabA3mzQPcP/0Fdfg0i94IAceuCB
+qV5DFwEbwNaJMOshR56KOHM3dFIENzdufhEO+MvHfE9DTwdkVnr3Zk+YL2oBrgRy
+ZAMyiOd+YK4eFpNNUURBp7Y+GeYgyTA6j4Z3uZzCuPHZeqkQzM6VRrtiDdjIeDdR
+US6DqFvv+qA0u6OTZrZPciX84jkaOj90xZSIDDSQHvmw2SPkKTNKL1nHiFLJaalt
+x43aksNO88k8XijhruC377QHGHC36iyK4ZIxHHEmz9Vbxv2I24swNkGRsf1jwz6y
+4mResqyQDG/VIUwihcUOZSNGMVIx9ULYs3i7PtLwaWG5RU5reXioYCN6
-----END CERTIFICATE-----
Certificate:
Data:
@@ -181,8 +181,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 64:05:b5:78:b4:eb:f3:d5:be:5f:ec:27:6e:7d:ad:74:6c:da:
- c4:2c:cf:fc:b9:4f:52:7f:b1:78:3a:de:f6:9a:97:f5:aa:a4:
- ce:b0:2a:84:b5:33:5f:b4:55:b9:f9:03:58:ba:7a:86:8d:b7:
- ff:e5:dd:69:b9:e8:40:76:cf:5b:8e:9c:a5:0b:df:35:da:d6:
- 8c:72:b5:a6:92:d5:e5:7b:75:10:6c:89:33:0a:34:2d:ef:bb:
- 72:6d:be:89:b0:b3:71:b4:50:a1:00:b7:01:d8:31:bf:db:40:
- df:d1:1f:a8:16:e6:4b:2e:04:98:66:8c:73:43:50:95:73:80:
- 0b:84:8f:2d:be:cb:6b:1b:1b:a1:78:d4:bd:b0:a5:b9:34:a9:
- 3f:56:b0:0b:b2:dc:34:0f:e6:5f:42:8e:be:57:9d:40:49:6b:
- 1d:f8:4d:03:30:4c:e4:d9:25:ad:3f:96:8c:3e:ac:e1:8f:34:
- ee:65:50:a0:79:b0:1e:2c:85:0c:11:6d:02:d8:be:1c:d9:0a:
- c5:01:4f:8b:a8:b3:91:0a:76:3a:a2:b0:cd:24:10:6e:e1:7f:
- 0e:35:71:97:56:18:15:61:11:e1:4d:90:ff:67:2b:52:54:e9:
- 44:27:2c:4f:fc:59:0f:e0:87:69:44:92:8d:d0:b6:db:8a:e2:
- 70:0d:12:05
+ 44:d2:b6:d0:85:31:bf:1f:a2:b1:91:6b:ee:dc:80:ac:29:81:
+ 0e:b4:c3:e8:8e:91:be:66:f2:44:61:8b:6c:44:17:d9:cd:15:
+ 40:bd:ce:7c:ca:7d:ad:c8:e1:81:90:a4:28:57:88:71:49:9f:
+ 03:bb:4b:8c:ff:02:08:98:d2:e4:b0:ca:be:f2:df:08:18:24:
+ f7:3c:22:be:f2:23:10:96:95:2b:f0:a0:ed:16:08:1a:1e:ce:
+ df:1d:f7:b3:35:af:f4:86:f2:16:b5:2c:90:bd:0a:f8:64:61:
+ da:c6:2e:4b:1f:05:30:1a:72:d3:51:33:26:61:5d:0d:14:0f:
+ b8:b9:dc:6f:78:57:a0:63:4c:f0:16:49:fd:48:54:c3:92:1e:
+ c0:04:8a:16:c0:9a:35:08:be:49:f2:dd:90:6a:90:48:d5:9f:
+ 48:82:18:f2:04:d6:d8:07:55:17:99:8e:27:cf:86:8d:1b:a6:
+ 02:72:42:a8:53:e6:5d:20:5a:8d:2e:d3:fc:a7:71:4c:b2:21:
+ 9d:14:8c:f1:49:3c:ca:e7:e6:c6:51:7f:41:3c:37:1a:38:21:
+ a4:ee:9e:1b:cc:8b:09:df:35:de:18:c4:7a:89:32:b9:8d:15:
+ eb:07:5b:2b:5c:55:a5:44:db:fb:f2:15:16:1c:01:16:dd:de:
+ d9:7a:bf:dc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -256,12 +256,12 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3
DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZAW1eLTr89W+X+wnbn2tdGzaxCzP/LlP
-Un+xeDre9pqX9aqkzrAqhLUzX7RVufkDWLp6ho23/+XdabnoQHbPW46cpQvfNdrW
-jHK1ppLV5Xt1EGyJMwo0Le+7cm2+ibCzcbRQoQC3Adgxv9tA39EfqBbmSy4EmGaM
-c0NQlXOAC4SPLb7LaxsboXjUvbCluTSpP1awC7LcNA/mX0KOvledQElrHfhNAzBM
-5NklrT+WjD6s4Y807mVQoHmwHiyFDBFtAti+HNkKxQFPi6izkQp2OqKwzSQQbuF/
-DjVxl1YYFWER4U2Q/2crUlTpRCcsT/xZD+CHaUSSjdC224ricA0SBQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEARNK20IUxvx+isZFr7tyArCmBDrTD6I6R
+vmbyRGGLbEQX2c0VQL3OfMp9rcjhgZCkKFeIcUmfA7tLjP8CCJjS5LDKvvLfCBgk
+9zwivvIjEJaVK/Cg7RYIGh7O3x33szWv9IbyFrUskL0K+GRh2sYuSx8FMBpy01Ez
+JmFdDRQPuLncb3hXoGNM8BZJ/UhUw5IewASKFsCaNQi+SfLdkGqQSNWfSIIY8gTW
+2AdVF5mOJ8+GjRumAnJCqFPmXSBajS7T/KdxTLIhnRSM8Uk8yufmxlF/QTw3Gjgh
+pO6eG8yLCd813hjEeokyuY0V6wdbK1xVpUTb+/IVFhwBFt3e2Xq/3A==
-----END CERTIFICATE-----
Certificate:
Data:
@@ -270,8 +270,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -309,27 +309,27 @@ Certificate:
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 6c:4e:a1:bd:fd:0a:46:ac:b3:94:e7:4b:20:99:1f:3e:4a:10:
- 95:1d:21:f9:71:da:f6:4a:c9:dc:78:14:a9:5e:01:6b:40:8f:
- 18:40:6e:6d:a5:82:91:19:79:0a:d1:5e:15:16:46:c0:05:5a:
- 67:56:8a:14:8e:9c:09:61:bc:11:f8:4d:f8:66:8d:84:c5:7d:
- e3:28:3d:ff:db:37:c4:08:48:4e:ce:0c:89:49:a6:a8:fc:d5:
- 14:6f:e4:ae:cf:64:f4:21:3a:a9:58:fe:50:b2:5b:c2:14:a8:
- 0f:3b:c7:c7:ae:ef:40:48:8c:35:cc:09:87:2d:6b:b3:95:a8:
- ff:e9:c1:3a:88:48:a2:64:6c:2a:1c:a4:19:34:69:76:0d:e4:
- 71:fc:46:f0:2f:17:fa:17:ed:c8:d4:af:d8:cc:d2:97:f1:93:
- 5e:4c:37:a7:06:b0:c3:9e:a7:e3:f9:1d:ca:bf:e0:3d:8e:b1:
- 30:8c:bc:4e:94:8c:0e:fa:41:29:e5:21:ba:77:f2:74:31:58:
- fe:7c:c1:03:f5:28:2a:68:2b:ab:ba:87:61:b9:85:54:21:4d:
- c0:22:35:4d:18:c2:a1:f3:70:56:e9:4b:a2:95:86:f5:c4:da:
- 70:d6:bc:17:67:c8:f2:3d:1f:80:0f:78:85:52:30:5b:6e:eb:
- 6f:b7:bb:a2
+ 47:22:2e:50:b3:0b:ed:17:f9:70:a3:71:3e:8d:55:d4:2f:16:
+ 4a:9e:b4:c9:1d:b4:fa:20:10:2b:0f:db:71:b9:50:bf:52:f6:
+ f8:ad:0d:65:69:13:99:e3:eb:ef:98:7e:9c:e7:f9:5d:ff:d4:
+ 9b:76:44:ba:d6:ce:7d:c1:cb:03:c7:a0:30:b8:76:05:fe:a9:
+ ca:7d:fe:6f:da:4a:2b:a2:18:bc:98:f2:00:68:72:4a:93:ae:
+ 85:e0:c0:01:f9:ca:ac:f5:11:26:72:e3:48:34:3a:ce:ac:de:
+ dc:4e:cf:8c:ea:78:72:40:0e:08:42:ec:6e:3e:f5:13:ce:fa:
+ d5:38:65:88:f7:e5:61:6b:85:18:e1:ec:5b:fb:6d:1c:52:df:
+ 99:16:01:00:70:a8:1d:1e:89:39:df:c3:fb:de:17:cd:69:68:
+ bc:78:1f:21:9d:f3:69:bc:76:ee:00:e4:ea:ea:73:b4:4f:89:
+ 07:14:3e:94:77:28:f1:75:97:c7:43:72:2d:79:f5:a0:36:b1:
+ e5:26:50:c6:23:6b:88:83:57:13:74:4d:27:8a:11:f6:98:64:
+ a7:b2:9e:3e:18:c6:a2:85:60:22:7a:a0:5a:70:38:08:7b:2c:
+ 9a:1c:b9:32:e4:08:14:1b:a5:a1:ab:03:f6:60:8b:3d:b3:72:
+ c2:d8:de:ab
-----BEGIN CERTIFICATE-----
MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -345,12 +345,12 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQBsTqG9/QpGrLOU50sgmR8+ShCVHSH5cdr2SsnceBSpXgFrQI8YQG5t
-pYKRGXkK0V4VFkbABVpnVooUjpwJYbwR+E34Zo2ExX3jKD3/2zfECEhOzgyJSaao
-/NUUb+Suz2T0ITqpWP5QslvCFKgPO8fHru9ASIw1zAmHLWuzlaj/6cE6iEiiZGwq
-HKQZNGl2DeRx/EbwLxf6F+3I1K/YzNKX8ZNeTDenBrDDnqfj+R3Kv+A9jrEwjLxO
-lIwO+kEp5SG6d/J0MVj+fMED9SgqaCuruodhuYVUIU3AIjVNGMKh83BW6UuilYb1
-xNpw1rwXZ8jyPR+AD3iFUjBbbutvt7ui
+CwUAA4IBAQBHIi5QswvtF/lwo3E+jVXULxZKnrTJHbT6IBArD9txuVC/Uvb4rQ1l
+aROZ4+vvmH6c5/ld/9SbdkS61s59wcsDx6AwuHYF/qnKff5v2korohi8mPIAaHJK
+k66F4MAB+cqs9REmcuNINDrOrN7cTs+M6nhyQA4IQuxuPvUTzvrVOGWI9+Vha4UY
+4exb+20cUt+ZFgEAcKgdHok538P73hfNaWi8eB8hnfNpvHbuAOTq6nO0T4kHFD6U
+dyjxdZfHQ3ItefWgNrHlJlDGI2uIg1cTdE0nihH2mGSnsp4+GMaihWAieqBacDgI
+eyyaHLky5AgUG6WhqwP2YIs9s3LC2N6r
-----END CERTIFICATE-----
Certificate:
Data:
@@ -359,8 +359,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -391,34 +391,34 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE, pathlen:2
X509v3 Key Usage:
Certificate Sign, CRL Sign
Signature Algorithm: sha256WithRSAEncryption
- 3b:8b:b7:2b:1d:58:68:22:70:84:71:02:0f:80:9e:f8:04:7a:
- 0c:aa:ab:60:ce:d0:ef:a5:0d:1f:6f:be:cf:06:8d:a2:52:3b:
- 3f:3d:22:6c:6a:37:a3:2e:be:b2:6c:c6:5f:95:7b:68:df:22:
- 9a:31:6e:eb:c1:5d:80:0c:2c:34:44:b4:3a:6a:f9:1c:8c:68:
- 39:1d:52:05:47:b9:a3:23:87:72:19:d4:d3:87:59:df:eb:b8:
- ef:19:b3:15:e0:c4:65:5a:9b:b2:42:67:f9:01:5a:2d:a1:73:
- 8c:2e:02:f9:56:20:57:23:03:3f:f9:13:ec:14:51:d0:9e:d4:
- 49:ec:9e:f1:47:b2:19:19:03:59:cc:3f:f0:ef:d1:3d:8a:06:
- 37:f2:3c:70:f4:c4:c8:b0:57:4c:c1:18:4d:a1:c0:c6:3e:c7:
- b3:1f:66:50:39:3f:f7:12:cf:b1:ff:26:ad:59:86:d6:18:d3:
- 24:b7:6f:75:b7:8d:60:c4:63:e2:22:52:ff:b3:ea:03:b8:eb:
- b9:a2:2b:38:97:70:e9:5c:0d:a4:88:d0:85:b0:2b:b2:f7:75:
- 3c:7d:2b:15:56:b4:78:ce:66:71:bc:62:60:24:72:3b:37:07:
- 8f:75:ba:29:6e:25:9d:80:66:7b:41:f7:8a:e0:ce:8a:41:3c:
- 24:1e:fc:34
+ 38:0c:f8:b9:53:67:57:a3:18:3c:0a:74:2d:13:79:32:7b:e2:
+ 4b:4f:82:5a:0e:7f:bb:ca:87:63:09:02:bd:31:62:2b:74:c4:
+ 47:fe:96:4a:8b:97:ee:43:ea:be:d4:0d:07:3f:57:dd:e5:ea:
+ da:d8:30:94:64:73:b6:fd:d7:4f:72:41:ce:13:fc:65:c6:b1:
+ f7:5c:b7:60:d9:55:bd:c4:89:49:57:90:15:be:cc:93:ee:3e:
+ bd:37:22:7a:98:9d:17:69:4f:87:62:82:f6:03:2d:ee:52:22:
+ 8c:86:bb:ba:93:9e:23:d8:d9:a2:4b:7e:ef:7d:59:d8:01:00:
+ 8d:f8:e6:b0:ac:ef:41:72:ff:ab:0d:b1:4f:cd:1e:73:81:3a:
+ 19:5a:3e:ac:da:f0:7f:be:b3:98:5f:22:08:96:2a:c4:41:43:
+ 0b:83:30:07:c1:25:eb:2d:5f:60:a2:e5:b4:57:45:71:59:f9:
+ 5b:b7:fd:3b:b3:4e:f0:cf:18:b9:0f:03:88:43:1d:9e:be:7b:
+ b1:a4:1f:e4:bc:ee:59:b7:2c:fe:a2:a6:08:96:f8:df:63:80:
+ 02:a5:61:a8:16:86:d1:28:c5:db:c6:0a:bb:4a:e4:61:ec:50:
+ 6c:58:c3:b0:0b:ba:be:fa:14:8c:36:59:ef:a3:6b:57:4a:6c:
+ 3e:33:6e:8a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0
LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -432,12 +432,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBADuLtysdWGgicIRxAg+AnvgEegyqq2DO0O+lDR9vvs8G
-jaJSOz89ImxqN6MuvrJsxl+Ve2jfIpoxbuvBXYAMLDREtDpq+RyMaDkdUgVHuaMj
-h3IZ1NOHWd/ruO8ZsxXgxGVam7JCZ/kBWi2hc4wuAvlWIFcjAz/5E+wUUdCe1Ens
-nvFHshkZA1nMP/Dv0T2KBjfyPHD0xMiwV0zBGE2hwMY+x7MfZlA5P/cSz7H/Jq1Z
-htYY0yS3b3W3jWDEY+IiUv+z6gO467miKziXcOlcDaSI0IWwK7L3dTx9KxVWtHjO
-ZnG8YmAkcjs3B491uiluJZ2AZntB94rgzopBPCQe/DQ=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBADgM+LlTZ1ejGDwKdC0TeTJ74ktPgloOf7vKh2MJAr0x
+Yit0xEf+lkqLl+5D6r7UDQc/V93l6trYMJRkc7b9109yQc4T/GXGsfdct2DZVb3E
+iUlXkBW+zJPuPr03InqYnRdpT4digvYDLe5SIoyGu7qTniPY2aJLfu99WdgBAI34
+5rCs70Fy/6sNsU/NHnOBOhlaPqza8H++s5hfIgiWKsRBQwuDMAfBJestX2Ci5bRX
+RXFZ+Vu3/TuzTvDPGLkPA4hDHZ6+e7GkH+S87lm3LP6ipgiW+N9jgAKlYagWhtEo
+xdvGCrtK5GHsUGxYw7ALur76FIw2We+ja1dKbD4zboo=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem
index d8028ae1..24ac93b9 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:33 2023 GMT
+ Not After : Sep 8 22:19:33 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
X509v3 Basic Constraints:
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
- 80:3e:0c:a6:77:8f:f3:d3:e5:b8:d9:7e:73:95:f7:c1:1b:6d:
- 00:2b:51:a8:02:2e:11:47:1e:b7:c8:ed:04:e4:63:fc:93:6a:
- a5:7c:78:b5:4c:38:36:9e:5c:60:44:92:d0:0c:e1:af:0e:7d:
- 14:f6:2a:9d:13:97:92:5e:13:e6:e9:d2:88:cd:89:a2:90:58:
- 2b:5d:ef:33:3e:99:19:11:f1:f5:53:17:11:ed:4c:ec:10:c6:
- 7f:eb:af:81:47:d4:45:dd:40:4c:34:a4:62:ab:0d:d8:2e:fe:
- eb:81:3c:7d:8d:75:81:b1:47:64:0f:87:c6:7b:c4:13:a4:40:
- 8f:b9:da:be:c8:1c:15:18:58:b6:a3:f6:81:6e:0f:f3:c0:4c:
- d2:77:d5:4d:ed:9f:43:58:9d:e2:f7:e7:d6:a0:dd:f3:c5:5f:
- 7e:54:12:ac:4f:53:8a:60:45:d7:fc:22:df:79:1e:a3:26:78:
- c6:6e:b9:f5:44:9c:71:40:16:41:18:d4:d2:79:7a:13:d7:2d:
- e0:a8:25:55:67:92:66:dd:18:bf:46:40:5b:fb:be:d1:fb:ed:
- db:3c:b1:c5:0f:ff:89:95:0a:a5:1e:cb:18:4d:2c:ba:ac:e9:
- d3:28:af:82:21:ff:78:d5:a8:a0:3a:ce:f3:21:9a:b6:d6:61:
- 4b:bd:73:14
+ 46:5c:9c:45:3c:a5:1d:27:7f:4b:b6:2d:7d:aa:03:28:53:a5:
+ e3:cb:5a:63:16:58:5c:fe:97:65:c4:1e:d3:34:fe:8f:46:6e:
+ 09:e4:2f:18:c9:fd:d0:7b:90:ab:f6:a5:89:fb:d0:0c:3a:f8:
+ 3c:53:d5:3b:3a:2e:c0:dd:59:e1:6f:ed:e8:d4:1f:d3:9f:5e:
+ c8:1f:50:ba:6d:16:1f:25:ab:e0:aa:74:8f:38:50:e8:98:f9:
+ 07:0f:71:3f:16:ce:cc:51:f8:ff:61:47:33:b4:98:36:63:19:
+ 06:3e:0c:a1:69:ba:67:64:9c:46:8a:ea:3e:62:27:c0:b3:60:
+ 7a:37:2b:fc:e2:c5:a8:8f:82:69:48:ff:4f:be:c4:8a:22:a3:
+ 53:db:df:ee:c5:87:b7:da:55:f7:cd:48:e1:45:e7:22:f2:ec:
+ bd:94:2c:a5:e5:ea:9c:60:c6:b8:83:6a:6a:9a:c9:46:9b:6e:
+ 88:38:d2:56:65:42:a6:5a:0f:d0:60:92:06:f4:1f:d9:5f:cd:
+ 07:93:04:00:1a:c1:eb:d8:a8:78:80:9f:c2:b7:b2:e9:4d:8c:
+ 6d:09:85:f0:87:c1:d6:d9:12:72:13:68:71:16:f7:53:f4:92:
+ 9b:d4:46:31:b5:45:32:7b:f8:e6:dd:bf:d1:f9:aa:da:d3:7e:
+ 06:2b:dd:fa
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,10 +78,10 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-gD4MpneP89PluNl+c5X3wRttACtRqAIuEUcet8jtBORj/JNqpXx4tUw4Np5cYESS
-0Azhrw59FPYqnROXkl4T5unSiM2JopBYK13vMz6ZGRHx9VMXEe1M7BDGf+uvgUfU
-Rd1ATDSkYqsN2C7+64E8fY11gbFHZA+HxnvEE6RAj7navsgcFRhYtqP2gW4P88BM
-0nfVTe2fQ1id4vfn1qDd88VfflQSrE9TimBF1/wi33keoyZ4xm659USccUAWQRjU
-0nl6E9ct4KglVWeSZt0Yv0ZAW/u+0fvt2zyxxQ//iZUKpR7LGE0suqzp0yivgiH/
-eNWooDrO8yGattZhS71zFA==
+RlycRTylHSd/S7YtfaoDKFOl48taYxZYXP6XZcQe0zT+j0ZuCeQvGMn90HuQq/al
+ifvQDDr4PFPVOzouwN1Z4W/t6NQf059eyB9Qum0WHyWr4Kp0jzhQ6Jj5Bw9xPxbO
+zFH4/2FHM7SYNmMZBj4MoWm6Z2ScRorqPmInwLNgejcr/OLFqI+CaUj/T77EiiKj
+U9vf7sWHt9pV981I4UXnIvLsvZQspeXqnGDGuINqaprJRptuiDjSVmVCploP0GCS
+BvQf2V/NB5MEABrB69ioeICfwrey6U2MbQmF8IfB1tkSchNocRb3U/SSm9RGMbVF
+Mnv45t2/0fmq2tN+Bivd+g==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12 b/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12
index 713e7386..3cfe92a1 100644
--- a/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12
+++ b/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test-servercert.p12 b/extra/wolfssl/wolfssl/certs/test-servercert.p12
index 8b5f3212..64ccb104 100644
--- a/extra/wolfssl/wolfssl/certs/test-servercert.p12
+++ b/extra/wolfssl/wolfssl/certs/test-servercert.p12
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der
index 072fadee..29ec9fdd 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem
index ad6bc2bb..e6c03744 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem
@@ -1,10 +1,10 @@
-----BEGIN CERTIFICATE-----
-MIIEAzCCAuugAwIBAgIUAeB5+1yDaz1AecN7cuvF7gAWKJowDQYJKoZIhvcNAQEL
+MIIEAzCCAuugAwIBAgIUEEaaRNPZiiXZqFxu6gwfzxyXYkYwDQYJKoZIhvcNAQEL
BQAwgZ8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH
DAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEW
-E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjEx
-NzUwWjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
+E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIx
+OTI5WjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
BAcMCEJyaXNiYW5lMRQwEgYDVQQKDAt3b2xmU1NMIEluYzEUMBIGA1UECwwLRW5n
aW5lZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEiMCAGCSqGSIb3DQEJ
ARYTc3VwcG9ydEB3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
@@ -15,10 +15,10 @@ o0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGW
Srzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgI
vDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaM1MDMwDQYDVR02AQH/BAMCAQEw
IgYJYIZIAYb4QgENBBUWE1Rlc3RpbmcgaW5oaWJpdCBhbnkwDQYJKoZIhvcNAQEL
-BQADggEBALE59GIo5D+Z4Y554KkRiG3XAH/SVrdJDkH1f+mc4QLK2wd7DBVb84Dt
-IifPslP9kT+56ngUR0SAmag3ERIsPDAzdU+ZPKwBFEmnxBKU0+5KqP90SpO1gWUt
-QxIpGiHQkRSb+B5F/Ao3pn0XHSlIYpUkAsCAKP/pvuFp9j4JdCTHeYmBnXPoSvYJ
-GYidJB7FYpnxSfnMM7MxIOmNXdama+cRmHX5GIlhw66vumAOEOGRULpf1kMQZE1b
-th6tenhNcqdXZHWM7swvCjaOEZi2p0OWips0BFoK35fqNT9GR1UTflimmqEocLIN
-N5ahRfOrioEbb3qPC3endm/58s3vbT4=
+BQADggEBAHOBELBVkuhE2xGCnFEBk7Gvsphqe4GcsKYRp/JiyOMp+Fa01A+F7aiU
+vVi9JOdOlEFsbd32YoTdPCSqtSpzXXLJ/BdaREWvVLg3OshiwhNPPA2Q09gQI8ES
+I9yq7kWLesDGVLcXpdM+QHovNT8wrru8wi/LoWpKNHP4TYy1Tvuxr2ngC2UygsSX
+RGymPImVO8EPNBNh8zgP3p6zjyRDWs7tttct2u28mSR+ouRJ/8pQDp0ZVNbvedxI
+nj02OpIijuSj/CEwV3AuPJWaUbCxyL1bvnPcG1HKqvvt5/Ljo8h0pLRUpjwJDvFk
+8JWbuQSQThwRAsWtRO7RarZN7+P1AmI=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der
index 5ae856c8..e4550c7a 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem
index 46f031ca..d1926686 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem
@@ -1,10 +1,10 @@
-----BEGIN CERTIFICATE-----
-MIIFXDCCBESgAwIBAgIUaQWOPwyn4CGSb0DgOh1jzF+V5k8wDQYJKoZIhvcNAQEL
+MIIFXDCCBESgAwIBAgIUWY9gYq+bg6hpLLlEPeuSQjQPvW8wDQYJKoZIhvcNAQEL
BQAwgccxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv
bGZzc3NsLmNvbTETMBEGCysGAQQBgjc8AgEDEwJVUzEbMBkGCysGAQQBgjc8AgEC
-DApDYWxpZm9ybmlhMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgccx
+DApDYWxpZm9ybmlhMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgccx
CzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFu
MREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UE
AwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3Ns
@@ -21,11 +21,11 @@ xzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
VQQDDA93d3cud29sZnNzbC5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ad29sZnNz
c2wuY29tMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNh
-bGlmb3JuaWGCFGkFjj8Mp+Ahkm9A4DodY8xfleZPMAwGA1UdEwQFMAMBAf8wDQYJ
-KoZIhvcNAQELBQADggEBAHmIYCAILfDm0V41rvanugB+jjHSIf5zwM7hMAOuiQla
-WywZuMtYCI0R/iQCipH0gvBrTuNIlEqIm8Wh/32+qmomAmMz7iUMg5DWqZKXyk3x
-IQ93qRSF7EX9piHdQ++IjVkWzl4bXR2cW2A+nQW2EMFiJunpfu1oC07PvgigJ+n3
-uLMxNqN2p04PYcgEOQG1Jm4FasBrng55ff7XHe4msErQGlQF1D0B3xhzjh6Msaki
-DS0M3n1U9Pzc+2WP1FW/mMBu22+R6yY0yCHzCY0zZWdmihL8HWlZuxcYHcjK4ABU
-CQHTu3UCCfgVDsiCo+BQ9T9sFReD8r2azMLvmKFOhxw=
+bGlmb3JuaWGCFFmPYGKvm4OoaSy5RD3rkkI0D71vMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQELBQADggEBALY9RCPRvuHf04Mxqv6UJZv7MslCwQwbavD3ZYigNrlS
+f+qhS7SqFcUyXGbOfpiFCgobnwxK/Xg2K20xuauA8tIaJ3egeu0KFZUAaz4EOMvQ
+IWSUwp5maDKjQw7PX+W5GYY73uUxjDMlIFD0lVDTByeRp+YNfTZEBbjZlKDFohEf
+BEIyONlZdOvAIR+9dAZRjfF94WZuiUluq90yCTnDT2UIor1IzS964LuropYSH3oV
+QAdPOa87r5nY4tLScPU8hxfOP1i8aCuELiHgo6XuZZXt1qlBb7kIXz/rITd9ZvRm
+WVysY/2A38K7CBiv0biKfS83PVai8HuFKR+yZ1wxtk0=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der
index 53828984..f0c0aaae 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der
index 92036395..b56d3775 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem
index 175f3520..ef5d7f06 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem
@@ -1,10 +1,10 @@
-----BEGIN CERTIFICATE-----
-MIIFmDCCBICgAwIBAgIUNNF2CUskXxBvm3qki4B40Wb5k28wDQYJKoZIhvcNAQEL
+MIIFmDCCBICgAwIBAgIUOjAPanhO0Ayey1xIEr6HkMHASLcwDQYJKoZIhvcNAQEL
BQAwgcIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH
DAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEW
E3N1cHBvcnRAd29sZnNzbC5jb20xDzANBgNVBBEMBjU2LTEzMTEQMA4GA1UECQwH
-TWFpbiBTdDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIHCMQswCQYD
+TWFpbiBTdDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIHCMQswCQYD
VQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDERMA8GA1UEBwwIQnJpc2JhbmUx
FDASBgNVBAoMC3dvbGZTU0wgSW5jMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QHdv
@@ -22,11 +22,11 @@ BwMBMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCCAQIGA1UdIwSB+jCB
EQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQHDAhCcmlzYmFuZTEUMBIGA1UECgwL
d29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93d3cu
d29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEWE3N1cHBvcnRAd29sZnNzbC5jb20x
-DzANBgNVBBEMBjU2LTEzMTEQMA4GA1UECQwHTWFpbiBTdIIUNNF2CUskXxBvm3qk
-i4B40Wb5k28wDQYJKoZIhvcNAQELBQADggEBAKnvKWxqivq29pOtbRmx34PRSqLQ
-7fDDwO0UpBlDNEX7ek4aX1HAekzdppo08/8kGgCV/Bg/oOxbiZoFHpsH6U3YMTAZ
-kRKxeLzzdEfEHrxcX577PG15RAUKT+7TET0LO9CWN54UKU37q5QLL0MXsd/tYuQX
-U1m56Vs+FoYBPNn7qZKsApBpm4S50aVbz/jweNyfIv1yuZSegGA/qkVG4+7yKmRP
-056FDMHBuNStUoVDWl+9IV9+kJ5x1xhn5gE6EpI7wkBXOEm2VOFrYBBv4AyYrQaI
-x7SIdXZZg6UGXbDvpMRh8PtScPmY/YM0NF+Igkisv4Avc+VD/6tKX48bqjs=
+DzANBgNVBBEMBjU2LTEzMTEQMA4GA1UECQwHTWFpbiBTdIIUOjAPanhO0Ayey1xI
+Er6HkMHASLcwDQYJKoZIhvcNAQELBQADggEBACLwxkk4RY5cD1/a47cHuRaDPn22
+XgpK5tZBMtU5PmkakKNWkW2xGTAwTmycus5iXOAxforA7PrGzFKlAnS+TmIhCFwv
+B0IwNZzCCwtQs3ilouOJyf30GxpV5BSJspBdjLflC9Vt+7OrjnRM84a4VaMNttps
+PlcGoZL1lLI2xtkhWXLeC1UdhXG8gsNXT/TpPOJ1+T4ElNr/RVTG60sp446f0kXd
+kX/dCrUD8+FTX5WZQmaawRHPRfV1d597dNuj539Za8e+XXJ5iOs0M+6YTqI9tvdA
+z23hUIs1BawnRcRYGS0rEYERBwcepvyEkQZoFfGKLoSuziRMIqnrQe3IzZ8=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der
index 7e9c2c6a..5abf3498 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem
index 240fed05..6bea29f5 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem
@@ -1,9 +1,9 @@
-----BEGIN CERTIFICATE-----
-MIIENTCCAx2gAwIBAgIUeKrw9V6cyfDM2XE9+OuZfrvdTzQwDQYJKoZIhvcNAQEL
+MIIENTCCAx2gAwIBAgIUZubV8ronA4VrOHLZUH2CnIIiunUwDQYJKoZIhvcNAQEL
BQAwezELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNVBAcM
CEJyaXNiYW5lMRQwEgYDVQQKDAt3b2xmU1NMIEluYzEUMBIGA1UECwwLRW5naW5l
-ZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NTBa
-Fw0yNTA5MTEyMTE3NTBaMHsxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNs
+ZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5Mjla
+Fw0yNjA5MDgyMjE5MjlaMHsxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNs
YW5kMREwDwYDVQQHDAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDAS
BgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu
@@ -16,10 +16,10 @@ AAGjgbAwga0wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MB8GA1UdIwQY
MBaAFLMRMsmSmITiyfjQO24DQsofDo48MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD
VR0PAQH/BAQDAgGGMB4GA1UdHgEB/wQUMBKgEDAOgQwud29sZnNzbC5jb20wJwYJ
YIZIAYb4QgENBBoWGFRlc3RpbmcgbmFtZSBjb25zdHJhaW50czANBgkqhkiG9w0B
-AQsFAAOCAQEANaCy9LmxJKx2mDhMldRcjDORnU13FqC7DIlTlzSwWPXsXk7lI2xQ
-p7Tpu3nRo4YFecTray5xSBIyjslh4GxB8n2k8z9wwJfBLAWS3MCR43Wj/oQfaT9+
-Jau60zRZFv3BZ5ltHnBHFssx3oBp/VxH02k8DV3o1w9ZCtOLDFWxFFBAwzw2Q461
-ktz2Gholyq77cbiwGrtZRPWWyA0+pPAQHpoltIU9GM8LpQhdJ67VECMhd/Qo88LQ
-A8/SVALY9zmsXd6rovl1kyTx0diktgUgzEilBePbG2JPn/gULdzBQHrkw+G/M9bC
-QI75PNPRqyI3aJ+xVvwF5JXuRgoxp2YRNA==
+AQsFAAOCAQEALtoSqDAnQmXFMjZk6XRf+uvBu6/fH+1tCmL828q03s2Mee+sRF1m
+C9mFRT1Q+M7pvqEb9t+hgQ9jry68EFBqC2VY6WWl95chrP+uojdZO6sDbMWsBxDi
+oD/ZWa8jjDtT+JJNTY0TVKfg83mSRC+1nQxHsV4zAlXsRHinG+pmzQgkYUrNCpjG
+d12z2bRqYBignVENubQEAZT945sioMuwO8jD8CtWd7Ie5qc7WFxBVO/wo7j2Slbt
+/dy+sVc+IHN7fe6MVD9cGivYpKmSJvw/VtiZbpgCvIX93fwZj7ltEiZBaGv2mNRx
+jdUVGWzyjnQTgIRuBX7Oa7Q8r89+s3B9oA==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der
index 23c777d7..d3f83708 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der
index 2b7ba2fe..4d3bb0c7 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der
index f49f38b9..5c0f65df 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem
index 21397ed2..5b888dfa 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem
@@ -1,10 +1,10 @@
-----BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIUHEEyl9X7Xhzn1Nu84C963yec+nUwDQYJKoZIhvcNAQEL
+MIIEGDCCAwCgAwIBAgIUQhQ9kNUYipe8daCTUP2VaziSi08wDQYJKoZIhvcNAQEL
BQAwgZ8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH
DAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2lu
ZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEW
-E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjEx
-NzUwWjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
+E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIx
+OTI5WjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
BAcMCEJyaXNiYW5lMRQwEgYDVQQKDAt3b2xmU1NMIEluYzEUMBIGA1UECwwLRW5n
aW5lZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEiMCAGCSqGSIb3DQEJ
ARYTc3VwcG9ydEB3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
@@ -15,10 +15,10 @@ o0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGW
Srzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgI
vDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaNKMEgwFAYJYIZIAYb4QgEBAQH/
BAQDAgZAMDAGCWCGSAGG+EIBDQQjFiFUZXN0aW5nIE5ldHNjYXBlIENlcnRpZmlj
-YXRlIFR5cGUwDQYJKoZIhvcNAQELBQADggEBABlN0/+RfrXW2zU9KrYjxTtHeTrS
-dDSs1da5SXQ3cWRjxdh+JdxjOQv+sdDiRL/FrVtv5g286rXaOYSqo5BcVs5k+8kE
-S4tWg7CAu8BdQ3tACJTUVxEzmPWD0JGPDTsZ3XhrVL0+fcv0iGFR55+aGHp2fTY4
-+Dax6uaJciaQfy9G0r64z0fMhE5sJfPcK+mQjxQE+NYM1lxY1oCN1i5jA5kz8dYg
-/t6RJb0DAbcsLOrv3dcA12A4bIPK2lR2qCly47wmzmq8iIVdGtsyAa5jgjkXn23G
-k+5t/eL+zHd4V3isuhS1vq3t2qMYLdO0IEMP3mHbu8Z5HIkUuu54VXG4sK8=
+YXRlIFR5cGUwDQYJKoZIhvcNAQELBQADggEBABmExniLoyrtx7sbbQS8nubTyoYv
+KfAreqCd5+2c2Vmq5o0wkA2HZLVlFi7ENewT0YaEqiP3HyPsu62P0N48GB43jPBg
+N58V+d/P8LERKx2/wjCfq15VX4Iave38K+/CzG+WKbaWc93ADUpOFvaZIejjiErx
+vQr3L2LyrEB0o6CDi+BPpKSQqW2O91HeIE+3P/trM2DF7RJApt0vVczxkepWxfa1
+piamsWT9rdE+7yeG9/I7RNY51dXQBnElJSULhrhBhqtRaCUcDe+KOocFq2NgEhku
+7IegJ888gZ5oZlYqOj9TUzS0ayXw8H8/6ZboH/AsvxBdQN7xOqmsDbpe3TA=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der
index 7a190a9a..5d8ebb08 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem
index fe3f49e1..486fcee6 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem
@@ -1,9 +1,9 @@
-----BEGIN CERTIFICATE-----
-MIIE/TCCA+WgAwIBAgIUJu3gfaMkZ5AlwkydLDUcSY3VJDUwDQYJKoZIhvcNAQEL
+MIIE/TCCA+WgAwIBAgIUA9ASAQLXcBK7u66dI1+5Cvh9DMowDQYJKoZIhvcNAQEL
BQAwgZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv
-bGZzc3NsLmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGVMQsw
+bGZzc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGVMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjER
MA8GA1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMM
D3d3dy53b2xmc3NsLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0B3b2xmc3NzbC5j
@@ -18,12 +18,12 @@ gdUGA1UdIwSBzTCByoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZukgZgwgZUxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3NsLmNv
-bYIUJu3gfaMkZ5AlwkydLDUcSY3VJDUwDAYDVR0TBAUwAwEB/zA2BgNVHR4BAf8E
+bYIUA9ASAQLXcBK7u66dI1+5Cvh9DMowDAYDVR0TBAUwAwEB/zA2BgNVHR4BAf8E
LDAqoSgwJqQkMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMA0G
-CSqGSIb3DQEBCwUAA4IBAQAqjVk0N3Cg5QSomQu99y0WFn6Gk1Qymh8O5tBK/ftG
-XS0HJk8R7vNPzDGFH07sSyJyQtRiZV8zMLSc8LZL7blA7Lwf1kanuOUMywLyg9S2
-qakgfuU+Q1/NeSJp+rCexv1xvTTGIYC36kchc6YArUVQAFrT3DFlQoZZ35Ohwzy8
-BKB9w5c3jHFjjp03EftmeMGIBpUSxKRnCaofLIUvdtaIKoUcuYezC9fXsFuHrL62
-BS5CPg97JCVyfoKcUYh9Ml7K8JPBJJt8xEWkBY6JUn3DgC8W4TYVjTB4N2Vh2yLF
-XrwPGRhGyKDZnoGagfeR5OyM47dXSpxMqsfafLq3WfrL
+CSqGSIb3DQEBCwUAA4IBAQCAF2rfhuz15dhfIlAaTKZ5caj09r9vdvsPKED2LsN1
+ufvD/DHJsFLLlL/a9Rk5HzaAC2/V7D1nytGdo+cDJAbbZP4jX7xKvTSPiXGwM85b
+xoZiCjApK6BBzBAEvPVO2g7XTPDAUtzSFUcibS9OXOBMQ8Kqua4oSAy02bpWTTj2
+1wZWr3okbRVuFNmX969wqJ2TA10QjySgMC7NoaW5sKG5Be65f0e8ClQ1UdDBq+7C
+TUkI1+eSjpPtRH38T89pK+zqKMwCq/Ugp/yDvmTn9tWjtdAE9bS92+3HBo/smJH7
+pTpRGG18pD7Su5B9QlSSbNZ0Sv5BJieCk9yQo81fcGtE
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der
index 6954fab8..1feebd79 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem
index 6348c6b2..9a108cdd 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem
@@ -1,9 +1,9 @@
-----BEGIN CERTIFICATE-----
-MIIE6DCCA9CgAwIBAgIUNsxBAdWJBQlYCzTDYiIo8S74HgwwDQYJKoZIhvcNAQEL
+MIIE6DCCA9CgAwIBAgIUGsYHXq1zN8MtgL5Bg4sW7+8Uj+gwDQYJKoZIhvcNAQEL
BQAwgZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv
-bGZzc3NsLmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGVMQsw
+bGZzc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGVMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjER
MA8GA1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMM
D3d3dy53b2xmc3NsLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0B3b2xmc3NzbC5j
@@ -18,12 +18,12 @@ gdUGA1UdIwSBzTCByoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZukgZgwgZUxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3NsLmNv
-bYIUNsxBAdWJBQlYCzTDYiIo8S74HgwwDAYDVR0TBAUwAwEB/zAhBgNVHR4BAf8E
-FzAVoBMwEaQPMA0xCzAJBgNVBAYTAlVTMA0GCSqGSIb3DQEBCwUAA4IBAQCdTZp3
-BHmo6y6oSskfcgc1WDoh1XIfNe0oIMc/uUSfaM+fSyiTuo7fPZIafUDsNjaH4DNZ
-NQil/PalzlJviA0dZPyoYP2RM6olkWrlmtLjcHQ9HvQnMPPmzEM6zbuB2wbMym6O
-H6012H+xj4jO1cgrrCcfUPOIquTPOuQY7VmJq4cPgp+hs6rBBAtqU9QeGrvgASpV
-1M3dl6vg8lioBqsymflrPWYjgz/bKFmZZixT+SJ7Sd8dznKccBao/XMqP04iu1Hm
-UFIrS6JUqr1lmJltK0XbKo0kjd6A9QqTNjkt/Fp2kZAt6kXhhiwINXNCl/1rtjTd
-yUEQQYTLVwl4opQH
+bYIUGsYHXq1zN8MtgL5Bg4sW7+8Uj+gwDAYDVR0TBAUwAwEB/zAhBgNVHR4BAf8E
+FzAVoBMwEaQPMA0xCzAJBgNVBAYTAlVTMA0GCSqGSIb3DQEBCwUAA4IBAQA/NW29
+VNYpDOtANk/T8s2F9pYMWNR2uCV+9uCCGHHI2gCjZKq1megHkN90dlBiDCcyjLpO
+Waj62FeNppBoYaeTO77clNDyloJl/EXRqPUgc7IK4J2KNq0emrc2Xce08I8pXuEs
+dh5H6W/9m5Y0N0SBB3xdPGzg6RPB3nZNiyoeDRwzUhIDLwl/i0qA9ZtEjhFIb3+u
+w7LbDNAXgz5T8ZfRGHgoOutrqra2lh9LEoALWLJ+ZxY35vr0ZLf4mVAyj/cr67EA
+uTM/xeJbtj1y5/ADmenbW0nUcSeS/Eyp1s9eFC4hOQDnAQALzi2zrvK2LlxON6Rx
+3OyA5WbvJJbFdxxH
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/digsigku.pem b/extra/wolfssl/wolfssl/certs/test/digsigku.pem
index 4505bf04..b83fdd3c 100644
--- a/extra/wolfssl/wolfssl/certs/test/digsigku.pem
+++ b/extra/wolfssl/wolfssl/certs/test/digsigku.pem
@@ -6,8 +6,8 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA1
Issuer: C = US, ST = Washington, L = Seattle, O = Foofarah, OU = Arglebargle, CN = foobarbaz, emailAddress = info@worlss.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Washington, L = Seattle, O = Foofarah, OU = Arglebargle, CN = foobarbaz, emailAddress = info@worlss.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
@@ -33,16 +33,16 @@ Certificate:
X509v3 Key Usage: critical
Non Repudiation, Key Encipherment
Signature Algorithm: ecdsa-with-SHA1
- 30:45:02:21:00:f7:23:e6:81:bf:37:d5:81:fb:78:c5:90:dd:
- 23:c4:54:5c:b3:71:c7:25:79:19:d5:46:b7:a5:bf:04:b7:4d:
- b6:02:20:1f:ad:51:3d:b9:49:82:71:ad:f6:a9:de:17:f4:c3:
- d5:c9:4c:7e:16:58:cb:92:42:21:61:bb:f4:96:b2:78:9f
+ 30:45:02:20:21:e7:44:3e:5a:98:1a:49:25:db:d1:db:d3:fb:
+ 2f:ec:4d:c6:2c:2f:92:f6:cd:7d:a3:b9:5c:25:93:9f:4d:83:
+ 02:21:00:82:da:52:9f:37:0c:81:9e:26:9c:fb:da:6f:4f:84:
+ b8:5d:19:69:94:a2:08:68:ed:99:4e:51:9e:45:28:74:0c
-----BEGIN CERTIFICATE-----
MIIDKDCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYD
VQQKDAhGb29mYXJhaDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZv
-b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTIzMTIx
+MzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhGb29mYXJh
aDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZvb2JhcmJhejEeMBwG
CSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
@@ -53,6 +53,6 @@ MKGBl6SBlDCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAO
BgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEZvb2ZhcmFoMRQwEgYDVQQLDAtBcmds
ZWJhcmdsZTESMBAGA1UEAwwJZm9vYmFyYmF6MR4wHAYJKoZIhvcNAQkBFg9pbmZv
QHdvcmxzcy5jb22CCQDjgUtIpXBhcDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
-/wQEAwIFYDAJBgcqhkjOPQQBA0gAMEUCIQD3I+aBvzfVgft4xZDdI8RUXLNxxyV5
-GdVGt6W/BLdNtgIgH61RPblJgnGt9qneF/TD1clMfhZYy5JCIWG79JayeJ8=
+/wQEAwIFYDAJBgcqhkjOPQQBA0gAMEUCICHnRD5amBpJJdvR29P7L+xNxiwvkvbN
+faO5XCWTn02DAiEAgtpSnzcMgZ4mnPvab0+EuF0ZaZSiCGjtmU5RnkUodAw=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg b/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg
index 9d93abb2..85b22ad2 100644
--- a/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg
+++ b/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltname.der b/extra/wolfssl/wolfssl/certs/test/server-badaltname.der
index 45149461..f7181161 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltname.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltname.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem b/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem
index 8ef4408a..dbd2d157 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 3a:e3:92:48:82:fb:ed:f5:cb:d2:93:c5:5a:df:71:c2:ef:6b:43:50
+ 76:31:fe:b4:f4:ed:14:f1:b8:24:69:74:77:72:59:ce:c1:61:05:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
X509v3 Subject Alternative Name:
DNS:www.nomatch.com
Signature Algorithm: sha256WithRSAEncryption
- 6d:17:67:be:f8:34:a2:62:0f:87:97:df:7b:62:cc:f9:7c:62:
- dd:01:ca:a6:a9:9d:02:7d:d2:fb:db:01:37:a8:cc:0e:01:a4:
- e9:a2:cb:29:00:cd:cb:f3:ab:99:db:bc:0d:c1:2d:78:99:15:
- b8:55:f0:08:f4:2d:3d:4c:38:47:a7:72:1d:96:77:7f:1b:55:
- 8f:37:d3:9e:55:cc:fe:09:56:6b:38:65:3b:c7:ca:0a:d8:06:
- 1b:ae:ad:03:4c:e8:67:59:ff:42:5a:45:00:f8:1c:51:6e:c6:
- 64:af:16:94:13:eb:5b:33:5e:9e:7c:60:ac:4b:8d:c3:3c:6c:
- a8:1e:8d:e2:0a:23:4e:fa:e7:df:a3:a0:03:c0:29:1f:2e:ff:
- 2f:fc:d5:37:28:a0:55:58:60:9c:1f:ec:b5:b5:9b:51:44:a3:
- f0:05:39:66:9d:29:13:49:6e:e8:76:c4:69:ce:69:85:20:1d:
- 3c:51:eb:26:ab:02:8d:e2:99:1b:9e:83:ec:23:27:87:8b:f2:
- f1:96:28:bc:6b:2c:f1:19:6e:c3:0c:a9:4e:02:7b:c1:37:3e:
- 7c:6a:bf:9e:ff:76:7f:39:0f:64:f4:25:db:24:d4:0c:0a:0d:
- e8:b4:6a:81:02:0d:71:b6:36:89:15:c4:6c:fb:18:0e:4d:92:
- 1e:53:d0:d8
+ 3c:65:49:0e:32:4f:66:4b:ab:7d:a1:10:d4:ac:1f:8f:ed:70:
+ a5:62:eb:83:90:26:30:9a:2b:3e:fd:6c:d0:5d:ae:ac:3f:96:
+ 89:76:31:8a:72:ab:c7:f7:25:a4:f5:d5:87:47:ec:71:d8:04:
+ a1:32:56:a0:b1:60:11:e8:11:3e:97:87:1f:d8:39:03:e1:22:
+ 91:01:bd:ec:38:f3:26:d9:d0:0a:67:99:c2:c4:06:89:5a:45:
+ d9:cb:49:ba:df:ee:f3:a9:11:0b:7b:89:7d:e4:e1:78:c7:60:
+ ed:d6:66:4e:54:9a:9b:07:f8:f8:cb:86:bd:1a:5a:56:ae:9e:
+ 89:74:01:d0:a8:47:c5:be:22:b1:a1:0c:d1:5e:cb:0a:df:46:
+ 8f:f6:ed:2c:a0:fa:24:41:92:f5:eb:28:e6:5e:a1:04:c2:b2:
+ 51:f0:55:78:fc:e0:52:e7:ac:dd:ff:59:f0:36:d7:d0:c3:b7:
+ 0e:b4:d9:8d:cb:df:23:28:aa:df:bd:07:e9:65:24:76:10:28:
+ 09:43:7a:be:20:2d:e3:3c:0d:4a:18:e0:b4:15:c9:be:d7:bf:
+ b5:46:ae:92:94:c2:b6:c1:b4:26:9d:0a:ef:17:0e:dd:c4:25:
+ 44:78:a8:e2:08:b9:65:3d:05:de:54:17:c9:74:71:f9:c8:bb:
+ 66:4e:c9:85
-----BEGIN CERTIFICATE-----
-MIIDsjCCApqgAwIBAgIUOuOSSIL77fXL0pPFWt9xwu9rQ1AwDQYJKoZIhvcNAQEL
+MIIDsjCCApqgAwIBAgIUdjH+tPTtFPG4JGl0d3JZzsFhBaAwDQYJKoZIhvcNAQEL
BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
4eZhg8XSlt/Z0E+t1wIDAQABox4wHDAaBgNVHREEEzARgg93d3cubm9tYXRjaC5j
-b20wDQYJKoZIhvcNAQELBQADggEBAG0XZ774NKJiD4eX33tizPl8Yt0ByqapnQJ9
-0vvbATeozA4BpOmiyykAzcvzq5nbvA3BLXiZFbhV8Aj0LT1MOEench2Wd38bVY83
-055VzP4JVms4ZTvHygrYBhuurQNM6GdZ/0JaRQD4HFFuxmSvFpQT61szXp58YKxL
-jcM8bKgejeIKI07659+joAPAKR8u/y/81TcooFVYYJwf7LW1m1FEo/AFOWadKRNJ
-buh2xGnOaYUgHTxR6yarAo3imRueg+wjJ4eL8vGWKLxrLPEZbsMMqU4Ce8E3Pnxq
-v57/dn85D2T0Jdsk1AwKDei0aoECDXG2NokVxGz7GA5Nkh5T0Ng=
+b20wDQYJKoZIhvcNAQELBQADggEBADxlSQ4yT2ZLq32hENSsH4/tcKVi64OQJjCa
+Kz79bNBdrqw/lol2MYpyq8f3JaT11YdH7HHYBKEyVqCxYBHoET6Xhx/YOQPhIpEB
+vew48ybZ0ApnmcLEBolaRdnLSbrf7vOpEQt7iX3k4XjHYO3WZk5UmpsH+PjLhr0a
+Wlaunol0AdCoR8W+IrGhDNFeywrfRo/27Syg+iRBkvXrKOZeoQTCslHwVXj84FLn
+rN3/WfA219DDtw602Y3L3yMoqt+9B+llJHYQKAlDer4gLeM8DUoY4LQVyb7Xv7VG
+rpKUwrbBtCadCu8XDt3EJUR4qOIIuWU9Bd5UF8l0cfnIu2ZOyYU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der
index b123ad0e..d34ca7e9 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem
index 9bc7ebd2..530b307d 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 50:b6:0d:5a:9f:1e:16:84:1e:31:d8:93:dd:83:41:12:95:f2:be:2c
+ 75:94:fd:49:d7:c1:2b:ca:02:75:4d:37:61:ca:48:1b:60:40:bc:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -34,30 +34,29 @@ Certificate:
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Alternative Name:
- <EMPTY>
-
+ 0 ..localhost.h
Signature Algorithm: sha256WithRSAEncryption
- 32:3e:75:3d:36:97:04:5c:38:de:c1:e3:6d:c9:5e:84:89:eb:
- 0a:74:0d:60:a5:77:a8:6a:d7:a3:38:2e:2c:20:9b:79:8d:c1:
- 0d:c3:3e:f9:e2:49:52:d5:78:cb:93:38:dd:00:d9:e0:90:05:
- 78:cc:ab:25:37:be:c4:e9:11:dd:9a:f2:a4:03:4f:50:3f:58:
- 90:73:75:7e:00:40:dd:9e:b6:0a:09:cd:46:e8:16:f1:a4:4d:
- ff:a3:fb:ce:b2:ad:67:9d:98:38:66:4b:7d:5e:6b:28:32:35:
- 29:5f:fc:cc:4b:ed:14:e0:3f:a9:d0:62:4a:96:00:f9:ae:6b:
- af:ee:59:d5:d5:47:15:65:aa:8b:b7:15:4b:0d:8f:f6:87:fd:
- 42:74:0a:c4:e7:84:ce:8b:a5:ef:85:62:b6:f1:cd:41:ca:d7:
- d0:ef:6c:ff:60:66:33:cc:05:6a:46:8c:23:d3:37:66:1e:21:
- fb:b1:67:9f:35:9d:b1:c1:80:f9:bb:a5:96:c7:56:2c:f0:d4:
- d2:6d:ac:13:bb:33:64:23:72:a3:82:77:89:f3:fd:36:88:52:
- e0:cd:0f:2c:a0:0d:7c:d8:4f:f3:b4:4e:a7:b4:30:59:8c:d1:
- 36:f2:75:0a:3e:db:8d:51:e8:ba:8c:9c:87:1e:c5:c7:e2:d2:
- 63:63:6f:22
+ 9c:a2:c0:49:d7:4b:a2:cf:6d:83:b7:06:a0:b2:60:4e:a3:ca:
+ 57:8e:0f:8f:65:0a:e5:3b:12:8f:06:5e:f7:7c:4c:22:09:8e:
+ 88:a9:34:c4:ed:5a:01:45:8e:c6:06:bc:f9:41:96:6f:dc:7c:
+ 3e:5b:b9:19:ff:77:f1:49:a1:84:e9:11:8a:d2:d7:6c:13:53:
+ cd:48:61:7d:a4:0b:30:e9:62:32:f5:01:a4:27:5c:3b:d1:cf:
+ cb:cb:c6:8d:2d:9d:3f:89:46:13:4f:2c:5b:4c:a8:ab:7d:23:
+ a5:98:9f:ad:ba:fc:2c:4b:44:17:3d:99:8d:7a:53:21:f7:8f:
+ 25:d8:84:ba:41:c2:c9:0f:24:d7:06:6e:cc:93:f7:13:f3:21:
+ 64:05:b0:82:96:44:d0:1d:dd:e0:5c:d1:32:f2:55:08:25:05:
+ 2a:23:d6:ae:bc:e5:29:8d:13:06:1d:d0:cc:9e:b0:04:c2:1c:
+ 3e:c5:6d:60:6b:d8:25:d8:23:0a:8c:f9:74:7a:e5:5b:21:b6:
+ b5:74:de:c9:34:2d:75:c5:01:41:47:c6:76:08:8c:21:59:4f:
+ 4d:9b:16:05:c1:43:15:a2:17:b2:ab:70:6a:51:18:3f:c9:ac:
+ 48:16:a1:23:38:e2:90:ea:ac:df:5a:b5:7f:ed:be:9b:42:a5:
+ e2:2b:5c:c7
-----BEGIN CERTIFICATE-----
-MIIDrjCCApagAwIBAgIUULYNWp8eFoQeMdiT3YNBEpXyviwwDQYJKoZIhvcNAQEL
+MIIDrjCCApagAwIBAgIUdZT9SdfBK8oCdU03YcpIG2BAvOIwDQYJKoZIhvcNAQEL
BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -67,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
4eZhg8XSlt/Z0E+t1wIDAQABoxowGDAWBgNVHREEDzANggtsb2NhbGhvc3QAaDAN
-BgkqhkiG9w0BAQsFAAOCAQEAMj51PTaXBFw43sHjbclehInrCnQNYKV3qGrXozgu
-LCCbeY3BDcM++eJJUtV4y5M43QDZ4JAFeMyrJTe+xOkR3ZrypANPUD9YkHN1fgBA
-3Z62CgnNRugW8aRN/6P7zrKtZ52YOGZLfV5rKDI1KV/8zEvtFOA/qdBiSpYA+a5r
-r+5Z1dVHFWWqi7cVSw2P9of9QnQKxOeEzoul74VitvHNQcrX0O9s/2BmM8wFakaM
-I9M3Zh4h+7FnnzWdscGA+bullsdWLPDU0m2sE7szZCNyo4J3ifP9NohS4M0PLKAN
-fNhP87ROp7QwWYzRNvJ1Cj7bjVHouoychx7Fx+LSY2NvIg==
+BgkqhkiG9w0BAQsFAAOCAQEAnKLASddLos9tg7cGoLJgTqPKV44Pj2UK5TsSjwZe
+93xMIgmOiKk0xO1aAUWOxga8+UGWb9x8Plu5Gf938UmhhOkRitLXbBNTzUhhfaQL
+MOliMvUBpCdcO9HPy8vGjS2dP4lGE08sW0yoq30jpZifrbr8LEtEFz2ZjXpTIfeP
+JdiEukHCyQ8k1wZuzJP3E/MhZAWwgpZE0B3d4FzRMvJVCCUFKiPWrrzlKY0TBh3Q
+zJ6wBMIcPsVtYGvYJdgjCoz5dHrlWyG2tXTeyTQtdcUBQUfGdgiMIVlPTZsWBcFD
+FaIXsqtwalEYP8msSBahIzjikOqs31q1f+2+m0Kl4itcxw==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcn.der b/extra/wolfssl/wolfssl/certs/test/server-badcn.der
index 2f1816e1..a707a5f0 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcn.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcn.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcn.pem b/extra/wolfssl/wolfssl/certs/test/server-badcn.pem
index ecb97f8d..ad42bb9a 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcn.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcn.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 79:e6:1d:85:f5:44:69:d4:f4:7c:4a:eb:62:26:d2:ac:1c:be:8a:b2
+ 33:9d:a3:77:36:7a:b9:40:c0:3f:62:ae:d7:80:c0:a4:88:f9:82:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -33,27 +33,27 @@ Certificate:
ad:d7
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
- b4:5d:5d:51:69:22:95:b3:61:d5:91:84:32:88:eb:6c:5a:43:
- e7:8c:94:58:69:07:ea:c1:f2:4e:c4:23:be:c4:8b:13:ed:07:
- 5e:e9:a1:6f:a7:f8:13:d6:8b:c9:87:01:38:74:5b:47:d1:96:
- 35:a7:0a:c6:c7:4f:2a:44:a1:6d:c9:58:30:a5:9b:df:cc:55:
- e0:a6:50:1f:36:89:58:57:6d:eb:b9:94:4f:0b:eb:c4:ed:2c:
- 21:26:b5:c3:eb:f7:07:c6:59:5f:51:2b:14:77:a6:22:17:cd:
- 25:55:d6:e6:d4:a1:47:44:98:86:c5:86:f8:8a:ae:67:ae:12:
- 89:36:16:fd:a0:66:f9:25:45:eb:08:b3:e7:6c:b9:d1:46:d0:
- 8f:41:bf:96:37:cb:24:16:fb:2f:2e:79:1d:f3:b5:d3:da:85:
- da:7c:e3:ea:d3:a9:7e:b3:6a:ad:c8:3a:65:54:b2:77:55:5a:
- 65:d4:40:cf:30:07:28:7a:3b:2c:f9:10:99:a3:5e:d8:70:f9:
- ae:87:a7:ae:1a:cd:1f:cc:10:2e:44:6f:6a:f7:60:c4:e7:a0:
- 53:16:47:42:ca:fc:1e:fc:be:d0:60:07:52:87:89:a8:b5:7a:
- 17:81:3a:8f:81:78:36:a9:f3:9e:4b:00:1a:48:62:27:6c:65:
- db:a1:10:10
+ 2f:03:d9:42:ae:10:f3:4b:42:c1:9d:6a:aa:09:da:f1:55:8a:
+ 0b:76:ce:51:d5:16:95:24:49:ac:14:1b:f6:b4:81:bd:c4:2b:
+ 9c:f2:34:8b:a5:18:a6:00:82:70:00:c1:8f:26:90:da:70:70:
+ 60:bf:c8:98:d2:d1:c7:86:fd:68:60:f2:54:46:e5:e0:d9:58:
+ c4:85:01:32:b1:02:43:06:61:f5:61:3f:fd:80:b0:75:2c:3a:
+ 50:d8:c9:11:6e:36:17:8e:e0:a6:3f:b1:bd:17:96:31:c9:04:
+ e9:53:84:6a:e6:bc:c3:82:1a:fc:8f:63:e9:68:c9:b3:ed:61:
+ 8d:08:a2:9d:c8:4e:57:09:50:2c:16:6f:9a:c7:31:cc:6c:fd:
+ 3c:37:01:06:f1:c7:98:e6:c5:ee:cb:3e:6f:6b:20:bc:dc:64:
+ 17:2e:d7:5b:95:2a:18:e5:ab:4c:5e:97:1c:e5:7d:e5:72:cd:
+ fe:b6:6d:9b:36:c6:4b:70:dc:97:5f:49:31:93:1b:2b:ca:d1:
+ c8:12:24:31:c2:78:50:bf:aa:28:e6:42:78:ae:e1:08:7a:64:
+ da:46:89:d6:07:4a:cb:51:36:69:11:6c:a9:61:fc:b1:03:21:
+ c2:82:6a:15:d7:98:58:1c:40:55:08:e0:32:9e:05:78:c6:a0:
+ b8:d9:11:2f
-----BEGIN CERTIFICATE-----
-MIIDkjCCAnqgAwIBAgIUeeYdhfVEadT0fErrYibSrBy+irIwDQYJKoZIhvcNAQEL
+MIIDkjCCAnqgAwIBAgIUM52jdzZ6uUDAP2Ku14DApIj5gl8wDQYJKoZIhvcNAQEL
BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -62,11 +62,11 @@ j+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+t
Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
-4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQC0XV1RaSKVs2HV
-kYQyiOtsWkPnjJRYaQfqwfJOxCO+xIsT7Qde6aFvp/gT1ovJhwE4dFtH0ZY1pwrG
-x08qRKFtyVgwpZvfzFXgplAfNolYV23ruZRPC+vE7SwhJrXD6/cHxllfUSsUd6Yi
-F80lVdbm1KFHRJiGxYb4iq5nrhKJNhb9oGb5JUXrCLPnbLnRRtCPQb+WN8skFvsv
-Lnkd87XT2oXafOPq06l+s2qtyDplVLJ3VVpl1EDPMAcoejss+RCZo17YcPmuh6eu
-Gs0fzBAuRG9q92DE56BTFkdCyvwe/L7QYAdSh4motXoXgTqPgXg2qfOeSwAaSGIn
-bGXboRAQ
+4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAvA9lCrhDzS0LB
+nWqqCdrxVYoLds5R1RaVJEmsFBv2tIG9xCuc8jSLpRimAIJwAMGPJpDacHBgv8iY
+0tHHhv1oYPJURuXg2VjEhQEysQJDBmH1YT/9gLB1LDpQ2MkRbjYXjuCmP7G9F5Yx
+yQTpU4Rq5rzDghr8j2PpaMmz7WGNCKKdyE5XCVAsFm+axzHMbP08NwEG8ceY5sXu
+yz5vayC83GQXLtdblSoY5atMXpcc5X3lcs3+tm2bNsZLcNyXX0kxkxsrytHIEiQx
+wnhQv6oo5kJ4ruEIemTaRonWB0rLUTZpEWypYfyxAyHCgmoV15hYHEBVCOAyngV4
+xqC42REv
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der
index 9c1d7691..bd1524f6 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem
index d551a27f..ed89ce73 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 08:b1:99:a7:bd:5f:a6:05:3e:d4:fd:d3:1d:2a:6c:5d:d3:38:cc:a2
+ 29:9c:4e:32:2d:67:08:52:16:03:ba:4f:eb:47:e3:a2:ef:55:06:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -33,28 +33,28 @@ Certificate:
ad:d7
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
- 85:40:69:33:07:7a:aa:3c:86:ff:5f:c5:29:d7:16:38:95:22:
- 2a:5e:bd:c8:0c:aa:29:48:04:87:5b:18:0e:39:b0:bf:b9:01:
- 48:01:45:81:03:52:81:b1:13:b1:81:af:d7:99:3e:5e:ed:0a:
- ac:22:77:3d:0f:22:e4:f6:08:9a:91:c3:ba:41:e2:d1:22:74:
- 4c:04:d3:51:de:35:a5:f6:10:40:e6:50:2e:a6:bd:06:20:2c:
- 27:90:1d:a5:b2:e5:87:b7:77:2c:0a:e2:08:f8:93:60:dc:a7:
- 41:7f:dd:b7:d4:ed:0b:58:ea:ec:ad:c3:76:ab:12:30:41:6e:
- 55:97:cb:fc:3a:15:f8:c8:79:f6:85:8d:47:28:e7:dd:a7:d6:
- 64:b0:e5:f8:97:25:7c:37:f6:46:c4:bb:d6:fb:01:59:93:7c:
- 7f:2d:e9:f4:16:79:2d:d3:25:51:11:88:4c:e4:fa:83:b7:20:
- 48:dd:03:fb:e2:6e:4e:af:9d:b7:55:55:16:2c:15:76:c4:00:
- 09:f0:58:c7:db:9d:66:b6:20:00:50:29:45:14:8b:d4:a4:63:
- c8:91:0d:0c:72:04:f6:fe:d4:37:87:3b:94:4e:89:c2:22:58:
- 45:6e:fa:58:0e:e5:dc:89:6c:e9:8e:b0:09:c7:07:db:77:0c:
- b4:31:51:77
+ b7:a0:3f:bf:60:6d:0e:49:aa:e4:a8:00:b6:7d:d5:15:58:60:
+ 5d:cb:40:70:46:04:6c:e3:6d:04:b0:2a:eb:e2:64:b3:4f:a6:
+ 47:ae:22:c8:41:a1:cc:01:0c:1a:b2:6f:d2:e5:cf:b8:ac:c7:
+ 3c:a8:04:0d:7e:53:c5:9f:ec:f6:26:1e:d7:ed:6d:44:a5:8f:
+ 64:7b:bd:f4:19:fd:70:d5:39:7a:d9:22:72:2d:ec:09:0d:61:
+ e9:1f:3d:61:70:13:1c:d6:34:44:1d:04:a7:2c:96:08:0b:e6:
+ 63:e5:02:e6:95:d3:49:75:a9:e2:d0:e4:6e:9c:87:17:3a:30:
+ d4:dd:16:58:f8:cc:39:ff:a4:2d:3f:26:bf:40:92:6e:b2:b6:
+ 6d:03:d8:68:a2:4a:3d:cf:b9:00:93:58:54:5a:ef:ea:6d:28:
+ c3:8c:c1:0e:60:5a:8c:df:5d:d5:0b:cb:b5:e5:6c:57:7a:b6:
+ ac:8c:64:67:f4:68:8d:73:50:41:11:6c:14:b6:65:7d:57:ff:
+ 27:b5:f3:5e:7e:d4:07:29:49:6b:0c:aa:ed:b2:aa:32:a3:b4:
+ 78:bc:2d:18:6f:a6:fa:ea:b2:c8:a4:a3:f2:cc:da:43:9c:eb:
+ 92:ea:7a:1a:8f:4b:ed:87:eb:f6:80:ea:6a:de:d7:ac:0e:9e:
+ 47:2d:37:30
-----BEGIN CERTIFICATE-----
-MIID1DCCArygAwIBAgIUCLGZp71fpgU+1P3THSpsXdM4zKIwDQYJKoZIhvcNAQEL
+MIID1DCCArygAwIBAgIUKZxOMi1nCFIWA7pP60fjou9VBhUwDQYJKoZIhvcNAQEL
BQAwgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzE5MDcGA1UEAwwwREVSOjMwOjBk
OjgyOjBiOjZjOjZmOjYzOjYxOjZjOjY4OjZmOjczOjc0OjAwOjY4MR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkx
-MTIxMTc1MFowgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD
+hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkw
+ODIyMTkyOVowgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD
VQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzE5MDcGA1UEAwwwREVS
OjMwOjBkOjgyOjBiOjZjOjZmOjYzOjYxOjZjOjY4OjZmOjczOjc0OjAwOjY4MR8w
HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEF
@@ -64,10 +64,10 @@ U7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEu
uBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTS
ELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0
sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEB
-CwUAA4IBAQCFQGkzB3qqPIb/X8Up1xY4lSIqXr3IDKopSASHWxgOObC/uQFIAUWB
-A1KBsROxga/XmT5e7QqsInc9DyLk9giakcO6QeLRInRMBNNR3jWl9hBA5lAupr0G
-ICwnkB2lsuWHt3csCuII+JNg3KdBf9231O0LWOrsrcN2qxIwQW5Vl8v8OhX4yHn2
-hY1HKOfdp9ZksOX4lyV8N/ZGxLvW+wFZk3x/Len0Fnkt0yVREYhM5PqDtyBI3QP7
-4m5Or523VVUWLBV2xAAJ8FjH251mtiAAUClFFIvUpGPIkQ0McgT2/tQ3hzuUTonC
-IlhFbvpYDuXciWzpjrAJxwfbdwy0MVF3
+CwUAA4IBAQC3oD+/YG0OSarkqAC2fdUVWGBdy0BwRgRs420EsCrr4mSzT6ZHriLI
+QaHMAQwasm/S5c+4rMc8qAQNflPFn+z2Jh7X7W1EpY9ke730Gf1w1Tl62SJyLewJ
+DWHpHz1hcBMc1jREHQSnLJYIC+Zj5QLmldNJdani0ORunIcXOjDU3RZY+Mw5/6Qt
+Pya/QJJusrZtA9hooko9z7kAk1hUWu/qbSjDjMEOYFqM313VC8u15WxXerasjGRn
+9GiNc1BBEWwUtmV9V/8ntfNeftQHKUlrDKrtsqoyo7R4vC0Yb6b66rLIpKPyzNpD
+nOuS6noaj0vth+v2gOpq3tesDp5HLTcw
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der
index 6d126fad..3e1a890d 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem
index 37be2864..13285961 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem
@@ -5,9 +5,9 @@ Certificate:
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
- Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
+ Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
@@ -34,24 +34,24 @@ Certificate:
Netscape Cert Type:
SSL Server
Signature Algorithm: ecdsa-with-SHA256
- 30:45:02:21:00:cf:3a:17:97:d4:be:7c:50:e1:be:1b:53:95:
- 7b:a3:b8:c6:73:c4:34:e0:73:5a:db:3e:cb:3a:b6:a8:f1:cd:
- bf:02:20:2b:e6:f9:65:b2:ab:0f:bb:2b:36:5c:cc:2e:19:a9:
- 59:1c:6f:6f:ce:9b:7a:e6:5b:65:31:33:80:05:cb:7c:96
+ 30:45:02:21:00:86:bd:87:16:d2:9c:66:e7:5e:5c:28:0e:5f:
+ ef:94:61:2f:d4:21:6d:8e:c3:94:0a:1e:b5:6a:1d:c6:04:87:
+ c6:02:20:66:46:c4:29:d9:8e:eb:0b:f7:5b:32:13:eb:0a:ea:
+ 47:99:4b:74:56:ba:21:97:b1:67:75:5c:f3:f3:c0:88:aa
-----BEGIN CERTIFICATE-----
-MIICoTCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
+MIICojCCAkigAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv
bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
-Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
-DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
-QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
-f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
-SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T
-AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ
-YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0gAMEUCIQDPOheX1L58UOG+G1OV
-e6O4xnPENOBzWts+yzq2qPHNvwIgK+b5ZbKrD7srNlzMLhmpWRxvb86beuZbZTEz
-gAXLxJY=
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
+IX/wzxjakRECNIboIFgzC4A0idijgYkwgYYwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
+K0olAiPvsokwMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD86UhMAwGA1Ud
+EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBEG
+CWCGSAGG+EIBAQQEAwIGQDAKBggqhkjOPQQDAgNIADBFAiEAhr2HFtKcZudeXCgO
+X++UYS/UIW2Ow5QKHrVqHcYEh8YCIGZGxCnZjusL91syE+sK6keZS3RWuiGXsWd1
+XPPzxIiq
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der
index 30cd28d9..e5cb198f 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem
index b1b9d1b8..171894d2 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -46,27 +46,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- b9:10:f0:be:fe:c8:67:5e:7d:0f:36:33:c7:17:2a:01:c4:bb:
- 74:83:4c:bc:bb:e2:ba:92:82:3a:d9:2d:8c:0e:e3:75:1b:c0:
- 14:aa:40:1e:a8:11:7d:94:9c:3d:74:7a:3b:16:7b:d8:9d:f0:
- e8:7d:1d:fa:3b:14:42:20:e3:05:a3:fd:b1:0c:f1:2a:c4:00:
- 50:8d:1e:97:93:6a:de:82:13:24:9e:2b:fa:08:85:e3:4f:40:
- fd:63:c7:3d:e9:bd:6f:7c:03:98:85:fe:b4:51:5d:7f:8c:83:
- b3:ad:4a:88:e9:f3:4c:33:84:77:d3:02:35:59:e3:4e:64:a1:
- b7:bb:fb:f8:fb:14:2a:ae:36:bf:d9:82:e7:cb:98:48:16:c8:
- 81:d6:a0:f1:74:14:e3:74:4a:72:4a:f1:6f:dd:be:86:1e:20:
- f3:05:16:83:1f:aa:7c:59:35:97:24:b8:27:b7:56:9f:30:2e:
- 90:e0:19:e0:21:ca:9d:3f:da:99:07:94:79:49:53:14:5c:a2:
- 2c:56:5b:b2:55:68:5c:1f:91:58:9a:cd:53:b5:ea:63:5a:72:
- 49:41:cc:76:9f:88:35:86:0d:60:5d:e5:91:bd:ac:6f:cf:d5:
- 92:27:72:4a:21:f4:58:98:8e:3b:d2:29:e6:ee:fa:e6:b0:6c:
- 8b:1e:e0:54
+ 4a:ff:b9:e5:85:9b:da:53:66:7f:07:22:bf:b6:19:ea:42:eb:
+ a4:11:07:62:ff:39:5f:33:37:3a:87:26:71:3d:13:b2:ca:b8:
+ 64:38:7b:8a:99:48:0e:a5:a4:6b:b1:99:6e:e0:46:51:bd:19:
+ 52:ad:bc:a6:7e:2a:7a:7c:23:a7:cc:db:5e:43:7d:6b:04:c8:
+ b7:dd:95:ad:f0:91:80:59:c5:19:91:26:27:91:b8:48:1c:eb:
+ 55:b6:aa:7d:a4:38:f1:03:bc:6c:8b:aa:94:d6:3c:05:7a:96:
+ c5:06:f1:26:14:2e:75:fb:dd:e5:35:b3:01:2c:b3:ad:62:5a:
+ 21:9a:08:be:56:fc:f9:a2:42:87:86:e5:a9:c5:99:cf:ae:14:
+ be:e0:b9:08:24:0d:1d:5c:d6:14:e1:4c:9f:40:b3:a9:e9:2d:
+ 52:8b:4c:bf:ac:44:31:67:c1:8d:06:85:ec:0f:e4:99:d7:4b:
+ 7b:21:06:66:d4:e4:f5:9d:ff:8e:f0:86:39:58:1d:a4:5b:e2:
+ 63:ef:7c:c9:18:87:a8:02:25:10:3e:87:28:f9:f5:ef:47:9e:
+ a5:80:08:11:90:68:fe:d1:a3:a8:51:b9:37:ff:d5:ca:7c:87:
+ 7f:6b:bc:2c:12:c8:c5:85:8b:fc:0c:c6:b9:86:b8:c9:04:c3:
+ 51:37:d2:4f
-----BEGIN CERTIFICATE-----
MIIE6DCCA9CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
@@ -80,26 +80,26 @@ BBSzETLJkpiE4sn40DtuA0LKHw6OPDCB1AYDVR0jBIHMMIHJgBQnjmcRdMMmHT/t
M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
-9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFCyAzttHnQdmkj1o18qskE/KaUFLMAwG
+9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFDNEGqhsAez2YPJwUQpM0RT6vOlEMAwG
A1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0l
-BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQC5EPC+
-/shnXn0PNjPHFyoBxLt0g0y8u+K6koI62S2MDuN1G8AUqkAeqBF9lJw9dHo7FnvY
-nfDofR36OxRCIOMFo/2xDPEqxABQjR6Xk2reghMkniv6CIXjT0D9Y8c96b1vfAOY
-hf60UV1/jIOzrUqI6fNMM4R30wI1WeNOZKG3u/v4+xQqrja/2YLny5hIFsiB1qDx
-dBTjdEpySvFv3b6GHiDzBRaDH6p8WTWXJLgnt1afMC6Q4BngIcqdP9qZB5R5SVMU
-XKIsVluyVWhcH5FYms1TtepjWnJJQcx2n4g1hg1gXeWRvaxvz9WSJ3JKIfRYmI47
-0inm7vrmsGyLHuBU
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBK/7nl
+hZvaU2Z/ByK/thnqQuukEQdi/zlfMzc6hyZxPROyyrhkOHuKmUgOpaRrsZlu4EZR
+vRlSrbymfip6fCOnzNteQ31rBMi33ZWt8JGAWcUZkSYnkbhIHOtVtqp9pDjxA7xs
+i6qU1jwFepbFBvEmFC51+93lNbMBLLOtYlohmgi+Vvz5okKHhuWpxZnPrhS+4LkI
+JA0dXNYU4UyfQLOp6S1Si0y/rEQxZ8GNBoXsD+SZ10t7IQZm1OT1nf+O8IY5WB2k
+W+Jj73zJGIeoAiUQPoco+fXvR56lgAgRkGj+0aOoUbk3/9XKfId/a7wsEsjFhYv8
+DMa5hrjJBMNRN9JP
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+ 33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -130,7 +130,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -139,27 +139,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
- d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
- 03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
- 75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
- 1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
- ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
- 3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
- 6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
- 11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
- 51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
- b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
- 55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
- b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
- 86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
- d4:b8:9a:2c
+ 2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+ 14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+ ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+ df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+ 06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+ c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+ a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+ f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+ 46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+ 38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+ b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+ b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+ 6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+ d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+ b9:a2:fe:35
-----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -174,12 +174,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4xiw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmixjU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem b/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem
index d163fe5b..8450ca92 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem
@@ -5,8 +5,8 @@ Certificate:
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = testing duplicate policy, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:FALSE
@@ -49,27 +49,27 @@ Certificate:
Explicit Text: Test of duplicate OIDs with different qualifiers
Signature Algorithm: sha256WithRSAEncryption
- 06:e6:e5:15:9e:9a:39:07:0a:9e:cd:fc:0f:4b:77:46:1a:fe:
- 54:ee:8a:3b:43:41:f4:b3:9e:52:2d:92:2a:d3:c2:0d:de:9f:
- 85:bc:fd:df:70:57:b4:9b:7c:38:aa:0f:88:2a:97:1b:ac:73:
- 80:f6:f4:60:f1:7f:29:9c:61:12:48:25:ca:97:1d:e0:d6:96:
- 80:89:97:4f:36:1d:38:28:a8:98:6c:c8:c2:a1:17:45:3d:e1:
- 5b:56:c9:d7:91:2f:91:a1:53:87:9a:1a:d9:4c:9a:e4:e5:10:
- 10:33:10:fa:1d:5c:8c:f0:f2:27:56:47:b9:45:96:e0:5d:ee:
- 17:7a:7a:cd:38:80:ed:fa:c6:a3:c1:8d:c9:57:05:58:cb:ea:
- 21:08:40:3a:18:df:4f:de:68:d4:95:27:9d:cd:2b:96:55:68:
- fe:3d:48:82:27:36:61:32:e2:70:7d:5b:09:aa:16:1c:80:57:
- ae:04:cd:60:ba:38:34:44:cb:5d:f8:86:10:fd:3a:2a:f5:fd:
- 9b:b0:b6:79:66:e5:51:a1:d4:e1:59:41:bd:5e:96:12:a1:51:
- b7:4b:b7:8b:e2:8b:9f:a4:b4:83:a4:d9:1c:22:b8:ef:aa:57:
- 9a:93:4c:89:91:57:9d:15:d9:c3:0a:9a:5d:5e:a9:5a:40:3c:
- 84:18:33:6b
+ ae:92:7f:94:c1:59:de:ec:62:89:79:b5:70:75:22:54:90:c1:
+ 42:6a:dd:79:50:7b:f5:eb:23:9e:99:84:6c:ba:ca:d8:2e:15:
+ ed:f2:cb:ee:2a:b7:50:ca:82:fe:52:87:93:cf:22:5a:db:23:
+ 3f:c2:22:a4:5a:02:f9:73:ac:0e:fe:2e:62:fb:6a:5d:1d:71:
+ 13:ae:b8:c3:af:e9:6a:4c:a9:73:ca:fb:a9:69:b3:a2:62:ec:
+ e8:20:44:63:bf:49:ea:aa:90:e4:00:9c:fe:69:8c:99:4a:32:
+ e6:1a:2b:ae:1b:b9:82:53:8c:b0:06:ac:10:40:42:aa:68:da:
+ 40:b7:92:f0:78:f6:5a:b6:ae:a2:a6:45:58:05:58:58:ca:bc:
+ 85:92:92:52:e2:a4:c0:aa:9e:9a:03:f1:d4:a9:1f:46:ed:49:
+ 76:71:76:3a:bb:47:ee:12:24:60:db:a4:2c:0d:9c:62:bf:1d:
+ a3:b4:80:68:18:32:32:51:9f:0a:49:3e:5c:20:f4:45:c8:11:
+ 4d:b3:43:b1:a1:33:8b:07:b5:b4:86:66:0c:f7:b9:62:0a:2f:
+ 53:29:dd:d0:9a:1a:64:86:7e:f6:72:fd:f9:ee:75:a1:20:d5:
+ dc:9d:03:60:32:f6:11:a9:9b:56:d7:5d:b0:65:fd:5f:c8:0e:
+ 08:a4:f0:e6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxITAf
BgNVBAsMGHRlc3RpbmcgZHVwbGljYXRlIHBvbGljeTEYMBYGA1UEAwwPd3d3Lndv
bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -83,27 +83,27 @@ o4IBfTCCAXkwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHUBgNVHSME
gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswCQYDVR0TBAIwADB2BgNVHSAEbzBtMAUGAyoDBDBkBgMq
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwCQYDVR0TBAIwADB2BgNVHSAEbzBtMAUGAyoDBDBkBgMq
AwQwXTAbBggrBgEFBQcCARYPd3d3LndvbGZzc2wuY29tMD4GCCsGAQUFBwICMDIa
MFRlc3Qgb2YgZHVwbGljYXRlIE9JRHMgd2l0aCBkaWZmZXJlbnQgcXVhbGlmaWVy
-czANBgkqhkiG9w0BAQsFAAOCAQEABublFZ6aOQcKns38D0t3Rhr+VO6KO0NB9LOe
-Ui2SKtPCDd6fhbz933BXtJt8OKoPiCqXG6xzgPb0YPF/KZxhEkglypcd4NaWgImX
-TzYdOCiomGzIwqEXRT3hW1bJ15EvkaFTh5oa2Uya5OUQEDMQ+h1cjPDyJ1ZHuUWW
-4F3uF3p6zTiA7frGo8GNyVcFWMvqIQhAOhjfT95o1JUnnc0rllVo/j1Igic2YTLi
-cH1bCaoWHIBXrgTNYLo4NETLXfiGEP06KvX9m7C2eWblUaHU4VlBvV6WEqFRt0u3
-i+KLn6S0g6TZHCK476pXmpNMiZFXnRXZwwqaXV6pWkA8hBgzaw==
+czANBgkqhkiG9w0BAQsFAAOCAQEArpJ/lMFZ3uxiiXm1cHUiVJDBQmrdeVB79esj
+npmEbLrK2C4V7fLL7iq3UMqC/lKHk88iWtsjP8IipFoC+XOsDv4uYvtqXR1xE664
+w6/pakypc8r7qWmzomLs6CBEY79J6qqQ5ACc/mmMmUoy5horrhu5glOMsAasEEBC
+qmjaQLeS8Hj2WrauoqZFWAVYWMq8hZKSUuKkwKqemgPx1KkfRu1JdnF2OrtH7hIk
+YNukLA2cYr8do7SAaBgyMlGfCkk+XCD0RcgRTbNDsaEziwe1tIZmDPe5YgovUynd
+0JoaZIZ+9nL9+e51oSDV3J0DYDL2EambVtddsGX9X8gOCKTw5g==
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+ 33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:49 2022 GMT
- Not After : Sep 11 21:17:49 2025 GMT
+ Not Before: Dec 13 22:19:28 2023 GMT
+ Not After : Sep 8 22:19:28 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -134,7 +134,7 @@ Certificate:
X509v3 Authority Key Identifier:
keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
- serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+ serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
X509v3 Basic Constraints:
CA:TRUE
@@ -143,27 +143,27 @@ Certificate:
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Signature Algorithm: sha256WithRSAEncryption
- ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
- d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
- 03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
- 75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
- 1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
- ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
- 3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
- 6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
- 11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
- 51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
- b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
- 55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
- b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
- 86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
- d4:b8:9a:2c
+ 2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+ 14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+ ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+ df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+ 06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+ c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+ a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+ f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+ 46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+ 38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+ b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+ b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+ 6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+ d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+ b9:a2:fe:35
-----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -178,12 +178,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-garbage.der b/extra/wolfssl/wolfssl/certs/test/server-garbage.der
index caed24b7..c488dc57 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-garbage.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-garbage.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-garbage.pem b/extra/wolfssl/wolfssl/certs/test/server-garbage.pem
index dff68273..4c074ef6 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-garbage.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-garbage.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 56:d8:ee:2d:0e:b3:67:82:6b:9b:76:c3:6c:c0:4d:3e:de:a4:82:4c
+ 29:92:30:0a:e4:14:e1:59:32:49:a9:66:fd:11:f5:b2:16:d6:7a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:30 2023 GMT
+ Not After : Sep 8 22:19:30 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
X509v3 Subject Alternative Name:
DNS:garbage
Signature Algorithm: sha256WithRSAEncryption
- 81:bc:29:f9:85:0f:21:3e:c1:bf:a5:90:25:d0:34:ed:82:0f:
- d0:dc:c0:4c:2e:b7:09:bd:61:0e:5f:e7:35:b0:30:ca:4b:62:
- 04:e8:ea:9e:0d:70:7a:d2:7b:d8:f7:69:bc:f0:4a:7b:fc:84:
- 2e:1f:ef:27:c6:22:f7:ea:6a:03:7f:0b:e9:23:44:41:23:53:
- e8:db:8f:1c:c6:03:d8:0c:95:71:a5:56:a5:14:0d:0c:d2:9e:
- 4f:51:81:60:89:f8:d2:88:1e:d8:08:27:64:a3:25:b8:38:eb:
- 5a:8c:9f:7c:00:d5:84:26:f8:3d:4a:f1:be:b8:74:9b:8d:63:
- f5:59:48:15:aa:b7:aa:c2:5c:ac:f0:f1:98:1f:7d:63:23:52:
- 14:fd:03:c2:0d:17:4d:c0:73:e4:a8:2d:cc:0a:cd:17:2d:72:
- 8c:c1:f0:ff:2e:b3:8e:95:38:3e:06:be:dd:10:77:8b:70:5d:
- 0f:c5:80:72:ff:a5:f7:2d:9c:e8:06:b3:9c:19:37:3f:ef:11:
- ed:30:5c:13:0d:49:14:fe:3e:40:e7:b0:49:ac:39:f6:19:3f:
- c5:b7:77:02:3e:2f:0c:d2:40:8f:1a:0f:95:63:0e:34:af:20:
- c8:32:e2:76:b4:a8:ef:f0:8d:bf:99:97:6a:e4:d8:f8:96:0a:
- cf:7a:07:8f
+ 34:5e:01:46:29:63:4f:93:cf:48:77:45:39:48:68:cf:c6:54:
+ 94:56:14:6f:17:2d:e1:83:48:8b:91:70:6d:5f:d8:14:fc:a4:
+ a9:bc:fa:58:63:ce:57:2f:c5:b6:61:8b:c3:6d:dc:39:83:2e:
+ f3:78:d9:2b:b9:ed:f0:ef:c2:82:17:1b:ac:97:2a:c0:3a:9f:
+ f9:b7:6b:a6:0e:1c:af:17:be:74:d0:ff:11:ea:48:6d:f6:b8:
+ e8:11:db:c9:ca:49:e5:18:d9:51:3d:eb:76:56:b6:ce:da:cd:
+ a6:cb:ac:a3:06:5e:b7:b0:f6:2b:ba:dc:0f:c4:12:01:7e:8b:
+ c7:e4:ad:59:72:4a:a5:25:7a:bd:ec:1d:f4:89:f8:aa:c7:c8:
+ ad:8c:1c:d5:19:55:f9:32:75:f6:04:2c:67:86:d5:e8:f5:be:
+ bd:76:0b:bb:bb:8f:7d:1a:70:a2:9c:16:88:ca:de:14:9d:a2:
+ 0a:23:36:fd:02:bc:6d:ee:f4:7a:41:e2:2d:21:d0:5f:eb:ec:
+ 4e:4b:71:aa:80:57:63:da:39:2b:ce:37:5a:26:64:ad:6b:bc:
+ a6:24:90:b6:e8:b2:4a:19:98:e8:06:17:12:f8:57:74:44:f7:
+ b9:16:67:2d:be:66:fb:4d:a6:66:e7:b5:58:f8:9c:51:1d:56:
+ fd:ef:bf:6e
-----BEGIN CERTIFICATE-----
-MIIDnDCCAoSgAwIBAgIUVtjuLQ6zZ4Jrm3bDbMBNPt6kgkwwDQYJKoZIhvcNAQEL
+MIIDnDCCAoSgAwIBAgIUKZIwCuQU4VkySalm/RH1shbWetAwDQYJKoZIhvcNAQEL
BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUw
-WhcNMjUwOTExMjExNzUwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTMw
+WhcNMjYwOTA4MjIxOTMwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV
BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG
@@ -66,10 +66,10 @@ C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM
vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3
uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC
AwEAAaMWMBQwEgYDVR0RBAswCYIHZ2FyYmFnZTANBgkqhkiG9w0BAQsFAAOCAQEA
-gbwp+YUPIT7Bv6WQJdA07YIP0NzATC63Cb1hDl/nNbAwyktiBOjqng1wetJ72Pdp
-vPBKe/yELh/vJ8Yi9+pqA38L6SNEQSNT6NuPHMYD2AyVcaVWpRQNDNKeT1GBYIn4
-0oge2AgnZKMluDjrWoyffADVhCb4PUrxvrh0m41j9VlIFaq3qsJcrPDxmB99YyNS
-FP0Dwg0XTcBz5KgtzArNFy1yjMHw/y6zjpU4Pga+3RB3i3BdD8WAcv+l9y2c6Aaz
-nBk3P+8R7TBcEw1JFP4+QOewSaw59hk/xbd3Aj4vDNJAjxoPlWMONK8gyDLidrSo
-7/CNv5mXauTY+JYKz3oHjw==
+NF4BRiljT5PPSHdFOUhoz8ZUlFYUbxct4YNIi5FwbV/YFPykqbz6WGPOVy/FtmGL
+w23cOYMu83jZK7nt8O/CghcbrJcqwDqf+bdrpg4crxe+dND/EepIbfa46BHbycpJ
+5RjZUT3rdla2ztrNpsusowZet7D2K7rcD8QSAX6Lx+StWXJKpSV6vewd9In4qsfI
+rYwc1RlV+TJ19gQsZ4bV6PW+vXYLu7uPfRpwopwWiMreFJ2iCiM2/QK8be70ekHi
+LSHQX+vsTktxqoBXY9o5K843WiZkrWu8piSQtuiyShmY6AYXEvhXdET3uRZnLb5m
++02mZue1WPicUR1W/e+/bg==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodalt.der b/extra/wolfssl/wolfssl/certs/test/server-goodalt.der
index cc5fd898..e5ffb53d 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodalt.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodalt.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem b/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem
index 2189ad1b..e9a84e87 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 5f:49:44:09:72:71:cb:23:ae:86:03:8e:8c:8f:7f:54:4f:e8:ec:4e
+ 32:70:6e:5f:3a:4b:a4:f1:68:7f:40:58:7b:f4:de:25:f8:da:7a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
X509v3 Subject Alternative Name:
DNS:localhost
Signature Algorithm: sha256WithRSAEncryption
- 6d:c3:9c:73:21:47:6d:5f:da:84:1b:78:7b:47:9d:62:de:89:
- d0:95:4b:52:9a:ba:cf:a4:64:d5:cf:49:fd:a3:3a:32:df:c6:
- 15:cc:9a:cc:7e:7d:2f:bb:6b:9e:d4:15:ad:95:ec:ee:c4:ca:
- a3:72:c3:e5:21:49:c7:40:56:dd:0e:76:65:9a:fe:a9:00:c2:
- 5f:b7:91:04:90:17:05:b6:79:e1:b0:07:bc:25:4b:8d:c0:b8:
- 65:08:75:c4:c2:e3:48:54:a9:1b:0d:fd:17:6e:f7:b1:f0:ec:
- 4e:fe:43:01:9c:28:34:8c:d2:dd:b1:7f:f3:47:24:fd:13:ee:
- 87:05:96:4f:11:7c:3c:af:a0:72:02:73:04:8e:e4:6e:f6:da:
- 0c:41:c7:b8:6c:15:4c:53:b1:6c:a9:79:9c:e5:5f:c2:0d:08:
- 50:e8:17:a7:dd:ab:10:a7:c5:88:78:dc:a1:ee:f0:ed:13:68:
- ab:53:56:7c:2f:b5:e5:b4:0f:65:ce:d6:2c:f8:44:bf:88:f5:
- c8:4a:c9:7f:fb:9b:73:ca:cf:da:f8:e0:1c:01:7c:c4:b7:3e:
- 8b:2e:7a:fa:50:ef:01:eb:9a:0f:11:f9:18:94:e2:f8:28:f2:
- 50:2e:f3:14:ab:3a:3a:1f:24:ef:d2:bc:2d:42:84:42:38:3b:
- 33:d8:8b:1f
+ 1a:fb:18:e0:cc:2f:fe:92:34:87:01:35:a1:e3:9f:8b:c5:5a:
+ 22:f6:9a:2f:19:08:99:1d:0d:e7:23:84:23:28:dd:ff:13:39:
+ ca:73:1e:e0:c5:22:21:ab:b3:0e:74:a3:e6:c9:7b:a2:50:6c:
+ 35:c1:2f:30:eb:90:c5:36:4a:95:3c:43:c5:e4:fc:80:08:ce:
+ 69:2a:3f:50:66:8f:81:71:24:61:68:d3:34:69:b8:d7:11:27:
+ b8:53:21:5f:19:6f:cc:66:e4:fd:07:95:7f:e1:d3:d4:91:2b:
+ 6f:d0:01:dc:5c:0c:72:10:2b:da:a7:2c:9d:eb:e3:e2:86:84:
+ ab:b5:73:01:00:02:84:29:90:10:c0:13:70:d7:d8:da:da:ac:
+ dc:75:8e:a8:ef:a3:c4:cf:aa:c2:83:66:8f:f9:0d:23:0d:9a:
+ 1b:b2:d3:04:3d:91:1e:f1:9a:5f:15:85:94:af:89:8b:d7:6d:
+ cf:f8:06:e1:e8:30:b6:ef:6d:fc:33:19:a1:91:af:fc:f3:bf:
+ 0d:ae:97:ec:c3:ea:1e:17:76:3b:e4:57:c1:bd:27:16:58:03:
+ 95:02:6f:c8:fa:7e:0b:7b:a8:d4:e7:38:11:b3:a8:6f:ce:6e:
+ 6f:9f:68:c2:c6:93:06:00:49:0a:76:43:2c:8d:b0:49:9f:02:
+ fb:e2:6a:39
-----BEGIN CERTIFICATE-----
-MIIDrDCCApSgAwIBAgIUX0lECXJxyyOuhgOOjI9/VE/o7E4wDQYJKoZIhvcNAQEL
+MIIDrDCCApSgAwIBAgIUMnBuXzpLpPFof0BYe/TeJfjaes8wDQYJKoZIhvcNAQEL
BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
4eZhg8XSlt/Z0E+t1wIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJ
-KoZIhvcNAQELBQADggEBAG3DnHMhR21f2oQbeHtHnWLeidCVS1Kaus+kZNXPSf2j
-OjLfxhXMmsx+fS+7a57UFa2V7O7EyqNyw+UhScdAVt0OdmWa/qkAwl+3kQSQFwW2
-eeGwB7wlS43AuGUIdcTC40hUqRsN/Rdu97Hw7E7+QwGcKDSM0t2xf/NHJP0T7ocF
-lk8RfDyvoHICcwSO5G722gxBx7hsFUxTsWypeZzlX8INCFDoF6fdqxCnxYh43KHu
-8O0TaKtTVnwvteW0D2XO1iz4RL+I9chKyX/7m3PKz9r44BwBfMS3PosuevpQ7wHr
-mg8R+RiU4vgo8lAu8xSrOjofJO/SvC1ChEI4OzPYix8=
+KoZIhvcNAQELBQADggEBABr7GODML/6SNIcBNaHjn4vFWiL2mi8ZCJkdDecjhCMo
+3f8TOcpzHuDFIiGrsw50o+bJe6JQbDXBLzDrkMU2SpU8Q8Xk/IAIzmkqP1Bmj4Fx
+JGFo0zRpuNcRJ7hTIV8Zb8xm5P0HlX/h09SRK2/QAdxcDHIQK9qnLJ3r4+KGhKu1
+cwEAAoQpkBDAE3DX2NrarNx1jqjvo8TPqsKDZo/5DSMNmhuy0wQ9kR7xml8VhZSv
+iYvXbc/4BuHoMLbvbfwzGaGRr/zzvw2ul+zD6h4XdjvkV8G9JxZYA5UCb8j6fgt7
+qNTnOBGzqG/Obm+faMLGkwYASQp2QyyNsEmfAvviajk=
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der
index 2cfbd655..64290e69 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem
index 74d763ca..2d3b4134 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 2c:88:b2:20:85:90:6b:03:49:f6:35:7a:27:4b:12:1d:6a:67:b9:42
+ 4c:d4:49:58:80:7d:50:06:e0:9e:5c:a6:4a:e1:90:26:53:59:90:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
X509v3 Subject Alternative Name:
DNS:*localhost
Signature Algorithm: sha256WithRSAEncryption
- 4c:41:a3:9e:76:d0:37:53:ae:2a:7c:f5:d7:f2:f0:fa:f8:78:
- 23:b5:5b:44:cc:d8:9a:25:f1:cc:c5:30:e5:ae:3c:ed:a4:77:
- b5:5d:64:35:ea:fe:82:a5:1d:6b:5c:d2:73:0a:06:c1:80:b5:
- 25:7d:38:f9:08:c1:59:78:81:e5:88:06:6a:28:7b:9c:3b:fa:
- 33:df:8b:50:f5:9a:b7:fe:3d:59:62:ad:57:a4:34:e2:ea:6b:
- 40:7b:09:1c:13:94:fe:ce:88:bb:1f:dd:c2:8e:09:f8:a5:94:
- 57:e5:61:6a:da:b2:be:ec:06:44:66:08:7d:1d:a8:8a:42:19:
- 0e:aa:ca:36:c2:bc:62:1a:91:62:9d:d0:59:fd:53:9e:24:8c:
- 67:77:e6:df:4f:58:9d:f0:81:9e:fd:59:b4:e4:37:67:50:c0:
- 1e:d5:ac:2b:4b:27:32:7d:71:10:89:e7:b7:a3:5d:a2:0a:26:
- 81:bb:85:e2:73:a0:b4:c6:1a:7d:93:dc:b1:71:f5:e6:ec:1e:
- 34:c0:21:0d:4e:2f:e6:dd:89:2c:9f:e9:39:86:8e:b2:ed:f0:
- a8:94:00:a9:cb:24:65:94:35:51:df:a7:3e:79:bb:82:e8:4b:
- 7d:4b:17:1f:3a:11:07:d3:cf:bb:51:fb:27:85:10:65:b6:60:
- 09:3c:f3:7d
+ 4d:31:3b:e4:6f:26:b4:33:2f:1a:10:12:34:f8:97:47:79:05:
+ 74:51:97:1c:22:96:89:b9:b3:63:af:e4:d4:eb:9f:97:e7:b3:
+ 8f:eb:52:0a:94:39:de:2f:df:4c:9c:15:0b:c0:91:b9:68:95:
+ 58:a1:78:82:82:4d:e7:81:c4:45:1a:94:d9:16:40:46:27:f3:
+ 33:08:8c:dd:c0:93:f4:2c:0e:1b:26:d5:fd:2f:8d:39:6f:63:
+ 63:be:3d:96:c4:3d:d7:25:1b:56:11:53:4e:c2:3c:fb:cb:ed:
+ 73:ab:87:c5:5f:5b:a6:47:4b:da:7e:84:30:ff:90:0b:b1:d0:
+ 15:e8:39:3d:0f:4f:de:a9:60:15:e3:44:c4:46:ee:c7:52:ff:
+ ee:23:1d:8c:73:53:87:e9:94:82:60:9b:ca:b8:b4:41:5f:3b:
+ bd:36:03:54:b2:bf:42:69:bd:49:b7:0f:26:16:ec:03:2c:b9:
+ 0c:38:15:20:c5:b6:9a:18:f1:30:7e:4a:11:7f:da:44:54:de:
+ 1e:0d:d1:e5:c9:46:0c:1b:50:6a:4d:61:89:58:61:46:40:2a:
+ fe:18:9d:64:90:ea:32:61:85:92:5a:3e:41:43:83:4d:ec:f4:
+ 98:15:95:f0:79:55:7f:81:59:31:2b:80:a8:ea:60:5c:78:04:
+ 3d:42:d0:51
-----BEGIN CERTIFICATE-----
-MIIDrTCCApWgAwIBAgIULIiyIIWQawNJ9jV6J0sSHWpnuUIwDQYJKoZIhvcNAQEL
+MIIDrTCCApWgAwIBAgIUTNRJWIB9UAbgnlymSuGQJlNZkIkwDQYJKoZIhvcNAQEL
BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
4eZhg8XSlt/Z0E+t1wIDAQABoxkwFzAVBgNVHREEDjAMggoqbG9jYWxob3N0MA0G
-CSqGSIb3DQEBCwUAA4IBAQBMQaOedtA3U64qfPXX8vD6+HgjtVtEzNiaJfHMxTDl
-rjztpHe1XWQ16v6CpR1rXNJzCgbBgLUlfTj5CMFZeIHliAZqKHucO/oz34tQ9Zq3
-/j1ZYq1XpDTi6mtAewkcE5T+zoi7H93Cjgn4pZRX5WFq2rK+7AZEZgh9HaiKQhkO
-qso2wrxiGpFindBZ/VOeJIxnd+bfT1id8IGe/Vm05DdnUMAe1awrSycyfXEQiee3
-o12iCiaBu4Xic6C0xhp9k9yxcfXm7B40wCENTi/m3Yksn+k5ho6y7fColACpyyRl
-lDVR36c+ebuC6Et9SxcfOhEH08+7UfsnhRBltmAJPPN9
+CSqGSIb3DQEBCwUAA4IBAQBNMTvkbya0My8aEBI0+JdHeQV0UZccIpaJubNjr+TU
+65+X57OP61IKlDneL99MnBULwJG5aJVYoXiCgk3ngcRFGpTZFkBGJ/MzCIzdwJP0
+LA4bJtX9L405b2Njvj2WxD3XJRtWEVNOwjz7y+1zq4fFX1umR0vafoQw/5ALsdAV
+6Dk9D0/eqWAV40TERu7HUv/uIx2Mc1OH6ZSCYJvKuLRBXzu9NgNUsr9Cab1Jtw8m
+FuwDLLkMOBUgxbaaGPEwfkoRf9pEVN4eDdHlyUYMG1BqTWGJWGFGQCr+GJ1kkOoy
+YYWSWj5BQ4NN7PSYFZXweVV/gVkxK4Co6mBceAQ9QtBR
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcn.der b/extra/wolfssl/wolfssl/certs/test/server-goodcn.der
index d38dce29..ff652b1e 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcn.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcn.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem b/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem
index 72d4f5fb..d449306b 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 66:fe:3c:b9:70:bf:2e:6a:7d:8d:9f:94:e5:06:e5:26:ae:c0:51:ba
+ 7c:c0:69:44:bd:22:dd:2c:29:c1:55:88:f4:14:63:f5:ac:07:6d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -33,27 +33,27 @@ Certificate:
ad:d7
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
- 45:91:94:ae:af:8c:15:13:c7:65:03:3d:d3:18:9b:68:aa:11:
- 0c:d5:b9:e1:7c:a2:24:39:ee:d8:79:d5:be:5f:f4:b2:bf:2b:
- c1:fe:9d:e9:8f:e2:cb:89:1d:8b:56:71:a6:1e:16:a9:e7:f9:
- f8:e5:2e:36:fc:af:07:1f:63:89:b1:75:6e:b0:4a:91:5a:f2:
- fa:e9:81:c5:c2:9b:50:cd:97:a0:4d:57:79:53:e4:17:03:dd:
- bf:f0:e1:57:46:16:19:71:2f:c7:ab:d2:1e:d1:f1:7d:44:32:
- 88:49:e5:a5:ac:5c:80:de:96:aa:cc:05:6f:0a:6c:98:cc:0f:
- 8e:c8:50:f3:13:a8:9f:e2:16:98:e1:33:60:bf:7d:5a:18:8f:
- 6e:d8:19:cb:3c:ea:d0:3c:65:a5:1a:4a:ee:9b:b9:46:59:78:
- c9:18:55:a4:4e:74:65:fe:de:97:e9:6e:7f:8c:e0:6e:4b:8c:
- b8:b8:37:cb:ed:f4:25:a8:1d:90:28:86:6e:1a:be:70:3a:cd:
- 56:d9:74:27:d3:5d:9d:94:65:0f:a3:79:64:0c:b9:49:b3:eb:
- f3:f5:26:f2:54:ba:ed:b2:5f:6a:21:77:53:08:30:10:47:bb:
- 58:e7:60:33:cb:3a:45:a9:98:ab:e2:84:5b:4e:d4:ba:60:01:
- 7d:cc:40:88
+ 49:ff:59:9d:20:42:36:a3:d1:3d:5d:c1:37:24:42:22:9d:8a:
+ f9:61:98:45:0b:0d:9d:f7:1a:30:0b:54:9a:65:e7:e4:68:84:
+ 59:c1:28:43:8f:59:08:43:83:4e:95:9c:0d:91:43:53:6a:19:
+ cc:f1:d0:af:74:5a:12:34:8e:0c:18:21:83:ad:4f:a9:a5:fe:
+ df:af:9d:96:22:1b:21:0d:fd:99:6f:58:0c:cb:4a:e6:7f:32:
+ df:d5:10:b2:70:f0:4d:49:6e:1f:64:82:58:27:a8:58:c9:9b:
+ f1:de:30:b6:bd:8b:a6:23:3c:58:a5:d9:f5:74:b2:c1:96:b3:
+ 6b:56:d5:45:47:3d:ba:f9:0e:ba:59:73:43:31:cc:2a:2c:bd:
+ 87:01:f9:f0:bc:6e:f2:6e:20:a3:07:ca:f7:43:e7:1b:35:85:
+ bc:f7:84:1e:ff:33:21:74:19:45:85:b4:81:77:64:41:1b:02:
+ c9:e3:a4:39:48:62:8d:fd:1b:96:6f:64:dc:e9:75:a5:74:c3:
+ a5:3c:55:87:0d:cd:4c:ec:f5:9a:e9:9f:a3:0b:a4:80:ef:c7:
+ 58:4b:f4:60:b7:5a:4c:dc:93:10:79:43:c3:ac:1b:b1:6d:d8:
+ 8f:b6:f5:db:82:0d:6e:58:38:9d:23:97:41:7d:39:cd:9c:89:
+ 7d:64:bc:4f
-----BEGIN CERTIFICATE-----
-MIIDhDCCAmygAwIBAgIUZv48uXC/Lmp9jZ+U5QblJq7AUbowDQYJKoZIhvcNAQEL
+MIIDhDCCAmygAwIBAgIUfMBpRL0i3SwpwVWI9BRj9awHbcUwDQYJKoZIhvcNAQEL
BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUw
-WhcNMjUwOTExMjExNzUwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5
+WhcNMjYwOTA4MjIxOTI5WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV
BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG
@@ -62,10 +62,10 @@ e7rgIeVyLm8uhtiVc9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/
C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM
vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3
uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC
-AwEAATANBgkqhkiG9w0BAQsFAAOCAQEARZGUrq+MFRPHZQM90xibaKoRDNW54Xyi
-JDnu2HnVvl/0sr8rwf6d6Y/iy4kdi1Zxph4Wqef5+OUuNvyvBx9jibF1brBKkVry
-+umBxcKbUM2XoE1XeVPkFwPdv/DhV0YWGXEvx6vSHtHxfUQyiEnlpaxcgN6WqswF
-bwpsmMwPjshQ8xOon+IWmOEzYL99WhiPbtgZyzzq0DxlpRpK7pu5Rll4yRhVpE50
-Zf7el+luf4zgbkuMuLg3y+30JagdkCiGbhq+cDrNVtl0J9NdnZRlD6N5ZAy5SbPr
-8/Um8lS67bJfaiF3UwgwEEe7WOdgM8s6RamYq+KEW07UumABfcxAiA==
+AwEAATANBgkqhkiG9w0BAQsFAAOCAQEASf9ZnSBCNqPRPV3BNyRCIp2K+WGYRQsN
+nfcaMAtUmmXn5GiEWcEoQ49ZCEODTpWcDZFDU2oZzPHQr3RaEjSODBghg61PqaX+
+36+dliIbIQ39mW9YDMtK5n8y39UQsnDwTUluH2SCWCeoWMmb8d4wtr2LpiM8WKXZ
+9XSywZaza1bVRUc9uvkOullzQzHMKiy9hwH58Lxu8m4gowfK90PnGzWFvPeEHv8z
+IXQZRYW0gXdkQRsCyeOkOUhijf0blm9k3Ol1pXTDpTxVhw3NTOz1mumfowukgO/H
+WEv0YLdaTNyTEHlDw6wbsW3Yj7b124INblg4nSOXQX05zZyJfWS8Tw==
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der
index d198b52b..c9143073 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem
index d60d49bf..256cf26f 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 78:39:82:cc:18:26:21:f2:cf:fb:d3:8a:07:ff:c4:eb:ea:82:c6:26
+ 2e:f2:01:15:bc:ba:a6:74:6e:b4:49:8e:f3:09:8c:9c:ca:3e:fe:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -33,27 +33,27 @@ Certificate:
ad:d7
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
- 99:97:4e:83:6a:1e:c6:54:31:bb:b1:83:36:14:1c:00:25:59:
- c9:e9:c0:51:c0:70:d8:3a:de:79:5e:af:04:48:61:8b:ea:7c:
- 75:e4:a3:c5:62:26:a3:70:9d:26:3d:47:60:ca:a0:96:e8:82:
- a6:81:c7:77:48:aa:20:b0:be:cc:ef:5a:80:29:6a:2e:37:6e:
- 37:b5:d2:f6:fd:f6:c2:fb:87:9f:4a:2f:16:1b:01:f1:33:0c:
- b3:75:30:09:98:fc:1f:73:01:83:02:22:b4:0a:3d:07:e4:55:
- c6:17:f6:98:c3:9b:38:9e:41:a1:cc:26:51:a8:07:4d:37:b8:
- 93:41:ac:45:ae:ff:77:39:dc:48:1e:56:56:59:98:6e:93:fb:
- 76:38:02:bf:24:2f:03:08:a4:92:21:15:df:23:d4:c4:14:1b:
- 20:46:f7:04:eb:dc:1a:02:aa:b1:11:ea:29:3b:ca:5e:27:c1:
- 28:0a:bf:7c:b6:dc:16:8b:5e:30:8d:72:5b:c6:d2:71:b6:c4:
- 5e:e0:7a:a6:fc:06:2d:6a:78:56:b8:49:35:7b:14:e9:d1:3d:
- c3:06:be:3f:1c:dc:67:e9:11:5f:46:71:06:66:09:fa:df:c1:
- 05:60:73:a8:27:f2:cd:48:48:dc:bf:92:02:82:90:d9:d1:51:
- 49:44:01:67
+ 96:b2:8f:e5:31:57:57:6a:f2:48:1e:97:9a:71:75:10:22:a1:
+ 38:2c:9e:4f:d7:2f:7c:5d:e7:9f:19:8f:9c:00:b3:74:7e:10:
+ 69:7b:a5:71:2f:36:a2:79:02:51:4d:bb:e1:78:01:77:f6:13:
+ 85:84:46:ac:96:88:5b:47:4d:dd:d2:fd:5e:e4:49:3a:64:0b:
+ 67:af:95:3e:bf:40:4d:0f:a0:28:61:37:6b:41:b9:ad:dc:8c:
+ f4:0c:8b:b5:49:20:19:e2:7f:0b:63:e5:fc:06:6d:16:4f:ba:
+ b6:1a:3c:d4:4f:b3:a4:bd:c0:96:f5:a8:7f:01:85:a3:4a:ab:
+ c3:73:77:68:55:1b:26:84:60:2f:72:af:d1:c4:55:4a:a8:3d:
+ ce:fc:3e:b3:55:37:aa:df:0f:07:6c:5f:2b:0f:05:7f:bc:df:
+ 62:b3:68:f5:c2:0c:48:f8:b6:41:c5:e0:ac:7d:a4:50:f2:bc:
+ 61:0a:1c:5b:c5:b8:31:b1:ea:95:3f:6a:23:88:b3:74:7b:9f:
+ 1d:7c:11:23:f3:89:8b:71:a5:fa:e6:39:2c:10:af:8e:e9:8e:
+ c6:25:ca:76:db:d9:95:40:e5:15:f3:67:d6:67:3b:9e:42:9e:
+ ec:c2:cb:3a:c1:f8:bc:eb:b5:24:6d:ef:f6:00:ba:70:75:a4:
+ 32:7d:d0:33
-----BEGIN CERTIFICATE-----
-MIIDhjCCAm6gAwIBAgIUeDmCzBgmIfLP+9OKB//E6+qCxiYwDQYJKoZIhvcNAQEL
+MIIDhjCCAm6gAwIBAgIULvIBFby6pnRutEmO8wmMnMo+/jIwDQYJKoZIhvcNAQEL
BQAwfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRMwEQYDVQQDDAoqbG9jYWxob3N0
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1
-MFoXDTI1MDkxMTIxMTc1MFowfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTky
+OVoXDTI2MDkwODIyMTkyOVowfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
bmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRMwEQYD
VQQDDAoqbG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScB
@@ -62,10 +62,10 @@ yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF
9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1m
UQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOV
oXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t
-1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCZl06Dah7GVDG7sYM2FBwAJVnJ6cBR
-wHDYOt55Xq8ESGGL6nx15KPFYiajcJ0mPUdgyqCW6IKmgcd3SKogsL7M71qAKWou
-N243tdL2/fbC+4efSi8WGwHxMwyzdTAJmPwfcwGDAiK0Cj0H5FXGF/aYw5s4nkGh
-zCZRqAdNN7iTQaxFrv93OdxIHlZWWZhuk/t2OAK/JC8DCKSSIRXfI9TEFBsgRvcE
-69waAqqxEeopO8peJ8EoCr98ttwWi14wjXJbxtJxtsRe4Hqm/AYtanhWuEk1exTp
-0T3DBr4/HNxn6RFfRnEGZgn638EFYHOoJ/LNSEjcv5ICgpDZ0VFJRAFn
+1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCWso/lMVdXavJIHpeacXUQIqE4LJ5P
+1y98XeefGY+cALN0fhBpe6VxLzaieQJRTbvheAF39hOFhEaslohbR03d0v1e5Ek6
+ZAtnr5U+v0BND6AoYTdrQbmt3Iz0DIu1SSAZ4n8LY+X8Bm0WT7q2GjzUT7OkvcCW
+9ah/AYWjSqvDc3doVRsmhGAvcq/RxFVKqD3O/D6zVTeq3w8HbF8rDwV/vN9is2j1
+wgxI+LZBxeCsfaRQ8rxhChxbxbgxseqVP2ojiLN0e58dfBEj84mLcaX65jksEK+O
+6Y7GJcp229mVQOUV82fWZzueQp7swss6wfi867Ukbe/2ALpwdaQyfdAz
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-localhost.der b/extra/wolfssl/wolfssl/certs/test/server-localhost.der
index 19d98246..2ed23e20 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-localhost.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-localhost.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/certs/test/server-localhost.pem b/extra/wolfssl/wolfssl/certs/test/server-localhost.pem
index 63f2e8b8..fc4df2da 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-localhost.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-localhost.pem
@@ -2,12 +2,12 @@ Certificate:
Data:
Version: 3 (0x2)
Serial Number:
- 56:aa:0b:f0:d8:fd:0f:4a:4c:e0:99:85:fe:c1:9b:75:24:fb:01:b6
+ 32:31:fc:d6:4a:77:2b:3b:c9:07:02:ae:b4:e7:b7:d3:a4:61:56:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
Validity
- Not Before: Dec 16 21:17:50 2022 GMT
- Not After : Sep 11 21:17:50 2025 GMT
+ Not Before: Dec 13 22:19:29 2023 GMT
+ Not After : Sep 8 22:19:29 2026 GMT
Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
X509v3 Subject Alternative Name:
DNS:localhost
Signature Algorithm: sha256WithRSAEncryption
- 10:6d:76:f3:8e:93:63:0d:44:08:e2:29:23:cb:76:38:cd:29:
- 0d:5f:48:1d:0f:a2:42:84:12:13:c2:00:a9:d9:e6:ec:4e:80:
- cb:4d:e0:fb:7e:b8:c0:2a:92:e9:11:01:72:25:3f:9f:7d:81:
- 76:5e:94:e3:47:2b:39:c3:a0:ba:ba:97:74:4c:a5:49:fa:bf:
- 85:29:36:32:d5:4b:fc:60:1c:73:70:7f:49:e2:5b:74:a4:ec:
- 7f:b5:e9:3e:1f:db:b8:b0:80:f4:c7:cf:cf:5f:18:b4:66:9e:
- 02:3b:88:40:9b:b1:e4:10:2d:77:f2:b0:02:07:5b:bc:e7:38:
- 7b:98:55:16:d8:8e:c4:b1:49:0a:eb:99:f8:fb:c4:e9:b5:75:
- 2e:9c:ec:f5:ad:ec:e4:41:f3:7c:b5:fc:51:6e:6d:46:61:6d:
- 09:d8:a9:08:dd:84:e5:ef:c5:a5:b8:65:60:71:d6:b4:c0:eb:
- f0:e4:60:bf:9b:d9:80:bb:52:c3:1b:d8:27:6e:d5:eb:ab:9c:
- a2:71:d9:af:dc:71:55:d7:be:93:6c:c6:5f:79:5d:72:1b:68:
- b2:15:67:bb:41:28:07:41:12:7c:b1:74:30:1d:60:b0:5a:25:
- 47:4e:0c:5a:14:49:99:9c:0d:92:74:a3:c8:b9:0c:8b:e0:0a:
- d7:a1:0d:35
+ af:7a:bb:f0:b6:1e:12:8a:60:ec:c8:91:34:a3:d3:80:92:f3:
+ bc:c7:37:e9:96:75:a8:67:a0:94:b9:2a:df:81:02:23:28:6a:
+ 72:de:81:03:33:88:1b:60:75:16:77:dc:72:40:3e:d9:d8:ab:
+ 6f:3e:99:7a:7c:db:37:13:40:b6:4d:82:47:7c:75:7a:6f:9d:
+ ca:89:54:8c:17:15:9a:80:9a:7c:b5:e3:4b:7e:74:fd:2f:28:
+ 98:79:f5:56:96:d6:5c:9c:b4:94:62:32:d2:31:1b:53:5c:71:
+ be:45:37:69:9f:e4:07:87:fa:d7:a7:63:bc:5c:8a:5c:71:9c:
+ 31:25:d8:93:ae:cf:db:98:50:e5:52:58:de:44:f7:4f:7e:4a:
+ a9:9c:ac:0a:84:03:ba:c4:46:e4:83:00:e6:dd:a5:33:43:e9:
+ 5d:ea:fc:89:85:10:57:d0:0e:5e:43:13:72:60:ec:bb:5c:e9:
+ c3:ca:52:2d:06:e6:5b:d5:fd:e9:30:e0:da:80:78:b2:a1:a7:
+ 84:ed:c0:e4:f9:f7:6d:94:a5:aa:6b:84:b1:7e:85:45:12:4c:
+ 8d:52:91:5d:d1:e6:d7:32:0a:97:22:59:80:db:9d:de:68:90:
+ bd:a7:d0:9c:11:60:86:8c:89:8a:e1:19:75:09:e8:78:bb:23:
+ 47:68:23:3c
-----BEGIN CERTIFICATE-----
-MIIDnjCCAoagAwIBAgIUVqoL8Nj9D0pM4JmF/sGbdST7AbYwDQYJKoZIhvcNAQEL
+MIIDnjCCAoagAwIBAgIUMjH81kp3KzvJBwKutOe306RhViswDQYJKoZIhvcNAQEL
BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUw
-WhcNMjUwOTExMjExNzUwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5
+WhcNMjYwOTA4MjIxOTI5WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV
BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG
@@ -66,10 +66,10 @@ C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM
vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3
uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC
AwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IB
-AQAQbXbzjpNjDUQI4ikjy3Y4zSkNX0gdD6JChBITwgCp2ebsToDLTeD7frjAKpLp
-EQFyJT+ffYF2XpTjRys5w6C6upd0TKVJ+r+FKTYy1Uv8YBxzcH9J4lt0pOx/tek+
-H9u4sID0x8/PXxi0Zp4CO4hAm7HkEC138rACB1u85zh7mFUW2I7EsUkK65n4+8Tp
-tXUunOz1rezkQfN8tfxRbm1GYW0J2KkI3YTl78WluGVgcda0wOvw5GC/m9mAu1LD
-G9gnbtXrq5yicdmv3HFV176TbMZfeV1yG2iyFWe7QSgHQRJ8sXQwHWCwWiVHTgxa
-FEmZnA2SdKPIuQyL4ArXoQ01
+AQCvervwth4SimDsyJE0o9OAkvO8xzfplnWoZ6CUuSrfgQIjKGpy3oEDM4gbYHUW
+d9xyQD7Z2KtvPpl6fNs3E0C2TYJHfHV6b53KiVSMFxWagJp8teNLfnT9LyiYefVW
+ltZcnLSUYjLSMRtTXHG+RTdpn+QHh/rXp2O8XIpccZwxJdiTrs/bmFDlUljeRPdP
+fkqpnKwKhAO6xEbkgwDm3aUzQ+ld6vyJhRBX0A5eQxNyYOy7XOnDylItBuZb1f3p
+MODagHiyoaeE7cDk+fdtlKWqa4SxfoVFEkyNUpFd0ebXMgqXIlmA253eaJC9p9Cc
+EWCGjImK4Rl1Ceh4uyNHaCM8
-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/x942dh2048.der b/extra/wolfssl/wolfssl/certs/x942dh2048.der
new file mode 100644
index 00000000..f00c443a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/x942dh2048.der
Binary files differ
diff --git a/extra/wolfssl/wolfssl/cmake/README.md b/extra/wolfssl/wolfssl/cmake/README.md
new file mode 100644
index 00000000..f3d9a526
--- /dev/null
+++ b/extra/wolfssl/wolfssl/cmake/README.md
@@ -0,0 +1,7 @@
+# wolfSSL CMake
+
+This directory contains some supplementary functions for the [CMakeLists.txt](../CMakeLists.txt) in the root.
+
+See also cmake notes in the [INSTALL](../INSTALL) documentation file.
+
+
diff --git a/extra/wolfssl/wolfssl/cmake/functions.cmake b/extra/wolfssl/wolfssl/cmake/functions.cmake
index 87839d1b..6b5b9a7f 100644
--- a/extra/wolfssl/wolfssl/cmake/functions.cmake
+++ b/extra/wolfssl/wolfssl/cmake/functions.cmake
@@ -53,7 +53,7 @@ function(generate_build_flags)
if(WOLFSSL_SCTP OR WOLFSSL_USER_SETTINGS)
set(BUILD_SCTP "yes" PARENT_SCOPE)
endif()
- if(WOLFSSL_DTLS_CID OR WOLFSSL_USER_SETTINGS)
+ if(WOLFSSL_DTLS_CID OR WOLFSSL_USER_SETTINGS OR WOLFSSL_DTLS)
set(BUILD_DTLS_COMMON "yes" PARENT_SCOPE)
endif()
set(BUILD_MCAST ${WOLFSSL_MCAST} PARENT_SCOPE)
@@ -195,6 +195,14 @@ function(generate_build_flags)
endif()
if(WOLFSSL_OQS OR WOLFSSL_USER_SETTINGS)
set(BUILD_FALCON "yes" PARENT_SCOPE)
+ set(BUILD_SPHINCS "yes" PARENT_SCOPE)
+ set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
+ set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
+ endif()
+ if(WOLFSSL_ARIA OR WOLFSSL_USER_SETTINGS)
+ message(STATUS "ARIA functions.cmake found WOLFSSL_ARIA")
+ # we cannot actually build, as we only have pre-compiled bin
+ set(BUILD_ARIA "yes" PARENT_SCOPE)
endif()
set(BUILD_INLINE ${WOLFSSL_INLINE} PARENT_SCOPE)
if(WOLFSSL_OCSP OR WOLFSSL_USER_SETTINGS)
@@ -208,6 +216,7 @@ function(generate_build_flags)
if(WOLFSSL_CRL_MONITOR)
set(BUILD_CRL_MONITOR "yes" PARENT_SCOPE)
endif()
+ set(BUILD_QUIC ${WOLFSSL_QUIC} PARENT_SCOPE)
set(BUILD_USER_RSA ${WOLFSSL_USER_RSA} PARENT_SCOPE)
set(BUILD_USER_CRYPTO ${WOLFSSL_USER_CRYPTO} PARENT_SCOPE)
set(BUILD_WNR ${WOLFSSL_WNR} PARENT_SCOPE)
@@ -304,6 +313,9 @@ function(generate_build_flags)
if(WOLFSSL_CAAM)
set(BUILD_CAAM "yes" PARENT_SCOPE)
endif()
+ if(WOLFSSL_HPKE OR WOLFSSL_USER_SETTINGS)
+ set(BUILD_HPKE "yes" PARENT_SCOPE)
+ endif()
set(BUILD_FLAGS_GENERATED "yes" PARENT_SCOPE)
endfunction()
@@ -315,43 +327,6 @@ function(generate_lib_src_list LIB_SOURCES)
# Corresponds to src/include.am
if(BUILD_FIPS)
- if(BUILD_FIPS_V1)
- # fips first file
- list(APPEND LIB_SOURCES ctaocrypt/src/wolfcrypt_first.c)
-
- list(APPEND LIB_SOURCES
- ctaocrypt/src/hmac.c
- ctaocrypt/src/random.c
- ctaocrypt/src/sha256.c)
-
- if(BUILD_RSA)
- list(APPEND LIB_SOURCES ctaocrypt/src/rsa.c)
- endif()
-
- if(BUILD_AES)
- list(APPEND LIB_SOURCES ctaocrypt/src/aes.c)
- endif()
-
- if(BUILD_DES3)
- list(APPEND LIB_SOURCES ctaocrypt/src/des3.c)
- endif()
-
- if(BUILD_SHA)
- list(APPEND LIB_SOURCES ctaocrypt/src/sha.c)
- endif()
-
- if(BUILD_SHA512)
- list(APPEND LIB_SOURCES ctaocrypt/src/sha512.c)
- endif()
-
- list(APPEND LIB_SOURCES
- ctaocrypt/src/fips.c
- ctaocrypt/src/fips_test.c)
-
- # fips last file
- list(APPEND LIB_SOURCES ctaocrypt/src/wolfcrypt_last.c)
- endif()
-
if(BUILD_FIPS_V2)
# FIPSv2 first file
list(APPEND LIB_SOURCES wolfcrypt/src/wolfcrypt_first.c)
@@ -612,12 +587,17 @@ function(generate_lib_src_list LIB_SOURCES)
wolfcrypt/src/wc_port.c
wolfcrypt/src/error.c)
+ if(BUILD_ARIA)
+ list(APPEND LIB_SOURCES
+ wolfcrypt/src/port/aria/aria-crypt.c
+ wolfcrypt/src/port/aria/aria-cryptocb.c)
+ endif()
if(NOT BUILD_FIPS_RAND)
- list(APPEND LIB_SOURCES
- wolfcrypt/src/wc_encrypt.c
- wolfcrypt/src/signature.c
- wolfcrypt/src/wolfmath.c)
+ list(APPEND LIB_SOURCES
+ wolfcrypt/src/wc_encrypt.c
+ wolfcrypt/src/signature.c
+ wolfcrypt/src/wolfmath.c)
endif()
if(BUILD_MEMORY)
@@ -801,6 +781,18 @@ function(generate_lib_src_list LIB_SOURCES)
list(APPEND LIB_SOURCES wolfcrypt/src/falcon.c)
endif()
+ if(BUILD_SPHINCS)
+ list(APPEND LIB_SOURCES wolfcrypt/src/sphincs.c)
+ endif()
+
+ if(BUILD_DILITHIUM)
+ list(APPEND LIB_SOURCES wolfcrypt/src/dilithium.c)
+ endif()
+
+ if(BUILD_EXT_KYBER)
+ list(APPEND LIB_SOURCES wolfcrypt/src/ext_kyber.c)
+ endif()
+
if(BUILD_LIBZ)
list(APPEND LIB_SOURCES wolfcrypt/src/compress.c)
endif()
@@ -854,7 +846,11 @@ function(generate_lib_src_list LIB_SOURCES)
if(BUILD_DTLS_COMMON)
list(APPEND LIB_SOURCES src/dtls.c)
endif()
- endif()
+
+ if(BUILD_QUIC)
+ list(APPEND LIB_SOURCES src/quic.c)
+ endif()
+ endif()
endif()
# Corresponds to wolfcrypt/src/include.am
@@ -910,6 +906,10 @@ function(generate_lib_src_list LIB_SOURCES)
wolfcrypt/src/port/caam/wolfcaam_hmac.c)
endif()
+ if(BUILD_HPKE)
+ list(APPEND LIB_SOURCES wolfcrypt/src/hpke.c)
+ endif()
+
set(LIB_SOURCES ${LIB_SOURCES} PARENT_SCOPE)
endfunction()
diff --git a/extra/wolfssl/wolfssl/cmake/include.am b/extra/wolfssl/wolfssl/cmake/include.am
index 52ecdd0e..f1af70fc 100644
--- a/extra/wolfssl/wolfssl/cmake/include.am
+++ b/extra/wolfssl/wolfssl/cmake/include.am
@@ -1,4 +1,6 @@
+EXTRA_DIST += cmake/README.md
EXTRA_DIST += cmake/Config.cmake.in
EXTRA_DIST += cmake/config.in
EXTRA_DIST += cmake/functions.cmake
+EXTRA_DIST += cmake/modules/FindARIA.cmake
EXTRA_DIST += cmake/modules/FindOQS.cmake
diff --git a/extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake b/extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake
new file mode 100644
index 00000000..8348f4d1
--- /dev/null
+++ b/extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake
@@ -0,0 +1,108 @@
+# Filename: FindARIA.cmake
+#
+# Usage:
+# find_package(ARIA [REQUIRED] [QUIET])
+#
+# Once complete this will define:
+# ARIA_FOUND - system has ARIA MagicCrypto
+# ARIA_INCLUDE_DIR - the include directory containing ARIA
+# ARIA_LIBRARY - the path to the libARIA library
+# ARIA_IS_LOCAL - optionally indicate the MagicCrypto is found locally in ./MagicCrypto
+
+set(ARIA_INCLUDE_DIR)
+set(ARIA_LIB_FILE)
+set(ARIA_IS_LOCAL)
+
+# when debugging cmake, ARIA_DIR environment variable can be manually set here:
+# set(ENV{ARIA_DIR} "~/MagicCrypto")
+# set(ENV{ARIA_DIR} "/mnt/c/workspace/MagicCrypto")
+# set(ENV{ARIA_DIR} "c:\\workspace\\MagicCrypto")
+
+# Make sure we have a ARIA_DIR environment variable with the path to MagicCrypto
+if ("$ENV{ARIA_DIR}" STREQUAL "")
+ message(STATUS "The ARIA_DIR environment variable is not defined. Looking for headers in wolfssl/MagicCrypto")
+ if (EXISTS "${WOLFSSL_ROOT}/MagicCrypto/")
+ set(ARIA_INCLUDE_DIR "${WOLFSSL_ROOT}/MagicCrypto/include")
+ message(STATUS "Found ARIA in local MagicCrypto directory ${ARIA_INCLUDE_DIR}")
+ set(ARIA_IS_LOCAL 1)
+ else()
+ message(ERROR "ERROR: FindARIA.cmake missing ARIA_DIR value")
+ message(STATUS "Please set ARIA_DIR environment variable path to your MagicCrypto or copy to wolfssl/MagicCrypto")
+ endif()
+else()
+ # If an environment variable is defined, the library CANNOT be in the local wolfssl directory.
+ # See CMake documentation for target_include_directories()
+ set(ARIA_IS_LOCAL)
+ set(ARIA_INCLUDE_DIR "$ENV{ARIA_DIR}/include")
+ message(STATUS "FindARIA.cmake found ARIA_INCLUDE_DIR = $ENV{ARIA_DIR}")
+
+ message(STATUS "Checking environment location: ${ARIA_INCLUDE_DIR} and wolfSSL: ${WOLFSSL_ROOT}")
+ get_filename_component(dir1 "${ARIA_INCLUDE_DIR}" REALPATH)
+ get_filename_component(dir2 "${WOLFSSL_ROOT}/MagicCrypto/include" REALPATH)
+ message(STATUS "Found location dir: ${dir1} and ${dir2}")
+ if("${dir1}" STREQUAL "${dir2}")
+ message(STATUS "${ARIA_INCLUDE_DIR} exists within ${WOLFSSL_ROOT}.")
+ message(STATUS "Setting ARIA_IS_LOCAL flag and using wolfSSL path.")
+ set(ARIA_IS_LOCAL 1)
+ set(ARIA_INCLUDE_DIR "${WOLFSSL_ROOT}/MagicCrypto/include")
+ else()
+ if(EXISTS "${ARIA_INCLUDE_DIR}")
+ message(STATUS "Confirmed directory exists: ${ARIA_INCLUDE_DIR}")
+ else()
+ message(FATAL_ERROR "Directory not found: ${ARIA_INCLUDE_DIR}")
+ endif()
+
+ message(STATUS "Confirmed ${ARIA_INCLUDE_DIR} is not in local wolfSSL root.")
+ endif()
+endif()
+
+# Check that the appropriate files exist
+find_path(ARIA_INCLUDE_DIR NAMES "mcapi.h" )
+
+if (NOT EXISTS "${ARIA_INCLUDE_DIR}/mcapi.h")
+ message(FATAL_ERROR "File does not exist at ${ARIA_INCLUDE_DIR}/mcapi.h")
+endif()
+
+if(NOT EXISTS "${ARIA_INCLUDE_DIR}/mcapi_error.h")
+ message(FATAL_ERROR "File does not exist at ${ARIA_INCLUDE_DIR}/mcapi_error.h")
+endif()
+
+if(NOT EXISTS "${ARIA_INCLUDE_DIR}/mcapi_type.h")
+ message(FATAL_ERROR "File does not exist at $ARIA_INCLUDE_DIR/mcapi_type.h")
+endif()
+
+if(EXISTS "$ENV{ARIA_DIR}/lib/libMagicCrypto.so")
+ # Found ARIA binary via environment variable
+ set(ARIA_LIBRARY "MagicCrypto")
+ set(ARIA_LIB_FILE "$ENV{ARIA_DIR}/lib/libMagicCrypto.so")
+ message(STATUS "ARIA Check: found libMagicCrypto.so via environment variable.")
+ message(STATUS "Using ${ARIA_LIB_FILE}")
+else()
+ # Did not find ARIA binary via environment variable, so let's look in the current wolfssl directory
+ if(EXISTS "${WOLFSSL_ROOT}/MagicCrypto/lib/libMagicCrypto.so")
+ # Found in the root of wolfssl, in ./MagicCrypto/lib
+ set(ARIA_LIBRARY "MagicCrypto")
+ set(ARIA_LIB_FILE "${WOLFSSL_ROOT}/MagicCrypto/lib/libMagicCrypto.so")
+ message(STATUS "ARIA Check: found libMagicCrypto.so via WOLFSSL_ROOT")
+ message(STATUS "Using ${ARIA_LIB_FILE}")
+ else()
+ # Could not find binary. Give up.
+ message(ERROR "ARIA Check: could not find libMagicCrypto.so via WOLFSSL_ROOT\n"
+ "Looked for ${WOLFSSL_ROOT}/MagicCrypto/lib/libMagicCrypto.so")
+ endif()
+endif()
+
+mark_as_advanced(ARIA_INCLUDE_DIR ARIA_LIBRARY)
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(ARIA DEFAULT_MSG ARIA_INCLUDE_DIR ARIA_LIBRARY)
+
+# Some additional optional debugging messages, set to (1) to enable
+if(0)
+ message(STATUS "")
+ message(STATUS "ARIA Check: FindARIA.cmake")
+ message(STATUS "ARIA Check: ARIA_INCLUDE_DIR: ${ARIA_INCLUDE_DIR}")
+ message(STATUS "ARIA Check: ARIA_LIBRARY: ${ARIA_LIBRARY}")
+ message(STATUS "ARIA Check: ARIA_FOUND: ${ARIA_FOUND}")
+ message(STATUS "ARIA Check: CMAKE_CURRENT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}")
+endif()
diff --git a/extra/wolfssl/wolfssl/configure.ac b/extra/wolfssl/wolfssl/configure.ac
index 26e7a754..0e2d0706 100644
--- a/extra/wolfssl/wolfssl/configure.ac
+++ b/extra/wolfssl/wolfssl/configure.ac
@@ -1,13 +1,13 @@
# configure.ac
#
-# Copyright (C) 2006-2021 wolfSSL Inc.
+# Copyright (C) 2006-2023 wolfSSL Inc.
#
# This file is part of wolfSSL. (formerly known as CyaSSL)
#
#
-AC_COPYRIGHT([Copyright (C) 2006-2020 wolfSSL Inc.])
+AC_COPYRIGHT([Copyright (C) 2006-2023 wolfSSL Inc.])
AC_PREREQ([2.69])
-AC_INIT([wolfssl],[5.6.3],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
+AC_INIT([wolfssl],[5.6.6],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
AC_CONFIG_AUX_DIR([build-aux])
# The following sets CFLAGS to empty if unset on command line. We do not
@@ -46,10 +46,10 @@ AC_SUBST([WOLFSSL_CONFIG_ARGS])
# shared library versioning
# The three numbers in the libwolfssl.so.*.*.* file name. Unfortunately
# these numbers don't always line up nicely with the library version.
-WOLFSSL_LIBRARY_VERSION_FIRST=35
-WOLFSSL_LIBRARY_VERSION_SECOND=5
-WOLFSSL_LIBRARY_VERSION_THIRD=1
-WOLFSSL_LIBRARY_VERSION=40:1:5
+WOLFSSL_LIBRARY_VERSION_FIRST=42
+WOLFSSL_LIBRARY_VERSION_SECOND=0
+WOLFSSL_LIBRARY_VERSION_THIRD=0
+WOLFSSL_LIBRARY_VERSION=42:0:0
# | | |
# +------+ | +---+
# | | |
@@ -71,6 +71,9 @@ AS_IF([ test -n "$CFLAG_VISIBILITY" ], [
AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY"
])
+WOLFSSL_BUILD_DATE=$(date -R)
+AC_SUBST([WOLFSSL_BUILD_DATE])
+
# Moved these size of and type checks before the library checks.
# The library checks add the library to subsequent test compiles
@@ -184,7 +187,6 @@ AS_IF([test "$ax_enable_debug" = "yes"],
[AM_CCASFLAGS="$DEBUG_CFLAGS $AM_CCASFLAGS"],
[AM_CCASFLAGS="$AM_CCASFLAGS -DNDEBUG"])
-
# Start without certificates enabled and enable if a certificate algorithm is
# enabled
ENABLED_CERTS="no"
@@ -346,7 +348,6 @@ AS_CASE([$ENABLED_WOLFENGINE],
AS_CASE([$ENABLED_FIPS],
[no],[
FIPS_VERSION="none"
- ENABLED_FIPS="no"
],
[disabled],[
FIPS_VERSION="disabled"
@@ -419,16 +420,11 @@ fi
AS_CASE([$FIPS_VERSION],
[none],
[
- AS_IF([ test -s $srcdir/wolfcrypt/src/fips.c -o -s $srcdir/ctaocrypt/src/fips.c ],
+ AS_IF([ test -s $srcdir/wolfcrypt/src/fips.c ],
[AC_MSG_ERROR([FIPS source tree is incompatible with non-FIPS build (requires --enable-fips)])])
],
[disabled],
[],
- [v1],
- [
- AS_IF([ ! test -s $srcdir/ctaocrypt/src/fips.c],
- [AC_MSG_ERROR([non-FIPS-v1 source tree is incompatible with --enable-fips=$enableval])])
- ],
[
AS_IF([ ! test -s $srcdir/wolfcrypt/src/fips.c],
[AC_MSG_ERROR([non-FIPS source tree is incompatible with --enable-fips=$enableval])])
@@ -509,6 +505,9 @@ AC_SUBST([ENABLED_LINUXKM_BENCHMARKS])
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWOLFSSL_TEST_SUBROUTINE=static"
+ if test "$ENABLED_LINUXKM_PIE" = "yes"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
+ fi
if test "$ENABLED_FIPS" = "no"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_OLD_PRIME_CHECK"
fi
@@ -663,7 +662,7 @@ fi
# if sp-math-all is not set, then enable fast math
if test "x$ENABLED_FASTMATH" = "xyes" && test "$enable_sp_math_all" = "" && test "$enable_sp_math" = ""
then
- # turn off fastmth if leanpsk on or asn off (w/o DH and ECC)
+ # turn off fastmath if leanpsk on or asn off (w/o DH and ECC)
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
then
if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no" && test "$ENABLED_RSA" = "no"
@@ -721,9 +720,9 @@ then
# this set is also enabled by enable-all-crypto:
test "$enable_atomicuser" = "" && enable_atomicuser=yes
test "$enable_aesgcm" = "" && enable_aesgcm=yes
- test "$enable_aesgcm_stream" = "" && enable_aesgcm_stream=yes
test "$enable_aesccm" = "" && enable_aesccm=yes
test "$enable_aesctr" = "" && enable_aesctr=yes
+ test "$enable_aeseax" = "" && enable_aeseax=yes
test "$enable_aesofb" = "" && enable_aesofb=yes
test "$enable_aescfb" = "" && enable_aescfb=yes
test "$enable_aescbc_length_checks" = "" && enable_aescbc_length_checks=yes
@@ -741,22 +740,22 @@ then
test "$enable_hkdf" = "" && enable_hkdf=yes
test "$enable_curve25519" = "" && enable_curve25519=yes
test "$enable_curve448" = "" && enable_curve448=yes
- test "$enable_fpecc" = "" && enable_fpecc=yes
- test "$enable_eccencrypt" = "" && enable_eccencrypt=yes
+ test "$enable_fpecc" = "" && test "$enable_ecc" != "no" && enable_fpecc=yes
+ test "$enable_eccencrypt" = "" && test "$enable_ecc" != "no" && enable_eccencrypt=yes
test "$enable_psk" = "" && enable_psk=yes
test "$enable_cmac" = "" && enable_cmac=yes
test "$enable_siphash" = "" && enable_siphash=yes
test "$enable_xts" = "" && enable_xts=yes
test "$enable_ocsp" = "" && enable_ocsp=yes
- test "$enable_ocspstapling" = "" && enable_ocspstapling=yes
- test "$enable_ocspstapling2" = "" && enable_ocspstapling2=yes
+ test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
+ test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
test "$enable_crl" = "" && enable_crl=yes
test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
test "$enable_tlsx" = "" && enable_tlsx=yes
test "$enable_pwdbased" = "" && enable_pwdbased=yes
test "$enable_aeskeywrap" = "" && enable_aeskeywrap=yes
test "$enable_x963kdf" = "" && enable_x963kdf=yes
- test "$enable_scrypt" = "" && enable_scrypt=yes
+ test "$enable_scrypt" = "" && test "$enable_hmac" != "no" && enable_scrypt=yes
test "$enable_indef" = "" && enable_indef=yes
test "$enable_enckeys" = "" && enable_enckeys=yes
test "$enable_hashflags" = "" && enable_hashflags=yes
@@ -765,21 +764,19 @@ then
test "$enable_base16" = "" && enable_base16=yes
test "$enable_arc4" = "" && enable_arc4=yes
test "$enable_des3" = "" && enable_des3=yes
- test "$enable_nullcipher" = "" && enable_nullcipher=yes
test "$enable_blake2" = "" && enable_blake2=yes
test "$enable_blake2s" = "" && enable_blake2s=yes
test "$enable_md2" = "" && enable_md2=yes
test "$enable_md4" = "" && enable_md4=yes
test "$enable_cryptocb" = "" && enable_cryptocb=yes
test "$enable_anon" = "" && enable_anon=yes
- test "$enable_ssh" = "" && enable_ssh=yes
+ test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
test "$enable_savesession" = "" && enable_savesession=yes
test "$enable_savecert" = "" && enable_savecert=yes
test "$enable_postauth" = "" && enable_postauth=yes
test "$enable_hrrcookie" = "" && enable_hrrcookie=yes
test "$enable_fallback_scsv" = "" && enable_fallback_scsv=yes
- test "$enable_mcast" = "" && enable_mcast=yes
test "$enable_webserver" = "" && enable_webserver=yes
test "$enable_crl_monitor" = "" && enable_crl_monitor=yes
test "$enable_sni" = "" && enable_sni=yes
@@ -799,14 +796,16 @@ then
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
+ test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
test "$enable_compkey" = "" && enable_compkey=yes
+ test "$enable_quic" = "" && test "$enable_cryptonly" != "yes" && enable_quic=yes
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT"
fi
# sp-math is incompatible with opensslextra, ECC custom curves, and DSA.
if test "$ENABLED_SP_MATH" = "no"
then
- test "$enable_dsa" = "" && enable_dsa=yes
+ test "$enable_dsa" = "" && test "$enable_sha" != "no" && enable_dsa=yes
test "$enable_ecccustcurves" = "" && enable_ecccustcurves=yes
test "$enable_brainpool" = "" && enable_brainpool=yes
test "$enable_srp" = "" && enable_srp=yes
@@ -837,15 +836,17 @@ then
if test "$ENABLED_FIPS" = "no"
then
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
- test "$enable_xchacha" = "" && enable_xchacha=yes
+ test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes
test "$enable_scep" = "" && enable_scep=yes
test "$enable_pkcs7" = "" && enable_pkcs7=yes
+ test "$enable_nullcipher" = "" && enable_nullcipher=yes
+ test "$enable_mcast" = "" && enable_mcast=yes
if test "$ENABLED_32BIT" != "yes"
then
test "$enable_ed25519" = "" && enable_ed25519=yes
- test "$enable_ed25519_stream" = "" && enable_ed25519_stream=yes
+ test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
test "$enable_ed448" = "" && enable_ed448=yes
- test "$enable_ed448_stream" = "" && enable_ed448_stream=yes
+ test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
fi
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
@@ -855,8 +856,8 @@ then
test "$enable_curl" = "" && enable_curl=yes
test "$enable_tcpdump" = "" && enable_tcpdump=yes
- test "$enable_eccsi" = "" && enable_eccsi=yes
- test "$enable_sakke" = "" && enable_sakke=yes
+ test "$enable_eccsi" = "" && test "$enable_ecc" != "no" && enable_eccsi=yes
+ test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
fi
fi
@@ -907,9 +908,9 @@ if test "$ENABLED_ALL_CRYPT" = "yes"
then
test "$enable_atomicuser" = "" && enable_atomicuser=yes
test "$enable_aesgcm" = "" && enable_aesgcm=yes
- test "$enable_aesgcm_stream" = "" && enable_aesgcm_stream=yes
test "$enable_aesccm" = "" && enable_aesccm=yes
test "$enable_aesctr" = "" && enable_aesctr=yes
+ test "$enable_aeseax" = "" && enable_aeseax=yes
test "$enable_aesofb" = "" && enable_aesofb=yes
test "$enable_aescfb" = "" && enable_aescfb=yes
test "$enable_aescbc_length_checks" = "" && enable_aescbc_length_checks=yes
@@ -927,22 +928,22 @@ then
test "$enable_hkdf" = "" && enable_hkdf=yes
test "$enable_curve25519" = "" && enable_curve25519=yes
test "$enable_curve448" = "" && enable_curve448=yes
- test "$enable_fpecc" = "" && enable_fpecc=yes
- test "$enable_eccencrypt" = "" && enable_eccencrypt=yes
+ test "$enable_fpecc" = "" && test "$enable_ecc" != "no" && enable_fpecc=yes
+ test "$enable_eccencrypt" = "" && test "$enable_ecc" != "no" && enable_eccencrypt=yes
test "$enable_psk" = "" && enable_psk=yes
test "$enable_cmac" = "" && enable_cmac=yes
test "$enable_siphash" = "" && enable_siphash=yes
test "$enable_xts" = "" && enable_xts=yes
test "$enable_ocsp" = "" && enable_ocsp=yes
- test "$enable_ocspstapling" = "" && enable_ocspstapling=yes
- test "$enable_ocspstapling2" = "" && enable_ocspstapling2=yes
+ test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
+ test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
test "$enable_crl" = "" && enable_crl=yes
test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
test "$enable_tlsx" = "" && enable_tlsx=yes
test "$enable_pwdbased" = "" && enable_pwdbased=yes
test "$enable_aeskeywrap" = "" && enable_aeskeywrap=yes
test "$enable_x963kdf" = "" && enable_x963kdf=yes
- test "$enable_scrypt" = "" && enable_scrypt=yes
+ test "$enable_scrypt" = "" && test "$enable_hmac" != "no" && enable_scrypt=yes
test "$enable_indef" = "" && enable_indef=yes
test "$enable_enckeys" = "" && enable_enckeys=yes
test "$enable_hashflags" = "" && enable_hashflags=yes
@@ -951,14 +952,13 @@ then
test "$enable_base16" = "" && enable_base16=yes
test "$enable_arc4" = "" && enable_arc4=yes
test "$enable_des3" = "" && enable_des3=yes
- test "$enable_nullcipher" = "" && enable_nullcipher=yes
test "$enable_blake2" = "" && enable_blake2=yes
test "$enable_blake2s" = "" && enable_blake2s=yes
test "$enable_md2" = "" && enable_md2=yes
test "$enable_md4" = "" && enable_md4=yes
test "$enable_cryptocb" = "" && enable_cryptocb=yes
test "$enable_anon" = "" && enable_anon=yes
- test "$enable_ssh" = "" && enable_ssh=yes
+ test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
if test "$ENABLED_32BIT" != "yes"
then
@@ -968,12 +968,13 @@ then
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
+ test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
test "$enable_compkey" = "" && enable_compkey=yes
fi
if test "$ENABLED_SP_MATH" = "no"
then
- test "$enable_dsa" = "" && enable_dsa=yes
+ test "$enable_dsa" = "" && test "$enable_sha" != "no" && enable_dsa=yes
test "$enable_ecccustcurves" = "" && enable_ecccustcurves=yes
test "$enable_brainpool" = "" && enable_brainpool=yes
test "$enable_srp" = "" && enable_srp=yes
@@ -982,20 +983,21 @@ then
if test "$ENABLED_FIPS" = "no"
then
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
- test "$enable_xchacha" = "" && enable_xchacha=yes
+ test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes
test "$enable_pkcs7" = "" && enable_pkcs7=yes
+ test "$enable_nullcipher" = "" && enable_nullcipher=yes
if test "$ENABLED_32BIT" != "yes"
then
test "$enable_ed25519" = "" && enable_ed25519=yes
- test "$enable_ed25519_stream" = "" && enable_ed25519_stream=yes
+ test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
test "$enable_ed448" = "" && enable_ed448=yes
- test "$enable_ed448_stream" = "" && enable_ed448_stream=yes
+ test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
fi
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
then
- test "$enable_eccsi" = "" && enable_eccsi=yes
- test "$enable_sakke" = "" && enable_sakke=yes
+ test "$enable_eccsi" = "" && test "$enable_ecc" != "no" && enable_eccsi=yes
+ test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
fi
fi
@@ -1142,6 +1144,210 @@ then
fi
+# XMSS
+AC_ARG_ENABLE([xmss],
+ [AS_HELP_STRING([--enable-xmss],[Enable stateful XMSS/XMSS^MT signatures (default: disabled)])],
+ [ ENABLED_XMSS=$enableval ],
+ [ ENABLED_XMSS=no ]
+ )
+
+ENABLED_WC_XMSS=no
+for v in `echo $ENABLED_XMSS | tr "," " "`
+do
+ case $v in
+ yes)
+ ;;
+ no)
+ ;;
+ verify-only)
+ XMSS_VERIFY_ONLY=yes
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_XMSS_VERIFY_ONLY -DXMSS_VERIFY_ONLY"
+ ;;
+ wolfssl)
+ ENABLED_WC_XMSS=yes
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_XMSS"
+ ;;
+ *)
+ AC_MSG_ERROR([Invalid choice for XMSS []: $ENABLED_XMSS.])
+ break;;
+ esac
+done
+
+if test "$ENABLED_XMSS" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_XMSS"
+
+ if test "$ENABLED_WC_XMSS" = "no";
+ then
+ # Default is to use hash-sigs XMSS lib. Make sure it's enabled.
+ if test "$ENABLED_LIBXMSS" = "no"; then
+ AC_MSG_ERROR([The default implementation for XMSS is the xmss-reference lib.
+ Please use --with-libxmss.])
+ fi
+ fi
+fi
+
+# libxmss
+# Get the path to xmss-reference.
+ENABLED_LIBXMSS="no"
+trylibxmssdir=""
+AC_ARG_WITH([libxmss],
+ [AS_HELP_STRING([--with-libxmss=PATH],[PATH to xmss-reference root dir. EXPERIMENTAL!])],
+ [
+ AC_MSG_CHECKING([for libxmss])
+
+ trylibxmssdir=$withval
+
+ if test -e $trylibxmssdir; then
+ libxmss_linked=yes
+ else
+ AC_MSG_ERROR([libxmss isn't found.
+ If it's already installed, specify its path using --with-libxmss=/dir/])
+ fi
+ if test "$XMSS_VERIFY_ONLY" = "yes"; then
+ if test -e $trylibxmssdir/xmss_verify_lib.a; then
+ CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBXMSS -I$trylibxmssdir"
+ LIB_STATIC_ADD="$LIB_STATIC_ADD $trylibxmssdir/xmss_verify_lib.a"
+ enable_shared=no
+ enable_static=yes
+ libxmss_linked=yes
+ else
+ AC_MSG_ERROR([xmss_verify_lib.a isn't found.
+ If it's already installed, specify its path using --with-libxmss=/dir/])
+ fi
+ elif test -e $trylibxmssdir/xmss_lib.a; then
+ CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBXMSS -I$trylibxmssdir"
+ LIB_STATIC_ADD="$LIB_STATIC_ADD $trylibxmssdir/xmss_lib.a"
+ enable_shared=no
+ enable_static=yes
+ libxmss_linked=yes
+ else
+ AC_MSG_ERROR([libxmss isn't found.
+ If it's already installed, specify its path using --with-libxmss=/dir/])
+ fi
+
+ XMSS_ROOT=$trylibxmssdir
+
+ AC_MSG_RESULT([yes])
+ AM_CPPFLAGS="$CPPFLAGS"
+
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_LIBXMSS -I$trylibxmssdir"
+ ENABLED_LIBXMSS="yes"
+ AC_SUBST([XMSS_ROOT])
+ ],
+ [XMSS_ROOT=""]
+)
+
+# LMS
+AC_ARG_ENABLE([lms],
+ [AS_HELP_STRING([--enable-lms],[Enable stateful LMS/HSS signatures (default: disabled)])],
+ [ ENABLED_LMS=$enableval ],
+ [ ENABLED_LMS=no ]
+ )
+
+ENABLED_WC_LMS=no
+for v in `echo $ENABLED_LMS | tr "," " "`
+do
+ case $v in
+ yes)
+ ;;
+ no)
+ ;;
+ verify-only)
+ LMS_VERIFY_ONLY=yes
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LMS_VERIFY_ONLY"
+ ;;
+ wolfssl)
+ ENABLED_WC_LMS=yes
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_LMS"
+ ;;
+ *)
+ AC_MSG_ERROR([Invalid choice for LMS []: $ENABLED_LMS.])
+ break;;
+ esac
+done
+
+if test "$ENABLED_LMS" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_LMS"
+
+ if test "$ENABLED_WC_LMS" = "no";
+ then
+ # Default is to use hash-sigs LMS lib. Make sure it's enabled.
+ if test "$ENABLED_LIBLMS" = "no"; then
+ AC_MSG_ERROR([The default implementation for LMS is the hash-sigs LMS/HSS lib.
+ Please use --with-liblms.])
+ fi
+ fi
+fi
+
+# liblms
+# Get the path to the hash-sigs LMS HSS lib.
+ENABLED_LIBLMS="no"
+tryliblmsdir=""
+AC_ARG_WITH([liblms],
+ [AS_HELP_STRING([--with-liblms=PATH],[PATH to hash-sigs LMS/HSS install (default /usr/local) EXPERIMENTAL!])],
+ [
+ AC_MSG_CHECKING([for liblms])
+
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <hss.h>]], [[ param_set_t lm_type; param_set_t lm_ots_type; hss_get_public_key_len(4, &lm_type, &lm_ots_type); ]])], [ liblms_linked=yes ],[ liblms_linked=no ])
+
+ if test "x$liblms_linked" = "xno" ; then
+ if test "x$withval" != "xno" ; then
+ tryliblmsdir=$withval
+ fi
+ if test "x$withval" = "xyes" ; then
+ tryliblmsdir="/usr/local"
+ fi
+
+ # 1. If verify only build, use hss_verify.a
+ # 2. If normal build, by default use single-threaded hss_lib.a
+ # 3. If 2 not found, then use the multi-threaded hss_lib_thread.a
+ if test "$LMS_VERIFY_ONLY" = "yes"; then
+ if test -e $tryliblmsdir/hss_verify.a; then
+ CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+ LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_verify.a"
+ enable_shared=no
+ enable_static=yes
+ liblms_linked=yes
+ else
+ AC_MSG_ERROR([hss_verify.a isn't found.
+ If it's already installed, specify its path using --with-liblms=/dir/])
+ fi
+ elif test -e $tryliblmsdir/hss_lib.a; then
+ CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+ LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_lib.a"
+ enable_shared=no
+ enable_static=yes
+ liblms_linked=yes
+ elif test -e $tryliblmsdir/hss_lib_thread.a; then
+ CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+ LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_lib_thread.a"
+ enable_shared=no
+ enable_static=yes
+ liblms_linked=yes
+ else
+ AC_MSG_ERROR([liblms isn't found.
+ If it's already installed, specify its path using --with-liblms=/dir/])
+ fi
+
+ if test "x$liblms_linked" = "xno" ; then
+ AC_MSG_ERROR([liblms isn't found.
+ If it's already installed, specify its path using --with-liblms=/dir/])
+ fi
+
+ AC_MSG_RESULT([yes])
+ AM_CPPFLAGS="$CPPFLAGS"
+ AM_LDFLAGS="$LDFLAGS"
+ else
+ AC_MSG_RESULT([yes])
+ fi
+
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_LIBLMS"
+ ENABLED_LIBLMS="yes"
+ ]
+)
+
# SINGLE THREADED
AC_ARG_ENABLE([singlethreaded],
[AS_HELP_STRING([--enable-singlethreaded],[Enable wolfSSL single threaded (default: disabled)])],
@@ -1225,6 +1431,18 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_MTU"
fi
+# KeyLog file export
+AC_ARG_ENABLE([keylog-export],
+ [AS_HELP_STRING([--enable-keylog-export],[Enable insecure export of TLS secrets to an NSS keylog file (default: disabled)])],
+ [ ENABLED_KEYLOG_EXPORT=$enableval ],
+ [ ENABLED_KEYLOG_EXPORT=no ]
+ )
+if test "$ENABLED_KEYLOG_EXPORT" = "yes"
+then
+ AC_MSG_WARN([Keylog export enabled -- Sensitive key data will be stored insecurely.])
+ AM_CFLAGS="$AM_CFLAGS -DSHOW_SECRETS -DHAVE_SECRET_CALLBACK -DWOLFSSL_SSLKEYLOGFILE -DWOLFSSL_KEYLOG_EXPORT_WARNED"
+fi
+
# TLS v1.3 Draft 18 (Note: only final TLS v1.3 supported, here for backwards build compatibility)
AC_ARG_ENABLE([tls13-draft18],
[AS_HELP_STRING([--enable-tls13-draft18],[Enable wolfSSL TLS v1.3 Draft 18 (default: disabled)])],
@@ -1258,6 +1476,10 @@ then
then
AC_MSG_ERROR([TLS 1.3 is disabled - necessary for QUIC])
fi
+ if test "$enable_aesgcm" = "no"
+ then
+ AC_MSG_ERROR([AES-GCM is disabled - necessary for QUIC])
+ fi
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_QUIC"
# QUIC proto handlers need app_data at WOLFSSL*
AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
@@ -1378,6 +1600,8 @@ AC_ARG_ENABLE([mcast],
# FFmpeg (--enable-ffmpeg) WOLFSSL_FFMPEG
# strongSwan (--enable-strongswan)
# OpenLDAP (--enable-openldap)
+# hitch (--enable-hitch)
+# memcached (--enable-memcached)
# Bind DNS compatibility Build
AC_ARG_ENABLE([bind],
@@ -1581,6 +1805,20 @@ AC_ARG_ENABLE([strongswan],
[ ENABLED_STRONGSWAN=no ]
)
+# hitch support
+AC_ARG_ENABLE([hitch],
+ [AS_HELP_STRING([--enable-hitch],[Enable hitch support (default: disabled)])],
+ [ ENABLED_HITCH=$enableval ],
+ [ ENABLED_HITCH=no ]
+ )
+
+# memcached support
+AC_ARG_ENABLE([memcached],
+ [AS_HELP_STRING([--enable-memcached],[Enable memcached support (default: disabled)])],
+ [ ENABLED_MEMCACHED=$enableval ],
+ [ ENABLED_MEMCACHED=no ]
+ )
+
# OpenSSL Coexist
AC_ARG_ENABLE([opensslcoexist],
[AS_HELP_STRING([--enable-opensslcoexist],[Enable coexistence of wolfssl/openssl (default: disabled)])],
@@ -1692,7 +1930,7 @@ if test "$ENABLED_LIBWEBSOCKETS" = "yes" || test "$ENABLED_OPENVPN" = "yes" || \
test "$ENABLED_OPENRESTY" = "yes" || test "$ENABLED_RSYSLOG" = "yes" || \
test "$ENABLED_KRB" = "yes" || test "$ENABLED_CHRONY" = "yes" || \
test "$ENABLED_FFMPEG" = "yes" || test "$ENABLED_STRONGSWAN" = "yes" || \
- test "$ENABLED_OPENLDAP" = "yes"
+ test "$ENABLED_OPENLDAP" = "yes" || test "$ENABLED_HITCH" = "yes"
then
ENABLED_OPENSSLALL="yes"
fi
@@ -1719,7 +1957,8 @@ AC_ARG_ENABLE([error-queue-per-thread],
if test "$ENABLED_ERRORQUEUEPERTHREAD" = "check"
then
- AS_IF([test "$thread_ls_on" = "no"],
+ AS_IF([test "$thread_ls_on" = "no" ||
+ test "$ENABLED_SINGLETHREADED" = "yes"],
[ENABLED_ERRORQUEUEPERTHREAD=no],
[ENABLED_ERRORQUEUEPERTHREAD=yes])
fi
@@ -2146,7 +2385,7 @@ AC_ARG_ENABLE([aescbc],
if test "$ENABLED_AESCBC" = "no"
then
AM_CFLAGS="$AM_CFLAGS -DNO_AES_CBC"
- AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AES_CBC"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DNO_AES_CBC"
fi
# AES-CBC length checks (checks that input lengths are multiples of block size)
@@ -2201,6 +2440,18 @@ then
AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESCCM"
fi
+# AES-EAX
+AC_ARG_ENABLE([aeseax],
+ [AS_HELP_STRING([--enable-aeseax],[Enable wolfSSL AES-EAX support (default: disabled)])],
+ [ ENABLED_AESEAX=$enableval ],
+ [ ENABLED_AESEAX=no ]
+ )
+
+if test "$ENABLED_AESEAX" = "yes"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_EAX"
+fi
+
# AES-SIV (RFC 5297)
AC_ARG_ENABLE([aessiv],
[AS_HELP_STRING([--enable-aessiv],[Enable AES-SIV (RFC 5297) (default: disabled)])],
@@ -2213,13 +2464,13 @@ then
ENABLED_AESSIV=yes
fi
-# AES-CTRf
+# AES-CTR
AC_ARG_ENABLE([aesctr],
[AS_HELP_STRING([--enable-aesctr],[Enable wolfSSL AES-CTR support (default: disabled)])],
[ ENABLED_AESCTR=$enableval ],
[ ENABLED_AESCTR=no ]
)
-if test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_LIBSSH2" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes"
+if test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_LIBSSH2" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes" || test "$ENABLED_AESEAX" = "yes"
then
ENABLED_AESCTR=yes
fi
@@ -2254,9 +2505,108 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_CFB"
fi
+AC_ARG_ENABLE([aes-bitsliced],
+ [AS_HELP_STRING([--enable-aes-bitsliced],[Enable bitsliced implementation of AES (default: disabled)])],
+ [ ENABLED_AESBS=$enableval ],
+ [ ENABLED_AESBS=no ]
+ )
+
+if test "$ENABLED_AESBS" = "yes"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWC_AES_BITSLICED -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT"
+fi
+
+# SM4
+ENABLED_SM4="no"
+AC_ARG_ENABLE([sm4-ecb],
+ [AS_HELP_STRING([--enable-sm4-ecb],[Enable wolfSSL SM4-ECB support (default: disabled)])],
+ [ ENABLED_SM4_ECB=$enableval ],
+ [ ENABLED_SM4_ECB=no ]
+ )
+
+if test "$ENABLED_SM4_ECB" = "small"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_ECB" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_ECB"
+ ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-cbc],
+ [AS_HELP_STRING([--enable-sm4-cbc],[Enable wolfSSL SM4-CBC support (default: disabled)])],
+ [ ENABLED_SM4_CBC=$enableval ],
+ [ ENABLED_SM4_CBC=no ]
+ )
+
+if test "$ENABLED_SM4_CBC" = "small"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_CBC" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_CBC"
+ ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-ctr],
+ [AS_HELP_STRING([--enable-sm4-ctr],[Enable wolfSSL SM4-CTR support (default: disabled)])],
+ [ ENABLED_SM4_CTR=$enableval ],
+ [ ENABLED_SM4_CTR=no ]
+ )
+
+if test "$ENABLED_SM4_CTR" = "small"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_CTR" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_CTR"
+ ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-gcm],
+ [AS_HELP_STRING([--enable-sm4-gcm],[Enable wolfSSL SM4-GCM support (default: disabled)])],
+ [ ENABLED_SM4_GCM=$enableval ],
+ [ ENABLED_SM4_GCM=no ]
+ )
+
+if test "$ENABLED_SM4_GCM" = "small"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_GCM" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_GCM"
+ ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-ccm],
+ [AS_HELP_STRING([--enable-sm4-ccm],[Enable wolfSSL SM4-CCM support (default: disabled)])],
+ [ ENABLED_SM4_CCM=$enableval ],
+ [ ENABLED_SM4_CCM=no ]
+ )
+
+if test "$ENABLED_SM4_CCM" = "small"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_CCM" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_CCM"
+ ENABLED_SM4="yes"
+fi
+
+if test "$ENABLED_SM4" = "yes"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4"
+fi
+
ENABLED_ARMASM_INLINE="no"
ENABLED_ARMASM_SHA3="no"
+ENABLED_ARMASM_CRYPTO_SM4="no"
# ARM Assembly
# Both SHA3 and SHA512 instructions available with ARMV8.2-a
AC_ARG_ENABLE([armasm],
@@ -2284,6 +2634,33 @@ then
break;;
esac
ENABLED_ARMASM_SHA3=yes
+ ENABLED_ARMASM_PLUS=yes
+ ;;
+ sm4)
+ case $host_cpu in
+ *aarch64*)
+ ;;
+ *)
+ AC_MSG_ERROR([SM4 instructions only available on Aarch64 CPU.])
+ break;;
+ esac
+ ENABLED_ARMASM_SM4=yes
+ # gcc requires -march=...+sm4 to enable SM4 instructions
+ ENABLED_ARMASM_CRYPTO_SM4=yes
+ ENABLED_ARMASM_PLUS=yes
+ ;;
+ sm3)
+ case $host_cpu in
+ *aarch64*)
+ ;;
+ *)
+ AC_MSG_ERROR([SM3 instructions only available on Aarch64 CPU.])
+ break;;
+ esac
+ ENABLED_ARMASM_SM3=yes
+ # gcc requires -march=...+sm4 to enable SM3 instructions
+ ENABLED_ARMASM_CRYPTO_SM4=yes
+ ENABLED_ARMASM_PLUS=yes
;;
*)
AC_MSG_ERROR([Invalid choice of ARM asm inclusions (yes, sha512-crypto, sha3-crypto): $ENABLED_ARMASM.])
@@ -2308,8 +2685,14 @@ then
;;
*)
# +crypto needed for hardware acceleration
- if test "$ENABLED_ARMASM_SHA3" = "yes"; then
- AM_CPPFLAGS="$AM_CPPFLAGS -march=armv8.2-a+crypto+sha3"
+ if test "$ENABLED_ARMASM_PLUS" = "yes"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv8.2-a+crypto"
+ if test "$ENABLED_ARMASM_SHA3" = "yes"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS+sha3"
+ fi
+ if test "$ENABLED_ARMASM_CRYPTO_SM4" = "yes"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS+sm4"
+ fi
else
AM_CPPFLAGS="$AM_CPPFLAGS -mcpu=generic+crypto"
fi
@@ -2318,6 +2701,7 @@ then
# Include options.h
AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
ENABLED_ARMASM_CRYPTO=yes
+ ENABLED_ARMASM_NEON=yes
# Check for and set -mstrict-align compiler flag
# Used to set assumption that Aarch64 systems will not handle
@@ -2337,18 +2721,46 @@ then
AC_MSG_NOTICE([64bit ARMv8 found, setting mcpu to generic+crypto])
;;
armv7a*)
- AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-a -mfpu=neon -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=7"
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-a -mfpu=neon -DWOLFSSL_ARM_ARCH=7 -marm"
# Include options.h
AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
ENABLED_ARMASM_CRYPTO=no
ENABLED_AESGCM_STREAM=no # not yet implemented
+ ENABLED_ARMASM_NEON=yes
AC_MSG_NOTICE([32bit ARMv7-a found, setting mfpu to neon])
;;
+ armv7m*)
+ # QEMU doesn't work with armv7-m
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-r -D__thumb__ -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=7"
+ # Include options.h
+ AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
+ ENABLED_ARMASM_CRYPTO=no
+ ENABLED_AESGCM_STREAM=no # not yet implemented
+ ENABLED_ARMASM_NEON=no
+ AC_MSG_NOTICE([32bit ARMv7-m found])
+ ;;
+ armv6*)
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv6 -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=6"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
+ ENABLED_ARMASM_CRYPTO=no
+ ENABLED_AESGCM_STREAM=no # not yet implemented
+ ENABLED_ARMASM_NEON=no
+ AC_MSG_NOTICE([32bit ARMv6 found])
+ ;;
+ armv4*)
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv4 -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=4"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
+ ENABLED_ARMASM_CRYPTO=no
+ ENABLED_AESGCM_STREAM=no # not yet implemented
+ ENABLED_ARMASM_NEON=no
+ AC_MSG_NOTICE([32bit ARMv4 found])
+ ;;
*)
- AM_CPPFLAGS="$AM_CPPFLAGS -mfpu=crypto-neon-fp-armv8"
+ AM_CPPFLAGS="$AM_CPPFLAGS -mfpu=crypto-neon-fp-armv8 -marm"
# Include options.h
AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
ENABLED_ARMASM_CRYPTO=yes
+ ENABLED_ARMASM_NEON=yes
AC_MSG_NOTICE([32bit ARMv8 found, setting mfpu to crypto-neon-fp-armv8])
;;
esac
@@ -2359,6 +2771,23 @@ if test "$ENABLED_ARMASM_SHA3" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_CRYPTO_SHA512 -DWOLFSSL_ARMASM_CRYPTO_SHA3"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ARMASM_CRYPTO_SHA512 -DWOLFSSL_ARMASM_CRYPTO_SHA3"
fi
+if test "$ENABLED_ARMASM_SM3" = "yes"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_CRYPTO_SM3"
+fi
+if test "$ENABLED_ARMASM_SM4" = "yes"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_CRYPTO_SM4"
+fi
+if test "$ENABLED_ARMASM_CRYPTO" = "no"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_NO_HW_CRYPTO"
+fi
+if test "$ENABLED_ARMASM_NEON" = "no"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_NO_NEON"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ARMASM_NO_NEON"
+fi
+
+if test "$ENABLED_ARMASM_INLINE" = "yes"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_INLINE"
+fi
# Xilinx hardened crypto
AC_ARG_ENABLE([xilinx],
@@ -2385,6 +2814,30 @@ fi
]
)
+AC_ARG_ENABLE([aria],
+ [AS_HELP_STRING([--enable-aria],[Enable wolfSSL support for ARIA (default: disabled)])],
+ [ ENABLED_ARIA=$enableval ],
+ [ ENABLED_ARIA=no ]
+ )
+if test "$ENABLED_ARIA" = "yes"
+then
+ ARIA_DIR=MagicCrypto
+ # Enable dependency
+ CFLAGS="$CFLAGS -I$ARIA_DIR/include"
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_ARIA"
+ AM_LDFLAGS="$AM_LDFLAGS -L$ARIA_DIR/lib -lMagicCrypto"
+ build_pwd="$(pwd)"
+ headers="mcapi_error.h mcapi_type.h mcapi.h"
+ for header in $headers
+ do
+ AC_CHECK_HEADER([$header], [], [
+ AC_MSG_ERROR([Error including $header. Please put the MagicCrypto library in $build_pwd.])
+ ], [
+ extern int dummy_int_to_make_compiler_happy;
+ ])
+ done
+fi
+
AC_ARG_ENABLE([caam],
[AS_HELP_STRING([--enable-caam],[Enable wolfSSL support for CAAM (default: disabled)])],
[ ENABLED_CAAM=$enableval ],
@@ -2451,6 +2904,10 @@ then
if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
+ if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
+ then
+ AM_CFLAGS="$AM_CFLAGS -DWC_AES_C_DYNAMIC_FALLBACK"
+ fi
if test "$CC" != "icc"
then
case $host_os in
@@ -2466,6 +2923,7 @@ then
esac
fi
AS_IF([test "x$ENABLED_AESGCM" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESGCM"])
+ AS_IF([test "x$ENABLED_SM3" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SM3"])
fi
if test "$ENABLED_INTELASM" = "yes"
@@ -2957,6 +3415,22 @@ then
fi
+# SM3
+AC_ARG_ENABLE([sm3],
+ [AS_HELP_STRING([--enable-sm3],[Enable wolfSSL SM3 support (default: disabled)])],
+ [ ENABLED_SM3=$enableval ],
+ [ ENABLED_SM3=no ]
+ )
+
+if test "$ENABLED_SM3" = "small"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM3_SMALL"
+fi
+if test "$ENABLED_SM3" != "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM3"
+fi
+
# SESSION CERTS
AC_ARG_ENABLE([sessioncerts],
[AS_HELP_STRING([--enable-sessioncerts],[Enable session cert storing (default: disabled)])],
@@ -2966,7 +3440,7 @@ AC_ARG_ENABLE([sessioncerts],
if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || \
test "x$ENABLED_LIGHTY" = "xyes" || test "x$ENABLED_NETSNMP" = "xyes" || \
- test "x$ENABLED_STRONGSWAN" = "xyes"
+ test "x$ENABLED_STRONGSWAN" = "xyes" || test "x$ENABLED_HITCH" = "xyes"
then
ENABLED_SESSIONCERTS=yes
fi
@@ -3006,7 +3480,7 @@ AC_ARG_ENABLE([certgen],
if test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_OPENSSH" = "yes" || \
test "$ENABLED_BIND" = "yes" || test "$ENABLED_NTP" = "yes" || \
test "$ENABLED_CHRONY" = "yes" || test "$ENABLED_STRONGSWAN" = "yes" || \
- test "$ENABLED_OPENLDAP" = "yes"
+ test "$ENABLED_OPENLDAP" = "yes" || test "$ENABLED_HITCH" = "yes"
then
ENABLED_CERTGEN=yes
fi
@@ -3100,6 +3574,22 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE_X963_KDF"
fi
+# SRTP-KDF
+AC_ARG_ENABLE([srtp-kdf],
+ [AS_HELP_STRING([--enable-srtp-kdf],[Enable SRTP-KDF support (default: disabled)])],
+ [ ENABLED_SRTP_KDF=$enableval ],
+ [ ENABLED_SRTP_KDF=no ]
+ )
+if test "$ENABLED_SRTP" = "yes"
+then
+ ENABLED_SRTP_KDF="yes"
+fi
+if test "$ENABLED_SRTP_KDF" = "yes"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWC_SRTP_KDF -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT"
+fi
+
+
# DSA
AC_ARG_ENABLE([dsa],
[AS_HELP_STRING([--enable-dsa],[Enable DSA (default: disabled)])],
@@ -3107,7 +3597,7 @@ AC_ARG_ENABLE([dsa],
[ ENABLED_DSA=no ]
)
-if test "$enable_dsa" = ""
+if test "$enable_dsa" = "" && test "$enable_sha" != "no"
then
if (test "$ENABLED_OPENSSH" = "yes" && test "x$ENABLED_FIPS" = "xno") || test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_QT" = "yes" || test "$ENABLED_BIND" = "yes" || test "$ENABLED_LIBSSH2" = "yes" || test "$ENABLED_NTP" = "yes"
then
@@ -3170,6 +3660,24 @@ then
fi
+# SM2
+AC_ARG_ENABLE([sm2],
+ [AS_HELP_STRING([--enable-sm2],[Enable wolfSSL SM2 support (default: disabled)])],
+ [ ENABLED_SM2=$enableval ],
+ [ ENABLED_SM2=no ]
+ )
+
+if test "$ENABLED_SM2" = "yes"
+then
+ if test "$ENABLED_ECC" = "no"
+ then
+ AC_MSG_ERROR([Cannot enable SM2 without enabling ecc.])
+ fi
+
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM2 -DWOLFSSL_BASE16"
+fi
+
+
# ECC Custom Curves
AC_ARG_ENABLE([ecccustcurves],
[AS_HELP_STRING([--enable-ecccustcurves],[Enable ECC custom curves (default: disabled)])],
@@ -3220,7 +3728,7 @@ AC_ARG_ENABLE([compkey],
[ ENABLED_COMPKEY=no ]
)
-if test "$ENABLED_WPAS" = "yes"
+if test "$ENABLED_WPAS" = "yes" || test "$ENABLED_OPENSSLALL" = "yes"
then
ENABLED_COMPKEY=yes
fi
@@ -3287,6 +3795,7 @@ then
fi
AM_CFLAGS="$AM_CFLAGS -DHAVE_CURVE25519"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_CURVE25519"
ENABLED_FEMATH=yes
fi
@@ -3454,6 +3963,10 @@ AC_ARG_ENABLE([eccsi],
if test "x$ENABLED_ECCSI" = "xyes"
then
+ if test "$ENABLED_ECC" = "no"
+ then
+ AC_MSG_ERROR([ECCSI requires ECC.])
+ fi
AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_HAVE_ECCSI -DWOLFSSL_PUBLIC_MP"
fi
@@ -3464,6 +3977,11 @@ AC_ARG_ENABLE([sakke],
[ ENABLED_SAKKE=no ]
)
+if test "$ENABLED_SAKKE" != "no" && test "$ENABLED_ECC" = "no"
+then
+ AC_MSG_ERROR([SAKKE requires ECC.])
+fi
+
if test "x$ENABLED_SAKKE" = "xsmall"
then
ENABLED_SAKKE="yes"
@@ -3525,47 +4043,28 @@ AC_ARG_ENABLE([errorqueue],
[ ENABLED_ERROR_QUEUE=yes ]
)
-# OLD TLS
-AC_ARG_ENABLE([oldtls],
- [AS_HELP_STRING([--enable-oldtls],[Enable old TLS versions < 1.2 (default: enabled)])],
- [ ENABLED_OLD_TLS=$enableval ],
- [ ENABLED_OLD_TLS=yes ]
+
+# SSLv3
+AC_ARG_ENABLE([sslv3],
+ [AS_HELP_STRING([--enable-sslv3],[Enable SSL version 3.0 (default: disabled)])],
+ [ ENABLED_SSLV3=$enableval ],
+ [ ENABLED_SSLV3=no]
)
-if test "$ENABLED_CRYPTONLY" = "yes" || test "x$ENABLED_HARDEN_TLS" != "xno"
-then
- ENABLED_OLD_TLS=no
-fi
-if test "$ENABLED_OLD_TLS" = "no"
+if test "x$ENABLED_HAPROXY" = "xyes" && test "x$ENABLED_ALL" = "xno"
then
- AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
-else
- # turn off old if leanpsk or leantls on
- if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
- then
- AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
- ENABLED_OLD_TLS=no
- fi
+ ENABLED_SSLV3="yes"
fi
-
-
-# TLSv1.2
-AC_ARG_ENABLE([tlsv12],
- [AS_HELP_STRING([--enable-tlsv12],[Enable TLS versions 1.2 (default: enabled)])],
- [ ENABLED_TLSV12=$enableval ],
- [ ENABLED_TLSV12=yes ]
- )
-
if test "$ENABLED_CRYPTONLY" = "yes"
then
- ENABLED_TLSV12=no
+ ENABLED_SSLV3=no
fi
-if test "$ENABLED_TLSV12" = "no"
+
+if test "$ENABLED_SSLV3" = "yes"
then
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_TLS12 -DNO_OLD_TLS"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_SSLV3"
fi
-
# TLSv1.0
AC_ARG_ENABLE([tlsv10],
[AS_HELP_STRING([--enable-tlsv10],[Enable old TLS versions 1.0 (default: disabled)])],
@@ -3583,28 +4082,51 @@ then
fi
-# SSLv3
-AC_ARG_ENABLE([sslv3],
- [AS_HELP_STRING([--enable-sslv3],[Enable SSL version 3.0 (default: disabled)])],
- [ ENABLED_SSLV3=$enableval ],
- [ ENABLED_SSLV3=no]
+# OLD TLS
+AC_ARG_ENABLE([oldtls],
+ [AS_HELP_STRING([--enable-oldtls],[Enable old TLS versions < 1.2 (default: disabled)])],
+ [ ENABLED_OLD_TLS=$enableval ],
+ [ ENABLED_OLD_TLS=no ]
)
-if test "x$ENABLED_HAPROXY" = "xyes" && test "x$ENABLED_ALL" = "xno"
+
+if test "$ENABLED_CRYPTONLY" = "yes" || test "x$ENABLED_HARDEN_TLS" != "xno" || \
+ test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
then
- ENABLED_SSLV3="yes"
+ ENABLED_OLD_TLS=no
fi
-if test "$ENABLED_CRYPTONLY" = "yes"
+
+# if SSL v3.0 or TLS v1.0 enabled, then allow "old tls". QT also requires it apparently
+if test "$ENABLED_TLSV10" = "yes" || test "$ENABLED_SSLV3" = "yes" || \
+ (test "$ENABLED_QT" = "yes" && test "x$ENABLED_ALL" = "xno")
then
- ENABLED_SSLV3=no
+ ENABLED_OLD_TLS=yes
fi
-if test "$ENABLED_SSLV3" = "yes"
+if test "$ENABLED_OLD_TLS" = "no"
then
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_SSLV3"
+ AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
fi
+# TLSv1.2
+AC_ARG_ENABLE([tlsv12],
+ [AS_HELP_STRING([--enable-tlsv12],[Enable TLS versions 1.2 (default: enabled)])],
+ [ ENABLED_TLSV12=$enableval ],
+ [ ENABLED_TLSV12=yes ]
+ )
+
+if test "$ENABLED_CRYPTONLY" = "yes"
+then
+ ENABLED_TLSV12=no
+fi
+if test "$ENABLED_TLSV12" = "no"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_TLS12 -DNO_OLD_TLS"
+fi
+
+
+
# STACK SIZE info for testwolfcrypt and examples
AC_ARG_ENABLE([stacksize],
[AS_HELP_STRING([--enable-stacksize],[Enable stack size info on examples (default: disabled)])],
@@ -4141,6 +4663,21 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_CID"
fi
+# DTLS 1.3 Fragment Second ClientHello
+AC_ARG_ENABLE([dtls-frag-ch],
+ [AS_HELP_STRING([--enable-dtls-frag-ch],[Enable wolfSSL DTLS 1.3 ClientHello fragmenting (default: disabled)])],
+ [ ENABLED_DTLS_CH_FRAG=$enableval ],
+ [ ENABLED_DTLS_CH_FRAG=no ]
+ )
+if test "x$ENABLED_DTLS_CH_FRAG" = "xyes"
+then
+ if test "x$ENABLED_DTLS13" != "xyes"
+ then
+ AC_MSG_ERROR([You need to enable DTLSv1.3 to use DTLS ClientHello fragmenting])
+ fi
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_CH_FRAG"
+fi
+
# CODING
AC_ARG_ENABLE([coding],
[AS_HELP_STRING([--enable-coding],[Enable Coding base 16/64 (default: enabled)])],
@@ -4196,6 +4733,14 @@ then
fi
+# MD4
+AC_ARG_ENABLE([md4],
+ [AS_HELP_STRING([--enable-md4],[Enable MD4 (default: disabled)])],
+ [ ENABLED_MD4=$enableval ],
+ [ ENABLED_MD4=no ]
+ )
+
+
# DES3
AC_ARG_ENABLE([des3],
[AS_HELP_STRING([--enable-des3],[Enable DES3 (default: disabled)])],
@@ -4277,7 +4822,7 @@ AC_ARG_ENABLE([cmac],
[ ENABLED_CMAC=no ]
)
-if test "$ENABLED_WPAS" != "no" || test "$ENABLED_NTP" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes"
+if test "$ENABLED_WPAS" != "no" || test "$ENABLED_NTP" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes" || test "$ENABLED_AESEAX" = "yes"
then
ENABLED_CMAC=yes
fi
@@ -4295,6 +4840,10 @@ AC_ARG_ENABLE([xts],
AS_IF([test "x$ENABLED_XTS" = "xyes"],
[AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"])
+AS_IF([test "x$ENABLED_XTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"],
+ [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
+AS_IF([test "x$ENABLED_XTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"],
+ [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
# Web Server Build
AC_ARG_ENABLE([webserver],
@@ -4506,10 +5055,11 @@ AS_CASE([$FIPS_VERSION],
AS_IF([test "x$ENABLED_DES3" = "xno"],[ENABLED_DES3="yes"])
])
-AS_IF([test "x$ENABLED_FIPS" = "xyes" && test "x$thread_ls_on" = "xno"],
+AS_IF([test "x$ENABLED_FIPS" = "xyes" && test "x$thread_ls_on" = "xno" && test "$ENABLE_LINUXKM" = "no"],
[AC_MSG_ERROR([FIPS requires Thread Local Storage])])
-
+AS_IF([(test "$ENABLED_NULL_CIPHER" = "yes" || test "$ENABLED_LEANPSK" = "yes") && test "$ENABLED_FIPS" != "no" && test "$FIPS_VERSION" != "dev"],
+ [AC_MSG_ERROR([FIPS is incompatible with nullcipher])])
# SELFTEST
AC_ARG_ENABLE([selftest],
@@ -4971,21 +5521,22 @@ AC_ARG_WITH([wnr],
# SNI
+# enable SNI automatically for x86_64/x86/aarch64/amd64
+SNI_DEFAULT=no
+if test "$host_cpu" = "x86_64" || test "$host_cpu" = "x86" || test "$host_cpu" = "aarch64" || test "$host_cpu" = "amd64"
+then
+ SNI_DEFAULT=yes
+fi
AC_ARG_ENABLE([sni],
- [AS_HELP_STRING([--enable-sni],[Enable SNI (default: disabled)])],
+ [AS_HELP_STRING([--enable-sni],[Enable SNI (default: enabled on x86_64/x86/aarch64/amd64)])],
[ ENABLED_SNI=$enableval ],
- [ ENABLED_SNI=no ]
+ [ ENABLED_SNI=$SNI_DEFAULT ]
)
-if test "x$ENABLED_QT" = "xyes"
+if test "x$ENABLED_QT" = "xyes" || test "$ENABLED_QUIC" = "yes"
then
ENABLED_SNI="yes"
fi
-if test "$ENABLED_QUIC" = "yes"
-then
- ENABLED_SNI=yes
-fi
-
if test "x$ENABLED_SNI" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI"
@@ -5362,6 +5913,9 @@ then
ENABLED_AESCFB="yes"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_CFB"
fi
+
+ # Requires public mp_
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PUBLIC_MP"
fi
if test "x$ENABLED_SMIME" = "xyes"
@@ -5551,7 +6105,10 @@ AC_ARG_ENABLE([jni],
)
if test "$ENABLED_JNI" = "yes"
then
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI -DHAVE_EX_DATA"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI"
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
+ AM_CFLAGS="$AM_CFLAGS -DKEEP_PEER_CERT"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_VERIFY_CB"
# Enable prereqs if not already enabled
if test "x$ENABLED_DTLS" = "xno"
@@ -5633,6 +6190,18 @@ then
ENABLED_CERTGEN="yes"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
fi
+ # wolfCrypt JNI/JCE uses keygen, enable by default here so
+ # both JCE and JSSE builds can use --enable-jni
+ if test "x$ENABLED_KEYGEN" = "xno"
+ then
+ ENABLED_KEYGEN="yes"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+ fi
+ if test "x$ENABLED_CERTREQ" = "xno"
+ then
+ ENABLED_CERTREQ="yes"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
+ fi
if test "x$ENABLED_SNI" = "xno"
then
ENABLED_SNI="yes"
@@ -5643,6 +6212,14 @@ then
ENABLED_ALPN="yes"
AM_CFLAGS="$AM_CFLAGS -DHAVE_ALPN"
fi
+ if test "x$ENABLED_ALT_CERT_CHAINS" = "xno"
+ then
+ ENABLED_ALT_CERT_CHAINS="yes"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALT_CERT_CHAINS"
+ fi
+
+ # cert gen requires alt names
+ ENABLED_ALTNAMES="yes"
fi
if test "$ENABLED_LIGHTY" = "yes"
@@ -5682,6 +6259,8 @@ fi
if test "$ENABLED_NGINX" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NGINX -DWOLFSSL_SIGNER_DER_CERT"
+ AM_CFLAGS="$AM_CFLAGS -DOPENSSL_COMPATIBLE_DEFAULTS"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ERROR_CODE_OPENSSL"
fi
if test "$ENABLED_HAPROXY" = "yes"
@@ -5797,6 +6376,51 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DES_ECB -DHAVE_EX_DATA -DWOLFSSL_KEY_GEN"
fi
+if test "$ENABLED_HITCH" = "yes"
+then
+ # Requires opensslextra make sure on
+ if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"
+ then
+ ENABLED_OPENSSLEXTRA="yes"
+ AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
+ fi
+
+ # Requires OCSP make sure on
+ if test "x$ENABLED_OCSP" = "xno"
+ then
+ ENABLED_OCSP="yes"
+ fi
+
+ # Requires ALPN
+ if test "x$ENABLED_ALPN" = "xno"
+ then
+ ENABLED_ALPN="yes"
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_ALPN"
+ fi
+
+ if test "x$ENABLED_KEYGEN" = "xno"
+ then
+ ENABLED_KEYGEN="yes"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+ fi
+
+ # Requires sessioncerts make sure on
+ if test "x$ENABLED_SESSIONCERTS" = "xno"
+ then
+ ENABLED_SESSIONCERTS="yes"
+ AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
+ fi
+
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HITCH -DHAVE_EX_DATA -DWOLFSSL_SIGNER_DER_CERT"
+ AM_CFLAGS="$AM_CFLAGS -DOPENSSL_COMPATIBLE_DEFAULTS -DWOLFSSL_CIPHER_INTERNALNAME"
+fi
+
+if test "$ENABLED_MEMCACHED" = "yes"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SESSION_ID_CTX"
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DHAVE_MEMCACHED"
+fi
+
if test "$ENABLED_NGINX" = "yes"|| test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
then
@@ -6062,6 +6686,11 @@ AC_ARG_ENABLE([curl],
# curl support requires all the features enabled within this conditional.
if test "$ENABLED_CURL" = "yes"
then
+ if test "$ENABLED_MD4" = "no"
+ then
+ ENABLED_MD4="yes"
+ fi
+
if test "x$ENABLED_DES3" = "xno"
then
ENABLED_DES3="yes"
@@ -6276,14 +6905,6 @@ then
fi
fi
-# MD4
-AC_ARG_ENABLE([md4],
- [AS_HELP_STRING([--enable-md4],[Enable MD4 (default: disabled)])],
- [ ENABLED_MD4=$enableval ],
- [ ENABLED_MD4=no ]
- )
-
-
if test "$ENABLED_MD4" = "no"
then
#turn on MD4 if using stunnel
@@ -6584,7 +7205,7 @@ AC_ARG_WITH([cavium-v],
ENABLED_CAVIUM_V=yes
],
[
- ENABLED_CAVIUM_=no
+ ENABLED_CAVIUM=no
ENABLED_CAVIUM_V=no
]
)
@@ -6695,6 +7316,7 @@ ENABLED_SP_ECC=no
ENABLED_SP_EC_256=no
ENABLED_SP_EC_384=no
ENABLED_SP_EC_521=no
+ENABLED_SP_SM2=$ENABLED_SM2
ENABLED_SP_SAKKE_1024=$ENABLED_SAKKE
ENABLED_SP_NO_MALLOC=no
ENABLED_SP_NONBLOCK=no
@@ -6786,6 +7408,15 @@ do
ENABLED_SP_ECC=yes
ENABLED_SP_SAKKE_1024=yes
;;
+ smallsm2)
+ ENABLED_SP_SMALL=yes
+ ENABLED_SP_ECC=yes
+ ENABLED_SP_SM2=yes
+ ;;
+ sm2)
+ ENABLED_SP_ECC=yes
+ ENABLED_SP_SM2=yes
+ ;;
small2048)
ENABLED_SP_SMALL=yes
@@ -6933,6 +7564,10 @@ if test "$ENABLED_ECC" != "no" && test "$ENABLED_SP_ECC" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_1024"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_1024"
fi
+ if test "$ENABLED_SP_SM2" = "yes"; then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SM2"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_SM2"
+ fi
fi
if test "$ENABLED_SP_SMALL" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
@@ -7096,21 +7731,47 @@ if test "$ENABLED_SP_ASM" = "yes" && test "$ENABLED_SP" = "yes"; then
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM64_ASM"
ENABLED_SP_ARM64_ASM=yes
;;
+ *armv7a*)
+ if test "$ENABLED_ARMASM" = "no"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-a -mfpu=neon -DWOLFSSL_ARM_ARCH=7 -marm"
+ fi
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ ENABLED_SP_ARM32_ASM=yes
+ ;;
+ *cortex* | *armv7m*)
+ if test "$ENABLED_ARMASM" = "no"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-r -D__thumb__ -DWOLFSSL_ARM_ARCH=7"
+ fi
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
+ ENABLED_SP_ARM_CORTEX_ASM=yes
+ ;;
+ *armv6*)
+ if test "$ENABLED_ARMASM" = "no"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv6 -DWOLFSSL_ARM_ARCH=6"
+ fi
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ ENABLED_SP_ARM32_ASM=yes
+ ;;
+ *armv4*)
+ if test "$ENABLED_ARMASM" = "no"; then
+ AM_CPPFLAGS="$AM_CPPFLAGS -march=armv4 -DWOLFSSL_ARM_ARCH=4"
+ fi
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ ENABLED_SP_ARM32_ASM=yes
+ ;;
*arm*)
if test "$host_alias" = "thumb" || test "$ARM_TARGET" = "thumb"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
ENABLED_SP_ARM_THUMB_ASM=yes
else
- if test "$host_alias" = "cortex" || test "$ARM_TARGET" = "cortex"; then
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
- AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
- ENABLED_SP_ARM_CORTEX_ASM=yes
- else
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
- AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
- ENABLED_SP_ARM32_ASM=yes
- fi
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+ ENABLED_SP_ARM32_ASM=yes
fi
;;
*x86_64* | *amd64*)
@@ -7358,6 +8019,30 @@ then
AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
fi
+
+# cryptodev is old name, replaced with cryptocb
+AC_ARG_ENABLE([cryptodev],
+ [AS_HELP_STRING([--enable-cryptodev],[DEPRECATED, use cryptocb instead])],
+ [ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
+
+# Support for crypto callbacks
+AC_ARG_ENABLE([cryptocb],
+ [AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
+ [ ENABLED_CRYPTOCB=$enableval ],
+ [ ENABLED_CRYPTOCB=no ]
+ )
+
+if test "x$ENABLED_PKCS11" = "xyes" || test "x$ENABLED_WOLFTPM" = "xyes" || test "$ENABLED_CAAM" != "no"
+then
+ ENABLED_CRYPTOCB=yes
+fi
+if test "$ENABLED_CRYPTOCB" = "yes"
+then
+ AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
+fi
+
+
+
# Asynchronous Crypto
AC_ARG_ENABLE([asynccrypt],
[AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
@@ -7380,6 +8065,7 @@ fi
if test "$ENABLED_ASYNCCRYPT" = "yes"
then
+ AC_MSG_NOTICE([Enabling asynchronous support])
if ! test -f ${srcdir}/wolfcrypt/src/async.c || ! test -f ${srcdir}/wolfssl/wolfcrypt/async.h
then
AC_MSG_ERROR([--enable-asynccrypt requested, but WOLFSSL_ASYNC_CRYPT source files are missing.])
@@ -7389,15 +8075,14 @@ then
# If no async backend (hardware or software) has been explicitly enabled,
# use the software backend for testing.
- if test "x$ENABLED_CAVIUM" = "xno" && test "x$ENABLED_INTEL_QA" = "xno" &&
- test "x$ENABLED_ASYNCCRYPT_SW" = "xno"
+ if test "x$ENABLED_CAVIUM" != "xyes" && test "x$ENABLED_INTEL_QA" != "xyes" && test "x$ENABLED_CRYPTOCB" != "xyes" && test "x$ENABLED_PKCALLBACKS" != "xyes" && test "x$ENABLED_ASYNCCRYPT_SW" != "xyes"
then
- # Async threading is Linux specific
+ AC_MSG_NOTICE([Enabling asynchronous software simulator])
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW"
+ ENABLED_ASYNCCRYPT_SW=yes
fi
fi
-
# check for async if using Intel QuckAssist or Cavium
if test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_CAVIUM" = "xyes" ; then
if test "x$ENABLED_ASYNCCRYPT" = "xno" ; then
@@ -7405,8 +8090,7 @@ if test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_CAVIUM" = "xyes" ; then
fi
fi
-
-# Asynchronous threading
+# Asynchronous threading (Linux specific)
AC_ARG_ENABLE([asyncthreads],
[AS_HELP_STRING([--enable-asyncthreads],[Enable Asynchronous Threading (default: enabled)])],
[ ENABLED_ASYNCTHREADS=$enableval ],
@@ -7429,28 +8113,6 @@ else
fi
-# cryptodev is old name, replaced with cryptocb
-AC_ARG_ENABLE([cryptodev],
- [AS_HELP_STRING([--enable-cryptodev],[DEPRECATED, use cryptocb instead])],
- [ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
-
-# Support for crypto callbacks
-AC_ARG_ENABLE([cryptocb],
- [AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
- [ ENABLED_CRYPTOCB=$enableval ],
- [ ENABLED_CRYPTOCB=no ]
- )
-
-if test "x$ENABLED_PKCS11" = "xyes" || test "x$ENABLED_WOLFTPM" = "xyes" || test "$ENABLED_CAAM" != "no"
-then
- ENABLED_CRYPTOCB=yes
-fi
-if test "$ENABLED_CRYPTOCB" = "yes"
-then
- AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
-fi
-
-
# Session Export
AC_ARG_ENABLE([sessionexport],
[AS_HELP_STRING([--enable-sessionexport],[Enable export and import of sessions (default: disabled)])],
@@ -7532,13 +8194,13 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HASH_FLAGS"
fi
-# Support for enabling setting default DH parameters in
+# Support for enabling setting default DH parameters in TLS
AC_ARG_ENABLE([defaultdhparams],
- [AS_HELP_STRING([--enable-dhdefaultparams],[Enables option for default dh parameters (default: disabled)])],
+ [AS_HELP_STRING([--enable-defaultdhparams],[Enables option for default dh parameters (default: disabled)])],
[ ENABLED_DHDEFAULTPARAMS=$enableval ],
- [ ENABLED_DHDEFAULTPARAMS=no ]
+ [ ENABLED_DHDEFAULTPARAMS=yes ]
)
-if test "$ENABLED_DHDEFAULTPARAMS" = "yes" || test "$ENABLED_QT" = "no"
+if test "x$ENABLED_DH" = "xyes" && test "x$ENABLED_DHDEFAULTPARAMS" = "xyes" && test "x$ENABLED_QT" != "xyes"
then
ENABLED_DHDEFAULTPARAMS=yes
AM_CFLAGS="$AM_CFLAGS -DHAVE_DH_DEFAULT_PARAMS"
@@ -7663,18 +8325,33 @@ AC_ARG_ENABLE([sys-ca-certs],
# (for now checking both C_FLAGS and C_EXTRA_FLAGS)
AS_CASE(["$CFLAGS $CPPFLAGS"],[*'WOLFSSL_TRUST_PEER_CERT'*],[ENABLED_TRUSTED_PEER_CERT=yes])
+# Allows disabling the OPENSSL_COMPATIBLE_DEFAULTS macro
+AC_ARG_ENABLE([openssl-compatible-defaults],
+ [AS_HELP_STRING([--disable-openssl-compatible-defaults],[Disable OpenSSL compatible defaults when enabled by other options (default: enabled)])],
+ [ ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=$enableval ],
+ [ ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=yes ]
+ )
AS_CASE(["$CFLAGS $CPPFLAGS $AM_CFLAGS"],[*'OPENSSL_COMPATIBLE_DEFAULTS'*],
- [ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=yes])
-if test "x$ENABLED_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
+ [FOUND_OPENSSL_COMPATIBLE_DEFAULTS=yes])
+if test "x$FOUND_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
then
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TRUST_PEER_CERT"
- AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE_REF"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALT_CERT_CHAINS"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PRIORITIZE_PSK"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CHECK_ALERT_ON_ERR"
- ENABLED_TRUSTED_PEER_CERT=yes
+ if test "x$ENABLED_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
+ then
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TRUST_PEER_CERT"
+ AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE_REF"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALT_CERT_CHAINS"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PRIORITIZE_PSK"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CHECK_ALERT_ON_ERR"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TICKET_HAVE_ID"
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
+ ENABLED_TRUSTED_PEER_CERT=yes
+ else
+ CFLAGS=$(printf "%s" "$CFLAGS" | sed 's/-DOPENSSL_COMPATIBLE_DEFAULTS//g')
+ CPPFLAGS=$(printf "%s" "$CPPFLAGS" | sed 's/-DOPENSSL_COMPATIBLE_DEFAULTS//g')
+ AM_CFLAGS=$(printf "%s" "$AM_CFLAGS" | sed 's/-DOPENSSL_COMPATIBLE_DEFAULTS//g')
+ fi
fi
# determine if we have key validation mechanism
@@ -7739,16 +8416,30 @@ then
case $host_os in
*darwin*)
- AC_CHECK_HEADERS([Security/SecTrustSettings.h],
- [
- # For Mac we need these frameworks to load system CA certs
- LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
- ],
+ # Headers used for MacOS default system CA certs behavior. Only MacOS SDK will have this header
+ AC_CHECK_HEADERS([Security/SecTrustSettings.h])
+ # Headers used for Apple native cert validation. All device SDKs should have these headers
+ AC_CHECK_HEADERS([Security/SecCertificate.h])
+ AC_CHECK_HEADERS([Security/SecTrust.h])
+ AC_CHECK_HEADERS([Security/SecPolicy.h])
+ # Either Security/SecTrustSettings (for MacOS cert loading), or the
+ # trio of Security/SecCertificate.h, Security/SecTrust.h, and
+ # Security/SecPolicy.h (for native trust APIs on other apple devices)
+ # must be present. Default to SecTrustSettings method on MacOS.
+ AS_IF([test "$ac_cv_header_Security_SecTrustSettings_h" = "yes" \
+ || (test "$ac_cv_header_Security_SecCertificate_h" = "yes" \
+ && test "$ac_cv_header_Security_SecTrust_h" = "yes" \
+ && test "$ac_cv_header_Security_SecPolicy_h" = "yes")],
+ [
+ LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
+ AS_IF([test "$ac_cv_header_Security_SecTrustSettings_h" != "yes"],
[
- AC_MSG_NOTICE([Can't enable system CA certs without Security/SecTrustSettings.h])
- ENABLED_SYS_CA_CERTS="no"
- ]
- )
+ AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_APPLE_NATIVE_CERT_VALIDATION"
+ ])
+ ],
+ [
+ AC_MSG_ERROR([Unable to find Apple Security.framework headers])
+ ])
;;
esac
fi
@@ -7815,6 +8506,9 @@ then
# Uses alt name
ENABLED_ALTNAMES="yes"
+
+ AM_CFLAGS="$AM_CFLAGS -DHAVE_OID_ENCODING -DWOLFSSL_NO_ASN_STRICT"
+
fi
if test "$ENABLED_STRONGSWAN" = "yes"; then
@@ -7837,7 +8531,7 @@ if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || \
test "$ENABLED_LIBWEBSOCKETS" = "yes" || \
test "x$ENABLED_LIGHTY" = "xyes" || test "$ENABLED_LIBSSH2" = "yes" || \
test "x$ENABLED_NTP" = "xyes" || test "$ENABLED_RSYSLOG" = "yes" || \
- test "$ENABLED_OPENLDAP" = "yes"
+ test "$ENABLED_OPENLDAP" = "yes" || test "$ENABLED_HITCH" = "yes"
then
ENABLED_OPENSSLEXTRA="yes"
fi
@@ -8009,6 +8703,8 @@ AS_IF([test "x$ENABLED_CERTEXT" = "xyes"],
AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
[AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"])
+AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
+ [AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_ED25519"])
AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"],
[AM_CFLAGS="$AM_CFLAGS -DED25519_SMALL"])
@@ -8045,6 +8741,9 @@ then
AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
fi
+AS_IF([test "x$ENABLED_AESBS" = "xyes" && test "x$ENABLED_ARMASM" = "xyes"],
+ [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT"])
+
if test "$ENABLED_HMAC" = "no"
then
AM_CFLAGS="$AM_CFLAGS -DNO_HMAC"
@@ -8052,18 +8751,13 @@ fi
if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"
then
- AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS"
- AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AKID_NAME -DHAVE_CTS"
+ AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
fi
if test "$ENABLED_OPENSSLEXTRA" = "x509small"
then
AC_MSG_NOTICE([Enabling only a subset of X509 opensslextra])
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA_X509_SMALL"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EKU_OID -DWOLFSSL_MULTI_ATTRIB"
- AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OPENSSL_RAND_CB"
fi
if test "$ENABLED_WOLFSCEP" = "yes"
@@ -8262,6 +8956,11 @@ if test "x$ENABLED_OPENSSLCOEXIST" = "xyes"; then
fi
fi
+if test "$ENABLED_WOLFSSH" = "yes" && test "$ENABLED_HMAC" = "no"
+then
+ AC_MSG_ERROR([WOLFSSH requires HMAC.])
+fi
+
AS_IF([test "x$ENABLED_WOLFSSH" = "xyes"],[AM_CPPFLAGS="$AM_CPPFLAGS -DWOLFSSL_WOLFSSH"])
# only allow secure renegotiation info with TLSV12 and ASN
@@ -8473,9 +9172,11 @@ AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" || test "
AM_CONDITIONAL([BUILD_SNIFFTEST],[ test "x$ENABLED_SNIFFTEST" = "xyes"])
AM_CONDITIONAL([BUILD_AESGCM],[test "x$ENABLED_AESGCM" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_AESCCM],[test "x$ENABLED_AESCCM" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_XTS],[test "x$ENABLED_XTS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM],[test "x$ENABLED_ARMASM" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_INLINE],[test "x$ENABLED_ARMASM_INLINE" = "xyes"])
AM_CONDITIONAL([BUILD_ARMASM_CRYPTO],[test "x$ENABLED_ARMASM_CRYPTO" = "xyes"])
+AM_CONDITIONAL([BUILD_ARMASM_NEON],[test "x$ENABLED_ARMASM_NEON" = "xyes"])
AM_CONDITIONAL([BUILD_XILINX],[test "x$ENABLED_XILINX" = "xyes"])
AM_CONDITIONAL([BUILD_AESNI],[test "x$ENABLED_AESNI" = "xyes"])
AM_CONDITIONAL([BUILD_INTELASM],[test "x$ENABLED_INTELASM" = "xyes"])
@@ -8503,6 +9204,8 @@ AM_CONDITIONAL([BUILD_FE448], [test "x$ENABLED_FE448" = "xyes" || test "x$ENABLE
AM_CONDITIONAL([BUILD_GE448], [test "x$ENABLED_GE448" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_CURVE448],[test "x$ENABLED_CURVE448" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_CURVE448_SMALL],[test "x$ENABLED_CURVE448_SMALL" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_WC_LMS],[test "x$ENABLED_WC_LMS" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_WC_XMSS],[test "x$ENABLED_WC_XMSS" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_WC_KYBER],[test "x$ENABLED_WC_KYBER" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_ECCSI],[test "x$ENABLED_ECCSI" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_SAKKE],[test "x$ENABLED_SAKKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
@@ -8531,6 +9234,9 @@ AM_CONDITIONAL([BUILD_SHA3],[test "x$ENABLED_SHA3" != "xno" || test "x$ENABLED_U
AM_CONDITIONAL([BUILD_POLY1305],[test "x$ENABLED_POLY1305" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_CHACHA],[test "x$ENABLED_CHACHA" = "xyes" || test "x$ENABLED_CHACHA" = "xnoasm" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_XCHACHA],[test "x$ENABLED_XCHACHA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_SM2],[test "x$ENABLED_SM2" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_SM3],[test "x$ENABLED_SM3" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_SM4],[test "x$ENABLED_SM4" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_INLINE],[test "x$ENABLED_INLINE" = "xyes"])
AM_CONDITIONAL([BUILD_OCSP],[test "x$ENABLED_OCSP" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_OCSP_STAPLING],[test "x$ENABLED_CERTIFICATE_STATUS_REQUEST" = "xyes"])
@@ -8539,6 +9245,8 @@ AM_CONDITIONAL([BUILD_CRL],[test "x$ENABLED_CRL" != "xno" || test "x$ENABLED_USE
AM_CONDITIONAL([BUILD_CRL_MONITOR],[test "x$ENABLED_CRL_MONITOR" = "xyes"])
AM_CONDITIONAL([BUILD_USER_RSA],[test "x$ENABLED_USER_RSA" = "xyes"] )
AM_CONDITIONAL([BUILD_USER_CRYPTO],[test "x$ENABLED_USER_CRYPTO" = "xyes"])
+AM_CONDITIONAL([BUILD_LIBLMS],[test "x$ENABLED_LIBLMS" = "xyes"])
+AM_CONDITIONAL([BUILD_LIBXMSS],[test "x$ENABLED_LIBXMSS" = "xyes"])
AM_CONDITIONAL([BUILD_LIBOQS],[test "x$ENABLED_LIBOQS" = "xyes"])
AM_CONDITIONAL([BUILD_WNR],[test "x$ENABLED_WNR" = "xyes"])
AM_CONDITIONAL([BUILD_SRP],[test "x$ENABLED_SRP" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
@@ -8614,6 +9322,7 @@ AM_CONDITIONAL([BUILD_DTLS_CID],[test "x$ENABLED_DTLS_CID" = "xyes"])
AM_CONDITIONAL([BUILD_HPKE],[test "x$ENABLED_HPKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_DTLS],[test "x$ENABLED_DTLS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_MAXQ10XX],[test "x$ENABLED_MAXQ10XX" = "xyes"])
+AM_CONDITIONAL([BUILD_ARIA],[test "x$ENABLED_ARIA" = "xyes"])
if test "$ENABLED_REPRODUCIBLE_BUILD" != "yes" &&
(test "$ax_enable_debug" = "yes" ||
@@ -8648,8 +9357,9 @@ AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h])
AC_CONFIG_FILES([Makefile
wolfssl/version.h
wolfssl/options.h
- cyassl/options.h
support/wolfssl.pc
+ debian/control
+ debian/changelog
rpm/spec
wolfcrypt/test/test_paths.h
])
@@ -8690,8 +9400,10 @@ fi
if test "$ENABLED_REPRODUCIBLE_BUILD" != "yes"
then
- echo "#define LIBWOLFSSL_CONFIGURE_ARGS \"$ac_configure_args\"" | sed 's/\\/\\\\/g' > "${output_objdir}/.build_params" &&
- echo "#define LIBWOLFSSL_GLOBAL_CFLAGS \"$CPPFLAGS $AM_CPPFLAGS $CFLAGS $AM_CFLAGS\" LIBWOLFSSL_GLOBAL_EXTRA_CFLAGS" | sed 's/\\/\\\\/g' >> "${output_objdir}/.build_params" ||
+ ESCAPED_ARGS=$(echo "$ac_configure_args" | sed 's/\\/\\\\/g;s/\"/\\\"/g')
+ ESCAPED_GLOBAL_CFLAGS=$(echo "$CPPFLAGS $AM_CPPFLAGS $CFLAGS $AM_CFLAGS" | sed 's/\\/\\\\/g;s/\"/\\\"/g')
+ echo "#define LIBWOLFSSL_CONFIGURE_ARGS \"$ESCAPED_ARGS\"" > "${output_objdir}/.build_params" &&
+ echo "#define LIBWOLFSSL_GLOBAL_CFLAGS \"$ESCAPED_GLOBAL_CFLAGS\" LIBWOLFSSL_GLOBAL_EXTRA_CFLAGS" >> "${output_objdir}/.build_params" ||
AC_MSG_ERROR([Couldn't create ${output_objdir}/.build_params.])
else
rm -f "${output_objdir}/.build_params"
@@ -8723,16 +9435,17 @@ echo "extern \"C\" {" >> $OPTION_FILE
echo "#endif" >> $OPTION_FILE
echo "" >> $OPTION_FILE
-# check for supported command to trim option with
+# Check for supported command to trim option with.
+# note: cut requires an argument to exit with success.
if colrm >/dev/null 2>&1 </dev/null; then
TRIM="colrm 3"
-elif cut >/dev/null 2>&1 </dev/null; then
+elif cut --version >/dev/null 2>&1 </dev/null; then
TRIM="cut -c1-2"
else
AC_MSG_ERROR([Could not find colrm or cut to make options file])
fi
-for option in $CPPFLAGS $AM_CPPFLAGS $CFLAGS $AM_CFLAGS; do
+for option in $AM_CPPFLAGS $CPPFLAGS $AM_CFLAGS $CFLAGS; do
opt_type=$(echo $option | $TRIM )
case "$opt_type" in
-D)
@@ -8789,32 +9502,10 @@ echo "" >> $OPTION_FILE
echo "#endif /* WOLFSSL_OPTIONS_H */" >> $OPTION_FILE
echo "" >> $OPTION_FILE
-#backwards compatibility for those who have included options or version
-touch cyassl/options.h
-echo "/* cyassl options.h" > cyassl/options.h
-echo " * generated from wolfssl/options.h" >> cyassl/options.h
-echo " */" >> cyassl/options.h
-
-while read -r line
-do
- echo "$line" >> cyassl/options.h
-done < $OPTION_FILE
-
-# switch ifdef protection in cyassl/option.h to CYASSL_OPTONS_H, remove bak
-sed -i.bak 's/WOLFSSL_OPTIONS_H/CYASSL_OPTIONS_H/g' cyassl/options.h
-
-# workaround for mingw sed that may get "Permission denied" trying to preserve permissions
-case $host_os in
- mingw*)
- chmod u+w cyassl/options.h ;;
-esac
-
-rm cyassl/options.h.bak
-
if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_LINUXKM" = "no"
then
SAVE_CFLAGS=$CFLAGS
- CFLAGS="$CFLAGS -I. -I$srcdir"
+ CFLAGS="$CFLAGS $DEFS -I. -I$srcdir"
if test "$ENABLED_INTEL_QA" = "yes"
then
CFLAGS="$CFLAGS $QAT_FLAGS"
@@ -8923,8 +9614,16 @@ echo " * AES-CTR: $ENABLED_AESCTR"
echo " * AES-CFB: $ENABLED_AESCFB"
echo " * AES-OFB: $ENABLED_AESOFB"
echo " * AES-SIV: $ENABLED_AESSIV"
+echo " * AES-EAX: $ENABLED_AESEAX"
+echo " * AES Bitspliced: $ENABLED_AESBS"
+echo " * ARIA: $ENABLED_ARIA"
echo " * DES3: $ENABLED_DES3"
echo " * Camellia: $ENABLED_CAMELLIA"
+echo " * SM4-ECB: $ENABLED_SM4_ECB"
+echo " * SM4-CBC: $ENABLED_SM4_CBC"
+echo " * SM4-CTR: $ENABLED_SM4_CTR"
+echo " * SM4-GCM: $ENABLED_SM4_GCM"
+echo " * SM4-CCM: $ENABLED_SM4_CCM"
echo " * NULL Cipher: $ENABLED_NULL_CIPHER"
echo " * MD2: $ENABLED_MD2"
echo " * MD4: $ENABLED_MD4"
@@ -8937,6 +9636,7 @@ echo " * SHA-512: $ENABLED_SHA512"
echo " * SHA3: $ENABLED_SHA3"
echo " * SHAKE128: $ENABLED_SHAKE128"
echo " * SHAKE256: $ENABLED_SHAKE256"
+echo " * SM3: $ENABLED_SM3"
echo " * BLAKE2: $ENABLED_BLAKE2"
echo " * BLAKE2S: $ENABLED_BLAKE2S"
echo " * SipHash: $ENABLED_SIPHASH"
@@ -8951,11 +9651,13 @@ echo " * XCHACHA: $ENABLED_XCHACHA"
echo " * Hash DRBG: $ENABLED_HASHDRBG"
echo " * MmemUse Entropy: $ENABLED_ENTROPY_MEMUSE"
echo " * PWDBASED: $ENABLED_PWDBASED"
+echo " * Encrypted keys: $ENABLED_ENCKEYS"
echo " * scrypt: $ENABLED_SCRYPT"
echo " * wolfCrypt Only: $ENABLED_CRYPTONLY"
echo " * HKDF: $ENABLED_HKDF"
echo " * HPKE: $ENABLED_HPKE"
echo " * X9.63 KDF: $ENABLED_X963KDF"
+echo " * SRTP-KDF: $ENABLED_SRTP_KDF"
echo " * PSK: $ENABLED_PSK"
echo " * Poly1305: $ENABLED_POLY1305"
echo " * LEANPSK: $ENABLED_LEANPSK"
@@ -8971,12 +9673,20 @@ echo " * ECC Minimum Bits: $ENABLED_ECCMINSZ"
echo " * FPECC: $ENABLED_FPECC"
echo " * ECC_ENCRYPT: $ENABLED_ECC_ENCRYPT"
echo " * Brainpool: $ENABLED_BRAINPOOL"
+echo " * SM2: $ENABLED_SM2"
echo " * CURVE25519: $ENABLED_CURVE25519"
echo " * ED25519: $ENABLED_ED25519"
echo " * ED25519 streaming: $ENABLED_ED25519_STREAM"
echo " * CURVE448: $ENABLED_CURVE448"
echo " * ED448: $ENABLED_ED448"
echo " * ED448 streaming: $ENABLED_ED448_STREAM"
+echo " * LMS: $ENABLED_LMS"
+echo " * LMS wolfSSL impl: $ENABLED_WC_LMS"
+echo " * XMSS: $ENABLED_XMSS"
+echo " * XMSS wolfSSL impl: $ENABLED_WC_XMSS"
+if test "$ENABLED_LIBXMSS" = "yes"; then
+echo " * XMSS_ROOT: $XMSS_ROOT"
+fi
echo " * KYBER: $ENABLED_KYBER"
echo " * KYBER wolfSSL impl: $ENABLED_WC_KYBER"
echo " * ECCSI $ENABLED_ECCSI"
@@ -9006,6 +9716,8 @@ echo " * SIGNAL: $ENABLED_SIGNAL"
echo " * chrony: $ENABLED_CHRONY"
echo " * strongSwan: $ENABLED_STRONGSWAN"
echo " * OpenLDAP: $ENABLED_OPENLDAP"
+echo " * hitch: $ENABLED_HITCH"
+echo " * memcached: $ENABLED_MEMCACHED"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS"
echo " * DTLS v1.3: $ENABLED_DTLS13"
@@ -9031,6 +9743,8 @@ echo " * Persistent session cache: $ENABLED_SAVESESSION"
echo " * Persistent cert cache: $ENABLED_SAVECERT"
echo " * Atomic User Record Layer: $ENABLED_ATOMICUSER"
echo " * Public Key Callbacks: $ENABLED_PKCALLBACKS"
+echo " * libxmss: $ENABLED_LIBXMSS"
+echo " * liblms: $ENABLED_LIBLMS"
echo " * liboqs: $ENABLED_LIBOQS"
echo " * Whitewood netRandom: $ENABLED_WNR"
echo " * Server Name Indication: $ENABLED_SNI"
@@ -9047,8 +9761,11 @@ echo " * Secure Renegotiation: $ENABLED_SECURE_RENEGOTIATION"
echo " * Fallback SCSV: $ENABLED_FALLBACK_SCSV"
echo " * Keying Material Exporter: $ENABLED_KEYING_MATERIAL"
echo " * All TLS Extensions: $ENABLED_TLSX"
-echo " * PKCS#7: $ENABLED_PKCS7"
echo " * S/MIME: $ENABLED_SMIME"
+echo " * PKCS#7: $ENABLED_PKCS7"
+echo " * PKCS#8: $ENABLED_PKCS8"
+echo " * PKCS#11: $ENABLED_PKCS11"
+echo " * PKCS#12: $ENABLED_PKCS12"
echo " * wolfSSH: $ENABLED_WOLFSSH"
echo " * wolfEngine: $ENABLED_WOLFENGINE"
echo " * wolfTPM: $ENABLED_WOLFTPM"
@@ -9065,10 +9782,8 @@ echo " * Stack sizes in tests: $ENABLED_STACKSIZE"
echo " * Heap stats in tests: $ENABLED_TRACKMEMORY"
echo " * User Crypto: $ENABLED_USER_CRYPTO"
echo " * Fast RSA: $ENABLED_FAST_RSA"
-echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
-echo " * PKCS#8: $ENABLED_PKCS8"
-echo " * PKCS#11: $ENABLED_PKCS11"
-echo " * PKCS#12: $ENABLED_PKCS12"
+echo " * Asynchronous Crypto: $ENABLED_ASYNCCRYPT"
+echo " * Asynchronous Crypto (sim): $ENABLED_ASYNCCRYPT_SW"
echo " * Cavium Nitrox: $ENABLED_CAVIUM"
echo " * Cavium Octeon (Sync): $ENABLED_OCTEON_SYNC"
echo " * Intel Quick Assist: $ENABLED_INTEL_QA"
@@ -9078,6 +9793,7 @@ then
fi
echo " * ARM ASM: $ENABLED_ARMASM"
echo " * ARM ASM SHA512/SHA3 Crypto $ENABLED_ARMASM_SHA3"
+echo " * ARM ASM SM3/SM4 Crypto $ENABLED_ARMASM_CRYPTO_SM4"
echo " * AES Key Wrap: $ENABLED_AESKEYWRAP"
echo " * Write duplicate: $ENABLED_WRITEDUP"
echo " * Xilinx Hardware Acc.: $ENABLED_XILINX"
@@ -9085,6 +9801,7 @@ echo " * Inline Code: $ENABLED_INLINE"
echo " * Linux AF_ALG: $ENABLED_AFALG"
echo " * Linux KCAPI: $ENABLED_KCAPI"
echo " * Linux devcrypto: $ENABLED_DEVCRYPTO"
+echo " * PK callbacks: $ENABLED_PKCALLBACKS"
echo " * Crypto callbacks: $ENABLED_CRYPTOCB"
echo " * i.MX CAAM: $ENABLED_CAAM"
echo " * IoT-Safe: $ENABLED_IOTSAFE"
@@ -9095,6 +9812,7 @@ echo " * PSA: $ENABLED_PSA"
echo " * System CA certs: $ENABLED_SYS_CA_CERTS"
echo " * ERR Queues per Thread: $ENABLED_ERRORQUEUEPERTHREAD"
echo " * rwlock: $ENABLED_RWLOCK"
+echo " * keylog export: $ENABLED_KEYLOG_EXPORT"
echo ""
echo "---"
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln b/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln
deleted file mode 100644
index f2154d0d..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln
+++ /dev/null
@@ -1,38 +0,0 @@
-
-Microsoft Visual Studio Solution File, Format Version 9.00
-# Visual C++ Express 2005
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ctaocrypt", "ctaocrypt.vcproj", "{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test", "test\test.vcproj", "{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}"
- ProjectSection(ProjectDependencies) = postProject
- {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62} = {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}
- EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark\benchmark.vcproj", "{615AEC46-5595-4DEA-9490-DBD5DE0F8772}"
- ProjectSection(ProjectDependencies) = postProject
- {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62} = {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}
- EndProjectSection
-EndProject
-Global
- GlobalSection(SolutionConfigurationPlatforms) = preSolution
- Debug|Win32 = Debug|Win32
- Release|Win32 = Release|Win32
- EndGlobalSection
- GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Debug|Win32.ActiveCfg = Debug|Win32
- {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Debug|Win32.Build.0 = Debug|Win32
- {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Release|Win32.ActiveCfg = Release|Win32
- {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Release|Win32.Build.0 = Release|Win32
- {D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.ActiveCfg = Debug|Win32
- {D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.Build.0 = Debug|Win32
- {D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.ActiveCfg = Release|Win32
- {D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.Build.0 = Release|Win32
- {615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.ActiveCfg = Debug|Win32
- {615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.Build.0 = Debug|Win32
- {615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.ActiveCfg = Release|Win32
- {615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.Build.0 = Release|Win32
- EndGlobalSection
- GlobalSection(SolutionProperties) = preSolution
- HideSolutionNode = FALSE
- EndGlobalSection
-EndGlobal
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj b/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj
deleted file mode 100644
index 29ef4d1b..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj
+++ /dev/null
@@ -1,319 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<VisualStudioProject
- ProjectType="Visual C++"
- Version="8.00"
- Name="ctaocrypt"
- ProjectGUID="{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}"
- Keyword="Win32Proj"
- >
- <Platforms>
- <Platform
- Name="Win32"
- />
- </Platforms>
- <ToolFiles>
- </ToolFiles>
- <Configurations>
- <Configuration
- Name="Debug|Win32"
- OutputDirectory="Debug"
- IntermediateDirectory="Debug"
- ConfigurationType="4"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- Optimization="0"
- AdditionalIncludeDirectories="include"
- PreprocessorDefinitions="WIN32;_DEBUG;_LIB;OPENSSL_EXTRA"
- MinimalRebuild="true"
- BasicRuntimeChecks="3"
- RuntimeLibrary="3"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="4"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLibrarianTool"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- <Configuration
- Name="Release|Win32"
- OutputDirectory="Release"
- IntermediateDirectory="Release"
- ConfigurationType="4"
- >
- <Tool
- Name="VCPreBuildEventTool"
- />
- <Tool
- Name="VCCustomBuildTool"
- />
- <Tool
- Name="VCXMLDataGeneratorTool"
- />
- <Tool
- Name="VCWebServiceProxyGeneratorTool"
- />
- <Tool
- Name="VCMIDLTool"
- />
- <Tool
- Name="VCCLCompilerTool"
- AdditionalIncludeDirectories="include"
- PreprocessorDefinitions="WIN32;NDEBUG;_LIB;OPENSSL_EXTRA"
- RuntimeLibrary="2"
- UsePrecompiledHeader="0"
- WarningLevel="3"
- Detect64BitPortabilityProblems="true"
- DebugInformationFormat="3"
- />
- <Tool
- Name="VCManagedResourceCompilerTool"
- />
- <Tool
- Name="VCResourceCompilerTool"
- />
- <Tool
- Name="VCPreLinkEventTool"
- />
- <Tool
- Name="VCLibrarianTool"
- />
- <Tool
- Name="VCALinkTool"
- />
- <Tool
- Name="VCXDCMakeTool"
- />
- <Tool
- Name="VCBscMakeTool"
- />
- <Tool
- Name="VCFxCopTool"
- />
- <Tool
- Name="VCPostBuildEventTool"
- />
- </Configuration>
- </Configurations>
- <References>
- </References>
- <Files>
- <Filter
- Name="Header Files"
- Filter="h;hpp;hxx;hm;inl;inc;xsd"
- UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
- >
- <File
- RelativePath=".\include\aes.h"
- >
- </File>
- <File
- RelativePath=".\include\arc4.h"
- >
- </File>
- <File
- RelativePath=".\include\asn.h"
- >
- </File>
- <File
- RelativePath=".\include\coding.h"
- >
- </File>
- <File
- RelativePath=".\include\config.h"
- >
- </File>
- <File
- RelativePath=".\include\des3.h"
- >
- </File>
- <File
- RelativePath=".\include\dh.h"
- >
- </File>
- <File
- RelativePath=".\include\dsa.h"
- >
- </File>
- <File
- RelativePath=".\include\error-crypt.h"
- >
- </File>
- <File
- RelativePath=".\include\hmac.h"
- >
- </File>
- <File
- RelativePath=".\include\integer.h"
- >
- </File>
- <File
- RelativePath=".\include\md4.h"
- >
- </File>
- <File
- RelativePath=".\include\md5.h"
- >
- </File>
- <File
- RelativePath=".\include\misc.h"
- >
- </File>
- <File
- RelativePath=".\include\mpi_class.h"
- >
- </File>
- <File
- RelativePath=".\include\mpi_superclass.h"
- >
- </File>
- <File
- RelativePath=".\include\chacha.h"
- >
- </File>
- <File
- RelativePath=".\include\random.h"
- >
- </File>
- <File
- RelativePath=".\include\rsa.h"
- >
- </File>
- <File
- RelativePath=".\include\sha.h"
- >
- </File>
- <File
- RelativePath=".\include\sha256.h"
- >
- </File>
- <File
- RelativePath=".\include\types.h"
- >
- </File>
- </Filter>
- <Filter
- Name="Resource Files"
- Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
- UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
- >
- </Filter>
- <Filter
- Name="Source Files"
- Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
- UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
- >
- <File
- RelativePath=".\src\aes.c"
- >
- </File>
- <File
- RelativePath=".\src\arc4.c"
- >
- </File>
- <File
- RelativePath=".\src\asn.c"
- >
- </File>
- <File
- RelativePath=".\src\coding.c"
- >
- </File>
- <File
- RelativePath=".\src\des3.c"
- >
- </File>
- <File
- RelativePath=".\src\dh.c"
- >
- </File>
- <File
- RelativePath=".\src\dsa.c"
- >
- </File>
- <File
- RelativePath=".\src\hmac.c"
- >
- </File>
- <File
- RelativePath=".\src\integer.c"
- >
- </File>
- <File
- RelativePath=".\src\md4.c"
- >
- </File>
- <File
- RelativePath=".\src\md5.c"
- >
- </File>
- <File
- RelativePath=".\src\wc_port.c"
- >
- </File>
- <File
- RelativePath=".\src\chacha.c"
- >
- </File>
- <File
- RelativePath=".\src\random.c"
- >
- </File>
- <File
- RelativePath=".\src\rsa.c"
- >
- </File>
- <File
- RelativePath=".\src\sha.c"
- >
- </File>
- <File
- RelativePath=".\src\sha256.c"
- >
- </File>
- </Filter>
- </Files>
- <Globals>
- </Globals>
-</VisualStudioProject>
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/aes.c b/extra/wolfssl/wolfssl/ctaocrypt/src/aes.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/aes.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/des3.c b/extra/wolfssl/wolfssl/ctaocrypt/src/des3.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/des3.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c b/extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/random.c b/extra/wolfssl/wolfssl/ctaocrypt/src/random.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/random.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c b/extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/sha.c b/extra/wolfssl/wolfssl/ctaocrypt/src/sha.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/sha.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c b/extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c b/extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/cyassl/certs_test.h b/extra/wolfssl/wolfssl/cyassl/certs_test.h
deleted file mode 100644
index c8465ac8..00000000
--- a/extra/wolfssl/wolfssl/cyassl/certs_test.h
+++ /dev/null
@@ -1,10 +0,0 @@
-/* certs_test.h */
-
-#include <wolfssl/certs_test.h>
-
-#ifndef CYASSL_CERTS_TEST_H
- #define CYASSL_CERTS_TEST_H WOLFSSL_CERTS_TEST_H
-#else
- #undef CYASSL_CERTS_TEST_H
- #define CYASSL_CERTS_TEST_H WOLFSSL_CERTS_TEST_H
-#endif
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h
deleted file mode 100644
index 023b7871..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/* aes.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_AES
-
-#ifndef CTAO_CRYPT_AES_H
-#define CTAO_CRYPT_AES_H
-
-#include <wolfssl/wolfcrypt/aes.h>
-#define AesSetKey wc_AesSetKey
-#define AesSetIV wc_AesSetIV
-#define AesCbcEncrypt wc_AesCbcEncrypt
-#define AesCbcDecrypt wc_AesCbcDecrypt
-#define AesCbcDecryptWithKey wc_AesCbcDecryptWithKey
-
-/* AES-CTR */
-#ifdef WOLFSSL_AES_COUNTER
- #define AesCtrEncrypt wc_AesCtrEncrypt
-#endif
-/* AES-DIRECT */
-#if defined(WOLFSSL_AES_DIRECT)
- #define AesEncryptDirect wc_AesEncryptDirect
- #define AesDecryptDirect wc_AesDecryptDirect
- #define AesSetKeyDirect wc_AesSetKeyDirect
-#endif
-#ifdef HAVE_AESGCM
- #define AesGcmSetKey wc_AesGcmSetKey
- #define AesGcmEncrypt wc_AesGcmEncrypt
- #define AesGcmDecrypt wc_AesGcmDecrypt
- #define GmacSetKey wc_GmacSetKey
- #define GmacUpdate wc_GmacUpdate
-#endif /* HAVE_AESGCM */
-#ifdef HAVE_AESCCM
- #define AesCcmSetKey wc_AesCcmSetKey
- #define AesCcmEncrypt wc_AesCcmEncrypt
- #define AesCcmDecrypt wc_AesCcmDecrypt
-#endif /* HAVE_AESCCM */
-
-#endif /* CTAO_CRYPT_AES_H */
-#endif /* NO_AES */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h
deleted file mode 100644
index a1d05a71..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* asn.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef NO_ASN
-
-#ifndef CTAO_CRYPT_ASN_H
-#define CTAO_CRYPT_ASN_H
-
-/* pull in compatibility for each include */
-#include <cyassl/ctaocrypt/dh.h>
-#include <cyassl/ctaocrypt/dsa.h>
-#include <cyassl/ctaocrypt/sha.h>
-#include <cyassl/ctaocrypt/md5.h>
-#include <cyassl/ctaocrypt/asn_public.h> /* public interface */
-#ifdef HAVE_ECC
- #include <cyassl/ctaocrypt/ecc.h>
-#endif
-
-
-#include <wolfssl/wolfcrypt/asn.h>
-
-#ifndef NO_FILESYSTEM
- #define CyaSSL_PemCertToDer wc_PemCertToDer
-#endif
-
-#endif /* CTAO_CRYPT_ASN_H */
-
-#endif /* !NO_ASN */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h
deleted file mode 100644
index bc4cd182..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h
+++ /dev/null
@@ -1,75 +0,0 @@
-/* asn_public.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_ASN_PUBLIC_H
-#define CTAO_CRYPT_ASN_PUBLIC_H
-
-/* pull in compatibility for each of the includes */
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/ecc.h>
-#ifdef WOLFSSL_CERT_GEN
- #include <cyassl/ctaocrypt/rsa.h>
-#endif
-
-#include <wolfssl/wolfcrypt/asn_public.h>
-#ifdef WOLFSSL_CERT_GEN
- #define InitCert wc_InitCert
- #define MakeCert wc_MakeCert
-
- #ifdef WOLFSSL_CERT_REQ
- #define MakeCertReq wc_MakeCertReq
-#endif
-
- #define SignCert wc_SignCert
- #define MakeSelfCert wc_MakeSelfCert
- #define SetIssuer wc_SetIssuer
- #define SetSubject wc_SetSubject
-
- #ifdef WOLFSSL_ALT_NAMES
- #define SetAltNames wc_SetAltNames
-#endif
-
- #define SetIssuerBuffer wc_SetIssuerBuffer
- #define SetSubjectBuffer wc_SetSubjectBuffer
- #define SetAltNamesBuffer wc_SetAltNamesBuffer
- #define SetDatesBuffer wc_SetDatesBuffer
-
-#endif /* WOLFSSL_CERT_GEN */
-
- #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
- #define DerToPem wc_DerToPem
-#endif
-
-#ifdef HAVE_ECC
- /* private key helpers */
- #define EccPrivateKeyDecode wc_EccPrivateKeyDecode
- #define EccKeyToDer wc_EccKeyToDer
-#endif
-
- /* DER encode signature */
- #define EncodeSignature wc_EncodeSignature
- #define GetCTC_HashOID wc_GetCTC_HashOID
-
-#endif /* CTAO_CRYPT_ASN_PUBLIC_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h
deleted file mode 100644
index 2efe5386..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- BLAKE2 reference source code package - reference C implementations
-
- Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
- To the extent possible under law, the author(s) have dedicated all copyright
- and related and neighboring rights to this software to the public domain
- worldwide. This software is distributed without any warranty.
-
- You should have received a copy of the CC0 Public Domain Dedication along with
- this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2-impl.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAOCRYPT_BLAKE2_IMPL_H
-#define CTAOCRYPT_BLAKE2_IMPL_H
-
-#include <cyassl/ctaocrypt/types.h>
-#include <wolfssl/wolfcrypt/blake2-impl.h>
-
-#endif /* CTAOCRYPT_BLAKE2_IMPL_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h
deleted file mode 100644
index e5cc3d36..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- BLAKE2 reference source code package - reference C implementations
-
- Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
- To the extent possible under law, the author(s) have dedicated all copyright
- and related and neighboring rights to this software to the public domain
- worldwide. This software is distributed without any warranty.
-
- You should have received a copy of the CC0 Public Domain Dedication along with
- this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2-int.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-#ifndef CTAOCRYPT_BLAKE2_INT_H
-#define CTAOCRYPT_BLAKE2_INT_H
-
-#include <cyassl/ctaocrypt/types.h>
-#include <wolfssl/wolfcrypt/blake2-int.h>
-
-#endif /* CTAOCRYPT_BLAKE2_INT_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h
deleted file mode 100644
index e63656ab..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* blake2.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_BLAKE2
-
-#ifndef CTAOCRYPT_BLAKE2_H
-#define CTAOCRYPT_BLAKE2_H
-
-#include <wolfssl/wolfcrypt/blake2.h>
-
-/* for blake2 reverse compatibility */
-#ifndef HAVE_FIPS
- #define InitBlake2b wc_InitBlake2b
- #define Blake2bUpdate wc_Blake2bUpdate
- #define Blake2bFinal wc_Blake2bFinal
-#else
- /* name for when fips hmac calls blake */
- #define wc_InitBlake2b InitBlake2b
- #define wc_Blake2bUpdate Blake2bUpdate
- #define wc_Blake2bFinal Blake2bFinal
-#endif /* HAVE_FIPS */
-
-#endif /* CTAOCRYPT_BLAKE2_H */
-#endif /* HAVE_BLAKE2 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h
deleted file mode 100644
index 880960f1..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* camellia.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef CTAO_CRYPT_CAMELLIA_H
-#define CTAO_CRYPT_CAMELLIA_H
-
-
-/* for camellia reverse compatibility */
-#ifdef HAVE_CAMELLIA
- #include <wolfssl/wolfcrypt/camellia.h>
- #define CamelliaSetKey wc_CamelliaSetKey
- #define CamelliaSetIV wc_CamelliaSetIV
- #define CamelliaEncryptDirect wc_CamelliaEncryptDirect
- #define CamelliaDecryptDirect wc_CamelliaDecryptDirect
- #define CamelliaCbcEncrypt wc_CamelliaCbcEncrypt
- #define CamelliaCbcDecrypt wc_CamelliaCbcDecrypt
-#endif
-
-#endif /* CTAO_CRYPT_CAMELLIA_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h
deleted file mode 100644
index 1a07289d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/* chacha.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef CTAO_CRYPT_CHACHA_H
-#define CTAO_CRYPT_CHACHA_H
-
-
-/* for chacha reverse compatibility */
-#ifdef HAVE_CHACHA
- #include <wolfssl/wolfcrypt/chacha.h>
- #define Chacha_Process wc_Chacha_Process
- #define Chacha_SetKey wc_Chacha_SetKey
- #define Chacha_SetIV wc_Chacha_SetIV
-#endif
-
-#endif /* CTAO_CRYPT_CHACHA_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h
deleted file mode 100644
index 3050d85e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* compress.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_LIBZ
-
-#ifndef CTAO_CRYPT_COMPRESS_H
-#define CTAO_CRYPT_COMPRESS_H
-
-#include <wolfssl/wolfcrypt/compress.h>
-
-/* reverse compatibility */
-#define Compress wc_Compress
-#define DeCompress wc_DeCompress
-
-#endif /* CTAO_CRYPT_COMPRESS_H */
-
-#endif /* HAVE_LIBZ */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h
deleted file mode 100644
index 498ffba4..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/* des3.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_DES3
-
-#ifndef CTAO_CRYPT_DES3_H
-#define CTAO_CRYPT_DES3_H
-
-
-#include <wolfssl/wolfcrypt/des3.h>
-#define Des_SetKey wc_Des_SetKey
-#define Des_SetIV wc_Des_SetIV
-#define Des_CbcEncrypt wc_Des_CbcEncrypt
-#define Des_CbcDecrypt wc_Des_CbcDecrypt
-#define Des_EcbEncrypt wc_Des_EcbEncrypt
-#define Des_CbcDecryptWithKey wc_Des_CbcDecryptWithKey
-#define Des3_SetKey wc_Des3_SetKey
-#define Des3_SetIV wc_Des3_SetIV
-#define Des3_CbcEncrypt wc_Des3_CbcEncrypt
-#define Des3_CbcDecrypt wc_Des3_CbcDecrypt
-#define Des3_CbcDecryptWithKey wc_Des3_CbcDecryptWithKey
-#ifdef WOLFSSL_ASYNC_CRYPT
- #define Des3AsyncInit wc_Des3AsyncInit
- #define Des3AsyncFree wc_Des3AsyncFree
-#endif
-
-#endif /* NO_DES3 */
-#endif /* CTAO_CRYPT_DES3_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h
deleted file mode 100644
index b28bd494..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* ecc.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifdef HAVE_ECC
-
-#ifndef CTAO_CRYPT_ECC_H
-#define CTAO_CRYPT_ECC_H
-
-#include <wolfssl/wolfcrypt/ecc.h>
-
-/* includes for compatibility */
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/integer.h>
-#include <cyassl/ctaocrypt/random.h>
-
-/* for ecc reverse compatibility */
-#ifdef HAVE_ECC
- #define ecc_make_key wc_ecc_make_key
- #define ecc_shared_secret wc_ecc_shared_secret
- #define ecc_sign_hash wc_ecc_sign_hash
- #define ecc_verify_hash wc_ecc_verify_hash
- #define ecc_init wc_ecc_init
- #define ecc_free wc_ecc_free
- #define ecc_fp_free wc_ecc_fp_free
- #define ecc_export_x963 wc_ecc_export_x963
- #define ecc_size wc_ecc_size
- #define ecc_sig_size wc_ecc_sig_size
- #define ecc_export_x963_ex wc_ecc_export_x963_ex
- #define ecc_import_x963 wc_ecc_import_x963
- #define ecc_import_private_key wc_ecc_import_private_key
- #define ecc_rs_to_sig wc_ecc_rs_to_sig
- #define ecc_import_raw wc_ecc_import_raw
- #define ecc_export_private_only wc_ecc_export_private_only
-
-#ifdef HAVE_ECC_ENCRYPT
- /* ecc encrypt */
- #define ecc_ctx_new wc_ecc_ctx_new
- #define ecc_ctx_free wc_ecc_ctx_free
- #define ecc_ctx_reset wc_ecc_ctx_reset
- #define ecc_ctx_get_own_salt wc_ecc_ctx_get_own_salt
- #define ecc_ctx_set_peer_salt wc_ecc_ctx_set_peer_salt
- #define ecc_ctx_set_info wc_ecc_ctx_set_info
- #define ecc_encrypt wc_ecc_encrypt
- #define ecc_decrypt wc_ecc_decrypt
-#endif /* HAVE_ECC_ENCRYPT */
-#endif
-
-#endif /* CTAO_CRYPT_ECC_H */
-#endif /* HAVE_ECC */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h
deleted file mode 100644
index fcde0f58..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/* error-crypt.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_ERROR_H
-#define CTAO_CRYPT_ERROR_H
-
-/* for name change and fips compatibility @wc_fips */
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#define CTaoCryptErrorString wc_ErrorString
-#define CTaoCryptGetErrorString wc_GetErrorString
-
-#endif /* CTAO_CRYPT_ERROR_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h
deleted file mode 100644
index 0e0ca1fd..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/* fips_test.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_FIPS_TEST_H
-#define CTAO_CRYPT_FIPS_TEST_H
-
-#include <cyassl/ctaocrypt/types.h>
-
-
-#ifdef __cplusplus
- extern "C" {
-#endif
-
-/* Known Answer Test string inputs are hex, internal */
-CYASSL_LOCAL int DoKnownAnswerTests(char*, int);
-
-
-/* FIPS failure callback */
-typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash);
-
-/* Public set function */
-CYASSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
-
-/* Public get status functions */
-CYASSL_API int wolfCrypt_GetStatus_fips(void);
-CYASSL_API const char* wolfCrypt_GetCoreHash_fips(void);
-
-#ifdef HAVE_FORCE_FIPS_FAILURE
- /* Public function to force failure mode for operational testing */
- CYASSL_API int wolfCrypt_SetStatus_fips(int);
-#endif
-
-
-#ifdef __cplusplus
- } /* extern "C" */
-#endif
-
-#endif /* CTAO_CRYPT_FIPS_TEST_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h
deleted file mode 100644
index 926cce30..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* hmac.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_HMAC
-
-#ifndef CTAO_CRYPT_HMAC_H
-#define CTAO_CRYPT_HMAC_H
-
-#include <wolfssl/wolfcrypt/hmac.h>
-#define HmacSetKey wc_HmacSetKey
-#define HmacUpdate wc_HmacUpdate
-#define HmacFinal wc_HmacFinal
-#ifdef WOLFSSL_ASYNC_CRYPT
- #define HmacAsyncInit wc_HmacAsyncInit
- #define HmacAsyncFree wc_HmacAsyncFree
-#endif
-#define CyaSSL_GetHmacMaxSize wolfSSL_GetHmacMaxSize
-#ifdef HAVE_HKDF
- #define HKDF wc_HKDF
-#endif /* HAVE_HKDF */
-
-#endif /* CTAO_CRYPT_HMAC_H */
-
-#endif /* NO_HMAC */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am
deleted file mode 100644
index 0a3ec343..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am
+++ /dev/null
@@ -1,52 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-
-EXTRA_DIST+= ctaocrypt/src/misc.c
-
-nobase_include_HEADERS+= \
- cyassl/ctaocrypt/aes.h \
- cyassl/ctaocrypt/arc4.h \
- cyassl/ctaocrypt/asn.h \
- cyassl/ctaocrypt/asn_public.h \
- cyassl/ctaocrypt/poly1305.h \
- cyassl/ctaocrypt/camellia.h \
- cyassl/ctaocrypt/coding.h \
- cyassl/ctaocrypt/compress.h \
- cyassl/ctaocrypt/des3.h \
- cyassl/ctaocrypt/dh.h \
- cyassl/ctaocrypt/dsa.h \
- cyassl/ctaocrypt/ecc.h \
- cyassl/ctaocrypt/error-crypt.h \
- cyassl/ctaocrypt/fips_test.h \
- cyassl/ctaocrypt/hmac.h \
- cyassl/ctaocrypt/integer.h \
- cyassl/ctaocrypt/md2.h \
- cyassl/ctaocrypt/md4.h \
- cyassl/ctaocrypt/md5.h \
- cyassl/ctaocrypt/misc.h \
- cyassl/ctaocrypt/pkcs7.h \
- cyassl/ctaocrypt/wc_port.h \
- cyassl/ctaocrypt/pwdbased.h \
- cyassl/ctaocrypt/chacha.h \
- cyassl/ctaocrypt/random.h \
- cyassl/ctaocrypt/ripemd.h \
- cyassl/ctaocrypt/rsa.h \
- cyassl/ctaocrypt/settings.h \
- cyassl/ctaocrypt/settings_comp.h \
- cyassl/ctaocrypt/sha256.h \
- cyassl/ctaocrypt/sha512.h \
- cyassl/ctaocrypt/sha.h \
- cyassl/ctaocrypt/blake2.h \
- cyassl/ctaocrypt/blake2-int.h \
- cyassl/ctaocrypt/blake2-impl.h \
- cyassl/ctaocrypt/tfm.h \
- cyassl/ctaocrypt/types.h \
- cyassl/ctaocrypt/visibility.h \
- cyassl/ctaocrypt/logging.h \
- cyassl/ctaocrypt/memory.h \
- cyassl/ctaocrypt/mpi_class.h \
- cyassl/ctaocrypt/mpi_superclass.h
-
-noinst_HEADERS+= \
- cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h
deleted file mode 100644
index 670a83cd..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/* integer.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/*
- * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-#ifndef CTAO_CRYPT_INTEGER_H
-#define CTAO_CRYPT_INTEGER_H
-
-#include <wolfssl/wolfcrypt/integer.h>
-
-#endif /* CTAO_CRYPT_INTEGER_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h
deleted file mode 100644
index 4fc9fbf1..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* logging.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* submitted by eof */
-
-
-#ifndef CYASSL_LOGGING_H
-#define CYASSL_LOGGING_H
-
-/* for fips compatibility @wc_fips */
-#include <wolfssl/wolfcrypt/logging.h>
-#define CYASSL_LEAVE WOLFSSL_LEAVE
-#define CYASSL_ERROR WOLFSSL_ERROR
-#define CYASSL_ENTER WOLFSSL_ENTER
-#define CYASSL_MSG WOLFSSL_MSG
-/* check old macros possibly declared */
-#if defined(DEBUG_CYASSL) && !defined(DEBUG_WOLFSSL)
- #define DEBUG_WOLFSSL
-#endif
-
-#endif /* CYASSL_LOGGING_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h
deleted file mode 100644
index d758875f..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/* md2.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/* check for old macro */
-#if !defined(CYASSL_MD2) && defined(WOLFSSL_MD2)
- #define CYASSL_MD2
-#endif
-
-#ifdef CYASSL_MD2
-
-#ifndef CTAO_CRYPT_MD2_H
-#define CTAO_CRYPT_MD2_H
-
-#include <wolfssl/wolfcrypt/md2.h>
-
-#define InitMd2 wc_InitMd2
-#define Md2Update wc_Md2Update
-#define Md2Final wc_Md2Final
-#define Md2Hash wc_Md2Hash
-
-#endif /* CTAO_CRYPT_MD2_H */
-#endif /* CYASSL_MD2 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h
deleted file mode 100644
index 0e0fa359..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* md4.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_MD4
-
-#ifndef CTAO_CRYPT_MD4_H
-#define CTAO_CRYPT_MD4_H
-
-#include <wolfssl/wolfcrypt/md4.h>
-
-#define InitMd4 wc_InitMd4
-#define Md4Update wc_Md4Update
-#define Md4Final wc_Md4Final
-
-#endif /* CTAO_CRYPT_MD4_H */
-
-#endif /* NO_MD4 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h
deleted file mode 100644
index 842ea6fc..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* md5.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef NO_MD5
-
-#ifndef CTAO_CRYPT_MD5_H
-#define CTAO_CRYPT_MD5_H
-
-#include <wolfssl/wolfcrypt/md5.h>
-
-#ifndef HAVE_FIPS
- #define InitMd5 wc_InitMd5
- #define Md5Update wc_Md5Update
- #define Md5Final wc_Md5Final
- #define Md5Hash wc_Md5Hash
-#else
- /* redfined name so that hmac is calling same function names with fips */
- #define wc_InitMd5 InitMd5
- #define wc_Md5Update Md5Update
- #define wc_Md5Final Md5Final
- #define wc_Md5Hash Md5Hash
-#endif
-
-#endif /* CTAO_CRYPT_MD5_H */
-#endif /* NO_MD5 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h
deleted file mode 100644
index 1ba48406..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* memory.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* submitted by eof */
-
-
-#ifndef CYASSL_MEMORY_H
-#define CYASSL_MEMORY_H
-
-
-#include <wolfssl/wolfcrypt/memory.h>
-#define CyaSSL_Malloc_cb wolfSSL_Malloc_cb
-#define CyaSSL_Free_cb wolfSSL_Free_cb
-#define CyaSSL_Realloc_cb wolfSSL_Realloc_cb
-#define CyaSSL_SetAllocators wolfSSL_SetAllocators
-
-/* Public in case user app wants to use XMALLOC/XFREE */
-#define CyaSSL_Malloc wolfSSL_Malloc
-#define CyaSSL_Free wolfSSL_Free
-#define CyaSSL_Realloc wolfSSL_Realloc
-
-#endif /* CYASSL_MEMORY_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h
deleted file mode 100644
index f9d895e6..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* pkcs7.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_PKCS7
-
-#ifndef CTAO_CRYPT_PKCS7_H
-#define CTAO_CRYPT_PKCS7_H
-
-/* pull in compatibility for old includes */
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/asn.h>
-#include <cyassl/ctaocrypt/asn_public.h>
-#include <cyassl/ctaocrypt/random.h>
-#include <cyassl/ctaocrypt/des3.h>
-
-#include <wolfssl/wolfcrypt/pkcs7.h>
-
-/* for pkcs7 reverse compatibility */
-#define SetContentType wc_SetContentType
-#define GetContentType wc_GetContentType
-#define CreateRecipientInfo wc_CreateRecipientInfo
-#define PKCS7_InitWithCert wc_PKCS7_InitWithCert
-#define PKCS7_Free wc_PKCS7_Free
-#define PKCS7_EncodeData wc_PKCS7_EncodeData
-#define PKCS7_EncodeSignedData wc_PKCS7_EncodeSignedData
-#define PKCS7_VerifySignedData wc_PKCS7_VerifySignedData
-#define PKCS7_EncodeEnvelopedData wc_PKCS7_EncodeEnvelopedData
-#define PKCS7_DecodeEnvelopedData wc_PKCS7_DecodeEnvelopedData
-
-#endif /* CTAO_CRYPT_PKCS7_H */
-
-#endif /* HAVE_PKCS7 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h
deleted file mode 100644
index 75f28f55..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* poly1305.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_POLY1305
-
-#ifndef CTAO_CRYPT_POLY1305_H
-#define CTAO_CRYPT_POLY1305_H
-
-#include <wolfssl/wolfcrypt/poly1305.h>
-
-/* for poly1305 reverse compatibility */
-#define Poly1305SetKey wc_Poly1305SetKey
-#define Poly1305Update wc_Poly1305Update
-#define Poly1305Final wc_Poly1305Final
-
-#endif /* CTAO_CRYPT_POLY1305_H */
-
-#endif /* HAVE_POLY1305 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
deleted file mode 100644
index 2134da24..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* pic32mz-crypt.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef PIC32MZ_CRYPT_H
-#define PIC32MZ_CRYPT_H
-
-#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
-
-#endif /* PIC32MZ_CRYPT_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h
deleted file mode 100644
index e460ef27..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* pwdbased.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_PWDBASED
-
-#ifndef CTAO_CRYPT_PWDBASED_H
-#define CTAO_CRYPT_PWDBASED_H
-
-/* for pwdbased reverse compatibility */
-#include <wolfssl/wolfcrypt/pwdbased.h>
-#define PBKDF1 wc_PBKDF1
-#define PBKDF2 wc_PBKDF2
-#define PKCS12_PBKDF wc_PKCS12_PBKDF
-
-#endif /* CTAO_CRYPT_PWDBASED_H */
-#endif /* NO_PWDBASED */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h
deleted file mode 100644
index bacd423a..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* random.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_RANDOM_H
-#define CTAO_CRYPT_RANDOM_H
-
- /* for random.h compatibility */
- #include <wolfssl/wolfcrypt/random.h>
- #define InitRng wc_InitRng
- #define RNG_GenerateBlock wc_RNG_GenerateBlock
- #define RNG_GenerateByte wc_RNG_GenerateByte
- #define FreeRng wc_FreeRng
-
- #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
- #define RNG_HealthTest wc_RNG_HealthTest
- #endif /* HAVE_HASHDRBG || NO_RC4 */
-
-#endif /* CTAO_CRYPT_RANDOM_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h
deleted file mode 100644
index bff7403c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* ripemd.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-#ifndef CTAO_CRYPT_RIPEMD_H
-#define CTAO_CRYPT_RIPEME_H
-
-#include <wolfssl/wolfcrypt/ripemd.h>
-
-/* for ripemd reverse compatibility */
-#ifdef WOLFSSL_RIPEMD
- #define InitRipeMd wc_InitRipeMd
- #define RipeMdUpdate wc_RipeMdUpdate
- #define RipeMdFinal wc_RipeMdFinal
-#endif
-
-#endif /* CTAO_CRYPT_RIPEMD_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h
deleted file mode 100644
index c874f346..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/* rsa.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef NO_RSA
-
-#ifndef CTAO_CRYPT_RSA_H
-#define CTAO_CRYPT_RSA_H
-
-#include <wolfssl/wolfcrypt/rsa.h>
-/* includes for their compatibility */
-#include <cyassl/ctaocrypt/integer.h>
-#include <cyassl/ctaocrypt/random.h>
-#include <cyassl/ctaocrypt/settings.h>
-
-#define InitRsaKey wc_InitRsaKey
-#define FreeRsaKey wc_FreeRsaKey
-#define RsaPublicEncrypt wc_RsaPublicEncrypt
-#define RsaPrivateDecryptInline wc_RsaPrivateDecryptInline
-#define RsaPrivateDecrypt wc_RsaPrivateDecrypt
-#define RsaSSL_Sign wc_RsaSSL_Sign
-#define RsaSSL_VerifyInline wc_RsaSSL_VerifyInline
-#define RsaSSL_Verify wc_RsaSSL_Verify
-#define RsaEncryptSize wc_RsaEncryptSize
-#define RsaFlattenPublicKey wc_RsaFlattenPublicKey
-
-#ifdef WOLFSSL_KEY_GEN
- #define MakeRsaKey wc_MakeRsaKey
- #define RsaKeyToDer wc_RsaKeyToDer
- #define CheckProbablePrime wc_CheckProbablePrime
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
- #define RsaAsyncInit wc_RsaAsyncInit
- #define RsaAsyncFree wc_RsaAsyncFree
-#endif
-
-#endif /* CTAO_CRYPT_RSA_H */
-
-#endif /* NO_RSA */
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h
deleted file mode 100644
index 46012d4d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h
+++ /dev/null
@@ -1,702 +0,0 @@
-/* settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* Place OS specific preprocessor flags, defines, includes here, will be
- included into every file because types.h includes it */
-
-
-#ifndef CTAO_CRYPT_SETTINGS_H
-#define CTAO_CRYPT_SETTINGS_H
-
-#ifdef __cplusplus
- extern "C" {
-#endif
-
-/* Uncomment next line if using IPHONE */
-/* #define IPHONE */
-
-/* Uncomment next line if using ThreadX */
-/* #define THREADX */
-
-/* Uncomment next line if using Micrium ucOS */
-/* #define MICRIUM */
-
-/* Uncomment next line if using Mbed */
-/* #define MBED */
-
-/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
-/* #define MICROCHIP_PIC32 */
-
-/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
-/* #define MICROCHIP_TCPIP_V5 */
-
-/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
-/* #define MICROCHIP_TCPIP */
-
-/* Uncomment next line if using PIC32MZ Crypto Engine */
-/* #define CYASSL_MICROCHIP_PIC32MZ */
-
-/* Uncomment next line if using FreeRTOS */
-/* #define FREERTOS */
-
-/* Uncomment next line if using FreeRTOS Windows Simulator */
-/* #define FREERTOS_WINSIM */
-
-/* Uncomment next line if using RTIP */
-/* #define EBSNET */
-
-/* Uncomment next line if using lwip */
-/* #define CYASSL_LWIP */
-
-/* Uncomment next line if building CyaSSL for a game console */
-/* #define CYASSL_GAME_BUILD */
-
-/* Uncomment next line if building CyaSSL for LSR */
-/* #define CYASSL_LSR */
-
-/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
-/* #define FREESCALE_MQX */
-
-/* Uncomment next line if using STM32F2 */
-/* #define CYASSL_STM32F2 */
-
-/* Uncomment next line if using QL SEP settings */
-/* #define CYASSL_QL */
-
-/* Uncomment next line if building for EROAD */
-/* #define CYASSL_EROAD */
-
-/* Uncomment next line if building for IAR EWARM */
-/* #define CYASSL_IAR_ARM */
-
-/* Uncomment next line if using TI-RTOS settings */
-/* #define CYASSL_TIRTOS */
-
-/* Uncomment next line if building with PicoTCP */
-/* #define CYASSL_PICOTCP */
-
-/* Uncomment next line if building for PicoTCP demo bundle */
-/* #define CYASSL_PICOTCP_DEMO */
-
-#include <cyassl/ctaocrypt/visibility.h>
-
-#ifdef IPHONE
- #define SIZEOF_LONG_LONG 8
-#endif
-
-
-#ifdef CYASSL_USER_SETTINGS
- #include <user_settings.h>
-#endif
-
-/* for reverse compatibility after name change */
-#include <cyassl/ctaocrypt/settings_comp.h>
-
-#ifdef THREADX
- #define SIZEOF_LONG_LONG 8
-#endif
-
-#ifdef HAVE_NETX
- #include "nx_api.h"
-#endif
-
-#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
- #define CYASSL_LWIP
- #define NO_WRITEV
- #define SINGLE_THREADED
- #define CYASSL_USER_IO
- #define NO_FILESYSTEM
-#endif
-
-#if defined(CYASSL_IAR_ARM)
- #define NO_MAIN_DRIVER
- #define SINGLE_THREADED
- #define USE_CERT_BUFFERS_1024
- #define BENCH_EMBEDDED
- #define NO_FILESYSTEM
- #define NO_WRITEV
- #define CYASSL_USER_IO
- #define BENCH_EMBEDDED
-#endif
-
-#ifdef MICROCHIP_PIC32
- /* #define CYASSL_MICROCHIP_PIC32MZ */
- #define SIZEOF_LONG_LONG 8
- #define SINGLE_THREADED
- #define CYASSL_USER_IO
- #define NO_WRITEV
- #define NO_DEV_RANDOM
- #define NO_FILESYSTEM
- #define USE_FAST_MATH
- #define TFM_TIMING_RESISTANT
-#endif
-
-#if defined(CYASSL_MICROCHIP_PIC32MZ) || defined(WOLFSSL_MICROCHIP_PIC32MZ)
- #ifndef NO_PIC32MZ_CRYPT
- #define WOLFSSL_PIC32MZ_CRYPT
- #endif
- #ifndef NO_PIC32MZ_RNG
- #define WOLFSSL_PIC32MZ_RNG
- #endif
- #ifndef NO_PIC32MZ_HASH
- #define WOLFSSL_PIC32MZ_HASH
- #endif
-
- #define CYASSL_AES_COUNTER
- #define HAVE_AESGCM
- #define NO_BIG_INT
-#endif
-
-#ifdef MICROCHIP_TCPIP_V5
- /* include timer functions */
- #include "TCPIP Stack/TCPIP.h"
-#endif
-
-#ifdef MICROCHIP_TCPIP
- /* include timer, NTP functions */
- #ifdef MICROCHIP_MPLAB_HARMONY
- #include "tcpip/tcpip.h"
- #else
- #include "system/system_services.h"
- #include "tcpip/sntp.h"
- #endif
-#endif
-
-#ifdef MBED
- #define CYASSL_USER_IO
- #define NO_FILESYSTEM
- #define NO_CERTS
- #define USE_CERT_BUFFERS_1024
- #define NO_WRITEV
- #define NO_DEV_RANDOM
- #define NO_SHA512
- #define NO_DH
- #define NO_DSA
- #define HAVE_ECC
- #define NO_SESSION_CACHE
- #define CYASSL_CMSIS_RTOS
-#endif
-
-
-#ifdef CYASSL_EROAD
- #define FREESCALE_MQX
- #define FREESCALE_MMCAU
- #define SINGLE_THREADED
- #define NO_STDIO_FILESYSTEM
- #define CYASSL_LEANPSK
- #define HAVE_NULL_CIPHER
- #define NO_OLD_TLS
- #define NO_ASN
- #define NO_BIG_INT
- #define NO_RSA
- #define NO_DSA
- #define NO_DH
- #define NO_CERTS
- #define NO_PWDBASED
- #define NO_DES3
- #define NO_MD4
- #define NO_RC4
- #define NO_MD5
- #define NO_SESSION_CACHE
- #define NO_MAIN_DRIVER
-#endif
-
-#ifdef CYASSL_PICOTCP
- #define errno pico_err
- #include "pico_defines.h"
- #include "pico_stack.h"
- #include "pico_constants.h"
- #define CUSTOM_RAND_GENERATE pico_rand
-#endif
-
-#ifdef CYASSL_PICOTCP_DEMO
- #define CYASSL_STM32
- #define USE_FAST_MATH
- #define TFM_TIMING_RESISTANT
- #define XMALLOC(s, h, type) PICO_ZALLOC((s))
- #define XFREE(p, h, type) PICO_FREE((p))
- #define SINGLE_THREADED
- #define NO_WRITEV
- #define CYASSL_USER_IO
- #define NO_DEV_RANDOM
- #define NO_FILESYSTEM
-#endif
-
-#ifdef FREERTOS_WINSIM
- #define FREERTOS
- #define USE_WINDOWS_API
-#endif
-
-
-/* Micrium will use Visual Studio for compilation but not the Win32 API */
-#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
- && !defined(EBSNET) && !defined(CYASSL_EROAD) && !defined(INTIME_RTOS)
- #define USE_WINDOWS_API
-#endif
-
-
-#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
- #include <stdlib.h>
- #define XMALLOC(s, h, type) malloc((s))
- #define XFREE(p, h, type) free((p))
- #define XREALLOC(p, n, h, t) realloc((p), (n))
-#endif
-
-#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
- #undef XMALLOC
- #define XMALLOC yaXMALLOC
- #undef XFREE
- #define XFREE yaXFREE
- #undef XREALLOC
- #define XREALLOC yaXREALLOC
-#endif
-
-
-#ifdef FREERTOS
- #ifndef NO_WRITEV
- #define NO_WRITEV
- #endif
- #ifndef NO_SHA512
- #define NO_SHA512
- #endif
- #ifndef NO_DH
- #define NO_DH
- #endif
- #ifndef NO_DSA
- #define NO_DSA
- #endif
-
- #ifndef SINGLE_THREADED
- #include "FreeRTOS.h"
- #include "semphr.h"
- #endif
-#endif
-
-#ifdef CYASSL_TIRTOS
- #define SIZEOF_LONG_LONG 8
- #define NO_WRITEV
- #define NO_CYASSL_DIR
- #define USE_FAST_MATH
- #define TFM_TIMING_RESISTANT
- #define NO_DEV_RANDOM
- #define NO_FILESYSTEM
- #define USE_CERT_BUFFERS_2048
- #define NO_ERROR_STRINGS
- #define USER_TIME
-
- #ifdef __IAR_SYSTEMS_ICC__
- #pragma diag_suppress=Pa089
- #elif !defined(__GNUC__)
- /* Suppress the sslpro warning */
- #pragma diag_suppress=11
- #endif
-
- #include <ti/ndk/nettools/mytime/mytime.h>
-#endif
-
-#ifdef EBSNET
- #include "rtip.h"
-
- /* #define DEBUG_CYASSL */
- #define NO_CYASSL_DIR /* tbd */
-
- #if (POLLOS)
- #define SINGLE_THREADED
- #endif
-
- #if (RTPLATFORM)
- #if (!RTP_LITTLE_ENDIAN)
- #define BIG_ENDIAN_ORDER
- #endif
- #else
- #if (!KS_LITTLE_ENDIAN)
- #define BIG_ENDIAN_ORDER
- #endif
- #endif
-
- #if (WINMSP3)
- #undef SIZEOF_LONG
- #define SIZEOF_LONG_LONG 8
- #else
- #if !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
- #error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
- #endif
- #endif
-
- #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
- #define XFREE(p, h, type) (rtp_free(p))
- #define XREALLOC(p, n, h, t) realloc((p), (n))
-
-#endif /* EBSNET */
-
-#ifdef CYASSL_GAME_BUILD
- #define SIZEOF_LONG_LONG 8
-#endif
-
-#ifdef CYASSL_LSR
- #define HAVE_WEBSERVER
- #define SIZEOF_LONG_LONG 8
- #define CYASSL_LOW_MEMORY
- #define NO_WRITEV
- #define NO_SHA512
- #define NO_DH
- #define NO_DSA
- #define NO_DEV_RANDOM
- #define NO_CYASSL_DIR
- #ifndef NO_FILESYSTEM
- #define LSR_FS
- #include "inc/hw_types.h"
- #include "fs.h"
- #endif
- #define CYASSL_LWIP
- #include <errno.h> /* for tcp errno */
- #define CYASSL_SAFERTOS
- #if defined(__IAR_SYSTEMS_ICC__)
- /* enum uses enum */
- #pragma diag_suppress=Pa089
- #endif
-#endif
-
-#ifdef CYASSL_SAFERTOS
- #ifndef SINGLE_THREADED
- #include "SafeRTOS/semphr.h"
- #endif
-
- #include "SafeRTOS/heap.h"
- #define XMALLOC(s, h, type) pvPortMalloc((s))
- #define XFREE(p, h, type) vPortFree((p))
- #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
-#endif
-
-#ifdef CYASSL_LOW_MEMORY
- #undef RSA_LOW_MEM
- #define RSA_LOW_MEM
- #undef CYASSL_SMALL_STACK
- #define CYASSL_SMALL_STACK
- #undef TFM_TIMING_RESISTANT
- #define TFM_TIMING_RESISTANT
-#endif
-
-#ifdef FREESCALE_MQX
- #define SIZEOF_LONG_LONG 8
- #define NO_WRITEV
- #define NO_DEV_RANDOM
- #define NO_CYASSL_DIR
- #define USE_FAST_MATH
- #define TFM_TIMING_RESISTANT
- #define FREESCALE_K70_RNGA
- /* #define FREESCALE_K53_RNGB */
- #include "mqx.h"
- #ifndef NO_FILESYSTEM
- #include "mfs.h"
- #include "fio.h"
- #endif
- #ifndef SINGLE_THREADED
- #include "mutex.h"
- #endif
-
- #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
- #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
- /* Note: MQX has no realloc, using fastmath above */
-#endif
-
-#ifdef CYASSL_STM32F2
- #define SIZEOF_LONG_LONG 8
- #define NO_DEV_RANDOM
- #define NO_CYASSL_DIR
- #define STM32F2_RNG
- #define STM32F2_CRYPTO
- #define KEIL_INTRINSICS
-#endif
-
-#ifdef MICRIUM
-
- #include "stdlib.h"
- #include "net_cfg.h"
- #include "ssl_cfg.h"
- #include "net_secure_os.h"
-
- #define CYASSL_TYPES
-
- typedef CPU_INT08U byte;
- typedef CPU_INT16U word16;
- typedef CPU_INT32U word32;
-
- #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
- #define SIZEOF_LONG 4
- #undef SIZEOF_LONG_LONG
- #else
- #undef SIZEOF_LONG
- #define SIZEOF_LONG_LONG 8
- #endif
-
- #define STRING_USER
-
- #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
- #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
- ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
- (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
- #define XSTRNCMP(pstr_1, pstr_2, len_max) \
- ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
- (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
- #define XSTRSTR(pstr, pstr_srch) \
- ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
- (CPU_CHAR *)(pstr_srch)))
- #define XMEMSET(pmem, data_val, size) \
- ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
- (CPU_SIZE_T)(size)))
- #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
- (void *)(psrc), (CPU_SIZE_T)(size)))
- #define XMEMCMP(pmem_1, pmem_2, size) \
- (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
- (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
- #define XMEMMOVE XMEMCPY
-
-#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
- #define MICRIUM_MALLOC
- #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
- (CPU_SIZE_T)(s), (void *)0))
- #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \
- (p), (void *)0))
- #define XREALLOC(p, n, h, t) realloc((p), (n))
-#endif
-
- #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
- #undef NO_FILESYSTEM
- #else
- #define NO_FILESYSTEM
- #endif
-
- #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
- #define DEBUG_CYASSL
- #else
- #undef DEBUG_CYASSL
- #endif
-
- #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
- #define OPENSSL_EXTRA
- #else
- #undef OPENSSL_EXTRA
- #endif
-
- #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
- #undef SINGLE_THREADED
- #else
- #define SINGLE_THREADED
- #endif
-
- #if (SSL_CFG_DH_EN == DEF_ENABLED)
- #undef NO_DH
- #else
- #define NO_DH
- #endif
-
- #if (SSL_CFG_DSA_EN == DEF_ENABLED)
- #undef NO_DSA
- #else
- #define NO_DSA
- #endif
-
- #if (SSL_CFG_PSK_EN == DEF_ENABLED)
- #undef NO_PSK
- #else
- #define NO_PSK
- #endif
-
- #if (SSL_CFG_3DES_EN == DEF_ENABLED)
- #undef NO_DES3
- #else
- #define NO_DES3
- #endif
-
- #if (SSL_CFG_AES_EN == DEF_ENABLED)
- #undef NO_AES
- #else
- #define NO_AES
- #endif
-
- #if (SSL_CFG_RC4_EN == DEF_ENABLED)
- #undef NO_RC4
- #else
- #define NO_RC4
- #endif
-
- #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
- #define BIG_ENDIAN_ORDER
- #else
- #undef BIG_ENDIAN_ORDER
- #define LITTLE_ENDIAN_ORDER
- #endif
-
- #if (SSL_CFG_MD4_EN == DEF_ENABLED)
- #undef NO_MD4
- #else
- #define NO_MD4
- #endif
-
- #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
- #undef NO_WRITEV
- #else
- #define NO_WRITEV
- #endif
-
- #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
- #define NO_DEV_RANDOM
- #else
- #undef NO_DEV_RANDOM
- #endif
-
- #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
- #define CYASSL_USER_IO
- #else
- #undef CYASSL_USER_IO
- #endif
-
- #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
- #undef LARGE_STATIC_BUFFERS
- #undef STATIC_CHUNKS_ONLY
- #else
- #define LARGE_STATIC_BUFFERS
- #define STATIC_CHUNKS_ONLY
- #endif
-
- #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
- #define CYASSL_DER_LOAD
- #else
- #undef CYASSL_DER_LOAD
- #endif
-
- #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
- #define CYASSL_DTLS
- #else
- #undef CYASSL_DTLS
- #endif
-
- #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
- #define CYASSL_CALLBACKS
- #else
- #undef CYASSL_CALLBACKS
- #endif
-
- #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
- #define USE_FAST_MATH
- #else
- #undef USE_FAST_MATH
- #endif
-
- #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
- #define TFM_TIMING_RESISTANT
- #else
- #undef TFM_TIMING_RESISTANT
- #endif
-
-#endif /* MICRIUM */
-
-
-#ifdef CYASSL_QL
- #ifndef CYASSL_SEP
- #define CYASSL_SEP
- #endif
- #ifndef OPENSSL_EXTRA
- #define OPENSSL_EXTRA
- #endif
- #ifndef SESSION_CERTS
- #define SESSION_CERTS
- #endif
- #ifndef HAVE_AESCCM
- #define HAVE_AESCCM
- #endif
- #ifndef ATOMIC_USER
- #define ATOMIC_USER
- #endif
- #ifndef CYASSL_DER_LOAD
- #define CYASSL_DER_LOAD
- #endif
- #ifndef KEEP_PEER_CERT
- #define KEEP_PEER_CERT
- #endif
- #ifndef HAVE_ECC
- #define HAVE_ECC
- #endif
- #ifndef SESSION_INDEX
- #define SESSION_INDEX
- #endif
-#endif /* CYASSL_QL */
-
-
-#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
- !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
- #define USE_CYASSL_MEMORY
-#endif
-
-
-#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
- #undef KEEP_PEER_CERT
- #define KEEP_PEER_CERT
-#endif
-
-
-/* stream ciphers except arc4 need 32bit alignment, intel ok without */
-#ifndef XSTREAM_ALIGNMENT
- #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
- #define NO_XSTREAM_ALIGNMENT
- #else
- #define XSTREAM_ALIGNMENT
- #endif
-#endif
-
-
-/* FreeScale MMCAU hardware crypto has 4 byte alignment */
-#ifdef FREESCALE_MMCAU
- #define CYASSL_MMCAU_ALIGNMENT 4
-#endif
-
-/* if using hardware crypto and have alignment requirements, specify the
- requirement here. The record header of SSL/TLS will prvent easy alignment.
- This hint tries to help as much as possible. */
-#ifndef CYASSL_GENERAL_ALIGNMENT
- #ifdef CYASSL_AESNI
- #define CYASSL_GENERAL_ALIGNMENT 16
- #elif defined(XSTREAM_ALIGNMENT)
- #define CYASSL_GENERAL_ALIGNMENT 4
- #elif defined(FREESCALE_MMCAU)
- #define CYASSL_GENERAL_ALIGNMENT CYASSL_MMCAU_ALIGNMENT
- #else
- #define CYASSL_GENERAL_ALIGNMENT 0
- #endif
-#endif
-
-
-#ifdef __INTEL_COMPILER
- #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
-#endif
-
-
-/* Place any other flags or defines here */
-
-
-#ifdef __cplusplus
- } /* extern "C" */
-#endif
-
-
-#endif /* CTAO_CRYPT_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h
deleted file mode 100644
index bb29655c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* settings_comp.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef CTAO_CRYPT_SETTINGS_C_H
-#define CTAO_CRYPT_SETTINGS_C_H
-
-
-/* since fips overrides rsa.h map compatibility here */
-#if !defined(NO_RSA)
- #ifdef WOLFSSL_KEY_GEN
- #define RsaKeyToDer wc_RsaKeyToDer
- #endif
-
- #define RsaPrivateKeyDecode wc_RsaPrivateKeyDecode
- #define RsaPublicKeyDecode wc_RsaPublicKeyDecode
- #define RsaPublicKeyDecodeRaw wc_RsaPublicKeyDecodeRaw
-#endif /* have rsa and HAVE_FIPS */
-
-/* Macro redefinitions for compatibility */
-#if defined(WOLFSSL_SHA512) && !defined(CYASSL_SHA512)
- #define CYASSL_SHA512
-#endif
-#if defined(WOLFSSL_SHA384) && !defined(CYASSL_SHA384)
- #define CYASSL_SHA384
-#endif
-#if defined(WOLFSSL_LEANPSK) && !defined(CYASSL_LEANPSK)
- #define CYASSL_LEANPSK
-#endif
-#if defined(NO_WOLFSSL_MEMORY) && !defined(NO_CYASSL_MEMORY)
- #define NO_CYASSL_MEMORY
-#endif
-#if defined(WOLFSSL_KEY_GEN) && !defined(CYASSL_KEY_GEN)
- #define CYASSL_KEY_GEN
-#endif
-
-/* AES */
-#if defined(WOLFSSL_AES_DIRECT) && !defined(CYASSL_AES_DIRECT)
- #define CYASSL_AES_DIRECT
-#endif
-#if defined(WOLFSSL_AES_COUNTER) && !defined(CYASSL_AES_COUNTER)
- #define CYASSL_AES_COUNTER
-#endif
-
-/* DES */
-#if defined(WOLFSSL_DES_ECB) && !defined(CYASSL_DES_ECB)
- #define CYASSL_DES_ECB
-#endif
-
-#endif /* CTAO_CRYPT_SETTINGS_C_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h
deleted file mode 100644
index 697426b4..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* sha.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_SHA
-
-#ifndef CTAO_CRYPT_SHA_H
-#define CTAO_CRYPT_SHA_H
-
-#include <wolfssl/wolfcrypt/sha.h>
-#define InitSha wc_InitSha
-#define ShaUpdate wc_ShaUpdate
-#define ShaFinal wc_ShaFinal
-#define ShaHash wc_ShaHash
-
-#endif /* CTAO_CRYPT_SHA_H */
-#endif /* NO_SHA */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h
deleted file mode 100644
index c44461af..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/* sha256.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-
-#ifndef NO_SHA256
-
-#ifndef CTAO_CRYPT_SHA256_H
-#define CTAO_CRYPT_SHA256_H
-
-#include <wolfssl/wolfcrypt/sha256.h>
-#define InitSha256 wc_InitSha256
-#define Sha256Update wc_Sha256Update
-#define Sha256Final wc_Sha256Final
-#define Sha256Hash wc_Sha256Hash
-
-#ifdef WOLFSSL_SHA224
- #define InitSha224 wc_InitSha224
- #define Sha224Update wc_Sha224Update
- #define Sha224Final wc_Sha224Final
- #define Sha224Hash wc_Sha224Hash
-#endif
-
-#endif /* CTAO_CRYPT_SHA256_H */
-#endif /* NO_SHA256 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h
deleted file mode 100644
index 95b98d15..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* sha512.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_SHA512_H
-#define CTAO_CRYPT_SHA512_H
-
-#include <wolfssl/wolfcrypt/sha512.h>
-#define InitSha512 wc_InitSha512
-#define Sha512Update wc_Sha512Update
-#define Sha512Final wc_Sha512Final
-#define Sha512Hash wc_Sha512Hash
-
-#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
- #define InitSha384 wc_InitSha384
- #define Sha384Update wc_Sha384Update
- #define Sha384Final wc_Sha384Final
- #define Sha384Hash wc_Sha384Hash
-#endif /* WOLFSSL_SHA384 */
-
-#endif /* CTAO_CRYPT_SHA512_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h
deleted file mode 100644
index 2498ecbd..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* tfm.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/*
- * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-/**
- * Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br)
- * to fit CyaSSL's needs.
- */
-
-
-#ifndef CTAO_CRYPT_TFM_H
-#define CTAO_CRYPT_TFM_H
-
-#include <wolfssl/wolfcrypt/tfm.h>
-
-#endif /* CTAO_CRYPT_TFM_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h
deleted file mode 100644
index 68a63cac..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* types.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_TYPES_H
-#define CTAO_CRYPT_TYPES_H
-
-#include <cyassl/ctaocrypt/wc_port.h>
-#include <cyassl/ctaocrypt/settings.h>
-#include <wolfssl/wolfcrypt/types.h>
-
-/* compatibility macros */
-#define CYASSL_WORD_SIZE WOLFSSL_WORD_SIZE
-#define CYASSL_BIT_SIZE WOLFSSL_BIT_SIZE
-#define CYASSL_MAX_16BIT WOLFSSL_MAX_16BIT
-#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
-#define cyassl_word wolfssl_word
-
-#endif /* CTAO_CRYPT_TYPES_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h
deleted file mode 100644
index 3572fb51..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/* visibility.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* Visibility control macros */
-
-#ifndef CTAO_CRYPT_VISIBILITY_H
-#define CTAO_CRYPT_VISIBILITY_H
-
-/* fips compatibility @wc_fips */
-#ifndef HAVE_FIPS
- #include <wolfssl/wolfcrypt/visibility.h>
- #define CYASSL_API WOLFSSL_API
- #define CYASSL_LOCAL WOLFSSL_LOCAL
-#else
-/* CYASSL_API is used for the public API symbols.
- It either imports or exports (or does nothing for static builds)
-
- CYASSL_LOCAL is used for non-API symbols (private).
-*/
-
-#if defined(BUILDING_WOLFSSL)
- #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
- #define CYASSL_API __attribute__ ((visibility("default")))
- #define CYASSL_LOCAL __attribute__ ((visibility("hidden")))
- #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
- #define CYASSL_API __global
- #define CYASSL_LOCAL __hidden
- #elif defined(_MSC_VER)
- #ifdef CYASSL_DLL
- #define CYASSL_API extern __declspec(dllexport)
- #else
- #define CYASSL_API
- #endif
- #define CYASSL_LOCAL
- #else
- #define CYASSL_API
- #define CYASSL_LOCAL
- #endif /* HAVE_VISIBILITY */
-#else /* BUILDING_WOLFSSL */
- #if defined(_MSC_VER)
- #ifdef CYASSL_DLL
- #define CYASSL_API extern __declspec(dllimport)
- #else
- #define CYASSL_API
- #endif
- #define CYASSL_LOCAL
- #else
- #define CYASSL_API
- #define CYASSL_LOCAL
- #endif
-#endif /* BUILDING_WOLFSSL */
-#endif /* HAVE_FIPS */
-#endif /* CTAO_CRYPT_VISIBILITY_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/include.am b/extra/wolfssl/wolfssl/cyassl/include.am
deleted file mode 100644
index b4c7e043..00000000
--- a/extra/wolfssl/wolfssl/cyassl/include.am
+++ /dev/null
@@ -1,31 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-#
-
-include cyassl/ctaocrypt/include.am
-include cyassl/openssl/include.am
-
-EXTRA_DIST+= cyassl/sniffer_error.rc
-
-nobase_include_HEADERS+= \
- cyassl/error-ssl.h \
- cyassl/ssl.h \
- cyassl/sniffer_error.h \
- cyassl/sniffer.h \
- cyassl/callbacks.h \
- cyassl/certs_test.h \
- cyassl/test.h \
- cyassl/version.h \
- cyassl/ocsp.h \
- cyassl/crl.h
-
-noinst_HEADERS+= \
- cyassl/internal.h
-
-# For distro build don't install options.h.
-# It depends on the architecture and conflicts with Multi-Arch.
-if BUILD_DISTRO
-noinst_HEADERS+= cyassl/options.h
-else
-nobase_include_HEADERS+= cyassl/options.h
-endif
diff --git a/extra/wolfssl/wolfssl/cyassl/internal.h b/extra/wolfssl/wolfssl/cyassl/internal.h
deleted file mode 100644
index abf49bd3..00000000
--- a/extra/wolfssl/wolfssl/cyassl/internal.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* internal.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/internal.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/ocsp.h b/extra/wolfssl/wolfssl/cyassl/ocsp.h
deleted file mode 100644
index 256c422d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ocsp.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* ocsp.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/ocsp.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/asn1.h b/extra/wolfssl/wolfssl/cyassl/openssl/asn1.h
deleted file mode 100644
index 35be23f7..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/asn1.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* asn1.h for openssl */
-
-#include <wolfssl/openssl/asn1.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/bio.h b/extra/wolfssl/wolfssl/cyassl/openssl/bio.h
deleted file mode 100644
index 8f529835..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/bio.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* bio.h for openssl */
-
-#include <wolfssl/openssl/bio.h>
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/bn.h b/extra/wolfssl/wolfssl/cyassl/openssl/bn.h
deleted file mode 100644
index e14f4e28..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/bn.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* bn.h for openssl */
-
-#include <wolfssl/openssl/bn.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/conf.h b/extra/wolfssl/wolfssl/cyassl/openssl/conf.h
deleted file mode 100644
index 4005ea9d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/conf.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* conf.h for openssl */
-
-#include <wolfssl/openssl/conf.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/crypto.h b/extra/wolfssl/wolfssl/cyassl/openssl/crypto.h
deleted file mode 100644
index 32e11082..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/crypto.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* crypto.h for openSSL */
-
-#include <wolfssl/openssl/crypto.h>
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/dh.h b/extra/wolfssl/wolfssl/cyassl/openssl/dh.h
deleted file mode 100644
index 6fd8e36e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/dh.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* dh.h for openSSL */
-
-
-#include <wolfssl/openssl/dh.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/dsa.h b/extra/wolfssl/wolfssl/cyassl/openssl/dsa.h
deleted file mode 100644
index 39ddf8ce..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/dsa.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/* dsa.h for openSSL */
-
-#ifndef CYASSL_OPENSSL_DSA
-#define CYASSL_OPENSSL_DSA
-
-#define CyaSSL_DSA_LoadDer wolfSSL_DSA_LoadDer
-#define CyaSSL_DSA_do_sign wolfSSL_DSA_do_sign
-
-#include <cyassl/openssl/ssl.h>
-#include <wolfssl/openssl/dsa.h>
-#endif
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ec.h b/extra/wolfssl/wolfssl/cyassl/openssl/ec.h
deleted file mode 100644
index 1ce8aa94..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ec.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ec.h for openssl */
-
-#include <wolfssl/openssl/ec.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h b/extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h
deleted file mode 100644
index 6ee89450..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ec25519.h */
-
-#include <wolfssl/openssl/ec25519.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ec448.h b/extra/wolfssl/wolfssl/cyassl/openssl/ec448.h
deleted file mode 100644
index c3fe4c3a..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ec448.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ec448.h */
-
-#include <wolfssl/openssl/ec448.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h b/extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h
deleted file mode 100644
index b774bf0d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ecdh.h for openssl */
-
-#include <wolfssl/openssl/ecdh.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h b/extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h
deleted file mode 100644
index 9a1c02b3..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ecdsa.h for openssl */
-
-#include <wolfssl/openssl/ecdsa.h> \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h b/extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h
deleted file mode 100644
index 240cbcaa..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ed25519.h */
-
-#include <wolfssl/openssl/ed25519.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ed448.h b/extra/wolfssl/wolfssl/cyassl/openssl/ed448.h
deleted file mode 100644
index ebb9c619..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ed448.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ed448.h */
-
-#include <wolfssl/openssl/ed448.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/engine.h b/extra/wolfssl/wolfssl/cyassl/openssl/engine.h
deleted file mode 100644
index fcce4bdb..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/engine.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* engine.h for libcurl */
-
-#include <wolfssl/openssl/engine.h>
-
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/err.h b/extra/wolfssl/wolfssl/cyassl/openssl/err.h
deleted file mode 100644
index 36111170..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/err.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* err.h for openssl */
-
-#include <wolfssl/openssl/err.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/evp.h b/extra/wolfssl/wolfssl/cyassl/openssl/evp.h
deleted file mode 100644
index 0d4026cc..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/evp.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* evp.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/* evp.h defines mini evp openssl compatibility layer
- *
- */
-
-#ifndef CYASSL_OPENSSL_EVP
-#define CYASSL_OPENSSL_EVP
-
-#define CyaSSL_StoreExternalIV wolfSSL_StoreExternalIV
-#define CyaSSL_SetInternalIV wolfSSL_SetInternalIV
-#define CYASSL_EVP_MD WOLFSSL_EVP_MD
-#define CyaSSL_EVP_X_STATE wolfSSL_EVP_X_STATE
-#define CyaSSL_EVP_X_STATE_LEN wolfSSL_EVP_X_STATE_LEN
-#define CyaSSL_3des_iv wolfSSL_3des_iv
-#define CyaSSL_aes_ctr_iv wolfSSL_aes_ctr_iv
-
-#include <wolfssl/openssl/evp.h>
-#endif
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/include.am b/extra/wolfssl/wolfssl/cyassl/openssl/include.am
deleted file mode 100644
index a1b25c6b..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/include.am
+++ /dev/null
@@ -1,42 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-
-nobase_include_HEADERS+= \
- cyassl/openssl/asn1.h \
- cyassl/openssl/bio.h \
- cyassl/openssl/bn.h \
- cyassl/openssl/conf.h \
- cyassl/openssl/crypto.h \
- cyassl/openssl/des.h \
- cyassl/openssl/dh.h \
- cyassl/openssl/dsa.h \
- cyassl/openssl/ecdsa.h \
- cyassl/openssl/ecdh.h \
- cyassl/openssl/ec.h \
- cyassl/openssl/ec25519.h \
- cyassl/openssl/ed25519.h \
- cyassl/openssl/ec448.h \
- cyassl/openssl/ed448.h \
- cyassl/openssl/engine.h \
- cyassl/openssl/err.h \
- cyassl/openssl/evp.h \
- cyassl/openssl/hmac.h \
- cyassl/openssl/lhash.h \
- cyassl/openssl/md4.h \
- cyassl/openssl/md5.h \
- cyassl/openssl/ripemd.h \
- cyassl/openssl/ocsp.h \
- cyassl/openssl/opensslconf.h \
- cyassl/openssl/opensslv.h \
- cyassl/openssl/ossl_typ.h \
- cyassl/openssl/pem.h \
- cyassl/openssl/pkcs12.h \
- cyassl/openssl/rand.h \
- cyassl/openssl/rsa.h \
- cyassl/openssl/sha.h \
- cyassl/openssl/ssl23.h \
- cyassl/openssl/ssl.h \
- cyassl/openssl/stack.h \
- cyassl/openssl/ui.h \
- cyassl/openssl/x509.h \
- cyassl/openssl/x509v3.h
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/lhash.h b/extra/wolfssl/wolfssl/cyassl/openssl/lhash.h
deleted file mode 100644
index 6285f6a5..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/lhash.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* lhash.h for openSSL */
-
-#include <wolfssl/openssl/lhash.h> \ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/md4.h b/extra/wolfssl/wolfssl/cyassl/openssl/md4.h
deleted file mode 100644
index fb0d437a..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/md4.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* md4.h for libcurl */
-
-#include <wolfssl/openssl/md4.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/md5.h b/extra/wolfssl/wolfssl/cyassl/openssl/md5.h
deleted file mode 100644
index f3dd4e4b..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/md5.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* md5.h for openssl */
-
-
-#include <wolfssl/openssl/md5.h>
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h b/extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h
deleted file mode 100644
index 8c0f4680..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ocsp.h for libcurl */
-
-#include <wolfssl/openssl/ocsp.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h b/extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h
deleted file mode 100644
index 7f21cd95..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* opensslconf.h for openSSL */
-
-#include <wolfssl/openssl/opensslconf.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h b/extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h
deleted file mode 100644
index d119f82e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* opensslv.h compatibility */
-
-#include <wolfssl/openssl/opensslv.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h b/extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h
deleted file mode 100644
index 5e6e627d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ossl_typ.h for openssl */
-
-#include <wolfssl/openssl/ossl_typ.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/pem.h b/extra/wolfssl/wolfssl/cyassl/openssl/pem.h
deleted file mode 100644
index a07b9120..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/pem.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* pem.h for openssl */
-
-#include <wolfssl/openssl/pem.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h b/extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h
deleted file mode 100644
index 1fb089fb..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* pkcs12.h for openssl */
-
-#include <wolfssl/openssl/pkcs12.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/rand.h b/extra/wolfssl/wolfssl/cyassl/openssl/rand.h
deleted file mode 100644
index 5bd77b6c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/rand.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* rand.h for openSSL */
-
-#include <wolfssl/openssl/ssl.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h b/extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h
deleted file mode 100644
index b25de783..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ripemd.h for openssl */
-
-#include <wolfssl/openssl/ripemd.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/rsa.h b/extra/wolfssl/wolfssl/cyassl/openssl/rsa.h
deleted file mode 100644
index f4f24b82..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/rsa.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/* rsa.h for openSSL */
-
-#ifndef CYASSL_OPENSSL_RSA
-#define CYASSL_OPENSSL_RSA
-
-#define CyaSSL_RSA_GenAdd wolfSSL_RSA_GenAdd
-#define CyaSSL_RSA_LoadDer wolfSSL_RSA_LoadDer
-
-#include <cyassl/openssl/ssl.h>
-#include <wolfssl/openssl/rsa.h>
-#endif
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/sha.h b/extra/wolfssl/wolfssl/cyassl/openssl/sha.h
deleted file mode 100644
index ced3ca19..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/sha.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* sha.h for openssl */
-
-#include <wolfssl/openssl/sha.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h b/extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h
deleted file mode 100644
index a91524b9..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ssl23.h for openssl */
-
-#include <wolfssl/openssl/ssl23.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/stack.h b/extra/wolfssl/wolfssl/cyassl/openssl/stack.h
deleted file mode 100644
index 831502f5..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/stack.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* stack.h for openssl */
-
-#include <wolfssl/openssl/stack.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ui.h b/extra/wolfssl/wolfssl/cyassl/openssl/ui.h
deleted file mode 100644
index b1f4042e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ui.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ui.h for openssl */
-
-#include <wolfssl/openssl/ui.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/x509.h b/extra/wolfssl/wolfssl/cyassl/openssl/x509.h
deleted file mode 100644
index 9d130028..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/x509.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* x509.h for openssl */
-
-#include <wolfssl/openssl/ssl.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h b/extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h
deleted file mode 100644
index 2a5240d9..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* x509v3.h for openssl */
-
-#include <wolfssl/openssl/x509v3.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/sniffer.h b/extra/wolfssl/wolfssl/cyassl/sniffer.h
deleted file mode 100644
index 560932b4..00000000
--- a/extra/wolfssl/wolfssl/cyassl/sniffer.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* sniffer.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/sniffer.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/sniffer_error.h b/extra/wolfssl/wolfssl/cyassl/sniffer_error.h
deleted file mode 100644
index 450ec676..00000000
--- a/extra/wolfssl/wolfssl/cyassl/sniffer_error.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* sniffer_error.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/sniffer_error.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/sniffer_error.rc b/extra/wolfssl/wolfssl/cyassl/sniffer_error.rc
deleted file mode 100644
index 8bcd6926..00000000
--- a/extra/wolfssl/wolfssl/cyassl/sniffer_error.rc
+++ /dev/null
@@ -1,93 +0,0 @@
-
-STRINGTABLE
-{
- 1, "Out of Memory"
- 2, "New SSL Sniffer Server Registered"
- 3, "Checking IP Header"
- 4, "SSL Sniffer Server Not Registered"
- 5, "Checking TCP Header"
-
- 6, "SSL Sniffer Server Port Not Registered"
- 7, "RSA Private Decrypt Error"
- 8, "RSA Private Decode Error"
- 9, "Set Cipher Spec Error"
- 10, "Server Hello Input Malformed"
-
- 11, "Couldn't Resume Session Error"
- 12, "Server Did Resumption"
- 13, "Client Hello Input Malformed"
- 14, "Client Trying to Resume"
- 15, "Handshake Input Malformed"
-
- 16, "Got Hello Verify msg"
- 17, "Got Server Hello msg"
- 18, "Got Cert Request msg"
- 19, "Got Server Key Exchange msg"
- 20, "Got Cert msg"
-
- 21, "Got Server Hello Done msg"
- 22, "Got Finished msg"
- 23, "Got Client Hello msg"
- 24, "Got Client Key Exchange msg"
- 25, "Got Cert Verify msg"
-
- 26, "Got Unknown Handshake msg"
- 27, "New SSL Sniffer Session created"
- 28, "Couldn't create new SSL"
- 29, "Got a Packet to decode"
- 30, "No data present"
-
- 31, "Session Not Found"
- 32, "Got an Old Client Hello msg"
- 33, "Old Client Hello Input Malformed"
- 34, "Old Client Hello OK"
- 35, "Bad Old Client Hello"
-
- 36, "Bad Record Header"
- 37, "Record Header Input Malformed"
- 38, "Got a HandShake msg"
- 39, "Bad HandShake msg"
- 40, "Got a Change Cipher Spec msg"
-
- 41, "Got Application Data msg"
- 42, "Bad Application Data"
- 43, "Got an Alert msg"
- 44, "Another msg to Process"
- 45, "Removing Session From Table"
-
- 46, "Bad Key File"
- 47, "Wrong IP Version"
- 48, "Wrong Protocol type"
- 49, "Packet Short for header processing"
- 50, "Got Unknown Record Type"
-
- 51, "Can't Open Trace File"
- 52, "Session in Fatal Error State"
- 53, "Partial SSL record received"
- 54, "Buffer Error, malformed input"
- 55, "Added to Partial Input"
-
- 56, "Received a Duplicate Packet"
- 57, "Received an Out of Order Packet"
- 58, "Received an Overlap Duplicate Packet"
- 59, "Received an Overlap Reassembly Begin Duplicate Packet"
- 60, "Received an Overlap Reassembly End Duplicate Packet"
-
- 61, "Missed the Client Hello Entirely"
- 62, "Got Hello Request msg"
- 63, "Got Session Ticket msg"
- 64, "Bad Input"
- 65, "Bad Decrypt Type"
-
- 66, "Bad Finished Message Processing"
- 67, "Bad Compression Type"
- 68, "Bad DeriveKeys Error"
- 69, "Saw ACK for Missing Packet Error"
- 70, "Bad Decrypt Operation"
-
- 71, "Decrypt Keys Not Set Up"
- 72, "Late Key Load Error"
- 73, "Got Certificate Status msg"
- 74, "RSA Key Missing Error"
-}
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ssl.h b/extra/wolfssl/wolfssl/cyassl/ssl.h
deleted file mode 100644
index c6606d0c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ssl.h
+++ /dev/null
@@ -1,722 +0,0 @@
-/* ssl.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/*
- * ssl.h makes wolfssl backwards compatible with cyassl
- */
-
-#ifndef WOLFSSL_CYASSL_H_
-#define WOLFSSL_CYASSL_H_
-/*
- * Name change
- * include the new ssl.h
- */
-#include <wolfssl/ssl.h>
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/settings.h>
-
-#ifdef __cplusplus
- extern "C" {
-#endif
-
-#ifdef _WIN32
- /* wincrypt.h clashes */
- #undef X509_NAME
-#endif
-
-#ifdef CYASSL_TIRTOS
- #undef CYASSL_TIRTOS
- #define CYASSL_TIRTOS WOLFSSL_TIRTOS
-#endif
-
-#define CYASSL WOLFSSL
-#define DEBUG_CYASSL DEBUG_WOLFSSL
-#define CYASSL_CTX WOLFSSL_CTX
-#define CYASSL_METHOD WOLFSSL_METHOD
-#define CYASSL_SESSION WOLFSSL_SESSION
-
-#define CYASSL_X509 WOLFSSL_X509
-#define CYASSL_X509_NAME WOLFSSL_X509_NAME
-#define CYASSL_X509_CHAIN WOLFSSL_X509_CHAIN
-#ifdef WOLFSSL_SNIFFER
- #define CYASSL_SNIFFER WOLFSSL_SNIFFER
-#endif
-
-/* redeclare guard */
-#define CYASSL_TYPES_DEFINED WOLFSSL_TYPES_DEFINED
-
-/* legacy defines */
-#define yasslIP wolfSSLIP /**/
-#define yasslPort wolfSSLPort /**/
-
-/* cyassl/ssl.h (structs) */
-#define CYASSL_RSA WOLFSSL_RSA
-#define CYASSL_DSA WOLFSSL_DSA
-#define CYASSL_BIO WOLFSSL_BIO
-#define CYASSL_CIPHER WOLFSSL_CIPHER
-#define CYASSL_MD4_CTX WOLFSSL_MD4_CTX
-#define CYASSL_MFL_2_9 WOLFSSL_MFL_2_9 /**/
-#define CYASSL_MFL_2_13 WOLFSSL_MFL_2_13 /**/
-#define CYASSL_EVP_PKEY WOLFSSL_EVP_PKEY
-#define CYASSL_X509_CRL WOLFSSL_X509_CRL
-#define CYASSL_ASN1_TIME WOLFSSL_ASN1_TIME
-#define CYASSL_BIO_METHOD WOLFSSL_BIO_METHOD
-#define CYASSL_X509_STORE WOLFSSL_X509_STORE
-#define CYASSL_X509_OBJECT WOLFSSL_X509_OBJECT
-#define CYASSL_X509_LOOKUP WOLFSSL_X509_LOOKUP
-#define CYASSL_ASN1_OBJECT WOLFSSL_ASN1_OBJECT
-#define CYASSL_ASN1_STRING WOLFSSL_ASN1_STRING
-#define CYASSL_COMP_METHOD WOLFSSL_COMP_METHOD
-#define CYASSL_CRL_CHECKALL WOLFSSL_CRL_CHECKALL
-#define CYASSL_ASN1_INTEGER WOLFSSL_ASN1_INTEGER
-#define CYASSL_X509_REVOKED WOLFSSL_X509_REVOKED
-#define CYASSL_dynlock_value WOLFSSL_dynlock_value
-#define CYASSL_X509_EXTENSION WOLFSSL_X509_EXTENSION
-#define CYASSL_X509_STORE_CTX WOLFSSL_X509_STORE_CTX
-#define CYASSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD
-
-#define CyaSSL_LoadCRL wolfSSL_LoadCRL
-#define CyaSSL_EnableCRL wolfSSL_EnableCRL
-#define CyaSSL_SetCRL_Cb wolfSSL_SetCRL_Cb
-
-/* cyassl/test.h */
-#ifdef CyaSSL_TEST_H
- #define CYASSL_THREAD WOLFSSL_THREAD
-#endif
-
-/* src/ssl.c */
-#define CYASSL_CRL WOLFSSL_CRL
-#define CYASSL_SSLV3 WOLFSSL_SSLV3
-#define CYASSL_TLSV1 WOLFSSL_TLSV1
-#define CYASSL_TLSV1_1 WOLFSSL_TLSV1_1
-#define CYASSL_TLSV1_2 WOLFSSL_TLSV1_2
-#define CYASSL_USER_CA WOLFSSL_USER_CA
-#define CYASSL_CLIENT_END WOLFSSL_CLIENT_END
-#define CYASSL_CERT_MANAGER WOLFSSL_CERT_MANAGER
-#define MAX_CYASSL_FILE_SIZE MAX_WOLFSSL_FILE_SIZE
-
-#define CyaSSL_get_cipher wolfSSL_get_cipher
-#define CyaSSL_get_ciphers wolfSSL_get_ciphers
-#define CyaSSL_KeyPemToDer wolfSSL_KeyPemToDer
-#define CyaSSL_get_version wolfSSL_get_version
-#define CyaSSL_SetServerID wolfSSL_SetServerID
-#define CyaSSL_use_old_poly wolfSSL_use_old_poly
-#define CyaSSL_SetCertCbCtx wolfSSL_SetCertCbCtx
-#define CyaSSL_CertPemToDer wolfSSL_CertPemToDer
-#define CyaSSL_get_shutdown wolfSSL_get_shutdown
-#define CyaSSL_SetMinVersion wolfSSL_SetMinVersion
-#define CyaSSL_CTX_UnloadCAs wolfSSL_CTX_UnloadCAs
-#define CyaSSL_session_reused wolfSSL_session_reused
-#define CyaSSL_UnloadCertsKeys wolfSSL_UnloadCertsKeys
-#define CyaSSL_CIPHER_get_name wolfSSL_CIPHER_get_name
-#define CyaSSL_is_init_finished wolfSSL_is_init_finished
-#define CyaSSL_get_alert_history wolfSSL_get_alert_history
-#define CyaSSL_get_current_cipher wolfSSL_get_current_cipher
-#define CyaSSL_CertManagerUnloadCAs wolfSSL_CertManagerUnloadCAs
-#define CyaSSL_CertManagerEnableOCSP wolfSSL_CertManagerEnableOCSP
-#define CyaSSL_CTX_check_private_key wolfSSL_CTX_check_private_key
-#define CyaSSL_CertManagerDisableOCSP wolfSSL_CertManagerDisableOCSP
-#define CyaSSL_get_current_cipher_suite wolfSSL_get_current_cipher_suite
-#define CyaSSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
-#define CyaSSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
-
-#define CyaSSL_save_session_cache wolfSSL_save_session_cache
-#define CyaSSL_restore_session_cache wolfSSL_restore_session_cache
-#define CyaSSL_memsave_session_cache wolfSSL_memsave_session_cache
-#define CyaSSL_memrestore_session_cache wolfSSL_memrestore_session_cache
-#define CyaSSL_get_session_cache_memsize wolfSSL_get_session_cache_memsize
-
-/* certificate cache persistence, uses ctx since certs are per ctx */
-#define CyaSSL_CTX_save_cert_cache wolfSSL_CTX_save_cert_cache
-#define CyaSSL_CTX_restore_cert_cache wolfSSL_CTX_restore_cert_cache
-#define CyaSSL_CTX_memsave_cert_cache wolfSSL_CTX_memsave_cert_cache
-#define CyaSSL_CTX_memrestore_cert_cache wolfSSL_CTX_memrestore_cert_cache
-#define CyaSSL_CTX_get_cert_cache_memsize wolfSSL_CTX_get_cert_cache_memsize
-
-/* wolfSSL extensions */
-/* get wolfSSL peer X509_CHAIN */
-#define CyaSSL_get_chain_count wolfSSL_get_chain_count
-/* index cert length */
-#define CyaSSL_get_chain_length wolfSSL_get_chain_length
-/* index cert in X509 */
-#define CyaSSL_get_chain_X509 wolfSSL_get_chain_X509
-/* free X509 */
-#define CyaSSL_FreeX509 wolfSSL_FreeX509
-/* get index cert in PEM */
-#define CyaSSL_X509_get_subjectCN wolfSSL_X509_get_subjectCN
-#define CyaSSL_X509_get_der wolfSSL_X509_get_der
-#define CyaSSL_X509_notBefore wolfSSL_X509_notBefore
-#define CyaSSL_X509_notAfter wolfSSL_X509_notAfter
-#define CyaSSL_X509_get_notBefore wolfSSL_X509_get_notBefore
-#define CyaSSL_X509_get_notAfter wolfSSL_X509_get_notAfter
-#define CyaSSL_X509_version wolfSSL_X509_version
-
-#define CyaSSL_cmp_peer_cert_to_file wolfSSL_cmp_peer_cert_to_file
-
-#define CyaSSL_X509_get_next_altname wolfSSL_X509_get_next_altname
-
-#define CyaSSL_X509_d2i wolfSSL_X509_d2i
-#ifndef NO_FILESYSTEM
- #ifndef NO_STDIO_FILESYSTEM
- #define CyaSSL_X509_d2i_fp wolfSSL_X509_d2i_fp
- #endif
-#define CyaSSL_X509_load_certificate_file wolfSSL_X509_load_certificate_file
-#endif
-
-#ifdef WOLFSSL_SEP
-#define CyaSSL_X509_get_device_type wolfSSL_X509_get_device_type
-#define CyaSSL_X509_get_hw_type wolfSSL_X509_get_hw_type
-#define CyaSSL_X509_get_hw_serial_number wolfSSL_X509_get_hw_serial_number
-#endif
-
-#define CyaSSL_CTX_SetGenCookie wolfSSL_CTX_SetGenCookie
-#define CyaSSL_SetCookieCtx wolfSSL_SetCookieCtx
-#define CyaSSL_GetCookieCtx wolfSSL_GetCookieCtx
-#define CyaSSL_ERR_get_error_line_data wolfSSL_ERR_get_error_line_data
-#define CyaSSL_ERR_get_error wolfSSL_ERR_get_error
-#define CyaSSL_ERR_clear_error wolfSSL_ERR_clear_error
-#define CyaSSL_RAND_status wolfSSL_RAND_status
-#define CyaSSL_RAND_bytes wolfSSL_RAND_bytes
-#define CyaSSL_CTX_set_options wolfSSL_CTX_set_options
-#define CyaSSL_ERR_free_strings wolfSSL_ERR_free_strings
-#define CyaSSL_ERR_remove_state wolfSSL_ERR_remove_state
-#define CyaSSL_EVP_cleanup wolfSSL_EVP_cleanup
-#define CyaSSL_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
-#define CyaSSL_CTX_set_mode wolfSSL_CTX_set_mode
-#define CyaSSL_CTX_get_mode wolfSSL_CTX_get_mode
-#define CyaSSL_CTX_set_default_read_ahead wolfSSL_CTX_set_default_read_ahead
-#define CyaSSL_CTX_sess_set_cache_size wolfSSL_CTX_sess_set_cache_size
-#define CyaSSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
-#define CyaSSL_CTX_set_session_id_context wolfSSL_CTX_set_session_id_context
-#define CyaSSL_get_peer_certificate wolfSSL_get_peer_certificate
-#define CyaSSL_BIO_printf wolfSSL_BIO_printf
-#define CyaSSL_ASN1_UTCTIME_print wolfSSL_ASN1_UTCTIME_print
-#define CyaSSL_sk_num wolfSSL_sk_num
-#define CyaSSL_sk_value wolfSSL_sk_value
-
-/* stunnel 4.28 needs */
-#define CyaSSL_CTX_get_ex_data wolfSSL_CTX_get_ex_data
-#define CyaSSL_CTX_set_ex_data wolfSSL_CTX_set_ex_data
-#define CyaSSL_CTX_sess_set_get_cb wolfSSL_CTX_sess_set_get_cb
-#define CyaSSL_CTX_sess_set_new_cb wolfSSL_CTX_sess_set_new_cb
-#define CyaSSL_CTX_sess_set_remove_cb wolfSSL_CTX_sess_set_remove_cb
-
-#define CyaSSL_i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
-#define CyaSSL_d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
-
-#define CyaSSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
-#define CyaSSL_SESSION_get_time wolfSSL_SESSION_get_time
-#define CyaSSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index
-
-
-/* wolfio.c */
-#define CYASSL_CBIO_ERR_ISR WOLFSSL_CBIO_ERR_ISR
-#define CYASSL_CBIO_ERR_TIMEOUT WOLFSSL_CBIO_ERR_TIMEOUT
-#define CYASSL_CBIO_ERR_GENERAL WOLFSSL_CBIO_ERR_GENERAL
-#define CYASSL_CBIO_ERR_CONN_RST WOLFSSL_CBIO_ERR_CONN_RST
-#define CYASSL_CBIO_ERR_WANT_READ WOLFSSL_CBIO_ERR_WANT_READ
-#define CYASSL_CBIO_ERR_WANT_WRITE WOLFSSL_CBIO_ERR_WANT_WRITE
-#define CYASSL_CBIO_ERR_CONN_CLOSE WOLFSSL_CBIO_ERR_CONN_CLOSE
-
-#define CyaSSL_GetIOReadCtx wolfSSL_GetIOReadCtx
-#define CyaSSL_GetIOWriteCtx wolfSSL_GetIOWriteCtx
-
-/* src/tls.c */
-#define CYASSL_SERVER_END WOLFSSL_SERVER_END
-#define CYASSL_TLS_HMAC_INNER_SZ WOLFSSL_TLS_HMAC_INNER_SZ
-
-#define CyaSSL_DeriveTlsKeys wolfSSL_DeriveTlsKeys
-#define CyaSSL_make_eap_keys wolfSSL_make_eap_keys
-#define CyaSSL_MakeTlsMasterSecret wolfSSL_MakeTlsMasterSecret
-
-/* src/internal.c */
-#define CYASSL_CHAIN_CA WOLFSSL_CHAIN_CA
-#define CYASSL_ALERT_HISTORY WOLFSSL_ALERT_HISTORY
-#define CYASSL_SESSION_TIMEOUT WOLFSSL_SESSION_TIMEOUT
-#define CYASSL_CBIO_ERR_CONN_RST WOLFSSL_CBIO_ERR_CONN_RST
-
-#define cyassl_rc4 wolfssl_rc4
-#define cyassl_aes wolfssl_aes
-#define cyassl_chacha wolfssl_chacha
-#define CyaSSL_ERR_reason_error_string wolfSSL_ERR_reason_error_string
-
-#define CyaSSL_set_ex_data wolfSSL_set_ex_data
-#define CyaSSL_get_shutdown wolfSSL_get_shutdown
-#define CyaSSL_set_rfd wolfSSL_set_rfd
-#define CyaSSL_set_wfd wolfSSL_set_wfd
-#define CyaSSL_set_shutdown wolfSSL_set_shutdown
-#define CyaSSL_set_session_id_context wolfSSL_set_session_id_context
-#define CyaSSL_set_connect_state wolfSSL_set_connect_state
-#define CyaSSL_set_accept_state wolfSSL_set_accept_state
-#define CyaSSL_session_reused wolfSSL_session_reused
-#define CyaSSL_SESSION_free wolfSSL_SESSION_free
-#define CyaSSL_is_init_finished wolfSSL_is_init_finished
-
-#define CyaSSL_get_version wolfSSL_get_version
-#define CyaSSL_get_current_cipher_suite wolfSSL_get_current_cipher_suite
-#define CyaSSL_get_current_cipher wolfSSL_get_current_cipher
-#define CyaSSL_CIPHER_description wolfSSL_CIPHER_description
-#define CyaSSL_CIPHER_get_name wolfSSL_CIPHER_get_name
-#define CyaSSL_get_cipher wolfSSL_get_cipher
-#define CyaSSL_get1_session wolfSSL_get1_session
-
-#define CyaSSL_X509_free wolfSSL_X509_free
-#define CyaSSL_OPENSSL_free wolfSSL_OPENSSL_free
-#define CyaSSL_OCSP_parse_url wolfSSL_OCSP_parse_url
-
-#define CyaSSLv23_client_method wolfSSLv23_client_method
-#define CyaSSLv2_client_method wolfSSLv2_client_method
-#define CyaSSLv2_server_method wolfSSLv2_server_method
-
-#define CyaSSL_MD4_Init wolfSSL_MD4_Init
-#define CyaSSL_MD4_Update wolfSSL_MD4_Update
-#define CyaSSL_MD4_Final wolfSSL_MD4_Final
-
-
-#define CyaSSL_BIO_new wolfSSL_BIO_new
-#define CyaSSL_BIO_free wolfSSL_BIO_free
-#define CyaSSL_BIO_free_all wolfSSL_BIO_free_all
-#define CyaSSL_BIO_read wolfSSL_BIO_read
-#define CyaSSL_BIO_write wolfSSL_BIO_write
-#define CyaSSL_BIO_push wolfSSL_BIO_push
-#define CyaSSL_BIO_pop wolfSSL_BIO_pop
-#define CyaSSL_BIO_flush wolfSSL_BIO_flush
-#define CyaSSL_BIO_pending wolfSSL_BIO_pending
-
-#define CyaSSL_BIO_f_buffer wolfSSL_BIO_f_buffer
-#define CyaSSL_BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size
-#define CyaSSL_BIO_f_ssl wolfSSL_BIO_f_ssl
-#define CyaSSL_BIO_new_socket wolfSSL_BIO_new_socket
-#define CyaSSL_BIO_eof wolfSSL_BIO_eof
-
-#define CyaSSL_BIO_s_mem wolfSSL_BIO_s_mem
-#define CyaSSL_BIO_f_base64 wolfSSL_BIO_f_base64
-#define CyaSSL_BIO_set_flags wolfSSL_BIO_set_flags
-#define CyaSSL_BIO_get_mem_data wolfSSL_BIO_get_mem_data
-#define CyaSSL_BIO_new_mem_buf wolfSSL_BIO_new_mem_buf
-
-
-#define CyaSSL_BIO_set_ssl wolfSSL_BIO_set_ssl
-#define CyaSSL_set_bio wolfSSL_set_bio
-
-#define CyaSSL_add_all_algorithms wolfSSL_add_all_algorithms
-#define CyaSSL_RAND_screen wolfSSL_RAND_screen
-#define CyaSSL_RAND_file_name wolfSSL_RAND_file_name
-#define CyaSSL_RAND_write_file wolfSSL_RAND_write_file
-#define CyaSSL_RAND_load_file wolfSSL_RAND_load_file
-#define CyaSSL_RAND_egd wolfSSL_RAND_egd
-#define CyaSSL_RAND_seed wolfSSL_RAND_seed
-#define CyaSSL_RAND_add wolfSSL_RAND_add
-
-#define CyaSSL_COMP_zlib wolfSSL_COMP_zlib
-#define CyaSSL_COMP_rle wolfSSL_COMP_rle
-#define CyaSSL_COMP_add_compression_method wolfSSL_COMP_add_compression_method
-#define CyaSSL_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback
-#define CyaSSL_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback
-#define CyaSSL_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
-#define CyaSSL_get_ex_new_index wolfSSL_get_ex_new_index
-#define CyaSSL_set_id_callback wolfSSL_set_id_callback
-#define CyaSSL_set_locking_callback wolfSSL_set_locking_callback
-#define CyaSSL_num_locks wolfSSL_num_locks
-
-#define CyaSSL_X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert
-#define CyaSSL_X509_STORE_CTX_get_error wolfSSL_X509_STORE_CTX_get_error
-#define CyaSSL_X509_STORE_CTX_get_error_depth wolfSSL_X509_STORE_CTX_get_error_depth
-
-#define CyaSSL_X509_NAME_oneline wolfSSL_X509_NAME_oneline
-#define CyaSSL_X509_get_issuer_name wolfSSL_X509_get_issuer_name
-#define CyaSSL_X509_get_subject_name wolfSSL_X509_get_subject_name
-#define CyaSSL_X509_ext_isSet_by_NID wolfSSL_X509_ext_isSet_by_NID
-#define CyaSSL_X509_ext_get_critical_by_NID wolfSSL_X509_ext_get_critical_by_NID
-#define CyaSSL_X509_get_isCA wolfSSL_X509_get_isCA
-#define CyaSSL_X509_get_isSet_pathLength wolfSSL_X509_get_isSet_pathLength
-#define CyaSSL_X509_get_pathLength wolfSSL_X509_get_pathLength
-#define CyaSSL_X509_get_keyUsage wolfSSL_X509_get_keyUsage
-#define CyaSSL_X509_get_authorityKeyID wolfSSL_X509_get_authorityKeyID
-#define CyaSSL_X509_get_subjectKeyID wolfSSL_X509_get_subjectKeyID
-#define CyaSSL_X509_NAME_entry_count wolfSSL_X509_NAME_entry_count
-#define CyaSSL_X509_NAME_get_text_by_NID wolfSSL_X509_NAME_get_text_by_NID
-#define CyaSSL_X509_verify_cert wolfSSL_X509_verify_cert
-#define CyaSSL_X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
-#define CyaSSL_X509_get_signature_type wolfSSL_X509_get_signature_type
-#define CyaSSL_X509_get_signature wolfSSL_X509_get_signature
-
-#define CyaSSL_X509_LOOKUP_add_dir wolfSSL_X509_LOOKUP_add_dir
-#define CyaSSL_X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file
-#define CyaSSL_X509_LOOKUP_hash_dir wolfSSL_X509_LOOKUP_hash_dir
-#define CyaSSL_X509_LOOKUP_file wolfSSL_X509_LOOKUP_file
-
-#define CyaSSL_X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup
-#define CyaSSL_X509_STORE_new wolfSSL_X509_STORE_new
-#define CyaSSL_X509_STORE_free wolfSSL_X509_STORE_free
-#define CyaSSL_X509_STORE_add_cert wolfSSL_X509_STORE_add_cert
-#define CyaSSL_X509_STORE_set_default_paths wolfSSL_X509_STORE_set_default_paths
-#define CyaSSL_X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject
-#define CyaSSL_X509_STORE_CTX_new wolfSSL_X509_STORE_CTX_new
-#define CyaSSL_X509_STORE_CTX_init wolfSSL_X509_STORE_CTX_init
-#define CyaSSL_X509_STORE_CTX_free wolfSSL_X509_STORE_CTX_free
-#define CyaSSL_X509_STORE_CTX_cleanup wolfSSL_X509_STORE_CTX_cleanup
-
-#define CyaSSL_X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
-#define CyaSSL_X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
-
-#define CyaSSL_X509_get_pubkey wolfSSL_X509_get_pubkey
-#define CyaSSL_X509_CRL_verify wolfSSL_X509_CRL_verify
-#define CyaSSL_X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error
-#define CyaSSL_X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
-#define CyaSSL_EVP_PKEY_free wolfSSL_EVP_PKEY_free
-#define CyaSSL_X509_cmp_current_time wolfSSL_X509_cmp_current_time
-#define CyaSSL_sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num
-
-#define CyaSSL_X509_CRL_get_REVOKED wolfSSL_X509_CRL_get_REVOKED
-#define CyaSSL_sk_X509_REVOKED_value wolfSSL_sk_X509_REVOKED_value
-#define CyaSSL_X509_get_serialNumber wolfSSL_X509_get_serialNumber
-#define CyaSSL_ASN1_TIME_print wolfSSL_ASN1_TIME_print
-#define CyaSSL_ASN1_INTEGER_cmp wolfSSL_ASN1_INTEGER_cmp
-#define CyaSSL_ASN1_INTEGER_get wolfSSL_ASN1_INTEGER_get
-#define CyaSSL_load_client_CA_file wolfSSL_load_client_CA_file
-#define CyaSSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
-#define CyaSSL_X509_STORE_CTX_get_ex_data wolfSSL_X509_STORE_CTX_get_ex_data
-#define CyaSSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
-#define CyaSSL_get_ex_data wolfSSL_get_ex_data
-
-#define CyaSSL_CTX_set_default_passwd_cb_userdata wolfSSL_CTX_set_default_passwd_cb_userdata
-#define CyaSSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
-#define CyaSSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
-#define CyaSSL_ERR_peek_error wolfSSL_ERR_peek_error
-#define CyaSSL_GET_REASON wolfSSL_GET_REASON
-#define CyaSSL_alert_type_string_long wolfSSL_alert_type_string_long
-#define CyaSSL_alert_desc_string_long wolfSSL_alert_desc_string_long
-#define CyaSSL_state_string_long wolfSSL_state_string_long
-
-#define CyaSSL_RSA_generate_key wolfSSL_RSA_generate_key
-#define CyaSSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
-#define CyaSSL_PEM_def_callback wolfSSL_PEM_def_callback
-#define CyaSSL_CTX_sess_accept wolfSSL_CTX_sess_accept
-#define CyaSSL_CTX_sess_connect wolfSSL_CTX_sess_connect
-#define CyaSSL_CTX_sess_accept_good wolfSSL_CTX_sess_accept_good
-#define CyaSSL_CTX_sess_connect_good wolfSSL_CTX_sess_connect_good
-#define CyaSSL_CTX_sess_accept_renegotiate wolfSSL_CTX_sess_accept_renegotiate
-#define CyaSSL_CTX_sess_connect_renegotiate wolfSSL_CTX_sess_connect_renegotiate
-#define CyaSSL_CTX_sess_hits wolfSSL_CTX_sess_hits
-#define CyaSSL_CTX_sess_cb_hits wolfSSL_CTX_sess_cb_hits
-#define CyaSSL_CTX_sess_cache_full wolfSSL_CTX_sess_cache_full
-#define CyaSSL_CTX_sess_misses wolfSSL_CTX_sess_misses
-#define CyaSSL_CTX_sess_timeouts wolfSSL_CTX_sess_timeouts
-#define CyaSSL_CTX_sess_number wolfSSL_CTX_sess_number
-#define CyaSSL_CTX_sess_get_cache_size wolfSSL_CTX_sess_get_cache_size
-
-
-
-/* src/keys.c */
-#define cyassl_triple_des wolfssl_triple_des
-
-/* Initialization and Shutdown */
-#define CyaSSL_Init wolfSSL_Init
-#define CyaSSL_library_init wolfSSL_library_init
-#define CyaSSL_Cleanup wolfSSL_Cleanup
-#define CyaSSL_shutdown wolfSSL_shutdown
-
-/* Certs and keys */
-#define CyaSSL_SetTmpDH wolfSSL_SetTmpDH
-#define CyaSSL_KeepArrays wolfSSL_KeepArrays
-#define CyaSSL_FreeArrays wolfSSL_FreeArrays
-#define CyaSSL_SetTmpDH_file wolfSSL_SetTmpDH_file
-#define CyaSSL_use_PrivateKey_buffer wolfSSL_use_PrivateKey_buffer
-#define CyaSSL_use_certificate_buffer wolfSSL_use_certificate_buffer
-#define CyaSSL_CTX_load_verify_buffer wolfSSL_CTX_load_verify_buffer
-#define CyaSSL_CTX_use_PrivateKey_file wolfSSL_CTX_use_PrivateKey_file
-#define CyaSSL_CTX_use_certificate_file wolfSSL_CTX_use_certificate_file
-#define CyaSSL_CTX_use_PrivateKey_buffer wolfSSL_CTX_use_PrivateKey_buffer
-#define CyaSSL_CTX_use_certificate_buffer wolfSSL_CTX_use_certificate_buffer
-#define CyaSSL_use_certificate_chain_buffer wolfSSL_use_certificate_chain_buffer
-#define CyaSSL_CTX_der_load_verify_locations \
- wolfSSL_CTX_der_load_verify_locations
-#define CyaSSL_CTX_use_certificate_chain_file \
- wolfSSL_CTX_use_certificate_chain_file
-#define CyaSSL_CTX_use_certificate_chain_buffer \
- wolfSSL_CTX_use_certificate_chain_buffer
-
-/* Context and Session Setup*/
-#define CyaSSL_new wolfSSL_new
-#define CyaSSL_free wolfSSL_free
-#define CyaSSL_set_fd wolfSSL_set_fd
-#define CyaSSL_CTX_new wolfSSL_CTX_new
-#define CyaSSL_CTX_free wolfSSL_CTX_free
-#define CyaSSL_SetVersion wolfSSL_SetVersion
-#define CyaSSL_set_verify wolfSSL_set_verify
-#define CyaSSL_set_session wolfSSL_set_session
-#define CyaSSL_set_timeout wolfSSL_set_timeout
-#define CyaSSL_CTX_set_verify wolfSSL_CTX_set_verify
-#define CyaSSL_CTX_set_timeout wolfSSL_CTX_set_timeout
-#define CyaSSL_set_cipher_list wolfSSL_set_cipher_list
-#define CyaSSL_set_compression wolfSSL_set_compression
-#define CyaTLSv1_client_method wolfTLSv1_client_method
-#define CyaTLSv1_server_method wolfTLSv1_server_method
-#define CyaSSLv3_client_method wolfSSLv3_client_method
-#define CyaSSLv3_server_method wolfSSLv3_server_method
-#define CyaSSLv23_client_method wolfSSLv23_client_method
-#define CyaSSLv23_server_method wolfSSLv23_server_method
-#define CyaDTLSv1_client_method wolfDTLSv1_client_method
-#define CyaDTLSv1_server_method wolfDTLSv1_server_method
-#define CyaSSL_check_domain_name wolfSSL_check_domain_name
-#define CyaTLSv1_1_client_method wolfTLSv1_1_client_method
-#define CyaTLSv1_1_server_method wolfTLSv1_1_server_method
-#define CyaTLSv1_2_client_method wolfTLSv1_2_client_method
-#define CyaTLSv1_2_server_method wolfTLSv1_2_server_method
-#define CyaDTLSv1_2_client_method wolfDTLSv1_2_client_method
-#define CyaDTLSv1_2_server_method wolfDTLSv1_2_server_method
-#define CyaSSL_set_group_messages wolfSSL_set_group_messages
-#define CyaSSL_CTX_set_cipher_list wolfSSL_CTX_set_cipher_list
-#define CyaSSL_CTX_set_group_messages wolfSSL_CTX_set_group_messages
-#define CyaSSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode
-
-/* Callbacks */
-
-/*
- * Empty comment denotes not listed in CyaSSL Manual
- * (soon to be wolfSSL Manual)
- */
-
-#define CyaSSL_accept_ex wolfSSL_accept_ex
-#define CyaSSL_SetIORecv wolfSSL_CTX_SetIORecv
-#define CyaSSL_SetIOSend wolfSSL_CTX_SetIOSend
-#define CyaSSL_connect_ex wolfSSL_connect_ex
-#define CyaSSL_CTX_SetCACb wolfSSL_CTX_SetCACb
-#define CyaSSL_SetIOReadCtx wolfSSL_SetIOReadCtx
-#define CyaSSL_SetRsaEncCtx wolfSSL_SetRsaEncCtx
-#define CyaSSL_GetRsaEncCtx wolfSSL_GetRsaEncCtx
-#define CyaSSL_SetRsaDecCtx wolfSSL_SetRsaDecCtx
-#define CyaSSL_GetRsaDecCtx wolfSSL_GetRsaDecCtx
-#define CyaSSL_SetLoggingCb wolfSSL_SetLoggingCb
-#define CyaSSL_SetEccSignCtx wolfSSL_SetEccSignCtx
-#define CyaSSL_GetEccSignCtx wolfSSL_GetEccSignCtx
-#define CyaSSL_SetRsaSignCtx wolfSSL_SetRsaSignCtx
-#define CyaSSL_GetRsaSignCtx wolfSSL_GetRsaSignCtx
-#define CyaSSL_SetIOWriteCtx wolfSSL_SetIOWriteCtx
-#define CyaSSL_SetIOReadFlags wolfSSL_SetIOReadFlags
-#define CyaSSL_SetEccVerifyCtx wolfSSL_SetEccVerifyCtx
-#define CyaSSL_GetEccVerifyCtx wolfSSL_GetEccVerifyCtx
-#define CyaSSL_SetRsaVerifyCtx wolfSSL_SetRsaVerifyCtx
-#define CyaSSL_GetRsaVerifyCtx wolfSSL_GetRsaVerifyCtx
-#define CyaSSL_CTX_SetRsaEncCb wolfSSL_CTX_SetRsaEncCb
-#define CyaSSL_CTX_SetRsaDecCb wolfSSL_CTX_SetRsaDecCb
-#define CyaSSL_SetIOWriteFlags wolfSSL_SetIOWriteFlags
-#define CyaSSL_SetTlsHmacInner wolfSSL_SetTlsHmacInner
-#define CyaSSL_SetMacEncryptCtx wolfSSL_SetMacEncryptCtx
-#define CyaSSL_GetMacEncryptCtx wolfSSL_GetMacEncryptCtx
-#define CyaSSL_CTX_SetEccSignCb wolfSSL_CTX_SetEccSignCb
-#define CyaSSL_CTX_SetRsaSignCb wolfSSL_CTX_SetRsaSignCb
-#define CyaSSL_CTX_SetEccVerifyCb wolfSSL_CTX_SetEccVerifyCb
-#define CyaSSL_CTX_SetRsaVerifyCb wolfSSL_CTX_SetRsaVerifyCb
-#define CyaSSL_CTX_SetMacEncryptCb wolfSSL_CTX_SetMacEncryptCb
-#define CyaSSL_SetDecryptVerifyCtx wolfSSL_SetDecryptVerifyCtx
-#define CyaSSL_GetDecryptVerifyCtx wolfSSL_GetDecryptVerifyCtx
-#define CyaSSL_CTX_SetDecryptVerifyCb wolfSSL_CTX_SetDecryptVerifyCb
-
-/* psk specific */
-#ifndef NO_PSK
-
-#define CyaSSL_get_psk_identity wolfSSL_get_psk_identity /**/
-#define CyaSSL_get_psk_identity_hint wolfSSL_get_psk_identity_hint /**/
-#define CyaSSL_use_psk_identity_hint wolfSSL_use_psk_identity_hint /**/
-#define CyaSSL_set_psk_client_callback wolfSSL_set_psk_client_callback /**/
-#define CyaSSL_set_psk_server_callback wolfSSL_set_psk_server_callback /**/
-#define CyaSSL_CTX_use_psk_identity_hint wolfSSL_CTX_use_psk_identity_hint /**/
-#define CyaSSL_CTX_set_psk_client_callback \
- wolfSSL_CTX_set_psk_client_callback /**/
-#define CyaSSL_CTX_set_psk_server_callback \
- wolfSSL_CTX_set_psk_server_callback /**/
-
-#endif
-/* end psk specific */
-
-/* Anonymous */
-#define CyaSSL_CTX_allow_anon_cipher wolfSSL_CTX_allow_anon_cipher /**/
-
-/* Error Handling and Debugging*/
-#define CyaSSL_get_error wolfSSL_get_error
-#define CyaSSL_want_read wolfSSL_want_read
-#define CyaSSL_want_write wolfSSL_want_write
-#define CyaSSL_Debugging_ON wolfSSL_Debugging_ON
-#define CyaSSL_Debugging_OFF wolfSSL_Debugging_OFF
-#define CyaSSL_ERR_error_string wolfSSL_ERR_error_string
-#define CyaSSL_load_error_strings wolfSSL_load_error_strings
-#define CyaSSL_ERR_error_string_n wolfSSL_ERR_error_string_n
-#define CyaSSL_ERR_print_errors_fp wolfSSL_ERR_print_errors_fp
-
-/* OCSP and CRL */
-
-/*
- * Empty comment denotes not listed in CyaSSL Manual
- * (soon to be wolfSSL Manual)
- */
-
-#define CYASSL_CRL_MONITOR WOLFSSL_CRL_MONITOR /**/
-#define CYASSL_CRL_START_MON WOLFSSL_CRL_START_MON /**/
-#define CYASSL_OCSP_NO_NONCE WOLFSSL_OCSP_NO_NONCE /**/
-#define CYASSL_OCSP_URL_OVERRIDE WOLFSSL_OCSP_URL_OVERRIDE
-#define CYASSL_OCSP_CHECKALL WOLFSSL_OCSP_CHECKALL
-
-#define CyaSSL_CTX_EnableOCSP wolfSSL_CTX_EnableOCSP
-#define CyaSSL_CTX_OCSP_set_options wolfSSL_CTX_OCSP_set_options /**/
-#define CyaSSL_CTX_SetOCSP_OverrideURL wolfSSL_CTX_SetOCSP_OverrideURL /**/
-#define CyaSSL_CTX_OCSP_set_override_url wolfSSL_CTX_OCSP_set_override_url /**/
-
-/* Informational */
-#define CyaSSL_GetSide wolfSSL_GetSide
-#define CyaSSL_IsTLSv1_1 wolfSSL_IsTLSv1_1
-#define CyaSSL_GetKeySize wolfSSL_GetKeySize
-#define CyaSSL_GetHmacSize wolfSSL_GetHmacSize
-#define CyaSSL_GetHmacType wolfSSL_GetHmacType
-#define CyaSSL_GetMacSecret wolfSSL_GetMacSecret
-#define CyaSSL_GetObjectSize wolfSSL_GetObjectSize
-#define CyaSSL_GetBulkCipher wolfSSL_GetBulkCipher
-#define CyaSSL_GetCipherType wolfSSL_GetCipherType
-#define CyaSSL_GetAeadMacSize wolfSSL_GetAeadMacSize
-#define CyaSSL_GetClientWriteIV wolfSSL_GetClientWriteIV
-#define CyaSSL_GetServerWriteIV wolfSSL_GetServerWriteIV
-#define CyaSSL_GetClientWriteKey wolfSSL_GetClientWriteKey
-#define CyaSSL_GetServerWriteKey wolfSSL_GetServerWriteKey
-#define CyaSSL_GetCipherBlockSize wolfSSL_GetCipherBlockSize
-
-/* Connection, Session, and I/O */
-#define CyaSSL_peek wolfSSL_peek
-#define CyaSSL_read wolfSSL_read
-#define CyaSSL_recv wolfSSL_recv
-#define CyaSSL_send wolfSSL_send
-#define CyaSSL_write wolfSSL_write
-#define CyaSSL_writev wolfSSL_writev
-#define CyaSSL_accept wolfSSL_accept
-#define CyaSSL_get_fd wolfSSL_get_fd
-#define CyaSSL_connect wolfSSL_connect
-#define CyaSSL_pending wolfSSL_pending
-#define CyaSSL_negotiate wolfSSL_negotiate
-#define CyaSSL_get_session wolfSSL_get_session
-#define CyaSSL_connect_cert wolfSSL_connect_cert
-#define CyaSSL_flush_sessions wolfSSL_flush_sessions
-#define CyaSSL_get_using_nonblock wolfSSL_get_using_nonblock
-#define CyaSSL_PrintSessionStats wolfSSL_PrintSessionStats
-
-/* DTLS Specific */
-#define CyaSSL_dtls wolfSSL_dtls
-#define CyaSSL_dtls_set_peer wolfSSL_dtls_set_peer
-#define CyaSSL_dtls_get_peer wolfSSL_dtls_get_peer
-#define CyaSSL_dtls_got_timeout wolfSSL_dtls_got_timeout
-#define CyaSSL_dtls_get_current_timeout wolfSSL_dtls_get_current_timeout
-#define CyaSSL_set_using_nonblock wolfSSL_dtls_set_using_nonblock
-
-/* Certificate Manager */
-#define CyaSSL_CertManagerNew wolfSSL_CertManagerNew
-#define CyaSSL_CertManagerFree wolfSSL_CertManagerFree
-#define CyaSSL_CertManagerLoadCA wolfSSL_CertManagerLoadCA
-#define CyaSSL_CertManagerVerify wolfSSL_CertManagerVerify
-#define CyaSSL_CertManagerEnableCRL wolfSSL_CertManagerEnableCRL
-#define CyaSSL_CertManagerDisableCRL wolfSSL_CertManagerDisableCRL
-#define CyaSSL_CertManagerVerifyBuffer wolfSSL_CertManagerVerifyBuffer
-#ifndef NO_CERTS
- #define CyaSSL_CertManagerCheckCRL wolfSSL_CertManagerCheckCRL
- #define CyaSSL_CertManagerLoadCRL wolfSSL_CertManagerLoadCRL
- #define CyaSSL_CertManagerSetCRL_Cb wolfSSL_CertManagerSetCRL_Cb
- #define CyaSSL_CertManagerCheckOCSP wolfSSL_CertManagerCheckOCSP
- #define CyaSSL_CertManagerSetOCSP_Cb wolfSSL_CertManagerSetOCSP_Cb
- #define CyaSSL_CertManagerSetOCSPOverrideURL \
- wolfSSL_CertManagerSetOCSPOverrideURL
-
- #define CyaSSL_DisableCRL wolfSSL_DisableCRL
- #define CyaSSL_EnableOCSP wolfSSL_EnableOCSP
- #define CyaSSL_DisableOCSP wolfSSL_DisableOCSP
- #define CyaSSL_SetOCSP_OverrideURL wolfSSL_SetOCSP_OverrideURL
- #define CyaSSL_SetOCSP_Cb wolfSSL_SetOCSP_Cb
-
- #define CyaSSL_CTX_EnableCRL wolfSSL_CTX_EnableCRL
- #define CyaSSL_CTX_DisableCRL wolfSSL_CTX_DisableCRL
- #define CyaSSL_CTX_LoadCRL wolfSSL_CTX_LoadCRL
- #define CyaSSL_CTX_SetCRL_Cb wolfSSL_CTX_SetCRL_Cb
- #define CyaSSL_CTX_DisableOCSP wolfSSL_CTX_DisableOCSP
- #define CyaSSL_CTX_SetOCSP_Cb wolfSSL_CTX_SetOCSP_Cb
-#endif /* !NO_CERTS */
-
-
-/* OpenSSL Compatibility Layer */
-#define CyaSSL_get_sessionID wolfSSL_get_sessionID
-#define CyaSSL_get_peer_count wolfSSL_get_peer_count
-#define CyaSSL_get_chain_cert wolfSSL_get_chain_cert
-#define CyaSSL_get_peer_chain wolfSSL_get_peer_chain
-#define CyaSSL_get_peer_length wolfSSL_get_peer_length
-#define CyaSSL_get_chain_cert_pem wolfSSL_get_chain_cert_pem
-#define CyaSSL_use_PrivateKey_file wolfSSL_use_PrivateKey_file
-#define CyaSSL_use_certificate_file wolfSSL_use_certificate_file
-#define CyaSSL_use_RSAPrivateKey_file wolfSSL_use_RSAPrivateKey_file
-#define CyaSSL_X509_get_serial_number wolfSSL_X509_get_serial_number
-#define CyaSSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
-#define CyaSSL_use_certificate_chain_file wolfSSL_use_certificate_chain_file
-
-/* TLS Extensions */
-#define CYASSL_SNI_HOST_NAME WOLFSSL_SNI_HOST_NAME
-
-#define CyaSSL_UseSNI wolfSSL_UseSNI
-#define CyaSSL_CTX_UseSNI wolfSSL_CTX_UseSNI
-#define CyaSSL_SNI_SetOptions wolfSSL_SNI_SetOptions
-#define CyaSSL_SNI_GetRequest wolfSSL_SNI_GetRequest
-#define CyaSSL_UseMaxFragment wolfSSL_UseMaxFragment
-#define CyaSSL_UseTruncatedHMAC wolfSSL_UseTruncatedHMAC
-#define CyaSSL_UseSupportedCurve wolfSSL_UseSupportedCurve
-#define CyaSSL_SNI_GetFromBuffer wolfSSL_SNI_GetFromBuffer
-#define CyaSSL_CTX_SNI_SetOptions wolfSSL_CTX_SNI_SetOptions
-#define CyaSSL_CTX_UseMaxFragment wolfSSL_CTX_UseMaxFragment
-#define CyaSSL_CTX_UseTruncatedHMAC wolfSSL_CTX_UseTruncatedHMAC
-#define CyaSSL_CTX_UseSupportedCurve wolfSSL_CTX_UseSupportedCurve
-
-/* End wolfssl -> cyassl -> openssl compatibility */
-
-/* JRB macro redefinitions and api calls for cryptography for reverse compat. */
-
-#ifdef WOLFSSL_SMALL_STACK
- #define CYASSL_SMALL_STACK
-#endif
-
-
-/*
- * wrapper around macros until they are changed in cyassl code
- * needs investigation in regards to macros in fips
- */
-#ifdef NO_CYASSL_ALLOC_ALIGN
-#define NO_WOLFSSL_ALLOC_ALIGN NO_CYASSL_ALLOC_ALIGN
-#endif
-
-
-/* examples/client/client.h */
-#define CYASSL_THREAD WOLFSSL_THREAD
-#ifdef WOLFSSL_DTLS
- #define CYASSL_DTLS WOLFSSL_DTLS
-#endif
-
-/* examples/client/client.c */
-#define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING
-
-#ifdef __cplusplus
- } /* extern "C" */
-#endif
-
-
-#endif /* CyaSSL_openssl_h__ */
diff --git a/extra/wolfssl/wolfssl/cyassl/test.h b/extra/wolfssl/wolfssl/cyassl/test.h
deleted file mode 100644
index 428b141b..00000000
--- a/extra/wolfssl/wolfssl/cyassl/test.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* test.h */
-
-#include <wolfssl/test.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/version.h b/extra/wolfssl/wolfssl/cyassl/version.h
deleted file mode 100644
index c5017f51..00000000
--- a/extra/wolfssl/wolfssl/cyassl/version.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* cyassl/version.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/version.h>
-
-#define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING
-#define LIBCYASSL_VERSION_HEX LIBWOLFSSL_VERSION_HEX
-
diff --git a/extra/wolfssl/wolfssl/cyassl/version.h.in b/extra/wolfssl/wolfssl/cyassl/version.h.in
deleted file mode 100644
index cbebca82..00000000
--- a/extra/wolfssl/wolfssl/cyassl/version.h.in
+++ /dev/null
@@ -1,23 +0,0 @@
-/* cyassl_version.h.in
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/version.h.in>
diff --git a/extra/wolfssl/wolfssl/debian/changelog.in b/extra/wolfssl/wolfssl/debian/changelog.in
new file mode 100644
index 00000000..750d6304
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/changelog.in
@@ -0,0 +1,7 @@
+wolfssl (@VERSION@) stable; urgency=medium
+
+ * For a full changelog see
+ https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md
+
+ -- wolfSSL <support@wolfssl.com> @WOLFSSL_BUILD_DATE@
+
diff --git a/extra/wolfssl/wolfssl/debian/control.in b/extra/wolfssl/wolfssl/debian/control.in
new file mode 100644
index 00000000..c334d279
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/control.in
@@ -0,0 +1,44 @@
+Source: wolfssl
+Maintainer: wolfSSL <support@wolfssl.com>
+Section: libs
+Priority: optional
+Standards-Version: 4.6.2
+Build-Depends: debhelper-compat (= 13)
+Vcs-Git: https://github.com/wolfSSL/wolfssl.git
+Vcs-browser: https://github.com/wolfSSL/wolfssl
+Homepage: https://www.wolfssl.com/
+
+Package: libwolfssl
+Architecture: any
+Section: libs
+Priority: optional
+Pre-Depends:
+Depends:
+ ${shlibs:Depends},
+ ${misc:Depends}
+Description: wolfSSL encryption library
+ The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
+ library written in ANSI C and targeted for embedded, RTOS, and
+ resource-constrained environments - primarily because of its small size, speed,
+ and feature set. It is commonly used in standard operating environments as well
+ because of its royalty-free pricing and excellent cross platform support.
+ wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
+ levels.
+
+Package: libwolfssl-dev
+Architecture: any
+Section: libdevel
+Priority: optional
+Pre-Depends:
+Depends:
+ libwolfssl (= ${binary:Version}),
+ ${misc:Depends}
+Description: wolfSSL encryption library
+ The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
+ library written in ANSI C and targeted for embedded, RTOS, and
+ resource-constrained environments - primarily because of its small size, speed,
+ and feature set. It is commonly used in standard operating environments as well
+ because of its royalty-free pricing and excellent cross platform support.
+ wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
+ levels.
+
diff --git a/extra/wolfssl/wolfssl/debian/copyright b/extra/wolfssl/wolfssl/debian/copyright
new file mode 100644
index 00000000..66fcda66
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/copyright
@@ -0,0 +1,217 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: wolfssl
+Upstream-Contact: David Garske <david@wolfssl.com>
+Source: https://github.com/wolfssl/wolfssl/releases
+
+Files:
+ *
+Copyright:
+ 2006-2023 wolfSSL Inc.
+License: GPL-2+
+
+Files:
+ zephyr/Kconfig
+Copyright:
+ 2016 Intel Corporation
+License: Apache-2.0
+
+Files:
+ zephyr/Kconfig.tls-generic
+Copyright:
+ 2018 Intel Corporation
+ 2018 Nordic Semiconductor ASA
+License: Apache-2.0
+
+Files:
+ wolfcrypt/src/camellia.c
+ wolfssl/wolfcrypt/camellia.h
+Copyright:
+ 2006-2007 NTT (Nippon Telegraph and Telephone Corporation)
+ 2006-2016 wolfSSL Inc.
+License: GPL-2+
+
+Files:
+ m4/ax_append_link_flags.m4
+Copyright:
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_pthread.m4
+Copyright:
+ 2008 Steven G. Johnson <stevenj@alum.mit.edu>
+ 2011 Daniel Richard G. <skunk@iSKUNK.ORG>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_check_library.m4
+Copyright:
+ 2012 Brian Aker <brian@tangent.org>
+ 2010 Diego Elio Petteno` <flameeyes@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_append_flag.m4
+ m4/ax_check_compile_flag.m4
+ m4/ax_check_link_flag.m4
+Copyright:
+ 2008 Guido U. Draheim <guidod@gmx.de>
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_append_compile_flags.m4
+Copyright:
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_tls.m4
+Copyright:
+ 2008 Alan Woodland <ajw05@aber.ac.uk>
+ 2010 Diego Elio Petteno` <flameeyes@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_create_generic_config.m4
+Copyright:
+ 2008 Guido U. Draheim <guidod@gmx.de>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_compiler_version.m4
+ m4/ax_debug.m4
+ m4/ax_harden_compiler_flags.m4
+ m4/ax_vcs_checkout.m4
+Copyright:
+ 2012 Brian Aker
+License: BSD-3-clause
+
+Files:
+ m4/ax_append_to_file.m4
+ m4/ax_file_escapes.m4
+ m4/ax_print_to_file.m4
+Copyright:
+ 2008 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_add_am_macro.m4
+Copyright:
+ 2009 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_am_jobserver.m4
+Copyright:
+ 2008 Michael Paul Bailey <jinxidoru@byu.net>
+License: FSFAP
+
+Files:
+ m4/ax_am_macros.m4
+Copyright:
+ 2009 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_count_cpus.m4
+Copyright:
+ 2012 Brian Aker <brian@tangent.org>
+ 2008 Michael Paul Bailey <jinxidoru@byu.net>
+ 2008 Christophe Tournayre <turn3r@users.sourceforge.net>
+License: FSFAP
+
+Files:
+ debian/*
+Copyright:
+ 2014-2022 Felix Lechner <felix.lechner@lease-up.com>
+License: GPL-2+
+
+
+License: FSFAP
+ Copying and distribution of this file, with or without modification, are
+ permitted in any medium without royalty provided the copyright notice
+ and this notice are preserved. This file is offered as-is, without any
+ warranty.
+
+
+License: GPL-2+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+
+License: GPL-3+-with-autoconf
+ This program is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by the
+ Free Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+ .
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+ Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along
+ with this program. If not, see <http://www.gnu.org/licenses/>.
+ .
+ As a special exception, the respective Autoconf Macro's copyright owner
+ gives unlimited permission to copy, distribute and modify the configure
+ scripts that are the output of Autoconf when processing the Macro. You
+ need not follow the terms of the GNU General Public License when using
+ or distributing such scripts, even though portions of the text of the
+ Macro appear in them. The GNU General Public License (GPL) does govern
+ all other use of the material that constitutes the Autoconf Macro.
+ .
+ This special exception to the GPL applies to versions of the Autoconf
+ Macro released by the Autoconf Archive. When you make and distribute a
+ modified version of the Autoconf Macro, you may extend this special
+ exception to the GPL to apply to your modified version as well.
+
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ * Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions and the following disclaimer
+ in the documentation and/or other materials provided with the
+ distribution.
+ .
+ * The names of its contributors may not be used to endorse or
+ promote products derived from this software without specific prior
+ written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+License: Apache-2.0
+ On modern Debian systems, the text of this license can be found
+ at: /usr/share/common-licenses/Apache-2.0
+
diff --git a/extra/wolfssl/wolfssl/debian/include.am b/extra/wolfssl/wolfssl/debian/include.am
new file mode 100644
index 00000000..e6f932b8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/include.am
@@ -0,0 +1,77 @@
+# vim:ft=automake
+
+DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
+
+deb:
+# Setup meta folders
+ mkdir -p debian/libwolfssl/DEBIAN debian/libwolfssl-dev/DEBIAN
+# "Install" wolfSSL
+ make install exec_prefix=$(CURDIR)/debian/libwolfssl/usr \
+ prefix=$(CURDIR)/debian/libwolfssl-dev/usr
+# deb shared lib stuff
+ fakeroot dh_makeshlibs
+ dh_shlibdeps
+ dh_installdeb
+# Generate the lib and src descriptions
+ fakeroot dh_gencontrol
+# Make adjustments to the package structure and to satisfy lintian checks
+# Correct doc dir name
+ @rm -rf debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+ @mv debian/libwolfssl-dev/usr/share/doc/wolfssl \
+ debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+# Clear lib folder
+ @rm -rf debian/libwolfssl-dev/usr/lib
+ @mkdir -p debian/libwolfssl-dev/usr/lib
+# Move the top level .so into the dev pkg
+ @mv debian/libwolfssl/usr/lib/libwolfssl.so debian/libwolfssl-dev/usr/lib
+# Create correct pkg doc dir
+ @rm -rf debian/libwolfssl/usr/share/doc/libwolfssl
+ @mkdir -p debian/libwolfssl/usr/share/doc/libwolfssl
+# Place changelog
+ @gzip -n -9 -c debian/changelog | \
+ tee debian/libwolfssl/usr/share/doc/libwolfssl/changelog.gz > \
+ debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/changelog.gz
+# Place copyright
+ @cp debian/copyright debian/libwolfssl/usr/share/doc/libwolfssl
+ @cp debian/copyright debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+# Remove .la file https://wiki.debian.org/ReleaseGoals/LAFileRemoval
+ @rm debian/libwolfssl/usr/lib/libwolfssl.la
+# Strip unwanted symbols
+# https://www.debian.org/doc/debian-policy/ch-files.html#binaries
+ @strip --strip-unneeded debian/libwolfssl/usr/lib/libwolfssl.so.*.*.*
+# Place pkgconfig so that it is available for cross-compilation
+# https://lintian.debian.org/tags/pkg-config-unavailable-for-cross-compilation
+ @rm -rf debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+ @mkdir -p debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+ @mv debian/libwolfssl/usr/lib/pkgconfig \
+ debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+# Set the expected access rules
+ @chmod 644 debian/libwolfssl/usr/lib/libwolfssl.so.*.*.*
+ @chmod 644 debian/libwolfssl/usr/share/doc/libwolfssl/changelog.gz \
+ debian/libwolfssl/usr/share/doc/libwolfssl/copyright \
+ debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/changelog.gz \
+ debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/copyright
+# Do this as the last step to mark all directories with the correct access bits
+ @find debian/libwolfssl*/usr -type d | xargs chmod 755
+# Generate debs
+ dpkg-deb --root-owner-group -b debian/libwolfssl .
+ dpkg-deb --root-owner-group -b debian/libwolfssl-dev .
+# Check that everything is correct with lintian
+# - we don't provide a manual page for wolfssl-config
+# - we don't care about matching the soname for our debs
+ lintian *.deb --fail-on error,warning --tag-display-limit 0 \
+ --suppress-tags no-manual-page,package-name-doesnt-match-sonames
+# Clean up the working dirs
+ make deb-clean
+
+deb-docker:
+ docker build -t "debian-builder:Dockerfile" Docker/packaging/debian
+ docker run --rm -v $(CURDIR):/opt/wolfssl debian-builder:Dockerfile \
+ bash -c 'cd /opt/wolfssl && ./config.status --recheck && make deb && \
+ make clean deb-clean &> /dev/null'
+# To allow the user to keep using the configuration on the host
+ @./config.status --recheck &> /dev/null
+
+deb-clean:
+ rm -rf debian/libwolfssl debian/libwolfssl-dev debian/files \
+ debian/*.substvars debian/.debhelper
diff --git a/extra/wolfssl/wolfssl/doc/QUIC.md b/extra/wolfssl/wolfssl/doc/QUIC.md
index b2ab0196..3ab3f8de 100644
--- a/extra/wolfssl/wolfssl/doc/QUIC.md
+++ b/extra/wolfssl/wolfssl/doc/QUIC.md
@@ -57,7 +57,7 @@ The separation of HTTP/3 and QUIC is natural when you think about the relationsh
The separation of QUIC's "crypto" parts from its other protocol enabling functions is a matter of security. In its experimental beginnings, QUIC had its own security design. With the emerging TLSv1.3 and all it improvements, plus decades of experience, it seemed rather unwise to have something separate in QUIC.
-Therefore, the complete TLSv1.3 handshake became part of the QUIC protocol, with some restrictions and simplifications (UDP based QUIC does not accommodate broken TCP middle boxes). With the need for a complete TLSv1.3 stack, QUIC implementors happily make use of existing TLS libraries.
+Therefore, the complete TLSv1.3 handshake became part of the QUIC protocol, with some restrictions and simplifications (UDP based QUIC does not accommodate broken TCP middle boxes). With the need for a complete TLSv1.3 stack, QUIC implementers happily make use of existing TLS libraries.
## wolfSSL API
diff --git a/extra/wolfssl/wolfssl/doc/check_api.sh b/extra/wolfssl/wolfssl/doc/check_api.sh
index 612ee924..35b71a21 100755
--- a/extra/wolfssl/wolfssl/doc/check_api.sh
+++ b/extra/wolfssl/wolfssl/doc/check_api.sh
@@ -21,7 +21,7 @@ while read h_file; do
api_count="$(wc -l < dox_api.txt)"
match_count="$(grep -Ff dox_api.txt wolf_api.txt | wc -l)"
if [ "$api_count" != "$match_count" ]; then
- echo "Mistmatch"
+ echo "Mismatch"
echo "Dox_api: $api_count"
echo "Matched_api: $match_count"
echo "Header file: $h_file"
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h
index 9db335ed..51ff301e 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h
@@ -1,12 +1,12 @@
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€ã‚­ãƒ¼ã‚’設定ã—ã¦åˆæœŸåŒ–ベクトルを設定ã™ã‚‹ã“ã¨ã§AES構造をåˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return 0 キーã¨åˆæœŸåŒ–ベクトルを正常ã«è¨­å®šã—ã¾ã™ã€‚
- \return BAD_FUNC_ARG キーã®é•·ã•ãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param aes 変更ã™ã‚‹AES構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param key æš—å·åŒ–ã¨å¾©å·åŒ–ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
- \param len 渡ã•ã‚ŒãŸã‚­ãƒ¼ã®é•·ã•
- \param iv キーをåˆæœŸåŒ–ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹åˆæœŸåŒ–ベクトルã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€éµã‚’設定ã—ã¦åˆæœŸåŒ–ベクトルを設定ã™ã‚‹ã“ã¨ã§Aes構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return 0 éµã¨åˆæœŸåŒ–ベクトルを正常ã«è¨­å®šã—ã¾ã—ãŸ
+ \return BAD_FUNC_ARG éµã®é•·ã•ãŒç„¡åŠ¹ãªå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param aes 変更ã™ã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key æš—å·åŒ–ã¨å¾©å·ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
+ \param len 渡ã•ã‚ŒãŸéµã®é•·ã•
+ \param iv éµã‚’åˆæœŸåŒ–ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹åˆæœŸåŒ–ベクトルã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
Aes enc;
@@ -25,11 +25,11 @@ int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€ç‰¹å®šã®AESオブジェクトã®åˆæœŸåŒ–ベクトルを設定ã—ã¾ã™ã€‚AESオブジェクトã¯ã€ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™å‰ã«åˆæœŸåŒ–ã•ã‚Œã‚‹ã¹ãã§ã™ã€‚
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€æŒ‡å®šã•ã‚ŒãŸAes構造体ã®åˆæœŸåŒ–ベクトルを設定ã—ã¾ã™ã€‚Aes構造体ã¯ã€ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™å‰ã«åˆæœŸåŒ–ã•ã‚Œã¦ã„ã‚‹ã“ã¨ãŒå¿…è¦ã§ã™ã€‚
\return 0 åˆæœŸåŒ–ベクトルを正常ã«è¨­å®šã—ã¾ã™ã€‚
- \return BAD_FUNC_ARG AESãƒã‚¤ãƒ³ã‚¿ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param aes åˆæœŸåŒ–ベクトルを設定ã™ã‚‹AES構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \return BAD_FUNC_ARG Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param aes åˆæœŸåŒ–ベクトルを設定ã™ã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
Aes enc;
@@ -45,11 +45,19 @@ int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
int wc_AesSetIV(Aes* aes, const byte* iv);
/*!
- \ingroup AES
- \brief 入力ãƒãƒƒãƒ•ã‚¡ãƒ¼ã‹ã‚‰å¹³æ–‡ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æš—å·åŒ–ã—ã€AESã§Cipher Block Chainingを使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å…¥ã‚Œã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæš—å·åŒ–ã•ã‚Œã‚‹å‰ã«AESSetKeyを呼ã³å‡ºã™ã“ã¨ã«ã‚ˆã£ã¦AESオブジェクトãŒåˆæœŸåŒ–ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’å¿…è¦ã¨ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒAESブロック長ã§ã‚ã‚‹ã¨ä»®å®šã—ã€å…¥åŠ›ã•ã‚ŒãŸé•·ã•ãŒãƒ–ロック長ã®å€æ•°ã«ãªã‚‹ã“ã¨ã‚’想定ã—ã¦ã„ã‚‹ãŸã‚ã€ãƒ“ルド構æˆã§WolfSSL_AES_CBC_LENGTH_CHECKSãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ä»»æ„é¸æŠžã§ãƒã‚§ãƒƒã‚¯ãŠã‚ˆã³é©ç”¨ã•ã‚Œã¾ã™ã€‚ブロック多入力をä¿è¨¼ã™ã‚‹ãŸã‚ã«ã€PKCS#7スタイルã®ãƒ‘ディングを事å‰ã«è¿½åŠ ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã‚ãªãŸã®ãŸã‚ã«ãƒ‘ディングを追加ã™ã‚‹OpenSSL AES-CBCメソッドã¨ã¯ç•°ãªã‚Šã¾ã™ã€‚WOLFSSLã¨å¯¾å¿œã™ã‚‹OpenSSL関数を相互é‹ç”¨ã™ã‚‹ã«ã¯ã€OpenSSLコマンドライン関数ã§-nopadオプションを指定ã—ã¦ã€WolfSSL AESCCENCRYPTメソッドã®ã‚ˆã†ã«å‹•ä½œã—ã€æš—å·åŒ–中ã«è¿½åŠ ã®ãƒ‘ディングを追加ã—ã¾ã›ã‚“。
+ \ingroup AES
+ \brief 入力ãƒãƒƒãƒ•ã‚¡ã®å¹³æ–‡ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æš—å·åŒ–ã—ã€AESã§Cipher Block Chainingを使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°å‘¼ã³å‡ºã—ã«ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æš—å·åŒ–å‰ã«wc_AesSetKeyを呼ã³å‡ºã—ã¦AESオブジェクトãŒåˆæœŸåŒ–ã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒAESブロック長ã§ã‚ã‚‹ã¨ä»®å®šã—ã€å…¥åŠ›ã•ã‚ŒãŸé•·ã•ãŒãƒ–ロック長ã®å€æ•°ã«ãªã‚‹ã“ã¨ã‚’想定ã—ã¦ã„ã‚‹ãŸã‚ã€
+ ビルド構æˆã§WOLFSSL_AES_CBC_LENGTH_CHECKSãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ä»»æ„é¸æŠžã§ãƒã‚§ãƒƒã‚¯ãŠã‚ˆã³é©ç”¨ã•ã‚Œã¾ã™ã€‚
+ ブロック多入力をä¿è¨¼ã™ã‚‹ãŸã‚ã«ã€PKCS#7スタイルã®ãƒ‘ディングを事å‰ã«è¿½åŠ ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã‚Œã¯è‡ªå‹•çš„ã«ãƒ‘ディングを追加ã™ã‚‹OpenSSL AES-CBCメソッドã¨ã¯ç•°ãªã‚Šã¾ã™ã€‚
+ WOLFSSLã¨å¯¾å¿œã™ã‚‹OpenSSL関数を相互é‹ç”¨ã™ã‚‹ã«ã¯ã€OpenSSLコマンドライン関数ã§-nopadオプションを指定ã—ã¦ã€
+ wolfSSL_AesCbcEncryptメソッドã®ã‚ˆã†ã«å‹•ä½œã—ã€æš—å·åŒ–中ã«è¿½åŠ ã®ãƒ‘ディングを追加ã—ã¾ã›ã‚“。
+
\return 0 メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ã¾ã—ãŸã€‚
- \return BAD_ALIGN_E: ブロック整列誤差ã§è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™
- \return BAD_LENGTH_E 入力長ãŒAESブロック長ã®å€æ•°ã§ãªã„å ´åˆã¯ã€ãƒ©ã‚¤ãƒ–ラリーãŒwolfssl_aes_cbc_length_checksã§æ§‹ç¯‰ã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_ALIGN_E: ブロックアライメントエラー検出時ã«è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™
+ \return BAD_LENGTH_E ライブラリーãŒWOLFSSL_AES_CBC_LENGTH_CHECKSã§æ§‹ç¯‰ã•ã‚Œã¦ã„ã‚‹å ´åˆã§ã€å…¥åŠ›é•·ãŒAESブロック長ã®å€æ•°ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param out æš—å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æš—å·æ–‡ã‚’æ ¼ç´ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param in æš—å·åŒ–ã•ã‚Œã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
@@ -73,14 +81,22 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
/*!
- \ingroup AES
- \brief 入力ãƒãƒƒãƒ•ã‚¡ãƒ¼ã‹ã‚‰æš—å·ã‚’復å·åŒ–ã—ã€AESã§Cipher Block Chainingを使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å…¥ã‚Œã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒå¾©å·åŒ–ã•ã‚Œã‚‹å‰ã«AESSetKeyを呼ã³å‡ºã™ã“ã¨ã«ã‚ˆã£ã¦AES構造ãŒåˆæœŸåŒ–ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’å¿…è¦ã¨ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€å…ƒã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒAESブロック長ã§æ•´åˆ—ã—ã¦ã„ãŸã¨ä»®å®šã—ã€å…¥åŠ›ã•ã‚ŒãŸé•·ã•ãŒãƒ–ロック長ã®å€æ•°ã«ãªã‚‹ã¨äºˆæƒ³ã—ã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯OpenSSL AES-CBCメソッドã¨ã¯ç•°ãªã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€PKCS#7パディングを自動的ã«è¿½åŠ ã™ã‚‹ãŸã‚ã€ãƒ–ロックマルãƒå…¥åŠ›ã‚’å¿…è¦ã¨ã—ã¾ã›ã‚“。WolfSSL機能ã¨åŒç­‰ã®OpenSSL関数を相互é‹ç”¨ã™ã‚‹ã«ã¯ã€OpenSSLコマンドライン関数ã§-nopadオプションを指定ã—ã€wolfssl aescbceNcryptメソッドã®ã‚ˆã†ã«å‹•ä½œã—ã€å¾©å·åŒ–中ã«ã‚¨ãƒ©ãƒ¼ã‚’発生ã•ã›ã¾ã›ã‚“。
- \return 0 メッセージを正常ã«å¾©å·åŒ–ã—ã¾ã™ã€‚
- \return BAD_ALIGN_E ブロック整列エラーã§è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
- \return BAD_LENGTH_E 入力長ãŒAESブロック長ã®å€æ•°ã§ãªã„å ´åˆã¯ã€ãƒ©ã‚¤ãƒ–ラリーãŒwolfssl_aes_cbc_length_checksã§æ§‹ç¯‰ã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param aes データを復å·åŒ–ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param out 復å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ—レーンテキストをä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param in 復å·åŒ–ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup AES
+ \brief 入力ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ã®æš—å·ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’復å·ã—ã€AESã§Cipher Block Chainingを使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°å‘¼ã³å‡ºã—ã«ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æš—å·åŒ–å‰ã«wc_AesSetKeyを呼ã³å‡ºã—ã¦AESオブジェクトãŒåˆæœŸåŒ–ã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€å…ƒã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒAESブロック長ã§æ•´åˆ—ã—ã¦ã„ãŸã¨ä»®å®šã—ã€å…¥åŠ›ã•ã‚ŒãŸé•·ã•ãŒãƒ–ロック長ã®å€æ•°ã«ãªã‚‹ã¨äºˆæƒ³ã—ã¦ã„ã¾ã™ã€‚
+ ã“ã‚Œã¯OpenSSL AES-CBCメソッドã¨ã¯ç•°ãªã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€PKCS#7パディングを自動的ã«è¿½åŠ ã™ã‚‹ãŸã‚ã€ãƒ–ロックマルãƒå…¥åŠ›ã‚’å¿…è¦ã¨ã—ã¾ã›ã‚“。
+ wolfSSL機能ã¨åŒç­‰ã®OpenSSL関数を相互é‹ç”¨ã™ã‚‹ã«ã¯ã€OpenSSLコマンドライン関数ã§-nopadオプションを指定ã—ã€
+ wolfSSL_ AesCbcEncryptメソッドã®ã‚ˆã†ã«å‹•ä½œã—ã€å¾©å·ä¸­ã«ã‚¨ãƒ©ãƒ¼ã‚’発生ã•ã›ã¾ã›ã‚“。
+ \return 0 メッセージを正常ã«å¾©å·ã—ã¾ã—ãŸ
+ \return BAD_ALIGN_E ブロックアライメントエラー検出時ã«è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™
+ \return BAD_LENGTH_E ライブラリーãŒWOLFSSL_AES_CBC_LENGTH_CHECKSã§æ§‹ç¯‰ã•ã‚Œã¦ã„ã‚‹å ´åˆã§ã€å…¥åŠ›é•·ãŒAESブロック長ã®å€æ•°ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param aes データを復å·ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param out 復å·ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ—レーンテキストをä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ サイズã¯AES_BLOCK_SIZEã®å€æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。必è¦ãªå ´åˆã¯ãƒ‘ディングã¯è¿½åŠ ã•ã‚Œã¾ã™ã€‚
+ \param in 復å·ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ サイズã¯AES_BLOCK_SIZEã®å€æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。パディングã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \param sz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
_Example_
\code
Aes dec;
@@ -100,12 +116,18 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
/*!
- \ingroup AES
- \brief 入力ãƒãƒƒãƒ•ã‚¡ãƒ¼ã‹ã‚‰ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æš—å·åŒ–/復å·åŒ–ã—ã€AESを使用ã—ã¦CTRモードを使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å…¥ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_aes_counterãŒã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã™å‰ã«ã€AES構造体をAessetKeyã§åˆæœŸåŒ–ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®é–¢æ•°ã¯å¾©å·åŒ–ã¨æš—å·åŒ–ã®ä¸¡æ–¹ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚_注:暗å·åŒ–ã¨å¾©å·åŒ–ã®ãŸã‚ã®åŒã˜APIを使用ã™ã‚‹ã“ã¨ã«ã¤ã„ã¦ã€‚ユーザーã¯æš—å·åŒ–/復å·åŒ–ã®ãŸã‚ã®AES構造体を区別ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup AES
+ \brief 入力ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æš—å·åŒ–/復å·ã—ã€AES CTRモードを使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_Aes_CounterãŒã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
+ ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã™å‰ã«ã€Aes構造体をwc_AesSetKeyã§åˆæœŸåŒ–ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯å¾©å·ã¨æš—å·åŒ–ã®ä¸¡æ–¹ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚_注:æš—å·åŒ–ã¨å¾©å·ã®ãŸã‚ã®åŒã˜APIを使用ã™ã‚‹ã“ã¨ã«ã¤ã„ã¦ã€‚ユーザーã¯æš—å·åŒ–/復å·ã®ãŸã‚ã®Aes構造体を区別ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return int WolfSSLエラーã¾ãŸã¯æˆåŠŸçŠ¶æ³ã«å¯¾å¿œã™ã‚‹æ•´æ•°å€¤
- \param aes データを復å·åŒ–ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param aes データを復å·ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param out æš—å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æš—å·åŒ–テキストをä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param in æš—å·åŒ–ã•ã‚Œã‚‹ãƒ—レーンテキストをå«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ サイズã¯AES_BLOCK_SIZEã®å€æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。必è¦ãªå ´åˆã¯ãƒ‘ディングã¯è¿½åŠ ã•ã‚Œã¾ã™ã€‚
+ \param in æš—å·åŒ–ã•ã‚Œã‚‹ãƒ—レーンテキストをå«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ サイズã¯AES_BLOCK_SIZEã®å€æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。パディングã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \param sz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
_Example_
\code
Aes enc;
@@ -131,10 +153,15 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ–ロックã®å…¥åŠ›ãƒ–ロックã€INã€OUTPUTブロックã€OUTã§ã™ã€‚æä¾›ã•ã‚ŒãŸAES構造体ã®ã‚­ãƒ¼ã‚’使用ã—ã¾ã™ã€‚ã“ã‚Œã¯ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã™å‰ã«WC_AESSETKEYã§åˆæœŸåŒ–ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚WC_AESSETKEYã¯ã€IVセットãŒNULLã«å‘¼ã³å‡ºã•ã‚ŒãŸã¯ãšã§ã™ã€‚ã“ã‚Œã¯ã€Configure Option WolfSSL_AES_DIRECTãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚__ warning:ã»ã¼ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ECBモードã¯å®‰å…¨æ€§ãŒä½Žã„ã¨è€ƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚å¯èƒ½ãªé™ã‚ŠECB APIを直接使用ã—ãªã„ã§ãã ã•ã„。
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ–ロックinã§ä¸Žãˆã‚‰ã‚ŒãŸå˜ä¸€ã®å¹³æ–‡ãƒ‡ãƒ¼ã‚¿ãƒ–ロックを暗å·åŒ–ã—ã¦å˜ä¸€ã®å‡ºåŠ›ãƒ–ロックoutã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ãã®éš›ã«ã€Aes構造体ã§æä¾›ã•ã‚ŒãŸã®éµã‚’使用ã—ã¾ã™ã€‚éµã¯ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã™å‰ã«wc_AesSetKeyã§åˆæœŸåŒ–ã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ wc_AesSetKeyã¸ã®å…¥åŠ›ivã«ã¯NULLを指定ã—ã¦å‘¼ã³å‡ºã—ã¦ãã ã•ã„。
+ ã“ã‚Œã¯ã€Configure Option WolfSSL_AES_DIRECTãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
+ __ warning:ã»ã¼ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ECBモードã¯å®‰å…¨æ€§ãŒä½Žã„ã¨è€ƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚
+ å¯èƒ½ãªé™ã‚ŠECB APIを直接使用ã—ãªã„ã§ãã ã•ã„。
\return int WolfSSLエラーã¾ãŸã¯æˆåŠŸçŠ¶æ³ã«å¯¾å¿œã™ã‚‹æ•´æ•°å€¤
- \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param out æš—å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æš—å·åŒ–テキストをä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
@@ -151,11 +178,14 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ–ロックã®1ブロック復å·åŒ–ã€INã€INã€OUTPUT OUTã§ã™ã€‚æä¾›ã•ã‚ŒãŸAES構造体ã®ã‚­ãƒ¼ã‚’使用ã—ã¾ã™ã€‚ã“ã‚Œã¯ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã™å‰ã«WC_AESSETKEYã§åˆæœŸåŒ–ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚WC_AESSETKEYã¯ã€IVセットãŒNULLã«å‘¼ã³å‡ºã•ã‚ŒãŸã¯ãšã§ã™ã€‚ã“ã‚Œã¯ã€Configure Option WolfSSL_AES_DIRECTãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚__ warning:ã»ã¼ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ECBモードã¯å®‰å…¨æ€§ãŒä½Žã„ã¨è€ƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚å¯èƒ½ãªé™ã‚ŠECB APIを直接使用ã—ãªã„ã§ãã ã•ã„。
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ–ロックinã§ä¸Žãˆã‚‰ã‚ŒãŸå˜ä¸€ã®æš—å·ãƒ‡ãƒ¼ã‚¿ãƒ–ロックを復å·ã—ã¦å˜ä¸€ã®å‡ºåŠ›ãƒ–ロックoutã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ æä¾›ã•ã‚ŒãŸAes構造体ã®éµã‚’使用ã—ã¾ã™ã€‚Aes構造体ã¯ã€ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã™å‰ã«wc_AesSetKeyã§åˆæœŸåŒ–ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚wc_AesSetKeyã¯ã€ivãŒNULLã§å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã‚Œã¯ã€Configure Option WOLFSSL_AES_DIRECTãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
+ __ warning:ã»ã¼ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ECBモードã¯å®‰å…¨æ€§ãŒä½Žã„ã¨è€ƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚å¯èƒ½ãªé™ã‚ŠECB APIを直接使用ã—ãªã„ã§ãã ã•ã„。
\return int WolfSSLエラーã¾ãŸã¯æˆåŠŸçŠ¶æ³ã«å¯¾å¿œã™ã‚‹æ•´æ•°å€¤
- \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param out 復å·åŒ–ã•ã‚ŒãŸæš—å·ãƒ†ã‚­ã‚¹ãƒˆã®ãƒ—レーンテキストを格ç´ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param aes データã®å¾©å·ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param out 復å·ã•ã‚ŒãŸå¹³æ–‡ãƒ†ã‚­ã‚¹ãƒˆã‚’æ ¼ç´ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
Aes dec;
@@ -171,14 +201,23 @@ int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€CTRモードã®AESキーをAESã§è¨­å®šã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚指定ã•ã‚ŒãŸã‚­ãƒ¼ã€IV(åˆæœŸåŒ–ベクトル)ã€ãŠã‚ˆã³æš—å·åŒ–DIR(方å‘)ã§AESオブジェクトをåˆæœŸåŒ–ã—ã¾ã™ã€‚構æˆã‚ªãƒ—ションwolfssl_aes_directãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚ç¾åœ¨WC_AessetKeyDirectã¯å†…部的ã«WC_AESSETKEYを使用ã—ã¾ã™ã€‚__ warning:ã»ã¼ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ECBモードã¯å®‰å…¨æ€§ãŒä½Žã„ã¨è€ƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚å¯èƒ½ãªé™ã‚ŠECB APIを直接使用ã—ãªã„ã§ãã ã•ã„
- \return 0 キーã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸã€‚
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€CTRモードã®AESéµã‚’AESã§è¨­å®šã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 指定ã•ã‚ŒãŸéµã€iv(åˆæœŸåŒ–ベクトル)ã€ãŠã‚ˆã³æš—å·åŒ–dir(方å‘)ã§AESオブジェクトをåˆæœŸåŒ–ã—ã¾ã™ã€‚
+ 構æˆã‚ªãƒ—ションWOLFSSL_AES_DIRECTãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
+ wc_AesEncryptDirectã¨wc_AesDecryptDirectを呼ã³å‡ºã™éš›ã®Aes構造体ã®åˆæœŸåŒ–ã«ã¯ã“ã®é–¢æ•°ã‚’使ã†å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ç¾åœ¨wc_AesSetKeyDirectã¯å†…部的ã«wc_AesSetKeyを使用ã—ã¾ã™ã€‚
+ __ warning:ã»ã¼ã™ã¹ã¦ã®ãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã§ECBモードã¯å®‰å…¨æ€§ãŒä½Žã„ã¨è€ƒãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚
+ å¯èƒ½ãªé™ã‚ŠECB APIを直接使用ã—ãªã„ã§ãã ã•ã„
+ \return 0 éµã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸã‚­ãƒ¼ãŒç„¡åŠ¹ãªé•·ã•ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param key æš—å·åŒ–ã¨å¾©å·åŒ–ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
- \param len 渡ã•ã‚ŒãŸã‚­ãƒ¼ã®é•·ã•
- \param iv キーをåˆæœŸåŒ–ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹åˆæœŸåŒ–ベクトル
+ \param key æš—å·åŒ–ã¨å¾©å·ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
+ \param len 渡ã•ã‚ŒãŸéµã®é•·ã•
+ \param iv éµã‚’åˆæœŸåŒ–ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹åˆæœŸåŒ–ベクトル
+ \param dir æš—å·åŒ–ã®æ–¹å‘を指定ã—ã¾ã™ã€‚wc_AesEncryptDirectã«ä½¿ç”¨ã™ã‚‹éš›ã«ã¯AES_ENCRYPTIONã€wc_AesDecryptDirectã«ã¯AES_DECRYPTIONを指定ã—ã¾ã™ã€‚
+ (注æ„: wc_AesSetKeyDirect ã‚’Aesカウンターモードã«ä½¿ç”¨ã™ã‚‹éš›ã«ã¯æš—å·åŒ–/復å·ã«ã‚ˆã‚‰ãšã€AES_ENCRYPTIONを指定ã—ã¦ãã ã•ã„。)
+
_Example_
\code
Aes enc;
@@ -198,12 +237,13 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
/*!
- \ingroup AES
- \brief ã“ã®æ©Ÿèƒ½ã¯ã€AES GCM(Galois / Counter Mode)ã®ã‚­ãƒ¼ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚与ãˆã‚‰ã‚ŒãŸã‚­ãƒ¼ã§AESオブジェクトをåˆæœŸåŒ–ã—ã¾ã™ã€‚コンパイル時ã«Configureオプションhous_aesgcmãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
- \return 0 キーã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸã‚­ãƒ¼ãŒç„¡åŠ¹ãªé•·ã•ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param key æš—å·åŒ–ã¨å¾©å·åŒ–ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
+ \ingroup AES
+ \brief ã“ã®æ©Ÿèƒ½ã¯ã€AES GCM(Galois/Counter Mode)ã®éµã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 与ãˆã‚‰ã‚ŒãŸkeyã§Aes構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚コンパイル時ã«ConfigureオプションHAVE_AESGCMãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã«ã®ã¿æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
+ \return 0 éµã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸã€‚
+ \return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸkeyãŒç„¡åŠ¹ãªé•·ã•ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key æš—å·åŒ–ã¨å¾©å·ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
_Example_
\code
Aes enc;
@@ -219,12 +259,13 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’ãƒãƒƒãƒ•ã‚¡INã«ä¿æŒã—ã€çµæžœã®æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’出力ãƒãƒƒãƒ•ã‚¡OUTã«æ ¼ç´ã—ã¾ã™ã€‚æš—å·åŒ–ã™ã‚‹å‘¼ã³å‡ºã—ã”ã¨ã«æ–°ã—ã„IV(åˆæœŸåŒ–ベクトル)ãŒå¿…è¦ã§ã™ã€‚ã¾ãŸã€å…¥åŠ›èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã€Authinã€AuthTagã¸ã®å…¥åŠ›èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã‚’エンコードã—ã¾ã™ã€‚
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒãƒƒãƒ•ã‚¡inã«æ ¼ç´ã•ã‚Œã¦ã„る平文メッセージを暗å·åŒ–ã—çµæžœã‚’出力ãƒãƒƒãƒ•ã‚¡outã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ æš—å·åŒ–ã™ã‚‹å‘¼ã³å‡ºã—ã”ã¨ã«æ–°ã—ã„iv(åˆæœŸåŒ–ベクトル)ãŒå¿…è¦ã§ã™ã€‚ã¾ãŸã€å…¥åŠ›èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã€authInã€authTagã¸ã®å…¥åŠ›èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã‚’エンコードã—ã¾ã™ã€‚
\return 0 入力メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ã¾ã—ãŸ
- \param aes - データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param in æš—å·åŒ–ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’ä¿æŒã—ã¦ã„る入力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡inã®ã‚µã‚¤ã‚º(sz)ã¨åŒã˜ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \param in æš—å·åŒ–ã™ã‚‹å¹³æ–‡ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’ä¿æŒã—ã¦ã„る入力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚サイズã¯AES_BLOCK_SIZEã®å€æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。パディングã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\param sz æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®é•·ã•
\param iv åˆæœŸåŒ–ベクトルをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param ivSz åˆæœŸåŒ–ベクトルã®é•·ã•
@@ -257,14 +298,15 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
const byte* authIn, word32 authInSz);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡INã«ä¿æŒã—ã€çµæžœã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãƒ†ã‚­ã‚¹ãƒˆã‚’出力ãƒãƒƒãƒ•ã‚¡OUTã«æ ¼ç´ã—ã¾ã™ã€‚ã¾ãŸã€æŒ‡å®šã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ã€authtagã«å¯¾ã—ã¦ã€å…¥åŠ›èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã€Authinã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚
- \return 0 入力メッセージã®å¾©å·åŒ–ã«æˆåŠŸã—ã¾ã—ãŸ
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒãƒƒãƒ•ã‚¡inã§ä¸Žãˆã‚‰ã‚ŒãŸå…¥åŠ›æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’復å·ã—ã€çµæžœã‚’出力ãƒãƒƒãƒ•ã‚¡outã«æ ¼ç´ã—ã¾ã™ã€‚
+ ã¾ãŸã€æŒ‡å®šã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ã€authTagã«å¯¾ã—ã¦ã€å…¥åŠ›èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã€authInã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚
+ \return 0 入力メッセージã®å¾©å·ã«æˆåŠŸã—ã¾ã—ãŸ
\return AES_GCM_AUTH_E èªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚ŒãŸèªè¨¼ã‚³ãƒ¼ãƒ‰ãƒ™ã‚¯ãƒˆãƒ«ã¨ä¸€è‡´ã—ãªã„å ´åˆã€authtag。
- \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param out メッセージテキストをä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param in æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’復å·åŒ–ã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param sz 復å·åŒ–ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆã®é•·ã•
+ \param aes データã®å¾©å·ã«ä½¿ç”¨ã•ã‚Œã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param out メッセージテキストをä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚サイズã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡inã®ã‚µã‚¤ã‚º(sz)ã¨åŒã˜ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+ \param in æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚サイズã¯AES_BLOCK_SIZEã®å€æ•°ã§ãªã‘ã‚Œã°ãªã‚‰ãªã„。
+ \param sz 復å·ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆã®é•·ã•
\param iv åˆæœŸåŒ–ベクトルをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param ivSz åˆæœŸåŒ–ベクトルã®é•·ã•
\param authTag èªè¨¼ã‚¿ã‚°ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
@@ -296,11 +338,11 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
const byte* authIn, word32 authInSz);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€GAROISメッセージèªè¨¼ã«ä½¿ç”¨ã•ã‚Œã‚‹GMACオブジェクトã®ã‚­ãƒ¼ã‚’åˆæœŸåŒ–ã—ã¦è¨­å®šã—ã¾ã™ã€‚
- \return 0 キーã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸ
- \return BAD_FUNC_ARG キーã®é•·ã•ãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param gmac èªè¨¼ã«ä½¿ç”¨ã•ã‚Œã‚‹GMACオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€GAROISメッセージèªè¨¼ã«ä½¿ç”¨ã•ã‚Œã‚‹Gmac構造体ã®éµã‚’åˆæœŸåŒ–ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ \return 0 éµã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸ
+ \return BAD_FUNC_ARG 引数keyã®é•·ã•ãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \param gmac èªè¨¼ã«ä½¿ç”¨ã•ã‚Œã‚‹Gmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param key èªè¨¼ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
_Example_
\code
@@ -313,10 +355,11 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯Authin Inputã®GMACãƒãƒƒã‚·ãƒ¥ã‚’生æˆã—ã€çµæžœã‚’Authtagãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚wc_gmacupdateを実行ã—ãŸå¾Œã€ç”Ÿæˆã•ã‚ŒãŸauthtagを既知ã®èªè¨¼ã‚¿ã‚°ã«æ¯”較ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ä¿¡é ¼æ€§ã‚’検証ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯authIn Inputã®GMACãƒãƒƒã‚·ãƒ¥ã‚’生æˆã—ã€çµæžœã‚’authTagãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚
+ wc_GmacUpdateを実行ã—ãŸå¾Œã€ç”Ÿæˆã•ã‚ŒãŸauthTagを既知ã®èªè¨¼ã‚¿ã‚°ã«æ¯”較ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ä¿¡é ¼æ€§ã‚’検証ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 GMACãƒãƒƒã‚·ãƒ¥ã®è¨ˆç®—ã«æˆåŠŸã—ã¾ã—ãŸã€‚
- \param gmac èªè¨¼ã«ä½¿ç”¨ã•ã‚Œã‚‹GMACオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param gmac èªè¨¼ã«ä½¿ç”¨ã•ã‚Œã‚‹Gmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param iv ãƒãƒƒã‚·ãƒ¥ã«ä½¿ç”¨ã•ã‚Œã‚‹åˆæœŸåŒ–ベクトル
\param ivSz 使用ã•ã‚Œã‚‹åˆæœŸåŒ–ベクトルã®ã‚µã‚¤ã‚º
\param authIn 確èªã™ã‚‹èªè¨¼ãƒ™ã‚¯ãƒˆãƒ«ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
@@ -342,11 +385,11 @@ int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€CCMを使用ã—ã¦AESオブジェクトã®ã‚­ãƒ¼ã‚’設定ã—ã¾ã™ï¼ˆCBC-MACã®ã‚«ã‚¦ãƒ³ã‚¿ï¼‰ã€‚AES構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’å–ã‚Šã€ä»˜å±žã®ã‚­ãƒ¼ã§åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return none
- \param aes 付属ã®ã‚­ãƒ¼ã‚’ä¿ç®¡ã™ã‚‹ãŸã‚ã®AES構造
- \param key æš—å·åŒ–ã¨å¾©å·åŒ–ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€CCMを使用ã—ã¦AESオブジェクトã®éµã‚’設定ã—ã¾ã™ï¼ˆCBC-MACã®ã‚«ã‚¦ãƒ³ã‚¿ï¼‰ã€‚Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’å–ã‚Šã€å¼•æ•°ã§ä¸Žãˆã‚‰ã‚ŒãŸkeyã§åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return none
+ \param aes 引数keyã‚’ä¿ç®¡ã™ã‚‹ãŸã‚ã®Aes構造体
+ \param key æš—å·åŒ–ã¨å¾©å·ã®ãŸã‚ã®16,24ã€ã¾ãŸã¯32ãƒã‚¤ãƒˆã®ç§˜å¯†éµ
_Example_
\code
Aes enc;
@@ -360,10 +403,11 @@ int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€CCMを使用ã—ã¦ã€å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã€INã€OUTã€OUTã€OUTã‚’CCM(CBC-MACã®ã‚«ã‚¦ãƒ³ã‚¿ï¼‰ã‚’æš—å·åŒ–ã—ã¾ã™ã€‚ãã®å¾Œã€Authin Inputã‹ã‚‰èªè¨¼ã‚¿ã‚°ã€AuthtAgを計算ã—ã¦æ ¼ç´ã—ã¾ã™ã€‚
- \return none
- \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€CCMを使用ã—ã¦ã€å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã€INã€OUTã€OUTã€OUTã‚’CCM(CBC-MACã®ã‚«ã‚¦ãƒ³ã‚¿ï¼‰ã‚’æš—å·åŒ–ã—ã¾ã™ã€‚
+ ãã®å¾Œã€Authin Inputã‹ã‚‰èªè¨¼ã‚¿ã‚°ã€AuthtAgを計算ã—ã¦æ ¼ç´ã—ã¾ã™ã€‚
+ \return none
+ \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param in æš—å·åŒ–ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’ä¿æŒã—ã¦ã„る入力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param sz æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®é•·ã•
@@ -397,14 +441,14 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out,
const byte* authIn, word32 authInSz);
/*!
- \ingroup AES
- \brief ã“ã®é–¢æ•°ã¯ã€CCMを使用ã—ã¦ã€å…¥åŠ›æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ã€CCM(CBC-MACã®ã‚«ã‚¦ãƒ³ã‚¿ï¼‰ã‚’使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å¾©å·åŒ–ã—ã¾ã™ã€‚ãã®å¾Œã€Authin Inputã‹ã‚‰AuthatAgã€AuthatAgを計算ã—ã¾ã™ã€‚許å¯ã‚¿ã‚°ãŒç„¡åŠ¹ãªå ´åˆã¯ã€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã‚’ゼロã«è¨­å®šã—ã€AES_CCM_AUTH_Eã‚’è¿”ã—ã¾ã™ã€‚
- \return 0 入力メッセージã®å¾©å·åŒ–ã«æˆåŠŸã—ã¾ã—ãŸ
- \return AES_CCM_AUTH_E èªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚ŒãŸèªè¨¼ã‚³ãƒ¼ãƒ‰ãƒ™ã‚¯ãƒˆãƒ«ã¨ä¸€è‡´ã—ãªã„å ´åˆã€authtag。
- \param aes データã®æš—å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹AESオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿å­˜ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param in æš—å·åŒ–ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’ä¿æŒã—ã¦ã„る入力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param sz 入力暗å·ãƒ†ã‚­ã‚¹ãƒˆã®å¾©å·åŒ–
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€CCMを使用ã—ã¦ã€å…¥åŠ›æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ã€CCM(CBC-MACã®ã‚«ã‚¦ãƒ³ã‚¿ï¼‰ã‚’使用ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«å¾©å·ã—ã¾ã™ã€‚ãã®å¾Œã€authIn入力ã‹ã‚‰authTagを計算ã—ã¾ã™ã€‚èªè¨¼ã‚¿ã‚°ãŒç„¡åŠ¹ãªå ´åˆã¯ã€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã‚’ゼロã«è¨­å®šã—ã€AES_CCM_AUTH_Eã‚’è¿”ã—ã¾ã™ã€‚
+ \return 0 入力メッセージã®å¾©å·ã«æˆåŠŸã—ã¾ã—ãŸ
+ \return AES_CCM_AUTH_E èªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚ŒãŸèªè¨¼ã‚³ãƒ¼ãƒ‰ãƒ™ã‚¯ãƒˆãƒ«ã¨ä¸€è‡´ã—ãªã„å ´åˆ
+ \param aes データã®å¾©å·ã«ä½¿ç”¨ã•ã‚Œã‚‹Aes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param out 復å·ã—ãŸãƒ†ã‚­ã‚¹ãƒˆã‚’出力ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param in 復å·ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’ä¿æŒã—ã¦ã„る入力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param sz 入力暗å·ãƒ†ã‚­ã‚¹ãƒˆã®ã‚µã‚¤ã‚º
\param nonce nonceã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ï¼ˆ1回ã ã‘使用ã•ã‚Œã¦ã„る数)
\param nonceSz ノンスã®é•·ã•
\param authTag èªè¨¼ã‚¿ã‚°ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
@@ -438,14 +482,14 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
const byte* authIn, word32 authInSz);
/*!
- \ingroup AES
- \brief ã“ã‚Œã¯ã€æš—å·åŒ–ã¾ãŸã¯å¾©å·åŒ–タイプを修正ã™ã‚‹ãŸã‚ã®ã‚­ãƒ¼ã®è¨­å®šã‚’支æ´ã™ã‚‹ã“ã¨ã§ã™ã€‚完了ã—ãŸã‚‰ã€AESキーã§WC_AESXTSFREEを呼ã³å‡ºã™ã“ã¨ãŒãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãªã‚Šã¾ã—ãŸã€‚
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯ã€AES XTSモードを使用ã™ã‚‹æš—å·åŒ–ã¾ãŸã¯å¾©å·ã§ä½¿ç”¨ã™ã‚‹éµã®è¨­å®šã«ä½¿ç”¨ã—ã¾ã™ã€‚完了ã—ãŸã‚‰ã€AESキーã§wc_AesXtsFreeを呼ã³å‡ºã™ã“ã¨ãŒãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ãªã‚Šã¾ã—ãŸã€‚
\return 0 æˆåŠŸ
- \param aes ENCRYPT /復å·åŒ–プロセスã®ãŸã‚ã®AESキー
- \param key AESキーをä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼| ..Tweak Key
- \param len キーãƒãƒƒãƒ•ã‚¡ã®ãƒã‚¤ãƒˆæ•°ã®é•·ã•ã€‚キーサイズã®2å€ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã™ãªã‚ã¡ã€16ãƒã‚¤ãƒˆã®ã‚­ãƒ¼ã«ã¤ã„ã¦ã€‚
- \param dir æ–¹å‘ã€AES_Encryptionã¾ãŸã¯AES_Decryptionã®ã„ãšã‚Œã‹
- \param heap メモリã«ä½¿ç”¨ã™ã‚‹ãƒ’ントヒント。nullã«ãªã‚‹ã“ã¨ãŒã§ãã¾ã™
+ \param aes æš—å·åŒ–ã¾ãŸã¯å¾©å·å‡¦ç†ã«ä½¿ç”¨ã™ã‚‹XtsAes構造体
+ \param key 補正値(Tewak)を加味ã—ãŸAESéµã‚’ä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡
+ \param len éµãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚éµã‚µã‚¤ã‚ºã®2å€ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚(ã™ãªã‚ã¡ã€16ãƒã‚¤ãƒˆã®éµã®å ´åˆã¯32)
+ \param dir 処ç†æ–¹å‘ã€AES_Encryptionã¾ãŸã¯AES_Decryptionã®ã„ãšã‚Œã‹ã‚’指定ã—ã¾ã™ã€‚
+ \param heap メモリã«ä½¿ç”¨ã™ã‚‹ãƒ’ープヒント。NULLを設定ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚
_Example_
\code
XtsAes aes;
@@ -464,13 +508,13 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
word32 len, int dir, void* heap, int devId);
/*!
- \ingroup AES
- \brief WC_AESXTSENCRYPTã¨åŒã˜ãƒ—ロセスã§ã™ãŒã€ãƒã‚¤ãƒˆé…列ã®ä»£ã‚ã‚Šã«Tweak値ã¨ã—ã¦Word64型を使用ã—ã¾ã™ã€‚ã“ã‚Œã¯ã€Word64ã‚’ãƒã‚¤ãƒˆé…列ã«å¤‰æ›ã—ã€WC_AESXTSENCRYPTを呼ã³å‡ºã—ã¾ã™ã€‚
+ \ingroup AES
+ \brief wc_AesXtsEncryptã¨åŒã˜å‡¦ç†ã‚’è¡Œã„ã¾ã™ãŒã€ãƒã‚¤ãƒˆé…列ã®ä»£ã‚ã‚Šã«Tweak値ã¨ã—ã¦word64型を使用ã—ã¾ã™ã€‚本関数ã§word64ã‚’ãƒã‚¤ãƒˆé…列ã«å¤‰æ›ã—ã€wc_AesXtsEncryptを呼ã³å‡ºã—ã¾ã™ã€‚
\return 0 æˆåŠŸ
- \param aes ブロック暗å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹AESキー
+ \param aes ブロック暗å·åŒ–/復å·ã«ä½¿ç”¨ã™ã‚‹XtsAes構造体
\param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡
\param in æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒ—レーンテキストãƒãƒƒãƒ•ã‚¡
- \param sz 両方ã¨ã‚‚ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param sz ãƒãƒƒãƒ•ã‚¡ï¼ˆin, out両方)ã®ã‚µã‚¤ã‚º
_Example_
\code
XtsAes aes;
@@ -495,13 +539,13 @@ int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
/*!
- \ingroup AES
- \brief WC_AESXTSDECRYPTã¨åŒã˜ãƒ—ロセスã§ã¯ãªãã€BYTEé…列ã®ä»£ã‚ã‚Šã«Word64タイプを使用ã—ã¾ã™ã€‚ã“ã‚Œã¯Word64ã‚’ãƒã‚¤ãƒˆé…列ã«å¤‰æ›ã™ã‚‹ã ã‘ã§ã™ã€‚
+ \ingroup AES
+ \brief wc_AesXtsDecryptã¨åŒã˜å‡¦ç†ã‚’è¡Œã„ã¾ã™ãŒã€ãƒã‚¤ãƒˆé…列ã®ä»£ã‚ã‚Šã«Tweak値ã¨ã—ã¦word64タイプを使用ã—ã¾ã™ã€‚本関数ã§word64ã‚’ãƒã‚¤ãƒˆé…列ã«å¤‰æ›ã™ã‚‹ã ã‘ã§ã™ã€‚
\return 0 æˆåŠŸ
- \param aes ブロック暗å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹AESキー
+ \param aes ブロック暗å·åŒ–/復å·ã«ä½¿ç”¨ã™ã‚‹XtsAes構造体
\param out プレーンテキストをä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡
- \param in 復å·åŒ–ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆãƒãƒƒãƒ•ã‚¡ãƒ¼ã‚’入力ã—ã¾ã™
- \param sz 両方ã¨ã‚‚ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param in 復å·ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆãƒãƒƒãƒ•ã‚¡
+ \param sz ãƒãƒƒãƒ•ã‚¡ï¼ˆin, out両方)ã®ã‚µã‚¤ã‚º
_Example_
\code
XtsAes aes;
@@ -526,13 +570,13 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
const byte* in, word32 sz, word64 sector);
/*!
- \ingroup AES
- \brief XTSモードã®ã‚ã‚‹AES。(XTS)XEXæš—å·åŒ–ã¨æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ç›—ã‚“ã æš—å·åŒ–。
+ \ingroup AES
+ \brief AES XTSモードã§æš—å·åŒ–ã—ã¾ã™ã€‚(XTS)XEXæš—å·åŒ–ã¨å¹³æ–‡ãŒãƒ–ロック長ã®å€æ•°ã§ãªã„å ´åˆã®å‡¦ç†(Ciphertext Stealing)ã‚’è¡Œã„ã¾ã™ã€‚
\return 0 æˆåŠŸ
- \param aes ブロック暗å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹AESキー
+ \param aes ブロック暗å·åŒ–/復å·ã«ä½¿ç”¨ã™ã‚‹XtsAes構造体
\param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡
- \param in æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒ—レーンテキストãƒãƒƒãƒ•ã‚¡
- \param sz 両方ã¨ã‚‚ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param in æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒ—レーンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡
+ \param sz ãƒãƒƒãƒ•ã‚¡ï¼ˆin, out両方)ã®ã‚µã‚¤ã‚º
\param i Tweakã«ä½¿ç”¨ã™ã‚‹å€¤
_Example_
\code
@@ -557,13 +601,13 @@ int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
- \ingroup AES
- \brief æš—å·åŒ–ã¨åŒã˜ãƒ—ロセスã§ã™ãŒã€AESキーã¯AES_Decryptionタイプã§ã™ã€‚
+ \ingroup AES
+ \brief æš—å·åŒ–ã¨åŒã˜ãƒ—ロセスã§ã™ãŒã€XtsAes構造体ã¯AES_Decryptionタイプã§ã™ã€‚
\return 0 æˆåŠŸ
- \param aes ブロック暗å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹AESキー
+ \param aes ブロック暗å·åŒ–/復å·ã«ä½¿ç”¨ã™ã‚‹XtsAes構造体
\param out プレーンテキストをä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡
- \param in 復å·åŒ–ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆãƒãƒƒãƒ•ã‚¡ãƒ¼ã‚’入力ã—ã¾ã™
- \param sz 両方ã¨ã‚‚ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param in 復å·ã™ã‚‹æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡
+ \param sz ãƒãƒƒãƒ•ã‚¡ï¼ˆin, out両方)ã®ã‚µã‚¤ã‚º
\param i Tweakã«ä½¿ç”¨ã™ã‚‹å€¤
_Example_
\code
@@ -588,8 +632,8 @@ int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
/*!
- \ingroup AES
- \brief ã“ã‚Œã¯XTSAES構造ã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã‚‹ã™ã¹ã¦ã®ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã™ã‚‹ã“ã¨ã§ã™
+ \ingroup AES
+ \brief ã“ã®é–¢æ•°ã¯XtsAes構造体ã§ä½¿ç”¨ã•ã‚Œã‚‹ã™ã¹ã¦ã®ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã—ã¾ã™ã€‚
\return 0 æˆåŠŸ
_Example_
\code
@@ -609,11 +653,11 @@ int wc_AesXtsFree(XtsAes* aes);
/*!
- \ingroup AES
+ \ingroup AES
\brief Aes構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚ヒープヒントを設定ã—ã€ASYNCãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã‚’使用ã™ã‚‹å ´åˆã®IDも設定ã—ã¾ã™ã€‚Aes構造体ã®ä½¿ç”¨ãŒçµ‚了ã—ãŸéš›ã«wc_AesFreeを呼ã³å‡ºã™ã®ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ä»»ã•ã‚Œã¦ã„ã¾ã™ã€‚
\return 0 æˆåŠŸ
- \param aes åˆæœŸåŒ–ã«ã¯AES構造
- \param heap å¿…è¦ã«å¿œã˜ã¦malloc / freeã«ä½¿ç”¨ã™ã‚‹ãƒ’ントヒント
+ \param aes åˆæœŸåŒ–対象ã®Aes構造体
+ \param heap å¿…è¦ã«å¿œã˜ã¦malloc / freeã«ä½¿ç”¨ã™ã‚‹ãƒ’ープヒント
_Example_
\code
Aes enc;
@@ -631,10 +675,10 @@ int wc_AesInit(Aes* aes, void* heap, int devId);
/*!
\ingroup AES
- \brief Aes構造体ã«é–¢é€£ã¤ã‘られãŸãƒªã‚½ãƒ¼ã‚¹ã‚’å¯èƒ½ãªã‚‰è§£æ”¾ã™ã‚‹ã€‚
+ \brief Aes構造体ã«é–¢é€£ã¤ã‘られãŸãƒªã‚½ãƒ¼ã‚¹ã‚’å¯èƒ½ãªã‚‰è§£æ”¾ã—ã¾ã™ã€‚
内部的ã«ã¯ãƒŽãƒ¼ã‚ªãƒšãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã¨ãªã‚‹ã“ã¨ã‚‚ã‚ã‚Šã¾ã™ãŒã€ãƒ™ã‚¹ãƒˆãƒ—ラクティスã¨ã—ã¦ã©ã®ã‚±ãƒ¼ã‚¹ã§ã‚‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™ã“ã¨ã‚’推奨ã—ã¾ã™ã€‚
\return 戻り値ãªã—
- \param aes Freeã™ã¹ãAes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
+ \param aes Freeã™ã¹ãAes構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
Aes enc;
@@ -650,11 +694,11 @@ int wc_AesInit(Aes* aes, void* heap, int devId);
int wc_AesFree(Aes* aes);
/*!
- \ingroup AES
- \brief CFBモードをæŒã¤AES。
- \return 0 失敗時ã®æˆåŠŸã¨å¦å®šçš„ãªã‚¨ãƒ©ãƒ¼å€¤
- \param aes ブロック暗å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹AESキー
- \param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¯ã€å°‘ãªãã¨ã‚‚InpectBufferã¨åŒã˜ãらã„大ãã„å¿…è¦ãŒã‚ã‚Šã¾ã™ï¼‰
+ \ingroup AES
+ \brief AES CFBモードã§æš—å·åŒ–ã‚’è¡Œã„ã¾ã™ã€‚
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã‚Šã¾ã™ã€‚失敗時ã«ã¯è² å€¤ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param aes ブロック暗å·åŒ–/復å·ã«ä½¿ç”¨ã™ã‚‹Aes構造体
+ \param out æš—å·ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¯ã€å°‘ãªãã¨ã‚‚入力プレーンテキストãƒãƒƒãƒ•ã‚¡ã¨åŒã˜ã‚µã‚¤ã‚ºãŒå¿…è¦ã§ã™ã€‚
\param in æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒ—レーンテキストãƒãƒƒãƒ•ã‚¡
_Example_
\code
@@ -675,12 +719,12 @@ int wc_AesFree(Aes* aes);
int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
/*!
- \ingroup AES
- \brief CFBモードをæŒã¤AES。
- \return 0 失敗時ã®æˆåŠŸã¨å¦å®šçš„ãªã‚¨ãƒ©ãƒ¼å€¤
- \param aes ブロック暗å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹AESキー
- \param out 復å·åŒ–ã•ã‚ŒãŸãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¯ã€å°‘ãªãã¨ã‚‚inputBufferã¨åŒã˜å¤§ãã•ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“)
- \param in 復å·åŒ–ã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡
+ \ingroup AES
+ \brief AES CFBモードã§å¾©å·ã‚’è¡Œã„ã¾ã™ã€‚
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã‚Šã¾ã™ã€‚失敗時ã«ã¯è² å€¤ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param aes ブロック暗å·åŒ–/復å·ã«ä½¿ç”¨ã™ã‚‹Aes構造体
+ \param out 復å·ã•ã‚ŒãŸãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¯ã€å°‘ãªãã¨ã‚‚入力ãƒãƒƒãƒ•ã‚¡ã¨åŒã˜ã‚µã‚¤ã‚ºãŒå¿…è¦ã§ã™ã€‚
+ \param in 復å·ã™ã‚‹æš—å·ãƒ‡ãƒ¼ã‚¿ã‚’ä¿æŒã—ãŸå…¥åŠ›ãƒãƒƒãƒ•ã‚¡
_Example_
\code
Aes aes;
@@ -700,17 +744,17 @@ int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
/*!
- \ingroup AES
+ \ingroup AES
\brief ã“ã®é–¢æ•°ã¯ã€RFC 5297ã«è¨˜è¼‰ã•ã‚Œã¦ã„るよã†ã«SIV(åˆæˆåˆæœŸåŒ–ベクトル)暗å·åŒ–を実行ã—ã¾ã™ã€‚
\return 0 æš—å·åŒ–ã«æˆåŠŸã—ãŸå ´åˆ
- \return BAD_FUNC_ARG キーã€SIVã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒNULLã®å ´åˆã€‚キーサイズãŒ32,48ã€ã¾ãŸã¯64ãƒã‚¤ãƒˆã®å ´åˆã«ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
- \return Other AESã¾ãŸã¯CMACæ“作ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã‚‹ãã®ä»–ã®è² ã®ã‚¨ãƒ©ãƒ¼å€¤ã€‚
+ \return BAD_FUNC_ARG éµã€SIVã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒNULLã®å ´åˆã€‚éµã‚µã‚¤ã‚ºãŒ32,48ã€ã¾ãŸã¯64ãƒã‚¤ãƒˆã®å ´åˆã«ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
+ \return Other ãã®ä»–ã®è² ã®ã‚¨ãƒ©ãƒ¼å€¤ã€‚AESã¾ãŸã¯CMACæ“作ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param key 使用ã™ã‚‹éµã‚’å«ã‚€ãƒã‚¤ãƒˆãƒãƒƒãƒ•ã‚¡ã€‚
- \param keySz キーãƒãƒƒãƒ•ã‚¡ã®é•·ã•ï¼ˆãƒã‚¤ãƒˆå˜ä½ï¼‰ã€‚
+ \param keySz éµãƒãƒƒãƒ•ã‚¡ã®é•·ã•ï¼ˆãƒã‚¤ãƒˆå˜ä½ï¼‰ã€‚
\param assoc 追加ã®èªè¨¼ã•ã‚ŒãŸé–¢é€£ãƒ‡ãƒ¼ã‚¿ï¼ˆAD)。
\param assocSz ADãƒãƒƒãƒ•ã‚¡ã®ãƒã‚¤ãƒˆæ•°
- \param nonce 一度使用ã•ã‚Œã‚‹æ•°ã€‚ADã¨åŒã˜æ–¹æ³•ã§ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \param nonceSz ãƒã‚¤ãƒˆå˜ä½ã®NOCEãƒãƒƒãƒ•ã‚¡ã®é•·ã•ã€‚
+ \param nonce ナンス(一度ã ã‘使用ã•ã‚Œã‚‹å€¤ï¼‰ã€‚ADã¨åŒã˜æ–¹æ³•ã§ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \param nonceSz ãƒã‚¤ãƒˆå˜ä½ã®ãƒŠãƒ³ã‚¹ãƒãƒƒãƒ•ã‚¡ã®é•·ã•ã€‚
\param in æš—å·åŒ–ã™ã‚‹å¹³æ–‡ã®ãƒãƒƒãƒ•ã‚¡ã€‚
\param inSz 平文ãƒãƒƒãƒ•ã‚¡ã®é•·ã•
\param siv S2Vã«ã‚ˆã‚‹SIV出力(RFC 5297 2.4å‚照)。
@@ -736,19 +780,19 @@ int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
const byte* in, word32 inSz, byte* siv, byte* out);
/*!
- \ingroup AES
- \brief ã“ã®æ©Ÿèƒ½ã¯ã€RFC 5297ã«è¨˜è¼‰ã•ã‚Œã¦ã„るよã†ã«SIV(åˆæˆåˆæœŸåŒ–ベクトル)復å·åŒ–を実行ã™ã‚‹ã€‚
- \return 0 復å·åŒ–ã«æˆåŠŸã—ãŸå ´åˆ
- \return BAD_FUNC_ARG キーã€SIVã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒNULLã®å ´åˆã€‚キーサイズãŒ32,48ã€ã¾ãŸã¯64ãƒã‚¤ãƒˆã®å ´åˆã«ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup AES
+ \brief ã“ã®æ©Ÿèƒ½ã¯ã€RFC 5297ã«è¨˜è¼‰ã•ã‚Œã¦ã„るよã†ã«SIV(åˆæˆåˆæœŸåŒ–ベクトル)復å·ã‚’実行ã—ã¾ã™
+ \return 0 復å·ã«æˆåŠŸã—ãŸå ´åˆ
+ \return BAD_FUNC_ARG éµã€SIVã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒNULLã®å ´åˆã€‚キーサイズãŒ32,48ã€ã¾ãŸã¯64ãƒã‚¤ãƒˆã®å ´åˆã«ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
\return AES_SIV_AUTH_E S2Vã«ã‚ˆã£ã¦æ´¾ç”Ÿã—ãŸSIVãŒå…¥åŠ›SIVã¨ä¸€è‡´ã—ãªã„å ´åˆï¼ˆRFC 5297 2.7ã‚’å‚照)。
- \return Other AESã¾ãŸã¯CMACæ“作ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã‚‹ãã®ä»–ã®è² ã®ã‚¨ãƒ©ãƒ¼å€¤ã€‚
+ \return Other ãã®ä»–ã®è² ã®ã‚¨ãƒ©ãƒ¼å€¤ã€‚AESã¾ãŸã¯CMACæ“作ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param key 使用ã™ã‚‹éµã‚’å«ã‚€ãƒã‚¤ãƒˆãƒãƒƒãƒ•ã‚¡ã€‚
- \param keySz キーãƒãƒƒãƒ•ã‚¡ã®é•·ã•ï¼ˆãƒã‚¤ãƒˆå˜ä½ï¼‰ã€‚
+ \param keySz éµãƒãƒƒãƒ•ã‚¡ã®é•·ã•ï¼ˆãƒã‚¤ãƒˆå˜ä½ï¼‰ã€‚
\param assoc 追加ã®èªè¨¼ã•ã‚ŒãŸé–¢é€£ãƒ‡ãƒ¼ã‚¿ï¼ˆAD)。
\param assocSz ADãƒãƒƒãƒ•ã‚¡ã®ãƒã‚¤ãƒˆæ•°
- \param nonce 一度使用ã•ã‚Œã‚‹æ•°ã€‚ADã¨åŒã˜æ–¹æ³•ã§ã€åŸºç¤Žã¨ãªã‚‹ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \param nonceSz ãƒã‚¤ãƒˆå˜ä½ã®NOCEãƒãƒƒãƒ•ã‚¡ã®é•·ã•ã€‚
- \param in 復å·åŒ–ã™ã‚‹æš—å·æ–‡ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
+ \param nonce ナンス(一度ã ã‘使用ã•ã‚Œã‚‹å€¤ï¼‰ã€‚ADã¨åŒã˜æ–¹æ³•ã§ã€åŸºç¤Žã¨ãªã‚‹ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \param nonceSz ãƒã‚¤ãƒˆå˜ä½ã®ãƒŠãƒ³ã‚¹ãƒãƒƒãƒ•ã‚¡ã®é•·ã•ã€‚
+ \param in 復å·ã™ã‚‹æš—å·æ–‡ãƒãƒƒãƒ•ã‚¡ã€‚
\param inSz æš—å·æ–‡ãƒãƒƒãƒ•ã‚¡ã®é•·ã•
\param siv æš—å·æ–‡ã«ä»˜éšã™ã‚‹SIV(RFC 5297 2.4ã‚’å‚照)。
_Example_
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h
index 5d3a50dc..164108fe 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h
@@ -1,7 +1,8 @@
/*!
- \ingroup ASN
- \brief ã“ã®é–¢æ•°ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®è¨¼æ˜Žæ›¸ã‚’åˆæœŸåŒ–ã—ã¾ã™ã€‚デフォルトã®ã‚ªãƒ—ション:version = 3(0x2)ã€sigtype = sha_with_rsaã€issuer =空白ã€dayValid = 500ã€selfsigned = 1(true)発行者ã¨ã—ã¦ã®ä»¶å=空白
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \ingroup ASN
+ \brief ã“ã®é–¢æ•°ã¯Cert構造体をデフォルトã®å€¤ã§åˆæœŸåŒ–ã—ã¾ã™ã€‚デフォルトã®ã‚ªãƒ—ション:version = 3(0x2)ã€sigtype = sha_with_rsaã€issuer =空白ã€dayValid = 500ã€selfsigned = 1(true)発行者ã¨ã—ã¦ã®ä»¶å=空白
+ \return æˆåŠŸã—ãŸå ´åˆ0ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
Cert myCert;
@@ -13,17 +14,78 @@
int wc_InitCert(Cert*);
/*!
- \ingroup ASN
- \brief CAç½²å付ã証明書を作æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚被写体情報ãŒå…¥åŠ›ã•ã‚ŒãŸå¾Œã«å‘¼ã³å‡ºã•ã‚Œã¾ã—ãŸã€‚ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸å…¥åŠ›ã‹ã‚‰X509証明書V3 RSAã¾ãŸã¯ECCを作æˆã—ã¾ã™ã€‚ãã®å¾Œã€ã“ã®è¨¼æ˜Žæ›¸ã‚’Derbufferã«æ›¸ãè¾¼ã¿ã¾ã™ã€‚証明書を生æˆã™ã‚‹ãŸã‚ã®RSAKEYã¾ãŸã¯ECCKEYã®ã„ãšã‚Œã‹ã‚’å–ã‚Šã¾ã™ã€‚ã“ã®ãƒ¡ã‚½ãƒƒãƒ‰ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹å‰ã«ã€è¨¼æ˜Žæ›¸ã‚’WC_INITCERTã§åˆæœŸåŒ–ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- \return Success 指定ã•ã‚ŒãŸå…¥åŠ›è¨¼æ˜Žæ›¸ã‹ã‚‰X509証明書を正常ã«è¡Œã†ã¨ã€ç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
- \return MEMORY_E xmallocã§ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
- \return BUFFER_E æä¾›ã•ã‚ŒãŸDerbufferãŒç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸æ“作ã®ç‚ºã«æ–°ãŸãªCert構造体を割り当ã¦ã¾ã™ã€‚
+ 割り当ã¦ãŸCert構造体ã¯ã“ã®é–¢æ•°å†…ã§åˆæœŸåŒ–ã•ã‚Œã‚‹ã®ã§ã€wc_InitCert()を呼ã³å‡ºã™å¿…è¦ã¯ã‚ã‚Šã¾ã›ã‚“。
+ アプリケーションãŒã“ã®Cert構造体ã®ä½¿ç”¨ã‚’終了ã™ã‚‹éš›ã«ã¯wc_CertFree()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 処ç†ãŒæˆåŠŸã—ãŸéš›ã«ã¯æ–°ã«å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return メモリ確ä¿ã«å¤±æ•—ã—ãŸå ´åˆã«ã¯NULLã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param メモリã®å‹•çš„確ä¿ã§ä½¿ç”¨ã•ã‚Œã‚‹ãƒ’ープã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚NULLã®æŒ‡å®šã‚‚å¯ã€‚
+
+ _Example_
+ \code
+ Cert* myCert;
+
+ myCert = wc_CertNew(NULL);
+ if (myCert == NULL) {
+ // Cert creation failure
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_MakeCert
+ \sa wc_CertFree
+
+*/
+Cert* wc_CertNew(void* heap);
+
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯wc_CertNew()ã§ç¢ºä¿ã•ã‚ŒãŸCert構造体を解放ã—ã¾ã™ã€‚
+ \return ç„¡ã—
+ \param 解放ã™ã¹ãCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Cert* myCert;
+
+ myCert = wc_CertNew(NULL);
+
+ // Perform cert operations.
+
+ wc_CertFree(myCert);
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_MakeCert
+ \sa wc_CertNew
+
+*/
+void wc_CertFree(Cert* cert);
+
+/*!
+ \ingroup ASN
+ \brief CAç½²å付ã証明書を作æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ サブジェクト情報を入力ã—ãŸå¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸å…¥åŠ›ã‹ã‚‰X.509v3 RSAã¾ãŸã¯ECC証明書を作æˆã—derBufferã«æ›¸ãè¾¼ã¿ã¾ã™ã€‚
+ 証明書を生æˆã™ã‚‹ãŸã‚ã®RsaKeyã¾ãŸã¯EccKeyã®ã„ãšã‚Œã‹ã‚’引数ã¨ã—ã¦å–ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹å‰ã«ã€è¨¼æ˜Žæ›¸ã‚’wc_InitCertã§åˆæœŸåŒ–ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 指定ã•ã‚ŒãŸå…¥åŠ›è¨¼æ˜Žæ›¸ã‹ã‚‰X509証明書ãŒæ­£å¸¸ã«ç”Ÿæˆã•ã‚ŒãŸå ´åˆã€ç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return MEMORY_E xmallocã§ã®ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã‚Šã¾ã™ã€‚
+ \return BUFFER_E æä¾›ã•ã‚ŒãŸderBufferãŒç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™
\return Others 証明書ã®ç”ŸæˆãŒæˆåŠŸã—ãªã‹ã£ãŸå ´åˆã€è¿½åŠ ã®ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
- \param cert åˆæœŸåŒ–ã•ã‚ŒãŸè¨¼æ˜Žæ›¸æ§‹é€ ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param cert åˆæœŸåŒ–ã•ã‚ŒãŸCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param derBuffer 生æˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param derSz 証明書をä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
- \param rsaKey 証明書ã®ç”Ÿæˆã«ä½¿ç”¨ã•ã‚Œã‚‹RSAキーをå«ã‚€RSAKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param eccKey 証明書ã®ç”Ÿæˆã«ä½¿ç”¨ã•ã‚Œã‚‹ECCキーをå«ã‚€ECCKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param rsaKey 証明書ã®ç”Ÿæˆã«ä½¿ç”¨ã•ã‚Œã‚‹RSAéµã‚’å«ã‚€RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param eccKey 証明書ã®ç”Ÿæˆã«ä½¿ç”¨ã•ã‚Œã‚‹ECCéµã‚’å«ã‚€EccKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
Cert myCert;
@@ -43,16 +105,21 @@ int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
ecc_key* eccKey, WC_RNG* rng);
/*!
- \ingroup ASN
- \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›è¨¼æ˜Žæ›¸ã‚’使用ã—ã¦è¨¼æ˜Žæ›¸ç½²åè¦æ±‚ã‚’è¡Œã„ã€å‡ºåŠ›ã‚’Derbufferã«æ›¸ãè¾¼ã¿ã¾ã™ã€‚証明書è¦æ±‚を生æˆã™ã‚‹RSAKEYã¾ãŸã¯ECCKEYã®ã©ã¡ã‚‰ã‹ã‚’å–ã‚Šã¾ã™ã€‚ã“ã®é–¢æ•°ãŒè¨¼æ˜Žæ›¸è¦æ±‚ã«ç½²åã™ã‚‹ãŸã‚ã«wc_signcert()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®é–¢æ•°ã®ä½¿ç”¨ä¾‹ã«ã¤ã„ã¦ã¯ã€WolfCryptテストアプリケーション(./wolfcrypt/test/test.c)をå‚ç…§ã—ã¦ãã ã•ã„。
- \return Success 指定ã•ã‚ŒãŸå…¥åŠ›è¨¼æ˜Žæ›¸ã‹ã‚‰X.509証明書è¦æ±‚を正常ã«è¡Œã†ã¨ã€ç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸è¦æ±‚ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
- \return MEMORY_E xmallocã§ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
- \return BUFFER_E æä¾›ã•ã‚ŒãŸDerbufferãŒç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™
- \return Other 証明書è¦æ±‚生æˆãŒæˆåŠŸã—ãªã‹ã£ãŸå ´åˆã€è¿½åŠ ã®ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
- \param cert åˆæœŸåŒ–ã•ã‚ŒãŸè¨¼æ˜Žæ›¸æ§‹é€ ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param derBuffer 生æˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸è¦æ±‚ã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param derSz 証明書è¦æ±‚ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
- \param rsaKey 証明書è¦æ±‚を生æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAキーをå«ã‚€RSAKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup ASN
+ \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ã•ã‚ŒãŸCert構造体を使用ã—ã¦è¨¼æ˜Žæ›¸ç½²åè¦æ±‚を作æˆã—derBufferã«æ›¸ãè¾¼ã¿ã¾ã™ã€‚
+ 証明書è¦æ±‚ã®ç”Ÿæˆã«ã¯RsaKeyã¾ãŸã¯EccKeyã®ã„ãšã‚Œã‹ã®éµã‚’å—ã‘å–り使用ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã®å¾Œã«ã€ç½²åã™ã‚‹ãŸã‚ã«wc_SignCert()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã®ä½¿ç”¨ä¾‹ã«ã¤ã„ã¦ã¯ã€wolfCryptテストアプリケーション(./wolfcrypt/test/test.c)ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+ \return 証明書署åè¦æ±‚ãŒæ­£å¸¸ã«ç”Ÿæˆã•ã‚Œã‚‹ã¨ã€ç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ç½²åè¦æ±‚ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return MEMORY_E xmallocã§ã®ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆ
+ \return BUFFER_E æä¾›ã•ã‚ŒãŸderBufferãŒç”Ÿæˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã‚‹å ´åˆ
+ \return Other 証明書署åè¦æ±‚ã®ç”ŸæˆãŒæˆåŠŸã—ãªã‹ã£ãŸå ´åˆã€è¿½åŠ ã®ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ \param cert åˆæœŸåŒ–ã•ã‚ŒãŸCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derBuffer 生æˆã•ã‚ŒãŸè¨¼æ˜Žæ›¸ç½²åè¦æ±‚ã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derSz 証明書署åè¦æ±‚ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param rsaKey 証明書署åè¦æ±‚を生æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAéµã‚’å«ã‚€RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param eccKey 証明書署åè¦æ±‚を生æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RECCéµã‚’å«ã‚€EccKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
Cert myCert;
@@ -71,18 +138,21 @@ int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
RsaKey* rsaKey, ecc_key* eccKey);
/*!
- \ingroup ASN
- \brief ã“ã®é–¢æ•°ã¯ãƒãƒƒãƒ•ã‚¡ãƒ¼ã«ç½²åã—ã€ç½²åã‚’ãƒãƒƒãƒ•ã‚¡ã®æœ€å¾Œã«è¿½åŠ ã—ã¾ã™ã€‚ç½²åã®ç¨®é¡žã‚’å–ã‚Šã¾ã™ã€‚CAç½²å付ã証明書を作æˆã™ã‚‹å ´åˆã¯ã€wc_makecert()ã¾ãŸã¯wc_makecertreq()ã®å¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- \return Success 証明書ã«æ­£å¸¸ã«ç½²åã™ã‚‹å ´åˆã¯ã€CERTã®æ–°ã—ã„サイズ(署åã‚’å«ã‚€ï¼‰ã‚’è¿”ã—ã¾ã™ã€‚
- \return MEMORY_E xmallocã§ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
+ \ingroup ASN
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒƒãƒ•ã‚¡ãƒ¼ã®å†…容ã«ç½²åã—ã€ç½²åã‚’ãƒãƒƒãƒ•ã‚¡ã®æœ€å¾Œã«è¿½åŠ ã—ã¾ã™ã€‚ç½²åã®ç¨®é¡žã‚’å–ã‚Šã¾ã™ã€‚
+ CAç½²å付ã証明書を作æˆã™ã‚‹å ´åˆã¯ã€wc_MakeCert()ã¾ãŸã¯wc_MakeCertReq()ã®å¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \return 証明書ã¸ã®ç½²åã«æˆåŠŸã—ãŸå ´åˆã¯ã€è¨¼æ˜Žæ›¸ã®æ–°ã—ã„サイズ(ç½²åã‚’å«ã‚€)ã‚’è¿”ã—ã¾ã™ã€‚
+ \return MEMORY_E xmallocã§ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã§ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
\return BUFFER_E æä¾›ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ã«ã¯æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return Other 証明書ã®ç”ŸæˆãŒæˆåŠŸã—ãªã‹ã£ãŸå ´åˆã€è¿½åŠ ã®ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
- \param requestSz ç½²åã—ãŸã“ã¨ã‚’è¦æ±‚ã—ã¦ã„る証明書本文ã®ã‚µã‚¤ã‚º
- \param sType 作æˆã™ã‚‹ç½²åã®ç¨®é¡žã€‚有効ãªã‚ªãƒ—ションã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.CTC_MD5WRSAã€CTC_SHAWRSAã€CTC_SHAWECDSAã€CTC_SHA256WECDSAã€ANDCTC_SHA256WRSA
- \param buffer ç½²åã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚æˆåŠŸï¼šæ–°ãŸã«ç½²åã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿æŒã—ã¾ã™
- \param buffSz æ–°ãŸã«ç½²åã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ï¼ˆåˆè¨ˆï¼‰ã‚µã‚¤ã‚º
- \param rsaKey 証明書ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAキーをå«ã‚€RSAKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param eccKey 証明書ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ECCキーをå«ã‚€ECCKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param requestSz ç½²å対象ã®è¨¼æ˜Žæ›¸æœ¬æ–‡ã®ã‚µã‚¤ã‚º
+ \param sigType 作æˆã™ã‚‹ç½²åã®ç¨®é¡žã€‚有効ãªã‚ªãƒ—ションã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™:CTC_MD5WRSAã€CTC_SHAWRSAã€CTC_SHAWECDSAã€CTC_SHA256WECDSAã€ANDCTC_SHA256WRSA
+ \param derBuffer ç½²å対象ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚関数ã®å‡¦ç†æˆåŠŸæ™‚ã«ã¯ç½²åãŒä»˜åŠ ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿æŒã—ã¾ã™ã€‚
+ \param derSz æ–°ãŸã«ç½²åã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ï¼ˆåˆè¨ˆï¼‰ã‚µã‚¤ã‚º
+ \param rsaKey 証明書ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAéµã‚’å«ã‚€RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param eccKey 証明書ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ECCéµã‚’å«ã‚€EccKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param rng ç½²åã«ä½¿ç”¨ã™ã‚‹ä¹±æ•°ç”Ÿæˆå™¨(WC_RNG構造体)ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
Cert myCert;
@@ -94,9 +164,8 @@ int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
// initialize rng
word32 certSz;
- certSz = wc_SignCert(myCert.bodySz, myCert.sigType,derCert,FOURK_BUF,
- &key, NULL,
- &rng);
+ certSz = wc_SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+ &key, NULL, &rng);
\endcode
\sa wc_InitCert
\sa wc_MakeCert
@@ -105,16 +174,19 @@ int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng);
/*!
- \ingroup ASN
- \brief ã“ã®é–¢æ•°ã¯ã€ä»¥å‰ã®2ã¤ã®é–¢æ•°ã€wc_makecertã€ãŠã‚ˆã³è‡ªå·±ç½²åã®ãŸã‚ã®wc_signcertã®çµ„ã¿åˆã‚ã›ã§ã™ï¼ˆå‰ã®é–¢æ•°ã¯CAè¦æ±‚ã«ä½¿ç”¨ã•ã‚Œã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ï¼‰ã€‚証明書を作æˆã—ã¦ã‹ã‚‰ã€ãã‚Œã«ç½²åã—ã€è‡ªå·±ç½²å証明書を生æˆã—ã¾ã™ã€‚
- \return Success 証明書ã«æ­£å¸¸ã«ç½²åã™ã‚‹å ´åˆã¯ã€CERTã®æ–°ã—ã„サイズを返ã—ã¾ã™ã€‚
- \return MEMORY_E xmallocã§ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
+ \ingroup ASN
+ \brief ã“ã®é–¢æ•°ã¯ã€ä»¥å‰ã®2ã¤ã®é–¢æ•°ã€wc_MakeCertã€ãŠã‚ˆã³è‡ªå·±ç½²åã®ãŸã‚ã®wc_SignCertã®çµ„ã¿åˆã‚ã›ã§ã™ï¼ˆå‰ã®é–¢æ•°ã¯CAè¦æ±‚ã«ä½¿ç”¨ã•ã‚Œã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ï¼‰ã€‚
+ 証明書を作æˆã—ã¦ã‹ã‚‰ã€ãã‚Œã«ç½²åã—ã€è‡ªå·±ç½²å証明書を生æˆã—ã¾ã™ã€‚
+ \return 証明書ã¸ã®ç½²åãŒæˆåŠŸã—ãŸå ´åˆã¯ã€è¨¼æ˜Žæ›¸ã®æ–°ã—ã„サイズを返ã—ã¾ã™ã€‚
+ \return MEMORY_E xmallocã§ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã§ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
\return BUFFER_E æä¾›ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿å­˜ã™ã‚‹ã«ã¯æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return Other 証明書ã®ç”ŸæˆãŒæˆåŠŸã—ãªã‹ã£ãŸå ´åˆã€è¿½åŠ ã®ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒè¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
- \param cert 作æˆã—ã¦ç½²åã™ã‚‹è¨¼æ˜Žæ›¸ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param buffer ç½²å付ã証明書をä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param buffSz ç½²å付ã証明書をä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
- \param key 証明書ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAキーをå«ã‚€RSAKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param cert ç½²åã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derBuffer ç½²å付ã証明書をä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derSz ç½²å付ã証明書をä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param key 証明書ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAéµã‚’å«ã‚€RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param rng ç½²åã«ä½¿ç”¨ã™ã‚‹ä¹±æ•°ç”Ÿæˆå™¨(WC_RNG構造体)ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
Cert myCert;
@@ -134,3 +206,1779 @@ int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
*/
int wc_MakeSelfCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* key,
WC_RNG* rng);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯PEMå½¢å¼ã®issureFileã§ä¸Žãˆã‚‰ã‚ŒãŸç™ºè¡Œè€…を証明書ã®ç™ºè¡Œè€…ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã¾ãŸã€ãã®éš›ã«ã€è¨¼æ˜Žæ›¸ã®è‡ªå·±ç½²åプロパティをfalseã«å¤‰æ›´ã—ã¾ã™ã€‚
+ 発行者ã¯è¨¼æ˜Žæ›¸ã®ç™ºè¡Œè€…ã¨ã—ã¦è¨­å®šã•ã‚Œã‚‹å‰ã«æ¤œè¨¼ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®ç™ºè¡Œè€…ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ç™ºè¡Œè€…を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 発行者を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param issuerFile PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ if(wc_SetIssuer(&myCert, â€./path/to/ca-cert.pemâ€) != 0) {
+ // error setting issuer
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetSubject
+ \sa wc_SetIssuerBuffer
+*/
+int wc_SetIssuer(Cert* cert, const char* issuerFile);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯PEMå½¢å¼ã®subjectFileã§ä¸Žãˆã‚‰ã‚ŒãŸä¸»ä½“者を証明書ã®ä¸»ä½“者ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®ä¸»ä½“者ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param 主体者を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param subjectFile PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ if(wc_SetSubject(&myCert, â€./path/to/ca-cert.pemâ€) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetIssuer
+*/
+int wc_SetSubject(Cert* cert, const char* subjectFile);
+
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹Raw-Subject情報を証明書ã®Raw-Subject情報ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®Raw-Subject情報ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert Raw-Subject情報を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ã“ã®è¨¼æ˜Žæ›¸ã®Raw-Subject情報ãŒå–り出ã•ã‚Œã¦certã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ byte* der;
+ der = (byte*)malloc(FOURK_BUF);
+ // initialize der
+ if(wc_SetSubjectRaw(&myCert, der, FOURK_BUF) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetSubject
+*/
+int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯Cert構造体ã‹ã‚‰Raw-Subject情報をå–り出ã—ã¾ã™ã€‚
+
+ \return 0 証明書ã®Raw-Subject情報ã®å–å¾—ã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param subjectRaw 処ç†ãŒæˆåŠŸã—ãŸéš›ã«è¿”ã•ã‚Œã‚‹Raw-Subject情報を格ç´ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã®ãƒã‚¤ãƒ³ã‚¿
+ \param cert Raw-Subject情報をä¿æŒã™ã‚‹Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Cert myCert;
+ byte *subjRaw;
+ // initialize myCert
+
+ if(wc_GetSubjectRaw(&subjRaw, &myCert) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetSubjectRaw
+*/
+int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯å¼•æ•°ã§ä¸Žãˆã‚‰ã‚ŒãŸPEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã®ä¸»ä½“者ã®åˆ¥åã‚’Cert構造体ã«è¨­å®šã—ã¾ã™ã€‚
+ 複数ã®ãƒ‰ãƒ¡ã‚¤ãƒ³ã§åŒä¸€ã®è¨¼æ˜Žæ›¸ã‚’使用ã™ã‚‹éš›ã«ã¯ä¸»ä½“者ã®åˆ¥åを付与ã™ã‚‹æ©Ÿèƒ½ã¯æœ‰ç”¨ã§ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®ä¸»ä½“者ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 主体者ã®åˆ¥åを設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param file PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ if(wc_SetSubject(&myCert, â€./path/to/ca-cert.pemâ€) != 0) {
+ // error setting alt names
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetIssuer
+*/
+int wc_SetAltNames(Cert* cert, const char* file);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¦ã„る発行者を証明書ã®ç™ºè¡Œè€…ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ 加ãˆã¦ã€è¨¼æ˜Žæ›¸ã®äº‹æ•…ç½²åプロパティをfalseã«è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®ç™ºè¡Œè€…ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 発行者を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ã“ã®è¨¼æ˜Žæ›¸ã®ç™ºè¡Œè€…情報ãŒå–り出ã•ã‚Œã¦certã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ byte* der;
+ der = (byte*)malloc(FOURK_BUF);
+ // initialize der
+ if(wc_SetIssuerBuffer(&myCert, der, FOURK_BUF) != 0) {
+ // error setting issuer
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetIssuer
+*/
+int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹Raw-Issuer情報を証明書ã®Raw-Issuer情報ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®Raw-Issuer情報ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+
+ \param cert Raw-Issuer情報を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ã“ã®è¨¼æ˜Žæ›¸ã®Raw-Issuer情報ãŒå–り出ã•ã‚Œã¦certã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ byte* der;
+ der = (byte*)malloc(FOURK_BUF);
+ // initialize der
+ if(wc_SetIssuerRaw(&myCert, der, FOURK_BUF) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetIssuer
+*/
+int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¦ã„る主体者を証明書ã®ä¸»ä½“者ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®ä¸»ä½“者ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 主体者を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ã“ã®è¨¼æ˜Žæ›¸ã®ä¸»ä½“者ãŒå–り出ã•ã‚Œã¦certã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ byte* der;
+ der = (byte*)malloc(FOURK_BUF);
+ // initialize der
+ if(wc_SetSubjectBuffer(&myCert, der, FOURK_BUF) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetSubject
+*/
+int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¦ã„る「別å情報ã€ã‚’証明書ã®ã€Œåˆ¥å情報ã€ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®æ©Ÿèƒ½ã¯è¤‡æ•°ãƒ‰ãƒ¡ã‚¤ãƒ³ã‚’一ã¤ã®è¨¼æ˜Žæ›¸ã‚’使ã£ã¦ã‚»ã‚­ãƒ¥ã‚¢ã«ã™ã‚‹éš›ã«æœ‰ç”¨ã§ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®åˆ¥å情報ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 別å情報を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ã“ã®è¨¼æ˜Žæ›¸ã®åˆ¥å情報ãŒå–り出ã•ã‚Œã¦certã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ byte* der;
+ der = (byte*)malloc(FOURK_BUF);
+ // initialize der
+ if(wc_SetAltNamesBuffer(&myCert, der, FOURK_BUF) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetAltNames
+*/
+int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¦ã„る「有効期間ã€æƒ…報を証明書ã®ã€Œæœ‰åŠ¹æœŸé–“ã€æƒ…å ±ã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã¸ã®ç½²åã«å…ˆç«‹ã¡å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
+ \return 0 証明書ã®æœ‰åŠ¹æœŸé–“情報ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E XMALLOCã§ãƒ¡ãƒ¢ãƒªã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 証明書ã®ãƒ˜ãƒƒãƒ€ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã®è§£æžã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ã®æš—å·ã‚¿ã‚¤ãƒ—ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_EXPECT_0_E 証明書ã®æš—å·åŒ–仕様ã«ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¨ãƒ©ãƒ¼ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E 証明書ã®ä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E 証明書ã®æœ‰åŠ¹æœŸé™æ—¥ã‚ˆã‚Šå¾Œã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BITSTR_E 証明書ã®ãƒ“ットストリングè¦ç´ ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 証明書ã®ECCéµã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_UNKNOWN_OID_E 証明書ãŒæœªçŸ¥ã®ã‚ªãƒ–ジェクトIDを使用ã—ã¦ã„ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„ã®ã«è¨¼æ˜Žæ›¸ãŒV1ã‚ã‚‹ã„ã¯V2å½¢å¼ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 証明書ã®æ‹¡å¼µæƒ…å ±ã®è§£æžã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_CRIT_EXT_E 証明書ã®è§£æžä¸­ã«æœªçŸ¥ã®ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åæš—å·åŒ–タイプãŒå¼•æ•°ã§æ¸¡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_CONFIRM_E 証明書ã®ç½²åã®æ¤œè¨¼ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NAME_INVALID_E 証明書ã®åå‰ãŒCAã®åå‰ã«é–¢æ•°åˆ¶é™ã«ã‚ˆã£ã¦è¨±ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SIGNER_E CA証明書ã®ä¸»ä½“者を検証ã™ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 有効期間情報を設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ã“ã®è¨¼æ˜Žæ›¸ã®æœ‰åŠ¹æœŸé–“情報ãŒå–り出ã•ã‚Œã¦certã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ Cert myCert;
+ // initialize myCert
+ byte* der;
+ der = (byte*)malloc(FOURK_BUF);
+ // initialize der
+ if(wc_SetDatesBuffer(&myCert, der, FOURK_BUF) != 0) {
+ // error setting subject
+ }
+ \endcode
+
+ \sa wc_InitCert
+*/
+int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸRSAã‚ã‚‹ã„ã¯ECC公開éµã®ä¸€æ–¹ã‹ã‚‰å¾—ãŸAKID(èªè¨¼è€…éµID)を証明書ã®AKIDã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+
+ \return 0 証明書ã®AKIDã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿(cert)ãŒNULLã‹RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿(rsakey)ã¨ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿(eckey)ã®ä¸¡æ–¹ãŒNULLã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return PUBLIC_KEY_E 公開éµã®å–å¾—ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert AKIDを設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param rsakey RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param eckey ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Cert myCert;
+ RsaKey keypub;
+
+ wc_InitRsaKey(&keypub, 0);
+
+ if (wc_SetAuthKeyIdFromPublicKey(&myCert, &keypub, NULL) != 0)
+ {
+ // Handle error
+ }
+ \endcode
+
+ \sa wc_SetSubjectKeyId
+ \sa wc_SetAuthKeyId
+ \sa wc_SetAuthKeyIdFromCert
+*/
+int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
+ ecc_key *eckey);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‹ã‚‰å¾—ãŸAKID(èªè¨¼è€…éµID)を証明書ã®AKIDã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+
+ \return 0 証明書ã®AKIDã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数ã®ã„ãšã‚Œã‹ãŒNULL,ã‚ã‚‹ã„ã¯derSzãŒï¼ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_NO_SKID èªè¨¼è€…éµIDãŒè¦‹ã¤ã‹ã‚‰ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert AKIDを設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param der DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param derSz DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’æ ¼ç´ã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚
+
+ _Example_
+ \code
+ Cert some_cert;
+ byte some_der[] = { // Initialize a DER buffer };
+ wc_InitCert(&some_cert);
+ if(wc_SetAuthKeyIdFromCert(&some_cert, some_der, sizeof(some_der) != 0)
+ {
+ // Handle error
+ }
+ \endcode
+
+ \sa wc_SetAuthKeyIdFromPublicKey
+ \sa wc_SetAuthKeyId
+*/
+int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‹ã‚‰å¾—ãŸAKID(èªè¨¼è€…éµID)を証明書ã®AKIDã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+
+ \return 0 証明書ã®AKIDã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数ã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert AKIDを設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param file PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+
+ _Example_
+ \code
+ char* file_name = "/path/to/file";
+ cert some_cert;
+ wc_InitCert(&some_cert);
+
+ if(wc_SetAuthKeyId(&some_cert, file_name) != 0)
+ {
+ // Handle Error
+ }
+ \endcode
+
+ \sa wc_SetAuthKeyIdFromPublicKey
+ \sa wc_SetAuthKeyIdFromCert
+*/
+int wc_SetAuthKeyId(Cert *cert, const char* file);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸRSAã‚ã‚‹ã„ã¯ECC公開éµã®ä¸€æ–¹ã‹ã‚‰å¾—ãŸSKID(主体者éµID)を証明書ã®SKIDã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+
+ \return 0 証明書ã®SKIDã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿(cert)ãŒNULLã‹RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿(rsakey)ã¨ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿(eckey)ã®ä¸¡æ–¹ãŒNULLã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return PUBLIC_KEY_E 公開éµã®å–å¾—ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert SKIDを設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param rsakey RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param eckey ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Cert some_cert;
+ RsaKey some_key;
+ wc_InitCert(&some_cert);
+ wc_InitRsaKey(&some_key);
+
+ if(wc_SetSubjectKeyIdFromPublicKey(&some_cert,&some_key, NULL) != 0)
+ {
+ // Handle Error
+ }
+ \endcode
+
+ \sa wc_SetSubjectKeyId
+*/
+int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
+ ecc_key *eckey);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‹ã‚‰å¾—ãŸSKID(主体者éµID)を証明書ã®SKIDã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
+ 引数ã¯ä¸¡æ–¹ãŒä¸Žãˆã‚‰ã‚Œã‚‹ã“ã¨ãŒå¿…è¦ã§ã™ã€‚
+
+ \return 0 証明書ã®SKIDã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数ã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return PUBLIC_KEY_E 公開éµã®ãƒ‡ã‚³ãƒ¼ãƒ‰ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert SKIDを設定ã™ã‚‹å¯¾è±¡ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param file PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+
+ _Example_
+ \code
+ const char* file_name = "path/to/file";
+ Cert some_cert;
+ wc_InitCert(&some_cert);
+
+ if(wc_SetSubjectKeyId(&some_cert, file_name) != 0)
+ {
+ // Handle Error
+ }
+ \endcode
+
+ \sa wc_SetSubjectKeyIdFromPublicKey
+*/
+int wc_SetSubjectKeyId(Cert *cert, const char* file);
+
+/*!
+ \ingroup RSA
+
+ \brief ã“ã®é–¢æ•°ã¯éµã®ç”¨é€”を設定ã—ã¾ã™ã€‚設定値ã®æŒ‡å®šã¯ã‚³ãƒ³ãƒžåŒºåˆ‡ã‚Šãƒˆãƒ¼ã‚¯ãƒ³ã‚’使用ã§ãã¾ã™ã€‚
+ å—ã‘付ã‘られるトークンã¯ï¼šdigitalSignature, nonRepudiation, contentCommitment, keyCertSign, cRLSign, dataEncipherment,
+ keyAgreement, keyEncipherment, encipherOnly, decipherOnly ã§ã™ã€‚
+ 指定例:"digitalSignature,nonRepudiation"。
+ nonRepudiation 㨠contentCommitment ã¯åŒã˜ç”¨é€”ã‚’æ„味ã—ã¾ã™ã€‚
+
+ \return 0 証明書ã®ç”¨é€”ã®è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数ã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return KEYUSAGE_E 未知ã®ãƒˆãƒ¼ã‚¯ãƒ³ãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert éµã®ç”¨é€”を設定ã™ã‚‹å¯¾è±¡ã®åˆæœŸåŒ–済ã¿Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param value éµã®ç”¨é€”ã‚’æ„味ã™ã‚‹ã‚³ãƒ³ãƒžåŒºåˆ‡ã‚Šãƒˆãƒ¼ã‚¯ãƒ³æ–‡å­—列ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Cert cert;
+ wc_InitCert(&cert);
+
+ if(wc_SetKeyUsage(&cert, "cRLSign,keyCertSign") != 0)
+ {
+ // Handle error
+ }
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_MakeRsaKey
+*/
+int wc_SetKeyUsage(Cert *cert, const char *value);
+
+/*!
+ \ingroup ASN
+
+ \brief PEMå½¢å¼ã®éµãƒ•ã‚¡ã‚¤ãƒ«ã‚’ロードã—DERå½¢å¼ã«å¤‰æ›ã—ã¦ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+
+ \return 0 処ç†æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return <0 エラー発生時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルã®ã‚ªãƒ¼ãƒ—ンã«å•é¡ŒãŒç”Ÿã˜ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E 与ãˆã‚‰ã‚ŒãŸå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡derBufãŒçµæžœã‚’ä¿æŒã™ã‚‹ã®ã«å分ãªå¤§ãã•ãŒãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param fileName PEMå½¢å¼ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+ \param derBuf DERå½¢å¼éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡
+ \param derSz 出力先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ char* some_file = "filename";
+ unsigned char der[];
+
+ if(wc_PemPubKeyToDer(some_file, der, sizeof(der)) != 0)
+ {
+ //Handle Error
+ }
+ \endcode
+
+ \sa wc_PubKeyPemToDer
+*/
+int wc_PemPubKeyToDer(const char* fileName,
+ unsigned char* derBuf, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief PEMå½¢å¼ã®éµãƒ‡ãƒ¼ã‚¿ã‚’DERå½¢å¼ã«å¤‰æ›ã—ã¦ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã€å‡ºåŠ›ãƒã‚¤ãƒˆæ•°ã‚ã‚‹ã„ã¯è² ã®ã‚¨ãƒ©ãƒ¼å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \return >0 処ç†æˆåŠŸæ™‚ã«ã¯å‡ºåŠ›ã—ãŸãƒã‚¤ãƒˆæ•°ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数ã®pem, buff, ã‚ã‚‹ã„㯠buffSz ã®ã„ãšã‚Œã‹ã°NULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return <0 エラーãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param pem PEMå½¢å¼ã®éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param pemSz PEMå½¢å¼ã®éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param buff 出力先ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param buffSz 出力先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ byte some_pem[] = { Initialize with PEM key }
+ unsigned char out_buffer[1024]; // Ensure buffer is large enough to fit DER
+
+ if(wc_PubKeyPemToDer(some_pem, sizeof(some_pem), out_buffer,
+ sizeof(out_buffer)) < 0)
+ {
+ // Handle error
+ }
+ \endcode
+
+ \sa wc_PemPubKeyToDer
+*/
+int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
+ unsigned char* buff, int buffSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’DERå½¢å¼ã«å¤‰æ›ã—ã€ä¸Žãˆã‚‰ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+
+ \return 処ç†æˆåŠŸæ™‚ã«ã¯å‡ºåŠ›ã—ãŸãƒã‚¤ãƒˆæ•°ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E 与ãˆã‚‰ã‚ŒãŸå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡derBufãŒçµæžœã‚’ä¿æŒã™ã‚‹ã®ã«å分ãªå¤§ãã•ãŒãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param fileName PEMå½¢å¼ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス
+ \param derBuf DERå½¢å¼è¨¼æ˜Žæ›¸ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derSz DERå½¢å¼è¨¼æ˜Žæ›¸ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ char * file = “./certs/client-cert.pemâ€;
+ int derSz;
+ byte* der = (byte*)XMALLOC((8*1024), NULL, DYNAMIC_TYPE_CERT);
+
+ derSz = wc_PemCertToDer(file, der, (8*1024));
+ if (derSz <= 0) {
+ //PemCertToDer error
+ }
+ \endcode
+
+ \sa none
+*/
+
+int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒƒãƒ•ã‚¡ã§ä¸Žãˆã‚‰ã‚ŒãŸDERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’PEMå½¢å¼ã«å¤‰æ›ã—ã€ä¸Žãˆã‚‰ã‚ŒãŸå‡ºåŠ›ç”¨ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¨å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã‚’共用ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“。両ãƒãƒƒãƒ•ã‚¡ã¯å¿…ãšåˆ¥ã®ã‚‚ã®ã‚’用æ„ã—ã¦ãã ã•ã„。
+
+ \return 処ç†æˆåŠŸæ™‚ã«ã¯å¤‰æ›å¾Œã®PEMå½¢å¼ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG DERå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã®è§£æžä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã€ã‚ã‚‹ã„ã¯PEMå½¢å¼ã«å¤‰æ›ã®éš›ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_INPUT_E Base64エンコーディングエラーãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E 与ãˆã‚‰ã‚ŒãŸå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒçµæžœã‚’ä¿æŒã™ã‚‹ã®ã«å分ãªå¤§ãã•ãŒãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param der DERå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derSz DERå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º
+ \param output PEMå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param outSz PEMå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param type 変æ›ã™ã‚‹è¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—。次ã®ã‚¿ã‚¤ãƒ—ãŒæŒ‡å®šå¯: CERT_TYPE, PRIVATEKEY_TYPE, ECC_PRIVATEKEY_TYPE, and CERTREQ_TYPE.
+
+ _Example_
+ \code
+ byte* der;
+ // initialize der with certificate
+ byte* pemFormatted[FOURK_BUF];
+
+ word32 pemSz;
+ pemSz = wc_DerToPem(der, derSz,pemFormatted,FOURK_BUF, CERT_TYPE);
+ \endcode
+
+ \sa wc_PemCertToDer
+*/
+int wc_DerToPem(const byte* der, word32 derSz, byte* output,
+ word32 outputSz, int type);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼è¨¼æ˜Žæ›¸ã‚’入力ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰èª­ã¿å‡ºã—ã€PEMå½¢å¼ã«å¤‰æ›ã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã¨å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã‚’共用ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“。両ãƒãƒƒãƒ•ã‚¡ã¯å¿…ãšåˆ¥ã®ã‚‚ã®ã‚’用æ„ã—ã¦ãã ã•ã„。
+ 追加ã®æš—å·æƒ…報を指定ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+
+ \return 処ç†æˆåŠŸæ™‚ã«ã¯å¤‰æ›å¾Œã®PEMå½¢å¼ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG Returned DERå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã®è§£æžä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã€ã‚ã‚‹ã„ã¯PEMå½¢å¼ã«å¤‰æ›ã®éš›ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_INPUT_E Base64エンコーディングエラーãŒæ¤œå‡ºã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E 与ãˆã‚‰ã‚ŒãŸå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒçµæžœã‚’ä¿æŒã™ã‚‹ã®ã«å分ãªå¤§ãã•ãŒãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param der DERå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derSz DERå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º
+ \param output PEMå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param outSz PEMå½¢å¼è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param cipher_inf 追加ã®æš—å·æƒ…å ±
+ \param type 生æˆã™ã‚‹è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—。指定å¯èƒ½ãªã‚¿ã‚¤ãƒ—: CERT_TYPE, PRIVATEKEY_TYPE, ECC_PRIVATEKEY_TYPE 㨠CERTREQ_TYPE
+
+ _Example_
+ \code
+ byte* der;
+ // initialize der with certificate
+ byte* pemFormatted[FOURK_BUF];
+
+ word32 pemSz;
+ byte* cipher_info[] { Additional cipher info. }
+ pemSz = wc_DerToPemEx(der, derSz, pemFormatted, FOURK_BUF, cipher_info, CERT_TYPE);
+ \endcode
+
+ \sa wc_PemCertToDer
+*/
+int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
+ word32 outputSz, byte *cipherIno, int type);
+
+/*!
+ \ingroup CertsKeys
+
+ \brief PEMå½¢å¼ã®éµã‚’DERå½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚
+
+ \return 変æ›ã«æˆåŠŸã—ãŸéš›ã«ã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ›¸ã込んã ãƒ‡ãƒ¼ã‚¿ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param pem PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param pemSz PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º
+ \param buff DerBuffer構造体ã®bufferメンãƒãƒ¼ã®ã‚³ãƒ”ーã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param buffSz DerBuffer構造体ã®bufferメンãƒãƒ¼ã¸ç¢ºä¿ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param pass パスワード
+
+ _Example_
+ \code
+ byte* loadBuf;
+ long fileSz = 0;
+ byte* bufSz;
+ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
+ const char* keyFile,
+ int typeKey, const char* password);
+ …
+ bufSz = wc_KeyPemToDer(loadBuf, (int)fileSz, saveBuf,
+ (int)fileSz, password);
+
+ if(saveBufSz > 0){
+ // Bytes were written to the buffer.
+ }
+ \endcode
+
+ \sa wc_PemToDer
+*/
+int wc_KeyPemToDer(const unsigned char* pem, int pemSz,
+ unsigned char* buff, int buffSz, const char* pass);
+
+/*!
+ \ingroup CertsKeys
+
+ \brief ã“ã®é–¢æ•°ã¯PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’DERå½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚内部ã§ã¯OpenSSL互æ›APIã®PemToDerを呼ã³å‡ºã—ã¾ã™ã€‚
+
+ \return ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ãŸã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param pem PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param pemSz PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param buff DERå½¢å¼ã«å¤‰æ›ã—ãŸè¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param buffSz 出力先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param type 証明書ã®ã‚¿ã‚¤ãƒ—。asn_public.h ã§å®šç¾©ã®enum CertTypeã®å€¤ã€‚
+
+ _Example_
+ \code
+ const unsigned char* pem;
+ int pemSz;
+ unsigned char buff[BUFSIZE];
+ int buffSz = sizeof(buff)/sizeof(char);
+ int type;
+ ...
+ if(wc_CertPemToDer(pem, pemSz, buff, buffSz, type) <= 0) {
+ // There were bytes written to buffer
+ }
+ \endcode
+
+ \sa wc_PemToDer
+*/
+int wc_CertPemToDer(const unsigned char* pem, int pemSz,
+ unsigned char* buff, int buffSz, int type);
+
+/*!
+ \ingroup CertsKeys
+
+ \brief ã“ã®é–¢æ•°ã¯å…¬é–‹éµã‚’DERå½¢å¼ã§DecodedCert構造体ã‹ã‚‰å–り出ã—ã¾ã™ã€‚
+ wc_InitDecodedCert()ã¨wc_ParseCert()を事å‰ã«å‘¼ã³å‡ºã—ã¦ãŠãå¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ wc_InitDecodedCert()ã¯DER/ASN.1エンコードã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’å—ã‘付ã‘ã¾ã™ã€‚
+ PEMå½¢å¼ã®éµã‚’DERå½¢å¼ã§å–å¾—ã™ã‚‹å ´åˆã«ã¯ã€wc_InitDecodedCert()より先ã«wc_CertPemToDer()を呼ã³å‡ºã—ã¦ãã ã•ã„。
+
+ \return æˆåŠŸæ™‚ã«0ã‚’è¿”ã—ã¾ã™ã€‚エラー発生時ã«ã¯è² ã®æ•´æ•°ã‚’è¿”ã—ã¾ã™ã€‚
+ \return LENGTH_ONLY_E derKeyãŒNULLã®éš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert X.509証明書をä¿æŒã—ãŸDecodedCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derKey DERå½¢å¼ã®å…¬é–‹éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param derKeySz [IN/OUT] 入力時ã«ã¯derKeyã§ä¸Žãˆã‚‰ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º,出力時ã«ã¯å…¬é–‹éµã®ã‚µã‚¤ã‚ºã‚’ä¿æŒã—ã¾ã™ã€‚
+ ã‚‚ã—ã€derKeyãŒNULLã§æ¸¡ã•ã‚ŒãŸå ´åˆã«ã¯, derKeySzã«ã¯å¿…è¦ãªãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒæ ¼ç´ã•ã‚Œã€LENGTH_ONLY_EãŒæˆ»ã‚Šå€¤ã¨ã—ã¦è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \sa wc_GetPubKeyDerFromCert
+*/
+int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
+ byte* derKey, word32* derKeySz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ECC秘密éµã‚’入力ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰èª­ã¿è¾¼ã¿ã€è§£æžã®å¾Œecc_key構造体を作æˆã—ã¦ãã“ã«éµã‚’æ ¼ç´ã—ã¾ã™ã€‚
+
+ \return 0 秘密éµã®ãƒ‡ã‚³ãƒ¼ãƒ‰ã¨çµæžœã®ecc_key構造体ã¸ã®æ ¼ç´æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E 入力ãƒãƒƒãƒ•ã‚¡ã®è§£æžã‚ã‚‹ã„ã¯çµæžœã®æ ¼ç´æ™‚ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E 入力ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ãŒæœ€å¤§è¨¼æ˜Žæ›¸ã‚µã‚¤ã‚ºã‚ˆã‚Šå¤§ãã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_OBJECT_ID_E 証明書ãŒç„¡åŠ¹ãªã‚ªãƒ–ジェクトIDã‚’å«ã‚“ã§ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_CURVE_OID_E 与ãˆã‚‰ã‚ŒãŸç§˜å¯†éµã®ECC曲線ãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ECC_BAD_ARG_E ECC秘密éµã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return NOT_COMPILED_IN 秘密éµãŒåœ§ç¸®ã•ã‚Œã¦ã„ã¦åœ§ç¸®éµãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MP_MEM 秘密éµã®è§£æžã§ä½¿ç”¨ã•ã‚Œã‚‹æ•°å­¦ãƒ©ã‚¤ãƒ–ラリãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MP_VAL 秘密éµã®è§£æžã§ä½¿ç”¨ã•ã‚Œã‚‹æ•°å­¦ãƒ©ã‚¤ãƒ–ラリãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MP_RANGE 秘密éµã®è§£æžã§ä½¿ç”¨ã•ã‚Œã‚‹æ•°å­¦ãƒ©ã‚¤ãƒ–ラリãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param input 入力ã¨ãªã‚‹ç§˜å¯†éµãƒ‡ãƒ¼ã‚¿ã‚’å«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inOutIdx word32型変数ã§å†…容ã¨ã—ã¦å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã®å‡¦ç†é–‹å§‹ä½ç½®ã‚’先頭ã‹ã‚‰ã®ã‚¤ãƒ³ãƒ‡ã‚¯ã‚¹å€¤ã¨ã—ã¦ä¿æŒã—ã¦ã„る。
+ \param key デコードã•ã‚ŒãŸç§˜å¯†éµãŒæ ¼ç´ã•ã‚Œã‚‹åˆæœŸåŒ–済ã¿ã®ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inSz 秘密éµã‚’å«ã‚“ã§ã„る入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ int ret, idx=0;
+ ecc_key key; // to store key in
+
+ byte* tmp; // tmp buffer to read key from
+ tmp = (byte*) malloc(FOURK_BUF);
+
+ int inSz;
+ inSz = fread(tmp, 1, FOURK_BUF, privateKeyFile);
+ // read key into tmp buffer
+
+ wc_ecc_init(&key); // initialize key
+ ret = wc_EccPrivateKeyDecode(tmp, &idx, &key, (word32)inSz);
+ if(ret < 0) {
+ // error decoding ecc key
+ }
+ \endcode
+
+ \sa wc_RSA_PrivateKeyDecode
+*/
+int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx,
+ ecc_key* key, word32 inSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ECC秘密éµã‚’DERå½¢å¼ã§ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã¾ã™ã€‚
+
+ \return ECC秘密éµã‚’DERå½¢å¼ã§ã®å‡ºåŠ›ã«æˆåŠŸã—ãŸå ´åˆã«ã¯ãƒãƒƒãƒ•ã‚¡ã¸å‡ºåŠ›ã—ãŸã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG 出力ãƒãƒƒãƒ•ã‚¡outputãŒNULLã‚ã‚‹ã„ã¯inLenãŒã‚¼ãƒ­ã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return MEMORY_E メモリã®ç¢ºä¿ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E 出力ãƒãƒƒãƒ•ã‚¡ãŒå¿…è¦é‡ã‚ˆã‚Šå°ã•ã„
+ \return ASN_UNKNOWN_OID_E ECC秘密éµãŒæœªçŸ¥ã®ã‚¿ã‚¤ãƒ—ã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return MP_MEM 秘密éµã®è§£æžã§ä½¿ç”¨ã•ã‚Œã‚‹æ•°å­¦ãƒ©ã‚¤ãƒ–ラリãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MP_VAL 秘密éµã®è§£æžã§ä½¿ç”¨ã•ã‚Œã‚‹æ•°å­¦ãƒ©ã‚¤ãƒ–ラリãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MP_RANGE 秘密éµã®è§£æžã§ä½¿ç”¨ã•ã‚Œã‚‹æ•°å­¦ãƒ©ã‚¤ãƒ–ラリãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param key 入力ã¨ãªã‚‹ECC秘密éµãƒ‡ãƒ¼ã‚¿ã‚’å«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param output DERå½¢å¼ã®ECC秘密éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inLen DERå½¢å¼ã®ECC秘密éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ int derSz;
+ ecc_key key;
+ // initialize and make key
+ byte der[FOURK_BUF];
+ // store der formatted key here
+
+ derSz = wc_EccKeyToDer(&key, der, FOURK_BUF);
+ if(derSz < 0) {
+ // error converting ecc key to der buffer
+ }
+ \endcode
+
+ \sa wc_RsaKeyToDer
+*/
+int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã®ECC公開éµã‚’ASNシーケンスをデコードã—ã¦å–り出ã—ã¾ã™ã€‚
+
+ \return 0 処ç†æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG Returns ã„ãšã‚Œã‹ã®å¼•æ•°ãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return ASN_PARSE_E 解æžä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return ASN_ECC_KEY_E éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã—ã¾ã™ã€‚
+ 発生ç†ç”±ã«ã¤ã„ã¦ã¯wc_ecc_import_x963()ã‚’å‚ç…§ã®ã“ã¨ã€‚
+
+ \param input DERå½¢å¼ã®å…¬é–‹éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inOutIdx ãƒãƒƒãƒ•ã‚¡ã®èª­ã¿å‡ºã—ä½ç½®ã‚¤ãƒ³ãƒ‡ã‚¯ã‚¹å€¤ã‚’ä¿æŒã—ã¦ã„る変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿(入力時)。
+ 出力時ã«ã¯ã“ã®å¤‰æ•°ã«è§£æžæ¸ˆã¿ã®ãƒãƒƒãƒ•ã‚¡ã®ã‚¤ãƒ³ãƒ‡ã‚¯ã‚¹å€¤ãŒæ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ \param key ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inSz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ int ret;
+ word32 idx = 0;
+ byte buff[] = { // initialize with key };
+ ecc_key pubKey;
+ wc_ecc_init(&pubKey);
+ if ( wc_EccPublicKeyDecode(buff, &idx, &pubKey, sizeof(buff)) != 0) {
+ // error decoding key
+ }
+ \endcode
+
+ \sa wc_ecc_import_x963
+*/
+int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
+ ecc_key* key, word32 inSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ECC公開éµã‚’DERå½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚
+ 処ç†ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚変æ›ã—ã¦å¾—られるDERå½¢å¼ã®ECC公開éµã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ AlgCurveフラグã®æŒ‡å®šã«ã‚ˆã‚Šã€ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¨æ›²ç·šæƒ…報をヘッダーã«å«ã‚ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯å‡¦ç†ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG 出力ãƒãƒƒãƒ•ã‚¡outputã‚ã‚‹ã„ã¯ecc_key構造体keyãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return LENGTH_ONLY_E ECC公開éµã®ã‚µã‚¤ã‚ºå–å¾—ã«å¤±æ•—ã—ãŸå ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return BUFFER_E 出力ãƒãƒƒãƒ•ã‚¡ãŒå¿…è¦é‡ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã—ã¾ã™ã€‚
+
+ \param key ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param output 出力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inLen 出力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param with_AlgCurve アルゴリズムã¨æ›²ç·šæƒ…報をヘッダーã«å«ã‚ã‚‹éš›ã«ã¯ï¼‘を指定
+
+ _Example_
+ \code
+ ecc_key key;
+ wc_ecc_init(&key);
+ WC_RNG rng;
+ wc_InitRng(&rng);
+ wc_ecc_make_key(&rng, 32, &key);
+ int derSz = // Some appropriate size for der;
+ byte der[derSz];
+
+ if(wc_EccPublicKeyToDer(&key, der, derSz, 1) < 0)
+ {
+ // Error converting ECC public key to der
+ }
+ \endcode
+
+ \sa wc_EccKeyToDer
+ \sa wc_EccPrivateKeyDecode
+*/
+int wc_EccPublicKeyToDer(ecc_key* key, byte* output,
+ word32 inLen, int with_AlgCurve);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ECC公開éµã‚’DERå½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚
+ 処ç†ã—ãŸãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚変æ›ã•ã‚ŒãŸDERå½¢å¼ã®ECC公開éµã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ AlgCurveフラグã®æŒ‡å®šã«ã‚ˆã‚Šã€ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¨æ›²ç·šæƒ…報をヘッダーã«å«ã‚ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ compパラメータã¯å…¬é–‹éµã‚’圧縮ã—ã¦å‡ºåŠ›ã™ã‚‹ã‹å¦ã‹ã‚’指定ã—ã¾ã™ã€‚
+
+ \return >0 æˆåŠŸæ™‚ã«ã¯å‡¦ç†ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG 出力ãƒãƒƒãƒ•ã‚¡outputã‚ã‚‹ã„ã¯ecc_key構造体keyãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return LENGTH_ONLY_E ECC公開éµã®ã‚µã‚¤ã‚ºå–å¾—ã«å¤±æ•—ã—ãŸå ´åˆã«è¿”ã—ã¾ã™ã€‚
+ \return BUFFER_E 出力ãƒãƒƒãƒ•ã‚¡ãŒå¿…è¦é‡ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã—ã¾ã™ã€‚
+
+ \param key ecc_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param output 出力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inLen 出力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param with_AlgCurve アルゴリズムã¨æ›²ç·šæƒ…報をヘッダーã«å«ã‚ã‚‹éš›ã«ã¯ï¼‘を指定
+ \param comp éžã‚¼ãƒ­å€¤ã®æŒ‡å®šæ™‚ã«ã¯ECC公開éµã¯åœ§ç¸®å½¢å¼ã§å‡ºåŠ›ã•ã‚Œã¾ã™ã€‚ゼロãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã«ã¯éžåœ§ç¸®ã§å‡ºåŠ›ã•ã‚Œã¾ã™ã€‚
+
+ _Example_
+ \code
+ ecc_key key;
+ wc_ecc_init(&key);
+ WC_RNG rng;
+ wc_InitRng(&rng);
+ wc_ecc_make_key(&rng, 32, &key);
+ int derSz = // Some appropriate size for der;
+ byte der[derSz];
+
+ // Write out a compressed ECC key
+ if(wc_EccPublicKeyToDer_ex(&key, der, derSz, 1, 1) < 0)
+ {
+ // Error converting ECC public key to der
+ }
+ \endcode
+
+ \sa wc_EccKeyToDer
+ \sa wc_EccPublicKeyDecode
+*/
+int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output,
+ word32 inLen, int with_AlgCurve, int comp);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ãƒ‡ã‚¸ã‚¿ãƒ«ç½²åをエンコードã—ã¦å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã€ç”Ÿæˆã•ã‚ŒãŸç½²åã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯ç½²åを出力ãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã—ã€å‡ºåŠ›ã—ãŸã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param out エンコードã—ãŸç½²åデータを出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param digest ç½²åデータã®ã‚¨ãƒ³ã‚³ãƒ¼ãƒ‰ã«ä½¿ç”¨ã™ã‚‹ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param digSz ダイジェストをå«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param hashOID ãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—を示ã™ã‚ªãƒ–ジェクトID。有効ãªå€¤ã¯: SHAh, SHA256h, SHA384h, SHA512h, MD2h, MD5h, DESb, DES3b, CTC_MD5wRSA,
+ CTC_SHAwRSA, CTC_SHA256wRSA, CTC_SHA384wRSA, CTC_SHA512wRSA, CTC_SHAwECDSA, CTC_SHA256wECDSA, CTC_SHA384wECDSA, 㨠CTC_SHA512wECDSA。
+
+ \endcode
+ \code
+ int signSz;
+ byte encodedSig[MAX_ENCODED_SIG_SZ];
+ Sha256 sha256;
+ // initialize sha256 for hashing
+
+ byte* dig = = (byte*)malloc(WC_SHA256_DIGEST_SIZE);
+ // perform hashing and hash updating so dig stores SHA-256 hash
+ // (see wc_InitSha256, wc_Sha256Update and wc_Sha256Final)
+ signSz = wc_EncodeSignature(encodedSig, dig, WC_SHA256_DIGEST_SIZE, SHA256h);
+ \endcode
+
+ \sa none
+*/
+word32 wc_EncodeSignature(byte* out, const byte* digest,
+ word32 digSz, int hashOID);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ã«å¯¾å¿œã—ãŸãƒãƒƒã‚·ãƒ¥OIDã‚’è¿”ã—ã¾ã™ã€‚
+ 例ãˆã°ã€ãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ãŒ"WC_SHA512"ã®å ´åˆã€ã“ã®é–¢æ•°ã¯"SHA512h"を対応ã™ã‚‹ãƒãƒƒã‚·ãƒ¥OIDã¨ã—ã¦è¿”ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯æŒ‡å®šã•ã‚ŒãŸãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ã¨å¯¾å¿œã™ã‚‹ãƒãƒƒã‚·ãƒ¥OIDã‚’è¿”ã—ã¾ã™ã€‚
+ \return 0 èªè­˜ã§ããªã„ãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ãŒå¼•æ•°ã¨ã—ã¦æŒ‡å®šã•ã‚ŒãŸå ´åˆã«è¿”ã—ã¾ã™ã€‚
+
+ \param type ãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—。指定å¯èƒ½ãªã‚¿ã‚¤ãƒ—: WC_MD5, WC_SHA, WC_SHA256, WC_SHA384, WC_SHA512, WC_SHA3_224, WC_SHA3_256, WC_SHA3_384, WC_SHA3_512
+
+ _Example_
+ \code
+ int hashOID;
+
+ hashOID = wc_GetCTC_HashOID(WC_SHA512);
+ if (hashOID == 0) {
+ // WOLFSSL_SHA512 not defined
+ }
+ \endcode
+
+ \sa none
+*/
+int wc_GetCTC_HashOID(int type);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ãŸCert構造体ã§ä½¿ç”¨ã•ã‚ŒãŸãƒ¡ãƒ¢ãƒªã¨ãƒªã‚½ãƒ¼ã‚¹ã‚’クリーンアップã—ã¾ã™ã€‚
+ WOLFSSL_CERT_GEN_CACHEãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã¯DecodedCert構造体ãŒCert構造体内部ã«ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã•ã‚Œã€å¾Œç¶šã™ã‚‹set系関数ã®å‘¼ã³å‡ºã—ã®éƒ½åº¦DecodedCert構造体ãŒãƒ‘ースã•ã‚Œã‚‹ã“ã¨ã‚’防ãŽã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数ã¨ã—ã¦ç„¡åŠ¹ãªå€¤ãŒæ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cert 未åˆæœŸåŒ–ã®Cert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Cert cert; // Initialized certificate structure
+
+ wc_SetCert_Free(&cert);
+ \endcode
+
+ \sa wc_SetAuthKeyIdFromCert
+ \sa wc_SetIssuerBuffer
+ \sa wc_SetSubjectBuffer
+ \sa wc_SetSubjectRaw
+ \sa wc_SetIssuerRaw
+ \sa wc_SetAltNamesBuffer
+ \sa wc_SetDatesBuffer
+*/
+void wc_SetCert_Free(Cert* cert);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯PKCS#8ã®æš—å·åŒ–ã•ã‚Œã¦ã„ãªã„ãƒãƒƒãƒ•ã‚¡å†…部ã®å¾“æ¥ã®ç§˜å¯†éµã®é–‹å§‹ä½ç½®ã‚’検出ã—ã¦è¿”ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯å¾“æ¥ã®ç§˜å¯†éµã®é•·ã•ã‚’è¿”ã—ã¾ã™ã€‚
+ \return エラー時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param input PKCS#8ã®æš—å·åŒ–ã•ã‚Œã¦ã„ãªã„秘密éµã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inOutIdx ãƒãƒƒãƒ•ã‚¡ã®ã‚¤ãƒ³ãƒ‡ã‚¯ã‚¹ä½ç½®ã‚’ä¿æŒã™ã‚‹å¤‰æ•°ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚入力時ã«ã¯ã“ã®å¤‰æ•°ã®å†…容ã¯ãƒãƒƒãƒ•ã‚¡å†…部ã®PKCS#8ã®é–‹å§‹ä½ç½®ã‚’示ã—ã¾ã™ã€‚出力時ã«ã¯ã€ç§˜å¯†éµã®å…ˆé ­ä½ç½®ã‚’ä¿æŒã—ã¾ã™ã€‚
+ \param sz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ _Example_
+ \code
+ byte* pkcs8Buf; // Buffer containing PKCS#8 key.
+ word32 idx = 0;
+ word32 sz; // Size of pkcs8Buf.
+ ...
+ ret = wc_GetPkcs8TraditionalOffset(pkcs8Buf, &idx, sz);
+ // pkcs8Buf + idx is now the beginning of the traditional private key bytes.
+ \endcode
+
+ \sa wc_CreatePKCS8Key
+ \sa wc_EncryptPKCS8Key
+ \sa wc_DecryptPKCS8Key
+ \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_GetPkcs8TraditionalOffset(byte* input,
+ word32* inOutIdx, word32 sz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã®ç§˜å¯†éµã‚’入力ã¨ã—ã€RKCS#8å½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚
+ ã¾ãŸã€PKCS#12ã®ã‚·ãƒ¥ãƒ­â€•ãƒ‡ã‚£ãƒƒãƒˆã‚­ãƒ¼ãƒãƒƒã‚°ã®ä½œæˆã«ã‚‚使用ã§ãã¾ã™ã€‚RFC5208ã‚’å‚ç…§ã®ã“ã¨ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯å‡ºåŠ›ã•ã‚ŒãŸPKCS#8 éµã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return LENGTH_ONLY_E 出力先ãƒãƒƒãƒ•ã‚¡outãŒNULLã¨ã—ã¦æ¸¡ã•ã‚ŒãŸå ´åˆã«ã¯ã“ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã€outSzã«å¿…è¦ãªå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒæ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ \return エラー時ã«ã¯è² ã®æ•´æ•°å€¤ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param out çµæžœã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚NULLã®å ´åˆã«ã¯å¿…è¦ãªå‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒoutSzã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ \param outSz 出力先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param key 従æ¥ã®DERå½¢å¼ã®ç§˜å¯†éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz 秘密éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param algoID アルゴリズムID (RSAkç­‰ã®)
+ \param curveOID ECC曲線OID。RSAéµã‚’使用ã™ã‚‹å ´åˆã«ã¯NULLã«ã™ã‚‹ã“ã¨ã€‚
+ \param oidSz ECC曲線OIDã®ã‚µã‚¤ã‚ºã€‚curveOIDãŒNULLã®å ´åˆã«ã¯0ã«ã™ã‚‹ã“ã¨ã€‚
+
+ _Example_
+ \code
+ ecc_key eccKey; // wolfSSL ECC key object.
+ byte* der; // DER-encoded ECC key.
+ word32 derSize; // Size of der.
+ const byte* curveOid = NULL; // OID of curve used by eccKey.
+ word32 curveOidSz = 0; // Size of curve OID.
+ byte* pkcs8; // Output buffer for PKCS#8 key.
+ word32 pkcs8Sz; // Size of output buffer.
+
+ derSize = wc_EccKeyDerSize(&eccKey, 1);
+ ...
+ derSize = wc_EccKeyToDer(&eccKey, der, derSize);
+ ...
+ ret = wc_ecc_get_oid(eccKey.dp->oidSum, &curveOid, &curveOidSz);
+ ...
+ ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, der,
+ derSize, ECDSAk, curveOid, curveOidSz); // Get size needed in pkcs8Sz.
+ ...
+ ret = wc_CreatePKCS8Key(pkcs8, &pkcs8Sz, der,
+ derSize, ECDSAk, curveOid, curveOidSz);
+ \endcode
+
+ \sa wc_GetPkcs8TraditionalOffset
+ \sa wc_EncryptPKCS8Key
+ \sa wc_DecryptPKCS8Key
+ \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_CreatePKCS8Key(byte* out, word32* outSz,
+ byte* key, word32 keySz, int algoID, const byte* curveOID,
+ word32 oidSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯æš—å·åŒ–ã•ã‚Œã¦ã„ãªã„PKCS#8ã®DERå½¢å¼ã®éµ(例ãˆã°wc_CreatePKCS8Keyã§ç”Ÿæˆã•ã‚ŒãŸéµ)ã‚’å—ã‘å–ã‚Šã€PKCS#8 æš—å·åŒ–å½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚
+ çµæžœã¨ã—ã¦å¾—られãŸæš—å·åŒ–éµã¯wc_DecryptPKCS8Keyを使ã£ã¦å¾©å·ã§ãã¾ã™ã€‚RFC5208ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
+ \return æˆåŠŸæ™‚ã«ã¯å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã«å‡ºåŠ›ã•ã‚ŒãŸæš—å·åŒ–éµã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return LENGTH_ONLY_E 出力先ãƒãƒƒãƒ•ã‚¡outãŒNULLã¨ã—ã¦æ¸¡ã•ã‚ŒãŸå ´åˆã«ã¯ã“ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã€outSzã«å¿…è¦ãªå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒæ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ \return エラー時ã«ã¯è² ã®æ•´æ•°å€¤ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param key 従æ¥ã®DERå½¢å¼ã®éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param out 出力çµæžœã‚’æ ¼ç´ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚NULLã®å ´åˆã«ã¯å¿…è¦ãªå‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒoutSzã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ \param outSz 出力先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param password パスワードベース暗å·åŒ–アルゴリズムã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒ‘スワード
+ \param passwordSz パスワードã®ã‚µã‚¤ã‚º(NULL終端文字ã¯å«ã¾ãªã„)
+ \param vPKCS 使用ã™ã‚‹PKCSã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ç•ªå·ã€‚1 ã¯PKCS12 ã‹PKCS5。
+ \param pbeOid パスワードベース暗å·åŒ–スキームã®OID(PBES2 ã‚ã‚‹ã„ã¯RFC2898 A.3ã«ã‚ã‚‹OIDã®ä¸€ã¤)
+ \param encAlgId æš—å·åŒ–アルゴリズムID(例ãˆã°AES256CBCb)。
+ \param salt ソルト。NULLã®å ´åˆã¯ãƒ©ãƒ³ãƒ€ãƒ ã«é¸å®šã—ãŸã‚½ãƒ«ãƒˆãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \param saltSz ソルトサイズ。saltã«NULLを渡ã—ãŸå ´åˆã«ã¯0を指定ã§ãã¾ã™ã€‚
+ \param itt éµå°Žå‡ºã®ãŸã‚ã®ç¹°ã‚Šè¿”ã—回数
+ \param rng åˆæœŸåŒ–済ã¿ã®WC_RNG構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param heap 動的メモリ確ä¿ã®ãŸã‚ã®ãƒ’ープ。NULL指定もå¯ã€‚
+
+ _Example_
+ \code
+ byte* pkcs8; // Unencrypted PKCS#8 key.
+ word32 pkcs8Sz; // Size of pkcs8.
+ byte* pkcs8Enc; // Encrypted PKCS#8 key.
+ word32 pkcs8EncSz; // Size of pkcs8Enc.
+ const char* password; // Password to use for encryption.
+ int passwordSz; // Length of password (not including NULL terminator).
+ WC_RNG rng;
+
+ // The following produces an encrypted version of pkcs8 in pkcs8Enc. The
+ // encryption uses password-based encryption scheme 2 (PBE2) from PKCS#5 and
+ // the AES cipher in CBC mode with a 256-bit key. See RFC 8018 for more on
+ // PKCS#5.
+ ret = wc_EncryptPKCS8Key(pkcs8, pkcs8Sz, pkcs8Enc, &pkcs8EncSz, password,
+ passwordSz, PKCS5, PBES2, AES256CBCb, NULL, 0,
+ WC_PKCS12_ITT_DEFAULT, &rng, NULL);
+ \endcode
+
+ \sa wc_GetPkcs8TraditionalOffset
+ \sa wc_CreatePKCS8Key
+ \sa wc_DecryptPKCS8Key
+ \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out,
+ word32* outSz, const char* password, int passwordSz, int vPKCS,
+ int pbeOid, int encAlgId, byte* salt, word32 saltSz, int itt,
+ WC_RNG* rng, void* heap);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯æš—å·åŒ–ã•ã‚ŒãŸPKCS#8ã®DERå½¢å¼ã®éµã‚’å—ã‘å–ã‚Šã€å¾©å·ã—ã¦PKCS#8 DERå½¢å¼ã«å¤‰æ›ã—ã¾ã™ã€‚
+ wc_EncryptPKCS8Keyã«ã‚ˆã£ã¦è¡Œã‚ã‚ŒãŸæš—å·åŒ–ã‚’å…ƒã«æˆ»ã—ã¾ã™ã€‚RFC5208ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+ 入力データã¯å¾©å·ãƒ‡ãƒ¼ã‚¿ã«ã‚ˆã£ã¦ä¸Šæ›¸ãã•ã‚Œã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯å¾©å·ãƒ‡ãƒ¼ã‚¿ã®é•·ã•ã‚’è¿”ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param input 入力時ã«ã¯æš—å·åŒ–ã•ã‚ŒãŸPKCS#8éµãƒ‡ãƒ¼ã‚¿ã‚’å«ã¿ã¾ã™ã€‚出力時ã«ã¯å¾©å·ã•ã‚ŒãŸPKCS#8éµãƒ‡ãƒ¼ã‚¿ã‚’å«ã¿ã¾ã™ã€‚
+ \param sz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param password éµã‚’æš—å·åŒ–ã™ã‚‹éš›ã®ãƒ‘スワード
+ \param passwordSz パスワードã®ã‚µã‚¤ã‚º(NULL終端文字ã¯å«ã¾ãªã„)
+
+ _Example_
+ \code
+ byte* pkcs8Enc; // Encrypted PKCS#8 key made with wc_EncryptPKCS8Key.
+ word32 pkcs8EncSz; // Size of pkcs8Enc.
+ const char* password; // Password to use for decryption.
+ int passwordSz; // Length of password (not including NULL terminator).
+
+ ret = wc_DecryptPKCS8Key(pkcs8Enc, pkcs8EncSz, password, passwordSz);
+ \endcode
+
+ \sa wc_GetPkcs8TraditionalOffset
+ \sa wc_CreatePKCS8Key
+ \sa wc_EncryptPKCS8Key
+ \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_DecryptPKCS8Key(byte* input, word32 sz, const char* password,
+ int passwordSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯å¾“æ¥ã®DERå½¢å¼ã®éµã‚’PKCS#8フォーマットã«å¤‰æ›ã—ã€æš—å·åŒ–ã‚’è¡Œã„ã¾ã™ã€‚
+ ã“ã®å‡¦ç†ã«ã¯wc_CreatePKCS8Keyã¨wc_EncryptPKCS8Keyを使用ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯å‡ºåŠ›ã—ãŸæš—å·åŒ–éµã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \return LENGTH_ONLY_E ã‚‚ã—出力用ãƒãƒƒãƒ•ã‚¡outã«NULLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãã®éš›ã«ã¯outSz変数ã«å¿…è¦ãªå‡ºåŠ›ç”¨ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param key 従æ¥ã®DERå½¢å¼ã®éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param out çµæžœã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚NULLãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã«ã¯ã€å¿…è¦ãªãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒoutSzã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ \param outSz çµæžœã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param password パスワードベース暗å·ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒ‘スワード
+ \param passwordSz パスワードã®ã‚µã‚¤ã‚º(NULL終端文字ã¯å«ã¾ãªã„)
+ \param vPKCS 使用ã™ã‚‹PKCSã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ç•ªå·ã€‚1 ã¯PKCS12 ã‹PKCS5。
+ \param pbeOid パスワードベース暗å·åŒ–スキームã®OID(PBES2 ã‚ã‚‹ã„ã¯RFC2898 A.3ã«ã‚ã‚‹OIDã®ä¸€ã¤)
+ \param encAlgId æš—å·åŒ–アルゴリズムID(例ãˆã°AES256CBCb)。
+ \param salt ソルト。NULLã®å ´åˆã¯ãƒ©ãƒ³ãƒ€ãƒ ã«é¸å®šã—ãŸã‚½ãƒ«ãƒˆãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \param saltSz ソルトサイズ。saltã«NULLを渡ã—ãŸå ´åˆã«ã¯0を指定ã§ãã¾ã™ã€‚
+ \param itt éµå°Žå‡ºã®ãŸã‚ã®ç¹°ã‚Šè¿”ã—回数
+ \param rng åˆæœŸåŒ–済ã¿ã®WC_RNG構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param heap 動的メモリ確ä¿ã®ãŸã‚ã®ãƒ’ープ。NULL指定もå¯ã€‚
+
+ _Example_
+ \code
+ byte* key; // Traditional private key (DER formatted).
+ word32 keySz; // Size of key.
+ byte* pkcs8Enc; // Encrypted PKCS#8 key.
+ word32 pkcs8EncSz; // Size of pkcs8Enc.
+ const char* password; // Password to use for encryption.
+ int passwordSz; // Length of password (not including NULL terminator).
+ WC_RNG rng;
+
+ // The following produces an encrypted, PKCS#8 version of key in pkcs8Enc.
+ // The encryption uses password-based encryption scheme 2 (PBE2) from PKCS#5
+ // and the AES cipher in CBC mode with a 256-bit key. See RFC 8018 for more
+ // on PKCS#5.
+ ret = wc_CreateEncryptedPKCS8Key(key, keySz, pkcs8Enc, &pkcs8EncSz,
+ password, passwordSz, PKCS5, PBES2, AES256CBCb, NULL, 0,
+ WC_PKCS12_ITT_DEFAULT, &rng, NULL);
+ \endcode
+
+ \sa wc_GetPkcs8TraditionalOffset
+ \sa wc_CreatePKCS8Key
+ \sa wc_EncryptPKCS8Key
+ \sa wc_DecryptPKCS8Key
+*/
+int wc_CreateEncryptedPKCS8Key(byte* key, word32 keySz, byte* out,
+ word32* outSz, const char* password, int passwordSz, int vPKCS,
+ int pbeOid, int encAlgId, byte* salt, word32 saltSz, int itt,
+ WC_RNG* rng, void* heap);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯cert引数ã§ä¸Žãˆã‚‰ã‚ŒãŸDecodedCert構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚
+ DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚“ã§ã„ã‚‹source引数ã®æŒ‡ã™ãƒã‚¤ãƒ³ã‚¿ã‹ã‚‰è¨¼æ˜Žæ›¸ã‚µã‚¤ã‚ºinSzã®é•·ã•ã‚’内部ã«ä¿å­˜ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã®å¾Œã«å‘¼ã³å‡ºã•ã‚Œã‚‹wc_ParseCertã«ã‚ˆã£ã¦è¨¼æ˜Žæ›¸ãŒè§£æžã•ã‚Œã¾ã™ã€‚
+
+ \param cert DecodedCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param source DERå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inSz 証明書データã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°ï¼‰
+ \param heap 動的メモリ確ä¿ã®ãŸã‚ã®ãƒ’ープ。NULL指定もå¯ã€‚
+
+ _Example_
+ \code
+ DecodedCert decodedCert; // Decoded certificate object.
+ byte* certBuf; // DER-encoded certificate buffer.
+ word32 certBufSz; // Size of certBuf in bytes.
+
+ wc_InitDecodedCert(&decodedCert, certBuf, certBufSz, NULL);
+ \endcode
+
+ \sa wc_ParseCert
+ \sa wc_FreeDecodedCert
+*/
+void wc_InitDecodedCert(struct DecodedCert* cert,
+ const byte* source, word32 inSz, void* heap);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DecodedCert構造体ã«ä¿å­˜ã•ã‚Œã¦ã„ã‚‹DERå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’解æžã—ã€ãã®æ§‹é€ ä½“ã«å„種フィールドを設定ã—ã¾ã™ã€‚
+ DecodedCert構造体ã¯wc_InitDecodedCertを呼ã³å‡ºã—ã¦åˆæœŸåŒ–ã—ã¦ãŠãå¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã‚ªãƒ—ションã§CertificateManager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’å—ã‘å–ã‚Šã€CAãŒè¨¼æ˜Žæ›¸ãƒžãƒã‚¸ãƒ£ãƒ¼ã§æ¤œç´¢ã§ããŸå ´åˆã«ã¯ã€
+ ãã®CAã«é–¢ã™ã‚‹æƒ…報もDecodedCert構造体ã«è¿½åŠ è¨­å®šã—ã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param cert åˆæœŸåŒ–済ã¿ã®DecodedCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param type 証明書タイプ。タイプã®è¨­å®šå€¤ã«ã¤ã„ã¦ã¯asn_public.hã®CertType enum定義をå‚ç…§ã—ã¦ãã ã•ã„。
+ \param verify 呼ã³å‡ºã—å´ãŒè¨¼æ˜Žæ›¸ã®æ¤œè¨¼ã‚’求ã‚ã¦ã„ã‚‹ã“ã¨ã‚’指示ã™ãƒ•ãƒ©ã‚°ã§ã™ã€‚
+ \param cm CertificateManager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚オプションã§æŒ‡å®šå¯ã€‚NULLã§ã‚‚å¯ã€‚
+
+ _Example_
+ \code
+ int ret;
+ DecodedCert decodedCert; // Decoded certificate object.
+ byte* certBuf; // DER-encoded certificate buffer.
+ word32 certBufSz; // Size of certBuf in bytes.
+
+ wc_InitDecodedCert(&decodedCert, certBuf, certBufSz, NULL);
+ ret = wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL);
+ if (ret != 0) {
+ fprintf(stderr, "wc_ParseCert failed.\n");
+ }
+ \endcode
+
+ \sa wc_InitDecodedCert
+ \sa wc_FreeDecodedCert
+*/
+int wc_ParseCert(DecodedCert* cert, int type, int verify, void* cm);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯wc_InitDecodedCertã§åˆæœŸåŒ–済ã¿ã®DecodedCert構造体を解放ã—ã¾ã™ã€‚
+
+ \param cert åˆæœŸåŒ–済ã¿ã®DecodedCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ _Example_
+ \code
+ int ret;
+ DecodedCert decodedCert; // Decoded certificate object.
+ byte* certBuf; // DER-encoded certificate buffer.
+ word32 certBufSz; // Size of certBuf in bytes.
+
+ wc_InitDecodedCert(&decodedCert, certBuf, certBufSz, NULL);
+ ret = wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL);
+ if (ret != 0) {
+ fprintf(stderr, "wc_ParseCert failed.\n");
+ }
+ wc_FreeDecodedCert(&decodedCert);
+ \endcode
+
+ \sa wc_InitDecodedCert
+ \sa wc_ParseCert
+*/
+void wc_FreeDecodedCert(struct DecodedCert* cert);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ã‚¿ã‚¤ãƒ ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’登録ã—ã¾ã™ã€‚wolfSSLãŒç¾åœ¨æ™‚刻を必è¦ã¨ã—ãŸã‚¿ã‚¤ãƒŸãƒ³ã‚°ã§ã“ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’呼ã³å‡ºã—ã¾ã™ã€‚
+ ã“ã®ã‚¿ã‚¤ãƒ ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã®ãƒ—ロトタイプ(シグãƒãƒãƒ£ï¼‰ã¯C標準ライブラリã®"time"関数ã¨åŒä¸€ã§ã™ã€‚
+
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+
+ \param f タイムコールãƒãƒƒã‚¯é–¢æ•°ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ int ret = 0;
+ // Time callback prototype
+ time_t my_time_cb(time_t* t);
+ // Register it
+ ret = wc_SetTimeCb(my_time_cb);
+ if (ret != 0) {
+ // failed to set time callback
+ }
+ time_t my_time_cb(time_t* t)
+ {
+ // custom time function
+ }
+ \endcode
+
+ \sa wc_Time
+*/
+int wc_SetTimeCb(wc_time_cb f);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯ç¾åœ¨æ™‚刻をå–å¾—ã—ã¾ã™ã€‚デフォルトã§XTIMEマクロ関数を使ã„ã¾ã™ã€‚ã“ã®ãƒžã‚¯ãƒ­é–¢æ•°ã¯ãƒ—ラットフォームä¾å­˜ã§ã™ã€‚
+ ユーザーã¯ã“ã®ãƒžã‚¯ãƒ­ã®ä»£ã‚ã‚Šã«wc_SetTimeCbã§ã‚¿ã‚¤ãƒ ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’使ã†ã‚ˆã†ã«è¨­å®šã™ã‚‹ã“ã¨ãŒã§ãã¾ã™
+
+ \return æˆåŠŸæ™‚ã«ã¯ç¾åœ¨æ™‚刻を返ã—ã¾ã™ã€‚
+
+ \param t ç¾åœ¨æ™‚刻を返å´ã™ã‚‹ã‚ªãƒ—ションã®time_t型変数。
+
+ _Example_
+ \code
+ time_t currentTime = 0;
+ currentTime = wc_Time(NULL);
+ wc_Time(&currentTime);
+ \endcode
+
+ \sa wc_SetTimeCb
+*/
+time_t wc_Time(time_t* t);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯X.509証明書ã«ã‚«ã‚¹ã‚¿ãƒ æ‹¡å¼µã‚’追加ã—ã¾ã™ã€‚
+ 注: ã“ã®é–¢æ•°ã«æ¸¡ã™ãƒã‚¤ãƒ³ã‚¿å¼•æ•°ãŒä¿æŒã™ã‚‹å†…容ã¯è¨¼æ˜Žæ›¸ãŒç”Ÿæˆã•ã‚Œã‚‹ã¾ã§å¤‰æ›´ã•ã‚Œã¦ã¯ã„ã‘ã¾ã›ã‚“。
+ ã“ã®é–¢æ•°ã§ã¯ãƒã‚¤ãƒ³ã‚¿ãŒæŒ‡ã™å…ˆã®å†…容ã¯åˆ¥ã®ãƒãƒƒãƒ•ã‚¡ã«ã¯è¤‡è£½ã—ã¾ã›ã‚“。
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param cert åˆæœŸåŒ–済ã¿ã®DecodedCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param critical 0ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã«ã¯è¿½åŠ ã™ã‚‹æ‹¡å¼µã¯ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ã¨ã¯ãƒžãƒ¼ã‚¯ã•ã‚Œã¾ã›ã‚“。
+ 0以外ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã«ã¯ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ã¨ãƒžãƒ¼ã‚¯ã•ã‚Œã¾ã™ã€‚
+ \param oid ドット区切りã®oid文字列。例ãˆã°ã€"1.2.840.10045.3.1.7"
+ \param der 拡張情報ã®DERエンコードã•ã‚ŒãŸå†…容をå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param derSz DERエンコードã•ã‚ŒãŸå†…容をå«ã‚€ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+
+ _Example_
+ \code
+ int ret = 0;
+ Cert newCert;
+ wc_InitCert(&newCert);
+
+ // Code to setup subject, public key, issuer, and other things goes here.
+
+ ret = wc_SetCustomExtension(&newCert, 1, "1.2.3.4.5",
+ (const byte *)"This is a critical extension", 28);
+ if (ret < 0) {
+ // Failed to set the extension.
+ }
+
+ ret = wc_SetCustomExtension(&newCert, 0, "1.2.3.4.6",
+ (const byte *)"This is NOT a critical extension", 32)
+ if (ret < 0) {
+ // Failed to set the extension.
+ }
+
+ // Code to sign the certificate and then write it out goes here.
+
+ \endcode
+
+ \sa wc_InitCert
+ \sa wc_SetUnknownExtCallback
+*/
+int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
+ const byte *der, word32 derSz);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯wolfSSLãŒè¨¼æ˜Žæ›¸ã®è§£æžä¸­ã«æœªçŸ¥ã®X.509æ‹¡å¼µã«é­é‡ã—ãŸéš›ã«å‘¼ã³å‡ºã™ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’登録ã—ã¾ã™ã€‚
+ コールãƒãƒƒã‚¯é–¢æ•°ã®ãƒ—ロトタイプã¯ä½¿ç”¨ä¾‹ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param cert コールãƒãƒƒã‚¯é–¢æ•°ã‚’登録ã™ã‚‹å¯¾è±¡ã®DecodedCert構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cb 登録ã•ã‚Œã‚‹ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ int ret = 0;
+ // Unknown extension callback prototype
+ int myUnknownExtCallback(const word16* oid, word32 oidSz, int crit,
+ const unsigned char* der, word32 derSz);
+
+ // Register it
+ ret = wc_SetUnknownExtCallback(cert, myUnknownExtCallback);
+ if (ret != 0) {
+ // failed to set the callback
+ }
+
+ // oid: OIDを構æˆã™ã‚‹ãƒ‰ãƒƒãƒˆåŒºåˆ‡ã‚Šã®æ•°ã‚’æ ¼ç´ã—ãŸé…列
+ // oidSz: oid内ã®å€¤ã®æ•°
+ // crit: æ‹¡å¼µãŒã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ã¨ãƒžãƒ¼ã‚¯ã•ã‚Œã¦ã„ã‚‹ã‹
+ // der: DERエンコードã•ã‚Œã¦ã„ã‚‹æ‹¡å¼µã®å†…容
+ // derSz: æ‹¡å¼µã®å†…容ã®ã‚µã‚¤ã‚º
+ int myCustomExtCallback(const word16* oid, word32 oidSz, int crit,
+ const unsigned char* der, word32 derSz) {
+
+ // 拡張を解æžã™ã‚‹ãƒ­ã‚¸ãƒƒã‚¯ã¯ã“ã“ã«è¨˜è¿°ã—ã¾ã™
+
+ // NOTE: コールãƒãƒƒã‚¯é–¢æ•°ã‹ã‚‰0ã‚’è¿”ã™ã¨wolfSSLã«å¯¾ã—ã¦ã“ã®æ‹¡å¼µã‚’å—ã‘入れå¯èƒ½ã¨
+ // 表明ã™ã‚‹ã“ã¨ã«ãªã‚Šã¾ã™ã€‚ã“ã®æ‹¡å¼µã‚’処ç†ã§ãã‚‹ã¨åˆ¤æ–­ã§ããªã„å ´åˆã«ã¯ã‚¨ãƒ©ãƒ¼ã‚’
+ // è¿”ã—ã¦ãã ã•ã„。クリティカルã¨ãƒžãƒ¼ã‚¯ã•ã‚Œã¦ã„る未知ã®æ‹¡å¼µã«é­é‡ã—ãŸéš›ã®æ¨™æº–çš„
+ // ãªæŒ¯ã‚‹èˆžã„ã¯ASN_CRIT_EXT_Eã‚’è¿”ã™ã“ã¨ã§ã™ã€‚
+ // ç°¡æ½”ã«ã™ã‚‹ãŸã‚ã«ã“ã®ä¾‹ã§ã¯ã™ã¹ã¦ã®æ‹¡å¼µæƒ…報をå—ã‘入れå¯ã¨ã—ã¦ã„ã¾ã™ãŒã€å®Ÿéš›ã«ã¯å®Ÿæƒ…ã«æ²¿ã†ã‚ˆã†ã«ãƒ­ã‚¸ãƒƒã‚¯ã‚’追加ã—ã¦ãã ã•ã„。
+
+ return 0;
+ }
+ \endcode
+
+ \sa ParseCert
+ \sa wc_SetCustomExtension
+*/
+int wc_SetUnknownExtCallback(DecodedCert* cert,
+ wc_UnknownExtCallback cb);
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯DERå½¢å¼ã®X.509 証明書ã®ç½²åを与ãˆã‚‰ã‚ŒãŸå…¬é–‹éµã‚’使ã£ã¦æ¤œè¨¼ã—ã¾ã™ã€‚
+ 公開éµã¯DERå½¢å¼ã§å…¨å…¬é–‹éµæƒ…報をå«ã‚“ã ã‚‚ã®ãŒæ±‚ã‚られã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return エラー発生時ã«ã¯è² ã®æ•´æ•°å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param cert DERå½¢å¼ã®X.509証明書をå«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param certSz 証明書をå«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param heap 動的メモリ確ä¿ã®ãŸã‚ã®ãƒ’ープ。NULL指定もå¯ã€‚
+ \param pubKey DERå½¢å¼ã®å…¬é–‹éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param pubKeySz 公開éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param pubKeyOID 公開éµã®ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã‚’特定ã™ã‚‹OID(ã™ãªã‚ã¡: ECDSAk, DSAk ã‚„ RSAk)
+*/
+int wc_CheckCertSigPubKey(const byte* cert, word32 certSz,
+ void* heap, const byte* pubKey,
+ word32 pubKeySz, int pubKeyOID);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯Asn1PrintOptions構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG asn1ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param opts プリントã®ãŸã‚ã®Asn1PrintOptions構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Asn1PrintOptions opt;
+
+ // Initialize ASN.1 print options before use.
+ wc_Asn1PrintOptions_Init(&opt);
+ \endcode
+
+ \sa wc_Asn1PrintOptions_Set
+ \sa wc_Asn1_PrintAll
+*/
+int wc_Asn1PrintOptions_Init(Asn1PrintOptions* opts);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯Asn1PrintOptions構造体ã«ãƒ—リント情報を設定ã—ã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG asn1ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG valãŒç¯„囲外ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param opts Asn1PrintOptions構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param opt 設定ã™ã‚‹æƒ…å ±ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param val 設定値
+
+ _Example_
+ \code
+ Asn1PrintOptions opt;
+
+ // Initialize ASN.1 print options before use.
+ wc_Asn1PrintOptions_Init(&opt);
+ // Set the number of indents when printing tag name to be 1.
+ wc_Asn1PrintOptions_Set(&opt, ASN1_PRINT_OPT_INDENT, 1);
+ \endcode
+
+ \sa wc_Asn1PrintOptions_Init
+ \sa wc_Asn1_PrintAll
+*/
+int wc_Asn1PrintOptions_Set(Asn1PrintOptions* opts, enum Asn1PrintOpt opt,
+ word32 val);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯Asn1構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG asn1ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param asn1 Asn1構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ Asn1 asn1;
+
+ // Initialize ASN.1 parse object before use.
+ wc_Asn1_Init(&asn1);
+ \endcode
+
+ \sa wc_Asn1_SetFile
+ \sa wc_Asn1_PrintAll
+ */
+int wc_Asn1_Init(Asn1* asn1);
+
+/*!
+ \ingroup ASN
+
+ \brief ã“ã®é–¢æ•°ã¯å‡ºåŠ›å…ˆã¨ã—ã¦ä½¿ç”¨ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ã‚’Asn1構造体ã«ã‚»ãƒƒãƒˆã—ã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG asn1ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG fileãŒXBADFILEã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚.
+
+ \param asn1 Asn1構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param file プリント先ã®ãƒ•ã‚¡ã‚¤ãƒ«
+
+ _Example_
+ \code
+ Asn1 asn1;
+
+ // Initialize ASN.1 parse object before use.
+ wc_Asn1_Init(&asn1);
+ // Set standard out to be the file descriptor to write to.
+ wc_Asn1_SetFile(&asn1, stdout);
+ \endcode
+
+ \sa wc_Asn1_Init
+ \sa wc_Asn1_PrintAll
+ */
+int wc_Asn1_SetFile(Asn1* asn1, XFILE file);
+
+/*!
+ \ingroup ASN
+
+ \brief ASN.1アイテムをプリントã—ã¾ã™ã€‚
+
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG asn1ã‹optsãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_LEN_E ASN.1アイテムãŒé•·ã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_DEPTH_E 終了オフセットãŒç„¡åŠ¹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_PARSE_E å…¨ã®ASN.1アイテムã®è§£æžãŒå®Œäº†ã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param asn1 Asn1構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param opts Asn1PrintOptions構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param data BER/DERå½¢å¼ã®ãƒ—リント対象データã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param len プリント対象データã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°ï¼‰
+
+ \code
+ Asn1PrintOptions opts;
+ Asn1 asn1;
+ unsigned char data[] = { Initialize with DER/BER data };
+ word32 len = sizeof(data);
+
+ // Initialize ASN.1 print options before use.
+ wc_Asn1PrintOptions_Init(&opt);
+ // Set the number of indents when printing tag name to be 1.
+ wc_Asn1PrintOptions_Set(&opt, ASN1_PRINT_OPT_INDENT, 1);
+
+ // Initialize ASN.1 parse object before use.
+ wc_Asn1_Init(&asn1);
+ // Set standard out to be the file descriptor to write to.
+ wc_Asn1_SetFile(&asn1, stdout);
+ // Print all ASN.1 items in buffer with the specified print options.
+ wc_Asn1_PrintAll(&asn1, &opts, data, len);
+ \endcode
+
+ \sa wc_Asn1_Init
+ \sa wc_Asn1_SetFile
+ */
+int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts, unsigned char* data,
+ word32 len);
+
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h
index c44b5deb..2b4f9483 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h
@@ -1,9 +1,10 @@
/*!
- \ingroup ChaCha20Poly1305
- \brief ã“ã®é–¢æ•°ã¯ã€Chacha20 Streamæš—å·ã‚’使用ã—ã¦ã€Chacha20 Streamæš—å·ã‚’使用ã—ã¦ã€Output BufferTextã«å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã€InPleaintextã‚’æš—å·åŒ–ã—ã¾ã™ã€‚ã¾ãŸã€Poly-1305èªè¨¼ï¼ˆæš—å·ãƒ†ã‚­ã‚¹ãƒˆï¼‰ã‚’実行ã—ã€ç”Ÿæˆã—ãŸèªè¨¼ã‚¿ã‚°ã‚’出力ãƒãƒƒãƒ•ã‚¡OutauthTagã«æ ¼ç´ã—ã¾ã™ã€‚
- \return 0 メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã—ãŸ
+ \ingroup ChaCha20Poly1305
+ \brief ã“ã®é–¢æ•°ã¯ã€Chacha20 Streamæš—å·ã‚’使用ã—ã¦ã€Output BufferTextã«å…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã€InPleaintextã‚’æš—å·åŒ–ã—ã¾ã™ã€‚
+ ã¾ãŸã€Poly-1305èªè¨¼ï¼ˆæš—å·ãƒ†ã‚­ã‚¹ãƒˆï¼‰ã‚’実行ã—ã€ç”Ÿæˆã—ãŸèªè¨¼ã‚¿ã‚°ã‚’出力ãƒãƒƒãƒ•ã‚¡OutauthTagã«æ ¼ç´ã—ã¾ã™ã€‚
+ \return 0 メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG æš—å·åŒ–プロセス中ã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
- \param inKey æš—å·åŒ–ã«ä½¿ç”¨ã™ã‚‹32ãƒã‚¤ãƒˆã®ã‚­ãƒ¼ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inKey æš—å·åŒ–ã«ä½¿ç”¨ã™ã‚‹32ãƒã‚¤ãƒˆã®éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inIv æš—å·åŒ–ã«ä½¿ç”¨ã™ã‚‹12ãƒã‚¤ãƒˆã®IVã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inAAD ä»»æ„ã®é•·ã•ã®è¿½åŠ èªè¨¼ãƒ‡ãƒ¼ã‚¿ï¼ˆAAD)をå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inAADLen 入力AADã®é•·ã•
@@ -41,17 +42,19 @@ int wc_ChaCha20Poly1305_Encrypt(
byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
/*!
- \ingroup ChaCha20Poly1305
- \brief ã“ã®é–¢æ•°ã¯ã€Chacha20 Streamæš—å·ã‚’使用ã—ã¦ã€Chacha20 Streamæš—å·ã‚’使用ã—ã¦ã€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã€OutpleAntextã«å…¥åŠ›ã•ã‚ŒãŸæš—å·æ–‡ã®å…¥åŠ›ã‚’復å·åŒ–ã—ã¾ã™ã€‚ã¾ãŸã€Poly-1305èªè¨¼ã‚’実行ã—ã€æŒ‡å®šã•ã‚ŒãŸINAUTHTAGã‚’INAADã§ç”Ÿæˆã•ã‚ŒãŸèªè¨¼ï¼ˆä»»æ„ã®é•·ã•ã®è¿½åŠ èªè¨¼ãƒ‡ãƒ¼ã‚¿ï¼‰ã¨æ¯”較ã—ã¾ã™ã€‚注:生æˆã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ã¨ä¸€è‡´ã—ãªã„å ´åˆã€ãƒ†ã‚­ã‚¹ãƒˆã¯å¾©å·åŒ–ã•ã‚Œã¾ã›ã‚“。
- \return 0 メッセージã®å¾©å·åŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã—ãŸ
+ \ingroup ChaCha20Poly1305
+ \brief ã“ã®é–¢æ•°ã¯ã€Chacha20 Streamæš—å·ã‚’使用ã—ã¦ã€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡OutpleAntextã«å¾©å·ã—ãŸãƒ‡ãƒ¼ã‚¿ã‚’出力ã—ã¾ã™ã€‚
+ ã¾ãŸã€Poly-1305èªè¨¼ã‚’実行ã—ã€æŒ‡å®šã•ã‚ŒãŸinAuthTagã‚’inAADã§ç”Ÿæˆã•ã‚ŒãŸèªè¨¼ï¼ˆä»»æ„ã®é•·ã•ã®è¿½åŠ èªè¨¼ãƒ‡ãƒ¼ã‚¿ï¼‰ã¨æ¯”較ã—ã¾ã™ã€‚
+ 注:生æˆã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ã¨ä¸€è‡´ã—ãªã„å ´åˆã€ãƒ†ã‚­ã‚¹ãƒˆã¯å¾©å·ã•ã‚Œã¾ã›ã‚“。
+ \return 0 メッセージã®å¾©å·ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã—ãŸ
\return BAD_FUNC_ARG 関数引数ã®ã„ãšã‚Œã‹ãŒäºˆæƒ³ã•ã‚Œã‚‹ã‚‚ã®ã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™
- \return MAC_CMP_FAILED_E 生æˆã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚Œã¦ã„ã‚‹INAUTHTAGã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param inKey 復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹32ãƒã‚¤ãƒˆã®ã‚­ãƒ¼ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param inIv 復å·åŒ–ã«ä½¿ç”¨ã™ã‚‹12ãƒã‚¤ãƒˆã®IVã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \return MAC_CMP_FAILED_E 生æˆã•ã‚ŒãŸèªè¨¼ã‚¿ã‚°ãŒæä¾›ã•ã‚Œã¦ã„ã‚‹inAuthTagã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param inKey 復å·ã«ä½¿ç”¨ã™ã‚‹32ãƒã‚¤ãƒˆã®éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param inIv 復å·ã«ä½¿ç”¨ã™ã‚‹12ãƒã‚¤ãƒˆã®IVã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inAAD ä»»æ„ã®é•·ã•ã®è¿½åŠ èªè¨¼ãƒ‡ãƒ¼ã‚¿ï¼ˆAAD)をå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inAADLen 入力AADã®é•·ã•
- \param inCiphertext 復å·åŒ–ã™ã‚‹æš—å·æ–‡ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param outCiphertextLen 復å·åŒ–ã™ã‚‹æš—å·æ–‡ã®é•·ã•
+ \param inCiphertext 復å·ã™ã‚‹æš—å·æ–‡ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param outCiphertextLen 復å·ã™ã‚‹æš—å·æ–‡ã®é•·ã•
\param inAuthTag èªè¨¼ã®ãŸã‚ã®16ãƒã‚¤ãƒˆã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
@@ -65,7 +68,7 @@ int wc_ChaCha20Poly1305_Encrypt(
byte plain[sizeof(cipher)];
int ret = wc_ChaCha20Poly1305_Decrypt(key, iv, inAAD, sizeof(inAAD),
- cipher, sizeof(cipher), plain, authTag);
+ cipher, sizeof(cipher), authTag, plain);
if(ret == MAC_CMP_FAILED_E) {
// error during authentication
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h
index cd880939..95612f6c 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h
@@ -1,21 +1,21 @@
/*!
\ingroup CMAC
- \brief Cmac 構造体をデフォルトã§åˆæœŸåŒ–ã™ã‚‹
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- \param cmac Cmac 構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param キー キー ãƒã‚¤ãƒ³ã‚¿
- \param keySz キー ãƒã‚¤ãƒ³ã‚¿ã®ã‚µã‚¤ã‚º (16ã€24ã€ã¾ãŸã¯ 32)
- \param type 常㫠WC_CMAC_AES = 1
- \param 未使用 使用ã•ã‚Œã¦ã„ã¾ã›ã‚“。互æ›æ€§ã«é–¢ã™ã‚‹å°†æ¥ã®æ½œåœ¨çš„ãªä½¿ç”¨ã®ãŸã‚ã«å­˜åœ¨ã—ã¾ã™
+ \brief Cmac構造体をデフォルト値ã§åˆæœŸåŒ–ã—ã¾ã™
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param cmac Cmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key éµãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz éµãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º(16ã€24ã€ã¾ãŸã¯ 32)
+ \param type 常ã«WC_CMAC_AES(=1)
+ \param unused 使用ã•ã‚Œã¦ã„ã¾ã›ã‚“。互æ›æ€§ã«é–¢ã™ã‚‹å°†æ¥ã®æ½œåœ¨çš„ãªä½¿ç”¨ã®ãŸã‚ã«å­˜åœ¨ã—ã¾ã™
_例_
\code
Cmac cmac[1];
- ret = wc_InitCmac(cmacã€ã‚­ãƒ¼ã€keySzã€WC_CMAC_AESã€NULL);
- ã‚‚ã— (ret == 0) {
+ ret = wc_InitCmac(cmacã€keyã€keySzã€WC_CMAC_AESã€NULL);
+ if (ret == 0) {
ret = wc_CmacUpdate(cmacã€inã€inSz);
}
- ã‚‚ã— (ret == 0) {
+ if (ret == 0) {
ret = wc_CmacFinal(cmac, out, outSz);
}
\endcode
@@ -25,29 +25,29 @@
\sa wc_CmacFinal
*/
int wc_InitCmac(Cmac* cmac,
- const byte* キーã€word32 keySzã€
- intåž‹ã€void*未使用);
+ const byte* keyã€word32 keySzã€
+ int typeã€void* unused);
/*!
\ingroup CMAC
- \brief Cmac 構造体をデフォルトã§åˆæœŸåŒ–ã™ã‚‹
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- \param cmac Cmac 構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param キー キー ãƒã‚¤ãƒ³ã‚¿
- \param keySz キー ãƒã‚¤ãƒ³ã‚¿ã®ã‚µã‚¤ã‚º (16ã€24ã€ã¾ãŸã¯ 32)
- \param type 常㫠WC_CMAC_AES = 1
- \param 未使用 使用ã•ã‚Œã¦ã„ã¾ã›ã‚“。互æ›æ€§ã«é–¢ã™ã‚‹å°†æ¥ã®æ½œåœ¨çš„ãªä½¿ç”¨ã®ãŸã‚ã«å­˜åœ¨ã—ã¾ã™
- \param heap 動的割り当ã¦ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒ’ープ ヒントã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼ã€‚ 通常ã€ã‚¹ã‚¿ãƒ†ã‚£ãƒƒã‚¯ メモリ オプションã§ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ NULL ã«ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
- \param devId éžåŒæœŸãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã§ä½¿ç”¨ã™ã‚‹ ID。 éžåŒæœŸãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã‚’使用ã—ã¦ã„ãªã„å ´åˆã¯ã€INVALID_DEVID ã«è¨­å®šã—ã¾ã™ã€‚
+ \brief Cmac構造体をデフォルト値ã§åˆæœŸåŒ–ã—ã¾ã™
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param cmac Cmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key éµãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz éµãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º(16ã€24ã€ã¾ãŸã¯ 32)
+ \param type 常ã«WC_CMAC_AES(=1)
+ \param unused 使用ã•ã‚Œã¦ã„ã¾ã›ã‚“。互æ›æ€§ã«é–¢ã™ã‚‹å°†æ¥ã®æ½œåœ¨çš„ãªä½¿ç”¨ã®ãŸã‚ã«å­˜åœ¨ã—ã¾ã™
+ \param heap 動的割り当ã¦ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒ’ープヒントã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ 通常ã€ã‚¹ã‚¿ãƒ†ã‚£ãƒƒã‚¯ãƒ¡ãƒ¢ãƒªã‚ªãƒ—ションã§ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ NULLã«ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \param devId éžåŒæœŸãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã§ä½¿ç”¨ã™ã‚‹ID。éžåŒæœŸãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ã‚’使用ã—ã¦ã„ãªã„å ´åˆã¯ã€INVALID_DEVIDã«è¨­å®šã—ã¾ã™ã€‚
_例_
\code
Cmac cmac[1];
- ret = wc_InitCmac_ex(cmacã€ã‚­ãƒ¼ã€keySzã€WC_CMAC_AESã€NULLã€NULLã€INVALID_DEVID);
- ã‚‚ã— (ret == 0) {
- ret = wc_CmacUpdate(cmacã€inã€inSz);
+ ret = wc_InitCmac_ex(cmac, key, keySz, WC_CMAC_AES, NULL, NULL, INVALID_DEVID);
+ if (ret == 0) {
+ ret = wc_CmacUpdate(cmac, in, inSz);
}
- ã‚‚ã— (ret == 0) {
+ if (ret == 0) {
ret = wc_CmacFinal(cmac, out, &outSz);
}
\endcode
@@ -57,15 +57,15 @@ int wc_InitCmac(Cmac* cmac,
\sa wc_CmacFinal
*/
int wc_InitCmac_ex(Cmac* cmac,
- const byte* キーã€word32 keySzã€
- int åž‹ã€void* 未使用ã€void* ヒープã€int devId);
+ const byte* key, word32 keySz,
+ int type, void* unusedã€void* heap, int devId);
/*!
\ingroup CMAC
\brief æš—å·ãƒ™ãƒ¼ã‚¹ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸èªè¨¼ã‚³ãƒ¼ãƒ‰å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã‚’追加
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- \param cmac Cmac 構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param in 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã®
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param cmac Cmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param in 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inSz 入力データã®ã‚µã‚¤ã‚º
_例_
@@ -81,11 +81,11 @@ int wc_CmacUpdate(Cmac* cmac,
/*!
\ingroup CMAC
- \brief æš—å·ãƒ™ãƒ¼ã‚¹ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸èªè¨¼ã‚³ãƒ¼ãƒ‰ã‚’使用ã—ã¦æœ€çµ‚çµæžœã‚’生æˆã™ã‚‹
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- \param cmac Cmac 構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param out çµæžœã‚’è¿”ã™ãƒã‚¤ãƒ³ã‚¿
- \param outSz 出力ã®ãƒã‚¤ãƒ³ã‚¿ã‚µã‚¤ã‚º (in/out)
+ \brief æš—å·ãƒ™ãƒ¼ã‚¹ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸èªè¨¼ã‚³ãƒ¼ãƒ‰ã‚’使用ã—ã¦æœ€çµ‚çµæžœã‚’生æˆã—ã¾ã™
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param cmac Cmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param out çµæžœã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param outSz çµæžœã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º (in/out)
_例_
\code
@@ -100,14 +100,14 @@ int wc_CmacFinal(Cmac* cmac,
/*!
\ingroup CMAC
- \brief CMAC を生æˆã™ã‚‹ãŸã‚ã®ã‚·ãƒ³ã‚°ãƒ« ショット関数
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- \param out çµæžœã‚’è¿”ã™ãƒã‚¤ãƒ³ã‚¿
+ \brief CMACを生æˆã™ã‚‹ãŸã‚ã®ã‚·ãƒ³ã‚°ãƒ«ã‚·ãƒ§ãƒƒãƒˆé–¢æ•°
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param out çµæžœã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param outSz 出力ã®ãƒã‚¤ãƒ³ã‚¿ã‚µã‚¤ã‚º (in/out)
- \param in 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã®ãƒã‚¤ãƒ³ã‚¿
+ \param in 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã®ãƒã‚¤ãƒ³ã‚¿
\param inSz 入力データã®ã‚µã‚¤ã‚º
- \param キー キー ãƒã‚¤ãƒ³ã‚¿
- \param keySz キー ãƒã‚¤ãƒ³ã‚¿ã®ã‚µã‚¤ã‚º (16ã€24ã€ã¾ãŸã¯ 32)
+ \param key éµãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz éµãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º (16ã€24ã€ã¾ãŸã¯ 32)
_例_
\code
@@ -122,14 +122,14 @@ int wc_AesCmacGenerate(byte* out, word32* outSz,
/*!
\ingroup CMAC
- \brief CMAC を検証ã™ã‚‹ãŸã‚ã®ã‚·ãƒ³ã‚°ãƒ« ショット機能
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- \param çµæžœã‚’è¿”ã™ãƒã‚§ãƒƒã‚¯ ãƒã‚¤ãƒ³ã‚¿
- \param checkSz ãƒã‚§ãƒƒã‚¯ã‚¢ã‚¦ãƒˆ ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \brief CMACを検証ã™ã‚‹ãŸã‚ã®ã‚·ãƒ³ã‚°ãƒ«ã‚·ãƒ§ãƒƒãƒˆé–¢æ•°
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param check 検証対象ã¨ãªã‚‹CMAC処ç†çµæžœãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param checkSz CMAC処ç†çµæžœãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º
\param in 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã®ãƒã‚¤ãƒ³ã‚¿
\param inSz 入力データã®ã‚µã‚¤ã‚º
- \param キー キー ãƒã‚¤ãƒ³ã‚¿
- \param keySz キー ãƒã‚¤ãƒ³ã‚¿ã®ã‚µã‚¤ã‚º (16ã€24ã€ã¾ãŸã¯ 32)
+ \param key éµãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param keySz éµãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º (16ã€24ã€ã¾ãŸã¯ 32)
_例_
\code
@@ -145,9 +145,10 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
/*!
\ingroup CMAC
- \brief ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ãŒã‚·ãƒ³ã‚°ãƒ« ショットを必è¦ã¨ã—ã€æ›´æ–°ã‚’メモリã«ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã™ã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆã«ã®ã¿ã€WOLFSSL_HASH_KEEP ã§ä½¿ç”¨ã•ã‚Œã¾ã™
- \return æˆåŠŸã—ãŸã‚‰ 0 ã‚’è¿”ã™
- 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã® \param
+ \brief WOLFSSL_HASH_KEEPマクロ定義時ã®ã¿ä½¿ç”¨å¯èƒ½ã€‚ãƒãƒ¼ãƒ‰ã‚¦ã‚§ã‚¢ãŒã‚·ãƒ³ã‚°ãƒ«ã‚·ãƒ§ãƒƒãƒˆã‚’å¿…è¦ã¨ã—ã€æ›´æ–°ã‚’メモリã«ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã™ã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆã«ä½¿ç”¨ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸã‚‰0ã‚’è¿”ã—ã¾ã™
+ \param cmac Cmac構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param in 処ç†ã™ã‚‹å…¥åŠ›ãƒ‡ãƒ¼ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inSz 入力データã®ã‚µã‚¤ã‚º
_例_
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h
index 64b99925..5ddc615a 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h
@@ -60,7 +60,7 @@ int wc_curve25519_shared_secret(curve25519_key* private_key,
/*!
\ingroup Curve25519
- \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†ã®ç§˜å¯†éµã¨å—ä¿¡ã—ãŸå…¬é–‹éµã‚’考ãˆã‚‹ã¨ã€å…±æœ‰ç§˜å¯†éµã‚’計算ã—ã¾ã™ã€‚生æˆã•ã‚ŒãŸç§˜å¯†éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«ä¿å­˜ã—ã€ounlentã®ç§˜å¯†éµã®å¤‰æ•°ã‚’割り当ã¦ã¾ã™ã€‚大ããã¦ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†ã®ç§˜å¯†éµã¨å—ä¿¡ã—ãŸå…¬é–‹éµã‚’考ãˆã‚‹ã¨ã€å…±æœ‰ç§˜å¯†éµã‚’計算ã—ã¾ã™ã€‚生æˆã•ã‚ŒãŸç§˜å¯†éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«ä¿å­˜ã—ã€ounlentã®ç§˜å¯†éµã®å¤‰æ•°ã‚’割り当ã¦ã¾ã™ã€‚ビッグ・リトルエンディアンã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return 0 共有秘密éµã‚’正常ã«è¨ˆç®—ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG 渡ã•ã‚ŒãŸå…¥åŠ›ãƒ‘ラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E 公開éµã®æœ€åˆã®ãƒ“ットãŒè¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€å®Ÿè£…ã®æŒ‡ç´‹ã‚’é¿ã‘ã‚‹ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -222,7 +222,7 @@ int wc_curve25519_import_private_raw(const byte* priv, word32 privSz,
/*!
\ingroup Curve25519
- \brief ã“ã®é–¢æ•°ã¯ã€ãƒ‘ブリック秘密éµãƒšã‚¢ã‚’Curve25519_Key構造体ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚大ããã¦ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒ‘ブリック秘密éµãƒšã‚¢ã‚’Curve25519_Key構造体ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ビッグ・リトルエンディアンã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return 0 Curve25519_Key構造体ã¸ã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
\return ECC_BAD_ARG_E 戻ã•ã‚ŒãŸIFã¾ãŸã¯å…¥åŠ›ã‚­ãƒ¼ã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒãƒ‘ブリックキーサイズã¾ãŸã¯ç§˜å¯†éµã‚µã‚¤ã‚ºã¨ä¸€è‡´ã—ãªã„å ´åˆ
@@ -292,7 +292,7 @@ int wc_curve25519_export_private_raw(curve25519_key* key, byte* out,
/*!
\ingroup Curve25519
- \brief ã“ã®é–¢æ•°ã¯Curve25519_Key構造体ã‹ã‚‰ç§˜å¯†éµã‚’エクスãƒãƒ¼ãƒˆã—ã€ãれを指定ã•ã‚ŒãŸã‚¢ã‚¦ãƒˆãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚ã¾ãŸã€ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã•ã‚ŒãŸã‚­ãƒ¼ã®ã‚µã‚¤ã‚ºã«ãªã‚‹ã‚ˆã†ã«æ¦‚è¦ã‚’設定ã—ã¾ã™ã€‚ãã‚ŒãŒå¤§ãã„ã‹ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã‹ã‚’指定ã§ãã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯Curve25519_Key構造体ã‹ã‚‰ç§˜å¯†éµã‚’エクスãƒãƒ¼ãƒˆã—ã€ãれを指定ã•ã‚ŒãŸã‚¢ã‚¦ãƒˆãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚ã¾ãŸã€ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã•ã‚ŒãŸã‚­ãƒ¼ã®ã‚µã‚¤ã‚ºã«ãªã‚‹ã‚ˆã†ã«æ¦‚è¦ã‚’設定ã—ã¾ã™ã€‚ãã‚ŒãŒãƒ“ッグ・リトルエンディアンã‹ã‚’指定ã§ãã¾ã™ã€‚
\return 0 Curve25519_Key構造体ã‹ã‚‰ç§˜å¯†éµã‚’正常ã«ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG 入力パラメータãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E WC_CURVE25519_SIZE()ãŒã‚­ãƒ¼ã¨ç­‰ã—ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -394,7 +394,7 @@ int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
/*!
\ingroup Curve25519
- \brief ã“ã®é–¢æ•°ã¯ã€å…¬é–‹éµãƒãƒƒãƒ•ã‚¡ãŒã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³æ³¨æ–‡ã‚’与ãˆã‚‰ã‚ŒãŸæœ‰åŠ¹ãªCurve2519キー値をä¿æŒã—ã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã€å…¬é–‹éµãƒãƒƒãƒ•ã‚¡ãŒæŒ‡å®šã•ã‚ŒãŸã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã«å¯¾ã—ã¦æœ‰åŠ¹ãªCurve2519キー値をä¿æŒã—ã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¾ã™ã€‚
\return 0 公開éµã®å€¤ãŒæœ‰åŠ¹ãªã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E 公開éµã®å€¤ãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -450,7 +450,7 @@ int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen);
/*!
\ingroup Curve25519
- \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã‹ã‚‰å…¬é–‹éµã‚’エクスãƒãƒ¼ãƒˆã—ã€çµæžœã‚’アウトãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚大ããã¦ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã‹ã‚‰å…¬é–‹éµã‚’エクスãƒãƒ¼ãƒˆã—ã€çµæžœã‚’アウトãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚ビッグ・リトルエンディアンã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return 0 Curve25519_Key構造体ã‹ã‚‰å…¬é–‹éµã‚’正常ã«ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã™ã‚‹ä¸Šã§è¿”ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E outlenãŒcurve25519_pub_key_sizeよりå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -517,7 +517,7 @@ int wc_curve25519_export_key_raw(curve25519_key* key,
/*!
\ingroup Curve25519
- \brief Export Curve25519キーペア。大ãã„ã¾ãŸã¯ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã€‚
+ \brief Export Curve25519キーペア。ビッグ・リトルエンディアン。
\return 0 Curve25519_Key構造体ã‹ã‚‰ã‚­ãƒ¼ãƒšã‚¢ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG 入力パラメータãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E PRIVSZãŒCURUV25519_SEY_SIZEã¾ãŸã¯PUBSZよりもå°ã•ã„å ´åˆã¯ã€PUBSZãŒCURUG25519_PUB_KEY_SIZEよりもå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h
index 67c647dd..4a6a1d2e 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h
@@ -59,7 +59,7 @@ int wc_curve448_shared_secret(curve448_key* private_key,
/*!
\ingroup Curve448
- \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†ã®ç§˜å¯†éµã¨å—ä¿¡ã—ãŸå…¬é–‹éµã‚’考ãˆã‚‹ã¨ã€å…±æœ‰ç§˜å¯†éµã‚’計算ã—ã¾ã™ã€‚生æˆã•ã‚ŒãŸç§˜å¯†éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«ä¿å­˜ã—ã€ounlentã®ç§˜å¯†éµã®å¤‰æ•°ã‚’割り当ã¦ã¾ã™ã€‚大ããã¦ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†ã®ç§˜å¯†éµã¨å—ä¿¡ã—ãŸå…¬é–‹éµã‚’考ãˆã‚‹ã¨ã€å…±æœ‰ç§˜å¯†éµã‚’計算ã—ã¾ã™ã€‚生æˆã•ã‚ŒãŸç§˜å¯†éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«ä¿å­˜ã—ã€ounlentã®ç§˜å¯†éµã®å¤‰æ•°ã‚’割り当ã¦ã¾ã™ã€‚ビッグ・リトルエンディアンã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return 0 共有秘密éµã‚’正常ã«è¨ˆç®—ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG 渡ã•ã‚ŒãŸå…¥åŠ›ãƒ‘ラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param [in] Private_Key Curve448_Key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®ç§˜å¯†éµã§åˆæœŸåŒ–ã•ã‚Œã¾ã—ãŸã€‚
@@ -152,7 +152,7 @@ int wc_curve448_import_private(const byte* priv, word32 privSz,
/*!
\ingroup Curve448
- \brief CURVE448秘密éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã®ã¿ã€‚(大ããªã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ï¼‰ã€‚
+ \brief CURVE448秘密éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã®ã¿ã€‚(ビッグエンディアン)。
\return 0 秘密éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG キーã¾ãŸã¯PRIVãŒNULLã®å ´åˆã¯è¿”ã—ã¾ã™ã€‚
\return ECC_BAD_ARG_E PRIVSZãŒCURUG448_KEY_SIZEã¨ç­‰ã—ããªã„å ´åˆã¯è¿”ã—ã¾ã™ã€‚
@@ -220,7 +220,7 @@ int wc_curve448_import_private_raw(const byte* priv, word32 privSz,
/*!
\ingroup Curve448
- \brief ã“ã®é–¢æ•°ã¯ã€public-秘密éµã®ãƒšã‚¢ã‚’Curve448_Key構造体ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚大ããã¦ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã€public-秘密éµã®ãƒšã‚¢ã‚’Curve448_Key構造体ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ビッグ・リトルエンディアンã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return 0 Curve448_Key構造体ã¸ã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
\return ECC_BAD_ARG_E 入力キーã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒPublicキーサイズã¾ãŸã¯ç§˜å¯†éµã‚µã‚¤ã‚ºã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -450,7 +450,7 @@ int wc_curve448_export_public(curve448_key* key, byte* out, word32* outLen);
/*!
\ingroup Curve448
- \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã‹ã‚‰å…¬é–‹éµã‚’エクスãƒãƒ¼ãƒˆã—ã€çµæžœã‚’アウトãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚大ããã¦ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã‹ã‚‰å…¬é–‹éµã‚’エクスãƒãƒ¼ãƒˆã—ã€çµæžœã‚’アウトãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚ビッグ・リトルエンディアンã®ä¸¡æ–¹ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return 0 Curve448_Key構造体ã‹ã‚‰å…¬é–‹éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return ECC_BAD_ARG_E outlenãŒcurve448_pub_key_sizeよりå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -517,8 +517,8 @@ int wc_curve448_export_key_raw(curve448_key* key,
/*!
\ingroup Curve448
- \brief Curve448キーペアをエクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚大ãã„ã¾ãŸã¯ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã€‚
- \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã‹ã‚‰ã‚­ãƒ¼ãƒšã‚¢ã‚’エクスãƒãƒ¼ãƒˆã—ã€çµæžœã‚’アウトãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚大ãã„ã¾ãŸã¯ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã€‚
+ \brief Curve448キーペアをエクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ビッグã€ã¾ãŸã¯ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã€‚
+ \brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã‹ã‚‰ã‚­ãƒ¼ãƒšã‚¢ã‚’エクスãƒãƒ¼ãƒˆã—ã€çµæžœã‚’アウトãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚ビッグã€ã¾ãŸã¯ãƒªãƒˆãƒ«ã‚¨ãƒ³ãƒ‡ã‚£ã‚¢ãƒ³ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG 入力パラメータãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E PRIVSZãŒCURUV448_KEY_SIZEã¾ãŸã¯PUBSZよりもå°ã•ã„å ´åˆã¯ã€Curge448_PUB_KEY_SIZEよりもå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h
index e7102a52..0571feda 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h
@@ -220,7 +220,7 @@
key operations and reducing the attack surface by restricting access to certificate and keys
to the SIM.
- IoT-Safe support can be enabled on an existing WOLFSSL_CTX contex, using wolfSSL_CTX_iotsafe_enable().\n
+ IoT-Safe support can be enabled on an existing WOLFSSL_CTX context, using wolfSSL_CTX_iotsafe_enable().\n
Session created within the context can set the parameters for IoT-Safe key and files usage, and enable
the public keys callback, with wolfSSL_iotsafe_on().
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h
index 953e06ea..41b8c9ec 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h
@@ -1,5 +1,5 @@
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯æ–°ã—ã„ECC_KEYを生æˆã—ã€ãれをキーã«æ ¼ç´ã—ã¾ã™ã€‚
\return 0 æˆåŠŸã«æˆ»ã‚Šã¾ã—ãŸã€‚
\return ECC_BAD_ARG_E RNGã¾ãŸã¯ã‚­ãƒ¼ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -33,7 +33,7 @@
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯æ–°ã—ã„ECC_KEYを生æˆã—ã€ãれをキーã«æ ¼ç´ã—ã¾ã™ã€‚
\return 0 æˆåŠŸã«æˆ»ã‚Šã¾ã—ãŸã€‚
\return ECC_BAD_ARG_E RNGã¾ãŸã¯ã‚­ãƒ¼ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -75,7 +75,7 @@ int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ECCキーã®æœ‰åŠ¹æ€§ã‚’有効ã«ã—ã¾ã™ã€‚
\return MP_OKAY æˆåŠŸã€ã‚­ãƒ¼ã¯å¤§ä¸ˆå¤«ã§ã™ã€‚
\return BAD_FUNC_ARG キーãŒNULLã®å ´åˆã¯è¿”ã—ã¾ã™ã€‚
@@ -105,7 +105,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
int wc_ecc_check_key(ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ä½¿ç”¨ã•ã‚ŒãŸå¾Œã«ECC_KEYキーを解放ã—ã¾ã™ã€‚
_Example_
\code
@@ -120,7 +120,7 @@ int wc_ecc_check_key(ecc_key* key);
void wc_ecc_key_free(ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ãƒ­ãƒ¼ã‚«ãƒ«ç§˜å¯†éµã¨å—ä¿¡ã—ãŸå…¬é–‹éµã‚’使用ã—ã¦æ–°ã—ã„秘密éµã‚’生æˆã—ã¾ã™ã€‚ã“ã®å…±æœ‰ç§˜å¯†éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«æ ¼ç´ã—ã€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’ä¿æŒã™ã‚‹ãŸã‚ã«outlentenã‚’æ›´æ–°ã—ã¾ã™ã€‚
\return 0 共有秘密éµã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -167,7 +167,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
word32* outlen);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief 秘密éµã¨ãƒ‘ブリックãƒã‚¤ãƒ³ãƒˆã®é–“ã«ECC共有秘密を作æˆã—ã¾ã™ã€‚
\return MP_OKAY æˆåŠŸã‚’示ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG 引数ãŒNULLã®ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
@@ -204,7 +204,7 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ä¿¡é ¼æ€§ã‚’ä¿è¨¼ã™ã‚‹ãŸã‚ã«ECC_KEYオブジェクトを使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã«ç½²åã—ã¾ã™ã€‚
\return 0 メッセージダイジェストã®ç½²åを正常ã«ç”Ÿæˆã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã—ãŸ
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã¦ç”Ÿæˆã•ã‚ŒãŸç½²åã‚’ä¿å­˜ã™ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
@@ -249,7 +249,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
WC_RNG* rng, ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief メッセージダイジェストã«ç½²åã—ã¾ã™ã€‚
\return MP_OKAY メッセージダイジェストã®ç½²åを正常ã«ç”Ÿæˆã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã—ãŸ
\return ECC_BAD_ARG_E 入力キーãŒç§˜å¯†éµã§ã¯ãªã„å ´åˆã€ã¾ãŸã¯ECC IDXãŒç„¡åŠ¹ãªå ´åˆã€ã¾ãŸã¯ã„ãšã‚Œã‹ã®å…¥åŠ›ãƒ‘ラメータãŒNULLã«è©•ä¾¡ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã¦ç”Ÿæˆã•ã‚ŒãŸç½²åã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã‚‹å ´åˆ
@@ -299,7 +299,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€çœŸæ­£æ€§ã‚’確ä¿ã™ã‚‹ãŸã‚ã«ãƒãƒƒã‚·ãƒ¥ã®ECCã‚·ã‚°ãƒãƒãƒ£ã‚’検証ã—ã¾ã™ã€‚ç­”ãˆã‚’介ã—ã¦ã€æœ‰åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹1ã€ç„¡åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹0ã§ç­”ãˆã‚’è¿”ã—ã¾ã™ã€‚
\return 0 ç½²å検証ã«æ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚注:ã“ã‚Œã¯ç½²åãŒæ¤œè¨¼ã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’æ„味ã™ã‚‹ã‚ã‘ã§ã¯ã‚ã‚Šã¾ã›ã‚“。信頼性情報ã¯ä»£ã‚ã‚Šã«STATã§æ ¼ç´ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG è¿”ã•ã‚ŒãŸå…¥åŠ›ãƒ‘ラメータã¯NULLã«è©•ä¾¡ã•ã‚Œã¾ã™
@@ -344,7 +344,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ECCç½²åを確èªã—ã¦ãã ã•ã„。çµæžœã¯statã«æ›¸ãè¾¼ã¾ã‚Œã¾ã™ã€‚1ãŒæœ‰åŠ¹ã§ã€0ãŒç„¡åŠ¹ã§ã™ã€‚注:有効ãªãƒ†ã‚¹ãƒˆã«æˆ»ã‚Šå€¤ã‚’使用ã—ãªã„ã§ãã ã•ã„。statã®ã¿ã‚’使用ã—ã¦ãã ã•ã„。
\return MP_OKAY æˆåŠŸã—ãŸå ´åˆï¼ˆç½²åãŒç„¡åŠ¹ã§ã‚ã£ã¦ã‚‚)
\return ECC_BAD_ARG_E 引数ãŒNULLã®å ´åˆã€ã¾ãŸã¯key-idxãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã—ã¾ã™ã€‚
@@ -374,7 +374,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸æ¤œè¨¼ã¾ãŸã¯éµäº¤æ¸‰ã§å°†æ¥ã®ä½¿ç”¨ã®ãŸã‚ã«ECC_KEYオブジェクトをåˆæœŸåŒ–ã—ã¾ã™ã€‚
\return 0 ECC_Keyオブジェクトã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -390,7 +390,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
int wc_ecc_init(ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸æ¤œè¨¼ã¾ãŸã¯éµäº¤æ¸‰ã§å°†æ¥ã®ä½¿ç”¨ã®ãŸã‚ã«ECC_KEYオブジェクトをåˆæœŸåŒ–ã—ã¾ã™ã€‚
\return 0 ECC_Keyオブジェクトã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -409,7 +409,7 @@ int wc_ecc_init(ecc_key* key);
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼å®šç¾©ãƒ’ープを使用ã—ã€ã‚­ãƒ¼æ§‹é€ ã®ã‚¹ãƒšãƒ¼ã‚¹ã‚’割り当ã¦ã¾ã™ã€‚
\return 0 ECC_Keyオブジェクトã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
_Example_
@@ -424,7 +424,7 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
ecc_key* wc_ecc_key_new(void* heap);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ä½¿ç”¨å¾Œã«ECC_KEYオブジェクトを解放ã—ã¾ã™ã€‚
\return int integerãŒWolfSSLエラーã¾ãŸã¯æˆåŠŸçŠ¶æ³ã‚’示ã™ã“ã¨ã‚’è¿”ã—ã¾ã—ãŸã€‚
_Example_
@@ -439,7 +439,7 @@ ecc_key* wc_ecc_key_new(void* heap);
int wc_ecc_free(ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯å›ºå®šå°æ•°ç‚¹ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’解放ã—ã¾ã™ã€‚ã“ã‚Œã¯ECCã§ä½¿ç”¨ã§ãã€è¨ˆç®—時間を高速化ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã‚’使用ã™ã‚‹ã«ã¯ã€FP_ECC(固定å°æ•°ç‚¹ECC)を定義ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
_Example_
@@ -456,7 +456,7 @@ int wc_ecc_free(ecc_key* key);
void wc_ecc_fp_free(void);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ECC IDXãŒæœ‰åŠ¹ã‹ã©ã†ã‹ã‚’確èªã—ã¾ã™ã€‚
\return 1 有効ãªå ´åˆã¯è¿”å“ã—ã¦ãã ã•ã„。
\return 0 無効ãªå ´åˆã¯è¿”ã—ã¾ã™ã€‚
@@ -484,7 +484,7 @@ void wc_ecc_fp_free(void);
int wc_ecc_is_valid_idx(int n);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief æ–°ã—ã„ECCãƒã‚¤ãƒ³ãƒˆã‚’割り当ã¦ã¾ã™ã€‚
\return p æ–°ã—ã割り当ã¦ã‚‰ã‚ŒãŸãƒã‚¤ãƒ³ãƒˆã€‚
\return NULL エラー時ã«NULLã‚’è¿”ã—ã¾ã™ã€‚
@@ -506,7 +506,7 @@ int wc_ecc_is_valid_idx(int n);
ecc_point* wc_ecc_new_point(void);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief メモリã‹ã‚‰ECCãƒã‚¤ãƒ³ãƒˆã‚’解放ã—ã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
_Example_
@@ -528,7 +528,7 @@ ecc_point* wc_ecc_new_point(void);
void wc_ecc_del_point(ecc_point* p);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã‚ã‚‹ãƒã‚¤ãƒ³ãƒˆã®å€¤ã‚’別ã®ãƒã‚¤ãƒ³ãƒˆã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
\return ECC_BAD_ARG_E Pã¾ãŸã¯RãŒNULLã®ã¨ãã«ã‚¹ãƒ­ãƒ¼ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã€‚
\return MP_OKAY ãƒã‚¤ãƒ³ãƒˆãŒæ­£å¸¸ã«ã‚³ãƒ”ーã•ã‚Œã¾ã—ãŸ
@@ -555,7 +555,7 @@ void wc_ecc_del_point(ecc_point* p);
int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ãƒã‚¤ãƒ³ãƒˆã®å€¤ã‚’別ã®ã‚‚ã®ã¨æ¯”較ã—ã¦ãã ã•ã„。
\return BAD_FUNC_ARG 1ã¤ã¾ãŸã¯ä¸¡æ–¹ã®å¼•æ•°ã¯nullã§ã™ã€‚
\return MP_EQ ãƒã‚¤ãƒ³ãƒˆã¯åŒã˜ã§ã™ã€‚
@@ -591,7 +591,7 @@ int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ãƒã‚¤ãƒ³ãƒˆãŒç„¡é™å¤§ã«ã‚ã‚‹ã‹ã©ã†ã‹ã‚’確èªã—ã¾ã™ã€‚è¿”å“1ãŒç„¡é™å¤§ã§ã‚ã‚‹å ´åˆã¯0ã€ãã†ã§ãªã„å ´åˆã¯0ã€<0エラー時ã®0
\return 1 Pã¯ç„¡é™å¤§ã§ã™ã€‚
\return 0 Pã¯ç„¡é™å¤§ã§ã¯ã‚ã‚Šã¾ã›ã‚“。
@@ -625,7 +625,7 @@ int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
int wc_ecc_point_is_at_infinity(ecc_point *p);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ECC固定点乗算を実行ã—ã¾ã™ã€‚
\return MP_OKAY æˆåŠŸã—ãŸæ“作ã§è¿”ã—ã¾ã™ã€‚
\return MP_INIT_E 複数ã®Precision Integer(MP_INT)ライブラリã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®æ•´æ•°ã‚’åˆæœŸåŒ–ã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -652,7 +652,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* a, mp_int* modulus, int map);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ECCキーをECC_KEY構造体ã‹ã‚‰ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ã€çµæžœã‚’OUTã«æ ¼ç´ã—ã¾ã™ã€‚キーã¯ANSI X9.63フォーマットã«ä¿å­˜ã•ã‚Œã¾ã™ã€‚outlenã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’æ ¼ç´ã—ã¾ã™ã€‚
\return 0 ECC_KEYã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æ­£å¸¸ã«è¿”ã•ã‚Œã¾ã—ãŸ
\return LENGTH_ONLY_E 出力ãƒãƒƒãƒ•ã‚¡ãŒNULLã«è©•ä¾¡ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ä»–ã®2ã¤ã®å…¥åŠ›ãƒ‘ラメータã¯æœ‰åŠ¹ã§ã™ã€‚関数ãŒã‚­ãƒ¼ã‚’ä¿å­˜ã™ã‚‹ã®ã«å¿…è¦ãªé•·ã•ã‚’è¿”ã™ã ã‘ã§ã‚ã‚‹ã“ã¨ã‚’示ã—ã¾ã™
@@ -692,7 +692,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ECCキーをECC_KEY構造体ã‹ã‚‰ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ã€çµæžœã‚’OUTã«æ ¼ç´ã—ã¾ã™ã€‚キーã¯ANSI X9.63フォーマットã«ä¿å­˜ã•ã‚Œã¾ã™ã€‚outlenã®å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’æ ¼ç´ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€åœ§ç¸®ã•ã‚ŒãŸãƒ‘ラメータを介ã—ã¦è¨¼æ˜Žæ›¸ã‚’圧縮ã™ã‚‹è¿½åŠ ã®ã‚ªãƒ—ションを使用ã™ã‚‹ã€‚ã“ã®ãƒ‘ラメータãŒtrueã®å ´åˆã€ã‚­ãƒ¼ã¯ANSI X9.63圧縮形å¼ã§ä¿å­˜ã•ã‚Œã¾ã™ã€‚
\return 0 ECC_KEYã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æ­£å¸¸ã«è¿”ã•ã‚Œã¾ã—ãŸ
\return NOT_COMPILED_IN hand_comp_keyãŒã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ã‚­ãƒ¼ã¯åœ§ç¸®å½¢å¼ã§è¦æ±‚ã•ã‚Œã¾ã—ãŸ
@@ -733,7 +733,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compressed);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ANSI X9.63å½¢å¼ã§ä¿å­˜ã•ã‚Œã¦ã„るキーをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ãƒ‘ブリックECCキーをインãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€åœ§ç¸®ã‚­ãƒ¼ãŒhand_comp_keyオプションを介ã—ã¦ã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹é™ã‚Šã€åœ§ç¸®ã‚­ãƒ¼ã¨éžåœ§ç¸®ã‚­ãƒ¼ã®ä¸¡æ–¹ã‚’処ç†ã—ã¾ã™ã€‚
\return 0 ECC_KEYã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸ
\return NOT_COMPILED_IN hand_comp_keyãŒã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ã‚­ãƒ¼ã¯åœ§ç¸®å½¢å¼ã§ä¿å­˜ã•ã‚Œã¾ã™ã€‚
@@ -774,7 +774,7 @@ int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compresse
int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ç”Ÿã®ç§˜å¯†éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¨ã€ANSI X9.63フォーマットã•ã‚ŒãŸå…¬é–‹éµã‚’å«ã‚€2番目ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã‹ã‚‰ãƒ‘ブリック/プライベートECCキーã®ãƒšã‚¢ã‚’インãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€åœ§ç¸®ã‚­ãƒ¼ãŒhand_comp_keyオプションを介ã—ã¦ã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹é™ã‚Šã€åœ§ç¸®ã‚­ãƒ¼ã¨éžåœ§ç¸®ã‚­ãƒ¼ã®ä¸¡æ–¹ã‚’処ç†ã—ã¾ã™ã€‚
\return 0 habe_comp_keyãŒã‚³ãƒ³ãƒ‘イル時ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ãªã„å ´åˆã¯ã€ecc_key not_compiled_inを正常ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã—ãŸãŒã€ã‚­ãƒ¼ã¯åœ§ç¸®å½¢å¼ã§ä¿å­˜ã•ã‚Œã¾ã™ã€‚
\return ECC_BAD_ARG_E INã¾ãŸã¯KEYãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯InlenãŒå¶æ•°ã®å ´åˆï¼ˆX9.63è¦æ ¼ã«ã‚ˆã‚Œã°ã€ã‚­ãƒ¼ã¯å¥‡æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“)。
@@ -818,7 +818,7 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
word32 pubSz, ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ECCã‚·ã‚°ãƒãƒãƒ£ã®R部分ã¨S部分をDER符å·åŒ–ECDSAã‚·ã‚°ãƒãƒãƒ£ã«å¤‰æ›ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€outlenã§ã¯ã€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸé•·ã•ã‚‚記憶ã•ã‚Œã¦ã„ã¾ã™ã€‚
\return 0 ç½²åã®å¤‰æ›ã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã—ãŸ
\return ECC_BAD_ARG_E ã„ãšã‚Œã‹ã®å…¥åŠ›ãƒ‘ラメータãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãŒDERエンコードã•ã‚ŒãŸECDSAã‚·ã‚°ãƒãƒãƒ£ã‚’ä¿æŒã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -859,7 +859,7 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ECCç½²åã®RAWæˆåˆ†ã‚’æŒã¤ECC_KEY構造体を埋ã‚ã¾ã™ã€‚
\return 0 ECC_Key構造体ã«æ­£å¸¸ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã•ã‚ŒãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return ECC_BAD_ARG_E ã„ãšã‚Œã‹ã®å…¥åŠ›å€¤ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -901,7 +901,7 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
const char* d, const char* curveName);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ECC_KEY構造体ã‹ã‚‰ç§˜å¯†éµã®ã¿ã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚秘密éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«æ ¼ç´ã—ã€outlenã«ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
\return 0 秘密éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return ECC_BAD_ARG_E ã„ãšã‚Œã‹ã®å…¥åŠ›å€¤ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -939,7 +939,7 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief DERã¸ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆãƒã‚¤ãƒ³ãƒˆã€‚
\return 0 æˆåŠŸã«æˆ»ã‚Šã¾ã—ãŸã€‚
\return ECC_BAD_ARG_E curve_idxãŒ0未満ã¾ãŸã¯ç„¡åŠ¹ã§ã‚ã‚‹å ´åˆã¯è¿”ã—ã¾ã™ã€‚ã„ã¤æ¥ã‚‹ã®ã‹
@@ -964,7 +964,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
byte* out, word32* outLen);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief Derフォーマットã‹ã‚‰ã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆãƒã‚¤ãƒ³ãƒˆã€‚
\return ECC_BAD_ARG_E 引数ãŒnullã®å ´åˆã€ã¾ãŸã¯InlenãŒå¶æ•°ã®å ´åˆã¯è¿”ã—ã¾ã™ã€‚
\return MEMORY_E エラーåˆæœŸåŒ–ãŒã‚ã‚‹å ´åˆã«è¿”ã—ã¾ã™
@@ -988,7 +988,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
ecc_point* point);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ecc_key構造体ã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºã‚’オクテットã§è¿”ã—ã¾ã™ã€‚
\return Given 有効ãªã‚­ãƒ¼ã€ã‚ªã‚¯ãƒ†ãƒƒãƒˆã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™
\return 0 与ãˆã‚‰ã‚ŒãŸã‚­ãƒ¼ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -1008,7 +1008,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
int wc_ecc_size(ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€æ¬¡ã®ã‚ˆã†ã«ã—ã¦æŒ‡å®šã•ã‚ŒãŸECCã‚·ã‚°ãƒãƒãƒ£ã®æœ€æ‚ªã®å ´åˆã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚(KEYSZ * 2)+ SIG_HEADER_SZ + ECC_MAX_PAD_SZ。実際ã®ã‚·ã‚°ãƒãƒãƒ£ã‚µã‚¤ã‚ºã¯ã€WC_ECC_SIGN_HASHã§è¨ˆç®—ã§ãã¾ã™ã€‚
\return returns 最大署åサイズ(オクテット)
_Example_
@@ -1026,7 +1026,7 @@ int wc_ecc_sig_size_calc(int sz);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€æ¬¡ã®ã‚ˆã†ã«ã—ã¦æŒ‡å®šã•ã‚ŒãŸECCã‚·ã‚°ãƒãƒãƒ£ã®æœ€æ‚ªã®å ´åˆã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚(KEYSZ * 2)+ SIG_HEADER_SZ + ECC_MAX_PAD_SZ。実際ã®ã‚·ã‚°ãƒãƒãƒ£ã‚µã‚¤ã‚ºã¯ã€WC_ECC_SIGN_HASHã§è¨ˆç®—ã§ãã¾ã™ã€‚
\return Success 有効ãªã‚­ãƒ¼ã‚’考ãˆã‚‹ã¨ã€æœ€å¤§ç½²åサイズをオクテットã§è¿”ã—ã¾ã™ã€‚
\return 0 与ãˆã‚‰ã‚ŒãŸã‚­ãƒ¼ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -1049,7 +1049,7 @@ int wc_ecc_sig_size(ecc_key* key);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®æ©Ÿèƒ½ã¯ã€ECCã¨ã®å®‰å…¨ãªãƒ¡ãƒƒã‚»ãƒ¼ã‚¸äº¤æ›ã‚’å¯èƒ½ã«ã™ã‚‹ãŸã‚ã«ã€æ–°ã—ã„ECCコンテキストオブジェクトã®ã‚¹ãƒšãƒ¼ã‚¹ã‚’割り当ã¦ã€åˆæœŸåŒ–ã—ã¾ã™ã€‚
\return Success æ–°ã—ã„ECENCCTXオブジェクトã®ç”Ÿæˆã«æˆåŠŸã—ãŸå ´åˆã¯ã€ãã®ã‚ªãƒ–ジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
\return NULL 関数ãŒæ–°ã—ã„ECENCCTXオブジェクトを生æˆã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -1072,7 +1072,7 @@ int wc_ecc_sig_size(ecc_key* key);
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æš—å·åŒ–ã¨å¾©å·åŒ–ã«ä½¿ç”¨ã•ã‚Œã‚‹ECENCCTXオブジェクトを解放ã—ã¾ã™ã€‚
\return none 戻り値。
_Example_
@@ -1091,11 +1091,11 @@ ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
void wc_ecc_ctx_free(ecEncCtx*);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ECENCCTX構造をリセットã—ã¦ã€æ–°ã—ã„コンテキストオブジェクトを解放ã—ã€æ–°ã—ã„コンテキストオブジェクトを割り当ã¦ã¾ã™ã€‚
\return 0 ecencctx構造ãŒæ­£å¸¸ã«ãƒªã‚»ãƒƒãƒˆã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG RNGã¾ãŸã¯CTXãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™
- \return RNG_FAILURE_E ECCオブジェクトã«æ–°ã—ã„塩を生æˆã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
+ \return RNG_FAILURE_E ECCオブジェクトã«æ–°ã—ã„ソルトを生æˆã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
\param ctx リセットã™ã‚‹ECENCCTXオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
@@ -1114,7 +1114,7 @@ void wc_ecc_ctx_free(ecEncCtx*);
int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng); /* reset for use again w/o alloc/free */
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€wc_ecc_ctx_newã®å¾Œã«ã‚ªãƒ—ションã§å‘¼ã³å‡ºã•ã‚Œã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚æš—å·åŒ–ã€KDFã€ãŠã‚ˆã³MACアルゴリズムをECENCENCCTXオブジェクトã«è¨­å®šã—ã¾ã™ã€‚
\return 0 ECENCCTXオブジェクトã®æƒ…報を正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 指定ã•ã‚ŒãŸecencctxオブジェクトãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -1136,9 +1136,9 @@ int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
byte macAlgo);
/*!
- \ingroup ECC
- \brief ã“ã®é–¢æ•°ã¯ECENCENCCTXオブジェクトã®å¡©ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ECENCCTXã®çŠ¶æ…‹ãŒECSRV_INITã¾ãŸã¯ECCLI_INITã®å ´åˆã«ã®ã¿å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- \return Success æˆåŠŸã™ã‚‹ã¨ã€ECENCENTXå¡©ã‚’è¿”ã—ã¾ã™
+ \ingroup ECC
+ \brief ã“ã®é–¢æ•°ã¯ECENCENCCTXオブジェクトã®ã‚½ãƒ«ãƒˆã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ECENCCTXã®çŠ¶æ…‹ãŒECSRV_INITã¾ãŸã¯ECCLI_INITã®å ´åˆã«ã®ã¿å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \return æˆåŠŸã™ã‚‹ã¨ ã€ecEncCtx ソルトを返ã—ã¾ã™
\return NULL ecencctxオブジェクトãŒNULLã®å ´åˆã€ã¾ãŸã¯ECENCCTXã®çŠ¶æ…‹ãŒECSRV_INITã¾ãŸã¯ECCLI_INITã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚後者ã®2ã¤ã®ã‚±ãƒ¼ã‚¹ã§ã¯ã€ã“ã®æ©Ÿèƒ½ã¯ãã‚Œãžã‚ŒECSRV_BAD_STATEã¾ãŸã¯ECCLI_BAD_STATEã«ECENCCTXã®çŠ¶æ…‹ã‚’設定ã—ã¾ã™ã€‚
_Example_
\code
@@ -1159,12 +1159,12 @@ int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€ECENCENCCTXオブジェクトã®ãƒ”アソルトを設定ã—ã¾ã™ã€‚
\return 0 ECENCCTXオブジェクトã®ãƒ”アソルトã®è¨­å®šã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG 指定ã•ã‚ŒãŸecencctxオブジェクトãŒnullã¾ãŸã¯ç„¡åŠ¹ãªãƒ—ロトコルãŒã‚ã‚‹å ´åˆã€ã¾ãŸã¯æŒ‡å®šã•ã‚ŒãŸå¡©ãŒNULLã®å ´åˆ
+ \return BAD_FUNC_ARG 指定ã•ã‚ŒãŸecencctxオブジェクトãŒnullã¾ãŸã¯ç„¡åŠ¹ãªãƒ—ロトコルãŒã‚ã‚‹å ´åˆã€ã¾ãŸã¯æŒ‡å®šã•ã‚ŒãŸã‚½ãƒ«ãƒˆãŒNULLã®å ´åˆ
\return BAD_ENC_STATE_E ecencctxã®çŠ¶æ…‹ãŒECSRV_SALT_GETã¾ãŸã¯ECCLI_SALT_GETã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚後者ã®2ã¤ã®ã‚±ãƒ¼ã‚¹ã§ã¯ã€ã“ã®æ©Ÿèƒ½ã¯ãã‚Œãžã‚ŒECSRV_BAD_STATEã¾ãŸã¯ECCLI_BAD_STATEã«ECENCCTXã®çŠ¶æ…‹ã‚’設定ã—ã¾ã™ã€‚
- \param ctx 塩を設定ã™ã‚‹ãŸã‚ã®ecencctxã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param ctx ソルトを設定ã™ã‚‹ãŸã‚ã®ecencctxã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
ecEncCtx* cliCtx, srvCtx;
@@ -1186,7 +1186,7 @@ const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯ã€wc_ecc_ctx_set_peer_saltã®å‰å¾Œã«ã‚ªãƒ—ションã§å‘¼ã³å‡ºã•ã‚Œã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ECENCCTXオブジェクトã®ã‚ªãƒ—ションã®æƒ…報を設定ã—ã¾ã™ã€‚
\return 0 ECENCCTXオブジェクトã®æƒ…報を正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸECENCCTXオブジェクトãŒNULLã®å ´åˆã€å…¥åŠ›æƒ…å ±ã¯NULLã¾ãŸã¯ã‚µã‚¤ã‚ºãŒç„¡åŠ¹ã§ã™ã€‚
@@ -1207,7 +1207,7 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸå…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’MSGã‹ã‚‰OUTã«æš—å·åŒ–ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ãƒ‘ラメータã¨ã—ã¦ã‚ªãƒ—ションã®CTXオブジェクトをå–ã‚Šã¾ã™ã€‚æä¾›ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ECENCCTXã®Encalgoã€Kdfalgoã€ãŠã‚ˆã³Macalgoã«åŸºã¥ã„ã¦æš—å·åŒ–ãŒé€²ã¿ã¾ã™ã€‚CTXãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„å ´åˆã€å‡¦ç†ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã€ECAES_128_CBCã€ECHKDF_SHA256ã€ECHMAC_SHA256ã§å®Œäº†ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒCTXã§æŒ‡å®šã•ã‚ŒãŸæš—å·åŒ–タイプã«å¾“ã£ã¦åŸ‹ã‚è¾¼ã¾ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 入力メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG PRIVKEYã€PUBKEYã€MSGã€MSGSZã€OUTã€OUTSZãŒNULLã®å ´åˆã€ã¾ãŸã¯CTXオブジェクトãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„æš—å·åŒ–タイプを指定ã—ã¾ã™ã€‚
@@ -1246,7 +1246,7 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯æŒ‡å®šã•ã‚ŒãŸå…¥åŠ›ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’MSGã‹ã‚‰OUTã«æš—å·åŒ–ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ãƒ‘ラメータã¨ã—ã¦ã‚ªãƒ—ションã®CTXオブジェクトをå–ã‚Šã¾ã™ã€‚æä¾›ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ECENCCTXã®Encalgoã€Kdfalgoã€ãŠã‚ˆã³Macalgoã«åŸºã¥ã„ã¦æš—å·åŒ–ãŒé€²ã¿ã¾ã™ã€‚CTXãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„å ´åˆã€å‡¦ç†ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã€ECAES_128_CBCã€ECHKDF_SHA256ã€ECHMAC_SHA256ã§å®Œäº†ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒCTXã§æŒ‡å®šã•ã‚ŒãŸæš—å·åŒ–タイプã«å¾“ã£ã¦åŸ‹ã‚è¾¼ã¾ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 入力メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG PRIVKEYã€PUBKEYã€MSGã€MSGSZã€OUTã€OUTSZãŒNULLã®å ´åˆã€ã¾ãŸã¯CTXオブジェクトãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„æš—å·åŒ–タイプを指定ã—ã¾ã™ã€‚
@@ -1287,7 +1287,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx, int compressed);
/*!
- \ingroup ECC
+ \ingroup ECC
\brief ã“ã®é–¢æ•°ã¯MSGã‹ã‚‰OUTã¸ã®æš—å·æ–‡ã‚’復å·åŒ–ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ãƒ‘ラメータã¨ã—ã¦ã‚ªãƒ—ションã®CTXオブジェクトをå–ã‚Šã¾ã™ã€‚æä¾›ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ECENCCTXã®Encalgoã€Kdfalgoã€ãŠã‚ˆã³Macalgoã«åŸºã¥ã„ã¦æš—å·åŒ–ãŒé€²ã¿ã¾ã™ã€‚CTXãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„å ´åˆã€å‡¦ç†ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã€ECAES_128_CBCã€ECHKDF_SHA256ã€ECHMAC_SHA256ã§å®Œäº†ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒCTXã§æŒ‡å®šã•ã‚ŒãŸæš—å·åŒ–タイプã«å¾“ã£ã¦åŸ‹ã‚è¾¼ã¾ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 入力メッセージã®å¾©å·åŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG PRIVKEYã€PUBKEYã€MSGã€MSGSZã€OUTã€OUTSZãŒNULLã®å ´åˆã€ã¾ãŸã¯CTXオブジェクトãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„æš—å·åŒ–タイプを指定ã—ã¾ã™ã€‚
@@ -1329,7 +1329,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
/*!
- \ingroup ECC
+ \ingroup ECC
\brief éžãƒ–ロックæ“作ã®ãŸã‚ã®ECCサãƒãƒ¼ãƒˆã‚’有効ã«ã—ã¾ã™ã€‚次ã®ãƒ“ルドオプションを使用ã—ãŸå˜ç²¾åº¦ï¼ˆSP)数学ã§ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã™.WolfSSL_SP_SP_SMALL WOLFSSL_SP_NO_MALLOC WC_ECC_NONBLOCK
\return 0 コールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’入力メッセージã«æ­£å¸¸ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\param key ECC_KEYオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
@@ -1351,7 +1351,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
&key
);
- // TODO: Real-time work can be called here
+ // TODO: Real-time work can be called here
} while (ret == FP_WOULDBLOCK);
}
wc_ecc_free(&key);
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h
index 57f5adb4..64a4342e 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h
@@ -1,11 +1,17 @@
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ç§˜å¯†éµã‹ã‚‰ED25519公開éµã‚’生æˆã—ã¾ã™ã€‚公開éµã‚’ãƒãƒƒãƒ•ã‚¡Pubkeyã«æ ¼ç´ã—ã€Pubkeyszã§ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯Ed25519秘密éµã‹ã‚‰Ed25519公開éµã‚’生æˆã—ã¾ã™ã€‚公開éµã‚’ãƒãƒƒãƒ•ã‚¡pubkeyã«å‡ºåŠ›ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã®å‘¼ã³å‡ºã—ã«å…ˆç«‹ã¡ã€ed25519_key構造体ã«ã¯Ed25519秘密éµãŒã‚¤ãƒ³ãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
\return 0 公開éµã®ä½œæˆã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG IFIキーã¾ãŸã¯PubKeyãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒ32ãƒã‚¤ãƒˆã§ã¯ãªã„å ´åˆï¼ˆED25519ã«32ãƒã‚¤ãƒˆã®ã‚­ãƒ¼ãŒã‚ã‚Šã¾ã™ï¼‰ã€‚
- \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] キーを生æˆã™ã‚‹ED25519_Keyã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [out] 公開éµã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG 引数keyã¾ãŸã¯pubKeyãŒNULLã®å ´åˆã€ã¾ãŸã¯æŒ‡å®šã•ã‚ŒãŸéµã‚µã‚¤ã‚ºãŒ32ãƒã‚¤ãƒˆã§ã¯ãªã„å ´åˆï¼ˆED25519ã«32ãƒã‚¤ãƒˆã®ã‚­ãƒ¼ãŒã‚ã‚Šã¾ã™ï¼‰ã€‚
+ \return ECC_PRIV_KEY_E ed25519_key構造体ã«Ed25519秘密éµãŒã‚¤ãƒ³ãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param [in] key Ed25519秘密éµãŒã‚¤ãƒ³ãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [out] pubKey 公開éµã‚’出力ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] pubKeySz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚常ã«ED25519_PUB_KEY_SIZE(32)ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -31,13 +37,14 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
word32 pubKeySz);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯æ–°ã—ã„ED25519キーを生æˆã—ã€ãれをキーã«æ ¼ç´ã—ã¾ã™ã€‚
- \return 0 ED25519_KEYを正常ã«è¡Œã†ã¨è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG RNGã¾ãŸã¯KEYãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯æŒ‡å®šã•ã‚ŒãŸã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒ32ãƒã‚¤ãƒˆã§ã¯ãªã„å ´åˆï¼ˆED25519ã«32ãƒã‚¤ãƒˆã®ã‚­ãƒ¼ãŒã‚ã‚Šã¾ã™ï¼‰ã€‚
- \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] RNGキーを生æˆã™ã‚‹åˆæœŸåŒ–ã•ã‚ŒãŸRNGオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] keysize keyã®é•·ã•ã‚’生æˆã—ã¾ã™ã€‚ED25519ã®å ´åˆã¯å¸¸ã«32ã«ãªã‚Šã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯æ–°ã—ã„ed25519_key構造体を生æˆã—ã€ãれを引数keyã®ãƒãƒƒãƒ•ã‚¡ã«æ ¼ç´ã—ã¾ã™ã€‚
+ \return 0 ed25519_key構造体を正常ã«ç”Ÿæˆã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG RNGã¾ãŸã¯KEYãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯æŒ‡å®šã•ã‚ŒãŸkeysizeãŒ32ãƒã‚¤ãƒˆã§ã¯ãªã„å ´åˆ(Ed25519éµã«ã¯å¸¸ã«32ãƒã‚¤ãƒˆã‚’指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™)。
+ \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] rng RNGキーを生æˆã™ã‚‹åˆæœŸåŒ–ã•ã‚ŒãŸRNGオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] keysize keyã®é•·ã•ã€‚ED25519ã®å ´åˆã¯å¸¸ã«32ã«ãªã‚Šã¾ã™ã€‚
+
_Example_
\code
int ret;
@@ -58,15 +65,18 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_Keyオブジェクトを使用ã—ã¦èªè¨¼ã‚’ä¿è¨¼ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体を使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚
\return 0 メッセージã®ç½²åを正常ã«ç”Ÿæˆã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã¦ç”Ÿæˆã•ã‚ŒãŸç½²åã‚’ä¿å­˜ã™ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚¤ãƒ³ãƒ¬ãƒ«é•·ã€‚
- \param [out] 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
- \param [in,out] 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã®ç¯„囲内。メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
+ \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param [in] in ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] inlen ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚º
+ \param [out] out 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param [in,out] outlen 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã€‚メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’ä¿æŒã—ã¾ã™ã€‚
+ \param [in] key ç½²åを生æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹ç§˜å¯†éµã‚’ä¿æŒã—ã¦ã„ã‚‹ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
ed25519_key key;
@@ -95,17 +105,20 @@ int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out,
word32 *outlen, ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_Keyオブジェクトを使用ã—ã¦èªè¨¼ã‚’ä¿è¨¼ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚コンテキストã¯ç½²åã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã§ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体を使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚
+ コンテキストã¯ç½²åã•ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã§ã™ã€‚
\return 0 メッセージã®ç½²åを正常ã«ç”Ÿæˆã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG è¿”ã•ã‚ŒãŸå…¥åŠ›ãƒ‘ラメータã¯NULLã«è©•ä¾¡ã•ã‚Œã¾ã™ã€‚出力ãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã¦ç”Ÿæˆã•ã‚ŒãŸç½²åã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã¾ã™ã€‚
- \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚¤ãƒ³ãƒ¬ãƒ«é•·ã€‚
- \param [out] 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
- \param [in,out] 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã®ç¯„囲内。メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
- \param [in] ç½²åを生æˆã™ã‚‹ãƒ—ライベートED25519_KEYã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] in ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] inlen ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚º
+ \param [out] out 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param [in,out] outlen 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã€‚メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを生æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹ç§˜å¯†éµã‚’ä¿æŒã—ã¦ã„ã‚‹ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] context メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] contextLen コンテキストãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
ed25519_key key;
@@ -137,17 +150,24 @@ int wc_ed25519ctx_sign_msg(const byte* in, word32 inlen, byte* out,
const byte* context, byte contextLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_Keyオブジェクトを使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã«ç½²åã—ã¦ä¿¡é ¼æ€§ã‚’ä¿è¨¼ã—ã¾ã™ã€‚コンテキストã¯ç½²åã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ç½²å計算ã®å‰ã«ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã¯äº‹å‰ã«ãƒãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ã¾ã™ã€‚メッセージダイジェストを作æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¯Shake-256ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体を使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã«ç½²åã—ã¾ã™ã€‚
+ コンテキストã¯ç½²åã•ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+ ç½²å計算ã®å‰ã«ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã¯äº‹å‰ã«ãƒãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ã¾ã™ã€‚
+ メッセージダイジェストを作æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¯Shake-256ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+
\return 0 メッセージダイジェストã®ç½²åを正常ã«ç”Ÿæˆã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG è¿”ã•ã‚ŒãŸå…¥åŠ›ãƒ‘ラメータã¯NULLã«è©•ä¾¡ã•ã‚Œã¾ã™ã€‚出力ãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã¦ç”Ÿæˆã•ã‚ŒãŸç½²åã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã¾ã™ã€‚
- \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] サインã¸ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒãƒƒã‚·ãƒ¥ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒãƒƒã‚·ãƒ¥ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] サインã¸ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒãƒƒã‚·ãƒ¥ã®ãƒãƒƒã‚·ãƒ¥ã®é•·ã•ã€‚
- \param [out] 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
- \param [in,out] 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã®ç¯„囲内。メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
- \param [in] ç½²åを生æˆã™ã‚‹ãƒ—ライベートED25519_KEYã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param [in] hash ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒãƒƒã‚·ãƒ¥ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] hashLen ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒãƒƒã‚·ãƒ¥ã®ã‚µã‚¤ã‚º
+ \param [out] out 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param [in,out] outlen 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã€‚メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを生æˆã™ã‚‹ã®ã«ä½¿ç”¨ã™ã‚‹ç§˜å¯†éµã‚’å«ã‚“ã ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] context メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] contextLen コンテキストãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
ed25519_key key;
@@ -179,17 +199,19 @@ int wc_ed25519ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
const byte* context, byte contextLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_Keyオブジェクトを使用ã—ã¦èªè¨¼ã‚’ä¿è¨¼ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚コンテキストã¯ç½²åã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ç½²å計算ã®å‰ã«ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã¯äº‹å‰ã«ãƒãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体を使用ã—ã¦èªè¨¼ã‚’ä¿è¨¼ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚コンテキストã¯ç½²åã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ç½²å計算ã®å‰ã«ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã¯äº‹å‰ã«ãƒãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ã¾ã™ã€‚
\return 0 メッセージã®ç½²åを正常ã«ç”Ÿæˆã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG è¿”ã•ã‚ŒãŸå…¥åŠ›ãƒ‘ラメータã¯NULLã«è©•ä¾¡ã•ã‚Œã¾ã™ã€‚出力ãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã¦ç”Ÿæˆã•ã‚ŒãŸç½²åã‚’ä¿å­˜ã™ã‚‹ã«ã¯å°ã•ã™ãŽã¾ã™ã€‚
- \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚¤ãƒ³ãƒ¬ãƒ«é•·ã€‚
- \param [out] 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
- \param [in,out] 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã®ç¯„囲内。メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
- \param [in] ç½²åを生æˆã™ã‚‹ãƒ—ライベートED25519_KEYã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] in ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] inlen ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚¤ãƒ³ãƒ¬ãƒ«é•·ã€‚
+ \param [out] out 生æˆã•ã‚ŒãŸç½²åã‚’æ ¼ç´ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param [in,out] outlen 出力ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§é•·ã€‚メッセージ署åã®ç”Ÿæˆã«æˆåŠŸã—ãŸã¨ãã«ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’ä¿å­˜ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを生æˆã™ã‚‹ãƒ—ライベートed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] context メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] contextLen コンテキストãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
ed25519_key key;
@@ -221,16 +243,21 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
const byte* context, byte contextLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ED25519ç½²åを確èªã—ã¦ä¿¡é ¼æ€§ã‚’確ä¿ã—ã¾ã™ã€‚RESを介ã—ã¦ç­”ãˆã‚’è¿”ã—ã€æœ‰åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹1ã€ç„¡åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹0ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®Ed25519ç½²åを検証ã—ã¾ã™ã€‚
+ retを介ã—ã¦ç­”ãˆã‚’è¿”ã—ã€æœ‰åŠ¹ãªç½²åã®å ´åˆã¯1ã€ç„¡åŠ¹ãªç½²åã®å ´åˆã«ã¯0ã‚’è¿”ã—ã¾ã™ã€‚
+
\return 0 ç½²å検証ã¨èªè¨¼ã‚’正常ã«å®Ÿè¡Œã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›ãƒ‘ラメータãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯SIGLENãŒç½²åã®å®Ÿéš›ã®é•·ã•ã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIG_VERIFY_E 検証ãŒå®Œäº†ã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ç”Ÿæˆã•ã‚ŒãŸç½²åã¯æä¾›ã•ã‚ŒãŸç½²åã¨ä¸€è‡´ã—ã¾ã›ã‚“。
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®SIGãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚·ã‚°ãƒ¬ãƒ³ã®é•·ã•ã€‚
- \param [in] メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®MSGãƒã‚¤ãƒ³ã‚¿ã‚’確èªã™ã‚‹ã€‚
- \param [in] 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®MSGlen長。
- \param [out] 検証ã®çµæžœã¸ã®RESãƒã‚¤ãƒ³ã‚¿ã€‚1メッセージãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
+
+ \param [in] sig 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] siglen 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚µã‚¤ã‚º
+ \param [in] msg メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] msgLen 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚º
+ \param [out] ret 検証ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å¤‰æ•°ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚1ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを検証ã™ã‚‹ãŸã‚ã®Ed25519公開éµã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
ed25519_key key;
@@ -257,18 +284,24 @@ int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
word32 msgLen, int* ret, ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ED25519ç½²åを確èªã—ã¦ä¿¡é ¼æ€§ã‚’確ä¿ã—ã¾ã™ã€‚文脈ã¯ãƒ‡ãƒ¼ã‚¿æ¤œè¨¼æ¸ˆã¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚RESを介ã—ã¦ç­”ãˆã‚’è¿”ã—ã€æœ‰åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹1ã€ç„¡åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹0ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®Ed25519ç½²åを検証ã—ã¾ã™ã€‚
+ コンテキストã¯ç½²åã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+ ç­”ãˆã¯å¤‰æ•°retを介ã—ã¦è¿”ã•ã‚Œã€ç½²åãŒæœ‰åŠ¹ãªã‚‰ã°1ã€ç„¡åŠ¹ãªã‚‰ã°0ã‚’è¿”ã—ã¾ã™ã€‚
+
\return 0 ç½²å検証ã¨èªè¨¼ã‚’正常ã«å®Ÿè¡Œã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›ãƒ‘ラメータãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯SIGLENãŒç½²åã®å®Ÿéš›ã®é•·ã•ã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIG_VERIFY_E 検証ãŒå®Œäº†ã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ç”Ÿæˆã•ã‚ŒãŸç½²åã¯æä¾›ã•ã‚ŒãŸç½²åã¨ä¸€è‡´ã—ã¾ã›ã‚“。
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®SIGãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚·ã‚°ãƒ¬ãƒ³ã®é•·ã•ã€‚
- \param [in] メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®MSGãƒã‚¤ãƒ³ã‚¿ã‚’確èªã™ã‚‹ã€‚
- \param [in] 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®MSGlen長。
- \param [out] 検証ã®çµæžœã¸ã®RESãƒã‚¤ãƒ³ã‚¿ã€‚1メッセージãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
- \param [in] ç½²åを検証ã™ã‚‹ãŸã‚ã®Public ED25519キーã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] メッセージãŒç½²åã•ã‚ŒãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \param [in] sig 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] siglen 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚µã‚¤ã‚º
+ \param [in] msg メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] msgLen 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚º
+ \param [out] ret 検証ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å¤‰æ•°ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚1ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを検証ã™ã‚‹ãŸã‚ã®Ed25519公開éµã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] context メッセージãŒç½²åã•ã‚Œã¦ã„るコンテキストをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] contextLen コンテキストãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
ed25519_key key;
@@ -297,18 +330,25 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
const byte* context, byte contextLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã®ED25519ã‚·ã‚°ãƒãƒãƒ£ã‚’確èªã—ã¦ã€ä¿¡é ¼æ€§ã‚’確ä¿ã—ã¾ã™ã€‚文脈ã¯ãƒ‡ãƒ¼ã‚¿æ¤œè¨¼æ¸ˆã¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ãƒãƒƒã‚·ãƒ¥ã¯ã€ç½²å計算å‰ã®ãƒ—リãƒãƒƒã‚·ãƒ¥ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã§ã™ã€‚メッセージダイジェストを作æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¯SHA-512ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。答ãˆã¯RESを介ã—ã¦è¿”ã•ã‚Œã€æœ‰åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹1ã€ç„¡åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹0ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã®Ed25519ç½²åを検証ã—ã¾ã™ã€‚
+ 引数hashã¯ã€ç½²å計算å‰ã®ãƒ—リãƒãƒƒã‚·ãƒ¥ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã§ã™ã€‚
+ メッセージダイジェストを作æˆã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¯SHA-512ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ ç­”ãˆã¯å¤‰æ•°retを介ã—ã¦è¿”ã•ã‚Œã€ç½²åãŒæœ‰åŠ¹ãªã‚‰ã°1ã€ç„¡åŠ¹ãªã‚‰ã°0ã‚’è¿”ã—ã¾ã™ã€‚
+
\return 0 ç½²å検証ã¨èªè¨¼ã‚’正常ã«å®Ÿè¡Œã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›ãƒ‘ラメータãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯SIGLENãŒç½²åã®å®Ÿéš›ã®é•·ã•ã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIG_VERIFY_E 検証ãŒå®Œäº†ã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ç”Ÿæˆã•ã‚ŒãŸç½²åã¯æä¾›ã•ã‚ŒãŸç½²åã¨ä¸€è‡´ã—ã¾ã›ã‚“。
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®SIGãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚·ã‚°ãƒ¬ãƒ³ã®é•·ã•ã€‚
- \param [in] 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒãƒƒã‚·ãƒ¥ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒãƒƒã‚·ãƒ¥ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 検証ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã®ãƒãƒƒã‚·ãƒ¥ãƒ¬ãƒ³é•·ã€‚
- \param [out] 検証ã®çµæžœã¸ã®RESãƒã‚¤ãƒ³ã‚¿ã€‚1メッセージãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
- \param [in] ç½²åを検証ã™ã‚‹ãŸã‚ã®Public ED25519キーã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] メッセージãŒç½²åã•ã‚ŒãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \param [in] sig 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] siglen 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚µã‚¤ã‚º
+ \param [in] msg メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] msgLen 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚º
+ \param [out] ret 検証ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å¤‰æ•°ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚1ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを検証ã™ã‚‹ãŸã‚ã®Ed25519公開éµã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] context メッセージãŒç½²åã•ã‚ŒãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] contextLen コンテキストã®ã‚µã‚¤ã‚º
+
_Example_
\code
ed25519_key key;
@@ -337,18 +377,24 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
const byte* context, byte contextLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ED25519ç½²åを確èªã—ã¦ä¿¡é ¼æ€§ã‚’確ä¿ã—ã¾ã™ã€‚文脈ã¯ãƒ‡ãƒ¼ã‚¿æ¤œè¨¼æ¸ˆã¿ã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚検証å‰ã«ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒãƒ—リãƒãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ã¾ã™ã€‚RESを介ã—ã¦ç­”ãˆã‚’è¿”ã—ã€æœ‰åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹1ã€ç„¡åŠ¹ãªç½²åã«å¯¾å¿œã™ã‚‹0ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã®Ed25519ç½²åを検証ã—ã¾ã™ã€‚
+ 引数contextã¯æ¤œè¨¼ã™ã¹ãデータã®ä¸€éƒ¨ã¨ã—ã¦å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+ 検証å‰ã«ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒãƒ—リãƒãƒƒã‚·ãƒ¥ã•ã‚Œã¦ã„ã¾ã™ã€‚
+ ç­”ãˆã¯å¤‰æ•°resを介ã—ã¦è¿”ã•ã‚Œã€ç½²åãŒæœ‰åŠ¹ãªã‚‰ã°1ã€ç„¡åŠ¹ãªã‚‰ã°0ã‚’è¿”ã—ã¾ã™ã€‚
+
\return 0 ç½²å検証ã¨èªè¨¼ã‚’正常ã«å®Ÿè¡Œã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›ãƒ‘ラメータãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯SIGLENãŒç½²åã®å®Ÿéš›ã®é•·ã•ã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIG_VERIFY_E 検証ãŒå®Œäº†ã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ãŒã€ç”Ÿæˆã•ã‚ŒãŸç½²åã¯æä¾›ã•ã‚ŒãŸç½²åã¨ä¸€è‡´ã—ã¾ã›ã‚“。
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®SIGãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚·ã‚°ãƒ¬ãƒ³ã®é•·ã•ã€‚
- \param [in] メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®MSGãƒã‚¤ãƒ³ã‚¿ã‚’確èªã™ã‚‹ã€‚
- \param [in] 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®MSGlen長。
- \param [out] 検証ã®çµæžœã¸ã®RESãƒã‚¤ãƒ³ã‚¿ã€‚1メッセージãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
- \param [in] ç½²åを検証ã™ã‚‹ãŸã‚ã®Public ED25519キーã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] メッセージãŒç½²åã•ã‚ŒãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] sig 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] siglen 検証ã™ã‚‹ã‚·ã‚°ãƒãƒãƒ£ã®ã‚µã‚¤ã‚º
+ \param [in] msg メッセージをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] msgLen 検証ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚º
+ \param [out] ret 検証ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å¤‰æ•°ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚1ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæ­£å¸¸ã«æ¤œè¨¼ã•ã‚ŒãŸã“ã¨ã‚’示ã—ã¾ã™ã€‚
+ \param [in] key ç½²åを検証ã™ã‚‹ãŸã‚ã®Ed25519公開éµã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] context メッセージãŒç½²åã•ã‚ŒãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] contextLen コンテキストã®ã‚µã‚¤ã‚º
+
_Example_
\code
ed25519_key key;
@@ -377,10 +423,12 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 siglen, const byte* msg,
const byte* context, byte contextLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸æ¤œè¨¼ã§å°†æ¥ã®ä½¿ç”¨ã®ãŸã‚ã«ED25519_KeyオブジェクトをåˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return 0 ED25519_Keyオブジェクトã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG キーãŒNULLã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€å¾Œã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸æ¤œè¨¼ã§ä½¿ç”¨ã®ãŸã‚ã«ed25519_key構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return 0 ed25519_key構造体ã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数keyãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in,out] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
ed25519_key key;
@@ -393,8 +441,10 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 siglen, const byte* msg,
int wc_ed25519_init(ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ä½¿ç”¨ã•ã‚ŒãŸå¾Œã«ED25519オブジェクトを解放ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ä½¿ç”¨æ¸ˆã¿ã®ed25519_key構造体を解放ã—ã¾ã™ã€‚
+ \param [in,out] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
ed25519_key key;
@@ -408,12 +458,16 @@ int wc_ed25519_init(ed25519_key* key);
void wc_ed25519_free(ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€å…¬é–‹éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰Public ED25519_Keyペアをインãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯åœ§ç¸®ã‚­ãƒ¼ã¨éžåœ§ç¸®ã‚­ãƒ¼ã®ä¸¡æ–¹ã‚’処ç†ã—ã¾ã™ã€‚
- \return 0 ED25519_KEYã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG inã¾ãŸã¯keyãŒnullã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯InlenãŒED25519キーã®ã‚µã‚¤ã‚ºã‚ˆã‚Šã‚‚å°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] 公開éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 公開éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã®ã‚¤ãƒ³ãƒ¬ãƒ«é•·ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ed25519公開éµã‚’ed25519_key構造体ã¸ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ 圧縮ã‚ã‚‹ã„ã¯éžåœ§ç¸®ã®ä¸¡æ–¹ã®å½¢å¼ã®éµã‚’扱ã„ã¾ã™ã€‚
+ \return 0 ed25519公開éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG inã¾ãŸã¯keyãŒnullã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯inlenãŒED25519éµã®ã‚µã‚¤ã‚ºã‚ˆã‚Šã‚‚å°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param [in] in 公開éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] inLen 公開éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param [in,out] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret;
@@ -426,21 +480,61 @@ void wc_ed25519_free(ed25519_key* key);
// error importing key
}
\endcode
+
+ \sa wc_ed25519_import_public_ex
\sa wc_ed25519_import_private_key
+ \sa wc_ed25519_import_private_key_ex
\sa wc_ed25519_export_public
*/
int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ed25519秘密éµã‚’ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ã®ã¿ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
- \return 0 ED25519キーã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
+ \ingroup ED25519
+
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ed25519公開éµã‚’ed25519_key構造体ã¸ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ 圧縮ã‚ã‚‹ã„ã¯éžåœ§ç¸®ã®ä¸¡æ–¹ã®å½¢å¼ã®éµã‚’扱ã„ã¾ã™ã€‚
+ 秘密éµãŒæ—¢ã«ã‚¤ãƒ³ãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹å ´åˆã§ã€trusted引数ãŒ1以外ã®å ´åˆã¯ä¸¡éµãŒå¯¾å¿œã—ã¦ã„ã‚‹ã‹ã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚
+
+ \return 0 ed25519公開éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG Returned 引数inã‚ã‚‹ã„ã¯keyãŒNULLã®å ´åˆ,ã‚ã‚‹ã„ã¯å¼•æ•°inLenãŒEd25519éµã®ã‚µã‚¤ã‚ºã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param [in] in 公開éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] inLen 公開éµã‚’å«ã‚“ã ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param [in,out] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in] trusted 公開éµãŒä¿¡é ¼ãŠã‘ã‚‹ã‹å¦ã‹ã‚’示ã™ãƒ•ãƒ©ã‚°
+
+ _Example_
+ \code
+ int ret;
+ byte pub[] = { initialize Ed25519 public key };
+
+ ed_25519 key;
+ wc_ed25519_init_key(&key);
+ ret = wc_ed25519_import_public_ex(pub, sizeof(pub), &key, 1);
+ if (ret != 0) {
+ // error importing key
+ }
+ \endcode
+
+ \sa wc_ed25519_import_public
+ \sa wc_ed25519_import_private_key
+ \sa wc_ed25519_import_private_key_ex
+ \sa wc_ed25519_export_public
+*/
+
+int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
+ int trusted);
+
+
+/*!
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519秘密éµã®ã¿ã‚’ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ã‚¤ãƒ³ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ \return 0 Ed25519秘密éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG privã¾ãŸã¯keyãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€ã¾ãŸã¯privSzãŒED25519_KEY_SIZEã¨ç•°ãªã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] 秘密éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®PRIVãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 秘密éµã®Privszé•·ã•ã€‚
- \param [in] 公開éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®Pubãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 公開éµã®Pubszã®é•·ã•ã€‚
+ \param [in] priv 秘密éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] privSz 秘密éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
int ret;
@@ -457,19 +551,21 @@ int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
\sa wc_ed25519_import_private_key
\sa wc_ed25519_export_private_only
*/
-
int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
ed25519_key* key);
+
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ä¸€å¯¾ã®ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ãƒ‘ブリック/プライベートED25519キーペアをインãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯åœ§ç¸®ã‚­ãƒ¼ã¨éžåœ§ç¸®ã‚­ãƒ¼ã®ä¸¡æ–¹ã‚’処ç†ã—ã¾ã™ã€‚
- \return 0 ED25519_KEYã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€Ed25519公開éµ/秘密éµã‚’ãã‚Œãžã‚Œå«ã‚€ä¸€å¯¾ã®ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰Ed25519éµãƒšã‚¢ã‚’インãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯åœ§ç¸®ã¨éžåœ§ç¸®ã®ä¸¡æ–¹ã®éµã‚’処ç†ã—ã¾ã™ã€‚
+ \return 0 Ed25519_KEYã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG privã¾ãŸã¯keyãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€privSzãŒED25519_KEY_SIZEã¨ç•°ãªã‚‹ã‚ã‚‹ã„ã¯ED25519_PRV_KEY_SIZEã¨ã‚‚ç•°ãªã‚‹å ´åˆã€pubSzãŒED25519_PUB_KEY_SIZEよりもå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] 秘密éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®PRIVãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 秘密éµã®Privszé•·ã•ã€‚
- \param [in] 公開éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®Pubãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 公開éµã®Pubszã®é•·ã•ã€‚
+ \param [in] priv 秘密éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] privSz 秘密éµãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param [in] pub 公開éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] pubSz 公開éµãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
int ret;
@@ -497,12 +593,13 @@ int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
\brief ã“ã®é–¢æ•°ã¯ä¸€å¯¾ã®ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰Ed25519公開éµ/秘密éµãƒšã‚¢ã‚’インãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯åœ§ç¸®ã‚­ãƒ¼ã¨éžåœ§ç¸®ã‚­ãƒ¼ã®ä¸¡æ–¹ã‚’処ç†ã—ã¾ã™ã€‚公開éµã¯trusted引数ã«ã‚ˆã‚Šä¿¡é ¼ã•ã‚Œã¦ã„ãªã„ã¨ã•ã‚ŒãŸå ´åˆã«ã¯ç§˜å¯†éµã«å¯¾ã—ã¦æ¤œè¨¼ã•ã‚Œã¾ã™ã€‚
\return 0 ed25519_keyã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG Returned if privã‚ã‚‹ã„ã¯keyãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã€privSzãŒED25519_KEY_SIZEã¨ã‚‚ED25519_PRV_KEY_SIZEã¨ã‚‚ç•°ãªã‚‹å ´åˆã€pubSzãŒED25519_PUB_KEY_SIZEよりå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] priv 秘密éµã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
+ \param [in] priv 秘密éµã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param [in] privSz 秘密éµãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
- \param [in] pub 公開éµã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
+ \param [in] pub 公開éµã‚’ä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param [in] pubSz 公開éµãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
\param [in,out] key インãƒãƒ¼ãƒˆã•ã‚ŒãŸå…¬é–‹éµ/秘密éµã‚’ä¿æŒã™ã‚‹ed25519_keyオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
- \param [in] trusted 公開éµãŒä¿¡é ¼ã§ãã‚‹ã‹å¦ã‹ã€‚
+ \param [in] trusted 公開éµãŒä¿¡é ¼ã§ãã‚‹ã‹å¦ã‹ã‚’指定ã™ã‚‹ãƒ•ãƒ©ã‚°
+
_Example_
\code
int ret;
@@ -527,13 +624,16 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed25519_key* key, int trusted);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµã‚’ED25519_Key構造体ã‹ã‚‰ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚公開éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«æ ¼ç´ã—ã€ounterenã§ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体ã‹ã‚‰å…¬é–‹éµã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚公開éµã‚’ãƒãƒƒãƒ•ã‚¡outã«æ ¼ç´ã—ã€outLenã«ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
\return 0 公開éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›å€¤ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BUFFER_E æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒç§˜å¯†éµã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã®ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã™ã¨ã€outlenã«å¿…è¦ãªã‚µã‚¤ã‚ºã‚’設定ã—ã¾ã™ã€‚
- \param [in] 公開éµã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ED25519_Key構造体ã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [out] 公開éµã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BUFFER_E æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒå…¬é–‹éµã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã®ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã™ã¨ã€outlenã«å¿…è¦ãªã‚µã‚¤ã‚ºã‚’設定ã—ã¾ã™ã€‚
+ \param [in] key 公開éµã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [out] out 公開éµã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] outLen 公開éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹word32型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ 入力ã®éš›ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¦æ¸¡ã—ã€å‡ºåŠ›ã®éš›ã¯ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ãŸå…¬é–‹éµã®ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¾ã™ã€‚
+
_Example_
\code
int ret;
@@ -555,13 +655,16 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_Key構造体ã‹ã‚‰ã®ç§˜å¯†éµã®ã¿ã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚秘密éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«æ ¼ç´ã—ã€outlenã«ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体ã‹ã‚‰ã®ç§˜å¯†éµã®ã¿ã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚秘密éµã‚’ãƒãƒƒãƒ•ã‚¡ã‚¢ã‚¦ãƒˆã«æ ¼ç´ã—ã€outlenã«ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
\return 0 秘密éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›å€¤ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒç§˜å¯†éµã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] 秘密éµã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ED25519_Key構造体ã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [out] 秘密éµã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] key 秘密éµã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [out] out 秘密éµã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] outLen 秘密éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹word32型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ 入力ã®éš›ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¦æ¸¡ã—ã€å‡ºåŠ›ã®éš›ã¯ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ãŸç§˜å¯†éµã®ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¾ã™ã€‚
+
_Example_
\code
int ret;
@@ -582,13 +685,16 @@ int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_Key構造体ã‹ã‚‰ã‚­ãƒ¼ãƒšã‚¢ã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚キーペアをãƒãƒƒãƒ•ã‚¡OUTã«æ ¼ç´ã—ã€ounterenã§ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
- \return 0 キーペアã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体ã‹ã‚‰éµãƒšã‚¢ã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚éµãƒšã‚¢ã‚’ãƒãƒƒãƒ•ã‚¡outã«æ ¼ç´ã—ã€ounterenã§ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
+ \return 0 éµãƒšã‚¢ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›å€¤ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BUFFER_E æä¾›ã•ã‚Œã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒã‚­ãƒ¼ãƒšã‚¢ã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] キーペアをエクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ED25519_Key構造体ã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [out] キーペアをä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BUFFER_E æä¾›ã•ã‚Œã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒéµãƒšã‚¢ã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] éµãƒšã‚¢ã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [out] éµãƒšã‚¢ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] outLen éµãƒšã‚¢ã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹word32型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ 入力ã®éš›ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¦æ¸¡ã—ã€å‡ºåŠ›ã®éš›ã¯ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ãŸéµãƒšã‚¢ã®ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã—ã¾ã™ã€‚
+
_Example_
\code
ed25519_key key;
@@ -613,15 +719,21 @@ int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_KEY構造体ã¨ã¯åˆ¥ã«ãƒ—ライベートキーã¨å…¬é–‹éµã‚’エクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚秘密éµã‚’ãƒãƒƒãƒ•ã‚¡ãƒ¼Privã«æ ¼ç´ã—ã€PRIVSZã§ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚公開éµã‚’ãƒãƒƒãƒ•ã‚¡PUBã«æ ¼ç´ã—ã€Pubszã§ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’設定ã—ã¾ã™ã€‚
- \return 0 キーペアã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体ã‹ã‚‰ç§˜å¯†éµã¨å…¬é–‹éµã‚’別々ã«ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ 秘密éµã‚’ãƒãƒƒãƒ•ã‚¡privã«æ ¼ç´ã—ã€priovSzã«ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ã込んã ãƒã‚¤ãƒˆæ•°ã‚’設定ã—ã¾ã™ã€‚
+ 公開éµã‚’ãƒãƒƒãƒ•ã‚¡pubã«æ ¼ç´ã—ã€pubSzã«ã“ã®ãƒãƒƒãƒ•ã‚¡ã«æ›¸ã込んã ãƒã‚¤ãƒˆæ•°ã‚’設定ã—ã¾ã™ã€‚
+ \return 0 éµãƒšã‚¢ã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›å€¤ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BUFFER_E æä¾›ã•ã‚Œã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒã‚­ãƒ¼ãƒšã‚¢ã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param [in] キーペアをエクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ED25519_Key構造体ã¸ã®ã‚­ãƒ¼ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [out] 秘密éµã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®PRIVãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in,out] PRIVSZ PIVINSZãƒã‚¤ãƒ³ã‚¿ã‚µã‚¤ã‚ºãŒè¡¨ç¤ºã•ã‚Œã¦ã„るサイズをæŒã¤Word32オブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚秘密éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆå¾Œã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’設定ã—ã¾ã™ã€‚
- \param [out] パブリックキーをä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®Pub。
+ \return BUFFER_E æä¾›ã•ã‚Œã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ãŒéµãƒšã‚¢ã‚’ä¿å­˜ã™ã‚‹ã®ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] key éµãƒšã‚¢ã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [out] priv 秘密éµã‚’出力ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] privSz 秘密éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’ä¿æŒã™ã‚‹word32型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ 秘密éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆå¾Œã«ã¯æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ãŒã‚»ãƒƒãƒˆã•ã‚Œã¾ã™ã€‚
+ \param [out] pub パブリックキーを出力ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param [in,out] pubSz 公開éµã‚’出力ã™ã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’ä¿æŒã™ã‚‹word32型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ 公開éµã®ã‚¨ã‚¯ã‚¹ãƒãƒ¼ãƒˆå¾Œã«ã¯æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ãŒã‚»ãƒƒãƒˆã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret;
@@ -647,11 +759,13 @@ int wc_ed25519_export_key(ed25519_key* key,
byte* pub, word32 *pubSz);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519_KEY構造体ã®å…¬é–‹éµã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€ed25519_key構造体ã®å…¬é–‹éµã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚
\return 0 プライベートキーã¨å…¬é–‹éµãŒä¸€è‡´ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸéµãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return PUBLIC_KEY_E 公開éµãŒå‚ç…§ã§ããªã„ã‹ç„¡åŠ¹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] key 公開éµã¨ç§˜å¯†éµã®ä¸¡æ–¹ã‚’ä¿æŒã—ã¦ã„ã‚‹ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret;
@@ -672,10 +786,13 @@ int wc_ed25519_export_key(ed25519_key* key,
int wc_ed25519_check_key(ed25519_key* key);
/*!
- \ingroup ED25519
- \brief ã“ã®é–¢æ•°ã¯ã€ED25519 - 32ãƒã‚¤ãƒˆã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup ED25519
+ \brief ã“ã®é–¢æ•°ã¯ã€Ed25519 - 32ãƒã‚¤ãƒˆã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
\return ED25519_KEY_SIZE 有効ãªç§˜å¯†éµã®ã‚µã‚¤ã‚ºï¼ˆ32ãƒã‚¤ãƒˆï¼‰ã€‚
- \return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸã‚­ãƒ¼ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸå¼•æ•°keyãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+
_Example_
\code
int keySz;
@@ -692,10 +809,12 @@ int wc_ed25519_check_key(ed25519_key* key);
int wc_ed25519_size(ed25519_key* key);
/*!
- \ingroup ED25519
+ \ingroup ED25519
\brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµã‚µã‚¤ã‚ºï¼ˆsecret + public)をãƒã‚¤ãƒˆå˜ä½ã§è¿”ã—ã¾ã™ã€‚
\return ED25519_PRV_KEY_SIZE 秘密éµã®ã‚µã‚¤ã‚ºï¼ˆ64ãƒã‚¤ãƒˆï¼‰ã€‚
\return BAD_FUNC_ARG key引数ãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param [in] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
ed25519_key key;
@@ -713,10 +832,12 @@ int wc_ed25519_size(ed25519_key* key);
int wc_ed25519_priv_size(ed25519_key* key);
/*!
- \ingroup ED25519
+ \ingroup ED25519
\brief ã“ã®é–¢æ•°ã¯åœ§ç¸®éµã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§è¿”ã—ã¾ã™ï¼ˆå…¬é–‹éµï¼‰ã€‚
\return ED25519_PUB_KEY_SIZE 圧縮公開éµã®ã‚µã‚¤ã‚ºï¼ˆ32ãƒã‚¤ãƒˆï¼‰ã€‚
\return BAD_FUNC_ARG key引数ãŒnullã®å ´åˆã¯è¿”ã—ã¾ã™ã€‚
+ \param [in] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
ed25519_key key;
@@ -733,10 +854,12 @@ int wc_ed25519_priv_size(ed25519_key* key);
int wc_ed25519_pub_size(ed25519_key* key);
/*!
- \ingroup ED25519
+ \ingroup ED25519
\brief ã“ã®é–¢æ•°ã¯ã€ED25519ã‚·ã‚°ãƒãƒãƒ£ã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°64)を返ã—ã¾ã™ã€‚
\return ED25519_SIG_SIZE ED25519ã‚·ã‚°ãƒãƒãƒ£ï¼ˆ64ãƒã‚¤ãƒˆï¼‰ã®ã‚µã‚¤ã‚ºã€‚
\return BAD_FUNC_ARG key引数ãŒnullã®å ´åˆã¯è¿”ã—ã¾ã™ã€‚
+ \param [in] key ed25519_key構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int sigSz;
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h
index 34073553..7202e3c0 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h
@@ -1,5 +1,5 @@
/*!
- \ingroup HMAC
+ \ingroup HMAC
\brief ã“ã®é–¢æ•°ã¯HMACオブジェクトをåˆæœŸåŒ–ã—ã€ãã®æš—å·åŒ–タイプã€ã‚­ãƒ¼ã€ãŠã‚ˆã³HMACã®é•·ã•ã‚’設定ã—ã¾ã™ã€‚
\return 0 HMACオブジェクトã®åˆæœŸåŒ–ã«æˆåŠŸã—ã¾ã—ãŸ
\return BAD_FUNC_ARG 入力タイプãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚有効ãªã‚ªãƒ—ションã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.MD5ã€SHAã€SHA256ã€SHA384ã€SHA3-224ã€SHA3-256ã€SHA3-384ã€SHA3-512
@@ -22,7 +22,7 @@
int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
/*!
- \ingroup HMAC
+ \ingroup HMAC
\brief ã“ã®é–¢æ•°ã¯ã€HMACを使用ã—ã¦èªè¨¼ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æ›´æ–°ã—ã¾ã™ã€‚HMACオブジェクトãŒWC_HMACSETKEYã§åˆæœŸåŒ–ã•ã‚ŒãŸå¾Œã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã¹ãã§ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ãƒãƒƒã‚·ãƒ¥ã¸ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’æ›´æ–°ã™ã‚‹ãŸã‚ã«è¤‡æ•°å›žå‘¼ã³å‡ºã•ã‚Œã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚å¿…è¦ã«å¿œã˜ã¦wc_hmacupdateを呼ã³å‡ºã—ãŸå¾Œã€æœ€çµ‚èªè¨¼æ¸ˆã¿ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚¿ã‚°ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«wc_hmacfinalを呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 èªè¨¼ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æ›´æ–°ã«æˆåŠŸã—ã¾ã—ãŸ
\return MEMORY_E ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
@@ -47,7 +47,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
/*!
- \ingroup HMAC
+ \ingroup HMAC
\brief ã“ã®é–¢æ•°ã¯ã€HMACオブジェクトã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®æœ€çµ‚ãƒãƒƒã‚·ãƒ¥ã‚’計算ã—ã¾ã™ã€‚
\return 0 最後ã®ãƒãƒƒã‚·ãƒ¥ã®è¨ˆç®—ã«æˆåŠŸã—ãŸ
\return MEMORY_E ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
@@ -69,7 +69,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
int wc_HmacFinal(Hmac* hmac, byte* out);
/*!
- \ingroup HMAC
+ \ingroup HMAC
\brief ã“ã®é–¢æ•°ã¯ã€æ§‹æˆã•ã‚ŒãŸæš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã«åŸºã¥ã„ã¦ä½¿ç”¨å¯èƒ½ãªæœ€å¤§ã®HMACダイジェストサイズを返ã—ã¾ã™ã€‚
\return Success 設定ã•ã‚ŒãŸæš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã«åŸºã¥ã„ã¦ä½¿ç”¨å¯èƒ½ãªæœ€å¤§ã®HMACダイジェストサイズを返ã—ã¾ã™
_Example_
@@ -81,7 +81,7 @@ int wc_HmacFinal(Hmac* hmac, byte* out);
int wolfSSL_GetHmacMaxSize(void);
/*!
- \ingroup HMAC
+ \ingroup HMAC
\brief ã“ã®é–¢æ•°ã¯ã€HMACキー導出機能(HKDF)ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹ã‚’æä¾›ã—ã¾ã™ã€‚HMACを利用ã—ã¦ã€ä»»æ„ã®SALTã¨ã‚ªãƒ—ションã®æƒ…報を派生ã—ãŸã‚­ãƒ¼ã«å¤‰æ›ã—ã¾ã™ã€‚0ã¾ãŸã¯NULLãŒæŒ‡å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€ãƒãƒƒã‚·ãƒ¥åž‹ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§MD5ã«ãªã‚Šã¾ã™ã€‚
\return 0 与ãˆã‚‰ã‚ŒãŸå…¥åŠ›ã§ã‚­ãƒ¼ã®ç”Ÿæˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG 無効ãªãƒãƒƒã‚·ãƒ¥åž‹ãŒå¼•æ•°ã¨ã—ã¦æŒ‡å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚有効ãªåž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.MD5ã€SHAã€SHA256ã€SHA384ã€SHA3-224ã€SHA3-256ã€SHA3-384ã€SHA3-512
@@ -90,8 +90,8 @@ int wolfSSL_GetHmacMaxSize(void);
\param type HKDFã«ä½¿ç”¨ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—。有効ãªåž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.MD5ã€SHAã€SHA256ã€SHA384ã€SHA3-224ã€SHA3-256ã€SHA3-384ã€SHA3-512
\param inKey KDFã«ä½¿ç”¨ã™ã‚‹ã‚­ãƒ¼ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inKeySz 入力キーã®é•·ã•
- \param salt ä»»æ„ã®å¡©ã‚’å«ã‚€ç·©è¡æ¶²ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚塩を使用ã—ãªã„å ´åˆã¯ä»£ã‚ã‚Šã«NULLを使用ã—ã¦ãã ã•ã„
- \param saltSz å¡©ã®é•·ã•ã€‚塩を使用ã—ãªã„å ´åˆã¯0を使用ã—ã¦ãã ã•ã„
+ \param salt ä»»æ„ã®ã‚½ãƒ«ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚ソルトを使用ã—ãªã„å ´åˆã¯ä»£ã‚ã‚Šã«NULLを使用ã—ã¦ãã ã•ã„
+ \param saltSz ソルトã®é•·ã•ã€‚ソルトを使用ã—ãªã„å ´åˆã¯0を使用ã—ã¦ãã ã•ã„
\param info オプションã®è¿½åŠ æƒ…報をå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚追加情報を追加ã—ã¦ã„ãªã„å ´åˆã¯NULLを使用ã—ã¦ãã ã•ã„
\param infoSz 追加情報ã®é•·ã•è¿½åŠ æƒ…報を使用ã—ãªã„å ´åˆã¯0を使用ã—ã¦ãã ã•ã„
\param out 派生キーをä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h
index 3ea03910..d80bfbee 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h
@@ -1,14 +1,14 @@
/*!
- \ingroup Password
- \brief ã“ã®æ©Ÿèƒ½ã¯ãƒ‘スワードベースã®éµå°Žå‡ºæ©Ÿèƒ½1(PBKDF1)を実装ã—ã€å…¥åŠ›ãƒ‘スワードを連çµå¡©ã¨å…±ã«ã‚ˆã‚Šå®‰å…¨ãªéµã«å¤‰æ›ã—ã€å‡ºåŠ›ã«è¨˜æ†¶ã™ã‚‹ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€HASH関数ã¨ã—ã¦SHAã¨MD5ã‚’é¸æŠžã§ãã¾ã™ã€‚
+ \ingroup Password
+ \brief ã“ã®æ©Ÿèƒ½ã¯ãƒ‘スワードベースã®éµå°Žå‡ºæ©Ÿèƒ½1(PBKDF1)を実装ã—ã€å…¥åŠ›ãƒ‘スワードを連çµã‚½ãƒ«ãƒˆã¨å…±ã«ã‚ˆã‚Šå®‰å…¨ãªéµã«å¤‰æ›ã—ã€å‡ºåŠ›ã«è¨˜æ†¶ã™ã‚‹ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€HASH関数ã¨ã—ã¦SHAã¨MD5ã‚’é¸æŠžã§ãã¾ã™ã€‚
\return 0 入力パスワードã‹ã‚‰ã‚­ãƒ¼ã®æ´¾ç”Ÿã«æ­£å¸¸ã«æˆ»ã•ã‚ŒãŸ
\return BAD_FUNC_ARG 与ãˆã‚‰ã‚ŒãŸç„¡åŠ¹ãªãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ãŒã‚ã‚‹å ´åˆï¼ˆæœ‰åŠ¹ãªã‚¿ã‚¤ãƒ—ã¯ï¼šMD5ã¨SHA)ã€å復ã¯1未満ã€ã¾ãŸã¯è¦æ±‚ã•ã‚ŒãŸã‚­ãƒ¼ã®é•·ã•ï¼ˆKlen)ã¯æä¾›ã•ã‚ŒãŸãƒãƒƒã‚·ãƒ¥ã®ãƒãƒƒã‚·ãƒ¥é•·ã‚ˆã‚Šã‚‚大ãã„ã§ã™ã€‚
\return MEMORY_E SHAã¾ãŸã¯MD5オブジェクトã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
\param output 生æˆã•ã‚ŒãŸã‚­ãƒ¼ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚å°‘ãªãã¨ã‚‚klen longã«ãªã‚‹ã¹ãã§ã™
\param passwd キーã®æ´¾ç”Ÿã«ä½¿ç”¨ã™ã‚‹ãƒ‘スワードをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param pLen キーã®æ´¾ç”Ÿã«ä½¿ç”¨ã™ã‚‹ãƒ‘スワードã®é•·ã•
- \param salt éµç”±æ¥ã«ä½¿ç”¨ã™ã‚‹å¡©ã‚’å«ã‚€ç·©è¡æ¶²ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
- \param sLen å¡©ã®é•·ã•
+ \param salt éµç”±æ¥ã«ä½¿ç”¨ã™ã‚‹ã‚½ãƒ«ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
+ \param sLen ソルトã®é•·ã•
\param iterations ãƒãƒƒã‚·ãƒ¥ã‚’処ç†ã™ã‚‹ãŸã‚ã®å›žæ•°
\param kLen 派生キーã®å¸Œæœ›ã®é•·ã•ã€‚é¸æŠžã—ãŸãƒãƒƒã‚·ãƒ¥ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã‚µã‚¤ã‚ºã‚ˆã‚Šé•·ãã—ã¦ã¯ã„ã‘ã¾ã›ã‚“
_Example_
@@ -32,16 +32,16 @@ int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
int typeH);
/*!
- \ingroup Password
- \brief ã“ã®æ©Ÿèƒ½ã¯ãƒ‘スワードベースã®ã‚­ãƒ¼å°Žå‡ºæ©Ÿèƒ½2(PBKDF2)を実装ã—ã€å…¥åŠ›ãƒ‘スワードを連çµã•ã‚ŒãŸå¡©ã¨ã¨ã‚‚ã«ã‚ˆã‚Šå®‰å…¨ãªã‚­ãƒ¼ã«å¤‰æ›ã—ã€å‡ºåŠ›ã«è¨˜æ†¶ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€MD5ã€SHAã€SHA256ã€SHA384ã€SHA512ã€ãŠã‚ˆã³BLAKE2Bãªã©ã€ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹HMACãƒãƒƒã‚·ãƒ¥é–¢æ•°ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã§ãã¾ã™ã€‚
+ \ingroup Password
+ \brief ã“ã®æ©Ÿèƒ½ã¯ãƒ‘スワードベースã®ã‚­ãƒ¼å°Žå‡ºæ©Ÿèƒ½2(PBKDF2)を実装ã—ã€å…¥åŠ›ãƒ‘スワードを連çµã•ã‚ŒãŸã‚½ãƒ«ãƒˆã¨ã¨ã‚‚ã«ã‚ˆã‚Šå®‰å…¨ãªã‚­ãƒ¼ã«å¤‰æ›ã—ã€å‡ºåŠ›ã«è¨˜æ†¶ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€MD5ã€SHAã€SHA256ã€SHA384ã€SHA512ã€ãŠã‚ˆã³BLAKE2Bãªã©ã€ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹HMACãƒãƒƒã‚·ãƒ¥é–¢æ•°ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã§ãã¾ã™ã€‚
\return 0 入力パスワードã‹ã‚‰ã‚­ãƒ¼ã®æ´¾ç”Ÿã«æ­£å¸¸ã«æˆ»ã•ã‚ŒãŸ
\return BAD_FUNC_ARG 無効ãªãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ãŒã‚ã‚‹å ´åˆã€ã¾ãŸã¯å復ãŒ1未満ã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E HMACオブジェクトã«å‰²ã‚ŠæŒ¯ã‚Šãƒ¡ãƒ¢ãƒªãŒã‚ã‚‹å ´åˆ
\param output 生æˆã•ã‚ŒãŸã‚­ãƒ¼ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚klen longã«ã™ã‚‹ã¹ãã§ã™
\param passwd キーã®æ´¾ç”Ÿã«ä½¿ç”¨ã™ã‚‹ãƒ‘スワードをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param pLen キーã®æ´¾ç”Ÿã«ä½¿ç”¨ã™ã‚‹ãƒ‘スワードã®é•·ã•
- \param salt éµç”±æ¥ã«ä½¿ç”¨ã™ã‚‹å¡©ã‚’å«ã‚€ç·©è¡æ¶²ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
- \param sLen å¡©ã®é•·ã•
+ \param salt éµç”±æ¥ã«ä½¿ç”¨ã™ã‚‹ã‚½ãƒ«ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
+ \param sLen ソルトã®é•·ã•
\param iterations ãƒãƒƒã‚·ãƒ¥ã‚’処ç†ã™ã‚‹ãŸã‚ã®å›žæ•°
\param kLen 派生éµã®æœ›ã¾ã—ã„é•·ã•
_Example_
@@ -65,8 +65,8 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
int typeH);
/*!
- \ingroup Password
- \brief ã“ã®é–¢æ•°ã¯ã€RFC 7292付録Bã«è¨˜è¼‰ã•ã‚Œã¦ã„るパスワードベースã®ã‚­ãƒ¼å°Žå‡ºæ©Ÿèƒ½ï¼ˆPBKDF)を実装ã—ã¦ã„ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ‘スワードを連çµå¡©ã§ã‚ˆã‚Šå®‰å…¨ãªã‚­ãƒ¼ã«å¤‰æ›ã—ã¾ã™ã€‚ãã‚Œã¯ã€MD5ã€SHAã€SHA256ã€SHA384ã€SHA512ã€ãŠã‚ˆã³BLAKE2Bã‚’å«ã‚€ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹HMACãƒãƒƒã‚·ãƒ¥é–¢æ•°ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã§ãã¾ã™ã€‚
+ \ingroup Password
+ \brief ã“ã®é–¢æ•°ã¯ã€RFC 7292付録Bã«è¨˜è¼‰ã•ã‚Œã¦ã„るパスワードベースã®ã‚­ãƒ¼å°Žå‡ºæ©Ÿèƒ½ï¼ˆPBKDF)を実装ã—ã¦ã„ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ãƒ‘スワードを連çµã‚½ãƒ«ãƒˆã§ã‚ˆã‚Šå®‰å…¨ãªã‚­ãƒ¼ã«å¤‰æ›ã—ã¾ã™ã€‚ãã‚Œã¯ã€MD5ã€SHAã€SHA256ã€SHA384ã€SHA512ã€ãŠã‚ˆã³BLAKE2Bã‚’å«ã‚€ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã‚‹HMACãƒãƒƒã‚·ãƒ¥é–¢æ•°ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã§ãã¾ã™ã€‚
\return 0 入力パスワードã‹ã‚‰ã‚­ãƒ¼ã®æ´¾ç”Ÿã«æ­£å¸¸ã«æˆ»ã•ã‚ŒãŸ
\return BAD_FUNC_ARG è¿”ã•ã‚ŒãŸç„¡åŠ¹ãªãƒãƒƒã‚·ãƒ¥ã‚¿ã‚¤ãƒ—ãŒä¸Žãˆã‚‰ã‚ŒãŸå ´åˆã€ç¹°ã‚Šè¿”ã—ã¯1未満ã€ã¾ãŸã¯è¦æ±‚ã•ã‚ŒãŸã‚­ãƒ¼ã®é•·ã•ï¼ˆklen)ãŒæä¾›ã•ã‚ŒãŸãƒãƒƒã‚·ãƒ¥ã®ãƒãƒƒã‚·ãƒ¥é•·ã‚ˆã‚Šã‚‚大ãã„ã§ã™ã€‚
\return MEMORY_E 割り当ã¦ãƒ¡ãƒ¢ãƒªãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™
@@ -84,8 +84,8 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
\param output 生æˆã•ã‚ŒãŸã‚­ãƒ¼ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚klen longã«ã™ã‚‹ã¹ãã§ã™
\param passwd キーã®æ´¾ç”Ÿã«ä½¿ç”¨ã™ã‚‹ãƒ‘スワードをå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param pLen キーã®æ´¾ç”Ÿã«ä½¿ç”¨ã™ã‚‹ãƒ‘スワードã®é•·ã•
- \param salt éµç”±æ¥ã«ä½¿ç”¨ã™ã‚‹å¡©ã‚’å«ã‚€ç·©è¡æ¶²ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
- \param sLen å¡©ã®é•·ã•
+ \param salt éµç”±æ¥ã«ä½¿ç”¨ã™ã‚‹ã‚½ãƒ«ãƒˆã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼
+ \param sLen ソルトã®é•·ã•
\param iterations ãƒãƒƒã‚·ãƒ¥ã‚’処ç†ã™ã‚‹ãŸã‚ã®å›žæ•°
\param kLen 派生éµã®æœ›ã¾ã—ã„é•·ã•
\param hashType 使用ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ æœ‰åŠ¹ãªé¸æŠžè‚¢ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.MD5ã€SHAã€SHA256ã€SHA384ã€SHA512ã€ãŠã‚ˆã³BLAKE2B
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h
index 576fb473..99d4e236 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h
@@ -1,6 +1,6 @@
/*!
- \ingroup RSA
- \brief ã“ã®é–¢æ•°ã¯æä¾›ã•ã‚ŒãŸRSAKEY構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚ã¾ãŸã€ãƒ¦ãƒ¼ã‚¶ãƒ¼å®šç¾©ãƒ¡ãƒ¢ãƒªã‚ªãƒ¼ãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®ãƒ’ープ識別å­ã‚‚å–ã‚Šã¾ã™ï¼ˆXMALLOCã€XFREEã€XREALLOCã‚’å‚照)。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief ã“ã®é–¢æ•°ã¯æä¾›ã•ã‚ŒãŸRsaKey構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚ã¾ãŸã€ãƒ¦ãƒ¼ã‚¶ãƒ¼å®šç¾©ãƒ¡ãƒ¢ãƒªã‚ªãƒ¼ãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®ãƒ’ープ識別å­ã‚‚å–ã‚Šã¾ã™ï¼ˆXMALLOCã€XFREEã€XREALLOCã‚’å‚照)。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return 0 æš—å·åŒ–ã¨å¾©å·åŒ–ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®RSA構造ã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARGS RSAキーãƒã‚¤ãƒ³ã‚¿ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
\param key åˆæœŸåŒ–ã™ã‚‹RSAKEY構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
@@ -20,12 +20,12 @@
int wc_InitRsaKey(RsaKey* key, void* heap);
/*!
- \ingroup RSA
- \brief ã“ã®é–¢æ•°ã¯æä¾›ã•ã‚ŒãŸRSAKEY構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚IDã¨LENã¯ã€DEVIDãŒãƒ‡ãƒã‚¤ã‚¹ã‚’識別ã—ã¦ã„ã‚‹é–“ã«ãƒ‡ãƒã‚¤ã‚¹ä¸Šã®ã‚­ãƒ¼ã‚’識別ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã¾ãŸã€ãƒ¦ãƒ¼ã‚¶ãƒ¼å®šç¾©ãƒ¡ãƒ¢ãƒªã‚ªãƒ¼ãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®ãƒ’ープ識別å­ã‚‚å–ã‚Šã¾ã™ï¼ˆXMALLOCã€XFREEã€XREALLOCã‚’å‚照)。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief ã“ã®é–¢æ•°ã¯æä¾›ã•ã‚ŒãŸRsaKey構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚IDã¨LENã¯ã€DEVIDãŒãƒ‡ãƒã‚¤ã‚¹ã‚’識別ã—ã¦ã„ã‚‹é–“ã«ãƒ‡ãƒã‚¤ã‚¹ä¸Šã®ã‚­ãƒ¼ã‚’識別ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã¾ãŸã€ãƒ¦ãƒ¼ã‚¶ãƒ¼å®šç¾©ãƒ¡ãƒ¢ãƒªã‚ªãƒ¼ãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®ãƒ’ープ識別å­ã‚‚å–ã‚Šã¾ã™ï¼ˆXMALLOCã€XFREEã€XREALLOCã‚’å‚照)。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return 0 æš—å·åŒ–ã¨å¾©å·åŒ–ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®RSA構造ã®åˆæœŸåŒ–ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARGS RSAキーãƒã‚¤ãƒ³ã‚¿ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™
\return BUFFER_E LENãŒRSA_MAX_ID_LENよりもå°ã•ã„å ´åˆã€ã¾ãŸã¯å¤§ãã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param key åˆæœŸåŒ–ã™ã‚‹RSAKEY構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key åˆæœŸåŒ–ã™ã‚‹RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param id デãƒã‚¤ã‚¹ä¸Šã®ã‚­ãƒ¼ã®è­˜åˆ¥å­
\param len ãƒã‚¤ãƒˆæ•°ã®è­˜åˆ¥å­ã®é•·ã•
\param heap メモリオーãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®ãƒ’ープ識別å­ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚メモリ割り当ã¦ã®ã‚«ã‚¹ã‚¿ãƒ å‡¦ç†ã‚’å¯èƒ½ã«ã—ã¾ã™ã€‚ã“ã®ãƒ’ープã¯ã€ã“ã®RSAオブジェクトã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã«ãªã‚Šã¾ã™ã€‚
@@ -55,11 +55,11 @@ int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
void* heap, int devId);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯RNGをキーã«é–¢é€£ä»˜ã‘ã¾ã™ã€‚WC_RSA_BLINDINGãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã¯å¿…è¦ã§ã™ã€‚
\return 0 æˆåŠŸã«æˆ»ã£ãŸ
\return BAD_FUNC_ARGS RSAキーã®å ´åˆã€RNGãƒã‚¤ãƒ³ã‚¿ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆ
- \param key 関連付ã‘られるRSAKEY構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key 関連付ã‘られるRsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
ret = wc_InitRsaKey(&key, NULL);
@@ -75,8 +75,8 @@ int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
/*!
- \ingroup RSA
- \brief ã“ã®é–¢æ•°ã¯ã€MP_Clearを使用ã—ã¦æä¾›ã•ã‚ŒãŸRSAKEY構造体を解放ã—ã¾ã™ã€‚
+ \ingroup RSA
+ \brief ã“ã®é–¢æ•°ã¯ã€MP_Clearを使用ã—ã¦æä¾›ã•ã‚ŒãŸRsaKey構造体を解放ã—ã¾ã™ã€‚
\return 0 キーã®è§£æ”¾ã«æˆåŠŸã—ãŸã‚‰è¿”å“ã•ã‚Œã¾ã™
_Example_
\code
@@ -91,7 +91,7 @@ int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
int wc_FreeRsaKey(RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’INã‹ã‚‰æš—å·åŒ–ã—ã€ãã®çµæžœã‚’æ ¼ç´ã—ã¾ã™ã€‚åˆæœŸåŒ–ã•ã‚ŒãŸå…¬é–‹éµã¨ä¹±æ•°ç™ºç”Ÿå™¨ãŒå¿…è¦ã§ã™ã€‚副作用ã¨ã—ã¦ã€ã“ã®é–¢æ•°ã¯ounlenã®ä¸­ã§æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚
\return Success 入力メッセージã®æš—å·åŒ–ã«æˆåŠŸã—ãŸã‚‰ã€æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã—ã€éšœå®³ã®å ´åˆã¯ã‚¼ãƒ­æœªæº€ã§ã™ã€‚ã¾ãŸã€outlenã®å€¤ã‚’æ ¼ç´ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ã€OUTã«æ›¸ãè¾¼ã¾ã‚ŒãŸæ•°ã®ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG 入力パラメータã®ã„ãšã‚Œã‹ãŒç„¡åŠ¹ãªå ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -113,7 +113,7 @@ int wc_FreeRsaKey(RsaKey* key);
\param inLen æš—å·åŒ–ã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®é•·ã•
\param out 出力暗å·æ–‡ã‚’ä¿å­˜ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param outLen 出力ãƒãƒƒãƒ•ã‚¡ã®é•·ã•
- \param key æš—å·åŒ–ã«ä½¿ç”¨ã™ã‚‹å…¬é–‹éµã‚’å«ã‚€RSAKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key æš—å·åŒ–ã«ä½¿ç”¨ã™ã‚‹å…¬é–‹éµã‚’å«ã‚€RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
RsaKey pub;
@@ -138,7 +138,7 @@ int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯å¾©å·åŒ–ã®ãŸã‚ã«WC_RSAPrivateCrypt関数ã«ã‚ˆã£ã¦åˆ©ç”¨ã•ã‚Œã¾ã™ã€‚
\return Success 復å·åŒ–データã®é•·ã•
\return RSA_PAD_E RSAUNPADエラーã€ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã®æ‚ªã„フォーマット
@@ -155,7 +155,7 @@ int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯ç§˜å¯†ã®RSA復å·åŒ–ã‚’æä¾›ã—ã¾ã™ã€‚
\return Success 復å·åŒ–データã®é•·ã•
\return MEMORY_E -125ã€ãƒ¡ãƒ¢ãƒªã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¾ã—ãŸ
@@ -183,7 +183,7 @@ int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief æä¾›ã•ã‚ŒãŸé…列ã«ç§˜å¯†éµã¨ç½²åã—ã¾ã™ã€‚
\return RSA_BUFFER_E: -131ã€RSAãƒãƒƒãƒ•ã‚¡ã‚¨ãƒ©ãƒ¼ã€å‡ºåŠ›ãŒå°ã•ã™ãŽãŸã‚Šå…¥åŠ›ãŒå¤§ãã™ãŽãŸã‚Šã™ã‚‹
\param in æš—å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
@@ -209,7 +209,7 @@ int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief メッセージãŒRSAキーã«ã‚ˆã£ã¦ç½²åã•ã‚ŒãŸã“ã¨ã‚’確èªã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚出力ã¯å…¥åŠ›ã¨åŒã˜ãƒã‚¤ãƒˆé…列を使用ã—ã¾ã™ã€‚
\return >0 テキストã®é•·ã•
\return <0 エラーãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚
@@ -240,7 +240,7 @@ int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief メッセージãŒã‚­ãƒ¼ã«ã‚ˆã£ã¦ç½²åã•ã‚ŒãŸã“ã¨ã‚’確èªã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return Success エラーã®ãªã„テキストã®é•·ã•ã€‚
\return MEMORY_E メモリ例外
@@ -266,7 +266,7 @@ int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief æä¾›ã•ã‚ŒãŸé…列ã«ç§˜å¯†éµã¨ç½²åã—ã¾ã™ã€‚
\return RSA_BUFFER_E: -131ã€RSAãƒãƒƒãƒ•ã‚¡ã‚¨ãƒ©ãƒ¼ã€å‡ºåŠ›ãŒå°ã•ã™ãŽãŸã‚Šå…¥åŠ›ãŒå¤§ãã™ãŽãŸã‚Šã™ã‚‹
\param in æš—å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
@@ -310,14 +310,15 @@ int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
RsaKey* key, WC_RNG* rng);
/*!
- \ingroup RSA
- \brief 入力署åを復å·åŒ–ã—ã¦ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒã‚­ãƒ¼ã«ã‚ˆã£ã¦ç½²åã•ã‚ŒãŸã“ã¨ã‚’確èªã—ã¾ã™ã€‚wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
- \return Success エラーã®ãªã„テキストã®é•·ã•ã€‚
+ \ingroup RSA
+ \brief 入力署åを復å·ã—ã¦ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒéµã«ã‚ˆã£ã¦ç½²åã•ã‚ŒãŸã“ã¨ã‚’確èªã—ã¾ã™ã€‚WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€éµã¯wc_RsaSetRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \return Success エラーã®ãªã„å ´åˆã¯ãƒ†ã‚­ã‚¹ãƒˆã®é•·ã•ã‚’è¿”ã—ã¾ã™
\return MEMORY_E メモリ例外
- \param in 復å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
- \param inLen ã®é•·ã•
- \param out æ ¼ç´ã™ã‚‹å¾©å·åŒ–データã®ãƒã‚¤ãƒˆé…列。
- \param outLen ã®é•·ã•
+ \return MP_EXPTMOD_E - fastmathを使用ã™ã‚‹æ§˜ã«æ§‹æˆã•ã‚Œã¦ã„ã‚‹å ´åˆã«FP_MAX_BITSãŒéµã‚µã‚¤ã‚ºã®å°‘ãªãã¨ã‚‚2å€ã«è¨­å®šã•ã‚Œã¦ã„ãªã„(例ãˆã°4096-bité•·ã®éµã‚’使用ã™ã‚‹å ´åˆã«ã¯FP_MAX_BITSã¯8192以上ã«è¨­å®šã™ã‚‹ã“ã¨)。
+ \param in 復å·ã•ã‚Œã‚‹ç½²åデータãŒæ ¼ç´ã•ã‚Œã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡
+ \param inLen ç½²åデータã®é•·ã•
+ \param out 復å·ãƒ‡ãƒ¼ã‚¿ã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡
+ \param outLen 出力先ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º
\param hash メッセージã«å…¥ã‚‹ãƒãƒƒã‚·ãƒ¥åž‹
\param mgf マスク生æˆæ©Ÿèƒ½è­˜åˆ¥å­
_Example_
@@ -356,8 +357,8 @@ int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out,
RsaKey* key);
/*!
- \ingroup RSA
- \brief 入力署åを復å·åŒ–ã—ã¦ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒRSAキーã«ã‚ˆã£ã¦ç½²åã•ã‚ŒãŸã“ã¨ã‚’確èªã—ã¾ã™ã€‚出力ã¯å…¥åŠ›ã¨åŒã˜ãƒã‚¤ãƒˆé…列を使用ã—ã¾ã™ã€‚wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief 入力署åを復å·åŒ–ã—ã¦ã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒRSAキーã«ã‚ˆã£ã¦ç½²åã•ã‚ŒãŸã“ã¨ã‚’確èªã—ã¾ã™ã€‚出力ã¯å…¥åŠ›ã¨åŒã˜ãƒã‚¤ãƒˆé…列を使用ã—ã¾ã™ã€‚WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return >0 テキストã®é•·ã•
\return <0 エラーãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚
\param in 復å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
@@ -406,8 +407,8 @@ int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
enum wc_HashType hash, int mgf,
RsaKey* key);
/*!
- \ingroup RSA
- \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。塩ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return the PSSデータã®é•·ã•ãŒæˆåŠŸã—ã€è² ã«éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚
\return MEMORY_E メモリ例外
\param in 復å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
@@ -468,8 +469,8 @@ int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
enum wc_HashType hash, int mgf,
RsaKey* key);
/*!
- \ingroup RSA
- \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return the PSSデータã®é•·ã•ãŒæˆåŠŸã—ã€è² ã«éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚
\return MEMORY_E メモリ例外
\param in 復å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
@@ -480,7 +481,7 @@ int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
\param digestLen ãƒãƒƒã‚·ãƒ¥ã®é•·ã•
\param hash ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ 
\param mgf マスク生æˆæ©Ÿèƒ½
- \param saltLen 使用ã•ã‚Œã‚‹å¡©ã®é•·ã•ã€‚RSA_PSSS_SALT_LEN_DEFAULT(-1)塩ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã¨åŒã˜ã§ã™ã€‚RSA_PSS_SALT_LEN_DISCOVERã¯ã€å¡©ã®é•·ã•ãŒãƒ‡ãƒ¼ã‚¿ã‹ã‚‰æ±ºå®šã•ã‚Œã¾ã™ã€‚
+ \param saltLen 使用ã•ã‚Œã‚‹ã‚½ãƒ«ãƒˆã®é•·ã•ã€‚RSA_PSSS_SALT_LEN_DEFAULT(-1)ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã¨åŒã˜ã§ã™ã€‚RSA_PSS_SALT_LEN_DISCOVERã¯ã€ã‚½ãƒ«ãƒˆã®é•·ã•ãŒãƒ‡ãƒ¼ã‚¿ã‹ã‚‰æ±ºå®šã•ã‚Œã¾ã™ã€‚
_Example_
\code
ret = wc_InitRsaKey(&key, NULL);
@@ -531,8 +532,8 @@ int wc_RsaPSS_VerifyCheck_ex(byte* in, word32 inLen,
RsaKey* key);
/*!
- \ingroup RSA
- \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。入力ãƒãƒƒãƒ•ã‚¡ã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å†åˆ©ç”¨ã•ã‚Œã¾ã™ã€‚å¡©ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。入力ãƒãƒƒãƒ•ã‚¡ã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å†åˆ©ç”¨ã•ã‚Œã¾ã™ã€‚ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return the PSSデータã®é•·ã•ãŒæˆåŠŸã—ã€è² ã«éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚
\param in 復å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
\param inLen ã®é•·ã•
@@ -589,8 +590,8 @@ int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
enum wc_HashType hash, int mgf,
RsaKey* key);
/*!
- \ingroup RSA
- \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。入力ãƒãƒƒãƒ•ã‚¡ã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å†åˆ©ç”¨ã•ã‚Œã¾ã™ã€‚wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief RSA-PSSã§ç½²åã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’確èªã—ã¦ãã ã•ã„。入力ãƒãƒƒãƒ•ã‚¡ã¯å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å†åˆ©ç”¨ã•ã‚Œã¾ã™ã€‚WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return the PSSデータã®é•·ã•ãŒæˆåŠŸã—ã€è² ã«éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚
\param in 復å·åŒ–ã•ã‚Œã‚‹ãƒã‚¤ãƒˆé…列。
\param inLen ã®é•·ã•
@@ -599,7 +600,7 @@ int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
\param digestLen ãƒãƒƒã‚·ãƒ¥ã®é•·ã•
\param hash メッセージã«å…¥ã‚‹ãƒãƒƒã‚·ãƒ¥åž‹
\param mgf マスク生æˆæ©Ÿèƒ½è­˜åˆ¥å­
- \param saltLen 使用ã•ã‚Œã‚‹å¡©ã®é•·ã•ã€‚RSA_PSSS_SALT_LEN_DEFAULT(-1)塩ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã¨åŒã˜ã§ã™ã€‚RSA_PSS_SALT_LEN_DISCOVERã¯ã€å¡©ã®é•·ã•ãŒãƒ‡ãƒ¼ã‚¿ã‹ã‚‰æ±ºå®šã•ã‚Œã¾ã™ã€‚
+ \param saltLen 使用ã•ã‚Œã‚‹ã‚½ãƒ«ãƒˆã®é•·ã•ã€‚RSA_PSSS_SALT_LEN_DEFAULT(-1)ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã¨åŒã˜ã§ã™ã€‚RSA_PSS_SALT_LEN_DISCOVERã¯ã€ã‚½ãƒ«ãƒˆã®é•·ã•ãŒãƒ‡ãƒ¼ã‚¿ã‹ã‚‰æ±ºå®šã•ã‚Œã¾ã™ã€‚
_Example_
\code
ret = wc_InitRsaKey(&key, NULL);
@@ -649,8 +650,8 @@ int wc_RsaPSS_VerifyCheckInline_ex(byte* in, word32 inLen, byte** out,
RsaKey* key);
/*!
- \ingroup RSA
- \brief PSSデータを確èªã—ã¦ã€ç½²åãŒä¸€è‡´ã™ã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚å¡©ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。wc_rsa_blindingãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ \ingroup RSA
+ \brief PSSデータを確èªã—ã¦ã€ç½²åãŒä¸€è‡´ã™ã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。WC_RSA_BLINDINGãŒæœ‰åŠ¹ãªå ´åˆã€ã‚­ãƒ¼ã¯WC_RSASETRNGã«ã‚ˆã£ã¦RNGã«é–¢é€£ä»˜ã‘られãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
\return BAD_PADDING_E PSSデータãŒç„¡åŠ¹ãªå ´åˆã€NULLãŒINã¾ãŸã¯SIGã¾ãŸã¯INSZã«æ¸¡ã•ã‚Œã‚‹ã¨ã€BAD_FUNC_ARGã¯ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã®é•·ã•ã¨åŒã˜ã§ã¯ã‚ã‚Šã¾ã›ã‚“。
\return MEMORY_E メモリ例外
\param in 検証中ã®ãƒ‡ãƒ¼ã‚¿ã®ãƒãƒƒã‚·ãƒ¥ã€‚
@@ -702,8 +703,8 @@ int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
word32 sigSz,
enum wc_HashType hashType);
/*!
- \ingroup RSA
- \brief PSSデータを確èªã—ã¦ã€ç½²åãŒä¸€è‡´ã™ã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚å¡©ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。
+ \ingroup RSA
+ \brief PSSデータを確èªã—ã¦ã€ç½²åãŒä¸€è‡´ã™ã‚‹ã‚ˆã†ã«ã—ã¾ã™ã€‚ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã«ç­‰ã—ã„。
\return BAD_PADDING_E PSSデータãŒç„¡åŠ¹ãªå ´åˆã€NULLãŒINã¾ãŸã¯SIGã¾ãŸã¯INSZã«æ¸¡ã•ã‚Œã‚‹ã¨ã€BAD_FUNC_ARGã¯ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã®é•·ã•ã¨åŒã˜ã§ã¯ã‚ã‚Šã¾ã›ã‚“。
\return MEMORY_E メモリ例外
\param in 検証中ã®ãƒ‡ãƒ¼ã‚¿ã®ãƒãƒƒã‚·ãƒ¥ã€‚
@@ -711,7 +712,7 @@ int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
\param sig PSSデータをä¿æŒã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã€‚
\param sigSz PSSデータã®ã‚µã‚¤ã‚ºã€‚
\param hashType ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ 
- \param saltLen 使用ã•ã‚Œã‚‹å¡©ã®é•·ã•ã€‚RSA_PSSS_SALT_LEN_DEFAULT(-1)塩ã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã¨åŒã˜ã§ã™ã€‚RSA_PSS_SALT_LEN_DISCOVERã¯ã€å¡©ã®é•·ã•ãŒãƒ‡ãƒ¼ã‚¿ã‹ã‚‰æ±ºå®šã•ã‚Œã¾ã™ã€‚
+ \param saltLen 使用ã•ã‚Œã‚‹ã‚½ãƒ«ãƒˆã®é•·ã•ã€‚RSA_PSSS_SALT_LEN_DEFAULT(-1)ソルトã®é•·ã•ã¯ãƒãƒƒã‚·ãƒ¥é•·ã¨åŒã˜ã§ã™ã€‚RSA_PSS_SALT_LEN_DISCOVERã¯ã€ã‚½ãƒ«ãƒˆã®é•·ã•ãŒãƒ‡ãƒ¼ã‚¿ã‹ã‚‰æ±ºå®šã•ã‚Œã¾ã™ã€‚
_Example_
\code
ret = wc_InitRsaKey(&key, NULL);
@@ -755,7 +756,7 @@ int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, byte* sig,
word32 sigSz, enum wc_HashType hashType, int saltLen, int bits);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief æä¾›ã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã®æš—å·åŒ–サイズを返ã—ã¾ã™ã€‚
\return Success æä¾›ã•ã‚ŒãŸã‚­ãƒ¼æ§‹é€ ã®æš—å·åŒ–サイズ。
_Example_
@@ -769,7 +770,7 @@ int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, byte* sig,
int wc_RsaEncryptSize(RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯Derフォーマットã•ã‚ŒãŸRSA秘密éµã‚’解æžã—ã€ç§˜å¯†éµã‚’抽出ã—ã€ãれを与ãˆã‚‰ã‚ŒãŸResakey構造ã«æ ¼ç´ã—ã¾ã™ã€‚IDXã«è§£æžã•ã‚ŒãŸè·é›¢ã‚‚設定ã—ã¾ã™ã€‚
\return 0 DERエンコード入力ã‹ã‚‰ç§˜å¯†éµã®è§£æžã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™
\return ASN_PARSE_E 入力ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰ç§˜å¯†éµã‚’解æžã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€å…¥åŠ›ç§˜å¯†éµãŒASN.1è¦æ ¼ã«å¾“ã£ã¦æ­£ã—ãフォーマットã•ã‚Œã¦ã„ãªã„å ´åˆã«ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
@@ -797,8 +798,8 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
RsaKey* key, word32 inSz);
/*!
- \ingroup RSA
- \brief ã“ã®é–¢æ•°ã¯Derフォーマットã®RSA公開éµã‚’解æžã—ã€å…¬é–‹éµã‚’抽出ã—ã€ãれを指定ã•ã‚ŒãŸResakey構造ã«æ ¼ç´ã—ã¾ã™ã€‚IDXã«è§£æžã•ã‚ŒãŸè·é›¢ã‚‚設定ã—ã¾ã™ã€‚
+ \ingroup RSA
+ \brief ã“ã®é–¢æ•°ã¯Derフォーマットã®RSA公開éµã‚’解æžã—ã€å…¬é–‹éµã‚’抽出ã—ã€ãれを指定ã•ã‚ŒãŸRsaKey構造体ã«æ ¼ç´ã—ã¾ã™ã€‚IDXã«è§£æžã•ã‚ŒãŸè·é›¢ã‚‚設定ã—ã¾ã™ã€‚
\return 0 DERエンコード入力ã‹ã‚‰å…¬é–‹éµã®è§£æžã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚ŒãŸ
\return ASN_PARSE_E 入力ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰å…¬é–‹éµã‚’解æžã—ãŸã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€å…¥åŠ›å…¬é–‹éµãŒASN.1è¦æ ¼ã«å¾“ã£ã¦æ­£ã—ãフォーマットã•ã‚Œã¦ã„ãªã„å ´åˆã«ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return ASN_OBJECT_ID_E ASN.1オブジェクトIDãŒRSA公開éµã®ãã‚Œã¨ä¸€è‡´ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -807,7 +808,7 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
\return ASN_RSA_KEY_E RSAキー入力ã®å…¬é–‹éµè¦ç´ ã‚’読ã¿å–るエラーãŒã‚ã‚‹å ´åˆ
\param input 復å·ã™ã‚‹å…¥åŠ›DERエンコードRSA公開éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inOutIdx キーãŒå§‹ã¾ã‚‹ãƒãƒƒãƒ•ã‚¡å†…ã®ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã¸ã®ãƒã‚¤ãƒ³ã‚¿ï¼ˆé€šå¸¸ã¯0)。ã“ã®é–¢æ•°ã®å‰¯ä½œç”¨ã¨ã—ã¦ã€InoutIDXã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã‚’介ã—ã¦è§£æžã•ã‚ŒãŸè·é›¢ã‚’記憶ã—ã¾ã™
- \param key デコードã•ã‚ŒãŸå…¬é–‹éµã‚’ä¿å­˜ã™ã‚‹RSAKEY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param key デコードã•ã‚ŒãŸå…¬é–‹éµã‚’ä¿å­˜ã™ã‚‹RsaKey構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
_Example_
\code
RsaKey pub;
@@ -827,9 +828,9 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
RsaKey* key, word32 inSz);
/*!
- \ingroup RSA
- \brief ã“ã®é–¢æ•°ã¯ã€å…¬é–‹å¼¾æ€§çŽ‡ï¼ˆn)ã¨æŒ‡æ•°ï¼ˆe)を撮影ã—ã¦ã€RSA公開éµã®ç”Ÿã®è¦ç´ ã‚’復å·ã—ã¾ã™ã€‚ã“れらã®ç”Ÿã®è¦ç´ ã‚’æä¾›ã•ã‚ŒãŸRSAKEY構造体ã«æ ¼ç´ã—ã€æš—å·åŒ–/復å·åŒ–プロセスã§ä½¿ç”¨ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
- \return 0 公開éµã®ç”Ÿã®è¦ç´ ã‚’RSAKEY構造ã«å¾©å·ã—ãŸã¨ãã«è¿”ã•ã‚ŒãŸ
+ \ingroup RSA
+ \brief ã“ã®é–¢æ•°ã¯ã€å…¬é–‹å¼¾æ€§çŽ‡ï¼ˆn)ã¨æŒ‡æ•°ï¼ˆe)を撮影ã—ã¦ã€RSA公開éµã®ç”Ÿã®è¦ç´ ã‚’復å·ã—ã¾ã™ã€‚ã“れらã®ç”Ÿã®è¦ç´ ã‚’æä¾›ã•ã‚ŒãŸRsaKey構造体ã«æ ¼ç´ã—ã€æš—å·åŒ–/復å·åŒ–プロセスã§ä½¿ç”¨ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \return 0 公開éµã®ç”Ÿã®è¦ç´ ã‚’RsaKey構造体ã«å¾©å·ã—ãŸã¨ãã«è¿”ã•ã‚ŒãŸ
\return BAD_FUNC_ARG ã„ãšã‚Œã‹ã®å…¥åŠ›å¼•æ•°ãŒNULLã«è©•ä¾¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MP_INIT_E 複数ã®ç²¾å¯†æ•´æ•°ï¼ˆMP_INT)ライブラリã§ä½¿ç”¨ã™ã‚‹ãŸã‚ã®æ•´æ•°ã®åˆæœŸåŒ–中ã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
\return ASN_GETINT_E æä¾›ã•ã‚ŒãŸRSAキーè¦ç´ ã€nã¾ãŸã¯eã®ã„ãšã‚Œã‹ã‚’読むエラーãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™
@@ -856,12 +857,12 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
const byte* e, word32 eSz, RsaKey* key);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®æ©Ÿèƒ½ã¯RSAKEYキーをDERフォーマットã«å¤‰æ›ã—ã¾ã™ã€‚çµæžœã¯å‡ºåŠ›ã«æ›¸ãè¾¼ã¾ã‚Œã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
- \return 0 æˆåŠŸ
+ \return >0 æˆåŠŸã€æ›¸ã‹ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã€‚
\return BAD_FUNC_ARG キーã¾ãŸã¯å‡ºåŠ›ãŒNULLã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼ - >タイプãŒRSA_PRIVATEã§ãªã„å ´åˆã€ã¾ãŸã¯INLENãŒå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«å分ãªå¤§ãã•ã§ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param key åˆæœŸåŒ–ã•ã‚ŒãŸRSAKEY構造
+ \param key åˆæœŸåŒ–ã•ã‚ŒãŸRsaKey構造体
\param output 出力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
_Example_
\code
@@ -888,7 +889,7 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®æ©Ÿèƒ½ã¯ã€ã©ã®ãƒ‘ディングを使用ã™ã‚‹ã‹ã‚’é¸æŠžã—ãªãŒã‚‰RSAæš—å·åŒ–を実行ã—ã¾ã™ã€‚
\return size 正常ã«æš—å·åŒ–ã•ã‚Œã¦ã„ã‚‹ã¨ã€æš—å·åŒ–ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™
\return RSA_BUFFER_E RSAãƒãƒƒãƒ•ã‚¡ã‚¨ãƒ©ãƒ¼ã€å‡ºåŠ›ãŒå°ã•ã™ãŽãŸã‚Šå…¥åŠ›ãŒå¤§ãã™ãŽãŸã‚Šã™ã‚‹
@@ -896,7 +897,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen);
\param inLen æš—å·åŒ–ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®é•·ã•
\param out æš—å·åŒ–ã•ã‚ŒãŸMSGãŒä½œæˆã•ã‚Œã¾ã—ãŸ
\param outLen æš—å·åŒ–ã•ã‚ŒãŸMSGã‚’ä¿æŒã™ã‚‹ãŸã‚ã«åˆ©ç”¨å¯èƒ½ãªãƒãƒƒãƒ•ã‚¡ã®é•·ã•
- \param key åˆæœŸåŒ–RSAキー構造体
+ \param key åˆæœŸåŒ–ãšã¿RsaKey構造体
\param rng åˆæœŸåŒ–ã•ã‚ŒãŸWC_RNG構造体
\param type 使用ã™ã‚‹ãƒ‘ディングã®ç¨®é¡žï¼ˆWC_RSA_OAEP_PADã¾ãŸã¯WC_RSA_PKCSV15_PAD)
\param hash 使用ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã®ç¨®é¡žï¼ˆé¸æŠžã¯hash.hã«ã‚ã‚Šã¾ã™ï¼‰
@@ -925,7 +926,7 @@ int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯RSAを使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’復å·åŒ–ã—ã€ã©ã®ãƒ‘ディングタイプã®ã‚ªãƒ—ションを指定ã—ã¾ã™ã€‚
\return size 復å·åŒ–ãŒæˆåŠŸã™ã‚‹ã¨ã€å¾©å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E å¿…è¦ãªé…列をMallocã«Mallocã«ã™ã‚‹ã®ã«å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
@@ -934,7 +935,7 @@ int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
\param inLen 復å·åŒ–ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®é•·ã•
\param out 復å·åŒ–ã•ã‚ŒãŸMSGãŒä½œæˆã•ã‚Œã¾ã—ãŸ
\param outLen 復å·åŒ–ã•ã‚ŒãŸMSGã‚’ä¿æŒã™ã‚‹ãŸã‚ã«åˆ©ç”¨å¯èƒ½ãªãƒãƒƒãƒ•ã‚¡ã®é•·ã•
- \param key åˆæœŸåŒ–RSAキー構造体
+ \param key åˆæœŸåŒ–ãšã¿RsaKey構造体
\param type 使用ã™ã‚‹ãƒ‘ディングã®ç¨®é¡žï¼ˆWC_RSA_OAEP_PADã¾ãŸã¯WC_RSA_PKCSV15_PAD)
\param hash 使用ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã®ç¨®é¡žï¼ˆé¸æŠžã¯hash.hã«ã‚ã‚Šã¾ã™ï¼‰
\param mgf 使用ã™ã‚‹ãƒžã‚¹ã‚¯ç”Ÿæˆæ©Ÿèƒ½ã®ç¨®é¡ž
@@ -968,7 +969,7 @@ int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯RSAを使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’インラインã§å¾©å·åŒ–ã—ã€ã©ã®ãƒ‘ディングタイプã®ã‚ªãƒ—ションを示ã—ã¾ã™ã€‚INãƒãƒƒãƒ•ã‚¡ã«ã¯ã€å‘¼ã³å‡ºã•ã‚ŒãŸå¾Œã«å¾©å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒå«ã¾ã‚Œã€ã‚¢ã‚¦ãƒˆãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã¯ãƒ—レーンテキストãŒã‚る「INã€ãƒãƒƒãƒ•ã‚¡å†…ã®å ´æ‰€ã‚’指ã—ã¾ã™ã€‚
\return size 復å·åŒ–ãŒæˆåŠŸã™ã‚‹ã¨ã€å¾©å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E: å¿…è¦ãªé…列をMallocã«Mallocã«ã™ã‚‹ã®ã«å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
@@ -978,7 +979,7 @@ int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
\param in 復å·åŒ–ã®ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param inLen 復å·åŒ–ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã®é•·ã•
\param out "in"ãƒãƒƒãƒ•ã‚¡ã®å¾©å·åŒ–ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ä½ç½®ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param key åˆæœŸåŒ–RSAキー構造体
+ \param key åˆæœŸåŒ–ãšã¿RsaKey構造体
\param type 使用ã™ã‚‹ãƒ‘ディングã®ç¨®é¡žï¼ˆWC_RSA_OAEP_PADã¾ãŸã¯WC_RSA_PKCSV15_PAD)
\param hash 使用ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã®ç¨®é¡žï¼ˆé¸æŠžã¯hash.hã«ã‚ã‚Šã¾ã™ï¼‰
\param mgf 使用ã™ã‚‹ãƒžã‚¹ã‚¯ç”Ÿæˆæ©Ÿèƒ½ã®ç¨®é¡ž
@@ -1013,8 +1014,8 @@ int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
int mgf, byte* label, word32 labelSz);
/*!
- \ingroup RSA
- \brief RSAアルゴリズムã«ä½¿ç”¨ã•ã‚Œã‚‹å€‹ã€…ã®è¦ç´ ï¼ˆEã€N)ã«RSAKEY構造体を平らã«ã—ã¾ã™ã€‚
+ \ingroup RSA
+ \brief RSAアルゴリズムã«ä½¿ç”¨ã•ã‚Œã‚‹RsaKey構造体ã®å€‹ã€…ã®è¦ç´ ï¼ˆEã€N)をãƒãƒƒãƒ•ã‚¡ã«å–り出ã—ã¾ã™ã€‚
\return 0 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã¯ã€ã‚¨ãƒ©ãƒ¼ãªã—ã§è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG: ã„ãšã‚Œã‹ã®ãƒ‘ラメータãŒNULL値ã§æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return RSA_BUFFER_E: 渡ã•ã‚ŒãŸeã¾ãŸã¯nãƒãƒƒãƒ•ã‚¡ãŒæ­£ã—ã„サイズã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -1046,13 +1047,13 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
word32* nSz);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief RSA公開éµã‚’DERフォーマットã«å¤‰æ›ã—ã¾ã™ã€‚出力ã«æ›¸ãè¾¼ã¿ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
\return >0 æˆåŠŸã€æ›¸ã‹ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã€‚
\return BAD_FUNC_ARG キーã¾ãŸã¯å‡ºåŠ›ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E エラー割り当ã¦ãƒ¡ãƒ¢ãƒªãŒç™ºç”Ÿã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return <0 エラー
- \param key 変æ›ã™ã‚‹RSAキー構造。
+ \param key 変æ›ã™ã‚‹RsaKey構造体。
\param output ä¿ç•™ã•ã‚ŒãŸå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚(NULLãŒé•·ã•ã®ã¿ã‚’è¿”ã™å ´åˆï¼‰
_Example_
\code
@@ -1074,13 +1075,13 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief RSA公開éµã‚’DERフォーマットã«å¤‰æ›ã—ã¾ã™ã€‚出力ã«æ›¸ãè¾¼ã¿ã€æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚with_headerãŒ0ã®å ´åˆï¼ˆseq + n + e)ã ã‘ãŒASN.1 Derフォーマットã§è¿”ã•ã‚Œã€ãƒ˜ãƒƒãƒ€ãƒ¼ã‚’除外ã—ã¾ã™ã€‚
\return >0 æˆåŠŸã€æ›¸ã‹ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã€‚
\return BAD_FUNC_ARG キーã¾ãŸã¯å‡ºåŠ›ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E エラー割り当ã¦ãƒ¡ãƒ¢ãƒªãŒç™ºç”Ÿã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return <0 エラー
- \param key 変æ›ã™ã‚‹RSAキー構造。
+ \param key 変æ›ã™ã‚‹RsaKey構造体。
\param output ä¿ç•™ã•ã‚ŒãŸå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚(NULLãŒé•·ã•ã®ã¿ã‚’è¿”ã™å ´åˆï¼‰
_Example_
\code
@@ -1103,12 +1104,12 @@ int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header);
/*!
- \ingroup RSA
- \brief ã“ã®é–¢æ•°ã¯ã€é•·ã•ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã®RSA秘密éµã‚’生æˆã—ã€æŒ‡æ•°ï¼ˆe)を指定ã—ã¾ã™ã€‚次ã«ã€ã“ã®ã‚­ãƒ¼ã‚’æä¾›ã•ã‚ŒãŸRSAKEY構造体ã«æ ¼ç´ã™ã‚‹ãŸã‚ã€æš—å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã§ãã¾ã™ã€‚Eã«ä½¿ç”¨ã™ã‚‹ã‚»ã‚­ãƒ¥ã‚¢ç•ªå·ã¯65537ã§ã™ã€‚サイズã¯ã€RSA_MIN_SIZEよりも大ããã€RSA_MAX_SIZEよりも大ãããªã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ãŒåˆ©ç”¨å¯èƒ½ã§ã‚ã‚‹ãŸã‚ã€ã‚³ãƒ³ãƒ‘イル時ã«ã‚ªãƒ—ションwolfssl_key_genを有効ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€ - を使用ã—ã¦ãã ã•ã„./configureを使用ã™ã‚‹å ´åˆã¯ã€-enable-keygenã§å®Ÿç¾ã§ãã¾ã™ã€‚
+ \ingroup RSA
+ \brief ã“ã®é–¢æ•°ã¯ã€é•·ã•ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã®RSA秘密éµã‚’生æˆã—ã€æŒ‡æ•°ï¼ˆe)を指定ã—ã¾ã™ã€‚次ã«ã€ã“ã®ã‚­ãƒ¼ã‚’æä¾›ã•ã‚ŒãŸRsaKey構造体ã«æ ¼ç´ã™ã‚‹ãŸã‚ã€æš—å·åŒ–/復å·åŒ–ã«ä½¿ç”¨ã§ãã¾ã™ã€‚Eã«ä½¿ç”¨ã™ã‚‹ã‚»ã‚­ãƒ¥ã‚¢ç•ªå·ã¯65537ã§ã™ã€‚サイズã¯ã€RSA_MIN_SIZEよりも大ããã€RSA_MAX_SIZEよりも大ãããªã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ãŒåˆ©ç”¨å¯èƒ½ã§ã‚ã‚‹ãŸã‚ã€ã‚³ãƒ³ãƒ‘イル時ã«ã‚ªãƒ—ションwolfssl_key_genを有効ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã€ - を使用ã—ã¦ãã ã•ã„./configureを使用ã™ã‚‹å ´åˆã¯ã€-enable-keygenã§å®Ÿç¾ã§ãã¾ã™ã€‚
\return 0 RSA秘密éµã®ç”Ÿæˆã«æˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã—ãŸ
\return BAD_FUNC_ARG 入力引数ã®ã„ãšã‚Œã‹ãŒNULLã®å ´åˆã€ã‚µã‚¤ã‚ºãƒ‘ラメータã¯å¿…è¦ãªç¯„囲外ã«ã‚ã‚‹ã‹ã€eãŒèª¤ã£ã¦é¸æŠžã•ã‚Œã¦ã„ã‚‹å ´åˆ
\return RNG_FAILURE_E æä¾›ã•ã‚ŒãŸRNG構造体を使用ã—ã¦ãƒ©ãƒ³ãƒ€ãƒ ãƒ–ロックを生æˆã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
- \return MP_INIT_E
+ \return MP_INIT_E
\return MP_READ_E RSAキーã®ç”Ÿæˆä¸­ã«ä½¿ç”¨ã•ã‚ŒãŸæ•°å­¦ãƒ©ã‚¤ãƒ–ラリã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚ŒãŸRSAキーã®ç”Ÿæˆä¸­ã«ä½¿ç”¨ã•ã‚ŒãŸæ•°å­¦ãƒ©ã‚¤ãƒ–ラリã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return MP_CMP_E RSAキーã®ç”Ÿæˆä¸­ã«ä½¿ç”¨ã•ã‚Œã¦ã„る数学ライブラリã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return MP_INVMOD_E RSAキーã®ç”Ÿæˆä¸­ã«ä½¿ç”¨ã•ã‚Œã¦ã„る数学ライブラリã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
@@ -1143,7 +1144,7 @@ int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯ã€ãƒ–ロックã•ã‚Œã¦ã„ãªã„RSAコンテキストを設定ã—ã¾ã™ã€‚RSANBコンテキストãŒè¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€RSA関数を多ãã®å°ã•ãªæ“作ã«åˆ†å‰²ã™ã‚‹é«˜é€Ÿæ•°å­¦ãƒ™ãƒ¼ã‚¹ã®éžãƒ–ロッキングEXPTMODãŒå¯èƒ½ã«ãªã‚Šã¾ã™ã€‚wc_rsa_nonblockãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹ã¨ãã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG キーã¾ãŸã¯NBãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -1179,11 +1180,11 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb);
/*!
- \ingroup RSA
+ \ingroup RSA
\brief ã“ã®é–¢æ•°ã¯æœ€å¤§ãƒ–ロック時間ã®æœ€å¤§ãƒ–ロック時間をマイクロ秒å˜ä½ã§è¨­å®šã—ã¾ã™ã€‚ãã‚Œã¯ã€ãƒ¡ã‚¬ãƒ˜ãƒ«ãƒ„ã®CPU速度ã¨å…±ã«äº‹å‰è¨ˆç®—ã•ã‚ŒãŸãƒ†ãƒ¼ãƒ–ル(TFM.cexptModnbinstã‚’å‚照)を使用ã—ã¦ã€æä¾›ã•ã‚ŒãŸæœ€å¤§ãƒ–ロック時間内ã«æ¬¡ã®å‹•ä½œã‚’完了ã§ãã‚‹ã‹ã©ã†ã‹ã‚’判断ã—ã¾ã™ã€‚wc_rsa_nonblock_timeãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹ã¨ãã«æœ‰åŠ¹ã«ãªã‚Šã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG キーãŒNULLã®å ´åˆã€ã¾ãŸã¯WC_RSASETNONBLOCKãŒä»¥å‰ã«å‘¼ã³å‡ºã•ã‚Œã€ã‚­ãƒ¼ - > NBã¯NULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param key RSAキー構造
+ \param key RsaKey構造体
\param maxBlockUs マイクロ秒をブロックã™ã‚‹æœ€å¤§æ™‚間。
_Example_
\code
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h
index cf50eb3d..30a136d0 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h
@@ -1,5 +1,5 @@
/*!
- \ingroup SRP
+ \ingroup SRP
\brief 使用方法ã®ãŸã‚ã«SRP構造体をåˆæœŸåŒ–ã—ã¾ã™ã€‚
\return 0 æˆåŠŸã—ã¦ã„ã¾ã™ã€‚
\return BAD_FUNC_ARG SRPãªã©ã®å¼•æ•°ãŒNULLã¾ãŸã¯SRPSIDEã®å•é¡ŒãŒã‚ã‚‹å ´åˆã¯ã€SRP_CLIENT_SIESã¾ãŸã¯SRP_SERVER_SIEDã§ã¯å•é¡ŒãŒã‚ã‚‹å ´åˆã«è¿”ã—ã¾ã™ã€‚
@@ -25,7 +25,7 @@
int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief 使用後ã«SRP構造リソースを解放ã—ã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
_Example_
@@ -40,7 +40,7 @@ int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
void wc_SrpTerm(Srp* srp);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief ユーザーåを設定ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wc_srpinitã®å¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 ユーザーåã¯æ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG: srpã¾ãŸã¯usernameãŒnullã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
@@ -68,7 +68,7 @@ void wc_SrpTerm(Srp* srp);
int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief ユーザーåã«åŸºã¥ã„ã¦SRPパラメータを設定ã—ã¾ã™.. wc_srpsetuserNameã®å¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG SRPã€Nã€Gã€ã¾ãŸã¯SALTãŒNULLã®å ´åˆã€ã¾ãŸã¯NSZ <GSZã®å ´åˆã¯è¿”ã—ã¾ã™ã€‚
@@ -79,7 +79,7 @@ int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
\param nSz nサイズをãƒã‚¤ãƒˆå˜ä½ã§ã€‚
\param g ジェãƒãƒ¬ãƒ¼ã‚¿ãƒ¢ã‚¸ãƒ¥ãƒ­N.
\param gSz ãƒã‚¤ãƒˆæ•°ã®Gサイズ
- \param salt å°ã•ã„ランダムãªå¡©ã€‚å„ユーザーåã«ç‰¹æœ‰ã®ã‚‚ã®ã§ã™ã€‚
+ \param salt å°ã•ã„ランダムãªã‚½ãƒ«ãƒˆã€‚å„ユーザーåã«ç‰¹æœ‰ã®ã‚‚ã®ã§ã™ã€‚
_Example_
\code
Srp srp;
@@ -109,7 +109,7 @@ int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
const byte* salt, word32 saltSz);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief パスワードを設定ã—ã¾ã™ã€‚パスワードを設定ã—ã¦ã‚‚ã€SRP構造内ã®ãƒ‘スワードデータãŒæ¶ˆåŽ»ã•ã‚Œã¾ã›ã‚“。クライアントã¯ã€x = h(salt + h(user:pswd))を計算ã—ã€ãれをèªè¨¼ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã«æ ¼ç´ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wc_srpsetparamsã®å¾Œã«å‘¼ã³å‡ºã•ã‚Œãªã‘ã‚Œã°ãªã‚‰ãšã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã®ã¿ã§ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG srpã¾ãŸã¯passwordãŒnullã®å ´åˆã€ã¾ãŸã¯srp-> sideãŒsrp_client_sideã«è¨­å®šã•ã‚Œã¦ã„ãªã„å ´åˆã€‚
@@ -147,7 +147,7 @@ int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief 検証者を設定ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wc_srpsetparamsã®å¾Œã«å‘¼ã³å‡ºã•ã‚Œã€ã‚µãƒ¼ãƒãƒ¼å´ã®ã¿ã§ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG SRPã¾ãŸã¯VerifierãŒNULLã¾ãŸã¯SRP-> ISã®å ´åˆã€SRP_SERVER_SIEDã§ã¯ãªãè¿”ã•ã‚Œã¾ã™ã€‚
@@ -182,7 +182,7 @@ int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief 検証者をå–å¾—ã—ã¾ã™ã€‚クライアントã¯V = g ^ xï¼…Nã§æ¤œè¨¼è€…を計算ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wc_srpsetpasswordã®å¾Œã«å‘¼ã³å‡ºã•ã‚Œã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã®ã¿ã§ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG SRPã€Verifierã€ã¾ãŸã¯SizeãŒNULLã®å ´åˆã€ã¾ãŸã¯SRP-> SIDEãŒSRP_CLIENT_SIEDã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -222,7 +222,7 @@ int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief プライベートã®ã‚¨ãƒ•ã‚§ãƒ©ãƒ«å€¤ã‚’設定ã—ã¾ã™ã€‚プライベートã®ä¸€æ™‚çš„ãªå€¤ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã®Aã¨ã—ã¦çŸ¥ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚サーãƒãƒ¼å´ã®and random()b。b = random()ã“ã®é–¢æ•°ã¯ã€ãƒ¦ãƒ‹ãƒƒãƒˆãƒ†ã‚¹ãƒˆã‚±ãƒ¼ã‚¹ã€ã¾ãŸã¯é–‹ç™ºè€…ãŒå¤–部ランダムソースを使用ã—ã¦ã‚¨ãƒ•ã‚§ãƒ¡ãƒ©ãƒ«å€¤ã‚’設定ã—ãŸã„å ´åˆã¯ä¾¿åˆ©ã§ã™ã€‚ã“ã®é–¢æ•°ã¯ã€WC_SRPGetPublicã®å‰ã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG SRPã€Privateã€ã¾ãŸã¯SizeãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -258,7 +258,7 @@ int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief 公共ã®ä¸€æ™‚çš„ãªå€¤ã‚’å–å¾—ã—ã¾ã™ã€‚公共ã®ä¸€æ™‚çš„ãªå€¤ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã®Aã¨ã—ã¦çŸ¥ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚サーãƒå´ã®A = g ^ Aï¼…n b。B =(k * v +(g bï¼…n))%n wc_srpsetpasswordã¾ãŸã¯wc_srpsetverifierã®å¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚関数WC_SRPSetPrivateã¯ã€WC_SRPGetPublicã®å‰ã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG srpã€pubã€ã¾ãŸã¯sizeãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -300,7 +300,7 @@ int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);
int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief セッションキーを計算ã—ã¾ã™ã€‚æˆåŠŸå¾Œã«SRP->キーã§ã‚­ãƒ¼ã‚’アクセスã§ãã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG SRPã€ClientPubKeyã€ã¾ãŸã¯ServerPubKeyã®å ´åˆã€ã¾ãŸã¯ClientPubkeyszã¾ãŸã¯ServerPubKeyszãŒ0ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -344,7 +344,7 @@ int wc_SrpComputeKey(Srp* srp,
byte* serverPubKey, word32 serverPubKeySz);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief 証明をå–å¾—ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wc_srpcomputekeyã®å¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 æˆåŠŸ
\return BAD_FUNC_ARG SRPã€PROVã€ã¾ãŸã¯SIZEãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
@@ -370,7 +370,7 @@ int wc_SrpComputeKey(Srp* srp,
int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);
/*!
- \ingroup SRP
+ \ingroup SRP
\brief ピアプルーフを確èªã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€WC_SRPGetSessionKeyã®å‰ã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 æˆåŠŸ
\return <0 エラー
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h
index 16923ae6..5efe2b62 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h
@@ -1,6 +1,8 @@
/*!
- \brief
- \return pointer ã“ã®é–¢æ•°ã¯ã€æ–°ã—ã„wolfssl_method構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯DTLS v1.2 クライアントメソッドをåˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return 作æˆã«æˆåŠŸã—ãŸå ´åˆã¯ã€WOLFSSL_METHODãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return メモリ割り当ã¦ã‚¨ãƒ©ãƒ¼ã¾ãŸã¯ãƒ¡ã‚½ãƒƒãƒ‰ã®ä½œæˆã®å¤±æ•—ã®å ´åˆã¯NULLã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
wolfSSL_Init();
@@ -15,10 +17,11 @@
WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€Wolfsslv23_client_methodã¨åŒæ§˜ã®wolfssl_methodã‚’è¿”ã—ã¾ã™ï¼ˆã‚µãƒ¼ãƒãƒ¼/クライアント)。
- \return WOLFSSL_METHOD* æˆåŠŸã—ãŸä½œæˆã§ã¯ã€wolfssl_methodãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
- \return NULL メモリ割り当ã¦ã‚¨ãƒ©ãƒ¼ã¾ãŸã¯ãƒ¡ã‚½ãƒƒãƒ‰ã®ä½œæˆã®å¤±æ•—ã®å ´åˆã¯null
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSLv23_client_methodã¨åŒæ§˜ã«WOLFSSL_METHODã‚’è¿”ã—ã¾ã™ï¼ˆã‚µãƒ¼ãƒãƒ¼/クライアント)。
+ \return 作æˆã«æˆåŠŸã—ãŸå ´åˆã¯ã€WOLFSSL_METHODãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return メモリ割り当ã¦ã‚¨ãƒ©ãƒ¼ã¾ãŸã¯ãƒ¡ã‚½ãƒƒãƒ‰ã®ä½œæˆã®å¤±æ•—ã®å ´åˆã¯NULLã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL* ctx;
@@ -31,10 +34,12 @@ WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap);
WOLFSSL_METHOD *wolfSSLv23_method(void);
/*!
- \ingroup Setup
- \brief WOLFSSLV3_SERVER_METHOD()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€SSL 3.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfSSLv3_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€SSL3.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -61,10 +66,12 @@ WOLFSSL_METHOD *wolfSSLv23_method(void);
WOLFSSL_METHOD *wolfSSLv3_server_method(void);
/*!
- \ingroup Setup
- \brief wolfsslv3_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€SSL 3.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfSSLv3_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€SSL 3.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -91,10 +98,12 @@ WOLFSSL_METHOD *wolfSSLv3_server_method(void);
WOLFSSL_METHOD *wolfSSLv3_client_method(void);
/*!
- \ingroup Setup
- \brief WOLFTLSV1_SERVER_METHOD()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfTLSv1_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -121,10 +130,12 @@ WOLFSSL_METHOD *wolfSSLv3_client_method(void);
WOLFSSL_METHOD *wolfTLSv1_server_method(void);
/*!
- \ingroup Setup
- \brief wolftlsv1_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€TLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolftlsv1_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€TLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -151,10 +162,12 @@ WOLFSSL_METHOD *wolfTLSv1_server_method(void);
WOLFSSL_METHOD *wolfTLSv1_client_method(void);
/*!
- \ingroup Setup
- \brief WOLFTLSV1_1_SERVER_METHOD()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.1プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfTLSv1_1_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.1プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -181,10 +194,12 @@ WOLFSSL_METHOD *wolfTLSv1_client_method(void);
WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
/*!
- \ingroup Setup
- \brief WOLFTLSV1_1_CLIENT_METHOD()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€TLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfTLSv1_1_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€TLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -211,10 +226,12 @@ WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
/*!
- \ingroup Setup
- \brief WOLFTLSV1_2_SERVER_METHOD()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.2プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfTLSv1_2_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.2プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -241,10 +258,12 @@ WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
/*!
- \ingroup Setup
- \brief wolftlsv1_2_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€TLS 1.2プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfTLSv1_2_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€TLS 1.2プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -271,10 +290,13 @@ WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
/*!
- \ingroup Setup
- \brief wolfdtlsv1_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€DTLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ - enable-dtlsã€ã¾ãŸã¯WolfSSL_DTLSを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfdtlsv1_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚Šã€DTLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã™ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ--enable-dtlsã€ã¾ãŸã¯WOLFSSL_DTLSを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
WOLFSSL_METHOD* method;
@@ -299,10 +321,13 @@ WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
/*!
- \ingroup Setup
- \brief WOLFDTLSV1_SERVER_METHOD()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€DTLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ - enable-dtlsã€ã¾ãŸã¯WolfSSL_DTLSを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return FAIL xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfDTLSv1_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€DTLS 1.0プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ--enable-dtlsã€ã¾ãŸã¯WOLFSSL_DTLSマクロを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
WOLFSSL_METHOD* method;
@@ -327,8 +352,9 @@ WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
/*!
- \brief サーãƒå´ã€‚
- \return This 関数ã¯wolfssl_methodãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \brief wolfDTLSv1_2_server_method()関数ã¯ã‚µãƒ¼ãƒå´ç”¨ã«WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
@@ -340,10 +366,165 @@ WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
/*!
- \ingroup Setup
- \brief Chacha-Poly Aead Constructionã®æœ€åˆã®ãƒªãƒªãƒ¼ã‚¹ã¨æ–°ã—ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®é–“ã«ã„ãã¤ã‹ã®é•ã„ãŒã‚ã‚‹ãŸã‚ã€å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã¦ã‚µãƒ¼ãƒãƒ¼/クライアントã¨é€šä¿¡ã™ã‚‹ã‚ªãƒ—ションを追加ã—ã¾ã—ãŸã€‚デフォルトã§ã¯ã€WolfSSLã¯æ–°ã—ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã¾ã™ã€‚
- \return 0 æˆåŠŸã™ã‚‹ã¨
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Setup
+
+ \brief wolfDTLSv1_3_server_method()関数ã¯ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€DTLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ--enable-dtls13ã€ã¾ãŸã¯WOLFSSL_DTLS13を定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
+
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \param ãªã—
+
+ _Example_
+ \code
+ WOLFSSL_METHOD* method;
+ WOLFSSL_CTX* ctx;
+
+ method = wolfDTLSv1_3_server_method();
+ if (method == NULL) {
+ // unable to get method
+ }
+
+ ctx = wolfSSL_CTX_new(method);
+ ...
+ \endcode
+
+
+ \sa wolfDTLSv1_3_client_method
+*/
+
+WOLFSSL_METHOD *wolfDTLSv1_3_server_method(void);
+
+/*!
+ \ingroup Setup
+
+ \brief wolfDTLSv1_3_client_method()関数ã¯ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€DTLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ--enable-dtls13ã€ã¾ãŸã¯WOLFSSL_DTLS13を定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
+
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \param ãªã—
+
+
+ _Example_
+ \code
+ WOLFSSL_METHOD* method;
+ WOLFSSL_CTX* ctx;
+
+ method = wolfDTLSv1_3_client_method();
+ if (method == NULL) {
+ // unable to get method
+ }
+
+ ctx = wolfSSL_CTX_new(method);
+ ...
+ \endcode
+
+
+ \sa wolfDTLSv1_3_server_method
+*/
+WOLFSSL_METHOD* wolfDTLSv1_3_client_method(void);
+
+/*!
+ \ingroup Setup
+
+ \brief wolfDTLS_server_method()関数ã¯ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€
+ å¯èƒ½ãªé™ã‚Šé«˜ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®DTLSプロトコルをサãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ デフォルトã®æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯WOLFSSL_MIN_DTLS_DOWNGRADEマクロã§ã®æŒ‡å®šã‚’ã‚‚ã¨ã«ã—ã¦ã„ã¦ã€
+ 実行時ã«wolfSSL_SetMinVersion()ã§å¤‰æ›´ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€WolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ--enable-dtlsã€ã¾ãŸã¯WOLFSSL_DTLSを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
+
+
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \param ãªã—
+
+ _Example_
+ \code
+ WOLFSSL_METHOD* method;
+ WOLFSSL_CTX* ctx;
+
+ method = wolfDTLS_server_method();
+ if (method == NULL) {
+ // unable to get method
+ }
+
+ ctx = wolfSSL_CTX_new(method);
+ ...
+ \endcode
+
+
+ \sa wolfDTLS_client_method
+ \sa wolfSSL_SetMinVersion
+*/
+WOLFSSL_METHOD *wolfDTLS_server_method(void);
+
+/*!
+ \ingroup Setup
+
+ \brief wolfDTLS_client_method()関数㯠アプリケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€
+ å¯èƒ½ãªé™ã‚Šé«˜ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®DTLSプロトコルをサãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ デフォルトã®æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯WOLFSSL_MIN_DTLS_DOWNGRADEマクロã§ã®æŒ‡å®šã‚’ã‚‚ã¨ã«ã—ã¦ã„ã¦ã€
+ 実行時ã«wolfSSL_SetMinVersion()ã§å¤‰æ›´ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSL_ctx_new()を使用ã—ã¦SSL/TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„WOLFSSL_METHOD構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSLãŒDTLSサãƒãƒ¼ãƒˆï¼ˆ--enable-dtlsã€ã¾ãŸã¯WOLFSSL_DTLSを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ï¼‰ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿ä½¿ç”¨ã§ãã¾ã™ã€‚
+
+
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return XMALLOCを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \param ãªã—
+
+
+ _Example_
+ \code
+ WOLFSSL_METHOD* method;
+ WOLFSSL_CTX* ctx;
+
+ method = wolfDTLS_client_method();
+ if (method == NULL) {
+ // unable to get method
+ }
+
+ ctx = wolfSSL_CTX_new(method);
+ ...
+ \endcode
+
+
+ \sa wolfDTLS_server_method
+ \sa wolfSSL_SetMinVersion
+*/
+WOLFSSL_METHOD *wolfDTLS_client_method(void);
+
+/*!
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ç”¨ã«WOLFSSL_METHOD構造体を生æˆã—ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \param ãªã—
+
+ _Example_
+ \code
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
+ WOLFSSL* ssl = WOLFSSL_new(ctx);
+ …
+ \endcode
+
+ \sa wolfSSL_CTX_new
+*/
+WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
+
+
+/*!
+ \ingroup Setup
+ \brief Chacha-Poly Aead Constructionã®æœ€åˆã®ãƒªãƒªãƒ¼ã‚¹ã¨æ–°ã—ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®é–“ã«ã„ãã¤ã‹ã®é•ã„ãŒã‚ã‚‹ãŸã‚ã€
+ å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã¦ã‚µãƒ¼ãƒãƒ¼/クライアントã¨é€šä¿¡ã™ã‚‹ã‚ªãƒ—ションを追加ã—ã¾ã—ãŸã€‚
+ デフォルトã§ã¯ã€wolfSSLã¯æ–°ã—ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã¾ã™ã€‚
+ \return 0 æˆåŠŸã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã—ãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -360,12 +541,16 @@ WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
int wolfSSL_use_old_poly(WOLFSSL* ssl, int value);
/*!
- \brief セッション状態ã“ã‚Œã«ã‚ˆã‚Šã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«æŽ¥ç¶šã‚’ピックアップã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
- \return Success æˆåŠŸã—ãŸå ´åˆã€èª­ã¿å–ã£ãŸãƒãƒƒãƒ•ã‚¡ã®é‡ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \return Failure ã™ã¹ã¦ã®å¤±æ•—ã—ãŸæˆ»ã‚Šå€¤ã¯0未満ã«ãªã‚Šã¾ã™ã€‚
- \return VERSION_ERROR ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ä¸ä¸€è‡´ãŒè¦‹ã¤ã‹ã£ãŸå ´åˆã€IE DTLS V1ã¨CTXãŒDTLS V1.2ã«è¨­å®šã•ã‚ŒãŸå ´åˆã€Version_ErrorãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param buf インãƒãƒ¼ãƒˆã™ã‚‹ã‚·ãƒªã‚¢ãƒ«åŒ–ã•ã‚ŒãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã€‚
+ \brief wolfSSL_dtls_import()関数ã¯ã‚·ãƒªã‚¢ãƒ©ã‚¤ã‚ºã•ã‚ŒãŸã‚»ãƒƒã‚·ãƒ§ãƒ³çŠ¶æ…‹ã‚’解æžã™ã‚‹ãŸã‚ã«ä½¿ã‚ã‚Œã¾ã™ã€‚
+ ã“ã‚Œã«ã‚ˆã‚Šã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«æŽ¥ç¶šã‚’ピックアップã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€èª­ã¿å–ã£ãŸãƒãƒƒãƒ•ã‚¡ã®é‡ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return ã™ã¹ã¦ã®å¤±æ•—ã—ãŸæˆ»ã‚Šå€¤ã¯0未満ã«ãªã‚Šã¾ã™ã€‚
+ \return VERSION_ERROR ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ä¸ä¸€è‡´ãŒè¦‹ã¤ã‹ã£ãŸå ´åˆã€(ã™ãªã‚ã¡ã€DTLS v1ã¨CTXãŒDTLS v1.2ã«è¨­å®šã•ã‚ŒãŸå ´åˆ)ã€Version_ErrorãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param buf インãƒãƒ¼ãƒˆã™ã‚‹ã‚·ãƒªã‚¢ãƒ«åŒ–ã•ã‚ŒãŸã‚»ãƒƒã‚·ãƒ§ãƒ³æƒ…報を格ç´ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL* ssl;
@@ -393,10 +578,14 @@ int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf,
/*!
- \brief 接続ã®çŠ¶æ…‹ã‚’インãƒãƒ¼ãƒˆã—ã¾ã™ã€‚警告:BUFã«ã¯ã€çŠ¶æ…‹ã«é–¢ã™ã‚‹æ©Ÿå¯†æƒ…å ±ãŒå«ã¾ã‚Œã¦ãŠã‚Šã€ä¿å­˜ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ä¿å­˜ã™ã‚‹å‰ã«æš—å·åŒ–ã•ã‚Œã‚‹ã®ãŒæœ€å–„ã§ã™ã€‚追加ã®ãƒ‡ãƒãƒƒã‚°æƒ…報をマクロwolfssl_session_export_debugãŒå®šç¾©ã—ã¦è¡¨ç¤ºã§ãã¾ã™ã€‚
- \return the ãƒãƒƒãƒ•ã‚¡ 'BUF'ã‹ã‚‰èª­ã¿è¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°
- \param ssl セッションをインãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®WolfSSL構造
- \param buf シリアル化ã•ã‚ŒãŸã‚»ãƒƒã‚·ãƒ§ãƒ³
+ \brief シリアライズã•ã‚ŒãŸTLSセッションをインãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ 警告:bufã«ã¯ã€çŠ¶æ…‹ã«é–¢ã™ã‚‹æ©Ÿå¯†æƒ…å ±ãŒå«ã¾ã‚Œã¦ãŠã‚Šã€ä¿å­˜ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ä¿å­˜ã™ã‚‹å‰ã«æš—å·åŒ–ã•ã‚Œã‚‹ã®ãŒæœ€å–„ã§ã™ã€‚
+ 追加ã®ãƒ‡ãƒãƒƒã‚°æƒ…報をマクロWOLFSSL_SESSION_EXPORT_DEBUGを定義ã—ã¦è¡¨ç¤ºã§ãã¾ã™ã€‚
+ \return ãƒãƒƒãƒ•ã‚¡'buf'ã‹ã‚‰èª­ã¿è¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
+ \param ssl セッションをインãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param buf シリアル化ã•ã‚ŒãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
\sa wolfSSL_dtls_import
\sa wolfSSL_tls_export
*/
@@ -404,14 +593,18 @@ int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
unsigned int sz);
/*!
- \brief セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã€‚ã“ã‚Œã¯ã€ä»¥å‰ã«æ ¼ç´ã•ã‚Œã¦ã„るエクスãƒãƒ¼ãƒˆæ©Ÿèƒ½ã‚’クリアã™ã‚‹ãŸã‚ã®ãƒ‘ラメータfuncã¨ã—ã¦nullを渡ã™ã“ã¨ãŒè¨±å¯ã•ã‚Œã¦ã„ã¾ã™ã€‚サーãƒãƒ¼å´ã§ä½¿ç”¨ã•ã‚Œã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸç›´å¾Œã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return BAD_FUNC_ARG NULLã¾ãŸã¯äºˆæƒ³ã•ã‚Œãªã„引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆ
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief wolfSSL_CTX_dtls_set_export()関数ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’設定ã—ã¾ã™ã€‚
+ 以å‰ã«æ ¼ç´ã•ã‚Œã¦ã„るエクスãƒãƒ¼ãƒˆæ©Ÿèƒ½ã‚’クリアã™ã‚‹ãŸã‚ã«ãƒ‘ラメータfuncã«NULLを渡ã™ã“ã¨ãŒè¨±ã•ã‚Œã¾ã™ã€‚
+ サーãƒãƒ¼å´ã§ä½¿ç”¨ã•ã‚Œã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸç›´å¾Œã«è¨­å®šã—ãŸã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG NULLã¾ãŸã¯äºˆæƒ³ã•ã‚Œãªã„引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param func セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹éš›ã«å‘¼ã³å‡ºã™é–¢æ•°ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
- // body of send session (wc_dtls_export) that passses
+ // body of send session (wc_dtls_export) that passes
// buf (serialized session) to destination
WOLFSSL_CTX* ctx;
int ret;
@@ -429,18 +622,21 @@ int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
\sa wolfSSL_dtls_set_export
\sa Static buffer use
*/
-int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
- wc_dtls_export func);
+int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, wc_dtls_export func);
/*!
- \brief セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹æ©Ÿèƒ½ã€‚ã“ã‚Œã¯ã€ä»¥å‰ã«æ ¼ç´ã•ã‚Œã¦ã„るエクスãƒãƒ¼ãƒˆæ©Ÿèƒ½ã‚’クリアã™ã‚‹ãŸã‚ã®ãƒ‘ラメータfuncã¨ã—ã¦nullを渡ã™ã“ã¨ãŒè¨±å¯ã•ã‚Œã¦ã„ã¾ã™ã€‚サーãƒãƒ¼å´ã§ä½¿ç”¨ã•ã‚Œã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸç›´å¾Œã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return BAD_FUNC_ARG NULLã¾ãŸã¯äºˆæƒ³ã•ã‚Œãªã„引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆ
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief wolfSSL_dtls_set_export()関数ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’エクスãƒãƒ¼ãƒˆã™ã‚‹éš›ã«å‘¼ã³å‡ºã™ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’登録ã—ã¾ã™ã€‚
+ 以å‰ã«ç™»éŒ²ã•ã‚Œã¦ã„るエクスãƒãƒ¼ãƒˆé–¢æ•°ã‚’クリアã™ã‚‹ãŸã‚ã«ä½¿ã†ã“ã¨ã‚‚ã§ãã¾ã™ã€‚
+ サーãƒãƒ¼å´ã§ä½¿ç”¨ã•ã‚Œã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸç›´å¾Œã«è¨­å®šã—ãŸã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG NULLã¾ãŸã¯äºˆæƒ³ã•ã‚Œãªã„引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param func セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹éš›ã«å‘¼ã³å‡ºã™é–¢æ•°ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
- // body of send session (wc_dtls_export) that passses
+ // body of send session (wc_dtls_export) that passes
// buf (serialized session) to destination
WOLFSSL* ssl;
int ret;
@@ -460,11 +656,15 @@ int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func);
/*!
- \brief æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã¸ã®WolfSSLセッション。セッションをシリアル化ã—ãŸã¨ãã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’é€ä¿¡ã™ã‚‹ãŸã‚ã®é–¢æ•°ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’使用ã™ã‚‹ã‚ˆã‚Šã‚‚å°‘ãªã„メモリオーãƒãƒ¼ãƒ˜ãƒƒãƒ‰ã‚’許å¯ã—ã¾ã™ã€‚関数ã«æ¸¡ã•ã‚ŒãŸã¨ãã«ãƒãƒƒãƒ•ã‚¡ãŒNULLã®å ´åˆã€SZã¯WolfSSLセッションã®ç›´åˆ—化ã«å¿…è¦ãªãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã«è¨­å®šã•ã‚Œã¾ã™ã€‚
- \return Success æˆåŠŸã—ãŸå ´åˆã€ä½¿ç”¨ã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã®é‡ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \return Failure ã™ã¹ã¦ã®å¤±æ•—ã—ãŸæˆ»ã‚Šå€¤ã¯0未満ã«ãªã‚Šã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param buf 直列化セッションをä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \brief wolfSSL_dtls_export()関数ã¯æä¾›ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã¸ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’シリアル化ã—ã¾ã™ã€‚
+ セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®é–¢æ•°ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’使用ã™ã‚‹ã‚ˆã‚Šã‚‚メモリオーãƒãƒ¼ãƒ˜ãƒƒãƒ‰ã‚’減らã™ã“ã¨ãŒã§ãã¾ã™ã€‚
+ 関数ã«æ¸¡ã•ã‚ŒãŸå¼•æ•°bufãŒNULLã®å ´åˆã€szã«ã¯WolfSSLセッションã®ã‚·ãƒªã‚¢ãƒ©ã‚¤ã‚ºã«å¿…è¦ãªãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒè¨­å®šã•ã‚Œã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€ä½¿ç”¨ã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return ã™ã¹ã¦ã®å¤±æ•—ã—ãŸæˆ»ã‚Šå€¤ã¯0未満ã«ãªã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param buf シリアライズã—ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’ä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL* ssl;
@@ -487,10 +687,15 @@ int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf,
unsigned int* sz);
/*!
- \brief 接続ã®ç›´åˆ—化ã•ã‚ŒãŸçŠ¶æ…‹ã‚’インãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã»ã¨ã‚“ã©ã®å ´åˆã€wolfssl_tls_exportã®ä»£ã‚ã‚Šã«wolfssl_get1_sessionを使用ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚追加ã®ãƒ‡ãƒãƒƒã‚°æƒ…報をマクロwolfssl_session_export_debugãŒå®šç¾©ã—ã¦è¡¨ç¤ºã§ãã¾ã™ã€‚警告:BUFã«ã¯ã€çŠ¶æ…‹ã«é–¢ã™ã‚‹æ©Ÿå¯†æƒ…å ±ãŒå«ã¾ã‚Œã¦ãŠã‚Šã€ä¿å­˜ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ä¿å­˜ã™ã‚‹å‰ã«æš—å·åŒ–ã•ã‚Œã‚‹ã®ãŒæœ€å–„ã§ã™ã€‚
- \return the ãƒãƒƒãƒ•ã‚¡ãƒ¼ 'BUF'ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°
- \param ssl セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®WolfSSL構造
- \param buf 直列化セッションã®å‡ºåŠ›
+ \brief シリアライズã•ã‚ŒãŸTLSセッションをエクスãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
+ ã»ã¨ã‚“ã©ã®å ´åˆã€wolfSSL_tls_exportã®ä»£ã‚ã‚Šã«wolfssl_get1_sessionを使用ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ 追加ã®ãƒ‡ãƒãƒƒã‚°æƒ…報をマクロWOLFSSL_SESSION_EXPORT_DEBUGを定義ã—ã¦è¡¨ç¤ºã§ãã¾ã™ã€‚
+ 警告:bufã«ã¯ã€çŠ¶æ…‹ã«é–¢ã™ã‚‹æ©Ÿå¯†æƒ…å ±ãŒå«ã¾ã‚Œã¦ãŠã‚Šã€ä¿å­˜ã™ã‚‹å ´åˆã¯ä¿å­˜ã™ã‚‹å‰ã«æš—å·åŒ–ã•ã‚Œã‚‹ã®ãŒæœ€å–„ã§ã™ã€‚
+ \return ãƒãƒƒãƒ•ã‚¡'buf'ã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒã‚¤ãƒˆæ•°
+ \param ssl セッションをエクスãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param buf シリアライズã•ã‚ŒãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã®å‡ºåŠ›å…ˆãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param sz 出力先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
\sa wolfSSL_dtls_import
\sa wolfSSL_tls_import
*/
@@ -498,14 +703,28 @@ int wolfSSL_tls_export(WOLFSSL* ssl, unsigned char* buf,
unsigned int* sz);
/*!
- \brief ãã®å¾Œã€CTXã®æœ‰åŠ¹æœŸé–“ãŠã‚ˆã³CTXã‹ã‚‰ä½œæˆã•ã‚ŒãŸSSLオブジェクトã«ã¯ã€asideを設定ã—ã¾ã™ã€‚NULL CTXãƒã‚¤ãƒ³ã‚¿ã¨WOLFSSL_METHOD_FUNC関数を渡ã™ã“ã¨ã«ã‚ˆã£ã¦ã€CTX自体ã®ä½œæˆã‚‚é™çš„メモリを使用ã—ã¾ã™ã€‚wolfssl_method_funcã«ã¯ã€wolfssl_method *(* wolfssl_method_func)ã®é–¢æ•°ç½²åãŒã‚ã‚Šã¾ã™ï¼ˆvoid *ヒープ)。MAXã«0を渡ã™ã¨ã€è¨­å®šã•ã‚Œã¦ã„ãªã„ã‹ã®ã‚ˆã†ã«å‹•ä½œã—ã€æœ€å¤§ã®åŒæ™‚使用制é™ãŒé©ç”¨ã•ã‚Œã¾ã›ã‚“。渡ã•ã‚ŒãŸãƒ•ãƒ©ã‚°å€¤ã«ã‚ˆã£ã¦ã€ãƒ¡ãƒ¢ãƒªã®ä½¿ç”¨æ–¹æ³•ã¨å‹•ä½œä¸­ã®å‹•ä½œãŒæ±ºã¾ã‚Šã¾ã™ã€‚利用å¯èƒ½ãªãƒ•ãƒ©ã‚°ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.0 - デフォルトã®ä¸€èˆ¬ãƒ¡ãƒ¢ãƒªã€WolfMEM_IO_POOL - å—信メッセージã®é€ä¿¡ã¨ä¸€èˆ¬ãƒ¡ãƒ¢ãƒªã‚’オーãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã™ã‚‹ã¨ãã«å…¥å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã«ä½¿ç”¨ã•ã‚Œã‚‹ã®ã§ã€æ¸¡ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡å†…ã®ã™ã¹ã¦ã®ãƒ¡ãƒ¢ãƒªãŒIOã€WolfMem_IO_FIXED - WOLFMEM_IO_POOLã¨åŒã˜ã§ã™ãŒã€ä»Šåº¦ã¯å„SSLã¨åŒã˜ã§ã™ã€‚2ã¤ã®ãƒãƒƒãƒ•ã‚¡ã‚’自分ã®ãƒ©ã‚¤ãƒ•ã‚¿ã‚¤ãƒ ã§è‡ªåˆ†è‡ªèº«ã«ä¿ã¡ã¾ã™ã€‚wolfmem_track_stats - å„SSLã¯å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªçµ±è¨ˆã‚’追跡ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE 失敗ã™ã‚‹ã¨ã€‚
- \param ctx wolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã®ã‚¢ãƒ‰ãƒ¬ã‚¹ã€‚
- \param method プロトコルを作æˆã™ã‚‹æ©Ÿèƒ½ã€‚(CTXã‚‚NULLã§ã‚‚ãªã„å ´åˆã¯NULLã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ï¼‰
- \param buf ã™ã¹ã¦ã®æ“作ã«ä½¿ç”¨ã™ã‚‹ãƒ¡ãƒ¢ãƒªã€‚
+ \brief ã“ã®é–¢æ•°ã¯CTX用ã«é™çš„メモリ領域を設定ã™ã‚‹ç›®çš„ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 設定ã•ã‚ŒãŸé™çš„メモリ領域ã¯CTXã®æœ‰åŠ¹æœŸé–“ãŠã‚ˆã³CTXã‹ã‚‰ä½œæˆã•ã‚ŒãŸå…¨ã¦ã®SSLオブジェクトã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 引数ctxã«NULLを渡ã—ã€wolfSSL_method_func関数を渡ã™ã“ã¨ã«ã‚ˆã£ã¦ã€CTX自体ã®ä½œæˆã‚‚é™çš„メモリを使用ã—ã¾ã™ã€‚
+ wolfssl_method_funcã¯æ¬¡ã®ã‚·ã‚°ãƒãƒãƒ£ã¨ãªã£ã¦ã„ã¾ã™:wolfssl_method *(* wolfssl_method_func)(void *heap)。
+ 引数maxã«0を渡ã™ã¨ã€è¨­å®šã•ã‚Œã¦ã„ãªã„ã‚‚ã®ã¨ã—ã¦å‹•ä½œã—ã€æœ€å¤§ã®åŒæ™‚使用制é™ãŒé©ç”¨ã•ã‚Œã¾ã›ã‚“。
+ 引数flagã«æ¸¡ã—ãŸå€¤ã«ã‚ˆã£ã¦ã€ãƒ¡ãƒ¢ãƒªã®ä½¿ç”¨æ–¹æ³•ã¨å‹•ä½œãŒæ±ºã¾ã‚Šã¾ã™ã€‚
+ 利用å¯èƒ½ãªãƒ•ãƒ©ã‚°å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ï¼š
+ 0 - デフォルトã®ä¸€èˆ¬ãƒ¡ãƒ¢ãƒªã€
+ WOLFMEM_IO_POOL - メッセージã®å—é€ä¿¡ã®éš›ã®å…¥å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã¨ã—ã¦ä½¿ç”¨ã•ã‚Œæ¸¡ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡å†…ã®ã™ã¹ã¦ã®ãƒ¡ãƒ¢ãƒªãŒIOã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€
+ WOLFMEM_IO_FIXED - WOLFMEM_IO_POOLã¨åŒã˜ã§ã™ãŒã€å„SSLã¯2ã¤ã®ãƒãƒƒãƒ•ã‚¡ã‚’自分ã®ãƒ©ã‚¤ãƒ•ã‚¿ã‚¤ãƒ ã®é–“ä¿æŒã—ã¦ä½¿ç”¨ã—ã¾ã™ã€‚
+ WOLFMEM_TRACK_STATS - å„SSLã¯å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªä½¿ç”¨çµ±è¨ˆã‚’追跡ã—ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ctx WOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã®ãƒã‚¤ãƒ³ã‚¿
+ \param method メソッド関数(例ãˆã°ã€wolfSSLv23_server_method_ex)ã§ctxãŒNULLã§ãªã„å ´åˆã¯NULLã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \param buf ã™ã¹ã¦ã®æ“作ã«ä½¿ç”¨ã™ã‚‹ãƒ¡ãƒ¢ãƒªãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param sz 渡ã•ã‚Œã¦ã„るメモリãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚
- \param flag メモリã®ç¨®é¡ž
+ \param flag メモリã®ä½¿ç”¨ã‚¿ã‚¤ãƒ—
+ \param max åŒæ™‚使用ã®æœ€å¤§å€¤
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -542,10 +761,15 @@ int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx,
int flag, int max);
/*!
- \brief ãã—ã¦ã€é™çš„メモリ使用é‡ã«é–¢ã™ã‚‹æƒ…報をåŽé›†ã™ã‚‹ãŸã‚ã«ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \return 1 CTXã®é™çš„メモリを使用ã™ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return 0 é™çš„メモリを使用ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ç¾æ™‚点ã®æŽ¥ç¶šã«é–¢ã™ã‚‹æŒ¯ã‚‹èˆžã„ã®å¤‰æ›´ã¯è¡Œã„ã¾ã›ã‚“。
+ é™çš„メモリ使用é‡ã«é–¢ã™ã‚‹æƒ…報をåŽé›†ã™ã‚‹ãŸã‚ã«ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \return 1 CTXã®é™çš„メモリを使用ã—ã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return 0 é™çš„メモリを使用ã—ã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mem_stats é™çš„メモリã®ä½¿ç”¨é‡ã«é–¢ã™ã‚‹æƒ…報をä¿æŒã™ã‚‹WOLFSSL_MEM_STATS構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -571,10 +795,16 @@ int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx,
WOLFSSL_MEM_STATS* mem_stats);
/*!
- \brief SSLã®é™çš„メモリ使用é‡ã€‚戻り値ã¯ã€é™çš„メモリを読ã¿è¾¼ã‚€ã¨ãã«ã€é™çš„メモリãŒä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’示ã—ã¾ã™ã€‚
- \return 1 CTXã®é™çš„メモリを使用ã™ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return 0 é™çš„メモリを使用ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief wolfSSL_is_static_memory関数ã¯SSLã®é™çš„メモリ使用é‡ã«é–¢ã™ã‚‹æƒ…報を集ã‚ã¾ã™ã€‚
+ 戻り値ã¯ã€é™çš„メモリãŒä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’示ã—ã¾ã™ã€‚
+ 引数sslã®ä¸Šä½ã®WOLFSSL_CTXã«é™çš„メモリを使用ã™ã‚‹ã‚ˆã†ã«æŒ‡å®šã—ã¦ã‚ã‚Šã€WOLFMEM_TRACK_STATSãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã«
+ 引数mem_statsã«æƒ…å ±ãŒã‚»ãƒƒãƒˆã•ã‚Œã¾ã™ã€‚
+ \return 1 é™çš„メモリを使用ã—ã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return 0 é™çš„メモリを使用ã—ã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mem_stats é™çš„メモリã®ä½¿ç”¨é‡ã«é–¢ã™ã‚‹æƒ…報をä¿æŒã™ã‚‹WOLFSSL_MEM_STATS構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl;
@@ -595,12 +825,22 @@ int wolfSSL_is_static_memory(WOLFSSL* ssl,
WOLFSSL_MEM_CONN_STATS* mem_stats);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ï¼ˆwolfssl_ctx)。ファイルã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚format引数ã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—(SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM)を指定ã—ã¾ã™ã€‚é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ãŒèª¤ã£ãŸå½¢å¼ã«ã‚ã‚‹å ´åˆã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆãŒæŒ‡å®šã•ã‚Œã¦ã„ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ファイルã¯å­˜åœ¨ã—ã¾ã›ã‚“。読ã¿å–られãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„るメモリ状態ãŒç™ºç”Ÿã™ã‚‹ã¨ã€ãƒ™ãƒ¼ã‚¹16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ã¯ãƒ•ã‚¡ã‚¤ãƒ«ã§å¤±æ•—ã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
- \param file WolfSSL SSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ ファイルã¯å¼•æ•°fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚
+ 引数formatã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—(SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM)を指定ã—ã¾ã™ã€‚
+ é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚失敗ã—ãŸå ´åˆã®å¯èƒ½ãªåŽŸå› ã¨ã—ã¦ã¯ã€
+ ファイルãŒèª¤ã£ãŸå½¢å¼ã®å ´åˆã€ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆãŒæŒ‡å®šã•ã‚Œã¦ã„ã‚‹ã€
+ ã‚ã‚‹ã„ã¯ãƒ•ã‚¡ã‚¤ãƒ«ãŒå­˜åœ¨ã—ãªã„ã€ã‚ã‚‹ã„ã¯èª­ã¿å–ã‚‹ã“ã¨ãŒã§ããªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã‚‹ã€
+ メモリä¸è¶³ãŒç™ºç”Ÿã€Base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ã«å¤±æ•—ã—ã¦ã„ã‚‹ãªã©ã®åŽŸå› ãŒè€ƒãˆã‚‰ã‚Œã¾ã™ã€‚
+
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param file ロードã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘ス文字列。
+ \param format ロードã™ã‚‹è¨¼æ˜Žæ›¸ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆï¼šSSL_FILETYPE_ASN1 ã‚ã‚‹ã„㯠SSL_FILETYPE_PEM
+
_Example_
\code
int ret = 0;
@@ -621,10 +861,26 @@ int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,
int format);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLコンテキスト(WolfSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ファイルã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚format引数ã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™.SSL_FILETYPE_ASN1OR SSL_FILETYPE_PEM。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。外部キーストアを使用ã—ã€ç§˜å¯†éµã‚’æŒã£ã¦ã„ãªã„å ´åˆã¯ã€ä»£ã‚ã‚Šã«å…¬é–‹éµã‚’入力ã—ã¦CryProコールãƒãƒƒã‚¯ã‚’登録ã—ã¦ç½²åを処ç†ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ã“ã®ãŸã‚ã«ã¯ã€Cryptoコールãƒãƒƒã‚¯ã¾ãŸã¯PKコールãƒãƒƒã‚¯ã‚’使用ã—ãŸãƒ“ルドã§æ§‹ç¯‰ã§ãã¾ã™ã€‚Cryptoコールãƒãƒƒã‚¯ã‚’有効ã«ã™ã‚‹ã«ã¯ã€-enable-cryptocbã¾ãŸã¯wolf_crypto_cbを使用ã—ã€wc_cryptocb_registerDeviceを使用ã—ã¦æš—å·ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’登録ã—ã€wolfssl_ctx_setdevidを使用ã—ã¦é–¢é€£ã™ã‚‹devidを設定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE ファイルã¯é–“é•ã£ãŸå½¢å¼ã§ã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚ファイルãŒå­˜åœ¨ã—ãªã„ã€èª­ã¿è¾¼ã‚ãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã™ã€‚メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ã¾ã™ã€‚base16デコードã¯ãƒ•ã‚¡ã‚¤ãƒ«ã§å¤±æ•—ã—ã¾ã™ã€‚キーファイルã¯æš—å·åŒ–ã•ã‚Œã¦ã„ã¾ã™ãŒã€ãƒ‘スワードã¯æä¾›ã•ã‚Œã¾ã›ã‚“。
+ \ingroup CertsKeys
+
+ \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ ファイルã¯å¼•æ•°fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚
+ 引数formatã¯ã€æ¬¡ã®ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ï¼šSSL_FILETYPE_ASN1 ã‚ã‚‹ã„㯠SSL_FILETYPE_PEM。
+ é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
+ 外部キーストアを使用ã—ã€ç§˜å¯†éµã‚’æŒã£ã¦ã„ãªã„å ´åˆã¯ã€
+ 代ã‚ã‚Šã«å…¬é–‹éµã‚’入力ã—ã¦cryptoコールãƒãƒƒã‚¯ã‚’登録ã—ã¦ç½²åを処ç†ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ ã“ã®ãŸã‚ã«ã¯ã€cryptoコールãƒãƒƒã‚¯ã¾ãŸã¯PKコールãƒãƒƒã‚¯ã‚’使用ã—ãŸã‚³ãƒ³ãƒ•ã‚£ã‚®ãƒ¥ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã§ãƒ“ルドã—ã¾ã™ã€‚
+ cryptoコールãƒãƒƒã‚¯ã‚’有効ã«ã™ã‚‹ã«ã¯ã€--enable-cryptocbã¾ãŸã¯WOLF_CRYPTO_CBマクロを使用ã—ã€
+ wc_CryptoCb_RegisterDeviceを使用ã—ã¦æš—å·ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’登録ã—ã€
+ wolfSSL_CTX_SetDevIdを使用ã—ã¦é–¢é€£ã™ã‚‹devidを設定ã—ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã®å¯èƒ½ãªåŽŸå› ã¨ã—ã¦ã¯ã€
+ ファイルãŒèª¤ã£ãŸå½¢å¼ã®å ´åˆã€ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆãŒæŒ‡å®šã•ã‚Œã¦ã„ã‚‹ã€
+ ã‚ã‚‹ã„ã¯ãƒ•ã‚¡ã‚¤ãƒ«ãŒå­˜åœ¨ã—ãªã„ã€ã‚ã‚‹ã„ã¯èª­ã¿å–ã‚‹ã“ã¨ãŒã§ããªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã‚‹ã€
+ メモリä¸è¶³ãŒç™ºç”Ÿã€Base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ã«å¤±æ•—ã—ã¦ã„ã‚‹ãªã©ã®åŽŸå› ãŒè€ƒãˆã‚‰ã‚Œã¾ã™
+ \param ãªã—
+
_Example_
\code
int ret = 0;
@@ -646,20 +902,33 @@ int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,
int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€PEMå½¢å¼ã®CA証明書ファイルをSSLコンテキスト(WolfSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ã“れらã®è¨¼æ˜Žæ›¸ã¯ã€ä¿¡é ¼ã§ãるルート証明書ã¨ã—ã¦æ‰±ã‚ã‚Œã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ãƒ”ã‚¢ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ファイル引数ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€å˜ä¸€ã®è¨¼æ˜Žæ›¸ã¾ãŸã¯è¤‡æ•°ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚り得る。複数ã®CA CERTãŒåŒã˜ãƒ•ã‚¡ã‚¤ãƒ«ã«å«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€WolfSSLã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚‹ã®ã¨åŒã˜é †åºã§ãれらをロードã—ã¾ã™ã€‚ path引数ã¯ã€ä¿¡é ¼ã§ãるルートCAã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚ファイルã®å€¤ãŒNULLã§ã¯ãªã„å ´åˆã€ãƒ‘スを必è¦ãªå ´åˆã¯ãƒ‘スをNULLã¨ã—ã¦æŒ‡å®šã§ãã¾ã™ã€‚ Libraryã®æ§‹ç¯‰æ™‚ã«ãƒ‘スãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€WOLFSSLãŒæŒ‡å®šã•ã‚ŒãŸãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã«ã‚ã‚‹ã™ã¹ã¦ã®CA証明書をロードã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªå†…ã®ã™ã¹ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’ロードã—よã†ã¨ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ãƒ˜ãƒƒãƒ€ãƒ¼ "-----証明書-----"ã‚’æŒã¤pemフォーマットã•ã‚ŒãŸcert_typeファイルを期待ã—ã¦ã„ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ã¾ã—ãŸã€‚
- \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ãƒ•ã‚¡ã‚¤ãƒ«ã¨ãƒ‘スã®ä¸¡æ–¹ãŒNULLã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€PEMå½¢å¼ã®CA証明書ファイルをSSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ ã“れらã®è¨¼æ˜Žæ›¸ã¯ã€ä¿¡é ¼ã§ãるルート証明書ã¨ã—ã¦æ‰±ã‚ã‚Œã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ãƒ”ã‚¢ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 引数fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€å˜ä¸€ã®è¨¼æ˜Žæ›¸ã¾ãŸã¯è¤‡æ•°ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã®å ´åˆãŒã‚ã‚Šã¾ã™ã€‚
+ 複数ã®CA証明書ãŒåŒã˜ãƒ•ã‚¡ã‚¤ãƒ«ã«å«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSLã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚‹ã®ã¨åŒã˜é †åºã§ãれらをロードã—ã¾ã™ã€‚
+ 引数pathã¯ã€ä¿¡é ¼ã§ãるルートCAã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚
+ 引数fileãŒNULLã§ã¯ãªã„å ´åˆã€ãƒ‘スãŒå¿…è¦ã§ãªã„å ´åˆã¯NULLã¨ã—ã¦æŒ‡å®šã§ãã¾ã™ã€‚
+ 引数pathãŒæŒ‡å®šã•ã‚Œã¦ã„ã¦ã‹ã¤NO_WOLFSSL_DIRãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„å ´åˆã«ã¯ã€
+ wolfSSLライブラリã¯æŒ‡å®šã•ã‚ŒãŸãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã«å­˜åœ¨ã™ã‚‹ã™ã¹ã¦ã®CA証明書をロードã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªå†…ã®ã™ã¹ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’ロードã—よã†ã¨ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€ãƒ˜ãƒƒãƒ€ãƒ¼ã« "-----BEGIN CERTIFICATE-----"ã‚’æŒã¤PEMフォーマットã•ã‚ŒãŸCERT_TYPEファイルを期待ã—ã¦ã„ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ãƒ•ã‚¡ã‚¤ãƒ«ã¨ãƒ‘スã®ä¸¡æ–¹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã€èª­ã¿è¾¼ã‚ãªã„å ´åˆã€ã¾ãŸã¯ç ´æã—ã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå‰æ—¥ã®å‰ã«ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå¾Œã®æ—¥ä»˜ã®å¾Œã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒä½¿ç”¨æœŸé™å¾Œã‚ˆã‚Šå¾Œã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_PATH_ERROR OpenDir()ãŒãƒ‘スを開ã“ã†ã¨ã—ãŸã¨ãã«å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param file PEMå½¢å¼ã®CA証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_PATH_ERROR opendir()ãŒãƒ‘スを開ã“ã†ã¨ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param file PEMå½¢å¼ã®CA証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param path CA証明書をå«ã‚“ã§ã„るディレクトリã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -681,22 +950,37 @@ int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int form
\sa wolfSSL_use_certificate_chain_file
*/
int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
- const char* format);
-
-/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€PEMå½¢å¼ã®CA証明書ファイルをSSLコンテキスト(WolfSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ã“れらã®è¨¼æ˜Žæ›¸ã¯ã€ä¿¡é ¼ã§ãるルート証明書ã¨ã—ã¦æ‰±ã‚ã‚Œã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ãƒ”ã‚¢ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ファイル引数ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€å˜ä¸€ã®è¨¼æ˜Žæ›¸ã¾ãŸã¯è¤‡æ•°ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚り得る。複数ã®CA CERTãŒåŒã˜ãƒ•ã‚¡ã‚¤ãƒ«ã«å«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€WolfSSLã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚‹ã®ã¨åŒã˜é †åºã§ãれらをロードã—ã¾ã™ã€‚ path引数ã¯ã€ä¿¡é ¼ã§ãるルートCAã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚ファイルã®å€¤ãŒNULLã§ã¯ãªã„å ´åˆã€ãƒ‘スを必è¦ãªå ´åˆã¯ãƒ‘スをNULLã¨ã—ã¦æŒ‡å®šã§ãã¾ã™ã€‚ Libraryã®æ§‹ç¯‰æ™‚ã«ãƒ‘スãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€WOLFSSLãŒæŒ‡å®šã•ã‚ŒãŸãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã«ã‚ã‚‹ã™ã¹ã¦ã®CA証明書をロードã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€æŒ‡å®šã•ã‚ŒãŸãƒ•ãƒ©ã‚°ã«åŸºã¥ã„ã¦ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªå†…ã®ã™ã¹ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’ロードã—よã†ã¨ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ãƒ˜ãƒƒãƒ€ãƒ¼ "-----証明書-----"ã‚’æŒã¤PEMå½¢å¼ã®cert_typeファイルを想定ã—ã¦ã„ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ã¾ã—ãŸã€‚
- \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ãƒ•ã‚¡ã‚¤ãƒ«ã¨ãƒ‘スã®ä¸¡æ–¹ãŒNULLã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚å°‘ãªãã¨ã‚‚1ã¤ã®è¨¼æ˜Žæ›¸ãŒæ­£å¸¸ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã¦ã„ã‚‹ãŒã€å¤±æ•—ã—ãŸ1ã¤ä»¥ä¸ŠãŒã‚ã‚‹å ´åˆã€ã“れも返ã•ã‚Œã¾ã™ã€‚ç†ç”±ã§ã‚¨ãƒ©ãƒ¼ã‚¹ã‚¿ãƒƒã‚¯ã‚’確èªã—ã¦ãã ã•ã„。
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ const char* path);
+
+/*!
+ \brief ã“ã®é–¢æ•°ã¯ã€PEMå½¢å¼ã®CA証明書ファイルをSSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ ã“れらã®è¨¼æ˜Žæ›¸ã¯ã€ä¿¡é ¼ã§ãるルート証明書ã¨ã—ã¦æ‰±ã‚ã‚Œã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ãƒ”ã‚¢ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 引数fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€å˜ä¸€ã®è¨¼æ˜Žæ›¸ã¾ãŸã¯è¤‡æ•°ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã®å ´åˆãŒã‚ã‚Šã¾ã™ã€‚
+ 複数ã®CA証明書ãŒåŒã˜ãƒ•ã‚¡ã‚¤ãƒ«ã«å«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSLã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚‹ã®ã¨åŒã˜é †åºã§ãれらをロードã—ã¾ã™ã€‚
+ 引数pathã¯ã€ä¿¡é ¼ã§ãるルートCAã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚
+ 引数fileãŒNULLã§ã¯ãªã„å ´åˆã€ãƒ‘スãŒå¿…è¦ã§ãªã„å ´åˆã¯NULLã¨ã—ã¦æŒ‡å®šã§ãã¾ã™ã€‚
+ 引数pathãŒæŒ‡å®šã•ã‚Œã¦ã„ã¦ã‹ã¤NO_WOLFSSL_DIRãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„å ´åˆã«ã¯ã€
+ wolfSSLライブラリã¯æŒ‡å®šã•ã‚ŒãŸãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã«å­˜åœ¨ã™ã‚‹ã™ã¹ã¦ã®CA証明書をロードã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯å¼•æ•°flagsã«åŸºã¥ã„ã¦ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªå†…ã®ã™ã¹ã¦ã®ãƒ•ã‚¡ã‚¤ãƒ«ã‚’ロードã—よã†ã¨ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€ãƒ˜ãƒƒãƒ€ãƒ¼ã« "-----BEGIN CERTIFICATE-----"ã‚’æŒã¤PEMフォーマットã•ã‚ŒãŸCERT_TYPEファイルを期待ã—ã¦ã„ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ãƒ•ã‚¡ã‚¤ãƒ«ã¨ãƒ‘スã®ä¸¡æ–¹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã€èª­ã¿è¾¼ã‚ãªã„å ´åˆã€ã¾ãŸã¯ç ´æã—ã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒä½¿ç”¨é–‹å§‹æ—¥ã‚ˆã‚Šå‰ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒä½¿ç”¨æœŸé™å¾Œã‚ˆã‚Šå¾Œã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_PATH_ERROR OpenDir()ãŒãƒ‘スを開ã“ã†ã¨ã—ãŸã¨ãã«å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param file PEMå½¢å¼ã®CA証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param path PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’ロードã™ã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_PATH_ERROR opendir()ãŒãƒ‘スを開ã“ã†ã¨ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param file PEMå½¢å¼ã®CA証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param path CA証明書をå«ã‚“ã§ã„るディレクトリã®ãƒ•ã‚©ãƒ«ãƒ€ãƒ¼ãƒ‘ス
+ \param flags 指定å¯èƒ½ãªãƒžã‚¹ã‚¯å€¤: WOLFSSL_LOAD_FLAG_IGNORE_ERR,
+ WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY, WOLFSSL_LOAD_FLAG_PEM_CA_ONLY
+
_Example_
\code
int ret = 0;
@@ -722,16 +1006,85 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
const char* path, unsigned int flags);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€TLS / SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’実行ã™ã‚‹ã¨ãã«ãƒ”アを検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹è¨¼æ˜Žæ›¸ã‚’ロードã—ã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«é€ä¿¡ã•ã‚ŒãŸãƒ”ア証明書ã¯ã€ä½¿ç”¨å¯èƒ½ãªã¨ãã«ã‚¹ã‚­ãƒƒãƒ‰ã‚’使用ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦æ¯”較ã•ã‚Œã¾ã™ã€‚ã“れら2ã¤ã®ã“ã¨ãŒä¸€è‡´ã—ãªã„å ´åˆã¯ã€ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸCASãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚マクロwolfssl_trust_peer_certを定義ã™ã‚‹ã“ã¨ã§æ©Ÿèƒ½ãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
- \return SSL_SUCCES æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ä¸¡æ–¹ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¨ç¨®é¡žãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \ingroup CertsKeys
+
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_load_system_CA_certs ãŒå‘¼ã³å‡ºã•ã‚ŒãŸã¨ãã«ã€
+ wolfSSLãŒã‚·ã‚¹ãƒ†ãƒ CA証明書を検索ã™ã‚‹ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’表ã™æ–‡å­—列ã®é…列ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯æ–‡å­—列é…列ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL 失敗時ã«è¿”ã—ã¾ã™ã€‚
+
+ \param num word32型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚文字列é…列ã®é•·ã•ã‚’æ ¼ç´ã—ã¾ã™ã€‚
+
+ _Example_
+ \code
+ WOLFSSL_CTX* ctx;
+ const char** dirs;
+ word32 numDirs;
+
+ dirs = wolfSSL_get_system_CA_dirs(&numDirs);
+ for (int i = 0; i < numDirs; ++i) {
+ printf("Potential system CA dir: %s\n", dirs[i]);
+ }
+ ...
+ \endcode
+
+ \sa wolfSSL_CTX_load_system_CA_certs
+ \sa wolfSSL_CTX_load_verify_locations
+ \sa wolfSSL_CTX_load_verify_locations_ex
+*/
+const char** wolfSSL_get_system_CA_dirs(word32* num);
+
+/*!
+ \ingroup CertsKeys
+
+ \brief ã“ã®é–¢æ•°ã¯ã€CA証明書をOSä¾å­˜ã®CA証明書ストアã‹ã‚‰WOLFSSL_CTXã«ãƒ­ãƒ¼ãƒ‰ã—よã†ã¨ã—ã¾ã™ã€‚
+ ロードã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã¯ä¿¡é ¼ã•ã‚Œã¾ã™ã€‚
+ サãƒãƒ¼ãƒˆãŠã‚ˆã³ãƒ†ã‚¹ãƒˆã•ã‚Œã¦ã„るプラットフォームã¯ã€Linux(Debianã€Ubuntuã€Gentooã€Fedoraã€RHEL)ã€
+ Windows 10/11ã€Androidã€Apple OS Xã€iOSã§ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_BAD_PATH システムCA証明書ãŒãƒ­ãƒ¼ãƒ‰ã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_FAILURE ãã®ã»ã‹ã®ã‚¨ãƒ©ãƒ¼ç™ºç”Ÿæ™‚(Windows証明書ストアãŒæ­£å¸¸ã«ã‚¯ãƒ­ãƒ¼ã‚ºã•ã‚Œãªã„等)
+
+ \param ctx wolfSSL_CTX_new()ã§ç”Ÿæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ _Example_
+ \code
+ int ret = 0;
+ WOLFSSL_CTX* ctx;
+ ...
+ ret = wolfSSL_CTX_load_system_CA_certs(ctx,);
+ if (ret != WOLFSSL_SUCCESS) {
+ // error loading system CA certs
+ }
+ ...
+ \endcode
+
+ \sa wolfSSL_get_system_CA_dirs
+ \sa wolfSSL_CTX_load_verify_locations
+ \sa wolfSSL_CTX_load_verify_locations_ex
+*/
+int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx);
+
+
+/*!
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€TLS/SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’実行ã™ã‚‹ã¨ãã«ãƒ”アを検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹è¨¼æ˜Žæ›¸ã‚’ロードã—ã¾ã™ã€‚
+ ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«é€ä¿¡ã•ã‚ŒãŸãƒ”ア証明書ã¯ã€ã“ã®é–¢æ•°ã§æŒ‡å®šã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã®SKIDã¨ç½²åを比較ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦æ¤œè¨¼ã•ã‚Œã¾ã™ã€‚
+ ã“れら2ã¤ã®ã“ã¨ãŒä¸€è‡´ã—ãªã„å ´åˆã¯ã€ãƒ”ア証明書ã®æ¤œè¨¼ã«ã¯ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸCA証明書ãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ã“ã®æ©Ÿèƒ½ã¯WOLFSSL_TRUST_PEER_CERTマクロを定義ã™ã‚‹ã“ã¨ã§æ©Ÿèƒ½ã‚’有効ã«ã§ãã¾ã™ã€‚
+ é©åˆ‡ãªä½¿ç”¨æ³•ã¯ä¾‹ã‚’ã”覧ãã ã•ã„。
+
+ \return SSL_SUCCES æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ä¸¡æ–¹ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¨ç¨®é¡žãŒç„¡åŠ¹ãªå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ç”Ÿæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param file 証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret = 0;
@@ -758,11 +1111,18 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX* ctx, const char* file, int type);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€Chain of chainã‚’SSLコンテキスト(WolfSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚証明書ãƒã‚§ãƒ¼ãƒ³ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã€PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€æœ€å¤§MAX_CHAIN_DEPTH(Default = 9ã€internal.hã§å®šç¾©ã•ã‚Œã¦ã„る)証明書ã«åŠ ãˆã¦ã€ã‚µãƒ–ジェクト証明書を処ç†ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ãŒèª¤ã£ãŸå½¢å¼ã«ã‚ã‚‹å ´åˆã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆãŒæŒ‡å®šã•ã‚Œã¦ã„ã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ファイルã¯å­˜åœ¨ã—ã¾ã›ã‚“。読ã¿å–られãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„るメモリ状態ãŒç™ºç”Ÿã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’SSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ 証明書ãƒã‚§ãƒ¼ãƒ³ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã¯å¼•æ•°fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã€PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€æœ€å¤§MAX_CHAIN_DEPTH(既定ã§9ã€internal.hã§å®šç¾©ã•ã‚Œã¦ã„る)数ã®è¨¼æ˜Žæ›¸ã‚’処ç†ã—ã¾ã™ã€‚
+ ã“ã®æ•°ã«ã¯ã‚µãƒ–ジェクト証明書をå«ã¿ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ã¨ã—ã¦ã¯ï¼šèª¤ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã€
+ ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆãŒæŒ‡å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€
+ ファイルãŒå­˜åœ¨ã—ãªã„ã€èª­ã¿å–ã‚Œãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã‚‹ã€ãƒ¡ãƒ¢ãƒªæž¯æ¸‡ãªã©ãŒè€ƒãˆã‚‰ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ç”Ÿæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -783,12 +1143,21 @@ int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx,
const char *file);
/*!
- \ingroup openSSL
- \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã§ä½¿ç”¨ã•ã‚Œã¦ã„るプライベートRSAキーをSSLコンテキスト(WolfSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfsslãŒOpenSSL互æ›å±¤æœ‰åŠ¹ï¼ˆ--enable-openSSlextraã€#define openssl_extra)ã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿åˆ©ç”¨å¯èƒ½ã§ã€ã‚ˆã‚Šä¸€èˆ¬çš„ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹wolfssl_ctx_use_privatekey_file()関数ã¨åŒã˜ã§ã™ã€‚ファイル引数ã«ã¯ã€RSA秘密éµãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒã€ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚入力キーファイルãŒèª¤ã£ãŸå½¢å¼ã§ã‚ã‚‹ã‹ã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ãŒå­˜åœ¨ã—ãªã„ã€èª­ã¿è¾¼ã‚ãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„ãªã„ã€ãƒ¡ãƒ¢ãƒªä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup openSSL
+ \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã§ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹RSA秘密éµã‚’SSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSLãŒOpenSSL互æ›APIãŒæœ‰åŠ¹ï¼ˆ--enable-openSSLExtraã€#define OPENSSL_EXTRA)ã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿åˆ©ç”¨å¯èƒ½ã§ã€
+ より一般的ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹wolfSSL_CTX_use_PrivateKey_file()関数ã¨åŒã˜ã§ã™ã€‚
+ ファイル引数ã«ã¯ã€RSA秘密éµãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒã€å¼•æ•°formatã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ 失敗ã®åŽŸå› ã«ã¯æ¬¡ãŒè€ƒãˆã‚‰ã‚Œã¾ã™ï¼šå…¥åŠ›éµãƒ•ã‚¡ã‚¤ãƒ«ãŒèª¤ã£ãŸå½¢å¼ã§ã‚ã‚‹ã€
+ ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã‚‹å ´åˆã€
+ ファイルãŒå­˜åœ¨ã—ãªã„ã€èª­ã¿è¾¼ã‚ãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã‚‹ã€ãƒ¡ãƒ¢ãƒªä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param file フォーマットã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§ã€WolfSSL SSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹RSA秘密éµã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param format RSA秘密éµã®ã‚¨ãƒ³ã‚³ãƒ¼ãƒ‰å½¢å¼ã‚’指定ã—ã¾ã™ã€‚指定å¯èƒ½ãªãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆå€¤ã¯ï¼šSSL_FILETYPE_PEM 㨠SSL_FILETYPE_ASN1
+
_Example_
\code
int ret = 0;
@@ -810,10 +1179,11 @@ int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx,
int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€æœ‰åŠ¹ãªã‚»ãƒƒã‚·ãƒ§ãƒ³ã®ãŸã‚ã«ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§9ã®æœ€å¤§ãƒã‚§ãƒ¼ãƒ³æ·±åº¦ã‚’è¿”ã—ã¾ã™ã€‚ã“ã‚Œã¯ã€NULL以外ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚ªãƒ–ジェクト(SSL)ãŒã‚ã‚Šã¾ã™ã€‚
- \return MAX_CHAIN_DEPTH wolfssl_ctx構造ãŒnullã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚デフォルトã§ã¯å€¤ã¯9ã§ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造ãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€æœ‰åŠ¹ãªã‚»ãƒƒã‚·ãƒ§ãƒ³ï¼ˆNULL以外ã®å¼•æ•°ssl)ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã«ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§9ã®æœ€å¤§ãƒã‚§ãƒ¼ãƒ³æ·±åº¦ã‚’è¿”ã—ã¾ã™ã€‚
+ \return MAX_CHAIN_DEPTH WOLFSSL構造体ãŒNULLã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚デフォルトã§ã¯å€¤ã¯9ã§ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -832,10 +1202,11 @@ int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int f
long wolfSSL_get_verify_depth(WOLFSSL* ssl);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€CTX構造を使用ã—ã¦è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³æ·±åº¦ã‚’å–å¾—ã—ã¾ã™ã€‚
- \return MAX_CHAIN_DEPTH CTX構造体ãŒNULLã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚最大証明書ãƒã‚§ãƒ¼ãƒ³ãƒ”ア深度ã®å®šæ•°è¡¨ç¾ã€‚
- \return BAD_FUNC_ARG CTX構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造体構造を使用ã—ã¦è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³æ·±åº¦ã‚’å–å¾—ã—ã¾ã™ã€‚
+ \return MAX_CHAIN_DEPTH WOLFSSL_CTX構造体ãŒNULLã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚最大証明書ãƒã‚§ãƒ¼ãƒ³ãƒ”ア深度ã®å®šæ•°è¡¨ç¾ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_METHOD method; // protocol method
@@ -855,12 +1226,19 @@ long wolfSSL_get_verify_depth(WOLFSSL* ssl);
long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
/*!
- \ingroup openSSL
- \brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLセッション(WolfSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚証明書ファイルã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚format引数ã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—(SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM)を指定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ファイルã¯èª¤ã£ãŸå½¢å¼ã§ã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã™ã‚‹ã¨ã€ãƒ•ã‚¡ã‚¤ãƒ«ã§base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ãŒå¤±æ•—ã™ã‚‹
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param file wolfssl sslセッションã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã¯ã€ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã—ã¾ã™ã€‚
+ \ingroup openSSL
+ \brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLセッション(WOLFSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ 証明書ファイルã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚
+ 引数formatã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—(SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM)を指定ã—ã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ã€‚
+ ファイルãŒèª¤ã£ãŸå½¢å¼ã€ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚ŒãŸã€
+ メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸã€ãƒ•ã‚¡ã‚¤ãƒ«ã§Base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ãŒå¤±æ•—ã—ãŸ
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param file WOLFSSL構造体ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param format 証明書ファイルã®ã‚¨ãƒ³ã‚³ãƒ¼ãƒ‰å½¢å¼ã‚’指定ã—ã¾ã™ã€‚指定å¯èƒ½ãªãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆå€¤ã¯ï¼šSSL_FILETYPE_PEM 㨠SSL_FILETYPE_ASN1
+
_Example_
\code
int ret = 0;
@@ -880,12 +1258,25 @@ long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format);
/*!
- \ingroup openSSL
- \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLセッション(WolfSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚キーファイルã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚format引数ã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®å½¢å¼ã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ - SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。外部キーストアを使用ã—ã€ç§˜å¯†éµã‚’æŒã£ã¦ã„ãªã„å ´åˆã¯ã€ä»£ã‚ã‚Šã«å…¬é–‹éµã‚’入力ã—ã¦CryProコールãƒãƒƒã‚¯ã‚’登録ã—ã¦ç½²åを処ç†ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚ã“ã®ãŸã‚ã«ã¯ã€Cryptoコールãƒãƒƒã‚¯ã¾ãŸã¯PKコールãƒãƒƒã‚¯ã‚’使用ã—ãŸãƒ“ルドã§æ§‹ç¯‰ã§ãã¾ã™ã€‚Cryptoコールãƒãƒƒã‚¯ã‚’有効ã«ã™ã‚‹ã«ã¯ã€--enable-cryptocbã¾ãŸã¯wolf_crypto_cbを使用ã—ã€wc_cryptocb_registerDeviceを使用ã—ã¦æš—å·ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’登録ã—ã€wolfssl_setdevidを使用ã—ã¦é–¢é€£ã™ã‚‹devidを設定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ファイルã¯èª¤ã£ãŸå½¢å¼ã§ã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã¾ã™ãŒã€ãƒ•ã‚¡ã‚¤ãƒ«ã¯å­˜åœ¨ã—ã¾ã›ã‚“。メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã™ã‚‹ã¨ã€ãƒ™ãƒ¼ã‚¹16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ãŒãƒ•ã‚¡ã‚¤ãƒ«ã§å¤±æ•—ã—ã€ã‚­ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã¯æš—å·åŒ–ã•ã‚Œã¦ã„ã¾ã™ãŒã€ãƒ‘スワードã¯æä¾›ã•ã‚Œã¦ã„ã¾ã›ã‚“。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param file wolfssl sslセッションã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹ã‚­ãƒ¼ãƒ•ã‚¡ã‚¤ãƒ«ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã¯ã€ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã—ã¾ã™ã€‚
+ \ingroup openSSL
+ \brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãƒ•ã‚¡ã‚¤ãƒ«ã‚’SSLセッション(WOLFSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ éµãƒ•ã‚¡ã‚¤ãƒ«ã¯å¼•æ•°fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚
+ 引数formatã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ã‚¿ã‚¤ãƒ—(SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEMãŒæŒ‡å®šå¯ï¼‰ã‚’指定ã—ã¾ã™ã€‚
+ 外部キーストアを使用ã—ã€ç§˜å¯†éµã‚’æŒã£ã¦ã„ãªã„å ´åˆã¯ã€ä»£ã‚ã‚Šã«å…¬é–‹éµã‚’入力ã—ã¦CryProコールãƒãƒƒã‚¯ã‚’登録ã—ã¦ç½²åを処ç†ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ ã“ã®ãŸã‚ã«ã¯ã€Cryptoコールãƒãƒƒã‚¯ã¾ãŸã¯PKコールãƒãƒƒã‚¯ã‚’使用ã—ãŸã‚³ãƒ³ãƒ•ã‚£ã‚°ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã§ãƒ“ルドã—ã¾ã™ã€‚
+ Cryptoコールãƒãƒƒã‚¯ã‚’有効ã«ã™ã‚‹ã«ã¯ã€--enable-cryptocbã¾ãŸã¯WOLF_CRYPTO_CBマクロを使用ã—ã¦ãƒ“ルドã—ã€
+ wc_CryptoCb_RegisterDeviceを使用ã—ã¦æš—å·ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’登録ã—ã€
+ wolfSSL_SetDevIdを使用ã—ã¦é–¢é€£ã™ã‚‹devIdを設定ã—ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ã€‚
+ ファイルãŒèª¤ã£ãŸå½¢å¼ã€ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚ŒãŸã€
+ メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸã€ãƒ•ã‚¡ã‚¤ãƒ«ã§Base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ãŒå¤±æ•—ã—ãŸ
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param file WOLFSSL構造体ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param format 秘密éµãƒ•ã‚¡ã‚¤ãƒ«ã®ã‚¨ãƒ³ã‚³ãƒ¼ãƒ‰å½¢å¼ã‚’指定ã—ã¾ã™ã€‚指定å¯èƒ½ãªãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆå€¤ã¯ï¼šSSL_FILETYPE_PEM 㨠SSL_FILETYPE_ASN1
+
_Example_
\code
int ret = 0;
@@ -907,11 +1298,19 @@ int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format);
int wolfSSL_use_PrivateKey_file(WOLFSSL* ssl, const char* file, int format);
/*!
- \ingroup openSSL
- \brief ã“ã®é–¢æ•°ã¯ã€Chain of chainã‚’SSLセッション(WolfSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚証明書ãƒã‚§ãƒ¼ãƒ³ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã¯ãƒ•ã‚¡ã‚¤ãƒ«å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã€PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€MAX_CHAIN_DEPTH(Default = 9ã€internal.hã§å®šç¾©ã•ã‚Œã¦ã„る)証明書ã«åŠ ãˆã¦ã€ã‚µãƒ–ジェクト証明書を処ç†ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚ファイルã¯èª¤ã£ãŸå½¢å¼ã§ã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã¾ã™ã€‚メモリã®çŠ¶æ…‹ãŒç™ºç”Ÿã—ã¾ã™
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup openSSL
+ \brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’SSLセッションWOLFSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ 証明書ãƒã‚§ãƒ¼ãƒ³ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã¯å¼•æ•°fileã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã€PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€MAX_CHAIN_DEPTH(既定ã§9ã€internal.hã§å®šç¾©ã•ã‚Œã¦ã„る)証明書ã«åŠ ãˆã¦ã€ã‚µãƒ–ジェクト証明書を処ç†ã—ã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ï¼š
+ ファイルãŒèª¤ã£ãŸå½¢å¼ã€ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚ŒãŸã€
+ メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸã€ãƒ•ã‚¡ã‚¤ãƒ«ã§base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ãŒå¤±æ•—ã—ãŸ
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param file WOLFSSL構造体ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ 証明書ã¯PEMå½¢å¼ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+
_Example_
\code
int ret = 0;
@@ -930,11 +1329,18 @@ int wolfSSL_use_PrivateKey_file(WOLFSSL* ssl, const char* file, int format);
int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
/*!
- \ingroup openSSL
- \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã§ä½¿ç”¨ã•ã‚Œã¦ã„るプライベートRSAキーをSSLセッション(WolfSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfsslãŒOpenSSL互æ›å±¤æœ‰åŠ¹ï¼ˆ--enable-openSSlextraã€#define openssl_extra)ã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿åˆ©ç”¨å¯èƒ½ã§ã€ã‚ˆã‚Šä¸€èˆ¬çš„ã«ä½¿ç”¨ã•ã‚Œã‚‹wolfssl_use_privatekey_file()関数ã¨åŒã˜ã§ã™ã€‚ファイル引数ã«ã¯ã€RSA秘密éµãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒã€ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã€å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚入力キーファイルãŒèª¤ã£ãŸå½¢å¼ã§ã‚ã‚‹ã‹ã€ã¾ãŸã¯ã€Œformatã€å¼•æ•°ã‚’使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ãŒå­˜åœ¨ã—ãªã„ã€èª­ã¿è¾¼ã‚ãªã„ã€ã¾ãŸã¯ç ´æã—ã¦ã„ãªã„ã€ãƒ¡ãƒ¢ãƒªä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ã¾ã™
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup openSSL
+ \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã§ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹RSA秘密éµã‚’SSLセッション(WOLFSSL構造体)ã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfSSLãŒOpenSSL互æ›APIを有効(--enable-openSSlExtraã€#define OPENSSL_EXTRA)ã§ãƒ“ルドã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã®ã¿åˆ©ç”¨å¯èƒ½ã§ã€
+ より一般的ã«ä½¿ç”¨ã•ã‚Œã‚‹wolfSSL_use_PrivateKey_file()関数ã¨åŒã˜ã§ã™ã€‚
+ 引数fileã«ã¯ã€RSA秘密éµãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒã€ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 関数呼ã³å‡ºã—ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ å¯èƒ½ãªåŽŸå› ã«ã¯æ¬¡ã®ã‚ˆã†ãªã‚‚ã®ãŒã‚ã‚Šã¾ã™ï¼š
+ ファイルãŒèª¤ã£ãŸå½¢å¼ã€ã¾ãŸã¯å¼•æ•°formatを使用ã—ã¦èª¤ã£ãŸå½¢å¼ãŒä¸Žãˆã‚‰ã‚ŒãŸã€
+ メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸã€ãƒ•ã‚¡ã‚¤ãƒ«ã§Base16ã®ãƒ‡ã‚³ãƒ¼ãƒ‰ãŒå¤±æ•—ã—ãŸ
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret = 0;
@@ -956,12 +1362,21 @@ int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
int wolfSSL_use_RSAPrivateKey_file(WOLFSSL* ssl, const char* file, int format);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯wolfssl_ctx_load_verify_locationsã¨ä¼¼ã¦ã„ã¾ã™ãŒã€Derフォーマットã•ã‚ŒãŸCAファイルをSSLコンテキスト(WolfSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã™ã‚‹ã“ã¨ã‚’許å¯ã—ã¾ã™ã€‚ãã‚Œã¯ã¾ã PEMå½¢å¼ã®CAファイルをロードã™ã‚‹ãŸã‚ã«ã‚‚使用ã•ã‚Œã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。ã“れらã®è¨¼æ˜Žæ›¸ã¯ã€ä¿¡é ¼ã§ãるルート証明書ã¨ã—ã¦æ‰±ã‚ã‚Œã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ãƒ”ã‚¢ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ファイル引数ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€å˜ä¸€ã®è¨¼æ˜Žæ›¸ã¾ãŸã¯è¤‡æ•°ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚り得る。複数ã®CA CERTãŒåŒã˜ãƒ•ã‚¡ã‚¤ãƒ«ã«å«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€WolfSSLã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚‹ã®ã¨åŒã˜é †åºã§ãれらをロードã—ã¾ã™ã€‚ format引数ã¯ã€è¨¼æ˜Žæ›¸ãŒSSL_FILETYPE_PEMã¾ãŸã¯SSL_FILETYPE_ASN1(DER)ã®ã„ãšã‚Œã‹ã«ã‚ã‚‹å½¢å¼ã‚’指定ã—ã¾ã™ã€‚ wolfssl_ctx_load_verify_locationsã¨ã¯ç•°ãªã‚Šã€ã“ã®é–¢æ•°ã¯ç‰¹å®šã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ‘スã‹ã‚‰ã®CA証明書ã®ãƒ­ãƒ¼ãƒ‰ã‚’許å¯ã—ã¾ã›ã‚“。ã“ã®é–¢æ•°ã¯ã€WolfSSLライブラリãŒwolfssl_der_doad定義ã•ã‚ŒãŸçŠ¶æ…‹ã§ã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã«ã®ã¿åˆ©ç”¨å¯èƒ½ã§ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FAILURE 失敗ã™ã‚‹ã¨ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯wolfSSL_CTX_load_verify_locationsã¨ä¼¼ã¦ã„ã¾ã™ãŒã€
+ DERフォーマットã•ã‚ŒãŸCAファイルをSSLコンテキスト(WOLFSSL_CTX)ã«ãƒ­ãƒ¼ãƒ‰ã™ã‚‹ã“ã¨ã‚’許å¯ã—ã¾ã™ã€‚
+ ãã‚Œã¯ã¾ã PEMå½¢å¼ã®CAファイルをロードã™ã‚‹ãŸã‚ã«ã‚‚使用ã•ã‚Œã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。
+ ã“れらã®è¨¼æ˜Žæ›¸ã¯ã€ä¿¡é ¼ã§ãるルート証明書ã¨ã—ã¦æ‰±ã‚ã‚Œã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ãƒ”ã‚¢ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ ファイル引数ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã¯ã€å˜ä¸€ã®è¨¼æ˜Žæ›¸ã¾ãŸã¯è¤‡æ•°ã®è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚‚å¯èƒ½ã€‚
+ 複数ã®CA証明書ãŒåŒã˜ãƒ•ã‚¡ã‚¤ãƒ«ã«å«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSLã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¡¨ç¤ºã•ã‚Œã¦ã„ã‚‹ã®ã¨åŒã˜é †åºã§ãれらをロードã—ã¾ã™ã€‚
+ 引数formatã¯ã€è¨¼æ˜Žæ›¸ãŒSSL_FILETYPE_PEMã¾ãŸã¯SSL_FILETYPE_ASN1(DER)ã®ã„ãšã‚Œã‹ã«ã‚ã‚‹å½¢å¼ã‚’指定ã—ã¾ã™ã€‚
+ wolfSSL_CTX_load_verify_locationsã¨ã¯ç•°ãªã‚Šã€ã“ã®é–¢æ•°ã¯ç‰¹å®šã®ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ‘スã‹ã‚‰ã®CA証明書ã®ãƒ­ãƒ¼ãƒ‰ã‚’許å¯ã—ã¾ã›ã‚“。
+ ã“ã®é–¢æ•°ã¯ã€wolfSSLライブラリãŒWOLFSSL_DER_LOADマクロãŒå®šç¾©ã•ã‚ŒãŸçŠ¶æ…‹ã§ãƒ“ルドã•ã‚ŒãŸã¨ãã«ã®ã¿åˆ©ç”¨å¯èƒ½ã§ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 失敗ã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param file wolfssl SSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹CA証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã‚’フォーマットã§æŒ‡å®šã•ã‚ŒãŸå½¢å¼ã§æŒ‡å®šã—ã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -981,10 +1396,11 @@ int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx,
const char* file, int format);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€å…¥åŠ›ã®ãŸã‚ã®æ‰€æœ›ã®SSL / TLSプロトコル方å¼ã‚’å–ã£ã¦ã€æ–°ã—ã„SSLコンテキストを作æˆã—ã¾ã™ã€‚
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒæ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_ctxã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return NULL 失敗ã™ã‚‹ã¨ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€æ‰€æœ›ã®SSL/TLSプロトコル用メソッド構造体を引数ã«å–ã£ã¦ã€æ–°ã—ã„SSLコンテキストを作æˆã—ã¾ã™ã€‚
+ \return pointer æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -1005,10 +1421,11 @@ int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx,
WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯æ–°ã—ã„SSLセッションを作æˆã—ã€ã™ã§ã«ä½œæˆã•ã‚ŒãŸSSLコンテキストを入力ã¨ã—ã¦ä½œæˆã—ã¾ã™ã€‚
- \return * æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ãŒæ–°ã—ã作æˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return NULL 失敗ã™ã‚‹ã¨ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã™ã§ã«ä½œæˆã•ã‚ŒãŸSSLコンテキスト(WOLFSSL_CTX)を入力ã¨ã—ã¦ã€æ–°ã—ã„SSLセッション(WOLFSSL)を作æˆã—ã¾ã™ã€‚
+ \return æˆåŠŸã—ãŸå ´åˆã€æ–°ã—ã作æˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -1031,11 +1448,13 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã®å…¥å‡ºåŠ›æ©Ÿèƒ½ã¨ã—ã¦ãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ï¼ˆFD)を割り当ã¦ã¾ã™ã€‚通常ã“ã‚Œã¯ã‚½ã‚±ãƒƒãƒˆãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ã«ãªã‚Šã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return Bad_FUNC_ARG 失敗ã™ã‚‹ã¨ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã®å…¥å‡ºåŠ›æ©Ÿèƒ½ã¨ã—ã¦ãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­(fd)を割り当ã¦ã¾ã™ã€‚通常ã“ã‚Œã¯ã‚½ã‚±ãƒƒãƒˆãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ã«ãªã‚Šã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param fd SSL/TLS接続ã«ä½¿ç”¨ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‡ã‚£ã‚¹ã‚¯ãƒªãƒ—ã‚¿
+
_Example_
\code
int sockfd;
@@ -1059,10 +1478,13 @@ int wolfSSL_set_fd (WOLFSSL* ssl, int fd);
\brief ã“ã®é–¢æ•°ã¯ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‡ã‚£ã‚¹ã‚¯ãƒªãƒ—ã‚¿(fd)ã‚’SSLコãƒã‚¯ã‚·ãƒ§ãƒ³ã®å…¥å‡ºåŠ›æ‰‹æ®µã¨ã—ã¦è¨­å®šã—ã¾ã™ã€‚
通常ã¯ã‚½ã‚±ãƒƒãƒˆãƒ•ã‚¡ã‚¤ãƒ«ãƒ‡ã‚£ã‚¹ã‚¯ãƒªãƒ—ã‚¿ãŒæŒ‡å®šã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯DTLS専用ã®APIã§ã‚ã‚Šã€ã‚½ã‚±ãƒƒãƒˆã¯æŽ¥ç¶šæ¸ˆã¿ã¨ãƒžãƒ¼ã‚¯ã•ã‚Œã¾ã™ã€‚
ã—ãŸãŒã£ã¦ã€ä¸Žãˆã‚‰ã‚ŒãŸfdã«å¯¾ã™ã‚‹recvfromã¨sendto呼ã³å‡ºã—ã§ã®addrã¨addr_lenã¯NULLã«è¨­å®šã•ã‚Œã¾ã™ã€‚
+
\return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return Bad_FUNC_ARG 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfSSL_new()ã§ç”Ÿæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param fd SSL/TLSコãƒã‚¯ã‚·ãƒ§ãƒ³ã«ä½¿ç”¨ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‡ã‚£ã‚¹ã‚¯ãƒªãƒ—タ。
+
_Example_
\code
int sockfd;
@@ -1086,26 +1508,75 @@ int wolfSSL_set_fd (WOLFSSL* ssl, int fd);
int wolfSSL_set_dtls_fd_connected(WOLFSSL* ssl, int fd);
/*!
- \ingroup IO
- \brief 渡ã•ã‚ŒãŸå„ªå…ˆé †ä½ã®æš—å·ã®åå‰ã‚’å–å¾—ã—ã¾ã™ã€‚
- \return string æˆåŠŸ
- \return 0 優先順ä½ã¯ç¯„囲外ã¾ãŸã¯ç„¡åŠ¹ã§ã™ã€‚
+ \ingroup Setup
+
+ \brief ã“ã®é–¢æ•°ã¯DTLS ClientHelloメッセージãŒæ­£ã—ã処ç†ã§ããŸéš›ã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’設定ã—ã¾ã™ã€‚
+ クッキー交æ›ãƒ¡ã‚«ãƒ‹ã‚ºãƒ ã‚’使用ã™ã‚‹å ´åˆ(DTLS1.2ã®HelloVerifyRequest ã‹
+ DTLS1.3ã®ã‚¯ãƒƒã‚­ãƒ¼æ‹¡å¼µã‚’ä¼´ã£ãŸHelloRetryRequestã®ã„ãšã‚Œã‹ã‚’使用ã™ã‚‹å ´åˆ)ã«ã¯ã€
+ クッキー交æ›ãŒæˆåŠŸã—ãŸæ™‚点ã§ã“ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
+ ã“ã®æ©Ÿèƒ½ã¯ã²ã¨ã¤ã®WOLFSSLオブジェクトを新ãŸãªæŽ¥ç¶šã‚’å¾…ã¡å—ã‘るリスナーã¨ã—ã¦ä½¿ã„,
+ ClientHelloãŒæ¤œè¨¼ã•ã‚ŒãŸWOLFSSLオブジェクトã‹ã‚‰çµ¶ç¸ã•ã›ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ ã“ã®å ´åˆã®æ¤œè¨¼ã¯ã‚¯ãƒƒã‚­ãƒ¼äº¤æ›ã‹ClientHelloãŒæ­£ã—ã„フォーマットã«ãªã£ã¦ã„ã‚‹ã‹ã®ãƒã‚§ãƒƒã‚¯ã«ã‚ˆã£ã¦ãªã•ã‚Œã¾ã™ã€‚
+
+ DTLS 1.2:
+ https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.1
+ DTLS 1.3:
+ https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param fd SSL/TLSコãƒã‚¯ã‚·ãƒ§ãƒ³ã«ä½¿ç”¨ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‡ã‚£ã‚¹ã‚¯ãƒªãƒ—タ。
+
+ _Example_
+ \code
+
+ // Called when we have verified a connection
+ static int chGoodCb(WOLFSSL* ssl, void* arg)
+ {
+ // setup peer and file descriptors
+
+ }
+
+ if (wolfDTLS_SetChGoodCb(ssl, chGoodCb, NULL) != WOLFSSL_SUCCESS) {
+ // error setting callback
+ }
+ \endcode
+
+ \sa wolfSSL_set_dtls_fd_connected
+*/
+int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx);
+
+/*!
+ \ingroup IO
+
+ \brief ã“ã®é–¢æ•°ã¯å¼•æ•°ã§æ¸¡ã•ã‚ŒãŸå„ªå…ˆé †ä½ã®æš—å·å(Cipher)文字列ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯æš—å·å(Cipher)文字列ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return 0 引数ã§æ¸¡ã•ã‚ŒãŸå„ªå…ˆé †ä½ãŒç¯„囲外ã‹ã‚ã‚‹ã„ã¯ç„¡åŠ¹ãªå€¤ã§ã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param priority 整数値ã§æŒ‡å®šã™ã‚‹å„ªå…ˆé †ä½
+
_Example_
\code
printf("The cipher at 1 is %s", wolfSSL_get_cipher_list(1));
\endcode
+
\sa wolfSSL_CIPHER_get_name
\sa wolfSSL_get_current_cipher
*/
char* wolfSSL_get_cipher_list(int priority);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯wolfsslã§ã‚¤ãƒãƒ¼ãƒ–ルã•ã‚ŒãŸæš—å·ã‚’å–å¾—ã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯wolfSSã§æœ‰åŠ¹åŒ–ã•ã‚Œã¦ã„ã‚‹æš—å·å(Cipher)ã‚’å–å¾—ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG bufパラメータãŒnullã®å ´åˆã€ã¾ãŸã¯len引数ãŒã‚¼ãƒ­ä»¥ä¸‹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BUFFER_E ãƒãƒƒãƒ•ã‚¡ãŒå分ã«å¤§ãããªãã€ã‚ªãƒ¼ãƒãƒ¼ãƒ•ãƒ­ãƒ¼ã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
- \param buf ãƒãƒƒãƒ•ã‚¡ã‚’表ã™æ–‡å­—ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG 引数bufãŒNULLã®å ´åˆã€ã¾ãŸã¯å¼•æ•°lenãŒã‚¼ãƒ­ä»¥ä¸‹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E ãƒãƒƒãƒ•ã‚¡ãŒå分ã«å¤§ãããªãã€ã‚ªãƒ¼ãƒãƒ¼ãƒ•ãƒ­ãƒ¼ã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param buf 文字列を格ç´ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param len ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
static void ShowCiphers(void){
@@ -1124,10 +1595,12 @@ char* wolfSSL_get_cipher_list(int priority);
int wolfSSL_get_ciphers(char* buf, int len);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€å¼•æ•°ã‚’wolfssl_get_cipher_name_internalã«æ¸¡ã™ã“ã¨ã«ã‚ˆã£ã¦ã€DHE-RSAã®å½¢å¼ã®æš—å·åã‚’å–å¾—ã—ã¾ã™ã€‚
- \return string ã“ã®é–¢æ•°ã¯ã€ä¸€è‡´ã—ãŸæš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã®æ–‡å­—列表ç¾ã‚’è¿”ã—ã¾ã™ã€‚
- \return NULL エラーã¾ãŸã¯æš—å·ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“。
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€å¼•æ•°ã‚’wolfSSL_get_cipher_name_internalã«æ¸¡ã™ã“ã¨ã«ã‚ˆã£ã¦ã€DHE-RSAã®å½¢å¼ã®æš—å·åã‚’å–å¾—ã—ã¾ã™ã€‚
+ \return æˆåŠŸæ™‚ã«ã¯ä¸€è‡´ã—ãŸæš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã®æ–‡å­—列表ç¾ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL エラーã¾ãŸã¯æš—å·ãŒè¦‹ã¤ã‹ã‚‰ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -1149,9 +1622,10 @@ int wolfSSL_get_ciphers(char* buf, int len);
const char* wolfSSL_get_cipher_name(WOLFSSL* ssl);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã®å…¥å‡ºåŠ›æ©Ÿèƒ½ã¨ã—ã¦ä½¿ç”¨ã•ã‚Œã‚‹ãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ï¼ˆFD)を返ã—ã¾ã™ã€‚通常ã“ã‚Œã¯ã‚½ã‚±ãƒƒãƒˆãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ã«ãªã‚Šã¾ã™ã€‚
- \return fd 正常ã«ã‚³ãƒ¼ãƒ«ãŒSSLセッションファイル記述å­ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€SSL接続ã®å…¥å‡ºåŠ›æ©Ÿèƒ½ã¨ã—ã¦ä½¿ç”¨ã•ã‚Œã‚‹ãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­(fd)ã‚’è¿”ã—ã¾ã™ã€‚通常ã“ã‚Œã¯ã‚½ã‚±ãƒƒãƒˆãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ã«ãªã‚Šã¾ã™ã€‚
+ \return fd æˆåŠŸæ™‚ã«ã¯SSLセッションã«é–¢é€£ã¤ã‘られã¦ã„るファイル記述å­ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
int sockfd;
@@ -1165,10 +1639,18 @@ const char* wolfSSL_get_cipher_name(WOLFSSL* ssl);
int wolfSSL_get_fd(const WOLFSSL*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfsslオブジェクトã«åŸºç¤Žã¨ãªã‚‹I / OãŒãƒ–ロックã•ã‚Œã¦ã„ãªã„ã“ã¨ã‚’通知ã—ã¾ã™ã€‚アプリケーションãŒWolfSSLオブジェクトを作æˆã—ãŸå¾Œã€ãƒ–ロッキング以外ã®ã‚½ã‚±ãƒƒãƒˆã§ä½¿ç”¨ã•ã‚Œã‚‹å ´åˆã¯ã€wolfssl_set_using_nonblock()を呼ã³å‡ºã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€wolfsslオブジェクトã¯ã€Ewouldblockã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSLオブジェクトã«åŸºç¤Žã¨ãªã‚‹I/OãŒãƒŽãƒ³ãƒ–ロックã§ã‚ã‚‹ã“ã¨ã‚’通知ã—ã¾ã™ã€‚
+ アプリケーションãŒWOLFSSLオブジェクトを作æˆã—ãŸå¾Œã€ãƒ–ロッキング以外ã®ã‚½ã‚±ãƒƒãƒˆã§ä½¿ç”¨ã™ã‚‹å ´åˆã¯ã€
+ wolfssl_set_using_nonblock()を呼ã³å‡ºã—ã¾ã™ã€‚
+ ã“ã‚Œã«ã‚ˆã‚Šã€wolfsslオブジェクトã¯ã€EWOULDBLOCKã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
+
+ \return ãªã—
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param nonblock WOLFSSLオブジェクトã«ãƒŽãƒ³ãƒ–ロッキングI/Oを使用ã™ã‚‹ã“ã¨ã‚’通知ã™ã‚‹ãƒ•ãƒ©ã‚°ã€‚
+ 1を指定ã™ã‚‹ã“ã¨ã§ãƒŽãƒ³ãƒ–ロッキングI/Oを使用ã™ã‚‹ã“ã¨ã‚’指定ã™ã‚‹ã€‚
+
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1182,10 +1664,15 @@ int wolfSSL_get_fd(const WOLFSSL*);
void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock);
/*!
- \ingroup IO
- \brief ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€WolfSSLãŒéžãƒ–ロッキングI / Oを使用ã—ã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’アプリケーションãŒåˆ¤æ–­ã§ãã¾ã™ã€‚WolfSSLãŒãƒŽãƒ³ãƒ–ロッキングI / Oを使用ã—ã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€wolfsslオブジェクトã¯ã€Ewouldblockã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return 0 基礎ã¨ãªã‚‹I / OãŒãƒ–ロックã•ã‚Œã¦ã„ã¾ã™ã€‚
- \return 1 基礎ã¨ãªã‚‹I / Oã¯éžãƒ–ロッキングã§ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€wolfSSLãŒãƒŽãƒ³ãƒ–ロッキングI/Oを使用ã—ã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’アプリケーションãŒåˆ¤æ–­ã§ãã¾ã™ã€‚
+ wolfSSLãŒãƒŽãƒ³ãƒ–ロッキングI/Oを使用ã—ã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ã€‚
+ アプリケーションãŒWOLFSSLオブジェクトを生æˆã—ãŸå¾Œã«wolfSSL_set_using_nonblock()を呼ã³å‡ºã—ã¦ãƒŽãƒ³ãƒ–ロッキングソケットを使ã†ã¨ã“ã®é–¢æ•°ã¯ï¼‘ã‚’è¿”ã—ã¾ã™ã€‚
+ ã“ã‚Œã«ã‚ˆã‚Šã€WOLFSSLオブジェクトã¯ã€recevfromãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã›ãšä»£ã‚ã‚Šã«EWOULDBLOCKã‚’å—ä¿¡ã™ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
+
+ \return 0 基礎ã¨ãªã‚‹I/OãŒãƒ–ロックã•ã‚Œã¦ã„ã¾ã™ã€‚
+ \return 1 基礎ã¨ãªã‚‹I/Oã¯éžãƒ–ロッキングã§ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -1202,13 +1689,22 @@ void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock);
int wolfSSL_get_using_nonblock(WOLFSSL*);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€ãƒãƒƒãƒ•ã‚¡ã€ãƒ‡ãƒ¼ã‚¿ã€SSL接続ã€SSLã«SZãƒã‚¤ãƒˆã‚’書ãè¾¼ã¿ã¾ã™ã€‚å¿…è¦ã«å¿œã˜ã¦ã€wolfssl_write()ã¯ã¾ã wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_write()ã¯SSL / TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚wolfssl_write()ã¯ã€ãƒ–ロックã¨éžãƒ–ロッキングI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_write()ãŒwolfssl_write()ã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«wolfssl_write()ãŒæˆ»ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚ãã®çµæžœã€åŸºç¤Žã¨ãªã‚‹I / OãŒæº–å‚™ãŒã§ããŸã‚‰ã€å‘¼ã³å‡ºã—å´ãƒ—ロセスã¯wolfssl_write()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€WolfSSL_WRITE()ã¯ã€ã‚µã‚¤ã‚ºSZã®ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ãŒå®Œå…¨ã«æ›¸ã‹ã‚ŒãŸã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã€æˆ»ã‚‹ã ã‘ã§ã™ã€‚
- \return >0 æˆåŠŸæ™‚ã«æ›¸ã‹ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã€‚
- \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSSL_WRITE()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param data ピアã«é€ä¿¡ã•ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒãƒƒãƒ•ã‚¡ã‚ã‚‹ã„ã¯ãƒ‡ãƒ¼ã‚¿ã‹ã‚‰ã€SSL接続ã«å¯¾ã—ã¦ã€szãƒã‚¤ãƒˆã‚’書ãè¾¼ã¿ã¾ã™ã€‚
+ å¿…è¦ã«å¿œã˜ã¦ã€wolfSSL_write()ã®å‘¼ã³å‡ºã—時点ã§ã¯ã¾ã wolfSSL_connect()ã¾ãŸã¯wolfSSL_accept()ãŒã¾ã å‘¼ã³å‡ºã•ã‚Œã¦ã„ãªã„å ´åˆã€SSL/TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚
+ wolfSSL_write()ã¯ã€ãƒ–ロックã¨ãƒŽãƒ³ãƒ–ロッキングI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒŽãƒ³ãƒ–ロッキングã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSL_write()ãŒè¦æ±‚を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã‚‰wolfSSL_write()ã¯é–¢æ•°å‘¼ã³å‡ºã—ã‹ã‚‰ã™ãã«æˆ»ã‚Šã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’è¿”ã—ã¾ã™ã€‚
+ ãã®çµæžœã€åŸºç¤Žã¨ãªã‚‹I/OãŒæº–å‚™ãŒã§ããŸã‚‰ã€å‘¼ã³å‡ºã—å´ãƒ—ロセスã¯wolfssl_write()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€WolfSSL_WRITE()ã¯ã€ã‚µã‚¤ã‚ºSZã®ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ãŒå®Œå…¨ã«æ›¸ã‹ã‚ŒãŸã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã€æˆ»ã‚‹ã ã‘ã§ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯æ›¸ã込んã ãƒã‚¤ãƒˆæ•°ï¼ˆ1以上)を返ã—ã¾ã™ã€‚
+ \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSSL_WRITE()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param data ピアã«é€ä¿¡ã•ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã‚’å«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param sz é€ä¿¡ãƒ‡ãƒ¼ã‚¿ã‚’å«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1230,13 +1726,25 @@ int wolfSSL_get_using_nonblock(WOLFSSL*);
int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€SSLセッション(SSL)内部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã‹ã‚‰SZãƒã‚¤ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ã«èª­ã¿å‡ºã—ã¾ã™ã€‚読ã¿å–られãŸãƒã‚¤ãƒˆã¯å†…部å—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰å‰Šé™¤ã•ã‚Œã¾ã™ã€‚å¿…è¦ã«å¿œã˜ã¦ã€wolfssl_read()ãŒã¾ã wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€wolfssl_read()ãŒSSL / TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚ SSL / TLSプロトコルã¯ã€æœ€å¤§ã‚µã‚¤ã‚ºã®SSLレコードを使用ã—ã¾ã™ï¼ˆæœ€å¤§ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚µã‚¤ã‚ºã¯<wolfssl_root> /wolfssl/internal.h)。ãã®ãŸã‚ã€WolfSSLã¯ã€ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’処ç†ãŠã‚ˆã³å¾©å·åŒ–ã™ã‚‹ã“ã¨ãŒã§ãã‚‹å‰ã«ã€SSLレコード全体を内部的ã«èª­ã¿å–ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®ãŸã‚ã€wolfssl_read()ã¸ã®å‘¼ã³å‡ºã—ã¯ã€å‘¼ã³å‡ºã—時ã«å¾©å·åŒ–ã•ã‚ŒãŸæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã™ã“ã¨ãŒã§ãã¾ã™ã€‚検索ã•ã‚Œã€æ¬¡å›žã®wolfssl_read()ã¸ã®å‘¼ã³å‡ºã—ã§å¾©å·åŒ–ã•ã‚Œã‚‹å†…部WolfSSLå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã§å¾…æ©Ÿã—ã¦ã„ãªã„追加ã®å¾©å·åŒ–データãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。 SZãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡å†…ã®ãƒã‚¤ãƒˆæ•°ã‚ˆã‚Šå¤§ãã„å ´åˆã€SSL_READ()ã¯å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚ BYTESãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã«ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€WOLFSSL_READ()ã¸ã®å‘¼ã³å‡ºã—ã¯æ¬¡ã®ãƒ¬ã‚³ãƒ¼ãƒ‰ã®å‡¦ç†ã‚’トリガーã—ã¾ã™ã€‚
- \return >0 æˆåŠŸæ™‚ã«èª­ã¿å–られãŸãƒã‚¤ãƒˆæ•°ã€‚
- \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒªãƒ¼ãƒ³ï¼ˆé€šçŸ¥ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é–‰ã˜ã‚‹ï¼‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã¾ãŸã¯ãƒ”ã‚¢ãŒæŽ¥ç¶šã‚’é–‰ã˜ãŸã ã‘ã§ã‚ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSL_READ()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param data wolfssl_read()ãŒãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€SSLセッション(ssl)ã®å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã‹ã‚‰szãƒã‚¤ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ã«èª­ã¿å‡ºã—ã¾ã™ã€‚
+ 読ã¿å–られãŸãƒã‚¤ãƒˆã¯å†…部å—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰å‰Šé™¤ã•ã‚Œã¾ã™ã€‚
+ å¿…è¦ã«å¿œã˜ã¦ã€wolfSSL_read()ã®å‘¼ã³å‡ºã—時点ã§ã¯ã¾ã wolfSSL_connect()ã¾ãŸã¯wolfSSL_accept()ãŒã¾ã å‘¼ã³å‡ºã•ã‚Œã¦ã„ãªã„å ´åˆã€SSL/TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚
+ SSL/TLSプロトコルã¯ã€æœ€å¤§ã‚µã‚¤ã‚ºã®SSLレコードを使用ã—ã¾ã™ï¼ˆæœ€å¤§ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚µã‚¤ã‚ºã¯<wolfssl_root> /wolfssl/internal.h)。
+ ãã®ãŸã‚ã€wolfSSLã¯ã€ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’処ç†ãŠã‚ˆã³å¾©å·ã™ã‚‹ã“ã¨ãŒã§ãã‚‹å‰ã«ã€SSLレコード全体を内部的ã«èª­ã¿å–ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®ãŸã‚ã€wolfSSL_read()ã¸ã®å‘¼ã³å‡ºã—ã¯ã€å‘¼ã³å‡ºã—時ã«å¾©å·ã•ã‚ŒãŸæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã™ã“ã¨ãŒã§ãã¾ã™ã€‚
+ 検索ã•ã‚Œã€æ¬¡å›žã®wolfSSL_read()ã¸ã®å‘¼ã³å‡ºã—ã§å¾©å·ã•ã‚Œã‚‹å†…部wolfSSLå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã§å¾…æ©Ÿã—ã¦ã„ãªã„追加ã®å¾©å·ãƒ‡ãƒ¼ã‚¿ãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。
+ szãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡å†…ã®ãƒã‚¤ãƒˆæ•°ã‚ˆã‚Šå¤§ãã„å ´åˆã€wolfSSL_read()ã¯å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚
+ BYTESãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã«ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€wolfSSL_read()ã¸ã®å‘¼ã³å‡ºã—ã¯æ¬¡ã®ãƒ¬ã‚³ãƒ¼ãƒ‰ã®å‡¦ç†ã‚’トリガーã—ã¾ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯èª­ã¿å–られãŸãƒã‚¤ãƒˆæ•°ï¼ˆ1以上)を返ã—ã¾ã™ã€‚
+ \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒªãƒ¼ãƒ³ï¼ˆé€šçŸ¥ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é–‰ã˜ã‚‹ï¼‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã¾ãŸã¯ãƒ”ã‚¢ãŒæŽ¥ç¶šã‚’é–‰ã˜ãŸã ã‘ã§ã‚ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ 特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯ãƒŽãƒ³ãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦wolfSSL_read()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param data wolfSSL_read()ãŒèª­ã¿å–るデータを格ç´ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã«èª­ã¿å–るデータã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1259,13 +1767,15 @@ int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz);
int wolfSSL_read(WOLFSSL* ssl, void* data, int sz);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯SSLセッション(SSL)内部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã‹ã‚‰SZãƒã‚¤ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€å†…部SSLセッションå—ä¿¡ãƒãƒƒãƒ•ã‚¡å†…ã®ãƒ‡ãƒ¼ã‚¿ãŒå‰Šé™¤ã•ã‚Œã¦ã„ãªã„ã‹å¤‰æ›´ã•ã‚Œã¦ã„ãªã„ã“ã¨ã‚’除ã„ã¦ã€wolfssl_read()ã¨åŒã˜ã§ã™ã€‚å¿…è¦ã«å¿œã˜ã¦ã€wolfssl_read()ã®ã‚ˆã†ã«ã€wolfssl_peek()ã¯ã¾ã wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_peek()ã¯SSL / TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚ SSL / TLSプロトコルã¯ã€æœ€å¤§ã‚µã‚¤ã‚ºã®SSLレコードを使用ã—ã¾ã™ï¼ˆæœ€å¤§ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚µã‚¤ã‚ºã¯<wolfssl_root> /wolfssl/internal.h)。ãã®ãŸã‚ã€WolfSSLã¯ã€ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’処ç†ãŠã‚ˆã³å¾©å·åŒ–ã™ã‚‹ã“ã¨ãŒã§ãã‚‹å‰ã«ã€SSLレコード全体を内部的ã«èª­ã¿å–ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®ãŸã‚ã€wolfssl_peek()ã¸ã®å‘¼ã³å‡ºã—ã¯ã€å‘¼ã³å‡ºã—時ã«å¾©å·åŒ–ã•ã‚ŒãŸæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã™ã“ã¨ãŒã§ãã¾ã™ã€‚ wolfssl_peek()/ wolfssl_read()ã¸ã®æ¬¡ã®å‘¼ã³å‡ºã—ã§æ¤œç´¢ãŠã‚ˆã³å¾©å·åŒ–ã•ã‚Œã‚‹å†…部WolfSSLå—ä¿¡ãƒãƒƒãƒ•ã‚¡å†…ã§å¾…æ©Ÿã—ã¦ã„ãªã„追加ã®å¾©å·åŒ–データãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。 SZãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡å†…ã®ãƒã‚¤ãƒˆæ•°ã‚ˆã‚Šã‚‚大ãã„å ´åˆã€SSL_PEEK()ã¯å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚ãƒã‚¤ãƒˆãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã«ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ãªã„å ´åˆã€Wolfssl_peek()ã¸ã®å‘¼ã³å‡ºã—ã¯æ¬¡ã®ãƒ¬ã‚³ãƒ¼ãƒ‰ã®å‡¦ç†ã‚’トリガーã—ã¾ã™ã€‚
- \return >0 æˆåŠŸæ™‚ã«èª­ã¿å–られãŸãƒã‚¤ãƒˆæ•°ã€‚
- \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒªãƒ¼ãƒ³ï¼ˆé€šçŸ¥ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é–‰ã˜ã‚‹ï¼‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã¾ãŸã¯ãƒ”ã‚¢ãŒæŽ¥ç¶šã‚’é–‰ã˜ãŸã ã‘ã§ã‚ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WolfSSL_PEEK()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param data wolfssl_peek()ãŒãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯SSLセッション(SSL)内部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã‹ã‚‰SZãƒã‚¤ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€å†…部SSLセッションå—ä¿¡ãƒãƒƒãƒ•ã‚¡å†…ã®ãƒ‡ãƒ¼ã‚¿ãŒå‰Šé™¤ã•ã‚Œã¦ã„ãªã„ã‹å¤‰æ›´ã•ã‚Œã¦ã„ãªã„ã“ã¨ã‚’除ã„ã¦ã€wolfssl_read()ã¨åŒã˜ã§ã™ã€‚å¿…è¦ã«å¿œã˜ã¦ã€wolfssl_read()ã®ã‚ˆã†ã«ã€wolfssl_peek()ã¯ã¾ã wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_peek()ã¯SSL / TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚ SSL/TLSプロトコルã¯ã€æœ€å¤§ã‚µã‚¤ã‚ºã®SSLレコードを使用ã—ã¾ã™ï¼ˆæœ€å¤§ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚µã‚¤ã‚ºã¯<wolfssl_root> /wolfssl/internal.h)。ãã®ãŸã‚ã€WolfSSLã¯ã€ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’処ç†ãŠã‚ˆã³å¾©å·åŒ–ã™ã‚‹ã“ã¨ãŒã§ãã‚‹å‰ã«ã€SSLレコード全体を内部的ã«èª­ã¿å–ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®ãŸã‚ã€wolfssl_peek()ã¸ã®å‘¼ã³å‡ºã—ã¯ã€å‘¼ã³å‡ºã—時ã«å¾©å·åŒ–ã•ã‚ŒãŸæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã™ã“ã¨ãŒã§ãã¾ã™ã€‚ wolfssl_peek()/ wolfssl_read()ã¸ã®æ¬¡ã®å‘¼ã³å‡ºã—ã§æ¤œç´¢ãŠã‚ˆã³å¾©å·åŒ–ã•ã‚Œã‚‹å†…部WolfSSLå—ä¿¡ãƒãƒƒãƒ•ã‚¡å†…ã§å¾…æ©Ÿã—ã¦ã„ãªã„追加ã®å¾©å·åŒ–データãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。 SZãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡å†…ã®ãƒã‚¤ãƒˆæ•°ã‚ˆã‚Šã‚‚大ãã„å ´åˆã€SSL_PEEK()ã¯å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚ãƒã‚¤ãƒˆãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã«ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ãªã„å ´åˆã€Wolfssl_peek()ã¸ã®å‘¼ã³å‡ºã—ã¯æ¬¡ã®ãƒ¬ã‚³ãƒ¼ãƒ‰ã®å‡¦ç†ã‚’トリガーã—ã¾ã™ã€‚
+ \return æˆåŠŸæ™‚ã«ã¯èª­ã¿å–られãŸãƒã‚¤ãƒˆæ•°ï¼ˆ1以上)を返ã—ã¾ã™ã€‚
+ \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒªãƒ¼ãƒ³ï¼ˆé€šçŸ¥ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é–‰ã˜ã‚‹ï¼‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã¾ãŸã¯ãƒ”ã‚¢ãŒæŽ¥ç¶šã‚’é–‰ã˜ãŸã ã‘ã§ã‚ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯ãƒŽãƒ³ãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦wolfSSL_peek()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param data wolfSSL_peek()ãŒãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã«èª­ã¿å–るデータã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1282,10 +1792,19 @@ int wolfSSL_read(WOLFSSL* ssl, void* data, int sz);
int wolfSSL_peek(WOLFSSL* ssl, void* data, int sz);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã€SSLクライアントãŒSSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã™ã‚‹ã®ã‚’å¾…ã¡ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚wolfssl_accept()ã¯ã€ãƒ–ロックã¨éžãƒ–ロッキングI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹å ´åˆã€wolfssl_accept()ã¯ã€åŸºç¤Žã¨ãªã‚‹I / OãŒwolfssl_acceptã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚通話プロセスã¯ã€èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ‡ãƒ¼ã‚¿ãŒä½¿ç”¨å¯èƒ½ã§ã‚ã‚Šã€wolfsslãŒåœæ­¢ã—ãŸå ´æ‰€ã‚’拾ã†ã¨ãã«ã€wolfssl_acceptã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_accept()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰æˆ»ã‚Šã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã€SSLクライアントãŒSSL/TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã™ã‚‹ã®ã‚’å¾…ã¡ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
+ wolfSSL_accept()ã¯ã€ãƒ–ロックã¨ãƒŽãƒ³ãƒ–ロッキングI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹å ´åˆã€wolfSSL_accept()ã¯ã€åŸºç¤Žã¨ãªã‚‹I/OãŒwolfSSL_acceptã®è¦æ±‚を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚
+ 呼ã³å‡ºã—プロセスã¯ã€èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ‡ãƒ¼ã‚¿ãŒä½¿ç”¨å¯èƒ½ã§ã‚ã‚Šã€wolfSSLãŒåœæ­¢ã—ãŸå ´æ‰€ã‚’拾ã†ã¨ãã«ã€wolfSSL_acceptã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹I/OãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSL_accept()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰æˆ»ã‚Šã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret = 0;
@@ -1306,9 +1825,12 @@ int wolfSSL_peek(WOLFSSL* ssl, void* data, int sz);
int wolfSSL_accept(WOLFSSL*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸwolfssl_ctxオブジェクトを解放ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯CTXå‚照数を減らã—ã€å‚照カウントãŒ0ã«é”ã—ãŸã¨ãã«ã®ã¿ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’解放ã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸWOLFSSL_CTXオブジェクトを解放ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯CTXå‚照数を減らã—ã€å‚照カウントãŒ0ã«é”ã—ãŸã¨ãã«ã®ã¿ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’解放ã—ã¾ã™ã€‚
+ \return ãªã—
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -1322,9 +1844,11 @@ int wolfSSL_accept(WOLFSSL*);
void wolfSSL_CTX_free(WOLFSSL_CTX*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸwolfsslオブジェクトを解放ã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸWOLFSSLオブジェクトを解放ã—ã¾ã™ã€‚
+ \return ãªã—
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -1340,11 +1864,21 @@ void wolfSSL_CTX_free(WOLFSSL_CTX*);
void wolfSSL_free(WOLFSSL*);
/*!
- \ingroup TLS
- \brief ã“ã®é–¢æ•°ã¯ã€SSLセッションSSLを使用ã—ã¦ã‚¢ã‚¯ãƒ†ã‚£ãƒ–ãªSSL / TLS接続をシャットダウンã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ãƒ”ã‚¢ã«ã€ŒClose Notifyã€ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é€ä¿¡ã—よã†ã¨ã—ã¾ã™ã€‚呼ã³å‡ºã—å´ã‚¢ãƒ—リケーションã¯ã€PeerãŒãã®ã€Œé–‰ã˜ã‚‹é€šçŸ¥ã€ã‚¢ãƒ©ãƒ¼ãƒˆã‚’応答ã«é€ä¿¡ã™ã‚‹ã®ã‚’å¾…ã¤ã‹ã€ã¾ãŸã¯ç›´æŽ¥wolfssl_shutdownを呼ã³å‡ºã—ãŸå¾Œï¼ˆãƒªã‚½ãƒ¼ã‚¹ã‚’ä¿å­˜ã™ã‚‹ãŸã‚ã«ï¼‰wolfssl_shutdownを直接通話ã—ãŸå¾Œã«åŸºç¤Žã¨ãªã‚‹æŽ¥ç¶šã‚’åœæ­¢ã™ã‚‹ã®ã‚’å¾…ã¤ã“ã¨ãŒã§ãã¾ã™ã€‚ã©ã¡ã‚‰ã®ã‚ªãƒ—ションã¯TLS仕様ã§è¨±å¯ã•ã‚Œã¦ã„ã¾ã™ã€‚å°†æ¥ã€åŸºç¤Žã¨ãªã‚‹æŽ¥ç¶šãŒå†ã³ä½¿ç”¨ã•ã‚Œã‚‹å ´åˆã€åŒæœŸã‚’ピア間ã§ç„¡å‚·ã®ã¾ã¾ä¿ã¤ãŸã‚ã«å®Œå…¨ãª2æ–¹å‘ã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³æ‰‹é †ã‚’実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ wolfssl_shutdown()ã¯ã€ãƒ–ロックã¨éžãƒ–ロッキングI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒŽãƒ³ãƒ–ロッキングã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfsl_shutdown()ãŒwolfssl_shutdown()ã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã€wolfssl_shutdown()ã¯ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚ãã®çµæžœã€åŸºç¤Žã¨ãªã‚‹I / OãŒæº–å‚™ãŒã§ããŸã‚‰ã€å‘¼ã³å‡ºã—å´ãƒ—ロセスã¯wolfssl_shutdown()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™ã€‚
- \return SSL_SHUTDOWN_NOT_DONE シャットダウンãŒçµ‚了ã—ã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã€æ©Ÿèƒ½ã‚’å†åº¦å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- \return SSL_FATAL_ERROR 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚より具体的ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«å¯¾ã—ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \ingroup TLS
+ \brief ã“ã®é–¢æ•°ã¯ã€å¼•æ•°sslã®SSLセッションã«å¯¾ã—ã¦ã‚¢ã‚¯ãƒ†ã‚£ãƒ–ãªSSL/TLS接続をシャットダウンã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€ãƒ”ã‚¢ã«"Close Notify"アラートをé€ä¿¡ã—よã†ã¨ã—ã¾ã™ã€‚
+ 呼ã³å‡ºã—å´ã‚¢ãƒ—リケーションã¯ã€PeerãŒãã®"Close Notify"アラートを応答ã¨ã—ã¦é€ä¿¡ã—ã¦ãã‚‹ã®ã‚’å¾…ã¤ã‹ã€
+ ã¾ãŸã¯wolfSSL_shutdownã‹ã‚‰å‘¼ã³å‡ºã—ãŒæˆ»ã£ãŸæ™‚点ã§ï¼ˆãƒªã‚½ãƒ¼ã‚¹ã‚’ä¿å­˜ã™ã‚‹ãŸã‚ã«ï¼‰ä¸‹å±¤ã®æŽ¥ç¶šã‚’切断ã™ã‚‹ã®ã‚’å¾…ã¤ã“ã¨ãŒã§ãã¾ã™ã€‚
+ ã©ã¡ã‚‰ã®ã‚ªãƒ—ションもTLS仕様ã§è¨±ã•ã‚Œã¦ã„ã¾ã™ã€‚シャットダウンã—ãŸå¾Œã«ä¸‹å±¤ã®æŽ¥ç¶šã‚’å†ã³åˆ¥ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã§ä½¿ç”¨ã™ã‚‹äºˆå®šãªã‚‰ã°ã€ãƒ”ア間ã§åŒæœŸã‚’ä¿ã¤ãŸã‚ã«å®Œå…¨ãª2æ–¹å‘ã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³æ‰‹é †ã‚’実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ wolfSSL_shutdown()ã¯ã€ãƒ–ロックã¨ãƒŽãƒ³ãƒ–ロッキングI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 下層ã®I/OãŒãƒŽãƒ³ãƒ–ロッキングã®å ´åˆã€wolfSSL_shutdown()ãŒè¦æ±‚を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã€wolfSSL_shutdown()ã¯ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚
+ ãã®çµæžœã€ä¸‹å±¤ã®I/OãŒæº–å‚™ãŒã§ããŸã‚‰ã€å‘¼ã³å‡ºã—å´ãƒ—ロセスã¯wolfSSL_shutdown()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_SHUTDOWN_NOT_DONE シャットダウンãŒçµ‚了ã—ã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã€é–¢æ•°ã‚’å†åº¦å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \return SSL_FATAL_ERROR 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚より具体的ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã¯wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -1363,14 +1897,24 @@ void wolfSSL_free(WOLFSSL*);
int wolfSSL_shutdown(WOLFSSL*);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€åŸºç¤Žã¨ãªã‚‹æ›¸ãè¾¼ã¿æ“作ã®ãŸã‚ã«æŒ‡å®šã•ã‚ŒãŸãƒ•ãƒ©ã‚°ã‚’使用ã—ã¦ã€ãƒãƒƒãƒ•ã‚¡ã€ãƒ‡ãƒ¼ã‚¿ã€ãƒ‡ãƒ¼ã‚¿ã‹ã‚‰SZãƒã‚¤ãƒˆã‚’SSL接続SSLã«æ›¸ãè¾¼ã¿ã¾ã™ã€‚å¿…è¦ã«å¿œã˜ã¦ã€wolfssl_send()ãŒã¾ã wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€wolfssl_send()ãŒSSL / TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚wolfssl_send()ã¯ã€ãƒ–ロックã¨éžãƒ–ロッキングI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒéžãƒ–ロックã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_send()ãŒwolfssl_sendã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«wolfssl_send()ãŒæˆ»ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚ãã®çµæžœã€åŸºç¤Žã¨ãªã‚‹å…¥å‡ºåŠ›ãŒæº–å‚™ãŒã§ããŸã‚‰ã€å‘¼ã³å‡ºã—å´ãƒ—ロセスã¯wolfssl_send()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€Wolfssl_send()ã¯ã€ã‚µã‚¤ã‚ºSZã®ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ãŒå®Œå…¨ã«æ›¸ãè¾¼ã¾ã‚ŒãŸã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã€æˆ»ã‚‹ã ã‘ã§ã™ã€‚
- \return >0 æˆåŠŸæ™‚ã«æ›¸ã‹ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã€‚
- \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSSL_SEND()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param data ピアã«é€ä¿¡ã™ã‚‹ãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã€‚
- \param sz ピアã«é€ä¿¡ã•ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆï¼‰ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€æ›¸ãè¾¼ã¿æ“作ã®ãŸã‚ã«æŒ‡å®šã•ã‚ŒãŸãƒ•ãƒ©ã‚°ã‚’使用ã—ã¦ãƒãƒƒãƒ•ã‚¡ã‚ã‚‹ã„ã¯ãƒ‡ãƒ¼ã‚¿ã‹ã‚‰ã€SSL接続ã«å¯¾ã—ã¦ã€szãƒã‚¤ãƒˆã‚’書ãè¾¼ã¿ã¾ã™ã€‚
+ å¿…è¦ã«å¿œã˜ã¦ã€wolfSSL_send()ã®å‘¼ã³å‡ºã—時点ã§ã¯ã¾ã wolfSSL_connect()ã¾ãŸã¯wolfSSL_accept()ãŒã¾ã å‘¼ã³å‡ºã•ã‚Œã¦ã„ãªã„å ´åˆã€SSL/TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚
+ wolfSSL_send()ã¯ã€ãƒ–ロックã¨ãƒŽãƒ³ãƒ–ロッキングI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒŽãƒ³ãƒ–ロッキングã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSL_send()ãŒè¦æ±‚を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã‚‰wolfSSL_send()ã¯é–¢æ•°å‘¼ã³å‡ºã—ã‹ã‚‰ã™ãã«æˆ»ã‚Šã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’è¿”ã—ã¾ã™ã€‚
+ ãã®çµæžœã€åŸºç¤Žã¨ãªã‚‹I/OãŒæº–å‚™ãŒã§ããŸã‚‰ã€å‘¼ã³å‡ºã—å´ãƒ—ロセスã¯wolfSSL_send()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfSSL_send()ã¯ã€ã‚µã‚¤ã‚ºSZã®ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ãŒå®Œå…¨ã«æ›¸ã‹ã‚ŒãŸã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã€æˆ»ã‚‹ã ã‘ã§ã™ã€‚
+
+ \return æˆåŠŸæ™‚ã«ã¯æ›¸ã込んã ãƒã‚¤ãƒˆæ•°ï¼ˆ1以上)を返ã—ã¾ã™ã€‚
+ \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSSL_WRITE()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param data ピアã«é€ä¿¡ã•ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã‚’å«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param sz é€ä¿¡ãƒ‡ãƒ¼ã‚¿ã‚’å«ã‚“ã§ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+ \param flags 下層ã®I/Oã®sendã«å¯¾ã—ã¦æŒ‡å®šã™ã‚‹ãƒ•ãƒ©ã‚°
+
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1391,14 +1935,25 @@ int wolfSSL_shutdown(WOLFSSL*);
int wolfSSL_send(WOLFSSL* ssl, const void* data, int sz, int flags);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€åŸºç¤Žã¨ãªã‚‹RECV動作ã®ãŸã‚ã«æŒ‡å®šã•ã‚ŒãŸãƒ•ãƒ©ã‚°ã‚’使用ã—ã¦ã€SSLセッション(SSL)内部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã‹ã‚‰SZãƒã‚¤ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ã«èª­ã¿å‡ºã—ã¾ã™ã€‚読ã¿å–られãŸãƒã‚¤ãƒˆã¯å†…部å—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰å‰Šé™¤ã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯wolfssl_read()ã¨åŒã˜ã§ã™ã€‚ãŸã ã—ã€ã‚¢ãƒ—リケーションãŒåŸºç¤Žã¨ãªã‚‹èª­ã¿å–ã‚Šæ“作ã®RECVフラグを設定ã§ãã‚‹ã“ã¨ã‚’許å¯ã—ã¾ã™ã€‚å¿…è¦ã«å¿œã˜ã¦wolfssl_recv()ãŒwolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€SSL / TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚ SSL / TLSプロトコルã¯ã€æœ€å¤§ã‚µã‚¤ã‚ºã®SSLレコードを使用ã—ã¾ã™ï¼ˆæœ€å¤§ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚µã‚¤ã‚ºã¯<wolfssl_root> /wolfssl/internal.h)。ãã®ãŸã‚ã€WolfSSLã¯ã€ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’処ç†ãŠã‚ˆã³å¾©å·åŒ–ã™ã‚‹ã“ã¨ãŒã§ãã‚‹å‰ã«ã€SSLレコード全体を内部的ã«èª­ã¿å–ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®ãŸã‚ã€wolfssl_recv()ã¸ã®å‘¼ã³å‡ºã—ã¯ã€å‘¼ã³å‡ºã—時ã«å¾©å·åŒ–ã•ã‚ŒãŸæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã™ã“ã¨ãŒã§ãã‚‹ã ã‘ã§ã™ã€‚ wolfssl_recv()ã¸ã®æ¬¡ã®å‘¼ã³å‡ºã—ã§æ¤œç´¢ãŠã‚ˆã³å¾©å·åŒ–ã•ã‚Œã‚‹å†…部WolfSSLå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã§å¾…æ©Ÿã—ã¦ã„ãªã„追加ã®å¾©å·åŒ–ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。 SZãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡å†…ã®ãƒã‚¤ãƒˆæ•°ã‚ˆã‚Šã‚‚大ãã„å ´åˆã€SSL_RECV()ã¯å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚ãƒã‚¤ãƒˆãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã«ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€WOLFSSL_RECV()ã¸ã®å‘¼ã³å‡ºã—ã¯æ¬¡ã®ãƒ¬ã‚³ãƒ¼ãƒ‰ã®å‡¦ç†ã‚’トリガーã—ã¾ã™ã€‚
- \return >0 æˆåŠŸæ™‚ã«èª­ã¿å–られãŸãƒã‚¤ãƒˆæ•°ã€‚
- \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒªãƒ¼ãƒ³ï¼ˆé€šçŸ¥ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é–‰ã˜ã‚‹ï¼‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã¾ãŸã¯ãƒ”ã‚¢ãŒæŽ¥ç¶šã‚’é–‰ã˜ãŸã ã‘ã§ã‚ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒç™ºç”Ÿã—ã€ã‚¢ãƒ—リケーションãŒå†ã³WOLFSSL_RECV()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param data wolfssl_recv()ãŒãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€åŸºç¤Žã¨ãªã‚‹RECV動作ã®ãŸã‚ã«æŒ‡å®šã•ã‚ŒãŸãƒ•ãƒ©ã‚°ã‚’使用ã—ã¦ã€SSLセッション(ssl)内部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã‹ã‚‰szãƒã‚¤ãƒˆã‚’ãƒãƒƒãƒ•ã‚¡ãƒ‡ãƒ¼ã‚¿ã«èª­ã¿å‡ºã—ã¾ã™ã€‚
+ 読ã¿å–られãŸãƒã‚¤ãƒˆã¯å†…部å—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‹ã‚‰å‰Šé™¤ã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯wolfssl_read()ã¨åŒã˜ã§ã™ã€‚
+ ãŸã ã—ã€ã‚¢ãƒ—リケーションãŒåŸºç¤Žã¨ãªã‚‹èª­ã¿å–ã‚Šæ“作ã®RECVフラグを設定ã§ãã‚‹ã“ã¨ã‚’許å¯ã—ã¾ã™ã€‚
+ å¿…è¦ã«å¿œã˜ã¦wolfssl_recv()ãŒwolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã«ã‚ˆã£ã¦ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒã¾ã å®Ÿè¡Œã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€SSL/TLSセッションをãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¾ã™ã€‚
+ SSL/TLSプロトコルã¯ã€æœ€å¤§ã‚µã‚¤ã‚ºã®SSLレコードを使用ã—ã¾ã™ï¼ˆæœ€å¤§ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚µã‚¤ã‚ºã¯<wolfssl_root> /wolfssl/internal.h)。
+ ãã®ãŸã‚ã€wolfSSLã¯ã€ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’処ç†ãŠã‚ˆã³å¾©å·ã™ã‚‹ã“ã¨ãŒã§ãã‚‹å‰ã«ã€SSLレコード全体を内部的ã«èª­ã¿å–ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®ãŸã‚ã€wolfSSL_recv()ã¸ã®å‘¼ã³å‡ºã—ã¯ã€å‘¼ã³å‡ºã—時ã«å¾©å·ã•ã‚ŒãŸæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’è¿”ã™ã“ã¨ãŒã§ãã‚‹ã ã‘ã§ã™ã€‚
+ wolfSSL_recv()ã¸ã®æ¬¡ã®å‘¼ã³å‡ºã—ã§æ¤œç´¢ãŠã‚ˆã³å¾©å·ã•ã‚Œã‚‹å†…部wolfSSLå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã§å¾…æ©Ÿã—ã¦ã„ãªã„追加ã®å¾©å·åŒ–ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ãŒã‚ã‚‹ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。
+ 引数szãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡å†…ã®ãƒã‚¤ãƒˆæ•°ã‚ˆã‚Šã‚‚大ãã„å ´åˆã€wolfSSL_recv()ã¯å†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªãƒã‚¤ãƒˆã‚’è¿”ã—ã¾ã™ã€‚
+ ãƒã‚¤ãƒˆãŒå†…部読ã¿å–ã‚Šãƒãƒƒãƒ•ã‚¡ã«ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ãªã„å ´åˆã¯ã€wolfSSL_recv()ã¸ã®å‘¼ã³å‡ºã—ã¯æ¬¡ã®ãƒ¬ã‚³ãƒ¼ãƒ‰ã®å‡¦ç†ã‚’トリガーã—ã¾ã™ã€‚
+ \return æˆåŠŸæ™‚ã«ã¯èª­ã¿å–られãŸãƒã‚¤ãƒˆæ•°(1以上)ã‚’è¿”ã—ã¾ã™ã€‚
+ \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒªãƒ¼ãƒ³ï¼ˆé€šçŸ¥ã‚¢ãƒ©ãƒ¼ãƒˆã‚’é–‰ã˜ã‚‹ï¼‰ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³ã¾ãŸã¯ãƒ”ã‚¢ãŒæŽ¥ç¶šã‚’é–‰ã˜ãŸã ã‘ã§ã‚ã‚‹ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒç™ºç”Ÿã—ã€ã‚¢ãƒ—リケーションãŒå†ã³WOLFSSL_RECV()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param data wolfSSL_recv()ãŒãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
\param sz データを読ã¿è¾¼ã‚€ãŸã‚ã®ãƒã‚¤ãƒˆæ•°ã€‚
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1419,11 +1974,20 @@ int wolfSSL_send(WOLFSSL* ssl, const void* data, int sz, int flags);
int wolfSSL_recv(WOLFSSL* ssl, void* data, int sz, int flags);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯ã€ä»¥å‰ã®API関数呼ã³å‡ºã—(wolfssl_connectã€wolfssl_acceptã€wolfssl_readã€wolfssl_writeãªã©ï¼‰ãŒã‚¨ãƒ©ãƒ¼æˆ»ã‚Šã‚³ãƒ¼ãƒ‰ï¼ˆssl_failure)を呼ã³å‡ºã—ãŸç†ç”±ã‚’表ã™ä¸€æ„ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã—ã¾ã™ã€‚å‰ã®é–¢æ•°ã®æˆ»ã‚Šå€¤ã¯ã€RETを介ã—ã¦wolfssl_get_errorã«æ¸¡ã•ã‚Œã¾ã™ã€‚wolfssl_get_errorãŒå‘¼ã³å‡ºã•ã‚ŒãŸå¾Œã€ä¸€æ„ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã—ã¾ã™ã€wolfssl_err_error_string()を呼ã³å‡ºã—ã¦äººé–“ãŒèª­ã‚るエラー文字列をå–å¾—ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚詳細ã«ã¤ã„ã¦ã¯ã€wolfssl_err_error_string()をå‚ç…§ã—ã¦ãã ã•ã„。
- \return On 完了æˆåŠŸã€ã“ã®é–¢æ•°ã¯ã€å‰ã®API関数ãŒå¤±æ•—ã—ãŸç†ç”±ã‚’説明ã™ã‚‹å›ºæœ‰ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã—ã¾ã™ã€‚
- \return SSL_ERROR_NONE RET> 0ã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™.Ret <= 0ã®å ´åˆã€ä»¥å‰ã®APIãŒã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã™ãŒå®Ÿéš›ã«ç™ºç”Ÿã—ãªã‹ã£ãŸå ´åˆã«ã“ã®å€¤ã‚’è¿”ã™å ´åˆãŒã‚ã‚Šã¾ã™ã€‚例ã¯ã€ã‚¼ãƒ­SZパラメータを使用ã—ã¦wolfssl_read()を呼ã³å‡ºã™ã“ã¨ã§ã™ã€‚a 0 wolfssl_read()ã‹ã‚‰ã®æˆ»ã‚Šå€¤ã¯é€šå¸¸ã‚¨ãƒ©ãƒ¼ã‚’示ã—ã¾ã™ãŒã€ã“ã®å ´åˆã¯ã‚¨ãƒ©ãƒ¼ã¯ç™ºç”Ÿã—ã¾ã›ã‚“ã§ã—ãŸã€‚wolfssl_get_error()ãŒãã®å¾Œå‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€ssl_error_noneãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯ã€ç›´å‰ã®API関数呼ã³å‡ºã—(wolfssl_connectã€wolfssl_acceptã€wolfssl_readã€wolfssl_writeãªã©ï¼‰ãŒã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ï¼ˆSSL_FAILURE)を呼ã³å‡ºã—ãŸç†ç”±ã‚’表ã™ä¸€æ„ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã—ã¾ã™ã€‚
+ ç›´å‰ã®é–¢æ•°ã®æˆ»ã‚Šå€¤ã¯ã€retを介ã—ã¦wolfSSL_get_errorã«æ¸¡ã•ã‚Œã¾ã™ã€‚wolfSSL_get_errorã¯ä¸€æ„ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã—ã¾ã™ã€‚
+ wolfSSL_err_error_string()を呼ã³å‡ºã—ã¦äººé–“ãŒèª­ã‚るエラー文字列をå–å¾—ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ 詳細ã«ã¤ã„ã¦ã¯ã€wolfSSL_err_error_string()ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
+ \return 呼ã³å‡ºã—æˆåŠŸæ™‚ã€ã“ã®é–¢æ•°ã¯ã€ç›´å‰ã®é–¢æ•°ãŒå¤±æ•—ã—ãŸç†ç”±ã‚’説明ã™ã‚‹å›ºæœ‰ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã—ã¾ã™ã€‚
+ \return SSL_ERROR_NONE 引数retãŒ0より大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚retãŒ0以下ã®å ´åˆã€ç›´å‰ã®APIãŒã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’è¿”ã™ãŒå®Ÿéš›ã«ç™ºç”Ÿã—ãªã‹ã£ãŸå ´åˆã«ã“ã®å€¤ã‚’è¿”ã™å ´åˆãŒã‚ã‚Šã¾ã™ã€‚
+ 例ã¨ã—ã¦ã¯ã€å¼•æ•°szã«0を渡ã—ã¦wolfSSL_read()を呼ã³å‡ºã™å ´åˆã«ç™ºç”Ÿã—ã¾ã™ã€‚
+ wolfssl_read()ãŒ0を戻ã—ãŸå ´åˆã¯é€šå¸¸ã‚¨ãƒ©ãƒ¼ã‚’示ã—ã¾ã™ãŒã€ã“ã®å ´åˆã¯ã‚¨ãƒ©ãƒ¼ã¯ç™ºç”Ÿã—ã¦ã„ã¾ã›ã‚“。
+ 従ã£ã¦ã€wolfSSL_get_error()ãŒãã®å¾Œå‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€ssl_error_noneãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int err = 0;
@@ -1442,10 +2006,12 @@ int wolfSSL_recv(WOLFSSL* ssl, void* data, int sz, int flags);
int wolfSSL_get_error(WOLFSSL* ssl, int ret);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã‚¢ãƒ©ãƒ¼ãƒˆå±¥æ­´ã‚’å–å¾—ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Œäº†ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚警告履歴ãŒã‚ã£ãŸã‹ã€ã¾ãŸã¯ã„ãšã‚Œã«ã‚‚ã€æˆ»ã‚Šå€¤ã¯SSL_SUCCESSã§ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param h WOLFSSL構造体ã®"alert_history member" ã®å€¤ãŒæ ¼ç´ã•ã‚Œã‚‹ã€WOLFSSL_ALERT_HISTORY構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(protocol method);
@@ -1460,12 +2026,20 @@ int wolfSSL_get_error(WOLFSSL* ssl, int ret);
int wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€SSLオブジェクトSSLãŒSSL / TLS接続を確立ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’設定ã—ã¾ã™ã€‚セッションã®å†é–‹ã®å ´åˆã€wolfssl_shutdown()をセッションオブジェクトã«å‘¼ã³å‡ºã™å‰ã«ã€ã‚¢ãƒ—リケーションã¯ã‚ªãƒ–ジェクトã‹ã‚‰wolfssl_get1_session()を呼ã³å‡ºã—ã¦ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚後ã§ã€ã‚¢ãƒ—リケーションã¯æ–°ã—ã„WolfSSLオブジェクトを作æˆã—ã€ä¿å­˜ã—ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’wolfssl_set_session()ã«å‰²ã‚Šå½“ã¦ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®æ™‚点ã§ã€ã‚¢ãƒ—リケーションã¯wolfssl_connect()を呼ã³å‡ºã—ã€WolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å†é–‹ã—よã†ã¨ã—ã¾ã™ã€‚WolfSSLサーãƒãƒ¼ã‚³ãƒ¼ãƒ‰ã§ã¯ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®å†é–‹ã‚’許å¯ã—ã¾ã™ã€‚wolfssl_get1_session()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚ªãƒ–ジェクトã¯ã€ã‚¢ãƒ—リケーションãŒãれを使用ã—ã¦ãれを使用ã—ã¦è§£æ”¾ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€SSLオブジェクトSSLãŒSSL/TLS接続を確立ã™ã‚‹ç›®çš„ã§ä½¿ç”¨ã™ã‚‹ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’設定ã—ã¾ã™ã€‚
+ セッションå†é–‹ã‚’è¡Œã†å ´åˆã€wolfSSL_shutdown()を呼ã³å‡ºã™å‰ã«wolfSSL_get1_session()を呼ã³å‡ºã—ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚ªãƒ–ジェクトをå–å¾—ã—ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³IDã‚’ä¿å­˜ã—ã¦ãŠãå¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ 後ã§ã€ã‚¢ãƒ—リケーションã¯æ–°ã—ã„WOLFSSLオブジェクトを作æˆã—ã€ä¿å­˜ã—ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’wolfSSL_set_session()ã«æ¸¡ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ãã®å¾Œã‚¢ãƒ—リケーションã¯wolfSSL_connect()を呼ã³å‡ºã—ã€wolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³å†é–‹ã‚’試ã¿ã¾ã™ã€‚
+ wolfSSLサーãƒãƒ¼ã‚³ãƒ¼ãƒ‰ã§ã¯ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚»ãƒƒã‚·ãƒ§ãƒ³å†é–‹ã‚’許å¯ã—ã¾ã™ã€‚
+ wolfSSL_get1_session()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚ªãƒ–ジェクトã¯ã€ã‚¢ãƒ—リケーションãŒä½¿ç”¨å¾Œã«è§£æ”¾ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+
\return SSL_SUCCESS セッションを正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã‚‹ã€ã¾ãŸã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã—ãŸå ´åˆã«ã‚ˆã£ã¦ç™ºç”Ÿã™ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
- \return When OpenSSL_EXTRAã¨WOLFSSL_ERROR_CODE_OPENSSLãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹ãŸã‚ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã—ã¦ã„ã¦ã‚‚SSL_SUCCESSãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return OPENSSL_EXTRAã¨WOLFSSL_ERROR_CODE_OPENSSLãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã—ã¦ã„ã¦ã‚‚SSL_SUCCESSãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param session WOLFSSL_SESSION構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret;
@@ -1489,10 +2063,19 @@ int wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h);
int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
/*!
- \ingroup IO
- \brief NO_SESSION_CACHE_REFãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯SSLã§ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ç¾åœ¨ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ï¼ˆWolfSSL_SESSION)ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_sessionオブジェクトã¸ã®æ°¸ç¶šçš„ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚è¿”ã•ã‚Œã‚‹ãƒã‚¤ãƒ³ã‚¿ã¯ã€wolfssl_freeãŒå‘¼ã³å‡ºã•ã‚ŒãŸã¨ãã«è§£æ”¾ã•ã‚Œã¾ã™ã€‚ã“ã®å‘¼ã³å‡ºã—ã¯ã€ç¾åœ¨ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’検査ã¾ãŸã¯å¤‰æ›´ã™ã‚‹ãŸã‚ã«ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚セッションã®å†é–‹ã®å ´åˆã¯ã€wolfssl_get1_session()を使用ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚NO_SESSION_CACHE_REFãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„å ´åˆã®å¾Œæ–¹äº’æ›æ€§ã®ãŸã‚ã«ã€ã“ã®é–¢æ•°ã¯ãƒ­ãƒ¼ã‚«ãƒ«ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã«æ ¼ç´ã•ã‚Œã¦ã„る永続セッションオブジェクトãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚キャッシュサイズã¯æœ‰é™ã§ã‚ã‚Šã€ã‚¢ãƒ—リケーションãŒwolfssl_set_session()を呼ã³å‡ºã™æ™‚ã¾ã§ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚ªãƒ–ジェクトãŒåˆ¥ã®SSL接続ã«ã‚ˆã£ã¦ä¸Šæ›¸ãã•ã‚Œã‚‹å±é™ºæ€§ãŒã‚ã‚Šã¾ã™ã€‚アプリケーションã«NO_SESSION_CACHE_REFを定義ã—ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³å†é–‹ã«wolfssl_get1_session()を使用ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒç¾åœ¨ã®SSLセッションオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return NULL SSLãŒNULLã®å ´åˆã€SSLセッションキャッシュãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã€WolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³IDを使用ã§ããªã„ã€ã¾ãŸã¯ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹é–¢æ•°ãŒå¤±æ•—ã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief NO_SESSION_CACHE_REFãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯SSLã§ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ç¾åœ¨ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ï¼ˆWOLFSSL_SESSION)ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€WOLFSSL_SESSIONオブジェクトã¸ã®æ°¸ç¶šçš„ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ è¿”ã•ã‚Œã‚‹ãƒã‚¤ãƒ³ã‚¿ã¯ã€wolfSSL_freeãŒå‘¼ã³å‡ºã•ã‚ŒãŸã¨ãã«è§£æ”¾ã•ã‚Œã¾ã™ã€‚
+ ã“ã®å‘¼ã³å‡ºã—ã¯ã€ç¾åœ¨ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’検査ã¾ãŸã¯å¤‰æ›´ã™ã‚‹ãŸã‚ã«ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ セッションå†é–‹ã«ä½¿ç”¨ã™ã‚‹å ´åˆã¯ã€wolfSSL_get1_session()を使用ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
+ NO_SESSION_CACHE_REFãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„å ´åˆã®å¾Œæ–¹äº’æ›æ€§ã®ãŸã‚ã«ã€ã“ã®é–¢æ•°ã¯ãƒ­ãƒ¼ã‚«ãƒ«ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã«æ ¼ç´ã•ã‚Œã¦ã„る永続セッションオブジェクトãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ キャッシュサイズã¯æœ‰é™ã§ã‚ã‚Šã€ã‚¢ãƒ—リケーションãŒwolfSSL_set_session()を呼ã³å‡ºã™æ™‚ã¾ã§ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚ªãƒ–ジェクトãŒåˆ¥ã®SSL接続ã«ã‚ˆã£ã¦ä¸Šæ›¸ãã•ã‚Œã‚‹å±é™ºæ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ アプリケーションã«NO_SESSION_CACHE_REFを定義ã—ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³å†é–‹ã«wolfSSL_get1_session()を使用ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
+
+ \return ç¾åœ¨ã®SSLセッションオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL sslãŒNULLã®å ´åˆã€SSLセッションキャッシュãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã€wolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³IDを使用ã§ããªã„ã€ã¾ãŸã¯ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹é–¢æ•°ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -1510,10 +2093,17 @@ int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
/*!
- \ingroup IO
- \brief ã“ã®æ©Ÿèƒ½ã¯ã€æœŸé™åˆ‡ã‚Œã«ãªã£ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’フラッシュã—ã¾ã™ã€‚時間比較ã«ã¯TMãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚WolfSSLã¯ç¾åœ¨ã‚»ãƒƒã‚·ãƒ§ãƒ³ã«é™çš„テーブルを使用ã—ã¦ã„ã‚‹ãŸã‚ã€ãƒ•ãƒ©ãƒƒã‚·ãƒ³ã‚°ã¯ä¸è¦ã§ã™ã€‚ãã®ãŸã‚ã€ã“ã®æ©Ÿèƒ½ã¯ç¾åœ¨ã‚µãƒ–ã ã‘ã§ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfsslãŒOpenSSL互æ›å±¤ã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹ã¨ãã®OpenSSL互æ›æ€§ï¼ˆssl_flush_sessions)をæä¾›ã—ã¾ã™ã€‚
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup IO
+ \brief ã“ã®æ©Ÿèƒ½ã¯ã€æœŸé™åˆ‡ã‚Œã«ãªã£ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‹ã‚‰ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’フラッシュã—ã¾ã™ã€‚
+ 時間比較ã«ã¯å¼•æ•°tmãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ wolfSSLã¯ç¾åœ¨ã‚»ãƒƒã‚·ãƒ§ãƒ³ã«é™çš„テーブルを使用ã—ã¦ã„ã‚‹ãŸã‚ã€ãƒ•ãƒ©ãƒƒã‚·ãƒ³ã‚°ã¯ä¸è¦ã§ã™ã€‚
+ ãã®ãŸã‚ã€ã“ã®æ©Ÿèƒ½ã¯ç¾åœ¨ã‚¹ã‚¿ãƒ–ã¨ã—ã¦å­˜åœ¨ã—ã¦ã„ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€wolfsslãŒOpenSSL互æ›å±¤ã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ã‚‹ã¨ãã®OpenSSL互æ›æ€§ï¼ˆssl_flush_sessions)をæä¾›ã—ã¾ã™ã€‚
+
+ \return ãªã—
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param tm セッションã®æœ‰åŠ¹æœŸé™ã®æ¯”較ã§ä½¿ç”¨ã•ã‚Œã‚‹æ™‚é–“
+
_Example_
\code
WOLFSSL_CTX* ssl;
@@ -1526,13 +2116,16 @@ WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm);
/*!
- \ingroup TLS
- \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’サーãƒãƒ¼IDã¨é–¢é€£ä»˜ã‘ã¾ã™ã€‚NewsessionフラグãŒã‚ªãƒ³ã®å ´åˆã€æ—¢å­˜ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¯å†åˆ©ç”¨ã•ã‚Œã¾ã›ã‚“。
+ \ingroup TLS
+ \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’サーãƒãƒ¼IDã¨é–¢é€£ä»˜ã‘ã¾ã™ã€‚引数newSessionãŒã‚ªãƒ³ã®å ´åˆã€æ—¢å­˜ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¯å†åˆ©ç”¨ã•ã‚Œã¾ã›ã‚“。
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl structã¾ãŸã¯idパラメータãŒnullã®å ´åˆã€ã¾ãŸã¯LenãŒã‚¼ãƒ­ä»¥ä¸‹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param id wolfssl_session構造体ã®ServerIDメンãƒãƒ¼ã«ã‚³ãƒ”ーã•ã‚Œã‚‹å®šæ•°ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
- \param len セッションIDパラメータã®é•·ã•ã‚’表ã™int型。
+ \return BAD_FUNC_ARG 引数sslã¾ãŸã¯å¼•æ•°idãŒNULLã®å ´åˆã€ã¾ãŸã¯å¼•æ•°lenãŒã‚¼ãƒ­ä»¥ä¸‹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param id WOLFSSL_SESSION構造体ã®ServerIDメンãƒãƒ¼ã«ã‚³ãƒ”ーã•ã‚Œã‚‹ã‚µãƒ¼ãƒãƒ¼IDデータã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param len サーãƒãƒ¼IDデータã®ã‚µã‚¤ã‚º
+ \param newSession セッションをå†åˆ©ç”¨ã™ã‚‹ã‹å¦ã‹ã‚’指定ã™ã‚‹ãƒ•ãƒ©ã‚°ã€‚オンã®å ´åˆã€æ—¢å­˜ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¯å†åˆ©ç”¨ã•ã‚Œã¾ã›ã‚“。
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol );
@@ -1553,9 +2146,11 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char* id,
int len, int newSession);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€WolfSSL構造体ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã‚’å–å¾—ã—ã¾ã™ã€‚
- \return int ã“ã®é–¢æ•°ã¯ã€wolfssl構造体内ã®SessionIndexを表ã™intåž‹ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL構造体ã®æŒ‡å®šã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹å€¤ã‚’å–å¾—ã—ã¾ã™ã€‚
+ \return ã“ã®é–¢æ•°ã¯ã€WOLFSSL構造体内ã®SessionIndexを表ã™intåž‹ã®å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX_new( protocol method );
@@ -1572,12 +2167,15 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char* id,
int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã®æŒ‡å®šã•ã‚ŒãŸã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å–å¾—ã—ã€ãれをメモリã«ã‚³ãƒ”ーã—ã¾ã™ã€‚wolfssl_session構造体ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³æƒ…報をä¿æŒã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã®æŒ‡å®šã•ã‚ŒãŸã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å–å¾—ã—ã€ãれをメモリã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
+ WOLFSSL_SESSION構造体ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³æƒ…報をä¿æŒã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚Œã€ã‚¨ãƒ©ãƒ¼ãŒã‚¹ãƒ­ãƒ¼ã•ã‚Œãªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_MUTEX_E アンロックã¾ãŸã¯ãƒ­ãƒƒã‚¯ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E アンロックã¾ãŸã¯ãƒ­ãƒƒã‚¯ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚Œãªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param idx セッションインデックスを表ã™int型。
+ \param idx セッションインデックス値
+ \param session WOLFSSL_SESSION構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int idx; // The index to locate the session.
@@ -1594,9 +2192,10 @@ int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
/*!
- \ingroup IO
- \brief wolfssl_session構造体ã‹ã‚‰ãƒ”ア証明書ãƒã‚§ãƒ¼ãƒ³ã‚’è¿”ã—ã¾ã™ã€‚
- \return pointer ピアèªè¨¼ãƒã‚§ãƒ¼ãƒ³ã‚’å«ã‚€WOLFSSL_X509_CHAIN構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup IO
+ \brief WOLFSSL_SESSION構造体ã‹ã‚‰ãƒ”ア証明書ãƒã‚§ãƒ¼ãƒ³ã‚’è¿”ã—ã¾ã™ã€‚
+ \param session WOLFSSL_SESSION構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_SESSION* session;
@@ -1615,11 +2214,31 @@ int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ãƒªãƒ¢ãƒ¼ãƒˆãƒ”ã‚¢ã®æ¤œè¨¼æ–¹æ³•ã‚’設定ã—ã€ã¾ãŸSSLコンテキストã«ç™»éŒ²ã•ã‚Œã‚‹ã“ã¨ã‚’確èªã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚検証コールãƒãƒƒã‚¯ã¯ã€æ¤œè¨¼éšœå®³ãŒç™ºç”Ÿã—ãŸå ´åˆã«ã®ã¿å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚検証コールãƒãƒƒã‚¯ãŒå¿…è¦ãªå ´åˆã¯ã€NULLãƒã‚¤ãƒ³ã‚¿ã‚’verify_callbackã«ä½¿ç”¨ã§ãã¾ã™ã€‚ピア証明書ã®æ¤œè¨¼ãƒ¢ãƒ¼ãƒ‰ã¯ã€è«–ç†çš„ã¾ãŸã¯ãƒ•ãƒ©ã‚°ã®ãƒªã‚¹ãƒˆã§ã™ã€‚å¯èƒ½ãªãƒ•ãƒ©ã‚°å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.SSL_VERIFY_NONEクライアントモード:クライアントã¯ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã›ãšã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã¯é€šå¸¸ã©ãŠã‚Šç¶šãã¾ã™ã€‚サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«è¨¼æ˜Žæ›¸è¦æ±‚ã‚’é€ä¿¡ã—ã¾ã›ã‚“。ãã®ãŸã‚ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæ¤œè¨¼ã¯æœ‰åŠ¹ã«ãªã‚Šã¾ã›ã‚“。 ssl_verify_peerクライアントモード:クライアントã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã—ã¾ã™ã€‚ã“ã‚Œã¯wolfsslã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚ªãƒ³ã«ã•ã‚Œã¾ã™ã€‚ã—ãŸãŒã£ã¦ã€ã“ã®ã‚ªãƒ—ションを使用ã™ã‚‹ã¨åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯è¨¼æ˜Žæ›¸è¦æ±‚をクライアントã«é€ä¿¡ã—ã€å—ä¿¡ã—ãŸã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚’確èªã—ã¾ã™ã€‚ ssl_verify_fail_if_no_peer_certクライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šè¦æ±‚ã•ã‚ŒãŸã¨ãã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒè¨¼æ˜Žæ›¸ã®é€ä¿¡ã«å¤±æ•—ã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼å´ã§æ¤œè¨¼ãŒå¤±æ•—ã—ã¾ã™ï¼ˆSSLサーãƒãƒ¼ã®SSL_VERIFY_PEERを使用ã™ã‚‹å ´åˆï¼‰ã€‚ ssl_verify_fail_except_pskクライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šPSK接続ã®å ´åˆã‚’除ãã€æ¤œè¨¼ã¯ssl_verify_fail_if_no_peer_certã¨åŒã˜ã§ã™ã€‚ PSK接続ãŒè¡Œã‚ã‚Œã¦ã„ã‚‹å ´åˆã€æŽ¥ç¶šã¯ãƒ”ア証明書ãªã—ã§é€šéŽã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param mode セッションタイムアウト値(秒)
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ãƒªãƒ¢ãƒ¼ãƒˆãƒ”ã‚¢ã®æ¤œè¨¼æ–¹æ³•ã‚’設定ã—ã€ã¾ãŸè¨¼æ˜Žæ›¸æ¤œè¨¼ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’SSLコンテキストã«ç™»éŒ²ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚
+ 検証コールãƒãƒƒã‚¯ã¯ã€æ¤œè¨¼éšœå®³ãŒç™ºç”Ÿã—ãŸå ´åˆã«ã®ã¿å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
+ 検証コールãƒãƒƒã‚¯ãŒå¿…è¦ãªå ´åˆã¯ã€NULLãƒã‚¤ãƒ³ã‚¿ã‚’verify_callbackã«ä½¿ç”¨ã§ãã¾ã™ã€‚
+ ピア証明書ã®æ¤œè¨¼ãƒ¢ãƒ¼ãƒ‰ã¯ã€è«–ç†çš„ã¾ãŸã¯ãƒ•ãƒ©ã‚°ã®ãƒªã‚¹ãƒˆã§ã™ã€‚
+ å¯èƒ½ãªãƒ•ãƒ©ã‚°å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™:<br>
+ SSL_VERIFY_NONE<br>
+ -クライアントモード:クライアントã¯ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã›ãšã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã¯é€šå¸¸ã©ãŠã‚Šç¶šãã¾ã™ã€‚<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«è¨¼æ˜Žæ›¸è¦æ±‚ã‚’é€ä¿¡ã—ã¾ã›ã‚“。ãã®ãŸã‚ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæ¤œè¨¼ã¯æœ‰åŠ¹ã«ãªã‚Šã¾ã›ã‚“。<br>
+ SSL_VERIFY_PEER<br>
+ -クライアントモード:クライアントã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã—ã¾ã™ã€‚ã“ã‚Œã¯wolfSSLã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚ªãƒ³ã«ã•ã‚Œã¾ã™ã€‚ã—ãŸãŒã£ã¦ã€ã“ã®ã‚ªãƒ—ションを使用ã™ã‚‹ã¨åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯è¨¼æ˜Žæ›¸è¦æ±‚をクライアントã«é€ä¿¡ã—ã€å—ä¿¡ã—ãŸã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚’確èªã—ã¾ã™ã€‚<br>
+ SSL_VERIFY_FAIL_IF_NO_PEER_CERT<br>
+ -クライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šè¦æ±‚ã•ã‚ŒãŸã¨ãã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒè¨¼æ˜Žæ›¸ã®é€ä¿¡ã«å¤±æ•—ã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼å´ã§æ¤œè¨¼ãŒå¤±æ•—ã—ã¾ã™ï¼ˆSSLサーãƒãƒ¼ã®SSL_VERIFY_PEERを使用ã™ã‚‹å ´åˆï¼‰ã€‚<br>
+ SSL_VERIFY_FAIL_EXCEPT_PSK<br>
+ -クライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šPSK接続ã®å ´åˆã‚’除ãã€æ¤œè¨¼ã¯SSL_VERIFY_FAIL_IF_NO_PEER_CERTã¨åŒã˜ã§ã™ã€‚ PSK接続ãŒè¡Œã‚ã‚Œã¦ã„ã‚‹å ´åˆã€æŽ¥ç¶šã¯ãƒ”ア証明書ãªã—ã§é€šéŽã—ã¾ã™ã€‚<br>
+
+ \return ãªã—
+
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mode ピアã®è¨¼æ˜Žæ›¸ã‚’ã©ã®ã‚ˆã†ã«æ¤œè¨¼ã™ã‚‹ã‹ã‚’示ã™ãƒ•ãƒ©ã‚°å€¤
+ \param verify_callback 証明書検証ãŒå¤±æ•—ã—ãŸéš›ã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã€‚å¿…è¦ãŒãªã„ãªã‚‰NULLを指定ã™ã‚‹ã“ã¨ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -1633,11 +2252,31 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
VerifyCallback verify_callback);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ãƒªãƒ¢ãƒ¼ãƒˆãƒ”ã‚¢ã®æ¤œè¨¼æ–¹æ³•ã‚’設定ã—ã€ã¾ãŸSSLセッションã«ç™»éŒ²ã™ã‚‹ã®ã‚’登録ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚検証コールãƒãƒƒã‚¯ã¯ã€æ¤œè¨¼éšœå®³ãŒç™ºç”Ÿã—ãŸå ´åˆã«ã®ã¿å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚検証コールãƒãƒƒã‚¯ãŒå¿…è¦ãªå ´åˆã¯ã€NULLãƒã‚¤ãƒ³ã‚¿ã‚’verify_callbackã«ä½¿ç”¨ã§ãã¾ã™ã€‚ピア証明書ã®æ¤œè¨¼ãƒ¢ãƒ¼ãƒ‰ã¯ã€è«–ç†çš„ã¾ãŸã¯ãƒ•ãƒ©ã‚°ã®ãƒªã‚¹ãƒˆã§ã™ã€‚å¯èƒ½ãªãƒ•ãƒ©ã‚°å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.SSL_VERIFY_NONEクライアントモード:クライアントã¯ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã›ãšã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã¯é€šå¸¸ã©ãŠã‚Šç¶šãã¾ã™ã€‚サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«è¨¼æ˜Žæ›¸è¦æ±‚ã‚’é€ä¿¡ã—ã¾ã›ã‚“。ãã®ãŸã‚ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæ¤œè¨¼ã¯æœ‰åŠ¹ã«ãªã‚Šã¾ã›ã‚“。 ssl_verify_peerクライアントモード:クライアントã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã—ã¾ã™ã€‚ã“ã‚Œã¯wolfsslã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚ªãƒ³ã«ã•ã‚Œã¾ã™ã€‚ã—ãŸãŒã£ã¦ã€ã“ã®ã‚ªãƒ—ションを使用ã™ã‚‹ã¨åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯è¨¼æ˜Žæ›¸è¦æ±‚をクライアントã«é€ä¿¡ã—ã€å—ä¿¡ã—ãŸã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚’確èªã—ã¾ã™ã€‚ ssl_verify_fail_if_no_peer_certクライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šè¦æ±‚ã•ã‚ŒãŸã¨ãã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒè¨¼æ˜Žæ›¸ã®é€ä¿¡ã«å¤±æ•—ã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼å´ã§æ¤œè¨¼ãŒå¤±æ•—ã—ã¾ã™ï¼ˆSSLサーãƒãƒ¼ã®SSL_VERIFY_PEERを使用ã™ã‚‹å ´åˆï¼‰ã€‚ ssl_verify_fail_except_pskクライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šPSK接続ã®å ´åˆã‚’除ãã€æ¤œè¨¼ã¯ssl_verify_fail_if_no_peer_certã¨åŒã˜ã§ã™ã€‚ PSK接続ãŒè¡Œã‚ã‚Œã¦ã„ã‚‹å ´åˆã€æŽ¥ç¶šã¯ãƒ”ア証明書ãªã—ã§é€šéŽã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param mode セッションタイムアウト値(秒å˜ä½ï¼‰ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ãƒªãƒ¢ãƒ¼ãƒˆãƒ”ã‚¢ã®æ¤œè¨¼æ–¹æ³•ã‚’設定ã—ã€ã¾ãŸè¨¼æ˜Žæ›¸æ¤œè¨¼ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’WOLFSSLオブジェクトã«ç™»éŒ²ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚
+ 検証コールãƒãƒƒã‚¯ã¯ã€æ¤œè¨¼éšœå®³ãŒç™ºç”Ÿã—ãŸå ´åˆã«ã®ã¿å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
+ 検証コールãƒãƒƒã‚¯ãŒå¿…è¦ãªå ´åˆã¯ã€NULLãƒã‚¤ãƒ³ã‚¿ã‚’verify_callbackã«ä½¿ç”¨ã§ãã¾ã™ã€‚
+ ピア証明書ã®æ¤œè¨¼ãƒ¢ãƒ¼ãƒ‰ã¯ã€è«–ç†çš„ã¾ãŸã¯ãƒ•ãƒ©ã‚°ã®ãƒªã‚¹ãƒˆã§ã™ã€‚
+ å¯èƒ½ãªãƒ•ãƒ©ã‚°å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™:<br>
+ SSL_VERIFY_NONE<br>
+ -クライアントモード:クライアントã¯ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã›ãšã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã¯é€šå¸¸ã©ãŠã‚Šç¶šãã¾ã™ã€‚<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«è¨¼æ˜Žæ›¸è¦æ±‚ã‚’é€ä¿¡ã—ã¾ã›ã‚“。ãã®ãŸã‚ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæ¤œè¨¼ã¯æœ‰åŠ¹ã«ãªã‚Šã¾ã›ã‚“。<br>
+ SSL_VERIFY_PEER<br>
+ -クライアントモード:クライアントã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰å—ä¿¡ã—ãŸè¨¼æ˜Žæ›¸ã‚’検証ã—ã¾ã™ã€‚ã“ã‚Œã¯wolfSSLã§ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚ªãƒ³ã«ã•ã‚Œã¾ã™ã€‚ã—ãŸãŒã£ã¦ã€ã“ã®ã‚ªãƒ—ションを使用ã™ã‚‹ã¨åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šã‚µãƒ¼ãƒãƒ¼ã¯è¨¼æ˜Žæ›¸è¦æ±‚をクライアントã«é€ä¿¡ã—ã€å—ä¿¡ã—ãŸã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚’確èªã—ã¾ã™ã€‚<br>
+ SSL_VERIFY_FAIL_IF_NO_PEER_CERT<br>
+ -クライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šè¦æ±‚ã•ã‚ŒãŸã¨ãã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒè¨¼æ˜Žæ›¸ã®é€ä¿¡ã«å¤±æ•—ã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼å´ã§æ¤œè¨¼ãŒå¤±æ•—ã—ã¾ã™ï¼ˆSSLサーãƒãƒ¼ã®SSL_VERIFY_PEERを使用ã™ã‚‹å ´åˆï¼‰ã€‚<br>
+ SSL_VERIFY_FAIL_EXCEPT_PSK<br>
+ -クライアントモード:クライアントå´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ãªã„å ´åˆã¯åŠ¹æžœãŒã‚ã‚Šã¾ã›ã‚“。<br>
+ -サーãƒãƒ¼ãƒ¢ãƒ¼ãƒ‰ï¼šPSK接続ã®å ´åˆã‚’除ãã€æ¤œè¨¼ã¯SSL_VERIFY_FAIL_IF_NO_PEER_CERTã¨åŒã˜ã§ã™ã€‚ PSK接続ãŒè¡Œã‚ã‚Œã¦ã„ã‚‹å ´åˆã€æŽ¥ç¶šã¯ãƒ”ア証明書ãªã—ã§é€šéŽã—ã¾ã™ã€‚<br>
+
+ \return ãªã—
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param mode ピアã®è¨¼æ˜Žæ›¸ã‚’ã©ã®ã‚ˆã†ã«æ¤œè¨¼ã™ã‚‹ã‹ã‚’示ã™ãƒ•ãƒ©ã‚°å€¤
+ \param verify_callback 証明書検証ãŒå¤±æ•—ã—ãŸéš›ã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã€‚å¿…è¦ãŒãªã„ãªã‚‰NULLを指定ã™ã‚‹ã“ã¨ã€‚
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -1649,10 +2288,13 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback verify_callback);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€æ¤œè¨¼ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã®ãŸã‚ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼CTXオブジェクト情報を格ç´ã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return ãªã—
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx ボイドãƒã‚¤ãƒ³ã‚¿ã€‚WOLFSSL構造体ã®verifyCbCtx メンãƒãƒ¼ã«ã‚»ãƒƒãƒˆã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -1672,10 +2314,12 @@ void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback verify_callback);
void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€æ¤œè¨¼ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã®ãŸã‚ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼CTXオブジェクト情報を格ç´ã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
- \param ctx wolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return ãªã—
+ \param ctx WOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx ボイドãƒã‚¤ãƒ³ã‚¿ã€‚WOLFSSL_CTX構造体ã®verifyCbCtx メンãƒãƒ¼ã«ã‚»ãƒƒãƒˆã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -1694,9 +2338,11 @@ void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx);
void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_read()ã«ã‚ˆã£ã¦èª­ã¿å–られるSSLオブジェクトã§ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ã‚‹ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
- \return int ã“ã®é–¢æ•°ã¯ã€ä¿ç•™ä¸­ã®ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSL_read()ã«ã‚ˆã£ã¦èª­ã¿å–られるWOLFSSLオブジェクトã§ãƒãƒƒãƒ•ã‚¡ã•ã‚Œã¦ã„ã‚‹ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
+ \return ã“ã®é–¢æ•°ã¯ã€ä¿ç•™ä¸­ã®ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int pending = 0;
@@ -1713,9 +2359,11 @@ void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx);
int wolfSSL_pending(WOLFSSL*);
/*!
- \ingroup Debug
- \brief ã“ã®æ©Ÿèƒ½ã¯OpenSSL互æ›æ€§ï¼ˆSSL_LOAD_ERROR_STRING)ã®ã¿ã§ã‚ã‚Šã€ã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã‚’å–ã‚Šã¾ã™ã€‚
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \ingroup Debug
+ \brief ã“ã®æ©Ÿèƒ½ã¯OpenSSL API(SSL_load_error_string)ã¨ã®äº’æ›æ€§ã®ç›®çš„ã¿ã§æä¾›ã—ã¦ã‚り処ç†ã¯è¡Œã„ã¾ã›ã‚“。
+ \return ãªã—
+ \param ãªã—
+
_Example_
\code
wolfSSL_load_error_strings();
@@ -1729,10 +2377,14 @@ int wolfSSL_pending(WOLFSSL*);
void wolfSSL_load_error_strings(void);
/*!
- \ingroup TLS
- \brief ã“ã®é–¢æ•°ã¯wolfssl_ctx_new()内ã§å†…部的ã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯wolfssl_init()ã®å‘¨å›²ã®ãƒ©ãƒƒãƒ‘ーã§ã€wolfsslãŒOpenSSL互æ›å±¤ã§ã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã«OpenSSL互æ›æ€§ï¼ˆssl_library_init)ã«å­˜åœ¨ã—ã¾ã™ã€‚wolfssl_init()ã¯ã€ã‚ˆã‚Šä¸€èˆ¬çš„ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹WolfSSLåˆæœŸåŒ–機能ã§ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
+ \ingroup TLS
+ \brief ã“ã®é–¢æ•°ã¯wolfSSL_CTX_new()内ã§å†…部的ã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯wolfSSL_Init()ã®ãƒ©ãƒƒãƒ‘ーã§ã€wolfSSLãŒOpenSSL互æ›å±¤ã§ã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã®OpenSSL API(ssl_library_init)ã¨ã®äº’æ›æ€§ã®ç‚ºã«å­˜åœ¨ã—ã¾ã™ã€‚
+ wolfSSL_init()ã¯ã€ã‚ˆã‚Šä¸€èˆ¬çš„ã«ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹wolfSSLåˆæœŸåŒ–機能ã§ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FATAL_ERROR 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -1748,10 +2400,12 @@ void wolfSSL_load_error_strings(void);
int wolfSSL_library_init(void);
/*!
- \brief
- \return WOLFSSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆ
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSLオブジェクトレベルã§Device Idをセットã—ã¾ã™ã€‚
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param devId ãƒãƒ¼ãƒ‰ã‚¦ã‚¨ã‚¢ã¨å…±ã«ä½¿ç”¨ã™ã‚‹éš›ã«æŒ‡å®šã™ã‚‹ID
+
_Example_
\code
WOLFSSL* ssl;
@@ -1766,10 +2420,14 @@ int wolfSSL_library_init(void);
int wolfSSL_SetDevId(WOLFSSL* ssl, int devId);
/*!
- \brief
- \return WOLFSSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆ
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSL_CTXレベルã§Device Idをセットã—ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param devId ãƒãƒ¼ãƒ‰ã‚¦ã‚¨ã‚¢ã¨å…±ã«ä½¿ç”¨ã™ã‚‹éš›ã«æŒ‡å®šã™ã‚‹ID
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -1784,10 +2442,12 @@ int wolfSSL_SetDevId(WOLFSSL* ssl, int devId);
int wolfSSL_CTX_SetDevId(WOLFSSL_CTX* ctx, int devId);
/*!
- \brief
- \return devId æˆåŠŸã™ã‚‹ã¨ã€‚
- \return INVALID_DEVID SSLã¨CTXã®ä¸¡æ–¹ãŒNULLã®å ´åˆã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSL_CTXレベルã§Device Idã‚’å–å¾—ã—ã¾ã™ã€‚
+ \return devId æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return INVALID_DEVID SSLã¨CTXã®ä¸¡æ–¹ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -1801,10 +2461,17 @@ int wolfSSL_CTX_SetDevId(WOLFSSL_CTX* ctx, int devId);
int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯SSLセッションキャッシュを有効ã¾ãŸã¯ç„¡åŠ¹ã«ã—ã¾ã™ã€‚動作ã¯ãƒ¢ãƒ¼ãƒ‰ã«ä½¿ç”¨ã•ã‚Œã‚‹å€¤ã«ã‚ˆã£ã¦ç•°ãªã‚Šã¾ã™ã€‚モードã®å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™.SSL_SESS_CACHE_OFF - セッションキャッシングを無効ã«ã—ã¾ã™ã€‚デフォルトã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ³ã‚°ãŒã‚ªãƒ³ã«ãªã£ã¦ã„ã¾ã™ã€‚SSL_SESS_CACHE_NO_AUTO_CLEAR - セッションキャッシュã®ã‚ªãƒ¼ãƒˆãƒ•ãƒ©ãƒƒã‚·ãƒ¥ã‚’無効ã«ã—ã¾ã™ã€‚デフォルトã§è‡ªå‹•ãƒ•ãƒ©ãƒƒã‚·ãƒ³ã‚°ã¯ã‚ªãƒ³ã«ãªã£ã¦ã„ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯SSLセッションキャッシュ機能を有効ã¾ãŸã¯ç„¡åŠ¹ã«ã—ã¾ã™ã€‚
+ 動作ã¯ãƒ¢ãƒ¼ãƒ‰ã«ä½¿ç”¨ã•ã‚Œã‚‹å€¤ã«ã‚ˆã£ã¦ç•°ãªã‚Šã¾ã™ã€‚
+ モードã®å€¤ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ï¼š
+ SSL_SESS_CACHE_OFF - セッションキャッシングを無効ã«ã—ã¾ã™ã€‚デフォルトã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ³ã‚°ãŒã‚ªãƒ³ã«ãªã£ã¦ã„ã¾ã™ã€‚
+ SSL_SESS_CACHE_NO_AUTO_CLEAR - セッションキャッシュã®ã‚ªãƒ¼ãƒˆãƒ•ãƒ©ãƒƒã‚·ãƒ¥ã‚’無効ã«ã—ã¾ã™ã€‚デフォルトã§è‡ªå‹•ãƒ•ãƒ©ãƒƒã‚·ãƒ³ã‚°ã¯ã‚ªãƒ³ã«ãªã£ã¦ã„ã¾ã™ã€‚
+
\return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mode セッションキャッシュã®æŒ¯ã‚‹èˆžã„を変更ã™ã‚‹ç‚ºã«ä½¿ç”¨ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -1823,10 +2490,15 @@ int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl);
long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
/*!
- \brief SessionSecRETCBタイプã«ã¯ã€ç½²åãŒã‚ã‚Šã¾ã™ã€‚int(* sessioneCretcb)(wolfssl * sslã€void * secretã€int * secretszã€void * ctx)。WolfSSL構造体ã®SESSIONSECRETCBメンãƒãƒ¼ã¯ãƒ‘ラメータCBã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’セットã—ã¾ã™ã€‚
+ SessionSecretCbタイプã¯æ¬¡ã®ã‚·ã‚°ãƒãƒãƒ£ã¨ãªã£ã¦ã„ã¾ã™ï¼šint(* sessioneCretcb)(wolfssl * sslã€void * secretã€int * secretszã€void * ctx)。
+ WOLFSSL構造体ã®sessionSecretCbメンãƒãƒ¼ã¯å¼•æ•°cbã«è¨­å®šã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 関数ã®å®Ÿè¡ŒãŒã‚¨ãƒ©ãƒ¼ã‚’è¿”ã•ã‚Œãªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return SSL_FATAL_ERROR WOLFSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param cb セッションシークレットコールãƒãƒƒã‚¯é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx セッションシークレットコールãƒãƒƒã‚¯é–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -1844,12 +2516,14 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
int wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’ファイルã«æŒç¶šã—ã¾ã™ã€‚追加ã®ãƒ¡ãƒ¢ãƒªä½¿ç”¨ã®ãŸã‚ã€MEMSAVEã¯ä½¿ç”¨ã•ã‚Œã¾ã›ã‚“。
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’ファイルã«æŒç¶šã—ã¾ã™ã€‚追加ã®ãƒ¡ãƒ¢ãƒªä½¿ç”¨ã®ãŸã‚ã€memsaveã¯ä½¿ç”¨ã•ã‚Œã¾ã›ã‚“。
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚セッションキャッシュã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«æ›¸ãè¾¼ã¾ã‚Œã¾ã—ãŸã€‚
\return SSL_BAD_FILE FNAMEã‚’é–‹ãã“ã¨ãŒã§ããªã„ã‹ã€ãれ以外ã®å ´åˆã¯ç ´æã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return FWRITE_ERROR XfWriteãŒãƒ•ã‚¡ã‚¤ãƒ«ã¸ã®æ›¸ãè¾¼ã¿ã«å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_MUTEX_E ミューテックスロック障害ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E ミューテックスロック障害ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param fname 書ãè¾¼ã¿å¯¾è±¡ãƒ•ã‚¡ã‚¤ãƒ«åã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
const char* fname;
@@ -1862,16 +2536,19 @@ int wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
\sa wolfSSL_restore_session_cache
\sa wolfSSL_memrestore_session_cache
*/
-int wolfSSL_save_session_cache(const char*);
+int wolfSSL_save_session_cache(const char* fname);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰æ°¸ç¶šã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’復元ã—ã¾ã™ã€‚追加ã®ãƒ¡ãƒ¢ãƒªä½¿ç”¨ã®ãŸã‚ã€MEMSTOREã¯ä½¿ç”¨ã—ã¾ã›ã‚“。
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰æ°¸ç¶šã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’復元ã—ã¾ã™ã€‚追加ã®ãƒ¡ãƒ¢ãƒªä½¿ç”¨ã®ãŸã‚ã€memstoreã¯ä½¿ç”¨ã—ã¾ã›ã‚“。
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_BAD_FILE 関数ã«æ¸¡ã•ã‚ŒãŸãƒ•ã‚¡ã‚¤ãƒ«ãŒç ´æã—ã¦ã„ã¦XFOPENã«ã‚ˆã£ã¦é–‹ãã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return FREAD_ERROR ファイルã«XFREADã‹ã‚‰èª­ã¿å–りエラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return FREAD_ERROR ファイルã«XFREADã‹ã‚‰èª­ã¿å–りエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return CACHE_MATCH_ERROR セッションキャッシュヘッダã®ä¸€è‡´ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_MUTEX_E ミューテックスロック障害ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E ミューテックスロック障害ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param fname キャシュを読ã¿å–ã‚‹ãŸã‚ã®ãƒ•ã‚¡ã‚¤ãƒ«åã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+
_Example_
\code
const char *fname;
@@ -1883,15 +2560,17 @@ int wolfSSL_save_session_cache(const char*);
\sa XFREAD
\sa XFOPEN
*/
-int wolfSSL_restore_session_cache(const char*);
+int wolfSSL_restore_session_cache(const char* fname);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’メモリã«ä¿æŒã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚セッションキャッシュã¯ãƒ¡ãƒ¢ãƒªã«æ­£å¸¸ã«æ°¸ç¶šåŒ–ã•ã‚Œã¾ã—ãŸã€‚
- \return BAD_MUTEX_E ミューテックスロックエラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E ミューテックスロックエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒå°ã•ã™ãŽã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
- \param mem メモリコピーxmemcpy()ã®å®›å…ˆã‚’表ã™voidãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mem セッションキャッシュã®ã‚³ãƒ”ー先ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param sz コピー先ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
void* mem;
@@ -1907,13 +2586,15 @@ int wolfSSL_restore_session_cache(const char*);
int wolfSSL_memsave_session_cache(void* mem, int sz);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ãƒ¡ãƒ¢ãƒªã‹ã‚‰æ°¸ç¶šã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’復元ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E メモリãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_MUTEX_E セッションキャッシュミューテックスロックãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return CACHE_MATCH_ERROR セッションキャッシュヘッダã®ä¸€è‡´ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param mem 復元ã®åŽŸå› ã‚’å«ã‚€å®šæ•°ã®ãƒœã‚¤ãƒ‰ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mem セッションキャッシュをä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
const void* memoryFile;
@@ -1928,9 +2609,10 @@ int wolfSSL_memsave_session_cache(void* mem, int sz);
int wolfSSL_memrestore_session_cache(const void* mem, int sz);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ä¿å­˜ãƒãƒƒãƒ•ã‚¡ã‚’ã©ã®ã‚ˆã†ã«å¤§ããã™ã‚‹ã‹ã‚’è¿”ã—ã¾ã™ã€‚
- \return int ã“ã®é–¢æ•°ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ä¿å­˜ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’表ã™æ•´æ•°ã‚’è¿”ã—ã¾ã™ã€‚
+ \return ã“ã®é–¢æ•°ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚­ãƒ£ãƒƒã‚·ãƒ¥ä¿å­˜ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’表ã™æ•´æ•°ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
int sz = // Minimum size for error checking;
@@ -1944,7 +2626,7 @@ int wolfSSL_memrestore_session_cache(const void* mem, int sz);
int wolfSSL_get_session_cache_memsize(void);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯Certキャッシュをメモリã‹ã‚‰ãƒ•ã‚¡ã‚¤ãƒ«ã«æ›¸ãè¾¼ã¿ã¾ã™ã€‚
\return SSL_SUCCESS CM_SaveCertCacheãŒæ­£å¸¸ã«çµ‚了ã—ãŸå ´åˆã€‚
\return BAD_FUNC_ARG 引数ã®ã„ãšã‚Œã‹ã®å¼•æ•°ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
@@ -1952,7 +2634,9 @@ int wolfSSL_get_session_cache_memsize(void);
\return BAD_MUTEX_E ロックミューテックスãŒå¤±æ•—ã—ãŸå ´åˆ
\return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ã«å¤±æ•—ã—ã¾ã—ãŸã€‚
\return FWRITE_ERROR 証明書キャッシュファイルã®æ›¸ãè¾¼ã¿ã«å¤±æ•—ã—ã¾ã—ãŸã€‚
- \param ctx wolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€è¨¼æ˜Žæ›¸æƒ…報をä¿æŒã—ã¾ã™ã€‚
+ \param ctx WOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€è¨¼æ˜Žæ›¸æƒ…報をä¿æŒã—ã¾ã™ã€‚
+ \param fname 出力先ファイルåã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol def );
@@ -1968,13 +2652,15 @@ int wolfSSL_get_session_cache_memsize(void);
int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ãƒ•ã‚¡ã‚¤ãƒ«ã‹ã‚‰è¨¼æ˜Žæ›¸ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’担当ã—ã¾ã™ã€‚
- \return SSL_SUCCESS 関数cm_restorecertcacheãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE xfopenãŒxbadfileã‚’è¿”ã™ã¨è¿”ã•ã‚Œã¾ã™ã€‚ファイルãŒç ´æã—ã¦ã„ã¾ã™ã€‚
+ \return SSL_SUCCESS 正常ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE XFOPENãŒXBADFILEã‚’è¿”ã™ã¨è¿”ã•ã‚Œã¾ã™ã€‚ファイルãŒç ´æã—ã¦ã„ã¾ã™ã€‚
\return MEMORY_E TEMPãƒãƒƒãƒ•ã‚¡ã®å‰²ã‚Šå½“ã¦ã‚‰ã‚ŒãŸãƒ¡ãƒ¢ãƒªãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG FNAMEã¾ãŸã¯CTXã«NULL値ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€è¨¼æ˜Žæ›¸æƒ…報をä¿æŒã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG 引数fnameã¾ãŸã¯å¼•æ•°ctxãŒNULLã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx WOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€è¨¼æ˜Žæ›¸æƒ…報をä¿æŒã—ã¾ã™ã€‚
+ \param fname 証明書キャッシュを読ã¿å–るファイルåã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -1991,15 +2677,17 @@ int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’メモリã«æŒç¶šã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚エラーãŒæŠ•ã’られã¦ã„ã¾ã›ã‚“。
- \return BAD_MUTEX_E wolfssl_cert_managerメンãƒãƒ¼ã®ã‚«ãƒ¼ãƒœãƒƒã‚¯ãŒ0(ゼロ)ã§ã¯ãªã‹ã£ãŸãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹ã‚¨ãƒ©ãƒ¼ã€‚
- \return BAD_FUNC_ARG CTXã€MEMã€ã¾ãŸã¯ä½¿ç”¨ãŒNULLã®å ´åˆã€ã¾ãŸã¯SZãŒ0以下ã®å ´åˆï¼ˆ0(ゼロ)。
+ \return BAD_MUTEX_E WOLFSSL_CERT_MANAGER構造体ã®caLockメンãƒãƒ¼0(ゼロ)ã§ã¯ãªã‹ã£ãŸã€‚
+ \return BAD_FUNC_ARG 引数ctxã€memãŒNULLã®å ´åˆã€ã¾ãŸã¯szãŒ0以下ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E 出力ãƒãƒƒãƒ•ã‚¡MEMãŒå°ã•ã™ãŽã¾ã—ãŸã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param mem 宛先ã¸ã®voidãƒã‚¤ãƒ³ã‚¿ï¼ˆå‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ï¼‰ã€‚
\param sz 出力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚
+ \param used 証明書キャッシュヘッダーã®ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹å¤‰æ•°ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol );
@@ -2019,15 +2707,17 @@ int wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX* ctx, void* mem, int sz, int* used);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ã‚­ãƒ£ãƒƒã‚·ãƒ¥ã‚’メモリã‹ã‚‰å¾©å…ƒã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG CTXã¾ãŸã¯MEMパラメータãŒNULLã¾ãŸã¯SZパラメータãŒã‚¼ãƒ­ä»¥ä¸‹ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E CERTキャッシュメモリãƒãƒƒãƒ•ã‚¡ãŒå°ã•ã™ãŽã‚‹ã¨æˆ»ã‚Šã¾ã™ã€‚
\return CACHE_MATCH_ERROR CERTキャッシュヘッダーã®ä¸ä¸€è‡´ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_MUTEX_E ロックミューテックスãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param mem 証明書キャッシュã«å¾©å…ƒã•ã‚Œã‚‹å€¤ã‚’æŒã¤voidãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param mem 証明書キャッシュã«å¾©å…ƒã•ã‚Œã‚‹å€¤ã‚’ä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
@@ -2044,11 +2734,14 @@ int wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX* ctx, void* mem, int sz, int* us
int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief Certificate Cache Saveãƒãƒƒãƒ•ã‚¡ãŒå¿…è¦ãªã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
- \return int æˆåŠŸã—ãŸã¨ãã«ãƒ¡ãƒ¢ãƒªã‚µã‚¤ã‚ºã‚’表ã™æ•´æ•°å€¤ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_MUTEX_E - ミューテックスロックエラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return メモリサイズを返ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E ミューテックスロックエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(protocol);
@@ -2061,14 +2754,25 @@ int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz
\endcode
\sa CM_GetCertCacheMemSize
*/
-int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
+int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX* ctx);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ä¸Žãˆã‚‰ã‚ŒãŸwolfssl_ctxã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’設定ã—ã¾ã™ã€‚ã“ã®Cipher Suiteリストã¯ã€ã“ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’使用ã—ã¦ä½œæˆã•ã‚ŒãŸæ–°ã—ã„SSLセッション(WolfSSL)ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚リスト内ã®æš—å·ã¯ã€æœ€é«˜ã‹ã‚‰æœ€ä½Žã¸ã®å¥½ã¿ã®é †ã«ã‚½ãƒ¼ãƒˆã•ã‚Œã‚‹ã¹ãã§ã™ã€‚wolfssl_ctx_set_cipher_list()ã®å„呼ã³å‡ºã—ã¯ã€é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ãŸã³ã«ã€ç‰¹å®šã®SSLコンテキストã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’æä¾›ã•ã‚ŒãŸãƒªã‚¹ãƒˆã«ãƒªã‚»ãƒƒãƒˆã—ã¾ã™ã€‚æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã€ãƒªã‚¹ãƒˆã¯ã€ãƒŒãƒ«çµ‚端テキスト文字列ã€ãŠã‚ˆã³ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã™ã€‚ãŸã¨ãˆã°ã€ãƒªã‚¹ãƒˆã®å€¤ãŒã€ŒDHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:AES256-SHA256ã€æœ‰åŠ¹ãªæš—å·å€¤ã¯ã€src / internal.cã®cipher_names []é…列ã®ãƒ•ãƒ«ãƒãƒ¼ãƒ å€¤ã§ã™ã€‚(有効ãªæš—å·åŒ–値ã®æ˜Žç¢ºãªãƒªã‚¹ãƒˆã®å ´åˆã¯src / internal.cã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦ãã ã•ã„)
- \return SSL_SUCCESS 機能完了ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ä¸Žãˆã‚‰ã‚ŒãŸWOLFSSL_CTXã«æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’設定ã—ã¾ã™ã€‚
+ ã“ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã¯ã€ã“ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’使用ã—ã¦ä½œæˆã•ã‚ŒãŸæ–°ã—ã„SSLセッション(WolfSSL)ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚
+ リスト内ã®æš—å·ã¯ã€å„ªå…ˆåº¦ã®é«˜ã„ã‚‚ã®ã®é †ã«é †ã«ã‚½ãƒ¼ãƒˆã•ã‚Œã‚‹ã¹ãã§ã™ã€‚
+ wolfSSL_CTX_set_cipher_list()ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹éƒ½åº¦ã€ç‰¹å®šã®SSLコンテキストã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’æä¾›ã•ã‚ŒãŸãƒªã‚¹ãƒˆã«ãƒªã‚»ãƒƒãƒˆã—ã¾ã™ã€‚
+ æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã¯ãƒŒãƒ«çµ‚端ã•ã‚ŒãŸã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã™ã€‚
+ ãŸã¨ãˆã°ã€ãƒªã‚¹ãƒˆã®å€¤ãŒã€ŒDHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:AES256-SHA256ã€æœ‰åŠ¹ãªæš—å·å€¤ã¯ã€src/internal.cã®cipher_names []é…列ã®ãƒ•ãƒ«ãƒãƒ¼ãƒ å€¤ã§ã™ã€‚
+ (有効ãªæš—å·åŒ–値ã®æ˜Žç¢ºãªãƒªã‚¹ãƒˆã®å ´åˆã¯src/internal.cã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦ãã ã•ã„)
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param list ヌル終端ã•ã‚ŒãŸã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆæ–‡å­—列ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -2085,11 +2789,21 @@ int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ç‰¹å®šã®WolfSSLオブジェクト(SSLセッション)ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’設定ã—ã¾ã™ã€‚リスト内ã®æš—å·ã¯ã€æœ€é«˜ã‹ã‚‰æœ€ä½Žã¸ã®å¥½ã¿ã®é †ã«ã‚½ãƒ¼ãƒˆã•ã‚Œã‚‹ã¹ãã§ã™ã€‚wolfssl_set_cipher_list()ã®å„呼ã³å‡ºã—ã¯ã€é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ãŸã³ã«ã€ç‰¹å®šã®SSLセッションã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’æä¾›ã•ã‚ŒãŸãƒªã‚¹ãƒˆã«ãƒªã‚»ãƒƒãƒˆã—ã¾ã™ã€‚æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã€ãƒªã‚¹ãƒˆã¯ã€ãƒŒãƒ«çµ‚端テキスト文字列ã€ãŠã‚ˆã³ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã™ã€‚例ãˆã°ã€ãƒªã‚¹ãƒˆã®ãŸã‚ã®1ã¤ã®å€¤ã¯ã€ã€ŒDHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:AES256-SHA256ã€ã§ã‚り得る。有効ãªæš—å·åŒ–値ã¯ã€src / internal.c(有効ãªæš—å·åŒ–値ã®æ˜Žç¢ºãªãƒªã‚¹ãƒˆã®ãƒªã‚¹ãƒˆã®å ´åˆã¯src / internal.cを指定ã—ã¦ãã ã•ã„)ã®cipher_names []é…列ã®ãƒ•ãƒ«ãƒãƒ¼ãƒ å€¤ã§ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ç‰¹å®šã®WolfSSLオブジェクト(SSLセッション)ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’設定ã—ã¾ã™ã€‚
+ ã“ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã¯ã€ã“ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’使用ã—ã¦ä½œæˆã•ã‚ŒãŸæ–°ã—ã„SSLセッション(WolfSSL)ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚
+ リスト内ã®æš—å·ã¯ã€å„ªå…ˆåº¦ã®é«˜ã„ã‚‚ã®ã®é †ã«é †ã«ã‚½ãƒ¼ãƒˆã•ã‚Œã‚‹ã¹ãã§ã™ã€‚
+ wolfSSL_CTX_set_cipher_list()ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹éƒ½åº¦ã€ç‰¹å®šã®SSLコンテキストã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã‚’æä¾›ã•ã‚ŒãŸãƒªã‚¹ãƒˆã«ãƒªã‚»ãƒƒãƒˆã—ã¾ã™ã€‚
+ æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆã¯ãƒŒãƒ«çµ‚端ã•ã‚ŒãŸã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã™ã€‚
+ ãŸã¨ãˆã°ã€ãƒªã‚¹ãƒˆã®å€¤ãŒã€ŒDHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:AES256-SHA256ã€æœ‰åŠ¹ãªæš—å·å€¤ã¯ã€src/internal.cã®cipher_names []é…列ã®ãƒ•ãƒ«ãƒãƒ¼ãƒ å€¤ã§ã™ã€‚
+ (有効ãªæš—å·åŒ–値ã®æ˜Žç¢ºãªãƒªã‚¹ãƒˆã®å ´åˆã¯src/internal.cã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦ãã ã•ã„)
+
\return SSL_SUCCESS 機能完了ã«æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param list ヌル終端ã•ã‚ŒãŸã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆãƒªã‚¹ãƒˆæ–‡å­—列ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -2107,9 +2821,14 @@ int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list);
int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list);
/*!
- \brief UDP I / Oã¯ãƒŽãƒ³ãƒ–ロッキングã§ã™ã€‚アプリケーションãŒWolfSSLオブジェクトを作æˆã—ãŸå¾Œã€ãƒ–ロックã•ã‚Œã¦ã„ãªã„UDPソケットã§ä½¿ç”¨ã•ã‚Œã‚‹å ´åˆã¯ã€WolfsSL_DTLS_SET_USING_NONBLOCK()を呼ã³å‡ºã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€wolfsslオブジェクトã¯ã€Ewouldblockã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return none è¿”å“ä¸å¯ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸDTLSセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSL DTLSオブジェクトã«ä¸‹å±¤ã®UDP I/Oã¯ãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹ã“ã¨ã‚’通知ã—ã¾ã™ã€‚
+ アプリケーションãŒWOLFSSLオブジェクトを作æˆã—ãŸå¾Œã€ãƒŽãƒ³ãƒ–ロッキングUDPソケットを使用ã™ã‚‹å ´åˆã¯ã€wolfSSL_dtls_set_using_nonblock()を呼ã³å‡ºã—ã¾ã™ã€‚
+ ã“ã‚Œã«ã‚ˆã‚Šã€WOLFSSLオブジェクトã¯ã€recvfrom呼ã³å‡ºã—ãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã›ãšã«EWOULDBLOCKã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
+ \return ãªã—
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param nonblock WOLFSSL構造体ã«ãƒŽãƒ³ãƒ–ロッキングI/Oを使用ã—ã¦ã„ã‚‹ã“ã¨ã‚’指定ã™ã‚‹ãƒ•ãƒ©ã‚°ã€‚ノンブロッキングを使用ã—ã¦ã„ã‚‹å ´åˆã«ã¯ï¼‘を指定ã€ãれ以外ã¯0を指定ã—ã¦ãã ã•ã„。
+
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -2122,9 +2841,14 @@ int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list);
*/
void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
/*!
- \brief UDPを使用ã—ã¦éžãƒ–ロッキングI / Oを使用ã™ã‚‹ã€‚WolfSSLãŒãƒŽãƒ³ãƒ–ロッキングI / Oを使用ã—ã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€wolfsslオブジェクトã¯ã€Ewouldblockã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯DTLSセッションã«ã¨ã£ã¦ã®ã¿æ„味ãŒã‚ã‚Šã¾ã™ã€‚
- \return 0 基礎ã¨ãªã‚‹I / OãŒãƒ–ロックã•ã‚Œã¦ã„ã¾ã™ã€‚
- \return 1 基礎ã¨ãªã‚‹I / Oã¯éžãƒ–ロッキングã§ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSL DTLSオブジェクトãŒä¸‹å±¤ã«UDPノンブロッキングI/Oを使用ã—ã¦ã„ã‚‹ã‹å¦ã‹ã‚’å–å¾—ã—ã¾ã™ã€‚
+ WOLFSSLオブジェクトãŒãƒŽãƒ³ãƒ–ロッキングI/Oを使用ã—ã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ã€‚
+ ã“ã‚Œã«ã‚ˆã‚Šã€WOLFSSLオブジェクトã¯ã€EWOULDBLOCKã‚’å—ä¿¡ã™ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
+ ã“ã®æ©Ÿèƒ½ã¯DTLSセッションã«ã¨ã£ã¦ã®ã¿æ„味ãŒã‚ã‚Šã¾ã™ã€‚
+ \return 0 基礎ã¨ãªã‚‹I/OãŒãƒ–ロックã•ã‚Œã¦ã„ã¾ã™ã€‚
+ \return 1 基礎ã¨ãªã‚‹I/Oã¯ãƒŽãƒ³ãƒ–ロッキングã§ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret = 0;
@@ -2140,11 +2864,15 @@ void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
\sa wolfSSL_dtls_got_timeout
\sa wolfSSL_dtls_set_using_nonblock
*/
-int wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
+int wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl);
/*!
- \brief wolfsslオブジェクト。é®æ–­ã•ã‚Œã¦ã„ãªã„ソケットを使用ã™ã‚‹å ´åˆã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚³ãƒ¼ãƒ‰å†…ã®ä½•ã‹ã¯ã€åˆ©ç”¨å¯èƒ½ãªRECVデータをãƒã‚§ãƒƒã‚¯ã™ã‚‹ã¨ãã«ã„ã¤ã§ã‚‚å¾…æ©Ÿã—ã¦ã„ã‚‹ã®ã‹ã‚’決定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®é–¢æ•°ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã‚‹å€¤ã¯ã€ã‚¢ãƒ—リケーションãŒã©ã®ãらã„å¾…æ©Ÿã™ã‚‹ã‹ã‚’示ã—ã¾ã™ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ç¾åœ¨ã®ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆå€¤ã‚’秒å˜ä½ã§è¿”ã—ã¾ã™ã€‚
+ ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚³ãƒ¼ãƒ‰ã§ã¯ã€åˆ©ç”¨å¯èƒ½ãªrecvVデータã®åˆ°ç€ã‚’ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã‚¿ã‚¤ãƒŸãƒ³ã‚°ã‚„å¾…ã¤ã¹ã時間を知る必è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã‚‹å€¤ã¯ã€ã‚¢ãƒ—リケーションãŒã©ã®ãらã„å¾…æ©Ÿã™ã‚‹ã‹ã‚’示ã—ã¾ã™ã€‚
\return seconds ç¾åœ¨ã®DTLSタイムアウト値(秒)
- \return NOT_COMPILED_IN WolfSSLãŒDTLSサãƒãƒ¼ãƒˆã§æ§‹ç¯‰ã•ã‚Œã¦ã„ãªã„å ´åˆã€‚
+ \return NOT_COMPILED_IN wolfSSLãŒDTLSサãƒãƒ¼ãƒˆã§æ§‹ç¯‰ã•ã‚Œã¦ã„ãªã„å ´åˆã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int timeout = 0;
@@ -2161,11 +2889,52 @@ int wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã‚¢ãƒ—リケーションãŒã‚ˆã‚Šæ—©ã„タイムアウト時間を設定ã™ã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆã«trueã‚’è¿”ã—ã¾ã™ã€‚
+ ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã§ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚³ãƒ¼ãƒ‰ã§å—信データãŒåˆ°ç€ã—ã¦ã„ã‚‹ã‹ä½•æ™‚ãƒã‚§ãƒƒã‚¯ã™ã‚‹ã‹ã€
+ ã‚ã‚‹ã„ã¯ã©ã®ãらã„ã®æ™‚é–“å¾…ã¦ã°ã‚ˆã„ã®ã‹ã‚’決ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®é–¢æ•°ãŒ true ã‚’è¿”ã—ãŸå ´åˆã€ãƒ©ã‚¤ãƒ–ラリã¯ã™ã§ã«é€šä¿¡ã®ä¸­æ–­ã‚’検出ã—ã¾ã—ãŸãŒã€
+ ä»–ã®ãƒ”ã‚¢ã‹ã‚‰ã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒã¾ã é€ä¿¡ä¸­ã®å ´åˆã«å‚™ãˆã¦ã€ã‚‚ã†å°‘ã—å¾…æ©Ÿã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
+ ã“ã®ã‚¿ã‚¤ãƒžãƒ¼ã®å€¤ã‚’微調整ã™ã‚‹ã®ã¯ã‚¢ãƒ—リケーション次第ã§ã™ãŒã€dtls_get_current_timeout()/4ãŒæœ€é©ã§ã™ã€‚
+
+ \return true アプリケーションãŒã‚ˆã‚Šæ—©ã„タイムアウトを設定ã™ã‚‹å¿…è¦ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ \sa wolfSSL_dtls
+ \sa wolfSSL_dtls_get_peer
+ \sa wolfSSL_dtls_got_timeout
+ \sa wolfSSL_dtls_set_peer
+ \sa wolfSSL_dtls13_set_send_more_acks
+*/
+int wolfSSL_dtls13_use_quick_timeout(WOLFSSL *ssl);
+/*!
+ \ingroup Setup
+
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒ©ã‚¤ãƒ–ラリãŒä¸­æ–­ã‚’検出ã—ãŸã¨ãã«ã™ãã«ä»–ã®ãƒ”ã‚¢ã«ACKã‚’é€ä¿¡ã™ã‚‹ã‹ã©ã†ã‹ã‚’設定ã—ã¾ã™ã€‚
+ ACKã‚’ã™ãã«é€ä¿¡ã™ã‚‹ã¨ã€é…延ã¯æœ€å°é™ã«æŠ‘ãˆã‚‰ã‚Œã¾ã™ãŒã€å¿…è¦ä»¥ä¸Šã«å¤šãã®å¸¯åŸŸå¹…ãŒæ¶ˆè²»ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ アプリケーションãŒç‹¬è‡ªã«ã‚¿ã‚¤ãƒžãƒ¼ã‚’管ç†ã—ã¦ãŠã‚Šã€ã“ã®ã‚ªãƒ—ションãŒ0ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€
+ アプリケーションコードã¯wolfSSL_dtls13_use_quick_timeout()を使用ã—ã¦ã€
+ é…延ã—ãŸACKã‚’é€ä¿¡ã™ã‚‹ãŸã‚ã«ã‚ˆã‚Šé€Ÿã„タイムアウトを設定ã™ã‚‹å¿…è¦ãŒã‚ã‚‹ã‹ã©ã†ã‹ã‚’判断ã§ãã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param value 設定を行ã†å ´åˆã«ã¯ï¼‘ã‚’è¡Œã‚ãªã„å ´åˆã«ã¯0を設定ã—ã¾ã™ã€‚
+
+ \sa wolfSSL_dtls
+ \sa wolfSSL_dtls_get_peer
+ \sa wolfSSL_dtls_got_timeout
+ \sa wolfSSL_dtls_set_peer
+ \sa wolfSSL_dtls13_use_quick_timeout
+*/
+void wolfSSL_dtls13_set_send_more_acks(WOLFSSL *ssl, int value);
+
+/*!
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯DTLSタイムアウトを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚SSLã®DTLS_TIMEOUT_INITã¨DTLS_TIMEOUTメンãƒãƒ¼ãŒè¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl structãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆãŒ0以下ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚タイムアウト引数ãŒè¨±å¯ã•ã‚Œã¦ã„る最大値を超ãˆã‚‹ã¨ã€æˆ»ã‚Šã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG 引数sslãŒNULLã®å ´åˆã€ã¾ãŸã¯ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆãŒ0以下ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚タイムアウト引数ãŒè¨±å¯ã•ã‚Œã¦ã„る最大値を超ãˆã¦ã„ã‚‹å ´åˆã«ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param value タイムアウトオプションを有効ã«ã™ã‚‹å ´åˆã«ã¯1を指定ã—ã€ç„¡åŠ¹ã«ã™ã‚‹å ´åˆã«ã¯0を指定ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -2184,10 +2953,12 @@ int wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl構造体ãŒNULLã®å ´åˆã€ã¾ãŸã¯TIMEOUT引数ãŒã‚¼ãƒ­ä»¥ä¸‹ã§ã‚ã‚‹å ´åˆã€ã¾ãŸã¯WolfSSL構造体ã®DTLS_TIMEOUT_INITメンãƒãƒ¼ã‚ˆã‚Šã‚‚å°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param timeout 最大タイムアウト時間
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -2205,10 +2976,13 @@ int wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
/*!
- \brief 制御コードãŒé€ä¿¡ãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã—ãŸã¨è€ƒãˆã‚‹ã¨ã€WolfSSLオブジェクトã§å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚タイムアウト値ã®èª¿æ•´ã‚’å«ã‚€ã€æœ€å¾Œã®é€ä¿¡ã‚’å†è©¦è¡Œã™ã‚‹ãŸã‚ã«å¿…è¦ãªæ“作を実行ã—ã¾ã™ã€‚é•·ã™ãŽã‚‹ã¨ã€ã“ã‚Œã¯å¤±æ•—ã‚’è¿”ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™
+ \brief DTLSã§ãƒŽãƒ³ãƒ–ロッキングソケットを使用ã™ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯é€ä¿¡ãŒã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã—ãŸã¨è€ƒãˆã‚‰ã‚Œã‚‹å ´åˆã«å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ タイムアウト値ã®èª¿æ•´ãªã©ã€æœ€å¾Œã®é€ä¿¡ã‚’å†è©¦è¡Œã™ã‚‹ãŸã‚ã«å¿…è¦ãªã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã‚’実行ã—ã¾ã™ã€‚ 時間ãŒã‹ã‹ã‚Šã™ãŽã‚‹ã¨ã€å¤±æ•—ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«æˆ»ã‚Šã¾ã™
\return SSL_FATAL_ERROR ピアã‹ã‚‰ã®å¿œç­”ã‚’å¾—ã‚‹ã“ã¨ãªãã€å†é€ä¿¡/タイムアウトãŒå¤šã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return NOT_COMPILED_IN WolfSSLãŒDTLSサãƒãƒ¼ãƒˆã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return NOT_COMPILED_IN wolfSSLãŒDTLSサãƒãƒ¼ãƒˆã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
See the following files for usage examples:
@@ -2223,9 +2997,32 @@ int wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
int wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
/*!
- \brief DTLSを使用ã™ã‚‹ã‚ˆã†ã«æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ã€‚
+ \brief DTLSã§ãƒŽãƒ³ãƒ–ロッキングソケットを使用ã™ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯äºˆæƒ³ã•ã‚Œã‚‹ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆå€¤ã¨å†é€ä¿¡å›žæ•°ã‚’無視ã—ã¦æœ€å¾Œã®ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãƒ•ãƒ©ã‚¤ãƒˆã‚’å†é€ä¿¡ã—ã¾ã™ã€‚
+ ã“ã‚Œã¯ã€DTLSを使用ã—ã¦ãŠã‚Šã€ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã‚„å†è©¦è¡Œå›žæ•°ã‚‚管ç†ã™ã‚‹å¿…è¦ãŒã‚るアプリケーションã«å½¹ç«‹ã¡ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«æˆ»ã‚Šã¾ã™
+ \return SSL_FATAL_ERROR ピアã‹ã‚‰ã®å¿œç­”ãŒå¾—られãªã„ã¾ã¾å†é€ä¿¡/タイムアウトãŒå¤šã™ãŽã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
+ \code
+ int ret = 0;
+ WOLFSSL* ssl;
+ ...
+ ret = wolfSSL_dtls_retransmit(ssl);
+ \endcode
+
+ \sa wolfSSL_dtls_get_current_timeout
+ \sa wolfSSL_dtls_got_timeout
+ \sa wolfSSL_dtls
+*/
+int wolfSSL_dtls_retransmit(WOLFSSL* ssl);
+
+/*!
+ \brief DTLSを使用ã™ã‚‹ã‚ˆã†ã«æ§‹æˆã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’å–å¾—ã—ã¾ã™ã€‚
\return 1 SSLセッション(SSL)ãŒDTLSを使用ã™ã‚‹ã‚ˆã†ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ã€‚
- \return 0 ãã†ã§ãªã‘ã‚Œã°ã€‚
+ \return 0 ãã†ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -2244,12 +3041,14 @@ int wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
int wolfSSL_dtls(WOLFSSL* ssl);
/*!
- \brief ピースズ。
- \return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™ã€‚
- \return SSL_FAILURE 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_NOT_IMPLEMENTED WolfSSLãŒDTLSサãƒãƒ¼ãƒˆã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param peer ピアã®SOCKADDR_IN構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯å¼•æ•°peerã§ä¸Žãˆã‚‰ã‚Œã‚‹ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’DTLSã®ãƒ”ã‚¢ã¨ã—ã¦ã‚»ãƒƒãƒˆã—ã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_NOT_IMPLEMENTED wolfSSLãŒDTLSをサãƒãƒ¼ãƒˆã™ã‚‹ã‚ˆã†ã«ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param peer ピアã®ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’å«ã‚€sockaddr_in構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param peerSz sockaddr_in構造体ã®ã‚µã‚¤ã‚ºã€‚0ãŒæŒ‡å®šã•ã‚ŒãŸå ´åˆã«ã¯sslã«è¨­å®šã•ã‚Œã¦ã„るピアã®æƒ…報をクリアã—ã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -2269,12 +3068,16 @@ int wolfSSL_dtls(WOLFSSL* ssl);
int wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz);
/*!
- \brief DTLSピアã“ã®é–¢æ•°ã¯ã€Peerszã‚’SSLセッションã«æ ¼ç´ã•ã‚Œã¦ã„る実際ã®DTLSピアサイズã«æ¯”較ã—ã¾ã™ã€‚ピアãŒãƒ”ã‚¢ã«åŽã¾ã‚‹å ´åˆã€ãƒ”ã‚¢ã®SOCKADDR_INã¯ãƒ”ã‚¢ã«ã‚³ãƒ”ーã•ã‚Œã€ãƒ”ースãŒãƒ”ã‚¢ã®ã‚µã‚¤ã‚ºã«è¨­å®šã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™ã€‚
- \return SSL_FAILURE 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_NOT_IMPLEMENTED WolfSSLãŒDTLSサãƒãƒ¼ãƒˆã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param peer ピアã®SOCKADDR_IN構造をä¿å­˜ã™ã‚‹ã«ã¯ã€ãƒ¡ãƒ¢ãƒªã®å ´æ‰€ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯ã€ç¾åœ¨ã®DTLSピアã®sockaddr_in(サイズpeerSz)ã‚’å–å¾—ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã¯ã€peerSzã‚’SSLセッションã«ä¿å­˜ã•ã‚Œã¦ã„る実際ã®DTLSピアサイズã¨æ¯”較ã—ã¾ã™ã€‚
+ ピアアドレスãŒpeerã«åŽã¾ã‚‹å ´åˆã¯ã€peerSzãŒãƒ”ã‚¢ã®ã‚µã‚¤ã‚ºã«è¨­å®šã•ã‚Œã¦ã€ãƒ”ã‚¢ã®sockaddr_inãŒpeerã«ã‚³ãƒ”ーã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_NOT_IMPLEMENTED wolfSSLãŒDTLSをサãƒãƒ¼ãƒˆã™ã‚‹ã‚ˆã†ã«ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param peer ピアã®sockaddr_in構造体をä¿å­˜ã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param peerSz サイズを格ç´ã™ã‚‹å¤‰æ•°ã€‚入力時ã«ã¯å¼•æ•°peerã§ç¤ºã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã—ã¦ãã ã•ã„。出力時ã«ã¯å®Ÿéš›ã®sockaddr_in構造体ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -2294,11 +3097,16 @@ int wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz);
int wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’より人間ãŒèª­ã‚るエラー文字列ã«å¤‰æ›ã—ã¾ã™ã€‚errnumberã¯ã€wolfssl_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã€ãƒ‡ãƒ¼ã‚¿ã¯ã‚¨ãƒ©ãƒ¼æ–‡å­—列ãŒé…ç½®ã•ã‚Œã‚‹ã‚¹ãƒˆãƒ¬ãƒ¼ã‚¸ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚MAX_ERROR_SZã§å®šç¾©ã•ã‚Œã¦ã„るよã†ã«ã€ãƒ‡ãƒ¼ã‚¿ã®æœ€å¤§é•·ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§80文字ã§ã™ã€‚ã“ã‚Œã¯wolfssl / wolfcrypt / error.hã§ã™ã€‚
- \return success 正常ã«å®Œäº†ã™ã‚‹ã¨ã€ã“ã®é–¢æ•°ã¯ãƒ‡ãƒ¼ã‚¿ã«è¿”ã•ã‚Œã‚‹ã®ã¨åŒã˜æ–‡å­—列を返ã—ã¾ã™ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSL_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’より人間ãŒèª­ã‚るエラー文字列ã«å¤‰æ›ã—ã¾ã™ã€‚
+ 引数errNumberã¯ã€wolfSSL_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã€å¼•æ•°dataã¯ã‚¨ãƒ©ãƒ¼æ–‡å­—列ãŒé…ç½®ã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚
+ MAX_ERROR_SZã§å®šç¾©ã•ã‚Œã¦ã„るよã†ã«ã€ãƒ‡ãƒ¼ã‚¿ã®æœ€å¤§é•·ã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§80文字ã§ã™ã€‚
+ ã“ã‚Œã¯wolfssl/wolfcrypt/error.hã§å®šç¾©ã•ã‚Œã¦ã„ã¾ã™ã€‚
+ \return success 正常ã«å®Œäº†ã™ã‚‹ã¨ã€ã“ã®é–¢æ•°ã¯dataã«è¿”ã•ã‚Œã‚‹ã®ã¨åŒã˜æ–‡å­—列を返ã—ã¾ã™ã€‚
\return failure 失敗ã™ã‚‹ã¨ã€ã“ã®é–¢æ•°ã¯é©åˆ‡ãªéšœå®³ç†ç”±ã€MSGã‚’æŒã¤æ–‡å­—列を返ã—ã¾ã™ã€‚
- \param errNumber wolfssl_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã€‚
+ \param errNumber wolfSSL_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã€‚
+ \param data 人間ãŒèª­ã‚るエラー文字列を格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int err = 0;
@@ -2314,14 +3122,20 @@ int wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
\sa wolfSSL_ERR_print_errors_fp
\sa wolfSSL_load_error_strings
*/
-char* wolfSSL_ERR_error_string(unsigned long,char*);
+char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_err_error_string()ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§ã™ã€‚ã“ã“ã§ã€lenã¯bufã«æ›¸ãè¾¼ã¾ã‚Œå¾—る最大文字数を指定ã—ã¾ã™ã€‚wolfssl_err_error_string()ã¨åŒæ§˜ã«ã€ã“ã®é–¢æ•°ã¯wolfssl_get_error()ã‹ã‚‰è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’より人間ãŒèª­ã‚るエラー文字列ã«å¤‰æ›ã—ã¾ã™ã€‚人間ãŒèª­ã‚る文字列ã¯bufã«ç½®ã‹ã‚Œã¾ã™ã€‚
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param e wolfssl_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_err_error_string()ã®ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§ã™ã€‚
+ ã“ã“ã§ã€å¼•æ•°lenã¯å¼•æ•°bufã«æ›¸ãè¾¼ã¾ã‚Œå¾—る最大文字数を指定ã—ã¾ã™ã€‚
+ wolfSSL_err_error_string()ã¨åŒæ§˜ã«ã€ã“ã®é–¢æ•°ã¯wolfSSL_get_error()ã‹ã‚‰è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’より人間ãŒèª­ã‚るエラー文字列ã«å¤‰æ›ã—ã¾ã™ã€‚
+ 人間ãŒèª­ã‚る文字列ã¯bufã«ç½®ã‹ã‚Œã¾ã™ã€‚
+ \return ãªã—
+ \param e wolfSSL_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã€‚
\param buff eã¨ä¸€è‡´ã™ã‚‹äººé–“ãŒèª­ã‚るエラー文字列をå«ã‚€å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param len 出力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+
_Example_
\code
int err = 0;
@@ -2341,15 +3155,18 @@ void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
unsigned long sz);
/*!
- \ingroup TLS
- \brief ã“ã®é–¢æ•°ã¯ã€Options構造体ã®ClosEnotifyã¾ãŸã¯Connresetã¾ãŸã¯SentNotifyメンãƒãƒ¼ã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³æ¡ä»¶ã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚オプション構造ã¯WolfSSL構造内ã«ã‚ã‚Šã¾ã™ã€‚
+ \ingroup TLS
+ \brief ã“ã®é–¢æ•°ã¯ã€Options構造体ã®closeNotifyã¾ãŸã¯connResetã¾ãŸã¯sentNotifyメンãƒãƒ¼ã®ã‚·ãƒ£ãƒƒãƒˆãƒ€ã‚¦ãƒ³æ¡ä»¶ã‚’ãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚
+ Options構造体ã¯WOLFSSL構造体内ã«ã‚ã‚Šã¾ã™ã€‚
\return 1 SSL_SENT_SHUTDOWNãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \return 2 ss_received_shutdownãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return 2 SSL_RECEIVED_SHUTDOWNãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
#include <wolfssl/ssl.h>
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
WOLFSSL* ssl = WOLFSSL_new(ctx);
…
int ret;
@@ -2365,12 +3182,14 @@ void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
\endcode
\sa wolfSSL_SESSION_free
*/
-int wolfSSL_get_shutdown(const WOLFSSL*);
+int wolfSSL_get_shutdown(const WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€ã‚ªãƒ—ション構造体ã®å†é–‹ãƒ¡ãƒ³ãƒã‚’è¿”ã—ã¾ã™ã€‚フラグã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å†åˆ©ç”¨ã™ã‚‹ã‹ã©ã†ã‹ã‚’示ã—ã¾ã™ã€‚ãã†ã§ãªã‘ã‚Œã°ã€æ–°ã—ã„セッションを確立ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return This 関数セッションã®å†åˆ©ç”¨ã®ãƒ•ãƒ©ã‚°ã‚’表ã™ã‚ªãƒ—ション構造ã«ä¿æŒã•ã‚Œã¦ã„ã‚‹intåž‹ã‚’è¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -2383,13 +3202,16 @@ int wolfSSL_get_shutdown(const WOLFSSL*);
\sa wolfSSL_GetSessionIndex
\sa wolfSSL_memsave_session_cache
*/
-int wolfSSL_session_reused(WOLFSSL*);
+int wolfSSL_session_reused(WOLFSSL* ssl);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief ã“ã®é–¢æ•°ã¯ã€æŽ¥ç¶šãŒç¢ºç«‹ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ã‚’確èªã—ã¾ã™ã€‚
\return 0 接続ãŒç¢ºç«‹ã•ã‚Œã¦ã„ãªã„å ´åˆã€ã™ãªã‚ã¡WolfSSL構造体ãŒNULLã¾ãŸã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒè¡Œã‚ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return 1 接続ãŒç¢ºç«‹ã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™.WolfSSL構造体ã¯NULLã¾ãŸã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒè¡Œã‚ã‚Œã¦ã„ã¾ã›ã‚“。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ _Example_
\code
#include <wolfssl/ssl.h>
@@ -2404,10 +3226,10 @@ int wolfSSL_session_reused(WOLFSSL*);
\sa wolfSSL_get_keys
\sa wolfSSL_set_shutdown
*/
-int wolfSSL_is_init_finished(WOLFSSL*);
+int wolfSSL_is_init_finished(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief 文字列ã¨ã—ã¦ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹SSLãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’è¿”ã—ã¾ã™ã€‚
\return "SSLv3" SSLv3を使ã†
\return "TLSv1" TLSV1を使用ã™ã‚‹
@@ -2417,6 +3239,8 @@ int wolfSSL_is_init_finished(WOLFSSL*);
\return "DTLS": DTLSを使ã†
\return "DTLSv1.2" DTLSV1.2を使用ã™ã‚‹
\return "unknown" ã©ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®TLSãŒä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹ã‹ã‚’判断ã™ã‚‹ã¨ã„ã†å•é¡ŒãŒã‚ã‚Šã¾ã—ãŸã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
wolfSSL_Init();
@@ -2429,13 +3253,15 @@ int wolfSSL_is_init_finished(WOLFSSL*);
\endcode
\sa wolfSSL_lib_version
*/
-const char* wolfSSL_get_version(WOLFSSL*);
+const char* wolfSSL_get_version(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief SSLセッションã§ç¾åœ¨ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã‚’è¿”ã—ã¾ã™ã€‚
\return ssl->options.cipherSuite ç¾åœ¨ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã‚’表ã™æ•´æ•°ã€‚
\return 0 æä¾›ã•ã‚Œã¦ã„ã‚‹SSLセッションã¯NULLã§ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
wolfSSL_Init();
@@ -2457,10 +3283,12 @@ const char* wolfSSL_get_version(WOLFSSL*);
int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€SSLセッションã®ç¾åœ¨ã®æš—å·ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return The 関数WolfSSL構造体ã®æš—å·ãƒ¡ãƒ³ãƒãƒ¼ã®ã‚¢ãƒ‰ãƒ¬ã‚¹ã‚’è¿”ã—ã¾ã™ã€‚ã“ã‚Œã¯wolfssl_icipher構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚
\return NULL WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -2478,13 +3306,15 @@ int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
\sa wolfSSL_get_cipher_name_internal
\sa wolfSSL_get_cipher_name
*/
-WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
+WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€SSLオブジェクト内ã®Cipher Suiteã¨ä½¿ç”¨å¯èƒ½ãªã‚¹ã‚¤ãƒ¼ãƒˆã¨ä¸€è‡´ã—ã€æ–‡å­—列表ç¾ã‚’è¿”ã—ã¾ã™ã€‚
\return string ã“ã®é–¢æ•°ã¯ã€ä¸€è‡´ã—ãŸæš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã®æ–‡å­—列表ç¾ã‚’è¿”ã—ã¾ã™ã€‚
\return none スイートãŒä¸€è‡´ã—ã¦ã„ãªã„å ´åˆã¯ã€Œãªã—ã€ã‚’è¿”ã—ã¾ã™ã€‚
+ \param cipher WOLFSSL_CIPHER構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
// gets cipher name in the format DHE_RSA ...
@@ -2507,9 +3337,11 @@ WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€SSLオブジェクト内ã®æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã¨ä½¿ç”¨å¯èƒ½ãªã‚¹ã‚¤ãƒ¼ãƒˆã¨ä¸€è‡´ã—ã¾ã™ã€‚
\return This 関数SuiteãŒä¸€è‡´ã•ã›ãŸString値を返ã—ã¾ã™ã€‚スイートãŒä¸€è‡´ã—ã¦ã„ãªã„å ´åˆã¯ã€Œãªã—ã€ã‚’è¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
#ifdef WOLFSSL_DTLS
@@ -2525,13 +3357,23 @@ const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
\sa wolfSSL_CIPHER_get_name
\sa wolfSSL_get_current_cipher
*/
-const char* wolfSSL_get_cipher(WOLFSSL*);
+const char* wolfSSL_get_cipher(WOLFSSL* ssl);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl構造ã‹ã‚‰ã®wolfssl_sessionã‚’å‚照型ã¨ã—ã¦è¿”ã—ã¾ã™ã€‚ã“ã‚Œã«ã¯ã€wolfssl_session_freeを呼ã³å‡ºã—ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³å‚照を解除ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ wolfssl_sessionã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®å†é–‹ã‚’実行ã™ã‚‹ãŸã‚ã«å¿…è¦ãªã™ã¹ã¦ã®å¿…è¦ãªæƒ…報をå«ã‚€ã“ã¨ã‚’指摘ã—ã€æ–°ã—ã„ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãªã—ã§æŽ¥ç¶šã‚’å†ç¢ºç«‹ã—ã¾ã™ã€‚セッションã®å†é–‹ã®å ´åˆã€wolfssl_shutdown()をセッションオブジェクトã«å‘¼ã³å‡ºã™å‰ã«ã€ã‚¢ãƒ—リケーションã¯ã‚ªãƒ–ジェクトã‹ã‚‰wolfssl_get1_session()を呼ã³å‡ºã—ã¦ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã‚Œã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚後ã§ã€ã‚¢ãƒ—リケーションã¯æ–°ã—ã„WolfSSLオブジェクトを作æˆã—ã€ä¿å­˜ã—ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’wolfssl_set_session()ã«å‰²ã‚Šå½“ã¦ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ã“ã®æ™‚点ã§ã€ã‚¢ãƒ—リケーションã¯wolfssl_connect()を呼ã³å‡ºã—ã€WolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å†é–‹ã—よã†ã¨ã—ã¾ã™ã€‚ WolfSSLサーãƒãƒ¼ã‚³ãƒ¼ãƒ‰ã§ã¯ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®å†é–‹ã‚’許å¯ã—ã¾ã™ã€‚ wolfssl_get1_session()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚ªãƒ–ジェクトã¯ã€ã‚¢ãƒ—リケーションãŒãれを使用ã—ã¦ãれを使用ã—ã¦è§£æ”¾ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL構造体ã‹ã‚‰WOLFSSL_SESSIONã‚’å‚照型ã¨ã—ã¦è¿”ã—ã¾ã™ã€‚
+ ã“ã‚Œã«ã¯ã€wolfSSL_SESSION_freeを呼ã³å‡ºã—ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³å‚照を解除ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ WOLFSSL_SESSIONã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®å†é–‹ã‚’実行ã™ã‚‹ãŸã‚ã«å¿…è¦ãªã™ã¹ã¦ã®å¿…è¦ãªæƒ…報をå«ã¿ã€æ–°ã—ã„ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãªã—ã§æŽ¥ç¶šã‚’å†ç¢ºç«‹ã—ã¾ã™ã€‚
+ セッションã®å†é–‹ã®å ´åˆã€wolfSSL_shutdown()をセッションオブジェクトã«å‘¼ã³å‡ºã™å‰ã«ã€ã‚¢ãƒ—リケーションã¯ã‚ªãƒ–ジェクトã‹ã‚‰wolfssl_get1_session()を呼ã³å‡ºã—ã¦ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã‚Œã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ ãã®å¾Œã€ã‚¢ãƒ—リケーションã¯æ–°ã—ã„WOLFSSLオブジェクトを作æˆã—ã€ä¿å­˜ã—ãŸã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’wolfssl_set_session()ã«å‰²ã‚Šå½“ã¦ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã®æ™‚点ã§ã€ã‚¢ãƒ—リケーションã¯wolfssl_connect()を呼ã³å‡ºã—ã€WolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’å†é–‹ã—よã†ã¨ã—ã¾ã™ã€‚
+ WolfSSLサーãƒãƒ¼ã‚³ãƒ¼ãƒ‰ã§ã¯ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®å†é–‹ã‚’許å¯ã—ã¾ã™ã€‚
+ wolfssl_get1_session()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚ªãƒ–ジェクトã¯ã€ã‚¢ãƒ—リケーションãŒä½¿ç”¨å¾Œã¯è§£æ”¾ã•ã‚Œã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return WOLFSSL_SESSION æˆåŠŸã®å ´åˆã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return NULL SSLãŒNULLã®å ´åˆã€SSLセッションキャッシュãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã€WolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³IDを使用ã§ããªã„ã€ã¾ãŸã¯ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹é–¢æ•°ãŒå¤±æ•—ã—ã¾ã™ã€‚
+ \return NULL sslãŒNULLã®å ´åˆã€SSLセッションキャッシュãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã‚‹å ´åˆã€WolfSSLã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³IDを使用ã§ããªã„ã€ã¾ãŸã¯ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹é–¢æ•°ãŒå¤±æ•—ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl;
@@ -2552,10 +3394,11 @@ const char* wolfSSL_get_cipher(WOLFSSL*);
WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
/*!
- \ingroup Setup
- \brief wolfsslv23_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€SSL 3.0 - TLS 1.3ã®é–“ã§ã‚µãƒ¼ãƒãƒ¼ã§ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„る最高ã®ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚WolfSSLクライアントã¨ã‚µãƒ¼ãƒãƒ¼ã®ä¸¡æ–¹ãŒå …牢ãªãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰æ©Ÿèƒ½ã‚’æŒã£ã¦ã„ã¾ã™ã€‚特定ã®ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ãƒ¡ã‚½ãƒƒãƒ‰ãŒã©ã¡ã‚‰ã®å´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã¿ãŒãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã•ã‚ŒãŸã‚Šã€ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚ãŸã¨ãˆã°ã€TLSV1を使用ã—ã€SSLv3ã®ã¿ã«æŽ¥ç¶šã—よã†ã¨ã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯ã€TLSV1.1ã«æŽ¥ç¶šã—ã¦ã‚‚失敗ã—ã¾ã™ã€‚ã“ã®å•é¡Œã‚’解決ã™ã‚‹ãŸã‚ã«ã€wolfsslv23_client_method()関数を使用ã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯ã€ã‚µãƒ¼ãƒãƒ¼ã§ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„る最高ã®ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã€å¿…è¦ã«å¿œã˜ã¦SSLv3ã«ãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ã“ã®å ´åˆã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯SSLv3 - TLSv1.3を実行ã—ã¦ã„るサーãƒãƒ¼ã«æŽ¥ç¶šã§ãるよã†ã«ãªã‚Šã¾ã™ã€‚
- \return pointer æˆåŠŸã™ã‚‹ã¨ã€wolfssl_methodã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒã‚ã‚Šã¾ã™ã€‚
- \return Failure xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \ingroup Setup
+ \brief wolfsslv23_client_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€SSL 3.0~TLS 1.3ã®é–“ã§ã‚µãƒ¼ãƒãƒ¼ã§ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„る最高ã®ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚WolfSSLクライアントã¨ã‚µãƒ¼ãƒãƒ¼ã®ä¸¡æ–¹ãŒå …牢ãªãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰æ©Ÿèƒ½ã‚’æŒã£ã¦ã„ã¾ã™ã€‚特定ã®ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ãƒ¡ã‚½ãƒƒãƒ‰ãŒã©ã¡ã‚‰ã®å´ã§ä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€ãã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã¿ãŒãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã•ã‚ŒãŸã‚Šã€ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚ãŸã¨ãˆã°ã€TLSV1を使用ã—ã€SSLv3ã®ã¿ã«æŽ¥ç¶šã—よã†ã¨ã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯ã€TLSV1.1ã«æŽ¥ç¶šã—ã¦ã‚‚失敗ã—ã¾ã™ã€‚ã“ã®å•é¡Œã‚’解決ã™ã‚‹ãŸã‚ã«ã€wolfsslv23_client_method()関数を使用ã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯ã€ã‚µãƒ¼ãƒãƒ¼ã§ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„る最高ã®ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã€å¿…è¦ã«å¿œã˜ã¦SSLv3ã«ãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ã“ã®å ´åˆã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯SSLv3 - TLSv1.3を実行ã—ã¦ã„るサーãƒãƒ¼ã«æŽ¥ç¶šã§ãるよã†ã«ãªã‚Šã¾ã™ã€‚
+ \return pointer æˆåŠŸã™ã‚‹ã¨ã€wolfssl_methodã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return Failure xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒENOMEMã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
WOLFSSL_METHOD* method;
@@ -2579,11 +3422,13 @@ WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
WOLFSSL_METHOD* wolfSSLv23_client_method(void);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯ã€å†…部メモリãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã¸ã®ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€å†…部メモリãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã¸ã®ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return size æˆåŠŸã™ã‚‹ã¨ã€ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™
\return SSL_FATAL_ERROR エラーケースã«é­é‡ã—ãŸå ´åˆ
- \param bio ã®ãƒ¡ãƒ¢ãƒªãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®wolfssl_bio構造。
+ \param bio ã®ãƒ¡ãƒ¢ãƒªãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造体。
+ \param p メモリãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2601,11 +3446,13 @@ WOLFSSL_METHOD* wolfSSLv23_client_method(void);
int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p);
/*!
- \ingroup IO
+ \ingroup IO
\brief 使用ã™ã‚‹BIOã®ãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ã‚’設定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS(1) æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS(1) æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\param bio FDを設定ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造。
\param fd 使用ã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«è¨˜è¿°å­ã€‚
+ \param closeF fdをクローズã™ã‚‹éš›ã®ãµã‚‹ã¾ã„を指定ã™ã‚‹ãƒ•ãƒ©ã‚°
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2619,10 +3466,12 @@ int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p);
long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
/*!
- \ingroup IO
- \brief BIOãŒè§£æ”¾ã•ã‚ŒãŸã¨ãã«I / Oストリームを閉ã˜ã‚‹å¿…è¦ãŒã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ã‚¯ãƒ­ãƒ¼ã‚ºãƒ•ãƒ©ã‚°ã‚’設定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS(1) æˆåŠŸã™ã‚‹ã¨ã€‚
- \param bio wolfssl_bio構造体。
+ \ingroup IO
+ \brief BIOãŒè§£æ”¾ã•ã‚ŒãŸã¨ãã«I/Oストリームを閉ã˜ã‚‹å¿…è¦ãŒã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ã‚¯ãƒ­ãƒ¼ã‚ºãƒ•ãƒ©ã‚°ã‚’設定ã—ã¾ã™ã€‚
+ \return SSL_SUCCESS(1) æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param bio WOLFSSL_BIO構造体。
+ \param flag I/Oストリームを閉ã˜ã‚‹å¿…è¦ãŒã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹ã‚¯ãƒ­ãƒ¼ã‚ºãƒ•ãƒ©ã‚°
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2635,9 +3484,10 @@ long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯Bio_Socketタイプã®wolfssl_bio_methodã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \return WOLFSSL_BIO_METHOD ソケットタイプã§ã‚ã‚‹wolfssl_bio_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯BIO_SOCKETタイプã®WOLFSSL_BIO_METHODã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_BIO_METHOD ソケットタイプã§ã‚ã‚‹WOLFSSL_BIO_METHOD構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2649,11 +3499,15 @@ int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag);
WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯ã€WolfSSL_BIOã®ãƒ©ã‚¤ãƒˆãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚書ãè¾¼ã¿ãƒãƒƒãƒ•ã‚¡ãŒä»¥å‰ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯ã‚µã‚¤ã‚ºã‚’リセットã™ã‚‹ã¨ãã«è§£æ”¾ã•ã‚Œã¾ã™ã€‚読ã¿æ›¸ãインデックスを0ã«ãƒªã‚»ãƒƒãƒˆã™ã‚‹ã¨ã„ã†ç‚¹ã§ã€wolfssl_bio_resetã«ä¼¼ã¦ã„ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_BIOã®ãƒ©ã‚¤ãƒˆãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 書ãè¾¼ã¿ãƒãƒƒãƒ•ã‚¡ãŒä»¥å‰ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯ã‚µã‚¤ã‚ºã‚’リセットã™ã‚‹ã¨ãã«è§£æ”¾ã•ã‚Œã¾ã™ã€‚
+ 読ã¿æ›¸ãインデックスを0ã«ãƒªã‚»ãƒƒãƒˆã™ã‚‹ã¨ã„ã†ç‚¹ã§ã€wolfSSL_BIO_resetã«ä¼¼ã¦ã„ã¾ã™ã€‚
\return SSL_SUCCESS 書ãè¾¼ã¿ãƒãƒƒãƒ•ã‚¡ã®è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
\param bio FDを設定ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造。
+ \param size ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2669,11 +3523,13 @@ WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void);
int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã‚Œã¯2ã¤ã®BIOSを一緒ã«ãƒšã‚¢ãƒªãƒ³ã‚°ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚一対ã®BIOSã¯ã€2ã¤ã®æ–¹æ³•ãƒ‘イプã¨åŒæ§˜ã«ã€ä»–æ–¹ã§èª­ã¿å–られるã“ã¨ãŒã§ãã€ãã®é€†ã‚‚åŒæ§˜ã§ã‚る。BIOSã®ä¸¡æ–¹ãŒåŒã˜ã‚¹ãƒ¬ãƒƒãƒ‰å†…ã«ã‚ã‚‹ã“ã¨ãŒäºˆæƒ³ã•ã‚Œã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã‚¹ãƒ¬ãƒƒãƒ‰ã‚»ãƒ¼ãƒ•ã§ã¯ã‚ã‚Šã¾ã›ã‚“。2ã¤ã®BIOSã®ã†ã¡ã®1ã¤ã‚’解放ã™ã‚‹ã¨ã€ä¸¡æ–¹ã¨ã‚‚ペアã«ãªã£ã¦ã„ã¾ã™ã€‚書ãè¾¼ã¿ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒä»¥å‰ã«è¨­å®šã•ã‚Œã¦ã„ãªã„å ´åˆã€ãã‚Œã¯ãƒšã‚¢ã«ãªã‚‹å‰ã«17000(wolfssl_bio_size)ã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã‚µã‚¤ã‚ºã«è¨­å®šã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 2ã¤ã®BIOSã‚’ã†ã¾ãペアリングã—ã¾ã™ã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
- \param b1 ペアを設定ã™ã‚‹ãŸã‚ã®wolfssl_bio構造。
+ \param b1 ペアを設定ã™ã‚‹ãŸã‚ã®ç¬¬ä¸€ã®WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param b2 第二ã®ã®WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2691,10 +3547,12 @@ int wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size);
int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯ã€èª­ã¿å–ã‚Šè¦æ±‚フラグを0ã«æˆ»ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€èª­ã¿å–ã‚Šè¦æ±‚フラグを0ã«æˆ»ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 値を正常ã«è¨­å®šã—ã¾ã™ã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
+ \param bio WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2706,13 +3564,17 @@ int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
\sa wolfSSL_BIO_new, wolfSSL_BIO_s_mem
\sa wolfSSL_BIO_new, wolfSSL_BIO_free
*/
-int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
+int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO * bio);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯ã€èª­ã¿å–り用ã®ãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚WOLFSSL_BIO_NREADã¨ã¯ç•°ãªã‚Šã€å†…部読ã¿å–りインデックスã¯é–¢æ•°å‘¼ã³å‡ºã—ã‹ã‚‰è¿”ã•ã‚ŒãŸç•ªå·ã«ã‚ˆã£ã¦é«˜åº¦ã«ã¯ãªã‚Šã¾ã›ã‚“。返ã•ã‚Œã‚‹å€¤ã‚’超ãˆã¦èª­ã¿å–ã‚‹ã¨ã€ã‚¢ãƒ¬ã‚¤ã®å¢ƒç•Œã‹ã‚‰èª­ã¿å‡ºã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup IO
+ \bri f ã“ã®é–¢æ•°ã¯ã€èª­ã¿å–り用ã®ãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ wolfSSL_BIO_nreadã¨ã¯ç•°ãªã‚Šã€å†…部読ã¿å–りインデックスã¯é–¢æ•°å‘¼ã³å‡ºã—ã‹ã‚‰è¿”ã•ã‚ŒãŸã‚µã‚¤ã‚ºåˆ†é€²ã¿ã¾ã›ã‚“。
+ è¿”ã•ã‚Œã‚‹å€¤ã‚’超ãˆã¦èª­ã¿å–ã‚‹ã¨ã€ã‚¢ãƒ¬ã‚¤ã®å¢ƒç•Œã‹ã‚‰èª­ã¿å‡ºã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return >=0 æˆåŠŸã™ã‚‹ã¨ã€èª­ã¿å–ã‚‹ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™
- \param bio wolfssl_bio構造体ã‹ã‚‰èª­ã¿å–り。
+ \param bio WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param buf 読ã¿å–り用ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2729,12 +3591,17 @@ int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯ã€èª­ã¿å–り用ã®ãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚内部読ã¿å–りインデックスã¯ã€èª­ã¿å–ã‚Šå…ƒã®ãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã«æŒ‡ã•ã‚Œã¦ã„ã‚‹BUFを使用ã—ã¦ã€é–¢æ•°å‘¼ã³å‡ºã—ã‹ã‚‰è¿”ã•ã‚Œã‚‹æ•°ã«ã‚ˆã£ã¦é«˜åº¦ã§ã™ã€‚æ•°numã§è¦æ±‚ã•ã‚ŒãŸå€¤ã‚ˆã‚Šã‚‚ãƒã‚¤ãƒˆãŒå°‘ãªã„å ´åˆã€ã‚ˆã‚Šå°‘ãªã„値ãŒè¿”ã•ã‚Œã¾ã™ã€‚è¿”ã•ã‚Œã‚‹å€¤ã‚’超ãˆã¦èª­ã¿å–ã‚‹ã¨ã€ã‚¢ãƒ¬ã‚¤ã®å¢ƒç•Œã‹ã‚‰èª­ã¿å‡ºã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup IO
+ \biieã‚Œã¯ã€ã“ã®é–¢æ•°ã¯ã€èª­ã¿å–り用ã®ãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ 内部読ã¿å–りインデックスã¯ã€èª­ã¿å–ã‚Šå…ƒã®ãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã«æŒ‡ã•ã‚Œã¦ã„ã‚‹BUFを使用ã—ã¦ã€é–¢æ•°å‘¼ã³å‡ºã—ã‹ã‚‰è¿”ã•ã‚Œã‚‹ã‚µã‚¤ã‚ºåˆ†é€²ã¿ã¾ã™ã€‚
+ æ•°numã§è¦æ±‚ã•ã‚ŒãŸå€¤ã‚ˆã‚Šã‚‚ãƒã‚¤ãƒˆãŒå°‘ãªã„å ´åˆã€ã‚ˆã‚Šå°‘ãªã„値ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ è¿”ã•ã‚Œã‚‹å€¤ã‚’超ãˆã¦èª­ã¿å–ã‚‹ã¨ã€ã‚¢ãƒ¬ã‚¤ã®å¢ƒç•Œã‹ã‚‰èª­ã¿å‡ºã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return >=0 æˆåŠŸã™ã‚‹ã¨ã€èª­ã¿å–ã‚‹ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™
\return WOLFSSL_BIO_ERROR(-1) Return -1を読むもã®ã§ã¯ãªã„エラーケースã«ã¤ã„ã¦
- \param bio wolfssl_bio構造体ã‹ã‚‰èª­ã¿å–り。
+ \param bio WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buf 読ã¿å–ã‚Šé…列ã®å…ˆé ­ã«è¨­å®šã™ã‚‹ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param num 読ã¿å–りサイズ
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2752,13 +3619,16 @@ int wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf);
int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num);
/*!
- \ingroup IO
- \brief 関数ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã‚‹æ•°ã®ãƒã‚¤ãƒˆã‚’書ã込むãŸã‚ã«ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã—ã¾ã™ã€‚è¿”ã•ã‚Œã‚‹ãƒã‚¤ãƒ³ã‚¿ã«è¿½åŠ ã®ãƒã‚¤ãƒˆã‚’書ã込んã å ´åˆã€è¿”ã•ã‚ŒãŸå€¤ã¯ç¯„囲外ã®æ›¸ãè¾¼ã¿ã«ã¤ãªãŒã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup IO
+ \brief 関数ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã‚‹æ•°ã®ãƒã‚¤ãƒˆã‚’書ã込むãŸã‚ã«ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã—ã¾ã™ã€‚
+ è¿”ã•ã‚Œã‚‹ãƒã‚¤ãƒ³ã‚¿ã«è¿½åŠ ã®ãƒã‚¤ãƒˆã‚’書ã込んã å ´åˆã€è¿”ã•ã‚ŒãŸå€¤ã¯ç¯„囲外ã®æ›¸ãè¾¼ã¿ã«ã¤ãªãŒã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return int è¿”ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿ã«æ›¸ã込むã“ã¨ãŒã§ãã‚‹ãƒã‚¤ãƒˆæ•°ã‚’è¿”ã—ã¾ã™ã€‚
\return WOLFSSL_BIO_UNSET(-2) ãƒã‚¤ã‚ªãƒšã‚¢ã®ä¸€éƒ¨ã§ã¯ãªã„å ´åˆ
\return WOLFSSL_BIO_ERROR(-1) ã«æ›¸ãã¹ã部屋ãŒã“れ以上ãªã„å ´åˆ
\param bio WOLFSSL_BIO構造ã«æ›¸ã込む構造。
\param buf 書ã込むãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param num 書ãè¾¼ã¿ãŸã„サイズ
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2776,10 +3646,12 @@ int wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num);
int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num);
/*!
- \ingroup IO
+ \ingroup IO
\brief ãƒã‚¤ã‚ªã‚’åˆæœŸçŠ¶æ…‹ã«ãƒªã‚»ãƒƒãƒˆã—ã¾ã™ã€‚タイプBIO_BIOã®ä¾‹ã¨ã—ã¦ã€ã“ã‚Œã¯èª­ã¿æ›¸ãインデックスをリセットã—ã¾ã™ã€‚
\return 0 ãƒã‚¤ã‚ªã®ãƒªã‚»ãƒƒãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return WOLFSSL_BIO_ERROR(-1) ä¸è‰¯å…¥åŠ›ã¾ãŸã¯å¤±æ•—ã—ãŸãƒªã‚»ãƒƒãƒˆã§è¿”ã•ã‚Œã¾ã™ã€‚
+ \param bio WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2793,11 +3665,13 @@ int wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num);
int wolfSSL_BIO_reset(WOLFSSL_BIO *bio);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€æŒ‡å®šã•ã‚ŒãŸã‚ªãƒ•ã‚»ãƒƒãƒˆã¸ã®ãƒ•ã‚¡ã‚¤ãƒ«ãƒã‚¤ãƒ³ã‚¿ã‚’調整ã—ã¾ã™ã€‚ã“ã‚Œã¯ãƒ•ã‚¡ã‚¤ãƒ«ã®å…ˆé ­ã‹ã‚‰ã®ã‚ªãƒ•ã‚»ãƒƒãƒˆã§ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€æŒ‡å®šã•ã‚ŒãŸã‚ªãƒ•ã‚»ãƒƒãƒˆã¸ãƒ•ã‚¡ã‚¤ãƒ«ãƒã‚¤ãƒ³ã‚¿ã‚’調整ã—ã¾ã™ã€‚ã“ã‚Œã¯ãƒ•ã‚¡ã‚¤ãƒ«ã®å…ˆé ­ã‹ã‚‰ã®ã‚ªãƒ•ã‚»ãƒƒãƒˆã§ã™ã€‚
\return 0 正常ã«æŽ¢ã—ã¦ã„ã¾ã™ã€‚
\return -1 エラーケースã«é­é‡ã—ãŸå ´åˆ
- \param bio 設定ã™ã‚‹wolfssl_bio構造体。
+ \param bio 設定ã™ã‚‹WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ofs ファイルã®å…ˆé ­ã‹ã‚‰ã®ã‚ªãƒ•ã‚»ãƒƒãƒˆ
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2817,11 +3691,13 @@ int wolfSSL_BIO_reset(WOLFSSL_BIO *bio);
int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã‚Œã¯ãƒ•ã‚¡ã‚¤ãƒ«ã«è¨­å®šãŠã‚ˆã³æ›¸ã込むãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ç¾åœ¨ãƒ•ã‚¡ã‚¤ãƒ«å†…ã®ãƒ‡ãƒ¼ã‚¿ã‚’上書ãã—ã€BIOãŒè§£æ”¾ã•ã‚ŒãŸã¨ãã«ãƒ•ã‚¡ã‚¤ãƒ«ã‚’é–‰ã˜ã‚‹ã‚ˆã†ã«è¨­å®šã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS ファイルã®é–‹ãã¨è¨­å®šã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
- \param bio ファイルを設定ã™ã‚‹wolfssl_bio構造体。
+ \param bio ファイルを設定ã™ã‚‹WOLFSSL_BIO構造体体。
+ \param name 書ãè¾¼ã¿å…ˆãƒ•ã‚¡ã‚¤ãƒ«åã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2838,10 +3714,12 @@ int wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs);
int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã‚Œã¯ãƒ•ã‚¡ã‚¤ãƒ«å€¤ã®çµ‚ã‚りを設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚一般的ãªå€¤ã¯äºˆæƒ³ã•ã‚Œã‚‹æ­£ã®å€¤ã¨æ··åŒã•ã‚Œãªã„よã†ã«-1ã§ã™ã€‚
\return 0 完了ã«æˆ»ã‚Šã¾ã—ãŸ
- \param bio ファイル値ã®çµ‚ã‚りを設定ã™ã‚‹ãŸã‚ã®wolfssl_bio構造体。
+ \param bio ファイル値ã®çµ‚ã‚りを設定ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造体体。
+ \param v bioã«ã‚»ãƒƒãƒˆã™ã‚‹å€¤ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2858,11 +3736,13 @@ int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã‚Œã¯WolfSSL_BIOメモリãƒã‚¤ãƒ³ã‚¿ã®ã‚²ãƒƒã‚¿ãƒ¼é–¢æ•°ã§ã™ã€‚
\return SSL_SUCCESS ãƒã‚¤ãƒ³ã‚¿SSL_SUCCESSã‚’è¿”ã™æ­£å¸¸ã«ï¼ˆç¾åœ¨1ã®å€¤ï¼‰ã€‚
- \return SSL_FAILURE null引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆï¼ˆç¾åœ¨0ã®å€¤ï¼‰ã«æ¸¡ã•ã‚ŒãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FAILURE null引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆï¼ˆç¾åœ¨0ã®å€¤ï¼‰ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param bio メモリãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ptr WOLFSSL_BUF_MEM構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ï¼ˆç¾åœ¨ã¯char*ã¨ãªã£ã¦ã„る)
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -2877,11 +3757,13 @@ long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯X509ã®åå‰ã‚’ãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
- \return A WOLFSSL_X509_NAME構造åメンãƒãƒ¼ã®ãƒ‡ãƒ¼ã‚¿ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã€ãƒãƒƒãƒ•ã‚¡ã¸ã®POINTER found struffer nameメンãƒãƒ¼ã®ãƒ‡ãƒ¼ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return A WOLFSSL_X509_NAME構造åメンãƒãƒ¼ã®ãƒ‡ãƒ¼ã‚¿ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã€nameメンãƒãƒ¼ã®ãƒ‡ãƒ¼ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\param name wolfssl_x509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param in wolfssl_x509_name構造ã‹ã‚‰ã‚³ãƒ”ーã•ã‚ŒãŸåå‰ã‚’ä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param in WOLFSSL_X509_NAME構造体ã‹ã‚‰ã‚³ãƒ”ーã•ã‚ŒãŸåå‰ã‚’ä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+ \param sz ãƒãƒƒãƒ•ã‚¡ã®æœ€å¤§ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL_X509 x509;
@@ -2902,10 +3784,12 @@ long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ç™ºè¡Œè€…ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚
\return point WOLFSSL_X509構造体ã®ç™ºè¡Œè€…メンãƒãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return NULL 渡ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ãŒNULLã®å ´åˆ
+ \param cert WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509* x509;
@@ -2924,12 +3808,14 @@ char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
\sa wolfSSL_get_peer_certificate
\sa wolfSSL_X509_NAME_oneline
*/
-WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_x509構造ã®ä»¶åメンãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
\return pointer wolfssl_x509_name構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚WOLFSSL_X509構造体ãŒNULLã®å ´åˆã€ã¾ãŸã¯æ§‹é€ ä½“ã®ä»¶åメンãƒãƒ¼ãŒNULLã®å ´åˆã€ãƒã‚¤ãƒ³ã‚¿ã¯NULLã«ãªã‚‹ã“ã¨ãŒã‚ã‚Šã¾ã™ã€‚
+ \param cert WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509* cert;
@@ -2944,13 +3830,15 @@ WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
\sa wolfSSL_X509_get_isCA
\sa wolfSSL_get_peer_certificate
*/
-WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert);
/*!
- \ingroup CertsKeys
- \brief wolfssl_x509構造ã®ISCAメンãƒãƒ¼ã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦å€¤ã‚’è¿”ã—ã¾ã™ã€‚
- \return isCA wolfssl_x509構造ã®ISCAメンãƒãƒ¼å†…ã®å€¤ã‚’è¿”ã—ã¾ã™ã€‚
- \return 0 有効ãªX509構造ãŒæ¸¡ã•ã‚Œãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief WOLFSSL_X509構造体ã®isCaメンãƒãƒ¼ã‚’ãƒã‚§ãƒƒã‚¯ã—ã¦å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+ \return isCA WOLFSSL_X509構造体ã®isCaメンãƒãƒ¼ã®å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+ \return 0 有効ãªWOLFSSL_X509構造体ãŒæ¸¡ã•ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param cert WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl;
@@ -2967,15 +3855,17 @@ WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
\sa wolfSSL_X509_get_issuer_name
\sa wolfSSL_X509_get_isCA
*/
-int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
+int wolfSSL_X509_get_isCA(WOLFSSL_X509* cert);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€æ¸¡ã•ã‚ŒãŸNID値ã«é–¢é€£ã™ã‚‹ãƒ†ã‚­ã‚¹ãƒˆã‚’å–å¾—ã—ã¾ã™ã€‚
\return int テキストãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
\param name wolfssl_x509_nameテキストを検索ã™ã‚‹ã€‚
\param nid 検索ã™ã‚‹NID。
\param buf 見ã¤ã‹ã£ãŸã¨ãã«ãƒ†ã‚­ã‚¹ãƒˆã‚’ä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
+ \param len ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
_Example_
\code
WOLFSSL_X509_NAME* name;
@@ -2994,10 +3884,12 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
char* buf, int len);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_x509構造ã®Sigoidメンãƒãƒ¼ã«æ ¼ç´ã•ã‚Œã¦ã„る値を返ã—ã¾ã™ã€‚
- \return 0 wolfssl_x509構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_X509構造体ã®sigOIDメンãƒãƒ¼ã«æ ¼ç´ã•ã‚Œã¦ã„る値を返ã—ã¾ã™ã€‚
+ \return 0 WOLFSSL_X509構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return int x509オブジェクトã‹ã‚‰å–å¾—ã•ã‚ŒãŸæ•´æ•°å€¤ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param cert WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -3017,10 +3909,13 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
\sa wolfSSL_X509_notAfter
\sa wolfSSL_X509_free
*/
-int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
+int wolfSSL_X509_get_signature_type(WOLFSSL_X509* cert);
/*!
- \brief
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSL_X509構造体を解放ã—ã¾ã™ã€‚
+ \return ãªã—
+ \param x509 WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -3039,12 +3934,14 @@ int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
void wolfSSL_X509_free(WOLFSSL_X509* x509);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief x509ç½²åã‚’å–å¾—ã—ã€ãれをãƒãƒƒãƒ•ã‚¡ã«ä¿å­˜ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ç½²åãŒãƒãƒƒãƒ•ã‚¡ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã¾ã™ã€‚
\return SSL_FATAL_ERRROR X509構造体ã¾ãŸã¯BUFSZメンãƒãƒ¼ãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚SIG構造ã®é•·ã•ãƒ¡ãƒ³ãƒã®ãƒã‚§ãƒƒã‚¯ã‚‚ã‚る(SIGã¯X509ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã‚る)。
\param x509 wolfssl_x509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buf ãƒãƒƒãƒ•ã‚¡ã¸ã®æ–‡å­—ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param bufSz ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹int型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -3065,11 +3962,13 @@ void wolfSSL_X509_free(WOLFSSL_X509* x509);
int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, unsigned char* buf, int* bufSz);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_x509_stre構造ã«è¨¼æ˜Žæ›¸ã‚’追加ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_X509_STRE構造体ã«è¨¼æ˜Žæ›¸ã‚’追加ã—ã¾ã™ã€‚
\return SSL_SUCCESS 証明書ãŒæ­£å¸¸ã«è¿½åŠ ã•ã‚ŒãŸå ´åˆã€‚
\return SSL_FATAL_ERROR: 証明書ãŒæ­£å¸¸ã«è¿½åŠ ã•ã‚Œãªã„å ´åˆ
\param str 証明書を追加ã™ã‚‹è¨¼æ˜Žæ›¸ã‚¹ãƒˆã‚¢ã€‚
+ \param x509 追加ã™ã‚‹WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509_STORE* str;
@@ -3083,10 +3982,12 @@ int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, unsigned char* buf, int* bufS
int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_x509_store_ctx構造体ã®ãƒã‚§ãƒ¼ãƒ³å¤‰æ•°ã®getter関数ã§ã™ã€‚ç¾åœ¨ãƒã‚§ãƒ¼ãƒ³ã¯å–ã‚Šè¾¼ã¾ã‚Œã¦ã„ã¾ã›ã‚“。
- \return pointer æˆåŠŸã—ãŸå ´åˆwolfssl_stack(stack_of(wolfssl_x509))ãƒã‚¤ãƒ³ã‚¿ã¨åŒã˜
- \return Null 失敗ã™ã‚‹ã¨
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_X509_STORE_CTX構造体ã®ãƒã‚§ãƒ¼ãƒ³å¤‰æ•°ã®getter関数ã§ã™ã€‚ç¾åœ¨ãƒã‚§ãƒ¼ãƒ³ã¯å–ã‚Šè¾¼ã¾ã‚Œã¦ã„ã¾ã›ã‚“。
+ \return pointer æˆåŠŸã—ãŸå ´åˆWOLFSSL_STACK(STACK_OF(WOLFSSL_X509))ãƒã‚¤ãƒ³ã‚¿ã¨åŒã˜
+ \return Null 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx WOLFSSL_X509_STORE_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_STACK* sk;
@@ -3100,11 +4001,13 @@ WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain(
WOLFSSL_X509_STORE_CTX* ctx);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€æ¸¡ã•ã‚ŒãŸwolfssl_x509_store構造体ã®å‹•ä½œã‚’変更ã™ã‚‹ãŸã‚ã®ãƒ•ãƒ©ã‚°ã‚’å–ã‚Šã¾ã™ã€‚使用ã•ã‚Œã‚‹ãƒ•ãƒ©ã‚°ã®ä¾‹ã¯wolfssl_crl_checkã§ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€æ¸¡ã•ã‚ŒãŸWOLFSSL_X509_STORE構造体ã®å‹•ä½œã‚’変更ã™ã‚‹ãŸã‚ã®ãƒ•ãƒ©ã‚°ã‚’å–ã‚Šã¾ã™ã€‚使用ã•ã‚Œã‚‹ãƒ•ãƒ©ã‚°ã®ä¾‹ã¯WOLFSSL_CRL_CHECKã§ã™ã€‚
\return SSL_SUCCESS フラグを設定ã™ã‚‹ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãªã‹ã£ãŸå ´åˆã€‚
\return <0 障害ã®éš›ã«è² ã®å€¤ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\param str フラグを設定ã™ã‚‹è¨¼æ˜Žæ›¸ã‚¹ãƒˆã‚¢ã€‚
+ \param flag フラグ
+
_Example_
\code
WOLFSSL_X509_STORE* str;
@@ -3122,10 +4025,12 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
unsigned long flag);
/*!
- \ingroup CertsKeys
- \brief ã“ã‚Œã¯ã€BYTEアレイã¨ã—ã¦ç¬¦å·åŒ–ã•ã‚ŒãŸæœ‰åŠ¹æ€§ã®è¨¼æ˜Žæ›¸ã€ŒNOT BEFISEã€ã‚’機能ã—ã¾ã™ã€‚
- \return NULL wolfssl_x509構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return byte NetBeforEdataã‚’å«ã‚€è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯BYTEアレイã¨ã—ã¦ç¬¦å·åŒ–ã•ã‚ŒãŸ"not before"è¦ç´ ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL WOLFSSL_X509構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return byte NetBeforEdataã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param x509 WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -3145,10 +4050,12 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509);
/*!
- \ingroup CertsKeys
- \brief ã“ã‚Œã¯ã€BYTEé…列ã¨ã—ã¦ç¬¦å·åŒ–ã•ã‚ŒãŸæœ‰åŠ¹æ€§ã®è¨¼æ˜Žæ›¸ã€Œæœªå‡¦ç†ã€ã‚’機能ã—ã¾ã™ã€‚
- \return NULL wolfssl_x509構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return byte NOTAFTERDATAã‚’å«ã‚€è¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€BYTEé…列ã¨ã—ã¦ç¬¦å·åŒ–ã•ã‚ŒãŸ"not after"è¦ç´ ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL WOLFSSL_X509構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return byte notAfterDataã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param x509 WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -3168,11 +4075,15 @@ const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509);
const byte* wolfSSL_X509_notAfter(WOLFSSL_X509* x509);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_asn1_integer値をwolfssl_bignum構造ã«ã‚³ãƒ”ーã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \return pointer wolfssl_asn1_integer値を正常ã«ã‚³ãƒ”ーã™ã‚‹ã¨ã€wolfssl_bignumãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \return Null 失敗ã™ã‚‹ã¨ã€‚
- \param ai wolfssl asn1_integer構造体ã‹ã‚‰ã‚³ãƒ”ーã™ã‚‹ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_ASN1_INTEGER値をWOLFSSL_BIGNUM構造体ã«ã‚³ãƒ”ーã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \return pointer WOLFSSL_ASN1_INTEGER値を正常ã«ã‚³ãƒ”ーã™ã‚‹ã¨ã€WOLFSSL_BIGNUMãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return Null 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ai WOLFSSL_ASN1_INTEGER構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param bn ã‚‚ã—ã€æ—¢å­˜ã®WOLFSSL_BIGNUM構造体ã«ã‚³ãƒ”ーã—ãŸã„å ´åˆãã®ãƒã‚¤ãƒ³ã‚¿ã‚’ã“ã®å¼•æ•°ã§æŒ‡å®šã—ã¾ã™ã€‚
+ NULLを指定ã™ã‚‹ã¨æ–°ãŸã«WOLFSSL_BIGNUM構造体ãŒç”Ÿæˆã•ã‚Œã¦ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+
+
_Example_
\code
WOLFSSL_ASN1_INTEGER* ai;
@@ -3190,11 +4101,13 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
WOLFSSL_BIGNUM *bn);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造ã§æ§‹ç¯‰ã•ã‚Œã¦ã„る内部ãƒã‚§ãƒ¼ãƒ³ã«è¨¼æ˜Žæ›¸ã‚’追加ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造ã§æ§‹ç¯‰ã•ã‚Œã¦ã„る内部ãƒã‚§ãƒ¼ãƒ³ã«è¨¼æ˜Žæ›¸ã‚’追加ã—ã¾ã™ã€‚
\return SSL_SUCCESS 証明書ã®è¿½åŠ ã«æˆåŠŸã—ãŸã‚‰ã€‚
\return SSL_FAILURE ãƒã‚§ãƒ¼ãƒ³ã«è¨¼æ˜Žæ›¸ã‚’追加ã™ã‚‹ã“ã¨ãŒå¤±æ•—ã—ãŸå ´åˆã€‚
- \param ctx 証明書を追加ã™ã‚‹ãŸã‚ã®wolfssl_ctx構造。
+ \param ctx 証明書を追加ã™ã‚‹ãŸã‚ã®WOLFSSL_CTX構造。
+ \param x509 WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -3210,10 +4123,12 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造ã‹ã‚‰Get Read Hapeフラグを返ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造ã‹ã‚‰Get Read Hapeフラグを返ã—ã¾ã™ã€‚
\return flag æˆåŠŸã™ã‚‹ã¨ã€èª­ã¿å–ã‚Šå…ˆã®ãƒ•ãƒ©ã‚°ã‚’è¿”ã—ã¾ã™ã€‚
\return SSL_FAILURE ctxãŒnullã®å ´åˆã€ssl_failureãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx WOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -3226,13 +4141,16 @@ long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
\sa wolfSSL_CTX_free
\sa wolfSSL_CTX_set_read_ahead
*/
-int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
+int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX* ctx);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造内ã®èª­ã¿å‡ºã—å…ˆã®ãƒ•ãƒ©ã‚°ã‚’設定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS CTXãŒå…ˆèª­ã¿ãƒ•ãƒ©ã‚°ã‚’設定ã—ãŸå ´åˆã€‚
- \return SSL_FAILURE ctxãŒnullã®å ´åˆã€ssl_failureãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造内ã®èª­ã¿å‡ºã—å…ˆã®ãƒ•ãƒ©ã‚°ã‚’設定ã—ã¾ã™ã€‚
+ \return SSL_SUCCESS ctxãŒå…ˆèª­ã¿ãƒ•ãƒ©ã‚°ã‚’設定ã—ãŸå ´åˆã€‚
+ \return SSL_FAILURE ctxãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx WOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param v 先読ã¿ãƒ•ãƒ©ã‚°
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -3249,11 +4167,13 @@ int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx, int v);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯OCSPã§ä½¿ç”¨ã™ã‚‹ã‚ªãƒ—ション引数を設定ã—ã¾ã™ã€‚
\return SSL_FAILURE CTXã¾ãŸã¯ITã®CERT ManagerãŒNULLã®å ´åˆã€‚
\return SSL_SUCCESS 正常ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€‚
- \param ctx wolfssl_ctx構造ユーザー引数を設定ã™ã‚‹ãŸã‚ã®æ§‹é€ ã€‚
+ \param ctx WOLFSSL_CTX構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param arg ユーザー引数
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -3270,11 +4190,13 @@ int wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx, int v);
long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX* ctx, void* arg);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€PRFコールãƒãƒƒã‚¯ã«æ¸¡ã™ã‚ªãƒ—ションã®å¼•æ•°ã‚’設定ã—ã¾ã™ã€‚
\return SSL_FAILURE CTXãŒNULLã®å ´åˆ
\return SSL_SUCCESS 正常ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã€‚
- \param ctx wolfssl_ctx構造ユーザー引数を設定ã™ã‚‹ãŸã‚ã®æ§‹é€ ã€‚
+ \param ctx WOLFSSL_CTX構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param arg ユーザー引数
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -3291,10 +4213,21 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
WOLFSSL_CTX* ctx, void* arg);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€SSLã®ã‚ªãƒ—ションマスクを設定ã—ã¾ã™ã€‚ã„ãã¤ã‹ã®æœ‰åŠ¹ãªã‚ªãƒ—ションã¯ã€ssl_op_allã€ssl_op_cookie_exchangeã€ssl_op_no_sslv2ã€ssl_op_no_sslv3ã€ssl_op_no_tlsv1_1ã€ssl_op_no_tlsv1_2ã€ssl_op_no_compressionã§ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€SSLã®ã‚ªãƒ—ションマスクを設定ã—ã¾ã™ã€‚
+ ã„ãã¤ã‹ã®æœ‰åŠ¹ãªã‚ªãƒ—ションã¯ã€ssl_op_allã€ssl_op_cookie_exchangeã€ssl_op_no_sslv2ã€ssl_op_no_sslv3ã€ssl_op_no_tlsv1_1ã€ssl_op_no_tlsv1_2ã€ssl_op_no_compressionã§ã™ã€‚
\return val SSLã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹æ›´æ–°ã•ã‚ŒãŸã‚ªãƒ—ションマスク値を返ã—ã¾ã™ã€‚
\param s オプションマスクを設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
+ \param op オプションマスク。以下ã®å€¤ãŒæŒ‡å®šå¯èƒ½ã§ã™ï¼š<br>
+ SSL_OP_ALL<br>
+ SSL_OP_COOKIE_EXCHANGE<br>
+ SSL_OP_NO_SSLv2<br>
+ SSL_OP_NO_SSLv3<br>
+ SSL_OP_NO_TLSv1<br>
+ SSL_OP_NO_TLSv1_1<br>
+ SSL_OP_NO_TLSv1_2<br>
+ SSL_OP_NO_COMPRESSION<br>
+
_Example_
\code
WOLFSSL* ssl;
@@ -3310,9 +4243,11 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
long wolfSSL_set_options(WOLFSSL *s, long op);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ç¾åœ¨ã®ã‚ªãƒ—ションマスクを返ã—ã¾ã™ã€‚
\return val SSLã«æ ¼ç´ã•ã‚Œã¦ã„るマスク値を返ã—ã¾ã™ã€‚
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl;
@@ -3324,14 +4259,16 @@ long wolfSSL_set_options(WOLFSSL *s, long op);
\sa wolfSSL_free
\sa wolfSSL_set_options
*/
-long wolfSSL_get_options(const WOLFSSL *s);
+long wolfSSL_get_options(const WOLFSSL *ssl);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€æ¸¡ã•ã‚ŒãŸãƒ‡ãƒãƒƒã‚°å¼•æ•°ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS 設定ã®æˆåŠŸã—ãŸå¼•æ•°ã«ã¤ã„ã¦ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€æ¸¡ã•ã‚ŒãŸãƒ‡ãƒãƒƒã‚°å¼•æ•°ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE NULL SSLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚
\param ssl 引数を設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
+ \param arg デãƒãƒƒã‚°å¼•æ•°
+
_Example_
\code
WOLFSSL* ssl;
@@ -3344,14 +4281,16 @@ long wolfSSL_get_options(const WOLFSSL *s);
\sa wolfSSL_new
\sa wolfSSL_free
*/
-long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
+long wolfSSL_set_tlsext_debug_arg(WOLFSSL *ssl, void *arg);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief ã“ã®é–¢æ•°ã¯ã€ã‚µãƒ¼ãƒãŒOCSPステータス応答(OCSPステイプルã¨ã‚‚呼ã°ã‚Œã‚‹ï¼‰ã‚’é€å—ä¿¡ã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚¢ãƒ—リケーションãŒè¦æ±‚ã•ã‚ŒãŸã¨ãã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \return 1 æˆåŠŸã™ã‚‹ã¨ã€‚
- \return 0 エラー時ã«ã€‚
- \param s ssl_new()関数ã«ã‚ˆã£ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \return 1 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return 0 エラー時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param s ssl_new()関数ã«ã‚ˆã£ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param type ssl拡張タイプ。TLSEXT_STATUSTYPE_ocspã®ã¿æŒ‡å®šå¯ã€‚
+
_Example_
\code
WOLFSSL *ssl;
@@ -3371,10 +4310,12 @@ long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ã‚’確èªã—よã†ã¨ã—ãŸå¾Œã«çµæžœã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \bri f ã“ã®é–¢æ•°ã¯ã€ã‚Œã¯ã€ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ã‚’確èªã—よã†ã¨ã—ãŸå¾Œã«çµæžœã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return X509_V_OK æˆåŠŸã—ãŸæ¤œè¨¼ã«ã¤ã„ã¦
\return SSL_FAILURE NULL SSLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚
+ \param ssl WOLFSSL 構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl;
@@ -3389,10 +4330,12 @@ long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
long wolfSSL_get_verify_result(const WOLFSSL *ssl);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’より多ãã®äººé–“ãŒèª­ã‚るエラー文字列ã«å¤‰æ›ã—ã€ãã®æ–‡å­—列を出力ファイルã«å°åˆ·ã—ã¾ã™ã€‚ERRã¯ã€WOLFSSL_GET_ERROR()ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã€FPãŒã‚¨ãƒ©ãƒ¼æ–‡å­—列ãŒé…ç½®ã•ã‚Œã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚るエラーコードã§ã™ã€‚
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSL_get_error()ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’より多ãã®äººé–“ãŒèª­ã‚るエラー文字列ã«å¤‰æ›ã—ã€ãã®æ–‡å­—列を出力ファイルã«å°åˆ·ã—ã¾ã™ã€‚ERRã¯ã€WOLFSSL_GET_ERROR()ã«ã‚ˆã£ã¦è¿”ã•ã‚Œã€FPãŒã‚¨ãƒ©ãƒ¼æ–‡å­—列ãŒé…ç½®ã•ã‚Œã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚るエラーコードã§ã™ã€‚
+ \return ãªã—
\param fp ã«æ›¸ãè¾¼ã¾ã‚Œã‚‹äººé–“ãŒèª­ã‚るエラー文字列ã®å‡ºåŠ›ãƒ•ã‚¡ã‚¤ãƒ«ã€‚
+ \param err wolfSSL_get_error()ã§è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã€‚
+
_Example_
\code
int err = 0;
@@ -3410,10 +4353,12 @@ long wolfSSL_get_verify_result(const WOLFSSL *ssl);
void wolfSSL_ERR_print_errors_fp(XFILE fp, int err);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯æä¾›ã•ã‚ŒãŸã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’使用ã—ã¦ã‚¨ãƒ©ãƒ¼å ±å‘Šã‚’処ç†ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯é–¢æ•°ã¯ã‚¨ãƒ©ãƒ¼å›žç·šã”ã¨ã«å®Ÿè¡Œã•ã‚Œã¾ã™ã€‚文字列ã€é•·ã•ã€ãŠã‚ˆã³USERDATAã¯ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ãƒ‘ラメータã«æ¸¡ã•ã‚Œã¾ã™ã€‚
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯æä¾›ã•ã‚ŒãŸã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’使用ã—ã¦ã‚¨ãƒ©ãƒ¼å ±å‘Šã‚’処ç†ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯é–¢æ•°ã¯ã‚¨ãƒ©ãƒ¼å›žç·šã”ã¨ã«å®Ÿè¡Œã•ã‚Œã¾ã™ã€‚文字列ã€é•·ã•ã€ãŠã‚ˆã³userdataã¯ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ãƒ‘ラメータã«æ¸¡ã•ã‚Œã¾ã™ã€‚
+ \return ãªã—
\param cb コールãƒãƒƒã‚¯é–¢æ•°
+ \param u コールãƒãƒƒã‚¯é–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹userdata
+
_Example_
\code
int error_cb(const char *str, size_t len, void *u)
@@ -3431,9 +4376,20 @@ void wolfSSL_ERR_print_errors_cb (
int (*cb)(const char *str, size_t len, void *u), void *u);
/*!
- \brief wolfssl_ctx構造
- \return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \brief ã“ã®é–¢æ•°ã¯WOLFSSL_CTX構造ã®client_psk_cbメンãƒãƒ¼ã‚’セットã—ã¾ã™ã€‚
+ \return ãªã—
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cb wc_psk_client_callback ã¯ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã§WOLFSSL_CTX構造体ã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+ 戻り値ã¯æˆåŠŸæ™‚ã«ã¯éµé•·ã‚’è¿”ã—ã€ã‚¨ãƒ©ãƒ¼æ™‚ã«ã¯ï¼ã‚’è¿”ã—ã¾ã™ã€‚
+ unsigned int (*wc_psk_client_callback)
+ PSK クライアントコールãƒãƒƒã‚¯é–¢æ•°ã®å¼•æ•°ï¼š<br>
+ WOLFSSL* ssl - WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿<br>
+ const char* hint - ユーザーã«å¯¾ã—ã¦è¡¨ç¤ºã•ã‚Œã‚‹ãƒ’ント文字列<br>
+ char* identity - ID<br>
+ unsigned int id_max_len - IDãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º<br>
+ unsigned char* key - æ ¼ç´ã•ã‚Œã‚‹éµ<br>
+ unsigned int key_max_len - éµã®æœ€å¤§ã‚µã‚¤ã‚º<br>
+
_Example_
\code
WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol def );
@@ -3450,12 +4406,13 @@ void wolfSSL_ERR_print_errors_cb (
\sa wolfSSL_CTX_set_psk_client_callback
*/
void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX* ctx,
- wc_psk_client_callback);
+ wc_psk_client_callback cb);
/*!
- \brief
+ \brief
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl;
@@ -3477,10 +4434,11 @@ void wolfSSL_set_psk_client_callback(WOLFSSL* ssl,
wc_psk_client_callback);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯PSKアイデンティティヒントを返ã—ã¾ã™ã€‚
\return pointer WolfSSL構造ã®é…列メンãƒãƒ¼ã«æ ¼ç´ã•ã‚Œã¦ã„る値ã¸ã®const charãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return NULL WOLFSSLã¾ãŸã¯é…列構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -3499,10 +4457,11 @@ void wolfSSL_set_psk_client_callback(WOLFSSL* ssl,
const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief 関数ã¯ã€é…列構造ã®Client_Identityメンãƒãƒ¼ã¸ã®å®šæ•°ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return string é…列構造ã®client_identityメンãƒã®æ–‡å­—列値。
\return NULL WOLFSSL構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯WOLFSSL構造ã®é…列メンãƒãƒ¼ãŒNULLã®å ´åˆã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -3521,10 +4480,11 @@ const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
const char* wolfSSL_get_psk_identity(const WOLFSSL*);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造体ã®server_hintメンãƒãƒ¼ã«HINT引数を格ç´ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造体ã®server_hintメンãƒãƒ¼ã«HINT引数を格ç´ã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡ŒãŒæˆåŠŸã—ãŸãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -3544,11 +4504,12 @@ const char* wolfSSL_get_psk_identity(const WOLFSSL*);
int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl構造内ã®é…列構造ã®server_hintメンãƒãƒ¼ã«HINT引数を格ç´ã—ã¾ã™ã€‚
\return SSL_SUCCESS ヒントãŒWolfSSL構造ã«æ­£å¸¸ã«ä¿å­˜ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE WOLFSSLã¾ãŸã¯é…列構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -3563,9 +4524,10 @@ int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint);
int wolfSSL_use_psk_identity_hint(WOLFSSL* ssl, const char* hint);
/*!
- \brief wolfssl_ctx構造体
+ \brief WOLFSSL_CTX構造体
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -3594,7 +4556,8 @@ void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX* ctx,
/*!
\brief WolfSSL構造オプションメンãƒãƒ¼ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -3622,9 +4585,10 @@ void wolfSSL_set_psk_server_callback(WOLFSSL* ssl,
/*!
- \brief
+ \brief
\return WOLFSSL_SUCCESS ã¾ãŸã¯wolfssl_failure.
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
\sa wolfSSL_get_psk_callback_ctx
\sa wolfSSL_CTX_set_psk_callback_ctx
\sa wolfSSL_CTX_get_psk_callback_ctx
@@ -3632,9 +4596,9 @@ void wolfSSL_set_psk_server_callback(WOLFSSL* ssl,
int wolfSSL_set_psk_callback_ctx(WOLFSSL* ssl, void* psk_ctx);
/*!
- \brief
+ \brief
\return WOLFSSL_SUCCESS ã¾ãŸã¯wolfssl_failure.
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\sa wolfSSL_set_psk_callback_ctx
\sa wolfSSL_get_psk_callback_ctx
\sa wolfSSL_CTX_get_psk_callback_ctx
@@ -3642,7 +4606,7 @@ int wolfSSL_set_psk_callback_ctx(WOLFSSL* ssl, void* psk_ctx);
int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX* ctx, void* psk_ctx);
/*!
- \brief
+ \brief
\return void ユーザーPSKコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿
\sa wolfSSL_set_psk_callback_ctx
\sa wolfSSL_CTX_set_psk_callback_ctx
@@ -3651,7 +4615,7 @@ int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX* ctx, void* psk_ctx);
void* wolfSSL_get_psk_callback_ctx(WOLFSSL* ssl);
/*!
- \brief
+ \brief
\return void ユーザーPSKコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿
\sa wolfSSL_CTX_set_psk_callback_ctx
\sa wolfSSL_set_psk_callback_ctx
@@ -3660,10 +4624,11 @@ void* wolfSSL_get_psk_callback_ctx(WOLFSSL* ssl);
void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX* ctx);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€CTX構造ã®HAVAnonメンãƒãƒ¼ãŒã‚³ãƒ³ãƒ‘イル中ã«å®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€CTX構造ã®HABANONメンãƒãƒ¼ã‚’有効ã«ã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚Œã€CTXã®Haveannonメンãƒãƒ¼ãŒ1ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE CTX構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -3683,10 +4648,11 @@ void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX* ctx);
int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
/*!
- \ingroup Setup
- \brief wolfsslv23_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€SSL 3.0 - TLS 1.3ã‹ã‚‰ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¨æŽ¥ç¶šã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief wolfsslv23_server_method()関数ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€SSL 3.0 - TLS 1.3ã‹ã‚‰ãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¨æŽ¥ç¶šã™ã‚‹ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
\return pointer æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return Failure xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+ \return Failure xmallocを呼ã³å‡ºã™ã¨ãã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã€åŸºç¤Žã¨ãªã‚‹Malloc()実装ã®å¤±æ•—値ãŒè¿”ã•ã‚Œã¾ã™ï¼ˆé€šå¸¸ã¯errnoãŒenomeemã«è¨­å®šã•ã‚Œã¾ã™ï¼‰ã€‚
+
_Example_
\code
WOLFSSL_METHOD* method;
@@ -3711,10 +4677,11 @@ int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
WOLFSSL_METHOD *wolfSSLv23_server_method(void);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€WolfSSL構造体ã®å†…部エラー状態をå–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \bri f ã“ã®é–¢æ•°ã¯ã€ã‚Œã¯ã€WolfSSL構造体ã®å†…部エラー状態をå–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return wolfssl_error SSLエラー状態ã€é€šå¸¸ã¯ãƒžã‚¤ãƒŠã‚¹ã‚’è¿”ã—ã¾ã™
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆ
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆ
+
_Example_
\code
WOLFSSL* ssl;
@@ -3729,10 +4696,11 @@ WOLFSSL_METHOD *wolfSSLv23_server_method(void);
int wolfSSL_state(WOLFSSL* ssl);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ã‚’å–å¾—ã—ã¾ã™ã€‚
\return pointer WOLFSSL_X509構造ã®PECRERTメンãƒãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãŒå­˜åœ¨ã™ã‚‹å ´åˆã¯ã€‚
\return 0 ピア証明書発行者サイズãŒå®šç¾©ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -3751,10 +4719,11 @@ int wolfSSL_state(WOLFSSL* ssl);
WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã¦ssl_error_want_readã‚’å–å¾—ã™ã‚‹ã®ã¨ä¼¼ã¦ã„ã¾ã™ã€‚基礎ã¨ãªã‚‹ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒSSL_ERROR_WANT_READã®å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ãŒã€ãれ以外ã®å ´åˆã¯0ã§ã™ã€‚
- \return 1 WOLFSSL_GET_ERROR()ã¯SSL_ERROR_WANT_READã‚’è¿”ã—ã€åŸºç¤Žã¨ãªã‚‹I / Oã«ã¯èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ‡ãƒ¼ã‚¿ãŒã‚ã‚Šã¾ã™ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã¦ssl_error_want_readã‚’å–å¾—ã™ã‚‹ã®ã¨ä¼¼ã¦ã„ã¾ã™ã€‚基礎ã¨ãªã‚‹ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒSSL_ERROR_WANT_READã®å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ãŒã€ãれ以外ã®å ´åˆã¯0ã§ã™ã€‚
+ \return 1 WOLFSSL_GET_ERROR()ã¯SSL_ERROR_WANT_READã‚’è¿”ã—ã€åŸºç¤Žã¨ãªã‚‹I / Oã«ã¯èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ‡ãƒ¼ã‚¿ãŒã‚ã‚Šã¾ã™ã€‚
\return 0 SSL_ERROR_WANT_READエラー状態ã¯ã‚ã‚Šã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -3772,10 +4741,11 @@ WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
int wolfSSL_want_read(WOLFSSL*);
/*!
- \ingroup Debug
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã€RETURSã®SSL_ERROR_WANT_WRITEã‚’å–å¾—ã™ã‚‹ã®ã¨åŒã˜ã§ã™ã€‚基礎ã¨ãªã‚‹ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒSSL_ERROR_WANT_WRITEã®å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ãŒã€ãれ以外ã®å ´åˆã¯0ã§ã™ã€‚
- \return 1 WOLFSSL_GET_ERROR()ã¯SSL_ERROR_WANT_WRITEã‚’è¿”ã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / Oã¯ã€åŸºç¤Žã¨ãªã‚‹SSL接続ã§é€²è¡ŒçŠ¶æ³ã‚’è¡Œã†ãŸã‚ã«æ›¸ãè¾¼ã¾ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã‚’å¿…è¦ã¨ã—ã¾ã™ã€‚
+ \ingroup Debug
+ \brief ã“ã®é–¢æ•°ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã€RETURSã®SSL_ERROR_WANT_WRITEã‚’å–å¾—ã™ã‚‹ã®ã¨åŒã˜ã§ã™ã€‚基礎ã¨ãªã‚‹ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒSSL_ERROR_WANT_WRITEã®å ´åˆã€ã“ã®é–¢æ•°ã¯1ã‚’è¿”ã—ã¾ã™ãŒã€ãれ以外ã®å ´åˆã¯0ã§ã™ã€‚
+ \return 1 WOLFSSL_GET_ERROR()ã¯SSL_ERROR_WANT_WRITEã‚’è¿”ã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / Oã¯ã€åŸºç¤Žã¨ãªã‚‹SSL接続ã§é€²è¡ŒçŠ¶æ³ã‚’è¡Œã†ãŸã‚ã«æ›¸ãè¾¼ã¾ã‚Œã‚‹ãƒ‡ãƒ¼ã‚¿ã‚’å¿…è¦ã¨ã—ã¾ã™ã€‚
\return 0 ssl_error_want_writeエラー状態ã¯ã‚ã‚Šã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -3792,11 +4762,12 @@ int wolfSSL_want_read(WOLFSSL*);
int wolfSSL_want_write(WOLFSSL*);
/*!
- \ingroup Setup
- \brief wolfsslデフォルトã§ã¯ã€æœ‰åŠ¹ãªæ—¥ä»˜ç¯„囲ã¨æ¤œè¨¼æ¸ˆã¿ã®ç½²åã®ãŸã‚ã«ãƒ”ア証明書をãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã®å‰ã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™ã¨ã€å®Ÿè¡Œã™ã‚‹ãƒã‚§ãƒƒã‚¯ã®ãƒªã‚¹ãƒˆã«ãƒ‰ãƒ¡ã‚¤ãƒ³åãƒã‚§ãƒƒã‚¯ãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚DNå—信時ã«ãƒ”ア証明書を確èªã™ã‚‹ãŸã‚ã®ãƒ‰ãƒ¡ã‚¤ãƒ³åã‚’ä¿æŒã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \ingroup Setup
+ \brief wolfsslデフォルトã§ã¯ã€æœ‰åŠ¹ãªæ—¥ä»˜ç¯„囲ã¨æ¤œè¨¼æ¸ˆã¿ã®ç½²åã®ãŸã‚ã«ãƒ”ア証明書をãƒã‚§ãƒƒã‚¯ã—ã¾ã™ã€‚wolfssl_connect()ã¾ãŸã¯wolfssl_accept()ã®å‰ã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™ã¨ã€å®Ÿè¡Œã™ã‚‹ãƒã‚§ãƒƒã‚¯ã®ãƒªã‚¹ãƒˆã«ãƒ‰ãƒ¡ã‚¤ãƒ³åãƒã‚§ãƒƒã‚¯ãŒè¿½åŠ ã•ã‚Œã¾ã™ã€‚DNå—信時ã«ãƒ”ア証明書を確èªã™ã‚‹ãŸã‚ã®ãƒ‰ãƒ¡ã‚¤ãƒ³åã‚’ä¿æŒã—ã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE メモリエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret = 0;
@@ -3814,10 +4785,11 @@ int wolfSSL_want_write(WOLFSSL*);
int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief 使用ã™ã‚‹ãŸã‚ã«WolfSSLライブラリをåˆæœŸåŒ–ã—ã¾ã™ã€‚アプリケーションã”ã¨ã«1回ã€ãã®ä»–ã®ãƒ©ã‚¤ãƒ–ラリã¸ã®å‘¼ã³å‡ºã—ã®å‰ã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
\return BAD_MUTEX_E è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚るエラーã§ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -3832,9 +4804,10 @@ int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
int wolfSSL_Init(void);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief ã•ã‚‰ãªã‚‹ä½¿ç”¨ã‹ã‚‰WOLFSSLライブラリをåˆæœŸåŒ–ã—ã¾ã™ã€‚ライブラリã«ã‚ˆã£ã¦ä½¿ç”¨ã•ã‚Œã‚‹ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã—ã¾ã™ãŒã€å‘¼ã³å‡ºã•ã‚Œã‚‹å¿…è¦ã¯ã‚ã‚Šã¾ã›ã‚“。
\return SSL_SUCCESS エラーを返ã—ã¾ã›ã‚“。
+
_Example_
\code
wolfSSL_Cleanup();
@@ -3844,9 +4817,10 @@ int wolfSSL_Init(void);
int wolfSSL_Cleanup(void);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ç¾åœ¨ã®ãƒ©ã‚¤ãƒ–ラリーãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’è¿”ã—ã¾ã™ã€‚
\return LIBWOLFSSL_VERSION_STRING ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’定義ã™ã‚‹const charãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
char version[MAXSIZE];
@@ -3861,9 +4835,10 @@ int wolfSSL_Cleanup(void);
const char* wolfSSL_lib_version(void);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€ç¾åœ¨ã®ãƒ©ã‚¤ãƒ–ラリーã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’16進表記ã§è¿”ã—ã¾ã™ã€‚
\return LILBWOLFSSL_VERSION_HEX wolfssl / version.hã§å®šç¾©ã•ã‚Œã¦ã„ã‚‹16進数ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
word32 libV;
@@ -3880,10 +4855,11 @@ const char* wolfSSL_lib_version(void);
word32 wolfSSL_lib_version_hex(void);
/*!
- \ingroup IO
- \brief SSLメソッドã®å´é¢ã«åŸºã¥ã„ã¦ã€å®Ÿéš›ã®æŽ¥ç¶šã¾ãŸã¯æ‰¿èªã‚’実行ã—ã¾ã™ã€‚クライアントå´ã‹ã‚‰å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€ã‚µãƒ¼ãƒå´ã‹ã‚‰å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã«wolfssl_accept()ãŒå®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹é–“ã«wolfssl_connect()ãŒè¡Œã‚れる。
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”å´ã•ã‚Œã¾ã™ã€‚(注æ„ã€å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯0ã‚’è¿”ã—ã¾ã™ï¼‰
- \return SSL_FATAL_ERROR 基礎ã¨ãªã‚‹å‘¼ã³å‡ºã—ãŒã‚¨ãƒ©ãƒ¼ã«ãªã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
+ \ingroup IO
+ \brief SSLメソッドã®å´é¢ã«åŸºã¥ã„ã¦ã€å®Ÿéš›ã®æŽ¥ç¶šã¾ãŸã¯æ‰¿èªã‚’実行ã—ã¾ã™ã€‚クライアントå´ã‹ã‚‰å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€ã‚µãƒ¼ãƒå´ã‹ã‚‰å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã«wolfssl_accept()ãŒå®Ÿè¡Œã•ã‚Œã¦ã„ã‚‹é–“ã«wolfssl_connect()ãŒè¡Œã‚れる。
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã«è¿”å´ã•ã‚Œã¾ã™ã€‚(注æ„ã€å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯0ã‚’è¿”ã—ã¾ã™ï¼‰
+ \return SSL_FATAL_ERROR 基礎ã¨ãªã‚‹å‘¼ã³å‡ºã—ãŒã‚¨ãƒ©ãƒ¼ã«ãªã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+
_Example_
\code
int ret = SSL_FATAL_ERROR;
@@ -3903,10 +4879,11 @@ word32 wolfSSL_lib_version_hex(void);
int wolfSSL_negotiate(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief SSL接続ã«åœ§ç¸®ã‚’使用ã™ã‚‹æ©Ÿèƒ½ã‚’オンã«ã—ã¾ã™ã€‚両å´ã«ã¯åœ§ç¸®ãŒã‚ªãƒ³ã«ãªã£ã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ãã†ã§ãªã‘ã‚Œã°åœ§ç¸®ã¯ä½¿ç”¨ã•ã‚Œã¾ã›ã‚“。ZLIBライブラリã¯å®Ÿéš›ã®ãƒ‡ãƒ¼ã‚¿åœ§ç¸®ã‚’実行ã—ã¾ã™ã€‚ライブラリã«ã‚³ãƒ³ãƒ‘イルã™ã‚‹ã«ã¯ã€ã‚·ã‚¹ãƒ†ãƒ ã®è¨­å®šã‚·ã‚¹ãƒ†ãƒ ã«--with-libzを使用ã—ã€ãã†ã§ãªã„å ´åˆã¯hand_libzを定義ã—ã¾ã™ã€‚é€å—ä¿¡ã•ã‚Œã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã‚’減らã™å‰ã«ãƒ‡ãƒ¼ã‚¿ã‚’圧縮ã—ã¦ã„ã‚‹é–“ã«ã€åœ§ç¸®ã«ã‚ˆã£ã¦ä¿å­˜ã•ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®é‡ã¯é€šå¸¸ã€ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã®é…ã„ã™ã¹ã¦ã®ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã‚’除ã„ãŸã‚‚ã®ã‚ˆã‚Šã‚‚分æžã«æ™‚é–“ãŒã‹ã‹ã‚Šã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN 圧縮サãƒãƒ¼ãƒˆãŒãƒ©ã‚¤ãƒ–ラリã«çµ„ã¿è¾¼ã¾ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -3922,11 +4899,12 @@ int wolfSSL_negotiate(WOLFSSL* ssl);
int wolfSSL_set_compression(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯SSLセッションタイムアウト値を秒å˜ä½ã§è¨­å®šã—ã¾ã™ã€‚
\return SSL_SUCCESS セッションを正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
int ret = 0;
@@ -3945,12 +4923,13 @@ int wolfSSL_set_compression(WOLFSSL* ssl);
int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€æŒ‡å®šã•ã‚ŒãŸSSLコンテキストã«å¯¾ã—ã¦ã€SSLセッションã®ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆå€¤ã‚’秒å˜ä½ã§è¨­å®šã—ã¾ã™ã€‚
\return the wolfssl_error_code_opensslã®å ´åˆã€ä»¥å‰ã®ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆå€¤
\return defined æˆåŠŸã—ã¦ã„ã¾ã™ã€‚定義ã•ã‚Œã¦ã„ãªã„å ´åˆã€SSL_SUCCESSã¯è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力コンテキスト(CTX)ãŒNULLã®ã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -3969,10 +4948,11 @@ int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to);
int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief ピアã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’å–å¾—ã—ã¾ã™ã€‚
\return chain 正常ã«ã‚³ãƒ¼ãƒ«ãŒãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’è¿”ã—ã¾ã™ã€‚
\return 0 無効ãªWolfSSLãƒã‚¤ãƒ³ã‚¿ãŒé–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
none
@@ -3985,10 +4965,11 @@ int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to);
WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief ピアã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³æ•°ã‚’å–å¾—ã—ã¾ã™ã€‚
\return Success 正常ã«ã‚³ãƒ¼ãƒ«ãŒãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³æ•°ã‚’è¿”ã—ã¾ã™ã€‚
\return 0 無効ãªãƒã‚§ãƒ¼ãƒ³ãƒã‚¤ãƒ³ã‚¿ãŒé–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
none
@@ -4001,11 +4982,12 @@ WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief Index(IDX)ã®ãƒ”ã‚¢ã®ASN1.DER証明書長をãƒã‚¤ãƒˆå˜ä½ã§å–å¾—ã—ã¾ã™ã€‚
\return Success 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹åˆ¥ã«ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸é•·ã‚’ãƒã‚¤ãƒˆå˜ä½ã§è¿”ã—ã¾ã™ã€‚
\return 0 無効ãªãƒã‚§ãƒ¼ãƒ³ãƒã‚¤ãƒ³ã‚¿ãŒé–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\param chain 有効ãªwolfssl_x509_chain構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
none
@@ -4018,11 +5000,12 @@ int wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN* chain, int idx);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief インデックス(IDX)ã§ãƒ”ã‚¢ã®ASN1.DER証明書をå–å¾—ã—ã¾ã™ã€‚
\return Success 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã§ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ã‚’è¿”ã—ã¾ã™ã€‚
\return 0 無効ãªãƒã‚§ãƒ¼ãƒ³ãƒã‚¤ãƒ³ã‚¿ãŒé–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\param chain 有効ãªwolfssl_x509_chain構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
none
@@ -4035,7 +5018,7 @@ int wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN* chain, int idx);
unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN* chain, int idx);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ã®ãƒã‚§ãƒ¼ãƒ³ã‹ã‚‰ã®ãƒ”ã‚¢ã®WOLFSSL_X509構造体をインデックス(IDX)ã§å–å¾—ã—ã¾ã™ã€‚
\return pointer WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\param chain 動的メモリsession_cacheã®å ´åˆã«ä½¿ç”¨ã•ã‚Œã‚‹WOLFSSL_X509_CHAINã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
@@ -4064,11 +5047,12 @@ unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN* chain, int idx);
WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief インデックス(IDX)ã§ãƒ”ã‚¢ã®PEM証明書をå–å¾—ã—ã¾ã™ã€‚
\return Success 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚¤ãƒ³ãƒ‡ãƒƒã‚¯ã‚¹ã§ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ã‚’è¿”ã—ã¾ã™ã€‚
\return 0 無効ãªãƒã‚§ãƒ¼ãƒ³ãƒã‚¤ãƒ³ã‚¿ãŒé–¢æ•°ã«æ¸¡ã•ã‚Œã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\param chain 有効ãªwolfssl_x509_chain構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
none
@@ -4082,9 +5066,10 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
unsigned char* buf, int inLen, int* outLen);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief セッションã®IDã‚’å–å¾—ã—ã¾ã™ã€‚セッションIDã¯å¸¸ã«32ãƒã‚¤ãƒˆã®é•·ã•ã§ã™ã€‚
\return id セッションID。
+
_Example_
\code
none
@@ -4094,11 +5079,12 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief ピアã®è¨¼æ˜Žæ›¸ã®ã‚·ãƒªã‚¢ãƒ«ç•ªå·ã‚’å–å¾—ã—ã¾ã™ã€‚シリアル番å·ãƒãƒƒãƒ•ã‚¡ï¼ˆIN)ã¯å°‘ãªãã¨ã‚‚32ãƒã‚¤ãƒˆä»¥ä¸Šã§ã‚ã‚Šã€å…¥åŠ›ã¨ã—ã¦* INOUTSZ引数ã¨ã—ã¦æä¾›ã•ã‚Œã¾ã™ã€‚関数を呼ã³å‡ºã—ãŸå¾Œ* INOUTSZã¯INãƒãƒƒãƒ•ã‚¡ã«æ›¸ãè¾¼ã¾ã‚ŒãŸå®Ÿéš›ã®é•·ã•ã‚’ãƒã‚¤ãƒˆå˜ä½ã§ä¿æŒã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 関数ã®ä¸è‰¯å¼•æ•°ãŒè¦‹ã¤ã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param in シリアル番å·ãƒãƒƒãƒ•ã‚¡ã¯å°‘ãªãã¨ã‚‚32ãƒã‚¤ãƒˆã®é•·ã•ã§ã‚ã‚‹ã¹ãã§ã™
+
_Example_
\code
none
@@ -4109,10 +5095,11 @@ int wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, unsigned char* in,
int* inOutSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief 証明書ã‹ã‚‰ä»¶åã®å…±é€šåã‚’è¿”ã—ã¾ã™ã€‚
\return NULL X509構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™
\return string サブジェクトã®å…±é€šåã®æ–‡å­—列表ç¾ã¯æˆåŠŸã«è¿”ã•ã‚Œã¾ã™
+
_Example_
\code
WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -4133,11 +5120,12 @@ int wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, unsigned char* in,
char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_x509構造体ã®DERエンコードã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’å–å¾—ã—ã¾ã™ã€‚
\return buffer ã“ã®é–¢æ•°ã¯Derbuffer構造体ã®ãƒãƒƒãƒ•ã‚¡ãƒ¡ãƒ³ãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚ã“ã‚Œã¯ãƒã‚¤ãƒˆåž‹ã§ã™ã€‚
\return NULL x509ã¾ãŸã¯outszパラメーターãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param x509 証明書情報をå«ã‚€WolfSSL_X509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -4158,10 +5146,11 @@ char* wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€x509ãŒnullã®ã‹ã©ã†ã‹ã‚’確èªã—ã€ãã†ã§ãªã„å ´åˆã¯ã€x509構造体ã®ãƒŽãƒƒã‚«ã‚¹ãƒ¡ãƒ³ãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
\return pointer ASN1_TIMEを使用ã—ã¦X509構造体ã®ãƒŽã‚«ãƒ•ã‚¿ãƒ¼ãƒ¡ãƒ³ãƒãƒ¼ã«æ§‹é€ ä½“を表明ã—ã¾ã™ã€‚
\return NULL X509オブジェクトãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -4177,10 +5166,11 @@ const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz);
WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509*);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯X509証明書ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’å–å¾—ã—ã¾ã™ã€‚
\return 0 X509構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return version X509構造ã«ä¿å­˜ã•ã‚Œã¦ã„ã‚‹ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_X509* x509;
@@ -4199,11 +5189,12 @@ WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509*);
int wolfSSL_X509_version(WOLFSSL_X509*);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief no_stdio_filesystemãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯ãƒ’ープメモリを割り当ã¦ã€wolfssl_x509構造をåˆæœŸåŒ–ã—ã¦ãã‚Œã«ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return *WOLFSSL_X509 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã€WolfSSL_X509構造ãƒã‚¤ãƒ³ã‚¿ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return NULL Xftellマクロã®å‘¼ã³å‡ºã—ãŒè² ã®å€¤ã‚’è¿”ã™å ´åˆã€‚
\param x509 wolfssl_x509ãƒã‚¤ãƒ³ã‚¿ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_X509* x509a = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -4225,11 +5216,12 @@ WOLFSSL_X509*
wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, FILE* file);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief 関数ã¯X509証明書をメモリã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚
\return pointer 実行ã•ã‚ŒãŸå®Ÿè¡Œã¯ã€wolfssl_x509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 証明書ãŒæ›¸ãè¾¼ã¾ã‚Œãªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param fname ロードã™ã‚‹è¨¼æ˜Žæ›¸ãƒ•ã‚¡ã‚¤ãƒ«ã€‚
+
_Example_
\code
#define cliCert “certs/client-cert.pemâ€
@@ -4248,12 +5240,13 @@ WOLFSSL_X509*
wolfSSL_X509_load_certificate_file(const char* fname, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€ãƒ‡ãƒã‚¤ã‚¹ã®ç¨®é¡žã‚’X509構造ã‹ã‚‰ãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
\return pointer X509構造ã‹ã‚‰ãƒ‡ãƒã‚¤ã‚¹ã®ç¨®é¡žã‚’ä¿æŒã™ã‚‹ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param x509 wolfssl_x509_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_x509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param x509 wolfssl_x509_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_x509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in デãƒã‚¤ã‚¹ã‚¿ã‚¤ãƒ—(ãƒãƒƒãƒ•ã‚¡ï¼‰ã‚’ä¿æŒã™ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -4276,12 +5269,13 @@ unsigned char*
int* inOutSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_x509構造ã®HWTypeメンãƒãƒ¼ã‚’ãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
\return byte ã“ã®é–¢æ•°ã¯ã€wolfssl_x509構造ã®HWTypeメンãƒãƒ¼ã«ä»¥å‰ã«ä¿æŒã•ã‚Œã¦ã„るデータã®ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL inoutszãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param x509 証明書情報をå«ã‚€WolfSSL_X509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in ãƒãƒƒãƒ•ã‚¡ã‚’表ã™ãƒã‚¤ãƒˆã‚’入力ã™ã‚‹ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_X509* x509; // X509 certificate
@@ -4302,11 +5296,12 @@ unsigned char*
int* inOutSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯X509オブジェクトã®hwserialNumメンãƒã‚’è¿”ã—ã¾ã™ã€‚
\return pointer ã“ã®é–¢æ•°ã¯ã€X509オブジェクトã‹ã‚‰ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸã‚·ãƒªã‚¢ãƒ«ç•ªå·ã‚’å«ã‚€INãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\param x509 証明書情報をå«ã‚€WOLFSSL_X509構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in コピーã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
char* serial;
@@ -4331,11 +5326,12 @@ unsigned char*
unsigned char* in, int* inOutSz);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã€ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’å–å¾—ã™ã‚‹ã®ã«å分ãªé•·ã•ã ã‘サーãƒãƒ¼ã‚’æŒã¤SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ wolfssl_connect_cert()ã¯ã€ãƒ–ロックã¨éžãƒ–ロックI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹å ´åˆã€wolfsl_connect_cert()ã¯ã€wolfssl_connect_cert_cert()ã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’続ã‘ã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚通話プロセスã¯ã€åŸºç¤Žã¨ãªã‚‹I / OãŒæº–å‚™ãŒã§ãã¦ã€wolfsslãŒã‚ªãƒ•ã«ãªã£ã¦ã„ã‚‹ã¨ã“ã‚を拾ã†ã¨ãã«ã€wolfssl_connect_cert()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_connect_cert()ã¯ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ãŒå—ä¿¡ã•ã‚ŒãŸã‚‰ã®ã¿è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã€ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’å–å¾—ã™ã‚‹ã®ã«å分ãªé•·ã•ã ã‘サーãƒãƒ¼ã‚’æŒã¤SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ wolfssl_connect_cert()ã¯ã€ãƒ–ロックã¨éžãƒ–ロックI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹å ´åˆã€wolfsl_connect_cert()ã¯ã€wolfssl_connect_cert_cert()ã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’続ã‘ã¾ã™ã€‚ã“ã®å ´åˆã€wolfSSL_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚通話プロセスã¯ã€åŸºç¤Žã¨ãªã‚‹I / OãŒæº–å‚™ãŒã§ãã¦ã€wolfsslãŒã‚ªãƒ•ã«ãªã£ã¦ã„ã‚‹ã¨ã“ã‚を拾ã†ã¨ãã«ã€wolfssl_connect_cert()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_connect_cert()ã¯ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ãŒå—ä¿¡ã•ã‚ŒãŸã‚‰ã®ã¿è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE SSLセッションパラメータãŒNULLã®å ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -4356,11 +5352,12 @@ unsigned char*
int wolfSSL_connect_cert(WOLFSSL* ssl);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief WOLFSSL_D2I_PKCS12_BIO(D2I_PKCS12_BIO)ã¯ã€WOLFSSL_BIOã‹ã‚‰æ§‹é€ WC_PKCS12ã¸ã®PKCS12情報ã«ã‚³ãƒ”ーã•ã‚Œã¾ã™ã€‚ã“ã®æƒ…å ±ã¯ã€ã‚ªãƒ—ションã®MAC情報をä¿æŒã™ã‚‹ãŸã‚ã®æ§‹é€ ã¨ã¨ã‚‚ã«ã‚³ãƒ³ãƒ†ãƒ³ãƒ„ã«é–¢ã™ã‚‹æƒ…å ±ã®ãƒªã‚¹ãƒˆã¨ã—ã¦æ§‹é€ å†…ã«åˆ†å‰²ã•ã‚Œã¦ã„ã¾ã™ã€‚構造体WC_PKCS12ã§æƒ…å ±ãŒãƒãƒ£ãƒ³ã‚¯ï¼ˆãŸã ã—復å·åŒ–ã•ã‚Œã¦ã„ãªã„)ã«åˆ†å‰²ã•ã‚ŒãŸå¾Œã€ãã‚Œã¯ãã®å¾Œã€å‘¼ã³å‡ºã—ã«ã‚ˆã£ã¦è§£æžãŠã‚ˆã³å¾©å·åŒ–ã•ã‚Œå¾—る。
\return WC_PKCS12 WC_PKCS12構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\return Failure 関数ã«å¤±æ•—ã—ãŸå ´åˆã¯NULLã‚’è¿”ã—ã¾ã™ã€‚
\param bio PKCS12ãƒãƒƒãƒ•ã‚¡ã‚’読ã¿å–ã‚‹ãŸã‚ã®WOLFSSL_BIO構造。
+
_Example_
\code
WC_PKCS12* pkcs;
@@ -4381,11 +5378,12 @@ WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio,
WC_PKCS12** pkcs12);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief WOLFSSL_I2D_PKCS12_BIO(I2D_PKCS12_BIO)ã¯ã€æ§‹é€ WC_PKCS12ã‹ã‚‰WOLFSSL_BIOã¸ã®è¨¼æ˜Žæ›¸æƒ…å ±ã«ã‚³ãƒ”ーã•ã‚Œã¾ã™ã€‚
\return 1 æˆåŠŸã®ãŸã‚ã«ã€‚
\return Failure 0。
\param bio PKCS12ãƒãƒƒãƒ•ã‚¡ã‚’書ã込むãŸã‚ã®WOLFSSL_BIO構造。
+
_Example_
\code
WC_PKCS12 pkcs12;
@@ -4413,7 +5411,7 @@ WC_PKCS12* wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO* bio,
WC_PKCS12* pkcs12);
/*!
- \ingroup openSSL
+ \ingroup openSSL
\brief pkcs12ã¯ã€configureコマンドã¸ã®-enable-openSSLAXTRAを追加ã™ã‚‹ã“ã¨ã§æœ‰åŠ¹ã«ã§ãã¾ã™ã€‚ãã‚Œã¯å¾©å·åŒ–ã®ãŸã‚ã«ãƒˆãƒªãƒ—ルDESã¨RC4を使ã†ã“ã¨ãŒã§ãã‚‹ã®ã§ã€OpenSSlextra(--enable-des3 -enable-arc4)を有効ã«ã™ã‚‹ã¨ãã«ã‚‚ã“れらã®æ©Ÿèƒ½ã‚’有効ã«ã™ã‚‹ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚ wolfsslã¯ç¾åœ¨RC2をサãƒãƒ¼ãƒˆã—ã¦ã„ã¾ã›ã‚“ã®ã§ã€RC2ã§ã®å¾©å·åŒ–ã¯ç¾åœ¨åˆ©ç”¨ã§ãã¾ã›ã‚“。ã“ã‚Œã¯ã€.p12ファイルを作æˆã™ã‚‹ãŸã‚ã«OpenSSLコマンドラインã§ä½¿ç”¨ã•ã‚Œã‚‹ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®æš—å·åŒ–æ–¹å¼ã§ã¯æ³¨ç›®ã™ã‹ã‚‚ã—ã‚Œã¾ã›ã‚“。 WOLFSSL_PKCS12_PARSE(PKCS12_PARSE)。ã“ã®é–¢æ•°ãŒæœ€åˆã«è¡Œã£ã¦ã„ã‚‹ã®ã¯ã€å­˜åœ¨ã™ã‚‹å ´åˆã¯MacãŒæ­£ã—ã„ãƒã‚§ãƒƒã‚¯ã§ã™ã€‚ MACãŒå¤±æ•—ã—ãŸå ´åˆã€é–¢æ•°ã¯è¿”ã•ã‚Œã€ä¿å­˜ã•ã‚Œã¦ã„るコンテンツ情報ã®ã„ãšã‚Œã‹ã‚’復å·åŒ–ã—よã†ã¨ã—ã¾ã›ã‚“。ã“ã®é–¢æ•°ã¯ã€ãƒãƒƒã‚°ã‚¿ã‚¤ãƒ—を探ã—ã¦ã„ã‚‹å„コンテンツ情報を介ã—ã¦è§£æžã—ã¾ã™ã€‚ãƒãƒƒã‚°ã‚¿ã‚¤ãƒ—ãŒã‚ã‹ã£ã¦ã„ã‚‹å ´åˆã¯ã€å¿…è¦ã«å¿œã˜ã¦å¾©å·åŒ–ã•ã‚Œã€æ§‹ç¯‰ã•ã‚Œã¦ã„る証明書ã®ãƒªã‚¹ãƒˆã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹ã‹ã€è¦‹ã¤ã‹ã£ãŸã‚­ãƒ¼ã¨ã—ã¦ä¿å­˜ã•ã‚Œã¾ã™ã€‚ã™ã¹ã¦ã®ãƒãƒƒã‚°ã‚’介ã—ã¦è§£æžã—ãŸå¾Œã€è¦‹ã¤ã‹ã£ãŸã‚­ãƒ¼ã¯ã€ä¸€è‡´ã™ã‚‹ãƒšã‚¢ãŒè¦‹ã¤ã‹ã‚‹ã¾ã§è¨¼æ˜Žæ›¸ãƒªã‚¹ãƒˆã¨æ¯”較ã•ã‚Œã¾ã™ã€‚ã“ã®ä¸€è‡´ã™ã‚‹ãƒšã‚¢ã¯ã‚­ãƒ¼ã¨è¨¼æ˜Žæ›¸ã¨ã—ã¦è¿”ã•ã‚Œã€ã‚ªãƒ—ションã§è¦‹ã¤ã‹ã£ãŸè¨¼æ˜Žæ›¸ãƒªã‚¹ãƒˆã¯stack_of証明書ã¨ã—ã¦è¿”ã•ã‚Œã¾ã™ã€‚瞬間ã€CRLã€ç§˜å¯†ã¾ãŸã¯å®‰å…¨ãªãƒãƒƒã‚°ãŒã‚¹ã‚­ãƒƒãƒ—ã•ã‚Œã€è§£æžã•ã‚Œã¾ã›ã‚“。デãƒãƒƒã‚°ãƒ—リントアウトを見るã“ã¨ã§ã€ã“れらã¾ãŸã¯ä»–ã®ã€Œä¸æ˜Žã€ãƒãƒƒã‚°ãŒã‚¹ã‚­ãƒƒãƒ—ã•ã‚Œã¦ã„ã‚‹ã‹ã©ã†ã‹ãŒã‚ã‹ã‚Šã¾ã™ã€‚フレンドリーåãªã©ã®è¿½åŠ ã®å±žæ€§ã¯ã€PKCS12ファイルを解æžã™ã‚‹ã¨ãã«ã‚¹ã‚­ãƒƒãƒ—ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS PKCS12ã®è§£æžã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
@@ -4421,6 +5419,7 @@ WC_PKCS12* wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO* bio,
\param paswd PKCS12を復å·åŒ–ã™ã‚‹ãŸã‚ã®ãƒ‘スワード。
\param pkey PKCS12ã‹ã‚‰ãƒ‡ã‚³ãƒ¼ãƒ‰ã•ã‚ŒãŸç§˜å¯†éµã‚’ä¿æŒã™ã‚‹ãŸã‚ã®æ§‹é€ ã€‚
\param cert PKCS12ã‹ã‚‰å¾©å·ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’ä¿æŒã™ã‚‹æ§‹é€ 
+
_Example_
\code
WC_PKCS12* pkcs;
@@ -4441,15 +5440,16 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief サーãƒãƒ¼DIFFIE-HELLMANエフェメラルパラメータ設定。ã“ã®é–¢æ•°ã¯ã€ã‚µãƒ¼ãƒãƒ¼ãŒDHEを使用ã™ã‚‹æš—å·ã‚¹ã‚¤ãƒ¼ãƒˆã‚’ãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã—ã¦ã„ã‚‹å ´åˆã«ä½¿ç”¨ã™ã‚‹ã‚°ãƒ«ãƒ¼ãƒ—パラメータを設定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_ERROR メモリエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIDE_ERROR ã“ã®é–¢æ•°ãŒSSLサーãƒã§ã¯ãªãSSLクライアントã§å‘¼ã³å‡ºã•ã‚Œã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param p Diffie-Hellman素数パラメータ。
\param pSz pã®ã‚µã‚¤ã‚ºã€‚
\param g Diffie-Hellman "Generator"パラメータ。
+
_Example_
\code
WOLFSSL* ssl;
@@ -4464,20 +5464,21 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
const unsigned char* g, int gSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief 関数ã¯wolfssl_settmph_buffer_wrapperを呼ã³å‡ºã—ã¾ã™ã€‚ã“ã‚Œã¯Diffie-Hellmanパラメータã®ãƒ©ãƒƒãƒ‘ーã§ã™ã€‚
\return SSL_SUCCESS 実行ã«æˆåŠŸã—ãŸå ´åˆã€‚
\return SSL_BAD_FILETYPE ファイルã®ç¨®é¡žãŒpemã§ã¯ãªãã€asn.1ã§ã¯ãªã„å ´åˆWC_DHParamSLOADãŒæ­£å¸¸ã«æˆ»ã£ã¦ã„ãªã„å ´åˆã¯ã€ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_NO_PEM_HEADER PEMヘッダーãŒãªã„å ´åˆã¯PemToderã‹ã‚‰è¿”ã—ã¾ã™ã€‚
- \return SSL_BAD_FILE PemToderã«ãƒ•ã‚¡ã‚¤ãƒ«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE PemToderã«ãƒ•ã‚¡ã‚¤ãƒ«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FATAL_ERROR コピーエラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯PemToderã‹ã‚‰è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return MEMORY_E - メモリ割り当ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆ
\return BAD_FUNC_ARG wolfssl構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ãã†ã§ãªã„å ´åˆã¯ã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return DH_KEY_SIZE_E wolfssl_settmph()ã¾ãŸã¯wolfssl_ctx_settmph()ã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SIDE_ERROR wolfssl_settmphã®ã‚µãƒ¼ãƒãƒ¼å´ã§ã¯ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return DH_KEY_SIZE_E wolfssl_settmph()ã¾ãŸã¯WOLFSSL_CTX_settmph()ã®éµã‚µã‚¤ã‚ºã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIDE_ERROR wolfssl_settmphã®ã‚µãƒ¼ãƒãƒ¼å´ã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buf wolfssl_settmph_file_wrapperã‹ã‚‰æ¸¡ã•ã‚ŒãŸå‰²ã‚Šå½“ã¦ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
\param sz ファイルã®ã‚µã‚¤ã‚ºï¼ˆwolfssl_settmph_file_wrapper内ã®fname)をä¿æŒã™ã‚‹ãƒ­ãƒ³ã‚°int。
+
_Example_
\code
Static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
@@ -4499,17 +5500,18 @@ int wolfSSL_SetTmpDH_buffer(WOLFSSL* ssl, const unsigned char* b, long sz,
int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_settmph_file_wrapperを呼ã³å‡ºã—ã¦ã‚µãƒ¼ãƒdiffie-hellmanパラメータを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS ã“ã®æ©Ÿèƒ½ã®æ­£å¸¸ãªå®Œäº†ã¨ãã®ã‚µãƒ–ルーãƒãƒ³ã®å®Œäº†ã«æˆ»ã‚Šã¾ã—ãŸã€‚
\return MEMORY_E ã“ã®é–¢æ•°ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ã«ãƒ¡ãƒ¢ãƒªå‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIDE_ERROR WolfSSL構造体ã«ã‚るオプション構造ã®ã‚µã‚¤ãƒ‰ãƒ¡ãƒ³ãƒãƒ¼ãŒã‚µãƒ¼ãƒãƒ¼å´ã§ã¯ãªã„å ´åˆã€‚
\return SSL_BAD_FILETYPE 証明書ãŒä¸€é€£ã®ãƒã‚§ãƒƒã‚¯ã«å¤±æ•—ã—ãŸå ´åˆã¯è¿”ã—ã¾ã™ã€‚
- \return DH_KEY_SIZE_E DHパラメーターã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒWolfSSL構造体ã®MinkKeyszメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return DH_KEY_SIZE_E DHパラメータã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒwolfssl構造体ã®MAXDHKEYSZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return DH_KEY_SIZE_E DHパラメーターã®éµã‚µã‚¤ã‚ºãŒWolfSSL構造体ã®MinkKeyszメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return DH_KEY_SIZE_E DHパラメータã®éµã‚µã‚¤ã‚ºãŒwolfssl構造体ã®MAXDHKEYSZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl構造ãªã©ã€å¼•æ•°å€¤ãŒnullã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param fname 証明書をä¿æŒã—ã¦ã„る定数ã®æ–‡å­—ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4529,19 +5531,21 @@ int wolfSSL_SetTmpDH_buffer(WOLFSSL* ssl, const unsigned char* b, long sz,
int wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* f, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief サーãƒãƒ¼CTX Diffie-Hellmanã®ãƒ‘ラメータを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ã¨ã™ã¹ã¦ã®ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§æˆ»ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG CTXã€Pã€ã¾ãŸã¯GパラメーターãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return DH_KEY_SIZE_E DHパラメータã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒwolfssl_ctx構造体ã®MindHKEYSZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return DH_KEY_SIZE_E DHパラメータã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒwolfssl_ctx構造体ã®MaxDhkeySZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E ã“ã®é–¢æ•°ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ã«ãƒ¡ãƒ¢ãƒªã®å‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return DH_KEY_SIZE_E DHパラメータã®éµã‚µã‚¤ã‚ºãŒWOLFSSL_CTX構造体ã®MindHKEYSZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return DH_KEY_SIZE_E DHパラメータã®éµã‚µã‚¤ã‚ºãŒWOLFSSL_CTX構造体ã®MaxDhkeySZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E ã“ã®é–¢æ•°ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ã«ãƒ¡ãƒ¢ãƒªã®å‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param p ServerDH_P構造体ã®ãƒãƒƒãƒ•ã‚¡ãƒ¡ãƒ³ãƒãƒ¼ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸå®šæ•°ã®ç¬¦å·ãªã—文字ãƒã‚¤ãƒ³ã‚¿ã€‚
\param pSz pã®ã‚µã‚¤ã‚ºã‚’表ã™intåž‹ã¯ã€max_dh_sizeã«åˆæœŸåŒ–ã•ã‚Œã¾ã™ã€‚
\param g ServerDh_g構造体ã®ãƒãƒƒãƒ•ã‚¡ãƒ¡ãƒ³ãƒãƒ¼ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸå®šæ•°ã®ç¬¦å·ãªã—文字ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ _Example_
\code
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol );
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol );
byte* p;
byte* g;
word32 pSz = (word32)sizeof(p)/sizeof(byte);
@@ -4560,15 +5564,16 @@ int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p,
int pSz, const unsigned char* g, int gSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief wolfssl_settmph_buffer_wrapperを呼ã³å‡ºã™ãƒ©ãƒƒãƒ‘ー関数
\return 0 実行ãŒæˆåŠŸã™ã‚‹ãŸã‚ã«è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG CTXパラメータã¾ãŸã¯BUFパラメータãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリ割り当ã¦ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆ
- \return SSL_BAD_FILETYPE フォーマットãŒæ­£ã—ããªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return SSL_BAD_FILETYPE フォーマットãŒæ­£ã—ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buf ãƒãƒƒãƒ•ã‚¡ã¨ã—ã¦å‰²ã‚Šå½“ã¦ã‚‰ã‚Œã€wolfssl_settmpdh_buffer_wrapperã«æ¸¡ã•ã‚ŒãŸå®šæ•°ã®ç¬¦å·ãªã—文字型ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param sz wolfssl_settmph_file_wrapper()ã®FNAMEパラメータã‹ã‚‰æ´¾ç”Ÿã—ãŸé•·ã„整数型。
+ \param sz wolfssl_settmph_file_wrapper()ã®FNAMEパラメータã‹ã‚‰æ´¾ç”Ÿã—ãŸé•·ã„整数型。
+
_Example_
\code
static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
@@ -4594,20 +5599,21 @@ int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX* ctx, const unsigned char* b,
long sz, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_settmph_file_wrapperを呼ã³å‡ºã—ã¦ã‚µãƒ¼ãƒãƒ¼Diffie-Hellmanパラメータを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS wolfssl_settmph_file_wrapperã¾ãŸã¯ãã®ã‚µãƒ–ルーãƒãƒ³ã®ã„ãšã‚Œã‹ãŒæ­£å¸¸ã«æˆ»ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E 動的メモリã®å‰²ã‚Šå½“ã¦ãŒã‚µãƒ–ルーãƒãƒ³ã§å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG CTXã¾ãŸã¯FNAMEパラメータãŒNULLã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ãŒNULL引数ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_BAD_FILE 証明書ファイルãŒé–‹ãã“ã¨ãŒã§ããªã„å ´åˆã€ã¾ãŸã¯ãƒ•ã‚¡ã‚¤ãƒ«ã®ä¸€é€£ã®ãƒã‚§ãƒƒã‚¯ãŒwolfssl_settmpdh_file_wrapperã‹ã‚‰å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILETYPE フォーマットãŒwolfssl_settmph_buffer_wrapper()ã‹ã‚‰PEMã¾ãŸã¯ASN.1ã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return DH_KEY_SIZE_E DHパラメータã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒwolfssl_ctx構造体ã®MindHKEYSZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return DH_KEY_SIZE_E DHパラメータã®ã‚­ãƒ¼ã‚µã‚¤ã‚ºãŒwolfssl_ctx構造体ã®MaxDhkeySZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SIDE_ERROR wolfssl_settmph()ã§è¿”ã•ã‚ŒãŸã‚µã‚¤ãƒ‰ãŒã‚µãƒ¼ãƒãƒ¼çµ‚了ã§ã¯ãªã„å ´åˆã€‚
+ \return SSL_BAD_FILETYPE フォーマットãŒwolfssl_settmph_buffer_wrapper()ã‹ã‚‰PEMã¾ãŸã¯ASN.1ã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return DH_KEY_SIZE_E DHパラメータã®éµã‚µã‚¤ã‚ºãŒWOLFSSL_CTX構造体ã®MindHKEYSZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šå°ã•ã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return DH_KEY_SIZE_E DHパラメータã®éµã‚µã‚¤ã‚ºãŒWOLFSSL_CTX構造体ã®MaxDhkeySZメンãƒãƒ¼ã®å€¤ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIDE_ERROR wolfssl_settmph()ã§è¿”ã•ã‚ŒãŸã‚µã‚¤ãƒ‰ãŒã‚µãƒ¼ãƒãƒ¼çµ‚了ã§ã¯ãªã„å ´åˆã€‚
\return SSL_NO_PEM_HEADER PEMヘッダーãŒãªã„å ´åˆã¯PemToderã‹ã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FATAL_ERROR メモリコピーã®å¤±æ•—ãŒã‚ã‚‹å ´åˆã¯PemToderã‹ã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param fname 証明書ファイルã¸ã®å®šæ•°æ–‡å­—ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#define dhParam “certs/dh2048.pemâ€
@@ -4632,11 +5638,12 @@ int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* f,
int format);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造体ã®minkkeyszメンãƒãƒ¼ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã€Diffie Hellmanキーサイズã®æœ€å°ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造体ã®minkkeyszメンãƒãƒ¼ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã€Diffie Hellmanéµã‚µã‚¤ã‚ºã®æœ€å°ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Œäº†ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼z_BITSãŒ16,000を超ãˆã‚‹ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼z_BITSãŒ16,000を超ãˆã‚‹ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
public static int CTX_SetMinDhKey_Sz(IntPtr ctx, short minDhKey){
@@ -4652,11 +5659,12 @@ int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* f,
int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX* ctx, word16);
/*!
- \ingroup CertsKeys
- \brief WolfSSL構造ã®Diffie-Hellmanキーã®æœ€å°ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief WolfSSL構造ã®Diffie-Hellmanéµã®æœ€å°ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 最å°ã‚µã‚¤ã‚ºã¯æ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG wolfssl構造ã¯NULLã€ã¾ãŸã¯Keysz_BITSãŒ16,000を超ãˆã‚‹ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆ
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4672,11 +5680,12 @@ int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX* ctx, word16);
int wolfSSL_SetMinDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造体ã®maxdhkeyszメンãƒãƒ¼ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã€Diffie Hellmanキーサイズã®æœ€å¤§ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造体ã®maxdhkeyszメンãƒãƒ¼ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ã€Diffie Hellmanéµã‚µã‚¤ã‚ºã®æœ€å¤§ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Œäº†ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼z_BITSãŒ16,000を超ãˆã‚‹ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼z_BITSãŒ16,000を超ãˆã‚‹ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
public static int CTX_SetMaxDhKey_Sz(IntPtr ctx, short maxDhKey){
@@ -4692,11 +5701,12 @@ int wolfSSL_SetMinDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz_bits);
/*!
- \ingroup CertsKeys
- \brief WolfSSL構造ã®Diffie-Hellmanキーã®æœ€å¤§ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief WolfSSL構造ã®Diffie-Hellmanéµã®æœ€å¤§ã‚µã‚¤ã‚ºï¼ˆãƒ“ットå˜ä½ï¼‰ã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 最大サイズã¯æ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG WOLFSSL構造ã¯NULLã¾ãŸã¯KEYSZパラメータã¯è¨±å®¹ã‚µã‚¤ã‚ºã‚ˆã‚Šå¤§ãã‹ã£ãŸã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œã¾ã›ã‚“ã§ã—ãŸã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4712,10 +5722,11 @@ int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz_bits);
int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
/*!
- \ingroup CertsKeys
- \brief オプション構造ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã‚ã‚‹DHKEYSZ(ビット内)ã®å€¤ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®å€¤ã¯ã€Diffie-Hellmanキーサイズをãƒã‚¤ãƒˆå˜ä½ã§è¡¨ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief オプション構造ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã‚ã‚‹DHKEYSZ(ビット内)ã®å€¤ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®å€¤ã¯ã€Diffie-Hellmanéµã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§è¡¨ã—ã¾ã™ã€‚
\return dhKeySz サイズを表ã™æ•´æ•°å€¤ã§ã‚ã‚‹ssl-> options.dhkeyszã§ä¿æŒã•ã‚Œã¦ã„る値を返ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl構造体ãŒNULLã®å ´åˆã«è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -4739,11 +5750,12 @@ int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
int wolfSSL_GetDhKey_Sz(WOLFSSL*);
/*!
- \ingroup CertsKeys
- \brief wolfssl_ctx構造体ã¨wolfssl_cert_manager構造ã®ä¸¡æ–¹ã§æœ€å°RSAキーサイズを設定ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief WOLFSSL_CTX構造体ã¨wolfssl_cert_manager構造ã®ä¸¡æ–¹ã§æœ€å°RSAéµã‚µã‚¤ã‚ºã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚
- \return BAD_FUNC_ARG CTX構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯KEYSZãŒã‚¼ãƒ­ã‚ˆã‚Šå°ã•ã„ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG CTX構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯KEYSZãŒã‚¼ãƒ­ã‚ˆã‚Šå°ã•ã„ã‹ã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = SSL_CTX_new(method);
@@ -4760,11 +5772,12 @@ int wolfSSL_GetDhKey_Sz(WOLFSSL*);
int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX* ctx, short keySz);
/*!
- \ingroup CertsKeys
- \brief WolfSSL構造ã«ã‚ã‚‹RSAã®ãŸã‚ã®ãƒ“ットã§æœ€å°è¨±å®¹ã‚­ãƒ¼ã‚µã‚¤ã‚ºã‚’設定ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief WolfSSL構造ã«ã‚ã‚‹RSAã®ãŸã‚ã®ãƒ“ットã§æœ€å°è¨±å®¹éµã‚µã‚¤ã‚ºã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 最å°å€¤ãŒæ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG SSL構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯KSYSZãŒã‚¼ãƒ­ã‚ˆã‚Šå°ã•ã„å ´åˆã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG SSL構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯KSYSZãŒã‚¼ãƒ­ã‚ˆã‚Šå°ã•ã„å ´åˆã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4781,11 +5794,12 @@ int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX* ctx, short keySz);
int wolfSSL_SetMinRsaKey_Sz(WOLFSSL* ssl, short keySz);
/*!
- \ingroup CertsKeys
- \brief wolf_ctx構造体ã¨wolfssl_cert_manager構造体ã®ECCキーã®æœ€å°ã‚µã‚¤ã‚ºã‚’ビットå˜ä½ã§è¨­å®šã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief wolf_ctx構造体ã¨wolfssl_cert_manager構造体ã®ECCéµã®æœ€å°ã‚µã‚¤ã‚ºã‚’ビットå˜ä½ã§è¨­å®šã—ã¾ã™ã€‚
\return SSL_SUCCESS 実行ãŒæˆåŠŸã—ãŸãŸã‚ã«è¿”ã•ã‚Œã€MineCkeyszメンãƒãƒ¼ãŒè¨­å®šã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼ãŒè² ã®å ´åˆã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯éµãŒè² ã®å ´åˆã€ã¾ãŸã¯8ã«ã‚ˆã£ã¦å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -4800,11 +5814,12 @@ int wolfSSL_SetMinRsaKey_Sz(WOLFSSL* ssl, short keySz);
int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX* ssl, short keySz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief オプション構造ã®MineCckeyszメンãƒãƒ¼ã®å€¤ã‚’設定ã—ã¾ã™ã€‚オプション構造体ã¯ã€WolfSSL構造ã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã‚ã‚Šã€SSLパラメータを介ã—ã¦ã‚¢ã‚¯ã‚»ã‚¹ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚ªãƒ—ション構造ã®MineCckeyszメンãƒãƒ¼ã‚’正常ã«è¨­å®šã—ãŸå ´åˆã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ã‚­ãƒ¼ã‚µã‚¤ã‚ºï¼ˆkeysz)ãŒ0(ゼロ)未満ã®å ´åˆã€ã¾ãŸã¯8ã§å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯éµã‚µã‚¤ã‚ºï¼ˆkeysz)ãŒ0(ゼロ)未満ã®å ´åˆã€ã¾ãŸã¯8ã§å‰²ã‚Šåˆ‡ã‚Œãªã„å ´åˆã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx); // New session
@@ -4821,13 +5836,14 @@ int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX* ssl, short keySz);
int wolfSSL_SetMinEccKey_Sz(WOLFSSL* ssl, short keySz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€eap_tlsã¨eap-ttlsã«ã‚ˆã£ã¦ã€ãƒžã‚¹ã‚¿ãƒ¼ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆã‹ã‚‰ã‚­ãƒ¼ã‚¤ãƒ³ã‚°ãƒžãƒ†ãƒªã‚¢ãƒ«ã‚’導出ã—ã¾ã™ã€‚
- \return BUFFER_E ãƒãƒƒãƒ•ã‚¡ã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºãŒè¨±å®¹æœ€å¤§ã‚µã‚¤ã‚ºã‚’超ãˆã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E メモリ割り当ã¦ã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BUFFER_E ãƒãƒƒãƒ•ã‚¡ã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºãŒè¨±å®¹æœ€å¤§ã‚µã‚¤ã‚ºã‚’超ãˆã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリ割り当ã¦ã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param msk p_hash関数ã®çµæžœã‚’ä¿æŒã™ã‚‹voidãƒã‚¤ãƒ³ã‚¿å¤‰æ•°ã€‚
\param len MSK変数ã®é•·ã•ã‚’表ã™ç¬¦å·ãªã—整数。
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);;
@@ -4845,14 +5861,15 @@ int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* key, unsigned int len,
const char* label);
/*!
- \ingroup IO
- \brief Writev Semanticsをシミュレートã—ã¾ã™ãŒã€SSL_Write()ã®å‹•ä½œã®ãŸã‚ã«å®Ÿéš›ã«ã¯ãƒ–ロックã—ãªã„ãŸã‚ã€ãƒ•ãƒ­ãƒ³ãƒˆè¿½åŠ ãŒå°ã•ããªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚Writevを使ã„ã‚„ã™ã„ソフトウェアã«ç§»æ¤ã™ã‚‹ã€‚
+ \ingroup IO
+ \brief Writev Semanticsをシミュレートã—ã¾ã™ãŒã€SSL_Write()ã®å‹•ä½œã®ãŸã‚ã«å®Ÿéš›ã«ã¯ãƒ–ロックã—ãªã„ãŸã‚ã€ãƒ•ãƒ­ãƒ³ãƒˆè¿½åŠ ãŒå°ã•ããªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ãŸã‚Writevを使ã„ã‚„ã™ã„ソフトウェアã«ç§»æ¤ã™ã‚‹ã€‚
\return >0 æˆåŠŸæ™‚ã«æ›¸ã‹ã‚ŒãŸãƒã‚¤ãƒˆæ•°ã€‚
- \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \return 0 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã«ã¤ã„ã¦wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
\return MEMORY_ERROR メモリエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSSL_WRITE()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を使用ã—ã¦ãã ã•ã„。
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸã¨ãã€ã¾ãŸã¯éžãƒ–ロッキングソケットを使用ã™ã‚‹ã¨ãã«ã¯ã€SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEエラーãŒå—ä¿¡ã•ã‚Œã€å†åº¦WOLFSSL_WRITE()を呼ã³å‡ºã™å¿…è¦ãŒã‚ã‚‹å ´åˆã¯ã€éšœå®³ãŒç™ºç”Ÿã—ã¾ã™ã€‚特定ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を使用ã—ã¦ãã ã•ã„。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param iov 書ãè¾¼ã¿ã¸ã®I / Oベクトルã®é…列
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -4876,15 +5893,16 @@ int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
int iovcnt);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯CAç½²å者リストをアンロードã—ã€ç½²å者全体ã®ãƒ†ãƒ¼ãƒ–ルを解放ã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ä»–ã®æ–¹æ³•ã§ã¯æœªè§£æ±ºã®å¼•æ•°å€¤ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_MUTEX_E ミューテックスエラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚lockmutex()ã¯0ã‚’è¿”ã—ã¾ã›ã‚“ã§ã—ãŸã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯ä»–ã®æ–¹æ³•ã§ã¯æœªè§£æ±ºã®å¼•æ•°å€¤ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E ミューテックスエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚lockmutex()ã¯0ã‚’è¿”ã—ã¾ã›ã‚“ã§ã—ãŸã€‚
+
_Example_
\code
WOLFSSL_METHOD method = wolfTLSv1_2_client_method();
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(method);
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new(method);
…
if(!wolfSSL_CTX_UnloadCAs(ctx)){
// The function did not unload CAs
@@ -4898,12 +5916,13 @@ int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ä»¥å‰ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸã™ã¹ã¦ã®ä¿¡é ¼ã§ãるピア証明書をアンロードã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚マクロwolfssl_trust_peer_certを定義ã™ã‚‹ã“ã¨ã§æ©Ÿèƒ½ãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -4921,17 +5940,18 @@ int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX*);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€TLS / SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’実行ã™ã‚‹ã¨ãã«ãƒ”アを検証ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹è¨¼æ˜Žæ›¸ã‚’ロードã—ã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«é€ä¿¡ã•ã‚ŒãŸãƒ”ア証明書ã¯ã€ä½¿ç”¨å¯èƒ½ãªã¨ãã«ã‚¹ã‚­ãƒƒãƒ‰ã‚’使用ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦æ¯”較ã•ã‚Œã¾ã™ã€‚ã“れら2ã¤ã®ã“ã¨ãŒä¸€è‡´ã—ãªã„å ´åˆã¯ã€ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸCASãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ファイルã®ä»£ã‚ã‚Šã«ãƒãƒƒãƒ•ã‚¡ãƒ¼ã®å ´åˆã¯ã€wolfssl_ctx_trust_peer_certã¨åŒã˜æ©Ÿèƒ½ã§ã™ã€‚特徴ã¯ãƒžã‚¯ãƒ­wolfssl_trust_peer_certを定義ã™ã‚‹ã“ã¨ã«ã‚ˆã£ã¦æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ä¸¡æ–¹ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¨ç¨®é¡žãŒç„¡åŠ¹ãªå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_FAILURE CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯ä¸¡æ–¹ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¨ç¨®é¡žãŒç„¡åŠ¹ãªå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buffer 証明書をå«ã‚€ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param sz ãƒãƒƒãƒ•ã‚¡å…¥åŠ›ã®é•·ã•ã€‚
+
_Example_
\code
int ret = 0;
@@ -4959,17 +5979,19 @@ int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
long sz, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯CA証明書ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。フォーマットãŒPEM内ã«ã‚ã‚‹é™ã‚Šã€ãƒãƒƒãƒ•ã‚¡ã‚ãŸã‚Šè¤‡æ•°ã®CA証明書をロードã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in CA証明書ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param sz 入力CA証明書ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€IN。
+
+
_Example_
\code
int ret = 0;
@@ -4997,19 +6019,20 @@ int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯CA証明書ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。フォーマットãŒPEM内ã«ã‚ã‚‹é™ã‚Šã€ãƒãƒƒãƒ•ã‚¡ã‚ãŸã‚Šè¤‡æ•°ã®CA証明書をロードã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚_EXãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯PR 2413ã«è¿½åŠ ã•ã‚Œã€UserChainã¨Flagsã®è¿½åŠ ã®å¼•æ•°ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in CA証明書ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param sz 入力CA証明書ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€IN。
\param format ãƒãƒƒãƒ•ã‚¡è¨¼æ˜Žæ›¸ã®å½¢å¼ã€SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。
\param userChain フォーマットwolfssl_filetype_asn1を使用ã™ã‚‹å ´åˆã€ã“ã®ã‚»ãƒƒãƒˆã¯ã‚¼ãƒ­ä»¥å¤–ã®ã‚»ãƒƒãƒˆã‚’示ã—ã¦ã„ã¾ã™.Derã®ãƒã‚§ãƒ¼ãƒ³ãŒè¡¨ç¤ºã•ã‚Œã¦ã„ã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -5040,17 +6063,18 @@ int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX* ctx,
int format, int userChain, word32 flags);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€CA証明書ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。フォーマットãŒPEM内ã«ã‚ã‚‹é™ã‚Šã€ãƒãƒƒãƒ•ã‚¡ã‚ãŸã‚Šè¤‡æ•°ã®CA証明書をロードã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in CA証明書ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param sz 入力CA証明書ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€IN。
+
_Example_
\code
int ret = 0;
@@ -5079,16 +6103,17 @@ int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX* ctx,
long sz, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in ロードã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã€‚
\param sz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚
+
_Example_
\code
int ret = 0;
@@ -5114,17 +6139,18 @@ int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX* ctx,
int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãƒãƒƒãƒ•ã‚¡ã‚’SSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1OR SSL_FILETYPE_PEM。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return NO_PASSWORD キーファイルãŒæš—å·åŒ–ã•ã‚Œã¦ã„ã‚‹ãŒãƒ‘スワードãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return NO_PASSWORD éµãƒ•ã‚¡ã‚¤ãƒ«ãŒæš—å·åŒ–ã•ã‚Œã¦ã„ã‚‹ãŒãƒ‘スワードãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in ロードã™ã‚‹ç§˜å¯†éµã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã€‚
\param sz 入力ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€‚
+
_Example_
\code
int ret = 0;
@@ -5150,16 +6176,17 @@ int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX* ctx,
int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLコンテキストã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯PEMå½¢å¼ã§ã€ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ã§çµ‚ã‚る対象ã®è¨¼æ˜Žæ›¸ã‹ã‚‰å§‹ã‚ã¦ãã ã•ã„。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
\return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in ロードã•ã‚Œã‚‹PEMå½¢å¼ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã€‚
+
_Example_
\code
int ret = 0;
@@ -5184,16 +6211,17 @@ int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX* ctx,
const unsigned char* in, long sz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLオブジェクトã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in ロードã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã€‚
\param sz ãƒãƒƒãƒ•ã‚¡ã«ã‚る証明書ã®ã‚µã‚¤ã‚ºã€‚
+
_Example_
\code
int buffSz;
@@ -5218,17 +6246,18 @@ int wolfSSL_use_certificate_buffer(WOLFSSL* ssl, const unsigned char* in,
long sz, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLオブジェクトã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚å½¢å¼ãƒãƒƒãƒ•ã‚¡ã®ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã‚¿ã‚¤ãƒ—を指定ã—ã¾ã™ã€‚SSL_FILETYPE_ASN1ã¾ãŸã¯SSL_FILETYPE_PEM。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return NO_PASSWORD キーファイルãŒæš—å·åŒ–ã•ã‚Œã¦ã„ã‚‹ãŒãƒ‘スワードãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return NO_PASSWORD éµãƒ•ã‚¡ã‚¤ãƒ«ãŒæš—å·åŒ–ã•ã‚Œã¦ã„ã‚‹ãŒãƒ‘スワードãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in ロードã™ã‚‹ç§˜å¯†éµã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã€‚
\param sz ãƒãƒƒãƒ•ã‚¡ã«ã‚る秘密éµã®ã‚µã‚¤ã‚ºã€‚
+
_Example_
\code
int buffSz;
@@ -5253,16 +6282,17 @@ int wolfSSL_use_PrivateKey_buffer(WOLFSSL* ssl, const unsigned char* in,
long sz, int format);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ã‚’WolfSSLオブジェクトã«ãƒ­ãƒ¼ãƒ‰ã—ã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ä»¥å¤–ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ã‚ˆã†ã«å‹•ä½œã—ã€ãƒ•ã‚¡ã‚¤ãƒ«ã®ä»£ã‚ã‚Šã«å…¥åŠ›ã¨ã—ã¦ãƒãƒƒãƒ•ã‚¡ã¨å‘¼ã°ã‚Œã‚‹æ©Ÿèƒ½ãŒç•°ãªã‚‹ã ã‘ã§ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯ã‚µã‚¤ã‚ºSZã®å¼•æ•°ã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯PEMå½¢å¼ã§ã€ãƒ«ãƒ¼ãƒˆè¨¼æ˜Žæ›¸ã§çµ‚ã‚る対象ã®è¨¼æ˜Žæ›¸ã‹ã‚‰å§‹ã‚ã¦ãã ã•ã„。é©åˆ‡ãªä½¿ç”¨æ³•ã®ä¾‹ã‚’ã”覧ãã ã•ã„。
- \return SSL_SUCCES æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_SUCCES æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BUFFER_E ãƒã‚§ãƒ¼ãƒ³ãƒãƒƒãƒ•ã‚¡ãŒå—ä¿¡ãƒãƒƒãƒ•ã‚¡ã‚ˆã‚Šã‚‚大ãã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLセッションã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param in ロードã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã€‚
+
_Example_
\code
int buffSz;
@@ -5286,10 +6316,11 @@ int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl,
const unsigned char* in, long sz);
/*!
- \ingroup CertsKeys
- \brief ã“ã®é–¢æ•°ã¯ã€SSLãŒæ‰€æœ‰ã™ã‚‹è¨¼æ˜Žæ›¸ã¾ãŸã¯ã‚­ãƒ¼ã‚’アンロードã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief ã“ã®é–¢æ•°ã¯ã€SSLãŒæ‰€æœ‰ã™ã‚‹è¨¼æ˜Žæ›¸ã¾ãŸã¯éµã‚’アンロードã—ã¾ã™ã€‚
\return SSL_SUCCESS - 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG - wolfsslオブジェクトãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -5304,10 +6335,11 @@ int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl,
int wolfSSL_UnloadCertsKeys(WOLFSSL*);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®æ©Ÿèƒ½ã¯ã€å¯èƒ½ãªé™ã‚Šãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚°ãƒ«ãƒ¼ãƒ—化をオンã«ã—ã¾ã™ã€‚
\return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™ã€‚
\return BAD_FUNC_ARG 入力コンテキストãŒNULLã®å ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -5323,10 +6355,12 @@ int wolfSSL_UnloadCertsKeys(WOLFSSL*);
int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®æ©Ÿèƒ½ã¯ã€å¯èƒ½ãªé™ã‚Šãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ã‚°ãƒ«ãƒ¼ãƒ—化をオンã«ã—ã¾ã™ã€‚
\return SSL_SUCCESS æˆåŠŸã«æˆ»ã‚Šã¾ã™ã€‚
\return BAD_FUNC_ARG 入力コンテキストãŒNULLã®å ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL* ssl = 0;
@@ -5342,10 +6376,12 @@ int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
int wolfSSL_set_group_messages(WOLFSSL*);
/*!
- \brief
+ \brief
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param cbf フォームã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã§ã‚ã‚‹CallBackFozzerタイプ:int(* callbackfuzzer)(wolfssl * sslã€consigned char * bufã€int szã€intåž‹ã€void * fuzzctx);
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -5364,13 +6400,14 @@ int wolfSSL_set_group_messages(WOLFSSL*);
void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx);
/*!
- \brief
+ \brief
\return 0 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 許容ã§ããªã„値ã§é–¢æ•°ã«æ¸¡ã•ã‚ŒãŸå¼•æ•°ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return COOKIE_SECRET_SZ 秘密サイズãŒ0ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_ERROR æ–°ã—ã„Cookie Secretã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹å•é¡ŒãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã—ãŸã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param secret 秘密ãƒãƒƒãƒ•ã‚¡ã‚’表ã™å®šæ•°ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -5392,9 +6429,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
unsigned int secretSz);
/*!
- \brief
- \return rng æˆåŠŸã™ã‚‹ã¨ã€‚
- \return NULL SSLãŒNULLã®å ´åˆ
+ \brief
+ \return rng æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return NULL sslãŒNULLã®å ´åˆ
_Example_
\code
WOLFSSL* ssl;
@@ -5407,14 +6444,15 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€è¨±å¯ã•ã‚Œã¦ã„る最å°ã®ãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’設定ã—ã¾ã™ã€‚接続ãŒï¼ˆwolfsslv23_client_methodã¾ãŸã¯wolfsslv23_server_method)を使用ã—ã¦ã€æŽ¥ç¶šãŒãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰ã§ãã‚‹å ´åˆã«ã®ã¿é©ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS エラーãªã—ã§è¿”ã•ã‚ŒãŸé–¢æ•°ã¨æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒè¨­å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造ãŒNULLã®å ´åˆã€ã¾ãŸã¯æœ€å°ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
WOLFSSL* ssl = WOLFSSL_new(ctx);
int version; // macrop representation
…
@@ -5427,14 +6465,15 @@ WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl);
int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX* ctx, int version);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief ã“ã®é–¢æ•°ã¯ã€è¨±å¯ã•ã‚Œã¦ã„る最å°ã®ãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’設定ã—ã¾ã™ã€‚接続ãŒï¼ˆwolfsslv23_client_methodã¾ãŸã¯wolfsslv23_server_method)を使用ã—ã¦ã€æŽ¥ç¶šãŒãƒ€ã‚¦ãƒ³ã‚°ãƒ¬ãƒ¼ãƒ‰ã§ãã‚‹å ´åˆã«ã®ã¿é©ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS ã“ã®é–¢æ•°ã¨ãã®ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG SSLオブジェクトãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚サブルーãƒãƒ³ã§ã¯ã€è‰¯ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒä¸€è‡´ã—ãªã„å ´åˆã€ã“ã®ã‚¨ãƒ©ãƒ¼ã¯ã‚¹ãƒ­ãƒ¼ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(protocol method);
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new(protocol method);
WOLFSSL* ssl = WOLFSSL_new(ctx);
int version; macro representation
…
@@ -5449,6 +6488,7 @@ int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version);
/*!
\brief ビルドオプションã¨è¨­å®šã«ä¾å­˜ã—ã¾ã™ã€‚WolfSSLを構築ã™ã‚‹ã¨ãã«show_sizesãŒå®šç¾©ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã“ã®é–¢æ•°ã¯WolfSSLオブジェクト(スイートã€æš—å·ãªã©ï¼‰å†…ã®å€‹ã€…ã®ã‚ªãƒ–ジェクトã®ã‚µã‚¤ã‚ºã‚‚stdoutã«å°åˆ·ã•ã‚Œã¾ã™ã€‚
\return size ã“ã®é–¢æ•°ã¯ã€WolfSSLオブジェクトã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
int size = 0;
@@ -5461,9 +6501,10 @@ int wolfSSL_GetObjectSize(void); /* object size based on build */
/*!
\brief アプリケーションãŒãƒˆãƒ©ãƒ³ã‚¹ãƒãƒ¼ãƒˆãƒ¬ã‚¤ãƒ¤é–“ã§ä½•ãƒã‚¤ãƒˆã‚’é€ä¿¡ã—ãŸã„å ´åˆã¯ã€æŒ‡å®šã•ã‚ŒãŸå¹³æ–‡ã®å…¥åŠ›ã‚µã‚¤ã‚ºã‚’指定ã—ã¦ãã ã•ã„。SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return size æˆåŠŸã™ã‚‹ã¨ã€è¦æ±‚ã•ã‚ŒãŸã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™
- \return INPUT_SIZE_E 入力サイズãŒæœ€å¤§TLSフラグメントサイズより大ãã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ï¼ˆWOLFSSL_GETMAXOUTPUTSIZE())。
+ \return INPUT_SIZE_E 入力サイズãŒæœ€å¤§TLSフラグメントサイズより大ãã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ï¼ˆWOLFSSL_GETMAXOUTPUTSIZE())。
\return BAD_FUNC_ARG 無効ãªé–¢æ•°å¼•æ•°ã«æˆ»ã‚Šã€ã¾ãŸã¯SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒã¾ã å®Œäº†ã—ã¦ã„ãªã„å ´åˆ
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfsslオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5473,9 +6514,10 @@ int wolfSSL_GetObjectSize(void); /* object size based on build */
int wolfSSL_GetOutputSize(WOLFSSL* ssl, int inSz);
/*!
- \brief プロトコルè¦æ ¼ã§æŒ‡å®šã•ã‚Œã¦ã„る最大SSL / TLSレコードサイズã®ã„ãšã‚Œã‹ã«å¯¾å¿œã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒwolfssl_getOutputSize()ã¨å‘¼ã°ã‚Œã€input_size_eエラーをå—ä¿¡ã—ãŸã¨ãã«å½¹ç«‹ã¡ã¾ã™ã€‚SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \brief プロトコルè¦æ ¼ã§æŒ‡å®šã•ã‚Œã¦ã„る最大SSL / TLSレコードサイズã®ã„ãšã‚Œã‹ã«å¯¾å¿œã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒwolfssl_getOutputSize()ã¨å‘¼ã°ã‚Œã€input_size_eエラーをå—ä¿¡ã—ãŸã¨ãã«å½¹ç«‹ã¡ã¾ã™ã€‚SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«å‘¼ã³å‡ºã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
\return size æˆåŠŸã™ã‚‹ã¨ã€æœ€å¤§å‡ºåŠ›ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™
\return BAD_FUNC_ARG 無効ãªé–¢æ•°å¼•æ•°ã®ã¨ãã«è¿”ã•ã‚Œã‚‹ã‹ã€SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒã¾ã å®Œäº†ã—ã¦ã„ãªã„å ´åˆã€‚
+
_Example_
\code
none
@@ -5485,11 +6527,12 @@ int wolfSSL_GetOutputSize(WOLFSSL* ssl, int inSz);
int wolfSSL_GetMaxOutputSize(WOLFSSL*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§æŒ‡å®šã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã¦ã€æŒ‡å®šã•ã‚ŒãŸSSLセッション(WolfSSLオブジェクト)ã®SSL / TLSプロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’設定ã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€SSLセッション(SSL)ã®ãƒ—ロトコル設定ãŒæœ€åˆã«å®šç¾©ã•ã‚Œã€SSLコンテキスト(WolfSSL_CTX_NEW())メソッドã®ç¨®é¡žã«ã‚ˆã£ã¦ä¸Šæ›¸ãã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§æŒ‡å®šã•ã‚ŒãŸãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’使用ã—ã¦ã€æŒ‡å®šã•ã‚ŒãŸSSLセッション(WolfSSLオブジェクト)ã®SSL/TLSプロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ã‚’設定ã—ã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€SSLセッション(SSL)ã®ãƒ—ロトコル設定ãŒæœ€åˆã«å®šç¾©ã•ã‚Œã€SSLコンテキスト(wolfSSL_CTX_new())メソッドã®ç¨®é¡žã«ã‚ˆã£ã¦ä¸Šæ›¸ãã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 入力SSLオブジェクトãŒNULLã¾ãŸã¯èª¤ã£ãŸãƒ—ロトコルãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§æŒ‡å®šã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -5506,8 +6549,9 @@ int wolfSSL_GetMaxOutputSize(WOLFSSL*);
int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
/*!
- \brief MAC /æš—å·åŒ–コールãƒãƒƒã‚¯ã€‚コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚MacOutã¯ã€MACã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚Macinã¯Mac入力ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¨Macinszã®ã‚µã‚¤ã‚ºã‚’注æ„ã—ã¦ã„ã¾ã™ã€‚MacContentã¨Macverifyã¯ã€Wolfssl_SettlShmacinner()ã«å¿…è¦ã§ã‚ã‚Šã€ãã®ã¾ã¾é€šéŽã—ã¾ã™ã€‚Encoutã¯ã€æš—å·åŒ–ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚ENCINã¯ENCSZãŒå…¥åŠ›ã®ã‚µã‚¤ã‚ºã§ã‚ã‚‹é–“ã¯æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h mymacencryptcb()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief MAC /æš—å·åŒ–コールãƒãƒƒã‚¯ã€‚コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚MacOutã¯ã€MACã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚Macinã¯Mac入力ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¨Macinszã®ã‚µã‚¤ã‚ºã‚’注æ„ã—ã¦ã„ã¾ã™ã€‚MacContentã¨Macverifyã¯ã€Wolfssl_SettlShmacinner()ã«å¿…è¦ã§ã‚ã‚Šã€ãã®ã¾ã¾é€šéŽã—ã¾ã™ã€‚Encoutã¯ã€æš—å·åŒ–ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚ENCINã¯ENCSZãŒå…¥åŠ›ã®ã‚µã‚¤ã‚ºã§ã‚ã‚‹é–“ã¯æš—å·åŒ–ã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h mymacencryptcb()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none è¿”å“ä¸å¯ã€‚
+
_Example_
\code
none
@@ -5520,6 +6564,8 @@ void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX* ctx, CallbackMacEncrypti cb);
/*!
\brief CTXã¸ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none è¿”å“ä¸å¯ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5530,9 +6576,11 @@ void wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX* ctx, CallbackMacEncrypti cb);
void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief Mac / Encryptコールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€wolfssl_setmacencryptx()ã§ä¿å­˜ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚
+ \brief Mac / Encryptコールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€wolfssl_setmacencryptx()ã§ä¿å­˜ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5543,8 +6591,9 @@ void wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl);
/*!
- \brief コールãƒãƒƒã‚¯ã‚’復å·åŒ–/確èªã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚DECOUTã¯ã€å¾©å·åŒ–ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚DECINã¯æš—å·åŒ–ã•ã‚ŒãŸå…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¨Decinszã®ã‚µã‚¤ã‚ºã‚’注æ„ã—ã¦ã„ã¾ã™ã€‚コンテンツã¨æ¤œè¨¼ã¯ã€WolfSSL_SettlShmacinner()ã«å¿…è¦ã§ã‚ã‚Šã€ãã®ã¾ã¾é€šéŽã—ã¾ã™ã€‚PADSZã¯ã€ãƒ‘ディングã®åˆè¨ˆå€¤ã§è¨­å®šã™ã‚‹å‡ºåŠ›å¤‰æ•°ã§ã™ã€‚ã¤ã¾ã‚Šã€MACサイズã¨ãƒ‘ディングãƒã‚¤ãƒˆã¨ãƒ‘ッドãƒã‚¤ãƒˆã‚’加ãˆã¦ã„ã¾ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h mydecryptverifycb()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief コールãƒãƒƒã‚¯ã‚’復å·åŒ–/確èªã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚DECOUTã¯ã€å¾©å·åŒ–ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚DECINã¯æš—å·åŒ–ã•ã‚ŒãŸå…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¨Decinszã®ã‚µã‚¤ã‚ºã‚’注æ„ã—ã¦ã„ã¾ã™ã€‚コンテンツã¨æ¤œè¨¼ã¯ã€WolfSSL_SettlShmacinner()ã«å¿…è¦ã§ã‚ã‚Šã€ãã®ã¾ã¾é€šéŽã—ã¾ã™ã€‚PADSZã¯ã€ãƒ‘ディングã®åˆè¨ˆå€¤ã§è¨­å®šã™ã‚‹å‡ºåŠ›å¤‰æ•°ã§ã™ã€‚ã¤ã¾ã‚Šã€MACサイズã¨ãƒ‘ディングãƒã‚¤ãƒˆã¨ãƒ‘ッドãƒã‚¤ãƒˆã‚’加ãˆã¦ã„ã¾ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h mydecryptverifycb()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -5558,6 +6607,8 @@ void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX* ctx,
/*!
\brief コールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’CTXã«å¾©å·åŒ–/検証ã—ã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5568,9 +6619,10 @@ void wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX* ctx,
void wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief wolfssl_setdecryptverifyctx()ã§ä»¥å‰ã«ä¿å­˜ã•ã‚Œã¦ã„るコールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’復å·åŒ–/検証ã—ã¾ã™ã€‚
+ \brief wolfssl_setdecryptverifyctx()ã§ä»¥å‰ã«ä¿å­˜ã•ã‚Œã¦ã„るコールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’復å·åŒ–/検証ã—ã¾ã™ã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
none
@@ -5582,9 +6634,10 @@ void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
/*!
\brief VERIFYパラメーターã¯ã€ã“ã‚ŒãŒãƒ”ア・メッセージã®æ¤œè¨¼ã®ãŸã‚ã®ã‚‚ã®ã§ã‚ã‚‹ã‹ã©ã†ã‹ã‚’指定ã—ã¾ã™ã€‚
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒç§˜å¯†ã«æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚秘密ã®ã‚µã‚¤ã‚ºã¯ã€Wolfssl_gethmacsize()ã‹ã‚‰å…¥æ‰‹ã§ãã¾ã™ã€‚
+ \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒç§˜å¯†ã«æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚秘密ã®ã‚µã‚¤ã‚ºã¯ã€Wolfssl_gethmacsize()ã‹ã‚‰å…¥æ‰‹ã§ãã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfsslオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5594,9 +6647,11 @@ void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
const unsigned char* wolfSSL_GetMacSecret(WOLFSSL* ssl, int verify);
/*!
- \brief
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚­ãƒ¼ã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚キーã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getkeysize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
+ \brief
+ \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚­ãƒ¼ã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚éµã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getkeysize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5608,8 +6663,10 @@ const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
/*!
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãƒ—ロセスã‹ã‚‰ã€‚
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒIVã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚IVã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getCipherBlockSize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
+ \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒIVã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚IVã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getCipherBlockSize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5620,9 +6677,11 @@ const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
/*!
- \brief
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚­ãƒ¼ã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚キーã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getkeysize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
+ \brief
+ \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒéµã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚éµã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getkeysize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5634,17 +6693,21 @@ const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
/*!
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãƒ—ロセスã‹ã‚‰ã€‚
- \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒIVã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚IVã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getCipherBlockSize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
+ \return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒIVã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚IVã®ã‚µã‚¤ã‚ºã¯ã€wolfssl_getCipherBlockSize()ã‹ã‚‰å–å¾—ã§ãã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
\sa wolfSSL_GetCipherBlockSize
\sa wolfSSL_GetClientWriteKey
*/
const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
/*!
- \brief
- \return size 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚­ãƒ¼ã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§è¿”ã—ã¾ã™ã€‚
+ \brief
+ \return size 正常ã«ã‚³ãƒ¼ãƒ«ãŒéµã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§è¿”ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5655,10 +6718,12 @@ const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
int wolfSSL_GetKeySize(WOLFSSL*);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief WolfSSL構造体ã«ä¿æŒã•ã‚Œã¦ã„ã‚‹Specs構造体ã®IV_SIZEメンãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
\return iv_size ssl-> specs.iv_sizeã§ä¿æŒã•ã‚Œã¦ã„る値を返ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -5678,9 +6743,11 @@ int wolfSSL_GetKeySize(WOLFSSL*);
int wolfSSL_GetIVSize(WOLFSSL*);
/*!
- \brief
+ \brief
\return success æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ãŒWolfSSLオブジェクトã®å´é¢ã«å¿œã˜ã¦wolfssl_server_endã¾ãŸã¯wolfssl_client_endã‚’è¿”ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5694,6 +6761,8 @@ int wolfSSL_GetSide(WOLFSSL*);
\brief å°‘ãªãã¨ã‚‚TLSãƒãƒ¼ã‚¸ãƒ§ãƒ³1.1以上ã§ã™ã€‚
\return true/false æˆåŠŸã—ãŸå ´åˆã€å‘¼ã³å‡ºã—ãŒTRUEã¾ãŸã¯0ã®å ´åˆã¯0ã‚’è¿”ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5706,6 +6775,8 @@ int wolfSSL_IsTLSv1_1(WOLFSSL*);
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‹ã‚‰ã€‚
\return If コールãŒæˆåŠŸã™ã‚‹ã¨ã€wolfssl_cipher_nullã€wolfssl_desã€wolfssl_triple_desã€wolfssl_aesã€wolfssl_aes_gcmã€wolfssl_aes_ccmã€wolfssl_camellia。
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5719,6 +6790,8 @@ int wolfSSL_GetBulkCipher(WOLFSSL*);
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã€‚
\return size 正常ã«ã‚³ãƒ¼ãƒ«ãŒæš—å·ãƒ–ロックサイズã®ã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§æˆ»ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5732,6 +6805,8 @@ int wolfSSL_GetCipherBlockSize(WOLFSSL*);
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ã€‚æš—å·ã‚¿ã‚¤ãƒ—ã®wolfssl_aead_typeã®å ´åˆã€‚
\return size 正常ã«ã‚³ãƒ¼ãƒ«ãŒEAD MACサイズã®ã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§æˆ»ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5745,6 +6820,8 @@ int wolfSSL_GetAeadMacSize(WOLFSSL*);
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ã€‚wolfssl_aead_type以外ã®æš—å·ã‚¿ã‚¤ãƒ—ã®å ´åˆã€‚
\return size 正常ã«ã‚³ãƒ¼ãƒ«ãŒï¼ˆH)MACサイズã®ã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§æˆ»ã—ã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5759,6 +6836,8 @@ int wolfSSL_GetHmacSize(WOLFSSL*);
\return If コールãŒæˆåŠŸã™ã‚‹ã¨ã€æ¬¡ã®ã„ãšã‚Œã‹ãŒè¿”ã•ã‚Œã¾ã™.MD5ã€SHAã€SHA256ã€SHA384。
\return BAD_FUNC_ARG エラー状態ã«å¯¾ã—ã¦è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
\return SSL_FATAL_ERROR エラー状態ã«ã‚‚è¿”ã•ã‚Œã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5772,6 +6851,8 @@ int wolfSSL_GetHmacType(WOLFSSL*);
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‹ã‚‰ã€‚
\return If 正常ã«ã‚³ãƒ¼ãƒ«ã¯æ¬¡ã®ã„ãšã‚Œã‹ã‚’è¿”ã—ã¾ã™.WolfSSL_BLOCK_TYPEã€WOLFSSL_STREAM_TYPEã€WOLFSSL_AEAD_TYPE。
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5782,9 +6863,11 @@ int wolfSSL_GetHmacType(WOLFSSL*);
int wolfSSL_GetCipherType(WOLFSSL*);
/*!
- \brief é€å—ä¿¡çµæžœã¯ã€å°‘ãªãã¨ã‚‚wolfssl_gethmacsize()ãƒã‚¤ãƒˆã§ã‚ã‚‹ã¹ãã§ã‚る内部ã«æ›¸ãè¾¼ã¾ã‚Œã¾ã™ã€‚メッセージã®ã‚µã‚¤ã‚ºã¯SZã§æŒ‡å®šã•ã‚Œã€å†…容ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ç¨®é¡žã§ã‚ã‚Šã€æ¤œè¨¼ã¯ã“ã‚ŒãŒãƒ”アメッセージã®æ¤œè¨¼ã§ã‚ã‚‹ã‹ã©ã†ã‹ã‚’指定ã—ã¾ã™ã€‚wolfssl_aead_typeを除ãæš—å·ã‚¿ã‚¤ãƒ—ã«æœ‰åŠ¹ã§ã™ã€‚
- \return 1 æˆåŠŸã™ã‚‹ã¨ã€‚
+ \brief é€å—ä¿¡çµæžœã¯ã€å°‘ãªãã¨ã‚‚wolfssl_gethmacsize()ãƒã‚¤ãƒˆã§ã‚ã‚‹ã¹ãã§ã‚る内部ã«æ›¸ãè¾¼ã¾ã‚Œã¾ã™ã€‚メッセージã®ã‚µã‚¤ã‚ºã¯SZã§æŒ‡å®šã•ã‚Œã€å†…容ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ç¨®é¡žã§ã‚ã‚Šã€æ¤œè¨¼ã¯ã“ã‚ŒãŒãƒ”アメッセージã®æ¤œè¨¼ã§ã‚ã‚‹ã‹ã©ã†ã‹ã‚’指定ã—ã¾ã™ã€‚wolfssl_aead_typeを除ãæš—å·ã‚¿ã‚¤ãƒ—ã«æœ‰åŠ¹ã§ã™ã€‚
+ \return 1 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5796,8 +6879,9 @@ int wolfSSL_SetTlsHmacInner(WOLFSSL* ssl, byte* inner,
word32 sz, int content, int verify);
/*!
- \brief コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INSã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒå…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚OUTã¯ã€ç½²åã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚OUTSZã¯ã€å‘¼ã³å‡ºã—時ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹å…¥åŠ›/出力変数ã§ã‚ã‚Šã€ç½²åã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã‚’戻ã™å‰ã«æ ¼ç´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®ECC秘密éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myeccsign()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INSã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒå…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚OUTã¯ã€ç½²åã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚OUTSZã¯ã€å‘¼ã³å‡ºã—時ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹å…¥åŠ›/出力変数ã§ã‚ã‚Šã€ç½²åã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã‚’戻ã™å‰ã«æ ¼ç´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®ECC秘密éµã§ã‚ã‚Šã€Keyszã¯éµã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myeccsign()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -5810,7 +6894,8 @@ void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb);
/*!
\brief CTXã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfsslオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5821,9 +6906,11 @@ void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb);
void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief 以å‰ã«wolfssl_seteccsignctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
+ \brief 以å‰ã«wolfssl_seteccsignctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5836,7 +6923,8 @@ void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
/*!
\brief CTXã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
none
@@ -5847,9 +6935,10 @@ void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
void wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
/*!
- \brief 以å‰ã«wolfssl_seteccsignctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
+ \brief 以å‰ã«wolfssl_seteccsignctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
none
@@ -5860,8 +6949,9 @@ void wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
void* wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX* ctx);
/*!
- \brief コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚SIGã¯æ¤œè¨¼ã®ç½²åã§ã‚ã‚Šã€SIGSZã¯ç½²åã®é•·ã•ã‚’表ã—ã¾ã™ã€‚ãƒãƒƒã‚·ãƒ¥ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã§ã‚ã‚Šã€HASHSZã¯ãƒãƒƒã‚·ãƒ¥ã®é•·ã•ã‚’æ„味ã—ã¾ã™ã€‚çµæžœã¯ã€æ¤œè¨¼ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å‡ºåŠ›å¤‰æ•°ã€æˆåŠŸã®ãŸã‚ã«1ã€å¤±æ•—ã®ãŸã‚ã«0を記憶ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®ECC秘密éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myeccverify()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚SIGã¯æ¤œè¨¼ã®ç½²åã§ã‚ã‚Šã€SIGSZã¯ç½²åã®é•·ã•ã‚’表ã—ã¾ã™ã€‚ãƒãƒƒã‚·ãƒ¥ã¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã‚’å«ã‚€å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã§ã‚ã‚Šã€HASHSZã¯ãƒãƒƒã‚·ãƒ¥ã®é•·ã•ã‚’æ„味ã—ã¾ã™ã€‚çµæžœã¯ã€æ¤œè¨¼ã®çµæžœã‚’æ ¼ç´ã™ã‚‹å‡ºåŠ›å¤‰æ•°ã€æˆåŠŸã®ãŸã‚ã«1ã€å¤±æ•—ã®ãŸã‚ã«0を記憶ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®ECC秘密éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myeccverify()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -5874,6 +6964,8 @@ void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb);
/*!
\brief CTXã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5884,9 +6976,11 @@ void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb);
void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief 以å‰ã«wolfssl_setecverifyctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
+ \brief 以å‰ã«wolfssl_setecverifyctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5897,8 +6991,9 @@ void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl);
/*!
- \brief コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INSã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒå…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚OUTã¯ã€ç½²åã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚OUTSZã¯ã€å‘¼ã³å‡ºã—時ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹å…¥åŠ›/出力変数ã§ã‚ã‚Šã€ç½²åã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã‚’戻ã™å‰ã«æ ¼ç´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®RSA秘密éµã§ã‚ã‚Šã€Keyszã¯ãƒã‚¤ãƒˆæ•°ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsasign()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INSã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãƒ¼ãŒå…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚OUTã¯ã€ç½²åã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚OUTSZã¯ã€å‘¼ã³å‡ºã—時ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹å…¥åŠ›/出力変数ã§ã‚ã‚Šã€ç½²åã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã‚’戻ã™å‰ã«æ ¼ç´ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®RSA秘密éµã§ã‚ã‚Šã€Keyszã¯ãƒã‚¤ãƒˆæ•°ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsasign()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -5911,6 +7006,8 @@ void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb);
/*!
\brief ctxã«ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5921,10 +7018,11 @@ void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb);
void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief 以å‰ã«wolfssl_setrsAsignctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
+ \brief 以å‰ã«wolfssl_setrsAsignctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param none パラメータã¯ã‚ã‚Šã¾ã›ã‚“。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5935,7 +7033,7 @@ void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl);
/*!
- \brief コールãƒãƒƒã‚¯ã¯ã€æˆåŠŸã®ãŸã‚ã®å¹³æ–‡ãƒã‚¤ãƒˆæ•°ã¾ãŸã¯<0エラーã®å ´åˆã¯<0ã‚’è¿”ã™ã¹ãã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚SIGã¯æ¤œè¨¼ã®ç½²åã§ã‚ã‚Šã€SIGSZã¯ç½²åã®é•·ã•ã‚’表ã—ã¾ã™ã€‚復å·åŒ–プロセスã¨ãƒ‘ディングã®å¾Œã«æ¤œè¨¼ãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã«è¨­å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1å½¢å¼ã®RSA公開éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsaverify()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief コールãƒãƒƒã‚¯ã¯ã€æˆåŠŸã®ãŸã‚ã®å¹³æ–‡ãƒã‚¤ãƒˆæ•°ã¾ãŸã¯<0エラーã®å ´åˆã¯<0ã‚’è¿”ã™ã¹ãã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚SIGã¯æ¤œè¨¼ã®ç½²åã§ã‚ã‚Šã€SIGSZã¯ç½²åã®é•·ã•ã‚’表ã—ã¾ã™ã€‚復å·åŒ–プロセスã¨ãƒ‘ディングã®å¾Œã«æ¤œè¨¼ãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã«è¨­å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1å½¢å¼ã®RSA公開éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsaverify()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
\sa wolfSSL_SetRsaVerifyCtx
\sa wolfSSL_GetRsaVerifyCtx
@@ -5945,6 +7043,7 @@ void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb);
/*!
\brief CTXã¸ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -5955,9 +7054,11 @@ void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb);
void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief 以å‰ã«wolfssl_setrsaverifyctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
+ \brief 以å‰ã«wolfssl_setrsaverifyctx()ã§ä¿å­˜ã•ã‚Œã¦ã„ãŸã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5968,8 +7069,10 @@ void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl);
/*!
- \brief æš—å·åŒ–ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã§ã™ãŒã€INSZã¯å…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚æš—å·åŒ–ã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚OUTSZã¯ã€å‘¼ã³å‡ºã—時ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹å…¥åŠ›/出力変数ã§ã‚ã‚Šã€æš—å·åŒ–ã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã¯æˆ»ã£ã¦å‰ã«æ ¼ç´ã•ã‚Œã‚‹ã¹ãã§ã™ã€‚keyderã¯ASN1å½¢å¼ã®RSA公開éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚例コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsaenc()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief æš—å·åŒ–ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯æˆåŠŸã®å ´åˆã¯0ã‚’è¿”ã™ã‹ã€ã‚¨ãƒ©ãƒ¼ã®å ´åˆã¯<0ã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INã¯å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ã§ã™ãŒã€INSZã¯å…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚æš—å·åŒ–ã®çµæžœã‚’ä¿å­˜ã™ã‚‹å¿…è¦ãŒã‚る出力ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚OUTSZã¯ã€å‘¼ã³å‡ºã—時ã«å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’指定ã™ã‚‹å…¥åŠ›/出力変数ã§ã‚ã‚Šã€æš—å·åŒ–ã®å®Ÿéš›ã®ã‚µã‚¤ã‚ºã¯æˆ»ã£ã¦å‰ã«æ ¼ç´ã•ã‚Œã‚‹ã¹ãã§ã™ã€‚keyderã¯ASN1å½¢å¼ã®RSA公開éµã§ã‚ã‚Šã€Keyszã¯ã‚­ãƒ¼ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚例コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsaenc()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
+ _Example_
\code
none
\endcode
@@ -5981,6 +7084,8 @@ void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb);
/*!
\brief CTXã¸ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -5991,9 +7096,11 @@ void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb);
void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief コールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€wolfssl_setrsaencctx()ã§ä»¥å‰ã«ä¿å­˜ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚
+ \brief コールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€wolfssl_setrsaencctx()ã§ä»¥å‰ã«ä¿å­˜ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -6004,8 +7111,9 @@ void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl);
/*!
- \brief 復å·åŒ–ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯ã€æˆåŠŸã®ãŸã‚ã®å¹³æ–‡ãƒã‚¤ãƒˆæ•°ã¾ãŸã¯<0エラーã®å ´åˆã¯<0ã‚’è¿”ã™ã¹ãã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INã¯ã€å¾©å·åŒ–ã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãŒå…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚復å·åŒ–プロセスãŠã‚ˆã³ä»»æ„ã®ãƒ‘ディングã®å¾Œã€å¾©å·åŒ–ãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã«è¨­å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®RSA秘密éµã§ã‚ã‚Šã€Keyszã¯ãƒã‚¤ãƒˆæ•°ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsadec()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \brief 復å·åŒ–ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯ã€æˆåŠŸã®ãŸã‚ã®å¹³æ–‡ãƒã‚¤ãƒˆæ•°ã¾ãŸã¯<0エラーã®å ´åˆã¯<0ã‚’è¿”ã™ã¹ãã§ã™ã€‚SSLã¨CTXãƒã‚¤ãƒ³ã‚¿ã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã®åˆ©ä¾¿æ€§ã«åˆ©ç”¨ã§ãã¾ã™ã€‚INã¯ã€å¾©å·åŒ–ã™ã‚‹å…¥åŠ›ãƒãƒƒãƒ•ã‚¡ãŒå…¥åŠ›ã®é•·ã•ã‚’表ã—ã¾ã™ã€‚復å·åŒ–プロセスãŠã‚ˆã³ä»»æ„ã®ãƒ‘ディングã®å¾Œã€å¾©å·åŒ–ãƒãƒƒãƒ•ã‚¡ã®å…ˆé ­ã«è¨­å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚keyderã¯ASN1フォーマットã®RSA秘密éµã§ã‚ã‚Šã€Keyszã¯ãƒã‚¤ãƒˆæ•°ã®ã‚­ãƒ¼ã®é•·ã•ã§ã™ã€‚コールãƒãƒƒã‚¯ã®ä¾‹ã¯ã€wolfssl / test.h myrsadec()を見ã¤ã‘ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -6018,6 +7126,8 @@ void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb);
/*!
\brief CTXã¸ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -6028,9 +7138,11 @@ void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb);
void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx);
/*!
- \brief コールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€wolfssl_setrsadecctx()ã§ä»¥å‰ã«ä¿å­˜ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚
+ \brief コールãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€wolfssl_setrsadecctx()ã§ä»¥å‰ã«ä¿å­˜ã•ã‚Œã¦ã„ã¾ã—ãŸã€‚
\return pointer 正常ã«ã‚³ãƒ¼ãƒ«ãŒã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¸ã®æœ‰åŠ¹ãªãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 空白ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
none
@@ -6043,7 +7155,8 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
/*!
\brief æ–°ã—ã„CA証明書ãŒWolfSSLã«ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸã¨ãã«å‘¼ã³å‡ºã•ã‚Œã‚‹ï¼ˆWolfSSL_CTX)。コールãƒãƒƒã‚¯ã«ã¯ã€ç¬¦å·åŒ–ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚’æŒã¤ãƒãƒƒãƒ•ã‚¡ãŒä¸Žãˆã‚‰ã‚Œã¾ã™ã€‚
\return none è¿”å“ä¸å¯ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -6065,7 +7178,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief æ–°ã—ã„証明書マãƒãƒ¼ã‚¸ãƒ£ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚ã“ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€SSLã®ãƒ‹ãƒ¼ã‚ºã¨ã¯ç„¡é–¢ä¿‚ã«ä½¿ç”¨ã§ãã¾ã™ã€‚証明書をロードã—ãŸã‚Šã€è¨¼æ˜Žæ›¸ã‚’確èªã—ãŸã‚Šã€å¤±åŠ¹çŠ¶æ³ã‚’確èªã—ãŸã‚Šã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return WOLFSSL_CERT_MANAGER 正常ã«ã‚³ãƒ¼ãƒ«ãŒæœ‰åŠ¹ãªwolfssl_cert_managerãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
@@ -6074,10 +7187,11 @@ void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb);
WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief æ–°ã—ã„証明書マãƒãƒ¼ã‚¸ãƒ£ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚ã“ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¯ã€SSLã®ãƒ‹ãƒ¼ã‚ºã¨ã¯ç„¡é–¢ä¿‚ã«ä½¿ç”¨ã§ãã¾ã™ã€‚証明書をロードã—ãŸã‚Šã€è¨¼æ˜Žæ›¸ã‚’確èªã—ãŸã‚Šã€å¤±åŠ¹çŠ¶æ³ã‚’確èªã—ãŸã‚Šã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return WOLFSSL_CERT_MANAGER 正常ã«ã‚³ãƒ¼ãƒ«ãŒæœ‰åŠ¹ãªwolfssl_cert_managerãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL エラー状態ã«æˆ»ã‚Šã¾ã™ã€‚
+
_Example_
\code
#import <wolfssl/ssl.h>
@@ -6093,9 +7207,10 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief 証明書マãƒãƒ¼ã‚¸ãƒ£ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã«é–¢é€£ä»˜ã‘られã¦ã„ã‚‹ã™ã¹ã¦ã®ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã—ã¾ã™ã€‚証明書マãƒãƒ¼ã‚¸ãƒ£ã‚’使用ã™ã‚‹å¿…è¦ãŒãªããªã‚‹ã¨ãã«ã“れを呼ã³å‡ºã—ã¾ã™ã€‚
- \return none
+ \return none
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6109,17 +7224,18 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief Managerコンテキストã¸ã®CA証明書ã®ãƒ­ãƒ¼ãƒ‰ã®å ´æ‰€ã‚’指定ã—ã¾ã™ã€‚PEM証明書カフェイルã«ã¯ã€è¤‡æ•°ã®ä¿¡é ¼ã§ãã‚‹CA証明書ãŒå«ã¾ã‚Œã¦ã„ã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚capathãŒnullã§ãªã„å ´åˆã€PEMå½¢å¼ã®CA証明書をå«ã‚€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã‚’指定ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
\return SSL_FATAL_ERROR - 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param file ロードã™ã‚‹CA証明書をå«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6138,13 +7254,14 @@ int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* f,
const char* d);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief wolfssl_ctx_load_verify_bufferを呼ã³å‡ºã—ã¦ã€é–¢æ•°ã«æ¸¡ã•ã‚ŒãŸCM内ã®æƒ…報を失ã†ã“ã¨ãªã一時的ãªCMを使用ã—ã¦ãã®çµæžœã‚’è¿”ã™ã“ã¨ã«ã‚ˆã£ã¦CAãƒãƒƒãƒ•ã‚¡ã‚’ロードã—ã¾ã™ã€‚
- \return SSL_FATAL_ERROR wolfssl_cert_manager構造体ãŒNULLã®å ´åˆã€ã¾ãŸã¯wolfssl_ctx_new()ãŒNULLã‚’è¿”ã™å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR wolfssl_cert_manager構造体ãŒNULLã®å ´åˆã€ã¾ãŸã¯wolfSSL_CTX_new()ãŒNULLã‚’è¿”ã™å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 実行ãŒæˆåŠŸã™ã‚‹ãŸã‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param in CERT情報用ã®ãƒãƒƒãƒ•ã‚¡ãƒ¼ã€‚
\param sz ãƒãƒƒãƒ•ã‚¡ã®é•·ã•ã€‚
+
_Example_
\code
WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
@@ -6166,11 +7283,12 @@ int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
const unsigned char* in, long sz, int format);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯CAç½²å者リストをアンロードã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_managerãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_MUTEX_E ミューテックスエラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_MUTEX_E ミューテックスエラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6188,16 +7306,17 @@ int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief 関数ã¯ä¿¡é ¼ã§ãるピアリンクリストを解放ã—ã€ä¿¡é ¼ã§ãるピアリストã®ãƒ­ãƒƒã‚¯ã‚’解除ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Œäº†ã—ãŸå ´åˆ
\return BAD_FUNC_ARG wolfssl_cert_managerãŒnullã®å ´åˆ
\return BAD_MUTEX_E ミューテックスエラーTPLOCKã§ã¯ã€WOLFSSL_CERT_MANAGER構造体ã®ãƒ¡ãƒ³ãƒãƒ¼ã¯0(ニル)ã§ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(Protocol define);
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new(Protocol define);
WOLFSSL_CERT_MANAGER* cm = wolfSSL_CertManagerNew();
...
if(wolfSSL_CertManagerUnload_trust_peers(cm) != SSL_SUCCESS){
@@ -6209,22 +7328,23 @@ int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief 証明書マãƒãƒ¼ã‚¸ãƒ£ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã§ç¢ºèªã™ã‚‹è¨¼æ˜Žæ›¸ã‚’指定ã—ã¾ã™ã€‚フォーマットã¯SSL_FILETYPE_PEMã¾ãŸã¯SSL_FILETYPE_ASN1ã«ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆ
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_SIG_CONFIRM_E ç½²åãŒæ¤œè¨¼ã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return ASN_SIG_OID_E ç½²åã®ç¨®é¡žãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åã®ç¨®é¡žãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return CRL_CERT_REVOKED ã“ã®è¨¼æ˜Žæ›¸ãŒå–り消ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
\return CRL_MISSING ç¾åœ¨ã®ç™ºè¡Œè€…CRLãŒåˆ©ç”¨ã§ããªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
- \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå‰æ—¥ã®å‰ã«ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå¾Œã®æ—¥ä»˜ã®å¾Œã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå‰æ—¥ã®å‰ã«ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå¾Œã®æ—¥ä»˜ã®å¾Œã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param fname 検証ã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒ•ã‚¡ã‚¤ãƒ«ã®åå‰ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -6244,23 +7364,24 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* f,
int format);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief 証明書マãƒãƒ¼ã‚¸ãƒ£ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã‚’使用ã—ã¦ç¢ºèªã™ã‚‹è¨¼æ˜Žæ›¸ãƒãƒƒãƒ•ã‚¡ã‚’指定ã—ã¾ã™ã€‚フォーマットã¯SSL_FILETYPE_PEMã¾ãŸã¯SSL_FILETYPE_ASN1ã«ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆ
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_SIG_CONFIRM_E ç½²åãŒæ¤œè¨¼ã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return ASN_SIG_OID_E ç½²åã®ç¨®é¡žãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_SIG_OID_E ç½²åã®ç¨®é¡žãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return CRL_CERT_REVOKED ã“ã®è¨¼æ˜Žæ›¸ãŒå–り消ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
\return CRL_MISSING ç¾åœ¨ã®ç™ºè¡Œè€…CRLãŒåˆ©ç”¨ã§ããªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
- \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå‰æ—¥ã®å‰ã«ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå¾Œã®æ—¥ä»˜ã®å¾Œã®å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
+ \return ASN_BEFORE_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå‰æ—¥ã®å‰ã«ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return ASN_AFTER_DATE_E ç¾åœ¨ã®æ—¥ä»˜ãŒå¾Œã®æ—¥ä»˜ã®å¾Œã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILETYPE ファイルãŒé–“é•ã£ãŸå½¢å¼ã§ã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_BAD_FILE ファイルãŒå­˜åœ¨ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚読ã¿è¾¼ã‚ã€ã¾ãŸã¯ç ´æã—ã¦ã„ã¾ã›ã‚“。
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return ASN_INPUT_E base16デコードãŒãƒ•ã‚¡ã‚¤ãƒ«ã«å¯¾ã—ã¦å¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buff 検証ã™ã‚‹è¨¼æ˜Žæ›¸ã‚’å«ã‚€ãƒãƒƒãƒ•ã‚¡ã€‚
\param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã€BUF。
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6284,10 +7405,11 @@ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
const unsigned char* buff, long sz, int format);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯ã€è¨¼æ˜Žæ›¸ãƒžãƒãƒ¼ã‚¸ãƒ£ãƒ¼ã®verifyCallback関数を設定ã—ã¾ã™ã€‚存在ã™ã‚‹å ´åˆã€ãã‚Œã¯ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸå„CERTã«å¯¾ã—ã¦å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚検証エラーãŒã‚ã‚‹å ´åˆã¯ã€æ¤œè¨¼ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’使用ã—ã¦ã‚¨ãƒ©ãƒ¼ã‚’éŽåº¦ã«ä¹—り越ãˆã¾ã™ã€‚
\return none è¿”å“ä¸å¯ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6295,7 +7417,7 @@ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
{ // do custom verification of certificate }
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(Protocol define);
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new(Protocol define);
WOLFSSL_CERT_MANAGER* cm = wolfSSL_CertManagerNew();
...
wolfSSL_CertManagerSetVerify(cm, myVerify);
@@ -6313,6 +7435,7 @@ void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm,
\return BAD_FUNC_ARG wolfssl_cert_managerãŒnullã®å ´åˆ
\param cm wolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param der DERフォーマット証明書ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CERT_MANAGER* cm;
@@ -6332,14 +7455,15 @@ int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
unsigned char* der, int sz);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief 証明書マãƒãƒ¼ã‚¸ãƒ£ã‚’使用ã—ã¦è¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ã¨ãã«è¨¼æ˜Žæ›¸å¤±åŠ¹ãƒªã‚¹ãƒˆã®ç¢ºèªã‚’オンã«ã—ã¾ã™ã€‚デフォルトã§ã¯ã€CRLãƒã‚§ãƒƒã‚¯ã¯ã‚ªãƒ•ã§ã™ã€‚オプションã«ã¯ã€wolfssl_crl_checkallãŒå«ã¾ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ãƒã‚§ãƒ¼ãƒ³å†…ã®å„証明書ã«å¯¾ã—ã¦CRL検査を実行ã—ã¾ã™ã€‚ã“ã‚Œã¯ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã§ã‚るリーフ証明書ã®ã¿ã§ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
- \return NOT_COMPILED_IN WolfSSLãŒCRLを有効ã«ã—ã¦æ§‹ç¯‰ã•ã‚Œã¦ã„ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
+ \return NOT_COMPILED_IN WolfSSLãŒCRLを有効ã«ã—ã¦æ§‹ç¯‰ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリä¸è¶³çŠ¶æ…‹ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
- \return SSL_FAILURE CRLコンテキストを正ã—ãåˆæœŸåŒ–ã§ããªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return SSL_FAILURE CRLコンテキストを正ã—ãåˆæœŸåŒ–ã§ããªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6361,10 +7485,11 @@ int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
int options);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief 証明書マãƒãƒ¼ã‚¸ãƒ£ã‚’使用ã—ã¦è¨¼æ˜Žæ›¸ã‚’検証ã™ã‚‹ã¨ãã«è¨¼æ˜Žæ›¸å¤±åŠ¹ãƒªã‚¹ãƒˆã®ç¢ºèªã‚’オフã«ã—ã¾ã™ã€‚デフォルトã§ã¯ã€CRLãƒã‚§ãƒƒã‚¯ã¯ã‚ªãƒ•ã§ã™ã€‚ã“ã®é–¢æ•°ã‚’使用ã—ã¦ã€ã“ã®Certificate Managerコンテキストを使用ã—ã¦CRL検査を一時的ã¾ãŸã¯æ’ä¹…çš„ã«ç„¡åŠ¹ã«ã—ã¦ã€ä»¥å‰ã¯CRL検査ãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã—ãŸã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã€é€šè©±ãŒæˆ»ã‚Šã¾ã™ã€‚
\return BAD_FUNC_ARG 関数ãƒã‚¤ãƒ³ã‚¿ãŒæä¾›ã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6383,16 +7508,18 @@ int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*);
/*!
- \ingroup CertManager
- \brief 失効確èªã®ãŸã‚ã«CERTã‚’CRLã«ãƒ­ãƒ¼ãƒ‰ã™ã‚‹ãŸã‚ã«ã€CERTã‚’CRLã«ãƒ­ãƒ¼ãƒ‰ã™ã‚‹ãŸã‚ã«ã€ROADCRL()ã¸ã®ã‚¨ãƒ©ãƒ¼ãŒãƒã‚§ãƒƒã‚¯ã•ã‚Œã€æ¸¡ã•ã‚Œã¾ã™ã€‚
- \return SSL_SUCCESS wolfssl_certmanagerLoadcrlã«ã‚¨ãƒ©ãƒ¼ãŒãªã„å ´åˆã€ãŠã‚ˆã³loadcrlãŒæ­£å¸¸ã«æˆ»ã‚‹å ´åˆã€‚
- \return BAD_FUNC_ARG wolfssl_cert_manager構造体ãŒnullã®å ´åˆ
- \return SSL_FATAL_ERROR wolfssl_certmanagerEnableCRLãŒSSL_SUCCESS以外ã®ã‚‚ã®ã‚’è¿”ã™å ´åˆã€‚
- \return BAD_PATH_ERROR パスãŒNULLã®å ´åˆ
+ \ingroup CertManager
+ \brief 証明書ã®å¤±åŠ¹ç¢ºèªã®ãŸã‚ã«è¨¼æ˜Žæ›¸ã‚’CRLã«ãƒ­ãƒ¼ãƒ‰ã™ã‚‹éš›ã«ã‚¨ãƒ©ãƒ¼ãƒã‚§ãƒƒã‚¯ã‚’è¡Œã„ã€ãã®å¾Œè¨¼æ˜Žæ›¸ã‚’LoadCRL()ã¸æ¸¡ã—ã¾ã™ã€‚
+
+ \return SSL_SUCCESS wolfSSL_CertManagerLoadCRLã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã›ãšã€loadCRLãŒæˆåŠŸã§æˆ»ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CERT_MANAGER構造体ãŒNULLã®å ´åˆ
+ \return SSL_FATAL_ERROR wolfSSL_CertManagerEnableCRLãŒSSL_SUCCESS以外ã®ã‚’è¿”ã™å ´åˆã€‚
+ \return BAD_PATH_ERROR pathãŒNULLã®å ´åˆ
\return MEMORY_E LOADCRLãŒãƒ’ープメモリã®å‰²ã‚Šå½“ã¦ã«å¤±æ•—ã—ãŸå ´åˆã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param path CRL経路をä¿æŒã—ã¦ã„る一定ã®ãƒãƒ£ãƒ¼ãƒ«ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfSSL_CertManagerNew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CERT_MANAGER構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param path CRLã¸ã®ãƒ‘スをä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type ロードã™ã‚‹è¨¼æ˜Žæ›¸ã®ç¨®é¡žã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6409,14 +7536,15 @@ int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm,
const char* path, int type, int monitor);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯ã€BufferLoadCRLを呼ã³å‡ºã™ã“ã¨ã«ã‚ˆã£ã¦CRLファイルをロードã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Œäº†ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_managerãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR wolfssl_cert_managerã«é–¢é€£ä»˜ã‘られã¦ã„るエラーãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR wolfssl_cert_managerã«é–¢é€£ä»˜ã‘られã¦ã„るエラーãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param cm wolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buff 定数ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—ã¨ãƒãƒƒãƒ•ã‚¡ã§ã™ã€‚
\param sz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’表ã™é•·ã„int。
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6441,11 +7569,12 @@ int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
int type);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯CRL証明書マãƒãƒ¼ã‚¸ãƒ£ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚LABE_CRLãŒå®šç¾©ã•ã‚Œã¦ã„ã¦ä¸€è‡´ã™ã‚‹CRLレコードãŒè¦‹ã¤ã‹ã‚‰ãªã„å ´åˆã€CBMissingCRLã¯å‘¼ã³å‡ºã•ã‚Œã¾ã™ï¼ˆWolfSSL_CertManagerSetCRL_CBを介ã—ã¦è¨­å®šï¼‰ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€CRLを外部ã«æ¤œç´¢ã—ã¦ãƒ­ãƒ¼ãƒ‰ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ã®å®Ÿè¡ŒãŒæˆåŠŸã—ãŸã‚‰è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_manager構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param cm 証明書ã®æƒ…報をä¿æŒã—ã¦ã„ã‚‹WOLFSSL_CERT_MANAGER構造。
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6468,15 +7597,42 @@ int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
*/
int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm,
CbMissingCRL cb);
+/*!
+ \ingroup CertManager
+ \brief ã“ã®é–¢æ•°ã¯è¨¼æ˜Žæ›¸ãƒžãƒã‚¸ãƒ£ãƒ¼ã«ä¿æŒã•ã‚Œã¦ã„ã‚‹CRLを解放ã—ã¾ã™ã€‚
+ アプリケーションã¯CRLã‚’wolfSSL_CertManagerFreeCRLを呼ã³å‡ºã—ã¦è§£æ”¾ã—ãŸå¾Œã«ã€æ–°ã—ã„CRLをロードã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+
+ \return SSL_SUCCESS 関数ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CERT_MANAGER構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼ãŒNULLã§æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param cm wolfSSL_CertManagerNew()ã§ç”Ÿæˆã•ã‚ŒãŸWOLFSSL_CERT_MANAGER構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ãƒ¼ã€‚
+
+ _Example_
+ \code
+ #include <wolfssl/ssl.h>
+
+ const char* crl1 = "./certs/crl/crl.pem";
+ WOLFSSL_CERT_MANAGER* cm = NULL;
+
+ cm = wolfSSL_CertManagerNew();
+ wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0);
+ …
+ wolfSSL_CertManagerFreeCRL(cm);
+ \endcode
+
+ \sa wolfSSL_CertManagerLoadCRL
+*/
+int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®æ©Ÿèƒ½ã«ã‚ˆã‚Šã€OCSPENABLED OCSPENABLEDãŒOCSPãƒã‚§ãƒƒã‚¯ã‚ªãƒ—ションãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚wolfssl_cert_managerã®OCSPENABLEDメンãƒãƒ¼ãŒæœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_manager構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯è¨±å¯ã•ã‚Œã¦ã„ãªã„引数値ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E ã“ã®é–¢æ•°å†…ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param der 証明書ã¸ã®ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#import <wolfssl/ssl.h>
@@ -6496,14 +7652,15 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
unsigned char* der, int sz);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief OCSPãŒã‚ªãƒ•ã«ãªã£ã¦ã„ã‚‹å ´åˆã¯OCSPをオンã«ã—ã€[設定]オプションを使用å¯èƒ½ã«ãªã£ã¦ã„ã‚‹å ´åˆã€‚
\return SSL_SUCCESS 関数呼ã³å‡ºã—ãŒæˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG cm構造体ãŒnullã®å ´åˆ
\return MEMORY_E wolfssl_ocsp struct値ãŒnullã®å ´åˆ
\return SSL_FAILURE WOLFSSL_OCSP構造体ã®åˆæœŸåŒ–ã¯åˆæœŸåŒ–ã«å¤±æ•—ã—ã¾ã™ã€‚
\return NOT_COMPILED_IN æ­£ã—ã„機能を有効ã«ã—ã¦ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„ビルド。
- \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cm wolfssl_certmanagernew()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6523,10 +7680,11 @@ int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
int options);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief OCSP証明書ã®å¤±åŠ¹ã‚’無効ã«ã—ã¾ã™ã€‚
\return SSL_SUCCESS WolfSSL_CertMangerDisableCRLã¯ã€WolfSSL_CERT_MANAGER構造体ã®CRLEnabledメンãƒã‚’無効ã«ã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG WOLFSSL構造ã¯ãƒŒãƒ«ã§ã—ãŸã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6543,11 +7701,12 @@ int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯ã€URLã‚’wolfssl_cert_manager構造体ã®OCSpoverrideURLメンãƒãƒ¼ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
\return SSL_SUCCESS ã“ã®æ©Ÿèƒ½ã¯æœŸå¾…ã©ãŠã‚Šã«å®Ÿè¡Œã§ãã¾ã—ãŸã€‚
\return BAD_FUNC_ARG wolfssl_cert_manager構造体ã¯nullã§ã™ã€‚
\return MEMEORY_E 証明書マãƒãƒ¼ã‚¸ãƒ£ã®OCSPoverRideURLメンãƒãƒ¼ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6567,13 +7726,14 @@ int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
const char* url);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_cert_managerã®OCSPコールãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 実行ã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚引数ã¯wolfssl_cert_manager構造体ã«ä¿å­˜ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_managerãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param cm wolfssl_cert_manager構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param ioCb CBocSpioåž‹ã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
\param respFreeCb - CBOCSPRESPFREASåž‹ã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -6595,13 +7755,14 @@ int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
void* ioCbCtx);
/*!
- \ingroup CertManager
+ \ingroup CertManager
\brief ã“ã®é–¢æ•°ã¯ã€ã‚ªãƒ—ションをオンã«ã—ãªã„ã¨OCSPステープルをオンã«ã—ã¾ã™ã€‚オプションを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS エラーãŒãªãã€é–¢æ•°ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_manager構造体ãŒNULLã¾ãŸã¯ãã†ã§ãªã„å ´åˆã¯ã€ã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸæœªè§£æ±ºã®å¼•æ•°å€¤ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E メモリ割り当ã¦ãŒã‚ã‚‹å•é¡ŒãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリ割り当ã¦ãŒã‚ã‚‹å•é¡ŒãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE OCSP構造体ã®åˆæœŸåŒ–ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN wolfsslãŒhaber_certificate_status_requestオプションã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX* ctx){
@@ -6614,13 +7775,14 @@ int wolfSSL_CertManagerEnableOCSPStapling(
WOLFSSL_CERT_MANAGER* cm);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ã¯ã‚¨ãƒ©ãƒ¼ãªã—ã§è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE initcrl関数ãŒæ­£å¸¸ã«æˆ»ã•ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN have_crlã¯ã‚³ãƒ³ãƒ‘イル中ã«æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã›ã‚“ã§ã—ãŸã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6636,9 +7798,10 @@ int wolfSSL_CertManagerEnableOCSPStapling(
int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
/*!
- \brief
+ \brief
\return SSL_SUCCESS WolfSSL_CertMangerDisableCRLã¯ã€WolfSSL_CERT_MANAGER構造体ã®CRLEnabledメンãƒã‚’無効ã«ã—ã¾ã—ãŸã€‚
\return BAD_FUNC_ARG WOLFSSL構造ã¯ãƒŒãƒ«ã§ã—ãŸã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6658,9 +7821,10 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl);
\return WOLFSSL_SUCCESS 関数ã¨ã™ã¹ã¦ã®ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FATAL_ERROR サブルーãƒãƒ³ã®1ã¤ãŒæ­£å¸¸ã«æˆ»ã•ã‚Œãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl_cert_managerã¾ãŸã¯wolfssl構造ãŒnullã®å ´åˆ
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param path CRLファイルã¸ã®ãƒ‘スをä¿æŒã™ã‚‹å®šæ•°æ–‡å­—ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type 証明書ã®ç¨®é¡žã‚’表ã™æ•´æ•°ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6677,10 +7841,11 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl);
int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚wolfssl_cert_managerã®CBMissingCRLメンãƒãƒ¼ãŒè¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
\return BAD_FUNC_ARG WOLFSSLã¾ãŸã¯WOLFSSL_CERT_MANAGER構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -6702,12 +7867,13 @@ int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor);
int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã“ã®é–¢æ•°ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ã®å¼•æ•°ãŒç„¡åŠ¹ãªå¼•æ•°å€¤ã‚’å—ä¿¡ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E 構造体やãã®ä»–ã®å¤‰æ•°ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E 構造体やãã®ä»–ã®å¤‰æ•°ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN wolfsslãŒhane_ocspオプションã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6724,9 +7890,10 @@ int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb);
int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ã¨ãã®ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§æˆ»ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚wolfssl_cert_manager構造体ã®OCSPENABLEDメンãƒãƒ¼ã¯æ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6744,7 +7911,8 @@ int wolfSSL_DisableOCSP(WOLFSSL*);
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl構造体ãŒnullã®å ´åˆã€ã¾ãŸã¯æœªè§£æ±ºã®å¼•æ•°ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E サブルーãƒãƒ³ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6763,9 +7931,10 @@ int wolfSSL_SetOCSP_OverrideURL(WOLFSSL* ssl, const char* url);
\brief wolfssl_cert_manager構造体。
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚CMã®OCSPIOCBã€OCSPRESPFREECBã€ãŠã‚ˆã³OCSPIOCTXメンãƒãƒ¼ãŒè¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
\return BAD_FUNC_ARG WOLFSSLã¾ãŸã¯WOLFSSL_CERT_MANAGER構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param ioCb CBocSpioを入力ã™ã‚‹ãŸã‚ã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
\param respFreeCb 応答メモリを解放ã™ã‚‹ãŸã‚ã®å‘¼ã³å‡ºã—ã§ã‚ã‚‹CBocSpreSpFreeを入力ã™ã‚‹ãŸã‚ã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6795,12 +7964,13 @@ int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
void* ioCbCtx);
/*!
- \brief
+ \brief
\return SSL_SUCCESS ã“ã®é–¢æ•°ã¨ãã‚ŒãŒã‚µãƒ–ルーãƒãƒ³ã®å ´åˆã¯ã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG CTX構造体ãŒNULLã®å ´åˆã€ã¾ãŸã¯ãã®ä»–ã®ç‚¹ã§ã¯ã‚µãƒ–ルーãƒãƒ³ã«ç„¡åŠ¹ãªå¼•æ•°ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E 関数ã®å®Ÿè¡Œä¸­ã«ãƒ¡ãƒ¢ãƒªã®å‰²ã‚Šå½“ã¦ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE wolfssl_cert_managerã®CRLメンãƒãƒ¼ãŒæ­£ã—ãåˆæœŸåŒ–ã•ã‚Œãªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN wolfsslã¯hane_crlオプションã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¾ã›ã‚“ã§ã—ãŸã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6817,9 +7987,10 @@ int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚wolfssl_cert_manager構造体ã®CRLEnabledメンãƒãƒ¼ã¯0ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
\return BAD_FUNC_ARG CTX構造体ã¾ãŸã¯CM構造体ã«NULL値ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6834,14 +8005,15 @@ int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx);
/*!
- \brief wolfssl_certmanagerLoadcr()。
+ \brief wolfssl_certmanagerLoadcr()。
\return SSL_SUCCESS - 関数ã¨ãã®ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG - ã“ã®é–¢æ•°ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ãŒNULL構造ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_PATH_ERROR - パス変数ãŒnullã¨ã—ã¦é–‹ãã¨æˆ»ã‚Šã¾ã™ã€‚
\return MEMORY_E - メモリã®å‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param path 証明書ã¸ã®ãƒ‘ス。
\param type 証明書ã®ç¨®é¡žã‚’ä¿æŒã™ã‚‹æ•´æ•°å¤‰æ•°ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -6858,7 +8030,8 @@ int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monito
\brief wolfssl_certmanagersetCRL_CBを呼ã³å‡ºã—ã¦ã€WolfSSL_CERT_MANAGER構造ã®ãƒ¡ãƒ³ãƒãƒ¼ã€‚
\return SSL_SUCCESS 実行ãŒæˆåŠŸã™ã‚‹ãŸã‚ã«è¿”ã•ã‚Œã¾ã—ãŸã€‚WOLFSSL_CERT_MANAGER構造体ã®CBMSSINGCRLã¯CBã«æ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG wolfssl_ctxã¾ãŸã¯wolfssl_cert_managerãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -6878,11 +8051,12 @@ int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monito
int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb);
/*!
- \brief wolfsslã®æ©Ÿèƒ½ã‚ªãƒ—ションã®å€¤ãŒ1ã¤ä»¥ä¸Šã®ã‚ªãƒ—ションã§æ§‹æˆã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€æ¬¡ã®ã‚ªãƒ—ションを1ã¤ä»¥ä¸Šã«ã—ã¾ã™.wolfssl_ocsp_enable - OCSPルックアップを有効ã«ã™ã‚‹wolfssl_ocsp_url_override - 証明書ã®URLã®ä»£ã‚ã‚Šã«URLをオーãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã—ã¾ã™ã€‚オーãƒãƒ¼ãƒ©ã‚¤ãƒ‰URLã¯ã€wolfssl_ctx_setocsp_overrideURL()関数を使用ã—ã¦æŒ‡å®šã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfsslãŒOCSPサãƒãƒ¼ãƒˆï¼ˆ--enable-ocspã€#define hane_ocsp)ã§ã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã«ã®ã¿OCSPオプションを設定ã—ã¾ã™ã€‚
+ \brief wolfsslã®æ©Ÿèƒ½ã‚ªãƒ—ションã®å€¤ãŒ1ã¤ä»¥ä¸Šã®ã‚ªãƒ—ションã§æ§‹æˆã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€æ¬¡ã®ã‚ªãƒ—ションを1ã¤ä»¥ä¸Šã«ã—ã¾ã™.wolfssl_ocsp_enable - OCSPルックアップを有効ã«ã™ã‚‹wolfssl_ocsp_url_override - 証明書ã®URLã®ä»£ã‚ã‚Šã«URLをオーãƒãƒ¼ãƒ©ã‚¤ãƒ‰ã—ã¾ã™ã€‚オーãƒãƒ¼ãƒ©ã‚¤ãƒ‰URLã¯ã€wolfssl_ctx_setocsp_overrideURL()関数を使用ã—ã¦æŒ‡å®šã•ã‚Œã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfsslãŒOCSPサãƒãƒ¼ãƒˆï¼ˆ--enable-ocspã€#define hane_ocsp)ã§ã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã«ã®ã¿OCSPオプションを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚ŒãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ãŒã€wolfsslãŒã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã«OCSPサãƒãƒ¼ãƒˆã¯æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã›ã‚“ã§ã—ãŸã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -6896,7 +8070,8 @@ int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX* ctx, int options);
/*!
\brief wolfssl_cert_manager構造体ã®OCSPENABLEDメンãƒãƒ¼ã«å½±éŸ¿ã‚’与ãˆã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚CMã®OCSPENABLEDメンãƒãƒ¼ã¯ç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造ãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造ãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6916,7 +8091,8 @@ int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
\return SSL_SUCCESS æˆåŠŸã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 失敗ã—ãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚ŒãŸã¨ãã«è¿”ã•ã‚Œã¾ã™ãŒã€wolfsslãŒã‚³ãƒ³ãƒ‘イルã•ã‚ŒãŸã¨ãã«OCSPサãƒãƒ¼ãƒˆã¯æœ‰åŠ¹ã«ãªã£ã¦ã„ã¾ã›ã‚“ã§ã—ãŸã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -6928,12 +8104,13 @@ int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX* ctx, const char* url);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚CM内ã®OCSPIOCBã€OCSPRESPFREECBã€ãŠã‚ˆã³OCSPIOCTXメンãƒãƒ¼ã¯æ­£å¸¸ã«è¨­å®šã•ã‚Œã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG wolfssl_ctxã¾ãŸã¯wolfssl_cert_manager構造体ãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTXã¾ãŸã¯wolfssl_cert_manager構造体ãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param ioCb 関数ãƒã‚¤ãƒ³ã‚¿ã§ã‚ã‚‹CBocSpio型。
\param respFreeCb 関数ãƒã‚¤ãƒ³ã‚¿ã§ã‚ã‚‹CBocSprepSprepFree型。
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -6959,15 +8136,16 @@ int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx,
void* ioCbCtx);
/*!
- \brief wolfssl_certmanagerEnableOcspStapling()。
+ \brief wolfssl_certmanagerEnableOcspStapling()。
\return SSL_SUCCESS エラーãŒãªãã€é–¢æ•°ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造体ãŒNULLã¾ãŸã¯ãã†ã§ãªã„å ´åˆã¯ã€ã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸæœªè§£æ±ºã®å¼•æ•°å€¤ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E メモリ割り当ã¦ãŒã‚ã‚‹å•é¡ŒãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造体ãŒNULLã¾ãŸã¯ãã†ã§ãªã„å ´åˆã¯ã€ã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸæœªè§£æ±ºã®å¼•æ•°å€¤ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリ割り当ã¦ãŒã‚ã‚‹å•é¡ŒãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE OCSP構造体ã®åˆæœŸåŒ–ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NOT_COMPILED_IN wolfsslãŒhaber_certificate_status_requestオプションã§ã‚³ãƒ³ãƒ‘イルã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
- WOLFSSL* ssl = WOLFSSL_new();
+ WOLFSSL* ssl = wolfSSL_new();
ssl->method.version; // set to desired protocol
...
if(!wolfSSL_CTX_EnableOCSPStapling(ssl->ctx)){
@@ -6980,9 +8158,10 @@ int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx,
int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
/*!
- \ingroup CertsKeys
- \brief 通常ã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã®æœ€å¾Œã«ã€WolfSSLã¯ä¸€æ™‚çš„ãªã‚¢ãƒ¬ã‚¤ã‚’解放ã—ã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå§‹ã¾ã‚‹å‰ã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™ã¨ã€WolfSSLã¯ä¸€æ™‚çš„ãªé…列を解放ã™ã‚‹ã®ã‚’防ãŽã¾ã™ã€‚Wolfssl_get_keys()ã¾ãŸã¯PSKã®ãƒ’ントãªã©ã®ã‚‚ã®ã«ã¯ã€ä¸€æ™‚çš„ãªé…列ãŒå¿…è¦ã«ãªã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ユーザãŒä¸€æ™‚çš„ãªé…列ã§è¡Œã‚れるã¨ã€wolfssl_freearray()ã®ã„ãšã‚Œã‹ãŒå³åº§ã«ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã™ã‚‹ã“ã¨ãŒã§ãã€ã‚ã‚‹ã„ã¯ã€é–¢é€£ã™ã‚‹SSLオブジェクトãŒè§£æ”¾ã•ã‚ŒãŸã¨ãã«ãƒªã‚½ãƒ¼ã‚¹ãŒè§£æ”¾ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚る。
+ \ingroup CertsKeys
+ \brief 通常ã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã®æœ€å¾Œã«ã€WolfSSLã¯ä¸€æ™‚çš„ãªã‚¢ãƒ¬ã‚¤ã‚’解放ã—ã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå§‹ã¾ã‚‹å‰ã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã™ã¨ã€WolfSSLã¯ä¸€æ™‚çš„ãªé…列を解放ã™ã‚‹ã®ã‚’防ãŽã¾ã™ã€‚Wolfssl_get_keys()ã¾ãŸã¯PSKã®ãƒ’ントãªã©ã®ã‚‚ã®ã«ã¯ã€ä¸€æ™‚çš„ãªé…列ãŒå¿…è¦ã«ãªã‚‹å ´åˆãŒã‚ã‚Šã¾ã™ã€‚ユーザãŒä¸€æ™‚çš„ãªé…列ã§è¡Œã‚れるã¨ã€wolfssl_freearray()ã®ã„ãšã‚Œã‹ãŒå³åº§ã«ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã™ã‚‹ã“ã¨ãŒã§ãã€ã‚ã‚‹ã„ã¯ã€é–¢é€£ã™ã‚‹SSLオブジェクトãŒè§£æ”¾ã•ã‚ŒãŸã¨ãã«ãƒªã‚½ãƒ¼ã‚¹ãŒè§£æ”¾ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚る。
\return none è¿”å“ä¸å¯ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -6994,9 +8173,10 @@ int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
void wolfSSL_KeepArrays(WOLFSSL*);
/*!
- \ingroup CertsKeys
- \brief 通常ã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã®æœ€å¾Œã«ã€WolfSSLã¯ä¸€æ™‚çš„ãªã‚¢ãƒ¬ã‚¤ã‚’解放ã—ã¾ã™ã€‚wolfssl_keeparrays()ãŒãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã®å‰ã«å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€WolfSSLã¯ä¸€æ™‚çš„ãªé…列を解放ã—ã¾ã›ã‚“。ã“ã®é–¢æ•°ã¯ä¸€æ™‚çš„ãªé…列を明示的ã«è§£æ”¾ã—ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒä¸€æ™‚çš„ãªé…列ã§è¡Œã‚ã‚ŒãŸã¨ãã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã¹ãã§ã‚ã‚Šã€SSLオブジェクトãŒã“れらã®ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã™ã‚‹ã®ã‚’å¾…ã£ãŸããªã„。
+ \ingroup CertsKeys
+ \brief 通常ã€SSLãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã®æœ€å¾Œã«ã€WolfSSLã¯ä¸€æ™‚çš„ãªã‚¢ãƒ¬ã‚¤ã‚’解放ã—ã¾ã™ã€‚wolfssl_keeparrays()ãŒãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã®å‰ã«å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€WolfSSLã¯ä¸€æ™‚çš„ãªé…列を解放ã—ã¾ã›ã‚“。ã“ã®é–¢æ•°ã¯ä¸€æ™‚çš„ãªé…列を明示的ã«è§£æ”¾ã—ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒä¸€æ™‚çš„ãªé…列ã§è¡Œã‚ã‚ŒãŸã¨ãã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã¹ãã§ã‚ã‚Šã€SSLオブジェクトãŒã“れらã®ãƒªã‚½ãƒ¼ã‚¹ã‚’解放ã™ã‚‹ã®ã‚’å¾…ã£ãŸããªã„。
\return none è¿”å“ä¸å¯ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -7009,12 +8189,13 @@ void wolfSSL_FreeArrays(WOLFSSL*);
/*!
\brief 'ssl'パラメータã«æ¸¡ã•ã‚ŒãŸã‚ªãƒ–ジェクト。ã“ã‚Œã¯ã€WolfSSLクライアントã«ã‚ˆã£ã¦SNI拡張機能ãŒClientHelloã§é€ä¿¡ã•ã‚Œã€WolfSSL Serverã¯ServerHello + SNIã¾ãŸã¯SNIミスマッãƒã®å ´åˆã¯è‡´å‘½çš„ãªAlert Hello + SNIを応答ã—ã¾ã™ã€‚
- \return WOLFSSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã§è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.SSLã¯NULLã€ãƒ‡ãƒ¼ã‚¿ã¯NULLã€ã‚¿ã‚¤ãƒ—ã¯ä¸æ˜Žãªå€¤ã§ã™ã€‚(下記å‚照)
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type ã©ã®ç¨®é¡žã®ã‚µãƒ¼ãƒãƒ¼åãŒãƒ‡ãƒ¼ã‚¿ã«æ¸¡ã•ã‚ŒãŸã‹ã‚’示ã—ã¾ã™ã€‚既知ã®åž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_host_name = 0};
\param data サーãƒãƒ¼åデータã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -7042,12 +8223,13 @@ int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type,
/*!
\brief SSLコンテキストã‹ã‚‰ä½œæˆã•ã‚ŒãŸã‚ªãƒ–ジェクト㯠'ctx'パラメータã«æ¸¡ã•ã‚Œã¾ã—ãŸã€‚ã“ã‚Œã¯ã€WolfSSLクライアントã«ã‚ˆã£ã¦SNI拡張機能ãŒClientHelloã§é€ä¿¡ã•ã‚Œã€WolfSSLサーãƒãƒ¼ã¯ServerHello + SNIã¾ãŸã¯SNIã®ä¸ä¸€è‡´ã®å ´åˆã«ã¯è‡´å‘½çš„ãªALERT Hello + SNIを応答ã—ã¾ã™ã€‚
- \return WOLFSSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã§è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.CTXã¯NULLã€ãƒ‡ãƒ¼ã‚¿ã¯NULLã€ã‚¿ã‚¤ãƒ—ã¯ä¸æ˜Žãªå€¤ã§ã™ã€‚(下記å‚照)
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type ã©ã®ç¨®é¡žã®ã‚µãƒ¼ãƒãƒ¼åãŒãƒ‡ãƒ¼ã‚¿ã«æ¸¡ã•ã‚ŒãŸã‹ã‚’示ã—ã¾ã™ã€‚既知ã®åž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_host_name = 0};
\param data サーãƒãƒ¼åデータã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -7071,10 +8253,11 @@ int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type,
/*!
\brief 'ssl'パラメータã«æ¸¡ã•ã‚ŒãŸSSLオブジェクト内ã®ã‚µãƒ¼ãƒãƒ¼å表示を使用ã—ãŸSSLセッションã®å‹•ä½œã€‚オプションを以下ã«èª¬æ˜Žã—ã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type ã©ã®ç¨®é¡žã®ã‚µãƒ¼ãƒãƒ¼åãŒãƒ‡ãƒ¼ã‚¿ã«æ¸¡ã•ã‚ŒãŸã‹ã‚’示ã—ã¾ã™ã€‚既知ã®åž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_host_name = 0};
\param options é¸æŠžã•ã‚ŒãŸã‚ªãƒ—ションをæŒã¤ãƒ“ットå˜ä½ã®ã‚»ãƒžãƒ•ã‚©ã€‚利用å¯èƒ½ãªã‚ªãƒ—ションã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_continue_on_mismatch = 0x01ã€wolfssl_sni_answer_on_mismatch = 0x02};通常ã€ã‚µãƒ¼ãƒãƒ¼ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦æä¾›ã•ã‚ŒãŸãƒ›ã‚¹ãƒˆåãŒã‚µãƒ¼ãƒãƒ¼ã¨è¡¨ç¤ºã•ã‚Œã¦ã„るホストåãŒã‚µãƒ¼ãƒãƒ¼ã§æä¾›ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã¯handshakeを中止ã—ã¾ã™ã€‚
\param WOLFSSL_SNI_CONTINUE_ON_MISMATCH ã“ã®ã‚ªãƒ—ションを設定ã™ã‚‹ã¨ã€ã‚µãƒ¼ãƒãƒ¼ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’中止ã™ã‚‹ä»£ã‚ã‚Šã«SNI応答をé€ä¿¡ã—ã¾ã›ã‚“。
+
_Example_
\code
int ret = 0;
@@ -7105,10 +8288,11 @@ void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type,
/*!
\brief SSLセッションを使用ã—ãŸSSLオブジェクトã®ã‚µãƒ¼ãƒå指示を使用ã—ã¦ã€SSLコンテキストã‹ã‚‰ä½œæˆã•ã‚ŒãŸSSLオブジェクトã‹ã‚‰ä½œæˆã•ã‚Œã¾ã™ã€‚オプションを以下ã«èª¬æ˜Žã—ã¾ã™ã€‚
\return none ã„ã„ãˆè¿”ã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type ã©ã®ç¨®é¡žã®ã‚µãƒ¼ãƒãƒ¼åãŒãƒ‡ãƒ¼ã‚¿ã«æ¸¡ã•ã‚ŒãŸã‹ã‚’示ã—ã¾ã™ã€‚既知ã®åž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_host_name = 0};
\param options é¸æŠžã•ã‚ŒãŸã‚ªãƒ—ションをæŒã¤ãƒ“ットå˜ä½ã®ã‚»ãƒžãƒ•ã‚©ã€‚利用å¯èƒ½ãªã‚ªãƒ—ションã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_continue_on_mismatch = 0x01ã€wolfssl_sni_answer_on_mismatch = 0x02};通常ã€ã‚µãƒ¼ãƒãƒ¼ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦æä¾›ã•ã‚ŒãŸãƒ›ã‚¹ãƒˆåãŒã‚µãƒ¼ãƒãƒ¼ã¨è¡¨ç¤ºã•ã‚Œã¦ã„るホストåãŒã‚µãƒ¼ãƒãƒ¼ã§æä¾›ã•ã‚Œã¦ã„ã‚‹å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã¯handshakeを中止ã—ã¾ã™ã€‚
\param WOLFSSL_SNI_CONTINUE_ON_MISMATCH ã“ã®ã‚ªãƒ—ションを設定ã™ã‚‹ã¨ã€ã‚µãƒ¼ãƒãƒ¼ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’中止ã™ã‚‹ä»£ã‚ã‚Šã«SNI応答をé€ä¿¡ã—ã¾ã›ã‚“。
+
_Example_
\code
int ret = 0;
@@ -7133,7 +8317,7 @@ void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx,
/*!
\brief クライアントã«ã‚ˆã£ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‹ã‚‰æä¾›ã•ã‚ŒãŸåå‰è¡¨ç¤ºã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦é€ä¿¡ã•ã‚ŒãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’開始ã™ã‚‹ã€‚SNIã‚’å–å¾—ã™ã‚‹ãŸã‚ã®ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã¾ãŸã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³è¨­å®šãŒå¿…è¦ã‚ã‚Šã¾ã›ã‚“。
- \return WOLFSSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG ã“ã®ã‚±ãƒ¼ã‚¹ã§è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã¯ã€æ¬¡ã®ã„ãšã‚Œã‹ã®å ´åˆã§è¿”ã•ã‚Œã¾ã™ã€‚ãƒãƒƒãƒ•ã‚¡ã¯NULLã€BUFFERSZ <= 0ã€SNIã¯NULLã€INOUTSZã¯NULLã¾ãŸã¯<= 0ã§ã™ã€‚
\return BUFFER_ERROR ä¸æ­£ãªã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆhelloメッセージãŒã‚ã‚‹ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return INCOMPLETE_DATA 抽出を完了ã™ã‚‹ã®ã«å分ãªãƒ‡ãƒ¼ã‚¿ãŒãªã„å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™ã€‚
@@ -7141,6 +8325,7 @@ void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx,
\param bufferSz クライアントhelloメッセージã®ã‚µã‚¤ã‚ºã€‚
\param type ã©ã®ç¨®é¡žã®ã‚µãƒ¼ãƒãƒ¼åãŒãƒãƒƒãƒ•ã‚¡ãƒ¼ã‹ã‚‰å–å¾—ã•ã‚Œã¦ã„ã‚‹ã‹ã‚’示ã—ã¾ã™ã€‚既知ã®åž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_host_name = 0};
\param sni 出力ãŒä¿å­˜ã•ã‚Œã‚‹å ´æ‰€ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
unsigned char buffer[1024] = {0};
@@ -7161,11 +8346,12 @@ int wolfSSL_SNI_GetFromBuffer(
unsigned char type, unsigned char* sni, unsigned int* inOutSz);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯SNIオブジェクトã®ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ã‚’å–å¾—ã—ã¾ã™ã€‚
\return value SNIãŒNULLã§ãªã„å ´åˆã€ã“ã®é–¢æ•°ã¯SNI構造体ã®ã‚¹ãƒ†ãƒ¼ã‚¿ã‚¹ãƒ¡ãƒ³ãƒãƒ¼ã®ãƒã‚¤ãƒˆå€¤ã‚’è¿”ã—ã¾ã™ã€‚
\return 0 SNIオブジェクトãŒNULLã®å ´åˆ
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7187,8 +8373,9 @@ unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type);
/*!
\brief SSLセッションã§ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦æä¾›ã•ã‚Œã‚‹ã‚µãƒ¼ãƒãƒ¼åã®è¡¨ç¤ºã€‚
\return size æä¾›ã•ã‚ŒãŸSNIデータã®ã‚µã‚¤ã‚ºã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param type ã©ã®ç¨®é¡žã®ã‚µãƒ¼ãƒãƒ¼åãŒãƒ‡ãƒ¼ã‚¿å†…ã§å–å¾—ã•ã‚Œã¦ã„ã‚‹ã‹ã‚’示ã—ã¾ã™ã€‚既知ã®åž‹ã¯æ¬¡ã®ã¨ãŠã‚Šã§ã™ã€‚enum {wolfssl_sni_host_name = 0};
+
_Example_
\code
int ret = 0;
@@ -7218,15 +8405,16 @@ unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl,
unsigned char type, void** data);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief wolfsslセッションã«ALPNを設定ã—ã¾ã™ã€‚
- \return WOLFSSL_SUCCESS: æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return WOLFSSL_SUCCESS: æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG SSLã¾ãŸã¯PROTOCOL_NAME_LISTãŒNULLã¾ãŸã¯PROTOCOL_NAME_LISTSZãŒå¤§ãã™ãŽãŸã‚Šã€ã‚ªãƒ—ションãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„ã‚‚ã®ã‚’å«ã¿ã¾ã™ã€‚
\return MEMORY_ERROR プロトコルリストã®ãƒ¡ãƒ¢ãƒªã®å‰²ã‚Šå½“ã¦ä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚
- \return SSL_FAILURE 失敗ã™ã‚‹ã¨ã€‚
+ \return SSL_FAILURE 失敗時ã«è¿”ã•ã‚Œã¾ã™ã€‚
\param ssl 使用ã™ã‚‹WolfSSLセッション。
\param protocol_name_list 使用ã™ã‚‹ãƒ—ロトコルåã®ãƒªã‚¹ãƒˆã€‚カンマ区切り文字列ãŒå¿…è¦ã§ã™ã€‚
\param protocol_name_listSz プロトコルåã®ãƒªã‚¹ãƒˆã®ã‚µã‚¤ã‚ºã€‚
+
_Example_
\code
wolfSSL_Init();
@@ -7251,17 +8439,18 @@ int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
unsigned char options);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief ã“ã®é–¢æ•°ã¯ã€ã‚µãƒ¼ãƒãƒ¼ã«ã‚ˆã£ã¦è¨­å®šã•ã‚ŒãŸãƒ—ロトコルåã‚’å–å¾—ã—ã¾ã™ã€‚
\return SSL_SUCCESS エラーãŒæŠ•ã’られã¦ã„ãªã„正常ãªå®Ÿè¡Œã«æˆ»ã‚Šã¾ã—ãŸã€‚
\return SSL_FATAL_ERROR æ‹¡å¼µå­ãŒè¦‹ã¤ã‹ã‚‰ãªã‹ã£ãŸå ´åˆã€ã¾ãŸã¯ãƒ”ã‚¢ã¨ãƒ—ロトコルãŒä¸€è‡´ã—ãªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚2ã¤ä»¥ä¸Šã®ãƒ—ロトコルåãŒå—ã‘入れられã¦ã„ã‚‹å ´åˆã¯ã€ã‚¹ãƒ­ãƒ¼ã•ã‚ŒãŸã‚¨ãƒ©ãƒ¼ã‚‚ã‚ã‚Šã¾ã™ã€‚
\return SSL_ALPN_NOT_FOUND ピアã¨ãƒ—ロトコルã®ä¸€è‡´ãŒè¦‹ã¤ã‹ã‚‰ãªã‹ã£ãŸã“ã¨ã‚’示ã™è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG 関数ã«æ¸¡ã•ã‚ŒãŸnull引数ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param protocol_name プロトコルåを表ã™CHARã¸ã®ãƒã‚¤ãƒ³ã‚¿ã¯ã€ALPN構造ã«ä¿æŒã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
- WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
WOLFSSL* ssl = WOLFSSL_new(ctx);
...
int err;
@@ -7280,14 +8469,15 @@ int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name,
unsigned short *size);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief ã“ã®é–¢æ•°ã¯ã€alpn_client_listデータをSSLオブジェクトã‹ã‚‰ãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚SSLオブジェクトã®ALPN_CLIENT_LISTメンãƒãƒ¼ãŒLISTパラメータã«ã‚³ãƒ”ーã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG listã¾ãŸã¯listszパラメーターãŒnullã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BUFFER_ERROR リストãƒãƒƒãƒ•ã‚¡ã«å•é¡ŒãŒã‚ã‚‹å ´åˆã¯ï¼ˆNULLã¾ãŸã¯ã‚µã‚¤ã‚ºãŒ0ã®å ´åˆï¼‰ã«å•é¡ŒãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_ERROR リストãƒãƒƒãƒ•ã‚¡ã«å•é¡ŒãŒã‚ã‚‹å ´åˆã¯ï¼ˆNULLã¾ãŸã¯ã‚µã‚¤ã‚ºãŒ0ã®å ´åˆï¼‰ã«å•é¡ŒãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_ERROR メモリを動的ã«å‰²ã‚Šå½“ã¦ã‚‹å•é¡ŒãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param list ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚SSLオブジェクトã‹ã‚‰ã®ãƒ‡ãƒ¼ã‚¿ãŒã‚³ãƒ”ーã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
#import <wolfssl/ssl.h>
@@ -7312,10 +8502,11 @@ int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list,
/*!
\brief 'ssl'パラメータã«æ¸¡ã•ã‚ŒãŸSSLオブジェクト内ã®æœ€å¤§ãƒ•ãƒ©ã‚°ãƒ¡ãƒ³ãƒˆé•·ã€‚ã“ã‚Œã¯ã€æœ€å¤§ãƒ•ãƒ©ã‚°ãƒ¡ãƒ³ãƒˆé•·æ‹¡å¼µæ©Ÿèƒ½ãŒWolfSSLクライアントã«ã‚ˆã£ã¦ClientHelloã§é€ä¿¡ã•ã‚Œã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.SSLã¯NULLã€MFLã¯ç¯„囲外ã§ã™ã€‚
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -7341,10 +8532,11 @@ int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl);
/*!
\brief SSLコンテキストã‹ã‚‰ä½œæˆã•ã‚ŒãŸSSLオブジェクトã®æœ€å¤§ãƒ•ãƒ©ã‚°ãƒ¡ãƒ³ãƒˆé•·ã• 'ctx'パラメータã«æ¸¡ã•ã‚Œã¾ã—ãŸã€‚ã“ã‚Œã¯ã€æœ€å¤§ãƒ•ãƒ©ã‚°ãƒ¡ãƒ³ãƒˆé•·æ‹¡å¼µæ©Ÿèƒ½ãŒWolfSSLクライアントã«ã‚ˆã£ã¦ClientHelloã§é€ä¿¡ã•ã‚Œã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.CTXã¯NULLã€MFLã¯ç¯„囲外ã§ã™ã€‚
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -7365,9 +8557,10 @@ int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl);
/*!
\brief 'ssl'パラメータã«æ¸¡ã•ã‚ŒãŸSSLオブジェクト内ã®truncated HMAC。ã“ã‚Œã¯ã€åˆ‡ã‚Šæ¨ã¦ã‚‰ã‚ŒãŸHMAC拡張機能ãŒWolfSSLクライアントã«ã‚ˆã£ã¦ClientHelloã§é€ä¿¡ã•ã‚Œã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.SSLã¯NULLã§ã™
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -7393,9 +8586,10 @@ int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl);
/*!
\brief 'ctx'パラメータã«æ¸¡ã•ã‚ŒãŸSSLコンテキストã‹ã‚‰ä½œæˆã•ã‚ŒãŸSSLオブジェクトã®ãŸã‚ã®Truncated HMAC。ã“ã‚Œã¯ã€åˆ‡ã‚Šæ¨ã¦ã‚‰ã‚ŒãŸHMAC拡張機能ãŒWolfSSLクライアントã«ã‚ˆã£ã¦ClientHelloã§é€ä¿¡ã•ã‚Œã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.CTXã¯NULL
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret = 0;
@@ -7417,10 +8611,11 @@ int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx);
/*!
\brief OCSPã§æ示ã•ã‚ŒãŸè¨¼æ˜Žæ›¸å¤±åŠ¹ãƒã‚§ãƒƒã‚¯ã®ã‚³ã‚¹ãƒˆã‚’下ã’ã¾ã™ã€‚
\return SSL_SUCCESS tlsx_usecertificateStatusRequestãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ã«ã‚¨ãƒ©ãƒ¼ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG NULLã¾ãŸã¯ãã®ä»–ã®ç‚¹ã§ã¯ã€é–¢æ•°ã«æ¸¡ã•ã‚ŒãŸå€¤ãŒæ¸¡ã•ã‚Œã‚‹å¼•æ•°ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param status_type tlsx_usecertificateSrequest()ã«æ¸¡ã•ã‚Œã€CertificateStatusRequest構造体ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—。
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param status_type tlsx_usecertificateSrequest()ã«æ¸¡ã•ã‚Œã€CertificateStatusRequest構造体ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—。
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -7437,12 +8632,13 @@ int wolfSSL_UseOCSPStapling(WOLFSSL* ssl,
unsigned char status_type, unsigned char options);
/*!
- \brief
+ \brief
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return BAD_FUNC_ARG 未解決ã®å€¤ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã€wolfssl_ctx構造体ãŒNULLã¾ãŸã¯ãã†ã§ãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG 未解決ã®å€¤ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã€WOLFSSL_CTX構造体ãŒNULLã¾ãŸã¯ãã†ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E 関数ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ãŒãƒ¡ãƒ¢ãƒªã‚’æ­£ã—ã割り振るã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param status_type tlsx_usecertificateSrequest()ã«æ¸¡ã•ã‚Œã€CertificateStatusRequest構造体ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—。
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param status_type tlsx_usecertificateSrequest()ã«æ¸¡ã•ã‚Œã€CertificateStatusRequest構造体ã«æ ¼ç´ã•ã‚Œã¦ã„ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—。
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -7465,12 +8661,13 @@ int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx,
unsigned char status_type, unsigned char options);
/*!
- \brief
+ \brief
\return SSL_SUCCESS - 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E - メモリエラーã®å‰²ã‚Šå½“ã¦ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG - NULLã¾ãŸã¯ãれ以外ã®å ´åˆã¯è§£èª­ã•ã‚Œã¦ã„ãªã„引数ãŒé–¢æ•°ã¾ãŸã¯ã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param status_type OCSPステータスタイプをロードã™ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—。
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -7489,10 +8686,11 @@ int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl,
/*!
\brief OCSPステイプルã®ãŸã‚ã«ã€‚
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã€‚
- \return BAD_FUNC_ARG wolfssl_ctx構造ãŒnullã®å ´åˆã€ã¾ãŸã¯å´æ•°å¤‰æ•°ãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL_CTX構造ãŒnullã®å ´åˆã€ã¾ãŸã¯å´æ•°å¤‰æ•°ãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§ã¯ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E メモリã®å‰²ã‚Šå½“ã¦ãŒå¤±æ•—ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param status_type CertificatStatusRequest構造体ã«ã‚ã‚‹ãƒã‚¤ãƒˆã‚¿ã‚¤ãƒ—ã§ã€wolfssl_csr2_ocspã¾ãŸã¯wolfssl_csr2_ocsp_multiã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7512,10 +8710,11 @@ int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
/*!
\brief サãƒãƒ¼ãƒˆã•ã‚Œã¦ã„る楕円曲線拡張å­ã¯ã€ 'SSL'パラメータã«æ¸¡ã•ã‚ŒãŸSSLオブジェクトã§ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„るカーブãŒWolfSSLクライアントã«ã‚ˆã£ã¦ClientHelloã§é€ä¿¡ã•ã‚Œã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯è¤‡æ•°ã®æ›²ç·šã‚’有効ã«ã™ã‚‹ãŸã‚ã«è¤‡æ•°ã®æ™‚é–“ã¨å‘¼ã¶ã“ã¨ãŒã§ãã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.SSLã¯NULLã§ã™ã€‚åå‰ã¯æœªçŸ¥ã®å€¤ã§ã™ã€‚(下記å‚照)
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -7541,10 +8740,11 @@ int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name);
/*!
\brief サãƒãƒ¼ãƒˆã•ã‚Œã¦ã„る楕円曲線ã¯ã€ 'ctx'パラメータã«æ¸¡ã•ã‚ŒãŸSSLコンテキストã‹ã‚‰ä½œæˆã•ã‚ŒãŸSSLオブジェクトã®æ‹¡å¼µå­ã§ã™ã€‚ã“ã‚Œã¯ã€ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„るカーブãŒWolfSSLクライアントã«ã‚ˆã£ã¦ClientHelloã§é€ä¿¡ã•ã‚Œã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯è¤‡æ•°ã®æ›²ç·šã‚’有効ã«ã™ã‚‹ãŸã‚ã«è¤‡æ•°ã®æ™‚é–“ã¨å‘¼ã¶ã“ã¨ãŒã§ãã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 次ã®ã„ãšã‚Œã‹ã®å ´åˆã«è¿”ã•ã‚Œã‚‹ã‚¨ãƒ©ãƒ¼ã§ã™.CTXã¯NULLã€åå‰ã¯æœªçŸ¥ã®å€¤ã§ã™ã€‚(下記å‚照)
\return MEMORY_E å分ãªãƒ¡ãƒ¢ãƒªãŒãªã„ã¨ãã«ã‚¨ãƒ©ãƒ¼ãŒè¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸSSLコンテキストã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -7565,11 +8765,12 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
word16 name);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€ä¾›çµ¦ã•ã‚ŒãŸWOLFSSL構造ã®å®‰å…¨ãªå†äº¤æ¸‰ã‚’強制ã—ã¾ã™ã€‚ã“ã‚Œã¯ãŠå‹§ã‚ã§ãã¾ã›ã‚“。
\return SSL_SUCCESS 安全ãªå†ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ã‚’正常ã«è¨­å®šã—ã¾ã™ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
\return MEMORY_E 安全ãªå†äº¤æ¸‰ã®ãŸã‚ã«ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã‚‹ã“ã¨ãŒã§ããªã„å ´åˆã€ã‚¨ãƒ©ãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
wolfSSL_Init();
@@ -7590,12 +8791,13 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯å®‰å…¨ãªå†äº¤æ¸‰ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’実行ã—ã¾ã™ã€‚ã“ã‚Œã¯ã€WolfSSLãŒã“ã®æ©Ÿèƒ½ã‚’妨ã’るよã†ã«å¼·åˆ¶ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl構造ãŒnullã¾ãŸã¯ãã†ã§ãªã‘ã‚Œã°ã€è¨±å®¹ã§ããªã„引数ãŒã‚µãƒ–ルーãƒãƒ³ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SECURE_RENEGOTIATION_E ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’å†ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ã™ã‚‹ã“ã¨ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR サーãƒãƒ¼ã¾ãŸã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæ§‹æˆã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯ã€å†ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ãŒå®Œäº†ã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚wolfssl_negotiate()をå‚ç…§ã—ã¦ãã ã•ã„。
+ \return SECURE_RENEGOTIATION_E ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’å†ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ã™ã‚‹ã“ã¨ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR サーãƒãƒ¼ã¾ãŸã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆæ§‹æˆã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯ã€å†ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ãŒå®Œäº†ã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚wolfssl_negotiate()ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -7614,11 +8816,12 @@ int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
int wolfSSL_Rehandshake(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief セッションãƒã‚±ãƒƒãƒˆã‚’使用ã™ã‚‹ã‚ˆã†ã«WolfSSL構造を強制ã—ã¾ã™ã€‚定数hous_session_ticketを定義ã—ã€å®šæ•°NO_WOLFSSL_CLIENTã‚’ã“ã®é–¢æ•°ã‚’使用ã™ã‚‹ã‚ˆã†ã«å®šç¾©ã—ãªã„ã§ãã ã•ã„。
\return SSL_SUCCESS セッションãƒã‚±ãƒƒãƒˆã‚’使用ã—ãŸã‚»ãƒƒãƒˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E セッションãƒã‚±ãƒƒãƒˆã‚’設定ã™ã‚‹ãŸã‚ã®ãƒ¡ãƒ¢ãƒªã®å‰²ã‚Šå½“ã¦ä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚
+
_Example_
\code
wolfSSL_Init();
@@ -7638,11 +8841,12 @@ int wolfSSL_Rehandshake(WOLFSSL* ssl);
int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã‚’使用ã™ã‚‹ã‚ˆã†ã«WolfSSLコンテキストを設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ã¯æ­£å¸¸ã«å®Ÿè¡Œã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E 内部関数内ã®ãƒ¡ãƒ¢ãƒªã®å‰²ã‚Šå½“ã¦ä¸­ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚
+
_Example_
\code
wolfSSL_Init();
@@ -7660,12 +8864,13 @@ int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®æ©Ÿèƒ½ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³æ§‹é€ ã®ãƒã‚±ãƒƒãƒˆãƒ¡ãƒ³ãƒãƒ¼ã‚’ãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 引数ã®1ã¤ãŒNULLã®å ´åˆã€ã¾ãŸã¯bufsz引数ãŒ0ã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buf メモリãƒãƒƒãƒ•ã‚¡ã‚’表ã™ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7685,12 +8890,13 @@ int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
int wolfSSL_get_SessionTicket(WOLFSSL* ssl, unsigned char* buf, word32* bufSz);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€WolfSSL構造体内ã®wolfssl_session構造体ã®ãƒã‚±ãƒƒãƒˆãƒ¡ãƒ³ãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚関数ã«æ¸¡ã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã¯ãƒ¡ãƒ¢ãƒªã«ã‚³ãƒ”ーã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 機能ã®å®Ÿè¡Œã«æˆåŠŸã—ãŸã“ã¨ã«æˆ»ã‚Šã¾ã™ã€‚関数ã¯ã‚¨ãƒ©ãƒ¼ãªã—ã§è¿”ã•ã‚Œã¾ã—ãŸã€‚
\return BAD_FUNC_ARG WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚BUF引数ãŒNULLã®å ´åˆã¯ã€ã“ã‚Œã¯ã‚¹ãƒ­ãƒ¼ã•ã‚Œã¾ã™ãŒã€bufsz引数ã¯ã‚¼ãƒ­ã§ã¯ã‚ã‚Šã¾ã›ã‚“。
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param buf セッション構造ã®ãƒã‚±ãƒƒãƒˆãƒ¡ãƒ³ãƒãƒ¼ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã‚‹ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7711,8 +8917,9 @@ int wolfSSL_set_SessionTicket(WOLFSSL* ssl, const unsigned char* buf,
\brief CallbackSessionTicketã¯ã€int(* callbacksessionTicket)(wolfssl *ã€const unsigned char *ã€intã€void *)ã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã§ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG WolfSSL構造ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param cb Type CallbackSessionTicketã¸ã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -7730,12 +8937,41 @@ int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
CallbackSessionTicket cb, void* ctx);
/*!
+ \brief ã“ã®é–¢æ•°ã¯TLS1.3ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ãŒç¢ºç«‹ã—ãŸã‚ã¨ã§ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã‚’é€ä¿¡ã—ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS セッションãƒã‚±ãƒƒãƒˆãŒé€ä¿¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG WOLFSSL構造体ãŒNULL,ã‚ã‚‹ã„ã¯TLS v1.3を使用ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIDE_ERROR returned サーãƒãƒ¼å´ã§ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return NOT_READY_ERROR ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ãŒå®Œäº†ã—ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_FATAL_ERROR メッセージã®ç”Ÿæˆã‹é€ä¿¡ã«å¤±æ•—ã—ãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl wolfSSL_new()を使ã£ã¦ç”Ÿæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ _Example_
+ \code
+ int ret;
+ WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
+ WOLFSSL* ssl = wolfSSL_new(ctx);
+ …
+ ret = wolfSSL_send_SessionTicket(ssl);
+ if (ret != WOLFSSL_SUCCESS) {
+ // New session ticket not sent.
+ }
+ \endcode
+
+ \sa wolfSSL_get_SessionTicket
+ \sa CallbackSessionTicket
+ \sa sessionTicketCB
+ */
+int wolfSSL_send_SessionTicket(WOLFSSL* ssl);
+
+/*!
\brief RFC 5077ã§æŒ‡å®šã•ã‚Œã¦ã„るセッションãƒã‚±ãƒƒãƒˆã‚’サãƒãƒ¼ãƒˆã™ã‚‹ãŸã‚ã®ã‚µãƒ¼ãƒãƒ¼ãŒã€‚
\return SSL_SUCCESS セッションを正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ç„¡åŠ¹ãªå¼•æ•°ã‚’関数ã«æ¸¡ã™ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctxオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTXオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param cb セッションãƒã‚±ãƒƒãƒˆã‚’æš—å·åŒ–/復å·åŒ–ã™ã‚‹ãŸã‚ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°
- \param ssl(Callback) WOLFSSL_NEW()ã§ä½œæˆã•ã‚ŒãŸWolfSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param ssl(Callback) wolfSSL_new()ã§ä½œæˆã•ã‚ŒãŸWolfSSLオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param key_name(Callback) ã“ã®ãƒã‚±ãƒƒãƒˆã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆã®ä¸€æ„ã®ã‚­ãƒ¼åã¯ãƒ©ãƒ³ãƒ€ãƒ ã«ç”Ÿæˆã•ã‚Œã‚‹ã¹ãã§ã™
\param iv(Callback) ユニークãªIVã“ã®ãƒã‚±ãƒƒãƒˆã®å ´åˆã€æœ€å¤§128ビットã€ãƒ©ãƒ³ãƒ€ãƒ ã«ç”Ÿæˆã•ã‚Œã‚‹ã¹ãã§ã™
\param mac(Callback) ã“ã®ãƒã‚±ãƒƒãƒˆã®æœ€å¤§256ビットMAC
@@ -7743,6 +8979,7 @@ int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
\param ticket(Callback) æš—å·åŒ–ãƒã‚±ãƒƒãƒˆã®å…¥å‡ºåŠ›ãƒãƒƒãƒ•ã‚¡ã€‚ENCパラメータをå‚ç…§ã—ã¦ãã ã•ã„
\param inLen(Callback) ãƒã‚±ãƒƒãƒˆãƒ‘ラメータã®å…¥åŠ›é•·
\param outLen(Callback) ãƒã‚±ãƒƒãƒˆãƒ‘ラメータã®çµæžœã®å‡ºåŠ›é•·ã€‚コールãƒãƒƒã‚¯outlenを入力ã™ã‚‹ã¨ã€ãƒã‚±ãƒƒãƒˆãƒãƒƒãƒ•ã‚¡ã§ä½¿ç”¨å¯èƒ½ãªæœ€å¤§ã‚µã‚¤ã‚ºãŒè¡¨ç¤ºã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
See wolfssl/test.h myTicketEncCb() used by the example
@@ -7758,7 +8995,8 @@ int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx,
\brief サーãƒãƒ¼ã‚µã‚¤ãƒ‰ã®ä½¿ç”¨ã®ãŸã‚ã«ã€‚
\return SSL_SUCCESS セッションを正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ç„¡åŠ¹ãªå¼•æ•°ã‚’関数ã«æ¸¡ã™ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctxオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTXオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
none
@@ -7771,7 +9009,8 @@ int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int);
\brief 折り返ã—電話。サーãƒãƒ¼ã‚µã‚¤ãƒ‰ã®ä½¿ç”¨ã®ãŸã‚ã«ã€‚
\return SSL_SUCCESS セッションを正常ã«è¨­å®šã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ç„¡åŠ¹ãªå¼•æ•°ã‚’関数ã«æ¸¡ã™ã“ã¨ã«ã‚ˆã£ã¦ç™ºç”Ÿã—ã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctxオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTXオブジェクトã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
none
@@ -7784,6 +9023,7 @@ int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*);
\brief 折り返ã—電話。サーãƒãƒ¼ã‚µã‚¤ãƒ‰ã®ä½¿ç”¨ã®ãŸã‚ã«ã€‚
\return userCtx セッションを正常ã«å–å¾—ã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
\return NULL 失敗ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ç„¡åŠ¹ãªå¼•æ•°ã‚’関数ã«æ¸¡ã™ã“ã¨ã«ã‚ˆã£ã¦ã€ã¾ãŸã¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆãŒè¨­å®šã•ã‚Œã¦ã„ãªã„ã¨ãã«ç™ºç”Ÿã—ã¾ã™ã€‚
+
_Example_
\code
none
@@ -7796,8 +9036,9 @@ void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx);
\brief ã“ã®æ©Ÿèƒ½ã«ã¯ã€WolfSSL構造ã®HSDonectxメンãƒãƒ¼ãŒè¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚WolfSSL構造体ã®HSDONECBã¨HSDonectxメンãƒãƒ¼ãŒè¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
\return BAD_FUNC_ARG wolfssl構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param cb int(* HandshakedOneCB)(wolfssl *ã€void *)ã®ç½²åã‚’æŒã¤ã‚¿ã‚¤ãƒ—HandshakedOneCBã®é–¢æ•°ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -7814,11 +9055,12 @@ void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx);
int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‹ã‚‰çµ±è¨ˆã‚’å°åˆ·ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§æˆ»ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚セッション統計ã¯æ­£å¸¸ã«å–å¾—ã•ã‚Œå°åˆ·ã•ã‚Œã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG サブルーãƒãƒ³wolfssl_get_session_stats()ãŒè¨±å®¹ã§ããªã„引数ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG サブルーãƒãƒ³wolfssl_get_session_stats()ãŒè¨±å®¹ã§ããªã„引数ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_MUTEX_E サブルーãƒãƒ³ã«ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹ã‚¨ãƒ©ãƒ¼ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
// You will need to have a session object to retrieve stats from.
@@ -7832,14 +9074,15 @@ int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx);
int wolfSSL_PrintSessionStats(void);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®çµ±è¨ˆã‚’å–å¾—ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ã¨ã‚µãƒ–ルーãƒãƒ³ãŒã‚¨ãƒ©ãƒ¼ãªã—ã§æˆ»ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚セッション統計ã¯æ­£å¸¸ã«å–å¾—ã•ã‚Œå°åˆ·ã•ã‚Œã¾ã—ãŸã€‚
- \return BAD_FUNC_ARG サブルーãƒãƒ³wolfssl_get_session_stats()ãŒè¨±å®¹ã§ããªã„引数ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG サブルーãƒãƒ³wolfssl_get_session_stats()ãŒè¨±å®¹ã§ããªã„引数ã«æ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_MUTEX_E サブルーãƒãƒ³ã«ãƒŸãƒ¥ãƒ¼ãƒ†ãƒƒã‚¯ã‚¹ã‚¨ãƒ©ãƒ¼ãŒã‚ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param active ç¾åœ¨ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã®åˆè¨ˆã‚’表ã™Word32ãƒã‚¤ãƒ³ã‚¿ã€‚
\param total ç·ã‚»ãƒƒã‚·ãƒ§ãƒ³ã‚’表ã™Word32ãƒã‚¤ãƒ³ã‚¿ã€‚
\param peak ピークセッションを表ã™Word32ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int wolfSSL_PrintSessionStats(void){
@@ -7857,10 +9100,10 @@ int wolfSSL_get_session_stats(unsigned int* active,
unsigned int* maxSessions);
/*!
- \ingroup TLS
+ \ingroup TLS
\brief ã“ã®é–¢æ•°ã¯CRã¨SRã®å€¤ã‚’コピーã—ã¦ã‹ã‚‰WC_PRF(疑似ランダム関数)ã«æ¸¡ã—ã€ãã®å€¤ã‚’è¿”ã—ã¾ã™ã€‚
\return 0 æˆåŠŸã—ãŸ
- \return BUFFER_E ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BUFFER_E ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_E サブルーãƒãƒ³ãŒå‹•çš„メモリを割り当ã¦ã‚‹ã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\param ms マスターシークレットã¯ã‚¢ãƒ¬ã‚¤æ§‹é€ ã«ä¿æŒã•ã‚Œã¦ã„ã¾ã™ã€‚
\param msLen マスターシークレットã®é•·ã•ã€‚
@@ -7869,6 +9112,7 @@ int wolfSSL_get_session_stats(unsigned int* active,
\param cr クライアントã®ãƒ©ãƒ³ãƒ€ãƒ 
\param sr サーãƒãƒ¼ã®ãƒ©ãƒ³ãƒ€ãƒ ã§ã™ã€‚
\param tls1_2 ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒå°‘ãªãã¨ã‚‚TLSãƒãƒ¼ã‚¸ãƒ§ãƒ³1.2ã§ã‚ã‚‹ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -7897,7 +9141,7 @@ int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen,
int tls1_2, int hash_type);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief TLSキーを導ã出ã™ãŸã‚ã®å¤–部ã®ãƒ©ãƒƒãƒ‘ー。
\return 0 æˆåŠŸã«æˆ»ã‚Šã¾ã—ãŸã€‚
\return BUFFER_E LABLENã¨SEADLENã®åˆè¨ˆï¼ˆåˆè¨ˆã‚µã‚¤ã‚ºã‚’計算)ãŒæœ€å¤§ã‚µã‚¤ã‚ºã‚’超ãˆã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
@@ -7908,7 +9152,8 @@ int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen,
\param msLen 列挙ã•ã‚ŒãŸå®šç¾©ã§ã€ãƒžã‚¹ã‚¿ãƒ¼ã‚·ãƒ¼ã‚¯ãƒ¬ãƒƒãƒˆã®é•·ã•ã‚’ä¿æŒã™ã‚‹Word32タイプ。
\param sr WOLFSSL構造内ã®é…列構造ã®ServerRandomメンãƒãƒ¼ã¸ã®å®šæ•°ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
\param cr WolfSSL構造内ã®é…列構造ã®ClientRandomメンãƒãƒ¼ã¸ã®å®šæ•°ãƒã‚¤ãƒˆãƒã‚¤ãƒ³ã‚¿ã€‚
- \param tls1_2 ISATLEASTLSV1_2()ã‹ã‚‰è¿”ã•ã‚ŒãŸæ•´æ•°åž‹ã€‚
+ \param tls1_2 ISATLEASTLSV1_2()ã‹ã‚‰è¿”ã•ã‚ŒãŸæ•´æ•°åž‹ã€‚
+
_Example_
\code
int DeriveTlsKeys(WOLFSSL* ssl){
@@ -7932,11 +9177,12 @@ int wolfSSL_DeriveTlsKeys(unsigned char* key_data, word32 keyLen,
/*!
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ãŒè¨­å®šã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ãƒ‡ãƒãƒƒã‚¬ãŒåˆ©ç”¨ã§ããšã€ã‚¹ãƒ‹ãƒƒãƒ•ã‚£ãƒ³ã‚°ãŒå®Ÿç”¨çš„ã§ã¯ãªã„å ´åˆã«ã€ã‚µãƒãƒ¼ãƒˆã‚’デãƒãƒƒã‚°ã™ã‚‹ãŸã‚ã®çµ„ã¿è¾¼ã¿ã‚·ã‚¹ãƒ†ãƒ ã§å½¹ç«‹ã¡ã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‹å¦ã‹ãŒå‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚SSLパケットã®æœ€å¤§æ•°ãŒæ—¢çŸ¥ã§ã‚ã‚‹ãŸã‚ã€å‹•çš„メモリã¯ä½¿ç”¨ã•ã‚Œã¾ã›ã‚“。パケットåã‚’PacketNames []ã§ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã™ã€‚接続拡張機能ã¯ã€ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆå€¤ã¨ã¨ã‚‚ã«ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚ã“ã‚Œã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒTCPスタックをタイムアウトã™ã‚‹ã®ã‚’å¾…ã£ãŸããªã„å ´åˆã«ä¾¿åˆ©ã§ã™ã€‚ã“ã®æ‹¡å¼µå­ã¯ã€ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã®ã©ã¡ã‚‰ã‹ã€ã¾ãŸã¯ã©ã¡ã‚‰ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚‚呼ã³å‡ºã•ã‚Œã¾ã›ã‚“。
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return GETTIME_ERROR gettimeofday()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SETITIMER_ERROR setItimer()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SIGACT_ERROR sigAction()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR 基ã«ãªã‚‹ssl_connect()呼ã³å‡ºã—ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return GETTIME_ERROR gettimeofday()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SETITIMER_ERROR setItimer()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIGACT_ERROR sigAction()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR 基ã«ãªã‚‹ssl_connect()呼ã³å‡ºã—ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
none
@@ -7948,11 +9194,12 @@ int wolfSSL_connect_ex(WOLFSSL* ssl, HandShakeCallBack hsCb,
/*!
\brief 設定ã™ã‚‹ã€‚ã“ã‚Œã¯ã€ãƒ‡ãƒãƒƒã‚¬ãŒåˆ©ç”¨ã§ããšã€ã‚¹ãƒ‹ãƒƒãƒ•ã‚£ãƒ³ã‚°ãŒå®Ÿç”¨çš„ã§ã¯ãªã„å ´åˆã«ã€ã‚µãƒãƒ¼ãƒˆã‚’デãƒãƒƒã‚°ã™ã‚‹ãŸã‚ã®çµ„ã¿è¾¼ã¿ã‚·ã‚¹ãƒ†ãƒ ã§å½¹ç«‹ã¡ã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‹å¦ã‹ãŒå‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚SSLパケットã®æœ€å¤§æ•°ãŒæ—¢çŸ¥ã§ã‚ã‚‹ãŸã‚ã€å‹•çš„メモリã¯ä½¿ç”¨ã•ã‚Œã¾ã›ã‚“。パケットåã‚’PacketNames []ã§ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã™ã€‚接続拡張機能ã¯ã€ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆå€¤ã¨ã¨ã‚‚ã«ã‚¿ã‚¤ãƒ ã‚¢ã‚¦ãƒˆã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã™ã‚‹ã“ã¨ã‚‚ã§ãã¾ã™ã€‚ã“ã‚Œã¯ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒTCPスタックをタイムアウトã™ã‚‹ã®ã‚’å¾…ã£ãŸããªã„å ´åˆã«ä¾¿åˆ©ã§ã™ã€‚ã“ã®æ‹¡å¼µå­ã¯ã€ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã®ã©ã¡ã‚‰ã‹ã€ã¾ãŸã¯ã©ã¡ã‚‰ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚‚呼ã³å‡ºã•ã‚Œã¾ã›ã‚“。
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return GETTIME_ERROR gettimeofday()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SETITIMER_ERROR setItimer()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SIGACT_ERROR sigAction()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR 基礎ã¨ãªã‚‹ssl_accept()呼ã³å‡ºã—ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return GETTIME_ERROR gettimeofday()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SETITIMER_ERROR setItimer()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIGACT_ERROR sigAction()ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã€è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR 基礎ã¨ãªã‚‹ssl_accept()呼ã³å‡ºã—ãŒã‚¨ãƒ©ãƒ¼ã‚’検出ã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
none
@@ -7963,12 +9210,13 @@ int wolfSSL_accept_ex(WOLFSSL* ssl, HandShakeCallBacki hsCb,
TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã‚Œã¯BIOã®å†…部ファイルãƒã‚¤ãƒ³ã‚¿ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS ファイルãƒã‚¤ãƒ³ã‚¿ã‚’正常ã«è¨­å®šã—ã¾ã™ã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
- \param bio ペアを設定ã™ã‚‹ãŸã‚ã®wolfssl_bio構造。
+ \param bio ペアを設定ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造体。
\param fp ãƒã‚¤ã‚ªã§è¨­å®šã™ã‚‹ãƒ•ã‚¡ã‚¤ãƒ«ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -7986,11 +9234,12 @@ int wolfSSL_accept_ex(WOLFSSL* ssl, HandShakeCallBacki hsCb,
long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
/*!
- \ingroup IO
- \brief ã“ã‚Œã¯ã€BIOã®å†…部ファイルãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup IO
+\brief ã“ã®é–¢æ•°ã¯ã€ \brief ã“ã‚Œã¯ã€BIOã®å†…部ファイルãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS ファイルãƒã‚¤ãƒ³ã‚¿ã‚’正常ã«å–å¾—ã—ã¾ã™ã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
- \param bio ペアを設定ã™ã‚‹ãŸã‚ã®wolfssl_bio構造。
+ \param bio ペアを設定ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造体。
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -8008,11 +9257,12 @@ long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ç§˜å¯†éµãŒä½¿ç”¨ã•ã‚Œã¦ã„る証明書ã¨ã®ä¸€è‡´ã§ã‚ã‚‹ã“ã¨ã‚’確èªã—ã¾ã™ã€‚
\return SSL_SUCCESS ã†ã¾ã一致ã—ã¾ã™ã€‚
\return SSL_FAILURE エラーケースã«é­é‡ã—ãŸå ´åˆ
\return <0 ssl_failure以外ã®ã™ã¹ã¦ã®ã‚¨ãƒ©ãƒ¼ã‚±ãƒ¼ã‚¹ã¯è² ã®å€¤ã§ã™ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -8027,12 +9277,13 @@ long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
int wolfSSL_check_private_key(const WOLFSSL* ssl);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®æ©Ÿèƒ½ã¯ã€æ¸¡ã•ã‚ŒãŸNID値ã«ä¸€è‡´ã™ã‚‹æ‹¡å¼µç´¢å¼•ã‚’探ã—ã¦è¿”ã—ã¾ã™ã€‚
- \return >= 0拡張インデックスãŒæˆåŠŸã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return >= 0拡張インデックスãŒæˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return -1 æ‹¡å¼µãŒè¦‹ã¤ã‹ã‚‰ãªã„ã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆ
\param x509 æ‹¡å¼µã®ãŸã‚ã«è§£æžã™ã‚‹è¨¼æ˜Žæ›¸ã€‚
\param nid 見ã¤ã‹ã‚‹æ‹¡å¼µOID。
+
_Example_
\code
const WOLFSSL_X509* x509;
@@ -8046,13 +9297,14 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509,
int nid, int lastPos);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€æ¸¡ã•ã‚ŒãŸNID値ã«åˆã£ãŸæ‹¡å¼µå­ã‚’探ã—ã¦è¿”ã—ã¾ã™ã€‚
- \return pointer STACK_OF(wolfssl_asn1_object)ãƒã‚¤ãƒ³ã‚¿ãŒæˆåŠŸã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return pointer STACK_OF(wolfssl_asn1_object)ãƒã‚¤ãƒ³ã‚¿ãŒæˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return NULL æ‹¡å¼µãŒè¦‹ã¤ã‹ã‚‰ãªã„ã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆ
\param x509 æ‹¡å¼µã®ãŸã‚ã«è§£æžã™ã‚‹è¨¼æ˜Žæ›¸ã€‚
\param nid 見ã¤ã‹ã‚‹æ‹¡å¼µOID。
\param c not nullãŒè¤‡æ•°ã®æ‹¡å¼µå­ã«-2ã«è¨­å®šã•ã‚Œã¦ã„ãªã„å ´åˆã¯-1ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚
+
_Example_
\code
const WOLFSSL_X509* x509;
@@ -8069,13 +9321,14 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
int nid, int* c, int* idx);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯DER証明書ã®ãƒãƒƒã‚·ãƒ¥ã‚’è¿”ã—ã¾ã™ã€‚
\return SSL_SUCCESS ãƒãƒƒã‚·ãƒ¥ã®ä½œæˆã«æˆåŠŸã—ã¾ã—ãŸã€‚
\return SSL_FAILURE ä¸è‰¯å…¥åŠ›ã¾ãŸã¯å¤±æ•—ã—ãŸãƒãƒƒã‚·ãƒ¥ã«æˆ»ã‚Šã¾ã—ãŸã€‚
\param x509 ãƒãƒƒã‚·ãƒ¥ã‚’å¾—ã‚‹ãŸã‚ã®è¨¼æ˜Žæ›¸ã€‚
\param digest 使用ã™ã‚‹ãƒãƒƒã‚·ãƒ¥ã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ 
\param buf ãƒãƒƒã‚·ãƒ¥ã‚’ä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+
_Example_
\code
WOLFSSL_X509* x509;
@@ -8092,11 +9345,12 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509,
const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ä½¿ç”¨ã™ã‚‹ãŸã‚ã«ã€WolfSSL構造ã®è¨¼æ˜Žæ›¸ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 設定ã®æˆåŠŸã—ãŸå¼•æ•°ã«ã¤ã„ã¦ã€‚
\return SSL_FAILURE NULL引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚
\param ssl 証明書を設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
+
_Example_
\code WOLFSSL* ssl;
WOLFSSL_X509* x509
@@ -8111,12 +9365,13 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509,
int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€handshakeã®é–“ã«ä½¿ç”¨ã™ã‚‹ãŸã‚ã«WolfSSL構造ã®è¨¼æ˜Žæ›¸ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚DERフォーマットãƒãƒƒãƒ•ã‚¡ãŒäºˆæƒ³ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \biiã“fã¯ã€ã“ã®é–¢æ•°ã¯ã€handshakeã®é–“ã«ä½¿ç”¨ã™ã‚‹ãŸã‚ã«WolfSSL構造ã®è¨¼æ˜Žæ›¸ã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚DERフォーマットãƒãƒƒãƒ•ã‚¡ãŒäºˆæƒ³ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 設定ã®æˆåŠŸã—ãŸå¼•æ•°ã«ã¤ã„ã¦ã€‚
\return SSL_FAILURE NULL引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚
\param ssl 証明書を設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
\param der 使用ã™ã‚‹è¨¼æ˜Žæ›¸ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -8134,11 +9389,12 @@ int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der,
int derSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã‚Œã¯WolfSSL構造ã®ç§˜å¯†éµã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 設定ã®æˆåŠŸã—ãŸå¼•æ•°ã«ã¤ã„ã¦ã€‚
\return SSL_FAILURE NULL SSLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚ã™ã¹ã¦ã®ã‚¨ãƒ©ãƒ¼ã‚±ãƒ¼ã‚¹ã¯è² ã®å€¤ã«ãªã‚Šã¾ã™ã€‚
\param ssl 引数を設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
+
_Example_
\code
WOLFSSL* ssl;
@@ -8154,13 +9410,14 @@ int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der,
int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã‚Œã¯WolfSSL構造ã®ç§˜å¯†éµã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚DERフォーマットã®ã‚­ãƒ¼ãƒãƒƒãƒ•ã‚¡ãŒäºˆæƒ³ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 秘密éµã®æ§‹æ–‡è§£æžã¨è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã€‚
\return SSL_FAILURE NULL SSLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚ã™ã¹ã¦ã®ã‚¨ãƒ©ãƒ¼ã‚±ãƒ¼ã‚¹ã¯è² ã®å€¤ã«ãªã‚Šã¾ã™ã€‚
\param pri 秘密éµã®ç¨®é¡žã€‚
\param ssl 引数を設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
\param der ãƒãƒƒãƒ•ã‚¡ãƒ¼ä¿æŒDERキー。
+
_Example_
\code
WOLFSSL* ssl;
@@ -8179,12 +9436,13 @@ int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl,
unsigned char* der, long derSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã‚Œã¯WolfSSL構造ã®ç§˜å¯†éµã‚’設定ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚DERフォーマットã®RSAキーãƒãƒƒãƒ•ã‚¡ãŒäºˆæƒ³ã•ã‚Œã¾ã™ã€‚
\return SSL_SUCCESS 秘密éµã®æ§‹æ–‡è§£æžã¨è¨­å®šã«æˆåŠŸã—ãŸå ´åˆã€‚
\return SSL_FAILURE NULL SSLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚ã™ã¹ã¦ã®ã‚¨ãƒ©ãƒ¼ã‚±ãƒ¼ã‚¹ã¯è² ã®å€¤ã«ãªã‚Šã¾ã™ã€‚
\param ssl 引数を設定ã™ã‚‹ãŸã‚ã®WolfSSL構造。
\param der ãƒãƒƒãƒ•ã‚¡ãƒ¼ä¿æŒDERキー。
+
_Example_
\code
WOLFSSL* ssl;
@@ -8203,10 +9461,11 @@ int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der,
long derSz);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€DSAã®ãƒ‘ラメータを新ã—ã作æˆã•ã‚ŒãŸWOLFSSL_DH構造体ã«é‡è¤‡ã—ã¦ã„ã¾ã™ã€‚
\return WOLFSSL_DH é‡è¤‡ã—ãŸå ´åˆã¯WolfSSL_DH構造体を返ã™å ´åˆ
\return NULL 失敗ã™ã‚‹ã¨
+
_Example_
\code
WOLFSSL_DH* dh;
@@ -8221,13 +9480,14 @@ int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der,
WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã‚Œã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’完了ã—ãŸå¾Œã«ãƒžã‚¹ã‚¿ãƒ¼ã‚­ãƒ¼ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return >0 データã®å–å¾—ã«æˆåŠŸã—ãŸå ´åˆã€0より大ãã„値を返ã—ã¾ã™ã€‚
\return 0 ランダムãªãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒè¿”ã•ã‚Œãªã„å ´åˆã¯0
\return max 渡ã•ã‚ŒãŸOUTSZãŒ0ã®å ´åˆã€å¿…è¦ãªæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™ã€‚
\param ses マスターシークレットãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®WolfSSL_SESSION構造。
\param out データをä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+
_Example_
\code
WOLFSSL_SESSION ssl;
@@ -8247,9 +9507,10 @@ int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
unsigned char* out, int outSz);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã‚Œã¯ãƒžã‚¹ã‚¿ãƒ¼ç§˜å¯†éµã®é•·ã•ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return size マスターシークレットキーサイズを返ã—ã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_SESSION ssl;
@@ -8267,10 +9528,11 @@ int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€CTXã®WOLFSSL_X509_STORE構造ã®è¨­å®šæ©Ÿèƒ½ã§ã™ã€‚
+ \ingroup Setup
+ \bri f ã“ã®é–¢æ•°ã¯ã€ã‚Œã¯ã€CTXã®WOLFSSL_X509_STORE構造ã®è¨­å®šæ©Ÿèƒ½ã§ã™ã€‚
\return none è¿”å“ä¸å¯ã€‚
\param ctx Cert Storeãƒã‚¤ãƒ³ã‚¿ã‚’設定ã™ã‚‹ãŸã‚ã®WolfSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX ctx;
@@ -8286,11 +9548,12 @@ void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
WOLFSSL_X509_STORE* str);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯BIOã‹ã‚‰DERãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã—ã€ãれをWolfSSL_X509構造ã«å¤‰æ›ã—ã¾ã™ã€‚
\return pointer æˆåŠŸã—ãŸwolfssl_x509構造ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return Null 失敗時ã«NULLã‚’è¿”ã—ã¾ã™
- \param bio DER証明書ãƒãƒƒãƒ•ã‚¡ã‚’æŒã¤wolfssl_bio構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param bio DER証明書ãƒãƒƒãƒ•ã‚¡ã‚’æŒã¤WOLFSSL_BIO構造体体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -8306,10 +9569,11 @@ void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€CTXã®WOLFSSL_X509_STORE構造ã®ã‚²ãƒƒã‚¿ãƒ¼é–¢æ•°ã§ã™ã€‚
+ \ingroup Setup
+ \bri f ã“ã®é–¢æ•°ã¯ã€ã‚Œã¯ã€CTXã®WOLFSSL_X509_STORE構造ã®ã‚²ãƒƒã‚¿ãƒ¼é–¢æ•°ã§ã™ã€‚
\return WOLFSSL_X509_STORE* ãƒã‚¤ãƒ³ã‚¿ã‚’正常ã«å…¥æ‰‹ã—ã¾ã™ã€‚
\return NULL NULL引数ãŒæ¸¡ã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX ctx;
@@ -8325,9 +9589,10 @@ WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509);
WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
/*!
- \ingroup IO
+ \ingroup IO
\brief ä¿ç•™ä¸­ã®ãƒã‚¤ãƒˆæ•°ã‚’読ã¿å–ã‚‹æ•°ã‚’å–å¾—ã—ã¾ã™ã€‚BIOタイプãŒBIO_BIOã®å ´åˆã€ãƒšã‚¢ã‹ã‚‰èª­ã¿å–る番å·ã§ã™ã€‚BIOã«SSLオブジェクトãŒå«ã¾ã‚Œã¦ã„ã‚‹å ´åˆã¯ã€SSLオブジェクトã‹ã‚‰ã®ãƒ‡ãƒ¼ã‚¿ã‚’ä¿ç•™ä¸­ã§ã™ï¼ˆWolfSSL_Pending(SSL))。bio_memoryタイプãŒã‚ã‚‹å ´åˆã¯ã€ãƒ¡ãƒ¢ãƒªãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã‚’è¿”ã—ã¾ã™ã€‚
\return >=0 ä¿ç•™ä¸­ã®ãƒã‚¤ãƒˆæ•°ã€‚
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -8342,13 +9607,14 @@ WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚µãƒ¼ãƒãƒ¼ã«ã‚ˆã£ã¦é€ä¿¡ã•ã‚ŒãŸãƒ©ãƒ³ãƒ€ãƒ ãªãƒ‡ãƒ¼ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \biiefã¯ã€ã“ã®é–¢æ•°ã¯ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚µãƒ¼ãƒãƒ¼ã«ã‚ˆã£ã¦é€ä¿¡ã•ã‚ŒãŸãƒ©ãƒ³ãƒ€ãƒ ãªãƒ‡ãƒ¼ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return >0 データã®å–å¾—ã«æˆåŠŸã—ãŸå ´åˆã€0より大ãã„値を返ã—ã¾ã™ã€‚
\return 0 ランダムãªãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒè¿”ã•ã‚Œãªã„å ´åˆã¯0
\return max 渡ã•ã‚ŒãŸOUTSZãŒ0ã®å ´åˆã€å¿…è¦ãªæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™ã€‚
\param ssl クライアントã®ãƒ©ãƒ³ãƒ€ãƒ ãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®WolfSSL構造。
\param out ランダムデータをä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+
_Example_
\code
WOLFSSL ssl;
@@ -8367,13 +9633,14 @@ size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
unsigned char *out, size_t outlen);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦é€ä¿¡ã•ã‚ŒãŸãƒ©ãƒ³ãƒ€ãƒ ãªãƒ‡ãƒ¼ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \ingroup Setup
+ \biiefã¯ã€ã“ã®é–¢æ•°ã¯ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ä¸­ã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦é€ä¿¡ã•ã‚ŒãŸãƒ©ãƒ³ãƒ€ãƒ ãªãƒ‡ãƒ¼ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
\return >0 データã®å–å¾—ã«æˆåŠŸã—ãŸå ´åˆã€0より大ãã„値を返ã—ã¾ã™ã€‚
\return 0 ランダムãªãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼çŠ¶æ…‹ãŒè¿”ã•ã‚Œãªã„å ´åˆã¯0
\return max 渡ã•ã‚ŒãŸOUTSZãŒ0ã®å ´åˆã€å¿…è¦ãªæœ€å¤§ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºãŒè¿”ã•ã‚Œã¾ã™ã€‚
\param ssl クライアントã®ãƒ©ãƒ³ãƒ€ãƒ ãƒ‡ãƒ¼ã‚¿ãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®WolfSSL構造。
\param out ランダムデータをä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
+
_Example_
\code
WOLFSSL ssl;
@@ -8392,10 +9659,11 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
unsigned char* out, size_t outSz);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã‚Œã¯CTXã§è¨­å®šã•ã‚ŒãŸãƒ‘スワードコールãƒãƒƒã‚¯ã®ã‚²ãƒƒã‚¿ãƒ¼é–¢æ•°ã§ã™ã€‚
\return func æˆåŠŸã™ã‚‹ã¨ã€ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯é–¢æ•°ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL CTXãŒNULLã®å ´åˆã€NULLãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -8411,10 +9679,11 @@ wc_pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX*
ctx);
/*!
- \ingroup Setup
- \brief ã“ã‚Œã¯ã€CTXã§è¨­å®šã•ã‚Œã¦ã„るパスワードコールãƒãƒƒã‚¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ãƒ‡ãƒ¼ã‚¿ã®å–得機能ã§ã™ã€‚
+ \ingroup Setup
+ \bri f ã“ã®é–¢æ•°ã¯ã€ã‚Œã¯ã€CTXã§è¨­å®šã•ã‚Œã¦ã„るパスワードコールãƒãƒƒã‚¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ãƒ‡ãƒ¼ã‚¿ã®å–得機能ã§ã™ã€‚
\return pointer æˆåŠŸã™ã‚‹ã¨ã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ãƒ‡ãƒ¼ã‚¿ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
\return NULL CTXãŒNULLã®å ´åˆã€NULLãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -8429,13 +9698,14 @@ wc_pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX*
void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯wolfssl_pem_read_bio_x509ã¨åŒã˜ã‚ˆã†ã«å‹•ä½œã—ã¾ã™ã€‚AUXã¯ã€ä¿¡é ¼ã§ãã‚‹/æ‹’å¦ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¹ã‚±ãƒ¼ã‚¹ã‚„人間ã®èª­ã¿ã‚„ã™ã•ã®ãŸã‚ã®ãƒ•ãƒ¬ãƒ³ãƒ‰ãƒªãƒ¼ãªåå‰ãªã©ã®è¿½åŠ æƒ…報をå«ã‚€ã“ã¨ã‚’æ„味ã—ã¾ã™ã€‚
\return WOLFSSL_X509 PEMãƒãƒƒãƒ•ã‚¡ã®è§£æžã«æˆåŠŸã—ãŸå ´åˆã€wolfssl_x509構造ãŒè¿”ã•ã‚Œã¾ã™ã€‚
\return Null PEMãƒãƒƒãƒ•ã‚¡ã®è§£æžã«å¤±æ•—ã—ãŸå ´åˆã€‚
- \param bp wolfssl_bio構造体ã‹ã‚‰PEMãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã—ã¾ã™ã€‚
+ \param bp WOLFSSL_BIO構造体体ã‹ã‚‰PEMãƒãƒƒãƒ•ã‚¡ã‚’å–å¾—ã—ã¾ã™ã€‚
\param x wolfssl_x509を機能副作用ã§è¨­å®šã™ã‚‹å ´åˆ
\param cb パスワードコールãƒãƒƒã‚¯
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -8450,13 +9720,14 @@ WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
(WOLFSSL_BIO *bp, WOLFSSL_X509 **x, wc_pem_password_cb *cb, void *u);
/*!
- \ingroup CertsKeys
- \brief wolfssl_ctx構造体ã®DHメンãƒãƒ¼ã‚’diffie-hellmanパラメータã§åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief WOLFSSL_CTX構造体ã®DHメンãƒãƒ¼ã‚’diffie-hellmanパラメータã§åˆæœŸåŒ–ã—ã¾ã™ã€‚
\return SSL_SUCCESS 関数ãŒæ­£å¸¸ã«å®Ÿè¡Œã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return BAD_FUNC_ARG CTXã¾ãŸã¯DH構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \return SSL_FATAL_ERROR 構造値を設定ã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \return MEMORY_E メモリを割り当ã¦ã‚‹ã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
- \param ctx wolfssl_ctx_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return SSL_FATAL_ERROR 構造値を設定ã™ã‚‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E メモリを割り当ã¦ã‚‹ã“ã¨ãŒã§ããªã‹ã£ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx wolfSSL_CTX_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -8469,13 +9740,14 @@ WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€BIOã®PEMãƒãƒƒãƒ•ã‚¡ã‹ã‚‰DSAパラメータをå–å¾—ã—ã¾ã™ã€‚
\return WOLFSSL_DSA PEMãƒãƒƒãƒ•ã‚¡ã®è§£æžã«æˆåŠŸã—ãŸå ´åˆã€WolfSSL_DSA構造ãŒä½œæˆã•ã‚Œã€è¿”ã•ã‚Œã¾ã™ã€‚
\return Null PEMãƒãƒƒãƒ•ã‚¡ã®è§£æžã«å¤±æ•—ã—ãŸå ´åˆã€‚
- \param bio PEMメモリãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®wolfssl_bio構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param bio PEMメモリãƒã‚¤ãƒ³ã‚¿ã‚’å–å¾—ã™ã‚‹ãŸã‚ã®WOLFSSL_BIO構造体体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param x æ–°ã—ã„WolfSSL_DSA構造ã«è¨­å®šã™ã‚‹ãƒã‚¤ãƒ³ã‚¿ã€‚
\param cb パスワードコールãƒãƒƒã‚¯é–¢æ•°
+
_Example_
\code
WOLFSSL_BIO* bio;
@@ -8491,9 +9763,10 @@ WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp,
WOLFSSL_DSA **x, wc_pem_password_cb *cb, void *u);
/*!
- \ingroup Debug
+ \ingroup Debug
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl_Errorã«é­é‡ã—ãŸæœ€å¾Œã®ã‚¨ãƒ©ãƒ¼ã®çµ¶å¯¾å€¤ã‚’è¿”ã—ã¾ã™ã€‚
\return error 最後ã®ã‚¨ãƒ©ãƒ¼ã®çµ¶å¯¾å€¤ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
unsigned long err;
@@ -8506,10 +9779,11 @@ WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp,
unsigned long wolfSSL_ERR_peek_last_error(void);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ãƒ”ã‚¢ã®è¨¼æ˜Žæ›¸ãƒã‚§ãƒ¼ãƒ³ã‚’å–å¾—ã—ã¾ã™ã€‚
\return pointer ピアã®è¨¼æ˜Žæ›¸ã‚¹ã‚¿ãƒƒã‚¯ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
- \return NULL ピア証明書ãŒãªã„å ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚
+ \return NULL ピア証明書ãŒãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -8528,9 +9802,10 @@ unsigned long wolfSSL_ERR_peek_last_error(void);
WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€wolfssl_ctxオブジェクトã®ã‚ªãƒ—ションビットをリセットã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTXオブジェクトã®ã‚ªãƒ—ションビットをリセットã—ã¾ã™ã€‚
\return option æ–°ã—ã„オプションビット
+
_Example_
\code
WOLFSSL_CTX* ctx = 0;
@@ -8544,15 +9819,16 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€WolfSSL構造ã®jobjectrefメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
\return SSL_SUCCESS jobjectrefãŒobjptrã«æ­£ã—ã設定ã•ã‚Œã¦ã„ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SSL_FAILURE 関数ãŒæ­£ã—ã実行ã•ã‚Œãšã€jobjectrefãŒè¨­å®šã•ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
- \param ssl wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
- WOLFSSL* ssl = WOLFSSL_new();
+ WOLFSSL* ssl = wolfSSL_new();
void* objPtr = &obj;
...
if(wolfSSL_set_jobject(ssl, objPtr)){
@@ -8564,10 +9840,12 @@ long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt);
int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€wolfssl構造ã®jobjectrefメンãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
\return value wolfssl構造体ãŒnullã§ãªã„å ´åˆã€é–¢æ•°ã¯jobjectref値を返ã—ã¾ã™ã€‚
\return NULL wolfssl構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -8584,10 +9862,12 @@ int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
void* wolfSSL_get_jobject(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯SSL内ã®ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã‚’観察ã™ã‚‹ã“ã¨ã§ã™ã€‚CBã®NULL値ã¯ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’リセットã—ã¾ã™ã€‚
\return SSL_SUCCESS æˆåŠŸã—ã¦ã„ã¾ã™ã€‚
\return SSL_FAILURE NULL SSLãŒæ¸¡ã•ã‚ŒãŸå ´åˆã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
static cb(int write_p, int version, int content_type,
@@ -8602,9 +9882,11 @@ void* wolfSSL_get_jobject(WOLFSSL* ssl);
int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€SSL内ã®é–¢é€£ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚­ã‚¹ãƒˆå€¤ã‚’設定ã—ã¾ã™ã€‚値ã¯ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯å¼•æ•°ã«æ¸¡ã•ã‚Œã¾ã™ã€‚
\return none è¿”å“ä¸å¯ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
static cb(int write_p, int version, int content_type,
@@ -8620,10 +9902,11 @@ int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb);
int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg);
/*!
- \ingroup CertsKeys
+ \ingroup CertsKeys
\brief ã“ã®é–¢æ•°ã¯ã€å­˜åœ¨ã™ã‚‹å ´åˆã¯ã€ãƒ”ア証明書ã‹ã‚‰altnameã‚’è¿”ã—ã¾ã™ã€‚
\return NULL 次ã®AltNameãŒãªã„å ´åˆã€‚
\return cert->altNamesNext->name wolfssl_x509ã‹ã‚‰ã€AltNameリストã‹ã‚‰ã®æ–‡å­—列値ã§ã‚る構造ãŒå­˜åœ¨ã™ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -8637,13 +9920,15 @@ int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg);
\sa wolfSSL_X509_get_issuer_name
\sa wolfSSL_X509_get_subject_name
*/
-char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
+char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* x509);
/*!
- \ingroup CertsKeys
- \brief 関数ã¯ã€x509ãŒnullã®ã‹ã©ã†ã‹ã‚’確èªã—ã€ãã†ã§ãªã„å ´åˆã¯ã€x509構造体ã®NotBeforeメンãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
- \return pointer X509構造体ã®NotBeforeメンãƒãƒ¼ã«ASN1_TIMEを使用ã—ã¦æ§‹é€ ä½“ã«ã€‚
- \return NULL x509構造ãŒnullã®å ´åˆã€é–¢æ•°ã¯nullã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup CertsKeys
+ \brief 関数ã¯ã€x509ãŒnullã®ã‹ã©ã†ã‹ã‚’確èªã—ã€ãã†ã§ãªã„å ´åˆã¯ã€WOLFSSL_X509構造体ã®NotBeforeメンãƒãƒ¼ã‚’è¿”ã—ã¾ã™ã€‚
+ \return pointer WOLFSSL_ASN1_TIMEã¸ã®ãƒã‚¤ãƒ³ã‚¿ï¼ˆWOLFSSL_X509構造体ã®NotBeforeメンãƒãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ï¼‰ã‚’è¿”ã—ã¾ã™ã€‚
+ \return NULL WOLFSSL_X509構造体ãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param x509 WOLFSSL_X509構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
_Example_
\code
WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -8656,13 +9941,27 @@ char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
\endcode
\sa wolfSSL_X509_get_notAfter
*/
-WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509*);
+WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509* x509);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã€ã‚µãƒ¼ãƒãƒ¼ã¨ã®SSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ wolfssl_connect()ã¯ã€ãƒ–ロックã¨éžãƒ–ロックI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒŽãƒ³ãƒ–ロッキングã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_connect()ã¯ã€åŸºã«ãªã‚‹I / OãŒwolfssl_connectã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚通話プロセスã¯ã€åŸºç¤Žã¨ãªã‚‹I / OãŒREADYãŠã‚ˆã³WOLFSSLãŒåœæ­¢ã—ãŸã¨ãã«wolfssl_connect()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_connect()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã®ã¿æˆ»ã‚‹ã€‚ WolfSSLã¯OpenSSLよりも証明書検証ã«ç•°ãªã‚‹ã‚¢ãƒ—ローãƒã‚’å–ã‚Šã¾ã™ã€‚クライアントã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒãƒªã‚·ãƒ¼ã¯ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ã§ã™ã€‚ã“ã‚Œã¯ã€CASを読ã¿è¾¼ã¾ãªã„å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ãŒã§ãã€ç¢ºèªã§ãã¾ã›ã‚“(-155)。 SSL_CONNECTã‚’æŒã¤ã“ã¨ã®OpenSSLã®å‹•ä½œãŒæˆåŠŸã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼ã‚’検証ã—ã¦ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã‚’抑ãˆã‚‹ã“ã¨ãŒã§ãã¾ã™.SSL_CTX_SET_VERIFY(CTXã€SSL_VERIFY_NONEã€0)。 ssl_new()を呼ã³å‡ºã™å‰ã«ã€‚ãŠå‹§ã‚ã§ãã¾ã›ã‚“ãŒã€‚
- \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆ
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã€ã‚µãƒ¼ãƒãƒ¼ã¨ã®SSL/TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¾ã§ã«ä¸‹å±¤ã®é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ wolfSSL_connect()ã¯ã€ãƒ–ロッキングã¨ãƒŽãƒ³ãƒ–ロッキングI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 下層ã®I/OãŒãƒŽãƒ³ãƒ–ロッキングã®å ´åˆã€wolfSSL_connect()ã¯ã€ä¸‹å±¤ã®I/OãŒwolfSSL_connectã®è¦æ±‚(é€ä¿¡ãƒ‡ãƒ¼ã‚¿ã€å—信データ)を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«ã¯å³æˆ»ã‚Šã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã®å‘¼ã³å‡ºã—ã§SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ 呼ã³å‡ºã—ãŸãƒ—ロセスã¯ã€ä¸‹å±¤ã®I/OãŒãŒREADYã«ãªã£ãŸæ™‚点ã§ã€WOLFSSLãŒåœæ­¢ã—ãŸã¨ãã‹ã‚‰å†é–‹ã§ãるよã†ã«wolfSSL_connect()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ã“ã‚Œã«ã¯select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ãŒæ•´ã£ãŸã‹ã©ã†ã‹ã‚’確èªã§ãã¾ã™ã€‚
+ ブロッキングI/Oを使用ã™ã‚‹å ´åˆã¯ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ãŒçµ‚了ã™ã‚‹ã‹ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã™ã‚‹ã¾ã§æˆ»ã£ã¦ãã¾ã›ã‚“。
+ wolfSSLã¯OpenSSLã¨æ¯”ã¹ã¦è¨¼æ˜Žæ›¸æ¤œè¨¼ã«ç•°ãªã‚‹ã‚¢ãƒ—ローãƒã‚’å–ã‚Šã¾ã™ã€‚クライアントã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒãƒªã‚·ãƒ¼ã¯ã‚µãƒ¼ãƒãƒ¼ã‚’èªè¨¼ã™ã‚‹ã“ã¨ã§ã™ã€‚
+ ã“ã‚Œã¯ã€CA証明書を読ã¿è¾¼ã¾ãªã„å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ãŒã§ããšâ€-155â€ã®ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ OpenSSLã¨åŒã˜æŒ¯ã‚‹èˆžã„(ã¤ã¾ã‚Šã€CA証明書ã®ãƒ­ãƒ¼ãƒ‰ãªã—ã§ã‚µãƒ¼ãƒãƒ¼èªè¨¼ã‚’æˆåŠŸã•ã›ã‚‹ï¼‰ã‚’å–らã›ãŸã„å ´åˆã«ã¯ã€ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£é¢ã§ãŠå‹§ã‚ã¯ã—ã¾ã›ã‚“ãŒã€
+ SSL_CTX_SET_VERIFY(ctxã€SSL_VERIFY_NONEã€0)を呼ã³å‡ºã™ã“ã¨ã§å¯èƒ½ã¨ãªã‚Šã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWolfSSL構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -8682,15 +9981,16 @@ WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509*);
int wolfSSL_connect(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã¦ã€HellORetryRequestメッセージã«Cookieã‚’å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚Cookieã¯ç¾åœ¨ã®ãƒˆãƒ©ãƒ³ã‚¹ã‚¯ãƒªãƒ—トã®ãƒãƒƒã‚·ãƒ¥ã‚’ä¿æŒã—ã¦ã„ã‚‹ã®ã§ã€åˆ¥ã®ã‚µãƒ¼ãƒãƒ¼ãƒ—ロセスã¯å¿œç­”ã§ClientHelloを処ç†ã§ãã¾ã™ã€‚秘密ã¯Cookieデータã®æ•´åˆæ€§ãƒã‚§ãƒƒã‚¯ã‚’Genertingã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] ssl l wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param [in] 秘密をä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’秘密ã«ã—ã¾ã™ã€‚渡ã™NULLã¯ã€æ–°ã—ã„ランダムシークレットを生æˆã™ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚
\param [in] シークスã®ã‚µã‚¤ã‚ºã‚’ãƒã‚¤ãƒˆå˜ä½ã§ã‚µã‚¤ã‚ºã€‚0を渡ã™ã¨ã€ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆã®ã‚µã‚¤ã‚ºã‚’使用ã™ã‚‹ã“ã¨ã‚’示ã—ã¾ã™.WC_SHA256_DIGEST_SIZE(ã¾ãŸã¯SHA-256ãŒä½¿ç”¨ã§ããªã„å ´åˆã¯WC_SHA_DIGEST_SIZE)。
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
- \return WOLFSSL_SUCCESS æˆåŠŸã—ãŸå ´åˆ
+ \return WOLFSSL_SUCCESS æˆåŠŸã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return MEMORY_ERROR 秘密をä¿å­˜ã™ã‚‹ãŸã‚ã«å‹•çš„メモリを割り当ã¦ã‚‹å ´åˆã«å¤±æ•—ã—ã¾ã—ãŸã€‚
+
_Example_
\code
int ret;
@@ -8708,11 +10008,31 @@ int wolfSSL_send_hrr_cookie(WOLFSSL* ssl,
const unsigned char* secret, unsigned int secretSz);
/*!
- \ingroup Setup
- \brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã™ã‚‹ã¨ã€ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼ä¸Šã§å†é–‹ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã®é€ä¿¡ã‚’åœæ­¢ã™ã‚‹ã‚ˆã†ã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \ingroup Setup
+
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã€HelloRetryRequestメッセージãŒã‚¯ãƒƒã‚­ãƒ¼ã‚’å«ã‚“ã§ã¯ãªã‚‰ãªã„ã“ã¨ã€
+ DTLSv1.3ãŒä½¿ç”¨ã•ã‚Œã¦ã„ã‚‹å ´åˆã«ã¯ã‚¯ãƒƒã‚­ãƒ¼ã®äº¤æ›ãŒãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ã«å«ã¾ã‚Œãªã„ã“ã¨ã‚’表明ã—ã¾ã™ã€‚
+ DTLSv1.3ã§ã¯ã‚¯ãƒƒã‚­ãƒ¼äº¤æ›ã‚’è¡Œã‚ãªã„ã¨ã‚µãƒ¼ãƒãƒ¼ãŒDoS/Amplification攻撃をå—ã‘ã‚„ã™ããªã‚‹å¯èƒ½æ€§ãŒã‚ã‚‹ã“ã¨ã«ç•™æ„ã—ã¦ãã ã•ã„。
+
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã‚ã‚‹ã„ã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIDE_ERROR クライアントå´ã§ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \sa wolfSSL_send_hrr_cookie
+*/
+int wolfSSL_disable_hrr_cookie(WOLFSSL* ssl);
+
+
+/*!
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼ä¸Šã§å‘¼ã³å‡ºã•ã‚Œã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯å®Œäº†æ™‚ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³å†é–‹ã®ãŸã‚ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã®é€ä¿¡ã‚’è¡Œã‚ãªã„よã†ã«ã—ã¾ã™ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8728,11 +10048,12 @@ int wolfSSL_send_hrr_cookie(WOLFSSL* ssl,
int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã™ã‚‹ã¨ã€ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼ä¸Šã§å†é–‹ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã®é€ä¿¡ã‚’åœæ­¢ã™ã‚‹ã‚ˆã†ã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8748,10 +10069,11 @@ int wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx);
int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€Authenticationã«ãƒ—リシェアキーを使用ã—ã¦ã„ã‚‹å ´åˆã€DIFFIE-HELLMAN(DH)スタイルã®ã‚­ãƒ¼äº¤æ›ã‚’許å¯ã™ã‚‹TLS V1.3 WolfSSLコンテキストã§å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8767,10 +10089,11 @@ int wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl);
int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€Authenticationã®ãŸã‚ã«ãƒ—リシェアキーを使用ã—ã¦ã„ã‚‹ã¨ãã«Diffie-Hellman(DH)スタイルã®ã‚­ãƒ¼äº¤æ›ã‚’許å¯ã™ã‚‹TLS V1.3クライアントã¾ãŸã¯ã‚µãƒ¼ãƒãƒ¼ã®WolfSSLã§å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€äº‹å‰å…±æœ‰éµã‚’使用ã—ã¦ã„ã‚‹TLS V1.3クライアントã¾ãŸã¯ã‚µãƒ¼ãƒãƒ¼ã§ã€ã«Diffie-Hellman(DH)スタイルã®éµäº¤æ›ã‚’許å¯ã—ãªã„よã†ã«è¨­å®šã—ã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8786,11 +10109,12 @@ int wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx);
int wolfSSL_no_dhe_psk(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3クライアントã¾ãŸã¯ã‚µãƒ¼ãƒãƒ¼ã®wolfsslã§å‘¼ã³å‡ºã•ã‚Œã¦ã€ã‚­ãƒ¼ã®ãƒ­ãƒ¼ãƒ«ã‚ªãƒ¼ãƒãƒ¼ã‚’強制ã—ã¾ã™ã€‚KeyUpdateメッセージãŒãƒ”ã‚¢ã«é€ä¿¡ã•ã‚Œã€æ–°ã—ã„キーãŒæš—å·åŒ–ã®ãŸã‚ã«è¨ˆç®—ã•ã‚Œã¾ã™ã€‚ピアã¯KeyUpdateメッセージをé€ã‚Šã€æ–°ã—ã„復å·åŒ–キーWILを計算ã—ã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«ã®ã¿å‘¼ã³å‡ºã™ã“ã¨ãŒã§ãã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return WANT_WRITE 書ãè¾¼ã¿ãŒæº–å‚™ãŒã§ãã¦ã„ãªã„å ´åˆ
+
_Example_
\code
int ret;
@@ -8809,11 +10133,12 @@ int wolfSSL_no_dhe_psk(WOLFSSL* ssl);
int wolfSSL_update_keys(WOLFSSL* ssl);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3クライアントã¾ãŸã¯ã‚µãƒ¼ãƒãƒ¼ã®wolfsslã§å‘¼ã³å‡ºã•ã‚Œã€ã‚­ãƒ¼ã®ãƒ­ãƒ¼ãƒ«ã‚ªãƒ¼ãƒãƒ¼ãŒé€²è¡Œä¸­ã‹ã©ã†ã‹ã‚’判断ã—ã¾ã™ã€‚wolfssl_update_keys()ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€KeyUpdateメッセージãŒé€ä¿¡ã•ã‚Œã€æš—å·åŒ–キーãŒæ›´æ–°ã•ã‚Œã¾ã™ã€‚復å·åŒ–キーã¯ã€å¿œç­”ãŒå—ä¿¡ã•ã‚ŒãŸã¨ãã«æ›´æ–°ã•ã‚Œã¾ã™ã€‚
- \param [in] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3クライアントã¾ãŸã¯ã‚µãƒ¼ãƒãƒ¼ã®wolfsslã§å‘¼ã³å‡ºã•ã‚Œã€ã‚­ãƒ¼ã®ãƒ­ãƒ¼ãƒ«ã‚ªãƒ¼ãƒãƒ¼ãŒé€²è¡Œä¸­ã‹ã©ã†ã‹ã‚’判断ã—ã¾ã™ã€‚wolfssl_update_keys()ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€KeyUpdateメッセージãŒé€ä¿¡ã•ã‚Œã€æš—å·åŒ–キーãŒæ›´æ–°ã•ã‚Œã¾ã™ã€‚復å·åŒ–キーã¯ã€å¿œç­”ãŒå—ä¿¡ã•ã‚ŒãŸã¨ãã«æ›´æ–°ã•ã‚Œã¾ã™ã€‚
+ \param [in] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param [out] キー更新応答ãŒå¿…è¦ãªã„å ´åˆã¯å¿…é ˆ0。1キー更新応答ãŒå¿…è¦ãªã„å ´åˆã€‚
\return 0 æˆåŠŸã—ãŸã€‚
+
_Example_
\code
int ret;
@@ -8833,11 +10158,12 @@ int wolfSSL_update_keys(WOLFSSL* ssl);
int wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3クライアントã®WolfSSLコンテキストã§å‘¼ã³å‡ºã•ã‚Œã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰ã®è¦æ±‚ã«å¿œã˜ã¦Post Handshakeã‚’é€ä¿¡ã§ãるよã†ã«ã—ã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆèªè¨¼ãªã©ã‚’å¿…è¦ã¨ã—ãªã„ページをæŒã¤Webサーãƒãƒ¼ã«æŽ¥ç¶šã™ã‚‹ã¨ãã«å½¹ç«‹ã¡ã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR サーãƒãƒ¼ã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8854,11 +10180,12 @@ int wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€TLS V1.3クライアントWolfSSLã§å‘¼ã³å‡ºã•ã‚Œã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã¯ã‚µãƒ¼ãƒãƒ¼ã‹ã‚‰ã®è¦æ±‚ã«å¿œã˜ã¦ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’é€ã‚Šã¾ã™ã€‚handshakeクライアントèªè¨¼æ‹¡å¼µæ©Ÿèƒ½ã¯ClientHelloã§é€ä¿¡ã•ã‚Œã¾ã™ã€‚ã“ã‚Œã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆèªè¨¼ãªã©ã‚’å¿…è¦ã¨ã—ãªã„ページをæŒã¤Webサーãƒãƒ¼ã«æŽ¥ç¶šã™ã‚‹ã¨ãã«å½¹ç«‹ã¡ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR サーãƒãƒ¼ã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8875,15 +10202,16 @@ int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
/*!
- \ingroup IO
+ \ingroup IO
\brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3クライアントã‹ã‚‰ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚’è¦æ±‚ã—ã¾ã™ã€‚ã“ã‚Œã¯ã€Webサーãƒãƒ¼ãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆèªè¨¼ã‚„ãã®ä»–ã®ã‚‚ã®ã‚’å¿…è¦ã¨ã™ã‚‹ãƒšãƒ¼ã‚¸ã«ã‚µãƒ¼ãƒ“スをæä¾›ã—ã¦ã„ã‚‹å ´åˆã«å½¹ç«‹ã¡ã¾ã™ã€‚接続ã§æœ€å¤§256ã®è¦æ±‚ã‚’é€ä¿¡ã§ãã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return WANT_WRITE 書ãè¾¼ã¿ãŒæº–å‚™ãŒã§ãã¦ã„ãªã„å ´åˆ
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
\return NOT_READY_ERROR ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ã¦ã„ãªã„ã¨ãã«å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
\return POST_HAND_AUTH_ERROR é€ä»˜å¾Œèªè¨¼ãŒè¨±å¯ã•ã‚Œã¦ã„ãªã„å ´åˆã€‚
\return MEMORY_E 動的メモリ割り当ã¦ãŒå¤±æ•—ã—ãŸå ´åˆ
+
_Example_
\code
int ret;
@@ -8903,11 +10231,12 @@ int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
int wolfSSL_request_certificate(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯æ¥•å††æ›²ç·šã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’設定ã—ã¦ã€WolfSSLコンテキストを希望ã®é †ã«è¨­å®šã—ã¾ã™ã€‚リストã¯ãƒŒãƒ«çµ‚了ã—ãŸãƒ†ã‚­ã‚¹ãƒˆæ–‡å­—列ã€ãŠã‚ˆã³ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã™ã€‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€TLS v1.3接続ã§ä½¿ç”¨ã™ã‚‹éµäº¤æ›æ¥•å††æ›²ç·šãƒ‘ラメータを設定ã—ã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 楕円曲線グループã®ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã‚る文字列をリストã—ã¾ã™ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] list 楕円曲線グループã®ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã‚る文字列をリストã—ã¾ã™ã€‚
\return WOLFSSL_FAILURE ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã€wolfssl_max_group_countグループãŒå¤šã„å ´åˆã¯ã€ã‚°ãƒ«ãƒ¼ãƒ—åãŒèªè­˜ã•ã‚Œãªã„ã‹ã€TLS v1.3を使用ã—ã¦ã„ã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -8928,11 +10257,12 @@ int wolfSSL_request_certificate(WOLFSSL* ssl);
int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯æ¥•å††æ›²ç·šã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’設定ã—ã¦ã€WolfSSLを希望ã®é †ã«è¨­å®šã—ã¾ã™ã€‚リストã¯ãƒŒãƒ«çµ‚了ã—ãŸãƒ†ã‚­ã‚¹ãƒˆæ–‡å­—列ã€ãŠã‚ˆã³ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã™ã€‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€TLS v1.3接続ã§ä½¿ç”¨ã™ã‚‹éµäº¤æ›æ¥•å††æ›²ç·šãƒ‘ラメータを設定ã—ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã‚る文字列をリストã—ã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] list éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®ã‚³ãƒ­ãƒ³åŒºåˆ‡ã‚Šãƒªã‚¹ãƒˆã§ã‚る文字列をリストã—ã¾ã™ã€‚
\return WOLFSSL_FAILURE ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã€wolfssl_max_group_countグループãŒå¤šã„å ´åˆã¯ã€ã‚°ãƒ«ãƒ¼ãƒ—åãŒèªè­˜ã•ã‚Œãªã„ã‹ã€TLS v1.3を使用ã—ã¦ã„ã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -8953,12 +10283,13 @@ int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
/*!
- \ingroup TLS
- \brief ã“ã®é–¢æ•°ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒTLS v1.3ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã§ä½¿ç”¨ã™ã‚‹ã“ã¨ã‚’好むキー交æ›ã‚°ãƒ«ãƒ¼ãƒ—ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®æƒ…報を完了ã—ãŸå¾Œã«ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã—ã¦ã€ã‚µãƒ¼ãƒãƒ¼ãŒã©ã®ã‚°ãƒ«ãƒ¼ãƒ—ãŒäºˆæƒ³ã•ã‚Œã‚‹ã‚ˆã†ã«ã“ã®æƒ…å ±ãŒå°†æ¥ã®æŽ¥ç¶šã§ä½¿ç”¨ã§ãるよã†ã«ãªã‚‹ã‹ã‚’決定ã™ã‚‹ãŸã‚ã«ã€ã“ã®æƒ…å ±ãŒå°†æ¥ã®æŽ¥ç¶šã§éµäº¤æ›ã®ãŸã‚ã®éµãƒšã‚¢ã‚’事å‰ç”Ÿæˆã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \ingroup TLS
+ \brief ã“ã®é–¢æ•°ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆãŒTLS v1.3ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã§ä½¿ç”¨ã™ã‚‹ã“ã¨ã‚’好むéµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®æƒ…報を完了ã—ãŸå¾Œã«ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã—ã¦ã€ã‚µãƒ¼ãƒãƒ¼ãŒã©ã®ã‚°ãƒ«ãƒ¼ãƒ—ãŒäºˆæƒ³ã•ã‚Œã‚‹ã‚ˆã†ã«ã“ã®æƒ…å ±ãŒå°†æ¥ã®æŽ¥ç¶šã§ä½¿ç”¨ã§ãるよã†ã«ãªã‚‹ã‹ã‚’決定ã™ã‚‹ãŸã‚ã«ã€ã“ã®æƒ…å ±ãŒå°†æ¥ã®æŽ¥ç¶šã§éµäº¤æ›ã®ãŸã‚ã®éµãƒšã‚¢ã‚’事å‰ç”Ÿæˆã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR サーãƒãƒ¼ã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
\return NOT_READY_ERROR ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒå®Œäº†ã™ã‚‹å‰ã«å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -8980,12 +10311,13 @@ int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
int wolfSSL_preferred_group(WOLFSSL* ssl);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯æ¥•å††æ›²ç·šã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’設定ã—ã¦ã€WolfSSLコンテキストを希望ã®é †ã«è¨­å®šã—ã¾ã™ã€‚リストã¯ã€Countã§æŒ‡å®šã•ã‚ŒãŸè­˜åˆ¥å­ã®æ•°ã‚’æŒã¤ã‚°ãƒ«ãƒ¼ãƒ—識別å­ã®é…列ã§ã™ã€‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€TLS v1.3接続ã§ä½¿ç”¨ã™ã‚‹éµäº¤æ›æ¥•å††æ›²ç·šãƒ‘ラメータを設定ã—ã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 識別å­ã«ã‚ˆã£ã¦éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’グループ化ã—ã¾ã™ã€‚
- \param [in] グループ内ã®éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®æ•°ã‚’æ•°ãˆã¾ã™ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] groups 識別å­ã«ã‚ˆã£ã¦éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’グループ化ã—ã¾ã™ã€‚
+ \param [in] count グループ内ã®éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®æ•°ã‚’æ•°ãˆã¾ã™ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã€ã‚°ãƒ«ãƒ¼ãƒ—æ•°ã¯wolfssl_max_group_countを超ãˆã¦ã„ã‚‹ã‹ã€TLS v1.3を使用ã—ã¦ã„ã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -9010,12 +10342,13 @@ int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
int count);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€wolfsslを許ã™ãŸã‚ã«æ¥•å††æ›²ç·šã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’設定ã—ã¾ã™ã€‚リストã¯ã€Countã§æŒ‡å®šã•ã‚ŒãŸè­˜åˆ¥å­ã®æ•°ã‚’æŒã¤ã‚°ãƒ«ãƒ¼ãƒ—識別å­ã®é…列ã§ã™ã€‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€TLS v1.3接続ã§ä½¿ç”¨ã™ã‚‹éµäº¤æ›æ¥•å††æ›²ç·šãƒ‘ラメータを設定ã—ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] 識別å­ã«ã‚ˆã£ã¦éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’グループ化ã—ã¾ã™ã€‚
- \param [in] グループ内ã®éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®æ•°ã‚’æ•°ãˆã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] groups 識別å­ã«ã‚ˆã£ã¦éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®ãƒªã‚¹ãƒˆã‚’グループ化ã—ã¾ã™ã€‚
+ \param [in] count グループ内ã®éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ã®æ•°ã‚’æ•°ãˆã¾ã™ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã€ã‚°ãƒ«ãƒ¼ãƒ—æ•°ãŒWolfSSL_MAX_GROUP_COUNTを超ãˆã¦ã„ã‚‹å ´åˆã€ä»»æ„ã®è­˜åˆ¥å­ã¯èªè­˜ã•ã‚Œãªã„ã‹ã€TLS v1.3を使用ã—ã¦ã„ã¾ã›ã‚“。
+
_Example_
\code
int ret;
@@ -9039,10 +10372,25 @@ int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã€ã‚µãƒ¼ãƒãƒ¼ã¨ã®TLS v1.3ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ wolfssl_connect()ã¯ã€ãƒ–ロックã¨éžãƒ–ロックI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒŽãƒ³ãƒ–ロッキングã•ã‚Œã¦ã„ãªã„å ´åˆã€wolfssl_connect()ã¯ã€åŸºã«ãªã‚‹I / OãŒwolfssl_connectã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚通話プロセスã¯ã€åŸºç¤Žã¨ãªã‚‹I / OãŒREADYãŠã‚ˆã³WOLFSSLãŒåœæ­¢ã—ãŸã¨ãã«wolfssl_connect()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_connect()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã®ã¿æˆ»ã‚‹ã€‚ WolfSSLã¯OpenSSLよりも証明書検証ã«ç•°ãªã‚‹ã‚¢ãƒ—ローãƒã‚’å–ã‚Šã¾ã™ã€‚クライアントã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒãƒªã‚·ãƒ¼ã¯ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ã§ã™ã€‚ã“ã‚Œã¯ã€CASを読ã¿è¾¼ã¾ãªã„å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ãŒã§ãã€ç¢ºèªã§ãã¾ã›ã‚“(-155)。 SSL_CONNECTã‚’æŒã¤ã“ã¨ã®OpenSSLã®å‹•ä½œãŒæˆåŠŸã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼ã‚’検証ã—ã¦ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã‚’抑ãˆã‚‹ã“ã¨ãŒã§ãã¾ã™.SSL_CTX_SET_VERIFY(CTXã€SSL_VERIFY_NONEã€0)。 ssl_new()を呼ã³å‡ºã™å‰ã«ã€‚ãŠå‹§ã‚ã§ãã¾ã›ã‚“ãŒã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã€ã‚µãƒ¼ãƒãƒ¼ã¨ã®TLS v1.3ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€ä¸‹å±¤ã®é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
+ wolfSSL_connect()ã¯ã€ãƒ–ロックã¨ãƒŽãƒ³ãƒ–ロックI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 下層I/OãŒãƒŽãƒ³ãƒ–ロッキングã®å ´åˆã€wolfSSL_connect()ã¯ã€ä¸‹å±¤I/OãŒwolfssl_connectã®è¦æ±‚を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚
+ 通話プロセスã¯ã€ä¸‹å±¤I/OãŒREADYãŠã‚ˆã³WOLFSSLãŒåœæ­¢ã—ãŸã¨ãã«wolfssl_connect()ã¸ã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚
+ 基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_connect()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰ã®ã¿æˆ»ã‚Šã¾ã™ã€‚
+ WolfSSLã¯OpenSSLよりも証明書検証ã«ç•°ãªã‚‹ã‚¢ãƒ—ローãƒã‚’å–ã‚Šã¾ã™ã€‚
+ クライアントã®ãƒ‡ãƒ•ã‚©ãƒ«ãƒˆãƒãƒªã‚·ãƒ¼ã¯ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ã§ã™ã€‚
+ ã“ã‚Œã¯ã€CASを読ã¿è¾¼ã¾ãªã„å ´åˆã€ã‚µãƒ¼ãƒãƒ¼ã‚’確èªã™ã‚‹ã“ã¨ãŒã§ãã€ç¢ºèªã§ãã¾ã›ã‚“(-155)。
+ SSL_CONNECTã‚’æŒã¤ã“ã¨ã®OpenSSLã®å‹•ä½œãŒæˆåŠŸã—ãŸå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼ã‚’検証ã—ã¦ã‚»ã‚­ãƒ¥ãƒªãƒ†ã‚£ã‚’抑ãˆã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ SSL_CTX_SET_VERIFY(CTXã€SSL_VERIFY_NONEã€0)。
+ ssl_new()を呼ã³å‡ºã™å‰ã«ã€‚ãŠå‹§ã‚ã§ãã¾ã›ã‚“ãŒã€‚
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -9062,13 +10410,24 @@ int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
\sa wolfSSL_accept_TLSv13
\sa wolfSSL_accept
*/
-int wolfSSL_connect_TLSv13(WOLFSSL*);
+int wolfSSL_connect_TLSv13(WOLFSSL* ssl);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã€SSL / TLSクライアントãŒSSL / TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã™ã‚‹ã®ã‚’å¾…ã¡ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€åŸºç¤Žã¨ãªã‚‹é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚ wolfssl_accept()ã¯ã€ãƒ–ロックã¨éžãƒ–ロッキングI / Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚基礎ã¨ãªã‚‹å…¥å‡ºåŠ›ãŒãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹å ´åˆã€wolfssl_accept()ã¯ã€åŸºç¤Žã¨ãªã‚‹I / OãŒwolfssl_acceptã®ãƒ‹ãƒ¼ã‚ºã‚’満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚ã“ã®å ´åˆã€wolfssl_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚通話プロセスã¯ã€èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ‡ãƒ¼ã‚¿ãŒä½¿ç”¨å¯èƒ½ã§ã‚ã‚Šã€wolfsslãŒåœæ­¢ã—ãŸå ´æ‰€ã‚’拾ã†ã¨ãã«ã€wolfssl_acceptã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚基礎ã¨ãªã‚‹I / OãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_accept()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰æˆ»ã‚Šã¾ã™ã€‚å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ClientHelloメッセージãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã™ãŒã€TLS v1.3接続を期待ã™ã‚‹ã¨ãã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¾ã™ã€‚
- \return SSL_SUCCESS æˆåŠŸã™ã‚‹ã¨ã€‚
- \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã¯è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfssl_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã€SSL/TLSクライアントãŒSSL/TLSãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’開始ã™ã‚‹ã®ã‚’å¾…ã¡ã†ã‘ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€ä¸‹å±¤ã®é€šä¿¡ãƒãƒ£ãƒãƒ«ã¯ã™ã§ã«è¨­å®šã•ã‚Œã¦ã„ã¾ã™ã€‚
+ wolfSSL_accept()ã¯ã€ãƒ–ロックã¨ãƒŽãƒ³ãƒ–ロッキングI/Oã®ä¸¡æ–¹ã§å‹•ä½œã—ã¾ã™ã€‚
+ 下層ã®å…¥å‡ºåŠ›ãŒãƒŽãƒ³ãƒ–ロッキングã§ã‚ã‚‹å ´åˆã€wolfSSL_accept()ã¯ã€ä¸‹å±¤ã®I/OãŒwolfSSL_acceptã®è¦æ±‚を満ãŸã™ã“ã¨ãŒã§ããªã‹ã£ãŸã¨ãã«æˆ»ã‚Šã¾ã™ã€‚
+ ã“ã®å ´åˆã€wolfSSL_get_error()ã¸ã®å‘¼ã³å‡ºã—ã¯SSL_ERROR_WANT_READã¾ãŸã¯SSL_ERROR_WANT_WRITEã®ã„ãšã‚Œã‹ã‚’生æˆã—ã¾ã™ã€‚
+ 通話プロセスã¯ã€èª­ã¿å–ã‚Šå¯èƒ½ãªãƒ‡ãƒ¼ã‚¿ãŒä½¿ç”¨å¯èƒ½ã§ã‚ã‚Šã€wolfsslãŒåœæ­¢ã—ãŸå ´æ‰€ã‚’拾ã†ã¨ãã«ã€wolfssl_acceptã®å‘¼ã³å‡ºã—ã‚’ç¹°ã‚Šè¿”ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ ノンブロッキングソケットを使用ã™ã‚‹å ´åˆã¯ã€ä½•ã‚‚実行ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ãŒã€select()を使用ã—ã¦å¿…è¦ãªæ¡ä»¶ã‚’確èªã§ãã¾ã™ã€‚
+ 下層ã®I/OãŒãƒ–ロックã•ã‚Œã¦ã„ã‚‹å ´åˆã€wolfssl_accept()ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ãŒçµ‚了ã—ãŸã‚‰ã€ã¾ãŸã¯ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ãŸã‚‰æˆ»ã‚Šã¾ã™ã€‚
+ å¤ã„ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã®ClientHelloメッセージãŒã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã™ãŒã€TLS v1.3接続を期待ã™ã‚‹ã¨ãã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¾ã™ã€‚
+
+ \return SSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SSL_FATAL_ERROR エラーãŒç™ºç”Ÿã—ãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚より詳細ãªã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ã‚’å–å¾—ã™ã‚‹ã«ã¯ã€wolfSSL_get_error()を呼ã³å‡ºã—ã¾ã™ã€‚
+ \param ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
int ret = 0;
@@ -9092,12 +10451,18 @@ int wolfSSL_connect_TLSv13(WOLFSSL*);
wolfSSL_accept_TLSv13(WOLFSSL* ssl);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€WolfSSLコンテキストを使用ã—ã¦TLS V1.3サーãƒãƒ¼ã«ã‚ˆã£ã¦å—ã‘入れられる早期データã®æœ€å¤§é‡ã‚’設定ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€å†ç”Ÿæ”»æ’ƒã‚’軽減ã™ã‚‹ãŸã‚ã®ãƒ—ロセスã¸ã®æ—©æœŸãƒ‡ãƒ¼ã‚¿ã®é‡ã‚’制é™ã—ã¾ã™ã€‚åˆæœŸã®ãƒ‡ãƒ¼ã‚¿ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒé€ä¿¡ã•ã‚ŒãŸã“ã¨ã€ã—ãŸãŒã£ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒå†é–‹ã•ã‚Œã‚‹ãŸã³ã«åŒã˜æŽ¥ç¶šã®ã‚­ãƒ¼ã‹ã‚‰æ´¾ç”Ÿã—ãŸã‚­ãƒ¼ã«ã‚ˆã£ã¦ä¿è­·ã•ã‚Œã¾ã™ã€‚値ã¯å†é–‹ã®ãŸã‚ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ゼロã®å€¤ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã‚’使用ã—ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’é€ä¿¡ã™ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚早期データãƒã‚¤ãƒˆæ•°ã‚’アプリケーションã§å®Ÿéš›ã«ã¯å¯èƒ½ãªé™ã‚Šä½Žãä¿ã¤ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] SZãƒã‚¤ãƒˆå˜ä½ã§å—ã‘入れる早期データã®é‡ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WolfSSLコンテキストを使用ã—ã¦TLS V1.3サーãƒãƒ¼ã«ã‚ˆã£ã¦å—ã‘入れられるアーリーデータã®æœ€å¤§é‡ã‚’設定ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€å†ç”Ÿæ”»æ’ƒã‚’軽減ã™ã‚‹ãŸã‚ã®ãƒ—ロセスã¸ã®ã‚¢ãƒ¼ãƒªãƒ¼ãƒ‡ãƒ¼ã‚¿ã®é‡ã‚’制é™ã—ã¾ã™ã€‚
+ åˆæœŸã®ãƒ‡ãƒ¼ã‚¿ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒé€ä¿¡ã•ã‚ŒãŸã“ã¨ã€ã—ãŸãŒã£ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒå†é–‹ã•ã‚Œã‚‹ãŸã³ã«åŒã˜æŽ¥ç¶šã®éµã‹ã‚‰æ´¾ç”Ÿã—ãŸéµã«ã‚ˆã£ã¦ä¿è­·ã•ã‚Œã¾ã™ã€‚
+ 値ã¯å†é–‹ã®ãŸã‚ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+ ゼロã®å€¤ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã‚’使用ã—ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦ã‚¢ãƒ¼ãƒªãƒ¼ãƒ‡ãƒ¼ã‚¿ã‚’é€ä¿¡ã™ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚
+ アーリーデータãƒã‚¤ãƒˆæ•°ã‚’アプリケーションã§å®Ÿéš›ã«ã¯å¯èƒ½ãªé™ã‚Šä½Žãä¿ã¤ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] sz ãƒã‚¤ãƒˆå˜ä½ã§å—ã‘入れるアーリーデータã®ã‚µã‚¤ã‚ºã€‚
\return BAD_FUNC_ARG CTXãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -9116,12 +10481,18 @@ int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
unsigned int sz);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€WolfSSLコンテキストを使用ã—ã¦TLS V1.3サーãƒãƒ¼ã«ã‚ˆã£ã¦å—ã‘入れられる早期データã®æœ€å¤§é‡ã‚’設定ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€å†ç”Ÿæ”»æ’ƒã‚’軽減ã™ã‚‹ãŸã‚ã®ãƒ—ロセスã¸ã®æ—©æœŸãƒ‡ãƒ¼ã‚¿ã®é‡ã‚’制é™ã—ã¾ã™ã€‚åˆæœŸã®ãƒ‡ãƒ¼ã‚¿ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒé€ä¿¡ã•ã‚ŒãŸã“ã¨ã€ã—ãŸãŒã£ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒå†é–‹ã•ã‚Œã‚‹ãŸã³ã«åŒã˜æŽ¥ç¶šã®ã‚­ãƒ¼ã‹ã‚‰æ´¾ç”Ÿã—ãŸã‚­ãƒ¼ã«ã‚ˆã£ã¦ä¿è­·ã•ã‚Œã¾ã™ã€‚値ã¯å†é–‹ã®ãŸã‚ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ゼロã®å€¤ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã‚’使用ã—ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’é€ä¿¡ã™ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚早期データãƒã‚¤ãƒˆæ•°ã‚’アプリケーションã§å®Ÿéš›ã«ã¯å¯èƒ½ãªé™ã‚Šä½Žãä¿ã¤ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] SZクライアントã‹ã‚‰ãƒã‚¤ãƒˆå˜ä½ã§å—ã‘入れる早期データã®é‡ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€WolfSSLコンテキストを使用ã—ã¦TLS V1.3サーãƒãƒ¼ã«ã‚ˆã£ã¦å—ã‘入れられるアーリーデータã®æœ€å¤§é‡ã‚’設定ã—ã¾ã™ã€‚
+ ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€å†ç”Ÿæ”»æ’ƒã‚’軽減ã™ã‚‹ãŸã‚プロセスã¸ã®ã‚¢ãƒ¼ãƒªãƒ¼ãƒ‡ãƒ¼ã‚¿ã®é‡ã‚’制é™ã—ã¾ã™ã€‚
+ åˆæœŸã®ãƒ‡ãƒ¼ã‚¿ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒé€ä¿¡ã•ã‚ŒãŸã“ã¨ã€ã—ãŸãŒã£ã¦ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆãŒå†é–‹ã•ã‚Œã‚‹ãŸã³ã«åŒã˜æŽ¥ç¶šã®éµã‹ã‚‰æ´¾ç”Ÿã—ãŸéµã«ã‚ˆã£ã¦ä¿è­·ã•ã‚Œã¾ã™ã€‚
+ 値ã¯å†é–‹ã®ãŸã‚ã«ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã«å«ã¾ã‚Œã¦ã„ã¾ã™ã€‚
+ ゼロã®å€¤ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³ãƒã‚±ãƒƒãƒˆã‚’使用ã—ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã«ã‚ˆã£ã¦ã‚¢ãƒ¼ãƒªãƒ¼ãƒ‡ãƒ¼ã‚¿ã‚’é€ä¿¡ã™ã‚‹ã“ã¨ã‚’示ã—ã¾ã™ã€‚
+ アーリーデータãƒã‚¤ãƒˆæ•°ã‚’アプリケーションã§å®Ÿéš›ã«ã¯å¯èƒ½ãªé™ã‚Šä½Žãä¿ã¤ã“ã¨ã‚’ãŠå‹§ã‚ã—ã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] SZクライアントã‹ã‚‰ãƒã‚¤ãƒˆå˜ä½ã§å—ã‘入れるアーリーデータã®ã‚µã‚¤ã‚ºã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã€ã¾ãŸã¯TLS v1.3を使用ã—ã¦ã„ãªã„å ´åˆã€‚
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -9139,15 +10510,19 @@ int wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€å†é–‹æ™‚ã«ã‚µãƒ¼ãƒãƒ¼ã«æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’書ãè¾¼ã¿ã¾ã™ã€‚wolfssl_connect()ã¾ãŸã¯wolfssl_connect_tlsv13()ã®ä»£ã‚ã‚Šã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€ã‚µãƒ¼ãƒãƒ¼ã«æŽ¥ç¶šã—ã¦ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ãƒ‡ãƒ¼ã‚¿ã‚’é€ã‚Šã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \param [in] データ早期データをä¿æŒã—ã¦ã‚µãƒ¼ãƒãƒ¼ã«æ›¸ã込むãƒãƒƒãƒ•ã‚¡ã€‚
- \param [in] SZãƒã‚¤ãƒˆå˜ä½ã§æ›¸ã込む早期データã®é‡ã€‚
- \param [out] OUTSZãƒã‚¤ãƒˆå˜ä½ã§æ›¸ã‹ã‚ŒãŸæ—©æœŸãƒ‡ãƒ¼ã‚¿ã®é‡ã€‚
- \return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã€SZã¯0未満ã¾ãŸã¯TLSV1.3を使用ã—ãªã„。
- \return SIDE_ERROR サーãƒãƒ¼ã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
- \return WOLFSSL_FATAL_ERROR 接続ãŒè¡Œã‚ã‚Œã¦ã„ãªã„å ´åˆã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³å†é–‹æ™‚ã«ã‚µãƒ¼ãƒãƒ¼ã«ã‚¢ãƒ¼ãƒªãƒ¼ãƒ‡ãƒ¼ã‚¿ã‚’書ãè¾¼ã¿ã¾ã™ã€‚
+ wolfSSL_connect()ã¾ãŸã¯wolfSSL_connect_tlsv13()ã®ä»£ã‚ã‚Šã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€ã‚µãƒ¼ãƒãƒ¼ã«æŽ¥ç¶šã—ã¦ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ãƒ‡ãƒ¼ã‚¿ã‚’é€ã‚Šã¾ã™ã€‚
+ ã“ã®æ©Ÿèƒ½ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚szã¯0未満ã¾ãŸã¯TLSV1.3を使用ã—ãªã„å ´åˆã«ã‚‚è¿”ã•ã‚Œã¾ã™ã€‚
+ \return SIDE_ERROR サーãƒãƒ¼ã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_FATAL_ERROR 接続ãŒè¡Œã‚ã‚Œã¦ã„ãªã„å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] data アーリーデータをä¿æŒã—ã¦ã„ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in] sz 書ã込むアーリーデータã®ã‚µã‚¤ã‚º
+ \param [out] outSz 書ã込んã ã‚¢ãƒ¼ãƒªãƒ¼ãƒ‡ãƒ¼ã‚¿ã®ã‚µã‚¤ã‚º
+
_Example_
\code
int ret = 0;
@@ -9177,19 +10552,20 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
\sa wolfSSL_connect
\sa wolfSSL_connect_TLSv13
*/
-int wolfSSL_write_early_data(OLFSSL* ssl, const void* data,
+int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
int sz, int* outSz);
/*!
- \ingroup IO
- \brief ã“ã®é–¢æ•°ã¯ã€å†é–‹æ™‚ã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‹ã‚‰ã®æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚Šã¾ã™ã€‚wolfssl_accept()ã¾ãŸã¯wolfssl_accept_tlsv13()ã®ä»£ã‚ã‚Šã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚’å—ã‘入れã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯å†…ã®æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚Šã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚ˆã‚Šã‚‚早期データãŒãªã„å ´åˆã¯ã€é€šå¸¸ã¨ã—ã¦å‡¦ç†ã•ã‚Œã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã‚µãƒ¼ãƒãƒ¼ã§ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup IO
+ \brief ã“ã®é–¢æ•°ã¯ã€å†é–‹æ™‚ã«ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‹ã‚‰ã®æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚Šã¾ã™ã€‚wolfssl_accept()ã¾ãŸã¯wolfssl_accept_tlsv13()ã®ä»£ã‚ã‚Šã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¦ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚’å—ã‘入れã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯å†…ã®æ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’読ã¿å–ã‚Šã¾ã™ã€‚ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚ˆã‚Šã‚‚早期データãŒãªã„å ´åˆã¯ã€é€šå¸¸ã¨ã—ã¦å‡¦ç†ã•ã‚Œã¾ã™ã€‚ã“ã®æ©Ÿèƒ½ã¯ã‚µãƒ¼ãƒãƒ¼ã§ã®ã¿ä½¿ç”¨ã•ã‚Œã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param [out] データã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‹ã‚‰èª­ã¿è¾¼ã¾ã‚ŒãŸæ—©æœŸãƒ‡ãƒ¼ã‚¿ã‚’ä¿æŒã™ã‚‹ãŸã‚ã®ãƒãƒƒãƒ•ã‚¡ã€‚
\param [in] ãƒãƒƒãƒ•ã‚¡ã®SZサイズãƒã‚¤ãƒˆæ•°ã€‚
\param [out] OUTSZåˆæœŸãƒ‡ãƒ¼ã‚¿ã®ãƒã‚¤ãƒˆæ•°ã€‚
\return BAD_FUNC_ARG ãƒã‚¤ãƒ³ã‚¿ãƒ‘ラメータãŒNULLã®å ´åˆã€SZã¯0未満ã¾ãŸã¯TLSV1.3を使用ã—ãªã„。
\return SIDE_ERROR クライアントã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
\return WOLFSSL_FATAL_ERROR 接続をå—ã‘入れるã¨å¤±æ•—ã—ãŸå ´åˆ
+
_Example_
\code
int ret = 0;
@@ -9222,9 +10598,10 @@ int wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz,
int* outSz);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続ã®ãƒ—レシェアキー(PSK)クライアントå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造体ã®client_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続ã®ãƒ—レシェアéµï¼ˆPSK)クライアントå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€WOLFSSL_CTX構造体ã®client_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -9239,9 +10616,10 @@ void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX* ctx,
wc_psk_client_tls13_callback cb);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続ã®ãƒ—レシェアキー(PSK)クライアントå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl構造体ã®Optionsフィールドã®client_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -9256,9 +10634,10 @@ void wolfSSL_set_psk_client_tls13_callback(WOLFSSL* ssl,
wc_psk_client_tls13_callback cb);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続用ã®äº‹å‰å…±æœ‰ã‚­ãƒ¼ï¼ˆPSK)サーãƒå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造体ã®server_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
- \param [in,out] ctx wolfssl_ctx_new()ã§ä½œæˆã•ã‚ŒãŸwolfssl_ctx構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続用ã®äº‹å‰å…±æœ‰éµï¼ˆPSK)サーãƒå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx構造体ã®server_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
+ \param [in,out] ctx wolfSSL_CTX_new()ã§ä½œæˆã•ã‚ŒãŸWOLFSSL_CTX構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL_CTX* ctx;
@@ -9273,9 +10652,10 @@ void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX* ctx,
wc_psk_server_tls13_callback cb);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続用ã®äº‹å‰å…±æœ‰ã‚­ãƒ¼ï¼ˆPSK)サーãƒå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl構造体ã®ã‚ªãƒ—ションフィールドã®server_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€TLS v1.3接続用ã®äº‹å‰å…±æœ‰éµï¼ˆPSK)サーãƒå´ã‚³ãƒ¼ãƒ«ãƒãƒƒã‚¯ã‚’設定ã—ã¾ã™ã€‚コールãƒãƒƒã‚¯ã¯PSKアイデンティティを見ã¤ã‘ã€ãã®ã‚­ãƒ¼ã¨ã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«ä½¿ç”¨ã™ã‚‹æš—å·ã®åå‰ã‚’è¿”ã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl構造体ã®ã‚ªãƒ—ションフィールドã®server_psk_tls13_cbメンãƒãƒ¼ã‚’設定ã—ã¾ã™ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
_Example_
\code
WOLFSSL* ssl;
@@ -9290,12 +10670,13 @@ void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl,
wc_psk_server_tls13_callback cb);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ã‚­ãƒ¼ãƒšã‚¢ã®ç”Ÿæˆã‚’å«ã‚€ã‚°ãƒ«ãƒ¼ãƒ—ã‹ã‚‰ã‚­ãƒ¼ã‚·ã‚§ã‚¢ã‚¨ãƒ³ãƒˆãƒªã‚’作æˆã—ã¾ã™ã€‚Keyshareエクステンションã«ã¯ã€éµäº¤æ›ã®ãŸã‚ã®ç”Ÿæˆã•ã‚ŒãŸã™ã¹ã¦ã®å…¬é–‹éµãŒå«ã¾ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®é–¢æ•°ãŒå‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€æŒ‡å®šã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ—ã®ã¿ãŒå«ã¾ã‚Œã¾ã™ã€‚優先グループãŒã‚µãƒ¼ãƒãƒ¼ã«å¯¾ã—ã¦ä»¥å‰ã«ç¢ºç«‹ã•ã‚Œã¦ã„ã‚‹ã¨ãã«ã“ã®é–¢æ•°ã‚’呼ã³å‡ºã—ã¾ã™ã€‚
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
\param [in] キー交æ›ã‚°ãƒ«ãƒ¼ãƒ—識別å­ã‚’グループ化ã—ã¾ã™ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆ
- \return MEMORY_E 動的メモリ割り当ã¦ãŒå¤±æ•—ã™ã‚‹ã¨å¤±æ•—ã™ã‚‹ã¨ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return MEMORY_E 動的メモリ割り当ã¦ã«å¤±æ•—ã™ã‚‹ã¨è¿”ã•ã‚Œã¾ã™ã€‚
+
_Example_
\code
int ret;
@@ -9316,11 +10697,12 @@ void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl,
int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ClientHelloã§éµå…±æœ‰ãŒé€ä¿¡ã•ã‚Œãªã„よã†ã«å‘¼ã³å‡ºã•ã‚Œã¾ã™ã€‚ã“ã‚Œã«ã‚ˆã‚Šã€ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã«éµäº¤æ›ãŒå¿…è¦ãªå ´åˆã¯ã€ã‚µãƒ¼ãƒãƒ¼ãŒHelloretryRequestã§å¿œç­”ã™ã‚‹ã‚ˆã†ã«å¼·åˆ¶ã—ã¾ã™ã€‚予想ã•ã‚Œã‚‹éµäº¤æ›ã‚°ãƒ«ãƒ¼ãƒ—ãŒçŸ¥ã‚‰ã‚Œã¦ãŠã‚‰ãšã€ã‚­ãƒ¼ã®ç”Ÿæˆã‚’ä¸å¿…è¦ã«å›žé¿ã™ã‚‹ã¨ãã«ã“ã®æ©Ÿèƒ½ã‚’呼ã³å‡ºã—ã¾ã™ã€‚éµäº¤æ›ãŒå¿…è¦ãªã¨ãã«ãƒãƒ³ãƒ‰ã‚·ã‚§ã‚¤ã‚¯ã‚’完了ã™ã‚‹ãŸã‚ã«è¿½åŠ ã®å¾€å¾©ãŒå¿…è¦ã«ãªã‚‹ã“ã¨ã«æ³¨æ„ã—ã¦ãã ã•ã„。
- \param [in,out] SSL wolfssl_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸwolfssl構造ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
- \return BAD_FUNC_ARG SSLãŒNULLã®å ´åˆ
+ \param [in,out] ssl wolfSSL_new()を使用ã—ã¦ä½œæˆã•ã‚ŒãŸWOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \return BAD_FUNC_ARG sslãŒNULLã®å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚
\return SIDE_ERROR サーãƒãƒ¼ã§å‘¼ã³å‡ºã•ã‚ŒãŸå ´åˆã€‚
+
_Example_
\code
int ret;
@@ -9336,10 +10718,11 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group);
int wolfSSL_NoKeyShares(WOLFSSL* ssl);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
\param [in] ヒープé™çš„メモリ割り当ã¦ä¸­ã«é™çš„メモリ割り当ã¦å™¨ãŒä½¿ç”¨ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’使用ã—ã¾ã™ã€‚
- \return If æˆåŠŸã™ã‚‹ã¨ã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return æ–°ã—ã作æˆã•ã‚ŒãŸwWOLFSSL_METHOS構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -9367,10 +10750,11 @@ int wolfSSL_NoKeyShares(WOLFSSL* ssl);
WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
\param [in] ヒープé™çš„メモリ割り当ã¦ä¸­ã«é™çš„メモリ割り当ã¦å™¨ãŒä½¿ç”¨ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’使用ã—ã¾ã™ã€‚
- \return If æˆåŠŸã™ã‚‹ã¨ã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \return æ–°ã—ã作æˆã•ã‚ŒãŸwWOLFSSL_METHOS構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -9398,9 +10782,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap);
WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return If æˆåŠŸã™ã‚‹ã¨ã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚µãƒ¼ãƒãƒ¼ã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æ–°ã—ã作æˆã•ã‚ŒãŸwWOLFSSL_METHOS構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -9428,9 +10813,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap);
WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
/*!
- \ingroup Setup
- \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfssl_ctx_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
- \return If æˆåŠŸã™ã‚‹ã¨ã€å‘¼ã³å‡ºã—ã¯æ–°ã—ã作æˆã•ã‚ŒãŸwolfssl_method構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã€ã‚¢ãƒ—リケーションãŒã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã§ã‚ã‚‹ã“ã¨ã‚’示ã™ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã€TLS 1.3プロトコルã®ã¿ã‚’サãƒãƒ¼ãƒˆã—ã¾ã™ã€‚ã“ã®é–¢æ•°ã¯ã€wolfSSL_CTX_new()を使用ã—ã¦SSL / TLSコンテキストを作æˆã™ã‚‹ã¨ãã«ä½¿ç”¨ã•ã‚Œã‚‹æ–°ã—ã„Wolfssl_method構造体ã®ãƒ¡ãƒ¢ãƒªã‚’割り当ã¦ã¦åˆæœŸåŒ–ã—ã¾ã™ã€‚
+ \return æ–°ã—ã作æˆã•ã‚ŒãŸwWOLFSSL_METHOS構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™ã€‚
+
_Example_
\code
#include <wolfssl/ssl.h>
@@ -9458,10 +10844,11 @@ WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ã¾ã ã©ã¡ã‚‰ã®å´ï¼ˆã‚µãƒ¼ãƒ/クライアント)を決定ã—ã¦ã„ãªã„ã“ã¨ã‚’除ã„ã¦ã€Wolftlsv1_3_client_methodã¨åŒæ§˜ã®wolfssl_methodã‚’è¿”ã—ã¾ã™ã€‚
\param [in] ヒープé™çš„メモリ割り当ã¦ä¸­ã«é™çš„メモリ割り当ã¦å™¨ãŒä½¿ç”¨ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’使用ã—ã¾ã™ã€‚
\return WOLFSSL_METHOD æˆåŠŸã—ãŸä½œæˆã§ã¯ã€wolfssl_methodãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
+
_Example_
\code
WOLFSSL* ctx;
@@ -9474,9 +10861,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap);
/*!
- \ingroup Setup
+ \ingroup Setup
\brief ã“ã®é–¢æ•°ã¯ã€ã¾ã ã©ã¡ã‚‰ã®å´ï¼ˆã‚µãƒ¼ãƒ/クライアント)を決定ã—ã¦ã„ãªã„ã“ã¨ã‚’除ã„ã¦ã€Wolftlsv1_3_client_methodã¨åŒæ§˜ã®wolfssl_methodã‚’è¿”ã—ã¾ã™ã€‚
\return WOLFSSL_METHOD æˆåŠŸã—ãŸä½œæˆã§ã¯ã€wolfssl_methodãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
+
_Example_
\code
WOLFSSL* ctx;
@@ -9489,10 +10877,199 @@ WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap);
WOLFSSL_METHOD *wolfTLSv1_3_method(void);
/*!
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€ã‚µãƒ¼ãƒãƒ¼å´ã«Certificateメッセージã§é€ä¿¡ã§ãる証明書タイプを設定ã—ã¾ã™ã€‚
+ サーãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€å—入れå¯èƒ½ãªã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ã¾ã™ã€‚
+ Raw Public Key 証明書をé€å—ä¿¡ã—ãŸã„å ´åˆã«ã¯ã“ã®é–¢æ•°ã‚’使ã£ã¦è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ 設定ã™ã‚‹è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¯å„ªå…ˆåº¦é †ã«æ ¼ç´ã—ãŸãƒã‚¤ãƒˆé…列ã¨ã—ã¦æ¸¡ã—ã¾ã™ã€‚
+ 設定ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã‚¢ãƒ‰ãƒ¬ã‚¹ã«NULLを渡ã™ã‹ã€ã‚ã‚‹ã„ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã«0を渡ã™ã¨è¦å®šå€¤ã«ã‚‚ã©ã™ã“ã¨ãŒã§ãã¾ã™ã€‚
+ è¦å®šå€¤ã¯X509証明書(WOLFSSL_CERT_TYPE_X509)ã®ã¿ã‚’扱ã†è¨­å®šã¨ãªã£ã¦ã„ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸ
+ \return BAD_FUNC_ARG ctxã¨ã—ã¦NULLを渡ã—ãŸã€ã‚ã‚‹ã„ã¯ä¸æ­£ãªè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を指定ã—ãŸã€
+ ã‚ã‚‹ã„ã¯MAX_CLIENT_CERT_TYPE_CNT以上ã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’指定ã—ãŸã€ã‚ã‚‹ã„ã¯æŒ‡å®šã®è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã«é‡è¤‡ãŒã‚ã‚‹
+ \param ctx wolfssl_ctxコンテキストãƒã‚¤ãƒ³ã‚¿
+ \param ctype 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param len 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°ï¼‰
+ _Example_
+ \code
+ int ret;
+ WOLFSSL_CTX* ctx;
+ char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(ctype)/sizeof(byte);
+ ...
+
+ ret = wolfSSL_CTX_set_client_cert_type(ctx, ctype, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã«Certificateメッセージã§é€ä¿¡ã§ãる証明書タイプを設定ã—ã¾ã™ã€‚
+ クライアントå´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€å—入れå¯èƒ½ãªã‚µãƒ¼ãƒãƒ¼è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ã¾ã™ã€‚
+ Raw Public Key 証明書をé€å—ä¿¡ã—ãŸã„å ´åˆã«ã¯ã“ã®é–¢æ•°ã‚’使ã£ã¦è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ 設定ã™ã‚‹è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¯å„ªå…ˆåº¦é †ã«æ ¼ç´ã—ãŸãƒã‚¤ãƒˆé…列ã¨ã—ã¦æ¸¡ã—ã¾ã™ã€‚
+ 設定ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã‚¢ãƒ‰ãƒ¬ã‚¹ã«NULLを渡ã™ã‹ã€ã‚ã‚‹ã„ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã«0を渡ã™ã¨è¦å®šå€¤ã«ã‚‚ã©ã™ã“ã¨ãŒã§ãã¾ã™ã€‚
+ è¦å®šå€¤ã¯X509証明書(WOLFSSL_CERT_TYPE_X509)ã®ã¿ã‚’扱ã†è¨­å®šã¨ãªã£ã¦ã„ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸ
+ \return BAD_FUNC_ARG ctxã¨ã—ã¦NULLを渡ã—ãŸã€ã‚ã‚‹ã„ã¯ä¸æ­£ãªè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を指定ã—ãŸã€
+ ã‚ã‚‹ã„ã¯MAX_SERVER_CERT_TYPE_CNT以上ã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’指定ã—ãŸã€ã‚ã‚‹ã„ã¯æŒ‡å®šã®è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã«é‡è¤‡ãŒã‚ã‚‹
+
+ \param ctx wolfssl_ctxコンテキストãƒã‚¤ãƒ³ã‚¿
+ \param ctype 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param len 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°ï¼‰
+ _Example_
+ \code
+ int ret;
+ WOLFSSL_CTX* ctx;
+ char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(ctype)/sizeof(byte);
+ ...
+
+ ret = wolfSSL_CTX_set_server_cert_type(ctx, ctype, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€ã‚µãƒ¼ãƒãƒ¼å´ã«Certificateメッセージã§é€ä¿¡ã§ãる証明書タイプを設定ã—ã¾ã™ã€‚
+ サーãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€å—入れå¯èƒ½ãªã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ã¾ã™ã€‚
+ Raw Public Key 証明書をé€å—ä¿¡ã—ãŸã„å ´åˆã«ã¯ã“ã®é–¢æ•°ã‚’使ã£ã¦è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ 設定ã™ã‚‹è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¯å„ªå…ˆåº¦é †ã«æ ¼ç´ã—ãŸãƒã‚¤ãƒˆé…列ã¨ã—ã¦æ¸¡ã—ã¾ã™ã€‚
+ 設定ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã‚¢ãƒ‰ãƒ¬ã‚¹ã«NULLを渡ã™ã‹ã€ã‚ã‚‹ã„ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã«0を渡ã™ã¨è¦å®šå€¤ã«ã‚‚ã©ã™ã“ã¨ãŒã§ãã¾ã™ã€‚
+ è¦å®šå€¤ã¯X509証明書(WOLFSSL_CERT_TYPE_X509)ã®ã¿ã‚’扱ã†è¨­å®šã¨ãªã£ã¦ã„ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸ
+ \return BAD_FUNC_ARG sslã¨ã—ã¦NULLを渡ã—ãŸã€ã‚ã‚‹ã„ã¯ä¸æ­£ãªè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を指定ã—ãŸã€
+ ã‚ã‚‹ã„ã¯MAX_CLIENT_CERT_TYPE_CNT以上ã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’指定ã—ãŸã€ã‚ã‚‹ã„ã¯æŒ‡å®šã®è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã«é‡è¤‡ãŒã‚ã‚‹
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param ctype 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param len 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°ï¼‰
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(ctype)/sizeof(byte);
+ ...
+
+ ret = wolfSSL_set_client_cert_type(ssl, ctype, len);
+ \endcode
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_client_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
+ \ingroup Setup
+ \brief ã“ã®é–¢æ•°ã¯ã‚µãƒ¼ãƒãƒ¼å´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆå´ã«Certificateメッセージã§é€ä¿¡ã§ãる証明書タイプを設定ã—ã¾ã™ã€‚
+ クライアントå´ã§å‘¼ã³å‡ºã•ã‚Œã‚‹å ´åˆã«ã¯ã€å—入れå¯èƒ½ãªã‚µãƒ¼ãƒãƒ¼è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ã¾ã™ã€‚
+ Raw Public Key 証明書をé€å—ä¿¡ã—ãŸã„å ´åˆã«ã¯ã“ã®é–¢æ•°ã‚’使ã£ã¦è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を設定ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ 設定ã™ã‚‹è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¯å„ªå…ˆåº¦é †ã«æ ¼ç´ã—ãŸãƒã‚¤ãƒˆé…列ã¨ã—ã¦æ¸¡ã—ã¾ã™ã€‚
+ 設定ã™ã‚‹ãƒãƒƒãƒ•ã‚¡ã‚¢ãƒ‰ãƒ¬ã‚¹ã«NULLを渡ã™ã‹ã€ã‚ã‚‹ã„ã¯ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã«0を渡ã™ã¨è¦å®šå€¤ã«ã‚‚ã©ã™ã“ã¨ãŒã§ãã¾ã™ã€‚
+ è¦å®šå€¤ã¯X509証明書(WOLFSSL_CERT_TYPE_X509)ã®ã¿ã‚’扱ã†è¨­å®šã¨ãªã£ã¦ã„ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸ
+ \return BAD_FUNC_ARG ctxã¨ã—ã¦NULLを渡ã—ãŸã€ã‚ã‚‹ã„ã¯ä¸æ­£ãªè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—を指定ã—ãŸã€
+ ã‚ã‚‹ã„ã¯MAX_SERVER_CERT_TYPE_CNT以上ã®ãƒãƒƒãƒ•ã‚¡ã‚µã‚¤ã‚ºã‚’指定ã—ãŸã€ã‚ã‚‹ã„ã¯æŒ‡å®šã®è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã«é‡è¤‡ãŒã‚ã‚‹
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param ctype 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param len 証明書タイプを格ç´ã—ãŸãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºï¼ˆãƒã‚¤ãƒˆæ•°ï¼‰
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(ctype)/sizeof(byte);
+ ...
+
+ ret = wolfSSL_set_server_cert_type(ssl, ctype, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_server_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
\ingroup SSL
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯çµ‚了後ã«å‘¼ã³å‡ºã—ã€ç›¸æ‰‹ã¨ã®ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ã®çµæžœå¾—られãŸã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã‚’è¿”ã—ã¾ã™ã€‚
+ ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ãŒç™ºç”Ÿã—ãªã„å ´åˆã«ã¯æˆ»ã‚Šå€¤ã¨ã—ã¦WOLFSSL_SUCCESSãŒè¿”ã•ã‚Œã¾ã™ãŒã€
+ 証明書タイプã¨ã—ã¦ã¯WOLFSSL_CERT_TYPE_UNKNOWNãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«ã‹ãˆã‚Šã¾ã™ã€‚tpã«è¿”ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¯WOLFSSL_CERT_TYPE_X509,
+ WOLFSSL_CERT_TYPE_RPK ã‚ã‚‹ã„ã¯WOLFSSL_CERT_TYPE_UNKNOWNã®ã„ãšã‚Œã‹ã¨ãªã‚Šã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslã¨ã—ã¦NULLを渡ã—ãŸã€ã‚ã‚‹ã„ã¯tpã¨ã—ã¦NULLを渡ã—ãŸ
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param tp 証明書タイプãŒè¿”ã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ int tp;
+ ...
+
+ ret = wolfSSL_get_negotiated_client_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
+ \ingroup SSL
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯çµ‚了後ã«å‘¼ã³å‡ºã—ã€ç›¸æ‰‹ã¨ã®ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ã®çµæžœå¾—られãŸã‚µãƒ¼ãƒãƒ¼è¨¼æ˜Žæ›¸ã®ã‚¿ã‚¤ãƒ—ã‚’è¿”ã—ã¾ã™ã€‚
+ ãƒã‚´ã‚·ã‚¨ãƒ¼ã‚·ãƒ§ãƒ³ãŒç™ºç”Ÿã—ãªã„å ´åˆã«ã¯æˆ»ã‚Šå€¤ã¨ã—ã¦WOLFSSL_SUCCESSãŒè¿”ã•ã‚Œã¾ã™ãŒã€è¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¨ã—ã¦ã¯WOLFSSL_CERT_TYPE_UNKNOWNãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«ã‹ãˆã‚Šã¾ã™ã€‚tpã«è¿”ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ã‚¿ã‚¤ãƒ—ã¯WOLFSSL_CERT_TYPE_X509,
+ WOLFSSL_CERT_TYPE_RPK ã‚ã‚‹ã„ã¯WOLFSSL_CERT_TYPE_UNKNOWNã®ã„ãšã‚Œã‹ã¨ãªã‚Šã¾ã™ã€‚
+ \return BAD_FUNC_ARG sslã¨ã—ã¦NULLを渡ã—ãŸã€ã‚ã‚‹ã„ã¯tpã¨ã—ã¦NULLを渡ã—ãŸ
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param tp 証明書タイプãŒè¿”ã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ int tp;
+ ...
+
+ ret = wolfSSL_get_negotiated_server_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ */
+int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
+ \ingroup SSL
\brief ã“ã®é–¢æ•°ã¯ãƒ†ã‚¹ãƒˆã®ãŸã‚ã®å›ºå®š/é™çš„ãªã‚¨ãƒ•ã‚§ãƒ©ãƒ«ã‚­ãƒ¼ã‚’設定ã—ã¾ã™ã€‚
- \return 0 キーãŒæ­£å¸¸ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã¾ã—ãŸ
- \param ctx wolfssl_ctxコンテキストãƒã‚¤ãƒ³ã‚¿
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ctx WOLFSSL_CTXコンテキストãƒã‚¤ãƒ³ã‚¿
\param keyAlgo WC_PK_TYPE_DHãŠã‚ˆã³WC_PK_TYPE_ECDHã®ã‚ˆã†ãªenum wc_pktype
\param key キーファイルパス(Keysz == 0)ã¾ãŸã¯å®Ÿéš›ã®ã‚­ãƒ¼ãƒãƒƒãƒ•ã‚¡ï¼ˆPEMã¾ãŸã¯ASN.1)
\param keySz キーサイズ(「キーã€argã¯ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘スã®å ´åˆã¯0ã«ãªã‚Šã¾ã™ï¼‰
@@ -9501,10 +11078,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_method(void);
int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key, unsigned int keySz, int format);
/*!
- \ingroup SSL
+ \ingroup SSL
\brief ã“ã®é–¢æ•°ã¯ãƒ†ã‚¹ãƒˆã®ãŸã‚ã®å›ºå®š/é™çš„ãªã‚¨ãƒ•ã‚§ãƒ©ãƒ«ã‚­ãƒ¼ã‚’設定ã—ã¾ã™ã€‚
- \return 0 キーãŒæ­£å¸¸ã«ãƒ­ãƒ¼ãƒ‰ã•ã‚Œã¾ã—ãŸ
- \param ssl wolfsslオブジェクトãƒã‚¤ãƒ³ã‚¿
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param keyAlgo WC_PK_TYPE_DHãŠã‚ˆã³WC_PK_TYPE_ECDHã®ã‚ˆã†ãªenum wc_pktype
\param key キーファイルパス(Keysz == 0)ã¾ãŸã¯å®Ÿéš›ã®ã‚­ãƒ¼ãƒãƒƒãƒ•ã‚¡ï¼ˆPEMã¾ãŸã¯ASN.1)
\param keySz キーサイズ(「キーã€argã¯ãƒ•ã‚¡ã‚¤ãƒ«ãƒ‘スã®å ´åˆã¯0ã«ãªã‚Šã¾ã™ï¼‰
@@ -9513,42 +11090,225 @@ int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key
int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format);
/*!
- \ingroup SSL
- \brief ã“ã®é–¢æ•°ã¯asn.1 / derã¨ã—ã¦ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸã‚­ãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
- \return 0 キーãŒæ­£å¸¸ã«æˆ»ã‚Šã¾ã—ãŸ
+ \ingroup SSL
+ \brief ã“ã®é–¢æ•°ã¯ ASN.1/DERã¨ã—ã¦ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸã‚­ãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
\param ctx wolfssl_ctxコンテキストãƒã‚¤ãƒ³ã‚¿
\param keyAlgo WC_PK_TYPE_DHãŠã‚ˆã³WC_PK_TYPE_ECDHã®ã‚ˆã†ãªenum wc_pktype
\param key キーãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿
\sa wolfSSL_CTX_set_ephemeral_key
*/
-int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
+int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
const unsigned char** key, unsigned int* keySz);
/*!
- \ingroup SSL
- \brief ã“ã®é–¢æ•°ã¯asn.1 / derã¨ã—ã¦ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸã‚­ãƒ¼ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
- \return 0 キーãŒæ­£å¸¸ã«æˆ»ã‚Šã¾ã—ãŸ
- \param ssl wolfsslオブジェクトãƒã‚¤ãƒ³ã‚¿
+ \ingroup SSL
+ \brief ã“ã®é–¢æ•°ã¯ ASN.1/DERã¨ã—ã¦ãƒ­ãƒ¼ãƒ‰ã•ã‚ŒãŸéµã¸ã®ãƒã‚¤ãƒ³ã‚¿ã‚’è¿”ã—ã¾ã™
+ \return 0 æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
\param keyAlgo WC_PK_TYPE_DHãŠã‚ˆã³WC_PK_TYPE_ECDHã®ã‚ˆã†ãªenum wc_pktype
\param key キーãƒãƒƒãƒ•ã‚¡ãƒã‚¤ãƒ³ã‚¿
\sa wolfSSL_set_ephemeral_key
*/
-int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
+int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
const unsigned char** key, unsigned int* keySz);
/*!
- \ingroup SSL
- \brief é¸æŠžã—ãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã€ãƒ‘ディングã€ãŠã‚ˆã³RSAキーを使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã™ã‚‹
- \return WOLFSSL_SUCCESS Errorã®æˆåŠŸã¨wolfssl_failureã«ã¤ã„ã¦
+ \ingroup SSL
+ \brief é¸æŠžã—ãŸãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã€ãƒ‘ディングã€ãŠã‚ˆã³RSAキーを使用ã—ã¦ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã«ç½²åã—ã¾ã™ã€‚
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚
+ \return WOLFSSL_FAILURE エラー発生時ã«è¿”ã•ã‚Œã¾ã™ã€‚
+
\param type ãƒãƒƒã‚·ãƒ¥NID
- \param m ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã€‚ã“ã‚Œã¯ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆã«ãªã‚‹å¯èƒ½æ€§ãŒé«˜ã„
+ \param m ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã€‚ã“ã‚Œã¯ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®ãƒ€ã‚¤ã‚¸ã‚§ã‚¹ãƒˆ
\param mLen ç½²åã™ã‚‹ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ã®é•·ã•
- \param sigRet 出力ãƒãƒƒãƒ•ã‚¡
- \param sigLen オン入力:出力時ã®Sigretãƒãƒƒãƒ•ã‚¡ã®é•·ã•ï¼šSigretã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®é•·ã•
- \param rsa RSAキー入力ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã¾ã™
+ \param sigRet 出力ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+ \param sigLen 入力時ã«ã¯sigRetã®é•·ã•ã‚’指定ã—ã¾ã™ã€‚出力時ã«ã¯sigRetã«æ›¸ãè¾¼ã¾ã‚ŒãŸãƒ‡ãƒ¼ã‚¿ã®é•·ã•ã‚’æ ¼ç´ã—ã¾ã™ã€‚
+ \param rsa 入力ã«ç½²åã™ã‚‹ãŸã‚ã«ä½¿ç”¨ã•ã‚Œã‚‹RSAéµ
\param flag 1:シグニãƒãƒ£0:未パワード署åを比較ã™ã‚‹å€¤ã‚’出力ã—ã¾ã™ã€‚注:RSA_PKCS1_PSS_PADDINGã®å ´åˆã¯ã€wc_rsapss_checkpadding_ex関数を使用ã—ã¦* VERIFY *関数ã®å‡ºåŠ›ã‚’確èªã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
+ \param padding パディング
*/
int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
unsigned int mLen, unsigned char* sigRet,
unsigned int* sigLen, WOLFSSL_RSA* rsa,
int flag, int padding);
+
+/*!
+ \ingroup SSL
+ \brief DTLSv1.3 é€ä¿¡æ¸ˆã¿ã ãŒã¾ã ç›¸æ‰‹ã‹ã‚‰ã‚¢ã‚¯ãƒŽãƒªãƒƒã‚¸ã‚’å—ã‘ã¨ã£ã¦ã„ãªã„メッセージãŒã‚ã‚‹ã‹èª¿ã¹ã¾ã™ã€‚
+
+ \return 1 ペンディングã®ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒã‚ã‚‹å ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯0ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+*/
+int wolfSSL_dtls13_has_pending_msg(WOLFSSL *ssl);
+
+/*!
+ \ingroup SSL
+ \brief アーリーデータã®æœ€å¤§ã‚µã‚¤ã‚ºã‚’å–å¾—ã—ã¾ã™ã€‚
+
+ \param [in] s WOLFSSL_SESSION構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ \return アーリーデータã®æœ€å¤§ã‚µã‚¤ã‚ºï¼ˆmax_early_data)
+ \param s WOLFSSL_SESSION構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿
+
+ \sa wolfSSL_set_max_early_data
+ \sa wolfSSL_write_early_data
+ \sa wolfSSL_read_early_data
+ */
+unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s);
+
+/*!
+ \ingroup SSL
+ \brief Get a new index for external data. This entry applies also for the
+ following API:
+ - wolfSSL_CTX_get_ex_new_index
+ - wolfSSL_get_ex_new_index
+ - wolfSSL_SESSION_get_ex_new_index
+ - wolfSSL_X509_get_ex_new_index
+
+ \param [in] All input parameters are ignored. The callback functions are not
+ supported with wolfSSL.
+
+ \return The new index value to be used with the external data API for this
+ object class.
+ */
+int wolfSSL_CRYPTO_get_ex_new_index(int, void*, void*, void*, void*);
+
+/*!
+
+ \brief コãƒã‚¯ã‚·ãƒ§ãƒ³ID拡張を有効ã«ã—ã¾ã™ã€‚RFC9146ã¨RFC9147ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
+ \return WOLFSSL_SUCCESS æˆåŠŸæ™‚ã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_use(WOLFSSL* ssl);
+
+/*!
+
+ \brief ã“ã®é–¢æ•°ã¯ãƒãƒ³ãƒ‰ã‚·ã‚§ãƒ¼ã‚¯ãŒå®Œäº†ã—ãŸå¾Œã«å‘¼ã³å‡ºã•ã‚Œã‚‹ã¨ã€ã‚³ãƒã‚¯ã‚·ãƒ§ãƒ³IDãŒãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã•ã‚ŒãŸã‹ã©ã†ã‹ç¢ºèªã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
+ RFC9146ã¨RFC9147ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
+ \return 1 コãƒã‚¯ã‚·ãƒ§ãƒ³IDãŒãƒã‚´ã‚·ã‚¨ãƒ¼ãƒˆã•ã‚ŒãŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯0ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_is_enabled(WOLFSSL* ssl);
+
+/*!
+
+ \brief ã“ã®ã‚³ãƒã‚¯ã‚·ãƒ§ãƒ³ã§ä»–ã®ãƒ”ã‚¢ã«å¯¾ã—ã¦ãƒ¬ã‚³ãƒ¼ãƒ‰ã‚’é€ä¿¡ã™ã‚‹ãŸã‚ã®ã‚³ãƒã‚¯ã‚·ãƒ§ãƒ³IDをセットã—ã¾ã™ã€‚
+ RFC9146ã¨RFC9147ã‚’å‚ç…§ã—ã¦ãã ã•ã„。コãƒã‚¯ã‚·ãƒ§ãƒ³IDã¯æœ€å¤§å€¤ãŒDTLS_CID_MAX_SIZEã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。
+ DTLS_CID_MAX_SIZEã¯ãƒ“ルド時ã«å€¤ã‚’指定ãŒå¯èƒ½ã§ã™ãŒ255ãƒã‚¤ãƒˆã‚’ã“ãˆã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“。
+
+
+ \return WOLFSSL_SUCCESS コãƒã‚¯ã‚·ãƒ§ãƒ³IDãŒã‚»ãƒƒãƒˆã§ããŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param cid コãƒã‚¯ã‚·ãƒ§ãƒ³ID
+ \param size コãƒã‚¯ã‚·ãƒ§ãƒ³IDã®ã‚µã‚¤ã‚º
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_set(WOLFSSL* ssl, unsigned char* cid,
+ unsigned int size);
+
+/*!
+
+ \brief コãƒã‚¯ã‚·ãƒ§ãƒ³IDã®ã‚µã‚¤ã‚ºã‚’å–å¾—ã—ã¾ã™ã€‚RFC9146ã¨RFC9147ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+
+ \return WOLFSSL_SUCCESS コãƒã‚¯ã‚·ãƒ§ãƒ³IDãŒå–å¾—ã§ããŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param size コãƒã‚¯ã‚·ãƒ§ãƒ³IDã®ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹int型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_get_rx_size(WOLFSSL* ssl,
+ unsigned int* size);
+
+/*!
+
+ \brief コãƒã‚¯ã‚·ãƒ§ãƒ³IDを引数bufferã§æŒ‡å®šã•ã‚ŒãŸãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚
+ RFC9146ã¨RFC9147ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+ ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã¯å¼•æ•°bufferSzã§æŒ‡å®šã—ã¦ãã ã•ã„。
+
+ \return WOLFSSL_SUCCESS コãƒã‚¯ã‚·ãƒ§ãƒ³IDãŒå–å¾—ã§ããŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param buffer コãƒã‚¯ã‚·ãƒ§ãƒ³IDãŒã‚³ãƒ”ーã•ã‚Œã‚‹å…ˆã®ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param bufferSz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_get_rx(WOLFSSL* ssl, unsigned char* buffer,
+ unsigned int bufferSz);
+
+/*!
+
+ \brief コãƒã‚¯ã‚·ãƒ§ãƒ³IDã®ã‚µã‚¤ã‚ºã‚’å–å¾—ã—ã¾ã™ã€‚c
+ サイズã¯å¼•æ•°size変数ã«æ ¼ç´ã•ã‚Œã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS コãƒã‚¯ã‚·ãƒ§ãƒ³IDã®ã‚µã‚¤ã‚ºãŒå–å¾—ã§ããŸå ´åˆã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param size コãƒã‚¯ã‚·ãƒ§ãƒ³IDã®ã‚µã‚¤ã‚ºã‚’æ ¼ç´ã™ã‚‹int型変数ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_get_tx_size(WOLFSSL* ssl, unsigned int* size);
+
+/*!
+
+ \brief コãƒã‚¯ã‚·ãƒ§ãƒ³IDを引ãæ•°bufferã§æŒ‡å®šã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã«ã‚³ãƒ”ーã—ã¾ã™ã€‚RFC9146ã¨RFC9147ã‚’å‚ç…§ã—ã¦ãã ã•ã„。
+ ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚ºã¯å¼•ãæ•°bufferSzã§æŒ‡å®šã—ã¾ã™ã€‚
+
+ \return WOLFSSL_SUCCESS ConnectionIDãŒæ­£å¸¸ã«ã‚³ãƒ”ーã•ã‚ŒãŸéš›ã«è¿”ã•ã‚Œã¾ã™ã€‚ãれ以外ã¯ã‚¨ãƒ©ãƒ¼ã‚³ãƒ¼ãƒ‰ãŒè¿”ã•ã‚Œã¾ã™ã€‚
+
+ \param ssl WOLFSSL構造体ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param buffer ConnectionIDãŒã‚³ãƒ”ーã•ã‚Œã‚‹ãƒãƒƒãƒ•ã‚¡ã¸ã®ãƒã‚¤ãƒ³ã‚¿ã€‚
+ \param bufferSz ãƒãƒƒãƒ•ã‚¡ã®ã‚µã‚¤ã‚º
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+*/
+int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
+ unsigned int bufferSz);
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h
index 3a9b974f..997bc58c 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h
@@ -20,6 +20,9 @@
int ret = 0;
byte key[] = { some 16, 24 or 32 byte key };
byte iv[] = { some 16 byte iv };
+ if (ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID) != 0) {
+ // failed to initialize aes key
+ }
if (ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv,
AES_ENCRYPTION) != 0) {
// failed to set aes key
@@ -94,7 +97,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv);
\code
Aes enc;
int ret = 0;
- // initialize enc with AesSetKey, using direction AES_ENCRYPTION
+ // initialize enc with wc_AesInit and wc_AesSetKey, using direction
+ // AES_ENCRYPTION
byte msg[AES_BLOCK_SIZE * n]; // multiple of 16 bytes
// fill msg with data
byte cipher[AES_BLOCK_SIZE * n]; // Some multiple of 16 bytes
@@ -103,6 +107,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv);
}
\endcode
+ \sa wc_AesInit
\sa wc_AesSetKey
\sa wc_AesSetIV
\sa wc_AesCbcDecrypt
@@ -146,7 +151,8 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out,
\code
Aes dec;
int ret = 0;
- // initialize dec with AesSetKey, using direction AES_DECRYPTION
+ // initialize dec with wc_AesInit and wc_AesSetKey, using direction
+ // AES_DECRYPTION
byte cipher[AES_BLOCK_SIZE * n]; // some multiple of 16 bytes
// fill cipher with cipher text
byte plain [AES_BLOCK_SIZE * n];
@@ -155,6 +161,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out,
}
\endcode
+ \sa wc_AesInit
\sa wc_AesSetKey
\sa wc_AesCbcEncrypt
*/
@@ -187,11 +194,10 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out,
\code
Aes enc;
Aes dec;
- // initialize enc and dec with AesSetKeyDirect, using direction
- AES_ENCRYPTION
- // since the underlying API only calls Encrypt and by default calling
- encrypt on
- // a cipher results in a decryption of the cipher
+ // initialize enc and dec with wc_AesInit and wc_AesSetKeyDirect, using
+ // direction AES_ENCRYPTION since the underlying API only calls Encrypt
+ // and by default calling encrypt on a cipher results in a decryption of
+ // the cipher
byte msg[AES_BLOCK_SIZE * n]; //n being a positive integer making msg
some multiple of 16 bytes
@@ -229,7 +235,8 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
_Example_
\code
Aes enc;
- // initialize enc with AesSetKey, using direction AES_ENCRYPTION
+ // initialize enc with wc_AesInit and wc_AesSetKey, using direction
+ // AES_ENCRYPTION
byte msg [AES_BLOCK_SIZE]; // 16 bytes
// initialize msg with plain text to encrypt
byte cipher[AES_BLOCK_SIZE];
@@ -263,7 +270,8 @@ int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
_Example_
\code
Aes dec;
- // initialize enc with AesSetKey, using direction AES_DECRYPTION
+ // initialize enc with wc_AesInit and wc_AesSetKey, using direction
+ // AES_DECRYPTION
byte cipher [AES_BLOCK_SIZE]; // 16 bytes
// initialize cipher with cipher text to decrypt
byte msg[AES_BLOCK_SIZE];
@@ -303,6 +311,10 @@ int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
int ret = 0;
byte key[] = { some 16, 24, or 32 byte key };
byte iv[] = { some 16 byte iv };
+
+ if (ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID) != 0) {
+ // failed to initialize aes key
+ }
if (ret = wc_AesSetKeyDirect(&enc, key, sizeof(key), iv,
AES_ENCRYPTION) != 0) {
// failed to set aes key
@@ -335,6 +347,9 @@ int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
Aes enc;
int ret = 0;
byte key[] = { some 16, 24,32 byte key };
+ if (ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID) != 0) {
+ // failed to initialize aes key
+ }
if (ret = wc_AesGcmSetKey(&enc, key, sizeof(key)) != 0) {
// failed to set aes key
}
@@ -373,7 +388,7 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
_Example_
\code
Aes enc;
- // initialize aes structure by calling wc_AesGcmSetKey
+ // initialize Aes structure by calling wc_AesInit() and wc_AesGcmSetKey
byte plain[AES_BLOCK_LENGTH * n]; //n being a positive integer
making plain some multiple of 16 bytes
@@ -424,7 +439,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
_Example_
\code
Aes enc; //can use the same struct as was passed to wc_AesGcmEncrypt
- // initialize aes structure by calling wc_AesGcmSetKey if not already done
+ // initialize aes structure by calling wc_AesInit and wc_AesGcmSetKey
+ // if not already done
byte cipher[AES_BLOCK_LENGTH * n]; //n being a positive integer
making cipher some multiple of 16 bytes
@@ -529,7 +545,8 @@ int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
Aes enc;
key[] = { some 16, 24, or 32 byte length key };
- wc_AesCcmSetKey(&aes, key, sizeof(key));
+ wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID); // Make sure devId updated
+ wc_AesCcmSetKey(&enc, key, sizeof(key));
\endcode
\sa wc_AesCcmEncrypt
@@ -564,7 +581,7 @@ int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
_Example_
\code
Aes enc;
- // initialize enc with wc_AesCcmSetKey
+ // initialize enc with wc_AesInit and wc_AesCcmSetKey
nonce[] = { initialize nonce };
plain[] = { some plain text message };
@@ -616,7 +633,7 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out,
_Example_
\code
Aes dec;
- // initialize dec with wc_AesCcmSetKey
+ // initialize dec with wc_AesInit and wc_AesCcmSetKey
nonce[] = { initialize nonce };
cipher[] = { encrypted message };
@@ -644,6 +661,82 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
/*!
\ingroup AES
+ \brief This is to initialize an AES-XTS context. It is up to user to call
+ wc_AesXtsFree on aes key when done.
+
+ \return 0 Success
+
+ \param aes AES keys for encrypt/decrypt process
+ \param heap heap hint to use for memory. Can be NULL
+ \param devId id to use with async crypto. Can be 0
+
+ _Example_
+ \code
+ XtsAes aes;
+
+ if(wc_AesXtsInit(&aes, NULL, 0) != 0)
+ {
+ // Handle error
+ }
+ if(wc_AesXtsSetKeyNoInit(&aes, key, sizeof(key), AES_ENCRYPTION) != 0)
+ {
+ // Handle error
+ }
+ wc_AesXtsFree(&aes);
+ \endcode
+
+ \sa wc_AesXtsSetKey
+ \sa wc_AesXtsSetKeyNoInit
+ \sa wc_AesXtsEncrypt
+ \sa wc_AesXtsDecrypt
+ \sa wc_AesXtsFree
+*/
+int wc_AesXtsInit(XtsAes* aes, void* heap, int devId);
+
+
+/*!
+ \ingroup AES
+
+ \brief This is to help with setting keys to correct encrypt or decrypt type,
+ after first calling wc_AesXtsInit(). It is up to user to call wc_AesXtsFree
+ on aes key when done.
+
+ \return 0 Success
+
+ \param aes AES keys for encrypt/decrypt process
+ \param key buffer holding aes key | tweak key
+ \param len length of key buffer in bytes. Should be twice that of
+ key size.
+ i.e. 32 for a 16 byte key.
+ \param dir direction, either AES_ENCRYPTION or AES_DECRYPTION
+
+ _Example_
+ \code
+ XtsAes aes;
+
+ if(wc_AesXtsInit(&aes, NULL, 0) != 0)
+ {
+ // Handle error
+ }
+ if(wc_AesXtsSetKeyNoInit(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0)
+ != 0)
+ {
+ // Handle error
+ }
+ wc_AesXtsFree(&aes);
+ \endcode
+
+ \sa wc_AesXtsEncrypt
+ \sa wc_AesXtsDecrypt
+ \sa wc_AesXtsFree
+*/
+int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key,
+ word32 len, int dir);
+
+
+/*!
+ \ingroup AES
+
\brief This is to help with setting keys to correct encrypt or
decrypt type. It is up to user to call wc_AesXtsFree on aes key when done.
@@ -669,6 +762,8 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out,
wc_AesXtsFree(&aes);
\endcode
+ \sa wc_AesXtsInit
+ \sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
\sa wc_AesXtsFree
@@ -709,6 +804,8 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
+ \sa wc_AesXtsInit
+ \sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
@@ -748,6 +845,8 @@ int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
+ \sa wc_AesXtsInit
+ \sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
@@ -788,6 +887,8 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
\endcode
\sa wc_AesXtsDecrypt
+ \sa wc_AesXtsInit
+ \sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
@@ -827,6 +928,8 @@ int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
\endcode
\sa wc_AesXtsEncrypt
+ \sa wc_AesXtsInit
+ \sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey
\sa wc_AesXtsFree
*/
@@ -855,6 +958,8 @@ int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
\sa wc_AesXtsEncrypt
\sa wc_AesXtsDecrypt
+ \sa wc_AesXtsInit
+ \sa wc_AesXtsSetKeyNoInit
\sa wc_AesXtsSetKey
*/
int wc_AesXtsFree(XtsAes* aes);
@@ -1035,7 +1140,7 @@ int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
\return BAD_FUNC_ARG If key, SIV, or output buffer are NULL. Also returned
if the key size isn't 32, 48, or 64 bytes.
\return AES_SIV_AUTH_E If the SIV derived by S2V doesn't match the input
- SIV (see RFC 5297 2.7).
+ SIV (see RFC 5297 2.7).
\return Other Other negative error values returned if AES or CMAC operations
fail.
@@ -1072,3 +1177,553 @@ int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
word32 assocSz, const byte* nonce, word32 nonceSz,
const byte* in, word32 inSz, byte* siv, byte* out);
+
+
+
+
+
+
+
+/*!
+ \ingroup AES
+
+ \brief This function performs AES EAX encryption and authentication as
+ described in "EAX: A Conventional Authenticated-Encryption Mode"
+ (https://eprint.iacr.org/2003/069). It is a "one-shot" API that performs
+ all encryption and authentication operations in one function call.
+
+ \return 0 on successful encryption.
+ \return BAD_FUNC_ARG if input or output buffers are NULL. Also returned
+ if the key size isn't a valid AES key size (16, 24, or 32 bytes)
+ \return other negative error values returned if AES or CMAC operations
+ fail.
+
+ \param key buffer containing the key to use
+ \param keySz length of the key buffer in bytes
+ \param[out] out buffer to hold the ciphertext. Should be the same length as
+ the plaintext buffer
+ \param in plaintext buffer to encrypt
+ \param inSz length of plaintext buffer
+ \param nonce the cryptographic nonce to use for EAX operations
+ \param nonceSz length of nonce buffer in bytes
+ \param[out] authTag pointer to the buffer in which to store the
+ authentication tag
+ \param authTagSz length of the desired authentication tag
+ \param authIn pointer to the buffer containing input data to authenticate
+ \param authInSz length of the input authentication data
+
+ _Example_
+ \code
+ byte key[] = { some 32, 48, or 64 byte key };
+ byte nonce[] = {0x04, 0x5, 0x6};
+ byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
+ byte authIn[] = {0x01, 0x2, 0x3};
+
+ byte cipherText[sizeof(plainText)]; // output ciphertext
+ byte authTag[length, up to AES_BLOCK_SIZE]; // output authTag
+
+ if (wc_AesEaxEncrypt(key, sizeof(key),
+ cipherText, plainText, sizeof(plainText),
+ nonce, sizeof(nonce),
+ authTag, sizeof(authTag),
+ authIn, sizeof(authIn)) != 0) {
+ // failed to encrypt
+ }
+
+ \endcode
+
+ \sa wc_AesEaxDecryptAuth
+
+*/
+WOLFSSL_API int wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ /* output computed auth tag */
+ byte* authTag, word32 authTagSz,
+ /* input data to authenticate */
+ const byte* authIn, word32 authInSz);
+/*!
+ \ingroup AES
+
+ \brief This function performs AES EAX decryption and authentication as
+ described in "EAX: A Conventional Authenticated-Encryption Mode"
+ (https://eprint.iacr.org/2003/069). It is a "one-shot" API that performs
+ all decryption and authentication operations in one function call.
+
+ \return 0 on successful decryption
+ \return BAD_FUNC_ARG if input or output buffers are NULL. Also returned
+ if the key size isn't a valid AES key size (16, 24, or 32 bytes)
+ \return AES_EAX_AUTH_E If the authentication tag does not match the
+ supplied authentication code vector \c authTag
+ \return other negative error values returned if AES or CMAC operations
+ fail.
+
+ \param key byte buffer containing the key to use
+ \param keySz length of the key buffer in bytes
+ \param[out] out buffer to hold the plaintext. Should be the same length as
+ the input ciphertext buffer
+ \param in ciphertext buffer to decrypt
+ \param inSz length of ciphertext buffer
+ \param nonce the cryptographic nonce to use for EAX operations
+ \param nonceSz length of nonce buffer in bytes
+ \param authTag buffer that holds the authentication tag to check the
+ authenticity of the data against
+ \param authTagSz Length of the input authentication tag
+ \param authIn pointer to the buffer containing input data to authenticate
+ \param authInSz length of the input authentication data
+
+ _Example_
+ \code
+ byte key[] = { some 32, 48, or 64 byte key };
+ byte nonce[] = {0x04, 0x5, 0x6};
+ byte cipherText[] = {0xDE, 0xAD, 0xBE, 0xEF};
+ byte authIn[] = {0x01, 0x2, 0x3};
+
+ byte plainText[sizeof(cipherText)]; // output plaintext
+ byte authTag[length, up to AES_BLOCK_SIZE]; // output authTag
+
+ if (wc_AesEaxDecrypt(key, sizeof(key),
+ cipherText, plainText, sizeof(plainText),
+ nonce, sizeof(nonce),
+ authTag, sizeof(authTag),
+ authIn, sizeof(authIn)) != 0) {
+ // failed to encrypt
+ }
+
+ \endcode
+
+ \sa wc_AesEaxEncryptAuth
+
+*/
+WOLFSSL_API int wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ /* auth tag to verify against */
+ const byte* authTag, word32 authTagSz,
+ /* input data to authenticate */
+ const byte* authIn, word32 authInSz);
+
+/*!
+ \ingroup AES
+ \brief This function initializes an AesEax object for use in authenticated
+ encryption or decryption. This function must be called on an AesEax
+ object before using it with any of the AES EAX incremental API functions.
+ It does not need to be called if using the one-shot EAX API functions.
+ All AesEax instances initialized with this function need to be freed with
+ a call to wc_AesEaxFree() when done using the instance.
+
+ \return 0 on success
+ \return error code on failure
+
+ \param eax AES EAX structure holding the context of the AEAD operation
+ \param key 16, 24, or 32 byte secret key for encryption and decryption
+ \param keySz length of the supplied key in bytes
+ \param nonce the cryptographic nonce to use for EAX operations
+ \param nonceSz length of nonce buffer in bytes
+ \param authIn (optional) input data to add to the authentication stream
+ This argument should be NULL if not used
+ \param authInSz size in bytes of the input authentication data
+
+ _Example_
+ \code
+ AesEax eax;
+ key[] = { some 16, 24, or 32 byte length key };
+ nonce[] = { some arbitrary length nonce };
+ authIn[] = { some data to add to the authentication stream };
+ plainText[] = {some plaintext data to encrypt};
+
+ cipherText[sizeof(plainText)]; // buffer to hold cipherText
+ authTag[length, up to AES_BLOCK_SIZE]; // buffer to hold computed auth data
+
+ AesEax eax;
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+ goto cleanup;
+ }
+
+ // if we wanted to add more auth data, we could provide it at this point,
+ // otherwise we use NULL for the authIn parameter, with authIn size of 0
+ if ((ret = wc_AesEaxEncryptUpdate(eax,
+ cipherText, plainText, sizeof(plainText),
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxEncryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+ goto cleanup;
+ }
+
+ cleanup:
+ wc_AesEaxFree(eax);
+ \endcode
+
+ \sa wc_AesEaxEncryptUpdate
+ \sa wc_AesEaxDecryptUpdate
+ \sa wc_AesEaxAuthDataUpdate
+ \sa wc_AesEaxEncryptFinal
+ \sa wc_AesEaxDecryptFinal
+ \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxInit(AesEax* eax,
+ const byte* key, word32 keySz,
+ const byte* nonce, word32 nonceSz,
+ const byte* authIn, word32 authInSz);
+
+/*!
+ \ingroup AES
+ \brief This function uses AES EAX to encrypt input data, and optionally, add
+ more input data to the authentication stream. \c eax must have been
+ previously initialized with a call to \ref wc_AesEaxInit.
+
+ \return 0 on success
+ \return error code on failure
+
+ \param eax AES EAX structure holding the context of the AEAD operation
+ \param[out] out output buffer holding the ciphertext
+ \param in input buffer holding the plaintext to encrypt
+ \param inSz size in bytes of the input data buffer
+ \param authIn (optional) input data to add to the authentication stream
+ This argument should be NULL if not used
+ \param authInSz size in bytes of the input authentication data
+
+ _Example_
+ \code
+ AesEax eax;
+ key[] = { some 16, 24, or 32 byte length key };
+ nonce[] = { some arbitrary length nonce };
+ authIn[] = { some data to add to the authentication stream };
+ plainText[] = {some plaintext data to encrypt};
+
+ cipherText[sizeof(plainText)]; // buffer to hold cipherText
+ authTag[length, up to AES_BLOCK_SIZE]; // buffer to hold computed auth data
+
+ AesEax eax;
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+ goto cleanup;
+ }
+
+ // if we wanted to add more auth data, we could provide it at this point,
+ // otherwise we use NULL for the authIn parameter, with authInSz of 0
+ if ((ret = wc_AesEaxEncryptUpdate(eax,
+ cipherText, plainText, sizeof(plainText),
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxEncryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+ goto cleanup;
+ }
+
+ cleanup:
+ wc_AesEaxFree(eax);
+ \endcode
+
+ \sa wc_AesEaxInit
+ \sa wc_AesEaxDecryptUpdate
+ \sa wc_AesEaxAuthDataUpdate
+ \sa wc_AesEaxEncryptFinal
+ \sa wc_AesEaxDecryptFinal
+ \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
+ const byte* in, word32 inSz,
+ const byte* authIn, word32 authInSz);
+
+/*!
+ \ingroup AES
+ \brief This function uses AES EAX to decrypt input data, and optionally, add
+ more input data to the authentication stream. \c eax must have been
+ previously initialized with a call to \ref wc_AesEaxInit.
+
+ \return 0 on success
+ \return error code on failure
+
+ \param eax AES EAX structure holding the context of the AEAD operation
+ \param[out] out output buffer holding the decrypted plaintext
+ \param in input buffer holding the ciphertext
+ \param inSz size in bytes of the input data buffer
+ \param authIn (optional) input data to add to the authentication stream
+ This argument should be NULL if not used
+ \param authInSz size in bytes of the input authentication data
+
+
+ _Example_
+ \code
+ AesEax eax;
+ key[] = { some 16, 24, or 32 byte length key };
+ nonce[] = { some arbitrary length nonce };
+ authIn[] = { some data to add to the authentication stream };
+ cipherText[] = {some encrypted data};
+
+ plainText[sizeof(cipherText)]; // buffer to hold decrypted data
+ // auth tag is generated elsewhere by the encrypt AEAD operation
+ authTag[length, up to AES_BLOCK_SIZE] = { the auth tag };
+
+ AesEax eax;
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+ goto cleanup;
+ }
+
+ // if we wanted to add more auth data, we could provide it at this point,
+ // otherwise we use NULL for the authIn parameter, with authInSz of 0
+ if ((ret = wc_AesEaxDecryptUpdate(eax,
+ plainText, cipherText, sizeof(cipherText),
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxDecryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+ goto cleanup;
+ }
+
+ cleanup:
+ wc_AesEaxFree(eax);
+ \endcode
+
+ \sa wc_AesEaxInit
+ \sa wc_AesEaxEncryptUpdate
+ \sa wc_AesEaxAuthDataUpdate
+ \sa wc_AesEaxEncryptFinal
+ \sa wc_AesEaxDecryptFinal
+ \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
+ const byte* in, word32 inSz,
+ const byte* authIn, word32 authInSz);
+/*!
+ \ingroup AES
+ \brief This function adds input data to the authentication stream.
+ \c eax must have been previously initialized with a call to
+ \ref wc_AesEaxInit.
+
+ \return 0 on success
+ \return error code on failure
+
+ \param eax AES EAX structure holding the context of the AEAD operation
+ \param authIn input data to add to the authentication stream
+ \param authInSz size in bytes of the input authentication data
+
+ _Example_
+ \code
+ AesEax eax;
+ key[] = { some 16, 24, or 32 byte length key };
+ nonce[] = { some arbitrary length nonce };
+ authIn[] = { some data to add to the authentication stream };
+ cipherText[] = {some encrypted data};
+
+ plainText[sizeof(cipherText)]; // buffer to hold decrypted data
+ // auth tag is generated elsewhere by the encrypt AEAD operation
+ authTag[length, up to AES_BLOCK_SIZE] = { the auth tag };
+
+ AesEax eax;
+
+ // No auth data to add here
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ // No auth data to add here, added later with wc_AesEaxAuthDataUpdate
+ if ((ret = wc_AesEaxDecryptUpdate(eax,
+ plainText, cipherText, sizeof(cipherText),
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxAuthDataUpdate(eax, authIn, sizeof(authIn))) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxDecryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+ goto cleanup;
+ }
+
+ cleanup:
+ wc_AesEaxFree(eax);
+ \endcode
+
+ \sa wc_AesEaxInit
+ \sa wc_AesEaxEncryptUpdate
+ \sa wc_AesEaxDecryptUpdate
+ \sa wc_AesEaxEncryptFinal
+ \sa wc_AesEaxDecryptFinal
+ \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxAuthDataUpdate(AesEax* eax,
+ const byte* authIn, word32 authInSz);
+
+/*!
+ \ingroup AES
+ \brief This function finalizes the encrypt AEAD operation, producing an auth
+ tag over the current authentication stream. \c eax must have been previously
+ initialized with a call to \ref wc_AesEaxInit. When done using the \c AesEax
+ context structure, make sure to free it using \ref wc_AesEaxFree.
+
+ \return 0 on success
+ \return error code on failure
+
+ \param eax AES EAX structure holding the context of the AEAD operation
+ \param authTag[out] buffer that will hold the computed auth tag
+ \param authTagSz size in bytes of \c authTag
+
+ _Example_
+ \code
+ AesEax eax;
+ key[] = { some 16, 24, or 32 byte length key };
+ nonce[] = { some arbitrary length nonce };
+ authIn[] = { some data to add to the authentication stream };
+ plainText[] = {some plaintext data to encrypt};
+
+ cipherText[sizeof(plainText)]; // buffer to hold cipherText
+ authTag[length, up to AES_BLOCK_SIZE]; // buffer to hold computed auth data
+
+ AesEax eax;
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+ goto cleanup;
+ }
+
+ // if we wanted to add more auth data, we could provide it at this point,
+ // otherwise we use NULL for the authIn parameter, with authInSz of 0
+ if ((ret = wc_AesEaxEncryptUpdate(eax,
+ cipherText, plainText, sizeof(plainText),
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxEncryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+ goto cleanup;
+ }
+
+ cleanup:
+ wc_AesEaxFree(eax);
+ \endcode
+
+ \sa wc_AesEaxInit
+ \sa wc_AesEaxEncryptUpdate
+ \sa wc_AesEaxDecryptUpdate
+ \sa wc_AesEaxAuthDataUpdate
+ \sa wc_AesEaxDecryptFinal
+ \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxEncryptFinal(AesEax* eax,
+ byte* authTag, word32 authTagSz);
+
+/*!
+ \ingroup AES
+ \brief This function finalizes the decrypt AEAD operation, finalizing the
+ auth tag computation and checking it for validity against the user supplied
+ tag. \c eax must have been previously initialized with a call to
+ \ref wc_AesEaxInit. When done using the \c AesEax context structure, make
+ sure to free it using \ref wc_AesEaxFree.
+
+ \return 0 if data is authenticated successfully
+ \return AES_EAX_AUTH_E if the authentication tag does not match the
+ supplied authentication code vector \c authIn
+ \return other error code on failure
+
+ \param eax AES EAX structure holding the context of the AEAD operation
+ \param authIn input auth tag to check computed auth tag against
+ \param authInSz size in bytes of \c authIn
+
+ _Example_
+ \code
+ AesEax eax;
+ key[] = { some 16, 24, or 32 byte length key };
+ nonce[] = { some arbitrary length nonce };
+ authIn[] = { some data to add to the authentication stream };
+ cipherText[] = {some encrypted data};
+
+ plainText[sizeof(cipherText)]; // buffer to hold decrypted data
+ // auth tag is generated elsewhere by the encrypt AEAD operation
+ authTag[length, up to AES_BLOCK_SIZE] = { the auth tag };
+
+ AesEax eax;
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+ goto cleanup;
+ }
+
+ // if we wanted to add more auth data, we could provide it at this point,
+ // otherwise we use NULL for the authIn parameter, with authInSz of 0
+ if ((ret = wc_AesEaxDecryptUpdate(eax,
+ plainText, cipherText, sizeof(cipherText),
+ NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxDecryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+ goto cleanup;
+ }
+
+ cleanup:
+ wc_AesEaxFree(eax);
+ \endcode
+
+ \sa wc_AesEaxInit
+ \sa wc_AesEaxEncryptUpdate
+ \sa wc_AesEaxDecryptUpdate
+ \sa wc_AesEaxAuthDataUpdate
+ \sa wc_AesEaxEncryptFinal
+ \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxDecryptFinal(AesEax* eax,
+ const byte* authIn, word32 authInSz);
+/*!
+ \ingroup AES
+
+ \brief This frees up any resources, specifically keys, used by the Aes
+ instance inside the AesEax wrapper struct. It should be called on the
+ AesEax struct after it has been initialized with wc_AesEaxInit, and all
+ desired EAX operations are complete.
+
+ \return 0 Success
+
+ \param eaxAES EAX instance to free
+
+ _Example_
+ \code
+ AesEax eax;
+
+ if(wc_AesEaxInit(eax, key, keySz, nonce, nonceSz, authIn, authInSz) != 0) {
+ // handle errors, then free
+ wc_AesEaxFree(&eax);
+ }
+ \endcode
+
+ \sa wc_AesEaxInit
+ \sa wc_AesEaxEncryptUpdate
+ \sa wc_AesEaxDecryptUpdate
+ \sa wc_AesEaxAuthDataUpdate
+ \sa wc_AesEaxEncryptFinal
+ \sa wc_AesEaxDecryptFinal
+*/
+WOLFSSL_API int wc_AesEaxFree(AesEax* eax);
+
+
+
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h
index 882ab89c..e7505e22 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h
@@ -1231,7 +1231,7 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 pemSz;
byte* cipher_info[] { Additional cipher info. }
- pemSz = wc_DerToPemEx(der, derSz,pemFormatted,FOURK_BUF, ,CERT_TYPE);
+ pemSz = wc_DerToPemEx(der, derSz, pemFormatted, FOURK_BUF, cipher_info, CERT_TYPE);
\endcode
\sa wc_PemCertToDer
@@ -2110,7 +2110,7 @@ int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
_Example_
\code
int ret = 0;
- // Unkown extension callback prototype
+ // Unknown extension callback prototype
int myUnknownExtCallback(const word16* oid, word32 oidSz, int crit,
const unsigned char* der, word32 derSz);
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h
index a2f36a52..96d5bc8c 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h
@@ -6,7 +6,7 @@
\param key key pointer
\param keySz size of the key pointer (16, 24 or 32)
\param type Always WC_CMAC_AES = 1
- \param unused not used, exists for potential future use around compatiblity
+ \param unused not used, exists for potential future use around compatibility
_Example_
\code
@@ -23,6 +23,8 @@
\sa wc_InitCmac_ex
\sa wc_CmacUpdate
\sa wc_CmacFinal
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFree
*/
int wc_InitCmac(Cmac* cmac,
const byte* key, word32 keySz,
@@ -36,7 +38,7 @@ int wc_InitCmac(Cmac* cmac,
\param key key pointer
\param keySz size of the key pointer (16, 24 or 32)
\param type Always WC_CMAC_AES = 1
- \param unused not used, exists for potential future use around compatiblity
+ \param unused not used, exists for potential future use around compatibility
\param heap pointer to the heap hint used for dynamic allocation. Typically used with our static memory option. Can be NULL.
\param devId ID to use with async hardware. Set to INVALID_DEVID if not using async hardware.
@@ -55,6 +57,8 @@ int wc_InitCmac(Cmac* cmac,
\sa wc_InitCmac_ex
\sa wc_CmacUpdate
\sa wc_CmacFinal
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFree
*/
int wc_InitCmac_ex(Cmac* cmac,
const byte* key, word32 keySz,
@@ -75,13 +79,16 @@ int wc_InitCmac_ex(Cmac* cmac,
\sa wc_InitCmac
\sa wc_CmacFinal
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFree
*/
int wc_CmacUpdate(Cmac* cmac,
const byte* in, word32 inSz);
+
/*!
\ingroup CMAC
- \brief Generate the final result using Cipher-based Message Authentication Code
+ \brief Generate the final result using Cipher-based Message Authentication Code, deferring context cleanup.
\return 0 on success
\param cmac pointer to the Cmac structure
\param out pointer to return the result
@@ -89,18 +96,60 @@ int wc_CmacUpdate(Cmac* cmac,
_Example_
\code
- ret = wc_CmacFinal(cmac, out, &outSz);
+ ret = wc_CmacFinalNoFree(cmac, out, &outSz);
+ (void)wc_CmacFree(cmac);
\endcode
\sa wc_InitCmac
\sa wc_CmacFinal
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFree
*/
-int wc_CmacFinal(Cmac* cmac,
+int wc_CmacFinalNoFree(Cmac* cmac,
byte* out, word32* outSz);
/*!
\ingroup CMAC
- \brief Single shot fuction for generating a CMAC
+ \brief Generate the final result using Cipher-based Message Authentication Code, and clean up the context with wc_CmacFree().
+ \return 0 on success
+ \param cmac pointer to the Cmac structure
+ \param out pointer to return the result
+ \param outSz pointer size of output (in/out)
+
+ _Example_
+ \code
+ ret = wc_CmacFinal(cmac, out, &outSz);
+ \endcode
+
+ \sa wc_InitCmac
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFree
+*/
+int wc_CmacFinalNoFree(Cmac* cmac);
+
+/*!
+ \ingroup CMAC
+ \brief Clean up allocations in a CMAC context.
+ \return 0 on success
+ \param cmac pointer to the Cmac structure
+
+ _Example_
+ \code
+ ret = wc_CmacFinalNoFree(cmac, out, &outSz);
+ (void)wc_CmacFree(cmac);
+ \endcode
+
+ \sa wc_InitCmac
+ \sa wc_CmacFinalNoFree
+ \sa wc_CmacFinal
+ \sa wc_CmacFree
+*/
+int wc_CmacFree(Cmac* cmac);
+
+/*!
+ \ingroup CMAC
+ \brief Single shot function for generating a CMAC
\return 0 on success
\param out pointer to return the result
\param outSz pointer size of output (in/out)
@@ -122,7 +171,7 @@ int wc_AesCmacGenerate(byte* out, word32* outSz,
/*!
\ingroup CMAC
- \brief Single shot fuction for validating a CMAC
+ \brief Single shot function for validating a CMAC
\return 0 on success
\param check pointer to return the result
\param checkSz size of checkout buffer
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h
index fc7c253c..709d462b 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h
@@ -206,6 +206,7 @@
\defgroup RSA Algorithms - RSA
\defgroup SHA Algorithms - SHA 128/224/256/384/512
\defgroup SipHash Algorithm - SipHash
+ \defgroup SrtpKdf Algorithm - SRTP KDF
\defgroup SRP Algorithms - SRP
\defgroup ASN ASN.1
@@ -221,7 +222,7 @@
key operations and reducing the attack surface by restricting access to certificate and keys
to the SIM.
- IoT-Safe support can be enabled on an existing WOLFSSL_CTX contex, using wolfSSL_CTX_iotsafe_enable().\n
+ IoT-Safe support can be enabled on an existing WOLFSSL_CTX context, using wolfSSL_CTX_iotsafe_enable().\n
Session created within the context can set the parameters for IoT-Safe key and files usage, and enable
the public keys callback, with wolfSSL_iotsafe_on().
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h
index 56b9025e..2765449a 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h
@@ -57,6 +57,7 @@
<li>\ref RSA</li>
<li>\ref SHA</li>
<li>\ref SipHash</li>
+ <li>\ref SrtpKdf</li>
<li>\ref SRP</li>
</ul>
*/
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h
index fcf3b5c1..b4176da9 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h
@@ -1,21 +1,21 @@
/*!
\ingroup ED25519
- \brief This function generates the Ed25519 public key from the private key.
- It stores the public key in the buffer pubKey, and sets the bytes
- written to this buffer in pubKeySz.
+ \brief This function generates the Ed25519 public key from the private key,
+ stored in the ed25519_key object. It stores the public key in the buffer
+ pubKey.
\return 0 Returned upon successfully making the public key.
- \return BAD_FUNC_ARG Returned ifi key or pubKey evaluate to NULL, or if the
+ \return BAD_FUNC_ARG Returned if key or pubKey evaluate to NULL, or if the
specified key size is not 32 bytes (Ed25519 has 32 byte keys).
+ \return ECC_PRIV_KEY_E returned if the ed25519_key object does not have
+ the private key in it.
\return MEMORY_E Returned if there is an error allocating memory
during function execution.
\param [in] key Pointer to the ed25519_key for which to generate a key.
- \param [out] out Pointer to the buffer in which to store the public key.
- \param [in,out] outLen Pointer to a word32 object with the size available
- in out. Set with the number of bytes written to out after successfully
- exporting the public key.
+ \param [out] pubKey Pointer to the buffer in which to store the public key.
+ \param [in] pubKeySz Size of the public key. Should be ED25519_PUB_KEY_SIZE.
_Example_
\code
@@ -301,7 +301,7 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
\ingroup ED25519
\brief This function verifies the Ed25519 signature of a message to ensure
- authenticity. It returns the answer through res, with 1 corresponding to
+ authenticity. It returns the answer through ret, with 1 corresponding to
a valid signature, and 0 corresponding to an invalid signature.
\return 0 Returned upon successfully performing the signature
@@ -315,7 +315,7 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
\param [in] siglen Length of the signature to verify.
\param [in] msg Pointer to the buffer containing the message to verify.
\param [in] msgLen Length of the message to verify.
- \param [out] res Pointer to the result of the verification. 1 indicates the
+ \param [out] ret Pointer to the result of the verification. 1 indicates the
message was successfully verified.
\param [in] key Pointer to a public Ed25519 key with which to verify the
signature.
@@ -351,7 +351,7 @@ int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
\brief This function verifies the Ed25519 signature of a message to ensure
authenticity. The context is included as part of the data
- verified. It returns the answer through res, with 1 corresponding to
+ verified. It returns the answer through ret, with 1 corresponding to
a valid signature, and 0 corresponding to an invalid signature.
\return 0 Returned upon successfully performing the signature
@@ -365,7 +365,7 @@ int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
\param [in] siglen Length of the signature to verify.
\param [in] msg Pointer to the buffer containing the message to verify.
\param [in] msgLen Length of the message to verify.
- \param [out] res Pointer to the result of the verification. 1 indicates the
+ \param [out] ret Pointer to the result of the verification. 1 indicates the
message was successfully verified.
\param [in] key Pointer to a public Ed25519 key with which to verify the
signature.
@@ -408,7 +408,7 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
message to ensure authenticity. The context is included as part of the data
verified. The hash is the pre-hashed message before signature calculation.
The hash algorithm used to create message digest must be SHA-512.
- The answer is returned through res, with 1 corresponding to a valid
+ The answer is returned through ret, with 1 corresponding to a valid
signature, and 0 corresponding to an invalid signature.
@@ -424,7 +424,7 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
\param [in] hash Pointer to the buffer containing the hash of the message
to verify.
\param [in] hashLen Length of the hash to verify.
- \param [out] res Pointer to the result of the verification. 1 indicates the
+ \param [out] ret Pointer to the result of the verification. 1 indicates the
message was successfully verified.
\param [in] key Pointer to a public Ed25519 key with which to verify the
signature.
@@ -466,7 +466,7 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
\brief This function verifies the Ed25519 signature of a message to ensure
authenticity. The context is included as part of the data
verified. The message is pre-hashed before verification. It returns the
- answer through res, with 1 corresponding to a valid signature, and 0
+ answer through ret, with 1 corresponding to a valid signature, and 0
corresponding to an invalid signature.
\return 0 Returned upon successfully performing the signature
@@ -480,7 +480,7 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
\param [in] siglen Length of the signature to verify.
\param [in] msg Pointer to the buffer containing the message to verify.
\param [in] msgLen Length of the message to verify.
- \param [out] res Pointer to the result of the verification. 1 indicates the
+ \param [out] ret Pointer to the result of the verification. 1 indicates the
message was successfully verified.
\param [in] key Pointer to a public Ed25519 key with which to verify the
signature.
@@ -562,7 +562,7 @@ void wc_ed25519_free(ed25519_key* key);
/*!
\ingroup ED25519
- \brief This function imports a public ed25519_key pair from a buffer
+ \brief This function imports a public ed25519_key from a buffer
containing the public key. This function will handle both compressed and
uncompressed keys. The public key is checked that it matches the private
key when one is present.
@@ -600,7 +600,7 @@ int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
/*!
\ingroup ED25519
- \brief This function imports a public ed25519_key pair from a buffer
+ \brief This function imports a public ed25519_key from a buffer
containing the public key. This function will handle both compressed and
uncompressed keys. Check public key matches private key, when present,
when not trusted.
@@ -649,8 +649,6 @@ int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
\param [in] priv Pointer to the buffer containing the private key.
\param [in] privSz Length of the private key.
- \param [in] pub Pointer to the buffer containing the public key.
- \param [in] pubSz Length of the public key.
\param [in,out] key Pointer to the ed25519_key object in which to store the
imported private key.
@@ -950,7 +948,7 @@ int wc_ed25519_export_key(ed25519_key* key,
\return 0 Returned if the private and public key matched.
\return BAD_FUNC_ARG Returned if the given key is NULL.
- \return PUBLIC_KEY_E Returned if the no public key availble or is invalid.
+ \return PUBLIC_KEY_E Returned if the no public key available or is invalid.
\param [in] key Pointer to an ed25519_key structure holding a private and
public key.
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h
new file mode 100644
index 00000000..02088c75
--- /dev/null
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h
@@ -0,0 +1,225 @@
+
+/*!
+ \ingroup SrtpKdf
+
+ \brief This function derives keys using SRTP KDF algorithm.
+
+ \return 0 Returned upon successful key derivation.
+ \return BAD_FUNC_ARG Returned when key or salt is NULL
+ \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+ \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+ \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+ \return MEMORY_E on dynamic memory allocation failure.
+
+ \param [in] key Key to use with encryption.
+ \param [in] keySz Size of key in bytes.
+ \param [in] salt Random non-secret value.
+ \param [in] saltSz Size of random in bytes.
+ \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+ \param [in] index Index value to XOR in.
+ \param [out] key1 First key. Label value of 0x00.
+ \param [in] key1Sz Size of first key in bytes.
+ \param [out] key2 Second key. Label value of 0x01.
+ \param [in] key2Sz Size of second key in bytes.
+ \param [out] key3 Third key. Label value of 0x02.
+ \param [in] key3Sz Size of third key in bytes.
+
+
+ _Example_
+ \code
+ unsigned char key[16] = { ... };
+ unsigned char salt[14] = { ... };
+ unsigned char index[6] = { ... };
+ unsigned char keyE[16];
+ unsigned char keyA[20];
+ unsigned char keyS[14];
+ int kdrIdx = 0; // Use all of index
+ int ret;
+
+ ret = wc_SRTP_KDF(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
+ keyE, sizeof(keyE), keyA, sizeof(keyA), keyS, sizeof(keyS));
+ if (ret != 0) {
+ WOLFSSL_MSG("wc_SRTP_KDF failed");
+ }
+ \endcode
+
+ \sa wc_SRTCP_KDF
+ \sa wc_SRTP_KDF_label
+ \sa wc_SRTCP_KDF_label
+ \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+ int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+ word32 key2Sz, byte* key3, word32 key3Sz);
+
+/*!
+ \ingroup SrtpKdf
+
+ \brief This function derives keys using SRTCP KDF algorithm.
+
+ \return 0 Returned upon successful key derivation.
+ \return BAD_FUNC_ARG Returned when key or salt is NULL
+ \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+ \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+ \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+ \return MEMORY_E on dynamic memory allocation failure.
+
+ \param [in] key Key to use with encryption.
+ \param [in] keySz Size of key in bytes.
+ \param [in] salt Random non-secret value.
+ \param [in] saltSz Size of random in bytes.
+ \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+ \param [in] index Index value to XOR in.
+ \param [out] key1 First key. Label value of 0x00.
+ \param [in] key1Sz Size of first key in bytes.
+ \param [out] key2 Second key. Label value of 0x01.
+ \param [in] key2Sz Size of second key in bytes.
+ \param [out] key3 Third key. Label value of 0x02.
+ \param [in] key3Sz Size of third key in bytes.
+
+
+ _Example_
+ \code
+ unsigned char key[16] = { ... };
+ unsigned char salt[14] = { ... };
+ unsigned char index[4] = { ... };
+ unsigned char keyE[16];
+ unsigned char keyA[20];
+ unsigned char keyS[14];
+ int kdrIdx = 0; // Use all of index
+ int ret;
+
+ ret = wc_SRTCP_KDF(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
+ keyE, sizeof(keyE), keyA, sizeof(keyA), keyS, sizeof(keyS));
+ if (ret != 0) {
+ WOLFSSL_MSG("wc_SRTP_KDF failed");
+ }
+ \endcode
+
+ \sa wc_SRTP_KDF
+ \sa wc_SRTP_KDF_label
+ \sa wc_SRTCP_KDF_label
+ \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+ int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+ word32 key2Sz, byte* key3, word32 key3Sz);
+/*!
+ \ingroup SrtpKdf
+
+ \brief This function derives a key with label using SRTP KDF algorithm.
+
+ \return 0 Returned upon successful key derivation.
+ \return BAD_FUNC_ARG Returned when key, salt or outKey is NULL
+ \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+ \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+ \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+ \return MEMORY_E on dynamic memory allocation failure.
+
+ \param [in] key Key to use with encryption.
+ \param [in] keySz Size of key in bytes.
+ \param [in] salt Random non-secret value.
+ \param [in] saltSz Size of random in bytes.
+ \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+ \param [in] index Index value to XOR in.
+ \param [in] label Label to use when deriving key.
+ \param [out] outKey Derived key.
+ \param [in] outKeySz Size of derived key in bytes.
+
+
+ _Example_
+ \code
+ unsigned char key[16] = { ... };
+ unsigned char salt[14] = { ... };
+ unsigned char index[6] = { ... };
+ unsigned char keyE[16];
+ int kdrIdx = 0; // Use all of index
+ int ret;
+
+ ret = wc_SRTP_KDF_label(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
+ WC_SRTP_LABEL_ENCRYPTION, keyE, sizeof(keyE));
+ if (ret != 0) {
+ WOLFSSL_MSG("wc_SRTP_KDF failed");
+ }
+ \endcode
+
+ \sa wc_SRTP_KDF
+ \sa wc_SRTCP_KDF
+ \sa wc_SRTCP_KDF_label
+ \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+ word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+ word32 outKeySz);
+/*!
+ \ingroup SrtpKdf
+
+ \brief This function derives key with label using SRTCP KDF algorithm.
+
+ \return 0 Returned upon successful key derivation.
+ \return BAD_FUNC_ARG Returned when key, salt or outKey is NULL
+ \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+ \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+ \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+ \return MEMORY_E on dynamic memory allocation failure.
+
+ \param [in] key Key to use with encryption.
+ \param [in] keySz Size of key in bytes.
+ \param [in] salt Random non-secret value.
+ \param [in] saltSz Size of random in bytes.
+ \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+ \param [in] index Index value to XOR in.
+ \param [in] label Label to use when deriving key.
+ \param [out] outKey Derived key.
+ \param [in] outKeySz Size of derived key in bytes.
+
+
+ _Example_
+ \code
+ unsigned char key[16] = { ... };
+ unsigned char salt[14] = { ... };
+ unsigned char index[4] = { ... };
+ unsigned char keyE[16];
+ int kdrIdx = 0; // Use all of index
+ int ret;
+
+ ret = wc_SRTCP_KDF_label(key, sizeof(key), salt, sizeof(salt), kdrIdx,
+ index, WC_SRTCP_LABEL_ENCRYPTION, keyE, sizeof(keyE));
+ if (ret != 0) {
+ WOLFSSL_MSG("wc_SRTP_KDF failed");
+ }
+ \endcode
+
+ \sa wc_SRTP_KDF
+ \sa wc_SRTCP_KDF
+ \sa wc_SRTP_KDF_label
+ \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+ word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+ word32 outKeySz);
+/*!
+ \ingroup SrtpKdf
+
+ \brief This function converts a kdr value to an index to use in SRTP/SRTCP KDF API.
+
+ \return Key derivation rate as an index.
+
+ \param [in] kdr Key derivation rate to convert.
+
+ _Example_
+ \code
+ word32 kdr = 0x00000010;
+ int kdrIdx;
+ int ret;
+
+ kdrIdx = wc_SRTP_KDF_kdr_to_idx(kdr);
+ \endcode
+
+ \sa wc_SRTP_KDF
+ \sa wc_SRTCP_KDF
+ \sa wc_SRTP_KDF_label
+ \sa wc_SRTCP_KDF_label
+*/
+int wc_SRTP_KDF_kdr_to_idx(word32 kdr);
+
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h
index 4b43a299..6e8c7526 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h
@@ -1104,7 +1104,7 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
\brief This function converts an RsaKey key to DER format. The result is
written to output and it returns the number of bytes written.
- \return 0 Success
+ \return >0 Success, number of bytes written.
\return BAD_FUNC_ARG Returned if key or output is null, or if key->type
is not RSA_PRIVATE, or if inLen isn't large enough for output buffer.
\return MEMORY_E Returned if there is an error allocating memory.
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h
index ff6e4aed..fbd38cef 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h
@@ -1010,7 +1010,7 @@ int wc_Shake128_Copy(wc_Shake* shake, wc_Shake* dst);
}
else {
wc_Shake256_Update(shake, data, len);
- wc_Shake256_Final(shake, hash);
+ wc_Shake256_Final(shake, hash, sizeof(hash));
}
\endcode
@@ -1043,7 +1043,7 @@ int wc_InitShake256(wc_Shake* shake, void* heap, int devId);
}
else {
wc_Shake256_Update(shake, data, len);
- wc_Shake256_Final(shake, hash);
+ wc_Shake256_Final(shake, hash, sizeof(hash));
}
\endcode
@@ -1063,6 +1063,7 @@ int wc_Shake256_Update(wc_Shake* sha, const byte* data, word32 len);
\param shake pointer to the shake structure to use for encryption
\param hash Byte array to hold hash value.
+ \param hashLen Size of hash in bytes.
_Example_
\code
@@ -1075,7 +1076,7 @@ int wc_Shake256_Update(wc_Shake* sha, const byte* data, word32 len);
}
else {
wc_Shake256_Update(shake, data, len);
- wc_Shake256_Final(shake, hash);
+ wc_Shake256_Final(shake, hash, sizeof(hash));
}
\endcode
@@ -1083,7 +1084,7 @@ int wc_Shake256_Update(wc_Shake* sha, const byte* data, word32 len);
\sa wc_Shake256_GetHash
\sa wc_InitShake256
*/
-int wc_Shake256_Final(wc_Shake* shake, byte* hash);
+int wc_Shake256_Final(wc_Shake* shake, byte* hash, word32 hashLen);
/*!
\ingroup SHA
@@ -1175,7 +1176,7 @@ int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt);
}
else {
wc_Shake256_Update(&shake, data, len);
- wc_Shake256_Final(&shake, hash);
+ wc_Shake256_Final(&shake, hash, sizeof(hash));
wc_Shake256_Free(&shake);
}
\endcode
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h
index ccb2f8bd..5965f11d 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h
@@ -762,7 +762,7 @@ int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
_Example_
\code
int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
- // body of send session (wc_dtls_export) that passses
+ // body of send session (wc_dtls_export) that passes
// buf (serialized session) to destination
WOLFSSL_CTX* ctx;
int ret;
@@ -799,7 +799,7 @@ int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
_Example_
\code
int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
- // body of send session (wc_dtls_export) that passses
+ // body of send session (wc_dtls_export) that passes
// buf (serialized session) to destination
WOLFSSL* ssl;
int ret;
@@ -859,7 +859,7 @@ int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf,
/*!
\brief Used to export a serialized TLS session. This function is for
- importing a serialized state of the connection.
+ exporting a serialized state of the connection.
In most cases wolfSSL_get1_session should be used instead of
wolfSSL_tls_export.
Additional debug info can be displayed with the macro
@@ -1164,7 +1164,7 @@ int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int form
\sa wolfSSL_use_certificate_chain_file
*/
int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
- const char* format);
+ const char* path);
/*!
\ingroup CertsKeys
@@ -1236,7 +1236,9 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
\brief This function returns a pointer to an array of strings representing
directories wolfSSL will search for system CA certs when
- wolfSSL_CTX_load_system_CA_certs is called.
+ wolfSSL_CTX_load_system_CA_certs is called. On systems that don't store
+ certificates in an accessible system directory (such as Apple platforms),
+ this function will always return NULL.
\return Valid pointer on success.
\return NULL pointer on failure.
@@ -1266,9 +1268,19 @@ const char** wolfSSL_get_system_CA_dirs(word32* num);
/*!
\ingroup CertsKeys
- \brief This function attempts to load CA certificates into a WOLFSSL_CTX
- from an OS-dependent CA certificate store. Loaded certificates will be
- trusted.
+ \brief On most platforms (including Linux and Windows), this function
+ attempts to load CA certificates into a WOLFSSL_CTX from an OS-dependent
+ CA certificate store. Loaded certificates will be trusted.
+
+ On Apple platforms (excluding macOS), certificates can't be obtained from
+ the system, and therefore cannot be loaded into the wolfSSL certificate
+ manager. For these platforms, this function enables TLS connections bound to
+ the WOLFSSL_CTX to use the native system trust APIs to verify authenticity
+ of the peer certificate chain if the authenticity of the peer cannot first
+ be authenticated against certificates loaded by the user.
+
+ The platforms supported and tested are: Linux (Debian, Ubuntu,
+ Gentoo, Fedora, RHEL), Windows 10/11, Android, macOS, and iOS.
\return WOLFSSL_SUCCESS on success.
\return WOLFSSL_BAD_PATH if no system CA certs were loaded.
@@ -1438,9 +1450,9 @@ int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int f
\brief This function returns the maximum chain depth allowed, which is 9 by
default, for a valid session i.e. there is a non-null session object (ssl).
- \return MAX_CHAIN_DEPTH returned if the WOLFSSL_CTX structure is not
+ \return MAX_CHAIN_DEPTH returned if the WOLFSSL structure is not
NULL. By default the value is 9.
- \return BAD_FUNC_ARG returned if the WOLFSSL_CTX structure is NULL.
+ \return BAD_FUNC_ARG returned if the WOLFSSL structure is NULL.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
@@ -1645,7 +1657,7 @@ int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
\param file a pointer to the name of the file containing the RSA private
key to be loaded into the wolfSSL SSL session, with format as specified
by format.
- \parm format the encoding type of the RSA private key specified by file.
+ \param format the encoding type of the RSA private key specified by file.
Possible values include SSL_FILETYPE_PEM and SSL_FILETYPE_ASN1.
_Example_
@@ -1793,7 +1805,7 @@ WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
a socket file descriptor.
\return SSL_SUCCESS upon success.
- \return Bad_FUNC_ARG upon failure.
+ \return BAD_FUNC_ARG upon failure.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param fd file descriptor to use with SSL/TLS connection.
@@ -1827,7 +1839,7 @@ int wolfSSL_set_fd(WOLFSSL* ssl, int fd);
addr and addr_len parameters set to NULL.
\return SSL_SUCCESS upon success.
- \return Bad_FUNC_ARG upon failure.
+ \return BAD_FUNC_ARG upon failure.
\param ssl pointer to the SSL session, created with wolfSSL_new().
\param fd file descriptor to use with SSL/TLS connection.
@@ -2821,7 +2833,7 @@ int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
\return none No return.
\param ctx pointer to the SSL context, created with wolfSSL_CTX_new().
- \param mode session timeout value in seconds
+ \param mode flags indicating verification mode for peer's cert.
\param verify_callback callback to be called when verification fails.
If no callback is desired, the NULL pointer can be used for
verify_callback.
@@ -2869,7 +2881,7 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
\return none No return.
\param ssl pointer to the SSL session, created with wolfSSL_new().
- \param mode session timeout value in seconds.
+ \param mode flags indicating verification mode for peer's cert.
\param verify_callback callback to be called when verification fails.
If no callback is desired, the NULL pointer can
be used for verify_callback.
@@ -3137,6 +3149,7 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param cb a SessionSecretCb type that is a function pointer with the above
signature.
+ \param ctx a pointer to the user context to be stored
_Example_
\code
@@ -3168,7 +3181,7 @@ int wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
\return FWRITE_ERROR returned if XFWRITE failed to write to the file.
\return BAD_MUTEX_E returned if there was a mutex lock failure.
- \param name is a constant char pointer that points to a file for writing.
+ \param fname is a constant char pointer that points to a file for writing.
_Example_
\code
@@ -3183,7 +3196,7 @@ int wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
\sa wolfSSL_restore_session_cache
\sa wolfSSL_memrestore_session_cache
*/
-int wolfSSL_save_session_cache(const char*);
+int wolfSSL_save_session_cache(const char* fname);
/*!
\ingroup IO
@@ -3213,7 +3226,7 @@ int wolfSSL_save_session_cache(const char*);
\sa XFREAD
\sa XFOPEN
*/
-int wolfSSL_restore_session_cache(const char*);
+int wolfSSL_restore_session_cache(const char* fname);
/*!
\ingroup IO
@@ -3311,7 +3324,7 @@ int wolfSSL_get_session_cache_memsize(void);
\param ctx a pointer to a WOLFSSL_CTX structure, holding the
certificate information.
- \param fname the cert cache buffer.
+ \param fname a constant char pointer that points to a file for writing.
_Example_
\code
@@ -3343,7 +3356,7 @@ int wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
\param ctx a pointer to a WOLFSSL_CTX structure, holding the certificate
information.
- \param fname the cert cache buffer.
+ \param fname a constant char pointer that points to a file for reading.
_Example_
\code
@@ -3461,7 +3474,7 @@ int wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz
\sa CM_GetCertCacheMemSize
*/
-int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
+int wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX* ctx);
/*!
\ingroup Setup
@@ -3598,7 +3611,7 @@ void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
\sa wolfSSL_dtls_got_timeout
\sa wolfSSL_dtls_set_using_nonblock
*/
-int wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
+int wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl);
/*!
\brief This function returns the current timeout value in seconds for
the WOLFSSL object. When using non-blocking sockets, something in the user
@@ -3918,7 +3931,7 @@ int wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
\sa wolfSSL_ERR_print_errors_fp
\sa wolfSSL_load_error_strings
*/
-char* wolfSSL_ERR_error_string(unsigned long,char*);
+char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data);
/*!
\ingroup Debug
@@ -3962,7 +3975,7 @@ void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
structure is within the WOLFSSL structure.
\return 1 SSL_SENT_SHUTDOWN is returned.
- \return 2 SS_RECEIVED_SHUTDOWN is returned.
+ \return 2 SSL_RECEIVED_SHUTDOWN is returned.
\param ssl a constant pointer to a WOLFSSL structure, created using
wolfSSL_new().
@@ -3988,7 +4001,7 @@ void wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
\sa wolfSSL_SESSION_free
*/
-int wolfSSL_get_shutdown(const WOLFSSL*);
+int wolfSSL_get_shutdown(const WOLFSSL* ssl);
/*!
\ingroup IO
@@ -4015,7 +4028,7 @@ int wolfSSL_get_shutdown(const WOLFSSL*);
\sa wolfSSL_GetSessionIndex
\sa wolfSSL_memsave_session_cache
*/
-int wolfSSL_session_reused(WOLFSSL*);
+int wolfSSL_session_reused(WOLFSSL* ssl);
/*!
\ingroup TLS
@@ -4045,7 +4058,7 @@ int wolfSSL_session_reused(WOLFSSL*);
\sa wolfSSL_get_keys
\sa wolfSSL_set_shutdown
*/
-int wolfSSL_is_init_finished(WOLFSSL*);
+int wolfSSL_is_init_finished(WOLFSSL* ssl);
/*!
\ingroup IO
@@ -4077,7 +4090,7 @@ int wolfSSL_is_init_finished(WOLFSSL*);
\sa wolfSSL_lib_version
*/
-const char* wolfSSL_get_version(WOLFSSL*);
+const char* wolfSSL_get_version(WOLFSSL* ssl);
/*!
\ingroup IO
@@ -4141,7 +4154,7 @@ int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
\sa wolfSSL_get_cipher_name_internal
\sa wolfSSL_get_cipher_name
*/
-WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL*);
+WOLFSSL_CIPHER* wolfSSL_get_current_cipher(WOLFSSL* ssl);
/*!
\ingroup IO
@@ -4481,7 +4494,7 @@ int wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
\sa wolfSSL_BIO_new, wolfSSL_BIO_s_mem
\sa wolfSSL_BIO_new, wolfSSL_BIO_free
*/
-int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
+int wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *bio);
/*!
\ingroup IO
@@ -4781,7 +4794,7 @@ char* wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
\sa wolfSSL_get_peer_certificate
\sa wolfSSL_X509_NAME_oneline
*/
-WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert);
/*!
\ingroup CertsKeys
@@ -4810,7 +4823,7 @@ WOLFSSL_X509_NAME* wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
\sa wolfSSL_X509_get_isCA
\sa wolfSSL_get_peer_certificate
*/
-WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert);
/*!
\ingroup CertsKeys
@@ -4822,7 +4835,7 @@ WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
structure is returned.
\return 0 returned if there is not a valid x509 structure passed in.
- \param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
+ \param cert a pointer to a WOLFSSL_X509 structure.
_Example_
\code
@@ -4841,7 +4854,7 @@ WOLFSSL_X509_NAME* wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
\sa wolfSSL_X509_get_issuer_name
\sa wolfSSL_X509_get_isCA
*/
-int wolfSSL_X509_get_isCA(WOLFSSL_X509*);
+int wolfSSL_X509_get_isCA(WOLFSSL_X509* cert);
/*!
\ingroup CertsKeys
@@ -4883,7 +4896,7 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
\return int an integer value is returned which was retrieved from
the x509 object.
- \param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
+ \param cert a pointer to a WOLFSSL_X509 structure.
_Example_
\code
@@ -4905,7 +4918,7 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
\sa wolfSSL_X509_notAfter
\sa wolfSSL_X509_free
*/
-int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
+int wolfSSL_X509_get_signature_type(WOLFSSL_X509* cert);
/*!
\brief This function frees a WOLFSSL_X509 structure.
@@ -5191,7 +5204,7 @@ long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
\sa wolfSSL_CTX_free
\sa wolfSSL_CTX_set_read_ahead
*/
-int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
+int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX* ctx);
/*!
\ingroup Setup
@@ -5202,6 +5215,7 @@ int wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
\return SSL_FAILURE If ctx is NULL then SSL_FAILURE is returned.
\param ctx WOLFSSL_CTX structure to set read ahead flag.
+ \param v read ahead flag
_Example_
\code
@@ -5332,7 +5346,7 @@ long wolfSSL_set_options(WOLFSSL *s, long op);
\sa wolfSSL_free
\sa wolfSSL_set_options
*/
-long wolfSSL_get_options(const WOLFSSL *s);
+long wolfSSL_get_options(const WOLFSSL *ssl);
/*!
\ingroup Setup
@@ -5358,7 +5372,7 @@ long wolfSSL_get_options(const WOLFSSL *s);
\sa wolfSSL_new
\sa wolfSSL_free
*/
-long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
+long wolfSSL_set_tlsext_debug_arg(WOLFSSL *ssl, void *arg);
/*!
\ingroup openSSL
@@ -5371,7 +5385,7 @@ long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
\return 1 upon success.
\return 0 upon error.
- \param s pointer to WolfSSL struct which is created by SSL_new() function
+ \param s pointer to WOLFSSL struct which is created by SSL_new() function
\param type ssl extension type which TLSEXT_STATUSTYPE_ocsp is
only supported.
@@ -5517,7 +5531,7 @@ void wolfSSL_ERR_print_errors_cb (
\sa wolfSSL_CTX_set_psk_client_callback
*/
void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX* ctx,
- wc_psk_client_callback);
+ wc_psk_client_callback cb);
/*!
\brief Sets the PSK client side callback.
@@ -7084,7 +7098,7 @@ int wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* f, int format);
to MAX_DH_SIZE.
\param g a constant unsigned char pointer loaded into the buffer
member of the serverDH_G struct.
- \param gSz an int type representing the size of g, initialized ot
+ \param gSz an int type representing the size of g, initialized to
MAX_DH_SIZE.
_Exmaple_
@@ -13157,7 +13171,7 @@ int wolfSSL_connect(WOLFSSL* ssl);
exchange. Please note that when using protocol DTLS v1.3, the cookie
exchange is enabled by default. The Cookie holds a hash of the current
transcript so that another server process can handle the ClientHello in
- reply. The secret is used when generting the integrity check on the Cookie
+ reply. The secret is used when generating the integrity check on the Cookie
data.
\param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
@@ -13168,7 +13182,7 @@ int wolfSSL_connect(WOLFSSL* ssl);
\return BAD_FUNC_ARG if ssl is NULL or not using TLS v1.3.
\return SIDE_ERROR if called with a client.
- \return WOLFSSL_SUCCESS if succesful.
+ \return WOLFSSL_SUCCESS if successful.
\return MEMORY_ERROR if allocating dynamic memory for storing secret failed.
\return Another -ve value on internal error.
@@ -13326,7 +13340,7 @@ int wolfSSL_no_dhe_psk(WOLFSSL* ssl);
\brief This function is called on a TLS v1.3 client or server wolfSSL to
force the rollover of keys. A KeyUpdate message is sent to the peer and
new keys are calculated for encryption. The peer will send back a KeyUpdate
- message and the new decryption keys wil then be calculated.
+ message and the new decryption keys will then be calculated.
This function can only be called after a handshake has been completed.
\param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
@@ -13391,7 +13405,7 @@ int wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
\ingroup Setup
\brief This function is called on a TLS v1.3 client wolfSSL context to allow
- a client certifcate to be sent post handshake upon request from server.
+ a client certificate to be sent post handshake upon request from server.
This is useful when connecting to a web server that has some pages that
require client authentication and others that don't.
@@ -13422,7 +13436,7 @@ int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
\ingroup Setup
\brief This function is called on a TLS v1.3 client wolfSSL to allow
- a client certifcate to be sent post handshake upon request from server.
+ a client certificate to be sent post handshake upon request from server.
A Post-Handshake Client Authentication extension is sent in the ClientHello.
This is useful when connecting to a web server that has some pages that
require client authentication and others that don't.
@@ -13612,7 +13626,7 @@ int wolfSSL_preferred_group(WOLFSSL* ssl);
\param [in,out] ctx a pointer to a WOLFSSL_CTX structure, created
with wolfSSL_CTX_new().
- \param [in] groups a list of key exhange groups by identifier.
+ \param [in] groups a list of key exchange groups by identifier.
\param [in] count the number of key exchange groups in groups.
\return BAD_FUNC_ARG if a pointer parameter is null, the number of groups
@@ -13654,7 +13668,7 @@ int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
use with the TLS v1.3 connections.
\param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
- \param [in] groups a list of key exhange groups by identifier.
+ \param [in] groups a list of key exchange groups by identifier.
\param [in] count the number of key exchange groups in groups.
\return BAD_FUNC_ARG if a pointer parameter is null, the number of groups
@@ -13916,7 +13930,7 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
\sa wolfSSL_connect
\sa wolfSSL_connect_TLSv13
*/
-int wolfSSL_write_early_data(OLFSSL* ssl, const void* data,
+int wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
int sz, int* outSz);
/*!
@@ -14426,7 +14440,7 @@ int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
/*!
\ingroup SSL
\brief Sign a message with the chosen message digest, padding, and RSA key
- \return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error
+ \return WOLFSSL_SUCCESS on success and c on error
\param type Hash NID
\param m Message to sign. Most likely this will be the digest of
the message to sign
@@ -14490,6 +14504,211 @@ unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s);
int wolfSSL_CRYPTO_get_ex_new_index(int, void*, void*, void*, void*);
/*!
+ \ingroup Setup
+ \brief In case this function is called in a client side, set certificate types
+ that can be sent to its peer. In case called in a server side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509.
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+ cert type, buf size exceed MAX_CLIENT_CERT_TYPE_CNT was specified or
+ a duplicate value is found in buf.
+
+ \param ctx WOLFSSL_CTX object pointer
+ \param buf A buffer where certificate types are stored
+ \param len buf size in bytes (same as number of certificate types included)
+ _Example_
+ \code
+ int ret;
+ WOLFSSL_CTX* ctx;
+ char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(buf)/sizeof(char);
+ ...
+
+ ret = wolfSSL_CTX_set_client_cert_type(ctx, buf, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup
+ \brief In case this function is called in a server side, set certificate types
+ that can be sent to its peer. In case called in a client side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509.
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+ cert type, buf size exceed MAX_SERVER_CERT_TYPE_CNT was specified or
+ a duplicate value is found in buf.
+
+ \param ctx WOLFSSL_CTX object pointer
+ \param buf A buffer where certificate types are stored
+ \param len buf size in bytes (same as number of certificate types included)
+ _Example_
+ \code
+ int ret;
+ WOLFSSL_CTX* ctx;
+ char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(buf)/sizeof(char);
+ ...
+
+ ret = wolfSSL_CTX_set_server_cert_type(ctx, buf, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup
+ \brief In case this function is called in a client side, set certificate types
+ that can be sent to its peer. In case called in a server side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509.
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+ cert type, buf size exceed MAX_CLIENT_CERT_TYPE_CNT was specified or
+ a duplicate value is found in buf.
+
+ \param ssl WOLFSSL object pointer
+ \param buf A buffer where certificate types are stored
+ \param len buf size in bytes (same as number of certificate types included)
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(buf)/sizeof(char);
+ ...
+
+ ret = wolfSSL_set_client_cert_type(ssl, buf, len);
+ \endcode
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_client_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
+ \ingroup Setup
+ \brief In case this function is called in a server side, set certificate types
+ that can be sent to its peer. In case called in a client side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509.
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+ cert type, buf size exceed MAX_SERVER_CERT_TYPE_CNT was specified or
+ a duplicate value is found in buf.
+
+ \param ctx WOLFSSL_CTX object pointer
+ \param buf A buffer where certificate types are stored
+ \param len buf size in bytes (same as number of certificate types included)
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+ int len = sizeof(buf)/sizeof(char);
+ ...
+
+ ret = wolfSSL_set_server_cert_type(ssl, buf, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_server_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
+ \ingroup SSL
+ \brief This function returns the result of the client certificate type
+ negotiation done in ClientHello and ServerHello. WOLFSSL_SUCCESS is returned as
+ a return value if no negotiation occurs and WOLFSSL_CERT_TYPE_UNKNOWN is
+ returned as the certificate type.
+
+ \return WOLFSSL_SUCCESS if a negotiated certificate type could be got
+ \return BAD_FUNC_ARG if NULL was passed for ctx or tp
+ \param ssl WOLFSSL object pointer
+ \param tp A buffer where a certificate type is to be returned. One of three
+ certificate types will be returned: WOLFSSL_CERT_TYPE_RPK,
+ WOLFSSL_CERT_TYPE_X509 or WOLFSSL_CERT_TYPE_UNKNOWN.
+
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ int tp;
+ ...
+
+ ret = wolfSSL_get_negotiated_client_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
+ \ingroup SSL
+ \brief This function returns the result of the server certificate type
+ negotiation done in ClientHello and ServerHello. WOLFSSL_SUCCESS is returned as
+ a return value if no negotiation occurs and WOLFSSL_CERT_TYPE_UNKNOWN is
+ returned as the certificate type.
+
+ \return WOLFSSL_SUCCESS if a negotiated certificate type could be got
+ \return BAD_FUNC_ARG if NULL was passed for ctx or tp
+ \param ssl WOLFSSL object pointer
+ \param tp A buffer where a certificate type is to be returned. One of three
+ certificate types will be returned: WOLFSSL_CERT_TYPE_RPK,
+ WOLFSSL_CERT_TYPE_X509 or WOLFSSL_CERT_TYPE_UNKNOWN.
+ _Example_
+ \code
+ int ret;
+ WOLFSSL* ssl;
+ int tp;
+ ...
+
+ ret = wolfSSL_get_negotiated_server_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ */
+int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
\brief Enable use of ConnectionID extensions for the SSL object. See RFC 9146
and RFC 9147
@@ -14635,3 +14854,111 @@ available size need to be provided in bufferSz.
*/
int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
unsigned int bufferSz);
+
+/*!
+ \ingroup TLS
+
+ \brief This function returns the raw list of ciphersuites and signature
+ algorithms offered by the client. The lists are only stored and returned
+ inside a callback setup with wolfSSL_CTX_set_cert_cb(). This is useful to
+ be able to dynamically load certificates and keys based on the available
+ ciphersuites and signature algorithms.
+
+ \param [in] ssl The WOLFSSL object to extract the lists from.
+ \param [out] optional suites Raw and unfiltered list of client ciphersuites
+ \param [out] optional suiteSz Size of suites in bytes
+ \param [out] optional hashSigAlgo Raw and unfiltered list of client
+ signature algorithms
+ \param [out] optional hashSigAlgoSz Size of hashSigAlgo in bytes
+ \return WOLFSSL_SUCCESS when suites available
+ \return WOLFSSL_FAILURE when suites not available
+
+ _Example_
+ \code
+ int certCB(WOLFSSL* ssl, void* arg)
+ {
+ const byte* suites = NULL;
+ word16 suiteSz = 0;
+ const byte* hashSigAlgo = NULL;
+ word16 hashSigAlgoSz = 0;
+
+ wolfSSL_get_client_suites_sigalgs(ssl, &suites, &suiteSz, &hashSigAlgo,
+ &hashSigAlgoSz);
+
+ // Choose certificate to load based on ciphersuites and sigalgs
+ }
+
+ WOLFSSL* ctx;
+ ctx = wolfSSL_CTX_new(wolfTLSv1_3_method_ex(NULL));
+ wolfSSL_CTX_set_cert_cb(ctx, certCB, NULL);
+ \endcode
+
+ \sa wolfSSL_get_ciphersuite_info
+ \sa wolfSSL_get_sigalg_info
+*/
+int wolfSSL_get_client_suites_sigalgs(const WOLFSSL* ssl,
+ const byte** suites, word16* suiteSz,
+ const byte** hashSigAlgo, word16* hashSigAlgoSz);
+
+/*!
+ \ingroup TLS
+
+ \brief This returns information about the ciphersuite directly from the
+ raw ciphersuite bytes.
+
+ \param [in] first First byte of the ciphersuite
+ \param [in] second Second byte of the ciphersuite
+
+ \return WOLFSSL_CIPHERSUITE_INFO A struct containing information about the
+ type of authentication used in the ciphersuite.
+
+ _Example_
+ \code
+ WOLFSSL_CIPHERSUITE_INFO info =
+ wolfSSL_get_ciphersuite_info(suites[0], suites[1]);
+ if (info.rsaAuth)
+ haveRSA = 1;
+ else if (info.eccAuth)
+ haveECC = 1;
+ \endcode
+
+ \sa wolfSSL_get_client_suites_sigalgs
+ \sa wolfSSL_get_sigalg_info
+*/
+WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
+ byte second);
+
+/*!
+ \ingroup TLS
+
+ \brief This returns information about the hash and signature algorithm
+ directly from the raw ciphersuite bytes.
+
+ \param [in] first First byte of the hash and signature algorithm
+ \param [in] second Second byte of the hash and signature algorithm
+ \param [out] hashAlgo The enum wc_HashType of the MAC algorithm
+ \param [out] sigAlgo The enum Key_Sum of the authentication algorithm
+
+ \return 0 when info was correctly set
+ \return BAD_FUNC_ARG when either input paramters are NULL or the bytes
+ are not a recognized sigalg suite
+
+ _Example_
+ \code
+ enum wc_HashType hashAlgo;
+ enum Key_Sum sigAlgo;
+
+ wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1],
+ &hashAlgo, &sigAlgo);
+
+ if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
+ haveRSA = 1;
+ else if (sigAlgo == ECDSAk)
+ haveECC = 1;
+ \endcode
+
+ \sa wolfSSL_get_client_suites_sigalgs
+ \sa wolfSSL_get_ciphersuite_info
+*/
+int wolfSSL_get_sigalg_info(byte first, byte second,
+ int* hashAlgo, int* sigAlgo);
diff --git a/extra/wolfssl/wolfssl/examples/README.md b/extra/wolfssl/wolfssl/examples/README.md
index 068be8fd..bea72953 100644
--- a/extra/wolfssl/wolfssl/examples/README.md
+++ b/extra/wolfssl/wolfssl/examples/README.md
@@ -84,3 +84,9 @@ and
This directory contains example wolfSSL configuration file templates for use when autoconf is not available, such as building with a custom IDE.
See [configs/README.md](configs/README.md) for more details.
+
+## asn1
+This directory contains an example that prints the ASN.1 data of a BER/DER or PEM encoded file. Configure wolfSSL with `--enable-asn-print`.
+
+## pem
+This directory contains an example of converting to/from PEM and DER. Configure wolfSSL with `--enable-coding`
diff --git a/extra/wolfssl/wolfssl/examples/asn1/asn1.c b/extra/wolfssl/wolfssl/examples/asn1/asn1.c
index 0397a142..28e90957 100644
--- a/extra/wolfssl/wolfssl/examples/asn1/asn1.c
+++ b/extra/wolfssl/wolfssl/examples/asn1/asn1.c
@@ -30,8 +30,9 @@
#include <wolfssl/wolfcrypt/asn_public.h>
#include <wolfssl/wolfcrypt/coding.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <stdio.h>
-#ifdef WOLFSSL_ASN_PRINT
+#if defined(WOLFSSL_ASN_PRINT) && !defined(NO_FILESYSTEM)
/* Increment allocated data by this much. */
#define DATA_INC_LEN 256
@@ -59,7 +60,7 @@ static Asn1 asn1;
* @return 0 on success.
* @return 1 on failure.
*/
-static int ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
+static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
{
int ret = 0;
word32 len = 0;
@@ -91,8 +92,6 @@ static int ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
/* Set data to new pointer. */
data = p;
}
- /* Done with file. */
- fclose(fp);
}
if (data != NULL) {
@@ -120,7 +119,7 @@ static int PrintDer(FILE* fp)
unsigned char* data = NULL;
/* Load DER/BER file. */
- if (ReadFile(fp, &data, &len) != 0) {
+ if (asn1App_ReadFile(fp, &data, &len) != 0) {
ret = 1;
}
@@ -147,7 +146,7 @@ static int PrintBase64(FILE* fp)
unsigned char* data = NULL;
/* Load Base64 encoded file. */
- if (ReadFile(fp, &data, &len) != 0) {
+ if (asn1App_ReadFile(fp, &data, &len) != 0) {
ret = 1;
}
@@ -227,7 +226,7 @@ static int FindPem(unsigned char* data, word32 offset, word32 len,
}
if (ret == 0) {
- /* Return start and end indeces. */
+ /* Return start and end indices. */
*start = i;
*end = j;
}
@@ -250,7 +249,7 @@ static int PrintPem(FILE* fp, int pem_skip)
word32 len = 0;
/* Load PEM file. */
- if (ReadFile(fp, &data, &len) != 0) {
+ if (asn1App_ReadFile(fp, &data, &len) != 0) {
ret = 1;
}
@@ -283,7 +282,7 @@ static int PrintPem(FILE* fp, int pem_skip)
/* Usage lines to show. */
const char* usage[] = {
- "asn1 [OPTOIN]... [FILE]",
+ "asn1 [OPTION]... [FILE]",
"Display a human-readable version of a DER/BER encoding.",
"",
"Options:",
@@ -317,8 +316,8 @@ static void Usage(void)
/* Main entry of ASN.1 printing program.
*
- * @param [in] argc Count of command line argements.
- * @param [in] argv Command line argements.
+ * @param [in] argc Count of command line arguments.
+ * @param [in] argv Command line arguments.
* @return 0 on success.
* @return 1 on failure.
*/
@@ -328,7 +327,7 @@ int main(int argc, char* argv[])
/* Default to reading STDIN. */
FILE* fp = stdin;
int file_format = FORMAT_DER;
- int indent = 0;
+ word32 indent = 0;
int pem_skip = 0;
/* Reset options. */
@@ -375,7 +374,7 @@ int main(int argc, char* argv[])
argc--;
argv++;
wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_LENGTH,
- atoi(argv[0]));
+ (word32)atoi(argv[0]));
}
/* Do not show text representations of ASN.1 item data. */
else if ((strcmp(argv[0], "-n") == 0) ||
@@ -397,7 +396,7 @@ int main(int argc, char* argv[])
argc--;
argv++;
wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_OFFSET,
- atoi(argv[0]));
+ (word32)atoi(argv[0]));
}
/* Show wolfSSL OID value for all OBJECT_IDs. */
else if ((strcmp(argv[0], "-O") == 0) ||
@@ -430,7 +429,7 @@ int main(int argc, char* argv[])
Usage();
return 0;
}
- /* Unknown option dectection. */
+ /* Unknown option detection. */
else if (argv[0][0] == '-') {
fprintf(stderr, "Bad option: %s\n", argv[0]);
Usage();
@@ -469,6 +468,10 @@ int main(int argc, char* argv[])
if (ret != 0) {
fprintf(stderr, "%s\n", wc_GetErrorString(ret));
}
+
+ if (fp != stdin) {
+ fclose(fp);
+ }
return (ret == 0) ? 0 : 1;
}
@@ -476,8 +479,8 @@ int main(int argc, char* argv[])
/* Main entry of ASN.1 printing program.
*
- * @param [in] argc Count of command line argements.
- * @param [in] argv Command line argements.
+ * @param [in] argc Count of command line arguments.
+ * @param [in] argv Command line arguments.
* @return 0 on success.
* @return 1 on failure.
*/
@@ -485,10 +488,9 @@ int main(int argc, char* argv[])
{
(void)argc;
(void)argv;
- fprintf(stderr, "ASN.1 Parsing and Printing not compiled in.\n");
+ fprintf(stderr, "ASN.1 Parsing and Printing or file system not compiled"
+ " in.\n");
return 0;
}
-#endif
-
-
+#endif /* WOLFSSL_ASN_PRINT && !defined(NO_FILESYSTEM)*/
diff --git a/extra/wolfssl/wolfssl/examples/async/README.md b/extra/wolfssl/wolfssl/examples/async/README.md
new file mode 100644
index 00000000..2f7e5f5a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/README.md
@@ -0,0 +1,34 @@
+# wolfSSL Asynchronous Cryptography support
+
+Supported with:
+* Intel QuickAssist
+* Marvell (Cavium) Nitrox
+* Crypto Callbacks (`--enable-cryptocb`)
+* PK Callbacks (`--enable-pkcallbacks`)
+
+Requires files from https://github.com/wolfSSL/wolfAsyncCrypt
+See `async-check.sh` for how to setup.
+
+Tested with:
+* `./configure --enable-asynccrypt --enable-rsa --disable-ecc`
+* `./configure --enable-asynccrypt --disable-rsa --enable-ecc`
+* `./configure --enable-asynccrypt --enable-cryptocb --enable-rsa --disable-ecc`
+* `./configure --enable-asynccrypt --enable-cryptocb --disable-rsa --enable-ecc`
+* `./configure --enable-asynccrypt --enable-pkcallbacks --enable-rsa --disable-ecc`
+* `./configure --enable-asynccrypt --enable-pkcallbacks --disable-rsa --enable-ecc`
+
+```
+make
+./examples/async/async_server
+./examples/async/async_client 127.0.0.1
+```
+
+## Asynchronous Cryptography Design
+
+When a cryptogaphic call is handed off to hardware it return `WC_PENDING_E` up to caller. Then it can keep calling until the operation completes. For some platforms it is required to call `wolfSSL_AsyncPoll`. At the TLS layer a "devId" (Device ID) must be set using `wolfSSL_CTX_SetDevId` to indicate desire to offload cryptography.
+
+For further design details please see: https://github.com/wolfSSL/wolfAsyncCrypt#design
+
+## Support
+
+For questions please email support@wolfssl.com
diff --git a/extra/wolfssl/wolfssl/examples/async/async_client.c b/extra/wolfssl/wolfssl/examples/async/async_client.c
new file mode 100644
index 00000000..a0df6a14
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/async_client.c
@@ -0,0 +1,277 @@
+/* async_client.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* TLS client demonstrating asynchronous cryptography features and optionally
+ * using the crypto or PK callbacks */
+
+/* std */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+/* socket */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+/* wolfSSL */
+#ifndef WOLFSSL_USER_SETTINGS
+ #include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfio.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include "examples/async/async_tls.h"
+
+/* Test certificates and keys for RSA and ECC */
+#ifndef NO_RSA
+ #define CERT_FILE "./certs/client-cert.pem"
+ #define KEY_FILE "./certs/client-key.pem"
+ #define CA_FILE "./certs/ca-cert.pem"
+#elif defined(HAVE_ECC)
+ #define CERT_FILE "./certs/client-ecc-cert.pem"
+ #define KEY_FILE "./certs/ecc-client-key.pem"
+ #define CA_FILE "./certs/ca-ecc-cert.pem"
+#else
+ #error No authentication algorithm (ECC/RSA)
+#endif
+
+int client_async_test(int argc, char** argv)
+{
+ int ret = 0;
+ int sockfd = SOCKET_INVALID;
+ struct sockaddr_in servAddr;
+ char buff[TEST_BUF_SZ];
+ size_t len;
+ int devId = 1; /* anything besides -2 (INVALID_DEVID) */
+#ifdef WOLF_CRYPTO_CB
+ AsyncTlsCryptoCbCtx myCtx;
+#endif
+ int err;
+ char errBuff[WOLFSSL_MAX_ERROR_SZ];
+
+ /* declare wolfSSL objects */
+ WOLFSSL_CTX* ctx = NULL;
+ WOLFSSL* ssl = NULL;
+
+ /* Check for proper calling convention */
+ if (argc != 2) {
+ printf("usage: %s <IPv4 address>\n", argv[0]);
+ return 0;
+ }
+
+ /* Create a socket that uses an internet IPv4 address,
+ * Sets the socket to be stream based (TCP),
+ * 0 means choose the default protocol. */
+ if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+ fprintf(stderr, "ERROR: failed to create the socket\n");
+ ret = -1; goto exit;
+ }
+
+ /* Initialize the server address struct with zeros */
+ memset(&servAddr, 0, sizeof(servAddr));
+
+ /* Fill in the server address */
+ servAddr.sin_family = AF_INET; /* using IPv4 */
+ servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+
+ /* Get the server IPv4 address from the command line call */
+ if (inet_pton(AF_INET, argv[1], &servAddr.sin_addr) != 1) {
+ fprintf(stderr, "ERROR: invalid address\n");
+ ret = -1; goto exit;
+ }
+
+ /* Connect to the server */
+ if ((ret = connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr)))
+ == -1) {
+ fprintf(stderr, "ERROR: failed to connect\n");
+ goto exit;
+ }
+
+ /*---------------------------------*/
+ /* Start of wolfSSL initialization and configuration */
+ /*---------------------------------*/
+#ifdef DEBUG_WOLFSSL
+ wolfSSL_Debugging_ON();
+#endif
+
+ /* Initialize wolfSSL */
+ if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: Failed to initialize the library\n");
+ goto exit;
+ }
+
+ /* Create and initialize WOLFSSL_CTX */
+ if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
+ fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
+ ret = -1; goto exit;
+ }
+
+#ifdef WOLF_CRYPTO_CB
+ XMEMSET(&myCtx, 0, sizeof(myCtx));
+ /* register a devID for crypto callbacks */
+ ret = wc_CryptoCb_RegisterDevice(devId, AsyncTlsCryptoCb, &myCtx);
+ if (ret != 0) {
+ fprintf(stderr, "wc_CryptoCb_RegisterDevice: error %d", ret);
+ goto exit;
+ }
+#endif
+ /* register a devID for crypto callbacks */
+ wolfSSL_CTX_SetDevId(ctx, devId);
+
+ /* Load client certificate into WOLFSSL_CTX */
+ if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM))
+ != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+ CERT_FILE);
+ goto exit;
+ }
+
+ /* Load client key into WOLFSSL_CTX */
+ if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM))
+ != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+ KEY_FILE);
+ goto exit;
+ }
+
+ /* Load CA certificate into WOLFSSL_CTX */
+ if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL))
+ != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+ CA_FILE);
+ goto exit;
+ }
+
+ /* Create a WOLFSSL object */
+ if ((ssl = wolfSSL_new(ctx)) == NULL) {
+ fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
+ ret = -1; goto exit;
+ }
+
+ /* Attach wolfSSL to the socket */
+ if ((ret = wolfSSL_set_fd(ssl, sockfd)) != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: Failed to set the file descriptor\n");
+ goto exit;
+ }
+
+ /* Connect to wolfSSL on the server side */
+#ifdef WOLFSSL_ASYNC_CRYPT
+ err = 0; /* Reset error */
+#endif
+ do {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (err == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ if (ret < 0)
+ break;
+ }
+ #endif
+ ret = wolfSSL_connect(ssl);
+ err = wolfSSL_get_error(ssl, 0);
+ } while (err == WC_PENDING_E);
+ if (ret != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "wolfSSL_connect error %d: %s\n",
+ err, wolfSSL_ERR_error_string(err, errBuff));
+ goto exit;
+ }
+
+ /* Get a message for the server from stdin */
+ printf("Message for server: ");
+ memset(buff, 0, sizeof(buff));
+ if (fgets(buff, sizeof(buff), stdin) == NULL) {
+ fprintf(stderr, "ERROR: failed to get message for server\n");
+ ret = -1; goto exit;
+ }
+ len = strnlen(buff, sizeof(buff));
+
+ /* Send the message to the server */
+#ifdef WOLFSSL_ASYNC_CRYPT
+ err = 0; /* Reset error */
+#endif
+ do {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (err == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ if (ret < 0)
+ break;
+ }
+ #endif
+ ret = wolfSSL_write(ssl, buff, (int)len);
+ err = wolfSSL_get_error(ssl, 0);
+ } while (err == WC_PENDING_E);
+ if (ret != (int)len) {
+ fprintf(stderr, "wolfSSL_write error %d: %s\n",
+ err, wolfSSL_ERR_error_string(err, errBuff));
+ goto exit;
+ }
+
+ /* Read the server data into our buff array */
+ memset(buff, 0, sizeof(buff));
+#ifdef WOLFSSL_ASYNC_CRYPT
+ err = 0; /* Reset error */
+#endif
+ do {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (err == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ if (ret < 0)
+ break;
+ }
+ #endif
+ ret = wolfSSL_read(ssl, buff, sizeof(buff)-1);
+ err = wolfSSL_get_error(ssl, 0);
+ } while (err == WC_PENDING_E);
+ if (ret < 0) {
+ fprintf(stderr, "wolfSSL_read error %d: %s\n",
+ err, wolfSSL_ERR_error_string(err, errBuff));
+ goto exit;
+ }
+
+ /* Print to stdout any data the server sends */
+ printf("Server: %s\n", buff);
+
+ /* Return reporting a success */
+ ret = 0;
+
+exit:
+ /* Cleanup and return */
+ if (sockfd != SOCKET_INVALID)
+ close(sockfd); /* Close the connection to the server */
+ if (ssl)
+ wolfSSL_free(ssl); /* Free the wolfSSL object */
+ if (ctx)
+ wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
+ wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
+
+ (void)argc;
+ (void)argv;
+
+ return ret;
+}
+
+#ifndef NO_MAIN_DRIVER
+int main(int argc, char** argv)
+{
+ return client_async_test(argc, argv);
+}
+#endif /* !NO_MAIN_DRIVER */
diff --git a/extra/wolfssl/wolfssl/examples/async/async_server.c b/extra/wolfssl/wolfssl/examples/async/async_server.c
new file mode 100644
index 00000000..41eaae86
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/async_server.c
@@ -0,0 +1,363 @@
+/* async_server.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* TLS server demonstrating asynchronous cryptography features and optionally
+ * using the crypto or PK callbacks */
+
+/* std */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+/* socket */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+#define HAVE_SIGNAL
+#ifdef HAVE_SIGNAL
+#include <signal.h> /* for catching ctrl+c */
+#endif
+
+/* wolfSSL */
+#ifndef WOLFSSL_USER_SETTINGS
+ #include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfio.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include "examples/async/async_tls.h"
+
+/* Test certificates and keys for RSA and ECC */
+#ifndef NO_RSA
+ #define CERT_FILE "./certs/server-cert.pem"
+ #define KEY_FILE "./certs/server-key.pem"
+ #define CA_FILE "./certs/client-cert.pem"
+#elif defined(HAVE_ECC)
+ #define CERT_FILE "./certs/server-ecc.pem"
+ #define KEY_FILE "./certs/ecc-key.pem"
+ #define CA_FILE "./certs/client-ecc-cert.pem"
+#else
+ #error No authentication algorithm (ECC/RSA)
+#endif
+
+static int mSockfd = SOCKET_INVALID;
+static int mConnd = SOCKET_INVALID;
+static int mShutdown = 0;
+
+#ifdef HAVE_SIGNAL
+static void sig_handler(const int sig)
+{
+#ifdef DEBUG_WOLFSSL
+ fprintf(stderr, "SIGINT handled = %d.\n", sig);
+#else
+ (void)sig;
+#endif
+
+ mShutdown = 1;
+ if (mConnd != SOCKET_INVALID) {
+ close(mConnd); /* Close the connection to the client */
+ mConnd = SOCKET_INVALID;
+ }
+ if (mSockfd != SOCKET_INVALID) {
+ close(mSockfd); /* Close the socket listening for clients */
+ mSockfd = SOCKET_INVALID;
+ }
+}
+#endif
+
+int server_async_test(int argc, char** argv)
+{
+ int ret = 0;
+ struct sockaddr_in servAddr;
+ struct sockaddr_in clientAddr;
+ socklen_t size = sizeof(clientAddr);
+ char buff[TEST_BUF_SZ];
+ size_t len;
+ const char* reply = "I hear ya fa shizzle!\n";
+ int on;
+ int devId = 1; /* anything besides -2 (INVALID_DEVID) */
+#ifdef WOLF_CRYPTO_CB
+ AsyncTlsCryptoCbCtx myCtx;
+#endif
+ int err;
+ char errBuff[WOLFSSL_MAX_ERROR_SZ];
+
+ /* declare wolfSSL objects */
+ WOLFSSL_CTX* ctx = NULL;
+ WOLFSSL* ssl = NULL;
+
+#ifdef HAVE_SIGNAL
+ if ((signal(SIGINT, sig_handler)) == SIG_ERR) {
+ fprintf(stderr, "ERROR: failed to listen to SIGINT (errno: %d)\n",errno);
+ goto exit;
+ }
+#endif
+
+ /* Initialize the server address struct with zeros */
+ memset(&servAddr, 0, sizeof(servAddr));
+
+ /* Fill in the server address */
+ servAddr.sin_family = AF_INET; /* using IPv4 */
+ servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+ servAddr.sin_addr.s_addr = INADDR_ANY; /* from anywhere */
+
+
+ /* Create a socket that uses an internet IPv4 address,
+ * Sets the socket to be stream based (TCP),
+ * 0 means choose the default protocol. */
+ if ((mSockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+ fprintf(stderr, "ERROR: failed to create the socket\n");
+ goto exit;
+ }
+
+ /* make sure server is setup for reuse addr/port */
+ on = 1;
+ if (setsockopt(mSockfd, SOL_SOCKET, SO_REUSEADDR,
+ (char*)&on, (socklen_t)sizeof(on)) != 0) {
+ fprintf(stderr, "ERROR: failed to set SO_REUSEADDR (errno: %d)\n",errno);
+ goto exit;
+ }
+#ifdef SO_REUSEPORT
+ if (setsockopt(mSockfd, SOL_SOCKET, SO_REUSEPORT,
+ (char*)&on, (socklen_t)sizeof(on)) != 0) {
+ fprintf(stderr, "ERROR: failed to set SO_REUSEPORT (errno: %d)\n",errno);
+ goto exit;
+ }
+#endif
+
+ /* Bind the server socket to our port */
+ if (bind(mSockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
+ fprintf(stderr, "ERROR: failed to bind\n");
+ goto exit;
+ }
+
+ /* Listen for a new connection, allow 5 pending connections */
+ if (listen(mSockfd, 5) == -1) {
+ fprintf(stderr, "ERROR: failed to listen\n");
+ goto exit;
+ }
+
+ /*---------------------------------*/
+ /* Start of wolfSSL initialization and configuration */
+ /*---------------------------------*/
+#ifdef DEBUG_WOLFSSL
+ wolfSSL_Debugging_ON();
+#endif
+
+ /* Initialize wolfSSL */
+ if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: Failed to initialize the library\n");
+ goto exit;
+ }
+
+ /* Create and initialize WOLFSSL_CTX */
+ if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
+ fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
+ ret = -1;
+ goto exit;
+ }
+
+#ifdef WOLF_CRYPTO_CB
+ XMEMSET(&myCtx, 0, sizeof(myCtx));
+ /* register a devID for crypto callbacks */
+ ret = wc_CryptoCb_RegisterDevice(devId, AsyncTlsCryptoCb, &myCtx);
+ if (ret != 0) {
+ fprintf(stderr, "wc_CryptoCb_RegisterDevice: error %d", ret);
+ goto exit;
+ }
+#endif
+
+ /* register a devID for crypto callbacks */
+ wolfSSL_CTX_SetDevId(ctx, devId);
+
+ /* Require mutual authentication */
+ wolfSSL_CTX_set_verify(ctx,
+ WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
+
+ /* Load server certificates into WOLFSSL_CTX */
+ if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE,
+ WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+ CERT_FILE);
+ goto exit;
+ }
+
+ /* Load server key into WOLFSSL_CTX */
+ if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE,
+ WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+ KEY_FILE);
+ goto exit;
+ }
+
+ /* Load client certificate as "trusted" into WOLFSSL_CTX */
+ if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL))
+ != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+ CA_FILE);
+ goto exit;
+ }
+
+ /* Continue to accept clients until mShutdown is issued */
+ while (!mShutdown) {
+ printf("Waiting for a connection...\n");
+
+ /* Accept client connections */
+ if ((mConnd = accept(mSockfd, (struct sockaddr*)&clientAddr, &size))
+ == -1) {
+ fprintf(stderr, "ERROR: failed to accept the connection\n\n");
+ ret = -1; goto exit;
+ }
+
+ /* Create a WOLFSSL object */
+ if ((ssl = wolfSSL_new(ctx)) == NULL) {
+ fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
+ ret = -1; goto exit;
+ }
+
+ /* Attach wolfSSL to the socket */
+ wolfSSL_set_fd(ssl, mConnd);
+
+ /* Establish TLS connection */
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ err = 0; /* Reset error */
+ #endif
+ do {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (err == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ if (ret < 0)
+ break;
+ }
+ #endif
+ ret = wolfSSL_accept(ssl);
+ err = wolfSSL_get_error(ssl, 0);
+ } while (err == WC_PENDING_E);
+ if (ret != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "wolfSSL_accept error %d: %s\n",
+ err, wolfSSL_ERR_error_string(err, errBuff));
+ goto exit;
+ }
+
+
+ printf("Client connected successfully\n");
+
+ /* Read the client data into our buff array */
+ memset(buff, 0, sizeof(buff));
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ err = 0; /* Reset error */
+ #endif
+ do {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (err == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ if (ret < 0)
+ break;
+ }
+ #endif
+ ret = wolfSSL_read(ssl, buff, sizeof(buff)-1);
+ err = wolfSSL_get_error(ssl, 0);
+ } while (err == WC_PENDING_E);
+ if (ret < 0) {
+ fprintf(stderr, "wolfSSL_read error %d: %s\n",
+ err, wolfSSL_ERR_error_string(err, errBuff));
+ goto exit;
+ }
+
+ /* Print to stdout any data the client sends */
+ printf("Client: %s\n", buff);
+
+ /* Check for server shutdown command */
+ if (strncmp(buff, "shutdown", 8) == 0) {
+ printf("Shutdown command issued!\n");
+ mShutdown = 1;
+ }
+
+ /* Write our reply into buff */
+ memset(buff, 0, sizeof(buff));
+ memcpy(buff, reply, strlen(reply));
+ len = strnlen(buff, sizeof(buff));
+
+ /* Reply back to the client */
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ err = 0; /* Reset error */
+ #endif
+ do {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (err == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ if (ret < 0)
+ break;
+ }
+ #endif
+ ret = wolfSSL_write(ssl, buff, (int)len);
+ err = wolfSSL_get_error(ssl, 0);
+ } while (err == WC_PENDING_E);
+ if (ret != (int)len) {
+ fprintf(stderr, "wolfSSL_write error %d: %s\n",
+ err, wolfSSL_ERR_error_string(err, errBuff));
+ goto exit;
+ }
+
+ /* Cleanup after this connection */
+ wolfSSL_shutdown(ssl);
+ if (ssl) {
+ wolfSSL_free(ssl); /* Free the wolfSSL object */
+ ssl = NULL;
+ }
+ if (mConnd != SOCKET_INVALID) {
+ close(mConnd); /* Close the connection to the client */
+ mConnd = SOCKET_INVALID;
+ }
+ }
+
+ printf("Shutdown complete\n");
+
+exit:
+ /* Cleanup and return */
+ if (ssl)
+ wolfSSL_free(ssl); /* Free the wolfSSL object */
+ if (mConnd != SOCKET_INVALID) {
+ close(mConnd); /* Close the connection to the client */
+ mConnd = SOCKET_INVALID;
+ }
+ if (mSockfd != SOCKET_INVALID) {
+ close(mSockfd); /* Close the socket listening for clients */
+ mSockfd = SOCKET_INVALID;
+ }
+ if (ctx)
+ wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object */
+ wolfSSL_Cleanup(); /* Cleanup the wolfSSL environment */
+
+ (void)argc;
+ (void)argv;
+
+ return ret;
+}
+
+#ifndef NO_MAIN_DRIVER
+int main(int argc, char** argv)
+{
+ return server_async_test(argc, argv);
+}
+#endif /* !NO_MAIN_DRIVER */
diff --git a/extra/wolfssl/wolfssl/examples/async/async_tls.c b/extra/wolfssl/wolfssl/examples/async/async_tls.c
new file mode 100644
index 00000000..1d4f68d5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/async_tls.c
@@ -0,0 +1,158 @@
+/* async-tls.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS
+#include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfio.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include "examples/async/async_tls.h"
+
+/* ---------------------------------------------------------------------------*/
+/* --- Example Crypto Callback --- */
+/* ---------------------------------------------------------------------------*/
+#ifdef WOLF_CRYPTO_CB
+
+/* Example custom context for crypto callback */
+#ifndef TEST_PEND_COUNT
+#define TEST_PEND_COUNT 2
+#endif
+
+/* Example crypto dev callback function that calls software version */
+/* This is where you would plug-in calls to your own hardware crypto */
+int AsyncTlsCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
+{
+ int ret = CRYPTOCB_UNAVAILABLE; /* return this to bypass HW and use SW */
+ AsyncTlsCryptoCbCtx* myCtx = (AsyncTlsCryptoCbCtx*)ctx;
+
+ if (info == NULL)
+ return BAD_FUNC_ARG;
+
+#ifdef DEBUG_CRYPTOCB
+ wc_CryptoCb_InfoString(info);
+#endif
+
+ if (info->algo_type == WC_ALGO_TYPE_PK) {
+#ifdef WOLFSSL_ASYNC_CRYPT
+ /* Test pending response */
+ if (info->pk.type == WC_PK_TYPE_RSA ||
+ info->pk.type == WC_PK_TYPE_EC_KEYGEN ||
+ info->pk.type == WC_PK_TYPE_ECDSA_SIGN ||
+ info->pk.type == WC_PK_TYPE_ECDSA_VERIFY ||
+ info->pk.type == WC_PK_TYPE_ECDH)
+ {
+ if (myCtx->pendingCount++ < TEST_PEND_COUNT) return WC_PENDING_E;
+ myCtx->pendingCount = 0;
+ }
+#endif
+
+ #ifndef NO_RSA
+ if (info->pk.type == WC_PK_TYPE_RSA) {
+ /* set devId to invalid, so software is used */
+ info->pk.rsa.key->devId = INVALID_DEVID;
+
+ switch (info->pk.rsa.type) {
+ case RSA_PUBLIC_ENCRYPT:
+ case RSA_PUBLIC_DECRYPT:
+ /* perform software based RSA public op */
+ ret = wc_RsaFunction(
+ info->pk.rsa.in, info->pk.rsa.inLen,
+ info->pk.rsa.out, info->pk.rsa.outLen,
+ info->pk.rsa.type, info->pk.rsa.key, info->pk.rsa.rng);
+ break;
+ case RSA_PRIVATE_ENCRYPT:
+ case RSA_PRIVATE_DECRYPT:
+ /* perform software based RSA private op */
+ ret = wc_RsaFunction(
+ info->pk.rsa.in, info->pk.rsa.inLen,
+ info->pk.rsa.out, info->pk.rsa.outLen,
+ info->pk.rsa.type, info->pk.rsa.key, info->pk.rsa.rng);
+ break;
+ }
+
+ /* reset devId */
+ info->pk.rsa.key->devId = devIdArg;
+ }
+ #endif
+ #ifdef HAVE_ECC
+ if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) {
+ /* set devId to invalid, so software is used */
+ info->pk.eckg.key->devId = INVALID_DEVID;
+
+ ret = wc_ecc_make_key_ex(info->pk.eckg.rng, info->pk.eckg.size,
+ info->pk.eckg.key, info->pk.eckg.curveId);
+
+ /* reset devId */
+ info->pk.eckg.key->devId = devIdArg;
+ }
+ else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
+ /* set devId to invalid, so software is used */
+ info->pk.eccsign.key->devId = INVALID_DEVID;
+
+ ret = wc_ecc_sign_hash(
+ info->pk.eccsign.in, info->pk.eccsign.inlen,
+ info->pk.eccsign.out, info->pk.eccsign.outlen,
+ info->pk.eccsign.rng, info->pk.eccsign.key);
+
+ /* reset devId */
+ info->pk.eccsign.key->devId = devIdArg;
+ }
+ else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
+ /* set devId to invalid, so software is used */
+ info->pk.eccverify.key->devId = INVALID_DEVID;
+
+ ret = wc_ecc_verify_hash(
+ info->pk.eccverify.sig, info->pk.eccverify.siglen,
+ info->pk.eccverify.hash, info->pk.eccverify.hashlen,
+ info->pk.eccverify.res, info->pk.eccverify.key);
+
+ /* reset devId */
+ info->pk.eccverify.key->devId = devIdArg;
+ }
+ else if (info->pk.type == WC_PK_TYPE_ECDH) {
+ /* set devId to invalid, so software is used */
+ info->pk.ecdh.private_key->devId = INVALID_DEVID;
+
+ ret = wc_ecc_shared_secret(
+ info->pk.ecdh.private_key, info->pk.ecdh.public_key,
+ info->pk.ecdh.out, info->pk.ecdh.outlen);
+
+ /* reset devId */
+ info->pk.ecdh.private_key->devId = devIdArg;
+ }
+ #endif /* HAVE_ECC */
+ }
+
+ (void)devIdArg;
+ (void)myCtx;
+
+ return ret;
+}
+#endif /* WOLF_CRYPTO_CB */
+
+/* ---------------------------------------------------------------------------*/
+/* --- Example PK (Public Key) Callback --- */
+/* ---------------------------------------------------------------------------*/
+#ifdef HAVE_PK_CALLBACKS
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dh.h b/extra/wolfssl/wolfssl/examples/async/async_tls.h
index 3d8bbc41..d5403e24 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dh.h
+++ b/extra/wolfssl/wolfssl/examples/async/async_tls.h
@@ -1,4 +1,4 @@
-/* dh.h
+/* async-tls.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -20,23 +20,23 @@
*/
+#ifndef WOLFSSL_ASYNC_TLS_EXAMPLES_H
+#define WOLFSSL_ASYNC_TLS_EXAMPLES_H
-#ifndef NO_DH
+#define DEFAULT_PORT 11111
+#define TEST_BUF_SZ 256
-#ifndef CTAO_CRYPT_DH_H
-#define CTAO_CRYPT_DH_H
+#ifdef WOLF_CRYPTO_CB
+/* Example custom context for crypto callback */
+typedef struct {
+ int pendingCount; /* track pending tries test count */
+} AsyncTlsCryptoCbCtx;
+int AsyncTlsCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx);
+#endif /* WOLF_CRYPTO_CB */
-/* for dh reverse compatibility */
-#include <wolfssl/wolfcrypt/dh.h>
-#define InitDhKey wc_InitDhKey
-#define FreeDhKey wc_FreeDhKey
-#define DhGenerateKeyPair wc_DhGenerateKeyPair
-#define DhAgree wc_DhAgree
-#define DhKeyDecode wc_DhKeyDecode
-#define DhSetKey wc_DhSetKey
-#define DhParamsLoad wc_DhParamsLoad
-#endif /* CTAO_CRYPT_DH_H */
+int client_async_test(int argc, char** argv);
+int server_async_test(int argc, char** argv);
-#endif /* NO_DH */
+#endif /* WOLFSSL_ASYNC_TLS_EXAMPLES_H */
diff --git a/extra/wolfssl/wolfssl/examples/async/include.am b/extra/wolfssl/wolfssl/examples/async/include.am
new file mode 100644
index 00000000..b8a61175
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/include.am
@@ -0,0 +1,24 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+if BUILD_ASYNCCRYPT
+noinst_HEADERS += examples/async/async_tls.h
+
+noinst_PROGRAMS += examples/async/async_client
+examples_async_async_client_SOURCES = examples/async/async_client.c examples/async/async_tls.c
+examples_async_async_client_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
+examples_async_async_client_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
+examples_async_async_client_CFLAGS = $(AM_CFLAGS)
+
+noinst_PROGRAMS += examples/async/async_server
+examples_async_async_server_SOURCES = examples/async/async_server.c examples/async/async_tls.c
+examples_async_async_server_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
+examples_async_async_server_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
+examples_async_async_server_CFLAGS = $(AM_CFLAGS)
+endif
+
+dist_example_DATA+= examples/async/async_server.c
+dist_example_DATA+= examples/async/async_client.c
+DISTCLEANFILES+= examples/async/.libs/async_server
+DISTCLEANFILES+= examples/async/.libs/async_client
+EXTRA_DIST += examples/async/README.md
diff --git a/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c b/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c
index de384cb2..8289d6a7 100644
--- a/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c
+++ b/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c
@@ -40,6 +40,8 @@ Or
#include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/hash.h> /* WC_MAX_DIGEST_SIZE */
#include <wolfssl/test.h>
@@ -60,18 +62,31 @@ Or
#include <sys/time.h>
#include <errno.h>
-/* For testing no pthread support */
+/* For testing no threading support */
#if 0
#undef HAVE_PTHREAD
+ #define SINGLE_THREADED
#endif
/* PTHREAD requires server and client enabled */
-#if defined(HAVE_PTHREAD) && (defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER))
- #undef HAVE_PTHREAD
+#if defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER)
+ #if !defined(SINGLE_THREADED)
+ #ifdef __GNUC__ /* GCC compiler */
+ #pragma message "PTHREAD requires server and client enabled."
+ #elif defined(_MSC_VER) /* Microsoft Visual C++ compiler */
+ #pragma message("PTHREAD requires server and client enabled.")
+ #else
+ #warning "PTHREAD requires server and client enabled."
+ #endif
+ #define SINGLE_THREADED
+ #endif
#endif
-
-#ifdef HAVE_PTHREAD
- #include <pthread.h>
+/* Conversely, if both server and client are enabled, we must require pthreads */
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) \
+ && defined(SINGLE_THREADED)
+ #error "threads must be enabled if building benchmark suite \
+to run both client and server. Please define HAVE_PTHREAD if your \
+platform supports it"
#endif
#if 0
@@ -284,7 +299,7 @@ static struct group_info groups[] = {
};
#endif /* WOLFSSL_TLS13 && HAVE_SUPPORTED_CURVES */
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
typedef struct {
unsigned char buf[MEM_BUFFER_SZ];
int write_bytes;
@@ -292,9 +307,7 @@ typedef struct {
int read_bytes;
int read_idx;
- pthread_t tid;
- pthread_mutex_t mutex;
- pthread_cond_t cond;
+ COND_TYPE cond;
int done;
} memBuf_t;
@@ -332,17 +345,17 @@ typedef struct {
int doDTLS;
struct sockaddr_in serverAddr;
struct sockaddr_in clientAddr;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
int serverReady;
int clientOrserverOnly;
- pthread_mutex_t dtls_mutex;
- pthread_cond_t dtls_cond;
+ wolfSSL_Mutex dtls_mutex;
+ COND_TYPE dtls_cond;
#endif
#endif
side_t client;
side_t server;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
int useLocalMem;
/* client messages to server in memory */
@@ -380,16 +393,16 @@ static double gettime_secs(int reset)
}
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
/* server send callback */
static int ServerMemSend(info_t* info, char* buf, int sz)
{
- PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_client.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_client.cond));
#ifndef BENCH_USE_NONBLOCK
/* check for overflow */
if (info->to_client.write_idx + sz > MEM_BUFFER_SZ) {
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_client.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
fprintf(stderr, "ServerMemSend overflow\n");
return -1;
}
@@ -403,8 +416,8 @@ static int ServerMemSend(info_t* info, char* buf, int sz)
info->to_client.write_idx += sz;
info->to_client.write_bytes += sz;
- PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_client.cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_client.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_client.cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
#ifdef BENCH_USE_NONBLOCK
if (sz == 0) {
@@ -417,13 +430,12 @@ static int ServerMemSend(info_t* info, char* buf, int sz)
/* server recv callback */
static int ServerMemRecv(info_t* info, char* buf, int sz)
{
- PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_server.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_server.cond));
#ifndef BENCH_USE_NONBLOCK
while (info->to_server.write_idx - info->to_server.read_idx < sz &&
!info->to_client.done) {
- PTHREAD_CHECK_RET(pthread_cond_wait(&info->to_server.cond,
- &info->to_server.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondWait(&info->to_server.cond));
}
#else
if (info->to_server.write_idx - info->to_server.read_idx < sz) {
@@ -441,7 +453,7 @@ static int ServerMemRecv(info_t* info, char* buf, int sz)
info->to_server.write_bytes = info->to_server.write_idx = 0;
}
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_server.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
if (info->to_client.done != 0) {
return -1;
@@ -458,14 +470,14 @@ static int ServerMemRecv(info_t* info, char* buf, int sz)
/* client send callback */
static int ClientMemSend(info_t* info, char* buf, int sz)
{
- PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_server.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_server.cond));
#ifndef BENCH_USE_NONBLOCK
/* check for overflow */
if (info->to_server.write_idx + sz > MEM_BUFFER_SZ) {
fprintf(stderr, "ClientMemSend overflow %d %d %d\n",
info->to_server.write_idx, sz, MEM_BUFFER_SZ);
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_server.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
return -1;
}
#else
@@ -478,8 +490,8 @@ static int ClientMemSend(info_t* info, char* buf, int sz)
info->to_server.write_idx += sz;
info->to_server.write_bytes += sz;
- PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_server.cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_server.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_server.cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
#ifdef BENCH_USE_NONBLOCK
if (sz == 0) {
@@ -492,13 +504,12 @@ static int ClientMemSend(info_t* info, char* buf, int sz)
/* client recv callback */
static int ClientMemRecv(info_t* info, char* buf, int sz)
{
- PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_client.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_client.cond));
#ifndef BENCH_USE_NONBLOCK
while (info->to_client.write_idx - info->to_client.read_idx < sz &&
!info->to_server.done) {
- PTHREAD_CHECK_RET(pthread_cond_wait(&info->to_client.cond,
- &info->to_client.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondWait(&info->to_client.cond));
}
#else
if (info->to_client.write_idx - info->to_client.read_idx < sz) {
@@ -516,7 +527,7 @@ static int ClientMemRecv(info_t* info, char* buf, int sz)
info->to_client.write_bytes = info->to_client.write_idx = 0;
}
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_client.mutex));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
if (info->to_server.done != 0) {
return -1;
@@ -529,7 +540,7 @@ static int ClientMemRecv(info_t* info, char* buf, int sz)
#endif
return sz;
}
-#endif /* HAVE_PTHREAD */
+#endif /* !SINGLE_THREADED */
static int SocketRecv(int sockFd, char* buf, int sz)
{
@@ -685,7 +696,7 @@ static int ServerSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
info_t* info = (info_t*)ctx;
(void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
if (info->useLocalMem) {
return ServerMemSend(info, buf, sz);
}
@@ -705,7 +716,7 @@ static int ServerRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
info_t* info = (info_t*)ctx;
(void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
if (info->useLocalMem) {
return ServerMemRecv(info, buf, sz);
}
@@ -727,7 +738,7 @@ static int ClientSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
info_t* info = (info_t*)ctx;
(void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
if (info->useLocalMem) {
return ClientMemSend(info, buf, sz);
}
@@ -747,7 +758,7 @@ static int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
{
info_t* info = (info_t*)ctx;
(void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
if (info->useLocalMem) {
return ClientMemRecv(info, buf, sz);
}
@@ -836,7 +847,7 @@ static int SetupSocketAndConnect(info_t* info, const char* host,
}
/* Connect to the server */
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
while ((info->serverListening == 0) && (info->server.shutdown == 0)) {
if (info->showVerbose) {
fprintf(stderr, "Waiting for server to listen...\n");
@@ -992,7 +1003,7 @@ static int bench_tls_client(info_t* info)
int err;
#endif
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
if (!info->useLocalMem)
#endif
{
@@ -1035,17 +1046,16 @@ static int bench_tls_client(info_t* info)
wolfSSL_SetIOReadCtx(cli_ssl, info);
wolfSSL_SetIOWriteCtx(cli_ssl, info);
-#if defined(HAVE_PTHREAD) && defined(WOLFSSL_DTLS)
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_DTLS)
/* synchronize with server */
if (info->doDTLS && !info->clientOrserverOnly) {
- PTHREAD_CHECK_RET(pthread_mutex_lock(&info->dtls_mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->dtls_cond));
if (info->serverReady != 1) {
- PTHREAD_CHECK_RET(pthread_cond_wait(&info->dtls_cond,
- &info->dtls_mutex));
+ THREAD_CHECK_RET(wolfSSL_CondWait(&info->dtls_cond));
}
/* for next loop */
info->serverReady = 0;
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->dtls_mutex));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->dtls_cond));
}
#endif
/* perform connect */
@@ -1179,21 +1189,23 @@ exit:
return ret;
}
-#ifdef HAVE_PTHREAD
-static void* client_thread(void* args)
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_THREAD_NO_JOIN)
+static THREAD_RETURN WOLFSSL_THREAD_NO_JOIN client_thread(void* args)
{
int ret;
info_t* info = (info_t*)args;
ret = bench_tls_client(info);
- PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_server.cond));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_server.cond));
info->to_client.done = 1;
info->client.ret = ret;
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_server.cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
- return NULL;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
-#endif /* HAVE_PTHREAD */
+#endif /* !SINGLE_THREADED */
#endif /* !NO_WOLFSSL_CLIENT */
@@ -1273,12 +1285,12 @@ static int SocketWaitClient(info_t* info)
#ifdef WOLFSSL_DTLS
if (info->doDTLS) {
char msg[64];
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
if (!info->clientOrserverOnly) {
- PTHREAD_CHECK_RET(pthread_mutex_lock(&info->dtls_mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->dtls_cond));
info->serverReady = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&info->dtls_cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->dtls_mutex));
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&info->dtls_cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->dtls_cond));
}
#endif
connd = (int)recvfrom(info->listenFd, (char *)msg, sizeof(msg),
@@ -1293,7 +1305,7 @@ static int SocketWaitClient(info_t* info)
else
#endif
{
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
info->serverListening = 1;
#endif
if ((connd = accept(info->listenFd, (struct sockaddr*)&clientAddr,
@@ -1440,7 +1452,7 @@ static int bench_tls_server(info_t* info)
int err;
#endif
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
if (!info->useLocalMem)
#endif
{
@@ -1503,7 +1515,7 @@ static int bench_tls_server(info_t* info)
#endif
start = gettime_secs(0) - start;
if (ret != WOLFSSL_SUCCESS) {
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
if (info->to_client.done) {
ret = 0; /* done - success */
}
@@ -1551,7 +1563,7 @@ static int bench_tls_server(info_t* info)
info->server_stats.rxTime += rxTime;
if (ret < 0) {
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
if (info->to_client.done) {
ret = 0; /* done - success */
}
@@ -1622,8 +1634,8 @@ exit:
return ret;
}
-#ifdef HAVE_PTHREAD
-static void* server_thread(void* args)
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_THREAD_NO_JOIN)
+static THREAD_RETURN WOLFSSL_THREAD_NO_JOIN server_thread(void* args)
{
int ret = 0;
info_t* info = (info_t*)args;
@@ -1645,13 +1657,15 @@ static void* server_thread(void* args)
}
}
- PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_client.cond));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_client.cond));
info->to_server.done = 1;
info->server.ret = ret;
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_client.cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
- return NULL;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
-#endif /* HAVE_PTHREAD */
+#endif /* !SINGLE_THREADED */
#endif /* !NO_WOLFSSL_SERVER */
@@ -1723,7 +1737,7 @@ static void Usage(void)
#ifdef DEBUG_WOLFSSL
fprintf(stderr, "-d Enable debug messages\n");
#endif
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
fprintf(stderr, "-T <num> Number of threaded server/client pairs (default %d)\n", NUM_THREAD_PAIRS);
fprintf(stderr, "-m Use local memory, not socket\n");
#endif
@@ -1822,10 +1836,10 @@ int bench_tls(void* args)
const char* argHost = BENCH_DEFAULT_HOST;
int argPort = BENCH_DEFAULT_PORT;
int argShowPeerInfo = 0;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
int doShutdown;
#endif
-#if !defined(NO_WOLFSSL_SERVER) || defined(HAVE_PTHREAD)
+#if !defined(NO_WOLFSSL_SERVER) || !defined(SINGLE_THREADED)
int argLocalMem = 0;
int listenFd = -1;
#endif
@@ -1924,13 +1938,13 @@ int bench_tls(void* args)
break;
case 'T' :
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
argThreadPairs = atoi(myoptarg);
#endif
break;
case 'm':
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
argLocalMem = 1;
#endif
break;
@@ -1980,7 +1994,7 @@ int bench_tls(void* args)
if (argServerOnly || argClientOnly) {
argThreadPairs = 1;
}
-#ifndef HAVE_PTHREAD
+#ifdef SINGLE_THREADED
else {
fprintf(stderr, "Threading is not enabled, so please use -s or -c to indicate side\n");
Usage();
@@ -2086,7 +2100,7 @@ int bench_tls(void* args)
#ifdef WOLFSSL_DTLS
info->doDTLS = doDTLS;
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
info->serverReady = 0;
if (argServerOnly || argClientOnly) {
info->clientOrserverOnly = 1;
@@ -2094,7 +2108,7 @@ int bench_tls(void* args)
#endif
#endif
if (argClientOnly) {
- #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
+ #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && !defined(SINGLE_THREADED)
/* to avoid to wait server forever */
info->serverListening = 1;
#endif
@@ -2108,38 +2122,24 @@ int bench_tls(void* args)
#endif
}
else {
- #ifdef HAVE_PTHREAD
+ #if !defined(SINGLE_THREADED) && defined(WOLFSSL_THREAD_NO_JOIN)
info->useLocalMem = argLocalMem;
- PTHREAD_CHECK_RET(pthread_mutex_init(&info->to_server.mutex,
- NULL));
- PTHREAD_CHECK_RET(pthread_mutex_init(&info->to_client.mutex,
- NULL));
#ifdef WOLFSSL_DTLS
- PTHREAD_CHECK_RET(pthread_mutex_init(&info->dtls_mutex,
- NULL));
- PTHREAD_CHECK_RET(pthread_cond_init(&info->dtls_cond,
- NULL));
+ THREAD_CHECK_RET(wc_InitMutex(&info->dtls_mutex));
+ THREAD_CHECK_RET(wolfSSL_CondInit(&info->dtls_cond));
#endif
- PTHREAD_CHECK_RET(pthread_cond_init(&info->to_server.cond,
- NULL));
- PTHREAD_CHECK_RET(pthread_cond_init(&info->to_client.cond,
- NULL));
-
- PTHREAD_CHECK_RET(
- pthread_create(&info->to_server.tid, NULL,
- server_thread, info));
- PTHREAD_CHECK_RET(
- pthread_create(&info->to_client.tid, NULL,
- client_thread, info));
-
- /* State that we won't be joining this thread */
- PTHREAD_CHECK_RET(pthread_detach(info->to_server.tid));
- PTHREAD_CHECK_RET(pthread_detach(info->to_client.tid));
+ THREAD_CHECK_RET(wolfSSL_CondInit(&info->to_server.cond));
+ THREAD_CHECK_RET(wolfSSL_CondInit(&info->to_client.cond));
+
+ THREAD_CHECK_RET(
+ wolfSSL_NewThreadNoJoin(server_thread, info));
+ THREAD_CHECK_RET(
+ wolfSSL_NewThreadNoJoin(client_thread, info));
#endif
}
}
- #ifdef HAVE_PTHREAD
+ #ifndef SINGLE_THREADED
/* For threading, wait for completion */
if (!argClientOnly && !argServerOnly) {
/* Wait until threads are marked done */
@@ -2159,7 +2159,7 @@ int bench_tls(void* args)
fprintf(stderr, "Shutdown complete\n");
}
}
- #endif /* HAVE_PTHREAD */
+ #endif /* !SINGLE_THREADED */
if (argShowVerbose) {
/* print results */
diff --git a/extra/wolfssl/wolfssl/examples/client/client.c b/extra/wolfssl/wolfssl/examples/client/client.c
index a3c52449..0141be1f 100644
--- a/extra/wolfssl/wolfssl/examples/client/client.c
+++ b/extra/wolfssl/wolfssl/examples/client/client.c
@@ -138,6 +138,15 @@ static int lng_index = 0;
#endif
+static int quieter = 0; /* Print fewer messages. This is helpful with overly
+ * ambitious log parsers. */
+
+#define LOG_ERROR(...) \
+ do { \
+ if (!quieter) \
+ fprintf(stderr, __VA_ARGS__); \
+ } while(0)
+
#ifdef HAVE_SESSION_TICKET
#ifndef SESSION_TICKET_LEN
@@ -214,6 +223,9 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
#ifdef WOLFSSL_ASYNC_CRYPT
|| error == WC_PENDING_E
#endif
+ #ifdef WOLFSSL_NONBLOCK_OCSP
+ || error == OCSP_WANT_READ
+ #endif
) {
#ifndef WOLFSSL_CALLBACKS
ret = wolfSSL_connect(ssl);
@@ -285,7 +297,7 @@ static void ShowVersions(void)
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
XSTRNCAT(verStr, "e(either):", 11);
#endif
- /* print all stings at same time on stdout to avoid any flush issues */
+ /* print all strings at same time on stdout to avoid any flush issues */
printf("%s\n", verStr);
}
@@ -350,6 +362,19 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
err_sys("unable to use curve secp256r1");
} while (ret == WC_PENDING_E);
#endif
+ #ifdef WOLFSSL_SM2
+ do {
+ ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
+ if (ret == WOLFSSL_SUCCESS)
+ groups[count++] = WOLFSSL_ECC_SM2P256V1;
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ else if (ret == WC_PENDING_E)
+ wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ #endif
+ else
+ err_sys("unable to use curve sm2p256v1");
+ } while (ret == WC_PENDING_E);
+ #endif
#endif
}
}
@@ -435,32 +460,12 @@ static void EarlyData(WOLFSSL_CTX* ctx, WOLFSSL* ssl, const char* msg,
}
} while (err == WC_PENDING_E);
if (ret != msgSz) {
- fprintf(stderr, "SSL_write_early_data msg error %d, %s\n", err,
+ LOG_ERROR("SSL_write_early_data msg error %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(ssl); ssl = NULL;
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("SSL_write_early_data failed");
}
- do {
- err = 0; /* reset error */
- ret = wolfSSL_write_early_data(ssl, msg, msgSz, &msgSz);
- if (ret <= 0) {
- err = wolfSSL_get_error(ssl, 0);
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (err == WC_PENDING_E) {
- ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
- if (ret < 0) break;
- }
- #endif
- }
- } while (err == WC_PENDING_E);
- if (ret != msgSz) {
- fprintf(stderr, "SSL_write_early_data msg error %d, %s\n", err,
- wolfSSL_ERR_error_string(err, buffer));
- wolfSSL_free(ssl);
- wolfSSL_CTX_free(ctx);
- err_sys("SSL_write_early_data failed");
- }
}
#endif
@@ -723,7 +728,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
}
} while (err == WC_PENDING_E);
if (ret != len) {
- fprintf(stderr, "SSL_write bench error %d!\n", err);
+ LOG_ERROR("SSL_write bench error %d!\n", err);
if (!exitWithRet)
err_sys("SSL_write failed");
goto doExit;
@@ -749,7 +754,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
#endif
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE) {
- fprintf(stderr, "SSL_read bench error %d\n", err);
+ LOG_ERROR("SSL_read bench error %d\n", err);
err_sys("SSL_read failed");
}
}
@@ -943,7 +948,7 @@ static int SMTP_Shutdown(WOLFSSL* ssl, int wc_shutdown)
printf("Bidirectional shutdown complete\n");
}
if (ret != WOLFSSL_SUCCESS)
- fprintf(stderr, "Bidirectional shutdown failed\n");
+ LOG_ERROR("Bidirectional shutdown failed\n");
}
return WOLFSSL_SUCCESS;
@@ -974,7 +979,7 @@ static int ClientWrite(WOLFSSL* ssl, const char* msg, int msgSz, const char* str
);
if (ret != msgSz) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
- fprintf(stderr, "SSL_write%s msg error %d, %s\n", str, err,
+ LOG_ERROR("SSL_write%s msg error %d, %s\n", str, err,
wolfSSL_ERR_error_string(err, buffer));
if (!exitWithRet) {
err_sys("SSL_write failed");
@@ -1005,7 +1010,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
#endif
if (err != WOLFSSL_ERROR_WANT_READ &&
err != WOLFSSL_ERROR_WANT_WRITE && err != APP_DATA_READY) {
- fprintf(stderr, "SSL_read reply error %d, %s\n", err,
+ LOG_ERROR("SSL_read reply error %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
if (!exitWithRet) {
err_sys("SSL_read failed");
@@ -1021,7 +1026,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
|| err == WOLFSSL_ERROR_WANT_WRITE)) {
elapsed = current_time(0) - start;
if (elapsed > MAX_NON_BLOCK_SEC) {
- fprintf(stderr, "Nonblocking read timeout\n");
+ LOG_ERROR("Nonblocking read timeout\n");
ret = WOLFSSL_FATAL_ERROR;
break;
}
@@ -1041,6 +1046,55 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
return err;
}
+static int ClientWriteRead(WOLFSSL* ssl, const char* msg, int msgSz,
+ char* reply, int replyLen, int mustRead,
+ const char* str, int exitWithRet)
+{
+ int ret = 0;
+
+ do {
+ ret = ClientWrite(ssl, msg, msgSz, str, exitWithRet);
+ if (ret != 0) {
+ if (!exitWithRet)
+ err_sys("ClientWrite failed");
+ else
+ break;
+ }
+ if (wolfSSL_dtls(ssl)) {
+ ret = tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC);
+ if (ret == TEST_TIMEOUT) {
+ continue;
+ }
+ else if (ret == TEST_RECV_READY) {
+ /* Ready to read */
+ }
+ else {
+ LOG_ERROR("%s tcp_select error\n", str);
+ if (!exitWithRet)
+ err_sys("tcp_select failed");
+ else
+ ret = WOLFSSL_FATAL_ERROR;
+ break;
+ }
+ }
+ ret = ClientRead(ssl, reply, replyLen, mustRead, str, exitWithRet);
+ if (mustRead && ret != 0) {
+ if (!exitWithRet)
+ err_sys("ClientRead failed");
+ else
+ break;
+ }
+ break;
+ } while (1);
+
+ if (ret != 0) {
+ char buffer[WOLFSSL_MAX_ERROR_SZ];
+ LOG_ERROR("SSL_write%s msg error %d, %s\n", str, ret,
+ wolfSSL_ERR_error_string(ret, buffer));
+ }
+
+ return ret;
+}
/* when adding new option, please follow the steps below: */
/* 1. add new option message in English section */
@@ -1049,7 +1103,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
/* 4. add the same message into Japanese section */
/* (will be translated later) */
/* 5. add printf() into suitable position of Usage() */
-static const char* client_usage_msg[][70] = {
+static const char* client_usage_msg[][75] = {
/* English */
{
" NOTE: All files relative to wolfSSL home dir\n", /* 0 */
@@ -1134,7 +1188,7 @@ static const char* client_usage_msg[][70] = {
" string 'scr-app-data' is passed in as the value and\n"
" Non-blocking sockets are enabled ('-N') then wolfSSL\n"
" sends a test message during the secure renegotiation.\n"
- " The string parameter is optional.\n", /* 29 */
+ " The string parameter is optional.\n", /* 29 */
#endif
"-f Fewer packets/group messages\n", /* 30 */
#ifndef NO_CERTS
@@ -1446,7 +1500,7 @@ static const char* client_usage_msg[][70] = {
#ifdef HAVE_TRUSTED_CA
"-5 ä¿¡é ¼ã§ãã‚‹èªè¨¼å±€ã®éµè¡¨ç¤ºã‚’使用ã™ã‚‹\n", /* 63 */
#endif
- "-6 WANT_WRITE エラーを全ã¦ã®IO é€ä¿¡ã§ã‚·ãƒ¥ãƒŸãƒ¬ãƒ¼ãƒˆã—ã¾ã™\n",
+ "-6 WANT_WRITE エラーを全ã¦ã®IO é€ä¿¡ã§ã‚·ãƒŸãƒ¥ãƒ¬ãƒ¼ãƒˆã—ã¾ã™\n",
#ifdef HAVE_CURVE448
"-8 éµäº¤æ›ã« X448 を使用ã™ã‚‹\n", /* 66 */
#endif
@@ -1489,7 +1543,7 @@ static const char* client_usage_msg[][70] = {
"--openssl-psk Use TLS 1.3 PSK callback compatible with OpenSSL\n", /* 74 */
#endif
"\n"
- "より簡å˜ãªwolfSSL TSL クライアントã®ä¾‹ã«ã¤ã„ã¦ã¯"
+ "より簡å˜ãªwolfSSL TLS クライアントã®ä¾‹ã«ã¤ã„ã¦ã¯"
"下記ã«ã‚¢ã‚¯ã‚»ã‚¹ã—ã¦ãã ã•ã„\n"
"https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 75 */
NULL,
@@ -1505,12 +1559,12 @@ static void showPeerPEM(WOLFSSL* ssl)
if (peer) {
WOLFSSL_BIO* bioOut = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
if (bioOut == NULL) {
- fprintf(stderr, "failed to get bio on stdout\n");
+ LOG_ERROR("failed to get bio on stdout\n");
}
else {
if (wolfSSL_BIO_set_fp(bioOut, stdout, BIO_NOCLOSE)
!= WOLFSSL_SUCCESS) {
- fprintf(stderr, "failed to set stdout to bio output\n");
+ LOG_ERROR("failed to set stdout to bio output\n");
wolfSSL_BIO_free(bioOut);
bioOut = NULL;
}
@@ -1740,7 +1794,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
size_t srtp_secret_length;
byte *srtp_secret, *p;
int ret;
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
srtp_test_helper *srtp_helper = args->srtp_helper;
byte *other_secret = NULL;
size_t other_size = 0;
@@ -1751,7 +1805,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
ret = wolfSSL_export_dtls_srtp_keying_material(ssl, NULL,
&srtp_secret_length);
if (ret != LENGTH_ONLY_E) {
- fprintf(stderr, "DTLS SRTP: Error getting keying material length\n");
+ LOG_ERROR("DTLS SRTP: Error getting keying material length\n");
return ret;
}
@@ -1765,7 +1819,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
&srtp_secret_length);
if (ret != WOLFSSL_SUCCESS) {
XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- fprintf(stderr, "DTLS SRTP: Error getting keying material\n");
+ LOG_ERROR("DTLS SRTP: Error getting keying material\n");
return ret;
}
@@ -1774,7 +1828,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
printf("%02X", *p);
printf("\n");
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
if (srtp_helper != NULL) {
srtp_helper_get_ekm(srtp_helper, &other_secret, &other_size);
@@ -1790,7 +1844,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
/* we are delegated from server to free this buffer */
XFREE(other_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
-#endif
+#endif /* WOLFSSL_COND */
XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1837,7 +1891,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
{ "wolfsentry-config", 1, 256 },
#endif
{ "help", 0, 257 },
+#ifndef NO_MULTIBYTE_PRINT
{ "ヘルプ", 0, 258 },
+#endif
#if defined(HAVE_PQC)
{ "pqc", 1, 259 },
#endif
@@ -1862,6 +1918,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef NO_PSK
{ "openssl-psk", 0, 265 },
#endif
+ { "quieter", 0, 266 },
{ 0, 0, 0 }
};
#endif
@@ -2597,7 +2654,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
nonBlocking = 1;
simulateWantWrite = 1;
#else
- fprintf(stderr, "Ignoring -6 since async I/O support not "
+ LOG_ERROR("Ignoring -6 since async I/O support not "
"compiled in.\n");
#endif
break;
@@ -2696,6 +2753,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
opensslPsk = 1;
#endif
break;
+ case 266:
+ quieter = 1;
+ break;
default:
Usage();
XEXIT_T(MY_EX_USAGE);
@@ -2780,7 +2840,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
if (done) {
- fprintf(stderr, "external test can't be run in this mode\n");
+ LOG_ERROR("external test can't be run in this mode\n");
((func_args*)args)->return_code = 0;
XEXIT_T(EXIT_SUCCESS);
@@ -2818,7 +2878,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifndef HAVE_SESSION_TICKET
if ((version >= 4) && resumeSession) {
- fprintf(stderr, "Can't do TLS 1.3 resumption; need session tickets!\n");
+ LOG_ERROR("Can't do TLS 1.3 resumption; need session tickets!\n");
}
#endif
@@ -2831,7 +2891,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (usePqc) {
if (version == CLIENT_DOWNGRADE_VERSION ||
version == EITHER_DOWNGRADE_VERSION)
- fprintf(stderr,
+ LOG_ERROR(
"WARNING: If a TLS 1.3 connection is not negotiated, you "
"will not be using a post-quantum group.\n");
else if (version != 4 && version != -4)
@@ -2928,11 +2988,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef DEBUG_WOLFSSL
/* print off helper buffer sizes for use with static memory
* printing to stderr in case of debug mode turned on */
- fprintf(stderr, "static memory management size = %d\n",
+ LOG_ERROR("static memory management size = %d\n",
wolfSSL_MemoryPaddingSz());
- fprintf(stderr, "calculated optimum general buffer size = %d\n",
+ LOG_ERROR("calculated optimum general buffer size = %d\n",
wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
- fprintf(stderr, "calculated optimum IO buffer size = %d\n",
+ LOG_ERROR("calculated optimum IO buffer size = %d\n",
wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
WOLFMEM_IO_POOL_FIXED));
#endif /* DEBUG_WOLFSSL */
@@ -3331,7 +3391,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret < 0) {
- fprintf(stderr, "Async device open failed\nRunning without async\n");
+ LOG_ERROR("Async device open failed\nRunning without async\n");
}
wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -3469,7 +3529,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
- fprintf(stderr, "Before creating SSL\n");
+ LOG_ERROR("Before creating SSL\n");
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
err_sys("ctx not using static memory");
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -3560,7 +3620,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
- fprintf(stderr, "After creating SSL\n");
+ LOG_ERROR("After creating SSL\n");
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
err_sys("ctx not using static memory");
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -3640,6 +3700,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR_OCSP,
WOLFSSL_CSR_OCSP_USE_NONCE) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("UseCertificateStatusRequest failed");
}
@@ -3651,6 +3712,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE)
!= WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("UseCertificateStatusRequest failed");
}
@@ -3660,6 +3722,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
WOLFSSL_CSR2_OCSP_MULTI, 0)
!= WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("UseCertificateStatusRequest failed");
}
@@ -3688,6 +3751,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, ssl);
if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error in setting fd");
}
@@ -3703,6 +3767,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (doSTARTTLS) {
if (StartTLS_Init(&sockfd) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error during STARTTLS protocol");
}
@@ -3716,17 +3781,20 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (wolfSSL_EnableCRL(ssl, WOLFSSL_CRL_CHECKALL) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't enable crl check");
}
if (wolfSSL_LoadCRL(ssl, crlPemDir, WOLFSSL_FILETYPE_PEM, 0)
!= WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't load crl, check crlfile and date validity");
}
if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't set crl callback");
}
@@ -3736,6 +3804,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (scr) {
if (wolfSSL_UseSecureRenegotiation(ssl) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't enable secure renegotiation");
}
@@ -3796,7 +3865,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
if (ret != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
- fprintf(stderr, "wolfSSL_connect error %d, %s\n", err,
+ LOG_ERROR("wolfSSL_connect error %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
/* cleanup */
@@ -3888,6 +3957,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
size = wolfSSL_get_client_random(NULL, NULL, 0);
if (size == 0) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error getting client random buffer size");
}
@@ -3895,6 +3965,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (rnd == NULL) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error creating client random buffer");
}
@@ -3903,6 +3974,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (size == 0) {
XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error getting client random buffer");
}
@@ -3941,6 +4013,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (XSTRCMP(starttlsProt, "smtp") == 0) {
if (SMTP_Shutdown(ssl, wc_shutdown) != WOLFSSL_SUCCESS) {
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error closing STARTTLS connection");
}
@@ -3952,7 +4025,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_CTX_free(ctx); ctx = NULL;
((func_args*)args)->return_code = 0;
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#ifdef HAVE_ALPN
@@ -4052,16 +4125,17 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
if (ret != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
- fprintf(stderr, "wolfSSL_Rehandshake error %d, %s\n", err,
+ LOG_ERROR("wolfSSL_Rehandshake error %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("non-blocking wolfSSL_Rehandshake failed");
}
}
}
else {
- fprintf(stderr, "not doing secure resumption with non-blocking");
+ LOG_ERROR("not doing secure resumption with non-blocking");
}
} else {
if (!resumeScr) {
@@ -4085,6 +4159,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("wolfSSL_Rehandshake failed");
}
@@ -4114,6 +4189,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("wolfSSL_SecureResume failed");
}
@@ -4150,6 +4226,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (exitWithRet) {
((func_args*)args)->return_code = err;
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
goto exit;
}
@@ -4164,18 +4241,12 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_update_keys(ssl);
#endif
- err = ClientWrite(ssl, msg, msgSz, "", exitWithRet);
- if (exitWithRet && (err != 0)) {
- ((func_args*)args)->return_code = err;
- wolfSSL_free(ssl); ssl = NULL;
- wolfSSL_CTX_free(ctx); ctx = NULL;
- goto exit;
- }
-
- err = ClientRead(ssl, reply, sizeof(reply)-1, 1, "", exitWithRet);
+ err = ClientWriteRead(ssl, msg, msgSz, reply, sizeof(reply)-1, 1, "",
+ exitWithRet);
if (exitWithRet && (err != 0)) {
((func_args*)args)->return_code = err;
wolfSSL_free(ssl); ssl = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
goto exit;
}
@@ -4243,12 +4314,12 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break;
}
else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
- fprintf(stderr, "Bidirectional shutdown failed\n");
+ LOG_ERROR("Bidirectional shutdown failed\n");
break;
}
}
if (ret != WOLFSSL_SUCCESS)
- fprintf(stderr, "Bidirectional shutdown failed\n");
+ LOG_ERROR("Bidirectional shutdown failed\n");
}
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
if (atomicUser)
@@ -4260,8 +4331,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
err_sys("static memory was not used with ssl");
- fprintf(stderr, "\nprint off SSL memory stats\n");
- fprintf(stderr, "*** This is memory state before wolfSSL_free is called\n");
+ LOG_ERROR("\nprint off SSL memory stats\n");
+ LOG_ERROR("*** This is memory state before wolfSSL_free is called\n");
wolfSSL_PrintStatsConn(&ssl_stats);
#endif
@@ -4293,6 +4364,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, sslResume);
if (wolfSSL_set_fd(sslResume, sockfd) != WOLFSSL_SUCCESS) {
wolfSSL_free(sslResume); sslResume = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("error in setting fd");
}
@@ -4313,6 +4385,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (scr) {
if (wolfSSL_UseSecureRenegotiation(sslResume) != WOLFSSL_SUCCESS) {
wolfSSL_free(sslResume); sslResume = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("can't enable secure renegotiation");
}
@@ -4384,9 +4457,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
ret = NonBlockingSSL_Connect(sslResume); /* will keep retrying on timeout */
#endif
if (ret != WOLFSSL_SUCCESS) {
- fprintf(stderr, "wolfSSL_connect resume error %d, %s\n", err,
+ LOG_ERROR("wolfSSL_connect resume error %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(sslResume); sslResume = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("wolfSSL_connect resume failed");
}
@@ -4397,7 +4471,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (wolfSSL_session_reused(sslResume))
printf("reused session id\n");
else
- fprintf(stderr, "didn't reuse session id!!!\n");
+ LOG_ERROR("didn't reuse session id!!!\n");
#ifdef HAVE_ALPN
if (alpnList != NULL) {
@@ -4432,9 +4506,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("Beginning secure renegotiation.\n");
if (wolfSSL_Rehandshake(sslResume) != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(sslResume, 0);
- fprintf(stderr, "err = %d, %s\n", err,
+ LOG_ERROR("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(sslResume); sslResume = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("wolfSSL_Rehandshake failed");
}
@@ -4446,9 +4521,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("Beginning secure resumption.\n");
if (wolfSSL_SecureResume(sslResume) != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(sslResume, 0);
- fprintf(stderr, "err = %d, %s\n", err,
+ LOG_ERROR("err = %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(sslResume); sslResume = NULL;
+ CloseSocket(sockfd);
wolfSSL_CTX_free(ctx); ctx = NULL;
err_sys("wolfSSL_SecureResume failed");
}
@@ -4469,10 +4545,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
msgSz = (int)XSTRLEN(kResumeMsg);
XMEMCPY(msg, kResumeMsg, msgSz);
}
- (void)ClientWrite(sslResume, msg, msgSz, " resume", 0);
- (void)ClientRead(sslResume, reply, sizeof(reply)-1, sendGET,
- "Server resume: ", 0);
+ (void)ClientWriteRead(sslResume, msg, msgSz, reply, sizeof(reply)-1,
+ sendGET, " resume", 0);
ret = wolfSSL_shutdown(sslResume);
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE)
@@ -4483,8 +4558,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (wolfSSL_is_static_memory(sslResume, &ssl_stats) != 1)
err_sys("static memory was not used with ssl");
- fprintf(stderr, "\nprint off SSLresume memory stats\n");
- fprintf(stderr, "*** This is memory state before wolfSSL_free is called\n");
+ LOG_ERROR("\nprint off SSLresume memory stats\n");
+ LOG_ERROR("*** This is memory state before wolfSSL_free is called\n");
wolfSSL_PrintStatsConn(&ssl_stats);
#endif
@@ -4503,7 +4578,7 @@ exit:
wolfsentry_ret =
wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL));
if (wolfsentry_ret < 0) {
- fprintf(stderr,
+ LOG_ERROR(
"wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n",
WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret));
}
@@ -4528,9 +4603,7 @@ exit:
(void) useVerifyCb;
(void) customVerifyCert;
-#if !defined(WOLFSSL_TIRTOS)
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* !NO_WOLFSSL_CLIENT */
@@ -4546,7 +4619,7 @@ exit:
StartTCP();
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
args.srtp_helper = NULL;
#endif
args.argc = argc;
diff --git a/extra/wolfssl/wolfssl/examples/client/client.vcproj b/extra/wolfssl/wolfssl/examples/client/client.vcproj
index 614995b2..ab4204d2 100644
--- a/extra/wolfssl/wolfssl/examples/client/client.vcproj
+++ b/extra/wolfssl/wolfssl/examples/client/client.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -117,7 +117,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/client/client.vcxproj b/extra/wolfssl/wolfssl/examples/client/client.vcxproj
index 3704f4fe..3f5c79a0 100644
--- a/extra/wolfssl/wolfssl/examples/client/client.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/client/client.vcxproj
@@ -159,7 +159,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -218,7 +218,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -237,7 +237,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -259,7 +259,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -281,7 +281,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -302,7 +302,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/examples/configs/README.md b/extra/wolfssl/wolfssl/examples/configs/README.md
index e2ae4b03..8ed282cc 100644
--- a/extra/wolfssl/wolfssl/examples/configs/README.md
+++ b/extra/wolfssl/wolfssl/examples/configs/README.md
@@ -12,6 +12,7 @@ Example wolfSSL configuration file templates for use when autoconf is not availa
* `user_settings_fipsv5.h`: The FIPS v5 (ready) 140-3 build options. Equivalent to `./configure --enable-fips=v5-dev`.
* `user_settings_stm32.h`: Example configuration file generated from the wolfSSL STM32 Cube pack.
* `user_settings_wolftpm.h`: Minimum options for building wolfTPM. See comment at top for ./configure used to generate.
+*.`user_settings_EBSnet.h`: Example configuration file for use with EBSnet ports.
## Usage
diff --git a/extra/wolfssl/wolfssl/examples/configs/include.am b/extra/wolfssl/wolfssl/examples/configs/include.am
index d5977610..781fbcbc 100644
--- a/extra/wolfssl/wolfssl/examples/configs/include.am
+++ b/extra/wolfssl/wolfssl/examples/configs/include.am
@@ -10,3 +10,4 @@ EXTRA_DIST += examples/configs/user_settings_fipsv2.h
EXTRA_DIST += examples/configs/user_settings_fipsv5.h
EXTRA_DIST += examples/configs/user_settings_stm32.h
EXTRA_DIST += examples/configs/user_settings_wolftpm.h
+EXTRA_DIST += examples/configs/user_settings_EBSnet.h
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_last.c b/extra/wolfssl/wolfssl/examples/configs/user_settings_EBSnet.h
index 472f358f..3d148699 100644
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_last.c
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_EBSnet.h
@@ -1,4 +1,4 @@
-/* wolfcrypt_last.c
+/* user_settings_EBSnet.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,36 +19,38 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/* Example wolfSSL user settings for use with EBSnet ports.
+ * This file is included with wolfssl/wolfcrypt/settings.h when WOLFSSL_USER_SETTINGS is defined.
+ */
-/* This file needs to be linked last in order to work correctly */
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
-#ifdef HAVE_CONFIG_H
- #include <config.h>
+#ifdef __cplusplus
+extern "C" {
#endif
-/* in case user set HAVE_FIPS there */
-#include <cyassl/ctaocrypt/settings.h>
+#define OPENSSL_EXTRA_X509_SMALL
-#ifdef HAVE_FIPS
+#define USE_FAST_MATH
+#define TFM_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+#define ECC_TIMING_RESISTANT
-#ifdef USE_WINDOWS_API
- #pragma code_seg(".fipsA$l")
- #pragma const_seg(".fipsB$l")
-#endif
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define HAVE_AESGCM
+#define WOLFSSL_SHA384
+#define NO_DSA
+#define NO_RC4
+#define NO_MD4
+#define NO_MD5
+#define NO_DES3
-/* last function of text/code segment */
-int wolfCrypt_FIPS_last(void);
-int wolfCrypt_FIPS_last(void)
-{
- return 0;
+#ifdef __cplusplus
}
+#endif
-
-/* read only end address */
-const unsigned int wolfCrypt_FIPS_ro_end[] =
-{ 0x1a2b3c4d, 0xffffffff };
-
-
-#endif /* HAVE_FIPS */
+#endif /* WOLFSSL_USER_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h b/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h
index c708a64e..c484b90b 100644
--- a/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h
@@ -125,7 +125,7 @@ extern "C" {
#define WOLFSSL_DER_TO_PEM
#define WOLFSSL_CUSTOM_OID
#define HAVE_OID_ENCODING
-//#define WOLFSSL_ASN_TEMPLATE /* Not enabled yet by default */
+#define WOLFSSL_ASN_TEMPLATE
/* Certificate Revocation */
#define HAVE_OCSP
diff --git a/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h b/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h
index eb60161d..9f02cf2b 100644
--- a/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h
@@ -1,4 +1,5 @@
-/* wolfSSL_conf.h (example of generated wolfSSL.I-CUBE-wolfSSL_conf.h)
+/* wolfSSL_conf.h (example of generated wolfSSL.I-CUBE-wolfSSL_conf.h using
+ * default_conf.ftl and STM32CubeIDE or STM32CubeMX tool)
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -23,12 +24,16 @@
* Generated automatically using `default_conf.ftl` template
*
* Included automatically when USE_HAL_DRIVER is defined
- * (and not WOLFSSL_USER_SETTINGS or HAVE_CONF_H).
+ * (and not WOLFSSL_USER_SETTINGS or HAVE_CONFIG_H).
*/
#ifndef __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__
#define __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__
+#ifdef __cplusplus
+extern "C" {
+#endif
+
/*---------- WOLF_CONF_DEBUG -----------*/
#define WOLF_CONF_DEBUG 0
@@ -51,6 +56,9 @@
/*---------- WOLF_CONF_RTOS -----------*/
#define WOLF_CONF_RTOS 2
+/*---------- WOLF_CONF_RNG -----------*/
+#define WOLF_CONF_RNG 1
+
/*---------- WOLF_CONF_RSA -----------*/
#define WOLF_CONF_RSA 1
@@ -111,17 +119,29 @@
/*---------- WOLF_CONF_TEST -----------*/
#define WOLF_CONF_TEST 1
+/*---------- WOLF_CONF_PQM4 -----------*/
+#define WOLF_CONF_PQM4 0
+
/* ------------------------------------------------------------------------- */
/* Hardware platform */
/* ------------------------------------------------------------------------- */
+/* Setup default (No crypto hardware acceleration or TLS UART test).
+ * Use undef in platform section to enable it.
+ */
#define NO_STM32_HASH
#define NO_STM32_CRYPTO
+#define NO_TLS_UART_TEST
#if defined(STM32WB55xx)
#define WOLFSSL_STM32WB
#define WOLFSSL_STM32_PKA
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart1
+#elif defined(STM32WL55xx)
+ #define WOLFSSL_STM32WL
+ #define WOLFSSL_STM32_PKA
+ #undef NO_STM32_CRYPTO
+ #define HAL_CONSOLE_UART huart2
#elif defined(STM32F407xx)
#define WOLFSSL_STM32F4
#define HAL_CONSOLE_UART huart2
@@ -137,11 +157,20 @@
#undef NO_STM32_CRYPTO
#define STM32_HAL_V2
#define HAL_CONSOLE_UART huart2
+#elif defined(STM32F756xx)
+ #define WOLFSSL_STM32F7
+ #undef NO_STM32_HASH
+ #undef NO_STM32_CRYPTO
+ #define STM32_HAL_V2
+ #define HAL_CONSOLE_UART huart3
#elif defined(STM32H753xx)
#define WOLFSSL_STM32H7
#undef NO_STM32_HASH
#undef NO_STM32_CRYPTO
#define HAL_CONSOLE_UART huart3
+#elif defined(STM32H723xx)
+ #define WOLFSSL_STM32H7
+ #define HAL_CONSOLE_UART huart3
#elif defined(STM32L4A6xx)
#define WOLFSSL_STM32L4
#undef NO_STM32_HASH
@@ -163,6 +192,9 @@
#elif defined(STM32F207xx)
#define WOLFSSL_STM32F2
#define HAL_CONSOLE_UART huart3
+#elif defined(STM32F217xx)
+ #define WOLFSSL_STM32F2
+ #define HAL_CONSOLE_UART huart2
#elif defined(STM32F107xC)
#define WOLFSSL_STM32F1
#define HAL_CONSOLE_UART huart4
@@ -171,18 +203,34 @@
#define WOLFSSL_STM32F4
#define HAL_CONSOLE_UART huart2
#define NO_STM32_RNG
- #define WOLFSSL_GENSEED_FORTEST
+ #define WOLFSSL_GENSEED_FORTEST /* no HW RNG is available use test seed */
#elif defined(STM32G071xx)
#define WOLFSSL_STM32G0
#define HAL_CONSOLE_UART huart2
#define NO_STM32_RNG
- #define WOLFSSL_GENSEED_FORTEST
+ #define WOLFSSL_GENSEED_FORTEST /* no HW RNG is available use test seed */
+#elif defined(STM32U575xx) || defined(STM32U585xx)
+ #define HAL_CONSOLE_UART huart1
+ #define WOLFSSL_STM32U5
+ #define STM32_HAL_V2
+ #ifdef STM32U585xx
+ #undef NO_STM32_HASH
+ #undef NO_STM32_CRYPTO
+ #define WOLFSSL_STM32_PKA
+ #endif
+#elif defined(STM32H563xx)
+ #define WOLFSSL_STM32H5
+ #define HAL_CONSOLE_UART huart3
+ #define STM32_HAL_V2
+ #undef NO_STM32_HASH
+
#else
#warning Please define a hardware platform!
/* This means there is not a pre-defined platform for your board/CPU */
/* You need to define a CPU type, HW crypto and debug UART */
/* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4,
- WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4 and WOLFSSL_STM32L5 */
+ WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4, WOLFSSL_STM32L5,
+ WOLFSSL_STM32G0, WOLFSSL_STM32WB and WOLFSSL_STM32U5 */
#define WOLFSSL_STM32F4
/* Debug UART used for printf */
@@ -195,6 +243,7 @@
//#define NO_STM32_RNG
//#undef NO_STM32_HASH
//#undef NO_STM32_CRYPTO
+ /* if no HW RNG is available use test seed */
//#define WOLFSSL_GENSEED_FORTEST
//#define STM32_HAL_V2
#endif
@@ -222,33 +271,60 @@
/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
-/* 1=Fast, 2=Normal, 3=SP C, 4=SP Cortex-M */
-#if defined(WOLF_CONF_MATH) && WOLF_CONF_MATH != 2
- /* fast (stack) math */
+/* 1=Fast (stack)
+ * 2=Normal (heap)
+ * 3=Single Precision C (only common curves/key sizes)
+ * 4=Single Precision ASM Cortex-M3+
+ * 5=Single Precision ASM Cortex-M0 (Generic Thumb)
+ * 6=Single Precision C all small
+ * 7=Single Precision C all big
+ */
+#if defined(WOLF_CONF_MATH) && WOLF_CONF_MATH == 1
+ /* fast (stack) math - tfm.c */
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
/* Optimizations (TFM_ARM, TFM_ASM or none) */
//#define TFM_NO_ASM
//#define TFM_ASM
-#endif
-#if defined(WOLF_CONF_MATH) && (WOLF_CONF_MATH == 3 || WOLF_CONF_MATH == 4)
+#elif defined(WOLF_CONF_MATH) && WOLF_CONF_MATH == 2
+ /* heap math - integer.c */
+ #define USE_INTEGER_HEAP_MATH
+#elif defined(WOLF_CONF_MATH) && (WOLF_CONF_MATH >= 3)
/* single precision only */
#define WOLFSSL_SP
- #define WOLFSSL_SP_SMALL /* use smaller version of code */
- #define WOLFSSL_HAVE_SP_RSA
- #define WOLFSSL_HAVE_SP_DH
- #define WOLFSSL_HAVE_SP_ECC
- #define WOLFSSL_SP_MATH
+ #if WOLF_CONF_MATH != 7
+ #define WOLFSSL_SP_SMALL /* use smaller version of code */
+ #endif
+ #if defined(WOLF_CONF_RSA) && WOLF_CONF_RSA == 1
+ #define WOLFSSL_HAVE_SP_RSA
+ #endif
+ #if defined(WOLF_CONF_DH) && WOLF_CONF_DH == 1
+ #define WOLFSSL_HAVE_SP_DH
+ #endif
+ #if defined(WOLF_CONF_ECC) && WOLF_CONF_ECC == 1
+ #define WOLFSSL_HAVE_SP_ECC
+ #endif
+ #if WOLF_CONF_MATH == 6 || WOLF_CONF_MATH == 7
+ #define WOLFSSL_SP_MATH_ALL /* use sp_int.c multi precision math */
+ #else
+ #define WOLFSSL_SP_MATH /* disable non-standard curves / key sizes */
+ #endif
#define SP_WORD_SIZE 32
+ /* Enable to put all math on stack (no heap) */
//#define WOLFSSL_SP_NO_MALLOC
- //#define WOLFSSL_SP_CACHE_RESISTANT
- /* single precision Cortex-M only */
- #if WOLF_CONF_MATH == 4
+ #if WOLF_CONF_MATH == 4 || WOLF_CONF_MATH == 5
#define WOLFSSL_SP_ASM /* required if using the ASM versions */
- #define WOLFSSL_SP_ARM_CORTEX_M_ASM
+ #if WOLF_CONF_MATH == 4
+ /* ARM Cortex-M3+ */
+ #define WOLFSSL_SP_ARM_CORTEX_M_ASM
+ #endif
+ #if WOLF_CONF_MATH == 5
+ /* Generic ARM Thumb (Cortex-M0) Assembly */
+ #define WOLFSSL_SP_ARM_THUMB_ASM
+ #endif
#endif
#endif
@@ -280,8 +356,14 @@
#if defined(WOLF_CONF_BASE64_ENCODE) && WOLF_CONF_BASE64_ENCODE == 1
#define WOLFSSL_BASE64_ENCODE
#endif
-#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA == 1
+#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA >= 1
#define OPENSSL_EXTRA
+ #if !defined(INT_MAX)
+ #include <limits.h>
+ #endif
+#endif
+#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA >= 2
+ #define OPENSSL_ALL
#endif
/* TLS Session Cache */
@@ -291,6 +373,14 @@
#define NO_SESSION_CACHE
#endif
+/* Post Quantum
+ * Note: PQM4 is compatible with STM32. The project can be found at:
+ * https://github.com/mupq/pqm4
+ */
+#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
+ #define HAVE_PQM4
+#endif
+
/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
@@ -520,7 +610,6 @@
/* Allows custom "custom_time()" function to be used for benchmark */
#define WOLFSSL_USER_CURRTIME
-
/* ------------------------------------------------------------------------- */
/* RNG */
/* ------------------------------------------------------------------------- */
@@ -533,7 +622,6 @@
#define WC_NO_RNG
#endif
-
/* ------------------------------------------------------------------------- */
/* Disable Features */
/* ------------------------------------------------------------------------- */
@@ -576,7 +664,6 @@
#define NO_ASN_TIME
#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h b/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h
index 4bc6da71..f8673fab 100644
--- a/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h
@@ -52,8 +52,8 @@ extern "C" {
/* reduce stack use. For variables over 100 bytes allocate from heap */
#define WOLFSSL_SMALL_STACK
- /* disable the built-in socket support and use the IO callbacks.
- * Set with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
+ /* Disable the built-in socket support and use the IO callbacks.
+ * Set IO callbacks with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
*/
#define WOLFSSL_USER_IO
#endif
@@ -61,17 +61,7 @@ extern "C" {
/* ------------------------------------------------------------------------- */
/* Math Configuration */
/* ------------------------------------------------------------------------- */
-#undef USE_FAST_MATH
-#if 1
- /* fast math (tfmc.) (stack based and timing resistant) */
- #define USE_FAST_MATH
- #define TFM_TIMING_RESISTANT
-#else
- /* normal heap based integer.c (not timing resistant) */
-#endif
-
/* Wolf Single Precision Math */
-#undef WOLFSSL_SP
#if 1
#define WOLFSSL_HAVE_SP_RSA
#define WOLFSSL_HAVE_SP_DH
@@ -79,8 +69,7 @@ extern "C" {
//#define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
//#define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
- //#define WOLFSSL_SP_CACHE_RESISTANT
- #define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
+ //#define WOLFSSL_SP_MATH /* only SP math - disables integer.c/tfm.c */
#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
//#define WOLFSSL_SP_NO_MALLOC
@@ -99,8 +88,16 @@ extern "C" {
//#define WOLFSSL_SP_ARM64_ASM
//#define WOLFSSL_SP_ARM_THUMB_ASM
//#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#elif 1
+ /* Fast Math (tfm.c) (stack based and timing resistant) */
+ #define USE_FAST_MATH
+ #define TFM_TIMING_RESISTANT
+#else
+ /* Normal (integer.c) (heap based, not timing resistant) - not recommended*/
+ #define USE_INTEGER_HEAP_MATH
#endif
+
/* ------------------------------------------------------------------------- */
/* Crypto */
/* ------------------------------------------------------------------------- */
@@ -184,7 +181,7 @@ extern "C" {
/* use heap allocation for ECC points */
#define ALT_ECC_SIZE
- /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+ /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
//#define FP_MAX_BITS_ECC (256 * 2)
#endif
@@ -508,6 +505,9 @@ extern "C" {
//#define NO_CRYPT_BENCHMARK
//#define WOLFCRYPT_ONLY
+/* do not warm when file is included to be built and not required to be */
+#define WOLFSSL_IGNORE_FILE_WARN
+
/* In-lining of misc.c functions */
/* If defined, must include wolfcrypt/src/misc.c in build */
/* Slower, but about 1k smaller */
diff --git a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c
index 740af4ed..662aca0f 100644
--- a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c
+++ b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c
@@ -24,14 +24,14 @@
#include <config.h>
#endif
-#include <cyassl/ctaocrypt/settings.h>
+#include <wolfssl/wolfcrypt/settings.h>
/* let's use cyassl layer AND cyassl openssl layer */
#undef TEST_OPENSSL_COEXIST /* can't use this option with this example */
-#include <cyassl/ssl.h>
+#include <wolfssl/ssl.h>
/* Force enable the compatibility macros for this example */
-#ifdef CYASSL_DTLS
- #include <cyassl/error-ssl.h>
+#ifdef WOLFSSL_DTLS
+ #include <wolfssl/error-ssl.h>
#endif
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
@@ -43,12 +43,12 @@
#include "wolfssl_MDK_ARM.h"
#endif
-#include <cyassl/test.h>
+#include <wolfssl/test.h>
#ifndef OPENSSL_EXTRA_X509_SMALL
#define OPENSSL_EXTRA_X509_SMALL
#endif
-#include <cyassl/openssl/ssl.h>
+#include <wolfssl/openssl/ssl.h>
#include <examples/echoclient/echoclient.h>
@@ -97,7 +97,7 @@ void echoclient_test(void* args)
char** argv = 0;
#endif
word16 port;
- char buffer[CYASSL_MAX_ERROR_SZ];
+ char buffer[WOLFSSL_MAX_ERROR_SZ];
((func_args*)args)->return_code = -1; /* error state */
@@ -118,11 +118,11 @@ void echoclient_test(void* args)
if (!fin) err_sys("can't open input file");
if (!fout) err_sys("can't open output file");
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
doDTLS = 1;
#endif
-#ifdef CYASSL_LEANPSK
+#ifdef WOLFSSL_LEANPSK
doPSK = 1;
#endif
#if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
@@ -134,10 +134,10 @@ void echoclient_test(void* args)
#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_SHELL)
port = ((func_args*)args)->signal->port;
#else
- port = yasslPort;
+ port = wolfSSLPort;
#endif
-#if defined(CYASSL_DTLS)
+#if defined(WOLFSSL_DTLS)
#ifdef WOLFSSL_DTLS13
method = wolfDTLSv1_3_client_method();
#elif !defined(WOLFSSL_NO_TLS12)
@@ -145,9 +145,9 @@ void echoclient_test(void* args)
#endif
#elif !defined(NO_TLS)
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
- method = CyaTLSv1_2_client_method();
+ method = wolfTLSv1_2_client_method();
#else
- method = CyaSSLv23_client_method();
+ method = wolfSSLv23_client_method();
#endif
#elif defined(WOLFSSL_ALLOW_SSLV3)
method = SSLv3_client_method();
@@ -178,7 +178,7 @@ void echoclient_test(void* args)
err_sys("can't load ca buffer");
#endif
-#if defined(CYASSL_SNIFFER)
+#if defined(WOLFSSL_SNIFFER)
/* Only set if not running testsuite */
if (XSTRSTR(argv[0], "testsuite") == NULL) {
/* don't use EDH, can't sniff tmp keys */
@@ -189,7 +189,7 @@ void echoclient_test(void* args)
if (doPSK) {
const char *defaultCipherList;
- CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
+ wolfSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
#ifdef HAVE_NULL_CIPHER
defaultCipherList = "PSK-NULL-SHA256";
#elif defined(HAVE_AESGCM) && !defined(NO_DH)
@@ -211,7 +211,7 @@ void echoclient_test(void* args)
#else
defaultCipherList = "PSK-AES128-CBC-SHA256";
#endif
- if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS)
+ if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS)
err_sys("client can't set cipher list 2");
wolfSSL_CTX_set_psk_callback_ctx(ctx, (void*)defaultCipherList);
}
@@ -222,7 +222,7 @@ void echoclient_test(void* args)
#endif
#if defined(WOLFSSL_MDK_ARM)
- CyaSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
+ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -234,10 +234,10 @@ void echoclient_test(void* args)
#endif /* WOLFSSL_ASYNC_CRYPT */
ssl = SSL_new(ctx);
- tcp_connect(&sockfd, yasslIP, port, doDTLS, 0, ssl);
+ tcp_connect(&sockfd, wolfSSLIP, port, doDTLS, 0, ssl);
SSL_set_fd(ssl, sockfd);
-#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
+#if defined(USE_WINDOWS_API) && defined(WOLFSSL_DTLS) && defined(NO_MAIN_DRIVER)
/* let echoserver bind first, TODO: add Windows signal like pthreads does */
Sleep(100);
#endif
@@ -319,7 +319,7 @@ void echoclient_test(void* args)
LIBCALL_CHECK_RET(fflush(fout));
sendSz -= ret;
}
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
else if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
/* This condition is OK. The packet should be dropped
* silently when there is a decrypt or MAC error on
@@ -336,7 +336,7 @@ void echoclient_test(void* args)
}
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
strncpy(msg, "break", 6);
sendSz = (int)strlen(msg);
/* try to tell server done */
@@ -394,18 +394,18 @@ void echoclient_test(void* args)
args.argv = argv;
args.return_code = 0;
- CyaSSL_Init();
-#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
- CyaSSL_Debugging_ON();
+ wolfSSL_Init();
+#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
+ wolfSSL_Debugging_ON();
#endif
-#ifndef CYASSL_TIRTOS
+#ifndef WOLFSSL_TIRTOS
ChangeToWolfRoot();
#endif
#ifndef NO_WOLFSSL_CLIENT
echoclient_test(&args);
#endif
- CyaSSL_Cleanup();
+ wolfSSL_Cleanup();
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
diff --git a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj
index c6ed9578..0ea89b22 100644
--- a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj
+++ b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -117,7 +117,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj
index b291d634..9fa8aad0 100644
--- a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj
@@ -159,7 +159,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -218,7 +218,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -237,7 +237,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -259,7 +259,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -281,7 +281,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -302,7 +302,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c
index e839f0b0..c6afdcb0 100644
--- a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c
+++ b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c
@@ -24,10 +24,10 @@
#include <config.h>
#endif
-#include <cyassl/ssl.h> /* name change portability layer */
-#include <cyassl/ctaocrypt/settings.h>
+#include <wolfssl/ssl.h> /* name change portability layer */
+#include <wolfssl/wolfcrypt/settings.h>
#ifdef HAVE_ECC
- #include <cyassl/ctaocrypt/ecc.h> /* ecc_fp_free */
+ #include <wolfssl/wolfcrypt/ecc.h> /* ecc_fp_free */
#endif
#if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
@@ -39,8 +39,8 @@
#include "wolfssl_MDK_ARM.h"
#endif
-#include <cyassl/ssl.h>
-#include <cyassl/test.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/test.h>
#ifndef NO_MAIN_DRIVER
#define ECHO_OUT
@@ -67,26 +67,26 @@
static void SignalReady(void* args, word16 port)
{
-#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+#if defined(NO_MAIN_DRIVER) && defined(WOLFSSL_COND)
/* signal ready to tcp_accept */
func_args* server_args = (func_args*)args;
tcp_ready* ready = server_args->signal;
- PTHREAD_CHECK_RET(pthread_mutex_lock(&ready->mutex));
+ THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
ready->ready = 1;
ready->port = port;
- PTHREAD_CHECK_RET(pthread_cond_signal(&ready->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&ready->mutex));
-#endif
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+#endif /* NO_MAIN_DRIVER && WOLFSSL_COND */
(void)args;
(void)port;
}
-THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
+THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
{
SOCKET_T sockfd = 0;
- CYASSL_METHOD* method = 0;
- CYASSL_CTX* ctx = 0;
+ WOLFSSL_METHOD* method = 0;
+ WOLFSSL_CTX* ctx = 0;
int ret = 0;
int doDTLS = 0;
@@ -97,7 +97,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
word16 port;
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
- char buffer[CYASSL_MAX_ERROR_SZ];
+ char buffer[WOLFSSL_MAX_ERROR_SZ];
#ifdef HAVE_TEST_SESSION_TICKET
MyTicketCtx myTicketCtx;
#endif
@@ -116,19 +116,19 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
((func_args*)args)->return_code = -1; /* error state */
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
doDTLS = 1;
#endif
#if (defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
- !defined(HAVE_ED448)) || defined(CYASSL_LEANPSK)
+ !defined(HAVE_ED448)) || defined(WOLFSSL_LEANPSK)
doPSK = 1;
#else
doPSK = 0;
#endif
-#if defined(NO_MAIN_DRIVER) && !defined(CYASSL_SNIFFER) && \
- !defined(WOLFSSL_MDK_SHELL) && !defined(CYASSL_TIRTOS) && \
+#if defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
+ !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS) && \
!defined(USE_WINDOWS_API)
/* Let tcp_listen assign port */
port = 0;
@@ -141,34 +141,34 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
useAnyAddr = 1;
#endif
-#ifdef CYASSL_TIRTOS
+#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
-#if defined(CYASSL_DTLS)
+#if defined(WOLFSSL_DTLS)
#ifdef WOLFSSL_DTLS13
method = wolfDTLSv1_3_server_method();
#elif !defined(WOLFSSL_NO_TLS12)
- method = CyaDTLSv1_2_server_method();
+ method = wolfDTLSv1_2_server_method();
#endif
#elif !defined(NO_TLS)
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
- method = CyaTLSv1_2_server_method();
+ method = wolfTLSv1_2_server_method();
#else
- method = CyaSSLv23_server_method();
+ method = wolfSSLv23_server_method();
#endif
#elif defined(WOLFSSL_ALLOW_SSLV3)
- method = CyaSSLv3_server_method();
+ method = wolfSSLv3_server_method();
#else
#error "no valid server method built in"
#endif
- ctx = CyaSSL_CTX_new(method);
- /* CyaSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_OFF); */
+ ctx = wolfSSL_CTX_new(method);
+ /* wolfSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_OFF); */
#ifdef WOLFSSL_ENCRYPTED_KEYS
- CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+ wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#ifdef HAVE_TEST_SESSION_TICKET
@@ -181,36 +181,36 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#ifndef NO_FILESYSTEM
if (doPSK == 0) {
- #if defined(HAVE_ECC) && !defined(CYASSL_SNIFFER)
+ #if defined(HAVE_ECC) && !defined(WOLFSSL_SNIFFER)
/* ecc */
- if (CyaSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)
+ if (wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
- if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)
+ if (wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
- #elif defined(HAVE_ED25519) && !defined(CYASSL_SNIFFER)
+ #elif defined(HAVE_ED25519) && !defined(WOLFSSL_SNIFFER)
/* ed25519 */
- if (CyaSSL_CTX_use_certificate_chain_file(ctx, edCertFile)
+ if (wolfSSL_CTX_use_certificate_chain_file(ctx, edCertFile)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
- if (CyaSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)
+ if (wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
- #elif defined(HAVE_ED448) && !defined(CYASSL_SNIFFER)
+ #elif defined(HAVE_ED448) && !defined(WOLFSSL_SNIFFER)
/* ed448 */
- if (CyaSSL_CTX_use_certificate_chain_file(ctx, ed448CertFile)
+ if (wolfSSL_CTX_use_certificate_chain_file(ctx, ed448CertFile)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
- if (CyaSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
+ if (wolfSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
@@ -218,12 +218,12 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
/* do nothing, just don't load cert files */
#else
/* normal */
- if (CyaSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)
+ if (wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert file, "
"Please run from wolfSSL home dir");
- if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)
+ if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key file, "
"Please run from wolfSSL home dir");
@@ -231,23 +231,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
} /* doPSK */
#elif !defined(NO_CERTS)
if (!doPSK) {
- if (CyaSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
+ if (wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1)
!= WOLFSSL_SUCCESS)
err_sys("can't load server cert buffer");
- if (CyaSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
+ if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1)
!= WOLFSSL_SUCCESS)
err_sys("can't load server key buffer");
}
#endif
-#if defined(CYASSL_SNIFFER)
+#if defined(WOLFSSL_SNIFFER)
/* Only set if not running testsuite */
if (XSTRSTR(argv[0], "testsuite") == NULL) {
/* don't use EDH, can't sniff tmp keys */
- CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
+ wolfSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
}
#endif
@@ -255,8 +255,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#ifndef NO_PSK
const char *defaultCipherList;
- CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
- CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+ wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+ wolfSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
#ifdef HAVE_NULL_CIPHER
defaultCipherList = "PSK-NULL-SHA256";
#elif defined(HAVE_AESGCM) && !defined(NO_DH)
@@ -278,7 +278,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#else
defaultCipherList = "PSK-AES128-CBC-SHA256";
#endif
- if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != WOLFSSL_SUCCESS)
+ if (wolfSSL_CTX_set_cipher_list(ctx, defaultCipherList) != WOLFSSL_SUCCESS)
err_sys("server can't set cipher list 2");
wolfSSL_CTX_set_psk_callback_ctx(ctx, (void*)defaultCipherList);
#endif
@@ -295,8 +295,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
SignalReady(args, port);
while (!shutDown) {
- CYASSL* ssl = NULL;
- CYASSL* write_ssl = NULL; /* may have separate w/ HAVE_WRITE_DUP */
+ WOLFSSL* ssl = NULL;
+ WOLFSSL* write_ssl = NULL; /* may have separate w/ HAVE_WRITE_DUP */
char command[SVR_COMMAND_SIZE+1];
int clientfd;
int firstRead = 1;
@@ -304,7 +304,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
int err = 0;
SOCKADDR_IN_T client;
socklen_t client_len = sizeof(client);
-#ifndef CYASSL_DTLS
+#ifndef WOLFSSL_DTLS
clientfd = accept(sockfd, (struct sockaddr*)&client,
(ACCEPT_THIRD_T)&client_len);
#else
@@ -323,23 +323,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#endif
if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed");
- ssl = CyaSSL_new(ctx);
+ ssl = wolfSSL_new(ctx);
if (ssl == NULL) err_sys("SSL_new failed");
- CyaSSL_set_fd(ssl, clientfd);
- #ifdef CYASSL_DTLS
+ wolfSSL_set_fd(ssl, clientfd);
+ #ifdef WOLFSSL_DTLS
wolfSSL_dtls_set_peer(ssl, &client, client_len);
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
- CyaSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
+ wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher than PSK */
#endif
do {
err = 0; /* Reset error */
- ret = CyaSSL_accept(ssl);
+ ret = wolfSSL_accept(ssl);
if (ret != WOLFSSL_SUCCESS) {
- err = CyaSSL_get_error(ssl, 0);
+ err = wolfSSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -350,9 +350,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
fprintf(stderr, "SSL_accept error = %d, %s\n", err,
- CyaSSL_ERR_error_string(err, buffer));
+ wolfSSL_ERR_error_string(err, buffer));
fprintf(stderr, "SSL_accept failed\n");
- CyaSSL_free(ssl);
+ wolfSSL_free(ssl);
CloseSocket(clientfd);
continue;
}
@@ -364,7 +364,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
write_ssl = wolfSSL_write_dup(ssl);
if (write_ssl == NULL) {
fprintf(stderr, "wolfSSL_write_dup failed\n");
- CyaSSL_free(ssl);
+ wolfSSL_free(ssl);
CloseSocket(clientfd);
continue;
}
@@ -377,9 +377,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
do {
err = 0; /* reset error */
- ret = CyaSSL_read(ssl, command, sizeof(command)-1);
+ ret = wolfSSL_read(ssl, command, sizeof(command)-1);
if (ret <= 0) {
- err = CyaSSL_get_error(ssl, 0);
+ err = wolfSSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -391,7 +391,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
if (ret <= 0) {
if (err != WOLFSSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_ZERO_RETURN){
fprintf(stderr, "SSL_read echo error %d, %s!\n", err,
- CyaSSL_ERR_error_string(err, buffer));
+ wolfSSL_ERR_error_string(err, buffer));
}
break;
}
@@ -421,7 +421,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
}
#ifdef PRINT_SESSION_STATS
if ( strncmp(command, "printstats", 10) == 0) {
- CyaSSL_PrintSessionStats();
+ wolfSSL_PrintSessionStats();
break;
}
#endif
@@ -440,9 +440,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
do {
err = 0; /* reset error */
- ret = CyaSSL_write(write_ssl, command, echoSz);
+ ret = wolfSSL_write(write_ssl, command, echoSz);
if (ret <= 0) {
- err = CyaSSL_get_error(write_ssl, 0);
+ err = wolfSSL_get_error(write_ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -453,7 +453,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
} while (err == WC_PENDING_E);
if (ret != echoSz) {
fprintf(stderr, "SSL_write get error = %d, %s\n", err,
- CyaSSL_ERR_error_string(err, buffer));
+ wolfSSL_ERR_error_string(err, buffer));
err_sys("SSL_write get failed");
}
break;
@@ -466,9 +466,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
do {
err = 0; /* reset error */
- ret = CyaSSL_write(write_ssl, command, echoSz);
+ ret = wolfSSL_write(write_ssl, command, echoSz);
if (ret <= 0) {
- err = CyaSSL_get_error(write_ssl, 0);
+ err = wolfSSL_get_error(write_ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -480,26 +480,26 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
if (ret != echoSz) {
fprintf(stderr, "SSL_write echo error = %d, %s\n", err,
- CyaSSL_ERR_error_string(err, buffer));
+ wolfSSL_ERR_error_string(err, buffer));
err_sys("SSL_write echo failed");
}
}
-#ifndef CYASSL_DTLS
- CyaSSL_shutdown(ssl);
+#ifndef WOLFSSL_DTLS
+ wolfSSL_shutdown(ssl);
#endif
#ifdef HAVE_WRITE_DUP
- CyaSSL_free(write_ssl);
+ wolfSSL_free(write_ssl);
#endif
- CyaSSL_free(ssl);
+ wolfSSL_free(ssl);
CloseSocket(clientfd);
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
SignalReady(args, port);
#endif
}
CloseSocket(sockfd);
- CyaSSL_CTX_free(ctx);
+ wolfSSL_CTX_free(ctx);
#ifdef ECHO_OUT
if (outCreated)
@@ -510,10 +510,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
&& defined(HAVE_THREAD_LS)
- ecc_fp_free(); /* free per thread cache */
+ wc_ecc_fp_free(); /* free per thread cache */
#endif
-#ifdef CYASSL_TIRTOS
+#ifdef WOLFSSL_TIRTOS
fdCloseSession(Task_self());
#endif
@@ -525,9 +525,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
wolfAsync_DevClose(&devId);
#endif
-#ifndef CYASSL_TIRTOS
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* !NO_WOLFSSL_SERVER */
@@ -551,15 +549,15 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
args.argv = argv;
args.return_code = 0;
- CyaSSL_Init();
-#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
- CyaSSL_Debugging_ON();
+ wolfSSL_Init();
+#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
+ wolfSSL_Debugging_ON();
#endif
ChangeToWolfRoot();
#ifndef NO_WOLFSSL_SERVER
echoserver_test(&args);
#endif
- CyaSSL_Cleanup();
+ wolfSSL_Cleanup();
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
diff --git a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj
index 47d27833..236888d8 100644
--- a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj
+++ b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -117,7 +117,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj
index 775ccc81..28bd2a83 100644
--- a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj
@@ -159,7 +159,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -218,7 +218,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -237,7 +237,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -259,7 +259,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -281,7 +281,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -302,7 +302,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/examples/include.am b/extra/wolfssl/wolfssl/examples/include.am
index 76f48161..4b7ad2f8 100644
--- a/extra/wolfssl/wolfssl/examples/include.am
+++ b/extra/wolfssl/wolfssl/examples/include.am
@@ -1,6 +1,7 @@
# vim:ft=automake
# All paths should be given relative to the root
+include examples/async/include.am
include examples/benchmark/include.am
include examples/client/include.am
include examples/echoclient/include.am
@@ -9,4 +10,5 @@ include examples/server/include.am
include examples/sctp/include.am
include examples/configs/include.am
include examples/asn1/include.am
+include examples/pem/include.am
EXTRA_DIST += examples/README.md
diff --git a/extra/wolfssl/wolfssl/examples/pem/include.am b/extra/wolfssl/wolfssl/examples/pem/include.am
new file mode 100644
index 00000000..ceb47f67
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/pem/include.am
@@ -0,0 +1,12 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLE_ASN1
+noinst_PROGRAMS += examples/pem/pem
+examples_pem_pem_SOURCES = examples/pem/pem.c
+examples_pem_pem_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
+examples_pem_pem_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
+endif
+
diff --git a/extra/wolfssl/wolfssl/examples/pem/pem.c b/extra/wolfssl/wolfssl/examples/pem/pem.c
new file mode 100644
index 00000000..61d7e1ae
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/pem/pem.c
@@ -0,0 +1,1044 @@
+/* pem.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#ifndef WOLFSSL_USER_SETTINGS
+ #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/coding.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/wc_encrypt.h>
+#ifdef DEBUG_WOLFSSL
+ #include <wolfssl/wolfcrypt/logging.h>
+#endif
+#include <stdio.h>
+
+#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
+
+/* Increment allocated data by this much. */
+#define DATA_INC_LEN 256
+/* Maximum block size of a cipher. */
+#define BLOCK_SIZE_MAX 16
+/* Maximum PEM type string length. */
+#define PEM_TYPE_MAX_LEN 32
+/* Maximum salt length. */
+#define SALT_MAX_LEN 64
+/* Default PBE iterations. */
+#define DEFAULT_ITERATIONS 100000
+
+/* Maps a string to a value. */
+typedef struct Str2Val {
+ /* String to be matched. */
+ const char* string;
+ /* Corresponding value. */
+ int val;
+} String2Val;
+
+/* Get the value corresponding to the string.
+ *
+ * @param [in] map Map of strings to values.
+ * @param [in] len Number of entries in map.
+ * @param [in] str String to look-up.
+ * @param [out] val Value corresponding to string.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int StringToVal(const String2Val* map, int len, const char* str,
+ int* val)
+{
+ int ret = 1;
+ int i;
+
+ for (i = 0; i < len; i++) {
+ if (strcmp(str, map[i].string) == 0) {
+ *val = map[i].val;
+ ret = 0;
+ break;
+ }
+ }
+
+ return ret;
+}
+
+/* Read the contents of a file into a dynamically allocated buffer.
+ *
+ * Uses realloc as input may be stdin.
+ *
+ * @param [in] fp File pointer to read from.
+ * @param [out] pdata Pointer to data.
+ * @param [out] plen Pointer to length.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int pemApp_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
+{
+ int ret = 0;
+ word32 len = 0;
+ size_t read_len;
+ /* Allocate a minimum amount. */
+ unsigned char* data = (unsigned char*)malloc(DATA_INC_LEN + BLOCK_SIZE_MAX);
+
+ if (data != NULL) {
+ /* Read more data. */
+ while ((read_len = fread(data + len, 1, DATA_INC_LEN, fp)) != 0) {
+ unsigned char* p;
+
+ /* Add read data amount to length. */
+ len += (word32)read_len;
+
+ /* Stop if we are at end-of-file. */
+ if (feof(fp)) {
+ break;
+ }
+
+ /* Make space for more data to be added to buffer. */
+ p = (unsigned char*)realloc(data, len + DATA_INC_LEN +
+ BLOCK_SIZE_MAX);
+ if (p == NULL) {
+ /* Reallocation failed - free current buffer. */
+ free(data);
+ data = NULL;
+ break;
+ }
+ /* Set data to new pointer. */
+ data = p;
+ }
+ /* Done with file. */
+ fclose(fp);
+ }
+
+ if (data != NULL) {
+ /* Return data and length. */
+ *pdata = data;
+ *plen = len;
+ }
+ else {
+ /* Failed to allocate data. */
+ ret = MEMORY_E;
+ }
+ return ret;
+}
+
+/* Write the data to the file.
+ *
+ * @param [in] fp File pointer to write to.
+ * @param [in] data Data to write.
+ * @param [in] len Length of data to write in bytes.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int WriteFile(FILE* fp, const char* data, word32 len)
+{
+ int ret = 0;
+
+ /* Write data to file. */
+ if (fwrite(data, 1, len, fp) != len) {
+ /* Not all data was written. */
+ fprintf(stderr, "Failed to write\n");
+ ret = 1;
+ }
+ /* Close file. */
+ fclose(fp);
+
+ return ret;
+}
+
+/* List of known PEM types. */
+static const String2Val type_map[] = {
+ { "CERTIFICATE" , CERT_TYPE },
+#ifdef WOLFSSL_CERT_REQ
+ { "CERTIFICATE REQUEST" , CERTREQ_TYPE },
+#endif
+#ifndef NO_DH
+ { "DH PARAMETERS" , DH_PARAM_TYPE },
+ { "X9.42 DH PARAMETERS" , X942_PARAM_TYPE },
+#endif
+#ifndef NO_DSA
+ { "DSA PARAMETERS" , DSA_PARAM_TYPE },
+#endif
+#ifdef HAVE_CRL
+ { "X509 CRL" , CRL_TYPE },
+#endif
+ { "RSA PRIVATE KEY" , RSA_TYPE },
+ { "RSA PUBLIC KEY" , RSA_PUBLICKEY_TYPE },
+ { "PRIVATE KEY" , PKCS8_PRIVATEKEY_TYPE },
+ { "ENCRYPTED PRIVATE KEY", PKCS8_ENC_PRIVATEKEY_TYPE },
+#ifdef HAVE_ECC
+ { "EC PRIVATE KEY" , ECC_PRIVATEKEY_TYPE },
+#ifdef OPENSSL_EXTRA
+ { "EC PARAMETERS" , ECC_PARAM_TYPE },
+#endif /* OPENSSL_EXTRA */
+#endif /* HAVE_ECC */
+#ifndef NO_DSA
+ { "DSA PRIVATE KEY" , DSA_PRIVATEKEY_TYPE },
+#endif
+ { "PUBLIC KEY" , ECC_PUBLICKEY_TYPE },
+#if defined(HAVE_ED25519) || defined(HAVE_ED448)
+ { "EDDSA PRIVATE KEY" , EDDSA_PRIVATEKEY_TYPE },
+#endif
+};
+/* Number of entries in PEM type map. */
+#define TYPE_MAP_LEN ((int)(sizeof(type_map) / sizeof(*type_map)))
+
+/* Convert string to PEM type value.
+ *
+ * @param [in] str PEM type as a string.
+ * @param [out] type PEM type as a value.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int StringToType(const char* str, int* type)
+{
+ int ret = StringToVal(type_map, TYPE_MAP_LEN, str, type);
+ if (ret == 1) {
+ fprintf(stderr, "String doesn't match known PEM types: %s\n", str);
+ }
+ return ret;
+}
+
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+/* Password callback for returning the password set in the user data.
+ *
+ * @param [out] passwd Password buffer.
+ * @param [in] sz Size of password buffer.
+ * @param [in] rw Ignored.
+ * @param [in] userdata Data associated with callback in EncryptedInfo.
+ * @return Length of password.
+ */
+static int password_from_userdata(char* passwd, int sz, int rw, void* userdata)
+{
+ (void)rw;
+ /* Copy user data into buffer. */
+ strncpy(passwd, (const char*)userdata, (size_t)sz);
+ passwd[sz - 1] = '\0';
+ /* Return length of password returned. */
+ return (int)XSTRLEN((const char*)passwd);
+}
+#endif
+
+/* Find needle in haystack.
+ *
+ * @param [in] haystack String to find needle in.
+ * @param [in] offset Offset into haystack to start looking.
+ * @param [in] len Length of haystack.
+ * @param [in] needle String to find in haystack.
+ * @param [in] needle_len Length of string to find.
+ * @param [out] needle_offset Offset into haystack at which needle was found.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int FindStr(char* haystack, word32 offset, word32 len,
+ const char* needle, word32 needle_len, word32* needle_offset)
+{
+ /* Assume failure. */
+ int ret = 1;
+ word32 i;
+
+ /* Ensure there is enough space for needle. */
+ if (len >= needle_len) {
+ /* Look through haystack starting at offset until not enough space for
+ * needle. */
+ for (i = offset; i <= len - needle_len; i++) {
+ /* Check if needle found. */
+ if ((haystack[i] == needle[0]) &&
+ (strncmp(haystack + i, needle, needle_len) == 0)) {
+ /* Return offset at which needle found. */
+ *needle_offset = i;
+ /* Return success. */
+ ret = 0;
+ /* Stop looking. */
+ break;
+ }
+ }
+ }
+
+ return ret;
+}
+
+/* Find the next PEM block.
+ *
+ * @param [in] data PEM data.
+ * @param [in] offset Offset into data to start looking.
+ * @param [in] len Length of PEM data.
+ * @param [out] start Start of Base64 encoding.
+ * @param [out] end End of Base64 encoding.
+ * @param [out] type PEM type.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int FindPem(char* data, word32 offset, word32 len, word32* start,
+ word32* end, int* type)
+{
+ int ret = 0;
+ word32 i;
+ word32 type_off;
+ char str[PEM_TYPE_MAX_LEN];
+
+ /* Find header. */
+ ret = FindStr(data, offset, len, "-----BEGIN ", 11, &i);
+ if (ret == 1) {
+ /* Got to end without finding PEM header. */
+ fprintf(stderr, "No PEM header found\n");
+ }
+ if (ret == 0) {
+ /* Return start of PEM. */
+ *start = i;
+ /* Get start of type. */
+ type_off = i + 11;
+
+ /* Confirm header. */
+ ret = FindStr(data, i + 11, len, "-----", 5, &i);
+ if (ret == 1) {
+ /* Got to end without finding rest of PEM header. */
+ fprintf(stderr, "Invalid PEM header\n");
+ }
+ }
+ if (ret == 0) {
+ /* Found end of header - convert type string to value. */
+ word32 type_len = i - type_off;
+ if (type_len >= PEM_TYPE_MAX_LEN) {
+ ret = 1;
+ }
+ if (ret == 0) {
+ if (type_len > 0)
+ memcpy(str, data + type_off, type_len);
+ str[type_len] = '\0';
+ ret = StringToType(str, type);
+ }
+ }
+ if (ret == 0) {
+ /* Find footer. */
+ ret = FindStr(data, i + 5, len, "-----END ", 9, &i);
+ if (ret == 1) {
+ /* Got to end without finding PEM footer. */
+ fprintf(stderr, "No PEM footer found\n");
+ }
+ }
+ if (ret == 0) {
+ /* Confirm header. */
+ ret = FindStr(data, i + 9, len, "-----", 5, &i);
+ if (ret == 1) {
+ /* Got to end without finding rest of PEM footer. */
+ fprintf(stderr, "Invalid PEM footer\n");
+ }
+ }
+ if (ret == 0) {
+ /* Return end of */
+ *end = i + 6;
+ }
+
+ return ret;
+}
+
+/* Convert PEM to DER and write to file.
+ *
+ * @param [in] in Array of characters that is the PEM data.
+ * @param [in] offset Offset into array to start looking for PEM block.
+ * @param [in] len Length of data in array in bytes.
+ * @param [out] der Buffer holding DER encoded data.
+ * @param [in] type PEM type. -1 indicates to determine from array.
+ * @param [in] info Encryption information.
+ * @return 0 on success.
+ * @return Not 0 on failure.
+ */
+static int ConvPemToDer(char* in, word32 offset, word32 len, DerBuffer** der,
+ int type, EncryptedInfo* info, int padding)
+{
+ int ret = 0;
+ word32 start = 0;
+ word32 end = 0;
+ /* Set point to start looking and length. */
+ char* pem = in + offset;
+ word32 pem_len = len - offset;
+
+ /* Check if we need to discover PEM type. */
+ if ((ret == 0) && (type == -1)) {
+ /* Find PEM block and type. */
+ ret = FindPem(pem, 0, pem_len, &start, &end, &type);
+ if (ret != 0) {
+ fprintf(stderr, "Could not find PEM header\n");
+ }
+ /* Update start pointer and length. */
+ pem += start;
+ pem_len = end - start;
+ }
+ if (ret == 0) {
+ /* Convert to DER. */
+ ret = wc_PemToDer((unsigned char*)pem, pem_len, type, der, NULL, info,
+ NULL);
+ if (ret != 0) {
+ fprintf(stderr, "Could not convert PEM to DER\n");
+ }
+ }
+ /* Remove padding from encryption if requested. */
+ if ((ret == 0) && padding) {
+ unsigned char pad = (*der)->buffer[(*der)->length - 1];
+ word32 i;
+
+ /* Simple padding validation. */
+ if ((pad == 0) || (pad > (*der)->length)) {
+ fprintf(stderr, "Invalid padding: %02x\n", pad);
+ ret = 1;
+ }
+ else {
+ /* Check padding is valid. */
+ for (i = 1; i < pad; i++) {
+ if ((*der)->buffer[(*der)->length - 1 - i] != pad) {
+ fprintf(stderr, "Invalid padding: %d\n", pad);
+ ret = 1;
+ break;
+ }
+ }
+ if (ret == 0) {
+ /* Don't write out padding. */
+ (*der)->length -= pad;
+ }
+ }
+ }
+
+ return ret;
+}
+
+#ifdef WOLFSSL_DER_TO_PEM
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+/* List of known PBE algorithms. */
+static const String2Val pbe_map[] = {
+#ifndef NO_SHA
+ #ifndef NO_RC4
+ { "SHA1_RC4_128" , ENC_PKCS8_PBE_SHA1_RC4_128 },
+ #endif
+ #ifndef NO_DES
+ { "SHA1_DES3" , ENC_PKCS8_PBE_SHA1_DES3 },
+ { "PBES1_SHA1_DES", ENC_PKCS8_PBES1_SHA1_DES },
+ #endif
+ #ifdef WC_RC2
+ { "SHA1_40RC2_CBC", ENC_PKCS8_PBE_SHA1_40RC2_CBC },
+ #endif
+#endif
+#ifndef NO_MD5
+ #ifndef NO_DES
+ { "PBES1_MD5_DES" , ENC_PKCS8_PBES1_MD5_DES },
+ #endif
+#endif
+ { "PBES2" , ENC_PKCS8_PBES2 },
+};
+/* Number of entries in PBE map. */
+#define PBE_MAP_LEN ((int)(sizeof(pbe_map) / sizeof(*pbe_map)))
+
+/* Convert string to PBE value.
+ *
+ * @param [in] str PBE as a string.
+ * @param [out] pbe PBE as a value.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int StringToPbe(char* str, int* pbe)
+{
+ int ret = StringToVal(pbe_map, PBE_MAP_LEN, str, pbe);
+ if (ret == 1) {
+ fprintf(stderr, "String doesn't match known PBE algorithms: %s\n", str);
+ }
+ return ret;
+}
+
+/* List of known PBE versions. */
+static const String2Val pbe_ver_map[] = {
+ { "PKCS12" , ENC_PKCS8_VER_PKCS12 },
+ { "PKCS12v1", ENC_PKCS8_VER_PKCS12 },
+ { "PKCS5" , ENC_PKCS8_VER_PKCS5 },
+};
+/* Number of entries in PBE versions map. */
+#define PBE_VER_MAP_LEN ((int)(sizeof(pbe_ver_map) / sizeof(*pbe_ver_map)))
+
+/* Convert string to PBE version value.
+ *
+ * @param [in] str PBE version as a string.
+ * @param [out] pbe_ver PBE version as a value.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int StringToPbeVer(char* str, int* pbe_ver)
+{
+ int ret = StringToVal(pbe_ver_map, PBE_VER_MAP_LEN, str, pbe_ver);
+ if (ret == 1) {
+ fprintf(stderr, "String doesn't match known PBE versions: %s\n", str);
+ }
+ return ret;
+}
+
+/* List of known PKCS#5v2 PBE encryption algorithms. */
+static const String2Val pbe_alg_map[] = {
+ { "AES-128-CBC", ENC_PKCS8_ALG_AES128CBC },
+ { "AES-256-CBC", ENC_PKCS8_ALG_AES256CBC },
+ { "DES" , ENC_PKCS8_ALG_DES },
+ { "DES3" , ENC_PKCS8_ALG_DES3 },
+};
+/* Number of entries in PBE algorithm map. */
+#define PBE_ALG_MAP_LEN ((int)(sizeof(pbe_alg_map) / sizeof(*pbe_alg_map)))
+
+/* Convert string to PBE algorithm value.
+ *
+ * @param [in] str PBE algorithm as a string.
+ * @param [out] pbe_alg PBE algorithm as a value.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int StringToPbeAlg(char* str, int* pbe_alg)
+{
+ int ret = StringToVal(pbe_alg_map, PBE_ALG_MAP_LEN, str, pbe_alg);
+ if (ret == 1) {
+ fprintf(stderr, "String doesn't match known PBE algorithms: %s\n", str);
+ }
+ return ret;
+}
+
+/* Encrypt the DER data.
+ *
+ * @param [in] in DER data to encrypt.
+ * @param [in] in_len Length of DER data.
+ * @param [in] password Password to use to derive key for encryption.
+ * @param [in] iterations Number of iterations in PBE.
+ * @param [in] salt_sz Size of salt to use in bytes.
+ * @param [in] pbe PBE algorithm to use.
+ * @param [in] pbe_ver Version of PBE algorithm to use.
+ * @param [in] enc_alg_id Encryption algorithm id for when using PBES2.
+ * @param [out] enc DER encrypted data.
+ * @param [out] enc_len Length of DER encrypted data.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+static int EncryptDer(unsigned char* in, word32 in_len, char* password,
+ unsigned int iterations, unsigned int salt_sz, int pbe, int pbe_ver,
+ int enc_alg_id, unsigned char** enc, word32* enc_len)
+{
+ int ret;
+ WC_RNG rng;
+ unsigned char salt[SALT_MAX_LEN];
+
+ if (password == NULL)
+ return 1;
+
+ XMEMSET(&rng, 0, sizeof(rng));
+
+ /* Create a random number generator. */
+ ret = wc_InitRng(&rng);
+ if (ret == 0) {
+ /* Get salt from random number generator. */
+ ret = wc_RNG_GenerateBlock(&rng, salt, salt_sz);
+ }
+ if (ret == 0) {
+ /* Get length of encrypted DER data. */
+ ret = wc_CreateEncryptedPKCS8Key(in, in_len, NULL, enc_len, password,
+ (int)strlen(password), pbe_ver, pbe, enc_alg_id, salt, salt_sz,
+ (int)iterations, &rng, NULL);
+ if (ret == LENGTH_ONLY_E) {
+ ret = 0;
+ }
+ else if (ret == 0) {
+ ret = 1;
+ }
+ }
+ if (ret == 0) {
+ /* Allocate memory for encrypted DER data. */
+ *enc = (unsigned char*)malloc(*enc_len);
+ if (*enc == NULL) {
+ ret = 1;
+ }
+ }
+ if (ret == 0) {
+ /* Encrypt DER data. */
+ ret = wc_CreateEncryptedPKCS8Key(in, in_len, *enc, enc_len, password,
+ (int)strlen(password), pbe_ver, pbe, enc_alg_id, salt, salt_sz,
+ (int)iterations, &rng, NULL);
+ if (ret > 0) {
+ ret = 0;
+ }
+ }
+
+ wc_FreeRng(&rng);
+ return ret;
+}
+#endif
+
+/* Convert DER to PEM and write to file.
+ *
+ * @param [in] in Array of bytes holding the DER encoding.
+ * @param [in] offset Offset into array of data to convert to PEM.
+ * @param [in] len Length of data in array in bytes.
+ * @param [out] out Allocated buffer holding PEM encoding.
+ * @param [out] out_len Length of PEM encoding in bytes.
+ * @param [in] type PEM type.
+ * @param [in] cipher_str String to write into encrypted key.
+ * @return 0 on success.
+ * @return Not 0 on failure.
+ */
+static int ConvDerToPem(unsigned char* in, word32 offset, word32 len,
+ unsigned char** out, word32* out_len, int type, const char* cipher_str)
+{
+ int ret = 0;
+ unsigned char* pem = NULL;
+ unsigned int pem_len = 0;
+ /* Set point to start looking and length. */
+ unsigned char* der = in + offset;
+ word32 der_len = len - offset;
+
+ /* Get length of PEM based on DER. */
+ ret = wc_DerToPemEx(der, der_len, NULL, 0, (byte*)cipher_str, type);
+ if (ret <= 0) {
+ fprintf(stderr, "Could not determine length of PEM\n");
+ }
+ pem_len = (unsigned int)ret;
+ if (ret > 0) {
+ ret = 0;
+ }
+ if ((ret == 0) && (pem_len > 0)) {
+ /* Allocate memory to hold PEM encoding. */
+ pem = (unsigned char*)malloc(pem_len);
+ if (pem == NULL) {
+ ret = 1;
+ }
+ }
+ if (ret == 0) {
+ /* Convert DER to PEM. */
+ ret = wc_DerToPemEx(der, der_len, pem, pem_len, (byte*)cipher_str,
+ type);
+ if (ret <= 0) {
+ fprintf(stderr, "Could not convert DER to PEM\n");
+ free(pem);
+ }
+ if (ret > 0) {
+ *out = pem;
+ *out_len = (word32)ret;
+ ret = 0;
+ }
+ }
+
+ return ret;
+}
+#endif
+
+/* Usage lines to show. */
+const char* usage[] = {
+ "pem [OPTION]...",
+ "Convert to/from PEM and DER.",
+ "",
+ "Options:",
+ " -?, --help display this help and exit",
+ " -t --type string representing type of data",
+ " -in name of file to read (uses stdin otherwise)",
+ " -out name of file to write to (uses stdout otherwise)",
+ " -o --offset offset into file where data to convert starts",
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+ " -p --pass password to use with encrypted keys",
+#endif
+#ifdef WOLFSSL_DER_TO_PEM
+ " -d --der input is DER and output is PEM",
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+ " --padding Remove padding on decrypted data",
+ " -e --encrypt DER key is to be encrypted",
+ " -v --pbe-ver PBE version to use when encrypting key (see below)",
+ " -p --pbe PBE to use when encrypting key (see below)",
+ " -a --pbe-alg PBES2 algorithm to use when encrypting key (see below)",
+ " -i --iter number of iterations of PBE - default: 100000",
+ " -s --salt-sz length, in bytes, of salt to generate - 0-64",
+#endif
+#endif
+#ifdef DEBUG_WOLFSSL
+ " -l --log turn on wolfSSL logging",
+#endif
+ "",
+};
+/* Number of usage lines. */
+#define USAGE_SZ ((int)(sizeof(usage) / sizeof(*usage)))
+
+const struct string_usage_st {
+ const char* str;
+ const String2Val* map;
+ int len;
+} known_strings[] = {
+ { "Known PEM header/trailer strings:", type_map , TYPE_MAP_LEN },
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+ !defined(NO_PWDBASED)
+ { "Known PBE version strings:" , pbe_ver_map, PBE_VER_MAP_LEN },
+ { "Known PBE strings:" , pbe_map , PBE_MAP_LEN },
+ { "Known PBES2 algorithm strings:" , pbe_alg_map, PBE_ALG_MAP_LEN },
+#endif
+};
+/* Number of usage lines. */
+#define KNOWN_STRINGS_SZ \
+ ((int)(sizeof(known_strings) / sizeof(*known_strings)))
+
+/* Print out usage lines.
+ */
+static void Usage(void)
+{
+ int i;
+ int j;
+
+ /* Usage lines. */
+ for (i = 0; i < USAGE_SZ; i++) {
+ printf("%s\n", usage[i]);
+ }
+ /* Known strings for options. */
+ for (j = 0; j < KNOWN_STRINGS_SZ; j++) {
+ printf("%s\n", known_strings[j].str);
+ for (i = 0; i < known_strings[j].len; i++) {
+ printf(" %s\n", known_strings[j].map[i].string);
+ }
+ }
+}
+
+/* Main entry of ASN.1 printing program.
+ *
+ * @param [in] argc Count of command line arguments.
+ * @param [in] argv Command line arguments.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+int main(int argc, char* argv[])
+{
+ int ret = 0;
+ /* Default to reading STDIN. */
+ FILE* in_file = stdin;
+ /* Default to writing to STDOUT. */
+ FILE* out_file = stdout;
+ const char* out_name = NULL;
+ unsigned char* in = NULL;
+ word32 in_len = 0;
+ word32 offset = 0;
+ unsigned char* out = NULL;
+ word32 out_len = 0;
+ int pem = 1;
+ const char* type_str = NULL;
+ int type = -1;
+ DerBuffer* der = NULL;
+ EncryptedInfo info;
+ int padding = 0;
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+ !defined(NO_PWDBASED)
+ int enc_der = 0;
+ unsigned char* enc = NULL;
+ word32 enc_len = 0;
+ unsigned int iterations = DEFAULT_ITERATIONS;
+ unsigned int salt_sz = 8;
+ int pbe_ver = ENC_PKCS8_VER_PKCS5;
+ int pbe = ENC_PKCS8_PBES2;
+ int pbe_alg = ENC_PKCS8_ALG_AES256CBC;
+#endif
+#ifdef DEBUG_WOLFSSL
+ int log = 0;
+#endif
+
+ memset(&info, 0, sizeof(info));
+
+ /* Skip over program name. */
+ argc--;
+ argv++;
+ while (argc > 0) {
+ /* PEM header type. */
+ if ((strcmp(argv[0], "-t") == 0) ||
+ (strcmp(argv[0], "--type") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No type string provided\n");
+ return 1;
+ }
+ type_str = argv[0];
+ }
+ /* Name of input file. */
+ else if (strcmp(argv[0], "-in") == 0) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No filename provided\n");
+ return 1;
+ }
+ in_file = fopen(argv[0], "r");
+ if (in_file == NULL) {
+ fprintf(stderr, "File not able to be read: %s\n", argv[0]);
+ return 1;
+ }
+ }
+ /* Name of output file. */
+ else if (strcmp(argv[0], "-out") == 0) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No filename provided\n");
+ return 1;
+ }
+ out_name = argv[0];
+ }
+ /* Offset into input data to start from. */
+ else if ((strcmp(argv[0], "-o") == 0) ||
+ (strcmp(argv[0], "--offset") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No filename provided\n");
+ return 1;
+ }
+ offset = (word32)strtoul(argv[0], NULL, 10);
+ }
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+ /* Password to use when encrypting or decrypting keys with PEM. */
+ else if ((strcmp(argv[0], "-p") == 0) ||
+ (strcmp(argv[0], "--pass") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No password provided\n");
+ return 1;
+ }
+ info.passwd_cb = password_from_userdata;
+ info.passwd_userdata = argv[0];
+ }
+#endif
+#ifdef WOLFSSL_DER_TO_PEM
+ /* Input is DER and we are converting to PEM. */
+ else if ((strcmp(argv[0], "-d") == 0) ||
+ (strcmp(argv[0], "--der") == 0)) {
+ pem = 0;
+ }
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+ /* Remove padding leftover from decryption. */
+ else if (strcmp(argv[0], "--padding") == 0) {
+ padding = 1;
+ }
+ /* Encrypting the DER data. */
+ else if ((strcmp(argv[0], "-e") == 0) ||
+ (strcmp(argv[0], "--encrypt") == 0)) {
+ enc_der = 1;
+ }
+ /* PBE version. */
+ else if ((strcmp(argv[0], "-v") == 0) ||
+ (strcmp(argv[0], "--pbe-ver") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No PBE version provided\n");
+ return 1;
+ }
+ if (StringToPbeVer(argv[0], &pbe_ver) != 0) {
+ return 1;
+ }
+ }
+ /* PBE algorithm. */
+ else if ((strcmp(argv[0], "-p") == 0) ||
+ (strcmp(argv[0], "--pbe") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No PBE provided\n");
+ return 1;
+ }
+ if (StringToPbe(argv[0], &pbe) != 0) {
+ return 1;
+ }
+ }
+ /* PBES2 algorithm. */
+ else if ((strcmp(argv[0], "-a") == 0) ||
+ (strcmp(argv[0], "--pbe-alg") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No PBE algorithm provided\n");
+ return 1;
+ }
+ if (StringToPbeAlg(argv[0], &pbe_alg) != 0) {
+ return 1;
+ }
+ }
+ /* Number of PBE iterations. */
+ else if ((strcmp(argv[0], "-i") == 0) ||
+ (strcmp(argv[0], "--iter") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No filename provided\n");
+ return 1;
+ }
+ iterations = (unsigned int)strtoul(argv[0], NULL, 10);
+ }
+ /* Size of salt to be generated. */
+ else if ((strcmp(argv[0], "-s") == 0) ||
+ (strcmp(argv[0], "--salt-sz") == 0)) {
+ argc--;
+ argv++;
+ if (argc == 0) {
+ fprintf(stderr, "No salt size provided\n");
+ return 1;
+ }
+ salt_sz = (unsigned int)strtoul(argv[0], NULL, 10);
+ if (salt_sz > SALT_MAX_LEN) {
+ fprintf(stderr, "Salt size must be no bigger than %d: %d\n",
+ SALT_MAX_LEN, salt_sz);
+ return 1;
+ }
+ }
+#endif /* WOLFSSL_ENCRYPTED_KEYS !NO_PWDBASED */
+#endif /* WOLFSSL_DER_TO_PEM */
+#ifdef DEBUG_WOLFSSL
+ /* Turn on logging. */
+ else if ((strcmp(argv[0], "-l") == 0) ||
+ (strcmp(argv[0], "--log") == 0)) {
+ log = 1;
+ }
+#endif
+ /* Display help/usage. */
+ else if ((strcmp(argv[0], "-?") == 0) ||
+ (strcmp(argv[0], "--help") == 0)) {
+ Usage();
+ return 0;
+ }
+ else {
+ fprintf(stderr, "Bad option: %s\n", argv[0]);
+ Usage();
+ return 1;
+ }
+
+ /* Move on to next command line argument. */
+ argc--;
+ argv++;
+ }
+
+#ifdef DEBUG_WOLFSSL
+ if (log) {
+ wolfSSL_Debugging_ON();
+ }
+#endif
+
+ /* Convert PEM type string to value. */
+ if (type_str != NULL) {
+ ret = StringToType(type_str, &type);
+ }
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+ !defined(NO_PWDBASED)
+ /* Check whether we are encrypting DER. */
+ if ((!pem) && (type == PKCS8_ENC_PRIVATEKEY_TYPE)) {
+ enc_der = 1;
+ }
+#endif
+ /* Read all of PEM file. */
+ if ((ret == 0) && (pemApp_ReadFile(in_file, &in, &in_len) != 0)) {
+ fprintf(stderr, "Reading file failed\n");
+ ret = 1;
+ }
+
+ if ((ret == 0) && pem) {
+ /* Convert PEM to DER. */
+ ret = ConvPemToDer((char*)in, offset, in_len, &der, type, &info,
+ padding);
+ if (ret == 0) {
+ out = der->buffer;
+ out_len = der->length;
+ }
+ }
+ else {
+#ifdef WOLFSSL_DER_TO_PEM
+ #if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+ if (enc_der) {
+ /* Encrypt DER first. */
+ ret = EncryptDer(in + offset, in_len - offset,
+ (char*)info.passwd_userdata, iterations, salt_sz, pbe, pbe_ver,
+ pbe_alg, &enc, &enc_len);
+ if (ret == 0) {
+ /* Convert encrypted DER data to PEM. */
+ ret = ConvDerToPem(enc, 0, enc_len, &out, &out_len, type,
+ NULL);
+ }
+ }
+ else
+ #endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
+ {
+ /* Convert DER data to PEM. */
+ ret = ConvDerToPem(in, offset, in_len, &out, &out_len, type, NULL);
+ }
+#else
+ fprintf(stderr, "DER to PEM not supported by wolfSSL\n");
+ ret = 1;
+#endif
+ }
+
+ if ((ret == 0) && (out_name != NULL)) {
+ /*Open write named file to write to. */
+ out_file = fopen(out_name, "w");
+ if (out_file == NULL) {
+ fprintf(stderr, "File not able to be written: %s\n", out_name);
+ ret = 1;
+ }
+ }
+ if (ret == 0) {
+ /* Write out PEM. */
+ ret = WriteFile(out_file, out ? (const char *)out : "", out_len);
+ if (ret != 0) {
+ fprintf(stderr, "Could not write file\n");
+ }
+ }
+
+ /* Dispose of allocated data. */
+ if (der != NULL) {
+ wc_FreeDer(&der);
+ }
+ else if (out != NULL) {
+ free(out);
+ }
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+ !defined(NO_PWDBASED)
+ if (enc != NULL) {
+ free(enc);
+ }
+#endif
+ if (in != NULL) {
+ free(in);
+ }
+ if (ret < 0) {
+ fprintf(stderr, "%s\n", wc_GetErrorString(ret));
+ }
+ return (ret == 0) ? 0 : 1;
+}
+
+#else
+
+/* Main entry of ASN.1 printing program.
+ *
+ * @param [in] argc Count of command line arguments.
+ * @param [in] argv Command line arguments.
+ * @return 0 on success.
+ * @return 1 on failure.
+ */
+int main(int argc, char* argv[])
+{
+ (void)argc;
+ (void)argv;
+ fprintf(stderr, "PEM to DER conversion of file system support not compiled"
+ " in.\n");
+ return 0;
+}
+
+#endif /* WOLFSSL_PEM_TO_DER && !NO_FILESYSTEM */
diff --git a/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c b/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c
index dcc42653..d38f5579 100644
--- a/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c
+++ b/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c
@@ -27,7 +27,7 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
/* sctp */
#include <sys/socket.h>
#include <sys/types.h>
@@ -47,13 +47,13 @@ static int err_sys(const char* msg)
perror(msg);
exit(EXIT_FAILURE);
}
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
int main(int argc, char **argv)
{
(void)argc;
(void)argv;
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP);
if (sd < 0)
@@ -126,7 +126,7 @@ int main(int argc, char **argv)
wolfSSL_CTX_free(ctx);
close(sd);
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
return 0;
}
diff --git a/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c b/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c
index 802b7d40..c02522f2 100644
--- a/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c
+++ b/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c
@@ -26,7 +26,7 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
/* sctp */
#include <sys/socket.h>
#include <sys/types.h>
@@ -47,13 +47,13 @@ static int err_sys(const char* msg)
perror(msg);
exit(EXIT_FAILURE);
}
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
int main(int argc, char **argv)
{
(void)argc;
(void)argv;
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP);
if (sd < 0)
@@ -125,6 +125,6 @@ int main(int argc, char **argv)
wolfSSL_CTX_free(ctx);
close(sd);
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
return 0;
}
diff --git a/extra/wolfssl/wolfssl/examples/server/server.c b/extra/wolfssl/wolfssl/examples/server/server.c
index 9b695a44..c88f3759 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.c
+++ b/extra/wolfssl/wolfssl/examples/server/server.c
@@ -148,8 +148,16 @@ int catastrophic = 0; /* Use with -x flag to still exit when an error is
* cert to send to clients attempting to connect. The
* server should error out completely in that case
*/
+static int quieter = 0; /* Print fewer messages. This is helpful with overly
+ * ambitious log parsers. */
static int lng_index = 0;
+#define LOG_ERROR(...) \
+ do { \
+ if (!quieter) \
+ fprintf(stderr, __VA_ARGS__); \
+ } while(0)
+
#ifdef WOLFSSL_CALLBACKS
#if !defined(NO_OLD_TIMEVAL_NAME)
Timeval srvTo;
@@ -186,8 +194,8 @@ static int lng_index = 0;
static void err_sys_ex(int out, const char* msg)
{
if (out == 1) { /* if server is running w/ -x flag, print error w/o exit */
- fprintf(stderr, "wolfSSL error: %s\n", msg);
- fprintf(stderr, "Continuing server execution...\n\n");
+ LOG_ERROR("wolfSSL error: %s\n", msg);
+ LOG_ERROR("Continuing server execution...\n\n");
} else {
err_sys(msg);
}
@@ -448,7 +456,7 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
err != WOLFSSL_ERROR_WANT_WRITE &&
err != WOLFSSL_ERROR_ZERO_RETURN &&
err != APP_DATA_READY) {
- fprintf(stderr, "SSL_read echo error %d\n", err);
+ LOG_ERROR("SSL_read echo error %d\n", err);
err_sys_ex(runWithErrors, "SSL_read failed");
break;
}
@@ -483,7 +491,7 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
}
} while (err == WC_PENDING_E);
if (ret != (int)min(len, rx_pos)) {
- fprintf(stderr, "SSL_write echo error %d\n", err);
+ LOG_ERROR("SSL_write echo error %d\n", err);
err_sys_ex(runWithErrors, "SSL_write failed");
}
@@ -557,7 +565,7 @@ static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
#endif
#ifdef WOLFSSL_DTLS
if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
- fprintf(stderr, "Dropped client's message due to a bad MAC\n");
+ LOG_ERROR("Dropped client's message due to a bad MAC\n");
}
else
#endif
@@ -568,7 +576,7 @@ static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
&& err != APP_DATA_READY
#endif
) {
- fprintf(stderr, "SSL_read input error %d, %s\n", err,
+ LOG_ERROR("SSL_read input error %d, %s\n", err,
ERR_error_string(err, buffer));
err_sys_ex(runWithErrors, "SSL_read failed");
}
@@ -641,7 +649,7 @@ static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
} while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_WRITE);
if (ret != outputLen) {
char buffer[WOLFSSL_MAX_ERROR_SZ];
- fprintf(stderr, "SSL_write msg error %d, %s\n", err,
+ LOG_ERROR("SSL_write msg error %d, %s\n", err,
ERR_error_string(err, buffer));
err_sys_ex(runWithErrors, "SSL_write failed");
}
@@ -744,6 +752,18 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
else
err_sys("unable to use curve secp256r1");
} while (ret == WC_PENDING_E);
+ #elif defined(WOLFSSL_SM2)
+ do {
+ ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
+ if (ret == WOLFSSL_SUCCESS)
+ groups[count++] = WOLFSSL_ECC_SM2P256V1;
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ else if (ret == WC_PENDING_E)
+ wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+ #endif
+ else
+ err_sys("unable to use curve sm2p256r1");
+ } while (ret == WC_PENDING_E);
#endif
#endif
}
@@ -1319,7 +1339,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
size_t srtp_secret_length;
byte *srtp_secret, *p;
int ret;
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
srtp_test_helper *srtp_helper = args->srtp_helper;
#else
(void)args;
@@ -1328,7 +1348,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
ret = wolfSSL_export_dtls_srtp_keying_material(ssl, NULL,
&srtp_secret_length);
if (ret != LENGTH_ONLY_E) {
- fprintf(stderr, "DTLS SRTP: Error getting key material length\n");
+ LOG_ERROR("DTLS SRTP: Error getting key material length\n");
return ret;
}
@@ -1342,7 +1362,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
&srtp_secret_length);
if (ret != WOLFSSL_SUCCESS) {
XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- fprintf(stderr, "DTLS SRTP: Error getting key material\n");
+ LOG_ERROR("DTLS SRTP: Error getting key material\n");
return ret;
}
@@ -1351,7 +1371,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
printf("%02X", *p);
printf("\n");
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
if (srtp_helper != NULL) {
srtp_helper_set_ekm(srtp_helper, srtp_secret, srtp_secret_length);
@@ -1359,7 +1379,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
correctness */
return 0;
}
-#endif /* _POSIX_THREADS */
+#endif /* WOLFSSL_COND */
XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return 0;
@@ -1391,7 +1411,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
{ "wolfsentry-config", 1, 256 },
#endif
{ "help", 0, 257 },
+#ifndef NO_MULTIBYTE_PRINT
{ "ヘルプ", 0, 258 },
+#endif
#if defined(HAVE_PQC)
{ "pqc", 1, 259 },
#endif
@@ -1410,6 +1432,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifdef HAVE_SUPPORTED_CURVES
{"onlyPskDheKe", 2, 264},
#endif /* HAVE_SUPPORTED_CURVES */
+#ifdef HAVE_CRL
+ {"crl-dir", 1, 265},
+#endif
+ {"quieter", 0, 266},
{ 0, 0, 0 }
};
#endif
@@ -1419,7 +1445,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#else
int doCliCertCheck = 0;
#endif
-#ifdef HAVE_CRL
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
int disableCRL = 0;
#endif
int useAnyAddr = 0;
@@ -1531,6 +1557,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
int useDtlsCID = 0;
char dtlsCID[DTLS_CID_BUFFER_SIZE] = { 0 };
#endif /* WOLFSSL_DTLS_CID */
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
+ char* crlDir = NULL;
+#endif
#ifdef WOLFSSL_STATIC_MEMORY
/* Note: Actual memory used is much less, this is the entire buffer buckets,
@@ -1693,7 +1722,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
break;
case 'V' :
- #ifdef HAVE_CRL
+ #if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
disableCRL = 1;
#endif
break;
@@ -2107,7 +2136,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
nonBlocking = 1;
simulateWantWrite = 1;
#else
- fprintf(stderr, "Ignoring -6 since async I/O support not "
+ LOG_ERROR("Ignoring -6 since async I/O support not "
"compiled in.\n");
#endif
break;
@@ -2252,9 +2281,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (force_curve_group_id <= 0) {
if (lng_index == 1) {
/* TODO: Need Japanese translation */
- fprintf(stderr, "Invalid curve '%s'\n", myoptarg);
+ LOG_ERROR("Invalid curve '%s'\n", myoptarg);
} else {
- fprintf(stderr, "Invalid curve '%s'\n", myoptarg);
+ LOG_ERROR("Invalid curve '%s'\n", myoptarg);
}
XEXIT_T(EXIT_FAILURE);
}
@@ -2281,7 +2310,17 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
#endif
break;
+ case 265:
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
+ crlDir = myoptarg;
+#endif
+ break;
+
+ case 266:
+ quieter = 1;
+ break;
+ case -1:
default:
Usage();
XEXIT_T(MY_EX_USAGE);
@@ -2327,7 +2366,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifndef HAVE_SESSION_TICKET
if ((version >= 4) && resume) {
- fprintf(stderr, "Can't do TLS 1.3 resumption; need session tickets!\n");
+ LOG_ERROR("Can't do TLS 1.3 resumption; need session tickets!\n");
}
#endif
@@ -2341,7 +2380,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (usePqc) {
if (version == SERVER_DOWNGRADE_VERSION ||
version == EITHER_DOWNGRADE_VERSION) {
- fprintf(stderr,
+ LOG_ERROR(
"WARNING: If a TLS 1.3 connection is not negotiated, you "
"will not be using a post-quantum group.\n");
} else if (version != 4 && version != -4) {
@@ -2438,11 +2477,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifdef DEBUG_WOLFSSL
/* print off helper buffer sizes for use with static memory
* printing to stderr in case of debug mode turned on */
- fprintf(stderr, "static memory management size = %d\n",
+ LOG_ERROR("static memory management size = %d\n",
wolfSSL_MemoryPaddingSz());
- fprintf(stderr, "calculated optimum general buffer size = %d\n",
+ LOG_ERROR("calculated optimum general buffer size = %d\n",
wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
- fprintf(stderr, "calculated optimum IO buffer size = %d\n",
+ LOG_ERROR("calculated optimum IO buffer size = %d\n",
wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
WOLFMEM_IO_POOL_FIXED));
#endif /* DEBUG_WOLFSSL */
@@ -2823,7 +2862,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevOpen(&devId);
if (ret < 0) {
- fprintf(stderr, "Async device open failed\nRunning without async\n");
+ LOG_ERROR("Async device open failed\nRunning without async\n");
}
wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -2846,6 +2885,30 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
wolfSSL_CTX_NoTicketTLSv12(ctx);
#endif
#endif
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
+ if (!disableCRL) {
+ /* Need to load CA's to confirm CRL signatures */
+ unsigned int verify_flags = 0;
+#ifdef TEST_BEFORE_DATE
+ verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
+#endif
+ if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0,
+ verify_flags) != WOLFSSL_SUCCESS) {
+ err_sys_ex(catastrophic,
+ "can't load ca file, Please run from wolfSSL home dir");
+ }
+#ifdef HAVE_CRL_MONITOR
+ crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
+#endif
+ if (wolfSSL_CTX_EnableCRL(ctx, 0) != WOLFSSL_SUCCESS)
+ err_sys_ex(runWithErrors, "unable to enable CRL");
+ if (wolfSSL_CTX_LoadCRL(ctx, crlDir != NULL ? crlDir : crlPemDir,
+ WOLFSSL_FILETYPE_PEM, crlFlags) != WOLFSSL_SUCCESS)
+ err_sys_ex(runWithErrors, "unable to load CRL");
+ if (wolfSSL_CTX_SetCRL_Cb(ctx, CRL_CallBack) != WOLFSSL_SUCCESS)
+ err_sys_ex(runWithErrors, "unable to set CRL callback url");
+ }
+#endif
while (1) {
@@ -2865,7 +2928,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
}
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
- fprintf(stderr, "Before creating SSL\n");
+ LOG_ERROR("Before creating SSL\n");
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
err_sys_ex(runWithErrors, "ctx not using static memory");
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -2954,7 +3017,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
- fprintf(stderr, "After creating SSL\n");
+ LOG_ERROR("After creating SSL\n");
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
err_sys_ex(runWithErrors, "ctx not using static memory");
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -3022,20 +3085,6 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifndef NO_HANDSHAKE_DONE_CB
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
#endif
-#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
- if (!disableCRL) {
-#ifdef HAVE_CRL_MONITOR
- crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
-#endif
- if (wolfSSL_EnableCRL(ssl, 0) != WOLFSSL_SUCCESS)
- err_sys_ex(runWithErrors, "unable to enable CRL");
- if (wolfSSL_LoadCRL(ssl, crlPemDir, WOLFSSL_FILETYPE_PEM, crlFlags)
- != WOLFSSL_SUCCESS)
- err_sys_ex(runWithErrors, "unable to load CRL");
- if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != WOLFSSL_SUCCESS)
- err_sys_ex(runWithErrors, "unable to set CRL callback url");
- }
-#endif
#ifdef HAVE_OCSP
if (useOcsp) {
if (ocspUrl != NULL) {
@@ -3285,6 +3334,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
#endif /* WOLFSSL_DTLS_CID */
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ if (doDTLS)
+ wolfSSL_dtls13_allow_ch_frag(ssl, 1);
+#endif
+
#ifndef WOLFSSL_CALLBACKS
if (nonBlocking) {
#ifdef WOLFSSL_DTLS
@@ -3304,7 +3358,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
err = 0; /* reset error */
ret = wolfSSL_read_early_data(ssl, input, sizeof(input)-1,
&len);
- if (ret != WOLFSSL_SUCCESS) {
+ if (ret <= 0) {
err = SSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
@@ -3338,7 +3392,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
} while (err == WC_PENDING_E);
}
#else
- (void)nonBlocking;
+ if (nonBlocking) {
+ #ifdef WOLFSSL_DTLS
+ if (doDTLS) {
+ wolfSSL_dtls_set_using_nonblock(ssl, 1);
+ }
+ #endif
+ tcp_set_nonblocking(&clientfd);
+ }
ret = NonBlockingSSL_Accept(ssl);
#endif
#ifdef WOLFSSL_EARLY_DATA
@@ -3346,8 +3407,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#endif
if (ret != WOLFSSL_SUCCESS) {
err = SSL_get_error(ssl, 0);
- fprintf(stderr, "SSL_accept error %d, %s\n", err,
- ERR_error_string(err, buffer));
+ LOG_ERROR("SSL_accept error %d, %s\n", err,
+ ERR_error_string(err, buffer));
if (!exitWithRet) {
err_sys_ex(runWithErrors, "SSL_accept failed");
} else {
@@ -3560,7 +3621,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
if (ret != WOLFSSL_SUCCESS) {
err = wolfSSL_get_error(ssl, 0);
- fprintf(stderr,
+ LOG_ERROR(
"wolfSSL_Rehandshake error %d, %s\n", err,
wolfSSL_ERR_error_string(err, buffer));
wolfSSL_free(ssl); ssl = NULL;
@@ -3620,10 +3681,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
if (sendTicket) {
if (wolfSSL_send_SessionTicket(ssl) != WOLFSSL_SUCCESS) {
- fprintf(stderr, "Sending new session ticket failed\n");
+ LOG_ERROR("Sending new session ticket failed\n");
}
else {
- fprintf(stderr, "New session ticket sent\n");
+ LOG_ERROR("New session ticket sent\n");
}
}
#endif
@@ -3692,12 +3753,12 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
break;
}
else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
- fprintf(stderr, "Bidirectional shutdown failed\n");
+ LOG_ERROR("Bidirectional shutdown failed\n");
break;
}
}
if (ret != WOLFSSL_SUCCESS)
- fprintf(stderr, "Bidirectional shutdown failed\n");
+ LOG_ERROR("Bidirectional shutdown failed\n");
}
/* display collected statistics */
@@ -3705,8 +3766,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
err_sys_ex(runWithErrors, "static memory was not used with ssl");
- fprintf(stderr, "\nprint off SSL memory stats\n");
- fprintf(stderr, "*** This is memory state before wolfSSL_free is "
+ LOG_ERROR("\nprint off SSL memory stats\n");
+ LOG_ERROR("*** This is memory state before wolfSSL_free is "
"called\n");
wolfSSL_PrintStatsConn(&ssl_stats);
@@ -3722,8 +3783,12 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
resumeCount = 0;
cnt++;
- if (loops > 0 && --loops == 0) {
- break; /* out of while loop, done with normal and resume option */
+ if (loops > 0) {
+ if (--loops == 0) {
+ break; /* out of while loop, done with normal and resume
+ * option
+ */
+ }
}
} /* while(1) */
@@ -3746,7 +3811,7 @@ exit:
wolfsentry_ret =
wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL));
if (wolfsentry_ret < 0) {
- fprintf(stderr,
+ LOG_ERROR(
"wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n",
WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret));
}
@@ -3785,9 +3850,7 @@ exit:
#if defined(WOLFSSL_CALLBACKS) && defined(WOLFSSL_EARLY_DATA)
(void) earlyData;
#endif
-#ifndef WOLFSSL_TIRTOS
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* !NO_WOLFSSL_SERVER */
@@ -3807,7 +3870,7 @@ exit:
args.argv = argv;
args.signal = &ready;
args.return_code = 0;
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
args.srtp_helper = NULL;
#endif
InitTcpReady(&ready);
diff --git a/extra/wolfssl/wolfssl/examples/server/server.h b/extra/wolfssl/wolfssl/examples/server/server.h
index dbf492b1..e0c8ad7b 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.h
+++ b/extra/wolfssl/wolfssl/examples/server/server.h
@@ -27,7 +27,7 @@
THREAD_RETURN WOLFSSL_THREAD server_test(void* args);
/* Echo bytes using buffer of blockSize until [echoData] bytes are complete. */
-/* If [bechmarkThroughput] set the statistcs will be output at the end */
+/* If [benchmarkThroughput] set the statistics will be output at the end */
int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int blockSize,
size_t benchmarkThroughput);
diff --git a/extra/wolfssl/wolfssl/examples/server/server.vcproj b/extra/wolfssl/wolfssl/examples/server/server.vcproj
index fef8b2a2..671ae454 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.vcproj
+++ b/extra/wolfssl/wolfssl/examples/server/server.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -117,7 +117,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../../;../../IDE/WIN"
- PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/server/server.vcxproj b/extra/wolfssl/wolfssl/examples/server/server.vcxproj
index 59e1ed7f..8f11fee8 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/server/server.vcxproj
@@ -159,7 +159,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -218,7 +218,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -237,7 +237,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -259,7 +259,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -281,7 +281,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -302,7 +302,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/fips-check.sh b/extra/wolfssl/wolfssl/fips-check.sh
index 5902cdb4..b31b16dd 100755
--- a/extra/wolfssl/wolfssl/fips-check.sh
+++ b/extra/wolfssl/wolfssl/fips-check.sh
@@ -7,407 +7,314 @@
# copy of our FIPS approved code.
#
# This should check out all the approved flavors. The command line
-# option selects the flavor.
-#
-# $ ./fips-check [flavor] [keep]
-#
-# - flavor: linux (default), ios, android, windows, freertos, linux-ecc, netbsd-selftest, linuxv2, fipsv2-OE-ready, stm32l4-v2, linuxv5, fips-ready, fips-dev
-#
-# - keep: (default off) XXX-fips-test temp dir around for inspection
-#
+# option selects the flavor. The keep option keeps the output
+# directory.
+
+# These variables may be overridden on the command line.
+MAKE="${MAKE:-make}"
+GIT="${GIT:-git -c advice.detachedHead=false}"
+TEST_DIR="${TEST_DIR:-XXX-fips-test}"
+FLAVOR="${FLAVOR:-linux}"
+KEEP="${KEEP:-no}"
+FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}"
Usage() {
cat <<usageText
-Usage: $0 [flavor [keep]]
+Usage: $0 [flavor] [keep]
Flavor is one of:
- linux (default)
- ios
- android
- windows
- freertos
- openrtos-3.9.2
- linux-ecc
- netbsd-selftest
- marvell-linux-selftest
- sgx
- netos-7.6
linuxv2 (FIPSv2, use for Win10)
- stm32l4-v2 (FIPSv2, use for STM32L4)
- wolfrand
+ fipsv2-OE-ready (ready FIPSv2)
solaris
+ netbsd-selftest
+ marvell-linux-selftest
linuxv5 (current FIPS 140-3)
fips-ready (ready FIPS 140-3)
fips-dev (dev FIPS 140-3)
-Keep (default off) retains the XXX-fips-test temp dir for inspection.
+ wolfrand
+Keep (default off) retains the temp dir $TEST_DIR for inspection.
Example:
$0 windows keep
usageText
}
-MAKE='make'
-
-LINUX_FIPS_VERSION=v3.2.6
-LINUX_FIPS_REPO=git@github.com:wolfSSL/fips.git
-LINUX_CRYPT_VERSION=v3.2.6
-LINUX_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-LINUX_ECC_FIPS_VERSION=v3.10.3
-LINUX_ECC_FIPS_REPO=git@github.com:wolfSSL/fips.git
-LINUX_ECC_CRYPT_VERSION=v3.2.6
-LINUX_ECC_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-IOS_FIPS_VERSION=v3.4.8a
-IOS_FIPS_REPO=git@github.com:wolfSSL/fips.git
-IOS_CRYPT_VERSION=v3.4.8.fips
-IOS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-ANDROID_FIPS_VERSION=v3.5.0
-ANDROID_FIPS_REPO=git@github.com:wolfSSL/fips.git
-ANDROID_CRYPT_VERSION=v3.5.0
-ANDROID_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-WINDOWS_FIPS_VERSION=v3.6.6
-WINDOWS_FIPS_REPO=git@github.com:wolfSSL/fips.git
-WINDOWS_CRYPT_VERSION=v3.6.6
-WINDOWS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-FREERTOS_FIPS_VERSION=v3.6.1-FreeRTOS
-FREERTOS_FIPS_REPO=git@github.com:wolfSSL/fips.git
-FREERTOS_CRYPT_VERSION=v3.6.1
-FREERTOS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-OPENRTOS_3_9_2_FIPS_VERSION=v3.9.2-OpenRTOS
-OPENRTOS_3_9_2_FIPS_REPO=git@github.com:wolfSSL/fips.git
-OPENRTOS_3_9_2_CRYPT_VERSION=v3.6.1
-OPENRTOS_3_9_2_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-#NOTE: Does not include the SGX examples yet, update version once fipsv2 is
-# finished and merge conflicts can be resolved. This will be tagged as
-# v3.12.4.sgx-examples
-#SGX_FIPS_VERSION=v3.12.4.sgx-examples
-SGX_FIPS_VERSION=v3.6.6
-SGX_FIPS_REPO=git@github.com:wolfSSL/fips.git
-SGX_CRYPT_VERSION=v3.12.4
-SGX_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-NETOS_7_6_FIPS_VERSION=v3.12.6
-NETOS_7_6_FIPS_REPO=git@github.com:wolfSSL/fips.git
-NETOS_7_6_CRYPT_VERSION=v3.12.4
-NETOS_7_6_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-# non-FIPS, CAVP only but pull in selftest
-# will reset above variables below in flavor switch
-NETBSD_FIPS_VERSION=v3.14.2b
-NETBSD_FIPS_REPO=git@github.com:wolfssl/fips.git
-NETBSD_CRYPT_VERSION=v3.14.2
-NETBSD_CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
-
-# non-FIPS, CAVP only but pull in selftest
-# will reset above variables below in flavor switch
-MARVELL_LINUX_FIPS_VERSION=v3.14.2b
-MARVELL_LINUX_FIPS_REPO=git@github.com:wolfssl/fips.git
-MARVELL_LINUX_CRYPT_VERSION=v4.1.0-stable
-MARVELL_LINUX_CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
-
-STM32L4_V2_FIPS_VERSION=WCv4.0.1-stable
-STM32L4_V2_FIPS_REPO=git@github.com:wolfSSL/fips.git
-STM32L4_V2_CRYPT_VERSION=WCv4.0.1-stable
-
-FIPS_SRCS=( fips.c fips_test.c )
-WC_MODS=( aes des3 sha sha256 sha512 rsa hmac random aes_asm )
-TEST_DIR=XXX-fips-test
-CRYPT_INC_PATH=cyassl/ctaocrypt
-CRYPT_SRC_PATH=ctaocrypt/src
-RNG_VERSION=v3.6.0
-FIPS_OPTION=v1
-CAVP_SELFTEST_ONLY="no"
-GIT="git -c advice.detachedHead=false"
-
-if [ "$1" == "" ]; then FLAVOR="linux"; else FLAVOR="$1"; fi
-
-if [ "$2" == "keep" ]; then KEEP="yes"; else KEEP="no"; fi
+while [ "$1" ]; do
+ if [ "$1" = 'keep' ]; then KEEP='yes'; else FLAVOR="$1"; fi
+ shift
+done
case "$FLAVOR" in
-ios)
- FIPS_VERSION=$IOS_FIPS_VERSION
- FIPS_REPO=$IOS_FIPS_REPO
- CRYPT_VERSION=$IOS_CRYPT_VERSION
- CRYPT_REPO=$IOS_CRYPT_REPO
- ;;
-android)
- FIPS_VERSION=$ANDROID_FIPS_VERSION
- FIPS_REPO=$ANDROID_FIPS_REPO
- CRYPT_VERSION=$ANDROID_CRYPT_VERSION
- CRYPT_REPO=$ANDROID_CRYPT_REPO
- ;;
-windows)
- FIPS_VERSION=$WINDOWS_FIPS_VERSION
- FIPS_REPO=$WINDOWS_FIPS_REPO
- CRYPT_VERSION=$WINDOWS_CRYPT_VERSION
- CRYPT_REPO=$WINDOWS_CRYPT_REPO
- ;;
-freertos)
- FIPS_VERSION=$FREERTOS_FIPS_VERSION
- FIPS_REPO=$FREERTOS_FIPS_REPO
- CRYPT_VERSION=$FREERTOS_CRYPT_VERSION
- CRYPT_REPO=$FREERTOS_CRYPT_REPO
- ;;
-openrtos-3.9.2)
- FIPS_VERSION=$OPENRTOS_3_9_2_FIPS_VERSION
- FIPS_REPO=$OPENRTOS_3_9_2_FIPS_REPO
- CRYPT_VERSION=$OPENRTOS_3_9_2_CRYPT_VERSION
- CRYPT_REPO=$OPENRTOS_3_9_2_CRYPT_REPO
- FIPS_CONFLICTS=( aes hmac random sha256 )
- ;;
-linux)
- FIPS_VERSION=$LINUX_FIPS_VERSION
- FIPS_REPO=$LINUX_FIPS_REPO
- CRYPT_VERSION=$LINUX_CRYPT_VERSION
- CRYPT_REPO=$LINUX_CRYPT_REPO
- ;;
-linux-ecc)
- FIPS_VERSION=$LINUX_ECC_FIPS_VERSION
- FIPS_REPO=$LINUX_ECC_FIPS_REPO
- CRYPT_VERSION=$LINUX_ECC_CRYPT_VERSION
- CRYPT_REPO=$LINUX_ECC_CRYPT_REPO
- ;;
-linuxv2 | fipsv2-OE-ready)
- FIPS_VERSION=WCv4-stable
- FIPS_REPO=git@github.com:wolfssl/fips.git
- CRYPT_VERSION=WCv4-stable
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- WC_MODS+=( cmac dh ecc sha3 )
- RNG_VERSION=WCv4-rng-stable
- FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION=v2
+linuxv2|fipsv2-OE-ready|solaris)
+ FIPS_OPTION='v2'
+ FIPS_FILES=(
+ 'wolfcrypt/src/fips.c:WCv4-stable'
+ 'wolfcrypt/src/fips_test.c:WCv4-stable'
+ 'wolfcrypt/src/wolfcrypt_first.c:WCv4-stable'
+ 'wolfcrypt/src/wolfcrypt_last.c:WCv4-stable'
+ 'wolfssl/wolfcrypt/fips.h:WCv4-stable'
+ )
+ WOLFCRYPT_FILES=(
+ 'wolfcrypt/src/aes.c:WCv4-stable'
+ 'wolfcrypt/src/aes_asm.asm:WCv4-stable'
+ 'wolfcrypt/src/aes_asm.S:WCv4-stable'
+ 'wolfcrypt/src/cmac.c:WCv4-stable'
+ 'wolfcrypt/src/des3.c:WCv4-stable'
+ 'wolfcrypt/src/dh.c:WCv4-stable'
+ 'wolfcrypt/src/ecc.c:WCv4-stable'
+ 'wolfcrypt/src/hmac.c:WCv4-stable'
+ 'wolfcrypt/src/random.c:WCv4-rng-stable'
+ 'wolfcrypt/src/rsa.c:WCv4-stable'
+ 'wolfcrypt/src/sha.c:WCv4-stable'
+ 'wolfcrypt/src/sha256.c:WCv4-stable'
+ 'wolfcrypt/src/sha3.c:WCv4-stable'
+ 'wolfcrypt/src/sha512.c:WCv4-stable'
+ 'wolfssl/wolfcrypt/aes.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/cmac.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/des3.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/dh.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/ecc.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/hmac.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/random.h:WCv4-rng-stable'
+ 'wolfssl/wolfcrypt/rsa.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/sha.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/sha256.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/sha3.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/sha512.h:WCv4-stable'
+ )
+ if [ "$FLAVOR" = 'solaris' ]; then MAKE='gmake'; fi
;;
netbsd-selftest)
- FIPS_VERSION=$NETBSD_FIPS_VERSION
- FIPS_REPO=$NETBSD_FIPS_REPO
- CRYPT_VERSION=$NETBSD_CRYPT_VERSION
- CRYPT_REPO=$NETBSD_CRYPT_REPO
- FIPS_SRCS=( selftest.c )
- WC_MODS=( dh ecc rsa dsa aes sha sha256 sha512 hmac random )
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- CAVP_SELFTEST_ONLY="yes"
+ # non-FIPS, CAVP only but pull in selftest
+ FIPS_OPTION='cavp-selftest'
+ FIPS_FILES=('wolfcrypt/src/selftest.c:v3.14.2b')
+ WOLFCRYPT_FILES=(
+ 'wolfcrypt/src/aes.c:v3.14.2'
+ 'wolfcrypt/src/dh.c:v3.14.2'
+ 'wolfcrypt/src/dsa.c:v3.14.2'
+ 'wolfcrypt/src/ecc.c:v3.14.2'
+ 'wolfcrypt/src/hmac.c:v3.14.2'
+ 'wolfcrypt/src/random.c:v3.14.2'
+ 'wolfcrypt/src/rsa.c:v3.14.2'
+ 'wolfcrypt/src/sha.c:v3.14.2'
+ 'wolfcrypt/src/sha256.c:v3.14.2'
+ 'wolfcrypt/src/sha512.c:v3.14.2'
+ 'wolfssl/wolfcrypt/aes.h:v3.14.2'
+ 'wolfssl/wolfcrypt/dh.h:v3.14.2'
+ 'wolfssl/wolfcrypt/dsa.h:v3.14.2'
+ 'wolfssl/wolfcrypt/ecc.h:v3.14.2'
+ 'wolfssl/wolfcrypt/hmac.h:v3.14.2'
+ 'wolfssl/wolfcrypt/random.h:v3.14.2'
+ 'wolfssl/wolfcrypt/rsa.h:v3.14.2'
+ 'wolfssl/wolfcrypt/sha.h:v3.14.2'
+ 'wolfssl/wolfcrypt/sha256.h:v3.14.2'
+ 'wolfssl/wolfcrypt/sha512.h:v3.14.2'
+ )
;;
marvell-linux-selftest)
- FIPS_VERSION=$MARVELL_LINUX_FIPS_VERSION
- FIPS_REPO=$MARVELL_LINUX_FIPS_REPO
- CRYPT_VERSION=$MARVELL_LINUX_CRYPT_VERSION
- CRYPT_REPO=$MARVELL_LINUX_CRYPT_REPO
- FIPS_SRCS=( selftest.c )
- WC_MODS=( dh ecc rsa dsa aes sha sha256 sha512 hmac random )
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- CAVP_SELFTEST_ONLY="yes"
- CAVP_SELFTEST_OPTION=v2
+ # non-FIPS, CAVP only but pull in selftest
+ FIPS_OPTION='cavp-selftest-v2'
+ FIPS_FILES=('wolfcrypt/src/selftest.c:v3.14.2b')
+ WOLFCRYPT_FILES=(
+ 'wolfcrypt/src/aes.c:v4.1.0-stable'
+ 'wolfcrypt/src/dh.c:v4.1.0-stable'
+ 'wolfcrypt/src/dsa.c:v4.1.0-stable'
+ 'wolfcrypt/src/ecc.c:v4.1.0-stable'
+ 'wolfcrypt/src/hmac.c:v4.1.0-stable'
+ 'wolfcrypt/src/random.c:v4.1.0-stable'
+ 'wolfcrypt/src/rsa.c:v4.1.0-stable'
+ 'wolfcrypt/src/sha.c:v4.1.0-stable'
+ 'wolfcrypt/src/sha256.c:v4.1.0-stable'
+ 'wolfcrypt/src/sha512.c:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/aes.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/dh.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/dsa.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/ecc.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/hmac.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/random.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/rsa.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/sha.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/sha256.h:v4.1.0-stable'
+ 'wolfssl/wolfcrypt/sha512.h:v4.1.0-stable'
+ )
;;
-sgx)
- FIPS_VERSION=$SGX_FIPS_VERSION
- FIPS_REPO=$SGX_FIPS_REPO
- CRYPT_VERSION=$SGX_CRYPT_VERSION
- CRYPT_REPO=$SGX_CRYPT_REPO
- ;;
-netos-7.6)
- FIPS_VERSION=$NETOS_7_6_FIPS_VERSION
- FIPS_REPO=$NETOS_7_6_FIPS_REPO
- CRYPT_VERSION=$NETOS_7_6_CRYPT_VERSION
- CRYPT_REPO=$NETOS_7_6_CRYPT_REPO
- ;;
-
linuxv5)
- FIPS_REPO="git@github.com:wolfSSL/fips.git"
- FIPS_VERSION="WCv5.0-RC12"
- CRYPT_REPO="git@github.com:wolfSSL/wolfssl.git"
- CRYPT_VERSION="WCv5.0-RC12"
- CRYPT_INC_PATH="wolfssl/wolfcrypt"
- CRYPT_SRC_PATH="wolfcrypt/src"
- WC_MODS=( aes sha sha256 sha512 rsa hmac random cmac dh ecc sha3 kdf
- aes_asm sha256_asm sha512_asm )
- RNG_VERSION="WCv5.0-RC12"
- FIPS_SRCS=( fips.c fips_test.c wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION="v5"
- COPY_DIRECT=( wolfcrypt/src/aes_gcm_asm.S )
+ FIPS_OPTION='v5'
+ FIPS_FILES=(
+ 'wolfcrypt/src/fips.c:WCv5.0-RC12'
+ 'wolfcrypt/src/fips_test.c:WCv5.0-RC12'
+ 'wolfcrypt/src/wolfcrypt_first.c:WCv5.0-RC12'
+ 'wolfcrypt/src/wolfcrypt_last.c:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/fips.h:WCv5.0-RC12'
+ )
+ WOLFCRYPT_FILES=(
+ 'wolfcrypt/src/aes.c:WCv5.0-RC12'
+ 'wolfcrypt/src/aes_asm.asm:WCv5.0-RC12'
+ 'wolfcrypt/src/aes_asm.S:WCv5.0-RC12'
+ 'wolfcrypt/src/aes_gcm_asm.S:WCv5.0-RC12'
+ 'wolfcrypt/src/cmac.c:WCv5.0-RC12'
+ 'wolfcrypt/src/dh.c:WCv5.0-RC12'
+ 'wolfcrypt/src/ecc.c:WCv5.0-RC12'
+ 'wolfcrypt/src/hmac.c:WCv5.0-RC12'
+ 'wolfcrypt/src/kdf.c:WCv5.0-RC12'
+ 'wolfcrypt/src/random.c:WCv5.0-RC12'
+ 'wolfcrypt/src/rsa.c:WCv5.0-RC12'
+ 'wolfcrypt/src/sha.c:WCv5.0-RC12'
+ 'wolfcrypt/src/sha256.c:WCv5.0-RC12'
+ 'wolfcrypt/src/sha256_asm.S:WCv5.0-RC12'
+ 'wolfcrypt/src/sha3.c:WCv5.0-RC12'
+ 'wolfcrypt/src/sha512.c:WCv5.0-RC12'
+ 'wolfcrypt/src/sha512_asm.S:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/aes.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/cmac.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/dh.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/ecc.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/fips_test.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/hmac.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/kdf.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/random.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/rsa.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/sha.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/sha256.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/sha3.h:WCv5.0-RC12'
+ 'wolfssl/wolfcrypt/sha512.h:WCv5.0-RC12'
+ )
;;
-fips-ready)
- FIPS_REPO="git@github.com:wolfSSL/fips.git"
- FIPS_VERSION="master"
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- FIPS_SRCS=( fips.c fips_test.c wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION=ready
+linuxv5.2.1)
+ FIPS_OPTION='v5'
+ FIPS_FILES=(
+ 'wolfcrypt/src/fips.c:v5.2.1-stable'
+ 'wolfcrypt/src/fips_test.c:v5.2.1-stable'
+ 'wolfcrypt/src/wolfcrypt_first.c:v5.2.1-stable'
+ 'wolfcrypt/src/wolfcrypt_last.c:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/fips.h:v5.2.1-stable'
+ )
+ WOLFCRYPT_FILES=(
+ 'wolfcrypt/src/aes.c:v5.2.1-stable'
+ 'wolfcrypt/src/aes_asm.asm:v5.2.1-stable'
+ 'wolfcrypt/src/aes_asm.S:v5.2.1-stable'
+ 'wolfcrypt/src/aes_gcm_asm.S:v5.2.1-stable'
+ 'wolfcrypt/src/cmac.c:v5.2.1-stable'
+ 'wolfcrypt/src/dh.c:v5.2.1-stable'
+ 'wolfcrypt/src/ecc.c:v5.2.1-stable'
+ 'wolfcrypt/src/hmac.c:v5.2.1-stable'
+ 'wolfcrypt/src/kdf.c:v5.2.1-stable'
+ 'wolfcrypt/src/random.c:v5.2.1-stable'
+ 'wolfcrypt/src/rsa.c:v5.2.1-stable'
+ 'wolfcrypt/src/sha.c:v5.2.1-stable'
+ 'wolfcrypt/src/sha256.c:v5.2.1-stable'
+ 'wolfcrypt/src/sha256_asm.S:v5.2.1-stable'
+ 'wolfcrypt/src/sha3.c:v5.2.1-stable'
+ 'wolfcrypt/src/sha512.c:v5.2.1-stable'
+ 'wolfcrypt/src/sha512_asm.S:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/aes.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/cmac.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/dh.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/ecc.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/fips_test.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/hmac.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/kdf.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/random.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/rsa.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/sha.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/sha256.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/sha3.h:v5.2.1-stable'
+ 'wolfssl/wolfcrypt/sha512.h:v5.2.1-stable'
+ )
;;
-fips-dev)
- FIPS_REPO="git@github.com:wolfSSL/fips.git"
- FIPS_VERSION="master"
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION=dev
- ;;
-
-stm32l4-v2)
- FIPS_VERSION=$STM32L4_V2_FIPS_VERSION
- FIPS_REPO=$STM32L4_V2_FIPS_REPO
- CRYPT_VERSION=$STM32L4_V2_CRYPT_VERSION
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
-# Replace the WC_MODS list for now. Do not want to copy over random.c yet.
- WC_MODS=( aes des3 sha sha256 sha512 rsa hmac )
- WC_MODS+=( cmac dh ecc )
- FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION=v2
+fips-ready|fips-dev)
+ FIPS_OPTION='ready'
+ FIPS_FILES=(
+ 'wolfcrypt/src/fips.c:master'
+ 'wolfcrypt/src/fips_test.c:master'
+ 'wolfcrypt/src/wolfcrypt_first.c:master'
+ 'wolfcrypt/src/wolfcrypt_last.c:master'
+ 'wolfssl/wolfcrypt/fips.h:master'
+ )
+ WOLFCRYPT_FILES=()
+ if [ "$FLAVOR" = 'fips-dev' ]; then FIPS_OPTION='dev'; fi
;;
wolfrand)
- FIPS_REPO=git@github.com:wolfssl/fips.git
- FIPS_VERSION=WRv4-stable
- CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
- CRYPT_VERSION=WCv4-stable
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- RNG_VERSION=WCv4-rng-stable
- WC_MODS=( hmac sha256 random )
- FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION=rand
- ;;
-solaris)
- FIPS_VERSION=WCv4-stable
- FIPS_REPO=git@github.com:wolfssl/fips.git
- CRYPT_VERSION=WCv4-stable
- CRYPT_INC_PATH=wolfssl/wolfcrypt
- CRYPT_SRC_PATH=wolfcrypt/src
- WC_MODS+=( cmac dh ecc sha3 )
- RNG_VERSION=WCv4-rng-stable
- FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
- FIPS_INCS=( fips.h )
- FIPS_OPTION=v2
- MAKE=gmake
+ FIPS_OPTION='rand'
+ FIPS_FILES=(
+ 'wolfcrypt/src/fips.c:WRv4-stable'
+ 'wolfcrypt/src/fips_test.c:WRv4-stable'
+ 'wolfcrypt/src/wolfcrypt_first.c:WRv4-stable'
+ 'wolfcrypt/src/wolfcrypt_last.c:WRv4-stable'
+ 'wolfssl/wolfcrypt/fips.h:WRv4-stable'
+ )
+ WOLFCRYPT_FILES=(
+ 'wolfcrypt/src/hmac.c:WCv4-stable'
+ 'wolfcrypt/src/random.c:WCv4-rng-stable'
+ 'wolfcrypt/src/sha256.c:WCv4-stable'
+ 'wolfssl/wolfcrypt/hmac.h:WCv4-stable'
+ 'wolfssl/wolfcrypt/random.h:WCv4-rng-stable'
+ 'wolfssl/wolfcrypt/sha256.h:WCv4-stable'
+ )
;;
-
*)
Usage
exit 1
esac
-if ! $GIT clone . "$TEST_DIR"; then
- echo "fips-check: Couldn't duplicate current working directory."
- exit 1
-fi
-
-pushd "$TEST_DIR" || exit 2
-
-case "$FIPS_OPTION" in
-
-*dev)
- echo "Don't need to copy in tagged wolfCrypt files for fips-dev."
- ;;
-
-*ready)
- echo "Don't need to copy in tagged wolfCrypt files for FIPS Ready."
- ;;
-
-v1)
- # make a clone of the last FIPS release tag
- if ! $GIT clone --depth 1 -b "$CRYPT_VERSION" "$CRYPT_REPO" old-tree; then
- echo "fips-check: Couldn't checkout the FIPS release."
- exit 1
- fi
-
- for MOD in "${WC_MODS[@]}"
- do
- cp "old-tree/$CRYPT_SRC_PATH/${MOD}.c" "$CRYPT_SRC_PATH"
- cp "old-tree/$CRYPT_INC_PATH/${MOD}.h" "$CRYPT_INC_PATH"
- done
-
- # We are using random.c from a separate release.
- # This is forcefully overwriting any other checkout of the cyassl sources.
- # Removing this as default behavior for SGX and netos projects.
- if [ "$CAVP_SELFTEST_ONLY" == "no" ] && [ "$FLAVOR" != "sgx" ] && \
- [ "$FLAVOR" != "netos-7.6" ];
- then
- pushd old-tree || exit 2
- $GIT fetch origin "$RNG_VERSION" || exit $?
- $GIT checkout FETCH_HEAD || exit $?
- popd || exit 2
- cp "old-tree/$CRYPT_SRC_PATH/random.c" "$CRYPT_SRC_PATH"
- cp "old-tree/$CRYPT_INC_PATH/random.h" "$CRYPT_INC_PATH"
- fi
- ;;
-
-v2|rand|v5*)
- $GIT branch --no-track "my$CRYPT_VERSION" "$CRYPT_VERSION" || exit $?
- # Checkout the fips versions of the wolfCrypt files from the repo.
- for MOD in "${WC_MODS[@]}"
+# checkout_files takes an array of pairs of file paths and git tags to
+# checkout. It will check to see if mytag exists and if not will make that
+# tag a branch.
+function checkout_files() {
+ local name
+ local tag
+ for file_entry in "$@"
do
- if [ -f "$CRYPT_SRC_PATH/$MOD.c" ]; then
- $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.c" || exit $?
- fi
- # aes_asm.S, sha256_asm.S sha512_asm.S
- if [ -f "$CRYPT_SRC_PATH/$MOD.S" ]; then
- echo "Checking out asm file: $MOD.S"
- $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.S" || exit $?
- fi
- # aes_asm.asm
- if [ -f "$CRYPT_SRC_PATH/$MOD.asm" ]; then
- echo "Checking out asm file: $MOD.asm"
- $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.asm" || exit $?
- fi
- if [ -f "$CRYPT_INC_PATH/$MOD.h" ]; then
- $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_INC_PATH/$MOD.h" || exit $?
+ name=${file_entry%%:*}
+ tag=${file_entry#*:}
+ if ! $GIT rev-parse -q --verify "my$tag" >/dev/null
+ then
+ $GIT branch --no-track "my$tag" "$tag" || exit $?
fi
+ $GIT checkout "my$tag" -- "$name" || exit $?
done
+}
- for MOD in "${COPY_DIRECT[@]}"
+# copy_fips_files takes an array of pairs of file paths and git tags to
+# checkout. It will check to see if mytag exists and if now will make that
+# tag a branch. It breaks the filepath apart into file name and path, then
+# copies it from the file from the fips directory to the path.
+function copy_fips_files() {
+ local name
+ local bname
+ local dname
+ local tag
+ for file_entry in "$@"
do
- $GIT checkout "my$CRYPT_VERSION" -- "$MOD" || exit $?
+ name=${file_entry%%:*}
+ tag=${file_entry#*:}
+ bname=$(basename "$name")
+ dname=$(dirname "$name")
+ if ! $GIT rev-parse -q --verify "my$tag" >/dev/null
+ then
+ $GIT branch --no-track "my$tag" "$tag" || exit $?
+ fi
+ $GIT checkout "my$tag" -- "$bname" || exit $?
+ cp "$bname" "../$dname"
done
+}
- $GIT branch --no-track "myrng$RNG_VERSION" "$RNG_VERSION" || exit $?
- # Checkout the fips versions of the wolfCrypt files from the repo.
- $GIT checkout "myrng$RNG_VERSION" -- "$CRYPT_SRC_PATH/random.c" "$CRYPT_INC_PATH/random.h" || exit $?
- ;;
-
-*)
- echo "fips-check: Invalid FIPS option \"${FIPS_OPTION}\"."
+if ! $GIT clone . "$TEST_DIR"; then
+ echo "fips-check: Couldn't duplicate current working directory."
exit 1
- ;;
-esac
+fi
-# clone the FIPS repository
-case "$FIPS_OPTION" in
- *dev)
- if ! $GIT clone --depth 1 "$FIPS_REPO" fips; then
- echo "fips-check: Couldn't check out the FIPS repository for fips-dev."
- exit 1
- fi
- ;;
- *)
- if ! $GIT clone --depth 1 -b "$FIPS_VERSION" "$FIPS_REPO" fips; then
- echo "fips-check: Couldn't check out ${FIPS_VERSION} from repository ${FIPS_REPO}."
- exit 1
- fi
- ;;
-esac
+pushd "$TEST_DIR" || exit 2
-for SRC in "${FIPS_SRCS[@]}"
-do
- cp "fips/$SRC" "$CRYPT_SRC_PATH"
-done
+if ! $GIT clone "$FIPS_REPO" fips
+then
+ echo "fips-check: Couldn't check out FIPS repository."
+ exit 1
+fi
-for INC in "${FIPS_INCS[@]}"
-do
- cp "fips/$INC" "$CRYPT_INC_PATH"
-done
+checkout_files "${WOLFCRYPT_FILES[@]}" || exit 3
+pushd fips || exit 2
+copy_fips_files "${FIPS_FILES[@]}" || exit 3
+popd || exit 2
# When checking out cert 3389 ready code, NIST will no longer perform
# new certifications on 140-2 modules. If we were to use the latest files from
@@ -415,62 +322,52 @@ done
# Since OE additions can still be processed for cert3389 we will call 140-2
# ready "fipsv2-OE-ready" indicating it is ready to use for an OE addition but
# would not be good for a new certification effort with the latest files.
-if [ "$FLAVOR" = "fipsv2-OE-ready" ]; then
- OLD_VERSION=" return \"v4.0.0-alpha\";"
- OE_READY_VERSION=" return \"fipsv2-OE-ready\";"
- cp "${CRYPT_SRC_PATH}/fips.c" "${CRYPT_SRC_PATH}/fips.c.bak"
- sed "s/^${OLD_VERSION}/${OE_READY_VERSION}/" "${CRYPT_SRC_PATH}/fips.c.bak" >"${CRYPT_SRC_PATH}/fips.c"
+if [ "$FLAVOR" = 'fipsv2-OE-ready' ] && [ -s wolfcrypt/src/fips.c ]
+then
+ cp wolfcrypt/src/fips.c wolfcrypt/src/fips.c.bak
+ sed "s/v4.0.0-alpha/fipsv2-OE-ready/" wolfcrypt/src/fips.c.bak >wolfcrypt/src/fips.c
fi
# run the make test
./autogen.sh
-if [ "$CAVP_SELFTEST_ONLY" == "yes" ];
-then
- if [ "$CAVP_SELFTEST_OPTION" == "v2" ]
- then
- ./configure --enable-selftest=v2
- else
- ./configure --enable-selftest
- fi
-else
+
+case "$FIPS_OPTION" in
+cavp-selftest)
+ ./configure --enable-selftest
+ ;;
+cavp-selftest-v2)
+ ./configure --enable-selftest=v2
+ ;;
+*)
./configure --enable-fips=$FIPS_OPTION
-fi
-if ! $MAKE; then
- echo "fips-check: Make failed. Debris left for analysis."
+ ;;
+esac
+
+if ! $MAKE
+then
+ echo 'fips-check: Make failed. Debris left for analysis.'
exit 3
fi
-if [ "$CAVP_SELFTEST_ONLY" == "no" ];
+if [ -s wolfcrypt/src/fips_test.c ]
then
NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
if [ -n "$NEWHASH" ]; then
- cp "${CRYPT_SRC_PATH}/fips_test.c" "${CRYPT_SRC_PATH}/fips_test.c.bak"
- sed "s/^\".*\";/\"${NEWHASH}\";/" "${CRYPT_SRC_PATH}/fips_test.c.bak" >"${CRYPT_SRC_PATH}/fips_test.c"
+ cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
+ sed "s/^\".*\";/\"${NEWHASH}\";/" wolfcrypt/src/fips_test.c.bak >wolfcrypt/src/fips_test.c
make clean
fi
fi
-if ! $MAKE test; then
- echo "fips-check: Test failed. Debris left for analysis."
- exit 3
-fi
-
-if [ ${#FIPS_CONFLICTS[@]} -ne 0 ];
+if ! $MAKE check
then
- echo "Due to the way this package is compiled by the customer duplicate"
- echo "source file names are an issue, renaming:"
- for FNAME in "${FIPS_CONFLICTS[@]}"
- do
- echo "wolfcrypt/src/$FNAME.c to wolfcrypt/src/wc_$FNAME.c"
- mv "./wolfcrypt/src/$FNAME.c" "./wolfcrypt/src/wc_$FNAME.c"
- done
- echo "Confirming files were renamed..."
- ls -la ./wolfcrypt/src/wc_*.c
+ echo 'fips-check: Test failed. Debris left for analysis.'
+ exit 3
fi
# Clean up
popd || exit 2
-if [ "$KEEP" == "no" ];
+if [ "$KEEP" = 'no' ];
then
rm -rf "$TEST_DIR"
fi
diff --git a/extra/wolfssl/wolfssl/gencertbuf.pl b/extra/wolfssl/wolfssl/gencertbuf.pl
index 9d8a381f..5bc01887 100755
--- a/extra/wolfssl/wolfssl/gencertbuf.pl
+++ b/extra/wolfssl/wolfssl/gencertbuf.pl
@@ -19,18 +19,19 @@ my $outputFile = "./wolfssl/certs_test.h";
# Used with HAVE_ECC && USE_CERT_BUFFERS_256
my @fileList_ecc = (
- [ "./certs/ecc-client-key.der", "ecc_clikey_der_256" ],
- [ "./certs/ecc-client-keyPub.der", "ecc_clikeypub_der_256" ],
- [ "./certs/client-ecc-cert.der", "cliecc_cert_der_256" ],
- [ "./certs/ecc-key.der", "ecc_key_der_256" ],
- [ "./certs/ecc-keyPub.der", "ecc_key_pub_der_256" ],
- [ "./certs/server-ecc-comp.der", "serv_ecc_comp_der_256" ],
- [ "./certs/server-ecc-rsa.der", "serv_ecc_rsa_der_256" ],
- [ "./certs/server-ecc.der", "serv_ecc_der_256" ],
- [ "./certs/ca-ecc-key.der", "ca_ecc_key_der_256" ],
- [ "./certs/ca-ecc-cert.der", "ca_ecc_cert_der_256" ],
- [ "./certs/ca-ecc384-key.der", "ca_ecc_key_der_384" ],
- [ "./certs/ca-ecc384-cert.der", "ca_ecc_cert_der_384" ]
+ [ "./certs/ecc-client-key.der", "ecc_clikey_der_256" ],
+ [ "./certs/ecc-client-keyPub.der", "ecc_clikeypub_der_256" ],
+ [ "./certs/client-ecc-cert.der", "cliecc_cert_der_256" ],
+ [ "./certs/ecc-key.der", "ecc_key_der_256" ],
+ [ "./certs/ecc-keyPub.der", "ecc_key_pub_der_256" ],
+ [ "./certs/statickeys/ecc-secp256r1.der", "ecc_secp_r1_statickey_der_256" ],
+ [ "./certs/server-ecc-comp.der", "serv_ecc_comp_der_256" ],
+ [ "./certs/server-ecc-rsa.der", "serv_ecc_rsa_der_256" ],
+ [ "./certs/server-ecc.der", "serv_ecc_der_256" ],
+ [ "./certs/ca-ecc-key.der", "ca_ecc_key_der_256" ],
+ [ "./certs/ca-ecc-cert.der", "ca_ecc_cert_der_256" ],
+ [ "./certs/ca-ecc384-key.der", "ca_ecc_key_der_384" ],
+ [ "./certs/ca-ecc384-cert.der", "ca_ecc_cert_der_384" ]
);
@@ -44,6 +45,14 @@ my @fileList_ed = (
[ "./certs/ed25519/client-ed25519-key.der", "client_ed25519_key" ]
);
+# x25519 keys and certs
+# Used with USE_CERT_BUFFERS_25519 define.
+my @fileList_x = (
+ [ "./certs/statickeys/x25519.der", "x25519_statickey_der" ],
+ [ "./certs/statickeys/x25519-pub.der", "x25519_pub_statickey_der" ]
+ );
+
+
# 1024-bit certs/keys to be converted
# Used with USE_CERT_BUFFERS_1024 define.
@@ -68,6 +77,8 @@ my @fileList_2048 = (
[ "./certs/client-cert.der", "client_cert_der_2048" ],
[ "./certs/dh2048.der", "dh_key_der_2048" ],
[ "./certs/dh-pubkey-2048.der", "dh_pub_key_der_2048" ],
+ [ "./certs/statickeys/dh-ffdhe2048.der", "dh_ffdhe_statickey_der_2048" ],
+ [ "./certs/statickeys/dh-ffdhe2048-pub.der", "dh_ffdhe_pub_statickey_der_2048" ],
[ "./certs/dsa-pubkey-2048.der", "dsa_pub_key_der_2048" ],
[ "./certs/dsa2048.der", "dsa_key_der_2048" ],
[ "./certs/rsa2048.der", "rsa_key_der_2048" ],
@@ -129,6 +140,7 @@ my @fileList_sphincs = (
my $num_ecc = @fileList_ecc;
my $num_ed = @fileList_ed;
+my $num_x = @fileList_x;
my $num_1024 = @fileList_1024;
my $num_2048 = @fileList_2048;
my $num_3072 = @fileList_3072;
@@ -358,6 +370,24 @@ for (my $i = 0; $i < $num_ed; $i++) {
}
print OUT_FILE "#endif /* HAVE_ED25519 */\n\n";
+
+# convert and print CURVE25519 cert/keys
+print OUT_FILE "#if defined(USE_CERT_BUFFERS_25519)\n\n";
+for (my $i = 0; $i < $num_x; $i++) {
+
+ my $fname = $fileList_x[$i][0];
+ my $sname = $fileList_x[$i][1];
+
+ print OUT_FILE "/* $fname, CURVE25519 */\n";
+ print OUT_FILE "static const unsigned char $sname\[] =\n";
+ print OUT_FILE "{\n";
+ file_to_hex($fname);
+ print OUT_FILE "};\n";
+ print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
+}
+print OUT_FILE "#endif /* USE_CERT_BUFFERS_25519 */\n\n";
+
+
print OUT_FILE "#endif /* WOLFSSL_CERTS_TEST_H */\n\n";
# close certs_test.h file
diff --git a/extra/wolfssl/wolfssl/linuxkm/Kbuild b/extra/wolfssl/wolfssl/linuxkm/Kbuild
index 3133ea8f..093a7a11 100644
--- a/extra/wolfssl/wolfssl/linuxkm/Kbuild
+++ b/extra/wolfssl/wolfssl/linuxkm/Kbuild
@@ -103,6 +103,8 @@ $(obj)/wolfcrypt/src/aes_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DIS
$(obj)/wolfcrypt/src/aes_asm.o: OBJECT_FILES_NON_STANDARD := y
$(obj)/wolfcrypt/src/aes_gcm_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
$(obj)/wolfcrypt/src/aes_gcm_asm.o: OBJECT_FILES_NON_STANDARD := y
+$(obj)/wolfcrypt/src/aes_xts_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
+$(obj)/wolfcrypt/src/aes_xts_asm.o: OBJECT_FILES_NON_STANDARD := y
$(obj)/wolfcrypt/src/sp_x86_64_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
$(obj)/wolfcrypt/src/sp_x86_64_asm.o: OBJECT_FILES_NON_STANDARD := y
diff --git a/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h b/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h
index 2794dba6..3e738d00 100644
--- a/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h
+++ b/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h
@@ -133,6 +133,10 @@
* reference to unexported __show_free_areas().
*/
#define __show_free_areas my__show_free_areas
+ void my__show_free_areas(
+ unsigned int flags,
+ nodemask_t *nodemask,
+ int max_zone_idx);
#endif
#endif
#include <linux/mm.h>
@@ -181,6 +185,7 @@
#endif
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_x86(); if (_svr_ret != 0) { fail_clause } }
+ #define SAVE_VECTOR_REGISTERS2() save_vector_registers_x86()
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_x86()
@@ -189,6 +194,7 @@
#include <asm/fpsimd.h>
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_arm(); if (_svr_ret != 0) { fail_clause } }
+ #define SAVE_VECTOR_REGISTERS2() save_vector_registers_arm()
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_arm()
diff --git a/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template b/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template
index 62d6cf1c..b8266f84 100644
--- a/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template
+++ b/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template
@@ -151,12 +151,14 @@
#ifdef OPENSSL_EXTRA
#ifndef WOLFCRYPT_ONLY
- #include <wolfssl/openssl/evp.h>
+ #include <wolfssl/openssl/evp.h>
#endif
#include <wolfssl/openssl/rand.h>
#include <wolfssl/openssl/hmac.h>
#include <wolfssl/openssl/aes.h>
#include <wolfssl/openssl/des.h>
+ #include <wolfssl/openssl/modes.h>
+ #include <wolfssl/openssl/rc4.h>
#endif
#if defined(NO_FILESYSTEM)
diff --git a/extra/wolfssl/wolfssl/linuxkm/module_hooks.c b/extra/wolfssl/wolfssl/linuxkm/module_hooks.c
index fb7f1142..5b513374 100644
--- a/extra/wolfssl/wolfssl/linuxkm/module_hooks.c
+++ b/extra/wolfssl/wolfssl/linuxkm/module_hooks.c
@@ -508,11 +508,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
#include <wolfssl/wolfcrypt/coding.h>
-PRAGMA_GCC_DIAG_PUSH;
-PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"");
-PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"");
+PRAGMA_GCC_DIAG_PUSH
+PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"")
+PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"")
#include <crypto/hash.h>
-PRAGMA_GCC_DIAG_POP;
+PRAGMA_GCC_DIAG_POP
extern char verifyCore[WC_SHA256_DIGEST_SIZE*2 + 1];
extern const char coreKey[WC_SHA256_DIGEST_SIZE*2 + 1];
diff --git a/extra/wolfssl/wolfssl/mcapi/crypto.h b/extra/wolfssl/wolfssl/mcapi/crypto.h
index 979d6500..45111930 100644
--- a/extra/wolfssl/wolfssl/mcapi/crypto.h
+++ b/extra/wolfssl/wolfssl/mcapi/crypto.h
@@ -173,9 +173,9 @@ enum {
typedef struct CRYPT_AES_CTX {
/* big enough to hold internal, but check on init */
#ifdef WOLF_PRIVATE_KEY_ID
- int holder[108];
+ int holder[110];
#else
- int holder[90];
+ int holder[92];
#endif
} CRYPT_AES_CTX;
diff --git a/extra/wolfssl/wolfssl/mcapi/mcapi_test.c b/extra/wolfssl/wolfssl/mcapi/mcapi_test.c
index 3e79de2f..7e5acbc0 100644
--- a/extra/wolfssl/wolfssl/mcapi/mcapi_test.c
+++ b/extra/wolfssl/wolfssl/mcapi/mcapi_test.c
@@ -311,7 +311,7 @@ static int check_sha256(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
- printf("sha256 final memcmp fialed\n");
+ printf("sha256 final memcmp failed\n");
return -1;
}
printf("sha256 mcapi test passed\n");
@@ -351,7 +351,7 @@ static int check_sha384(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
- printf("sha384 final memcmp fialed\n");
+ printf("sha384 final memcmp failed\n");
return -1;
}
printf("sha384 mcapi test passed\n");
@@ -391,7 +391,7 @@ static int check_sha512(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
- printf("sha512 final memcmp fialed\n");
+ printf("sha512 final memcmp failed\n");
return -1;
}
printf("sha512 mcapi test passed\n");
@@ -434,7 +434,7 @@ static int check_hmac(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
- printf("hmac sha final memcmp fialed\n");
+ printf("hmac sha final memcmp failed\n");
return -1;
}
printf("hmac sha mcapi test passed\n");
@@ -462,7 +462,7 @@ static int check_hmac(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
- printf("hmac sha256 final memcmp fialed\n");
+ printf("hmac sha256 final memcmp failed\n");
return -1;
}
printf("hmac sha256 mcapi test passed\n");
@@ -490,7 +490,7 @@ static int check_hmac(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
- printf("hmac sha384 final memcmp fialed\n");
+ printf("hmac sha384 final memcmp failed\n");
return -1;
}
printf("hmac sha384 mcapi test passed\n");
@@ -518,7 +518,7 @@ static int check_hmac(void)
}
if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
- printf("hmac sha512 final memcmp fialed\n");
+ printf("hmac sha512 final memcmp failed\n");
return -1;
}
printf("hmac sha512 mcapi test passed\n");
diff --git a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c
index c7ce08bc..47943b54 100644
--- a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c
+++ b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c
@@ -134,8 +134,8 @@ int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle,
}
int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle,
- MQX_FILE_PTR *filesystem_handle,
- char *partman_name, char *filesystem_name)
+ MQX_FILE_PTR *filesystem_handle,
+ char *partman_name, char *filesystem_name)
{
_mqx_int error_code;
diff --git a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h
index cd11b492..0d2267fd 100644
--- a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h
+++ b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h
@@ -4,11 +4,11 @@
#define UTIL_H_
int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle,
- MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle,
- char *partman_name, char *filesystem_name);
+ MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle,
+ char *partman_name, char *filesystem_name);
int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle,
- MQX_FILE_PTR *filesystem_handle,
- char *partman_name, char *filesystem_name);
+ MQX_FILE_PTR *filesystem_handle,
+ char *partman_name, char *filesystem_name);
#endif /* UTIL_H_ */
diff --git a/extra/wolfssl/wolfssl/rpm/include.am b/extra/wolfssl/wolfssl/rpm/include.am
index 6e400b2e..5d15a1ca 100644
--- a/extra/wolfssl/wolfssl/rpm/include.am
+++ b/extra/wolfssl/wolfssl/rpm/include.am
@@ -22,6 +22,13 @@ clean-rpm:
rpm: rpm-build
+rpm-docker:
+ docker build -t "fedora-builder:Dockerfile" Docker/packaging/fedora
+ docker run --rm -v $(CURDIR):/opt/wolfssl fedora-builder:Dockerfile \
+ bash -c 'make -C /opt/wolfssl rpm'
+# To allow the user to keep using the configuration on the host
+ @./config.status --recheck &> /dev/null
+
release: rpm-sign
auto-rpmbuild:
diff --git a/extra/wolfssl/wolfssl/rpm/spec.in b/extra/wolfssl/wolfssl/rpm/spec.in
index f0ccaedf..b99f3bed 100644
--- a/extra/wolfssl/wolfssl/rpm/spec.in
+++ b/extra/wolfssl/wolfssl/rpm/spec.in
@@ -15,7 +15,7 @@ BuildRequires: sed
BuildRequires: tar
URL: http://www.wolfssl.com/
-Packager: Brian Aker <brian@tangent.org>
+Packager: wolfSSL <support@wolfssl.com>
Source: http://wolfssl.com/%{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
@@ -51,6 +51,7 @@ fi
%{__make} install DESTDIR="%{buildroot}" AM_INSTALL_PROGRAM_FLAGS=""
mkdir -p $RPM_BUILD_ROOT/
%{__rm} -f %{buildroot}/%{_libdir}/libwolfssl@LIBSUFFIX@.la
+%{__rm} -f %{buildroot}/%{_libdir}/libwolfssl.a
%check
@@ -66,10 +67,12 @@ mkdir -p $RPM_BUILD_ROOT/
%defattr(-,root,root,-)
%doc AUTHORS ChangeLog.md COPYING README README.md
%{_docdir}/wolfssl/taoCert.txt
-%{_docdir}/wolfssl/example/echoserver.c
+%{_docdir}/wolfssl/example/async_client.c
+%{_docdir}/wolfssl/example/async_server.c
+%{_docdir}/wolfssl/example/client.c
%{_docdir}/wolfssl/example/server.c
%{_docdir}/wolfssl/example/echoclient.c
-%{_docdir}/wolfssl/example/client.c
+%{_docdir}/wolfssl/example/echoserver.c
%{_docdir}/wolfssl/example/sctp-client.c
%{_docdir}/wolfssl/example/sctp-server.c
%{_docdir}/wolfssl/example/sctp-client-dtls.c
@@ -77,257 +80,17 @@ mkdir -p $RPM_BUILD_ROOT/
%{_docdir}/wolfssl/example/tls_bench.c
%{_docdir}/wolfssl/README.txt
%{_docdir}/wolfssl/QUIC.md
-
-%{_libdir}/libwolfssl@LIBSUFFIX@.so
-%{_libdir}/libwolfssl@LIBSUFFIX@.so.@WOLFSSL_LIBRARY_VERSION_FIRST@
-%{_libdir}/libwolfssl@LIBSUFFIX@.so.@WOLFSSL_LIBRARY_VERSION_FIRST@.@WOLFSSL_LIBRARY_VERSION_SECOND@.@WOLFSSL_LIBRARY_VERSION_THIRD@
+%{_libdir}/libwolfssl@LIBSUFFIX@.so.*
%files devel
%defattr(-,root,root,-)
%doc AUTHORS ChangeLog.md COPYING README README.md
%{_bindir}/wolfssl-config
-%{_includedir}/cyassl/callbacks.h
-%{_includedir}/cyassl/certs_test.h
-%{_includedir}/cyassl/crl.h
-%{_includedir}/cyassl/ctaocrypt/aes.h
-%{_includedir}/cyassl/ctaocrypt/arc4.h
-%{_includedir}/cyassl/ctaocrypt/asn.h
-%{_includedir}/cyassl/ctaocrypt/asn_public.h
-%{_includedir}/cyassl/ctaocrypt/blake2-impl.h
-%{_includedir}/cyassl/ctaocrypt/blake2-int.h
-%{_includedir}/cyassl/ctaocrypt/blake2.h
-%{_includedir}/cyassl/ctaocrypt/camellia.h
-%{_includedir}/cyassl/ctaocrypt/chacha.h
-%{_includedir}/cyassl/ctaocrypt/coding.h
-%{_includedir}/cyassl/ctaocrypt/compress.h
-%{_includedir}/cyassl/ctaocrypt/des3.h
-%{_includedir}/cyassl/ctaocrypt/dh.h
-%{_includedir}/cyassl/ctaocrypt/dsa.h
-%{_includedir}/cyassl/ctaocrypt/ecc.h
-%{_includedir}/cyassl/ctaocrypt/error-crypt.h
-%{_includedir}/cyassl/ctaocrypt/fips_test.h
-%{_includedir}/cyassl/ctaocrypt/hmac.h
-%{_includedir}/cyassl/ctaocrypt/integer.h
-%{_includedir}/cyassl/ctaocrypt/logging.h
-%{_includedir}/cyassl/ctaocrypt/md2.h
-%{_includedir}/cyassl/ctaocrypt/md4.h
-%{_includedir}/cyassl/ctaocrypt/md5.h
-%{_includedir}/cyassl/ctaocrypt/memory.h
-%{_includedir}/cyassl/ctaocrypt/misc.h
-%{_includedir}/cyassl/ctaocrypt/mpi_class.h
-%{_includedir}/cyassl/ctaocrypt/mpi_superclass.h
-%{_includedir}/cyassl/ctaocrypt/pkcs7.h
-%{_includedir}/cyassl/ctaocrypt/poly1305.h
-%{_includedir}/cyassl/ctaocrypt/pwdbased.h
-%{_includedir}/cyassl/ctaocrypt/random.h
-%{_includedir}/cyassl/ctaocrypt/ripemd.h
-%{_includedir}/cyassl/ctaocrypt/rsa.h
-%{_includedir}/cyassl/ctaocrypt/settings.h
-%{_includedir}/cyassl/ctaocrypt/settings_comp.h
-%{_includedir}/cyassl/ctaocrypt/sha.h
-%{_includedir}/cyassl/ctaocrypt/sha256.h
-%{_includedir}/cyassl/ctaocrypt/sha512.h
-%{_includedir}/cyassl/ctaocrypt/tfm.h
-%{_includedir}/cyassl/ctaocrypt/types.h
-%{_includedir}/cyassl/ctaocrypt/visibility.h
-%{_includedir}/cyassl/ctaocrypt/wc_port.h
-%{_includedir}/cyassl/error-ssl.h
-%{_includedir}/cyassl/ocsp.h
-%{_includedir}/cyassl/openssl/asn1.h
-%{_includedir}/cyassl/openssl/bio.h
-%{_includedir}/cyassl/openssl/bn.h
-%{_includedir}/cyassl/openssl/conf.h
-%{_includedir}/cyassl/openssl/crypto.h
-%{_includedir}/cyassl/openssl/des.h
-%{_includedir}/cyassl/openssl/dh.h
-%{_includedir}/cyassl/openssl/dsa.h
-%{_includedir}/cyassl/openssl/ec.h
-%{_includedir}/cyassl/openssl/ec25519.h
-%{_includedir}/cyassl/openssl/ec448.h
-%{_includedir}/cyassl/openssl/ecdh.h
-%{_includedir}/cyassl/openssl/ecdsa.h
-%{_includedir}/cyassl/openssl/ed25519.h
-%{_includedir}/cyassl/openssl/ed448.h
-%{_includedir}/cyassl/openssl/engine.h
-%{_includedir}/cyassl/openssl/err.h
-%{_includedir}/cyassl/openssl/evp.h
-%{_includedir}/cyassl/openssl/hmac.h
-%{_includedir}/cyassl/openssl/lhash.h
-%{_includedir}/cyassl/openssl/md4.h
-%{_includedir}/cyassl/openssl/md5.h
-%{_includedir}/cyassl/openssl/ocsp.h
-%{_includedir}/cyassl/openssl/opensslconf.h
-%{_includedir}/cyassl/openssl/opensslv.h
-%{_includedir}/cyassl/openssl/ossl_typ.h
-%{_includedir}/cyassl/openssl/pem.h
-%{_includedir}/cyassl/openssl/pkcs12.h
-%{_includedir}/cyassl/openssl/rand.h
-%{_includedir}/cyassl/openssl/ripemd.h
-%{_includedir}/cyassl/openssl/rsa.h
-%{_includedir}/cyassl/openssl/sha.h
-%{_includedir}/cyassl/openssl/ssl.h
-%{_includedir}/cyassl/openssl/ssl23.h
-%{_includedir}/cyassl/openssl/stack.h
-%{_includedir}/cyassl/openssl/ui.h
-%{_includedir}/cyassl/openssl/x509.h
-%{_includedir}/cyassl/openssl/x509v3.h
-%{_includedir}/cyassl/options.h
-%{_includedir}/cyassl/sniffer.h
-%{_includedir}/cyassl/sniffer_error.h
-%{_includedir}/cyassl/ssl.h
-%{_includedir}/cyassl/test.h
-%{_includedir}/cyassl/version.h
-%{_includedir}/wolfssl/callbacks.h
-%{_includedir}/wolfssl/certs_test.h
-%{_includedir}/wolfssl/crl.h
-%{_includedir}/wolfssl/error-ssl.h
-%{_includedir}/wolfssl/ocsp.h
-%{_includedir}/wolfssl/openssl/aes.h
-%{_includedir}/wolfssl/openssl/asn1.h
-%{_includedir}/wolfssl/openssl/asn1t.h
-%{_includedir}/wolfssl/openssl/bio.h
-%{_includedir}/wolfssl/openssl/bn.h
-%{_includedir}/wolfssl/openssl/cms.h
-%{_includedir}/wolfssl/openssl/buffer.h
-%{_includedir}/wolfssl/openssl/camellia.h
-%{_includedir}/wolfssl/openssl/cmac.h
-%{_includedir}/wolfssl/openssl/compat_types.h
-%{_includedir}/wolfssl/openssl/conf.h
-%{_includedir}/wolfssl/openssl/crypto.h
-%{_includedir}/wolfssl/openssl/des.h
-%{_includedir}/wolfssl/openssl/dh.h
-%{_includedir}/wolfssl/openssl/dsa.h
-%{_includedir}/wolfssl/openssl/ec.h
-%{_includedir}/wolfssl/openssl/ec25519.h
-%{_includedir}/wolfssl/openssl/ec448.h
-%{_includedir}/wolfssl/openssl/ecdh.h
-%{_includedir}/wolfssl/openssl/ecdsa.h
-%{_includedir}/wolfssl/openssl/ed25519.h
-%{_includedir}/wolfssl/openssl/ed448.h
-%{_includedir}/wolfssl/openssl/engine.h
-%{_includedir}/wolfssl/openssl/err.h
-%{_includedir}/wolfssl/openssl/evp.h
-%{_includedir}/wolfssl/openssl/fips_rand.h
-%{_includedir}/wolfssl/openssl/hmac.h
-%{_includedir}/wolfssl/openssl/kdf.h
-%{_includedir}/wolfssl/openssl/lhash.h
-%{_includedir}/wolfssl/openssl/md4.h
-%{_includedir}/wolfssl/openssl/md5.h
-%{_includedir}/wolfssl/openssl/modes.h
-%{_includedir}/wolfssl/openssl/obj_mac.h
-%{_includedir}/wolfssl/openssl/objects.h
-%{_includedir}/wolfssl/openssl/ocsp.h
-%{_includedir}/wolfssl/openssl/opensslconf.h
-%{_includedir}/wolfssl/openssl/opensslv.h
-%{_includedir}/wolfssl/openssl/ossl_typ.h
-%{_includedir}/wolfssl/openssl/pem.h
-%{_includedir}/wolfssl/openssl/pkcs12.h
-%{_includedir}/wolfssl/openssl/pkcs7.h
-%{_includedir}/wolfssl/openssl/rand.h
-%{_includedir}/wolfssl/openssl/rc4.h
-%{_includedir}/wolfssl/openssl/ripemd.h
-%{_includedir}/wolfssl/openssl/rsa.h
-%{_includedir}/wolfssl/openssl/sha.h
-%{_includedir}/wolfssl/openssl/srp.h
-%{_includedir}/wolfssl/openssl/sha3.h
-%{_includedir}/wolfssl/openssl/ssl.h
-%{_includedir}/wolfssl/openssl/ssl23.h
-%{_includedir}/wolfssl/openssl/stack.h
-%{_includedir}/wolfssl/openssl/txt_db.h
-%{_includedir}/wolfssl/openssl/tls1.h
-%{_includedir}/wolfssl/openssl/ui.h
-%{_includedir}/wolfssl/openssl/x509.h
-%{_includedir}/wolfssl/openssl/x509_vfy.h
-%{_includedir}/wolfssl/openssl/x509v3.h
-%{_includedir}/wolfssl/options.h
-%{_includedir}/wolfssl/quic.h
-%{_includedir}/wolfssl/sniffer.h
-%{_includedir}/wolfssl/sniffer_error.h
-%{_includedir}/wolfssl/ssl.h
-%{_includedir}/wolfssl/test.h
-%{_includedir}/wolfssl/version.h
-%{_includedir}/wolfssl/wolfcrypt/aes.h
-%{_includedir}/wolfssl/wolfcrypt/arc4.h
-%{_includedir}/wolfssl/wolfcrypt/asn.h
-%{_includedir}/wolfssl/wolfcrypt/asn_public.h
-%{_includedir}/wolfssl/wolfcrypt/blake2-impl.h
-%{_includedir}/wolfssl/wolfcrypt/blake2-int.h
-%{_includedir}/wolfssl/wolfcrypt/blake2.h
-%{_includedir}/wolfssl/wolfcrypt/camellia.h
-%{_includedir}/wolfssl/wolfcrypt/chacha.h
-%{_includedir}/wolfssl/wolfcrypt/chacha20_poly1305.h
-%{_includedir}/wolfssl/wolfcrypt/cmac.h
-%{_includedir}/wolfssl/wolfcrypt/coding.h
-%{_includedir}/wolfssl/wolfcrypt/compress.h
-%{_includedir}/wolfssl/wolfcrypt/cpuid.h
-%{_includedir}/wolfssl/wolfcrypt/cryptocb.h
-%{_includedir}/wolfssl/wolfcrypt/curve25519.h
-%{_includedir}/wolfssl/wolfcrypt/curve448.h
-%{_includedir}/wolfssl/wolfcrypt/des3.h
-%{_includedir}/wolfssl/wolfcrypt/dh.h
-%{_includedir}/wolfssl/wolfcrypt/dsa.h
-%{_includedir}/wolfssl/wolfcrypt/ecc.h
-%{_includedir}/wolfssl/wolfcrypt/eccsi.h
-%{_includedir}/wolfssl/wolfcrypt/ed25519.h
-%{_includedir}/wolfssl/wolfcrypt/ed448.h
-%{_includedir}/wolfssl/wolfcrypt/error-crypt.h
-%{_includedir}/wolfssl/wolfcrypt/ext_kyber.h
-%{_includedir}/wolfssl/wolfcrypt/falcon.h
-%{_includedir}/wolfssl/wolfcrypt/dilithium.h
-%{_includedir}/wolfssl/wolfcrypt/sphincs.h
-%{_includedir}/wolfssl/wolfcrypt/fe_448.h
-%{_includedir}/wolfssl/wolfcrypt/fe_operations.h
-%{_includedir}/wolfssl/wolfcrypt/fips_test.h
-%{_includedir}/wolfssl/wolfcrypt/ge_448.h
-%{_includedir}/wolfssl/wolfcrypt/ge_operations.h
-%{_includedir}/wolfssl/wolfcrypt/hash.h
-%{_includedir}/wolfssl/wolfcrypt/hmac.h
-%{_includedir}/wolfssl/wolfcrypt/hpke.h
-%{_includedir}/wolfssl/wolfcrypt/integer.h
-%{_includedir}/wolfssl/wolfcrypt/kdf.h
-%{_includedir}/wolfssl/wolfcrypt/kyber.h
-%{_includedir}/wolfssl/wolfcrypt/logging.h
-%{_includedir}/wolfssl/wolfcrypt/md2.h
-%{_includedir}/wolfssl/wolfcrypt/md4.h
-%{_includedir}/wolfssl/wolfcrypt/md5.h
-%{_includedir}/wolfssl/wolfcrypt/mem_track.h
-%{_includedir}/wolfssl/wolfcrypt/memory.h
-%{_includedir}/wolfssl/wolfcrypt/misc.h
-%{_includedir}/wolfssl/wolfcrypt/mpi_class.h
-%{_includedir}/wolfssl/wolfcrypt/mpi_superclass.h
-%{_includedir}/wolfssl/wolfcrypt/pkcs12.h
-%{_includedir}/wolfssl/wolfcrypt/pkcs7.h
-%{_includedir}/wolfssl/wolfcrypt/poly1305.h
-%{_includedir}/wolfssl/wolfcrypt/pwdbased.h
-%{_includedir}/wolfssl/wolfcrypt/random.h
-%{_includedir}/wolfssl/wolfcrypt/ripemd.h
-%{_includedir}/wolfssl/wolfcrypt/rc2.h
-%{_includedir}/wolfssl/wolfcrypt/rsa.h
-%{_includedir}/wolfssl/wolfcrypt/sakke.h
-%{_includedir}/wolfssl/wolfcrypt/settings.h
-%{_includedir}/wolfssl/wolfcrypt/sha.h
-%{_includedir}/wolfssl/wolfcrypt/sha256.h
-%{_includedir}/wolfssl/wolfcrypt/sha3.h
-%{_includedir}/wolfssl/wolfcrypt/sha512.h
-%{_includedir}/wolfssl/wolfcrypt/siphash.h
-%{_includedir}/wolfssl/wolfcrypt/signature.h
-%if "@INCLUDE_SP_INT@" != "no"
-%{_includedir}/wolfssl/wolfcrypt/sp_int.h
-%endif
-%{_includedir}/wolfssl/wolfcrypt/srp.h
-%{_includedir}/wolfssl/wolfcrypt/tfm.h
-%{_includedir}/wolfssl/wolfcrypt/types.h
-%{_includedir}/wolfssl/wolfcrypt/visibility.h
-%{_includedir}/wolfssl/wolfcrypt/wc_encrypt.h
-%{_includedir}/wolfssl/wolfcrypt/wc_port.h
-%{_includedir}/wolfssl/wolfcrypt/wc_kyber.h
-%{_includedir}/wolfssl/wolfcrypt/wolfevent.h
-%{_includedir}/wolfssl/wolfcrypt/wolfmath.h
-%{_includedir}/wolfssl/wolfio.h
+%{_includedir}/wolfssl/*.h
+%{_includedir}/wolfssl/wolfcrypt/*.h
+%{_includedir}/wolfssl/openssl/*.h
%{_libdir}/pkgconfig/wolfssl.pc
-%if "@ENABLED_FIPS@" != "no"
-%{_includedir}/wolfssl/wolfcrypt/fips.h
-%endif
+%{_libdir}/libwolfssl@LIBSUFFIX@.so
%changelog
* Mon Oct 17 2022 Juliusz Sosinowicz <juliusz@wolfssl.com>
@@ -372,7 +135,7 @@ mkdir -p $RPM_BUILD_ROOT/
* Thu May 31 2018 John Safranek <john@wolfssl.com>
- Update the version number on the library SO file.
* Fri Mar 02 2018 Jacob Barthelmeh <jacob@wolfssl.com>
-- Added headder files fips.h, buffer.h, objects.h, rc4.h and example tls_bench.c
+- Added header files fips.h, buffer.h, objects.h, rc4.h and example tls_bench.c
* Fri Sep 08 2017 Jacob Barthelmeh <jacob@wolfssl.com>
- Change name for header wolfssl/io.h to wolfssl/wolfio.h
* Fri Aug 04 2017 Jacob Barthelmeh <jacob@wolfssl.com>
diff --git a/extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh b/extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh
new file mode 100644
index 00000000..1a6258fc
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh
@@ -0,0 +1,201 @@
+#!/bin/bash
+#
+# aria_cmake_build_test.sh
+#
+# This is a test script for building wolfSSL examples with various settings
+# for the ARIA Magic Crypto ciphers.
+#
+# See https://github.com/wolfSSL/wolfssl/pull/6400 and
+# https://github.com/wolfSSL/wolfssl/pull/6600
+#
+# The basic steps for building:
+#
+# # set to your path
+# export ARIA_DIR=/mnt/c/workspace/MagicCrypto
+#
+# mkdir -p out
+# pushd out
+# cmake .. -DWOLFSSL_ARIA=yes
+# cmake --build .
+#
+# # View the available ciphers with:
+# ./examples/client/client -e
+#
+# or with grep:
+# ./examples/client/client -e | grep -i ARIA
+#
+# Note the OPENSSL_EXTRA and WOLF_CRYPTOCB macros may need to be defined
+# in certain circumstances. The LD_LIBRARY_PATH=$ARIA_DIR may also be needed.
+#
+
+export ARIA_BUILD_DIR=./out_temp
+
+export ARIA_ERROR_RM_FAIL=1
+export ARIA_ERROR_MKDIR_FAIL=2
+export ARIA_ERROR_CMAKE_FAIL=3
+export ARIA_ERROR_BUILD_FAIL=4
+export ARIA_ERROR_CLIENT_FAIL=5
+export ARIA_ERROR_CIPHER_FAIL=6
+export ARIA_ERROR_CONFIG_FAIL=7
+
+#
+# function build_aria_test()
+#
+build_aria_test() {
+ local EXPECTED_ERROR=$1 # First parameter; 0, 1, 2, etc
+ local EXPECTED_ARIA=$2 # Second parameter: typically "Y" or "N"
+ local BUILD_MESSAGE=$3 # Third parameter; "some message"
+ local BUILD_DIR=$4 # Fourth parameter: "./someDirectory"
+ local BUILD_OPTION=$5 # Fifth parameter. Optional: ""
+
+ echo "********************************************************************"
+ echo "Starting $BUILD_MESSAGE"
+ echo "********************************************************************"
+ if [[ -z "$BUILD_DIR" ]]; then
+ local BUILD_DIR=out
+ fi
+
+ echo "BUILD_DIR=$BUILD_DIR"
+ echo "BUILD_OPTION=$BUILD_OPTION"
+
+ # remove build directory
+ rm -rf $BUILD_DIR
+ if [ $? -eq 0 ]; then
+ echo "$BUILD_DIR removed."
+ else
+ echo "Failed to remove directory."
+ return $ARIA_ERROR_RM_FAIL
+ fi
+
+ # create a fresh directory
+ mkdir -p $BUILD_DIR
+ if [ $? -eq 0 ]; then
+ echo "$BUILD_DIR created."
+ else
+ echo "Failed to create directory $BUILD_DIR"
+ return $ARIA_ERROR_MKDIR_FAIL
+ fi
+
+ # change into build directory
+ pushd $BUILD_DIR
+
+ # initial cmake
+ echo "********************************************************************"
+ echo "CMake for $BUILD_MESSAGE"
+ if [ -z "$BUILD_OPTION" ]; then
+ echo "(No additional build options)"
+ else
+ echo "Using build option: $BUILD_OPTION"
+ fi
+ echo "********************************************************************"
+ cmake .. $BUILD_OPTION
+ if [ $? -eq 0 ]; then
+ echo "cmake successful."
+ else
+ echo "ERROR: cmake failed"
+ return $ARIA_ERROR_CMAKE_FAIL
+ fi
+
+ # build
+ echo "********************************************************************"
+ echo "Build for $BUILD_MESSAGE"
+ if [ -z "$BUILD_OPTION" ]; then
+ echo "(No additional build options)"
+ else
+ echo "Using build option: $BUILD_OPTION"
+ fi
+ echo "********************************************************************"
+ cmake --build .
+ if [ $? -eq 0 ]; then
+ echo "cmake build successful."
+ else
+ echo "ERROR: cmake build failed"
+ return $ARIA_ERROR_BUILD_FAIL
+ fi
+
+ # View the available ciphers with:
+ echo "checking wolfsl client ssl version numbers SSLv3(0) - TLS1.3(4):"
+ ./examples/client/client -V
+ if [ $? -eq 0 ]; then
+ echo "Confirmed ./examples/client/client operational."
+ else
+ echo "ERROR ./examples/client/client error = $?"
+ return $ARIA_ERROR_CLIENT_FAIL
+ fi
+
+ # now see if we have ARIA ciphers
+ if ./examples/client/client -e | awk '/ARIA/{found=1} END{exit !found}'; then
+ if [ "$EXPECTED_ARIA" == "Y" ]; then
+ echo "Found ARIA ciphers as expected."
+ else
+ echo "ERROR: Found ARIA ciphers when NOT expected."
+ return $ARIA_ERROR_CIPHER_FAIL
+ fi
+ else
+ if [ "$EXPECTED_ARIA" == "N" ]; then
+ echo "No ARIA ciphers found as expected with ./examples/client/client -e"
+ else
+ echo "ERROR: No ARIA ciphers found, EXPECTED_ARIA parameter = \"$EXPECTED_ARIA\"; expected \"N\"."
+ return $ARIA_ERROR_CONFIG_FAIL
+ fi
+ fi
+ ./examples/client/client -e
+
+ echo "Return to working directory."
+ popd
+
+ echo "********************************************************************"
+ echo "Completed $BUILD_MESSAGE"
+ echo "********************************************************************"
+ echo ""
+}
+
+set -e
+
+# No ARIA Environment Variable
+export ARIA_DIR=
+export THIS_MESSAGE="No ARIA Environment Variable, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+export ARIA_DIR=
+export THIS_MESSAGE="No ARIA Environment Variable, ARIA Enabled"
+build_aria_test 0 Y "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+
+# ARIA Environment Variable with MagicCrypto in local user directory
+export ARIA_DIR=~/MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in local user directory, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+export ARIA_DIR=~/MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in local user directory, ARIA Enabled"
+build_aria_test 0 Y "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+
+# ARIA Environment Variable with MagicCrypto in wolfssl directory
+export ARIA_DIR=~/MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in wolfssl directory, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+export ARIA_DIR=./MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in wolfssl, ARIA Enabled"
+build_aria_test 0 Y "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+
+# ARIA Environment Variable with bad directory, ARIA not enabled so bad directory ignored
+export ARIA_DIR=./UnknownDirectory
+export THIS_MESSAGE="ARIA Environment Variable with bad directory, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+# ARIA Environment Variable with bad directory, ARIA enabled so bad directory should fail
+set +e
+export ARIA_DIR=./UnknownDirectory
+export THIS_MESSAGE="ARIA Environment Variable with bad directory, ARIA Enabled"
+build_aria_test $ARIA_ERROR_CMAKE_FAIL N "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+if [ $? -eq $ARIA_ERROR_CMAKE_FAIL ]; then
+ echo "Properly detected bad directory and failed as expected."
+else
+ echo "Error: expected failure not detected."
+ exit 1
+fi
+
+echo "Done. aria_cmake_build_test completed successfully!"
+
+exit 0
diff --git a/extra/wolfssl/wolfssl/scripts/crl-revoked.test b/extra/wolfssl/wolfssl/scripts/crl-revoked.test
index 2f48b11e..da245d48 100755
--- a/extra/wolfssl/wolfssl/scripts/crl-revoked.test
+++ b/extra/wolfssl/wolfssl/scripts/crl-revoked.test
@@ -22,6 +22,7 @@ cp -rp . $RUNNING_DIR/.
cd $RUNNING_DIR
revocation_code="-361"
+revocation_code_openssl="23"
exit_code=1
counter=0
# need a unique resume port since may run the same time as testsuite
@@ -112,7 +113,7 @@ run_test() {
server_result=$?
case "$capture_out" in
- *$revocation_code*)
+ *"$revocation_code"*|*"$revocation_code_openssl"*)
# only exit with zero on detection of the expected error code
echo ""
echo "Successful Revocation!!!!"
@@ -178,7 +179,7 @@ run_hashdir_test() {
server_result=$?
case "$capture_out" in
- *$revocation_code*)
+ *"$revocation_code"*|*"$revocation_code_openssl"*)
# only exit with zero on detection of the expected error code
echo ""
echo "Successful Revocation!!!! with hash dir"
diff --git a/extra/wolfssl/wolfssl/scripts/dtls.test b/extra/wolfssl/wolfssl/scripts/dtls.test
new file mode 100755
index 00000000..2bf36d19
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/dtls.test
@@ -0,0 +1,169 @@
+#!/bin/bash
+
+# This script can be run with several environment variables set dictating its
+# run. You can set the following to what you like:
+WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)}
+UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"}
+DTLS_VERSION=${DTLS_VERSION:-"-v4"}
+PCAP_FILENAME=${PCAP_FILENAME:-"dtls${DTLS_VERSION}.pcap"}
+# Additionally, you can add the following tests by setting it to '1':
+DO_EXTENDED_SERVER_PERMUTATION_TEST=${DO_EXTENDED_SERVER_PERMUTATION_TEST:-0}
+DO_DELAY_TEST=${DO_DELAY_TEST:-0}
+
+# An example use would be: DTLS_VERSION=-v3 scripts/dtls.test
+# Note the output also consists of a single PCAP file which has a set of
+# three packets (1-byte, strlen()-byte, 1-byte payload) deliniating each test.
+
+#set -x # enable debug output
+
+# bwrap execution environment to avoid port conflicts
+if [ "${AM_BWRAPPED-}" != "yes" ]; then
+ bwrap_path="$(command -v bwrap)"
+ if [ -n "$bwrap_path" ]; then
+ export AM_BWRAPPED=yes
+ exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
+ fi
+fi
+
+cleanup () {
+ echo
+ echo "Cleaning up..."
+ if [ ! -z "$UDP_PROXY_PID" ];then
+ echo "Killing udp_proxy $UDP_PROXY_PID"
+ kill $UDP_PROXY_PID
+ fi
+ if [ ! -z "$SERVER_PID" ];then
+ echo "Killing server $SERVER_PID"
+ kill $SERVER_PID
+ fi
+ if [ ! -z "$TCPDUMP_PID" ];then
+ echo "Killing tcpdump $TCPDUMP_PID"
+ sleep 1
+ kill $TCPDUMP_PID
+ fi
+}
+
+trap cleanup err exit
+
+PROXY_PORT=1234
+SERVER_PORT=4321
+KEY_UPDATE_SIZE=35
+NUM_TESTS_FAILED=0
+NUM_TESTS_RUN=0
+
+if [ "$DTLS_VERSION" = "-v4" ]; then
+ UDP_PROXY_EXTRA_ARGS="-u"
+fi
+
+# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf
+
+set -o pipefail
+prepend() { # Usage: cmd 2>&1 | prepend "sometext "
+ while read line; do echo "${1}${line}"; done
+}
+
+run_test() { # usage: run_test "<testName>" "<udp-proxy args>" "<server args>" "<client args>"
+ ((NUM_TESTS_RUN++))
+ echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
+ echo "$1" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
+ echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
+ echo -e "\n${1}\n"
+ stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $3 2>&1 | prepend "[server] " &
+ SERVER_PID=$(($! - 1))
+ stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $2 2>&1 | prepend "[udp-proxy] " &
+ UDP_PROXY_PID=$(($! - 1))
+ sleep 0.2
+ # Wrap this command in a timeout so that a deadlock won't bring down the entire test
+ timeout -s KILL 1m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $4 2>&1 | prepend "[client] "
+ if [ $? != 0 ]; then
+ echo "***Test failed***"
+ ((NUM_TESTS_FAILED++))
+ fi
+ kill $SERVER_PID >&/dev/null # make sure the server is no longer running
+ SERVER_PID=
+ kill $UDP_PROXY_PID
+ UDP_PROXY_PID=
+}
+
+test_dropping_packets () {
+ for i in $(seq 0 11);do
+ run_test "Dropping ${i}th packet" "-f $i" "-Ta" ""
+ done
+
+ # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
+ for i in $(seq 0 10);do
+ run_test "Testing WANT_WRITE: dropping packet $i" "-f $i" "-Ta -6" "-6"
+ done
+}
+
+# this test is based on detecting newSessionTicket message by its size. This is rather fragile.
+test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size>
+ run_test "Dropping new session ticket packet of size $1" "-F $1" "-w" "-w --waitTicket"
+}
+
+test_permutations () {
+ SIDE=$1
+ PERMUTATIONS=$(python3 << EOF
+import itertools
+for p in itertools.permutations("$2"):
+ print(''.join(p))
+EOF
+ )
+ for i in $PERMUTATIONS;do
+ UDP_LOGFILE=$(mktemp)
+ run_test "Testing $SIDE permutations order $i" "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w"
+ echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
+ rm -f $UDP_LOGFILE
+ done
+ echo "All $SIDE msg permutations succeeded"
+}
+
+
+test_time_delays () {
+ DELAYS=$(python3 << EOF
+import itertools
+t = [0.1, 0.5, 1.1]
+tt = []
+for i in itertools.product(t, t, t):
+ tt.append(i * 15)
+for i in tt:
+ print(','.join(map(lambda x: str(x) , i)))
+EOF
+ )
+ for DELAY in $DELAYS;do
+ UDP_LOGFILE=$(mktemp)
+ run_test "Testing delay $DELAY" "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w"
+ echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
+ rm -f $UDP_LOGFILE
+ done
+}
+
+echo "Starting capture"
+tcpdump -i lo -n port ${SERVER_PORT} -w ${PCAP_FILENAME} -U &
+TCPDUMP_PID=$!
+sleep 0.5
+
+test_dropping_packets
+test_permutations client 012
+
+if [ "$DO_EXTENDED_SERVER_PERMUTATION_TEST" = "1" ];then
+ test_permutations server 0123456
+else
+ test_permutations server 012
+fi
+
+test_dropping_new_session_ticket 200
+
+# TODO: fix udp_proxy to not re-order close alert before app data
+if [ "$DO_DELAY_TEST" = "1" ];then
+ test_time_delays
+fi
+
+if [ $NUM_TESTS_FAILED == 0 ]; then
+ echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n"
+else
+ echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n"
+fi
+
+echo "The script ran for $SECONDS seconds"
+exit $NUM_TESTS_FAILED
diff --git a/extra/wolfssl/wolfssl/scripts/dtls13.test b/extra/wolfssl/wolfssl/scripts/dtls13.test
deleted file mode 100755
index af04b444..00000000
--- a/extra/wolfssl/wolfssl/scripts/dtls13.test
+++ /dev/null
@@ -1,171 +0,0 @@
-#!/bin/bash
-
-set -e
-
-cleanup () {
- echo
- echo "Cleaning up..."
- if [ ! -z "$UDP_PROXY_PID" ];then
- echo "Killing udp_proxy $UDP_PROXY_PID"
- kill $UDP_PROXY_PID
- fi
- if [ ! -z "$SERVER_PID" ];then
- echo "Killing server $SERVER_PID"
- kill $SERVER_PID
- fi
-}
-
-trap cleanup err exit
-
-WOLFSSL_ROOT=$(pwd)
-if [ -z $UDP_PROXY_PATH ];then
-UDP_PROXY_PATH=$WOLFSSL_ROOT/../udp-proxy/udp_proxy
-fi
-PROXY_PORT=12345
-SERVER_PORT=11111
-NEW_SESSION_TICKET_SIZE=200
-KEY_UPDATE_SIZE=35
-
-(killall udp_proxy || true)
-(killall lt-server || true)
-(killall lt-client || true)
-
-# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf
-
-test_dropping_packets () {
- for i in $(seq 0 11);do
- echo -e "\ndropping packet $i\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
- $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -f $i -u >>/tmp/udp &
- UDP_PROXY_PID=$!
- $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta 2>>/tmp/serr &
- SERVER_PID=$!
- sleep 0.2
- now=$(date +%s.%N)
- $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT 2>>/tmp/cerr
- elapsed=$(echo $(date +%s.%N) - $now | bc)
- echo "it took ${elapsed} sec(s)" >> /tmp/udp
- wait $SERVER_PID
- SERVER_PID=
- kill $UDP_PROXY_PID
- UDP_PROXY_PID=
- done
-
-
- echo -e "\nTesting WANT_WRITE\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
-
- # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
- for i in $(seq 0 10);do
- echo -e "\ndropping packet $i\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
- $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -f $i -u >>/tmp/udp &
- UDP_PROXY_PID=$!
- $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -6 2>>/tmp/serr &
- SERVER_PID=$!
- sleep 0.2
- now=$(date +%s.%N)
- $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -6 2>>/tmp/cerr
- elapsed=$(echo $(date +%s.%N) - $now | bc)
- echo "it took ${elapsed} sec(s)" >> /tmp/udp
- wait $SERVER_PID
- SERVER_PID=
- kill $UDP_PROXY_PID
- UDP_PROXY_PID=
- done
-}
-
-# this test is based on detecting newSessionTicket message by its size. This is rather fragile.
-test_dropping_new_session_ticket() {
- echo -e "\ndropping new session ticket packet of size $NEW_SESSION_TICKET_SIZE\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
- $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -F $NEW_SESSION_TICKET_SIZE -u >>/tmp/udp &
- UDP_PROXY_PID=$!
- $WOLFSSL_ROOT/examples/server/server -v4 -w -u 2>>/tmp/serr &
- SERVER_PID=$!
- sleep 0.2
- now=$(date +%s.%N)
- $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w --waitTicket 2>>/tmp/cerr
- elapsed=$(echo $(date +%s.%N) - $now | bc)
- echo "it took ${elapsed} sec(s)" >> /tmp/udp
- wait $SERVER_PID
- SERVER_PID=
- kill $UDP_PROXY_PID
- UDP_PROXY_PID=
-}
-
-test_permutations () {
- SIDE=$1
- PERMUTATIONS=$(python3 << EOF
-import itertools
-for p in itertools.permutations("$2"):
- print(''.join(p))
-EOF
- )
- echo "Testing $SIDE msg permutations"
- for i in $PERMUTATIONS;do
- echo -n "Testing $SIDE order $i"
- UDP_LOGFILE=/tmp/udp-$SIDE-$i
- $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u -r $i -l $UDP_LOGFILE -S $SIDE &
- UDP_PROXY_PID=$!
- $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -w &> /tmp/serr &
- SERVER_PID=$!
- sleep 0.2
- now=$(date +%s.%N)
- $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w &> /tmp/cerr
- elapsed=$(echo $(date +%s.%N) - $now | bc)
- udp_lines=$(grep -P 'client:|server:' $UDP_LOGFILE | wc -l)
- echo " took ${elapsed} sec(s) and produced ${udp_lines} messages"
- wait $SERVER_PID
- SERVER_PID=
- kill $UDP_PROXY_PID
- UDP_PROXY_PID=
- rm $UDP_LOGFILE
- done
- echo "All $SIDE msg permutations succeeded"
-}
-
-
-test_time_delays () {
- DELAYS=$(python3 << EOF
-import itertools
-t = [0.1, 0.5, 1.1]
-tt = []
-for i in itertools.product(t, t, t):
- tt.append(i * 15)
-for i in tt:
- print(','.join(map(lambda x: str(x) , i)))
-EOF
- )
- for DELAY in $DELAYS;do
- echo -n "Testing delay $DELAY"
- UDP_LOGFILE=/tmp/udp-delay-$DELAY
- $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u -l "$UDP_LOGFILE" -t $DELAY &
- UDP_PROXY_PID=$!
- $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -w &> /tmp/serr &
- SERVER_PID=$!
- sleep 0.2
- now=$(date +%s.%N)
- $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w &> /tmp/cerr
- elapsed=$(echo $(date +%s.%N) - $now | bc)
- udp_lines=$(grep -P 'client:|server:' "$UDP_LOGFILE" | wc -l)
- echo " took ${elapsed} sec(s) and produced ${udp_lines} messages"
- wait $SERVER_PID
- SERVER_PID=
- kill $UDP_PROXY_PID
- UDP_PROXY_PID=
- rm "$UDP_LOGFILE"
- done
-}
-
-test_dropping_packets
-test_permutations client 012
-test_dropping_new_session_ticket
-
-if [ ! -z $DTLS13_DO_SERVER_PERMUTATION_TEST ];then
- test_permutations server 0123456
-fi
-
-# TODO: fix udp_proxy to not re-order close alert before app data
-if [ ! -z $DTLS13_DO_DELAY_TEST ];then
- test_time_delays
-fi
-
-echo
-echo "All tests SUCCEEDED!!!"
diff --git a/extra/wolfssl/wolfssl/scripts/external.test b/extra/wolfssl/wolfssl/scripts/external.test
index 39b88e99..671f6f9a 100755
--- a/extra/wolfssl/wolfssl/scripts/external.test
+++ b/extra/wolfssl/wolfssl/scripts/external.test
@@ -45,4 +45,15 @@ RESULT=$?
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
+# test again, but using system CA certs to verify the server if support is enabled.
+# We don't want to use --sys-ca-certs with static memory, as we don't know how
+# much memory will be required to store an unbounded number of certs
+BUILD_FLAGS="$(./examples/client/client '-#')"
+if echo "$BUILD_FLAGS" | grep -q "WOLFSSL_SYS_CA_CERTS" && ! echo "$BUILD_FLAGS" | grep -q "WOLFSSL_STATIC_MEMORY"; then
+ echo -e "\nConnecting using WOLFSSL_SYS_CA_CERTS..."
+ ./examples/client/client -X -C -h $server -p 443 -g --sys-ca-certs
+ RESULT=$?
+ [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed when using WOLFSSL_SYS_CA_CERTS" && exit 1
+fi
+
exit 0
diff --git a/extra/wolfssl/wolfssl/scripts/include.am b/extra/wolfssl/wolfssl/scripts/include.am
index 97aae077..eab99c61 100644
--- a/extra/wolfssl/wolfssl/scripts/include.am
+++ b/extra/wolfssl/wolfssl/scripts/include.am
@@ -87,6 +87,8 @@ noinst_SCRIPTS+= scripts/unit.test.in
endif
endif
+dist_noinst_SCRIPTS+= scripts/pem.test
+
EXTRA_DIST += scripts/sniffer-static-rsa.pcap \
scripts/sniffer-ipv6.pcap \
scripts/sniffer-tls13-dh.pcap \
@@ -101,7 +103,8 @@ EXTRA_DIST += scripts/sniffer-static-rsa.pcap \
scripts/benchmark.test \
scripts/memtest.sh \
scripts/makedistsmall.sh \
- scripts/openssl_srtp.test
+ scripts/openssl_srtp.test \
+ scripts/aria-cmake-build-test.sh
# leave openssl.test as extra until non bash works
@@ -114,8 +117,9 @@ EXTRA_DIST += scripts/stm32l4-v4_0_1_build.sh
EXTRA_DIST += scripts/cleanup_testfiles.sh
+EXTRA_DIST += scripts/dtls.test
+
if BUILD_DTLS13
-EXTRA_DIST += scripts/dtls13.test
EXTRA_DIST += scripts/dtlscid.test
endif
diff --git a/extra/wolfssl/wolfssl/scripts/makedistsmall.sh b/extra/wolfssl/wolfssl/scripts/makedistsmall.sh
index 24bd7f19..9c38e568 100755
--- a/extra/wolfssl/wolfssl/scripts/makedistsmall.sh
+++ b/extra/wolfssl/wolfssl/scripts/makedistsmall.sh
@@ -9,6 +9,7 @@
if [ "$1" == "keep" ]; then KEEP="yes"; else KEEP="no"; fi
WOLFSSL_TEMPDIR=$(mktemp -d) || exit $?
+WOLFSSL_BRANCH=$(git symbolic-ref --short HEAD)
function cleanup_on_exit() {
if [ "$KEEP" == "no" ];
@@ -34,15 +35,13 @@ fi
echo "Setting up work directory..."
git clone -q -n --shared . "$WOLFSSL_TEMPDIR" || exit $?
pushd "$WOLFSSL_TEMPDIR" >/dev/null || exit $?
-git checkout -q master || exit $?
+git checkout -q "$WOLFSSL_BRANCH"
# cleanup example directories
echo "Removing files not needed..."
rm -rf -- ./.git*
rm -rf ./build-aux
rm -rf ./certs
-rm -rf ./ctaocrypt
-rm -rf ./cyassl
rm -rf ./doc
rm -rf ./Docker
# these use test.h, which are not portable
@@ -73,7 +72,7 @@ find . -name "*.vcxproj" -delete
find . -name "*.vcproj" -delete
find . -name "*.sln" -delete
-# TLS/Compatiblity layer
+# TLS/Compatibility layer
#rm -rf ./src
#rm -rf ./wolfssl/openssl
diff --git a/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test b/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test
index cdc03f56..c14fbf0e 100755
--- a/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test
+++ b/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test
@@ -243,16 +243,18 @@ else
OPENSSL_RESULT=$?
echo "$OPENSSL_OUTPUT"
fgrep -q 'self signed certificate in certificate chain' <<< "$OPENSSL_OUTPUT"
- FGREP_RESULT=$?
- if [ $OPENSSL_RESULT -eq 0 -a $FGREP_RESULT -ne 0 ]; then
+ FGREP1_RESULT=$?
+ fgrep -q 'self-signed certificate in certificate chain' <<< "$OPENSSL_OUTPUT"
+ FGREP2_RESULT=$?
+ if [ $OPENSSL_RESULT -eq 0 -a $FGREP1_RESULT -ne 0 -a $FGREP2_RESULT -ne 0 ]; then
printf '%s\n' "Expected verification error from s_client is missing."
remove_single_rF "$ready_file"
exit 1
fi
remove_single_rF "$ready_file"
wait $wolf_pid
- if [ $? -ne 1 ]; then
- printf '%s\n' "wolfSSL server unexpected fail value"
+ if [ $? -ne 0 ]; then
+ printf '%s\n' "wolfSSL server unexpected fail"
exit 1
fi
fi
diff --git a/extra/wolfssl/wolfssl/scripts/openssl.test b/extra/wolfssl/wolfssl/scripts/openssl.test
index 8a515333..9bd98e5f 100755
--- a/extra/wolfssl/wolfssl/scripts/openssl.test
+++ b/extra/wolfssl/wolfssl/scripts/openssl.test
@@ -2,7 +2,7 @@
# openssl.test
-# Enviornment variables used:
+# Environment variables used:
# OPENSSL (openssl app to use)
# OPENSSL_ENGINE_ID (engine id if any i.e. "wolfengine")
@@ -490,7 +490,7 @@ IFS="$OIFS" #restore separator
# Start OpenSSL servers
#
-# Check for cerificate support in wolfSSL
+# Check for certificate support in wolfSSL
wolf_certs=`$WOLFSSL_CLIENT -? 2>&1`
case $wolf_certs in
*"cert"*)
diff --git a/extra/wolfssl/wolfssl/scripts/pem.test b/extra/wolfssl/wolfssl/scripts/pem.test
new file mode 100755
index 00000000..7c32f8b0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/pem.test
@@ -0,0 +1,459 @@
+#!/bin/bash
+
+# pem.test
+# Copyright wolfSSL 2023-2023
+
+tmp_file=./pem_test.$$
+tmp_der_file=./pem_test_out_der.$$
+tmp_pem_file=./pem_test_out_pem.$$
+PEM_EXE=./examples/pem/pem
+ASN1_EXE=./examples/asn1/asn1
+TEST_CNT=0
+TEST_PASS_CNT=0
+TEST_SKIP_CNT=0
+TEST_FAIL_CNT=0
+TEST_FAIL=
+TEST_CASES=()
+RUN_ALL="YES"
+CR=$'\n'
+ENC_STRING="encrypt"
+DER_TO_PEM_STRING="input is DER and output is PEM"
+
+# Cleanup temporaries created during testing.
+do_cleanup() {
+ echo
+ echo "in cleanup"
+
+ if [ -e "$tmp_der_file" ]; then
+ echo -e "removing existing temporary DER output file"
+ rm "$tmp_der_file"
+ fi
+ if [ -e "$tmp_pem_file" ]; then
+ echo -e "removing existing temporary PEM output file"
+ rm "$tmp_pem_file"
+ fi
+ if [ -e "$tmp_file" ]; then
+ echo -e "removing existing temporary output file"
+ rm "$tmp_file"
+ fi
+}
+
+# Called when a signal is trapped.
+do_trap() {
+ echo
+ echo "got trap"
+ do_cleanup
+ exit 1
+}
+
+# Trap keyboard interrupt and termination signal.
+trap do_trap INT TERM
+
+# Check the usage text for a string to determine feature support.
+#
+# @param [in] $1 String to search for,
+# @return 1 when string is found.
+# @return 0 otherwise.
+check_usage_string() {
+ $PEM_EXE -? | grep "$1" >$tmp_file 2>&1
+ if [ "$?" = "0" ]; then
+ return 1
+ fi
+ return 0
+}
+
+# Check whether the test case is to be run.
+# When command line parameters given - only run those.
+#
+# @return 1 when test case is to be run.
+# @return 0 otherwise.
+check_run() {
+ # When RUN_ALL set them all test cases are run.
+ if [ "$RUN_ALL" != "" ]; then
+ return 1
+ else
+ # Check if test case number in list.
+ for T in "${TEST_CASE[@]}"; do
+ if [ "$T" = "$TEST_CNT" ]; then
+ return 1
+ fi
+ done
+ return 0
+ fi
+}
+
+# Setup for new test case.
+#
+# @param [in] $* Name of test case.
+test_setup() {
+ TEST_CNT=$((TEST_CNT+1))
+ TEST_DESC="$TEST_CNT: $*"
+ FAILED=
+ SKIP=
+
+ if [ "$USAGE_STRING" != "" ]; then
+ # Check usage output for string to see whether we have to skip test case
+ # due to wolfSSL missing features.
+ check_usage_string "$USAGE_STRING"
+ if [ "$?" = "0" ] ; then
+ echo
+ echo "$TEST_DESC"
+ echo "SKIPPED"
+ SKIP="missing feature"
+ fi
+ USAGE_STRING=
+ fi
+
+ if [ "$SKIP" = "" ]; then
+ # Check whether this test case is to be run.
+ check_run
+ if [ "$?" = "1" ]; then
+ echo
+ echo "$TEST_DESC"
+ TEST_PASS_CNT=$((TEST_PASS_CNT+1))
+ else
+ SKIP="not requested"
+ fi
+ fi
+
+ # Handle skipping
+ if [ "$SKIP" != "" ]; then
+ TEST_SKIP_CNT=$((TEST_SKIP_CNT+1))
+ fi
+}
+
+# Handle when a test case failed.
+test_fail() {
+ if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+ TEST_PASS_CNT=$((TEST_PASS_CNT-1))
+ TEST_FAIL_CNT=$((TEST_FAIL_CNT+1))
+ TEST_FAIL="$TEST_FAIL$CR $TEST_DESC"
+ FAILED=yes
+ fi
+}
+
+# Use asn1 to check DER produced is valid.
+check_der() {
+ $ASN1_EXE $tmp_der_file >$tmp_file 2>&1
+ if [ "$?" != "0" ]; then
+ echo
+ echo " DER result bad"
+ test_fail
+ fi
+}
+
+# Convert PEM file to DER
+#
+# @param [in] $* Command line parameters to pem example.
+convert_to_der() {
+ if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+ echo " $PEM_EXE $* -out $tmp_pem_file"
+ $PEM_EXE "$@" -out $tmp_der_file
+ if [ "$?" != "0" ]; then
+ echo " Failed to convert to DER"
+ test_fail
+ fi
+ check_der
+ fi
+}
+
+# Compare generated DER file to existing file.
+#
+# @param [in] $1 File to compare to.
+compare_der() {
+ diff $tmp_der_file $1
+ if [ "$?" != "0" ]; then
+ echo " Created DER file different from expected"
+ test_fail
+ fi
+}
+
+# Convert DER file to PEM
+#
+# PEM_TYPE contains PEM header to encode.
+#
+# @param [in] $* Command line parameters to pem example.
+convert_to_pem() {
+ if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+ echo " $PEM_EXE --der -t \"$PEM_TYPE\" $* -out $tmp_pem_file"
+ $PEM_EXE --der "$@" -t "$PEM_TYPE" -out $tmp_pem_file
+ if [ "$?" != "0" ]; then
+ test_fail
+ fi
+ fi
+}
+
+# Compare generated PEM file to existing file.
+compare_pem() {
+ diff $tmp_pem_file $1 >$tmp_file 2>&1
+ if [ "$?" != "0" ]; then
+ cat $tmp_file
+ echo
+ echo " Created PEM file different from expected"
+ test_fail
+ fi
+}
+
+# Convert to and from PEM and DER and compare to file containing expected DER.
+#
+# @param [in] $1 Name of PEM file to read.
+# @param [in] $2 Name of DER file to compare to.
+# @param [in] $3 PEM type expected in PEM file and to place in created PEM
+# file.
+pem_der_exp() {
+ if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+ PEM_FILE=$1
+ DER_FILE=$2
+ PEM_TYPE="$3"
+
+ # Convert PEM to DER
+ convert_to_der -in $PEM_FILE
+ if [ "$FAILED" = "" ]; then
+ # On success, compare to DER file.
+ compare_der $DER_FILE
+ fi
+ # Check if converting from DER to PEM is supported.
+ check_usage_string $DER_TO_PEM_STRING
+ if [ "$?" = "1" ]; then
+ if [ "$FAILED" = "" ]; then
+ # Convert expected DER file to PEM
+ convert_to_pem -in $DER_FILE
+ fi
+ if [ "$FAILED" = "" ]; then
+ # On success, compare to original PEM file.
+ compare_pem $PEM_FILE
+ fi
+ fi
+ fi
+}
+
+# Convert DER to encrypted PEM.
+#
+# @param [in] $@ Command line parameters to pem example when encrypting.
+der_pem_enc() {
+ PEM_TYPE="ENCRYPTED PRIVATE KEY"
+ convert_to_pem -in ./certs/server-key.der -p yassl123 "$@"
+ convert_to_der -in $tmp_pem_file -p yassl123
+}
+
+
+################################################################################
+
+# Check for pem example - can't test without it.
+if [ ! -x $PEM_EXE ]; then
+ echo "PEM example not available, won't run"
+ exit 77
+fi
+# Check for asn1 example - don't want to test without it.
+if [ ! -x $ASN1_EXE ]; then
+ echo "ASN.1 example not available, won't run"
+ exit 77
+fi
+
+# Check the available features compiled into pem example.
+echo "wolfSSL features:"
+check_usage_string $DER_TO_PEM_STRING
+if [ "$?" = "1" ]; then
+ echo " Conversion from DER to PEM support compiled in."
+else
+ echo " Conversion from DER to PEM support NOT compiled in."
+fi
+check_usage_string $ENC_STRING
+if [ "$?" = "1" ]; then
+ echo " Encryption support compiled in."
+else
+ echo " Encryption support NOT compiled in."
+fi
+echo
+
+# Command line parameters are test cases to run.
+while [ $# -gt 0 ]; do
+ TEST_CASE[${#TEST_CASE[@]}]=$1
+ RUN_ALL=
+ shift 1
+done
+
+
+test_setup "Convert PEM certificate (first of many) to DER"
+convert_to_der -in ./certs/server-cert.pem
+
+test_setup "Convert PEM certificate (second of many) to DER"
+convert_to_der -in ./certs/server-cert.pem --offset 6000
+
+test_setup "RSA private key"
+pem_der_exp ./certs/server-key.pem \
+ ./certs/server-key.der "RSA PRIVATE KEY"
+
+test_setup "RSA public key"
+pem_der_exp ./certs/server-keyPub.pem \
+ ./certs/server-keyPub.der "RSA PUBLIC KEY"
+
+test_setup "DH parameters"
+pem_der_exp ./certs/dh3072.pem \
+ ./certs/dh3072.der "DH PARAMETERS"
+
+test_setup "X9.42 parameters"
+pem_der_exp ./certs/x942dh2048.pem \
+ ./certs/x942dh2048.der "X9.42 DH PARAMETERS"
+
+USAGE_STRING=" DSA PARAMETERS"
+test_setup "DSA parameters"
+pem_der_exp ./certs/dsaparams.pem \
+ ./certs/dsaparams.der "DSA PARAMETERS"
+
+USAGE_STRING=" DSA PRIVATE KEY"
+test_setup "DSA private key"
+pem_der_exp ./certs/1024/dsa1024.pem \
+ ./certs/1024/dsa1024.der "DSA PRIVATE KEY"
+
+USAGE_STRING=" EC PRIVATE KEY"
+test_setup "ECC private key"
+pem_der_exp ./certs/ecc-keyPkcs8.pem \
+ ./certs/ecc-keyPkcs8.der "PRIVATE KEY"
+
+USAGE_STRING=" EC PRIVATE KEY"
+test_setup "EC PRIVATE KEY"
+pem_der_exp ./certs/ecc-privkey.pem \
+ ./certs/ecc-privkey.der "EC PRIVATE KEY"
+
+USAGE_STRING=" EC PARAMETERS"
+test_setup "ECC parameters"
+pem_der_exp ./certs/ecc-params.pem \
+ ./certs/ecc-params.der "EC PARAMETERS"
+
+test_setup "ECC public key"
+pem_der_exp ./certs/ecc-keyPub.pem \
+ ./certs/ecc-keyPub.der "PUBLIC KEY"
+
+test_setup "Ed25519 public key"
+pem_der_exp ./certs/ed25519/client-ed25519-key.pem \
+ ./certs/ed25519/client-ed25519-key.der 'PUBLIC KEY'
+
+test_setup "Ed25519 private key"
+pem_der_exp ./certs/ed25519/client-ed25519-priv.pem \
+ ./certs/ed25519/client-ed25519-priv.der 'PRIVATE KEY'
+
+USAGE_STRING=" EDDSA PRIVATE KEY"
+test_setup "EdDSA private key"
+pem_der_exp ./certs/ed25519/eddsa-ed25519.pem \
+ ./certs/ed25519/eddsa-ed25519.der 'EDDSA PRIVATE KEY'
+
+test_setup "Ed448 public key"
+pem_der_exp ./certs/ed448/client-ed448-key.pem \
+ ./certs/ed448/client-ed448-key.der 'PUBLIC KEY'
+
+test_setup "Ed448 private key"
+pem_der_exp ./certs/ed448/client-ed448-priv.pem \
+ ./certs/ed448/client-ed448-priv.der 'PRIVATE KEY'
+
+USAGE_STRING=" CERTIFICATE REQUEST"
+test_setup "Certificate Request"
+pem_der_exp ./certs/csr.dsa.pem \
+ ./certs/csr.dsa.der 'CERTIFICATE REQUEST'
+
+USAGE_STRING=" X509 CRL"
+test_setup "X509 CRL"
+pem_der_exp ./certs/crl/caEccCrl.pem \
+ ./certs/crl/caEccCrl.der 'X509 CRL'
+
+USAGE_STRING=$ENC_STRING
+test_setup "Encrypted Key with header"
+convert_to_der -in ./certs/server-keyEnc.pem -p yassl123 --padding
+
+USAGE_STRING=$ENC_STRING
+test_setup "Encrypted Key - PKCS#8"
+convert_to_der -in ./certs/server-keyPkcs8Enc.pem -p yassl123
+
+USAGE_STRING=$ENC_STRING
+test_setup "Encrypted Key - PKCS#8 (PKCS#12 PBE)"
+convert_to_der -in ./certs/server-keyPkcs8Enc12.pem -p yassl123
+
+USAGE_STRING="PBES1_MD5_DES"
+test_setup "Encrypted Key - PKCS#8 (PKCS#5 PBES1-MD5-DES)"
+convert_to_der -in ./certs/ecc-keyPkcs8Enc.pem -p yassl123
+
+USAGE_STRING=" DES3"
+test_setup "Encrypted Key - PKCS#8 (PKCS#5v2 PBE-SHA1-DES3)"
+convert_to_der -in ./certs/server-keyPkcs8Enc2.pem -p yassl123
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (Default: PKCS#5 PBES2 AES-256-CBC)"
+der_pem_enc
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 - Large salt"
+der_pem_enc -s 16
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 - 10000 iterations (DER encoding check)"
+der_pem_enc -i 10000
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 - 100 iterations (DER encoding check)"
+der_pem_enc -i 100
+
+USAGE_STRING="AES-128-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES2 AES-128-CBC)"
+der_pem_enc --pbe-alg AES-128-CBC
+
+USAGE_STRING="DES"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES2 DES)"
+der_pem_enc --pbe-alg DES
+
+
+USAGE_STRING="DES3"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES2 DES3)"
+der_pem_enc --pbe-alg DES3
+
+USAGE_STRING="PBES1_MD5_DES"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES1-MD5-DES)"
+der_pem_enc --pbe PBES1_MD5_DES
+
+USAGE_STRING="PBES1_SHA1_DES"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES1-SHA1-DES)"
+der_pem_enc --pbe PBES1_SHA1_DES
+
+USAGE_STRING=" SHA1_RC4_128"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#12 PBE-SHA1-RC4-128)"
+der_pem_enc --pbe-ver PKCS12 --pbe SHA1_RC4_128
+
+USAGE_STRING=" SHA1_DES3"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#12 PBE-SHA1-DES3)"
+der_pem_enc --pbe-ver PKCS12 --pbe SHA1_DES3
+
+USAGE_STRING="SHA1_40RC2_CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#12 PBE-SHA1-40RC2-CBC)"
+der_pem_enc --pbe-ver PKCS12 --pbe SHA1_40RC2_CBC
+
+# Note: PKCS#12 with SHA1_DES doesn't work as we encode as PKCS#5 SHA1_DES as
+# ids are the same
+
+
+# Report results
+echo
+if [ "$TEST_SKIP_CNT" = "0" ]; then
+ echo "RESULT: $TEST_PASS_CNT/$TEST_CNT (pass/total)"
+else
+ echo "RESULT: $TEST_PASS_CNT/$TEST_SKIP_CNT/$TEST_CNT (pass/skip/total)"
+fi
+if [ "$TEST_FAIL_CNT" != "0" ]; then
+ echo "FAILURES ($TEST_FAIL_CNT):$TEST_FAIL"
+else
+ echo "PASSED"
+fi
+
+# Cleanup temporaries
+do_cleanup
+
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh b/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh
index c58352a3..eac16097 100755
--- a/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh
@@ -1,4 +1,5 @@
#!/bin/bash
+#set -x
# Run this script from the wolfSSL root
if [ ! -f wolfssl/ssl.h ]; then
@@ -6,93 +7,110 @@ if [ ! -f wolfssl/ssl.h ]; then
exit 1
fi
-run_sequence() {
- if [ "$1" == "dh" ] || [ "$1" == "ecc" ]; then
- # TLS v1.3
- ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256
-
- ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384
-
- ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256
- fi
- if [ "$1" == "dh-resume" ] || [ "$1" == "ecc-resume" ]; then
- # TLS v1.3 Resumption
- ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r
-
- ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r
-
- ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r
- fi
+server_pid=0
+tcpdump_pid=0
- if [ "$1" == "x25519" ]; then
- # TLS v1.3
- ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+cleanup() {
+ if [ "$server_pid" -ne 0 ]; then kill $server_pid; server_pid=0; fi
+ if [ "$tcpdump_pid" -ne 0 ]; then sleep 1; kill -15 $tcpdump_pid; tcpdump_pid=0; fi
+}
+trap cleanup EXIT INT TERM HUP
- ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+set -o pipefail
+prepend() { # Usage: cmd 2>&1 | prepend "sometext "
+ while read line; do echo "${1}${line}"; done
+}
- ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+run_test() { # Usage: run_test <cipher> [serverArgs [clientArgs]]
+ echo "Running test $1"
+ CIPHER=$1
+ if [ "$CIPHER" != "" ]; then
+ CIPHER="-l $CIPHER"
fi
- # Run: with x25519_resume
- if [ "$1" == "x25519-resume" ]; then
- # TLS v1.3 Resumption
- ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
-
- ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
-
- ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
- sleep 0.1
- ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+ stdbuf -oL -eL ./examples/server/server -i -x $CIPHER $2 2>&1 | prepend "[server] " &
+ server_pid=$!
+ ((server_pid--)) # Get the first PID in the pipe
+ sleep 0.1
+ stdbuf -oL -eL ./examples/client/client $CIPHER $3 2>&1 | prepend "[client] "
+ RET=$?
+ if [ "$RET" != 0 ]; then
+ echo "Error in test: $RET"
+ exit $RET
fi
+ kill $server_pid; server_pid=0
+ echo "Test passed: $1"
+}
- # TLS v1.3 Hello Retry Request
- if [ "$1" == "hrr" ]; then
- # TLS v1.3 Hello Retry Request
- ./examples/server/server -v 4 -i -x -g &
- server_pid=$!
- sleep 0.1
- ./examples/client/client -v 4 -J
- kill $server_pid
+run_sequence() {
+ if [ "$1" == "tls13-dh" ] || [ "$1" == "tls13-ecc" ] || [ "$1" == "tls13-keylog" ]; then # TLS v1.3
+ run_test "TLS13-AES128-GCM-SHA256" "-v 4" "-v 4"
+ run_test "TLS13-AES256-GCM-SHA384" "-v 4" "-v 4"
+ run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4" "-v 4"
+ elif [ "$1" == "tls12" ] || [ "$1" == "tls12-keylog" ]; then # TLS v1.2
+ run_test "ECDHE-ECDSA-AES128-GCM-SHA256" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-key.pem -c ./certs/intermediate/server-chain-ecc.pem -V" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-client-key.pem -c ./certs/intermediate/client-chain-ecc.pem -C"
+ run_test "ECDHE-ECDSA-AES256-GCM-SHA384" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-key.pem -c ./certs/intermediate/server-chain-ecc.pem -V" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-client-key.pem -c ./certs/intermediate/client-chain-ecc.pem -C"
+ elif [ "$1" == "tls13-dh-resume" ] || [ "$1" == "tls13-ecc-resume" ]; then # TLS v1.3 Resumption
+ run_test "TLS13-AES128-GCM-SHA256" "-v 4 -r" "-v 4 -r"
+ run_test "TLS13-AES256-GCM-SHA384" "-v 4 -r" "-v 4 -r"
+ run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4 -r" "-v 4 -r"
+ elif [ "$1" == "tls13-x25519" ]; then # TLS v1.3
+ run_test "TLS13-AES128-GCM-SHA256" "-v 4 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+ run_test "TLS13-AES256-GCM-SHA384" "-v 4 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+ run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+ elif [ "$1" == "tls13-x25519-resume" ]; then # TLS v1.3 x25519 Resumption
+ run_test "TLS13-AES128-GCM-SHA256" "-v 4 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+ run_test "TLS13-AES256-GCM-SHA384" "-v 4 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+ run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+ elif [ "$1" == "tls13-hrr" ]; then # TLS v1.3 Hello Retry Request
+ run_test "" "-v 4 -g" "-v 4 -J"
+ else
+ echo "Invalid test"
+ exit 1
fi
- sleep 1
}
-run_capture(){
- echo -e "\nconfiguring and building wolfssl..."
- ./configure --enable-sniffer $2 1>/dev/null || exit $?
+
+run_capture() {
+ local config_flags=()
+ echo -e "\nconfiguring and building wolfssl ($1)..."
+
+ # Add default flags
+ config_flags+=(--enable-sniffer)
+
+ # If additional arguments are provided, add them to the array
+ if [ -n "$2" ]; then
+ # Convert string into an array, respecting quoted strings as a single element
+ eval "config_flags+=($2)"
+ fi
+
+ ./configure "${config_flags[@]}" 1>/dev/null || exit $?
make 1>/dev/null || exit $?
+
+ if [[ "$1" == "tls12-keylog" || "$1" == "tls13-keylog" ]]; then
+ rm -f ./sslkeylog.log
+ fi
+
echo "starting capture"
- tcpdump -i lo0 -nn port 11111 -w ./scripts/sniffer-tls13-$1.pcap &
+ tcpdump -i lo -n port 11111 -w ./scripts/sniffer-${1}.pcap -U &
tcpdump_pid=$!
run_sequence $1
- kill $tcpdump_pid
+ sleep 1
+ kill -15 $tcpdump_pid; tcpdump_pid=0
+
+ if [[ "$1" == "tls12-keylog" || "$1" == "tls13-keylog" ]]; then
+ cp ./sslkeylog.log ./scripts/sniffer-${1}.sslkeylog
+ fi
}
-run_capture "ecc" ""
-run_capture "ecc-resume" "--enable-session-ticket"
-run_capture "dh" "--disable-ecc"
-run_capture "dh-resume" "--disable-ecc --enable-session-ticket"
-run_capture "x25519" "--enable-curve25519 --disable-dh --disable-ecc"
-run_capture "x25519-resume" "--enable-curve25519 --disable-dh --disable-ecc --enable-session-ticket"
-run_capture "hrr" "--disable-dh CFLAGS=-DWOLFSSL_SNIFFER_WATCH"
+run_capture "tls12" ""
+run_capture "tls12-keylog" "--enable-enc-then-mac=no --enable-keylog-export CFLAGS='-Wno-cpp -DWOLFSSL_SNIFFER_KEYLOGFILE'"
+run_capture "tls13-keylog" "--enable-keylog-export CFLAGS='-Wno-cpp -DWOLFSSL_SNIFFER_KEYLOGFILE'"
+run_capture "tls13-ecc" ""
+run_capture "tls13-ecc-resume" "--enable-session-ticket"
+run_capture "tls13-dh" "--disable-ecc"
+run_capture "tls13-dh-resume" "--disable-ecc --enable-session-ticket"
+run_capture "tls13-x25519" "--enable-curve25519 --disable-dh --disable-ecc"
+run_capture "tls13-x25519-resume" "--enable-curve25519 --disable-dh --disable-ecc --enable-session-ticket"
+run_capture "tls13-hrr" "--disable-dh CFLAGS=-DWOLFSSL_SNIFFER_WATCH"
+
+echo "Tests passed in $SECONDS seconds"
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test b/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test
index 574ea93f..0be4587f 100755
--- a/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test
@@ -59,6 +59,12 @@ has_static_rsa=no
if [ $? -eq 0 ]; then
has_static_rsa=yes
fi
+# ./configure --enable-sniffer CFLAGS="-DWOLFSSL_SNIFFER_KEYLOGFILE"
+has_keylog=no
+./sslSniffer/sslSnifferTest/snifftest -? 2>&1 | grep -- 'ssl_keylog_file'
+if [ $? -eq 0 ]; then
+ has_keylog=yes
+fi
RESULT=0
@@ -66,8 +72,8 @@ RESULT=0
# TLS v1.2 Static RSA Test
if test $RESULT -eq 0 && test $has_rsa == yes && test $has_tlsv12 == yes && test $has_static_rsa == yes
then
- echo -e "\nStaring snifftest on testsuite.pcap...\n"
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-static-rsa.pcap ./certs/server-key.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-static-rsa.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-static-rsa.pcap -key ./certs/server-key.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest static RSA failed\n" && exit 1
@@ -76,17 +82,54 @@ fi
# TLS v1.2 Static RSA Test (IPv6)
if test $RESULT -eq 0 && test $has_rsa == yes && test $has_tlsv12 == yes && test $has_static_rsa == yes
then
- echo -e "\nStaring snifftest on sniffer-ipv6.pcap...\n"
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-ipv6.pcap ./certs/server-key.pem ::1 11111
+ echo -e "\nStarting snifftest on sniffer-ipv6.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-ipv6.pcap -key ./certs/server-key.pem -server ::1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest (ipv6) failed\n" && exit 1
fi
+# TLS v1.2 and v1.3 sniffer keylog file test: runs sniffer on pcap and associated keylog file and compares decrypted traffic with known good output.
+# To regenerate the known good output, run `scripts/sniffer-gen.sh` to regenerate the pcap and keylog file, then run the sniffer on it
+# with the same arguments as in the test below, but redirect output to `./scripts/sniffer-tls12-keylog.out`.
+if test $RESULT -eq 0 && test $has_keylog == yes
+then
+ for tlsver in tls12 tls13
+ do
+ # skip tls versions we don't have compiled-in support for
+ [[ $tlsver == "tls12" && $has_tlsv12 == "no" ]] && continue
+ [[ $tlsver == "tls13" && $has_tlsv13 == "no" ]] && continue
+
+ echo -e "\nStarting snifftest on sniffer-$tlsver-keylog.pcap...\n"
+
+ TMPFILE=$(mktemp)
+ RESULT=$?
+ [ $RESULT -ne 0 ] && echo -e "\n$tlsver snifftest keylog test failed: unable to create tmpfile\n" && rm $TMPFILE && exit 1
+
+ ./sslSniffer/sslSnifferTest/snifftest \
+ -pcap scripts/sniffer-$tlsver-keylog.pcap \
+ -keylogfile scripts/sniffer-$tlsver-keylog.sslkeylog \
+ -server 127.0.0.1 -port 11111 | tee $TMPFILE
+
+ RESULT=$?
+ [ $RESULT -ne 0 ] && echo -e "\n$tlsver snifftest keylog test failed: snifftest returned $RESULT\n" && rm $TMPFILE && exit 1
+
+ # use grep to only compare against decrypted output
+ SEARCH_STRING="SSL App Data"
+ grep "$SEARCH_STRING" $TMPFILE | diff - <(grep "$SEARCH_STRING" scripts/sniffer-$tlsver-keylog.out)
+
+ RESULT=$?
+ [ $RESULT -ne 0 ] && echo -e "\n$tlsver snifftest keylog test failed: snifftest diff returned $RESULT\n" && rm $TMPFILE && exit 1
+
+ rm $TMPFILE
+ done
+fi
+
# TLS v1.3 sniffer test ECC
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_ecc == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-ecc.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-ecc.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-ecc.pcap -key ./certs/statickeys/ecc-secp256r1.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 ECC failed\n" && exit 1
@@ -95,7 +138,8 @@ fi
# TLS v1.3 sniffer test DH
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_dh == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-dh.pcap ./certs/statickeys/dh-ffdhe2048.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-dh.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-dh.pcap -key ./certs/statickeys/dh-ffdhe2048.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 DH failed\n" && exit 1
@@ -104,7 +148,8 @@ fi
# TLS v1.3 sniffer test X25519
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_x25519 == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-x25519.pcap ./certs/statickeys/x25519.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-x25519.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-x25519.pcap -key ./certs/statickeys/x25519.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 X25519 failed\n" && exit 1
@@ -113,7 +158,8 @@ fi
# TLS v1.3 sniffer test ECC resumption
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_ecc == yes && test $session_ticket == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-ecc-resume.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-ecc-resume.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-ecc-resume.pcap -key ./certs/statickeys/ecc-secp256r1.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 ECC failed\n" && exit 1
@@ -122,7 +168,8 @@ fi
# TLS v1.3 sniffer test DH
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_dh == yes && test $session_ticket == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-dh-resume.pcap ./certs/statickeys/dh-ffdhe2048.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-dh-resume.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-dh-resume.pcap -key ./certs/statickeys/dh-ffdhe2048.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 DH failed\n" && exit 1
@@ -131,7 +178,8 @@ fi
# TLS v1.3 sniffer test X25519
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_x25519 == yes && test $session_ticket == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-x25519-resume.pcap ./certs/statickeys/x25519.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-x25519-resume.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-x25519-resume.pcap -key ./certs/statickeys/x25519.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 X25519 failed\n" && exit 1
@@ -140,12 +188,12 @@ fi
# TLS v1.3 sniffer test hello_retry_request (HRR) with ECDHE
if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_ecc == yes
then
- ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-hrr.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+ echo -e "\nStarting snifftest on sniffer-tls13-hrr.pcap...\n"
+ ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-hrr.pcap -key ./certs/statickeys/ecc-secp256r1.pem -server 127.0.0.1 -port 11111
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 HRR failed\n" && exit 1
fi
echo -e "\nSuccess!\n"
-
exit 0
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out
new file mode 100644
index 00000000..5c32c858
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out
@@ -0,0 +1,7 @@
+snifftest 5.6.3
+sniffer features: key_callback tls_v13 tls_v12 static_ephemeral sni extended_master rsa dh ecc rsa_static dh_static ssl_keylog_file
+
+SSL App Data(26:14):hello wolfssl!
+SSL App Data(27:22):I hear you fa shizzle!
+SSL App Data(57:14):hello wolfssl!
+SSL App Data(58:22):I hear you fa shizzle!
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcap b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcap
new file mode 100644
index 00000000..577e38ba
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcap
Binary files differ
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog
new file mode 100644
index 00000000..a2bcddaf
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog
@@ -0,0 +1,4 @@
+CLIENT_RANDOM 10b90b535c84a76d92d655789c6ae562c02448f6b1ad95eecf2b619a61cdff32 dbb3e0d1968e59f16259f5c86f10df10156d2002277984c19fd6ef187a98534d01df0cc617f6e4fe644bf45bb5c371e8
+CLIENT_RANDOM 10b90b535c84a76d92d655789c6ae562c02448f6b1ad95eecf2b619a61cdff32 dbb3e0d1968e59f16259f5c86f10df10156d2002277984c19fd6ef187a98534d01df0cc617f6e4fe644bf45bb5c371e8
+CLIENT_RANDOM 0b524527d36bef5e8537e8a728ddea96b3587c84329c0f1ff524f20589e08ee4 05aae5a9ea9cc56f61801189e867a00ca780e578389ba79a287da9e7c86198061fbed81b325b754091b7b96c37182ee9
+CLIENT_RANDOM 0b524527d36bef5e8537e8a728ddea96b3587c84329c0f1ff524f20589e08ee4 05aae5a9ea9cc56f61801189e867a00ca780e578389ba79a287da9e7c86198061fbed81b325b754091b7b96c37182ee9
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out
new file mode 100644
index 00000000..844e204b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out
@@ -0,0 +1,9 @@
+snifftest 5.6.3
+sniffer features: key_callback tls_v13 tls_v12 static_ephemeral sni extended_master rsa dh ecc rsa_static dh_static ssl_keylog_file
+
+SSL App Data(22:14):hello wolfssl!
+SSL App Data(24:22):I hear you fa shizzle!
+SSL App Data(50:14):hello wolfssl!
+SSL App Data(51:22):I hear you fa shizzle!
+SSL App Data(77:14):hello wolfssl!
+SSL App Data(78:22):I hear you fa shizzle!
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcap b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcap
new file mode 100644
index 00000000..a7dce5cb
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcap
Binary files differ
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog
new file mode 100644
index 00000000..8a557837
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog
@@ -0,0 +1,24 @@
+CLIENT_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 d7e90625f07d9ca3c09862eb23badbcfeadee90341564f0e08ccb6dca4169fa0
+CLIENT_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 d7e90625f07d9ca3c09862eb23badbcfeadee90341564f0e08ccb6dca4169fa0
+SERVER_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 6887aa8833f3c6e9b4d211e62f105100f1ec30a0e66e8bec08349388bbb1ea14
+SERVER_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 6887aa8833f3c6e9b4d211e62f105100f1ec30a0e66e8bec08349388bbb1ea14
+CLIENT_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 45d90c7debf4fa6123f86a229a6beacc3e4f6ccfa2fa9144f8822a31d1cd6887
+SERVER_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 5341d729eb66e2f098adc7b7fbf38efddf58cfd3946cfa45d5e43923d6d8d6e7
+CLIENT_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 45d90c7debf4fa6123f86a229a6beacc3e4f6ccfa2fa9144f8822a31d1cd6887
+SERVER_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 5341d729eb66e2f098adc7b7fbf38efddf58cfd3946cfa45d5e43923d6d8d6e7
+CLIENT_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 363cd576478d733f04895c0aff54f9393d542485548f29be71e43ea89c7ebbc7c527735ca97500a9bcc975e78c9fb59e
+SERVER_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 217e25b3934b5fcb9d7f78c26c2a4a3de048d3bf6defed80901971c69c9cf805a71a3b916e8c0d1bfc274b7e45231f00
+CLIENT_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 363cd576478d733f04895c0aff54f9393d542485548f29be71e43ea89c7ebbc7c527735ca97500a9bcc975e78c9fb59e
+SERVER_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 217e25b3934b5fcb9d7f78c26c2a4a3de048d3bf6defed80901971c69c9cf805a71a3b916e8c0d1bfc274b7e45231f00
+CLIENT_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 246b412ade0a21f52fd763996e07e55a12927bf342f00f26eea660803d79d31c9ccfbaca010ea2bae970cca15050af3a
+SERVER_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 19135dd5d1c271e50a7a1721a21258bfab412f2bd8d607397b09eca381785b77ec7e56b014c49776de76b6c9089a8ecc
+CLIENT_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 246b412ade0a21f52fd763996e07e55a12927bf342f00f26eea660803d79d31c9ccfbaca010ea2bae970cca15050af3a
+SERVER_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 19135dd5d1c271e50a7a1721a21258bfab412f2bd8d607397b09eca381785b77ec7e56b014c49776de76b6c9089a8ecc
+CLIENT_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 8b105eb411a40a629cb1cfd3163066f9e31863b5a01226c16ecbf95274022b7c
+SERVER_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 532d887bc52a937c6101278100eda09542affd953151e7484ef12ce653cc3afb
+CLIENT_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 8b105eb411a40a629cb1cfd3163066f9e31863b5a01226c16ecbf95274022b7c
+SERVER_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 532d887bc52a937c6101278100eda09542affd953151e7484ef12ce653cc3afb
+CLIENT_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 76ebcabed6ecf6bc7cdcc65bb15dba6d530f204b13486e926bb81a139d267240
+SERVER_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 7371413fec66d8e960bb284295514716c14c7aa451fb63f9d17aaa0c0fa8daa2
+CLIENT_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 76ebcabed6ecf6bc7cdcc65bb15dba6d530f204b13486e926bb81a139d267240
+SERVER_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 7371413fec66d8e960bb284295514716c14c7aa451fb63f9d17aaa0c0fa8daa2
diff --git a/extra/wolfssl/wolfssl/src/bio.c b/extra/wolfssl/wolfssl/src/bio.c
index 5f845cf0..85de16dd 100644
--- a/extra/wolfssl/wolfssl/src/bio.c
+++ b/extra/wolfssl/wolfssl/src/bio.c
@@ -1155,6 +1155,32 @@ long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **ptr)
return ret;
}
+#ifdef OPENSSL_ALL
+ int wolfSSL_BIO_set_mem_buf(WOLFSSL_BIO* bio, WOLFSSL_BUF_MEM* bufMem,
+ int closeFlag)
+ {
+ if (!bio || !bufMem ||
+ (closeFlag != BIO_NOCLOSE && closeFlag != BIO_CLOSE))
+ return BAD_FUNC_ARG;
+
+ if (bio->mem_buf)
+ if (closeFlag == BIO_CLOSE)
+ wolfSSL_BUF_MEM_free(bio->mem_buf);
+
+ bio->mem_buf = bufMem;
+ bio->shutdown = closeFlag;
+
+ bio->wrSz = (int)bio->mem_buf->length;
+ bio->wrSzReset = bio->wrSz;
+ bio->num = (int)bio->mem_buf->max;
+ bio->ptr = bio->mem_buf->data;
+ bio->wrIdx = 0;
+ bio->rdIdx = 0;
+
+ return WOLFSSL_SUCCESS;
+ }
+#endif
+
WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg)
{
(void) bp;
@@ -1937,10 +1963,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_md(void)
{
- static WOLFSSL_BIO_METHOD meth;
+ static WOLFSSL_BIO_METHOD meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_MD);
WOLFSSL_ENTER("wolfSSL_BIO_f_md");
- meth.type = WOLFSSL_BIO_MD;
return &meth;
}
@@ -1960,10 +1986,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void)
{
- static WOLFSSL_BIO_METHOD meth;
+ static WOLFSSL_BIO_METHOD meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_BUFFER);
WOLFSSL_ENTER("wolfSSL_BIO_f_buffer");
- meth.type = WOLFSSL_BIO_BUFFER;
return &meth;
}
@@ -1991,10 +2017,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_bio(void)
{
- static WOLFSSL_BIO_METHOD bio_meth;
+ static WOLFSSL_BIO_METHOD bio_meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_BIO);
WOLFSSL_ENTER("wolfSSL_BIO_s_bio");
- bio_meth.type = WOLFSSL_BIO_BIO;
return &bio_meth;
}
@@ -2003,10 +2029,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
#ifndef NO_FILESYSTEM
WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_file(void)
{
- static WOLFSSL_BIO_METHOD file_meth;
+ static WOLFSSL_BIO_METHOD file_meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_FILE);
WOLFSSL_ENTER("wolfSSL_BIO_s_file");
- file_meth.type = WOLFSSL_BIO_FILE;
return &file_meth;
}
@@ -2015,10 +2041,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void)
{
- static WOLFSSL_BIO_METHOD meth;
+ static WOLFSSL_BIO_METHOD meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_SSL);
WOLFSSL_ENTER("wolfSSL_BIO_f_ssl");
- meth.type = WOLFSSL_BIO_SSL;
return &meth;
}
@@ -2026,10 +2052,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void)
{
- static WOLFSSL_BIO_METHOD meth;
+ static WOLFSSL_BIO_METHOD meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_SOCKET);
WOLFSSL_ENTER("wolfSSL_BIO_s_socket");
- meth.type = WOLFSSL_BIO_SOCKET;
return &meth;
}
@@ -2069,9 +2095,15 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
bio->ip = (char*)XMALLOC((port - str) + 1, /* +1 for null char */
bio->heap, DYNAMIC_TYPE_OPENSSL);
- XMEMCPY(bio->ip, str, port - str);
- bio->ip[port - str] = '\0';
- bio->type = WOLFSSL_BIO_SOCKET;
+ if (bio->ip != NULL) {
+ XMEMCPY(bio->ip, str, port - str);
+ bio->ip[port - str] = '\0';
+ bio->type = WOLFSSL_BIO_SOCKET;
+ }
+ else {
+ BIO_free(bio);
+ bio = NULL;
+ }
}
return bio;
}
@@ -2328,14 +2360,13 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
return WOLFSSL_SUCCESS;
}
- WOLFSSL_BIO* wolfSSL_BIO_new_ssl_connect(WOLFSSL_CTX* ctx)
+ WOLFSSL_BIO* wolfSSL_BIO_new_ssl(WOLFSSL_CTX* ctx, int client)
{
WOLFSSL* ssl = NULL;
WOLFSSL_BIO* sslBio = NULL;
- WOLFSSL_BIO* connBio = NULL;
int err = 0;
- WOLFSSL_ENTER("wolfSSL_BIO_new_ssl_connect");
+ WOLFSSL_ENTER("wolfSSL_BIO_new_ssl");
if (ctx == NULL) {
WOLFSSL_MSG("ctx is NULL.");
@@ -2356,11 +2387,46 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
err = 1;
}
}
+ if (err == 0) {
+ if (!client)
+ wolfSSL_set_accept_state(ssl);
+ else
+ wolfSSL_set_connect_state(ssl);
+ }
if (err == 0 && wolfSSL_BIO_set_ssl(sslBio, ssl, BIO_CLOSE) !=
WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Failed to set SSL pointer in BIO.");
err = 1;
}
+
+ if (err) {
+ wolfSSL_free(ssl);
+ wolfSSL_BIO_free(sslBio);
+ }
+
+ return sslBio;
+ }
+
+ WOLFSSL_BIO* wolfSSL_BIO_new_ssl_connect(WOLFSSL_CTX* ctx)
+ {
+ WOLFSSL_BIO* sslBio = NULL;
+ WOLFSSL_BIO* connBio = NULL;
+ int err = 0;
+
+ WOLFSSL_ENTER("wolfSSL_BIO_new_ssl_connect");
+
+ if (ctx == NULL) {
+ WOLFSSL_MSG("ctx is NULL.");
+ err = 1;
+ }
+
+ if (err == 0) {
+ sslBio = wolfSSL_BIO_new_ssl(ctx, 1);
+ if (sslBio == NULL) {
+ WOLFSSL_MSG("Failed to create SSL BIO.");
+ err = 1;
+ }
+ }
if (err == 0) {
connBio = wolfSSL_BIO_new(wolfSSL_BIO_s_socket());
if (connBio == NULL) {
@@ -2373,7 +2439,6 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
}
if (err == 1) {
- wolfSSL_free(ssl);
wolfSSL_BIO_free(sslBio);
sslBio = NULL;
wolfSSL_BIO_free(connBio);
@@ -2738,10 +2803,10 @@ WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO* bio)
WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void)
{
- static WOLFSSL_BIO_METHOD meth;
+ static WOLFSSL_BIO_METHOD meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_MEMORY);
WOLFSSL_ENTER("wolfSSL_BIO_s_mem");
- meth.type = WOLFSSL_BIO_MEMORY;
return &meth;
}
@@ -2749,10 +2814,10 @@ WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void)
WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void)
{
- static WOLFSSL_BIO_METHOD meth;
+ static WOLFSSL_BIO_METHOD meth =
+ WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_BASE64);
WOLFSSL_ENTER("wolfSSL_BIO_f_base64");
- meth.type = WOLFSSL_BIO_BASE64;
return &meth;
}
@@ -3213,6 +3278,26 @@ int wolfSSL_BIO_should_retry(WOLFSSL_BIO *bio)
return ret;
}
+int wolfSSL_BIO_should_read(WOLFSSL_BIO *bio)
+{
+ int ret = 0;
+ if (bio != NULL) {
+ ret = (int)(bio->flags & WOLFSSL_BIO_FLAG_READ);
+ }
+
+ return ret;
+}
+
+int wolfSSL_BIO_should_write(WOLFSSL_BIO *bio)
+{
+ int ret = 0;
+ if (bio != NULL) {
+ ret = (int)(bio->flags & WOLFSSL_BIO_FLAG_WRITE);
+ }
+
+ return ret;
+}
+
#endif /* OPENSSL_ALL */
#endif /* WOLFSSL_BIO_INCLUDED */
diff --git a/extra/wolfssl/wolfssl/src/conf.c b/extra/wolfssl/wolfssl/src/conf.c
index 6ad5b640..cfc6085a 100644
--- a/extra/wolfssl/wolfssl/src/conf.c
+++ b/extra/wolfssl/wolfssl/src/conf.c
@@ -143,7 +143,7 @@ WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num)
failed = 0;
error:
if (failed && ret) {
- XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL);
+ wolfSSL_TXT_DB_free(ret);
ret = NULL;
}
if (buf) {
@@ -458,6 +458,7 @@ int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf,
}
if (wolfSSL_sk_CONF_VALUE_push(conf->data, value) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error");
+ wolfssl_sk_pop_type(sk, STACK_TYPE_CONF_VALUE);
return WOLFSSL_FAILURE;
}
@@ -743,7 +744,7 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
strIdx += 2;
startIdx = strIdx;
}
- while (*strIdx && (XISALNUM((int)(*strIdx)) || *strIdx == '_'))
+ while (*strIdx && (XISALNUM((unsigned char)*strIdx) || *strIdx == '_'))
strIdx++;
endIdx = strIdx;
if (startIdx == endIdx) {
@@ -948,6 +949,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
if (wolfSSL_CONF_add_string(conf, section, newVal) !=
WOLFSSL_SUCCESS) {
+ wolfSSL_X509V3_conf_free(newVal);
WOLFSSL_MSG("wolfSSL_CONF_add_string error");
goto cleanup;
}
diff --git a/extra/wolfssl/wolfssl/src/crl.c b/extra/wolfssl/wolfssl/src/crl.c
index 559e459c..9c847b8c 100644
--- a/extra/wolfssl/wolfssl/src/crl.c
+++ b/extra/wolfssl/wolfssl/src/crl.c
@@ -28,6 +28,9 @@ CRL Options:
* CRL_MAX_REVOKED_CERTS: default: 4
* Specifies the number of buffers to hold RevokedCerts.
* The default value is set to 4.
+ * CRL_REPORT_LOAD_ERRORS: default: off
+ * Return any errors encountered during loading CRL
+ * from a directory.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -46,10 +49,11 @@ CRL Options:
#endif
#ifdef HAVE_CRL_MONITOR
- #if (defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__))
- static int StopMonitor(int mfd);
+ #if defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__) || \
+ defined(_MSC_VER)
+ static int StopMonitor(wolfSSL_CRL_mfd_t mfd);
#else
- #error "CRL monitor only currently supported on linux or mach"
+ #error "CRL monitor only currently supported on linux or mach or windows"
#endif
#endif /* HAVE_CRL_MONITOR */
@@ -68,18 +72,18 @@ int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm)
crl->monitors[0].path = NULL;
crl->monitors[1].path = NULL;
#ifdef HAVE_CRL_MONITOR
- crl->tid = 0;
- crl->mfd = -1; /* mfd for bsd is kqueue fd, eventfd for linux */
- crl->setup = 0; /* thread setup done predicate */
- if (pthread_cond_init(&crl->cond, 0) != 0) {
- WOLFSSL_MSG("Pthread condition init failed");
+ crl->tid = INVALID_THREAD_VAL;
+ crl->mfd = WOLFSSL_CRL_MFD_INIT_VAL;
+ crl->setup = 0; /* thread setup done predicate */
+ if (wolfSSL_CondInit(&crl->cond) != 0) {
+ WOLFSSL_MSG("thread condition init failed");
return BAD_COND_E;
}
#endif
#ifdef HAVE_CRL_IO
crl->crlIOCb = NULL;
#endif
- if (wc_InitMutex(&crl->crlLock) != 0) {
+ if (wc_InitRwLock(&crl->crlLock) != 0) {
WOLFSSL_MSG("Init Mutex failed");
return BAD_MUTEX_E;
}
@@ -164,9 +168,23 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
return 0;
}
+static CRL_Entry* CRL_Entry_new(void* heap)
+{
+ CRL_Entry* crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), heap,
+ DYNAMIC_TYPE_CRL_ENTRY);
+ if (crle != NULL) {
+ XMEMSET(crle, 0, sizeof(CRL_Entry));
+ if (wc_InitMutex(&crle->verifyMutex) != 0) {
+ XFREE(crle, heap, DYNAMIC_TYPE_CRL_ENTRY);
+ crle = NULL;
+ }
+ }
+ (void)heap;
+ return crle;
+}
/* Free all CRL Entry resources */
-static void FreeCRL_Entry(CRL_Entry* crle, void* heap)
+static void CRL_Entry_free(CRL_Entry* crle, void* heap)
{
#ifdef CRL_STATIC_REVOKED_LIST
if (crle != NULL) {
@@ -194,16 +212,21 @@ static void FreeCRL_Entry(CRL_Entry* crle, void* heap)
XFREE(crle->issuer, heap, DYNAMIC_TYPE_X509);
}
#endif
+ wc_FreeMutex(&crle->verifyMutex);
+ XFREE(crle, heap, DYNAMIC_TYPE_CRL_ENTRY);
(void)heap;
}
-
/* Free all CRL resources */
void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
{
- CRL_Entry* tmp = crl->crlList;
+ CRL_Entry* tmp;
+
+ if (crl == NULL)
+ return;
+ tmp = crl->crlList;
WOLFSSL_ENTER("FreeCRL");
if (crl->monitors[0].path)
XFREE(crl->monitors[0].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
@@ -215,37 +238,34 @@ void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
crl->currentEntry = NULL;
while(tmp) {
CRL_Entry* next = tmp->next;
- FreeCRL_Entry(tmp, crl->heap);
- XFREE(tmp, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
+ CRL_Entry_free(tmp, crl->heap);
tmp = next;
}
#ifdef HAVE_CRL_MONITOR
- if (crl->tid != 0) {
+ if (crl->tid != INVALID_THREAD_VAL) {
WOLFSSL_MSG("stopping monitor thread");
if (StopMonitor(crl->mfd) == 0) {
- int _pthread_ret = pthread_join(crl->tid, NULL);
- if (_pthread_ret != 0)
- WOLFSSL_MSG("stop monitor failed in pthread_join");
+ if (wolfSSL_JoinThread(crl->tid) != 0)
+ WOLFSSL_MSG("stop monitor failed in wolfSSL_JoinThread");
}
else {
WOLFSSL_MSG("stop monitor failed");
}
}
- {
- int _pthread_ret = pthread_cond_destroy(&crl->cond);
- if (_pthread_ret != 0)
- WOLFSSL_MSG("pthread_cond_destroy failed in FreeCRL");
- }
+ if (wolfSSL_CondFree(&crl->cond) != 0)
+ WOLFSSL_MSG("wolfSSL_CondFree failed in FreeCRL");
#endif
- wc_FreeMutex(&crl->crlLock);
+ wc_FreeRwLock(&crl->crlLock);
if (dynamic) /* free self */
XFREE(crl, crl->heap, DYNAMIC_TYPE_CRL);
}
-static int FindRevokedSerial(DecodedCert* cert, RevokedCert* rc, int totalCerts)
+static int FindRevokedSerial(RevokedCert* rc, byte* serial, int serialSz,
+ byte* serialHash, int totalCerts)
{
int ret = 0;
+ byte hash[SIGNER_DIGEST_SIZE];
#ifdef CRL_STATIC_REVOKED_LIST
/* do binary search */
int low, high, mid;
@@ -256,11 +276,10 @@ static int FindRevokedSerial(DecodedCert* cert, RevokedCert* rc, int totalCerts)
while (low <= high) {
mid = (low + high) / 2;
- if (XMEMCMP(rc[mid].serialNumber, cert->serial, rc->serialSz) < 0) {
+ if (XMEMCMP(rc[mid].serialNumber, serial, rc->serialSz) < 0) {
low = mid + 1;
}
- else if (XMEMCMP(rc[mid].serialNumber, cert->serial,
- rc->serialSz) > 0) {
+ else if (XMEMCMP(rc[mid].serialNumber, serial, rc->serialSz) > 0) {
high = mid - 1;
}
else {
@@ -274,119 +293,95 @@ static int FindRevokedSerial(DecodedCert* cert, RevokedCert* rc, int totalCerts)
/* search in the linked list*/
while (rc) {
- if (rc->serialSz == cert->serialSz &&
- XMEMCMP(rc->serialNumber, cert->serial, rc->serialSz) == 0) {
- WOLFSSL_MSG("Cert revoked");
- ret = CRL_CERT_REVOKED;
- break;
+ if (serialHash == NULL) {
+ if (rc->serialSz == serialSz &&
+ XMEMCMP(rc->serialNumber, serial, rc->serialSz) == 0) {
+ WOLFSSL_MSG("Cert revoked");
+ ret = CRL_CERT_REVOKED;
+ break;
+ }
+ }
+ else {
+ ret = CalcHashId(rc->serialNumber, rc->serialSz, hash);
+ if (ret != 0)
+ break;
+ if (XMEMCMP(hash, serialHash, SIGNER_DIGEST_SIZE) == 0) {
+ WOLFSSL_MSG("Cert revoked");
+ ret = CRL_CERT_REVOKED;
+ break;
+ }
}
rc = rc->next;
}
#endif
return ret;
}
-static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntry)
+
+static int VerifyCRLE(const WOLFSSL_CRL* crl, CRL_Entry* crle)
+{
+ Signer* ca = NULL;
+ SignatureCtx sigCtx;
+ int ret = 0;
+
+#ifndef NO_SKID
+ if (crle->extAuthKeyIdSet)
+ ca = GetCA(crl->cm, crle->extAuthKeyId);
+ if (ca == NULL)
+ ca = GetCAByName(crl->cm, crle->issuerHash);
+#else /* NO_SKID */
+ ca = GetCA(crl->cm, crle->issuerHash);
+#endif /* NO_SKID */
+ if (ca == NULL) {
+ WOLFSSL_MSG("Did NOT find CRL issuer CA");
+ return ASN_CRL_NO_SIGNER_E;
+ }
+
+ ret = VerifyCRL_Signature(&sigCtx, crle->toBeSigned, crle->tbsSz,
+ crle->signature, crle->signatureSz, crle->signatureOID, ca,
+ crl->heap);
+
+ if (ret == 0)
+ crle->verified = 1;
+ else
+ crle->verified = ret;
+
+ return ret;
+}
+
+static int CheckCertCRLList(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
+ int serialSz, byte* serialHash, int *pFoundEntry)
{
CRL_Entry* crle;
int foundEntry = 0;
int ret = 0;
- if (wc_LockMutex(&crl->crlLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex failed");
+ if (wc_LockRwLock_Rd(&crl->crlLock) != 0) {
+ WOLFSSL_MSG("wc_LockRwLock_Rd failed");
return BAD_MUTEX_E;
}
- crle = crl->crlList;
-
- while (crle) {
- if (XMEMCMP(crle->issuerHash, cert->issuerHash, CRL_DIGEST_SIZE) == 0) {
+ for (crle = crl->crlList; crle != NULL; crle = crle->next) {
+ if (XMEMCMP(crle->issuerHash, issuerHash, CRL_DIGEST_SIZE) == 0) {
WOLFSSL_MSG("Found CRL Entry on list");
if (crle->verified == 0) {
- Signer* ca = NULL;
- #ifndef NO_SKID
- byte extAuthKeyId[KEYID_SIZE];
- #endif
- byte issuerHash[CRL_DIGEST_SIZE];
- byte* tbs;
- word32 tbsSz = crle->tbsSz;
- byte* sig = NULL;
- word32 sigSz = crle->signatureSz;
- word32 sigOID = crle->signatureOID;
- SignatureCtx sigCtx;
-
- tbs = (byte*)XMALLOC(tbsSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- if (tbs == NULL) {
- wc_UnLockMutex(&crl->crlLock);
- return MEMORY_E;
- }
- sig = (byte*)XMALLOC(sigSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- if (sig == NULL) {
- XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- wc_UnLockMutex(&crl->crlLock);
- return MEMORY_E;
- }
-
- XMEMCPY(tbs, crle->toBeSigned, tbsSz);
- XMEMCPY(sig, crle->signature, sigSz);
- #ifndef NO_SKID
- XMEMCPY(extAuthKeyId, crle->extAuthKeyId,
- sizeof(extAuthKeyId));
- #endif
- XMEMCPY(issuerHash, crle->issuerHash, sizeof(issuerHash));
-
- wc_UnLockMutex(&crl->crlLock);
-
- #ifndef NO_SKID
- if (crle->extAuthKeyIdSet)
- ca = GetCA(crl->cm, extAuthKeyId);
- if (ca == NULL)
- ca = GetCAByName(crl->cm, issuerHash);
- #else /* NO_SKID */
- ca = GetCA(crl->cm, issuerHash);
- #endif /* NO_SKID */
- if (ca == NULL) {
- XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- WOLFSSL_MSG("Did NOT find CRL issuer CA");
- return ASN_CRL_NO_SIGNER_E;
+ if (wc_LockMutex(&crle->verifyMutex) != 0) {
+ WOLFSSL_MSG("wc_LockMutex failed");
+ break;
}
- ret = VerifyCRL_Signature(&sigCtx, tbs, tbsSz, sig, sigSz,
- sigOID, ca, crl->heap);
-
- XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
+ /* A different thread may have verified the entry while we were
+ * waiting for the mutex. */
+ if (crle->verified == 0)
+ ret = VerifyCRLE(crl, crle);
- if (wc_LockMutex(&crl->crlLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex failed");
- return BAD_MUTEX_E;
- }
+ wc_UnLockMutex(&crle->verifyMutex);
- crle = crl->crlList;
- while (crle) {
- if (XMEMCMP(crle->issuerHash, cert->issuerHash,
- CRL_DIGEST_SIZE) == 0) {
-
- if (ret == 0)
- crle->verified = 1;
- else
- crle->verified = ret;
-
- XFREE(crle->toBeSigned, crl->heap,
- DYNAMIC_TYPE_CRL_ENTRY);
- crle->toBeSigned = NULL;
- XFREE(crle->signature, crl->heap,
- DYNAMIC_TYPE_CRL_ENTRY);
- crle->signature = NULL;
- break;
- }
- crle = crle->next;
- }
- if (crle == NULL || crle->verified < 0)
+ if (ret != 0)
break;
}
- else if (crle->verified < 0) {
+
+ if (crle->verified < 0) {
WOLFSSL_MSG("Cannot use CRL as it didn't verify");
ret = crle->verified;
break;
@@ -398,7 +393,7 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
if (crle->nextDateFormat != ASN_OTHER_TYPE)
#endif
{
- #ifndef NO_ASN_TIME
+ #if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
if (!XVALIDATE_DATE(crle->nextDate,crle->nextDateFormat, AFTER)) {
WOLFSSL_MSG("CRL next date is no longer valid");
ret = ASN_AFTER_DATE_E;
@@ -407,52 +402,58 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
}
if (ret == 0) {
foundEntry = 1;
+ ret = FindRevokedSerial(crle->certs, serial, serialSz,
+ serialHash, crle->totalCerts);
+ if (ret != 0)
+ break;
}
- break;
}
- crle = crle->next;
}
- if (foundEntry) {
- ret = FindRevokedSerial(cert, crle->certs, crle->totalCerts);
- }
-
- wc_UnLockMutex(&crl->crlLock);
+ wc_UnLockRwLock(&crl->crlLock);
*pFoundEntry = foundEntry;
return ret;
}
-/* Is the cert ok with CRL, return 0 on success */
-int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
+int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
+ int serialSz, byte* serialHash, const byte* extCrlInfo,
+ int extCrlInfoSz, void* issuerName)
{
int foundEntry = 0;
int ret = 0;
WOLFSSL_ENTER("CheckCertCRL");
+ (void)issuerName;
+
+ if ((serial == NULL || serialSz == 0) && serialHash == NULL) {
+ WOLFSSL_MSG("Either serial or hash has to be provided");
+ return BUFFER_ERROR;
+ }
#ifdef WOLFSSL_CRL_ALLOW_MISSING_CDP
/* Skip CRL verification in case no CDP in peer cert */
- if (!cert->extCrlInfo) {
+ if (!extCrlInfo) {
return ret;
}
#endif
- ret = CheckCertCRLList(crl, cert, &foundEntry);
+ ret = CheckCertCRLList(crl, issuerHash, serial, serialSz, serialHash,
+ &foundEntry);
#ifdef HAVE_CRL_IO
if (foundEntry == 0) {
/* perform embedded lookup */
if (crl->crlIOCb) {
- ret = crl->crlIOCb(crl, (const char*)cert->extCrlInfo,
- cert->extCrlInfoSz);
+ ret = crl->crlIOCb(crl, (const char*)extCrlInfo, extCrlInfoSz);
if (ret == WOLFSSL_CBIO_ERR_WANT_READ) {
ret = OCSP_WANT_READ;
}
else if (ret >= 0) {
/* try again */
- ret = CheckCertCRLList(crl, cert, &foundEntry);
+ ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
+ serialHash, &foundEntry);
}
}
}
@@ -469,10 +470,11 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
if ((foundEntry == 0) && (ret != OCSP_WANT_READ)) {
if (crl->cm->x509_store_p != NULL) {
ret = LoadCertByIssuer(crl->cm->x509_store_p,
- (WOLFSSL_X509_NAME*)cert->issuerName, X509_LU_CRL);
+ (WOLFSSL_X509_NAME*)issuerName, X509_LU_CRL);
if (ret == WOLFSSL_SUCCESS) {
/* try again */
- ret = CheckCertCRLList(crl, cert, &foundEntry);
+ ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
+ serialHash, &foundEntry);
}
}
}
@@ -488,10 +490,10 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
WOLFSSL_MSG("Issuing missing CRL callback");
url[0] = '\0';
- if (cert->extCrlInfo) {
- if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
- XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
- url[cert->extCrlInfoSz] = '\0';
+ if (extCrlInfo) {
+ if (extCrlInfoSz < (int)sizeof(url) -1 ) {
+ XMEMCPY(url, extCrlInfo, extCrlInfoSz);
+ url[extCrlInfoSz] = '\0';
}
else {
WOLFSSL_MSG("CRL url too long");
@@ -505,6 +507,18 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
return ret;
}
+/* Is the cert ok with CRL, return 0 on success */
+int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
+{
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+ void* issuerName = cert->issuerName;
+#else
+ void* issuerName = NULL;
+#endif
+ return CheckCertCRL_ex(crl, cert->issuerHash, cert->serial, cert->serialSz,
+ NULL, cert->extCrlInfo, cert->extCrlInfoSz, issuerName);
+}
+
/* Add Decoded CRL, 0 on success */
static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
@@ -520,8 +534,7 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
crle = crl->currentEntry;
if (crle == NULL) {
- crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), crl->heap,
- DYNAMIC_TYPE_CRL_ENTRY);
+ crle = CRL_Entry_new(crl->heap);
if (crle == NULL) {
WOLFSSL_MSG("alloc CRL Entry failed");
return MEMORY_E;
@@ -530,25 +543,19 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
if (InitCRL_Entry(crle, dcrl, buff, verified, crl->heap) < 0) {
WOLFSSL_MSG("Init CRL Entry failed");
- FreeCRL_Entry(crle, crl->heap);
- if (crle != crl->currentEntry) {
- XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- }
+ CRL_Entry_free(crle, crl->heap);
return -1;
}
- if (wc_LockMutex(&crl->crlLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex failed");
- FreeCRL_Entry(crle, crl->heap);
- if (crle != crl->currentEntry) {
- XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
- }
+ if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
+ WOLFSSL_MSG("wc_LockRwLock_Wr failed");
+ CRL_Entry_free(crle, crl->heap);
return BAD_MUTEX_E;
}
crle->next = crl->crlList;
crl->crlList = crle;
- wc_UnLockMutex(&crl->crlLock);
+ wc_UnLockRwLock(&crl->crlLock);
/* Avoid heap-use-after-free after crl->crlList is released */
crl->currentEntry = NULL;
@@ -599,8 +606,7 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
}
#endif
- crl->currentEntry = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), crl->heap,
- DYNAMIC_TYPE_CRL_ENTRY);
+ crl->currentEntry = CRL_Entry_new(crl->heap);
if (crl->currentEntry == NULL) {
WOLFSSL_MSG("alloc CRL Entry failed");
#ifdef WOLFSSL_SMALL_STACK
@@ -609,20 +615,20 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
FreeDer(&der);
return MEMORY_E;
}
- XMEMSET(crl->currentEntry, 0, sizeof(CRL_Entry));
InitDecodedCRL(dcrl, crl->heap);
ret = ParseCRL(crl->currentEntry->certs, dcrl, myBuffer, (word32)sz,
verify, crl->cm);
if (ret != 0 && !(ret == ASN_CRL_NO_SIGNER_E && verify == NO_VERIFY)) {
WOLFSSL_MSG("ParseCRL error");
- XFREE(crl->currentEntry, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
+ CRL_Entry_free(crl->currentEntry, crl->heap);
crl->currentEntry = NULL;
}
else {
ret = AddCRL(crl, dcrl, myBuffer, ret != ASN_CRL_NO_SIGNER_E);
if (ret != 0) {
WOLFSSL_MSG("AddCRL error");
+ crl->currentEntry = NULL;
}
}
@@ -701,75 +707,49 @@ static RevokedCert *DupRevokedCertList(RevokedCert* in, void* heap)
static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap)
{
CRL_Entry *dupl;
+ const size_t copyOffset = OFFSETOF(CRL_Entry, verifyMutex) +
+ sizeof(ent->verifyMutex);
#ifdef CRL_STATIC_REVOKED_LIST
if (ent->totalCerts > CRL_MAX_REVOKED_CERTS) {
return NULL;
}
#endif
- dupl = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), heap, DYNAMIC_TYPE_CRL_ENTRY);
+ dupl = CRL_Entry_new(heap);
if (dupl == NULL) {
WOLFSSL_MSG("alloc CRL Entry failed");
return NULL;
}
- XMEMSET(dupl, 0, sizeof(CRL_Entry));
- XMEMCPY(dupl->issuerHash, ent->issuerHash, CRL_DIGEST_SIZE);
- XMEMCPY(dupl->lastDate, ent->lastDate, MAX_DATE_SIZE);
- XMEMCPY(dupl->nextDate, ent->nextDate, MAX_DATE_SIZE);
- dupl->lastDateFormat = ent->lastDateFormat;
- dupl->nextDateFormat = ent->nextDateFormat;
+ XMEMCPY((byte*)dupl + copyOffset, (byte*)ent + copyOffset,
+ sizeof(CRL_Entry) - copyOffset);
-#if defined(OPENSSL_EXTRA)
- dupl->lastDateAsn1.length = MAX_DATE_SIZE;
- XMEMCPY (dupl->lastDateAsn1.data, dupl->lastDate,
- dupl->lastDateAsn1.length);
- dupl->lastDateAsn1.type = dupl->lastDateFormat;
- dupl->nextDateAsn1.length = MAX_DATE_SIZE;
- XMEMCPY (dupl->nextDateAsn1.data, dupl->nextDate,
- dupl->nextDateAsn1.length);
- dupl->nextDateAsn1.type = dupl->nextDateFormat;
-#endif
-
-#ifdef CRL_STATIC_REVOKED_LIST
- XMEMCPY(dupl->certs, ent->certs, ent->totalCerts*sizeof(RevokedCert));
-#else
+#ifndef CRL_STATIC_REVOKED_LIST
dupl->certs = DupRevokedCertList(ent->certs, heap);
#endif
- dupl->totalCerts = ent->totalCerts;
- dupl->verified = ent->verified;
+#ifdef OPENSSL_EXTRA
+ dupl->issuer = wolfSSL_X509_NAME_dup(ent->issuer);
+#endif
if (!ent->verified) {
- dupl->tbsSz = ent->tbsSz;
- dupl->signatureSz = ent->signatureSz;
- dupl->signatureOID = ent->signatureOID;
dupl->toBeSigned = (byte*)XMALLOC(dupl->tbsSz, heap,
DYNAMIC_TYPE_CRL_ENTRY);
- if (dupl->toBeSigned == NULL) {
- FreeCRL_Entry(dupl, heap);
- XFREE(dupl, heap, DYNAMIC_TYPE_CRL_ENTRY);
- return NULL;
- }
-
dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap,
DYNAMIC_TYPE_CRL_ENTRY);
- if (dupl->signature == NULL) {
- FreeCRL_Entry(dupl, heap);
- XFREE(dupl, heap, DYNAMIC_TYPE_CRL_ENTRY);
+ if (dupl->toBeSigned == NULL || dupl->signature == NULL) {
+ CRL_Entry_free(dupl, heap);
return NULL;
}
XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz);
XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz);
- #ifndef NO_SKID
- dupl->extAuthKeyIdSet = ent->extAuthKeyIdSet;
- if (dupl->extAuthKeyIdSet)
- XMEMCPY(dupl->extAuthKeyId, ent->extAuthKeyId, KEYID_SIZE);
- #endif
}
else {
dupl->toBeSigned = NULL;
dupl->tbsSz = 0;
dupl->signature = NULL;
dupl->signatureSz = 0;
+#if !defined(NO_SKID) && !defined(NO_ASN)
+ dupl->extAuthKeyIdSet = 0;
+#endif
}
return dupl;
@@ -781,33 +761,26 @@ static CRL_Entry* DupCRL_list(CRL_Entry* crl, void* heap)
{
CRL_Entry* current;
CRL_Entry* head = NULL;
- CRL_Entry* prev = NULL;
+ CRL_Entry** prev = &head;
- current = crl;
- while (current != NULL) {
+ for (current = crl; current != NULL; current = current->next) {
CRL_Entry* tmp = DupCRL_Entry(current, heap);
if (tmp != NULL) {
- tmp->next = NULL;
- if (head == NULL)
- head = tmp;
- if (prev != NULL)
- prev->next = tmp;
- prev = tmp;
+ *prev = tmp;
+ prev = &tmp->next;
}
else {
WOLFSSL_MSG("Failed to allocate new CRL_Entry structure");
/* free up any existing list */
while (head != NULL) {
- current = head;
- head = head->next;
- FreeCRL_Entry(current, heap);
- XFREE(current, heap, DYNAMIC_TYPE_CRL_ENTRY);
+ CRL_Entry* next = head->next;
+ CRL_Entry_free(head, heap);
+ head = next;
}
-
return NULL;
}
- current = current->next;
}
+
return head;
}
@@ -860,8 +833,8 @@ static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl)
/* returns WOLFSSL_SUCCESS on success. Does not take ownership of newcrl */
int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl)
{
- CRL_Entry *crle;
WOLFSSL_X509_CRL *crl;
+ int ret = 0;
WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl");
if (store == NULL || newcrl == NULL || store->cm == NULL)
@@ -870,11 +843,17 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
if (store->cm->crl == NULL) {
crl = wolfSSL_X509_crl_new(store->cm);
if (crl == NULL) {
+ WOLFSSL_MSG("wolfSSL_X509_crl_new failed");
return WOLFSSL_FAILURE;
}
- if (DupX509_CRL(crl, newcrl) != 0) {
- if (crl != NULL)
- FreeCRL(crl, 1);
+ if (wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
+ WOLFSSL_MSG("wc_LockRwLock_Rd failed");
+ return BAD_MUTEX_E;
+ }
+ ret = DupX509_CRL(crl, newcrl);
+ wc_UnLockRwLock(&newcrl->crlLock);
+ if (ret != 0) {
+ FreeCRL(crl, 1);
return WOLFSSL_FAILURE;
}
store->crl = store->cm->crl = crl;
@@ -888,26 +867,29 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
/* find tail of current list and add new list */
crl = store->cm->crl;
- crle = crl->crlList;
if (newcrl->crlList != NULL) {
- CRL_Entry *tail = crle;
+ CRL_Entry **tail;
CRL_Entry *toAdd;
- if (wc_LockMutex(&crl->crlLock) != 0)
- {
- WOLFSSL_MSG("wc_LockMutex failed");
+ if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
+ WOLFSSL_MSG("wc_LockRwLock_Wr failed");
return BAD_MUTEX_E;
}
- toAdd = DupCRL_list(newcrl->crlList, crl->heap);
- if (tail == NULL) {
- crl->crlList = toAdd;
- }
- else {
- while (tail->next != NULL) tail = tail->next;
- tail->next = toAdd;
+ if (crl != newcrl && wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
+ WOLFSSL_MSG("wc_LockRwLock_Wr failed");
+ wc_UnLockRwLock(&crl->crlLock);
+ return BAD_MUTEX_E;
}
- wc_UnLockMutex(&crl->crlLock);
+ toAdd = DupCRL_list(newcrl->crlList, crl->heap);
+ if (crl != newcrl)
+ wc_UnLockRwLock(&newcrl->crlLock);
+
+ tail = &crl->crlList;
+ while (*tail != NULL)
+ tail = &(*tail)->next;
+ *tail = toAdd;
+ wc_UnLockRwLock(&crl->crlLock);
}
if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL)
@@ -928,23 +910,20 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
/* Signal Monitor thread is setup, save status to setup flag, 0 on success */
static int SignalSetup(WOLFSSL_CRL* crl, int status)
{
- int ret;
+ int ret, condRet;
- /* signal to calling thread we're setup */
- if (wc_LockMutex(&crl->crlLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex crlLock failed");
- return BAD_MUTEX_E;
- }
-
- crl->setup = status;
- ret = pthread_cond_signal(&crl->cond);
+ ret = wolfSSL_CondStart(&crl->cond);
+ if (ret != 0)
+ return ret;
- wc_UnLockMutex(&crl->crlLock);
+ crl->setup = status;
+ condRet = wolfSSL_CondSignal(&crl->cond);
+ ret = wolfSSL_CondEnd(&crl->cond);
if (ret != 0)
- return BAD_COND_E;
+ return ret;
- return 0;
+ return condRet;
}
@@ -997,8 +976,8 @@ static int SwapLists(WOLFSSL_CRL* crl)
}
}
- if (wc_LockMutex(&crl->crlLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex failed");
+ if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
+ WOLFSSL_MSG("wc_LockRwLock_Wr failed");
FreeCRL(tmp, 0);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1012,7 +991,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
tmp->crlList = crl->crlList;
crl->crlList = newList;
- wc_UnLockMutex(&crl->crlLock);
+ wc_UnLockRwLock(&crl->crlLock);
FreeCRL(tmp, 0);
@@ -1035,7 +1014,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
#ifdef __MACH__
#define XEVENT_MODE O_EVTONLY
#elif defined(__FreeBSD__)
- #define XEVENT_MODE EVFILT_VNODE
+ #define XEVENT_MODE O_RDONLY
#endif
@@ -1047,7 +1026,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
/* shutdown monitor thread, 0 on success */
-static int StopMonitor(int mfd)
+static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
{
struct kevent change;
@@ -1063,7 +1042,7 @@ static int StopMonitor(int mfd)
/* OS X monitoring */
-static void* DoMonitor(void* arg)
+static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
{
int fPEM, fDER;
struct kevent change;
@@ -1114,11 +1093,11 @@ static void* DoMonitor(void* arg)
}
if (fPEM != -1)
- EV_SET(&change, fPEM, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT,
+ EV_SET(&change, fPEM, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
if (fDER != -1)
- EV_SET(&change, fDER, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT,
+ EV_SET(&change, fDER, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
/* signal to calling thread we're setup */
@@ -1180,7 +1159,7 @@ static void* DoMonitor(void* arg)
/* shutdown monitor thread, 0 on success */
-static int StopMonitor(int mfd)
+static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
{
word64 w64 = 1;
@@ -1195,7 +1174,7 @@ static int StopMonitor(int mfd)
/* linux monitoring */
-static void* DoMonitor(void* arg)
+static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
{
int notifyFd;
int wd = -1;
@@ -1247,18 +1226,9 @@ static void* DoMonitor(void* arg)
}
}
-#ifdef WOLFSSL_SMALL_STACK
- buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (buff == NULL)
- return NULL;
-#endif
/* signal to calling thread we're setup */
if (SignalSetup(crl, 1) != 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
-
if (wd > 0) {
if (inotify_rm_watch(notifyFd, wd) < 0)
WOLFSSL_MSG("inotify_rm_watch #1 failed in DoMonitor");
@@ -1268,6 +1238,12 @@ static void* DoMonitor(void* arg)
return NULL;
}
+#ifdef WOLFSSL_SMALL_STACK
+ buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (buff == NULL)
+ return NULL;
+#endif
+
for (;;) {
fd_set readfds;
int result;
@@ -1326,7 +1302,145 @@ static void* DoMonitor(void* arg)
return NULL;
}
-#endif /* MACH or linux */
+#elif defined(_MSC_VER)
+
+/* shutdown monitor thread, 0 on success */
+static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
+{
+ if (SetEvent(mfd) == 0) {
+ WOLFSSL_MSG("SetEvent custom event trigger failed");
+ return -1;
+ }
+ return 0;
+}
+
+#ifdef DEBUG_WOLFSSL
+#define SHOW_WINDOWS_ERROR() do { \
+ LPVOID lpMsgBuf; \
+ DWORD dw = GetLastError(); \
+ FormatMessageA( \
+ FORMAT_MESSAGE_ALLOCATE_BUFFER | \
+ FORMAT_MESSAGE_FROM_SYSTEM | \
+ FORMAT_MESSAGE_IGNORE_INSERTS, \
+ NULL, \
+ dw, \
+ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), \
+ (LPSTR) &lpMsgBuf, \
+ 0, NULL ); \
+ WOLFSSL_MSG_EX("DoMonitor failed with error %d: %s\n", \
+ dw, lpMsgBuf); \
+ LocalFree(lpMsgBuf); \
+} while(0)
+#else
+#define SHOW_WINDOWS_ERROR() WC_DO_NOTHING
+#endif
+
+#define DM_ERROR() do { \
+ SHOW_WINDOWS_ERROR(); \
+ status = MONITOR_SETUP_E; \
+ goto cleanup; \
+} while(0)
+
+/* windows monitoring
+ * Tested initially by hand by running
+ * .\server.exe -A certs/ca-cert.pem -i -x
+ * and connecting to with
+ * .\client.exe -C -c certs/server-cert.pem -k certs/server-key.pem
+ * This connection succeeds by default. By deleting all files from certs/crl
+ * except for crl.revoked we disallow the client to connect. Deleting files
+ * is done while the server is running to show that the monitor reacts to
+ * changes in the crl directory. */
+static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
+{
+ WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
+ int status = 0;
+ HANDLE handles[WOLFSSL_CRL_MONITORS_LEN + 1];
+ DWORD handlesLen = 0;
+ int i;
+
+ WOLFSSL_ENTER("DoMonitor");
+
+ handles[0] = crl->mfd = CreateEventA(NULL, FALSE, FALSE, NULL);
+ if (crl->mfd == NULL) {
+ WOLFSSL_MSG("CreateEventA failed");
+ DM_ERROR();
+ }
+ handlesLen++;
+
+ for (i = 0; i < WOLFSSL_CRL_MONITORS_LEN; i++) {
+ if (crl->monitors[i].path) {
+ handles[handlesLen] = FindFirstChangeNotificationA(
+ crl->monitors[i].path, TRUE,
+ /* Watch for any changes that may affect what CRL's we load.
+ * This may trigger on the same file multiple times but this
+ * way we are certain that we have the most up to date and
+ * accurate set of CRL's. We don't expect this to trigger
+ * often enough for it to be a bottleneck. */
+ FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_ATTRIBUTES |
+ FILE_NOTIFY_CHANGE_SIZE | FILE_NOTIFY_CHANGE_LAST_WRITE |
+ FILE_NOTIFY_CHANGE_SECURITY);
+ if (handles[handlesLen] == INVALID_HANDLE_VALUE) {
+ WOLFSSL_MSG("FindFirstChangeNotificationA failed");
+ DM_ERROR();
+ }
+ handlesLen++;
+ }
+ }
+
+ if (handlesLen == 1) {
+ WOLFSSL_MSG("Nothing to watch. Only custom event handle set.");
+ DM_ERROR();
+ }
+
+ if (SignalSetup(crl, 1) != 0) {
+ WOLFSSL_MSG("Call to SignalSetup failed");
+ DM_ERROR();
+ }
+
+ for (;;) {
+ DWORD waitRet = WaitForMultipleObjects(handlesLen, handles, FALSE,
+ INFINITE);
+ WOLFSSL_MSG("Got notify event");
+
+ if (waitRet >= WAIT_OBJECT_0 && waitRet < WAIT_OBJECT_0 + handlesLen) {
+ if (waitRet == WAIT_OBJECT_0) {
+ WOLFSSL_MSG("got custom shutdown event, breaking out");
+ break;
+ }
+ else if (SwapLists(crl) < 0) {
+ WOLFSSL_MSG("SwapLists problem, continue");
+ }
+ }
+ else {
+ WOLFSSL_MSG("Unexpected WaitForMultipleObjects return. Continue.");
+ }
+
+ for (i = 1; i < (int)handlesLen; i++) {
+ if (FindNextChangeNotification(handles[i]) == 0) {
+ WOLFSSL_MSG("FindNextChangeNotification failed");
+ DM_ERROR();
+ }
+ }
+ }
+
+cleanup:
+ if (status != 0)
+ SignalSetup(crl, status);
+ for (i = 0; i < (int)handlesLen; i++) {
+ BOOL closeRet;
+ if (i == 0) /* First handle is our custom event */
+ closeRet = CloseHandle(handles[i]);
+ else
+ closeRet = FindCloseChangeNotification(handles[i]);
+ if (closeRet == 0) {
+ WOLFSSL_MSG("Failed to close handle");
+ }
+ }
+ crl->mfd = INVALID_HANDLE_VALUE;
+ return 0;
+}
+
+#endif /* MACH or linux or windows */
/* Start Monitoring the CRL path(s) in a thread */
@@ -1339,58 +1453,44 @@ static int StartMonitorCRL(WOLFSSL_CRL* crl)
if (crl == NULL)
return BAD_FUNC_ARG;
- if (crl->tid != 0) {
+ if (crl->tid != INVALID_THREAD_VAL) {
WOLFSSL_MSG("Monitor thread already running");
return ret; /* that's ok, someone already started */
}
- if (pthread_create(&crl->tid, NULL, DoMonitor, crl) != 0) {
+ if (wolfSSL_NewThread(&crl->tid, DoMonitor, crl) != 0) {
WOLFSSL_MSG("Thread creation error");
return THREAD_CREATE_E;
}
/* wait for setup to complete */
- if (wc_LockMutex(&crl->crlLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex crlLock error");
+ if (wolfSSL_CondStart(&crl->cond) != 0) {
+ WOLFSSL_MSG("wolfSSL_CondStart failed");
return BAD_MUTEX_E;
}
-
- while (crl->setup == 0) {
- if (pthread_cond_wait(&crl->cond, &crl->crlLock) != 0) {
- ret = BAD_COND_E;
- break;
- }
+ while (crl->setup == 0) {
+ int condRet;
+ condRet = wolfSSL_CondWait(&crl->cond);
+ if (condRet != 0) {
+ ret = BAD_COND_E;
+ break;
}
- if (crl->setup < 0)
- ret = crl->setup; /* store setup error */
-
- wc_UnLockMutex(&crl->crlLock);
+ }
+ if (ret >= 0 && crl->setup < 0)
+ ret = crl->setup; /* store setup error */
if (ret < 0) {
WOLFSSL_MSG("DoMonitor setup failure");
- crl->tid = 0; /* thread already done */
+ crl->tid = INVALID_THREAD_VAL; /* thread already done */
+ }
+ if (wolfSSL_CondEnd(&crl->cond) != 0) {
+ WOLFSSL_MSG("wolfSSL_CondEnd failed");
+ return BAD_MUTEX_E;
}
return ret;
}
-
-#else /* HAVE_CRL_MONITOR */
-
-#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
-
-static int StartMonitorCRL(WOLFSSL_CRL* crl)
-{
- (void)crl;
-
- WOLFSSL_ENTER("StartMonitorCRL");
- WOLFSSL_MSG("Not compiled in");
-
- return NOT_COMPILED_IN;
-}
-
-#endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */
-
#endif /* HAVE_CRL_MONITOR */
#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
@@ -1436,28 +1536,41 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
}
}
+#ifndef CRL_REPORT_LOAD_ERRORS
if (!skip && ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl,
VERIFY) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("CRL file load failed, continuing");
}
+#else
+ if (!skip) {
+ ret = ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl, VERIFY);
+ if (ret != WOLFSSL_SUCCESS) {
+ WOLFSSL_MSG("CRL file load failed");
+ return ret;
+ }
+ }
+#endif
ret = wc_ReadDirNext(readCtx, path, &name);
}
wc_ReadDirClose(readCtx);
- ret = WOLFSSL_SUCCESS; /* load failures not reported, for backwards compat */
+
+ /* load failures not reported, for backwards compat */
+ ret = WOLFSSL_SUCCESS;
#ifdef WOLFSSL_SMALL_STACK
XFREE(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (monitor & WOLFSSL_CRL_MONITOR) {
+#ifdef HAVE_CRL_MONITOR
word32 pathLen;
char* pathBuf;
WOLFSSL_MSG("monitor path requested");
pathLen = (word32)XSTRLEN(path);
- pathBuf = (char*)XMALLOC(pathLen+1, crl->heap,DYNAMIC_TYPE_CRL_MONITOR);
+ pathBuf = (char*)XMALLOC(pathLen+1, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
if (pathBuf) {
XMEMCPY(pathBuf, path, pathLen+1);
@@ -1488,6 +1601,10 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
else {
ret = MEMORY_E;
}
+#else
+ WOLFSSL_MSG("CRL monitoring requested but not compiled in");
+ ret = NOT_COMPILED_IN;
+#endif
}
return ret;
diff --git a/extra/wolfssl/wolfssl/src/dtls.c b/extra/wolfssl/wolfssl/src/dtls.c
index d604b5a2..fceeedbe 100644
--- a/extra/wolfssl/wolfssl/src/dtls.c
+++ b/extra/wolfssl/wolfssl/src/dtls.c
@@ -21,11 +21,29 @@
/*
* WOLFSSL_DTLS_NO_HVR_ON_RESUME
+ * WOLFSSL_DTLS13_NO_HRR_ON_RESUME
* If defined, a DTLS server will not do a cookie exchange on successful
* client resumption: the resumption will be faster (one RTT less) and
- * will consume less bandwidth (one ClientHello and one HelloVerifyRequest
- * less). On the other hand, if a valid SessionID is collected, forged
- * clientHello messages will consume resources on the server.
+ * will consume less bandwidth (one ClientHello and one
+ * HelloVerifyRequest/HelloRetryRequest less). On the other hand, if a valid
+ * SessionID/ticket/psk is collected, forged clientHello messages will
+ * consume resources on the server. For DTLS 1.3, using this option also
+ * allows for the server to process Early Data/0-RTT Data. Without this, the
+ * Early Data would be dropped since the server doesn't enter stateful
+ * processing until receiving a verified ClientHello with the cookie.
+ *
+ * To allow DTLS 1.3 resumption without the cookie exchange:
+ * - Compile wolfSSL with WOLFSSL_DTLS13_NO_HRR_ON_RESUME defined
+ * - Call wolfSSL_dtls13_no_hrr_on_resume(ssl, 1) on the WOLFSSL object to
+ * disable the cookie exchange on resumption
+ * - Continue like with a normal connection
+ * WOLFSSL_DTLS_CH_FRAG
+ * Allow a server to process a fragmented second/verified (one containing a
+ * valid cookie response) ClientHello message. The first/unverified (one
+ * without a cookie extension) ClientHello MUST be unfragmented so that the
+ * DTLS server can process it statelessly. This is only implemented for
+ * DTLS 1.3. The user MUST call wolfSSL_dtls13_allow_ch_frag() on the server
+ * to explicitly enable this during runtime.
*/
#ifdef HAVE_CONFIG_H
@@ -75,6 +93,7 @@ void DtlsResetState(WOLFSSL* ssl)
ssl->options.connectState = CONNECT_BEGIN;
ssl->options.acceptState = ACCEPT_BEGIN;
ssl->options.handShakeState = NULL_STATE;
+ ssl->options.seenUnifiedHdr = 0;
ssl->msgsReceived.got_client_hello = 0;
ssl->keys.dtls_handshake_number = 0;
ssl->keys.dtls_expected_peer_handshake_number = 0;
@@ -262,10 +281,13 @@ static int CheckDtlsCookie(const WOLFSSL* ssl, WolfSSL_CH* ch,
return ret;
}
-static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch)
+static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch,
+ byte isFirstCHFrag)
{
word32 idx = 0;
+ (void)isFirstCHFrag;
+
/* protocol version, random and session id length check */
if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
return BUFFER_ERROR;
@@ -285,10 +307,24 @@ static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch)
if (idx > helloSz - OPAQUE8_LEN)
return BUFFER_ERROR;
idx += ReadVector8(input + idx, &ch->compression);
- if (idx > helloSz - OPAQUE16_LEN)
- return BUFFER_ERROR;
- idx += ReadVector16(input + idx, &ch->extension);
- if (idx > helloSz)
+ if (idx < helloSz - OPAQUE16_LEN) {
+ /* Extensions are optional */
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ word32 extStart = idx + OPAQUE16_LEN;
+#endif
+ idx += ReadVector16(input + idx, &ch->extension);
+ if (idx > helloSz) {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ idx = helloSz;
+ /* Allow incomplete extensions if we are parsing a fragment */
+ if (isFirstCHFrag && extStart < helloSz)
+ ch->extension.size = helloSz - extStart;
+ else
+#endif
+ return BUFFER_ERROR;
+ }
+ }
+ if (idx != helloSz)
return BUFFER_ERROR;
ch->length = idx;
return 0;
@@ -718,8 +754,8 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
#ifdef HAVE_SUPPORTED_CURVES
if (doKE) {
byte searched = 0;
- ret = TLSX_KeyShare_Choose(ssl, parsedExts, &cs.clientKSE,
- &searched);
+ ret = TLSX_KeyShare_Choose(ssl, parsedExts, cs.cipherSuite0,
+ cs.cipherSuite, &cs.clientKSE, &searched);
if (ret != 0)
goto dtls13_cleanup;
if (cs.clientKSE == NULL && searched)
@@ -744,6 +780,15 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
}
}
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+ if (ssl->options.dtls13NoHrrOnResume && usePSK && pskInfo.isValid &&
+ !cs.doHelloRetry) {
+ /* Skip HRR on resumption */
+ ((WOLFSSL*)ssl)->options.dtlsStateful = 1;
+ goto dtls13_cleanup;
+ }
+#endif
+
#ifdef HAVE_SUPPORTED_CURVES
if (cs.doHelloRetry) {
ret = TLSX_KeyShare_SetSupported(ssl, &parsedExts);
@@ -823,6 +868,7 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13)
else
#endif
{
+#if !defined(WOLFSSL_NO_TLS12)
if (!ch->dtls12cookieSet) {
ret = CreateDtls12Cookie(ssl, ch, ch->dtls12cookie);
if (ret != 0)
@@ -831,6 +877,11 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13)
}
ret = SendHelloVerifyRequest((WOLFSSL*)ssl, ch->dtls12cookie,
DTLS_COOKIE_SZ);
+#else
+ WOLFSSL_MSG("DTLS1.2 disabled with WOLFSSL_NO_TLS12");
+ WOLFSSL_ERROR_VERBOSE(NOT_COMPILED_IN);
+ ret = NOT_COMPILED_IN;
+#endif
}
return ret;
}
@@ -856,17 +907,30 @@ static int ClientHelloSanityCheck(WolfSSL_CH* ch, byte isTls13)
return 0;
}
-int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
- word32* inOutIdx, word32 helloSz)
+int DoClientHelloStateless(WOLFSSL* ssl, const byte* input, word32 helloSz,
+ byte isFirstCHFrag, byte* tls13)
{
int ret;
WolfSSL_CH ch;
byte isTls13 = 0;
+ WOLFSSL_ENTER("DoClientHelloStateless");
+ if (isFirstCHFrag) {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ WOLFSSL_MSG("\tProcessing fragmented ClientHello");
+#else
+ WOLFSSL_MSG("\tProcessing fragmented ClientHello but "
+ "WOLFSSL_DTLS_CH_FRAG is not defined. This should not happen.");
+ return BAD_STATE_E;
+#endif
+ }
+ if (tls13 != NULL)
+ *tls13 = 0;
+
XMEMSET(&ch, 0, sizeof(ch));
ssl->options.dtlsStateful = 0;
- ret = ParseClientHello(input + *inOutIdx, helloSz, &ch);
+ ret = ParseClientHello(input, helloSz, &ch, isFirstCHFrag);
if (ret != 0)
return ret;
@@ -875,6 +939,8 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
ret = TlsCheckSupportedVersion(ssl, &ch, &isTls13);
if (ret != 0)
return ret;
+ if (tls13 != NULL)
+ *tls13 = isTls13;
if (isTls13) {
int tlsxFound;
ret = FindExtByType(&ch.cookieExt, TLSX_COOKIE, ch.extension,
@@ -890,7 +956,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
return ret;
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
- if (!isTls13) {
+ if (!isTls13 && !isFirstCHFrag) {
int resume = FALSE;
ret = TlsResumptionIsValid(ssl, &ch, &resume);
if (ret != 0)
@@ -903,7 +969,13 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
#endif
if (ch.cookie.size == 0 && ch.cookieExt.size == 0) {
- ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13);
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ /* Don't send anything here when processing fragment */
+ if (isFirstCHFrag)
+ ret = COOKIE_ERROR;
+ else
+#endif
+ ret = SendStatelessReply(ssl, &ch, isTls13);
}
else {
byte cookieGood;
@@ -918,10 +990,24 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
ret = INVALID_PARAMETER;
else
#endif
- ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13);
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ /* Don't send anything here when processing fragment */
+ if (isFirstCHFrag)
+ ret = COOKIE_ERROR;
+ else
+#endif
+ ret = SendStatelessReply(ssl, &ch, isTls13);
}
- else
+ else {
ssl->options.dtlsStateful = 1;
+ /* Update the window now that we enter the stateful parsing */
+#ifdef WOLFSSL_DTLS13
+ if (isTls13)
+ ret = Dtls13UpdateWindowRecordRecvd(ssl);
+ else
+#endif
+ DtlsUpdateWindow(ssl);
+ }
}
return ret;
@@ -1105,7 +1191,7 @@ int TLSX_ConnectionID_Use(WOLFSSL* ssl)
/* CIDInfo needs to be accessed every time we send or receive a record. To
* avoid the cost of the extension lookup save a pointer to the structure
* inside the SSL object itself, and save a pointer to the SSL object in the
- * extension. The extension freeing routine uses te pointer to the SSL
+ * extension. The extension freeing routine uses the pointer to the SSL
* object to find the structure and to set ssl->dtlsCidInfo pointer to NULL
* after freeing the structure. */
ssl->dtlsCidInfo = info;
diff --git a/extra/wolfssl/wolfssl/src/dtls13.c b/extra/wolfssl/wolfssl/src/dtls13.c
index b5fecafd..3591d67b 100644
--- a/extra/wolfssl/wolfssl/src/dtls13.c
+++ b/extra/wolfssl/wolfssl/src/dtls13.c
@@ -277,10 +277,7 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
/* assuming CIPHER[0..3] should be interpreted as little endian 32-bits
integer. The draft rfc isn't really clear on that. See sec 4.2.3 of
the draft. See also Section 2.3 of the Chacha RFC. */
- XMEMCPY(&counter, ciphertext, sizeof(counter));
-#ifdef BIG_ENDIAN
- counter = ByteReverseWord32(counter);
-#endif /* BIG_ENDIAN */
+ ato32le(ciphertext, &counter);
ret = wc_Chacha_SetIV(c->chacha, &ciphertext[4], counter);
if (ret != 0)
@@ -355,6 +352,7 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
WOLFSSL_ENTER("Dtls13ProcessBufferedMessages");
while (msg != NULL) {
+ int downgraded = 0;
idx = 0;
/* message not in order */
@@ -365,8 +363,32 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
if (!msg->ready)
break;
- ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
- msg->sz, msg->sz);
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+ ret = MsgCheckEncryption(ssl, msg->type, msg->encrypted);
+ if (ret != 0) {
+ SendAlert(ssl, alert_fatal, unexpected_message);
+ break;
+ }
+#endif
+
+ /* We may have DTLS <=1.2 msgs stored from before we knew which version
+ * we were going to use. Interpret correctly. */
+ if (IsAtLeastTLSv1_3(ssl->version)) {
+ ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
+ msg->sz, msg->sz);
+ if (!IsAtLeastTLSv1_3(ssl->version))
+ downgraded = 1;
+ }
+ else {
+#if !defined(WOLFSSL_NO_TLS12)
+ ret = DoHandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
+ msg->sz, msg->sz);
+#else
+ WOLFSSL_MSG("DTLS1.2 disabled with WOLFSSL_NO_TLS12");
+ WOLFSSL_ERROR_VERBOSE(NOT_COMPILED_IN);
+ ret = NOT_COMPILED_IN;
+#endif
+ }
/* processing certificate_request triggers a connect. The error came
* from there, the message can be considered processed successfully.
@@ -374,7 +396,13 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
* waiting to flush the output buffer. */
if ((ret == 0 || ret == WANT_WRITE) || (msg->type == certificate_request &&
ssl->options.handShakeDone && ret == WC_PENDING_E)) {
- Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
+ if (IsAtLeastTLSv1_3(ssl->version))
+ Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
+ else if (downgraded)
+ /* DoHandShakeMsgType normally handles the hs number but if
+ * DoTls13HandShakeMsgType processed 1.2 msgs then this wasn't
+ * incremented. */
+ ssl->keys.dtls_expected_peer_handshake_number++;
ssl->dtls_rx_msg_list = msg->next;
DtlsMsgDelete(msg, ssl->heap);
@@ -628,7 +656,7 @@ static void Dtls13RtxRecordUnlink(WOLFSSL* ssl, Dtls13RtxRecord** prevNext,
*prevNext = r->next;
}
-static void Dtls13RtxFlushBuffered(WOLFSSL* ssl, byte keepNewSessionTicket)
+void Dtls13RtxFlushBuffered(WOLFSSL* ssl, byte keepNewSessionTicket)
{
Dtls13RtxRecord *r, **prevNext;
@@ -809,10 +837,16 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs,
Dtls13MaybeSaveClientHello(ssl);
/* In the handshake, receiving part of the next flight, acknowledge the
- sent flight. The only exception is, on the server side, receiving the
- last client flight does not ACK any sent new_session_ticket
- messages. */
- Dtls13RtxFlushBuffered(ssl, 1);
+ * sent flight. */
+ /* On the server side, receiving the last client flight does not ACK any
+ * sent new_session_ticket messages. */
+ /* We don't want to clear the buffer until we have done version
+ * negotiation in the SH or have received a unified header in the
+ * DTLS record. */
+ if (ssl->options.serverState >= SERVER_HELLO_COMPLETE ||
+ ssl->options.seenUnifiedHdr)
+ /* Use 1.2 API to clear 1.2 buffers too */
+ DtlsMsgPoolReset(ssl);
}
if (ssl->keys.dtls_peer_handshake_number <
@@ -856,6 +890,8 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs,
void Dtls13FreeFsmResources(WOLFSSL* ssl)
{
Dtls13RtxFlushAcks(ssl);
+ /* Use 1.2 API to clear 1.2 buffers too */
+ DtlsMsgPoolReset(ssl);
Dtls13RtxFlushBuffered(ssl, 0);
}
@@ -921,8 +957,10 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
}
ret = CheckAvailableSize(ssl, recordLength + MAX_MSG_EXTRA);
- if (ret != 0)
+ if (ret != 0) {
+ Dtls13FreeFragmentsBuffer(ssl);
return ret;
+ }
output = GetOutputBuffer(ssl);
@@ -1551,6 +1589,19 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
return 0;
}
+static int Dtls13AcceptFragmented(WOLFSSL *ssl, enum HandShakeType type)
+{
+ if (IsEncryptionOn(ssl, 0))
+ return 1;
+ if (ssl->options.side == WOLFSSL_CLIENT_END && type == server_hello)
+ return 1;
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ if (ssl->options.side == WOLFSSL_SERVER_END && type == client_hello &&
+ ssl->options.dtls13ChFrag && ssl->options.dtlsStateful)
+ return 1;
+#endif
+ return 0;
+}
/**
* Dtls13HandshakeRecv() - process an handshake message. Deal with
fragmentation if needed
@@ -1579,6 +1630,13 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
if (ret != 0)
return PARSE_ERROR;
+ /* Need idx + fragLength as we don't advance the inputBuffer idx value */
+ ret = EarlySanityCheckMsgReceived(ssl, handshakeType, idx + fragLength);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
if (ssl->options.side == WOLFSSL_SERVER_END &&
ssl->options.acceptState < TLS13_ACCEPT_FIRST_REPLY_DONE) {
if (handshakeType != client_hello) {
@@ -1624,13 +1682,35 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
isFirst = fragOff == 0;
isComplete = isFirst && fragLength == messageLength;
- if (!isComplete && !IsEncryptionOn(ssl, 0)) {
+ if (!isComplete && !Dtls13AcceptFragmented(ssl, handshakeType)) {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ byte tls13 = 0;
+ /* check if the first CH fragment contains a valid cookie */
+ if (ssl->options.dtls13ChFrag && !ssl->options.dtlsStateful &&
+ isFirst && handshakeType == client_hello &&
+ DoClientHelloStateless(ssl, input + idx, fragLength, 1, &tls13)
+ == 0 && tls13) {
+ /* We can save this message and continue as stateful. */
+ if (ssl->chGoodCb != NULL) {
+ int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
+ if (cbret < 0) {
+ ssl->error = cbret;
+ WOLFSSL_MSG("ClientHello Good Cb don't continue error");
+ return WOLFSSL_FATAL_ERROR;
+ }
+ }
+ WOLFSSL_MSG("ClientHello fragment verified");
+ }
+ else
+#endif
+ {
#ifdef WOLFSSL_DEBUG_TLS
- WOLFSSL_MSG("DTLS1.3 not accepting fragmented plaintext message");
+ WOLFSSL_MSG("DTLS1.3 not accepting fragmented plaintext message");
#endif /* WOLFSSL_DEBUG_TLS */
- /* ignore the message */
- *processedSize = idx + fragLength + ssl->keys.padSz;
- return 0;
+ /* ignore the message */
+ *processedSize = idx + fragLength + ssl->keys.padSz;
+ return 0;
+ }
}
usingAsyncCrypto = ssl->devId != INVALID_DEVID;
@@ -2347,7 +2427,11 @@ static int Dtls13WriteAckMessage(WOLFSSL* ssl,
c16toa(msgSz, ackMessage);
ackMessage += OPAQUE16_LEN;
+ WOLFSSL_MSG("write ack records");
+
while (recordNumberList != NULL) {
+ WOLFSSL_MSG_EX("epoch %d seq %d", recordNumberList->epoch,
+ recordNumberList->seq);
c64toa(&recordNumberList->epoch, ackMessage);
ackMessage += OPAQUE64_LEN;
c64toa(&recordNumberList->seq, ackMessage);
@@ -2474,7 +2558,12 @@ int Dtls13RtxTimeout(WOLFSSL* ssl)
{
int ret = 0;
- if (ssl->dtls13Rtx.seenRecords != NULL) {
+ /* We don't want to send acks until we have done version
+ * negotiation in the SH or have received a unified header in the
+ * DTLS record. */
+ if (ssl->dtls13Rtx.seenRecords != NULL &&
+ (ssl->options.serverState >= SERVER_HELLO_COMPLETE ||
+ ssl->options.seenUnifiedHdr)) {
ssl->dtls13Rtx.sendAcks = 0;
/* reset fast timeout as we are sending ACKs */
ssl->dtls13FastTimeout = 0;
@@ -2534,10 +2623,13 @@ int DoDtls13Ack(WOLFSSL* ssl, const byte* input, word32 inputSize,
if (length % (DTLS13_RN_SIZE) != 0)
return PARSE_ERROR;
+ WOLFSSL_MSG("read ack records");
+
ackMessage = input + OPAQUE16_LEN;
for (i = 0; i < length; i += DTLS13_RN_SIZE) {
ato64(ackMessage + i, &epoch);
ato64(ackMessage + i + OPAQUE64_LEN, &seq);
+ WOLFSSL_MSG_EX("epoch %d seq %d", epoch, seq);
Dtls13RtxRemoveRecord(ssl, epoch, seq);
}
@@ -2608,14 +2700,13 @@ int SendDtls13Ack(WOLFSSL* ssl)
if (ret != 0)
return ret;
- if (w64IsZero(ssl->dtls13EncryptEpoch->epochNumber)) {
-
- ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
- if (ret != 0)
- return ret;
+ ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
+ if (ret != 0)
+ return ret;
- output = GetOutputBuffer(ssl);
+ output = GetOutputBuffer(ssl);
+ if (w64IsZero(ssl->dtls13EncryptEpoch->epochNumber)) {
ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, (word16)length);
if (ret != 0)
return ret;
@@ -2623,13 +2714,6 @@ int SendDtls13Ack(WOLFSSL* ssl)
ssl->buffers.outputBuffer.length += length + DTLS_RECORD_HEADER_SZ;
}
else {
-
- ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
- if (ret != 0)
- return ret;
-
- output = GetOutputBuffer(ssl);
-
outputSize = ssl->buffers.outputBuffer.bufferSize -
ssl->buffers.outputBuffer.idx -
ssl->buffers.outputBuffer.length;
@@ -2770,4 +2854,26 @@ int Dtls13CheckAEADFailLimit(WOLFSSL* ssl)
}
#endif
+#ifdef WOLFSSL_DTLS_CH_FRAG
+int wolfSSL_dtls13_allow_ch_frag(WOLFSSL *ssl, int enabled)
+{
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ return WOLFSSL_FAILURE;
+ }
+ ssl->options.dtls13ChFrag = !!enabled;
+ return WOLFSSL_SUCCESS;
+}
+#endif
+
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+int wolfSSL_dtls13_no_hrr_on_resume(WOLFSSL *ssl, int enabled)
+{
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ return WOLFSSL_FAILURE;
+ }
+ ssl->options.dtls13NoHrrOnResume = !!enabled;
+ return WOLFSSL_SUCCESS;
+}
+#endif
+
#endif /* WOLFSSL_DTLS13 */
diff --git a/extra/wolfssl/wolfssl/src/include.am b/extra/wolfssl/wolfssl/src/include.am
index d2c40e6d..a69822ff 100644
--- a/extra/wolfssl/wolfssl/src/include.am
+++ b/extra/wolfssl/wolfssl/src/include.am
@@ -3,8 +3,6 @@
# All paths should be given relative to the root
FIPS_FILES = \
- ctaocrypt/src/fips.c \
- ctaocrypt/src/fips_test.c \
wolfcrypt/src/async.c \
wolfcrypt/src/fips.c \
wolfcrypt/src/fips_test.c \
@@ -21,6 +19,8 @@ EXTRA_DIST += src/conf.c
EXTRA_DIST += src/pk.c
EXTRA_DIST += src/ssl_asn1.c
EXTRA_DIST += src/ssl_bn.c
+EXTRA_DIST += src/ssl_certman.c
+EXTRA_DIST += src/ssl_crypto.c
EXTRA_DIST += src/ssl_misc.c
EXTRA_DIST += src/x509.c
EXTRA_DIST += src/x509_str.c
@@ -53,42 +53,6 @@ endif # BUILD_FAST_RSA
if BUILD_FIPS
-if BUILD_FIPS_V1
-# fips first file
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c
-
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += \
- ctaocrypt/src/hmac.c \
- ctaocrypt/src/random.c \
- ctaocrypt/src/sha256.c
-
-if BUILD_RSA
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/rsa.c
-endif
-
-if BUILD_AES
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/aes.c
-endif
-
-if BUILD_DES3
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/des3.c
-endif
-
-if BUILD_SHA
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/sha.c
-endif
-
-if BUILD_SHA512
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/sha512.c
-endif
-
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/fips.c
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/fips_test.c
-
-# fips last file
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c
-endif BUILD_FIPS_V1
-
if BUILD_FIPS_V2
# FIPSv2 first file
src_libwolfssl@LIBSUFFIX@_la_SOURCES += \
@@ -117,6 +81,7 @@ if BUILD_X86_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
endif
endif
@@ -196,11 +161,27 @@ if BUILD_AES
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes.c
if BUILD_ARMASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-aes.c
+endif BUILD_ARMASM
+if BUILD_ARMASM_NEON
if !BUILD_ARMASM_CRYPTO
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
-endif
-endif
-endif
+endif !BUILD_ARMASM_INLINE
+endif !BUILD_ARMASM_CRYPTO
+else
+if BUILD_ARMASM
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
+endif !BUILD_ARMASM_INLINE
+endif BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
+endif BUILD_AES
if BUILD_AESNI
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
@@ -208,6 +189,7 @@ if BUILD_X86_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
endif
endif
@@ -215,22 +197,33 @@ if BUILD_SHA
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
endif
+if BUILD_ARMASM_NEON
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
+else
if BUILD_ARMASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
-endif
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256.c
if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256_asm.S
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
if BUILD_SHA512
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
@@ -238,24 +231,35 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-a
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm.S
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
-endif
+endif !BUILD_ARMASM_INLINE
+else
+if BUILD_ARMASM
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm.S
+endif !BUILD_ARMASM_INLINE
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512.c
if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512_asm.S
-endif
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
+endif BUILD_SHA512
if BUILD_SHA3
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3.c
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm.S
-endif
-endif
+endif !BUILD_ARMASM_INLINE
+endif BUILD_ARMASM_NEON
if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3_asm.S
endif
@@ -320,18 +324,29 @@ endif !BUILD_FIPS_CURRENT
if !BUILD_FIPS_CURRENT
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256.c
+if BUILD_ARMASM_NEON
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
+else
if BUILD_ARMASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
-endif
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
else
if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256_asm.S
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
endif !BUILD_FIPS_CURRENT
if BUILD_AFALG
@@ -409,13 +424,31 @@ if BUILD_AES
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes.c
if BUILD_ARMASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-aes.c
+endif BUILD_ARMASM
+if BUILD_ARMASM_NEON
if !BUILD_ARMASM_CRYPTO
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
+else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
+endif !BUILD_ARMASM_INLINE
endif !BUILD_ARMASM_CRYPTO
+else
+if BUILD_ARMASM
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
+endif !BUILD_ARMASM_INLINE
endif BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
if BUILD_AFALG
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_aes.c
-endif
+endif BUILD_AFALG
endif BUILD_AES
endif !BUILD_FIPS_CURRENT
@@ -439,7 +472,7 @@ endif !BUILD_FIPS_CURRENT
if !BUILD_FIPS_CURRENT
if BUILD_SHA512
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
@@ -447,32 +480,93 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-a
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm.S
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
-endif
+endif !BUILD_ARMASM_INLINE
+else
+if BUILD_ARMASM
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm.S
+endif !BUILD_ARMASM_INLINE
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512.c
if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512_asm.S
-endif
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
+endif BUILD_SHA512
endif !BUILD_FIPS_CURRENT
if !BUILD_FIPS_CURRENT
if BUILD_SHA3
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3.c
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm.S
-endif
-endif
+endif !BUILD_ARMASM_INLINE
+endif BUILD_ARMASM_NEON
if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3_asm.S
endif
endif
endif !BUILD_FIPS_CURRENT
+if !BUILD_FIPS_CURRENT
+if BUILD_SM2
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm2.c
+if BUILD_SP
+if BUILD_SP_C32
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_c32.c
+endif
+if BUILD_SP_C64
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_c64.c
+endif
+
+if BUILD_SP_X86_64
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_x86_64.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_x86_64_asm.S
+endif
+if !BUILD_FIPS_V2
+if BUILD_SP_ARM32
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_arm32.c
+endif
+endif
+if BUILD_SP_ARM_THUMB
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_armthumb.c
+endif
+if !BUILD_FIPS_V2
+if BUILD_SP_ARM64
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_arm64.c
+endif
+endif
+if BUILD_SP_ARM_CORTEX
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_cortexm.c
+endif
+endif BUILD_SP
+endif BUILD_SM2
+endif !BUILD_FIPS_CURRENT
+
+if !BUILD_FIPS_CURRENT
+if BUILD_SM3
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm3.c
+if BUILD_INTELASM
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm3_asm.S
+endif
+endif BUILD_SM3
+endif !BUILD_FIPS_CURRENT
+
+if !BUILD_FIPS_CURRENT
+if BUILD_SM4
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm4.c
+endif BUILD_SM4
+endif !BUILD_FIPS_CURRENT
+
endif !BUILD_FIPS_RAND
if BUILD_SIPHASH
@@ -561,6 +655,7 @@ if BUILD_X86_ASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
endif
endif
endif
@@ -585,7 +680,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/blake2s.c
endif
if BUILD_CHACHA
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-chacha.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/chacha.c
@@ -633,6 +728,14 @@ endif
endif
endif
+if BUILD_WC_LMS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_lms.c
+endif
+
+if BUILD_WC_XMSS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_xmss.c
+endif
+
if BUILD_CURVE25519
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/curve25519.c
endif
@@ -649,19 +752,31 @@ if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_x25519_asm.S
else
if BUILD_ARMASM
+if BUILD_ARMASM_NEON
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519.S
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
-endif
+endif !BUILD_ARMASM_INLINE
+else
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
+endif !BUILD_ARMASM_INLINE
+endif !BUILD_ARMASM_NEON
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_operations.c
-endif
-endif
-endif
-endif
+endif !BUILD_ARMASM
+endif !BUILD_INTELASM
+endif !BUILD_CURVE25519_SMALL
+endif BUILD_FEMATH
if BUILD_GEMATH
if BUILD_ED25519_SMALL
@@ -673,12 +788,22 @@ if BUILD_INTELASM
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_x25519_asm.S
else
if BUILD_ARMASM
+if BUILD_ARMASM_NEON
if BUILD_ARMASM_INLINE
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
endif
else
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
+endif
+endif
+else
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_operations.c
endif
endif
@@ -712,6 +837,14 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sphincs.c
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_kyber.c
endif
+if BUILD_LIBLMS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_lms.c
+endif
+
+if BUILD_LIBXMSS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_xmss.c
+endif
+
if BUILD_LIBZ
src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/compress.c
endif
@@ -769,3 +902,8 @@ endif !BUILD_CRYPTONLY
endif !BUILD_FIPS_RAND
+
+if BUILD_ARIA
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/aria/aria-crypt.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/aria/aria-cryptocb.c
+endif
diff --git a/extra/wolfssl/wolfssl/src/internal.c b/extra/wolfssl/wolfssl/src/internal.c
index ca166e8d..2274ab7e 100644
--- a/extra/wolfssl/wolfssl/src/internal.c
+++ b/extra/wolfssl/wolfssl/src/internal.c
@@ -89,6 +89,9 @@
* - WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
* - WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
* - WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES
+ * WOLFSSL_NO_INIT_CTX_KEY
+ * Allows SSL objects to be created from a CTX without a loaded key/cert
+ * pair
*/
@@ -125,6 +128,11 @@
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#endif
+#ifdef HAVE_ARIA
+ /* included to get ARIA devId value */
+ #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+#endif
+
#if defined(DEBUG_WOLFSSL) || defined(SHOW_SECRETS) || \
defined(CHACHA_AEAD_TEST) || defined(WOLFSSL_SESSION_EXPORT_DEBUG)
#ifndef NO_STDIO_FILESYSTEM
@@ -185,8 +193,13 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#endif /* !WOLFSSL_NO_TLS12 */
-#ifndef NO_WOLFSSL_SERVER
- #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
+#if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SESSION_TICKET)
+ #if defined(WOLFSSL_HAPROXY)
+ #define SSL_TICKET_CTX(ssl) ssl->initial_ctx->ticketEncCtx
+ #else
+ #define SSL_TICKET_CTX(ssl) ssl->ctx->ticketEncCtx
+ #endif
+ #if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
static int TicketEncCbCtx_Init(WOLFSSL_CTX* ctx,
TicketEncCbCtx* keyCtx);
static void TicketEncCbCtx_Free(TicketEncCbCtx* keyCtx);
@@ -202,9 +215,16 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#ifdef WOLFSSL_DTLS
static int _DtlsCheckWindow(WOLFSSL* ssl);
- static int _DtlsUpdateWindow(WOLFSSL* ssl);
#endif
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+#include <Security/SecCertificate.h>
+#include <Security/SecTrust.h>
+#include <Security/SecPolicy.h>
+static int DoAppleNativeCertValidation(const WOLFSSL_BUFFER_INFO* certs,
+ int totalCerts);
+#endif /* #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
#ifdef WOLFSSL_DTLS13
#ifndef WOLFSSL_DTLS13_SEND_MOREACK_DEFAULT
#define WOLFSSL_DTLS13_SEND_MOREACK_DEFAULT 0
@@ -246,7 +266,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
#endif /* !WOLFSSL_NO_TLS12 */
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
#endif
@@ -259,6 +279,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
const unsigned char* secret, int secretSz, void* ctx);
#endif
+
/* Label string for client random. */
#define SSC_CR "CLIENT_RANDOM"
@@ -526,7 +547,7 @@ int IsAtLeastTLSv1_3(const ProtocolVersion pv)
return ret;
}
-int IsEncryptionOn(WOLFSSL* ssl, int isSend)
+int IsEncryptionOn(const WOLFSSL* ssl, int isSend)
{
#ifdef WOLFSSL_DTLS
/* For DTLS, epoch 0 is always not encrypted. */
@@ -1284,6 +1305,14 @@ static int ExportOptions(WOLFSSL* ssl, byte* exp, word32 len, byte ver,
#endif
}
+ if (ver > WOLFSSL_EXPORT_VERSION_4) {
+#ifdef WOLFSSL_DTLS
+ exp[idx++] = options->dtlsStateful;
+#else
+ exp[idx++] = 0;
+#endif
+ }
+
/* version of connection */
exp[idx++] = ssl->version.major;
exp[idx++] = ssl->version.minor;
@@ -1299,6 +1328,13 @@ static int ExportOptions(WOLFSSL* ssl, byte* exp, word32 len, byte ver,
}
break;
+ case WOLFSSL_EXPORT_VERSION_4:
+ if (idx != DTLS_EXPORT_OPT_SZ_4 && type == WOLFSSL_EXPORT_DTLS) {
+ WOLFSSL_MSG("Update DTLS_EXPORT_OPT_SZ and version of export");
+ return DTLS_EXPORT_VER_E;
+ }
+ break;
+
case WOLFSSL_EXPORT_VERSION:
if (idx != DTLS_EXPORT_OPT_SZ && type == WOLFSSL_EXPORT_DTLS) {
WOLFSSL_MSG("Update DTLS_EXPORT_OPT_SZ and version of export");
@@ -1334,6 +1370,13 @@ static int ImportOptions(WOLFSSL* ssl, const byte* exp, word32 len, byte ver,
}
break;
+ case WOLFSSL_EXPORT_VERSION_4:
+ if (len < DTLS_EXPORT_OPT_SZ_4) {
+ WOLFSSL_MSG("Sanity check on buffer size failed");
+ return BAD_FUNC_ARG;
+ }
+ break;
+
case WOLFSSL_EXPORT_VERSION_3:
if (len < DTLS_EXPORT_OPT_SZ_3) {
WOLFSSL_MSG("Sanity check on buffer size failed");
@@ -1467,6 +1510,17 @@ static int ImportOptions(WOLFSSL* ssl, const byte* exp, word32 len, byte ver,
#endif
}
+ /* If we had a connection established, let's assume that we can act
+ * statefully */
+ options->dtlsStateful = 1;
+ if (ver > WOLFSSL_EXPORT_VERSION_4) {
+#ifdef WOLFSSL_DTLS
+ options->dtlsStateful = exp[idx++];
+#else
+ idx++;
+#endif
+ }
+
/* version of connection */
if (ssl->version.major != exp[idx++] || ssl->version.minor != exp[idx++]) {
WOLFSSL_MSG("Version mismatch ie DTLS v1 vs v1.2");
@@ -1535,7 +1589,8 @@ static int ImportPeerInfo(WOLFSSL* ssl, const byte* buf, word32 len, byte ver)
word16 port;
char ip[MAX_EXPORT_IP];
- if (ver != WOLFSSL_EXPORT_VERSION && ver != WOLFSSL_EXPORT_VERSION_3) {
+ if (ver != WOLFSSL_EXPORT_VERSION && ver != WOLFSSL_EXPORT_VERSION_4 &&
+ ver != WOLFSSL_EXPORT_VERSION_3) {
WOLFSSL_MSG("Export version not supported");
return BAD_FUNC_ARG;
}
@@ -1793,6 +1848,15 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
}
break;
+ case WOLFSSL_EXPORT_VERSION_4:
+ if (type == WOLFSSL_EXPORT_DTLS) {
+ optSz = DTLS_EXPORT_OPT_SZ_4;
+ }
+ else {
+ optSz = TLS_EXPORT_OPT_SZ;
+ }
+ break;
+
case WOLFSSL_EXPORT_VERSION_3:
WOLFSSL_MSG("Importing older version 3");
optSz = DTLS_EXPORT_OPT_SZ_3;
@@ -1913,7 +1977,7 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
/* set hmac function to use when verifying */
if (ret == 0 && (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 ||
ssl->options.dtls == 1)) {
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
ssl->hmac = TLS_hmac;
#else
@@ -2154,7 +2218,12 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
XMEMSET(ctx, 0, sizeof(WOLFSSL_CTX));
ctx->method = method;
- ctx->heap = ctx; /* defaults to self */
+ if (heap == NULL) {
+ ctx->heap = ctx; /* defaults to self */
+ }
+ else {
+ ctx->heap = heap; /* wolfSSL_CTX_load_static_memory sets */
+ }
ctx->timeout = WOLFSSL_SESSION_TIMEOUT;
#ifdef WOLFSSL_DTLS
@@ -2261,6 +2330,11 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
#endif /* MICRIUM */
#endif /* WOLFSSL_USER_IO */
+#if defined(HAVE_RPK)
+ wolfSSL_CTX_set_client_cert_type(ctx, NULL, 0); /* set to default */
+ wolfSSL_CTX_set_server_cert_type(ctx, NULL, 0); /* set to default */
+#endif /* HAVE_RPK */
+
#ifdef HAVE_PQC
#ifdef HAVE_FALCON
if (method->side == WOLFSSL_CLIENT_END)
@@ -2289,6 +2363,8 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
#ifdef WOLFSSL_QNX_CAAM
/* default to try using CAAM when built */
ctx->devId = WOLFSSL_CAAM_DEVID;
+#elif defined(HAVE_ARIA) && defined(WOLF_CRYPTO_CB)
+ ctx->devId = WOLFSSL_ARIA_DEVID;
#else
ctx->devId = INVALID_DEVID;
#endif
@@ -2402,6 +2478,11 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
maxq10xx_SetupPkCallbacks(ctx, &method->version);
#endif /* WOLFSSL_MAXQ10XX_TLS */
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+ /* Should only be set when wolfSSL_CTX_load_system_CA_certs() is called */
+ ctx->doAppleNativeCertValidationFlag = 0;
+#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
return ret;
}
@@ -2528,8 +2609,8 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
wolfSSL_X509_STORE_free(ctx->x509_store_pt);
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
- wolfSSL_sk_X509_NAME_pop_free(ctx->ca_names, NULL);
- ctx->ca_names = NULL;
+ wolfSSL_sk_X509_NAME_pop_free(ctx->client_ca_names, NULL);
+ ctx->client_ca_names = NULL;
#endif
#ifdef OPENSSL_EXTRA
if (ctx->x509Chain) {
@@ -2694,6 +2775,10 @@ void InitCiphers(WOLFSSL* ssl)
ssl->encrypt.aes = NULL;
ssl->decrypt.aes = NULL;
#endif
+#ifdef HAVE_ARIA
+ ssl->encrypt.aria = NULL;
+ ssl->decrypt.aria = NULL;
+#endif
#ifdef HAVE_CAMELLIA
ssl->encrypt.cam = NULL;
ssl->decrypt.cam = NULL;
@@ -2737,22 +2822,33 @@ void FreeCiphers(WOLFSSL* ssl)
XFREE(ssl->encrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
XFREE(ssl->decrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
#endif
-#if defined(BUILD_AES) || defined(BUILD_AESGCM) /* See: InitKeys() in keys.c
- * on addition of BUILD_AESGCM
- * check (enc->aes, dec->aes) */
+#if defined(BUILD_AES) || defined(BUILD_AESGCM) || defined(HAVE_ARIA)
+ /* See: InitKeys() in keys.c on addition of BUILD_AESGCM check (enc->aes, dec->aes) */
wc_AesFree(ssl->encrypt.aes);
wc_AesFree(ssl->decrypt.aes);
- #if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && \
- !defined(WOLFSSL_NO_TLS12)
- XFREE(ssl->decrypt.additional, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
- XFREE(ssl->encrypt.additional, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
- #endif
XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
#endif
+#if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ wc_Sm4Free(ssl->encrypt.sm4);
+ wc_Sm4Free(ssl->decrypt.sm4);
+ XFREE(ssl->encrypt.sm4, ssl->heap, DYNAMIC_TYPE_CIPHER);
+ XFREE(ssl->decrypt.sm4, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#if (defined(BUILD_AESGCM) || defined(BUILD_AESCCM) || defined(HAVE_ARIA)) && \
+ !defined(WOLFSSL_NO_TLS12)
+ XFREE(ssl->decrypt.additional, ssl->heap, DYNAMIC_TYPE_CIPHER);
+ XFREE(ssl->encrypt.additional, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
#ifdef CIPHER_NONCE
- XFREE(ssl->decrypt.nonce, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
- XFREE(ssl->encrypt.nonce, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ XFREE(ssl->decrypt.nonce, ssl->heap, DYNAMIC_TYPE_CIPHER);
+ XFREE(ssl->encrypt.nonce, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef HAVE_ARIA
+ wc_AriaFreeCrypt(ssl->encrypt.aria);
+ wc_AriaFreeCrypt(ssl->decrypt.aria);
+ XFREE(ssl->encrypt.aria, ssl->heap, DYNAMIC_TYPE_CIPHER);
+ XFREE(ssl->decrypt.aria, ssl->heap, DYNAMIC_TYPE_CIPHER);
#endif
#ifdef HAVE_CAMELLIA
XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
@@ -2835,12 +2931,16 @@ static int GetMacDigestSize(byte macAlgo)
case sha512_mac:
return WC_SHA512_DIGEST_SIZE;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ return WC_SM3_DIGEST_SIZE;
+ #endif
default:
break;
}
return NOT_COMPILED_IN;
}
-#endif /* USE_ECDSA_KEYSZ_HASH_ALGO */
+#endif /* USE_ECDSA_KEYSZ_HASH_ALGO || (WOLFSSL_TLS13 && HAVE_ECC) */
#define ADD_HASH_SIG_ALGO(out, inOutIdx, major, minor) \
do { \
@@ -2869,6 +2969,13 @@ static WC_INLINE void AddSuiteHashSigAlgo(byte* hashSigAlgo, byte macAlgo,
#endif /* USE_ECDSA_KEYSZ_HASH_ALGO */
if (addSigAlgo) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (sigAlgo == sm2_sa_algo) {
+ ADD_HASH_SIG_ALGO(hashSigAlgo, inOutIdx,
+ SM2_SA_MAJOR, SM2_SA_MINOR);
+ }
+ else
+ #endif
#ifdef HAVE_ED25519
if (sigAlgo == ed25519_sa_algo) {
ADD_HASH_SIG_ALGO(hashSigAlgo, inOutIdx,
@@ -2932,18 +3039,8 @@ static WC_INLINE void AddSuiteHashSigAlgo(byte* hashSigAlgo, byte macAlgo,
}
}
-void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
- int haveFalconSig, int haveDilithiumSig, int haveAnon, int tls1_2,
- int keySz)
-{
- InitSuitesHashSigAlgo_ex(suites->hashSigAlgo, haveECDSAsig, haveRSAsig,
- haveFalconSig, haveDilithiumSig, haveAnon, tls1_2, keySz,
- &suites->hashSigAlgoSz);
-}
-
-void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
- int haveRSAsig, int haveFalconSig, int haveDilithiumSig, int haveAnon,
- int tls1_2, int keySz, word16* len)
+void InitSuitesHashSigAlgo_ex2(byte* hashSigAlgo, int haveSig, int tls1_2,
+ int keySz, word16* len)
{
word16 idx = 0;
@@ -2951,7 +3048,7 @@ void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
(void)keySz;
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
- if (haveECDSAsig) {
+ if (haveSig & SIG_ECDSA) {
#ifdef HAVE_ECC
#ifdef WOLFSSL_SHA512
AddSuiteHashSigAlgo(hashSigAlgo, sha512_mac, ecc_dsa_sa_algo, keySz,
@@ -2978,29 +3075,33 @@ void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
#endif
}
#endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */
- if (haveFalconSig) {
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (haveSig & SIG_SM2) {
+ AddSuiteHashSigAlgo(hashSigAlgo, sm3_mac, sm2_sa_algo, keySz,
+ &idx);
+ }
+#endif
#if defined(HAVE_PQC)
#ifdef HAVE_FALCON
+ if (haveSig & SIG_FALCON) {
AddSuiteHashSigAlgo(hashSigAlgo, no_mac, falcon_level1_sa_algo, keySz,
&idx);
AddSuiteHashSigAlgo(hashSigAlgo, no_mac, falcon_level5_sa_algo, keySz,
&idx);
-#endif /* HAVE_FALCON */
-#endif /* HAVE_PQC */
}
- if (haveDilithiumSig) {
-#if defined(HAVE_PQC)
+#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
+ if (haveSig & SIG_DILITHIUM) {
AddSuiteHashSigAlgo(hashSigAlgo, no_mac, dilithium_level2_sa_algo,
keySz, &idx);
AddSuiteHashSigAlgo(hashSigAlgo, no_mac, dilithium_level3_sa_algo,
keySz, &idx);
AddSuiteHashSigAlgo(hashSigAlgo, no_mac, dilithium_level5_sa_algo,
keySz, &idx);
+ }
#endif /* HAVE_DILITHIUM */
#endif /* HAVE_PQC */
- }
- if (haveRSAsig) {
+ if (haveSig & SIG_RSA) {
#ifdef WC_RSA_PSS
if (tls1_2) {
#ifdef WOLFSSL_SHA512
@@ -3036,17 +3137,39 @@ void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
}
#ifdef HAVE_ANON
- if (haveAnon) {
+ if (haveSig & SIG_ANON) {
AddSuiteHashSigAlgo(hashSigAlgo, sha_mac, anonymous_sa_algo, keySz,
&idx);
}
#endif
- (void)haveAnon;
- (void)haveECDSAsig;
*len = idx;
}
+void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
+ int haveFalconSig, int haveDilithiumSig, int haveAnon, int tls1_2,
+ int keySz)
+{
+ InitSuitesHashSigAlgo_ex(suites->hashSigAlgo, haveECDSAsig, haveRSAsig,
+ haveFalconSig, haveDilithiumSig, haveAnon, tls1_2, keySz,
+ &suites->hashSigAlgoSz);
+}
+
+void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
+ int haveRSAsig, int haveFalconSig, int haveDilithiumSig, int haveAnon,
+ int tls1_2, int keySz, word16* len)
+{
+ int have = 0;
+
+ if (haveECDSAsig) have |= SIG_ECDSA;
+ if (haveRSAsig) have |= SIG_RSA;
+ if (haveFalconSig) have |= SIG_FALCON;
+ if (haveDilithiumSig) have |= SIG_DILITHIUM;
+ if (haveAnon) have |= SIG_ANON;
+
+ InitSuitesHashSigAlgo_ex2(hashSigAlgo, have, tls1_2, keySz, len);
+}
+
int AllocateCtxSuites(WOLFSSL_CTX* ctx)
{
if (ctx->suites == NULL) {
@@ -3161,6 +3284,19 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
}
#endif
+#ifdef BUILD_TLS_SM4_GCM_SM3
+ if (tls1_3) {
+ suites->suites[idx++] = CIPHER_BYTE;
+ suites->suites[idx++] = TLS_SM4_GCM_SM3;
+ }
+#endif
+#ifdef BUILD_TLS_SM4_CCM_SM3
+ if (tls1_3) {
+ suites->suites[idx++] = CIPHER_BYTE;
+ suites->suites[idx++] = TLS_SM4_CCM_SM3;
+ }
+#endif
+
#ifdef HAVE_NULL_CIPHER
#ifdef BUILD_TLS_SHA256_SHA256
if (tls1_3 && haveNull) {
@@ -3227,14 +3363,23 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ /* OpenSSL enables ECDHE when using ECDHE aliases without RSA */
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
}
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
}
@@ -3296,6 +3441,20 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
}
#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ if (tls1_2 && haveECC) {
+ suites->suites[idx++] = ECC_BYTE;
+ suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384;
+ }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ if (tls1_2 && haveECC) {
+ suites->suites[idx++] = ECC_BYTE;
+ suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256;
+ }
+#endif
+
#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
if (tls1_2 && haveDH && havePSK) {
suites->suites[idx++] = CIPHER_BYTE;
@@ -3346,7 +3505,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = CHACHA_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
}
@@ -3370,7 +3533,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
}
@@ -3398,7 +3565,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384;
}
@@ -3482,7 +3653,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ #ifdef OPENSSL_EXTRA
+ if ((tls && haveRSA) || (tls && haveECDSAsig)) {
+ #else
if (tls && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
}
@@ -3496,7 +3671,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ #ifdef OPENSSL_EXTRA
+ if ((tls && haveRSA) || (tls && haveECDSAsig)) {
+ #else
if (tls && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
}
@@ -3524,7 +3703,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ #ifdef OPENSSL_EXTRA
+ if ((tls && haveRSA) || (tls && haveECDSAsig)) {
+ #else
if (tls && haveRSA) {
+ #endif
suites->suites[idx++] = ECC_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
}
@@ -3667,14 +3850,22 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
#endif
#ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = CHACHA_BYTE;
suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256;
}
#endif
#ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+ #ifdef OPENSSL_EXTRA
+ if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+ #else
if (tls1_2 && haveRSA) {
+ #endif
suites->suites[idx++] = CHACHA_BYTE;
suites->suites[idx++] = TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256;
}
@@ -4041,14 +4232,41 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
}
#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ if (tls && haveECC) {
+ suites->suites[idx++] = SM_BYTE;
+ suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3;
+ }
+#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ if (tls && haveECC) {
+ suites->suites[idx++] = SM_BYTE;
+ suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3;
+ }
+#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ if (tls && haveECC) {
+ suites->suites[idx++] = SM_BYTE;
+ suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3;
+ }
+#endif
+
#endif /* !WOLFSSL_NO_TLS12 */
suites->suiteSz = idx;
if (suites->hashSigAlgoSz == 0) {
- InitSuitesHashSigAlgo(suites, haveECDSAsig | haveECC,
- haveRSAsig | haveRSA, haveFalconSig,
- haveDilithiumSig, 0, tls1_2, keySz);
+ int haveSig = 0;
+ haveSig |= (haveRSAsig | haveRSA) ? SIG_RSA : 0;
+ haveSig |= (haveECDSAsig | haveECC) ? SIG_ECDSA : 0;
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ haveSig |= (haveECDSAsig | haveECC) ? SIG_SM2 : 0;
+ #endif
+ haveSig |= haveFalconSig ? SIG_FALCON : 0;
+ haveSig |= haveDilithiumSig ? SIG_DILITHIUM : 0;
+ haveSig &= ~SIG_ANON;
+ InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, tls1_2, keySz,
+ &suites->hashSigAlgoSz);
}
}
@@ -4061,7 +4279,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
* hashalgo The hash algorithm.
* hsType The signature type.
*/
-static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)
+void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)
{
*hsType = invalid_sa_algo;
switch (input[0]) {
@@ -4097,6 +4315,16 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy
*hashAlgo = input[1];
}
break;
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2_SA_MAJOR:
+ /* SM2: 0x0708 */
+ if (input[1] == SM2_SA_MINOR) {
+ *hsType = sm2_sa_algo;
+ /* Hash performed as part of sign/verify operation. */
+ *hashAlgo = sm3_mac;
+ }
+ break;
+ #endif
#ifdef HAVE_PQC
case PQC_SA_MAJOR:
/* Hash performed as part of sign/verify operation. */
@@ -4139,7 +4367,7 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy
#if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
defined(HAVE_CURVE448) || (!defined(NO_RSA) && defined(WC_RSA_PSS))
-static enum wc_HashType HashAlgoToType(int hashAlgo)
+enum wc_HashType HashAlgoToType(int hashAlgo)
{
switch (hashAlgo) {
#ifdef WOLFSSL_SHA512
@@ -4150,6 +4378,10 @@ static enum wc_HashType HashAlgoToType(int hashAlgo)
case sha384_mac:
return WC_HASH_TYPE_SHA384;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ return WC_HASH_TYPE_SM3;
+ #endif
#ifndef NO_SHA256
case sha256_mac:
return WC_HASH_TYPE_SHA256;
@@ -4380,6 +4612,13 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)
(void)hashAlgo;
break;
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ output[0] = SM2_SA_MAJOR;
+ output[1] = SM2_SA_MINOR;
+ (void)hashAlgo;
+ break;
+#endif
#ifndef NO_RSA
case rsa_sa_algo:
output[0] = hashAlgo;
@@ -4419,6 +4658,13 @@ static void SetDigest(WOLFSSL* ssl, int hashAlgo)
ssl->buffers.digest.length = WC_SHA256_DIGEST_SIZE;
break;
#endif /* !NO_SHA256 */
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ ssl->options.dontFreeDigest = 1;
+ ssl->buffers.digest.buffer = ssl->hsHashes->certHashes.sm3;
+ ssl->buffers.digest.length = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif /* WOLFSSL_SM2 */
#ifdef WOLFSSL_SHA384
case sha384_mac:
ssl->options.dontFreeDigest = 1;
@@ -4442,7 +4688,7 @@ static void SetDigest(WOLFSSL* ssl, int hashAlgo)
#endif /* !NO_CERTS */
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
-static word32 MacSize(WOLFSSL* ssl)
+static word32 MacSize(const WOLFSSL* ssl)
{
#ifdef HAVE_TRUNCATED_HMAC
word32 digestSz = ssl->truncated_hmac ? (byte)TRUNCATED_HMAC_SZ
@@ -4665,7 +4911,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
void* ctx = wolfSSL_GetRsaVerifyCtx(ssl);
ret = ssl->ctx->RsaVerifyCb(ssl, in, inSz, out, keyBuf, keySz, ctx);
}
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
else
#else
@@ -4924,7 +5170,7 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
void* ctx = wolfSSL_GetRsaEncCtx(ssl);
ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz, ctx);
}
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
else
#else
@@ -5052,7 +5298,7 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
ret = ssl->ctx->EccVerifyCb(ssl, in, inSz, out, outSz, keyBuf, keySz,
&ssl->eccVerifyRes, ctx);
}
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
!defined(WOLFSSL_MAXQ108X)
else
@@ -5171,6 +5417,24 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
if (ssl->ecdhCurveOID > 0) {
ecc_curve = wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL);
}
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+ (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+ defined(WOLFSSL_SM4_CCM))
+ if ((ssl->options.cipherSuite0 == SM_BYTE) && (0
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ || (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3)
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ || (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3)
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ || (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3)
+ #endif
+ )) {
+ keySz = 32;
+ ecc_curve = ECC_SM2P256V1;
+ }
+ #endif
}
else {
keySz = peer->dp->size;
@@ -5209,6 +5473,63 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
}
#endif /* HAVE_ECC */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+
+int Sm2wSm3Sign(WOLFSSL* ssl, const byte* id, word32 idSz, const byte* in,
+ word32 inSz, byte* out, word32* outSz, ecc_key* key, DerBuffer* keyBufInfo)
+{
+ int ret;
+ byte hash[WC_SM3_DIGEST_SIZE];
+
+ (void)ssl;
+ (void)keyBufInfo;
+
+ WOLFSSL_ENTER("Sm2wSm3Sign");
+
+ ret = wc_ecc_sm2_create_digest(id, idSz, in, inSz, WC_HASH_TYPE_SM3, hash,
+ sizeof(hash), key);
+ if (ret == 0) {
+ ret = wc_ecc_sm2_sign_hash(hash, sizeof(hash), out, outSz, ssl->rng,
+ key);
+ }
+
+ WOLFSSL_LEAVE("Sm2wSm3Sign", ret);
+
+ return ret;
+}
+
+int Sm2wSm3Verify(WOLFSSL* ssl, const byte* id, word32 idSz, const byte* sig,
+ word32 sigSz, const byte* msg, word32 msgSz, ecc_key* key,
+ buffer* keyBufInfo)
+{
+ int ret = SIG_VERIFY_E;
+ byte hash[WC_SM3_DIGEST_SIZE];
+
+ (void)ssl;
+ (void)keyBufInfo;
+
+ WOLFSSL_ENTER("Sm2wSm3Verify");
+
+ ret = wc_ecc_sm2_create_digest(id, idSz, msg, msgSz, WC_HASH_TYPE_SM3, hash,
+ sizeof(hash), key);
+ if (ret == 0) {
+ ret = wc_ecc_sm2_verify_hash(sig, sigSz, hash, sizeof(hash),
+ &ssl->eccVerifyRes, key);
+ if (ret == 0 && ssl->eccVerifyRes == 0) {
+ ret = VERIFY_SIGN_ERROR;
+ }
+ }
+ if (ret != 0) {
+ WOLFSSL_ERROR_VERBOSE(ret);
+ }
+
+ WOLFSSL_LEAVE("Sm2wSm3Verify", ret);
+
+ return ret;
+}
+
+#endif /* WOLFSSL_SM2 */
+
#ifdef HAVE_ED25519
/* Check whether the key contains a public key.
* If not then pull it out of the leaf certificate.
@@ -6049,7 +6370,7 @@ static void InitSuites_EitherSide(Suites* suites, ProtocolVersion pv, int keySz,
word16 haveFalconSig, word16 haveDilithiumSig, word16 haveAnon,
int side)
{
- /* make sure server has DH parms, and add PSK if there */
+ /* make sure server has DH params, and add PSK if there */
if (side == WOLFSSL_SERVER_END) {
InitSuites(suites, pv, keySz, haveRSA, havePSK, haveDH, haveECDSAsig,
haveECC, TRUE, haveStaticECC, haveFalconSig,
@@ -6120,11 +6441,13 @@ int InitSSL_Suites(WOLFSSL* ssl)
ssl->options.maxEarlyDataSz = ssl->ctx->maxEarlyDataSz;
#endif
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
ssl->options.cacheMessages = ssl->options.side == WOLFSSL_SERVER_END ||
ssl->buffers.keyType == ed25519_sa_algo ||
- ssl->buffers.keyType == ed448_sa_algo;
+ ssl->buffers.keyType == ed448_sa_algo ||
+ ssl->buffers.keyType == sm2_sa_algo;
#endif
#ifndef NO_CERTS
@@ -6188,7 +6511,7 @@ int InitSSL_Suites(WOLFSSL* ssl)
WOLFSSL_SUCCESS return value on success */
int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
{
- int ret;
+ int ret = WOLFSSL_SUCCESS; /* set default ret */
byte newSSL;
WOLFSSL_ENTER("SetSSL_CTX");
@@ -6211,19 +6534,33 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
}
/* increment CTX reference count */
- wolfSSL_RefInc(&ctx->ref, &ret);
+ ret = wolfSSL_CTX_up_ref(ctx);
#ifdef WOLFSSL_REFCNT_ERROR_RETURN
- if (ret < 0) {
+ if (ret != WOLFSSL_SUCCESS) {
return ret;
}
#else
(void)ret;
#endif
- ret = WOLFSSL_SUCCESS; /* set default ret */
ssl->ctx = ctx; /* only for passing to calls, options could change */
/* Don't change version on a SSL object that has already started a
* handshake */
+#if defined(WOLFSSL_HAPROXY)
+ if (ssl->initial_ctx == NULL) {
+ ret = wolfSSL_CTX_up_ref(ctx);
+ if (ret == WOLFSSL_SUCCESS) {
+ ssl->initial_ctx = ctx; /* Save access to session key materials */
+ }
+ else {
+ #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+ return ret;
+ #else
+ (void)ret;
+ #endif
+ }
+ }
+#endif
if (!ssl->msgsReceived.got_client_hello &&
!ssl->msgsReceived.got_server_hello)
ssl->version = ctx->method->version;
@@ -6392,6 +6729,11 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ssl->buffers.serverDH_G = ctx->serverDH_G;
#endif
+#if defined(HAVE_RPK)
+ ssl->options.rpkConfig = ctx->rpkConfig;
+ ssl->options.rpkState = ctx->rpkState;
+#endif /* HAVE_RPK */
+
#ifndef NO_CERTS
/* ctx still owns certificate, certChain, key, dh, and cm */
ssl->buffers.certificate = ctx->certificate;
@@ -6407,11 +6749,13 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ssl->buffers.keyDevId = ctx->privateKeyDevId;
#endif
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
ssl->options.cacheMessages = ssl->options.side == WOLFSSL_SERVER_END ||
ssl->buffers.keyType == ed25519_sa_algo ||
- ssl->buffers.keyType == ed448_sa_algo;
+ ssl->buffers.keyType == ed448_sa_algo ||
+ ssl->buffers.keyType == sm2_sa_algo;
#endif
@@ -6537,6 +6881,14 @@ int InitHandshakeHashes(WOLFSSL* ssl)
wc_Sha512SetFlags(&ssl->hsHashes->hashSha512, WC_HASH_FLAG_WILLCOPY);
#endif
#endif
+#ifdef WOLFSSL_SM3
+ ret = wc_InitSm3(&ssl->hsHashes->hashSm3, ssl->heap, ssl->devId);
+ if (ret != 0)
+ return ret;
+ #ifdef WOLFSSL_HASH_FLAGS
+ wc_Sm3SetFlags(&ssl->hsHashes->hashSm3, WC_HASH_FLAG_WILLCOPY);
+ #endif
+#endif
return ret;
}
@@ -6561,8 +6913,12 @@ void FreeHandshakeHashes(WOLFSSL* ssl)
#ifdef WOLFSSL_SHA512
wc_Sha512Free(&ssl->hsHashes->hashSha512);
#endif
- #if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
- !defined(WOLFSSL_NO_CLIENT_AUTH)
+ #ifdef WOLFSSL_SM3
+ wc_Sm3Free(&ssl->hsHashes->hashSm3);
+ #endif
+ #if (defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+ (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
+ !defined(WOLFSSL_NO_CLIENT_AUTH)
if (ssl->hsHashes->messages != NULL) {
ForceZero(ssl->hsHashes->messages, ssl->hsHashes->length);
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
@@ -6619,8 +6975,14 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
ret = wc_Sha512Copy(&source->hashSha512,
&(*destination)->hashSha512);
#endif
- #if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
- !defined(WOLFSSL_NO_CLIENT_AUTH)
+ #ifdef WOLFSSL_SM3
+ if (ret == 0)
+ ret = wc_Sm3Copy(&source->hashSm3,
+ &(*destination)->hashSm3);
+ #endif
+ #if (defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+ (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
+ !defined(WOLFSSL_NO_CLIENT_AUTH)
if (ret == 0 && source->messages != NULL) {
(*destination)->messages = (byte*)XMALLOC(source->length, ssl->heap,
DYNAMIC_TYPE_HASHES);
@@ -6640,7 +7002,7 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
return ret;
}
-/* called if user attempts to re-use WOLFSSL object for a new session.
+/* called if user attempts to reuse WOLFSSL object for a new session.
* For example wolfSSL_clear() is called then wolfSSL_connect or accept */
int ReinitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
{
@@ -6876,12 +7238,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
#endif
#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
ssl->dtlsMtuSz = ctx->dtlsMtuSz;
- /* Add some bytes so that we can operate with slight difference
- * in set MTU size on each peer */
- ssl->dtls_expected_rx = ssl->dtlsMtuSz +
- DTLS_MTU_ADDITIONAL_READ_BUFFER;
- #else
- ssl->dtls_expected_rx = MAX_MTU;
#endif
ssl->dtls_timeout_init = DTLS_TIMEOUT_INIT;
ssl->dtls_timeout_max = DTLS_TIMEOUT_MAX;
@@ -6917,7 +7273,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
#ifndef NO_OLD_TLS
ssl->hmac = SSL_hmac; /* default to SSLv3 */
#elif !defined(WOLFSSL_NO_TLS12) && !defined(NO_TLS)
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
ssl->hmac = TLS_hmac;
#else
@@ -6961,6 +7317,10 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
XMEMCPY(ssl->group, ctx->group, sizeof(*ctx->group) * ctx->numGroups);
ssl->numGroups = ctx->numGroups;
}
+
+ #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+ ssl->options.tls13MiddleBoxCompat = 1;
+ #endif
#endif
#ifdef HAVE_TLS_EXTENSIONS
@@ -7004,10 +7364,12 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ssl->alert_history.last_tx.code = -1;
ssl->alert_history.last_tx.level = -1;
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
/* copy over application session context ID */
ssl->sessionCtxSz = ctx->sessionCtxSz;
XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz);
+#endif
+#ifdef OPENSSL_EXTRA
ssl->cbioFlag = ctx->cbioFlag;
ssl->protoMsgCb = ctx->protoMsgCb;
@@ -7055,9 +7417,13 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
/* Initialize SSL with the appropriate fields from it's ctx */
/* requires valid arrays and suites unless writeDup ing */
- if ((ret = SetSSL_CTX(ssl, ctx, writeDup)) != WOLFSSL_SUCCESS)
+ if ((ret = SetSSL_CTX(ssl, ctx, writeDup)) != WOLFSSL_SUCCESS
+#ifdef WOLFSSL_NO_INIT_CTX_KEY
+ && ret != NO_PRIVATE_KEY
+#endif
+ ) {
return ret;
-
+ }
ssl->options.dtls = ssl->version.major == DTLS_MAJOR;
#ifdef HAVE_WRITE_DUP
@@ -7155,7 +7521,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ret = wolfSSL_UseSecureRenegotiation(ssl);
if (ret != WOLFSSL_SUCCESS)
return ret;
- }
+ }
}
#endif /* HAVE_SECURE_RENEGOTIATION */
@@ -7184,6 +7550,11 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
return ret;
#endif
+#if defined(HAVE_SECRET_CALLBACK) && defined(SHOW_SECRETS) && \
+ defined(WOLFSSL_SSLKEYLOGFILE) && defined(WOLFSSL_TLS13)
+ (void)wolfSSL_set_tls13_secret_cb(ssl, tls13ShowSecrets, NULL);
+#endif
+
return 0;
}
@@ -7298,6 +7669,12 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
/* Sanity check key destination */
if (*pKey != NULL) {
WOLFSSL_MSG("Key already present!");
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ /* allow calling this again for async reentry */
+ if (ssl->error == WC_PENDING_E) {
+ return 0;
+ }
+ #endif
return BAD_STATE_E;
}
@@ -7612,6 +7989,8 @@ void SSL_ResourceFree(WOLFSSL* ssl)
if (ssl->options.weOwnRng) {
wc_FreeRng(ssl->rng);
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
+ ssl->rng = NULL;
+ ssl->options.weOwnRng = 0;
}
FreeSuites(ssl);
FreeHandshakeHashes(ssl);
@@ -7662,7 +8041,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
ssl->peerRsaKeyPresent = 0;
#endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA);
Renesas_cmn_Cleanup(ssl);
#endif
@@ -7886,7 +8265,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
if (FreeFixedIO(ctx_heap, &(ssl_hint->inBuf)) != 1) {
WOLFSSL_MSG("Error freeing fixed output buffer");
}
- if (ssl_hint->haFlag) { /* check if handshake count has been decreased*/
+ if (ssl_hint->haFlag && ctx_heap->curHa > 0) { /* check if handshake count has been decreased*/
ctx_heap->curHa--;
}
wc_UnLockMutex(&(ctx_heap->memory_mutex));
@@ -7911,8 +8290,8 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#endif
#endif
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
- wolfSSL_sk_X509_NAME_pop_free(ssl->ca_names, NULL);
- ssl->ca_names = NULL;
+ wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+ ssl->client_ca_names = NULL;
#endif
#ifdef WOLFSSL_DTLS13
Dtls13FreeFsmResources(ssl);
@@ -7920,6 +8299,10 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#ifdef WOLFSSL_QUIC
wolfSSL_quic_free(ssl);
#endif
+#if defined(WOLFSSL_HAPROXY)
+ wolfSSL_CTX_free(ssl->initial_ctx);
+ ssl->initial_ctx = NULL;
+#endif
}
/* Free any handshake resources no longer needed */
@@ -8118,13 +8501,25 @@ void FreeHandshakeResources(WOLFSSL* ssl)
}
#endif /* HAVE_PK_CALLBACKS */
-#if defined(HAVE_TLS_EXTENSIONS) && !defined(HAVE_SNI) && \
-!defined(NO_TLS) && !defined(HAVE_ALPN) && !defined(WOLFSSL_POST_HANDSHAKE_AUTH) && \
- !defined(WOLFSSL_DTLS_CID)
+#if defined(HAVE_TLS_EXTENSIONS) && !defined(NO_TLS)
+#if !defined(HAVE_SNI) && !defined(HAVE_ALPN) && !defined(WOLFSSL_DTLS_CID) && \
+ !defined(WOLFSSL_POST_HANDSHAKE_AUTH)
/* Some extensions need to be kept for post-handshake querying. */
TLSX_FreeAll(ssl->extensions, ssl->heap);
ssl->extensions = NULL;
+#else
+#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
+ TLSX_Remove(&ssl->extensions, TLSX_SIGNATURE_ALGORITHMS, ssl->heap);
+#endif
+ TLSX_Remove(&ssl->extensions, TLSX_EC_POINT_FORMATS, ssl->heap);
+ TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_GROUPS, ssl->heap);
+#ifdef WOLFSSL_TLS13
+ TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_VERSIONS, ssl->heap);
+ TLSX_Remove(&ssl->extensions, TLSX_KEY_SHARE, ssl->heap);
#endif
+#endif /* !HAVE_SNI && && !HAVE_ALPN && !WOLFSSL_DTLS_CID &&
+ * !WOLFSSL_POST_HANDSHAKE_AUTH */
+#endif /* HAVE_TLS_EXTENSIONS && !NO_TLS */
#ifdef WOLFSSL_STATIC_MEMORY
/* when done with handshake decrement current handshake count */
@@ -8140,7 +8535,9 @@ void FreeHandshakeResources(WOLFSSL* ssl)
if (wc_LockMutex(&(ctx_heap->memory_mutex)) != 0) {
WOLFSSL_MSG("Bad memory_mutex lock");
}
- ctx_heap->curHa--;
+ if (ctx_heap->curHa > 0) {
+ ctx_heap->curHa--;
+ }
ssl_hint->haFlag = 0; /* set to zero since handshake has been dec */
wc_UnLockMutex(&(ctx_heap->memory_mutex));
#ifdef WOLFSSL_HEAP_TEST
@@ -8167,7 +8564,8 @@ void FreeSSL(WOLFSSL* ssl, void* heap)
#if !defined(NO_OLD_TLS) || defined(WOLFSSL_DTLS) || \
!defined(WOLFSSL_NO_TLS12) || \
- ((defined(HAVE_CHACHA) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM)) \
+ ((defined(HAVE_CHACHA) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) \
&& defined(HAVE_AEAD))
#if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12)
@@ -8291,7 +8689,8 @@ void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)
}
#endif /* WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 */
#endif /* !NO_OLD_TLS || WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 ||
- * ((HAVE_CHACHA || HAVE_AESCCM || HAVE_AESGCM) && HAVE_AEAD) */
+ * ((HAVE_CHACHA || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_SM4_GCM ||
+ * WOLFSSL_SM4_CCM) && HAVE_AEAD) */
#ifdef WOLFSSL_DTLS
@@ -8573,7 +8972,8 @@ static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
}
int DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch, const byte* data, byte type,
- word32 fragOffset, word32 fragSz, void* heap, word32 totalLen)
+ word32 fragOffset, word32 fragSz, void* heap, word32 totalLen,
+ byte encrypted)
{
word32 fragOffsetEnd = fragOffset + fragSz;
@@ -8594,11 +8994,13 @@ int DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch, const byte* data, byte ty
WOLFSSL_ERROR_VERBOSE(SEQUENCE_ERROR);
return SEQUENCE_ERROR;
}
+ msg->encrypted = msg->encrypted && encrypted;
}
else {
msg->type = type;
msg->epoch = epoch;
msg->seq = seq;
+ msg->encrypted = encrypted;
}
if (msg->fragBucketList == NULL) {
@@ -8719,6 +9121,7 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
*/
DtlsMsg* head = ssl->dtls_rx_msg_list;
+ byte encrypted = ssl->keys.decryptedCur == 1;
WOLFSSL_ENTER("DtlsMsgStore");
if (head != NULL) {
@@ -8727,7 +9130,7 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
cur = DtlsMsgNew(dataSz, 0, heap);
if (cur != NULL) {
if (DtlsMsgSet(cur, seq, epoch, data, type,
- fragOffset, fragSz, heap, dataSz) < 0) {
+ fragOffset, fragSz, heap, dataSz, encrypted) < 0) {
DtlsMsgDelete(cur, heap);
}
else {
@@ -8739,13 +9142,13 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
else {
/* If this fails, the data is just dropped. */
DtlsMsgSet(cur, seq, epoch, data, type, fragOffset,
- fragSz, heap, dataSz);
+ fragSz, heap, dataSz, encrypted);
}
}
else {
head = DtlsMsgNew(dataSz, 0, heap);
if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset,
- fragSz, heap, dataSz) < 0) {
+ fragSz, heap, dataSz, encrypted) < 0) {
DtlsMsgDelete(head, heap);
head = NULL;
}
@@ -8861,6 +9264,10 @@ void DtlsMsgPoolReset(WOLFSSL* ssl)
ssl->dtls_tx_msg = NULL;
ssl->dtls_tx_msg_list_sz = 0;
}
+#ifdef WOLFSSL_DTLS13
+ /* Clear DTLS 1.3 buffer too */
+ Dtls13RtxFlushBuffered(ssl, 1);
+#endif
}
@@ -8871,13 +9278,21 @@ int VerifyForDtlsMsgPoolSend(WOLFSSL* ssl, byte type, word32 fragOffset)
* to be used for triggering retransmission of whole DtlsMsgPool.
* change cipher suite type is not verified here
*/
- return ((fragOffset == 0) &&
- (((ssl->options.side == WOLFSSL_SERVER_END) &&
- ((type == client_hello) ||
- ((ssl->options.verifyPeer) && (type == certificate)) ||
- ((!ssl->options.verifyPeer) && (type == client_key_exchange)))) ||
- ((ssl->options.side == WOLFSSL_CLIENT_END) &&
- (type == hello_request || type == server_hello))));
+ if (fragOffset == 0) {
+ if (ssl->options.side == WOLFSSL_SERVER_END) {
+ if (type == client_hello)
+ return 1;
+ else if (ssl->options.verifyPeer && type == certificate)
+ return 1;
+ else if (!ssl->options.verifyPeer && type == client_key_exchange)
+ return 1;
+ }
+ else {
+ if (type == hello_request || type == server_hello)
+ return 1;
+ }
+ }
+ return 0;
}
@@ -9256,6 +9671,13 @@ ProtocolVersion MakeDTLSv1_3(void)
return sys_now()/1000;
}
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+ word32 LowResTimer(void)
+ {
+ return (word32)osKernelGetTickCount() / 1000;
+ }
+
#elif defined(WOLFSSL_TIRTOS)
word32 LowResTimer(void)
@@ -9347,7 +9769,8 @@ ProtocolVersion MakeDTLSv1_3(void)
#endif /* !NO_ASN_TIME */
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
/* Store the message for use with CertificateVerify using EdDSA.
*
@@ -9453,8 +9876,19 @@ int HashRaw(WOLFSSL* ssl, const byte* data, int sz)
WOLFSSL_BUFFER(digest, WC_SHA512_DIGEST_SIZE);
#endif
#endif
+ #ifdef WOLFSSL_SM3
+ ret = wc_Sm3Update(&ssl->hsHashes->hashSm3, data, sz);
+ if (ret != 0)
+ return ret;
+ #ifdef WOLFSSL_DEBUG_TLS
+ WOLFSSL_MSG("SM3");
+ wc_Sm3GetHash(&ssl->hsHashes->hashSm3, digest);
+ WOLFSSL_BUFFER(digest, WC_SM3_DIGEST_SIZE);
+ #endif
+ #endif
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
ret = EdDSA_Update(ssl, data, sz);
if (ret != 0)
@@ -9986,6 +10420,8 @@ void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree)
int SendBuffered(WOLFSSL* ssl)
{
+ int retryLimit = WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS;
+
if (ssl->CBIOSend == NULL && !WOLFSSL_IS_QUIC(ssl)) {
WOLFSSL_MSG("Your IO Send callback is null, please set");
return SOCKET_ERROR_E;
@@ -10006,15 +10442,22 @@ int SendBuffered(WOLFSSL* ssl)
#endif
while (ssl->buffers.outputBuffer.length > 0) {
- int sent = ssl->CBIOSend(ssl,
- (char*)ssl->buffers.outputBuffer.buffer +
- ssl->buffers.outputBuffer.idx,
- (int)ssl->buffers.outputBuffer.length,
- ssl->IOCB_WriteCtx);
+ int sent = 0;
+retry:
+ sent = ssl->CBIOSend(ssl,
+ (char*)ssl->buffers.outputBuffer.buffer +
+ ssl->buffers.outputBuffer.idx,
+ (int)ssl->buffers.outputBuffer.length,
+ ssl->IOCB_WriteCtx);
if (sent < 0) {
switch (sent) {
case WOLFSSL_CBIO_ERR_WANT_WRITE: /* would block */
+ if (retryLimit > 0 && ssl->ctx->autoRetry &&
+ !ssl->options.handShakeDone && !ssl->options.dtls) {
+ retryLimit--;
+ goto retry;
+ }
return WANT_WRITE;
case WOLFSSL_CBIO_ERR_CONN_RST: /* connection reset */
@@ -10239,13 +10682,12 @@ int CheckAvailableSize(WOLFSSL *ssl, int size)
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls) {
- if (size + ssl->buffers.outputBuffer.length >
#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
- ssl->dtlsMtuSz
+ word32 mtu = (word32)ssl->dtlsMtuSz;
#else
- ssl->dtls_expected_rx
+ word32 mtu = MAX_MTU;
#endif
- ) {
+ if ((word32)size + ssl->buffers.outputBuffer.length > mtu) {
int ret;
WOLFSSL_MSG("CheckAvailableSize() flushing buffer "
"to make room for new message");
@@ -10253,12 +10695,7 @@ int CheckAvailableSize(WOLFSSL *ssl, int size)
return ret;
}
}
- if (size > (int)
-#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
- ssl->dtlsMtuSz
-#else
- ssl->dtls_expected_rx
-#endif
+ if ((word32)size > mtu
#ifdef WOLFSSL_DTLS13
/* DTLS1.3 uses the output buffer to store the full message and deal
with fragmentation later in dtls13HandshakeSend() */
@@ -10281,6 +10718,297 @@ int CheckAvailableSize(WOLFSSL *ssl, int size)
return 0;
}
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+
+int MsgCheckEncryption(WOLFSSL* ssl, byte type, byte encrypted)
+{
+#ifdef WOLFSSL_QUIC
+ /* QUIC protects messages outside of the TLS scope */
+ if (WOLFSSL_IS_QUIC(ssl) && IsAtLeastTLSv1_3(ssl->version))
+ return 0;
+#endif
+ /* Verify which messages always have to be encrypted */
+ if (IsAtLeastTLSv1_3(ssl->version)) {
+ switch ((enum HandShakeType)type) {
+ case client_hello:
+ case server_hello:
+ case hello_verify_request:
+ case hello_retry_request:
+ case change_cipher_hs:
+ if (encrypted) {
+ WOLFSSL_MSG("Message can not be encrypted");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case hello_request:
+ case session_ticket:
+ case end_of_early_data:
+ case encrypted_extensions:
+ case certificate:
+ case server_key_exchange:
+ case certificate_request:
+ case server_hello_done:
+ case certificate_verify:
+ case client_key_exchange:
+ case finished:
+ case certificate_status:
+ case key_update:
+ if (!encrypted) {
+ WOLFSSL_MSG("Message always has to be encrypted");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case message_hash:
+ case no_shake:
+ default:
+ WOLFSSL_MSG("Unknown message type");
+ WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+ return SANITY_MSG_E;
+ }
+ }
+ else {
+ switch ((enum HandShakeType)type) {
+ case client_hello:
+ if ((IsSCR(ssl) || ssl->options.handShakeDone) && !encrypted) {
+ WOLFSSL_MSG("Message has to be encrypted for SCR");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case server_hello:
+ case hello_verify_request:
+ case hello_retry_request:
+ case certificate:
+ case server_key_exchange:
+ case certificate_request:
+ case server_hello_done:
+ case certificate_verify:
+ case client_key_exchange:
+ case certificate_status:
+ case session_ticket:
+ case change_cipher_hs:
+ if (IsSCR(ssl)) {
+ if (!encrypted) {
+ WOLFSSL_MSG("Message has to be encrypted during SCR");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ }
+ else if (encrypted) {
+ WOLFSSL_MSG("Message can not be encrypted in regular "
+ "handshake");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case hello_request:
+ case finished:
+ if (!encrypted) {
+ WOLFSSL_MSG("Message always has to be encrypted");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case key_update:
+ case encrypted_extensions:
+ case end_of_early_data:
+ case message_hash:
+ case no_shake:
+ default:
+ WOLFSSL_MSG("Unknown message type");
+ WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+ return SANITY_MSG_E;
+ }
+ }
+ return 0;
+}
+
+static WC_INLINE int isLastMsg(const WOLFSSL* ssl, word32 msgSz)
+{
+ word32 extra = 0;
+ if (IsEncryptionOn(ssl, 0)) {
+ extra = ssl->keys.padSz;
+#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
+ if (ssl->options.startedETMRead)
+ extra += MacSize(ssl);
+#endif
+ }
+ return (ssl->buffers.inputBuffer.idx - ssl->curStartIdx) + msgSz + extra
+ == ssl->curSize;
+}
+
+/* Check if the msg is the last msg in a record. This is also an easy way
+ * to check that a record doesn't span different key boundaries. */
+static int MsgCheckBoundary(const WOLFSSL* ssl, byte type,
+ byte version_negotiated, word32 msgSz)
+{
+ if (version_negotiated) {
+ if (IsAtLeastTLSv1_3(ssl->version)) {
+ switch ((enum HandShakeType)type) {
+ case hello_request:
+ case client_hello:
+ case server_hello:
+ case hello_verify_request:
+ case hello_retry_request:
+ case finished:
+ case end_of_early_data:
+ if (!isLastMsg(ssl, msgSz)) {
+ WOLFSSL_MSG("Message type is not last in record");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case session_ticket:
+ case encrypted_extensions:
+ case certificate:
+ case server_key_exchange:
+ case certificate_request:
+ case certificate_verify:
+ case client_key_exchange:
+ case certificate_status:
+ case key_update:
+ case change_cipher_hs:
+ break;
+ case server_hello_done:
+ case message_hash:
+ case no_shake:
+ default:
+ WOLFSSL_MSG("Unknown message type");
+ WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+ return SANITY_MSG_E;
+ }
+ }
+ else {
+ switch ((enum HandShakeType)type) {
+ case hello_request:
+ case client_hello:
+ case hello_verify_request:
+ if (!isLastMsg(ssl, msgSz)) {
+ WOLFSSL_MSG("Message type is not last in record");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case server_hello:
+ case session_ticket:
+ case end_of_early_data:
+ case certificate:
+ case server_key_exchange:
+ case certificate_request:
+ case server_hello_done:
+ case certificate_verify:
+ case client_key_exchange:
+ case finished:
+ case certificate_status:
+ case change_cipher_hs:
+ break;
+ case hello_retry_request:
+ case encrypted_extensions:
+ case key_update:
+ case message_hash:
+ case no_shake:
+ default:
+ WOLFSSL_MSG("Unknown message type");
+ WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+ return SANITY_MSG_E;
+ }
+ }
+ }
+ else {
+ switch ((enum HandShakeType)type) {
+ case hello_request:
+ case client_hello:
+ case hello_verify_request:
+ if (!isLastMsg(ssl, msgSz)) {
+ WOLFSSL_MSG("Message type is not last in record");
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+ break;
+ case server_hello:
+ case session_ticket:
+ case end_of_early_data:
+ case hello_retry_request:
+ case encrypted_extensions:
+ case certificate:
+ case server_key_exchange:
+ case certificate_request:
+ case server_hello_done:
+ case certificate_verify:
+ case client_key_exchange:
+ case finished:
+ case certificate_status:
+ case key_update:
+ case change_cipher_hs:
+ break;
+ case message_hash:
+ case no_shake:
+ default:
+ WOLFSSL_MSG("Unknown message type");
+ WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+ return SANITY_MSG_E;
+ }
+ }
+ return 0;
+}
+
+#endif /* WOLFSSL_DISABLE_EARLY_SANITY_CHECKS */
+
+/**
+ * This check is performed as soon as the handshake message type becomes known.
+ * These checks can not be delayed and need to be performed when the msg is
+ * received and not when it is processed (fragmentation may cause messages to
+ * be processed at a later time). This function CAN NOT be called on stored
+ * messages as it relies on the state of the WOLFSSL object right after
+ * receiving the message.
+ *
+ * @param ssl The current connection
+ * @param type The enum HandShakeType of the current message
+ * @param msgSz Size of the current message
+ * @return
+ */
+int EarlySanityCheckMsgReceived(WOLFSSL* ssl, byte type, word32 msgSz)
+{
+ int ret = 0;
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+ byte version_negotiated = 0;
+
+ WOLFSSL_ENTER("EarlySanityCheckMsgReceived");
+
+#ifdef WOLFSSL_DTLS
+ /* Version has only been negotiated after we either send or process a
+ * ServerHello message */
+ if (ssl->options.dtls)
+ version_negotiated = ssl->options.serverState >= SERVER_HELLO_COMPLETE;
+ else
+#endif
+ version_negotiated = 1;
+
+ if (version_negotiated)
+ ret = MsgCheckEncryption(ssl, type, ssl->keys.decryptedCur == 1);
+
+ if (ret == 0)
+ ret = MsgCheckBoundary(ssl, type, version_negotiated, msgSz);
+
+ if (ret != 0
+#ifdef WOLFSSL_DTLS
+ && ssl->options.dtls && ssl->options.dtlsStateful
+#endif
+ )
+ SendAlert(ssl, alert_fatal, unexpected_message);
+
+ WOLFSSL_LEAVE("EarlySanityCheckMsgReceived", ret);
+#else
+ (void)ssl;
+ (void)type;
+ (void)msgSz;
+#endif
+
+ return ret;
+}
+
#ifdef WOLFSSL_DTLS13
static int GetInputData(WOLFSSL *ssl, word32 size);
static int GetDtls13RecordHeader(WOLFSSL* ssl, word32* inOutIdx,
@@ -10397,6 +11125,7 @@ static int GetDtlsRecordHeader(WOLFSSL* ssl, word32* inOutIdx,
int ret;
if (Dtls13IsUnifiedHeader(*(ssl->buffers.inputBuffer.buffer + *inOutIdx))) {
+ ssl->options.seenUnifiedHdr = 1; /* We can send ACKs to the peer */
/* version 1.3 already negotiated */
if (ssl->options.tls1_3) {
@@ -10833,31 +11562,19 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
#endif /* WOLFSSL_NO_TLS12 */
#if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)
- /* cipher requirements */
- enum {
- REQUIRES_RSA,
- REQUIRES_DHE,
- REQUIRES_ECC,
- REQUIRES_ECC_STATIC,
- REQUIRES_PSK,
- REQUIRES_RSA_SIG,
- REQUIRES_AEAD
- };
-
-
-
- /* Does this cipher suite (first, second) have the requirement
- an ephemeral key exchange will still require the key for signing
- the key exchange so ECDHE_RSA requires an rsa key thus rsa_kea */
- static int CipherRequires(byte first, byte second, int requirement)
- {
- (void)requirement;
+/* Does this cipher suite (first, second) have the requirement
+ an ephemeral key exchange will still require the key for signing
+ the key exchange so ECDHE_RSA requires an rsa key thus rsa_kea */
+int CipherRequires(byte first, byte second, int requirement)
+{
+
+ (void)requirement;
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_CHACHA
- if (first == CHACHA_BYTE) {
+ if (first == CHACHA_BYTE) {
switch (second) {
case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
@@ -10911,208 +11628,220 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (requirement == REQUIRES_DHE)
return 1;
break;
+
+ default:
+ WOLFSSL_MSG("Unsupported cipher suite, CipherRequires CHACHA");
+ return 0;
}
if (requirement == REQUIRES_AEAD)
return 1;
- }
+ }
#endif /* HAVE_CHACHA */
- /* ECC extensions */
- if (first == ECC_BYTE) {
+ /* ECC extensions */
+ if (first == ECC_BYTE) {
switch (second) {
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
#ifndef NO_RSA
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- break;
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ break;
- #ifndef NO_DES3
- case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ #ifndef NO_DES3
+ case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- break;
- #endif /* !NO_DES3 */
+ case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ break;
+ #endif /* !NO_DES3 */
- #ifndef NO_RC4
- case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ #ifndef NO_RC4
+ case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_RC4_128_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- break;
- #endif /* !NO_RC4 */
+ case TLS_ECDH_RSA_WITH_RC4_128_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ break;
+ #endif /* !NO_RC4 */
#endif /* NO_RSA */
- #ifndef NO_DES3
- case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
- if (requirement == REQUIRES_ECC)
- return 1;
- break;
+ #ifndef NO_DES3
+ case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- break;
- #endif /* !NO_DES3 */
- #ifndef NO_RC4
- case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
- if (requirement == REQUIRES_ECC)
- return 1;
- break;
+ case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ break;
+ #endif /* !NO_DES3 */
+ #ifndef NO_RC4
+ case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- break;
- #endif /* !NO_RC4 */
- #ifndef NO_RSA
- case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ break;
+ #endif /* !NO_RC4 */
+ #ifndef NO_RSA
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- break;
- #endif /* !NO_RSA */
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ break;
+ #endif /* !NO_RSA */
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_ECC)
- return 1;
- break;
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- break;
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
- if (requirement == REQUIRES_ECC)
- return 1;
- break;
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- break;
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ break;
- case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
- if (requirement == REQUIRES_ECC)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_ECC)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
#ifndef NO_RSA
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
- case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
#ifdef HAVE_AESCCM
- case TLS_RSA_WITH_AES_128_CCM_8 :
- case TLS_RSA_WITH_AES_256_CCM_8 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_RSA_WITH_AES_128_CCM_8 :
+ case TLS_RSA_WITH_AES_256_CCM_8 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
#endif /* HAVE_AESCCM */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
- case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
- case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
+ case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
- case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- break;
+ case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
+ case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ break;
#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
#endif /* !NO_RSA */
+#ifdef HAVE_ARIA
+ case TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 :
+ case TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
+#endif /* HAVE_ARIA */
+
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM :
case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
@@ -11123,315 +11852,363 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return 1;
break;
- case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
- case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
- if (requirement == REQUIRES_ECC)
- return 1;
- break;
+ case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
+ case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
- case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
- case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
- if (requirement == REQUIRES_ECC)
- return 1;
- if (requirement == REQUIRES_ECC_STATIC)
- return 1;
- break;
-#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
+ case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
+ case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ if (requirement == REQUIRES_ECC_STATIC)
+ return 1;
+ break;
+ #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
-#ifndef NO_PSK
- case TLS_PSK_WITH_AES_128_CCM:
- case TLS_PSK_WITH_AES_256_CCM:
- case TLS_PSK_WITH_AES_128_CCM_8:
- case TLS_PSK_WITH_AES_256_CCM_8:
- if (requirement == REQUIRES_PSK)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ #ifndef NO_PSK
+ case TLS_PSK_WITH_AES_128_CCM:
+ case TLS_PSK_WITH_AES_256_CCM:
+ case TLS_PSK_WITH_AES_128_CCM_8:
+ case TLS_PSK_WITH_AES_256_CCM_8:
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_DHE_PSK_WITH_AES_128_CCM:
- case TLS_DHE_PSK_WITH_AES_256_CCM:
- if (requirement == REQUIRES_PSK)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
-#endif /* !NO_PSK */
-#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
- case TLS_ECDHE_ECDSA_WITH_NULL_SHA :
- if (requirement == REQUIRES_ECC)
- return 1;
- break;
+ case TLS_DHE_PSK_WITH_AES_128_CCM:
+ case TLS_DHE_PSK_WITH_AES_256_CCM:
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
+ #endif /* !NO_PSK */
+ #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+ case TLS_ECDHE_ECDSA_WITH_NULL_SHA :
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
- case TLS_ECDHE_PSK_WITH_NULL_SHA256 :
- if (requirement == REQUIRES_PSK)
- return 1;
- break;
+ case TLS_ECDHE_PSK_WITH_NULL_SHA256 :
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ break;
- case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 :
- if (requirement == REQUIRES_PSK)
- return 1;
- break;
-#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
+ case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 :
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ break;
+ #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
-#if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER)
- case TLS_SHA256_SHA256:
- break;
- case TLS_SHA384_SHA384:
- break;
-#endif
+ #if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER)
+ case TLS_SHA256_SHA256:
+ break;
+ case TLS_SHA384_SHA384:
+ break;
+ #endif
- default:
- WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC");
- return 0;
+ default:
+ WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC");
+ return 0;
} /* switch */
- } /* if */
+ } /* if */
- /* ECC extensions */
- if (first == ECDHE_PSK_BYTE) {
+ /* ECC extensions */
+ if (first == ECDHE_PSK_BYTE) {
switch (second) {
-#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
- case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 :
- if (requirement == REQUIRES_PSK)
- return 1;
- break;
-#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
- default:
- WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC PSK");
- return 0;
+ #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+ case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 :
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ break;
+ #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
+ default:
+ WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC PSK");
+ return 0;
} /* switch */
- } /* if */
+ } /* if */
#endif /* !WOLFSSL_NO_TLS12 */
- /* Distinct TLS v1.3 cipher suites with cipher and digest only. */
- if (first == TLS13_BYTE) {
-
- switch (second) {
#ifdef WOLFSSL_TLS13
+ /* Distinct TLS v1.3 cipher suites with cipher and digest only. */
+ if (first == TLS13_BYTE) {
+
+ switch (second) {
case TLS_AES_128_GCM_SHA256:
case TLS_AES_256_GCM_SHA384:
case TLS_CHACHA20_POLY1305_SHA256:
case TLS_AES_128_CCM_SHA256:
case TLS_AES_128_CCM_8_SHA256:
- break;
-#endif
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ return 0;
default:
WOLFSSL_MSG("Unsupported cipher suite, CipherRequires "
"TLS v1.3");
return 0;
- }
}
+ }
+
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && defined(WOLFSSL_SM4)
+ if (first == CIPHER_BYTE) {
+ /* Other cipher suites for TLS 1.2 below. */
+ switch (second) {
+ #if defined(WOLFSSL_SM4_GCM)
+ case TLS_SM4_GCM_SM3:
+ return 0;
+ break;
+ #endif
+ #if defined(WOLFSSL_SM4_CCM)
+ case TLS_SM4_CCM_SM3:
+ return 0;
+ break;
+ #endif
+ }
+ }
+#endif /* WOLFSSL_SM2 && WOLFSSL_SM3 && WOLFSSL_SM4 */
+#endif /* WOLFSSL_TLS13 */
#ifndef WOLFSSL_NO_TLS12
- if (first != ECC_BYTE && first != CHACHA_BYTE &&
- first != TLS13_BYTE && first != ECDHE_PSK_BYTE) {
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && defined(WOLFSSL_SM4)
+ if (first == SM_BYTE) {
+ switch (second) {
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ case TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3:
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ case TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3:
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ case TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3:
+ if (requirement == REQUIRES_ECC)
+ return 1;
+ break;
+ #endif
+
+ default:
+ WOLFSSL_MSG("Unsupported cipher suite, CipherRequires SM");
+ return 0;
+ }
+ }
+#endif
+
+ if (first == CIPHER_BYTE) {
/* normal suites */
switch (second) {
-#ifndef NO_RSA
- #ifndef NO_RC4
- case SSL_RSA_WITH_RC4_128_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ #ifndef NO_RSA
+ #ifndef NO_RC4
+ case SSL_RSA_WITH_RC4_128_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case SSL_RSA_WITH_RC4_128_MD5 :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
- #endif /* NO_RC4 */
+ case SSL_RSA_WITH_RC4_128_MD5 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
+ #endif /* NO_RC4 */
- case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_RSA_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_RSA_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_RSA_WITH_AES_128_CBC_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_RSA_WITH_AES_128_CBC_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_RSA_WITH_AES_256_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_RSA_WITH_AES_256_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_RSA_WITH_AES_256_CBC_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_RSA_WITH_AES_256_CBC_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_RSA_WITH_NULL_MD5 :
- case TLS_RSA_WITH_NULL_SHA :
- case TLS_RSA_WITH_NULL_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ case TLS_RSA_WITH_NULL_MD5 :
+ case TLS_RSA_WITH_NULL_SHA :
+ case TLS_RSA_WITH_NULL_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
-#endif /* !NO_RSA */
+ #endif /* !NO_RSA */
-#ifndef NO_PSK
- case TLS_PSK_WITH_AES_128_GCM_SHA256 :
- if (requirement == REQUIRES_PSK)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ #ifndef NO_PSK
+ case TLS_PSK_WITH_AES_128_GCM_SHA256 :
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_PSK_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_PSK)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_PSK_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_PSK_WITH_AES_128_CBC_SHA256 :
- case TLS_PSK_WITH_AES_256_CBC_SHA384 :
- case TLS_PSK_WITH_AES_128_CBC_SHA :
- case TLS_PSK_WITH_AES_256_CBC_SHA :
- case TLS_PSK_WITH_NULL_SHA384 :
- case TLS_PSK_WITH_NULL_SHA256 :
- case TLS_PSK_WITH_NULL_SHA :
- if (requirement == REQUIRES_PSK)
- return 1;
- break;
+ case TLS_PSK_WITH_AES_128_CBC_SHA256 :
+ case TLS_PSK_WITH_AES_256_CBC_SHA384 :
+ case TLS_PSK_WITH_AES_128_CBC_SHA :
+ case TLS_PSK_WITH_AES_256_CBC_SHA :
+ case TLS_PSK_WITH_NULL_SHA384 :
+ case TLS_PSK_WITH_NULL_SHA256 :
+ case TLS_PSK_WITH_NULL_SHA :
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ break;
- case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
- case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_DHE)
- return 1;
- if (requirement == REQUIRES_PSK)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
+ case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
- case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
- case TLS_DHE_PSK_WITH_NULL_SHA384 :
- case TLS_DHE_PSK_WITH_NULL_SHA256 :
- if (requirement == REQUIRES_DHE)
- return 1;
- if (requirement == REQUIRES_PSK)
- return 1;
- break;
-#endif /* NO_PSK */
+ case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
+ case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
+ case TLS_DHE_PSK_WITH_NULL_SHA384 :
+ case TLS_DHE_PSK_WITH_NULL_SHA256 :
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ if (requirement == REQUIRES_PSK)
+ return 1;
+ break;
+ #endif /* NO_PSK */
-#ifndef NO_RSA
- case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
+ #ifndef NO_RSA
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
- case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
+ case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
- case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
+ case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
- case TLS_RSA_WITH_AES_128_GCM_SHA256 :
- case TLS_RSA_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_RSA_WITH_AES_128_GCM_SHA256 :
+ case TLS_RSA_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
- case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
- case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
+ case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
+ case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
-#ifdef HAVE_CAMELLIA
- case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
- case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
- case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
- case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- break;
+ #ifdef HAVE_CAMELLIA
+ case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
+ case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
+ case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+ case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ break;
- case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
- case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
- case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
- case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
-#endif /* HAVE_CAMELLIA */
+ case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
+ case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
+ case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+ case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
+ #endif /* HAVE_CAMELLIA */
- case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
- if (requirement == REQUIRES_RSA)
- return 1;
- if (requirement == REQUIRES_RSA_SIG)
- return 1;
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
-#endif
-#ifdef HAVE_ANON
- case TLS_DH_anon_WITH_AES_128_CBC_SHA :
- if (requirement == REQUIRES_DHE)
- return 1;
- break;
- case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
- if (requirement == REQUIRES_DHE)
- return 1;
- if (requirement == REQUIRES_AEAD)
- return 1;
- break;
-#endif
-#ifdef WOLFSSL_MULTICAST
- case WDM_WITH_NULL_SHA256 :
- break;
-#endif
+ case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+ if (requirement == REQUIRES_RSA)
+ return 1;
+ if (requirement == REQUIRES_RSA_SIG)
+ return 1;
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
+ #endif /* !NO_RSA */
+ #ifdef HAVE_ANON
+ case TLS_DH_anon_WITH_AES_128_CBC_SHA :
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ break;
+ case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+ if (requirement == REQUIRES_DHE)
+ return 1;
+ if (requirement == REQUIRES_AEAD)
+ return 1;
+ break;
+ #endif
+ #ifdef WOLFSSL_MULTICAST
+ case WDM_WITH_NULL_SHA256 :
+ break;
+ #endif
- default:
- WOLFSSL_MSG("Unsupported cipher suite, CipherRequires");
- return 0;
+ default:
+ WOLFSSL_MSG("Unsupported cipher suite, CipherRequires");
+ return 0;
} /* switch */
- } /* if ECC / Normal suites else */
+ } /* if ECC / Normal suites else */
#endif /* !WOLFSSL_NO_TLS12 */
- return 0;
- }
+ return 0;
+}
#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
@@ -11460,8 +12237,11 @@ int MatchDomainName(const char* pattern, int len, const char* str)
if (p == '*') {
char s;
- while (--len > 0 &&
- (p = (char)XTOLOWER((unsigned char)*pattern++)) == '*') {
+ while (--len > 0) {
+ p = (char)XTOLOWER((unsigned char)*pattern);
+ pattern++;
+ if (p != '*')
+ break;
}
if (len == 0)
@@ -11622,7 +12402,7 @@ static void AddSessionCertToChain(WOLFSSL_X509_CHAIN* chain,
#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \
defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
-static void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType)
+void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType)
{
if (nameType == SUBJECT) {
XSTRNCPY(name->name, dCert->subject, ASN_NAME_MAX);
@@ -12302,7 +13082,7 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
/* only setup the verify callback if a PK is set */
#ifdef HAVE_ECC
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
sigCtx->pkCbEcc = Renesas_cmn_SigPkCbEccVerify;
sigCtx->pkCtxEcc = (void*)&sigCtx->CertAtt;
(void)SigPkCbEccVerify;
@@ -12316,7 +13096,7 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
#endif
#ifndef NO_RSA
/* only setup the verify callback if a PK is set */
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
sigCtx->pkCbRsa = Renesas_cmn_SigPkCbRsaVerify;
sigCtx->pkCtxRsa = (void*)&sigCtx->CertAtt;
(void)SigPkCbRsaVerify;
@@ -12348,7 +13128,9 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret)
alertWhy = bad_certificate;
if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E) {
alertWhy = certificate_expired;
- } else if (ret == ASN_NO_SIGNER_E) {
+ }
+ else if (ret == ASN_NO_SIGNER_E || ret == ASN_PATHLEN_INV_E ||
+ ret == ASN_PATHLEN_SIZE_E) {
alertWhy = unknown_ca;
}
#ifdef OPENSSL_EXTRA
@@ -12356,6 +13138,11 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret)
alertWhy = certificate_revoked;
}
#endif
+#if defined(HAVE_RPK)
+ else if (ret == UNSUPPORTED_CERTIFICATE) {
+ alertWhy = unsupported_certificate;
+ }
+#endif /* HAVE_RPK */
else if (ret == NO_PEER_CERT) {
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3) {
@@ -12781,9 +13568,11 @@ int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
len = wolfSSL_i2d_X509_NAME_canon(issuer, &pbuf);
if (len > 0) {
- #ifndef NO_SHA
+ #if defined(NO_SHA) && !defined(NO_SHA256)
+ retHash = wc_Sha256Hash((const byte*)pbuf, len, dgt);
+ #elif !defined(NO_SHA)
retHash = wc_ShaHash((const byte*)pbuf, len, dgt);
- #endif
+ #endif
if (retHash == 0) {
/* 4 bytes in little endian as unsigned long */
hash = (((unsigned long)dgt[3] << 24) |
@@ -12921,6 +13710,7 @@ int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
}
XFREE(filename, NULL, DYNAMIC_TYPE_OPENSSL);
+ filename = NULL;
}
#else
(void) type;
@@ -12946,6 +13736,9 @@ static int ProcessPeerCertParse(WOLFSSL* ssl, ProcPeerCertArgs* args,
buffer* cert;
byte* subjectHash = NULL;
int alreadySigner = 0;
+#if defined(HAVE_RPK)
+ int cType;
+#endif
#ifdef WOLFSSL_SMALL_CERT_VERIFY
int sigRet = 0;
#endif
@@ -13047,6 +13840,37 @@ PRAGMA_GCC_DIAG_POP
/* Parse Certificate */
ret = ParseCertRelative(args->dCert, certType, verify, SSL_CM(ssl));
+
+#if defined(HAVE_RPK)
+ /* if cert type has negotiated with peer, confirm the cert received has
+ * the same type.
+ */
+ if (ret == 0 ) {
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ if (ssl->options.rpkState.received_ServerCertTypeCnt == 1) {
+ cType = ssl->options.rpkState.received_ServerCertTypes[0];
+ if ((cType == WOLFSSL_CERT_TYPE_RPK && !args->dCert->isRPK) ||
+ (cType == WOLFSSL_CERT_TYPE_X509 && args->dCert->isRPK)) {
+ /* cert type mismatch */
+ WOLFSSL_MSG("unsupported certificate type received");
+ ret = UNSUPPORTED_CERTIFICATE;
+ }
+ }
+ }
+ else if (ssl->options.side == WOLFSSL_SERVER_END) {
+ if (ssl->options.rpkState.received_ClientCertTypeCnt == 1) {
+ cType = ssl->options.rpkState.sending_ClientCertTypes[0];
+ if ((cType == WOLFSSL_CERT_TYPE_RPK && !args->dCert->isRPK) ||
+ (cType == WOLFSSL_CERT_TYPE_X509 && args->dCert->isRPK)) {
+ /* cert type mismatch */
+ WOLFSSL_MSG("unsupported certificate type received");
+ ret = UNSUPPORTED_CERTIFICATE;
+ }
+ }
+ }
+ }
+#endif /* HAVE_RPK */
+
/* perform below checks for date failure cases */
if (ret == 0 || ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) {
/* get subject and determine if already loaded */
@@ -13208,6 +14032,24 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args)
return ret;
}
+#ifdef HAVE_CRL
+static int ProcessPeerCertsChainCRLCheck(WOLFSSL_CERT_MANAGER* cm, Signer* ca)
+{
+ Signer* prev = NULL;
+ int ret = 0;
+ /* End loop if no more issuers found or if we have
+ * found a self signed cert (ca == prev) */
+ for (; ret == 0 && ca != NULL && ca != prev;
+ prev = ca, ca = GetCAByName(cm, ca->issuerNameHash)) {
+ ret = CheckCertCRL_ex(cm->crl, ca->issuerNameHash, NULL, 0,
+ ca->serialHash, NULL, 0, NULL);
+ if (ret != 0)
+ break;
+ }
+ return ret;
+}
+#endif
+
int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
word32 totalSz)
{
@@ -13236,7 +14078,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
args = (ProcPeerCertArgs*)ssl->async->args;
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_ppc;
@@ -13248,7 +14090,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* Re-entry after non-blocking OCSP */
#ifdef WOLFSSL_ASYNC_CRYPT
/* if async operationg not pending, reset error code */
- if (ret == WC_NOT_PENDING_E)
+ if (ret == WC_NO_PENDING_E)
ret = 0;
#endif
}
@@ -13559,7 +14401,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* select last certificate */
args->certIdx = args->count - 1;
- ret = ProcessPeerCertParse(ssl, args, CERT_TYPE,
+ ret = ProcessPeerCertParse(ssl, args, CHAIN_CERT_TYPE,
!ssl->options.verifyNone ? VERIFY : NO_VERIFY,
&subjectHash, &alreadySigner);
#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
@@ -13574,7 +14416,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
FreeDecodedCert(args->dCert);
args->dCertInit = 0;
/* once again */
- ret = ProcessPeerCertParse(ssl, args, CERT_TYPE,
+ ret = ProcessPeerCertParse(ssl, args, CHAIN_CERT_TYPE,
!ssl->options.verifyNone ? VERIFY : NO_VERIFY,
&subjectHash, &alreadySigner);
}
@@ -13591,6 +14433,12 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (ret == 0) {
ret = ProcessPeerCertCheckKey(ssl, args);
}
+ else if (ret == ASN_PARSE_E || ret == BUFFER_E ||
+ ret == MEMORY_E) {
+ WOLFSSL_MSG(
+ "Got Peer cert ASN PARSE_E, BUFFER E, MEMORY_E");
+ ERROR_OUT(ret, exit_ppc);
+ }
if (ret == 0 && args->dCert->isCA == 0) {
WOLFSSL_MSG("Chain cert is not a CA, not adding as one");
@@ -13631,7 +14479,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
SSL_CM(ssl)->ocspCheckAll) {
WOLFSSL_MSG("Doing Non Leaf OCSP check");
ret = CheckCertOCSP_ex(SSL_CM(ssl)->ocsp,
- args->dCert, NULL, ssl);
+ args->dCert, ssl);
#ifdef WOLFSSL_NONBLOCK_OCSP
if (ret == OCSP_WANT_READ) {
args->lastErr = ret;
@@ -13679,6 +14527,16 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_ERROR_VERBOSE(ret);
WOLFSSL_MSG("\tCRL check not ok");
}
+ if (ret == 0 &&
+ args->certIdx == args->totalCerts-1) {
+ ret = ProcessPeerCertsChainCRLCheck(
+ SSL_CM(ssl), args->dCert->ca);
+ if (ret != 0) {
+ WOLFSSL_ERROR_VERBOSE(ret);
+ WOLFSSL_MSG("\tCRL chain check not ok");
+ args->fatal = 0;
+ }
+ }
}
}
#endif /* HAVE_CRL */
@@ -13719,6 +14577,26 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
#endif /* WOLFSSL_ALT_CERT_CHAINS */
+ #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+ /* If we are using native Apple CA validation, it is okay
+ * for a CA cert to fail validation here, as we will verify
+ * the entire chain when we hit the peer (leaf) cert */
+ if ((ssl->ctx->doAppleNativeCertValidationFlag)
+ && (ret == ASN_NO_SIGNER_E)) {
+
+ WOLFSSL_MSG("Bypassing errors to allow for Apple native"
+ " CA validation");
+ ret = 0; /* clear errors and continue */
+ args->verifyErr = 0;
+ #if defined(OPENSSL_EXTRA) \
+ || defined(OPENSSL_EXTRA_X509_SMALL)
+ ssl->peerVerifyRet = 0;
+ #endif
+ /* do not add to certificate manager */
+ skipAddCA = 1;
+ }
+ #endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
/* Do verify callback */
ret = DoVerifyCallback(SSL_CM(ssl), ssl, ret, args);
if (ssl->options.verifyNone &&
@@ -13758,6 +14636,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* CA already verified above in ParseCertRelative */
WOLFSSL_MSG("Adding CA from chain");
+ SSL_CM_WARNING(ssl);
ret = AddCA(SSL_CM(ssl), &add, WOLFSSL_CHAIN_CA,
NO_VERIFY);
if (ret == WOLFSSL_SUCCESS) {
@@ -13773,6 +14652,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (!ssl->options.verifyNone) {
WOLFSSL_ERROR_VERBOSE(ret);
DoCertFatalAlert(ssl, ret);
+ args->lastErr = ret;
+ break; /* We sent a fatal alert.
+ * No point continuing. */
}
if (args->lastErr == 0) {
args->lastErr = ret; /* save error from last time */
@@ -13783,7 +14665,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
FreeDecodedCert(args->dCert);
args->dCertInit = 0;
args->count--;
- } /* while (count > 0 && !args->haveTrustPeer) */
+ } /* while (count > 1 && !args->haveTrustPeer) */
} /* if (count > 0) */
/* Check for error */
@@ -13857,6 +14739,20 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
* OpenSSL doesn't appear to be performing this check.
* For TLS 1.3 see RFC8446 Section 4.4.2.3 */
if (ssl->options.side == WOLFSSL_SERVER_END) {
+ #if defined(HAVE_RPK)
+ if (args->dCert->isRPK) {
+ /* to verify Raw Public Key cert, DANE(RFC6698)
+ * should be introduced. Without DANE, no
+ * authentication is performed.
+ */
+ #if defined(HAVE_DANE)
+ if (ssl->useDANE) {
+ /* DANE authentication should be added */
+ }
+ #endif /* HAVE_DANE */
+ }
+ else /* skip followingx509 version check */
+ #endif /* HAVE_RPK */
if (args->dCert->version != WOLFSSL_X509_V3) {
WOLFSSL_MSG("Peers certificate was not version 3!");
args->lastErr = ASN_VERSION_E;
@@ -13875,8 +14771,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
args->fatal = 0;
}
}
- else if (ret == ASN_PARSE_E || ret == BUFFER_E) {
- WOLFSSL_MSG("Got Peer cert ASN PARSE or BUFFER ERROR");
+ else if (ret == ASN_PARSE_E || ret == BUFFER_E ||
+ ret == MEMORY_E || ret == BAD_FUNC_ARG) {
+ WOLFSSL_MSG("Got Peer cert ASN_PARSE_E, BUFFER_E, MEMORY_E,"
+ " BAD_FUNC_ARG");
#if defined(WOLFSSL_EXTRA_ALERTS) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL)
DoCertFatalAlert(ssl, ret);
@@ -13889,6 +14787,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
else {
WOLFSSL_MSG("Failed to verify Peer's cert");
+
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
if (ssl->peerVerifyRet == 0) { /* Return first cert error here */
if (ret == ASN_BEFORE_DATE_E) {
@@ -13906,6 +14805,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
}
#endif
+
if (ssl->verifyCallback) {
WOLFSSL_MSG(
"\tCallback override available, will continue");
@@ -13914,6 +14814,18 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (args->fatal)
DoCertFatalAlert(ssl, ret);
}
+ #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+ /* Disregard failure to verify peer cert, as we will verify
+ * the whole chain with the native API later */
+ else if (ssl->ctx->doAppleNativeCertValidationFlag) {
+ WOLFSSL_MSG("\tApple native CA validation override"
+ " available, will continue");
+ /* check if fatal error */
+ args->fatal = (args->verifyErr) ? 1 : 0;
+ if (args->fatal)
+ DoCertFatalAlert(ssl, ret);
+ }
+ #endif/*defined(__APPLE__)&& defined(WOLFSSL_SYS_CA_CERTS)*/
else {
WOLFSSL_MSG("\tNo callback override available, fatal");
args->fatal = 1;
@@ -13930,8 +14842,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* compare against previous time */
if (ssl->secure_renegotiation->subject_hash_set) {
if (XMEMCMP(args->dCert->subjectHash,
- ssl->secure_renegotiation->subject_hash,
- KEYID_SIZE) != 0) {
+ ssl->secure_renegotiation->subject_hash,
+ KEYID_SIZE) != 0) {
WOLFSSL_MSG(
"Peer sent different cert during scr, fatal");
args->fatal = 1;
@@ -14018,7 +14930,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (doLookup && SSL_CM(ssl)->ocspEnabled) {
WOLFSSL_MSG("Doing Leaf OCSP check");
ret = CheckCertOCSP_ex(SSL_CM(ssl)->ocsp,
- args->dCert, NULL, ssl);
+ args->dCert, ssl);
#ifdef WOLFSSL_NONBLOCK_OCSP
if (ret == OCSP_WANT_READ) {
goto exit_ppc;
@@ -14063,11 +14975,27 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ssl->peerVerifyRet =
ret == CRL_CERT_REVOKED
? WOLFSSL_X509_V_ERR_CERT_REVOKED
- : WOLFSSL_X509_V_ERR_CERT_REJECTED;;
+ : WOLFSSL_X509_V_ERR_CERT_REJECTED;
}
#endif
}
}
+ if (ret == 0 && doLookup && SSL_CM(ssl)->crlEnabled &&
+ SSL_CM(ssl)->crlCheckAll && args->totalCerts == 1) {
+ /* Check the entire cert chain */
+ if (args->dCert->ca != NULL) {
+ ret = ProcessPeerCertsChainCRLCheck(SSL_CM(ssl),
+ args->dCert->ca);
+ if (ret != 0) {
+ WOLFSSL_ERROR_VERBOSE(ret);
+ WOLFSSL_MSG("\tCRL chain check not ok");
+ args->fatal = 0;
+ }
+ }
+ else {
+ WOLFSSL_MSG("No CA signer set");
+ }
+ }
#endif /* HAVE_CRL */
(void)doLookup;
}
@@ -14264,7 +15192,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
else {
ssl->peerRsaKeyPresent = 1;
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT)
+ defined(WOLFSSL_RENESAS_FSPSM_TLS)
/* copy encrypted tsip key index into ssl object */
if (args->dCert->sce_tsip_encRsaKeyIdx) {
if (!ssl->peerSceTsipEncRsaKeyIndex) {
@@ -14322,11 +15250,14 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
#endif /* NO_RSA */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2k:
+ #endif
case ECDSAk:
{
int keyRet = 0;
word32 idx = 0;
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
defined(WOLFSSL_RENESAS_TSIP_TLS)
/* copy encrypted tsip/sce key index into ssl object */
if (args->dCert->sce_tsip_encRsaKeyIdx) {
@@ -14654,6 +15585,22 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
#endif
+ #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+ /* If we can't validate the peer cert chain against the CAs loaded
+ * into wolfSSL, try to validate against the system certificates
+ * using Apple's native trust APIs */
+ if ((ret != 0) && (ssl->ctx->doAppleNativeCertValidationFlag)) {
+ if (DoAppleNativeCertValidation(args->certs,
+ args->totalCerts)) {
+ WOLFSSL_MSG("Apple native cert chain validation SUCCESS");
+ ret = 0;
+ }
+ else {
+ WOLFSSL_MSG("Apple native cert chain validation FAIL");
+ }
+ }
+ #endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
/* Do verify callback */
ret = DoVerifyCallback(SSL_CM(ssl), ssl, ret, args);
@@ -14749,11 +15696,17 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_ENTER("DoCertificate");
#ifdef SESSION_CERTS
- /* Reset the session cert chain count in case the session resume failed. */
- ssl->session->chain.count = 0;
- #ifdef WOLFSSL_ALT_CERT_CHAINS
+ /* Reset the session cert chain count in case the session resume failed,
+ * do not reset if we are resuming after an async wait */
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
+ if (ssl->error != OCSP_WANT_READ && ssl->error != WC_PENDING_E)
+#endif
+ {
+ ssl->session->chain.count = 0;
+#ifdef WOLFSSL_ALT_CERT_CHAINS
ssl->session->altChain.count = 0;
- #endif
+#endif
+ }
#endif /* SESSION_CERTS */
ret = ProcessPeerCerts(ssl, input, inOutIdx, size);
@@ -14884,6 +15837,8 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
else if (idx == 1) /* server cert must be OK */
ret = BAD_CERTIFICATE_STATUS_ERROR;
}
+
+ /* only frees 'single' if single->isDynamic is set */
FreeOcspResponse(response);
*inOutIdx += status_length;
@@ -15084,6 +16039,9 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
#endif
ssl->options.handShakeState = HANDSHAKE_DONE;
ssl->options.handShakeDone = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+ ssl->options.resumed = ssl->options.resuming;
+#endif
}
}
else {
@@ -15100,6 +16058,9 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
#endif
ssl->options.handShakeState = HANDSHAKE_DONE;
ssl->options.handShakeDone = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+ ssl->options.resumed = ssl->options.resuming;
+#endif
}
}
#ifdef WOLFSSL_DTLS
@@ -15119,7 +16080,6 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
return 0;
}
-
/* Make sure no duplicates, no fast forward, or other problems; 0 on success */
static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
{
@@ -15197,6 +16157,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
return DUPLICATE_MSG_E;
}
+ if (ssl->msgsReceived.got_hello_retry_request) {
+ WOLFSSL_MSG("Received HelloVerifyRequest after a "
+ "HelloRetryRequest");
+ WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
+ return VERSION_ERROR;
+ }
ssl->msgsReceived.got_hello_verify_request = 1;
break;
@@ -15300,43 +16266,44 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
}
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (ssl->msgsReceived.got_certificate_status == 0) {
+ int csrRet = 0;
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
- if (ssl->status_request) {
- int ret;
-
+ if (csrRet == 0 && ssl->status_request) {
WOLFSSL_MSG("No CertificateStatus before ServerKeyExchange");
- if ((ret = TLSX_CSR_ForceRequest(ssl)) != 0)
- return ret;
+ csrRet = TLSX_CSR_ForceRequest(ssl);
}
#endif
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
- if (ssl->status_request_v2) {
- int ret;
-
+ if (csrRet == 0 && ssl->status_request_v2) {
WOLFSSL_MSG("No CertificateStatus before ServerKeyExchange");
- if ((ret = TLSX_CSR2_ForceRequest(ssl)) != 0)
- return ret;
+ csrRet = TLSX_CSR2_ForceRequest(ssl);
}
#endif
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
- defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ if (csrRet != 0) {
+ /* Error out if OCSP lookups are enabled and failed or if
+ * the user requires stapling. */
+ if (SSL_CM(ssl)->ocspEnabled || SSL_CM(ssl)->ocspMustStaple)
+ return csrRet;
+ }
/* Check that a status request extension was seen as the
* CertificateStatus wasn't when an OCSP staple is required.
*/
if (
- #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
!ssl->status_request &&
- #endif
- #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+#endif
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
!ssl->status_request_v2 &&
- #endif
+#endif
SSL_CM(ssl)->ocspMustStaple) {
WOLFSSL_ERROR_VERBOSE(OCSP_CERT_UNKNOWN);
return OCSP_CERT_UNKNOWN;
}
- #endif
}
+#endif
break;
#endif
@@ -15569,7 +16536,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
}
-static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
byte type, word32 size, word32 totalSz)
{
int ret = 0;
@@ -15649,8 +16616,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->options.dtls == 0 &&
- ssl->options.serverState == NULL_STATE && type != server_hello) {
- WOLFSSL_MSG("First server message not server hello");
+ ssl->options.serverState == NULL_STATE && type != server_hello &&
+ type != hello_request) {
+ WOLFSSL_MSG("First server message not server hello or "
+ "hello request");
SendAlert(ssl, alert_fatal, unexpected_message);
WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
return OUT_OF_ORDER_E;
@@ -15697,7 +16666,23 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
case certificate_request:
case server_hello_done:
if (ssl->options.resuming) {
-#ifdef WOLFSSL_WPAS
+ /* https://www.rfc-editor.org/rfc/rfc5077.html#section-3.4
+ * Alternatively, the client MAY include an empty Session ID
+ * in the ClientHello. In this case, the client ignores the
+ * Session ID sent in the ServerHello and determines if the
+ * server is resuming a session by the subsequent handshake
+ * messages.
+ */
+#ifndef WOLFSSL_WPAS
+ if (ssl->session->sessionIDSz != 0) {
+ /* Fatal error. Only try to send an alert. RFC 5246 does not
+ * allow for reverting back to a full handshake after the
+ * server has indicated the intention to do a resumption. */
+ (void)SendAlert(ssl, alert_fatal, unexpected_message);
+ WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+ return OUT_OF_ORDER_E;
+ }
+#endif
/* This can occur when ssl->sessionSecretCb is set. EAP-FAST
* (RFC 4851) allows for detecting server session resumption
* based on the msg received after the ServerHello. */
@@ -15705,14 +16690,6 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ssl->options.resuming = 0;
/* No longer resuming, reset peer authentication state. */
ssl->options.peerAuthGood = 0;
-#else
- /* Fatal error. Only try to send an alert. RFC 5246 does not
- * allow for reverting back to a full handshake after the
- * server has indicated the intention to do a resumption. */
- (void)SendAlert(ssl, alert_fatal, unexpected_message);
- WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
- return OUT_OF_ORDER_E;
-#endif
}
}
}
@@ -15761,7 +16738,8 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_MSG("processing server hello");
ret = DoServerHello(ssl, input, inOutIdx, size);
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
IsAtLeastTLSv1_3(ssl->version)) {
@@ -15843,7 +16821,8 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_MSG("processing client hello");
ret = DoClientHello(ssl, input, inOutIdx, size);
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
if (ssl->options.resuming || !ssl->options.verifyPeer || \
!IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) {
@@ -15965,6 +16944,12 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return PARSE_ERROR;
}
+ ret = EarlySanityCheckMsgReceived(ssl, type, size);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
if (size > MAX_HANDSHAKE_SZ) {
WOLFSSL_MSG("Handshake message too large");
WOLFSSL_ERROR_VERBOSE(HANDSHAKE_SIZE_ERROR);
@@ -15988,6 +16973,13 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return PARSE_ERROR;
}
+ ret = EarlySanityCheckMsgReceived(ssl, type,
+ min(inputLength - HANDSHAKE_HEADER_SZ, size));
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
/* Cap the maximum size of a handshake message to something reasonable.
* By default is the maximum size of a certificate message assuming
* nine 2048-bit RSA certificates in the chain. */
@@ -16026,6 +17018,13 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (inputLength > pendSz)
inputLength = pendSz;
+ ret = EarlySanityCheckMsgReceived(ssl, ssl->arrays->pendingMsgType,
+ inputLength);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
#ifdef WOLFSSL_ASYNC_CRYPT
if (ssl->error != WC_PENDING_E)
#endif
@@ -16082,6 +17081,9 @@ int SendFatalAlertOnly(WOLFSSL *ssl, int error)
case WANT_WRITE:
case WANT_READ:
case ZERO_RETURN:
+#ifdef WOLFSSL_NONBLOCK_OCSP
+ case OCSP_WANT_READ:
+#endif
#ifdef WOLFSSL_ASYNC_CRYPT
case WC_PENDING_E:
#endif
@@ -16248,6 +17250,8 @@ static WC_INLINE int Dtls13CheckWindow(WOLFSSL* ssl)
int wordIndex;
word32 diff;
+ WOLFSSL_ENTER("Dtls13CheckWindow");
+
if (ssl->dtls13DecryptEpoch == NULL) {
WOLFSSL_MSG("Can't find decrypting epoch");
return 0;
@@ -16401,7 +17405,7 @@ int wolfSSL_DtlsUpdateWindow(word16 cur_hi, word32 cur_lo,
diff %= DTLS_WORD_BITS;
if (idx < WOLFSSL_DTLS_WINDOW_WORDS)
- window[idx] |= (1 << diff);
+ window[idx] |= (1U << diff);
}
else {
_DtlsUpdateWindowGTSeq(diff + 1, window);
@@ -16415,7 +17419,7 @@ int wolfSSL_DtlsUpdateWindow(word16 cur_hi, word32 cur_lo,
return 1;
}
-static int _DtlsUpdateWindow(WOLFSSL* ssl)
+int DtlsUpdateWindow(WOLFSSL* ssl)
{
WOLFSSL_DTLS_PEERSEQ* peerSeq = ssl->keys.peerSeq;
word16 *next_hi;
@@ -16481,7 +17485,13 @@ static int _DtlsUpdateWindow(WOLFSSL* ssl)
}
#ifdef WOLFSSL_DTLS13
-static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
+
+/* Update DTLS 1.3 window
+ * Return
+ * 0 on successful update
+ * <0 on error
+ */
+static int Dtls13UpdateWindow(WOLFSSL* ssl)
{
w64wrapper nextSeq, seq;
w64wrapper diff64;
@@ -16489,14 +17499,26 @@ static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
int wordOffset;
int wordIndex;
word32 diff;
+ Dtls13Epoch* e = ssl->dtls13DecryptEpoch;
+
+ WOLFSSL_ENTER("Dtls13UpdateWindow");
if (ssl->dtls13DecryptEpoch == NULL) {
WOLFSSL_MSG("Can't find decrypting Epoch");
return BAD_STATE_E;
}
- nextSeq = ssl->dtls13DecryptEpoch->nextPeerSeqNumber;
- window = ssl->dtls13DecryptEpoch->window;
+ if (!w64Equal(ssl->keys.curEpoch64, ssl->dtls13DecryptEpoch->epochNumber)) {
+ /* ssl->dtls13DecryptEpoch has been updated since we received the msg */
+ e = Dtls13GetEpoch(ssl, ssl->keys.curEpoch64);
+ if (e == NULL) {
+ WOLFSSL_MSG("Can't find decrypting Epoch");
+ return BAD_STATE_E;
+ }
+ }
+
+ nextSeq = e->nextPeerSeqNumber;
+ window = e->window;
seq = ssl->keys.curSeq;
/* seq < nextSeq */
@@ -16517,7 +17539,7 @@ static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
}
window[wordIndex] |= (1 << wordOffset);
- return 1;
+ return 0;
}
/* seq >= nextSeq, seq - nextSeq */
@@ -16528,9 +17550,17 @@ static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
_DtlsUpdateWindowGTSeq(w64GetLow32(diff64), window);
w64Increment(&seq);
- ssl->dtls13DecryptEpoch->nextPeerSeqNumber = seq;
+ e->nextPeerSeqNumber = seq;
- return 1;
+ return 0;
+}
+
+int Dtls13UpdateWindowRecordRecvd(WOLFSSL* ssl)
+{
+ int ret = Dtls13UpdateWindow(ssl);
+ if (ret != 0)
+ return ret;
+ return Dtls13RecordRecvd(ssl);
}
#endif /* WOLFSSL_DTLS13 */
@@ -16549,6 +17579,14 @@ int DtlsMsgDrain(WOLFSSL* ssl)
item->ready && ret == 0) {
word32 idx = 0;
+ #ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+ ret = MsgCheckEncryption(ssl, item->type, item->encrypted);
+ if (ret != 0) {
+ SendAlert(ssl, alert_fatal, unexpected_message);
+ break;
+ }
+ #endif
+
#ifdef WOLFSSL_NO_TLS12
ret = DoTls13HandShakeMsgType(ssl, item->fullMsg, &idx, item->type,
item->sz, item->sz);
@@ -16598,6 +17636,12 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return PARSE_ERROR;
}
+ ret = EarlySanityCheckMsgReceived(ssl, type, fragSz);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
/* Cap the maximum size of a handshake message to something reasonable.
* By default is the maximum size of a certificate message assuming
* nine 2048-bit RSA certificates in the chain. */
@@ -17155,7 +18199,7 @@ int ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input,
*
* Return 0 on success negative values in error case
*/
-static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
+int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
word16 sz)
{
byte add[AEAD_AUTH_DATA_SZ];
@@ -17358,6 +18402,25 @@ static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
#endif
+#if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+
+/* The following type is used to share code between SM4-GCM and SM4-CCM. */
+typedef int (*Sm4AuthEncryptFunc)(wc_Sm4* sm4, byte* out, const byte* in,
+ word32 sz, const byte* nonce, word32 nonceSz, byte* tag, word32 tagSz,
+ const byte* aad, word32 aadSz);
+typedef int (*Sm4AuthDecryptFunc)(wc_Sm4* sm4, byte* out, const byte* in,
+ word32 sz, const byte* nonce, word32 nonceSz, const byte* tag, word32 tagSz,
+ const byte* aad, word32 aadSz);
+
+#define SM4_AUTH_ENCRYPT_FUNC Sm4AuthEncryptFunc
+#define SM4_AUTH_DECRYPT_FUNC Sm4AuthDecryptFunc
+#define SM4_GCM_ENCRYPT_FUNC wc_Sm4GcmEncrypt
+#define SM4_CCM_ENCRYPT_FUNC wc_Sm4CcmEncrypt
+#define SM4_GCM_DECRYPT_FUNC wc_Sm4GcmDecrypt
+#define SM4_CCM_DECRYPT_FUNC wc_Sm4CcmDecrypt
+
+#endif
+
static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
word16 sz, int asyncOkay)
@@ -17513,6 +18576,58 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
break;
#endif /* BUILD_AESGCM || HAVE_AESCCM */
+ #ifdef HAVE_ARIA
+ case wolfssl_aria_gcm:
+ {
+ const byte* additionalSrc = input - RECORD_HEADER_SZ;
+ byte *outBuf = NULL;
+ XMEMSET(ssl->encrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+ /* sequence number field is 64-bits */
+ WriteSEQ(ssl, CUR_ORDER, ssl->encrypt.additional);
+
+ /* Store the type, version. Unfortunately, they are in
+ * the input buffer ahead of the plaintext. */
+ #ifdef WOLFSSL_DTLS
+ if (ssl->options.dtls) {
+ additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+ }
+ #endif
+ XMEMCPY(ssl->encrypt.additional + AEAD_TYPE_OFFSET,
+ additionalSrc, 3);
+
+ /* Store the length of the plain text minus the explicit
+ * IV length minus the authentication tag size. */
+ c16toa(sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->encrypt.additional + AEAD_LEN_OFFSET);
+ XMEMCPY(ssl->encrypt.nonce,
+ ssl->keys.aead_enc_imp_IV, AESGCM_IMP_IV_SZ);
+ XMEMCPY(ssl->encrypt.nonce + AESGCM_IMP_IV_SZ,
+ ssl->keys.aead_exp_IV, AESGCM_EXP_IV_SZ);
+ outBuf = (byte*)XMALLOC(sz - AESGCM_EXP_IV_SZ, ssl->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (outBuf == NULL) {
+ ret = MEMORY_ERROR;
+ break;
+ }
+ ret = wc_AriaEncrypt(ssl->encrypt.aria, outBuf,
+ (byte*) input + AESGCM_EXP_IV_SZ,
+ sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->encrypt.nonce, AESGCM_NONCE_SZ,
+ ssl->encrypt.additional, AEAD_AUTH_DATA_SZ,
+ out + sz - ssl->specs.aead_mac_size,
+ ssl->specs.aead_mac_size
+ );
+ if (ret != 0)
+ break;
+ XMEMCPY(out,
+ ssl->encrypt.nonce + AESGCM_IMP_IV_SZ, AESGCM_EXP_IV_SZ);
+ XMEMCPY(out + AESGCM_EXP_IV_SZ,outBuf,sz - AESGCM_EXP_IV_SZ);
+ XFREE(outBuf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ break;
+ }
+ #endif
+
#ifdef HAVE_CAMELLIA
case wolfssl_camellia:
ret = wc_CamelliaCbcEncrypt(ssl->encrypt.cam, out, input, sz);
@@ -17526,6 +18641,95 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
break;
#endif
+ #ifdef WOLFSSL_SM4_CBC
+ case wolfssl_sm4_cbc:
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ /* initialize event */
+ asyncDev = &ssl->encrypt.sm4->asyncDev;
+ ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags);
+ if (ret != 0)
+ break;
+ #endif
+ ret = wc_Sm4CbcEncrypt(ssl->encrypt.sm4, out, input, sz);
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (ret == WC_PENDING_E && asyncOkay) {
+ ret = wolfSSL_AsyncPush(ssl, asyncDev);
+ }
+ #endif
+ break;
+ #endif
+
+ #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ case wolfssl_sm4_gcm:
+ case wolfssl_sm4_ccm:/* GCM AEAD macros use same size as CCM */
+ {
+ SM4_AUTH_ENCRYPT_FUNC sm4_auth_fn;
+ const byte* additionalSrc;
+
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ /* initialize event */
+ asyncDev = &ssl->encrypt.sm4->asyncDev;
+ ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags);
+ if (ret != 0)
+ break;
+ #endif
+
+ #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM4_CCM)
+ sm4_auth_fn = (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm)
+ ? SM4_GCM_ENCRYPT_FUNC : SM4_CCM_ENCRYPT_FUNC;
+ #elif defined(WOLFSSL_SM4_GCM)
+ sm4_auth_fn = SM4_GCM_ENCRYPT_FUNC;
+ #else
+ sm4_auth_fn = SM4_CCM_ENCRYPT_FUNC;
+ #endif
+ additionalSrc = input - 5;
+
+ XMEMSET(ssl->encrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+ /* sequence number field is 64-bits */
+ WriteSEQ(ssl, CUR_ORDER, ssl->encrypt.additional);
+
+ /* Store the type, version. Unfortunately, they are in
+ * the input buffer ahead of the plaintext. */
+ #ifdef WOLFSSL_DTLS
+ if (ssl->options.dtls) {
+ additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+ }
+ #endif
+ XMEMCPY(ssl->encrypt.additional + AEAD_TYPE_OFFSET,
+ additionalSrc, 3);
+
+ /* Store the length of the plain text minus the explicit
+ * IV length minus the authentication tag size. */
+ c16toa(sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->encrypt.additional + AEAD_LEN_OFFSET);
+ XMEMCPY(ssl->encrypt.nonce,
+ ssl->keys.aead_enc_imp_IV, GCM_IMP_IV_SZ);
+ XMEMCPY(ssl->encrypt.nonce + GCM_IMP_IV_SZ,
+ ssl->keys.aead_exp_IV, GCM_EXP_IV_SZ);
+ ret = sm4_auth_fn(ssl->encrypt.sm4,
+ out + GCM_EXP_IV_SZ, input + GCM_EXP_IV_SZ,
+ sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->encrypt.nonce, GCM_NONCE_SZ,
+ out + sz - ssl->specs.aead_mac_size,
+ ssl->specs.aead_mac_size,
+ ssl->encrypt.additional, AEAD_AUTH_DATA_SZ);
+
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (ret == WC_PENDING_E && asyncOkay) {
+ ret = wolfSSL_AsyncPush(ssl, asyncDev);
+ }
+ #endif
+#if !defined(NO_PUBLIC_GCM_SET_IV) && \
+ ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)))
+ XMEMCPY(out,
+ ssl->encrypt.nonce + GCM_IMP_IV_SZ, GCM_EXP_IV_SZ);
+#endif
+ }
+ break;
+ #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
+
#ifdef HAVE_NULL_CIPHER
case wolfssl_cipher_null:
if (input != out) {
@@ -17582,18 +18786,19 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
ssl->fuzzerCb(ssl, input, sz, FUZZ_ENCRYPT, ssl->fuzzerCtx);
#endif
- #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+ #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
/* make sure AES GCM/CCM memory is allocated */
/* free for these happens in FreeCiphers */
if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
- ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
+ ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm) {
/* make sure auth iv and auth are allocated */
if (ssl->encrypt.additional == NULL)
ssl->encrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
- ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
if (ssl->encrypt.nonce == NULL) {
ssl->encrypt.nonce = (byte*)XMALLOC(AESGCM_NONCE_SZ,
- ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
#ifdef WOLFSSL_CHECK_MEM_ZERO
if (ssl->encrypt.nonce != NULL) {
wc_MemZero_Add("Encrypt nonce", ssl->encrypt.nonce,
@@ -17606,7 +18811,33 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
return MEMORY_E;
}
}
- #endif /* BUILD_AESGCM || HAVE_AESCCM */
+ #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+
+ #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ /* make sure SM4 GCM/CCM memory is allocated */
+ /* free for these happens in FreeCiphers */
+ if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+ /* make sure auth iv and auth are allocated */
+ if (ssl->encrypt.additional == NULL)
+ ssl->encrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
+ if (ssl->encrypt.nonce == NULL) {
+ ssl->encrypt.nonce = (byte*)XMALLOC(GCM_NONCE_SZ,
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ if (ssl->encrypt.nonce != NULL) {
+ wc_MemZero_Add("Encrypt nonce", ssl->encrypt.nonce,
+ GCM_NONCE_SZ);
+ }
+ #endif
+ }
+ if (ssl->encrypt.additional == NULL ||
+ ssl->encrypt.nonce == NULL) {
+ return MEMORY_E;
+ }
+ }
+ #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
/* Advance state and proceed */
ssl->encrypt.state = CIPHER_STATE_DO;
@@ -17644,9 +18875,10 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
sizeof(ssl->encrypt.sanityCheck));
#endif
- #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+ #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
- ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm)
+ ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm)
{
/* finalize authentication cipher */
#if !defined(NO_PUBLIC_GCM_SET_IV) && \
@@ -17657,7 +18889,17 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
if (ssl->encrypt.nonce)
ForceZero(ssl->encrypt.nonce, AESGCM_NONCE_SZ);
}
- #endif /* BUILD_AESGCM || HAVE_AESCCM */
+ #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+ #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm)
+ {
+ /* finalize authentication cipher */
+ AeadIncrementExpIV(ssl);
+ if (ssl->encrypt.nonce)
+ ForceZero(ssl->encrypt.nonce, GCM_NONCE_SZ);
+ }
+ #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
#ifdef WOLFSSL_CHECK_MEM_ZERO
if ((ssl->specs.bulk_cipher_algorithm != wolfssl_cipher_null) &&
(out != input) && (ret == 0)) {
@@ -17814,6 +19056,57 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
break;
#endif /* BUILD_AESGCM || HAVE_AESCCM */
+ #ifdef HAVE_ARIA
+ case wolfssl_aria_gcm:
+ {
+ byte *outBuf = NULL;
+ XMEMSET(ssl->decrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+ /* sequence number field is 64-bits */
+ WriteSEQ(ssl, PEER_ORDER, ssl->decrypt.additional);
+
+ ssl->decrypt.additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+ ssl->decrypt.additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+ ssl->decrypt.additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+
+ c16toa(sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->decrypt.additional + AEAD_LEN_OFFSET);
+
+ #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
+ if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl))
+ XMEMCPY(ssl->decrypt.nonce,
+ ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV,
+ AESGCM_IMP_IV_SZ);
+ else
+ #endif
+ XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV,
+ AESGCM_IMP_IV_SZ);
+ XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input,
+ AESGCM_EXP_IV_SZ);
+ outBuf = (byte*)XMALLOC(sz - AESGCM_EXP_IV_SZ, ssl->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (outBuf == NULL) {
+ ret = MEMORY_ERROR;
+ break;
+ }
+ ret = wc_AriaDecrypt(ssl->decrypt.aria, outBuf,
+ (byte *)input + AESGCM_EXP_IV_SZ,
+ sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->decrypt.nonce, AESGCM_NONCE_SZ,
+ ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
+ (byte *)input + sz - ssl->specs.aead_mac_size,
+ ssl->specs.aead_mac_size
+ );
+ if (ret != 0)
+ break;
+ XMEMCPY(plain + AESGCM_EXP_IV_SZ,
+ outBuf,
+ sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size);
+ XFREE(outBuf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ break;
+ }
+ #endif /* HAVE_ARIA */
+
#ifdef HAVE_CAMELLIA
case wolfssl_camellia:
ret = wc_CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
@@ -17827,6 +19120,88 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
break;
#endif
+ #ifdef WOLFSSL_SM4_CBC
+ case wolfssl_sm4_cbc:
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ /* initialize event */
+ ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev,
+ WC_ASYNC_FLAG_CALL_AGAIN);
+ if (ret != 0)
+ break;
+ #endif
+ ret = wc_Sm4CbcDecrypt(ssl->decrypt.sm4, plain, input, sz);
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (ret == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
+ }
+ #endif
+ break;
+ #endif
+
+ #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ case wolfssl_sm4_gcm:
+ case wolfssl_sm4_ccm: /* GCM AEAD macros use same size as CCM */
+ {
+ SM4_AUTH_DECRYPT_FUNC sm4_auth_fn;
+
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ /* initialize event */
+ ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.sm4->asyncDev,
+ WC_ASYNC_FLAG_CALL_AGAIN);
+ if (ret != 0)
+ break;
+ #endif
+
+ #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM4_CCM)
+ sm4_auth_fn = (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm)
+ ? SM4_GCM_DECRYPT_FUNC : SM4_CCM_DECRYPT_FUNC;
+ #elif defined(WOLFSSL_SM4_GCM)
+ sm4_auth_fn = SM4_GCM_DECRYPT_FUNC;
+ #else
+ sm4_auth_fn = SM4_CCM_DECRYPT_FUNC;
+ #endif
+
+ XMEMSET(ssl->decrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+ /* sequence number field is 64-bits */
+ WriteSEQ(ssl, PEER_ORDER, ssl->decrypt.additional);
+
+ ssl->decrypt.additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+ ssl->decrypt.additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+ ssl->decrypt.additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+
+ c16toa(sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->decrypt.additional + AEAD_LEN_OFFSET);
+
+ #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
+ if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl))
+ XMEMCPY(ssl->decrypt.nonce,
+ ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV,
+ GCM_IMP_IV_SZ);
+ else
+ #endif
+ XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV,
+ GCM_IMP_IV_SZ);
+ XMEMCPY(ssl->decrypt.nonce + GCM_IMP_IV_SZ, input, GCM_EXP_IV_SZ);
+ if ((ret = sm4_auth_fn(ssl->decrypt.sm4,
+ plain + GCM_EXP_IV_SZ,
+ input + GCM_EXP_IV_SZ,
+ sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->decrypt.nonce, GCM_NONCE_SZ,
+ input + sz - ssl->specs.aead_mac_size,
+ ssl->specs.aead_mac_size,
+ ssl->decrypt.additional, AEAD_AUTH_DATA_SZ)) < 0) {
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ if (ret == WC_PENDING_E) {
+ ret = wolfSSL_AsyncPush(ssl,
+ &ssl->decrypt.sm4->asyncDev);
+ }
+ #endif
+ }
+ }
+ break;
+ #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
+
#ifdef HAVE_NULL_CIPHER
case wolfssl_cipher_null:
if (input != plain) {
@@ -17857,7 +19232,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* check for still pending */
if (ret == WC_PENDING_E)
return ret;
@@ -17883,18 +19258,19 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
return DECRYPT_ERROR;
}
- #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+ #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
/* make sure AES GCM/CCM memory is allocated */
/* free for these happens in FreeCiphers */
if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
- ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
+ ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm) {
/* make sure auth iv and auth are allocated */
if (ssl->decrypt.additional == NULL)
ssl->decrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
- ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
if (ssl->decrypt.nonce == NULL) {
ssl->decrypt.nonce = (byte*)XMALLOC(AESGCM_NONCE_SZ,
- ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
#ifdef WOLFSSL_CHECK_MEM_ZERO
if (ssl->decrypt.nonce != NULL) {
wc_MemZero_Add("DecryptTls nonce", ssl->decrypt.nonce,
@@ -17907,7 +19283,33 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
return MEMORY_E;
}
}
- #endif /* BUILD_AESGCM || HAVE_AESCCM */
+ #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+
+ #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ /* make sure SM4 GCM/CCM memory is allocated */
+ /* free for these happens in FreeCiphers */
+ if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+ /* make sure auth iv and auth are allocated */
+ if (ssl->decrypt.additional == NULL)
+ ssl->decrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
+ if (ssl->decrypt.nonce == NULL) {
+ ssl->decrypt.nonce = (byte*)XMALLOC(GCM_NONCE_SZ,
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ if (ssl->decrypt.nonce != NULL) {
+ wc_MemZero_Add("DecryptTls nonce", ssl->decrypt.nonce,
+ GCM_NONCE_SZ);
+ }
+ #endif
+ }
+ if (ssl->decrypt.additional == NULL ||
+ ssl->decrypt.nonce == NULL) {
+ return MEMORY_E;
+ }
+ }
+ #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
/* Advance state and proceed */
ssl->decrypt.state = CIPHER_STATE_DO;
@@ -17955,7 +19357,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
FALL_THROUGH;
case CIPHER_STATE_END:
{
- #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+ #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
/* make sure AES GCM/CCM nonce is cleared */
if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
@@ -17967,6 +19369,19 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
WOLFSSL_ERROR_VERBOSE(ret);
}
}
+ #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+ #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ /* make sure SM4 GCM/CCM nonce is cleared */
+ if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+ ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+ if (ssl->decrypt.nonce)
+ ForceZero(ssl->decrypt.nonce, GCM_NONCE_SZ);
+
+ if (ret < 0) {
+ ret = VERIFY_MAC_ERROR;
+ WOLFSSL_ERROR_VERBOSE(ret);
+ }
+ }
#endif /* BUILD_AESGCM || HAVE_AESCCM */
break;
}
@@ -18554,7 +19969,8 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff)
return BUFFER_ERROR;
}
#ifdef WOLFSSL_EARLY_DATA
- if (ssl->earlyData > early_data_ext) {
+ if (ssl->options.side == WOLFSSL_SERVER_END &&
+ ssl->earlyData > early_data_ext) {
if (ssl->earlyDataSz + dataSz > ssl->options.maxEarlyDataSz) {
if (sniff == NO_SNIFF) {
SendAlert(ssl, alert_fatal, unexpected_message);
@@ -18594,11 +20010,14 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff)
#endif
*inOutIdx = idx;
+#ifdef WOLFSSL_DTLS13
+ if (ssl->options.connectState == WAIT_FINISHED_ACK) {
+ /* DTLS 1.3 is waiting for an ACK but we can still return app data. */
+ return APP_DATA_READY;
+ }
+#endif
#ifdef HAVE_SECURE_RENEGOTIATION
if (IsSCR(ssl)) {
- /* Reset the processReply state since
- * we finished processing this message. */
- ssl->options.processReply = doProcessInit;
/* If we are in a secure renegotiation then APP DATA is treated
* differently */
return APP_DATA_READY;
@@ -18913,10 +20332,16 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
inSz = (int)(size - usedLength); /* from last partial read */
#ifdef WOLFSSL_DTLS
- if (ssl->options.dtls) {
- if (size < ssl->dtls_expected_rx)
- dtlsExtra = (int)(ssl->dtls_expected_rx - size);
- inSz = ssl->dtls_expected_rx;
+ if (ssl->options.dtls && IsDtlsNotSctpMode(ssl)) {
+ /* Add DTLS_MTU_ADDITIONAL_READ_BUFFER bytes so that we can operate with
+ * slight difference in set MTU size on each peer */
+#ifdef WOLFSSL_DTLS_MTU
+ inSz = (word32)ssl->dtlsMtuSz + DTLS_MTU_ADDITIONAL_READ_BUFFER;
+#else
+ inSz = MAX_MTU + DTLS_MTU_ADDITIONAL_READ_BUFFER;
+#endif
+ if (size < (word32)inSz)
+ dtlsExtra = (int)(inSz - size);
}
#endif
@@ -19125,9 +20550,10 @@ static int HandleDTLSDecryptFailed(WOLFSSL* ssl)
static int DtlsShouldDrop(WOLFSSL* ssl, int retcode)
{
- if (ssl->options.handShakeDone && !IsEncryptionOn(ssl, 0)) {
+ if (ssl->options.handShakeDone && !IsEncryptionOn(ssl, 0) &&
+ !ssl->options.dtlsHsRetain) {
WOLFSSL_MSG("Silently dropping plaintext DTLS message "
- "on established connection.");
+ "on established connection when we have nothing to send.");
return 1;
}
@@ -19148,21 +20574,9 @@ static int DtlsShouldDrop(WOLFSSL* ssl, int retcode)
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END
- && ssl->curRL.type != handshake) {
- int beforeCookieVerified = 0;
- if (!IsAtLeastTLSv1_3(ssl->version)) {
- beforeCookieVerified =
- ssl->options.acceptState < ACCEPT_FIRST_REPLY_DONE;
- }
-#ifdef WOLFSSL_DTLS13
- else {
- beforeCookieVerified =
- ssl->options.acceptState < TLS13_ACCEPT_SECOND_REPLY_DONE;
- }
-#endif /* WOLFSSL_DTLS13 */
-
- if (beforeCookieVerified) {
- WOLFSSL_MSG("Drop non-handshake record before handshake");
+ && ssl->curRL.type != handshake && !IsSCR(ssl)) {
+ if (!ssl->options.dtlsStateful) {
+ WOLFSSL_MSG("Drop non-handshake record when not stateful");
return 1;
}
}
@@ -19185,7 +20599,6 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
{
int ret = 0, type = internal_error, readSz;
int atomicUser = 0;
- word32 startIdx = 0;
#if defined(WOLFSSL_DTLS)
int used;
#endif
@@ -19196,7 +20609,7 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
#endif
if (ssl->error != 0 && ssl->error != WANT_READ && ssl->error != WANT_WRITE
- #ifdef HAVE_SECURE_RENEGOTIATION
+ #if defined(HAVE_SECURE_RENEGOTIATION) || defined(WOLFSSL_DTLS13)
&& ssl->error != APP_DATA_READY
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -19367,7 +20780,7 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
case getRecordLayerHeader:
/* DTLSv1.3 record numbers in the header are encrypted, and AAD
- * uses the unecrypted form. Because of this we need to modify the
+ * uses the unencrypted form. Because of this we need to modify the
* header, decrypting the numbers inside
* DtlsParseUnifiedRecordLayer(). This violates the const attribute
* of the buffer parameter of GetRecordHeader() used here. */
@@ -19477,7 +20890,8 @@ default:
ssl->keys.padSz = 0;
ssl->options.processReply = verifyEncryptedMessage;
- startIdx = ssl->buffers.inputBuffer.idx; /* in case > 1 msg per */
+ /* in case > 1 msg per record */
+ ssl->curStartIdx = ssl->buffers.inputBuffer.idx;
FALL_THROUGH;
/* verify digest of encrypted message */
@@ -19734,7 +21148,7 @@ default:
return HandleDTLSDecryptFailed(ssl);
}
#endif /* WOLFSSL_DTLS */
- #ifdef WOLFSSL_EXTRA_ALERTS
+ #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_ETM_ALERT)
if (!ssl->options.dtls)
SendAlert(ssl, alert_fatal, bad_record_mac);
#endif
@@ -19778,31 +21192,32 @@ default:
/* the record layer is here */
case runProcessingOneRecord:
#ifdef WOLFSSL_DTLS13
- if (ssl->options.dtls && IsAtLeastTLSv1_3(ssl->version)) {
-
- if(!Dtls13CheckWindow(ssl)) {
- /* drop packet */
- WOLFSSL_MSG(
- "Dropping DTLS record outside receiving window");
- ssl->options.processReply = doProcessInit;
- ssl->buffers.inputBuffer.idx += ssl->curSize;
- if (ssl->buffers.inputBuffer.idx >
- ssl->buffers.inputBuffer.length)
- return BUFFER_E;
+ if (ssl->options.dtls) {
+ if (IsAtLeastTLSv1_3(ssl->version)) {
+ if (!Dtls13CheckWindow(ssl)) {
+ /* drop packet */
+ WOLFSSL_MSG("Dropping DTLS record outside receiving "
+ "window");
+ ssl->options.processReply = doProcessInit;
+ ssl->buffers.inputBuffer.idx += ssl->curSize;
+ if (ssl->buffers.inputBuffer.idx >
+ ssl->buffers.inputBuffer.length)
+ return BUFFER_E;
- continue;
- }
+ continue;
+ }
- ret = Dtls13UpdateWindow(ssl);
- if (ret != 1) {
- WOLFSSL_ERROR(ret);
- return ret;
+ /* Only update the window once we enter stateful parsing */
+ if (ssl->options.dtlsStateful) {
+ ret = Dtls13UpdateWindowRecordRecvd(ssl);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+ }
}
-
- ret = Dtls13RecordRecvd(ssl);
- if (ret != 0) {
- WOLFSSL_ERROR(ret);
- return ret;
+ else if (IsDtlsNotSctpMode(ssl)) {
+ DtlsUpdateWindow(ssl);
}
}
#endif /* WOLFSSL_DTLS13 */
@@ -19820,7 +21235,7 @@ default:
/* For TLS v1.1 the block size and explicit IV are added to idx,
* so it needs to be included in this limit check */
if ((ssl->curSize - ssl->keys.padSz -
- (ssl->buffers.inputBuffer.idx - startIdx) -
+ (ssl->buffers.inputBuffer.idx - ssl->curStartIdx) -
MacSize(ssl) > MAX_PLAINTEXT_SZ)
#ifdef WOLFSSL_ASYNC_CRYPT
&& ssl->buffers.inputBuffer.length !=
@@ -19828,7 +21243,7 @@ default:
#endif
) {
WOLFSSL_MSG("Plaintext too long - Encrypt-Then-MAC");
- #if defined(WOLFSSL_EXTRA_ALERTS)
+ #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_ETM_ALERT)
SendAlert(ssl, alert_fatal, record_overflow);
#endif
WOLFSSL_ERROR_VERBOSE(BUFFER_ERROR);
@@ -19837,16 +21252,16 @@ default:
}
else
#endif
- /* TLS13 plaintext limit is checked earlier before decryption */
- /* For TLS v1.1 the block size and explicit IV are added to idx,
- * so it needs to be included in this limit check */
- if (!IsAtLeastTLSv1_3(ssl->version)
- && ssl->curSize - ssl->keys.padSz -
- (ssl->buffers.inputBuffer.idx - startIdx)
- > MAX_PLAINTEXT_SZ
+ /* TLS13 plaintext limit is checked earlier before decryption */
+ /* For TLS v1.1 the block size and explicit IV are added to idx,
+ * so it needs to be included in this limit check */
+ if (!IsAtLeastTLSv1_3(ssl->version)
+ && ssl->curSize - ssl->keys.padSz -
+ (ssl->buffers.inputBuffer.idx - ssl->curStartIdx)
+ > MAX_PLAINTEXT_SZ
#ifdef WOLFSSL_ASYNC_CRYPT
- && ssl->buffers.inputBuffer.length !=
- ssl->buffers.inputBuffer.idx
+ && ssl->buffers.inputBuffer.length !=
+ ssl->buffers.inputBuffer.idx
#endif
) {
WOLFSSL_MSG("Plaintext too long");
@@ -19857,17 +21272,6 @@ default:
return BUFFER_ERROR;
}
-#ifdef WOLFSSL_DTLS
- if (IsDtlsNotSctpMode(ssl) && !IsAtLeastTLSv1_3(ssl->version)) {
- _DtlsUpdateWindow(ssl);
- }
-
- if (ssl->options.dtls) {
- /* Reset timeout as we have received a valid DTLS message */
- ssl->dtls_timeout = ssl->dtls_timeout_init;
- }
-#endif /* WOLFSSL_DTLS */
-
WOLFSSL_MSG("received record layer msg");
switch (ssl->curRL.type) {
@@ -19877,16 +21281,21 @@ default:
if (ssl->options.dtls) {
#ifdef WOLFSSL_DTLS
if (!IsAtLeastTLSv1_3(ssl->version)) {
- ret = DoDtlsHandShakeMsg(ssl,
- ssl->buffers.inputBuffer.buffer,
- &ssl->buffers.inputBuffer.idx,
- ssl->buffers.inputBuffer.length);
- if (ret != 0) {
- if (SendFatalAlertOnly(ssl, ret)
- == SOCKET_ERROR_E) {
- ret = SOCKET_ERROR_E;
- }
+ ret = DoDtlsHandShakeMsg(ssl,
+ ssl->buffers.inputBuffer.buffer,
+ &ssl->buffers.inputBuffer.idx,
+ ssl->buffers.inputBuffer.length);
+ if (ret == 0 || ret == WC_PENDING_E) {
+ /* Reset timeout as we have received a valid
+ * DTLS handshake message */
+ ssl->dtls_timeout = ssl->dtls_timeout_init;
+ }
+ else {
+ if (SendFatalAlertOnly(ssl, ret)
+ == SOCKET_ERROR_E) {
+ ret = SOCKET_ERROR_E;
}
+ }
}
#endif
#ifdef WOLFSSL_DTLS13
@@ -20168,7 +21577,13 @@ default:
&ssl->buffers.inputBuffer.idx,
NO_SNIFF)) != 0) {
WOLFSSL_ERROR(ret);
- return ret;
+ #if defined(WOLFSSL_DTLS13) || \
+ defined(HAVE_SECURE_RENEGOTIATION)
+ /* Not really an error. We will return after cleaning
+ * up the processReply state. */
+ if (ret != APP_DATA_READY)
+ #endif
+ return ret;
}
break;
@@ -20225,9 +21640,18 @@ default:
/* input exhausted */
if (ssl->buffers.inputBuffer.idx >= ssl->buffers.inputBuffer.length
#ifdef WOLFSSL_DTLS
- /* If app data was processed then return now to avoid
- * dropping any app data. */
- || (ssl->options.dtls && ssl->curRL.type == application_data)
+ || (ssl->options.dtls &&
+ /* If app data was processed then return now to avoid
+ * dropping any app data. */
+ (ssl->curRL.type == application_data ||
+ /* client: if we processed a finished message, return to
+ * allow higher layers to establish the crypto
+ * parameters of the connection. The remaining data
+ * may be app data that we would drop without the
+ * crypto setup. */
+ (ssl->options.side == WOLFSSL_CLIENT_END &&
+ ssl->options.serverState == SERVER_FINISHED_COMPLETE &&
+ ssl->options.handShakeState != HANDSHAKE_DONE)))
#endif
) {
/* Shrink input buffer when we successfully finish record
@@ -20237,7 +21661,8 @@ default:
return ret;
}
/* more messages per record */
- else if ((ssl->buffers.inputBuffer.idx - startIdx) < ssl->curSize) {
+ else if ((ssl->buffers.inputBuffer.idx - ssl->curStartIdx)
+ < ssl->curSize) {
WOLFSSL_MSG("More messages in record");
ssl->options.processReply = runProcessingOneMessage;
@@ -20283,6 +21708,11 @@ default:
if (ret != 0)
return ret;
#endif
+#if defined(WOLFSSL_DTLS13) || defined(HAVE_SECURE_RENEGOTIATION)
+ /* Signal to user that we have application data ready to read */
+ if (ret == APP_DATA_READY)
+ return ret;
+#endif
/* It is safe to shrink the input buffer here now. local vars will
* be reset to the new starting value. */
if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag)
@@ -20679,6 +22109,12 @@ int BuildCertHashes(const WOLFSSL* ssl, Hashes* hashes)
if (ret != 0)
return ret;
#endif
+ #ifdef WOLFSSL_SM3
+ ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3,
+ hashes->sm3);
+ if (ret != 0)
+ return ret;
+ #endif
}
}
else {
@@ -20757,7 +22193,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
- ret = WC_NOT_PENDING_E;
+ ret = WC_NO_PENDING_E;
if (asyncOkay) {
if (ssl->async == NULL) {
return BAD_FUNC_ARG;
@@ -20765,7 +22201,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
args = &ssl->async->buildArgs;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.buildMsgState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_buildmsg;
@@ -20779,7 +22215,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
/* Reset state */
#ifdef WOLFSSL_ASYNC_CRYPT
- if (ret == WC_NOT_PENDING_E)
+ if (ret == WC_NO_PENDING_E)
#endif
{
ret = 0;
@@ -21328,6 +22764,9 @@ int SendFinished(WOLFSSL* ssl)
#endif
ssl->options.handShakeState = HANDSHAKE_DONE;
ssl->options.handShakeDone = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+ ssl->options.resumed = ssl->options.resuming;
+#endif
}
}
else {
@@ -21340,6 +22779,9 @@ int SendFinished(WOLFSSL* ssl)
#endif
ssl->options.handShakeState = HANDSHAKE_DONE;
ssl->options.handShakeDone = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+ ssl->options.resumed = ssl->options.resuming;
+#endif
}
}
@@ -21489,7 +22931,8 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest,
if (ret == 0) {
request->ssl = ssl;
- ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling, request, response);
+ ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling, request, response,
+ ssl->heap);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED ||
@@ -21829,7 +23272,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
int sendSz;
word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
word32 dnLen = 0;
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
#endif
const Suites* suites = WOLFSSL_SUITES(ssl);
@@ -21843,7 +23286,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
if (IsAtLeastTLSv1_2(ssl))
reqSz += LENGTH_SZ + suites->hashSigAlgoSz;
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
/* Certificate Authorities */
names = SSL_CA_NAMES(ssl);
while (names != NULL) {
@@ -21899,7 +23342,26 @@ int SendCertificateRequest(WOLFSSL* ssl)
ssl->options.cipherSuite0 == CHACHA_BYTE) &&
ssl->specs.sig_algo == ecc_dsa_sa_algo) {
output[i++] = ecdsa_sign;
- } else
+ }
+ else
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+ (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+ defined(WOLFSSL_SM4_CCM))
+ if (ssl->options.cipherSuite0 == SM_BYTE && (0
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ || ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ || ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ || ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ #endif
+ )) {
+ output[i++] = ecdsa_sign;
+ }
+ else
+#endif
#endif /* HAVE_ECC */
{
output[i++] = rsa_sign;
@@ -21917,7 +23379,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
/* Certificate Authorities */
c16toa((word16)dnLen, &output[i]); /* auth's */
i += REQ_HEADER_SZ;
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
names = SSL_CA_NAMES(ssl);
while (names != NULL) {
byte seq[MAX_SEQ_SZ];
@@ -22166,7 +23628,13 @@ int SendCertificateStatus(WOLFSSL* ssl)
if (ret == 0 && response.buffer) {
ret = BuildCertificateStatus(ssl, status_type, &response, 1);
+ }
+ /* Let's not error out the connection if we can't verify our cert */
+ if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
+ ret = 0;
+
+ if (response.buffer) {
XFREE(response.buffer, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
response.buffer = NULL;
}
@@ -22243,7 +23711,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
if (ret == 0) {
request->ssl = ssl;
ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling,
- request, &responses[i + 1]);
+ request, &responses[i + 1], ssl->heap);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED ||
@@ -22269,7 +23737,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
NULL != (request = ssl->ctx->chainOcspRequest[i])) {
request->ssl = ssl;
ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling,
- request, &responses[++i]);
+ request, &responses[++i], ssl->heap);
/* Suppressing, not critical */
if (ret == OCSP_CERT_REVOKED ||
@@ -22294,6 +23762,10 @@ int SendCertificateStatus(WOLFSSL* ssl)
}
}
+ /* Let's not error out the connection if we can't verify our cert */
+ if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
+ ret = 0;
+
break;
}
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
@@ -22440,6 +23912,18 @@ static int CheckTLS13AEADSendLimit(WOLFSSL* ssl)
limit = AEAD_AES_LIMIT; /* Limit is 2^24.5 */
break;
#endif
+#ifdef WOLFSSL_SM4_GCM
+ case wolfssl_sm4_gcm:
+ /* Limit is 2^22 - 1 */
+ limit = AEAD_SM4_GCM_LIMIT;
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case wolfssl_sm4_ccm:
+ /* Limit is 2^10 - 1 */
+ limit = AEAD_SM4_CCM_LIMIT;
+ break;
+#endif
case wolfssl_cipher_null:
/* No encryption being done */
return 0;
@@ -22507,6 +23991,12 @@ int SendData(WOLFSSL* ssl, const void* data, int sz)
groupMsgs = 1;
#endif
}
+ else if (IsAtLeastTLSv1_3(ssl->version) &&
+ ssl->options.side == WOLFSSL_SERVER_END &&
+ ssl->options.acceptState >= TLS13_ACCEPT_FINISHED_SENT) {
+ /* We can send data without waiting on peer finished msg */
+ WOLFSSL_MSG("server sending data before receiving client finished");
+ }
else
#endif
if (ssl->options.handShakeState != HANDSHAKE_DONE && !IsSCR(ssl)) {
@@ -22744,7 +24234,7 @@ int ReceiveData(WOLFSSL* ssl, byte* output, int sz, int peek)
#ifdef WOLFSSL_ASYNC_CRYPT
&& ssl->error != WC_PENDING_E
#endif
-#ifdef HAVE_SECURE_RENEGOTIATION
+#if defined(HAVE_SECURE_RENEGOTIATION) || defined(WOLFSSL_DTLS13)
&& ssl->error != APP_DATA_READY
#endif
) {
@@ -23100,12 +24590,11 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
#else
int error = (int)e;
-#ifdef OPENSSL_EXTRA
+
/* OpenSSL uses positive error codes */
if (error > 0) {
error = -error;
}
-#endif
/* pass to wolfCrypt */
if (error < MAX_CODE_E && error > MIN_CODE_E) {
@@ -23204,7 +24693,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
return "peer ip address mismatch";
case WANT_READ :
- case WOLFSSL_ERROR_WANT_READ :
+ case -WOLFSSL_ERROR_WANT_READ :
return "non-blocking socket wants data to be read";
case NOT_READY_ERROR :
@@ -23214,9 +24703,22 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
return "record layer version error";
case WANT_WRITE :
- case WOLFSSL_ERROR_WANT_WRITE :
+ case -WOLFSSL_ERROR_WANT_WRITE :
return "non-blocking socket write buffer full";
+ case -WOLFSSL_ERROR_WANT_CONNECT:
+ case -WOLFSSL_ERROR_WANT_ACCEPT:
+ return "The underlying BIO was not yet connected";
+
+ case -WOLFSSL_ERROR_SYSCALL:
+ return "fatal I/O error in TLS layer";
+
+ case -WOLFSSL_ERROR_WANT_X509_LOOKUP:
+ return "application client cert callback asked to be called again";
+
+ case -WOLFSSL_ERROR_SSL:
+ return "fatal TLS protocol error";
+
case BUFFER_ERROR :
return "malformed buffer input error";
@@ -23254,7 +24756,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
return "can't decode peer key";
case ZERO_RETURN:
- case WOLFSSL_ERROR_ZERO_RETURN:
+ case -WOLFSSL_ERROR_ZERO_RETURN:
return "peer sent close notify alert";
case ECC_CURVETYPE_ERROR:
@@ -23534,6 +25036,9 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
case SOCKET_FILTERED_E:
return "Session stopped by network filter";
+ case UNSUPPORTED_CERTIFICATE:
+ return "Unsupported certificate type";
+
#ifdef HAVE_HTTP_CLIENT
case HTTP_TIMEOUT:
return "HTTP timeout for OCSP or CRL req";
@@ -23550,10 +25055,36 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
case HTTP_APPSTR_ERR:
return "HTTP Application string error";
#endif
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+ /* TODO: -WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE. Conflicts with
+ * -WOLFSSL_ERROR_WANT_CONNECT. */
+ case -WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID:
+ return "certificate not yet valid";
+ case -WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED:
+ return "certificate has expired";
+ case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ return "certificate signature failure";
+ case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ return "format error in certificate's notAfter field";
+ case -WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ return "self-signed certificate in certificate chain";
case -WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
return "unable to get local issuer certificate";
-#endif
+ case -WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ return "unable to verify the first certificate";
+ case -WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG:
+ return "certificate chain too long";
+ case -WOLFSSL_X509_V_ERR_CERT_REVOKED:
+ return "certificate revoked";
+ case -WOLFSSL_X509_V_ERR_INVALID_CA:
+ return "invalid CA certificate";
+ case -WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED:
+ return "path length constraint exceeded";
+ case -WOLFSSL_X509_V_ERR_CERT_REJECTED:
+ return "certificate rejected";
+ case -WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
+ return "subject issuer mismatch";
+#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER */
case UNSUPPORTED_PROTO_VERSION:
#ifdef OPENSSL_EXTRA
return "WRONG_SSL_VERSION";
@@ -23633,18 +25164,18 @@ void SetErrorString(int error, char* str)
#ifndef NO_ERROR_STRINGS
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
- #define SUITE_ALIAS(x,z,w,v,u)
+ #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
#else
#define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
- #define SUITE_ALIAS(x,z,w,v,u)
+ #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
#endif
#else
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
- #define SUITE_ALIAS(x,z,w,v,u)
+ #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
#else
#define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
- #define SUITE_ALIAS(x,z,w,v,u)
+ #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
#endif
#endif
#else /* !NO_CIPHER_SUITE_ALIASES */
@@ -23699,6 +25230,14 @@ static const CipherSuiteInfo cipher_names[] =
SUITE_ALIAS("TLS13-AES128-CCM8-SHA256",TLS13_BYTE,TLS_AES_128_CCM_8_SHA256,TLSv1_3_MINOR, SSLv3_MAJOR)
#endif
+#ifdef BUILD_TLS_SM4_GCM_SM3
+ SUITE_INFO("TLS13-SM4-GCM-SM3","TLS_SM4_GCM_SM3",CIPHER_BYTE,TLS_SM4_GCM_SM3, TLSv1_3_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_SM4_CCM_SM3
+ SUITE_INFO("TLS13-SM4-CCM-SM3","TLS_SM4_CCM_SM3",CIPHER_BYTE,TLS_SM4_CCM_SM3, TLSv1_3_MINOR, SSLv3_MAJOR),
+#endif
+
#ifdef BUILD_TLS_SHA256_SHA256
SUITE_INFO("TLS13-SHA256-SHA256","TLS_SHA256_SHA256",ECC_BYTE,TLS_SHA256_SHA256,TLSv1_3_MINOR, SSLv3_MAJOR),
#endif
@@ -24075,6 +25614,18 @@ static const CipherSuiteInfo cipher_names[] =
SUITE_INFO("DHE-RSA-CHACHA20-POLY1305-OLD","TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256",CHACHA_BYTE,TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256, TLSv1_2_MINOR, SSLv3_MAJOR),
#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ SUITE_INFO("ECDHE-ECDSA-SM4-CBC-SM3","TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3",SM_BYTE,TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ SUITE_INFO("ECDHE-ECDSA-SM4-GCM-SM3","TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3",SM_BYTE,TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ SUITE_INFO("ECDHE-ECDSA-SM4-CCM-SM3","TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3",SM_BYTE,TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
#ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
SUITE_INFO("ADH-AES128-SHA","TLS_DH_anon_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_DH_anon_WITH_AES_128_CBC_SHA, TLSv1_2_MINOR, SSLv3_MAJOR),
#endif
@@ -24119,6 +25670,14 @@ static const CipherSuiteInfo cipher_names[] =
SUITE_INFO("EDH-RSA-DES-CBC3-SHA","TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, TLSv1_MINOR, SSLv3_MAJOR),
#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ SUITE_INFO("ECDHE-ECDSA-ARIA128-GCM-SHA256","TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ SUITE_INFO("ECDHE-ECDSA-ARIA256-GCM-SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
#ifdef BUILD_WDM_WITH_NULL_SHA256
SUITE_INFO("WDM-NULL-SHA256","WDM_WITH_NULL_SHA256",CIPHER_BYTE,WDM_WITH_NULL_SHA256, TLSv1_3_MINOR, SSLv3_MAJOR)
#endif
@@ -24318,12 +25877,37 @@ const char* GetCipherEncStr(char n[][MAX_SEGMENT_SZ]) {
(XSTRCMP(n[2],"AES") == 0 && XSTRCMP(n[3],"256") == 0))
encStr = "AES(256)";
+#ifdef HAVE_ARIA
+ else if ((XSTRCMP(n[0],"ARIA256") == 0) ||
+ (XSTRCMP(n[2],"ARIA256") == 0))
+ encStr = "ARIA(256)";
+ else if ((XSTRCMP(n[0],"ARIA128") == 0) ||
+ (XSTRCMP(n[2],"ARIA128") == 0))
+ encStr = "ARIA(128)";
+#endif
else if ((XSTRCMP(n[0],"CAMELLIA256") == 0) ||
(XSTRCMP(n[2],"CAMELLIA256") == 0))
encStr = "CAMELLIA(256)";
else if ((XSTRCMP(n[0],"CAMELLIA128") == 0) ||
(XSTRCMP(n[2],"CAMELLIA128") == 0))
encStr = "CAMELLIA(128)";
+#ifdef WOLFSSL_SM4_GCM
+ else if ((XSTRCMP(n[0],"SM4") == 0 && XSTRCMP(n[1],"GCM") == 0) ||
+ (XSTRCMP(n[1],"SM4") == 0 && XSTRCMP(n[2],"GCM") == 0) ||
+ (XSTRCMP(n[2],"SM4") == 0 && XSTRCMP(n[3],"GCM") == 0))
+ encStr = "SM4-GCM";
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ else if ((XSTRCMP(n[0],"SM4") == 0 && XSTRCMP(n[1],"CCM") == 0) ||
+ (XSTRCMP(n[1],"SM4") == 0 && XSTRCMP(n[2],"CCM") == 0) ||
+ (XSTRCMP(n[2],"SM4") == 0 && XSTRCMP(n[3],"CCM") == 0))
+ encStr = "SM4-CCM";
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ else if ((XSTRCMP(n[0],"SM4") == 0) ||
+ (XSTRCMP(n[2],"SM4") == 0))
+ encStr = "SM4";
+#endif
else if ((XSTRCMP(n[0],"RC4") == 0) || (XSTRCMP(n[1],"RC4") == 0) ||
(XSTRCMP(n[2],"RC4") == 0))
encStr = "RC4";
@@ -24380,6 +25964,13 @@ const char* GetCipherMacStr(char n[][MAX_SEGMENT_SZ]) {
(XSTRCMP(n[2],"SHA384") == 0) ||
(XSTRCMP(n[1],"SHA384") == 0))
macStr = "SHA384";
+#ifdef WOLFSSL_SM3
+ else if ((XSTRCMP(n[4],"SM3") == 0) ||
+ (XSTRCMP(n[3],"SM3") == 0) ||
+ (XSTRCMP(n[2],"SM3") == 0) ||
+ (XSTRCMP(n[1],"SM3") == 0))
+ macStr = "SM3";
+#endif
else if ((XSTRCMP(n[4],"SHA") == 0) || (XSTRCMP(n[3],"SHA") == 0) ||
(XSTRCMP(n[2],"SHA") == 0) || (XSTRCMP(n[1],"SHA") == 0) ||
(XSTRCMP(n[1],"MD5") == 0))
@@ -24519,11 +26110,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
{
int ret = 0;
int idx = 0;
- word16 haveRSAsig = 0;
- word16 haveECDSAsig = 0;
- word16 haveFalconSig = 0;
- word16 haveDilithiumSig = 0;
- word16 haveAnon = 0;
+ int haveSig = 0;
word16 haveRSA = 0;
#ifdef OPENSSL_EXTRA
word16 haveDH = 0;
@@ -24537,8 +26124,6 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
const int suiteSz = GetCipherNamesSize();
const char* next = list;
- (void)haveRSA;
-
if (suites == NULL || list == NULL) {
WOLFSSL_MSG("SetCipherList parameter error");
return 0;
@@ -24631,11 +26216,11 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
if (XSTRCMP(name, "DEFAULT") == 0 || XSTRCMP(name, "ALL") == 0) {
if (XSTRCMP(name, "ALL") == 0)
- haveAnon = 1;
+ haveSig |= SIG_ANON;
else
- haveAnon = 0;
+ haveSig &= ~SIG_ANON;
#ifdef HAVE_ANON
- ctx->haveAnon = haveAnon;
+ ctx->haveAnon = (haveSig & SIG_ANON) == SIG_ANON;
#endif
haveRSA = 1;
haveDH = 1;
@@ -24645,7 +26230,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
* static ECC suites here
* haveStaticECC = 1; */
haveStaticRSA = 1;
- haveRSAsig = 1;
+ haveSig |= SIG_RSA;
havePSK = 1;
haveNull = 0;
@@ -24658,7 +26243,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
* ciphersuites. */
if (XSTRCMP(name, "HIGH") == 0 && allowing) {
/* Disable static, anonymous, and null ciphers */
- haveAnon = 0;
+ haveSig &= ~SIG_ANON;
#ifdef HAVE_ANON
ctx->haveAnon = 0;
#endif
@@ -24667,7 +26252,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
haveECC = 1;
haveStaticECC = 0;
haveStaticRSA = 0;
- haveRSAsig = 1;
+ haveSig |= SIG_RSA;
havePSK = 1;
haveNull = 0;
@@ -24677,7 +26262,10 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
}
if (XSTRCMP(name, "aNULL") == 0) {
- haveAnon = allowing;
+ if (allowing)
+ haveSig |= SIG_ANON;
+ else
+ haveSig &= ~SIG_ANON;
#ifdef HAVE_ANON
ctx->haveAnon = allowing;
#endif
@@ -24685,8 +26273,8 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
/* Allow RSA by default. */
if (!haveECC)
haveRSA = 1;
- if (!haveECDSAsig)
- haveRSAsig = 1;
+ if ((haveSig & SIG_ECDSA) == 0)
+ haveSig |= SIG_RSA;
callInitSuites = 1;
ret = 1;
}
@@ -24699,8 +26287,8 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
/* Allow RSA by default. */
if (!haveECC)
haveRSA = 1;
- if (!haveECDSAsig)
- haveRSAsig = 1;
+ if ((haveSig & SIG_ECDSA) == 0)
+ haveSig |= SIG_RSA;
callInitSuites = 1;
ret = 1;
}
@@ -24708,20 +26296,27 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
}
if (XSTRCMP(name, "kDH") == 0) {
- haveStaticECC = allowing;
if (allowing) {
- haveECC = 1;
- haveECDSAsig = 1;
+ haveDH = 1;
callInitSuites = 1;
ret = 1;
}
continue;
}
- if (XSTRCMP(name, "ECDHE") == 0) {
+ if (XSTRCMP(name, "DHE") == 0 || XSTRCMP(name, "EDH") == 0) {
+ if (allowing) {
+ haveDH = 1;
+ callInitSuites = 1;
+ ret = 1;
+ }
+ continue;
+ }
+
+ if (XSTRCMP(name, "ECDHE") == 0 || XSTRCMP(name, "EECDH") == 0) {
if (allowing) {
haveECC = 1;
- haveECDSAsig = 1;
+ haveSig |= SIG_ECDSA;
callInitSuites = 1;
ret = 1;
}
@@ -24732,7 +26327,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
haveStaticRSA = allowing;
if (allowing) {
haveRSA = 1;
- haveRSAsig = 1;
+ haveSig |= SIG_RSA;
callInitSuites = 1;
ret = 1;
}
@@ -24741,13 +26336,13 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
if (XSTRCMP(name, "PSK") == 0) {
havePSK = allowing;
- haveRSAsig = 1;
+ haveSig |= SIG_RSA;
if (allowing) {
/* Allow RSA by default. */
if (!haveECC)
haveRSA = 1;
- if (!haveECDSAsig)
- haveRSAsig = 1;
+ if ((haveSig & SIG_ECDSA) == 0)
+ haveSig |= SIG_RSA;
callInitSuites = 1;
ret = 1;
}
@@ -24759,7 +26354,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
if (allowing) {
/* Allow RSA by default */
haveRSA = 1;
- haveRSAsig = 1;
+ haveSig |= SIG_RSA;
callInitSuites = 1;
ret = 1;
}
@@ -24817,46 +26412,81 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
suites->suites[idx++] = cipher_names[i].cipherSuite;
/* The suites are either ECDSA, RSA, PSK, or Anon. The RSA
* suites don't necessarily have RSA in the name. */
- #ifdef WOLFSSL_TLS13
+ #ifdef WOLFSSL_TLS13
if (cipher_names[i].cipherSuite0 == TLS13_BYTE ||
(cipher_names[i].cipherSuite0 == ECC_BYTE &&
(cipher_names[i].cipherSuite == TLS_SHA256_SHA256 ||
cipher_names[i].cipherSuite == TLS_SHA384_SHA384))) {
#ifndef NO_RSA
- haveRSAsig = 1;
+ haveSig |= SIG_RSA;
#endif
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || \
defined(HAVE_ED448)
- haveECDSAsig = 1;
+ haveSig |= SIG_ECDSA;
#endif
#if defined(HAVE_PQC)
#ifdef HAVE_FALCON
- haveFalconSig = 1;
+ haveSig |= SIG_FALCON;
#endif /* HAVE_FALCON */
#ifdef HAVE_DILITHIUM
- haveDilithiumSig = 1;
+ haveSig |= SIG_DILITHIUM;
#endif /* HAVE_DILITHIUM */
#endif /* HAVE_PQC */
}
else
+ #ifdef BUILD_TLS_SM4_GCM_SM3
+ if ((cipher_names[i].cipherSuite0 == CIPHER_BYTE) &&
+ (cipher_names[i].cipherSuite == TLS_SM4_GCM_SM3)) {
+ haveSig |= SIG_SM2;
+ }
+ else
+ #endif
+ #ifdef BUILD_TLS_SM4_CCM_SM3
+ if ((cipher_names[i].cipherSuite0 == CIPHER_BYTE) &&
+ (cipher_names[i].cipherSuite == TLS_SM4_CCM_SM3)) {
+ haveSig |= SIG_SM2;
+ }
+ else
+ #endif
+ #endif /* WOLFSSL_TLS13 */
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+ (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+ defined(WOLFSSL_SM4_CCM))
+ if ((cipher_names[i].cipherSuite0 == SM_BYTE) && (0
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ || (cipher_names[i].cipherSuite ==
+ TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3)
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ || (cipher_names[i].cipherSuite ==
+ TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3)
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ || (cipher_names[i].cipherSuite ==
+ TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3)
+ #endif
+ )) {
+ haveSig |= SIG_SM2;
+ }
+ else
#endif
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || \
defined(HAVE_ED448)
- if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA"))
- haveECDSAsig = 1;
+ if (XSTRSTR(name, "ECDSA"))
+ haveSig |= SIG_ECDSA;
else
#endif
#ifdef HAVE_ANON
if (XSTRSTR(name, "ADH"))
- haveAnon = 1;
+ haveSig |= SIG_ANON;
else
#endif
- if (haveRSAsig == 0
- #ifndef NO_PSK
- && (XSTRSTR(name, "PSK") == NULL)
- #endif
- ) {
- haveRSAsig = 1;
+ #ifndef NO_PSK
+ if (XSTRSTR(name, "PSK") == NULL)
+ #endif
+ {
+ /* Fall back to RSA */
+ haveSig |= SIG_RSA;
}
ret = 1; /* found at least one */
@@ -24873,17 +26503,18 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
#endif
#ifdef OPENSSL_EXTRA
if (callInitSuites) {
- byte tmp[WOLFSSL_MAX_SUITE_SZ];
- XMEMCPY(tmp, suites->suites, idx); /* Store copy */
suites->setSuites = 0; /* Force InitSuites */
suites->hashSigAlgoSz = 0; /* Force InitSuitesHashSigAlgo call
* inside InitSuites */
- InitSuites(suites, ctx->method->version, keySz, haveRSA,
- havePSK, haveDH, haveECDSAsig,
- haveECC, haveStaticRSA,
- haveStaticECC, haveFalconSig,
- haveDilithiumSig, haveAnon,
- haveNull, ctx->method->side);
+ InitSuites(suites, ctx->method->version, keySz, (word16)haveRSA,
+ (word16)havePSK, (word16)haveDH,
+ (word16)((haveSig & SIG_ECDSA) != 0),
+ (word16)haveECC, (word16)haveStaticRSA,
+ (word16)haveStaticECC,
+ (word16)((haveSig & SIG_FALCON) != 0),
+ (word16)((haveSig & SIG_DILITHIUM) != 0),
+ (word16)((haveSig & SIG_ANON) != 0),
+ (word16)haveNull, ctx->method->side);
/* Restore user ciphers ahead of defaults */
XMEMMOVE(suites->suites + idx, suites->suites,
min(suites->suiteSz, WOLFSSL_MAX_SUITE_SZ-idx));
@@ -24893,10 +26524,22 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
#endif
{
suites->suiteSz = (word16)idx;
- InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig,
- haveFalconSig, haveDilithiumSig, haveAnon,
- 1, keySz);
+ InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
+ &suites->hashSigAlgoSz);
}
+
+#ifdef HAVE_RENEGOTIATION_INDICATION
+ if (ctx->method->side == WOLFSSL_CLIENT_END) {
+ if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
+ WOLFSSL_MSG("Too many ciphersuites");
+ return 0;
+ }
+ suites->suites[suites->suiteSz] = CIPHER_BYTE;
+ suites->suites[suites->suiteSz+1] =
+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
+ suites->suiteSz += 2;
+ }
+#endif
suites->setSuites = 1;
}
@@ -24973,8 +26616,10 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
* suites don't necessarily have RSA in the name. */
#ifdef WOLFSSL_TLS13
if (firstByte == TLS13_BYTE || (firstByte == ECC_BYTE &&
- (secondByte == TLS_SHA256_SHA256 ||
- secondByte == TLS_SHA384_SHA384))) {
+ (secondByte == TLS_SHA256_SHA256 ||
+ secondByte == TLS_SHA384_SHA384)) ||
+ (firstByte == CIPHER_BYTE && (secondByte == TLS_SM4_GCM_SM3 ||
+ secondByte == TLS_SM4_CCM_SM3))) {
#ifndef NO_RSA
haveRSAsig = 1;
#endif
@@ -25015,13 +26660,33 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
if (ret) {
int keySz = 0;
+ int haveSig = 0;
#ifndef NO_CERTS
keySz = ctx->privateKeySz;
#endif
suites->suiteSz = (word16)idx;
- InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig,
- haveFalconSig, haveDilithiumSig, haveAnon, 1,
- keySz);
+ haveSig |= haveECDSAsig ? SIG_ECDSA : 0;
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ haveSig |= haveECDSAsig ? SIG_SM2 : 0;
+ #endif
+ haveSig |= haveRSAsig ? SIG_RSA : 0;
+ haveSig |= haveFalconSig ? SIG_FALCON : 0;
+ haveSig |= haveDilithiumSig ? SIG_DILITHIUM : 0;
+ haveSig |= haveAnon ? SIG_ANON : 0;
+ InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
+ &suites->hashSigAlgoSz);
+#ifdef HAVE_RENEGOTIATION_INDICATION
+ if (ctx->method->side == WOLFSSL_CLIENT_END) {
+ if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
+ WOLFSSL_MSG("Too many ciphersuites");
+ return 0;
+ }
+ suites->suites[suites->suiteSz] = CIPHER_BYTE;
+ suites->suites[suites->suiteSz+1] =
+ TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
+ suites->suiteSz += 2;
+ }
+#endif
suites->setSuites = 1;
}
@@ -25050,6 +26715,9 @@ struct mac_algs {
#ifdef WOLFSSL_SHA224
{ sha224_mac, "SHA224" },
#endif
+#ifdef WOLFSSL_SM3
+ { sm3_mac, "SM3" },
+#endif
#if !defined(NO_SHA) && (!defined(NO_OLD_TLS) || \
defined(WOLFSSL_ALLOW_TLS_SHA1))
{ sha_mac, "SHA1" },
@@ -25097,6 +26765,9 @@ struct sig_algs {
#ifndef NO_DSA
{ dsa_sa_algo, "DSA" },
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ { sm2_sa_algo, "SM2" },
+#endif
};
#define SIG_NAMES_SZ (int)(sizeof(sig_names)/sizeof(*sig_names))
@@ -25262,9 +26933,15 @@ static int CmpEccStrength(int hashAlgo, int curveSz)
static byte MinHashAlgo(WOLFSSL* ssl)
{
#ifdef WOLFSSL_TLS13
+#ifndef NO_SHA256
if (IsAtLeastTLSv1_3(ssl->version)) {
return sha256_mac;
}
+#elif defined(WOLFSSL_SM3)
+ if (IsAtLeastTLSv1_3(ssl->version)) {
+ return sm3_mac;
+ }
+#endif
#endif
#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_ALLOW_TLS_SHA1)
if (IsAtLeastTLSv1_2(ssl)) {
@@ -25365,6 +27042,23 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#if defined(HAVE_ECC) && (defined(WOLFSSL_TLS13) || \
defined(WOLFSSL_ECDSA_MATCH_HASH))
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (sigAlgo == sm2_sa_algo && hashAlgo == sm3_mac
+ #ifndef WOLFSSL_ECDSA_MATCH_HASH
+ && IsAtLeastTLSv1_3(ssl->version)
+ #endif
+ ) {
+ /* Must be exact match. */
+ if (CmpEccStrength(hashAlgo, ssl->buffers.keySz) != 0)
+ continue;
+ /* Matched SM2-SM3 - set chosen and finished. */
+ ssl->options.sigAlgo = sigAlgo;
+ ssl->options.hashAlgo = hashAlgo;
+ ret = 0;
+ break;
+ }
+ else
+ #endif
if (sigAlgo == ecc_dsa_sa_algo
#ifndef WOLFSSL_ECDSA_MATCH_HASH
&& IsAtLeastTLSv1_3(ssl->version)
@@ -25429,12 +27123,15 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#ifdef WOLFSSL_SHA512
case sha512_mac:
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ #endif
#ifdef WOLFSSL_STRONGEST_HASH_SIG
/* Is hash algorithm weaker than chosen/min? */
if (hashAlgo < ssl->options.hashAlgo)
break;
#else
- /* Is hash algorithm stonger than last chosen? */
+ /* Is hash algorithm stronger than last chosen? */
if (ret == 0 && hashAlgo > ssl->options.hashAlgo)
break;
#endif
@@ -25456,6 +27153,9 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#ifdef WOLFSSL_SHA512
&& (hashAlgo != sha512_mac)
#endif
+ #ifdef WOLFSSL_SM3
+ && (hashAlgo != sm3_mac)
+ #endif
)
{
break;
@@ -25620,7 +27320,7 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
/* add data, put in buffer if bigger than static buffer */
info->packets[info->numberPackets].valueSz = totalSz;
if (totalSz < MAX_VALUE_SZ) {
- XMEMCPY(info->packets[info->numberPackets].value, data + lateRL,
+ XMEMCPY(info->packets[info->numberPackets].value + lateRL, data,
sz);
}
else {
@@ -25772,7 +27472,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
|| wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)
#endif
) {
- *length = GetPrivateKeySigSize(ssl);
+ *length = (word16)GetPrivateKeySigSize(ssl);
return 0;
}
else
@@ -25906,7 +27606,11 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
#endif /* !NO_RSA */
- if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0) {
+ if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ || ssl->buffers.keyType == sm2_sa_algo
+ #endif
+ ) {
ssl->hsType = DYNAMIC_TYPE_ECC;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
@@ -26245,6 +27949,43 @@ exit_dpk:
((defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) && \
(defined(HAVE_ED25519) || defined(HAVE_ED448) || !defined(NO_RSA)))) || \
(!defined(NO_DH) && (!defined(NO_RSA) || defined(HAVE_ANON))))
+/* Returns whether the signature algorithm requires caching of messages.
+ *
+ * @param [in] sigAlgo Signature algorithm.
+ * @return 1 when caching required.
+ * @return 0 when caching not required.
+ */
+static int SigAlgoCachesMsgs(int sigAlgo)
+{
+ int ret;
+
+ (void)sigAlgo;
+
+#ifdef HAVE_ED25519
+ if (sigAlgo == ed25519_sa_algo) {
+ ret = 1;
+ }
+ else
+#endif
+#ifdef HAVE_ED448
+ if (sigAlgo == ed448_sa_algo) {
+ ret = 1;
+ }
+ else
+#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (sigAlgo == sm2_sa_algo) {
+ ret = 1;
+ }
+ else
+#endif
+ {
+ ret = 0;
+ }
+
+ return ret;
+}
+
static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
const byte* data, int sz, byte sigAlgo)
{
@@ -26273,8 +28014,8 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
/* message */
XMEMCPY(&ssl->buffers.sig.buffer[RAN_LEN * 2], data, sz);
}
- if (ret == 0 && sigAlgo != ed25519_sa_algo && sigAlgo != ed448_sa_algo) {
- ssl->buffers.digest.length = (unsigned int)digest_sz;
+ if (ret == 0 && !SigAlgoCachesMsgs(sigAlgo)) {
+ ssl->buffers.digest.length = (unsigned int)digest_sz;
/* buffer for hash */
if (!ssl->buffers.digest.buffer) {
@@ -26291,7 +28032,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
ret = MEMORY_E;
}
}
- if (ret == 0 && sigAlgo != ed25519_sa_algo && sigAlgo != ed448_sa_algo) {
+ if (ret == 0 && !SigAlgoCachesMsgs(sigAlgo)) {
/* Perform hash. Only wc_Hash supports MD5_SHA1. */
ret = wc_Hash(hashType, ssl->buffers.sig.buffer,
ssl->buffers.sig.length,
@@ -26315,6 +28056,20 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
/* client only parts */
#ifndef NO_WOLFSSL_CLIENT
+ int HaveUniqueSessionObj(WOLFSSL* ssl)
+ {
+ if (ssl->session->ref.count > 1) {
+ WOLFSSL_SESSION* newSession = wolfSSL_SESSION_dup(ssl->session);
+ if (newSession == NULL) {
+ WOLFSSL_MSG("Session duplicate failed");
+ return 0;
+ }
+ wolfSSL_FreeSession(ssl->ctx, ssl->session);
+ ssl->session = newSession;
+ }
+ return 1;
+ }
+
#ifndef WOLFSSL_NO_TLS12
/* handle generation of client_hello (1) */
@@ -26332,13 +28087,20 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
return BAD_FUNC_ARG;
}
- idSz = ssl->options.resuming ? ssl->session->sessionIDSz : 0;
-
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version))
return SendTls13ClientHello(ssl);
#endif
+#ifdef HAVE_SECURE_RENEGOTIATION
+ /* We don't want to resume in SCR */
+ if (IsSCR(ssl))
+ ssl->options.resuming = 0;
+#endif
+
+ idSz = ssl->options.resuming ? ssl->session->sessionIDSz : 0;
+
+
WOLFSSL_START(WC_FUNC_CLIENT_HELLO_SEND);
WOLFSSL_ENTER("SendClientHello");
@@ -26653,9 +28415,11 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_TLS13)
if (IsAtLeastTLSv1_3(ssl->version) && ssl->options.dtls) {
/* we sent a TLSv1.3 ClientHello but received a
- * HELLO_VERIFY_REQUEST */
+ * HELLO_VERIFY_REQUEST. We only check if DTLSv1_3_MINOR is the
+ * min downgrade option as per the server_version field comments in
+ * https://www.rfc-editor.org/rfc/rfc6347#section-4.2.1 */
if (!ssl->options.downgrade ||
- ssl->options.minDowngrade < pv.minor)
+ ssl->options.minDowngrade <= DTLSv1_3_MINOR)
return VERSION_ERROR;
}
#endif /* defined(WOLFSSL_DTLS13) && defined(WOLFSSL_TLS13) */
@@ -27145,6 +28909,11 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
else {
if (DSH_CheckSessionId(ssl)) {
if (SetCipherSpecs(ssl) == 0) {
+ if (!HaveUniqueSessionObj(ssl)) {
+ WOLFSSL_MSG("Unable to have unique session object");
+ WOLFSSL_ERROR_VERBOSE(MEMORY_ERROR);
+ return MEMORY_ERROR;
+ }
XMEMCPY(ssl->arrays->masterSecret,
ssl->session->masterSecret, SECRET_LEN);
@@ -27288,10 +29057,10 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
return BUFFER_ERROR;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
- if (ssl->ca_names != ssl->ctx->ca_names)
- wolfSSL_sk_X509_NAME_pop_free(ssl->ca_names, NULL);
- ssl->ca_names = wolfSSL_sk_X509_NAME_new(NULL);
- if (ssl->ca_names == NULL) {
+ if (ssl->client_ca_names != ssl->ctx->client_ca_names)
+ wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+ ssl->client_ca_names = wolfSSL_sk_X509_NAME_new(NULL);
+ if (ssl->client_ca_names == NULL) {
return MEMORY_ERROR;
}
#endif
@@ -27327,7 +29096,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
ret = GetName(cert, SUBJECT, dnSz);
if (ret == 0) {
- if ((name = wolfSSL_X509_NAME_new()) == NULL)
+ if ((name = wolfSSL_X509_NAME_new_ex(cert->heap)) == NULL)
ret = MEMORY_ERROR;
}
@@ -27336,7 +29105,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
}
if (ret == 0) {
- if (wolfSSL_sk_X509_NAME_push(ssl->ca_names, name)
+ if (wolfSSL_sk_X509_NAME_push(ssl->client_ca_names, name)
== WOLFSSL_FAILURE)
{
ret = MEMORY_ERROR;
@@ -27469,6 +29238,9 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
#ifdef HAVE_ECC_BRAINPOOL
case WOLFSSL_ECC_BRAINPOOLP256R1: return ECC_BRAINPOOLP256R1_OID;
#endif /* HAVE_ECC_BRAINPOOL */
+ #ifdef WOLFSSL_SM2
+ case WOLFSSL_ECC_SM2P256V1: return ECC_SM2P256V1_OID;
+ #endif /* WOLFSSL_SM2 */
#endif
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
case WOLFSSL_ECC_X448: return ECC_X448_OID;
@@ -27819,7 +29591,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
args = (DskeArgs*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_dske;
@@ -28293,6 +30065,13 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
else
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (sigAlgo == sm2_sa_algo &&
+ args->sigAlgo == ecc_dsa_sa_algo) {
+ args->sigAlgo = sigAlgo;
+ }
+ else
+ #endif
#ifdef HAVE_ED25519
if (sigAlgo == ed25519_sa_algo &&
args->sigAlgo == ecc_dsa_sa_algo) {
@@ -28363,6 +30142,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
#endif /* !NO_RSA */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ #endif
case ecc_dsa_sa_algo:
{
if (!ssl->peerEccDsaKeyPresent) {
@@ -28484,6 +30266,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
#endif /* !NO_RSA */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ #endif
case ecc_dsa_sa_algo:
{
ret = NOT_COMPILED_IN;
@@ -28498,17 +30283,36 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
#endif /* HAVE_PK_CALLBACKS */
if (ret == NOT_COMPILED_IN) {
- ret = EccVerify(ssl,
- args->verifySig, args->verifySigSz,
- ssl->buffers.digest.buffer,
- ssl->buffers.digest.length,
- ssl->peerEccDsaKey,
- #ifdef HAVE_PK_CALLBACKS
- &ssl->buffers.peerEccDsaKey
- #else
- NULL
- #endif
- );
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (args->sigAlgo == sm2_sa_algo) {
+ ret = Sm2wSm3Verify(ssl,
+ TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+ args->verifySig, args->verifySigSz,
+ ssl->buffers.sig.buffer,
+ ssl->buffers.sig.length,
+ ssl->peerEccDsaKey,
+ #ifdef HAVE_PK_CALLBACKS
+ &ssl->buffers.peerEccDsaKey
+ #else
+ NULL
+ #endif
+ );
+ }
+ else
+ #endif
+ {
+ ret = EccVerify(ssl,
+ args->verifySig, args->verifySigSz,
+ ssl->buffers.digest.buffer,
+ ssl->buffers.digest.length,
+ ssl->peerEccDsaKey,
+ #ifdef HAVE_PK_CALLBACKS
+ &ssl->buffers.peerEccDsaKey
+ #else
+ NULL
+ #endif
+ );
+ }
}
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -28661,8 +30465,8 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#endif
case rsa_sa_algo:
{
- #if (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
- defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)) || \
+ #if (defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+ defined(WOLFSSL_RENESAS_FSPSM_ECC)) || \
defined(WOLFSSL_RENESAS_TSIP_TLS)
/* already checked signature result by SCE */
/* skip the sign checks below */
@@ -28720,6 +30524,11 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
/* Nothing to do in this algo */
break;
#endif /* HAVE_ECC */
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ /* Nothing to do in this algo */
+ break;
+ #endif /* WOLFSSL_SM2 && WOLFSSL_SM3 */
#if defined(HAVE_ED25519)
case ed25519_sa_algo:
/* Nothing to do in this algo */
@@ -28865,7 +30674,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_scke;
@@ -30134,7 +31943,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
if (ssl->error != WC_PENDING_E ||
ssl->options.asyncState != TLS_ASYNC_END)
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_scv;
@@ -30195,7 +32004,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
if (ssl->buffers.key == NULL) {
#ifdef HAVE_PK_CALLBACKS
if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
- args->length = GetPrivateKeySigSize(ssl);
+ args->length = (word16)GetPrivateKeySigSize(ssl);
else
#endif
ERROR_OUT(NO_PRIVATE_KEY, exit_scv);
@@ -30260,7 +32069,15 @@ int SendCertificateVerify(WOLFSSL* ssl)
args->sigAlgo = rsa_sa_algo;
}
else if (ssl->hsType == DYNAMIC_TYPE_ECC)
- args->sigAlgo = ecc_dsa_sa_algo;
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->buffers.keyType == sm2_sa_algo) {
+ args->sigAlgo = sm2_sa_algo;
+ }
+ else
+ #endif
+ {
+ args->sigAlgo = ecc_dsa_sa_algo;
+ }
else if (ssl->hsType == DYNAMIC_TYPE_ED25519)
args->sigAlgo = ed25519_sa_algo;
else if (ssl->hsType == DYNAMIC_TYPE_ED448)
@@ -30334,17 +32151,36 @@ int SendCertificateVerify(WOLFSSL* ssl)
if (ssl->hsType == DYNAMIC_TYPE_ECC) {
ecc_key* key = (ecc_key*)ssl->hsKey;
- ret = EccSign(ssl,
- ssl->buffers.digest.buffer, ssl->buffers.digest.length,
- ssl->buffers.sig.buffer,
- (word32*)&ssl->buffers.sig.length,
- key,
- #ifdef HAVE_PK_CALLBACKS
- ssl->buffers.key
- #else
- NULL
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (args->sigAlgo == sm2_sa_algo) {
+ ret = Sm2wSm3Sign(ssl,
+ TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+ ssl->hsHashes->messages, ssl->hsHashes->length,
+ ssl->buffers.sig.buffer,
+ (word32*)&ssl->buffers.sig.length,
+ key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
+ else
#endif
- );
+ {
+ ret = EccSign(ssl,
+ ssl->buffers.digest.buffer, ssl->buffers.digest.length,
+ ssl->buffers.sig.buffer,
+ (word32*)&ssl->buffers.sig.length,
+ key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
}
#endif /* HAVE_ECC */
#if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)
@@ -30418,16 +32254,34 @@ int SendCertificateVerify(WOLFSSL* ssl)
{
ecc_key* key = (ecc_key*)ssl->hsKey;
- ret = EccVerify(ssl,
- ssl->buffers.sig.buffer, ssl->buffers.sig.length,
- ssl->buffers.digest.buffer, ssl->buffers.digest.length,
- key,
- #ifdef HAVE_PK_CALLBACKS
- ssl->buffers.key
- #else
- NULL
- #endif
- );
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->buffers.keyType == sm2_sa_algo) {
+ ret = Sm3wSm2Verify(ssl,
+ TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+ ssl->buffers.sig.buffer, ssl->buffers.sig.length,
+ ssl->buffers.digest.buffer,
+ ssl->buffers.digest.length, key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
+ else
+ #endif
+ {
+ ret = EccVerify(ssl,
+ ssl->buffers.sig.buffer, ssl->buffers.sig.length,
+ ssl->buffers.digest.buffer,
+ ssl->buffers.digest.length, key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
if (ret != 0) {
WOLFSSL_MSG("Failed to verify ECC signature");
goto exit_scv;
@@ -30575,6 +32429,9 @@ exit_scv:
#ifdef HAVE_SESSION_TICKET
int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
{
+ if (!HaveUniqueSessionObj(ssl))
+ return MEMORY_ERROR;
+
/* Free old dynamic ticket if we already had one */
if (ssl->session->ticketLenAlloc > 0) {
XFREE(ssl->session->ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
@@ -30780,6 +32637,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case ECC_BRAINPOOLP256R1_OID:
return WOLFSSL_ECC_BRAINPOOLP256R1;
#endif /* HAVE_ECC_BRAINPOOL */
+ #ifdef WOLFSSL_SM2
+ case ECC_SM2P256V1_OID:
+ return WOLFSSL_ECC_SM2P256V1;
+ #endif /* WOLFSSL_SM2 */
#endif
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
#ifndef NO_ECC_SECP
@@ -31173,7 +33034,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args = (SskeArgs*)ssl->async->args;
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_sske;
@@ -31467,6 +33328,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->eccTempKeyPresent =
DYNAMIC_TYPE_CURVE25519;
}
+ else {
+ FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
+ (void**)&ssl->eccTempKey);
+ }
}
break;
}
@@ -31490,6 +33355,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->eccTempKeyPresent =
DYNAMIC_TYPE_CURVE448;
}
+ else {
+ FreeKey(ssl, DYNAMIC_TYPE_CURVE448,
+ (void**)&ssl->eccTempKey);
+ }
}
break;
}
@@ -31861,6 +33730,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
#endif /* !NO_RSA */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ #endif
case ecc_dsa_sa_algo:
{
word16 keySz;
@@ -32053,6 +33925,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
#endif
#endif /* !NO_RSA */
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ #endif
case ecc_dsa_sa_algo:
{
break;
@@ -32102,7 +33977,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ssl->buffers.key == NULL) {
#ifdef HAVE_PK_CALLBACKS
if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
- keySz = (word32)GetPrivateKeySigSize(ssl);
+ keySz = (word16)GetPrivateKeySigSize(ssl);
else
#endif
ERROR_OUT(NO_PRIVATE_KEY, exit_sske);
@@ -32332,6 +34207,27 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
#endif /* !NO_RSA */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ {
+ ecc_key* key = (ecc_key*)ssl->hsKey;
+
+ ret = Sm2wSm3Sign(ssl,
+ TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+ ssl->buffers.sig.buffer,
+ ssl->buffers.sig.length,
+ args->output + LENGTH_SZ + args->idx,
+ &args->sigSz,
+ key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ break;
+ }
+ #endif
case ecc_dsa_sa_algo:
{
ecc_key* key = (ecc_key*)ssl->hsKey;
@@ -32513,23 +34409,46 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ #endif /* WOLFSSL_SM2 */
case ecc_dsa_sa_algo:
#ifdef WOLFSSL_CHECK_SIG_FAULTS
{
ecc_key* key = (ecc_key*)ssl->hsKey;
- ret = EccVerify(ssl,
- args->output + LENGTH_SZ + args->idx,
- args->sigSz,
- ssl->buffers.digest.buffer,
- ssl->buffers.digest.length,
- key,
- #ifdef HAVE_PK_CALLBACKS
- ssl->buffers.key
- #else
- NULL
- #endif
- );
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->options.sigAlgo == sm2_sa_algo) {
+ ret = Sm2wSm3Verify(ssl,
+ TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+ args->output + LENGTH_SZ + args->idx,
+ args->sigSz,
+ ssl->buffers.sig.buffer,
+ ssl->buffers.sig.length,
+ key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
+ else
+ #endif /* WOLFSSL_SM2 */
+ {
+ ret = EccVerify(ssl,
+ args->output + LENGTH_SZ + args->idx,
+ args->sigSz,
+ ssl->buffers.digest.buffer,
+ ssl->buffers.digest.length,
+ key,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
if (ret != 0) {
WOLFSSL_MSG(
"Failed to verify ECC signature");
@@ -32826,16 +34745,23 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->options.side == WOLFSSL_SERVER_END) {
#ifdef HAVE_SUPPORTED_CURVES
byte searched = 0;
- int ret = TLSX_KeyShare_Choose(ssl, extensions, &cs->clientKSE,
- &searched);
+ int ret = TLSX_KeyShare_Choose(ssl, extensions, first, second,
+ &cs->clientKSE, &searched);
if (ret == MEMORY_E) {
WOLFSSL_MSG("TLSX_KeyShare_Choose() failed in "
"VerifyServerSuite() with MEMORY_E");
return 0;
}
- if (cs->clientKSE == NULL && searched)
+ if (cs->clientKSE == NULL && searched) {
+ #ifdef WOLFSSL_SEND_HRR_COOKIE
+ /* If the CH contains a cookie then we need to send an alert to
+ * start from scratch. */
+ if (TLSX_Find(extensions, TLSX_COOKIE) != NULL)
+ return INVALID_PARAMETER;
+ #endif
cs->doHelloRetry = 1;
+ }
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
return ret;
@@ -32844,8 +34770,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return 0; /* not found */
#endif /* HAVE_SUPPORTED_CURVES */
}
- else if (first == TLS13_BYTE || (first == ECC_BYTE &&
- (second == TLS_SHA256_SHA256 || second == TLS_SHA384_SHA384))) {
+ else if ((first == TLS13_BYTE) || ((first == ECC_BYTE) &&
+ ((second == TLS_SHA256_SHA256) ||
+ (second == TLS_SHA384_SHA384))) ||
+ ((first == CIPHER_BYTE) && ((second == TLS_SM4_GCM_SM3) ||
+ (second == TLS_SM4_CCM_SM3)))) {
/* Can't negotiate TLS 1.3 cipher suites with lower protocol
* version. */
return 0;
@@ -32956,6 +34885,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (cs.doHelloRetry) {
+ /* Make sure we don't send HRR twice */
+ if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
+ return INVALID_PARAMETER;
ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
return TLSX_KeyShare_SetSupported(ssl, &ssl->extensions);
}
@@ -33195,19 +35127,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
* session ticket validation check in TLS1.2 and below, define
* WOLFSSL_NO_TICKET_EXPIRE.
*/
- int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites)
+ int HandleTlsResumption(WOLFSSL* ssl, Suites* clSuites)
{
int ret = 0;
WOLFSSL_SESSION* session;
- (void)bogusID;
#ifdef HAVE_SESSION_TICKET
if (ssl->options.useTicket == 1) {
session = ssl->session;
}
- else if (bogusID == 1 && ssl->options.rejectTicket == 0) {
- WOLFSSL_MSG("Bogus session ID without session ticket");
- return BUFFER_ERROR;
- }
else
#endif
{
@@ -33218,14 +35145,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->options.resuming = 0;
return ret;
}
-#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TICKET_EXPIRE) && \
- !defined(NO_ASN_TIME)
+#if !defined(WOLFSSL_NO_TICKET_EXPIRE) && !defined(NO_ASN_TIME)
/* check if the ticket is valid */
if (LowResTimer() > session->bornOn + ssl->timeout) {
- WOLFSSL_MSG("Expired session ticket, fall back to full handshake.");
+ WOLFSSL_MSG("Expired session, fall back to full handshake.");
ssl->options.resuming = 0;
}
-#endif /* HAVE_SESSION_TICKET && !WOLFSSL_NO_TICKET_EXPIRE && !NO_ASN_TIME */
+#endif /* !WOLFSSL_NO_TICKET_EXPIRE && !NO_ASN_TIME */
else if (session->haveEMS != ssl->options.haveEMS) {
/* RFC 7627, 5.3, server-side */
@@ -33316,7 +35242,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 helloSz)
{
byte b;
- byte bogusID = 0; /* flag for a bogus session id */
ProtocolVersion pv;
#ifdef WOLFSSL_SMALL_STACK
Suites* clSuites = NULL;
@@ -33340,9 +35265,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef WOLFSSL_DTLS
/* Update the ssl->options.dtlsStateful setting `if` statement in
* wolfSSL_accept when changing this one. */
- if (IsDtlsNotSctpMode(ssl) && IsDtlsNotSrtpMode(ssl) && !IsSCR(ssl)) {
+ if (IsDtlsNotSctpMode(ssl) && IsDtlsNotSrtpMode(ssl) && !IsSCR(ssl) &&
+ !ssl->options.dtlsStateful) {
DtlsSetSeqNumForReply(ssl);
- ret = DoClientHelloStateless(ssl, input, inOutIdx, helloSz);
+ ret = DoClientHelloStateless(ssl, input + *inOutIdx, helloSz, 0,
+ NULL);
if (ret != 0 || !ssl->options.dtlsStateful) {
int alertType = TranslateErrorToAlert(ret);
if (alertType != invalid_alert) {
@@ -33359,10 +35286,22 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ret = 0;
return ret;
}
+ if (ssl->chGoodCb != NULL) {
+ int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
+ if (cbret < 0) {
+ ssl->error = cbret;
+ WOLFSSL_MSG("ClientHello Good Cb don't continue error");
+ return WOLFSSL_FATAL_ERROR;
+ }
+ }
}
ssl->options.dtlsStateful = 1;
#endif /* WOLFSSL_DTLS */
+ /* Reset to sane value for SCR */
+ ssl->options.resuming = 0;
+ ssl->arrays->sessionIDSz = 0;
+
/* protocol version, random and session id length check */
if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
return BUFFER_ERROR;
@@ -33498,6 +35437,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
WOLFSSL_OP_NO_SSLv3) {
WOLFSSL_MSG("\tError, option set to not allow SSLv3");
ret = VERSION_ERROR;
+#ifdef WOLFSSL_EXTRA_ALERTS
+ SendAlert(ssl, alert_fatal, wolfssl_alert_protocol_version);
+#endif
goto out;
}
@@ -33551,31 +35493,26 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* session id */
b = input[i++];
-
-#ifdef HAVE_SESSION_TICKET
- if (b > 0 && b < ID_LEN) {
- bogusID = 1;
- WOLFSSL_MSG("Client sent bogus session id, let's allow for echo");
+ if (b > ID_LEN) {
+ WOLFSSL_MSG("Invalid session ID size");
+ ret = BUFFER_ERROR; /* session ID greater than 32 bytes long */
+ goto out;
}
-#endif
-
- if (b == ID_LEN || bogusID) {
+ else if (b > 0 && !IsSCR(ssl)) {
if ((i - begin) + b > helloSz) {
ret = BUFFER_ERROR;
goto out;
}
+ /* Always save session ID in case we want to echo it. */
XMEMCPY(ssl->arrays->sessionID, input + i, b);
ssl->arrays->sessionIDSz = b;
- i += b;
- ssl->options.resuming = 1; /* client wants to resume */
+
+ if (b == ID_LEN)
+ ssl->options.resuming = 1; /* client wants to resume */
WOLFSSL_MSG("Client wants to resume session");
}
- else if (b) {
- WOLFSSL_MSG("Invalid session ID size");
- ret = BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */
- goto out;
- }
+ i += b;
#ifdef WOLFSSL_DTLS
/* cookie */
@@ -33854,7 +35791,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* ProcessOld uses same resume code */
if (ssl->options.resuming) {
- ret = HandleTlsResumption(ssl, bogusID, clSuites);
+ ret = HandleTlsResumption(ssl, clSuites);
if (ret != 0)
goto out;
@@ -33890,6 +35827,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
#ifdef OPENSSL_EXTRA
+ ssl->clSuites = clSuites;
/* Give user last chance to provide a cert for cipher selection */
if (ret == 0 && ssl->ctx->certSetupCb != NULL)
ret = CertSetupCbWrapper(ssl);
@@ -33913,7 +35851,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
out:
-
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+ ssl->clSuites = NULL;
+#endif
#ifdef WOLFSSL_SMALL_STACK
if (clSuites != NULL)
XFREE(clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
@@ -33977,7 +35917,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args = (DcvArgs*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_dcv;
@@ -34030,8 +35970,17 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->sigAlgo = rsa_sa_algo;
#endif
#ifdef HAVE_ECC
- else if (ssl->peerEccDsaKeyPresent)
- args->sigAlgo = ecc_dsa_sa_algo;
+ else if (ssl->peerEccDsaKeyPresent) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->peerEccDsaKey->dp->id == ECC_SM2P256V1) {
+ args->sigAlgo = sm2_sa_algo;
+ }
+ else
+ #endif
+ {
+ args->sigAlgo = ecc_dsa_sa_algo;
+ }
+ }
#endif
#if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)
else if (ssl->peerEd25519KeyPresent)
@@ -34064,6 +36013,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
SetDigest(ssl, sha_mac);
#elif !defined(NO_SHA256)
SetDigest(ssl, sha256_mac);
+ #elif defined(WOLFSSL_SM3)
+ SetDigest(ssl, sm3_mac);
#elif defined(WOLFSSL_SHA384)
SetDigest(ssl, sha384_mac);
#elif defined(WOLFSSL_SHA512)
@@ -34073,7 +36024,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
if (IsAtLeastTLSv1_2(ssl)) {
- if (args->sigAlgo != ecc_dsa_sa_algo) {
+ if (args->sigAlgo != ecc_dsa_sa_algo
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ && args->sigAlgo != sm2_sa_algo
+ #endif
+ ) {
WOLFSSL_MSG("Oops, peer sent ECC key but not in verify");
}
@@ -34140,16 +36095,35 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ssl->peerEccDsaKeyPresent) {
WOLFSSL_MSG("Doing ECC peer cert verify");
- ret = EccVerify(ssl,
- input + args->idx, args->sz,
- ssl->buffers.digest.buffer, ssl->buffers.digest.length,
- ssl->peerEccDsaKey,
- #ifdef HAVE_PK_CALLBACKS
- &ssl->buffers.peerEccDsaKey
- #else
- NULL
- #endif
- );
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (args->sigAlgo == sm2_sa_algo) {
+ ret = Sm2wSm3Verify(ssl,
+ TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+ input + args->idx, args->sz,
+ ssl->hsHashes->messages, ssl->hsHashes->prevLen,
+ ssl->peerEccDsaKey,
+ #ifdef HAVE_PK_CALLBACKS
+ &ssl->buffers.peerEccDsaKey
+ #else
+ NULL
+ #endif
+ );
+ }
+ else
+ #endif
+ {
+ ret = EccVerify(ssl,
+ input + args->idx, args->sz,
+ ssl->buffers.digest.buffer,
+ ssl->buffers.digest.length,
+ ssl->peerEccDsaKey,
+ #ifdef HAVE_PK_CALLBACKS
+ &ssl->buffers.peerEccDsaKey
+ #else
+ NULL
+ #endif
+ );
+ }
/* SERVER: Data verified with certificate's public key. */
ssl->options.peerAuthGood = ssl->options.havePeerCert &&
(ret == 0);
@@ -34478,7 +36452,61 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef HAVE_SESSION_TICKET
- /* create a new session ticket, 0 on success */
+#ifdef WOLFSSL_TICKET_HAVE_ID
+ static void GetRealSessionID(WOLFSSL* ssl, const byte** id, byte* idSz)
+ {
+ if (ssl->session->haveAltSessionID) {
+ *id = ssl->session->altSessionID;
+ *idSz = ID_LEN;
+ }
+ else if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
+ *id = ssl->arrays->sessionID;
+ *idSz = ssl->arrays->sessionIDSz;
+ }
+ else {
+ *id = ssl->session->sessionID;
+ *idSz = ssl->session->sessionIDSz;
+ }
+ }
+#endif
+
+ int SetupTicket(WOLFSSL* ssl)
+ {
+ int ret = 0;
+
+ (void)ssl;
+
+#ifdef WOLFSSL_TLS13
+ {
+ /* Client adds to ticket age to obfuscate. */
+ byte ageAdd[AGEADD_LEN]; /* Obfuscation of age */
+ ret = wc_RNG_GenerateBlock(ssl->rng, ageAdd, AGEADD_LEN);
+ if (ret != 0)
+ return ret;
+ ato32(ageAdd, &ssl->session->ticketAdd);
+ }
+#endif
+
+#ifdef WOLFSSL_TICKET_HAVE_ID
+ {
+ const byte* id = NULL;
+ byte idSz = 0;
+
+ GetRealSessionID(ssl, &id, &idSz);
+ if (idSz == 0) {
+ ret = wc_RNG_GenerateBlock(ssl->rng, ssl->session->altSessionID,
+ ID_LEN);
+ if (ret != 0)
+ return ret;
+ ssl->session->haveAltSessionID = 1;
+ }
+ }
+#endif
+ return ret;
+ }
+
+ /* create a new session ticket, 0 on success
+ * Do any kind of setup in SetupTicket */
int CreateTicket(WOLFSSL* ssl)
{
InternalTicket* it;
@@ -34521,6 +36549,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
if (!ssl->options.tls1_3) {
+ if (ssl->arrays == NULL) {
+ WOLFSSL_MSG("CreateTicket called with null arrays");
+ ret = BAD_FUNC_ARG;
+ goto error;
+ }
XMEMCPY(it->msecret, ssl->arrays->masterSecret, SECRET_LEN);
#ifndef NO_ASN_TIME
c32toa(LowResTimer(), it->timestamp);
@@ -34539,14 +36572,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
goto error;
}
- /* Client adds to ticket age to obfuscate. */
- ret = wc_RNG_GenerateBlock(ssl->rng, it->ageAdd,
- sizeof(it->ageAdd));
- if (ret != 0) {
- ret = BAD_TICKET_ENCRYPT;
- goto error;
- }
- ato32(it->ageAdd, &ssl->session->ticketAdd);
+ c32toa(ssl->session->ticketAdd, it->ageAdd);
c16toa(ssl->session->namedGroup, it->namedGroup);
#ifdef WOLFSSL_32BIT_MILLI_TIME
c32toa(now, it->timestamp);
@@ -34567,31 +36593,16 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
}
+#ifdef OPENSSL_EXTRA
+ it->sessionCtxSz = ssl->sessionCtxSz;
+ XMEMCPY(it->sessionCtx, ssl->sessionCtx, ID_LEN);
+#endif
+
#ifdef WOLFSSL_TICKET_HAVE_ID
{
const byte* id = NULL;
byte idSz = 0;
- if (ssl->session->haveAltSessionID) {
- id = ssl->session->altSessionID;
- idSz = ID_LEN;
- }
- else if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
- id = ssl->arrays->sessionID;
- idSz = ssl->arrays->sessionIDSz;
- }
- else {
- id = ssl->session->sessionID;
- idSz = ssl->session->sessionIDSz;
- }
- if (idSz == 0) {
- ret = wc_RNG_GenerateBlock(ssl->rng, ssl->session->altSessionID,
- ID_LEN);
- if (ret != 0)
- goto error;
- ssl->session->haveAltSessionID = 1;
- id = ssl->session->altSessionID;
- idSz = ID_LEN;
- }
+ GetRealSessionID(ssl, &id, &idSz);
/* make sure idSz is not larger than ID_LEN */
if (idSz > ID_LEN)
idSz = ID_LEN;
@@ -34619,7 +36630,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (error == 0) {
ret = ssl->ctx->ticketEncCb(ssl, et->key_name, et->iv, et->mac,
1, et->enc_ticket, sizeof(InternalTicket), &encLen,
- ssl->ctx->ticketEncCtx);
+ SSL_TICKET_CTX(ssl));
}
else {
ret = WOLFSSL_TICKET_RET_FATAL;
@@ -34744,7 +36755,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ret = ssl->ctx->ticketEncCb((WOLFSSL*)ssl, et->key_name, et->iv,
et->enc_ticket + inLen, 0,
et->enc_ticket, inLen, &outLen,
- ssl->ctx->ticketEncCtx);
+ SSL_TICKET_CTX(ssl));
}
if (ret != WOLFSSL_TICKET_RET_OK) {
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -34867,6 +36878,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (!FindSuiteSSL(ssl, psk->it->suite))
return -1;
#endif
+#ifdef OPENSSL_EXTRA
+ if (ssl->sessionCtxSz > 0 &&
+ (psk->it->sessionCtxSz != ssl->sessionCtxSz ||
+ XMEMCMP(psk->it->sessionCtx, ssl->sessionCtx,
+ ssl->sessionCtxSz) != 0))
+ return -1;
+#endif
return 0;
}
#endif /* WOLFSSL_SLT13 */
@@ -34999,6 +37017,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
else
XMEMCPY(it->id, sess->sessionID, ID_LEN);
#endif
+#ifdef OPENSSL_EXTRA
+ it->sessionCtxSz = sess->sessionCtxSz;
+ XMEMCPY(it->sessionCtx, sess->sessionCtx, sess->sessionCtxSz);
+#endif
}
@@ -35104,6 +37126,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
default:
psk->decryptRet = PSK_DECRYPT_FAIL;
+ WOLFSSL_LEAVE("DoClientTicket_ex", decryptRet);
return decryptRet;
}
#ifdef WOLFSSL_CHECK_MEM_ZERO
@@ -35119,8 +37142,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(psk->it, sizeof(InternalTicket));
#endif
+ WOLFSSL_LEAVE("DoClientTicket_ex", ret);
return ret;
}
+ WOLFSSL_LEAVE("DoClientTicket_ex", decryptRet);
return decryptRet;
}
#endif /* WOLFSL_TLS13 */
@@ -35130,7 +37155,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
{
int decryptRet = WOLFSSL_TICKET_RET_REJECT;
int ret;
- InternalTicket* it;
+ InternalTicket* it = NULL;
#ifdef WOLFSSL_TLS13
InternalTicket staticIt;
const WOLFSSL_SESSION* sess = NULL;
@@ -35223,6 +37248,9 @@ cleanup:
WOLFSSL_ENTER("SendTicket");
if (ssl->options.createTicket) {
+ ret = SetupTicket(ssl);
+ if (ret != 0)
+ return ret;
ret = CreateTicket(ssl);
if (ret != 0)
return ret;
@@ -35525,6 +37553,75 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz,
return ret;
}
+#elif defined(WOLFSSL_SM4_GCM)
+/* Ticket encryption/decryption implementation.
+ *
+ * @param [in] key Key for encryption/decryption.
+ * @param [in] keyLen Length of key in bytes.
+ * @param [in] iv IV/Nonce for encryption/decryption.
+ * @param [in] aad Additional authentication data.
+ * @param [in] aadSz Length of additional authentication data.
+ * @param [in] in Data to encrypt/decrypt.
+ * @param [in] inLen Length of encrypted data.
+ * @param [out] out Resulting data from encrypt/decrypt.
+ * @param [out] outLen Size of resulting data.
+ * @param [in] tag Authentication tag for encrypted data.
+ * @param [in] heap Dynamic memory allocation data hint.
+ * @param [in] enc 1 when encrypting, 0 when decrypting.
+ * @return 0 on success.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return Other value when encryption/decryption fails.
+ */
+static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz,
+ byte* in, int inLen, byte* out, int* outLen, byte* tag,
+ void* heap, int enc)
+{
+ int ret;
+#ifdef WOLFSSL_SMALL_STACK
+ wc_Sm4* sm4;
+#else
+ wc_Sm4 sm4[1];
+#endif
+
+ (void)heap;
+
+#ifdef WOLFSSL_SMALL_STACK
+ sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sm4 == NULL)
+ return MEMORY_E;
+#endif
+
+ if (enc) {
+ ret = wc_Sm4Init(sm4, NULL, INVALID_DEVID);
+ if (ret == 0) {
+ ret = wc_Sm4GcmSetKey(sm4, key, keyLen);
+ }
+ if (ret == 0) {
+ ret = wc_Sm4GcmEncrypt(sm4, in, out, inLen, iv, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, aadSz);
+ }
+ wc_Sm4Free(sm4);
+ }
+ else {
+ ret = wc_Sm4Init(sm4, NULL, INVALID_DEVID);
+ if (ret == 0) {
+ ret = wc_Sm4GcmSetKey(sm4, key, keyLen);
+ }
+ if (ret == 0) {
+ ret = wc_Sm4GcmDecrypt(sm4, in, out, inLen, iv, GCM_NONCE_MID_SZ,
+ tag, SM$_BLOCK_SIZE, aad, aadSz);
+ }
+ wc_Sm4Free(sm4);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(sm4, heap, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+ *outLen = inLen;
+
+ return ret;
+}
#else
#error "No encryption algorithm available for default ticket encryption."
#endif
@@ -35587,7 +37684,7 @@ static int TicketEncCbCtx_ChooseKey(TicketEncCbCtx* keyCtx, int ticketHint,
/* Default Session Ticket encryption/decryption callback.
*
- * Use ChaCha20-Poly1305 or AES-GCM to encrypt/decrypt the ticket.
+ * Use ChaCha20-Poly1305, AES-GCM or SM4-GCM to encrypt/decrypt the ticket.
* Two keys are used:
* - When the first expires for encryption, then use the other.
* - Don't encrypt with key if the ticket lifetime will go beyond expirary.
@@ -35972,7 +38069,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
args = (DckeArgs*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_dcke;
@@ -36726,6 +38823,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
case rsa_kea:
{
RsaKey* key = (RsaKey*)ssl->hsKey;
+ int lenErrMask;
ret = RsaDec(ssl,
input + args->idx,
@@ -36751,7 +38849,9 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
if (ret == BAD_FUNC_ARG)
goto exit_dcke;
- args->lastErr = ret - (SECRET_LEN - args->sigSz);
+ lenErrMask = 0 - (SECRET_LEN != args->sigSz);
+ args->lastErr = (ret & (~lenErrMask)) |
+ (RSA_PAD_E & lenErrMask);
ret = 0;
break;
} /* rsa_kea */
@@ -37185,6 +39285,13 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
int ad = 0;
int sniRet = 0;
int ret = 0;
+
+ /* OpenSSL defaults alert to SSL_AD_UNRECOGNIZED_NAME, use this if
+ WOLFSSL_EXTRA_ALERTS is defined, indicating user is OK with
+ potential information disclosure from alerts. */
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EXTRA_ALERTS)
+ ad = SSL_AD_UNRECOGNIZED_NAME;
+#endif
/* Stunnel supports a custom sni callback to switch an SSL's ctx
* when SNI is received. Call it now if exists */
if(ssl && ssl->ctx && ssl->ctx->sniRecvCb) {
@@ -37231,22 +39338,31 @@ int wolfSSL_AsyncPop(WOLFSSL* ssl, byte* state)
event = &asyncDev->event;
ret = wolfAsync_EventPop(event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL);
- if (ret != WC_NOT_PENDING_E && ret != WC_PENDING_E) {
-
+ if (ret != WC_NO_PENDING_E && ret != WC_PENDING_E) {
/* advance key share state if doesn't need called again */
if (state && (asyncDev->event.flags & WC_ASYNC_FLAG_CALL_AGAIN) == 0) {
(*state)++;
}
-
- /* clear event */
+ /* clear event and async device */
XMEMSET(&asyncDev->event, 0, sizeof(WOLF_EVENT));
-
- /* clear async dev */
ssl->asyncDev = NULL;
}
+ /* for crypto or PK callback, if pending remove from queue */
+ #if (defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS)) && \
+ !defined(WOLFSSL_ASYNC_CRYPT_SW) && !defined(HAVE_INTEL_QA) && \
+ !defined(HAVE_CAVIUM)
+ else if (ret == WC_PENDING_E) {
+ /* Allow the underlying crypto API to be called again to trigger the
+ * crypto or PK callback. The actual callback must be called, since
+ * the completion is not detected in the poll like Intel QAT or
+ * Nitrox */
+ ret = wolfEventQueue_Remove(&ssl->ctx->event_queue, event);
+
+ }
+ #endif
}
else {
- ret = WC_NOT_PENDING_E;
+ ret = WC_NO_PENDING_E;
}
WOLFSSL_LEAVE("wolfSSL_AsyncPop", ret);
@@ -37763,6 +39879,139 @@ int wolfSSL_sk_BY_DIR_entry_push(WOLF_STACK_OF(WOLFSSL_BY_DIR_entry)* sk,
#endif /* OPENSSL_ALL */
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+
+/*
+ * Converts a DER formatted certificate to a SecCertificateRef
+ *
+ * @param derCert pointer to the DER formatted certificate
+ * @param derLen length of the DER formatted cert, in bytes
+ *
+ * @return The newly created SecCertificateRef. Must be freed by caller when
+ * no longer in use
+ */
+static SecCertificateRef ConvertToSecCertificateRef(const byte* derCert,
+ int derLen)
+{
+ CFDataRef derData = NULL;
+ SecCertificateRef secCert = NULL;
+
+ WOLFSSL_ENTER("ConvertToSecCertificateRef");
+
+ /* Create a CFDataRef from the DER encoded certificate */
+ derData = CFDataCreate(kCFAllocatorDefault, derCert, derLen);
+ if (!derData) {
+ WOLFSSL_MSG("Error: can't create CFDataRef object for DER cert");
+ goto cleanup;
+ }
+
+ /* Create a SecCertificateRef from the CFDataRef */
+ secCert = SecCertificateCreateWithData(kCFAllocatorDefault, derData);
+ if (!secCert) {
+ WOLFSSL_MSG("Error: can't create SecCertificateRef from CFDataRef");
+ goto cleanup;
+ }
+
+cleanup:
+ if (derData) {
+ CFRelease(derData);
+ }
+
+ WOLFSSL_LEAVE("ConvertToSecCertificateRef", !!secCert);
+
+ return secCert;
+}
+
+
+/*
+ * Validates a chain of certificates using the Apple system trust APIs
+ *
+ * @param certs pointer to the certificate chain to validate
+ * @param totalCerts the number of certificates in certs
+ *
+ * @return 1 if chain is valid and trusted
+ * @return 0 if chain is invalid or untrusted
+ *
+ * As of MacOS 14.0 we are still able to access system certificates and load
+ * them manually into wolfSSL. For other apple devices, apple has removed the
+ * ability to obtain certificates from the trust store, so we can't use
+ * wolfSSL's built-in certificate validation mechanisms anymore. We instead
+ * must call into the Security Framework APIs to authenticate peer certificates
+ */
+static int DoAppleNativeCertValidation(const WOLFSSL_BUFFER_INFO* certs,
+ int totalCerts)
+{
+ int i;
+ int ret;
+ OSStatus status;
+ CFMutableArrayRef certArray = NULL;
+ SecCertificateRef secCert = NULL;
+ SecTrustRef trust = NULL;
+ SecPolicyRef policy = NULL ;
+
+ WOLFSSL_ENTER("DoAppleNativeCertValidation");
+
+ certArray = CFArrayCreateMutable(kCFAllocatorDefault,
+ totalCerts,
+ &kCFTypeArrayCallBacks);
+ if (!certArray) {
+ WOLFSSL_MSG("Error: can't allocate CFArray for certificates");
+ ret = 0;
+ goto cleanup;
+ }
+
+ for (i = 0; i < totalCerts; i++) {
+ secCert = ConvertToSecCertificateRef(certs[i].buffer, certs[i].length);
+ if (!secCert) {
+ WOLFSSL_MSG("Error: can't convert DER cert to SecCertificateRef");
+ ret = 0;
+ goto cleanup;
+ }
+ else {
+ CFArrayAppendValue(certArray, secCert);
+ /* Release, since the array now holds the reference */
+ CFRelease(secCert);
+ }
+ }
+
+ /* Create trust object for SecCertifiate Ref */
+ policy = SecPolicyCreateSSL(true, NULL);
+ status = SecTrustCreateWithCertificates(certArray, policy, &trust);
+ if (status != errSecSuccess) {
+ WOLFSSL_MSG_EX("Error creating trust object, "
+ "SecTrustCreateWithCertificates returned %d",status);
+ ret = 0;
+ goto cleanup;
+ }
+
+ /* Evaluate the certificate's authenticity */
+ if (SecTrustEvaluateWithError(trust, NULL) == 1) {
+ WOLFSSL_MSG("Cert chain is trusted");
+ ret = 1;
+ }
+ else {
+ WOLFSSL_MSG("Cert chain trust evaluation failed"
+ "SecTrustEvaluateWithError returned 0");
+ ret = 0;
+ }
+
+ /* Cleanup */
+cleanup:
+ if (certArray) {
+ CFRelease(certArray);
+ }
+ if (trust) {
+ CFRelease(trust);
+ }
+ if (policy) {
+ CFRelease(policy);
+ }
+
+ WOLFSSL_LEAVE("DoAppleNativeCertValidation", ret);
+
+ return ret;
+}
+#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
#undef ERROR_OUT
diff --git a/extra/wolfssl/wolfssl/src/keys.c b/extra/wolfssl/wolfssl/src/keys.c
index 82512793..fa04c4db 100644
--- a/extra/wolfssl/wolfssl/src/keys.c
+++ b/extra/wolfssl/wolfssl/src/keys.c
@@ -38,7 +38,7 @@
#endif
#endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
#endif
@@ -54,7 +54,7 @@ int SetCipherSpecs(WOLFSSL* ssl)
#ifndef NO_TLS
ssl->options.tls = 1;
#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
ssl->hmac = TLS_hmac;
#else
@@ -77,7 +77,7 @@ int SetCipherSpecs(WOLFSSL* ssl)
#if defined(WOLFSSL_DTLS)
if (ssl->options.dtls && ssl->version.major == DTLS_MAJOR) {
#ifndef WOLFSSL_AEAD_ONLY
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
ssl->hmac = TLS_hmac;
#else
@@ -1019,6 +1019,42 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite,
break;
#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ case TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 :
+ specs->bulk_cipher_algorithm = wolfssl_aria_gcm;
+ specs->cipher_type = aead;
+ specs->mac_algorithm = sha256_mac;
+ specs->kea = ecc_diffie_hellman_kea;
+ specs->sig_algo = ecc_dsa_sa_algo;
+ specs->hash_size = WC_SHA256_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = ARIA_128_KEY_SIZE;
+ specs->block_size = ARIA_BLOCK_SIZE;
+ specs->iv_size = AESGCM_IMP_IV_SZ;
+ specs->aead_mac_size = ARIA_GCM_AUTH_SZ;
+
+ break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ case TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 :
+ specs->bulk_cipher_algorithm = wolfssl_aria_gcm;
+ specs->cipher_type = aead;
+ specs->mac_algorithm = sha384_mac;
+ specs->kea = ecc_diffie_hellman_kea;
+ specs->sig_algo = ecc_dsa_sa_algo;
+ specs->hash_size = WC_SHA384_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = ARIA_256_KEY_SIZE;
+ specs->block_size = ARIA_BLOCK_SIZE;
+ specs->iv_size = AESGCM_IMP_IV_SZ;
+ specs->aead_mac_size = ARIA_GCM_AUTH_SZ;
+
+ break;
+#endif
+
#endif /* HAVE_ECC */
#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
@@ -1354,13 +1390,114 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite,
}
}
+ if (cipherSuite0 == SM_BYTE) {
+
+ switch (cipherSuite) {
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ case TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3 :
+ specs->bulk_cipher_algorithm = wolfssl_sm4_cbc;
+ specs->cipher_type = block;
+ specs->mac_algorithm = sm3_mac;
+ specs->kea = ecc_diffie_hellman_kea;
+ specs->sig_algo = sm2_sa_algo;
+ specs->hash_size = WC_SM3_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = SM4_KEY_SIZE;
+ specs->iv_size = SM4_IV_SIZE;
+ specs->block_size = SM4_BLOCK_SIZE;
+
+ break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ case TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3 :
+ specs->bulk_cipher_algorithm = wolfssl_sm4_gcm;
+ specs->cipher_type = aead;
+ specs->mac_algorithm = sm3_mac;
+ specs->kea = ecc_diffie_hellman_kea;
+ specs->sig_algo = sm2_sa_algo;
+ specs->hash_size = WC_SM3_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = SM4_KEY_SIZE;
+ specs->block_size = SM4_BLOCK_SIZE;
+ specs->iv_size = GCM_IMP_IV_SZ;
+ specs->aead_mac_size = SM4_GCM_AUTH_SZ;
+
+ break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ case TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3 :
+ specs->bulk_cipher_algorithm = wolfssl_sm4_ccm;
+ specs->cipher_type = aead;
+ specs->mac_algorithm = sm3_mac;
+ specs->kea = ecc_diffie_hellman_kea;
+ specs->sig_algo = sm2_sa_algo;
+ specs->hash_size = WC_SM3_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = SM4_KEY_SIZE;
+ specs->block_size = SM4_BLOCK_SIZE;
+ specs->iv_size = GCM_IMP_IV_SZ;
+ specs->aead_mac_size = SM4_CCM_AUTH_SZ;
+
+ break;
+#endif
+
+ default:
+ break;
+ }
+ }
if (cipherSuite0 != ECC_BYTE &&
cipherSuite0 != ECDHE_PSK_BYTE &&
cipherSuite0 != CHACHA_BYTE &&
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+ (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+ defined(WOLFSSL_SM4_CCM))
+ cipherSuite0 != SM_BYTE &&
+#endif
cipherSuite0 != TLS13_BYTE) { /* normal suites */
switch (cipherSuite) {
+#ifdef BUILD_TLS_SM4_GCM_SM3
+ case TLS_SM4_GCM_SM3 :
+ specs->bulk_cipher_algorithm = wolfssl_sm4_gcm;
+ specs->cipher_type = aead;
+ specs->mac_algorithm = sm3_mac;
+ specs->kea = 0;
+ specs->sig_algo = 0;
+ specs->hash_size = WC_SM3_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = SM4_KEY_SIZE;
+ specs->block_size = SM4_BLOCK_SIZE;
+ specs->iv_size = SM4_GCM_NONCE_SZ;
+ specs->aead_mac_size = SM4_GCM_AUTH_SZ;
+
+ break;
+#endif
+
+#ifdef BUILD_TLS_SM4_CCM_SM3
+ case TLS_SM4_CCM_SM3 :
+ specs->bulk_cipher_algorithm = wolfssl_sm4_ccm;
+ specs->cipher_type = aead;
+ specs->mac_algorithm = sm3_mac;
+ specs->kea = 0;
+ specs->sig_algo = 0;
+ specs->hash_size = WC_SM3_DIGEST_SIZE;
+ specs->pad_size = PAD_SHA;
+ specs->static_ecdh = 0;
+ specs->key_size = SM4_KEY_SIZE;
+ specs->block_size = SM4_BLOCK_SIZE;
+ specs->iv_size = SM4_CCM_NONCE_SZ;
+ specs->aead_mac_size = SM4_CCM_AUTH_SZ;
+
+ break;
+#endif
+
#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
case SSL_RSA_WITH_RC4_128_SHA :
specs->bulk_cipher_algorithm = wolfssl_rc4;
@@ -2728,6 +2865,106 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
}
#endif /* HAVE_AESCCM */
+#ifdef HAVE_ARIA
+ /* check that buffer sizes are sufficient */
+ #if (MAX_WRITE_IV_SZ < 16) /* AES_IV_SIZE */
+ #error MAX_WRITE_IV_SZ too small for AES
+ #endif
+
+ if (specs->bulk_cipher_algorithm == wolfssl_aria_gcm) {
+ int ret = 0;
+ MC_ALGID algo;
+
+ switch(specs->key_size) {
+ case ARIA_128_KEY_SIZE:
+ algo = MC_ALGID_ARIA_128BITKEY;
+ break;
+ case ARIA_192_KEY_SIZE:
+ algo = MC_ALGID_ARIA_192BITKEY;
+ break;
+ case ARIA_256_KEY_SIZE:
+ algo = MC_ALGID_ARIA_256BITKEY;
+ break;
+ default:
+ return WOLFSSL_NOT_IMPLEMENTED; /* This should never happen */
+ }
+
+ if (enc) {
+ if (enc->aria == NULL) {
+ enc->aria = (wc_Aria*)XMALLOC(sizeof(wc_Aria), heap, DYNAMIC_TYPE_CIPHER);
+ if (enc->aria == NULL)
+ return MEMORY_E;
+ } else {
+ wc_AriaFreeCrypt(enc->aria);
+ }
+
+ XMEMSET(enc->aria, 0, sizeof(wc_Aria));
+ if (wc_AriaInitCrypt(enc->aria, algo) != 0) {
+ WOLFSSL_MSG("AriaInit failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+ if (dec) {
+ if (dec->aria == NULL) {
+ dec->aria = (wc_Aria*)XMALLOC(sizeof(wc_Aria), heap, DYNAMIC_TYPE_CIPHER);
+ if (dec->aria == NULL)
+ return MEMORY_E;
+ } else {
+ wc_AriaFreeCrypt(dec->aria);
+ }
+
+ XMEMSET(dec->aria, 0, sizeof(wc_Aria));
+ if (wc_AriaInitCrypt(dec->aria, algo) != 0) {
+ WOLFSSL_MSG("AriaInit failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+
+ if (side == WOLFSSL_CLIENT_END) {
+ if (enc) {
+ ret = wc_AriaSetKey(enc->aria, keys->client_write_key);
+ if (ret != 0) return ret;
+ XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+ AEAD_MAX_IMP_SZ);
+ if (!tls13) {
+ ret = wc_AriaGcmSetIV(enc->aria, AESGCM_NONCE_SZ,
+ keys->client_write_IV, AESGCM_IMP_IV_SZ, rng);
+ if (ret != 0) return ret;
+ }
+ }
+ if (dec) {
+ ret = wc_AriaSetKey(dec->aria, keys->server_write_key);
+ if (ret != 0) return ret;
+ XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ }
+ else {
+ if (enc) {
+ ret = wc_AriaSetKey(enc->aria, keys->server_write_key);
+ if (ret != 0) return ret;
+ XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+ AEAD_MAX_IMP_SZ);
+ if (!tls13) {
+ ret = wc_AriaGcmSetIV(enc->aria, AESGCM_NONCE_SZ,
+ keys->server_write_IV, AESGCM_IMP_IV_SZ, rng);
+ if (ret != 0) return ret;
+ }
+ }
+ if (dec) {
+ ret = wc_AriaSetKey(dec->aria, keys->client_write_key);
+ if (ret != 0) return ret;
+ XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ }
+ if (enc)
+ enc->setup = 1;
+ if (dec)
+ dec->setup = 1;
+ }
+#endif /* HAVE_ARIA */
+
#ifdef HAVE_CAMELLIA
/* check that buffer sizes are sufficient */
#if (MAX_WRITE_IV_SZ < 16) /* CAMELLIA_IV_SIZE */
@@ -2780,6 +3017,284 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
}
#endif /* HAVE_CAMELLIA */
+#ifdef WOLFSSL_SM4_CBC
+ /* check that buffer sizes are sufficient */
+ #if (MAX_WRITE_IV_SZ < 16) /* AES_IV_SIZE */
+ #error MAX_WRITE_IV_SZ too small for SM4_CBC
+ #endif
+
+ if (specs->bulk_cipher_algorithm == wolfssl_sm4_cbc) {
+ int sm4Ret = 0;
+
+ if (enc) {
+ if (enc->sm4 == NULL) {
+ enc->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+ DYNAMIC_TYPE_CIPHER);
+ if (enc->sm4 == NULL)
+ return MEMORY_E;
+ }
+ else {
+ wc_Sm4Free(enc->sm4);
+ }
+
+ XMEMSET(enc->sm4, 0, sizeof(wc_Sm4));
+ }
+ if (dec) {
+ if (dec->sm4 == NULL) {
+ dec->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+ DYNAMIC_TYPE_CIPHER);
+ if (dec->sm4 == NULL)
+ return MEMORY_E;
+ }
+ else {
+ wc_Sm4Free(dec->sm4);
+ }
+
+ XMEMSET(dec->sm4, 0, sizeof(wc_Sm4));
+ }
+ if (enc) {
+ if (wc_Sm4Init(enc->sm4, heap, devId) != 0) {
+ WOLFSSL_MSG("Sm4Init failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+ if (dec) {
+ if (wc_Sm4Init(dec->sm4, heap, devId) != 0) {
+ WOLFSSL_MSG("Sm4Init failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+
+ if (side == WOLFSSL_CLIENT_END) {
+ if (enc) {
+ sm4Ret = wc_Sm4SetKey(enc->sm4, keys->client_write_key,
+ specs->key_size);
+ if (sm4Ret != 0) return sm4Ret;
+ sm4Ret = wc_Sm4SetIV(enc->sm4, keys->client_write_IV);
+ if (sm4Ret != 0) return sm4Ret;
+ }
+ if (dec) {
+ sm4Ret = wc_Sm4SetKey(dec->sm4, keys->server_write_key,
+ specs->key_size);
+ if (sm4Ret != 0) return sm4Ret;
+ sm4Ret = wc_Sm4SetIV(dec->sm4, keys->server_write_IV);
+ if (sm4Ret != 0) return sm4Ret;
+ }
+ }
+ else {
+ if (enc) {
+ sm4Ret = wc_Sm4SetKey(enc->sm4, keys->server_write_key,
+ specs->key_size);
+ if (sm4Ret != 0) return sm4Ret;
+ sm4Ret = wc_Sm4SetIV(enc->sm4, keys->server_write_IV);
+ if (sm4Ret != 0) return sm4Ret;
+ }
+ if (dec) {
+ sm4Ret = wc_Sm4SetKey(dec->sm4, keys->client_write_key,
+ specs->key_size);
+ if (sm4Ret != 0) return sm4Ret;
+ sm4Ret = wc_Sm4SetIV(dec->sm4, keys->client_write_IV);
+ if (sm4Ret != 0) return sm4Ret;
+ }
+ }
+ if (enc)
+ enc->setup = 1;
+ if (dec)
+ dec->setup = 1;
+ }
+#endif /* WOLFSSL_SM4_CBC */
+
+#ifdef WOLFSSL_SM4_GCM
+ /* check that buffer sizes are sufficient */
+ #if (AEAD_MAX_IMP_SZ < 4) /* SM4-GCM_IMP_IV_SZ */
+ #error AEAD_MAX_IMP_SZ too small for SM4-GCM
+ #endif
+ #if (AEAD_MAX_EXP_SZ < 8) /* SM4-GCM_EXP_IV_SZ */
+ #error AEAD_MAX_EXP_SZ too small for SM4-GCM
+ #endif
+ #if (MAX_WRITE_IV_SZ < 4) /* SM4-GCM_IMP_IV_SZ */
+ #error MAX_WRITE_IV_SZ too small for SM4-GCM
+ #endif
+
+ if (specs->bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+ int gcmRet;
+
+ if (enc) {
+ if (enc->sm4 == NULL) {
+ enc->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+ DYNAMIC_TYPE_CIPHER);
+ if (enc->sm4 == NULL)
+ return MEMORY_E;
+ } else {
+ wc_Sm4Free(enc->sm4);
+ }
+
+ XMEMSET(enc->sm4, 0, sizeof(wc_Sm4));
+ }
+ if (dec) {
+ if (dec->sm4 == NULL) {
+ dec->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+ DYNAMIC_TYPE_CIPHER);
+ if (dec->sm4 == NULL)
+ return MEMORY_E;
+ } else {
+ wc_Sm4Free(dec->sm4);
+ }
+
+ XMEMSET(dec->sm4, 0, sizeof(wc_Sm4));
+ }
+
+ if (enc) {
+ if (wc_Sm4Init(enc->sm4, heap, devId) != 0) {
+ WOLFSSL_MSG("Sm4Init failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+ if (dec) {
+ if (wc_Sm4Init(dec->sm4, heap, devId) != 0) {
+ WOLFSSL_MSG("Sm4Init failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+
+ if (side == WOLFSSL_CLIENT_END) {
+ if (enc) {
+ gcmRet = wc_Sm4GcmSetKey(enc->sm4, keys->client_write_key,
+ specs->key_size);
+ if (gcmRet != 0) return gcmRet;
+ XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ if (dec) {
+ gcmRet = wc_Sm4GcmSetKey(dec->sm4, keys->server_write_key,
+ specs->key_size);
+ if (gcmRet != 0) return gcmRet;
+ XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ }
+ else {
+ if (enc) {
+ gcmRet = wc_Sm4GcmSetKey(enc->sm4, keys->server_write_key,
+ specs->key_size);
+ if (gcmRet != 0) return gcmRet;
+ XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ if (dec) {
+ gcmRet = wc_Sm4GcmSetKey(dec->sm4, keys->client_write_key,
+ specs->key_size);
+ if (gcmRet != 0) return gcmRet;
+ XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ }
+ if (enc)
+ enc->setup = 1;
+ if (dec)
+ dec->setup = 1;
+ }
+#endif /* WOLFSSL_SM4_GCM */
+
+#ifdef WOLFSSL_SM4_CCM
+ /* check that buffer sizes are sufficient (CCM is same size as GCM) */
+ #if (AEAD_MAX_IMP_SZ < 4) /* SM4-CCM_IMP_IV_SZ */
+ #error AEAD_MAX_IMP_SZ too small for SM4-CCM
+ #endif
+ #if (AEAD_MAX_EXP_SZ < 8) /* SM4-CCM_EXP_IV_SZ */
+ #error AEAD_MAX_EXP_SZ too small for SM4-CCM
+ #endif
+ #if (MAX_WRITE_IV_SZ < 4) /* SM4-CCM_IMP_IV_SZ */
+ #error MAX_WRITE_IV_SZ too small for SM4-CCM
+ #endif
+
+ if (specs->bulk_cipher_algorithm == wolfssl_sm4_ccm) {
+ int CcmRet;
+
+ if (enc) {
+ if (enc->sm4 == NULL) {
+ enc->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+ DYNAMIC_TYPE_CIPHER);
+ if (enc->sm4 == NULL)
+ return MEMORY_E;
+ } else {
+ wc_Sm4Free(enc->sm4);
+ }
+
+ XMEMSET(enc->sm4, 0, sizeof(wc_Sm4));
+ }
+ if (dec) {
+ if (dec->sm4 == NULL) {
+ dec->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+ DYNAMIC_TYPE_CIPHER);
+ if (dec->sm4 == NULL)
+ return MEMORY_E;
+ } else {
+ wc_Sm4Free(dec->sm4);
+ }
+ XMEMSET(dec->sm4, 0, sizeof(wc_Sm4));
+ }
+
+ if (enc) {
+ if (wc_Sm4Init(enc->sm4, heap, devId) != 0) {
+ WOLFSSL_MSG("Sm4Init failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+ if (dec) {
+ if (wc_Sm4Init(dec->sm4, heap, devId) != 0) {
+ WOLFSSL_MSG("Sm4Init failed in SetKeys");
+ return ASYNC_INIT_E;
+ }
+ }
+
+ if (side == WOLFSSL_CLIENT_END) {
+ if (enc) {
+ CcmRet = wc_Sm4SetKey(enc->sm4, keys->client_write_key,
+ specs->key_size);
+ if (CcmRet != 0) {
+ return CcmRet;
+ }
+ XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ if (dec) {
+ CcmRet = wc_Sm4SetKey(dec->sm4, keys->server_write_key,
+ specs->key_size);
+ if (CcmRet != 0) {
+ return CcmRet;
+ }
+ XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ }
+ else {
+ if (enc) {
+ CcmRet = wc_Sm4SetKey(enc->sm4, keys->server_write_key,
+ specs->key_size);
+ if (CcmRet != 0) {
+ return CcmRet;
+ }
+ XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ if (dec) {
+ CcmRet = wc_Sm4SetKey(dec->sm4, keys->client_write_key,
+ specs->key_size);
+ if (CcmRet != 0) {
+ return CcmRet;
+ }
+ XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+ AEAD_MAX_IMP_SZ);
+ }
+ }
+ if (enc)
+ enc->setup = 1;
+ if (dec)
+ dec->setup = 1;
+ }
+#endif /* WOLFSSL_SM4_CCM */
+
#ifdef HAVE_NULL_CIPHER
if (specs->bulk_cipher_algorithm == wolfssl_cipher_null) {
#ifdef WOLFSSL_TLS13
diff --git a/extra/wolfssl/wolfssl/src/ocsp.c b/extra/wolfssl/wolfssl/src/ocsp.c
index 30f5e16a..c56ec22f 100644
--- a/extra/wolfssl/wolfssl/src/ocsp.c
+++ b/extra/wolfssl/wolfssl/src/ocsp.c
@@ -28,6 +28,13 @@
#include <wolfssl/wolfcrypt/settings.h>
+/*
+ * WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK:
+ * Disable looking for an authorized responder in the verification path of
+ * the issuer. This will make the authorized responder only look at the
+ * OCSP response signer and direct issuer.
+ */
+
#ifndef WOLFCRYPT_ONLY
#ifdef HAVE_OCSP
@@ -135,7 +142,7 @@ static int xstat2err(int st)
}
}
-int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuffer, WOLFSSL* ssl)
+int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, WOLFSSL* ssl)
{
int ret = OCSP_LOOKUP_FAIL;
@@ -160,7 +167,7 @@ int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuff
if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce,
ocsp->cm->heap) == 0) {
ocspRequest->ssl = ssl;
- ret = CheckOcspRequest(ocsp, ocspRequest, responseBuffer);
+ ret = CheckOcspRequest(ocsp, ocspRequest, NULL, NULL);
FreeOcspRequest(ocspRequest);
}
@@ -172,9 +179,9 @@ int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuff
WOLFSSL_LEAVE("CheckCertOCSP", ret);
return ret;
}
-int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuffer)
+int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
{
- return CheckCertOCSP_ex(ocsp, cert, responseBuffer, NULL);
+ return CheckCertOCSP_ex(ocsp, cert, NULL);
}
static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
@@ -217,12 +224,14 @@ static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
* Returns OCSP status
*/
static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
- OcspEntry* entry, CertStatus** status, buffer* responseBuffer)
+ OcspEntry* entry, CertStatus** status, buffer* responseBuffer,
+ void* heap)
{
int ret = OCSP_INVALID_STATUS;
WOLFSSL_ENTER("GetOcspStatus");
+ (void)heap;
*status = NULL;
if (wc_LockMutex(&ocsp->ocspLock) != 0) {
@@ -252,7 +261,8 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
if (responseBuffer) {
responseBuffer->buffer = (byte*)XMALLOC(
- (*status)->rawOcspResponseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ (*status)->rawOcspResponseSz, heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
if (responseBuffer->buffer) {
responseBuffer->length = (*status)->rawOcspResponseSz;
@@ -277,11 +287,13 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
* reponseBuffer Buffer object to return the response with.
* status The certificate status object.
* entry The OCSP entry for this certificate.
+ * ocspRequest Request corresponding to response.
+ * heap Heap hint used for responseBuffer
* returns OCSP_LOOKUP_FAIL when the response is bad and 0 otherwise.
*/
int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
- OcspEntry *entry, OcspRequest *ocspRequest)
+ OcspEntry *entry, OcspRequest *ocspRequest, void* heap)
{
#ifdef WOLFSSL_SMALL_STACK
CertStatus* newStatus;
@@ -295,6 +307,8 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
int ret;
int validated = 0; /* ocsp validation flag */
+ (void)heap;
+
#ifdef WOLFSSL_SMALL_STACK
newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
DYNAMIC_TYPE_OCSP_STATUS);
@@ -336,7 +350,7 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
}
if (responseBuffer) {
- responseBuffer->buffer = (byte*)XMALLOC(responseSz, ocsp->cm->heap,
+ responseBuffer->buffer = (byte*)XMALLOC(responseSz, heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (responseBuffer->buffer) {
@@ -395,10 +409,14 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
end:
if (ret == 0 && validated == 1) {
WOLFSSL_MSG("New OcspResponse validated");
- } else if ((ret == ocsp->error) && (ocspResponse->single->status->status == CERT_UNKNOWN)) {
+ }
+ else if (ret == OCSP_CERT_REVOKED) {
+ WOLFSSL_MSG("OCSP revoked");
+ }
+ else if (ret == OCSP_CERT_UNKNOWN) {
WOLFSSL_MSG("OCSP unknown");
- ret = OCSP_CERT_UNKNOWN;
- } else if (ret != OCSP_CERT_REVOKED) {
+ }
+ else {
WOLFSSL_MSG("OCSP lookup failure");
ret = OCSP_LOOKUP_FAIL;
}
@@ -418,7 +436,7 @@ end:
#define OCSP_MAX_REQUEST_SZ 2048
#endif
int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
- buffer* responseBuffer)
+ buffer* responseBuffer, void* heap)
{
OcspEntry* entry = NULL;
CertStatus* status = NULL;
@@ -446,10 +464,16 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
if (ret != 0)
return ret;
- ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer);
+ ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer,
+ heap);
if (ret != OCSP_INVALID_STATUS)
return ret;
+ if (responseBuffer) {
+ XFREE(responseBuffer->buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
+ responseBuffer->buffer = NULL;
+ }
+
/* get SSL and IOCtx */
ssl = (WOLFSSL*)ocspRequest->ssl;
ioCtx = (ssl && ssl->ocspIOCtx != NULL) ?
@@ -457,16 +481,26 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
if (ocsp->statusCb != NULL && ssl != NULL) {
+ WOLFSSL_MSG("Calling ocsp->statusCb");
ret = ocsp->statusCb(ssl, ioCtx);
- if (ret == 0) {
- ret = wolfSSL_get_ocsp_response(ssl, &response);
- ret = CheckOcspResponse(ocsp, response, ret, responseBuffer, status,
- entry, NULL);
- if (response != NULL)
- XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
- return ret;
+ switch (ret) {
+ case SSL_TLSEXT_ERR_OK:
+ ret = wolfSSL_get_ocsp_response(ssl, &response);
+ ret = CheckOcspResponse(ocsp, response, ret, responseBuffer,
+ status, entry, NULL, heap);
+ if (response != NULL)
+ XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
+ break;
+ case SSL_TLSEXT_ERR_NOACK:
+ ret = OCSP_LOOKUP_FAIL;
+ break;
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ default:
+ WOLFSSL_LEAVE("CheckOcspRequest", ocsp->error);
+ ret = WOLFSSL_FATAL_ERROR;
+ break;
}
- WOLFSSL_LEAVE("CheckOcspRequest", ocsp->error);
+ WOLFSSL_LEAVE("CheckOcspRequest", ret);
return ret;
}
#endif
@@ -491,10 +525,6 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
request = (byte*)XMALLOC(requestSz, ocsp->cm->heap, DYNAMIC_TYPE_OCSP);
if (request == NULL) {
WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
- if (responseBuffer) {
- XFREE(responseBuffer->buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- responseBuffer->buffer = NULL;
- }
return MEMORY_ERROR;
}
@@ -511,7 +541,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
if (responseSz >= 0 && response) {
ret = CheckOcspResponse(ocsp, response, responseSz, responseBuffer, status,
- entry, ocspRequest);
+ entry, ocspRequest, heap);
}
if (response != NULL && ocsp->cm->ocspRespFreeCb)
@@ -523,9 +553,104 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
return ret;
}
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
+static int CheckOcspResponderChain(OcspEntry* single, DecodedCert *cert,
+ void* vp) {
+ /* Attempt to build a chain up to cert's issuer */
+ WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
+ Signer* ca = NULL;
+ Signer* prev = NULL;
+ int passed = 0;
+
+ /*
+ * Relation between certs:
+ * CA
+ * / \
+ * intermediate(s) cert in OCSP response
+ * | with OCSP key usage ext
+ * issuer of cert
+ * in OCSP request
+ */
+
+ /* End loop if no more issuers found or if we have found a self
+ * signed cert (ca == prev) */
+ for (ca = GetCAByName(cm, single->issuerHash); ca != NULL && ca != prev;
+ prev = ca, ca = GetCAByName(cm, ca->issuerNameHash)) {
+ if (XMEMCMP(cert->issuerHash, ca->issuerNameHash,
+ OCSP_DIGEST_SIZE) == 0) {
+ WOLFSSL_MSG("\tOCSP Response signed by authorized "
+ "responder delegated by issuer "
+ "(found in chain)");
+ passed = 1;
+ break;
+ }
+ }
+ return passed;
+}
+#endif
+
+/**
+ * Enforce https://www.rfc-editor.org/rfc/rfc6960#section-4.2.2.2
+ * @param bs The basic response to verify
+ * @param cert The decoded bs->cert
+ * @return
+ */
+int CheckOcspResponder(OcspResponse *bs, DecodedCert *cert, void* vp)
+{
+ int ret = 0;
+ OcspEntry* single;
+
+ /* Both evaluate to enum values so can't use a pre-processor check */
+ WOLFSSL_ASSERT_EQ(OCSP_DIGEST_SIZE, SIGNER_DIGEST_SIZE);
+
+ (void)vp;
+
+ WOLFSSL_ENTER("CheckOcspResponder");
+
+ /* In the future if this API is used more then it could be beneficial to
+ * implement calling InitDecodedCert and ParseCertRelative here
+ * automatically when cert == NULL. */
+ if (bs == NULL || cert == NULL)
+ return BAD_FUNC_ARG;
+
+ /* Traverse the list and check that the cert has the authority to provide
+ * an OCSP response for each entry. */
+ for (single = bs->single; single != NULL; single = single->next) {
+ int passed = 0;
+
+ if (XMEMCMP(cert->subjectHash, single->issuerHash, OCSP_DIGEST_SIZE)
+ == 0) {
+ WOLFSSL_MSG("\tOCSP Response signed by issuer");
+ passed = 1;
+ }
+ else if ((cert->extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) != 0) {
+ if (XMEMCMP(cert->issuerHash, single->issuerHash,
+ OCSP_DIGEST_SIZE) == 0) {
+ WOLFSSL_MSG("\tOCSP Response signed by authorized responder "
+ "delegated by issuer");
+ passed = 1;
+ }
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
+ else if (vp != NULL) {
+ passed = CheckOcspResponderChain(single, cert, vp);
+ }
+#endif
+ }
+
+ if (!passed) {
+ WOLFSSL_MSG("\tOCSP Responder not authorized");
+#ifdef OPENSSL_EXTRA
+ bs->verifyError = OCSP_BAD_ISSUER;
+#endif
+ ret = BAD_OCSP_RESPONDER;
+ break;
+ }
+ }
+ return ret;
+}
+
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
-
int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
WOLFSSL_OCSP_CERTID* id, int* status, int* reason,
WOLFSSL_ASN1_TIME** revtime, WOLFSSL_ASN1_TIME** thisupd,
@@ -659,6 +784,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
InitDecodedCert(cert, subject->derCert->buffer,
subject->derCert->length, NULL);
if (ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm) != 0) {
+ FreeDecodedCert(cert);
goto out;
}
else {
@@ -676,11 +802,12 @@ out:
if (ret != 0) {
if (derCert != NULL)
FreeDer(&derCert);
- if (certId != NULL)
+ if (certId != NULL) {
XFREE(certId, cm->heap, DYNAMIC_TYPE_OPENSSL);
+ certId = NULL;
+ }
if (certStatus)
XFREE(certStatus, cm->heap, DYNAMIC_TYPE_OPENSSL);
- return NULL;
}
#ifdef WOLFSSL_SMALL_STACK
@@ -704,38 +831,60 @@ void wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP* basicResponse)
int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags)
{
- int ret;
+ int ret = WOLFSSL_FAILURE;
#ifdef WOLFSSL_SMALL_STACK
- DecodedCert *cert = (DecodedCert *)
- XMALLOC(sizeof(*cert), (st && st->cm) ? st->cm->heap : NULL,
- DYNAMIC_TYPE_DCERT);
- if (cert == NULL)
- return WOLFSSL_FAILURE;
+ DecodedCert *cert;
#else
DecodedCert cert[1];
#endif
+ byte certInit = 0;
+ int idx;
(void)certs;
- if (flags & OCSP_NOVERIFY) {
- ret = WOLFSSL_SUCCESS;
- goto out;
- }
+ if (flags & OCSP_NOVERIFY)
+ return WOLFSSL_SUCCESS;
+
+#ifdef WOLFSSL_SMALL_STACK
+ cert = (DecodedCert *)
+ XMALLOC(sizeof(*cert), (st && st->cm) ? st->cm->heap : NULL,
+ DYNAMIC_TYPE_DCERT);
+ if (cert == NULL)
+ return WOLFSSL_FAILURE;
+#endif
#ifdef OPENSSL_EXTRA
- if (bs->verifyError != OCSP_VERIFY_ERROR_NONE) {
- ret = WOLFSSL_FAILURE;
+ if (bs->verifyError != OCSP_VERIFY_ERROR_NONE)
goto out;
- }
#endif
- ret = WOLFSSL_SUCCESS;
+ if (flags & OCSP_TRUSTOTHER) {
+ for (idx = 0; idx < wolfSSL_sk_X509_num(certs); idx++) {
+ WOLFSSL_X509* x = wolfSSL_sk_X509_value(certs, idx);
+ int derSz = 0;
+ const byte* der = wolfSSL_X509_get_der(x, &derSz);
+ if (der != NULL && derSz == (int)bs->certSz &&
+ XMEMCMP(bs->cert, der, derSz) == 0) {
+ ret = WOLFSSL_SUCCESS;
+ goto out;
+ }
+ }
+ }
+
InitDecodedCert(cert, bs->cert, bs->certSz, NULL);
+ certInit = 1;
if (ParseCertRelative(cert, CERT_TYPE, VERIFY, st->cm) < 0)
- ret = WOLFSSL_FAILURE;
- FreeDecodedCert(cert);
+ goto out;
+ if (!(flags & OCSP_NOCHECKS)) {
+ if (CheckOcspResponder(bs, cert, st->cm) != 0)
+ goto out;
+ }
+
+ ret = WOLFSSL_SUCCESS;
out:
+ if (certInit)
+ FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, (st && st->cm) ? st->cm->heap : NULL, DYNAMIC_TYPE_DCERT);
@@ -988,6 +1137,11 @@ WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
if (req == NULL || cid == NULL || cid->status == NULL)
return NULL;
+ if (req->cid != NULL)
+ wolfSSL_OCSP_CERTID_free((WOLFSSL_OCSP_CERTID*)req->cid);
+ /* Keep to free */
+ req->cid = (void*)cid;
+
XMEMCPY(req->issuerHash, cid->issuerHash, KEYID_SIZE);
XMEMCPY(req->issuerKeyHash, cid->issuerKeyHash, KEYID_SIZE);
if (cid->status->serialSz > req->serialSz) {
@@ -1115,7 +1269,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
}
}
- if (cid && (!cidOut || cid != *cidOut)) {
+ if ((cid != NULL) && ((cidOut == NULL) || (cid != *cidOut))) {
XFREE(cid, NULL, DYNAMIC_TYPE_OPENSSL);
}
diff --git a/extra/wolfssl/wolfssl/src/pk.c b/extra/wolfssl/wolfssl/src/pk.c
index 57cd5a14..f3d1483b 100644
--- a/extra/wolfssl/wolfssl/src/pk.c
+++ b/extra/wolfssl/wolfssl/src/pk.c
@@ -825,6 +825,7 @@ WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags)
if (err) {
/* meth->name won't be allocated on error. */
XFREE(meth, NULL, DYNAMIC_TYPE_OPENSSL);
+ meth = NULL;
}
return meth;
}
@@ -2109,7 +2110,7 @@ int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa,
{
int ret = 1;
byte* pem = NULL;
- int pLen;
+ int pLen = 0;
(void)cb;
(void)arg;
@@ -2751,6 +2752,15 @@ int wolfSSL_RSA_set0_crt_params(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *dmp1,
/* Set the values into the wolfCrypt RSA key. */
if (SetRsaInternal(rsa) != 1) {
+ if (dmp1 != NULL) {
+ rsa->dmp1 = NULL;
+ }
+ if (dmq1 != NULL) {
+ rsa->dmq1 = NULL;
+ }
+ if (iqmp != NULL) {
+ rsa->iqmp = NULL;
+ }
ret = 0;
}
}
@@ -2815,6 +2825,12 @@ int wolfSSL_RSA_set0_factors(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *p,
/* Set the values into the wolfCrypt RSA key. */
if (SetRsaInternal(rsa) != 1) {
+ if (p != NULL) {
+ rsa->p = NULL;
+ }
+ if (q != NULL) {
+ rsa->q = NULL;
+ }
ret = 0;
}
}
@@ -2890,6 +2906,15 @@ int wolfSSL_RSA_set0_key(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *n, WOLFSSL_BIGNUM *e,
/* Set the values into the wolfCrypt RSA key. */
if (SetRsaInternal(rsa) != 1) {
+ if (n != NULL) {
+ rsa->n = NULL;
+ }
+ if (e != NULL) {
+ rsa->e = NULL;
+ }
+ if (d != NULL) {
+ rsa->d = NULL;
+ }
ret = 0;
}
}
@@ -3531,13 +3556,16 @@ int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash,
if (ret == 1) {
/* Calculate the salt length to use for special cases. */
- /* TODO: use special case wolfCrypt values. */
switch (saltLen) {
/* Negative saltLen values are treated differently */
case RSA_PSS_SALTLEN_DIGEST:
saltLen = hashLen;
break;
- case RSA_PSS_SALTLEN_MAX_SIGN:
+ case RSA_PSS_SALTLEN_AUTO:
+ #ifdef WOLFSSL_PSS_SALT_LEN_DISCOVER
+ saltLen = RSA_PSS_SALT_LEN_DISCOVER;
+ break;
+ #endif
case RSA_PSS_SALTLEN_MAX:
#ifdef WOLFSSL_PSS_LONG_SALT
saltLen = emLen - hashLen - 2;
@@ -7598,7 +7626,7 @@ static int wolfssl_dhparams_to_der(WOLFSSL_DH* dh, unsigned char** out,
int err = 0;
byte* der = NULL;
word32 derSz;
- DhKey* key;
+ DhKey* key = NULL;
(void)heap;
@@ -7930,10 +7958,10 @@ void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, const WOLFSSL_BIGNUM **p,
* free'd with a call to wolfSSL_DH_free -- not individually.
*
* @param [in, out] dh DH key to set.
- * @parma [in] p Prime value to set. May be NULL when value already
+ * @param [in] p Prime value to set. May be NULL when value already
* present.
- * @parma [in] q Order value to set. May be NULL.
- * @parma [in] g Generator value to set. May be NULL when value already
+ * @param [in] q Order value to set. May be NULL.
+ * @param [in] g Generator value to set. May be NULL when value already
* present.
* @return 1 on success.
* @return 0 on failure.
@@ -8233,7 +8261,7 @@ int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes)
/* Generate DH parameters.
*
* @param [in] prime_len Length of prime in bits.
- * @param [in] generator Gnerator value to use.
+ * @param [in] generator Generator value to use.
* @param [in] callback Called with progress information. Unused.
* @param [in] cb_arg User callback argument. Unused.
* @return NULL on failure.
@@ -8268,7 +8296,7 @@ WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator,
*
* @param [in] dh DH key to generate parameters into.
* @param [in] prime_len Length of prime in bits.
- * @param [in] generator Gnerator value to use.
+ * @param [in] generator Generator value to use.
* @param [in] callback Called with progress information. Unused.
* @param [in] cb_arg User callback argument. Unused.
* @return 0 on failure.
@@ -8278,7 +8306,7 @@ int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len,
int generator, void (*callback) (int, int, void *))
{
int ret = 1;
- DhKey* key;
+ DhKey* key = NULL;
#ifdef WOLFSSL_SMALL_STACK
WC_RNG* tmpRng = NULL;
#else
@@ -8790,6 +8818,10 @@ int EccEnumToNID(int n)
return NID_brainpoolP384r1;
case ECC_BRAINPOOLP512R1:
return NID_brainpoolP512r1;
+ #ifdef WOLFSSL_SM2
+ case ECC_SM2P256V1:
+ return NID_sm2;
+ #endif
default:
WOLFSSL_MSG("NID not found");
return -1;
@@ -9682,27 +9714,27 @@ void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *point)
WOLFSSL_ENTER("wolfSSL_EC_POINT_dump");
- /* Only print when debugging on and logging callback set. */
- if (WOLFSSL_IS_DEBUG_ON() && (wolfSSL_GetLoggingCb() == NULL)) {
+ /* Only print when debugging on. */
+ if (WOLFSSL_IS_DEBUG_ON()) {
if (point == NULL) {
/* No point passed in so just put out "NULL". */
- XFPRINTF(stderr, "%s = NULL\n", msg);
+ WOLFSSL_MSG_EX("%s = NULL\n", msg);
}
else {
/* Put out message and status of internal/external data set. */
- XFPRINTF(stderr, "%s:\n\tinSet=%d, exSet=%d\n", msg, point->inSet,
+ WOLFSSL_MSG_EX("%s:\n\tinSet=%d, exSet=%d\n", msg, point->inSet,
point->exSet);
/* Get x-ordinate as a hex string and print. */
num = wolfSSL_BN_bn2hex(point->X);
- XFPRINTF(stderr, "\tX = %s\n", num);
+ WOLFSSL_MSG_EX("\tX = %s\n", num);
XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
/* Get x-ordinate as a hex string and print. */
num = wolfSSL_BN_bn2hex(point->Y);
- XFPRINTF(stderr, "\tY = %s\n", num);
+ WOLFSSL_MSG_EX("\tY = %s\n", num);
XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
/* Get z-ordinate as a hex string and print. */
num = wolfSSL_BN_bn2hex(point->Z);
- XFPRINTF(stderr, "\tZ = %s\n", num);
+ WOLFSSL_MSG_EX("\tZ = %s\n", num);
XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
}
}
@@ -9893,6 +9925,8 @@ int wolfSSL_ECPoint_d2i(const unsigned char *in, unsigned int len,
const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *point)
{
int ret = 1;
+ WOLFSSL_BIGNUM* x = NULL;
+ WOLFSSL_BIGNUM* y = NULL;
WOLFSSL_ENTER("wolfSSL_ECPoint_d2i");
@@ -9929,17 +9963,49 @@ int wolfSSL_ECPoint_d2i(const unsigned char *in, unsigned int len,
#endif
}
+ if (ret == 1)
+ point->inSet = 1;
+
/* Set new external point. */
- if ((ret == 1) && (ec_point_external_set(point) != 1)) {
+ if (ret == 1 && ec_point_external_set(point) != 1) {
WOLFSSL_MSG("ec_point_external_set failed");
ret = 0;
}
+ if (ret == 1 && !wolfSSL_BN_is_one(point->Z)) {
+#if !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+ x = wolfSSL_BN_new();
+ y = wolfSSL_BN_new();
+ if (x == NULL || y == NULL)
+ ret = 0;
+
+ if (ret == 1 && wolfSSL_EC_POINT_get_affine_coordinates_GFp(group,
+ point, x, y, NULL) != 1) {
+ WOLFSSL_MSG("wolfSSL_EC_POINT_get_affine_coordinates_GFp failed");
+ ret = 0;
+ }
+
+ /* wolfSSL_EC_POINT_set_affine_coordinates_GFp check that the point is
+ * on the curve. */
+ if (ret == 1 && wolfSSL_EC_POINT_set_affine_coordinates_GFp(group,
+ point, x, y, NULL) != 1) {
+ WOLFSSL_MSG("wolfSSL_EC_POINT_set_affine_coordinates_GFp failed");
+ ret = 0;
+ }
+#else
+ WOLFSSL_MSG("Importing non-affine point. This may cause issues in math "
+ "operations later on.");
+#endif
+ }
+
if (ret == 1) {
/* Dump new point. */
wolfSSL_EC_POINT_dump("d2i p", point);
}
+ wolfSSL_BN_free(x);
+ wolfSSL_BN_free(y);
+
return ret;
}
@@ -10031,6 +10097,14 @@ size_t wolfSSL_EC_POINT_point2oct(const WOLFSSL_EC_GROUP *group,
}
}
+#if defined(DEBUG_WOLFSSL)
+ if (!err) {
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_point2oct point", point);
+ WOLFSSL_MSG("\twolfSSL_EC_POINT_point2oct output:");
+ WOLFSSL_BUFFER(buf, enc_len);
+ }
+#endif
+
/* On error, return encoding length of 0. */
if (err) {
enc_len = 0;
@@ -10176,15 +10250,15 @@ int wolfSSL_EC_POINT_is_on_curve(const WOLFSSL_EC_GROUP *group,
/* Convert Jacobian ordinates to affine.
*
* @param [in] group EC group.
- * @param [in] point EC point to get co-ordinates from.
+ * @param [in] point EC point to get coordinates from.
* @return 1 on success.
* @return 0 on error.
*/
-static int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
+int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
WOLFSSL_EC_POINT *point)
{
int err = 0;
- mp_digit mp;
+ mp_digit mp = 0;
#ifdef WOLFSSL_SMALL_STACK
mp_int* modulus;
#else
@@ -10241,9 +10315,9 @@ static int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
return err;
}
-/* Get the affine co-ordinates of the EC point on a Prime curve.
+/* Get the affine coordinates of the EC point on a Prime curve.
*
- * When z-ordinate is not one then co-ordinates are Jacobian and need to be
+ * When z-ordinate is not one then coordinates are Jacobian and need to be
* converted to affine before storing in BNs.
*
* Return code compliant with OpenSSL.
@@ -10251,7 +10325,7 @@ static int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
* TODO: OpenSSL doesn't change point when Jacobian. Do the same?
*
* @param [in] group EC group.
- * @param [in] point EC point to get co-ordinates from.
+ * @param [in] point EC point to get coordinates from.
* @param [in, out] x BN to hold x-ordinate.
* @param [in, out] y BN to hold y-ordinate.
* @param [in] ctx Context to use for BN operations. Unused.
@@ -10305,10 +10379,10 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group,
}
#endif /* !WOLFSSL_SP_MATH && !WOLF_CRYPTO_CB_ONLY_ECC */
-/* Sets the affine co-ordinates that belong on a prime curve.
+/* Sets the affine coordinates that belong on a prime curve.
*
* @param [in] group EC group.
- * @param [in, out] point EC point to set co-ordinates into.
+ * @param [in, out] point EC point to set coordinates into.
* @param [in] x BN holding x-ordinate.
* @param [in] y BN holding y-ordinate.
* @param [in] ctx Context to use for BN operations. Unused.
@@ -10362,7 +10436,7 @@ int wolfSSL_EC_POINT_set_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group,
WOLFSSL_MSG("wolfSSL_BN_copy failed");
ret = 0;
}
- /* z-ordinate is one for affine co-ordinates. */
+ /* z-ordinate is one for affine coordinates. */
if ((ret == 1) && ((wolfSSL_BN_one(point->Z)) == 0)) {
WOLFSSL_MSG("wolfSSL_BN_one failed");
ret = 0;
@@ -10393,7 +10467,7 @@ int wolfSSL_EC_POINT_set_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group,
/* Add two points on the same together.
*
* @param [in] curveIdx Index of curve in ecc_set.
- * @oaram [out] r Result point.
+ * @param [out] r Result point.
* @param [in] p1 First point to add.
* @param [in] p2 Second point to add.
* @return 1 on success.
@@ -10526,7 +10600,7 @@ static int wolfssl_ec_point_add(int curveIdx, ecc_point* r, ecc_point* p1,
ret = 0;
}
- /* Map point back to affine co-ordinates. Converts from Montogomery form. */
+ /* Map point back to affine coordinates. Converts from Montogomery form. */
if ((ret == 1) && (ecc_map(r, prime, mp) != MP_OKAY)) {
WOLFSSL_MSG("ecc_map error");
ret = 0;
@@ -10577,6 +10651,20 @@ int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP* group, WOLFSSL_EC_POINT* r,
ret = 0;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == 1) {
+ int nid = wolfSSL_EC_GROUP_get_curve_name(group);
+ const char* curve = wolfSSL_OBJ_nid2ln(nid);
+ const char* nistName = wolfSSL_EC_curve_nid2nist(nid);
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_add p1", p1);
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_add p2", p2);
+ if (curve != NULL)
+ WOLFSSL_MSG_EX("curve name: %s", curve);
+ if (nistName != NULL)
+ WOLFSSL_MSG_EX("nist curve name: %s", nistName);
+ }
+#endif
+
if (ret == 1) {
/* Add points using wolfCrypt objects. */
ret = wolfssl_ec_point_add(group->curve_idx, (ecc_point*)r->internal,
@@ -10589,6 +10677,12 @@ int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP* group, WOLFSSL_EC_POINT* r,
ret = 0;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == 1) {
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_add result", r);
+ }
+#endif
+
return ret;
}
@@ -10646,7 +10740,7 @@ static int ec_mul2add(ecc_point* r, ecc_point* b, mp_int* n, ecc_point* q,
WOLFSSL_MSG("wc_ecc_mulmod nqm error");
ret = 0;
}
- /* Map point back to affine co-ordinates. Converts from Montogomery
+ /* Map point back to affine coordinates. Converts from Montogomery
* form. */
if ((ret == 1) && (ecc_map(r, prime, mp) != MP_OKAY)) {
WOLFSSL_MSG("ecc_map nqm error");
@@ -10750,7 +10844,7 @@ static int wolfssl_ec_point_mul(int curveIdx, ecc_point* r, mp_int* n,
if ((ret == 1) && (n != NULL) && (q != NULL) && (m != NULL)) {
/* r = base point * n + q * m */
- ec_mul2add(r, r, m, q, n, a, prime);
+ ret = ec_mul2add(r, r, n, q, m, a, prime);
}
/* Not all values present, see if we are only doing base point * n. */
else if ((ret == 1) && (n != NULL)) {
@@ -10823,6 +10917,26 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
ret = 0;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == 1) {
+ int nid = wolfSSL_EC_GROUP_get_curve_name(group);
+ const char* curve = wolfSSL_OBJ_nid2ln(nid);
+ const char* nistName = wolfSSL_EC_curve_nid2nist(nid);
+ char* num;
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_mul input q", q);
+ num = wolfSSL_BN_bn2hex(n);
+ WOLFSSL_MSG_EX("\tn = %s", num);
+ XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
+ num = wolfSSL_BN_bn2hex(m);
+ WOLFSSL_MSG_EX("\tm = %s", num);
+ XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
+ if (curve != NULL)
+ WOLFSSL_MSG_EX("curve name: %s", curve);
+ if (nistName != NULL)
+ WOLFSSL_MSG_EX("nist curve name: %s", nistName);
+ }
+#endif
+
if (ret == 1) {
mp_int* ni = (n != NULL) ? (mp_int*)n->internal : NULL;
ecc_point* qi = (q != NULL) ? (ecc_point*)q->internal : NULL;
@@ -10843,6 +10957,12 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
ret = 0;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == 1) {
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_mul result", r);
+ }
+#endif
+
return ret;
}
#endif /* !WOLFSSL_ATECC508A && !WOLFSSL_ATECC608A && !HAVE_SELFTEST &&
@@ -10931,6 +11051,30 @@ int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group,
ret = 0;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == 1) {
+ int nid = wolfSSL_EC_GROUP_get_curve_name(group);
+ const char* curve = wolfSSL_OBJ_nid2ln(nid);
+ const char* nistName = wolfSSL_EC_curve_nid2nist(nid);
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_invert input", point);
+ if (curve != NULL)
+ WOLFSSL_MSG_EX("curve name: %s", curve);
+ if (nistName != NULL)
+ WOLFSSL_MSG_EX("nist curve name: %s", nistName);
+
+ }
+#endif
+
+ if (ret == 1 && !wolfSSL_BN_is_one(point->Z)) {
+#if !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+ if (ec_point_convert_to_affine(group, point) != 0)
+ ret = 0;
+#else
+ WOLFSSL_MSG("wolfSSL_EC_POINT_invert called on non-affine point");
+ ret = 0;
+#endif
+ }
+
if (ret == 1) {
/* Perform inversion using wolfCrypt objects. */
ret = wolfssl_ec_point_invert(group->curve_idx,
@@ -10943,6 +11087,12 @@ int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group,
ret = 0;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == 1) {
+ wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_invert result", point);
+ }
+#endif
+
return ret;
}
@@ -13299,7 +13449,7 @@ int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, unsigned char **pp)
return (int)len;
}
-/* Get the pointer to the feilds of the ECDSA signature.
+/* Get the pointer to the fields of the ECDSA signature.
*
* r and s untouched when sig is NULL.
*
diff --git a/extra/wolfssl/wolfssl/src/quic.c b/extra/wolfssl/wolfssl/src/quic.c
index a8a590bf..02622a7e 100644
--- a/extra/wolfssl/wolfssl/src/quic.c
+++ b/extra/wolfssl/wolfssl/src/quic.c
@@ -130,7 +130,7 @@ static int quic_record_append(WOLFSSL *ssl, QuicRecord *qr, const uint8_t *data,
qr->len = qr_length(qr->data, qr->end);
if (qr->len > qr->capacity) {
- uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->head,
+ uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (!ndata) {
ret = WOLFSSL_FAILURE;
@@ -950,8 +950,18 @@ cleanup:
const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
{
- WOLFSSL_CIPHER* cipher = wolfSSL_get_current_cipher(ssl);
- const WOLFSSL_EVP_CIPHER* evp_cipher;
+ WOLFSSL_CIPHER* cipher = NULL;
+ const WOLFSSL_EVP_CIPHER* evp_cipher = NULL;
+
+ if (ssl == NULL) {
+ return NULL;
+ }
+
+ cipher = wolfSSL_get_current_cipher(ssl);
+
+ if (cipher == NULL) {
+ return NULL;
+ }
switch (cipher->cipherSuite) {
#if !defined(NO_AES) && defined(HAVE_AESGCM)
@@ -997,8 +1007,18 @@ static int evp_cipher_eq(const WOLFSSL_EVP_CIPHER* c1,
const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl)
{
- WOLFSSL_CIPHER* cipher = wolfSSL_get_current_cipher(ssl);
- const WOLFSSL_EVP_CIPHER* evp_cipher;
+ WOLFSSL_CIPHER* cipher = NULL;
+ const WOLFSSL_EVP_CIPHER* evp_cipher = NULL;
+
+ if (ssl == NULL) {
+ return NULL;
+ }
+
+ cipher = wolfSSL_get_current_cipher(ssl);
+
+ if (cipher == NULL) {
+ return NULL;
+ }
switch (cipher->cipherSuite) {
#if !defined(NO_AES) && defined(HAVE_AESGCM)
@@ -1055,8 +1075,9 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)
ret = 0;
}
+ (void)wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
#ifdef WOLFSSL_SMALL_STACK
- XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUF);
+ XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
diff --git a/extra/wolfssl/wolfssl/src/sniffer.c b/extra/wolfssl/wolfssl/src/sniffer.c
index 3a85d525..ddcb5403 100644
--- a/extra/wolfssl/wolfssl/src/sniffer.c
+++ b/extra/wolfssl/wolfssl/src/sniffer.c
@@ -373,6 +373,9 @@ static const char* const msgTable[] =
"Setting up keys",
"Unsupported TLS Version",
"Server Client Key Mismatch",
+
+ /* 99 */
+ "Invalid or missing keylog file",
};
@@ -436,6 +439,11 @@ typedef struct SnifferServer {
NamedKey* namedKeys; /* mapping of names and keys */
wolfSSL_Mutex namedKeysMutex; /* mutex for namedKey list */
#endif
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ byte useKeyLogFile; /* True if session secrets are coming from a
+ keylog file */
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
struct SnifferServer* next; /* for list */
} SnifferServer;
@@ -619,8 +627,8 @@ static void UpdateMissedDataSessions(void)
#ifdef WOLFSSL_SNIFFER_STATS
#ifdef HAVE_C___ATOMIC
- #define LOCK_STAT()
- #define UNLOCK_STAT()
+ #define LOCK_STAT() WC_DO_NOTHING
+ #define UNLOCK_STAT() WC_DO_NOTHING
#define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); \
__atomic_fetch_add(&x, y, __ATOMIC_RELAXED); })
#else
@@ -636,10 +644,10 @@ static void UpdateMissedDataSessions(void)
#endif /* WOLFSSL_SNIFFER_STATS */
#ifdef HAVE_C___ATOMIC
- #define LOCK_SESSION()
- #define UNLOCK_SESSION()
- #define LOCK_SERVER_LIST()
- #define UNLOCK_SERVER_LIST()
+ #define LOCK_SESSION() WC_DO_NOTHING
+ #define UNLOCK_SESSION() WC_DO_NOTHING
+ #define LOCK_SERVER_LIST() WC_DO_NOTHING
+ #define UNLOCK_SERVER_LIST() WC_DO_NOTHING
#else
#define LOCK_SESSION() wc_LockMutex(&SessionMutex)
#define UNLOCK_SESSION() wc_UnLockMutex(&SessionMutex)
@@ -652,6 +660,24 @@ static void UpdateMissedDataSessions(void)
static WOLFSSL_GLOBAL int CryptoDeviceId = INVALID_DEVID;
#endif
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+static int addSecretNode(unsigned char* clientRandom,
+ int type,
+ unsigned char* masterSecret,
+ char* error);
+static void hexToBin(const char* hex, unsigned char* bin, int binLength);
+static int parseKeyLogFile(const char* fileName, char* error);
+static unsigned char* findSecret(unsigned char* clientRandom, int type);
+static void freeSecretList(void);
+static int snifferSecretCb(unsigned char* client_random,
+ int type,
+ unsigned char* output_secret);
+static void setSnifferSecretCb(SnifferSession* session);
+static int addKeyLogSnifferServerHelper(const char* address,
+ int port,
+ char* error);
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
/* Initialize overall Sniffer */
void ssl_InitSniffer_ex(int devId)
@@ -867,8 +893,16 @@ void ssl_FreeSniffer(void)
}
ServerList = NULL;
+
+
UNLOCK_SESSION();
UNLOCK_SERVER_LIST();
+
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ freeSecretList();
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
+
#ifndef WOLFSSL_SNIFFER_NO_RECOVERY
wc_FreeMutex(&RecoveryMutex);
#endif
@@ -1162,8 +1196,14 @@ static void TraceSetServer(const char* srv, int port, const char* keyFile)
{
if (TraceOn) {
XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n");
- XFPRINTF(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port,
- keyFile);
+ if (keyFile != NULL) {
+ XFPRINTF(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n",
+ srv, port, keyFile);
+ }
+ else {
+ XFPRINTF(TraceFile, "\tserver: %s, port: %d\n",
+ srv, port);
+ }
}
}
@@ -1732,6 +1772,7 @@ static int CreateWatchSnifferServer(char* error)
#endif
+
/* Caller locks ServerListMutex */
static int SetNamedPrivateKey(const char* name, const char* address, int port,
const char* keyFile, int keySz, int typeKey, const char* password,
@@ -1780,10 +1821,11 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
if (serverIp.ip4 == XINADDR_NONE) {
#ifdef FUSION_RTOS
if (XINET_PTON(AF_INET6, address, serverIp.ip6,
- sizeof(serverIp.ip4)) == 1) {
+ sizeof(serverIp.ip4)) == 1)
#else
- if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1) {
+ if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1)
#endif
+ {
serverIp.version = IPV6;
}
}
@@ -2432,7 +2474,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
args = (SetupKeysArgs*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_sk;
@@ -2463,6 +2505,17 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
#endif
+ #if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ if (session->context->useKeyLogFile) {
+ ret = 0;
+ XMEMSET(args, 0, sizeof(SetupKeysArgs));
+
+ /* We want to skip all the key setup and go right to master secret generation, which is
+ * where we inject the master secret obtained from the keylog file */
+ ssl->options.asyncState = TLS_ASYNC_FINALIZE;
+ }
+ #endif
+
switch (ssl->options.asyncState) {
case TLS_ASYNC_BEGIN:
{
@@ -3084,12 +3137,17 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
case TLS_ASYNC_FINALIZE:
{
- /* store for client side as well */
- XMEMCPY(session->sslClient->arrays->preMasterSecret,
- session->sslServer->arrays->preMasterSecret,
- session->sslServer->arrays->preMasterSz);
- session->sslClient->arrays->preMasterSz =
- session->sslServer->arrays->preMasterSz;
+ #if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ if (!session->context->useKeyLogFile)
+ #endif /* !WOLFSSL_SNIFFER_KEYLOGFILE */
+ {
+ /* store for client side as well */
+ XMEMCPY(session->sslClient->arrays->preMasterSecret,
+ session->sslServer->arrays->preMasterSecret,
+ session->sslServer->arrays->preMasterSz);
+ session->sslClient->arrays->preMasterSz =
+ session->sslServer->arrays->preMasterSz;
+ }
#ifdef SHOW_SECRETS
PrintSecret("pre master secret",
@@ -3267,6 +3325,11 @@ static int ProcessKeyShare(KeyShareInfo* info, const byte* input, int len,
info->curve_id = ECC_SECP256R1;
break;
#endif /* !NO_ECC_SECP */
+ #ifdef WOLFSSL_SM2
+ case WOLFSSL_ECC_SM2P256V1:
+ info->curve_id = ECC_SM2P256V1;
+ break;
+ #endif /* WOLFSSL_SM2 */
#endif
#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
@@ -4551,14 +4614,21 @@ static int DoHandShake(const byte* input, int* sslBytes,
Trace(GOT_CERT_REQ_STR);
break;
case server_key_exchange:
-#ifdef WOLFSSL_SNIFFER_STATS
- INC_STAT(SnifferStats.sslEphemeralMisses);
-#endif
Trace(GOT_SERVER_KEY_EX_STR);
- /* can't know temp key passively */
- SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
- session->verboseErr = 1;
- ret = -1;
+
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ if (!session->context->useKeyLogFile)
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+ {
+ /* can't know temp key passively */
+ SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+ session->verboseErr = 1;
+ ret = -1;
+
+#if defined(WOLFSSL_SNIFFER_STATS)
+ INC_STAT(SnifferStats.sslEphemeralMisses);
+#endif /* WOLFSSL_SNIFFER_STATS */
+ }
break;
case encrypted_extensions:
Trace(GOT_ENC_EXT_STR);
@@ -4715,6 +4785,8 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
case wolfssl_aes_gcm:
case wolfssl_aes_ccm: /* GCM AEAD macros use same size as CCM */
{
+ /* For ciphers that use AEAD use the encrypt routine to
+ * bypass the auth tag checking */
wc_AesAuthEncryptFunc aes_auth_fn;
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -4744,7 +4816,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
input + AESGCM_EXP_IV_SZ,
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
ssl->decrypt.nonce, AESGCM_NONCE_SZ,
- ssl->decrypt.additional, ssl->specs.aead_mac_size,
+ ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
NULL, 0)) < 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E) {
@@ -4756,6 +4828,18 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
break;
#endif /* HAVE_AESGCM || HAVE_AESCCM */
+ #ifdef HAVE_ARIA
+ case wolfssl_aria_gcm:
+ ret = wc_AriaDecrypt(ssl->decrypt.aria,
+ plain,
+ (byte *)input + AESGCM_EXP_IV_SZ,
+ sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+ ssl->decrypt.nonce, AESGCM_NONCE_SZ,
+ ssl->decrypt.additional, ssl->specs.aead_mac_size,
+ NULL, 0);
+ break;
+ #endif
+
#ifdef HAVE_CAMELLIA
case wolfssl_camellia:
ret = wc_CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
@@ -4765,7 +4849,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
!defined(NO_CHAPOL_AEAD)
case wolfssl_chacha:
- ret = ChachaAEADEncrypt(ssl, plain, input, sz);
+ ret = ChachaAEADDecrypt(ssl, plain, input, sz);
break;
#endif
@@ -4793,7 +4877,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input,
#ifdef WOLFSSL_ASYNC_CRYPT
if (ssl->decrypt.state != CIPHER_STATE_BEGIN) {
ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* check for still pending */
if (ret == WC_PENDING_E)
return ret;
@@ -5105,6 +5189,13 @@ static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
/* put server back into server mode */
session->sslServer->options.side = WOLFSSL_SERVER_END;
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ if (session->context->useKeyLogFile) {
+ setSnifferSecretCb(session);
+ }
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
+
row = SessionHash(ipInfo, tcpInfo);
/* add it to the session table */
@@ -6475,10 +6566,10 @@ static int RemoveFatalSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
SnifferSession* session, char* error)
{
if (session && session->flags.fatalError == FATAL_ERROR_STATE) {
- RemoveSession(session, ipInfo, tcpInfo, 0);
if (!session->verboseErr) {
SetError(FATAL_ERROR_STR, error, NULL, 0);
}
+ RemoveSession(session, ipInfo, tcpInfo, 0);
return 1;
}
return 0;
@@ -7115,6 +7206,409 @@ int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags,
}
#endif
+
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+
+/* Maximum length of the NSS Keylog prefix string */
+#define MAX_PREFIX_LENGTH (31)
+/* Maximum length (in bytes) required to store the binary representation of
+ * the "client random" value parsed from keylog file */
+#define CLIENT_RANDOM_LENGTH (32)
+/* Maximum length (in bytes) required to store the binary representation of the
+ * "secret" value parsed from keylog file */
+#define SECRET_LENGTH (48)
+
+typedef struct SecretNode {
+ unsigned char clientRandom[CLIENT_RANDOM_LENGTH];
+ unsigned char secrets[SNIFFER_SECRET_NUM_SECRET_TYPES][SECRET_LENGTH];
+ struct SecretNode* next;
+} SecretNode;
+
+
+/* Default to the same size hash table as the session table,
+ * but allow user to override */
+#ifndef WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE
+#define WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE HASH_SIZE
+#endif
+
+static THREAD_LS_T WOLFSSL_GLOBAL
+SecretNode*
+secretHashTable[WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE] = {NULL};
+#ifndef HAVE_C___ATOMIC
+static WOLFSSL_GLOBAL wolfSSL_Mutex secretListMutex;
+#endif
+
+static unsigned int secretHashFunction(unsigned char* clientRandom);
+
+#ifdef HAVE_C___ATOMIC
+ #define LOCK_SECRET_LIST() WC_DO_NOTHING
+ #define UNLOCK_SECRET_LIST() WC_DO_NOTHING
+#else
+ #define LOCK_SECRET_LIST() wc_LockMutex(&secretListMutex)
+ #define UNLOCK_SECRET_LIST() wc_UnLockMutex(&secretListMutex)
+#endif
+
+
+/*
+ * Basic polynomial hash function that maps a 32-byte client random value to an
+ * array index
+ */
+static unsigned int secretHashFunction(unsigned char* clientRandom)
+{
+ int i = 0;
+ unsigned int hash = 0;
+ const int CLIENT_RANDOM_NUM_BITS = CLIENT_RANDOM_LENGTH * 8;
+
+ for (i = 0; i < CLIENT_RANDOM_LENGTH; i++) {
+ hash = (hash * CLIENT_RANDOM_NUM_BITS + clientRandom[i])
+ % WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE;
+ }
+
+ return hash;
+}
+
+
+/*
+ * Adds a new secret to the secret table, creating a new node based on the
+ * client random if necessary. If the client random is already present in the
+ * list, the requested secret will be updated.
+ */
+static int addSecretNode(unsigned char* clientRandom,
+ int type,
+ unsigned char* secret,
+ char* error)
+{
+ int index = 0;
+ int ret = 0;
+ SecretNode* node = NULL;
+
+ if (type >= SNIFFER_SECRET_NUM_SECRET_TYPES) {
+ return WOLFSSL_SNIFFER_ERROR;
+ }
+
+ LOCK_SECRET_LIST();
+
+ index = secretHashFunction(clientRandom);
+ node = secretHashTable[index];
+
+ while(node) {
+ /* Node already exists, so just add the requested secret */
+ if (XMEMCMP(node->clientRandom, clientRandom, CLIENT_RANDOM_LENGTH)
+ == 0)
+ {
+ XMEMCPY(node->secrets[type], secret, SECRET_LENGTH);
+ ret = 0;
+ goto unlockReturn;
+ }
+ node = node ->next;
+ }
+
+ node = (SecretNode*)XMALLOC(sizeof(SecretNode),
+ NULL,
+ DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE);
+ if (node == NULL) {
+ SetError(MEMORY_STR, error, NULL, 0);
+ ret = WOLFSSL_SNIFFER_ERROR;
+ goto unlockReturn;
+ }
+
+ XMEMCPY(node->clientRandom, clientRandom, CLIENT_RANDOM_LENGTH);
+ XMEMCPY(node->secrets[type], secret, SECRET_LENGTH);
+ node->next = secretHashTable[index];
+ secretHashTable[index] = node;
+
+unlockReturn:
+
+ UNLOCK_SECRET_LIST();
+
+ return ret;
+}
+
+
+/*
+ * Looks up a master secret for a given client random from the keylog file
+ */
+static unsigned char* findSecret(unsigned char* clientRandom, int type)
+{
+ unsigned char* secret = NULL;
+ SecretNode* node = NULL;
+ unsigned int index = 0;
+
+ LOCK_SECRET_LIST();
+
+ index = secretHashFunction(clientRandom);
+ node = secretHashTable[index];
+
+ while (node != NULL) {
+ if (XMEMCMP(node->clientRandom,
+ clientRandom, CLIENT_RANDOM_LENGTH) == 0) {
+ secret = node->secrets[type];
+ break;
+ }
+ node = node->next;
+ }
+
+ UNLOCK_SECRET_LIST();
+
+ return secret;
+}
+
+
+static void hexToBin(const char* hex, unsigned char* bin, int binLength)
+{
+ int i = 0;
+ for (i = 0; i < binLength; i++) {
+ sscanf(hex + 2*i, "%02hhx", &bin[i]);
+ }
+}
+
+/*
+ * Helper function to parse secrets from the keylog file into the secret table
+ */
+static int parseKeyLogFile(const char* fileName, char* error)
+{
+ unsigned char clientRandom[CLIENT_RANDOM_LENGTH];
+ unsigned char secret[SECRET_LENGTH];
+ FILE* file = NULL;
+ int ret = 0;
+ int type = 0;
+ /* +1 for null terminator */
+ char prefix[MAX_PREFIX_LENGTH + 1] = {0};
+ /* 2 chars for Hexadecimal representation, plus null terminator */
+ char clientRandomHex[2 * CLIENT_RANDOM_LENGTH + 1] = {0};
+ char secretHex[2 * SECRET_LENGTH + 1] = {0};
+
+
+ file = fopen(fileName, "r");
+ if (file == NULL) {
+ fprintf(stderr, "Could not open keylog file: %s\n", fileName);
+ SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
+ return WOLFSSL_SNIFFER_ERROR;
+ }
+
+ /* Format specifiers for each column should be:
+ * MAX_PREFIX_LENGTH, 2*CLIENT_RANDOM_LENGTH, and 2*SECRET_LENGTH */
+ while (fscanf(file, "%31s %64s %96s", prefix, clientRandomHex, secretHex)
+ == 3) {
+
+ if (XSTRCMP(prefix, "CLIENT_RANDOM") == 0) {
+ type = SNIFFER_SECRET_TLS12_MASTER_SECRET;
+ }
+#if defined(WOLFSSL_TLS13)
+ else if (XSTRCMP(prefix, "CLIENT_EARLY_TRAFFIC_SECRET") == 0) {
+ type = SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET;
+ }
+ else if (XSTRCMP(prefix, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) {
+ type = SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET;
+ }
+ else if (XSTRCMP(prefix, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) {
+ type = SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET;
+ }
+ else if (XSTRCMP(prefix, "CLIENT_TRAFFIC_SECRET_0") == 0) {
+ type = SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET;
+ }
+ else if (XSTRCMP(prefix, "SERVER_TRAFFIC_SECRET_0") == 0) {
+ type = SNIFFER_SECRET_SERVER_TRAFFIC_SECRET;
+ }
+#endif /* WOLFSSL_TLS13 */
+ else {
+ fprintf(stderr, "unrecognized prefix: %s\n", prefix);
+ continue;
+ }
+
+ hexToBin(clientRandomHex, clientRandom, CLIENT_RANDOM_LENGTH);
+ hexToBin(secretHex, secret, SECRET_LENGTH);
+ ret = addSecretNode(clientRandom, type, secret, error);
+
+ if (ret != 0) {
+ fclose(file);
+ return ret;
+ }
+ }
+ fclose(file);
+
+ return 0;
+}
+
+
+static void freeSecretList(void)
+{
+ int i = 0;
+
+ LOCK_SECRET_LIST();
+
+ for (i=0; i<WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE; i++)
+ {
+ SecretNode* current = secretHashTable[i];
+ SecretNode * next = NULL;
+
+ while (current != NULL) {
+ next = current->next;
+ XFREE(current, NULL, DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE);
+ current = next;
+ }
+ }
+
+ UNLOCK_SECRET_LIST();
+}
+
+
+/*
+ * Looks up secret based on client random and copies it to output_secret
+ */
+static int snifferSecretCb(unsigned char* client_random,
+ int type,
+ unsigned char* output_secret)
+{
+ unsigned char* secret = NULL;
+
+ if (client_random == NULL || output_secret == NULL) {
+ return WOLFSSL_SNIFFER_FATAL_ERROR;
+ }
+
+ if (type >= SNIFFER_SECRET_NUM_SECRET_TYPES) {
+ return WOLFSSL_SNIFFER_FATAL_ERROR;
+ }
+
+ /* get secret from secret table based on client random */
+ secret = findSecret(client_random, type);
+ if (secret != NULL) {
+ XMEMCPY(output_secret, secret, SECRET_LENGTH);
+ return 0;
+ }
+
+ /* didn't find the secret */
+ return WOLFSSL_SNIFFER_ERROR;
+}
+
+
+static void setSnifferSecretCb(SnifferSession* session)
+{
+ session->context->useKeyLogFile = 1;
+ session->sslServer->snifferSecretCb = snifferSecretCb;
+ session->sslClient->snifferSecretCb = snifferSecretCb;
+}
+
+
+/*
+ * Helper function that creates a sniffer server object that can decrypt using
+ * a keylog file, and adds it to the server list
+ *
+ * NOTE: the caller is responsible for locking and unlocking the server list
+ */
+static int addKeyLogSnifferServerHelper(const char* address,
+ int port,
+ char* error)
+{
+ IpAddrInfo serverIp = {0};
+ SnifferServer *sniffer = NULL;
+
+ TraceHeader();
+ TraceSetServer(address, port, NULL);
+
+ serverIp.version = IPV4;
+ serverIp.ip4 = XINET_ADDR(address);
+ if (serverIp.ip4 == XINADDR_NONE) {
+ #ifdef FUSION_RTOS
+ if (XINET_PTON(AF_INET6, address, serverIp.ip6,
+ sizeof(serverIp.ip4)) == 1)
+ #else
+ if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1)
+ #endif
+ {
+ serverIp.version = IPV6;
+ }
+ }
+
+ sniffer = ServerList;
+ while (sniffer != NULL &&
+ (!MatchAddr(sniffer->server, serverIp) || sniffer->port != port)) {
+ sniffer = sniffer->next;
+ }
+
+ if (sniffer == NULL) {
+ sniffer = (SnifferServer*)XMALLOC(sizeof(SnifferServer),
+ NULL, DYNAMIC_TYPE_SNIFFER_SERVER);
+ if (sniffer == NULL) {
+ SetError(MEMORY_STR, error, NULL, 0);
+ return WOLFSSL_SNIFFER_ERROR;
+ }
+ InitSnifferServer(sniffer);
+
+ XSTRNCPY(sniffer->address, address, MAX_SERVER_ADDRESS-1);
+ sniffer->address[MAX_SERVER_ADDRESS-1] = '\0';
+ sniffer->server = serverIp;
+ sniffer->port = port;
+
+ sniffer->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+ if (!sniffer->ctx) {
+ SetError(MEMORY_STR, error, NULL, 0);
+ FreeSnifferServer(sniffer);
+ return WOLFSSL_SNIFFER_ERROR;
+ }
+ #if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
+ if (CryptoDeviceId != INVALID_DEVID)
+ wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
+ #endif
+
+ sniffer->next = ServerList;
+ ServerList = sniffer;
+ }
+ else {
+ printf("SESSION ALREADY EXISTS\n");
+ }
+
+ /* Tag the new or existing server as requiring keylog support to
+ * decrypt, otherwise it won't be usable */
+ sniffer->useKeyLogFile = 1;
+
+ return 0;
+}
+
+/*
+ * Creates a sniffer server that is able to decrypt using secrets from a
+ * keylog file, and adds it to the server list
+ *
+ * If a server at the address and port already exists, it will be marked
+ * for keylog file decryption
+ */
+int ssl_CreateKeyLogSnifferServer(const char* address, int port, char* error)
+{
+ int ret = 0;
+
+ if (address == NULL) {
+ SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
+ return WOLFSSL_SNIFFER_ERROR;
+ }
+
+ LOCK_SERVER_LIST();
+
+ ret = addKeyLogSnifferServerHelper(address, port, error);
+
+ UNLOCK_SERVER_LIST();
+
+ return ret;
+}
+
+
+/*
+ * Loads secrets to decrypt TLS traffic from a keylog file. Only sniffer
+ * servers registered with ssl_createKeyLogSnifferServer() will be able to
+ * decrypt using these secrets
+ */
+int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile, char* error)
+{
+ if (keylogfile == NULL) {
+ SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
+ return WOLFSSL_SNIFFER_ERROR;
+ }
+
+ return parseKeyLogFile(keylogfile, error);
+}
+
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
+
#undef ERROR_OUT
#endif /* WOLFSSL_SNIFFER */
diff --git a/extra/wolfssl/wolfssl/src/ssl.c b/extra/wolfssl/wolfssl/src/ssl.c
index fb8ee5c6..e99f702f 100644
--- a/extra/wolfssl/wolfssl/src/ssl.c
+++ b/extra/wolfssl/wolfssl/src/ssl.c
@@ -208,6 +208,15 @@
#define WOLFSSL_EVP_INCLUDED
#include "wolfcrypt/src/evp.c"
+/* Crypto code uses EVP APIs. */
+#define WOLFSSL_SSL_CRYPTO_INCLUDED
+#include "src/ssl_crypto.c"
+
+#ifndef WOLFCRYPT_ONLY
+#define WOLFSSL_SSL_CERTMAN_INCLUDED
+#include "src/ssl_certman.c"
+#endif
+
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
/* Convert shortname to NID.
@@ -449,6 +458,9 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
{XSTR_SIZEOF("P521_KYBER_LEVEL5"), "P521_KYBER_LEVEL5", WOLFSSL_P521_KYBER_LEVEL5},
#endif
#endif
+#ifdef WOLFSSL_SM2
+ {XSTR_SIZEOF("SM2"), "SM2", NID_sm2},
+#endif
{0, NULL, 0},
};
#endif
@@ -1047,7 +1059,7 @@ int GetEchConfigsEx(WOLFSSL_EchConfig* configs, byte* output, word32* outputLen)
#endif /* WOLFSSL_TLS13 && HAVE_ECH */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
#endif
@@ -1253,8 +1265,12 @@ int wolfSSL_send_session(WOLFSSL* ssl)
/* prevent multiple mutex initializations */
static volatile WOLFSSL_GLOBAL int initRefCount = 0;
+#ifdef WOLFSSL_MUTEX_INITIALIZER
+static WOLFSSL_GLOBAL wolfSSL_Mutex count_mutex = WOLFSSL_MUTEX_INITIALIZER;
+#else
static WOLFSSL_GLOBAL wolfSSL_Mutex count_mutex; /* init ref count mutex */
static WOLFSSL_GLOBAL int count_mutex_valid = 0;
+#endif
/* Create a new WOLFSSL_CTX struct and return the pointer to created struct.
WOLFSSL_METHOD pointer passed in is given to ctx to manage.
@@ -1537,6 +1553,8 @@ void FreeWriteDup(WOLFSSL* ssl)
*/
static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
{
+ word16 tmp_weOwnRng;
+
/* shared dupWrite setup */
ssl->dupWrite = (WriteDup*)XMALLOC(sizeof(WriteDup), ssl->heap,
DYNAMIC_TYPE_WRITEDUP);
@@ -1553,6 +1571,8 @@ static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
ssl->dupWrite->dupCount = 2; /* both sides have a count to start */
dup->dupWrite = ssl->dupWrite; /* each side uses */
+ tmp_weOwnRng = dup->options.weOwnRng;
+
/* copy write parts over to dup writer */
XMEMCPY(&dup->specs, &ssl->specs, sizeof(CipherSpecs));
XMEMCPY(&dup->options, &ssl->options, sizeof(Options));
@@ -1578,6 +1598,9 @@ static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
dup->truncated_hmac = ssl->truncated_hmac;
#endif
+ /* Restore rng option */
+ dup->options.weOwnRng = tmp_weOwnRng;
+
/* unique side dup setup */
dup->dupSide = WRITE_DUP_SIDE;
ssl->dupSide = READ_DUP_SIDE;
@@ -2217,15 +2240,19 @@ static int DtlsSrtpSelProfiles(word16* id, const char* profile_str)
do {
current = next;
next = XSTRSTR(current, ":");
- current_length = (!next) ? (word32)XSTRLEN(current)
- : (word32)(next - current);
+ if (next) {
+ current_length = (word32)(next - current);
+ ++next; /* ++ needed to skip ':' */
+ } else {
+ current_length = (word32)XSTRLEN(current);
+ }
if (current_length < length)
length = current_length;
profile = DtlsSrtpFindProfile(current, current_length, 0);
if (profile != NULL) {
*id |= (1 << profile->id); /* selected bit based on ID */
}
- } while (next != NULL && next++); /* ++ needed to skip ':' */
+ } while (next != NULL);
return WOLFSSL_SUCCESS;
}
@@ -2648,6 +2675,9 @@ int wolfSSL_GetObjectSize(void)
#ifdef HAVE_CHACHA
printf("\tsizeof chacha = %lu\n", (unsigned long)sizeof(ChaCha));
#endif
+#ifdef WOLFSSL_SM4
+ printf("\tsizeof sm4 = %lu\n", (unsigned long)sizeof(Sm4));
+#endif
printf("sizeof cipher specs = %lu\n", (unsigned long)sizeof(CipherSpecs));
printf("sizeof keys = %lu\n", (unsigned long)sizeof(Keys));
printf("sizeof Hashes(2) = %lu\n", (unsigned long)sizeof(Hashes));
@@ -2669,6 +2699,9 @@ int wolfSSL_GetObjectSize(void)
#ifdef WOLFSSL_SHA384
printf("\tsizeof SHA512 = %lu\n", (unsigned long)sizeof(wc_Sha512));
#endif
+#ifdef WOLFSSL_SM3
+ printf("\tsizeof sm3 = %lu\n", (unsigned long)sizeof(Sm3));
+#endif
printf("sizeof Buffers = %lu\n", (unsigned long)sizeof(Buffers));
printf("sizeof Options = %lu\n", (unsigned long)sizeof(Options));
printf("sizeof Arrays = %lu\n", (unsigned long)sizeof(Arrays));
@@ -3208,7 +3241,14 @@ int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz)
}
#endif
#ifdef WOLFSSL_EARLY_DATA
- if (ssl->earlyData != no_early_data && (ret = wolfSSL_negotiate(ssl)) < 0) {
+ if (IsAtLeastTLSv1_3(ssl->version) &&
+ ssl->options.side == WOLFSSL_SERVER_END &&
+ ssl->options.acceptState >= TLS13_ACCEPT_FINISHED_SENT) {
+ /* We can send data without waiting on peer finished msg */
+ WOLFSSL_MSG("server sending data before receiving client finished");
+ }
+ else if (ssl->earlyData != no_early_data &&
+ (ret = wolfSSL_negotiate(ssl)) < 0) {
ssl->error = ret;
return WOLFSSL_FATAL_ERROR;
}
@@ -3315,22 +3355,6 @@ static int wolfSSL_read_internal(WOLFSSL* ssl, void* data, int sz, int peek)
errno = 0;
#endif
-#ifdef WOLFSSL_DTLS
- if (ssl->options.dtls) {
- ssl->dtls_expected_rx = max(sz + DTLS_MTU_ADDITIONAL_READ_BUFFER,
- MAX_MTU);
-#ifdef WOLFSSL_SCTP
- if (ssl->options.dtlsSctp)
-#endif
-#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
- /* Add some bytes so that we can operate with slight difference
- * in set MTU size on each peer */
- ssl->dtls_expected_rx = max(ssl->dtls_expected_rx,
- ssl->dtlsMtuSz + (word32)DTLS_MTU_ADDITIONAL_READ_BUFFER);
-#endif
- }
-#endif
-
ret = ReceiveData(ssl, (byte*)data, sz, peek);
#ifdef HAVE_WRITE_DUP
@@ -3692,6 +3716,7 @@ static int isValidCurveGroup(word16 name)
case WOLFSSL_ECC_BRAINPOOLP256R1:
case WOLFSSL_ECC_BRAINPOOLP384R1:
case WOLFSSL_ECC_BRAINPOOLP512R1:
+ case WOLFSSL_ECC_SM2P256V1:
case WOLFSSL_ECC_X25519:
case WOLFSSL_ECC_X448:
@@ -3989,7 +4014,7 @@ int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx)
return WOLFSSL_SUCCESS;
}
-
+#ifdef HAVE_SECURE_RENEGOTIATION
/* do a secure renegotiation handshake, user forced, we discourage */
static int _Rehandshake(WOLFSSL* ssl)
{
@@ -4054,7 +4079,7 @@ static int _Rehandshake(WOLFSSL* ssl)
ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED;
-#if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SECURE_RENEGOTIATION)
+#if !defined(NO_WOLFSSL_SERVER)
if (ssl->options.side == WOLFSSL_SERVER_END) {
ret = SendHelloRequest(ssl);
if (ret != 0) {
@@ -4062,7 +4087,7 @@ static int _Rehandshake(WOLFSSL* ssl)
return WOLFSSL_FATAL_ERROR;
}
}
-#endif /* !NO_WOLFSSL_SERVER && HAVE_SECURE_RENEGOTIATION */
+#endif /* !NO_WOLFSSL_SERVER */
ret = InitHandshakeHashes(ssl);
if (ret != 0) {
@@ -4093,6 +4118,8 @@ int wolfSSL_Rehandshake(WOLFSSL* ssl)
if (ssl->options.side == WOLFSSL_SERVER_END) {
/* Reset option to send certificate verify. */
ssl->options.sendVerify = 0;
+ /* Reset resuming flag to do full secure handshake. */
+ ssl->options.resuming = 0;
}
else {
/* Reset resuming flag to do full secure handshake. */
@@ -4134,6 +4161,8 @@ int wolfSSL_SecureResume(WOLFSSL* ssl)
#endif /* NO_WOLFSSL_CLIENT */
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_SSL_get_secure_renegotiation_support");
@@ -4446,12 +4475,14 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
/* call wolfSSL_shutdown again for bidirectional shutdown */
if (ssl->options.sentNotify && !ssl->options.closeNotify) {
ret = ProcessReply(ssl);
- if (ret == ZERO_RETURN) {
+ if ((ret == ZERO_RETURN) || (ret == SOCKET_ERROR_E)) {
/* simulate OpenSSL behavior */
ssl->options.shutdownDone = 1;
/* Clear error */
ssl->error = WOLFSSL_ERROR_NONE;
ret = WOLFSSL_SUCCESS;
+ } else if (ret == MEMORY_E) {
+ ret = WOLFSSL_FATAL_ERROR;
} else if (ssl->error == WOLFSSL_ERROR_NONE) {
ret = WOLFSSL_SHUTDOWN_NOT_DONE;
} else {
@@ -4462,7 +4493,7 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
}
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
- /* reset WOLFSSL structure state for possible re-use */
+ /* reset WOLFSSL structure state for possible reuse */
if (ret == WOLFSSL_SUCCESS) {
if (wolfSSL_clear(ssl) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("could not clear WOLFSSL");
@@ -4507,7 +4538,15 @@ int wolfSSL_get_error(WOLFSSL* ssl, int ret)
return WOLFSSL_ERROR_WANT_WRITE; /* convert to OpenSSL type */
else if (ssl->error == ZERO_RETURN || ssl->options.shutdownDone)
return WOLFSSL_ERROR_ZERO_RETURN; /* convert to OpenSSL type */
- return ssl->error;
+#ifdef OPENSSL_EXTRA
+ else if (ssl->error == SOCKET_PEER_CLOSED_E)
+ return WOLFSSL_ERROR_SYSCALL; /* convert to OpenSSL type */
+#endif
+#if defined(WOLFSSL_HAPROXY)
+ return GetX509Error(ssl->error);
+#else
+ return (ssl->error);
+#endif
}
@@ -5018,7 +5057,6 @@ int wolfSSL_GetSequenceNumber(WOLFSSL* ssl, word64 *seq)
#endif /* ATOMIC_USER */
#ifndef NO_CERTS
-
WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX* ctx)
{
WOLFSSL_CERT_MANAGER* cm = NULL;
@@ -5026,298 +5064,6 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX* ctx)
cm = ctx->cm;
return cm;
}
-
-WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
-{
- WOLFSSL_CERT_MANAGER* cm;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerNew");
-
- cm = (WOLFSSL_CERT_MANAGER*) XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), heap,
- DYNAMIC_TYPE_CERT_MANAGER);
- if (cm) {
- int ret;
-
- XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER));
-
- if (wc_InitMutex(&cm->caLock) != 0) {
- WOLFSSL_MSG("Bad mutex init");
- wolfSSL_CertManagerFree(cm);
- return NULL;
- }
-
- wolfSSL_RefInit(&cm->ref, &ret);
- #ifdef WOLFSSL_REFCNT_ERROR_RETURN
- if (ret != 0) {
- WOLFSSL_MSG("Bad mutex init");
- wolfSSL_CertManagerFree(cm);
- return NULL;
- }
- #else
- (void)ret;
- #endif
-
- #ifdef WOLFSSL_TRUST_PEER_CERT
- if (wc_InitMutex(&cm->tpLock) != 0) {
- WOLFSSL_MSG("Bad mutex init");
- wolfSSL_CertManagerFree(cm);
- return NULL;
- }
- #endif
-
- /* set default minimum key size allowed */
- #ifndef NO_RSA
- cm->minRsaKeySz = MIN_RSAKEY_SZ;
- #endif
- #ifdef HAVE_ECC
- cm->minEccKeySz = MIN_ECCKEY_SZ;
- #endif
- #ifdef HAVE_PQC
- #ifdef HAVE_FALCON
- cm->minFalconKeySz = MIN_FALCONKEY_SZ;
- #endif /* HAVE_FALCON */
- #ifdef HAVE_DILITHIUM
- cm->minDilithiumKeySz = MIN_DILITHIUMKEY_SZ;
- #endif /* HAVE_DILITHIUM */
- #endif /* HAVE_PQC */
-
- cm->heap = heap;
- }
-
- return cm;
-}
-
-
-WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
-{
- return wolfSSL_CertManagerNew_ex(NULL);
-}
-
-
-void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerFree");
-
- if (cm) {
- int doFree = 0;
- int ret;
-
- wolfSSL_RefDec(&cm->ref, &doFree, &ret);
- #ifdef WOLFSSL_REFCNT_ERROR_RETURN
- if (ret != 0) {
- WOLFSSL_MSG("Couldn't lock cm mutex");
- }
- #else
- (void)ret;
- #endif
- if (doFree) {
- #ifdef HAVE_CRL
- if (cm->crl)
- FreeCRL(cm->crl, 1);
- #endif
- #ifdef HAVE_OCSP
- if (cm->ocsp)
- FreeOCSP(cm->ocsp, 1);
- XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
- #if !defined(NO_WOLFSSL_SERVER) && \
- (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
- defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
- if (cm->ocsp_stapling)
- FreeOCSP(cm->ocsp_stapling, 1);
- #endif
- #endif
- FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
- wc_FreeMutex(&cm->caLock);
-
- #ifdef WOLFSSL_TRUST_PEER_CERT
- FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
- wc_FreeMutex(&cm->tpLock);
- #endif
- wolfSSL_RefFree(&cm->ref);
- XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER);
- }
- }
-
-}
-
-int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm)
-{
- if (cm) {
- int ret;
-
- wolfSSL_RefInc(&cm->ref, &ret);
- #ifdef WOLFSSL_REFCNT_ERROR_RETURN
- if (ret != 0) {
- WOLFSSL_MSG("Failed to lock cm mutex");
- return WOLFSSL_FAILURE;
- }
- #else
- (void)ret;
- #endif
-
- return WOLFSSL_SUCCESS;
- }
-
- return WOLFSSL_FAILURE;
-}
-
-#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
-#if defined(WOLFSSL_SIGNER_DER_CERT)
-/******************************************************************************
-* wolfSSL_CertManagerGetCerts - retrieve stack of X509 certificates in a
-* certificate manager (CM).
-*
-* RETURNS:
-* returns stack of X509 certs on success, otherwise returns a NULL.
-*/
-WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_STACK* sk = NULL;
- int numCerts = 0;
- DerBuffer** certBuffers = NULL;
- const byte* derBuffer = NULL;
- Signer* signers = NULL;
- word32 row = 0;
- WOLFSSL_X509* x509 = NULL;
- int i = 0;
- int ret = 0;
-
- if (cm == NULL)
- return NULL;
-
- sk = wolfSSL_sk_X509_new_null();
- if (sk == NULL)
- goto error;
-
- if (wc_LockMutex(&cm->caLock) != 0)
- goto error;
-
- /* Iterate once to get the number of certs, for memory allocation
- purposes. */
- for (row = 0; row < CA_TABLE_SIZE; row++) {
- signers = cm->caTable[row];
- while (signers && signers->derCert && signers->derCert->buffer) {
- ++numCerts;
- signers = signers->next;
- }
- }
-
- if (numCerts == 0) {
- wc_UnLockMutex(&cm->caLock);
- goto error;
- }
-
- certBuffers = (DerBuffer**)XMALLOC(sizeof(DerBuffer*) * numCerts, cm->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (certBuffers == NULL) {
- wc_UnLockMutex(&cm->caLock);
- goto error;
- }
- XMEMSET(certBuffers, 0, sizeof(DerBuffer*) * numCerts);
-
- /* Copy the certs locally so that we can release the caLock. If the lock is
- held when wolfSSL_d2i_X509 is called, GetCA will also try to get the
- lock, leading to deadlock. */
- for (row = 0; row < CA_TABLE_SIZE; row++) {
- signers = cm->caTable[row];
- while (signers && signers->derCert && signers->derCert->buffer) {
- ret = AllocDer(&certBuffers[i], signers->derCert->length, CA_TYPE,
- cm->heap);
- if (ret < 0) {
- wc_UnLockMutex(&cm->caLock);
- goto error;
- }
-
- XMEMCPY(certBuffers[i]->buffer, signers->derCert->buffer,
- signers->derCert->length);
- certBuffers[i]->length = signers->derCert->length;
-
- ++i;
- signers = signers->next;
- }
- }
-
- wc_UnLockMutex(&cm->caLock);
-
- for (i = 0; i < numCerts; ++i) {
- derBuffer = certBuffers[i]->buffer;
- wolfSSL_d2i_X509(&x509, &derBuffer, certBuffers[i]->length);
- if (x509 == NULL)
- goto error;
-
- if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) {
- wolfSSL_X509_free(x509);
- goto error;
- }
- }
-
- for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {
- FreeDer(&certBuffers[i]);
- }
-
- XFREE(certBuffers, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
- return sk;
-
-error:
- if (sk)
- wolfSSL_sk_X509_pop_free(sk, NULL);
-
- if (certBuffers != NULL) {
- for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {
- FreeDer(&certBuffers[i]);
- }
- }
-
- if (certBuffers)
- XFREE(certBuffers, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
- return NULL;
-}
-
-#endif /* WOLFSSL_SIGNER_DER_CERT */
-#endif /* OPENSSL_EXTRA && !NO_FILESYSTEM */
-
-/* Unload the CA signer list */
-int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerUnloadCAs");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- if (wc_LockMutex(&cm->caLock) != 0)
- return BAD_MUTEX_E;
-
- FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
-
- wc_UnLockMutex(&cm->caLock);
-
-
- return WOLFSSL_SUCCESS;
-}
-
-
-#ifdef WOLFSSL_TRUST_PEER_CERT
-int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerUnload_trust_peers");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- if (wc_LockMutex(&cm->tpLock) != 0)
- return BAD_MUTEX_E;
-
- FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
-
- wc_UnLockMutex(&cm->tpLock);
-
-
- return WOLFSSL_SUCCESS;
-}
-#endif /* WOLFSSL_TRUST_PEER_CERT */
-
#endif /* NO_CERTS */
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) \
@@ -5787,6 +5533,46 @@ Signer* GetCA(void* vp, byte* hash)
return ret;
}
+#ifdef WOLFSSL_AKID_NAME
+Signer* GetCAByAKID(void* vp, const byte* issuer, word32 issuerSz,
+ const byte* serial, word32 serialSz)
+{
+ WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
+ Signer* ret = NULL;
+ Signer* signers;
+ byte nameHash[SIGNER_DIGEST_SIZE];
+ byte serialHash[SIGNER_DIGEST_SIZE];
+ word32 row;
+
+ if (cm == NULL || issuer == NULL || issuerSz == 0 ||
+ serial == NULL || serialSz == 0)
+ return NULL;
+
+ if (CalcHashId(issuer, issuerSz, nameHash) != 0 ||
+ CalcHashId(serial, serialSz, serialHash) != 0)
+ return NULL;
+
+ if (wc_LockMutex(&cm->caLock) != 0)
+ return ret;
+
+ /* Unfortunately we need to look through the entire table */
+ for (row = 0; row < CA_TABLE_SIZE && ret == NULL; row++) {
+ for (signers = cm->caTable[row]; signers != NULL;
+ signers = signers->next) {
+ if (XMEMCMP(signers->subjectNameHash, nameHash, SIGNER_DIGEST_SIZE)
+ == 0 && XMEMCMP(signers->serialHash, serialHash,
+ SIGNER_DIGEST_SIZE) == 0) {
+ ret = signers;
+ break;
+ }
+ }
+ }
+
+ wc_UnLockMutex(&cm->caLock);
+
+ return ret;
+}
+#endif
#ifndef NO_SKID
/* return CA if found, otherwise NULL. Walk through hash table. */
@@ -6090,6 +5876,10 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
if (!signer)
ret = MEMORY_ERROR;
}
+#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
+ if (ret == 0 && signer != NULL)
+ ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash);
+#endif
if (ret == 0 && signer != NULL) {
#ifdef WOLFSSL_SIGNER_DER_CERT
ret = AllocDer(&signer->derCert, der->length, der->type, NULL);
@@ -6106,9 +5896,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
signer->nameLen = cert->subjectCNLen;
signer->name = cert->subjectCN;
}
- signer->pathLength = cert->pathLength;
signer->maxPathLen = cert->maxPathLen;
- signer->pathLengthSet = cert->pathLengthSet;
signer->selfSigned = cert->selfSigned;
#ifndef IGNORE_NAME_CONSTRAINTS
signer->permittedNames = cert->permittedNames;
@@ -6120,6 +5908,10 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
#endif
XMEMCPY(signer->subjectNameHash, cert->subjectHash,
SIGNER_DIGEST_SIZE);
+ #if defined(HAVE_OCSP) || defined(HAVE_CRL)
+ XMEMCPY(signer->issuerNameHash, cert->issuerHash,
+ SIGNER_DIGEST_SIZE);
+ #endif
#ifdef HAVE_OCSP
XMEMCPY(signer->subjectKeyHash, cert->subjectKeyHash,
KEYID_SIZE);
@@ -6152,7 +5944,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
ret = BAD_MUTEX_E;
}
}
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
/* Verify CA by TSIP so that generated tsip key is going to be able to */
/* be used for peer's cert verification */
/* TSIP is only able to handle USER CA, and only one CA. */
@@ -6474,6 +6266,7 @@ int wolfSSL_Init(void)
}
#endif
#endif
+#ifndef WOLFSSL_MUTEX_INITIALIZER
if (ret == WOLFSSL_SUCCESS) {
if (wc_InitMutex(&count_mutex) != 0) {
WOLFSSL_MSG("Bad Init Mutex count");
@@ -6483,6 +6276,7 @@ int wolfSSL_Init(void)
count_mutex_valid = 1;
}
}
+#endif /* !WOLFSSL_MUTEX_INITIALIZER */
#if defined(OPENSSL_EXTRA) && defined(HAVE_ATEXIT)
/* OpenSSL registers cleanup using atexit */
if ((ret == WOLFSSL_SUCCESS) && (atexit(AtExitCleanup) != 0)) {
@@ -6528,7 +6322,8 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
/* we may have a user cert chain, try to consume */
- if ((type == CERT_TYPE || type == CA_TYPE) && (info->consumed < sz)) {
+ if ((type == CERT_TYPE || type == CHAIN_CERT_TYPE || type == CA_TYPE) &&
+ (info->consumed < sz)) {
#ifdef WOLFSSL_SMALL_STACK
byte staticBuffer[1]; /* force heap usage */
#else
@@ -6688,7 +6483,8 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#ifdef WOLF_PRIVATE_KEY_ID
if ((ret != 0) && (devId != INVALID_DEVID
#ifdef HAVE_PK_CALLBACKS
- || wolfSSL_CTX_IsPrivatePkSet(ctx)
+ || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+ wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
#endif
)) {
word32 nSz;
@@ -6766,7 +6562,8 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#ifdef WOLF_PRIVATE_KEY_ID
if (ret != 0 && (devId != INVALID_DEVID
#ifdef HAVE_PK_CALLBACKS
- || wolfSSL_CTX_IsPrivatePkSet(ctx)
+ || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+ wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
#endif
)) {
/* if using crypto or PK callbacks, try public key decode */
@@ -6847,7 +6644,8 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#ifdef WOLF_PRIVATE_KEY_ID
if (ret != 0 && (devId != INVALID_DEVID
#ifdef HAVE_PK_CALLBACKS
- || wolfSSL_CTX_IsPrivatePkSet(ctx)
+ || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+ wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
#endif
)) {
/* if using crypto or PK callbacks, try public key decode */
@@ -6868,11 +6666,23 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
if (ssl) {
ssl->options.haveStaticECC = 1;
ssl->buffers.keyType = ecc_dsa_sa_algo;
+ #ifdef WOLFSSL_SM2
+ if (key->dp->id == ECC_SM2P256V1)
+ ssl->buffers.keyType = sm2_sa_algo;
+ else
+ #endif
+ ssl->buffers.keyType = ecc_dsa_sa_algo;
ssl->buffers.keySz = *keySz;
}
else {
ctx->haveStaticECC = 1;
ctx->privateKeyType = ecc_dsa_sa_algo;
+ #ifdef WOLFSSL_SM2
+ if (key->dp->id == ECC_SM2P256V1)
+ ctx->privateKeyType = sm2_sa_algo;
+ else
+ #endif
+ ctx->privateKeyType = ecc_dsa_sa_algo;
ctx->privateKeySz = *keySz;
}
@@ -6921,7 +6731,8 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#ifdef WOLF_PRIVATE_KEY_ID
if (ret != 0 && (devId != INVALID_DEVID
#ifdef HAVE_PK_CALLBACKS
- || wolfSSL_CTX_IsPrivatePkSet(ctx)
+ || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+ wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
#endif
)) {
/* if using crypto or PK callbacks, try public key decode */
@@ -6949,9 +6760,11 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
*keyFormat = ED25519k;
if (ssl != NULL) {
+#if !defined(WOLFSSL_NO_CLIENT_AUTH) && !defined(NO_ED25519_CLIENT_AUTH)
/* ED25519 requires caching enabled for tracking message
* hash used in EdDSA_Update for signing */
ssl->options.cacheMessages = 1;
+#endif
if (ssl->options.side == WOLFSSL_SERVER_END) {
*resetSuites = 1;
}
@@ -6998,7 +6811,8 @@ static int ProcessBufferTryDecodeEd448(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#ifdef WOLF_PRIVATE_KEY_ID
if (ret != 0 && (devId != INVALID_DEVID
#ifdef HAVE_PK_CALLBACKS
- || wolfSSL_CTX_IsPrivatePkSet(ctx)
+ || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+ wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
#endif
)) {
/* if using crypto or PK callbacks, try public key decode */
@@ -7227,7 +7041,11 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
}
#endif
#ifdef HAVE_ECC
- if ((*keyFormat == 0 || *keyFormat == ECDSAk)) {
+ if ((*keyFormat == 0) || (*keyFormat == ECDSAk)
+ #ifdef WOLFSSL_SM2
+ || (*keyFormat == SM2k)
+ #endif
+ ) {
ret = ProcessBufferTryDecodeEcc(ctx, ssl, der, keySz, idx, resetSuites,
keyFormat, heap, devId);
if (ret != 0)
@@ -7316,6 +7134,10 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
if (ctx == NULL && ssl == NULL)
return BAD_FUNC_ARG;
+ /* This API does not handle CHAIN_CERT_TYPE */
+ if (type == CHAIN_CERT_TYPE)
+ return BAD_FUNC_ARG;
+
#ifdef WOLFSSL_SMALL_STACK
info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), heap,
DYNAMIC_TYPE_ENCRYPTEDINFO);
@@ -7341,20 +7163,18 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
else {
/* ASN1 (DER) */
int length = (int)sz;
- if (format == WOLFSSL_FILETYPE_ASN1) {
- /* get length of der (read sequence or octet string) */
- word32 inOutIdx = 0;
- if (GetSequence(buff, &inOutIdx, &length, (word32)sz) >= 0) {
- length += inOutIdx; /* include leading sequence */
- }
- /* get length using octet string (allowed for private key types) */
- else if (type == PRIVATEKEY_TYPE &&
+ word32 inOutIdx = 0;
+ /* get length of der (read sequence or octet string) */
+ if (GetSequence(buff, &inOutIdx, &length, (word32)sz) >= 0) {
+ length += inOutIdx; /* include leading sequence */
+ }
+ /* get length using octet string (allowed for private key types) */
+ else if (type == PRIVATEKEY_TYPE &&
GetOctetString(buff, &inOutIdx, &length, (word32)sz) >= 0) {
- length += inOutIdx; /* include leading oct string */
- }
- else {
- ret = ASN_PARSE_E;
- }
+ length += inOutIdx; /* include leading oct string */
+ }
+ else {
+ ret = ASN_PARSE_E;
}
info->consumed = length;
@@ -7393,8 +7213,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
* Remainder are processed using ProcessUserChain and are loaded into
* ssl->buffers.certChain. */
if (userChain) {
- ret = ProcessUserChain(ctx, buff, sz, format, type, ssl, used, info,
- verify);
+ ret = ProcessUserChain(ctx, buff, sz, format, CHAIN_CERT_TYPE, ssl,
+ used, info, verify);
if (ret == ASN_NO_PEM_HEADER) { /* Additional chain is optional */
unsigned long pemErr = 0;
CLEAR_ASN_NO_PEM_HEADER_ERROR(pemErr);
@@ -7434,9 +7254,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
else if (type == TRUSTED_PEER_TYPE) {
/* add trusted peer cert. der is freed within */
if (ctx != NULL)
- ret = AddTrustedPeer(ctx->cm, &der, !ctx->verifyNone);
- else
- ret = AddTrustedPeer(SSL_CM(ssl), &der, !ssl->options.verifyNone);
+ ret = AddTrustedPeer(ctx->cm, &der, verify);
+ else {
+ SSL_CM_WARNING(ssl);
+ ret = AddTrustedPeer(SSL_CM(ssl), &der, verify);
+ }
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error adding trusted peer");
}
@@ -7555,12 +7377,12 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
#endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
- #endif
-
- if (ret != 0)
+ if (ret != 0) {
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
+ #endif
return ret;
+ }
if (keyFormat == 0) {
#ifdef OPENSSL_EXTRA
/* Reaching this point probably means that the
@@ -7568,10 +7390,17 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
if (info->passwd_cb)
EVPerr(0, EVP_R_BAD_DECRYPT);
#endif
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
+ #endif
WOLFSSL_ERROR(WOLFSSL_BAD_FILE);
return WOLFSSL_BAD_FILE;
}
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
+ #endif
+
(void)devId;
}
else if (type == CERT_TYPE) {
@@ -7602,6 +7431,20 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
#endif
return WOLFSSL_BAD_FILE;
}
+#if defined(HAVE_RPK)
+ if (ssl) {
+ ssl->options.rpkState.isRPKLoaded = 0;
+ if (cert->isRPK) {
+ ssl->options.rpkState.isRPKLoaded = 1;
+ }
+ }
+ else if (ctx) {
+ ctx->rpkState.isRPKLoaded = 0;
+ if (cert->isRPK) {
+ ctx->rpkState.isRPKLoaded = 1;
+ }
+ }
+#endif /* HAVE_RPK */
if (ssl) {
if (ssl->options.side == WOLFSSL_SERVER_END)
@@ -7622,6 +7465,9 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
case CTC_SHA512wECDSA:
case CTC_ED25519:
case CTC_ED448:
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case CTC_SM3wSM2:
+ #endif
WOLFSSL_MSG("ECDSA/ED25519/ED448 cert signature");
if (ssl)
ssl->options.haveECDSAsig = 1;
@@ -7671,6 +7517,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
#endif
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ else if (cert->keyOID == SM2k) {
+ ssl->options.haveECC = 1;
+ }
+ #endif
#ifdef HAVE_ED25519
else if (cert->keyOID == ED25519k) {
ssl->options.haveECC = 1;
@@ -7718,6 +7569,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
#endif
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ else if (cert->keyOID == SM2k) {
+ ctx->haveECC = 1;
+ }
+ #endif
#ifdef HAVE_ED25519
else if (cert->keyOID == ED25519k) {
ctx->haveECC = 1;
@@ -7790,8 +7646,16 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
keyType = ecc_dsa_sa_algo;
#endif
/* Determine ECC key size based on curve */
- keySz = wc_ecc_get_curve_size_from_id(
- wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL));
+ #ifdef WOLFSSL_CUSTOM_CURVES
+ if (cert->pkCurveOID == 0 && cert->pkCurveSize != 0) {
+ keySz = cert->pkCurveSize * 8;
+ }
+ else
+ #endif
+ {
+ keySz = wc_ecc_get_curve_size_from_id(
+ wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL));
+ }
if (ssl && !ssl->options.verifyNone) {
if (ssl->options.minEccKeySz < 0 ||
@@ -7809,6 +7673,30 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
break;
#endif /* HAVE_ECC */
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2k:
+ #ifdef WOLF_PRIVATE_KEY_ID
+ keyType = sm2_sa_algo;
+ #endif
+ /* Determine ECC key size based on curve */
+ keySz = wc_ecc_get_curve_size_from_id(
+ wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL));
+ if (ssl && !ssl->options.verifyNone) {
+ if (ssl->options.minEccKeySz < 0 ||
+ keySz < (int)ssl->options.minEccKeySz) {
+ ret = ECC_KEY_SIZE_E;
+ WOLFSSL_MSG("Certificate Ed key size error");
+ }
+ }
+ else if (ctx && !ctx->verifyNone) {
+ if (ctx->minEccKeySz < 0 ||
+ keySz < (int)ctx->minEccKeySz) {
+ ret = ECC_KEY_SIZE_E;
+ WOLFSSL_MSG("Certificate ECC key size error");
+ }
+ }
+ break;
+ #endif /* HAVE_ED25519 */
#ifdef HAVE_ED25519
case ED25519k:
#ifdef WOLF_PRIVATE_KEY_ID
@@ -7908,11 +7796,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
#ifdef WOLF_PRIVATE_KEY_ID
if (ssl != NULL) {
- ssl->buffers.keyType = keyType;
+ ssl->buffers.keyType = (byte)keyType;
ssl->buffers.keySz = keySz;
}
else if (ctx != NULL) {
- ctx->privateKeyType = keyType;
+ ctx->privateKeyType = (byte)keyType;
ctx->privateKeySz = keySz;
}
#endif
@@ -8061,116 +7949,8 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
}
-static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void)
-{
- #ifndef NO_WOLFSSL_CLIENT
- #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
- return wolfSSLv3_client_method();
- #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
- return wolfTLSv1_client_method();
- #elif !defined(NO_OLD_TLS)
- return wolfTLSv1_1_client_method();
- #elif !defined(WOLFSSL_NO_TLS12)
- return wolfTLSv1_2_client_method();
- #elif defined(WOLFSSL_TLS13)
- return wolfTLSv1_3_client_method();
- #else
- return NULL;
- #endif
- #elif !defined(NO_WOLFSSL_SERVER)
- #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
- return wolfSSLv3_server_method();
- #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
- return wolfTLSv1_server_method();
- #elif !defined(NO_OLD_TLS)
- return wolfTLSv1_1_server_method();
- #elif !defined(WOLFSSL_NO_TLS12)
- return wolfTLSv1_2_server_method();
- #elif defined(WOLFSSL_TLS13)
- return wolfTLSv1_3_server_method();
- #else
- return NULL;
- #endif
- #else
- return NULL;
- #endif
-}
-
-
-int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* in, long sz,
- int format, int userChain, word32 flags)
-{
- int ret = WOLFSSL_FATAL_ERROR;
- WOLFSSL_CTX* tmp;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerLoadCABuffer_ex");
-
- if (cm == NULL) {
- WOLFSSL_MSG("No CertManager error");
- return ret;
- }
- tmp = wolfSSL_CTX_new(cm_pick_method());
-
- if (tmp == NULL) {
- WOLFSSL_MSG("CTX new failed");
- return ret;
- }
-
- /* for tmp use */
- wolfSSL_CertManagerFree(tmp->cm);
- tmp->cm = cm;
-
- ret = wolfSSL_CTX_load_verify_buffer_ex(tmp, in, sz, format,
- userChain, flags);
-
- /* don't loose our good one */
- tmp->cm = NULL;
- wolfSSL_CTX_free(tmp);
-
- return ret;
-}
-
-/* like load verify locations, 1 for success, < 0 for error */
-int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* in, long sz,
- int format)
-{
- return wolfSSL_CertManagerLoadCABuffer_ex(cm, in, sz, format, 0,
- WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS);
-}
-
#ifdef HAVE_CRL
-int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* buff, long sz, int type)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLBuffer");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- if (cm->crl == NULL) {
- if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
- WOLFSSL_MSG("Enable CRL failed");
- return WOLFSSL_FATAL_ERROR;
- }
- }
-
- return BufferLoadCRL(cm->crl, buff, sz, type, VERIFY);
-}
-
-int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerFreeCRL");
- if (cm == NULL)
- return BAD_FUNC_ARG;
- if (cm->crl != NULL){
- FreeCRL(cm->crl, 1);
- cm->crl = NULL;
- }
- return WOLFSSL_SUCCESS;
-}
-
int wolfSSL_CTX_LoadCRLBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
long sz, int type)
{
@@ -8191,443 +7971,20 @@ int wolfSSL_LoadCRLBuffer(WOLFSSL* ssl, const unsigned char* buff,
if (ssl == NULL || ssl->ctx == NULL)
return BAD_FUNC_ARG;
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerLoadCRLBuffer(SSL_CM(ssl), buff, sz, type);
}
-
#endif /* HAVE_CRL */
-/* turn on CRL if off and compiled in, set options */
-int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options)
-{
- int ret = WOLFSSL_SUCCESS;
-
- (void)options;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- #ifdef HAVE_CRL
- if (cm->crl == NULL) {
- cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap,
- DYNAMIC_TYPE_CRL);
- if (cm->crl == NULL)
- return MEMORY_E;
-
- if (InitCRL(cm->crl, cm) != 0) {
- WOLFSSL_MSG("Init CRL failed");
- FreeCRL(cm->crl, 1);
- cm->crl = NULL;
- return WOLFSSL_FAILURE;
- }
-
- #if defined(HAVE_CRL_IO) && defined(USE_WOLFSSL_IO)
- cm->crl->crlIOCb = EmbedCrlLookup;
- #endif
- }
-
- cm->crlEnabled = 1;
- if (options & WOLFSSL_CRL_CHECKALL)
- cm->crlCheckAll = 1;
- #else
- ret = NOT_COMPILED_IN;
- #endif
-
- return ret;
-}
-
-
-int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- cm->crlEnabled = 0;
-
- return WOLFSSL_SUCCESS;
-}
-
-#ifndef NO_WOLFSSL_CM_VERIFY
-void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, VerifyCallback vc)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerSetVerify");
- if (cm == NULL)
- return;
-
- cm->verifyCallback = vc;
-}
-#endif /* NO_WOLFSSL_CM_VERIFY */
-
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
-/* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */
-int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
- long sz, int format, int err_val)
-{
- int ret = 0;
- DerBuffer* der = NULL;
-#ifdef WOLFSSL_SMALL_STACK
- DecodedCert* cert;
-#else
- DecodedCert cert[1];
-#endif
-
- WOLFSSL_ENTER("wolfSSL_CertManagerVerifyBuffer");
-
-#ifdef WOLFSSL_SMALL_STACK
- cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
- DYNAMIC_TYPE_DCERT);
- if (cert == NULL)
- return MEMORY_E;
-#endif
-
- if (format == WOLFSSL_FILETYPE_PEM) {
-#ifdef WOLFSSL_PEM_TO_DER
- ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, NULL, NULL);
- if (ret != 0) {
- FreeDer(&der);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
- #endif
- return ret;
- }
- InitDecodedCert(cert, der->buffer, der->length, cm->heap);
-#else
- ret = NOT_COMPILED_IN;
-#endif
- }
- else {
- InitDecodedCert(cert, buff, (word32)sz, cm->heap);
- }
-
- if (ret == 0)
- ret = ParseCertRelative(cert, CERT_TYPE, 1, cm);
-
-#ifdef HAVE_CRL
- if (ret == 0 && cm->crlEnabled)
- ret = CheckCertCRL(cm->crl, cert);
-#endif
-
-#ifndef NO_WOLFSSL_CM_VERIFY
- /* if verify callback has been set */
- if (cm->verifyCallback) {
- buffer certBuf;
- #ifdef WOLFSSL_SMALL_STACK
- ProcPeerCertArgs* args;
- args = (ProcPeerCertArgs*)XMALLOC(
- sizeof(ProcPeerCertArgs), cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (args == NULL) {
- XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
- return MEMORY_E;
- }
- #else
- ProcPeerCertArgs args[1];
- #endif
-
- certBuf.buffer = (byte*)buff;
- certBuf.length = (unsigned int)sz;
- XMEMSET(args, 0, sizeof(ProcPeerCertArgs));
-
- args->totalCerts = 1;
- args->certs = &certBuf;
- args->dCert = cert;
- args->dCertInit = 1;
-
- if (err_val != 0) {
- ret = err_val;
- }
- ret = DoVerifyCallback(cm, NULL, ret, args);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(args, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- }
-#else
- (void)err_val;
-#endif
-
- FreeDecodedCert(cert);
- FreeDer(&der);
-#ifdef WOLFSSL_SMALL_STACK
- XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-#endif
-
- return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-/* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */
-int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
- long sz, int format)
-{
- return CM_VerifyBuffer_ex(cm, buff, sz, format, 0);
-}
-#endif /* !NO_WOLFSSL_CLIENT || !WOLFSSL_NO_CLIENT_AUTH */
-
-/* turn on OCSP if off and compiled in, set options */
-int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm, int options)
-{
- int ret = WOLFSSL_SUCCESS;
-
- (void)options;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSP");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- #ifdef HAVE_OCSP
- if (cm->ocsp == NULL) {
- cm->ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm->heap,
- DYNAMIC_TYPE_OCSP);
- if (cm->ocsp == NULL)
- return MEMORY_E;
-
- if (InitOCSP(cm->ocsp, cm) != 0) {
- WOLFSSL_MSG("Init OCSP failed");
- FreeOCSP(cm->ocsp, 1);
- cm->ocsp = NULL;
- return WOLFSSL_FAILURE;
- }
- }
- cm->ocspEnabled = 1;
- if (options & WOLFSSL_OCSP_URL_OVERRIDE)
- cm->ocspUseOverrideURL = 1;
- if (options & WOLFSSL_OCSP_NO_NONCE)
- cm->ocspSendNonce = 0;
- else
- cm->ocspSendNonce = 1;
- if (options & WOLFSSL_OCSP_CHECKALL)
- cm->ocspCheckAll = 1;
- #ifndef WOLFSSL_USER_IO
- cm->ocspIOCb = EmbedOcspLookup;
- cm->ocspRespFreeCb = EmbedOcspRespFree;
- cm->ocspIOCtx = cm->heap;
- #endif /* WOLFSSL_USER_IO */
- #else
- ret = NOT_COMPILED_IN;
- #endif
-
- return ret;
-}
-
-
-int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSP");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- cm->ocspEnabled = 0;
-
- return WOLFSSL_SUCCESS;
-}
-
-/* turn on OCSP Stapling if off and compiled in, set options */
-int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
-{
- int ret = WOLFSSL_SUCCESS;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPStapling");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
- #ifndef NO_WOLFSSL_SERVER
- if (cm->ocsp_stapling == NULL) {
- cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP),
- cm->heap, DYNAMIC_TYPE_OCSP);
- if (cm->ocsp_stapling == NULL)
- return MEMORY_E;
-
- if (InitOCSP(cm->ocsp_stapling, cm) != 0) {
- WOLFSSL_MSG("Init OCSP failed");
- FreeOCSP(cm->ocsp_stapling, 1);
- cm->ocsp_stapling = NULL;
- return WOLFSSL_FAILURE;
- }
- }
-
- #ifndef WOLFSSL_USER_IO
- cm->ocspIOCb = EmbedOcspLookup;
- cm->ocspRespFreeCb = EmbedOcspRespFree;
- cm->ocspIOCtx = cm->heap;
- #endif /* WOLFSSL_USER_IO */
- #endif /* NO_WOLFSSL_SERVER */
- cm->ocspStaplingEnabled = 1;
-#else
- ret = NOT_COMPILED_IN;
-#endif
-
- return ret;
-}
-
-int wolfSSL_CertManagerDisableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
-{
- int ret = WOLFSSL_SUCCESS;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPStapling");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
- cm->ocspStaplingEnabled = 0;
-#else
- ret = NOT_COMPILED_IN;
-#endif
- return ret;
-}
-
-/* require OCSP stapling response */
-int wolfSSL_CertManagerEnableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
-{
- int ret;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPMustStaple");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
- #ifndef NO_WOLFSSL_CLIENT
- cm->ocspMustStaple = 1;
- #endif
- ret = WOLFSSL_SUCCESS;
-#else
- ret = NOT_COMPILED_IN;
-#endif
-
- return ret;
-}
-
-int wolfSSL_CertManagerDisableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
-{
- int ret;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPMustStaple");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
- #ifndef NO_WOLFSSL_CLIENT
- cm->ocspMustStaple = 0;
- #endif
- ret = WOLFSSL_SUCCESS;
-#else
- ret = NOT_COMPILED_IN;
-#endif
- return ret;
-}
-
#ifdef HAVE_OCSP
-/* check CRL if enabled, WOLFSSL_SUCCESS */
-int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
-{
- int ret;
-#ifdef WOLFSSL_SMALL_STACK
- DecodedCert* cert = NULL;
-#else
- DecodedCert cert[1];
-#endif
-
- WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- if (cm->ocspEnabled == 0)
- return WOLFSSL_SUCCESS;
-
-#ifdef WOLFSSL_SMALL_STACK
- cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap, DYNAMIC_TYPE_DCERT);
- if (cert == NULL)
- return MEMORY_E;
-#endif
-
- InitDecodedCert(cert, der, sz, NULL);
-
- if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm)) != 0) {
- WOLFSSL_MSG("ParseCert failed");
- }
- else if ((ret = CheckCertOCSP(cm->ocsp, cert, NULL)) != 0) {
- WOLFSSL_MSG("CheckCertOCSP failed");
- }
-
- FreeDecodedCert(cert);
-#ifdef WOLFSSL_SMALL_STACK
- XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-#endif
-
- return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *cm,
- byte *response, int responseSz, buffer *responseBuffer,
- CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest)
-{
- int ret;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSPResponse");
- if (cm == NULL || response == NULL)
- return BAD_FUNC_ARG;
- if (cm->ocspEnabled == 0)
- return WOLFSSL_SUCCESS;
-
- ret = CheckOcspResponse(cm->ocsp, response, responseSz, responseBuffer, status,
- entry, ocspRequest);
-
- return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
- const char* url)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSPOverrideURL");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
- if (url != NULL) {
- int urlSz = (int)XSTRLEN(url) + 1;
- cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, DYNAMIC_TYPE_URL);
- if (cm->ocspOverrideURL != NULL) {
- XMEMCPY(cm->ocspOverrideURL, url, urlSz);
- }
- else
- return MEMORY_E;
- }
- else
- cm->ocspOverrideURL = NULL;
-
- return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
- CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSP_Cb");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- cm->ocspIOCb = ioCb;
- cm->ocspRespFreeCb = respFreeCb;
- cm->ocspIOCtx = ioCbCtx;
-
- return WOLFSSL_SUCCESS;
-}
-
-
int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options)
{
WOLFSSL_ENTER("wolfSSL_EnableOCSP");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerEnableOCSP(SSL_CM(ssl), options);
+ }
else
return BAD_FUNC_ARG;
}
@@ -8635,8 +7992,10 @@ int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options)
int wolfSSL_DisableOCSP(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_DisableOCSP");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerDisableOCSP(SSL_CM(ssl));
+ }
else
return BAD_FUNC_ARG;
}
@@ -8645,8 +8004,10 @@ int wolfSSL_DisableOCSP(WOLFSSL* ssl)
int wolfSSL_EnableOCSPStapling(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_EnableOCSPStapling");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerEnableOCSPStapling(SSL_CM(ssl));
+ }
else
return BAD_FUNC_ARG;
}
@@ -8654,8 +8015,10 @@ int wolfSSL_EnableOCSPStapling(WOLFSSL* ssl)
int wolfSSL_DisableOCSPStapling(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_DisableOCSPStapling");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerDisableOCSPStapling(SSL_CM(ssl));
+ }
else
return BAD_FUNC_ARG;
}
@@ -8663,8 +8026,10 @@ int wolfSSL_DisableOCSPStapling(WOLFSSL* ssl)
int wolfSSL_SetOCSP_OverrideURL(WOLFSSL* ssl, const char* url)
{
WOLFSSL_ENTER("wolfSSL_SetOCSP_OverrideURL");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerSetOCSPOverrideURL(SSL_CM(ssl), url);
+ }
else
return BAD_FUNC_ARG;
}
@@ -8675,6 +8040,7 @@ int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl,
{
WOLFSSL_ENTER("wolfSSL_SetOCSP_Cb");
if (ssl) {
+ SSL_CM_WARNING(ssl);
ssl->ocspIOCtx = ioCbCtx; /* use SSL specific ioCbCtx */
return wolfSSL_CertManagerSetOCSP_Cb(SSL_CM(ssl),
ioCb, respFreeCb, NULL);
@@ -8972,7 +8338,7 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
/* pass directory read failure to response code */
if (fileRet != WC_READDIR_NOFILE) {
ret = fileRet;
- #if defined(WOLFSSL_QT)
+ #if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
if (ret == BAD_PATH_ERROR &&
flags & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR) {
/* QSslSocket always loads certs in system folder
@@ -9076,6 +8442,18 @@ static int LoadSystemCaCertsWindows(WOLFSSL_CTX* ctx, byte* loaded)
#elif defined(__APPLE__)
+#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
+ && !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
+/*
+ * Manually obtains certificates from the system trust store and loads them
+ * directly into wolfSSL "the old way".
+ *
+ * As of MacOS 14.0 we are still able to use this method to access system
+ * certificates. Accessibility of this API is indicated by the presence of the
+ * Security/SecTrustSettings.h header. In the likely event that Apple removes
+ * access to this API on Macs, this function should be removed and the
+ * DoAppleNativeCertValidation() routine should be used for all devices.
+ */
static int LoadSystemCaCertsMac(WOLFSSL_CTX* ctx, byte* loaded)
{
int ret = WOLFSSL_SUCCESS;
@@ -9136,6 +8514,7 @@ static int LoadSystemCaCertsMac(WOLFSSL_CTX* ctx, byte* loaded)
return ret;
}
+#endif /* defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) */
#else
@@ -9209,11 +8588,51 @@ int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx)
WOLFSSL_ENTER("wolfSSL_CTX_load_system_CA_certs");
#ifdef USE_WINDOWS_API
+
ret = LoadSystemCaCertsWindows(ctx, &loaded);
+
#elif defined(__APPLE__)
+
+#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
+ && !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
+ /* As of MacOS 14.0 we are still able to access system certificates and
+ * load them manually into wolfSSL "the old way". Accessibility of this API
+ * is indicated by the presence of the Security/SecTrustSettings.h header */
ret = LoadSystemCaCertsMac(ctx, &loaded);
+#elif defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
+ /* For other Apple devices, Apple has removed the ability to obtain
+ * certificates from the trust store, so we can't use wolfSSL's built-in
+ * certificate validation mechanisms anymore. We instead must call into the
+ * Security Framework APIs to authenticate peer certificates when received.
+ * (see src/internal.c:DoAppleNativeCertValidation()).
+ * Thus, there is no CA "loading" required, but to keep behavior consistent
+ * with the current API (not using system CA certs unless this function has
+ * been called), we simply set a flag indicating that the new apple trust
+ * verification routine should be used later */
+ ctx->doAppleNativeCertValidationFlag = 1;
+ ret = WOLFSSL_SUCCESS;
+ loaded = 1;
+
+#if FIPS_VERSION_GE(2,0) /* Gate back to cert 3389 FIPS modules */
+#warning "Cryptographic operations may occur outside the FIPS module boundary" \
+ "Please review FIPS claims for cryptography on this Apple device"
+#endif /* FIPS_VERSION_GE(2,0) */
+
+#else
+/* HAVE_SECURITY_SECXXX_H macros are set by autotools or CMake when searching
+ * system for the required SDK headers. If building with user_settings.h, you
+ * will need to manually define WOLFSSL_APPLE_NATIVE_CERT_VALIDATION
+ * and ensure the appropriate Security.framework headers and libraries are
+ * visible to your compiler */
+#error "WOLFSSL_SYS_CA_CERTS on Apple devices requires Security.framework" \
+ " header files to be detected, or a manual override with" \
+ " WOLFSSL_APPLE_NATIVE_CERT_VALIDATION"
+#endif
+
#else
+
ret = LoadSystemCaCertsNix(ctx, &loaded);
+
#endif
if (ret == WOLFSSL_SUCCESS && !loaded) {
@@ -9258,210 +8677,17 @@ int wolfSSL_trust_peer_cert(WOLFSSL* ssl, const char* file, int type)
}
#endif /* WOLFSSL_TRUST_PEER_CERT */
-
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
-/* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */
-int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
- int format)
-{
- int ret = WOLFSSL_FATAL_ERROR;
-#ifdef WOLFSSL_SMALL_STACK
- byte staticBuffer[1]; /* force heap usage */
-#else
- byte staticBuffer[FILE_BUFFER_SIZE];
-#endif
- byte* myBuffer = staticBuffer;
- int dynamic = 0;
- long sz = 0;
- XFILE file = XFOPEN(fname, "rb");
-
- WOLFSSL_ENTER("wolfSSL_CertManagerVerify");
-
- if (file == XBADFILE) return WOLFSSL_BAD_FILE;
- if(XFSEEK(file, 0, XSEEK_END) != 0) {
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
- sz = XFTELL(file);
- if(XFSEEK(file, 0, XSEEK_SET) != 0) {
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
-
- if (sz > MAX_WOLFSSL_FILE_SIZE || sz <= 0) {
- WOLFSSL_MSG("CertManagerVerify file size error");
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
-
- if (sz > (long)sizeof(staticBuffer)) {
- WOLFSSL_MSG("Getting dynamic buffer");
- myBuffer = (byte*) XMALLOC(sz, cm->heap, DYNAMIC_TYPE_FILE);
- if (myBuffer == NULL) {
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
- dynamic = 1;
- }
-
- if ((size_t)XFREAD(myBuffer, 1, sz, file) != (size_t)sz)
- ret = WOLFSSL_BAD_FILE;
- else
- ret = wolfSSL_CertManagerVerifyBuffer(cm, myBuffer, sz, format);
-
- XFCLOSE(file);
- if (dynamic)
- XFREE(myBuffer, cm->heap, DYNAMIC_TYPE_FILE);
-
- return ret;
-}
-#endif
-
-/* like load verify locations, 1 for success, < 0 for error */
-int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
- const char* path)
-{
- int ret = WOLFSSL_FATAL_ERROR;
- WOLFSSL_CTX* tmp;
-
- WOLFSSL_ENTER("wolfSSL_CertManagerLoadCA");
-
- if (cm == NULL) {
- WOLFSSL_MSG("No CertManager error");
- return ret;
- }
- tmp = wolfSSL_CTX_new(cm_pick_method());
-
- if (tmp == NULL) {
- WOLFSSL_MSG("CTX new failed");
- return ret;
- }
-
- /* for tmp use */
- wolfSSL_CertManagerFree(tmp->cm);
- tmp->cm = cm;
-
- ret = wolfSSL_CTX_load_verify_locations(tmp, file, path);
-
- /* don't lose our good one */
- tmp->cm = NULL;
- wolfSSL_CTX_free(tmp);
-
- return ret;
-}
-
-
#endif /* NO_FILESYSTEM */
#ifdef HAVE_CRL
-/* check CRL if enabled, WOLFSSL_SUCCESS */
-int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
-{
- int ret = 0;
-#ifdef WOLFSSL_SMALL_STACK
- DecodedCert* cert = NULL;
-#else
- DecodedCert cert[1];
-#endif
-
- WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL");
-
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- if (cm->crlEnabled == 0)
- return WOLFSSL_SUCCESS;
-
-#ifdef WOLFSSL_SMALL_STACK
- cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);
- if (cert == NULL)
- return MEMORY_E;
-#endif
-
- InitDecodedCert(cert, der, sz, NULL);
-
- if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_CRL, cm)) != 0) {
- WOLFSSL_MSG("ParseCert failed");
- }
- else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) {
- WOLFSSL_MSG("CheckCertCRL failed");
- }
-
- FreeDecodedCert(cert);
-#ifdef WOLFSSL_SMALL_STACK
- XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
-#endif
-
- return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-
-int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- cm->cbMissingCRL = cb;
-
- return WOLFSSL_SUCCESS;
-}
-
-#ifdef HAVE_CRL_IO
-int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb)
-{
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- cm->crl->crlIOCb = cb;
-
- return WOLFSSL_SUCCESS;
-}
-#endif
-
-#ifndef NO_FILESYSTEM
-int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
- int type, int monitor)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL");
- if (cm == NULL)
- return BAD_FUNC_ARG;
-
- if (cm->crl == NULL) {
- if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
- WOLFSSL_MSG("Enable CRL failed");
- return WOLFSSL_FATAL_ERROR;
- }
- }
-
- return LoadCRL(cm->crl, path, type, monitor);
-}
-
-int wolfSSL_CertManagerLoadCRLFile(WOLFSSL_CERT_MANAGER* cm, const char* file,
- int type)
-{
- WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLFile");
- if (cm == NULL || file == NULL)
- return BAD_FUNC_ARG;
-
- if (cm->crl == NULL) {
- if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
- WOLFSSL_MSG("Enable CRL failed");
- return WOLFSSL_FATAL_ERROR;
- }
- }
-
- return ProcessFile(NULL, file, type, CRL_TYPE, NULL, 0, cm->crl,
- VERIFY);
-}
-#endif
-
int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)
{
WOLFSSL_ENTER("wolfSSL_EnableCRL");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerEnableCRL(SSL_CM(ssl), options);
+ }
else
return BAD_FUNC_ARG;
}
@@ -9470,8 +8696,10 @@ int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)
int wolfSSL_DisableCRL(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_DisableCRL");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerDisableCRL(SSL_CM(ssl));
+ }
else
return BAD_FUNC_ARG;
}
@@ -9480,17 +8708,21 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl)
int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor)
{
WOLFSSL_ENTER("wolfSSL_LoadCRL");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerLoadCRL(SSL_CM(ssl), path, type, monitor);
+ }
else
return BAD_FUNC_ARG;
}
int wolfSSL_LoadCRLFile(WOLFSSL* ssl, const char* file, int type)
{
- WOLFSSL_ENTER("wolfSSL_LoadCRL");
- if (ssl)
+ WOLFSSL_ENTER("wolfSSL_LoadCRLFile");
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerLoadCRLFile(SSL_CM(ssl), file, type);
+ }
else
return BAD_FUNC_ARG;
}
@@ -9500,8 +8732,10 @@ int wolfSSL_LoadCRLFile(WOLFSSL* ssl, const char* file, int type)
int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
{
WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerSetCRL_Cb(SSL_CM(ssl), cb);
+ }
else
return BAD_FUNC_ARG;
}
@@ -9510,8 +8744,10 @@ int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb)
{
WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");
- if (ssl)
+ if (ssl) {
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerSetCRL_IOCb(SSL_CM(ssl), cb);
+ }
else
return BAD_FUNC_ARG;
}
@@ -9982,6 +9218,11 @@ WOLFSSL_EVP_PKEY* wolfSSL_CTX_get0_privatekey(const WOLFSSL_CTX* ctx)
type = EVP_PKEY_EC;
break;
#endif
+#ifdef WOLFSSL_SM2
+ case sm2_sa_algo:
+ type = EVP_PKEY_EC;
+ break;
+#endif
default:
/* Other key types not supported either as ssl private keys
* or in the EVP layer */
@@ -11057,6 +10298,232 @@ int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509)
#endif /* OPENSSL_EXTRA */
+#if defined(HAVE_RPK)
+/* Confirm that all the byte data in the buffer is unique.
+ * return 1 if all the byte data in the buffer is unique, otherwise 0.
+ */
+static int isArrayUnique(const char* buf, size_t len)
+{
+ size_t i, j;
+ /* check the array is unique */
+ for (i = 0; i < len -1; ++i) {
+ for (j = i+ 1; j < len; ++j) {
+ if (buf[i] == buf[j]) {
+ return 0;
+ }
+ }
+ }
+ return 1;
+}
+
+/* Set user preference for the client_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx,
+ const char* buf, int bufLen)
+{
+ int i;
+
+ if (ctx == NULL || bufLen > MAX_CLIENT_CERT_TYPE_CNT) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+ if (buf == NULL || bufLen == 0) {
+ ctx->rpkConfig.preferred_ClientCertTypeCnt = 1;
+ ctx->rpkConfig.preferred_ClientCertTypes[0]= WOLFSSL_CERT_TYPE_X509;
+ ctx->rpkConfig.preferred_ClientCertTypes[1]= WOLFSSL_CERT_TYPE_X509;
+ return WOLFSSL_SUCCESS;
+ }
+
+ if (!isArrayUnique(buf, bufLen))
+ return BAD_FUNC_ARG;
+
+ for (i = 0; i < bufLen; i++){
+ if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+ return BAD_FUNC_ARG;
+
+ ctx->rpkConfig.preferred_ClientCertTypes[i] = buf[i];
+ }
+ ctx->rpkConfig.preferred_ClientCertTypeCnt = bufLen;
+
+ return WOLFSSL_SUCCESS;
+}
+
+/* Set user preference for the server_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx,
+ const char* buf, int bufLen)
+{
+ int i;
+
+ if (ctx == NULL || bufLen > MAX_SERVER_CERT_TYPE_CNT) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+ if (buf == NULL || bufLen == 0) {
+ ctx->rpkConfig.preferred_ServerCertTypeCnt = 1;
+ ctx->rpkConfig.preferred_ServerCertTypes[0]= WOLFSSL_CERT_TYPE_X509;
+ ctx->rpkConfig.preferred_ServerCertTypes[1]= WOLFSSL_CERT_TYPE_X509;
+ return WOLFSSL_SUCCESS;
+ }
+
+ if (!isArrayUnique(buf, bufLen))
+ return BAD_FUNC_ARG;
+
+ for (i = 0; i < bufLen; i++){
+ if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+ return BAD_FUNC_ARG;
+
+ ctx->rpkConfig.preferred_ServerCertTypes[i] = buf[i];
+ }
+ ctx->rpkConfig.preferred_ServerCertTypeCnt = bufLen;
+
+ return WOLFSSL_SUCCESS;
+}
+
+/* Set user preference for the client_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_set_client_cert_type(WOLFSSL* ssl,
+ const char* buf, int bufLen)
+{
+ int i;
+
+ if (ssl == NULL || bufLen > MAX_CLIENT_CERT_TYPE_CNT) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+ if (buf == NULL || bufLen == 0) {
+ ssl->options.rpkConfig.preferred_ClientCertTypeCnt = 1;
+ ssl->options.rpkConfig.preferred_ClientCertTypes[0]
+ = WOLFSSL_CERT_TYPE_X509;
+ ssl->options.rpkConfig.preferred_ClientCertTypes[1]
+ = WOLFSSL_CERT_TYPE_X509;
+ return WOLFSSL_SUCCESS;
+ }
+
+ if (!isArrayUnique(buf, bufLen))
+ return BAD_FUNC_ARG;
+
+ for (i = 0; i < bufLen; i++){
+ if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+ return BAD_FUNC_ARG;
+
+ ssl->options.rpkConfig.preferred_ClientCertTypes[i] = buf[i];
+ }
+ ssl->options.rpkConfig.preferred_ClientCertTypeCnt = bufLen;
+
+ return WOLFSSL_SUCCESS;
+}
+
+/* Set user preference for the server_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_set_server_cert_type(WOLFSSL* ssl,
+ const char* buf, int bufLen)
+{
+ int i;
+
+ if (ssl == NULL || bufLen > MAX_SERVER_CERT_TYPE_CNT) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+ if (buf == NULL || bufLen == 0) {
+ ssl->options.rpkConfig.preferred_ServerCertTypeCnt = 1;
+ ssl->options.rpkConfig.preferred_ServerCertTypes[0]
+ = WOLFSSL_CERT_TYPE_X509;
+ ssl->options.rpkConfig.preferred_ServerCertTypes[1]
+ = WOLFSSL_CERT_TYPE_X509;
+ return WOLFSSL_SUCCESS;
+ }
+
+ if (!isArrayUnique(buf, bufLen))
+ return BAD_FUNC_ARG;
+
+ for (i = 0; i < bufLen; i++){
+ if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+ return BAD_FUNC_ARG;
+
+ ssl->options.rpkConfig.preferred_ServerCertTypes[i] = buf[i];
+ }
+ ssl->options.rpkConfig.preferred_ServerCertTypeCnt = bufLen;
+
+ return WOLFSSL_SUCCESS;
+}
+
+/* get negotiated certificate type value and return it to the second parameter.
+ * cert type value:
+ * -1: WOLFSSL_CERT_TYPE_UNKNOWN
+ * 0: WOLFSSL_CERT_TYPE_X509
+ * 2: WOLFSSL_CERT_TYPE_RPK
+ * return WOLFSSL_SUCCESS on success, otherwise negative value.
+ * in case no negotiation performed, it returns WOLFSSL_SUCCESS and -1 is for
+ * cert type.
+ */
+WOLFSSL_API int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ if (ssl == NULL || tp == NULL)
+ return BAD_FUNC_ARG;
+
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ if (ssl->options.rpkState.received_ClientCertTypeCnt == 1)
+ *tp = ssl->options.rpkState.received_ClientCertTypes[0];
+ else
+ *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+ }
+ else {
+ if (ssl->options.rpkState.sending_ClientCertTypeCnt == 1)
+ *tp = ssl->options.rpkState.sending_ClientCertTypes[0];
+ else
+ *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+ }
+ return ret;
+}
+
+/* get negotiated certificate type value and return it to the second parameter.
+ * cert type value:
+ * -1: WOLFSSL_CERT_TYPE_UNKNOWN
+ * 0: WOLFSSL_CERT_TYPE_X509
+ * 2: WOLFSSL_CERT_TYPE_RPK
+ * return WOLFSSL_SUCCESS on success, otherwise negative value.
+ * in case no negotiation performed, it returns WOLFSSL_SUCCESS and -1 is for
+ * cert type.
+ */
+WOLFSSL_API int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ if (ssl == NULL || tp == NULL)
+ return BAD_FUNC_ARG;
+
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ if (ssl->options.rpkState.received_ServerCertTypeCnt == 1)
+ *tp = ssl->options.rpkState.received_ServerCertTypes[0];
+ else
+ *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+ }
+ else {
+ if (ssl->options.rpkState.sending_ServerCertTypeCnt == 1)
+ *tp = ssl->options.rpkState.sending_ServerCertTypes[0];
+ else
+ *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+ }
+ return ret;
+}
+
+#endif /* HAVE_RPK */
+
int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, const unsigned char* der,
int derSz)
{
@@ -11172,7 +10639,11 @@ int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz)
}
/* check size */
- if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+#if ECC_MIN_KEY_SZ > 0
+ if (sz < ECC_MINSIZE)
+ return BAD_FUNC_ARG;
+#endif
+ if (sz > ECC_MAXSIZE)
return BAD_FUNC_ARG;
ctx->eccTempKeySz = sz;
@@ -11188,7 +10659,11 @@ int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL* ssl, word16 sz)
return BAD_FUNC_ARG;
/* check size */
- if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+#if ECC_MIN_KEY_SZ > 0
+ if (sz < ECC_MINSIZE)
+ return BAD_FUNC_ARG;
+#endif
+ if (sz > ECC_MAXSIZE)
return BAD_FUNC_ARG;
ssl->eccTempKeySz = sz;
@@ -11367,8 +10842,9 @@ void wolfSSL_set_verify_result(WOLFSSL *ssl, long v)
if (ssl == NULL)
return;
-#ifdef OPENSSL_ALL
- ssl->verifyCallbackResult = v;
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(OPENSSL_ALL)
+ ssl->peerVerifyRet = v;
#else
(void)v;
WOLFSSL_STUB("wolfSSL_set_verify_result");
@@ -12050,13 +11526,19 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
if (ctx == NULL)
return WOLFSSL_FAILURE;
- if (mode == WOLFSSL_SESS_CACHE_OFF)
+ if (mode == WOLFSSL_SESS_CACHE_OFF) {
ctx->sessionCacheOff = 1;
+#ifdef HAVE_EXT_CACHE
+ ctx->internalCacheOff = 1;
+ ctx->internalCacheLookupOff = 1;
+#endif
+ }
if ((mode & WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR) != 0)
ctx->sessionCacheFlushOff = 1;
#ifdef HAVE_EXT_CACHE
+ /* WOLFSSL_SESS_CACHE_NO_INTERNAL activates both if's */
if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE) != 0)
ctx->internalCacheOff = 1;
if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP) != 0)
@@ -12105,462 +11587,6 @@ long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
#endif /* NO_SESSION_CACHE */
-
-#if !defined(NO_CERTS)
-#if defined(PERSIST_CERT_CACHE)
-
-
-#define WOLFSSL_CACHE_CERT_VERSION 1
-
-typedef struct {
- int version; /* cache cert layout version id */
- int rows; /* hash table rows, CA_TABLE_SIZE */
- int columns[CA_TABLE_SIZE]; /* columns per row on list */
- int signerSz; /* sizeof Signer object */
-} CertCacheHeader;
-
-/* current cert persistence layout is:
-
- 1) CertCacheHeader
- 2) caTable
-
- update WOLFSSL_CERT_CACHE_VERSION if change layout for the following
- PERSIST_CERT_CACHE functions
-*/
-
-
-/* Return memory needed to persist this signer, have lock */
-static WC_INLINE int GetSignerMemory(Signer* signer)
-{
- int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID)
- + sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
-
-#if !defined(NO_SKID)
- sz += (int)sizeof(signer->subjectKeyIdHash);
-#endif
-
- /* add dynamic bytes needed */
- sz += signer->pubKeySize;
- sz += signer->nameLen;
-
- return sz;
-}
-
-
-/* Return memory needed to persist this row, have lock */
-static WC_INLINE int GetCertCacheRowMemory(Signer* row)
-{
- int sz = 0;
-
- while (row) {
- sz += GetSignerMemory(row);
- row = row->next;
- }
-
- return sz;
-}
-
-
-/* get the size of persist cert cache, have lock */
-static WC_INLINE int GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
-{
- int sz;
- int i;
-
- sz = sizeof(CertCacheHeader);
-
- for (i = 0; i < CA_TABLE_SIZE; i++)
- sz += GetCertCacheRowMemory(cm->caTable[i]);
-
- return sz;
-}
-
-
-/* Store cert cache header columns with number of items per list, have lock */
-static WC_INLINE void SetCertHeaderColumns(WOLFSSL_CERT_MANAGER* cm, int* columns)
-{
- int i;
- Signer* row;
-
- for (i = 0; i < CA_TABLE_SIZE; i++) {
- int count = 0;
- row = cm->caTable[i];
-
- while (row) {
- ++count;
- row = row->next;
- }
- columns[i] = count;
- }
-}
-
-
-/* Restore whole cert row from memory, have lock, return bytes consumed,
- < 0 on error, have lock */
-static WC_INLINE int RestoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current,
- int row, int listSz, const byte* end)
-{
- int idx = 0;
-
- if (listSz < 0) {
- WOLFSSL_MSG("Row header corrupted, negative value");
- return PARSE_ERROR;
- }
-
- while (listSz) {
- Signer* signer;
- byte* publicKey;
- byte* start = current + idx; /* for end checks on this signer */
- int minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) +
- sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
- #ifndef NO_SKID
- minSz += (int)sizeof(signer->subjectKeyIdHash);
- #endif
-
- if (start + minSz > end) {
- WOLFSSL_MSG("Would overread restore buffer");
- return BUFFER_E;
- }
- signer = MakeSigner(cm->heap);
- if (signer == NULL)
- return MEMORY_E;
-
- /* pubKeySize */
- XMEMCPY(&signer->pubKeySize, current + idx, sizeof(signer->pubKeySize));
- idx += (int)sizeof(signer->pubKeySize);
-
- /* keyOID */
- XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID));
- idx += (int)sizeof(signer->keyOID);
-
- /* publicKey */
- if (start + minSz + signer->pubKeySize > end) {
- WOLFSSL_MSG("Would overread restore buffer");
- FreeSigner(signer, cm->heap);
- return BUFFER_E;
- }
- publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap,
- DYNAMIC_TYPE_KEY);
- if (publicKey == NULL) {
- FreeSigner(signer, cm->heap);
- return MEMORY_E;
- }
-
- XMEMCPY(publicKey, current + idx, signer->pubKeySize);
- signer->publicKey = publicKey;
- idx += signer->pubKeySize;
-
- /* nameLen */
- XMEMCPY(&signer->nameLen, current + idx, sizeof(signer->nameLen));
- idx += (int)sizeof(signer->nameLen);
-
- /* name */
- if (start + minSz + signer->pubKeySize + signer->nameLen > end) {
- WOLFSSL_MSG("Would overread restore buffer");
- FreeSigner(signer, cm->heap);
- return BUFFER_E;
- }
- signer->name = (char*)XMALLOC(signer->nameLen, cm->heap,
- DYNAMIC_TYPE_SUBJECT_CN);
- if (signer->name == NULL) {
- FreeSigner(signer, cm->heap);
- return MEMORY_E;
- }
-
- XMEMCPY(signer->name, current + idx, signer->nameLen);
- idx += signer->nameLen;
-
- /* subjectNameHash */
- XMEMCPY(signer->subjectNameHash, current + idx, SIGNER_DIGEST_SIZE);
- idx += SIGNER_DIGEST_SIZE;
-
- #ifndef NO_SKID
- /* subjectKeyIdHash */
- XMEMCPY(signer->subjectKeyIdHash, current + idx,SIGNER_DIGEST_SIZE);
- idx += SIGNER_DIGEST_SIZE;
- #endif
-
- signer->next = cm->caTable[row];
- cm->caTable[row] = signer;
-
- --listSz;
- }
-
- return idx;
-}
-
-
-/* Store whole cert row into memory, have lock, return bytes added */
-static WC_INLINE int StoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current, int row)
-{
- int added = 0;
- Signer* list = cm->caTable[row];
-
- while (list) {
- XMEMCPY(current + added, &list->pubKeySize, sizeof(list->pubKeySize));
- added += (int)sizeof(list->pubKeySize);
-
- XMEMCPY(current + added, &list->keyOID, sizeof(list->keyOID));
- added += (int)sizeof(list->keyOID);
-
- XMEMCPY(current + added, list->publicKey, list->pubKeySize);
- added += list->pubKeySize;
-
- XMEMCPY(current + added, &list->nameLen, sizeof(list->nameLen));
- added += (int)sizeof(list->nameLen);
-
- XMEMCPY(current + added, list->name, list->nameLen);
- added += list->nameLen;
-
- XMEMCPY(current + added, list->subjectNameHash, SIGNER_DIGEST_SIZE);
- added += SIGNER_DIGEST_SIZE;
-
- #ifndef NO_SKID
- XMEMCPY(current + added, list->subjectKeyIdHash,SIGNER_DIGEST_SIZE);
- added += SIGNER_DIGEST_SIZE;
- #endif
-
- list = list->next;
- }
-
- return added;
-}
-
-
-/* Persist cert cache to memory, have lock */
-static WC_INLINE int DoMemSaveCertCache(WOLFSSL_CERT_MANAGER* cm,
- void* mem, int sz)
-{
- int realSz;
- int ret = WOLFSSL_SUCCESS;
- int i;
-
- WOLFSSL_ENTER("DoMemSaveCertCache");
-
- realSz = GetCertCacheMemSize(cm);
- if (realSz > sz) {
- WOLFSSL_MSG("Mem output buffer too small");
- ret = BUFFER_E;
- }
- else {
- byte* current;
- CertCacheHeader hdr;
-
- hdr.version = WOLFSSL_CACHE_CERT_VERSION;
- hdr.rows = CA_TABLE_SIZE;
- SetCertHeaderColumns(cm, hdr.columns);
- hdr.signerSz = (int)sizeof(Signer);
-
- XMEMCPY(mem, &hdr, sizeof(CertCacheHeader));
- current = (byte*)mem + sizeof(CertCacheHeader);
-
- for (i = 0; i < CA_TABLE_SIZE; ++i)
- current += StoreCertRow(cm, current, i);
- }
-
- return ret;
-}
-
-
-#if !defined(NO_FILESYSTEM)
-
-/* Persist cert cache to file */
-int CM_SaveCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
-{
- XFILE file;
- int rc = WOLFSSL_SUCCESS;
- int memSz;
- byte* mem;
-
- WOLFSSL_ENTER("CM_SaveCertCache");
-
- file = XFOPEN(fname, "w+b");
- if (file == XBADFILE) {
- WOLFSSL_MSG("Couldn't open cert cache save file");
- return WOLFSSL_BAD_FILE;
- }
-
- if (wc_LockMutex(&cm->caLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex on caLock failed");
- XFCLOSE(file);
- return BAD_MUTEX_E;
- }
-
- memSz = GetCertCacheMemSize(cm);
- mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (mem == NULL) {
- WOLFSSL_MSG("Alloc for tmp buffer failed");
- rc = MEMORY_E;
- } else {
- rc = DoMemSaveCertCache(cm, mem, memSz);
- if (rc == WOLFSSL_SUCCESS) {
- int ret = (int)XFWRITE(mem, memSz, 1, file);
- if (ret != 1) {
- WOLFSSL_MSG("Cert cache file write failed");
- rc = FWRITE_ERROR;
- }
- }
- XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
-
- wc_UnLockMutex(&cm->caLock);
- XFCLOSE(file);
-
- return rc;
-}
-
-
-/* Restore cert cache from file */
-int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
-{
- XFILE file;
- int rc = WOLFSSL_SUCCESS;
- int ret;
- int memSz;
- byte* mem;
-
- WOLFSSL_ENTER("CM_RestoreCertCache");
-
- file = XFOPEN(fname, "rb");
- if (file == XBADFILE) {
- WOLFSSL_MSG("Couldn't open cert cache save file");
- return WOLFSSL_BAD_FILE;
- }
-
- if(XFSEEK(file, 0, XSEEK_END) != 0) {
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
- memSz = (int)XFTELL(file);
- if(XFSEEK(file, 0, XSEEK_SET) != 0) {
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
-
- if (memSz > MAX_WOLFSSL_FILE_SIZE || memSz <= 0) {
- WOLFSSL_MSG("CM_RestoreCertCache file size error");
- XFCLOSE(file);
- return WOLFSSL_BAD_FILE;
- }
-
- mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (mem == NULL) {
- WOLFSSL_MSG("Alloc for tmp buffer failed");
- XFCLOSE(file);
- return MEMORY_E;
- }
-
- ret = (int)XFREAD(mem, memSz, 1, file);
- if (ret != 1) {
- WOLFSSL_MSG("Cert file read error");
- rc = FREAD_ERROR;
- } else {
- rc = CM_MemRestoreCertCache(cm, mem, memSz);
- if (rc != WOLFSSL_SUCCESS) {
- WOLFSSL_MSG("Mem restore cert cache failed");
- }
- }
-
- XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFCLOSE(file);
-
- return rc;
-}
-
-#endif /* NO_FILESYSTEM */
-
-
-/* Persist cert cache to memory */
-int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, void* mem, int sz, int* used)
-{
- int ret = WOLFSSL_SUCCESS;
-
- WOLFSSL_ENTER("CM_MemSaveCertCache");
-
- if (wc_LockMutex(&cm->caLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex on caLock failed");
- return BAD_MUTEX_E;
- }
-
- ret = DoMemSaveCertCache(cm, mem, sz);
- if (ret == WOLFSSL_SUCCESS)
- *used = GetCertCacheMemSize(cm);
-
- wc_UnLockMutex(&cm->caLock);
-
- return ret;
-}
-
-
-/* Restore cert cache from memory */
-int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const void* mem, int sz)
-{
- int ret = WOLFSSL_SUCCESS;
- int i;
- CertCacheHeader* hdr = (CertCacheHeader*)mem;
- byte* current = (byte*)mem + sizeof(CertCacheHeader);
- byte* end = (byte*)mem + sz; /* don't go over */
-
- WOLFSSL_ENTER("CM_MemRestoreCertCache");
-
- if (current > end) {
- WOLFSSL_MSG("Cert Cache Memory buffer too small");
- return BUFFER_E;
- }
-
- if (hdr->version != WOLFSSL_CACHE_CERT_VERSION ||
- hdr->rows != CA_TABLE_SIZE ||
- hdr->signerSz != (int)sizeof(Signer)) {
-
- WOLFSSL_MSG("Cert Cache Memory header mismatch");
- return CACHE_MATCH_ERROR;
- }
-
- if (wc_LockMutex(&cm->caLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex on caLock failed");
- return BAD_MUTEX_E;
- }
-
- FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
-
- for (i = 0; i < CA_TABLE_SIZE; ++i) {
- int added = RestoreCertRow(cm, current, i, hdr->columns[i], end);
- if (added < 0) {
- WOLFSSL_MSG("RestoreCertRow error");
- ret = added;
- break;
- }
- current += added;
- }
-
- wc_UnLockMutex(&cm->caLock);
-
- return ret;
-}
-
-
-/* get how big the the cert cache save buffer needs to be */
-int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
-{
- int sz;
-
- WOLFSSL_ENTER("CM_GetCertCacheMemSize");
-
- if (wc_LockMutex(&cm->caLock) != 0) {
- WOLFSSL_MSG("wc_LockMutex on caLock failed");
- return BAD_MUTEX_E;
- }
-
- sz = GetCertCacheMemSize(cm);
-
- wc_UnLockMutex(&cm->caLock);
-
- return sz;
-}
-
-#endif /* PERSIST_CERT_CACHE */
-#endif /* NO_CERTS */
-
#ifdef OPENSSL_EXTRA
/*
@@ -12667,7 +11693,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, Suites* suites,
#ifndef WOLFSSL_SMALL_STACK
byte suitesCpy[WOLFSSL_MAX_SUITE_SZ];
#else
- byte* suitesCpy;
+ byte* suitesCpy = NULL;
#endif
word16 suitesCpySz = 0;
word16 i = 0;
@@ -12707,12 +11733,16 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, Suites* suites,
/* list contains ciphers either only for TLS 1.3 or <= TLS 1.2 */
#ifdef WOLFSSL_SMALL_STACK
- suitesCpy = (byte*)XMALLOC(suites->suiteSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (suitesCpy == NULL)
- return WOLFSSL_FAILURE;
+ if (suites->suiteSz > 0) {
+ suitesCpy = (byte*)XMALLOC(suites->suiteSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (suitesCpy == NULL)
+ return WOLFSSL_FAILURE;
+ }
#endif
- XMEMCPY(suitesCpy, suites->suites, suites->suiteSz);
+ if (suites->suiteSz > 0)
+ XMEMCPY(suitesCpy, suites->suites, suites->suiteSz);
suitesCpySz = suites->suiteSz;
ret = SetCipherList(ctx, suites, list);
@@ -13395,7 +12425,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_ENTER("wolfSSL_connect");
/* make sure this wolfSSL object has arrays and rng setup. Protects
- * case where the WOLFSSL object is re-used via wolfSSL_clear() */
+ * case where the WOLFSSL object is reused via wolfSSL_clear() */
if ((ret = ReinitSSL(ssl, ssl->ctx, 0)) != 0) {
return ret;
}
@@ -13519,7 +12549,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
return WOLFSSL_FATAL_ERROR;
}
/* if resumption failed, reset needed state */
- else if (neededState == SERVER_FINISHED_COMPLETE)
+ else if (neededState == SERVER_FINISHED_COMPLETE) {
if (!ssl->options.resuming) {
#ifdef WOLFSSL_DTLS
if (IsDtlsNotSctpMode(ssl))
@@ -13528,17 +12558,19 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
#endif
neededState = SERVER_HELLODONE_COMPLETE;
}
-#ifdef WOLFSSL_DTLS13
+ }
+#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls && IsAtLeastTLSv1_3(ssl->version)
- && ssl->dtls13Rtx.sendAcks == 1) {
- ssl->dtls13Rtx.sendAcks = 0;
+ && ssl->dtls13Rtx.sendAcks == 1
+ && ssl->options.seenUnifiedHdr) {
/* we aren't negotiated the version yet, so we aren't sure
* the other end can speak v1.3. On the other side we have
* received a unified records, assuming that the
* ServerHello got lost, we will send an empty ACK. In case
* the server is a DTLS with version less than 1.3, it
* should just ignore the message */
+ ssl->dtls13Rtx.sendAcks = 0;
if ((ssl->error = SendDtls13Ack(ssl)) < 0) {
if (ssl->error == WANT_WRITE)
ssl->dtls13SendingAckOrRtx = 1;
@@ -13546,8 +12578,6 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
return WOLFSSL_FATAL_ERROR;
}
}
-
-
#endif /* WOLFSSL_DTLS13 */
}
@@ -13883,7 +12913,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_ENTER("wolfSSL_accept");
/* make sure this wolfSSL object has arrays and rng setup. Protects
- * case where the WOLFSSL object is re-used via wolfSSL_clear() */
+ * case where the WOLFSSL object is reused via wolfSSL_clear() */
if ((ret = ReinitSSL(ssl, ssl->ctx, 0)) != 0) {
return ret;
}
@@ -14064,17 +13094,6 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
}
#endif
-#ifdef WOLFSSL_DTLS
- if (ssl->chGoodCb != NULL && !IsSCR(ssl)) {
- int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
- if (cbret < 0) {
- ssl->error = cbret;
- WOLFSSL_MSG("ClientHello Good Cb don't continue error");
- return WOLFSSL_FATAL_ERROR;
- }
- }
-#endif
-
ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
FALL_THROUGH;
@@ -14352,7 +13371,6 @@ int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx)
ssl->hsDoneCb = cb;
ssl->hsDoneCtx = user_ctx;
-
return WOLFSSL_SUCCESS;
}
@@ -14370,21 +13388,30 @@ int wolfSSL_Cleanup(void)
WOLFSSL_ENTER("wolfSSL_Cleanup");
- if (initRefCount == 0)
- return ret; /* possibly no init yet, but not failure either way */
-
- if ((count_mutex_valid == 1) && (wc_LockMutex(&count_mutex) != 0)) {
- WOLFSSL_MSG("Bad Lock Mutex count");
- ret = BAD_MUTEX_E;
+#ifndef WOLFSSL_MUTEX_INITIALIZER
+ if (count_mutex_valid == 1) {
+#endif
+ if (wc_LockMutex(&count_mutex) != 0) {
+ WOLFSSL_MSG("Bad Lock Mutex count");
+ return BAD_MUTEX_E;
+ }
+#ifndef WOLFSSL_MUTEX_INITIALIZER
}
+#endif
- release = initRefCount-- == 1;
- if (initRefCount < 0)
- initRefCount = 0;
+ if (initRefCount > 0) {
+ --initRefCount;
+ if (initRefCount == 0)
+ release = 1;
+ }
+#ifndef WOLFSSL_MUTEX_INITIALIZER
if (count_mutex_valid == 1) {
+#endif
wc_UnLockMutex(&count_mutex);
+#ifndef WOLFSSL_MUTEX_INITIALIZER
}
+#endif
if (!release)
return ret;
@@ -14404,7 +13431,7 @@ int wolfSSL_Cleanup(void)
SessionCache[i].lock_valid = 0;
}
#else
- if ((session_lock_valid == 1) && (wc_UnLockRwLock(&session_lock) != 0)) {
+ if ((session_lock_valid == 1) && (wc_FreeRwLock(&session_lock) != 0)) {
if (ret == WOLFSSL_SUCCESS)
ret = BAD_MUTEX_E;
}
@@ -14434,11 +13461,13 @@ int wolfSSL_Cleanup(void)
#endif
#endif /* !NO_SESSION_CACHE */
+#ifndef WOLFSSL_MUTEX_INITIALIZER
if ((count_mutex_valid == 1) && (wc_FreeMutex(&count_mutex) != 0)) {
if (ret == WOLFSSL_SUCCESS)
ret = BAD_MUTEX_E;
}
count_mutex_valid = 0;
+#endif
#ifdef OPENSSL_EXTRA
wolfSSL_RAND_Cleanup();
@@ -14479,6 +13508,10 @@ int wolfSSL_Cleanup(void)
crypto_ex_cb_ctx_session = NULL;
#endif
+#ifdef WOLFSSL_MEM_FAIL_COUNT
+ wc_MemFailCount_Free();
+#endif
+
return ret;
}
@@ -14488,18 +13521,23 @@ void SetupSession(WOLFSSL* ssl)
WOLFSSL_ENTER("SetupSession");
- if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL &&
- !session->haveAltSessionID) {
+ if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
/* Make sure the session ID is available when the user calls any
* get_session API */
- XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
- session->sessionIDSz = ssl->arrays->sessionIDSz;
+ if (!session->haveAltSessionID) {
+ XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
+ session->sessionIDSz = ssl->arrays->sessionIDSz;
+ }
+ else {
+ XMEMCPY(session->sessionID, session->altSessionID, ID_LEN);
+ session->sessionIDSz = ID_LEN;
+ }
}
session->side = (byte)ssl->options.side;
if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
session->haveEMS = ssl->options.haveEMS;
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
/* If using compatibility layer then check for and copy over session context
* id. */
if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) {
@@ -14777,7 +13815,7 @@ static int SessionTicketNoncePrealloc(byte** buf, byte* len, void *heap)
if (*buf == NULL) {
WOLFSSL_MSG("Failed to preallocate ticket nonce buffer");
*len = 0;
- return WOLFSSL_FAILURE;
+ return 1;
}
*len = PREALLOC_SESSION_TICKET_NONCE_LEN;
@@ -14850,6 +13888,22 @@ static int TlsSessionCacheGetAndLock(const byte *id,
return 0;
}
+static int CheckSessionMatch(const WOLFSSL* ssl, const WOLFSSL_SESSION* sess)
+{
+ if (ssl == NULL || sess == NULL)
+ return 0;
+#ifdef OPENSSL_EXTRA
+ if (ssl->sessionCtxSz > 0 && (ssl->sessionCtxSz != sess->sessionCtxSz ||
+ XMEMCMP(ssl->sessionCtx, sess->sessionCtx, sess->sessionCtxSz) != 0))
+ return 0;
+#endif
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
+ if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version))
+ return 0;
+#endif
+ return 1;
+}
+
int TlsSessionCacheGetAndRdLock(const byte *id, const WOLFSSL_SESSION **sess,
word32 *lockedRow, byte side)
{
@@ -14898,7 +13952,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
if (SslSessionCacheOff(ssl, ssl->session))
return WOLFSSL_FAILURE;
- if (ssl->options.haveSessionId == 0)
+ if (ssl->options.haveSessionId == 0 && !ssl->session->haveAltSessionID)
return WOLFSSL_FAILURE;
#ifdef HAVE_SESSION_TICKET
@@ -14907,7 +13961,8 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
#endif
XMEMSET(bogusID, 0, sizeof(bogusID));
- if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
+ if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL
+ && !ssl->session->haveAltSessionID)
id = ssl->arrays->sessionID;
else if (ssl->session->haveAltSessionID) {
id = ssl->session->altSessionID;
@@ -14924,37 +13979,38 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
#ifdef HAVE_EXT_CACHE
if (ssl->ctx->get_sess_cb != NULL) {
int copy = 0;
+ int found = 0;
WOLFSSL_SESSION* extSess;
/* Attempt to retrieve the session from the external cache. */
WOLFSSL_MSG("Calling external session cache");
extSess = ssl->ctx->get_sess_cb(ssl, (byte*)id, ID_LEN, &copy);
if ((extSess != NULL)
- #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
- && (IsAtLeastTLSv1_3(ssl->version) ==
- IsAtLeastTLSv1_3(extSess->version))
- #endif
+ && CheckSessionMatch(ssl, extSess)
) {
WOLFSSL_MSG("Session found in external cache");
+ found = 1;
+
error = wolfSSL_DupSession(extSess, output, 0);
#ifdef HAVE_EX_DATA
extSess->ownExData = 1;
output->ownExData = 0;
#endif
- /* If copy not set then free immediately */
- if (!copy)
- wolfSSL_FreeSession(ssl->ctx, extSess);
/* We want to restore the bogus ID for TLS compatibility */
if (ssl->session->haveAltSessionID &&
output == ssl->session) {
XMEMCPY(ssl->session->sessionID, bogusID, ID_LEN);
ssl->session->sessionIDSz = bogusIDSz;
}
- return error;
}
+ /* If copy not set then free immediately */
+ if (extSess != NULL && !copy)
+ wolfSSL_FreeSession(ssl->ctx, extSess);
+ if (found)
+ return error;
WOLFSSL_MSG("Session not found in external cache");
}
- if (ssl->ctx->internalCacheLookupOff) {
+ if (ssl->options.internalCacheLookupOff) {
WOLFSSL_MSG("Internal cache lookup turned off");
return WOLFSSL_FAILURE;
}
@@ -14973,7 +14029,8 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
#endif
if (output->ticketLenAlloc)
XFREE(output->ticket, output->heap, DYNAMIC_TYPE_SESSION_TICK);
- output->ticket = tmpTicket;
+ output->ticket = tmpTicket; /* cppcheck-suppress autoVariables
+ */
output->ticketLenAlloc = PREALLOC_SESSION_TICKET_LEN;
output->ticketLen = 0;
tmpBufSet = 1;
@@ -15038,9 +14095,8 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
#endif
}
else {
-#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
- if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version)) {
- WOLFSSL_MSG("Invalid session: different protocol version");
+ if (!CheckSessionMatch(ssl, sess)) {
+ WOLFSSL_MSG("Invalid session: can't be used in this context");
TlsSessionCacheUnlockRow(row);
error = WOLFSSL_FAILURE;
}
@@ -15051,16 +14107,19 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
TlsSessionCacheUnlockRow(row);
/* Attempt to get a write lock */
error = TlsSessionCacheGetAndWrLock(id, &wrSess, &row,
- ssl->options.side);
+ (byte)ssl->options.side);
if (error == 0 && wrSess != NULL) {
EvictSessionFromCache(wrSess);
TlsSessionCacheUnlockRow(row);
}
error = WOLFSSL_FAILURE;
}
-#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
}
+ /* mollify confused cppcheck nullPointer warning. */
+ if (sess == NULL)
+ error = WOLFSSL_FAILURE;
+
if (error == WOLFSSL_SUCCESS) {
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13)
error = wolfSSL_DupSessionEx(sess, output, 1,
@@ -15215,11 +14274,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
if (ssl->session == session) {
WOLFSSL_MSG("ssl->session and session same");
}
- else
-#ifdef HAVE_STUNNEL
- /* stunnel depends on the ex_data not being duplicated. Copy OpenSSL
- * behaviour for now. */
- if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
+ else if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
if (wolfSSL_SESSION_up_ref(session) == WOLFSSL_SUCCESS) {
wolfSSL_FreeSession(ssl->ctx, ssl->session);
ssl->session = session;
@@ -15227,9 +14282,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
else
ret = WOLFSSL_FAILURE;
}
- else
-#endif
- {
+ else {
ret = wolfSSL_DupSession(session, ssl->session, 0);
if (ret != WOLFSSL_SUCCESS)
WOLFSSL_MSG("Session duplicate failed");
@@ -15254,7 +14307,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
if (ret != WOLFSSL_SUCCESS)
return ret;
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
/* check for application context id */
if (ssl->sessionCtxSz > 0) {
if (XMEMCMP(ssl->sessionCtx, ssl->session->sessionCtx, ssl->sessionCtxSz)) {
@@ -15263,7 +14316,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
return WOLFSSL_FAILURE;
}
}
-#endif /* OPENSSL_EXTRA */
+#endif /* WOLFSSL_SESSION_ID_CTX */
if (LowResTimer() >= (ssl->session->bornOn + ssl->session->timeout)) {
#if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL)
@@ -15307,6 +14360,8 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
{
int error = -1;
word32 clientRow = 0, clientIdx = 0;
+ ClientSession* ret = NULL;
+
(void)useTicket;
if (side == WOLFSSL_CLIENT_END
&& row != INVALID_SESSION_ROW
@@ -15354,6 +14409,9 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
}
if (error == 0) {
WOLFSSL_MSG("Adding client cache entry");
+
+ ret = &ClientCache[clientRow].Clients[clientIdx];
+
if (ClientCache[clientRow].totalCount < CLIENT_SESSIONS_PER_ROW)
ClientCache[clientRow].totalCount++;
ClientCache[clientRow].nextIdx++;
@@ -15364,16 +14422,13 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
}
else {
WOLFSSL_MSG("Hash session or lock failed");
- error = -1;
}
}
else {
WOLFSSL_MSG("Skipping client cache");
}
- if (error == 0)
- return &ClientCache[clientRow].Clients[clientIdx];
- else
- return NULL;
+
+ return ret;
}
#endif /* !NO_CLIENT_CACHE */
@@ -15548,9 +14603,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
WOLFSSL_MSG("Hash session failed");
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
- #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
- if (preallocNonce != NULL)
- XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+ #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
+ XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
return ret;
@@ -15560,9 +14614,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
- #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
- if (preallocNonce != NULL)
- XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+ #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
+ XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
WOLFSSL_MSG("Session row lock failed");
@@ -15600,9 +14653,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
if (cacheSession == NULL) {
#ifdef HAVE_SESSION_TICKET
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
- #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
- if (preallocNonce != NULL)
- XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+ #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
+ XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif
#endif
SESSION_ROW_UNLOCK(sessRow);
@@ -15645,7 +14697,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
cacheSession->peer = NULL;
#endif
#ifdef HAVE_SESSION_TICKET
- /* If we can re-use the existing buffer in cacheSession then we won't touch
+ /* If we can reuse the existing buffer in cacheSession then we won't touch
* ticBuff at all making it a very cheap malloc/free. The page on a modern
* OS will most likely not even be allocated to the process. */
if (ticBuff != NULL && cacheSession->ticketLenAlloc < ticLen) {
@@ -15668,7 +14720,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
cacheSession->ticketNonce.len = 0;
}
-#endif /* WOFLSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
+#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
#ifdef SESSION_CERTS
if (overwrite &&
@@ -15757,14 +14809,11 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
#ifdef HAVE_SESSION_TICKET
if (ticBuff != NULL && !ticBuffUsed)
XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
- if (cacheTicBuff != NULL)
- XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
+ XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
- if (preallocNonce != NULL)
- XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
- if (toFree != NULL)
- XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+ XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+ XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
#endif
@@ -15822,27 +14871,32 @@ void AddSession(WOLFSSL* ssl)
idSz = ID_LEN;
}
- /* Try to add the session to internal cache or external cache
- if a new_sess_cb is set. Its ok if we don't succeed. */
- (void)AddSessionToCache(ssl->ctx, session, id, idSz,
+#ifdef HAVE_EXT_CACHE
+ if (!ssl->options.internalCacheOff)
+#endif
+ {
+ /* Try to add the session to internal cache or external cache
+ if a new_sess_cb is set. Its ok if we don't succeed. */
+ (void)AddSessionToCache(ssl->ctx, session, id, idSz,
#ifdef SESSION_INDEX
- &ssl->sessionIndex,
+ &ssl->sessionIndex,
#else
- NULL,
+ NULL,
#endif
- ssl->options.side,
+ ssl->options.side,
#ifdef HAVE_SESSION_TICKET
- ssl->options.useTicket,
+ ssl->options.useTicket,
#else
- 0,
+ 0,
#endif
#ifdef NO_SESSION_CACHE_REF
- NULL
+ NULL
#else
- (ssl->options.side == WOLFSSL_CLIENT_END) ?
- &ssl->clientSession : NULL
+ (ssl->options.side == WOLFSSL_CLIENT_END) ?
+ &ssl->clientSession : NULL
#endif
- );
+ );
+ }
#ifdef HAVE_EXT_CACHE
if (error == 0 && ssl->ctx->new_sess_cb != NULL) {
@@ -16253,10 +15307,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
/* myBuffer may not be initialized fully, but the span up to the
* sending length will be.
*/
- PRAGMA_GCC_DIAG_PUSH;
- PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"");
+ PRAGMA_GCC_DIAG_PUSH
+ PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
ret = wolfSSL_write(ssl, myBuffer, sending);
- PRAGMA_GCC_DIAG_POP;
+ PRAGMA_GCC_DIAG_POP
if (dynamic)
XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV);
@@ -16503,8 +15557,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_set_psk_use_session_callback");
- ssl->options.havePSK = 1;
- ssl->options.session_psk_cb = cb;
+ if (ssl != NULL) {
+ ssl->options.havePSK = 1;
+ ssl->options.session_psk_cb = cb;
+ }
WOLFSSL_LEAVE("wolfSSL_set_psk_use_session_callback", WOLFSSL_SUCCESS);
}
@@ -16698,6 +15754,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
const unsigned char* in,
long sz, int format)
{
+ int verify;
WOLFSSL_ENTER("wolfSSL_CTX_trust_peer_buffer");
/* sanity check on arguments */
@@ -16705,12 +15762,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return BAD_FUNC_ARG;
}
+ verify = GET_VERIFY_SETTING_CTX(ctx);
+ if (WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS &
+ WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY)
+ verify = VERIFY_SKIP_DATE;
+
if (format == WOLFSSL_FILETYPE_PEM)
return ProcessChainBuffer(ctx, in, sz, format, TRUSTED_PEER_TYPE,
- NULL, GET_VERIFY_SETTING_CTX(ctx));
+ NULL, verify);
else
return ProcessBuffer(ctx, in, sz, format, TRUSTED_PEER_TYPE, NULL,
- NULL, 0, GET_VERIFY_SETTING_CTX(ctx));
+ NULL, 0, verify);
}
#endif /* WOLFSSL_TRUST_PEER_CERT */
@@ -17087,6 +16149,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
if (ssl == NULL)
return BAD_FUNC_ARG;
+ SSL_CM_WARNING(ssl);
return wolfSSL_CertManagerUnload_trust_peers(SSL_CM(ssl));
}
#endif /* WOLFSSL_LOCAL_X509_STORE */
@@ -17224,8 +16287,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_CTX_set_client_CA_list");
if (ctx != NULL) {
- wolfSSL_sk_X509_NAME_pop_free(ctx->ca_names, NULL);
- ctx->ca_names = names;
+ wolfSSL_sk_X509_NAME_pop_free(ctx->client_ca_names, NULL);
+ ctx->client_ca_names = names;
}
}
@@ -17234,9 +16297,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
{
WOLFSSL_ENTER("wolfSSL_set_client_CA_list");
if (ssl != NULL) {
- if (ssl->ca_names != ssl->ctx->ca_names)
- wolfSSL_sk_X509_NAME_pop_free(ssl->ca_names, NULL);
- ssl->ca_names = names;
+ if (ssl->client_ca_names != ssl->ctx->client_ca_names)
+ wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+ ssl->client_ca_names = names;
}
}
@@ -17263,6 +16326,163 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
ctx->certSetupCbArg = arg;
}
+ int wolfSSL_get_client_suites_sigalgs(const WOLFSSL* ssl,
+ const byte** suites, word16* suiteSz,
+ const byte** hashSigAlgo, word16* hashSigAlgoSz)
+ {
+ WOLFSSL_ENTER("wolfSSL_get_client_suites_sigalgs");
+
+ if (suites != NULL)
+ *suites = NULL;
+ if (suiteSz != NULL)
+ *suiteSz = 0;
+ if (hashSigAlgo != NULL)
+ *hashSigAlgo = NULL;
+ if (hashSigAlgoSz != NULL)
+ *hashSigAlgoSz = 0;
+
+ if (ssl != NULL && ssl->clSuites != NULL) {
+ if (suites != NULL && suiteSz != NULL) {
+ *suites = ssl->clSuites->suites;
+ *suiteSz = ssl->clSuites->suiteSz;
+ }
+ if (hashSigAlgo != NULL && hashSigAlgoSz != NULL) {
+ *hashSigAlgo = ssl->clSuites->hashSigAlgo;
+ *hashSigAlgoSz = ssl->clSuites->hashSigAlgoSz;
+ }
+ return WOLFSSL_SUCCESS;
+ }
+ return WOLFSSL_FAILURE;
+ }
+ WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
+ byte second)
+ {
+ WOLFSSL_CIPHERSUITE_INFO info;
+ info.rsaAuth = (byte)(CipherRequires(first, second, REQUIRES_RSA) ||
+ CipherRequires(first, second, REQUIRES_RSA_SIG));
+ info.eccAuth = (byte)(CipherRequires(first, second, REQUIRES_ECC) ||
+ /* Static ECC ciphers may require RSA for authentication */
+ (CipherRequires(first, second, REQUIRES_ECC_STATIC) &&
+ !CipherRequires(first, second, REQUIRES_RSA_SIG)));
+ info.eccStatic =
+ (byte)CipherRequires(first, second, REQUIRES_ECC_STATIC);
+ info.psk = (byte)CipherRequires(first, second, REQUIRES_PSK);
+ return info;
+ }
+
+ /**
+ * @param first First byte of the hash and signature algorithm
+ * @param second Second byte of the hash and signature algorithm
+ * @param hashAlgo The enum wc_HashType of the MAC algorithm
+ * @param sigAlgo The enum Key_Sum of the authentication algorithm
+ */
+ int wolfSSL_get_sigalg_info(byte first, byte second,
+ int* hashAlgo, int* sigAlgo)
+ {
+ byte input[2];
+ byte hashType;
+ byte sigType;
+
+ if (hashAlgo == NULL || sigAlgo == NULL)
+ return BAD_FUNC_ARG;
+
+ input[0] = first;
+ input[1] = second;
+ DecodeSigAlg(input, &hashType, &sigType);
+
+ /* cast so that compiler reminds us of unimplemented values */
+ switch ((enum SignatureAlgorithm)sigType) {
+ case anonymous_sa_algo:
+ *sigAlgo = (enum Key_Sum)0;
+ break;
+ case rsa_sa_algo:
+ *sigAlgo = RSAk;
+ break;
+ case dsa_sa_algo:
+ *sigAlgo = DSAk;
+ break;
+ case ecc_dsa_sa_algo:
+ *sigAlgo = ECDSAk;
+ break;
+ case rsa_pss_sa_algo:
+ *sigAlgo = RSAPSSk;
+ break;
+ case ed25519_sa_algo:
+ *sigAlgo = ED25519k;
+ break;
+ case rsa_pss_pss_algo:
+ *sigAlgo = RSAPSSk;
+ break;
+ case ed448_sa_algo:
+ *sigAlgo = ED448k;
+ break;
+ case falcon_level1_sa_algo:
+ *sigAlgo = FALCON_LEVEL1k;
+ break;
+ case falcon_level5_sa_algo:
+ *sigAlgo = FALCON_LEVEL5k;
+ break;
+ case dilithium_level2_sa_algo:
+ *sigAlgo = DILITHIUM_LEVEL2k;
+ break;
+ case dilithium_level3_sa_algo:
+ *sigAlgo = DILITHIUM_LEVEL3k;
+ break;
+ case dilithium_level5_sa_algo:
+ *sigAlgo = DILITHIUM_LEVEL5k;
+ break;
+ case sm2_sa_algo:
+ *sigAlgo = SM2k;
+ break;
+ case invalid_sa_algo:
+ default:
+ *hashAlgo = WC_HASH_TYPE_NONE;
+ *sigAlgo = 0;
+ return BAD_FUNC_ARG;
+ }
+
+ /* cast so that compiler reminds us of unimplemented values */
+ switch((enum wc_MACAlgorithm)hashType) {
+ case no_mac:
+ case rmd_mac: /* Don't have a RIPEMD type in wc_HashType */
+ *hashAlgo = WC_HASH_TYPE_NONE;
+ break;
+ case md5_mac:
+ *hashAlgo = WC_HASH_TYPE_MD5;
+ break;
+ case sha_mac:
+ *hashAlgo = WC_HASH_TYPE_SHA;
+ break;
+ case sha224_mac:
+ *hashAlgo = WC_HASH_TYPE_SHA224;
+ break;
+ case sha256_mac:
+ *hashAlgo = WC_HASH_TYPE_SHA256;
+ break;
+ case sha384_mac:
+ *hashAlgo = WC_HASH_TYPE_SHA384;
+ break;
+ case sha512_mac:
+ *hashAlgo = WC_HASH_TYPE_SHA512;
+ break;
+ case blake2b_mac:
+ *hashAlgo = WC_HASH_TYPE_BLAKE2B;
+ break;
+ case sm3_mac:
+#ifdef WOLFSSL_SM3
+ *hashAlgo = WC_HASH_TYPE_SM3;
+#else
+ *hashAlgo = WC_HASH_TYPE_NONE;
+#endif
+ break;
+ default:
+ *hashAlgo = WC_HASH_TYPE_NONE;
+ *sigAlgo = 0;
+ return BAD_FUNC_ARG;
+ }
+ return 0;
+ }
+
/**
* Internal wrapper for calling certSetupCb
* @param ssl The SSL/TLS Object
@@ -17296,7 +16516,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || HAVE_WEBSERVER */
-#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+#ifndef WOLFSSL_NO_CA_NAMES
WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_CTX_get_client_CA_list(
const WOLFSSL_CTX *ctx)
{
@@ -17307,7 +16527,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return NULL;
}
- return ctx->ca_names;
+ return ctx->client_ca_names;
}
/* returns the CA's set on server side or the CA's sent from server when
@@ -17337,9 +16557,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return WOLFSSL_FAILURE;
}
- if (ctx->ca_names == NULL) {
- ctx->ca_names = wolfSSL_sk_X509_NAME_new(NULL);
- if (ctx->ca_names == NULL) {
+ if (ctx->client_ca_names == NULL) {
+ ctx->client_ca_names = wolfSSL_sk_X509_NAME_new(NULL);
+ if (ctx->client_ca_names == NULL) {
WOLFSSL_MSG("wolfSSL_sk_X509_NAME_new error");
return WOLFSSL_FAILURE;
}
@@ -17351,7 +16571,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return WOLFSSL_FAILURE;
}
- if (wolfSSL_sk_X509_NAME_push(ctx->ca_names, nameCopy) != WOLFSSL_SUCCESS) {
+ if (wolfSSL_sk_X509_NAME_push(ctx->client_ca_names, nameCopy) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("wolfSSL_sk_X509_NAME_push error");
wolfSSL_X509_NAME_free(nameCopy);
return WOLFSSL_FAILURE;
@@ -17446,17 +16666,50 @@ cleanup:
/*
* This is an OpenSSL compatibility layer function, but it doesn't mirror
* the exact functionality of its OpenSSL counterpart. We don't support the
- * notion of an "OpenSSL directory," nor do we support the environment
- * variables SSL_CERT_DIR or SSL_CERT_FILE. This function is simply a
- * wrapper around our native wolfSSL_CTX_load_system_CA_certs function. This
- * function does conform to OpenSSL's return value conventions, though.
+ * notion of an "OpenSSL directory". This function will attempt to load the
+ * environment variables SSL_CERT_DIR and SSL_CERT_FILE, if either are found,
+ * they will be loaded. Otherwise, it will act as a wrapper around our
+ * native wolfSSL_CTX_load_system_CA_certs function. This function does
+ * conform to OpenSSL's return value conventions.
*/
int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
{
int ret;
+#ifdef XGETENV
+ char* certDir;
+ char* certFile;
+ word32 flags;
+#endif
WOLFSSL_ENTER("wolfSSL_CTX_set_default_verify_paths");
+#ifdef XGETENV
+ certDir = XGETENV("SSL_CERT_DIR");
+ certFile = XGETENV("SSL_CERT_FILE");
+ flags = WOLFSSL_LOAD_FLAG_PEM_CA_ONLY;
+
+ if (certDir || certFile) {
+ if (certDir) {
+ /*
+ * We want to keep trying to load more CAs even if one cert in
+ * the directory is bad and can't be used (e.g. if one is expired),
+ * so we use WOLFSSL_LOAD_FLAG_IGNORE_ERR.
+ */
+ flags |= WOLFSSL_LOAD_FLAG_IGNORE_ERR;
+ }
+
+ ret = wolfSSL_CTX_load_verify_locations_ex(ctx, certFile, certDir,
+ flags);
+ if (ret != WOLFSSL_SUCCESS) {
+ WOLFSSL_MSG_EX("Failed to load CA certs from SSL_CERT_FILE: %s"
+ " SSL_CERT_DIR: %s. Error: %d", certFile,
+ certDir, ret);
+ return WOLFSSL_FAILURE;
+ }
+ return ret;
+ }
+#endif
+
ret = wolfSSL_CTX_load_system_CA_certs(ctx);
if (ret == WOLFSSL_BAD_PATH) {
/*
@@ -17737,11 +16990,13 @@ cleanup:
#endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || WOLFSSL_WPAS_SMALL */
/* return true if connection established */
- int wolfSSL_is_init_finished(WOLFSSL* ssl)
+ int wolfSSL_is_init_finished(const WOLFSSL* ssl)
{
if (ssl == NULL)
return 0;
+ /* Can't use ssl->options.connectState and ssl->options.acceptState because
+ * they differ in meaning for TLS <=1.2 and 1.3 */
if (ssl->options.handShakeState == HANDSHAKE_DONE)
return 1;
@@ -17946,6 +17201,32 @@ cleanup:
and free it with CTX free*/
}
+#ifdef OPENSSL_ALL
+ int wolfSSL_CTX_set1_verify_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str)
+ {
+ WOLFSSL_ENTER("wolfSSL_CTX_set1_verify_cert_store");
+
+ if (ctx == NULL || str == NULL) {
+ WOLFSSL_MSG("Bad parameter");
+ return WOLFSSL_FAILURE;
+ }
+
+ /* NO-OP when setting existing store */
+ if (str == CTX_STORE(ctx))
+ return WOLFSSL_SUCCESS;
+
+ if (wolfSSL_X509_STORE_up_ref(str) != WOLFSSL_SUCCESS) {
+ WOLFSSL_MSG("wolfSSL_X509_STORE_up_ref error");
+ return WOLFSSL_FAILURE;
+ }
+
+ /* free existing store if it exists */
+ wolfSSL_X509_STORE_free(ctx->x509_store_pt);
+ ctx->x509_store_pt = str; /* take ownership of store and free it
+ with CTX free */
+ return WOLFSSL_SUCCESS;
+ }
+#endif
int wolfSSL_set0_verify_cert_store(WOLFSSL *ssl, WOLFSSL_X509_STORE* str)
{
@@ -18043,13 +17324,26 @@ cleanup:
#endif /* WOLFSSL_ENCRYPTED_KEYS */
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
+ unsigned long wolfSSL_ERR_get_error(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_ERR_get_error");
+#ifdef WOLFSSL_HAVE_ERROR_QUEUE
+ return wc_GetErrorNodeErr();
+#else
+ return (unsigned long)(0 - NOT_COMPILED_IN);
+#endif
+ }
+#endif
+
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+
int wolfSSL_num_locks(void)
{
return 0;
}
- void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, int))
+ void wolfSSL_set_locking_callback(mutex_cb* f)
{
WOLFSSL_ENTER("wolfSSL_set_locking_callback");
@@ -18058,6 +17352,13 @@ cleanup:
}
}
+ mutex_cb* wolfSSL_get_locking_callback(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_get_locking_callback");
+
+ return wc_GetMutexCb();
+ }
+
typedef unsigned long (idCb)(void);
static idCb* inner_idCb = NULL;
@@ -18078,16 +17379,6 @@ cleanup:
inner_idCb = f;
}
- unsigned long wolfSSL_ERR_get_error(void)
- {
- WOLFSSL_ENTER("wolfSSL_ERR_get_error");
-#ifdef WOLFSSL_HAVE_ERROR_QUEUE
- return wc_GetErrorNodeErr();
-#else
- return (unsigned long)(0 - NOT_COMPILED_IN);
-#endif
- }
-
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
#ifndef NO_BIO
/* print out and clear all errors */
@@ -18176,7 +17467,7 @@ size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out,
* NOTE: currently wolfSSL_KeepHandshakeResources(WOLFSSL* ssl) must be called
* before the ephemeral key is stored.
* return WOLFSSL_SUCCESS on success */
-int wolfSSL_get_server_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey)
+int wolfSSL_get_peer_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey)
{
WOLFSSL_EVP_PKEY* ret = NULL;
@@ -18994,1173 +18285,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
}
#endif /* OPENSSL_EXTRA */
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
-#ifndef NO_MD5
- int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5)
- {
- int ret;
- typedef char md5_test[sizeof(MD5_CTX) >= sizeof(wc_Md5) ? 1 : -1];
- (void)sizeof(md5_test);
-
- WOLFSSL_ENTER("MD5_Init");
- ret = wc_InitMd5((wc_Md5*)md5);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("MD5_Update");
- ret = wc_Md5Update((wc_Md5*)md5, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-
- int wolfSSL_MD5_Final(byte* output, WOLFSSL_MD5_CTX* md5)
- {
- int ret;
-
- WOLFSSL_ENTER("MD5_Final");
- ret = wc_Md5Final((wc_Md5*)md5, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Md5Free((wc_Md5*)md5);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
- /* Apply MD5 transformation to the data */
- int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX* md5, const unsigned char* data)
- {
- int ret;
-
- WOLFSSL_ENTER("MD5_Transform");
-
- /* sanity check */
- if (md5 == NULL || data == NULL) {
- return 0;
- }
- #if defined(BIG_ENDIAN_ORDER)
- ByteReverseWords((word32*)data, (word32*)data, WC_MD5_BLOCK_SIZE);
- #endif
-
- ret = wc_Md5Transform((wc_Md5*)md5, data);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- unsigned char *wolfSSL_MD5(const unsigned char* data, size_t len,
- unsigned char* hash)
- {
- static unsigned char out[WC_MD5_DIGEST_SIZE];
-
- WOLFSSL_ENTER("wolfSSL_MD5");
-
- if (hash == NULL)
- hash = out;
- if (wc_Md5Hash(data, (word32)len, hash) != 0) {
- WOLFSSL_MSG("wc_Md5Hash error");
- return NULL;
- }
- return hash;
- }
-#endif /* !NO_MD5 */
-
-
-#ifndef NO_SHA
- int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA_CTX) >= sizeof(wc_Sha) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA_Init");
- ret = wc_InitSha((wc_Sha*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-
- int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA_Update");
- ret = wc_ShaUpdate((wc_Sha*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-
- int wolfSSL_SHA_Final(byte* output, WOLFSSL_SHA_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA_Final");
- ret = wc_ShaFinal((wc_Sha*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_ShaFree((wc_Sha*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
- /* Apply SHA1 transformation to the data */
- int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX* sha,
- const unsigned char* data)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA_Transform");
- /* sanity check */
- if (sha == NULL || data == NULL) {
- return 0;
- }
- #if defined(LITTLE_ENDIAN_ORDER)
- ByteReverseWords((word32*)data, (word32*)data, WC_SHA_BLOCK_SIZE);
- #endif
- ret = wc_ShaTransform((wc_Sha*)sha, data);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
- #endif
-
- int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha)
- {
- WOLFSSL_ENTER("SHA1_Init");
- return SHA_Init(sha);
- }
-
-
- int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
- unsigned long sz)
- {
- WOLFSSL_ENTER("SHA1_Update");
- return SHA_Update(sha, input, sz);
- }
-
-
- int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha)
- {
- WOLFSSL_ENTER("SHA1_Final");
- return SHA_Final(output, sha);
- }
-
- #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
- /* Apply SHA1 transformation to the data */
- int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha,
- const unsigned char* data)
- {
- WOLFSSL_ENTER("SHA1_Transform");
- return (wolfSSL_SHA_Transform(sha, data));
- }
- #endif
-#endif /* !NO_SHA */
-
-#ifndef NO_SHA256
-#ifdef WOLFSSL_SHA224
-
- int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA224_CTX) >= sizeof(wc_Sha224) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA224_Init");
- ret = wc_InitSha224((wc_Sha224*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-
- int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA224_Update");
- ret = wc_Sha224Update((wc_Sha224*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-
- int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA224_Final");
- ret = wc_Sha224Final((wc_Sha224*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha224Free((wc_Sha224*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-#endif /* WOLFSSL_SHA224 */
-
- int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(wc_Sha256) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA256_Init");
- ret = wc_InitSha256((wc_Sha256*)sha256);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA256_Update");
- ret = wc_Sha256Update((wc_Sha256*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA256_Final");
- ret = wc_Sha256Final((wc_Sha256*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha256Free((wc_Sha256*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
- !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
- !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
- /* Apply SHA256 transformation to the data */
- int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256,
- const unsigned char* data)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA256_Transform");
- /* sanity check */
- if (sha256 == NULL || data == NULL) {
- return 0;
- }
- #if defined(LITTLE_ENDIAN_ORDER)
- ByteReverseWords((word32*)data, (word32*)data, WC_SHA256_BLOCK_SIZE);
- #endif
- ret = wc_Sha256Transform((wc_Sha256*)sha256, data);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
- #endif
-#endif /* !NO_SHA256 */
-
-
-#ifdef WOLFSSL_SHA384
-
- int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(wc_Sha384) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA384_Init");
- ret = wc_InitSha384((wc_Sha384*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA384_Update");
- ret = wc_Sha384Update((wc_Sha384*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA384_Final");
- ret = wc_Sha384Final((wc_Sha384*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha384Free((wc_Sha384*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-#endif /* WOLFSSL_SHA384 */
-
-
-#ifdef WOLFSSL_SHA512
-
- int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(wc_Sha512) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA512_Init");
- ret = wc_InitSha512((wc_Sha512*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_Update");
- ret = wc_Sha512Update((wc_Sha512*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_Final");
- ret = wc_Sha512Final((wc_Sha512*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha512Free((wc_Sha512*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
- !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
- /* Apply SHA512 transformation to the data */
- int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
- const unsigned char* data)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_Transform");
- /* sanity check */
- if (sha512 == NULL || data == NULL) {
- return WOLFSSL_FAILURE;
- }
-
- ret = wc_Sha512Transform((wc_Sha512*)sha512, data);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
- #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
- (HAVE_FIPS_VERSION > 2)) && !WOLFSSL_KCAPI_HASH */
-
-#if !defined(WOLFSSL_NOSHA512_224) && \
- (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
- int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_224_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_224_Init");
- ret = wc_InitSha512_224((wc_Sha512*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha,
- const void* input, unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_224_Update");
- ret = wc_Sha512_224Update((wc_Sha512*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA512_224_Final(byte* output, WOLFSSL_SHA512_224_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_224_Final");
- ret = wc_Sha512_224Final((wc_Sha512*)sha, output);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
- /* Apply SHA512 transformation to the data */
- int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
- const unsigned char* data)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_224_Transform");
- /* sanity check */
- if (sha512 == NULL || data == NULL) {
- return WOLFSSL_FAILURE;
- }
-
- ret = wc_Sha512_224Transform((wc_Sha512*)sha512, data);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
- #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
- (HAVE_FIPS_VERSION > 2)) */
-
-#endif /* !WOLFSSL_NOSHA512_224 && !FIPS ... */
-
-#if !defined(WOLFSSL_NOSHA512_256) && \
- (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
- int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_256_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_256_Init");
- ret = wc_InitSha512_256((wc_Sha512*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha,
- const void* input, unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_256_Update");
- ret = wc_Sha512_256Update((wc_Sha512*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_256_Final");
- ret = wc_Sha512_256Final((wc_Sha512*)sha, output);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
- /* Apply SHA512 transformation to the data */
- int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
- const unsigned char* data)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA512_256_Transform");
- /* sanity check */
- if (sha512 == NULL || data == NULL) {
- return WOLFSSL_FAILURE;
- }
-
- ret = wc_Sha512_256Transform((wc_Sha512*)sha512, data);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
- #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
- (HAVE_FIPS_VERSION > 2)) */
-
-#endif /* !WOLFSSL_NOSHA512_256 && !FIPS ... */
-
-#endif /* WOLFSSL_SHA512 */
-
-#ifdef WOLFSSL_SHA3
-#ifndef WOLFSSL_NOSHA3_224
- int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA3_224_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA3_224_Init");
- ret = wc_InitSha3_224((wc_Sha3*)sha, NULL, INVALID_DEVID);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_224_Update");
- ret = wc_Sha3_224_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_224_Final(byte* output, WOLFSSL_SHA3_224_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_224_Final");
- ret = wc_Sha3_224_Final((wc_Sha3*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha3_224_Free((wc_Sha3*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-#endif /* WOLFSSL_NOSHA3_224 */
-
-#ifndef WOLFSSL_NOSHA3_256
- int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha3_256)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA3_256_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA3_256_Init");
- ret = wc_InitSha3_256((wc_Sha3*)sha3_256, NULL, INVALID_DEVID);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_256_Update");
- ret = wc_Sha3_256_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_256_Final(byte* output, WOLFSSL_SHA3_256_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_256_Final");
- ret = wc_Sha3_256_Final((wc_Sha3*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha3_256_Free((wc_Sha3*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-#endif /* WOLFSSL_NOSHA3_256 */
-
- int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA3_384_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA3_384_Init");
- ret = wc_InitSha3_384((wc_Sha3*)sha, NULL, INVALID_DEVID);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_384_Update");
- ret = wc_Sha3_384_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_384_Final(byte* output, WOLFSSL_SHA3_384_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_384_Final");
- ret = wc_Sha3_384_Final((wc_Sha3*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha3_384_Free((wc_Sha3*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
-#ifndef WOLFSSL_NOSHA3_512
- int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha)
- {
- int ret;
-
- typedef char sha_test[sizeof(SHA3_512_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
- (void)sizeof(sha_test);
-
- WOLFSSL_ENTER("SHA3_512_Init");
- ret = wc_InitSha3_512((wc_Sha3*)sha, NULL, INVALID_DEVID);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX* sha, const void* input,
- unsigned long sz)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_512_Update");
- ret = wc_Sha3_512_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-
- int wolfSSL_SHA3_512_Final(byte* output, WOLFSSL_SHA3_512_CTX* sha)
- {
- int ret;
-
- WOLFSSL_ENTER("SHA3_512_Final");
- ret = wc_Sha3_512_Final((wc_Sha3*)sha, output);
-
- /* have to actually free the resources (if any) here, because the
- * OpenSSL API doesn't include SHA*_Free().
- */
- wc_Sha3_512_Free((wc_Sha3*)sha);
-
- /* return 1 on success, 0 otherwise */
- if (ret == 0)
- return WOLFSSL_SUCCESS;
- return WOLFSSL_FAILURE;
- }
-#endif /* WOLFSSL_NOSHA3_512 */
-#endif /* WOLFSSL_SHA3 */
-#endif
-
#ifdef OPENSSL_EXTRA
-
- unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key,
- int key_len, const unsigned char* d, int n,
- unsigned char* md, unsigned int* md_len)
- {
- int type;
- int mdlen;
- unsigned char* ret = NULL;
-#ifdef WOLFSSL_SMALL_STACK
- Hmac* hmac = NULL;
-#else
- Hmac hmac[1];
-#endif
- void* heap = NULL;
-
- WOLFSSL_ENTER("wolfSSL_HMAC");
- if (!md) {
- WOLFSSL_MSG("Static buffer not supported, pass in md buffer");
- return NULL; /* no static buffer support */
- }
-
-#ifndef NO_MD5
- if (XSTRCMP(evp_md, "MD5") == 0) {
- type = WC_MD5;
- mdlen = WC_MD5_DIGEST_SIZE;
- } else
-#endif
-#ifdef WOLFSSL_SHA224
- if (XSTRCMP(evp_md, "SHA224") == 0) {
- type = WC_SHA224;
- mdlen = WC_SHA224_DIGEST_SIZE;
- } else
-#endif
-#ifndef NO_SHA256
- if (XSTRCMP(evp_md, "SHA256") == 0) {
- type = WC_SHA256;
- mdlen = WC_SHA256_DIGEST_SIZE;
- } else
-#endif
-#ifdef WOLFSSL_SHA384
- if (XSTRCMP(evp_md, "SHA384") == 0) {
- type = WC_SHA384;
- mdlen = WC_SHA384_DIGEST_SIZE;
- } else
-#endif
-#ifdef WOLFSSL_SHA512
- if (XSTRCMP(evp_md, "SHA512") == 0) {
- type = WC_SHA512;
- mdlen = WC_SHA512_DIGEST_SIZE;
- } else
-#endif
-#ifdef WOLFSSL_SHA3
- #ifndef WOLFSSL_NOSHA3_224
- if (XSTRCMP(evp_md, "SHA3_224") == 0) {
- type = WC_SHA3_224;
- mdlen = WC_SHA3_224_DIGEST_SIZE;
- } else
- #endif
- #ifndef WOLFSSL_NOSHA3_256
- if (XSTRCMP(evp_md, "SHA3_256") == 0) {
- type = WC_SHA3_256;
- mdlen = WC_SHA3_256_DIGEST_SIZE;
- } else
- #endif
- if (XSTRCMP(evp_md, "SHA3_384") == 0) {
- type = WC_SHA3_384;
- mdlen = WC_SHA3_384_DIGEST_SIZE;
- } else
- #ifndef WOLFSSL_NOSHA3_512
- if (XSTRCMP(evp_md, "SHA3_512") == 0) {
- type = WC_SHA3_512;
- mdlen = WC_SHA3_512_DIGEST_SIZE;
- } else
- #endif
-#endif
-#ifndef NO_SHA
- if (XSTRCMP(evp_md, "SHA") == 0 || XSTRCMP(evp_md, "SHA1") == 0) {
- type = WC_SHA;
- mdlen = WC_SHA_DIGEST_SIZE;
- }
- else
-#endif
- {
- return NULL;
- }
-
- #ifdef WOLFSSL_SMALL_STACK
- hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
- if (hmac == NULL)
- return NULL;
- #endif
-
- if (wc_HmacInit(hmac, heap, INVALID_DEVID) == 0) {
- if (wc_HmacSetKey(hmac, type, (const byte*)key, key_len) == 0) {
- if (wc_HmacUpdate(hmac, d, n) == 0) {
- if (wc_HmacFinal(hmac, md) == 0) {
- if (md_len)
- *md_len = mdlen;
- ret = md;
- }
- }
- }
- wc_HmacFree(hmac);
- }
-
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
- #endif
-
- (void)evp_md;
- return ret;
- }
-
-#ifndef NO_DES3
- /* 0 on ok */
- int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
- WOLFSSL_DES_key_schedule* schedule)
- {
- WOLFSSL_ENTER("wolfSSL_DES_key_sched");
-
- if (key == NULL || schedule == NULL) {
- WOLFSSL_MSG("Null argument passed in");
- }
- else {
- XMEMCPY(schedule, key, sizeof(WOLFSSL_const_DES_cblock));
- }
-
- return 0;
- }
-
-
- /* intended to behave similar to Kerberos mit_des_cbc_cksum
- * return the last 4 bytes of cipher text */
- WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in,
- WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc,
- WOLFSSL_const_DES_cblock* iv)
- {
- WOLFSSL_DES_LONG ret;
- unsigned char* tmp;
- unsigned char* data = (unsigned char*)in;
- long dataSz = length;
- byte dynamicFlag = 0; /* when padding the buffer created needs free'd */
-
- WOLFSSL_ENTER("wolfSSL_DES_cbc_cksum");
-
- if (in == NULL || out == NULL || sc == NULL || iv == NULL) {
- WOLFSSL_MSG("Bad argument passed in");
- return 0;
- }
-
- /* if input length is not a multiple of DES_BLOCK_SIZE pad with 0s */
- if (dataSz % DES_BLOCK_SIZE) {
- dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE);
- data = (unsigned char*)XMALLOC(dataSz, NULL,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (data == NULL) {
- WOLFSSL_MSG("Issue creating temporary buffer");
- return 0;
- }
- dynamicFlag = 1; /* set to free buffer at end */
- XMEMCPY(data, in, length);
- XMEMSET(data + length, 0, dataSz - length); /* padding */
- }
-
- tmp = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp == NULL) {
- WOLFSSL_MSG("Issue creating temporary buffer");
- if (dynamicFlag == 1) {
- XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- return 0;
- }
-
- wolfSSL_DES_cbc_encrypt(data, tmp, dataSz, sc,
- (WOLFSSL_DES_cblock*)iv, 1);
- XMEMCPY((unsigned char*)out, tmp + (dataSz - DES_BLOCK_SIZE),
- DES_BLOCK_SIZE);
-
- ret = (((*((unsigned char*)out + 4) & 0xFF) << 24)|
- ((*((unsigned char*)out + 5) & 0xFF) << 16)|
- ((*((unsigned char*)out + 6) & 0xFF) << 8) |
- (*((unsigned char*)out + 7) & 0xFF));
-
- XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (dynamicFlag == 1) {
- XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
-
- return ret;
- }
-
-
- void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
- unsigned char* output, long length,
- WOLFSSL_DES_key_schedule* schedule,
- WOLFSSL_DES_cblock* ivec, int enc)
- {
- Des myDes;
- byte lastblock[DES_BLOCK_SIZE];
- int lb_sz;
- long blk;
-
- WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
-
- /* OpenSSL compat, no ret */
- if (wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec,
- !enc) != 0) {
- WOLFSSL_MSG("wc_Des_SetKey return error.");
- return;
- }
- lb_sz = length%DES_BLOCK_SIZE;
- blk = length/DES_BLOCK_SIZE;
-
- if (enc == DES_ENCRYPT){
- wc_Des_CbcEncrypt(&myDes, output, input, (word32)blk*DES_BLOCK_SIZE);
- if(lb_sz){
- XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
- XMEMCPY(lastblock, input+length-lb_sz, lb_sz);
- wc_Des_CbcEncrypt(&myDes, output+blk*DES_BLOCK_SIZE,
- lastblock, (word32)DES_BLOCK_SIZE);
- }
- }
- else {
- wc_Des_CbcDecrypt(&myDes, output, input, (word32)blk*DES_BLOCK_SIZE);
- if(lb_sz){
- wc_Des_CbcDecrypt(&myDes, lastblock, input+length-lb_sz, (word32)DES_BLOCK_SIZE);
- XMEMCPY(output+length-lb_sz, lastblock, lb_sz);
- }
- }
- }
-
-
- /* WOLFSSL_DES_key_schedule is a unsigned char array of size 8 */
- void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
- unsigned char* output, long sz,
- WOLFSSL_DES_key_schedule* ks1,
- WOLFSSL_DES_key_schedule* ks2,
- WOLFSSL_DES_key_schedule* ks3,
- WOLFSSL_DES_cblock* ivec, int enc)
- {
- int ret;
- Des3 des;
- byte key[24];/* EDE uses 24 size key */
- byte lastblock[DES_BLOCK_SIZE];
- int lb_sz;
- long blk;
-
- WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
-
- if (sz <= 0)
- return;
-
- XMEMSET(key, 0, sizeof(key));
- XMEMCPY(key, *ks1, DES_BLOCK_SIZE);
- XMEMCPY(&key[DES_BLOCK_SIZE], *ks2, DES_BLOCK_SIZE);
- XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE);
- lb_sz = sz%DES_BLOCK_SIZE;
- blk = sz/DES_BLOCK_SIZE;
-
- /* OpenSSL compat, no ret */
- (void)wc_Des3Init(&des, NULL, INVALID_DEVID);
-
- if (enc == DES_ENCRYPT) {
- if (wc_Des3_SetKey(&des, key, (const byte*)ivec,
- DES_ENCRYPTION) == 0) {
- ret = wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- (void)ret; /* ignore return codes for processing */
- if(lb_sz){
- XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
- XMEMCPY(lastblock, input+sz-lb_sz, lb_sz);
- ret = wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE,
- lastblock, (word32)DES_BLOCK_SIZE);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- (void)ret; /* ignore return codes for processing */
- XMEMCPY(ivec, output+blk*DES_BLOCK_SIZE, DES_BLOCK_SIZE);
- }
- else {
- XMEMCPY(ivec, output+(blk-1)*DES_BLOCK_SIZE, DES_BLOCK_SIZE);
- }
- }
- }
- else {
- if (wc_Des3_SetKey(&des, key, (const byte*)ivec,
- DES_DECRYPTION) == 0) {
- if(lb_sz)
- XMEMCPY(ivec, input+sz-lb_sz, DES_BLOCK_SIZE);
- else
- XMEMCPY(ivec, input+(blk-1)*DES_BLOCK_SIZE, DES_BLOCK_SIZE);
- ret = wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- (void)ret; /* ignore return codes for processing */
- if(lb_sz){
- ret = wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- (void)ret; /* ignore return codes for processing */
- XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
- }
- }
- }
- wc_Des3Free(&des);
- }
-
-
- /* correctly sets ivec for next call */
- void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
- unsigned char* output, long length,
- WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
- int enc)
- {
- Des myDes;
- byte lastblock[DES_BLOCK_SIZE];
- int lb_sz;
- long idx = length;
- long blk;
-
- WOLFSSL_ENTER("wolfSSL_DES_ncbc_encrypt");
-
- /* OpenSSL compat, no ret */
- if (wc_Des_SetKey(&myDes, (const byte*)schedule,
- (const byte*)ivec, !enc) != 0) {
- WOLFSSL_MSG("wc_Des_SetKey return error.");
- return;
- }
-
- lb_sz = length%DES_BLOCK_SIZE;
- blk = length/DES_BLOCK_SIZE;
- idx -= sizeof(DES_cblock);
- if (lb_sz) {
- idx += DES_BLOCK_SIZE - lb_sz;
- }
- if (enc == DES_ENCRYPT){
- wc_Des_CbcEncrypt(&myDes, output, input,
- (word32)blk * DES_BLOCK_SIZE);
- if (lb_sz){
- XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
- XMEMCPY(lastblock, input+length-lb_sz, lb_sz);
- wc_Des_CbcEncrypt(&myDes, output + blk * DES_BLOCK_SIZE,
- lastblock, (word32)DES_BLOCK_SIZE);
- }
- XMEMCPY(ivec, output + idx, sizeof(DES_cblock));
- } else {
- WOLFSSL_DES_cblock tmp;
- XMEMCPY(tmp, input + idx, sizeof(DES_cblock));
- wc_Des_CbcDecrypt(&myDes, output, input,
- (word32)blk * DES_BLOCK_SIZE);
- if (lb_sz){
- wc_Des_CbcDecrypt(&myDes, lastblock, input + length - lb_sz,
- (word32)DES_BLOCK_SIZE);
- XMEMCPY(output+length-lb_sz, lastblock, lb_sz);
- }
- XMEMCPY(ivec, tmp, sizeof(WOLFSSL_DES_cblock));
- }
-
- }
-
-#endif /* NO_DES3 */
-
void wolfSSL_ERR_free_strings(void)
{
/* handled internally */
@@ -20225,6 +18350,9 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
ssl->options.haveSessionId = 0;
ssl->options.tls = 0;
ssl->options.tls1_1 = 0;
+ #ifdef WOLFSSL_DTLS
+ ssl->options.dtlsStateful = 0;
+ #endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
ssl->options.noPskDheKe = 0;
#ifdef HAVE_SUPPORTED_CURVES
@@ -20280,7 +18408,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
-#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode)
{
/* WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is wolfSSL default mode */
@@ -20336,39 +18464,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
}
#endif
-#ifdef OPENSSL_EXTRA
-
- #ifndef NO_WOLFSSL_STUB
- long wolfSSL_SSL_get_mode(WOLFSSL* ssl)
- {
- /* TODO: */
- (void)ssl;
- WOLFSSL_STUB("SSL_get_mode");
- return 0;
- }
- #endif
-
- #ifndef NO_WOLFSSL_STUB
- long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
- {
- /* TODO: */
- (void)ctx;
- WOLFSSL_STUB("SSL_CTX_get_mode");
- return 0;
- }
- #endif
-
- #ifndef NO_WOLFSSL_STUB
- void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
- {
- /* TODO: maybe? */
- (void)ctx;
- (void)m;
- WOLFSSL_STUB("SSL_CTX_set_default_read_ahead");
- }
- #endif
-
-
+#ifdef WOLFSSL_SESSION_ID_CTX
/* Storing app session context id, this value is inherited by WOLFSSL
* objects created from WOLFSSL_CTX. Any session that is imported with a
* different session context id will be rejected.
@@ -20419,6 +18515,39 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
return WOLFSSL_SUCCESS;
}
+#endif
+
+#ifdef OPENSSL_EXTRA
+
+ #ifndef NO_WOLFSSL_STUB
+ long wolfSSL_SSL_get_mode(WOLFSSL* ssl)
+ {
+ /* TODO: */
+ (void)ssl;
+ WOLFSSL_STUB("SSL_get_mode");
+ return 0;
+ }
+ #endif
+
+ #ifndef NO_WOLFSSL_STUB
+ long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
+ {
+ /* TODO: */
+ (void)ctx;
+ WOLFSSL_STUB("SSL_CTX_get_mode");
+ return 0;
+ }
+ #endif
+
+ #ifndef NO_WOLFSSL_STUB
+ void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
+ {
+ /* TODO: maybe? */
+ (void)ctx;
+ (void)m;
+ WOLFSSL_STUB("SSL_CTX_set_default_read_ahead");
+ }
+ #endif
long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
@@ -20743,6 +18872,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
if (ret == 0 && i == ssl->session->chain.count-1) {
/* On the last element in the chain try to add the CA chain
* first if we have one for this cert */
+ SSL_CM_WARNING(ssl);
if (PushCAx509Chain(SSL_CM(ssl), x509, sk)
== WOLFSSL_FATAL_ERROR) {
ret = WOLFSSL_FATAL_ERROR;
@@ -21214,8 +19344,13 @@ int wolfSSL_session_reused(WOLFSSL* ssl)
{
int resuming = 0;
WOLFSSL_ENTER("wolfSSL_session_reused");
- if (ssl)
+ if (ssl) {
+#ifndef HAVE_SECURE_RENEGOTIATION
resuming = ssl->options.resuming;
+#else
+ resuming = ssl->options.resuming || ssl->options.resumed;
+#endif
+ }
WOLFSSL_LEAVE("wolfSSL_session_reused", resuming);
return resuming;
}
@@ -21352,8 +19487,8 @@ static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
}
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
- /* free the data, it would be better to re-use the buffer but this
- * maintain the code simpler. A smart allocator should re-use the free'd
+ /* free the data, it would be better to reuse the buffer but this
+ * maintain the code simpler. A smart allocator should reuse the free'd
* buffer in the next malloc without much performance penalties. */
if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
@@ -21575,7 +19710,6 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
{
-#ifdef HAVE_EXT_CACHE
WOLFSSL_SESSION* copy;
WOLFSSL_ENTER("wolfSSL_SESSION_dup");
@@ -21598,11 +19732,6 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
copy = NULL;
}
return copy;
-#else
- WOLFSSL_MSG("wolfSSL_SESSION_dup feature not compiled in");
- (void)session;
- return NULL;
-#endif /* HAVE_EXT_CACHE */
}
void wolfSSL_FreeSession(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
@@ -22051,6 +20180,8 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
{
const char* cName = NULL;
+ WOLFSSL_ENTER("wolfSSL_get_curve_name");
+
if (ssl == NULL)
return NULL;
@@ -22498,6 +20629,11 @@ static WC_INLINE const char* wolfssl_sigalg_to_string(int sig_algo)
authStr = "ECDSA";
break;
#endif
+#ifdef WOLFSSL_SM2
+ case sm2_sa_algo:
+ authStr = "SM2";
+ break;
+#endif
#ifdef HAVE_ED25519
case ed25519_sa_algo:
authStr = "Ed25519";
@@ -22571,6 +20707,18 @@ static WC_INLINE const char* wolfssl_cipher_to_string(int cipher, int key_size)
encStr = "CHACHA20/POLY1305(256)";
break;
#endif
+#ifdef HAVE_ARIA
+ case wolfssl_aria_gcm:
+ if (key_size == 128)
+ encStr = "Aria(128)";
+ else if (key_size == 192)
+ encStr = "Aria(192)";
+ else if (key_size == 256)
+ encStr = "Aria(256)";
+ else
+ encStr = "Aria(?)";
+ break;
+#endif
#ifdef HAVE_CAMELLIA
case wolfssl_camellia:
if (key_size == 128)
@@ -22711,35 +20859,6 @@ int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, char** path,
}
#endif
-#ifndef NO_MD4
-
-void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4)
-{
- /* make sure we have a big enough buffer */
- typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1];
- (void) sizeof(ok);
-
- WOLFSSL_ENTER("MD4_Init");
- wc_InitMd4((Md4*)md4);
-}
-
-
-void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
- unsigned long len)
-{
- WOLFSSL_ENTER("MD4_Update");
- wc_Md4Update((Md4*)md4, (const byte*)data, (word32)len);
-}
-
-
-void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4)
-{
- WOLFSSL_ENTER("MD4_Final");
- wc_Md4Final((Md4*)md4, digest);
-}
-
-#endif /* NO_MD4 */
-
#ifndef NO_WOLFSSL_STUB
void wolfSSL_RAND_screen(void)
{
@@ -23064,6 +21183,18 @@ void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
}
}
+void wolfSSL_set_info_callback(WOLFSSL* ssl,
+ void (*f)(const WOLFSSL* ssl, int type, int val))
+{
+ WOLFSSL_ENTER("wolfSSL_set_info_callback");
+ if (ssl == NULL) {
+ WOLFSSL_MSG("Bad function argument");
+ }
+ else {
+ ssl->CBIS = f;
+ }
+}
+
unsigned long wolfSSL_ERR_peek_error(void)
{
@@ -23114,8 +21245,9 @@ int wolfSSL_ERR_GET_REASON(unsigned long err)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
/* Nginx looks for this error to know to stop parsing certificates.
* Same for HAProxy. */
- if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE)
- || (err & 0xFFFFFFL) == -ASN_NO_PEM_HEADER)
+ if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE) ||
+ ((err & 0xFFFFFFL) == -ASN_NO_PEM_HEADER) ||
+ ((err & 0xFFFL) == PEM_R_NO_START_LINE ))
return PEM_R_NO_START_LINE;
if (err == ((ERR_LIB_SSL << 24) | -SSL_R_HTTP_REQUEST))
return SSL_R_HTTP_REQUEST;
@@ -23744,7 +21876,7 @@ long wolfSSL_set_tlsext_debug_arg(WOLFSSL* ssl, void *arg)
}
#endif /* HAVE_PK_CALLBACKS */
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX)
const unsigned char *wolfSSL_SESSION_get0_id_context(
const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length)
{
@@ -24027,7 +22159,8 @@ size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count)
}
#endif /* WOLFSSL_HAVE_TLS_UNIQUE */
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(OPENSSL_ALL)
long wolfSSL_get_verify_result(const WOLFSSL *ssl)
{
if (ssl == NULL) {
@@ -24333,676 +22466,6 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX* ctx,
return WOLFSSL_SUCCESS;
}
-
-#ifndef NO_DES3
-/* 0 on success */
-int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
- WOLFSSL_DES_key_schedule* key)
-{
-#ifdef WOLFSSL_CHECK_DESKEY
- return wolfSSL_DES_set_key_checked(myDes, key);
-#else
- wolfSSL_DES_set_key_unchecked(myDes, key);
- return 0;
-#endif
-}
-
-
-
-/* return true in fail case (1) */
-static int DES_check(word32 mask, word32 mask2, unsigned char* key)
-{
- word32 value[2];
-
- /* sanity check on length made in wolfSSL_DES_set_key_checked */
- value[0] = mask;
- value[1] = mask2;
- return (XMEMCMP(value, key, sizeof(value)) == 0)? 1: 0;
-}
-
-
-/* check that the key is odd parity and is not a weak key
- * returns -1 if parity is wrong, -2 if weak/null key and 0 on success */
-int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
- WOLFSSL_DES_key_schedule* key)
-{
- if (myDes == NULL || key == NULL) {
- WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
- return -2;
- }
- else {
- word32 sz = sizeof(WOLFSSL_DES_key_schedule);
-
- /* sanity check before call to DES_check */
- if (sz != (sizeof(word32) * 2)) {
- WOLFSSL_MSG("Unexpected WOLFSSL_DES_key_schedule size");
- return -2;
- }
-
- /* check odd parity */
- if (wolfSSL_DES_check_key_parity(myDes) != 1) {
- WOLFSSL_MSG("Odd parity test fail");
- return -1;
- }
-
- if (wolfSSL_DES_is_weak_key(myDes) == 1) {
- WOLFSSL_MSG("Weak key found");
- return -2;
- }
-
- /* passed tests, now copy over key */
- XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
-
- return 0;
- }
-}
-
-
-/* check is not weak. Weak key list from Nist "Recommendation for the Triple
- * Data Encryption Algorithm (TDEA) Block Cipher"
- *
- * returns 1 if is weak 0 if not
- */
-int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key)
-{
- word32 mask, mask2;
-
- WOLFSSL_ENTER("wolfSSL_DES_is_weak_key");
-
- if (key == NULL) {
- WOLFSSL_MSG("NULL key passed in");
- return 1;
- }
-
- mask = 0x01010101; mask2 = 0x01010101;
- if (DES_check(mask, mask2, *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE;
- if (DES_check(mask, mask2, *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1;
- if (DES_check(mask, mask2, *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E;
- if (DES_check(mask, mask2, *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- /* semi-weak *key check (list from same Nist paper) */
- mask = 0x011F011F; mask2 = 0x010E010E;
- if (DES_check(mask, mask2, *key) ||
- DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0x01E001E0; mask2 = 0x01F101F1;
- if (DES_check(mask, mask2, *key) ||
- DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0x01FE01FE; mask2 = 0x01FE01FE;
- if (DES_check(mask, mask2, *key) ||
- DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0x1FE01FE0; mask2 = 0x0EF10EF1;
- if (DES_check(mask, mask2, *key) ||
- DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- mask = 0x1FFE1FFE; mask2 = 0x0EFE0EFE;
- if (DES_check(mask, mask2, *key) ||
- DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
- WOLFSSL_MSG("Weak key found");
- return 1;
- }
-
- return 0;
-}
-
-
-void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
- WOLFSSL_DES_key_schedule* key)
-{
- if (myDes != NULL && key != NULL) {
- XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
- }
-}
-
-
-/* Sets the parity of the DES key for use */
-void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes)
-{
- word32 i;
- word32 sz = sizeof(WOLFSSL_DES_cblock);
-
- WOLFSSL_ENTER("wolfSSL_DES_set_odd_parity");
-
- for (i = 0; i < sz; i++) {
- unsigned char c = (*myDes)[i];
- if ((
- ((c >> 1) & 0x01) ^
- ((c >> 2) & 0x01) ^
- ((c >> 3) & 0x01) ^
- ((c >> 4) & 0x01) ^
- ((c >> 5) & 0x01) ^
- ((c >> 6) & 0x01) ^
- ((c >> 7) & 0x01)) == (c & 0x01)) {
- WOLFSSL_MSG("Flipping parity bit");
- (*myDes)[i] = c ^ 0x01;
- }
- }
-}
-
-int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock *myDes)
-{
- word32 i;
- word32 sz = sizeof(WOLFSSL_DES_cblock);
-
- WOLFSSL_ENTER("wolfSSL_DES_check_key_parity");
-
- for (i = 0; i < sz; i++) {
- unsigned char c = (*myDes)[i];
- if ((
- ((c >> 1) & 0x01) ^
- ((c >> 2) & 0x01) ^
- ((c >> 3) & 0x01) ^
- ((c >> 4) & 0x01) ^
- ((c >> 5) & 0x01) ^
- ((c >> 6) & 0x01) ^
- ((c >> 7) & 0x01)) == (c & 0x01)) {
- return 0;
- }
- }
- return 1;
-}
-
-#ifdef WOLFSSL_DES_ECB
-/* Encrypt or decrypt input message desa with key and get output in desb.
- * if enc is DES_ENCRYPT,input message is encrypted or
- * if enc is DES_DECRYPT,input message is decrypted.
- * */
-void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
- WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int enc)
-{
- Des myDes;
-
- WOLFSSL_ENTER("wolfSSL_DES_ecb_encrypt");
-
- if (desa == NULL || key == NULL || desb == NULL ||
- (enc != DES_ENCRYPT && enc != DES_DECRYPT)) {
- WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
- } else {
- if (wc_Des_SetKey(&myDes, (const byte*) key,
- (const byte*) NULL, !enc) != 0) {
- WOLFSSL_MSG("wc_Des_SetKey return error.");
- return;
- }
- if (enc == DES_ENCRYPT){
- if (wc_Des_EcbEncrypt(&myDes, (byte*) desb, (const byte*) desa,
- sizeof(WOLFSSL_DES_cblock)) != 0){
- WOLFSSL_MSG("wc_Des_EcbEncrypt return error.");
- }
- } else {
- if (wc_Des_EcbDecrypt(&myDes, (byte*) desb, (const byte*) desa,
- sizeof(WOLFSSL_DES_cblock)) != 0){
- WOLFSSL_MSG("wc_Des_EcbDecrpyt return error.");
- }
- }
- }
-}
-#endif
-#endif /* NO_DES3 */
-
-#ifndef NO_RC4
-/* Set the key state for Arc4 structure.
- *
- * key Arc4 structure to use
- * len length of data buffer
- * data initial state to set Arc4 structure
- */
-void wolfSSL_RC4_set_key(WOLFSSL_RC4_KEY* key, int len,
- const unsigned char* data)
-{
- typedef char rc4_test[sizeof(WOLFSSL_RC4_KEY) >= sizeof(Arc4) ? 1 : -1];
- (void)sizeof(rc4_test);
-
- WOLFSSL_ENTER("wolfSSL_RC4_set_key");
-
- if (key == NULL || len < 0) {
- WOLFSSL_MSG("bad argument passed in");
- return;
- }
-
- XMEMSET(key, 0, sizeof(WOLFSSL_RC4_KEY));
- wc_Arc4SetKey((Arc4*)key, data, (word32)len);
-}
-
-
-/* Encrypt/decrypt with Arc4 structure.
- *
- * len length of buffer to encrypt/decrypt (in/out)
- * in buffer to encrypt/decrypt
- * out results of encryption/decryption
- */
-void wolfSSL_RC4(WOLFSSL_RC4_KEY* key, size_t len,
- const unsigned char* in, unsigned char* out)
-{
- WOLFSSL_ENTER("wolfSSL_RC4");
-
- if (key == NULL || in == NULL || out == NULL) {
- WOLFSSL_MSG("Bad argument passed in");
- return;
- }
-
- wc_Arc4Process((Arc4*)key, out, in, (word32)len);
-}
-#endif /* NO_RC4 */
-
-#ifndef NO_AES
-
-#ifdef WOLFSSL_AES_DIRECT
-/* AES encrypt direct, it is expected to be blocks of AES_BLOCK_SIZE for input.
- *
- * input Data to encrypt
- * output Encrypted data after done
- * key AES key to use for encryption
- */
-void wolfSSL_AES_encrypt(const unsigned char* input, unsigned char* output,
- AES_KEY *key)
-{
- WOLFSSL_ENTER("wolfSSL_AES_encrypt");
-
- if (input == NULL || output == NULL || key == NULL) {
- WOLFSSL_MSG("Null argument passed in");
- return;
- }
-
-#if !defined(HAVE_SELFTEST) && \
- (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
- if (wc_AesEncryptDirect((Aes*)key, output, input) != 0) {
- WOLFSSL_MSG("wc_AesEncryptDirect failed");
- return;
- }
-#else
- wc_AesEncryptDirect((Aes*)key, output, input);
-#endif
-}
-
-
-/* AES decrypt direct, it is expected to be blocks of AES_BLOCK_SIZE for input.
- *
- * input Data to decrypt
- * output Decrypted data after done
- * key AES key to use for encryption
- */
-void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
- AES_KEY *key)
-{
- WOLFSSL_ENTER("wolfSSL_AES_decrypt");
-
- if (input == NULL || output == NULL || key == NULL) {
- WOLFSSL_MSG("Null argument passed in");
- return;
- }
-
-#if !defined(HAVE_SELFTEST) && \
- (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
- if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
- WOLFSSL_MSG("wc_AesDecryptDirect failed");
- return;
- }
-#else
- wc_AesDecryptDirect((Aes*)key, output, input);
-#endif
-}
-#endif /* WOLFSSL_AES_DIRECT */
-
-/* Setup of an AES key to use for encryption.
- *
- * key key in bytes to use for encryption
- * bits size of key in bits
- * aes AES structure to initialize
- */
-int wolfSSL_AES_set_encrypt_key(const unsigned char *key, const int bits,
- AES_KEY *aes)
-{
- typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1];
- (void)sizeof(aes_test);
-
- WOLFSSL_ENTER("wolfSSL_AES_set_encrypt_key");
-
- if (key == NULL || aes == NULL) {
- WOLFSSL_MSG("Null argument passed in");
- return -1;
- }
-
- XMEMSET(aes, 0, sizeof(AES_KEY));
- if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, AES_ENCRYPT) != 0) {
- WOLFSSL_MSG("Error in setting AES key");
- return -1;
- }
- return 0;
-}
-
-
-/* Setup of an AES key to use for decryption.
- *
- * key key in bytes to use for decryption
- * bits size of key in bits
- * aes AES structure to initialize
- */
-int wolfSSL_AES_set_decrypt_key(const unsigned char *key, const int bits,
- AES_KEY *aes)
-{
- typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1];
- (void)sizeof(aes_test);
-
- WOLFSSL_ENTER("wolfSSL_AES_set_decrypt_key");
-
- if (key == NULL || aes == NULL) {
- WOLFSSL_MSG("Null argument passed in");
- return -1;
- }
-
- XMEMSET(aes, 0, sizeof(AES_KEY));
- if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, AES_DECRYPT) != 0) {
- WOLFSSL_MSG("Error in setting AES key");
- return -1;
- }
- return 0;
-}
-
-
-#ifdef HAVE_AES_ECB
-/* Encrypt/decrypt a 16 byte block of data using the key passed in.
- *
- * in buffer to encrypt/decrypt
- * out buffer to hold result of encryption/decryption
- * key AES structure to use with encryption/decryption
- * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption
- */
-void wolfSSL_AES_ecb_encrypt(const unsigned char *in, unsigned char* out,
- AES_KEY *key, const int enc)
-{
- Aes* aes;
-
- WOLFSSL_ENTER("wolfSSL_AES_ecb_encrypt");
-
- if (key == NULL || in == NULL || out == NULL) {
- WOLFSSL_MSG("Error, Null argument passed in");
- return;
- }
-
- aes = (Aes*)key;
- if (enc == AES_ENCRYPT) {
- if (wc_AesEcbEncrypt(aes, out, in, AES_BLOCK_SIZE) != 0) {
- WOLFSSL_MSG("Error with AES CBC encrypt");
- }
- }
- else {
- #ifdef HAVE_AES_DECRYPT
- if (wc_AesEcbDecrypt(aes, out, in, AES_BLOCK_SIZE) != 0) {
- WOLFSSL_MSG("Error with AES CBC decrypt");
- }
- #else
- WOLFSSL_MSG("AES decryption not compiled in");
- #endif
- }
-}
-#endif /* HAVE_AES_ECB */
-
-#ifdef HAVE_AES_CBC
-/* Encrypt data using key and iv passed in. iv gets updated to most recent iv
- * state after encryption/decryption.
- *
- * in buffer to encrypt/decrypt
- * out buffer to hold result of encryption/decryption
- * len length of input buffer
- * key AES structure to use with encryption/decryption
- * iv iv to use with operation
- * enc 1 for encryption and 0 for decryption
- */
-void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out,
- size_t len, AES_KEY *key, unsigned char* iv, const int enc)
-{
- Aes* aes;
-
- WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt");
-
- if (key == NULL || in == NULL || out == NULL || iv == NULL || len == 0) {
- WOLFSSL_MSG("Error, Null argument passed in");
- return;
- }
-
- aes = (Aes*)key;
- if (wc_AesSetIV(aes, (const byte*)iv) != 0) {
- WOLFSSL_MSG("Error with setting iv");
- return;
- }
-
- if (enc == AES_ENCRYPT) {
- if (wc_AesCbcEncrypt(aes, out, in, (word32)len) != 0) {
- WOLFSSL_MSG("Error with AES CBC encrypt");
- return;
- }
- }
- else {
- if (wc_AesCbcDecrypt(aes, out, in, (word32)len) != 0) {
- WOLFSSL_MSG("Error with AES CBC decrypt");
- return;
- }
- }
-
- /* to be compatible copy iv to iv buffer after completing operation */
- XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
-}
-#endif /* HAVE_AES_CBC */
-
-
-/* Encrypt data using CFB mode with key and iv passed in. iv gets updated to
- * most recent iv state after encryption/decryption.
- *
- * in buffer to encrypt/decrypt
- * out buffer to hold result of encryption/decryption
- * len length of input buffer
- * key AES structure to use with encryption/decryption
- * iv iv to use with operation
- * num contains the amount of block used
- * enc AES_ENCRYPT for encryption and AES_DECRYPT for decryption
- */
-void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
- size_t len, AES_KEY *key, unsigned char* iv, int* num,
- const int enc)
-{
-#ifndef WOLFSSL_AES_CFB
- WOLFSSL_MSG("CFB mode not enabled please use macro WOLFSSL_AES_CFB");
- (void)in;
- (void)out;
- (void)len;
- (void)key;
- (void)iv;
- (void)num;
- (void)enc;
-
- return;
-#else
- Aes* aes;
-
- WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt");
- if (key == NULL || in == NULL || out == NULL || iv == NULL) {
- WOLFSSL_MSG("Error, Null argument passed in");
- return;
- }
-
- aes = (Aes*)key;
-
- /*
- * We copy the IV directly into reg here because using wc_AesSetIV will
- * clear the leftover bytes field "left", and this function relies on the
- * leftover bytes being preserved between calls.
- */
- XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
-
- if (enc == AES_ENCRYPT) {
- if (wc_AesCfbEncrypt(aes, out, in, (word32)len) != 0) {
- WOLFSSL_MSG("Error with AES CBC encrypt");
- return;
- }
- }
- else {
- if (wc_AesCfbDecrypt(aes, out, in, (word32)len) != 0) {
- WOLFSSL_MSG("Error with AES CBC decrypt");
- return;
- }
- }
-
- /* to be compatible copy iv to iv buffer after completing operation */
- XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
-
- /* store number of left over bytes to num */
- *num = (aes->left)? AES_BLOCK_SIZE - aes->left : 0;
-#endif /* WOLFSSL_AES_CFB */
-}
-
-/* wc_AesKey*Wrap_ex API not available in FIPS and SELFTEST */
-#if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen)
-{
- int ret;
-
- WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
-
- if (out == NULL || in == NULL) {
- WOLFSSL_MSG("Error, Null argument passed in");
- return WOLFSSL_FAILURE;
- }
-
- ret = wc_AesKeyWrap_ex((Aes*)key, in, inlen, out, inlen + KEYWRAP_BLOCK_SIZE, iv);
-
- return ret < 0 ? WOLFSSL_FAILURE : ret;
-}
-
-int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
- unsigned char *out,
- const unsigned char *in, unsigned int inlen)
-{
- int ret;
-
- WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
-
- if (out == NULL || in == NULL) {
- WOLFSSL_MSG("Error, Null argument passed in");
- return WOLFSSL_FAILURE;
- }
-
- ret = wc_AesKeyUnWrap_ex((Aes*)key, in, inlen, out, inlen + KEYWRAP_BLOCK_SIZE, iv);
-
- return ret < 0 ? WOLFSSL_FAILURE : ret;
-}
-#endif /* HAVE_AES_KEYWRAP && !HAVE_FIPS && !HAVE_SELFTEST */
-
-#ifdef HAVE_CTS
-/*
- * Ciphertext stealing interface compatible with RFC2040 and RFC3962.
- */
-size_t wolfSSL_CRYPTO_cts128_encrypt(const unsigned char *in,
- unsigned char *out, size_t len, const void *key,
- unsigned char *iv, WOLFSSL_CBC128_CB cbc)
-{
- byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
- int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
- WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_encrypt");
-
- if (in == NULL || out == NULL || len < WOLFSSL_CTS128_BLOCK_SZ ||
- cbc == NULL) {
- WOLFSSL_MSG("Bad parameter");
- return WOLFSSL_FAILURE;
- }
-
- if (lastBlkLen == 0)
- lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
-
- /* Encrypt data up to last block */
- (*cbc)(in, out, len - lastBlkLen, key, iv, AES_ENCRYPT);
-
- /* Move to last block */
- in += len - lastBlkLen;
- out += len - lastBlkLen;
-
- /* RFC2040: Pad Pn with zeros at the end to create P of length BB. */
- XMEMCPY(lastBlk, in, lastBlkLen);
- XMEMSET(lastBlk + lastBlkLen, 0, WOLFSSL_CTS128_BLOCK_SZ - lastBlkLen);
- /* RFC2040: Select the first Ln bytes of En-1 to create Cn */
- XMEMCPY(out, out - WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
- (*cbc)(lastBlk, out - WOLFSSL_CTS128_BLOCK_SZ, WOLFSSL_CTS128_BLOCK_SZ,
- key, iv, AES_ENCRYPT);
-
- return len;
-}
-
-size_t wolfSSL_CRYPTO_cts128_decrypt(const unsigned char *in,
- unsigned char *out, size_t len, const void *key,
- unsigned char *iv, WOLFSSL_CBC128_CB cbc)
-{
- byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
- byte prevBlk[WOLFSSL_CTS128_BLOCK_SZ];
- int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
- WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_decrypt");
-
- if (in == NULL || out == NULL || len <= WOLFSSL_CTS128_BLOCK_SZ ||
- cbc == NULL) {
- WOLFSSL_MSG("Bad parameter");
- return WOLFSSL_FAILURE;
- }
-
- if (lastBlkLen == 0)
- lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
-
- /* Decrypt up to last two blocks */
- (*cbc)(in, out, len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ, key, iv,
- AES_DECRYPTION);
-
- /* Move to last two blocks */
- in += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
- out += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
-
- /* RFC2040: Decrypt Cn-1 to create Dn.
- * Use 0 buffer as IV to do straight decryption.
- * This places the Cn-1 block at lastBlk */
- XMEMSET(lastBlk, 0, WOLFSSL_CTS128_BLOCK_SZ);
- (*cbc)(in, prevBlk, WOLFSSL_CTS128_BLOCK_SZ, key, lastBlk, AES_DECRYPT);
- /* RFC2040: Append the tail (BB minus Ln) bytes of Xn to Cn
- * to create En. */
- XMEMCPY(prevBlk, in + WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
- /* Cn and Cn-1 can now be decrypted */
- (*cbc)(prevBlk, out, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
- (*cbc)(lastBlk, lastBlk, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
- XMEMCPY(out + WOLFSSL_CTS128_BLOCK_SZ, lastBlk, lastBlkLen);
- return len;
-}
-#endif /* HAVE_CTS */
-#endif /* NO_AES */
-
#endif /* OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
@@ -25174,6 +22637,38 @@ error:
return NULL;
}
+
+WOLFSSL_STACK* wolfSSL_shallow_sk_dup(WOLFSSL_STACK* sk)
+{
+
+ WOLFSSL_STACK* ret = NULL;
+ WOLFSSL_STACK** prev = &ret;
+
+ WOLFSSL_ENTER("wolfSSL_shallow_sk_dup");
+
+ for (; sk != NULL; sk = sk->next) {
+ WOLFSSL_STACK* cur = wolfSSL_sk_new_node(sk->heap);
+
+ if (!cur) {
+ WOLFSSL_MSG("wolfSSL_sk_new_node error");
+ goto error;
+ }
+
+ XMEMCPY(cur, sk, sizeof(WOLFSSL_STACK));
+ cur->next = NULL;
+
+ *prev = cur;
+ prev = &cur->next;
+ }
+ return ret;
+
+error:
+ if (ret) {
+ wolfSSL_sk_free(ret);
+ }
+ return NULL;
+}
+
/* Free the just the stack structure */
void wolfSSL_sk_free(WOLFSSL_STACK* sk)
{
@@ -25510,7 +23005,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
/* ServerID len | ServerID */
size += OPAQUE16_LEN + sess->idLen;
#endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
/* session context ID len | session context ID */
size += OPAQUE8_LEN + sess->sessionCtxSz;
#endif
@@ -25590,7 +23085,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
XMEMCPY(data + idx, sess->serverID, sess->idLen);
idx += sess->idLen;
#endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
data[idx++] = sess->sessionCtxSz;
XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz);
idx += sess->sessionCtxSz;
@@ -25770,7 +23265,7 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
}
XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen;
#endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
/* byte for length of session context ID */
if (i - idx < OPAQUE8_LEN) {
ret = BUFFER_ERROR;
@@ -25949,6 +23444,20 @@ long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess)
return timeout;
}
+long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
+{
+ word32 tmptime;
+
+ ses = ClientSessionToSession(ses);
+ if (ses == NULL || t < 0) {
+ return BAD_FUNC_ARG;
+ }
+
+ tmptime = t & 0xFFFFFFFF;
+ ses->timeout = tmptime;
+
+ return WOLFSSL_SUCCESS;
+}
long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
{
@@ -25960,19 +23469,15 @@ long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
return bornOn;
}
-long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
+long wolfSSL_SESSION_set_time(WOLFSSL_SESSION *ses, long t)
{
- word32 tmptime;
ses = ClientSessionToSession(ses);
if (ses == NULL || t < 0) {
- return BAD_FUNC_ARG;
+ return 0;
}
-
- tmptime = t & 0xFFFFFFFF;
- ses->timeout = tmptime;
-
- return WOLFSSL_SUCCESS;
+ ses->bornOn = (word32)t;
+ return t;
}
#endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */
@@ -26103,7 +23608,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
/* oidCertNameType */
{ NID_commonName, NID_commonName, oidCertNameType, "CN", "commonName"},
+#if !defined(WOLFSSL_CERT_REQ)
{ NID_surname, NID_surname, oidCertNameType, "SN", "surname"},
+#endif
{ NID_serialNumber, NID_serialNumber, oidCertNameType, "serialNumber",
"serialNumber"},
{ NID_userId, NID_userId, oidCertNameType, "UID", "userid"},
@@ -26187,6 +23694,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
{ NID_sha3_512, SHA3_512h, oidHashType, "SHA3-512", "sha3-512"},
#endif
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ { NID_sm3, SM3h, oidHashType, "SM3", "sm3"},
+ #endif
/* oidSigType */
#ifndef NO_DSA
#ifndef NO_SHA
@@ -26359,6 +23869,10 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
{ NID_brainpoolP320r1, ECC_BRAINPOOLP320R1_OID, oidCurveType, "brainpoolP320r1", "brainpoolP320r1"},
{ NID_brainpoolP384r1, ECC_BRAINPOOLP384R1_OID, oidCurveType, "brainpoolP384r1", "brainpoolP384r1"},
{ NID_brainpoolP512r1, ECC_BRAINPOOLP512R1_OID, oidCurveType, "brainpoolP512r1", "brainpoolP512r1"},
+
+ #ifdef WOLFSSL_SM2
+ { NID_sm2, ECC_SM2P256V1_OID, oidCurveType, "sm2", "sm2"},
+ #endif
#endif /* HAVE_ECC */
/* oidBlkType */
@@ -26461,724 +23975,6 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
const size_t wolfssl_object_info_sz = WOLFSSL_OBJECT_INFO_SZ;
#endif
-#ifdef OPENSSL_EXTRA
-WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void)
-{
- WOLFSSL_HMAC_CTX* hmac_ctx = (WOLFSSL_HMAC_CTX*)XMALLOC(
- sizeof(WOLFSSL_HMAC_CTX), NULL, DYNAMIC_TYPE_OPENSSL);
- if (hmac_ctx != NULL) {
- XMEMSET(hmac_ctx, 0, sizeof(WOLFSSL_HMAC_CTX));
- }
- return hmac_ctx;
-}
-
-int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx)
-{
- WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init");
-
- if (ctx != NULL) {
- /* wc_HmacSetKey sets up ctx->hmac */
- XMEMSET(ctx, 0, sizeof(WOLFSSL_HMAC_CTX));
- }
-
- return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
- int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e)
-{
- WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex");
-
- /* WOLFSSL_ENGINE not used, call wolfSSL_HMAC_Init */
- (void)e;
- return wolfSSL_HMAC_Init(ctx, key, keylen, type);
-}
-
-
-/* helper function for Deep copy of internal wolfSSL hmac structure
- * returns WOLFSSL_SUCCESS on success */
-int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
-{
- void* heap;
- int ret;
-
-#ifndef HAVE_FIPS
- heap = src->heap;
-#else
- heap = NULL;
-#endif
- if (wc_HmacInit(des, heap, 0) != 0) {
- return WOLFSSL_FAILURE;
- }
-
- /* requires that hash structures have no dynamic parts to them */
- switch (src->macType) {
- #ifndef NO_MD5
- case WC_MD5:
- ret = wc_Md5Copy(&src->hash.md5, &des->hash.md5);
- break;
- #endif /* !NO_MD5 */
-
- #ifndef NO_SHA
- case WC_SHA:
- ret = wc_ShaCopy(&src->hash.sha, &des->hash.sha);
- break;
- #endif /* !NO_SHA */
-
- #ifdef WOLFSSL_SHA224
- case WC_SHA224:
- ret = wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
- break;
- #endif /* WOLFSSL_SHA224 */
-
- #ifndef NO_SHA256
- case WC_SHA256:
- ret = wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
- break;
- #endif /* !NO_SHA256 */
-
- #ifdef WOLFSSL_SHA384
- case WC_SHA384:
- ret = wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
- break;
- #endif /* WOLFSSL_SHA384 */
- #ifdef WOLFSSL_SHA512
- case WC_SHA512:
- ret = wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
- break;
- #endif /* WOLFSSL_SHA512 */
-#ifdef WOLFSSL_SHA3
- #ifndef WOLFSSL_NOSHA3_224
- case WC_SHA3_224:
- ret = wc_Sha3_224_Copy(&src->hash.sha3, &des->hash.sha3);
- break;
- #endif /* WOLFSSL_NO_SHA3_224 */
- #ifndef WOLFSSL_NOSHA3_256
- case WC_SHA3_256:
- ret = wc_Sha3_256_Copy(&src->hash.sha3, &des->hash.sha3);
- break;
- #endif /* WOLFSSL_NO_SHA3_256 */
- #ifndef WOLFSSL_NOSHA3_384
- case WC_SHA3_384:
- ret = wc_Sha3_384_Copy(&src->hash.sha3, &des->hash.sha3);
- break;
- #endif /* WOLFSSL_NO_SHA3_384 */
- #ifndef WOLFSSL_NOSHA3_512
- case WC_SHA3_512:
- ret = wc_Sha3_512_Copy(&src->hash.sha3, &des->hash.sha3);
- break;
- #endif /* WOLFSSL_NO_SHA3_512 */
-#endif /* WOLFSSL_SHA3 */
-
- default:
- return WOLFSSL_FAILURE;
- }
-
- if (ret != 0)
- return WOLFSSL_FAILURE;
-
- XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
- XMEMCPY((byte*)des->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
- XMEMCPY((byte*)des->innerHash, (byte*)src->innerHash, WC_MAX_DIGEST_SIZE);
-#ifndef HAVE_FIPS
- des->heap = heap;
-#endif
- des->macType = src->macType;
- des->innerHashKeyed = src->innerHashKeyed;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
- XMEMCPY(&des->asyncDev, &src->asyncDev, sizeof(WC_ASYNC_DEV));
- des->keyLen = src->keyLen;
- #ifdef HAVE_CAVIUM
- des->data = (byte*)XMALLOC(src->dataLen, des->heap,
- DYNAMIC_TYPE_HMAC);
- if (des->data == NULL) {
- return BUFFER_E;
- }
- XMEMCPY(des->data, src->data, src->dataLen);
- des->dataLen = src->dataLen;
- #endif /* HAVE_CAVIUM */
-#endif /* WOLFSSL_ASYNC_CRYPT */
- return WOLFSSL_SUCCESS;
-}
-
-
-/* Deep copy of information from src to des structure
- *
- * des destination to copy information to
- * src structure to get information from
- *
- * Returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error
- */
-int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
-{
- WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy");
-
- if (des == NULL || src == NULL) {
- return WOLFSSL_FAILURE;
- }
-
- des->type = src->type;
- XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad,
- WC_HMAC_BLOCK_SIZE);
- XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad,
- WC_HMAC_BLOCK_SIZE);
-
- return wolfSSL_HmacCopy(&des->hmac, &src->hmac);
-}
-
-
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-static int _HMAC_Init(Hmac* hmac, int type, void* heap)
-{
- int ret = 0;
-
- switch (type) {
- #ifndef NO_MD5
- case WC_MD5:
- ret = wc_InitMd5(&hmac->hash.md5);
- break;
- #endif /* !NO_MD5 */
-
- #ifndef NO_SHA
- case WC_SHA:
- ret = wc_InitSha(&hmac->hash.sha);
- break;
- #endif /* !NO_SHA */
-
- #ifdef WOLFSSL_SHA224
- case WC_SHA224:
- ret = wc_InitSha224(&hmac->hash.sha224);
- break;
- #endif /* WOLFSSL_SHA224 */
-
- #ifndef NO_SHA256
- case WC_SHA256:
- ret = wc_InitSha256(&hmac->hash.sha256);
- break;
- #endif /* !NO_SHA256 */
-
- #ifdef WOLFSSL_SHA384
- case WC_SHA384:
- ret = wc_InitSha384(&hmac->hash.sha384);
- break;
- #endif /* WOLFSSL_SHA384 */
- #ifdef WOLFSSL_SHA512
- case WC_SHA512:
- ret = wc_InitSha512(&hmac->hash.sha512);
- break;
- #endif /* WOLFSSL_SHA512 */
-
- #ifdef WOLFSSL_SHA3
- case WC_SHA3_224:
- ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID);
- break;
- case WC_SHA3_256:
- ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID);
- break;
- case WC_SHA3_384:
- ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID);
- break;
- case WC_SHA3_512:
- ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID);
- break;
- #endif
-
- default:
- ret = BAD_FUNC_ARG;
- break;
- }
-
- (void)heap;
-
- return ret;
-}
-
-#else
- #define _HMAC_Init _InitHmac
-#endif
-
-
-int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
- const EVP_MD* type)
-{
- int hmac_error = 0;
- void* heap = NULL;
- int inited;
-
- WOLFSSL_MSG("wolfSSL_HMAC_Init");
-
- if (ctx == NULL) {
- WOLFSSL_MSG("no ctx on init");
- return WOLFSSL_FAILURE;
- }
-
-#ifndef HAVE_FIPS
- heap = ctx->hmac.heap;
-#endif
-
- if (type) {
- WOLFSSL_MSG("init has type");
-
-#ifndef NO_MD5
- if (XSTRNCMP(type, "MD5", 3) == 0) {
- WOLFSSL_MSG("md5 hmac");
- ctx->type = WC_MD5;
- }
- else
-#endif
-#ifdef WOLFSSL_SHA224
- if (XSTRNCMP(type, "SHA224", 6) == 0) {
- WOLFSSL_MSG("sha224 hmac");
- ctx->type = WC_SHA224;
- }
- else
-#endif
-#ifndef NO_SHA256
- if (XSTRNCMP(type, "SHA256", 6) == 0) {
- WOLFSSL_MSG("sha256 hmac");
- ctx->type = WC_SHA256;
- }
- else
-#endif
-#ifdef WOLFSSL_SHA384
- if (XSTRNCMP(type, "SHA384", 6) == 0) {
- WOLFSSL_MSG("sha384 hmac");
- ctx->type = WC_SHA384;
- }
- else
-#endif
-#ifdef WOLFSSL_SHA512
- if (XSTRNCMP(type, "SHA512", 6) == 0) {
- WOLFSSL_MSG("sha512 hmac");
- ctx->type = WC_SHA512;
- }
- else
-#endif
-#ifdef WOLFSSL_SHA3
- #ifndef WOLFSSL_NOSHA3_224
- if (XSTRNCMP(type, "SHA3_224", 8) == 0) {
- WOLFSSL_MSG("sha3_224 hmac");
- ctx->type = WC_SHA3_224;
- }
- else
- #endif
- #ifndef WOLFSSL_NOSHA3_256
- if (XSTRNCMP(type, "SHA3_256", 8) == 0) {
- WOLFSSL_MSG("sha3_256 hmac");
- ctx->type = WC_SHA3_256;
- }
- else
- #endif
- if (XSTRNCMP(type, "SHA3_384", 8) == 0) {
- WOLFSSL_MSG("sha3_384 hmac");
- ctx->type = WC_SHA3_384;
- }
- else
- #ifndef WOLFSSL_NOSHA3_512
- if (XSTRNCMP(type, "SHA3_512", 8) == 0) {
- WOLFSSL_MSG("sha3_512 hmac");
- ctx->type = WC_SHA3_512;
- }
- else
- #endif
-#endif
-
-#ifndef NO_SHA
- /* has to be last since would pick or 256, 384, or 512 too */
- if (XSTRNCMP(type, "SHA", 3) == 0) {
- WOLFSSL_MSG("sha hmac");
- ctx->type = WC_SHA;
- }
- else
-#endif
- {
- WOLFSSL_MSG("bad init type");
- return WOLFSSL_FAILURE;
- }
- }
-
- /* Check if init has been called before */
- inited = (ctx->hmac.macType != WC_HASH_TYPE_NONE);
- /* Free if needed */
- if (inited) {
- wc_HmacFree(&ctx->hmac);
- }
- if (key != NULL) {
- WOLFSSL_MSG("keying hmac");
-
- if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
- hmac_error = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key,
- (word32)keylen);
- if (hmac_error < 0){
- /* in FIPS mode a key < 14 characters will fail here */
- WOLFSSL_MSG("hmac set key error");
- WOLFSSL_ERROR(hmac_error);
- wc_HmacFree(&ctx->hmac);
- return WOLFSSL_FAILURE;
- }
- XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
- WC_HMAC_BLOCK_SIZE);
- XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
- WC_HMAC_BLOCK_SIZE);
- }
- /* OpenSSL compat, no error */
- }
- else if (!inited) {
- return WOLFSSL_FAILURE;
- }
- else if (ctx->type >= 0) { /* MD5 == 0 */
- WOLFSSL_MSG("recover hmac");
- if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
- ctx->hmac.macType = (byte)ctx->type;
- ctx->hmac.innerHashKeyed = 0;
- XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
- WC_HMAC_BLOCK_SIZE);
- XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
- WC_HMAC_BLOCK_SIZE);
- if ((hmac_error = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap))
- !=0) {
- WOLFSSL_MSG("hmac init error");
- WOLFSSL_ERROR(hmac_error);
- return WOLFSSL_FAILURE;
- }
- }
- }
-
- (void)hmac_error;
-
- return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
- int len)
-{
- WOLFSSL_MSG("wolfSSL_HMAC_Update");
-
- if (ctx == NULL) {
- WOLFSSL_MSG("no ctx");
- return WOLFSSL_FAILURE;
- }
-
- if (data) {
- int hmac_error = 0;
-
- WOLFSSL_MSG("updating hmac");
- hmac_error = wc_HmacUpdate(&ctx->hmac, data, (word32)len);
- if (hmac_error < 0){
- WOLFSSL_MSG("hmac update error");
- return WOLFSSL_FAILURE;
- }
- }
-
- return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
- unsigned int* len)
-{
- int hmac_error;
-
- WOLFSSL_MSG("wolfSSL_HMAC_Final");
-
- /* "len" parameter is optional. */
- if (ctx == NULL || hash == NULL) {
- WOLFSSL_MSG("invalid parameter");
- return WOLFSSL_FAILURE;
- }
-
- WOLFSSL_MSG("final hmac");
- hmac_error = wc_HmacFinal(&ctx->hmac, hash);
- if (hmac_error < 0){
- WOLFSSL_MSG("final hmac error");
- return WOLFSSL_FAILURE;
- }
-
- if (len) {
- WOLFSSL_MSG("setting output len");
- switch (ctx->type) {
- #ifndef NO_MD5
- case WC_MD5:
- *len = WC_MD5_DIGEST_SIZE;
- break;
- #endif
-
- #ifndef NO_SHA
- case WC_SHA:
- *len = WC_SHA_DIGEST_SIZE;
- break;
- #endif
-
- #ifdef WOLFSSL_SHA224
- case WC_SHA224:
- *len = WC_SHA224_DIGEST_SIZE;
- break;
- #endif
-
- #ifndef NO_SHA256
- case WC_SHA256:
- *len = WC_SHA256_DIGEST_SIZE;
- break;
- #endif
-
- #ifdef WOLFSSL_SHA384
- case WC_SHA384:
- *len = WC_SHA384_DIGEST_SIZE;
- break;
- #endif
-
- #ifdef WOLFSSL_SHA512
- case WC_SHA512:
- *len = WC_SHA512_DIGEST_SIZE;
- break;
- #endif
-
- #ifdef WOLFSSL_SHA3
- #ifndef WOLFSSL_NOSHA3_224
- case WC_SHA3_224:
- *len = WC_SHA3_224_DIGEST_SIZE;
- break;
- #endif
- #ifndef WOLFSSL_NOSHA3_256
- case WC_SHA3_256:
- *len = WC_SHA3_256_DIGEST_SIZE;
- break;
- #endif
- #ifndef WOLFSSL_NOSHA3_384
- case WC_SHA3_384:
- *len = WC_SHA3_384_DIGEST_SIZE;
- break;
- #endif
- #ifndef WOLFSSL_NOSHA3_512
- case WC_SHA3_512:
- *len = WC_SHA3_512_DIGEST_SIZE;
- break;
- #endif
- #endif
-
- default:
- WOLFSSL_MSG("bad hmac type");
- return WOLFSSL_FAILURE;
- }
- }
-
- return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx)
-{
- WOLFSSL_MSG("wolfSSL_HMAC_cleanup");
-
- if (ctx) {
- wc_HmacFree(&ctx->hmac);
- }
-
- return WOLFSSL_SUCCESS;
-}
-
-void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx)
-{
- if (ctx) {
- wolfSSL_HMAC_cleanup(ctx);
- }
-}
-
-void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx)
-{
- if (ctx) {
- wolfSSL_HMAC_CTX_cleanup(ctx);
- XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
- }
-}
-
-size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx)
-{
- if (!ctx) {
- return 0;
- }
-
- return (size_t)wc_HashGetDigestSize((enum wc_HashType)ctx->hmac.macType);
-}
-
-const WOLFSSL_EVP_MD *wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX *ctx)
-{
- if (!ctx) {
- return NULL;
- }
-
- return wolfSSL_macType2EVP_md((enum wc_HashType)ctx->type);
-}
-
-#if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
- defined(WOLFSSL_AES_DIRECT)
-WOLFSSL_CMAC_CTX* wolfSSL_CMAC_CTX_new(void)
-{
- WOLFSSL_CMAC_CTX* ctx = NULL;
-
- ctx = (WOLFSSL_CMAC_CTX*)XMALLOC(sizeof(WOLFSSL_CMAC_CTX), NULL,
- DYNAMIC_TYPE_OPENSSL);
- if (ctx != NULL) {
- ctx->internal = (Cmac*)XMALLOC(sizeof(Cmac), NULL, DYNAMIC_TYPE_CMAC);
- if (ctx->internal == NULL) {
- XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
- ctx = NULL;
- }
- }
- if (ctx != NULL) {
- ctx->cctx = wolfSSL_EVP_CIPHER_CTX_new();
- if (ctx->cctx == NULL) {
- XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
- XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
- ctx = NULL;
- }
- }
-
- return ctx;
-}
-
-void wolfSSL_CMAC_CTX_free(WOLFSSL_CMAC_CTX *ctx)
-{
- if (ctx != NULL) {
- if (ctx->internal != NULL) {
- XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
- }
- if (ctx->cctx != NULL) {
- wolfSSL_EVP_CIPHER_CTX_free(ctx->cctx);
- }
- XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
- }
-}
-
-WOLFSSL_EVP_CIPHER_CTX* wolfSSL_CMAC_CTX_get0_cipher_ctx(WOLFSSL_CMAC_CTX* ctx)
-{
- WOLFSSL_EVP_CIPHER_CTX* cctx = NULL;
-
- if (ctx != NULL) {
- cctx = ctx->cctx;
- }
-
- return cctx;
-}
-
-int wolfSSL_CMAC_Init(WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keyLen,
- const WOLFSSL_EVP_CIPHER* cipher, WOLFSSL_ENGINE* engine)
-{
- int ret = WOLFSSL_SUCCESS;
-
- (void)engine;
-
- WOLFSSL_ENTER("wolfSSL_CMAC_Init");
-
- if (ctx == NULL || cipher == NULL || (
- cipher != EVP_AES_128_CBC &&
- cipher != EVP_AES_192_CBC &&
- cipher != EVP_AES_256_CBC)) {
- ret = WOLFSSL_FAILURE;
- }
-
- if (ret == WOLFSSL_SUCCESS) {
- /* Check input keyLen matches input cipher. */
- if ((int) keyLen != wolfSSL_EVP_Cipher_key_length(cipher)) {
- ret = WOLFSSL_FAILURE;
- }
- }
-
- if (ret == WOLFSSL_SUCCESS) {
- ret = wc_InitCmac((Cmac*)ctx->internal, (const byte*)key,
- (word32)keyLen, WC_CMAC_AES, NULL);
- if (ret != 0) {
- ret = WOLFSSL_FAILURE;
- }
- else {
- ret = WOLFSSL_SUCCESS;
- }
- }
- if (ret == WOLFSSL_SUCCESS) {
- ret = wolfSSL_EVP_CipherInit(ctx->cctx, cipher, (const byte*)key, NULL,
- 1);
- }
-
- WOLFSSL_LEAVE("wolfSSL_CMAC_Init", ret);
-
- return ret;
-}
-
-int wolfSSL_CMAC_Update(WOLFSSL_CMAC_CTX* ctx, const void* data, size_t len)
-{
- int ret = WOLFSSL_SUCCESS;
-
- WOLFSSL_ENTER("wolfSSL_CMAC_Update");
-
- if (ctx == NULL || ctx->internal == NULL) {
- ret = WOLFSSL_FAILURE;
- }
-
- if (ret == WOLFSSL_SUCCESS) {
- if (data) {
- ret = wc_CmacUpdate((Cmac*)ctx->internal, (const byte*)data,
- (word32)len);
- if (ret != 0){
- ret = WOLFSSL_FAILURE;
- }
- else {
- ret = WOLFSSL_SUCCESS;
- }
- }
- }
-
- WOLFSSL_LEAVE("wolfSSL_CMAC_Update", ret);
-
- return ret;
-}
-
-int wolfSSL_CMAC_Final(WOLFSSL_CMAC_CTX* ctx, unsigned char* out,
- size_t* len)
-{
- int ret = WOLFSSL_SUCCESS;
- int blockSize;
-
- WOLFSSL_ENTER("wolfSSL_CMAC_Final");
-
- if (ctx == NULL || ctx->cctx == NULL || ctx->internal == NULL ||
- len == NULL) {
- ret = WOLFSSL_FAILURE;
- }
-
- if (ret == WOLFSSL_SUCCESS) {
- blockSize = EVP_CIPHER_CTX_block_size(ctx->cctx);
- if (blockSize <= 0) {
- ret = WOLFSSL_FAILURE;
- }
- else {
- *len = blockSize;
- }
- }
- if (ret == WOLFSSL_SUCCESS) {
- word32 len32 = (word32)*len;
-
- ret = wc_CmacFinal((Cmac*)ctx->internal, out, &len32);
- *len = (size_t)len32;
- if (ret != 0) {
- ret = WOLFSSL_FAILURE;
- }
- else {
- ret = WOLFSSL_SUCCESS;
- }
- }
-
- WOLFSSL_LEAVE("wolfSSL_CMAC_Final", ret);
-
- return ret;
-}
-#endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
-#endif /* OPENSSL_EXTRA */
-
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Free the dynamically allocated data.
*
@@ -27631,6 +24427,9 @@ struct WOLFSSL_HashSigInfo {
{ sha_mac, ecc_dsa_sa_algo, CTC_SHAwECDSA },
#endif
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ { sm3_mac, sm2_sa_algo, CTC_SM3wSM2 },
+#endif
#ifdef HAVE_ED25519
{ no_mac, ed25519_sa_algo, CTC_ED25519 },
#endif
@@ -27868,8 +24667,8 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, WOLFSSL_EVP_PKEY **key,
WOLFSSL_ENTER("wolfSSL_PEM_read_PUBKEY");
- if (pem_read_file_key(fp, cb, pass, PUBLICKEY_TYPE, &keyFormat, &der)
- >= 0) {
+ if ((pem_read_file_key(fp, cb, pass, PUBLICKEY_TYPE, &keyFormat, &der)
+ >= 0) && (der != NULL)) {
const unsigned char* ptr = der->buffer;
/* handle case where reuse is attempted */
@@ -29631,7 +26430,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
return obj_info->sName;
}
}
- WOLFSSL_MSG("SN not found");
+ WOLFSSL_MSG_EX("SN not found (nid:%d)",n);
return NULL;
}
@@ -30917,12 +27716,16 @@ static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx,
#endif
) {
if (get) {
- *getRet = wolfSSL_CRYPTO_get_ex_data(
+ if (getRet) {
+ *getRet = wolfSSL_CRYPTO_get_ex_data(
&cacheSession->ex_data, idx);
+ }
}
else {
- *setRet = wolfSSL_CRYPTO_set_ex_data(
+ if (setRet) {
+ *setRet = wolfSSL_CRYPTO_set_ex_data(
&cacheSession->ex_data, idx, data);
+ }
}
foundCache = 1;
break;
@@ -31030,7 +27833,8 @@ int wolfSSL_SESSION_get_ex_new_index(long ctx_l,void* ctx_ptr,
}
#endif
-#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_DEBUG_MEMORY)
+#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_DEBUG_MEMORY) && \
+ !defined(WOLFSSL_STATIC_MEMORY)
static wolfSSL_OSSL_Malloc_cb ossl_malloc = NULL;
static wolfSSL_OSSL_Free_cb ossl_free = NULL;
static wolfSSL_OSSL_Realloc_cb ossl_realloc = NULL;
@@ -31056,14 +27860,15 @@ static void* OSSL_Realloc(void *ptr, size_t size)
else
return NULL;
}
-#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_DEBUG_MEMORY */
+#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_DEBUG_MEMORY &&
+ * !WOLFSSL_STATIC_MEMORY */
int wolfSSL_CRYPTO_set_mem_functions(
wolfSSL_OSSL_Malloc_cb m,
wolfSSL_OSSL_Realloc_cb r,
wolfSSL_OSSL_Free_cb f)
{
-#ifdef USE_WOLFSSL_MEMORY
+#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
#ifdef WOLFSSL_DEBUG_MEMORY
WOLFSSL_MSG("mem functions will receive function name instead of "
"file name");
@@ -31242,9 +28047,8 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
#else
(void)ret;
#endif
- if (ssl->ctx) {
+ if (ssl->ctx != NULL)
wolfSSL_CTX_free(ssl->ctx);
- }
ssl->ctx = ctx;
#ifndef NO_CERTS
@@ -31270,7 +28074,7 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
ssl->options.haveDilithiumSig = ctx->haveDilithiumSig;
#endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
/* copy over application session context ID */
ssl->sessionCtxSz = ctx->sessionCtxSz;
XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz);
@@ -31446,6 +28250,12 @@ const byte* wolfSSL_SESSION_get_id(const WOLFSSL_SESSION* sess,
WOLFSSL_MSG("Bad func args. Please provide idLen");
return NULL;
}
+#ifdef HAVE_SESSION_TICKET
+ if (sess->haveAltSessionID) {
+ *idLen = ID_LEN;
+ return sess->altSessionID;
+ }
+#endif
*idLen = sess->sessionIDSz;
return sess->sessionID;
}
@@ -32862,13 +29672,17 @@ int wolfSSL_SSL_in_init(WOLFSSL *ssl)
{
WOLFSSL_ENTER("wolfSSL_SSL_in_init");
+ return !wolfSSL_is_init_finished(ssl);
+}
+
+int wolfSSL_SSL_in_before(const WOLFSSL *ssl)
+{
+ WOLFSSL_ENTER("wolfSSL_SSL_in_before");
+
if (ssl == NULL)
return WOLFSSL_FAILURE;
- if (ssl->options.side == WOLFSSL_CLIENT_END) {
- return ssl->options.connectState < SECOND_REPLY_DONE;
- }
- return ssl->options.acceptState < ACCEPT_THIRD_REPLY_DONE;
+ return ssl->options.handShakeState == NULL_STATE;
}
int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl)
@@ -33038,6 +29852,8 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl,
end:
(void)wc_HmacFree(&hmacCtx.hmac);
+ (void)wolfSSL_EVP_CIPHER_CTX_cleanup(evpCtx);
+
#ifdef WOLFSSL_SMALL_STACK
XFREE(evpCtx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
@@ -33230,8 +30046,7 @@ int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, WOLF_STACK_OF(X509)** ch
/* Create a new stack of WOLFSSL_X509 object from chain buffer. */
for (idx = 0; idx < ctx->certChain->length; ) {
- node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL,
- DYNAMIC_TYPE_OPENSSL);
+ node = wolfSSL_sk_X509_new_null();
if (node == NULL)
return WOLFSSL_FAILURE;
node->next = NULL;
@@ -33318,8 +30133,11 @@ int wolfSSL_CTX_get0_chain_certs(WOLFSSL_CTX *ctx,
WOLFSSL_MSG("Bad parameter");
return WOLFSSL_FAILURE;
}
- *sk = ctx->x509Chain;
- return WOLFSSL_SUCCESS;
+
+ /* This function should return ctx->x509Chain if it is populated, otherwise
+ it should be populated from ctx->certChain. This matches the behavior of
+ wolfSSL_CTX_get_extra_chain_certs, so it is used directly. */
+ return wolfSSL_CTX_get_extra_chain_certs(ctx, sk);
}
#ifdef KEEP_OUR_CERT
@@ -33438,6 +30256,20 @@ int wolfSSL_select_next_proto(unsigned char **out, unsigned char *outLen,
return OPENSSL_NPN_NO_OVERLAP;
}
+void wolfSSL_set_alpn_select_cb(WOLFSSL *ssl,
+ int (*cb) (WOLFSSL *ssl,
+ const unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg)
+{
+ if (ssl != NULL) {
+ ssl->alpnSelect = cb;
+ ssl->alpnSelectArg = arg;
+ }
+}
+
void wolfSSL_CTX_set_alpn_select_cb(WOLFSSL_CTX *ctx,
int (*cb) (WOLFSSL *ssl,
const unsigned char **out,
@@ -33494,9 +30326,20 @@ void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 curve_id)
{
- return (curve_id <= WOLFSSL_ECC_MAX &&
- ssl->disabledCurves &&
- ssl->disabledCurves & (1 << curve_id));
+ if (curve_id >= WOLFSSL_FFDHE_START) {
+ /* DH parameters are never disabled. */
+ return 0;
+ }
+ if (curve_id > WOLFSSL_ECC_MAX_AVAIL) {
+ WOLFSSL_MSG("Curve id out of supported range");
+ /* Disabled if not in valid range. */
+ return 1;
+ }
+ if (curve_id >= 32) {
+ /* 0 is for invalid and 1-14 aren't used otherwise. */
+ return (ssl->disabledCurves & (1 << (curve_id - 32))) != 0;
+ }
+ return (ssl->disabledCurves & (1 << curve_id)) != 0;
}
#if (defined(HAVE_ECC) || \
@@ -33552,6 +30395,13 @@ static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names)
{
curve = WOLFSSL_ECC_SECP521R1;
}
+ #ifdef WOLFSSL_SM2
+ else if ((XSTRNCMP(name, "sm2p256v1", len) == 0) ||
+ (XSTRNCMP(name, "SM2", len) == 0))
+ {
+ curve = WOLFSSL_ECC_SM2P256V1;
+ }
+ #endif
#ifdef HAVE_CURVE25519
else if (XSTRNCMP(name, "X25519", len) == 0)
{
@@ -33588,10 +30438,8 @@ static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names)
#endif
}
- if (curve >= (sizeof(word32) * WOLFSSL_BIT_SIZE)) {
- /* shift left more than size of ctx->disabledCurves causes static
- * analysis report */
- WOLFSSL_MSG("curve value is too large for upcoming shift");
+ if (curve >= WOLFSSL_ECC_MAX_AVAIL) {
+ WOLFSSL_MSG("curve value is not supported");
goto leave;
}
@@ -33618,7 +30466,13 @@ static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names)
for (i = 0; i < groups_len; ++i) {
/* Switch the bit to off and therefore is enabled. */
curve = (word16)groups[i];
- disabled &= ~(1U << curve);
+ if (curve >= 32) {
+ /* 0 is for invalid and 1-14 aren't used otherwise. */
+ disabled &= ~(1U << (curve - 32));
+ }
+ else {
+ disabled &= ~(1U << curve);
+ }
#ifdef HAVE_SUPPORTED_CURVES
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_OLD_SET_CURVES_LIST)
/* using the wolfSSL API to set the groups, this will populate
@@ -33822,7 +30676,7 @@ int wolfSSL_set_alpn_protos(WOLFSSL* ssl,
const unsigned char* p, unsigned int p_len)
{
WOLFSSL_BIO* bio;
- char* pt;
+ char* pt = NULL;
unsigned int sz;
unsigned int idx = 0;
@@ -34265,6 +31119,24 @@ word32 nid2oid(int nid, int grp)
}
break;
+ /* oidCmsKeyAgreeType */
+ #ifdef WOLFSSL_CERT_REQ
+ case oidCsrAttrType:
+ switch (nid) {
+ case NID_pkcs9_contentType:
+ return PKCS9_CONTENT_TYPE_OID;
+ case NID_pkcs9_challengePassword:
+ return CHALLENGE_PASSWORD_OID;
+ case NID_serialNumber:
+ return SERIAL_NUMBER_OID;
+ case NID_userId:
+ return USER_ID_OID;
+ case NID_surname:
+ return SURNAME_OID;
+ }
+ break;
+ #endif
+
default:
WOLFSSL_MSG("NID not in table");
/* MSVC warns without the cast */
@@ -34643,7 +31515,7 @@ int oid2nid(word32 oid, int grp)
#endif
default:
- WOLFSSL_MSG("NID not in table");
+ WOLFSSL_MSG("OID not in table");
}
/* If not found in above switch then try the table */
for (i = 0; i < WOLFSSL_OBJECT_INFO_SZ; i++) {
@@ -36455,6 +33327,15 @@ int wolfSSL_RAND_poll(void)
#endif /* WOLFSSL_AES_XTS */
#endif /* NO_AES */
+#ifdef HAVE_ARIA
+ case ARIA_128_GCM_TYPE :
+ case ARIA_192_GCM_TYPE :
+ case ARIA_256_GCM_TYPE :
+ WOLFSSL_MSG("ARIA GCM");
+ XMEMCPY(ctx->iv, &ctx->cipher.aria.nonce, ARIA_BLOCK_SIZE);
+ break;
+#endif /* HAVE_ARIA */
+
#ifndef NO_DES3
case DES_CBC_TYPE :
WOLFSSL_MSG("DES CBC");
@@ -36488,6 +33369,35 @@ int wolfSSL_RAND_poll(void)
break;
#endif
+#ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+ WOLFSSL_MSG("SM4 CBC");
+ XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+ WOLFSSL_MSG("SM4 CTR");
+ XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ WOLFSSL_MSG("SM4 GCM");
+ XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ WOLFSSL_MSG("SM4 CCM");
+ XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+ break;
+#endif
+
case NULL_CIPHER_TYPE :
WOLFSSL_MSG("NULL");
break;
@@ -36548,6 +33458,15 @@ int wolfSSL_RAND_poll(void)
#endif /* NO_AES */
+#ifdef HAVE_ARIA
+ case ARIA_128_GCM_TYPE :
+ case ARIA_192_GCM_TYPE :
+ case ARIA_256_GCM_TYPE :
+ WOLFSSL_MSG("ARIA GCM");
+ XMEMCPY(&ctx->cipher.aria.nonce, ctx->iv, ARIA_BLOCK_SIZE);
+ break;
+#endif /* HAVE_ARIA */
+
#ifndef NO_DES3
case DES_CBC_TYPE :
WOLFSSL_MSG("DES CBC");
@@ -36582,6 +33501,35 @@ int wolfSSL_RAND_poll(void)
break;
#endif
+#ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+ WOLFSSL_MSG("SM4 CBC");
+ XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+ WOLFSSL_MSG("SM4 CTR");
+ XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ WOLFSSL_MSG("SM4 GCM");
+ XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ WOLFSSL_MSG("SM4 CCM");
+ XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+ break;
+#endif
+
case NULL_CIPHER_TYPE :
WOLFSSL_MSG("NULL");
break;
@@ -36734,19 +33682,14 @@ PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len)
return wolfSSL_d2i_PKCS7_ex(p7, in, len, NULL, 0);
}
-/*****************************************************************************
-* wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len
-* into a PKCS7 object. Optionally, accepts a byte buffer of content which
-* is stored as the PKCS7 object's content, to support detached signatures.
-* @param content The content which is signed, in case the signature is
-* detached. Ignored if NULL.
-* @param contentSz The size of the passed in content.
+/* This internal function is only decoding and setting up the PKCS7 struct. It
+* does not verify the PKCS7 signature.
*
* RETURNS:
* returns pointer to a PKCS7 structure on success, otherwise returns NULL
*/
-PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
- byte* content, word32 contentSz)
+static PKCS7* wolfSSL_d2i_PKCS7_only(PKCS7** p7, const unsigned char** in,
+ int len, byte* content, word32 contentSz)
{
WOLFSSL_PKCS7* pkcs7 = NULL;
@@ -36770,12 +33713,6 @@ PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
pkcs7->pkcs7.content = content;
pkcs7->pkcs7.contentSz = contentSz;
}
- if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len)
- != 0) {
- WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed");
- wolfSSL_PKCS7_free((PKCS7*)pkcs7);
- return NULL;
- }
if (p7 != NULL)
*p7 = (PKCS7*)pkcs7;
@@ -36783,6 +33720,46 @@ PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
return (PKCS7*)pkcs7;
}
+
+/*****************************************************************************
+* wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len
+* into a PKCS7 object. Optionally, accepts a byte buffer of content which
+* is stored as the PKCS7 object's content, to support detached signatures.
+* @param content The content which is signed, in case the signature is
+* detached. Ignored if NULL.
+* @param contentSz The size of the passed in content.
+*
+* RETURNS:
+* returns pointer to a PKCS7 structure on success, otherwise returns NULL
+*/
+PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
+ byte* content, word32 contentSz)
+{
+ WOLFSSL_PKCS7* pkcs7 = NULL;
+
+ WOLFSSL_ENTER("wolfSSL_d2i_PKCS7_ex");
+
+ if (in == NULL || *in == NULL || len < 0)
+ return NULL;
+
+ pkcs7 = (WOLFSSL_PKCS7*)wolfSSL_d2i_PKCS7_only(p7, in, len, content,
+ contentSz);
+ if (pkcs7 != NULL) {
+ if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len)
+ != 0) {
+ WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed");
+ wolfSSL_PKCS7_free((PKCS7*)pkcs7);
+ if (p7 != NULL) {
+ *p7 = NULL;
+ }
+ return NULL;
+ }
+ }
+
+ return (PKCS7*)pkcs7;
+}
+
+
/**
* This API was added as a helper function for libest. It
* extracts a stack of certificates from the pkcs7 object.
@@ -37177,7 +34154,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
#endif
XMEMSET(line, 0, MAX_MIME_LINE_LEN);
- while ((lineLen = wolfSSL_BIO_gets(in, line, (int)sizeof(line))) > 0) {
+ while ((lineLen = wolfSSL_BIO_gets(in, line, MAX_MIME_LINE_LEN)) > 0) {
if (line[lineLen - 1] == '\r' || line[lineLen - 1] == '\n') {
canonLineLen = (word32)lineLen;
@@ -37188,7 +34165,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
}
/* remove trailing null */
- if (canonLine[canonLineLen] == '\0') {
+ if (canonLineLen >= 1 && canonLine[canonLineLen-1] == '\0') {
canonLineLen--;
}
@@ -37562,7 +34539,7 @@ int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7)
hashType = wc_OidGetHash(p7->hashOID);
hashSz = wc_HashGetDigestSize(hashType);
if (hashSz > WC_MAX_DIGEST_SIZE)
- return WOLFSSL_FAILURE;
+ goto error;
/* only SIGNED_DATA is supported */
switch (p7->contentOID) {
@@ -37570,18 +34547,18 @@ int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7)
break;
default:
WOLFSSL_MSG("Unknown PKCS#7 Type");
- return WOLFSSL_FAILURE;
+ goto error;
};
if ((wc_PKCS7_EncodeSignedData_ex(p7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, &outputFootSz)) != 0)
- return WOLFSSL_FAILURE;
+ goto error;
outputSz = outputHeadSz + p7->contentSz + outputFootSz;
output = (byte*)XMALLOC(outputSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (!output)
- return WOLFSSL_FAILURE;
+ goto error;
XMEMSET(output, 0, outputSz);
outputSz = 0;
@@ -37777,6 +34754,9 @@ PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
}
lineLen = wolfSSL_BIO_gets(in, section, remainLen);
+ if (lineLen < 0) {
+ goto error;
+ }
while (XSTRNCMP(&section[sectionLen], boundary, boundLen) &&
remainLen > 0) {
canonLineLen = lineLen;
@@ -37951,7 +34931,7 @@ PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
WOLFSSL_MSG("Error base64 decoding S/MIME message.");
goto error;
}
- pkcs7 = wolfSSL_d2i_PKCS7_ex(NULL, (const unsigned char**)&out, outLen,
+ pkcs7 = wolfSSL_d2i_PKCS7_only(NULL, (const unsigned char**)&out, outLen,
bcontMem, bcontMemSz);
wc_MIME_free_hdrs(allHdrs);
@@ -37967,6 +34947,8 @@ error:
XFREE(section, NULL, DYNAMIC_TYPE_PKCS7);
if (canonSection != NULL)
XFREE(canonSection, NULL, DYNAMIC_TYPE_PKCS7);
+ if (canonLine != NULL)
+ XFREE(canonLine, NULL, DYNAMIC_TYPE_PKCS7);
if (bcont) {
wolfSSL_BIO_free(*bcont);
*bcont = NULL; /* reset 'bcount' pointer to NULL on failure */
@@ -38878,252 +35860,3 @@ void wolfSSL_FIPS_drbg_set_app_data(WOLFSSL_DRBG_CTX *ctx, void *app_data)
#endif /* !WOLFCRYPT_ONLY */
-/*******************************************************************************
- * START OF CRYPTO-ONLY APIs
- ******************************************************************************/
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
- defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
- defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
- defined(WOLFSSL_HAPROXY)
-
-#ifndef NO_SHA
- /* One shot SHA1 hash of message.
- *
- * d message to hash
- * n size of d buffer
- * md buffer to hold digest. Should be SHA_DIGEST_SIZE.
- *
- * Note: if md is null then a static buffer of SHA_DIGEST_SIZE is used.
- * When the static buffer is used this function is not thread safe.
- *
- * Returns a pointer to the message digest on success and NULL on failure.
- */
- unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n,
- unsigned char *md)
- {
- static byte dig[WC_SHA_DIGEST_SIZE];
- byte* ret = md;
- wc_Sha sha;
-
- WOLFSSL_ENTER("wolfSSL_SHA1");
-
- if (wc_InitSha_ex(&sha, NULL, INVALID_DEVID) != 0) {
- WOLFSSL_MSG("SHA1 Init failed");
- return NULL;
- }
-
- if (wc_ShaUpdate(&sha, (const byte*)d, (word32)n) != 0) {
- WOLFSSL_MSG("SHA1 Update failed");
- return NULL;
- }
-
- if (md == NULL) {
- WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA1 IS NOT "
- "THREAD SAFE WHEN md == NULL");
- ret = dig;
- }
- if (wc_ShaFinal(&sha, ret) != 0) {
- WOLFSSL_MSG("SHA1 Final failed");
- wc_ShaFree(&sha);
- return NULL;
- }
- wc_ShaFree(&sha);
-
- return ret;
- }
-#endif /* ! NO_SHA */
-
-#ifdef WOLFSSL_SHA224
- /* One shot SHA224 hash of message.
- *
- * d message to hash
- * n size of d buffer
- * md buffer to hold digest. Should be WC_SHA224_DIGEST_SIZE.
- *
- * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
- * When the static buffer is used this function is not thread safe.
- *
- * Returns a pointer to the message digest on success and NULL on failure.
- */
- unsigned char *wolfSSL_SHA224(const unsigned char *d, size_t n,
- unsigned char *md)
- {
- static byte dig[WC_SHA224_DIGEST_SIZE];
- byte* ret = md;
- wc_Sha256 sha;
-
- WOLFSSL_ENTER("wolfSSL_SHA224");
-
- if (wc_InitSha224_ex(&sha, NULL, INVALID_DEVID) != 0) {
- WOLFSSL_MSG("SHA224 Init failed");
- return NULL;
- }
-
- if (wc_Sha224Update(&sha, (const byte*)d, (word32)n) != 0) {
- WOLFSSL_MSG("SHA224 Update failed");
- return NULL;
- }
-
- if (md == NULL) {
- WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA224 IS NOT "
- "THREAD SAFE WHEN md == NULL");
- ret = dig;
- }
- if (wc_Sha224Final(&sha, ret) != 0) {
- WOLFSSL_MSG("SHA224 Final failed");
- wc_Sha224Free(&sha);
- return NULL;
- }
- wc_Sha224Free(&sha);
-
- return ret;
- }
-#endif
-
-#ifndef NO_SHA256
- /* One shot SHA256 hash of message.
- *
- * d message to hash
- * n size of d buffer
- * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
- *
- * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
- * When the static buffer is used this function is not thread safe.
- *
- * Returns a pointer to the message digest on success and NULL on failure.
- */
- unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n,
- unsigned char *md)
- {
- static byte dig[WC_SHA256_DIGEST_SIZE];
- byte* ret = md;
- wc_Sha256 sha;
-
- WOLFSSL_ENTER("wolfSSL_SHA256");
-
- if (wc_InitSha256_ex(&sha, NULL, INVALID_DEVID) != 0) {
- WOLFSSL_MSG("SHA256 Init failed");
- return NULL;
- }
-
- if (wc_Sha256Update(&sha, (const byte*)d, (word32)n) != 0) {
- WOLFSSL_MSG("SHA256 Update failed");
- return NULL;
- }
-
- if (md == NULL) {
- WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA256 IS NOT "
- "THREAD SAFE WHEN md == NULL");
- ret = dig;
- }
- if (wc_Sha256Final(&sha, ret) != 0) {
- WOLFSSL_MSG("SHA256 Final failed");
- wc_Sha256Free(&sha);
- return NULL;
- }
- wc_Sha256Free(&sha);
-
- return ret;
- }
-#endif /* ! NO_SHA256 */
-
-#ifdef WOLFSSL_SHA384
- /* One shot SHA384 hash of message.
- *
- * d message to hash
- * n size of d buffer
- * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
- *
- * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
- * When the static buffer is used this function is not thread safe.
- *
- * Returns a pointer to the message digest on success and NULL on failure.
- */
- unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n,
- unsigned char *md)
- {
- static byte dig[WC_SHA384_DIGEST_SIZE];
- byte* ret = md;
- wc_Sha384 sha;
-
- WOLFSSL_ENTER("wolfSSL_SHA384");
-
- if (wc_InitSha384_ex(&sha, NULL, INVALID_DEVID) != 0) {
- WOLFSSL_MSG("SHA384 Init failed");
- return NULL;
- }
-
- if (wc_Sha384Update(&sha, (const byte*)d, (word32)n) != 0) {
- WOLFSSL_MSG("SHA384 Update failed");
- return NULL;
- }
-
- if (md == NULL) {
- WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA384 IS NOT "
- "THREAD SAFE WHEN md == NULL");
- ret = dig;
- }
- if (wc_Sha384Final(&sha, ret) != 0) {
- WOLFSSL_MSG("SHA384 Final failed");
- wc_Sha384Free(&sha);
- return NULL;
- }
- wc_Sha384Free(&sha);
-
- return ret;
- }
-#endif /* WOLFSSL_SHA384 */
-
-#if defined(WOLFSSL_SHA512)
- /* One shot SHA512 hash of message.
- *
- * d message to hash
- * n size of d buffer
- * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
- *
- * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
- * When the static buffer is used this function is not thread safe.
- *
- * Returns a pointer to the message digest on success and NULL on failure.
- */
- unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n,
- unsigned char *md)
- {
- static byte dig[WC_SHA512_DIGEST_SIZE];
- byte* ret = md;
- wc_Sha512 sha;
-
- WOLFSSL_ENTER("wolfSSL_SHA512");
-
- if (wc_InitSha512_ex(&sha, NULL, INVALID_DEVID) != 0) {
- WOLFSSL_MSG("SHA512 Init failed");
- return NULL;
- }
-
- if (wc_Sha512Update(&sha, (const byte*)d, (word32)n) != 0) {
- WOLFSSL_MSG("SHA512 Update failed");
- return NULL;
- }
-
- if (md == NULL) {
- WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA512 IS NOT "
- "THREAD SAFE WHEN md == NULL");
- ret = dig;
- }
- if (wc_Sha512Final(&sha, ret) != 0) {
- WOLFSSL_MSG("SHA512 Final failed");
- wc_Sha512Free(&sha);
- return NULL;
- }
- wc_Sha512Free(&sha);
-
- return ret;
- }
-#endif /* WOLFSSL_SHA512 */
-#endif /* OPENSSL_EXTRA || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE ||
- * HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */
-
-/*******************************************************************************
- * END OF CRYPTO-ONLY APIs
- ******************************************************************************/
diff --git a/extra/wolfssl/wolfssl/src/ssl_asn1.c b/extra/wolfssl/wolfssl/src/ssl_asn1.c
index fb33a254..eecf4674 100644
--- a/extra/wolfssl/wolfssl/src/ssl_asn1.c
+++ b/extra/wolfssl/wolfssl/src/ssl_asn1.c
@@ -1139,7 +1139,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
* @param [in] len Length of number in bytes.
* @param [in, out] neg Indicates number is negative.
* @param [out] pad Number of padding bytes required.
- * @param [out] padVal Padding byte to preprend.
+ * @param [out] padVal Padding byte to prepend.
*/
static void wolfssl_asn1_integer_pad(unsigned char* data, int len,
unsigned char* neg, char* pad, unsigned char* padVal)
@@ -1606,6 +1606,9 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
dupl->grp = obj->grp;
dupl->nid = obj->nid;
dupl->objSz = obj->objSz;
+ #ifdef OPENSSL_EXTRA
+ dupl->ca = obj->ca;
+ #endif
/* Check for encoding. */
if (obj->obj) {
/* Allocate memory for ASN.1 OBJECT_ID DER encoding. */
@@ -1630,7 +1633,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
#endif /* !NO_ASN */
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
/**
* Parse DER encoding and return header information.
@@ -1859,6 +1862,10 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
return ret;
}
+#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
+
+#ifdef OPENSSL_EXTRA
+
/* Write at most buf_len bytes of textual representation of ASN.1 OBJECT_ID.
*
* @param [in, out] buf Buffer to write to.
@@ -2312,7 +2319,7 @@ int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1)
* Assumes length is greater than 0.
*
* @param [in] s ASN.1 STRING object.
- * @return Buffer cotaining string representation on success.
+ * @return Buffer containing string representation on success.
* @return NULL when dynamic memory allocation fails.
* @return NULL when encoding a character as hex fails.
*/
@@ -3227,7 +3234,7 @@ static int wolfssl_asn1_time_to_secs(const WOLFSSL_ASN1_TIME* t,
/* Calculate difference in time of two ASN.1 TIME objects.
*
* @param [out] days Number of whole days between from and to.
- * @param [out] secs Number of serconds less than a day between from and to.
+ * @param [out] secs Number of seconds less than a day between from and to.
* @param [in] from ASN.1 TIME object as start time.
* @param [in] to ASN.1 TIME object as end time.
* @return 1 on success.
@@ -3918,7 +3925,7 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
* ASN1_TYPE APIs
******************************************************************************/
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
/**
* Allocate a new ASN.1 TYPE object.
@@ -3954,12 +3961,12 @@ static void wolfssl_asn1_type_free_value(WOLFSSL_ASN1_TYPE* at)
wolfSSL_ASN1_OBJECT_free(at->value.object);
break;
case V_ASN1_UTCTIME:
- #ifndef NO_ASN_TIME
+ #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
wolfSSL_ASN1_TIME_free(at->value.utctime);
#endif
break;
case V_ASN1_GENERALIZEDTIME:
- #ifndef NO_ASN_TIME
+ #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
wolfSSL_ASN1_TIME_free(at->value.generalizedtime);
#endif
break;
@@ -3991,9 +3998,10 @@ void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
XFREE(at, NULL, DYNAMIC_TYPE_OPENSSL);
}
-#endif /* OPENSSL_EXTRA */
+#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS)
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS) || \
+ defined(WOLFSSL_WPAS_SMALL)
/**
* Set ASN.1 TYPE object with a type and value.
*
diff --git a/extra/wolfssl/wolfssl/src/ssl_bn.c b/extra/wolfssl/wolfssl/src/ssl_bn.c
index 9102a8e0..8a054c80 100644
--- a/extra/wolfssl/wolfssl/src/ssl_bn.c
+++ b/extra/wolfssl/wolfssl/src/ssl_bn.c
@@ -1689,23 +1689,31 @@ int wolfSSL_BN_div(WOLFSSL_BIGNUM* dv, WOLFSSL_BIGNUM* rem,
const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* d, WOLFSSL_BN_CTX* ctx)
{
int ret = 1;
+ WOLFSSL_BIGNUM* res = dv;
/* BN context not needed. */
(void)ctx;
WOLFSSL_ENTER("wolfSSL_BN_div");
+ if (BN_IS_NULL(res)) {
+ res = wolfSSL_BN_new();
+ }
+
/* Validate parameters. */
- if (BN_IS_NULL(dv) || BN_IS_NULL(rem) || BN_IS_NULL(a) || BN_IS_NULL(d)) {
+ if (BN_IS_NULL(res) || BN_IS_NULL(rem) || BN_IS_NULL(a) || BN_IS_NULL(d)) {
ret = 0;
}
/* Have wolfCrypt perform operation with internal representations. */
if ((ret == 1) && (mp_div((mp_int*)a->internal, (mp_int*)d->internal,
- (mp_int*)dv->internal, (mp_int*)rem->internal) != MP_OKAY)) {
+ (mp_int*)res->internal, (mp_int*)rem->internal) != MP_OKAY)) {
ret = 0;
}
+ if (res != dv)
+ wolfSSL_BN_free(res);
+
WOLFSSL_LEAVE("wolfSSL_BN_div", ret);
return ret;
}
diff --git a/extra/wolfssl/wolfssl/src/ssl_certman.c b/extra/wolfssl/wolfssl/src/ssl_certman.c
new file mode 100644
index 00000000..65a6c559
--- /dev/null
+++ b/extra/wolfssl/wolfssl/src/ssl_certman.c
@@ -0,0 +1,2372 @@
+/* ssl_certman.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+ #include <wolfssl/internal.h>
+
+#if !defined(WOLFSSL_SSL_CERTMAN_INCLUDED)
+ #ifndef WOLFSSL_IGNORE_FILE_WARN
+ #warning ssl_certman.c does not need to be compiled separately from ssl.c
+ #endif
+#else
+
+#ifndef NO_CERTS
+
+/* Pick an available TLS method.
+ *
+ * Used when creating temporary WOLFSSL_CTX.
+ *
+ * @return A TLS method on success.
+ * @return NULL when no TLS method built into wolfSSL.
+ */
+static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void)
+{
+ #ifndef NO_WOLFSSL_CLIENT
+ #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
+ return wolfSSLv3_client_method();
+ #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
+ return wolfTLSv1_client_method();
+ #elif !defined(NO_OLD_TLS)
+ return wolfTLSv1_1_client_method();
+ #elif !defined(WOLFSSL_NO_TLS12)
+ return wolfTLSv1_2_client_method();
+ #elif defined(WOLFSSL_TLS13)
+ return wolfTLSv1_3_client_method();
+ #else
+ return NULL;
+ #endif
+ #elif !defined(NO_WOLFSSL_SERVER)
+ #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
+ return wolfSSLv3_server_method();
+ #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
+ return wolfTLSv1_server_method();
+ #elif !defined(NO_OLD_TLS)
+ return wolfTLSv1_1_server_method();
+ #elif !defined(WOLFSSL_NO_TLS12)
+ return wolfTLSv1_2_server_method();
+ #elif defined(WOLFSSL_TLS13)
+ return wolfTLSv1_3_server_method();
+ #else
+ return NULL;
+ #endif
+ #else
+ return NULL;
+ #endif
+}
+
+/* Create a new certificate manager with a heap hint.
+ *
+ * @param [in] heap Heap hint.
+ * @return Certificate manager object on success.
+ * @return NULL on failure.
+ */
+WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
+{
+ int err = 0;
+ WOLFSSL_CERT_MANAGER* cm;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerNew");
+
+ /* Allocate memory for certificate manager. */
+ cm = (WOLFSSL_CERT_MANAGER*)XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), heap,
+ DYNAMIC_TYPE_CERT_MANAGER);
+ if (cm == NULL) {
+ err = 1;
+ }
+ if (!err) {
+ /* Reset all fields. */
+ XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER));
+
+ /* Create a mutex for use when modify table of stored CAs. */
+ if (wc_InitMutex(&cm->caLock) != 0) {
+ WOLFSSL_MSG("Bad mutex init");
+ err = 1;
+ }
+ }
+ if (!err) {
+ /* Initialize reference count. */
+ wolfSSL_RefInit(&cm->ref, &err);
+ #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+ if (err != 0) {
+ WOLFSSL_MSG("Bad reference count init");
+ }
+ #endif
+ }
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ /* Create a mutex for use when modify table of trusted peers. */
+ if ((!err) && (wc_InitMutex(&cm->tpLock) != 0)) {
+ WOLFSSL_MSG("Bad mutex init");
+ err = 1;
+ }
+#endif
+ if (!err) {
+ /* Set default minimum key sizes allowed. */
+ #ifndef NO_RSA
+ cm->minRsaKeySz = MIN_RSAKEY_SZ;
+ #endif
+ #ifdef HAVE_ECC
+ cm->minEccKeySz = MIN_ECCKEY_SZ;
+ #endif
+ #ifdef HAVE_PQC
+ #ifdef HAVE_FALCON
+ cm->minFalconKeySz = MIN_FALCONKEY_SZ;
+ #endif /* HAVE_FALCON */
+ #ifdef HAVE_DILITHIUM
+ cm->minDilithiumKeySz = MIN_DILITHIUMKEY_SZ;
+ #endif /* HAVE_DILITHIUM */
+ #endif /* HAVE_PQC */
+
+ /* Set heap hint to use in certificate manager operations. */
+ cm->heap = heap;
+ }
+
+ /* Dispose of certificate manager on error. */
+ if (err && (cm != NULL)) {
+ wolfSSL_CertManagerFree(cm);
+ cm = NULL;
+ }
+ return cm;
+}
+
+/* Create a new certificate manager.
+ *
+ * @return Certificate manager object on success.
+ * @return NULL on failure.
+ */
+WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
+{
+ /* No heap hint. */
+ return wolfSSL_CertManagerNew_ex(NULL);
+}
+
+/* Dispose of certificate manager.
+ *
+ * @param [in, out] cm Certificate manager.
+ */
+void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
+{
+ WOLFSSL_ENTER("wolfSSL_CertManagerFree");
+
+ /* Validate parameter. */
+ if (cm != NULL) {
+ int doFree = 0;
+ int ret;
+
+ /* Decrement reference count and check if value is 0. */
+ wolfSSL_RefDec(&cm->ref, &doFree, &ret);
+ #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+ if (ret != 0) {
+ WOLFSSL_MSG("Couldn't lock cm mutex");
+ }
+ #else
+ (void)ret;
+ #endif
+ if (doFree) {
+ #ifdef HAVE_CRL
+ /* Dispose of CRL handler. */
+ if (cm->crl != NULL) {
+ /* Dispose of CRL object - indicating dynamically allocated. */
+ FreeCRL(cm->crl, 1);
+ }
+ #endif
+
+ #ifdef HAVE_OCSP
+ /* Dispose of OCSP handler. */
+ if (cm->ocsp != NULL) {
+ FreeOCSP(cm->ocsp, 1);
+ }
+ /* Dispose of URL. */
+ XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
+ #if !defined(NO_WOLFSSL_SERVER) && \
+ (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
+ /* Dispose of OCSP stapling handler. */
+ if (cm->ocsp_stapling) {
+ FreeOCSP(cm->ocsp_stapling, 1);
+ }
+ #endif
+ #endif /* HAVE_OCSP */
+
+ /* Dispose of CA table and mutex. */
+ FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+ wc_FreeMutex(&cm->caLock);
+
+ #ifdef WOLFSSL_TRUST_PEER_CERT
+ /* Dispose of trusted peer table and mutex. */
+ FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
+ wc_FreeMutex(&cm->tpLock);
+ #endif
+
+ /* Dispose of reference count. */
+ wolfSSL_RefFree(&cm->ref);
+ /* Dispose of certificate manager memory. */
+ XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER);
+ }
+ }
+}
+
+/* Increase reference count on certificate manager.
+ *
+ * @param [in, out] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return 0 when cm is NULL or locking mutex fails.
+ */
+int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = 0;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ int err;
+
+ /* Increment reference. */
+ wolfSSL_RefInc(&cm->ref, &err);
+ #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+ if (err) {
+ WOLFSSL_MSG("Failed to lock cm mutex");
+ ret = 0;
+ }
+ #else
+ (void)err;
+ #endif
+ }
+
+ return ret;
+}
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
+#if defined(WOLFSSL_SIGNER_DER_CERT)
+static WC_INLINE int wolfssl_cm_get_certs_der(WOLFSSL_CERT_MANAGER* cm,
+ DerBuffer*** buffers, int* cnt)
+{
+ int err = 0;
+ Signer* signers = NULL;
+ DerBuffer** certBuffers = NULL;
+ int i = 0;
+ word32 row = 0;
+ int numCerts = 0;
+
+ /* Iterate once to get the number of certs, for memory allocation
+ * purposes. */
+ for (row = 0; row < CA_TABLE_SIZE; row++) {
+ /* Get signer information of CAs in a row. */
+ signers = cm->caTable[row];
+ /* Count each signer in row that has a DER certificate buffer. */
+ while ((signers != NULL) && (signers->derCert != NULL) &&
+ (signers->derCert->buffer != NULL)) {
+ ++numCerts;
+ signers = signers->next;
+ }
+ }
+ /* Check we found certificates. */
+ if (numCerts == 0) {
+ err = 1;
+ }
+
+ if (!err) {
+ /* Allocate memory for pointers to each DER buffer. */
+ certBuffers = (DerBuffer**)XMALLOC(
+ sizeof(DerBuffer*) * (size_t)numCerts, cm->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (certBuffers == NULL) {
+ err = 1;
+ }
+ }
+ if (!err) {
+ /* Reset pointers. */
+ XMEMSET(certBuffers, 0, sizeof(DerBuffer*) * (size_t)numCerts);
+ }
+
+ /* Copy the certs locally so that we can release the caLock. If the lock
+ * is held when wolfSSL_d2i_X509 is called, GetCA will also try to get
+ * the lock, leading to deadlock. */
+ for (row = 0; (!err) && (row < CA_TABLE_SIZE); row++) {
+ /* Get signer information of CAs in a row. */
+ signers = cm->caTable[row];
+ /* Copy each DER certificate buffer of signers in a row. */
+ while ((signers != NULL) && (signers->derCert != NULL) &&
+ (signers->derCert->buffer != NULL)) {
+ /* Allocate memory to hold DER certificate buffer. */
+ int ret = AllocDer(&certBuffers[i], signers->derCert->length,
+ CA_TYPE, cm->heap);
+ if (ret < 0) {
+ err = 1;
+ break;
+ }
+
+ /* Copy buffer into array element. */
+ XMEMCPY(certBuffers[i]->buffer, signers->derCert->buffer,
+ signers->derCert->length);
+ certBuffers[i]->length = signers->derCert->length;
+
+ /* Store in next index. */
+ ++i;
+ /* Move on to next signer in row. */
+ signers = signers->next;
+ }
+ }
+
+ *buffers = certBuffers;
+ *cnt = numCerts;
+ return err;
+}
+
+/* Retrieve stack of X509 certificates in a certificate manager (CM).
+ *
+ * @param [in] cm Certificate manager.
+ *
+ * @return Stack of X509 certs on success
+ * @return NULL on failure.
+ */
+WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm)
+{
+ WOLFSSL_STACK* sk = NULL;
+ int numCerts = 0;
+ DerBuffer** certBuffers = NULL;
+ int i = 0;
+ int err = 0;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerGetCerts");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ err = 1;
+ }
+ if (!err) {
+ /* Create an empty certificate stack to return. */
+ sk = wolfSSL_sk_X509_new_null();
+ if (sk == NULL) {
+ err = 1;
+ }
+ }
+ /* Lock CA table. */
+ if ((!err) && (wc_LockMutex(&cm->caLock) != 0)) {
+ err = 1;
+ }
+ if (!err) {
+ err = wolfssl_cm_get_certs_der(cm, &certBuffers, &numCerts);
+ /* Release CA lock. */
+ wc_UnLockMutex(&cm->caLock);
+ }
+
+ /* Put each DER certificate buffer into a stack of WOLFSSL_X509 */
+ for (i = 0; (!err) && (i < numCerts); ++i) {
+ const byte* derBuffer = NULL;
+ WOLFSSL_X509* x509 = NULL;
+
+ /* Get pointer to DER encoding of certificate. */
+ derBuffer = certBuffers[i]->buffer;
+ /* Decode certificate. */
+ wolfSSL_d2i_X509(&x509, &derBuffer, (int)certBuffers[i]->length);
+ if (x509 == NULL) {
+ err = 1;
+ }
+
+ /* Decode certificate. */
+ if ((!err) && (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS)) {
+ wolfSSL_X509_free(x509);
+ err = 1;
+ }
+ }
+
+ if (certBuffers != NULL) {
+ /* Dispose of temporary cert storage (for access outside of lock). */
+ for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {
+ FreeDer(&certBuffers[i]);
+ }
+ XFREE(certBuffers, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+
+ /* Dispose of stack of certificates on error. */
+ if (err && (sk != NULL)) {
+ wolfSSL_sk_X509_pop_free(sk, NULL);
+ sk = NULL;
+ }
+ return sk;
+}
+
+#endif /* WOLFSSL_SIGNER_DER_CERT */
+#endif /* OPENSSL_EXTRA && !NO_FILESYSTEM */
+
+/* Unload the CA signer table.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ * @return BAD_MUTEX_E when locking fails.
+ */
+int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerUnloadCAs");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ /* Lock CA table. */
+ if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->caLock) != 0)) {
+ ret = BAD_MUTEX_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Dispose of CA table. */
+ FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+
+ /* Unlock CA table. */
+ wc_UnLockMutex(&cm->caLock);
+ }
+
+ return ret;
+}
+
+
+#ifdef WOLFSSL_TRUST_PEER_CERT
+/* Unload the trusted peers table.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ * @return BAD_MUTEX_E when locking fails.
+ */
+int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerUnload_trust_peers");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ /* Lock trusted peers table. */
+ if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->tpLock) != 0)) {
+ ret = BAD_MUTEX_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Dispose of trusted peers table. */
+ FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
+
+ /* Unlock trusted peers table. */
+ wc_UnLockMutex(&cm->tpLock);
+ }
+
+ return ret;
+}
+#endif /* WOLFSSL_TRUST_PEER_CERT */
+
+/* Load certificate/s from buffer with flags.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] buff Buffer holding encoding of certificate.
+ * @param [in] sz Length in bytes of data in buffer.
+ * @param [in] format Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] userChain Indicates buffer holds chain of certificates.
+ * @param [in] flags Flags to modify behaviour of loading. Valid flags:
+ * WOLFSSL_LOAD_FLAG_IGNORE_ERR,
+ * WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY,
+ * WOLFSSL_LOAD_FLAG_PEM_CA_ONLY,
+ * WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR, and
+ * WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return WOLFSSL_FATAL_ERROR when cm is NULL or failed create WOLFSSL_CTX.
+ * @return Other values on loading failure.
+ */
+int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,
+ const unsigned char* buff, long sz, int format, int userChain, word32 flags)
+{
+ int ret = WOLFSSL_SUCCESS;
+ WOLFSSL_CTX* tmp = NULL;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerLoadCABuffer_ex");
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ WOLFSSL_MSG("No CertManager error");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+ /* Allocate a temporary WOLFSSL_CTX to load with. */
+ if ((ret == WOLFSSL_SUCCESS) && ((tmp = wolfSSL_CTX_new(cm_pick_method()))
+ == NULL)) {
+ WOLFSSL_MSG("CTX new failed");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Some configurations like OPENSSL_COMPATIBLE_DEFAULTS may turn off
+ * verification by default. Let's restore our desired defaults. */
+ wolfSSL_CTX_set_verify(tmp, WOLFSSL_VERIFY_DEFAULT, NULL);
+
+ /* Replace certificate manager with one to load certificate/s into. */
+ wolfSSL_CertManagerFree(tmp->cm);
+ tmp->cm = cm;
+
+ /* Load certificate buffer. */
+ ret = wolfSSL_CTX_load_verify_buffer_ex(tmp, buff, sz, format,
+ userChain, flags);
+
+ /* Clear certificate manager in WOLFSSL_CTX so it won't be freed. */
+ tmp->cm = NULL;
+ }
+
+ /* Dispose of temporary WOLFSSL_CTX. */
+ wolfSSL_CTX_free(tmp);
+ return ret;
+}
+
+/* Load certificate/s from buffer into table.
+ *
+ * Uses default load verification flags and is not a user chain.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] buff Buffer holding encoding of certificate.
+ * @param [in] sz Length in bytes of data in buffer.
+ * @param [in] format Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return WOLFSSL_FATAL_ERROR when cm is NULL or failed create WOLFSSL_CTX.
+ * @return Other values on loading failure.
+ */
+int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
+ const unsigned char* buff, long sz, int format)
+{
+ return wolfSSL_CertManagerLoadCABuffer_ex(cm, buff, sz, format, 0,
+ WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS);
+}
+
+#ifndef NO_WOLFSSL_CM_VERIFY
+/* Set the verification callback into certificate manager.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] vc Verification callback.
+ */
+void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, VerifyCallback vc)
+{
+ WOLFSSL_ENTER("wolfSSL_CertManagerSetVerify");
+ if (cm != NULL) {
+ cm->verifyCallback = vc;
+ }
+}
+#endif /* NO_WOLFSSL_CM_VERIFY */
+
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+/* Verify the certificate.
+ *
+ * Uses the verification callback if available.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] buff Buffer holding encoded certificate.
+ * @param [in] sz Size in bytes of data in buffer.
+ * @param [in] format Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] prev_err Previous error. Passed to callback.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return NOT_COMPILED_IN when converting from PEM to DER is not a feature of
+ * the wolfSSL build.
+ */
+int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff,
+ long sz, int format, int prev_err)
+{
+ int ret = 0;
+ int fatal = 0;
+ DerBuffer* der = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+ DecodedCert* cert = NULL;
+#else
+ DecodedCert cert[1];
+#endif
+
+ WOLFSSL_ENTER("CM_VerifyBuffer_ex");
+
+ (void)prev_err;
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Allocate memory for decoded certificate. */
+ cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
+ DYNAMIC_TYPE_DCERT);
+ if (cert == NULL) {
+ ret = MEMORY_E;
+ fatal = 1;
+ }
+ if (ret == 0)
+#endif
+ {
+ /* Reset fields of decoded certificate. */
+ XMEMSET(cert, 0, sizeof(DecodedCert));
+
+ if (format == WOLFSSL_FILETYPE_PEM) {
+ #ifndef WOLFSSL_PEM_TO_DER
+ ret = NOT_COMPILED_IN;
+ fatal = 1;
+ #else
+ /* Convert to DER from PEM. */
+ ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, NULL, NULL);
+ if (ret != 0) {
+ fatal = 1;
+ }
+ else {
+ /* Replace buffer pointer and size with DER buffer. */
+ buff = der->buffer;
+ sz = (long)der->length;
+ }
+ #endif
+ }
+ }
+ if (ret == 0) {
+ /* Create a decoded certificate with DER buffer. */
+ InitDecodedCert(cert, buff, (word32)sz, cm->heap);
+
+ /* Parse DER into decoded certificate fields and verify signature
+ * against a known CA. */
+ ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, cm);
+ }
+
+#ifdef HAVE_CRL
+ if ((ret == 0) && cm->crlEnabled) {
+ /* Check for a CRL for the CA and check validity of certificate. */
+ ret = CheckCertCRL(cm->crl, cert);
+ }
+#endif
+
+ (void)fatal;
+
+#ifndef NO_WOLFSSL_CM_VERIFY
+ /* Use callback to perform verification too if available. */
+ if ((!fatal) && cm->verifyCallback) {
+ #ifdef WOLFSSL_SMALL_STACK
+ ProcPeerCertArgs* args;
+ #else
+ ProcPeerCertArgs args[1];
+ #endif
+ buffer certBuf;
+
+ #ifdef WOLFSSL_SMALL_STACK
+ /* Allocate memory for object to hold arguments for callback. */
+ args = (ProcPeerCertArgs*)XMALLOC(sizeof(ProcPeerCertArgs), cm->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (args == NULL) {
+ ret = MEMORY_E;
+ fatal = 1;
+ }
+ if (!fatal)
+ #endif
+ {
+ XMEMSET(args, 0, sizeof(ProcPeerCertArgs));
+
+ /* DER encoding. */
+ certBuf.buffer = (byte*)buff;
+ certBuf.length = (unsigned int)sz;
+
+ /* One certificate available. */
+ args->totalCerts = 1;
+ args->certs = &certBuf;
+ args->dCert = cert;
+ args->dCertInit = 1;
+
+ /* Replace value in ret with an error value passed in. */
+ if (prev_err != 0) {
+ ret = prev_err;
+ }
+ /* Use callback to verify certificate. */
+ ret = DoVerifyCallback(cm, NULL, ret, args);
+ }
+ #ifdef WOLFSSL_SMALL_STACK
+ /* Dispose of allocated callback args. */
+ XFREE(args, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ #endif
+ }
+#endif
+
+ /* Dispose of allocated memory. */
+ FreeDecodedCert(cert);
+ FreeDer(&der);
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
+#endif
+
+ /* Convert the ret value to a return value. */
+ return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Verify the certificate.
+ *
+ * Uses the verification callback if available.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] buff Buffer holding encoded certificate.
+ * @param [in] sz Size in bytes of data in buffer.
+ * @param [in] format Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] prev_err Previous error. Passed to callback.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or buff is NULL or sz is negative or zero.
+ * @return WOLFSSL_BAD_FILETYPE when format is invalid.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return NOT_COMPILED_IN when converting from PEM to DER is not a feature of
+ * the wolfSSL build.
+ */
+int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
+ const unsigned char* buff, long sz, int format)
+{
+ int ret;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerVerifyBuffer");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (buff == NULL) || (sz <= 0)) {
+ ret = BAD_FUNC_ARG;
+ }
+ else if ((format != WOLFSSL_FILETYPE_ASN1) &&
+ (format != WOLFSSL_FILETYPE_PEM)) {
+ ret = WOLFSSL_BAD_FILETYPE;
+ }
+ else {
+ /* No previous error. */
+ ret = CM_VerifyBuffer_ex(cm, buff, sz, format, 0);
+ }
+
+ return ret;
+}
+#endif /* !NO_WOLFSSL_CLIENT || !WOLFSSL_NO_CLIENT_AUTH */
+
+#ifndef NO_FILESYSTEM
+
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+/* Verify the certificate loaded from a file.
+ *
+ * Uses the verification callback if available.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] format Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] prev_err Previous error. Passed to callback.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or buff is NULL or sz is negative.
+ * @return WOLFSSL_BAD_FILETYPE when format is invalid.
+ * @return WOLFSSL_BAD_FILE when reading the certificate file fails.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return NOT_COMPILED_IN when converting from PEM to DER is not a feature of
+ * the wolfSSL build.
+ */
+int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
+ int format)
+{
+ int ret = WOLFSSL_SUCCESS;
+#ifndef WOLFSSL_SMALL_STACK
+ byte staticBuffer[FILE_BUFFER_SIZE];
+#endif
+ byte* buff = NULL;
+ long sz = 0;
+ XFILE file = XBADFILE;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerVerify");
+
+#ifndef WOLFSSL_SMALL_STACK
+ buff = staticBuffer;
+#endif
+
+ /* Validate parameters. cm and format validated in:
+ * wolfSSL_CertManagerVerifyBuffer */
+ if ((cm == NULL) || (fname == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Open the file containing a certificate. */
+ if ((ret == WOLFSSL_SUCCESS) &&
+ ((file = XFOPEN(fname, "rb")) == XBADFILE)) {
+ ret = WOLFSSL_BAD_FILE;
+ }
+ /* Get the length of the file. */
+ if (ret == WOLFSSL_SUCCESS) {
+ ret = wolfssl_file_len(file, &sz);
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ }
+ }
+ /* Allocate dynamic memory for file contents if no static buffer or too
+ * small. */
+#ifndef WOLFSSL_SMALL_STACK
+ if ((ret == WOLFSSL_SUCCESS) && (sz > (long)sizeof(staticBuffer)))
+#else
+
+ if (ret == WOLFSSL_SUCCESS)
+#endif
+ {
+ WOLFSSL_MSG("Getting dynamic buffer");
+ buff = (byte*)XMALLOC((size_t)sz, cm->heap, DYNAMIC_TYPE_FILE);
+ if (buff == NULL) {
+ ret = WOLFSSL_BAD_FILE;
+ }
+ }
+ /* Read all the file into buffer. */
+ if ((ret == WOLFSSL_SUCCESS) && (XFREAD(buff, 1, (size_t)sz, file) !=
+ (size_t)sz)) {
+ ret = WOLFSSL_BAD_FILE;
+ }
+ /* Close file if opened. */
+ if (file != XBADFILE) {
+ XFCLOSE(file);
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Verify the certificate read. */
+ ret = wolfSSL_CertManagerVerifyBuffer(cm, buff, sz, format);
+ }
+
+ /* Dispose of buffer if it was allocated. */
+#ifndef WOLFSSL_SMALL_STACK
+ if (buff != staticBuffer)
+#endif
+ {
+ if (cm != NULL) {
+ XFREE(buff, cm->heap, DYNAMIC_TYPE_FILE);
+ }
+ }
+ return ret;
+}
+#endif
+
+/* Load the CA file and/or certificate files in a path.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] file Name of CA file.
+ * @param [in] path Path to a directory containing certificates.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return WOLFSSL_FATAL_ERROR when cm is NULL or unable to create WOLFSSL_CTX.
+ * @return Otherwise failure.
+ */
+int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
+ const char* path)
+{
+ int ret = WOLFSSL_SUCCESS;
+ WOLFSSL_CTX* tmp = NULL;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerLoadCA");
+
+ /* Validate parameters. file and path validated in:
+ * wolfSSL_CTX_load_verify_locations*/
+ if (cm == NULL) {
+ WOLFSSL_MSG("No CertManager error");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+ /* Create temporary WOLFSSL_CTX. */
+ if ((ret == WOLFSSL_SUCCESS) && ((tmp = wolfSSL_CTX_new(cm_pick_method()))
+ == NULL)) {
+ WOLFSSL_MSG("CTX new failed");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Some configurations like OPENSSL_COMPATIBLE_DEFAULTS may turn off
+ * verification by default. Let's restore our desired defaults. */
+ wolfSSL_CTX_set_verify(tmp, WOLFSSL_VERIFY_DEFAULT, NULL);
+
+ /* Replace certificate manager with one to load certificate/s into. */
+ wolfSSL_CertManagerFree(tmp->cm);
+ tmp->cm = cm;
+
+ /* Load certificate from file and path. */
+ ret = wolfSSL_CTX_load_verify_locations(tmp, file, path);
+
+ /* Clear certificate manager in WOLFSSL_CTX so it won't be freed. */
+ tmp->cm = NULL;
+ }
+
+ /* Dispose of temporary WOLFSSL_CTX. */
+ wolfSSL_CTX_free(tmp);
+ return ret;
+}
+
+#endif /* NO_FILESYSTEM */
+
+#if defined(PERSIST_CERT_CACHE)
+
+/* Version of layout of cache of CA certificates. */
+#define WOLFSSL_CACHE_CERT_VERSION 1
+
+/* CA certificates cache information. */
+typedef struct {
+ /* Cache certificate layout version id. */
+ int version;
+ /* Number of hash table rows. Maximum of CA_TABLE_SIZE. */
+ int rows;
+ /* Number of columns per row. */
+ int columns[CA_TABLE_SIZE];
+ /* Size of Signer object. */
+ int signerSz;
+} CertCacheHeader;
+
+/* current cert persistence layout is:
+
+ 1) CertCacheHeader
+ 2) caTable
+
+ update WOLFSSL_CERT_CACHE_VERSION if change layout for the following
+ PERSIST_CERT_CACHE functions
+*/
+
+
+/* Return number of bytes of memory needed to persist this signer.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] Signer Signer entry in CA table.
+ * @return Number of bytes.
+ */
+static WC_INLINE int cm_get_signer_memory(Signer* signer)
+{
+ int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID)
+ + sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
+
+#if !defined(NO_SKID)
+ sz += (int)sizeof(signer->subjectKeyIdHash);
+#endif
+
+ /* Add dynamic bytes needed. */
+ sz += (int)signer->pubKeySize;
+ sz += signer->nameLen;
+
+ return sz;
+}
+
+
+/* Return number of bytes of memory needed to persist this row.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] row A row of signers from the CA table.
+ * @return Number of bytes.
+ */
+static WC_INLINE int cm_get_cert_cache_row_memory(Signer* row)
+{
+ int sz = 0;
+
+ /* Each signer in row. */
+ while (row != NULL) {
+ /* Add in size of this signer. */
+ sz += cm_get_signer_memory(row);
+ row = row->next;
+ }
+
+ return sz;
+}
+
+
+/* Return the number of bytes of memory to persist cert cache.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @return Number of bytes.
+ */
+static WC_INLINE int cm_get_cert_cache_mem_size(WOLFSSL_CERT_MANAGER* cm)
+{
+ int sz;
+ int i;
+
+ sz = sizeof(CertCacheHeader);
+
+ /* Each row in table. */
+ for (i = 0; i < CA_TABLE_SIZE; i++) {
+ /* Add in size of this row. */
+ sz += cm_get_cert_cache_row_memory(cm->caTable[i]);
+ }
+
+ return sz;
+}
+
+
+/* Get count of columns for each row.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] columns Array of row counts.
+ */
+static WC_INLINE void cm_set_cert_header_Columns(WOLFSSL_CERT_MANAGER* cm,
+ int* columns)
+{
+ int i;
+ Signer* row;
+
+ /* Each row in table. */
+ for (i = 0; i < CA_TABLE_SIZE; i++) {
+ int count = 0;
+
+ /* Get row from table. */
+ row = cm->caTable[i];
+ /* Each entry in row. */
+ while (row != NULL) {
+ /* Update count. */
+ ++count;
+ row = row->next;
+ }
+ /* Store row count. */
+ columns[i] = count;
+ }
+}
+
+
+/* Restore whole cert row from memory,
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] current Buffer containing rows.
+ * @param [in] row Row number being restored.
+ * @param [in] listSz Number of entries in row.
+ * @param [in] end End of data in buffer.
+ * @return Number of bytes consumed on success.
+ * @return PARSE_ERROR when listSz is less than zero.
+ * @return BUFFER_E when buffer is too small.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return Negative value on error.
+ */
+static WC_INLINE int cm_restore_cert_row(WOLFSSL_CERT_MANAGER* cm,
+ byte* current, int row, int listSz, const byte* end)
+{
+ int ret = 0;
+ int idx = 0;
+
+ /* Validate parameters. */
+ if (listSz < 0) {
+ WOLFSSL_MSG("Row header corrupted, negative value");
+ ret = PARSE_ERROR;
+ }
+
+ /* Process all entries. */
+ while ((ret == 0) && (listSz > 0)) {
+ Signer* signer = NULL;
+ byte* publicKey;
+ byte* start = current + idx; /* for end checks on this signer */
+ int minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) +
+ sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
+ #ifndef NO_SKID
+ minSz += (int)sizeof(signer->subjectKeyIdHash);
+ #endif
+
+ /* Check minimal size of bytes available. */
+ if (start + minSz > end) {
+ WOLFSSL_MSG("Would overread restore buffer");
+ ret = BUFFER_E;
+ }
+ /* Make a new signer. */
+ if ((ret == 0) && ((signer = MakeSigner(cm->heap)) == NULL)) {
+ ret = MEMORY_E;
+ }
+
+ if (ret == 0) {
+ /* Copy in public key size. */
+ XMEMCPY(&signer->pubKeySize, current + idx,
+ sizeof(signer->pubKeySize));
+ idx += (int)sizeof(signer->pubKeySize);
+
+ /* Copy in public key OID. */
+ XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID));
+ idx += (int)sizeof(signer->keyOID);
+
+ /* Check bytes available for public key. */
+ if (start + minSz + signer->pubKeySize > end) {
+ WOLFSSL_MSG("Would overread restore buffer");
+ ret = BUFFER_E;
+ }
+ }
+ if (ret == 0) {
+ /* Allocate memory for public key to be stored in. */
+ publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap,
+ DYNAMIC_TYPE_KEY);
+ if (publicKey == NULL) {
+ ret = MEMORY_E;
+ }
+ }
+
+ if (ret == 0) {
+ /* Copy in public key. */
+ XMEMCPY(publicKey, current + idx, signer->pubKeySize);
+ signer->publicKey = publicKey;
+ idx += (int)signer->pubKeySize;
+
+ /* Copy in certificate name length. */
+ XMEMCPY(&signer->nameLen, current + idx, sizeof(signer->nameLen));
+ idx += (int)sizeof(signer->nameLen);
+
+ /* Check bytes available for certificate name. */
+ if (start + minSz + signer->pubKeySize + signer->nameLen > end) {
+ WOLFSSL_MSG("Would overread restore buffer");
+ ret = BUFFER_E;
+ }
+ }
+ if (ret == 0) {
+ /* Allocate memory for public key to be stored in. */
+ signer->name = (char*)XMALLOC((size_t)signer->nameLen, cm->heap,
+ DYNAMIC_TYPE_SUBJECT_CN);
+ if (signer->name == NULL) {
+ ret = MEMORY_E;
+ }
+ }
+
+ if (ret == 0) {
+ /* Copy in certificate name. */
+ XMEMCPY(signer->name, current + idx, (size_t)signer->nameLen);
+ idx += signer->nameLen;
+
+ /* Copy in hash of subject name. */
+ XMEMCPY(signer->subjectNameHash, current + idx, SIGNER_DIGEST_SIZE);
+ idx += SIGNER_DIGEST_SIZE;
+
+ #ifndef NO_SKID
+ /* Copy in hash of subject key. */
+ XMEMCPY(signer->subjectKeyIdHash, current + idx,SIGNER_DIGEST_SIZE);
+ idx += SIGNER_DIGEST_SIZE;
+ #endif
+
+ /* Make next Signer the head of the row. */
+ signer->next = cm->caTable[row];
+ /* Add Signer to start of row. */
+ cm->caTable[row] = signer;
+
+ /* Done one more Signer. */
+ --listSz;
+ }
+
+ if ((ret != 0) && (signer != NULL)) {
+ /* Dispose of allocated signer. */
+ FreeSigner(signer, cm->heap);
+ }
+ }
+
+ if (ret == 0) {
+ /* Return the number of bytes used on success. */
+ ret = idx;
+ }
+ return ret;
+}
+
+
+/* Store whole CA certificate row into memory.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] current Buffer to write to.
+ * @param [in] row Row number being stored.
+ * @return Number of bytes added.
+ */
+static WC_INLINE int cm_store_cert_row(WOLFSSL_CERT_MANAGER* cm, byte* current,
+ int row)
+{
+ int added = 0;
+ Signer* list;
+
+ /* Get the row - a linked list. */
+ list = cm->caTable[row];
+ /* Each certificate in row. */
+ while (list != NULL) {
+ /* Public key size. */
+ XMEMCPY(current + added, &list->pubKeySize, sizeof(list->pubKeySize));
+ added += (int)sizeof(list->pubKeySize);
+
+ /* Public key OID. */
+ XMEMCPY(current + added, &list->keyOID, sizeof(list->keyOID));
+ added += (int)sizeof(list->keyOID);
+
+ /* Public key. */
+ XMEMCPY(current + added, list->publicKey, (size_t)list->pubKeySize);
+ added += (int)list->pubKeySize;
+
+ /* Certificate name length. */
+ XMEMCPY(current + added, &list->nameLen, sizeof(list->nameLen));
+ added += (int)sizeof(list->nameLen);
+
+ /* Certificate name. */
+ XMEMCPY(current + added, list->name, (size_t)list->nameLen);
+ added += list->nameLen;
+
+ /* Hash of subject name. */
+ XMEMCPY(current + added, list->subjectNameHash, SIGNER_DIGEST_SIZE);
+ added += SIGNER_DIGEST_SIZE;
+
+ #ifndef NO_SKID
+ /* Hash of public key. */
+ XMEMCPY(current + added, list->subjectKeyIdHash,SIGNER_DIGEST_SIZE);
+ added += SIGNER_DIGEST_SIZE;
+ #endif
+
+ /* Next certificate in row. */
+ list = list->next;
+ }
+
+ return added;
+}
+
+
+/* Persist CA certificate cache to memory.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] mem Memory to persist into.
+ * @param [in] sz Size in bytes of memory.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BUFFER_E when memory is too small.
+ */
+static WC_INLINE int cm_do_mem_save_cert_cache(WOLFSSL_CERT_MANAGER* cm,
+ void* mem, int sz)
+{
+ int ret = WOLFSSL_SUCCESS;
+ int realSz;
+ int i;
+
+ WOLFSSL_ENTER("cm_do_mem_save_cert_cache");
+
+ /* Calculate amount of memory required to store CA certificate table. */
+ realSz = cm_get_cert_cache_mem_size(cm);
+ if (realSz > sz) {
+ WOLFSSL_MSG("Mem output buffer too small");
+ ret = BUFFER_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ byte* current;
+ CertCacheHeader hdr;
+
+ /* Create header for storage. */
+ hdr.version = WOLFSSL_CACHE_CERT_VERSION;
+ hdr.rows = CA_TABLE_SIZE;
+ cm_set_cert_header_Columns(cm, hdr.columns);
+ hdr.signerSz = (int)sizeof(Signer);
+
+ /* Copy header into memory. */
+ XMEMCPY(mem, &hdr, sizeof(CertCacheHeader));
+ current = (byte*)mem + sizeof(CertCacheHeader);
+
+ /* Each row of table. */
+ for (i = 0; i < CA_TABLE_SIZE; ++i) {
+ /* Append row to memory. */
+ current += cm_store_cert_row(cm, current, i);
+ }
+ }
+
+ return ret;
+}
+
+
+#if !defined(NO_FILESYSTEM)
+
+/* Persist CA certificate cache to file.
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] fname File name to write to.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return WOLFSSL_BAD_FILE when opening file fails.
+ * @return BAD_MUTEX_E when locking fails.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return FWRITE_ERROR when writing to file fails.
+ */
+int CM_SaveCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
+{
+ XFILE file;
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("CM_SaveCertCache");
+
+ /* Open file for writing. */
+ file = XFOPEN(fname, "w+b");
+ if (file == XBADFILE) {
+ WOLFSSL_MSG("Couldn't open cert cache save file");
+ ret = WOLFSSL_BAD_FILE;
+ }
+
+ /* Lock CA table. */
+ if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->caLock) != 0)) {
+ WOLFSSL_MSG("wc_LockMutex on caLock failed");
+ ret = BAD_MUTEX_E;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ byte* mem;
+ /* Calculate size of memory required to store CA table. */
+ size_t memSz = (size_t)cm_get_cert_cache_mem_size(cm);
+ /* Allocate memory to hold CA table. */
+ mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ if (mem == NULL) {
+ WOLFSSL_MSG("Alloc for tmp buffer failed");
+ ret = MEMORY_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Store CA table in memory. */
+ ret = cm_do_mem_save_cert_cache(cm, mem, (int)memSz);
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Write memory to file. */
+ int sz = (int)XFWRITE(mem, memSz, 1, file);
+ if (sz != 1) {
+ WOLFSSL_MSG("Cert cache file write failed");
+ ret = FWRITE_ERROR;
+ }
+ }
+ if (mem != NULL) {
+ XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+
+ /* Unlock CA table. */
+ wc_UnLockMutex(&cm->caLock);
+ }
+
+ /* Close file. */
+ if (file != XBADFILE) {
+ XFCLOSE(file);
+ }
+ return ret;
+}
+
+
+/* Restore CA certificate cache from file.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] fname File name to write to.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return WOLFSSL_BAD_FILE when opening or using file fails.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return FREAD_ERROR when reading from file fails.
+ */
+int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
+{
+ XFILE file;
+ int ret = WOLFSSL_SUCCESS;
+ int memSz = 0;
+ byte* mem = NULL;
+
+ WOLFSSL_ENTER("CM_RestoreCertCache");
+
+ /* Open file for reading. */
+ file = XFOPEN(fname, "rb");
+ if (file == XBADFILE) {
+ WOLFSSL_MSG("Couldn't open cert cache save file");
+ ret = WOLFSSL_BAD_FILE;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Read file into allocated memory. */
+ ret = wolfssl_read_file(file, (char**)&mem, &memSz);
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ }
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Create the CA certificate table from memory. */
+ ret = CM_MemRestoreCertCache(cm, mem, memSz);
+ if (ret != WOLFSSL_SUCCESS) {
+ WOLFSSL_MSG("Mem restore cert cache failed");
+ }
+ }
+
+ /* Dispose of dynamic memory read into. */
+ XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ /* Close file. */
+ if (file != XBADFILE) {
+ XFCLOSE(file);
+ }
+ return ret;
+}
+
+#endif /* NO_FILESYSTEM */
+
+
+/* Persist CA certificate cache to memory.
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] mem Memory to persist into.
+ * @param [in] sz Size in bytes of memory.
+ * @param [out] used Number of bytes used when persisting cache.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_MUTEX_E when locking fails.
+ * @return BUFFER_E when memory is too small.
+ */
+int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, void* mem, int sz, int* used)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("CM_MemSaveCertCache");
+
+ /* Lock CA table. */
+ if (wc_LockMutex(&cm->caLock) != 0) {
+ WOLFSSL_MSG("wc_LockMutex on caLock failed");
+ ret = BAD_MUTEX_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Save CA table into memory. */
+ ret = cm_do_mem_save_cert_cache(cm, mem, sz);
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Get the number of bytes used. */
+ *used = cm_get_cert_cache_mem_size(cm);
+ }
+
+ /* Unlock CA table. */
+ wc_UnLockMutex(&cm->caLock);
+ }
+
+ return ret;
+}
+
+
+/* Restore CA certificate table from memory,
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] mem Buffer containing rows.
+ * @param [in] sz Size in bytes of data in buffer.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BUFFER_E when buffer is too small.
+ * @return BAD_MUTEX_E when locking fails.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ */
+int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const void* mem, int sz)
+{
+ int ret = WOLFSSL_SUCCESS;
+ int i;
+ CertCacheHeader* hdr = (CertCacheHeader*)mem;
+ byte* current = (byte*)mem + sizeof(CertCacheHeader);
+ byte* end = (byte*)mem + sz; /* don't go over */
+
+ WOLFSSL_ENTER("CM_MemRestoreCertCache");
+
+ /* Check memory available is bigger than cache header. */
+ if (current > end) {
+ WOLFSSL_MSG("Cert Cache Memory buffer too small");
+ ret = BUFFER_E;
+ }
+
+ /* Validate the cache header. */
+ if ((ret == WOLFSSL_SUCCESS) &&
+ ((hdr->version != WOLFSSL_CACHE_CERT_VERSION) ||
+ (hdr->rows != CA_TABLE_SIZE) ||
+ (hdr->signerSz != (int)sizeof(Signer)))) {
+ WOLFSSL_MSG("Cert Cache Memory header mismatch");
+ ret = CACHE_MATCH_ERROR;
+ }
+
+ /* Lock CA table. */
+ if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->caLock) != 0)) {
+ WOLFSSL_MSG("wc_LockMutex on caLock failed");
+ ret = BAD_MUTEX_E;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Dispose of current CA certificate table. */
+ FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+
+ /* Each row. */
+ for (i = 0; i < CA_TABLE_SIZE; ++i) {
+ /* Restore a row from memory. */
+ int added = cm_restore_cert_row(cm, current, i, hdr->columns[i],
+ end);
+ /* Bail on error. */
+ if (added < 0) {
+ WOLFSSL_MSG("cm_restore_cert_row error");
+ ret = added;
+ break;
+ }
+ /* Update pointer to data of next row. */
+ current += added;
+ }
+
+ /* Unlock CA table. */
+ wc_UnLockMutex(&cm->caLock);
+ }
+
+ return ret;
+}
+
+
+/* Calculate size of CA certificate cache when persisted to memory.
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm Certificate manager.
+ * @return Number of bytes on success.
+ * @return BAD_MUTEX_E when locking fails.
+ */
+int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret;
+
+ WOLFSSL_ENTER("CM_GetCertCacheMemSize");
+
+ /* Lock CA table. */
+ if (wc_LockMutex(&cm->caLock) != 0) {
+ WOLFSSL_MSG("wc_LockMutex on caLock failed");
+ ret = BAD_MUTEX_E;
+ }
+ else {
+ /* Calculate memory size. */
+ ret = cm_get_cert_cache_mem_size(cm);
+
+ /* Unlock CA table. */
+ wc_UnLockMutex(&cm->caLock);
+ }
+
+ return ret;
+}
+
+#endif /* PERSIST_CERT_CACHE */
+
+/*******************************************************************************
+ * CRL handling
+ ******************************************************************************/
+
+/* Enables/disables the use of CRLs when validating certificates.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] options Options for using CRLs. Valid flags:
+ * WOLFSSL_CRL_CHECKALL, WOLFSSL_CRL_CHECK.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return WOLFSSL_FAILURE when initializing the CRL object fails.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return NOT_COMPILED_IN when the CRL feature is disabled.
+ */
+int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL");
+
+ (void)options;
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#if defined(OPENSSL_COMPATIBLE_DEFAULTS)
+ /* If disabling then don't worry about whether CRL feature is enabled. */
+ if ((ret == WOLFSSL_SUCCESS) && (options == 0)) {
+ /* Disable leaf CRL check. */
+ cm->crlEnabled = 0;
+ /* Disable all CRL checks. */
+ cm->crlCheckAll = 0;
+ }
+ else
+#endif
+ if (ret == WOLFSSL_SUCCESS) {
+#ifndef HAVE_CRL
+ /* CRL feature not enabled. */
+ ret = NOT_COMPILED_IN;
+#else
+ /* Create CRL object if not present. */
+ if (cm->crl == NULL) {
+ /* Allocate memory for CRL object. */
+ cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap,
+ DYNAMIC_TYPE_CRL);
+ if (cm->crl == NULL) {
+ ret = MEMORY_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Reset fields of CRL object. */
+ XMEMSET(cm->crl, 0, sizeof(WOLFSSL_CRL));
+ /* Initialize CRL object. */
+ if (InitCRL(cm->crl, cm) != 0) {
+ WOLFSSL_MSG("Init CRL failed");
+ /* Dispose of CRL object - indicating dynamically allocated.
+ */
+ FreeCRL(cm->crl, 1);
+ cm->crl = NULL;
+ ret = WOLFSSL_FAILURE;
+ }
+ }
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ #if defined(HAVE_CRL_IO) && defined(USE_WOLFSSL_IO)
+ /* Use built-in callback to lookup CRL from URL. */
+ cm->crl->crlIOCb = EmbedCrlLookup;
+ #endif
+ #if defined(OPENSSL_COMPATIBLE_DEFAULTS)
+ if ((options & WOLFSSL_CRL_CHECKALL) ||
+ (options & WOLFSSL_CRL_CHECK))
+ #endif
+ {
+ /* Enable leaf CRL check. */
+ cm->crlEnabled = 1;
+ if (options & WOLFSSL_CRL_CHECKALL) {
+ /* Enable all CRL check. */
+ cm->crlCheckAll = 1;
+ }
+ }
+ }
+#endif
+ }
+
+ return ret;
+}
+
+
+/* Disables the CRL checks.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Disable CRL checking. */
+ cm->crlEnabled = 0;
+ cm->crlCheckAll = 0;
+ }
+
+ return ret;
+}
+
+#ifdef HAVE_CRL
+
+/* Load CRL for use.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] buff Buffer holding CRL.
+ * @param [in] sz Size in bytes of CRL in buffer.
+ * @param [in] type Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or buff is NULL or sz is negative or zero.
+ * @return WOLFSSL_FATAL_ERROR when creating CRL object fails.
+ */
+int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
+ const unsigned char* buff, long sz, int type)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLBuffer");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (buff == NULL) || (sz <= 0)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Create a CRL object if not available and enable CRL checking. */
+ if ((ret == WOLFSSL_SUCCESS) && (cm->crl == NULL) &&
+ (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK) !=
+ WOLFSSL_SUCCESS)) {
+ WOLFSSL_MSG("Enable CRL failed");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Load CRL into CRL object of the certificate manager. */
+ ret = BufferLoadCRL(cm->crl, buff, sz, type, VERIFY);
+ }
+
+ return ret;
+}
+
+/* Free the CRL object of the certificate manager.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerFreeCRL");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ /* Check whether CRL object exists. */
+ if ((ret == WOLFSSL_SUCCESS) && (cm->crl != NULL)) {
+ /* Dispose of CRL object - indicating dynamically allocated. */
+ FreeCRL(cm->crl, 1);
+ cm->crl = NULL;
+ }
+
+ return ret;
+}
+
+/* Check DER encoded certificate against CRLs if checking enabled.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] der DER encode certificate.
+ * @param [in] sz Size in bytes of DER encode certificate.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or der is NULL or sz is negative or zero.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ */
+int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
+ const unsigned char* der, int sz)
+{
+ int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+ DecodedCert* cert = NULL;
+#else
+ DecodedCert cert[1];
+#endif
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (der == NULL) || (sz <= 0)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Check if CRL checking enabled. */
+ if ((ret == 0) && cm->crlEnabled) {
+ #ifdef WOLFSSL_SMALL_STACK
+ /* Allocate memory for decoded certificate. */
+ cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+ DYNAMIC_TYPE_DCERT);
+ if (cert == NULL)
+ ret = MEMORY_E;
+ if (ret == 0)
+ #endif
+ {
+ /* Initialize decoded certificate with buffer. */
+ InitDecodedCert(cert, der, (word32)sz, NULL);
+
+ /* Parse certificate and perform CRL checks. */
+ ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_CRL, cm);
+ if (ret != 0) {
+ WOLFSSL_MSG("ParseCert failed");
+ }
+ /* Do CRL checks with decoded certificate. */
+ else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) {
+ WOLFSSL_MSG("CheckCertCRL failed");
+ }
+
+ /* Dispose of dynamically allocated memory. */
+ FreeDecodedCert(cert);
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
+ #endif
+ }
+ }
+
+ return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Set the missing CRL callback.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] cb Missing CRL callback.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb");
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Store callback. */
+ cm->cbMissingCRL = cb;
+ }
+
+ return ret;
+}
+
+#ifdef HAVE_CRL_IO
+/* Set the CRL I/O callback.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] cb CRL I/O callback.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if ((ret == WOLFSSL_SUCCESS) && (cm->crl != NULL)) {
+ /* Store callback. */
+ cm->crl->crlIOCb = cb;
+ }
+
+ return ret;
+}
+#endif
+
+#ifndef NO_FILESYSTEM
+/* Load CRL/s from path with the option of monitoring for changes.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] path Path to a directory containing CRLs.
+ * @param [in] type Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] monitor Whether to monitor path for changes to files.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or path is NULL.
+ * @return WOLFSSL_FATAL_ERROR when enabling CRLs fails.
+ */
+int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
+ int type, int monitor)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (path == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Create a CRL object if not available. */
+ if ((ret == WOLFSSL_SUCCESS) && (cm->crl == NULL) &&
+ (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK) !=
+ WOLFSSL_SUCCESS)) {
+ WOLFSSL_MSG("Enable CRL failed");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Load CRLs from path into CRL object of certificate manager. */
+ ret = LoadCRL(cm->crl, path, type, monitor);
+ }
+
+ return ret;
+}
+
+/* Load CRL from file.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] file Path to a directory containing CRLs.
+ * @param [in] type Format of encoding. Valid values:
+ * WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or file is NULL.
+ * @return WOLFSSL_FATAL_ERROR when enabling CRLs fails.
+ */
+int wolfSSL_CertManagerLoadCRLFile(WOLFSSL_CERT_MANAGER* cm, const char* file,
+ int type)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLFile");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (file == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Create a CRL object if not available. */
+ if ((ret == WOLFSSL_SUCCESS) && (cm->crl == NULL) &&
+ (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK) !=
+ WOLFSSL_SUCCESS)) {
+ WOLFSSL_MSG("Enable CRL failed");
+ ret = WOLFSSL_FATAL_ERROR;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Load CRL file into CRL object of certificate manager. */
+ ret = ProcessFile(NULL, file, type, CRL_TYPE, NULL, 0, cm->crl, VERIFY);
+ }
+
+ return ret;
+}
+#endif /* !NO_FILESYSTEM */
+
+#endif /* HAVE_CRL */
+
+/*******************************************************************************
+ * OCSP handling
+ ******************************************************************************/
+
+/* Enables OCSP when validating certificates and sets options.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] options Options for using OCSP. Valid flags:
+ * WOLFSSL_OCSP_URL_OVERRIDE, WOLFSSL_OCSP_NO_NONCE,
+ * WOLFSSL_OCSP_CHECKALL.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return 0 when initializing the OCSP object fails.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return NOT_COMPILED_IN when the OCSP feature is disabled.
+ */
+int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm, int options)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ (void)options;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSP");
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#ifndef HAVE_OCSP
+ if (ret == WOLFSSL_SUCCESS) {
+ /* OCSP feature not enabled. */
+ ret = NOT_COMPILED_IN;
+ }
+#else
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Check whether OCSP object is available. */
+ if (cm->ocsp == NULL) {
+ /* Allocate memory for OCSP object. */
+ cm->ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm->heap,
+ DYNAMIC_TYPE_OCSP);
+ if (cm->ocsp == NULL) {
+ ret = MEMORY_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Reset the fields of the OCSP object. */
+ XMEMSET(cm->ocsp, 0, sizeof(WOLFSSL_OCSP));
+ /* Initialize the OCSP object. */
+ if (InitOCSP(cm->ocsp, cm) != 0) {
+ WOLFSSL_MSG("Init OCSP failed");
+ /* Dispose of OCSP object - indicating dynamically allocated.
+ */
+ FreeOCSP(cm->ocsp, 1);
+ cm->ocsp = NULL;
+ ret = 0;
+ }
+ }
+ }
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Enable OCSP checking. */
+ cm->ocspEnabled = 1;
+ /* Enable URL override if requested. */
+ if (options & WOLFSSL_OCSP_URL_OVERRIDE) {
+ cm->ocspUseOverrideURL = 1;
+ }
+ /* Set nonce option for creating OCSP requests. */
+ cm->ocspSendNonce = (options & WOLFSSL_OCSP_NO_NONCE) !=
+ WOLFSSL_OCSP_NO_NONCE;
+ /* Set all OCSP checks on if requested. */
+ if (options & WOLFSSL_OCSP_CHECKALL) {
+ cm->ocspCheckAll = 1;
+ }
+ #ifndef WOLFSSL_USER_IO
+ /* Set built-in OCSP lookup. */
+ cm->ocspIOCb = EmbedOcspLookup;
+ cm->ocspRespFreeCb = EmbedOcspRespFree;
+ cm->ocspIOCtx = cm->heap;
+ #endif /* WOLFSSL_USER_IO */
+ }
+#endif /* HAVE_OCSP */
+
+ return ret;
+}
+
+/* Disables the OCSP checks.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSP");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Disable use of OCSP with certificate validation. */
+ cm->ocspEnabled = 0;
+ }
+
+ return ret;
+}
+
+/* Enables OCSP stapling with certificates in manager.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] options Options for using OCSP. Valid flags:
+ * WOLFSSL_OCSP_URL_OVERRIDE, WOLFSSL_OCSP_NO_NONCE,
+ * WOLFSSL_OCSP_CHECKALL.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return 0 when initializing the OCSP stapling object fails.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ * @return NOT_COMPILED_IN when the OCSP stapling feature is disabled.
+ */
+int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPStapling");
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
+ !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ if (ret == WOLFSSL_SUCCESS) {
+ /* OCSP stapling feature not enabled. */
+ ret = NOT_COMPILED_IN;
+ }
+#else
+#ifndef NO_WOLFSSL_SERVER
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Check whether OCSP object is available. */
+ if (cm->ocsp_stapling == NULL) {
+ /* Allocate memory for OCSP stapling object. */
+ cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP),
+ cm->heap, DYNAMIC_TYPE_OCSP);
+ if (cm->ocsp_stapling == NULL) {
+ ret = MEMORY_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Reset the fields of the OCSP object. */
+ XMEMSET(cm->ocsp_stapling, 0, sizeof(WOLFSSL_OCSP));
+ /* Initialize the OCSP stapling object. */
+ if (InitOCSP(cm->ocsp_stapling, cm) != 0) {
+ WOLFSSL_MSG("Init OCSP failed");
+ /* Dispose of OCSP stapling object - indicating dynamically
+ * allocated. */
+ FreeOCSP(cm->ocsp_stapling, 1);
+ cm->ocsp_stapling = NULL;
+ ret = 0;
+ }
+ }
+ }
+ }
+#ifndef WOLFSSL_USER_IO
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Set built-in OCSP lookup. */
+ cm->ocspIOCb = EmbedOcspLookup;
+ cm->ocspRespFreeCb = EmbedOcspRespFree;
+ cm->ocspIOCtx = cm->heap;
+ }
+#endif /* WOLFSSL_USER_IO */
+#endif /* NO_WOLFSSL_SERVER */
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Enable OCSP stapling. */
+ cm->ocspStaplingEnabled = 1;
+ }
+#endif /* HAVE_CERTIFICATE_STATUS_REQUEST ||
+ * HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
+
+ return ret;
+}
+
+/* Disables OCSP Stapling.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPStapling");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ /* Disable use of OCSP Stapling. */
+ cm->ocspStaplingEnabled = 0;
+ #else
+ /* OCSP stapling feature not enabled. */
+ ret = NOT_COMPILED_IN;
+ #endif
+ }
+
+ return ret;
+}
+
+/* Enable the must use OCSP Stapling option.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerEnableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPMustStaple");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ #ifndef NO_WOLFSSL_CLIENT
+ /* Enable must use OCSP Stapling option. */
+ cm->ocspMustStaple = 1;
+ #endif
+#else
+ /* OCSP stapling feature not enabled. */
+ ret = NOT_COMPILED_IN;
+#endif
+ }
+
+ return ret;
+}
+
+/* Disable the must use OCSP Stapling option.
+ *
+ * @param [in] cm Certificate manager.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPMustStaple");
+
+ /* Validate parameter. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ #ifndef NO_WOLFSSL_CLIENT
+ /* Disable must use OCSP Stapling option. */
+ cm->ocspMustStaple = 0;
+ #endif
+#else
+ /* OCSP stapling feature not enabled. */
+ ret = NOT_COMPILED_IN;
+#endif
+ }
+
+ return ret;
+}
+
+#ifdef HAVE_OCSP
+/* Check DER encoded certificate against with OCSP if checking enabled.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] der DER encode certificate.
+ * @param [in] sz Size in bytes of DER encode certificate.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or der is NULL or sz is negative or 0.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ */
+int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
+ const unsigned char* der, int sz)
+{
+ int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+ DecodedCert* cert = NULL;
+#else
+ DecodedCert cert[1];
+#endif
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (der == NULL) || (sz <= 0)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Check if OCSP checking enabled. */
+ if ((ret == 0) && cm->ocspEnabled) {
+ #ifdef WOLFSSL_SMALL_STACK
+ /* Allocate memory for decoded certificate. */
+ cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
+ DYNAMIC_TYPE_DCERT);
+ if (cert == NULL) {
+ ret = MEMORY_E;
+ }
+ if (ret == 0)
+ #endif
+ {
+ /* Initialize decoded certificate with buffer. */
+ InitDecodedCert(cert, der, (word32)sz, NULL);
+
+ /* Parse certificate and perform CRL checks. */
+ ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm);
+ if (ret != 0) {
+ WOLFSSL_MSG("ParseCert failed");
+ }
+ /* Do OCSP checks with decoded certificate. */
+ else if ((ret = CheckCertOCSP(cm->ocsp, cert)) != 0) {
+ WOLFSSL_MSG("CheckCertOCSP failed");
+ }
+
+ /* Dispose of dynamically allocated memory. */
+ FreeDecodedCert(cert);
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
+ #endif
+ }
+ }
+
+ return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Check OCSP response.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] response Buffer holding OCSP response.
+ * @param [in] responseSz Size in bytes of OCSP response.
+ * @param [in] responseBuffer Buffer to copy response into.
+ * @param [in] status Place to store certificate status.
+ * @param [in] entry Place to store OCSP entry.
+ * @param [in] ocspRequest OCSP request to match with response.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm or response is NULL.
+ */
+int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *cm,
+ byte *response, int responseSz, buffer *responseBuffer,
+ CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest)
+{
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSPResponse");
+
+ /* Validate parameters. */
+ if ((cm == NULL) || (response == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+ if ((ret == 0) && cm->ocspEnabled) {
+ /* Check OCSP response with OCSP object from certificate manager. */
+ ret = CheckOcspResponse(cm->ocsp, response, responseSz, responseBuffer,
+ status, entry, ocspRequest, NULL);
+ }
+
+ return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Set the OCSP override URL.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] url URL to get an OCSP response from.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ */
+int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
+ const char* url)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSPOverrideURL");
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Dispose of old URL. */
+ XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
+ if (url != NULL) {
+ /* Calculate size of URL string. Include terminator character. */
+ int urlSz = (int)XSTRLEN(url) + 1;
+ /* Allocate memory for URL to be copied into. */
+ cm->ocspOverrideURL = (char*)XMALLOC((size_t)urlSz, cm->heap,
+ DYNAMIC_TYPE_URL);
+ if (cm->ocspOverrideURL == NULL) {
+ ret = MEMORY_E;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Copy URL into certificate manager. */
+ XMEMCPY(cm->ocspOverrideURL, url, (size_t)urlSz);
+ }
+ }
+ else {
+ /* No URL to set so make it NULL. */
+ cm->ocspOverrideURL = NULL;
+ }
+ }
+
+ return ret;
+}
+
+/* Set the OCSP I/O callback, OCSP response free callback and related data.
+ *
+ * @param [in] cm Certificate manager.
+ * @param [in] ioCb OCSP callback.
+ * @param [in] respFreeCb Callback to free OCSP response buffer.
+ * @param [in] ioCbCtx Context data to pass to OCSP callbacks.
+ * @return WOLFSSL_SUCCESS on success.
+ * @return BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm, CbOCSPIO ioCb,
+ CbOCSPRespFree respFreeCb, void* ioCbCtx)
+{
+ int ret = WOLFSSL_SUCCESS;
+
+ WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSP_Cb");
+
+ /* Validate parameters. */
+ if (cm == NULL) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ /* Set callbacks and data into certificate manager. */
+ cm->ocspIOCb = ioCb;
+ cm->ocspRespFreeCb = respFreeCb;
+ cm->ocspIOCtx = ioCbCtx;
+ }
+
+ return ret;
+}
+
+#endif /* HAVE_OCSP */
+
+#endif /* NO_CERTS */
+
+#endif /* !WOLFSSL_SSL_CERTMAN_INCLUDED */
diff --git a/extra/wolfssl/wolfssl/src/ssl_crypto.c b/extra/wolfssl/wolfssl/src/ssl_crypto.c
new file mode 100644
index 00000000..3c73b88f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/src/ssl_crypto.c
@@ -0,0 +1,3499 @@
+/* ssl_crypto.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef WOLFSSL_SSL_CRYPTO_INCLUDED
+ #ifndef WOLFSSL_IGNORE_FILE_WARN
+ #warning ssl_crypto.c does not need to be compiled separately from ssl.c
+ #endif
+#else
+
+/*******************************************************************************
+ * START OF Digest APIs
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+#ifndef NO_MD4
+/* Initialize MD4 hash operation.
+ *
+ * @param [in, out] md4 MD4 context object.
+ */
+void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4)
+{
+ /* Ensure WOLFSSL_MD4_CTX is big enough for wolfCrypt Md4. */
+ typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1];
+ (void)sizeof(ok);
+
+ WOLFSSL_ENTER("MD4_Init");
+
+ /* Initialize wolfCrypt MD4 object. */
+ wc_InitMd4((Md4*)md4);
+}
+
+/* Update MD4 hash with data.
+ *
+ * @param [in, out] md4 MD4 context object.
+ * @param [in] data Data to be hashed.
+ * @param [in] len Length of data in bytes.
+ */
+void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
+ unsigned long len)
+{
+ WOLFSSL_ENTER("MD4_Update");
+
+ /* Update wolfCrypt MD4 object with data. */
+ wc_Md4Update((Md4*)md4, (const byte*)data, (word32)len);
+}
+
+/* Finalize MD4 hash and return output.
+ *
+ * @param [out] digest Hash output.
+ * Must be able to hold MD4_DIGEST_SIZE bytes.
+ * @param [in, out] md4 MD4 context object.
+ */
+void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4)
+{
+ WOLFSSL_ENTER("MD4_Final");
+
+ /* Finalize wolfCrypt MD4 hash into digest. */
+ wc_Md4Final((Md4*)md4, digest);
+}
+
+#endif /* NO_MD4 */
+#endif /* OPENSSL_EXTRA */
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
+#ifndef NO_MD5
+/* Initialize MD5 hash operation.
+ *
+ * @param [in, out] md5 MD5 context object.
+ * @return 1 on success.
+ * @return 0 when md5 is NULL.
+ */
+int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5)
+{
+ /* Ensure WOLFSSL_MD5_CTX is big enough for wolfCrypt wc_Md5. */
+ typedef char md5_test[sizeof(WOLFSSL_MD5_CTX) >= sizeof(wc_Md5) ? 1 : -1];
+ (void)sizeof(md5_test);
+
+ WOLFSSL_ENTER("MD5_Init");
+
+ /* Initialize wolfCrypt MD5 object. */
+ return wc_InitMd5((wc_Md5*)md5) == 0;
+}
+
+/* Update MD5 hash with data.
+ *
+ * @param [in, out] md5 MD5 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when md5 is NULL.
+ */
+int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("MD5_Update");
+
+ /* Update wolfCrypt MD5 object with data. */
+ return wc_Md5Update((wc_Md5*)md5, (const byte*)input, (word32)sz) == 0;
+}
+
+/* Finalize MD5 hash and return output.
+ *
+ * @param [out] digest Hash output.
+ * Must be able to hold MD5_DIGEST_SIZE bytes.
+ * @param [in, out] md5 MD5 context object.
+ * @return 1 on success.
+ * @return 0 when md5 or output is NULL.
+ */
+int wolfSSL_MD5_Final(byte* output, WOLFSSL_MD5_CTX* md5)
+{
+ int ret;
+
+ WOLFSSL_ENTER("MD5_Final");
+
+ /* Finalize wolfCrypt MD5 hash into output. */
+ ret = (wc_Md5Final((wc_Md5*)md5, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include MD5_Free(). */
+ wc_Md5Free((wc_Md5*)md5);
+
+ return ret;
+}
+
+/* Apply MD5 transformation to the data.
+ *
+ * 'data' has words reversed in this function when big endian.
+ *
+ * @param [in, out] md5 MD5 context object.
+ * @param [in, out] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when md5 or data is NULL.
+ */
+int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX* md5, const unsigned char* data)
+{
+ WOLFSSL_ENTER("MD5_Transform");
+
+#if defined(BIG_ENDIAN_ORDER)
+ /* Byte reversal done outside transform. */
+ if ((md5 != NULL) && (data != NULL)) {
+ ByteReverseWords((word32*)data, (word32*)data, WC_MD5_BLOCK_SIZE);
+ }
+#endif
+ /* Transform block of data with wolfCrypt MD5 object. */
+ return wc_Md5Transform((wc_Md5*)md5, data) == 0;
+}
+
+/* One shot MD5 hash of data.
+ *
+ * When hash is null, a static buffer of MD5_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in] data Data to be hashed.
+ * @param [in] len Length of data in bytes.
+ * @param [out] hash Buffer to hold digest. May be NULL.
+ * Must be able to hold MD5_DIGEST_SIZE bytes.
+ * @return Buffer holding hash on success.
+ * @return NULL when hashing fails.
+ */
+unsigned char* wolfSSL_MD5(const unsigned char* data, size_t len,
+ unsigned char* hash)
+{
+ /* Buffer to use when hash is NULL. */
+ static unsigned char dgst[WC_MD5_DIGEST_SIZE];
+
+ WOLFSSL_ENTER("wolfSSL_MD5");
+
+ /* Ensure buffer available for digest result. */
+ if (hash == NULL) {
+ hash = dgst;
+ }
+ /* One shot MD5 hash with wolfCrypt. */
+ if (wc_Md5Hash(data, (word32)len, hash) != 0) {
+ WOLFSSL_MSG("wc_Md5Hash error");
+ hash = NULL;
+ }
+
+ return hash;
+}
+#endif /* !NO_MD5 */
+
+#ifndef NO_SHA
+/* Initialize SHA hash operation.
+ *
+ * @param [in, out] sha SHA context object.
+ * @return 1 on success.
+ * @return 0 when sha is NULL.
+ */
+int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha)
+{
+ /* Ensure WOLFSSL_SHA_CTX is big enough for wolfCrypt wc_Sha. */
+ typedef char sha_test[sizeof(WOLFSSL_SHA_CTX) >= sizeof(wc_Sha) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA_Init");
+
+ /* Initialize wolfCrypt SHA object. */
+ return wc_InitSha((wc_Sha*)sha) == 0;
+}
+
+/* Update SHA hash with data.
+ *
+ * @param [in, out] sha SHA context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when md5 is NULL.
+ */
+int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA_Update");
+
+ /* Update wolfCrypt SHA object with data. */
+ return wc_ShaUpdate((wc_Sha*)sha, (const byte*)input, (word32)sz) == 0;
+}
+
+/* Finalize SHA hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA_DIGEST_SIZE bytes.
+ * @param [in, out] sha SHA context object.
+ * @return 1 on success.
+ * @return 0 when sha or output is NULL.
+ */
+int wolfSSL_SHA_Final(byte* output, WOLFSSL_SHA_CTX* sha)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA_Final");
+
+ /* Finalize wolfCrypt SHA hash into output. */
+ ret = (wc_ShaFinal((wc_Sha*)sha, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA_Free(). */
+ wc_ShaFree((wc_Sha*)sha);
+
+ return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA transformation to the data.
+ *
+ * 'data' has words reversed in this function when little endian.
+ *
+ * @param [in, out] sha SHA context object.
+ * @param [in, out] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when sha or data is NULL.
+ */
+int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX* sha, const unsigned char* data)
+{
+ WOLFSSL_ENTER("SHA_Transform");
+
+#if defined(LITTLE_ENDIAN_ORDER)
+ /* Byte reversal done outside transform. */
+ if ((sha != NULL) && (data != NULL)) {
+ ByteReverseWords((word32*)data, (word32*)data, WC_SHA_BLOCK_SIZE);
+ }
+#endif
+ /* Transform block of data with wolfCrypt SHA object. */
+ return wc_ShaTransform((wc_Sha*)sha, data) == 0;
+}
+#endif
+
+/* Initialize SHA-1 hash operation.
+ *
+ * @param [in, out] sha SHA context object.
+ * @return 1 on success.
+ * @return 0 when sha is NULL.
+ */
+int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha)
+{
+ WOLFSSL_ENTER("SHA1_Init");
+
+ return SHA_Init(sha);
+}
+
+
+/* Update SHA-1 hash with data.
+ *
+ * @param [in, out] sha SHA context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha is NULL.
+ */
+int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA1_Update");
+
+ return SHA_Update(sha, input, sz);
+}
+
+/* Finalize SHA-1 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA_DIGEST_SIZE bytes.
+ * @param [in, out] sha SHA context object.
+ * @return 1 on success.
+ * @return 0 when sha or output is NULL.
+ */
+int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha)
+{
+ WOLFSSL_ENTER("SHA1_Final");
+
+ return SHA_Final(output, sha);
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA-1 transformation to the data.
+ *
+ * 'data' has words reversed in this function when little endian.
+ *
+ * @param [in, out] sha SHA context object.
+ * @param [in, out] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when sha or data is NULL.
+ */
+int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha, const unsigned char* data)
+{
+ WOLFSSL_ENTER("SHA1_Transform");
+
+ return wolfSSL_SHA_Transform(sha, data);
+}
+#endif
+#endif /* !NO_SHA */
+
+#ifndef NO_SHA256
+#ifdef WOLFSSL_SHA224
+/* Initialize SHA-224 hash operation.
+ *
+ * @param [in, out] sha224 SHA-224 context object.
+ * @return 1 on success.
+ * @return 0 when sha224 is NULL.
+ */
+int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha224)
+{
+ /* Ensure WOLFSSL_SHA224_CTX is big enough for wolfCrypt wc_Sha224. */
+ typedef char sha_test[sizeof(SHA224_CTX) >= sizeof(wc_Sha224) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA224_Init");
+
+ /* Initialize wolfCrypt SHA-224 object. */
+ return wc_InitSha224((wc_Sha224*)sha224) == 0;
+}
+
+/* Update SHA-224 hash with data.
+ *
+ * @param [in, out] sha224 SHA-224 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha224 is NULL.
+ */
+int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha224, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA224_Update");
+
+ /* Update wolfCrypt SHA-224 object with data. */
+ return wc_Sha224Update((wc_Sha224*)sha224, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA-224 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA224_DIGEST_SIZE bytes.
+ * @param [in, out] sha224 SHA-224 context object.
+ * @return 1 on success.
+ * @return 0 when sha224 or output is NULL.
+ */
+int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha224)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA224_Final");
+
+ /* Finalize wolfCrypt SHA-224 hash into output. */
+ ret = (wc_Sha224Final((wc_Sha224*)sha224, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA224_Free(). */
+ wc_Sha224Free((wc_Sha224*)sha224);
+
+ return ret;
+}
+
+#endif /* WOLFSSL_SHA224 */
+
+/* Initialize SHA-256 hash operation.
+ *
+ * @param [in, out] sha256 SHA-256 context object.
+ * @return 1 on success.
+ * @return 0 when sha256 is NULL.
+ */
+int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256)
+{
+ /* Ensure WOLFSSL_SHA256_CTX is big enough for wolfCrypt wc_Sha256. */
+ typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(wc_Sha256) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA256_Init");
+
+ /* Initialize wolfCrypt SHA-256 object. */
+ return wc_InitSha256((wc_Sha256*)sha256) == 0;
+}
+
+/* Update SHA-256 hash with data.
+ *
+ * @param [in, out] sha256 SHA-256 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha256 is NULL.
+ */
+int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha256, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA256_Update");
+
+ /* Update wolfCrypt SHA-256 object with data. */
+ return wc_Sha256Update((wc_Sha256*)sha256, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA-256 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA256_DIGEST_SIZE bytes.
+ * @param [in, out] sha256 SHA-256 context object.
+ * @return 1 on success.
+ * @return 0 when sha256 or output is NULL.
+ */
+int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha256)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA256_Final");
+
+ /* Finalize wolfCrypt SHA-256 hash into output. */
+ ret = (wc_Sha256Final((wc_Sha256*)sha256, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA256_Free(). */
+ wc_Sha256Free((wc_Sha256*)sha256);
+
+ return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+ !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
+ !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
+/* Apply SHA-256 transformation to the data.
+ *
+ * 'data' has words reversed in this function when little endian.
+ *
+ * @param [in, out] sha256 SHA256 context object.
+ * @param [in, out] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when sha256 or data is NULL.
+ */
+int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256,
+ const unsigned char* data)
+{
+ WOLFSSL_ENTER("SHA256_Transform");
+
+#if defined(LITTLE_ENDIAN_ORDER)
+ /* Byte reversal done outside transform. */
+ if ((sha256 != NULL) && (data != NULL)) {
+ ByteReverseWords((word32*)data, (word32*)data, WC_SHA256_BLOCK_SIZE);
+ }
+#endif
+ /* Transform block of data with wolfCrypt SHA-256 object. */
+ return wc_Sha256Transform((wc_Sha256*)sha256, data) == 0;
+}
+#endif
+#endif /* !NO_SHA256 */
+
+#ifdef WOLFSSL_SHA384
+
+/* Initialize SHA-384 hash operation.
+ *
+ * @param [in, out] sha384 SHA-384 context object.
+ * @return 1 on success.
+ * @return 0 when sha384 is NULL.
+ */
+int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha384)
+{
+ /* Ensure WOLFSSL_SHA384_CTX is big enough for wolfCrypt wc_Sha384. */
+ typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(wc_Sha384) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA384_Init");
+
+ /* Initialize wolfCrypt SHA-384 object. */
+ return wc_InitSha384((wc_Sha384*)sha384) == 0;
+}
+
+/* Update SHA-384 hash with data.
+ *
+ * @param [in, out] sha384 SHA-384 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha384 is NULL.
+ */
+int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha384, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA384_Update");
+
+ /* Update wolfCrypt SHA-384 object with data. */
+ return wc_Sha384Update((wc_Sha384*)sha384, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA-384 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA384_DIGEST_SIZE bytes.
+ * @param [in, out] sha384 SHA-384 context object.
+ * @return 1 on success.
+ * @return 0 when sha384 or output is NULL.
+ */
+int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha384)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA384_Final");
+
+ /* Finalize wolfCrypt SHA-384 hash into output. */
+ ret = (wc_Sha384Final((wc_Sha384*)sha384, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA384_Free(). */
+ wc_Sha384Free((wc_Sha384*)sha384);
+
+ return ret;
+}
+#endif /* WOLFSSL_SHA384 */
+
+#ifdef WOLFSSL_SHA512
+/* Initialize SHA-512 hash operation.
+ *
+ * @param [in, out] sha512 SHA-512 context object.
+ * @return 1 on success.
+ * @return 0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha512)
+{
+ /* Ensure WOLFSSL_SHA512_CTX is big enough for wolfCrypt wc_Sha512. */
+ typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(wc_Sha512) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA512_Init");
+
+ /* Initialize wolfCrypt SHA-512 object. */
+ return wc_InitSha512((wc_Sha512*)sha512) == 0;
+}
+
+/* Update SHA-512 hash with data.
+ *
+ * @param [in, out] sha512 SHA-512 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha512, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA512_Update");
+
+ /* Update wolfCrypt SHA-512 object with data. */
+ return wc_Sha512Update((wc_Sha512*)sha512, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA-512 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA512_DIGEST_SIZE bytes.
+ * @param [in, out] sha512 SHA-512 context object.
+ * @return 1 on success.
+ * @return 0 when sha512 or output is NULL.
+ */
+int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha512)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA512_Final");
+
+ /* Finalize wolfCrypt SHA-512 hash into output. */
+ ret = (wc_Sha512Final((wc_Sha512*)sha512, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA512_Free(). */
+ wc_Sha512Free((wc_Sha512*)sha512);
+
+ return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+ !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
+/* Apply SHA-512 transformation to the data.
+ *
+ * @param [in, out] sha512 SHA512 context object.
+ * @param [in] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when sha512 or data is NULL.
+ */
+int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
+ const unsigned char* data)
+{
+ WOLFSSL_ENTER("SHA512_Transform");
+
+ /* Transform block of data with wolfCrypt SHA-512 object. */
+ return wc_Sha512Transform((wc_Sha512*)sha512, data) == 0;
+}
+#endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION > 2)) && !WOLFSSL_KCAPI_HASH */
+
+#if !defined(WOLFSSL_NOSHA512_224) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+/* Initialize SHA-512-224 hash operation.
+ *
+ * @param [in, out] sha512 SHA-512-224 context object.
+ * @return 1 on success.
+ * @return 0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_224_CTX* sha512)
+{
+ WOLFSSL_ENTER("SHA512_224_Init");
+
+ /* Initialize wolfCrypt SHA-512-224 object. */
+ return wc_InitSha512_224((wc_Sha512*)sha512) == 0;
+}
+
+/* Update SHA-512-224 hash with data.
+ *
+ * @param [in, out] sha512 SHA-512-224 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha512, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA512_224_Update");
+
+ /* Update wolfCrypt SHA-512-224 object with data. */
+ return wc_Sha512_224Update((wc_Sha512*)sha512, (const byte*)input,
+ (word32)sz) == 0;
+}
+
+/* Finalize SHA-512-224 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA224_DIGEST_SIZE bytes.
+ * @param [in, out] sha512 SHA-512-224 context object.
+ * @return 1 on success.
+ * @return 0 when sha512 or output is NULL.
+ */
+int wolfSSL_SHA512_224_Final(byte* output, WOLFSSL_SHA512_224_CTX* sha512)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA512_224_Final");
+
+ /* Finalize wolfCrypt SHA-512-224 hash into output. */
+ ret = (wc_Sha512_224Final((wc_Sha512*)sha512, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA512_224_Free(). */
+ wc_Sha512_224Free((wc_Sha512*)sha512);
+
+ return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA-512-224 transformation to the data.
+ *
+ * @param [in, out] sha512 SHA512 context object.
+ * @param [in] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when sha512 or data is NULL.
+ */
+int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
+ const unsigned char* data)
+{
+ WOLFSSL_ENTER("SHA512_224_Transform");
+
+ /* Transform block of data with wolfCrypt SHA-512-224 object. */
+ return wc_Sha512_224Transform((wc_Sha512*)sha512, data) == 0;
+}
+#endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION > 2)) */
+
+#endif /* !WOLFSSL_NOSHA512_224 && !FIPS ... */
+
+#if !defined(WOLFSSL_NOSHA512_256) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+/* Initialize SHA-512-256 hash operation.
+ *
+ * @param [in, out] sha512 SHA-512-256 context object.
+ * @return 1 on success.
+ * @return 0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_256_CTX* sha)
+{
+ WOLFSSL_ENTER("SHA512_256_Init");
+
+ /* Initialize wolfCrypt SHA-512-256 object. */
+ return wc_InitSha512_256((wc_Sha512*)sha) == 0;
+}
+
+/* Update SHA-512-256 hash with data.
+ *
+ * @param [in, out] sha512 SHA-512-256 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha512, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA512_256_Update");
+
+ /* Update wolfCrypt SHA-512-256 object with data. */
+ return wc_Sha512_256Update((wc_Sha512*)sha512, (const byte*)input,
+ (word32)sz) == 0;
+}
+
+/* Finalize SHA-512-256 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA256_DIGEST_SIZE bytes.
+ * @param [in, out] sha512 SHA-512-256 context object.
+ * @return 1 on success.
+ * @return 0 when sha512 or output is NULL.
+ */
+int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha512)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA512_256_Final");
+
+ /* Finalize wolfCrypt SHA-512-256 hash into output. */
+ ret = (wc_Sha512_256Final((wc_Sha512*)sha512, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA512_256_Free(). */
+ wc_Sha512_224Free((wc_Sha512*)sha512);
+
+ return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA-512-256 transformation to the data.
+ *
+ * @param [in, out] sha512 SHA512 context object.
+ * @param [in] data One block of data to be hashed.
+ * @return 1 on success.
+ * @return 0 when sha512 or data is NULL.
+ */
+int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
+ const unsigned char* data)
+{
+ WOLFSSL_ENTER("SHA512_256_Transform");
+
+ /* Transform block of data with wolfCrypt SHA-512-256 object. */
+ return wc_Sha512_256Transform((wc_Sha512*)sha512, data) == 0;
+}
+#endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION > 2)) */
+#endif /* !WOLFSSL_NOSHA512_256 && !FIPS ... */
+#endif /* WOLFSSL_SHA512 */
+
+#ifdef WOLFSSL_SHA3
+#ifndef WOLFSSL_NOSHA3_224
+/* Initialize SHA3-224 hash operation.
+ *
+ * @param [in, out] sha3_224 SHA3-224 context object.
+ * @return 1 on success.
+ * @return 0 when sha3_224 is NULL.
+ */
+int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha3_224)
+{
+ /* Ensure WOLFSSL_SHA3_224_CTX is big enough for wolfCrypt wc_Sha3. */
+ typedef char sha_test[sizeof(SHA3_224_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA3_224_Init");
+
+ /* Initialize wolfCrypt SHA3-224 object. */
+ return wc_InitSha3_224((wc_Sha3*)sha3_224, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-224 hash with data.
+ *
+ * @param [in, out] sha3 SHA3-224 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX* sha3, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA3_224_Update");
+
+ /* Update wolfCrypt SHA3-224 object with data. */
+ return wc_Sha3_224_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA3-224 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA3_224_DIGEST_SIZE bytes.
+ * @param [in, out] sha3 SHA3-224 context object.
+ * @return 1 on success.
+ * @return 0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_224_Final(byte* output, WOLFSSL_SHA3_224_CTX* sha3)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA3_224_Final");
+
+ /* Finalize wolfCrypt SHA3-224 hash into output. */
+ ret = (wc_Sha3_224_Final((wc_Sha3*)sha3, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA3_224_Free(). */
+ wc_Sha3_224_Free((wc_Sha3*)sha3);
+
+ return ret;
+}
+#endif /* WOLFSSL_NOSHA3_224 */
+
+#ifndef WOLFSSL_NOSHA3_256
+/* Initialize SHA3-256 hash operation.
+ *
+ * @param [in, out] sha3_256 SHA3-256 context object.
+ * @return 1 on success.
+ * @return 0 when sha3_256 is NULL.
+ */
+int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha3_256)
+{
+ /* Ensure WOLFSSL_SHA3_256_CTX is big enough for wolfCrypt wc_Sha3. */
+ typedef char sha_test[sizeof(SHA3_256_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA3_256_Init");
+
+ /* Initialize wolfCrypt SHA3-256 object. */
+ return wc_InitSha3_256((wc_Sha3*)sha3_256, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-256 hash with data.
+ *
+ * @param [in, out] sha3 SHA3-256 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX* sha3, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA3_256_Update");
+
+ /* Update wolfCrypt SHA3-256 object with data. */
+ return wc_Sha3_256_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA3-256 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA3_256_DIGEST_SIZE bytes.
+ * @param [in, out] sha3 SHA3-256 context object.
+ * @return 1 on success.
+ * @return 0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_256_Final(byte* output, WOLFSSL_SHA3_256_CTX* sha3)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA3_256_Final");
+
+ /* Finalize wolfCrypt SHA3-256 hash into output. */
+ ret = (wc_Sha3_256_Final((wc_Sha3*)sha3, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA3_256_Free(). */
+ wc_Sha3_256_Free((wc_Sha3*)sha3);
+
+ return ret;
+}
+#endif /* WOLFSSL_NOSHA3_256 */
+
+#ifndef WOLFSSL_NOSHA3_384
+/* Initialize SHA3-384 hash operation.
+ *
+ * @param [in, out] sha3_384 SHA3-384 context object.
+ * @return 1 on success.
+ * @return 0 when sha3_384 is NULL.
+ */
+int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha3_384)
+{
+ /* Ensure WOLFSSL_SHA3_384_CTX is big enough for wolfCrypt wc_Sha3. */
+ typedef char sha_test[sizeof(SHA3_384_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA3_384_Init");
+
+ /* Initialize wolfCrypt SHA3-384 object. */
+ return wc_InitSha3_384((wc_Sha3*)sha3_384, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-384 hash with data.
+ *
+ * @param [in, out] sha3 SHA3-384 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX* sha3, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA3_384_Update");
+
+ /* Update wolfCrypt SHA3-384 object with data. */
+ return wc_Sha3_384_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA3-384 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA3_384_DIGEST_SIZE bytes.
+ * @param [in, out] sha3 SHA3-384 context object.
+ * @return 1 on success.
+ * @return 0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_384_Final(byte* output, WOLFSSL_SHA3_384_CTX* sha3)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA3_384_Final");
+
+ /* Finalize wolfCrypt SHA3-384 hash into output. */
+ ret = (wc_Sha3_384_Final((wc_Sha3*)sha3, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA3_384_Free(). */
+ wc_Sha3_384_Free((wc_Sha3*)sha3);
+
+ return ret;
+}
+#endif /* WOLFSSL_NOSHA3_384 */
+
+#ifndef WOLFSSL_NOSHA3_512
+/* Initialize SHA3-512 hash operation.
+ *
+ * @param [in, out] sha3_512 SHA3-512 context object.
+ * @return 1 on success.
+ * @return 0 when sha3_512 is NULL.
+ */
+int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha3_512)
+{
+ /* Ensure WOLFSSL_SHA3_512_CTX is big enough for wolfCrypt wc_Sha3. */
+ typedef char sha_test[sizeof(SHA3_512_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+ (void)sizeof(sha_test);
+
+ WOLFSSL_ENTER("SHA3_512_Init");
+
+ /* Initialize wolfCrypt SHA3-512 object. */
+ return wc_InitSha3_512((wc_Sha3*)sha3_512, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-512 hash with data.
+ *
+ * @param [in, out] sha3 SHA3-512 context object.
+ * @param [in] input Data to be hashed.
+ * @param [in] sz Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX* sha3, const void* input,
+ unsigned long sz)
+{
+ WOLFSSL_ENTER("SHA3_512_Update");
+
+ /* Update wolfCrypt SHA3-512 object with data. */
+ return wc_Sha3_512_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+ == 0;
+}
+
+/* Finalize SHA3-512 hash and return output.
+ *
+ * @param [out] output Hash output.
+ * Must be able to hold SHA3_512_DIGEST_SIZE bytes.
+ * @param [in, out] sha3 SHA3-512 context object.
+ * @return 1 on success.
+ * @return 0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_512_Final(byte* output, WOLFSSL_SHA3_512_CTX* sha3)
+{
+ int ret;
+
+ WOLFSSL_ENTER("SHA3_512_Final");
+
+ /* Finalize wolfCrypt SHA3-512 hash into output. */
+ ret = (wc_Sha3_512_Final((wc_Sha3*)sha3, output) == 0);
+ /* Free resources here, as OpenSSL API doesn't include SHA3_512_Free(). */
+ wc_Sha3_512_Free((wc_Sha3*)sha3);
+
+ return ret;
+}
+#endif /* WOLFSSL_NOSHA3_512 */
+#endif /* WOLFSSL_SHA3 */
+#endif /* OPENSSL_EXTRA || HAVE_CURL */
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
+ defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
+ defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
+ defined(WOLFSSL_HAPROXY)
+
+#ifndef NO_SHA
+/* One shot SHA1 hash of data.
+ *
+ * When hash is null, a static buffer of SHA_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in] data Data to hash.
+ * @param [in] len Size of data in bytes.
+ * @param [out] hash Buffer to hold digest. May be NULL.
+ * Must be able to hold SHA_DIGEST_SIZE bytes.
+ * @return Buffer holding hash on success.
+ * @return NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA1(const unsigned char* data, size_t len,
+ unsigned char* hash)
+{
+ /* Buffer to use when hash is NULL. */
+ static byte dgst[WC_SHA_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ wc_Sha* sha;
+#else
+ wc_Sha sha[1];
+#endif
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_SHA1");
+
+ /* Use static buffer if none passed in. */
+ if (hash == NULL) {
+ WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA1 IS NOT "
+ "THREAD SAFE WHEN hash == NULL");
+ hash = dgst;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Allocate dynamic memory for a wolfSSL SHA object. */
+ sha = (wc_Sha*)XMALLOC(sizeof(wc_Sha), NULL, DYNAMIC_TYPE_DIGEST);
+ if (sha == NULL) {
+ ret = MEMORY_E;
+ }
+#endif
+
+ if (ret == 0) {
+ /* Initialize wolfCrypt SHA object. */
+ ret = wc_InitSha_ex(sha, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA1 Init failed");
+ hash = NULL;
+ }
+ }
+ if (ret == 0) {
+ /* Update wolfCrypt SHA object with data. */
+ ret = wc_ShaUpdate(sha, (const byte*)data, (word32)len);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA1 Update failed");
+ hash = NULL;
+ }
+
+ if (ret == 0) {
+ /* Finalize wolfCrypt SHA hash into hash. */
+ ret = wc_ShaFinal(sha, hash);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA1 Final failed");
+ hash = NULL;
+ }
+ }
+ /* Dispose of dynamic memory associated with SHA object. */
+ wc_ShaFree(sha);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Free dynamic memory of a wolfSSL SHA object. */
+ XFREE(sha, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+ return hash;
+}
+#endif /* ! NO_SHA */
+
+#ifdef WOLFSSL_SHA224
+/* One shot SHA-224 hash of data.
+ *
+ * When hash is null, a static buffer of SHA224_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in] data Data to hash.
+ * @param [in] len Size of data in bytes.
+ * @param [out] hash Buffer to hold digest. May be NULL.
+ * Must be able to hold SHA224_DIGEST_SIZE bytes.
+ * @return Buffer holding hash on success.
+ * @return NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA224(const unsigned char* data, size_t len,
+ unsigned char* hash)
+{
+ /* Buffer to use when hash is NULL. */
+ static byte dgst[WC_SHA224_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ wc_Sha224* sha224;
+#else
+ wc_Sha224 sha224[1];
+#endif
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_SHA224");
+
+ /* Use static buffer if none passed in. */
+ if (hash == NULL) {
+ WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA224 IS NOT "
+ "THREAD SAFE WHEN hash == NULL");
+ hash = dgst;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Allocate dynamic memory for a wolfSSL SHA-224 object. */
+ sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL, DYNAMIC_TYPE_DIGEST);
+ if (sha224 == NULL) {
+ ret = MEMORY_E;
+ }
+#endif
+
+ if (ret == 0) {
+ /* Initialize wolfCrypt SHA224 object. */
+ ret = wc_InitSha224_ex(sha224, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA224 Init failed");
+ hash = NULL;
+ }
+ }
+ if (ret == 0) {
+ /* Update wolfCrypt SHA-224 object with data. */
+ ret = wc_Sha224Update(sha224, (const byte*)data, (word32)len);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA224 Update failed");
+ hash = NULL;
+ }
+
+ if (ret == 0) {
+ /* Finalize wolfCrypt SHA-224 hash into hash. */
+ ret = wc_Sha224Final(sha224, hash);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA224 Final failed");
+ hash = NULL;
+ }
+ }
+ /* Dispose of dynamic memory associated with SHA-224 object. */
+ wc_Sha224Free(sha224);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Free dynamic memory of a wolfSSL SHA-224 object. */
+ XFREE(sha224, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+ return hash;
+}
+#endif
+
+#ifndef NO_SHA256
+/* One shot SHA-256 hash of data.
+ *
+ * When hash is null, a static buffer of SHA256_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in] data Data to hash.
+ * @param [in] len Size of data in bytes.
+ * @param [out] hash Buffer to hold digest. May be NULL.
+ * Must be able to hold SHA256_DIGEST_SIZE bytes.
+ * @return Buffer holding hash on success.
+ * @return NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA256(const unsigned char* data, size_t len,
+ unsigned char* hash)
+{
+ /* Buffer to use when hash is NULL. */
+ static byte dgst[WC_SHA256_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ wc_Sha256* sha256;
+#else
+ wc_Sha256 sha256[1];
+#endif
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_SHA256");
+
+ /* Use static buffer if none passed in. */
+ if (hash == NULL) {
+ WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA256 IS NOT "
+ "THREAD SAFE WHEN hash == NULL");
+ hash = dgst;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Allocate dynamic memory for a wolfSSL SHA-256 object. */
+ sha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, DYNAMIC_TYPE_DIGEST);
+ if (sha256 == NULL) {
+ ret = MEMORY_E;
+ }
+#endif
+
+ if (ret == 0) {
+ /* Initialize wolfCrypt SHA256 object. */
+ ret = wc_InitSha256_ex(sha256, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA256 Init failed");
+ hash = NULL;
+ }
+ }
+ if (ret == 0) {
+ /* Update wolfCrypt SHA-256 object with data. */
+ ret = wc_Sha256Update(sha256, (const byte*)data, (word32)len);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA256 Update failed");
+ hash = NULL;
+ }
+
+ if (ret == 0) {
+ /* Finalize wolfCrypt SHA-256 hash into hash. */
+ ret = wc_Sha256Final(sha256, hash);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA256 Final failed");
+ hash = NULL;
+ }
+ }
+ /* Dispose of dynamic memory associated with SHA-256 object. */
+ wc_Sha256Free(sha256);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Free dynamic memory of a wolfSSL SHA object. */
+ XFREE(sha256, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+ return hash;
+}
+#endif /* ! NO_SHA256 */
+
+#ifdef WOLFSSL_SHA384
+/* One shot SHA-384 hash of data.
+ *
+ * When hash is null, a static buffer of SHA384_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in] data Data to hash.
+ * @param [in] len Size of data in bytes.
+ * @param [out] hash Buffer to hold digest. May be NULL.
+ * Must be able to hold SHA384_DIGEST_SIZE bytes.
+ * @return Buffer holding hash on success.
+ * @return NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA384(const unsigned char* data, size_t len,
+ unsigned char* hash)
+{
+ /* Buffer to use when hash is NULL. */
+ static byte dgst[WC_SHA384_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ wc_Sha384* sha384;
+#else
+ wc_Sha384 sha384[1];
+#endif
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_SHA384");
+
+ /* Use static buffer if none passed in. */
+ if (hash == NULL) {
+ WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA384 IS NOT "
+ "THREAD SAFE WHEN hash == NULL");
+ hash = dgst;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Allocate dynamic memory for a wolfSSL SHA-384 object. */
+ sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), NULL, DYNAMIC_TYPE_DIGEST);
+ if (sha384 == NULL) {
+ ret = MEMORY_E;
+ }
+#endif
+
+ if (ret == 0) {
+ /* Initialize wolfCrypt SHA384 object. */
+ ret = wc_InitSha384_ex(sha384, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA384 Init failed");
+ hash = NULL;
+ }
+ }
+ if (ret == 0) {
+ /* Update wolfCrypt SHA-384 object with data. */
+ ret = wc_Sha384Update(sha384, (const byte*)data, (word32)len);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA384 Update failed");
+ hash = NULL;
+ }
+
+ if (ret == 0) {
+ /* Finalize wolfCrypt SHA-384 hash into hash. */
+ ret = wc_Sha384Final(sha384, hash);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA384 Final failed");
+ hash = NULL;
+ }
+ }
+ /* Dispose of dynamic memory associated with SHA-384 object. */
+ wc_Sha384Free(sha384);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Free dynamic memory of a wolfSSL SHA-384 object. */
+ XFREE(sha384, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+ return hash;
+}
+#endif /* WOLFSSL_SHA384 */
+
+#if defined(WOLFSSL_SHA512)
+/* One shot SHA-512 hash of data.
+ *
+ * When hash is null, a static buffer of SHA512_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in] data Data to hash.
+ * @param [in] len Size of data in bytes.
+ * @param [out] hash Buffer to hold digest. May be NULL.
+ * Must be able to hold SHA512_DIGEST_SIZE bytes.
+ * @return Buffer holding hash on success.
+ * @return NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA512(const unsigned char* data, size_t len,
+ unsigned char* hash)
+{
+ /* Buffer to use when hash is NULL. */
+ static byte dgst[WC_SHA512_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ wc_Sha512* sha512;
+#else
+ wc_Sha512 sha512[1];
+#endif
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_SHA512");
+
+ /* Use static buffer if none passed in. */
+ if (hash == NULL) {
+ WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA512 IS NOT "
+ "THREAD SAFE WHEN hash == NULL");
+ hash = dgst;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Allocate dynamic memory for a wolfSSL SHA-512 object. */
+ sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, DYNAMIC_TYPE_DIGEST);
+ if (sha512 == NULL) {
+ ret = MEMORY_E;
+ }
+#endif
+
+ if (ret == 0) {
+ /* Initialize wolfCrypt SHA512 object. */
+ ret = wc_InitSha512_ex(sha512, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA512 Init failed");
+ hash = NULL;
+ }
+ }
+ if (ret == 0) {
+ /* Update wolfCrypt SHA-512 object with data. */
+ ret = wc_Sha512Update(sha512, (const byte*)data, (word32)len);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA512 Update failed");
+ hash = NULL;
+ }
+
+ if (ret == 0) {
+ /* Finalize wolfCrypt SHA-512 hash into hash. */
+ ret = wc_Sha512Final(sha512, hash);
+ if (ret != 0) {
+ WOLFSSL_MSG("SHA512 Final failed");
+ hash = NULL;
+ }
+ }
+ /* Dispose of dynamic memory associated with SHA-512 object. */
+ wc_Sha512Free(sha512);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Free dynamic memory of a wolfSSL SHA-512 object. */
+ XFREE(sha512, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+ return hash;
+}
+#endif /* WOLFSSL_SHA512 */
+#endif /* OPENSSL_EXTRA || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE ||
+ * HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */
+
+/*******************************************************************************
+ * END OF Digest APIs
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF HMAC API
+ ******************************************************************************/
+
+/* _Internal Hmac object initialization. */
+#define _HMAC_Init _InitHmac
+
+#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
+
+/*
+ * Helper Functions
+ */
+
+/* Copy a wolfSSL HMAC object.
+ *
+ * Requires that hash structures have no dynamic parts to them.
+ *
+ * @param [out] dst Copy into this object.
+ * @param [in] src Copy from this object.
+ * @return 1 on success.
+ * @return 0 on failure.
+ */
+int wolfSSL_HmacCopy(Hmac* dst, Hmac* src)
+{
+ void* heap;
+ int ret = 1;
+
+#ifndef HAVE_FIPS
+ heap = src->heap;
+#else
+ heap = NULL;
+#endif
+
+ /* Initialize the destination object to reset state. */
+ if (wc_HmacInit(dst, heap, 0) != 0) {
+ ret = 0;
+ }
+
+ if (ret == 1) {
+ int rc;
+
+ /* Copy the digest object based on the MAC type. */
+ switch (src->macType) {
+ #ifndef NO_MD5
+ case WC_MD5:
+ rc = wc_Md5Copy(&src->hash.md5, &dst->hash.md5);
+ break;
+ #endif /* !NO_MD5 */
+
+ #ifndef NO_SHA
+ case WC_SHA:
+ rc = wc_ShaCopy(&src->hash.sha, &dst->hash.sha);
+ break;
+ #endif /* !NO_SHA */
+
+ #ifdef WOLFSSL_SHA224
+ case WC_SHA224:
+ rc = wc_Sha224Copy(&src->hash.sha224, &dst->hash.sha224);
+ break;
+ #endif /* WOLFSSL_SHA224 */
+
+ #ifndef NO_SHA256
+ case WC_SHA256:
+ rc = wc_Sha256Copy(&src->hash.sha256, &dst->hash.sha256);
+ break;
+ #endif /* !NO_SHA256 */
+
+ #ifdef WOLFSSL_SHA384
+ case WC_SHA384:
+ rc = wc_Sha384Copy(&src->hash.sha384, &dst->hash.sha384);
+ break;
+ #endif /* WOLFSSL_SHA384 */
+ #ifdef WOLFSSL_SHA512
+ case WC_SHA512:
+ rc = wc_Sha512Copy(&src->hash.sha512, &dst->hash.sha512);
+ break;
+ #endif /* WOLFSSL_SHA512 */
+#ifdef WOLFSSL_SHA3
+ #ifndef WOLFSSL_NOSHA3_224
+ case WC_SHA3_224:
+ rc = wc_Sha3_224_Copy(&src->hash.sha3, &dst->hash.sha3);
+ break;
+ #endif /* WOLFSSL_NO_SHA3_224 */
+ #ifndef WOLFSSL_NOSHA3_256
+ case WC_SHA3_256:
+ rc = wc_Sha3_256_Copy(&src->hash.sha3, &dst->hash.sha3);
+ break;
+ #endif /* WOLFSSL_NO_SHA3_256 */
+ #ifndef WOLFSSL_NOSHA3_384
+ case WC_SHA3_384:
+ rc = wc_Sha3_384_Copy(&src->hash.sha3, &dst->hash.sha3);
+ break;
+ #endif /* WOLFSSL_NO_SHA3_384 */
+ #ifndef WOLFSSL_NOSHA3_512
+ case WC_SHA3_512:
+ rc = wc_Sha3_512_Copy(&src->hash.sha3, &dst->hash.sha3);
+ break;
+ #endif /* WOLFSSL_NO_SHA3_512 */
+#endif /* WOLFSSL_SHA3 */
+
+ default:
+ /* Digest algorithm not supported. */
+ rc = BAD_FUNC_ARG;
+ }
+
+ /* Check result of digest object copy. */
+ if (rc != 0) {
+ ret = 0;
+ }
+ }
+
+ if (ret == 1) {
+ /* Copy the pads which are derived from the key. */
+ XMEMCPY((byte*)dst->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
+ XMEMCPY((byte*)dst->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
+ /* Copy the inner hash that is the current state. */
+ XMEMCPY((byte*)dst->innerHash, (byte*)src->innerHash,
+ WC_MAX_DIGEST_SIZE);
+ /* Copy other fields. */
+ #ifndef HAVE_FIPS
+ dst->heap = heap;
+ #endif
+ dst->macType = src->macType;
+ dst->innerHashKeyed = src->innerHashKeyed;
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ XMEMCPY(&dst->asyncDev, &src->asyncDev, sizeof(WC_ASYNC_DEV));
+ dst->keyLen = src->keyLen;
+ #ifdef HAVE_CAVIUM
+ /* Copy the dynamic data. */
+ dst->data = (byte*)XMALLOC(src->dataLen, dst->heap, DYNAMIC_TYPE_HMAC);
+ if (dst->data == NULL) {
+ ret = BUFFER_E;
+ }
+ else {
+ XMEMCPY(dst->data, src->data, src->dataLen);
+ dst->dataLen = src->dataLen;
+ }
+ #endif /* HAVE_CAVIUM */
+#endif /* WOLFSSL_ASYNC_CRYPT */
+ }
+
+ return ret;
+}
+
+
+/*
+ * wolfSSL_HMAC_CTX APIs.
+ */
+
+/* Allocate a new HMAC context object and initialize.
+ *
+ * @return A cleared HMAC context object on success.
+ * @return NULL on failure.
+ */
+WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void)
+{
+ WOLFSSL_HMAC_CTX* hmac_ctx;
+
+ /* Allocate dynamic memory for HMAC context object. */
+ hmac_ctx = (WOLFSSL_HMAC_CTX*)XMALLOC(sizeof(WOLFSSL_HMAC_CTX), NULL,
+ DYNAMIC_TYPE_OPENSSL);
+ if (hmac_ctx != NULL) {
+ /* Initialize HMAC context object. */
+ wolfSSL_HMAC_CTX_Init(hmac_ctx);
+ }
+
+ return hmac_ctx;
+}
+
+/* Initialize a HMAC context object.
+ *
+ * Not an OpenSSL compatibility API.
+ *
+ * @param [in, out] ctx HMAC context object.
+ * @return 1 indicating success.
+ */
+int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx)
+{
+ WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init");
+
+ if (ctx != NULL) {
+ /* Clear all fields. */
+ XMEMSET(ctx, 0, sizeof(WOLFSSL_HMAC_CTX));
+ /* type field is 0 == WC_HASH_TYPE_NONE. */
+ /* TODO: for FIPS and selftest 0 == WC_HASH_TYPE_MD5 instead. */
+ }
+
+ return 1;
+}
+
+/* Deep copy of information from one HMAC context object to another.
+ *
+ * @param [out] dst Copy into this object.
+ * @param [in] src Copy from this object.
+ * @return 1 on success.
+ * @return 0 on failure.
+ */
+int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* dst, WOLFSSL_HMAC_CTX* src)
+{
+ int ret = 1;
+
+ WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy");
+
+ /* Validate parameters. */
+ if ((dst == NULL) || (src == NULL)) {
+ ret = 0;
+ }
+
+ if (ret == 1) {
+ /* Copy hash type. */
+ dst->type = src->type;
+ /* Move pads derived from key into save space. */
+ XMEMCPY((byte *)&dst->save_ipad, (byte *)&src->hmac.ipad,
+ WC_HMAC_BLOCK_SIZE);
+ XMEMCPY((byte *)&dst->save_opad, (byte *)&src->hmac.opad,
+ WC_HMAC_BLOCK_SIZE);
+ /* Copy the wolfSSL Hmac ocbject. */
+ ret = wolfSSL_HmacCopy(&dst->hmac, &src->hmac);
+ }
+
+ return ret;
+}
+
+/* Cleanup internal state of HMAC context object.
+ *
+ * Not an OpenSSL compatibility API.
+ *
+ * @param [in, out] ctx HMAC context object.
+ */
+void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx)
+{
+ if (ctx != NULL) {
+ /* Cleanup HMAC operation data. */
+ wolfSSL_HMAC_cleanup(ctx);
+ }
+}
+
+/* Free HMAC context object.
+ *
+ * ctx is deallocated and can no longer be used after this call.
+ *
+ * @param [in] ctx HMAC context object.
+ */
+void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx)
+{
+ if (ctx != NULL) {
+ /* Cleanup HMAC context object, including freeing dynamic data. */
+ wolfSSL_HMAC_CTX_cleanup(ctx);
+ /* Dispose of the memory for the HMAC context object. */
+ XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
+ }
+}
+
+/* Get the EVP digest of the HMAC context.
+ *
+ * @param [in] ctx HMAC context object.
+ * @return EVP digest object.
+ * @return NULL when ctx is NULL or EVP digest not set.
+ */
+const WOLFSSL_EVP_MD* wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX* ctx)
+{
+ const WOLFSSL_EVP_MD* ret = NULL;
+
+ if (ctx != NULL) {
+ /* Get EVP digest based on digest type. */
+ ret = wolfSSL_macType2EVP_md((enum wc_HashType)ctx->type);
+ }
+
+ return ret;
+}
+
+/*
+ * wolfSSL_HMAC APIs.
+ */
+
+/* Initialize the HMAC operation.
+ *
+ * @param [in, out] ctx HMAC context object.
+ * @param [in] key Array of bytes representing key.
+ * May be NULL indicating to use the same key as
+ * previously.
+ * @param [in] keySz Number of bytes in key.
+ * 0+ in non-FIPS, 14+ in FIPS.
+ * @param [in] type EVP digest indicate digest type.
+ * May be NULL if initialized previously.
+ * @param [in] e wolfSSL engine. Ignored.
+ * @return 1 on success.
+ * @return 0 on failure.
+ */
+int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keySz,
+ const EVP_MD* type, WOLFSSL_ENGINE* e)
+{
+ WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex");
+
+ /* WOLFSSL_ENGINE not used, call wolfSSL_HMAC_Init */
+ (void)e;
+
+ return wolfSSL_HMAC_Init(ctx, key, keySz, type);
+}
+
+/* Initialize the HMAC operation.
+ *
+ * @param [in, out] ctx HMAC context object.
+ * @param [in] key Array of bytes representing key.
+ * May be NULL indicating to use the same key as
+ * previously.
+ * @param [in] keySz Number of bytes in key.
+ * 0+ in non-FIPS, 14+ in FIPS.
+ * @param [in] type EVP digest indicate digest type.
+ * May be NULL if initialized previously.
+ * @return 1 on success.
+ * @return 0 on failure.
+ */
+int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
+ const EVP_MD* type)
+{
+ int ret = 1;
+ void* heap = NULL;
+ int rc;
+
+ WOLFSSL_MSG("wolfSSL_HMAC_Init");
+
+ /* Validate parameters. */
+ if (ctx == NULL) {
+ WOLFSSL_MSG("no ctx on init");
+ ret = 0;
+ }
+ /* Digest type must have been previously set if not specified. */
+ if ((ret == 1) && (type == NULL) && (ctx->type == (int)WC_HASH_TYPE_NONE)) {
+ WOLFSSL_MSG("no hash type");
+ ret = 0;
+ }
+ /* wolfSSL HMAC object must have been setup with a key if not specified. */
+ if ((ret == 1) && (key == NULL) &&
+ (ctx->hmac.macType == (int)WC_HASH_TYPE_NONE)) {
+ WOLFSSL_MSG("wolfCrypt hash not setup");
+ ret = 0;
+ }
+
+ if (ret == 1) {
+ #ifndef HAVE_FIPS
+ heap = ctx->hmac.heap;
+ #endif
+
+ if (type != NULL) {
+ WOLFSSL_MSG("init has type");
+ /* Get the digest type based on EVP digest. */
+ if (wolfssl_evp_md_to_hash_type(type, &ctx->type) != 0) {
+ WOLFSSL_MSG("bad init type");
+ ret = 0;
+ }
+ }
+ }
+
+ if (ret == 1) {
+ /* Check if init has been called before */
+ int inited = (ctx->hmac.macType != WC_HASH_TYPE_NONE);
+ /* Free if wolfSSL HMAC object when initialized. */
+ if (inited) {
+ wc_HmacFree(&ctx->hmac);
+ }
+ /* Initialize wolfSSL HMAC object for new HMAC operation. */
+ rc = wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID);
+ if (rc != 0) {
+ ret = 0;
+ }
+ }
+ if ((ret == 1) && (key != NULL)) {
+ /* Set the key into wolfSSL HMAC object. */
+ rc = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key,
+ (word32)keylen);
+ if (rc != 0) {
+ /* in FIPS mode a key < 14 characters will fail here */
+ WOLFSSL_MSG("hmac set key error");
+ WOLFSSL_ERROR(rc);
+ wc_HmacFree(&ctx->hmac);
+ ret = 0;
+ }
+ if (ret == 1) {
+ /* Save the pads which are derived from the key. Used to re-init. */
+ XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
+ WC_HMAC_BLOCK_SIZE);
+ XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
+ WC_HMAC_BLOCK_SIZE);
+ }
+ }
+ else if (ret == 1) {
+ WOLFSSL_MSG("recover hmac");
+ /* Set state of wolfSSL HMAC object. */
+ ctx->hmac.macType = (byte)ctx->type;
+ ctx->hmac.innerHashKeyed = 0;
+ /* Restore key by copying in saved pads. */
+ XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
+ WC_HMAC_BLOCK_SIZE);
+ XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
+ WC_HMAC_BLOCK_SIZE);
+ /* Initialize the wolfSSL HMAC object. */
+ rc = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap);
+ if (rc != 0) {
+ WOLFSSL_MSG("hmac init error");
+ WOLFSSL_ERROR(rc);
+ ret = 0;
+ }
+ }
+
+ return ret;
+}
+
+/* Update the HMAC operation with more data.
+ *
+ * TODO: 'len' should be a signed type.
+ *
+ * @param [in, out] ctx HMAC context object.
+ * @param [in] data Array of byted to MAC. May be NULL.
+ * @param [in] len Number of bytes to MAC. May be 0.
+ * @return 1 on success.
+ * @return 0 when ctx is NULL or HMAC update fails.
+ */
+int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
+ int len)
+{
+ int ret = 1;
+
+ WOLFSSL_MSG("wolfSSL_HMAC_Update");
+
+ /* Validate parameters. */
+ if (ctx == NULL) {
+ WOLFSSL_MSG("no ctx");
+ ret = 0;
+ }
+
+ /* Update when there is data to add. */
+ if ((ret == 1) && (data != NULL) && (len > 0)) {
+ int rc;
+
+ WOLFSSL_MSG("updating hmac");
+ /* Update wolfSSL HMAC object. */
+ rc = wc_HmacUpdate(&ctx->hmac, data, (word32)len);
+ if (rc != 0){
+ WOLFSSL_MSG("hmac update error");
+ ret = 0;
+ }
+ }
+
+ return ret;
+}
+
+/* Finalize HMAC operation.
+ *
+ * @param [in, out] ctx HMAC context object.
+ * @param [out] hash Buffer to hold HMAC result.
+ * Must be able to hold bytes equivalent to digest size.
+ * @param [out] len Length of HMAC result. May be NULL.
+ * @return 1 on success.
+ * @return 0 when ctx or hash is NULL.
+ * @return 0 when HMAC finalization fails.
+ */
+int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
+ unsigned int* len)
+{
+ int ret = 1;
+ int rc;
+
+ WOLFSSL_MSG("wolfSSL_HMAC_Final");
+
+ /* Validate parameters. */
+ if ((ctx == NULL) || (hash == NULL)) {
+ WOLFSSL_MSG("invalid parameter");
+ ret = 0;
+ }
+
+ if (ret == 1) {
+ WOLFSSL_MSG("final hmac");
+ /* Finalize wolfSSL HMAC object. */
+ rc = wc_HmacFinal(&ctx->hmac, hash);
+ if (rc != 0){
+ WOLFSSL_MSG("final hmac error");
+ ret = 0;
+ }
+ }
+ if ((ret == 1) && (len != NULL)) {
+ WOLFSSL_MSG("setting output len");
+ /* Get the length of the output based on digest type. */
+ *len = wolfssl_mac_len((unsigned char)ctx->type);
+ }
+
+ return ret;
+}
+
+
+/* Cleanup the HMAC operation.
+ *
+ * Not an OpenSSL compatibility API.
+ *
+ * @param [in, out] ctx HMAC context object.
+ * @return 1 indicating success.
+ */
+int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx)
+{
+ WOLFSSL_MSG("wolfSSL_HMAC_cleanup");
+
+ if (ctx != NULL) {
+ /* Free the dynamic data in the wolfSSL HMAC object. */
+ wc_HmacFree(&ctx->hmac);
+ }
+
+ return 1;
+}
+
+/* HMAC data using the specified EVP digest.
+ *
+ * @param [in] evp_md EVP digest.
+ * @param [in] key Array of bytes representing key.
+ * @param [in] keySz Number of bytes in key.
+ * 0+ in non-FIPS, 14+ in FIPS.
+ * @param [in] data Data to MAC.
+ * @param [in] len Length in bytes of data to MAC.
+ * @param [out] md HMAC output.
+ * @param [out] md_len Length of HMAC output in bytes. May be NULL.
+ * @return Buffer holding HMAC output.
+ * @return NULL on failure.
+ */
+unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key,
+ int key_len, const unsigned char* data, int len, unsigned char* md,
+ unsigned int* md_len)
+{
+ unsigned char* ret = NULL;
+ int rc = 0;
+ int type = 0;
+ int hmacLen = 0;
+#ifdef WOLFSSL_SMALL_STACK
+ Hmac* hmac = NULL;
+#else
+ Hmac hmac[1];
+#endif
+ void* heap = NULL;
+
+ /* Validate parameters. */
+ if ((evp_md == NULL) || (key == NULL) || (md == NULL)) {
+ rc = BAD_FUNC_ARG;
+ }
+
+ if (rc == 0) {
+ /* Get the hash type corresponding to the EVP digest. */
+ rc = wolfssl_evp_md_to_hash_type(evp_md, &type);
+ }
+#ifdef WOLFSSL_SMALL_STACK
+ if (rc == 0) {
+ /* Allocate dynamic memory for a wolfSSL HMAC object. */
+ hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
+ if (hmac == NULL) {
+ rc = MEMORY_E;
+ }
+ }
+#endif
+ if (rc == 0) {
+ /* Get the HMAC output length. */
+ hmacLen = wolfssl_mac_len((unsigned char)type);
+ /* 0 indicates the digest is not supported. */
+ if (hmacLen == 0) {
+ rc = BAD_FUNC_ARG;
+ }
+ }
+ /* Initialize the wolfSSL HMAC object. */
+ if ((rc == 0) && (wc_HmacInit(hmac, heap, INVALID_DEVID) == 0)) {
+ /* Set the key into the wolfSSL HMAC object. */
+ rc = wc_HmacSetKey(hmac, type, (const byte*)key, key_len);
+ if (rc == 0) {
+ /* Update the wolfSSL HMAC object with data. */
+ rc = wc_HmacUpdate(hmac, data, len);
+ }
+ /* Finalize the wolfSSL HMAC object. */
+ if ((rc == 0) && (wc_HmacFinal(hmac, md) == 0)) {
+ /* Return the length of the HMAC output if required. */
+ if (md_len != NULL) {
+ *md_len = hmacLen;
+ }
+ /* Set the buffer to return. */
+ ret = md;
+ }
+ /* Dispose of dynamic memory associated with the wolfSSL HMAC object. */
+ wc_HmacFree(hmac);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ /* Free dynamic memory of a wolfSSL HMAC object. */
+ XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
+#endif
+ return ret;
+}
+
+/* Get the HMAC output size.
+ *
+ * @param [in] ctx HMAC context object.
+ * @return Size of HMAC output in bytes.
+ * @return 0 when ctx is NULL or no digest algorithm set.
+ */
+size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX* ctx)
+{
+ size_t ret = 0;
+
+ if (ctx != NULL) {
+ /* Look up digest size with wolfSSL. */
+ ret = (size_t)wc_HashGetDigestSize((enum wc_HashType)ctx->hmac.macType);
+ }
+
+ return ret;
+}
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF HMAC API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF CMAC API
+ ******************************************************************************/
+
+#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
+#if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
+ defined(WOLFSSL_AES_DIRECT)
+/* Allocate a new CMAC context object.
+ *
+ * TODO: make fields static.
+ *
+ * @return A CMAC context object on success.
+ * @return NULL on failure.
+ */
+WOLFSSL_CMAC_CTX* wolfSSL_CMAC_CTX_new(void)
+{
+ WOLFSSL_CMAC_CTX* ctx = NULL;
+
+ /* Allocate memory for CMAC context object. */
+ ctx = (WOLFSSL_CMAC_CTX*)XMALLOC(sizeof(WOLFSSL_CMAC_CTX), NULL,
+ DYNAMIC_TYPE_OPENSSL);
+ if (ctx != NULL) {
+ /* Memory for wolfSSL CMAC object is allocated in
+ * wolfSSL_CMAC_Init().
+ */
+ ctx->internal = NULL;
+ /* Allocate memory for EVP cipher context object. */
+ ctx->cctx = wolfSSL_EVP_CIPHER_CTX_new();
+ if (ctx->cctx == NULL) {
+ XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+ XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx = NULL;
+ }
+ }
+
+ return ctx;
+}
+
+/* Free CMAC context object and dynamically allocated fields.
+ *
+ * ctx is deallocated and can no longer be used after this call.
+ *
+ * @param [in] ctx CMAC context object.
+ */
+void wolfSSL_CMAC_CTX_free(WOLFSSL_CMAC_CTX *ctx)
+{
+ if (ctx != NULL) {
+ /* Deallocate dynamically allocated fields. */
+ if (ctx->internal != NULL) {
+#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+ wc_CmacFree((Cmac*)ctx->internal);
+#endif
+ XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+ }
+ if (ctx->cctx != NULL) {
+ wolfSSL_EVP_CIPHER_CTX_cleanup(ctx->cctx);
+ wolfSSL_EVP_CIPHER_CTX_free(ctx->cctx);
+ }
+ /* Deallocate CMAC context object. */
+ XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
+ }
+}
+
+/* Return a reference to the EVP cipher context.
+ *
+ * @param [in] ctx CMAC context object.
+ * @return EVP cipher context.
+ * @return NULL when ctx is NULL.
+ */
+WOLFSSL_EVP_CIPHER_CTX* wolfSSL_CMAC_CTX_get0_cipher_ctx(WOLFSSL_CMAC_CTX* ctx)
+{
+ WOLFSSL_EVP_CIPHER_CTX* cctx = NULL;
+
+ if (ctx != NULL) {
+ /* Return EVP cipher context object. */
+ cctx = ctx->cctx;
+ }
+
+ return cctx;
+}
+
+/* Initialize the CMAC operation.
+ *
+ * @param [in, out] cmac CMAC context object.
+ * @param [in] key Symmetric key to use.
+ * @param [in] keySz Length of key in bytes.
+ * @param [in] cipher EVP cipher object describing encryption algorithm
+ * to use.
+ * @param [in] engine wolfSSL Engine. Not used.
+ * @return 1 on success.
+ * @return 0 when ctx or cipher is NULL.
+ * @return 0 when cipher is not an AES-CBC algorithm.
+ * @return 0 when key length does not match cipher.
+ */
+int wolfSSL_CMAC_Init(WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keySz,
+ const WOLFSSL_EVP_CIPHER* cipher, WOLFSSL_ENGINE* engine)
+{
+ int ret = 1;
+
+ (void)engine;
+
+ WOLFSSL_ENTER("wolfSSL_CMAC_Init");
+
+ /* Validate parameters. */
+ if ((ctx == NULL) || (cipher == NULL)) {
+ ret = 0;
+ }
+ /* Only AES-CBC ciphers are supported. */
+ if ((ret == 1) && (cipher != EVP_AES_128_CBC) &&
+ (cipher != EVP_AES_192_CBC) && (cipher != EVP_AES_256_CBC)) {
+ WOLFSSL_MSG("wolfSSL_CMAC_Init: requested cipher is unsupported");
+ ret = 0;
+ }
+ /* Key length must match cipher. */
+ if ((ret == 1) && ((int)keySz != wolfSSL_EVP_Cipher_key_length(cipher))) {
+ WOLFSSL_MSG("wolfSSL_CMAC_Init: "
+ "supplied key size doesn't match requested cipher");
+ ret = 0;
+ }
+
+ if ((ret == 1) && (ctx->internal == NULL)) {
+ /* Allocate memory for wolfSSL CMAC object. */
+ ctx->internal = (Cmac*)XMALLOC(sizeof(Cmac), NULL, DYNAMIC_TYPE_CMAC);
+ if (ctx->internal == NULL)
+ ret = 0;
+ }
+
+ /* Initialize the wolfCrypt CMAC object. */
+ if ((ret == 1) && (wc_InitCmac((Cmac*)ctx->internal, (const byte*)key,
+ (word32)keySz, WC_CMAC_AES, NULL) != 0)) {
+ WOLFSSL_MSG("wolfSSL_CMAC_Init: wc_InitCmac() failed");
+ XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+ ctx->internal = NULL;
+ ret = 0;
+ }
+ if (ret == 1) {
+ /* Initialize the EVP cipher context object for encryption. */
+ ret = wolfSSL_EVP_CipherInit(ctx->cctx, cipher, (const byte*)key, NULL,
+ 1);
+ if (ret != WOLFSSL_SUCCESS)
+ WOLFSSL_MSG("wolfSSL_CMAC_Init: wolfSSL_EVP_CipherInit() failed");
+ }
+
+ WOLFSSL_LEAVE("wolfSSL_CMAC_Init", ret);
+
+ return ret;
+}
+
+/* Update the CMAC operation with data.
+ *
+ * @param [in, out] ctx CMAC context object.
+ * @param [in] data Data to MAC as a byte array.
+ * @param [in] len Length of data in bytes.
+ * @return 1 on success.
+ * @return 0 when ctx is NULL.
+ */
+int wolfSSL_CMAC_Update(WOLFSSL_CMAC_CTX* ctx, const void* data, size_t len)
+{
+ int ret = 1;
+
+ WOLFSSL_ENTER("wolfSSL_CMAC_Update");
+
+ /* Validate parameters. */
+ if (ctx == NULL) {
+ ret = 0;
+ }
+
+ /* Update the wolfCrypto CMAC object with data. */
+ if ((ret == 1) && (data != NULL) && (wc_CmacUpdate((Cmac*)ctx->internal,
+ (const byte*)data, (word32)len) != 0)) {
+ ret = 0;
+ }
+
+ WOLFSSL_LEAVE("wolfSSL_CMAC_Update", ret);
+
+ return ret;
+}
+
+/* Finalize the CMAC operation into output buffer.
+ *
+ * @param [in, out] ctx CMAC context object.
+ * @param [out] out Buffer to place CMAC result into.
+ * Must be able to hold AES_BLOCK_SIZE bytes.
+ * @param [out] len Length of CMAC result. May be NULL.
+ * @return 1 on success.
+ * @return 0 when ctx is NULL.
+ */
+int wolfSSL_CMAC_Final(WOLFSSL_CMAC_CTX* ctx, unsigned char* out, size_t* len)
+{
+ int ret = 1;
+ int blockSize;
+ word32 len32;
+
+ WOLFSSL_ENTER("wolfSSL_CMAC_Final");
+
+ /* Validate parameters. */
+ if (ctx == NULL) {
+ ret = 0;
+ }
+
+ if (ret == 1) {
+ /* Get the expected output size. */
+ blockSize = EVP_CIPHER_CTX_block_size(ctx->cctx);
+ /* Check value is valid. */
+ if (blockSize <= 0) {
+ ret = 0;
+ }
+ else {
+ /* wolfCrypt CMAC expects buffer size. */
+ len32 = (word32)blockSize;
+ /* Return size if required. */
+ if (len != NULL) {
+ *len = blockSize;
+ }
+ }
+ }
+ if ((ret == 1) && (out != NULL)) {
+ /* Calculate MAC result with wolfCrypt CMAC object. */
+ if (wc_CmacFinal((Cmac*)ctx->internal, out, &len32) != 0) {
+ ret = 0;
+ }
+ /* TODO: Is this necessary? Length should not change. */
+ /* Return actual size if required. */
+ else if (len != NULL) {
+ *len = (size_t)len32;
+ }
+
+ XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+ ctx->internal = NULL;
+ }
+
+ WOLFSSL_LEAVE("wolfSSL_CMAC_Final", ret);
+
+ return ret;
+}
+#endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
+#endif /* OPENSSL_EXTRA && !WOLFCRYPT_ONLY */
+
+/*******************************************************************************
+ * END OF CMAC API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF DES API
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+#ifndef NO_DES3
+/* Set parity of the DES key.
+ *
+ * @param [in, out] key DES key.
+ */
+void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* key)
+{
+ int i;
+
+ WOLFSSL_ENTER("wolfSSL_DES_set_odd_parity");
+
+ for (i = 0; i < DES_KEY_SIZE; i++) {
+ unsigned char c = (*key)[i];
+ /* Set bottom bit to odd parity - XOR of each bit is to be 1.
+ * XOR 1 to XOR of each bit.
+ * When even parity, the value will be 1 and the bottom bit will be
+ * flipped.
+ * When odd parity, the value will be 0 and the bottom bit will be
+ * unchanged.
+ */
+ c ^= ((c >> 0) ^ (c >> 1) ^ (c >> 2) ^ (c >> 3) ^ (c >> 4) ^ (c >> 5) ^
+ (c >> 6) ^ (c >> 7) ^ 0x01) & 0x01;
+ (*key)[i] = c;
+ }
+}
+
+/* Check parity of the DES key.
+ *
+ * @param [in] key DES key.
+ * @return 1 when odd parity on all bytes.
+ * @return 0 when even parity on any byte.
+ */
+int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock *key)
+{
+ int i;
+ /* Assume odd parity. */
+ unsigned char p = 1;
+
+ WOLFSSL_ENTER("wolfSSL_DES_check_key_parity");
+
+ for (i = 0; i < DES_KEY_SIZE; i++) {
+ unsigned char c = (*key)[i];
+ /* p will be 0 when parity is even (XOR of bits is 0). */
+ p &= (c >> 0) ^ (c >> 1) ^ (c >> 2) ^ (c >> 3) ^ (c >> 4) ^ (c >> 5) ^
+ (c >> 6) ^ (c >> 7);
+ }
+
+ /* Only care about bottom bit. */
+ return p & 1;
+}
+
+/* Check whether key data is the two 32-bit words.
+ *
+ * return true in fail case (1)
+ *
+ * @param [in] k1 First part of key.
+ * @param [in] k2 Second part of key.
+ * @param [in] key DES key as an array of bytes.
+ **/
+static int wolfssl_des_check(word32 k1, word32 k2, unsigned char* key)
+{
+ /* Compare the two 32-bit words. */
+ return (((word32*)key)[0] == k1) && (((word32*)key)[1] == k2);
+}
+
+/* Check key is not weak.
+ *
+ * Weak key list from Nist "Recommendation for the Triple Data Encryption
+ * Algorithm (TDEA) Block Cipher"
+ *
+ * @param [in] key DES key.
+ * @return 0 when #key is not a weak key.
+ * @return 1 when #key is a weak key.
+ */
+int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key)
+{
+ int ret = 0;
+
+ WOLFSSL_ENTER("wolfSSL_DES_is_weak_key");
+
+ /* Validate parameter. */
+ if (key == NULL) {
+ WOLFSSL_MSG("NULL key passed in");
+ ret = 1;
+ }
+
+ /* Check weak keys - endian doesn't matter. */
+ if ((ret == 0) && (wolfssl_des_check(0x01010101, 0x01010101, *key) ||
+ wolfssl_des_check(0xFEFEFEFE, 0xFEFEFEFE, *key) ||
+ wolfssl_des_check(0xE0E0E0E0, 0xF1F1F1F1, *key) ||
+ wolfssl_des_check(0x1F1F1F1F, 0x0E0E0E0E, *key))) {
+ WOLFSSL_MSG("Weak key found");
+ ret = 1;
+ }
+
+ /* Check semi-weak keys - endian doesn't matter. */
+ if ((ret == 0) && (wolfssl_des_check(0x011F011F, 0x010E010E, *key) ||
+ wolfssl_des_check(0x1F011F01, 0x0E010E01, *key) ||
+ wolfssl_des_check(0x01E001E0, 0x01F101F1, *key) ||
+ wolfssl_des_check(0xE001E001, 0xF101F101, *key) ||
+ wolfssl_des_check(0x01FE01FE, 0x01FE01FE, *key) ||
+ wolfssl_des_check(0xFE01FE01, 0xFE01FE01, *key) ||
+ wolfssl_des_check(0x1FE01FE0, 0x0EF10EF1, *key) ||
+ wolfssl_des_check(0xE01FE01F, 0xF10EF10E, *key) ||
+ wolfssl_des_check(0x1FFE1FFE, 0x0EFE0EFE, *key) ||
+ wolfssl_des_check(0xFE1FFE1F, 0xFE0EFE0E, *key) ||
+ wolfssl_des_check(0xE0FEE0FE, 0xF1FEF1FE, *key) ||
+ wolfssl_des_check(0xFEE0FEE0, 0xFEF1FEF1, *key))) {
+ WOLFSSL_MSG("Semi-weak key found");
+ ret = 1;
+ }
+
+ return ret;
+}
+
+/* Set key into schedule if key parity is odd and key is not weak.
+ *
+ * @param [in] key DES key data.
+ * @param [out] schedule DES key schedule.
+ * @return 0 on success.
+ * @return -1 when parity is not odd.
+ * @return -2 when key or schedule is NULL.
+ * @return -2 when key is weak or semi-weak.
+ */
+int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* key,
+ WOLFSSL_DES_key_schedule* schedule)
+{
+ int ret = 0;
+
+ /* Validate parameters. */
+ if ((key == NULL) || (schedule == NULL)) {
+ WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
+ ret = -2;
+ }
+
+ /* Check key parity is odd. */
+ if ((ret == 0) && (!wolfSSL_DES_check_key_parity(key))) {
+ WOLFSSL_MSG("Odd parity test fail");
+ ret = -1;
+ }
+ /* Check whether key is weak. */
+ if ((ret == 0) && wolfSSL_DES_is_weak_key(key)) {
+ WOLFSSL_MSG("Weak key found");
+ ret = -2;
+ }
+ if (ret == 0) {
+ /* Key data passed checks, now copy key into schedule. */
+ XMEMCPY(schedule, key, DES_KEY_SIZE);
+ }
+
+ return ret;
+}
+
+/* Set key into schedule - no checks on key data performed.
+ *
+ * @param [in] key DES key data.
+ * @param [out] schedule DES key schedule.
+ */
+void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* key,
+ WOLFSSL_DES_key_schedule* schedule)
+{
+ /* Validate parameters. */
+ if ((key != NULL) && (schedule != NULL)) {
+ /* Copy the key data into the schedule. */
+ XMEMCPY(schedule, key, DES_KEY_SIZE);
+ }
+}
+
+/* Set key into schedule.
+ *
+ * @param [in] key DES key data.
+ * @param [out] schedule DES key schedule.
+ * @return 0 on success.
+ * @return -1 when parity is not odd.
+ * @return -2 when key or schedule is NULL.
+ * @return -2 when key is weak or semi-weak.
+ */
+int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* key,
+ WOLFSSL_DES_key_schedule* schedule)
+{
+#ifdef WOLFSSL_CHECK_DESKEY
+ return wolfSSL_DES_set_key_checked(key, schedule);
+#else
+ wolfSSL_DES_set_key_unchecked(key, schedule);
+ return 0;
+#endif
+}
+
+/* Set the key schedule from the DES key.
+ *
+ * TODO: OpenSSL checks parity and weak keys.
+ *
+ * @param [in] key DES key data.
+ * @param [out] schedule DES key schedule.
+ * @return 0 on success.
+ */
+int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
+ WOLFSSL_DES_key_schedule* schedule)
+{
+ WOLFSSL_ENTER("wolfSSL_DES_key_sched");
+
+ /* Check parameters are usable. */
+ if ((key == NULL) || (schedule == NULL)) {
+ WOLFSSL_MSG("Null argument passed in");
+ }
+ else {
+ /* Copy the key data into the schedule. */
+ XMEMCPY(schedule, key, sizeof(WOLFSSL_const_DES_cblock));
+ }
+
+ return 0;
+}
+
+/* Encrypt with DES-CBC to create a checksum.
+ *
+ * Intended to behave similar to Kerberos mit_des_cbc_cksum.
+ * Returns the last 4 bytes of cipher text.
+ *
+ * TODO: Encrypt one block at a time instead of allocating a large amount.
+ *
+ * @param [in] in Data to encrypt.
+ * @param [out] out Last encrypted block.
+ * @param [in] length Length of data to encrypt.
+ * @param [in] sc Key schedule for encryption.
+ * @param [in] iv Initialization vector for CBC.
+ * @return Checksum of encryption.
+ * @return 0 on error.
+ */
+WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in,
+ WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc,
+ WOLFSSL_const_DES_cblock* iv)
+{
+ WOLFSSL_DES_LONG ret = 0;
+ int err = 0;
+ unsigned char* data = (unsigned char*)in;
+ unsigned char* tmp = NULL;
+ long dataSz = length;
+
+ WOLFSSL_ENTER("wolfSSL_DES_cbc_cksum");
+
+ /* Validate parameters. */
+ if ((in == NULL) || (out == NULL) || (sc == NULL) || (iv == NULL)) {
+ WOLFSSL_MSG("Bad argument passed in");
+ err = 1;
+ }
+
+ /* When input length is not a multiple of DES_BLOCK_SIZE pad with 0s. */
+ if ((!err) && (dataSz % DES_BLOCK_SIZE)) {
+ /* Allocate a buffer big enough to hold padded input. */
+ dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE);
+ data = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (data == NULL) {
+ WOLFSSL_MSG("Issue creating temporary buffer");
+ err = 1;
+ }
+ else {
+ /* Copy input and pad with 0s. */
+ XMEMCPY(data, in, length);
+ XMEMSET(data + length, 0, dataSz - length);
+ }
+ }
+
+ if (!err) {
+ /* Allocate buffer to hold encrypted data. */
+ tmp = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (tmp == NULL) {
+ WOLFSSL_MSG("Issue creating temporary buffer");
+ err = 1;
+ }
+ }
+
+ if (!err) {
+ /* Encrypt data into temporary. */
+ wolfSSL_DES_cbc_encrypt(data, tmp, dataSz, sc, (WOLFSSL_DES_cblock*)iv,
+ DES_ENCRYPT);
+ /* Copy out last block. */
+ XMEMCPY((unsigned char*)out, tmp + (dataSz - DES_BLOCK_SIZE),
+ DES_BLOCK_SIZE);
+
+ /* Use the last half of the encrypted block as the checksum. */
+ ret = (((*((unsigned char*)out + 4) & 0xFF) << 24) |
+ ((*((unsigned char*)out + 5) & 0xFF) << 16) |
+ ((*((unsigned char*)out + 6) & 0xFF) << 8) |
+ (*((unsigned char*)out + 7) & 0xFF) );
+ }
+
+ /* Dispose of allocated memory. */
+ XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (data != in) {
+ XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ return ret;
+}
+
+/* Encrypt/decrypt data with DES-CBC.
+ *
+ * TODO: OpenSSL expects a length that is a multiple of the block size but
+ * we are padding the last block. This is not a padding API.
+ * TODO: Validate parameters?
+ *
+ * @param [in] input Data to encipher.
+ * @param [out] output Enciphered data.
+ * @param [in] length Length of data to encipher.
+ * @param [in] schedule Key schedule.
+ * @param [in] ivec IV for CBC operation.
+ * @param [in] enc Whether to encrypt.
+ */
+void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
+ long length, WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+ int enc)
+{
+#ifdef WOLFSSL_SMALL_STACK
+ Des* des = NULL;
+#else
+ Des des[1];
+#endif
+ byte lastBlock[DES_BLOCK_SIZE];
+
+ WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
+
+#ifdef WOLFSSL_SMALL_STACK
+ des = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
+ if (des == NULL) {
+ WOLFSSL_MSG("Failed to allocate memory for Des object");
+ }
+ else
+#endif
+ /* OpenSSL compat, no ret */
+ if (wc_Des_SetKey(des, (const byte*)schedule, (const byte*)ivec,
+ !enc) != 0) {
+ WOLFSSL_MSG("wc_Des_SetKey return error.");
+ }
+ else {
+ /* Last incomplete block size. 0 means none over. */
+ int lb_sz = length % DES_BLOCK_SIZE;
+ /* Length of data that is a multiple of a block. */
+ word32 len = (word32)(length - lb_sz);
+
+ if (enc == DES_ENCRYPT) {
+ /* Encrypt full blocks into output. */
+ wc_Des_CbcEncrypt(des, output, input, len);
+ if (lb_sz != 0) {
+ /* Create a 0 padded block from remaining bytes. */
+ XMEMSET(lastBlock, 0, DES_BLOCK_SIZE);
+ XMEMCPY(lastBlock, input + len, lb_sz);
+ /* Encrypt last block into output. */
+ wc_Des_CbcEncrypt(des, output + len, lastBlock,
+ (word32)DES_BLOCK_SIZE);
+ }
+ }
+ else {
+ /* Decrypt full blocks into output. */
+ wc_Des_CbcDecrypt(des, output, input, len);
+ if (lb_sz != 0) {
+ /* Decrypt the last block that is not going to be full size. */
+ wc_Des_CbcDecrypt(des, lastBlock, input + len,
+ (word32)DES_BLOCK_SIZE);
+ /* Copy out the required amount of the decrypted block. */
+ XMEMCPY(output + len, lastBlock, lb_sz);
+ }
+ }
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(des, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+
+/* Encrypt/decrypt data with DES-CBC. Sets the IV for following operation.
+ *
+ * TODO: OpenSSL expects a length that is a multiple of the block size but
+ * we are padding the last block. This is not a padding API.
+ * TODO: Validate parameters?
+ *
+ * @param [in] input Data to encipher.
+ * @param [out] output Enciphered data.
+ * @param [in] length Length of data to encipher.
+ * @param [in] schedule Key schedule.
+ * @param [in, out] ivec IV for CBC operation.
+ * @param [in] enc Whether to encrypt.
+ */
+void wolfSSL_DES_ncbc_encrypt(const unsigned char* input, unsigned char* output,
+ long length, WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+ int enc)
+{
+ unsigned char tmp[DES_IV_SIZE];
+ /* Calculate length to a multiple of block size. */
+ size_t offset = (size_t)length;
+
+ WOLFSSL_ENTER("wolfSSL_DES_ncbc_encrypt");
+
+ offset = (offset + DES_BLOCK_SIZE - 1) / DES_BLOCK_SIZE;
+ offset *= DES_BLOCK_SIZE;
+ offset -= DES_BLOCK_SIZE;
+ if (enc == DES_ENCRYPT) {
+ /* Encrypt data. */
+ wolfSSL_DES_cbc_encrypt(input, output, length, schedule, ivec, enc);
+ /* Use last encrypted block as new IV. */
+ XMEMCPY(ivec, output + offset, DES_IV_SIZE);
+ }
+ else {
+ /* Get last encrypted block for new IV. */
+ XMEMCPY(tmp, input + offset, DES_IV_SIZE);
+ /* Decrypt data. */
+ wolfSSL_DES_cbc_encrypt(input, output, length, schedule, ivec, enc);
+ /* Use last encrypted block as new IV. */
+ XMEMCPY(ivec, tmp, DES_IV_SIZE);
+ }
+}
+
+/* Encrypt/decrypt data with DES-CBC.
+ *
+ * WOLFSSL_DES_key_schedule is an unsigned char array of size 8.
+ *
+ * TODO: OpenSSL expects a length that is a multiple of the block size but
+ * we are padding the last block. This is not a padding API.
+ * TODO: Validate parameters?
+ *
+ * @param [in] input Data to encipher.
+ * @param [out] output Enciphered data.
+ * @param [in] length Length of data to encipher.
+ * @param [in] schedule Key schedule.
+ * @param [in, out] ivec IV for CBC operation.
+ * @param [in] enc Whether to encrypt.
+ */
+void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
+ unsigned char* output, long sz, WOLFSSL_DES_key_schedule* ks1,
+ WOLFSSL_DES_key_schedule* ks2, WOLFSSL_DES_key_schedule* ks3,
+ WOLFSSL_DES_cblock* ivec, int enc)
+{
+#ifdef WOLFSSL_SMALL_STACK
+ Des3* des3;
+#else
+ Des3 des3[1];
+#endif
+
+ WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
+
+#ifdef WOLFSSL_SMALL_STACK
+ des3 = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
+ if (des3 == NULL) {
+ WOLFSSL_MSG("Failed to allocate memory for Des3 object");
+ sz = 0;
+ }
+#endif
+
+ if (sz > 0) {
+ int ret;
+ byte key[DES3_KEY_SIZE];
+ byte lastBlock[DES_BLOCK_SIZE];
+ int lb_sz;
+ word32 len;
+
+ /* Copy the three keys into the buffer for wolfCrypt DES. */
+ XMEMCPY(key + 0 * DES_BLOCK_SIZE, *ks1, DES_BLOCK_SIZE);
+ XMEMCPY(key + 1 * DES_BLOCK_SIZE, *ks2, DES_BLOCK_SIZE);
+ XMEMCPY(key + 2 * DES_BLOCK_SIZE, *ks3, DES_BLOCK_SIZE);
+
+ /* Last incomplete block size. 0 means none over. */
+ lb_sz = sz % DES_BLOCK_SIZE;
+ /* Length of data that is a multiple of a block. */
+ len = (word32)(sz - lb_sz);
+
+ /* Initialize wolfCrypt DES3 object. */
+ XMEMSET(des3, 0, sizeof(Des3));
+ ret = wc_Des3Init(des3, NULL, INVALID_DEVID);
+ (void)ret;
+
+ if (enc == DES_ENCRYPT) {
+ /* Initialize wolfCrypt DES3 object. */
+ if (wc_Des3_SetKey(des3, key, (const byte*)ivec, DES_ENCRYPTION)
+ == 0) {
+ /* Encrypt full blocks into output. */
+ ret = wc_Des3_CbcEncrypt(des3, output, input, len);
+ (void)ret;
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &des3->asyncDev, WC_ASYNC_FLAG_NONE);
+ (void)ret;
+ #endif
+ if (lb_sz != 0) {
+ /* Create a 0 padded block from remaining bytes. */
+ XMEMSET(lastBlock, 0, DES_BLOCK_SIZE);
+ XMEMCPY(lastBlock, input + len, lb_sz);
+ /* Encrypt last block into output. */
+ ret = wc_Des3_CbcEncrypt(des3, output + len, lastBlock,
+ (word32)DES_BLOCK_SIZE);
+ (void)ret;
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &des3->asyncDev,
+ WC_ASYNC_FLAG_NONE);
+ (void)ret;
+ #endif
+ /* Copy the last encrypted block as IV for next decrypt. */
+ XMEMCPY(ivec, output + len, DES_BLOCK_SIZE);
+ }
+ else {
+ /* Copy the last encrypted block as IV for next decrypt. */
+ XMEMCPY(ivec, output + len - DES_BLOCK_SIZE,
+ DES_BLOCK_SIZE);
+ }
+ }
+ }
+ else {
+ /* Initialize wolfCrypt DES3 object. */
+ if (wc_Des3_SetKey(des3, key, (const byte*)ivec, DES_DECRYPTION)
+ == 0) {
+ /* Copy the last encrypted block as IV for next decrypt. */
+ if (lb_sz != 0) {
+ XMEMCPY(ivec, input + len, DES_BLOCK_SIZE);
+ }
+ else {
+ XMEMCPY(ivec, input + len - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+ }
+ /* Decrypt full blocks into output. */
+ ret = wc_Des3_CbcDecrypt(des3, output, input, len);
+ (void)ret;
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &des3->asyncDev, WC_ASYNC_FLAG_NONE);
+ (void)ret;
+ #endif
+ if (lb_sz != 0) {
+ /* Decrypt the last block that is not going to be full size.
+ */
+ ret = wc_Des3_CbcDecrypt(des3, lastBlock, input + len,
+ (word32)DES_BLOCK_SIZE);
+ (void)ret;
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &des3->asyncDev,
+ WC_ASYNC_FLAG_NONE);
+ (void)ret;
+ #endif
+ /* Copy out the required amount of the decrypted block. */
+ XMEMCPY(output + len, lastBlock, lb_sz);
+ }
+ }
+ }
+ wc_Des3Free(des3);
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(des3, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+
+#ifdef WOLFSSL_DES_ECB
+/* Encrypt or decrypt input message desa with key and get output in desb.
+ *
+ * @param [in] in Block to encipher with DES-ECB.
+ * @param [out] out Enciphered block.
+ * @param [in] key DES key schedule.
+ * @param [in] enc Whether to encrypt.
+ */
+void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* in, WOLFSSL_DES_cblock* out,
+ WOLFSSL_DES_key_schedule* key, int enc)
+{
+#ifdef WOLFSSL_SMALL_STACK
+ Des* des = NULL;
+#else
+ Des des[1];
+#endif
+
+ WOLFSSL_ENTER("wolfSSL_DES_ecb_encrypt");
+
+ /* Validate parameters. */
+ if ((in == NULL) || (out == NULL) || (key == NULL) ||
+ ((enc != DES_ENCRYPT) && (enc != DES_DECRYPT))) {
+ WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
+ }
+#ifdef WOLFSSL_SMALL_STACK
+ else if ((des = XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_CIPHER)) == NULL) {
+ WOLFSSL_MSG("Failed to allocate memory for Des object");
+ }
+#endif
+ /* Set key in wolfCrypt DES object for encryption or decryption.
+ * DES_ENCRYPT = 1, wolfSSL DES_ENCRYPTION = 0.
+ * DES_DECRYPT = 0, wolfSSL DES_DECRYPTION = 1.
+ */
+ else if (wc_Des_SetKey(des, (const byte*)key, NULL, !enc) != 0) {
+ WOLFSSL_MSG("wc_Des_SetKey return error.");
+ }
+ else if (enc == DES_ENCRYPT) {
+ /* Encrypt a block with wolfCrypt DES object. */
+ if (wc_Des_EcbEncrypt(des, (byte*)out, (const byte*)in, DES_KEY_SIZE)
+ != 0) {
+ WOLFSSL_MSG("wc_Des_EcbEncrypt return error.");
+ }
+ }
+ else {
+ /* Decrypt a block with wolfCrypt DES object. */
+ if (wc_Des_EcbDecrypt(des, (byte*)out, (const byte*)in, DES_KEY_SIZE)
+ != 0) {
+ WOLFSSL_MSG("wc_Des_EcbDecrpyt return error.");
+ }
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(des, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+#endif
+#endif /* NO_DES3 */
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF DES API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF AES API
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+
+#if !defined(NO_AES) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+
+/* Sets the key into the AES key object for encryption or decryption.
+ *
+ * TODO: check bits value?
+ *
+ * @param [in] key Key data.
+ * @param [in] bits Number of bits in key.
+ * @param [out] aes AES key object.
+ * @param [in] enc Whether to encrypt. AES_ENCRYPT or AES_DECRYPT.
+ * @return 0 on success.
+ * @return -1 when key or aes is NULL.
+ * @return -1 when setting key with wolfCrypt fails.
+ */
+static int wolfssl_aes_set_key(const unsigned char *key, const int bits,
+ AES_KEY *aes, int enc)
+{
+ typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1];
+ (void)sizeof(aes_test);
+
+ /* Validate parameters. */
+ if ((key == NULL) || (aes == NULL)) {
+ WOLFSSL_MSG("Null argument passed in");
+ return -1;
+ }
+
+ XMEMSET(aes, 0, sizeof(AES_KEY));
+
+ if (wc_AesInit((Aes*)aes, NULL, INVALID_DEVID) != 0) {
+ WOLFSSL_MSG("Error in initting AES key");
+ return -1;
+ }
+
+ if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, enc) != 0) {
+ WOLFSSL_MSG("Error in setting AES key");
+ return -1;
+ }
+ return 0;
+}
+
+/* Sets the key into the AES key object for encryption.
+ *
+ * @param [in] key Key data.
+ * @param [in] bits Number of bits in key.
+ * @param [out] aes AES key object.
+ * @return 0 on success.
+ * @return -1 when key or aes is NULL.
+ * @return -1 when setting key with wolfCrypt fails.
+ */
+int wolfSSL_AES_set_encrypt_key(const unsigned char *key, const int bits,
+ AES_KEY *aes)
+{
+ WOLFSSL_ENTER("wolfSSL_AES_set_encrypt_key");
+
+ return wolfssl_aes_set_key(key, bits, aes, AES_ENCRYPT);
+}
+
+/* Sets the key into the AES key object for decryption.
+ *
+ * @param [in] key Key data.
+ * @param [in] bits Number of bits in key.
+ * @param [out] aes AES key object.
+ * @return 0 on success.
+ * @return -1 when key or aes is NULL.
+ * @return -1 when setting key with wolfCrypt fails.
+ */
+int wolfSSL_AES_set_decrypt_key(const unsigned char *key, const int bits,
+ AES_KEY *aes)
+{
+ WOLFSSL_ENTER("wolfSSL_AES_set_decrypt_key");
+
+ return wolfssl_aes_set_key(key, bits, aes, AES_DECRYPT);
+}
+
+#ifdef WOLFSSL_AES_DIRECT
+/* Encrypt a 16-byte block of data using AES-ECB.
+ *
+ * wolfSSL_AES_set_encrypt_key() must have been called.
+ *
+ * #input must contain AES_BLOCK_SIZE bytes of data.
+ * #output must be a buffer at least AES_BLOCK_SIZE bytes in length.
+ *
+ * @param [in] input Data to encrypt.
+ * @param [out] output Encrypted data.
+ * @param [in] key AES key to use for encryption.
+ */
+void wolfSSL_AES_encrypt(const unsigned char* input, unsigned char* output,
+ AES_KEY *key)
+{
+ WOLFSSL_ENTER("wolfSSL_AES_encrypt");
+
+ /* Validate parameters. */
+ if ((input == NULL) || (output == NULL) || (key == NULL)) {
+ WOLFSSL_MSG("Null argument passed in");
+ }
+ else
+#if !defined(HAVE_SELFTEST) && \
+ (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
+ /* Encrypt a block with wolfCrypt AES. */
+ if (wc_AesEncryptDirect((Aes*)key, output, input) != 0) {
+ WOLFSSL_MSG("wc_AesEncryptDirect failed");
+ }
+#else
+ {
+ /* Encrypt a block with wolfCrypt AES. */
+ wc_AesEncryptDirect((Aes*)key, output, input);
+ }
+#endif
+}
+
+
+/* Decrypt a 16-byte block of data using AES-ECB.
+ *
+ * wolfSSL_AES_set_decrypt_key() must have been called.
+ *
+ * #input must contain AES_BLOCK_SIZE bytes of data.
+ * #output must be a buffer at least AES_BLOCK_SIZE bytes in length.
+ *
+ * @param [in] input Data to decrypt.
+ * @param [out] output Decrypted data.
+ * @param [in] key AES key to use for encryption.
+ */
+void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
+ AES_KEY *key)
+{
+ WOLFSSL_ENTER("wolfSSL_AES_decrypt");
+
+ /* Validate parameters. */
+ if ((input == NULL) || (output == NULL) || (key == NULL)) {
+ WOLFSSL_MSG("Null argument passed in");
+ }
+ else
+#if !defined(HAVE_SELFTEST) && \
+ (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
+ /* Decrypt a block with wolfCrypt AES. */
+ if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
+ WOLFSSL_MSG("wc_AesDecryptDirect failed");
+ }
+#else
+ {
+ /* Decrypt a block with wolfCrypt AES. */
+ wc_AesDecryptDirect((Aes*)key, output, input);
+ }
+#endif
+}
+#endif /* WOLFSSL_AES_DIRECT */
+
+
+
+#ifdef HAVE_AES_ECB
+/* Encrypt/decrypt a 16-byte block of data using AES-ECB.
+ *
+ * wolfSSL_AES_set_encrypt_key() or wolfSSL_AES_set_decrypt_key ()must have been
+ * called.
+ *
+ * #input must contain AES_BLOCK_SIZE bytes of data.
+ * #output must be a buffer at least AES_BLOCK_SIZE bytes in length.
+ *
+ * @param [in] in Data to encipher.
+ * @param [out] out Enciphered data.
+ * @param [in] key AES key to use for encryption/decryption.
+ * @param [in] enc Whether to encrypt.
+ * AES_ENCRPT for encryption, AES_DECRYPT for decryption.
+ */
+void wolfSSL_AES_ecb_encrypt(const unsigned char *in, unsigned char* out,
+ AES_KEY *key, const int enc)
+{
+ WOLFSSL_ENTER("wolfSSL_AES_ecb_encrypt");
+
+ /* Validate parameters. */
+ if ((key == NULL) || (in == NULL) || (out == NULL)) {
+ WOLFSSL_MSG("Error, Null argument passed in");
+ }
+ else if (enc == AES_ENCRYPT) {
+ /* Encrypt block. */
+ if (wc_AesEcbEncrypt((Aes*)key, out, in, AES_BLOCK_SIZE) != 0) {
+ WOLFSSL_MSG("Error with AES CBC encrypt");
+ }
+ }
+ else {
+ #ifdef HAVE_AES_DECRYPT
+ /* Decrypt block. */
+ if (wc_AesEcbDecrypt((Aes*)key, out, in, AES_BLOCK_SIZE) != 0) {
+ WOLFSSL_MSG("Error with AES CBC decrypt");
+ }
+ #else
+ WOLFSSL_MSG("AES decryption not compiled in");
+ #endif
+ }
+}
+#endif /* HAVE_AES_ECB */
+
+#ifdef HAVE_AES_CBC
+/* Encrypt/decrypt data with IV using AES-CBC.
+ *
+ * wolfSSL_AES_set_encrypt_key() or wolfSSL_AES_set_decrypt_key() must have been
+ * called.
+ *
+ * @param [in] in Data to encipher.
+ * @param [out] out Enciphered data.
+ * @param [in] len Length of data to encipher.
+ * @param [in] key AES key to use for encryption/decryption.
+ * @param [in, out] iv Initialization Vector (IV) of CBC mode.
+ * On in, used with first block.
+ * On out, IV for further operations.
+ * @param [in] enc Whether to encrypt.
+ * AES_ENCRPT for encryption, AES_DECRYPT for decryption.
+ */
+void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out,
+ size_t len, AES_KEY *key, unsigned char* iv, const int enc)
+{
+ WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt");
+
+ /* Validate parameters. */
+ if ((key == NULL) || (in == NULL) || (out == NULL) || (iv == NULL) ||
+ (len == 0)) {
+ WOLFSSL_MSG("Error, Null argument passed in");
+ }
+ /* Set IV for operation. */
+ else {
+ int ret;
+ Aes* aes = (Aes*)key;
+
+ if ((ret = wc_AesSetIV(aes, (const byte*)iv)) != 0) {
+ WOLFSSL_MSG("Error with setting iv");
+ }
+ else if (enc == AES_ENCRYPT) {
+ /* Encrypt with wolfCrypt AES object. */
+ if ((ret = wc_AesCbcEncrypt(aes, out, in, (word32)len)) != 0) {
+ WOLFSSL_MSG("Error with AES CBC encrypt");
+ }
+ }
+ else {
+ /* Decrypt with wolfCrypt AES object. */
+ if ((ret = wc_AesCbcDecrypt(aes, out, in, (word32)len)) != 0) {
+ WOLFSSL_MSG("Error with AES CBC decrypt");
+ }
+ }
+
+ if (ret == 0) {
+ /* Get IV for next operation. */
+ XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
+ }
+ }
+}
+#endif /* HAVE_AES_CBC */
+
+
+/* Encrypt/decrypt data with IV using AES-CFB.
+ *
+ * wolfSSL_AES_set_encrypt_key() must have been called.
+ *
+ * @param [in] in Data to encipher.
+ * @param [out] out Enciphered data.
+ * @param [in] len Length of data to encipher.
+ * @param [in] key AES key to use for encryption/decryption.
+ * @param [in, out] iv Initialization Vector (IV) of CFB mode.
+ * On in, used with first block.
+ * On out, IV for further operations.
+ * @param [out] num Number of bytes used from last incomplete block.
+ * @param [in] enc Whether to encrypt.
+ * AES_ENCRPT for encryption, AES_DECRYPT for decryption.
+ */
+void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
+ size_t len, AES_KEY *key, unsigned char* iv, int* num, const int enc)
+{
+#ifndef WOLFSSL_AES_CFB
+ WOLFSSL_MSG("CFB mode not enabled please use macro WOLFSSL_AES_CFB");
+
+ (void)in;
+ (void)out;
+ (void)len;
+ (void)key;
+ (void)iv;
+ (void)num;
+ (void)enc;
+#else
+ WOLFSSL_ENTER("wolfSSL_AES_cfb_encrypt");
+
+ /* Validate parameters. */
+ if ((key == NULL) || (in == NULL) || (out == NULL) || (iv == NULL)) {
+ WOLFSSL_MSG("Error, Null argument passed in");
+ }
+ else {
+ int ret;
+ Aes* aes = (Aes*)key;
+
+ /* Copy the IV directly into reg here because wc_AesSetIV clears
+ * leftover bytes field "left", and this function relies on the leftover
+ * bytes being preserved between calls.
+ */
+ XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
+
+ if (enc == AES_ENCRYPT) {
+ /* Encrypt data with AES-CFB. */
+ if ((ret = wc_AesCfbEncrypt(aes, out, in, (word32)len)) != 0) {
+ WOLFSSL_MSG("Error with AES CBC encrypt");
+ }
+ }
+ else {
+ /* Decrypt data with AES-CFB. */
+ if ((ret = wc_AesCfbDecrypt(aes, out, in, (word32)len)) != 0) {
+ WOLFSSL_MSG("Error with AES CBC decrypt");
+ }
+ }
+
+ if (ret == 0) {
+ /* Copy IV out after operation. */
+ XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
+
+ /* Store number of left over bytes to num. */
+ if (num != NULL) {
+ *num = (AES_BLOCK_SIZE - aes->left) % AES_BLOCK_SIZE;
+ }
+ }
+ }
+#endif /* WOLFSSL_AES_CFB */
+}
+
+/* wc_AesKey*Wrap_ex API not available in FIPS and SELFTEST */
+#if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+/* Wrap (encrypt) a key using RFC3394 AES key wrap.
+ *
+ * @param [in, out] key AES key.
+ * @param [in] iv Initialization vector used by encryption mode.
+ * @param [out] out Wrapped key.
+ * @param [in] in Key data to wrap.
+ * @param [in] inSz Length of key to wrap in bytes.
+ * @return Length of encrypted key in bytes.
+ * @return 0 when key, iv, out or in is NULL.
+ * @return 0 when key length is not valid.
+ */
+int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out, const unsigned char *in, unsigned int inSz)
+{
+ int ret = 0;
+ int len = 0;
+
+ WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
+
+ /* Validate parameters. */
+ if ((out == NULL) || (in == NULL)) {
+ WOLFSSL_MSG("Error, Null argument passed in");
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Wrap key. */
+ if ((ret == 0) && ((ret = wc_AesKeyWrap_ex((Aes*)key, in, inSz, out,
+ inSz + KEYWRAP_BLOCK_SIZE, iv)) > 0)) {
+ /* Get the length of the wrapped key. */
+ len = ret;
+ }
+
+ return len;
+}
+
+/* Unwrap (decrypt) a key using RFC3394 AES key wrap.
+ *
+ * @param [in, out] key AES key.
+ * @param [in] iv Initialization vector used by decryption mode.
+ * @param [out] out Unwrapped key.
+ * @param [in] in Wrapped key data.
+ * @param [in] inSz Length of wrapped key data in bytes.
+ * @return Length of decrypted key in bytes.
+ * @return 0 when key, iv, out or in is NULL.
+ * @return 0 when wrapped key data length is not valid.
+ */
+int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+ unsigned char *out, const unsigned char *in, unsigned int inSz)
+{
+ int ret = 0;
+ int len = 0;
+
+ WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
+
+ /* Validate parameters. */
+ if ((out == NULL) || (in == NULL)) {
+ WOLFSSL_MSG("Error, Null argument passed in");
+ ret = BAD_FUNC_ARG;
+ }
+
+ /* Unwrap key. */
+ if ((ret == 0) && ((ret = wc_AesKeyUnWrap_ex((Aes*)key, in, inSz, out,
+ inSz + KEYWRAP_BLOCK_SIZE, iv)) > 0)) {
+ /* Get the length of the unwrapped key. */
+ len = ret;
+ }
+
+ return len;
+}
+#endif /* HAVE_AES_KEYWRAP && !HAVE_FIPS && !HAVE_SELFTEST */
+
+#ifdef HAVE_CTS
+/* Ciphertext stealing encryption compatible with RFC2040 and RFC3962.
+ *
+ * @param [in] in Data to encrypt.
+ * @param [out] out Encrypted data.
+ * @param [in] len Length of data to encrypt.
+ * @param [in] key Symmetric key.
+ * @param [in] iv Initialization Vector for encryption mode.
+ * @param [in] cbc CBC mode encryption function.
+ * @return Length of encrypted data in bytes on success.
+ * @return 0 when in, out, cbc, key or iv are NULL.
+ * @return 0 when len is less than or equal to 16 bytes.
+ */
+size_t wolfSSL_CRYPTO_cts128_encrypt(const unsigned char *in,
+ unsigned char *out, size_t len, const void *key, unsigned char *iv,
+ WOLFSSL_CBC128_CB cbc)
+{
+ byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
+ int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
+
+ WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_encrypt");
+
+ /* Validate parameters. */
+ if ((in == NULL) || (out == NULL) || (len <= WOLFSSL_CTS128_BLOCK_SZ) ||
+ (cbc == NULL) || (key == NULL) || (iv == NULL)) {
+ WOLFSSL_MSG("Bad parameter");
+ len = 0;
+ }
+
+ if (len > 0) {
+ /* Must have a last block. */
+ if (lastBlkLen == 0) {
+ lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
+ }
+
+ /* Encrypt data up to last block */
+ (*cbc)(in, out, len - lastBlkLen, key, iv, AES_ENCRYPT);
+
+ /* Move to last block */
+ in += len - lastBlkLen;
+ out += len - lastBlkLen;
+
+ /* RFC2040: Pad Pn with zeros at the end to create P of length BB. */
+ XMEMCPY(lastBlk, in, lastBlkLen);
+ XMEMSET(lastBlk + lastBlkLen, 0, WOLFSSL_CTS128_BLOCK_SZ - lastBlkLen);
+ /* RFC2040: Select the first Ln bytes of En-1 to create Cn */
+ XMEMCPY(out, out - WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
+ /* Encrypt last block. */
+ (*cbc)(lastBlk, out - WOLFSSL_CTS128_BLOCK_SZ, WOLFSSL_CTS128_BLOCK_SZ,
+ key, iv, AES_ENCRYPT);
+ }
+
+ return len;
+}
+
+/* Ciphertext stealing decryption compatible with RFC2040 and RFC3962.
+ *
+ * @param [in] in Data to decrypt.
+ * @param [out] out Decrypted data.
+ * @param [in] len Length of data to decrypt.
+ * @param [in] key Symmetric key.
+ * @param [in] iv Initialization Vector for decryption mode.
+ * @param [in] cbc CBC mode encryption function.
+ * @return Length of decrypted data in bytes on success.
+ * @return 0 when in, out, cbc, key or iv are NULL.
+ * @return 0 when len is less than or equal to 16 bytes.
+ */
+size_t wolfSSL_CRYPTO_cts128_decrypt(const unsigned char *in,
+ unsigned char *out, size_t len, const void *key, unsigned char *iv,
+ WOLFSSL_CBC128_CB cbc)
+{
+ byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
+ byte prevBlk[WOLFSSL_CTS128_BLOCK_SZ];
+ int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
+
+ WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_decrypt");
+
+ /* Validate parameters. */
+ if ((in == NULL) || (out == NULL) || (len <= WOLFSSL_CTS128_BLOCK_SZ) ||
+ (cbc == NULL) || (key == NULL) || (iv == NULL)) {
+ WOLFSSL_MSG("Bad parameter");
+ len = 0;
+ }
+
+ if (len > 0) {
+ /* Must have a last block. */
+ if (lastBlkLen == 0) {
+ lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
+ }
+
+ if (len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ != 0) {
+ /* Decrypt up to last two blocks */
+ (*cbc)(in, out, len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ, key, iv,
+ AES_DECRYPTION);
+
+ /* Move to last two blocks */
+ in += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
+ out += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
+ }
+
+ /* RFC2040: Decrypt Cn-1 to create Dn.
+ * Use 0 buffer as IV to do straight decryption.
+ * This places the Cn-1 block at lastBlk */
+ XMEMSET(lastBlk, 0, WOLFSSL_CTS128_BLOCK_SZ);
+ (*cbc)(in, prevBlk, WOLFSSL_CTS128_BLOCK_SZ, key, lastBlk, AES_DECRYPT);
+ /* RFC2040: Append the tail (BB minus Ln) bytes of Xn to Cn
+ * to create En. */
+ XMEMCPY(prevBlk, in + WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
+ /* Cn and Cn-1 can now be decrypted */
+ (*cbc)(prevBlk, out, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
+ (*cbc)(lastBlk, lastBlk, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
+ XMEMCPY(out + WOLFSSL_CTS128_BLOCK_SZ, lastBlk, lastBlkLen);
+ }
+
+ return len;
+}
+#endif /* HAVE_CTS */
+#endif /* !NO_AES && !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF AES API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF RC4 API
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+
+#ifndef NO_RC4
+/* Set the key state for Arc4 key.
+ *
+ * @param [out] key Arc4 key.
+ * @param [in] len Length of key in buffer.
+ * @param [in] data Key data buffer.
+ */
+void wolfSSL_RC4_set_key(WOLFSSL_RC4_KEY* key, int len,
+ const unsigned char* data)
+{
+ typedef char rc4_test[sizeof(WOLFSSL_RC4_KEY) >= sizeof(Arc4) ? 1 : -1];
+ (void)sizeof(rc4_test);
+
+ WOLFSSL_ENTER("wolfSSL_RC4_set_key");
+
+ /* Validate parameters. */
+ if ((key == NULL) || (len < 0) || (data == NULL)) {
+ WOLFSSL_MSG("bad argument passed in");
+ }
+ else {
+ /* Reset wolfCrypt Arc4 object. */
+ XMEMSET(key, 0, sizeof(WOLFSSL_RC4_KEY));
+ /* Set key into wolfCrypt Arc4 object. */
+ wc_Arc4SetKey((Arc4*)key, data, (word32)len);
+ }
+}
+
+
+/* Encrypt/decrypt with Arc4 key.
+ *
+ * @param [in] len Length of data to encrypt/decrypt.
+ * @param [in] in Data to encrypt/decrypt.
+ * @param [out] out Enciphered data.
+ */
+void wolfSSL_RC4(WOLFSSL_RC4_KEY* key, size_t len, const unsigned char* in,
+ unsigned char* out)
+{
+ WOLFSSL_ENTER("wolfSSL_RC4");
+
+ /* Validate parameters. */
+ if ((key == NULL) || (in == NULL) || (out == NULL)) {
+ WOLFSSL_MSG("Bad argument passed in");
+ }
+ else {
+ /* Encrypt/decrypt data. */
+ wc_Arc4Process((Arc4*)key, out, in, (word32)len);
+ }
+}
+#endif /* NO_RC4 */
+
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF RC4 API
+ ******************************************************************************/
+
+#endif /* WOLFSSL_SSL_CRYPTO_INCLUDED */
+
diff --git a/extra/wolfssl/wolfssl/src/ssl_misc.c b/extra/wolfssl/wolfssl/src/ssl_misc.c
index af0b99ba..9bc42ddd 100644
--- a/extra/wolfssl/wolfssl/src/ssl_misc.c
+++ b/extra/wolfssl/wolfssl/src/ssl_misc.c
@@ -203,8 +203,12 @@ static int wolfssl_read_bio(WOLFSSL_BIO* bio, char** data, int* dataSz,
return ret;
}
#endif /* !NO_BIO */
+#endif /* OPENSSL_EXTRA && !WOLFCRYPT_ONLY */
-#if !defined(NO_FILESYSTEM)
+#if (defined(OPENSSL_EXTRA) || defined(PERSIST_CERT_CACHE) || \
+ (!defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
+ !defined(WOLFSSL_NO_CLIENT_AUTH)))) && !defined(WOLFCRYPT_ONLY) && \
+ !defined(NO_FILESYSTEM)
/* Read all the data from a file.
*
* @param [in] fp File pointer to read with.
@@ -253,7 +257,10 @@ static int wolfssl_file_len(XFILE fp, long* fileSz)
return ret;
}
+#endif
+#if (defined(OPENSSL_EXTRA) || defined(PERSIST_CERT_CACHE)) && \
+ !defined(WOLFCRYPT_ONLY) && !defined(NO_FILESYSTEM)
/* Read all the data from a file.
*
* @param [in] fp File pointer to read with.
@@ -290,7 +297,7 @@ static int wolfssl_read_file(XFILE fp, char** data, int* dataSz)
XFREE(mem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
-#endif /* !NO_FILESYSTEM */
-#endif /* OPENSSL_EXTRA && !WOLFCRYPT_ONLY */
+#endif /* (OPENSSL_EXTRA || PERSIST_CERT_CACHE) && !WOLFCRYPT_ONLY &&
+ * !NO_FILESYSTEM */
#endif /* !WOLFSSL_SSL_MISC_INCLUDED */
diff --git a/extra/wolfssl/wolfssl/src/tls.c b/extra/wolfssl/wolfssl/src/tls.c
index 656a337f..48d76dfa 100644
--- a/extra/wolfssl/wolfssl/src/tls.c
+++ b/extra/wolfssl/wolfssl/src/tls.c
@@ -106,7 +106,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions);
#endif
/* Warn if secrets logging is enabled */
-#if defined(SHOW_SECRETS) || defined(WOLFSSL_SSLKEYLOGFILE)
+#if (defined(SHOW_SECRETS) || defined(WOLFSSL_SSLKEYLOGFILE)) && \
+ !defined(WOLFSSL_KEYLOG_EXPORT_WARNED)
#ifndef _MSC_VER
#warning The SHOW_SECRETS and WOLFSSL_SSLKEYLOGFILE options should only be used for debugging and never in a production environment
#else
@@ -114,13 +115,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions);
#endif
#endif
-/* Optional Pre-Master-Secret logging for Wireshark */
-#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_SSLKEYLOGFILE)
-#ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT
- #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log"
-#endif
-#endif
-
#ifndef WOLFSSL_NO_TLS12
#ifdef WOLFSSL_SHA384
@@ -157,6 +151,12 @@ int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, word32* hashLen)
hashSz = WC_SHA384_DIGEST_SIZE;
}
#endif
+#ifdef WOLFSSL_SM3
+ if (ssl->specs.mac_algorithm == sm3_mac) {
+ ret |= wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+ hashSz = WC_SM3_DIGEST_SIZE;
+ }
+#endif
}
*hashLen = hashSz;
@@ -517,6 +517,21 @@ int MakeTlsMasterSecret(WOLFSSL* ssl)
{
int ret;
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If this is called from a sniffer session with keylog file support, obtain
+ * the master secret from the callback */
+ if (ssl->snifferSecretCb != NULL) {
+ ret = ssl->snifferSecretCb(ssl->arrays->clientRandom,
+ SNIFFER_SECRET_TLS12_MASTER_SECRET,
+ ssl->arrays->masterSecret);
+ if (ret != 0) {
+ return ret;
+ }
+ ret = DeriveTlsKeys(ssl);
+ return ret;
+ }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
#ifdef HAVE_EXTENDED_MASTER
if (ssl->options.haveEMS) {
word32 hashSz = HSHASH_SZ;
@@ -663,50 +678,6 @@ int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* msk, unsigned int len,
return ret;
}
-int wolfSSL_GetHmacType_ex(CipherSpecs* specs)
-{
- if (specs == NULL)
- return BAD_FUNC_ARG;
-
- switch (specs->mac_algorithm) {
- #ifndef NO_MD5
- case md5_mac:
- {
- return WC_MD5;
- }
- #endif
- #ifndef NO_SHA256
- case sha256_mac:
- {
- return WC_SHA256;
- }
- #endif
- #ifdef WOLFSSL_SHA384
- case sha384_mac:
- {
- return WC_SHA384;
- }
-
- #endif
- #ifndef NO_SHA
- case sha_mac:
- {
- return WC_SHA;
- }
- #endif
- #ifdef HAVE_BLAKE2
- case blake2b_mac:
- {
- return BLAKE2B_ID;
- }
- #endif
- default:
- {
- return WOLFSSL_FATAL_ERROR;
- }
- }
-}
-
/* return HMAC digest type in wolfSSL format */
int wolfSSL_GetHmacType(WOLFSSL* ssl)
{
@@ -775,6 +746,12 @@ static int Hmac_HashUpdate(Hmac* hmac, const byte* data, word32 sz)
break;
#endif /* WOLFSSL_SHA512 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = wc_Sm3Update(&hmac->hash.sm3, data, sz);
+ break;
+ #endif /* WOLFSSL_SM3 */
+
default:
break;
}
@@ -817,6 +794,12 @@ static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash)
break;
#endif /* WOLFSSL_SHA512 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = wc_Sm3FinalRaw(&hmac->hash.sm3, hash);
+ break;
+ #endif /* WOLFSSL_SM3 */
+
default:
break;
}
@@ -913,6 +896,14 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
break;
#endif /* WOLFSSL_SHA512 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ blockSz = WC_SM3_BLOCK_SIZE;
+ blockBits = 6;
+ padSz = WC_SM3_BLOCK_SIZE - WC_SM3_PAD_SIZE + 1;
+ break;
+ #endif /* WOLFSSL_SM3 */
+
default:
return BAD_FUNC_ARG;
}
@@ -1028,7 +1019,7 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
word32 sz, byte* header)
{
byte dummy[WC_MAX_BLOCK_SIZE] = {0};
- int ret;
+ int ret = 0;
word32 msgSz, blockSz, macSz, padSz, maxSz, realSz;
word32 offset = 0;
int msgBlocks, blocks, blockBits;
@@ -1080,7 +1071,17 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
break;
#endif /* HAVE_BLAKE2 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ blockSz = WC_SM3_BLOCK_SIZE;
+ blockBits = 6;
+ macSz = WC_SM3_DIGEST_SIZE;
+ padSz = WC_SM3_BLOCK_SIZE - WC_SM3_PAD_SIZE + 1;
+ break;
+ #endif
+
default:
+ WOLFSSL_MSG("ERROR: Hmac_UpdateFinal failed, no hmac->macType");
return BAD_FUNC_ARG;
}
@@ -1089,6 +1090,8 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
msgSz &= ~(0 - (msgSz >> 31));
realSz = WOLFSSL_TLS_HMAC_INNER_SZ + msgSz;
maxSz = WOLFSSL_TLS_HMAC_INNER_SZ + (sz - 1) - macSz;
+ /* Make negative result 0 */
+ maxSz &= ~(0 - (maxSz >> 31));
/* Calculate #blocks processed in HMAC for max and real data. */
blocks = maxSz >> blockBits;
@@ -1227,6 +1230,55 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
#endif /* !WOLFSSL_NO_TLS12 */
+int wolfSSL_GetHmacType_ex(CipherSpecs* specs)
+{
+ if (specs == NULL)
+ return BAD_FUNC_ARG;
+
+ switch (specs->mac_algorithm) {
+ #ifndef NO_MD5
+ case md5_mac:
+ {
+ return WC_MD5;
+ }
+ #endif
+ #ifndef NO_SHA256
+ case sha256_mac:
+ {
+ return WC_SHA256;
+ }
+ #endif
+ #ifdef WOLFSSL_SHA384
+ case sha384_mac:
+ {
+ return WC_SHA384;
+ }
+ #endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ {
+ return WC_SM3;
+ }
+ #endif
+ #ifndef NO_SHA
+ case sha_mac:
+ {
+ return WC_SHA;
+ }
+ #endif
+ #ifdef HAVE_BLAKE2
+ case blake2b_mac:
+ {
+ return BLAKE2B_ID;
+ }
+ #endif
+ default:
+ {
+ return WOLFSSL_FATAL_ERROR;
+ }
+ }
+}
+
#ifdef HAVE_TLS_EXTENSIONS
/**
@@ -1652,19 +1704,28 @@ int ALPN_Select(WOLFSSL *ssl)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
if (ssl->alpnSelect != NULL && ssl->options.side == WOLFSSL_SERVER_END) {
- if (ssl->alpnSelect(ssl, &sel, &sel_len, ssl->alpn_peer_requested,
- ssl->alpn_peer_requested_length,
- ssl->alpnSelectArg) == 0) {
- WOLFSSL_MSG("ALPN protocol match");
- }
- else {
- sel = NULL;
- sel_len = 0;
+ r = ssl->alpnSelect(ssl, &sel, &sel_len, ssl->alpn_peer_requested,
+ ssl->alpn_peer_requested_length, ssl->alpnSelectArg);
+ switch (r) {
+ case SSL_TLSEXT_ERR_OK:
+ WOLFSSL_MSG("ALPN protocol match");
+ break;
+ case SSL_TLSEXT_ERR_NOACK:
+ WOLFSSL_MSG("ALPN cb no match but not fatal");
+ sel = NULL;
+ sel_len = 0;
+ break;
+ case SSL_TLSEXT_ERR_ALERT_FATAL:
+ default:
+ WOLFSSL_MSG("ALPN cb no match and fatal");
+ SendAlert(ssl, alert_fatal, no_application_protocol);
+ WOLFSSL_ERROR_VERBOSE(UNKNOWN_ALPN_PROTOCOL_NAME_E);
+ return UNKNOWN_ALPN_PROTOCOL_NAME_E;
}
}
+ else
#endif
-
- if (sel == NULL) {
+ {
r = ALPN_find_match(ssl, &extension, &sel, &sel_len,
ssl->alpn_peer_requested,
ssl->alpn_peer_requested_length);
@@ -1803,6 +1864,9 @@ int TLSX_ALPN_GetRequest(TLSX* extensions, void** data, word16 *dataSz)
if (extensions == NULL || data == NULL || dataSz == NULL)
return BAD_FUNC_ARG;
+ *data = NULL;
+ *dataSz = 0;
+
extension = TLSX_Find(extensions, TLSX_APPLICATION_LAYER_PROTOCOL);
if (extension == NULL) {
WOLFSSL_MSG("TLS extension not found");
@@ -1813,8 +1877,6 @@ int TLSX_ALPN_GetRequest(TLSX* extensions, void** data, word16 *dataSz)
alpn = (ALPN *)extension->data;
if (alpn == NULL) {
WOLFSSL_MSG("ALPN extension not found");
- *data = NULL;
- *dataSz = 0;
WOLFSSL_ERROR_VERBOSE(WOLFSSL_FATAL_ERROR);
return WOLFSSL_FATAL_ERROR;
}
@@ -1853,7 +1915,7 @@ int TLSX_ALPN_GetRequest(TLSX* extensions, void** data, word16 *dataSz)
#else /* HAVE_ALPN */
-#define ALPN_FREE_ALL(list, heap)
+#define ALPN_FREE_ALL(list, heap) WC_DO_NOTHING
#define ALPN_GET_SIZE(list) 0
#define ALPN_WRITE(a, b) 0
#define ALPN_PARSE(a, b, c, d) 0
@@ -2470,7 +2532,7 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
#else
-#define SNI_FREE_ALL(list, heap)
+#define SNI_FREE_ALL(list, heap) WC_DO_NOTHING
#define SNI_GET_SIZE(list) 0
#define SNI_WRITE(a, b) 0
#define SNI_PARSE(a, b, c, d) 0
@@ -2810,7 +2872,7 @@ int TLSX_UseTrustedCA(TLSX** extensions, byte type,
#else /* HAVE_TRUSTED_CA */
-#define TCA_FREE_ALL(list, heap)
+#define TCA_FREE_ALL(list, heap) WC_DO_NOTHING
#define TCA_GET_SIZE(list) 0
#define TCA_WRITE(a, b) 0
#define TCA_PARSE(a, b, c, d) 0
@@ -2904,7 +2966,7 @@ int TLSX_UseMaxFragment(TLSX** extensions, byte mfl, void* heap)
#else
-#define MFL_FREE_ALL(a, b)
+#define MFL_FREE_ALL(a, b) WC_DO_NOTHING
#define MFL_GET_SIZE(a) 0
#define MFL_WRITE(a, b) 0
#define MFL_PARSE(a, b, c, d) 0
@@ -2981,6 +3043,12 @@ static void TLSX_CSR_Free(CertificateStatusRequest* csr, void* heap)
break;
}
+#ifdef WOLFSSL_TLS13
+ if (csr->response.buffer != NULL) {
+ XFREE(csr->response.buffer, csr->ssl->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ }
+#endif
XFREE(csr, heap, DYNAMIC_TYPE_TLSX);
(void)heap;
}
@@ -3112,7 +3180,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
csr->status_type, csr->options, ssl,
ssl->heap, ssl->devId);
if (ret != WOLFSSL_SUCCESS)
- return ret;
+ return ret == 0 ? -1 : ret;
switch (csr->status_type) {
case WOLFSSL_CSR_OCSP:
@@ -3155,7 +3223,13 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
ret = BUFFER_ERROR;
}
if (ret == 0) {
- csr->response.buffer = (byte*)(input + offset);
+ csr->response.buffer = (byte*)XMALLOC(resp_length, ssl->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (csr->response.buffer == NULL)
+ ret = MEMORY_ERROR;
+ }
+ if (ret == 0) {
+ XMEMCPY(csr->response.buffer, input + offset, resp_length);
csr->response.length = resp_length;
}
@@ -3217,7 +3291,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
ret = TLSX_UseCertificateStatusRequest(&ssl->extensions, status_type,
0, ssl, ssl->heap, ssl->devId);
if (ret != WOLFSSL_SUCCESS)
- return ret; /* throw error */
+ return ret == 0 ? -1 : ret; /* throw error */
#if defined(WOLFSSL_TLS13)
if (ssl->options.tls1_3) {
@@ -3233,15 +3307,22 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
InitDecodedCert(cert, ssl->buffers.certificate->buffer,
ssl->buffers.certificate->length, ssl->heap);
ret = ParseCert(cert, CERT_TYPE, 1, SSL_CM(ssl));
- if (ret != 0 ) {
+ if (ret != 0) {
+ FreeDecodedCert(cert);
XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
+ /* Let's not error out the connection if we can't verify our
+ * cert */
+ if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
+ ret = 0;
return ret;
}
ret = TLSX_CSR_InitRequest(ssl->extensions, cert, ssl->heap);
if (ret != 0 ) {
+ FreeDecodedCert(cert);
XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
return ret;
}
+ FreeDecodedCert(cert);
XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST);
@@ -3326,7 +3407,7 @@ int TLSX_CSR_ForceRequest(WOLFSSL* ssl)
if (SSL_CM(ssl)->ocspEnabled) {
csr->request.ocsp.ssl = ssl;
return CheckOcspRequest(SSL_CM(ssl)->ocsp,
- &csr->request.ocsp, NULL);
+ &csr->request.ocsp, NULL, NULL);
}
else {
WOLFSSL_ERROR_VERBOSE(OCSP_LOOKUP_FAIL);
@@ -3396,7 +3477,7 @@ int TLSX_UseCertificateStatusRequest(TLSX** extensions, byte status_type,
#else
-#define CSR_FREE_ALL(data, heap)
+#define CSR_FREE_ALL(data, heap) WC_DO_NOTHING
#define CSR_GET_SIZE(a, b) 0
#define CSR_WRITE(a, b, c) 0
#define CSR_PARSE(a, b, c, d) 0
@@ -3758,7 +3839,7 @@ int TLSX_CSR2_ForceRequest(WOLFSSL* ssl)
if (SSL_CM(ssl)->ocspEnabled) {
csr2->request.ocsp[0].ssl = ssl;
return CheckOcspRequest(SSL_CM(ssl)->ocsp,
- &csr2->request.ocsp[0], NULL);
+ &csr2->request.ocsp[0], NULL, NULL);
}
else {
WOLFSSL_ERROR_VERBOSE(OCSP_LOOKUP_FAIL);
@@ -3842,7 +3923,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
#else
-#define CSR2_FREE_ALL(data, heap)
+#define CSR2_FREE_ALL(data, heap) WC_DO_NOTHING
#define CSR2_GET_SIZE(a, b) 0
#define CSR2_WRITE(a, b, c) 0
#define CSR2_PARSE(a, b, c, d) 0
@@ -3859,7 +3940,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
&& !defined(HAVE_FFDHE) && !defined(HAVE_PQC)
#error Elliptic Curves Extension requires Elliptic Curve Cryptography or liboqs groups. \
Use --enable-ecc and/or --enable-liboqs in the configure script or \
- define HAVE_ECC. Alternatively use FFDHE for DH ciphersuites.
+ define HAVE_ECC. Alternatively use FFDHE for DH cipher suites.
#endif
static int TLSX_SupportedCurve_New(SupportedCurve** curve, word16 name,
@@ -3986,6 +4067,21 @@ static void TLSX_SupportedCurve_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
for (i = 0; i < suites->suiteSz; i += 2) {
if (suites->suites[i] == TLS13_BYTE)
return;
+ #ifdef BUILD_TLS_SM4_GCM_SM3
+ if ((suites->suites[i] == CIPHER_BYTE) &&
+ (suites->suites[i+1] == TLS_SM4_GCM_SM3))
+ return;
+ #endif
+ #ifdef BUILD_TLS_SM4_CCM_SM3
+ if ((suites->suites[i] == CIPHER_BYTE) &&
+ (suites->suites[i+1] == TLS_SM4_CCM_SM3))
+ return;
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ if ((suites->suites[i] == SM_BYTE) &&
+ (suites->suites[i+1] == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3))
+ return;
+ #endif
if ((suites->suites[i] == ECC_BYTE) ||
(suites->suites[i] == ECDHE_PSK_BYTE) ||
(suites->suites[i] == CHACHA_BYTE)) {
@@ -4023,6 +4119,21 @@ static void TLSX_PointFormat_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
for (i = 0; i < suites->suiteSz; i += 2) {
if (suites->suites[i] == TLS13_BYTE)
return;
+ #ifdef BUILD_TLS_SM4_GCM_SM3
+ if ((suites->suites[i] == CIPHER_BYTE) &&
+ (suites->suites[i+1] == TLS_SM4_GCM_SM3))
+ return;
+ #endif
+ #ifdef BUILD_TLS_SM4_CCM_SM3
+ if ((suites->suites[i] == CIPHER_BYTE) &&
+ (suites->suites[i+1] == TLS_SM4_CCM_SM3))
+ return;
+ #endif
+ #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ if ((suites->suites[i] == SM_BYTE) &&
+ (suites->suites[i+1] == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3))
+ return;
+ #endif
if ((suites->suites[i] == ECC_BYTE) ||
(suites->suites[i] == ECDHE_PSK_BYTE) ||
(suites->suites[i] == CHACHA_BYTE)) {
@@ -4050,6 +4161,21 @@ static void TLSX_PointFormat_ValidateResponse(WOLFSSL* ssl, byte* semaphore)
if (ssl->options.cipherSuite0 == TLS13_BYTE)
return;
+#ifdef BUILD_TLS_SM4_GCM_SM3
+ if ((ssl->options.cipherSuite0 == CIPHER_BYTE) &&
+ (ssl->options.cipherSuite == TLS_SM4_GCM_SM3))
+ return;
+#endif
+#ifdef BUILD_TLS_SM4_CCM_SM3
+ if ((ssl->options.cipherSuite0 == CIPHER_BYTE) &&
+ (ssl->options.cipherSuite == TLS_SM4_CCM_SM3))
+ return;
+#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ if ((ssl->options.cipherSuite0 == SM_BYTE) &&
+ (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3))
+ return;
+#endif
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
if (ssl->options.cipherSuite0 == ECC_BYTE ||
ssl->options.cipherSuite0 == ECDHE_PSK_BYTE ||
@@ -4064,7 +4190,7 @@ static void TLSX_PointFormat_ValidateResponse(WOLFSSL* ssl, byte* semaphore)
#endif /* !NO_WOLFSSL_SERVER */
-#ifndef NO_WOLFSSL_CLIENT
+#if !defined(NO_WOLFSSL_CLIENT) || defined(WOLFSSL_TLS13)
static word16 TLSX_SupportedCurve_GetSize(SupportedCurve* list)
{
@@ -4094,7 +4220,7 @@ static word16 TLSX_PointFormat_GetSize(PointFormat* list)
return length;
}
-#ifndef NO_WOLFSSL_CLIENT
+#if !defined(NO_WOLFSSL_CLIENT) || defined(WOLFSSL_TLS13)
static word16 TLSX_SupportedCurve_Write(SupportedCurve* list, byte* output)
{
@@ -4585,8 +4711,7 @@ int TLSX_ValidateSupportedCurves(const WOLFSSL* ssl, byte first, byte second,
#ifdef OPENSSL_EXTRA
/* skip if name is not in supported ECC range
* or disabled by user */
- if (curve->name > WOLFSSL_ECC_MAX ||
- wolfSSL_curve_is_disabled(ssl, curve->name))
+ if (wolfSSL_curve_is_disabled(ssl, curve->name))
continue;
#endif
@@ -4670,6 +4795,12 @@ int TLSX_ValidateSupportedCurves(const WOLFSSL* ssl, byte first, byte second,
octets = 32;
break;
#endif /* HAVE_ECC_BRAINPOOL */
+ #ifdef WOLFSSL_SM2
+ case WOLFSSL_ECC_SM2P256V1:
+ oid = ECC_SM2P256V1_OID;
+ octets = 32;
+ break;
+ #endif /* WOLFSSL_SM2 */
#endif
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
#ifndef NO_ECC_SECP
@@ -4983,7 +5114,10 @@ int TLSX_UsePointFormat(TLSX** extensions, byte format, void* heap)
#define EC_FREE_ALL TLSX_SupportedCurve_FreeAll
#define EC_VALIDATE_REQUEST TLSX_SupportedCurve_ValidateRequest
-#ifndef NO_WOLFSSL_CLIENT
+/* In TLS 1.2 the server never sends supported curve extension, but in TLS 1.3
+ * the server can send supported groups extension to indicate what it will
+ * support for later connections. */
+#if !defined(NO_WOLFSSL_CLIENT) || defined(WOLFSSL_TLS13)
#define EC_GET_SIZE TLSX_SupportedCurve_GetSize
#define EC_WRITE TLSX_SupportedCurve_Write
#else
@@ -5013,18 +5147,18 @@ int TLSX_UsePointFormat(TLSX** extensions, byte format, void* heap)
#else
-#define EC_FREE_ALL(list, heap)
+#define EC_FREE_ALL(list, heap) WC_DO_NOTHING
#define EC_GET_SIZE(list) 0
#define EC_WRITE(a, b) 0
#define EC_PARSE(a, b, c, d, e) 0
-#define EC_VALIDATE_REQUEST(a, b)
+#define EC_VALIDATE_REQUEST(a, b) WC_DO_NOTHING
-#define PF_FREE_ALL(list, heap)
+#define PF_FREE_ALL(list, heap) WC_DO_NOTHING
#define PF_GET_SIZE(list) 0
#define PF_WRITE(a, b) 0
#define PF_PARSE(a, b, c, d) 0
-#define PF_VALIDATE_REQUEST(a, b)
-#define PF_VALIDATE_RESPONSE(a, b)
+#define PF_VALIDATE_REQUEST(a, b) WC_DO_NOTHING
+#define PF_VALIDATE_RESPONSE(a, b) WC_DO_NOTHING
#endif /* HAVE_SUPPORTED_CURVES */
@@ -5219,7 +5353,7 @@ int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap)
#else
-#define SCR_FREE_ALL(a, heap)
+#define SCR_FREE_ALL(a, heap) WC_DO_NOTHING
#define SCR_GET_SIZE(a, b) 0
#define SCR_WRITE(a, b, c) 0
#define SCR_PARSE(a, b, c, d) 0
@@ -5296,6 +5430,13 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, const byte* input,
return 0;
}
+#ifdef HAVE_SECURE_RENEGOTIATION
+ if (IsSCR(ssl)) {
+ WOLFSSL_MSG("Client sent session ticket during SCR. Ignoring.");
+ return 0;
+ }
+#endif
+
if (length > SESSION_TICKET_LEN) {
ret = BAD_TICKET_MSG_SZ;
WOLFSSL_ERROR_VERBOSE(ret);
@@ -5418,8 +5559,8 @@ int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket, void* heap)
#else
-#define WOLF_STK_FREE(a, b)
-#define WOLF_STK_VALIDATE_REQUEST(a)
+#define WOLF_STK_FREE(a, b) WC_DO_NOTHING
+#define WOLF_STK_VALIDATE_REQUEST(a) WC_DO_NOTHING
#define WOLF_STK_GET_SIZE(a, b) 0
#define WOLF_STK_WRITE(a, b, c) 0
#define WOLF_STK_PARSE(a, b, c, d) 0
@@ -5685,6 +5826,12 @@ static int TLSX_UseSRTP_Parse(WOLFSSL* ssl, const byte* input, word16 length,
/* parse remainder one profile at a time, looking for match in CTX */
ret = 0;
for (i=offset; i<length; i+=OPAQUE16_LEN) {
+ if (length < (i + OPAQUE16_LEN)) {
+ WOLFSSL_MSG("Unexpected length when parsing SRTP profile");
+ ret = BUFFER_ERROR;
+ break;
+ }
+
ato16(input+i, &profile_value);
/* find first match */
if (profile_value < 16 &&
@@ -5775,7 +5922,7 @@ static int TLSX_UseSRTP(TLSX** extensions, word16 profiles, void* heap)
#define SRTP_WRITE TLSX_UseSRTP_Write
#define SRTP_GET_SIZE TLSX_UseSRTP_GetSize
#else
- #define SRTP_FREE(a, b)
+ #define SRTP_FREE(a, b) WC_DO_NOTHING
#define SRTP_PARSE(a, b, c, d) 0
#define SRTP_WRITE(a, b) 0
#define SRTP_GET_SIZE(a) 0
@@ -6421,6 +6568,183 @@ int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data, word16 len, byte* mac,
#define CKE_PARSE(a, b, c, d) 0
#endif
+
+#if defined(WOLFSSL_TLS13) && !defined(NO_CERTS) && \
+ !defined(WOLFSSL_NO_CA_NAMES) && defined(OPENSSL_EXTRA)
+/* Currently only settable through compatibility API */
+/******************************************************************************/
+/* Certificate Authorities */
+/******************************************************************************/
+
+static word16 TLSX_CA_Names_GetSize(void* data)
+{
+ WOLFSSL* ssl = (WOLFSSL*)data;
+ WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
+ word16 size = 0;
+
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ /* To add support use a different member like ssl->ca_names and
+ * add accessor functions:
+ * - *_set0_CA_list
+ * - *_get0_CA_list */
+ WOLFSSL_MSG("We don't currently support sending the client's list.");
+ return 0;
+ }
+
+ /* Length of names */
+ size += OPAQUE16_LEN;
+ for (names = SSL_CA_NAMES(ssl); names != NULL; names = names->next) {
+ byte seq[MAX_SEQ_SZ];
+ WOLFSSL_X509_NAME* name = names->data.name;
+
+ if (name != NULL) {
+ /* 16-bit length | SEQ | Len | DER of name */
+ size += (word16)(OPAQUE16_LEN + SetSequence(name->rawLen, seq) +
+ name->rawLen);
+ }
+ }
+ return size;
+}
+
+static word16 TLSX_CA_Names_Write(void* data, byte* output)
+{
+ WOLFSSL* ssl = (WOLFSSL*)data;
+ WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
+ byte* len;
+
+ if (ssl->options.side == WOLFSSL_CLIENT_END) {
+ /* To add support use a different member like ssl->ca_names and
+ * add accessor functions:
+ * - *_set0_CA_list
+ * - *_get0_CA_list */
+ WOLFSSL_MSG("We don't currently support sending the client's list.");
+ return 0;
+ }
+
+ /* Reserve space for the length value */
+ len = output;
+ output += OPAQUE16_LEN;
+ for (names = SSL_CA_NAMES(ssl); names != NULL; names = names->next) {
+ byte seq[MAX_SEQ_SZ];
+ WOLFSSL_X509_NAME* name = names->data.name;
+
+ if (name != NULL) {
+ c16toa((word16)name->rawLen +
+ (word16)SetSequence(name->rawLen, seq), output);
+ output += OPAQUE16_LEN;
+ output += SetSequence(name->rawLen, output);
+ XMEMCPY(output, name->raw, name->rawLen);
+ output += name->rawLen;
+ }
+ }
+ /* Write the total length */
+ c16toa((word16)(output - len - OPAQUE16_LEN), len);
+ return (word16)(output - len);
+}
+
+static int TLSX_CA_Names_Parse(WOLFSSL *ssl, const byte* input,
+ word16 length, byte isRequest)
+{
+ word16 extLen;
+
+ (void)isRequest;
+
+ if (ssl->options.side == WOLFSSL_SERVER_END) {
+ /* To add support use a different member like ssl->ca_names and
+ * add accessor functions:
+ * - *_set0_CA_list
+ * - *_get0_CA_list */
+ WOLFSSL_MSG("We don't currently support parsing the client's list.");
+ return 0;
+ }
+
+ if (ssl->client_ca_names != ssl->ctx->client_ca_names)
+ wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+ ssl->client_ca_names = wolfSSL_sk_X509_NAME_new(NULL);
+ if (ssl->client_ca_names == NULL)
+ return MEMORY_ERROR;
+
+ if (length < OPAQUE16_LEN)
+ return BUFFER_ERROR;
+
+ ato16(input, &extLen);
+ input += OPAQUE16_LEN;
+ length -= OPAQUE16_LEN;
+ if (extLen != length)
+ return BUFFER_ERROR;
+
+ while (length) {
+ word32 idx = 0;
+ WOLFSSL_X509_NAME* name = NULL;
+ int ret = 0;
+ int didInit = FALSE;
+ /* Use a DecodedCert struct to get access to GetName to
+ * parse DN name */
+#ifdef WOLFSSL_SMALL_STACK
+ DecodedCert *cert = (DecodedCert *)XMALLOC(
+ sizeof(*cert), ssl->heap, DYNAMIC_TYPE_DCERT);
+ if (cert == NULL)
+ return MEMORY_ERROR;
+#else
+ DecodedCert cert[1];
+#endif
+
+ if (length < OPAQUE16_LEN) {
+ ret = BUFFER_ERROR;
+ }
+
+ if (ret == 0) {
+ ato16(input, &extLen);
+ idx += OPAQUE16_LEN;
+
+ if (idx + extLen > length)
+ ret = BUFFER_ERROR;
+ }
+
+ if (ret == 0) {
+ InitDecodedCert(cert, input + idx, extLen, ssl->heap);
+ didInit = TRUE;
+ idx += extLen;
+ ret = GetName(cert, SUBJECT, extLen);
+ }
+
+ if (ret == 0 && (name = wolfSSL_X509_NAME_new()) == NULL)
+ ret = MEMORY_ERROR;
+
+ if (ret == 0) {
+ CopyDecodedName(name, cert, SUBJECT);
+ if (wolfSSL_sk_X509_NAME_push(ssl->client_ca_names, name)
+ == WOLFSSL_FAILURE)
+ ret = MEMORY_ERROR;
+ }
+
+ if (didInit)
+ FreeDecodedCert(cert);
+
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
+#endif
+ if (ret != 0)
+ return ret;
+
+ input += idx;
+ length -= (word16)idx;
+ }
+ return 0;
+}
+
+#define CAN_GET_SIZE TLSX_CA_Names_GetSize
+#define CAN_WRITE TLSX_CA_Names_Write
+#define CAN_PARSE TLSX_CA_Names_Parse
+
+#else
+
+#define CAN_GET_SIZE(...) 0
+#define CAN_WRITE(...) 0
+#define CAN_PARSE(...) 0
+
+#endif
+
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
/******************************************************************************/
/* Signature Algorithms */
@@ -7087,7 +7411,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
word16 curveId = (word16) ECC_CURVE_INVALID;
ecc_key* eccKey = (ecc_key*)kse->key;
- /* TODO: [TLS13] The key sizes should come from wolfcrypt. */
+ /* TODO: [TLS13] Get key sizes using wc_ecc_get_curve_size_from_id. */
/* Translate named group to a curve id. */
switch (kse->group) {
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
@@ -7097,6 +7421,12 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
keySize = 32;
break;
#endif /* !NO_ECC_SECP */
+ #ifdef WOLFSSL_SM2
+ case WOLFSSL_ECC_SM2P256V1:
+ curveId = ECC_SM2P256V1;
+ keySize = 32;
+ break;
+ #endif /* !NO_ECC_SECP */
#endif
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
#ifndef NO_ECC_SECP
@@ -7120,15 +7450,6 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
}
if (kse->key == NULL) {
- kse->keyLen = keySize;
- kse->pubKeyLen = keySize * 2 + 1;
-
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
- ret = tsip_Tls13GenEccKeyPair(ssl, kse);
- if (ret != CRYPTOCB_UNAVAILABLE) {
- return ret;
- }
- #endif
/* Allocate an ECC key to hold private key. */
kse->key = (byte*)XMALLOC(sizeof(ecc_key), ssl->heap, DYNAMIC_TYPE_ECC);
if (kse->key == NULL) {
@@ -7136,9 +7457,19 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
return MEMORY_E;
}
- /* Make an ECC key */
+ /* Initialize an ECC key struct for the ephemeral key */
ret = wc_ecc_init_ex((ecc_key*)kse->key, ssl->heap, ssl->devId);
+
if (ret == 0) {
+ kse->keyLen = keySize;
+ kse->pubKeyLen = keySize * 2 + 1;
+
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ ret = tsip_Tls13GenEccKeyPair(ssl, kse);
+ if (ret != CRYPTOCB_UNAVAILABLE) {
+ return ret;
+ }
+ #endif
/* setting eccKey means okay to call wc_ecc_free */
eccKey = (ecc_key*)kse->key;
@@ -7150,11 +7481,21 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
/* set curve info for EccMakeKey "peer" info */
ret = wc_ecc_set_curve(eccKey, kse->keyLen, curveId);
if (ret == 0) {
- /* Generate ephemeral ECC key */
- /* For async this is called once and when event is done, the
- * provided buffers in key be populated.
- * Final processing is x963 key export below. */
- ret = EccMakeKey(ssl, eccKey, eccKey);
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ /* Detect when private key generation is done */
+ if (ssl->error == WC_PENDING_E &&
+ eccKey->type == ECC_PRIVATEKEY) {
+ ret = 0; /* ECC Key Generation is done */
+ }
+ else
+ #endif
+ {
+ /* Generate ephemeral ECC key */
+ /* For async this is called once and when event is done, the
+ * provided buffers in key be populated.
+ * Final processing is x963 key export below. */
+ ret = EccMakeKey(ssl, eccKey, eccKey);
+ }
}
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
@@ -7887,6 +8228,11 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
curveId = ECC_SECP256R1;
break;
#endif /* !NO_ECC_SECP */
+ #ifdef WOLFSSL_SM2
+ case WOLFSSL_ECC_SM2P256V1:
+ curveId = ECC_SM2P256V1;
+ break;
+ #endif
#endif
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
#ifndef NO_ECC_SECP
@@ -8044,7 +8390,7 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
XMEMCPY(ssl->arrays->preMasterSecret, keyShareEntry->ke,
keyShareEntry->keLen);
ssl->arrays->preMasterSz = keyShareEntry->keLen;
- XFREE(keyShareEntry->ke, sl->heap, DYNAMIC_TYPE_SECRET)
+ XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_SECRET)
keyShareEntry->ke = NULL;
keyShareEntry->keLen = 0;
return 0;
@@ -8053,16 +8399,24 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
/* I am the client, the ciphertext is in keyShareEntry->ke */
findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group);
+ ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
+ if (ret != 0) {
+ WOLFSSL_MSG("Memory allocation error.");
+ return MEMORY_E;
+ }
+
ret = kyber_id2type(oqs_group, &type);
if (ret != 0) {
+ wc_ecc_free(&eccpubkey);
WOLFSSL_MSG("Invalid OQS algorithm specified.");
- ret = BAD_FUNC_ARG;
+ return BAD_FUNC_ARG;
}
- if (ret == 0) {
- ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
- if (ret != 0) {
- WOLFSSL_MSG("Error creating Kyber KEM");
- }
+
+ ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
+ if (ret != 0) {
+ wc_ecc_free(&eccpubkey);
+ WOLFSSL_MSG("Error creating Kyber KEM");
+ return MEMORY_E;
}
if (ret == 0) {
@@ -8086,12 +8440,6 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
default:
break;
}
-
- ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
- if (ret != 0) {
- WOLFSSL_MSG("Memory allocation error.");
- ret = MEMORY_E;
- }
}
if (ret == 0) {
sharedSecret = (byte*)XMALLOC(sharedSecretLen, ssl->heap,
@@ -8320,8 +8668,7 @@ static int TLSX_SupportedGroups_Find(const WOLFSSL* ssl, word16 name,
TLSX* extension;
SupportedCurve* curve = NULL;
- if ((extension = TLSX_Find(extensions,
- TLSX_SUPPORTED_GROUPS)) == NULL) {
+ if ((extension = TLSX_Find(extensions, TLSX_SUPPORTED_GROUPS)) == NULL) {
if ((extension = TLSX_Find(ssl->ctx->extensions,
TLSX_SUPPORTED_GROUPS)) == NULL) {
return 0;
@@ -8392,7 +8739,7 @@ int TLSX_KeyShare_Parse_ClientHello(const WOLFSSL* ssl,
int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
byte msgType)
{
- int ret;
+ int ret = 0;
KeyShareEntry *keyShareEntry = NULL;
word16 group;
@@ -8472,12 +8819,7 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
return ret;
}
-#ifdef HAVE_PQC
- /* For post-quantum groups, do this in TLSX_PopulateExtensions(). */
- if (!WOLFSSL_NAMED_GROUP_IS_PQC(group))
-#endif
- ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL, &ssl->extensions);
-
+ ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL, &ssl->extensions);
if (ret == 0)
ssl->session->namedGroup = ssl->namedGroup = group;
}
@@ -8553,16 +8895,22 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
ret = kyber_id2type(oqs_group, &type);
if (ret != 0) {
WOLFSSL_MSG("Invalid Kyber algorithm specified.");
- ret = BAD_FUNC_ARG;
+ return BAD_FUNC_ARG;
}
- if (ret == 0) {
- ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
- if (ret != 0) {
- WOLFSSL_MSG("Could not do ECC public key initialization.");
- ret = MEMORY_E;
- }
+ ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
+ if (ret != 0) {
+ WOLFSSL_MSG("Could not do ECC public key initialization.");
+ return MEMORY_E;
+ }
+
+ ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
+ if (ret != 0) {
+ wc_ecc_free(&eccpubkey);
+ WOLFSSL_MSG("Error creating Kyber KEM");
+ return MEMORY_E;
}
+
if (ret == 0) {
ecc_kse = (KeyShareEntry*)XMALLOC(sizeof(*ecc_kse), ssl->heap,
DYNAMIC_TYPE_TLSX);
@@ -8579,20 +8927,10 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
if (ret == 0 && ecc_group != 0) {
ecc_kse->group = ecc_group;
ret = TLSX_KeyShare_GenEccKey(ssl, ecc_kse);
- if (ret != 0) {
- /* No message, TLSX_KeyShare_GenEccKey() will do it. */
- return ret;
- }
- ret = 0;
+ /* No message, TLSX_KeyShare_GenEccKey() will do it. */
}
if (ret == 0) {
- ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
- if (ret != 0) {
- WOLFSSL_MSG("Error creating Kyber KEM");
- }
- }
- if (ret == 0) {
ret = wc_KyberKey_PublicKeySize(kem, &pubSz);
}
if (ret == 0) {
@@ -8609,7 +8947,7 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
if (ret == 0) {
sharedSecret = (byte*)XMALLOC(ecc_kse->keyLen + ssSz, ssl->heap,
- DYNAMIC_TYPE_TLSX);
+ DYNAMIC_TYPE_SECRET);
ciphertext = (byte*)XMALLOC(ecc_kse->pubKeyLen + ctSz, ssl->heap,
DYNAMIC_TYPE_TLSX);
@@ -8675,11 +9013,15 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
keyShareEntry->pubKey = ciphertext;
keyShareEntry->pubKeyLen = (word32)(ecc_kse->pubKeyLen + ctSz);
ciphertext = NULL;
+
+ /* Set namedGroup so wolfSSL_get_curve_name() can function properly on
+ * the server side. */
+ ssl->namedGroup = keyShareEntry->group;
}
TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap);
if (sharedSecret != NULL)
- XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_TLSX);
+ XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_SECRET);
if (ciphertext != NULL)
XFREE(ciphertext, ssl->heap, DYNAMIC_TYPE_TLSX);
wc_ecc_free(&eccpubkey);
@@ -8833,6 +9175,10 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
case WOLFSSL_ECC_BRAINPOOLP256R1:
break;
#endif
+ #ifdef WOLFSSL_SM2
+ case WOLFSSL_ECC_SM2P256V1:
+ break;
+ #endif /* WOLFSSL_SM2 */
#endif
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
case WOLFSSL_ECC_X25519:
@@ -8948,6 +9294,9 @@ static const word16 preferredGroup[] = {
#if defined(HAVE_ECC) && (!defined(NO_ECC256) || \
defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 256
WOLFSSL_ECC_SECP256R1,
+#if !defined(HAVE_FIPS) && defined(WOLFSSL_SM2)
+ WOLFSSL_ECC_SM2P256V1,
+#endif
#endif
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
WOLFSSL_ECC_X25519,
@@ -9123,7 +9472,7 @@ int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl, TLSX** extensions)
/* Server side KSE processing */
int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
- KeyShareEntry** kse, byte* searched)
+ byte cipherSuite0, byte cipherSuite, KeyShareEntry** kse, byte* searched)
{
TLSX* extension;
KeyShareEntry* clientKSE = NULL;
@@ -9132,6 +9481,9 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
int preferredRank = WOLFSSL_MAX_GROUP_COUNT;
int rank;
+ (void)cipherSuite0;
+ (void)cipherSuite;
+
if (ssl == NULL || ssl->options.side != WOLFSSL_SERVER_END)
return BAD_FUNC_ARG;
@@ -9162,6 +9514,19 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
if (clientKSE->ke == NULL)
continue;
+#ifdef WOLFSSL_SM2
+ if ((cipherSuite0 == CIPHER_BYTE) &&
+ ((cipherSuite == TLS_SM4_GCM_SM3) ||
+ (cipherSuite == TLS_SM4_CCM_SM3))) {
+ if (clientKSE->group != WOLFSSL_ECC_SM2P256V1) {
+ continue;
+ }
+ }
+ else if (clientKSE->group == WOLFSSL_ECC_SM2P256V1) {
+ continue;
+ }
+#endif
+
/* Check consistency now - extensions in any order. */
if (!TLSX_SupportedGroups_Find(ssl, clientKSE->group, extensions))
continue;
@@ -9275,6 +9640,7 @@ int TLSX_KeyShare_Setup(WOLFSSL *ssl, KeyShareEntry* clientKSE)
serverKSE->keLen = clientKSE->keLen;
clientKSE->ke = NULL;
clientKSE->keLen = 0;
+ ssl->namedGroup = serverKSE->group;
TLSX_KeyShare_FreeAll((KeyShareEntry*)extension->data, ssl->heap);
extension->data = (void *)serverKSE;
@@ -9297,7 +9663,8 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry)
*doHelloRetry = 0;
- ret = TLSX_KeyShare_Choose(ssl, ssl->extensions, &clientKSE, &searched);
+ ret = TLSX_KeyShare_Choose(ssl, ssl->extensions, ssl->cipher.cipherSuite0,
+ ssl->cipher.cipherSuite, &clientKSE, &searched);
if (ret != 0 || !searched)
return ret;
@@ -9325,7 +9692,7 @@ int TLSX_KeyShare_DeriveSecret(WOLFSSL *ssl)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, NULL);
/* Check for error */
- if (ret != WC_NOT_PENDING_E && ret < 0) {
+ if (ret != WC_NO_PENDING_E && ret < 0) {
return ret;
}
#endif
@@ -9351,7 +9718,7 @@ int TLSX_KeyShare_DeriveSecret(WOLFSSL *ssl)
#else
-#define KS_FREE_ALL(a, b)
+#define KS_FREE_ALL(a, b) WC_DO_NOTHING
#define KS_GET_SIZE(a, b) 0
#define KS_WRITE(a, b, c) 0
#define KS_PARSE(a, b, c, d) 0
@@ -9501,7 +9868,7 @@ static int TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output,
word16 len;
int ret;
- /* Write identites only. Binders after HMACing over this. */
+ /* Write identities only. Binders after HMACing over this. */
lenIdx = idx;
idx += OPAQUE16_LEN;
while (current != NULL) {
@@ -9518,7 +9885,7 @@ static int TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output,
current = current->next;
}
- /* Length of the identites. */
+ /* Length of the identities. */
len = idx - lenIdx - OPAQUE16_LEN;
c16toa(len, output + lenIdx);
@@ -9779,6 +10146,12 @@ static WC_INLINE byte GetHmacLength(int hmac)
case sha512_mac:
return WC_SHA512_DIGEST_SIZE;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ return WC_SM3_DIGEST_SIZE;
+ #endif
+ default:
+ break;
}
return 0;
}
@@ -9790,8 +10163,8 @@ static WC_INLINE byte GetHmacLength(int hmac)
* len The length of the identity data.
* age The age of the identity.
* hmac The HMAC algorithm.
- * ciphersuite0 The first byte of the ciphersuite to use.
- * ciphersuite The second byte of the ciphersuite to use.
+ * cipherSuite0 The first byte of the cipher suite to use.
+ * cipherSuite The second byte of the cipher suite to use.
* resumption The PSK is for resumption of a session.
* preSharedKey The new pre-shared key object.
* returns 0 on success and other values indicate failure.
@@ -9857,7 +10230,7 @@ int TLSX_PreSharedKey_Use(TLSX** extensions, const byte* identity, word16 len,
#else
-#define PSK_FREE_ALL(a, b)
+#define PSK_FREE_ALL(a, b) WC_DO_NOTHING
#define PSK_GET_SIZE(a, b, c) 0
#define PSK_WRITE(a, b, c, d) 0
#define PSK_PARSE(a, b, c, d) 0
@@ -9979,7 +10352,10 @@ static int TLSX_PskKeModes_Parse(WOLFSSL* ssl, const byte* input, word16 length,
if (ret == 0)
ret = TLSX_PskKeyModes_Use(ssl, modes);
- WOLFSSL_ERROR_VERBOSE(ret);
+ if (ret != 0) {
+ WOLFSSL_ERROR_VERBOSE(ret);
+ }
+
return ret;
}
@@ -10397,6 +10773,497 @@ static int TLSX_QuicTP_Parse(WOLFSSL *ssl, const byte *input, size_t len, int ex
#define CID_FREE(a, b) 0
#endif /* defined(WOLFSSL_DTLS_CID) */
+#if defined(HAVE_RPK)
+/******************************************************************************/
+/* Client_Certificate_Type extension */
+/******************************************************************************/
+/* return 1 if specified type is included in the given list, otherwise 0 */
+static int IsCertTypeListed(byte type, byte cnt, const byte* list)
+{
+ int ret = 0;
+ int i;
+
+ if (cnt == 0 || list == NULL)
+ return ret;
+
+ if (cnt > 0 && cnt <= MAX_CLIENT_CERT_TYPE_CNT) {
+ for (i = 0; i < cnt; i++) {
+ if (list[i] == type)
+ return 1;
+ }
+ }
+ return 0;
+}
+
+/* Search both arrays from above to find a common value between the two given
+ * arrays(a and b). return 1 if it finds a common value, otherwise return 0.
+ */
+static int GetCommonItem(const byte* a, byte aLen, const byte* b, byte bLen,
+ byte* type)
+{
+ int i, j;
+
+ if (a == NULL || b == NULL)
+ return 0;
+
+ for (i = 0; i < aLen; i++) {
+ for (j = 0; j < bLen; j++) {
+ if (a[i] == b[j]) {
+ *type = a[i];
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+/* Creates a "client certificate type" extension if necessary.
+ * Returns 0 if no error occurred, negative value otherwise.
+ * A return of 0, it does not indicae that the extension was created.
+ */
+static int TLSX_ClientCertificateType_Use(WOLFSSL* ssl, byte isServer)
+{
+ int ret = 0;
+
+ if (ssl == NULL)
+ return BAD_FUNC_ARG;
+
+ if (isServer) {
+ /* [in server side]
+ */
+
+ if (IsCertTypeListed(WOLFSSL_CERT_TYPE_RPK,
+ ssl->options.rpkConfig.preferred_ClientCertTypeCnt,
+ ssl->options.rpkConfig.preferred_ClientCertTypes)) {
+
+ WOLFSSL_MSG("Adding Client Certificate Type extension");
+ ret = TLSX_Push(&ssl->extensions, TLSX_CLIENT_CERTIFICATE_TYPE, ssl,
+ ssl->heap);
+ if (ret == 0) {
+ TLSX_SetResponse(ssl, TLSX_CLIENT_CERTIFICATE_TYPE);
+ }
+ }
+ }
+ else {
+ /* [in client side]
+ * This extension MUST be omitted from the ClientHello unless the RPK
+ * certificate is preferred by the user and actually loaded.
+ */
+
+ if (IsCertTypeListed(WOLFSSL_CERT_TYPE_RPK,
+ ssl->options.rpkConfig.preferred_ClientCertTypeCnt,
+ ssl->options.rpkConfig.preferred_ClientCertTypes)) {
+
+ if (ssl->options.rpkState.isRPKLoaded) {
+
+ ssl->options.rpkState.sending_ClientCertTypeCnt = 1;
+ ssl->options.rpkState.sending_ClientCertTypes[0] =
+ WOLFSSL_CERT_TYPE_RPK;
+
+ /* Push new client_certificate_type extension. */
+ WOLFSSL_MSG("Adding Client Certificate Type extension");
+ ret = TLSX_Push(&ssl->extensions, TLSX_CLIENT_CERTIFICATE_TYPE,
+ ssl, ssl->heap);
+ }
+ else {
+ WOLFSSL_MSG("Willing to use RPK cert but not loaded it");
+ }
+ }
+ else {
+ WOLFSSL_MSG("No will to use RPK cert");
+ }
+ }
+ return ret;
+}
+
+/* Parse a "client certificate type" extension received from peer.
+ * returns 0 on success and other values indicate failure.
+ */
+static int TLSX_ClientCertificateType_Parse(WOLFSSL* ssl, const byte* input,
+ word16 length, byte msgType)
+{
+ byte typeCnt;
+ int idx = 0;
+ int ret = 0;
+ int i;
+ int populate = 0;
+ byte cmnType;
+
+
+ if (msgType == client_hello) {
+ /* [parse ClientHello in server end]
+ * case 1) if peer verify is disabled, this extension must be omitted
+ * from ServerHello.
+ * case 2) if user have not set his preference, find X509 in parsed
+ * result, then populate "Client Certificate Type" extension.
+ * case 3) if user have not set his preference and X509 isn't included
+ * in parsed result, send "unsupported certificate" alert.
+ * case 4) if user have set his preference, find a common cert type
+ * in users preference and received cert types.
+ * case 5) if user have set his preference, but no common cert type
+ * found.
+ */
+
+ /* case 1 */
+ if (ssl->options.verifyNone) {
+ return ret;
+ }
+
+ /* parse extension */
+ if (length < OPAQUE8_LEN)
+ return BUFFER_E;
+
+ typeCnt = input[idx];
+
+ if (typeCnt > MAX_CLIENT_CERT_TYPE_CNT)
+ return BUFFER_E;
+
+ if ((typeCnt + 1) * OPAQUE8_LEN != length){
+ return BUFFER_E;
+ }
+
+ ssl->options.rpkState.received_ClientCertTypeCnt = input[idx];
+ idx += OPAQUE8_LEN;
+
+ for (i = 0; i < typeCnt; i++) {
+ ssl->options.rpkState.received_ClientCertTypes[i] = input[idx];
+ idx += OPAQUE8_LEN;
+ }
+
+ if (ssl->options.rpkConfig.preferred_ClientCertTypeCnt == 0) {
+ /* case 2 */
+ if (IsCertTypeListed(WOLFSSL_CERT_TYPE_X509,
+ ssl->options.rpkState.received_ClientCertTypeCnt,
+ ssl->options.rpkState.received_ClientCertTypes)) {
+
+ ssl->options.rpkState.sending_ClientCertTypeCnt = 1;
+ ssl->options.rpkState.sending_ClientCertTypes[0] =
+ WOLFSSL_CERT_TYPE_X509;
+ populate = 1;
+ }
+ /* case 3 */
+ else {
+ WOLFSSL_MSG("No common cert type found in client_certificate_type ext");
+ SendAlert(ssl, alert_fatal, unsupported_certificate);
+ return UNSUPPORTED_CERTIFICATE;
+ }
+ }
+ else if (ssl->options.rpkConfig.preferred_ClientCertTypeCnt > 0) {
+ /* case 4 */
+ if (GetCommonItem(
+ ssl->options.rpkConfig.preferred_ClientCertTypes,
+ ssl->options.rpkConfig.preferred_ClientCertTypeCnt,
+ ssl->options.rpkState.received_ClientCertTypes,
+ ssl->options.rpkState.received_ClientCertTypeCnt,
+ &cmnType)) {
+ ssl->options.rpkState.sending_ClientCertTypeCnt = 1;
+ ssl->options.rpkState.sending_ClientCertTypes[0] = cmnType;
+ populate = 1;
+ }
+ /* case 5 */
+ else {
+ WOLFSSL_MSG("No common cert type found in client_certificate_type ext");
+ SendAlert(ssl, alert_fatal, unsupported_certificate);
+ return UNSUPPORTED_CERTIFICATE;
+ }
+ }
+
+ /* populate client_certificate_type extension */
+ if (populate) {
+ WOLFSSL_MSG("Adding Client Certificate Type extension");
+ ret = TLSX_Push(&ssl->extensions, TLSX_CLIENT_CERTIFICATE_TYPE, ssl,
+ ssl->heap);
+ if (ret == 0) {
+ TLSX_SetResponse(ssl, TLSX_CLIENT_CERTIFICATE_TYPE);
+ }
+ }
+ }
+ else if (msgType == server_hello || msgType == encrypted_extensions) {
+ /* parse it in client side */
+ if (length == 1) {
+ ssl->options.rpkState.received_ClientCertTypeCnt = 1;
+ ssl->options.rpkState.received_ClientCertTypes[0] = *input;
+ }
+ else {
+ return BUFFER_E;
+ }
+ }
+
+ return ret;
+}
+
+/* Write out the "client certificate type" extension data into the given buffer.
+ * return the size wrote in the buffer on success, negative value on error.
+ */
+static word16 TLSX_ClientCertificateType_Write(void* data, byte* output,
+ byte msgType)
+{
+ WOLFSSL* ssl = (WOLFSSL*)data;
+ word16 idx = 0;
+ byte cnt = 0;
+ int i;
+
+ /* skip to write extension if count is zero */
+ cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;
+
+ if (cnt == 0)
+ return 0;
+
+ if (msgType == client_hello) {
+ /* client side */
+
+ *(output + idx) = cnt;
+ idx += OPAQUE8_LEN;
+
+ for (i = 0; i < cnt; i++) {
+ *(output + idx) = ssl->options.rpkState.sending_ClientCertTypes[i];
+ idx += OPAQUE8_LEN;
+ }
+ return idx;
+ }
+ else if (msgType == server_hello || msgType == encrypted_extensions) {
+ /* sever side */
+ if (cnt == 1) {
+ *(output + idx) = ssl->options.rpkState.sending_ClientCertTypes[0];
+ idx += OPAQUE8_LEN;
+ }
+ }
+ return idx;
+}
+
+/* Calculate then return the size of the "client certificate type" extension
+ * data.
+ * return the extension data size on success, negative value on error.
+*/
+static int TLSX_ClientCertificateType_GetSize(WOLFSSL* ssl, byte msgType)
+{
+ int ret = 0;
+ byte cnt;
+
+ if (ssl == NULL)
+ return BAD_FUNC_ARG;
+
+ if (msgType == client_hello) {
+ /* client side */
+ cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;
+ ret = (int)(OPAQUE8_LEN + cnt * OPAQUE8_LEN);
+ }
+ else if (msgType == server_hello || msgType == encrypted_extensions) {
+ /* sever side */
+ cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;/* must be one */
+ ret = OPAQUE8_LEN;
+ }
+ else {
+ return SANITY_MSG_E;
+ }
+ return ret;
+}
+
+ #define CCT_GET_SIZE TLSX_ClientCertificateType_GetSize
+ #define CCT_WRITE TLSX_ClientCertificateType_Write
+ #define CCT_PARSE TLSX_ClientCertificateType_Parse
+#else
+ #define CCT_GET_SIZE(a) 0
+ #define CCT_WRITE(a, b) 0
+ #define CCT_PARSE(a, b, c, d) 0
+#endif /* HAVE_RPK */
+
+#if defined(HAVE_RPK)
+/******************************************************************************/
+/* Server_Certificate_Type extension */
+/******************************************************************************/
+/* Creates a "server certificate type" extension if necessary.
+ * Returns 0 if no error occurred, negative value otherwise.
+ * A return of 0, it does not indicae that the extension was created.
+ */
+static int TLSX_ServerCertificateType_Use(WOLFSSL* ssl, byte isServer)
+{
+ int ret = 0;
+ byte ctype;
+
+ if (ssl == NULL)
+ return BAD_FUNC_ARG;
+
+ if (isServer) {
+ /* [in server side] */
+ /* find common cert type to both end */
+ if (GetCommonItem(
+ ssl->options.rpkConfig.preferred_ServerCertTypes,
+ ssl->options.rpkConfig.preferred_ServerCertTypeCnt,
+ ssl->options.rpkState.received_ServerCertTypes,
+ ssl->options.rpkState.received_ServerCertTypeCnt,
+ &ctype)) {
+ ssl->options.rpkState.sending_ServerCertTypeCnt = 1;
+ ssl->options.rpkState.sending_ServerCertTypes[0] = ctype;
+
+ /* Push new server_certificate_type extension. */
+ WOLFSSL_MSG("Adding Server Certificate Type extension");
+ ret = TLSX_Push(&ssl->extensions, TLSX_SERVER_CERTIFICATE_TYPE, ssl,
+ ssl->heap);
+ if (ret == 0) {
+ TLSX_SetResponse(ssl, TLSX_SERVER_CERTIFICATE_TYPE);
+ }
+ }
+ else {
+ /* no common cert type found */
+ WOLFSSL_MSG("No common cert type found in server_certificate_type ext");
+ SendAlert(ssl, alert_fatal, unsupported_certificate);
+ ret = UNSUPPORTED_CERTIFICATE;
+ }
+ }
+ else {
+ /* [in client side] */
+ if (IsCertTypeListed(WOLFSSL_CERT_TYPE_RPK,
+ ssl->options.rpkConfig.preferred_ServerCertTypeCnt,
+ ssl->options.rpkConfig.preferred_ServerCertTypes)) {
+
+ ssl->options.rpkState.sending_ServerCertTypeCnt =
+ ssl->options.rpkConfig.preferred_ServerCertTypeCnt;
+ XMEMCPY(ssl->options.rpkState.sending_ServerCertTypes,
+ ssl->options.rpkConfig.preferred_ServerCertTypes,
+ ssl->options.rpkConfig.preferred_ServerCertTypeCnt);
+
+ /* Push new server_certificate_type extension. */
+ WOLFSSL_MSG("Adding Server Certificate Type extension");
+ ret = TLSX_Push(&ssl->extensions, TLSX_SERVER_CERTIFICATE_TYPE, ssl,
+ ssl->heap);
+ }
+ else {
+ WOLFSSL_MSG("No will to accept RPK cert");
+ }
+ }
+
+ return ret;
+}
+
+/* Parse a "server certificate type" extension received from peer.
+ * returns 0 on success and other values indicate failure.
+ */
+static int TLSX_ServerCertificateType_Parse(WOLFSSL* ssl, const byte* input,
+ word16 length, byte msgType)
+{
+ byte typeCnt;
+ int idx = 0;
+ int ret = 0;
+ int i;
+
+ if (msgType == client_hello) {
+ /* in server side */
+
+ if (length < OPAQUE8_LEN)
+ return BUFFER_E;
+
+ typeCnt = input[idx];
+
+ if (typeCnt > MAX_SERVER_CERT_TYPE_CNT)
+ return BUFFER_E;
+
+ if ((typeCnt + 1) * OPAQUE8_LEN != length){
+ return BUFFER_E;
+ }
+ ssl->options.rpkState.received_ServerCertTypeCnt = input[idx];
+ idx += OPAQUE8_LEN;
+
+ for (i = 0; i < typeCnt; i++) {
+ ssl->options.rpkState.received_ServerCertTypes[i] = input[idx];
+ idx += OPAQUE8_LEN;
+ }
+
+ ret = TLSX_ServerCertificateType_Use(ssl, 1);
+ if (ret == 0) {
+ TLSX_SetResponse(ssl, TLSX_SERVER_CERTIFICATE_TYPE);
+ }
+ }
+ else if (msgType == server_hello || msgType == encrypted_extensions) {
+ /* in client side */
+ if (length != 1) /* length slould be 1 */
+ return BUFFER_E;
+
+ ssl->options.rpkState.received_ServerCertTypeCnt = 1;
+ ssl->options.rpkState.received_ServerCertTypes[0] = *input;
+ }
+
+ return 0;
+}
+
+/* Write out the "server certificate type" extension data into the given buffer.
+ * return the size wrote in the buffer on success, negative value on error.
+ */
+static word16 TLSX_ServerCertificateType_Write(void* data, byte* output,
+ byte msgType)
+{
+ WOLFSSL* ssl = (WOLFSSL*)data;
+ word16 idx = 0;
+ int cnt = 0;
+ int i;
+
+ /* skip to write extension if count is zero */
+ cnt = ssl->options.rpkState.sending_ServerCertTypeCnt;
+
+ if (cnt == 0)
+ return 0;
+
+ if (msgType == client_hello) {
+ /* in client side */
+
+ *(output + idx) = cnt;
+ idx += OPAQUE8_LEN;
+
+ for (i = 0; i < cnt; i++) {
+ *(output + idx) = ssl->options.rpkState.sending_ServerCertTypes[i];
+ idx += OPAQUE8_LEN;
+ }
+ }
+ else if (msgType == server_hello || msgType == encrypted_extensions) {
+ /* in server side */
+ /* ensure cnt is one */
+ if (cnt != 1)
+ return 0;
+
+ *(output + idx) = ssl->options.rpkState.sending_ServerCertTypes[0];
+ idx += OPAQUE8_LEN;
+ }
+ return idx;
+}
+
+/* Calculate then return the size of the "server certificate type" extension
+ * data.
+ * return the extension data size on success, negative value on error.
+*/
+static int TLSX_ServerCertificateType_GetSize(WOLFSSL* ssl, byte msgType)
+{
+ int ret = 0;
+ int cnt;
+
+ if (ssl == NULL)
+ return BAD_FUNC_ARG;
+
+ if (msgType == client_hello) {
+ /* in clent side */
+ cnt = ssl->options.rpkState.sending_ServerCertTypeCnt;
+ if (cnt > 0) {
+ ret = (int)(OPAQUE8_LEN + cnt * OPAQUE8_LEN);
+ }
+ }
+ else if (msgType == server_hello || msgType == encrypted_extensions) {
+ /* in server side */
+ ret = (int)OPAQUE8_LEN;
+ }
+ else {
+ return SANITY_MSG_E;
+ }
+ return ret;
+}
+
+ #define SCT_GET_SIZE TLSX_ServerCertificateType_GetSize
+ #define SCT_WRITE TLSX_ServerCertificateType_Write
+ #define SCT_PARSE TLSX_ServerCertificateType_Parse
+#else
+ #define SCT_GET_SIZE(a) 0
+ #define SCT_WRITE(a, b) 0
+ #define SCT_PARSE(a, b, c, d) 0
+#endif /* HAVE_RPK */
+
/******************************************************************************/
/* TLS Extensions Framework */
/******************************************************************************/
@@ -11136,102 +12003,143 @@ void TLSX_FreeAll(TLSX* list, void* heap)
switch (extension->type) {
+#if defined(HAVE_RPK)
+ case TLSX_CLIENT_CERTIFICATE_TYPE:
+ WOLFSSL_MSG("Client Certificate Type extension free");
+ /* nothing to do */
+ break;
+ case TLSX_SERVER_CERTIFICATE_TYPE:
+ WOLFSSL_MSG("Server Certificate Type extension free");
+ /* nothing to do */
+ break;
+#endif
+
#ifdef HAVE_SNI
case TLSX_SERVER_NAME:
+ WOLFSSL_MSG("SNI extension free");
SNI_FREE_ALL((SNI*)extension->data, heap);
break;
#endif
case TLSX_TRUSTED_CA_KEYS:
+ WOLFSSL_MSG("Trusted CA Indication extension free");
TCA_FREE_ALL((TCA*)extension->data, heap);
break;
case TLSX_MAX_FRAGMENT_LENGTH:
+ WOLFSSL_MSG("Max Fragment Length extension free");
MFL_FREE_ALL(extension->data, heap);
break;
case TLSX_EXTENDED_MASTER_SECRET:
+ WOLFSSL_MSG("Extended Master Secret free");
+ /* Nothing to do. */
+ break;
case TLSX_TRUNCATED_HMAC:
+ WOLFSSL_MSG("Truncated HMAC extension free");
/* Nothing to do. */
break;
case TLSX_SUPPORTED_GROUPS:
+ WOLFSSL_MSG("Supported Groups extension free");
EC_FREE_ALL((SupportedCurve*)extension->data, heap);
break;
case TLSX_EC_POINT_FORMATS:
+ WOLFSSL_MSG("Point Formats extension free");
PF_FREE_ALL((PointFormat*)extension->data, heap);
break;
case TLSX_STATUS_REQUEST:
+ WOLFSSL_MSG("Certificate Status Request extension free");
CSR_FREE_ALL((CertificateStatusRequest*)extension->data, heap);
break;
case TLSX_STATUS_REQUEST_V2:
+ WOLFSSL_MSG("Certificate Status Request v2 extension free");
CSR2_FREE_ALL((CertificateStatusRequestItemV2*)extension->data,
heap);
break;
case TLSX_RENEGOTIATION_INFO:
+ WOLFSSL_MSG("Secure Renegotiation extension free");
SCR_FREE_ALL(extension->data, heap);
break;
case TLSX_SESSION_TICKET:
+ WOLFSSL_MSG("Session Ticket extension free");
WOLF_STK_FREE(extension->data, heap);
break;
case TLSX_APPLICATION_LAYER_PROTOCOL:
+ WOLFSSL_MSG("ALPN extension free");
ALPN_FREE_ALL((ALPN*)extension->data, heap);
break;
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
case TLSX_SIGNATURE_ALGORITHMS:
+ WOLFSSL_MSG("Signature Algorithms extension to free");
SA_FREE_ALL((SignatureAlgorithms*)extension->data, heap);
break;
#endif
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
case TLSX_ENCRYPT_THEN_MAC:
+ WOLFSSL_MSG("Encrypt-Then-Mac extension free");
break;
#endif
#ifdef WOLFSSL_TLS13
case TLSX_SUPPORTED_VERSIONS:
+ WOLFSSL_MSG("Supported Versions extension free");
break;
#ifdef WOLFSSL_SEND_HRR_COOKIE
case TLSX_COOKIE:
+ WOLFSSL_MSG("Cookie extension free");
CKE_FREE_ALL((Cookie*)extension->data, heap);
break;
#endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
case TLSX_PRE_SHARED_KEY:
+ WOLFSSL_MSG("Pre-Shared Key extension free");
PSK_FREE_ALL((PreSharedKey*)extension->data, heap);
break;
case TLSX_PSK_KEY_EXCHANGE_MODES:
+ WOLFSSL_MSG("PSK Key Exchange Modes extension free");
break;
#endif
#ifdef WOLFSSL_EARLY_DATA
case TLSX_EARLY_DATA:
+ WOLFSSL_MSG("Early Data extension free");
break;
#endif
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
case TLSX_POST_HANDSHAKE_AUTH:
+ WOLFSSL_MSG("Post-Handshake Authentication extension free");
break;
#endif
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
case TLSX_SIGNATURE_ALGORITHMS_CERT:
+ WOLFSSL_MSG("Signature Algorithms extension free");
break;
#endif
case TLSX_KEY_SHARE:
+ WOLFSSL_MSG("Key Share extension free");
KS_FREE_ALL((KeyShareEntry*)extension->data, heap);
break;
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ case TLSX_CERTIFICATE_AUTHORITIES:
+ WOLFSSL_MSG("Certificate Authorities extension free");
+ break;
+ #endif
#endif
#ifdef WOLFSSL_SRTP
case TLSX_USE_SRTP:
+ WOLFSSL_MSG("SRTP extension free");
SRTP_FREE((TlsxSrtp*)extension->data, heap);
break;
#endif
@@ -11240,19 +12148,22 @@ void TLSX_FreeAll(TLSX* list, void* heap)
case TLSX_KEY_QUIC_TP_PARAMS:
FALL_THROUGH;
case TLSX_KEY_QUIC_TP_PARAMS_DRAFT:
+ WOLFSSL_MSG("QUIC transport parameter free");
QTP_FREE((QuicTransportParam*)extension->data, heap);
break;
#endif
#ifdef WOLFSSL_DTLS_CID
- case TLSX_CONNECTION_ID:
- CID_FREE((byte*)extension->data, heap);
- break;
+ case TLSX_CONNECTION_ID:
+ WOLFSSL_MSG("Connection ID extension free");
+ CID_FREE((byte*)extension->data, heap);
+ break;
#endif /* WOLFSSL_DTLS_CID */
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
- case TLSX_ECH:
- ECH_FREE((WOLFSSL_ECH*)extension->data, heap);
- break;
+ case TLSX_ECH:
+ WOLFSSL_MSG("ECH extension free");
+ ECH_FREE((WOLFSSL_ECH*)extension->data, heap);
+ break;
#endif
default:
break;
@@ -11403,6 +12314,11 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
case TLSX_KEY_SHARE:
length += KS_GET_SIZE((KeyShareEntry*)extension->data, msgType);
break;
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ case TLSX_CERTIFICATE_AUTHORITIES:
+ length += CAN_GET_SIZE(extension->data);
+ break;
+ #endif
#endif
#ifdef WOLFSSL_SRTP
case TLSX_USE_SRTP:
@@ -11410,6 +12326,16 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
break;
#endif
+#ifdef HAVE_RPK
+ case TLSX_CLIENT_CERTIFICATE_TYPE:
+ length += CCT_GET_SIZE((WOLFSSL*)extension->data, msgType);
+ break;
+
+ case TLSX_SERVER_CERTIFICATE_TYPE:
+ length += SCT_GET_SIZE((WOLFSSL*)extension->data, msgType);
+ break;
+#endif /* HAVE_RPK */
+
#ifdef WOLFSSL_QUIC
case TLSX_KEY_QUIC_TP_PARAMS:
FALL_THROUGH; /* followed by */
@@ -11609,12 +12535,32 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
offset += KS_WRITE((KeyShareEntry*)extension->data,
output + offset, msgType);
break;
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ case TLSX_CERTIFICATE_AUTHORITIES:
+ WOLFSSL_MSG("Certificate Authorities extension to write");
+ offset += CAN_WRITE(extension->data, output + offset);
+ break;
+ #endif
#endif
#ifdef WOLFSSL_SRTP
case TLSX_USE_SRTP:
+ WOLFSSL_MSG("SRTP extension to write");
offset += SRTP_WRITE((TlsxSrtp*)extension->data, output+offset);
break;
#endif
+
+#ifdef HAVE_RPK
+ case TLSX_CLIENT_CERTIFICATE_TYPE:
+ WOLFSSL_MSG("Client Certificate Type extension to write");
+ offset += CCT_WRITE(extension->data, output + offset, msgType);
+ break;
+
+ case TLSX_SERVER_CERTIFICATE_TYPE:
+ WOLFSSL_MSG("Server Certificate Type extension to write");
+ offset += SCT_WRITE(extension->data, output + offset, msgType);
+ break;
+#endif /* HAVE_RPK */
+
#ifdef WOLFSSL_QUIC
case TLSX_KEY_QUIC_TP_PARAMS:
FALL_THROUGH;
@@ -11626,12 +12572,14 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
#endif
#ifdef WOLFSSL_DTLS_CID
case TLSX_CONNECTION_ID:
+ WOLFSSL_MSG("Connection ID extension to write");
offset += CID_WRITE((byte*)extension->data, output+offset);
break;
#endif /* WOLFSSL_DTLS_CID */
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
case TLSX_ECH:
+ WOLFSSL_MSG("ECH extension to write");
ret = ECH_WRITE((WOLFSSL_ECH*)extension->data,
output + offset, &offset);
break;
@@ -11737,6 +12685,11 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
+ #ifdef WOLFSSL_SM2
+ ret = TLSX_UseSupportedCurve(extensions,
+ WOLFSSL_ECC_SM2P256V1, ssl->heap);
+ if (ret != WOLFSSL_SUCCESS) return ret;
+ #endif
#endif
#endif /* HAVE_ECC */
@@ -11906,6 +12859,16 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
/* server will add extension depending on what is parsed from client */
if (!isServer) {
+#if defined(HAVE_RPK)
+ ret = TLSX_ClientCertificateType_Use(ssl, isServer);
+ if (ret != 0)
+ return ret;
+
+ ret = TLSX_ServerCertificateType_Use(ssl, isServer);
+ if (ret != 0)
+ return ret;
+#endif /* HAVE_RPK */
+
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
if (!ssl->options.disallowEncThenMac) {
ret = TLSX_EncryptThenMac_Use(ssl);
@@ -11955,6 +12918,17 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
ret = 0;
#endif
#ifdef WOLFSSL_TLS13
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ if (isServer && IsAtLeastTLSv1_3(ssl->version)) {
+ if (SSL_CA_NAMES(ssl) != NULL) {
+ WOLFSSL_MSG("Adding certificate authorities extension");
+ if ((ret = TLSX_Push(&ssl->extensions,
+ TLSX_CERTIFICATE_AUTHORITIES, ssl, ssl->heap)) != 0) {
+ return ret;
+ }
+ }
+ }
+ #endif
if (!isServer && IsAtLeastTLSv1_3(ssl->version)) {
/* Add mandatory TLS v1.3 extension: supported version */
WOLFSSL_MSG("Adding supported versions extension");
@@ -12041,19 +13015,8 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
namedGroup = kse->group;
}
if (namedGroup != WOLFSSL_NAMED_GROUP_INVALID) {
-#ifdef HAVE_PQC
- /* For KEMs, the key share has already been generated, but not
- * if we are resuming. */
- if (!WOLFSSL_NAMED_GROUP_IS_PQC(namedGroup)
-#ifdef HAVE_SESSION_TICKET
- || ssl->options.resuming
-#endif /* HAVE_SESSION_TICKET */
- )
-#endif /* HAVE_PQC */
- {
- ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL,
- &ssl->extensions);
- }
+ ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL,
+ &ssl->extensions);
if (ret != 0)
return ret;
}
@@ -12135,6 +13098,16 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
}
else
#endif
+ #if (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+ defined(WOLFSSL_SM3)
+ if (cipherSuite0 == CIPHER_BYTE) {
+ if ((cipherSuite != TLS_SM4_GCM_SM3) &&
+ (cipherSuite != TLS_SM4_CCM_SM3)) {
+ continue;
+ }
+ }
+ else
+ #endif
if (cipherSuite0 != TLS13_BYTE)
continue;
@@ -12174,7 +13147,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
#endif
if (ssl->options.client_psk_cb != NULL ||
ssl->options.client_psk_tls13_cb != NULL) {
- /* Default ciphersuite. */
+ /* Default cipher suite. */
byte cipherSuite0 = TLS13_BYTE;
byte cipherSuite = WOLFSSL_DEF_PSK_CIPHER;
int cipherSuiteFlags = WOLFSSL_CIPHER_SUITE_FLAG_NONE;
@@ -12421,8 +13394,9 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
#endif
#if defined(WOLFSSL_TLS13)
- if (!IsAtLeastTLSv1_2(ssl))
+ if (!IsAtLeastTLSv1_2(ssl)) {
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS));
+ }
#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
if (!IsAtLeastTLSv1_3(ssl->version)) {
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE));
@@ -12439,6 +13413,10 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH));
#endif
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ TURN_ON(semaphore,
+ TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+ #endif
}
#endif
#endif /* WOLFSSL_TLS13 */
@@ -12460,8 +13438,11 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
#endif
- /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP,
- * TLSX_CERTIFICATE_AUTHORITIES, OID_FILTERS
+#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ if (SSL_CA_NAMES(ssl) != NULL)
+ TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+#endif
+ /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, OID_FILTERS
* TLSX_STATUS_REQUEST
*/
}
@@ -12664,6 +13645,10 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH));
#endif
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ TURN_ON(semaphore,
+ TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+ #endif
}
#endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
@@ -12691,8 +13676,13 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
#endif
- /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP,
- * TLSX_CERTIFICATE_AUTHORITIES, TLSX_OID_FILTERS
+#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ if (SSL_CA_NAMES(ssl) != NULL) {
+ TURN_OFF(semaphore,
+ TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+ }
+#endif
+ /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, TLSX_OID_FILTERS
* TLSX_STATUS_REQUEST
*/
}
@@ -13203,15 +14193,16 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#endif
#ifdef WOLFSSL_TLS13
+ /* RFC 8446 4.2.4 states trusted_ca_keys is not used
+ in TLS 1.3. */
if (IsAtLeastTLSv1_3(ssl->version)) {
- if (msgType != client_hello &&
- msgType != encrypted_extensions)
- return EXT_NOT_ALLOWED;
+ return EXT_NOT_ALLOWED;
}
else
#endif
{
- if (msgType != client_hello)
+ if (msgType != client_hello &&
+ msgType != server_hello)
return EXT_NOT_ALLOWED;
}
ret = TCA_PARSE(ssl, input + offset, size, isRequest);
@@ -13601,6 +14592,26 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
break;
#endif
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ case TLSX_CERTIFICATE_AUTHORITIES:
+ WOLFSSL_MSG("Certificate Authorities extension received");
+ #ifdef WOLFSSL_DEBUG_TLS
+ WOLFSSL_BUFFER(input + offset, size);
+ #endif
+
+ if (!IsAtLeastTLSv1_3(ssl->version))
+ break;
+
+ if (msgType != client_hello &&
+ msgType != certificate_request) {
+ WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
+ return EXT_NOT_ALLOWED;
+ }
+
+ ret = CAN_PARSE(ssl, input + offset, size, isRequest);
+ break;
+ #endif
+
case TLSX_KEY_SHARE:
WOLFSSL_MSG("Key Share extension received");
#ifdef WOLFSSL_DEBUG_TLS
@@ -13669,8 +14680,20 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
break;
#endif /* defined(WOLFSSL_DTLS_CID) */
+#if defined(HAVE_RPK)
+ case TLSX_CLIENT_CERTIFICATE_TYPE:
+ WOLFSSL_MSG("Client Certificate Type extension received");
+ ret = CCT_PARSE(ssl, input + offset, size, msgType);
+ break;
+
+ case TLSX_SERVER_CERTIFICATE_TYPE:
+ WOLFSSL_MSG("Server Certificate Type extension received");
+ ret = SCT_PARSE(ssl, input + offset, size, msgType);
+ break;
+#endif /* HAVE_RPK */
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
case TLSX_ECH:
+ WOLFSSL_MSG("ECH extension received");
ret = ECH_PARSE(ssl, input + offset, size, msgType);
break;
#endif
@@ -14261,4 +15284,5 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#endif /* NO_WOLFSSL_SERVER */
#endif /* NO_TLS */
+
#endif /* WOLFCRYPT_ONLY */
diff --git a/extra/wolfssl/wolfssl/src/tls13.c b/extra/wolfssl/wolfssl/src/tls13.c
index 4726c832..d16a5761 100644
--- a/extra/wolfssl/wolfssl/src/tls13.c
+++ b/extra/wolfssl/wolfssl/src/tls13.c
@@ -77,7 +77,7 @@
* Requires client to set a client certificate
* WOLFSSL_PSK_MULTI_ID_PER_CS
* When multiple PSK identities are available for the same cipher suite.
- * Sets the first byte of the client identity to the count of identites
+ * Sets the first byte of the client identity to the count of identities
* that have been seen so far for the cipher suite.
* WOLFSSL_CHECK_SIG_FAULTS
* Verifies the ECC signature after signing in case of faults in the
@@ -262,15 +262,15 @@ static int Tls13HKDFExpandKeyLabel(WOLFSSL* ssl, byte* okm, word32 okmLen,
/* hash buffer may not be fully initialized, but the sending length won't
* extend beyond the initialized span.
*/
-PRAGMA_GCC_DIAG_PUSH;
-PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"");
+PRAGMA_GCC_DIAG_PUSH
+PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
(void)ssl;
(void)side;
return wc_Tls13_HKDF_Expand_Label(okm, okmLen, prk, prkLen,
protocol, protocolLen,
label, labelLen,
info, infoLen, digest);
-PRAGMA_GCC_DIAG_POP;
+PRAGMA_GCC_DIAG_POP
}
#endif /* !HAVE_FIPS || !wc_Tls13_HKDF_Expand_Label */
@@ -339,6 +339,19 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen,
digestAlg = WC_SHA512;
break;
#endif
+#ifdef WOLFSSL_SM3
+ case sm3_mac:
+ ret = wc_InitSm3(&digest.sm3, ssl->heap, INVALID_DEVID);
+ if (ret == 0) {
+ ret = wc_Sm3Update(&digest.sm3, msg, msgLen);
+ if (ret == 0)
+ ret = wc_Sm3Final(&digest.sm3, hash);
+ wc_Sm3Free(&digest.sm3);
+ }
+ hashSz = WC_SM3_DIGEST_SIZE;
+ digestAlg = WC_SM3;
+ break;
+#endif
default:
digestAlg = -1;
break;
@@ -401,6 +414,7 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
word32 protocolLen;
int digestAlg = 0;
+
switch (hashAlgo) {
#ifndef NO_SHA256
case sha256_mac:
@@ -429,6 +443,15 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ hashSz = WC_SM3_DIGEST_SIZE;
+ digestAlg = WC_SM3;
+ if (includeMsgs)
+ ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+ break;
+ #endif
+
default:
ret = HASH_TYPE_E;
break;
@@ -454,8 +477,8 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
/* hash buffer may not be fully initialized, but the sending length won't
* extend beyond the initialized span.
*/
- PRAGMA_GCC_DIAG_PUSH;
- PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"");
+ PRAGMA_GCC_DIAG_PUSH
+ PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
PRIVATE_KEY_UNLOCK();
#if defined(HAVE_FIPS) && defined(wc_Tls13_HKDF_Expand_Label)
(void)side;
@@ -473,7 +496,7 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
wc_MemZero_Add("TLS 1.3 derived key", output, outputLen);
#endif
return ret;
- PRAGMA_GCC_DIAG_POP;
+ PRAGMA_GCC_DIAG_POP
}
/* Convert TLS mac ID to a hash algorithm ID
@@ -502,6 +525,13 @@ static WC_INLINE int mac2hash(int mac)
hash = WC_SHA512;
break;
#endif
+
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ hash = WC_SM3;
+ break;
+ #endif
+
default:
hash = WC_HASH_TYPE_NONE;
}
@@ -581,6 +611,17 @@ static int DeriveEarlyTrafficSecret(WOLFSSL* ssl, byte* key, int side)
if (ssl == NULL || ssl->arrays == NULL) {
return BAD_FUNC_ARG;
}
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If this is called from a sniffer session with keylog file support,
+ * obtain the appropriate secret from the callback */
+ if (ssl->snifferSecretCb != NULL) {
+ return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+ SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET,
+ key);
+ }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->secret,
earlyTrafficLabel, EARLY_TRAFFIC_LABEL_SZ,
ssl->specs.mac_algorithm, 1, side);
@@ -629,6 +670,16 @@ static int DeriveClientHandshakeSecret(WOLFSSL* ssl, byte* key)
return BAD_FUNC_ARG;
}
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If this is called from a sniffer session with keylog file support,
+ * obtain the appropriate secret from the callback */
+ if (ssl->snifferSecretCb != NULL) {
+ return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+ SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+ key);
+ }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret,
clientHandshakeLabel, CLIENT_HANDSHAKE_LABEL_SZ,
ssl->specs.mac_algorithm, 1, WOLFSSL_CLIENT_END);
@@ -674,9 +725,21 @@ static int DeriveServerHandshakeSecret(WOLFSSL* ssl, byte* key)
if (ssl == NULL || ssl->arrays == NULL) {
return BAD_FUNC_ARG;
}
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If this is called from a sniffer session with keylog file support,
+ * obtain the appropriate secret from the callback */
+ if (ssl->snifferSecretCb != NULL) {
+ return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+ SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+ key);
+ }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret,
serverHandshakeLabel, SERVER_HANDSHAKE_LABEL_SZ,
ssl->specs.mac_algorithm, 1, WOLFSSL_SERVER_END);
+
#ifdef HAVE_SECRET_CALLBACK
if (ret == 0 && ssl->tls13SecretCb != NULL) {
ret = ssl->tls13SecretCb(ssl, SERVER_HANDSHAKE_TRAFFIC_SECRET, key,
@@ -719,9 +782,21 @@ static int DeriveClientTrafficSecret(WOLFSSL* ssl, byte* key)
if (ssl == NULL || ssl->arrays == NULL) {
return BAD_FUNC_ARG;
}
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If this is called from a sniffer session with keylog file support,
+ * obtain the appropriate secret from the callback */
+ if (ssl->snifferSecretCb != NULL) {
+ return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+ SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET,
+ key);
+ }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret,
clientAppLabel, CLIENT_APP_LABEL_SZ,
ssl->specs.mac_algorithm, 1, WOLFSSL_CLIENT_END);
+
#ifdef HAVE_SECRET_CALLBACK
if (ret == 0 && ssl->tls13SecretCb != NULL) {
ret = ssl->tls13SecretCb(ssl, CLIENT_TRAFFIC_SECRET, key,
@@ -764,9 +839,21 @@ static int DeriveServerTrafficSecret(WOLFSSL* ssl, byte* key)
if (ssl == NULL || ssl->arrays == NULL) {
return BAD_FUNC_ARG;
}
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If this is called from a sniffer session with keylog file support,
+ * obtain the appropriate secret from the callback */
+ if (ssl->snifferSecretCb != NULL) {
+ return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+ SNIFFER_SECRET_SERVER_TRAFFIC_SECRET,
+ key);
+ }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret,
serverAppLabel, SERVER_APP_LABEL_SZ,
ssl->specs.mac_algorithm, 1, WOLFSSL_SERVER_END);
+
#ifdef HAVE_SECRET_CALLBACK
if (ret == 0 && ssl->tls13SecretCb != NULL) {
ret = ssl->tls13SecretCb(ssl, SERVER_TRAFFIC_SECRET, key,
@@ -1202,6 +1289,12 @@ int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret)
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ digestAlg = WC_SM3;
+ break;
+ #endif
+
default:
return BAD_FUNC_ARG;
}
@@ -1271,6 +1364,13 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash,
ret = wc_Sha512GetHash(&ssl->hsHashes->hashSha512, hash);
break;
#endif /* WOLFSSL_TLS13_SHA512 */
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ hashType = WC_SM3;
+ hashSz = WC_SM3_DIGEST_SIZE;
+ ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+ break;
+ #endif /* WOLFSSL_SM3 */
default:
break;
}
@@ -1713,6 +1813,14 @@ end:
{
return sys_now();
}
+
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+ word32 TimeNowInMilliseconds(void)
+ {
+ return (word32)osKernelGetTickCount();
+ }
+
#elif defined(WOLFSSL_TIRTOS)
/* The time in milliseconds.
* Used for tickets to represent difference between when first seen and when
@@ -1996,6 +2104,14 @@ end:
{
return sys_now();
}
+
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+ sword64 TimeNowInMilliseconds(void)
+ {
+ return (sword64)osKernelGetTickCount();
+ }
+
#elif defined(WOLFSSL_TIRTOS)
/* The time in milliseconds.
* Used for tickets to represent difference between when first seen and when
@@ -2466,7 +2582,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
#ifdef CIPHER_NONCE
if (ssl->encrypt.nonce == NULL) {
ssl->encrypt.nonce = (byte*)XMALLOC(AEAD_NONCE_SZ,
- ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
#ifdef WOLFSSL_CHECK_MEM_ZERO
if (ssl->encrypt.nonce != NULL) {
wc_MemZero_Add("EncryptTls13 nonce", ssl->encrypt.nonce,
@@ -2580,6 +2696,24 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
break;
#endif
+ #ifdef WOLFSSL_SM4_GCM
+ case wolfssl_sm4_gcm:
+ nonceSz = SM4_GCM_NONCE_SZ;
+ ret = wc_Sm4GcmEncrypt(ssl->encrypt.sm4, output, input,
+ dataSz, ssl->encrypt.nonce, nonceSz, output + dataSz,
+ macSz, aad, aadSz);
+ break;
+ #endif
+
+ #ifdef WOLFSSL_SM4_CCM
+ case wolfssl_sm4_ccm:
+ nonceSz = SM4_CCM_NONCE_SZ;
+ ret = wc_Sm4CcmEncrypt(ssl->encrypt.sm4, output, input,
+ dataSz, ssl->encrypt.nonce, nonceSz, output + dataSz,
+ macSz, aad, aadSz);
+ break;
+ #endif
+
#ifdef HAVE_NULL_CIPHER
case wolfssl_cipher_null:
ret = Tls13IntegrityOnly_Encrypt(ssl, output, input, dataSz,
@@ -2811,7 +2945,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* check for still pending */
if (ret == WC_PENDING_E)
return ret;
@@ -2850,7 +2984,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
#ifdef CIPHER_NONCE
if (ssl->decrypt.nonce == NULL) {
ssl->decrypt.nonce = (byte*)XMALLOC(AEAD_NONCE_SZ,
- ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+ ssl->heap, DYNAMIC_TYPE_CIPHER);
#ifdef WOLFSSL_CHECK_MEM_ZERO
if (ssl->decrypt.nonce != NULL) {
wc_MemZero_Add("DecryptTls13 nonce", ssl->decrypt.nonce,
@@ -2956,6 +3090,24 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
break;
#endif
+ #ifdef WOLFSSL_SM4_GCM
+ case wolfssl_sm4_gcm:
+ nonceSz = SM4_GCM_NONCE_SZ;
+ ret = wc_Sm4GcmDecrypt(ssl->decrypt.sm4, output, input,
+ dataSz, ssl->decrypt.nonce, nonceSz, output + dataSz,
+ macSz, aad, aadSz);
+ break;
+ #endif
+
+ #ifdef WOLFSSL_SM4_CCM
+ case wolfssl_sm4_ccm:
+ nonceSz = SM4_CCM_NONCE_SZ;
+ ret = wc_Sm4CcmDecrypt(ssl->decrypt.sm4, output, input,
+ dataSz, ssl->decrypt.nonce, nonceSz, output + dataSz,
+ macSz, aad, aadSz);
+ break;
+ #endif
+
#ifdef HAVE_NULL_CIPHER
case wolfssl_cipher_null:
ret = Tls13IntegrityOnly_Decrypt(ssl, output, input, dataSz,
@@ -3056,7 +3208,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
WOLFSSL_ENTER("BuildTls13Message");
#ifdef WOLFSSL_ASYNC_CRYPT
- ret = WC_NOT_PENDING_E;
+ ret = WC_NO_PENDING_E;
if (asyncOkay) {
WOLFSSL_ASSERT_SIZEOF_GE(ssl->async->args, *args);
@@ -3070,7 +3222,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
args = (BuildMsg13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.buildMsgState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_buildmsg;
@@ -3084,7 +3236,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
/* Reset state */
#ifdef WOLFSSL_ASYNC_CRYPT
- if (ret == WC_NOT_PENDING_E)
+ if (ret == WC_NO_PENDING_E)
#endif
{
ret = 0;
@@ -3323,6 +3475,25 @@ byte SuiteMac(const byte* suite)
break;
}
}
+#if (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+ defined(WOLFSSL_SM3)
+ else if (suite[0] == CIPHER_BYTE) {
+ switch (suite[1]) {
+ #ifdef BUILD_TLS_SM4_GCM_SM3
+ case TLS_SM4_GCM_SM3:
+ mac = sm3_mac;
+ break;
+ #endif
+ #ifdef BUILD_TLS_SM4_CCM_SM3
+ case TLS_SM4_CCM_SM3:
+ mac = sm3_mac;
+ break;
+ #endif
+ default:
+ break;
+ }
+ }
+#endif
#ifdef HAVE_NULL_CIPHER
else if (suite[0] == ECC_BYTE) {
switch (suite[1]) {
@@ -3456,6 +3627,11 @@ static int CreateCookie(const WOLFSSL* ssl, byte** hash, byte* hashSz,
*hash = hashes->sha512;
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ *hash = hashes->sm3;
+ break;
+ #endif
}
*hashSz = ssl->specs.hash_size;
@@ -3586,6 +3762,12 @@ static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk, int clientHello)
if (psk == NULL)
return BAD_FUNC_ARG;
+ if (!HaveUniqueSessionObj(ssl)) {
+ WOLFSSL_MSG("Unable to have unique session object");
+ WOLFSSL_ERROR_VERBOSE(MEMORY_ERROR);
+ return MEMORY_ERROR;
+ }
+
suite[0] = ssl->options.cipherSuite0;
suite[1] = ssl->options.cipherSuite;
@@ -3968,6 +4150,49 @@ static int EchHashHelloInner(WOLFSSL* ssl, WOLFSSL_ECH* ech)
}
#endif
+static void GetTls13SessionId(WOLFSSL* ssl, byte* output, word32* idx)
+{
+ if (ssl->session->sessionIDSz > 0) {
+ /* Session resumption for old versions of protocol. */
+ if (ssl->session->sessionIDSz <= ID_LEN) {
+ if (output != NULL)
+ output[*idx] = ssl->session->sessionIDSz;
+ (*idx)++;
+ if (output != NULL) {
+ XMEMCPY(output + *idx, ssl->session->sessionID,
+ ssl->session->sessionIDSz);
+ }
+ *idx += ssl->session->sessionIDSz;
+ }
+ else {
+ /* Invalid session ID length. Reset it. */
+ ssl->session->sessionIDSz = 0;
+ if (output != NULL)
+ output[*idx] = 0;
+ (*idx)++;
+ }
+ }
+ else {
+ #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+ if (ssl->options.tls13MiddleBoxCompat) {
+ if (output != NULL)
+ output[*idx] = ID_LEN;
+ (*idx)++;
+ if (output != NULL)
+ XMEMCPY(output + *idx, ssl->arrays->clientRandom, ID_LEN);
+ *idx += ID_LEN;
+ }
+ else
+ #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */
+ {
+ /* TLS v1.3 does not use session id - 0 length. */
+ if (output != NULL)
+ output[*idx] = 0;
+ (*idx)++;
+ }
+ }
+}
+
/* handle generation of TLS 1.3 client_hello (1) */
/* Send a ClientHello message to the server.
* Include the information required to start a handshake with servers using
@@ -4060,7 +4285,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
args = (Sch13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
return ret;
@@ -4076,6 +4301,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
switch (ssl->options.asyncState) {
case TLS_ASYNC_BEGIN:
{
+ word32 sessIdSz = 0;
args->idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
@@ -4084,8 +4310,8 @@ int SendTls13ClientHello(WOLFSSL* ssl)
args->idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
#endif /* WOLFSSL_DTLS13 */
- /* Version | Random | Session Id | Cipher Suites | Compression */
- args->length = VERSION_SZ + RAN_LEN + ENUM_LEN + suites->suiteSz +
+ /* Version | Random | Cipher Suites | Compression */
+ args->length = VERSION_SZ + RAN_LEN + suites->suiteSz +
SUITE_LEN + COMP_LEN + ENUM_LEN;
#ifdef WOLFSSL_QUIC
if (WOLFSSL_IS_QUIC(ssl)) {
@@ -4093,17 +4319,9 @@ int SendTls13ClientHello(WOLFSSL* ssl)
ssl->session->sessionIDSz = 0;
ssl->options.tls13MiddleBoxCompat = 0;
}
- else
-#endif
-#if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
- {
- args->length += ID_LEN;
- ssl->options.tls13MiddleBoxCompat = 1;
- }
-#else
- if (ssl->options.resuming && ssl->session->sessionIDSz > 0)
- args->length += ssl->session->sessionIDSz;
#endif
+ GetTls13SessionId(ssl, NULL, &sessIdSz);
+ args->length += (word16)sessIdSz;
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
@@ -4192,10 +4410,37 @@ int SendTls13ClientHello(WOLFSSL* ssl)
}
#endif
- /* Include length of TLS extensions. */
- ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
- if (ret != 0)
- return ret;
+ {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ int maxFrag = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
+ word16 lenWithoutExts = args->length;
+#endif
+
+ /* Include length of TLS extensions. */
+ ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
+ if (ret != 0)
+ return ret;
+
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ if (ssl->options.dtls && args->length > maxFrag &&
+ TLSX_Find(ssl->extensions, TLSX_COOKIE) == NULL) {
+ /* Try again with an empty key share if we would be fragmenting
+ * without a cookie */
+ ret = TLSX_KeyShare_Empty(ssl);
+ if (ret != 0)
+ return ret;
+ args->length = lenWithoutExts;
+ ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
+ if (ret != 0)
+ return ret;
+ if (args->length > maxFrag) {
+ WOLFSSL_MSG("Can't fit first CH in one fragment.");
+ return BUFFER_ERROR;
+ }
+ WOLFSSL_MSG("Sending empty key share so we don't fragment CH1");
+ }
+#endif
+ }
/* Total message size. */
args->sendSz = args->length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
@@ -4243,33 +4488,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
args->idx += RAN_LEN;
- if (ssl->session->sessionIDSz > 0) {
- /* Session resumption for old versions of protocol. */
- if (ssl->options.resuming) {
- args->output[args->idx++] = ID_LEN;
- XMEMCPY(args->output + args->idx, ssl->session->sessionID,
- ssl->session->sessionIDSz);
- args->idx += ID_LEN;
- }
- else {
- /* Not resuming, zero length session ID */
- args->output[args->idx++] = 0;
- }
- }
- else {
- #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
- if (ssl->options.tls13MiddleBoxCompat) {
- args->output[args->idx++] = ID_LEN;
- XMEMCPY(args->output + args->idx, ssl->arrays->clientRandom, ID_LEN);
- args->idx += ID_LEN;
- }
- else
- #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */
- {
- /* TLS v1.3 does not use session id - 0 length. */
- args->output[args->idx++] = 0;
- }
- }
+ GetTls13SessionId(ssl, args->output, &args->idx);
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
@@ -4504,41 +4723,38 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
int digestSize;
HS_Hashes* tmpHashes;
HS_Hashes* acceptHashes;
- byte zeros[WC_MAX_DIGEST_SIZE] = {0};
+ byte zeros[WC_MAX_DIGEST_SIZE];
byte transcriptEchConf[WC_MAX_DIGEST_SIZE];
byte expandLabelPrk[WC_MAX_DIGEST_SIZE];
byte acceptConfirmation[ECH_ACCEPT_CONFIRMATION_SZ];
-
+ XMEMSET(zeros, 0, sizeof(zeros));
+ XMEMSET(transcriptEchConf, 0, sizeof(transcriptEchConf));
+ XMEMSET(expandLabelPrk, 0, sizeof(expandLabelPrk));
+ XMEMSET(acceptConfirmation, 0, sizeof(acceptConfirmation));
/* copy ech hashes to accept */
ret = InitHandshakeHashesAndCopy(ssl, ssl->hsHashesEch, &acceptHashes);
-
/* swap hsHashes to acceptHashes */
tmpHashes = ssl->hsHashes;
ssl->hsHashes = acceptHashes;
-
/* hash up to the last 8 bytes */
if (ret == 0)
ret = HashRaw(ssl, input, serverRandomOffset + RAN_LEN -
ECH_ACCEPT_CONFIRMATION_SZ);
-
/* hash 8 zeros */
if (ret == 0)
ret = HashRaw(ssl, zeros, ECH_ACCEPT_CONFIRMATION_SZ);
-
/* hash the rest of the hello */
- if (ret == 0)
+ if (ret == 0) {
ret = HashRaw(ssl, input + serverRandomOffset + RAN_LEN,
helloSz + HANDSHAKE_HEADER_SZ - (serverRandomOffset + RAN_LEN));
-
+ }
/* get the modified transcript hash */
if (ret == 0)
ret = GetMsgHash(ssl, transcriptEchConf);
-
if (ret > 0)
ret = 0;
-
/* pick the right type and size based on mac_algorithm */
- if (ret == 0)
+ if (ret == 0) {
switch (ssl->specs.mac_algorithm) {
#ifndef NO_SHA256
case sha256_mac:
@@ -4558,16 +4774,21 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
digestSize = WC_SHA512_DIGEST_SIZE;
break;
#endif /* WOLFSSL_TLS13_SHA512 */
+#ifdef WOLFSSL_SM3
+ case sm3_mac:
+ digestType = WC_SM3;
+ digestSize = WC_SM3_DIGEST_SIZE;
+ break;
+#endif /* WOLFSSL_SM3 */
default:
ret = -1;
break;
}
-
+ }
/* extract clientRandomInner with a key of all zeros */
if (ret == 0)
ret = wc_HKDF_Extract(digestType, zeros, digestSize,
ssl->arrays->clientRandomInner, RAN_LEN, expandLabelPrk);
-
/* tls expand with the confirmation label */
if (ret == 0)
ret = wc_Tls13_HKDF_Expand_Label(acceptConfirmation,
@@ -4576,52 +4797,39 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
TLS13_PROTOCOL_LABEL_SZ, echAcceptConfirmationLabel,
ECH_ACCEPT_CONFIRMATION_LABEL_SZ, transcriptEchConf, digestSize,
digestType);
-
if (ret == 0) {
/* last 8 bytes should match our expand output */
ret = XMEMCMP(acceptConfirmation,
ssl->arrays->serverRandom + RAN_LEN - ECH_ACCEPT_CONFIRMATION_SZ,
ECH_ACCEPT_CONFIRMATION_SZ);
-
/* ech accepted */
if (ret == 0) {
/* use the inner random for client random */
XMEMCPY(ssl->arrays->clientRandom, ssl->arrays->clientRandomInner,
RAN_LEN);
-
- /* switch back to original hsHashes */
+ /* switch back to original hsHashes to free */
ssl->hsHashes = tmpHashes;
-
- /* free hsHashes */
- FreeHandshakeHashes(ssl);
-
/* set the final hsHashes to the ech hashes */
tmpHashes = ssl->hsHashesEch;
-
- /* set hsHashesEch to NULL to avoid double free */
- ssl->hsHashesEch = NULL;
}
/* ech rejected */
else {
- /* switch to hsHashesEch */
+ /* switch to hsHashesEch to free */
ssl->hsHashes = ssl->hsHashesEch;
-
- /* free ech hashes */
- FreeHandshakeHashes(ssl);
}
-
+ /* free hsHashes */
+ FreeHandshakeHashes(ssl);
+ /* set hsHashesEch to NULL to avoid double free */
+ ssl->hsHashesEch = NULL;
/* continue with outer if we failed to verify ech was accepted */
ret = 0;
}
-
/* switch to acceptHashes */
ssl->hsHashes = acceptHashes;
-
/* free acceptHashes */
FreeHandshakeHashes(ssl);
-
+ /* swap to tmp, will ech if accepted, hsHashes if rejected */
ssl->hsHashes = tmpHashes;
-
return ret;
}
@@ -4635,9 +4843,12 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* output,
int digestSize;
HS_Hashes* tmpHashes;
HS_Hashes* acceptHashes;
- byte zeros[WC_MAX_DIGEST_SIZE] = {0};
+ byte zeros[WC_MAX_DIGEST_SIZE];
byte transcriptEchConf[WC_MAX_DIGEST_SIZE];
byte expandLabelPrk[WC_MAX_DIGEST_SIZE];
+ XMEMSET(zeros, 0, sizeof(zeros));
+ XMEMSET(transcriptEchConf, 0, sizeof(transcriptEchConf));
+ XMEMSET(expandLabelPrk, 0, sizeof(expandLabelPrk));
/* copy ech hashes to accept */
ret = InitHandshakeHashesAndCopy(ssl, ssl->hsHashes, &acceptHashes);
@@ -4688,6 +4899,12 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* output,
digestSize = WC_SHA512_DIGEST_SIZE;
break;
#endif /* WOLFSSL_TLS13_SHA512 */
+#ifdef WOLFSSL_SM3
+ case sm3_mac:
+ digestType = WC_SM3;
+ digestSize = WC_SM3_DIGEST_SIZE;
+ break;
+#endif /* WOLFSSL_SM3 */
default:
ret = -1;
break;
@@ -4791,7 +5008,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args = (Dsh13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0) {
if (ret == WC_PENDING_E) {
@@ -4884,6 +5101,13 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
WOLFSSL_MSG("HelloRetryRequest format");
*extMsgType = hello_retry_request;
+ if (ssl->msgsReceived.got_hello_verify_request) {
+ WOLFSSL_MSG("Received HelloRetryRequest after a "
+ "HelloVerifyRequest");
+ WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
+ return VERSION_ERROR;
+ }
+
/* A HelloRetryRequest comes in as an ServerHello for MiddleBox compat.
* Found message to be a HelloRetryRequest.
* Don't allow more than one HelloRetryRequest or ServerHello.
@@ -5200,6 +5424,20 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
else
#endif
+#if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM3)
+ if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+ ssl->options.cipherSuite == TLS_SM4_GCM_SM3) {
+ ; /* Do nothing. */
+ }
+ else
+#endif
+#if defined(WOLFSSL_SM4_CCM) && defined(WOLFSSL_SM3)
+ if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+ ssl->options.cipherSuite == TLS_SM4_CCM_SM3) {
+ ; /* Do nothing. */
+ }
+ else
+#endif
/* Check that the negotiated ciphersuite matches protocol version. */
if (ssl->options.cipherSuite0 != TLS13_BYTE) {
WOLFSSL_MSG("Server sent non-TLS13 cipher suite in TLS 1.3 packet");
@@ -5379,6 +5617,11 @@ static int DoTls13CertificateRequest(WOLFSSL* ssl, const byte* input,
if (ssl->toInfoOn) AddLateName("CertificateRequest", &ssl->timeoutInfo);
#endif
+#ifdef OPENSSL_EXTRA
+ if ((ret = CertSetupCbWrapper(ssl)) != 0)
+ return ret;
+#endif
+
if (OPAQUE8_LEN > size)
return BUFFER_ERROR;
@@ -5479,7 +5722,7 @@ static void RefineSuites(WOLFSSL* ssl, Suites* peerSuites)
if (AllocateSuites(ssl) != 0)
return;
- XMEMSET(suites, 0, WOLFSSL_MAX_SUITE_SZ);
+ XMEMSET(suites, 0, sizeof(suites));
if (!ssl->options.useClientOrder) {
/* Server order refining. */
@@ -5606,6 +5849,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, const byte* suite, int* err)
int found = 0;
byte foundSuite[SUITE_LEN];
+ WOLFSSL_ENTER("FindPsk");
+
ret = FindPskSuite(ssl, psk, ssl->arrays->psk_key, &ssl->arrays->psk_keySz,
suite, &found, foundSuite);
if (ret == 0 && found) {
@@ -5640,6 +5885,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, const byte* suite, int* err)
}
*err = ret;
+ WOLFSSL_LEAVE("FindPsk", found);
+ WOLFSSL_LEAVE("FindPsk", ret);
return found;
}
#endif /* !NO_PSK */
@@ -5856,7 +6103,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
int first = 0;
#ifndef WOLFSSL_PSK_ONE_ID
int i;
- const Suites* suites = WOLFSSL_SUITES(ssl);
+ const Suites* suites;
#else
byte suite[2];
#endif
@@ -5894,11 +6141,12 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
/* Refine list for PSK processing. */
RefineSuites(ssl, clSuites);
-
#ifndef WOLFSSL_PSK_ONE_ID
if (usingPSK == NULL)
return BAD_FUNC_ARG;
+ /* set after refineSuites, to avoid taking a stale ptr to ctx->Suites */
+ suites = WOLFSSL_SUITES(ssl);
/* Server list has only common suites from refining in server or client
* order. */
for (i = 0; !(*usingPSK) && i < suites->suiteSz; i += 2) {
@@ -5961,6 +6209,8 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0)
return ret;
+ ssl->keys.encryptionOn = 1;
+
#ifdef WOLFSSL_DTLS13
if (ssl->options.dtls) {
ret = Dtls13NewEpoch(ssl,
@@ -6349,6 +6599,9 @@ static void FreeDch13Args(WOLFSSL* ssl, void* pArgs)
XFREE(args->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
args->clSuites = NULL;
}
+#ifdef OPENSSL_EXTRA
+ ssl->clSuites = NULL;
+#endif
}
int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
@@ -6379,7 +6632,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args = (Dch13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0) {
goto exit_dch;
@@ -6415,12 +6668,21 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
/* Update the ssl->options.dtlsStateful setting `if` statement in
* wolfSSL_accept_TLSv13 when changing this one. */
- if (IsDtlsNotSctpMode(ssl) && ssl->options.sendCookie) {
- ret = DoClientHelloStateless(ssl, input, inOutIdx, helloSz);
+ if (IsDtlsNotSctpMode(ssl) && ssl->options.sendCookie &&
+ !ssl->options.dtlsStateful) {
+ ret = DoClientHelloStateless(ssl, input + *inOutIdx, helloSz, 0, NULL);
if (ret != 0 || !ssl->options.dtlsStateful) {
*inOutIdx += helloSz;
goto exit_dch;
}
+ if (ssl->chGoodCb != NULL) {
+ int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
+ if (cbret < 0) {
+ ssl->error = cbret;
+ WOLFSSL_MSG("ClientHello Good Cb don't continue error");
+ return WOLFSSL_FATAL_ERROR;
+ }
+ }
}
ssl->options.dtlsStateful = 1;
#endif /* WOLFSSL_DTLS */
@@ -6520,7 +6782,12 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
sessIdSz = input[args->idx++];
- if (sessIdSz != ID_LEN && sessIdSz != 0) {
+#ifndef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+ if (sessIdSz > ID_LEN)
+#else
+ if (sessIdSz != ID_LEN && sessIdSz != 0)
+#endif
+ {
ERROR_OUT(INVALID_PARAMETER, exit_dch);
}
@@ -6528,10 +6795,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ERROR_OUT(BUFFER_ERROR, exit_dch);
ssl->session->sessionIDSz = sessIdSz;
- if (sessIdSz == ID_LEN) {
+ if (sessIdSz > 0)
XMEMCPY(ssl->session->sessionID, input + args->idx, sessIdSz);
- args->idx += ID_LEN;
- }
+ args->idx += sessIdSz;
#ifdef WOLFSSL_DTLS13
/* legacy_cookie */
@@ -6660,7 +6926,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
}
else {
- ERROR_OUT(HRR_COOKIE_ERROR, exit_dch);
+#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_DTLS13_NO_HRR_ON_RESUME)
+ /* Don't error out as we may be resuming. We confirm this later. */
+ if (!ssl->options.dtls)
+#endif
+ ERROR_OUT(HRR_COOKIE_ERROR, exit_dch);
}
}
#endif
@@ -6716,6 +6986,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case TLS_ASYNC_DO:
{
+#ifdef OPENSSL_EXTRA
+ ssl->clSuites = args->clSuites;
+ if ((ret = CertSetupCbWrapper(ssl)) != 0)
+ goto exit_dch;
+#endif
#ifndef NO_CERTS
if (!args->usingPSK) {
if ((ret = MatchSuite(ssl, args->clSuites)) < 0) {
@@ -6726,7 +7001,6 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
goto exit_dch;
}
}
- else
#endif
#ifdef HAVE_SUPPORTED_CURVES
if (args->usingPSK == 2) {
@@ -6734,6 +7008,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
int doHelloRetry = 0;
ret = TLSX_KeyShare_Establish(ssl, &doHelloRetry);
if (doHelloRetry) {
+ /* Make sure we don't send HRR twice */
+ if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
+ ERROR_OUT(INVALID_PARAMETER, exit_dch);
ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
if (ret != WC_PENDING_E)
ret = 0; /* for hello_retry return 0 */
@@ -6779,6 +7056,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (!args->usingPSK) {
#ifndef NO_CERTS
+ /* Check that the negotiated ciphersuite matches protocol version. */
#ifdef HAVE_NULL_CIPHER
if (ssl->options.cipherSuite0 == ECC_BYTE &&
(ssl->options.cipherSuite == TLS_SHA256_SHA256 ||
@@ -6787,7 +7065,20 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
else
#endif
- /* Check that the negotiated ciphersuite matches protocol version. */
+ #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM3)
+ if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+ ssl->options.cipherSuite == TLS_SM4_GCM_SM3) {
+ ; /* Do nothing. */
+ }
+ else
+ #endif
+ #if defined(WOLFSSL_SM4_CCM) && defined(WOLFSSL_SM3)
+ if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+ ssl->options.cipherSuite == TLS_SM4_CCM_SM3) {
+ ; /* Do nothing. */
+ }
+ else
+ #endif
if (ssl->options.cipherSuite0 != TLS13_BYTE) {
WOLFSSL_MSG("Negotiated ciphersuite from lesser version than "
"TLS v1.3");
@@ -6812,32 +7103,58 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ret = INPUT_CASE_ERROR;
} /* switch (ssl->options.asyncState) */
-#if defined(WOLFSSL_SEND_HRR_COOKIE)
- if (ret == 0 && ssl->options.sendCookie && ssl->options.cookieGood &&
- (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE
+#ifdef WOLFSSL_SEND_HRR_COOKIE
+ if (ret == 0 && ssl->options.sendCookie) {
+ if (ssl->options.cookieGood &&
+ ssl->options.acceptState == TLS13_ACCEPT_FIRST_REPLY_DONE) {
+ /* Processing second ClientHello. Clear HRR state. */
+ ssl->options.serverState = NULL_STATE;
+ }
+
+ if (ssl->options.cookieGood &&
+ ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+ /* If we already verified the peer with a cookie then we can't
+ * do another HRR for cipher negotiation. Send alert and restart
+ * the entire handshake. */
+ ERROR_OUT(INVALID_PARAMETER, exit_dch);
+ }
#ifdef WOLFSSL_DTLS13
- /* DTLS cookie exchange should be done in stateless code in
- * DoClientHelloStateless. If we verified the cookie then
- * always advance the state. */
- || ssl->options.dtls
+ if (ssl->options.dtls &&
+ ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+ /* Cookie and key share negotiation should be handled in
+ * DoClientHelloStateless. If we enter here then something went
+ * wrong in our logic. */
+ ERROR_OUT(BAD_HELLO, exit_dch);
+ }
#endif
- ))
- ssl->options.serverState = SERVER_HELLO_COMPLETE;
+ /* Send a cookie */
+ if (!ssl->options.cookieGood &&
+ ssl->options.serverState != SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+#ifdef WOLFSSL_DTLS13
+ if (ssl->options.dtls) {
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+ /* We can skip cookie on resumption */
+ if (!ssl->options.dtls || !ssl->options.dtls13NoHrrOnResume ||
+ !args->usingPSK)
+#endif
+ ERROR_OUT(BAD_HELLO, exit_dch);
+ }
+ else
#endif
+ {
+ /* Need to remove the keyshare ext if we found a common group
+ * and are not doing curve negotiation. */
+ TLSX_Remove(&ssl->extensions, TLSX_KEY_SHARE, ssl->heap);
+ ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
+ }
-#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
- if (ret == 0 && ssl->options.dtls && ssl->options.sendCookie &&
- ssl->options.serverState <= SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
- /* Cookie and key share negotiation should be handled in
- * DoClientHelloStateless. If we enter here then something went wrong
- * in our logic. */
- ERROR_OUT(BAD_HELLO, exit_dch);
+ }
}
#endif /* WOLFSSL_DTLS13 */
#ifdef WOLFSSL_DTLS_CID
/* do not modify CID state if we are sending an HRR */
- if (ssl->options.useDtlsCID &&
+ if (ret == 0 && ssl->options.dtls && ssl->options.useDtlsCID &&
ssl->options.serverState != SERVER_HELLO_RETRY_REQUEST_COMPLETE)
DtlsCIDOnExtensionsParsed(ssl);
#endif /* WOLFSSL_DTLS_CID */
@@ -7254,6 +7571,10 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
word16 reqSz;
word16 hashSigAlgoSz = 0;
SignatureAlgorithms* sa;
+ int haveSig = SIG_RSA | SIG_ECDSA | SIG_FALCON | SIG_DILITHIUM;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ haveSig |= SIG_SM2;
+#endif
WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_SEND);
WOLFSSL_ENTER("SendTls13CertificateRequest");
@@ -7264,13 +7585,13 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
return SIDE_ERROR;
/* Get the length of the hashSigAlgo buffer */
- InitSuitesHashSigAlgo_ex(NULL, 1, 1, 1, 1, 0, 1, ssl->buffers.keySz,
- &hashSigAlgoSz);
+ InitSuitesHashSigAlgo_ex2(NULL, haveSig, 1, ssl->buffers.keySz,
+ &hashSigAlgoSz);
sa = TLSX_SignatureAlgorithms_New(ssl, hashSigAlgoSz, ssl->heap);
if (sa == NULL)
return MEMORY_ERROR;
- InitSuitesHashSigAlgo_ex(sa->hashSigAlgo, 1, 1, 1, 1, 0, 1,
- ssl->buffers.keySz, &sa->hashSigAlgoSz);
+ InitSuitesHashSigAlgo_ex2(sa->hashSigAlgo, haveSig, 1, ssl->buffers.keySz,
+ &hashSigAlgoSz);
ret = TLSX_Push(&ssl->extensions, TLSX_SIGNATURE_ALGORITHMS, sa, ssl->heap);
if (ret != 0) {
TLSX_SignatureAlgorithms_FreeAll(sa, ssl->heap);
@@ -7379,6 +7700,12 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)
output[1] = ecc_dsa_sa_algo;
break;
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case sm2_sa_algo:
+ output[0] = SM2_SA_MAJOR;
+ output[1] = SM2_SA_MINOR;
+ break;
+#endif
#ifdef HAVE_ED25519
/* ED25519: 0x0807 */
case ed25519_sa_algo:
@@ -7446,6 +7773,16 @@ static WC_INLINE int DecodeTls13SigAlg(byte* input, byte* hashAlgo,
int ret = 0;
switch (input[0]) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2_SA_MAJOR:
+ if (input[1] == SM2_SA_MINOR) {
+ *hsType = sm2_sa_algo;
+ *hashAlgo = sm3_mac;
+ }
+ else
+ ret = INVALID_PARAMETER;
+ break;
+ #endif
case NEW_SA_MAJOR:
/* PSS signatures: 0x080[4-6] */
if (input[1] >= sha256_mac && input[1] <= sha512_mac) {
@@ -7546,6 +7883,13 @@ static WC_INLINE int GetMsgHash(WOLFSSL* ssl, byte* hash)
ret = WC_SHA512_DIGEST_SIZE;
break;
#endif /* WOLFSSL_TLS13_SHA512 */
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+ if (ret == 0)
+ ret = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif /* WOLFSSL_SM3 */
default:
break;
}
@@ -7913,11 +8257,6 @@ static int SendTls13Certificate(WOLFSSL* ssl)
listSz = 0;
}
else {
-#ifdef OPENSSL_EXTRA
- if ((ret = CertSetupCbWrapper(ssl)) != 0)
- return ret;
-#endif
-
if (!ssl->buffers.certificate) {
WOLFSSL_MSG("Send Cert missing certificate buffer");
return BUFFER_ERROR;
@@ -8238,7 +8577,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args = (Scv13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_scv;
@@ -8302,7 +8641,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
if (ssl->buffers.key == NULL) {
#ifdef HAVE_PK_CALLBACKS
if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
- args->length = GetPrivateKeySigSize(ssl);
+ args->length = (word16)GetPrivateKeySigSize(ssl);
else
#endif
ERROR_OUT(NO_PRIVATE_KEY, exit_scv);
@@ -8325,8 +8664,17 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
if (ssl->hsType == DYNAMIC_TYPE_RSA)
args->sigAlgo = rsa_pss_sa_algo;
#ifdef HAVE_ECC
- else if (ssl->hsType == DYNAMIC_TYPE_ECC)
- args->sigAlgo = ecc_dsa_sa_algo;
+ else if (ssl->hsType == DYNAMIC_TYPE_ECC) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->buffers.keyType == sm2_sa_algo) {
+ args->sigAlgo = sm2_sa_algo;
+ }
+ else
+ #endif
+ {
+ args->sigAlgo = ecc_dsa_sa_algo;
+ }
+ }
#endif
#ifdef HAVE_ED25519
else if (ssl->hsType == DYNAMIC_TYPE_ED25519)
@@ -8382,19 +8730,21 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
}
EncodeSigAlg(ssl->options.hashAlgo, args->sigAlgo, args->verify);
- if (ssl->hsType == DYNAMIC_TYPE_RSA) {
- int sigLen = MAX_SIG_DATA_SZ;
- if (args->length > MAX_SIG_DATA_SZ)
- sigLen = args->length;
- args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
- DYNAMIC_TYPE_SIGNATURE);
- }
- else {
- args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
- DYNAMIC_TYPE_SIGNATURE);
- }
if (args->sigData == NULL) {
- ERROR_OUT(MEMORY_E, exit_scv);
+ if (ssl->hsType == DYNAMIC_TYPE_RSA) {
+ int sigLen = MAX_SIG_DATA_SZ;
+ if (args->length > MAX_SIG_DATA_SZ)
+ sigLen = args->length;
+ args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
+ DYNAMIC_TYPE_SIGNATURE);
+ }
+ else {
+ args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
+ DYNAMIC_TYPE_SIGNATURE);
+ }
+ if (args->sigData == NULL) {
+ ERROR_OUT(MEMORY_E, exit_scv);
+ }
}
/* Create the data to be signed. */
@@ -8427,12 +8777,17 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
if (ssl->hsType == DYNAMIC_TYPE_ECC) {
sig->length = args->sendSz - args->idx - HASH_SIG_SIZE -
VERIFY_HEADER;
- ret = CreateECCEncodedSig(args->sigData,
- args->sigDataSz, ssl->options.hashAlgo);
- if (ret < 0)
- goto exit_scv;
- args->sigDataSz = (word16)ret;
- ret = 0;
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->buffers.keyType != sm2_sa_algo)
+ #endif
+ {
+ ret = CreateECCEncodedSig(args->sigData,
+ args->sigDataSz, ssl->options.hashAlgo);
+ if (ret < 0)
+ goto exit_scv;
+ args->sigDataSz = (word16)ret;
+ ret = 0;
+ }
}
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
@@ -8474,16 +8829,27 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
case TLS_ASYNC_DO:
{
#ifdef HAVE_ECC
- if (ssl->hsType == DYNAMIC_TYPE_ECC) {
- ret = EccSign(ssl, args->sigData, args->sigDataSz,
- args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
- (word32*)&sig->length, (ecc_key*)ssl->hsKey,
- #ifdef HAVE_PK_CALLBACKS
- ssl->buffers.key
- #else
- NULL
+ if (ssl->hsType == DYNAMIC_TYPE_ECC) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->buffers.keyType == sm2_sa_algo) {
+ ret = Sm2wSm3Sign(ssl, TLS13_SM2_SIG_ID,
+ TLS13_SM2_SIG_ID_SZ, args->sigData, args->sigDataSz,
+ args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+ (word32*)&sig->length, (ecc_key*)ssl->hsKey, NULL);
+ }
+ else
#endif
- );
+ {
+ ret = EccSign(ssl, args->sigData, args->sigDataSz,
+ args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+ (word32*)&sig->length, (ecc_key*)ssl->hsKey,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
args->length = (word16)sig->length;
}
#endif /* HAVE_ECC */
@@ -8579,17 +8945,29 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
}
#endif /* !NO_RSA */
#if defined(HAVE_ECC) && defined(WOLFSSL_CHECK_SIG_FAULTS)
- if (ssl->hsType == DYNAMIC_TYPE_ECC) {
- ret = EccVerify(ssl,
- args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
- sig->length, args->sigData, args->sigDataSz,
- (ecc_key*)ssl->hsKey,
- #ifdef HAVE_PK_CALLBACKS
- ssl->buffers.key
- #else
- NULL
+ if (ssl->hsType == DYNAMIC_TYPE_ECC) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (ssl->buffers.keyType == sm2_sa_algo) {
+ ret = Sm2wSm3Verify(ssl, TLS13_SM2_SIG_ID,
+ TLS13_SM2_SIG_ID_SZ,
+ args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+ sig->length, args->sigData, args->sigDataSz,
+ (ecc_key*)ssl->hsKey, NULL);
+ }
+ else
#endif
- );
+ {
+ ret = EccVerify(ssl,
+ args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+ sig->length, args->sigData, args->sigDataSz,
+ (ecc_key*)ssl->hsKey,
+ #ifdef HAVE_PK_CALLBACKS
+ ssl->buffers.key
+ #else
+ NULL
+ #endif
+ );
+ }
}
#endif
@@ -8828,7 +9206,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
args = (Dcv13Args*)ssl->async->args;
ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
goto exit_dcv;
@@ -8915,6 +9293,13 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
ssl->peerEccDsaKeyPresent;
}
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (args->sigAlgo == sm2_sa_algo) {
+ WOLFSSL_MSG("Peer sent SM2 sig");
+ validSigAlgo = (ssl->peerEccDsaKey != NULL) &&
+ ssl->peerEccDsaKeyPresent;
+ }
+ #endif
#ifdef HAVE_PQC
if (args->sigAlgo == falcon_level1_sa_algo) {
WOLFSSL_MSG("Peer sent Falcon Level 1 sig");
@@ -8979,12 +9364,17 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
ret = CreateSigData(ssl, args->sigData, &args->sigDataSz, 1);
if (ret != 0)
goto exit_dcv;
- ret = CreateECCEncodedSig(args->sigData,
- args->sigDataSz, args->hashAlgo);
- if (ret < 0)
- goto exit_dcv;
- args->sigDataSz = (word16)ret;
- ret = 0;
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (args->sigAlgo != sm2_sa_algo)
+ #endif
+ {
+ ret = CreateECCEncodedSig(args->sigData,
+ args->sigDataSz, args->hashAlgo);
+ if (ret < 0)
+ goto exit_dcv;
+ args->sigDataSz = (word16)ret;
+ ret = 0;
+ }
}
#endif
#ifdef HAVE_ED25519
@@ -9068,15 +9458,26 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
#endif /* !NO_RSA */
#ifdef HAVE_ECC
if (ssl->peerEccDsaKeyPresent) {
- ret = EccVerify(ssl, input + args->idx, args->sz,
- args->sigData, args->sigDataSz,
- ssl->peerEccDsaKey,
- #ifdef HAVE_PK_CALLBACKS
- &ssl->buffers.peerEccDsaKey
- #else
- NULL
- #endif
- );
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (args->sigAlgo == sm2_sa_algo) {
+ ret = Sm2wSm3Verify(ssl, TLS13_SM2_SIG_ID,
+ TLS13_SM2_SIG_ID_SZ, input + args->idx, args->sz,
+ args->sigData, args->sigDataSz,
+ ssl->peerEccDsaKey, NULL);
+ }
+ else
+ #endif
+ {
+ ret = EccVerify(ssl, input + args->idx, args->sz,
+ args->sigData, args->sigDataSz,
+ ssl->peerEccDsaKey,
+ #ifdef HAVE_PK_CALLBACKS
+ &ssl->buffers.peerEccDsaKey
+ #else
+ NULL
+ #endif
+ );
+ }
if (ret >= 0) {
/* CLIENT/SERVER: data verified with public key from
@@ -10221,6 +10622,13 @@ static int ExpectedResumptionSecret(WOLFSSL* ssl)
return ret;
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ ret = wc_Sm3Copy(&ssl->hsHashes->hashSm3, &digest.sm3);
+ if (ret != 0)
+ return ret;
+ break;
+ #endif
}
/* Generate the Client's Finished message and hash it. */
@@ -10274,6 +10682,15 @@ static int ExpectedResumptionSecret(WOLFSSL* ssl)
return ret;
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ wc_Sm3Free(&ssl->hsHashes->hashSm3);
+ ret = wc_Sm3Copy(&digest.sm3, &ssl->hsHashes->hashSm3);
+ wc_Sm3Free(&digest.sm3);
+ if (ret != 0)
+ return ret;
+ break;
+ #endif
}
return ret;
@@ -10323,9 +10740,24 @@ static int SendTls13NewSessionTicket(WOLFSSL* ssl)
ssl->session->ticketNonce.data[0]++;
}
+ if ((ssl->options.mask & WOLFSSL_OP_NO_TICKET) != 0) {
+ /* In this case we only send the ID as the ticket. Let's generate a new
+ * ID for the new ticket so that we don't overwrite any old ones */
+ ret = wc_RNG_GenerateBlock(ssl->rng, ssl->session->altSessionID,
+ ID_LEN);
+ if (ret != 0)
+ return ret;
+ ssl->session->haveAltSessionID = 1;
+ }
+
if (!ssl->options.noTicketTls13) {
- if ((ret = CreateTicket(ssl)) != 0)
+ if ((ret = SetupTicket(ssl)) != 0)
return ret;
+ /* No need to create the ticket if we only send the ID */
+ if ((ssl->options.mask & WOLFSSL_OP_NO_TICKET) == 0) {
+ if ((ret = CreateTicket(ssl)) != 0)
+ return ret;
+ }
}
#ifdef WOLFSSL_EARLY_DATA
@@ -10384,7 +10816,7 @@ static int SendTls13NewSessionTicket(WOLFSSL* ssl)
if (ssl->session->haveAltSessionID)
XMEMCPY(output + idx, ssl->session->altSessionID, ID_LEN);
else
- XMEMCPY(output + idx, ssl->session->sessionID, ID_LEN);
+ return BAD_FUNC_ARG; /* Should not happen */
idx += ID_LEN;
}
else {
@@ -11185,12 +11617,12 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
* == 0) */
*inOutIdx -= HANDSHAKE_HEADER_SZ;
}
-#endif
- /* reset error */
- if (ret == 0 && ssl->error == WC_PENDING_E)
+ /* make sure async error is cleared */
+ if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) {
ssl->error = 0;
-
+ }
+#endif
if (ret == 0 && type != client_hello && type != session_ticket &&
type != key_update) {
ret = HashInput(ssl, input + inIdx, size);
@@ -11355,8 +11787,6 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_ENTER("DoTls13HandShakeMsg");
if (ssl->arrays == NULL) {
-
-
if (GetHandshakeHeader(ssl, input, inOutIdx, &type, &size,
totalSz) != 0) {
SendAlert(ssl, alert_fatal, unexpected_message);
@@ -11364,6 +11794,12 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return PARSE_ERROR;
}
+ ret = EarlySanityCheckMsgReceived(ssl, type, size);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
return DoTls13HandShakeMsgType(ssl, input, inOutIdx, type, size,
totalSz);
}
@@ -11380,6 +11816,13 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return PARSE_ERROR;
}
+ ret = EarlySanityCheckMsgReceived(ssl, type,
+ min(inputLength - HANDSHAKE_HEADER_SZ, size));
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
/* Cap the maximum size of a handshake message to something reasonable.
* By default is the maximum size of a certificate message assuming
* nine 2048-bit RSA certificates in the chain. */
@@ -11415,6 +11858,14 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
inputLength = ssl->arrays->pendingMsgSz -
ssl->arrays->pendingMsgOffset;
}
+
+ ret = EarlySanityCheckMsgReceived(ssl, ssl->arrays->pendingMsgType,
+ inputLength);
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ return ret;
+ }
+
XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
input + *inOutIdx, inputLength);
ssl->arrays->pendingMsgOffset += inputLength;
@@ -11530,7 +11981,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
&& ssl->error != WC_PENDING_E
#endif
) {
- if ((ssl->error = SendBuffered(ssl)) == 0) {
+ if ((ret = SendBuffered(ssl)) == 0) {
if (ssl->fragOffset == 0 && !ssl->options.buildingMsg) {
if (advanceState) {
#ifdef WOLFSSL_DTLS13
@@ -11623,7 +12074,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
case CLIENT_HELLO_SENT:
/* Get the response/s from the server. */
while (ssl->options.serverState <
- SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+ SERVER_HELLOVERIFYREQUEST_COMPLETE) {
if ((ssl->error = ProcessReply(ssl)) < 0) {
WOLFSSL_ERROR(ssl->error);
return WOLFSSL_FATAL_ERROR;
@@ -11974,7 +12425,7 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfSSL_AsyncPop(ssl, NULL);
- if (ret != WC_NOT_PENDING_E) {
+ if (ret != WC_NO_PENDING_E) {
/* Check for error */
if (ret < 0)
return ret;
@@ -12739,7 +13190,8 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
&& !ssl->dtls13SendingAckOrRtx;
#endif /* WOLFSSL_DTLS13 */
- if ((ssl->error = SendBuffered(ssl)) == 0) {
+ ret = SendBuffered(ssl);
+ if (ret == 0) {
if (ssl->fragOffset == 0 && !ssl->options.buildingMsg) {
if (advanceState) {
ssl->options.acceptState++;
@@ -12876,17 +13328,6 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
case TLS13_ACCEPT_SECOND_REPLY_DONE :
-#ifdef WOLFSSL_DTLS
- if (ssl->chGoodCb != NULL) {
- int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
- if (cbret < 0) {
- ssl->error = cbret;
- WOLFSSL_MSG("ClientHello Good Cb don't continue error");
- return WOLFSSL_FATAL_ERROR;
- }
- }
-#endif
-
if ((ssl->error = SendTls13ServerHello(ssl, server_hello)) != 0) {
WOLFSSL_ERROR(ssl->error);
return WOLFSSL_FATAL_ERROR;
@@ -13387,6 +13828,79 @@ int wolfSSL_set_tls13_secret_cb(WOLFSSL* ssl, Tls13SecretCb cb, void* ctx)
return WOLFSSL_SUCCESS;
}
+
+#if defined(SHOW_SECRETS) && defined(WOLFSSL_SSLKEYLOGFILE)
+int tls13ShowSecrets(WOLFSSL* ssl, int id, const unsigned char* secret,
+ int secretSz, void* ctx)
+{
+ int i;
+ const char* str = NULL;
+ byte clientRandom[RAN_LEN];
+ int clientRandomSz;
+ XFILE fp;
+
+ (void) ctx;
+#ifdef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+ fp = XFOPEN(WOLFSSL_SSLKEYLOGFILE_OUTPUT, "ab");
+ if (fp == XBADFILE) {
+ return BAD_FUNC_ARG;
+ }
+#else
+ fp = stderr;
+#endif
+
+ clientRandomSz = (int)wolfSSL_get_client_random(ssl, clientRandom,
+ sizeof(clientRandom));
+
+ if (clientRandomSz <= 0) {
+ printf("Error getting server random %d\n", clientRandomSz);
+ }
+
+#if 0
+ printf("TLS Server Secret CB: Rand %d, Secret %d\n",
+ serverRandomSz, secretSz);
+#endif
+
+ switch (id) {
+ case CLIENT_EARLY_TRAFFIC_SECRET:
+ str = "CLIENT_EARLY_TRAFFIC_SECRET"; break;
+ case EARLY_EXPORTER_SECRET:
+ str = "EARLY_EXPORTER_SECRET"; break;
+ case CLIENT_HANDSHAKE_TRAFFIC_SECRET:
+ str = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; break;
+ case SERVER_HANDSHAKE_TRAFFIC_SECRET:
+ str = "SERVER_HANDSHAKE_TRAFFIC_SECRET"; break;
+ case CLIENT_TRAFFIC_SECRET:
+ str = "CLIENT_TRAFFIC_SECRET_0"; break;
+ case SERVER_TRAFFIC_SECRET:
+ str = "SERVER_TRAFFIC_SECRET_0"; break;
+ case EXPORTER_SECRET:
+ str = "EXPORTER_SECRET"; break;
+ default:
+#ifdef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+ XFCLOSE(fp);
+#endif
+ return BAD_FUNC_ARG;
+ break;
+ }
+
+ fprintf(fp, "%s ", str);
+ for (i = 0; i < (int)clientRandomSz; i++) {
+ fprintf(fp, "%02x", clientRandom[i]);
+ }
+ fprintf(fp, " ");
+ for (i = 0; i < secretSz; i++) {
+ fprintf(fp, "%02x", secret[i]);
+ }
+ fprintf(fp, "\n");
+
+#ifdef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+ XFCLOSE(fp);
+#endif
+
+ return 0;
+}
+#endif
#endif
#undef ERROR_OUT
diff --git a/extra/wolfssl/wolfssl/src/wolfio.c b/extra/wolfssl/wolfssl/src/wolfio.c
index 26c11ad4..4fee9583 100644
--- a/extra/wolfssl/wolfssl/src/wolfio.c
+++ b/extra/wolfssl/wolfssl/src/wolfio.c
@@ -20,6 +20,9 @@
*/
+#ifndef WOLFSSL_STRERROR_BUFFER_SIZE
+#define WOLFSSL_STRERROR_BUFFER_SIZE 256
+#endif
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -121,6 +124,12 @@ static WC_INLINE int wolfSSL_LastError(int err)
static int TranslateIoError(int err)
{
+#ifdef _WIN32
+ size_t errstr_offset;
+ char errstr[WOLFSSL_STRERROR_BUFFER_SIZE];
+#endif /* _WIN32 */
+
+
if (err > 0)
return err;
@@ -151,7 +160,20 @@ static int TranslateIoError(int err)
return WOLFSSL_CBIO_ERR_CONN_CLOSE;
}
+#if defined(_WIN32)
+ strcpy_s(errstr, sizeof(errstr), "\tGeneral error: ");
+ errstr_offset = strlen(errstr);
+ FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ err,
+ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+ (LPSTR)(errstr + errstr_offset),
+ (DWORD)(sizeof(errstr) - errstr_offset),
+ NULL);
+ WOLFSSL_MSG(errstr);
+#else
WOLFSSL_MSG("\tGeneral error");
+#endif
return WOLFSSL_CBIO_ERR_GENERAL;
}
#endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */
@@ -396,12 +418,12 @@ static int PeerIsIpv6(const SOCKADDR_S *peer, XSOCKLENT len)
static int isDGramSock(int sfd)
{
- char type = 0;
+ int type = 0;
/* optvalue 'type' is of size int */
- XSOCKLENT length = (XSOCKLENT)sizeof(char);
+ XSOCKLENT length = (XSOCKLENT)sizeof(type);
- if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, &type, &length) == 0 &&
- type != SOCK_DGRAM) {
+ if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, (XSOCKOPT_TYPE_OPTVAL_TYPE)&type,
+ &length) == 0 && type != SOCK_DGRAM) {
return 0;
}
else {
@@ -634,7 +656,7 @@ int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
peerSz = dtlsCtx->peer.sz;
#ifndef WOLFSSL_IPV6
if (PeerIsIpv6(peer, peerSz)) {
- WOLFSSL_MSG("ipv6 dtls peer setted but no ipv6 support compiled");
+ WOLFSSL_MSG("ipv6 dtls peer set but no ipv6 support compiled");
return NOT_COMPILED_IN;
}
#endif
@@ -1084,7 +1106,11 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
/* use gethostbyname for c99 */
#if defined(HAVE_GETADDRINFO)
XMEMSET(&hints, 0, sizeof(hints));
+#ifdef WOLFSSL_IPV6
hints.ai_family = AF_UNSPEC; /* detect IPv4 or IPv6 */
+#else
+ hints.ai_family = AF_INET; /* detect only IPv4 */
+#endif
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
@@ -2463,11 +2489,18 @@ int MicriumSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
/* Micrium DTLS Generate Cookie callback
* return : number of bytes copied into buf, or error
*/
+#if defined(NO_SHA) && !defined(NO_SHA256)
+ #define MICRIUM_COOKIE_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+ #define MICRIUM_COOKIE_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+ #error Must enable either SHA-1 or SHA256 (or both) for Micrium.
+#endif
int MicriumGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
{
NET_SOCK_ADDR peer;
NET_SOCK_ADDR_LEN peerSz = sizeof(peer);
- byte digest[WC_SHA_DIGEST_SIZE];
+ byte digest[MICRIUM_COOKIE_DIGEST_SIZE];
int ret = 0;
(void)ctx;
@@ -2479,12 +2512,16 @@ int MicriumGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
return GEN_COOKIE_E;
}
+#if defined(NO_SHA) && !defined(NO_SHA256)
+ ret = wc_Sha256Hash((byte*)&peer, peerSz, digest);
+#else
ret = wc_ShaHash((byte*)&peer, peerSz, digest);
+#endif
if (ret != 0)
return ret;
- if (sz > WC_SHA_DIGEST_SIZE)
- sz = WC_SHA_DIGEST_SIZE;
+ if (sz > MICRIUM_COOKIE_DIGEST_SIZE)
+ sz = MICRIUM_COOKIE_DIGEST_SIZE;
XMEMCPY(buf, digest, sz);
return sz;
@@ -2778,20 +2815,31 @@ int uIPReceive(WOLFSSL *ssl, char *buf, int sz, void *_ctx)
/* uIP DTLS Generate Cookie callback
* return : number of bytes copied into buf, or error
*/
+#if defined(NO_SHA) && !defined(NO_SHA256)
+ #define UIP_COOKIE_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+ #define UIP_COOKIE_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+ #error Must enable either SHA-1 or SHA256 (or both) for uIP.
+#endif
int uIPGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
{
uip_wolfssl_ctx *ctx = (uip_wolfssl_ctx *)_ctx;
byte token[32];
- byte digest[WC_SHA_DIGEST_SIZE];
+ byte digest[UIP_COOKIE_DIGEST_SIZE];
int ret = 0;
XMEMSET(token, 0, sizeof(token));
XMEMCPY(token, &ctx->peer_addr, sizeof(uip_ipaddr_t));
XMEMCPY(token + sizeof(uip_ipaddr_t), &ctx->peer_port, sizeof(word16));
+#if defined(NO_SHA) && !defined(NO_SHA256)
+ ret = wc_Sha256Hash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
+#else
ret = wc_ShaHash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
+#endif
if (ret != 0)
return ret;
- if (sz > WC_SHA_DIGEST_SIZE)
- sz = WC_SHA_DIGEST_SIZE;
+ if (sz > UIP_COOKIE_DIGEST_SIZE)
+ sz = UIP_COOKIE_DIGEST_SIZE;
XMEMCPY(buf, digest, sz);
return sz;
}
@@ -2855,13 +2903,20 @@ int GNRC_ReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *_ctx)
* return : number of bytes copied into buf, or error
*/
#define GNRC_MAX_TOKEN_SIZE (32)
+#if defined(NO_SHA) && !defined(NO_SHA256)
+ #define GNRC_COOKIE_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+ #define GNRC_COOKIE_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+ #error Must enable either SHA-1 or SHA256 (or both) for GNRC.
+#endif
int GNRC_GenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
{
sock_tls_t *ctx = (sock_tls_t *)_ctx;
if (!ctx)
return WOLFSSL_CBIO_ERR_GENERAL;
byte token[GNRC_MAX_TOKEN_SIZE];
- byte digest[WC_SHA_DIGEST_SIZE];
+ byte digest[GNRC_COOKIE_DIGEST_SIZE];
int ret = 0;
size_t token_size = sizeof(sock_udp_ep_t);
(void)ssl;
@@ -2869,11 +2924,15 @@ int GNRC_GenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
token_size = GNRC_MAX_TOKEN_SIZE;
XMEMSET(token, 0, GNRC_MAX_TOKEN_SIZE);
XMEMCPY(token, &ctx->peer_addr, token_size);
+#if defined(NO_SHA) && !defined(NO_SHA256)
+ ret = wc_Sha256Hash(token, token_size, digest);
+#else
ret = wc_ShaHash(token, token_size, digest);
+#endif
if (ret != 0)
return ret;
- if (sz > WC_SHA_DIGEST_SIZE)
- sz = WC_SHA_DIGEST_SIZE;
+ if (sz > GNRC_COOKIE_DIGEST_SIZE)
+ sz = GNRC_COOKIE_DIGEST_SIZE;
XMEMCPY(buf, digest, sz);
return sz;
}
diff --git a/extra/wolfssl/wolfssl/src/x509.c b/extra/wolfssl/wolfssl/src/x509.c
index 90844832..a1c4fc4d 100644
--- a/extra/wolfssl/wolfssl/src/x509.c
+++ b/extra/wolfssl/wolfssl/src/x509.c
@@ -541,6 +541,10 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
return -1;
}
+#endif /* OPENSSL_ALL || OPENSSL_EXTRA */
+
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
+ defined(WOLFSSL_WPAS_SMALL)
/* Set a general name from the DNS entry data.
*
* @param [in] dns DNS entry.
@@ -565,6 +569,10 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
static const unsigned char upn_oid[] = {
0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03
};
+ /* FASCN OID: 2.16.840.1.101.3.6.6 */
+ static const unsigned char fascn_oid[] = {
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x06, 0x06
+ };
const unsigned char* oid;
word32 oidSz;
@@ -574,6 +582,10 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
oid = upn_oid;
oidSz = (word32)sizeof(upn_oid);
}
+ else if (dns->oidSum == FASCN_OID) {
+ oid = fascn_oid;
+ oidSz = (word32)sizeof(fascn_oid);
+ }
else {
goto err;
}
@@ -650,7 +662,9 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
err:
return ret;
}
+#endif /* OPENSSL_ALL || WOLFSSL_WPAS_SMALL */
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
static int wolfssl_x509_alt_names_to_gn(WOLFSSL_X509* x509,
WOLFSSL_X509_EXTENSION* ext)
{
@@ -1186,7 +1200,9 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
/* Get extension data and copy as ASN1_STRING */
tmpIdx = idx + length;
- if ((tmpIdx >= (word32)sz) || (input[tmpIdx++] != ASN_OCTET_STRING)) {
+ if ((tmpIdx >= (word32)sz) ||
+ (input[tmpIdx] != ASN_OCTET_STRING))
+ {
WOLFSSL_MSG("Error decoding unknown extension data");
wolfSSL_ASN1_OBJECT_free(ext->obj);
wolfSSL_X509_EXTENSION_free(ext);
@@ -1197,6 +1213,8 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
return NULL;
}
+ tmpIdx++;
+
if (GetLength(input, &tmpIdx, &length, sz) <= 0) {
WOLFSSL_MSG("Error: Invalid Input Length.");
wolfSSL_ASN1_OBJECT_free(ext->obj);
@@ -1354,11 +1372,45 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo
break;
}
case NID_key_usage:
- if (ext && ext->value.data &&
- ext->value.length == sizeof(word16)) {
- x509->keyUsage = *(word16*)ext->value.data;
- x509->keyUsageCrit = (byte)ext->crit;
- x509->keyUsageSet = 1;
+ if (ext && ext->value.data) {
+ if (ext->value.length == sizeof(word16)) {
+ /* if ext->value is already word16, set directly */
+ x509->keyUsage = *(word16*)ext->value.data;
+ x509->keyUsageCrit = (byte)ext->crit;
+ x509->keyUsageSet = 1;
+ }
+ else if (ext->value.length > 0) {
+ /* ext->value is comma-delimited string, convert to word16 */
+ if (ParseKeyUsageStr(ext->value.data, &x509->keyUsage,
+ x509->heap) != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ x509->keyUsageCrit = (byte)ext->crit;
+ x509->keyUsageSet = 1;
+ }
+ else {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ break;
+ case NID_ext_key_usage:
+ if (ext && ext->value.data) {
+ if (ext->value.length == sizeof(byte)) {
+ /* if ext->value is already word16, set directly */
+ x509->extKeyUsage = *(byte*)ext->value.data;
+ x509->extKeyUsageCrit = (byte)ext->crit;
+ }
+ else if (ext->value.length > 0) {
+ /* ext->value is comma-delimited string, convert to word16 */
+ if (ParseExtKeyUsageStr(ext->value.data, &x509->extKeyUsage,
+ x509->heap) != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ x509->extKeyUsageCrit = (byte)ext->crit;
+ }
+ else {
+ return WOLFSSL_FAILURE;
+ }
}
break;
case NID_basic_constraints:
@@ -1496,15 +1548,19 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
if (sk->next) {
if ((valLen = XSNPRINTF(val, len, "%*s%s,",
indent, "", str->strData))
- >= len)
+ >= len) {
+ XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return rc;
+ }
} else {
if ((valLen = XSNPRINTF(val, len, "%*s%s",
indent, "", str->strData))
- >= len)
+ >= len) {
+ XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return rc;
+ }
}
- if (tmpLen + valLen > tmpSz) {
+ if ((tmpLen + valLen) >= tmpSz) {
XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return rc;
}
@@ -1521,11 +1577,9 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
{
char* asn1str;
asn1str = wolfSSL_i2s_ASN1_STRING(NULL, str);
- if ((tmpLen = XSNPRINTF(
- tmp, tmpSz, "%*s%s", indent, "", asn1str))
- >= tmpSz)
- return rc;
+ tmpLen = XSNPRINTF(tmp, tmpSz, "%*s%s", indent, "", asn1str);
XFREE(asn1str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (tmpLen >= tmpSz) return rc;
break;
}
case AUTH_INFO_OID:
@@ -2118,7 +2172,7 @@ out:
return found ? extCount : WOLFSSL_FATAL_ERROR;
}
-#endif /* OPENSSL_ALL */
+#endif /* OPENSSL_ALL || OPENSSL_EXTRA */
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
/* Looks for the extension matching the passed in nid
@@ -2775,6 +2829,14 @@ static WOLFSSL_X509_EXTENSION* createExtFromStr(int nid, const char *value)
}
ext->value.type = KEY_USAGE_OID;
break;
+ case NID_ext_key_usage:
+ if (wolfSSL_ASN1_STRING_set(&ext->value, value, -1)
+ != WOLFSSL_SUCCESS) {
+ WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error");
+ goto err_cleanup;
+ }
+ ext->value.type = EXT_KEY_USAGE_OID;
+ break;
default:
WOLFSSL_MSG("invalid or unsupported NID");
goto err_cleanup;
@@ -4378,8 +4440,9 @@ error:
* @return WOLFSSL_FAILURE on invalid parameter or memory error,
* WOLFSSL_SUCCESS otherwise.
*/
-int wolfSSL_GENERAL_NAME_set0_othername(GENERAL_NAME* gen, ASN1_OBJECT* oid,
- ASN1_TYPE* value) {
+int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
+ ASN1_OBJECT* oid, ASN1_TYPE* value)
+{
WOLFSSL_ASN1_OBJECT *x = NULL;
if ((gen == NULL) || (oid == NULL) || (value == NULL)) {
@@ -4782,6 +4845,39 @@ int wolfSSL_GENERAL_NAME_set_type(WOLFSSL_GENERAL_NAME* name, int typ)
return ret;
}
+/* Set the value in a general name. This is a compat layer API.
+ *
+ * @param [out] a Pointer to the GENERAL_NAME where the othername is set.
+ * @param [in] type The type of this general name.
+ * @param [in] value The ASN.1 string that is the value.
+ * @return none
+ * @note the set0 indicates we take ownership so the user does NOT free value.
+ */
+void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
+ void *value)
+{
+ WOLFSSL_ASN1_STRING *val = (WOLFSSL_ASN1_STRING *)value;
+ if (a == NULL) {
+ WOLFSSL_MSG("a is NULL");
+ return;
+ }
+
+ if (val == NULL) {
+ WOLFSSL_MSG("value is NULL");
+ return;
+ }
+
+ if (type != GEN_DNS) {
+ WOLFSSL_MSG("Only GEN_DNS is supported");
+ return;
+ }
+
+ wolfSSL_GENERAL_NAME_type_free(a);
+ a->type = type;
+ if (type == GEN_DNS) {
+ a->d.dNSName = val;
+ }
+}
/* Frees GENERAL_NAME objects.
*/
@@ -4807,6 +4903,17 @@ void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES *gens)
wolfSSL_sk_GENERAL_NAME_free(gens);
}
+void wolfSSL_EXTENDED_KEY_USAGE_free(WOLFSSL_STACK * sk)
+{
+ WOLFSSL_ENTER("wolfSSL_EXTENDED_KEY_USAGE_free");
+
+ if (sk == NULL) {
+ return;
+ }
+
+ wolfSSL_sk_X509_pop_free(sk, NULL);
+}
+
#if defined(OPENSSL_ALL) && !defined(NO_BIO)
/* Outputs name string of the given WOLFSSL_GENERAL_NAME_OBJECT to WOLFSSL_BIO.
* Can handle following GENERAL_NAME_OBJECT types:
@@ -5111,7 +5218,7 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
const unsigned char* buf, int sz, int format, int type)
{
- int ret;
+ int ret = 0;
WOLFSSL_X509* x509 = NULL;
DerBuffer* der = NULL;
@@ -5119,7 +5226,8 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
if (format == WOLFSSL_FILETYPE_PEM) {
#ifdef WOLFSSL_PEM_TO_DER
- if (PemToDer(buf, sz, type, &der, NULL, NULL, NULL) != 0) {
+ ret = PemToDer(buf, sz, type, &der, NULL, NULL, NULL);
+ if (ret != 0) {
FreeDer(&der);
}
#else
@@ -5145,20 +5253,28 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_DCERT);
- if (cert != NULL)
+ if (cert == NULL) {
+ ret = MEMORY_ERROR;
+ }
+ else
#endif
{
InitDecodedCert(cert, der->buffer, der->length, NULL);
- if (ParseCertRelative(cert, type, 0, NULL) == 0) {
+ ret = ParseCertRelative(cert, type, 0, NULL);
+ if (ret == 0) {
x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
DYNAMIC_TYPE_X509);
if (x509 != NULL) {
InitX509(x509, 1, NULL);
- if (CopyDecodedToX509(x509, cert) != 0) {
+ ret = CopyDecodedToX509(x509, cert);
+ if (ret != 0) {
wolfSSL_X509_free(x509);
x509 = NULL;
}
}
+ else {
+ ret = MEMORY_ERROR;
+ }
}
FreeDecodedCert(cert);
@@ -5170,6 +5286,10 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
FreeDer(&der);
}
+ if (ret != 0) {
+ WOLFSSL_ERROR(ret);
+ }
+
return x509;
}
@@ -5784,11 +5904,21 @@ static int X509PrintSubjAltName(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
else if (entry->type == ASN_URI_TYPE) {
len = XSNPRINTF(scratch, MAX_WIDTH, "URI:%s",
entry->name);
+ if (len >= MAX_WIDTH) {
+ ret = WOLFSSL_FAILURE;
+ break;
+ }
+ }
+ #if defined(OPENSSL_ALL)
+ else if (entry->type == ASN_RID_TYPE) {
+ len = XSNPRINTF(scratch, MAX_WIDTH, "Registered ID:%s",
+ entry->ridString);
if (len >= MAX_WIDTH) {
ret = WOLFSSL_FAILURE;
break;
}
}
+ #endif
else if (entry->type == ASN_OTHER_TYPE) {
len = XSNPRINTF(scratch, MAX_WIDTH,
"othername <unsupported>");
@@ -6378,7 +6508,8 @@ static int X509PrintSignature_ex(WOLFSSL_BIO* bio, byte* sig,
break;
}
}
- if (valLen >= (int)sizeof(tmp) - tmpLen - 1) {
+ if ((tmpLen < 0) || (valLen < 0) ||
+ (valLen >= ((int)sizeof(tmp) - tmpLen - 1))) {
ret = WOLFSSL_FAILURE;
break;
}
@@ -7022,7 +7153,8 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
WOLFSSL_CERT_MANAGER* cm = lookup->store->cm;
if (cm->crl == NULL) {
- if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
+ if (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK)
+ != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Enable CRL failed");
goto end;
}
@@ -7357,6 +7489,7 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
{
const unsigned char* der;
int derSz = 0;
+ int advance = 1;
WOLFSSL_ENTER("wolfSSL_i2d_X509");
@@ -7377,10 +7510,14 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
WOLFSSL_LEAVE("wolfSSL_i2d_X509", MEMORY_E);
return MEMORY_E;
}
+ advance = 0;
}
- if (out != NULL)
+ if (out != NULL) {
XMEMCPY(*out, der, derSz);
+ if (advance)
+ *out += derSz;
+ }
WOLFSSL_LEAVE("wolfSSL_i2d_X509", derSz);
return derSz;
@@ -9470,7 +9607,9 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
{
WOLFSSL_ENTER("wolfSSL_X509_NAME_free");
FreeX509Name(name);
- XFREE(name, NULL, DYNAMIC_TYPE_X509);
+ if (name != NULL) {
+ XFREE(name, name->heap, DYNAMIC_TYPE_X509);
+ }
}
@@ -9478,20 +9617,24 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
*
* returns NULL on failure, otherwise returns a new structure.
*/
- WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void)
+ WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap)
{
WOLFSSL_X509_NAME* name;
- WOLFSSL_ENTER("wolfSSL_X509_NAME_new");
+ WOLFSSL_ENTER("wolfSSL_X509_NAME_new_ex");
- name = (WOLFSSL_X509_NAME*)XMALLOC(sizeof(WOLFSSL_X509_NAME), NULL,
+ name = (WOLFSSL_X509_NAME*)XMALLOC(sizeof(WOLFSSL_X509_NAME), heap,
DYNAMIC_TYPE_X509);
if (name != NULL) {
- InitX509Name(name, 1, NULL);
+ InitX509Name(name, 1, heap);
}
return name;
}
+ WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void) {
+ return wolfSSL_X509_NAME_new_ex(NULL);
+ }
+
/* Creates a duplicate of a WOLFSSL_X509_NAME structure.
Returns a new WOLFSSL_X509_NAME structure or NULL on failure */
WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME *name)
@@ -9505,7 +9648,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
return NULL;
}
- if (!(copy = wolfSSL_X509_NAME_new())) {
+ if (!(copy = wolfSSL_X509_NAME_new_ex(name->heap))) {
return NULL;
}
@@ -9588,7 +9731,8 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
}
if (req->keyUsageSet)
cert->keyUsage = req->keyUsage;
- /* Extended Key Usage not supported. */
+
+ cert->extKeyUsage = req->extKeyUsage;
#endif
XMEMCPY(cert->challengePw, req->challengePw, CTC_NAME_SIZE);
@@ -10411,6 +10555,7 @@ static int ConvertNIDToWolfSSL(int nid)
case NID_organizationName: return ASN_ORG_NAME;
case NID_organizationalUnitName: return ASN_ORGUNIT_NAME;
case NID_emailAddress: return ASN_EMAIL_NAME;
+ case NID_pkcs9_contentType: return ASN_CONTENT_TYPE;
case NID_serialNumber: return ASN_SERIAL_NUMBER;
case NID_userId: return ASN_USER_ID;
case NID_businessCategory: return ASN_BUS_CAT;
@@ -10618,6 +10763,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
case MBSTRING_UTF8:
type = CTC_UTF8;
break;
+ case MBSTRING_ASC:
case V_ASN1_PRINTABLESTRING:
type = CTC_PRINTABLE;
break;
@@ -10727,8 +10873,8 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
goto cleanup;
}
- if (!(tmp = wolfSSL_X509_NAME_new())) {
- WOLFSSL_MSG("wolfSSL_X509_NAME_new error");
+ if (!(tmp = wolfSSL_X509_NAME_new_ex(cert->heap))) {
+ WOLFSSL_MSG("wolfSSL_X509_NAME_new_ex error");
goto cleanup;
}
@@ -12434,7 +12580,7 @@ WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
for (i = 0; i < num; i++) {
name = wolfSSL_X509_NAME_dup(wolfSSL_sk_X509_NAME_value(sk, i));
- if (name == NULL || 0 != wolfSSL_sk_X509_NAME_push(copy, name)) {
+ if (name == NULL || WOLFSSL_SUCCESS != wolfSSL_sk_X509_NAME_push(copy, name)) {
WOLFSSL_MSG("Memory error");
wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free);
return NULL;
@@ -12506,6 +12652,10 @@ static int get_dn_attr_by_nid(int n, const char** buf)
str = "ST";
len = 2;
break;
+ case NID_streetAddress:
+ str = "street";
+ len = 6;
+ break;
case NID_organizationName:
str = "O";
len = 1;
@@ -12514,6 +12664,10 @@ static int get_dn_attr_by_nid(int n, const char** buf)
str = "OU";
len = 2;
break;
+ case NID_postalCode:
+ str = "postalCode";
+ len = 10;
+ break;
case NID_emailAddress:
str = "emailAddress";
len = 12;
@@ -12542,6 +12696,14 @@ static int get_dn_attr_by_nid(int n, const char** buf)
str = "DC";
len = 2;
break;
+ case NID_pkcs9_contentType:
+ str = "contentType";
+ len = 11;
+ break;
+ case NID_userId:
+ str = "UID";
+ len = 3;
+ break;
default:
WOLFSSL_MSG("Attribute type not found");
str = NULL;
@@ -12695,6 +12857,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
>= tmpSz)
{
WOLFSSL_MSG("buffer overrun");
+ XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
@@ -12705,6 +12868,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
>= tmpSz)
{
WOLFSSL_MSG("buffer overrun");
+ XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
tmpSz = len + nameStrSz + 1; /* 1 for '=' */
@@ -13490,7 +13654,7 @@ int wolfSSL_X509_set_notBefore(WOLFSSL_X509* x509, const WOLFSSL_ASN1_TIME* t)
int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, WOLFSSL_ASN1_INTEGER* s)
{
WOLFSSL_ENTER("wolfSSL_X509_set_serialNumber");
- if (!x509 || !s || s->length >= EXTERNAL_SERIAL_SIZE)
+ if (x509 == NULL || s == NULL || s->length >= EXTERNAL_SERIAL_SIZE)
return WOLFSSL_FAILURE;
/* WOLFSSL_ASN1_INTEGER has type | size | data
@@ -13970,6 +14134,10 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
}
}
ret = wolfSSL_sk_push(req->reqAttributes, attr);
+ if ((ret != WOLFSSL_SUCCESS) || (req->reqAttributes->type == STACK_TYPE_CIPHER)) {
+ /* CIPHER type makes a copy */
+ wolfSSL_X509_ATTRIBUTE_free(attr);
+ }
}
return ret;
diff --git a/extra/wolfssl/wolfssl/src/x509_str.c b/extra/wolfssl/wolfssl/src/x509_str.c
index 4ba0ce69..b0b365bc 100644
--- a/extra/wolfssl/wolfssl/src/x509_str.c
+++ b/extra/wolfssl/wolfssl/src/x509_str.c
@@ -84,16 +84,40 @@ int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
#endif
ctx->chain = sk;
- /* Add intermediate certificates from stack to store */
- while (sk != NULL) {
- WOLFSSL_X509* x509_cert = sk->data.x509;
- if (x509_cert != NULL && x509_cert->isCa) {
- ret = wolfSSL_X509_STORE_add_cert(store, x509_cert);
- if (ret < 0) {
- return WOLFSSL_FAILURE;
+ /* Add intermediate certs, that verify to a loaded CA, to the store */
+ if (sk != NULL) {
+ byte addedAtLeastOne = 1;
+ WOLF_STACK_OF(WOLFSSL_X509)* head = wolfSSL_shallow_sk_dup(sk);
+ if (head == NULL)
+ return WOLFSSL_FAILURE;
+ while (addedAtLeastOne) {
+ WOLF_STACK_OF(WOLFSSL_X509)* cur = head;
+ WOLF_STACK_OF(WOLFSSL_X509)** prev = &head;
+ addedAtLeastOne = 0;
+ while (cur) {
+ WOLFSSL_X509* cert = cur->data.x509;
+ if (cert != NULL && cert->derCert != NULL &&
+ wolfSSL_CertManagerVerifyBuffer(store->cm,
+ cert->derCert->buffer,
+ cert->derCert->length,
+ WOLFSSL_FILETYPE_ASN1) == WOLFSSL_SUCCESS) {
+ ret = wolfSSL_X509_STORE_add_cert(store, cert);
+ if (ret < 0) {
+ wolfSSL_sk_free(head);
+ return WOLFSSL_FAILURE;
+ }
+ addedAtLeastOne = 1;
+ *prev = cur->next;
+ wolfSSL_sk_free_node(cur);
+ cur = *prev;
+ }
+ else {
+ prev = &cur->next;
+ cur = cur->next;
+ }
}
}
- sk = sk->next;
+ wolfSSL_sk_free(head);
}
ctx->sesChain = NULL;
@@ -140,7 +164,9 @@ void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX* ctx)
}
}
-
+/* Its recommended to use a full free -> init cycle of all the objects
+ * because wolfSSL_X509_STORE_CTX_init may modify the store too which doesn't
+ * get reset here. */
void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX* ctx)
{
if (ctx != NULL) {
@@ -168,9 +194,9 @@ int GetX509Error(int e)
{
switch (e) {
case ASN_BEFORE_DATE_E:
- return WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+ return WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID;
case ASN_AFTER_DATE_E:
- return WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+ return WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED;
case ASN_NO_SIGNER_E: /* get issuer error if no CA found locally */
return WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
case ASN_SELF_SIGNED_E:
@@ -183,6 +209,11 @@ int GetX509Error(int e)
case ASN_SIG_HASH_E:
case ASN_SIG_KEY_E:
return WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE;
+ case CRL_CERT_REVOKED:
+ return WOLFSSL_X509_V_ERR_CERT_REVOKED;
+ case 0:
+ case 1:
+ return 0;
default:
#ifdef HAVE_WOLFSSL_MSG_EX
WOLFSSL_MSG_EX("Error not configured or implemented yet: %d", e);
@@ -193,6 +224,19 @@ int GetX509Error(int e)
}
}
+static void SetupStoreCtxError(WOLFSSL_X509_STORE_CTX* ctx, int ret)
+{
+ int depth = 0;
+ int error = GetX509Error(ret);
+
+ /* Set error depth */
+ if (ctx->chain)
+ depth = (int)ctx->chain->num;
+
+ wolfSSL_X509_STORE_CTX_set_error(ctx, error);
+ wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth);
+}
+
/* Verifies certificate chain using WOLFSSL_X509_STORE_CTX
* returns 0 on success or < 0 on failure.
*/
@@ -202,66 +246,39 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
if (ctx != NULL && ctx->store != NULL && ctx->store->cm != NULL
&& ctx->current_cert != NULL && ctx->current_cert->derCert != NULL) {
- int ret = 0;
- int depth = 0;
- int error;
- #ifndef NO_ASN_TIME
- byte *afterDate, *beforeDate;
- #endif
-
- ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
+ int ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
ctx->current_cert->derCert->buffer,
ctx->current_cert->derCert->length,
WOLFSSL_FILETYPE_ASN1);
- /* If there was an error, process it and add it to CTX */
- if (ret < 0) {
- /* Get corresponding X509 error */
- error = GetX509Error(ret);
- /* Set error depth */
- if (ctx->chain)
- depth = (int)ctx->chain->num;
-
- wolfSSL_X509_STORE_CTX_set_error(ctx, error);
- wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth);
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
- if (ctx->store && ctx->store->verify_cb)
- ctx->store->verify_cb(0, ctx);
- #endif
- }
+ SetupStoreCtxError(ctx, ret);
#ifndef NO_ASN_TIME
- error = 0;
- /* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or
- ASN_BEFORE_DATE_E if there are no additional errors found in the
- cert. Therefore, check if the cert is expired or not yet valid
- in order to return the correct expected error. */
- afterDate = ctx->current_cert->notAfter.data;
- beforeDate = ctx->current_cert->notBefore.data;
-
- if (XVALIDATE_DATE(afterDate, (byte)ctx->current_cert->notAfter.type,
- AFTER) < 1) {
- error = WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED;
- }
- else if (XVALIDATE_DATE(beforeDate,
- (byte)ctx->current_cert->notBefore.type, BEFORE) < 1) {
- error = WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID;
+ if (ret != ASN_BEFORE_DATE_E && ret != ASN_AFTER_DATE_E) {
+ /* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or
+ ASN_BEFORE_DATE_E if there are no additional errors found in the
+ cert. Therefore, check if the cert is expired or not yet valid
+ in order to return the correct expected error. */
+ byte *afterDate = ctx->current_cert->notAfter.data;
+ byte *beforeDate = ctx->current_cert->notBefore.data;
+
+ if (XVALIDATE_DATE(afterDate,
+ (byte)ctx->current_cert->notAfter.type, AFTER) < 1) {
+ ret = ASN_AFTER_DATE_E;
+ }
+ else if (XVALIDATE_DATE(beforeDate,
+ (byte)ctx->current_cert->notBefore.type, BEFORE) < 1) {
+ ret = ASN_BEFORE_DATE_E;
+ }
+ SetupStoreCtxError(ctx, ret);
}
+ #endif
- if (error != 0 ) {
- wolfSSL_X509_STORE_CTX_set_error(ctx, error);
- wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth);
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
- if (ctx->store && ctx->store->verify_cb)
- ctx->store->verify_cb(0, ctx);
- #endif
- }
+ #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+ if (ctx->store && ctx->store->verify_cb)
+ ret = ctx->store->verify_cb(ret >= 0 ? 1 : 0, ctx) == 1 ? 0 : -1;
#endif
- /* OpenSSL returns 0 when a chain can't be built */
- if (ret == ASN_NO_SIGNER_E)
- return WOLFSSL_FAILURE;
- else
- return ret;
+ return ret >= 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
}
return WOLFSSL_FATAL_ERROR;
}
@@ -980,7 +997,11 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag)
if ((flag & WOLFSSL_CRL_CHECKALL) || (flag & WOLFSSL_CRL_CHECK)) {
ret = wolfSSL_CertManagerEnableCRL(store->cm, (int)flag);
}
-
+#if defined(OPENSSL_COMPATIBLE_DEFAULTS)
+ else if (flag == 0) {
+ ret = wolfSSL_CertManagerDisableCRL(store->cm);
+ }
+#endif
return ret;
}
@@ -1023,7 +1044,11 @@ WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str,
#ifdef HAVE_CRL
if (str->cm->crl == NULL) {
- if (wolfSSL_CertManagerEnableCRL(str->cm, 0) != WOLFSSL_SUCCESS) {
+ /* Workaround to allocate the internals to load CRL's but don't enable
+ * CRL checking by default */
+ if (wolfSSL_CertManagerEnableCRL(str->cm, WOLFSSL_CRL_CHECK)
+ != WOLFSSL_SUCCESS ||
+ wolfSSL_CertManagerDisableCRL(str->cm) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Enable CRL failed");
wolfSSL_CTX_free(ctx);
return WOLFSSL_FAILURE;
diff --git a/extra/wolfssl/wolfssl/sslSniffer/README.md b/extra/wolfssl/wolfssl/sslSniffer/README.md
index 22582f28..27a6f527 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/README.md
+++ b/extra/wolfssl/wolfssl/sslSniffer/README.md
@@ -39,13 +39,17 @@ The STARTTLS option allows the sniffer to receive and ignore plaintext before re
`./configure --enable-sniffer CPPFLAGS=-DSTARTTLS_ALLOWED`
+The SSL Keylog file option enables the sniffer to decrypt TLS traffic using the master secret obtained from a [NSS keylog file](https://web.archive.org/web/20220531072242/https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html). This allows the sniffer to decrypt all TLS traffic, even for TLS connections using ephemeral cipher suites. Keylog file sniffing is supported for TLS versions 1.2 and 1.3. WolfSSL can be configured to export a keylog file using the `--enable-keylog-export` configure option, independently from the sniffer feature (NOTE: never do this in a production environment, as it is inherently insecure). To enable sniffer support for keylog files, use the following configure command line and build as before:
+
+`./configure --enable-sniffer CPPFLAGS=-DWOLFSSL_SNIFFER_KEYLOGFILE`
+
All options may be enabled with the following configure command line:
```sh
./configure --enable-sniffer \
CPPFLAGS="-DWOLFSSL_SNIFFER_STATS -DWOLFSSL_SNIFFER_WATCH \
-DWOLFSSL_SNIFFER_STORE_DATA_CB -DWOLFSSL_SNIFFER_CHAIN_INPUT \
- -DSTARTTLS_ALLOWED"
+ -DSTARTTLS_ALLOWED -DWOLFSSL_SNIFFER_KEYLOGFILE"
```
To add some other cipher support to the sniffer, you can add options like:
@@ -88,7 +92,11 @@ To build with OCTEON III support for a Linux host:
## Command Line Options
-The wolfSSL sniffer includes a test application `snifftest` in the `sslSniffer/sslSnifferTest/` directory. The command line application has several options that can be passed in at runtime to change the default behavior of the application. To execute a “live†sniff just run the application without any parameters and then pick an interface to sniff on followed by the port.
+The wolfSSL sniffer includes a test application `snifftest` in the `sslSniffer/sslSnifferTest/` directory. The command line application has two sniffing modes: "live" mode and "offline" mode. In "live" mode, the application will prompt the user for network information and other parameters and then actively sniff real network traffic on an interface. In "offline" mode, the user provides the application with a pcap file and other network information via command line arguments, and the sniffer
+will then decrypt the relevant TLS traffic captured in the pcap file.
+
+### Live Sniff Mode
+To execute a “live†sniff just run the application without any parameters and then pick an interface to sniff on followed by the port.
An example startup may look like this:
@@ -116,41 +124,50 @@ The above example sniffs on the localhost interface (lo0) with the default wolfS
Trace output will be written to a file named `tracefile.txt`.
-To decode a previously saved pcap file you will need to enter a few parameters.
+### Offline Sniff Mode
+
+Offline mode allows traffic to be decoded from a previously saved pcap file. To run the sniffer in offline mode, you will need to provide the application with some command line arguments, some of which are mandatory and some of which are optional
-The following table lists the accepted inputs in saved file mode.
+The following table lists the accepted inputs in offline mode.
Synopsis:
-`snifftest dumpFile pemKey [server] [port] [password] [threads]`
+`snifftest -pcap pcap_arg -key key_arg [-password password_arg] [-server server_arg] [-port port_arg] [-keylogfile keylogfile_arg] [-threads threads_arg]`
`snifftest` Options Summary:
```
-Option Description Default Value
-dumpFile A previously saved pcap file NA
-pemKey The server’s private key in PEM format NA
-server The server’s IP address (v4 or v6) 127.0.0.1
-port The server port to sniff 443
-password Private Key Password if required NA
-threads The number of threads to run with 5
+Option Description Default Value Mandatory
+pcap_arg A previously saved pcap file NA Y
+key_arg The server’s private key in PEM format NA Y
+password_arg Private Key Password if required NA N
+server_arg The server’s IP address (v4 or v6) 127.0.0.1 N
+port_arg The server port to sniff 443 N
+threads The number of threads to run with 5 N
+keylogfile_arg Keylog file containing decryption secrets NA N
```
To decode a pcap file named test.pcap with a server key file called myKey.pem that was generated on the localhost with a server at port 443 just use:
-`./snifftest test.pcap myKey.pem`
+`./snifftest -pcap test.pcap -key myKey.pem`
If the server was on 10.0.1.2 and on port 12345 you could instead use:
-`./snifftest test.pcap myKey.pem 10.0.1.2 12345`
+`./snifftest -pcap test.pcap -key myKey.pem -server 10.0.1.2 -port 12345`
If the server was on localhost using IPv6 and on port 12345 you could instead use:
-`./snifftest test.pcap myKey.pem ::1 12345`
+`./snifftest -pcap test.pcap -key myKey.pem -server ::1 -port 12345`
If you wanted to use 15 threads to decode `test.pcap` and your key does not require a password, you could use a dummy password and run:
-`./snifftest test.pcap myKey.pem 10.0.1.2 12345 pass 15`
+`./snifftest -pcap test.pcap -key myKey.pem -server 10.0.1.2 -port 12345 -password pass -threads 15`
+
+If the server exported its secrets in a [NSS keylog file](https://web.archive.org/web/20220531072242/https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html)
+named "sslkeylog.log", you could decrypt the traffic using:
+
+`./snifftest -pcap test.pcap -key myKey.pem -server 10.0.1.2 -port 12345 -keylogfile /path/to/sslkeylog.log`
+
## API Usage
@@ -164,7 +181,7 @@ Use the include `#include <wolfssl/sniffer.h>`.
void ssl_InitSniffer(void);
```
-Initializes the wolfSSL sniffer for use and should be called once per application.
+Initializes the wolfSSL sniffer for use and should be called once per application.
### ssl_FreeSniffer
@@ -285,8 +302,8 @@ Return Values:
### ssl_SetEphemeralKey
```c
-int ssl_SetEphemeralKey(const char* address, int port,
- const char* keyFile, int typeKey,
+int ssl_SetEphemeralKey(const char* address, int port,
+ const char* keyFile, int typeKey,
const char* password, char* error)
```
Creates a sniffer session based on the `serverAddress` and `port` inputs using ECC or DH static ephemeral key.
@@ -300,6 +317,35 @@ Return Values:
* 0 on success
* -1 if a problem occurred, the string error will hold a message describing the problem
+### ssl_LoadSecretsFromKeyLogFile
+
+```c
+int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile, char* error)
+```
+
+Loads secrets to decrypt TLS traffic from a keylog file. Only sniffer servers registered with `ssl_createKeyLogSnifferServer()` will be able to decrypt using these secrets
+
+This function requires that sniffer keylog file support (`WOLFSSL_SNIFFER_KEYLOGFILE`) is enabled in the build. Keylog file sniffing is supported for TLS versions 1.2 and 1.3.
+
+Return Values:
+* 0 on success
+* -1 if a problem occurred, the string error will hold a message describing the problem
+
+### ssl_CreateKeyLogSnifferServer
+
+```c
+int ssl_CreateKeyLogSnifferServer(const char* address, int port, char* error)
+```
+
+Creates a sniffer session based on `serverAddress` and `port`, and uses secrets obtained from a keylog file to decrypt traffic. Keylog files should be loaded using `ssl_LoadSecretsFromKeyLogFile()`.
+
+This function requires that sniffer keylog file support (`WOLFSSL_SNIFFER_KEYLOGFILE`) is enabled in the build. Keylog file sniffing is supported for TLS versions 1.2 and 1.3.
+
+Return Values:
+* 0 on success
+* -1 if a problem occurred, the string error will hold a message describing the problem
+
+
### ssl_DecodePacket
```c
@@ -525,7 +571,7 @@ Return Values:
### ssl_SetWatchKey_buffer
```c
-int ssl_SetWatchKey_buffer(void* vSniffer, const unsigned char* key,
+int ssl_SetWatchKey_buffer(void* vSniffer, const unsigned char* key,
unsigned int keySz, int keyType, char* error);
```
@@ -633,7 +679,7 @@ Remember to always start the sniffing application before the server. This is im
### Cipher Suite Limitations
-As a passive sniffer the wolfSSL sniffer will not be able to decode any SSL session that uses DHE (Ephemeral Diffie-Hellman) because it will not have access to the temporary key that the server generates. You may need to disable DHE cipher suites on the server and/or client to prevent these cipher suites from being used.
+As a passive sniffer the wolfSSL sniffer will not be able to decode any SSL session that uses DHE (Ephemeral Diffie-Hellman) because it will not have access to the temporary key that the server generates. You may need to disable DHE cipher suites on the server and/or client to prevent these cipher suites from being used. The notable exception to this is if the sniffer session uses the keylog file feature, in which case any session using TLS 1.2 or 1.3 can be decoded.
### Thread Safety
diff --git a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj
index f5d4053c..598b1522 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj
+++ b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../;../IDE/WIN"
- PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -118,7 +118,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../;../IDE/WIN"
- PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj
index 75c7bf2a..7395cac1 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj
+++ b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj
@@ -89,7 +89,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -109,7 +109,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -128,7 +128,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -150,7 +150,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c b/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
index d3ba59d6..64053ec9 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
+++ b/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
@@ -76,7 +76,7 @@ int main(void)
#include <signal.h> /* signal */
#include <ctype.h> /* isprint */
-#include <cyassl/sniffer.h>
+#include <wolfssl/sniffer.h>
#ifndef _WIN32
@@ -144,6 +144,8 @@ enum {
#endif
#endif
+#define DEFAULT_SERVER_IP "127.0.0.1"
+#define DEFAULT_SERVER_PORT (443)
#ifdef WOLFSSL_SNIFFER_WATCH
static const byte rsaHash[] = {
@@ -470,20 +472,12 @@ static void show_appinfo(void)
#ifdef WOLFSSL_STATIC_DH
"dh_static "
#endif
+ #ifdef WOLFSSL_SNIFFER_KEYLOGFILE
+ "ssl_keylog_file "
+ #endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
"\n\n"
);
}
-static void show_usage(void)
-{
- printf("usage:\n");
- printf("\t./snifftest\n");
- printf("\t\tprompts for options\n");
-#ifdef THREADED_SNIFFTEST
- printf("\t./snifftest dump pemKey [server] [port] [password] [threads]\n");
-#else
- printf("\t./snifftest dump pemKey [server] [port] [password]\n");
-#endif
-}
typedef struct SnifferPacket {
byte* packet;
@@ -955,7 +949,6 @@ int main(int argc, char** argv)
int ret = 0;
int hadBadPacket = 0;
int inum = 0;
- int port = 0;
int saveFile = 0;
int i = 0, defDev = 0;
int packetNumber = 0;
@@ -963,9 +956,13 @@ int main(int argc, char** argv)
char err[PCAP_ERRBUF_SIZE];
char filter[32];
const char *keyFilesSrc = NULL;
+#ifdef WOLFSSL_SNIFFER_KEYLOGFILE
+ const char *sslKeyLogFile = NULL;
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
char keyFilesBuf[MAX_FILENAME_SZ];
char keyFilesUser[MAX_FILENAME_SZ];
- const char *server = NULL;
+ const char *server = DEFAULT_SERVER_IP;
+ int port = DEFAULT_SERVER_PORT;
const char *sniName = NULL;
const char *passwd = NULL;
pcap_if_t *d;
@@ -977,18 +974,13 @@ int main(int argc, char** argv)
workerThreadCount = 1;
#else
workerThreadCount = 5;
- if (argc >= 7)
- workerThreadCount = XATOI(argv[6]);
#endif
- SnifferWorker workers[workerThreadCount];
- int used[workerThreadCount];
#endif
show_appinfo();
signal(SIGINT, sig_handler);
-
#ifndef THREADED_SNIFFTEST
#ifndef _WIN32
ssl_InitSniffer(); /* dll load on Windows */
@@ -1140,51 +1132,117 @@ int main(int argc, char** argv)
}
}
}
- else if (argc >= 3) {
- saveFile = 1;
- pcap = pcap_open_offline(argv[1], err);
- if (pcap == NULL) {
- printf("pcap_open_offline failed %s\n", err);
- ret = -1;
+ else {
+ char *pcapFile = NULL;
+
+ for (i = 1; i < argc; i++) {
+ if (strcmp(argv[i], "-pcap") == 0 && i + 1 < argc) {
+ pcapFile = argv[++i];
+ }
+ else if (strcmp(argv[i], "-key") == 0 && i + 1 < argc) {
+ keyFilesSrc = argv[++i];
+ }
+ else if (strcmp(argv[i], "-server") == 0 && i + 1 < argc) {
+ server = argv[++i];
+ }
+ else if (strcmp(argv[i], "-port") == 0 && i + 1 < argc) {
+ port = XATOI(argv[++i]);
+ }
+ else if (strcmp(argv[i], "-password") == 0 && i + 1 < argc) {
+ passwd = argv[++i];
+ }
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ else if (strcmp(argv[i], "-keylogfile") == 0 && i + 1 < argc) {
+ sslKeyLogFile = argv[++i];
+ }
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+#if defined(THREADED_SNIFFTEST)
+ else if (strcmp(argv[i], "-threads") == 0 && i + 1 < argc) {
+ workerThreadCount = XATOI(argv[++i]);
+ }
+#endif /* THREADED_SNIFFTEST */
+ else {
+ fprintf(stderr, "Invalid option or missing argument: %s\n", argv[i]);
+ fprintf(stderr, "Usage: %s -pcap pcap_arg -key key_arg"
+ " [-password password_arg] [-server server_arg] [-port port_arg]"
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ " [-keylogfile keylogfile_arg]"
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+#if defined(THREADED_SNIFFTEST)
+ " [-threads threads_arg]"
+#endif /* THREADED_SNIFFTEST */
+ "\n", argv[0]);
+ exit(EXIT_FAILURE);
+ }
}
- else {
- /* defaults for server and port */
- port = 443;
- server = "127.0.0.1";
- keyFilesSrc = argv[2];
- if (argc >= 4)
- server = argv[3];
+ if (!pcapFile) {
+ fprintf(stderr, "Error: -pcap option is required.\n");
+ exit(EXIT_FAILURE);
+ }
- if (argc >= 5)
- port = XATOI(argv[4]);
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ /* If we offer keylog support, then user must provide EITHER a pubkey
+ * OR a keylog file but NOT both */
+ if ((!keyFilesSrc && !sslKeyLogFile) || (keyFilesSrc && sslKeyLogFile)) {
+ fprintf(stderr, "Error: either -key OR -keylogfile option required but NOT both.\n");
+ exit(EXIT_FAILURE);
+ }
+#else
+ if (!keyFilesSrc) {
+ fprintf(stderr, "Error: -key option is required.\n");
+ exit(EXIT_FAILURE);
+ }
+#endif
- if (argc >= 6)
- passwd = argv[5];
+ saveFile = 1;
+ pcap = pcap_open_offline(pcapFile , err);
+ if (pcap == NULL) {
+ fprintf(stderr, "pcap_open_offline failed %s\n", err);
+ err_sys(err);
+ }
+ else {
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ if (sslKeyLogFile != NULL) {
+ ret = ssl_LoadSecretsFromKeyLogFile(sslKeyLogFile, err);
+ if (ret != 0) {
+ fprintf(stderr, "ERROR=%d, unable to load secrets from keylog file\n",ret);
+ err_sys(err);
+ }
- ret = load_key(NULL, server, port, keyFilesSrc, passwd, err);
- if (ret != 0) {
- exit(EXIT_FAILURE);
+ ret = ssl_CreateKeyLogSnifferServer(server, port, err);
+ if (ret != 0) {
+ fprintf(stderr, "ERROR=%d, unable to create keylog sniffer server\n",ret);
+ err_sys(err);
+ }
+ }
+ else
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+ {
+ ret = load_key(NULL, server, port, keyFilesSrc, passwd, err);
+ if (ret != 0) {
+ fprintf(stderr, "Failed to load key\n");
+ err_sys(err);
+ }
}
+
/* Only let through TCP/IP packets */
ret = pcap_compile(pcap, &pcap_fp, "(ip6 or ip) and tcp", 0, 0);
if (ret != 0) {
- printf("pcap_compile failed %s\n", pcap_geterr(pcap));
+ fprintf(stderr, "pcap_compile failed %s\n", pcap_geterr(pcap));
exit(EXIT_FAILURE);
}
ret = pcap_setfilter(pcap, &pcap_fp);
if (ret != 0) {
- printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
+ fprintf(stderr, "pcap_setfilter failed %s\n", pcap_geterr(pcap));
exit(EXIT_FAILURE);
}
+
+
}
}
- else {
- show_usage();
- exit(EXIT_FAILURE);
- }
if (ret != 0)
err_sys(err);
@@ -1193,6 +1251,9 @@ int main(int argc, char** argv)
frame = NULL_IF_FRAME_LEN;
#ifdef THREADED_SNIFFTEST
+ SnifferWorker workers[workerThreadCount];
+ int used[workerThreadCount];
+
XMEMSET(used, 0, sizeof(used));
XMEMSET(&workers, 0, sizeof(workers));
diff --git a/extra/wolfssl/wolfssl/tests/api.c b/extra/wolfssl/wolfssl/tests/api.c
index 73b0dd00..19cca234 100644
--- a/extra/wolfssl/wolfssl/tests/api.c
+++ b/extra/wolfssl/wolfssl/tests/api.c
@@ -47,6 +47,20 @@
#endif
#if defined(WOLFSSL_STATIC_MEMORY)
#include <wolfssl/wolfcrypt/memory.h>
+
+#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
+ #if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \
+ defined(SESSION_CERTS)
+ #ifdef OPENSSL_EXTRA
+ #define TEST_TLS_STATIC_MEMSZ (400000)
+ #else
+ #define TEST_TLS_STATIC_MEMSZ (320000)
+ #endif
+ #else
+ #define TEST_TLS_STATIC_MEMSZ (80000)
+ #endif
+#endif
+
#endif /* WOLFSSL_STATIC_MEMORY */
#ifndef HEAP_HINT
#define HEAP_HINT NULL
@@ -123,6 +137,9 @@
#if !defined(DER_SZ)
#define DER_SZ(ks) ((ks) * 2 + 1)
#endif
+ #ifdef WOLFSSL_SM2
+ #include <wolfssl/wolfcrypt/sm2.h>
+ #endif
#endif
#ifndef NO_ASN
#include <wolfssl/wolfcrypt/asn_public.h>
@@ -159,12 +176,19 @@
#endif
#endif
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
#ifdef HAVE_AES_DECRYPT
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#endif
#endif
+#ifdef WOLFSSL_SM4
+ #include <wolfssl/wolfcrypt/sm4.h>
+#endif
#ifdef WOLFSSL_RIPEMD
#include <wolfssl/wolfcrypt/ripemd.h>
#endif
@@ -319,6 +343,9 @@
#ifndef NO_DES3
#include <wolfssl/openssl/des.h>
#endif
+#ifndef NO_RC4
+ #include <wolfssl/openssl/rc4.h>
+#endif
#ifdef HAVE_ECC
#include <wolfssl/openssl/ecdsa.h>
#endif
@@ -342,7 +369,8 @@
defined(HAVE_SESSION_TICKET) || (defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)) || \
defined(WOLFSSL_TEST_STATIC_BUILD) || defined(WOLFSSL_DTLS) || \
- defined(HAVE_ECH) || defined(HAVE_EX_DATA)
+ defined(HAVE_ECH) || defined(HAVE_EX_DATA) || !defined(NO_SESSION_CACHE) \
+ || !defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)
/* for testing SSL_get_peer_cert_chain, or SESSION_TICKET_HINT_DEFAULT,
* for setting authKeyIdSrc in WOLFSSL_X509, or testing DTLS sequence
* number tracking */
@@ -358,6 +386,15 @@
#endif
#include <wolfssl/certs_test.h>
+#include "tests/utils.h"
+
+/* include misc.c here regardless of NO_INLINE, because misc.c implementations
+ * have default (hidden) visibility, and in the absence of visibility, it's
+ * benign to mask out the library implementation.
+ */
+#define WOLFSSL_MISC_INCLUDED
+#include <wolfcrypt/src/misc.c>
+
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
@@ -401,6 +438,7 @@ typedef struct testVector {
typedef int (*ctx_cb)(WOLFSSL_CTX* ctx);
typedef int (*ssl_cb)(WOLFSSL* ssl);
typedef int (*test_cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
+typedef int (*hs_cb)(WOLFSSL_CTX **ctx, WOLFSSL **ssl);
typedef struct test_ssl_cbf {
method_provider method;
@@ -408,6 +446,7 @@ typedef struct test_ssl_cbf {
ssl_cb ssl_ready;
ssl_cb on_result;
ssl_cb on_cleanup;
+ hs_cb on_handshake;
WOLFSSL_CTX* ctx;
const char* caPemFile;
const char* certPemFile;
@@ -454,6 +493,12 @@ typedef struct test_ssl_memio_ctx {
int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
test_ssl_cbf* server_cb, test_cbType client_on_handshake);
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+const char* currentTestName;
+char tmpDirName[16];
+int tmpDirNameSet = 0;
+#endif
+
/*----------------------------------------------------------------------------*
| Constants
*----------------------------------------------------------------------------*/
@@ -592,23 +637,17 @@ static WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_fixed_mem(void)
static int test_wolfSSL_Init(void)
{
- int result;
-
- result = wolfSSL_Init();
-
- result = TEST_RES_CHECK(result == WOLFSSL_SUCCESS);
- return result;
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_Init(), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_Cleanup(void)
{
- int result;
-
- result = wolfSSL_Cleanup();
-
- result = TEST_RES_CHECK(result == WOLFSSL_SUCCESS);
- return result;
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_Cleanup(), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
}
@@ -617,23 +656,17 @@ static int test_wolfSSL_Cleanup(void)
*/
static int test_wolfCrypt_Init(void)
{
- int result;
-
- result = wolfCrypt_Init();
-
- result = TEST_RES_CHECK(result == 0);
- return result;
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfCrypt_Init(), 0);
+ return EXPECT_RESULT();
} /* END test_wolfCrypt_Init */
static int test_wolfCrypt_Cleanup(void)
{
- int result;
-
- result = wolfCrypt_Cleanup();
-
- result = TEST_RES_CHECK(result == 0);
- return result;
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfCrypt_Cleanup(), 0);
+ return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
@@ -641,9 +674,8 @@ static int test_wolfCrypt_Cleanup(void)
*----------------------------------------------------------------------------*/
static int test_fileAccess(void)
{
- int res = TEST_SKIPPED;
-#if defined(WOLFSSL_TEST_PLATFORMDEPEND) && !defined(NO_FILESYSTEM)
EXPECT_DECLS;
+#if defined(WOLFSSL_TEST_PLATFORMDEPEND) && !defined(NO_FILESYSTEM)
const char *fname[] = {
svrCertFile, svrKeyFile, caCertFile,
eccCertFile, eccKeyFile, eccRsaCertFile,
@@ -660,7 +692,7 @@ static int test_fileAccess(void)
int i;
ExpectTrue(XFOPEN("badfilename", "rb") == XBADFILE);
- for (i=0; fname[i] != NULL ; i++) {
+ for (i=0; EXPECT_SUCCESS() && fname[i] != NULL ; i++) {
ExpectTrue((f = XFOPEN(fname[i], "rb")) != XBADFILE);
XFCLOSE(f);
}
@@ -674,10 +706,8 @@ static int test_fileAccess(void)
ExpectIntEQ(XMEMCMP(server_cert_der_2048, buff, sz), 0);
XFREE(buff, NULL, DYNAMIC_TYPE_FILE);
XFCLOSE(f);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
@@ -989,11 +1019,10 @@ static int test_for_double_Free(void)
static int test_wolfSSL_CTX_set_cipher_list_bytes(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
- (!defined(NO_RSA) || defined(HAVE_ECC))
- EXPECT_DECLS;
+ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
const char* testCertFile;
const char* testKeyFile;
WOLFSSL_CTX* ctx = NULL;
@@ -1179,20 +1208,17 @@ static int test_wolfSSL_CTX_set_cipher_list_bytes(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* (OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES) &&
(!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) && (!NO_RSA || HAVE_ECC) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_certificate_file(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@@ -1217,31 +1243,26 @@ static int test_wolfSSL_CTX_use_certificate_file(void)
#endif
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
static int test_wolfSSL_CTX_use_certificate_ASN1(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN)
- WOLFSSL_CTX* ctx;
- int ret;
+ WOLFSSL_CTX* ctx = NULL;
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
- ret = SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048,
- server_cert_der_2048);
+ ExpectIntEQ(SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048,
+ server_cert_der_2048), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(ret == WOLFSSL_SUCCESS);
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */
@@ -1252,10 +1273,9 @@ static int test_wolfSSL_CTX_use_certificate_ASN1(void)
*/
static int test_wolfSSL_CTX_use_certificate_buffer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
int ret;
@@ -1266,18 +1286,15 @@ static int test_wolfSSL_CTX_use_certificate_buffer(void)
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
-} /*END test_wolfSSL_CTX_use_certificate_buffer*/
+} /* END test_wolfSSL_CTX_use_certificate_buffer */
static int test_wolfSSL_CTX_use_PrivateKey_file(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@@ -1303,21 +1320,18 @@ static int test_wolfSSL_CTX_use_PrivateKey_file(void)
#endif
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/* test both file and buffer versions along with unloading trusted peer certs */
static int test_wolfSSL_CTX_trust_peer_cert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(WOLFSSL_TRUST_PEER_CERT) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA)
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL* ssl = NULL;
@@ -1382,24 +1396,28 @@ static int test_wolfSSL_CTX_trust_peer_cert(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
-
static int test_wolfSSL_CTX_load_verify_locations(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = NULL;
#ifndef NO_RSA
WOLFSSL_CERT_MANAGER* cm = NULL;
#ifdef PERSIST_CERT_CACHE
- int cacheSz;
+ int cacheSz = 0;
+ unsigned char* cache = NULL;
+ int used = 0;
+#ifndef NO_FILESYSTEM
+ const char* cacheFile = "./tests/cert_cache.tmp";
+#endif
+ int i;
+ int t;
+ int* p;
#endif
#endif
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS)
@@ -1422,12 +1440,17 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
#if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) && \
- (defined(WOLFSSL_QT) && \
+ ((defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)) && \
!(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR))
/* invalid path */
ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile),
WS_RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE));
#endif
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
+ /* test ignoring the invalid path */
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, bogusFile,
+ WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR), WOLFSSL_SUCCESS);
+#endif
/* load ca cert */
#ifdef NO_RSA
@@ -1440,6 +1463,99 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
#ifdef PERSIST_CERT_CACHE
/* Get cert cache size */
ExpectIntGT(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), 0);
+
+ ExpectNotNull(cache = (byte*)XMALLOC(cacheSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, -1, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, -1, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, cacheSz, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, &used),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, cacheSz, &used),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, cacheSz, &used),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, -1, &used),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz - 10, &used),
+ BUFFER_E);
+ ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, &used), 1);
+ ExpectIntEQ(cacheSz, used);
+
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, -1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, -1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, -1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, cacheSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, cacheSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, cacheSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, -1),
+ BAD_FUNC_ARG);
+ /* Smaller than header. */
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, 1), BUFFER_E);
+ for (i = 1; i < cacheSz; i++) {
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz - i),
+ BUFFER_E);
+ }
+ if (EXPECT_SUCCESS()) {
+ /* Modify header for bad results! */
+ p = (int*)cache;
+ /* version */
+ t = p[0]; p[0] = 0xff;
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+ CACHE_MATCH_ERROR);
+ p[0] = t; p++;
+ /* rows */
+ t = p[0]; p[0] = 0xff;
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+ CACHE_MATCH_ERROR);
+ p[0] = t; p++;
+ /* columns[0] */
+ t = p[0]; p[0] = -1;
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+ PARSE_ERROR);
+ p[0] = t; p += CA_TABLE_SIZE;
+ /* signerSz*/
+ t = p[0]; p[0] = 0xff;
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+ CACHE_MATCH_ERROR);
+ p[0] = t;
+ }
+
+ ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), 1);
+ ExpectIntEQ(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), used);
+
+#ifndef NO_FILESYSTEM
+ ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, cacheFile), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, cacheFile), 1);
+
+ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, cacheFile), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "no-file"),
+ WOLFSSL_BAD_FILE);
+ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, cacheFile), 1);
+ /* File contents is not a cache. */
+ ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "./certs/ca-cert.pem"),
+ CACHE_MATCH_ERROR);
+#endif
+
+ XFREE(cache, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
/* Test unloading CA's */
ExpectIntEQ(wolfSSL_CTX_UnloadCAs(ctx), WOLFSSL_SUCCESS);
@@ -1504,11 +1620,9 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
#endif
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_system_CA_certs(void)
@@ -1578,7 +1692,8 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void)
}
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
-static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz, int file_type)
+static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz,
+ int file_type)
{
int ret;
WOLFSSL_CERT_MANAGER* cm;
@@ -1715,390 +1830,185 @@ static int test_cm_load_ca_file_ex(const char* ca_cert_file, word32 flags)
#endif /* !NO_FILESYSTEM && !NO_CERTS */
-static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
+static int test_wolfSSL_CertManagerAPI(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_OCSP) && !defined(NO_RSA)
-/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
- defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
- defined(HAVE_LIGHTY)
EXPECT_DECLS;
+#ifndef NO_CERTS
WOLFSSL_CERT_MANAGER* cm = NULL;
- /* Raw OCSP response bytes captured using the following setup:
- * - Run responder with
- * openssl ocsp -port 9999 -ndays 9999
- * -index certs/ocsp/index-intermediate1-ca-issued-certs.txt
- * -rsigner certs/ocsp/ocsp-responder-cert.pem
- * -rkey certs/ocsp/ocsp-responder-key.pem
- * -CA certs/ocsp/intermediate1-ca-cert.pem
- * - Run client with
- * openssl ocsp -host 127.0.0.1:9999 -respout resp.out
- * -issuer certs/ocsp/intermediate1-ca-cert.pem
- * -cert certs/ocsp/server1-cert.pem
- * -CAfile certs/ocsp/root-ca-cert.pem -noverify
- * - Copy raw response from Wireshark.
- */
- byte response[] = {
- 0x30, 0x82, 0x07, 0x40, 0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, 0x82, 0x07, 0x35, 0x06,
- 0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, 0x07, 0x26, 0x30, 0x82,
- 0x07, 0x22, 0x30, 0x82, 0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09,
- 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
- 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10,
- 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65,
- 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53,
- 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67,
- 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04,
- 0x03, 0x0c, 0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, 0x43, 0x53, 0x50, 0x20,
- 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a,
- 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77,
- 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31,
- 0x30, 0x35, 0x30, 0x33, 0x32, 0x31, 0x34, 0x37, 0x31, 0x30, 0x5a, 0x30, 0x64, 0x30, 0x62, 0x30,
- 0x3a, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x71, 0x4d,
- 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18,
- 0xda, 0x04, 0x04, 0x14, 0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2,
- 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, 0x00, 0x18, 0x0f, 0x32,
- 0x30, 0x32, 0x31, 0x30, 0x35, 0x30, 0x33, 0x32, 0x31, 0x34, 0x37, 0x31, 0x30, 0x5a, 0xa0, 0x11,
- 0x18, 0x0f, 0x32, 0x30, 0x34, 0x38, 0x30, 0x39, 0x31, 0x37, 0x32, 0x31, 0x34, 0x37, 0x31, 0x30,
- 0x5a, 0xa1, 0x23, 0x30, 0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
- 0x01, 0x02, 0x04, 0x12, 0x04, 0x10, 0x38, 0x31, 0x60, 0x99, 0xc8, 0x05, 0x09, 0x68, 0x1c, 0x33,
- 0x49, 0xea, 0x45, 0x26, 0x2f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
- 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x4d, 0x58, 0xcc, 0x69, 0x42, 0xe2,
- 0x9e, 0x64, 0xf6, 0x57, 0xce, 0xcb, 0x5f, 0x14, 0xaf, 0x08, 0x6c, 0xc1, 0x52, 0x7a, 0x40, 0x0a,
- 0xfd, 0xb6, 0xce, 0xbb, 0x40, 0xf4, 0xb9, 0xa5, 0x88, 0xc7, 0xf3, 0x42, 0x9f, 0xa9, 0x94, 0xbe,
- 0x6e, 0x7e, 0x09, 0x30, 0x9d, 0x0e, 0x10, 0x6f, 0x9c, 0xd9, 0x4c, 0x71, 0x81, 0x41, 0x64, 0x95,
- 0xf5, 0x85, 0x77, 0x94, 0x81, 0x61, 0x88, 0xc8, 0x0b, 0x50, 0xbb, 0x37, 0xc8, 0x86, 0x76, 0xd8,
- 0xa2, 0xed, 0x66, 0x34, 0xfb, 0xe4, 0xe7, 0x09, 0x8c, 0xf5, 0xb5, 0x85, 0xd0, 0x4b, 0xb5, 0xe6,
- 0x23, 0x62, 0xc3, 0xd0, 0xef, 0xf7, 0x42, 0x89, 0x02, 0x80, 0x64, 0xc9, 0xed, 0xdd, 0x7c, 0x8f,
- 0x0d, 0xe7, 0x43, 0x9b, 0x88, 0x1f, 0xb0, 0xfd, 0x24, 0x01, 0xc7, 0x55, 0xc3, 0x73, 0x12, 0x84,
- 0x09, 0x7c, 0x57, 0xa8, 0x5d, 0xab, 0x75, 0x29, 0x5c, 0x36, 0x97, 0x64, 0x40, 0x0b, 0x55, 0x34,
- 0x0a, 0x5d, 0xb1, 0x1b, 0x61, 0x1b, 0xdc, 0xe5, 0x89, 0xdd, 0x92, 0x62, 0x57, 0xa7, 0x52, 0xb4,
- 0x38, 0x9a, 0x48, 0xc8, 0x3a, 0x14, 0xde, 0x69, 0x42, 0xe9, 0x37, 0xa4, 0xe7, 0x2d, 0x00, 0xa7,
- 0x0b, 0x29, 0x18, 0xd5, 0xce, 0xd9, 0x0d, 0xdd, 0xfe, 0xae, 0x86, 0xb3, 0x32, 0x1c, 0xc9, 0x33,
- 0xb0, 0x2b, 0xb7, 0x3c, 0x0d, 0x43, 0xd8, 0x6c, 0xf2, 0xb7, 0xcd, 0x7b, 0xd5, 0x7d, 0xf0, 0xde,
- 0x34, 0x9f, 0x6d, 0x83, 0xb9, 0xd5, 0xed, 0xe3, 0xda, 0x96, 0x40, 0x9e, 0xd6, 0xa6, 0xfd, 0x70,
- 0x80, 0x70, 0x87, 0x61, 0x0f, 0xc5, 0x9f, 0x75, 0xfe, 0x11, 0x78, 0x34, 0xc9, 0x42, 0x16, 0x73,
- 0x46, 0x7b, 0x05, 0x53, 0x28, 0x43, 0xbe, 0xee, 0x88, 0x67, 0x1d, 0xcc, 0x74, 0xa7, 0xb6, 0x58,
- 0x7b, 0x29, 0x68, 0x40, 0xcf, 0xce, 0x7b, 0x19, 0x33, 0x68, 0xa0, 0x82, 0x04, 0xc6, 0x30, 0x82,
- 0x04, 0xc2, 0x30, 0x82, 0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
- 0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
- 0x00, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
- 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68,
- 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c,
- 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04,
- 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
- 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67,
- 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, 0x53,
- 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09,
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40,
- 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32,
- 0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x34, 0x5a, 0x17, 0x0d, 0x32, 0x33,
- 0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x34, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x0b,
- 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06,
- 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e,
- 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74,
- 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c,
- 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45,
- 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03,
- 0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, 0x43, 0x53,
- 0x50, 0x20, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, 0x1d, 0x06,
- 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f,
- 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22,
- 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03,
- 0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xb8, 0xba, 0x23,
- 0xb4, 0xf6, 0xc3, 0x7b, 0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, 0x1e, 0x63, 0xb9, 0x85,
- 0x23, 0x34, 0x50, 0x6d, 0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, 0x5c, 0x2d, 0xf7, 0x63,
- 0x88, 0xd1, 0x07, 0x7a, 0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, 0x22, 0xb4, 0x94, 0x41,
- 0x38, 0xe2, 0x9d, 0x74, 0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, 0xca, 0x3f, 0x46, 0x2b,
- 0xfe, 0xe5, 0x5a, 0x3f, 0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, 0xc3, 0xee, 0x42, 0xf8,
- 0x8d, 0xeb, 0x92, 0x95, 0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, 0x16, 0x80, 0x90, 0xce,
- 0x24, 0x35, 0x21, 0xc4, 0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, 0x0a, 0x5a, 0x4f, 0x4a,
- 0x73, 0x31, 0x50, 0xee, 0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, 0x87, 0xb1, 0x99, 0xe2,
- 0x10, 0xa7, 0x06, 0x72, 0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, 0x76, 0xf8, 0xe0, 0x4a,
- 0xec, 0xbc, 0x93, 0xf4, 0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, 0xb4, 0x90, 0x30, 0xbb,
- 0x17, 0xb0, 0xfe, 0x97, 0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, 0x19, 0x12, 0x3c, 0xab,
- 0x82, 0x71, 0x78, 0xff, 0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, 0x8c, 0x27, 0xac, 0x11,
- 0xb8, 0xd8, 0x43, 0x49, 0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, 0x24, 0x87, 0x17, 0x3b,
- 0xd8, 0x04, 0x65, 0x6c, 0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, 0x73, 0x68, 0x26, 0x14,
- 0x87, 0x95, 0xc3, 0x5f, 0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, 0x0a, 0x8b, 0x98, 0xf3,
- 0xe3, 0xff, 0x4e, 0x44, 0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, 0x39, 0x02, 0x03, 0x01,
- 0x00, 0x01, 0xa3, 0x82, 0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d,
- 0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
- 0x32, 0x67, 0xe1, 0xb1, 0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, 0x40, 0x50, 0xb5, 0x46,
- 0x56, 0xb8, 0x30, 0x36, 0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x81, 0xbc, 0x30,
- 0x81, 0xb9, 0x80, 0x14, 0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, 0x47, 0xa5, 0x38, 0xd7,
- 0xb0, 0x04, 0x82, 0x3a, 0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, 0x81, 0x9a, 0x30, 0x81,
- 0x97, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
- 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67,
- 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65,
- 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07,
- 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b,
- 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30,
- 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20,
- 0x72, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
- 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c,
- 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, 0x13, 0x06, 0x03, 0x55,
- 0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09,
- 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03,
- 0x82, 0x01, 0x01, 0x00, 0x07, 0xca, 0xa6, 0xa1, 0x9f, 0xbf, 0xaf, 0x92, 0x41, 0x35, 0x66, 0x51,
- 0xac, 0xbc, 0x2c, 0xec, 0xe7, 0x8d, 0x65, 0x7e, 0xe9, 0x40, 0xfe, 0x5a, 0xab, 0x8a, 0x1d, 0x3d,
- 0x13, 0xdb, 0xb4, 0x43, 0x2c, 0x9a, 0x36, 0x98, 0x21, 0xa5, 0xe8, 0xca, 0xa9, 0x4d, 0xfc, 0xe3,
- 0xf7, 0x45, 0x88, 0xcd, 0x33, 0xbf, 0x8a, 0x62, 0x10, 0x2f, 0xb2, 0xb7, 0x04, 0xef, 0x26, 0x43,
- 0x51, 0x1d, 0x43, 0x62, 0x7d, 0x1e, 0x50, 0xc8, 0xd5, 0x98, 0x94, 0x71, 0x8f, 0x3b, 0x23, 0x26,
- 0xf1, 0x71, 0x8e, 0x1e, 0x3d, 0x3f, 0x21, 0xfd, 0xb7, 0x2d, 0x65, 0xe4, 0x07, 0x65, 0xac, 0x3c,
- 0xfc, 0xc0, 0x47, 0xa9, 0x32, 0xf6, 0xda, 0x26, 0x93, 0x10, 0xb2, 0xd1, 0x6d, 0xc8, 0x81, 0x31,
- 0x7c, 0xb0, 0x6b, 0xc5, 0x22, 0x8d, 0xb3, 0xfa, 0xbe, 0x82, 0xea, 0x41, 0x42, 0xc4, 0xc0, 0xef,
- 0xe3, 0x84, 0x0f, 0x6f, 0x9a, 0x03, 0x63, 0xb3, 0x30, 0xe0, 0x31, 0x81, 0x2a, 0x16, 0xb3, 0x47,
- 0xd9, 0x5b, 0x38, 0x93, 0x07, 0xd0, 0x6e, 0x79, 0x52, 0x2c, 0xe5, 0x50, 0x84, 0x79, 0x10, 0xe7,
- 0xf6, 0x31, 0x7a, 0x3e, 0x48, 0xa2, 0x38, 0x21, 0x90, 0x7a, 0xf2, 0x5f, 0x48, 0xa4, 0x46, 0x93,
- 0x87, 0xdd, 0x5c, 0x83, 0x64, 0xea, 0xb5, 0x99, 0xa2, 0xe9, 0x01, 0x40, 0xfe, 0xf0, 0x48, 0x66,
- 0x4f, 0x96, 0xf7, 0x83, 0x52, 0xf8, 0x6d, 0xf8, 0x5f, 0xed, 0x0c, 0xbb, 0xbe, 0xd0, 0x69, 0x10,
- 0x4b, 0x99, 0x8f, 0xf8, 0x61, 0x53, 0x9d, 0x12, 0xca, 0x86, 0xaa, 0xb1, 0x80, 0xb4, 0xa6, 0xc1,
- 0xcb, 0xb7, 0x48, 0xf7, 0x9f, 0x55, 0xb4, 0x6e, 0xab, 0xd3, 0xa1, 0xaa, 0x4b, 0xa7, 0x21, 0x6e,
- 0x16, 0x7f, 0xad, 0xbb, 0xea, 0x0f, 0x41, 0x80, 0x9b, 0x7f, 0xd6, 0x46, 0xa2, 0xc0, 0x61, 0x72,
- 0x59, 0x59, 0xa0, 0x07
- };
- OcspEntry entry[1];
- CertStatus status[1];
- OcspRequest* request = NULL;
-
- byte serial[] = {0x05};
- byte issuerHash[] = {0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04};
- byte issuerKeyHash[] = {0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e};
-
-
- XMEMSET(entry, 0, sizeof(OcspEntry));
- XMEMSET(status, 0, sizeof(CertStatus));
-
- ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
- ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
- DYNAMIC_TYPE_OCSP_REQUEST));
-
- if ((request != NULL) && (request->serial != NULL)) {
- request->serialSz = sizeof(serial);
- XMEMCPY(request->serial, serial, sizeof(serial));
- XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
- XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash));
- }
+ unsigned char c;
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
- ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
- ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm,
- "./certs/ocsp/intermediate1-ca-cert.pem", NULL), WOLFSSL_SUCCESS);
-
- /* Response should be valid. */
- ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, response,
- sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
-
- /* Flip a byte in the request serial number, response should be invalid
- * now. */
- if ((request != NULL) && (request->serial != NULL))
- request->serial[0] ^= request->serial[0];
- ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, response,
- sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
-
-
- wolfSSL_OCSP_REQUEST_free(request);
- wolfSSL_CertManagerFree(cm);
-
- res = EXPECT_RESULT();
-#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
- * WOLFSSL_APACHE_HTTPD || HAVE_LIGHTY */
-#endif /* HAVE_OCSP */
- return res;
-}
-
-static int test_wolfSSL_CheckOCSPResponse(void)
-{
- int result = TEST_SKIPPED;
-#if defined(HAVE_OCSP) && !defined(NO_RSA) && defined(OPENSSL_ALL)
- EXPECT_DECLS;
- const char* responseFile = "./certs/ocsp/test-response.der";
- const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
- const char* responseNoInternFile =
- "./certs/ocsp/test-response-nointern.der";
- const char* caFile = "./certs/ocsp/root-ca-cert.pem";
- OcspResponse* res = NULL;
- byte data[4096];
- const unsigned char* pt;
- int dataSz = 0; /* initialize to mitigate spurious maybe-uninitialized from
- * gcc sanitizer with --enable-heapmath.
- */
- XFILE f = XBADFILE;
- WOLFSSL_OCSP_BASICRESP* bs = NULL;
- WOLFSSL_X509_STORE* st = NULL;
- WOLFSSL_X509* issuer = NULL;
-
-
- ExpectTrue((f = XFOPEN(responseFile, "rb")) != XBADFILE);
- ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
- XFCLOSE(f);
- f = XBADFILE;
-
- pt = data;
- ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
- ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
- SSL_FILETYPE_PEM));
- ExpectNotNull(st = wolfSSL_X509_STORE_new());
- ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
- ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
- ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS);
- wolfSSL_OCSP_BASICRESP_free(bs);
- bs = NULL;
- wolfSSL_OCSP_RESPONSE_free(res);
- res = NULL;
- wolfSSL_X509_STORE_free(st);
- st = NULL;
- wolfSSL_X509_free(issuer);
- issuer = NULL;
- /* check loading a response with optional certs */
- ExpectTrue((f = XFOPEN(responseNoInternFile, "rb")) != XBADFILE);
- ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
- if (f != XBADFILE)
- XFCLOSE(f);
- f = XBADFILE;
-
- pt = data;
- ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
- wolfSSL_OCSP_RESPONSE_free(res);
- res = NULL;
+ wolfSSL_CertManagerFree(NULL);
+ ExpectIntEQ(wolfSSL_CertManager_up_ref(NULL), 0);
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(NULL), BAD_FUNC_ARG);
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(NULL), BAD_FUNC_ARG);
+#endif
+
+ ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer_ex(NULL, &c, 1,
+ WOLFSSL_FILETYPE_ASN1, 0, 0), WOLFSSL_FATAL_ERROR);
+
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, 1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, 1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, 1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, 1, -1),
+ WOLFSSL_BAD_FILETYPE);
+#endif
- /* check loading a response with multiple certs */
+#if !defined(NO_FILESYSTEM)
{
- WOLFSSL_CERT_MANAGER* cm = NULL;
- OcspEntry *entry = NULL;
- CertStatus* status = NULL;
- OcspRequest* request = NULL;
-
- byte serial1[] = {0x01};
- byte serial[] = {0x02};
-
- byte issuerHash[] = {
- 0x44, 0xA8, 0xDB, 0xD1, 0xBC, 0x97, 0x0A, 0x83,
- 0x3B, 0x5B, 0x31, 0x9A, 0x4C, 0xB8, 0xD2, 0x52,
- 0x37, 0x15, 0x8A, 0x88
- };
- byte issuerKeyHash[] = {
- 0x73, 0xB0, 0x1C, 0xA4, 0x2F, 0x82, 0xCB, 0xCF,
- 0x47, 0xA5, 0x38, 0xD7, 0xB0, 0x04, 0x82, 0x3A,
- 0x7E, 0x72, 0x15, 0x21
- };
-
- ExpectNotNull(entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
- DYNAMIC_TYPE_OPENSSL));
-
- ExpectNotNull(status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
- DYNAMIC_TYPE_OPENSSL));
-
- if (entry != NULL)
- XMEMSET(entry, 0, sizeof(OcspEntry));
- if (status != NULL)
- XMEMSET(status, 0, sizeof(CertStatus));
-
- ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
- ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
- DYNAMIC_TYPE_OCSP_REQUEST));
-
- if (request != NULL && request->serial != NULL) {
- request->serialSz = sizeof(serial);
- XMEMCPY(request->serial, serial, sizeof(serial));
- XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
- XMEMCPY(request->issuerKeyHash, issuerKeyHash,
- sizeof(issuerKeyHash));
- }
-
- ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
- ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
- ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, caFile, NULL),
- WOLFSSL_SUCCESS);
-
- ExpectTrue((f = XFOPEN(responseMultiFile, "rb")) != XBADFILE);
- ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
- if (f != XBADFILE)
- XFCLOSE(f);
- f = XBADFILE;
+ const char* ca_cert = "./certs/ca-cert.pem";
+ #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+ const char* ca_cert_der = "./certs/ca-cert.der";
+ #endif
+ const char* ca_path = "./certs";
+
+ #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+ ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, NULL, -1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerify(cm, NULL, WOLFSSL_FILETYPE_ASN1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, ca_cert,
+ WOLFSSL_FILETYPE_PEM), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert, -1),
+ WOLFSSL_BAD_FILETYPE);
+ ExpectIntEQ(wolfSSL_CertManagerVerify(cm, "no-file",
+ WOLFSSL_FILETYPE_ASN1), WOLFSSL_BAD_FILE);
+ ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert_der,
+ WOLFSSL_FILETYPE_PEM), ASN_NO_PEM_HEADER);
+ #endif
- ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
- dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
- ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
- dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
- ExpectNotNull(entry->status);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, NULL),
+ WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, NULL),
+ WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, ca_path),
+ WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, ca_path),
+ WOLFSSL_FATAL_ERROR);
+ }
+#endif
- if (request != NULL && request->serial != NULL)
- XMEMCPY(request->serial, serial1, sizeof(serial1));
- ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
- dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
+#ifdef OPENSSL_COMPATIBLE_DEFAULTS
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), 1);
+#elif !defined(HAVE_CRL)
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), NOT_COMPILED_IN);
+#endif
- /* store both status's in the entry to check that "next" is not
- * overwritten */
- if (EXPECT_SUCCESS() && status != NULL && entry != NULL) {
- status->next = entry->status;
- entry->status = status;
- }
+ ExpectIntEQ(wolfSSL_CertManagerDisableCRL(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerDisableCRL(cm), 1);
+#ifdef HAVE_CRL
+ /* Test APIs when CRL is disabled. */
+#ifdef HAVE_CRL_IO
+ ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1);
+#endif
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
+ sizeof_server_cert_der_2048), 1);
+ ExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1);
+#endif
+
+ /* OCSP */
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(NULL), BAD_FUNC_ARG);
+#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
+ !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), NOT_COMPILED_IN);
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), NOT_COMPILED_IN);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), NOT_COMPILED_IN);
+#endif
+
+#ifdef HAVE_OCSP
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, -1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, -1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, -1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, -1), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, NULL, 0,
+ NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, NULL, 1,
+ NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, &c, 1,
+ NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, ""),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, NULL), 1);
- if (request != NULL && request->serial != NULL)
- XMEMCPY(request->serial, serial, sizeof(serial));
- ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
- dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
- ExpectNotNull(entry->status->next);
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(NULL, NULL, NULL, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(cm, NULL, NULL, NULL), 1);
- /* compare the status found */
- ExpectIntEQ(status->serialSz, entry->status->serialSz);
- ExpectIntEQ(XMEMCMP(status->serial, entry->status->serial,
- status->serialSz), 0);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(cm), 1);
+ /* Test APIs when OCSP is disabled. */
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, &c, 1,
+ NULL, NULL, NULL, NULL), 1);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, 1), 1);
- if (status != NULL && entry != NULL && entry->status != status) {
- XFREE(status, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- wolfSSL_OCSP_CERTID_free(entry);
- wolfSSL_OCSP_REQUEST_free(request);
- wolfSSL_CertManagerFree(cm);
- }
+#endif
-#if defined(WC_RSA_PSS)
- {
- const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der";
+ ExpectIntEQ(wolfSSL_CertManager_up_ref(cm), 1);
+ wolfSSL_CertManagerFree(cm);
+ wolfSSL_CertManagerFree(cm);
+ cm = NULL;
- /* check loading a response with RSA-PSS signature */
- ExpectTrue((f = XFOPEN(responsePssFile, "rb")) != XBADFILE);
- ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
- if (f != XBADFILE)
- XFCLOSE(f);
+ ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
- pt = data;
- ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+#ifdef HAVE_OCSP
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, WOLFSSL_OCSP_URL_OVERRIDE |
+ WOLFSSL_OCSP_CHECKALL), 1);
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+ defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), 1);
+ ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), 1);
+#endif
- /* try to verify the response */
- ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
- SSL_FILETYPE_PEM));
- ExpectNotNull(st = wolfSSL_X509_STORE_new());
- ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
- ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
- ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0),
- WOLFSSL_SUCCESS);
- wolfSSL_OCSP_BASICRESP_free(bs);
- wolfSSL_OCSP_RESPONSE_free(res);
- wolfSSL_X509_STORE_free(st);
- wolfSSL_X509_free(issuer);
- }
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1);
+ ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1);
#endif
- result = EXPECT_RESULT();
-#endif /* HAVE_OCSP */
- return result;
+#ifdef WOLFSSL_TRUST_PEER_CERT
+ ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(cm), 1);
+#endif
+ wolfSSL_CertManagerFree(cm);
+#endif
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerLoadCABuffer(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
int ret;
- ret = test_cm_load_ca_file(ca_cert);
+ ExpectIntLE(ret = test_cm_load_ca_file(ca_cert), 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
@@ -2107,33 +2017,31 @@ static int test_wolfSSL_CertManagerLoadCABuffer(void)
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
- ret = test_cm_load_ca_file(ca_expired_cert);
+ ExpectIntLE(ret = test_cm_load_ca_file(ca_expired_cert), 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
#elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \
- !defined(OPENSSL_COMPATIBLE_DEFAULTS) && !defined(NO_ASN_TIME)
+ !defined(NO_ASN_TIME)
ExpectIntEQ(ret, ASN_AFTER_DATE_E);
#else
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
- res = EXPECT_RESULT();
#endif
-
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerLoadCABuffer_ex(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
int ret;
- ret = test_cm_load_ca_file_ex(ca_cert, WOLFSSL_LOAD_FLAG_NONE);
+ ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_cert, WOLFSSL_LOAD_FLAG_NONE),
+ 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
@@ -2142,30 +2050,32 @@ static int test_wolfSSL_CertManagerLoadCABuffer_ex(void)
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
- ret = test_cm_load_ca_file_ex(ca_expired_cert,
- WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY);
+ ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_expired_cert,
+ WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), 1);
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
#elif defined(NO_RSA)
ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
+#elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \
+ !defined(NO_ASN_TIME) && defined(WOLFSSL_TRUST_PEER_CERT) && \
+ defined(OPENSSL_COMPATIBLE_DEFAULTS)
+ ExpectIntEQ(ret, ASN_AFTER_DATE_E);
#else
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerGetCerts(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
defined(WOLFSSL_SIGNER_DER_CERT)
- EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_STACK* sk = NULL;
X509* x509 = NULL;
@@ -2186,6 +2096,7 @@ static int test_wolfSSL_CertManagerGetCerts(void)
fclose(file1);
}
+ ExpectNull(sk = wolfSSL_CertManagerGetCerts(NULL));
ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
ExpectNull(sk = wolfSSL_CertManagerGetCerts(cm));
@@ -2205,7 +2116,7 @@ static int test_wolfSSL_CertManagerGetCerts(void)
ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(cm));
- for (i = 0; i < sk_X509_num(sk); i++) {
+ for (i = 0; EXPECT_SUCCESS() && i < sk_X509_num(sk); i++) {
ExpectNotNull(x509 = sk_X509_value(sk, i));
ExpectIntEQ(0, wolfSSL_X509_cmp(x509, cert1));
@@ -2221,62 +2132,59 @@ static int test_wolfSSL_CertManagerGetCerts(void)
wolfSSL_X509_free(cert1);
sk_X509_pop_free(sk, NULL);
wolfSSL_CertManagerFree(cm);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
defined(WOLFSSL_SIGNER_DER_CERT) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerSetVerify(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
- EXPECT_DECLS;
- int ret = 0;
WOLFSSL_CERT_MANAGER* cm = NULL;
int tmp = myVerifyAction;
const char* ca_cert = "./certs/ca-cert.pem";
const char* expiredCert = "./certs/test/expired/expired-cert.pem";
+ wolfSSL_CertManagerSetVerify(NULL, NULL);
+ wolfSSL_CertManagerSetVerify(NULL, myVerify);
+
ExpectNotNull(cm = wolfSSL_CertManagerNew());
wolfSSL_CertManagerSetVerify(cm, myVerify);
- #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
- ExpectIntEQ(ret = wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), -1);
- #else
- ExpectIntEQ(ret = wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL),
+#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), -1);
+#else
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL),
WOLFSSL_SUCCESS);
- #endif
+#endif
/* Use the test CB that always accepts certs */
myVerifyAction = VERIFY_OVERRIDE_ERROR;
- ExpectIntEQ(ret = wolfSSL_CertManagerVerify(cm, expiredCert,
+ ExpectIntEQ(wolfSSL_CertManagerVerify(cm, expiredCert,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ALWAYS_VERIFY_CB
{
- const char* verifyCert = "./certs/server-cert.pem";
+ const char* verifyCert = "./certs/server-cert.der";
/* Use the test CB that always fails certs */
myVerifyAction = VERIFY_FORCE_FAIL;
- ExpectIntEQ(ret = wolfSSL_CertManagerVerify(cm, verifyCert,
- WOLFSSL_FILETYPE_PEM), VERIFY_CERT_ERROR);
+ ExpectIntEQ(wolfSSL_CertManagerVerify(cm, verifyCert,
+ WOLFSSL_FILETYPE_ASN1), VERIFY_CERT_ERROR);
}
#endif
wolfSSL_CertManagerFree(cm);
myVerifyAction = tmp;
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
@@ -2300,20 +2208,19 @@ void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName)
}
}
#else
-#define DEBUG_WRITE_CERT_X509(x509, fileName)
-#define DEBUG_WRITE_DER(der, derSz, fileName)
+#define DEBUG_WRITE_CERT_X509(x509, fileName) WC_DO_NOTHING
+#define DEBUG_WRITE_DER(der, derSz, fileName) WC_DO_NOTHING
#endif
static int test_wolfSSL_CertManagerNameConstraint(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
- EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
@@ -2458,22 +2365,19 @@ static int test_wolfSSL_CertManagerNameConstraint(void)
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint2(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES)
- EXPECT_DECLS;
const char* ca_cert = "./certs/test/cert-ext-ndir.der";
const char* ca_cert2 = "./certs/test/cert-ext-ndir-exc.der";
const char* server_cert = "./certs/server-cert.pem";
@@ -2660,22 +2564,19 @@ static int test_wolfSSL_CertManagerNameConstraint2(void)
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint3(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
- EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
@@ -2789,22 +2690,19 @@ static int test_wolfSSL_CertManagerNameConstraint3(void)
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint4(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
- EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
@@ -2965,22 +2863,19 @@ static int test_wolfSSL_CertManagerNameConstraint4(void)
wolfSSL_X509_free(x509);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertManagerNameConstraint5(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
!defined(NO_SHA256)
- EXPECT_DECLS;
WOLFSSL_CERT_MANAGER* cm = NULL;
WOLFSSL_EVP_PKEY *priv = NULL;
WOLFSSL_X509_NAME* name = NULL;
@@ -3137,18 +3032,684 @@ static int test_wolfSSL_CertManagerNameConstraint5(void)
wolfSSL_CertManagerFree(cm);
wolfSSL_X509_free(ca);
wolfSSL_EVP_PKEY_free(priv);
+#endif
+ return EXPECT_RESULT();
+}
- res = TEST_RES_CHECK(1);
+static int test_wolfSSL_CertManagerCRL(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \
+ !defined(NO_RSA)
+ const char* ca_cert = "./certs/ca-cert.pem";
+ const char* crl1 = "./certs/crl/crl.pem";
+ const char* crl2 = "./certs/crl/crl2.pem";
+ const unsigned char crl_buff[] = {
+ 0x30, 0x82, 0x02, 0x04, 0x30, 0x81, 0xed, 0x02,
+ 0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
+ 0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
+ 0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
+ 0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74,
+ 0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06,
+ 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f,
+ 0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30,
+ 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08,
+ 0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, 0x74, 0x68,
+ 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
+ 0x0b, 0x0c, 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75,
+ 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30,
+ 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
+ 0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66,
+ 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31,
+ 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
+ 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10,
+ 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c,
+ 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
+ 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
+ 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x17,
+ 0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32,
+ 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, 0x14,
+ 0x30, 0x12, 0x02, 0x01, 0x02, 0x17, 0x0d, 0x32,
+ 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31,
+ 0x37, 0x35, 0x30, 0x5a, 0xa0, 0x0e, 0x30, 0x0c,
+ 0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x14, 0x04,
+ 0x03, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+ 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00,
+ 0x39, 0x44, 0xff, 0x39, 0xf4, 0x04, 0x45, 0x79,
+ 0x7e, 0x73, 0xe2, 0x42, 0x48, 0xdb, 0x85, 0x66,
+ 0xfd, 0x99, 0x76, 0x94, 0x7c, 0xb5, 0x79, 0x5d,
+ 0x15, 0x71, 0x36, 0xa9, 0x87, 0xf0, 0x73, 0x05,
+ 0x50, 0x08, 0x6b, 0x1c, 0x6e, 0xde, 0x96, 0x45,
+ 0x31, 0xc3, 0xc0, 0xba, 0xba, 0xf5, 0x08, 0x1d,
+ 0x05, 0x4a, 0x52, 0x39, 0xe9, 0x03, 0xef, 0x59,
+ 0xc8, 0x1d, 0x4a, 0xf2, 0x86, 0x05, 0x99, 0x7b,
+ 0x4b, 0x74, 0xf6, 0xd3, 0x75, 0x8d, 0xb2, 0x57,
+ 0xba, 0xac, 0xa7, 0x11, 0x14, 0xd6, 0x6c, 0x71,
+ 0xc4, 0x4c, 0x1c, 0x68, 0xbc, 0x49, 0x78, 0xf0,
+ 0xc9, 0x52, 0x8a, 0xe7, 0x8b, 0x54, 0xe6, 0x20,
+ 0x58, 0x20, 0x60, 0x66, 0xf5, 0x14, 0xd8, 0xcb,
+ 0xff, 0xe0, 0xa0, 0x45, 0xbc, 0xb4, 0x81, 0xad,
+ 0x1d, 0xbc, 0xcf, 0xf8, 0x8e, 0xa8, 0x87, 0x24,
+ 0x55, 0x99, 0xd9, 0xce, 0x47, 0xf7, 0x5b, 0x4a,
+ 0x33, 0x6d, 0xdb, 0xbf, 0x93, 0x64, 0x1a, 0xa6,
+ 0x46, 0x5f, 0x27, 0xdc, 0xd8, 0xd4, 0xf9, 0xc2,
+ 0x42, 0x2a, 0x7e, 0xb2, 0x7c, 0xdd, 0x98, 0x77,
+ 0xf5, 0x88, 0x7d, 0x15, 0x25, 0x08, 0xbc, 0xe0,
+ 0xd0, 0x8d, 0xf4, 0xc3, 0xc3, 0x04, 0x41, 0xa4,
+ 0xd1, 0xb1, 0x39, 0x4a, 0x6b, 0x2c, 0xb5, 0x2e,
+ 0x9a, 0x65, 0x43, 0x0d, 0x0e, 0x73, 0xf4, 0x06,
+ 0xe1, 0xb3, 0x49, 0x34, 0x94, 0xb0, 0xb7, 0xff,
+ 0xc0, 0x27, 0xc1, 0xb5, 0xea, 0x06, 0xf7, 0x71,
+ 0x71, 0x97, 0xbb, 0xbc, 0xc7, 0x1a, 0x9f, 0xeb,
+ 0xf6, 0x3d, 0xa5, 0x7b, 0x55, 0xa7, 0xbf, 0xdd,
+ 0xd7, 0xee, 0x97, 0xb8, 0x9d, 0xdc, 0xcd, 0xe3,
+ 0x06, 0xdb, 0x9a, 0x2c, 0x60, 0xbf, 0x70, 0x84,
+ 0xfa, 0x6b, 0x8d, 0x70, 0x7d, 0xde, 0xe8, 0xb7,
+ 0xab, 0xb0, 0x38, 0x68, 0x6c, 0xc0, 0xb1, 0xe1,
+ 0xba, 0x45, 0xe0, 0xd7, 0x12, 0x3d, 0x71, 0x5b
+ };
+
+ WOLFSSL_CERT_MANAGER* cm = NULL;
+
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm,
+ WOLFSSL_CRL_CHECK | WOLFSSL_CRL_CHECKALL), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 16), 1);
+ ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1);
+
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, -1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, -1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, -1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, 1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, -1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
+ sizeof_server_cert_der_2048), ASN_NO_SIGNER_E);
+
+ ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(cm, NULL), 1);
+#ifdef HAVE_CRL_IO
+ ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1);
#endif
- return res;
+#ifndef NO_FILESYSTEM
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRL(NULL, NULL, WOLFSSL_FILETYPE_ASN1,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, NULL, WOLFSSL_FILETYPE_ASN1,
+ 0), BAD_FUNC_ARG);
+ /* -1 seen as !WOLFSSL_FILETYPE_PEM */
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, "./certs/crl", -1, 0), 1);
+
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(NULL, NULL,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, NULL, WOLFSSL_FILETYPE_ASN1),
+ BAD_FUNC_ARG);
+ /* -1 seen as !WOLFSSL_FILETYPE_PEM */
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, "./certs/crl/crl.pem", -1),
+ ASN_PARSE_E);
+#endif
+
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, 1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, 1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, 1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, -1,
+ WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_CertManagerFreeCRL(NULL), BAD_FUNC_ARG);
+ DoExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1);
+
+ ExpectIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
+ ExpectIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
+ ExpectIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0));
+ wolfSSL_CertManagerFreeCRL(cm);
+
+ ExpectIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
+ ExpectIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
+ ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
+ sizeof_server_cert_der_2048), CRL_MISSING);
+ ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, server_cert_der_2048,
+ sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1), CRL_MISSING);
+
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, sizeof(crl_buff),
+ WOLFSSL_FILETYPE_ASN1), 1);
+
+ wolfSSL_CertManagerFree(cm);
+#endif
+
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA)
+/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
+ defined(HAVE_LIGHTY)
+ WOLFSSL_CERT_MANAGER* cm = NULL;
+ /* Raw OCSP response bytes captured using the following setup:
+ * - Run responder with
+ * openssl ocsp -port 9999 -ndays 9999
+ * -index certs/ocsp/index-intermediate1-ca-issued-certs.txt
+ * -rsigner certs/ocsp/ocsp-responder-cert.pem
+ * -rkey certs/ocsp/ocsp-responder-key.pem
+ * -CA certs/ocsp/intermediate1-ca-cert.pem
+ * - Run client with
+ * openssl ocsp -host 127.0.0.1:9999 -respout resp.out
+ * -issuer certs/ocsp/intermediate1-ca-cert.pem
+ * -cert certs/ocsp/server1-cert.pem
+ * -CAfile certs/ocsp/root-ca-cert.pem -noverify
+ * - Select the response packet in Wireshark, and export it using
+ * "File->Export Packet Dissection->As "C" Arrays". Select "Selected
+ * packets only". After importing into the editor, remove the initial
+ * ~148 bytes of header, ending with the Content-Length and the \r\n\r\n.
+ */
+ static const byte response[] = {
+ 0x30, 0x82, 0x07, 0x40, /* ....0..@ */
+ 0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, /* ......90 */
+ 0x82, 0x07, 0x35, 0x06, 0x09, 0x2b, 0x06, 0x01, /* ..5..+.. */
+ 0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, /* ...0.... */
+ 0x07, 0x26, 0x30, 0x82, 0x07, 0x22, 0x30, 0x82, /* .&0.."0. */
+ 0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, /* .@...0.. */
+ 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
+ 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
+ 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
+ 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
+ 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
+ 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
+ 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
+ 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
+ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
+ 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
+ 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
+ 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, /* ring1.0. */
+ 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, /* ..U....w */
+ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, /* olfSSL O */
+ 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, 0x73, 0x70, /* CSP Resp */
+ 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, /* onder1.0 */
+ 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, /* ...*.H.. */
+ 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, /* ......in */
+ 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
+ 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, /* sl.com.. */
+ 0x32, 0x30, 0x32, 0x33, 0x31, 0x31, 0x30, 0x38, /* 20231108 */
+ 0x30, 0x30, 0x32, 0x36, 0x33, 0x37, 0x5a, 0x30, /* 002637Z0 */
+ 0x64, 0x30, 0x62, 0x30, 0x3a, 0x30, 0x09, 0x06, /* d0b0:0.. */
+ 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, /* .+...... */
+ 0x04, 0x14, 0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, /* ..qM.#@Y */
+ 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, /* ...7C.1. */
+ 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04, 0x04, 0x14, /* ..C..... */
+ 0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, /* ..:.,... */
+ 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, /* ..L.*.q. */
+ 0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, /* dD...... */
+ 0x00, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x33, 0x31, /* ...20231 */
+ 0x31, 0x30, 0x38, 0x30, 0x30, 0x32, 0x36, 0x33, /* 10800263 */
+ 0x37, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30, /* 7Z....20 */
+ 0x35, 0x31, 0x30, 0x33, 0x32, 0x35, 0x30, 0x30, /* 51032500 */
+ 0x32, 0x36, 0x33, 0x37, 0x5a, 0xa1, 0x23, 0x30, /* 2637Z.#0 */
+ 0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, /* !0...+.. */
+ 0x05, 0x05, 0x07, 0x30, 0x01, 0x02, 0x04, 0x12, /* ...0.... */
+ 0x04, 0x10, 0xdb, 0xbc, 0x2a, 0x76, 0xa0, 0xb4, /* ....*v.. */
+ 0x1e, 0x5d, 0xf6, 0x2b, 0x8e, 0x38, 0x62, 0xdb, /* .].+.8b. */
+ 0x90, 0xed, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, /* ..0...*. */
+ 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, /* H....... */
+ 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x87, 0xde, /* ........ */
+ 0xfb, 0xf9, 0x3a, 0x90, 0x1f, 0x90, 0xde, 0xcf, /* ..:..... */
+ 0xfe, 0xad, 0x64, 0x19, 0x34, 0x17, 0xf8, 0x15, /* ..d.4... */
+ 0x01, 0x22, 0x5f, 0x67, 0x41, 0xa4, 0x18, 0xf7, /* ."_gA... */
+ 0x16, 0xb7, 0xc9, 0xf3, 0xe1, 0x9f, 0xcd, 0x40, /* .......@ */
+ 0x56, 0x77, 0x6e, 0x6a, 0xfb, 0x92, 0x6a, 0x6f, /* Vwnj..jo */
+ 0x28, 0x3e, 0x22, 0x48, 0xa1, 0xc2, 0xd8, 0x1d, /* (>"H.... */
+ 0xc7, 0xe6, 0x78, 0x7f, 0xb6, 0x09, 0xfe, 0x2c, /* ..x...., */
+ 0xb5, 0xef, 0x29, 0x7c, 0xc5, 0x51, 0x16, 0x7b, /* ..)|.Q.{ */
+ 0x8f, 0xfb, 0x44, 0xa8, 0xcd, 0xf5, 0x5c, 0x0f, /* ..D...\. */
+ 0x46, 0x0e, 0xb1, 0xa4, 0xeb, 0x5b, 0xf5, 0x86, /* F....[.. */
+ 0x11, 0x0f, 0xcd, 0xe2, 0xe5, 0x3c, 0x91, 0x72, /* .....<.r */
+ 0x0d, 0x6a, 0xcb, 0x95, 0x99, 0x39, 0x91, 0x48, /* .j...9.H */
+ 0x65, 0x97, 0xb9, 0x78, 0xb5, 0x88, 0x7f, 0x76, /* e..x...v */
+ 0xa1, 0x43, 0x2f, 0xf6, 0x1f, 0x49, 0xb7, 0x08, /* .C/..I.. */
+ 0x36, 0xe4, 0x2e, 0x34, 0x25, 0xda, 0x16, 0x74, /* 6..4%..t */
+ 0x47, 0x62, 0x56, 0xff, 0x2f, 0x02, 0x03, 0x44, /* GbV./..D */
+ 0x89, 0x04, 0xe7, 0xb8, 0xde, 0x0a, 0x35, 0x43, /* ......5C */
+ 0xae, 0xd7, 0x54, 0xbe, 0xc3, 0x7c, 0x95, 0xa5, /* ..T..|.. */
+ 0xc8, 0xe0, 0x2e, 0x52, 0xb6, 0xea, 0x99, 0x45, /* ...R...E */
+ 0xfd, 0xda, 0x4b, 0xd5, 0x79, 0x07, 0x64, 0xca, /* ..K.y.d. */
+ 0x64, 0xba, 0x52, 0x12, 0x62, 0x8c, 0x08, 0x9a, /* d.R.b... */
+ 0x32, 0xeb, 0x85, 0x65, 0x05, 0x39, 0x07, 0x5d, /* 2..e.9.] */
+ 0x39, 0x4a, 0xcf, 0xa5, 0x30, 0xf6, 0xd1, 0xf7, /* 9J..0... */
+ 0x29, 0xaa, 0x23, 0x42, 0xc6, 0x85, 0x16, 0x7f, /* ).#B.... */
+ 0x64, 0x16, 0xb1, 0xb0, 0x5d, 0xcd, 0x88, 0x2d, /* d...]..- */
+ 0x06, 0xb0, 0xa9, 0xdf, 0xa3, 0x9f, 0x25, 0x41, /* ......%A */
+ 0x89, 0x9a, 0x19, 0xe1, 0xaa, 0xcd, 0xdf, 0x51, /* .......Q */
+ 0xcb, 0xa9, 0xc3, 0x7e, 0x27, 0xbc, 0x7d, 0x9b, /* ...~'.}. */
+ 0x6f, 0x4d, 0x79, 0x87, 0x09, 0x3f, 0xac, 0xd2, /* oMy..?.. */
+ 0x4a, 0x3b, 0xbe, 0xf8, 0x7a, 0xa4, 0x93, 0x45, /* J;..z..E */
+ 0x11, 0x64, 0x40, 0xc5, 0x03, 0xc9, 0x24, 0x5b, /* .d@...$[ */
+ 0xe9, 0x6d, 0xfc, 0x94, 0x08, 0xbe, 0xa0, 0x82, /* .m...... */
+ 0x04, 0xc6, 0x30, 0x82, 0x04, 0xc2, 0x30, 0x82, /* ..0...0. */
+ 0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, /* ..0..... */
+ 0x02, 0x01, 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, /* ......0. */
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* ..*.H... */
+ 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x97, /* .....0.. */
+ 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
+ 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
+ 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
+ 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
+ 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
+ 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
+ 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
+ 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
+ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
+ 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
+ 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
+ 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, /* ring1.0. */
+ 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, /* ..U....w */
+ 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, /* olfSSL r */
+ 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, /* oot CA1. */
+ 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, /* 0...*.H. */
+ 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, /* .......i */
+ 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, /* nfo@wolf */
+ 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, /* ssl.com0 */
+ 0x1e, 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, /* ...22121 */
+ 0x36, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, /* 6211750Z */
+ 0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, /* ..250911 */
+ 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, /* 211750Z0 */
+ 0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, /* ..1.0... */
+ 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, /* U....US1 */
+ 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, /* .0...U.. */
+ 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, /* ..Washin */
+ 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, /* gton1.0. */
+ 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, /* ..U....S */
+ 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, /* eattle1. */
+ 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, /* 0...U... */
+ 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
+ 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
+ 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, /* ...Engin */
+ 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, /* eering1. */
+ 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, /* 0...U... */
+ 0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
+ 0x20, 0x4f, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, /* OCSP Re */
+ 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, /* sponder1 */
+ 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, /* .0...*.H */
+ 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, /* ........ */
+ 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, /* info@wol */
+ 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, /* fssl.com */
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, /* 0.."0... */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, /* ........ */
+ 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, /* 0....... */
+ 0x00, 0xb8, 0xba, 0x23, 0xb4, 0xf6, 0xc3, 0x7b, /* ...#...{ */
+ 0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, /* .....a.. */
+ 0x1e, 0x63, 0xb9, 0x85, 0x23, 0x34, 0x50, 0x6d, /* .c..#4Pm */
+ 0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, /* .|.....u */
+ 0x5c, 0x2d, 0xf7, 0x63, 0x88, 0xd1, 0x07, 0x7a, /* \-.c...z */
+ 0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, /* ..E5+... */
+ 0x22, 0xb4, 0x94, 0x41, 0x38, 0xe2, 0x9d, 0x74, /* "..A8..t */
+ 0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, /* ..0".Q.. */
+ 0xca, 0x3f, 0x46, 0x2b, 0xfe, 0xe5, 0x5a, 0x3f, /* .?F+..Z? */
+ 0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, /* Atgu.... */
+ 0xc3, 0xee, 0x42, 0xf8, 0x8d, 0xeb, 0x92, 0x95, /* ..B..... */
+ 0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, /* ..e.C... */
+ 0x16, 0x80, 0x90, 0xce, 0x24, 0x35, 0x21, 0xc4, /* ....$5!. */
+ 0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, /* U.ZQ..-. */
+ 0x0a, 0x5a, 0x4f, 0x4a, 0x73, 0x31, 0x50, 0xee, /* .ZOJs1P. */
+ 0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, /* J..9...H */
+ 0x87, 0xb1, 0x99, 0xe2, 0x10, 0xa7, 0x06, 0x72, /* .......r */
+ 0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, /* g.\..... */
+ 0x76, 0xf8, 0xe0, 0x4a, 0xec, 0xbc, 0x93, 0xf4, /* v..J.... */
+ 0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, /* fL(q..f. */
+ 0xb4, 0x90, 0x30, 0xbb, 0x17, 0xb0, 0xfe, 0x97, /* ..0..... */
+ 0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, /* ....]... */
+ 0x19, 0x12, 0x3c, 0xab, 0x82, 0x71, 0x78, 0xff, /* ..<..qx. */
+ 0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, /* .?2..q.. */
+ 0x8c, 0x27, 0xac, 0x11, 0xb8, 0xd8, 0x43, 0x49, /* .'....CI */
+ 0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, /* ..p..... */
+ 0x24, 0x87, 0x17, 0x3b, 0xd8, 0x04, 0x65, 0x6c, /* $..;..el */
+ 0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, /* .vP..... */
+ 0x73, 0x68, 0x26, 0x14, 0x87, 0x95, 0xc3, 0x5f, /* sh&...._ */
+ 0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, /* na...... */
+ 0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
+ 0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, /* .et|qTe. */
+ 0x39, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, /* 9....... */
+ 0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, /* ..0...0. */
+ 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, /* ..U....0 */
+ 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, /* .0...U.. */
+ 0x04, 0x16, 0x04, 0x14, 0x32, 0x67, 0xe1, 0xb1, /* ....2g.. */
+ 0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, /* y....#.p */
+ 0x40, 0x50, 0xb5, 0x46, 0x56, 0xb8, 0x30, 0x36, /* @P.FV.06 */
+ 0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, /* 0....U.# */
+ 0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14, /* ...0.... */
+ 0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, /* s.../... */
+ 0x47, 0xa5, 0x38, 0xd7, 0xb0, 0x04, 0x82, 0x3a, /* G.8....: */
+ 0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, /* ~r.!.... */
+ 0x81, 0x9a, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, /* ..0..1.0 */
+ 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, /* ...U.... */
+ 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, /* US1.0... */
+ 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, /* U....Was */
+ 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, /* hington1 */
+ 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, /* .0...U.. */
+ 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, /* ..Seattl */
+ 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, /* e1.0...U */
+ 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
+ 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, /* SSL1.0.. */
+ 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, /* .U....En */
+ 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, /* gineerin */
+ 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, /* g1.0...U */
+ 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
+ 0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, /* SSL root */
+ 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, /* CA1.0.. */
+ 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* .*.H.... */
+ 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, /* ....info */
+ 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, /* @wolfssl */
+ 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, /* .com..c0 */
+ 0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, /* ...U.%.. */
+ 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, /* 0...+... */
+ 0x05, 0x07, 0x03, 0x09, 0x30, 0x0d, 0x06, 0x09, /* ....0... */
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
+ 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, /* ........ */
+ 0x2f, 0xb7, 0x6b, 0xec, 0xb7, 0x12, 0x63, 0xb9, /* /.k...c. */
+ 0x57, 0xdc, 0x04, 0x4d, 0x9c, 0x67, 0x74, 0x98, /* W..M.gt. */
+ 0x06, 0x28, 0x68, 0x37, 0x34, 0xc2, 0x50, 0xe9, /* .(h74.P. */
+ 0x2a, 0xd4, 0x1a, 0xb2, 0x32, 0x1a, 0x9d, 0x2b, /* *...2..+ */
+ 0x4f, 0x23, 0x50, 0xea, 0xb4, 0x95, 0x86, 0xc3, /* O#P..... */
+ 0xb9, 0x5f, 0x34, 0x3e, 0x99, 0x91, 0xa7, 0x80, /* ._4>.... */
+ 0x5f, 0x6e, 0x1b, 0x6e, 0xdb, 0xe9, 0x02, 0x38, /* _n.n...8 */
+ 0x6f, 0xdf, 0xc5, 0x9b, 0x0d, 0xa3, 0x1c, 0xa9, /* o....... */
+ 0x15, 0x76, 0x16, 0x66, 0xa8, 0x4e, 0xfb, 0xd3, /* .v.f.N.. */
+ 0x43, 0x76, 0xf1, 0x72, 0xb7, 0xd1, 0xfa, 0xee, /* Cv.r.... */
+ 0x39, 0xa6, 0x96, 0xc1, 0xa2, 0x93, 0xa4, 0x9b, /* 9....... */
+ 0x1e, 0x9f, 0xba, 0x71, 0x8f, 0xba, 0xbd, 0x67, /* ...q...g */
+ 0x6a, 0xf2, 0x15, 0x5f, 0xf1, 0x64, 0xe7, 0xcf, /* j.._.d.. */
+ 0x26, 0xb8, 0x4c, 0xc0, 0xeb, 0x85, 0x04, 0x58, /* &.L....X */
+ 0xd9, 0x4a, 0x6b, 0xd9, 0x86, 0xf5, 0x80, 0x21, /* .Jk....! */
+ 0xbf, 0x91, 0xc8, 0x4b, 0x9f, 0x04, 0xed, 0x57, /* ...K...W */
+ 0x7a, 0xd2, 0x58, 0xac, 0x5b, 0x47, 0xaf, 0x4d, /* z.X.[G.M */
+ 0x7f, 0x5b, 0x1d, 0x6d, 0x68, 0x9b, 0x84, 0x98, /* .[.mh... */
+ 0x2a, 0x31, 0x02, 0x2c, 0xe9, 0x1b, 0xaf, 0x11, /* *1.,.... */
+ 0x0b, 0x78, 0x49, 0xbe, 0x68, 0x68, 0xcb, 0x9c, /* .xI.hh.. */
+ 0x41, 0x56, 0xe8, 0xb5, 0x59, 0xda, 0xff, 0xca, /* AV..Y... */
+ 0x59, 0x99, 0x17, 0x3e, 0x11, 0x0a, 0x8f, 0x49, /* Y..>...I */
+ 0x24, 0x0b, 0x81, 0x42, 0x63, 0xcd, 0x4f, 0xf6, /* $..Bc.O. */
+ 0x2b, 0x9d, 0xd1, 0x79, 0x75, 0xd7, 0x4a, 0xcc, /* +..yu.J. */
+ 0x4c, 0xb7, 0x2b, 0xd7, 0xe8, 0xe7, 0xd4, 0x48, /* L.+....H */
+ 0x3c, 0x14, 0x3b, 0x1c, 0x28, 0xe8, 0x46, 0x7a, /* <.;.(.Fz */
+ 0xdc, 0x11, 0x9d, 0x7f, 0x1c, 0xab, 0x10, 0x95, /* ........ */
+ 0x17, 0xb2, 0xc7, 0x7a, 0xbb, 0x17, 0x44, 0x59, /* ...z..DY */
+ 0x69, 0x8e, 0x16, 0x05, 0x94, 0x8c, 0x88, 0xd9, /* i....... */
+ 0xdc, 0x9a, 0xfd, 0xf2, 0x93, 0xbe, 0x68, 0xba, /* ......h. */
+ 0x3c, 0xd6, 0x2b, 0x61, 0x3a, 0x8b, 0xf7, 0x66, /* <.+a:..f */
+ 0xcb, 0x54, 0xe8, 0xe4, 0xdb, 0x9f, 0xcc, 0x9e /* .T...... */
+ };
+ OcspEntry entry[1];
+ CertStatus status[1];
+ OcspRequest* request = NULL;
+#ifndef NO_FILESYSTEM
+ const char* ca_cert = "./certs/ca-cert.pem";
+#endif
+
+ byte serial[] = {0x05};
+ byte issuerHash[] = {0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04};
+ byte issuerKeyHash[] = {0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e};
+
+
+ XMEMSET(entry, 0, sizeof(OcspEntry));
+ XMEMSET(status, 0, sizeof(CertStatus));
+
+ ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
+ ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
+ DYNAMIC_TYPE_OCSP_REQUEST));
+
+ if ((request != NULL) && (request->serial != NULL)) {
+ request->serialSz = sizeof(serial);
+ XMEMCPY(request->serial, serial, sizeof(serial));
+ XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
+ XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash));
+ }
+
+ ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm,
+ "./certs/ocsp/intermediate1-ca-cert.pem", NULL), WOLFSSL_SUCCESS);
+
+ /* Response should be valid. */
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
+ sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
+
+ /* Flip a byte in the request serial number, response should be invalid
+ * now. */
+ if ((request != NULL) && (request->serial != NULL))
+ request->serial[0] ^= request->serial[0];
+ ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
+ sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
+
+#ifndef NO_FILESYSTEM
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048,
+ sizeof(server_cert_der_2048)), ASN_NO_SIGNER_E);
+ ExpectIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048,
+ sizeof(server_cert_der_2048)), 1);
+#endif
+
+ wolfSSL_OCSP_REQUEST_free(request);
+ wolfSSL_CertManagerFree(cm);
+#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
+ * WOLFSSL_APACHE_HTTPD || HAVE_LIGHTY */
+#endif /* HAVE_OCSP */
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_CheckOCSPResponse(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA) && \
+ defined(OPENSSL_ALL)
+ const char* responseFile = "./certs/ocsp/test-response.der";
+ const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
+ const char* responseNoInternFile =
+ "./certs/ocsp/test-response-nointern.der";
+ const char* caFile = "./certs/ocsp/root-ca-cert.pem";
+ OcspResponse* res = NULL;
+ byte data[4096];
+ const unsigned char* pt;
+ int dataSz = 0; /* initialize to mitigate spurious maybe-uninitialized from
+ * gcc sanitizer with --enable-heapmath.
+ */
+ XFILE f = XBADFILE;
+ WOLFSSL_OCSP_BASICRESP* bs = NULL;
+ WOLFSSL_X509_STORE* st = NULL;
+ WOLFSSL_X509* issuer = NULL;
+
+
+ ExpectTrue((f = XFOPEN(responseFile, "rb")) != XBADFILE);
+ ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
+
+ pt = data;
+ ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+ ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
+ SSL_FILETYPE_PEM));
+ ExpectNotNull(st = wolfSSL_X509_STORE_new());
+ ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
+ ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
+ ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS);
+ wolfSSL_OCSP_BASICRESP_free(bs);
+ bs = NULL;
+ wolfSSL_OCSP_RESPONSE_free(res);
+ res = NULL;
+ wolfSSL_X509_STORE_free(st);
+ st = NULL;
+ wolfSSL_X509_free(issuer);
+ issuer = NULL;
+
+ /* check loading a response with optional certs */
+ ExpectTrue((f = XFOPEN(responseNoInternFile, "rb")) != XBADFILE);
+ ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
+ f = XBADFILE;
+
+ pt = data;
+ ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+ wolfSSL_OCSP_RESPONSE_free(res);
+ res = NULL;
+
+ /* check loading a response with multiple certs */
+ {
+ WOLFSSL_CERT_MANAGER* cm = NULL;
+ OcspEntry *entry = NULL;
+ CertStatus* status = NULL;
+ OcspRequest* request = NULL;
+
+ byte serial1[] = {0x01};
+ byte serial[] = {0x02};
+
+ byte issuerHash[] = {
+ 0x44, 0xA8, 0xDB, 0xD1, 0xBC, 0x97, 0x0A, 0x83,
+ 0x3B, 0x5B, 0x31, 0x9A, 0x4C, 0xB8, 0xD2, 0x52,
+ 0x37, 0x15, 0x8A, 0x88
+ };
+ byte issuerKeyHash[] = {
+ 0x73, 0xB0, 0x1C, 0xA4, 0x2F, 0x82, 0xCB, 0xCF,
+ 0x47, 0xA5, 0x38, 0xD7, 0xB0, 0x04, 0x82, 0x3A,
+ 0x7E, 0x72, 0x15, 0x21
+ };
+
+ ExpectNotNull(entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
+ DYNAMIC_TYPE_OPENSSL));
+
+ ExpectNotNull(status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
+ DYNAMIC_TYPE_OPENSSL));
+
+ if (entry != NULL)
+ XMEMSET(entry, 0, sizeof(OcspEntry));
+ if (status != NULL)
+ XMEMSET(status, 0, sizeof(CertStatus));
+
+ ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
+ ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
+ DYNAMIC_TYPE_OCSP_REQUEST));
+
+ if (request != NULL && request->serial != NULL) {
+ request->serialSz = sizeof(serial);
+ XMEMCPY(request->serial, serial, sizeof(serial));
+ XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
+ XMEMCPY(request->issuerKeyHash, issuerKeyHash,
+ sizeof(issuerKeyHash));
+ }
+
+ ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+ ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, caFile, NULL),
+ WOLFSSL_SUCCESS);
+
+ ExpectTrue((f = XFOPEN(responseMultiFile, "rb")) != XBADFILE);
+ ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
+ f = XBADFILE;
+
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+ dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+ dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
+ ExpectNotNull(entry->status);
+
+ if (request != NULL && request->serial != NULL)
+ XMEMCPY(request->serial, serial1, sizeof(serial1));
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+ dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
+
+ /* store both status's in the entry to check that "next" is not
+ * overwritten */
+ if (EXPECT_SUCCESS() && status != NULL && entry != NULL) {
+ status->next = entry->status;
+ entry->status = status;
+ }
+
+ if (request != NULL && request->serial != NULL)
+ XMEMCPY(request->serial, serial, sizeof(serial));
+ ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+ dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
+ ExpectNotNull(entry->status->next);
+
+ /* compare the status found */
+ ExpectIntEQ(status->serialSz, entry->status->serialSz);
+ ExpectIntEQ(XMEMCMP(status->serial, entry->status->serial,
+ status->serialSz), 0);
+
+ if (status != NULL && entry != NULL && entry->status != status) {
+ XFREE(status, NULL, DYNAMIC_TYPE_OPENSSL);
+ }
+ wolfSSL_OCSP_CERTID_free(entry);
+ wolfSSL_OCSP_REQUEST_free(request);
+ wolfSSL_CertManagerFree(cm);
+ }
+
+#if defined(WC_RSA_PSS)
+ {
+ const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der";
+
+ /* check loading a response with RSA-PSS signature */
+ ExpectTrue((f = XFOPEN(responsePssFile, "rb")) != XBADFILE);
+ ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
+
+ pt = data;
+ ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+
+ /* try to verify the response */
+ ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
+ SSL_FILETYPE_PEM));
+ ExpectNotNull(st = wolfSSL_X509_STORE_new());
+ ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
+ ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
+ ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0),
+ WOLFSSL_SUCCESS);
+ wolfSSL_OCSP_BASICRESP_free(bs);
+ wolfSSL_OCSP_RESPONSE_free(res);
+ wolfSSL_X509_STORE_free(st);
+ wolfSSL_X509_free(issuer);
+ }
+#endif
+#endif /* HAVE_OCSP */
+ return EXPECT_RESULT();
}
static int test_wolfSSL_FPKI(void)
{
- int res = TEST_SKIPPED;
-#if defined(WOLFSSL_FPKI) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
EXPECT_DECLS;
+#if defined(WOLFSSL_FPKI) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
const char* fpkiCert = "./certs/fpki-cert.der";
DecodedCert cert;
@@ -3177,20 +3738,17 @@ static int test_wolfSSL_FPKI(void)
ExpectIntEQ(wc_GetUUIDFromCert(&cert, uuid, &uuidSz), 0);
XFREE(uuid, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeDecodedCert(&cert);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/* use RID in confuncture with other names to test parsing of unknown other
* names */
static int test_wolfSSL_OtherName(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
EXPECT_DECLS;
+#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
XFILE f = XBADFILE;
const char* ridCert = "./certs/rid-cert.der";
DecodedCert cert;
@@ -3205,22 +3763,19 @@ static int test_wolfSSL_OtherName(void)
wc_InitDecodedCert(&cert, buf, bytes, NULL);
ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, 0, NULL), 0);
wc_FreeDecodedCert(&cert);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CertRsaPss(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
/* FIPS v2 and below don't support long salts. */
#if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION > 2))) && (!defined(HAVE_SELFTEST) || \
(defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION > 2)))
- EXPECT_DECLS;
XFILE f = XBADFILE;
const char* rsaPssSha256Cert = "./certs/rsapss/ca-rsapss.der";
const char* rsaPssRootSha256Cert = "./certs/rsapss/root-rsapss.pem";
@@ -3266,52 +3821,16 @@ static int test_wolfSSL_CertRsaPss(void)
#endif
wolfSSL_CertManagerFree(cm);
-
- res = EXPECT_RESULT();
#endif
- return res;
-}
-
-static int test_wolfSSL_CertManagerCRL(void)
-{
- int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \
- !defined(NO_RSA)
- EXPECT_DECLS;
- const char* ca_cert = "./certs/ca-cert.pem";
- const char* crl1 = "./certs/crl/crl.pem";
- const char* crl2 = "./certs/crl/crl2.pem";
-
- WOLFSSL_CERT_MANAGER* cm = NULL;
-
- ExpectNotNull(cm = wolfSSL_CertManagerNew());
- ExpectIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
- ExpectIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
- ExpectIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0));
- wolfSSL_CertManagerFreeCRL(cm);
-
- ExpectIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
- ExpectIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
- wolfSSL_CertManagerFree(cm);
-
- res = EXPECT_RESULT();
-#endif
-
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_verify_locations_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
const char* ca_cert = "./certs/ca-cert.pem";
const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
@@ -3335,24 +3854,21 @@ static int test_wolfSSL_CTX_load_verify_locations_ex(void)
WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
defined(USE_CERT_BUFFERS_2048)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx;
const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der";
byte ca_expired_cert[TWOK_BUF];
- word32 sizeof_ca_expired_cert;
+ word32 sizeof_ca_expired_cert = 0;
XFILE fp = XBADFILE;
#ifndef NO_WOLFSSL_CLIENT
@@ -3395,20 +3911,17 @@ static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(USE_CERT_BUFFERS_2048) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
#ifndef NO_WOLFSSL_CLIENT
@@ -3422,19 +3935,16 @@ static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void)
WOLFSSL_FILETYPE_ASN1));
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add1_chain_cert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(OPENSSL_EXTRA) && \
defined(KEEP_OUR_CERT) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx;
WOLFSSL* ssl = NULL;
const char *certChain[] = {
@@ -3451,14 +3961,14 @@ static int test_wolfSSL_CTX_add1_chain_cert(void)
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
ExpectNotNull(ssl = wolfSSL_new(ctx));
- for (cert = certChain; *cert != NULL; cert++) {
+ for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) {
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(SSL_CTX_add1_chain_cert(ctx, x509), 1);
X509_free(x509);
x509 = NULL;
}
- for (cert = certChain; *cert != NULL; cert++) {
+ for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) {
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert,
WOLFSSL_FILETYPE_PEM));
ExpectIntEQ(SSL_add1_chain_cert(ssl, x509), 1);
@@ -3473,18 +3983,15 @@ static int test_wolfSSL_CTX_add1_chain_cert(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
- EXPECT_DECLS;
const char* server_chain_der = "./certs/server-cert-chain.der";
const char* client_single_pem = "./certs/client-cert.pem";
WOLFSSL_CTX* ctx;
@@ -3506,18 +4013,15 @@ static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
client_single_pem, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_SetTmpDH_file(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
(void)ctx;
@@ -3544,18 +4048,15 @@ static int test_wolfSSL_CTX_SetTmpDH_file(void)
WOLFSSL_FILETYPE_PEM));
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
#ifndef NO_WOLFSSL_CLIENT
@@ -3583,18 +4084,15 @@ static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
WOLFSSL_FILETYPE_ASN1));
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_DH) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
- EXPECT_DECLS;
WOLFSSL_CTX *ctx;
(void)ctx;
@@ -3630,18 +4128,15 @@ static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
WOLFSSL_FILETYPE_ASN1));
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_der_load_verify_locations(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_DER_LOAD) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
const char* derCert = "./certs/server-cert.der";
const char* nullPath = NULL;
@@ -3677,18 +4172,15 @@ static int test_wolfSSL_CTX_der_load_verify_locations(void)
#endif
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_enable_disable(void)
{
- int res = TEST_SKIPPED;
-#ifndef NO_CERTS
EXPECT_DECLS;
+#ifndef NO_CERTS
WOLFSSL_CTX* ctx = NULL;
#ifdef HAVE_CRL
@@ -3750,18 +4242,15 @@ static int test_wolfSSL_CTX_enable_disable(void)
#endif
wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-
- res = EXPECT_RESULT();
#endif /* NO_CERTS */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_ticket_API(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX* ctx = NULL;
void *userCtx = (void*)"this is my ctx";
@@ -3774,17 +4263,14 @@ static int test_wolfSSL_CTX_ticket_API(void)
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(NULL, userCtx));
ExpectNull(wolfSSL_CTX_get_TicketEncCtx(NULL));
-
- res = EXPECT_RESULT();
#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_set_minmax_proto_version(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
@@ -3818,11 +4304,9 @@ static int test_wolfSSL_set_minmax_proto_version(void)
wolfSSL_CTX_free(ctx);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) && \
@@ -3880,10 +4364,9 @@ static int test_wolfSSL_CTX_set_max_proto_version(void)
static int test_server_wolfSSL_new(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx_nocert = NULL;
WOLFSSL *ssl = NULL;
@@ -3899,7 +4382,7 @@ static int test_server_wolfSSL_new(void)
/* invalid context */
ExpectNull(ssl = wolfSSL_new(NULL));
#if !defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_QT) && \
- !defined(OPENSSL_EXTRA)
+ !defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_INIT_CTX_KEY)
ExpectNull(ssl = wolfSSL_new(ctx_nocert));
#endif
@@ -3909,20 +4392,17 @@ static int test_server_wolfSSL_new(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
wolfSSL_CTX_free(ctx_nocert);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_client_wolfSSL_new(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx_nocert = NULL;
WOLFSSL *ssl = NULL;
@@ -3946,19 +4426,16 @@ static int test_client_wolfSSL_new(void)
wolfSSL_CTX_free(ctx);
wolfSSL_CTX_free(ctx_nocert);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_SetTmpDH_file(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
!defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
@@ -4002,18 +4479,15 @@ static int test_wolfSSL_SetTmpDH_file(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_SetTmpDH_buffer(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
@@ -4040,18 +4514,15 @@ static int test_wolfSSL_SetTmpDH_buffer(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL_CTX *ctx2 = NULL;
WOLFSSL *ssl = NULL;
@@ -4098,10 +4569,8 @@ static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
wolfSSL_CTX_free(ctx2);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
@@ -4153,7 +4622,7 @@ static int test_wolfSSL_SetMinVersion(void)
#ifdef OPENSSL_EXTRA
static int test_ED25519(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
defined(WOLFSSL_KEY_GEN)
byte priv[ED25519_PRV_KEY_SIZE];
@@ -4167,30 +4636,28 @@ static int test_ED25519(void)
unsigned int sigSz = (unsigned int)sizeof(sig);
#endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */
- AssertIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz),
- WOLFSSL_SUCCESS);
- AssertIntEQ(privSz, ED25519_PRV_KEY_SIZE);
- AssertIntEQ(pubSz, ED25519_PUB_KEY_SIZE);
+ ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(privSz, ED25519_PRV_KEY_SIZE);
+ ExpectIntEQ(pubSz, ED25519_PUB_KEY_SIZE);
#if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_IMPORT)
- AssertIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
- &sigSz), WOLFSSL_SUCCESS);
- AssertIntEQ(sigSz, ED25519_SIG_SIZE);
+ ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
+ &sigSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(sigSz, ED25519_SIG_SIZE);
#ifdef HAVE_ED25519_VERIFY
- AssertIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
- sigSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
+ sigSz), WOLFSSL_SUCCESS);
#endif /* HAVE_ED25519_VERIFY */
#endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */
-
- res = TEST_RES_CHECK(1);
#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT && WOLFSSL_KEY_GEN */
- return res;
+ return EXPECT_RESULT();
}
static int test_ED448(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
defined(WOLFSSL_KEY_GEN)
byte priv[ED448_PRV_KEY_SIZE];
@@ -4204,25 +4671,23 @@ static int test_ED448(void)
unsigned int sigSz = (unsigned int)sizeof(sig);
#endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
- AssertIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz),
- WOLFSSL_SUCCESS);
- AssertIntEQ(privSz, ED448_PRV_KEY_SIZE);
- AssertIntEQ(pubSz, ED448_PUB_KEY_SIZE);
+ ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(privSz, ED448_PRV_KEY_SIZE);
+ ExpectIntEQ(pubSz, ED448_PUB_KEY_SIZE);
#if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT)
- AssertIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
- &sigSz), WOLFSSL_SUCCESS);
- AssertIntEQ(sigSz, ED448_SIG_SIZE);
+ ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
+ &sigSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(sigSz, ED448_SIG_SIZE);
#ifdef HAVE_ED448_VERIFY
- AssertIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
- sigSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
+ sigSz), WOLFSSL_SUCCESS);
#endif /* HAVE_ED448_VERIFY */
#endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
-
- res = TEST_RES_CHECK(1);
#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT && WOLFSSL_KEY_GEN */
- return res;
+ return EXPECT_RESULT();
}
#endif /* OPENSSL_EXTRA */
@@ -4233,9 +4698,8 @@ static int test_ED448(void)
static int test_wolfSSL_EVP_PKEY_print_public(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
WOLFSSL_BIO* rbio = NULL;
WOLFSSL_BIO* wbio = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
@@ -4486,18 +4950,15 @@ static int test_wolfSSL_EVP_PKEY_print_public(void)
(void)line;
(void)line1;
(void)i;
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
/* Test functions for base64 encode/decode */
static int test_wolfSSL_EVP_ENCODE_CTX_new(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && \
( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE))
- EXPECT_DECLS;
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
@@ -4505,32 +4966,26 @@ static int test_wolfSSL_EVP_ENCODE_CTX_new(void)
ExpectIntEQ(ctx->data[0],0);
ExpectIntEQ(ctx->data[sizeof(ctx->data) -1],0);
EVP_ENCODE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
-#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE)*/
- return res;
+#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_ENCODE_CTX_free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && \
( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE))
- EXPECT_DECLS;
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
EVP_ENCODE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
-#endif /*OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE)*/
- return res;
+#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_EncodeInit(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
@@ -4551,16 +5006,13 @@ static int test_wolfSSL_EVP_EncodeInit(void)
ExpectIntEQ(ctx->data[sizeof(ctx->data) -1], 0);
EVP_ENCODE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_EncodeUpdate(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
int outl;
int total;
@@ -4568,6 +5020,7 @@ static int test_wolfSSL_EVP_EncodeUpdate(void)
const unsigned char plain1[] = {"This is a base64 encodeing test."};
const unsigned char plain2[] = {"This is additional data."};
+ const unsigned char encBlock0[] = {"VGg="};
const unsigned char enc0[] = {"VGg=\n"};
/* expected encoded result for the first output 64 chars plus trailing LF*/
const unsigned char enc1[] = {"VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVpbmcgdGVzdC5UaGlzIGlzIGFkZGl0aW9u\n"};
@@ -4669,12 +5122,8 @@ static int test_wolfSSL_EVP_EncodeUpdate(void)
XMEMSET( encOutBuff,0, sizeof(encOutBuff));
ExpectIntEQ(EVP_EncodeBlock(encOutBuff, plain0, sizeof(plain0)-1),
- sizeof(enc0)-1);
- ExpectIntEQ(
- XSTRNCMP(
- (const char*)encOutBuff,
- (const char*)enc0,sizeof(enc0) ),
- 0);
+ sizeof(encBlock0)-1);
+ ExpectStrEQ(encOutBuff, encBlock0);
/* pass small size( < 48bytes ) input, then make sure they are not
* encoded and just stored in ctx
@@ -4748,10 +5197,8 @@ static int test_wolfSSL_EVP_EncodeUpdate(void)
EVP_EncodeFinal(NULL, NULL, NULL);
EVP_ENCODE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_EncodeFinal(void)
{
@@ -4768,9 +5215,8 @@ static int test_wolfSSL_EVP_EncodeFinal(void)
static int test_wolfSSL_EVP_DecodeInit(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
EVP_ENCODE_CTX* ctx = NULL;
ExpectNotNull( ctx = EVP_ENCODE_CTX_new());
@@ -4791,16 +5237,13 @@ static int test_wolfSSL_EVP_DecodeInit(void)
ExpectIntEQ( ctx->data[sizeof(ctx->data) -1],0);
EVP_ENCODE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL && WOLFSSL_BASE_DECODE */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_DecodeUpdate(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
int outl;
unsigned char decOutBuff[300];
@@ -4907,7 +5350,7 @@ static int test_wolfSSL_EVP_DecodeUpdate(void)
&outl),
1 /* expected result code 1: success */
);
- ExpectIntEQ(outl, 0); /* expected DecodeFinal outout no data */
+ ExpectIntEQ(outl, 0); /* expected DecodeFinal output no data */
ExpectIntEQ(XSTRNCMP( (const char*)plain2,(const char*)decOutBuff,
sizeof(plain2) -1 ),0);
@@ -5033,10 +5476,8 @@ static int test_wolfSSL_EVP_DecodeUpdate(void)
}
EVP_ENCODE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL && WOLFSSL_BASE_DECODE */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_DecodeFinal(void)
{
@@ -5056,109 +5497,110 @@ static int test_wolfSSL_EVP_DecodeFinal(void)
#ifdef OPENSSL_EXTRA
static int test_wolfSSL_EVP_get_cipherbynid(void)
{
+ EXPECT_DECLS;
#ifndef NO_AES
const WOLFSSL_EVP_CIPHER* c;
c = wolfSSL_EVP_get_cipherbynid(419);
#if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
defined(WOLFSSL_AES_128)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_128_CBC", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_128_CBC", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(423);
#if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
defined(WOLFSSL_AES_192)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_192_CBC", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_192_CBC", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(427);
#if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
defined(WOLFSSL_AES_256)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_256_CBC", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_256_CBC", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(904);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_128_CTR", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_128_CTR", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(905);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_192_CTR", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_192_CTR", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(906);
#if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_256_CTR", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_256_CTR", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(418);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_128_ECB", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_128_ECB", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(422);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_192_ECB", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_192_ECB", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
c = wolfSSL_EVP_get_cipherbynid(426);
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
- AssertNotNull(c);
- AssertNotNull(strcmp("EVP_AES_256_ECB", c));
+ ExpectNotNull(c);
+ ExpectNotNull(XSTRCMP("EVP_AES_256_ECB", c));
#else
- AssertNull(c);
+ ExpectNull(c);
#endif
#endif /* !NO_AES */
#ifndef NO_DES3
- AssertNotNull(strcmp("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
+ ExpectNotNull(XSTRCMP("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
#ifdef WOLFSSL_DES_ECB
- AssertNotNull(strcmp("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29)));
+ ExpectNotNull(XSTRCMP("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29)));
#endif
- AssertNotNull(strcmp("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44)));
+ ExpectNotNull(XSTRCMP("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44)));
#ifdef WOLFSSL_DES_ECB
- AssertNotNull(strcmp("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
+ ExpectNotNull(XSTRCMP("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
#endif
#endif /* !NO_DES3 */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
- AssertNotNull(strcmp("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018)));
+ ExpectNotNull(XSTRCMP("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018)));
#endif
/* test for nid is out of range */
- AssertNull(wolfSSL_EVP_get_cipherbynid(1));
+ ExpectNull(wolfSSL_EVP_get_cipherbynid(1));
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
const EVP_CIPHER *init = EVP_aes_128_cbc();
@@ -5166,23 +5608,21 @@ static int test_wolfSSL_EVP_CIPHER_CTX(void)
byte key[AES_BLOCK_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
- AssertNotNull(ctx);
+ ExpectNotNull(ctx);
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
test = EVP_CIPHER_CTX_cipher(ctx);
- AssertTrue(init == test);
- AssertIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc);
+ ExpectTrue(init == test);
+ ExpectIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc);
- AssertIntEQ(EVP_CIPHER_CTX_reset(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_CIPHER_CTX_reset(NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_CIPHER_CTX_reset(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CIPHER_CTX_reset(NULL), WOLFSSL_FAILURE);
EVP_CIPHER_CTX_free(ctx);
/* test EVP_CIPHER_CTX_cleanup with NULL */
- AssertIntEQ(EVP_CIPHER_CTX_cleanup(NULL), WOLFSSL_SUCCESS);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(EVP_CIPHER_CTX_cleanup(NULL), WOLFSSL_SUCCESS);
#endif /* !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_128 */
- return res;
+ return EXPECT_RESULT();
}
#endif /* OPENSSL_EXTRA */
@@ -5242,7 +5682,7 @@ static int test_wolfSSL_EVP_CIPHER_CTX(void)
return 0;
}
- static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl,
+ static int myTicketEncCbOpenSSL(WOLFSSL* ssl,
byte name[WOLFSSL_TICKET_NAME_SZ],
byte iv[WOLFSSL_TICKET_IV_SZ],
WOLFSSL_EVP_CIPHER_CTX *ectx,
@@ -5294,11 +5734,29 @@ static WC_INLINE int test_ssl_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
}
if ((unsigned)(*len + sz) > TEST_SSL_MEMIO_BUF_SZ)
- return WOLFSSL_CBIO_ERR_WANT_READ;
+ return WOLFSSL_CBIO_ERR_WANT_WRITE;
XMEMCPY(buf + *len, data, sz);
*len += sz;
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+ {
+ /* This can be imported into Wireshark by transforming the file with
+ * od -Ax -tx1 -v test_output.dump > test_output.dump.hex
+ * And then loading test_output.dump.hex into Wireshark using the
+ * "Import from Hex Dump..." option ion and selecting the TCP
+ * encapsulation option. */
+ char dump_file_name[64];
+ WOLFSSL_BIO *dump_file;
+ sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName);
+ dump_file = wolfSSL_BIO_new_file(dump_file_name, "a");
+ if (dump_file != NULL) {
+ (void)wolfSSL_BIO_write(dump_file, data, sz);
+ wolfSSL_BIO_free(dump_file);
+ }
+ }
+#endif
+
return sz;
}
@@ -5368,14 +5826,18 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx->c_ctx, PasswordCallBack);
#endif
- ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx, caCertFile, 0),
- WOLFSSL_SUCCESS);
+ if (ctx->c_cb.caPemFile != NULL)
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx,
+ ctx->c_cb.caPemFile, 0), WOLFSSL_SUCCESS);
+ else
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx,
+ caCertFile, 0), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
if (!c_sharedCtx)
#endif
{
- ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx->c_ctx, cliCertFile,
- WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->c_ctx,
+ cliCertFile), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx->c_ctx, cliKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
@@ -5415,9 +5877,6 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
method = wolfSSLv23_server_method();
}
ExpectNotNull(ctx->s_ctx = wolfSSL_CTX_new(method));
- if (EXPECT_FAIL()) {
- XFREE(method, NULL, DYNAMIC_TYPE_METHOD);
- }
ctx->s_cb.isSharedCtx = 0;
}
if (!ctx->s_cb.ticNoInit && (ctx->s_ctx != NULL)) {
@@ -5436,8 +5895,12 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
wolfSSL_SetIOSend(ctx->s_ctx, test_ssl_memio_write_cb);
wolfSSL_CTX_set_verify(ctx->s_ctx, WOLFSSL_VERIFY_PEER |
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
- ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx, cliCertFile, 0),
- WOLFSSL_SUCCESS);
+ if (ctx->s_cb.caPemFile != NULL)
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx,
+ ctx->s_cb.caPemFile, 0), WOLFSSL_SUCCESS);
+ else
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx,
+ cliCertFile, 0), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx->s_ctx, PasswordCallBack);
#endif
@@ -5448,8 +5911,8 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
if (!s_sharedCtx)
#endif
{
- ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx->s_ctx, certFile,
- WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->s_ctx,
+ certFile), WOLFSSL_SUCCESS);
}
if (ctx->s_cb.keyPemFile != NULL) {
keyFile = ctx->s_cb.keyPemFile;
@@ -5482,8 +5945,8 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
#endif
)
{
- ExpectIntEQ(wolfSSL_use_certificate_file(ctx->c_ssl, cliCertFile,
- WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->c_ssl, cliCertFile),
+ WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->c_ssl, cliKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
@@ -5503,8 +5966,8 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
#endif
)
{
- ExpectIntEQ(wolfSSL_use_certificate_file(ctx->s_ssl, certFile,
- WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->s_ssl, certFile),
+ WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->s_ssl, keyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
}
@@ -5537,7 +6000,9 @@ static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds,
}
while ((!handshake_complete) && (max_rounds > 0)) {
if (!hs_c) {
+ wolfSSL_SetLoggingPrefix("client");
ret = wolfSSL_connect(ctx->c_ssl);
+ wolfSSL_SetLoggingPrefix(NULL);
if (ret == WOLFSSL_SUCCESS) {
hs_c = 1;
}
@@ -5554,7 +6019,9 @@ static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds,
}
}
if (!hs_s) {
+ wolfSSL_SetLoggingPrefix("server");
ret = wolfSSL_accept(ctx->s_ssl);
+ wolfSSL_SetLoggingPrefix(NULL);
if (ret == WOLFSSL_SUCCESS) {
hs_s = 1;
}
@@ -5603,7 +6070,9 @@ static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx)
msglen_s = ctx->s_msglen;
}
+ wolfSSL_SetLoggingPrefix("client");
ExpectIntEQ(wolfSSL_write(ctx->c_ssl, msg_c, msglen_c), msglen_c);
+ wolfSSL_SetLoggingPrefix("server");
ExpectIntGT(idx = wolfSSL_read(ctx->s_ssl, input, sizeof(input) - 1), 0);
if (idx >= 0) {
input[idx] = '\0';
@@ -5611,7 +6080,9 @@ static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx)
ExpectIntGT(fprintf(stderr, "Client message: %s\n", input), 0);
ExpectIntEQ(wolfSSL_write(ctx->s_ssl, msg_s, msglen_s), msglen_s);
ctx->s_cb.return_code = EXPECT_RESULT();
+ wolfSSL_SetLoggingPrefix("client");
ExpectIntGT(idx = wolfSSL_read(ctx->c_ssl, input, sizeof(input) - 1), 0);
+ wolfSSL_SetLoggingPrefix(NULL);
if (idx >= 0) {
input[idx] = '\0';
}
@@ -5687,6 +6158,14 @@ int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
ExpectIntEQ(client_on_handshake(test_ctx.c_ctx, test_ctx.c_ssl),
TEST_SUCCESS);
}
+ if (client_cb->on_handshake != NULL) {
+ ExpectIntEQ(client_cb->on_handshake(&test_ctx.c_ctx, &test_ctx.c_ssl),
+ TEST_SUCCESS);
+ }
+ if (server_cb->on_handshake != NULL) {
+ ExpectIntEQ(server_cb->on_handshake(&test_ctx.s_ctx, &test_ctx.s_ssl),
+ TEST_SUCCESS);
+ }
#ifdef WOLFSSL_HAVE_TLS_UNIQUE
XMEMSET(server_side_msg2, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_peer_finished(test_ctx.s_ssl, server_side_msg2,
@@ -5703,7 +6182,9 @@ int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
test_ssl_memio_cleanup(&test_ctx);
client_cb->return_code = test_ctx.c_cb.return_code;
+ client_cb->last_err = test_ctx.c_cb.last_err;
server_cb->return_code = test_ctx.s_cb.return_code;
+ server_cb->last_err = test_ctx.s_cb.last_err;
return EXPECT_RESULT();
}
@@ -5814,8 +6295,8 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
word16 port;
callback_functions* cbf;
- WOLFSSL_CTX* ctx = 0;
- WOLFSSL* ssl = 0;
+ WOLFSSL_CTX* ctx = NULL;
+ WOLFSSL* ssl = NULL;
func_args* opts = (func_args*)args;
char msg[] = "I hear you fa shizzle!";
@@ -5833,6 +6314,8 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
size_t msg_len = 0;
#endif
+ wolfSSL_SetLoggingPrefix("server");
+
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
@@ -5858,10 +6341,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
}
if (ctx == NULL) {
/* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
@@ -6046,7 +6526,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
- ret = wolfSSL_accept(ssl);
+ ret = wolfSSL_negotiate(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
@@ -6123,9 +6603,9 @@ done:
#endif
}
-#ifndef WOLFSSL_TIRTOS
- return 0;
-#endif
+ wolfSSL_SetLoggingPrefix(NULL);
+
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
@@ -6196,10 +6676,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
!= WOLFSSL_SUCCESS) {
/*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
@@ -6207,10 +6684,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
@@ -6218,10 +6692,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
/* call ctx setup callback */
@@ -6232,33 +6703,23 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
while (count != loop_count) {
ssl = wolfSSL_new(ctx);
if (ssl == NULL) {
- /* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
if (sharedCtx && wolfSSL_use_certificate_file(ssl, svrCertFile,
- WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
+ WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load server cert chain file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
- WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
+ WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
/*err_sys("can't load server key file, "
"Please run from wolfSSL home dir");*/
/* Release the wait for TCP ready. */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
- opts->signal->ready = 1;
- PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+ signal_ready(opts->signal);
goto done;
}
@@ -6272,7 +6733,8 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
cbf->ssl_ready(ssl);
}
/* do it here to detect failure */
- tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
+ tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0,
+ 0);
CloseSocket(sockfd);
if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
/*err_sys("SSL_set_fd failed");*/
@@ -6342,9 +6804,7 @@ done:
wc_ecc_fp_free(); /* free per thread cache */
#endif
-#ifndef WOLFSSL_TIRTOS
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */
@@ -6368,6 +6828,8 @@ static int test_client_nofail(void* args, cbType cb)
int doUdp = 0;
const char* cipherName1, *cipherName2;
+ wolfSSL_SetLoggingPrefix("client");
+
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
@@ -6510,7 +6972,7 @@ static int test_client_nofail(void* args, cbType cb)
if (ret < 0) { break; } else if (ret == 0) { continue; }
}
#endif
- ret = wolfSSL_connect(ssl);
+ ret = wolfSSL_negotiate(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
if (ret != WOLFSSL_SUCCESS) {
@@ -6587,6 +7049,9 @@ done:
(void)args;
(void)cb;
#endif /* !NO_WOLFSSL_CLIENT */
+
+ wolfSSL_SetLoggingPrefix(NULL);
+
return 0;
}
@@ -6692,8 +7157,8 @@ static void test_client_reuse_WOLFSSLobj(void* args, cbType cb,
tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port,
0, 0, NULL);
- if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS)
- {
+ if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) !=
+ WOLFSSL_SUCCESS) {
/* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
goto done;
}
@@ -6719,7 +7184,7 @@ static void test_client_reuse_WOLFSSLobj(void* args, cbType cb,
if (ssl == NULL) {
goto done;
}
- /* keep handshakre resources for re-using WOLFSSL obj */
+ /* keep handshake resources for re-using WOLFSSL obj */
wolfSSL_KeepArrays(ssl);
if (wolfSSL_KeepHandshakeResources(ssl)) {
/* err_sys("SSL_KeepHandshakeResources failed"); */
@@ -6956,11 +7421,11 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
}
#else
ctx = wolfSSL_CTX_new(callbacks->method());
+#endif
if (ctx == NULL) {
fprintf(stderr, "CTX new failed\n");
goto cleanup;
}
-#endif
/* set defaults */
if (callbacks->caPemFile == NULL)
@@ -7169,9 +7634,7 @@ cleanup:
wc_ecc_fp_free(); /* free per thread cache */
#endif
-#ifndef WOLFSSL_TIRTOS
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
/* TLS Client for API unit testing - generic */
@@ -7209,14 +7672,12 @@ static void run_wolfssl_client(void* args)
}
}
#else
- if (ctx == NULL) {
- ctx = wolfSSL_CTX_new(callbacks->method());
- }
+ ctx = wolfSSL_CTX_new(callbacks->method());
+#endif
if (ctx == NULL) {
fprintf(stderr, "CTX new failed\n");
goto cleanup;
}
-#endif
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
@@ -7424,11 +7885,11 @@ static int test_wolfSSL_read_write(void)
static int test_wolfSSL_reuse_WOLFSSLobj(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
!defined(WOLFSSL_NO_TLS12)
/* The unit test for session resumption by re-using WOLFSSL object.
- * WOLFSSL object is not cleared after first session. It re-use the obeject
+ * WOLFSSL object is not cleared after first session. It reuse the object
* for second connection.
*/
tcp_ready ready;
@@ -7437,7 +7898,6 @@ static int test_wolfSSL_reuse_WOLFSSLobj(void)
THREAD_TYPE serverThread;
callback_functions client_cbf;
callback_functions server_cbf;
- EXPECT_DECLS;
XMEMSET(&client_args, 0, sizeof(func_args));
XMEMSET(&server_args, 0, sizeof(func_args));
@@ -7478,10 +7938,9 @@ static int test_wolfSSL_reuse_WOLFSSLobj(void)
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
-
- res = EXPECT_RESULT();
-#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */
- return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) &&
+ * !defined(WOLFSSL_TLS13) */
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
@@ -7498,15 +7957,14 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_1_ctx_ready(
static int test_wolfSSL_CTX_verifyDepth_ServerClient_1(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- EXPECT_DECLS;
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
- XMEMSET(&client_cbf, 0, sizeof(callback_functions));
- XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
#ifdef WOLFSSL_TLS13
client_cbf.method = wolfTLSv1_3_client_method;
@@ -7520,12 +7978,10 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_1(void)
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS &&
* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
@@ -7534,23 +7990,22 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_2_ctx_ready(
WOLFSSL_CTX* ctx)
{
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
- myVerifyAction = VERIFY_USE_PREVERFIY;
- wolfSSL_CTX_set_verify_depth(ctx, 1);
+ myVerifyAction = VERIFY_OVERRIDE_ERROR;
+ wolfSSL_CTX_set_verify_depth(ctx, 0);
return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_CTX_verifyDepth_ServerClient_2(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- EXPECT_DECLS;
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
- XMEMSET(&client_cbf, 0, sizeof(callback_functions));
- XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
#ifdef WOLFSSL_TLS13
client_cbf.method = wolfTLSv1_3_client_method;
@@ -7568,12 +8023,10 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_2(void)
ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS &&
* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
@@ -7590,15 +8043,14 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_3_ctx_ready(
static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- EXPECT_DECLS;
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
- XMEMSET(&client_cbf, 0, sizeof(callback_functions));
- XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
#ifdef WOLFSSL_TLS13
client_cbf.method = wolfTLSv1_3_client_method;
@@ -7612,16 +8064,16 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void)
* therefore, handshake becomes failure.
*/
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
- &server_cbf, NULL), TEST_SUCCESS);
+ &server_cbf, NULL), TEST_FAIL);
- ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
- ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
-
- res = EXPECT_RESULT();
+ ExpectIntEQ(client_cbf.return_code, TEST_FAIL);
+ ExpectIntEQ(server_cbf.return_code, TEST_FAIL);
+ ExpectIntEQ(client_cbf.last_err, MAX_CHAIN_ERROR);
+ ExpectIntEQ(server_cbf.last_err, FATAL_ERROR);
#endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS &&
* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
@@ -7644,12 +8096,10 @@ static int test_wolfSSL_CTX_set_cipher_list_client_ctx_ready(WOLFSSL_CTX* ctx)
static int test_wolfSSL_CTX_set_cipher_list(void)
{
- int res = TEST_SKIPPED;
-
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
!defined(WOLFSSL_TIRTOS) && !defined(NO_AES) && !defined(WOLFSSL_NO_TLS12) \
&& !defined(NO_SHA256) && defined(HAVE_ECC)
- EXPECT_DECLS;
WOLFSSL_CTX* ctxClient = NULL;
WOLFSSL* sslClient = NULL;
test_ssl_cbf client_cbf;
@@ -7674,7 +8124,7 @@ static int test_wolfSSL_CTX_set_cipher_list(void)
ExpectTrue(wolfSSL_CTX_set_cipher_list(ctxClient, "ECDHE+AESGCM"));
ExpectNotNull((sslClient = wolfSSL_new(ctxClient)));
- /* check for the existance of an ECDHE ECDSA cipher suite */
+ /* check for the existence of an ECDHE ECDSA cipher suite */
if (EXPECT_SUCCESS()) {
int i = 0;
int found = 0;
@@ -7699,10 +8149,8 @@ static int test_wolfSSL_CTX_set_cipher_list(void)
wolfSSL_free(sslClient);
wolfSSL_CTX_free(ctxClient);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
@@ -7724,16 +8172,16 @@ static int test_wolfSSL_get_finished_client_on_handshake(WOLFSSL_CTX* ctx,
XMEMSET(client_side_msg2, 0, MD_MAX_SIZE);
msg_len = wolfSSL_get_peer_finished(ssl, client_side_msg2, MD_MAX_SIZE);
ExpectIntGE(msg_len, 0);
+
return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_get_finished(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(WOLFSSL_HAVE_TLS_UNIQUE)
- EXPECT_DECLS;
test_ssl_cbf client_cbf;
test_ssl_cbf server_cbf;
@@ -7747,11 +8195,9 @@ static int test_wolfSSL_get_finished(void)
/* test received msg vs sent msg */
ExpectIntEQ(0, XMEMCMP(client_side_msg1, server_side_msg2, MD_MAX_SIZE));
ExpectIntEQ(0, XMEMCMP(client_side_msg2, server_side_msg1, MD_MAX_SIZE));
-
- res = EXPECT_RESULT();
#endif /* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES && WOLFSSL_HAVE_TLS_UNIQUE */
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
@@ -7852,11 +8298,10 @@ static void test_wolfSSL_CTX_add_session_ssl_ready(WOLFSSL* ssl)
static int test_wolfSSL_CTX_add_session(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
!defined(SINGLE_THREADED) && defined(WOLFSSL_TLS13) && \
!defined(NO_SESSION_CACHE)
- EXPECT_DECLS;
tcp_ready ready;
func_args client_args;
func_args server_args;
@@ -7952,11 +8397,9 @@ static int test_wolfSSL_CTX_add_session(void)
if (EXPECT_FAIL())
break;
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
@@ -7996,7 +8439,9 @@ static hashTable server_sessionCache;
static int twcase_new_sessionCb(WOLFSSL *ssl, WOLFSSL_SESSION *sess)
{
int i;
+ unsigned int len;
(void)ssl;
+
/*
* This example uses a hash table.
* Steps you should take for a non-demo code:
@@ -8018,11 +8463,7 @@ static int twcase_new_sessionCb(WOLFSSL *ssl, WOLFSSL_SESSION *sess)
}
for (i = 0; i < SESSION_CACHE_SIZE; i++) {
if (server_sessionCache.entries[i].value == NULL) {
- if (sess->haveAltSessionID == 1)
- server_sessionCache.entries[i].key = sess->altSessionID;
- else
- server_sessionCache.entries[i].key = sess->sessionID;
-
+ server_sessionCache.entries[i].key = SSL_SESSION_get_id(sess, &len);
server_sessionCache.entries[i].value = sess;
server_sessionCache.length++;
break;
@@ -8134,7 +8575,7 @@ static int twcase_cache_intOff_extOff(WOLFSSL_CTX* ctx)
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
- /* off - Donot setup external cache */
+ /* off - Do not setup external cache */
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
@@ -8143,12 +8584,11 @@ static int twcase_cache_intOff_extOff(WOLFSSL_CTX* ctx)
static int twcase_cache_intOn_extOff(WOLFSSL_CTX* ctx)
{
- EXPECT_DECLS;
- /* on - internal cache is on by default*/
- /* off - Donot setup external cache */
+ /* on - internal cache is on by default */
+ /* off - Do not setup external cache */
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
- return EXPECT_RESULT();
+ return TEST_SUCCESS;
}
static int twcase_cache_intOff_extOn(WOLFSSL_CTX* ctx)
@@ -8174,7 +8614,6 @@ static int twcase_cache_intOff_extOn(WOLFSSL_CTX* ctx)
static int twcase_cache_intOn_extOn(WOLFSSL_CTX* ctx)
{
- EXPECT_DECLS;
/* on - internal cache is on by default */
/* on - Enable external cache */
wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
@@ -8183,11 +8622,10 @@ static int twcase_cache_intOn_extOn(WOLFSSL_CTX* ctx)
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
- return EXPECT_RESULT();
+ return TEST_SUCCESS;
}
static int twcase_cache_intOn_extOn_noTicket(WOLFSSL_CTX* ctx)
{
- EXPECT_DECLS;
/* on - internal cache is on by default */
/* on - Enable external cache */
wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
@@ -8197,7 +8635,7 @@ static int twcase_cache_intOn_extOn_noTicket(WOLFSSL_CTX* ctx)
wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TICKET);
/* Require both peers to provide certs */
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
- return EXPECT_RESULT();
+ return TEST_SUCCESS;
}
static int twcase_server_sess_ctx_pre_shutdown(WOLFSSL* ssl)
{
@@ -8291,51 +8729,19 @@ static int twcase_client_set_sess_ssl_ready(WOLFSSL* ssl)
WOLFSSL_SUCCESS);
return EXPECT_RESULT();
}
-#endif
-static int test_wolfSSL_CTX_add_session_ext(void)
+struct test_add_session_ext_params {
+ method_provider client_meth;
+ method_provider server_meth;
+ const char* tls_version;
+};
+
+static int test_wolfSSL_CTX_add_session_ext(
+ struct test_add_session_ext_params* param)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
- defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
- defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
- defined(HAVE_SESSION_TICKET) && \
- !defined(TITAN_SESSION_CACHE) && \
- !defined(HUGE_SESSION_CACHE) && \
- !defined(BIG_SESSION_CACHE) && \
- !defined(MEDIUM_SESSION_CACHE)
EXPECT_DECLS;
/* Test the default 33 sessions */
-
- struct test_params {
- method_provider client_meth;
- method_provider server_meth;
- const char* tls_version;
- } params[] = {
-#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
- defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
- { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" },
-#ifdef WOLFSSL_DTLS13
- { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" },
-#endif
-#endif
-#ifndef WOLFSSL_NO_TLS12
- { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" },
-#ifdef WOLFSSL_DTLS
- { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" },
-#endif
-#endif
-#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
- !defined(NO_DES3))
- { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" },
-#ifdef WOLFSSL_DTLS
- { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" },
-#endif
-#endif
- };
-
- const int paramsLen = sizeof(params)/sizeof(*params);
- int i, j;
+ int j;
/* Clear cache before starting */
wolfSSL_CTX_flush_sessions(NULL, -1);
@@ -8345,234 +8751,358 @@ static int test_wolfSSL_CTX_add_session_ext(void)
return BAD_MUTEX_E;
server_sessionCache.capacity = SESSION_CACHE_SIZE;
- for (i = 0; i < paramsLen; i++) {
- fprintf(stderr, "\tBegin %s\n", params[i].tls_version);
- for (j = 0; j < 5; j++) {
- int tls13 = XSTRSTR(params[i].tls_version, "TLSv1_3") != NULL;
- int dtls = XSTRSTR(params[i].tls_version, "DTLS") != NULL;
- test_ssl_cbf client_cb;
- test_ssl_cbf server_cb;
-
- (void)dtls;
-
- /* Test five cache configurations */
- twcase_client_first_session_ptr = NULL;
- twcase_server_first_session_ptr = NULL;
- twcase_server_current_ctx_ptr = NULL;
- twcase_new_session_called = 0;
- twcase_remove_session_called = 0;
- twcase_get_session_called = 0;
-
- /* connection 1 - first connection */
- fprintf(stderr, "\tconnect: %s: j=%d, methodsLen=%d\n",
- params[i].tls_version, j, paramsLen);
-
- XMEMSET(&client_cb, 0, sizeof(callback_functions));
- XMEMSET(&server_cb, 0, sizeof(callback_functions));
- client_cb.method = params[i].client_meth;
- server_cb.method = params[i].server_meth;
-
- if (dtls)
- client_cb.doUdp = server_cb.doUdp = 1;
+ fprintf(stderr, "\tBegin %s\n", param->tls_version);
+ for (j = 0; j < 5; j++) {
+ int tls13 = XSTRSTR(param->tls_version, "TLSv1_3") != NULL;
+ int dtls = XSTRSTR(param->tls_version, "DTLS") != NULL;
+ test_ssl_cbf client_cb;
+ test_ssl_cbf server_cb;
+
+ (void)dtls;
+
+ /* Test five cache configurations */
+ twcase_client_first_session_ptr = NULL;
+ twcase_server_first_session_ptr = NULL;
+ twcase_server_current_ctx_ptr = NULL;
+ twcase_new_session_called = 0;
+ twcase_remove_session_called = 0;
+ twcase_get_session_called = 0;
+
+ /* connection 1 - first connection */
+ fprintf(stderr, "\tconnect: %s: j=%d\n", param->tls_version, j);
+
+ XMEMSET(&client_cb, 0, sizeof(client_cb));
+ XMEMSET(&server_cb, 0, sizeof(server_cb));
+ client_cb.method = param->client_meth;
+ server_cb.method = param->server_meth;
+
+ if (dtls)
+ client_cb.doUdp = server_cb.doUdp = 1;
+
+ /* Setup internal and external cache */
+ switch (j) {
+ case 0:
+ /* SSL_OP_NO_TICKET stateful ticket case */
+ server_cb.ctx_ready = twcase_cache_intOn_extOn_noTicket;
+ break;
+ case 1:
+ server_cb.ctx_ready = twcase_cache_intOn_extOn;
+ break;
+ case 2:
+ server_cb.ctx_ready = twcase_cache_intOff_extOn;
+ break;
+ case 3:
+ server_cb.ctx_ready = twcase_cache_intOn_extOff;
+ break;
+ case 4:
+ server_cb.ctx_ready = twcase_cache_intOff_extOff;
+ break;
+ }
+ client_cb.ctx_ready = twcase_cache_intOff_extOff;
- /* Setup internal and external cache */
- switch (j) {
- case 0:
- /* SSL_OP_NO_TICKET stateful ticket case */
- server_cb.ctx_ready = twcase_cache_intOn_extOn_noTicket;
- break;
- case 1:
- server_cb.ctx_ready = twcase_cache_intOn_extOn;
- break;
- case 2:
- server_cb.ctx_ready = twcase_cache_intOff_extOn;
- break;
- case 3:
- server_cb.ctx_ready = twcase_cache_intOn_extOff;
- break;
- case 4:
- server_cb.ctx_ready = twcase_cache_intOff_extOff;
- break;
- }
- client_cb.ctx_ready = twcase_cache_intOff_extOff;
+ /* Add session to internal cache and save SSL session for testing */
+ server_cb.on_result = twcase_server_sess_ctx_pre_shutdown;
+ /* Save client SSL session for testing */
+ client_cb.on_result = twcase_client_sess_ctx_pre_shutdown;
+ server_cb.ticNoInit = 1; /* Use default builtin */
+ /* Don't free/release ctx */
+ server_cb.ctx = twcase_server_current_ctx_ptr;
+ server_cb.isSharedCtx = 1;
- /* Add session to internal cache and save SSL session for testing */
- server_cb.on_result = twcase_server_sess_ctx_pre_shutdown;
- /* Save client SSL session for testing */
- client_cb.on_result = twcase_client_sess_ctx_pre_shutdown;
- server_cb.ticNoInit = 1; /* Use default builtin */
- /* Don't free/release ctx */
- server_cb.ctx = twcase_server_current_ctx_ptr;
- server_cb.isSharedCtx = 1;
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
+ &server_cb, NULL), TEST_SUCCESS);
- ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
- &server_cb, NULL), TEST_SUCCESS);
+ ExpectIntEQ(twcase_get_session_called, 0);
+ if (EXPECT_FAIL()) {
+ wolfSSL_SESSION_free(twcase_client_first_session_ptr);
+ wolfSSL_SESSION_free(twcase_server_first_session_ptr);
+ wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
+ break;
+ }
- ExpectIntEQ(twcase_get_session_called, 0);
- if (EXPECT_FAIL()) {
- wolfSSL_SESSION_free(twcase_client_first_session_ptr);
- wolfSSL_SESSION_free(twcase_server_first_session_ptr);
- wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
+ switch (j) {
+ case 0:
+ case 1:
+ case 2:
+ /* cache cannot be searched with out a connection */
+ /* Add a new session */
+ ExpectIntEQ(twcase_new_session_called, 1);
+ /* In twcase_server_sess_ctx_pre_shutdown
+ * wolfSSL_CTX_add_session which evicts the existing session
+ * in cache and adds it back in */
+ ExpectIntLE(twcase_remove_session_called, 1);
break;
- }
-
- switch (j) {
- case 0:
- case 1:
- case 2:
- /* cache cannot be searched with out a connection */
- /* Add a new session */
- ExpectIntEQ(twcase_new_session_called, 1);
- /* In twcase_server_sess_ctx_pre_shutdown
- * wolfSSL_CTX_add_session which evicts the existing session
- * in cache and adds it back in */
- ExpectIntLE(twcase_remove_session_called, 1);
- break;
- case 3:
- case 4:
- /* no external cache */
- ExpectIntEQ(twcase_new_session_called, 0);
- ExpectIntEQ(twcase_remove_session_called, 0);
- break;
- }
+ case 3:
+ case 4:
+ /* no external cache */
+ ExpectIntEQ(twcase_new_session_called, 0);
+ ExpectIntEQ(twcase_remove_session_called, 0);
+ break;
+ }
- /* connection 2 - session resume */
- fprintf(stderr, "\tresume: %s: j=%d, methodsLen=%d\n",
- params[i].tls_version, j, paramsLen);
- twcase_new_session_called = 0;
- twcase_remove_session_called = 0;
- twcase_get_session_called = 0;
- server_cb.on_result = 0;
- client_cb.on_result = 0;
- server_cb.ticNoInit = 1; /* Use default builtin */
+ /* connection 2 - session resume */
+ fprintf(stderr, "\tresume: %s: j=%d\n", param->tls_version, j);
+ twcase_new_session_called = 0;
+ twcase_remove_session_called = 0;
+ twcase_get_session_called = 0;
+ server_cb.on_result = 0;
+ client_cb.on_result = 0;
+ server_cb.ticNoInit = 1; /* Use default builtin */
- server_cb.ctx = twcase_server_current_ctx_ptr;
+ server_cb.ctx = twcase_server_current_ctx_ptr;
- /* try session resumption */
- client_cb.ssl_ready = twcase_client_set_sess_ssl_ready;
+ /* try session resumption */
+ client_cb.ssl_ready = twcase_client_set_sess_ssl_ready;
- ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
- &server_cb, NULL), TEST_SUCCESS);
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
+ &server_cb, NULL), TEST_SUCCESS);
- /* Clear cache before checking */
- wolfSSL_CTX_flush_sessions(NULL, -1);
+ /* Clear cache before checking */
+ wolfSSL_CTX_flush_sessions(NULL, -1);
- switch (j) {
- case 0:
- if (tls13) {
- /* (D)TLSv1.3 stateful case */
- /* cache hit */
- /* DTLS accesses cache once for stateless parsing and
- * once for stateful parsing */
- ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+ switch (j) {
+ case 0:
+ if (tls13) {
+ /* (D)TLSv1.3 stateful case */
+ /* cache hit */
+ /* DTLS accesses cache once for stateless parsing and
+ * once for stateful parsing */
+ ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
- /* (D)TLSv1.3 creates a new ticket,
- * updates both internal and external cache */
- ExpectIntEQ(twcase_new_session_called, 1);
- ExpectIntEQ(twcase_remove_session_called, 1);
+ /* (D)TLSv1.3 creates a new ticket,
+ * updates both internal and external cache */
+ ExpectIntEQ(twcase_new_session_called, 1);
+ /* A new session ID is created for a new ticket */
+ ExpectIntEQ(twcase_remove_session_called, 2);
- }
- else {
- /* non (D)TLSv1.3 case, no update */
- /* DTLS accesses cache once for stateless parsing and
- * once for stateful parsing */
+ }
+ else {
+ /* non (D)TLSv1.3 case, no update */
+ /* DTLS accesses cache once for stateless parsing and
+ * once for stateful parsing */
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
- ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+ ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
#else
- ExpectIntEQ(twcase_get_session_called, 1);
+ ExpectIntEQ(twcase_get_session_called, 1);
#endif
- ExpectIntEQ(twcase_new_session_called, 0);
- /* Called on session added in
- * twcase_server_sess_ctx_pre_shutdown */
- ExpectIntEQ(twcase_remove_session_called, 1);
- }
- break;
- case 1:
- if (tls13) {
- /* (D)TLSv1.3 case */
- /* cache hit */
- ExpectIntEQ(twcase_get_session_called, 1);
- /* (D)TLSv1.3 creates a new ticket,
- * updates both internal and external cache */
- ExpectIntEQ(twcase_new_session_called, 1);
- /* Called on session added in
- * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
- ExpectIntEQ(twcase_remove_session_called, 1);
- }
- else {
- /* non (D)TLSv1.3 case */
- /* cache hit */
- /* DTLS accesses cache once for stateless parsing and
- * once for stateful parsing */
+ ExpectIntEQ(twcase_new_session_called, 0);
+ /* Called on session added in
+ * twcase_server_sess_ctx_pre_shutdown */
+ ExpectIntEQ(twcase_remove_session_called, 1);
+ }
+ break;
+ case 1:
+ if (tls13) {
+ /* (D)TLSv1.3 case */
+ /* cache hit */
+ ExpectIntEQ(twcase_get_session_called, 1);
+ /* (D)TLSv1.3 creates a new ticket,
+ * updates both internal and external cache */
+ ExpectIntEQ(twcase_new_session_called, 1);
+ /* Called on session added in
+ * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
+ ExpectIntEQ(twcase_remove_session_called, 1);
+ }
+ else {
+ /* non (D)TLSv1.3 case */
+ /* cache hit */
+ /* DTLS accesses cache once for stateless parsing and
+ * once for stateful parsing */
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
- ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+ ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
#else
- ExpectIntEQ(twcase_get_session_called, 1);
+ ExpectIntEQ(twcase_get_session_called, 1);
#endif
- ExpectIntEQ(twcase_new_session_called, 0);
- /* Called on session added in
- * twcase_server_sess_ctx_pre_shutdown */
- ExpectIntEQ(twcase_remove_session_called, 1);
- }
- break;
- case 2:
- if (tls13) {
- /* (D)TLSv1.3 case */
- /* cache hit */
- ExpectIntEQ(twcase_get_session_called, 1);
- /* (D)TLSv1.3 creates a new ticket,
- * updates both internal and external cache */
- ExpectIntEQ(twcase_new_session_called, 1);
- /* Called on session added in
- * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
- ExpectIntEQ(twcase_remove_session_called, 1);
- }
- else {
- /* non (D)TLSv1.3 case */
- /* cache hit */
- /* DTLS accesses cache once for stateless parsing and
- * once for stateful parsing */
+ ExpectIntEQ(twcase_new_session_called, 0);
+ /* Called on session added in
+ * twcase_server_sess_ctx_pre_shutdown */
+ ExpectIntEQ(twcase_remove_session_called, 1);
+ }
+ break;
+ case 2:
+ if (tls13) {
+ /* (D)TLSv1.3 case */
+ /* cache hit */
+ ExpectIntEQ(twcase_get_session_called, 1);
+ /* (D)TLSv1.3 creates a new ticket,
+ * updates both internal and external cache */
+ ExpectIntEQ(twcase_new_session_called, 1);
+ /* Called on session added in
+ * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
+ ExpectIntEQ(twcase_remove_session_called, 1);
+ }
+ else {
+ /* non (D)TLSv1.3 case */
+ /* cache hit */
+ /* DTLS accesses cache once for stateless parsing and
+ * once for stateful parsing */
#ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
- ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+ ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
#else
- ExpectIntEQ(twcase_get_session_called, 1);
+ ExpectIntEQ(twcase_get_session_called, 1);
#endif
- ExpectIntEQ(twcase_new_session_called, 0);
- /* Called on session added in
- * twcase_server_sess_ctx_pre_shutdown */
- ExpectIntEQ(twcase_remove_session_called, 1);
- }
- break;
- case 3:
- case 4:
- /* no external cache */
- ExpectIntEQ(twcase_get_session_called, 0);
ExpectIntEQ(twcase_new_session_called, 0);
- ExpectIntEQ(twcase_remove_session_called, 0);
- break;
- }
- wolfSSL_SESSION_free(twcase_client_first_session_ptr);
- wolfSSL_SESSION_free(twcase_server_first_session_ptr);
- wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
-
- if (EXPECT_FAIL())
+ /* Called on session added in
+ * twcase_server_sess_ctx_pre_shutdown */
+ ExpectIntEQ(twcase_remove_session_called, 1);
+ }
+ break;
+ case 3:
+ case 4:
+ /* no external cache */
+ ExpectIntEQ(twcase_get_session_called, 0);
+ ExpectIntEQ(twcase_new_session_called, 0);
+ ExpectIntEQ(twcase_remove_session_called, 0);
break;
}
- twcase_get_sessionCb_cleanup();
- XMEMSET(&server_sessionCache.entries, 0,
- sizeof(server_sessionCache.entries));
- fprintf(stderr, "\tEnd %s\n", params[i].tls_version);
+ wolfSSL_SESSION_free(twcase_client_first_session_ptr);
+ wolfSSL_SESSION_free(twcase_server_first_session_ptr);
+ wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
if (EXPECT_FAIL())
break;
}
+ twcase_get_sessionCb_cleanup();
+ XMEMSET(&server_sessionCache.entries, 0,
+ sizeof(server_sessionCache.entries));
+ fprintf(stderr, "\tEnd %s\n", param->tls_version);
+
wc_FreeMutex(&server_sessionCache.htLock);
- res = EXPECT_RESULT();
-#endif
- return res;
+ return EXPECT_RESULT();
}
+#endif
+static int test_wolfSSL_CTX_add_session_ext_tls13(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+ defined(HAVE_SESSION_TICKET) && \
+ !defined(TITAN_SESSION_CACHE) && \
+ !defined(HUGE_SESSION_CACHE) && \
+ !defined(BIG_SESSION_CACHE) && \
+ !defined(MEDIUM_SESSION_CACHE)
+#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
+ defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
+ struct test_add_session_ext_params param[1] = {
+ { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" }
+ };
+ ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_dtls13(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+ defined(HAVE_SESSION_TICKET) && \
+ !defined(TITAN_SESSION_CACHE) && \
+ !defined(HUGE_SESSION_CACHE) && \
+ !defined(BIG_SESSION_CACHE) && \
+ !defined(MEDIUM_SESSION_CACHE)
+#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
+ defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
+#ifdef WOLFSSL_DTLS13
+ struct test_add_session_ext_params param[1] = {
+ { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" }
+ };
+ ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_tls12(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+ defined(HAVE_SESSION_TICKET) && \
+ !defined(TITAN_SESSION_CACHE) && \
+ !defined(HUGE_SESSION_CACHE) && \
+ !defined(BIG_SESSION_CACHE) && \
+ !defined(MEDIUM_SESSION_CACHE)
+#ifndef WOLFSSL_NO_TLS12
+ struct test_add_session_ext_params param[1] = {
+ { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" }
+ };
+ ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_dtls12(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+ defined(HAVE_SESSION_TICKET) && \
+ !defined(TITAN_SESSION_CACHE) && \
+ !defined(HUGE_SESSION_CACHE) && \
+ !defined(BIG_SESSION_CACHE) && \
+ !defined(MEDIUM_SESSION_CACHE)
+#ifndef WOLFSSL_NO_TLS12
+#ifdef WOLFSSL_DTLS
+ struct test_add_session_ext_params param[1] = {
+ { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" }
+ };
+ ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_tls11(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+ defined(HAVE_SESSION_TICKET) && \
+ !defined(TITAN_SESSION_CACHE) && \
+ !defined(HUGE_SESSION_CACHE) && \
+ !defined(BIG_SESSION_CACHE) && \
+ !defined(MEDIUM_SESSION_CACHE)
+#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
+ !defined(NO_DES3))
+ struct test_add_session_ext_params param[1] = {
+ { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" }
+ };
+ ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_dtls1(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+ defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+ defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+ defined(HAVE_SESSION_TICKET) && \
+ !defined(TITAN_SESSION_CACHE) && \
+ !defined(HUGE_SESSION_CACHE) && \
+ !defined(BIG_SESSION_CACHE) && \
+ !defined(MEDIUM_SESSION_CACHE)
+#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
+ !defined(NO_DES3))
+#ifdef WOLFSSL_DTLS
+ struct test_add_session_ext_params param[1] = {
+ { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" }
+ };
+ ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+#endif
+ return EXPECT_RESULT();
+}
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
/* canned export of a session using older version 3 */
@@ -8632,9 +9162,8 @@ static unsigned char version_3[] = {
static int test_wolfSSL_dtls_export(void)
{
- int res = TEST_SKIPPED;
-#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
tcp_ready ready;
func_args client_args;
func_args server_args;
@@ -8779,7 +9308,7 @@ static int test_wolfSSL_dtls_export(void)
ExpectIntGT(wolfSSL_dtls_export_state_only(ssl, window, &windowSz), 0);
wolfSSL_free(ssl);
- for (i = 1; i < server_args.argc; i++) {
+ for (i = 1; EXPECT_SUCCESS() && i < server_args.argc; i++) {
/* restore state */
ExpectNotNull(ssl = wolfSSL_new(ctx));
ExpectIntGT(wolfSSL_dtls_import(ssl, session, sessionSz), 0);
@@ -8806,14 +9335,11 @@ static int test_wolfSSL_dtls_export(void)
fdOpenSession(Task_self());
#endif
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
-
#if defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_NO_TLS12)
#ifdef WOLFSSL_TLS13
static const byte canned_client_tls13_session[] = {
@@ -9064,11 +9590,7 @@ static THREAD_RETURN WOLFSSL_THREAD tls_export_server(void* args)
if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) {
/*err_sys("SSL_write failed");*/
-#ifdef WOLFSSL_TIRTOS
- return;
-#else
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#ifdef WOLFSSL_TIRTOS
@@ -9102,9 +9624,7 @@ done:
#endif
#endif
-#ifndef WOLFSSL_TIRTOS
- return 0;
-#endif
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
@@ -9308,9 +9828,8 @@ static void test_wolfSSL_client_server(callback_functions* client_callbacks,
#ifdef HAVE_SNI
static int test_wolfSSL_UseSNI_params(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_WOLFSSL_CLIENT)
EXPECT_DECLS;
+#if !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
@@ -9332,11 +9851,9 @@ static int test_wolfSSL_UseSNI_params(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT */
- return res;
+ return EXPECT_RESULT();
}
/* BEGIN of connection tests callbacks */
@@ -9449,89 +9966,117 @@ static int test_wolfSSL_UseSNI_connection(void)
callback_functions client_cb;
callback_functions server_cb;
size_t i;
-
+#ifdef WOLFSSL_STATIC_MEMORY
+ byte cliMem[TEST_TLS_STATIC_MEMSZ];
+ byte svrMem[TEST_TLS_STATIC_MEMSZ];
+#endif
struct {
method_provider client_meth;
method_provider server_meth;
+ #ifdef WOLFSSL_STATIC_MEMORY
+ wolfSSL_method_func client_meth_ex;
+ wolfSSL_method_func server_meth_ex;
+ #endif
} methods[] = {
#if defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_TLS13)
- {wolfSSLv23_client_method, wolfSSLv23_server_method},
+ {wolfSSLv23_client_method, wolfSSLv23_server_method
+ #ifdef WOLFSSL_STATIC_MEMORY
+ ,wolfSSLv23_client_method_ex, wolfSSLv23_server_method_ex
+ #endif
+ },
#endif
#ifndef WOLFSSL_NO_TLS12
- {wolfTLSv1_2_client_method, wolfTLSv1_2_server_method},
+ {wolfTLSv1_2_client_method, wolfTLSv1_2_server_method
+ #ifdef WOLFSSL_STATIC_MEMORY
+ ,wolfTLSv1_2_client_method_ex, wolfTLSv1_2_server_method_ex
+ #endif
+ },
#endif
#ifdef WOLFSSL_TLS13
- {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method},
+ {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method
+ #ifdef WOLFSSL_STATIC_MEMORY
+ ,wolfTLSv1_3_client_method_ex, wolfTLSv1_3_server_method_ex
+ #endif
+ },
#endif
};
+ size_t methodsSz = sizeof(methods) / sizeof(*methods);
- for (i = 0; i < (sizeof(methods)/sizeof(*methods)); i++) {
- XMEMSET(&client_cb, 0, sizeof(callback_functions));
- XMEMSET(&server_cb, 0, sizeof(callback_functions));
- client_cb.method = methods[i].client_meth;
- server_cb.method = methods[i].server_meth;
- client_cb.devId = testDevId;
- server_cb.devId = testDevId;
-
- /* success case at ctx */
- printf("success case at ctx\n");
- client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
- server_cb.ctx_ready = use_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* success case at ssl */
- printf("success case at ssl\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_SNI_at_ssl; client_cb.on_result = verify_SNI_real_matching;
- server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_real_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* default mismatch behavior */
- printf("default mismatch behavior\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = verify_FATAL_ERROR_on_client;
- server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_UNKNOWN_SNI_on_server;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* continue on mismatch */
- printf("continue on mismatch\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
- server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_cb.on_result = verify_SNI_no_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* fake answer on mismatch */
- printf("fake answer on mismatch\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
- server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_cb.on_result = verify_SNI_fake_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* sni abort - success */
- printf("sni abort - success\n");
- client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
- server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* sni abort - abort when absent (ctx) */
- printf("sni abort - abort when absent (ctx)\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
- server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* sni abort - abort when absent (ssl) */
- printf("sni abort - abort when absent (ssl)\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
- server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_MANDATORY_SNI_at_ssl; server_cb.on_result = verify_SNI_ABSENT_on_server;
- test_wolfSSL_client_server(&client_cb, &server_cb);
-
- /* sni abort - success when overwritten */
- printf("sni abort - success when overwritten\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
- server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_no_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
+ for (i = 0; i < methodsSz; i++) {
+ XMEMSET(&client_cb, 0, sizeof(callback_functions));
+ XMEMSET(&server_cb, 0, sizeof(callback_functions));
+ client_cb.method = methods[i].client_meth;
+ server_cb.method = methods[i].server_meth;
+ client_cb.devId = testDevId;
+ server_cb.devId = testDevId;
+ #ifdef WOLFSSL_STATIC_MEMORY
+ client_cb.method_ex = methods[i].client_meth_ex;
+ server_cb.method_ex = methods[i].server_meth_ex;
+ client_cb.mem = cliMem;
+ client_cb.memSz = (word32)sizeof(cliMem);
+ server_cb.mem = svrMem;
+ server_cb.memSz = (word32)sizeof(svrMem);;
+ #endif
- /* sni abort - success when allowing mismatches */
- printf("sni abort - success when allowing mismatches\n");
- client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
- server_cb.ctx_ready = use_PSEUDO_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_fake_matching;
- test_wolfSSL_client_server(&client_cb, &server_cb);
+ /* success case at ctx */
+ fprintf(stderr, "\n\tsuccess case at ctx\n");
+ client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
+ server_cb.ctx_ready = use_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* success case at ssl */
+ fprintf(stderr, "\tsuccess case at ssl\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_SNI_at_ssl; client_cb.on_result = verify_SNI_real_matching;
+ server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_real_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* default mismatch behavior */
+ fprintf(stderr, "\tdefault mismatch behavior\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = verify_FATAL_ERROR_on_client;
+ server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_UNKNOWN_SNI_on_server;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* continue on mismatch */
+ fprintf(stderr, "\tcontinue on mismatch\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
+ server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_cb.on_result = verify_SNI_no_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* fake answer on mismatch */
+ fprintf(stderr, "\tfake answer on mismatch\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
+ server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_cb.on_result = verify_SNI_fake_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* sni abort - success */
+ fprintf(stderr, "\tsni abort - success\n");
+ client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
+ server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* sni abort - abort when absent (ctx) */
+ fprintf(stderr, "\tsni abort - abort when absent (ctx)\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
+ server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* sni abort - abort when absent (ssl) */
+ fprintf(stderr, "\tsni abort - abort when absent (ssl)\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
+ server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_MANDATORY_SNI_at_ssl; server_cb.on_result = verify_SNI_ABSENT_on_server;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* sni abort - success when overwritten */
+ fprintf(stderr, "\tsni abort - success when overwritten\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
+ server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_no_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* sni abort - success when allowing mismatches */
+ fprintf(stderr, "\tsni abort - success when allowing mismatches\n");
+ client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
+ server_cb.ctx_ready = use_PSEUDO_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_fake_matching;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
}
res = TEST_RES_CHECK(1);
@@ -9607,7 +10152,7 @@ static int test_wolfSSL_SNI_GetFromBuffer(void)
byte buff5[] = { /* SSL v2.0 client hello */
0x00, 0x2b, 0x01, 0x03, 0x01, 0x00, 0x09, 0x00, 0x00,
- /* dummy bytes bellow, just to pass size check */
+ /* dummy bytes below, just to pass size check */
0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
@@ -9678,13 +10223,120 @@ static int test_wolfSSL_SNI_GetFromBuffer(void)
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
+
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
+ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+/* Dummy peer functions to satisfy the exporter/importer */
+static int test_wolfSSL_dtls_export_peers_get_peer(WOLFSSL* ssl, char* ip,
+ int* ipSz, unsigned short* port, int* fam)
+{
+ (void)ssl;
+ ip[0] = -1;
+ *ipSz = 1;
+ *port = 1;
+ *fam = 2;
+ return 1;
+}
+
+static int test_wolfSSL_dtls_export_peers_set_peer(WOLFSSL* ssl, char* ip,
+ int ipSz, unsigned short port, int fam)
+{
+ (void)ssl;
+ if (ip[0] != -1 || ipSz != 1 || port != 1 || fam != 2)
+ return 0;
+ return 1;
+}
+
+static int test_wolfSSL_dtls_export_peers_on_handshake(WOLFSSL_CTX **ctx,
+ WOLFSSL **ssl)
+{
+ EXPECT_DECLS;
+ unsigned char* sessionBuf = NULL;
+ unsigned int sessionSz = 0;
+ void* ioWriteCtx = wolfSSL_GetIOWriteCtx(*ssl);
+ void* ioReadCtx = wolfSSL_GetIOReadCtx(*ssl);
+
+ wolfSSL_CTX_SetIOGetPeer(*ctx, test_wolfSSL_dtls_export_peers_get_peer);
+ wolfSSL_CTX_SetIOSetPeer(*ctx, test_wolfSSL_dtls_export_peers_set_peer);
+ ExpectIntGE(wolfSSL_dtls_export(*ssl, NULL, &sessionSz), 0);
+ ExpectNotNull(sessionBuf =
+ (unsigned char*)XMALLOC(sessionSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntGE(wolfSSL_dtls_export(*ssl, sessionBuf, &sessionSz), 0);
+ wolfSSL_free(*ssl);
+ *ssl = NULL;
+ ExpectNotNull(*ssl = wolfSSL_new(*ctx));
+ ExpectIntGE(wolfSSL_dtls_import(*ssl, sessionBuf, sessionSz), 0);
+ wolfSSL_SetIOWriteCtx(*ssl, ioWriteCtx);
+ wolfSSL_SetIOReadCtx(*ssl, ioReadCtx);
+
+ XFREE(sessionBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ return EXPECT_RESULT();
+}
+#endif
+
+static int test_wolfSSL_dtls_export_peers(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
+ defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+ test_ssl_cbf client_cbf;
+ test_ssl_cbf server_cbf;
+ size_t i, j;
+ struct test_params {
+ method_provider client_meth;
+ method_provider server_meth;
+ const char* dtls_version;
+ } params[] = {
+#ifndef NO_OLD_TLS
+ {wolfDTLSv1_client_method, wolfDTLSv1_server_method, "1.0"},
+#endif
+ {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "1.2"},
+ /* TODO DTLS 1.3 exporting not supported
+#ifdef WOLFSSL_DTLS13
+ {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "1.3"},
+#endif
+ */
+ };
+
+ for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
+ for (j = 0; j <= 0b11; j++) {
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+
+ printf("\n\tTesting DTLS %s connection;", params[i].dtls_version);
+
+ client_cbf.method = params[i].client_meth;
+ server_cbf.method = params[i].server_meth;
+
+ if (j & 0b01) {
+ client_cbf.on_handshake =
+ test_wolfSSL_dtls_export_peers_on_handshake;
+ printf(" With client export;");
+ }
+ if (j & 0b10) {
+ server_cbf.on_handshake =
+ test_wolfSSL_dtls_export_peers_on_handshake;
+ printf(" With server export;");
+ }
+
+ printf("\n");
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+ &server_cbf, NULL), TEST_SUCCESS);
+ if (!EXPECT_SUCCESS())
+ break;
+ }
+ }
+#endif
+ return EXPECT_RESULT();
+}
+
static int test_wolfSSL_UseTrustedCA(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
&& !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
byte id[20];
@@ -9726,21 +10378,18 @@ static int test_wolfSSL_UseTrustedCA(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* HAVE_TRUSTED_CA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_UseMaxFragment(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#else
@@ -9812,20 +10461,17 @@ static int test_wolfSSL_UseMaxFragment(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_UseTruncatedHMAC(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
#ifndef NO_WOLFSSL_SERVER
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
#else
@@ -9852,19 +10498,16 @@ static int test_wolfSSL_UseTruncatedHMAC(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_UseSupportedCurve(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
@@ -9888,11 +10531,9 @@ static int test_wolfSSL_UseSupportedCurve(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
@@ -10029,6 +10670,60 @@ static void verify_ALPN_client_list(WOLFSSL* ssl)
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_FreePeerProtocol(ssl, &clist));
}
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
+
+/* ALPN select callback, success with spdy/2 */
+static int select_ALPN_spdy2(WOLFSSL *ssl, const unsigned char **out,
+ unsigned char *outlen, const unsigned char *in,
+ unsigned int inlen, void *arg)
+{
+ /* spdy/2 */
+ const char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
+
+ (void)ssl;
+ (void)arg;
+
+ /* adding +1 since LEN byte comes first */
+ if (inlen < sizeof(proto) + 1) {
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+
+ if (XMEMCMP(in + 1, proto, sizeof(proto)) == 0) {
+ *out = in + 1;
+ *outlen = (unsigned char)sizeof(proto);
+ return SSL_TLSEXT_ERR_OK;
+ }
+
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+
+/* ALPN select callback, force failure */
+static int select_ALPN_failure(WOLFSSL *ssl, const unsigned char **out,
+ unsigned char *outlen, const unsigned char *in,
+ unsigned int inlen, void *arg)
+{
+ (void)ssl;
+ (void)out;
+ (void)outlen;
+ (void)in;
+ (void)inlen;
+ (void)arg;
+
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+
+static void use_ALPN_spdy2_callback(WOLFSSL* ssl)
+{
+ wolfSSL_set_alpn_select_cb(ssl, select_ALPN_spdy2, NULL);
+}
+
+static void use_ALPN_failure_callback(WOLFSSL* ssl)
+{
+ wolfSSL_set_alpn_select_cb(ssl, select_ALPN_failure, NULL);
+}
+#endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY | QUIC */
+
static int test_wolfSSL_UseALPN_connection(void)
{
int res = TEST_SKIPPED;
@@ -10084,6 +10779,30 @@ static int test_wolfSSL_UseALPN_connection(void)
server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_unknown; server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client;
test_wolfSSL_client_server(&client_cb, &server_cb);
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+ defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
+
+ /* WOLFSSL-level ALPN select callback tests */
+ /* Callback: success (one protocol, spdy/2) */
+ client_cb.ctx_ready = NULL;
+ client_cb.ssl_ready = use_ALPN_one;
+ client_cb.on_result = verify_ALPN_matching_spdy2;
+ server_cb.ctx_ready = NULL;
+ server_cb.ssl_ready = use_ALPN_spdy2_callback;
+ server_cb.on_result = verify_ALPN_matching_spdy2;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+ /* Callback: failure (one client protocol, spdy/2) */
+ client_cb.ctx_ready = NULL;
+ client_cb.ssl_ready = use_ALPN_one;
+ client_cb.on_result = NULL;
+ server_cb.ctx_ready = NULL;
+ server_cb.ssl_ready = use_ALPN_failure_callback;
+ server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client;
+ test_wolfSSL_client_server(&client_cb, &server_cb);
+
+#endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY */
+
res = TEST_RES_CHECK(1);
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
return res;
@@ -10091,9 +10810,8 @@ static int test_wolfSSL_UseALPN_connection(void)
static int test_wolfSSL_UseALPN_params(void)
{
- int res = TEST_SKIPPED;
-#ifndef NO_WOLFSSL_CLIENT
EXPECT_DECLS;
+#ifndef NO_WOLFSSL_CLIENT
/* "http/1.1" */
char http1[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
/* "spdy/1" */
@@ -10162,10 +10880,8 @@ static int test_wolfSSL_UseALPN_params(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* HAVE_ALPN */
@@ -10273,9 +10989,8 @@ static int test_wolfSSL_set_alpn_protos(void)
static int test_wolfSSL_DisableExtendedMasterSecret(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
EXPECT_DECLS;
+#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
@@ -10292,17 +11007,14 @@ static int test_wolfSSL_DisableExtendedMasterSecret(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT)
EXPECT_DECLS;
+#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
@@ -10319,21 +11031,18 @@ static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Test reconnecting with a different ciphersuite after a renegotiation. */
static int test_wolfSSL_SCR_Reconnect(void)
{
- int res = TEST_SKIPPED;
-
+ EXPECT_DECLS;
#if defined(HAVE_SECURE_RENEGOTIATION) && \
defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) && \
- defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256)
- EXPECT_DECLS;
+ defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) && \
+ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
@@ -10372,10 +11081,8 @@ static int test_wolfSSL_SCR_Reconnect(void)
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_s);
wolfSSL_CTX_free(ctx_c);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \
@@ -10418,10 +11125,9 @@ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
*/
static int test_tls_ext_duplicate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \
!defined(NO_FILESYSTEM)
- EXPECT_DECLS;
const unsigned char clientHelloDupTlsExt[] = {
0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00,
0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
@@ -10484,10 +11190,8 @@ static int test_tls_ext_duplicate(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
@@ -10495,12 +11199,11 @@ static int test_tls_ext_duplicate(void)
*----------------------------------------------------------------------------*/
static int test_wolfSSL_X509_NAME_get_entry(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA)
#if defined(OPENSSL_ALL) || \
(defined(OPENSSL_EXTRA) && \
(defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)))
- EXPECT_DECLS;
/* use openssl like name to test mapping */
X509_NAME_ENTRY* ne;
X509_NAME* name;
@@ -10550,18 +11253,16 @@ static int test_wolfSSL_X509_NAME_get_entry(void)
ExpectNotNull(ne = X509_NAME_get_entry(name, idx));
ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne));
wolfSSL_FreeX509(x509);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_ALL || (OPENSSL_EXTRA && (KEEP_PEER_CERT || SESSION_CERTS) */
#endif /* !NO_CERTS && !NO_RSA */
- return res;
+ return EXPECT_RESULT();
}
/* Testing functions dealing with PKCS12 parsing out X509 certs */
static int test_wolfSSL_PKCS12(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
/* .p12 file is encrypted with DES3 */
#ifndef HAVE_FIPS /* Password used in cert "wolfSSL test" is only 12-bytes
* (96-bit) FIPS mode requires Minimum of 14-byte (112-bit)
@@ -10570,7 +11271,6 @@ static int test_wolfSSL_PKCS12(void)
#if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
!defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \
!defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO)
- EXPECT_DECLS;
byte buf[6000];
char file[] = "./certs/test-servercert.p12";
char order[] = "./certs/ecc-rsa-server.p12";
@@ -10899,7 +11599,7 @@ static int test_wolfSSL_PKCS12(void)
ExpectNull(pkey);
ExpectNull(cert);
- /* check parse iwth not extra certs kept */
+ /* check parse with not extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL),
WOLFSSL_SUCCESS);
ExpectNotNull(pkey);
@@ -10912,7 +11612,7 @@ static int test_wolfSSL_PKCS12(void)
/* check parse with extra certs kept */
ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
- WOLFSSL_SUCCESS);;
+ WOLFSSL_SUCCESS);
ExpectNotNull(pkey);
ExpectNotNull(cert);
ExpectNotNull(ca);
@@ -10945,11 +11645,9 @@ static int test_wolfSSL_PKCS12(void)
BIO_free(bio);
(void)order;
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
#endif /* HAVE_FIPS */
- return res;
+ return EXPECT_RESULT();
}
@@ -10981,16 +11679,15 @@ static WC_INLINE int FailTestCallBack(char* passwd, int sz, int rw, void* userda
static int test_wolfSSL_no_password_cb(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \
&& defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
byte buff[FOURK_BUF];
const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der";
const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem";
XFILE f = XBADFILE;
- int bytes;
+ int bytes = 0;
#ifndef NO_WOLFSSL_CLIENT
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLS_client_method()));
@@ -11021,10 +11718,8 @@ static int test_wolfSSL_no_password_cb(void)
/* Password callback should not be called by default */
ExpectIntEQ(failTestCallbackCalled, 0);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifdef TEST_PKCS8_ENC
@@ -11054,11 +11749,10 @@ static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata)
/* Testing functions dealing with PKCS8 */
static int test_wolfSSL_PKCS8(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \
!defined(WOLFCRYPT_ONLY)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
byte buff[FOURK_BUF];
byte der[FOURK_BUF];
#ifndef NO_RSA
@@ -11260,20 +11954,17 @@ static int test_wolfSSL_PKCS8(void)
#endif /* HAVE_ECC */
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* !NO_FILESYSTEM && !NO_ASN && HAVE_PKCS8 */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_ED25519(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED25519) && \
defined(HAVE_ED25519_KEY_IMPORT)
- EXPECT_DECLS;
const byte encPrivKey[] = \
"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
"MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAheCGLmWGh7+AICCAAw\n"
@@ -11299,20 +11990,17 @@ static int test_wolfSSL_PKCS8_ED25519(void)
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_ED448(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED448) && \
defined(HAVE_ED448_KEY_IMPORT)
- EXPECT_DECLS;
const byte encPrivKey[] = \
"-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
"MIGrMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAjSbZKnG4EPggICCAAw\n"
@@ -11338,19 +12026,16 @@ static int test_wolfSSL_PKCS8_ED448(void)
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Testing functions dealing with PKCS5 */
static int test_wolfSSL_PKCS5(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
#ifdef HAVE_FIPS /* Password minimum length is 14 (112-bit) in FIPS MODE */
const char* passwd = "myfipsPa$$W0rd";
#else
@@ -11373,20 +12058,17 @@ static int test_wolfSSL_PKCS5(void)
#endif
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SHA) */
- return res;
+ return EXPECT_RESULT();
}
/* test parsing URI from certificate */
static int test_wolfSSL_URI(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
&& (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \
defined(OPENSSL_EXTRA))
- EXPECT_DECLS;
WOLFSSL_X509* x509 = NULL;
const char uri[] = "./certs/client-uri-cert.pem";
const char urn[] = "./certs/client-absolute-urn.pem";
@@ -11411,19 +12093,16 @@ static int test_wolfSSL_URI(void)
WOLFSSL_FILETYPE_PEM));
#endif
wolfSSL_FreeX509(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_TBS(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
&& defined(OPENSSL_EXTRA)
- EXPECT_DECLS;
WOLFSSL_X509* x509 = NULL;
const unsigned char* tbs;
int tbsSz;
@@ -11437,18 +12116,15 @@ static int test_wolfSSL_TBS(void)
ExpectIntEQ(tbsSz, 1003);
wolfSSL_FreeX509(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_verify(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
- && defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
+ defined(OPENSSL_EXTRA)
WOLFSSL_X509* ca = NULL;
WOLFSSL_X509* serv = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
@@ -11456,24 +12132,24 @@ static int test_wolfSSL_X509_verify(void)
const unsigned char* pt = NULL;
int bufSz;
- ExpectNotNull(ca =
- wolfSSL_X509_load_certificate_file(caCertFile, WOLFSSL_FILETYPE_PEM));
+ ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(caCertFile,
+ WOLFSSL_FILETYPE_PEM));
ExpectIntNE(wolfSSL_X509_get_pubkey_buffer(NULL, buf, &bufSz),
- WOLFSSL_SUCCESS);
+ WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, NULL, &bufSz),
- WOLFSSL_SUCCESS);
+ WOLFSSL_SUCCESS);
ExpectIntEQ(bufSz, 294);
bufSz = 2048;
ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, buf, &bufSz),
- WOLFSSL_SUCCESS);
+ WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_X509_get_pubkey_type(NULL), WOLFSSL_FAILURE);
ExpectIntEQ(wolfSSL_X509_get_pubkey_type(ca), RSAk);
- ExpectNotNull(serv =
- wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM));
+ ExpectNotNull(serv = wolfSSL_X509_load_certificate_file(svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
/* success case */
pt = buf;
@@ -11488,7 +12164,7 @@ static int test_wolfSSL_X509_verify(void)
/* fail case */
bufSz = 2048;
ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(serv, buf, &bufSz),
- WOLFSSL_SUCCESS);
+ WOLFSSL_SUCCESS);
pt = buf;
ExpectNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz));
ExpectIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_FAILURE);
@@ -11499,10 +12175,8 @@ static int test_wolfSSL_X509_verify(void)
wolfSSL_FreeX509(ca);
wolfSSL_FreeX509(serv);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
@@ -11600,11 +12274,10 @@ static int test_set_override_x509(WOLFSSL_CTX* ctx)
static int test_wolfSSL_X509_TLS_version_test_1(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
- EXPECT_DECLS;
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
@@ -11632,25 +12305,22 @@ static int test_wolfSSL_X509_TLS_version_test_1(void)
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_TLS_version_test_2(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
- EXPECT_DECLS;
test_ssl_cbf func_cb_client;
test_ssl_cbf func_cb_server;
- XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
- XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
func_cb_client.ctx_ready = &test_set_x509_badversion;
func_cb_server.ctx_ready = &test_set_override_x509;
@@ -11668,11 +12338,9 @@ static int test_wolfSSL_X509_TLS_version_test_2(void)
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_SUCCESS);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Testing function wolfSSL_CTX_SetMinVersion; sets the minimum downgrade
@@ -11732,10 +12400,9 @@ static int test_wolfSSL_CTX_SetMinVersion(void)
*/
static int test_wolfSSL_UseOCSPStapling(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
@@ -11766,11 +12433,9 @@ static int test_wolfSSL_UseOCSPStapling(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
-} /*END test_wolfSSL_UseOCSPStapling */
+ return EXPECT_RESULT();
+} /* END test_wolfSSL_UseOCSPStapling */
/* Testing OCSP stapling version 2, wolfSSL_UseOCSPStaplingV2 function. OCSP
@@ -11780,10 +12445,9 @@ static int test_wolfSSL_UseOCSPStapling(void)
*/
static int test_wolfSSL_UseOCSPStaplingV2(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
@@ -11814,10 +12478,8 @@ static int test_wolfSSL_UseOCSPStaplingV2(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wolfSSL_UseOCSPStaplingV2 */
@@ -11826,10 +12488,9 @@ static int test_wolfSSL_UseOCSPStaplingV2(void)
*----------------------------------------------------------------------------*/
static int test_wolfSSL_mcast(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST) && \
(defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER))
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
byte preMasterSecret[512];
@@ -11857,11 +12518,9 @@ static int test_wolfSSL_mcast(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST && (WOLFSSL_TLS13 ||
* WOLFSSL_SNIFFER) */
- return res;
+ return EXPECT_RESULT();
}
@@ -11874,186 +12533,89 @@ static int test_wolfSSL_mcast(void)
*/
static int test_wc_InitBlake2b(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_BLAKE2
Blake2b blake;
- int ret = 0;
/* Test good arg. */
- ret = wc_InitBlake2b(&blake, 64);
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitBlake2b(&blake, 64), 0);
/* Test bad arg. */
- if (!ret) {
- ret = wc_InitBlake2b(NULL, 64);
- if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
-
- if (!ret) {
- ret = wc_InitBlake2b(NULL, 128);
- if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
-
- if (!ret) {
- ret = wc_InitBlake2b(&blake, 128);
- if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
-
- if (!ret) {
- ret = wc_InitBlake2b(NULL, 0);
- if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
-
- if (!ret) {
- ret = wc_InitBlake2b(&blake, 0);
- if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
-
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitBlake2b(NULL, 64), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2b(NULL, 128), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2b(&blake, 128), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2b(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2b(&blake, 0), BAD_FUNC_ARG);
#endif
- return res;
-} /*END test_wc_InitBlake2b*/
+ return EXPECT_RESULT();
+} /* END test_wc_InitBlake2b*/
/*
* Unit test for the wc_InitBlake2b_WithKey()
*/
static int test_wc_InitBlake2b_WithKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_BLAKE2
Blake2b blake;
word32 digestSz = BLAKE2B_KEYBYTES;
byte key[BLAKE2B_KEYBYTES];
word32 keylen = BLAKE2B_KEYBYTES;
- int ret = 0;
XMEMSET(key, 0, sizeof(key));
/* Test good arg. */
- ret = wc_InitBlake2b_WithKey(&blake, digestSz, key, keylen);
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, keylen), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_InitBlake2b_WithKey(NULL, digestSz, key, keylen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_InitBlake2b_WithKey(&blake, digestSz, key, 256);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_InitBlake2b_WithKey(&blake, digestSz, NULL, keylen);
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitBlake2b_WithKey(NULL, digestSz, key, keylen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, 256),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, NULL, keylen), 0);
#endif
- return res;
-} /*END wc_InitBlake2b_WithKey*/
+ return EXPECT_RESULT();
+} /* END wc_InitBlake2b_WithKey*/
/*
* Unit test for the wc_InitBlake2s_WithKey()
*/
static int test_wc_InitBlake2s_WithKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_BLAKE2S
Blake2s blake;
word32 digestSz = BLAKE2S_KEYBYTES;
byte *key = (byte*)"01234567890123456789012345678901";
word32 keylen = BLAKE2S_KEYBYTES;
- int ret = 0;
/* Test good arg. */
- ret = wc_InitBlake2s_WithKey(&blake, digestSz, key, keylen);
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, keylen), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_InitBlake2s_WithKey(NULL, digestSz, key, keylen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_InitBlake2s_WithKey(&blake, digestSz, key, 256);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_InitBlake2s_WithKey(&blake, digestSz, NULL, keylen);
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitBlake2s_WithKey(NULL, digestSz, key, keylen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, 256),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, NULL, keylen), 0);
#endif
- return res;
-} /*END wc_InitBlake2s_WithKey*/
+ return EXPECT_RESULT();
+} /* END wc_InitBlake2s_WithKey*/
/*
* Unit test for the wc_InitMd5()
*/
static int test_wc_InitMd5(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_MD5
wc_Md5 md5;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitMd5(&md5);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitMd5(&md5), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitMd5(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitMd5(NULL), BAD_FUNC_ARG);
wc_Md5Free(&md5);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitMd5 */
@@ -12062,97 +12624,44 @@ static int test_wc_InitMd5(void)
*/
static int test_wc_Md5Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_MD5
wc_Md5 md5;
byte hash[WC_MD5_DIGEST_SIZE];
testVector a, b, c;
- int ret;
- int flag = 0;
- ret = wc_InitMd5(&md5);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitMd5(&md5), 0);
/* Input */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Md5Final(&md5, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Md5Final(&md5, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
- "\x72";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Md5Final(&md5, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- /*Pass in bad values. */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_MD5_DIGEST_SIZE;
-
- ret = wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ a.input = "abc";
+ a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
+ "\x72";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen), 0);
+ ExpectIntEQ(wc_Md5Final(&md5, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0);
- if (!flag) {
- ret = wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* Pass in bad values. */
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = WC_MD5_DIGEST_SIZE;
+ ExpectIntEQ(wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Md5Free(&md5);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Md5Update() */
@@ -12161,7 +12670,7 @@ static int test_wc_Md5Update(void)
*/
static int test_wc_Md5Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_MD5
/* Instantiate */
wc_Md5 md5;
@@ -12169,59 +12678,27 @@ static int test_wc_Md5Final(void)
byte hash1[WC_MD5_DIGEST_SIZE];
byte hash2[2*WC_MD5_DIGEST_SIZE];
byte hash3[5*WC_MD5_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitMd5(&md5);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitMd5(&md5), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test)/sizeof(byte*);
-
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Md5Final(&md5, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Md5Final(&md5, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag) {
- ret = wc_Md5Final(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Md5Final(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Md5Final(&md5, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Md5Final(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Md5Final(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Md5Final(&md5, NULL), BAD_FUNC_ARG);
wc_Md5Free(&md5);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
}
/*
@@ -12229,32 +12706,18 @@ static int test_wc_Md5Final(void)
*/
static int test_wc_InitSha(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA
wc_Sha sha;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha(&sha);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha(&sha), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha(NULL), BAD_FUNC_ARG);
wc_ShaFree(&sha);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_InitSha */
/*
@@ -12262,108 +12725,48 @@ static int test_wc_InitSha(void)
*/
static int test_wc_ShaUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA
wc_Sha sha;
byte hash[WC_SHA_DIGEST_SIZE];
testVector a, b, c;
- int flag = 0;
- int ret;
- ret = wc_InitSha(&sha);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha(&sha), 0);
/* Input. */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
- ret = wc_ShaUpdate(&sha, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_ShaUpdate(&sha, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_ShaFinal(&sha, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_ShaUpdate(&sha, NULL, 0), 0);
+ ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
- "\x6C\x9C\xD0\xD8\x9D";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_ShaFinal(&sha, hash);
- if (ret !=0) {
- flag = ret;
- }
- }
+ a.input = "abc";
+ a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
+ "\x6C\x9C\xD0\xD8\x9D";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0);
/* Try passing in bad values. */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA_DIGEST_SIZE;
-
- ret = wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = WC_SHA_DIGEST_SIZE;
+ ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_ShaFree(&sha);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_ShaUpdate() */
@@ -12372,66 +12775,34 @@ static int test_wc_ShaUpdate(void)
*/
static int test_wc_ShaFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA
wc_Sha sha;
byte* hash_test[3];
byte hash1[WC_SHA_DIGEST_SIZE];
byte hash2[2*WC_SHA_DIGEST_SIZE];
byte hash3[5*WC_SHA_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
-
- /*Initialize*/
- ret = wc_InitSha(&sha);
- if (ret) {
- flag = ret;
- }
+ int times, i;
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ /* Initialize*/
+ ExpectIntEQ(wc_InitSha(&sha), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test)/sizeof(byte*);
-
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_ShaFinal(&sha, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ShaFinal(&sha, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag) {
- ret = wc_ShaFinal(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_ShaFinal(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_ShaFinal(&sha, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ShaFinal(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ShaFinal(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ShaFinal(&sha, NULL), BAD_FUNC_ARG);
wc_ShaFree(&sha);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ShaFinal */
@@ -12440,31 +12811,18 @@ static int test_wc_ShaFinal(void)
*/
static int test_wc_InitSha256(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha256(&sha256);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha256(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha256(NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitSha256 */
@@ -12473,109 +12831,53 @@ static int test_wc_InitSha256(void)
*/
static int test_wc_Sha256Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
byte hash[WC_SHA256_DIGEST_SIZE];
+ byte hash_unaligned[WC_SHA256_DIGEST_SIZE+1];
testVector a, b, c;
- int ret;
- int flag = 0;
- ret = wc_InitSha256(&sha256);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
/* Input. */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Sha256Update(&sha256, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha256Update(&sha256, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256Final(&sha256, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Sha256Update(&sha256, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
- "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
- "\x15\xAD";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256Final(&sha256, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "abc";
+ a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+ "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+ "\x15\xAD";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* Unaligned check. */
+ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input+1, (word32)a.inLen-1),
+ 0);
+ ExpectIntEQ(wc_Sha256Final(&sha256, hash_unaligned + 1), 0);
/* Try passing in bad values */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA256_DIGEST_SIZE;
-
- ret = wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = WC_SHA256_DIGEST_SIZE;
+ ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha256Update */
@@ -12584,74 +12886,41 @@ static int test_wc_Sha256Update(void)
*/
static int test_wc_Sha256Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
byte* hash_test[3];
byte hash1[WC_SHA256_DIGEST_SIZE];
byte hash2[2*WC_SHA256_DIGEST_SIZE];
byte hash3[5*WC_SHA256_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha256(&sha256);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha256Final(&sha256, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha256Final(&sha256, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag ) {
- ret = wc_Sha256Final(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256Final(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256Final(&sha256, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha256Final(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Final(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Final(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha256Final */
/*
* Unit test function for wc_Sha256FinalRaw()
*/
static int test_wc_Sha256FinalRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_SHA256) && !defined(HAVE_SELFTEST) && !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \
!defined(WOLFSSL_NO_HASH_RAW)
@@ -12660,59 +12929,27 @@ static int test_wc_Sha256FinalRaw(void)
byte hash1[WC_SHA256_DIGEST_SIZE];
byte hash2[2*WC_SHA256_DIGEST_SIZE];
byte hash3[5*WC_SHA256_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha256(&sha256);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha256FinalRaw(&sha256, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha256FinalRaw(&sha256, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag) {
- ret = wc_Sha256FinalRaw(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256FinalRaw(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha256FinalRaw(&sha256, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha256FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256FinalRaw(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha256FinalRaw */
/*
@@ -12720,28 +12957,20 @@ static int test_wc_Sha256FinalRaw(void)
*/
static int test_wc_Sha256GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_SHA256) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha256 sha256;
word32 flags = 0;
- int flag = 0;
/* Initialize */
- flag = wc_InitSha256(&sha256);
- if (flag == 0) {
- flag = wc_Sha256GetFlags(&sha256, &flags);
- }
- if (flag == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
- wc_Sha256Free(&sha256);
+ ExpectIntEQ(wc_Sha256GetFlags(&sha256, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
- res = TEST_RES_CHECK(flag == 0);
+ wc_Sha256Free(&sha256);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha256GetFlags */
/*
@@ -12749,136 +12978,84 @@ static int test_wc_Sha256GetFlags(void)
*/
static int test_wc_Sha256Free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256Free(NULL);
-
- res = TEST_RES_CHECK(1);
+ /* Set result to SUCCESS. */
+ ExpectTrue(1);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha256Free */
/*
* Unit test function for wc_Sha256GetHash()
*/
static int test_wc_Sha256GetHash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
byte hash1[WC_SHA256_DIGEST_SIZE];
- int flag = 0;
/* Initialize */
- flag = wc_InitSha256(&sha256);
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
- if (flag == 0) {
- flag = wc_Sha256GetHash(&sha256, hash1);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha256GetHash(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha256GetHash(NULL, hash1);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha256GetHash(&sha256, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_Sha256GetHash(&sha256, hash1), 0);
- wc_Sha256Free(&sha256);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha256GetHash(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256GetHash(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256GetHash(&sha256, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(flag == 0);
+ wc_Sha256Free(&sha256);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha256GetHash */
/*
* Unit test function for wc_Sha256Copy()
*/
static int test_wc_Sha256Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_SHA256
wc_Sha256 sha256;
wc_Sha256 temp;
- int flag = 0;
+
+ XMEMSET(&sha256, 0, sizeof(sha256));
+ XMEMSET(&temp, 0, sizeof(temp));
/* Initialize */
- flag = wc_InitSha256(&sha256);
- if (flag == 0) {
- flag = wc_InitSha256(&temp);
- }
- if (flag == 0) {
- flag = wc_Sha256Copy(&sha256, &temp);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha256Copy(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha256Copy(NULL, &temp);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha256Copy(&sha256, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha256(&sha256), 0);
+ ExpectIntEQ(wc_InitSha256(&temp), 0);
+
+ ExpectIntEQ(wc_Sha256Copy(&sha256, &temp), 0);
+
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha256Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Copy(NULL, &temp), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Copy(&sha256, NULL), BAD_FUNC_ARG);
wc_Sha256Free(&sha256);
wc_Sha256Free(&temp);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha256Copy */
/*
* Testing wc_InitSha512()
*/
static int test_wc_InitSha512(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha512(&sha512);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha512(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha512(NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_InitSha512 */
@@ -12887,115 +13064,63 @@ static int test_wc_InitSha512(void)
*/
static int test_wc_Sha512Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
+ byte hash_unaligned[WC_SHA512_DIGEST_SIZE + 1];
testVector a, b, c;
- int ret;
- int flag = 0;
- ret = wc_InitSha512(&sha512);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
/* Input. */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Sha512Update(&sha512, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512Update(&sha512,(byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512Final(&sha512, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Sha512Update(&sha512, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha512Update(&sha512,(byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
- "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b"
- "\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c"
- "\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a"
- "\x9a\xc9\x4f\xa5\x4c\xa4\x9f";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "abc";
+ a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+ "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b"
+ "\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c"
+ "\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a"
+ "\x9a\xc9\x4f\xa5\x4c\xa4\x9f";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen), 0);
+ ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0);
- if (!flag) {
- ret = wc_Sha512Final(&sha512, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE), 0);
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* Unaligned check. */
+ ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input+1, (word32)a.inLen-1),
+ 0);
+ ExpectIntEQ(wc_Sha512Final(&sha512, hash_unaligned+1), 0);
/* Try passing in bad values */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA512_DIGEST_SIZE;
-
- ret = wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = WC_SHA512_DIGEST_SIZE;
+ ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512Update */
#ifdef WOLFSSL_SHA512
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
(!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
-/* Perfoms test for
+/* Performs test for
* - wc_Sha512Final/wc_Sha512FinalRaw
* - wc_Sha512_224Final/wc_Sha512_224Final
* - wc_Sha512_256Final/wc_Sha512_256Final
@@ -13007,12 +13132,13 @@ static int test_wc_Sha512Update(void)
*/
static int test_Sha512_Family_Final(int type, int isRaw)
{
+ EXPECT_DECLS;
wc_Sha512 sha512;
byte* hash_test[3];
byte hash1[WC_SHA512_DIGEST_SIZE];
byte hash2[2*WC_SHA512_DIGEST_SIZE];
byte hash3[5*WC_SHA512_DIGEST_SIZE];
- int times, i, ret;
+ int times, i;
int(*initFp)(wc_Sha512*);
int(*finalFp)(wc_Sha512*, byte*);
@@ -13056,41 +13182,25 @@ static int test_Sha512_Family_Final(int type, int isRaw)
return TEST_FAIL;
/* Initialize */
- ret = initFp(&sha512);
-
- if (!ret) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(initFp(&sha512), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte *);
/* Good test args. */
- for (i = 0; i < times && ret == 0; i++) {
- ret = finalFp(&sha512, hash_test[i]);
+ for (i = 0; i < times; i++) {
+ ExpectIntEQ(finalFp(&sha512, hash_test[i]), 0);
}
/* Test bad args. */
- if (!ret) {
- if (finalFp(NULL, NULL) != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (!ret) {
- if (finalFp(NULL, hash1) != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!ret) {
- if (finalFp(&sha512, NULL) != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(finalFp(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(finalFp(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(finalFp(&sha512, NULL), BAD_FUNC_ARG);
freeFp(&sha512);
- return ret;
+ return EXPECT_RESULT();
}
#endif /* !HAVE_FIPS && !HAVE_SELFTEST &&
(!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */
@@ -13100,100 +13210,61 @@ static int test_Sha512_Family_Final(int type, int isRaw)
*/
static int test_wc_Sha512Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte* hash_test[3];
byte hash1[WC_SHA512_DIGEST_SIZE];
byte hash2[2*WC_SHA512_DIGEST_SIZE];
byte hash3[5*WC_SHA512_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha512(&sha512);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte *);
-
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha512Final(&sha512, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- /* Test bad args. */
- if (!flag) {
- ret = wc_Sha512Final(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_Sha512Final(&sha512, hash_test[i]), 0);
}
- if (!flag) {
- ret = wc_Sha512Final(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha512Final(&sha512, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_Sha512Final(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Final(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Final(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512Final */
/*
* Unit test function for wc_Sha512GetFlags()
*/
static int test_wc_Sha512GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha512 sha512;
word32 flags = 0;
- int flag = 0;
/* Initialize */
- flag = wc_InitSha512(&sha512);
- if (flag == 0) {
- flag = wc_Sha512GetFlags(&sha512, &flags);
- }
- if (flag == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
- wc_Sha512Free(&sha512);
+ ExpectIntEQ(wc_Sha512GetFlags(&sha512, &flags), 0);
+ ExpectIntEQ((flags & WC_HASH_FLAG_ISCOPY), 0);
- res = TEST_RES_CHECK(flag == 0);
+ wc_Sha512Free(&sha512);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512GetFlags */
/*
* Unit test function for wc_Sha512FinalRaw()
*/
static int test_wc_Sha512FinalRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(WOLFSSL_SHA512) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \
!defined(WOLFSSL_NO_HASH_RAW)
@@ -13202,60 +13273,28 @@ static int test_wc_Sha512FinalRaw(void)
byte hash1[WC_SHA512_DIGEST_SIZE];
byte hash2[2*WC_SHA512_DIGEST_SIZE];
byte hash3[5*WC_SHA512_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha512(&sha512);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
/* Good test args. */
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha512FinalRaw(&sha512, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha512FinalRaw(&sha512, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag ) {
- ret = wc_Sha512FinalRaw(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha512FinalRaw(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha512FinalRaw(&sha512, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha512FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512FinalRaw(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512FinalRaw */
/*
@@ -13263,13 +13302,13 @@ static int test_wc_Sha512FinalRaw(void)
*/
static int test_wc_Sha512Free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512Free(NULL);
-
- res = TEST_RES_CHECK(1);
+ /* Set result to SUCCESS. */
+ ExpectTrue(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512Free */
#ifdef WOLFSSL_SHA512
@@ -13277,7 +13316,7 @@ static int test_wc_Sha512Free(void)
(!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
static int test_Sha512_Family_GetHash(int type )
{
- int flag = 0;
+ EXPECT_DECLS;
int(*initFp)(wc_Sha512*);
int(*ghashFp)(wc_Sha512*, byte*);
wc_Sha512 sha512;
@@ -13309,32 +13348,16 @@ static int test_Sha512_Family_GetHash(int type )
if (initFp == NULL || ghashFp == NULL)
return TEST_FAIL;
- if (!flag) {
- flag = initFp(&sha512);
- }
-
- if (!flag) {
- flag = ghashFp(&sha512, hash1);
- }
+ ExpectIntEQ(initFp(&sha512), 0);
+ ExpectIntEQ(ghashFp(&sha512, hash1), 0);
- /*test bad arguments*/
- if (!flag) {
- if (ghashFp(NULL, NULL) != BAD_FUNC_ARG )
- flag = WOLFSSL_FATAL_ERROR;
- }
-
- if (!flag) {
- if (ghashFp(NULL, hash1) != BAD_FUNC_ARG )
- flag = WOLFSSL_FATAL_ERROR;
- }
-
- if (!flag) {
- if (ghashFp(&sha512, NULL) != BAD_FUNC_ARG )
- flag = WOLFSSL_FATAL_ERROR;
- }
+ /* test bad arguments*/
+ ExpectIntEQ(ghashFp(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(ghashFp(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(ghashFp(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
- return flag;
+ return EXPECT_RESULT();
}
#endif /* !HAVE_FIPS && !HAVE_SELFTEST &&
(!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */
@@ -13344,43 +13367,24 @@ static int test_Sha512_Family_GetHash(int type )
*/
static int test_wc_Sha512GetHash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
byte hash1[WC_SHA512_DIGEST_SIZE];
- int flag = 0;
/* Initialize */
- flag = wc_InitSha512(&sha512);
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
- if (flag == 0) {
- flag = wc_Sha512GetHash(&sha512, hash1);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha512GetHash(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha512GetHash(NULL, hash1);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha512GetHash(&sha512, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_Sha512GetHash(&sha512, hash1), 0);
- wc_Sha512Free(&sha512);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha512GetHash(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512GetHash(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512GetHash(&sha512, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(flag == 0);
+ wc_Sha512Free(&sha512);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512GetHash */
/*
@@ -13388,552 +13392,365 @@ static int test_wc_Sha512GetHash(void)
*/
static int test_wc_Sha512Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
wc_Sha512 temp;
- int flag;
+
+ XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+ XMEMSET(&temp, 0, sizeof(wc_Sha512));
/* Initialize */
- flag = wc_InitSha512(&sha512);
- if (flag == 0) {
- flag = wc_InitSha512(&temp);
- }
- if (flag == 0) {
- flag = wc_Sha512Copy(&sha512, &temp);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha512Copy(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha512Copy(NULL, &temp);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha512Copy(&sha512, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha512(&sha512), 0);
+ ExpectIntEQ(wc_InitSha512(&temp), 0);
+
+ ExpectIntEQ(wc_Sha512Copy(&sha512, &temp), 0);
+
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha512Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Copy(NULL, &temp), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Copy(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512Free(&sha512);
wc_Sha512Free(&temp);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha512Copy */
static int test_wc_InitSha512_224(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512 sha512;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha512_224(&sha512);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha512_224(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha512_224(NULL), BAD_FUNC_ARG);
wc_Sha512_224Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
testVector a, c;
- int ret;
- int flag = 0;
- ret = wc_InitSha512_224(&sha512);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
/* Input. */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Sha512_224Update(&sha512, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512_224Update(&sha512,(byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512_224Final(&sha512, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Sha512_224Update(&sha512, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha512_224Update(&sha512,(byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen),
+ 0);
+ ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08"
- "\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa";
-
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha512_224Final(&sha512, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA512_224_DIGEST_SIZE;
-
- ret = wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ a.input = "abc";
+ a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08"
+ "\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen),
+ 0);
+ ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE), 0);
- if (!flag) {
- ret = wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ c.input = NULL;
+ c.inLen = WC_SHA512_224_DIGEST_SIZE;
+ ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Sha512_224Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
- int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0),
+ TEST_SUCCESS);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && defined(WOLFSSL_HASH_FLAGS)
- wc_Sha512 sha512, copy;
+ wc_Sha512 sha512;
+ wc_Sha512 copy;
word32 flags = 0;
- int flag = 0;
+
+ XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+ XMEMSET(&copy, 0, sizeof(wc_Sha512));
/* Initialize */
- flag = wc_InitSha512_224(&sha512);
- if (!flag) {
- flag = wc_InitSha512_224(&copy);
- }
- if (!flag) {
- flag = wc_Sha512_224Copy(&sha512, &copy);
- }
- if (!flag) {
- flag = wc_Sha512_224GetFlags(&copy, &flags);
- }
- if (!flag) {
- if (flags & WC_HASH_FLAG_ISCOPY)
- flag = 0;
- else
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
+ ExpectIntEQ(wc_InitSha512_224(&copy), 0);
+
+ ExpectIntEQ(wc_Sha512_224GetFlags(&sha512, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
+
+ ExpectIntEQ(wc_Sha512_224Copy(&sha512, &copy), 0);
+ ExpectIntEQ(wc_Sha512_224GetFlags(&copy, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY);
+
wc_Sha512_224Free(&copy);
wc_Sha512_224Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224FinalRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && \
!defined(WOLFSSL_NO_HASH_RAW)
- int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1),
+ TEST_SUCCESS);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224Free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512_224Free(NULL);
-
- res = TEST_RES_CHECK(1);
+ /* Set result to SUCCESS. */
+ ExpectTrue(1);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224GetHash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
- int ret = test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224),
+ TEST_SUCCESS);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_224Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
wc_Sha512 sha512;
wc_Sha512 temp;
- int flag = 0;
+
+ XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+ XMEMSET(&temp, 0, sizeof(wc_Sha512));
/* Initialize */
- flag = wc_InitSha512_224(&sha512);
- if (flag == 0) {
- flag = wc_InitSha512_224(&temp);
- }
- if (flag == 0) {
- flag = wc_Sha512_224Copy(&sha512, &temp);
- }
- /*test bad arguments*/
- if (flag == 0) {
- if (wc_Sha512_224Copy(NULL, NULL) != BAD_FUNC_ARG)
- flag = WOLFSSL_FATAL_ERROR;
- }
- if (flag == 0) {
- if (wc_Sha512_224Copy(NULL, &temp) != BAD_FUNC_ARG)
- flag = WOLFSSL_FATAL_ERROR;
- }
- if (flag == 0) {
- if (wc_Sha512_224Copy(&sha512, NULL) != BAD_FUNC_ARG)
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
+ ExpectIntEQ(wc_InitSha512_224(&temp), 0);
+
+ ExpectIntEQ(wc_Sha512_224Copy(&sha512, &temp), 0);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha512_224Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_224Copy(NULL, &temp), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_224Copy(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512_224Free(&sha512);
wc_Sha512_224Free(&temp);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_InitSha512_256(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512 sha512;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha512_256(&sha512);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha512_256(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha512_256(NULL), BAD_FUNC_ARG);
wc_Sha512_256Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512 sha512;
byte hash[WC_SHA512_DIGEST_SIZE];
testVector a, c;
- int ret;
- int flag = 0;
- ret = wc_InitSha512_256(&sha512);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
/* Input. */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Sha512_256Update(&sha512, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512_256Update(&sha512,(byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha512_256Final(&sha512, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Sha512_256Update(&sha512, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha512_256Update(&sha512,(byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen),
+ 0);
+ ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c"
- "\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31"
- "\x07\xe7\xaf\x23";
-
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha512_256Final(&sha512, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA512_256_DIGEST_SIZE;
-
- ret = wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ a.input = "abc";
+ a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c"
+ "\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31"
+ "\x07\xe7\xaf\x23";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen),
+ 0);
+ ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE), 0);
- if (!flag) {
- ret = wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ c.input = NULL;
+ c.inLen = WC_SHA512_256_DIGEST_SIZE;
+ ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Sha512_256Free(&sha512);
-
- res = TEST_RES_CHECK(flag == 0);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
- int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0),
+ TEST_SUCCESS);
#endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha512 sha512, copy;
word32 flags = 0;
- int flag = 0;
+
+ XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+ XMEMSET(&copy, 0, sizeof(wc_Sha512));
/* Initialize */
- flag = wc_InitSha512_256(&sha512);
- if (!flag ) {
- flag = wc_InitSha512_256(&copy);
- }
- if (!flag ) {
- flag = wc_Sha512_256Copy(&sha512, &copy);
- }
- if (!flag ) {
- flag = wc_Sha512_256GetFlags(&copy, &flags);
- }
- if (!flag) {
- if (flags & WC_HASH_FLAG_ISCOPY)
- flag = 0;
- else
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
+ ExpectIntEQ(wc_InitSha512_256(&copy), 0);
- wc_Sha512_256Free(&sha512);
+ ExpectIntEQ(wc_Sha512_256GetFlags(&sha512, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
- res = TEST_RES_CHECK(flag == 0);
+ ExpectIntEQ(wc_Sha512_256Copy(&sha512, &copy), 0);
+ ExpectIntEQ(wc_Sha512_256GetFlags(&copy, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY);
+
+ wc_Sha512_256Free(&sha512);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256FinalRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && \
!defined(WOLFSSL_NO_HASH_RAW)
- int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1),
+ TEST_SUCCESS);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256Free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512_256Free(NULL);
-
- res = TEST_RES_CHECK(1);
+ /* Set result to SUCCESS. */
+ ExpectTrue(1);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256GetHash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
- int ret = test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256),
+ TEST_SUCCESS);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Sha512_256Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
#if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
wc_Sha512 sha512;
wc_Sha512 temp;
- int flag = 0;
+
+ XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+ XMEMSET(&temp, 0, sizeof(wc_Sha512));
/* Initialize */
- flag = wc_InitSha512_256(&sha512);
- if (flag == 0) {
- flag = wc_InitSha512_256(&temp);
- }
- if (flag == 0) {
- flag = wc_Sha512_256Copy(&sha512, &temp);
- }
- /*test bad arguments*/
- if (flag == 0) {
- if (wc_Sha512_256Copy(NULL, NULL) != BAD_FUNC_ARG)
- flag = WOLFSSL_FATAL_ERROR;
- }
- if (flag == 0) {
- if (wc_Sha512_256Copy(NULL, &temp) != BAD_FUNC_ARG)
- flag = WOLFSSL_FATAL_ERROR;
- }
- if (flag == 0) {
- if (wc_Sha512_256Copy(&sha512, NULL) != BAD_FUNC_ARG)
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
+ ExpectIntEQ(wc_InitSha512_256(&temp), 0);
+
+ ExpectIntEQ(wc_Sha512_256Copy(&sha512, &temp), 0);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha512_256Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_256Copy(NULL, &temp), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_256Copy(&sha512, NULL), BAD_FUNC_ARG);
wc_Sha512_256Free(&sha512);
wc_Sha512_256Free(&temp);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
@@ -13943,31 +13760,18 @@ static int test_wc_Sha512_256Copy(void)
*/
static int test_wc_InitSha384(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha384(&sha384);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha384(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha384(NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitSha384 */
@@ -13976,109 +13780,48 @@ static int test_wc_InitSha384(void)
*/
static int test_wc_Sha384Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
byte hash[WC_SHA384_DIGEST_SIZE];
testVector a, b, c;
- int ret;
- int flag = 0;
- ret = wc_InitSha384(&sha384);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
/* Input */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Sha384Update(&sha384, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha384Update(&sha384, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384Final(&sha384, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Sha384Update(&sha384, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
- "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
- "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
- "\xc8\x25\xa7";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384Final(&sha384, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ a.input = "abc";
+ a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+ "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+ "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+ "\xc8\x25\xa7";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0);
/* Pass in bad values. */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA384_DIGEST_SIZE;
-
- ret = wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = WC_SHA384_DIGEST_SIZE;
+ ExpectIntEQ( wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha384Update */
/*
@@ -14086,96 +13829,54 @@ static int test_wc_Sha384Update(void)
*/
static int test_wc_Sha384Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
byte* hash_test[3];
byte hash1[WC_SHA384_DIGEST_SIZE];
byte hash2[2*WC_SHA384_DIGEST_SIZE];
byte hash3[5*WC_SHA384_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha384(&sha384);
- if (ret) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
/* Good test args. */
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha384Final(&sha384, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha384Final(&sha384, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag) {
- ret = wc_Sha384Final(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384Final(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384Final(&sha384, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha384Final(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384Final(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384Final(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha384Final */
/*
* Unit test function for wc_Sha384GetFlags()
*/
static int test_wc_Sha384GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha384 sha384;
word32 flags = 0;
- int flag = 0;
/* Initialize */
- flag = wc_InitSha384(&sha384);
- if (flag == 0) {
- flag = wc_Sha384GetFlags(&sha384, &flags);
- }
- if (flag == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
+ ExpectIntEQ(wc_Sha384GetFlags(&sha384, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
wc_Sha384Free(&sha384);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha384GetFlags */
/*
@@ -14183,7 +13884,7 @@ static int test_wc_Sha384GetFlags(void)
*/
static int test_wc_Sha384FinalRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(WOLFSSL_SHA384) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \
!defined(WOLFSSL_NO_HASH_RAW)
@@ -14192,74 +13893,41 @@ static int test_wc_Sha384FinalRaw(void)
byte hash1[WC_SHA384_DIGEST_SIZE];
byte hash2[2*WC_SHA384_DIGEST_SIZE];
byte hash3[5*WC_SHA384_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha384(&sha384);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
/* Good test args. */
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha384FinalRaw(&sha384, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha384FinalRaw(&sha384, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag ) {
- ret = wc_Sha384FinalRaw(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384FinalRaw(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha384FinalRaw(&sha384, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha384FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384FinalRaw(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha384FinalRaw */
/*
* Unit test function for wc_Sha384Free()
*/
static int test_wc_Sha384Free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384Free(NULL);
-
- res = TEST_RES_CHECK(1);
+ /* Set result to SUCCESS. */
+ ExpectTrue(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha384Free */
/*
@@ -14267,91 +13935,51 @@ static int test_wc_Sha384Free(void)
*/
static int test_wc_Sha384GetHash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
byte hash1[WC_SHA384_DIGEST_SIZE];
- int flag = 0;
/* Initialize */
- flag = wc_InitSha384(&sha384);
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
- if (flag == 0) {
- flag = wc_Sha384GetHash(&sha384, hash1);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha384GetHash(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha384GetHash(NULL, hash1);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha384GetHash(&sha384, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_Sha384GetHash(&sha384, hash1), 0);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha384GetHash(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384GetHash(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384GetHash(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha384GetHash */
/*
* Unit test function for wc_Sha384Copy()
*/
static int test_wc_Sha384Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA384
wc_Sha384 sha384;
wc_Sha384 temp;
- int flag = 0;
+
+ XMEMSET(&sha384, 0, sizeof(wc_Sha384));
+ XMEMSET(&temp, 0, sizeof(wc_Sha384));
/* Initialize */
- flag = wc_InitSha384(&sha384);
- if (flag == 0) {
- flag = wc_InitSha384(&temp);
- }
- if (flag == 0) {
- flag = wc_Sha384Copy(&sha384, &temp);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha384Copy(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha384Copy(NULL, &temp);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha384Copy(&sha384, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha384(&sha384), 0);
+ ExpectIntEQ(wc_InitSha384(&temp), 0);
+
+ ExpectIntEQ(wc_Sha384Copy(&sha384, &temp), 0);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha384Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384Copy(NULL, &temp), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha384Copy(&sha384, NULL), BAD_FUNC_ARG);
wc_Sha384Free(&sha384);
wc_Sha384Free(&temp);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha384Copy */
/*
@@ -14359,31 +13987,18 @@ static int test_wc_Sha384Copy(void)
*/
static int test_wc_InitSha224(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitSha224(&sha224);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitSha224(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitSha224(NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitSha224 */
/*
@@ -14391,108 +14006,46 @@ static int test_wc_InitSha224(void)
*/
static int test_wc_Sha224Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
byte hash[WC_SHA224_DIGEST_SIZE];
testVector a, b, c;
- int ret;
- int flag = 0;
- ret = wc_InitSha224(&sha224);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
/* Input. */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_Sha224Update(&sha224, NULL, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha224Update(&sha224, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
-
- ret = wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha224Final(&sha224, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_Sha224Update(&sha224, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, 0), 0);
+ ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2"
- "\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_Sha224Final(&sha224, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- /* Pass in bad values. */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = WC_SHA224_DIGEST_SIZE;
-
- ret = wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ a.input = "abc";
+ a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2"
+ "\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0);
- if (!flag) {
- ret = wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* Pass in bad values. */
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = WC_SHA224_DIGEST_SIZE;
+ ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha224Update */
/*
@@ -14500,68 +14053,36 @@ static int test_wc_Sha224Update(void)
*/
static int test_wc_Sha224Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
byte* hash_test[3];
byte hash1[WC_SHA224_DIGEST_SIZE];
byte hash2[2*WC_SHA224_DIGEST_SIZE];
byte hash3[5*WC_SHA224_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitSha224(&sha224);
- if (ret) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
/* Good test args. */
/* Testing oversized buffers. */
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_Sha224Final(&sha224, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha224Final(&sha224, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag) {
- ret = wc_Sha224Final(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha224Final(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_Sha224Final(&sha224, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha224Final(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224Final(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224Final(&sha224, NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224Final */
/*
@@ -14569,28 +14090,22 @@ static int test_wc_Sha224Final(void)
*/
static int test_wc_Sha224SetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha224 sha224;
- word32 flags = 0;
- int flag = 0;
+ word32 flags = WC_HASH_FLAG_WILLCOPY;
/* Initialize */
- flag = wc_InitSha224(&sha224);
- if (flag == 0) {
- flag = wc_Sha224SetFlags(&sha224, flags);
- }
- if (flag == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
- wc_Sha224Free(&sha224);
+ ExpectIntEQ(wc_Sha224SetFlags(&sha224, flags), 0);
+ flags = 0;
+ ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0);
+ ExpectTrue(flags == WC_HASH_FLAG_WILLCOPY);
- res = TEST_RES_CHECK(flag == 0);
+ wc_Sha224Free(&sha224);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224SetFlags */
/*
@@ -14598,42 +14113,33 @@ static int test_wc_Sha224SetFlags(void)
*/
static int test_wc_Sha224GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha224 sha224;
word32 flags = 0;
- int flag = 0;
/* Initialize */
- flag = wc_InitSha224(&sha224);
- if (flag == 0) {
- flag = wc_Sha224GetFlags(&sha224, &flags);
- }
- if (flag == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
- wc_Sha224Free(&sha224);
+ ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
- res = TEST_RES_CHECK(flag == 0);
+ wc_Sha224Free(&sha224);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha224GetFlags */
/*
* Unit test function for wc_Sha224Free()
*/
static int test_wc_Sha224Free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224Free(NULL);
-
- res = TEST_RES_CHECK(1);
+ /* Set result to SUCCESS. */
+ ExpectTrue(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224Free */
@@ -14642,43 +14148,23 @@ static int test_wc_Sha224Free(void)
*/
static int test_wc_Sha224GetHash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
byte hash1[WC_SHA224_DIGEST_SIZE];
- int flag = 0;
/* Initialize */
- flag = wc_InitSha224(&sha224);
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
- if (flag == 0) {
- flag = wc_Sha224GetHash(&sha224, hash1);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha224GetHash(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha224GetHash(NULL, hash1);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha224GetHash(&sha224, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_Sha224GetHash(&sha224, hash1), 0);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha224GetHash(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224GetHash(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224GetHash(&sha224, NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224GetHash */
/*
@@ -14686,47 +14172,28 @@ static int test_wc_Sha224GetHash(void)
*/
static int test_wc_Sha224Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHA224
wc_Sha224 sha224;
wc_Sha224 temp;
- int flag = 0;
+
+ XMEMSET(&sha224, 0, sizeof(wc_Sha224));
+ XMEMSET(&temp, 0, sizeof(wc_Sha224));
/* Initialize */
- flag = wc_InitSha224(&sha224);
- if (flag == 0) {
- flag = wc_InitSha224(&temp);
- }
- if (flag == 0) {
- flag = wc_Sha224Copy(&sha224, &temp);
- }
- /*test bad arguments*/
- if (flag == 0) {
- flag = wc_Sha224Copy(NULL, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha224Copy(NULL, &temp);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
- if (flag == 0) {
- flag = wc_Sha224Copy(&sha224, NULL);
- if (flag == BAD_FUNC_ARG) {
- flag = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha224(&sha224), 0);
+ ExpectIntEQ(wc_InitSha224(&temp), 0);
+ ExpectIntEQ(wc_Sha224Copy(&sha224, &temp), 0);
+ /* test bad arguments*/
+ ExpectIntEQ(wc_Sha224Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224Copy(NULL, &temp), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha224Copy(&sha224, NULL), BAD_FUNC_ARG);
wc_Sha224Free(&sha224);
wc_Sha224Free(&temp);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224Copy */
@@ -14735,29 +14202,16 @@ static int test_wc_Sha224Copy(void)
*/
static int test_wc_InitRipeMd(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_RIPEMD
RipeMd ripemd;
- int ret;
- int flag = 0;
/* Test good arg. */
- ret = wc_InitRipeMd(&ripemd);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
/* Test bad arg. */
- if (!flag) {
- ret = wc_InitRipeMd(NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- res = TEST_RES_CHECK(flag == 0);
+ ExpectIntEQ(wc_InitRipeMd(NULL), BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitRipeMd */
@@ -14766,96 +14220,42 @@ static int test_wc_InitRipeMd(void)
*/
static int test_wc_RipeMdUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_RIPEMD
RipeMd ripemd;
byte hash[RIPEMD_DIGEST_SIZE];
testVector a, b, c;
- int ret;
- int flag = 0;
- ret = wc_InitRipeMd(&ripemd);
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
/* Input */
- if (!flag) {
- a.input = "a";
- a.inLen = XSTRLEN(a.input);
-
- ret = wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_RipeMdFinal(&ripemd, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
+ a.input = "a";
+ a.inLen = XSTRLEN(a.input);
+ ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0);
/* Update input. */
- if (!flag) {
- a.input = "abc";
- a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
- "\xb0\x87\xf1\x5a\x0b\xfc";
- a.inLen = XSTRLEN(a.input);
- a.outLen = XSTRLEN(a.output);
-
- ret = wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_RipeMdFinal(&ripemd, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ a.input = "abc";
+ a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
+ "\xb0\x87\xf1\x5a\x0b\xfc";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = XSTRLEN(a.output);
+ ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE), 0);
/* Pass in bad values. */
- if (!flag) {
- b.input = NULL;
- b.inLen = 0;
-
- ret = wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- c.input = NULL;
- c.inLen = RIPEMD_DIGEST_SIZE;
-
- ret = wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- res = TEST_RES_CHECK(flag == 0);
+ b.input = NULL;
+ b.inLen = 0;
+ ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen), 0);
+ c.input = NULL;
+ c.inLen = RIPEMD_DIGEST_SIZE;
+ ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_RipeMdUdpate */
/*
@@ -14863,65 +14263,33 @@ static int test_wc_RipeMdUpdate(void)
*/
static int test_wc_RipeMdFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_RIPEMD
RipeMd ripemd;
byte* hash_test[3];
byte hash1[RIPEMD_DIGEST_SIZE];
byte hash2[2*RIPEMD_DIGEST_SIZE];
byte hash3[5*RIPEMD_DIGEST_SIZE];
- int times, i, ret;
- int flag = 0;
+ int times, i;
/* Initialize */
- ret = wc_InitRipeMd(&ripemd);
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- hash_test[0] = hash1;
- hash_test[1] = hash2;
- hash_test[2] = hash3;
- }
+ ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
+ hash_test[0] = hash1;
+ hash_test[1] = hash2;
+ hash_test[2] = hash3;
times = sizeof(hash_test) / sizeof(byte*);
-
/* Testing oversized buffers. */
for (i = 0; i < times; i++) {
- if (!flag) {
- ret = wc_RipeMdFinal(&ripemd, hash_test[i]);
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash_test[i]), 0);
}
/* Test bad args. */
- if (!flag) {
- ret = wc_RipeMdFinal(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_RipeMdFinal(NULL, hash1);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_RipeMdFinal(&ripemd, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- res = TEST_RES_CHECK(flag == 0);
+ ExpectIntEQ(wc_RipeMdFinal(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RipeMdFinal(NULL, hash1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RipeMdFinal(&ripemd, NULL), BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RipeMdFinal */
@@ -14931,81 +14299,38 @@ static int test_wc_RipeMdFinal(void)
*/
static int test_wc_InitSha3(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3)
wc_Sha3 sha3;
- int ret = 0;
(void)sha3;
- #if !defined(WOLFSSL_NOSHA3_224)
- ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_InitSha3_224(NULL, HEAP_HINT, testDevId);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Sha3_224_Free(&sha3);
- #endif /* NOSHA3_224 */
- #if !defined(WOLFSSL_NOSHA3_256)
- if (ret == 0) {
- ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_InitSha3_256(NULL, HEAP_HINT, testDevId);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Sha3_256_Free(&sha3);
- } /* END sha3_256 */
- #endif /* NOSHA3_256 */
- #if !defined(WOLFSSL_NOSHA3_384)
- if (ret == 0) {
- ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_InitSha3_384(NULL, HEAP_HINT, testDevId);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Sha3_384_Free(&sha3);
- } /* END sha3_384 */
- #endif /* NOSHA3_384 */
- #if !defined(WOLFSSL_NOSHA3_512)
- if (ret == 0) {
- ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_InitSha3_512(NULL, HEAP_HINT, testDevId);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Sha3_512_Free(&sha3);
- } /* END sha3_512 */
- #endif /* NOSHA3_512 */
-
- res = TEST_RES_CHECK(ret == 0);
+#if !defined(WOLFSSL_NOSHA3_224)
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_InitSha3_224(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+ wc_Sha3_224_Free(&sha3);
+#endif /* NOSHA3_224 */
+#if !defined(WOLFSSL_NOSHA3_256)
+ ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_InitSha3_256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+ wc_Sha3_256_Free(&sha3);
+#endif /* NOSHA3_256 */
+#if !defined(WOLFSSL_NOSHA3_384)
+ ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_InitSha3_384(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+ wc_Sha3_384_Free(&sha3);
+#endif /* NOSHA3_384 */
+#if !defined(WOLFSSL_NOSHA3_512)
+ ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_InitSha3_512(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+ wc_Sha3_512_Free(&sha3);
+#endif /* NOSHA3_512 */
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_InitSha3 */
@@ -15014,7 +14339,7 @@ static int test_wc_InitSha3(void)
*/
static int testing_wc_Sha3_Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
!defined(WOLFSSL_AFALG_XILINX)
wc_Sha3 sha3;
@@ -15028,171 +14353,92 @@ static int testing_wc_Sha3_Update(void)
word32 msglen = sizeof(msg) - 1;
word32 msg2len = sizeof(msg2);
word32 msgCmplen = sizeof(msgCmp);
- int ret = 0;
#if !defined(WOLFSSL_NOSHA3_224)
- ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg, msglen), 0);
+ ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+ ExpectTrue(sha3.i == msglen);
+
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
- ret = wc_Sha3_224_Update(&sha3, msg, msglen);
- if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_Sha3_224_Update(&sha3, msg2, msg2len);
- if (ret == 0 && XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Pass bad args. */
- if (ret == 0) {
- ret = wc_Sha3_224_Update(NULL, msg2, msg2len);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_224_Update(&sha3, NULL, 5);
- }
- if (ret == BAD_FUNC_ARG) {
- wc_Sha3_224_Free(&sha3);
- if (wc_InitSha3_224(&sha3, HEAP_HINT, testDevId)) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_224_Update(&sha3, NULL, 0);
- if (ret == 0) {
- ret = wc_Sha3_224_Update(&sha3, msg2, msg2len);
- }
- if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_Sha3_224_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+ wc_Sha3_224_Free(&sha3);
+
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
wc_Sha3_224_Free(&sha3);
#endif /* SHA3_224 */
#if !defined(WOLFSSL_NOSHA3_256)
- if (ret == 0) {
- ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_256_Update(&sha3, msg, msglen);
- if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_Sha3_256_Update(&sha3, msg2, msg2len);
- if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_Sha3_256_Update(NULL, msg2, msg2len);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_256_Update(&sha3, NULL, 5);
- }
- if (ret == BAD_FUNC_ARG) {
- wc_Sha3_256_Free(&sha3);
- if (wc_InitSha3_256(&sha3, HEAP_HINT, testDevId)) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_256_Update(&sha3, NULL, 0);
- if (ret == 0) {
- ret = wc_Sha3_256_Update(&sha3, msg2, msg2len);
- }
- if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- wc_Sha3_256_Free(&sha3);
- }
+ ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg, msglen), 0);
+ ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+ ExpectTrue(sha3.i == msglen);
+
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
+
+ /* Pass bad args. */
+ ExpectIntEQ(wc_Sha3_256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+ wc_Sha3_256_Free(&sha3);
+
+ ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
+ wc_Sha3_256_Free(&sha3);
#endif /* SHA3_256 */
#if !defined(WOLFSSL_NOSHA3_384)
- if (ret == 0) {
- ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_384_Update(&sha3, msg, msglen);
- if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_Sha3_384_Update(&sha3, msg2, msg2len);
- if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_Sha3_384_Update(NULL, msg2, msg2len);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_384_Update(&sha3, NULL, 5);
- }
- if (ret == BAD_FUNC_ARG) {
- wc_Sha3_384_Free(&sha3);
- if (wc_InitSha3_384(&sha3, HEAP_HINT, testDevId)) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_384_Update(&sha3, NULL, 0);
- if (ret == 0) {
- ret = wc_Sha3_384_Update(&sha3, msg2, msg2len);
- }
- if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- wc_Sha3_384_Free(&sha3);
- }
+ ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg, msglen), 0);
+ ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+ ExpectTrue(sha3.i == msglen);
+
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
+
+ /* Pass bad args. */
+ ExpectIntEQ(wc_Sha3_384_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+ wc_Sha3_384_Free(&sha3);
+
+ ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
+ wc_Sha3_384_Free(&sha3);
#endif /* SHA3_384 */
#if !defined(WOLFSSL_NOSHA3_512)
- if (ret == 0) {
- ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_512_Update(&sha3, msg, msglen);
- if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_Sha3_512_Update(&sha3, msg2, msg2len);
- if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_Sha3_512_Update(NULL, msg2, msg2len);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_512_Update(&sha3, NULL, 5);
- }
- if (ret == BAD_FUNC_ARG) {
- wc_Sha3_512_Free(&sha3);
- if (wc_InitSha3_512(&sha3, HEAP_HINT, testDevId)) {
- return TEST_FAIL;
- }
- ret = wc_Sha3_512_Update(&sha3, NULL, 0);
- if (ret == 0) {
- ret = wc_Sha3_512_Update(&sha3, msg2, msg2len);
- }
- if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- wc_Sha3_512_Free(&sha3);
- }
- #endif /* SHA3_512 */
+ ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg, msglen), 0);
+ ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+ ExpectTrue(sha3.i == msglen);
- res = TEST_RES_CHECK(ret == 0);
-#endif /* WOLFSSL_SHA3 */
- return res;
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
+ /* Pass bad args. */
+ ExpectIntEQ(wc_Sha3_512_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+ wc_Sha3_512_Free(&sha3);
+
+ ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 0), 0);
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
+ wc_Sha3_512_Free(&sha3);
+ #endif /* SHA3_512 */
+#endif /* WOLFSSL_SHA3 */
+ return EXPECT_RESULT();
} /* END testing_wc_Sha3_Update */
/*
@@ -15200,7 +14446,7 @@ static int testing_wc_Sha3_Update(void)
*/
static int test_wc_Sha3_224_Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15210,79 +14456,36 @@ static int test_wc_Sha3_224_Final(void)
"\x64\xea\xd0\xfc\xce\x33";
byte hash[WC_SHA3_224_DIGEST_SIZE];
byte hashRet[WC_SHA3_224_DIGEST_SIZE];
- int ret = 0;
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
- ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE), 0);
- ret= wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_224_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_224_Final(NULL, hash);
- if (ret == 0) {
- ret = wc_Sha3_224_Final(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_224_Final(NULL, hash), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_224_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
- if (ret == 0) {
- ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
-
- /* Init stack variables. */
- XMEMSET(hash, 0, sizeof(hash));
- XMEMSET(hashRet, 0, sizeof(hashRet));
-
- ret= wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_224_GetHash(&sha3, hashRet);
- }
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ /* Init stack variables. */
+ XMEMSET(hash, 0, sizeof(hash));
+ XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, hashRet), 0);
+ ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE), 0);
- if (ret == 0) {
- ret = wc_Sha3_224_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- /* Test bad args. */
- ret = wc_Sha3_224_GetHash(NULL, hashRet);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_224_GetHash(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_Sha3_224_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_224_Free(&sha3);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_224_Final */
@@ -15291,7 +14494,7 @@ static int test_wc_Sha3_224_Final(void)
*/
static int test_wc_Sha3_256_Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15301,77 +14504,36 @@ static int test_wc_Sha3_256_Final(void)
"\xdd\x97\x49\x6d\x33\x76";
byte hash[WC_SHA3_256_DIGEST_SIZE];
byte hashRet[WC_SHA3_256_DIGEST_SIZE];
- int ret = 0;
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
- ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE), 0);
- ret= wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_256_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_256_Final(NULL, hash);
- if (ret == 0) {
- ret = wc_Sha3_256_Final(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_256_Final(NULL, hash), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_256_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
- if (ret == 0) {
- ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- /* Init stack variables. */
- XMEMSET(hash, 0, sizeof(hash));
- XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+ /* Init stack variables. */
+ XMEMSET(hash, 0, sizeof(hash));
+ XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, hashRet), 0);
+ ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE), 0);
- ret= wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_256_GetHash(&sha3, hashRet);
- }
- if (ret == 0) {
- ret = wc_Sha3_256_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- /* Test bad args. */
- ret = wc_Sha3_256_GetHash(NULL, hashRet);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_256_GetHash(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_Sha3_256_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_256_Free(&sha3);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_256_Final */
@@ -15380,7 +14542,7 @@ static int test_wc_Sha3_256_Final(void)
*/
static int test_wc_Sha3_384_Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15391,77 +14553,36 @@ static int test_wc_Sha3_384_Final(void)
"\xa1\x9e\xef\x51\xac\xd0\x65\x7c\x22";
byte hash[WC_SHA3_384_DIGEST_SIZE];
byte hashRet[WC_SHA3_384_DIGEST_SIZE];
- int ret = 0;
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
- ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE), 0);
- ret= wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_384_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_384_Final(NULL, hash);
- if (ret == 0) {
- ret = wc_Sha3_384_Final(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_384_Final(NULL, hash), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_384_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
- if (ret == 0) {
- ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- /* Init stack variables. */
- XMEMSET(hash, 0, sizeof(hash));
- XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+ /* Init stack variables. */
+ XMEMSET(hash, 0, sizeof(hash));
+ XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, hashRet), 0);
+ ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE), 0);
- ret= wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_384_GetHash(&sha3, hashRet);
- }
- if (ret == 0) {
- ret = wc_Sha3_384_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- /* Test bad args. */
- ret = wc_Sha3_384_GetHash(NULL, hashRet);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_384_GetHash(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_Sha3_384_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_384_Free(&sha3);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_384_Final */
@@ -15471,7 +14592,7 @@ static int test_wc_Sha3_384_Final(void)
*/
static int test_wc_Sha3_512_Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) && \
!defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3;
@@ -15484,77 +14605,36 @@ static int test_wc_Sha3_512_Final(void)
"\x9c\x03\x0d\x99\xa2\x7d\xaf\x11\x39\xd6\xe7\x5e";
byte hash[WC_SHA3_512_DIGEST_SIZE];
byte hashRet[WC_SHA3_512_DIGEST_SIZE];
- int ret = 0;
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
- ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE), 0);
- ret= wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_512_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_512_Final(NULL, hash);
- if (ret == 0) {
- ret = wc_Sha3_384_Final(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_512_Final(NULL, hash), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_512_Final(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
- if (ret == 0) {
- ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- /* Init stack variables. */
- XMEMSET(hash, 0, sizeof(hash));
- XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+ /* Init stack variables. */
+ XMEMSET(hash, 0, sizeof(hash));
+ XMEMSET(hashRet, 0, sizeof(hashRet));
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+ ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, hashRet), 0);
+ ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE), 0);
- ret= wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Sha3_512_GetHash(&sha3, hashRet);
- }
- if (ret == 0) {
- ret = wc_Sha3_512_Final(&sha3, hash);
- if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- /* Test bad args. */
- ret = wc_Sha3_512_GetHash(NULL, hashRet);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_512_GetHash(&sha3, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_Sha3_512_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, NULL), BAD_FUNC_ARG);
wc_Sha3_512_Free(&sha3);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_512_Final */
@@ -15563,61 +14643,35 @@ static int test_wc_Sha3_512_Final(void)
*/
static int test_wc_Sha3_224_Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_224_DIGEST_SIZE];
byte hashCpy[WC_SHA3_224_DIGEST_SIZE];
- int ret = 0;
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
+ XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+ XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
- ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
-
- ret = wc_InitSha3_224(&sha3Cpy, HEAP_HINT, testDevId);
- if (ret != 0) {
- wc_Sha3_224_Free(&sha3);
- return TEST_FAIL;
- }
-
- ret = wc_Sha3_224_Update(&sha3, (byte*)msg, msglen);
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_InitSha3_224(&sha3Cpy, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, msglen), 0);
+ ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, &sha3), 0);
+ ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
+ ExpectIntEQ(wc_Sha3_224_Final(&sha3Cpy, hashCpy), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
- if (ret == 0) {
- ret = wc_Sha3_224_Copy(&sha3Cpy, &sha3);
- if (ret == 0) {
- ret = wc_Sha3_224_Final(&sha3, hash);
- if (ret == 0) {
- ret = wc_Sha3_224_Final(&sha3Cpy, hashCpy);
- }
- }
- if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_224_Copy(NULL, &sha3);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_224_Copy(&sha3Cpy, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_224_Copy(NULL, &sha3), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Sha3_224_Free(&sha3);
+ wc_Sha3_224_Free(&sha3Cpy);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_224_Copy */
@@ -15627,61 +14681,35 @@ static int test_wc_Sha3_224_Copy(void)
*/
static int test_wc_Sha3_256_Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_256_DIGEST_SIZE];
byte hashCpy[WC_SHA3_256_DIGEST_SIZE];
- int ret = 0;
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
+ XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+ XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
- ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_InitSha3_256(&sha3Cpy, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, msglen), 0);
+ ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, &sha3), 0);
+ ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
+ ExpectIntEQ(wc_Sha3_256_Final(&sha3Cpy, hashCpy), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
- ret = wc_InitSha3_256(&sha3Cpy, HEAP_HINT, testDevId);
- if (ret != 0) {
- wc_Sha3_256_Free(&sha3);
- return TEST_FAIL;
- }
-
- ret = wc_Sha3_256_Update(&sha3, (byte*)msg, msglen);
-
- if (ret == 0) {
- ret = wc_Sha3_256_Copy(&sha3Cpy, &sha3);
- if (ret == 0) {
- ret = wc_Sha3_256_Final(&sha3, hash);
- if (ret == 0) {
- ret = wc_Sha3_256_Final(&sha3Cpy, hashCpy);
- }
- }
- if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_256_Copy(NULL, &sha3);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_256_Copy(&sha3Cpy, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_256_Copy(NULL, &sha3), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Sha3_256_Free(&sha3);
+ wc_Sha3_256_Free(&sha3Cpy);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_256_Copy */
@@ -15691,61 +14719,35 @@ static int test_wc_Sha3_256_Copy(void)
*/
static int test_wc_Sha3_384_Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_384_DIGEST_SIZE];
byte hashCpy[WC_SHA3_384_DIGEST_SIZE];
- int ret = 0;
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
+ XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+ XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
- ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
-
- ret = wc_InitSha3_384(&sha3Cpy, HEAP_HINT, testDevId);
- if (ret != 0) {
- wc_Sha3_384_Free(&sha3);
- return TEST_FAIL;
- }
-
- ret = wc_Sha3_384_Update(&sha3, (byte*)msg, msglen);
+ ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_InitSha3_384(&sha3Cpy, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, msglen), 0);
+ ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, &sha3), 0);
+ ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
+ ExpectIntEQ(wc_Sha3_384_Final(&sha3Cpy, hashCpy), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
- if (ret == 0) {
- ret = wc_Sha3_384_Copy(&sha3Cpy, &sha3);
- if (ret == 0) {
- ret = wc_Sha3_384_Final(&sha3, hash);
- if (ret == 0) {
- ret = wc_Sha3_384_Final(&sha3Cpy, hashCpy);
- }
- }
- if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_384_Copy(NULL, &sha3);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_384_Copy(&sha3Cpy, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_384_Copy(NULL, &sha3), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Sha3_384_Free(&sha3);
+ wc_Sha3_384_Free(&sha3Cpy);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_384_Copy */
@@ -15754,125 +14756,75 @@ static int test_wc_Sha3_384_Copy(void)
*/
static int test_wc_Sha3_512_Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
wc_Sha3 sha3, sha3Cpy;
const char* msg = TEST_STRING;
word32 msglen = (word32)TEST_STRING_SZ;
byte hash[WC_SHA3_512_DIGEST_SIZE];
byte hashCpy[WC_SHA3_512_DIGEST_SIZE];
- int ret = 0;
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
+ XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+ XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
- ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
-
- ret = wc_InitSha3_512(&sha3Cpy, HEAP_HINT, testDevId);
- if (ret != 0) {
- wc_Sha3_512_Free(&sha3);
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_InitSha3_512(&sha3Cpy, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, msglen), 0);
+ ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, &sha3), 0);
+ ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
+ ExpectIntEQ(wc_Sha3_512_Final(&sha3Cpy, hashCpy), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
- ret = wc_Sha3_512_Update(&sha3, (byte*)msg, msglen);
-
- if (ret == 0) {
- ret = wc_Sha3_512_Copy(&sha3Cpy, &sha3);
- if (ret == 0) {
- ret = wc_Sha3_512_Final(&sha3, hash);
- if (ret == 0) {
- ret = wc_Sha3_512_Final(&sha3Cpy, hashCpy);
- }
- }
- if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Sha3_512_Copy(NULL, &sha3);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Sha3_512_Copy(&sha3Cpy, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Sha3_512_Copy(NULL, &sha3), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Sha3_512_Free(&sha3);
+ wc_Sha3_512_Free(&sha3Cpy);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_512_Copy */
/*
* Unit test function for wc_Sha3_GetFlags()
*/
static int test_wc_Sha3_GetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_HASH_FLAGS)
wc_Sha3 sha3;
word32 flags = 0;
- int ret = 0;
/* Initialize */
- ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- if (ret == 0) {
- ret = wc_Sha3_GetFlags(&sha3, &flags);
- }
- if (ret == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Sha3_GetFlags(&sha3, &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
wc_Sha3_224_Free(&sha3);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Sha3_GetFlags */
static int test_wc_InitShake256(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake;
- int ret = 0;
- ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
+ ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_InitShake256(NULL, HEAP_HINT, testDevId);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Shake256_Free(&shake);
+ ExpectIntEQ(wc_InitShake256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Shake256_Free(&shake);
#endif
- return res;
-
-} /* END test_wc_InitSha3 */
+ return EXPECT_RESULT();
+}
static int testing_wc_Shake256_Update(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake;
byte msg[] = "Everybody's working for the weekend.";
@@ -15885,52 +14837,32 @@ static int testing_wc_Shake256_Update(void)
word32 msglen = sizeof(msg) - 1;
word32 msg2len = sizeof(msg2);
word32 msgCmplen = sizeof(msgCmp);
- int ret = 0;
- ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_Shake256_Update(&shake, msg, msglen);
- if (XMEMCMP(msg, shake.t, msglen) || shake.i != msglen) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_Shake256_Update(&shake, msg2, msg2len);
- if (XMEMCMP(shake.t, msgCmp, msgCmplen) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Shake256_Update(&shake, msg, msglen), 0);
+ ExpectIntEQ(XMEMCMP(msg, shake.t, msglen), 0);
+ ExpectTrue(shake.i == msglen);
+
+ ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(shake.t, msgCmp, msgCmplen), 0);
+
/* Pass bad args. */
- if (ret == 0) {
- ret = wc_Shake256_Update(NULL, msg2, msg2len);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Shake256_Update(&shake, NULL, 5);
- }
- if (ret == BAD_FUNC_ARG) {
- wc_Shake256_Free(&shake);
- if (wc_InitShake256(&shake, HEAP_HINT, testDevId)) {
- return TEST_FAIL;
- }
- ret = wc_Shake256_Update(&shake, NULL, 0);
- if (ret == 0) {
- ret = wc_Shake256_Update(&shake, msg2, msg2len);
- }
- if (ret == 0 && XMEMCMP(msg2, shake.t, msg2len) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_Shake256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 5), BAD_FUNC_ARG);
wc_Shake256_Free(&shake);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 0), 0);
+ ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0);
+ ExpectIntEQ(XMEMCMP(msg2, shake.t, msg2len), 0);
+ wc_Shake256_Free(&shake);
#endif /* WOLFSSL_SHAKE256 */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_Shake256_Final(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake;
const char* msg = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15945,48 +14877,32 @@ static int test_wc_Shake256_Final(void)
"\x08\xba\xf1\x9b\xe2\x12\x33\xf3\xde\xbe\x78\xd0\x67"
"\x60\xcf\xa5\x51\xee\x1e\x07\x91\x41\xd4";
byte hash[114];
- int ret = 0;
/* Init stack variables. */
XMEMSET(hash, 0, sizeof(hash));
- ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, (word32)XSTRLEN(msg)),
+ 0);
+ ExpectIntEQ(wc_Shake256_Final(&shake, hash, (word32)sizeof(hash)), 0);
+ ExpectIntEQ(XMEMCMP(expOut, hash, (word32)sizeof(hash)), 0);
- ret= wc_Shake256_Update(&shake, (byte*)msg, (word32)XSTRLEN(msg));
- if (ret == 0) {
- ret = wc_Shake256_Final(&shake, hash, (word32)sizeof(hash));
- if (ret == 0 && XMEMCMP(expOut, hash, (word32)sizeof(hash)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Shake256_Final(NULL, hash, (word32)sizeof(hash));
- if (ret == 0) {
- ret = wc_Shake256_Final(&shake, NULL, (word32)sizeof(hash));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Shake256_Free(&shake);
+ ExpectIntEQ(wc_Shake256_Final(NULL, hash, (word32)sizeof(hash)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Shake256_Final(&shake, NULL, (word32)sizeof(hash)),
+ BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Shake256_Free(&shake);
#endif
- return res;
+ return EXPECT_RESULT();
}
/*
* Testing wc_Shake256_Copy()
*/
static int test_wc_Shake256_Copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
wc_Shake shake, shakeCpy;
const char* msg = TEST_STRING;
@@ -15995,61 +14911,34 @@ static int test_wc_Shake256_Copy(void)
byte hashCpy[144];
word32 hashLen = sizeof(hash);
word32 hashLenCpy = sizeof(hashCpy);
- int ret;
XMEMSET(hash, 0, sizeof(hash));
XMEMSET(hashCpy, 0, sizeof(hashCpy));
- ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
- if (ret != 0) {
- return TEST_FAIL;
- }
-
- ret = wc_InitShake256(&shakeCpy, HEAP_HINT, testDevId);
- if (ret != 0) {
- wc_Shake256_Free(&shake);
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_InitShake256(&shakeCpy, HEAP_HINT, testDevId), 0);
- ret = wc_Shake256_Update(&shake, (byte*)msg, msglen);
+ ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, msglen), 0);
+ ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, &shake), 0);
+ ExpectIntEQ(wc_Shake256_Final(&shake, hash, hashLen), 0);
+ ExpectIntEQ(wc_Shake256_Final(&shakeCpy, hashCpy, hashLenCpy), 0);
+ ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
- if (ret == 0) {
- ret = wc_Shake256_Copy(&shakeCpy, &shake);
- if (ret == 0) {
- ret = wc_Shake256_Final(&shake, hash, hashLen);
- if (ret == 0) {
- ret = wc_Shake256_Final(&shakeCpy, hashCpy, hashLenCpy);
- }
- }
- if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Shake256_Copy(NULL, &shake);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Shake256_Copy(&shakeCpy, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_Shake256_Free(&shake);
+ ExpectIntEQ(wc_Shake256_Copy(NULL, &shake), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Shake256_Free(&shake);
+ wc_Shake256_Free(&shakeCpy);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Shake256_Copy */
/*
* Unit test function for wc_Shake256Hash()
*/
static int test_wc_Shake256Hash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_SHAKE256
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
@@ -16058,25 +14947,284 @@ static int test_wc_Shake256Hash(void)
word32 len = sizeof(data);
byte hash[144];
word32 hashLen = sizeof(hash);
- int ret;
-
- ret = wc_Shake256Hash(data, len, hash, hashLen);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_Shake256Hash(data, len, hash, hashLen), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Shake256Hash */
+
+/*
+ * Testing wc_InitSm3(), wc_Sm3Free()
+ */
+static int test_wc_InitSm3Free(void)
+{
+ EXPECT_DECLS;
+#ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+
+ /* Invalid Parameters */
+ ExpectIntEQ(wc_InitSm3(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
+
+ /* Valid Parameters */
+ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+
+ wc_Sm3Free(NULL);
+ wc_Sm3Free(&sm3);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_InitSm3 */
+
+/*
+ * Testing wc_Sm3Update(), wc_Sm3Final()
+ */
+static int test_wc_Sm3UpdateFinal(void)
+{
+ EXPECT_DECLS;
+#ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+ byte data[WC_SM3_BLOCK_SIZE * 4];
+ byte hash[WC_SM3_DIGEST_SIZE];
+ byte calcHash[WC_SM3_DIGEST_SIZE];
+ byte expHash[WC_SM3_DIGEST_SIZE] = {
+ 0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27,
+ 0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1,
+ 0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b,
+ 0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6
+ };
+ word32 chunk;
+ word32 i;
+
+ XMEMSET(data, 0, sizeof(data));
+
+ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(wc_Sm3Update(NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Update(NULL, data, 1), BAD_FUNC_ARG);
+
+ /* Valid Parameters */
+ ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE - 2), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE * 2), 0);
+ /* Ensure too many bytes for lengths. */
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_PAD_SIZE), 0);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(wc_Sm3Final(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Final(&sm3, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Final(NULL, hash), BAD_FUNC_ARG);
+
+ /* Valid Parameters */
+ ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
+ ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE);
+
+ /* Chunk tests. */
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0);
+ ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
+ for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) {
+ for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) {
+ ExpectIntEQ(wc_Sm3Update(&sm3, data + i, chunk), 0);
+ }
+ if (i < (word32)sizeof(data)) {
+ ExpectIntEQ(wc_Sm3Update(&sm3, data + i, (word32)sizeof(data) - i),
+ 0);
+ }
+ ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
+ ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+ }
+
+ /* Not testing when the low 32-bit length overflows. */
+
+ wc_Sm3Free(&sm3);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_Sm3Update */
+
+/*
+ * Testing wc_Sm3GetHash()
+ */
+static int test_wc_Sm3GetHash(void)
+{
+ EXPECT_DECLS;
+#ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+ byte hash[WC_SM3_DIGEST_SIZE];
+ byte calcHash[WC_SM3_DIGEST_SIZE];
+ byte data[WC_SM3_BLOCK_SIZE];
+
+ XMEMSET(data, 0, sizeof(data));
+
+ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(wc_Sm3GetHash(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3GetHash(&sm3, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3GetHash(NULL, hash), BAD_FUNC_ARG);
+
+ /* Valid Parameters */
+ ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0);
+ ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+
+ /* With update. */
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0);
+ ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0);
+ ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
+ ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+
+ wc_Sm3Free(&sm3);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_Sm3Update */
+
+/*
+ * Testing wc_Sm3Copy()
+ */
+static int test_wc_Sm3Copy(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
+ wc_Sm3 sm3;
+ wc_Sm3 sm3Copy;
+ byte hash[WC_SM3_DIGEST_SIZE];
+ byte hashCopy[WC_SM3_DIGEST_SIZE];
+ byte data[WC_SM3_BLOCK_SIZE + 1];
+ int i;
+
+ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(wc_Sm3Copy(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Copy(&sm3, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Copy(NULL, &sm3Copy), BAD_FUNC_ARG);
+
+ /* Valid Parameters */
+ ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
+
+ /* Ensure all parts of data updated during hashing are copied. */
+ for (i = 0; i < WC_SM3_BLOCK_SIZE + 1; i++) {
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, i), 0);
+ ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
+ ExpectIntEQ(wc_Sm3Update(&sm3Copy, data, 1), 0);
+ ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
+ ExpectIntEQ(wc_Sm3Final(&sm3Copy, hashCopy), 0);
+ ExpectBufEQ(hash, hashCopy, WC_SM3_DIGEST_SIZE);
+ }
+
+ wc_Sm3Free(&sm3Copy);
+ wc_Sm3Free(&sm3);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_Sm3Copy */
+
+/*
+ * Testing wc_Sm3FinalRaw()
+ */
+static int test_wc_Sm3FinalRaw(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && !defined(HAVE_SELFTEST) && \
+ !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \
+ !defined(WOLFSSL_NO_HASH_RAW)
+ wc_Sm3 sm3;
+ byte hash1[WC_SM3_DIGEST_SIZE];
+ byte hash2[WC_SM3_DIGEST_SIZE];
+ byte hash3[WC_SM3_DIGEST_SIZE];
+ byte* hash_test[3] = { hash1, hash2, hash3 };
+ int times;
+ int i;
+
+ XMEMSET(&sm3, 0, sizeof(sm3));
+
+ /* Initialize */
+ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(wc_Sm3FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3FinalRaw(&sm3, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+
+ times = sizeof(hash_test) / sizeof(byte*);
+ for (i = 0; i < times; i++) {
+ ExpectIntEQ(wc_Sm3FinalRaw(&sm3, hash_test[i]), 0);
+ }
+
+ wc_Sm3Free(&sm3);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_Sm3FinalRaw */
+/*
+ * Testing wc_Sm3GetFlags, wc_Sm3SetFlags()
+ */
+static int test_wc_Sm3GetSetFlags(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
+ wc_Sm3 sm3;
+ wc_Sm3 sm3Copy;
+ word32 flags = 0;
+
+ ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0);
+
+ ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0);
+ ExpectIntEQ(flags, 0);
+ ExpectIntEQ(wc_Sm3SetFlags(NULL, WC_HASH_FLAG_WILLCOPY), 0);
+ ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0);
+ ExpectIntEQ(flags, 0);
+ ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0);
+ ExpectIntEQ(flags, 0);
+ ExpectIntEQ(wc_Sm3SetFlags(&sm3, WC_HASH_FLAG_WILLCOPY), 0);
+ ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0);
+ ExpectIntEQ(flags, WC_HASH_FLAG_WILLCOPY);
+
+ ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
+ ExpectIntEQ(wc_Sm3GetFlags(&sm3Copy, &flags), 0);
+ ExpectIntEQ(flags, WC_HASH_FLAG_ISCOPY | WC_HASH_FLAG_WILLCOPY);
+
+ wc_Sm3Free(&sm3Copy);
+ wc_Sm3Free(&sm3);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_Sm3Update */
+
+/*
+ * Testing wc_Sm3Hash()
+ */
+static int test_wc_Sm3Hash(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
+ byte data[WC_SM3_BLOCK_SIZE];
+ byte hash[WC_SM3_DIGEST_SIZE];
+
+ /* Invalid parameters. */
+ ExpectIntEQ(wc_Sm3Hash(NULL, sizeof(data), hash), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), NULL), BAD_FUNC_ARG);
+
+ /* Valid parameters. */
+ ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), hash), 0);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_Sm3Hash */
+
/*
* Test function for wc_HmacSetKey
*/
static int test_wc_Md5HmacSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_MD5)
Hmac hmac;
int ret, times, itr;
- int flag = 0;
const char* keys[]=
{
@@ -16086,74 +15234,40 @@ static int test_wc_Md5HmacSetKey(void)
#endif
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
};
-
times = sizeof(keys) / sizeof(char*);
- flag = 0;
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return TEST_FAIL;
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[itr],
- (word32)XSTRLEN(keys[itr]));
+ (word32)XSTRLEN(keys[itr]));
#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
wc_HmacFree(&hmac);
- if (ret == BAD_FUNC_ARG) {
- return TEST_SUCCESS;
- }
- else {
- return TEST_FAIL;
- }
+ ExpectIntEQ(ret, BAD_FUNC_ARG);
#else
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(ret, 0);
#endif
}
/* Bad args. */
- if (!flag) {
- ret = wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0);
-#ifdef HAVE_FIPS
- if (ret != HMAC_MIN_KEYLEN_E) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0])),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0);
+#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
+ ExpectIntEQ(ret, BAD_FUNC_ARG);
+#elif defined(HAVE_FIPS)
+ ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, 0);
#endif
- }
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Md5HmacSetKey */
@@ -16162,11 +15276,10 @@ static int test_wc_Md5HmacSetKey(void)
*/
static int test_wc_ShaHmacSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA)
Hmac hmac;
int ret, times, itr;
- int flag = 0;
const char* keys[]=
{
@@ -16180,62 +15293,32 @@ static int test_wc_ShaHmacSetKey(void)
};
times = sizeof(keys) / sizeof(char*);
- flag = 0;
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
- ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr],
- (word32)XSTRLEN(keys[itr]));
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr],
+ (word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
- if (!flag) {
- ret = wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0])),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0);
+ ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
- if (ret != HMAC_MIN_KEYLEN_E) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, 0);
#endif
- }
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ShaHmacSetKey() */
/*
@@ -16243,11 +15326,10 @@ static int test_wc_ShaHmacSetKey(void)
*/
static int test_wc_Sha224HmacSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
Hmac hmac;
int ret, times, itr;
- int flag = 0;
const char* keys[]=
{
@@ -16259,64 +15341,32 @@ static int test_wc_Sha224HmacSetKey(void)
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
-
times = sizeof(keys) / sizeof(char*);
- flag = 0;
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
- ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr],
- (word32)XSTRLEN(keys[itr]));
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr],
+ (word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
- if (!flag) {
- ret = wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0);
+ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0])),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
- if (ret != HMAC_MIN_KEYLEN_E) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, 0);
#endif
- }
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224HmacSetKey() */
/*
@@ -16324,11 +15374,10 @@ static int test_wc_Sha224HmacSetKey(void)
*/
static int test_wc_Sha256HmacSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA256)
Hmac hmac;
int ret, times, itr;
- int flag = 0;
const char* keys[]=
{
@@ -16340,64 +15389,32 @@ static int test_wc_Sha256HmacSetKey(void)
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
-
times = sizeof(keys) / sizeof(char*);
- flag = 0;
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
- ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr],
- (word32)XSTRLEN(keys[itr]));
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr],
+ (word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
- if (!flag) {
- ret = wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0);
+ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0])),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
- if (ret != HMAC_MIN_KEYLEN_E) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, 0);
#endif
- }
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha256HmacSetKey() */
@@ -16406,11 +15423,10 @@ static int test_wc_Sha256HmacSetKey(void)
*/
static int test_wc_Sha384HmacSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
Hmac hmac;
int ret, times, itr;
- int flag = 0;
const char* keys[]=
{
@@ -16422,64 +15438,32 @@ static int test_wc_Sha384HmacSetKey(void)
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
-
times = sizeof(keys) / sizeof(char*);
- flag = 0;
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
for (itr = 0; itr < times; itr++) {
- ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr],
- (word32)XSTRLEN(keys[itr]));
- if (ret != 0) {
- flag = ret;
- }
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr],
+ (word32)XSTRLEN(keys[itr])), 0);
}
/* Bad args. */
- if (!flag) {
- ret = wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
- (word32)XSTRLEN(keys[0]));
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0);
+ ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0])),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+ (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+ ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0);
#ifdef HAVE_FIPS
- if (ret != HMAC_MIN_KEYLEN_E) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
#else
- if (ret != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(ret, 0);
#endif
- }
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha384HmacSetKey() */
@@ -16488,12 +15472,10 @@ static int test_wc_Sha384HmacSetKey(void)
*/
static int test_wc_Md5HmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5))
Hmac hmac;
testVector a, b;
- int ret;
- int flag = 0;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16503,62 +15485,26 @@ static int test_wc_Md5HmacUpdate(void)
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
-
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys, (word32)XSTRLEN(keys));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys,
+ (word32)XSTRLEN(keys)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
- if (!flag) {
- ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Md5HmacUpdate */
/*
@@ -16566,12 +15512,10 @@ static int test_wc_Md5HmacUpdate(void)
*/
static int test_wc_ShaHmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA)
Hmac hmac;
testVector a, b;
- int ret;
- int flag = 0;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16581,62 +15525,26 @@ static int test_wc_ShaHmacUpdate(void)
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
-
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys, (word32)XSTRLEN(keys));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys,
+ (word32)XSTRLEN(keys)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
- if (!flag) {
- ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ShaHmacUpdate */
/*
@@ -16644,12 +15552,10 @@ static int test_wc_ShaHmacUpdate(void)
*/
static int test_wc_Sha224HmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
Hmac hmac;
testVector a, b;
- int ret;
- int flag = 0;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16659,62 +15565,26 @@ static int test_wc_Sha224HmacUpdate(void)
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
-
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys, (word32)XSTRLEN(keys));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys,
+ (word32)XSTRLEN(keys)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
- if (!flag) {
- ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224HmacUpdate */
/*
@@ -16722,12 +15592,10 @@ static int test_wc_Sha224HmacUpdate(void)
*/
static int test_wc_Sha256HmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA256)
Hmac hmac;
testVector a, b;
- int ret;
- int flag = 0;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16737,62 +15605,26 @@ static int test_wc_Sha256HmacUpdate(void)
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
-
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys, (word32)XSTRLEN(keys));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys,
+ (word32)XSTRLEN(keys)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
- if (!flag) {
- ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha256HmacUpdate */
/*
@@ -16800,12 +15632,10 @@ static int test_wc_Sha256HmacUpdate(void)
*/
static int test_wc_Sha384HmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
Hmac hmac;
testVector a, b;
- int ret;
- int flag = 0;
#ifdef HAVE_FIPS
const char* keys =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16815,62 +15645,26 @@ static int test_wc_Sha384HmacUpdate(void)
a.input = "what do ya want for nothing?";
a.inLen = XSTRLEN(a.input);
-
b.input = "Hi There";
b.inLen = XSTRLEN(b.input);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys, (word32)XSTRLEN(keys));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys,
+ (word32)XSTRLEN(keys)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
/* Update Hmac. */
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
/* Test bad args. */
- if (!flag) {
- ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
- if (ret != 0) {
- flag = ret;
- }
- }
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha384HmacUpdate */
/*
@@ -16879,14 +15673,12 @@ static int test_wc_Sha384HmacUpdate(void)
static int test_wc_Md5HmacFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5))
Hmac hmac;
byte hash[WC_MD5_DIGEST_SIZE];
testVector a;
- int ret;
const char* key;
- int flag = 0;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
a.input = "Hi There";
@@ -16895,60 +15687,22 @@ static int test_wc_Md5HmacFinal(void)
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_HmacFinal(&hmac, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key)),
+ 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0);
/* Try bad parameters. */
- if (!flag) {
- ret = wc_HmacFinal(NULL, hash);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
+ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
- if (!flag) {
- ret = wc_HmacFinal(&hmac, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_Md5HmacFinal */
/*
@@ -16956,13 +15710,11 @@ static int test_wc_Md5HmacFinal(void)
*/
static int test_wc_ShaHmacFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA)
Hmac hmac;
byte hash[WC_SHA_DIGEST_SIZE];
testVector a;
- int ret;
- int flag = 0;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -16973,60 +15725,22 @@ static int test_wc_ShaHmacFinal(void)
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_HmacFinal(&hmac, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key)),
+ 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0);
/* Try bad parameters. */
- if (!flag) {
- ret = wc_HmacFinal(NULL, hash);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
+ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
- if (!flag) {
- ret = wc_HmacFinal(&hmac, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_ShaHmacFinal */
@@ -17035,13 +15749,11 @@ static int test_wc_ShaHmacFinal(void)
*/
static int test_wc_Sha224HmacFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
Hmac hmac;
byte hash[WC_SHA224_DIGEST_SIZE];
testVector a;
- int ret;
- int flag = 0;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -17052,59 +15764,22 @@ static int test_wc_Sha224HmacFinal(void)
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key, (word32)XSTRLEN(key));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_HmacFinal(&hmac, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key,
+ (word32)XSTRLEN(key)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0);
/* Try bad parameters. */
- if (!flag) {
- ret = wc_HmacFinal(NULL, hash);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
+ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
- if (!flag) {
- ret = wc_HmacFinal(&hmac, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha224HmacFinal */
/*
@@ -17112,13 +15787,11 @@ static int test_wc_Sha224HmacFinal(void)
*/
static int test_wc_Sha256HmacFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && !defined(NO_SHA256)
Hmac hmac;
byte hash[WC_SHA256_DIGEST_SIZE];
testVector a;
- int ret;
- int flag = 0;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -17130,59 +15803,22 @@ static int test_wc_Sha256HmacFinal(void)
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return TEST_FAIL;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key, (word32)XSTRLEN(key));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_HmacFinal(&hmac, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key,
+ (word32)XSTRLEN(key)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
/* Try bad parameters. */
- if (!flag) {
- ret = wc_HmacFinal(NULL, hash);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
-
+ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
- if (!flag) {
- ret = wc_HmacFinal(&hmac, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha256HmacFinal */
/*
@@ -17190,13 +15826,11 @@ static int test_wc_Sha256HmacFinal(void)
*/
static int test_wc_Sha384HmacFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
Hmac hmac;
byte hash[WC_SHA384_DIGEST_SIZE];
testVector a;
- int ret;
- int flag = 0;
const char* key;
key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -17209,58 +15843,22 @@ static int test_wc_Sha384HmacFinal(void)
a.inLen = XSTRLEN(a.input);
a.outLen = XSTRLEN(a.output);
- flag = 0;
-
- ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key, (word32)XSTRLEN(key));
- if (ret != 0) {
- flag = ret;
- }
-
- if (!flag) {
- ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- ret = wc_HmacFinal(&hmac, hash);
- if (ret != 0) {
- flag = ret;
- }
- }
-
- if (!flag) {
- if (XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE) != 0) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key,
+ (word32)XSTRLEN(key)), 0);
+ ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+ ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+ ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0);
/* Try bad parameters. */
- if (!flag) {
- ret = wc_HmacFinal(NULL, hash);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
#ifndef HAVE_FIPS
- if (!flag) {
- ret = wc_HmacFinal(&hmac, NULL);
- if (ret != BAD_FUNC_ARG) {
- flag = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
#endif
wc_HmacFree(&hmac);
-
- res = TEST_RES_CHECK(flag == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Sha384HmacFinal */
@@ -17270,9 +15868,11 @@ static int test_wc_Sha384HmacFinal(void)
*/
static int test_wc_InitCmac(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES)
- Cmac cmac1, cmac2, cmac3;
+ Cmac cmac1;
+ Cmac cmac2;
+ Cmac cmac3;
/* AES 128 key. */
byte key1[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x10\x11\x12\x13\x14\x15\x16";
@@ -17280,67 +15880,45 @@ static int test_wc_InitCmac(void)
byte key2[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x01\x11\x12\x13\x14\x15\x16"
"\x01\x02\x03\x04\x05\x06\x07\x08";
-
/* AES 256 key. */
byte key3[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x01\x11\x12\x13\x14\x15\x16"
"\x01\x02\x03\x04\x05\x06\x07\x08"
"\x09\x01\x11\x12\x13\x14\x15\x16";
-
word32 key1Sz = (word32)sizeof(key1) - 1;
word32 key2Sz = (word32)sizeof(key2) - 1;
word32 key3Sz = (word32)sizeof(key3) - 1;
int type = WC_CMAC_AES;
- int ret = 0;
+
+ (void)key1;
+ (void)key1Sz;
+ (void)key2;
+ (void)key2Sz;
+
+ XMEMSET(&cmac1, 0, sizeof(Cmac));
+ XMEMSET(&cmac2, 0, sizeof(Cmac));
+ XMEMSET(&cmac3, 0, sizeof(Cmac));
#ifdef WOLFSSL_AES_128
- ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL);
+ ExpectIntEQ(wc_InitCmac(&cmac1, key1, key1Sz, type, NULL), 0);
#endif
#ifdef WOLFSSL_AES_192
- if (ret == 0) {
- wc_AesFree(&cmac1.aes);
- ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL);
- }
+ wc_AesFree(&cmac1.aes);
+ ExpectIntEQ(wc_InitCmac(&cmac2, key2, key2Sz, type, NULL), 0);
#endif
#ifdef WOLFSSL_AES_256
- if (ret == 0) {
- wc_AesFree(&cmac2.aes);
- ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL);
- }
+ wc_AesFree(&cmac2.aes);
+ ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, type, NULL), 0);
#endif
+ wc_AesFree(&cmac3.aes);
/* Test bad args. */
- if (ret == 0) {
- wc_AesFree(&cmac3.aes);
- ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_InitCmac(&cmac3, key3, 0, type, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- (void)key1;
- (void)key1Sz;
- (void)key2;
- (void)key2Sz;
- (void)cmac1;
- (void)cmac2;
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitCmac(NULL, key3, key3Sz, type, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitCmac(&cmac3, key3, 0, type, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL), BAD_FUNC_ARG);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_InitCmac */
@@ -17349,11 +15927,10 @@ static int test_wc_InitCmac(void)
*/
static int test_wc_CmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
- byte key[] =
- {
+ byte key[] = {
0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
};
@@ -17362,38 +15939,21 @@ static int test_wc_CmacUpdate(void)
"\xb3\x78\xcf\x85\x22\x41\x74\xd9"
"\xa0\x97\x39\x71\x62\xf1\x8e\x8f"
"\xf4";
-
word32 inSz = (word32)sizeof(in) - 1;
word32 keySz = (word32)sizeof(key);
int type = WC_CMAC_AES;
- int ret = 0;
- ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
- if (ret != 0) {
- return ret;
- }
+ XMEMSET(&cmac, 0, sizeof(Cmac));
- ret = wc_CmacUpdate(&cmac, in, inSz);
+ ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0);
+ ExpectIntEQ(wc_CmacUpdate(&cmac, in, inSz), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_CmacUpdate(NULL, in, inSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_CmacUpdate(&cmac, NULL, 30);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_AesFree(&cmac.aes);
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_CmacUpdate(NULL, in, inSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CmacUpdate(&cmac, NULL, 30), BAD_FUNC_ARG);
+ wc_AesFree(&cmac.aes);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_CmacUpdate */
@@ -17402,16 +15962,14 @@ static int test_wc_CmacUpdate(void)
*/
static int test_wc_CmacFinal(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
Cmac cmac;
- byte key[] =
- {
+ byte key[] = {
0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
};
- byte msg[] =
- {
+ byte msg[] = {
0xe2, 0xb4, 0xb6, 0xf9, 0x48, 0x44, 0x02, 0x64,
0x5c, 0x47, 0x80, 0x9e, 0xd5, 0xa8, 0x3a, 0x17,
0xb3, 0x78, 0xcf, 0x85, 0x22, 0x41, 0x74, 0xd9,
@@ -17422,8 +15980,7 @@ static int test_wc_CmacFinal(void)
* http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html#cmac
* Per RFC4493 truncation of lsb is possible.
*/
- byte expMac[] =
- {
+ byte expMac[] = {
0x4e, 0x6e, 0xc5, 0x6f, 0xf9, 0x5d, 0x0e, 0xae,
0x1c, 0xf8, 0x3e, 0xfc, 0xf4, 0x4b, 0xeb
};
@@ -17434,43 +15991,33 @@ static int test_wc_CmacFinal(void)
word32 badMacSz = 17;
int expMacSz = sizeof(expMac);
int type = WC_CMAC_AES;
- int ret = 0;
+ XMEMSET(&cmac, 0, sizeof(Cmac));
XMEMSET(mac, 0, macSz);
- ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
- if (ret != 0) {
- return ret;
- }
- ret = wc_CmacUpdate(&cmac, msg, msgSz);
+ ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0);
+ ExpectIntEQ(wc_CmacUpdate(&cmac, msg, msgSz), 0);
- if (ret == 0) {
- ret = wc_CmacFinal(&cmac, mac, &macSz);
- if (ret == 0 && XMEMCMP(mac, expMac, expMacSz) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- /* Pass in bad args. */
- if (ret == 0) {
- ret = wc_CmacFinal(NULL, mac, &macSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_CmacFinal(&cmac, NULL, &macSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_CmacFinal(&cmac, mac, &badMacSz);
- if (ret == BUFFER_E) {
- ret = 0;
- }
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_CmacFinalNoFree(NULL, mac, &macSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CmacFinalNoFree(&cmac, NULL, &macSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CmacFinalNoFree(&cmac, mac, &badMacSz), BUFFER_E);
- res = TEST_RES_CHECK(ret == 0);
-#endif
- return res;
+ /* For the last call, use the API with implicit wc_CmacFree(). */
+ ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0);
+ ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
+#else /* !HAVE_FIPS || FIPS>=5.3 */
+ ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0);
+ ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_CmacFinal(NULL, mac, &macSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CmacFinal(&cmac, NULL, &macSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CmacFinal(&cmac, mac, &badMacSz), BUFFER_E);
+#endif /* !HAVE_FIPS || FIPS>=5.3 */
+#endif
+ return EXPECT_RESULT();
} /* END test_wc_CmacFinal */
@@ -17479,11 +16026,9 @@ static int test_wc_CmacFinal(void)
*/
static int test_wc_AesCmacGenerate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
- Cmac cmac;
- byte key[] =
- {
+ byte key[] = {
0x26, 0xef, 0x8b, 0x40, 0x34, 0x11, 0x7d, 0x9e,
0xbe, 0xc0, 0xc7, 0xfc, 0x31, 0x08, 0x54, 0x69
};
@@ -17496,77 +16041,36 @@ static int test_wc_AesCmacGenerate(void)
word32 macSz = sizeof(mac);
word32 msgSz = sizeof(msg) - 1;
word32 expMacSz = sizeof(expMac) - 1;
- int type = WC_CMAC_AES;
- int ret = 0;
XMEMSET(mac, 0, macSz);
- ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
- if (ret != 0) {
- return ret;
- }
-
- ret = wc_CmacUpdate(&cmac, msg, msgSz);
- if (ret != 0) {
- return ret;
- }
- else {
- wc_AesFree(&cmac.aes);
- }
+ ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz), 0);
+ ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
- ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz);
- if (ret == 0 && XMEMCMP(mac, expMac, expMacSz) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (ret == 0) {
- ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz);
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz),
+ BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz),
+ BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_AesCmacGenerate */
@@ -17576,10 +16080,9 @@ static int test_wc_AesCmacGenerate(void)
*/
static int test_wc_AesGcmStream(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(WOLFSSL_AES_128) && defined(HAVE_AESGCM) && \
defined(WOLFSSL_AESGCM_STREAM)
- int ret = 0;
int i;
WC_RNG rng[1];
Aes aesEnc[1];
@@ -17605,179 +16108,884 @@ static int test_wc_AesGcmStream(void)
0xe0, 0x31, 0x57, 0x60, 0xb7, 0x92, 0xa3, 0x6d
};
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ XMEMSET(&aesEnc, 0, sizeof(Aes));
+ XMEMSET(&aesDec, 0, sizeof(Aes));
+
/* Create a random for generating IV/nonce. */
- AssertIntEQ(wc_InitRng(rng), 0);
+ ExpectIntEQ(wc_InitRng(rng), 0);
/* Initialize data structures. */
- AssertIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
- AssertIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
/* BadParameters to streaming init. */
- AssertIntEQ(wc_AesGcmEncryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, AES_128_KEY_SIZE, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, 0, NULL, GCM_NONCE_MID_SZ),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, AES_128_KEY_SIZE, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, 0, NULL, GCM_NONCE_MID_SZ),
+ BAD_FUNC_ARG);
/* Bad parameters to encrypt update. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 1, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, in, 1, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, NULL, 1, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, NULL, 1),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 1, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, in, 1, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, NULL, 1, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, NULL, 1),
+ BAD_FUNC_ARG);
/* Bad parameters to decrypt update. */
- AssertIntEQ(wc_AesGcmDecryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 1, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, in, 1, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, out, NULL, 1, NULL, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, NULL, 1),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 1, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, in, 1, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, out, NULL, 1, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, NULL, 1),
+ BAD_FUNC_ARG);
/* Bad parameters to encrypt final. */
- AssertIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, AES_BLOCK_SIZE),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, NULL, AES_BLOCK_SIZE),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE + 1),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, AES_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, NULL, AES_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE + 1),
+ BAD_FUNC_ARG);
/* Bad parameters to decrypt final. */
- AssertIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, AES_BLOCK_SIZE),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, NULL, AES_BLOCK_SIZE),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE + 1),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, AES_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, NULL, AES_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE + 1),
+ BAD_FUNC_ARG);
/* Check calling final before setting key fails. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_KEY);
- AssertIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_KEY);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_KEY);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_KEY);
/* Check calling update before setting key else fails. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
- MISSING_KEY);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
- MISSING_KEY);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
+ MISSING_KEY);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
+ MISSING_KEY);
/* Set key but not IV. */
- AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), NULL, 0), 0);
- AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), NULL, 0), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), NULL, 0), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), NULL, 0), 0);
/* Check calling final before setting IV fails. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_IV);
- AssertIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_IV);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_IV);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_IV);
/* Check calling update before setting IV else fails. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
- MISSING_IV);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
- MISSING_IV);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
+ MISSING_IV);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
+ MISSING_IV);
/* Set IV using fixed part IV and external IV APIs. */
- AssertIntEQ(wc_AesGcmSetIV(aesEnc, GCM_NONCE_MID_SZ, iv, AES_IV_FIXED_SZ,
- rng), 0);
- AssertIntEQ(wc_AesGcmEncryptInit_ex(aesEnc, NULL, 0, ivOut,
- GCM_NONCE_MID_SZ), 0);
- AssertIntEQ(wc_AesGcmSetExtIV(aesDec, ivOut, GCM_NONCE_MID_SZ), 0);
- AssertIntEQ(wc_AesGcmInit(aesDec, NULL, 0, NULL, 0), 0);
+ ExpectIntEQ(wc_AesGcmSetIV(aesEnc, GCM_NONCE_MID_SZ, iv, AES_IV_FIXED_SZ,
+ rng), 0);
+ ExpectIntEQ(wc_AesGcmEncryptInit_ex(aesEnc, NULL, 0, ivOut,
+ GCM_NONCE_MID_SZ), 0);
+ ExpectIntEQ(wc_AesGcmSetExtIV(aesDec, ivOut, GCM_NONCE_MID_SZ), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, NULL, 0, NULL, 0), 0);
/* Encrypt and decrypt data. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, aad, 1), 0);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, aad, 1), 0);
- AssertIntEQ(XMEMCMP(plain, in, 1), 0);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, aad, 1), 0);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, aad, 1), 0);
+ ExpectIntEQ(XMEMCMP(plain, in, 1), 0);
/* Finalize and check tag matches. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
- AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
- AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ wc_AesFree(aesEnc);
+ wc_AesFree(aesDec);
+ ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* Encrypt/decrypt one block and AAD of one block. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, AES_BLOCK_SIZE, aad,
- AES_BLOCK_SIZE), 0);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, AES_BLOCK_SIZE, aad,
- AES_BLOCK_SIZE), 0);
- AssertIntEQ(XMEMCMP(plain, in, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, AES_BLOCK_SIZE, aad,
+ AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, AES_BLOCK_SIZE, aad,
+ AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(plain, in, AES_BLOCK_SIZE), 0);
/* Finalize and check tag matches. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
- AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
- AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ wc_AesFree(aesEnc);
+ wc_AesFree(aesDec);
+ ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* No data to encrypt/decrypt one byte of AAD. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), 0);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), 0);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), 0);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), 0);
/* Finalize and check tag matches. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
- AssertIntEQ(XMEMCMP(tag, expTagAAD1, AES_BLOCK_SIZE), 0);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(tag, expTagAAD1, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
- AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
- AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ wc_AesFree(aesEnc);
+ wc_AesFree(aesDec);
+ ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* Encrypt/decrypt one byte and no AAD. */
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, NULL, 0), 0);
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, NULL, 0), 0);
- AssertIntEQ(XMEMCMP(plain, in, 1), 0);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, NULL, 0), 0);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, NULL, 0), 0);
+ ExpectIntEQ(XMEMCMP(plain, in, 1), 0);
/* Finalize and check tag matches. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
- AssertIntEQ(XMEMCMP(tag, expTagPlain1, AES_BLOCK_SIZE), 0);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(tag, expTagPlain1, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Set key and IV through streaming init API. */
- AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
- AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ wc_AesFree(aesEnc);
+ wc_AesFree(aesDec);
+ ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
/* Encryption AES is one byte at a time */
for (i = 0; i < (int)sizeof(aad); i++) {
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad + i, 1),
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad + i, 1),
0);
}
for (i = 0; i < (int)sizeof(in); i++) {
- AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out + i, in + i, 1, NULL, 0),
- 0);
+ ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out + i, in + i, 1, NULL, 0),
+ 0);
}
/* Decryption AES is two bytes at a time */
for (i = 0; i < (int)sizeof(aad); i += 2) {
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad + i, 2),
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad + i, 2),
0);
}
for (i = 0; i < (int)sizeof(aad); i += 2) {
- AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain + i, out + i, 2, NULL,
- 0), 0);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain + i, out + i, 2, NULL,
+ 0), 0);
}
- AssertIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
+ ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
/* Finalize and check tag matches. */
- AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
- AssertIntEQ(XMEMCMP(tag, expTag, AES_BLOCK_SIZE), 0);
- AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(tag, expTag, AES_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
/* Check streaming encryption can be decrypted with one shot. */
- AssertIntEQ(wc_AesGcmSetKey(aesDec, key, sizeof(key)), 0);
- AssertIntEQ(wc_AesGcmDecrypt(aesDec, plain, out, sizeof(in), iv,
+ wc_AesFree(aesDec);
+ ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+ ExpectIntEQ(wc_AesGcmSetKey(aesDec, key, sizeof(key)), 0);
+ ExpectIntEQ(wc_AesGcmDecrypt(aesDec, plain, out, sizeof(in), iv,
AES_IV_SIZE, tag, AES_BLOCK_SIZE, aad, sizeof(aad)), 0);
- AssertIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
+ ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
wc_AesFree(aesEnc);
wc_AesFree(aesDec);
wc_FreeRng(rng);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_AesGcmStream */
- res = TEST_RES_CHECK(ret == 0);
+
+/*
+ * Testing streaming SM4 API.
+ */
+static int test_wc_Sm4(void)
+{
+ int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4
+ EXPECT_DECLS;
+ wc_Sm4 sm4;
+#if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \
+ defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM)
+ unsigned char key[SM4_KEY_SIZE];
+#endif
+#if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR)
+ unsigned char iv[SM4_IV_SIZE];
+#endif
+
+ /* Invalid parameters - wc_Sm4Init */
+ ExpectIntEQ(wc_Sm4Init(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4Init */
+ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+
+#if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \
+ defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM)
+ XMEMSET(key, 0, sizeof(key));
+
+ /* Invalid parameters - wc_Sm4SetKey. */
+ ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(NULL, key, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE-1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE+1), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4SetKey. */
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+#endif
+
+#if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR)
+ XMEMSET(iv, 0, sizeof(iv));
+
+ /* Invalid parameters - wc_Sm4SetIV. */
+ ExpectIntEQ(wc_Sm4SetIV(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4SetIV(NULL, iv), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4SetIV. */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+#endif
+
+ /* Valid cases - wc_Sm4Free */
+ wc_Sm4Free(NULL);
+ wc_Sm4Free(&sm4);
+
+ res = EXPECT_RESULT();
#endif
return res;
+} /* END test_wc_Sm4 */
-} /* END test_wc_AesGcmStream */
+/*
+ * Testing block based SM4-ECB API.
+ */
+static int test_wc_Sm4Ecb(void)
+{
+ int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_ECB
+ EXPECT_DECLS;
+ wc_Sm4 sm4;
+ unsigned char key[SM4_KEY_SIZE];
+ unsigned char in[SM4_BLOCK_SIZE * 2];
+ unsigned char out[SM4_BLOCK_SIZE * 2];
+ unsigned char out2[SM4_BLOCK_SIZE];
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(in, 0, sizeof(in));
+
+ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), MISSING_KEY);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), MISSING_KEY);
+
+ /* Tested in test_wc_Sm4. */
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+
+ /* Invalid parameters - wc_Sm4EcbEncrypt. */
+ ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4EcbEncrypt. */
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), 0);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+ /* In and out are same pointer. */
+ ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+ /* Invalid parameters - wc_Sm4EcbDecrypt. */
+ ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4EcbDecrypt. */
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), 0);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+ /* In and out are same pointer. */
+ ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+ wc_Sm4Free(&sm4);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+} /* END test_wc_Sm4Ecb */
+
+/*
+ * Testing block based SM4-CBC API.
+ */
+static int test_wc_Sm4Cbc(void)
+{
+ int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_CBC
+ EXPECT_DECLS;
+ wc_Sm4 sm4;
+ unsigned char key[SM4_KEY_SIZE];
+ unsigned char iv[SM4_IV_SIZE];
+ unsigned char in[SM4_BLOCK_SIZE * 2];
+ unsigned char out[SM4_BLOCK_SIZE * 2];
+ unsigned char out2[SM4_BLOCK_SIZE];
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(iv, 0, sizeof(iv));
+ XMEMSET(in, 0, sizeof(in));
+
+ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_KEY);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_KEY);
+ /* Tested in test_wc_Sm4. */
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_IV);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_IV);
+ /* Tested in test_wc_Sm4. */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+
+ /* Invalid parameters - wc_Sm4CbcEncrypt. */
+ ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4CbcEncrypt. */
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), 0);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+ /* In and out are same pointer. */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+ /* Invalid parameters - wc_Sm4CbcDecrypt. */
+ ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ /* Valid cases - wc_Sm4CbcDecrypt. */
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), 0);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+ /* In and out are same pointer. */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+ wc_Sm4Free(&sm4);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+} /* END test_wc_Sm4Cbc */
+
+/*
+ * Testing streaming SM4-CTR API.
+ */
+static int test_wc_Sm4Ctr(void)
+{
+ int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_CTR
+ EXPECT_DECLS;
+ wc_Sm4 sm4;
+ unsigned char key[SM4_KEY_SIZE];
+ unsigned char iv[SM4_IV_SIZE];
+ unsigned char in[SM4_BLOCK_SIZE * 4];
+ unsigned char out[SM4_BLOCK_SIZE * 4];
+ unsigned char out2[SM4_BLOCK_SIZE * 4];
+ word32 chunk;
+ word32 i;
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(iv, 0, sizeof(iv));
+ XMEMSET(in, 0, sizeof(in));
+
+ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_KEY);
+ /* Tested in test_wc_Sm4. */
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_IV);
+ /* Tested in test_wc_Sm4. */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+
+ /* Invalid parameters - wc_Sm4CtrEncrypt. */
+ ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4CtrEncrypt. */
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, 1), 0);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 2), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, 1), 0);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(out2, out, 2), 0);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+ /* In and out are same pointer. Also check encrypt of cipher text produces
+ * plaintext.
+ */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, out, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+ /* Chunking tests. */
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, (word32)sizeof(in)), 0);
+ for (chunk = 1; chunk <= SM4_BLOCK_SIZE + 1; chunk++) {
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ for (i = 0; i + chunk <= (word32)sizeof(in); i += chunk) {
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i, chunk), 0);
+ }
+ if (i < (word32)sizeof(in)) {
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i,
+ (word32)sizeof(in) - i), 0);
+ }
+ ExpectIntEQ(XMEMCMP(out, out2, (word32)sizeof(out)), 0);
+ }
+
+ for (i = 0; i < (word32)sizeof(iv); i++) {
+ iv[i] = 0xff;
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+ ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, out, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(XMEMCMP(out2, in, SM4_BLOCK_SIZE * 2), 0);
+ }
+
+ wc_Sm4Free(&sm4);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+} /* END test_wc_Sm4Ctr */
+
+/*
+ * Testing stream SM4-GCM API.
+ */
+static int test_wc_Sm4Gcm(void)
+{
+ int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_GCM
+ EXPECT_DECLS;
+ wc_Sm4 sm4;
+ unsigned char key[SM4_KEY_SIZE];
+ unsigned char nonce[GCM_NONCE_MAX_SZ];
+ unsigned char in[SM4_BLOCK_SIZE * 2];
+ unsigned char in2[SM4_BLOCK_SIZE * 2];
+ unsigned char out[SM4_BLOCK_SIZE * 2];
+ unsigned char out2[SM4_BLOCK_SIZE * 2];
+ unsigned char dec[SM4_BLOCK_SIZE * 2];
+ unsigned char tag[SM4_BLOCK_SIZE];
+ unsigned char aad[SM4_BLOCK_SIZE * 2];
+ word32 i;
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(nonce, 0, sizeof(nonce));
+ XMEMSET(in, 0, sizeof(in));
+ XMEMSET(in2, 0, sizeof(in2));
+ XMEMSET(aad, 0, sizeof(aad));
+
+ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+
+ /* Invalid parameters - wc_Sm4GcmSetKey. */
+ ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG);
+
+ /* Valid parameters - wc_Sm4GcmSetKey. */
+ ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, SM4_KEY_SIZE), 0);
+
+ /* Invalid parameters - wc_Sm4GcmEncrypt. */
+ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+ NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+ SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, 0, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ,
+ NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+ WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+ /* Invalid parameters - wc_Sm4GcmDecrypt. */
+ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+ NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+ SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, 0, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ,
+ NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+ WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+ SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0);
+
+ /* Check vald values of nonce - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+ GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)),
+ SM4_GCM_AUTH_E);
+
+ /* Check valid values of tag size - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
+ for (i = WOLFSSL_MIN_AUTH_TAG_SZ; i < SM4_BLOCK_SIZE; i++) {
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0);
+ }
+
+ /* Check different in/out sizes. */
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce,
+ GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) {
+ XMEMCPY(out2, out, i - 1);
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, i, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, dec, out, i, nonce, GCM_NONCE_MID_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(in, dec, i), 0);
+ }
+
+ /* Force the counter to roll over in first byte. */
+ {
+ static unsigned char largeIn[256 * SM4_BLOCK_SIZE];
+ static unsigned char largeOut[256 * SM4_BLOCK_SIZE];
+
+ ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn),
+ nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn),
+ nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0);
+ }
+
+ wc_Sm4Free(&sm4);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+} /* END test_wc_Sm4Gcm */
+
+/*
+ * Testing stream SM4-CCM API.
+ */
+static int test_wc_Sm4Ccm(void)
+{
+ int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_CCM
+ EXPECT_DECLS;
+ wc_Sm4 sm4;
+ unsigned char key[SM4_KEY_SIZE];
+ unsigned char nonce[CCM_NONCE_MAX_SZ];
+ unsigned char in[SM4_BLOCK_SIZE * 2];
+ unsigned char in2[SM4_BLOCK_SIZE * 2];
+ unsigned char out[SM4_BLOCK_SIZE * 2];
+ unsigned char out2[SM4_BLOCK_SIZE * 2];
+ unsigned char dec[SM4_BLOCK_SIZE * 2];
+ unsigned char tag[SM4_BLOCK_SIZE];
+ unsigned char aad[SM4_BLOCK_SIZE * 2];
+ word32 i;
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(nonce, 0, sizeof(nonce));
+ XMEMSET(in, 0, sizeof(in));
+ XMEMSET(in2, 0, sizeof(in2));
+ XMEMSET(aad, 0, sizeof(aad));
+
+ ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+ ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+
+ /* Invalid parameters - wc_Sm4CcmEncrypt. */
+ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+ NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+ SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, 0, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ,
+ NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+ WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+ /* Invalid parameters - wc_Sm4CcmDecrypt. */
+ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+ 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+ NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+ SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, 0, tag,
+ SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ,
+ NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+ WOLFSSL_MIN_AUTH_TAG_SZ - 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+ SM4_BLOCK_SIZE + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+ /* Valid cases - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0);
+
+ /* Check vald values of nonce - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
+ for (i = CCM_NONCE_MIN_SZ; i <= CCM_NONCE_MAX_SZ; i++) {
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ }
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)),
+ SM4_CCM_AUTH_E);
+
+ /* Check invalid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
+ for (i = 0; i < 4; i++) {
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ }
+ /* Odd values in range 4..SM4_BLOCK_SIZE. */
+ for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) {
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+ }
+ /* Check valid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt.
+ * Even values in range 4..SM4_BLOCK_SIZE.
+ */
+ for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) {
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+ CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0);
+ }
+
+ /* Check different in/out sizes. */
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce,
+ CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+ for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) {
+ XMEMCPY(out2, out, i - 1);
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, i, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, dec, out, i, nonce, CCM_NONCE_MAX_SZ,
+ tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(in, dec, i), 0);
+ }
+
+ /* Force the counter to roll over in first byte. */
+ {
+ static unsigned char largeIn[256 * SM4_BLOCK_SIZE];
+ static unsigned char largeOut[256 * SM4_BLOCK_SIZE];
+
+ ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn),
+ nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn),
+ nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+ ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0);
+ }
+
+ wc_Sm4Free(&sm4);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+} /* END test_wc_Sm4Ccm */
/*
@@ -17785,55 +16993,36 @@ static int test_wc_AesGcmStream(void)
*/
static int test_wc_Des3_SetIV(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_DES3
Des3 des;
- int ret = 0;
- const byte key[] =
- {
+ const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
-
- const byte iv[] =
- {
+ const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
- ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ XMEMSET(&des, 0, sizeof(Des3));
- /* DES_ENCRYPTION or DES_DECRYPTION */
- ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
+ ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
- if (ret == 0) {
- if (XMEMCMP(iv, des.reg, DES_BLOCK_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* DES_ENCRYPTION or DES_DECRYPTION */
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
+ ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0);
#ifndef HAVE_FIPS /* no sanity checks with FIPS wrapper */
/* Test explicitly wc_Des3_SetIV() */
- if (ret == 0) {
- ret = wc_Des3_SetIV(NULL, iv);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_SetIV(&des, NULL);
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Des3_SetIV(NULL, iv), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_SetIV(&des, NULL), 0);
#endif
-
wc_Des3Free(&des);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Des3_SetIV */
@@ -17842,56 +17031,38 @@ static int test_wc_Des3_SetIV(void)
*/
static int test_wc_Des3_SetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_DES3
Des3 des;
- int ret = 0;
- const byte key[] =
- {
+ const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
-
- const byte iv[] =
- {
+ const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
- ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ XMEMSET(&des, 0, sizeof(Des3));
+
+ ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
/* DES_ENCRYPTION or DES_DECRYPTION */
- ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
- if (ret == 0) {
- if (XMEMCMP(iv, des.reg, DES_BLOCK_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
+ ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_SetKey(&des, key, iv, -1);
- }
- if (ret == BAD_FUNC_ARG) {
- /* Default case. Should return 0. */
- ret = wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION);
- }
- } /* END if ret != 0 */
+ ExpectIntEQ(wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, -1), BAD_FUNC_ARG);
+ /* Default case. Should return 0. */
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION), 0);
wc_Des3Free(&des);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Des3_SetKey */
@@ -17901,94 +17072,50 @@ static int test_wc_Des3_SetKey(void)
*/
static int test_wc_Des3_CbcEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_DES3
Des3 des;
- int ret = 0;
byte cipher[24];
byte plain[24];
-
- const byte key[] =
- {
+ const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
-
- const byte iv[] =
- {
+ const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
-
const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
- ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
- ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
-
- if (ret == 0) {
- ret = wc_Des3_CbcEncrypt(&des, cipher, vector, 24);
+ XMEMSET(&des, 0, sizeof(Des3));
- if (ret == 0) {
- ret = wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION);
- }
- if (ret == 0) {
- ret = wc_Des3_CbcDecrypt(&des, plain, cipher, 24);
- }
- }
+ ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
- if (ret == 0) {
- if (XMEMCMP(plain, vector, 24) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, vector, 24), 0);
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION), 0);
+ ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, cipher, 24), 0);
+ ExpectIntEQ(XMEMCMP(plain, vector, 24), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_Des3_CbcEncrypt(NULL, cipher, vector, 24);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcEncrypt(&des, NULL, vector, 24);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector));
- }
- if (ret != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_Des3_CbcEncrypt(NULL, cipher, vector, 24), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcEncrypt(&des, NULL, vector, 24), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector)),
+ BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_Des3_CbcDecrypt(NULL, plain, cipher, 24);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcDecrypt(&des, NULL, cipher, 24);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcDecrypt(&des, plain, NULL, 24);
- }
- if (ret != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_Des3_CbcDecrypt(NULL, plain, cipher, 24), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcDecrypt(&des, NULL, cipher, 24), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, NULL, 24), BAD_FUNC_ARG);
wc_Des3Free(&des);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END wc_Des3_CbcEncrypt */
@@ -17997,166 +17124,101 @@ static int test_wc_Des3_CbcEncryptDecrypt(void)
*/
static int test_wc_Des3_CbcEncryptDecryptWithKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_DES3
- int ret = 0;
word32 vectorSz, cipherSz;
byte cipher[24];
byte plain[24];
-
- byte vector[] = /* Now is the time for all w/o trailing 0 */
- {
+ byte vector[] = { /* Now is the time for all w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
-
- byte key[] =
- {
+ byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
-
- byte iv[] =
- {
+ byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
-
vectorSz = sizeof(byte) * 24;
cipherSz = sizeof(byte) * 24;
- ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv);
- if (ret == 0) {
- ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv);
- if (ret == 0) {
- if (XMEMCMP(plain, vector, 24) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv),
+ 0);
+ ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv), 0);
+ ExpectIntEQ(XMEMCMP(plain, vector, 24), 0);
/* pass in bad args. */
- if (ret == 0) {
- ret = wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz,
- key, NULL);
- }
- else {
- /* Return code catch. */
- ret = WOLFSSL_FAILURE;
- }
- }
-
- if (ret == 0) {
- ret = wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL);
- }
- else {
- ret = WOLFSSL_FAILURE;
- }
- }
+ ExpectIntEQ(wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, NULL),
+ 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL),
+ 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Des3_CbcEncryptDecryptWithKey */
/*
* Unit test for wc_Des3_EcbEncrypt
*/
static int test_wc_Des3_EcbEncrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
Des3 des;
- int ret = 0;
byte cipher[24];
word32 cipherSz = sizeof(cipher);
-
- const byte key[] =
- {
+ const byte key[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
-
- const byte iv[] =
- {
+ const byte iv[] = {
0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
};
-
const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
- ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
- if (ret != 0) {
- return ret;
- }
- if (ret == 0 ) {
- ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
- }
+ XMEMSET(&des, 0, sizeof(Des3));
+
+ ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
+
/* Bad Cases */
- if (ret == 0) {
- ret = wc_Des3_EcbEncrypt(NULL, cipher, vector, cipherSz);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Des3_EcbEncrypt(&des, 0, vector, cipherSz);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Des3_EcbEncrypt(&des, cipher, NULL, cipherSz);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Des3_EcbEncrypt(&des, cipher, vector, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Des3_EcbEncrypt(NULL, 0, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, 0, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, cipher, vector, cipherSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_EcbEncrypt(&des, 0, vector, cipherSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, NULL, cipherSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, 0), 0);
+
/* Good Cases */
- if (ret == 0) {
- ret = wc_Des3_EcbEncrypt(&des, cipher, vector, cipherSz);
- }
- wc_Des3Free(&des);
+ ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, cipherSz), 0);
- res = TEST_RES_CHECK(ret == 0);
+ wc_Des3Free(&des);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Des3_EcbEncrypt */
/*
@@ -18164,51 +17226,29 @@ static int test_wc_Des3_EcbEncrypt(void)
*/
static int test_wc_Chacha_SetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CHACHA
- ChaCha ctx;
- const byte key[] =
- {
+ ChaCha ctx;
+ const byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
};
- byte cipher[128];
- int ret = 0;
+ word32 keySz = (word32)(sizeof(key)/sizeof(byte));
+ byte cipher[128];
- ret = wc_Chacha_SetKey(&ctx, key, (word32)(sizeof(key)/sizeof(byte)));
+ XMEMSET(cipher, 0, sizeof(cipher));
+ ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, keySz), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Chacha_SetKey(NULL, key, (word32)(sizeof(key)/sizeof(byte)));
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Chacha_SetKey(&ctx, key, 18);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Chacha_SetKey(NULL, key, keySz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, 18), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_Chacha_SetIV(&ctx, cipher, 0);
- }
- if (ret == 0) {
- /* Test bad args. */
- ret = wc_Chacha_SetIV(NULL, cipher, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FAILURE;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_Chacha_SetIV(&ctx, cipher, 0), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_Chacha_SetIV(NULL, cipher, 0), BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Chacha_SetKey */
/*
@@ -18216,9 +17256,9 @@ static int test_wc_Chacha_SetKey(void)
*/
static int test_wc_Poly1305SetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_POLY1305
- Poly1305 ctx;
+ Poly1305 ctx;
const byte key[] =
{
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -18226,29 +17266,16 @@ static int test_wc_Poly1305SetKey(void)
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
};
- int ret = 0;
+ word32 keySz = (word32)(sizeof(key)/sizeof(byte));
- ret = wc_Poly1305SetKey(&ctx, key, (word32)(sizeof(key)/sizeof(byte)));
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_Poly1305SetKey(NULL, key, (word32)(sizeof(key)/sizeof(byte)));
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Poly1305SetKey(&ctx, NULL, (word32)(sizeof(key)/sizeof(byte)));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Poly1305SetKey(&ctx, key, 18);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, keySz), 0);
- res = TEST_RES_CHECK(ret == 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_Poly1305SetKey(NULL, key,keySz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Poly1305SetKey(&ctx, NULL, keySz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, 18), BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Poly1305_SetKey() */
/*
@@ -18256,7 +17283,7 @@ static int test_wc_Poly1305SetKey(void)
*/
static int test_wc_Chacha_Process(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CHACHA
ChaCha enc, dec;
byte cipher[128];
@@ -18271,47 +17298,35 @@ static int test_wc_Chacha_Process(void)
const char* input = "Everybody gets Friday off.";
word32 keySz = sizeof(key)/sizeof(byte);
unsigned long int inlen = XSTRLEN(input);
- int ret = 0;
- /*Initialize stack varialbes.*/
+ /* Initialize stack variables. */
XMEMSET(cipher, 0, 128);
XMEMSET(plain, 0, 128);
- ret = wc_Chacha_SetKey(&enc, key, keySz);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_SetKey(&dec, key, keySz);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_SetIV(&enc, cipher, 0);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_SetIV(&dec, cipher, 0);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_Chacha_SetKey(&enc, key, keySz), 0);
+ ExpectIntEQ(wc_Chacha_SetKey(&dec, key, keySz), 0);
+ ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0);
+ ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0);
- ret = wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_Process(&dec, plain, cipher, (word32)inlen);
- AssertIntEQ(ret, 0);
- ret = XMEMCMP(input, plain, (int)inlen);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen),
+ 0);
+ ExpectIntEQ(wc_Chacha_Process(&dec, plain, cipher, (word32)inlen), 0);
+ ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0);
#if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(WOLFSSL_ARMASM)
/* test checking and using leftovers, currently just in C code */
- ret = wc_Chacha_SetIV(&enc, cipher, 0);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_SetIV(&dec, cipher, 0);
- AssertIntEQ(ret, 0);
-
- ret = wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen - 2);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_Process(&enc, cipher + (inlen - 2),
- (byte*)input + (inlen - 2), 2);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_Process(&dec, plain, (byte*)cipher, (word32)inlen - 2);
- AssertIntEQ(ret, 0);
- ret = wc_Chacha_Process(&dec, cipher + (inlen - 2),
- (byte*)input + (inlen - 2), 2);
- AssertIntEQ(ret, 0);
- ret = XMEMCMP(input, plain, (int)inlen);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0);
+ ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0);
+
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input,
+ (word32)inlen - 2), 0);
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher + (inlen - 2),
+ (byte*)input + (inlen - 2), 2), 0);
+ ExpectIntEQ(wc_Chacha_Process(&dec, plain, (byte*)cipher,
+ (word32)inlen - 2), 0);
+ ExpectIntEQ(wc_Chacha_Process(&dec, cipher + (inlen - 2),
+ (byte*)input + (inlen - 2), 2), 0);
+ ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0);
/* check edge cases with counter increment */
{
@@ -18360,38 +17375,28 @@ static int test_wc_Chacha_Process(void)
for (i = 0; i < 256; i++)
input2[i] = i;
- ret = wc_Chacha_SetIV(&enc, iv2, 0);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_Chacha_SetIV(&enc, iv2, 0), 0);
- ret = wc_Chacha_Process(&enc, cipher, input2, 64);
- AssertIntEQ(ret, 0);
- AssertIntEQ(XMEMCMP(expected, cipher, 64), 0);
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2, 64), 0);
+ ExpectIntEQ(XMEMCMP(expected, cipher, 64), 0);
- ret = wc_Chacha_Process(&enc, cipher, input2 + 64, 128);
- AssertIntEQ(ret, 0);
- AssertIntEQ(XMEMCMP(expected + 64, cipher, 128), 0);
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 64, 128), 0);
+ ExpectIntEQ(XMEMCMP(expected + 64, cipher, 128), 0);
/* partial */
- ret = wc_Chacha_Process(&enc, cipher, input2 + 192, 32);
- AssertIntEQ(ret, 0);
- AssertIntEQ(XMEMCMP(expected + 192, cipher, 32), 0);
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 192, 32), 0);
+ ExpectIntEQ(XMEMCMP(expected + 192, cipher, 32), 0);
- ret = wc_Chacha_Process(&enc, cipher, input2 + 224, 32);
- AssertIntEQ(ret, 0);
- AssertIntEQ(XMEMCMP(expected + 224, cipher, 32), 0);
+ ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 224, 32), 0);
+ ExpectIntEQ(XMEMCMP(expected + 224, cipher, 32), 0);
}
#endif
/* Test bad args. */
- ret = wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen),
+ BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Chacha_Process */
/*
@@ -18399,7 +17404,7 @@ static int test_wc_Chacha_Process(void)
*/
static int test_wc_ChaCha20Poly1305_aead(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
const byte key[] = {
0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
@@ -18407,7 +17412,6 @@ static int test_wc_ChaCha20Poly1305_aead(void)
0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
};
-
const byte plaintext[] = {
0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
@@ -18425,12 +17429,10 @@ static int test_wc_ChaCha20Poly1305_aead(void)
0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
0x74, 0x2e
};
-
const byte iv[] = {
0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43,
0x44, 0x45, 0x46, 0x47
};
-
const byte aad[] = { /* additional data */
0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
0xc4, 0xc5, 0xc6, 0xc7
@@ -18459,78 +17461,57 @@ static int test_wc_ChaCha20Poly1305_aead(void)
byte generatedCiphertext[272];
byte generatedPlaintext[272];
byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
- int ret = 0;
/* Initialize stack variables. */
XMEMSET(generatedCiphertext, 0, 272);
XMEMSET(generatedPlaintext, 0, 272);
/* Test Encrypt */
- ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext,
- sizeof(plaintext), generatedCiphertext, generatedAuthTag);
- AssertIntEQ(ret, 0);
- ret = XMEMCMP(generatedCiphertext, cipher, sizeof(cipher)/sizeof(byte));
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+ plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+ 0);
+ ExpectIntEQ(XMEMCMP(generatedCiphertext, cipher,
+ sizeof(cipher)/sizeof(byte)), 0);
/* Test bad args. */
- ret = wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad), plaintext,
- sizeof(plaintext), generatedCiphertext, generatedAuthTag);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad),
- plaintext, sizeof(plaintext),
- generatedCiphertext, generatedAuthTag);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL,
- sizeof(plaintext), generatedCiphertext, generatedAuthTag);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
- NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
- plaintext, sizeof(plaintext), NULL, generatedAuthTag);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
- plaintext, sizeof(plaintext), generatedCiphertext, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- (void)ret; /* suppress never read */
- }
-
- ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
- sizeof(cipher), authTag, generatedPlaintext);
- AssertIntEQ(ret, 0);
- ret = XMEMCMP(generatedPlaintext, plaintext,
- sizeof(plaintext)/sizeof(byte));
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad),
+ plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad),
+ plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL,
+ sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+ NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+ plaintext, sizeof(plaintext), NULL, generatedAuthTag), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+ plaintext, sizeof(plaintext), generatedCiphertext, NULL), BAD_FUNC_ARG);
- /* Test bad args. */
- ret = wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher,
- sizeof(cipher), authTag, generatedPlaintext);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad),
- cipher, sizeof(cipher), authTag, generatedPlaintext);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
- sizeof(cipher), authTag, generatedPlaintext);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
- sizeof(cipher), NULL, generatedPlaintext);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
- sizeof(cipher), authTag, NULL);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
- sizeof(cipher), authTag, generatedPlaintext);
- AssertIntEQ(ret, BAD_FUNC_ARG);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
+ sizeof(cipher), authTag, generatedPlaintext), 0);
+ ExpectIntEQ(XMEMCMP(generatedPlaintext, plaintext,
+ sizeof(plaintext)/sizeof(byte)), 0);
- res = TEST_RES_CHECK(ret == 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher,
+ sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad),
+ cipher, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
+ sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
+ sizeof(cipher), NULL, generatedPlaintext), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
+ sizeof(cipher), authTag, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
+ sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
#endif
- return res;
-
-} /* END test-wc_ChaCha20Poly1305_EncryptDecrypt */
+ return EXPECT_RESULT();
+} /* END test_wc_ChaCha20Poly1305_aead */
/*
@@ -18538,78 +17519,38 @@ static int test_wc_ChaCha20Poly1305_aead(void)
*/
static int test_wc_Rc2SetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WC_RC2
- Rc2 rc2;
- byte key40[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
- byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
- int ret = 0;
+ Rc2 rc2;
+ byte key40[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
+ byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
/* valid key and IV */
- ret = wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
- iv, 40);
- if (ret == 0) {
- /* valid key, no IV */
- ret = wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
- NULL, 40);
- }
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
+ iv, 40), 0);
+ /* valid key, no IV */
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
+ NULL, 40), 0);
/* bad arguments */
- if (ret == 0) {
- /* null Rc2 struct */
- ret = wc_Rc2SetKey(NULL, key40, (word32) sizeof(key40) / sizeof(byte),
- iv, 40);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null key */
- ret = wc_Rc2SetKey(&rc2, NULL, (word32) sizeof(key40) / sizeof(byte),
- iv, 40);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* key size == 0 */
- ret = wc_Rc2SetKey(&rc2, key40, 0, iv, 40);
- if (ret == WC_KEY_SIZE_E) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* key size > 128 */
- ret = wc_Rc2SetKey(&rc2, key40, 129, iv, 40);
- if (ret == WC_KEY_SIZE_E) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* effective bits == 0 */
- ret = wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
- iv, 0);
- if (ret == WC_KEY_SIZE_E) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* effective bits > 1024 */
- ret = wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
- iv, 1025);
- if (ret == WC_KEY_SIZE_E) {
- ret = 0;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ /* null Rc2 struct */
+ ExpectIntEQ(wc_Rc2SetKey(NULL, key40, (word32) sizeof(key40) / sizeof(byte),
+ iv, 40), BAD_FUNC_ARG);
+ /* null key */
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, NULL, (word32) sizeof(key40) / sizeof(byte),
+ iv, 40), BAD_FUNC_ARG);
+ /* key size == 0 */
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 0, iv, 40), WC_KEY_SIZE_E);
+ /* key size > 128 */
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 129, iv, 40), WC_KEY_SIZE_E);
+ /* effective bits == 0 */
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
+ iv, 0), WC_KEY_SIZE_E);
+ /* effective bits > 1024 */
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
+ iv, 1025), WC_KEY_SIZE_E);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Rc2SetKey */
/*
@@ -18617,46 +17558,34 @@ static int test_wc_Rc2SetKey(void)
*/
static int test_wc_Rc2SetIV(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WC_RC2
- Rc2 rc2;
- byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
- int ret = 0;
+ Rc2 rc2;
+ byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
/* valid IV */
- ret = wc_Rc2SetIV(&rc2, iv);
- if (ret == 0) {
- /* valid NULL IV */
- ret = wc_Rc2SetIV(&rc2, NULL);
- }
+ ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0);
+ /* valid NULL IV */
+ ExpectIntEQ(wc_Rc2SetIV(&rc2, NULL), 0);
/* bad arguments */
- if (ret == 0) {
- ret = wc_Rc2SetIV(NULL, iv);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_Rc2SetIV(NULL, iv), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Rc2SetIV(NULL, NULL), BAD_FUNC_ARG);
#endif
- return res;
-} /* END test_wc_Rc2SetKey */
+ return EXPECT_RESULT();
+} /* END test_wc_Rc2SetIV */
/*
- * Testing function for wc_Rc2EcbEncrypt().
+ * Testing function for wc_Rc2EcbEncrypt() and wc_Rc2EcbDecrypt().
*/
static int test_wc_Rc2EcbEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WC_RC2
- Rc2 rc2;
- int ret = 0;
+ Rc2 rc2;
int effectiveKeyBits = 63;
-
byte cipher[RC2_BLOCK_SIZE];
byte plain[RC2_BLOCK_SIZE];
-
byte key[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte input[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte output[] = { 0xeb, 0xb7, 0x73, 0xf9, 0x93, 0x27, 0x8e, 0xff };
@@ -18664,115 +17593,62 @@ static int test_wc_Rc2EcbEncryptDecrypt(void)
XMEMSET(cipher, 0, sizeof(cipher));
XMEMSET(plain, 0, sizeof(plain));
- ret = wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
- NULL, effectiveKeyBits);
- if (ret == 0) {
- ret = wc_Rc2EcbEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE);
- if (ret != 0 || XMEMCMP(cipher, output, RC2_BLOCK_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
+ NULL, effectiveKeyBits), 0);
+ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(cipher, output, RC2_BLOCK_SIZE), 0);
- if (ret == 0) {
- ret = wc_Rc2EcbDecrypt(&rc2, plain, cipher, RC2_BLOCK_SIZE);
- if (ret != 0 || XMEMCMP(plain, input, RC2_BLOCK_SIZE) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, cipher, RC2_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(plain, input, RC2_BLOCK_SIZE), 0);
/* Rc2EcbEncrypt bad arguments */
- if (ret == 0) {
- /* null Rc2 struct */
- ret = wc_Rc2EcbEncrypt(NULL, cipher, input, RC2_BLOCK_SIZE);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null out buffer */
- ret = wc_Rc2EcbEncrypt(&rc2, NULL, input, RC2_BLOCK_SIZE);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null input buffer */
- ret = wc_Rc2EcbEncrypt(&rc2, cipher, NULL, RC2_BLOCK_SIZE);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* output buffer sz != RC2_BLOCK_SIZE (8) */
- ret = wc_Rc2EcbEncrypt(&rc2, cipher, input, 7);
- if (ret == BUFFER_E) {
- ret = 0;
- }
- }
+ /* null Rc2 struct */
+ ExpectIntEQ(wc_Rc2EcbEncrypt(NULL, cipher, input, RC2_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ /* null out buffer */
+ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, NULL, input, RC2_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ /* null input buffer */
+ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, NULL, RC2_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ /* output buffer sz != RC2_BLOCK_SIZE (8) */
+ ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, 7), BUFFER_E);
/* Rc2EcbDecrypt bad arguments */
- if (ret == 0) {
- /* null Rc2 struct */
- ret = wc_Rc2EcbDecrypt(NULL, plain, output, RC2_BLOCK_SIZE);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null out buffer */
- ret = wc_Rc2EcbDecrypt(&rc2, NULL, output, RC2_BLOCK_SIZE);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null input buffer */
- ret = wc_Rc2EcbDecrypt(&rc2, plain, NULL, RC2_BLOCK_SIZE);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* output buffer sz != RC2_BLOCK_SIZE (8) */
- ret = wc_Rc2EcbDecrypt(&rc2, plain, output, 7);
- if (ret == BUFFER_E) {
- ret = 0;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ /* null Rc2 struct */
+ ExpectIntEQ(wc_Rc2EcbDecrypt(NULL, plain, output, RC2_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ /* null out buffer */
+ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, NULL, output, RC2_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ /* null input buffer */
+ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, NULL, RC2_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ /* output buffer sz != RC2_BLOCK_SIZE (8) */
+ ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, output, 7), BUFFER_E);
#endif
- return res;
-} /* END test_wc_Rc2SetKey */
+ return EXPECT_RESULT();
+} /* END test_wc_Rc2EcbEncryptDecrypt */
/*
- * Testing function for wc_Rc2CbcEncrypt().
+ * Testing function for wc_Rc2CbcEncrypt() and wc_Rc2CbcDecrypt().
*/
static int test_wc_Rc2CbcEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WC_RC2
- Rc2 rc2;
- int ret = 0;
+ Rc2 rc2;
int effectiveKeyBits = 63;
-
byte cipher[RC2_BLOCK_SIZE*2];
byte plain[RC2_BLOCK_SIZE*2];
-
/* vector taken from test.c */
- byte key[] = {
+ byte key[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
byte iv[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
- byte input[] = {
+ byte input[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
@@ -18784,88 +17660,42 @@ static int test_wc_Rc2CbcEncryptDecrypt(void)
XMEMSET(cipher, 0, sizeof(cipher));
XMEMSET(plain, 0, sizeof(plain));
- ret = wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
- iv, effectiveKeyBits);
- if (ret == 0) {
- ret = wc_Rc2CbcEncrypt(&rc2, cipher, input, sizeof(input));
- if (ret != 0 || XMEMCMP(cipher, output, sizeof(output)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- /* reset IV for decrypt */
- ret = wc_Rc2SetIV(&rc2, iv);
- }
+ ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
+ iv, effectiveKeyBits), 0);
+ ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, input, sizeof(input)), 0);
+ ExpectIntEQ(XMEMCMP(cipher, output, sizeof(output)), 0);
- if (ret == 0) {
- ret = wc_Rc2CbcDecrypt(&rc2, plain, cipher, sizeof(cipher));
- if (ret != 0 || XMEMCMP(plain, input, sizeof(input)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* reset IV for decrypt */
+ ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0);
+ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, cipher, sizeof(cipher)), 0);
+ ExpectIntEQ(XMEMCMP(plain, input, sizeof(input)), 0);
/* Rc2CbcEncrypt bad arguments */
- if (ret == 0) {
- /* null Rc2 struct */
- ret = wc_Rc2CbcEncrypt(NULL, cipher, input, sizeof(input));
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null out buffer */
- ret = wc_Rc2CbcEncrypt(&rc2, NULL, input, sizeof(input));
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null input buffer */
- ret = wc_Rc2CbcEncrypt(&rc2, cipher, NULL, sizeof(input));
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ /* null Rc2 struct */
+ ExpectIntEQ(wc_Rc2CbcEncrypt(NULL, cipher, input, sizeof(input)),
+ BAD_FUNC_ARG);
+ /* null out buffer */
+ ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, NULL, input, sizeof(input)),
+ BAD_FUNC_ARG);
+ /* null input buffer */
+ ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, NULL, sizeof(input)),
+ BAD_FUNC_ARG);
/* Rc2CbcDecrypt bad arguments */
- if (ret == 0) {
- /* in size is 0 */
- ret = wc_Rc2CbcDecrypt(&rc2, plain, output, 0);
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (ret == 0) {
- /* null Rc2 struct */
- ret = wc_Rc2CbcDecrypt(NULL, plain, output, sizeof(output));
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null out buffer */
- ret = wc_Rc2CbcDecrypt(&rc2, NULL, output, sizeof(output));
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- if (ret == 0) {
- /* null input buffer */
- ret = wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output));
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ /* in size is 0 */
+ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, output, 0), 0);
+ /* null Rc2 struct */
+ ExpectIntEQ(wc_Rc2CbcDecrypt(NULL, plain, output, sizeof(output)),
+ BAD_FUNC_ARG);
+ /* null out buffer */
+ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, NULL, output, sizeof(output)),
+ BAD_FUNC_ARG);
+ /* null input buffer */
+ ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output)),
+ BAD_FUNC_ARG);
#endif
- return res;
-} /* END test_wc_Rc2SetKey */
+ return EXPECT_RESULT();
+} /* END test_wc_Rc2CbcEncryptDecrypt */
/*
@@ -18919,82 +17749,61 @@ static int test_wc_AesSetIV(void)
*/
static int test_wc_AesSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_AES
- Aes aes;
- int ret = 0;
- byte key16[] =
- {
+ Aes aes;
+ byte key16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#ifdef WOLFSSL_AES_192
- byte key24[] =
- {
+ byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
- byte key32[] =
- {
+ byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
- byte badKey16[] =
- {
+ byte badKey16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
};
- byte iv[] = "1234567890abcdef";
+ byte iv[] = "1234567890abcdef";
- ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ XMEMSET(&aes, 0, sizeof(Aes));
+
+ ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
- ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
- iv, AES_ENCRYPTION);
+ ExpectIntEQ(wc_AesSetKey(&aes, key16, (word32)sizeof(key16) / sizeof(byte),
+ iv, AES_ENCRYPTION), 0);
#endif
#ifdef WOLFSSL_AES_192
- if (ret == 0) {
- ret = wc_AesSetKey (&aes, key24, (word32) sizeof(key24) / sizeof(byte),
- iv, AES_ENCRYPTION);
- }
+ ExpectIntEQ(wc_AesSetKey(&aes, key24, (word32)sizeof(key24) / sizeof(byte),
+ iv, AES_ENCRYPTION), 0);
#endif
#ifdef WOLFSSL_AES_256
- if (ret == 0) {
- ret = wc_AesSetKey (&aes, key32, (word32) sizeof(key32) / sizeof(byte),
- iv, AES_ENCRYPTION);
- }
+ ExpectIntEQ(wc_AesSetKey(&aes, key32, (word32)sizeof(key32) / sizeof(byte),
+ iv, AES_ENCRYPTION), 0);
#endif
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_AesSetKey (NULL, key16, (word32) sizeof(key16) / sizeof(byte),
- iv, AES_ENCRYPTION);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesSetKey(&aes, badKey16,
- (word32) sizeof(badKey16) / sizeof(byte),
- iv, AES_ENCRYPTION);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_AesSetKey(NULL, key16, (word32)sizeof(key16) / sizeof(byte),
+ iv, AES_ENCRYPTION), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesSetKey(&aes, badKey16,
+ (word32)sizeof(badKey16) / sizeof(byte), iv, AES_ENCRYPTION),
+ BAD_FUNC_ARG);
wc_AesFree(&aes);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_AesSetKey */
@@ -19005,192 +17814,110 @@ static int test_wc_AesSetKey(void)
*/
static int test_wc_AesCbcEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \
defined(WOLFSSL_AES_256)
- Aes aes;
- int ret = 0;
- byte key32[] =
- {
+ Aes aes;
+ byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
- byte vector[] = /* Now is the time for all good men w/o trailing 0 */
- {
- 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
- 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
- 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20,
- 0x67,0x6f,0x6f,0x64,0x20,0x6d,0x65,0x6e
+ byte vector[] = { /* Now is the time for all good men w/o trailing 0 */
+ 0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
+ 0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20,
+ 0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20,
+ 0x67, 0x6f, 0x6f, 0x64, 0x20, 0x6d, 0x65, 0x6e
};
- byte iv[] = "1234567890abcdef";
+ byte iv[] = "1234567890abcdef";
byte enc[sizeof(vector)];
byte dec[sizeof(vector)];
- int cbcE = WOLFSSL_FATAL_ERROR;
- int cbcD = WOLFSSL_FATAL_ERROR;
- int cbcDWK = WOLFSSL_FATAL_ERROR;
byte dec2[sizeof(vector)];
/* Init stack variables. */
+ XMEMSET(&aes, 0, sizeof(Aes));
XMEMSET(enc, 0, sizeof(enc));
XMEMSET(dec, 0, sizeof(vector));
XMEMSET(dec2, 0, sizeof(vector));
- ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv,
+ AES_ENCRYPTION), 0);
+ ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector)), 0);
- ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION);
- if (ret == 0) {
- ret = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector));
- if (ret == 0) {
- /* Re init for decrypt and set flag. */
- cbcE = 0;
- wc_AesFree(&aes);
- ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2,
- iv, AES_DECRYPTION);
- }
- if (ret == 0) {
- ret = wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector));
- if (ret != 0 || XMEMCMP(vector, dec, sizeof(vector)) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- /* Set flag. */
- cbcD = 0;
- }
- }
- }
- /* If encrypt succeeds but cbc decrypt fails, we can still test. */
- if (ret == 0 || cbcE == 0) {
- ret = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
- key32, sizeof(key32)/sizeof(byte), iv);
- if (ret == 0 || XMEMCMP(vector, dec2, AES_BLOCK_SIZE) == 0) {
- cbcDWK = 0;
- }
- }
+ /* Re init for decrypt and set flag. */
+ ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv,
+ AES_DECRYPTION), 0);
+ ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector)), 0);
+ ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
+
+ ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE, key32,
+ sizeof(key32)/sizeof(byte), iv), 0);
+ ExpectIntEQ(XMEMCMP(vector, dec2, AES_BLOCK_SIZE), 0);
/* Pass in bad args */
- if (cbcE == 0) {
- cbcE = wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector));
- if (cbcE == BAD_FUNC_ARG) {
- cbcE = wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector));
- }
- if (cbcE == BAD_FUNC_ARG) {
- cbcE = wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector));
- }
- if (cbcE == BAD_FUNC_ARG) {
- cbcE = 0;
- }
- else {
- cbcE = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector)),
+ BAD_FUNC_ARG);
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
- if (cbcE == 0) {
- cbcE = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector) - 1);
- }
- if (cbcE == BAD_LENGTH_E) {
- cbcE = 0;
- }
- else {
- cbcE = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector) - 1),
+ BAD_LENGTH_E);
#endif
+#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION == 2) && defined(WOLFSSL_AESNI)
+ fprintf(stderr, "Zero length inputs not supported with AESNI in FIPS "
+ "mode (v2), skip test");
+#else
+ /* Test passing in size of 0 */
+ XMEMSET(enc, 0, sizeof(enc));
+ ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, 0), 0);
+ /* Check enc was not modified */
+ {
+ int i;
+ for (i = 0; i < (int)sizeof(enc); i++)
+ ExpectIntEQ(enc[i], 0);
}
- if (cbcE == 0) {
- #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
- (HAVE_FIPS_VERSION == 2) && defined(WOLFSSL_AESNI)
- fprintf(stderr, "Zero length inputs not supported with AESNI in FIPS "
- "mode (v2), skip test");
- #else
- /* Test passing in size of 0 */
- XMEMSET(enc, 0, sizeof(enc));
- cbcE = wc_AesCbcEncrypt(&aes, enc, vector, 0);
- if (cbcE == 0) {
- /* Check enc was not modified */
- int i;
- for (i = 0; i < (int)sizeof(enc); i++)
- cbcE |= enc[i];
- }
- #endif
- }
- if (cbcE != 0) {
- wc_AesFree(&aes);
- return TEST_FAIL;
- }
+#endif
- if (cbcD == 0) {
- cbcD = wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE);
- if (cbcD == BAD_FUNC_ARG) {
- cbcD = wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE);
- }
- if (cbcD == BAD_FUNC_ARG) {
- cbcD = wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE);
- }
- if (cbcD == BAD_FUNC_ARG) {
- cbcD = wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1);
- }
+ ExpectIntEQ(wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE),
+ BAD_FUNC_ARG);
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
- if (cbcD == BAD_LENGTH_E) {
- cbcD = 0;
- }
- else {
- cbcD = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1),
+ BAD_LENGTH_E);
#else
- if (cbcD == BAD_FUNC_ARG) {
- cbcD = 0;
- }
- else {
- cbcD = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1),
+ BAD_FUNC_ARG);
#endif
- }
- if (cbcD == 0) {
- /* Test passing in size of 0 */
- XMEMSET(dec, 0, sizeof(dec));
- cbcD = wc_AesCbcDecrypt(&aes, dec, enc, 0);
- if (cbcD == 0) {
- /* Check dec was not modified */
- int i;
- for (i = 0; i < (int)sizeof(dec); i++)
- cbcD |= dec[i];
- }
- }
- if (cbcD != 0) {
- wc_AesFree(&aes);
- return TEST_FAIL;
- }
- if (cbcDWK == 0) {
- cbcDWK = wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE,
- key32, sizeof(key32)/sizeof(byte), iv);
- if (cbcDWK == BAD_FUNC_ARG) {
- cbcDWK = wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE,
- key32, sizeof(key32)/sizeof(byte), iv);
- }
- if (cbcDWK == BAD_FUNC_ARG) {
- cbcDWK = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
- NULL, sizeof(key32)/sizeof(byte), iv);
- }
- if (cbcDWK == BAD_FUNC_ARG) {
- cbcDWK = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
- key32, sizeof(key32)/sizeof(byte), NULL);
- }
- if (cbcDWK == BAD_FUNC_ARG) {
- cbcDWK = 0;
- }
- else {
- cbcDWK = WOLFSSL_FATAL_ERROR;
- }
+ /* Test passing in size of 0 */
+ XMEMSET(dec, 0, sizeof(dec));
+ ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, 0), 0);
+ /* Check dec was not modified */
+ {
+ int i;
+ for (i = 0; i < (int)sizeof(dec); i++)
+ ExpectIntEQ(dec[i], 0);
}
- wc_AesFree(&aes);
+ ExpectIntEQ(wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE,
+ key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE,
+ key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
+ NULL, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
+ key32, sizeof(key32)/sizeof(byte), NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(cbcDWK == 0);
+ wc_AesFree(&aes);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_AesCbcEncryptDecrypt */
/*
@@ -19198,82 +17925,57 @@ static int test_wc_AesCbcEncryptDecrypt(void)
*/
static int test_wc_AesCtrEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
- Aes aesEnc, aesDec;
- int ret = 0;
- byte key32[] =
- {
+ Aes aesEnc;
+ Aes aesDec;
+ byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
- byte vector[] = /* Now is the time for all w/o trailing 0 */
- {
+ byte vector[] = { /* Now is the time for all w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
- byte iv[] = "1234567890abcdef";
- byte enc[AES_BLOCK_SIZE * 2];
- byte dec[AES_BLOCK_SIZE * 2];
+ byte iv[] = "1234567890abcdef";
+ byte enc[AES_BLOCK_SIZE * 2];
+ byte dec[AES_BLOCK_SIZE * 2];
/* Init stack variables. */
+ XMEMSET(&aesEnc, 0, sizeof(Aes));
+ XMEMSET(&aesDec, 0, sizeof(Aes));
XMEMSET(enc, 0, AES_BLOCK_SIZE * 2);
XMEMSET(dec, 0, AES_BLOCK_SIZE * 2);
- ret = wc_AesInit(&aesEnc, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
- ret = wc_AesInit(&aesDec, NULL, INVALID_DEVID);
- if (ret != 0) {
- wc_AesFree(&aesEnc);
- return ret;
- }
-
- ret = wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2,
- iv, AES_ENCRYPTION);
- if (ret == 0) {
- ret = wc_AesCtrEncrypt(&aesEnc, enc, vector,
- sizeof(vector)/sizeof(byte));
- if (ret == 0) {
- /* Decrypt with wc_AesCtrEncrypt() */
- ret = wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2,
- iv, AES_ENCRYPTION);
- }
- if (ret == 0) {
- ret = wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte));
- if (ret != 0 || XMEMCMP(vector, dec, sizeof(vector))) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
+
+ ExpectIntEQ(wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2, iv,
+ AES_ENCRYPTION), 0);
+ ExpectIntEQ(wc_AesCtrEncrypt(&aesEnc, enc, vector,
+ sizeof(vector)/sizeof(byte)), 0);
+ /* Decrypt with wc_AesCtrEncrypt() */
+ ExpectIntEQ(wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2, iv,
+ AES_ENCRYPTION), 0);
+ ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte)),
+ 0);
+ ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte));
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte)),
+ BAD_FUNC_ARG);
wc_AesFree(&aesEnc);
wc_AesFree(&aesDec);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_AesCtrEncryptDecrypt */
/*
@@ -19281,93 +17983,69 @@ static int test_wc_AesCtrEncryptDecrypt(void)
*/
static int test_wc_AesGcmSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
- Aes aes;
- int ret = 0;
+ Aes aes;
#ifdef WOLFSSL_AES_128
- byte key16[] =
- {
+ byte key16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
#ifdef WOLFSSL_AES_192
- byte key24[] =
- {
+ byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
- byte key32[] =
- {
+ byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
- byte badKey16[] =
- {
+ byte badKey16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
};
- byte badKey24[] =
- {
+ byte badKey24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36
};
- byte badKey32[] =
- {
+ byte badKey32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x37, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
};
- ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
- ret = wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte));
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_192
- if (ret == 0) {
- ret = wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte));
- }
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_256
- if (ret == 0) {
- ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
- }
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0);
#endif
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte));
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte)),
+ BAD_FUNC_ARG);
wc_AesFree(&aes);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_AesGcmSetKey */
/*
@@ -19375,97 +18053,67 @@ static int test_wc_AesGcmSetKey(void)
*/
static int test_wc_AesGcmEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
/* WOLFSSL_AFALG requires 12 byte IV */
#if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) && \
!defined(WOLFSSL_AFALG) && !defined(WOLFSSL_DEVCRYPTO_AES)
-
- Aes aes;
- byte key32[] =
- {
+ Aes aes;
+ byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
- byte vector[] = /* Now is the time for all w/o trailing 0 */
- {
+ byte vector[] = { /* Now is the time for all w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
- const byte a[] =
- {
+ const byte a[] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
- byte iv[] = "1234567890a";
- byte longIV[] = "1234567890abcdefghij";
- byte enc[sizeof(vector)];
- byte resultT[AES_BLOCK_SIZE];
- byte dec[sizeof(vector)];
- int gcmD = WOLFSSL_FATAL_ERROR;
- int gcmE = WOLFSSL_FATAL_ERROR;
- int ret = 0;
+ byte iv[] = "1234567890a";
+ byte longIV[] = "1234567890abcdefghij";
+ byte enc[sizeof(vector)];
+ byte resultT[AES_BLOCK_SIZE];
+ byte dec[sizeof(vector)];
/* Init stack variables. */
+ XMEMSET(&aes, 0, sizeof(Aes));
XMEMSET(enc, 0, sizeof(vector));
XMEMSET(dec, 0, sizeof(vector));
XMEMSET(resultT, 0, AES_BLOCK_SIZE);
- ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
- ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
- if (ret == 0) {
- gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector),
- iv, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT), a, sizeof(a));
- }
- if (gcmE == 0) { /* If encrypt fails, no decrypt. */
- gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector),
- iv, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT), a, sizeof(a));
- if (gcmD == 0 && (XMEMCMP(vector, dec, sizeof(vector)) != 0)) {
- gcmD = WOLFSSL_FATAL_ERROR;
- }
- }
- /*Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */
- if (gcmE == 0) {
- gcmE = wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector),
- iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT),
- a, sizeof(a));
- if (gcmE == BAD_FUNC_ARG) {
- gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
- sizeof(vector), iv, sizeof(iv)/sizeof(byte),
- resultT, sizeof(resultT) + 1, a, sizeof(a));
- }
- if (gcmE == BAD_FUNC_ARG) {
- gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
- sizeof(vector), iv, sizeof(iv)/sizeof(byte),
- resultT, sizeof(resultT) - 5, a, sizeof(a));
- }
+ ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0);
+ ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0);
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0);
+ ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
+
+ /* Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */
+ ExpectIntEQ(wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) - 5, a, sizeof(a)),
+ BAD_FUNC_ARG);
#if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST) || \
defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
/* FIPS does not check the lower bound of ivSz */
#else
- if (gcmE == BAD_FUNC_ARG) {
- gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
- sizeof(vector), iv, 0,
- resultT, sizeof(resultT), a, sizeof(a));
- }
+ ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, 0,
+ resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG);
#endif
- if (gcmE == BAD_FUNC_ARG) {
- gcmE = 0;
- }
- else {
- gcmE = WOLFSSL_FATAL_ERROR;
- }
- }
/* This case is now considered good. Long IVs are now allowed.
* Except for the original FIPS release, it still has an upper
@@ -19473,76 +18121,46 @@ static int test_wc_AesGcmEncryptDecrypt(void)
#if (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
!defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
- if (gcmE == 0) {
- gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
- sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT),
- a, sizeof(a));
- }
+ ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
+ sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+ 0);
#else
(void)longIV;
#endif /* Old FIPS */
/* END wc_AesGcmEncrypt */
- if (gcmE != 0) {
- wc_AesFree(&aes);
- return TEST_FAIL;
- }
-
- #ifdef HAVE_AES_DECRYPT
- if (gcmD == 0) {
- gcmD = wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte),
- iv, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT), a, sizeof(a));
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte),
- iv, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT), a, sizeof(a));
- }
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte),
- iv, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT), a, sizeof(a));
- }
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
- NULL, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT), a, sizeof(a));
- }
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
- iv, sizeof(iv)/sizeof(byte), NULL,
- sizeof(resultT), a, sizeof(a));
- }
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
- iv, sizeof(iv)/sizeof(byte), resultT,
- sizeof(resultT) + 1, a, sizeof(a));
- }
- #if ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
- (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST)) && \
- !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
- /* FIPS does not check the lower bound of ivSz */
- #else
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
- iv, 0, resultT,
- sizeof(resultT), a, sizeof(a));
- }
- #endif
- if (gcmD == BAD_FUNC_ARG) {
- gcmD = 0;
- }
- else {
- gcmD = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(gcmD == 0);
- } /* END wc_AesGcmDecrypt */
- #endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AES_DECRYPT
+ ExpectIntEQ(wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), NULL,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
+ sizeof(iv)/sizeof(byte), NULL, sizeof(resultT), a, sizeof(a)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
+ sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
+ BAD_FUNC_ARG);
+ #if ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST)) && \
+ !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
+ /* FIPS does not check the lower bound of ivSz */
+ #else
+ ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
+ iv, 0, resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG);
+ #endif
+#endif /* HAVE_AES_DECRYPT */
wc_AesFree(&aes);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_AesGcmEncryptDecrypt */
@@ -19552,64 +18170,58 @@ static int test_wc_AesGcmEncryptDecrypt(void)
*/
static int test_wc_AesGcmMixedEncDecLongIV(void)
{
- int ret = TEST_SKIPPED;
-
+ EXPECT_DECLS;
#if (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
!defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)
-
const byte key[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
-
const byte in[] = {
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
};
-
const byte aad[] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
+ Aes aesEnc;
+ Aes aesDec;
+ byte iv[] = "1234567890abcdefghij";
+ byte out[sizeof(in)];
+ byte plain[sizeof(in)];
+ byte tag[AES_BLOCK_SIZE];
- Aes aesEnc, aesDec;
- byte iv[] = "1234567890abcdefghij";
- byte out[sizeof(in)];
- byte plain[sizeof(in)];
- byte tag[AES_BLOCK_SIZE];
-
+ XMEMSET(&aesEnc, 0, sizeof(Aes));
+ XMEMSET(&aesDec, 0, sizeof(Aes));
XMEMSET(out, 0, sizeof(out));
XMEMSET(plain, 0, sizeof(plain));
XMEMSET(tag, 0, sizeof(tag));
/* Perform one-shot encryption using long IV */
- AssertIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
- AssertIntEQ(wc_AesGcmSetKey(&aesEnc, key, sizeof(key)), 0);
- AssertIntEQ(wc_AesGcmEncrypt(&aesEnc, out, in, sizeof(in), iv, sizeof(iv),
- tag, sizeof(tag), aad, sizeof(aad)), 0);
+ ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmSetKey(&aesEnc, key, sizeof(key)), 0);
+ ExpectIntEQ(wc_AesGcmEncrypt(&aesEnc, out, in, sizeof(in), iv, sizeof(iv),
+ tag, sizeof(tag), aad, sizeof(aad)), 0);
/* Perform streaming decryption using long IV */
- AssertIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
- AssertIntEQ(wc_AesGcmInit(&aesDec, key, sizeof(key), iv, sizeof(iv)), 0);
- AssertIntEQ(wc_AesGcmDecryptUpdate(&aesDec, plain, out, sizeof(out), aad,
- sizeof(aad)), 0);
- AssertIntEQ(wc_AesGcmDecryptFinal(&aesDec, tag, sizeof(tag)), 0);
- AssertIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
+ ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesGcmInit(&aesDec, key, sizeof(key), iv, sizeof(iv)), 0);
+ ExpectIntEQ(wc_AesGcmDecryptUpdate(&aesDec, plain, out, sizeof(out), aad,
+ sizeof(aad)), 0);
+ ExpectIntEQ(wc_AesGcmDecryptFinal(&aesDec, tag, sizeof(tag)), 0);
+ ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
/* Free resources */
wc_AesFree(&aesEnc);
wc_AesFree(&aesDec);
-
- ret = TEST_SUCCESS;
-
#endif
-
- return ret;
+ return EXPECT_RESULT();
} /* END wc_AesGcmMixedEncDecLongIV */
@@ -19618,98 +18230,73 @@ static int test_wc_AesGcmMixedEncDecLongIV(void)
*/
static int test_wc_GmacSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
- Gmac gmac;
- byte key16[] =
- {
+ Gmac gmac;
+ byte key16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#ifdef WOLFSSL_AES_192
- byte key24[] =
- {
+ byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
#endif
#ifdef WOLFSSL_AES_256
- byte key32[] =
- {
+ byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
#endif
- byte badKey16[] =
- {
+ byte badKey16[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x66
};
- byte badKey24[] =
- {
+ byte badKey24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
- byte badKey32[] =
- {
+ byte badKey32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
- int ret = 0;
- ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ XMEMSET(&gmac, 0, sizeof(Gmac));
+
+ ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
- ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte));
+ ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_192
- if (ret == 0) {
- ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
- }
+ ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0);
#endif
#ifdef WOLFSSL_AES_256
- if (ret == 0) {
- ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
- }
+ ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0);
#endif
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte));
- if (ret == BAD_FUNC_ARG) {
- ret = wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte));
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte)),
+ BAD_FUNC_ARG);
wc_AesFree(&gmac.aes);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_GmacSetKey */
/*
@@ -19717,27 +18304,24 @@ static int test_wc_GmacSetKey(void)
*/
static int test_wc_GmacUpdate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AESGCM)
- Gmac gmac;
+ Gmac gmac;
#ifdef WOLFSSL_AES_128
- const byte key16[] =
- {
+ const byte key16[] = {
0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
};
#endif
#ifdef WOLFSSL_AES_192
- byte key24[] =
- {
+ byte key24[] = {
0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52,
0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a,
0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0
};
#endif
#ifdef WOLFSSL_AES_256
- byte key32[] =
- {
+ byte key32[] = {
0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35,
0xc3, 0xc0, 0x1e, 0xea, 0x57, 0x42, 0x8f, 0x00,
0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4,
@@ -19745,144 +18329,104 @@ static int test_wc_GmacUpdate(void)
};
#endif
#ifdef WOLFSSL_AES_128
- const byte authIn[] =
- {
+ const byte authIn[] = {
0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
};
#endif
#ifdef WOLFSSL_AES_192
- const byte authIn2[] =
- {
+ const byte authIn2[] = {
0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f,
0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1
};
#endif
- const byte authIn3[] =
- {
+ const byte authIn3[] = {
0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71,
0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36
};
#ifdef WOLFSSL_AES_128
- const byte tag1[] = /* Known. */
- {
+ const byte tag1[] = { /* Known. */
0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
};
#endif
#ifdef WOLFSSL_AES_192
- const byte tag2[] = /* Known */
- {
+ const byte tag2[] = { /* Known */
0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf,
0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05
};
#endif
- const byte tag3[] = /* Known */
- {
+ const byte tag3[] = { /* Known */
0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22,
0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76
};
#ifdef WOLFSSL_AES_128
- const byte iv[] =
- {
+ const byte iv[] = {
0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
0xe2, 0x8c, 0x8f, 0x16
};
#endif
#ifdef WOLFSSL_AES_192
- const byte iv2[] =
- {
+ const byte iv2[] = {
0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66,
0x7e, 0x1a, 0x6f, 0xbc
};
#endif
- const byte iv3[] =
- {
+ const byte iv3[] = {
0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93,
0xc3, 0xfb, 0x6c, 0x8a
};
- byte tagOut[16];
- byte tagOut2[24];
- byte tagOut3[32];
- int ret = 0;
+ byte tagOut[16];
+ byte tagOut2[24];
+ byte tagOut3[32];
/* Init stack variables. */
+ XMEMSET(&gmac, 0, sizeof(Gmac));
XMEMSET(tagOut, 0, sizeof(tagOut));
XMEMSET(tagOut2, 0, sizeof(tagOut2));
XMEMSET(tagOut3, 0, sizeof(tagOut3));
- ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
-
#ifdef WOLFSSL_AES_128
- ret = wc_GmacSetKey(&gmac, key16, sizeof(key16));
- if (ret == 0) {
- ret = wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
- tagOut, sizeof(tag1));
- if (ret == 0) {
- ret = XMEMCMP(tag1, tagOut, sizeof(tag1));
- }
- wc_AesFree(&gmac.aes);
- }
-
+ ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)), 0);
+ ExpectIntEQ(wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
+ tagOut, sizeof(tag1)), 0);
+ ExpectIntEQ(XMEMCMP(tag1, tagOut, sizeof(tag1)), 0);
+ wc_AesFree(&gmac.aes);
#endif
#ifdef WOLFSSL_AES_192
- if (ret == 0) {
- XMEMSET(&gmac, 0, sizeof(Gmac));
- ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
- }
- if (ret == 0) {
- ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
- sizeof(authIn2), tagOut2, sizeof(tag2));
- }
- if (ret == 0) {
- ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
- wc_AesFree(&gmac.aes);
- }
+ ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac)));
+ ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0);
+ ExpectIntEQ(wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2, sizeof(authIn2),
+ tagOut2, sizeof(tag2)), 0);
+ ExpectIntEQ(XMEMCMP(tagOut2, tag2, sizeof(tag2)), 0);
+ wc_AesFree(&gmac.aes);
#endif
#ifdef WOLFSSL_AES_256
- if (ret == 0) {
- XMEMSET(&gmac, 0, sizeof(Gmac));
- ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
- }
- if (ret == 0) {
- ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
- sizeof(authIn3), tagOut3, sizeof(tag3));
- }
- if (ret == 0) {
- ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
- }
+ ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac)));
+ ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0);
+ ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+ tagOut3, sizeof(tag3)), 0);
+ ExpectIntEQ(XMEMCMP(tag3, tagOut3, sizeof(tag3)), 0);
+ wc_AesFree(&gmac.aes);
#endif
- /*Pass bad args. */
- if (ret == 0) {
- ret = wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3,
- sizeof(authIn3), tagOut3, sizeof(tag3));
- if (ret == BAD_FUNC_ARG) {
- ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
- sizeof(authIn3), tagOut3, sizeof(tag3) - 5);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
- sizeof(authIn3), tagOut3, sizeof(tag3) + 1);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
+ /* Pass bad args. */
+ ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+ tagOut3, sizeof(tag3)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+ tagOut3, sizeof(tag3) - 5), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+ tagOut3, sizeof(tag3) + 1), BAD_FUNC_ARG);
wc_AesFree(&gmac.aes);
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_GmacUpdate */
@@ -19891,73 +18435,50 @@ static int test_wc_GmacUpdate(void)
*/
static int test_wc_CamelliaSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
/*128-bit key*/
- static const byte key16[] =
- {
+ static const byte key16[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
};
/* 192-bit key */
- static const byte key24[] =
- {
+ static const byte key24[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
/* 256-bit key */
- static const byte key32[] =
- {
+ static const byte key32[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
};
- static const byte iv[] =
- {
+ static const byte iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
- int ret = 0;
- ret = wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv);
- if (ret == 0) {
- ret = wc_CamelliaSetKey(&camellia, key16,
- (word32)sizeof(key16), NULL);
- if (ret == 0) {
- ret = wc_CamelliaSetKey(&camellia, key24,
- (word32)sizeof(key24), iv);
- }
- if (ret == 0) {
- ret = wc_CamelliaSetKey(&camellia, key24,
- (word32)sizeof(key24), NULL);
- }
- if (ret == 0) {
- ret = wc_CamelliaSetKey(&camellia, key32,
- (word32)sizeof(key32), iv);
- }
- if (ret == 0) {
- ret = wc_CamelliaSetKey(&camellia, key32,
- (word32)sizeof(key32), NULL);
- }
- }
- /* Bad args. */
- if (ret == 0) {
- ret = wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv);
- if (ret != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- } /* END bad args. */
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv),
+ 0);
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16),
+ NULL), 0);
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv),
+ 0);
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
+ NULL), 0);
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32), iv),
+ 0);
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32),
+ NULL), 0);
- res = TEST_RES_CHECK(ret == 0);
+ /* Bad args. */
+ ExpectIntEQ(wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv),
+ BAD_FUNC_ARG);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_CammeliaSetKey */
/*
@@ -19965,121 +18486,69 @@ static int test_wc_CamelliaSetKey(void)
*/
static int test_wc_CamelliaSetIV(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
- static const byte iv[] =
- {
+ static const byte iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
- int ret = 0;
- ret = wc_CamelliaSetIV(&camellia, iv);
- if (ret == 0) {
- ret = wc_CamelliaSetIV(&camellia, NULL);
- }
- /* Bad args. */
- if (ret == 0) {
- ret = wc_CamelliaSetIV(NULL, NULL);
- if (ret != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_CamelliaSetIV(&camellia, iv), 0);
+ ExpectIntEQ(wc_CamelliaSetIV(&camellia, NULL), 0);
- res = TEST_RES_CHECK(ret == 0);
+ /* Bad args. */
+ ExpectIntEQ(wc_CamelliaSetIV(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaSetIV(NULL, iv), BAD_FUNC_ARG);
#endif
- return res;
-} /*END test_wc_CamelliaSetIV*/
+ return EXPECT_RESULT();
+} /* END test_wc_CamelliaSetIV*/
/*
* Test wc_CamelliaEncryptDirect and wc_CamelliaDecryptDirect
*/
static int test_wc_CamelliaEncryptDecryptDirect(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
- static const byte key24[] =
- {
+ static const byte key24[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
- static const byte iv[] =
- {
+ static const byte iv[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
- static const byte plainT[] =
- {
+ static const byte plainT[] = {
0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
};
byte enc[sizeof(plainT)];
byte dec[sizeof(enc)];
- int camE = WOLFSSL_FATAL_ERROR;
- int camD = WOLFSSL_FATAL_ERROR;
- int ret = 0;
- /*Init stack variables.*/
+ /* Init stack variables.*/
XMEMSET(enc, 0, 16);
XMEMSET(enc, 0, 16);
- ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv);
- if (ret == 0) {
- ret = wc_CamelliaEncryptDirect(&camellia, enc, plainT);
- if (ret == 0) {
- ret = wc_CamelliaDecryptDirect(&camellia, dec, enc);
- if (XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- /* Pass bad args. */
- if (ret == 0) {
- camE = wc_CamelliaEncryptDirect(NULL, enc, plainT);
- if (camE == BAD_FUNC_ARG) {
- camE = wc_CamelliaEncryptDirect(&camellia, NULL, plainT);
- }
- if (camE == BAD_FUNC_ARG) {
- camE = wc_CamelliaEncryptDirect(&camellia, enc, NULL);
- }
- if (camE == BAD_FUNC_ARG) {
- camE = 0;
- }
- else {
- camE = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (camE != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv),
+ 0);
+ ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, plainT), 0);
+ ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, enc), 0);
+ ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0);
- if (ret == 0) {
- camD = wc_CamelliaDecryptDirect(NULL, dec, enc);
- if (camD == BAD_FUNC_ARG) {
- camD = wc_CamelliaDecryptDirect(&camellia, NULL, enc);
- }
- if (camD == BAD_FUNC_ARG) {
- camD = wc_CamelliaDecryptDirect(&camellia, dec, NULL);
- }
- if (camD == BAD_FUNC_ARG) {
- camD = 0;
- }
- else {
- camD = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* Pass bad args. */
+ ExpectIntEQ(wc_CamelliaEncryptDirect(NULL, enc, plainT), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, NULL, plainT),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(camD == 0);
+ ExpectIntEQ(wc_CamelliaDecryptDirect(NULL, dec, enc), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, NULL, enc), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, NULL), BAD_FUNC_ARG);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test-wc_CamelliaEncryptDecryptDirect */
/*
@@ -20087,92 +18556,52 @@ static int test_wc_CamelliaEncryptDecryptDirect(void)
*/
static int test_wc_CamelliaCbcEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CAMELLIA
Camellia camellia;
- static const byte key24[] =
- {
+ static const byte key24[] = {
0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
};
- static const byte plainT[] =
- {
+ static const byte plainT[] = {
0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
};
byte enc[CAMELLIA_BLOCK_SIZE];
byte dec[CAMELLIA_BLOCK_SIZE];
- int camCbcE = WOLFSSL_FATAL_ERROR;
- int camCbcD = WOLFSSL_FATAL_ERROR;
- int ret = 0;
/* Init stack variables. */
XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
- ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL);
- if (ret == 0) {
- ret = wc_CamelliaCbcEncrypt(&camellia, enc, plainT, CAMELLIA_BLOCK_SIZE);
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL);
- if (ret == 0) {
- ret = wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE);
- if (XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
-
- /* Pass in bad args. */
- if (ret == 0) {
- camCbcE = wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE);
- if (camCbcE == BAD_FUNC_ARG) {
- camCbcE = wc_CamelliaCbcEncrypt(&camellia, NULL, plainT,
- CAMELLIA_BLOCK_SIZE);
- }
- if (camCbcE == BAD_FUNC_ARG) {
- camCbcE = wc_CamelliaCbcEncrypt(&camellia, enc, NULL,
- CAMELLIA_BLOCK_SIZE);
- }
- if (camCbcE == BAD_FUNC_ARG) {
- camCbcE = 0;
- }
- else {
- camCbcE = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
+ NULL), 0);
+ ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, plainT,
+ CAMELLIA_BLOCK_SIZE), 0);
- if (camCbcE != 0) {
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
+ NULL), 0);
+ ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE),
+ 0);
+ ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0);
- if (ret == 0) {
- camCbcD = wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE);
- if (camCbcD == BAD_FUNC_ARG) {
- camCbcD = wc_CamelliaCbcDecrypt(&camellia, NULL, enc,
- CAMELLIA_BLOCK_SIZE);
- }
- if (camCbcD == BAD_FUNC_ARG) {
- camCbcD = wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
- CAMELLIA_BLOCK_SIZE);
- }
- if (camCbcD == BAD_FUNC_ARG) {
- camCbcD = 0;
- }
- else {
- camCbcD = WOLFSSL_FATAL_ERROR;
- }
- } /* END bad args. */
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, NULL, plainT,
+ CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, NULL,
+ CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(camCbcD == 0);
+ ExpectIntEQ(wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, NULL, enc,
+ CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
+ CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_CamelliaCbcEncryptDecrypt */
@@ -20181,30 +18610,19 @@ static int test_wc_CamelliaCbcEncryptDecrypt(void)
*/
static int test_wc_Arc4SetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_RC4
Arc4 arc;
const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef";
int keyLen = 8;
- int ret = 0;
- ret = wc_Arc4SetKey(&arc, (byte*)key, keyLen);
+ ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, keyLen), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_Arc4SetKey(NULL, (byte*)key, keyLen);
- if (ret == BAD_FUNC_ARG)
- ret = wc_Arc4SetKey(&arc, NULL, keyLen); /* NULL key */
- if (ret == BAD_FUNC_ARG)
- ret = wc_Arc4SetKey(&arc, (byte*)key, 0); /* length == 0 */
- if (ret == BAD_FUNC_ARG)
- ret = WOLFSSL_ERROR_NONE;
- else
- ret = WOLFSSL_FATAL_ERROR;
- } /* END test bad args. */
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_Arc4SetKey(NULL, (byte*)key, keyLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Arc4SetKey(&arc, NULL , keyLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, 0 ), BAD_FUNC_ARG);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_Arc4SetKey */
@@ -20213,70 +18631,44 @@ static int test_wc_Arc4SetKey(void)
*/
static int test_wc_Arc4Process(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_RC4
- Arc4 enc, dec;
+ Arc4 enc;
+ Arc4 dec;
const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef";
int keyLen = 8;
const char* input = "\x01\x23\x45\x67\x89\xab\xcd\xef";
byte cipher[8];
byte plain[8];
- int ret;
/* Init stack variables */
+ XMEMSET(&enc, 0, sizeof(Arc4));
+ XMEMSET(&dec, 0, sizeof(Arc4));
XMEMSET(cipher, 0, sizeof(cipher));
XMEMSET(plain, 0, sizeof(plain));
/* Use for async. */
- ret = wc_Arc4Init(&enc, NULL, INVALID_DEVID);
- if (ret == 0) {
- ret = wc_Arc4Init(&dec, NULL, INVALID_DEVID);
- }
+ ExpectIntEQ(wc_Arc4Init(&enc, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_Arc4Init(&dec, NULL, INVALID_DEVID), 0);
- if (ret == 0) {
- ret = wc_Arc4SetKey(&enc, (byte*)key, keyLen);
- }
- if (ret == 0) {
- ret = wc_Arc4SetKey(&dec, (byte*)key, keyLen);
- }
- if (ret == 0) {
- ret = wc_Arc4Process(&enc, cipher, (byte*)input, keyLen);
- }
- if (ret == 0) {
- ret = wc_Arc4Process(&dec, plain, cipher, keyLen);
- if (ret != 0 || XMEMCMP(plain, input, keyLen)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_Arc4SetKey(&enc, (byte*)key, keyLen), 0);
+ ExpectIntEQ(wc_Arc4SetKey(&dec, (byte*)key, keyLen), 0);
+
+ ExpectIntEQ(wc_Arc4Process(&enc, cipher, (byte*)input, keyLen), 0);
+ ExpectIntEQ(wc_Arc4Process(&dec, plain, cipher, keyLen), 0);
+ ExpectIntEQ(XMEMCMP(plain, input, keyLen), 0);
/* Bad args. */
- if (ret == 0) {
- ret = wc_Arc4Process(NULL, plain, cipher, keyLen);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Arc4Process(&dec, NULL, cipher, keyLen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_Arc4Process(&dec, plain, NULL, keyLen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_Arc4Process(NULL, plain, cipher, keyLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Arc4Process(&dec, NULL, cipher, keyLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Arc4Process(&dec, plain, NULL, keyLen), BAD_FUNC_ARG);
wc_Arc4Free(&enc);
wc_Arc4Free(&dec);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
-}/* END test_wc_Arc4Process */
+} /* END test_wc_Arc4Process */
/*
@@ -20284,38 +18676,24 @@ static int test_wc_Arc4Process(void)
*/
static int test_wc_InitRsaKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_RSA
- RsaKey key;
- int ret = 0;
+ RsaKey key;
- ret = wc_InitRsaKey(&key, HEAP_HINT);
+ XMEMSET(&key, 0, sizeof(RsaKey));
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_InitRsaKey(NULL, HEAP_HINT);
- #ifndef HAVE_USER_RSA
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- #else
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- #endif
- ret = WOLFSSL_FATAL_ERROR;
- }
- } /* end if */
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ /* Test bad args. */
+#ifndef HAVE_USER_RSA
+ ExpectIntEQ(wc_InitRsaKey(NULL, HEAP_HINT), BAD_FUNC_ARG);
+#else
+ ExpectIntEQ(wc_InitRsaKey(NULL, HEAP_HINT), USER_CRYPTO_ERROR);
+#endif
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitRsaKey */
@@ -20324,79 +18702,52 @@ static int test_wc_InitRsaKey(void)
*/
static int test_wc_RsaPrivateKeyDecode(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
|| defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
- RsaKey key;
- byte* tmp;
- word32 idx = 0;
- int bytes = 0;
- int ret = 0;
+ RsaKey key;
+ byte* tmp = NULL;
+ word32 idx = 0;
+ int bytes = 0;
- tmp = (byte*)XMALLOC(FOURK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_InitRsaKey(&key, HEAP_HINT);
- }
- if (ret == 0) {
- #ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
- bytes = sizeof_client_key_der_1024;
- #else
- XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
- bytes = sizeof_client_key_der_2048;
- #endif /* Use cert buffers. */
-
- ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
- }
- #ifndef HAVE_USER_RSA
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- /* Test bad args. User RSA. */
- if (ret == 0) {
- ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ ExpectNotNull(tmp = (byte*)XMALLOC(FOURK_BUF, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
if (tmp != NULL) {
- XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
+ #ifdef USE_CERT_BUFFERS_1024
+ XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
+ bytes = sizeof_client_key_der_1024;
+ #else
+ XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
+ bytes = sizeof_client_key_der_2048;
+ #endif /* Use cert buffers. */
}
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes), 0);
+#ifndef HAVE_USER_RSA
+ /* Test bad args. */
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes),
+ BAD_FUNC_ARG);
+#else
+ /* Test bad args. User RSA. */
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes),
+ USER_CRYPTO_ERROR);
#endif
- return res;
+
+ XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+#endif
+ return EXPECT_RESULT();
} /* END test_wc_RsaPrivateKeyDecode */
@@ -20405,115 +18756,87 @@ static int test_wc_RsaPrivateKeyDecode(void)
*/
static int test_wc_RsaPublicKeyDecode(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
|| defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
- RsaKey keyPub;
- byte* tmp;
- word32 idx = 0;
- int bytes = 0;
- word32 keySz = 0;
- word32 tstKeySz = 0;
- int ret = 0;
+ RsaKey keyPub;
+ byte* tmp = NULL;
+ word32 idx = 0;
+ int bytes = 0;
+ word32 keySz = 0;
+ word32 tstKeySz = 0;
#if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM)
- XFILE f;
+ XFILE f = XBADFILE;
const char* rsaPssPubKey = "./certs/rsapss/ca-rsapss-key.der";
const char* rsaPssPubKeyNoParams = "./certs/rsapss/ca-3072-rsapss-key.der";
byte buf[4096];
#endif
- tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_InitRsaKey(&keyPub, HEAP_HINT);
- }
- if (ret == 0) {
- #ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024);
- bytes = sizeof_client_keypub_der_1024;
- keySz = 1024;
- #else
- XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048);
- bytes = sizeof_client_keypub_der_2048;
- keySz = 2048;
- #endif
+ XMEMSET(&keyPub, 0, sizeof(RsaKey));
- ret = wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes);
- }
- #ifndef HAVE_USER_RSA
- /* Pass in bad args. */
- if (ret == 0) {
- ret = wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectNotNull(tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntEQ(wc_InitRsaKey(&keyPub, HEAP_HINT), 0);
+ if (tmp != NULL) {
+ #ifdef USE_CERT_BUFFERS_1024
+ XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024);
+ bytes = sizeof_client_keypub_der_1024;
+ keySz = 1024;
#else
- /* Pass in bad args. */
- if (ret == 0) {
- ret = wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048);
+ bytes = sizeof_client_keypub_der_2048;
+ keySz = 2048;
#endif
-
- if (wc_FreeRsaKey(&keyPub) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
}
- if (ret == 0) {
- /* Test for getting modulus key size */
- idx = 0;
- ret = wc_RsaPublicKeyDecode_ex(tmp, &idx, (word32)bytes, NULL,
- &tstKeySz, NULL, NULL);
- ret = (ret == 0 && tstKeySz == keySz/8) ? 0 : WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes), 0);
+#ifndef HAVE_USER_RSA
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes),
+ BAD_FUNC_ARG);
+#else
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes),
+ USER_CRYPTO_ERROR);
+#endif
+
+ DoExpectIntEQ(wc_FreeRsaKey(&keyPub), 0);
+
+ /* Test for getting modulus key size */
+ idx = 0;
+ ExpectIntEQ(wc_RsaPublicKeyDecode_ex(tmp, &idx, (word32)bytes, NULL,
+ &tstKeySz, NULL, NULL), 0);
+ ExpectIntEQ(tstKeySz, keySz/8);
#if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM)
- f = XFOPEN(rsaPssPubKey, "rb");
- AssertTrue((f != XBADFILE));
- bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(rsaPssPubKey, "rb")) != XBADFILE);
+ ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
idx = 0;
- AssertIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
- NULL), 0);
- f = XFOPEN(rsaPssPubKeyNoParams, "rb");
- AssertTrue((f != XBADFILE));
- bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
+ NULL), 0);
+ ExpectTrue((f = XFOPEN(rsaPssPubKeyNoParams, "rb")) != XBADFILE);
+ ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
idx = 0;
- AssertIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
- NULL), 0);
+ ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
+ NULL), 0);
#endif
- if (tmp != NULL) {
- XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPublicKeyDecode */
/*
@@ -20521,62 +18844,37 @@ static int test_wc_RsaPublicKeyDecode(void)
*/
static int test_wc_RsaPublicKeyDecodeRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA)
- RsaKey key;
- const byte n = 0x23;
- const byte e = 0x03;
- int nSz = sizeof(n);
- int eSz = sizeof(e);
- int ret;
-
- ret = wc_InitRsaKey(&key, HEAP_HINT);
- if (ret == 0) {
- ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key);
- }
+ RsaKey key;
+ const byte n = 0x23;
+ const byte e = 0x03;
+ int nSz = sizeof(n);
+ int eSz = sizeof(e);
+
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key), 0);
#ifndef HAVE_USER_RSA
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL),
+ BAD_FUNC_ARG);
#else
/* Pass in bad args. User RSA. */
- if (ret == 0) {
- ret = wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL),
+ USER_CRYPTO_ERROR);
#endif
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPublicKeyDecodeRaw */
@@ -20611,83 +18909,50 @@ static int test_wc_RsaPublicKeyDecodeRaw(void)
*/
static int test_wc_MakeRsaKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey genKey;
- WC_RNG rng;
- #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
- int bits = 1024;
- #else
- int bits = 2048;
- #endif
- int ret = 0;
+ RsaKey genKey;
+ WC_RNG rng;
+#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
+ int bits = 1024;
+#else
+ int bits = 2048;
+#endif
- ret = wc_InitRsaKey(&genKey, HEAP_HINT);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng);
- if (ret == 0 && wc_FreeRsaKey(&genKey) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
- #ifndef HAVE_USER_RSA
- /* Test bad args. */
- if (ret == 0) {
- ret = MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng);
- if (ret == BAD_FUNC_ARG) {
- ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- /* e < 3 */
- ret = MAKE_RSA_KEY(&genKey, bits, 2, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- /* e & 1 == 0 */
- ret = MAKE_RSA_KEY(&genKey, bits, 6, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- /* Test bad args. */
- if (ret == 0) {
- ret = MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng);
- if (ret == USER_CRYPTO_ERROR) {
- ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL);
- }
- if (ret == USER_CRYPTO_ERROR) {
- /* e < 3 */
- ret = MAKE_RSA_KEY(&genKey, bits, 2, &rng);
- }
- if (ret == USER_CRYPTO_ERROR) {
- /* e & 1 == 0 */
- ret = MAKE_RSA_KEY(&genKey, bits, 6, &rng);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
+ XMEMSET(&genKey, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0);
- res = TEST_RES_CHECK(ret == 0);
+#ifndef HAVE_USER_RSA
+ /* Test bad args. */
+ ExpectIntEQ(MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL),
+ BAD_FUNC_ARG);
+ /* e < 3 */
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 2, &rng), BAD_FUNC_ARG);
+ /* e & 1 == 0 */
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 6, &rng), BAD_FUNC_ARG);
+#else
+ /* Test bad args. */
+ ExpectIntEQ(MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL),
+ USER_CRYPTO_ERROR);
+ /* e < 3 */
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 2, &rng), USER_CRYPTO_ERROR);
+ /* e & 1 == 0 */
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 6, &rng), USER_CRYPTO_ERROR);
+#endif /* HAVE_USER_RSA */
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_MakeRsaKey */
/*
@@ -20701,7 +18966,7 @@ static int test_wc_MakeRsaKey(void)
*/
static int test_RsaDecryptBoundsCheck(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WC_RSA_NO_PADDING) && \
(defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)) && \
defined(WOLFSSL_PUBLIC_MP) && !defined(NO_RSA_BOUNDS_CHECK)
@@ -20711,16 +18976,14 @@ static int test_RsaDecryptBoundsCheck(void)
word32 flatCSz;
byte out[256];
word32 outSz = sizeof(out);
- int ret;
- XMEMSET(&rng, 0, sizeof(rng));
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_InitRng(&rng);
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- if (ret == 0)
- ret = wc_InitRsaKey(&key, HEAP_HINT);
-
- if (ret == 0) {
+ if (EXPECT_SUCCESS()) {
const byte* derKey;
word32 derKeySz;
word32 idx = 0;
@@ -20735,37 +18998,30 @@ static int test_RsaDecryptBoundsCheck(void)
flatCSz = 256;
#endif
- ret = wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz), 0);
}
- if (ret == 0) {
+ if (EXPECT_SUCCESS()) {
XMEMSET(flatC, 0, flatCSz);
flatC[flatCSz-1] = 1;
- ret = wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
- RSA_PRIVATE_DECRYPT, &rng);
-
- if (ret == RSA_OUT_OF_RANGE_E) {
+ ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
+ RSA_PRIVATE_DECRYPT, &rng), RSA_OUT_OF_RANGE_E);
+ if (EXPECT_SUCCESS()) {
mp_int c;
- mp_init_copy(&c, &key.n);
- mp_sub_d(&c, 1, &c);
- mp_to_unsigned_bin(&c, flatC);
- ret = wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
- RSA_PRIVATE_DECRYPT, NULL);
+ ExpectIntEQ(mp_init_copy(&c, &key.n), 0);
+ ExpectIntEQ(mp_sub_d(&c, 1, &c), 0);
+ ExpectIntEQ(mp_to_unsigned_bin(&c, flatC), 0);
+ ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
+ RSA_PRIVATE_DECRYPT, NULL), RSA_OUT_OF_RANGE_E);
mp_clear(&c);
}
- if (ret == RSA_OUT_OF_RANGE_E)
- ret = 0;
- else
- ret = WOLFSSL_FATAL_ERROR;
}
- if (wc_FreeRsaKey(&key) || wc_FreeRng(&rng) || ret != 0)
- ret = WOLFSSL_FATAL_ERROR;
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaDecryptBoundsCheck */
/*
@@ -20773,67 +19029,38 @@ static int test_RsaDecryptBoundsCheck(void)
*/
static int test_wc_SetKeyUsage(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) && !defined(HAVE_FIPS)
- Cert myCert;
- int ret = 0;
+ Cert myCert;
- ret = wc_InitCert(&myCert);
+ ExpectIntEQ(wc_InitCert(&myCert), 0);
- if (ret == 0) {
- ret = wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement");
- if (ret == 0) {
- ret = wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation");
- }
- if (ret == 0) {
- ret = wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly");
- }
- if (ret == 0) {
- ret = wc_SetKeyUsage(&myCert, "decipherOnly");
- }
- if (ret == 0) {
- ret = wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign");
- }
- }
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_SetKeyUsage(NULL, "decipherOnly");
- if (ret == BAD_FUNC_ARG) {
- ret = wc_SetKeyUsage(&myCert, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_SetKeyUsage(&myCert, "");
- }
- if (ret == KEYUSAGE_E) {
- ret = wc_SetKeyUsage(&myCert, ",");
- }
- if (ret == KEYUSAGE_E) {
- ret = wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign");
- }
- if (ret == KEYUSAGE_E) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement"), 0);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation"), 0);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly"), 0);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, "decipherOnly"), 0);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign"), 0);
- res = TEST_RES_CHECK(ret == 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_SetKeyUsage(NULL, "decipherOnly"), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, ""), KEYUSAGE_E);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, ","), KEYUSAGE_E);
+ ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign"),
+ KEYUSAGE_E);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_SetKeyUsage */
+
/*
* Testing wc_CheckProbablePrime()
*/
static int test_wc_CheckProbablePrime(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING)
-
#define CHECK_PROBABLE_PRIME_KEY_BITS 2048
-
RsaKey key;
WC_RNG rng;
byte e[3];
@@ -20847,360 +19074,204 @@ static int test_wc_CheckProbablePrime(void)
byte q[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2];
word32 qSz = (word32)sizeof(q);
int nlen = CHECK_PROBABLE_PRIME_KEY_BITS;
- int ret = 0;
int* isPrime;
int test[5];
isPrime = test;
- ret = wc_InitRsaKey(&key, HEAP_HINT);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = wc_RsaSetRNG(&key, &rng);
- }
- if (ret == 0) {
- ret = wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS, WC_RSA_EXPONENT, &rng);
- }
- if (ret == 0) {
- PRIVATE_KEY_UNLOCK();
- ret = wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz,
- p, &pSz, q, &qSz);
- PRIVATE_KEY_LOCK();
- }
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+ ExpectIntEQ(wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS,
+ WC_RSA_EXPONENT, &rng), 0);
+ PRIVATE_KEY_UNLOCK();
+ ExpectIntEQ(wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q,
+ &qSz), 0);
+ PRIVATE_KEY_LOCK();
+
/* Bad cases */
- if (ret == 0) {
- ret = wc_CheckProbablePrime(NULL, pSz, q, qSz, e, eSz,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_CheckProbablePrime(p, 0, q, qSz, e, eSz,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_CheckProbablePrime(p, pSz, NULL, qSz, e, eSz,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_CheckProbablePrime(p, pSz, q, 0, e, eSz,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_CheckProbablePrime(p, pSz, q, qSz, NULL, eSz,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_CheckProbablePrime(p, pSz, q, qSz, e, 0,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_CheckProbablePrime(NULL, 0, NULL, 0, NULL, 0,
- nlen, isPrime);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_CheckProbablePrime(NULL, pSz, q, qSz, e, eSz, nlen, isPrime),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CheckProbablePrime(p, 0, q, qSz, e, eSz, nlen, isPrime),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CheckProbablePrime(p, pSz, NULL, qSz, e, eSz, nlen, isPrime),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, 0, e, eSz, nlen, isPrime),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, NULL, eSz, nlen, isPrime),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, 0, nlen, isPrime),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_CheckProbablePrime(NULL, 0, NULL, 0, NULL, 0, nlen, isPrime),
+ BAD_FUNC_ARG);
/* Good case */
- if (ret == 0) {
- ret = wc_CheckProbablePrime(p, pSz, q, qSz, e, eSz,
- nlen, isPrime);
- }
- wc_FreeRsaKey(&key);
- wc_FreeRng(&rng);
+ ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, eSz, nlen, isPrime),
+ 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ wc_FreeRng(&rng);
#undef CHECK_PROBABLE_PRIME_KEY_BITS
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_CheckProbablePrime */
/*
* Testing wc_RsaPSS_Verify()
*/
static int test_wc_RsaPSS_Verify(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
RsaKey key;
WC_RNG rng;
int sz = 256;
- byte* pt;
const char* szMessage = "This is the string to be signed";
unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
unsigned char pDecrypted[2048/8];
+ byte* pt = pDecrypted;
word32 outLen = sizeof(pDecrypted);
- int ret = 0;
- pt = pDecrypted;
- ret = wc_InitRsaKey(&key, HEAP_HINT);
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = wc_RsaSetRNG(&key, &rng);
- }
- if (ret == 0) {
- ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng);
- }
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+ ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+
+ ExpectIntGT(sz = wc_RsaPSS_Sign((byte*)szMessage,
+ (word32)XSTRLEN(szMessage)+1, pSignature, sizeof(pSignature),
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
- if (ret == 0) {
- ret = wc_RsaPSS_Sign((byte*)szMessage, (word32)XSTRLEN(szMessage)+1,
- pSignature, sizeof(pSignature),
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng);
- if (ret > 0) {
- sz = ret;
- ret = 0;
- }
- }
/* Bad cases */
- if (ret == 0) {
- ret = wc_RsaPSS_Verify(NULL, sz, pt, outLen,
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_Verify(pSignature, 0, pt, outLen,
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_Verify(pSignature, sz, NULL, outLen,
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_Verify(NULL, 0, NULL, outLen,
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_RsaPSS_Verify(NULL, sz, pt, outLen,
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_Verify(pSignature, 0, pt, outLen,
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_Verify(pSignature, sz, NULL, outLen,
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_Verify(NULL, 0, NULL, outLen,
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+
/* Good case */
- if (ret == 0) {
- ret = wc_RsaPSS_Verify(pSignature, sz, pt, outLen,
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_FreeRsaKey(&key);
- wc_FreeRng(&rng);
+ ExpectIntGT(wc_RsaPSS_Verify(pSignature, sz, pt, outLen,
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ wc_FreeRng(&rng);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPSS_Verify */
/*
* Testing wc_RsaPSS_VerifyCheck()
*/
static int test_wc_RsaPSS_VerifyCheck(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
RsaKey key;
WC_RNG rng;
int sz = 256; /* 2048/8 */
- byte* pt;
byte digest[32];
word32 digestSz = sizeof(digest);
unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
word32 pSignatureSz = sizeof(pSignature);
unsigned char pDecrypted[2048/8];
+ byte* pt = pDecrypted;
word32 outLen = sizeof(pDecrypted);
- int ret = 0;
- pt = pDecrypted;
+
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(digest, 0, sizeof(digest));
XMEMSET(pSignature, 0, sizeof(pSignature));
- ret = wc_InitRsaKey(&key, HEAP_HINT);
-
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = wc_RsaSetRNG(&key, &rng);
- }
- if (ret == 0) {
- ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng);
- }
- if (ret == 0) {
- digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256);
- ret = wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz);
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+ ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+ ExpectTrue((digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0);
+ ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz),
+ 0);
- }
+ ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature, pSignatureSz,
+ WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
- if (ret == 0) {
- ret = wc_RsaPSS_Sign(digest, digestSz, pSignature, pSignatureSz,
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng);
- if (ret > 0) {
- sz = ret;
- ret = 0;
- }
- }
/* Bad cases */
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheck(NULL, sz, pt, outLen,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheck(pSignature, 0, pt, outLen,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheck(pSignature, sz, NULL, outLen,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheck(NULL, 0, NULL, outLen,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, sz, pt, outLen, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, 0, pt, outLen, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, sz, NULL, outLen, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, 0, NULL, outLen, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
/* Good case */
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheck(pSignature, sz, pt, outLen,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_FreeRsaKey(&key);
- wc_FreeRng(&rng);
+ ExpectIntGT(wc_RsaPSS_VerifyCheck(pSignature, sz, pt, outLen, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ wc_FreeRng(&rng);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPSS_VerifyCheck */
/*
* Testing wc_RsaPSS_VerifyCheckInline()
*/
static int test_wc_RsaPSS_VerifyCheckInline(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
- RsaKey key;
- WC_RNG rng;
- int sz = 256;
- byte* pt;
- byte digest[32];
- word32 digestSz = sizeof(digest);
- unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
- unsigned char pDecrypted[2048/8];
- int ret;
- pt = pDecrypted;
-
- ret = wc_InitRsaKey(&key, HEAP_HINT);
+ RsaKey key;
+ WC_RNG rng;
+ int sz = 256;
+ byte digest[32];
+ word32 digestSz = sizeof(digest);
+ unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
+ unsigned char pDecrypted[2048/8];
+ byte* pt = pDecrypted;
+
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(digest, 0, sizeof(digest));
XMEMSET(pSignature, 0, sizeof(pSignature));
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = wc_RsaSetRNG(&key, &rng);
- }
- if (ret == 0) {
- ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng);
- }
- if (ret == 0) {
- digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256);
- ret = wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz);
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+ ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+ ExpectTrue((digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0);
+ ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz),
+ 0);
- }
+ ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature,
+ sizeof(pSignature), WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
- if (ret == 0) {
- ret = wc_RsaPSS_Sign(digest, digestSz, pSignature, sizeof(pSignature),
- WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng);
- if (ret > 0) {
- sz = ret;
- ret = 0;
- }
- }
/* Bad Cases */
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheckInline(NULL, sz, &pt,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheckInline(pSignature, 0, NULL,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheckInline(NULL, 0, &pt,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt,
- digest, digestSz, WC_HASH_TYPE_SHA, WC_MGF1SHA256, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, sz, &pt, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, 0, NULL, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, 0, &pt, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt, digest,
+ digestSz, WC_HASH_TYPE_SHA, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+
/* Good case */
- if (ret == 0) {
- ret = wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt,
- digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_FreeRsaKey(&key);
- wc_FreeRng(&rng);
+ ExpectIntGT(wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt, digest,
+ digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ wc_FreeRng(&rng);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPSS_VerifyCheckInline */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
@@ -21217,162 +19288,100 @@ static void sample_mutex_cb (int flag, int type, const char* file, int line)
*/
static int test_wc_LockMutex_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
- int ret = 0;
int flag = CRYPTO_LOCK;
int type = 0;
const char* file = "./test-LockMutex_ex.txt";
int line = 0;
/* without SetMutexCb */
- ret = wc_LockMutex_ex(flag, type, file, line);
- if (ret == BAD_STATE_E) {
- ret = 0;
- }
+ ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), BAD_STATE_E);
/* with SetMutexCb */
- if (ret == 0) {
- ret = wc_SetMutexCb(sample_mutex_cb);
- if (ret == 0) {
- ret = wc_LockMutex_ex(flag, type, file, line);
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0);
+ ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), 0);
+ ExpectIntEQ(wc_SetMutexCb(NULL), 0);
#endif
- return res;
-}/*End test_wc_LockMutex_ex*/
+ return EXPECT_RESULT();
+} /* End test_wc_LockMutex_ex*/
/*
* Testing wc_SetMutexCb
*/
static int test_wc_SetMutexCb(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
- int ret = wc_SetMutexCb(sample_mutex_cb);
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0);
+ ExpectIntEQ(wc_SetMutexCb(NULL), 0);
#endif
- return res;
-}/*End test_wc_SetMutexCb*/
+ return EXPECT_RESULT();
+} /* End test_wc_SetMutexCb*/
/*
* Testing wc_RsaKeyToDer()
*/
static int test_wc_RsaKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey genKey;
- WC_RNG rng;
- byte* der;
- int ret = 0;
- #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
+ RsaKey genKey;
+ WC_RNG rng;
+ byte* der = NULL;
+#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
int bits = 1024;
word32 derSz = 611;
/* (2 x 128) + 2 (possible leading 00) + (5 x 64) + 5 (possible leading 00)
+ 3 (e) + 8 (ASN tag) + 10 (ASN length) + 4 seqSz + 3 version */
- #else
+#else
int bits = 2048;
word32 derSz = 1196;
/* (2 x 256) + 2 (possible leading 00) + (5 x 128) + 5 (possible leading 00)
+ 3 (e) + 8 (ASN tag) + 17 (ASN length) + 4 seqSz + 3 version */
- #endif
+#endif
+
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&genKey, 0, sizeof(genKey));
- der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectNotNull(der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
/* Init structures. */
- if (ret == 0) {
- ret = wc_InitRsaKey(&genKey, HEAP_HINT);
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
+ ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
/* Make key. */
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng);
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0);
- if (ret == 0) {
- ret = wc_RsaKeyToDer(&genKey, der, derSz);
- if (ret > 0) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #ifndef HAVE_USER_RSA
- /* Pass good/bad args. */
- if (ret == 0) {
- ret = wc_RsaKeyToDer(NULL, der, FOURK_BUF);
- if (ret == BAD_FUNC_ARG) {
- /* Get just the output length */
- ret = wc_RsaKeyToDer(&genKey, NULL, 0);
- }
- if (ret > 0) {
- /* Try Public Key. */
- genKey.type = 0;
- ret = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- /* Put back to Private Key */
- genKey.type = 1;
- #endif
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- /* Pass good/bad args. */
- if (ret == 0) {
- ret = wc_RsaKeyToDer(NULL, der, FOURK_BUF);
- if (ret == USER_CRYPTO_ERROR) {
- /* Get just the output length */
- ret = wc_RsaKeyToDer(&genKey, NULL, 0);
- }
- if (ret > 0) {
- /* Try Public Key. */
- genKey.type = 0;
- ret = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- /* Put back to Private Key */
- genKey.type = 1;
- #endif
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntGT(wc_RsaKeyToDer(&genKey, der, derSz), 0);
+#ifndef HAVE_USER_RSA
+ /* Pass good/bad args. */
+ ExpectIntEQ(wc_RsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
+ /* Get just the output length */
+ ExpectIntGT(wc_RsaKeyToDer(&genKey, NULL, 0), 0);
+ /* Try Public Key. */
+ genKey.type = 0;
+ ExpectIntEQ(wc_RsaKeyToDer(&genKey, der, FOURK_BUF), BAD_FUNC_ARG);
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ /* Put back to Private Key */
+ genKey.type = 1;
#endif
+#else
+ /* Pass good/bad args. */
+ ExpectIntEQ(wc_RsaKeyToDer(NULL, der, FOURK_BUF), USER_CRYPTO_ERROR);
+ /* Get just the output length */
+ ExpectIntGT(wc_RsaKeyToDer(&genKey, NULL, 0), 0);
+ /* Try Public Key. */
+ genKey.type = 0;
+ ExpectIntEQ(wc_RsaKeyToDer(&genKey, der, FOURK_BUF), USER_CRYPTO_ERROR);
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ /* Put back to Private Key */
+ genKey.type = 1;
+ #endif
+#endif
- if (der != NULL) {
- XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- if (wc_FreeRsaKey(&genKey) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaKeyToDer */
/*
@@ -21380,113 +19389,55 @@ static int test_wc_RsaKeyToDer(void)
*/
static int test_wc_RsaKeyToPublicDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey key;
- WC_RNG rng;
- byte* der;
- int ret = 0;
- #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
- int bits = 1024;
- word32 derLen = 162;
- #else
- int bits = 2048;
- word32 derLen = 294;
- #endif
+ RsaKey key;
+ WC_RNG rng;
+ byte* der = NULL;
+#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
+ int bits = 1024;
+ word32 derLen = 162;
+#else
+ int bits = 2048;
+ word32 derLen = 294;
+#endif
+#ifndef HAVE_USER_RSA
+ int ret;
+#endif
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
- der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_InitRsaKey(&key, HEAP_HINT);
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
- }
-
- if (ret == 0) {
- /* test getting size only */
- ret = wc_RsaKeyToPublicDer(&key, NULL, derLen);
- if (ret >= 0)
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_RsaKeyToPublicDer(&key, der, derLen);
- if (ret >= 0) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectNotNull(der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
- if (ret == 0) {
- /* test getting size only */
- ret = wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0);
- if (ret >= 0)
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0);
- if (ret >= 0) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* test getting size only */
+ ExpectIntGT(wc_RsaKeyToPublicDer(&key, NULL, derLen), 0);
+ ExpectIntGT(wc_RsaKeyToPublicDer(&key, der, derLen), 0);
- #ifndef HAVE_USER_RSA
- /* Pass in bad args. */
- if (ret == 0) {
- ret = wc_RsaKeyToPublicDer(NULL, der, derLen);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaKeyToPublicDer(&key, der, -1);
- }
- if (ret == BUFFER_E || ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- /* Pass in bad args. */
- if (ret == 0) {
- ret = wc_RsaKeyToPublicDer(NULL, der, derLen);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaKeyToPublicDer(&key, der, -1);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
+ /* test getting size only */
+ ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0), 0);
+ ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0), 0);
- if (der != NULL) {
- XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+#ifndef HAVE_USER_RSA
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_RsaKeyToPublicDer(NULL, der, derLen), BAD_FUNC_ARG);
+ ExpectIntLT(ret = wc_RsaKeyToPublicDer(&key, der, -1), 0);
+ ExpectTrue((ret == BUFFER_E) || (ret == BAD_FUNC_ARG));
+#else
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_RsaKeyToPublicDer(NULL, der, derLen), USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaKeyToPublicDer(&key, der, -1), USER_CRYPTO_ERROR);
+#endif
- res = TEST_RES_CHECK(ret == 0);
+ XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaKeyToPublicDer */
@@ -21495,86 +19446,57 @@ static int test_wc_RsaKeyToPublicDer(void)
*/
static int test_wc_RsaPublicEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey key;
- WC_RNG rng;
- int ret = 0;
+ RsaKey key;
+ WC_RNG rng;
const char inStr[] = TEST_STRING;
const word32 plainLen = (word32)TEST_STRING_SZ;
const word32 inLen = (word32)TEST_STRING_SZ;
int bits = TEST_RSA_BITS;
const word32 cipherLen = TEST_RSA_BYTES;
word32 cipherLenResult = cipherLen;
-
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
- if (in == NULL || plain == NULL || cipher == NULL) {
- fprintf(stderr, "test_wc_RsaPublicEncryptDecrypt malloc failed\n");
- return MEMORY_E;
-}
+ ExpectNotNull(in);
+ ExpectNotNull(plain);
+ ExpectNotNull(cipher);
#endif
- XMEMCPY(in, inStr, inLen);
+ ExpectNotNull(XMEMCPY(in, inStr, inLen));
- ret = wc_InitRsaKey(&key, HEAP_HINT);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
- }
- /* Encrypt. */
+ /* Initialize stack structures. */
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_RsaPublicEncrypt(in, inLen, cipher, cipherLen, &key, &rng);
- if (ret >= 0) {
- cipherLenResult = ret;
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
- /* Pass bad args. */
- /* Tests PsaPublicEncryptEx() which, is tested by another fn. No need dup.*/
- if (ret != 0) {
- return TEST_FAIL;
- }
+ /* Encrypt. */
+ ExpectIntGT(cipherLenResult = wc_RsaPublicEncrypt(in, inLen, cipher,
+ cipherLen, &key, &rng), 0);
+ /* Pass bad args - tested in another testing function.*/
/* Decrypt */
- #if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
- /* Bind rng */
- if (ret == 0) {
- ret = wc_RsaSetRNG(&key, &rng);
- }
- #endif
- if (ret == 0) {
- ret = wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen, &key);
- }
- if (ret >= 0) {
- ret = XMEMCMP(plain, inStr, plainLen);
- }
-
- /* Pass in bad args. */
- /* Tests RsaPrivateDecryptEx() which, is tested by another fn. No need dup.*/
+#if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
+ /* Bind rng */
+ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+#endif
+ ExpectIntGE(wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen,
+ &key), 0);
+ ExpectIntEQ(XMEMCMP(plain, inStr, plainLen), 0);
+ /* Pass bad args - tested in another testing function.*/
WC_FREE_VAR(in, NULL);
WC_FREE_VAR(plain, NULL);
WC_FREE_VAR(cipher, NULL);
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPublicEncryptDecrypt */
@@ -21583,13 +19505,12 @@ static int test_wc_RsaPublicEncryptDecrypt(void)
*/
static int test_wc_RsaPublicEncryptDecrypt_ex(void)
{
- int result = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_FIPS)\
&& !defined(WC_NO_RSA_OAEP) && !defined(HAVE_USER_RSA)\
&& !defined(NO_SHA256)
RsaKey key;
WC_RNG rng;
- int ret;
const char inStr[] = TEST_STRING;
const word32 inLen = (word32)TEST_STRING_SZ;
const word32 plainSz = (word32)TEST_STRING_SZ;
@@ -21603,99 +19524,47 @@ static int test_wc_RsaPublicEncryptDecrypt_ex(void)
WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
- if (in == NULL || plain == NULL || cipher == NULL) {
- fprintf(stderr, "test_wc_RsaPublicEncryptDecrypt_exmalloc failed\n");
- return TEST_FAIL;
- }
+ ExpectNotNull(in);
+ ExpectNotNull(plain);
+ ExpectNotNull(cipher);
#endif
- XMEMCPY(in, inStr, inLen);
+ ExpectNotNull(XMEMCPY(in, inStr, inLen));
/* Initialize stack structures. */
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
- }
- /* Encrypt */
- if (ret == 0) {
- ret = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key, &rng,
- WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
- if (ret >= 0) {
- idx = ret;
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
- /* Pass bad args. */
- /* Tests RsaPublicEncryptEx again. No need duplicate. */
- if (ret != 0) {
- return TEST_FAIL;
- }
+ /* Encrypt */
+ ExpectIntGE(idx = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key,
+ &rng, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
+ /* Pass bad args - tested in another testing function.*/
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
/* Decrypt */
#if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
- if (ret == 0) {
- ret = wc_RsaSetRNG(&key, &rng);
- }
+ ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
#endif
- if (ret == 0) {
- ret = wc_RsaPrivateDecrypt_ex(cipher, (word32)idx,
- plain, plainSz, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256,
- WC_MGF1SHA256, NULL, 0);
- }
- if (ret >= 0) {
- if (!XMEMCMP(plain, inStr, plainSz)) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- /*Pass bad args.*/
- /* Tests RsaPrivateDecryptEx() again. No need duplicate. */
- if (ret != 0) {
- return TEST_FAIL;
- }
+ ExpectIntGE(wc_RsaPrivateDecrypt_ex(cipher, (word32)idx, plain, plainSz,
+ &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
+ ExpectIntEQ(XMEMCMP(plain, inStr, plainSz), 0);
+ /* Pass bad args - tested in another testing function.*/
- if (ret == 0) {
- ret = wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx,
- &res, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256,
- WC_MGF1SHA256, NULL, 0);
-
- if (ret >= 0) {
- if (!XMEMCMP(inStr, res, plainSz)) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntGE(wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx, &res, &key,
+ WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
+ ExpectIntEQ(XMEMCMP(inStr, res, plainSz), 0);
#endif
WC_FREE_VAR(in, NULL);
WC_FREE_VAR(plain, NULL);
WC_FREE_VAR(cipher, NULL);
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- result = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return result;
+ return EXPECT_RESULT();
} /* END test_wc_RsaPublicEncryptDecrypt_ex */
@@ -21704,16 +19573,15 @@ static int test_wc_RsaPublicEncryptDecrypt_ex(void)
*/
static int test_wc_RsaSSL_SignVerify(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey key;
- WC_RNG rng;
- int ret = 0;
+ RsaKey key;
+ WC_RNG rng;
const char inStr[] = TEST_STRING;
const word32 plainSz = (word32)TEST_STRING_SZ;
const word32 inLen = (word32)TEST_STRING_SZ;
- word32 idx = 0;
- int bits = TEST_RSA_BITS;
+ word32 idx = 0;
+ int bits = TEST_RSA_BITS;
const word32 outSz = TEST_RSA_BYTES;
WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
@@ -21721,142 +19589,75 @@ static int test_wc_RsaSSL_SignVerify(void)
WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
- if (in == NULL || out == NULL || plain == NULL) {
- fprintf(stderr, "test_wc_RsaSSL_SignVerify failed\n");
- return TEST_FAIL;
- }
+ ExpectNotNull(in);
+ ExpectNotNull(out);
+ ExpectNotNull(plain);
#endif
- XMEMCPY(in, inStr, inLen);
+ ExpectNotNull(XMEMCPY(in, inStr, inLen));
- ret = wc_InitRsaKey(&key, HEAP_HINT);
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
- }
/* Sign. */
-
- if (ret == 0) {
- ret = wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng);
- if (ret == (int)outSz) {
- idx = ret;
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng), (int)outSz);
+ idx = (int)outSz;
#ifndef HAVE_USER_RSA
/* Test bad args. */
- if (ret == 0) {
- ret = wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng),
+ BAD_FUNC_ARG);
#else
/* Test bad args. */
- if (ret == 0) {
- ret = wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng),
+ USER_CRYPTO_ERROR);
#endif
- if (ret != 0) {
- return TEST_FAIL;
- }
/* Verify. */
- ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, &key);
- if (ret == (int)inLen) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- #ifndef HAVE_USER_RSA
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaSSL_Verify(out, 0, plain, plainSz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaSSL_Verify(out, 0, plain, plainSz, &key);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
+ ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, &key), (int)inLen);
+#ifndef HAVE_USER_RSA
+ /* Pass bad args. */
+ ExpectIntEQ(wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaSSL_Verify(out, 0, plain, plainSz, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL),
+ BAD_FUNC_ARG);
+#else
+ /* Pass bad args. */
+ ExpectIntEQ(wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaSSL_Verify(out, 0, plain, plainSz, &key),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL),
+ USER_CRYPTO_ERROR);
+#endif
WC_FREE_VAR(in, NULL);
WC_FREE_VAR(out, NULL);
WC_FREE_VAR(plain, NULL);
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaSSL_SignVerify */
@@ -21865,76 +19666,39 @@ static int test_wc_RsaSSL_SignVerify(void)
*/
static int test_wc_RsaEncryptSize(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey key;
- WC_RNG rng;
- int ret;
+ RsaKey key;
+ WC_RNG rng;
- ret = wc_InitRsaKey(&key, HEAP_HINT);
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
- if (ret == 0) {
- ret = wc_RsaEncryptSize(&key);
- }
- if (ret == 128) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
+ ExpectIntEQ(MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng), 0);
+
+ ExpectIntEQ(wc_RsaEncryptSize(&key), 128);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
#endif
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng);
- if (ret == 0) {
- ret = wc_RsaEncryptSize(&key);
- }
- if (ret == 256) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+ ExpectIntEQ(wc_RsaEncryptSize(&key), 256);
/* Pass in bad arg. */
- if (ret == 0) {
- ret = wc_RsaEncryptSize(NULL);
- #ifndef HAVE_USER_RSA
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- #endif
- }
-
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+#ifndef HAVE_USER_RSA
+ ExpectIntEQ(wc_RsaEncryptSize(NULL), BAD_FUNC_ARG);
+#else
+ ExpectIntEQ(wc_RsaEncryptSize(NULL), 0);
+#endif
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaEncryptSize*/
@@ -21943,97 +19707,59 @@ static int test_wc_RsaEncryptSize(void)
*/
static int test_wc_RsaFlattenPublicKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- RsaKey key;
- WC_RNG rng;
- int ret = 0;
- byte e[256];
- byte n[256];
- word32 eSz = sizeof(e);
- word32 nSz = sizeof(n);
+ RsaKey key;
+ WC_RNG rng;
+ byte e[256];
+ byte n[256];
+ word32 eSz = sizeof(e);
+ word32 nSz = sizeof(n);
#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
- int bits = 1024;
+ int bits = 1024;
#else
- int bits = 2048;
+ int bits = 2048;
#endif
- ret = wc_InitRsaKey(&key, HEAP_HINT);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
+ XMEMSET(&key, 0, sizeof(RsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
- if (ret >= 0) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
- if (ret == 0) {
- ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz);
- }
- #ifndef HAVE_USER_RSA
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- /* Pass bad args. */
- if (ret == 0) {
- ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL);
- }
- if (ret == USER_CRYPTO_ERROR) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
- if (wc_FreeRsaKey(&key) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (wc_FreeRng(&rng) || ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz), 0);
+#ifndef HAVE_USER_RSA
+ /* Pass bad args. */
+ ExpectIntEQ(wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL),
+ BAD_FUNC_ARG);
+#else
+ /* Pass bad args. */
+ ExpectIntEQ(wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz),
+ USER_CRYPTO_ERROR);
+ ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL),
+ USER_CRYPTO_ERROR);
+#endif
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_RsaFlattenPublicKey */
@@ -22044,69 +19770,47 @@ static int test_wc_RsaFlattenPublicKey(void)
*/
static int test_wc_AesCcmSetKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_AESCCM
Aes aes;
- int ret = 0;
- const byte key16[] =
- {
+ const byte key16[] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
- const byte key24[] =
- {
+ const byte key24[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
};
- const byte key32[] =
- {
+ const byte key32[] = {
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
};
- ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ XMEMSET(&aes, 0, sizeof(Aes));
+
+ ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
#ifdef WOLFSSL_AES_128
- ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0);
#endif
#ifdef WOLFSSL_AES_192
- if (ret == 0) {
- ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24));
- }
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24)), 0);
#endif
#ifdef WOLFSSL_AES_256
- if (ret == 0) {
- ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
- }
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32)), 0);
#endif
/* Test bad args. */
- if (ret == 0) {
- ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1);
- }
- if (ret != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1), BAD_FUNC_ARG);
wc_AesFree(&aes);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_AesCcmSetKey */
@@ -22115,209 +19819,1606 @@ static int test_wc_AesCcmSetKey(void)
*/
static int test_wc_AesCcmEncryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
Aes aes;
- int ret = 0;
- const byte key16[] =
- {
+ const byte key16[] = {
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
};
/* plaintext */
- const byte plainT[] =
- {
+ const byte plainT[] = {
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
};
/* nonce */
- const byte iv[] =
- {
+ const byte iv[] = {
0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
0xa1, 0xa2, 0xa3, 0xa4, 0xa5
};
- const byte c[] = /* cipher text. */
- {
+ const byte c[] = { /* cipher text. */
0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
};
- const byte t[] = /* Auth tag */
- {
+ const byte t[] = { /* Auth tag */
0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
};
- const byte authIn[] =
- {
+ const byte authIn[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
};
byte cipherOut[sizeof(plainT)];
byte authTag[sizeof(t)];
- int ccmE = WOLFSSL_FATAL_ERROR;
- #ifdef HAVE_AES_DECRYPT
- int ccmD = WOLFSSL_FATAL_ERROR;
- byte plainOut[sizeof(cipherOut)];
- #endif
+#ifdef HAVE_AES_DECRYPT
+ byte plainOut[sizeof(cipherOut)];
+#endif
- ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
- if (ret != 0)
- return ret;
+ XMEMSET(&aes, 0, sizeof(Aes));
- ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
- if (ret == 0) {
- ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn , sizeof(authIn));
- if ((XMEMCMP(cipherOut, c, sizeof(c)) && ccmE == 0) ||
- XMEMCMP(t, authTag, sizeof(t))) {
- ccmE = WOLFSSL_FATAL_ERROR;
- ret = WOLFSSL_FATAL_ERROR;
- }
- #ifdef HAVE_AES_DECRYPT
- if (ret == 0) {
- ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
- sizeof(plainOut), iv, sizeof(iv),
- authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- if (XMEMCMP(plainOut, plainT, sizeof(plainT)) && ccmD == 0) {
- ccmD = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
- }
+ ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0);
+
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), 0);
+ ExpectIntEQ(XMEMCMP(cipherOut, c, sizeof(c)), 0);
+ ExpectIntEQ(XMEMCMP(t, authTag, sizeof(t)), 0);
+#ifdef HAVE_AES_DECRYPT
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), 0);
+ ExpectIntEQ(XMEMCMP(plainOut, plainT, sizeof(plainT)), 0);
+#endif
/* Pass in bad args. Encrypt*/
- if (ret == 0 && ccmE == 0) {
- ccmE = wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn , sizeof(authIn));
- if (ccmE == BAD_FUNC_ARG) {
- ccmE = wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn , sizeof(authIn));
- }
- if (ccmE == BAD_FUNC_ARG) {
- ccmE = wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn , sizeof(authIn));
- }
- if (ccmE == BAD_FUNC_ARG) {
- ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
- NULL, sizeof(iv), authTag, sizeof(authTag),
- authIn , sizeof(authIn));
+ ExpectIntEQ(wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+ NULL, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+ iv, sizeof(iv), NULL, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+ iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+ iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn , sizeof(authIn)),
+ BAD_FUNC_ARG);
+
+#ifdef HAVE_AES_DECRYPT
+ /* Pass in bad args. Decrypt*/
+ ExpectIntEQ(wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut),
+ iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+ NULL, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+ iv, sizeof(iv), NULL, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+ iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+ iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn, sizeof(authIn)),
+ BAD_FUNC_ARG);
+ #endif
+
+ wc_AesFree(&aes);
+#endif /* HAVE_AESCCM */
+ return EXPECT_RESULT();
+} /* END test_wc_AesCcmEncryptDecrypt */
+
+
+#if defined(WOLFSSL_AES_EAX) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+
+/*
+ * Testing test_wc_AesEaxVectors()
+ */
+static int test_wc_AesEaxVectors(void)
+{
+ EXPECT_DECLS;
+
+ typedef struct {
+ byte key[AES_256_KEY_SIZE];
+ int key_length;
+ byte iv[AES_BLOCK_SIZE];
+ int iv_length;
+ byte aad[AES_BLOCK_SIZE * 2];
+ int aad_length;
+ byte msg[AES_BLOCK_SIZE * 5];
+ int msg_length;
+ byte ct[AES_BLOCK_SIZE * 5];
+ int ct_length;
+ byte tag[AES_BLOCK_SIZE];
+ int tag_length;
+ int valid;
+ } AadVector;
+
+ /* Test vectors obtained from Google wycheproof project
+ * https://github.com/google/wycheproof
+ * from testvectors/aes_eax_test.json
+ */
+ const AadVector vectors[] = {
+ {
+ /* key, key length */
+ {0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f,
+ 0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78}, 16,
+ /* iv, iv length */
+ {0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07,
+ 0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3}, 16,
+ /* aad, aad length */
+ {0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b}, 8,
+ /* msg, msg length */
+ {0x00}, 0,
+ /* ct, ct length */
+ {0x00}, 0,
+ /* tag, tag length */
+ {0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2, 0x7b,
+ 0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x91, 0x94, 0x5d, 0x3f, 0x4d, 0xcb, 0xee, 0x0b,
+ 0xf4, 0x5e, 0xf5, 0x22, 0x55, 0xf0, 0x95, 0xa4}, 16,
+ /* iv, iv length */
+ {0xbe, 0xca, 0xf0, 0x43, 0xb0, 0xa2, 0x3d, 0x84,
+ 0x31, 0x94, 0xba, 0x97, 0x2c, 0x66, 0xde, 0xbd}, 16,
+ /* aad, aad length */
+ {0xfa, 0x3b, 0xfd, 0x48, 0x06, 0xeb, 0x53, 0xfa}, 8,
+ /* msg, msg length */
+ {0xf7, 0xfb}, 2,
+ /* ct, ct length */
+ {0x19, 0xdd}, 2,
+ /* tag, tag length */
+ {0x5c, 0x4c, 0x93, 0x31, 0x04, 0x9d, 0x0b, 0xda,
+ 0xb0, 0x27, 0x74, 0x08, 0xf6, 0x79, 0x67, 0xe5}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x01, 0xf7, 0x4a, 0xd6, 0x40, 0x77, 0xf2, 0xe7,
+ 0x04, 0xc0, 0xf6, 0x0a, 0xda, 0x3d, 0xd5, 0x23}, 16,
+ /* iv, iv length */
+ {0x70, 0xc3, 0xdb, 0x4f, 0x0d, 0x26, 0x36, 0x84,
+ 0x00, 0xa1, 0x0e, 0xd0, 0x5d, 0x2b, 0xff, 0x5e}, 16,
+ /* aad, aad length */
+ {0x23, 0x4a, 0x34, 0x63, 0xc1, 0x26, 0x4a, 0xc6}, 8,
+ /* msg, msg length */
+ {0x1a, 0x47, 0xcb, 0x49, 0x33}, 5,
+ /* ct, ct length */
+ {0xd8, 0x51, 0xd5, 0xba, 0xe0}, 5,
+ /* tag, tag length */
+ {0x3a, 0x59, 0xf2, 0x38, 0xa2, 0x3e, 0x39, 0x19,
+ 0x9d, 0xc9, 0x26, 0x66, 0x26, 0xc4, 0x0f, 0x80}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0xd0, 0x7c, 0xf6, 0xcb, 0xb7, 0xf3, 0x13, 0xbd,
+ 0xde, 0x66, 0xb7, 0x27, 0xaf, 0xd3, 0xc5, 0xe8}, 16,
+ /* iv, iv length */
+ {0x84, 0x08, 0xdf, 0xff, 0x3c, 0x1a, 0x2b, 0x12,
+ 0x92, 0xdc, 0x19, 0x9e, 0x46, 0xb7, 0xd6, 0x17}, 16,
+ /* aad, aad length */
+ {0x33, 0xcc, 0xe2, 0xea, 0xbf, 0xf5, 0xa7, 0x9d}, 8,
+ /* msg, msg length */
+ {0x48, 0x1c, 0x9e, 0x39, 0xb1}, 5,
+ /* ct, ct length */
+ {0x63, 0x2a, 0x9d, 0x13, 0x1a}, 5,
+ /* tag, tag length */
+ {0xd4, 0xc1, 0x68, 0xa4, 0x22, 0x5d, 0x8e, 0x1f,
+ 0xf7, 0x55, 0x93, 0x99, 0x74, 0xa7, 0xbe, 0xde}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x35, 0xb6, 0xd0, 0x58, 0x00, 0x05, 0xbb, 0xc1,
+ 0x2b, 0x05, 0x87, 0x12, 0x45, 0x57, 0xd2, 0xc2}, 16,
+ /* iv, iv length */
+ {0xfd, 0xb6, 0xb0, 0x66, 0x76, 0xee, 0xdc, 0x5c,
+ 0x61, 0xd7, 0x42, 0x76, 0xe1, 0xf8, 0xe8, 0x16}, 16,
+ /* aad, aad length */
+ {0xae, 0xb9, 0x6e, 0xae, 0xbe, 0x29, 0x70, 0xe9}, 8,
+ /* msg, msg length */
+ {0x40, 0xd0, 0xc0, 0x7d, 0xa5, 0xe4}, 6,
+ /* ct, ct length */
+ {0x07, 0x1d, 0xfe, 0x16, 0xc6, 0x75}, 6,
+ /* tag, tag length */
+ {0xcb, 0x06, 0x77, 0xe5, 0x36, 0xf7, 0x3a, 0xfe,
+ 0x6a, 0x14, 0xb7, 0x4e, 0xe4, 0x98, 0x44, 0xdd}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0xbd, 0x8e, 0x6e, 0x11, 0x47, 0x5e, 0x60, 0xb2,
+ 0x68, 0x78, 0x4c, 0x38, 0xc6, 0x2f, 0xeb, 0x22}, 16,
+ /* iv, iv length */
+ {0x6e, 0xac, 0x5c, 0x93, 0x07, 0x2d, 0x8e, 0x85,
+ 0x13, 0xf7, 0x50, 0x93, 0x5e, 0x46, 0xda, 0x1b}, 16,
+ /* aad, aad length */
+ {0xd4, 0x48, 0x2d, 0x1c, 0xa7, 0x8d, 0xce, 0x0f}, 8,
+ /* msg, msg length */
+ {0x4d, 0xe3, 0xb3, 0x5c, 0x3f, 0xc0, 0x39, 0x24,
+ 0x5b, 0xd1, 0xfb, 0x7d}, 12,
+ /* ct, ct length */
+ {0x83, 0x5b, 0xb4, 0xf1, 0x5d, 0x74, 0x3e, 0x35,
+ 0x0e, 0x72, 0x84, 0x14}, 12,
+ /* tag, tag length */
+ {0xab, 0xb8, 0x64, 0x4f, 0xd6, 0xcc, 0xb8, 0x69,
+ 0x47, 0xc5, 0xe1, 0x05, 0x90, 0x21, 0x0a, 0x4f}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x7c, 0x77, 0xd6, 0xe8, 0x13, 0xbe, 0xd5, 0xac,
+ 0x98, 0xba, 0xa4, 0x17, 0x47, 0x7a, 0x2e, 0x7d}, 16,
+ /* iv, iv length */
+ {0x1a, 0x8c, 0x98, 0xdc, 0xd7, 0x3d, 0x38, 0x39,
+ 0x3b, 0x2b, 0xf1, 0x56, 0x9d, 0xee, 0xfc, 0x19}, 16,
+ /* aad, aad length */
+ {0x65, 0xd2, 0x01, 0x79, 0x90, 0xd6, 0x25, 0x28}, 8,
+ /* msg, msg length */
+ {0x8b, 0x0a, 0x79, 0x30, 0x6c, 0x9c, 0xe7, 0xed,
+ 0x99, 0xda, 0xe4, 0xf8, 0x7f, 0x8d, 0xd6, 0x16,
+ 0x36}, 17,
+ /* ct, ct length */
+ {0x02, 0x08, 0x3e, 0x39, 0x79, 0xda, 0x01, 0x48,
+ 0x12, 0xf5, 0x9f, 0x11, 0xd5, 0x26, 0x30, 0xda,
+ 0x30}, 17,
+ /* tag, tag length */
+ {0x13, 0x73, 0x27, 0xd1, 0x06, 0x49, 0xb0, 0xaa,
+ 0x6e, 0x1c, 0x18, 0x1d, 0xb6, 0x17, 0xd7, 0xf2}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x5f, 0xff, 0x20, 0xca, 0xfa, 0xb1, 0x19, 0xca,
+ 0x2f, 0xc7, 0x35, 0x49, 0xe2, 0x0f, 0x5b, 0x0d}, 16,
+ /* iv, iv length */
+ {0xdd, 0xe5, 0x9b, 0x97, 0xd7, 0x22, 0x15, 0x6d,
+ 0x4d, 0x9a, 0xff, 0x2b, 0xc7, 0x55, 0x98, 0x26}, 16,
+ /* aad, aad length */
+ {0x54, 0xb9, 0xf0, 0x4e, 0x6a, 0x09, 0x18, 0x9a}, 8,
+ /* msg, msg length */
+ {0x1b, 0xda, 0x12, 0x2b, 0xce, 0x8a, 0x8d, 0xba,
+ 0xf1, 0x87, 0x7d, 0x96, 0x2b, 0x85, 0x92, 0xdd,
+ 0x2d, 0x56}, 18,
+ /* ct, ct length */
+ {0x2e, 0xc4, 0x7b, 0x2c, 0x49, 0x54, 0xa4, 0x89,
+ 0xaf, 0xc7, 0xba, 0x48, 0x97, 0xed, 0xcd, 0xae,
+ 0x8c, 0xc3}, 18,
+ /* tag, tag length */
+ {0x3b, 0x60, 0x45, 0x05, 0x99, 0xbd, 0x02, 0xc9,
+ 0x63, 0x82, 0x90, 0x2a, 0xef, 0x7f, 0x83, 0x2a}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0xa4, 0xa4, 0x78, 0x2b, 0xcf, 0xfd, 0x3e, 0xc5,
+ 0xe7, 0xef, 0x6d, 0x8c, 0x34, 0xa5, 0x61, 0x23}, 16,
+ /* iv, iv length */
+ {0xb7, 0x81, 0xfc, 0xf2, 0xf7, 0x5f, 0xa5, 0xa8,
+ 0xde, 0x97, 0xa9, 0xca, 0x48, 0xe5, 0x22, 0xec}, 16,
+ /* aad, aad length */
+ {0x89, 0x9a, 0x17, 0x58, 0x97, 0x56, 0x1d, 0x7e}, 8,
+ /* msg, msg length */
+ {0x6c, 0xf3, 0x67, 0x20, 0x87, 0x2b, 0x85, 0x13,
+ 0xf6, 0xea, 0xb1, 0xa8, 0xa4, 0x44, 0x38, 0xd5,
+ 0xef, 0x11}, 18,
+ /* ct, ct length */
+ {0x0d, 0xe1, 0x8f, 0xd0, 0xfd, 0xd9, 0x1e, 0x7a,
+ 0xf1, 0x9f, 0x1d, 0x8e, 0xe8, 0x73, 0x39, 0x38,
+ 0xb1, 0xe8}, 18,
+ /* tag, tag length */
+ {0xe7, 0xf6, 0xd2, 0x23, 0x16, 0x18, 0x10, 0x2f,
+ 0xdb, 0x7f, 0xe5, 0x5f, 0xf1, 0x99, 0x17, 0x00}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x83, 0x95, 0xfc, 0xf1, 0xe9, 0x5b, 0xeb, 0xd6,
+ 0x97, 0xbd, 0x01, 0x0b, 0xc7, 0x66, 0xaa, 0xc3}, 16,
+ /* iv, iv length */
+ {0x22, 0xe7, 0xad, 0xd9, 0x3c, 0xfc, 0x63, 0x93,
+ 0xc5, 0x7e, 0xc0, 0xb3, 0xc1, 0x7d, 0x6b, 0x44}, 16,
+ /* aad, aad length */
+ {0x12, 0x67, 0x35, 0xfc, 0xc3, 0x20, 0xd2, 0x5a}, 8,
+ /* msg, msg length */
+ {0xca, 0x40, 0xd7, 0x44, 0x6e, 0x54, 0x5f, 0xfa,
+ 0xed, 0x3b, 0xd1, 0x2a, 0x74, 0x0a, 0x65, 0x9f,
+ 0xfb, 0xbb, 0x3c, 0xea, 0xb7}, 21,
+ /* ct, ct length */
+ {0xcb, 0x89, 0x20, 0xf8, 0x7a, 0x6c, 0x75, 0xcf,
+ 0xf3, 0x96, 0x27, 0xb5, 0x6e, 0x3e, 0xd1, 0x97,
+ 0xc5, 0x52, 0xd2, 0x95, 0xa7}, 21,
+ /* tag, tag length */
+ {0xcf, 0xc4, 0x6a, 0xfc, 0x25, 0x3b, 0x46, 0x52,
+ 0xb1, 0xaf, 0x37, 0x95, 0xb1, 0x24, 0xab, 0x6e}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x3c, 0x8c, 0xc2, 0x97, 0x0a, 0x00, 0x8f, 0x75,
+ 0xcc, 0x5b, 0xea, 0xe2, 0x84, 0x72, 0x58, 0xc2}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0x3c, 0x44, 0x1f, 0x32, 0xce, 0x07, 0x82, 0x23,
+ 0x64, 0xd7, 0xa2, 0x99, 0x0e, 0x50, 0xbb, 0x13,
+ 0xd7, 0xb0, 0x2a, 0x26, 0x96, 0x9e, 0x4a, 0x93,
+ 0x7e, 0x5e, 0x90, 0x73, 0xb0, 0xd9, 0xc9, 0x68}, 32,
+ /* tag, tag length */
+ {0xdb, 0x90, 0xbd, 0xb3, 0xda, 0x3d, 0x00, 0xaf,
+ 0xd0, 0xfc, 0x6a, 0x83, 0x55, 0x1d, 0xa9, 0x5e}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0xae, 0xf0, 0x3d, 0x00, 0x59, 0x84, 0x94, 0xe9,
+ 0xfb, 0x03, 0xcd, 0x7d, 0x8b, 0x59, 0x08, 0x66}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0xd1, 0x9a, 0xc5, 0x98, 0x49, 0x02, 0x6a, 0x91,
+ 0xaa, 0x1b, 0x9a, 0xec, 0x29, 0xb1, 0x1a, 0x20,
+ 0x2a, 0x4d, 0x73, 0x9f, 0xd8, 0x6c, 0x28, 0xe3,
+ 0xae, 0x3d, 0x58, 0x8e, 0xa2, 0x1d, 0x70, 0xc6}, 32,
+ /* tag, tag length */
+ {0xc3, 0x0f, 0x6c, 0xd9, 0x20, 0x20, 0x74, 0xed,
+ 0x6e, 0x2a, 0x2a, 0x36, 0x0e, 0xac, 0x8c, 0x47}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x55, 0xd1, 0x25, 0x11, 0xc6, 0x96, 0xa8, 0x0d,
+ 0x05, 0x14, 0xd1, 0xff, 0xba, 0x49, 0xca, 0xda}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0x21, 0x08, 0x55, 0x8a, 0xc4, 0xb2, 0xc2, 0xd5,
+ 0xcc, 0x66, 0xce, 0xa5, 0x1d, 0x62, 0x10, 0xe0,
+ 0x46, 0x17, 0x7a, 0x67, 0x63, 0x1c, 0xd2, 0xdd,
+ 0x8f, 0x09, 0x46, 0x97, 0x33, 0xac, 0xb5, 0x17}, 32,
+ /* tag, tag length */
+ {0xfc, 0x35, 0x5e, 0x87, 0xa2, 0x67, 0xbe, 0x3a,
+ 0xe3, 0xe4, 0x4c, 0x0b, 0xf3, 0xf9, 0x9b, 0x2b}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x79, 0x42, 0x2d, 0xdd, 0x91, 0xc4, 0xee, 0xe2,
+ 0xde, 0xae, 0xf1, 0xf9, 0x68, 0x30, 0x53, 0x04}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0x4d, 0x2c, 0x15, 0x24, 0xca, 0x4b, 0xaa, 0x4e,
+ 0xef, 0xcc, 0xe6, 0xb9, 0x1b, 0x22, 0x7e, 0xe8,
+ 0x3a, 0xba, 0xff, 0x81, 0x05, 0xdc, 0xaf, 0xa2,
+ 0xab, 0x19, 0x1f, 0x5d, 0xf2, 0x57, 0x50, 0x35}, 32,
+ /* tag, tag length */
+ {0xe2, 0xc8, 0x65, 0xce, 0x2d, 0x7a, 0xbd, 0xac,
+ 0x02, 0x4c, 0x6f, 0x99, 0x1a, 0x84, 0x83, 0x90}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x0a, 0xf5, 0xaa, 0x7a, 0x76, 0x76, 0xe2, 0x83,
+ 0x06, 0x30, 0x6b, 0xcd, 0x9b, 0xf2, 0x00, 0x3a}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0x8e, 0xb0, 0x1e, 0x62, 0x18, 0x5d, 0x78, 0x2e,
+ 0xb9, 0x28, 0x7a, 0x34, 0x1a, 0x68, 0x62, 0xac,
+ 0x52, 0x57, 0xd6, 0xf9, 0xad, 0xc9, 0x9e, 0xe0,
+ 0xa2, 0x4d, 0x9c, 0x22, 0xb3, 0xe9, 0xb3, 0x8a}, 32,
+ /* tag, tag length */
+ {0x39, 0xc3, 0x39, 0xbc, 0x8a, 0x74, 0xc7, 0x5e,
+ 0x2c, 0x65, 0xc6, 0x11, 0x95, 0x44, 0xd6, 0x1e}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0xaf, 0x5a, 0x03, 0xae, 0x7e, 0xdd, 0x73, 0x47,
+ 0x1b, 0xdc, 0xdf, 0xac, 0x5e, 0x19, 0x4a, 0x60}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0x94, 0xc5, 0xd2, 0xac, 0xa6, 0xdb, 0xbc, 0xe8,
+ 0xc2, 0x45, 0x13, 0xa2, 0x5e, 0x09, 0x5c, 0x0e,
+ 0x54, 0xa9, 0x42, 0x86, 0x0d, 0x32, 0x7a, 0x22,
+ 0x2a, 0x81, 0x5c, 0xc7, 0x13, 0xb1, 0x63, 0xb4}, 32,
+ /* tag, tag length */
+ {0xf5, 0x0b, 0x30, 0x30, 0x4e, 0x45, 0xc9, 0xd4,
+ 0x11, 0xe8, 0xdf, 0x45, 0x08, 0xa9, 0x86, 0x12}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0xb3, 0x70, 0x87, 0x68, 0x0f, 0x0e, 0xdd, 0x5a,
+ 0x52, 0x22, 0x8b, 0x8c, 0x7a, 0xae, 0xa6, 0x64}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+ 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
+ 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33}, 64,
+ /* ct, ct length */
+ {0x3b, 0xb6, 0x17, 0x3e, 0x37, 0x72, 0xd4, 0xb6,
+ 0x2e, 0xef, 0x37, 0xf9, 0xef, 0x07, 0x81, 0xf3,
+ 0x60, 0xb6, 0xc7, 0x4b, 0xe3, 0xbf, 0x6b, 0x37,
+ 0x10, 0x67, 0xbc, 0x1b, 0x09, 0x0d, 0x9d, 0x66,
+ 0x22, 0xa1, 0xfb, 0xec, 0x6a, 0xc4, 0x71, 0xb3,
+ 0x34, 0x9c, 0xd4, 0x27, 0x7a, 0x10, 0x1d, 0x40,
+ 0x89, 0x0f, 0xbf, 0x27, 0xdf, 0xdc, 0xd0, 0xb4,
+ 0xe3, 0x78, 0x1f, 0x98, 0x06, 0xda, 0xab, 0xb6}, 64,
+ /* tag, tag length */
+ {0xa0, 0x49, 0x87, 0x45, 0xe5, 0x99, 0x99, 0xdd,
+ 0xc3, 0x2d, 0x5b, 0x14, 0x02, 0x41, 0x12, 0x4e}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x4f, 0x80, 0x2d, 0xa6, 0x2a, 0x38, 0x45, 0x55,
+ 0xa1, 0x9b, 0xc2, 0xb3, 0x82, 0xeb, 0x25, 0xaf}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+ 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
+ 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
+ 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+ 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44}, 80,
+ /* ct, ct length */
+ {0xe9, 0xb0, 0xbb, 0x88, 0x57, 0x81, 0x8c, 0xe3,
+ 0x20, 0x1c, 0x36, 0x90, 0xd2, 0x1d, 0xaa, 0x7f,
+ 0x26, 0x4f, 0xb8, 0xee, 0x93, 0xcc, 0x7a, 0x46,
+ 0x74, 0xea, 0x2f, 0xc3, 0x2b, 0xf1, 0x82, 0xfb,
+ 0x2a, 0x7e, 0x8a, 0xd5, 0x15, 0x07, 0xad, 0x4f,
+ 0x31, 0xce, 0xfc, 0x23, 0x56, 0xfe, 0x79, 0x36,
+ 0xa7, 0xf6, 0xe1, 0x9f, 0x95, 0xe8, 0x8f, 0xdb,
+ 0xf1, 0x76, 0x20, 0x91, 0x6d, 0x3a, 0x6f, 0x3d,
+ 0x01, 0xfc, 0x17, 0xd3, 0x58, 0x67, 0x2f, 0x77,
+ 0x7f, 0xd4, 0x09, 0x92, 0x46, 0xe4, 0x36, 0xe1}, 80,
+ /* tag, tag length */
+ {0x67, 0x91, 0x0b, 0xe7, 0x44, 0xb8, 0x31, 0x5a,
+ 0xe0, 0xeb, 0x61, 0x24, 0x59, 0x0c, 0x5d, 0x8b}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0xb6, 0x7b, 0x1a, 0x6e, 0xfd, 0xd4, 0x0d, 0x37,
+ 0x08, 0x0f, 0xbe, 0x8f, 0x80, 0x47, 0xae, 0xb9}, 16,
+ /* iv, iv length */
+ {0xfa, 0x29, 0x4b, 0x12, 0x99, 0x72, 0xf7, 0xfc,
+ 0x5b, 0xbd, 0x5b, 0x96, 0xbb, 0xa8, 0x37, 0xc9}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x00}, 0,
+ /* ct, ct length */
+ {0x00}, 0,
+ /* tag, tag length */
+ {0xb1, 0x4b, 0x64, 0xfb, 0x58, 0x98, 0x99, 0x69,
+ 0x95, 0x70, 0xcc, 0x91, 0x60, 0xe3, 0x98, 0x96}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x20, 0x9e, 0x6d, 0xbf, 0x2a, 0xd2, 0x6a, 0x10,
+ 0x54, 0x45, 0xfc, 0x02, 0x07, 0xcd, 0x9e, 0x9a}, 16,
+ /* iv, iv length */
+ {0x94, 0x77, 0x84, 0x9d, 0x6c, 0xcd, 0xfc, 0xa1,
+ 0x12, 0xd9, 0x2e, 0x53, 0xfa, 0xe4, 0xa7, 0xca}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x01}, 1,
+ /* ct, ct length */
+ {0x1d}, 1,
+ /* tag, tag length */
+ {0x52, 0xa5, 0xf6, 0x00, 0xfe, 0x53, 0x38, 0x02,
+ 0x6a, 0x7c, 0xb0, 0x9c, 0x11, 0x64, 0x00, 0x82}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0xa5, 0x49, 0x44, 0x2e, 0x35, 0x15, 0x40, 0x32,
+ 0xd0, 0x7c, 0x86, 0x66, 0x00, 0x6a, 0xa6, 0xa2}, 16,
+ /* iv, iv length */
+ {0x51, 0x71, 0x52, 0x45, 0x68, 0xe8, 0x1d, 0x97,
+ 0xe8, 0xc4, 0xde, 0x4b, 0xa5, 0x6c, 0x10, 0xa0}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x11, 0x82, 0xe9, 0x35, 0x96, 0xca, 0xc5, 0x60,
+ 0x89, 0x46, 0x40, 0x0b, 0xc7, 0x3f, 0x3a}, 15,
+ /* ct, ct length */
+ {0xd7, 0xb8, 0xa6, 0xb4, 0x3d, 0x2e, 0x9f, 0x98,
+ 0xc2, 0xb4, 0x4c, 0xe5, 0xe3, 0xcf, 0xdb}, 15,
+ /* tag, tag length */
+ {0x1b, 0xdd, 0x52, 0xfc, 0x98, 0x7d, 0xaf, 0x0e,
+ 0xe1, 0x92, 0x34, 0xc9, 0x05, 0xea, 0x64, 0x5f}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x95, 0x8b, 0xcd, 0xb6, 0x6a, 0x39, 0x52, 0xb5,
+ 0x37, 0x01, 0x58, 0x2a, 0x68, 0xa0, 0xe4, 0x74}, 16,
+ /* iv, iv length */
+ {0x0e, 0x6e, 0xc8, 0x79, 0xb0, 0x2c, 0x6f, 0x51,
+ 0x69, 0x76, 0xe3, 0x58, 0x98, 0x42, 0x8d, 0xa7}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x14, 0x04, 0x15, 0x82, 0x3e, 0xcc, 0x89, 0x32,
+ 0xa0, 0x58, 0x38, 0x4b, 0x73, 0x8e, 0xa6, 0xea,
+ 0x6d, 0x4d, 0xfe, 0x3b, 0xbe, 0xee}, 22,
+ /* ct, ct length */
+ {0x73, 0xe5, 0xc6, 0xf0, 0xe7, 0x03, 0xa5, 0x2d,
+ 0x02, 0xf7, 0xf7, 0xfa, 0xeb, 0x1b, 0x77, 0xfd,
+ 0x4f, 0xd0, 0xcb, 0x42, 0x1e, 0xaf}, 22,
+ /* tag, tag length */
+ {0x6c, 0x15, 0x4a, 0x85, 0x96, 0x8e, 0xdd, 0x74,
+ 0x77, 0x65, 0x75, 0xa4, 0x45, 0x0b, 0xd8, 0x97}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x96, 0x5b, 0x75, 0x7b, 0xa5, 0x01, 0x8a, 0x8d,
+ 0x66, 0xed, 0xc7, 0x8e, 0x0c, 0xee, 0xe8, 0x6b}, 16,
+ /* iv, iv length */
+ {0x2e, 0x35, 0x90, 0x1a, 0xe7, 0xd4, 0x91, 0xee,
+ 0xcc, 0x88, 0x38, 0xfe, 0xdd, 0x63, 0x14, 0x05}, 16,
+ /* aad, aad length */
+ {0xdf, 0x10, 0xd0, 0xd2, 0x12, 0x24, 0x24, 0x50}, 8,
+ /* msg, msg length */
+ {0x36, 0xe5, 0x7a, 0x76, 0x39, 0x58, 0xb0, 0x2c,
+ 0xea, 0x9d, 0x6a, 0x67, 0x6e, 0xbc, 0xe8, 0x1f}, 16,
+ /* ct, ct length */
+ {0x93, 0x6b, 0x69, 0xb6, 0xc9, 0x55, 0xad, 0xfd,
+ 0x15, 0x53, 0x9b, 0x9b, 0xe4, 0x98, 0x9c, 0xb6}, 16,
+ /* tag, tag length */
+ {0xee, 0x15, 0xa1, 0x45, 0x4e, 0x88, 0xfa, 0xad,
+ 0x8e, 0x48, 0xa8, 0xdf, 0x29, 0x83, 0xb4, 0x25}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x88, 0xd0, 0x20, 0x33, 0x78, 0x1c, 0x7b, 0x41,
+ 0x64, 0x71, 0x1a, 0x05, 0x42, 0x0f, 0x25, 0x6e}, 16,
+ /* iv, iv length */
+ {0x7f, 0x29, 0x85, 0x29, 0x63, 0x15, 0x50, 0x7a,
+ 0xa4, 0xc0, 0xa9, 0x3d, 0x5c, 0x12, 0xbd, 0x77}, 16,
+ /* aad, aad length */
+ {0x7c, 0x57, 0x1d, 0x2f, 0xbb, 0x5f, 0x62, 0x52,
+ 0x3c, 0x0e, 0xb3, 0x38, 0xbe, 0xf9, 0xa9}, 15,
+ /* msg, msg length */
+ {0xd9, 0x8a, 0xdc, 0x03, 0xd9, 0xd5, 0x82, 0x73,
+ 0x2e, 0xb0, 0x7d, 0xf2, 0x3d, 0x7b, 0x9f, 0x74}, 16,
+ /* ct, ct length */
+ {0x67, 0xca, 0xac, 0x35, 0x44, 0x3a, 0x31, 0x38,
+ 0xd2, 0xcb, 0x81, 0x1f, 0x0c, 0xe0, 0x4d, 0xd2}, 16,
+ /* tag, tag length */
+ {0xb7, 0x96, 0x8e, 0x0b, 0x56, 0x40, 0xe3, 0xb2,
+ 0x36, 0x56, 0x96, 0x53, 0x20, 0x8b, 0x9d, 0xeb}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x51, 0x58, 0x40, 0xcf, 0x67, 0xd2, 0xe4, 0x0e,
+ 0xb6, 0x5e, 0x54, 0xa2, 0x4c, 0x72, 0xcb, 0xf2}, 16,
+ /* iv, iv length */
+ {0xbf, 0x47, 0xaf, 0xdf, 0xd4, 0x92, 0x13, 0x7a,
+ 0x24, 0x23, 0x6b, 0xc3, 0x67, 0x97, 0xa8, 0x8e}, 16,
+ /* aad, aad length */
+ {0x16, 0x84, 0x3c, 0x09, 0x1d, 0x43, 0xb0, 0xa1,
+ 0x91, 0xd0, 0xc7, 0x3d, 0x15, 0x60, 0x1b, 0xe9}, 16,
+ /* msg, msg length */
+ {0xc8, 0x34, 0x58, 0x8c, 0xb6, 0xda, 0xf9, 0xf0,
+ 0x6d, 0xd2, 0x35, 0x19, 0xf4, 0xbe, 0x9f, 0x56}, 16,
+ /* ct, ct length */
+ {0x20, 0x0a, 0xc4, 0x51, 0xfb, 0xeb, 0x0f, 0x61,
+ 0x51, 0xd6, 0x15, 0x83, 0xa4, 0x3b, 0x73, 0x43}, 16,
+ /* tag, tag length */
+ {0x2a, 0xd4, 0x3e, 0x4c, 0xaa, 0x51, 0x98, 0x3a,
+ 0x9d, 0x4d, 0x24, 0x48, 0x1b, 0xf4, 0xc8, 0x39}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x2e, 0x44, 0x92, 0xd4, 0x44, 0xe5, 0xb6, 0xf4,
+ 0xce, 0xc8, 0xc2, 0xd3, 0x61, 0x5a, 0xc8, 0x58}, 16,
+ /* iv, iv length */
+ {0xd0, 0x2b, 0xf0, 0x76, 0x3a, 0x9f, 0xef, 0xbf,
+ 0x70, 0xc3, 0x3a, 0xee, 0x1e, 0x9d, 0xa1, 0xd6}, 16,
+ /* aad, aad length */
+ {0x90, 0x4d, 0x86, 0xf1, 0x33, 0xce, 0xc1, 0x5a,
+ 0x0c, 0x3c, 0xaf, 0x14, 0xd7, 0xe0, 0x29, 0xc8,
+ 0x2a, 0x07, 0x70, 0x5a, 0x23, 0xf0, 0xd0, 0x80}, 24,
+ /* msg, msg length */
+ {0x9e, 0x62, 0xd6, 0x51, 0x1b, 0x0b, 0xda, 0x7d,
+ 0xd7, 0x74, 0x0b, 0x61, 0x4d, 0x97, 0xba, 0xe0}, 16,
+ /* ct, ct length */
+ {0x27, 0xc6, 0xe9, 0xa6, 0x53, 0xc5, 0x25, 0x3c,
+ 0xa1, 0xc5, 0x67, 0x3f, 0x97, 0xb9, 0xb3, 0x3e}, 16,
+ /* tag, tag length */
+ {0x2d, 0x58, 0x12, 0x71, 0xe1, 0xfa, 0x9e, 0x36,
+ 0x86, 0x13, 0x6c, 0xaa, 0x8f, 0x4d, 0x6c, 0x8e}, 16,
+ /* valid */
+ 1,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe4, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0x66, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0f, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x12, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x11, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0xd2, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0xb8, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb0, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9a, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x99, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x1b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa6}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa5}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xe7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0x72,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0x19, 0xf1, 0x83, 0xaf, 0xec, 0x59, 0x24, 0x0d,
+ 0xad, 0x67, 0x4e, 0x6d, 0x64, 0x3c, 0xa9, 0x58}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0x66, 0x8e, 0xfc, 0xd0, 0x93, 0x26, 0x5b, 0x72,
+ 0xd2, 0x18, 0x31, 0x12, 0x1b, 0x43, 0xd6, 0x27}, 16,
+ /* valid */
+ 0,
+ },
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0x00}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct, ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe7, 0x0f, 0x7d, 0x51, 0x12, 0xa7, 0xda, 0xf3,
+ 0x53, 0x99, 0xb0, 0x93, 0x9a, 0xc2, 0x57, 0xa6}, 16,
+ /* valid */
+ 0,
+ },
+ };
+
+ byte ciphertext[sizeof(vectors[0].ct)];
+ byte authtag[sizeof(vectors[0].tag)];
+ int i;
+ int len;
+ int ret;
+
+
+ for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) {
+
+ XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+ len = sizeof(authtag);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(vectors[i].key, vectors[i].key_length,
+ ciphertext,
+ vectors[i].msg, vectors[i].msg_length,
+ vectors[i].iv, vectors[i].iv_length,
+ authtag, len,
+ vectors[i].aad, vectors[i].aad_length),
+ 0);
+
+ /* check ciphertext matches vector */
+ ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].ct, vectors[i].ct_length),
+ 0);
+
+ /* check that computed tag matches vector only for vectors marked as valid */
+ ret = XMEMCMP(authtag, vectors[i].tag, len);
+ if (vectors[i].valid) {
+ ExpectIntEQ(ret, 0);
}
- if (ccmE == BAD_FUNC_ARG) {
- ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
- iv, sizeof(iv), NULL, sizeof(authTag),
- authIn , sizeof(authIn));
+ else {
+ ExpectIntNE(ret, 0);
}
- if (ccmE == BAD_FUNC_ARG) {
- ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
- iv, sizeof(iv) + 1, authTag, sizeof(authTag),
- authIn , sizeof(authIn));
+
+ XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+ /* Decrypt, checking that the computed auth tags match */
+ ExpectIntEQ(wc_AesEaxDecryptAuth(vectors[i].key, vectors[i].key_length,
+ ciphertext,
+ vectors[i].ct, vectors[i].ct_length,
+ vectors[i].iv, vectors[i].iv_length,
+ authtag, len,
+ vectors[i].aad, vectors[i].aad_length),
+ 0);
+
+ /* check decrypted ciphertext matches vector plaintext */
+ ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].msg, vectors[i].msg_length),
+ 0);
+ }
+ return EXPECT_RESULT();
+} /* END test_wc_AesEaxVectors */
+
+
+/*
+ * Testing test_wc_AesEaxEncryptAuth()
+ */
+static int test_wc_AesEaxEncryptAuth(void)
+{
+ EXPECT_DECLS;
+
+ const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+ const byte iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+ const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
+ const byte msg[] = {0x00, 0x01, 0x02, 0x03, 0x04};
+
+ byte ciphertext[sizeof(msg)];
+ byte authtag[AES_BLOCK_SIZE];
+ int i;
+ int len;
+
+ len = sizeof(authtag);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ ciphertext,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ 0);
+
+ /* Test null checking */
+ ExpectIntEQ(wc_AesEaxEncryptAuth(NULL, sizeof(key),
+ ciphertext,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ NULL,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ ciphertext,
+ NULL, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ ciphertext,
+ msg, sizeof(msg),
+ NULL, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ ciphertext,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ NULL, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ ciphertext,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ NULL, sizeof(aad)),
+ BAD_FUNC_ARG);
+
+ /* Test bad key lengths */
+ for (i = 0; i <= 32; i++) {
+ int exp_ret;
+ if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE
+ || i == AES_256_KEY_SIZE) {
+ exp_ret = 0;
}
- if (ccmE == BAD_FUNC_ARG) {
- ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
- iv, sizeof(iv) - 7, authTag, sizeof(authTag),
- authIn , sizeof(authIn));
+ else {
+ exp_ret = BAD_FUNC_ARG;
}
- if (ccmE != BAD_FUNC_ARG) {
- ccmE = WOLFSSL_FATAL_ERROR;
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, i,
+ ciphertext,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ exp_ret);
+ }
+
+
+ /* Test auth tag size out of range */
+ len = AES_BLOCK_SIZE + 1;
+ ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+ ciphertext,
+ msg, sizeof(msg),
+ iv, sizeof(iv),
+ authtag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+
+ return EXPECT_RESULT();
+} /* END test_wc_AesEaxEncryptAuth() */
+
+
+/*
+ * Testing test_wc_AesEaxDecryptAuth()
+ */
+static int test_wc_AesEaxDecryptAuth(void)
+{
+ EXPECT_DECLS;
+
+ const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+ const byte iv[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+ 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+ const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
+ const byte ct[] = {0x00, 0x01, 0x02, 0x03, 0x04};
+ /* Garbage tag that should always fail for above aad */
+ const byte tag[] = {0xFE, 0xED, 0xBE, 0xEF, 0xDE, 0xAD, 0xC0, 0xDE,
+ 0xCA, 0xFE, 0xBE, 0xEF, 0xDE, 0xAF, 0xBE, 0xEF};
+
+ byte plaintext[sizeof(ct)];
+ int i;
+ int len;
+
+ len = sizeof(tag);
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ plaintext,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ AES_EAX_AUTH_E);
+
+ /* Test null checking */
+ ExpectIntEQ(wc_AesEaxDecryptAuth(NULL, sizeof(key),
+ plaintext,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ NULL,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ plaintext,
+ NULL, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ plaintext,
+ ct, sizeof(ct),
+ NULL, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ plaintext,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ NULL, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ plaintext,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ NULL, sizeof(aad)),
+ BAD_FUNC_ARG);
+
+ /* Test bad key lengths */
+ for (i = 0; i <= 32; i++) {
+ int exp_ret;
+ if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE
+ || i == AES_256_KEY_SIZE) {
+ exp_ret = AES_EAX_AUTH_E;
}
else {
- ccmE = 0;
+ exp_ret = BAD_FUNC_ARG;
}
- } /* End Encrypt */
- if (ccmE != 0) {
- wc_AesFree(&aes);
- return TEST_FAIL;
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, i,
+ plaintext,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ exp_ret);
}
- #ifdef HAVE_AES_DECRYPT
- /* Pass in bad args. Decrypt*/
- if (ret == 0 && ccmD == 0) {
- ccmD = wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- if (ccmD == BAD_FUNC_ARG) {
- ccmD = wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- }
- if (ccmD == BAD_FUNC_ARG) {
- ccmD = wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut),
- iv, sizeof(iv), authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- }
- if (ccmD == BAD_FUNC_ARG) {
- ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
- sizeof(plainOut), NULL, sizeof(iv),
- authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- }
- if (ccmD == BAD_FUNC_ARG) {
- ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
- sizeof(plainOut), iv, sizeof(iv), NULL,
- sizeof(authTag), authIn, sizeof(authIn));
- }
- if (ccmD == BAD_FUNC_ARG) {
- ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
- sizeof(plainOut), iv, sizeof(iv) + 1,
- authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- }
- if (ccmD == BAD_FUNC_ARG) {
- ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
- sizeof(plainOut), iv, sizeof(iv) - 7,
- authTag, sizeof(authTag),
- authIn, sizeof(authIn));
- }
- if (ccmD != BAD_FUNC_ARG) {
- ccmD = WOLFSSL_FATAL_ERROR;
- }
- else {
- ccmD = 0;
- }
- } /* END Decrypt */
- res = TEST_RES_CHECK(ccmD == 0);
- #endif
- wc_AesFree(&aes);
-#endif /* HAVE_AESCCM */
- return res;
-} /* END test_wc_AesCcmEncryptDecrypt */
+ /* Test auth tag size out of range */
+ len = AES_BLOCK_SIZE + 1;
+ ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+ plaintext,
+ ct, sizeof(ct),
+ iv, sizeof(iv),
+ tag, len,
+ aad, sizeof(aad)),
+ BAD_FUNC_ARG);
+
+ return EXPECT_RESULT();
+} /* END test_wc_AesEaxDecryptAuth() */
+#endif /* WOLFSSL_AES_EAX &&
+ * (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) && !HAVE_SELFTEST
+ */
/*
* Testing wc_InitDsaKey()
*/
static int test_wc_InitDsaKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_DSA
- DsaKey key;
- int ret = 0;
+ DsaKey key;
+
+ XMEMSET(&key, 0, sizeof(DsaKey));
- ret = wc_InitDsaKey(&key);
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_InitDsaKey(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitDsaKey(NULL), BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_InitDsaKey */
@@ -22326,131 +21427,78 @@ static int test_wc_InitDsaKey(void)
*/
static int test_wc_DsaSignVerify(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA)
- DsaKey key;
- WC_RNG rng;
- wc_Sha sha;
- int ret = 0;
- byte signature[DSA_SIG_SIZE];
- byte hash[WC_SHA_DIGEST_SIZE];
- word32 idx = 0;
- word32 bytes;
- int answer;
+ DsaKey key;
+ WC_RNG rng;
+ wc_Sha sha;
+ byte signature[DSA_SIG_SIZE];
+ byte hash[WC_SHA_DIGEST_SIZE];
+ word32 idx = 0;
+ word32 bytes;
+ int answer;
#ifdef USE_CERT_BUFFERS_1024
- byte tmp[ONEK_BUF];
+ byte tmp[ONEK_BUF];
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
- byte tmp[TWOK_BUF];
+ byte tmp[TWOK_BUF];
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
- byte tmp[TWOK_BUF];
+ byte tmp[TWOK_BUF];
+ XFILE fp = XBADFILE;
+
XMEMSET(tmp, 0, sizeof(tmp));
- XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
- if (fp == XBADFILE) {
- return WOLFSSL_BAD_FILE;
- }
- bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+ ExpectTrue((bytes = (word32)XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
- ret = wc_InitSha(&sha);
- if (ret == 0) {
- ret = wc_ShaUpdate(&sha, tmp, bytes);
- if (ret == 0) {
- ret = wc_ShaFinal(&sha, hash);
- }
- if (ret == 0) {
- ret = wc_InitDsaKey(&key);
- }
- if (ret == 0) {
- ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- }
+ ExpectIntEQ(wc_InitSha(&sha), 0);
+ ExpectIntEQ(wc_ShaUpdate(&sha, tmp, bytes), 0);
+ ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
/* Sign. */
- if (ret == 0) {
- ret = wc_DsaSign(hash, signature, &key, &rng);
- }
-
+ ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_DsaSign(NULL, signature, &key, &rng);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaSign(hash, NULL, &key, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaSign(hash, signature, NULL, &rng);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaSign(hash, signature, &key, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (ret == 0) {
- /* Verify. */
- ret = wc_DsaVerify(hash, signature, &key, &answer);
- if (ret != 0 || answer != 1) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- else {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_DsaSign(NULL, signature, &key, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaSign(hash, NULL, &key, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaSign(hash, signature, NULL, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaSign(hash, signature, &key, NULL), BAD_FUNC_ARG);
+ /* Verify. */
+ ExpectIntEQ(wc_DsaVerify(hash, signature, &key, &answer), 0);
+ ExpectIntEQ(answer, 1);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_DsaVerify(NULL, signature, &key, &answer);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaVerify(hash, NULL, &key, &answer);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaVerify(hash, signature, NULL, &answer);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaVerify(hash, signature, &key, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_DsaVerify(NULL, signature, &key, &answer), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaVerify(hash, NULL, &key, &answer), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaVerify(hash, signature, NULL, &answer), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaVerify(hash, signature, &key, NULL), BAD_FUNC_ARG);
#if !defined(HAVE_FIPS) && defined(WOLFSSL_PUBLIC_MP)
/* hard set q to 0 and test fail case */
mp_free(&key.q);
mp_init(&key.q);
- AssertIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
mp_set(&key.q, 1);
- AssertIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
#endif
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
+ DoExpectIntEQ(wc_FreeRng(&rng),0);
wc_FreeDsaKey(&key);
wc_ShaFree(&sha);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaSign */
@@ -22459,95 +21507,55 @@ static int test_wc_DsaSignVerify(void)
*/
static int test_wc_DsaPublicPrivateKeyDecode(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA)
- DsaKey key;
- word32 bytes;
- word32 idx = 0;
- int priv = 0;
- int pub = 0;
- int ret = 0;
-
+ DsaKey key;
+ word32 bytes;
+ word32 idx = 0;
+ int ret;
#ifdef USE_CERT_BUFFERS_1024
- byte tmp[ONEK_BUF];
+ byte tmp[ONEK_BUF];
+
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
- byte tmp[TWOK_BUF];
+ byte tmp[TWOK_BUF];
+
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
- byte tmp[TWOK_BUF];
+ byte tmp[TWOK_BUF];
+ XFILE fp = XBADFILE;
+
XMEMSET(tmp, 0, sizeof(tmp));
- XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
- if (fp == XBADFILE)
- {
- return WOLFSSL_BAD_FILE;
- }
- bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+ ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
- ret = wc_InitDsaKey(&key);
-
- if (ret == 0) {
- priv = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
-
- /* Test bad args. */
- if (priv == 0) {
- priv = wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes);
- if (priv == BAD_FUNC_ARG) {
- priv = wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes);
- }
- if (priv == BAD_FUNC_ARG) {
- priv = wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes);
- }
- if (priv == BAD_FUNC_ARG) {
- priv = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
- }
- if (priv == ASN_PARSE_E || priv == BUFFER_E) {
- priv = 0;
- }
- else {
- priv = WOLFSSL_FATAL_ERROR;
- }
- }
-
- wc_FreeDsaKey(&key);
- ret = wc_InitDsaKey(&key);
- }
-
- if (ret == 0) {
- idx = 0; /* Reset */
- pub = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes);
-
- /* Test bad args. */
- if (pub == 0) {
- pub = wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes);
- if (pub == BAD_FUNC_ARG) {
- pub = wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes);
- }
- if (pub == BAD_FUNC_ARG) {
- pub = wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes);
- }
- if (pub == BAD_FUNC_ARG) {
- pub = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes);
- }
- if (pub == ASN_PARSE_E || pub == BUFFER_E) {
- pub = 0;
- }
- else {
- pub = WOLFSSL_FATAL_ERROR;
- }
- }
-
- } /* END Public Key */
-
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG);
+ ExpectIntLT(ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+ ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E));
wc_FreeDsaKey(&key);
- res = TEST_RES_CHECK(ret == 0 && pub == 0 && priv == 0);
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ idx = 0; /* Reset */
+ ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG);
+ ExpectIntLT(ret = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0);
+ ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E));
+ wc_FreeDsaKey(&key);
#endif /* !NO_DSA */
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaPublicPrivateKeyDecode */
@@ -22557,67 +21565,33 @@ static int test_wc_DsaPublicPrivateKeyDecode(void)
*/
static int test_wc_MakeDsaKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
- DsaKey genKey;
- WC_RNG rng;
- int ret = 0;
+ DsaKey genKey;
+ WC_RNG rng;
- XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&genKey, 0, sizeof(genKey));
+ XMEMSET(&rng, 0, sizeof(rng));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_InitDsaKey(&genKey);
- }
+ ExpectIntEQ(wc_InitDsaKey(&genKey), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- if (ret == 0) {
- ret = wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey);
- }
+ ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_MakeDsaParameters(&rng, ONEK_BUF, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (ret == 0) {
- ret = wc_MakeDsaKey(&rng, &genKey);
- }
+ ExpectIntEQ(wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_MakeDsaKey(&rng, &genKey), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_MakeDsaKey(NULL, &genKey);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_MakeDsaKey(&rng, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FAILURE;
- }
+ ExpectIntEQ(wc_MakeDsaKey(NULL, &genKey), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_MakeDsaKey(&rng, NULL), BAD_FUNC_ARG);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_FreeDsaKey(&genKey);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_MakeDsaKey */
/*
@@ -22625,88 +21599,54 @@ static int test_wc_MakeDsaKey(void)
*/
static int test_wc_DsaKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
- DsaKey genKey;
- WC_RNG rng;
- word32 bytes;
- word32 idx = 0;
- int ret = 0;
+ DsaKey key;
+ word32 bytes;
+ word32 idx = 0;
#ifdef USE_CERT_BUFFERS_1024
- byte tmp[ONEK_BUF];
- byte der[ONEK_BUF];
+ byte tmp[ONEK_BUF];
+ byte der[ONEK_BUF];
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(der, 0, sizeof(der));
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
bytes = sizeof_dsa_key_der_1024;
#elif defined(USE_CERT_BUFFERS_2048)
- byte tmp[TWOK_BUF];
- byte der[TWOK_BUF];
+ byte tmp[TWOK_BUF];
+ byte der[TWOK_BUF];
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(der, 0, sizeof(der));
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
bytes = sizeof_dsa_key_der_2048;
#else
- byte tmp[TWOK_BUF];
- byte der[TWOK_BUF];
+ byte tmp[TWOK_BUF];
+ byte der[TWOK_BUF];
+ XFILE fp = XBADFILE;
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMSET(der, 0, sizeof(der));
- XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
- if (fp == XBADFILE) {
- return WOLFSSL_BAD_FILE;
- }
- bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+ ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&genKey, 0, sizeof(genKey));
+ XMEMSET(&key, 0, sizeof(DsaKey));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_InitDsaKey(&genKey);
- }
- if (ret == 0) {
- ret = wc_MakeDsaParameters(&rng, sizeof(tmp), &genKey);
- if (ret == 0) {
- wc_FreeDsaKey(&genKey);
- ret = wc_InitDsaKey(&genKey);
- }
- }
- if (ret == 0) {
- ret = wc_DsaPrivateKeyDecode(tmp, &idx, &genKey, bytes);
- }
-
- if (ret == 0) {
- ret = wc_DsaKeyToDer(&genKey, der, bytes);
- if ( ret >= 0 && ( ret = XMEMCMP(der, tmp, bytes) ) == 0 ) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+ ExpectIntGE(wc_DsaKeyToDer(&key, der, bytes), 0);
+ ExpectIntEQ(XMEMCMP(der, tmp, bytes), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_DsaKeyToDer(NULL, der, FOURK_BUF);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaKeyToDer(&genKey, NULL, FOURK_BUF);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_DsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaKeyToDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- wc_FreeDsaKey(&genKey);
-
- res = TEST_RES_CHECK(ret == 0);
+ wc_FreeDsaKey(&key);
#endif /* !NO_DSA && WOLFSSL_KEY_GEN */
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaKeyToDer */
@@ -22716,89 +21656,47 @@ static int test_wc_DsaKeyToDer(void)
*/
static int test_wc_DsaKeyToPublicDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef HAVE_SELFTEST
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
- DsaKey genKey;
- WC_RNG rng;
- byte* der;
- word32 sz;
- int ret = 0;
+ DsaKey key;
+ WC_RNG rng;
+ byte* der = NULL;
+ word32 sz = 0;
+ word32 idx = 0;
- der = (byte*)XMALLOC(ONEK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_InitDsaKey(&genKey);
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey);
- }
- if (ret == 0) {
- ret = wc_MakeDsaKey(&rng, &genKey);
- }
+ XMEMSET(&key, 0, sizeof(DsaKey));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectNotNull(der = (byte*)XMALLOC(ONEK_BUF, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &key), 0);
+ ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
+
+ ExpectIntGE(sz = wc_DsaKeyToPublicDer(&key, der, ONEK_BUF), 0);
+ wc_FreeDsaKey(&key);
+
+ idx = 0;
+ ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0);
- if (ret == 0) {
- ret = wc_DsaKeyToPublicDer(&genKey, der, ONEK_BUF);
- if (ret >= 0) {
- sz = ret;
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- word32 idx = 0;
- wc_FreeDsaKey(&genKey);
- ret = wc_DsaPublicKeyDecode(der, &idx, &genKey, sz);
- }
/* Test without the SubjectPublicKeyInfo header */
- if (ret == 0) {
- ret = wc_SetDsaPublicKey(der, &genKey, ONEK_BUF, 0);
- if (ret >= 0) {
- sz = ret;
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- word32 idx = 0;
- wc_FreeDsaKey(&genKey);
- ret = wc_DsaPublicKeyDecode(der, &idx, &genKey, sz);
- }
+ ExpectIntGE(sz = wc_SetDsaPublicKey(der, &key, ONEK_BUF, 0), 0);
+ wc_FreeDsaKey(&key);
+ idx = 0;
+ ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_DsaKeyToPublicDer(NULL, der, FOURK_BUF);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_DsaKeyToPublicDer(&genKey, NULL, FOURK_BUF);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_DsaKeyToPublicDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DsaKeyToPublicDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_FreeDsaKey(&key);
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- wc_FreeDsaKey(&genKey);
-
- res = TEST_RES_CHECK(ret == 0);
#endif /* !NO_DSA && WOLFSSL_KEY_GEN */
#endif /* !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaKeyToPublicDer */
@@ -22807,11 +21705,9 @@ static int test_wc_DsaKeyToPublicDer(void)
*/
static int test_wc_DsaImportParamsRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA)
- DsaKey key;
- int ret = 0;
-
+ DsaKey key;
/* [mod = L=1024, N=160], from CAVP KeyPair */
const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
"4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
@@ -22826,44 +21722,28 @@ static int test_wc_DsaImportParamsRaw(void)
"07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
"61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
"76341a7e7d9";
-
/* invalid p and q parameters */
const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
const char* invalidQ = "96c5390a";
- ret = wc_InitDsaKey(&key);
- if (ret == 0) {
- ret = wc_DsaImportParamsRaw(&key, p, q, g);
- }
-
- /* test bad args */
- if (ret == 0) {
- /* null key struct */
- ret = wc_DsaImportParamsRaw(NULL, p, q, g);
- if (ret == BAD_FUNC_ARG) {
- /* null param pointers */
- ret = wc_DsaImportParamsRaw(&key, NULL, NULL, NULL);
- }
-
- if (ret == BAD_FUNC_ARG) {
- /* illegal p length */
- ret = wc_DsaImportParamsRaw(&key, invalidP, q, g);
- }
+ XMEMSET(&key, 0, sizeof(DsaKey));
- if (ret == BAD_FUNC_ARG) {
- /* illegal q length */
- ret = wc_DsaImportParamsRaw(&key, p, invalidQ, g);
- if (ret == BAD_FUNC_ARG)
- ret = 0;
- }
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0);
- }
+ /* test bad args */
+ /* null key struct */
+ ExpectIntEQ(wc_DsaImportParamsRaw(NULL, p, q, g), BAD_FUNC_ARG);
+ /* null param pointers */
+ ExpectIntEQ(wc_DsaImportParamsRaw(&key, NULL, NULL, NULL), BAD_FUNC_ARG);
+ /* illegal p length */
+ ExpectIntEQ(wc_DsaImportParamsRaw(&key, invalidP, q, g), BAD_FUNC_ARG);
+ /* illegal q length */
+ ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, invalidQ, g), BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaImportParamsRaw */
@@ -22872,11 +21752,10 @@ static int test_wc_DsaImportParamsRaw(void)
*/
static int test_wc_DsaImportParamsRawCheck(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
- DsaKey key;
- int ret = 0;
- int trusted = 0;
+ DsaKey key;
+ int trusted = 0;
/* [mod = L=1024, N=160], from CAVP KeyPair */
const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
"4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
@@ -22891,44 +21770,30 @@ static int test_wc_DsaImportParamsRawCheck(void)
"07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
"61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
"76341a7e7d9";
-
/* invalid p and q parameters */
const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
const char* invalidQ = "96c5390a";
- ret = wc_InitDsaKey(&key);
- if (ret == 0) {
- ret = wc_DsaImportParamsRawCheck(&key, p, q, g, trusted, NULL);
- }
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, q, g, trusted, NULL), 0);
/* test bad args */
- if (ret == 0) {
- /* null key struct */
- ret = wc_DsaImportParamsRawCheck(NULL, p, q, g, trusted, NULL);
- if (ret == BAD_FUNC_ARG) {
- /* null param pointers */
- ret = wc_DsaImportParamsRawCheck(&key, NULL, NULL, NULL, trusted, NULL);
- }
-
- if (ret == BAD_FUNC_ARG) {
- /* illegal p length */
- ret = wc_DsaImportParamsRawCheck(&key, invalidP, q, g, trusted, NULL);
- }
-
- if (ret == BAD_FUNC_ARG) {
- /* illegal q length */
- ret = wc_DsaImportParamsRawCheck(&key, p, invalidQ, g, trusted, NULL);
- if (ret == BAD_FUNC_ARG)
- ret = 0;
- }
-
- }
+ /* null key struct */
+ ExpectIntEQ(wc_DsaImportParamsRawCheck(NULL, p, q, g, trusted, NULL),
+ BAD_FUNC_ARG);
+ /* null param pointers */
+ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, NULL, NULL, NULL, trusted,
+ NULL), BAD_FUNC_ARG);
+ /* illegal p length */
+ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, invalidP, q, g, trusted, NULL),
+ BAD_FUNC_ARG);
+ /* illegal q length */
+ ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, invalidQ, g, trusted, NULL),
+ BAD_FUNC_ARG);
wc_FreeDsaKey(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaImportParamsRawCheck */
/*
@@ -22936,11 +21801,9 @@ static int test_wc_DsaImportParamsRawCheck(void)
*/
static int test_wc_DsaExportParamsRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA)
- DsaKey key;
- int ret = 0;
-
+ DsaKey key;
/* [mod = L=1024, N=160], from CAVP KeyPair */
const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
"4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
@@ -22955,7 +21818,6 @@ static int test_wc_DsaExportParamsRaw(void)
"07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
"61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
"76341a7e7d9";
-
const char* pCompare = "\xd3\x83\x11\xe2\xcd\x38\x8c\x3e\xd6\x98\xe8\x2f"
"\xdf\x88\xeb\x92\xb5\xa9\xa4\x83\xdc\x88\x00\x5d"
"\x4b\x72\x5e\xf3\x41\xea\xbb\x47\xcf\x8a\x7a\x8a"
@@ -22980,84 +21842,56 @@ static int test_wc_DsaExportParamsRaw(void)
"\xb0\x0c\x61\xd3\x9e\x7d\xa8\x90\x22\x91\xc4\x43"
"\x4a\x4e\x22\x24\xc3\xf4\xfd\x9f\x93\xcd\x6f\x4f"
"\x17\xfc\x07\x63\x41\xa7\xe7\xd9";
-
byte pOut[MAX_DSA_PARAM_SIZE];
byte qOut[MAX_DSA_PARAM_SIZE];
byte gOut[MAX_DSA_PARAM_SIZE];
- word32 pOutSz, qOutSz, gOutSz;
-
- ret = wc_InitDsaKey(&key);
- if (ret == 0) {
- /* first test using imported raw parameters, for expected */
- ret = wc_DsaImportParamsRaw(&key, p, q, g);
- }
-
- if (ret == 0) {
- pOutSz = sizeof(pOut);
- qOutSz = sizeof(qOut);
- gOutSz = sizeof(gOut);
- ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
- gOut, &gOutSz);
- }
-
- if (ret == 0) {
- /* validate exported parameters are correct */
- if ((XMEMCMP(pOut, pCompare, pOutSz) != 0) ||
- (XMEMCMP(qOut, qCompare, qOutSz) != 0) ||
- (XMEMCMP(gOut, gCompare, gOutSz) != 0) ) {
- ret = -1;
- }
- }
+ word32 pOutSz;
+ word32 qOutSz;
+ word32 gOutSz;
+
+ XMEMSET(&key, 0, sizeof(DsaKey));
+
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ /* first test using imported raw parameters, for expected */
+ ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0);
+ pOutSz = sizeof(pOut);
+ qOutSz = sizeof(qOut);
+ gOutSz = sizeof(gOut);
+ ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+ &gOutSz), 0);
+ /* validate exported parameters are correct */
+ ExpectIntEQ(XMEMCMP(pOut, pCompare, pOutSz), 0);
+ ExpectIntEQ(XMEMCMP(qOut, qCompare, qOutSz), 0);
+ ExpectIntEQ(XMEMCMP(gOut, gCompare, gOutSz), 0);
/* test bad args */
- if (ret == 0) {
- /* null key struct */
- ret = wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz,
- gOut, &gOutSz);
-
- if (ret == BAD_FUNC_ARG) {
- /* null output pointers */
- ret = wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz,
- NULL, &gOutSz);
- }
-
- if (ret == LENGTH_ONLY_E) {
- /* null output size pointers */
- ret = wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL,
- gOut, NULL);
- }
-
- if (ret == BAD_FUNC_ARG) {
- /* p output buffer size too small */
- pOutSz = 1;
- ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
- gOut, &gOutSz);
- pOutSz = sizeof(pOut);
- }
-
- if (ret == BUFFER_E) {
- /* q output buffer size too small */
- qOutSz = 1;
- ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
- gOut, &gOutSz);
- qOutSz = sizeof(qOut);
- }
-
- if (ret == BUFFER_E) {
- /* g output buffer size too small */
- gOutSz = 1;
- ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
- gOut, &gOutSz);
- if (ret == BUFFER_E)
- ret = 0;
- }
- }
+ /* null key struct */
+ ExpectIntEQ(wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz, gOut,
+ &gOutSz), BAD_FUNC_ARG);
+ /* null output pointers */
+ ExpectIntEQ(wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz, NULL,
+ &gOutSz), LENGTH_ONLY_E);
+ /* null output size pointers */
+ ExpectIntEQ( wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL, gOut,
+ NULL), BAD_FUNC_ARG);
+ /* p output buffer size too small */
+ pOutSz = 1;
+ ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+ &gOutSz), BUFFER_E);
+ pOutSz = sizeof(pOut);
+ /* q output buffer size too small */
+ qOutSz = 1;
+ ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+ &gOutSz), BUFFER_E);
+ qOutSz = sizeof(qOut);
+ /* g output buffer size too small */
+ gOutSz = 1;
+ ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+ &gOutSz), BUFFER_E);
wc_FreeDsaKey(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaExportParamsRaw */
/*
@@ -23065,77 +21899,51 @@ static int test_wc_DsaExportParamsRaw(void)
*/
static int test_wc_DsaExportKeyRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
- DsaKey key;
- WC_RNG rng;
- int ret = 0;
-
+ DsaKey key;
+ WC_RNG rng;
byte xOut[MAX_DSA_PARAM_SIZE];
byte yOut[MAX_DSA_PARAM_SIZE];
word32 xOutSz, yOutSz;
- XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
+ XMEMSET(&rng, 0, sizeof(rng));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_InitDsaKey(&key);
- }
-
- if (ret == 0) {
- ret = wc_MakeDsaParameters(&rng, 1024, &key);
-
- if (ret == 0) {
- ret = wc_MakeDsaKey(&rng, &key);
- }
- }
+ ExpectIntEQ(wc_InitDsaKey(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_MakeDsaParameters(&rng, 1024, &key), 0);
+ ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
/* try successful export */
- if (ret == 0) {
- xOutSz = sizeof(xOut);
- yOutSz = sizeof(yOut);
- ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
- }
+ xOutSz = sizeof(xOut);
+ yOutSz = sizeof(yOut);
+ ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), 0);
/* test bad args */
- if (ret == 0) {
- /* null key struct */
- ret = wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz);
-
- if (ret == BAD_FUNC_ARG) {
- /* null output pointers */
- ret = wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz);
- }
-
- if (ret == LENGTH_ONLY_E) {
- /* null output size pointers */
- ret = wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL);
- }
-
- if (ret == BAD_FUNC_ARG) {
- /* x output buffer size too small */
- xOutSz = 1;
- ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
- xOutSz = sizeof(xOut);
- }
-
- if (ret == BUFFER_E) {
- /* y output buffer size too small */
- yOutSz = 1;
- ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
-
- if (ret == BUFFER_E)
- ret = 0;
- }
- }
-
+ /* null key struct */
+ ExpectIntEQ(wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz),
+ BAD_FUNC_ARG);
+ /* null output pointers */
+ ExpectIntEQ(wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz),
+ LENGTH_ONLY_E);
+ /* null output size pointers */
+ ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL),
+ BAD_FUNC_ARG);
+ /* x output buffer size too small */
+ xOutSz = 1;
+ ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
+ BUFFER_E);
+ xOutSz = sizeof(xOut);
+ /* y output buffer size too small */
+ yOutSz = 1;
+ ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
+ BUFFER_E);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_FreeDsaKey(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_DsaExportParamsRaw */
@@ -23144,89 +21952,59 @@ static int test_wc_DsaExportKeyRaw(void)
*/
static int test_wc_ed25519_make_key(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_ED25519)
- ed25519_key key;
- WC_RNG rng;
- unsigned char pubkey[ED25519_PUB_KEY_SIZE];
- int ret = 0;
+ EXPECT_DECLS;
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
+ ed25519_key key;
+ WC_RNG rng;
+ unsigned char pubkey[ED25519_PUB_KEY_SIZE+1];
+ int pubkey_sz = ED25519_PUB_KEY_SIZE;
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ed25519_init(&key);
- }
- if (ret == 0) {
- ret = wc_ed25519_make_public(&key, pubkey, sizeof(pubkey));
- if (ret == ECC_PRIV_KEY_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = -1;
- }
- }
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
- }
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ed25519_free(&key);
+ ExpectIntEQ(wc_ed25519_make_public(&key, pubkey, pubkey_sz),
+ ECC_PRIV_KEY_E);
+ ExpectIntEQ(wc_ed25519_make_public(&key, pubkey+1, pubkey_sz),
+ ECC_PRIV_KEY_E);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
- res = TEST_RES_CHECK(ret == 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key),
+ BAD_FUNC_ARG);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ed25519_free(&key);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_make_key */
-
/*
* Testing wc_ed25519_init()
*/
static int test_wc_ed25519_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519)
- ed25519_key key;
- int ret = 0;
+ ed25519_key key;
- ret = wc_ed25519_init(&key);
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ed25519_init(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed25519_init(NULL), BAD_FUNC_ARG);
wc_ed25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_init */
/*
@@ -23234,116 +22012,74 @@ static int test_wc_ed25519_init(void)
*/
static int test_wc_ed25519_sign_msg(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN)
- WC_RNG rng;
- ed25519_key key;
- int ret = 0;
- byte msg[] = "Everybody gets Friday off.\n";
- byte sig[ED25519_SIG_SIZE];
- word32 msglen = sizeof(msg);
- word32 siglen = sizeof(sig);
- word32 badSigLen = sizeof(sig) - 1;
+ WC_RNG rng;
+ ed25519_key key;
+ byte msg[] = "Everybody gets Friday off.\n";
+ byte sig[ED25519_SIG_SIZE+1];
+ word32 msglen = sizeof(msg);
+ word32 siglen = ED25519_SIG_SIZE;
+ word32 badSigLen = ED25519_SIG_SIZE - 1;
#ifdef HAVE_ED25519_VERIFY
- int verify_ok = 0; /*1 = Verify success.*/
+ int verify_ok = 0; /*1 = Verify success.*/
#endif
/* Initialize stack variables. */
- XMEMSET(sig, 0, siglen);
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ XMEMSET(sig, 0, sizeof(sig));
/* Initialize key. */
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ed25519_init(&key);
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
- }
- }
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+
+ ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key), 0);
+ ExpectIntEQ(siglen, ED25519_SIG_SIZE);
+ ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig+1, &siglen, &key), 0);
+ ExpectIntEQ(siglen, ED25519_SIG_SIZE);
- if (ret == 0) {
- ret = wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key);
- }
/* Test bad args. */
- if (ret == 0 && siglen == ED25519_SIG_SIZE) {
- ret = wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key);
- }
- if (ret == BUFFER_E && badSigLen == ED25519_SIG_SIZE) {
- badSigLen -= 1;
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- } /* END sign */
+ ExpectIntEQ(wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key),
+ BUFFER_E);
+ ExpectIntEQ(badSigLen, ED25519_SIG_SIZE);
+ badSigLen -= 1;
#ifdef HAVE_ED25519_VERIFY
- if (ret == 0) {
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
+ &key), 0);
+ ExpectIntEQ(verify_ok, 1);
- ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen, &verify_ok, &key);
- if (ret == 0 && verify_ok == 1) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- /* Test bad args. */
- if (ret == 0) {
- AssertIntEQ(wc_ed25519_verify_msg(sig, siglen - 1, msg,
- msglen, &verify_ok, &key),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_ed25519_verify_msg(sig, siglen + 1, msg,
- msglen, &verify_ok, &key),
- BAD_FUNC_ARG);
-
- ret = wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
- &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_verify_msg(sig, siglen, NULL, msglen,
- &verify_ok, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen,
- NULL, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen,
- &verify_ok, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_verify_msg(sig, badSigLen, msg, msglen,
- &verify_ok, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- } /* END verify. */
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen - 1, msg, msglen,
+ &verify_ok, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen + 1, msg, msglen,
+ &verify_ok, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
+ &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, NULL, msglen, &verify_ok,
+ &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, NULL, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_verify_msg(sig+1, badSigLen, msg, msglen, &verify_ok,
+ &key), BAD_FUNC_ARG);
#endif /* Verify. */
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_sign_msg */
@@ -23352,58 +22088,34 @@ static int test_wc_ed25519_sign_msg(void)
*/
static int test_wc_ed25519_import_public(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
- WC_RNG rng;
- ed25519_key pubKey;
- const byte in[] = "Ed25519PublicKeyUnitTest......\n";
- word32 inlen = sizeof(in);
- int ret = 0;
+ ed25519_key pubKey;
+ WC_RNG rng;
+ const byte in[] = "Ed25519PublicKeyUnitTest......\n";
+ word32 inlen = sizeof(in);
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ed25519_init(&pubKey);
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey);
- }
- }
+ XMEMSET(&pubKey, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed25519_import_public_ex(in, inlen, &pubKey, 1);
+ ExpectIntEQ(wc_ed25519_init(&pubKey), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey), 0);
+#endif
- if (ret == 0 && XMEMCMP(in, pubKey.p, inlen) == 0) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_ed25519_import_public_ex(in, inlen, &pubKey, 1), 0);
+ ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0);
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_ed25519_import_public(NULL, inlen, &pubKey);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_public(in, inlen, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_public(in, inlen - 1, &pubKey);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_public(in, inlen, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&pubKey);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END wc_ed25519_import_public */
/*
@@ -23411,11 +22123,10 @@ static int test_wc_ed25519_import_public(void)
*/
static int test_wc_ed25519_import_private_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
- WC_RNG rng;
ed25519_key key;
- int ret;
+ WC_RNG rng;
const byte privKey[] = "Ed25519PrivateKeyUnitTest.....\n";
const byte pubKey[] = "Ed25519PublicKeyUnitTest......\n";
word32 privKeySz = sizeof(privKey);
@@ -23425,80 +22136,46 @@ static int test_wc_ed25519_import_private_key(void)
word32 bothKeysSz = sizeof(bothKeys);
#endif
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return ret;
- }
- ret = wc_ed25519_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return ret;
- }
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed25519_import_private_key_ex(privKey, privKeySz, pubKey,
- pubKeySz, &key, 1);
- if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0
- || XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#endif
-#ifdef HAVE_ED25519_KEY_EXPORT
- if (ret == 0)
- ret = wc_ed25519_export_private(&key, bothKeys, &bothKeysSz);
+ ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, privKeySz, pubKey,
+ pubKeySz, &key, 1), 0);
+ ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+ ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
- if (ret == 0) {
- ret = wc_ed25519_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
- &key, 1);
- if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0
- || XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+#ifdef HAVE_ED25519_KEY_EXPORT
+ ExpectIntEQ(wc_ed25519_export_private(&key, bothKeys, &bothKeysSz), 0);
+ ExpectIntEQ(wc_ed25519_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
+ &key, 1), 0);
+ ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+ ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
#endif
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
- &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_private_key(privKey, privKeySz, NULL,
- pubKeySz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
- pubKeySz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey,
- pubKeySz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
- pubKeySz - 1, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_import_private_key(privKey, privKeySz, NULL,
- 0, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
+ &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL,
+ pubKeySz, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
+ pubKeySz, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey,
+ pubKeySz, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
+ pubKeySz - 1, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL, 0,
+ &key), BAD_FUNC_ARG);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_import_private_key */
/*
@@ -23506,85 +22183,64 @@ static int test_wc_ed25519_import_private_key(void)
*/
static int test_wc_ed25519_export(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
- WC_RNG rng;
- ed25519_key key;
- int ret = 0;
- byte priv[ED25519_PRV_KEY_SIZE];
- byte pub[ED25519_PUB_KEY_SIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
-
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return ret;
- }
+ ed25519_key key;
+ WC_RNG rng;
+ byte priv[ED25519_PRV_KEY_SIZE];
+ byte pub[ED25519_PUB_KEY_SIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+#ifndef HAVE_ED25519_MAKE_KEY
+ const byte privKey[] = {
+ 0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
+ 0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
+ 0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
+ 0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
+ };
+ const byte pubKey[] = {
+ 0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
+ 0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
+ 0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
+ 0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
+ };
+#endif
- ret = wc_ed25519_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return ret;
- }
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
- }
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#else
+ ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
+ pubKey, sizeof(pubKey), &key, 1), 0);
+#endif
- if (ret == 0) {
- ret = wc_ed25519_export_public(&key, pub, &pubSz);
- if (ret == 0 && (pubSz != ED25519_KEY_SIZE
- || XMEMCMP(key.p, pub, pubSz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_ed25519_export_public(NULL, pub, &pubSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_public(&key, NULL, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_public(&key, pub, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_ed25519_export_public(&key, pub, &pubSz), 0);
+ ExpectIntEQ(pubSz, ED25519_KEY_SIZE);
+ ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_public(&key, pub, NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed25519_export_private_only(&key, priv, &privSz);
- if (ret == 0 && (privSz != ED25519_KEY_SIZE
- || XMEMCMP(key.k, priv, privSz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_ed25519_export_private_only(NULL, priv, &privSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_private_only(&key, NULL, &privSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_private_only(&key, priv, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, &privSz), 0);
+ ExpectIntEQ(privSz, ED25519_KEY_SIZE);
+ ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_export_private_only(NULL, priv, &privSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_private_only(&key, NULL, &privSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, NULL),
+ BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_export */
/*
@@ -23592,86 +22248,57 @@ static int test_wc_ed25519_export(void)
*/
static int test_wc_ed25519_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519)
- WC_RNG rng;
- ed25519_key key;
- int ret;
+ ed25519_key key;
+ WC_RNG rng;
+#ifndef HAVE_ED25519_MAKE_KEY
+ const byte privKey[] = {
+ 0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
+ 0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
+ 0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
+ 0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
+ };
+ const byte pubKey[] = {
+ 0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
+ 0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
+ 0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
+ 0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
+ };
+#endif
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return ret;
- }
- ret = wc_ed25519_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return ret;
- }
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- wc_ed25519_free(&key);
- return ret;
- }
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#else
+ ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
+ pubKey, sizeof(pubKey), &key, 1), 0);
+#endif
- ret = wc_ed25519_size(&key);
+ ExpectIntEQ(wc_ed25519_size(&key), ED25519_KEY_SIZE);
/* Test bad args. */
- if (ret == ED25519_KEY_SIZE) {
- ret = wc_ed25519_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_ed25519_size(NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed25519_sig_size(&key);
- if (ret == ED25519_SIG_SIZE) {
- ret = 0;
- }
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_ed25519_sig_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- } /* END wc_ed25519_sig_size() */
+ ExpectIntEQ(wc_ed25519_sig_size(&key), ED25519_SIG_SIZE);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_sig_size(NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed25519_pub_size(&key);
- if (ret == ED25519_PUB_KEY_SIZE) {
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_ed25519_pub_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- } /* END wc_ed25519_pub_size */
+ ExpectIntEQ(wc_ed25519_pub_size(&key), ED25519_PUB_KEY_SIZE);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_pub_size(NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed25519_priv_size(&key);
- if (ret == ED25519_PRV_KEY_SIZE) {
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_ed25519_priv_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- } /* END wc_ed25519_pub_size */
+ ExpectIntEQ(wc_ed25519_priv_size(&key), ED25519_PRV_KEY_SIZE);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_priv_size(NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_size */
/*
@@ -23679,90 +22306,71 @@ static int test_wc_ed25519_size(void)
*/
static int test_wc_ed25519_exportKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
- WC_RNG rng;
- ed25519_key key;
- int ret = 0;
- byte priv[ED25519_PRV_KEY_SIZE];
- byte pub[ED25519_PUB_KEY_SIZE];
- byte privOnly[ED25519_PRV_KEY_SIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
- word32 privOnlySz = sizeof(privOnly);
-
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_ed25519_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
+ WC_RNG rng;
+ ed25519_key key;
+ byte priv[ED25519_PRV_KEY_SIZE];
+ byte pub[ED25519_PUB_KEY_SIZE];
+ byte privOnly[ED25519_PRV_KEY_SIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+ word32 privOnlySz = sizeof(privOnly);
+#ifndef HAVE_ED25519_MAKE_KEY
+ const byte privKey[] = {
+ 0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
+ 0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
+ 0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
+ 0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
+ };
+ const byte pubKey[] = {
+ 0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
+ 0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
+ 0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
+ 0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
+ };
+#endif
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- wc_ed25519_free(&key);
- return TEST_FAIL;
- }
+ XMEMSET(&key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_ed25519_export_private(&key, privOnly, &privOnlySz);
- if (ret == 0) {
- ret = wc_ed25519_export_private(NULL, privOnly, &privOnlySz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_private(&key, NULL, &privOnlySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_private(&key, privOnly, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#else
+ ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
+ pubKey, sizeof(pubKey), &key, 1), 0);
+#endif
- if (ret == 0) {
- ret = wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz);
- if (ret == 0) {
- ret = wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed25519_export_key(&key, priv, &privSz, pub, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- } /* END wc_ed25519_export_key() */
+ ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, &privOnlySz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_export_private(NULL, privOnly, &privOnlySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_private(&key, NULL, &privOnlySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, NULL), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, NULL),
+ BAD_FUNC_ARG);
/* Cross check output. */
- if (ret == 0 && XMEMCMP(priv, privOnly, privSz) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed25519_exportKey */
/*
@@ -23770,61 +22378,36 @@ static int test_wc_ed25519_exportKey(void)
*/
static int test_wc_Ed25519PublicKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
- int tmp;
ed25519_key key;
- byte derBuf[1024];
- int ret = 0;
+ byte derBuf[1024];
- /* Test bad args */
- tmp = wc_Ed25519PublicKeyToDer(NULL, NULL, 0, 0);
- if (tmp != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ XMEMSET(&key, 0, sizeof(ed25519_key));
- if (ret == 0) {
- wc_ed25519_init(&key);
- tmp = wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0);
- if (tmp != BUFFER_E) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ed25519_free(&key);
- }
+ /* Test bad args */
+ ExpectIntEQ(wc_Ed25519PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E);
+ wc_ed25519_free(&key);
/* Test good args */
- if (ret == 0) {
- WC_RNG rng;
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_ed25519_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
+ if (EXPECT_SUCCESS()) {
+ WC_RNG rng;
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- wc_ed25519_free(&key);
- return TEST_FAIL;
- }
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- tmp = wc_Ed25519PublicKeyToDer(&key, derBuf, 1024, 1);
- if (tmp <= 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_ed25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+ ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, derBuf, 1024, 1), 0);
- wc_FreeRng(&rng);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed25519_free(&key);
}
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END testing wc_Ed25519PublicKeyToDer */
/*
@@ -23832,59 +22415,40 @@ static int test_wc_Ed25519PublicKeyToDer(void)
*/
static int test_wc_curve25519_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- curve25519_key key;
- int ret = 0;
+ curve25519_key key;
- ret = wc_curve25519_init(&key);
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
/* Test bad args for wc_curve25519_init */
- if (ret == 0) {
- ret = wc_curve25519_init(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_curve25519_init(NULL), BAD_FUNC_ARG);
- /* Test good args for wc_curve_25519_free */
+ /* Test good args for wc_curve_25519_free */
wc_curve25519_free(&key);
-
+ /* Test bad args for wc_curve25519 free. */
wc_curve25519_free(NULL);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_curve25519_init and wc_curve_25519_free*/
/*
* Testing test_wc_curve25519_size.
*/
static int test_wc_curve25519_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- curve25519_key key;
- int ret = 0;
-
- ret = wc_curve25519_init(&key);
+ curve25519_key key;
- /* Test good args for wc_curve25519_size */
- if (ret == 0) {
- ret = wc_curve25519_size(&key);
- }
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ /* Test good args for wc_curve25519_size */
+ ExpectIntEQ(wc_curve25519_size(&key), CURVE25519_KEYSIZE);
/* Test bad args for wc_curve25519_size */
- if (ret != 0) {
- ret = wc_curve25519_size(NULL);
- }
+ ExpectIntEQ(wc_curve25519_size(NULL), 0);
wc_curve25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_curve25519_size*/
/*
@@ -23892,120 +22456,67 @@ static int test_wc_curve25519_size(void)
*/
static int test_wc_curve25519_export_key_raw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)
- curve25519_key key;
- WC_RNG rng;
- int ret = 0;
-
- byte privateKey[CURVE25519_KEYSIZE];
- byte publicKey[CURVE25519_KEYSIZE];
- word32 prvkSz;
- word32 pubkSz;
-
- byte prik[CURVE25519_KEYSIZE];
- byte pubk[CURVE25519_KEYSIZE];
- word32 prksz;
- word32 pbksz;
-
- if (0 != wc_InitRng(&rng)) {
- return TEST_FAIL;
- }
- if (0 != wc_curve25519_init(&key)) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
-
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-
- /*
- bad-argument-test cases
- target function sould return BAD_FUNC_ARG
- */
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
- NULL, privateKey, &prvkSz, publicKey, &pubkSz)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
- &key, NULL, &prvkSz, publicKey, &pubkSz)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
- &key, privateKey, NULL, publicKey, &pubkSz)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- /* prvkSz = CURVE25519_KEYSIZE; */
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
- &key, privateKey, &prvkSz, NULL, &pubkSz)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
- &key, privateKey, &prvkSz, publicKey, NULL )) {
- ret = -1;
- }
- }
-
- /*
- cross-testing
- */
- if (ret == 0) {
- prksz = CURVE25519_KEYSIZE;
- ret = wc_curve25519_export_private_raw(&key, prik, &prksz);
- }
-
- if (ret == 0) {
- pbksz = CURVE25519_KEYSIZE;
- ret = wc_curve25519_export_public(&key, pubk, &pbksz);
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- /* pubkSz = CURVE25519_KEYSIZE; */
- ret = wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
- publicKey, &pubkSz);
- }
-
- if (ret == 0) {
- if ((prksz == CURVE25519_KEYSIZE) &&
- (pbksz == CURVE25519_KEYSIZE) &&
- (prvkSz == CURVE25519_KEYSIZE) &&
- (pubkSz == CURVE25519_KEYSIZE)) {
-
- if (0 != XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE) ||
- 0 != XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE)) {
- ret = -1;
- }
- }
- }
-
+ curve25519_key key;
+ WC_RNG rng;
+ byte privateKey[CURVE25519_KEYSIZE];
+ byte publicKey[CURVE25519_KEYSIZE];
+ word32 prvkSz;
+ word32 pubkSz;
+ byte prik[CURVE25519_KEYSIZE];
+ byte pubk[CURVE25519_KEYSIZE];
+ word32 prksz;
+ word32 pbksz;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+ /* bad-argument-test cases - target function should return BAD_FUNC_ARG */
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw(NULL, privateKey, &prvkSz,
+ publicKey, &pubkSz), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw(&key, NULL, &prvkSz, publicKey,
+ &pubkSz), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, NULL,
+ publicKey, &pubkSz), BAD_FUNC_ARG);
+ /* prvkSz = CURVE25519_KEYSIZE; */
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
+ NULL, &pubkSz), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
+ publicKey, NULL), BAD_FUNC_ARG);
+
+ /* cross-testing */
+ prksz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_private_raw(&key, prik, &prksz), 0);
+ pbksz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_public(&key, pubk, &pbksz), 0);
+ prvkSz = CURVE25519_KEYSIZE;
+ /* pubkSz = CURVE25519_KEYSIZE; */
+ ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
+ publicKey, &pubkSz), 0);
+ ExpectIntEQ(prksz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(pbksz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0);
+ ExpectIntEQ(XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE), 0);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* end of test_wc_curve25519_export_key_raw */
/*
@@ -24013,198 +22524,105 @@ static int test_wc_curve25519_export_key_raw(void)
*/
static int test_wc_curve25519_export_key_raw_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)
- curve25519_key key;
- WC_RNG rng;
- int ret;
-
- byte privateKey[CURVE25519_KEYSIZE];
- byte publicKey[CURVE25519_KEYSIZE];
- word32 prvkSz;
- word32 pubkSz;
-
- byte prik[CURVE25519_KEYSIZE];
- byte pubk[CURVE25519_KEYSIZE];
- word32 prksz;
- word32 pbksz;
-
- if (0 != wc_InitRng(&rng)) {
- return TEST_FAIL;
- }
- if (0 != wc_curve25519_init(&key)) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
-
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-
- /*
- bad-argument-test cases
- target function sould return BAD_FUNC_ARG
- */
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( NULL , privateKey,
- &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key , NULL,
- &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key,privateKey,
- NULL, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- /* prvkSz = CURVE25519_KEYSIZE; */
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
- &prvkSz, NULL, &pubkSz, EC25519_LITTLE_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
- &prvkSz, publicKey, NULL, EC25519_LITTLE_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- /* pubkSz = CURVE25519_KEYSIZE; */
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( NULL, privateKey,
- &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, NULL,
- &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
- NULL, publicKey, &pubkSz, EC25519_BIG_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- /* prvkSz = CURVE25519_KEYSIZE; */
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
- &prvkSz, NULL, &pubkSz, EC25519_BIG_ENDIAN)) {
- ret = -1;
- }
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
- &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN)) {
- ret = -1;
- }
- }
-
- /* illegal value for endien */
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- /* pubkSz = CURVE25519_KEYSIZE; */
- if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex(&key, privateKey,
- &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN + 10)) {
- ret = -1;
- }
- }
-
- /*
- cross-testing
- */
- if (ret == 0) {
- prksz = CURVE25519_KEYSIZE;
- ret = wc_curve25519_export_private_raw( &key, prik, &prksz);
- }
-
- if (ret == 0) {
- pbksz = CURVE25519_KEYSIZE;
- ret = wc_curve25519_export_public( &key, pubk, &pbksz);
- }
-
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- /* pubkSz = CURVE25519_KEYSIZE; */
- ret = wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
- publicKey, &pubkSz, EC25519_BIG_ENDIAN);
- }
-
- if (ret == 0 && (prksz != CURVE25519_KEYSIZE ||
- pbksz != CURVE25519_KEYSIZE ||
- prvkSz != CURVE25519_KEYSIZE ||
- pubkSz != CURVE25519_KEYSIZE)) {
- ret = -1;
- }
-
- if (ret == 0 && (0 != XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE) ||
- 0 != XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE))) {
- ret = -1;
- }
-
- if (ret == 0) {
- ret = wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
- publicKey, &pubkSz, EC25519_LITTLE_ENDIAN);
- }
- if (ret == 0 && (prvkSz != CURVE25519_KEYSIZE ||
- pubkSz != CURVE25519_KEYSIZE)) {
- ret = -1;
- }
-
- /*
- try once with another endian
- */
- if (ret == 0) {
- prvkSz = CURVE25519_KEYSIZE;
- pubkSz = CURVE25519_KEYSIZE;
- ret = wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
- publicKey, &pubkSz, EC25519_BIG_ENDIAN);
- }
- if (ret == 0 && (prvkSz != CURVE25519_KEYSIZE ||
- pubkSz != CURVE25519_KEYSIZE)) {
- ret = -1;
- }
-
+ curve25519_key key;
+ WC_RNG rng;
+ byte privateKey[CURVE25519_KEYSIZE];
+ byte publicKey[CURVE25519_KEYSIZE];
+ word32 prvkSz;
+ word32 pubkSz;
+ byte prik[CURVE25519_KEYSIZE];
+ byte pubk[CURVE25519_KEYSIZE];
+ word32 prksz;
+ word32 pbksz;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+ /* bad-argument-test cases - target function should return BAD_FUNC_ARG */
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey,
+ &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL,
+ &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+ NULL, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+ /* prvkSz = CURVE25519_KEYSIZE; */
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+ &prvkSz, NULL, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+ &prvkSz, publicKey, NULL, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ /* pubkSz = CURVE25519_KEYSIZE; */
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey,
+ &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL,
+ &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+ NULL, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+ /* prvkSz = CURVE25519_KEYSIZE; */
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+ &prvkSz, NULL, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+ &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+
+ /* illegal value for endian */
+ prvkSz = CURVE25519_KEYSIZE;
+ /* pubkSz = CURVE25519_KEYSIZE; */
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
+ publicKey, NULL, EC25519_BIG_ENDIAN + 10), BAD_FUNC_ARG);
+
+ /* cross-testing */
+ prksz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_private_raw( &key, prik, &prksz), 0);
+ pbksz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_public( &key, pubk, &pbksz), 0);
+ prvkSz = CURVE25519_KEYSIZE;
+ /* pubkSz = CURVE25519_KEYSIZE; */
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
+ publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0);
+ ExpectIntEQ(prksz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(pbksz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0);
+ ExpectIntEQ(XMEMCMP(publicKey, pubk, CURVE25519_KEYSIZE), 0);
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
+ publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), 0);
+ ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+
+ /* try once with another endian */
+ prvkSz = CURVE25519_KEYSIZE;
+ pubkSz = CURVE25519_KEYSIZE;
+ ExpectIntEQ(wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
+ publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0);
+ ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+ ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* end of test_wc_curve25519_export_key_raw_ex */
/*
@@ -24212,559 +22630,312 @@ static int test_wc_curve25519_export_key_raw_ex(void)
*/
static int test_wc_curve25519_make_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- WC_RNG rng;
- curve25519_key key;
- int keysize;
- int ret;
+ curve25519_key key;
+ WC_RNG rng;
+ int keysize;
- ret = wc_curve25519_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
- if (ret == 0) {
- keysize = wc_curve25519_size(&key);
- if (keysize != CURVE25519_KEYSIZE) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_key(&rng, keysize, &key);
- }
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve25519_make_key(NULL, 0, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_key(&rng, keysize, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_key(NULL, keysize, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_key(&rng, 0, &key);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- wc_curve25519_free(&key);
- wc_FreeRng(&rng);
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+ ExpectIntEQ(keysize = wc_curve25519_size(&key), CURVE25519_KEYSIZE);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, &key), 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve25519_make_key(NULL, 0, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_make_key(NULL, keysize, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, 0, &key), ECC_BAD_ARG_E);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_curve25519_free(&key);
#endif
- return res;
-} /*END test_wc_curve25519_make_key*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_make_key*/
+
/*
* Testing wc_curve25519_shared_secret_ex
*/
static int test_wc_curve25519_shared_secret_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- WC_RNG rng;
- curve25519_key private_key, public_key;
- byte out[CURVE25519_KEYSIZE];
- word32 outLen = sizeof(out);
- int endian = EC25519_BIG_ENDIAN;
- int ret;
-
- ret = wc_curve25519_init(&private_key);
- if (ret == 0) {
- ret = wc_curve25519_init(&public_key);
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &private_key);
- }
- if (ret == 0) {
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &public_key);
- }
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
- &outLen, endian);
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(NULL, NULL, NULL,
- 0, endian);
- if (ret == 0) {
- ret = -1;
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(NULL, &public_key, out,
- &outLen, endian);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(&private_key, NULL, out,
- &outLen, endian);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, NULL,
- &outLen, endian);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
- NULL, endian);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ curve25519_key private_key;
+ curve25519_key public_key;
+ WC_RNG rng;
+ byte out[CURVE25519_KEYSIZE];
+ word32 outLen = sizeof(out);
+ int endian = EC25519_BIG_ENDIAN;
+
+ ExpectIntEQ(wc_curve25519_init(&private_key), 0);
+ ExpectIntEQ(wc_curve25519_init(&public_key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &private_key),
+ 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &public_key),
+ 0);
- if (ret == 0) {
- /*curve25519.c is checking for public_key size less than or equal to 0x7f,
- *increasing to 0x8f checks for error being returned*/
- public_key.p.point[CURVE25519_KEYSIZE-1] = 0x8F;
- ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
- &outLen, endian);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+ &outLen, endian), 0);
+
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, NULL, NULL, 0, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, &public_key, out, &outLen,
+ endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, NULL, out, &outLen,
+ endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, NULL,
+ &outLen, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+ NULL, endian), BAD_FUNC_ARG);
+
+ /* curve25519.c is checking for public_key size less than or equal to 0x7f,
+ * increasing to 0x8f checks for error being returned*/
+ public_key.p.point[CURVE25519_KEYSIZE-1] = 0x8F;
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+ &outLen, endian), ECC_BAD_ARG_E);
outLen = outLen - 2;
- if (ret == 0) {
- ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
- &outLen, endian);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+ &outLen, endian), BAD_FUNC_ARG);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&private_key);
wc_curve25519_free(&public_key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-} /*END test_wc_curve25519_shared_secret_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_shared_secret_ex*/
+
/*
* Testing wc_curve25519_make_pub
*/
static int test_wc_curve25519_make_pub(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_CURVE25519
- WC_RNG rng;
- curve25519_key key;
- byte out[CURVE25519_KEYSIZE];
- int ret;
-
- ret = wc_curve25519_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_pub((int)sizeof(out), out, (int)sizeof(key.k), key.k);
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve25519_make_pub((int)sizeof(key.k) - 1, key.k, (int)sizeof out, out);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), NULL);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_pub((int)sizeof out - 1, out, (int)sizeof(key.k), key.k);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_make_pub((int)sizeof out, NULL, (int)sizeof(key.k), key.k);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- /* verify clamping test */
- key.k[0] |= ~248;
- ret = wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), key.k);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- key.k[0] &= 248;
- }
+ curve25519_key key;
+ WC_RNG rng;
+ byte out[CURVE25519_KEYSIZE];
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(out), out,
+ (int)sizeof(key.k), key.k), 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(key.k) - 1, key.k,
+ (int)sizeof out, out), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
+ NULL), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out - 1, out,
+ (int)sizeof(key.k), key.k), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, NULL,
+ (int)sizeof(key.k), key.k), ECC_BAD_ARG_E);
+ /* verify clamping test */
+ key.k[0] |= ~248;
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
+ key.k), ECC_BAD_ARG_E);
+ key.k[0] &= 248;
/* repeat the expected-to-succeed test. */
- if (ret == 0) {
- ret = wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), key.k);
- }
+ ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
+ key.k), 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-} /*END test_wc_curve25519_make_pub */
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_make_pub */
+
/*
* Testing test_wc_curve25519_export_public_ex
*/
static int test_wc_curve25519_export_public_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- WC_RNG rng;
- curve25519_key key;
- byte out[CURVE25519_KEYSIZE];
- word32 outLen = sizeof(out);
- int endian = EC25519_BIG_ENDIAN;
- int ret;
-
- ret = wc_curve25519_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
-
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
- if (ret == 0) {
- ret = wc_curve25519_export_public(&key, out, &outLen);
- }
- if (ret == 0) {
- ret = wc_curve25519_export_public_ex(&key, out, &outLen, endian);
- }
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve25519_export_public_ex(NULL, NULL, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_public_ex(NULL, out, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_public_ex(&key, NULL, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_public_ex(&key, out, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ curve25519_key key;
+ WC_RNG rng;
+ byte out[CURVE25519_KEYSIZE];
+ word32 outLen = sizeof(out);
+ int endian = EC25519_BIG_ENDIAN;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+ ExpectIntEQ(wc_curve25519_export_public(&key, out, &outLen), 0);
+ ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian), 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve25519_export_public_ex(NULL, NULL, NULL, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_public_ex(NULL, out, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_public_ex(&key, NULL, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, NULL, endian),
+ BAD_FUNC_ARG);
outLen = outLen - 2;
- if (ret == 0) {
- ret = wc_curve25519_export_public_ex(&key, out, &outLen, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian),
+ ECC_BAD_ARG_E);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
-} /*END test_wc_curve25519_export_public_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_export_public_ex*/
/*
* Testing test_wc_curve25519_import_private_raw_ex
*/
static int test_wc_curve25519_import_private_raw_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- WC_RNG rng;
- curve25519_key key;
- byte priv[CURVE25519_KEYSIZE];
- byte pub[CURVE25519_KEYSIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
- int endian = EC25519_BIG_ENDIAN;
- int ret;
-
- ret = wc_curve25519_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
-
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(&key, priv, &privSz, endian);
- }
- if (ret == 0) {
- ret = wc_curve25519_export_public(&key, pub, &pubSz);
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
- &key, endian);
- }
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(NULL, 0, NULL, 0, NULL,
- endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(NULL, privSz, pub, pubSz,
- &key, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(priv, privSz, NULL, pubSz,
- &key, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
- NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(priv, 0, pub, pubSz,
- &key, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, 0,
- &key, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
- &key, EC25519_LITTLE_ENDIAN);
-
- }
-
+ curve25519_key key;
+ WC_RNG rng;
+ byte priv[CURVE25519_KEYSIZE];
+ byte pub[CURVE25519_KEYSIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+ int endian = EC25519_BIG_ENDIAN;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, priv, &privSz,
+ endian), 0);
+ ExpectIntEQ(wc_curve25519_export_public(&key, pub, &pubSz), 0);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
+ &key, endian), 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, 0, NULL, 0, NULL,
+ endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, privSz, pub, pubSz,
+ &key, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, NULL, pubSz,
+ &key, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
+ NULL, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, 0, pub, pubSz,
+ &key, endian), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, 0,
+ &key, endian), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
+ &key, EC25519_LITTLE_ENDIAN), 0);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve25519_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-} /*END test_wc_curve25519_import_private_raw_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_import_private_raw_ex*/
/*
* Testing test_wc_curve25519_import_private
*/
static int test_wc_curve25519_import_private(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- curve25519_key key;
- WC_RNG rng;
- byte priv[CURVE25519_KEYSIZE];
- word32 privSz = sizeof(priv);
- int ret;
+ curve25519_key key;
+ WC_RNG rng;
+ byte priv[CURVE25519_KEYSIZE];
+ word32 privSz = sizeof(priv);
- ret = wc_curve25519_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw(&key, priv, &privSz);
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_import_private(priv, privSz, &key);
- }
- wc_curve25519_free(&key);
- wc_FreeRng(&rng);
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_curve25519_export_private_raw(&key, priv, &privSz), 0);
+ ExpectIntEQ(wc_curve25519_import_private(priv, privSz, &key), 0);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_curve25519_free(&key);
#endif
- return res;
-} /*END test_wc_curve25519_import*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_import*/
/*
* Testing test_wc_curve25519_export_private_raw_ex
*/
static int test_wc_curve25519_export_private_raw_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE25519)
- curve25519_key key;
- byte out[CURVE25519_KEYSIZE];
- word32 outLen = sizeof(out);
- int endian = EC25519_BIG_ENDIAN;
- int ret;
+ curve25519_key key;
+ byte out[CURVE25519_KEYSIZE];
+ word32 outLen = sizeof(out);
+ int endian = EC25519_BIG_ENDIAN;
- ret = wc_curve25519_init(&key);
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian);
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(NULL, NULL, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(NULL, out, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(&key, NULL, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(&key, out, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(&key, out, &outLen,
- EC25519_LITTLE_ENDIAN);
- }
+ ExpectIntEQ(wc_curve25519_init(&key), 0);
+
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian),
+ 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, NULL, NULL, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, out, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, NULL, &outLen,
+ endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, NULL, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen,
+ EC25519_LITTLE_ENDIAN), 0);
outLen = outLen - 2;
- if (ret == 0) {
- ret = wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian),
+ ECC_BAD_ARG_E);
wc_curve25519_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-}/*END test_wc_curve25519_export_private_raw_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve25519_export_private_raw_ex*/
/*
* Testing wc_ed448_make_key().
*/
static int test_wc_ed448_make_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448)
ed448_key key;
WC_RNG rng;
unsigned char pubkey[ED448_PUB_KEY_SIZE];
- int ret;
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ed448_init(&key);
- }
- if (ret == 0) {
- ret = wc_ed448_make_public(&key, pubkey, sizeof(pubkey));
- if (ret == ECC_PRIV_KEY_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = -1;
- }
- }
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
- }
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+
+ ExpectIntEQ(wc_ed448_make_public(&key, pubkey, sizeof(pubkey)),
+ ECC_PRIV_KEY_E);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ed448_make_key(NULL, ED448_KEY_SIZE, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE - 1, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE + 1, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed448_make_key(NULL, ED448_KEY_SIZE, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE - 1, &key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE + 1, &key),
+ BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed448_make_key */
@@ -24773,29 +22944,19 @@ static int test_wc_ed448_make_key(void)
*/
static int test_wc_ed448_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448)
- ed448_key key;
- int ret;
+ ed448_key key;
- ret = wc_ed448_init(&key);
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ ExpectIntEQ(wc_ed448_init(&key), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ed448_init(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed448_init(NULL), BAD_FUNC_ARG);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed448_init */
/*
@@ -24803,116 +22964,70 @@ static int test_wc_ed448_init(void)
*/
static int test_wc_ed448_sign_msg(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_SIGN)
- WC_RNG rng;
- ed448_key key;
- byte msg[] = "Everybody gets Friday off.\n";
- byte sig[ED448_SIG_SIZE];
- word32 msglen = sizeof(msg);
- word32 siglen = sizeof(sig);
- word32 badSigLen = sizeof(sig) - 1;
+ ed448_key key;
+ WC_RNG rng;
+ byte msg[] = "Everybody gets Friday off.\n";
+ byte sig[ED448_SIG_SIZE];
+ word32 msglen = sizeof(msg);
+ word32 siglen = sizeof(sig);
+ word32 badSigLen = sizeof(sig) - 1;
#ifdef HAVE_ED448_VERIFY
- int verify_ok = 0; /*1 = Verify success.*/
+ int verify_ok = 0; /*1 = Verify success.*/
#endif
- int ret;
/* Initialize stack variables. */
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, siglen);
/* Initialize key. */
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ed448_init(&key);
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
- }
- }
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
- if (ret == 0) {
- ret = wc_ed448_sign_msg(msg, msglen, sig, &siglen, &key, NULL, 0);
- }
+ ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, &key, NULL, 0), 0);
+ ExpectIntEQ(siglen, ED448_SIG_SIZE);
/* Test bad args. */
- if (ret == 0 && siglen == ED448_SIG_SIZE) {
- ret = wc_ed448_sign_msg(NULL, msglen, sig, &siglen, &key, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_sign_msg(msg, msglen, NULL, &siglen, &key, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_sign_msg(msg, msglen, sig, NULL, &key, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_sign_msg(msg, msglen, sig, &siglen, NULL, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_sign_msg(msg, msglen, sig, &badSigLen, &key,
- NULL, 0);
- }
- if (ret == BUFFER_E && badSigLen == ED448_SIG_SIZE) {
- badSigLen -= 1;
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- } /* END sign */
+ ExpectIntEQ(wc_ed448_sign_msg(NULL, msglen, sig, &siglen, &key, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, NULL, &siglen, &key, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, NULL, &key, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, NULL, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &badSigLen, &key, NULL, 0),
+ BUFFER_E);
+ ExpectIntEQ(badSigLen, ED448_SIG_SIZE);
+ badSigLen -= 1;
#ifdef HAVE_ED448_VERIFY
- if (ret == 0) {
-
- ret = wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok,
- &key, NULL, 0);
- if (ret == 0 && verify_ok == 1) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- /* Test bad args. */
- if (ret == 0) {
- AssertIntEQ(wc_ed448_verify_msg(sig, siglen - 1, msg,
- msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_ed448_verify_msg(sig, siglen + 1, msg,
- msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG);
-
- ret = wc_ed448_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
- &key, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_verify_msg(sig, siglen, NULL, msglen,
- &verify_ok, &key, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_verify_msg(sig, siglen, msg, msglen,
- NULL, &key, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_verify_msg(sig, siglen, msg, msglen,
- &verify_ok, NULL, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_verify_msg(sig, badSigLen, msg, msglen,
- &verify_ok, &key, NULL, 0);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- } /* END verify. */
+ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok, &key,
+ NULL, 0), 0);
+ ExpectIntEQ(verify_ok, 1);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen - 1, msg, msglen, &verify_ok,
+ &key, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen + 1, msg, msglen, &verify_ok,
+ &key, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
+ &key, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, NULL, msglen, &verify_ok,
+ &key, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, NULL,
+ &key, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok,
+ NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_verify_msg(sig, badSigLen, msg, msglen, &verify_ok,
+ &key, NULL, 0), BAD_FUNC_ARG);
#endif /* Verify. */
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed448_sign_msg */
/*
@@ -24920,59 +23035,32 @@ static int test_wc_ed448_sign_msg(void)
*/
static int test_wc_ed448_import_public(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
- WC_RNG rng;
- ed448_key pubKey;
- const byte in[] =
+ ed448_key pubKey;
+ WC_RNG rng;
+ const byte in[] =
"Ed448PublicKeyUnitTest.................................\n";
- word32 inlen = sizeof(in);
- int ret = 0;
+ word32 inlen = sizeof(in);
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ed448_init(&pubKey);
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &pubKey);
- }
- }
-
- if (ret == 0) {
- ret = wc_ed448_import_public_ex(in, inlen, &pubKey, 1);
+ XMEMSET(&pubKey, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0 && XMEMCMP(in, pubKey.p, inlen) == 0) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_ed448_init(&pubKey), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &pubKey), 0);
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_ed448_import_public(NULL, inlen, &pubKey);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_public(in, inlen, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_public(in, inlen - 1, &pubKey);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_ed448_import_public_ex(in, inlen, &pubKey, 1), 0);
+ ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_public(in, inlen, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&pubKey);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END wc_ed448_import_public */
/*
@@ -24980,97 +23068,59 @@ static int test_wc_ed448_import_public(void)
*/
static int test_wc_ed448_import_private_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
- WC_RNG rng;
- ed448_key key;
- const byte privKey[] =
- "Ed448PrivateKeyUnitTest................................\n";
- const byte pubKey[] =
- "Ed448PublicKeyUnitTest.................................\n";
- word32 privKeySz = sizeof(privKey);
- word32 pubKeySz = sizeof(pubKey);
+ ed448_key key;
+ WC_RNG rng;
+ const byte privKey[] =
+ "Ed448PrivateKeyUnitTest................................\n";
+ const byte pubKey[] =
+ "Ed448PublicKeyUnitTest.................................\n";
+ word32 privKeySz = sizeof(privKey);
+ word32 pubKeySz = sizeof(pubKey);
#ifdef HAVE_ED448_KEY_EXPORT
- byte bothKeys[sizeof(privKey) + sizeof(pubKey)];
- word32 bothKeysSz = sizeof(bothKeys);
+ byte bothKeys[sizeof(privKey) + sizeof(pubKey)];
+ word32 bothKeysSz = sizeof(bothKeys);
#endif
- int ret;
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_ed448_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed448_import_private_key_ex(privKey, privKeySz, pubKey,
- pubKeySz, &key, 1);
- if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0 ||
- XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
-#ifdef HAVE_ED448_KEY_EXPORT
- if (ret == 0)
- ret = wc_ed448_export_private(&key, bothKeys, &bothKeysSz);
+ ExpectIntEQ(wc_ed448_import_private_key_ex(privKey, privKeySz, pubKey,
+ pubKeySz, &key, 1), 0);
+ ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+ ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
- if (ret == 0) {
- ret = wc_ed448_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
- &key, 1);
- if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0 ||
- XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+#ifdef HAVE_ED448_KEY_EXPORT
+ ExpectIntEQ(wc_ed448_export_private(&key, bothKeys, &bothKeysSz), 0);
+ ExpectIntEQ(wc_ed448_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
+ &key, 1), 0);
+ ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+ ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
#endif
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ed448_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
- &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_private_key(privKey, privKeySz, NULL,
- pubKeySz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_private_key(privKey, privKeySz, pubKey,
- pubKeySz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_private_key(privKey, privKeySz - 1, pubKey,
- pubKeySz, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_private_key(privKey, privKeySz, pubKey,
- pubKeySz - 1, &key);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_import_private_key(privKey, privKeySz, NULL,
- 0, &key);
- }
-
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ed448_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
+ &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, pubKeySz,
+ &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey,
+ pubKeySz, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz - 1, pubKey,
+ pubKeySz, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey,
+ pubKeySz - 1, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, 0, &key),
+ BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed448_import_private_key */
/*
@@ -25078,86 +23128,44 @@ static int test_wc_ed448_import_private_key(void)
*/
static int test_wc_ed448_export(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
- WC_RNG rng;
- ed448_key key;
- byte priv[ED448_PRV_KEY_SIZE];
- byte pub[ED448_PUB_KEY_SIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
- int ret;
-
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
-
- ret = wc_ed448_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
-
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
- }
-
- if (ret == 0) {
- ret = wc_ed448_export_public(&key, pub, &pubSz);
- if (ret == 0 && (pubSz != ED448_KEY_SIZE ||
- XMEMCMP(key.p, pub, pubSz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_ed448_export_public(NULL, pub, &pubSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_public(&key, NULL, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_public(&key, pub, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ed448_key key;
+ WC_RNG rng;
+ byte priv[ED448_PRV_KEY_SIZE];
+ byte pub[ED448_PUB_KEY_SIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
+
+ ExpectIntEQ(wc_ed448_export_public(&key, pub, &pubSz), 0);
+ ExpectIntEQ(pubSz, ED448_KEY_SIZE);
+ ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_public(&key, pub, NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed448_export_private_only(&key, priv, &privSz);
- if (ret == 0 && (privSz != ED448_KEY_SIZE ||
- XMEMCMP(key.k, priv, privSz) != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0) {
- ret = wc_ed448_export_private_only(NULL, priv, &privSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_private_only(&key, NULL, &privSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_private_only(&key, priv, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ExpectIntEQ(wc_ed448_export_private_only(&key, priv, &privSz), 0);
+ ExpectIntEQ(privSz, ED448_KEY_SIZE);
+ ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_export_private_only(NULL, priv, &privSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_private_only(&key, NULL, &privSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_private_only(&key, priv, NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_ed448_export */
/*
@@ -25165,86 +23173,38 @@ static int test_wc_ed448_export(void)
*/
static int test_wc_ed448_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448)
- WC_RNG rng;
- ed448_key key;
- int ret = 0;
+ ed448_key key;
+ WC_RNG rng;
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_ed448_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- wc_ed448_free(&key);
- return TEST_FAIL;
- }
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
- ret = wc_ed448_size(&key);
+ ExpectIntEQ(wc_ed448_size(&key), ED448_KEY_SIZE);
/* Test bad args. */
- if (ret == ED448_KEY_SIZE) {
- ret = wc_ed448_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_ed448_size(NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed448_sig_size(&key);
- if (ret == ED448_SIG_SIZE) {
- ret = 0;
- }
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_ed448_sig_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- } /* END wc_ed448_sig_size() */
+ ExpectIntEQ(wc_ed448_sig_size(&key), ED448_SIG_SIZE);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_sig_size(NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed448_pub_size(&key);
- if (ret == ED448_PUB_KEY_SIZE) {
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_ed448_pub_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- } /* END wc_ed448_pub_size */
+ ExpectIntEQ(wc_ed448_pub_size(&key), ED448_PUB_KEY_SIZE);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_pub_size(NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed448_priv_size(&key);
- if (ret == ED448_PRV_KEY_SIZE) {
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_ed448_priv_size(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- } /* END wc_ed448_pub_size */
+ ExpectIntEQ(wc_ed448_priv_size(&key), ED448_PRV_KEY_SIZE);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_priv_size(NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed448_size */
/*
@@ -25252,90 +23212,51 @@ static int test_wc_ed448_size(void)
*/
static int test_wc_ed448_exportKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
- WC_RNG rng;
- ed448_key key;
- byte priv[ED448_PRV_KEY_SIZE];
- byte pub[ED448_PUB_KEY_SIZE];
- byte privOnly[ED448_PRV_KEY_SIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
- word32 privOnlySz = sizeof(privOnly);
- int ret;
-
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_ed448_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
-
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- wc_ed448_free(&key);
- return TEST_FAIL;
- }
-
- ret = wc_ed448_export_private(&key, privOnly, &privOnlySz);
- if (ret == 0) {
- ret = wc_ed448_export_private(NULL, privOnly, &privOnlySz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_private(&key, NULL, &privOnlySz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_private(&key, privOnly, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ed448_key key;
+ WC_RNG rng;
+ byte priv[ED448_PRV_KEY_SIZE];
+ byte pub[ED448_PUB_KEY_SIZE];
+ byte privOnly[ED448_PRV_KEY_SIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+ word32 privOnlySz = sizeof(privOnly);
+
+ XMEMSET(&key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
+
+ ExpectIntEQ(wc_ed448_export_private(&key, privOnly, &privOnlySz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_export_private(NULL, privOnly, &privOnlySz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_private(&key, NULL, &privOnlySz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_private(&key, privOnly, NULL), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_ed448_export_key(&key, priv, &privSz, pub, &pubSz);
- if (ret == 0) {
- ret = wc_ed448_export_key(NULL, priv, &privSz, pub, &pubSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_key(&key, NULL, &privSz, pub, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_key(&key, priv, NULL, pub, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_key(&key, priv, &privSz, NULL, &pubSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ed448_export_key(&key, priv, &privSz, pub, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- } /* END wc_ed448_export_key() */
+ ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, &pubSz), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ed448_export_key(NULL, priv, &privSz, pub, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_key(&key, NULL, &privSz, pub, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_key(&key, priv, NULL, pub, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, NULL, &pubSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, NULL),
+ BAD_FUNC_ARG);
/* Cross check output. */
- if (ret == 0 && XMEMCMP(priv, privOnly, privSz) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ed448_exportKey */
/*
@@ -25343,61 +23264,38 @@ static int test_wc_ed448_exportKey(void)
*/
static int test_wc_Ed448PublicKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
- int tmp;
ed448_key key;
byte derBuf[1024];
- int ret = 0;
+
+ XMEMSET(&key, 0, sizeof(ed448_key));
/* Test bad args */
- tmp = wc_Ed448PublicKeyToDer(NULL, NULL, 0, 0);
- if (tmp != BAD_FUNC_ARG) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_Ed448PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
- if (ret == 0) {
- wc_ed448_init(&key);
- tmp = wc_Ed448PublicKeyToDer(&key, derBuf, 0, 0);
- if (tmp != BUFFER_E) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ed448_free(&key);
- }
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_Ed448PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E);
+ wc_ed448_free(&key);
/* Test good args */
- if (ret == 0) {
- WC_RNG rng;
- ret = wc_InitRng(&rng);
- if (ret != 0) {
- return TEST_FAIL;
- }
- ret = wc_ed448_init(&key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- return TEST_FAIL;
- }
+ if (EXPECT_SUCCESS()) {
+ WC_RNG rng;
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
- if (ret != 0) {
- wc_FreeRng(&rng);
- wc_ed448_free(&key);
- return TEST_FAIL;
- }
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- tmp = wc_Ed448PublicKeyToDer(&key, derBuf, 1024, 1);
- if (tmp <= 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_ed448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
+
+ ExpectIntGT(wc_Ed448PublicKeyToDer(&key, derBuf, 1024, 1), 0);
- wc_FreeRng(&rng);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ed448_free(&key);
}
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END testing wc_Ed448PublicKeyToDer */
/*
@@ -25405,32 +23303,21 @@ static int test_wc_Ed448PublicKeyToDer(void)
*/
static int test_wc_curve448_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- curve448_key key;
- int ret = 0;
-
- ret = wc_curve448_init(&key);
+ curve448_key key;
/* Test bad args for wc_curve448_init */
- if (ret == 0) {
- ret = wc_curve448_init(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ /* Test bad args for wc_curve448_init */
+ ExpectIntEQ(wc_curve448_init(NULL), BAD_FUNC_ARG);
- /* Test good args for wc_curve_448_free */
+ /* Test good args for wc_curve_448_free */
wc_curve448_free(&key);
-
+ /* Test bad args for wc_curve448_free */
wc_curve448_free(NULL);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_curve448_init and wc_curve_448_free*/
/*
@@ -25438,479 +23325,276 @@ static int test_wc_curve448_init(void)
*/
static int test_wc_curve448_make_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- WC_RNG rng;
- curve448_key key;
- int keysize;
- int ret;
+ curve448_key key;
+ WC_RNG rng;
+ int keysize;
- ret = wc_curve448_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
- if (ret == 0) {
- keysize = wc_curve448_size(&key);
- if (keysize != CURVE448_KEY_SIZE) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_make_key(&rng, keysize, &key);
- }
- }
- /* test bad cases */
- if (ret == 0) {
- ret = wc_curve448_make_key(NULL, 0, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_make_key(&rng, keysize, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_make_key(NULL, keysize, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_make_key(&rng, 0, &key);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- if (wc_FreeRng(&rng) != 0 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+ ExpectIntEQ(keysize = wc_curve448_size(&key), CURVE448_KEY_SIZE);
+ ExpectIntEQ(wc_curve448_make_key(&rng, keysize, &key), 0);
- wc_curve448_free(&key);
+ /* test bad cases */
+ ExpectIntEQ(wc_curve448_make_key(NULL, 0, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_make_key(&rng, keysize, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_make_key(NULL, keysize, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_make_key(&rng, 0, &key), ECC_BAD_ARG_E);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_curve448_free(&key);
#endif
- return res;
-} /*END test_wc_curve448_make_key*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_make_key*/
/*
* Testing test_wc_curve448_shared_secret_ex
*/
static int test_wc_curve448_shared_secret_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- WC_RNG rng;
- curve448_key private_key, public_key;
- byte out[CURVE448_KEY_SIZE];
- word32 outLen = sizeof(out);
- int endian = EC448_BIG_ENDIAN;
- int ret;
+ curve448_key private_key;
+ curve448_key public_key;
+ WC_RNG rng;
+ byte out[CURVE448_KEY_SIZE];
+ word32 outLen = sizeof(out);
+ int endian = EC448_BIG_ENDIAN;
- ret = wc_curve448_init(&private_key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &private_key);
- }
- }
- if (ret == 0) {
- ret = wc_curve448_init(&public_key);
- }
- if (ret == 0) {
- if (ret == 0) {
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &public_key);
- }
- }
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve448_init(&private_key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &private_key), 0);
+
+ ExpectIntEQ(wc_curve448_init(&public_key), 0);
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &public_key), 0);
+ ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
+ &outLen, endian), 0);
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(&private_key, &public_key, out,
- &outLen, endian);
- }
/* test bad cases */
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(NULL, NULL, NULL, 0, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(NULL, &public_key, out,
- &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(&private_key, NULL, out,
- &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(&private_key, &public_key, NULL,
- &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(&private_key, &public_key, out,
- NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, NULL, NULL, 0, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, &public_key, out, &outLen,
+ endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, NULL, out, &outLen,
+ endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, NULL,
+ &outLen, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
+ NULL, endian), BAD_FUNC_ARG);
outLen = outLen - 2;
- if (ret == 0) {
- ret = wc_curve448_shared_secret_ex(&private_key, &public_key, out,
- &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
+ &outLen, endian), BAD_FUNC_ARG);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&private_key);
wc_curve448_free(&public_key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-} /*END test_wc_curve448_shared_secret_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_shared_secret_ex*/
/*
* Testing test_wc_curve448_export_public_ex
*/
static int test_wc_curve448_export_public_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
WC_RNG rng;
curve448_key key;
byte out[CURVE448_KEY_SIZE];
word32 outLen = sizeof(out);
int endian = EC448_BIG_ENDIAN;
- int ret;
- ret = wc_curve448_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
- if (ret == 0) {
- ret = wc_curve448_export_public(&key, out, &outLen);
- }
- if (ret == 0) {
- ret = wc_curve448_export_public_ex(&key, out, &outLen, endian);
- }
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve448_export_public_ex(NULL, NULL, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_public_ex(NULL, out, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_public_ex(&key, NULL, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_public_ex(&key, out, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+
+ ExpectIntEQ(wc_curve448_export_public(&key, out, &outLen), 0);
+ ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian), 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve448_export_public_ex(NULL, NULL, NULL, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_public_ex(NULL, out, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_public_ex(&key, NULL, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_public_ex(&key, out, NULL, endian),
+ BAD_FUNC_ARG);
outLen = outLen - 2;
- if (ret == 0) {
- ret = wc_curve448_export_public_ex(&key, out, &outLen, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian),
+ ECC_BAD_ARG_E);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
-} /*END test_wc_curve448_export_public_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_export_public_ex*/
/*
* Testing test_wc_curve448_export_private_raw_ex
*/
static int test_wc_curve448_export_private_raw_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- curve448_key key;
- byte out[CURVE448_KEY_SIZE];
- word32 outLen = sizeof(out);
- int endian = EC448_BIG_ENDIAN;
- int ret;
+ curve448_key key;
+ byte out[CURVE448_KEY_SIZE];
+ word32 outLen = sizeof(out);
+ int endian = EC448_BIG_ENDIAN;
- ret = wc_curve448_init(&key);
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(&key, out, &outLen, endian);
- }
- /*test bad cases*/
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(NULL, NULL, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(NULL, out, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(&key, NULL, &outLen, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(&key, out, NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(&key, out, &outLen,
- EC448_LITTLE_ENDIAN);
- }
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian),
+ 0);
+ /* test bad cases*/
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, NULL, NULL, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, out, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, NULL, &outLen, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, NULL, endian),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen,
+ EC448_LITTLE_ENDIAN), 0);
outLen = outLen - 2;
- if (ret == 0) {
- ret = wc_curve448_export_private_raw_ex(&key, out, &outLen, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian),
+ ECC_BAD_ARG_E);
wc_curve448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-}/*END test_wc_curve448_export_private_raw_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_export_private_raw_ex*/
/*
* Testing test_wc_curve448_import_private_raw_ex
*/
static int test_wc_curve448_import_private_raw_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- WC_RNG rng;
- curve448_key key;
- byte priv[CURVE448_KEY_SIZE];
- byte pub[CURVE448_KEY_SIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
- int endian = EC448_BIG_ENDIAN;
- int ret;
-
- ret = wc_curve448_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
-
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
- if (ret == 0) {
- ret = wc_curve448_export_private_raw(&key, priv, &privSz);
- }
- if (ret == 0) {
- ret = wc_curve448_export_public(&key, pub, &pubSz);
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
- &key, endian);
- }
- }
+ curve448_key key;
+ WC_RNG rng;
+ byte priv[CURVE448_KEY_SIZE];
+ byte pub[CURVE448_KEY_SIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+ int endian = EC448_BIG_ENDIAN;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+
+ ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
+ ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
+ &key, endian), 0);
/* test bad cases */
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(NULL, 0, NULL, 0, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(NULL, privSz, pub, pubSz,
- &key, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(priv, privSz, NULL, pubSz,
- &key, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
- NULL, endian);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(priv, 0, pub, pubSz,
- &key, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, 0,
- &key, endian);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
- &key, EC448_LITTLE_ENDIAN);
-
- }
-
- if (wc_FreeRng(&rng) != 0 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, 0, NULL, 0, NULL, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, privSz, pub, pubSz,
+ &key, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, NULL, pubSz,
+ &key, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
+ NULL, endian), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, 0, pub, pubSz,
+ &key, endian), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, 0,
+ &key, endian), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
+ &key, EC448_LITTLE_ENDIAN), 0);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-} /*END test_wc_curve448_import_private_raw_ex*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_import_private_raw_ex*/
/*
* Testing test_curve448_export_key_raw
*/
static int test_wc_curve448_export_key_raw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- WC_RNG rng;
- curve448_key key;
- byte priv[CURVE448_KEY_SIZE];
- byte pub[CURVE448_KEY_SIZE];
- word32 privSz = sizeof(priv);
- word32 pubSz = sizeof(pub);
- int ret;
-
- ret = wc_curve448_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
-
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
- if (ret == 0) {
- ret = wc_curve448_export_private_raw(&key, priv, &privSz);
- }
- if (ret == 0) {
- ret = wc_curve448_export_public(&key, pub, &pubSz);
- }
- if (ret == 0) {
- ret = wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz);
- }
- }
+ curve448_key key;
+ WC_RNG rng;
+ byte priv[CURVE448_KEY_SIZE];
+ byte pub[CURVE448_KEY_SIZE];
+ word32 privSz = sizeof(priv);
+ word32 pubSz = sizeof(pub);
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+
+ ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
+ ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0);
+ ExpectIntEQ(wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz),
+ 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_curve448_free(&key);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-}/*END test_wc_curve448_import_private_raw_ex*/
-
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_import_private_raw_ex*/
/*
* Testing test_wc_curve448_import_private
*/
static int test_wc_curve448_import_private(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- curve448_key key;
- WC_RNG rng;
- byte priv[CURVE448_KEY_SIZE];
- word32 privSz = sizeof(priv);
- int ret;
+ curve448_key key;
+ WC_RNG rng;
+ byte priv[CURVE448_KEY_SIZE];
+ word32 privSz = sizeof(priv);
- ret = wc_curve448_init(&key);
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
- if (ret == 0) {
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
- if (ret == 0) {
- ret = wc_curve448_export_private_raw(&key, priv, &privSz);
- }
- }
- if (ret == 0) {
- ret = wc_curve448_import_private(priv, privSz, &key);
- }
- wc_curve448_free(&key);
- wc_FreeRng(&rng);
+ ExpectIntEQ(wc_curve448_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
+ ExpectIntEQ(wc_curve448_import_private(priv, privSz, &key), 0);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_curve448_free(&key);
#endif
- return res;
-} /*END test_wc_curve448_import*/
+ return EXPECT_RESULT();
+} /* END test_wc_curve448_import*/
/*
* Testing test_wc_curve448_size.
*/
static int test_wc_curve448_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_CURVE448)
- curve448_key key;
- int ret = 0;
+ curve448_key key;
- ret = wc_curve448_init(&key);
+ ExpectIntEQ(wc_curve448_init(&key), 0);
/* Test good args for wc_curve448_size */
- if (ret == 0) {
- ret = wc_curve448_size(&key);
- }
-
+ ExpectIntEQ(wc_curve448_size(&key), CURVE448_KEY_SIZE);
/* Test bad args for wc_curve448_size */
- if (ret != 0) {
- ret = wc_curve448_size(NULL);
- }
+ ExpectIntEQ(wc_curve448_size(NULL), 0);
wc_curve448_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_curve448_size*/
/*
@@ -25918,50 +23602,35 @@ static int test_wc_curve448_size(void)
*/
static int test_wc_ecc_make_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
- WC_RNG rng;
ecc_key key;
+ WC_RNG rng;
int ret;
- ret = wc_InitRng(&rng);
- if (ret != 0)
- return TEST_FAIL;
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- /* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_make_key(NULL, KEY14, &key);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_make_key(&rng, KEY14, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- wc_ecc_free(&key);
- }
+ /* Pass in bad args. */
+ ExpectIntEQ(wc_ecc_make_key(NULL, KEY14, &key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_make_key(&rng, KEY14, NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) != 0 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_make_key */
@@ -25970,28 +23639,19 @@ static int test_wc_ecc_make_key(void)
*/
static int test_wc_ecc_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_ECC
- ecc_key key;
- int ret;
+ ecc_key key;
- ret = wc_ecc_init(&key);
+ XMEMSET(&key, 0, sizeof(ecc_key));
+
+ ExpectIntEQ(wc_ecc_init(&key), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_init(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_init(NULL), BAD_FUNC_ARG);
wc_ecc_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_init */
/*
@@ -25999,53 +23659,36 @@ static int test_wc_ecc_init(void)
*/
static int test_wc_ecc_check_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
- WC_RNG rng;
- ecc_key key;
- int ret;
+ ecc_key key;
+ WC_RNG rng;
+ int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- ret = wc_ecc_check_key(&key);
- }
+ ExpectIntEQ(wc_ecc_check_key(&key), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_check_key(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_check_key(NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_check_key */
/*
@@ -26053,40 +23696,28 @@ static int test_wc_ecc_check_key(void)
*/
static int test_wc_ecc_get_generator(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
- ecc_point* pt;
- int ret = 0;
+ ecc_point* pt = NULL;
- pt = wc_ecc_new_point();
- if (!pt) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectNotNull(pt = wc_ecc_new_point());
- if (ret == 0) {
- ret = wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1));
- }
+ ExpectIntEQ(wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1)),
+ MP_OKAY);
/* Test bad args. */
- if (ret == MP_OKAY) {
- /* Returns Zero for bad arg. */
- ret = wc_ecc_get_generator(pt, -1);
- if (ret != MP_OKAY)
- wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1));
- if (ret != MP_OKAY)
- wc_ecc_get_generator(pt, 1000); /* If we ever get to 1000 curves
- * increase this number */
- if (ret != MP_OKAY)
- wc_ecc_get_generator(NULL, -1);
- ret = (ret == MP_OKAY) ? WOLFSSL_FATAL_ERROR : 0;
- }
+ /* Returns Zero for bad arg. */
+ ExpectIntNE(wc_ecc_get_generator(pt, -1), MP_OKAY);
+ ExpectIntNE(wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1)),
+ MP_OKAY);
+ /* If we ever get to 1000 curves increase this number */
+ ExpectIntNE(wc_ecc_get_generator(pt, 1000), MP_OKAY);
+ ExpectIntNE(wc_ecc_get_generator(NULL, -1), MP_OKAY);
wc_ecc_del_point(pt);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_get_generator */
/*
@@ -26094,54 +23725,37 @@ static int test_wc_ecc_get_generator(void)
*/
static int test_wc_ecc_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
WC_RNG rng;
ecc_key key;
int ret;
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- ret = wc_ecc_size(&key);
- if (ret == KEY14) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_size(&key), KEY14);
/* Test bad args. */
- if (ret == 0) {
- /* Returns Zero for bad arg. */
- ret = wc_ecc_size(NULL);
- }
+ /* Returns Zero for bad arg. */
+ ExpectIntEQ(wc_ecc_size(NULL), 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_size */
static int test_wc_ecc_params(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
/* FIPS/CAVP self-test modules do not have `wc_ecc_get_curve_params`.
It was added after certifications */
#if defined(HAVE_ECC) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
@@ -26149,20 +23763,17 @@ static int test_wc_ecc_params(void)
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
/* Test for SECP256R1 curve */
int curve_id = ECC_SECP256R1;
- int curve_idx = wc_ecc_get_curve_idx(curve_id);
- AssertIntNE(curve_idx, ECC_CURVE_INVALID);
- ecc_set = wc_ecc_get_curve_params(curve_idx);
- AssertNotNull(ecc_set);
- AssertIntEQ(ecc_set->id, curve_id);
+ int curve_idx;
+
+ ExpectIntNE(curve_idx = wc_ecc_get_curve_idx(curve_id), ECC_CURVE_INVALID);
+ ExpectNotNull(ecc_set = wc_ecc_get_curve_params(curve_idx));
+ ExpectIntEQ(ecc_set->id, curve_id);
#endif
/* Test case when SECP256R1 is not enabled */
/* Test that we get curve params for index 0 */
- ecc_set = wc_ecc_get_curve_params(0);
- AssertNotNull(ecc_set);
-
- res = TEST_RES_CHECK(1);
+ ExpectNotNull(ecc_set = wc_ecc_get_curve_params(0));
#endif /* HAVE_ECC && !HAVE_FIPS && !HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
/*
@@ -26170,127 +23781,87 @@ static int test_wc_ecc_params(void)
*/
static int test_wc_ecc_signVerify_hash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) && !defined(WC_NO_RNG)
- WC_RNG rng;
- ecc_key key;
- int ret;
- int signH = WOLFSSL_FATAL_ERROR;
- #ifdef HAVE_ECC_VERIFY
- int verifyH = WOLFSSL_FATAL_ERROR;
- int verify = 0;
- #endif
- word32 siglen = ECC_BUFSIZE;
- byte sig[ECC_BUFSIZE];
- byte adjustedSig[ECC_BUFSIZE+1];
- byte digest[] = TEST_STRING;
- word32 digestlen = (word32)TEST_STRING_SZ;
+ ecc_key key;
+ WC_RNG rng;
+ int ret;
+#ifdef HAVE_ECC_VERIFY
+ int verify = 0;
+#endif
+ word32 siglen = ECC_BUFSIZE;
+ byte sig[ECC_BUFSIZE];
+ byte adjustedSig[ECC_BUFSIZE+1];
+ byte digest[] = TEST_STRING;
+ word32 digestlen = (word32)TEST_STRING_SZ;
/* Init stack var */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(sig, 0, siglen);
- XMEMSET(&key, 0, sizeof(key));
XMEMSET(adjustedSig, 0, ECC_BUFSIZE+1);
/* Init structs. */
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- ret = wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key);
- }
+ ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key),
+ 0);
/* Check bad args. */
- if (ret == 0) {
- signH = wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key);
- if (signH == ECC_BAD_ARG_E) {
- signH = wc_ecc_sign_hash(digest, digestlen, NULL, &siglen,
- &rng, &key);
- }
- if (signH == ECC_BAD_ARG_E) {
- signH = wc_ecc_sign_hash(digest, digestlen, sig, NULL,
- &rng, &key);
- }
- if (signH == ECC_BAD_ARG_E) {
- signH = wc_ecc_sign_hash(digest, digestlen, sig, &siglen,
- NULL, &key);
- }
- if (signH == ECC_BAD_ARG_E) {
- signH = wc_ecc_sign_hash(digest, digestlen, sig, &siglen,
- &rng, NULL);
- }
- if (signH == ECC_BAD_ARG_E) {
- signH = 0;
- }
- else {
- signH = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, NULL, &siglen, &rng, &key),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, NULL, &rng, &key),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, NULL, &key),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, NULL),
+ ECC_BAD_ARG_E);
#ifdef HAVE_ECC_VERIFY
- ret = wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify, &key);
- if (verify != 1 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
+ &key), 0);
+ ExpectIntEQ(verify, 1);
/* test check on length of signature passed in */
XMEMCPY(adjustedSig, sig, siglen);
adjustedSig[1] = adjustedSig[1] + 1; /* add 1 to length for extra byte*/
#ifndef NO_STRICT_ECDSA_LEN
- AssertIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
- &verify, &key), 0);
+ ExpectIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
+ &verify, &key), 0);
#else
/* if NO_STRICT_ECDSA_LEN is set then extra bytes after the signature
* is allowed */
- AssertIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
- &verify, &key), 0);
+ ExpectIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
+ &verify, &key), 0);
#endif
/* Test bad args. */
- if (ret == 0) {
- verifyH = wc_ecc_verify_hash(NULL, siglen, digest, digestlen,
- &verify, &key);
- if (verifyH == ECC_BAD_ARG_E) {
- verifyH = wc_ecc_verify_hash(sig, siglen, NULL, digestlen,
- &verify, &key);
- }
- if (verifyH == ECC_BAD_ARG_E) {
- verifyH = wc_ecc_verify_hash(sig, siglen, digest, digestlen,
- NULL, &key);
- }
- if (verifyH == ECC_BAD_ARG_E) {
- verifyH = wc_ecc_verify_hash(sig, siglen, digest, digestlen,
- &verify, NULL);
- }
- if (verifyH == ECC_BAD_ARG_E) {
- verifyH = 0;
- }
- else {
- verifyH = WOLFSSL_FATAL_ERROR;
- }
- }
-
+ ExpectIntEQ(wc_ecc_verify_hash(NULL, siglen, digest, digestlen, &verify,
+ &key), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, NULL, digestlen, &verify, &key),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, NULL, &key),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
+ NULL), ECC_BAD_ARG_E);
#endif /* HAVE_ECC_VERIFY */
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0 && signH == 0 && verifyH == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_sign_hash */
@@ -26299,11 +23870,14 @@ static int test_wc_ecc_signVerify_hash(void)
*/
static int test_wc_ecc_shared_secret(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG)
- ecc_key key, pubKey;
+ ecc_key key;
+ ecc_key pubKey;
WC_RNG rng;
+#if defined(NO_ECC256)
int ret;
+#endif
byte out[KEY32];
int keySz = sizeof(out);
word32 outlen = (word32)sizeof(out);
@@ -26328,102 +23902,68 @@ static int test_wc_ecc_shared_secret(void)
PRIVATE_KEY_UNLOCK();
/* Initialize variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&pubKey, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, keySz);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- XMEMSET(&pubKey, 0, sizeof(pubKey));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_init(&pubKey);
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_ecc_init(&pubKey), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
-#if defined(HAVE_ECC) && !defined(NO_ECC256)
- if (ret == 0) {
- ret = wc_ecc_import_raw(&key, qx, qy, d, curveName);
- }
- if (ret == 0) {
- ret = wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName);
- }
+#if !defined(NO_ECC256)
+ ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
+ ExpectIntEQ(wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName), 0);
#else
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &pubKey);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &pubKey.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
+ ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+ ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
#endif
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
- if (ret == 0) {
- ret = wc_ecc_set_rng(&key, &rng);
- }
+ ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
#endif
- if (ret == 0) {
- ret = wc_ecc_shared_secret(&key, &pubKey, out, &outlen);
+ ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen), 0);
-#if defined(HAVE_ECC) && !defined(NO_ECC256)
- if (ret == 0) {
- if (0 != XMEMCMP(out, expected_shared_secret, outlen)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+#if !defined(NO_ECC256)
+ ExpectIntEQ(XMEMCMP(out, expected_shared_secret, outlen), 0);
#endif
- /* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_shared_secret(NULL, &pubKey, out, &outlen);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_shared_secret(&key, NULL, out, &outlen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_shared_secret(&key, &pubKey, out, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- /* Invalid length */
- outlen = 1;
- ret = wc_ecc_shared_secret(&key, &pubKey, out, &outlen);
- }
-
- if (ret == BUFFER_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ /* Test bad args. */
+ ExpectIntEQ(wc_ecc_shared_secret(NULL, &pubKey, out, &outlen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_shared_secret(&key, NULL, out, &outlen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, NULL),
+ BAD_FUNC_ARG);
+ /* Invalid length */
+ outlen = 1;
+ ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen),
+ BUFFER_E);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ecc_free(&key);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&pubKey);
+ wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
PRIVATE_KEY_LOCK();
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END tests_wc_ecc_shared_secret */
/*
@@ -26431,59 +23971,39 @@ static int test_wc_ecc_shared_secret(void)
*/
static int test_wc_ecc_export_x963(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
byte out[ECC_ASN963_MAX_BUF_SZ];
word32 outlen = sizeof(out);
- int ret = 0;
+ int ret;
PRIVATE_KEY_UNLOCK();
/* Initialize variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY20, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
- if (ret == 0) {
- ret = wc_ecc_export_x963(&key, out, &outlen);
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY20, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+
+ ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_export_x963(NULL, out, &outlen);
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_export_x963(&key, NULL, &outlen);
- }
- if (ret == LENGTH_ONLY_E) {
- ret = wc_ecc_export_x963(&key, out, NULL);
- }
- if (ret == ECC_BAD_ARG_E) {
- key.idx = -4;
- ret = wc_ecc_export_x963(&key, out, &outlen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_export_x963(NULL, out, &outlen), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_export_x963(&key, NULL, &outlen), LENGTH_ONLY_E);
+ ExpectIntEQ(wc_ecc_export_x963(&key, out, NULL), ECC_BAD_ARG_E);
+ key.idx = -4;
+ ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), ECC_BAD_ARG_E);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
@@ -26491,10 +24011,8 @@ static int test_wc_ecc_export_x963(void)
#endif
PRIVATE_KEY_LOCK();
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_export_x963 */
/*
@@ -26503,11 +24021,11 @@ static int test_wc_ecc_export_x963(void)
*/
static int test_wc_ecc_export_x963_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
- int ret = 0;
+ int ret;
byte out[ECC_ASN963_MAX_BUF_SZ];
word32 outlen = sizeof(out);
#ifdef HAVE_COMP_KEY
@@ -26515,97 +24033,58 @@ static int test_wc_ecc_export_x963_ex(void)
#endif
/* Init stack variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY64, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY64, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- #ifdef HAVE_COMP_KEY
- if (ret == 0) {
- ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
- }
- #else
- if (ret == 0) {
- ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP);
- }
- #endif
+#ifdef HAVE_COMP_KEY
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), 0);
+#else
+ ExpectIntEQ(ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP), 0);
+#endif
/* Test bad args. */
- #ifdef HAVE_COMP_KEY
- if (ret == 0) {
- ret = wc_ecc_export_x963_ex(NULL, out, &outlen, COMP);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_x963_ex(&key, out, NULL, COMP);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP);
- }
+#ifdef HAVE_COMP_KEY
+ ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, COMP), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, COMP), BAD_FUNC_ARG);
#if defined(HAVE_FIPS) && (!defined(FIPS_VERSION_LT) || FIPS_VERSION_LT(5,3))
- if (ret == BUFFER_E)
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP), BUFFER_E);
#else
- if (ret == LENGTH_ONLY_E)
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP),
+ LENGTH_ONLY_E);
+#endif
+ key.idx = -4;
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), ECC_BAD_ARG_E);
+#else
+ ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP),
+ LENGTH_ONLY_E);
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, 1), NOT_COMPILED_IN);
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP),
+ ECC_BAD_ARG_E);
+ key.idx = -4;
+ ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP),
+ ECC_BAD_ARG_E);
#endif
- {
- key.idx = -4;
- ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #else
- if (ret == 0) {
- ret = wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_x963_ex(&key, out, &outlen, 1);
- }
- if (ret == NOT_COMPILED_IN) {
- ret = wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP);
- }
- if (ret == BAD_FUNC_ARG) {
- key.idx = -4;
- ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- #endif
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_export_x963_ex */
/*
@@ -26613,85 +24092,63 @@ static int test_wc_ecc_export_x963_ex(void)
*/
static int test_wc_ecc_import_x963(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
- ecc_key pubKey, key;
+ ecc_key pubKey;
+ ecc_key key;
WC_RNG rng;
byte x963[ECC_ASN963_MAX_BUF_SZ];
word32 x963Len = (word32)sizeof(x963);
int ret;
/* Init stack variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&pubKey, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(x963, 0, x963Len);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- XMEMSET(&pubKey, 0, sizeof(pubKey));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&pubKey);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- }
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY24, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- PRIVATE_KEY_UNLOCK();
- ret = wc_ecc_export_x963(&key, x963, &x963Len);
- PRIVATE_KEY_LOCK();
- }
- }
+ ExpectIntEQ(wc_ecc_init(&pubKey), 0);
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY24, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- ret = wc_ecc_import_x963(x963, x963Len, &pubKey);
- }
+ PRIVATE_KEY_UNLOCK();
+ ExpectIntEQ(wc_ecc_export_x963(&key, x963, &x963Len), 0);
+ PRIVATE_KEY_LOCK();
+
+ ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, &pubKey), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_import_x963(NULL, x963Len, &pubKey);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_x963(x963, x963Len, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_x963(x963, x963Len + 1, &pubKey);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_import_x963(NULL, x963Len, &pubKey), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_x963(x963, x963Len + 1, &pubKey), ECC_BAD_ARG_E);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
wc_ecc_free(&pubKey);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END wc_ecc_import_x963 */
/*
* testing wc_ecc_import_private_key()
*/
-static int ecc_import_private_key(void)
+static int test_wc_ecc_import_private_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
- ecc_key key, keyImp;
+ ecc_key key;
+ ecc_key keyImp;
WC_RNG rng;
byte privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/
byte x963Key[ECC_ASN963_MAX_BUF_SZ];
@@ -26700,68 +24157,44 @@ static int ecc_import_private_key(void)
int ret;
/* Init stack variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&keyImp, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(privKey, 0, privKeySz);
XMEMSET(x963Key, 0, x963KeySz);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- XMEMSET(&keyImp, 0, sizeof(keyImp));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_init(&keyImp);
- }
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY48, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- PRIVATE_KEY_UNLOCK();
- ret = wc_ecc_export_x963(&key, x963Key, &x963KeySz);
- PRIVATE_KEY_LOCK();
- }
- if (ret == 0) {
- ret = wc_ecc_export_private_only(&key, privKey, &privKeySz);
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_ecc_init(&keyImp), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY48, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- ret = wc_ecc_import_private_key(privKey, privKeySz, x963Key,
- x963KeySz, &keyImp);
- }
+ PRIVATE_KEY_UNLOCK();
+ ExpectIntEQ(wc_ecc_export_x963(&key, x963Key, &x963KeySz), 0);
+ PRIVATE_KEY_LOCK();
+ ExpectIntEQ(wc_ecc_export_private_only(&key, privKey, &privKeySz), 0);
+
+ ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
+ x963KeySz, &keyImp), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_import_private_key(privKey, privKeySz, x963Key,
- x963KeySz, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_private_key(NULL, privKeySz, x963Key,
- x963KeySz, &keyImp);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
+ x963KeySz, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_private_key(NULL, privKeySz, x963Key, x963KeySz,
+ &keyImp), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ecc_free(&key);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&keyImp);
+ wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-} /* END wc_ecc_import_private_key */
+ return EXPECT_RESULT();
+} /* END test_wc_ecc_import_private_key */
/*
@@ -26769,7 +24202,7 @@ static int ecc_import_private_key(void)
*/
static int test_wc_ecc_export_private_only(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
ecc_key key;
WC_RNG rng;
@@ -26778,52 +24211,32 @@ static int test_wc_ecc_export_private_only(void)
int ret;
/* Init stack variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(out, 0, outlen);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY32, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
- if (ret == 0) {
- ret = wc_ecc_export_private_only(&key, out, &outlen);
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY32, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+
+ ExpectIntEQ(wc_ecc_export_private_only(&key, out, &outlen), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_export_private_only(NULL, out, &outlen);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_private_only(&key, NULL, &outlen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_export_private_only(&key, out, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_export_private_only(NULL, out, &outlen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_export_private_only(&key, NULL, &outlen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_export_private_only(&key, out, NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_export_private_only */
@@ -26832,183 +24245,136 @@ static int test_wc_ecc_export_private_only(void)
*/
static int test_wc_ecc_rs_to_sig(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ASN)
/* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */
- const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
- const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
- const char* zeroStr = "0";
- byte sig[ECC_MAX_SIG_SIZE];
- word32 siglen = (word32)sizeof(sig);
- /*R and S max size is the order of curve. 2^192.*/
- int keySz = KEY24;
- byte r[KEY24];
- byte s[KEY24];
- word32 rlen = (word32)sizeof(r);
- word32 slen = (word32)sizeof(s);
- int ret;
+ const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
+ const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
+ const char* zeroStr = "0";
+ byte sig[ECC_MAX_SIG_SIZE];
+ word32 siglen = (word32)sizeof(sig);
+ /* R and S max size is the order of curve. 2^192.*/
+ int keySz = KEY24;
+ byte r[KEY24];
+ byte s[KEY24];
+ word32 rlen = (word32)sizeof(r);
+ word32 slen = (word32)sizeof(s);
/* Init stack variables. */
XMEMSET(sig, 0, ECC_MAX_SIG_SIZE);
XMEMSET(r, 0, keySz);
XMEMSET(s, 0, keySz);
- ret = wc_ecc_rs_to_sig(R, S, sig, &siglen);
- if (ret == 0) {
- ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen);
- #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
- if (ret == ASN_PARSE_E) {
- ret = 0;
- }
- #endif
- }
+ ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, &siglen), 0);
+ ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_rs_to_sig(NULL, S, sig, &siglen);
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_rs_to_sig(R, NULL, sig, &siglen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_rs_to_sig(R, S, sig, NULL);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_rs_to_sig(R, S, NULL, &siglen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen);
- }
- if (ret == MP_ZERO_E) {
- ret = wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen);
- }
- if (ret == MP_ZERO_E) {
- ret = wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_ecc_rs_to_sig(NULL, S, sig, &siglen), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_rs_to_sig(R, NULL, sig, &siglen), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, NULL), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_rs_to_sig(R, S, NULL, &siglen), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen), MP_ZERO_E);
+ ExpectIntEQ(wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen), MP_ZERO_E);
+ ExpectIntEQ(wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL),
+ ECC_BAD_ARG_E);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_rs_to_sig */
static int test_wc_ecc_import_raw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256)
ecc_key key;
- int ret = 0;
const char* qx =
- "bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
+ "bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
const char* qy =
- "02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
+ "02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
const char* d =
- "45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
+ "45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
const char* curveName = "SECP256R1";
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
const char* kNullStr = "";
+ int ret;
#endif
- ret = wc_ecc_init(&key);
+ XMEMSET(&key, 0, sizeof(ecc_key));
+
+ ExpectIntEQ(wc_ecc_init(&key), 0);
/* Test good import */
- if (ret == 0) {
- ret = wc_ecc_import_raw(&key, qx, qy, d, curveName);
- }
+ ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_import_raw(NULL, qx, qy, d, curveName);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_raw(&key, NULL, qy, d, curveName);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_raw(&key, qx, NULL, d, curveName);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_raw(&key, qx, qy, d, NULL);
- }
- #ifdef WOLFSSL_VALIDATE_ECC_IMPORT
- if (ret == BAD_FUNC_ARG) {
- #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
- wc_ecc_free(&key);
- #endif
- ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr, curveName);
- if (ret == ECC_INF_E)
- ret = BAD_FUNC_ARG; /* This is expected by other tests */
- }
+ ExpectIntEQ(wc_ecc_import_raw(NULL, qx, qy, d, curveName), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_raw(&key, NULL, qy, d, curveName), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_raw(&key, qx, NULL, d, curveName), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, NULL), BAD_FUNC_ARG);
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+ #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+ wc_ecc_free(&key);
#endif
- #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
- if (ret == BAD_FUNC_ARG) {
- #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
- wc_ecc_free(&key);
- #endif
- ret = wc_ecc_import_raw(&key, "0", qy, d, curveName);
- /* Note: SP math "is point" failure returns MP_VAL */
- if (ret == ECC_INF_E || ret == MP_VAL) {
- ret = BAD_FUNC_ARG; /* This is expected by other tests */
- }
- }
- if (ret == BAD_FUNC_ARG) {
- #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
- wc_ecc_free(&key);
- #endif
- ret = wc_ecc_import_raw(&key, qx, "0", d, curveName);
- /* Note: SP math "is point" failure returns MP_VAL */
- if (ret == ECC_INF_E || ret == MP_VAL) {
- ret = BAD_FUNC_ARG; /* This is expected by other tests */
- }
- }
+ ExpectIntLT(ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr,
+ curveName), 0);
+ ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG));
+#endif
+#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
+ #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+ wc_ecc_free(&key);
#endif
-
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+ ExpectIntLT(ret = wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
+ ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL));
+#else
+ ExpectIntEQ(wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
+#endif
+ #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+ wc_ecc_free(&key);
+ #endif
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+ ExpectIntLT(ret = wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
+ ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL));
+#else
+ ExpectIntEQ(wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
+#endif
+ #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+ wc_ecc_free(&key);
+ #endif
+ ExpectIntEQ(wc_ecc_import_raw(&key, "0", "0", d, curveName), ECC_INF_E);
+#endif
wc_ecc_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_import_raw */
static int test_wc_ecc_import_unsigned(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
- (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2))
- ecc_key key;
- const byte qx[] = {
+ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ HAVE_FIPS_VERSION >= 2))
+ ecc_key key;
+ const byte qx[] = {
0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6,
0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36,
0xdb, 0x72, 0x2d, 0xce, 0x94, 0xea, 0x2b, 0xfa,
0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61
};
- const byte qy[] = {
+ const byte qy[] = {
0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a,
0x31, 0x5b, 0x97, 0x92, 0x21, 0x7f, 0xf0, 0xcf,
0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8,
0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8
};
- const byte d[] = {
+ const byte d[] = {
0x45, 0xb6, 0x69, 0x02, 0x73, 0x9c, 0x6c, 0x85,
0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac,
0xc4, 0x03, 0x8d, 0x53, 0x35, 0x04, 0xfa, 0x6c,
@@ -27016,48 +24382,34 @@ static int test_wc_ecc_import_unsigned(void)
};
#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
const byte nullBytes[32] = {0};
-#endif
- int curveId = ECC_SECP256R1;
int ret;
+#endif
+ int curveId = ECC_SECP256R1;
- ret = wc_ecc_init(&key);
+ XMEMSET(&key, 0, sizeof(ecc_key));
- if (ret == 0) {
- ret = wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
- curveId);
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+
+ ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
+ curveId), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d,
- curveId);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d,
- curveId);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d,
- curveId);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
- ECC_CURVE_INVALID);
- }
- #ifdef WOLFSSL_VALIDATE_ECC_IMPORT
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes,
- (byte*)nullBytes, (byte*)nullBytes, curveId);
- }
- #endif
- if (ret == BAD_FUNC_ARG || ret == ECC_INF_E) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d,
+ curveId), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d,
+ curveId), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d,
+ curveId), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
+ ECC_CURVE_INVALID), BAD_FUNC_ARG);
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+ ExpectIntLT(ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes,
+ (byte*)nullBytes, (byte*)nullBytes, curveId), 0);
+ ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG));
+#endif
wc_ecc_free(&key);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_import_unsigned */
@@ -27066,41 +24418,31 @@ static int test_wc_ecc_import_unsigned(void)
*/
static int test_wc_ecc_sig_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
- ecc_key key;
- WC_RNG rng;
- int keySz = KEY16;
- int ret = 0;
+ ecc_key key;
+ WC_RNG rng;
+ int keySz = KEY16;
+ int ret;
XMEMSET(&rng, 0, sizeof(rng));
XMEMSET(&key, 0, sizeof(key));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
- if (ret == 0) {
- ret = wc_ecc_sig_size(&key);
- if (ret <= (2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ)) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ecc_free(&key);
+ ExpectIntLE(wc_ecc_sig_size(&key),
+ (2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ));
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ecc_free(&key);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_sig_size */
/*
@@ -27108,47 +24450,30 @@ static int test_wc_ecc_sig_size(void)
*/
static int test_wc_ecc_ctx_new(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
- WC_RNG rng;
- int ret = 0;
- ecEncCtx* cli = NULL;
- ecEncCtx* srv = NULL;
+ WC_RNG rng;
+ ecEncCtx* cli = NULL;
+ ecEncCtx* srv = NULL;
- ret = wc_InitRng(&rng);
-
- if (ret == 0) {
- cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
- srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
- }
- if (ret == 0 && (cli == NULL || srv == NULL)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectNotNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+ ExpectNotNull(srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
wc_ecc_ctx_free(cli);
+ cli = NULL;
wc_ecc_ctx_free(srv);
/* Test bad args. */
- if (ret == 0) {
- /* wc_ecc_ctx_new_ex() will free if returned NULL. */
- cli = wc_ecc_ctx_new(0, &rng);
- if (cli != NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL);
- if (cli != NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ /* wc_ecc_ctx_new_ex() will free if returned NULL. */
+ ExpectNull(cli = wc_ecc_ctx_new(0, &rng));
+ ExpectNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL));
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_ctx_free(cli);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_new */
/*
@@ -27156,45 +24481,26 @@ static int test_wc_ecc_ctx_new(void)
*/
static int test_wc_ecc_ctx_reset(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
- ecEncCtx* ctx = NULL;
- WC_RNG rng;
- int ret = 0;
+ ecEncCtx* ctx = NULL;
+ WC_RNG rng;
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- if ( (ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL ) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ XMEMSET(&rng, 0, sizeof(rng));
- if (ret == 0) {
- ret = wc_ecc_ctx_reset(ctx, &rng);
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+
+ ExpectIntEQ(wc_ecc_ctx_reset(ctx, &rng), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_ctx_reset(NULL, &rng);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_ctx_reset(ctx, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_ctx_reset(NULL, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_ctx_reset(ctx, NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
wc_ecc_ctx_free(ctx);
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_reset */
/*
@@ -27202,65 +24508,36 @@ static int test_wc_ecc_ctx_reset(void)
*/
static int test_wc_ecc_ctx_set_peer_salt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
- WC_RNG rng;
- ecEncCtx* cliCtx = NULL;
- ecEncCtx* servCtx = NULL;
- const byte* cliSalt = NULL;
- const byte* servSalt = NULL;
- int ret = 0;
-
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- if ( ( (cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL ) ||
- ( (servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng)) == NULL) ) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ WC_RNG rng;
+ ecEncCtx* cliCtx = NULL;
+ ecEncCtx* servCtx = NULL;
+ const byte* cliSalt = NULL;
+ const byte* servSalt = NULL;
+
+ XMEMSET(&rng, 0, sizeof(rng));
+
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectNotNull(cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+ ExpectNotNull(servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
/* Test bad args. */
- if (ret == 0) {
- cliSalt = wc_ecc_ctx_get_own_salt(NULL);
- if (cliSalt != NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectNull(cliSalt = wc_ecc_ctx_get_own_salt(NULL));
- if (ret == 0) {
- cliSalt = wc_ecc_ctx_get_own_salt(cliCtx);
- servSalt = wc_ecc_ctx_get_own_salt(servCtx);
- if (cliSalt == NULL || servSalt == NULL) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectNotNull(cliSalt = wc_ecc_ctx_get_own_salt(cliCtx));
+ ExpectNotNull(servSalt = wc_ecc_ctx_get_own_salt(servCtx));
- if (ret == 0) {
- ret = wc_ecc_ctx_set_peer_salt(cliCtx, servSalt);
- }
+ ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, servSalt), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_ctx_set_peer_salt(NULL, servSalt);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_ctx_set_peer_salt(cliCtx, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_ctx_set_peer_salt(NULL, servSalt), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, NULL), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
wc_ecc_ctx_free(cliCtx);
wc_ecc_ctx_free(servCtx);
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_set_peer_salt */
@@ -27269,48 +24546,31 @@ static int test_wc_ecc_ctx_set_peer_salt(void)
*/
static int test_wc_ecc_ctx_set_info(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
ecEncCtx* ctx = NULL;
WC_RNG rng;
- int ret;
const char* optInfo = "Optional Test Info.";
int optInfoSz = (int)XSTRLEN(optInfo);
const char* badOptInfo = NULL;
- ret = wc_InitRng(&rng);
- if ( (ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL || ret != 0 ) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ XMEMSET(&rng, 0, sizeof(rng));
- if (ret == 0) {
- ret = wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz);
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+
+ ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1), BAD_FUNC_ARG);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
wc_ecc_ctx_free(ctx);
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_ctx_set_info */
/*
@@ -27318,10 +24578,12 @@ static int test_wc_ecc_ctx_set_info(void)
*/
static int test_wc_ecc_encryptDecrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) && \
defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
- ecc_key srvKey, cliKey, tmpKey;
+ ecc_key srvKey;
+ ecc_key cliKey;
+ ecc_key tmpKey;
WC_RNG rng;
int ret;
const char* msg = "EccBlock Size 16";
@@ -27332,7 +24594,8 @@ static int test_wc_ecc_encryptDecrypt(void)
byte out[KEY20 * 2 + 1 + AES_BLOCK_SIZE +
(sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
#else
- byte out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
+ byte out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) +
+ WC_SHA256_DIGEST_SIZE];
#endif
word32 outSz = (word32)sizeof(out);
byte plain[sizeof("EccBlock Size 16")];
@@ -27343,130 +24606,78 @@ static int test_wc_ecc_encryptDecrypt(void)
XMEMSET(out, 0, outSz);
XMEMSET(plain, 0, plainSz);
XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&srvKey, 0, sizeof(srvKey));
- XMEMSET(&cliKey, 0, sizeof(cliKey));
+ XMEMSET(&srvKey, 0, sizeof(ecc_key));
+ XMEMSET(&cliKey, 0, sizeof(ecc_key));
+ XMEMSET(&tmpKey, 0, sizeof(ecc_key));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&cliKey);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &cliKey);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- ret = wc_ecc_init(&srvKey);
- }
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &srvKey);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- ret = wc_ecc_init(&tmpKey);
- }
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ecc_init(&cliKey), 0);
+ ret = wc_ecc_make_key(&rng, keySz, &cliKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+
+ ExpectIntEQ(wc_ecc_init(&srvKey), 0);
+ ret = wc_ecc_make_key(&rng, keySz, &srvKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+
+ ExpectIntEQ(wc_ecc_init(&tmpKey), 0);
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
- if (ret == 0) {
- ret = wc_ecc_set_rng(&srvKey, &rng);
- }
- if (ret == 0) {
- ret = wc_ecc_set_rng(&cliKey, &rng);
- }
+ ExpectIntEQ(wc_ecc_set_rng(&srvKey, &rng), 0);
+ ExpectIntEQ(wc_ecc_set_rng(&cliKey, &rng), 0);
#endif
- if (ret == 0) {
- ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
- &outSz, NULL);
- }
- if (ret == 0) {
- ret = wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out,
- &outSz, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out,
- &outSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out,
- &outSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
- &outSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
- NULL, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
+ &outSz, NULL), 0);
+ /* Test bad args. */
+ ExpectIntEQ(wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out, &outSz,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out, &outSz,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out, &outSz,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
+ &outSz, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out, NULL,
+ NULL), BAD_FUNC_ARG);
#ifdef WOLFSSL_ECIES_OLD
- if (ret == 0) {
- tmpKey.dp = cliKey.dp;
- ret = wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey);
- }
+ tmpKey.dp = cliKey.dp;
+ ExpectIntEQ(wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey), 0);
#endif
- if (ret == 0) {
- ret = wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain,
- &plainSz, NULL);
- }
- if (ret == 0) {
- ret = wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain,
- &plainSz, NULL);
- #ifdef WOLFSSL_ECIES_OLD
- /* NULL parameter allowed in new implementations - public key comes from
- * the message. */
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain,
- &plainSz, NULL);
- }
- #endif
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain,
- &plainSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL,
- &plainSz, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz,
- plain, NULL, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, &plainSz,
+ NULL), 0);
+ ExpectIntEQ(wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain, &plainSz,
+ NULL), BAD_FUNC_ARG);
+#ifdef WOLFSSL_ECIES_OLD
+ /* NULL parameter allowed in new implementations - public key comes from
+ * the message. */
+ ExpectIntEQ(wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain, &plainSz,
+ NULL), BAD_FUNC_ARG);
+#endif
+ ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain, &plainSz,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL, &plainSz,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, NULL, NULL),
+ BAD_FUNC_ARG);
- if (XMEMCMP(msg, plain, msgSz) != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ ExpectIntEQ(XMEMCMP(msg, plain, msgSz), 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
wc_ecc_free(&tmpKey);
- wc_ecc_free(&cliKey);
wc_ecc_free(&srvKey);
-
- res = TEST_RES_CHECK(ret == 0);
+ wc_ecc_free(&cliKey);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_encryptDecrypt */
/*
@@ -27474,17 +24685,14 @@ static int test_wc_ecc_encryptDecrypt(void)
*/
static int test_wc_ecc_del_point(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC)
- ecc_point* pt;
+ ecc_point* pt = NULL;
- pt = wc_ecc_new_point();
+ ExpectNotNull(pt = wc_ecc_new_point());
wc_ecc_del_point(pt);
-
- res = TEST_RES_CHECK(pt != NULL);
#endif
- return res;
-
+ return EXPECT_RESULT();
} /* END test_wc_ecc_del_point */
/*
@@ -27494,179 +24702,88 @@ static int test_wc_ecc_del_point(void)
*/
static int test_wc_ecc_pointFns(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A)
- ecc_key key;
- WC_RNG rng;
- int ret;
- ecc_point* point = NULL;
- ecc_point* cpypt = NULL;
- int idx = 0;
- int keySz = KEY32;
- byte der[DER_SZ(KEY32)];
- word32 derlenChk = 0;
- word32 derSz = DER_SZ(KEY32);
+ ecc_key key;
+ WC_RNG rng;
+ int ret;
+ ecc_point* point = NULL;
+ ecc_point* cpypt = NULL;
+ int idx = 0;
+ int keySz = KEY32;
+ byte der[DER_SZ(KEY32)];
+ word32 derlenChk = 0;
+ word32 derSz = DER_SZ(KEY32);
/* Init stack variables. */
XMEMSET(der, 0, derSz);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
-
- if (ret == 0) {
- point = wc_ecc_new_point();
- if (!point) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- cpypt = wc_ecc_new_point();
- if (!cpypt) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectNotNull(point = wc_ecc_new_point());
+ ExpectNotNull(cpypt = wc_ecc_new_point());
/* Export */
- if (ret == 0) {
- ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
- NULL, &derlenChk);
- /* Check length value. */
- if (derSz == derlenChk && ret == LENGTH_ONLY_E) {
- ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
- der, &derSz);
- }
- }
+ ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, NULL,
+ &derlenChk), LENGTH_ONLY_E);
+ /* Check length value. */
+ ExpectIntEQ(derSz, derlenChk);
+ ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
+ &derSz), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz);
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
- der, NULL);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
+ NULL), ECC_BAD_ARG_E);
/* Import */
- if (ret == 0) {
- ret = wc_ecc_import_point_der(der, derSz, idx, point);
- /* Condition double checks wc_ecc_cmp_point(). */
- if (ret == 0 &&
- XMEMCMP((void *)&key.pubkey, (void *)point, sizeof(key.pubkey))) {
- ret = wc_ecc_cmp_point(&key.pubkey, point);
- }
- }
+ ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, point), 0);
+ ExpectIntEQ(wc_ecc_cmp_point(&key.pubkey, point), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_import_point_der(NULL, derSz, idx, point);
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_import_point_der(der, derSz, idx, NULL);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_import_point_der(der, derSz, -1, point);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_import_point_der(der, derSz + 1, idx, point);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ( wc_ecc_import_point_der(NULL, derSz, idx, point),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, NULL), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_import_point_der(der, derSz, -1, point), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_import_point_der(der, derSz + 1, idx, point),
+ ECC_BAD_ARG_E);
/* Copy */
- if (ret == 0) {
- ret = wc_ecc_copy_point(point, cpypt);
- }
+ ExpectIntEQ(wc_ecc_copy_point(point, cpypt), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_copy_point(NULL, cpypt);
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_copy_point(point, NULL);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_copy_point(NULL, cpypt), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_copy_point(point, NULL), ECC_BAD_ARG_E);
/* Compare point */
- if (ret == 0) {
- ret = wc_ecc_cmp_point(point, cpypt);
- }
+ ExpectIntEQ(wc_ecc_cmp_point(point, cpypt), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_cmp_point(NULL, cpypt);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_cmp_point(point, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_cmp_point(NULL, cpypt), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_cmp_point(point, NULL), BAD_FUNC_ARG);
/* At infinity if return == 1, otherwise return == 0. */
- if (ret == 0) {
- ret = wc_ecc_point_is_at_infinity(point);
- }
+ ExpectIntEQ(wc_ecc_point_is_at_infinity(point), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_point_is_at_infinity(NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_point_is_at_infinity(NULL), BAD_FUNC_ARG);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
#ifdef USE_ECC_B_PARAM
/* On curve if ret == 0 */
- if (ret == 0) {
- ret = wc_ecc_point_is_on_curve(point, idx);
- }
+ ExpectIntEQ(wc_ecc_point_is_on_curve(point, idx), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_point_is_on_curve(NULL, idx);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_point_is_on_curve(point, 1000);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_point_is_on_curve(NULL, idx), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_point_is_on_curve(point, 1000), ECC_BAD_ARG_E);
#endif /* USE_ECC_B_PARAM */
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
@@ -27674,13 +24791,9 @@ static int test_wc_ecc_pointFns(void)
wc_ecc_del_point(point);
wc_ecc_del_point(cpypt);
wc_ecc_free(&key);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_pointFns */
@@ -27689,101 +24802,73 @@ static int test_wc_ecc_pointFns(void)
*/
static int test_wc_ecc_shared_secret_ssh(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && \
!defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A)
- ecc_key key, key2;
- WC_RNG rng;
- int ret;
- int keySz = KEY32;
- int key2Sz = KEY24;
- byte secret[KEY32];
- word32 secretLen = keySz;
+ ecc_key key;
+ ecc_key key2;
+ WC_RNG rng;
+ int ret;
+ int keySz = KEY32;
+ int key2Sz = KEY24;
+ byte secret[KEY32];
+ word32 secretLen = keySz;
/* Init stack variables. */
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&key2, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
XMEMSET(secret, 0, secretLen);
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
- XMEMSET(&key2, 0, sizeof(key2));
+
/* Make keys */
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key2);
- }
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, key2Sz, &key2);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+
+ ExpectIntEQ(wc_ecc_init(&key2), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, key2Sz, &key2);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
- if (ret == 0) {
- ret = wc_ecc_set_rng(&key, &rng);
- }
+ ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
#endif
- if (ret == 0) {
- ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen);
- }
+ ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
+ &secretLen), 0);
/* Pass in bad args. */
- if (ret == 0) {
- ret = wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret, &secretLen);
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL);
- }
- if (ret == BAD_FUNC_ARG) {
- key.type = ECC_PUBLICKEY;
- ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen);
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret,
+ &secretLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL),
+ BAD_FUNC_ARG);
+ key.type = ECC_PUBLICKEY;
+ ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
+ &secretLen), ECC_BAD_ARG_E);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
wc_ecc_free(&key2);
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_shared_secret_ssh */
/*
@@ -27791,142 +24876,93 @@ static int test_wc_ecc_shared_secret_ssh(void)
*/
static int test_wc_ecc_verify_hash_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) \
&& !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(WOLFSSL_KCAPI_ECC)
- ecc_key key;
- WC_RNG rng;
- int ret;
- mp_int r;
- mp_int s;
- mp_int z;
- unsigned char hash[] = "Everyone gets Friday off.EccSig";
- unsigned char iHash[] = "Everyone gets Friday off.......";
- unsigned char shortHash[] = TEST_STRING;
- word32 hashlen = sizeof(hash);
- word32 iHashLen = sizeof(iHash);
- word32 shortHashLen = sizeof(shortHash);
- int keySz = KEY32;
- int sig = WOLFSSL_FATAL_ERROR;
- int ver = WOLFSSL_FATAL_ERROR;
- int verify_ok = 0;
-
- /* Initialize r and s. */
- ret = mp_init_multi(&r, &s, &z, NULL, NULL, NULL);
- if (ret != MP_OKAY) {
- return MP_INIT_E;
- }
-
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, keySz, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
- if (ret == 0) {
- ret = wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s);
- if (ret == 0) {
- /* verify_ok should be 1. */
- ret = wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key);
- if (verify_ok != 1 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- /* verify_ok should be 0 */
- ret = wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen,
- &verify_ok, &key);
- if (verify_ok != 0 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- if (ret == 0) {
- /* verify_ok should be 0. */
- ret = wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
- &verify_ok, &key);
- if (verify_ok != 0 && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
- }
+ ecc_key key;
+ WC_RNG rng;
+ int ret;
+ mp_int r;
+ mp_int s;
+ mp_int z;
+ unsigned char hash[] = "Everyone gets Friday off.EccSig";
+ unsigned char iHash[] = "Everyone gets Friday off.......";
+ unsigned char shortHash[] = TEST_STRING;
+ word32 hashlen = sizeof(hash);
+ word32 iHashLen = sizeof(iHash);
+ word32 shortHashLen = sizeof(shortHash);
+ int keySz = KEY32;
+ int verify_ok = 0;
+
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ XMEMSET(&r, 0, sizeof(mp_int));
+ XMEMSET(&s, 0, sizeof(mp_int));
+ XMEMSET(&z, 0, sizeof(mp_int));
+
+ /* Initialize r, s and z. */
+ ExpectIntEQ(mp_init_multi(&r, &s, &z, NULL, NULL, NULL), MP_OKAY);
+
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+
+ ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s), 0);
+ /* verify_ok should be 1. */
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key),
+ 0);
+ ExpectIntEQ(verify_ok, 1);
+
+ /* verify_ok should be 0 */
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen, &verify_ok,
+ &key), 0);
+ ExpectIntEQ(verify_ok, 0);
+
+ /* verify_ok should be 0. */
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
+ &verify_ok, &key), 0);
+ ExpectIntEQ(verify_ok, 0);
/* Test bad args. */
- if (ret == 0) {
- if (wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s)
- == ECC_BAD_ARG_E) {
- sig = 0;
- }
- if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s)
- != ECC_BAD_ARG_E) {
- sig = WOLFSSL_FATAL_ERROR;
- }
- if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s)
- != ECC_BAD_ARG_E) {
- sig = WOLFSSL_FATAL_ERROR;
- }
- if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s)
- != ECC_BAD_ARG_E) {
- sig = WOLFSSL_FATAL_ERROR;
- }
- if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL)
- != ECC_BAD_ARG_E) {
- sig = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL),
+ ECC_BAD_ARG_E);
/* Test bad args. */
- if (ret == 0) {
- if (wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen, &verify_ok, &key)
- == ECC_BAD_ARG_E) {
- ver = 0;
- }
- if (ver == 0 && wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
- &verify_ok, &key) != ECC_BAD_ARG_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- if (wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen, &verify_ok, &key)
- != MP_ZERO_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- if (wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen, &verify_ok, &key)
- != MP_ZERO_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- if (wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen, &verify_ok, &key)
- != MP_ZERO_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok,
- &key) != ECC_BAD_ARG_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
- NULL, &key) != ECC_BAD_ARG_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
- &verify_ok, NULL) != ECC_BAD_ARG_E) {
- ver = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen,
+ &verify_ok, &key), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
+ &verify_ok, &key), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen,
+ &verify_ok, &key), MP_ZERO_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen,
+ &verify_ok, &key), MP_ZERO_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen,
+ &verify_ok, &key), MP_ZERO_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok,
+ &key), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, NULL,
+ &key), ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
+ &verify_ok, NULL), ECC_BAD_ARG_E);
wc_ecc_free(&key);
mp_free(&r);
mp_free(&s);
- if (wc_FreeRng(&rng)) {
- return WOLFSSL_FATAL_ERROR;
- }
- if (ret == 0 && (sig != 0 || ver != 0)) {
- ret = WOLFSSL_FATAL_ERROR;
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_verify_hash_ex */
/*
@@ -27935,73 +24971,53 @@ static int test_wc_ecc_verify_hash_ex(void)
static int test_wc_ecc_mulmod(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
!(defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_VALIDATE_ECC_IMPORT))
- ecc_key key1, key2, key3;
+ ecc_key key1;
+ ecc_key key2;
+ ecc_key key3;
WC_RNG rng;
- int ret = 0;
+ int ret;
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key1);
- if (ret == 0) {
- ret = wc_ecc_init(&key2);
- }
- if (ret == 0) {
- ret = wc_ecc_init(&key3);
- }
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY32, &key1);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- wc_FreeRng(&rng);
- }
- if (ret == 0) {
- ret = wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy, key1.dp->Af,
- ECC_SECP256R1);
- if (ret == 0) {
- ret = wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
- key1.dp->prime, ECC_SECP256R1);
- }
- }
+ XMEMSET(&key1, 0, sizeof(ecc_key));
+ XMEMSET(&key2, 0, sizeof(ecc_key));
+ XMEMSET(&key3, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
- &key3.pubkey, wc_ecc_key_get_priv(&key2),
- wc_ecc_key_get_priv(&key3), 1);
- }
+ ExpectIntEQ(wc_ecc_init(&key1), 0);
+ ExpectIntEQ(wc_ecc_init(&key2), 0);
+ ExpectIntEQ(wc_ecc_init(&key3), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, KEY32, &key1);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+
+ ExpectIntEQ(wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy,
+ key1.dp->Af, ECC_SECP256R1), 0);
+ ExpectIntEQ(wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
+ key1.dp->prime, ECC_SECP256R1), 0);
+
+ ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
+ &key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3),
+ 1), 0);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
- wc_ecc_key_get_priv(&key2),
- wc_ecc_key_get_priv(&key3), 1);
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
- wc_ecc_key_get_priv(&key2),
- wc_ecc_key_get_priv(&key3), 1);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
- wc_ecc_key_get_priv(&key2),
- wc_ecc_key_get_priv(&key3), 1);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
- &key3.pubkey, wc_ecc_key_get_priv(&key2), NULL,
- 1);
- }
- if (ret == ECC_BAD_ARG_E) {
- ret = 0;
- }
- else if (ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
+ wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
+ wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
+ wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
+ ECC_BAD_ARG_E);
+ ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
+ &key3.pubkey, wc_ecc_key_get_priv(&key2), NULL, 1), ECC_BAD_ARG_E);
wc_ecc_free(&key1);
wc_ecc_free(&key2);
@@ -28010,10 +25026,8 @@ static int test_wc_ecc_mulmod(void)
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif /* HAVE_ECC && !WOLFSSL_ATECC508A */
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_ecc_mulmod */
/*
@@ -28021,300 +25035,830 @@ static int test_wc_ecc_mulmod(void)
*/
static int test_wc_ecc_is_valid_idx(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG)
- ecc_key key;
- WC_RNG rng;
- int ret;
- int iVal = -2;
- int iVal2 = 3000;
+ ecc_key key;
+ WC_RNG rng;
+ int ret;
+ int iVal = -2;
+ int iVal2 = 3000;
- XMEMSET(&rng, 0, sizeof(rng));
- XMEMSET(&key, 0, sizeof(key));
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, 32, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- }
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, 32, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
- if (ret == 0) {
- ret = wc_ecc_is_valid_idx(key.idx);
- if (ret == 1) {
- ret = 0;
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_is_valid_idx(key.idx), 1);
/* Test bad args. */
- if (ret == 0) {
- ret = wc_ecc_is_valid_idx(iVal); /* should return 0 */
- if (ret == 0) {
- ret = wc_ecc_is_valid_idx(iVal2);
- }
- if (ret != 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
- }
+ ExpectIntEQ(wc_ecc_is_valid_idx(iVal), 0);
+ ExpectIntEQ(wc_ecc_is_valid_idx(iVal2), 0);
- if (wc_FreeRng(&rng) && ret == 0) {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
+
#ifdef FP_ECC
wc_ecc_fp_free();
#endif
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-
-
+ return EXPECT_RESULT();
} /* END test_wc_ecc_is_valid_idx */
+
/*
* Testing wc_ecc_get_curve_id_from_oid()
*/
static int test_wc_ecc_get_curve_id_from_oid(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
!defined(HAVE_FIPS)
const byte oid[] = {0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07};
word32 len = sizeof(oid);
- int ret;
/* Bad Cases */
- ret = wc_ecc_get_curve_id_from_oid(NULL, len);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_ecc_get_curve_id_from_oid(oid, 0);
- if (ret == ECC_CURVE_INVALID) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_ecc_get_curve_id_from_oid(NULL, len), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, 0), ECC_CURVE_INVALID);
/* Good Case */
- if (ret == 0) {
- ret = wc_ecc_get_curve_id_from_oid(oid, len);
- if (ret == ECC_SECP256R1) {
- ret = 0;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, len), ECC_SECP256R1);
#endif
- return res;
-}/* END test_wc_ecc_get_curve_id_from_oid */
+ return EXPECT_RESULT();
+} /* END test_wc_ecc_get_curve_id_from_oid */
+
/*
* Testing wc_ecc_sig_size_calc()
*/
static int test_wc_ecc_sig_size_calc(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST)
- ecc_key key;
- WC_RNG rng;
- int sz = 0;
- int ret = 0;
+ ecc_key key;
+ WC_RNG rng;
+ int sz = 0;
+ int ret;
- ret = wc_InitRng(&rng);
- if (ret == 0) {
- ret = wc_ecc_init(&key);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, 16, &key);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- sz = key.dp->size;
- }
- if (ret == 0) {
- ret = wc_ecc_sig_size_calc(sz);
- if (ret > 0) {
- ret = 0;
- }
- }
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ret = wc_ecc_make_key(&rng, 16, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+ sz = key.dp->size;
+ ExpectIntGT(wc_ecc_sig_size_calc(sz), 0);
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
wc_ecc_free(&key);
- wc_FreeRng(&rng);
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_ecc_sig_size_calc */
- res = TEST_RES_CHECK(ret == 0);
+/*
+ * Testing wc_ecc_sm2_make_key()
+ */
+static int test_wc_ecc_sm2_make_key(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2)
+ EXPECT_DECLS;
+ WC_RNG rng[1];
+ ecc_key key[1];
+
+ XMEMSET(rng, 0, sizeof(*rng));
+ XMEMSET(key, 0, sizeof(*key));
+
+ ExpectIntEQ(wc_InitRng(rng), 0);
+ ExpectIntEQ(wc_ecc_init(key), 0);
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_make_key(NULL, NULL, WC_ECC_FLAG_NONE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_make_key(rng, NULL, WC_ECC_FLAG_NONE),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_make_key(NULL, key, WC_ECC_FLAG_NONE),
+ BAD_FUNC_ARG);
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
+ ExpectIntEQ(key->dp->id, ECC_SM2P256V1);
+
+ wc_ecc_free(key);
+ wc_FreeRng(rng);
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+
+ res = EXPECT_RESULT();
#endif
return res;
-} /* END test_wc_ecc_sig_size_calc */
+}
+
+/*
+ * Testing wc_ecc_sm2_shared_secret()
+ */
+static int test_wc_ecc_sm2_shared_secret(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2)
+ EXPECT_DECLS;
+ WC_RNG rng[1];
+ ecc_key keyA[1];
+ ecc_key keyB[1];
+ byte outA[32];
+ byte outB[32];
+ word32 outALen = 32;
+ word32 outBLen = 32;
+
+ XMEMSET(rng, 0, sizeof(*rng));
+ XMEMSET(keyA, 0, sizeof(*keyA));
+ XMEMSET(keyB, 0, sizeof(*keyB));
+
+ ExpectIntEQ(wc_InitRng(rng), 0);
+ ExpectIntEQ(wc_ecc_init(keyA), 0);
+ ExpectIntEQ(wc_ecc_init(keyB), 0);
+ ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyA, WC_ECC_FLAG_NONE), 0);
+ ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyB, WC_ECC_FLAG_NONE), 0);
+
+#ifdef ECC_TIMING_RESISTANT
+ ExpectIntEQ(wc_ecc_set_rng(keyA, rng), 0);
+ ExpectIntEQ(wc_ecc_set_rng(keyB, rng), 0);
+#endif
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, outA, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, &outALen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, outA, &outALen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, outA, &outALen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, NULL, &outALen),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, NULL), BAD_FUNC_ARG);
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, &outALen), 0);
+ ExpectIntLE(outALen, 32);
+ ExpectIntEQ(wc_ecc_sm2_shared_secret(keyB, keyA, outB, &outBLen), 0);
+ ExpectIntLE(outBLen, 32);
+ ExpectIntEQ(outALen, outBLen);
+ ExpectBufEQ(outA, outB, outALen);
+
+ wc_ecc_free(keyB);
+ wc_ecc_free(keyA);
+ wc_FreeRng(rng);
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+/*
+ * Testing wc_ecc_sm2_create_digest()
+ */
+static int test_wc_ecc_sm2_create_digest(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && !defined(NO_HASH_WRAPPER) && \
+ (defined(WOLFSSL_SM3) || !defined(NO_SHA256))
+ EXPECT_DECLS;
+ ecc_key key[1];
+ enum wc_HashType hashType;
+ unsigned char pub[] = {
+ 0x04,
+ 0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
+ 0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
+ 0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
+ 0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
+ 0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
+ 0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
+ 0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
+ 0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
+ };
+ unsigned char id[] = {
+ 0x01, 0x02, 0x03,
+ };
+ unsigned char msg[] = {
+ 0x01, 0x02, 0x03,
+ };
+ unsigned char hash[32];
+#ifdef WOLFSSL_SM3
+ unsigned char expHash[32] = {
+ 0xc1, 0xdd, 0x92, 0xc5, 0x60, 0xd3, 0x94, 0x28,
+ 0xeb, 0x0f, 0x57, 0x79, 0x3f, 0xc9, 0x96, 0xc5,
+ 0xfa, 0xf5, 0x90, 0xb2, 0x64, 0x2f, 0xaf, 0x9c,
+ 0xc8, 0x57, 0x21, 0x6a, 0x52, 0x7e, 0xf1, 0x95
+ };
+#else
+ unsigned char expHash[32] = {
+ 0xea, 0x41, 0x55, 0x21, 0x61, 0x00, 0x5c, 0x9a,
+ 0x57, 0x35, 0x6b, 0x49, 0xca, 0x8f, 0x65, 0xc2,
+ 0x0e, 0x29, 0x0c, 0xa0, 0x1d, 0xa7, 0xc4, 0xed,
+ 0xdd, 0x51, 0x12, 0xf6, 0xe7, 0x55, 0xc5, 0xf4
+ };
+#endif
+
+#ifdef WOLFSSL_SM3
+ hashType = WC_HASH_TYPE_SM3;
+#else
+ hashType = WC_HASH_TYPE_SHA256;
+#endif
+
+ XMEMSET(key, 0, sizeof(*key));
+
+ ExpectIntEQ(wc_ecc_init(key), 0);
+
+ /* Test with no curve set. */
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+ hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
+ hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg),
+ hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg),
+ hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
+ hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
+ hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg),
+ hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg),
+ hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+ hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+ hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG);
+
+ /* Bad hash type. */
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+ -1, hash, 0, key), BAD_FUNC_ARG);
+ /* Bad hash size. */
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+ hashType, hash, 0, key), BUFFER_E);
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+ hashType, hash, sizeof(hash), key), 0);
+ ExpectBufEQ(hash, expHash, sizeof(expHash));
+
+ wc_ecc_free(key);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+/*
+ * Testing wc_ecc_sm2_verify_hash_ex()
+ */
+static int test_wc_ecc_sm2_verify_hash_ex(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY) && \
+ defined(WOLFSSL_PUBLIC_MP)
+ EXPECT_DECLS;
+ ecc_key key[1];
+ mp_int r[1];
+ mp_int s[1];
+ int verified;
+ unsigned char pub[] = {
+ 0x04,
+ 0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
+ 0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
+ 0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
+ 0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
+ 0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
+ 0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
+ 0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
+ 0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
+ };
+ unsigned char hash[] = {
+ 0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D,
+ 0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1,
+ 0x50, 0x69, 0x5B, 0x20
+ };
+ unsigned char rData[] = {
+ 0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00,
+ 0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2,
+ 0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40,
+ 0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE7,
+ };
+ unsigned char sData[] = {
+ 0x1D,
+ 0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
+ 0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
+ 0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
+ 0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC
+ };
+ unsigned char rBadData[] = {
+ 0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00,
+ 0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2,
+ 0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40,
+ 0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE8,
+ };
+
+ XMEMSET(key, 0, sizeof(*key));
+ XMEMSET(r, 0, sizeof(*r));
+ XMEMSET(s, 0, sizeof(*s));
+
+ ExpectIntEQ(mp_init(r), 0);
+ ExpectIntEQ(mp_init(s), 0);
+ ExpectIntEQ(mp_read_unsigned_bin(r, rData, sizeof(rData)), 0);
+ ExpectIntEQ(mp_read_unsigned_bin(s, sData, sizeof(sData)), 0);
+
+ ExpectIntEQ(wc_ecc_init(key), 0);
+
+ /* Test with no curve set. */
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, NULL, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, NULL, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, hash, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
+ &verified, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
+ NULL, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, NULL, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+ NULL, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+ &verified, NULL), BAD_FUNC_ARG);
+
+ /* Make key not on the SM2 curve. */
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+ &verified, key), 0);
+ ExpectIntEQ(verified, 1);
+
+ ExpectIntEQ(mp_read_unsigned_bin(r, rBadData, sizeof(rBadData)), 0);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+ &verified, key), 0);
+ ExpectIntEQ(verified, 0);
+
+ mp_free(s);
+ mp_free(r);
+ wc_ecc_free(key);
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+/*
+ * Testing wc_ecc_sm2_verify_hash()
+ */
+static int test_wc_ecc_sm2_verify_hash(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY)
+ EXPECT_DECLS;
+ ecc_key key[1];
+ int verified;
+ unsigned char pub[] = {
+ 0x04,
+ 0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
+ 0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
+ 0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
+ 0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
+ 0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
+ 0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
+ 0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
+ 0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
+ };
+ unsigned char hash[] = {
+ 0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D,
+ 0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1,
+ 0x50, 0x69, 0x5B, 0x20
+ };
+ unsigned char sig[] = {
+ 0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3,
+ 0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C,
+ 0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5,
+ 0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D,
+ 0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D,
+ 0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
+ 0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
+ 0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
+ 0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC
+ };
+ unsigned char sigBad[] = {
+ 0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3,
+ 0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C,
+ 0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5,
+ 0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D,
+ 0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D,
+ 0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
+ 0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
+ 0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
+ 0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDD
+ };
+
+
+ XMEMSET(key, 0, sizeof(*key));
+ ExpectIntEQ(wc_ecc_init(key), 0);
+
+ /* Test with no curve set. */
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash),
+ NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
+ &verified, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
+ NULL, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+ NULL, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+ &verified, NULL), BAD_FUNC_ARG);
+
+ /* Make key not on the SM2 curve. */
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+ &verified, key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+ &verified, key), 0);
+ ExpectIntEQ(verified, 1);
+
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sigBad, sizeof(sigBad), hash,
+ sizeof(hash), &verified, key), 0);
+ ExpectIntEQ(verified, 0);
+
+ wc_ecc_free(key);
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+/*
+ * Testing wc_ecc_sm2_verify_hash_ex()
+ */
+static int test_wc_ecc_sm2_sign_hash_ex(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN) && \
+ defined(WOLFSSL_PUBLIC_MP)
+ EXPECT_DECLS;
+ WC_RNG rng[1];
+ ecc_key key[1];
+ mp_int r[1];
+ mp_int s[1];
+ unsigned char hash[32];
+#ifdef HAVE_ECC_VERIFY
+ int verified;
+#endif
+
+ XMEMSET(rng, 0, sizeof(*rng));
+ XMEMSET(key, 0, sizeof(*key));
+ XMEMSET(r, 0, sizeof(*r));
+ XMEMSET(s, 0, sizeof(*s));
+
+ ExpectIntEQ(wc_InitRng(rng), 0);
+ ExpectIntEQ(mp_init(r), 0);
+ ExpectIntEQ(mp_init(s), 0);
+ ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0);
+
+ ExpectIntEQ(wc_ecc_init(key), 0);
+
+ /* Test with no curve set. */
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, NULL, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, NULL, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, key, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, r,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL,
+ s), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, key, r, s),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, key, r, s),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, NULL, r, s),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, NULL, s),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, NULL),
+ BAD_FUNC_ARG);
+
+ /* Make key not on the SM2 curve. */
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+#ifdef WOLFSSL_SP_MATH_ALL
+ {
+ mp_int smallR[1];
+ sp_init_size(smallR, 1);
+ /* Force failure in _ecc_sm2_calc_r_s by r being too small. */
+ ExpectIntLT(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key,
+ smallR, s), 0);
+ }
+#endif
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
+ 0);
+#ifdef HAVE_ECC_VERIFY
+ ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified,
+ key), 0);
+ ExpectIntEQ(verified, 1);
+#endif
+
+ mp_free(s);
+ mp_free(r);
+ wc_ecc_free(key);
+ wc_FreeRng(rng);
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+
+/*
+ * Testing wc_ecc_sm2_verify_hash()
+ */
+static int test_wc_ecc_sm2_sign_hash(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN)
+ EXPECT_DECLS;
+ WC_RNG rng[1];
+ ecc_key key[1];
+ unsigned char hash[32];
+ unsigned char sig[72];
+ word32 sigSz = sizeof(sig);
+#ifdef HAVE_ECC_VERIFY
+ int verified;
+#endif
+
+ XMEMSET(rng, 0, sizeof(*rng));
+ XMEMSET(key, 0, sizeof(*key));
+
+ ExpectIntEQ(wc_InitRng(rng), 0);
+ ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0);
+
+ ExpectIntEQ(wc_ecc_init(key), 0);
+
+ /* Test with no curve set. */
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
+
+ /* Test invalid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, NULL, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, NULL, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, &sigSz, NULL,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, rng,
+ NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL,
+ key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, &sigSz, rng,
+ key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, &sigSz, rng,
+ key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, NULL, rng,
+ key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, NULL,
+ key), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng,
+ NULL), BAD_FUNC_ARG);
+
+ /* Make key not on the SM2 curve. */
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+ /* Test valid parameters. */
+ ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
+ 0);
+#ifdef HAVE_ECC_VERIFY
+ ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sigSz, hash, sizeof(hash),
+ &verified, key), 0);
+ ExpectIntEQ(verified, 1);
+#endif
+
+ wc_ecc_free(key);
+ wc_FreeRng(rng);
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+
/*
* Testing ToTraditional
*/
static int test_ToTraditional(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && (defined(HAVE_PKCS8) || defined(HAVE_PKCS12)) && \
(defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL))
+ defined(OPENSSL_EXTRA_X509_SMALL)) && !defined(NO_FILESYSTEM)
+ XFILE f = XBADFILE;
+ byte input[TWOK_BUF];
+ word32 sz;
- XFILE f;
- byte input[TWOK_BUF];
- word32 sz;
- int ret;
-
- f = XFOPEN("./certs/server-keyPkcs8.der", "rb");
- AssertTrue((f != XBADFILE));
- sz = (word32)XFREAD(input, 1, sizeof(input), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN("./certs/server-keyPkcs8.der", "rb")) != XBADFILE);
+ ExpectTrue((sz = (word32)XFREAD(input, 1, sizeof(input), f)) > 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
/* Good case */
- ret = ToTraditional(input, sz);
- if (ret > 0) {
- ret = 0;
- }
+ ExpectIntGT(ToTraditional(input, sz), 0);
/* Bad cases */
- if (ret == 0) {
- ret = ToTraditional(NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = ToTraditional(NULL, sz);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = ToTraditional(input, 0);
- if (ret == ASN_PARSE_E || ret == BUFFER_E) {
- ret = 0;
- }
- }
-
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(ToTraditional(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(ToTraditional(NULL, sz), BAD_FUNC_ARG);
+#ifdef WOLFSSL_ASN_TEMPLATE
+ ExpectIntEQ(ToTraditional(input, 0), BUFFER_E);
+#else
+ ExpectIntEQ(ToTraditional(input, 0), ASN_PARSE_E);
#endif
- return res;
-}/* End test_ToTraditional*/
+#endif
+ return EXPECT_RESULT();
+} /* End test_ToTraditional*/
/*
* Testing wc_EccPrivateKeyToDer
*/
static int test_wc_EccPrivateKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
- byte output[ONEK_BUF];
- ecc_key eccKey;
- WC_RNG rng;
- word32 inLen;
- int ret;
+ byte output[ONEK_BUF];
+ ecc_key eccKey;
+ WC_RNG rng;
+ word32 inLen;
+ word32 outLen = 0;
+ int ret;
- ret = wc_InitRng(&rng);
+ XMEMSET(&eccKey, 0, sizeof(ecc_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ecc_init(&eccKey);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- inLen = (word32)sizeof(output);
- /* Bad Cases */
- if (ret == 0) {
- ret = wc_EccPrivateKeyToDer(NULL, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_EccPrivateKeyToDer(NULL, output, inLen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_EccPrivateKeyToDer(&eccKey, NULL, inLen);
- if (ret == LENGTH_ONLY_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_EccPrivateKeyToDer(&eccKey, output, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- /*Good Case */
- if (ret == 0) {
- ret = wc_EccPrivateKeyToDer(&eccKey, output, inLen);
- if (ret > 0) {
- #if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
- /* test importing private only into a PKEY struct */
- EC_KEY* ec;
- EVP_PKEY* pkey;
- const unsigned char* der = output;
-
- pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, ret);
- AssertNotNull(pkey);
-
- der = output;
- ec = d2i_ECPrivateKey(NULL, &der, ret);
- AssertNotNull(ec);
- AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
- EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
- #endif
- ret = 0;
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ecc_init(&eccKey), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ ExpectIntEQ(ret, 0);
+
+ inLen = (word32)sizeof(output);
+ /* Bad Cases */
+ ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, NULL, inLen), LENGTH_ONLY_E);
+ ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0), BAD_FUNC_ARG);
+ /* Good Case */
+ ExpectIntGT(outLen = wc_EccPrivateKeyToDer(&eccKey, output, inLen), 0);
+
+ wc_ecc_free(&eccKey);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
+ {
+ /* test importing private only into a PKEY struct */
+ EC_KEY* ec = NULL;
+ EVP_PKEY* pkey = NULL;
+ const unsigned char* der;
+
+ der = output;
+ ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, outLen));
+
+ der = output;
+ ExpectNotNull(ec = d2i_ECPrivateKey(NULL, &der, outLen));
+ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ EC_KEY_free(ec);
}
- wc_ecc_free(&eccKey);
+ EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
}
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-}/* End test_wc_EccPrivateKeyToDer*/
+#endif
+ return EXPECT_RESULT();
+} /* End test_wc_EccPrivateKeyToDer*/
/*
* Testing wc_DhPublicKeyDecode
*/
static int test_wc_DhPublicKeyDecode(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_DH
#if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048)
DhKey key;
word32 inOutIdx;
- AssertIntEQ(wc_InitDhKey(&key), 0);
+ XMEMSET(&key, 0, sizeof(DhKey));
+
+ ExpectIntEQ(wc_InitDhKey(&key), 0);
- AssertIntEQ(wc_DhPublicKeyDecode(NULL,NULL,NULL,0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DhPublicKeyDecode(NULL,NULL,NULL,0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
+ BAD_FUNC_ARG);
inOutIdx = 0;
- AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,NULL, 0),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,NULL, 0),
+ BAD_FUNC_ARG);
inOutIdx = 0;
- AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, 0),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, 0),
+ BAD_FUNC_ARG);
inOutIdx = 0;
- AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key,
- sizeof_dh_pub_key_der_2048), 0);
- AssertTrue(key.p.used != 0 && key.g.used != 0 && key.q.used == 0 &&
- key.pub.used != 0 && key.priv.used == 0);
-
- wc_FreeDhKey(&key);
+ ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key,
+ sizeof_dh_pub_key_der_2048), 0);
+ ExpectIntNE(key.p.used, 0);
+ ExpectIntNE(key.g.used, 0);
+ ExpectIntEQ(key.q.used, 0);
+ ExpectIntNE(key.pub.used, 0);
+ ExpectIntEQ(key.priv.used, 0);
- res = TEST_RES_CHECK(1);
+ DoExpectIntEQ(wc_FreeDhKey(&key), 0);
#endif
#endif /* !NO_DH */
- return res;
+ return EXPECT_RESULT();
}
/*
@@ -28322,505 +25866,352 @@ static int test_wc_DhPublicKeyDecode(void)
*/
static int test_wc_Ed25519KeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
- byte output[ONEK_BUF];
- ed25519_key ed25519Key;
- WC_RNG rng;
- word32 inLen;
- int ret;
+ byte output[ONEK_BUF];
+ ed25519_key ed25519Key;
+ WC_RNG rng;
+ word32 inLen;
- ret = wc_InitRng(&rng);
+ XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed25519_init(&ed25519Key);
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key);
- }
- inLen = (word32)sizeof(output);
+ ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
+ inLen = (word32)sizeof(output);
- /* Bad Cases */
- if (ret == 0) {
- ret = wc_Ed25519KeyToDer(NULL, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed25519KeyToDer(NULL, output, inLen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed25519KeyToDer(&ed25519Key, output, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- /* Good Cases */
- if (ret == 0) {
- /* length only */
- ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed25519KeyToDer(&ed25519Key, output, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_ed25519_free(&ed25519Key);
- }
- wc_FreeRng(&rng);
+ /* Bad Cases */
+ ExpectIntEQ(wc_Ed25519KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed25519KeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BAD_FUNC_ARG);
+ /* Good Cases */
+ /* length only */
+ ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen), 0);
+ ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, output, inLen), 0);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ed25519_free(&ed25519Key);
#endif
- return res;
-}/* End test_wc_Ed25519KeyToDer*/
+ return EXPECT_RESULT();
+} /* End test_wc_Ed25519KeyToDer*/
+
/*
* Testing wc_Ed25519PrivateKeyToDer
*/
static int test_wc_Ed25519PrivateKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
- byte output[ONEK_BUF];
- ed25519_key ed25519PrivKey;
- WC_RNG rng;
- word32 inLen;
- int ret;
+ byte output[ONEK_BUF];
+ ed25519_key ed25519PrivKey;
+ WC_RNG rng;
+ word32 inLen;
- ret = wc_InitRng(&rng);
+ XMEMSET(&ed25519PrivKey, 0, sizeof(ed25519_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed25519_init(&ed25519PrivKey);
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519PrivKey);
- }
- inLen = (word32)sizeof(output);
+ ExpectIntEQ(wc_ed25519_init(&ed25519PrivKey), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519PrivKey),
+ 0);
+ inLen = (word32)sizeof(output);
- /* Bad Cases */
- if (ret == 0) {
- ret = wc_Ed25519PrivateKeyToDer(NULL, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed25519PrivateKeyToDer(NULL, output, inLen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- /* Good Cases */
- if (ret == 0) {
- /* length only */
- ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_ed25519_free(&ed25519PrivKey);
- }
- wc_FreeRng(&rng);
+ /* Bad Cases */
+ ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0),
+ BAD_FUNC_ARG);
+ /* Good Cases */
+ /* length only */
+ ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen), 0);
+ ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen), 0);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ed25519_free(&ed25519PrivKey);
#endif
- return res;
-}/* End test_wc_Ed25519PrivateKeyToDer*/
+ return EXPECT_RESULT();
+} /* End test_wc_Ed25519PrivateKeyToDer*/
+
/*
* Testing wc_Ed448KeyToDer
*/
static int test_wc_Ed448KeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
- byte output[ONEK_BUF];
- ed448_key ed448Key;
- WC_RNG rng;
- word32 inLen;
- int ret;
+ byte output[ONEK_BUF];
+ ed448_key ed448Key;
+ WC_RNG rng;
+ word32 inLen;
- ret = wc_InitRng(&rng);
+ XMEMSET(&ed448Key, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed448_init(&ed448Key);
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key);
- }
- inLen = sizeof(output);
+ ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
+ inLen = (word32)sizeof(output);
- /* Bad Cases */
- if (ret == 0) {
- ret = wc_Ed448KeyToDer(NULL, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed448KeyToDer(NULL, output, inLen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed448KeyToDer(&ed448Key, output, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- /* Good Cases */
- if (ret == 0) {
- /* length only */
- ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed448KeyToDer(&ed448Key, output, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_ed448_free(&ed448Key);
- }
- wc_FreeRng(&rng);
+ /* Bad Cases */
+ ExpectIntEQ(wc_Ed448KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed448KeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BAD_FUNC_ARG);
+ /* Good Cases */
+ /* length only */
+ ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, inLen), 0);
+ ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, output, inLen), 0);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ed448_free(&ed448Key);
#endif
- return res;
-}/* End test_wc_Ed448KeyToDer*/
+ return EXPECT_RESULT();
+} /* End test_wc_Ed448KeyToDer*/
+
/*
* Testing wc_Ed448PrivateKeyToDer
*/
static int test_wc_Ed448PrivateKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
- byte output[ONEK_BUF];
- ed448_key ed448PrivKey;
- WC_RNG rng;
- word32 inLen;
- int ret;
+ byte output[ONEK_BUF];
+ ed448_key ed448PrivKey;
+ WC_RNG rng;
+ word32 inLen;
- ret = wc_InitRng(&rng);
+ XMEMSET(&ed448PrivKey, 0, sizeof(ed448_key));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = wc_ed448_init(&ed448PrivKey);
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448PrivKey);
- }
- inLen = sizeof(output);
+ ExpectIntEQ(wc_ed448_init(&ed448PrivKey), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448PrivKey),
+ 0);
+ inLen = (word32)sizeof(output);
- /* Bad Cases */
- if (ret == 0) {
- ret = wc_Ed448PrivateKeyToDer(NULL, NULL, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed448PrivateKeyToDer(NULL, output, inLen);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- /* Good cases */
- if (ret == 0) {
- /* length only */
- ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen);
- if (ret > 0) {
- ret = 0;
- }
- }
- wc_ed448_free(&ed448PrivKey);
- }
- wc_FreeRng(&rng);
+ /* Bad Cases */
+ ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0),
+ BAD_FUNC_ARG);
+ /* Good cases */
+ /* length only */
+ ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen), 0);
+ ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen), 0);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+ wc_ed448_free(&ed448PrivKey);
#endif
- return res;
-}/* End test_wc_Ed448PrivateKeyToDer*/
+ return EXPECT_RESULT();
+} /* End test_wc_Ed448PrivateKeyToDer*/
+
/*
* Testing wc_SetSubjectBuffer
*/
static int test_wc_SetSubjectBuffer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
- Cert cert;
- FILE* file;
- byte* der;
- word32 derSz;
- int ret = 0;
+ Cert cert;
+ XFILE file = XBADFILE;
+ byte* der = NULL;
+ word32 derSz;
derSz = FOURK_BUF;
- der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL) {
- ret = -1;
- }
- if (ret == 0) {
- file = XFOPEN("./certs/ca-cert.der", "rb");
- if (file != NULL) {
- derSz = (word32)XFREAD(der, 1, FOURK_BUF, file);
- XFCLOSE(file);
- }
- else {
- ret = -1;
- }
- }
- if (ret == 0) {
- ret = wc_InitCert(&cert);
- }
+ ExpectNotNull(der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectTrue((file = XFOPEN("./certs/ca-cert.der", "rb")) != XBADFILE);
+ ExpectTrue((derSz = (word32)XFREAD(der, 1, FOURK_BUF, file)) > 0);
+ if (file != XBADFILE)
+ XFCLOSE(file);
- if (ret == 0) {
- ret = wc_SetSubjectBuffer(&cert, der, derSz);
- }
+ ExpectIntEQ(wc_InitCert(&cert), 0);
+ ExpectIntEQ(wc_SetSubjectBuffer(&cert, der, derSz), 0);
+ ExpectIntEQ(wc_SetSubjectBuffer(NULL, der, derSz), BAD_FUNC_ARG);
- if (ret == 0) {
- ret = wc_SetSubjectBuffer(NULL, der, derSz);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
-}/* End test_wc_SetSubjectBuffer*/
+ return EXPECT_RESULT();
+} /* End test_wc_SetSubjectBuffer*/
/*
* Testing wc_SetSubjectKeyIdFromPublicKey_ex
*/
static int test_wc_SetSubjectKeyIdFromPublicKey_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
- WC_RNG rng;
- Cert cert;
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
- ed25519_key ed25519Key;
-#endif
+ WC_RNG rng;
+ Cert cert;
#if !defined(NO_RSA) && defined(HAVE_RSA)
- RsaKey rsaKey;
- int bits = 2048;
+ RsaKey rsaKey;
+ int bits = 2048;
#endif
#if defined(HAVE_ECC)
- ecc_key eccKey;
+ ecc_key eccKey;
+ int ret;
+#endif
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+ ed25519_key ed25519Key;
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
- ed448_key ed448Key;
+ ed448_key ed448Key;
#endif
- int ret = 0;
#ifndef HAVE_FIPS
- ret = wc_InitRng_ex(&rng, HEAP_HINT, testDevId);
+ ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
#else
- ret = wc_InitRng(&rng);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
- wc_InitCert(&cert);
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
- if (ret == 0) { /*ED25519*/
- ret = wc_ed25519_init(&ed25519Key);
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key);
- }
- if (ret == 0) {
- ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
- &ed25519Key);
- }
- wc_ed25519_free(&ed25519Key);
- }
-#endif
+ ExpectIntEQ(wc_InitCert(&cert), 0);
+
#if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN)
- if (ret == 0) { /*RSA*/
- ret = wc_InitRsaKey(&rsaKey, HEAP_HINT);
- if (ret == 0) {
- MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng);
- }
- if (ret == 0) {
- ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey);
- }
- wc_FreeRsaKey(&rsaKey);
- }
+ /* RSA */
+ XMEMSET(&rsaKey, 0, sizeof(RsaKey));
+ ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0);
+ ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey),
+ 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0);
#endif
+
#if defined(HAVE_ECC)
- if (ret == 0) { /*ECC*/
- ret = wc_ecc_init(&eccKey);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
- }
- wc_ecc_free(&eccKey);
- }
+ /* ECC */
+ XMEMSET(&eccKey, 0, sizeof(ecc_key));
+ ExpectIntEQ(wc_ecc_init(&eccKey), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
-#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
- if (ret == 0) { /*ED448*/
- ret = wc_ed448_init(&ed448Key);
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key);
- }
- if (ret == 0) {
- ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
- &ed448Key);
- }
- wc_ed448_free(&ed448Key);
- }
+ ExpectIntEQ(ret, 0);
+ ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey),
+ 0);
+ DoExpectIntEQ(wc_ecc_free(&eccKey), 0);
#endif
- wc_FreeRng(&rng);
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+ /* ED25519 */
+ XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
+ ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
+ ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
+ &ed25519Key), 0);
+ wc_ed25519_free(&ed25519Key);
+#endif
- res = TEST_RES_CHECK(ret == 0);
+#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
+ /* ED448 */
+ XMEMSET(&ed448Key, 0, sizeof(ed448_key));
+ ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
+ ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
+ &ed448Key), 0);
+ wc_ed448_free(&ed448Key);
#endif
- return res;
-}/* End test_wc_SetSubjectKeyIdFromPublicKey_ex*/
+
+ wc_FreeRng(&rng);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+#endif /* WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */
+ return EXPECT_RESULT();
+} /* End test_wc_SetSubjectKeyIdFromPublicKey_ex*/
/*
* Testing wc_SetAuthKeyIdFromPublicKey_ex
*/
static int test_wc_SetAuthKeyIdFromPublicKey_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
- WC_RNG rng;
- Cert cert;
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
- ed25519_key ed25519Key;
-#endif
+ WC_RNG rng;
+ Cert cert;
#if !defined(NO_RSA) && defined(HAVE_RSA)
- RsaKey rsaKey;
- int bits = 2048;
+ RsaKey rsaKey;
+ int bits = 2048;
#endif
#if defined(HAVE_ECC)
- ecc_key eccKey;
+ ecc_key eccKey;
+ int ret;
+#endif
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+ ed25519_key ed25519Key;
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
- ed448_key ed448Key;
+ ed448_key ed448Key;
#endif
- int ret = 0;
#ifndef HAVE_FIPS
- ret = wc_InitRng_ex(&rng, HEAP_HINT, testDevId);
+ ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
#else
- ret = wc_InitRng(&rng);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
- wc_InitCert(&cert);
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
- if (ret == 0) { /*ED25519*/
- ret = wc_ed25519_init(&ed25519Key);
- if (ret == 0) {
- ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key);
- }
- if (ret == 0) {
- ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
- &ed25519Key);
- }
- wc_ed25519_free(&ed25519Key);
- }
-#endif
+ ExpectIntEQ(wc_InitCert(&cert), 0);
+
#if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN)
- if (ret == 0) { /*RSA*/
- ret = wc_InitRsaKey(&rsaKey, HEAP_HINT);
- if (ret == 0) {
- MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng);
- }
- if (ret == 0) {
- ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey);
- }
- wc_FreeRsaKey(&rsaKey);
- }
+ /* RSA */
+ XMEMSET(&rsaKey, 0, sizeof(RsaKey));
+ ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0);
+ ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0);
+ ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey), 0);
+ DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0);
#endif
+
#if defined(HAVE_ECC)
- if (ret == 0) { /*ECC*/
- ret = wc_ecc_init(&eccKey);
- if (ret == 0) {
- ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
- #if defined(WOLFSSL_ASYNC_CRYPT)
- ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
- #endif
- }
- if (ret == 0) {
- ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
- }
- wc_ecc_free(&eccKey);
- }
+ /* ECC */
+ XMEMSET(&eccKey, 0, sizeof(ecc_key));
+ ExpectIntEQ(wc_ecc_init(&eccKey), 0);
+ ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
-#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
- if (ret == 0) { /*ED448*/
- ret = wc_ed448_init(&ed448Key);
- if (ret == 0) {
- ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key);
- }
- if (ret == 0) {
- ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
- &ed448Key);
- }
- wc_ed448_free(&ed448Key);
- }
+ ExpectIntEQ(ret, 0);
+ ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey), 0);
+ DoExpectIntEQ(wc_ecc_free(&eccKey), 0);
#endif
- wc_FreeRng(&rng);
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+ /* ED25519 */
+ XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
+ ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
+ ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
+ ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
+ &ed25519Key), 0);
+ wc_ed25519_free(&ed25519Key);
+#endif
- res = TEST_RES_CHECK(ret == 0);
-#endif /*defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)*/
- return res;
-}/* End test_wc_SetAuthKeyIdFromPublicKey_ex*/
+#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
+ /* ED448 */
+ XMEMSET(&ed448Key, 0, sizeof(ed448_key));
+ ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
+ ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
+ ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED448_TYPE, &ed448Key),
+ 0);
+ wc_ed448_free(&ed448Key);
+#endif
+
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
+#endif /* defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)*/
+ return EXPECT_RESULT();
+} /* End test_wc_SetAuthKeyIdFromPublicKey_ex*/
/*
* Testing wc_PKCS7_New()
*/
static int test_wc_PKCS7_New(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
- pkcs7 = wc_PKCS7_New(NULL, testDevId);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, testDevId));
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(pkcs7 != NULL);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test-wc_PKCS7_New */
/*
@@ -28828,24 +26219,20 @@ static int test_wc_PKCS7_New(void)
*/
static int test_wc_PKCS7_Init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- PKCS7* pkcs7;
- void* heap = NULL;
-
- pkcs7 = wc_PKCS7_New(heap, testDevId);
- AssertNotNull(pkcs7);
+ PKCS7* pkcs7 = NULL;
+ void* heap = NULL;
- AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
/* Pass in bad args. */
- AssertIntEQ(wc_PKCS7_Init(NULL, heap, testDevId), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_Init(NULL, heap, testDevId), BAD_FUNC_ARG);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test-wc_PKCS7_Init */
@@ -28854,47 +26241,53 @@ static int test_wc_PKCS7_Init(void)
*/
static int test_wc_PKCS7_InitWithCert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
unsigned char cert[sizeof(client_cert_der_2048)];
int certSz = (int)sizeof(cert);
+
XMEMSET(cert, 0, certSz);
XMEMCPY(cert, client_cert_der_2048, sizeof(client_cert_der_2048));
#elif defined(USE_CERT_BUFFERS_1024)
unsigned char cert[sizeof(client_cert_der_1024)];
int certSz = (int)sizeof(cert);
+
XMEMSET(cert, 0, certSz);
XMEMCPY(cert, client_cert_der_1024, sizeof_client_cert_der_1024);
#else
unsigned char cert[ONEK_BUF];
- XFILE fp;
+ XFILE fp = XBADFILE;
int certSz;
- fp = XFOPEN("./certs/1024/client-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+ fp), 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
unsigned char cert[sizeof(cliecc_cert_der_256)];
int certSz = (int)sizeof(cert);
+
XMEMSET(cert, 0, certSz);
XMEMCPY(cert, cliecc_cert_der_256, sizeof(cliecc_cert_der_256));
#else
unsigned char cert[ONEK_BUF];
- XFILE fp;
+ XFILE fp = XBADFILE;
int certSz;
- fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
-
- certSz = (int)XFREAD(cert, 1, sizeof(cliecc_cert_der_256), fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof(cliecc_cert_der_256),
+ fp), 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#else
#error PKCS7 requires ECC or RSA
@@ -28976,35 +26369,35 @@ static int test_wc_PKCS7_InitWithCert(void)
0x64, 0xAB, 0xA6, 0xBE, 0x02, 0x21, 0x00, 0xAA, 0xC5, 0xA3, 0x50, 0xF6,
0xF1, 0xA5, 0xDB, 0x05, 0xE0, 0x75, 0xD2, 0xF7, 0xBA, 0x49, 0x5F, 0x8F,
0x7D, 0x1C, 0x44, 0xB1, 0x6E, 0xDF, 0xC8, 0xDA, 0x10, 0x48, 0x2D, 0x53,
- 0x08, 0xA8, 0xB4};
+ 0x08, 0xA8, 0xB4
+ };
#endif
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
/* If initialization is not successful, it's free'd in init func. */
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
-
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz),
+ 0);
wc_PKCS7_Free(pkcs7);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ pkcs7 = NULL;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
/* Valid initialization usage. */
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* Pass in bad args. No need free for null checks, free at end.*/
- AssertIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz),
- BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, (word32)certSz),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, (word32)certSz),
+ BAD_FUNC_ARG);
#ifdef HAVE_ECC
- AssertIntLT(wc_PKCS7_InitWithCert(pkcs7, certWithInvalidEccKey,
- sizeof(certWithInvalidEccKey)), 0);
+ ExpectIntLT(wc_PKCS7_InitWithCert(pkcs7, certWithInvalidEccKey,
+ sizeof(certWithInvalidEccKey)), 0);
}
#endif
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_InitWithCert */
@@ -29013,11 +26406,11 @@ static int test_wc_PKCS7_InitWithCert(void)
*/
static int test_wc_PKCS7_EncodeData(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- PKCS7* pkcs7;
- byte output[FOURK_BUF];
- byte data[] = "My encoded DER cert.";
+ PKCS7* pkcs7 = NULL;
+ byte output[FOURK_BUF];
+ byte data[] = "My encoded DER cert.";
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
@@ -29025,36 +26418,43 @@ static int test_wc_PKCS7_EncodeData(void)
unsigned char key[sizeof(client_key_der_2048)];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
+
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, client_cert_der_2048, certSz);
XMEMCPY(key, client_key_der_2048, keySz);
-
#elif defined(USE_CERT_BUFFERS_1024)
unsigned char cert[sizeof(sizeof_client_cert_der_1024)];
unsigned char key[sizeof_client_key_der_1024];
int certSz = (int)sizeof(cert);
int keySz = (int)sizeof(key);
+
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, client_cert_der_1024, certSz);
XMEMCPY(key, client_key_der_1024, keySz);
#else
- unsigned char cert[ONEK_BUF];
- unsigned char key[ONEK_BUF];
- XFILE fp;
- int certSz;
- int keySz;
+ unsigned char cert[ONEK_BUF];
+ unsigned char key[ONEK_BUF];
+ XFILE fp = XBADFILE;
+ int certSz;
+ int keySz;
- fp = XFOPEN("./certs/1024/client-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/1024/client-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+ 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
@@ -29069,46 +26469,52 @@ static int test_wc_PKCS7_EncodeData(void)
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
- XFILE fp;
+ XFILE fp = XBADFILE;
int certSz, keySz;
- fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/client-ecc-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
+ 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#endif
XMEMSET(output, 0, sizeof(output));
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, certSz), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, certSz), 0);
- pkcs7->content = data;
- pkcs7->contentSz = sizeof(data);
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = keySz;
- AssertIntGT(wc_PKCS7_EncodeData(pkcs7, output, (word32)sizeof(output)), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = data;
+ pkcs7->contentSz = sizeof(data);
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = keySz;
+ }
+ ExpectIntGT(wc_PKCS7_EncodeData(pkcs7, output, (word32)sizeof(output)), 0);
/* Test bad args. */
- AssertIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)),
+ ExpectIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)),
BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeData(pkcs7, NULL, (word32)sizeof(output)),
+ ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, NULL, (word32)sizeof(output)),
BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeData(pkcs7, output, 5), BUFFER_E);
+ ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, output, 5), BUFFER_E);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeData */
@@ -29183,16 +26589,15 @@ static int rsaSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz,
*/
static int test_wc_PKCS7_EncodeSignedData(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- PKCS7* pkcs7;
- WC_RNG rng;
- byte output[FOURK_BUF];
- byte badOut[1];
- word32 outputSz = (word32)sizeof(output);
- word32 badOutSz = 0;
- byte data[] = "Test data to encode.";
-
+ PKCS7* pkcs7 = NULL;
+ WC_RNG rng;
+ byte output[FOURK_BUF];
+ byte badOut[1];
+ word32 outputSz = (word32)sizeof(output);
+ word32 badOutSz = 0;
+ byte data[] = "Test data to encode.";
#ifndef NO_RSA
#if defined(USE_CERT_BUFFERS_2048)
byte key[sizeof(client_key_der_2048)];
@@ -29215,19 +26620,25 @@ static int test_wc_PKCS7_EncodeSignedData(void)
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
- XFILE fp;
+ XFILE fp = XBADFILE;
int certSz;
int keySz;
- fp = XFOPEN("./certs/1024/client-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/1024/client-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+ 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
@@ -29242,83 +26653,98 @@ static int test_wc_PKCS7_EncodeSignedData(void)
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
- XFILE fp;
- int certSz, keySz;
+ XFILE fp = XBADFILE;
+ int certSz;
+ int keySz;
- fp = XOPEN("./certs/client-ecc-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XOPEN("./certs/client-ecc-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/client-ecc-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, ONEK_BUF, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, ONEK_BUF, fp), 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#endif
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
XMEMSET(output, 0, outputSz);
- AssertIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- pkcs7->content = data;
- pkcs7->contentSz = (word32)sizeof(data);
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = (word32)sizeof(key);
- pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
- pkcs7->hashOID = SHA256h;
-#else
- pkcs7->hashOID = SHAh;
-#endif
- pkcs7->rng = &rng;
+ if (pkcs7 != NULL) {
+ pkcs7->content = data;
+ pkcs7->contentSz = (word32)sizeof(data);
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = (word32)sizeof(key);
+ pkcs7->encryptOID = RSAk;
+ #ifdef NO_SHA
+ pkcs7->hashOID = SHA256h;
+ #else
+ pkcs7->hashOID = SHAh;
+ #endif
+ pkcs7->rng = &rng;
+ }
- AssertIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
+ ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ pkcs7 = NULL;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
/* Pass in bad args. */
- AssertIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, badOut,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, badOut,
badOutSz), BAD_FUNC_ARG);
- pkcs7->hashOID = 0; /* bad hashOID */
- AssertIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->hashOID = 0; /* bad hashOID */
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz),
+ BAD_FUNC_ARG);
#if defined(HAVE_PKCS7) && defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && \
!defined(NO_RSA) && !defined(NO_SHA256)
/* test RSA sign raw digest callback, if using RSA and compiled in.
* Example callback assumes SHA-256, so only run test if compiled in. */
wc_PKCS7_Free(pkcs7);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ pkcs7 = NULL;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- pkcs7->content = data;
- pkcs7->contentSz = (word32)sizeof(data);
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = (word32)sizeof(key);
- pkcs7->encryptOID = RSAk;
- pkcs7->hashOID = SHA256h;
- pkcs7->rng = &rng;
+ if (pkcs7 != NULL) {
+ pkcs7->content = data;
+ pkcs7->contentSz = (word32)sizeof(data);
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = (word32)sizeof(key);
+ pkcs7->encryptOID = RSAk;
+ pkcs7->hashOID = SHA256h;
+ pkcs7->rng = &rng;
+ }
- AssertIntEQ(wc_PKCS7_SetRsaSignRawDigestCb(pkcs7, rsaSignRawDigestCb), 0);
+ ExpectIntEQ(wc_PKCS7_SetRsaSignRawDigestCb(pkcs7, rsaSignRawDigestCb), 0);
- AssertIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
+ ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
#endif
wc_PKCS7_Free(pkcs7);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(1);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeSignedData */
@@ -29327,17 +26753,17 @@ static int test_wc_PKCS7_EncodeSignedData(void)
*/
static int test_wc_PKCS7_EncodeSignedData_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- int ret, i;
- PKCS7* pkcs7;
- WC_RNG rng;
- byte outputHead[FOURK_BUF/2];
- byte outputFoot[FOURK_BUF/2];
- word32 outputHeadSz = (word32)sizeof(outputHead);
- word32 outputFootSz = (word32)sizeof(outputFoot);
- byte data[FOURK_BUF];
- wc_HashAlg hash;
+ int i;
+ PKCS7* pkcs7 = NULL;
+ WC_RNG rng;
+ byte outputHead[FOURK_BUF/2];
+ byte outputFoot[FOURK_BUF/2];
+ word32 outputHeadSz = (word32)sizeof(outputHead);
+ word32 outputFootSz = (word32)sizeof(outputFoot);
+ byte data[FOURK_BUF];
+ wc_HashAlg hash;
#ifdef NO_SHA
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
@@ -29366,181 +26792,202 @@ static int test_wc_PKCS7_EncodeSignedData_ex(void)
XMEMCPY(key, client_key_der_1024, keySz);
XMEMCPY(cert, client_cert_der_1024, certSz);
#else
- unsigned char cert[ONEK_BUF];
- unsigned char key[ONEK_BUF];
- XFILE fp;
- int certSz;
- int keySz;
+ unsigned char cert[ONEK_BUF];
+ unsigned char key[ONEK_BUF];
+ XFILE fp = XBADFILE;
+ int certSz;
+ int keySz;
- fp = XFOPEN("./certs/1024/client-cert.der", "rb");
- AssertTrue((fp != XBADFILE));
- certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTure((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/1024/client-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+ 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
- unsigned char cert[sizeof(cliecc_cert_der_256)];
- unsigned char key[sizeof(ecc_clikey_der_256)];
- int certSz = (int)sizeof(cert);
- int keySz = (int)sizeof(key);
+ unsigned char cert[sizeof(cliecc_cert_der_256)];
+ unsigned char key[sizeof(ecc_clikey_der_256)];
+ int certSz = (int)sizeof(cert);
+ int keySz = (int)sizeof(key);
+
XMEMSET(cert, 0, certSz);
XMEMSET(key, 0, keySz);
XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
#else
- unsigned char cert[ONEK_BUF];
- unsigned char key[ONEK_BUF];
- XFILE fp;
- int certSz, keySz;
+ unsigned char cert[ONEK_BUF];
+ unsigned char key[ONEK_BUF];
+ XFILE fp = XBADFILE;
+ int certSz;
+ int keySz;
- fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/client-ecc-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
+ 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
#endif
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
/* initialize large data with sequence */
for (i=0; i<(int)sizeof(data); i++)
data[i] = i & 0xff;
XMEMSET(outputHead, 0, outputHeadSz);
XMEMSET(outputFoot, 0, outputFootSz);
- AssertIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- pkcs7->content = NULL; /* not used for ex */
- pkcs7->contentSz = (word32)sizeof(data);
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = (word32)sizeof(key);
- pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
- pkcs7->hashOID = SHA256h;
-#else
- pkcs7->hashOID = SHAh;
-#endif
- pkcs7->rng = &rng;
+ if (pkcs7 != NULL) {
+ pkcs7->content = NULL; /* not used for ex */
+ pkcs7->contentSz = (word32)sizeof(data);
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = (word32)sizeof(key);
+ pkcs7->encryptOID = RSAk;
+ #ifdef NO_SHA
+ pkcs7->hashOID = SHA256h;
+ #else
+ pkcs7->hashOID = SHAh;
+ #endif
+ pkcs7->rng = &rng;
+ }
/* calculate hash for content */
- ret = wc_HashInit(&hash, hashType);
- if (ret == 0) {
- ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
- if (ret == 0) {
- ret = wc_HashFinal(&hash, hashType, hashBuf);
- }
- wc_HashFree(&hash, hashType);
- }
- AssertIntEQ(ret, 0);
+ XMEMSET(&hash, 0, sizeof(wc_HashAlg));
+ ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
+ ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
+ ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
+ DoExpectIntEQ(wc_HashFree(&hash, hashType), 0);
/* Perform PKCS7 sign using hash directly */
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, &outputFootSz), 0);
- AssertIntGT(outputHeadSz, 0);
- AssertIntGT(outputFootSz, 0);
+ ExpectIntGT(outputHeadSz, 0);
+ ExpectIntGT(outputFootSz, 0);
wc_PKCS7_Free(pkcs7);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ pkcs7 = NULL;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
/* required parameter even on verify when using _ex, if using outputHead
* and outputFoot */
- pkcs7->contentSz = (word32)sizeof(data);
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ if (pkcs7 != NULL) {
+ pkcs7->contentSz = (word32)sizeof(data);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, outputFoot, outputFootSz), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* assembly complete PKCS7 sign and use normal verify */
{
- byte* output = (byte*)XMALLOC(
- outputHeadSz + sizeof(data) + outputFootSz,
- HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ byte* output = NULL;
word32 outputSz = 0;
- AssertNotNull(output);
- XMEMCPY(&output[outputSz], outputHead, outputHeadSz);
- outputSz += outputHeadSz;
- XMEMCPY(&output[outputSz], data, sizeof(data));
- outputSz += sizeof(data);
- XMEMCPY(&output[outputSz], outputFoot, outputFootSz);
- outputSz += outputFootSz;
-
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+
+ ExpectNotNull(output = (byte*)XMALLOC(
+ outputHeadSz + sizeof(data) + outputFootSz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (output != NULL) {
+ XMEMCPY(&output[outputSz], outputHead, outputHeadSz);
+ outputSz += outputHeadSz;
+ XMEMCPY(&output[outputSz], data, sizeof(data));
+ outputSz += sizeof(data);
+ XMEMCPY(&output[outputSz], outputFoot, outputFootSz);
+ outputSz += outputFootSz;
+ }
+
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
XFREE(output, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
/* Pass in bad args. */
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(NULL, hashBuf, hashSz, outputHead,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(NULL, hashBuf, hashSz, outputHead,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, NULL, hashSz, outputHead,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, NULL, hashSz, outputHead,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, 0, outputHead,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, 0, outputHead,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, NULL,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, NULL,
&outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, NULL, outputFoot, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, NULL, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, NULL), BAD_FUNC_ARG);
- pkcs7->hashOID = 0; /* bad hashOID */
- AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+ if (pkcs7 != NULL) {
+ pkcs7->hashOID = 0; /* bad hashOID */
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead,
outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead,
outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
outputHeadSz, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
#else
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
outputHeadSz, outputFoot, outputFootSz), BUFFER_E);
#endif
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL,
outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
/* can pass in 0 buffer length with streaming API */
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, 0, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
#else
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, 0, outputFoot, outputFootSz), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, NULL, outputFootSz), BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, outputFoot, 0), WC_PKCS7_WANT_READ_E);
#else
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
outputHead, outputHeadSz, outputFoot, 0), BUFFER_E);
#endif
wc_PKCS7_Free(pkcs7);
- wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(1);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeSignedData_ex */
@@ -29560,8 +27007,9 @@ static int LoadPKCS7SignedDataCerts(
byte* cert, word32* certSz,
byte* key, word32* keySz)
{
+ EXPECT_DECLS;
int ret = 0;
- FILE* fp = NULL;
+ XFILE fp = XBADFILE;
#ifndef NO_RSA
const char* intCARootRSA = "./certs/ca-cert.der";
@@ -29600,35 +27048,45 @@ static int LoadPKCS7SignedDataCerts(
#ifndef NO_RSA
case RSA_TYPE:
if (useIntermediateCertChain == 1) {
- fp = XFOPEN(intCARootRSA, "rb");
- AssertNotNull(fp);
+ ExpectTrue((fp = XFOPEN(intCARootRSA, "rb")) != XBADFILE);
*intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp);
- XFCLOSE(fp);
- AssertIntGT(*intCARootSz, 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*intCARootSz, 0);
- fp = XFOPEN(intCA1RSA, "rb");
- AssertNotNull(fp);
- *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
- XFCLOSE(fp);
- AssertIntGT(*intCA1Sz, 0);
+ ExpectTrue((fp = XFOPEN(intCA1RSA, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*intCA1Sz, 0);
- fp = XFOPEN(intCA2RSA, "rb");
- AssertNotNull(fp);
- *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
- XFCLOSE(fp);
- AssertIntGT(*intCA2Sz, 0);
+ ExpectTrue((fp = XFOPEN(intCA2RSA, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*intCA2Sz, 0);
- fp = XFOPEN(intServCertRSA, "rb");
- AssertNotNull(fp);
- *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
- XFCLOSE(fp);
- AssertIntGT(*certSz, 0);
+ ExpectTrue((fp = XFOPEN(intServCertRSA, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*certSz, 0);
- fp = XFOPEN(intServKeyRSA, "rb");
- AssertNotNull(fp);
- *keySz = (word32)XFREAD(key, 1, *keySz, fp);
- XFCLOSE(fp);
- AssertIntGT(*keySz, 0);
+ ExpectTrue((fp = XFOPEN(intServKeyRSA, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*keySz, 0);
}
else {
#if defined(USE_CERT_BUFFERS_2048)
@@ -29642,17 +27100,21 @@ static int LoadPKCS7SignedDataCerts(
XMEMCPY(key, client_key_der_1024, *keySz);
XMEMCPY(cert, client_cert_der_1024, *certSz);
#else
- fp = XFOPEN(cli1024Key, "rb");
- AssertNotNull(fp);
- *keySz = (word32)XFREAD(key, 1, *keySz, fp);
- XFCLOSE(fp);
- AssertIntGT(*keySz, 0);
+ ExpectTrue((fp = XFOPEN(cli1024Key, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*keySz, 0);
- fp = XFOPEN(cli1024Cert, "rb");
- AssertNotNull(fp);
- *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
- XFCLOSE(fp);
- AssertIntGT(*certSz, 0);
+ ExpectTrue((fp = XFOPEN(cli1024Cert, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*certSz, 0);
#endif /* USE_CERT_BUFFERS_2048 */
}
break;
@@ -29660,35 +27122,46 @@ static int LoadPKCS7SignedDataCerts(
#ifdef HAVE_ECC
case ECC_TYPE:
if (useIntermediateCertChain == 1) {
- fp = XFOPEN(intCARootECC, "rb");
- AssertNotNull(fp);
- *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp);
- XFCLOSE(fp);
- AssertIntGT(*intCARootSz, 0);
+ ExpectTrue((fp = XFOPEN(intCARootECC, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz,
+ fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*intCARootSz, 0);
- fp = XFOPEN(intCA1ECC, "rb");
- AssertNotNull(fp);
- *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
- XFCLOSE(fp);
- AssertIntGT(*intCA1Sz, 0);
+ ExpectTrue((fp = XFOPEN(intCA1ECC, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*intCA1Sz, 0);
- fp = XFOPEN(intCA2ECC, "rb");
- AssertNotNull(fp);
- *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
- XFCLOSE(fp);
- AssertIntGT(*intCA2Sz, 0);
+ ExpectTrue((fp = XFOPEN(intCA2ECC, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*intCA2Sz, 0);
- fp = XFOPEN(intServCertECC, "rb");
- AssertNotNull(fp);
- *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
- XFCLOSE(fp);
- AssertIntGT(*certSz, 0);
+ ExpectTrue((fp = XFOPEN(intServCertECC, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*certSz, 0);
- fp = XFOPEN(intServKeyECC, "rb");
- AssertNotNull(fp);
- *keySz = (word32)XFREAD(key, 1, *keySz, fp);
- XFCLOSE(fp);
- AssertIntGT(*keySz, 0);
+ ExpectTrue((fp = XFOPEN(intServKeyECC, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*keySz, 0);
}
else {
#if defined(USE_CERT_BUFFERS_256)
@@ -29697,17 +27170,21 @@ static int LoadPKCS7SignedDataCerts(
XMEMCPY(key, ecc_clikey_der_256, *keySz);
XMEMCPY(cert, cliecc_cert_der_256, *certSz);
#else
- fp = XFOPEN(cliEccKey, "rb");
- AssertNotNull(fp);
- *keySz = (word32)XFREAD(key, 1, *keySz, fp);
- XFCLOSE(fp);
- AssertIntGT(*keySz, 0);
+ ExpectTrue((fp = XFOPEN(cliEccKey, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*keySz, 0);
- fp = XFOPEN(cliEccCert, "rb");
- AssertNotNull(fp);
- *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
- XFCLOSE(fp);
- AssertIntGT(*certSz, 0);
+ ExpectTrue((fp = XFOPEN(cliEccCert, "rb")) != XBADFILE);
+ if (fp != XBADFILE) {
+ *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntGT(*certSz, 0);
#endif /* USE_CERT_BUFFERS_256 */
}
break;
@@ -29718,6 +27195,9 @@ static int LoadPKCS7SignedDataCerts(
break;
}
+ if (EXPECT_FAIL() && (ret == 0)) {
+ ret = BAD_FUNC_ARG;
+ }
return ret;
}
@@ -29741,6 +27221,7 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
int useIntermediateCertChain,
int pkAlgoType)
{
+ EXPECT_DECLS;
int ret = 0;
WC_RNG rng;
PKCS7* pkcs7 = NULL;
@@ -29777,62 +27258,68 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
ret = LoadPKCS7SignedDataCerts(useIntermediateCertChain, pkAlgoType,
intCARoot, &intCARootSz, intCA1, &intCA1Sz, intCA2, &intCA2Sz,
cert, &certSz, key, &keySz);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(ret, 0);
XMEMSET(output, 0, outputSz);
- AssertIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
if (useIntermediateCertChain == 1) {
/* Add intermediate and root CA certs into SignedData Certs SET */
- AssertIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA2, intCA2Sz), 0);
- AssertIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA1, intCA1Sz), 0);
- AssertIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCARoot, intCARootSz), 0);
+ ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA2, intCA2Sz), 0);
+ ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA1, intCA1Sz), 0);
+ ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCARoot, intCARootSz), 0);
}
- pkcs7->content = data;
- pkcs7->contentSz = dataSz;
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = (word32)sizeof(key);
- if (pkAlgoType == RSA_TYPE) {
- pkcs7->encryptOID = RSAk;
- }
- else {
- pkcs7->encryptOID = ECDSAk;
- }
-#ifdef NO_SHA
- pkcs7->hashOID = SHA256h;
-#else
- pkcs7->hashOID = SHAh;
-#endif
- pkcs7->rng = &rng;
- if (withAttribs) {
- /* include a signed attribute */
- pkcs7->signedAttribs = attribs;
- pkcs7->signedAttribsSz = (sizeof(attribs)/sizeof(PKCS7Attrib));
+ if (pkcs7 != NULL) {
+ pkcs7->content = data;
+ pkcs7->contentSz = dataSz;
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = (word32)sizeof(key);
+ if (pkAlgoType == RSA_TYPE) {
+ pkcs7->encryptOID = RSAk;
+ }
+ else {
+ pkcs7->encryptOID = ECDSAk;
+ }
+ #ifdef NO_SHA
+ pkcs7->hashOID = SHA256h;
+ #else
+ pkcs7->hashOID = SHAh;
+ #endif
+ pkcs7->rng = &rng;
+ if (withAttribs) {
+ /* include a signed attribute */
+ pkcs7->signedAttribs = attribs;
+ pkcs7->signedAttribsSz = (sizeof(attribs)/sizeof(PKCS7Attrib));
+ }
}
if (detachedSig) {
- AssertIntEQ(wc_PKCS7_SetDetached(pkcs7, 1), 0);
+ ExpectIntEQ(wc_PKCS7_SetDetached(pkcs7, 1), 0);
}
outputSz = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
- AssertIntGT(outputSz, 0);
+ ExpectIntGT(outputSz, 0);
wc_PKCS7_Free(pkcs7);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- if (detachedSig) {
+ pkcs7 = NULL;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ if (detachedSig && (pkcs7 != NULL)) {
pkcs7->content = data;
pkcs7->contentSz = dataSz;
}
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
wc_FreeRng(&rng);
+ if (EXPECT_FAIL()) {
+ outputSz = 0;
+ }
return outputSz;
}
#endif
@@ -29840,20 +27327,18 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
/*
* Testing wc_PKCS_VerifySignedData()
*/
-static int test_wc_PKCS7_VerifySignedData(void)
+static int test_wc_PKCS7_VerifySignedData_RSA(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
- PKCS7* pkcs7;
+ EXPECT_DECLS;
+#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+ PKCS7* pkcs7 = NULL;
byte output[6000]; /* Large size needed for bundles with int CA certs */
word32 outputSz = sizeof(output);
byte data[] = "Test data to encode.";
byte badOut[1];
word32 badOutSz = 0;
byte badContent[] = "This is different content than was signed";
-
- int ret;
- wc_HashAlg hash;
+ wc_HashAlg hash;
#ifdef NO_SHA
enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
#else
@@ -29861,10 +27346,8 @@ static int test_wc_PKCS7_VerifySignedData(void)
#endif
byte hashBuf[WC_MAX_DIGEST_SIZE];
word32 hashSz = wc_HashGetDigestSize(hashType);
-
#ifndef NO_RSA
PKCS7DecodedAttrib* decodedAttrib = NULL;
-
/* contentType OID (1.2.840.113549.1.9.3) */
static const byte contentTypeOid[] =
{ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x09, 0x03 };
@@ -29876,13 +27359,11 @@ static int test_wc_PKCS7_VerifySignedData(void)
/* messageDigest OID (1.2.840.113549.1.9.4) */
static const byte messageDigestOid[] =
{ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04 };
-
#ifndef NO_ASN_TIME
/* signingTime OID () */
static const byte signingTimeOid[] =
{ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05};
#endif
-
#if !defined(NO_ASN) && !defined(NO_ASN_TIME)
int dateLength = 0;
byte dateFormat;
@@ -29896,227 +27377,252 @@ static int test_wc_PKCS7_VerifySignedData(void)
#endif
#endif /* !NO_ASN && !NO_ASN_TIME */
+ XMEMSET(&hash, 0, sizeof(wc_HashAlg));
+
/* Success test with RSA certs/key */
- AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
- (word32)sizeof(data),
- 0, 0, 0, RSA_TYPE)), 0);
+ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+ (word32)sizeof(data), 0, 0, 0, RSA_TYPE)), 0);
/* calculate hash for content, used later */
- ret = wc_HashInit(&hash, hashType);
- if (ret == 0) {
- ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
- if (ret == 0) {
- ret = wc_HashFinal(&hash, hashType, hashBuf);
- }
- wc_HashFree(&hash, hashType);
- }
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
+ ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
+ ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
+ DoExpectIntEQ(wc_HashFree(&hash, hashType), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
/* Check that decoded signed attributes are correct */
/* messageDigest should be first */
- decodedAttrib = pkcs7->decodedAttrib;
- AssertNotNull(decodedAttrib);
- AssertIntEQ(decodedAttrib->oidSz, (word32)sizeof(messageDigestOid));
- AssertIntEQ(XMEMCMP(decodedAttrib->oid, messageDigestOid,
- decodedAttrib->oidSz), 0);
+ if (pkcs7 != NULL) {
+ decodedAttrib = pkcs7->decodedAttrib;
+ }
+ ExpectNotNull(decodedAttrib);
+ ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(messageDigestOid));
+ ExpectIntEQ(XMEMCMP(decodedAttrib->oid, messageDigestOid,
+ decodedAttrib->oidSz), 0);
/* + 2 for OCTET STRING and length bytes */
- AssertIntEQ(decodedAttrib->valueSz, hashSz + 2);
- AssertNotNull(decodedAttrib->value);
- AssertIntEQ(XMEMCMP(decodedAttrib->value + 2, hashBuf, hashSz), 0);
+ ExpectIntEQ(decodedAttrib->valueSz, hashSz + 2);
+ ExpectNotNull(decodedAttrib->value);
+ ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, hashBuf, hashSz), 0);
#ifndef NO_ASN_TIME
/* signingTime should be second */
- decodedAttrib = decodedAttrib->next;
- AssertNotNull(decodedAttrib);
- AssertIntEQ(decodedAttrib->oidSz, (word32)sizeof(signingTimeOid));
- AssertIntEQ(XMEMCMP(decodedAttrib->oid, signingTimeOid,
- decodedAttrib->oidSz), 0);
+ if (decodedAttrib != NULL) {
+ decodedAttrib = decodedAttrib->next;
+ }
+ ExpectNotNull(decodedAttrib);
+ ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(signingTimeOid));
+ ExpectIntEQ(XMEMCMP(decodedAttrib->oid, signingTimeOid,
+ decodedAttrib->oidSz), 0);
- AssertIntGT(decodedAttrib->valueSz, 0);
- AssertNotNull(decodedAttrib->value);
+ ExpectIntGT(decodedAttrib->valueSz, 0);
+ ExpectNotNull(decodedAttrib->value);
#endif
/* Verify signingTime if ASN and time are available */
#if !defined(NO_ASN) && !defined(NO_ASN_TIME)
- AssertIntEQ(wc_GetDateInfo(decodedAttrib->value, decodedAttrib->valueSz,
- &datePart, &dateFormat, &dateLength), 0);
- AssertNotNull(datePart);
- AssertIntGT(dateLength, 0);
+ ExpectIntEQ(wc_GetDateInfo(decodedAttrib->value, decodedAttrib->valueSz,
+ &datePart, &dateFormat, &dateLength), 0);
+ ExpectNotNull(datePart);
+ ExpectIntGT(dateLength, 0);
XMEMSET(&timearg, 0, sizeof(timearg));
- AssertIntEQ(wc_GetDateAsCalendarTime(datePart, dateLength, dateFormat,
- &timearg), 0);
+ ExpectIntEQ(wc_GetDateAsCalendarTime(datePart, dateLength, dateFormat,
+ &timearg), 0);
/* Get current time and compare year/month/day against attribute value */
- AssertIntEQ(wc_GetTime(&now, sizeof(now)), 0);
+ ExpectIntEQ(wc_GetTime(&now, sizeof(now)), 0);
nowTm = (struct tm*)XGMTIME((time_t*)&now, tmpTime);
- AssertNotNull(nowTm);
+ ExpectNotNull(nowTm);
- AssertIntEQ(timearg.tm_year, nowTm->tm_year);
- AssertIntEQ(timearg.tm_mon, nowTm->tm_mon);
- AssertIntEQ(timearg.tm_mday, nowTm->tm_mday);
+ ExpectIntEQ(timearg.tm_year, nowTm->tm_year);
+ ExpectIntEQ(timearg.tm_mon, nowTm->tm_mon);
+ ExpectIntEQ(timearg.tm_mday, nowTm->tm_mday);
#endif /* !NO_ASN && !NO_ASN_TIME */
/* contentType should be third */
- decodedAttrib = decodedAttrib->next;
- AssertNotNull(decodedAttrib);
- AssertIntEQ(decodedAttrib->oidSz, (word32)sizeof(contentTypeOid));
- AssertIntEQ(XMEMCMP(decodedAttrib->oid, contentTypeOid,
- decodedAttrib->oidSz), 0);
- AssertIntEQ(decodedAttrib->valueSz, (int)sizeof(dataType) + 2);
- AssertNotNull(decodedAttrib->value);
- AssertIntEQ(XMEMCMP(decodedAttrib->value + 2, dataType,
- sizeof(dataType)), 0);
+ if (decodedAttrib != NULL) {
+ decodedAttrib = decodedAttrib->next;
+ }
+ ExpectNotNull(decodedAttrib);
+ ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(contentTypeOid));
+ ExpectIntEQ(XMEMCMP(decodedAttrib->oid, contentTypeOid,
+ decodedAttrib->oidSz), 0);
+ ExpectIntEQ(decodedAttrib->valueSz, (int)sizeof(dataType) + 2);
+ ExpectNotNull(decodedAttrib->value);
+ ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, dataType, sizeof(dataType)),
+ 0);
#endif /* !NO_RSA */
-#ifdef HAVE_ECC
- #ifndef NO_RSA
- wc_PKCS7_Free(pkcs7);
- #endif
-
- /* Success test with ECC certs/key */
- outputSz = sizeof(output);
- XMEMSET(output, 0, outputSz);
- AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
- (word32)sizeof(data),
- 0, 0, 0, ECC_TYPE)), 0);
-
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
-#endif /* HAVE_ECC */
-
/* Test bad args. */
-#if !defined(NO_RSA) || defined(HAVE_ECC)
- AssertIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz),
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz),
BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, NULL, outputSz),
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, NULL, outputSz),
BAD_FUNC_ARG);
#ifndef NO_PKCS7_STREAM
/* can pass in 0 buffer length with streaming API */
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
badOutSz), WC_PKCS7_WANT_READ_E);
#else
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
badOutSz), BAD_FUNC_ARG);
#endif
wc_PKCS7_Free(pkcs7);
-#endif /* !NO_RSA || HAVE_ECC */
+ pkcs7 = NULL;
- /* Invalid content should error, use detached signature so we can
- * easily change content */
#ifndef NO_RSA
/* Try RSA certs/key/sig first */
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
- AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
(word32)sizeof(data),
1, 1, 0, RSA_TYPE)), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- pkcs7->content = badContent;
- pkcs7->contentSz = sizeof(badContent);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = badContent;
+ pkcs7->contentSz = sizeof(badContent);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
SIG_VERIFY_E);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* Test success case with detached signature and valid content */
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- pkcs7->content = data;
- pkcs7->contentSz = sizeof(data);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = data;
+ pkcs7->contentSz = sizeof(data);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* verify using pre-computed content digest only (no content) */
{
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
- output, outputSz,
- NULL, 0), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ output, outputSz, NULL, 0), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
}
#endif /* !NO_RSA */
-#ifdef HAVE_ECC
- /* Try ECC certs/key/sig next */
+
+ /* Test verify on signedData containing intermediate/root CA certs */
+#ifndef NO_RSA
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
- AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
(word32)sizeof(data),
- 1, 1, 0, ECC_TYPE)), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- pkcs7->content = badContent;
- pkcs7->contentSz = sizeof(badContent);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
- SIG_VERIFY_E);
+ 0, 0, 1, RSA_TYPE)), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
+#endif /* !NO_RSA */
+#endif
+ return EXPECT_RESULT();
+} /* END test_wc_PKCS7_VerifySignedData()_RSA */
+
+/*
+ * Testing wc_PKCS_VerifySignedData()
+ */
+static int test_wc_PKCS7_VerifySignedData_ECC(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
+ PKCS7* pkcs7 = NULL;
+ byte output[6000]; /* Large size needed for bundles with int CA certs */
+ word32 outputSz = sizeof(output);
+ byte data[] = "Test data to encode.";
+ byte badContent[] = "This is different content than was signed";
+ wc_HashAlg hash;
+#ifdef NO_SHA
+ enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
+#else
+ enum wc_HashType hashType = WC_HASH_TYPE_SHA;
+#endif
+ byte hashBuf[WC_MAX_DIGEST_SIZE];
+ word32 hashSz = wc_HashGetDigestSize(hashType);
+
+ XMEMSET(&hash, 0, sizeof(wc_HashAlg));
+
+ /* Success test with ECC certs/key */
+ outputSz = sizeof(output);
+ XMEMSET(output, 0, outputSz);
+ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+ (word32)sizeof(data), 0, 0, 0, ECC_TYPE)), 0);
+
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
+
+ /* Invalid content should error, use detached signature so we can
+ * easily change content */
+ outputSz = sizeof(output);
+ XMEMSET(output, 0, outputSz);
+ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+ (word32)sizeof(data), 1, 1, 0, ECC_TYPE)), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = badContent;
+ pkcs7->contentSz = sizeof(badContent);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
+ SIG_VERIFY_E);
+ wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* Test success case with detached signature and valid content */
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- pkcs7->content = data;
- pkcs7->contentSz = sizeof(data);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = data;
+ pkcs7->contentSz = sizeof(data);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* verify using pre-computed content digest only (no content) */
{
/* calculate hash for content */
- ret = wc_HashInit(&hash, hashType);
- if (ret == 0) {
- ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
- if (ret == 0) {
- ret = wc_HashFinal(&hash, hashType, hashBuf);
- }
- wc_HashFree(&hash, hashType);
- }
- AssertIntEQ(ret, 0);
-
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
- output, outputSz,
- NULL, 0), 0);
+ ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
+ ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
+ ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
+ ExpectIntEQ(wc_HashFree(&hash, hashType), 0);
+
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+ output, outputSz, NULL, 0), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
}
-#endif
/* Test verify on signedData containing intermediate/root CA certs */
-#ifndef NO_RSA
outputSz = sizeof(output);
XMEMSET(output, 0, outputSz);
- AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
- (word32)sizeof(data),
- 0, 0, 1, RSA_TYPE)), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+ ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+ (word32)sizeof(data), 0, 0, 1, ECC_TYPE)), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
wc_PKCS7_Free(pkcs7);
-#endif /* !NO_RSA */
-#ifdef HAVE_ECC
- outputSz = sizeof(output);
- XMEMSET(output, 0, outputSz);
- AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
- (word32)sizeof(data),
- 0, 0, 1, ECC_TYPE)), 0);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
- wc_PKCS7_Free(pkcs7);
-#endif /* HAVE_ECC */
-
- res = TEST_RES_CHECK(1);
+ pkcs7 = NULL;
#endif
- return res;
-} /* END test_wc_PKCS7_VerifySignedData() */
+ return EXPECT_RESULT();
+} /* END test_wc_PKCS7_VerifySignedData_ECC() */
#if defined(HAVE_PKCS7) && !defined(NO_AES) && defined(HAVE_AES_CBC) && \
@@ -30227,9 +27733,9 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
*/
static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
#ifdef ECC_TIMING_RESISTANT
WC_RNG rng;
#endif
@@ -30240,7 +27746,6 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
int testSz = 0;
#if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) || \
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
-
byte* rsaCert = NULL;
byte* rsaPrivKey = NULL;
word32 rsaCertSz;
@@ -30255,7 +27760,6 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
#endif
#if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
-
byte* eccCert = NULL;
byte* eccPrivKey = NULL;
word32 eccCertSz;
@@ -30270,8 +27774,12 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
byte decoded[sizeof(input)/sizeof(char)];
int decodedSz = 0;
#ifndef NO_FILESYSTEM
- XFILE certFile;
- XFILE keyFile;
+ XFILE certFile = XBADFILE;
+ XFILE keyFile = XBADFILE;
+#endif
+
+#ifdef ECC_TIMING_RESISTANT
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
#endif
#if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
@@ -30280,43 +27788,51 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
#if defined(USE_CERT_BUFFERS_1024)
rsaCertSz = (word32)sizeof_client_cert_der_1024;
/* Allocate buffer space. */
- AssertNotNull(rsaCert =
- (byte*)XMALLOC(rsaCertSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */
- XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
+ if (rsaCert != NULL) {
+ XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
+ }
rsaPrivKeySz = (word32)sizeof_client_key_der_1024;
- AssertNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
- DYNAMIC_TYPE_TMP_BUFFER));
- XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
-
+ ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (rsaPrivKey != NULL) {
+ XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
+ }
#elif defined(USE_CERT_BUFFERS_2048)
rsaCertSz = (word32)sizeof_client_cert_der_2048;
/* Allocate buffer */
- AssertNotNull(rsaCert =
- (byte*)XMALLOC(rsaCertSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */
- XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
+ if (rsaCert != NULL) {
+ XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
+ }
rsaPrivKeySz = (word32)sizeof_client_key_der_2048;
- AssertNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
- DYNAMIC_TYPE_TMP_BUFFER));
- XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
-
+ ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (rsaPrivKey != NULL) {
+ XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
+ }
#else
/* File system. */
- certFile = XFOPEN(rsaClientCert, "rb");
- AssertTrue(certFile != XBADFILE);
+ ExpectTrue((certFile = XFOPEN(rsaClientCert, "rb")) != XBADFILE);
rsaCertSz = (word32)FOURK_BUF;
- AssertNotNull(rsaCert =
- (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- rsaCertSz = (word32)XFREAD(rsaCert, 1, rsaCertSz, certFile);
- XFCLOSE(certFile);
- keyFile = XFOPEN(rsaClientKey, "rb");
- AssertTrue(keyFile != XBADFILE);
- AssertNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
- DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectNotNull(rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectTrue((rsaCertSz = (word32)XFREAD(rsaCert, 1, rsaCertSz,
+ certFile)) > 0);
+ if (certFile != XBADFILE)
+ XFCLOSE(certFile);
+ ExpectTrue((keyFile = XFOPEN(rsaClientKey, "rb")) != XBADFILE);
+ ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
rsaPrivKeySz = (word32)FOURK_BUF;
- rsaPrivKeySz = (word32)XFREAD(rsaPrivKey, 1, rsaPrivKeySz, keyFile);
- XFCLOSE(keyFile);
+ ExpectTrue((rsaPrivKeySz = (word32)XFREAD(rsaPrivKey, 1, rsaPrivKeySz,
+ keyFile)) > 0);
+ if (keyFile != XBADFILE)
+ XFCLOSE(keyFile);
#endif /* USE_CERT_BUFFERS */
#endif /* NO_RSA */
@@ -30325,30 +27841,38 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
!defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
#ifdef USE_CERT_BUFFERS_256
- AssertNotNull(eccCert =
- (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectNotNull(eccCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */
eccCertSz = (word32)sizeof_cliecc_cert_der_256;
- XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
- AssertNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
- DYNAMIC_TYPE_TMP_BUFFER));
+ if (eccCert != NULL) {
+ XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
+ }
+ ExpectNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256;
- XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
+ if (eccPrivKey != NULL) {
+ XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
+ }
#else /* File system. */
- certFile = XFOPEN(eccClientCert, "rb");
- AssertTrue(certFile != XBADFILE);
+ ExpectTrue((certFile = XFOPEN(eccClientCert, "rb")) != XBADFILE);
eccCertSz = (word32)FOURK_BUF;
- AssertNotNull(eccCert =
- (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- eccCertSz = (word32)XFREAD(eccCert, 1, eccCertSz, certFile);
- XFCLOSE(certFile);
- keyFile = XFOPEN(eccClientKey, "rb");
- AssertTrue(keyFile != XBADFILE);
+ ExpectNotNull(eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectTrue((eccCertSz = (word32)XFREAD(eccCert, 1, eccCertSz,
+ certFile)) > 0);
+ if (certFile != XBADFILE) {
+ XFCLOSE(certFile);
+ }
+ ExpectTrue((keyFile = XFOPEN(eccClientKey, "rb")) != XBADFILE);
eccPrivKeySz = (word32)FOURK_BUF;
- AssertNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
- DYNAMIC_TYPE_TMP_BUFFER));
- eccPrivKeySz = (word32)XFREAD(eccPrivKey, 1, eccPrivKeySz, keyFile);
- XFCLOSE(keyFile);
+ ExpectNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectTrue((eccPrivKeySz = (word32)XFREAD(eccPrivKey, 1, eccPrivKeySz,
+ keyFile)) > 0);
+ if (keyFile != XBADFILE) {
+ XFCLOSE(keyFile);
+ }
#endif /* USE_CERT_BUFFERS_256 */
#endif /* END HAVE_ECC */
@@ -30385,198 +27909,234 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
#if defined(HAVE_ECC)
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#if !defined(NO_SHA) && !defined(NO_AES_128)
- {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb,
- AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme, eccCert,
- eccCertSz, eccPrivKey, eccPrivKeySz},
+ {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
+ AES128CBCb, AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme,
+ eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
#endif
#if !defined(NO_SHA256) && !defined(NO_AES_256)
- {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
- AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert,
- eccCertSz, eccPrivKey, eccPrivKeySz},
+ {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
+ AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme,
+ eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
#endif
#if defined(WOLFSSL_SHA512) && !defined(NO_AES_256)
- {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
- AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme, eccCert,
- eccCertSz, eccPrivKey, eccPrivKeySz},
+ {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
+ AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme,
+ eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
#endif
#endif /* NO_AES && HAVE_AES_CBC*/
#endif /* END HAVE_ECC */
}; /* END pkcs7EnvelopedVector */
#ifdef ECC_TIMING_RESISTANT
- AssertIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
testSz = (int)sizeof(testVectors)/(int)sizeof(pkcs7EnvelopedVector);
for (i = 0; i < testSz; i++) {
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert,
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert,
(word32)(testVectors + i)->certSz), 0);
+ if (pkcs7 != NULL) {
#ifdef ECC_TIMING_RESISTANT
- pkcs7->rng = &rng;
+ pkcs7->rng = &rng;
#endif
- pkcs7->content = (byte*)(testVectors + i)->content;
- pkcs7->contentSz = (testVectors + i)->contentSz;
- pkcs7->contentOID = (testVectors + i)->contentOID;
- pkcs7->encryptOID = (testVectors + i)->encryptOID;
- pkcs7->keyWrapOID = (testVectors + i)->keyWrapOID;
- pkcs7->keyAgreeOID = (testVectors + i)->keyAgreeOID;
- pkcs7->privateKey = (testVectors + i)->privateKey;
- pkcs7->privateKeySz = (testVectors + i)->privateKeySz;
+ pkcs7->content = (byte*)(testVectors + i)->content;
+ pkcs7->contentSz = (testVectors + i)->contentSz;
+ pkcs7->contentOID = (testVectors + i)->contentOID;
+ pkcs7->encryptOID = (testVectors + i)->encryptOID;
+ pkcs7->keyWrapOID = (testVectors + i)->keyWrapOID;
+ pkcs7->keyAgreeOID = (testVectors + i)->keyAgreeOID;
+ pkcs7->privateKey = (testVectors + i)->privateKey;
+ pkcs7->privateKeySz = (testVectors + i)->privateKeySz;
+ }
- AssertIntGE(wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
- (word32)sizeof(output)), 0);
+ ExpectIntGE(wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output)), 0);
decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded));
- AssertIntGE(decodedSz, 0);
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded));
+ ExpectIntGE(decodedSz, 0);
/* Verify the size of each buffer. */
- AssertIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
+ ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
/* Don't free the last time through the loop. */
if (i < testSz - 1) {
wc_PKCS7_Free(pkcs7);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ pkcs7 = NULL;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
}
} /* END test loop. */
}
/* Test bad args. */
- AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output,
+ ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output,
(word32)sizeof(output)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL,
+ ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL,
(word32)sizeof(output)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, 0), BAD_FUNC_ARG);
/* Decode. */
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), NULL, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
(word32)sizeof(output), decoded, 0), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, NULL,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, 0, decoded,
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, NULL,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, 0, decoded,
(word32)sizeof(decoded)), BAD_FUNC_ARG);
/* Should get a return of BAD_FUNC_ARG with structure data. Order matters.*/
#if defined(HAVE_ECC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
/* only a failure for KARI test cases */
- tempWrd32 = pkcs7->singleCertSz;
- pkcs7->singleCertSz = 0;
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- pkcs7->singleCertSz = tempWrd32;
-
- tmpBytePtr = pkcs7->singleCert;
- pkcs7->singleCert = NULL;
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- pkcs7->singleCert = tmpBytePtr;
-#endif
- tempWrd32 = pkcs7->privateKeySz;
- pkcs7->privateKeySz = 0;
-
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- pkcs7->privateKeySz = tempWrd32;
-
- tmpBytePtr = pkcs7->privateKey;
- pkcs7->privateKey = NULL;
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
- (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
- pkcs7->privateKey = tmpBytePtr;
+ if (pkcs7 != NULL) {
+ tempWrd32 = pkcs7->singleCertSz;
+ pkcs7->singleCertSz = 0;
+ }
+ #if defined(WOLFSSL_ASN_TEMPLATE)
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ BUFFER_E);
+ #else
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ ASN_PARSE_E);
+ #endif
+ if (pkcs7 != NULL) {
+ pkcs7->singleCertSz = tempWrd32;
+
+ tmpBytePtr = pkcs7->singleCert;
+ pkcs7->singleCert = NULL;
+ }
+ #ifndef NO_RSA
+ #if defined(NO_PKCS7_STREAM)
+ /* when none streaming mode is used and PKCS7 is in bad state buffer error
+ * is returned from kari parse which gets set to bad func arg */
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ BAD_FUNC_ARG);
+ #else
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ ASN_PARSE_E);
+ #endif
+ #endif /* !NO_RSA */
+ if (pkcs7 != NULL) {
+ pkcs7->singleCert = tmpBytePtr;
+ }
+#endif
+ if (pkcs7 != NULL) {
+ tempWrd32 = pkcs7->privateKeySz;
+ pkcs7->privateKeySz = 0;
+ }
+
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->privateKeySz = tempWrd32;
+
+ tmpBytePtr = pkcs7->privateKey;
+ pkcs7->privateKey = NULL;
+ }
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+ BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->privateKey = tmpBytePtr;
+ }
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
#if !defined(NO_AES) && defined(HAVE_AES_CBC) && !defined(NO_AES_256)
/* test of decrypt callback with KEKRI enveloped data */
{
- int envelopedSz;
+ int envelopedSz = 0;
const byte keyId[] = { 0x00 };
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- pkcs7->content = (byte*)input;
- pkcs7->contentSz = (word32)(sizeof(input)/sizeof(char));
- pkcs7->contentOID = DATA;
- pkcs7->encryptOID = AES256CBCb;
- AssertIntGT(wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP,
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ if (pkcs7 != NULL) {
+ pkcs7->content = (byte*)input;
+ pkcs7->contentSz = (word32)(sizeof(input)/sizeof(char));
+ pkcs7->contentOID = DATA;
+ pkcs7->encryptOID = AES256CBCb;
+ }
+ ExpectIntGT(wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP,
(byte*)defKey, sizeof(defKey), (byte*)keyId,
sizeof(keyId), NULL, NULL, 0, NULL, 0, 0), 0);
- AssertIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID), 0);
- AssertIntGT((envelopedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
+ ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID), 0);
+ ExpectIntGT((envelopedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
(word32)sizeof(output))), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* decode envelopedData */
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_SetWrapCEKCb(pkcs7, myCEKwrapFunc), 0);
- AssertIntEQ(wc_PKCS7_SetDecodeEncryptedCb(pkcs7, myDecryptionFunc), 0);
- AssertIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_SetWrapCEKCb(pkcs7, myCEKwrapFunc), 0);
+ ExpectIntEQ(wc_PKCS7_SetDecodeEncryptedCb(pkcs7, myDecryptionFunc), 0);
+ ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
envelopedSz, decoded, sizeof(decoded))), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
}
#endif /* !NO_AES && !NO_AES_256 */
#ifndef NO_RSA
- if (rsaCert) {
- XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- }
- if (rsaPrivKey) {
- XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- }
-#endif /*NO_RSA */
+ XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+#endif /* NO_RSA */
#ifdef HAVE_ECC
- if (eccCert) {
- XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- }
- if (eccPrivKey) {
- XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- }
+ XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* HAVE_ECC */
#ifdef ECC_TIMING_RESISTANT
- wc_FreeRng(&rng);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DES3) && \
!defined(NO_RSA) && !defined(NO_SHA)
{
byte out[7];
- byte *cms;
+ byte *cms = NULL;
word32 cmsSz;
- XFILE cmsFile;
+ XFILE cmsFile = XBADFILE;
XMEMSET(out, 0, sizeof(out));
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- cmsFile = XFOPEN("./certs/test/ktri-keyid-cms.msg", "rb");
- AssertTrue(cmsFile != XBADFILE);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectTrue((cmsFile = XFOPEN("./certs/test/ktri-keyid-cms.msg", "rb"))
+ != XBADFILE);
cmsSz = (word32)FOURK_BUF;
- AssertNotNull(cms =
- (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- cmsSz = (word32)XFREAD(cms, 1, cmsSz, cmsFile);
- XFCLOSE(cmsFile);
-
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048,
- sizeof_client_cert_der_2048), 0);
- pkcs7->privateKey = (byte*)client_key_der_2048;
- pkcs7->privateKeySz = sizeof_client_key_der_2048;
- AssertIntLT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
- 2), 0);
- AssertIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
- sizeof(out)), 0);
+ ExpectNotNull(cms = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectTrue((cmsSz = (word32)XFREAD(cms, 1, cmsSz, cmsFile)) > 0);
+ if (cmsFile != XBADFILE)
+ XFCLOSE(cmsFile);
+
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048,
+ sizeof_client_cert_der_2048), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->privateKey = (byte*)client_key_der_2048;
+ pkcs7->privateKeySz = sizeof_client_key_der_2048;
+ }
+ ExpectIntLT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
+ 2), 0);
+ ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
+ sizeof(out)), 0);
XFREE(cms, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- AssertIntEQ(XMEMCMP(out, "test", 4), 0);
+ ExpectIntEQ(XMEMCMP(out, "test", 4), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
}
#endif /* USE_CERT_BUFFERS_2048 && !NO_DES3 && !NO_RSA && !NO_SHA */
-
- res = TEST_RES_CHECK(1);
#endif /* HAVE_PKCS7 */
- return res;
-} /* END test_wc_PKCS7_EncodeEnvelopedData() */
+ return EXPECT_RESULT();
+} /* END test_wc_PKCS7_EncodeDecodeEnvelopedData() */
/*
@@ -30584,7 +28144,7 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
*/
static int test_wc_PKCS7_EncodeEncryptedData(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_PKCS7_ENCRYPTED_DATA)
PKCS7* pkcs7 = NULL;
byte* tmpBytePtr = NULL;
@@ -30593,15 +28153,13 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
word32 tmpWrd32 = 0;
int tmpInt = 0;
int decodedSz;
- int encryptedSz;
+ int encryptedSz = 0;
int testSz;
int i;
-
const byte data[] = { /* Hello World */
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
};
-
#ifndef NO_DES3
byte desKey[] = {
0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
@@ -30612,7 +28170,6 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
};
#endif
-
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
#ifndef NO_AES_128
byte aes128Key[] = {
@@ -30665,95 +28222,111 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector);
for (i = 0; i < testSz; i++) {
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
- pkcs7->content = (byte*)testVectors[i].content;
- pkcs7->contentSz = testVectors[i].contentSz;
- pkcs7->contentOID = testVectors[i].contentOID;
- pkcs7->encryptOID = testVectors[i].encryptOID;
- pkcs7->encryptionKey = testVectors[i].encryptionKey;
- pkcs7->encryptionKeySz = testVectors[i].encryptionKeySz;
- pkcs7->heap = HEAP_HINT;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = (byte*)testVectors[i].content;
+ pkcs7->contentSz = testVectors[i].contentSz;
+ pkcs7->contentOID = testVectors[i].contentOID;
+ pkcs7->encryptOID = testVectors[i].encryptOID;
+ pkcs7->encryptionKey = testVectors[i].encryptionKey;
+ pkcs7->encryptionKeySz = testVectors[i].encryptionKeySz;
+ pkcs7->heap = HEAP_HINT;
+ }
/* encode encryptedData */
- encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- sizeof(encrypted));
- AssertIntGT(encryptedSz, 0);
+ ExpectIntGT(encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ sizeof(encrypted)), 0);
/* Decode encryptedData */
- decodedSz = wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
- decoded, sizeof(decoded));
+ ExpectIntGT(decodedSz = wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted,
+ encryptedSz, decoded, sizeof(decoded)), 0);
- AssertIntEQ(XMEMCMP(decoded, data, decodedSz), 0);
+ ExpectIntEQ(XMEMCMP(decoded, data, decodedSz), 0);
/* Keep values for last itr. */
if (i < testSz - 1) {
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
}
}
if (pkcs7 == NULL || testSz == 0) {
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
}
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted,
- sizeof(encrypted)),BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, NULL,
- sizeof(encrypted)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted,
+ sizeof(encrypted)),BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, NULL,
+ sizeof(encrypted)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ 0), BAD_FUNC_ARG);
/* Testing the struct. */
- tmpBytePtr = pkcs7->content;
- pkcs7->content = NULL;
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- sizeof(encrypted)), BAD_FUNC_ARG);
- pkcs7->content = tmpBytePtr;
- tmpWrd32 = pkcs7->contentSz;
- pkcs7->contentSz = 0;
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- sizeof(encrypted)), BAD_FUNC_ARG);
- pkcs7->contentSz = tmpWrd32;
- tmpInt = pkcs7->encryptOID;
- pkcs7->encryptOID = 0;
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- sizeof(encrypted)), BAD_FUNC_ARG);
- pkcs7->encryptOID = tmpInt;
- tmpBytePtr = pkcs7->encryptionKey;
- pkcs7->encryptionKey = NULL;
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- sizeof(encrypted)), BAD_FUNC_ARG);
- pkcs7->encryptionKey = tmpBytePtr;
- tmpWrd32 = pkcs7->encryptionKeySz;
- pkcs7->encryptionKeySz = 0;
- AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
- sizeof(encrypted)), BAD_FUNC_ARG);
- pkcs7->encryptionKeySz = tmpWrd32;
-
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, encryptedSz,
- decoded, sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, NULL, encryptedSz,
- decoded, sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, 0,
- decoded, sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
- NULL, sizeof(decoded)), BAD_FUNC_ARG);
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
- decoded, 0), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ tmpBytePtr = pkcs7->content;
+ pkcs7->content = NULL;
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ sizeof(encrypted)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->content = tmpBytePtr;
+ tmpWrd32 = pkcs7->contentSz;
+ pkcs7->contentSz = 0;
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ sizeof(encrypted)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->contentSz = tmpWrd32;
+ tmpInt = pkcs7->encryptOID;
+ pkcs7->encryptOID = 0;
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ sizeof(encrypted)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->encryptOID = tmpInt;
+ tmpBytePtr = pkcs7->encryptionKey;
+ pkcs7->encryptionKey = NULL;
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ sizeof(encrypted)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->encryptionKey = tmpBytePtr;
+ tmpWrd32 = pkcs7->encryptionKeySz;
+ pkcs7->encryptionKeySz = 0;
+ }
+ ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+ sizeof(encrypted)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->encryptionKeySz = tmpWrd32;
+ }
+
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, encryptedSz,
+ decoded, sizeof(decoded)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, NULL, encryptedSz,
+ decoded, sizeof(decoded)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, 0,
+ decoded, sizeof(decoded)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+ NULL, sizeof(decoded)), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+ decoded, 0), BAD_FUNC_ARG);
/* Test struct fields */
- tmpBytePtr = pkcs7->encryptionKey;
- pkcs7->encryptionKey = NULL;
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
- decoded, sizeof(decoded)), BAD_FUNC_ARG);
- pkcs7->encryptionKey = tmpBytePtr;
- pkcs7->encryptionKeySz = 0;
- AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
- decoded, sizeof(decoded)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ tmpBytePtr = pkcs7->encryptionKey;
+ pkcs7->encryptionKey = NULL;
+ }
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+ decoded, sizeof(decoded)), BAD_FUNC_ARG);
+ if (pkcs7 != NULL) {
+ pkcs7->encryptionKey = tmpBytePtr;
+ pkcs7->encryptionKeySz = 0;
+ }
+ ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+ decoded, sizeof(decoded)), BAD_FUNC_ARG);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_EncodeEncryptedData() */
/*
@@ -30761,42 +28334,41 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
*/
static int test_wc_PKCS7_Degenerate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
char fName[] = "./certs/test-degenerate.p7b";
- XFILE f;
+ XFILE f = XBADFILE;
byte der[4096];
- word32 derSz;
- int ret;
+ word32 derSz = 0;
- AssertNotNull(f = XFOPEN(fName, "rb"));
- AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
- derSz = (word32)ret;
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
+ ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
/* test degenerate success */
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
#ifndef NO_RSA
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#else
- AssertIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+ ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#endif
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* test with turning off degenerate cases */
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
wc_PKCS7_AllowDegenerate(pkcs7, 0); /* override allowing degenerate case */
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), PKCS7_NO_SIGNER_E);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz),
+ PKCS7_NO_SIGNER_E);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_Degenerate() */
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
@@ -30999,92 +28571,97 @@ static byte berContent[] = {
*/
static int test_wc_PKCS7_BER(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
!defined(NO_SHA) && defined(ASN_BER_TO_DER)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
char fName[] = "./certs/test-ber-exp02-05-2022.p7b";
- XFILE f;
+ XFILE f = XBADFILE;
byte der[4096];
#ifndef NO_DES3
byte decoded[2048];
#endif
- word32 derSz;
- int ret;
+ word32 derSz = 0;
- AssertNotNull(f = XFOPEN(fName, "rb"));
- AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
- derSz = (word32)ret;
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
+ ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
#ifndef NO_RSA
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#else
- AssertIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+ ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
#endif
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
#ifndef NO_DES3
/* decode BER content */
- AssertNotNull(f = XFOPEN("./certs/1024/client-cert.der", "rb"));
- AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
- derSz = (word32)ret;
- XFCLOSE(f);
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectTrue((f = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE);
+ ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
#ifndef NO_RSA
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
#else
- AssertIntNE(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
+ ExpectIntNE(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
#endif
- AssertNotNull(f = XFOPEN("./certs/1024/client-key.der", "rb"));
- AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
- derSz = (word32)ret;
- XFCLOSE(f);
- pkcs7->privateKey = der;
- pkcs7->privateKeySz = derSz;
+ ExpectTrue((f = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE);
+ ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
+ if (pkcs7 != NULL) {
+ pkcs7->privateKey = der;
+ pkcs7->privateKeySz = derSz;
+ }
#ifndef NO_RSA
#ifdef WOLFSSL_SP_MATH
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
sizeof(berContent), decoded, sizeof(decoded)), WC_KEY_SIZE_E);
#else
- AssertIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
+ ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
sizeof(berContent), decoded, sizeof(decoded)), 0);
#endif
#else
- AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
+ ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
sizeof(berContent), decoded, sizeof(decoded)), NOT_COMPILED_IN);
#endif
wc_PKCS7_Free(pkcs7);
#endif /* !NO_DES3 */
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_PKCS7_BER() */
-static int test_PKCS7_signed_enveloped(void)
+static int test_wc_PKCS7_signed_enveloped(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_RSA) && !defined(NO_AES) && \
!defined(NO_FILESYSTEM)
- XFILE f;
- PKCS7* pkcs7;
+ XFILE f = XBADFILE;
+ PKCS7* pkcs7 = NULL;
#ifdef HAVE_AES_CBC
- PKCS7* inner;
+ PKCS7* inner = NULL;
#endif
- void* pt;
+ void* pt = NULL;
WC_RNG rng;
unsigned char key[FOURK_BUF/2];
unsigned char cert[FOURK_BUF/2];
unsigned char env[FOURK_BUF];
int envSz = FOURK_BUF;
- int keySz;
- int certSz;
-
+ int keySz = 0;
+ int certSz = 0;
unsigned char sig[FOURK_BUF * 2];
int sigSz = FOURK_BUF * 2;
#ifdef HAVE_AES_CBC
@@ -31092,74 +28669,96 @@ static int test_PKCS7_signed_enveloped(void)
int decodedSz = FOURK_BUF;
#endif
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+
/* load cert */
- AssertNotNull(f = XFOPEN(cliCertDerFile, "rb"));
- AssertIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), f)), 0);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(cliCertDerFile, "rb")) != XBADFILE);
+ ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), f)), 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
/* load key */
- AssertNotNull(f = XFOPEN(cliKeyFile, "rb"));
- AssertIntGT((keySz = (int)XFREAD(key, 1, sizeof(key), f)), 0);
- XFCLOSE(f);
- keySz = wolfSSL_KeyPemToDer(key, keySz, key, keySz, NULL);
+ ExpectTrue((f = XFOPEN(cliKeyFile, "rb")) != XBADFILE);
+ ExpectIntGT((keySz = (int)XFREAD(key, 1, sizeof(key), f)), 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
+ ExpectIntGT(keySz = wolfSSL_KeyPemToDer(key, keySz, key, keySz, NULL), 0);
/* sign cert for envelope */
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_InitRng(&rng), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- pkcs7->content = cert;
- pkcs7->contentSz = certSz;
- pkcs7->contentOID = DATA;
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = keySz;
- pkcs7->encryptOID = RSAk;
- pkcs7->hashOID = SHA256h;
- pkcs7->rng = &rng;
- AssertIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = cert;
+ pkcs7->contentSz = certSz;
+ pkcs7->contentOID = DATA;
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = keySz;
+ pkcs7->encryptOID = RSAk;
+ pkcs7->hashOID = SHA256h;
+ pkcs7->rng = &rng;
+ }
+ ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
wc_PKCS7_Free(pkcs7);
- wc_FreeRng(&rng);
+ pkcs7 = NULL;
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#ifdef HAVE_AES_CBC
/* create envelope */
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- pkcs7->content = sig;
- pkcs7->contentSz = sigSz;
- pkcs7->contentOID = DATA;
- pkcs7->encryptOID = AES256CBCb;
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = keySz;
- AssertIntGT((envSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, env, envSz)), 0);
- AssertIntLT(wc_PKCS7_EncodeEnvelopedData(pkcs7, env, 2), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = sig;
+ pkcs7->contentSz = sigSz;
+ pkcs7->contentOID = DATA;
+ pkcs7->encryptOID = AES256CBCb;
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = keySz;
+ }
+ ExpectIntGT((envSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, env, envSz)), 0);
+ ExpectIntLT(wc_PKCS7_EncodeEnvelopedData(pkcs7, env, 2), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
#endif
/* create bad signed enveloped data */
sigSz = FOURK_BUF * 2;
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_InitRng(&rng), 0);
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- pkcs7->content = env;
- pkcs7->contentSz = envSz;
- pkcs7->contentOID = DATA;
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = keySz;
- pkcs7->encryptOID = RSAk;
- pkcs7->hashOID = SHA256h;
- pkcs7->rng = &rng;
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ if (pkcs7 != NULL) {
+ pkcs7->content = env;
+ pkcs7->contentSz = envSz;
+ pkcs7->contentOID = DATA;
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = keySz;
+ pkcs7->encryptOID = RSAk;
+ pkcs7->hashOID = SHA256h;
+ pkcs7->rng = &rng;
+ }
/* Set no certs in bundle for this test. Hang on to the pointer though to
* free it later. */
- pt = (void*)pkcs7->certList;
- pkcs7->certList = NULL; /* no certs in bundle */
- AssertIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
- pkcs7->certList = (Pkcs7Cert*)pt; /* restore pointer for PKCS7 free call */
+ if (pkcs7 != NULL) {
+ pt = (void*)pkcs7->certList;
+ pkcs7->certList = NULL; /* no certs in bundle */
+ }
+ ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
+ if (pkcs7 != NULL) {
+ /* restore pointer for PKCS7 free call */
+ pkcs7->certList = (Pkcs7Cert*)pt;
+ }
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* check verify fails */
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz),
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz),
PKCS7_SIGNEEDS_CHECK);
/* try verifying the signature manually */
@@ -31170,444 +28769,382 @@ static int test_PKCS7_signed_enveloped(void)
WC_MAX_DIGEST_SIZE];
int digestSz;
- AssertIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0);
- AssertIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, keySz), 0);
- digestSz = wc_RsaSSL_Verify(pkcs7->signature, pkcs7->signatureSz,
- digest, sizeof(digest), &rKey);
- AssertIntGT(digestSz, 0);
- AssertIntEQ(digestSz, pkcs7->pkcs7DigestSz);
- AssertIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0);
- AssertIntEQ(wc_FreeRsaKey(&rKey), 0);
+ ExpectIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, keySz), 0);
+ ExpectIntGT(digestSz = wc_RsaSSL_Verify(pkcs7->signature,
+ pkcs7->signatureSz, digest, sizeof(digest), &rKey), 0);
+ ExpectIntEQ(digestSz, pkcs7->pkcs7DigestSz);
+ ExpectIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0);
+ ExpectIntEQ(wc_FreeRsaKey(&rKey), 0);
/* verify was success */
}
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* initializing the PKCS7 struct with the signing certificate should pass */
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* create valid degenerate bundle */
sigSz = FOURK_BUF * 2;
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- pkcs7->content = env;
- pkcs7->contentSz = envSz;
- pkcs7->contentOID = DATA;
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = keySz;
- pkcs7->encryptOID = RSAk;
- pkcs7->hashOID = SHA256h;
- pkcs7->rng = &rng;
- AssertIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0);
- AssertIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ if (pkcs7 != NULL) {
+ pkcs7->content = env;
+ pkcs7->contentSz = envSz;
+ pkcs7->contentOID = DATA;
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = keySz;
+ pkcs7->encryptOID = RSAk;
+ pkcs7->hashOID = SHA256h;
+ pkcs7->rng = &rng;
+ }
+ ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0);
+ ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
wc_FreeRng(&rng);
/* check verify */
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
- AssertNotNull(pkcs7->content);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
+ ExpectNotNull(pkcs7->content);
#ifdef HAVE_AES_CBC
/* check decode */
- AssertNotNull(inner = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_PKCS7_InitWithCert(inner, cert, certSz), 0);
- inner->privateKey = key;
- inner->privateKeySz = keySz;
- AssertIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(inner, pkcs7->content,
+ ExpectNotNull(inner = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(inner, cert, certSz), 0);
+ if (inner != NULL) {
+ inner->privateKey = key;
+ inner->privateKeySz = keySz;
+ }
+ ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(inner, pkcs7->content,
pkcs7->contentSz, decoded, decodedSz)), 0);
wc_PKCS7_Free(inner);
+ inner = NULL;
#endif
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
#ifdef HAVE_AES_CBC
/* check cert set */
- AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, decoded, decodedSz), 0);
- AssertNotNull(pkcs7->singleCert);
- AssertIntNE(pkcs7->singleCertSz, 0);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, decoded, decodedSz), 0);
+ ExpectNotNull(pkcs7->singleCert);
+ ExpectIntNE(pkcs7->singleCertSz, 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
#endif
-
- res = TEST_RES_CHECK(1);
#endif /* HAVE_PKCS7 && !NO_RSA && !NO_AES */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PKCS7_NoDefaultSignedAttribs(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES)
- PKCS7* pkcs7;
- void* heap = NULL;
-
- pkcs7 = wc_PKCS7_New(heap, testDevId);
- AssertNotNull(pkcs7);
- AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+ PKCS7* pkcs7 = NULL;
+ void* heap = NULL;
- AssertIntEQ(wc_PKCS7_NoDefaultSignedAttribs(NULL), BAD_FUNC_ARG);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
- AssertIntEQ(wc_PKCS7_NoDefaultSignedAttribs(pkcs7), 0);
+ ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(pkcs7), 0);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PKCS7_SetOriEncryptCtx(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES)
- PKCS7* pkcs7;
- void* heap = NULL;
- WOLFSSL_CTX* ctx;
- ctx = NULL;
-
- pkcs7 = wc_PKCS7_New(heap, testDevId);
- AssertNotNull(pkcs7);
- AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+ PKCS7* pkcs7 = NULL;
+ void* heap = NULL;
+ WOLFSSL_CTX* ctx = NULL;
- AssertIntEQ(wc_PKCS7_SetOriEncryptCtx(NULL, ctx), BAD_FUNC_ARG);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
- AssertIntEQ(wc_PKCS7_SetOriEncryptCtx(pkcs7, ctx), 0);
+ ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(NULL, ctx), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(pkcs7, ctx), 0);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PKCS7_SetOriDecryptCtx(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES)
- PKCS7* pkcs7;
- void* heap = NULL;
- WOLFSSL_CTX* ctx;
- ctx = NULL;
-
- pkcs7 = wc_PKCS7_New(heap, testDevId);
- AssertNotNull(pkcs7);
- AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+ PKCS7* pkcs7 = NULL;
+ void* heap = NULL;
+ WOLFSSL_CTX* ctx = NULL;
- AssertIntEQ(wc_PKCS7_SetOriDecryptCtx(NULL, ctx), BAD_FUNC_ARG);
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
- AssertIntEQ(wc_PKCS7_SetOriDecryptCtx(pkcs7, ctx), 0);
+ ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(NULL, ctx), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(pkcs7, ctx), 0);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PKCS7_DecodeCompressedData(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES) && defined(HAVE_LIBZ)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
void* heap = NULL;
byte out[4096];
- byte *decompressed;
- int outSz, decompressedSz;
-
+ byte* decompressed = NULL;
+ int outSz;
+ int decompressedSz;
const char* cert = "./certs/client-cert.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0;
- AssertIntEQ(load_file(cert, &cert_buf, &cert_sz), 0);
- AssertNotNull((decompressed =
- (byte*)XMALLOC(cert_sz, heap, DYNAMIC_TYPE_TMP_BUFFER)));
+ ExpectIntEQ(load_file(cert, &cert_buf, &cert_sz), 0);
+ ExpectNotNull((decompressed = (byte*)XMALLOC(cert_sz, heap,
+ DYNAMIC_TYPE_TMP_BUFFER)));
decompressedSz = (int)cert_sz;
- AssertNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
+ ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
- pkcs7->content = (byte*)cert_buf;
- pkcs7->contentSz = (word32)cert_sz;
- pkcs7->contentOID = DATA;
+ if (pkcs7 != NULL) {
+ pkcs7->content = (byte*)cert_buf;
+ pkcs7->contentSz = (word32)cert_sz;
+ pkcs7->contentOID = DATA;
+ }
- AssertIntGT((outSz = wc_PKCS7_EncodeCompressedData(pkcs7, out,
- sizeof(out))), 0);
+ ExpectIntGT((outSz = wc_PKCS7_EncodeCompressedData(pkcs7, out,
+ sizeof(out))), 0);
wc_PKCS7_Free(pkcs7);
+ pkcs7 = NULL;
/* compressed key should be smaller than when started */
- AssertIntLT(outSz, cert_sz);
+ ExpectIntLT(outSz, cert_sz);
/* test decompression */
- AssertNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
- AssertIntEQ(pkcs7->contentOID, 0);
+ ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
+ ExpectIntEQ(pkcs7->contentOID, 0);
/* fail case with out buffer too small */
- AssertIntLT(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
- decompressed, outSz), 0);
+ ExpectIntLT(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
+ decompressed, outSz), 0);
/* success case */
- AssertIntEQ(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
- decompressed, decompressedSz), cert_sz);
- AssertIntEQ(pkcs7->contentOID, DATA);
- AssertIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
+ ExpectIntEQ(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
+ decompressed, decompressedSz), cert_sz);
+ ExpectIntEQ(pkcs7->contentOID, DATA);
+ ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
decompressed = NULL;
/* test decompression function with different 'max' inputs */
outSz = sizeof(out);
- AssertIntGT((outSz = wc_Compress(out, outSz, cert_buf, (word32)cert_sz, 0)),
- 0);
- AssertIntLT(wc_DeCompressDynamic(&decompressed, 1, DYNAMIC_TYPE_TMP_BUFFER,
- out, outSz, 0, heap), 0);
- AssertNull(decompressed);
- AssertIntGT(wc_DeCompressDynamic(&decompressed, -1, DYNAMIC_TYPE_TMP_BUFFER,
- out, outSz, 0, heap), 0);
- AssertNotNull(decompressed);
- AssertIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
+ ExpectIntGT((outSz = wc_Compress(out, outSz, cert_buf, (word32)cert_sz, 0)),
+ 0);
+ ExpectIntLT(wc_DeCompressDynamic(&decompressed, 1, DYNAMIC_TYPE_TMP_BUFFER,
+ out, outSz, 0, heap), 0);
+ ExpectNull(decompressed);
+ ExpectIntGT(wc_DeCompressDynamic(&decompressed, -1, DYNAMIC_TYPE_TMP_BUFFER,
+ out, outSz, 0, heap), 0);
+ ExpectNotNull(decompressed);
+ ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
decompressed = NULL;
- AssertIntGT(wc_DeCompressDynamic(&decompressed, DYNAMIC_TYPE_TMP_BUFFER, 5,
- out, outSz, 0, heap), 0);
- AssertNotNull(decompressed);
- AssertIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
+ ExpectIntGT(wc_DeCompressDynamic(&decompressed, DYNAMIC_TYPE_TMP_BUFFER, 5,
+ out, outSz, 0, heap), 0);
+ ExpectNotNull(decompressed);
+ ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (cert_buf)
+ if (cert_buf != NULL)
free(cert_buf);
wc_PKCS7_Free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_i2d_PKCS12(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_PWDBASED) && defined(HAVE_PKCS12) \
&& !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
&& !defined(NO_AES) && !defined(NO_DES3) && !defined(NO_SHA)
WC_PKCS12* pkcs12 = NULL;
unsigned char der[FOURK_BUF * 2];
unsigned char* pt;
- int derSz;
+ int derSz = 0;
unsigned char out[FOURK_BUF * 2];
int outSz = FOURK_BUF * 2;
-
const char p12_f[] = "./certs/test-servercert.p12";
- XFILE f;
+ XFILE f = XBADFILE;
- f = XFOPEN(p12_f, "rb");
- AssertNotNull(f);
- derSz = (int)XFREAD(der, 1, sizeof(der), f);
- AssertIntGT(derSz, 0);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(p12_f, "rb")) != XBADFILE);
+ ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
- AssertNotNull(pkcs12 = wc_PKCS12_new());
- AssertIntEQ(wc_d2i_PKCS12(der, derSz, pkcs12), 0);
- AssertIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
- AssertIntEQ(outSz, derSz);
+ ExpectNotNull(pkcs12 = wc_PKCS12_new());
+ ExpectIntEQ(wc_d2i_PKCS12(der, derSz, pkcs12), 0);
+ ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
+ ExpectIntEQ(outSz, derSz);
outSz = derSz - 1;
pt = out;
- AssertIntLE(wc_i2d_PKCS12(pkcs12, &pt, &outSz), 0);
+ ExpectIntLE(wc_i2d_PKCS12(pkcs12, &pt, &outSz), 0);
outSz = derSz;
- AssertIntEQ(wc_i2d_PKCS12(pkcs12, &pt, &outSz), derSz);
- AssertIntEQ((pt == out), 0);
+ ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, &outSz), derSz);
+ ExpectIntEQ((pt == out), 0);
pt = NULL;
- AssertIntEQ(wc_i2d_PKCS12(pkcs12, &pt, NULL), derSz);
+ ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, NULL), derSz);
XFREE(pt, NULL, DYNAMIC_TYPE_PKCS);
wc_PKCS12_free(pkcs12);
+ pkcs12 = NULL;
/* Run the same test but use wc_d2i_PKCS12_fp. */
- AssertNotNull(pkcs12 = wc_PKCS12_new());
- AssertIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
- AssertIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
- AssertIntEQ(outSz, derSz);
+ ExpectNotNull(pkcs12 = wc_PKCS12_new());
+ ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
+ ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
+ ExpectIntEQ(outSz, derSz);
wc_PKCS12_free(pkcs12);
+ pkcs12 = NULL;
/* wc_d2i_PKCS12_fp can also allocate the PKCS12 object for the caller. */
- pkcs12 = NULL;
- AssertIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
- AssertIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
- AssertIntEQ(outSz, derSz);
+ ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
+ ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
+ ExpectIntEQ(outSz, derSz);
wc_PKCS12_free(pkcs12);
-
- res = TEST_RES_CHECK(1);
+ pkcs12 = NULL;
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Testing wc_SignatureGetSize() for signature type ECC */
static int test_wc_SignatureGetSize_ecc(void)
{
- int res = TEST_SKIPPED;
-#ifndef NO_SIG_WRAPPER
- int ret;
- #if defined(HAVE_ECC) && !defined(NO_ECC256)
- enum wc_SignatureType sig_type;
- word32 key_len;
-
- /* Initialize ECC Key */
- ecc_key ecc;
- const char* qx =
- "fa2737fb93488d19caef11ae7faf6b7f4bcd67b286e3fc54e8a65c2b74aeccb0";
- const char* qy =
- "d4ccd6dae698208aa8c3a6f39e45510d03be09b2f124bfc067856c324f9b4d09";
- const char* d =
- "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
-
- ret = wc_ecc_init(&ecc);
- if (ret == 0) {
- ret = wc_ecc_import_raw(&ecc, qx, qy, d, "SECP256R1");
- }
- if (ret == 0) {
- /* Input for signature type ECC */
- sig_type = WC_SIGNATURE_TYPE_ECC;
- key_len = sizeof(ecc_key);
- ret = wc_SignatureGetSize(sig_type, &ecc, key_len);
+ EXPECT_DECLS;
+#if !defined(NO_SIG_WRAPPER) && defined(HAVE_ECC) && !defined(NO_ECC256)
+ enum wc_SignatureType sig_type;
+ word32 key_len;
+ ecc_key ecc;
+ const char* qx =
+ "fa2737fb93488d19caef11ae7faf6b7f4bcd67b286e3fc54e8a65c2b74aeccb0";
+ const char* qy =
+ "d4ccd6dae698208aa8c3a6f39e45510d03be09b2f124bfc067856c324f9b4d09";
+ const char* d =
+ "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
- /* Test bad args */
- if (ret > 0) {
- sig_type = (enum wc_SignatureType) 100;
- ret = wc_SignatureGetSize(sig_type, &ecc, key_len);
- if (ret == BAD_FUNC_ARG) {
- sig_type = WC_SIGNATURE_TYPE_ECC;
- ret = wc_SignatureGetSize(sig_type, NULL, key_len);
- }
- if (ret >= 0) {
- key_len = (word32) 0;
- ret = wc_SignatureGetSize(sig_type, &ecc, key_len);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = SIG_TYPE_E;
- }
- }
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_ecc_free(&ecc);
- #else
- ret = SIG_TYPE_E;
- #endif
+ XMEMSET(&ecc, 0, sizeof(ecc_key));
- res = TEST_RES_CHECK(ret == SIG_TYPE_E);
-#endif /* NO_SIG_WRAPPER */
- return res;
-}/* END test_wc_SignatureGetSize_ecc() */
+ ExpectIntEQ(wc_ecc_init(&ecc), 0);
+ ExpectIntEQ(wc_ecc_import_raw(&ecc, qx, qy, d, "SECP256R1"), 0);
+ /* Input for signature type ECC */
+ sig_type = WC_SIGNATURE_TYPE_ECC;
+ key_len = sizeof(ecc_key);
+ ExpectIntGT(wc_SignatureGetSize(sig_type, &ecc, key_len), 0);
+
+ /* Test bad args */
+ sig_type = (enum wc_SignatureType) 100;
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG);
+ sig_type = WC_SIGNATURE_TYPE_ECC;
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0);
+ key_len = (word32)0;
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG);
+
+ DoExpectIntEQ(wc_ecc_free(&ecc), 0);
+#endif /* !NO_SIG_WRAPPER && HAVE_ECC && !NO_ECC256 */
+ return EXPECT_RESULT();
+} /* END test_wc_SignatureGetSize_ecc() */
/* Testing wc_SignatureGetSize() for signature type rsa */
static int test_wc_SignatureGetSize_rsa(void)
{
- int res = TEST_SKIPPED;
-#ifndef NO_SIG_WRAPPER
- int ret = 0;
- #ifndef NO_RSA
- enum wc_SignatureType sig_type;
- word32 key_len;
- word32 idx = 0;
-
- /* Initialize RSA Key */
- RsaKey rsa_key;
- byte* tmp = NULL;
- size_t bytes;
+ EXPECT_DECLS;
+#if !defined(NO_SIG_WRAPPER) && !defined(NO_RSA)
+ enum wc_SignatureType sig_type;
+ word32 key_len;
+ word32 idx = 0;
+ RsaKey rsa_key;
+ byte* tmp = NULL;
+ size_t bytes;
- #ifdef USE_CERT_BUFFERS_1024
- bytes = (size_t)sizeof_client_key_der_1024;
- if (bytes < (size_t)sizeof_client_key_der_1024)
- bytes = (size_t)sizeof_client_cert_der_1024;
- #elif defined(USE_CERT_BUFFERS_2048)
- bytes = (size_t)sizeof_client_key_der_2048;
- if (bytes < (size_t)sizeof_client_cert_der_2048)
- bytes = (size_t)sizeof_client_cert_der_2048;
- #else
- bytes = FOURK_BUF;
- #endif
+ XMEMSET(&rsa_key, 0, sizeof(RsaKey));
- tmp = (byte*)XMALLOC(bytes, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp != NULL) {
- #ifdef USE_CERT_BUFFERS_1024
- XMEMCPY(tmp, client_key_der_1024,
- (size_t)sizeof_client_key_der_1024);
- #elif defined(USE_CERT_BUFFERS_2048)
- XMEMCPY(tmp, client_key_der_2048,
- (size_t)sizeof_client_key_der_2048);
- #elif !defined(NO_FILESYSTEM)
- file = XFOPEN(clientKey, "rb");
- if (file != XBADFILE) {
- bytes = (size_t)XFREAD(tmp, 1, FOURK_BUF, file);
- XFCLOSE(file);
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- #else
- ret = WOLFSSL_FATAL_ERROR;
- #endif
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
+ #ifdef USE_CERT_BUFFERS_1024
+ bytes = (size_t)sizeof_client_key_der_1024;
+ if (bytes < (size_t)sizeof_client_key_der_1024)
+ bytes = (size_t)sizeof_client_cert_der_1024;
+ #elif defined(USE_CERT_BUFFERS_2048)
+ bytes = (size_t)sizeof_client_key_der_2048;
+ if (bytes < (size_t)sizeof_client_cert_der_2048)
+ bytes = (size_t)sizeof_client_cert_der_2048;
+ #else
+ bytes = FOURK_BUF;
+ #endif
- if (ret == 0) {
- ret = wc_InitRsaKey_ex(&rsa_key, HEAP_HINT, testDevId);
- }
- if (ret == 0) {
- ret = wc_RsaPrivateKeyDecode(tmp, &idx, &rsa_key, (word32)bytes);
+ ExpectNotNull(tmp = (byte*)XMALLOC(bytes, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (tmp != NULL) {
+ #ifdef USE_CERT_BUFFERS_1024
+ XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024);
+ #elif defined(USE_CERT_BUFFERS_2048)
+ XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048);
+ #elif !defined(NO_FILESYSTEM)
+ XFILE file = XBADFILE;
+ ExpectTrue((file = XFOPEN(clientKey, "rb")) != XBADFILE);
+ ExpectIntGT(bytes = (size_t)XFREAD(tmp, 1, FOURK_BUF, file), 0);
+ if (file != XBADFILE)
+ XFCLOSE(file);
}
+ #else
+ ExpectFail();
+ #endif
+ }
- if (ret == 0) {
- /* Input for signature type RSA */
- sig_type = WC_SIGNATURE_TYPE_RSA;
- key_len = sizeof(RsaKey);
- ret = wc_SignatureGetSize(sig_type, &rsa_key, key_len);
+ ExpectIntEQ(wc_InitRsaKey_ex(&rsa_key, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &rsa_key, (word32)bytes), 0);
+ /* Input for signature type RSA */
+ sig_type = WC_SIGNATURE_TYPE_RSA;
+ key_len = sizeof(RsaKey);
+ ExpectIntGT(wc_SignatureGetSize(sig_type, &rsa_key, key_len), 0);
- /* Test bad args */
- if (ret > 0) {
- sig_type = (enum wc_SignatureType) 100;
- ret = wc_SignatureGetSize(sig_type, &rsa_key, key_len);
- if (ret == BAD_FUNC_ARG) {
- sig_type = WC_SIGNATURE_TYPE_RSA;
- ret = wc_SignatureGetSize(sig_type, NULL, key_len);
- }
- #ifndef HAVE_USER_RSA
- if (ret == BAD_FUNC_ARG)
- #else
- if (ret == 0)
- #endif
- {
- key_len = (word32)0;
- ret = wc_SignatureGetSize(sig_type, &rsa_key, key_len);
- }
- if (ret == BAD_FUNC_ARG) {
- ret = SIG_TYPE_E;
- }
- }
- }
- else {
- ret = WOLFSSL_FATAL_ERROR;
- }
- wc_FreeRsaKey(&rsa_key);
- XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ /* Test bad args */
+ sig_type = (enum wc_SignatureType)100;
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG);
+ sig_type = WC_SIGNATURE_TYPE_RSA;
+ #ifndef HAVE_USER_RSA
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), BAD_FUNC_ARG);
#else
- ret = SIG_TYPE_E;
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0);
#endif
+ key_len = (word32)0;
+ ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == SIG_TYPE_E);
-#endif /* NO_SIG_WRAPPER */
- return res;
-}/* END test_wc_SignatureGetSize_rsa(void) */
+ DoExpectIntEQ(wc_FreeRsaKey(&rsa_key), 0);
+ XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+#endif /* !NO_SIG_WRAPPER && !NO_RSA */
+ return EXPECT_RESULT();
+} /* END test_wc_SignatureGetSize_rsa(void) */
/*----------------------------------------------------------------------------*
| hash.h Tests
@@ -31615,29 +29152,30 @@ static int test_wc_SignatureGetSize_rsa(void)
static int test_wc_HashInit(void)
{
- int ret = 0, i; /* 0 indicates tests passed, 1 indicates failure */
+ EXPECT_DECLS;
+ int i; /* 0 indicates tests passed, 1 indicates failure */
wc_HashAlg hash;
/* enum for holding supported algorithms, #ifndef's restrict if disabled */
enum wc_HashType enumArray[] = {
#ifndef NO_MD5
- WC_HASH_TYPE_MD5,
+ WC_HASH_TYPE_MD5,
#endif
#ifndef NO_SHA
- WC_HASH_TYPE_SHA,
+ WC_HASH_TYPE_SHA,
#endif
- #ifndef WOLFSSL_SHA224
- WC_HASH_TYPE_SHA224,
+ #ifdef WOLFSSL_SHA224
+ WC_HASH_TYPE_SHA224,
#endif
#ifndef NO_SHA256
- WC_HASH_TYPE_SHA256,
+ WC_HASH_TYPE_SHA256,
#endif
- #ifndef WOLFSSL_SHA384
- WC_HASH_TYPE_SHA384,
+ #ifdef WOLFSSL_SHA384
+ WC_HASH_TYPE_SHA384,
#endif
- #ifndef WOLFSSL_SHA512
- WC_HASH_TYPE_SHA512,
+ #ifdef WOLFSSL_SHA512
+ WC_HASH_TYPE_SHA512,
#endif
};
/* dynamically finds the length */
@@ -31646,31 +29184,24 @@ static int test_wc_HashInit(void)
/* For loop to test various arguments... */
for (i = 0; i < enumlen; i++) {
/* check for bad args */
- if (wc_HashInit(&hash, enumArray[i]) == BAD_FUNC_ARG) {
- ret = 1;
- break;
- }
+ ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
wc_HashFree(&hash, enumArray[i]);
/* check for null ptr */
- if (wc_HashInit(NULL, enumArray[i]) != BAD_FUNC_ARG) {
- ret = 1;
- break;
- }
+ ExpectIntEQ(wc_HashInit(NULL, enumArray[i]), BAD_FUNC_ARG);
} /* end of for loop */
- return TEST_RES_CHECK(ret == 0);
+ return EXPECT_RESULT();
} /* end of test_wc_HashInit */
/*
* Unit test function for wc_HashSetFlags()
*/
static int test_wc_HashSetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_HASH_FLAGS
wc_HashAlg hash;
- int ret = 0;
word32 flags = 0;
int i, j;
int notSupportedLen;
@@ -31713,65 +29244,32 @@ static int test_wc_HashSetFlags(void)
/* For loop to test various arguments... */
for (i = 0; i < enumlen; i++) {
- ret = wc_HashInit(&hash, enumArray[i]);
- if (ret == 0) {
- ret = wc_HashSetFlags(&hash, enumArray[i], flags);
- }
- if (ret == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_HashSetFlags(NULL, enumArray[i], flags);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
-
+ ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
+ ExpectIntEQ(wc_HashSetFlags(&hash, enumArray[i], flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
+ ExpectIntEQ(wc_HashSetFlags(NULL, enumArray[i], flags), BAD_FUNC_ARG);
wc_HashFree(&hash, enumArray[i]);
}
/* For loop to test not supported cases */
notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType));
- for (j = 0; ret == 0 && j < notSupportedLen; j++) {
- ret = wc_HashInit(&hash, notSupported[j]);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = wc_HashSetFlags(&hash, notSupported[j], flags);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_HashFree(&hash, notSupported[j]);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ for (j = 0; j < notSupportedLen; j++) {
+ ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HashSetFlags(&hash, notSupported[j], flags),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG);
}
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_HashSetFlags */
/*
* Unit test function for wc_HashGetFlags()
*/
static int test_wc_HashGetFlags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_HASH_FLAGS
wc_HashAlg hash;
- int ret = 0;
word32 flags = 0;
int i, j;
@@ -31812,56 +29310,22 @@ static int test_wc_HashGetFlags(void)
/* For loop to test various arguments... */
for (i = 0; i < enumlen; i++) {
- ret = wc_HashInit(&hash, enumArray[i]);
- if (ret == 0) {
- ret = wc_HashGetFlags(&hash, enumArray[i], &flags);
- }
- if (ret == 0) {
- if (flags & WC_HASH_FLAG_ISCOPY) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_HashGetFlags(NULL, enumArray[i], &flags);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
+ ExpectIntEQ(wc_HashGetFlags(&hash, enumArray[i], &flags), 0);
+ ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
+ ExpectIntEQ(wc_HashGetFlags(NULL, enumArray[i], &flags), BAD_FUNC_ARG);
wc_HashFree(&hash, enumArray[i]);
- if (ret != 0) {
- break;
- }
}
/* For loop to test not supported cases */
notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType));
- for (j = 0; ret == 0 && j < notSupportedLen; j++) {
- ret = wc_HashInit(&hash, notSupported[j]);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = wc_HashGetFlags(&hash, notSupported[j], &flags);
- if (ret == 0) {
- ret = -1;
- }
- else if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = wc_HashFree(&hash, notSupported[j]);
- if (ret == 0) {
- ret = -1;
- }
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ for (j = 0; j < notSupportedLen; j++) {
+ ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HashGetFlags(&hash, notSupported[j], &flags),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG);
}
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_HashGetFlags */
/*----------------------------------------------------------------------------*
@@ -31874,9 +29338,8 @@ static int test_wc_HashGetFlags(void)
static int test_wolfSSL_ASN1_BIT_STRING(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && defined(OPENSSL_ALL)
EXPECT_DECLS;
+#if !defined(NO_CERTS) && defined(OPENSSL_ALL)
ASN1_BIT_STRING* str = NULL;
ExpectNotNull(str = ASN1_BIT_STRING_new());
@@ -31915,17 +29378,14 @@ static int test_wolfSSL_ASN1_BIT_STRING(void)
ASN1_BIT_STRING_free(str);
ASN1_BIT_STRING_free(NULL);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER* a = NULL;
ASN1_INTEGER* dup = NULL;
const unsigned char invalidLenDer[] = {
@@ -31960,17 +29420,14 @@ static int test_wolfSSL_ASN1_INTEGER(void)
ExpectNotNull(dup = wolfSSL_ASN1_INTEGER_dup(a));
ASN1_INTEGER_free(dup);
ASN1_INTEGER_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER_cmp(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER* a = NULL;
ASN1_INTEGER* b = NULL;
@@ -31998,17 +29455,14 @@ static int test_wolfSSL_ASN1_INTEGER_cmp(void)
ASN1_INTEGER_free(b);
ASN1_INTEGER_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER_BN(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER* ai = NULL;
ASN1_INTEGER* ai2 = NULL;
BIGNUM* bn = NULL;
@@ -32103,17 +29557,14 @@ static int test_wolfSSL_ASN1_INTEGER_BN(void)
BN_free(bn);
ASN1_INTEGER_free(ai2);
ASN1_INTEGER_free(ai);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_INTEGER_get_set(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER *a = NULL;
long val;
@@ -32204,10 +29655,8 @@ static int test_wolfSSL_ASN1_INTEGER_get_set(void)
ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
ExpectTrue(ASN1_INTEGER_get(a) == val);
ASN1_INTEGER_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA)
@@ -32219,9 +29668,8 @@ typedef struct ASN1IntTestVector {
#endif
static int test_wolfSSL_d2i_ASN1_INTEGER(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
size_t i;
WOLFSSL_ASN1_INTEGER* a = NULL;
WOLFSSL_ASN1_INTEGER* b = NULL;
@@ -32355,17 +29803,14 @@ static int test_wolfSSL_d2i_ASN1_INTEGER(void)
wolfSSL_ASN1_INTEGER_free(a);
a = NULL;
}
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_a2i_ASN1_INTEGER(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
BIO* bio = NULL;
BIO* out = NULL;
BIO* fixed = NULL;
@@ -32444,7 +29889,7 @@ static int test_wolfSSL_a2i_ASN1_INTEGER(void)
ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, tmp, 1), 1);
ExpectIntEQ(i2a_ASN1_INTEGER(fixed, ai), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -32452,17 +29897,14 @@ static int test_wolfSSL_a2i_ASN1_INTEGER(void)
BIO_free(fixed);
ASN1_INTEGER_free(ai);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2c_ASN1_INTEGER(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
ASN1_INTEGER *a = NULL;
unsigned char *pp,*tpp;
int ret;
@@ -32680,17 +30122,14 @@ static int test_wolfSSL_i2c_ASN1_INTEGER(void)
XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_ASN1_INTEGER_free(a);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !NO_ASN */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_OBJECT(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
ASN1_OBJECT* a = NULL;
ASN1_OBJECT s;
const unsigned char der[] = { 0x06, 0x01, 0x00 };
@@ -32710,17 +30149,14 @@ static int test_wolfSSL_ASN1_OBJECT(void)
ExpectNotNull(a = wolfSSL_ASN1_OBJECT_dup(&s));
ASN1_OBJECT_free(a);
ASN1_OBJECT_free(&s);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_get_object(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
const unsigned char* derBuf = cliecc_cert_der_256;
const unsigned char* nullPtr = NULL;
const unsigned char objDerInvalidLen[] = { 0x30, 0x81 };
@@ -32754,7 +30190,7 @@ static int test_wolfSSL_ASN1_get_object(void)
/* SEQUENCE */
ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len) & 0x80, 0);
- ExpectIntEQ(asnLen, 862);
+ ExpectIntEQ(asnLen, 861);
ExpectIntEQ(tag, 0x10);
ExpectIntEQ(cls, 0);
@@ -32852,17 +30288,14 @@ static int test_wolfSSL_ASN1_get_object(void)
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
ASN1_OBJECT_free(a);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && HAVE_ECC && USE_CERT_BUFFERS_256 */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2a_ASN1_OBJECT(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
ASN1_OBJECT* obj = NULL;
ASN1_OBJECT* a = NULL;
BIO *bio = NULL;
@@ -32904,18 +30337,15 @@ static int test_wolfSSL_i2a_ASN1_OBJECT(void)
BIO_free(bio);
ASN1_OBJECT_free(obj);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2t_ASN1_OBJECT(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
- EXPECT_DECLS;
char buf[50] = {0};
ASN1_OBJECT* obj;
const char* oid = "2.5.29.19";
@@ -32931,17 +30361,14 @@ static int test_wolfSSL_i2t_ASN1_OBJECT(void)
ExpectIntEQ(i2t_ASN1_OBJECT(buf, sizeof(buf), obj), XSTRLEN(ln));
ExpectIntEQ(XSTRNCMP(buf, ln, XSTRLEN(ln)), 0);
ASN1_OBJECT_free(obj);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_sk_ASN1_OBJECT(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
EXPECT_DECLS;
+#if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
WOLFSSL_STACK* sk = NULL;
WOLFSSL_ASN1_OBJECT* obj;
@@ -32966,17 +30393,14 @@ static int test_wolfSSL_sk_ASN1_OBJECT(void)
ExpectPtrEq(obj, wolfSSL_sk_ASN1_OBJECT_pop(sk));
wolfSSL_sk_ASN1_OBJECT_free(sk);
wolfSSL_ASN1_OBJECT_free(obj);
-
- res = EXPECT_RESULT();
#endif /* !NO_ASN && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
ASN1_STRING* str = NULL;
ASN1_STRING* c = NULL;
const char data[] = "hello wolfSSL";
@@ -33032,18 +30456,15 @@ static int test_wolfSSL_ASN1_STRING(void)
#ifndef NO_WOLFSSL_STUB
ExpectNull(d2i_DISPLAYTEXT(NULL, NULL, 0));
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_to_UTF8(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_RSA) && \
!defined(NO_FILESYSTEM)
- EXPECT_DECLS;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_NAME* subject = NULL;
WOLFSSL_X509_NAME_ENTRY* e = NULL;
@@ -33084,17 +30505,14 @@ static int test_wolfSSL_ASN1_STRING_to_UTF8(void)
ExpectNotNull(a = ASN1_STRING_new());
ExpectIntEQ(wolfSSL_ASN1_STRING_to_UTF8(&actual_output, a), -1);
ASN1_STRING_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2s_ASN1_STRING(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
WOLFSSL_ASN1_STRING* str = NULL;
const char* data = "test_wolfSSL_i2s_ASN1_STRING";
char* ret = NULL;
@@ -33120,19 +30538,16 @@ static int test_wolfSSL_i2s_ASN1_STRING(void)
XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
ASN1_STRING_free(str);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_canon(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_TEST_STATIC_BUILD)
#if !defined(NO_CERTS) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
- EXPECT_DECLS;
WOLFSSL_ASN1_STRING* orig = NULL;
WOLFSSL_ASN1_STRING* canon = NULL;
const char* data = "test_wolfSSL_ASN1_STRING_canon";
@@ -33182,19 +30597,16 @@ static int test_wolfSSL_ASN1_STRING_canon(void)
ASN1_STRING_free(orig);
ASN1_STRING_free(canon);
-
- res = EXPECT_RESULT();
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_CERTS) && \
!defined(NO_BIO)
- EXPECT_DECLS;
ASN1_STRING* asnStr = NULL;
const char HELLO_DATA[]= \
{'H','e','l','l','o',' ','w','o','l','f','S','S','L','!'};
@@ -33247,7 +30659,7 @@ static int test_wolfSSL_ASN1_STRING_print(void)
ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(bio, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0);
ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
@@ -33257,17 +30669,14 @@ static int test_wolfSSL_ASN1_STRING_print(void)
BIO_free(bio);
ASN1_STRING_free(asnStr);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !NO_ASN && !NO_CERTS && !NO_BIO */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_STRING_print_ex(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
ASN1_STRING* asn_str = NULL;
const char data[] = "Hello wolfSSL!";
ASN1_STRING* esc_str = NULL;
@@ -33312,7 +30721,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 15), 15);
ExpectStrEQ((char*)rbuf, "Hello wolfSSL!");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33327,7 +30736,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 9), 9);
ExpectStrEQ((char*)rbuf, "a\\+\\;\\<\\>");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33342,7 +30751,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 28), 28);
ExpectStrEQ((char*)rbuf, "OCTET STRING:Hello wolfSSL!");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33359,7 +30768,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 31), 31);
ExpectStrEQ((char*)rbuf, "#48656C6C6F20776F6C6653534C2100");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33374,7 +30783,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
ExpectIntEQ(BIO_read(bio, (void*)rbuf, 35), 35);
ExpectStrEQ((char*)rbuf, "#040F48656C6C6F20776F6C6653534C2100");
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33414,17 +30823,14 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
ExpectStrEQ(wolfSSL_ASN1_tag2str(-1), "(unknown)");
ExpectStrEQ(wolfSSL_ASN1_tag2str(31), "(unknown)");
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_ASN)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_ASN)
ASN1_STRING* asn1str_test = NULL;
ASN1_STRING* asn1str_answer = NULL;
/* Each character is encoded using 4 bytes */
@@ -33472,17 +30878,14 @@ static int test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void)
ASN1_STRING_free(asn1str_test);
ASN1_STRING_free(asn1str_answer);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_ALL && !NO_ASN */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
WOLFSSL_ASN1_GENERALIZEDTIME* asn1_gtime = NULL;
unsigned char nullstr[32];
@@ -33498,17 +30901,14 @@ static int test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
XFREE(asn1_gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
}
wolfSSL_ASN1_GENERALIZEDTIME_free(NULL);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
WOLFSSL_ASN1_GENERALIZEDTIME gtime;
BIO* bio = NULL;
unsigned char buf[24];
@@ -33538,7 +30938,7 @@ static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem()));
ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(bio, buf, 1), 1);
ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, &gtime), 0);
for (i = 1; i < 20; i++) {
@@ -33548,17 +30948,14 @@ static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
BIO_free(bio);
wolfSSL_ASN1_GENERALIZEDTIME_free(&gtime);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
WOLFSSL_ASN1_TIME* asn_time = NULL;
unsigned char *data;
@@ -33585,19 +30982,16 @@ static int test_wolfSSL_ASN1_TIME(void)
ASN1_TIME_free(asn_time);
ASN1_TIME_free(NULL);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_to_string(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef NO_ASN_TIME
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
- EXPECT_DECLS;
WOLFSSL_ASN1_TIME* t = NULL;
char buf[ASN_GENERALIZED_TIME_SIZE];
@@ -33616,18 +31010,15 @@ static int test_wolfSSL_ASN1_TIME_to_string(void)
ExpectNull(ASN1_TIME_to_string(t, buf, 5));
ASN1_TIME_free(t);
-
- res = EXPECT_RESULT();
#endif
#endif /* NO_ASN_TIME */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_diff_compare(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
ASN1_TIME* fromTime = NULL;
ASN1_TIME* closeToTime = NULL;
ASN1_TIME* toTime = NULL;
@@ -33712,18 +31103,15 @@ static int test_wolfSSL_ASN1_TIME_diff_compare(void)
ASN1_TIME_free(closeToTime);
ASN1_TIME_free(toTime);
ASN1_TIME_free(invalidTime);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_adj(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \
-&& !defined(USER_TIME) && !defined(TIME_OVERRIDES)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \
+ !defined(USER_TIME) && !defined(TIME_OVERRIDES)
const int year = 365*24*60*60;
const int day = 24*60*60;
const int hour = 60*60;
@@ -33814,19 +31202,16 @@ static int test_wolfSSL_ASN1_TIME_adj(void)
date_str[CTC_DATE_SIZE] = '\0';
ExpectIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_to_tm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_ALL)) && !defined(NO_ASN_TIME)
- EXPECT_DECLS;
ASN1_TIME asnTime;
struct tm tm;
time_t testTime = 1683926567; /* Fri May 12 09:22:47 PM UTC 2023 */
@@ -33890,17 +31275,14 @@ static int test_wolfSSL_ASN1_TIME_to_tm(void)
fields are zeroed out as expected. */
ExpectIntEQ(tm.tm_isdst, 0);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_to_generalizedtime(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
WOLFSSL_ASN1_TIME *t = NULL;
WOLFSSL_ASN1_TIME *out = NULL;
WOLFSSL_ASN1_TIME *gtime = NULL;
@@ -33988,21 +31370,18 @@ static int test_wolfSSL_ASN1_TIME_to_generalizedtime(void)
XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TIME_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_BIO) && \
(defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_ALL)) && defined(USE_CERT_BUFFERS_2048) && \
!defined(NO_ASN_TIME)
- EXPECT_DECLS;
BIO* bio = NULL;
BIO* fixed = NULL;
X509* x509 = NULL;
@@ -34023,11 +31402,11 @@ static int test_wolfSSL_ASN1_TIME_print(void)
ExpectIntEQ(ASN1_TIME_print(bio, notBefore), 1);
ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
- ExpectIntEQ(XMEMCMP(buf, "Dec 16 21:17:49 2022 GMT", sizeof(buf) - 1), 0);
+ ExpectIntEQ(XMEMCMP(buf, "Dec 13 22:19:28 2023 GMT", sizeof(buf) - 1), 0);
/* Test BIO_write fails. */
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
- /* Ensure there is 0 bytes avaialble to write into. */
+ /* Ensure there is 0 bytes available to write into. */
ExpectIntEQ(BIO_write(fixed, buf, 1), 1);
ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0);
ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -34050,17 +31429,14 @@ static int test_wolfSSL_ASN1_TIME_print(void)
BIO_free(bio);
BIO_free(fixed);
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_UTCTIME_print(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
BIO* bio = NULL;
ASN1_UTCTIME* utc = NULL;
unsigned char buf[25];
@@ -34111,18 +31487,15 @@ static int test_wolfSSL_ASN1_UTCTIME_print(void)
XFREE(utc, NULL, DYNAMIC_TYPE_ASN1);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ASN1_TYPE(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD) || \
defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
- EXPECT_DECLS;
WOLFSSL_ASN1_TYPE* t = NULL;
WOLFSSL_ASN1_OBJECT* obj = NULL;
#ifndef NO_ASN_TIME
@@ -34199,10 +31572,8 @@ static int test_wolfSSL_ASN1_TYPE(void)
ASN1_TYPE_set(t, V_ASN1_SEQUENCE, str);
wolfSSL_ASN1_TYPE_free(t);
t = NULL;
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Testing code used in dpp.c in hostap */
@@ -34246,11 +31617,10 @@ IMPLEMENT_ASN1_FUNCTIONS(TEST_FAIL_ASN1)
static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
/* Testing code used in dpp.c in hostap */
#if defined(OPENSSL_ALL) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- EXPECT_DECLS;
EC_KEY *eckey = NULL;
EVP_PKEY *key = NULL;
size_t len;
@@ -34393,19 +31763,16 @@ static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void)
TEST_FAIL_ASN1_free(NULL);
XMEMSET(&test_fail_asn1, 0, sizeof(TEST_FAIL_ASN1));
ExpectIntEQ(i2d_TEST_FAIL_ASN1(&test_fail_asn1, &der), 0);
-
- res = EXPECT_RESULT();
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL && HAVE_ECC && USE_CERT_BUFFERS_256 */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_lhash(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_ALL
EXPECT_DECLS;
+#ifdef OPENSSL_ALL
const char testStr[] = "Like a true nature's child\n"
"We were born\n"
"Born to be wild";
@@ -34415,21 +31782,18 @@ static int test_wolfSSL_lhash(void)
#else
ExpectIntEQ(lh_strhash(testStr), 0x5b7541dc);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT) || \
defined(OPENSSL_EXTRA))
- EXPECT_DECLS;
X509* x509 = NULL;
const unsigned char* c;
unsigned char buf[4096];
@@ -34552,18 +31916,15 @@ static int test_wolfSSL_X509_NAME(void)
(char*)tmp, sizeof(buf)), -1);
X509_NAME_free(d2i_name);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME_hash(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) \
- && !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
+ !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_BIO)
BIO* bio = NULL;
X509* x509 = NULL;
@@ -34574,21 +31935,18 @@ static int test_wolfSSL_X509_NAME_hash(void)
ExpectIntEQ(X509_NAME_hash(X509_get_issuer_name(x509)), 0xFDB2DA4);
X509_free(x509);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME_print_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))) && \
!defined(NO_BIO) && !defined(NO_RSA)
- EXPECT_DECLS;
int memSz;
byte* mem = NULL;
BIO* bio = NULL;
@@ -34721,18 +32079,15 @@ static int test_wolfSSL_X509_NAME_print_ex(void)
X509_NAME_free(name);
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_X509_INFO_multiple_info(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_RSA)
STACK_OF(X509_INFO) *info_stack = NULL;
X509_INFO *info = NULL;
int len;
@@ -34754,7 +32109,7 @@ static int test_wolfSSL_X509_INFO_multiple_info(void)
/* concatenate the cert and the key file to force PEM_X509_INFO_read_bio
* to group objects together. */
ExpectNotNull(concatBIO = BIO_new(BIO_s_mem()));
- for (curFile = files; *curFile != NULL; curFile++) {
+ for (curFile = files; EXPECT_SUCCESS() && *curFile != NULL; curFile++) {
int fileLen;
ExpectNotNull(fileBIO = BIO_new_file(*curFile, "rb"));
ExpectIntGT(fileLen = wolfSSL_BIO_get_len(fileBIO), 0);
@@ -34762,6 +32117,8 @@ static int test_wolfSSL_X509_INFO_multiple_info(void)
while ((len = BIO_read(fileBIO, tmp, sizeof(tmp))) > 0) {
ExpectIntEQ(BIO_write(concatBIO, tmp, len), len);
fileLen -= len;
+ if (EXPECT_FAIL())
+ break;
}
/* Make sure we read the entire file */
ExpectIntEQ(fileLen, 0);
@@ -34789,19 +32146,16 @@ static int test_wolfSSL_X509_INFO_multiple_info(void)
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
BIO_free(concatBIO);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif
#ifndef NO_BIO
static int test_wolfSSL_X509_INFO(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_RSA)
STACK_OF(X509_INFO) *info_stack = NULL;
X509_INFO *info = NULL;
BIO *cert = NULL;
@@ -34858,19 +32212,16 @@ static int test_wolfSSL_X509_INFO(void)
ExpectNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
BIO_free(cert);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif
static int test_wolfSSL_X509_subject_name_hash(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
- && !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
+ !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
X509* x509 = NULL;
X509_NAME* subjectName = NULL;
unsigned long ret1 = 0;
@@ -34898,18 +32249,15 @@ static int test_wolfSSL_X509_subject_name_hash(void)
#endif
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_issuer_name_hash(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
&& !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
- EXPECT_DECLS;
X509* x509 = NULL;
X509_NAME* issuertName = NULL;
unsigned long ret1 = 0;
@@ -34937,18 +32285,15 @@ static int test_wolfSSL_X509_issuer_name_hash(void)
#endif
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_host(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
&& !defined(NO_SHA) && !defined(NO_RSA)
- EXPECT_DECLS;
X509* x509 = NULL;
const char altName[] = "example.com";
@@ -34965,17 +32310,14 @@ static int test_wolfSSL_X509_check_host(void)
ExpectIntEQ(X509_check_host(NULL, altName, XSTRLEN(altName), 0, NULL),
WOLFSSL_FAILURE);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_email(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
X509* x509 = NULL;
const char goodEmail[] = "info@wolfssl.com";
const char badEmail[] = "disinfo@wolfssl.com";
@@ -35001,86 +32343,14 @@ static int test_wolfSSL_X509_check_email(void)
/* Should fail when x509 is NULL */
ExpectIntEQ(wolfSSL_X509_check_email(NULL, goodEmail, 0, 0),
WOLFSSL_FAILURE);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */
- return res;
-}
-
-static int test_wolfSSL_DES(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
- EXPECT_DECLS;
- const_DES_cblock myDes;
- DES_cblock iv;
- DES_key_schedule key;
- word32 i;
- DES_LONG dl;
- unsigned char msg[] = "hello wolfssl";
-
- DES_check_key(1);
- DES_set_key(&myDes, &key);
-
- /* check, check of odd parity */
- XMEMSET(myDes, 4, sizeof(const_DES_cblock));
- myDes[0] = 6; /*set even parity*/
- XMEMSET(key, 5, sizeof(DES_key_schedule));
- ExpectIntEQ(DES_set_key_checked(&myDes, &key), -1);
- ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
-
- /* set odd parity for success case */
- DES_set_odd_parity(&myDes);
- ExpectIntEQ(DES_check_key_parity(&myDes), 1);
- fprintf(stderr, "%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2],
- myDes[3]);
- ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
- for (i = 0; i < sizeof(DES_key_schedule); i++) {
- ExpectIntEQ(key[i], myDes[i]);
- }
- ExpectIntEQ(DES_is_weak_key(&myDes), 0);
-
- /* check weak key */
- XMEMSET(myDes, 1, sizeof(const_DES_cblock));
- XMEMSET(key, 5, sizeof(DES_key_schedule));
- ExpectIntEQ(DES_set_key_checked(&myDes, &key), -2);
- ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
-
- /* now do unchecked copy of a weak key over */
- DES_set_key_unchecked(&myDes, &key);
- /* compare arrays, should be the same */
- for (i = 0; i < sizeof(DES_key_schedule); i++) {
- ExpectIntEQ(key[i], myDes[i]);
- }
- ExpectIntEQ(DES_is_weak_key(&myDes), 1);
-
- /* check DES_key_sched API */
- XMEMSET(key, 1, sizeof(DES_key_schedule));
- ExpectIntEQ(DES_key_sched(&myDes, NULL), 0);
- ExpectIntEQ(DES_key_sched(NULL, &key), 0);
- ExpectIntEQ(DES_key_sched(&myDes, &key), 0);
- /* compare arrays, should be the same */
- for (i = 0; i < sizeof(DES_key_schedule); i++) {
- ExpectIntEQ(key[i], myDes[i]);
- }
-
- /* DES_cbc_cksum should return the last 4 of the last 8 bytes after
- * DES_cbc_encrypt on the input */
- XMEMSET(iv, 0, sizeof(DES_cblock));
- XMEMSET(myDes, 5, sizeof(DES_key_schedule));
- ExpectIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0);
- ExpectIntEQ(dl, 480052723);
-
- res = EXPECT_RESULT();
-#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PemToDer(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
EXPECT_DECLS;
+#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
int ret;
DerBuffer* pDer = NULL;
const char* ca_cert = "./certs/server-cert.pem";
@@ -35123,17 +32393,14 @@ static int test_wc_PemToDer(void)
free(cert_buf);
}
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_AllocDer(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS)
EXPECT_DECLS;
+#if !defined(NO_CERTS)
DerBuffer* pDer = NULL;
word32 testSize = 1024;
@@ -35142,17 +32409,14 @@ static int test_wc_AllocDer(void)
ExpectIntEQ(wc_AllocDer(&pDer, testSize, CERT_TYPE, HEAP_HINT), 0);
ExpectNotNull(pDer);
wc_FreeDer(&pDer);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_CertPemToDer(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
EXPECT_DECLS;
+#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
const char* ca_cert = "./certs/ca-cert.pem";
byte* cert_buf = NULL;
size_t cert_sz = 0;
@@ -35184,17 +32448,14 @@ static int test_wc_CertPemToDer(void)
free(cert_der);
if (cert_buf != NULL)
free(cert_buf);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_KeyPemToDer(void)
{
- int res = TEST_SKIPPED;
-#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
int ret;
const byte cert_buf[] = \
"-----BEGIN PRIVATE KEY-----\n"
@@ -35260,18 +32521,15 @@ static int test_wc_KeyPemToDer(void)
ExpectIntLE(ret, cert_sz);
if (cert_der != NULL)
free(cert_der);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PubKeyPemToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && \
(defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
- EXPECT_DECLS;
int ret = 0;
const char* key = "./certs/ecc-client-keyPub.pem";
byte* cert_buf = NULL;
@@ -35305,18 +32563,15 @@ static int test_wc_PubKeyPemToDer(void)
if (cert_buf != NULL) {
free(cert_buf);
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_PemPubKeyToDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && \
(defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
- EXPECT_DECLS;
const char* key = "./certs/ecc-client-keyPub.pem";
size_t cert_dersz = 1024;
byte* cert_der = NULL;
@@ -35329,17 +32584,14 @@ static int test_wc_PemPubKeyToDer(void)
if (cert_der != NULL) {
free(cert_der);
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_GetPubKeyDerFromCert(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_RSA) || defined(HAVE_ECC)
EXPECT_DECLS;
+#if !defined(NO_RSA) || defined(HAVE_ECC)
int ret;
word32 idx = 0;
byte keyDer[TWOK_BUF]; /* large enough for up to RSA 2048 */
@@ -35493,18 +32745,15 @@ static int test_wc_GetPubKeyDerFromCert(void)
wc_FreeDecodedCert(&decoded);
#endif
-
- res = EXPECT_RESULT();
#endif /* !NO_RSA || HAVE_ECC */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_CheckCertSigPubKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_PEM_TO_DER) && defined(HAVE_ECC)
- EXPECT_DECLS;
int ret;
const char* ca_cert = "./certs/ca-cert.pem";
byte* cert_buf = NULL;
@@ -35557,18 +32806,15 @@ static int test_wc_CheckCertSigPubKey(void)
free(cert_der);
if (cert_buf != NULL)
free(cert_buf);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_certs(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
- EXPECT_DECLS;
X509* x509ext = NULL;
#ifdef OPENSSL_ALL
X509* x509 = NULL;
@@ -35699,7 +32945,7 @@ static int test_wolfSSL_certs(void)
ExpectNotNull(ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk));
X509_EXTENSION_free(ext);
ext = NULL;
- sk_ASN1_OBJECT_pop_free(sk, NULL);
+ EXTENDED_KEY_USAGE_free(sk);
sk = NULL;
#else
sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage,
@@ -35815,18 +33061,15 @@ static int test_wolfSSL_certs(void)
X509_free(x509ext);
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !NO_CERTS */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_private_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_CHECK_PRIVATE_KEY)
- EXPECT_DECLS;
X509* x509 = NULL;
EVP_PKEY* pkey = NULL;
const byte* key;
@@ -35854,21 +33097,17 @@ static int test_wolfSSL_X509_check_private_key(void)
EVP_PKEY_free(pkey);
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
-
static int test_wolfSSL_private_keys(void)
{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM)
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+ !defined(NO_FILESYSTEM)
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
EVP_PKEY* pkey = NULL;
@@ -36084,19 +33323,16 @@ static int test_wolfSSL_private_keys(void)
(void)ssl;
(void)ctx;
(void)pkey;
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
- #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
- return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_PrivateKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \
&& !defined(NO_FILESYSTEM)
- EXPECT_DECLS;
XFILE file = XBADFILE;
const char* fname = "./certs/server-key.pem";
EVP_PKEY* pkey = NULL;
@@ -36129,18 +33365,15 @@ static int test_wolfSSL_PEM_read_PrivateKey(void)
XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_PUBKEY(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \
&& !defined(NO_FILESYSTEM)
- EXPECT_DECLS;
XFILE file = XBADFILE;
const char* fname = "./certs/client-keyPub.pem";
EVP_PKEY* pkey = NULL;
@@ -36154,18 +33387,15 @@ static int test_wolfSSL_PEM_read_PUBKEY(void)
EVP_PKEY_free(pkey);
if (file != XBADFILE)
XFCLOSE(file);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_PrivateKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
(!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048)
- EXPECT_DECLS;
#ifndef NO_BIO
BIO* bio = NULL;
#endif
@@ -36533,25 +33763,21 @@ static int test_wolfSSL_PEM_PrivateKey(void)
}
#endif
- res = EXPECT_RESULT();
-
#ifndef NO_BIO
(void)bio;
#endif
(void)pkey;
(void)server_key;
-
#endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_file_RSAKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \
!defined(HAVE_USER_RSA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
- EXPECT_DECLS;
RSA* rsa = NULL;
XFILE fp = XBADFILE;
@@ -36570,21 +33796,18 @@ static int test_wolfSSL_PEM_file_RSAKey(void)
ExpectIntEQ(PEM_write_RSA_PUBKEY(stderr, rsa), WOLFSSL_SUCCESS);
RSA_free(rsa);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
(defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_file_RSAPrivateKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_USER_RSA) && !defined(NO_FILESYSTEM) && \
(defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM))
- EXPECT_DECLS;
RSA* rsa = NULL;
XFILE f = NULL;
@@ -36611,18 +33834,15 @@ static int test_wolfSSL_PEM_file_RSAPrivateKey(void)
if (f != XBADFILE)
XFCLOSE(f);
#endif /* HAVE_ECC */
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_RSA_PUBKEY(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
- EXPECT_DECLS;
XFILE file = XBADFILE;
const char* fname = "./certs/client-keyPub.pem";
RSA *rsa = NULL;
@@ -36635,20 +33855,17 @@ static int test_wolfSSL_PEM_read_RSA_PUBKEY(void)
RSA_free(rsa);
if (file != XBADFILE)
XFCLOSE(file);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_bio_RSAKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \
!defined(HAVE_USER_RSA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
- EXPECT_DECLS;
RSA* rsa = NULL;
BIO* bio = NULL;
@@ -36704,20 +33921,17 @@ static int test_wolfSSL_PEM_bio_RSAKey(void)
RSA_free(rsa);
rsa = NULL;
#endif /* HAVE_ECC */
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
(defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_bio_RSAPrivateKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
- EXPECT_DECLS;
RSA* rsa = NULL;
RSA* rsa_dup = NULL;
BIO* bio = NULL;
@@ -36754,19 +33968,16 @@ static int test_wolfSSL_PEM_bio_RSAPrivateKey(void)
BIO_free(bio);
#endif /* HAVE_ECC */
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_bio_DSAKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifndef HAVE_SELFTEST
#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_CERTS) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && !defined(NO_DSA)
- EXPECT_DECLS;
DSA* dsa = NULL;
BIO* bio = NULL;
@@ -36812,21 +34023,18 @@ static int test_wolfSSL_PEM_bio_DSAKey(void)
DSA_free(dsa);
dsa = NULL;
#endif /* HAVE_ECC */
-
- res = TEST_RES_CHECK(1);
#endif /* defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && \
!defined(NO_CERTS) && defined(WOLFSSL_KEY_GEN) && \
!defined(NO_FILESYSTEM) && !defined(NO_DSA) */
#endif /* HAVE_SELFTEST */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_bio_ECKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
- EXPECT_DECLS;
EC_KEY* ec = NULL;
EC_KEY* ec2;
BIO* bio = NULL;
@@ -36952,17 +34160,14 @@ static int test_wolfSSL_PEM_bio_ECKey(void)
ExpectNull(PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL));
BIO_free(bio);
bio = NULL;
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_PUBKEY(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
@@ -37018,21 +34223,18 @@ static int test_wolfSSL_PEM_PUBKEY(void)
(void)bio;
(void)pkey;
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_DSA_do_sign_verify(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_DSA)
- EXPECT_DECLS;
unsigned char digest[WC_SHA_DIGEST_SIZE];
DSA_SIG* sig = NULL;
DSA* dsa = NULL;
@@ -37076,20 +34278,17 @@ static int test_DSA_do_sign_verify(void)
DSA_SIG_free(sig);
DSA_free(dsa);
-
- res = EXPECT_RESULT();
#endif
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_tmp_dh(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
byte buff[6000];
char file[] = "./certs/dsaparams.pem";
XFILE f = XBADFILE;
@@ -37148,18 +34347,15 @@ static int test_wolfSSL_tmp_dh(void)
#endif
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ctrl(void)
{
- int res = TEST_SKIPPED;
-#if defined (OPENSSL_EXTRA) && !defined(NO_BIO)
EXPECT_DECLS;
+#if defined (OPENSSL_EXTRA) && !defined(NO_BIO)
byte buff[6000];
BIO* bio = NULL;
int bytes;
@@ -37179,18 +34375,15 @@ static int test_wolfSSL_ctrl(void)
*/
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_BIO) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_new_mac_key(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
static const unsigned char pw[] = "password";
static const int pwSz = sizeof(pw) - 1;
size_t checkPwSz = 0;
@@ -37237,19 +34430,16 @@ static int test_wolfSSL_EVP_PKEY_new_mac_key(void)
ExpectIntEQ((int)checkPwSz, 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_new_CMAC_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
#if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
- EXPECT_DECLS;
const char *priv = "ABCDEFGHIJKLMNOP";
const WOLFSSL_EVP_CIPHER* cipher = EVP_aes_128_cbc();
WOLFSSL_EVP_PKEY* key = NULL;
@@ -37264,40 +34454,36 @@ static int test_wolfSSL_EVP_PKEY_new_CMAC_key(void)
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_CMAC_key(
NULL, (const unsigned char *)priv, AES_128_KEY_SIZE, cipher));
wolfSSL_EVP_PKEY_free(key);
-
- res = EXPECT_RESULT();
-#endif /* defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT) */
+#endif /* WOLFSSL_CMAC && !NO_AES && WOLFSSL_AES_DIRECT */
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_Digest(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_PWDBASED)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_PWDBASED)
const char* in = "abc";
int inLen = (int)XSTRLEN(in);
byte out[WC_SHA256_DIGEST_SIZE];
unsigned int outLen;
- const char* expOut = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
- "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
- "\x15\xAD";
+ const char* expOut =
+ "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+ "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+ "\x15\xAD";
- ExpectIntEQ(wolfSSL_EVP_Digest((unsigned char*)in, inLen, out, &outLen, "SHA256", NULL), 1);
+ ExpectIntEQ(wolfSSL_EVP_Digest((unsigned char*)in, inLen, out, &outLen,
+ "SHA256", NULL), 1);
ExpectIntEQ(outLen, WC_SHA256_DIGEST_SIZE);
ExpectIntEQ(XMEMCMP(out, expOut, WC_SHA256_DIGEST_SIZE), 0);
-
- res = EXPECT_RESULT();
#endif /* OPEN_EXTRA && ! NO_SHA256 */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_Digest_all(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
const char* digests[] = {
#ifndef NO_MD5
"MD5",
@@ -37348,17 +34534,14 @@ static int test_wolfSSL_EVP_Digest_all(void)
ExpectIntGT(outLen, 0);
ExpectIntEQ(EVP_MD_size(*d), outLen);
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_size(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
WOLFSSL_EVP_MD_CTX mdCtx;
#ifdef WOLFSSL_SHA3
@@ -37496,17 +34679,14 @@ static int test_wolfSSL_EVP_MD_size(void)
ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), BAD_FUNC_ARG);
/* Cleanup is valid on uninit'ed struct */
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_pkey_type(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
const WOLFSSL_EVP_MD* md;
#ifndef NO_MD5
@@ -37531,10 +34711,8 @@ static int test_wolfSSL_EVP_MD_pkey_type(void)
ExpectNotNull(md = EVP_sha512());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha512WithRSAEncryption);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifdef OPENSSL_EXTRA
@@ -37597,9 +34775,8 @@ static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
static int test_wolfSSL_EVP_MD_hmac_signing(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
static const unsigned char testKey[] =
{
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
@@ -37736,19 +34913,16 @@ static int test_wolfSSL_EVP_MD_hmac_signing(void)
sizeof(testResultSha3_512)), TEST_SUCCESS);
#endif
#endif
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_rsa_signing(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
- defined(USE_CERT_BUFFERS_2048)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
+ defined(USE_CERT_BUFFERS_2048)
WOLFSSL_EVP_PKEY* privKey = NULL;
WOLFSSL_EVP_PKEY* pubKey = NULL;
WOLFSSL_EVP_PKEY_CTX* keyCtx = NULL;
@@ -37860,18 +35034,15 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
wolfSSL_EVP_PKEY_free(pubKey);
wolfSSL_EVP_PKEY_free(privKey);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_ecc_signing(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
WOLFSSL_EVP_PKEY* privKey = NULL;
WOLFSSL_EVP_PKEY* pubKey = NULL;
const char testData[] = "Hi There";
@@ -37934,20 +35105,17 @@ static int test_wolfSSL_EVP_MD_ecc_signing(void)
wolfSSL_EVP_PKEY_free(pubKey);
wolfSSL_EVP_PKEY_free(privKey);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_extra_chain_cert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
char caFile[] = "./certs/client-ca.pem";
char clientFile[] = "./certs/client-cert.pem";
SSL_CTX* ctx = NULL;
@@ -38052,24 +35220,21 @@ static int test_wolfSSL_CTX_add_extra_chain_cert(void)
sk_X509_pop_free(chain, X509_free);
sk_X509_pop_free(chain2, X509_free);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
- #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined (NO_BIO) */
- return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+ !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined (NO_BIO) */
+ return EXPECT_RESULT();
}
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
static int test_wolfSSL_ERR_peek_last_error_line(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
!defined(NO_OLD_TLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_ERROR_QUEUE)
- EXPECT_DECLS;
callback_functions client_cb;
callback_functions server_cb;
int line = 0;
@@ -38114,11 +35279,9 @@ static int test_wolfSSL_ERR_peek_last_error_line(void)
fprintf(stderr, "\nTesting error print out\n");
ERR_print_errors_fp(stderr);
fprintf(stderr, "Done testing print out\n\n");
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
* !defined(NO_FILESYSTEM) && !defined(DEBUG_WOLFSSL) */
- return res;
+ return EXPECT_RESULT();
}
#endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
@@ -38135,12 +35298,11 @@ static int verify_cb(int ok, X509_STORE_CTX *ctx)
static int test_wolfSSL_X509_Name_canon(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_SHA) && \
defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && !defined(NO_RSA)
- EXPECT_DECLS;
const long ex_hash1 = 0x0fdb2da4;
const long ex_hash2 = 0x9f3e8c9e;
X509_NAME *name = NULL;
@@ -38195,17 +35357,14 @@ static int test_wolfSSL_X509_Name_canon(void)
XFCLOSE(file);
X509_free(x509);
XFREE(pbuf, NULL, DYNAMIC_TYPE_OPENSSL);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_LOOKUP_ctrl_hash_dir(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
const int MAX_DIR = 4;
const char paths[][32] = {
"./certs/ed25519",
@@ -38270,19 +35429,16 @@ static int test_wolfSSL_X509_LOOKUP_ctrl_hash_dir(void)
#endif
X509_STORE_free(str);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_LOOKUP_ctrl_file(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
defined(WOLFSSL_SIGNER_DER_CERT)
- EXPECT_DECLS;
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
X509_LOOKUP* lookup = NULL;
@@ -38411,10 +35567,8 @@ static int test_wolfSSL_X509_LOOKUP_ctrl_file(void)
ExpectIntEQ(X509_LOOKUP_ctrl(NULL, 0, NULL, 0, NULL), 0);
X509_STORE_free(str);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup(void)
@@ -38431,9 +35585,8 @@ static int test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup(void)
static int test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
X509* x509Ca = NULL;
@@ -38466,18 +35619,15 @@ static int test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
X509_free(x509Svr);
X509_STORE_free(str);
X509_free(x509Ca);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS7_certs(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_BIO) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7)
- EXPECT_DECLS;
STACK_OF(X509)* sk = NULL;
STACK_OF(X509_INFO)* info_sk = NULL;
PKCS7 *p7 = NULL;
@@ -38542,19 +35692,16 @@ static int test_wolfSSL_PKCS7_certs(void)
PKCS7_free(p7);
p7 = NULL;
}
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX(void)
{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+ !defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509_STORE_CTX* ctx = NULL;
X509_STORE* str = NULL;
X509* x509 = NULL;
@@ -38679,19 +35826,129 @@ static int test_wolfSSL_X509_STORE_CTX(void)
str = NULL;
}
- res = EXPECT_RESULT();
- #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+ * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+ return EXPECT_RESULT();
+}
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
+static int test_X509_STORE_untrusted_load_cert_to_stack(const char* filename,
+ STACK_OF(X509)* chain)
+{
+ EXPECT_DECLS;
+ XFILE fp = XBADFILE;
+ X509* cert = NULL;
+
+ ExpectTrue((fp = XFOPEN(filename, "rb"))
+ != XBADFILE);
+ ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntEQ(sk_X509_push(chain, cert), 1);
+ if (EXPECT_FAIL())
+ X509_free(cert);
+
+ return EXPECT_RESULT();
+}
+
+static int test_X509_STORE_untrusted_certs(const char** filenames, int ret,
+ int err, int loadCA)
+{
+ EXPECT_DECLS;
+ X509_STORE_CTX* ctx = NULL;
+ X509_STORE* str = NULL;
+ XFILE fp = XBADFILE;
+ X509* cert = NULL;
+ STACK_OF(X509)* untrusted = NULL;
+
+ ExpectTrue((fp = XFOPEN("./certs/intermediate/server-int-cert.pem", "rb"))
+ != XBADFILE);
+ ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+
+ ExpectNotNull(str = X509_STORE_new());
+ ExpectNotNull(ctx = X509_STORE_CTX_new());
+ ExpectNotNull(untrusted = sk_X509_new_null());
+
+ ExpectIntEQ(X509_STORE_set_flags(str, 0), 1);
+ if (loadCA) {
+ ExpectIntEQ(X509_STORE_load_locations(str, "./certs/ca-cert.pem", NULL),
+ 1);
+ }
+ for (; *filenames; filenames++) {
+ ExpectIntEQ(test_X509_STORE_untrusted_load_cert_to_stack(*filenames,
+ untrusted), TEST_SUCCESS);
+ }
+
+ ExpectIntEQ(X509_STORE_CTX_init(ctx, str, cert, untrusted), 1);
+ ExpectIntEQ(X509_verify_cert(ctx), ret);
+ ExpectIntEQ(X509_STORE_CTX_get_error(ctx), err);
+
+ X509_free(cert);
+ X509_STORE_free(str);
+ X509_STORE_CTX_free(ctx);
+ sk_X509_pop_free(untrusted, NULL);
+
+ return EXPECT_RESULT();
+}
+#endif
+
+static int test_X509_STORE_untrusted(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
+ const char* untrusted1[] = {
+ "./certs/intermediate/ca-int2-cert.pem",
+ NULL
+ };
+ const char* untrusted2[] = {
+ "./certs/intermediate/ca-int-cert.pem",
+ "./certs/intermediate/ca-int2-cert.pem",
+ NULL
+ };
+ const char* untrusted3[] = {
+ "./certs/intermediate/ca-int-cert.pem",
+ "./certs/intermediate/ca-int2-cert.pem",
+ "./certs/ca-cert.pem",
+ NULL
+ };
+ /* Adding unrelated certs that should be ignored */
+ const char* untrusted4[] = {
+ "./certs/client-ca.pem",
+ "./certs/intermediate/ca-int-cert.pem",
+ "./certs/server-cert.pem",
+ "./certs/intermediate/ca-int2-cert.pem",
+ NULL
+ };
+
+ /* Only immediate issuer in untrusted chain. Fails since can't build chain
+ * to loaded CA. */
+ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted1, 0,
+ X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 1), TEST_SUCCESS);
+ /* Succeeds because path to loaded CA is available. */
+ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted2, 1, 0, 1),
+ TEST_SUCCESS);
+ /* Fails because root CA is in the untrusted stack */
+ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted3, 0,
+ X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 0), TEST_SUCCESS);
+ /* Succeeds because path to loaded CA is available. */
+ ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted4, 1, 0, 1),
+ TEST_SUCCESS);
+#endif
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_set_flags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
- EXPECT_DECLS;
X509_STORE* store = NULL;
X509* x509 = NULL;
@@ -38710,20 +35967,17 @@ static int test_wolfSSL_X509_STORE_set_flags(void)
wolfSSL_X509_free(x509);
wolfSSL_X509_STORE_free(store);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_LOOKUP_load_file(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
(!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
- EXPECT_DECLS;
WOLFSSL_X509_STORE* store = NULL;
WOLFSSL_X509_LOOKUP* lookup = NULL;
@@ -38748,18 +36002,15 @@ static int test_wolfSSL_X509_LOOKUP_load_file(void)
}
wolfSSL_X509_STORE_free(store);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_CRL) &&
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX_set_time(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
WOLFSSL_X509_STORE_CTX* ctx = NULL;
time_t c_time;
@@ -38770,18 +36021,15 @@ static int test_wolfSSL_X509_STORE_CTX_set_time(void)
WOLFSSL_USE_CHECK_TIME);
ExpectTrue(ctx->param->check_time == c_time);
wolfSSL_X509_STORE_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get0_set1_param(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
SSL_CTX* ctx = NULL;
WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
WOLFSSL_X509_VERIFY_PARAM* pvpm = NULL;
@@ -38813,7 +36061,7 @@ static int test_wolfSSL_CTX_get0_set1_param(void)
ExpectIntEQ(0x01, pParam->hostFlags);
ExpectIntEQ(0, XSTRNCMP(pParam->ipasc, testIPv4, WOLFSSL_MAX_IPSTR));
- /* test for incorrect patameter */
+ /* test for incorrect parameter */
ExpectIntEQ(1,SSL_CTX_set1_param(ctx, NULL));
ExpectIntEQ(1,SSL_CTX_set1_param(NULL, pvpm));
ExpectIntEQ(1,SSL_CTX_set1_param(NULL, NULL));
@@ -38821,19 +36069,16 @@ static int test_wolfSSL_CTX_get0_set1_param(void)
SSL_CTX_free(ctx);
XFREE(pvpm, NULL, DYNAMIC_TYPE_OPENSSL);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_get0_param(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
@@ -38851,18 +36096,15 @@ static int test_wolfSSL_get0_param(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
const char host[] = "www.example.com";
WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
@@ -38881,18 +36123,15 @@ static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void)
XFREE(pParam, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
}
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_set1_host(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
const char host[] = "www.test_wolfSSL_set1_host.com";
const char emptyStr[] = "";
SSL_CTX* ctx = NULL;
@@ -38929,18 +36168,15 @@ static int test_wolfSSL_set1_host(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_VERIFY_PARAM_set1_ip(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
unsigned char buf[16] = {0};
WOLFSSL_X509_VERIFY_PARAM* param = NULL;
@@ -38997,17 +36233,14 @@ static int test_wolfSSL_X509_VERIFY_PARAM_set1_ip(void)
sizeof(param->ipasc)), 0);
XFREE(param, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_CTX_get0_store(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
X509_STORE* store = NULL;
X509_STORE_CTX* ctx = NULL;
X509_STORE_CTX* ctx_no_init = NULL;
@@ -39025,18 +36258,15 @@ static int test_wolfSSL_X509_STORE_CTX_get0_store(void)
wolfSSL_X509_STORE_CTX_free(ctx);
wolfSSL_X509_STORE_CTX_free(ctx_no_init);
X509_STORE_free(store);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_client_CA_list(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
X509_NAME* name = NULL;
@@ -39156,19 +36386,16 @@ static int test_wolfSSL_CTX_set_client_CA_list(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT &&
* !NO_BIO */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_add_client_CA(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509* x509_a = NULL;
@@ -39193,12 +36420,11 @@ static int test_wolfSSL_CTX_add_client_CA(void)
X509_free(x509);
X509_free(x509_a);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */
- return res;
+ return EXPECT_RESULT();
}
-#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
+#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES)
static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
{
callback_functions* callbacks = ((func_args*)args)->callbacks;
@@ -39252,12 +36478,12 @@ static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
if (ret != WOLFSSL_SUCCESS) {
char buff[WOLFSSL_MAX_ERROR_SZ];
- printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
+ fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
}
else {
if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
input[idx] = 0;
- printf("Client message: %s\n", input);
+ fprintf(stderr, "Client message: %s\n", input);
}
AssertIntEQ(privateNameLen, wolfSSL_write(ssl, privateName,
@@ -39277,7 +36503,7 @@ static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
wc_ecc_fp_free();
#endif
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* HAVE_ECH && WOLFSSL_TLS13 */
@@ -39293,33 +36519,30 @@ static void keyLog_callback(const WOLFSSL* ssl, const char* line )
fp = XFOPEN("./MyKeyLog.txt", "a");
XFWRITE( line, 1, strlen(line),fp);
XFWRITE( (void*)&lf,1,1,fp);
+ XFFLUSH(fp);
XFCLOSE(fp);
}
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
static int test_wolfSSL_CTX_set_keylog_callback(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
SSL_CTX* ctx = NULL;
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
SSL_CTX_set_keylog_callback(ctx, keyLog_callback );
SSL_CTX_free(ctx);
SSL_CTX_set_keylog_callback(NULL, NULL);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get_keylog_callback(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \
!defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
SSL_CTX* ctx = NULL;
ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
@@ -39329,10 +36552,8 @@ static int test_wolfSSL_CTX_get_keylog_callback(void)
SSL_CTX_set_keylog_callback(ctx, NULL );
ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),NULL);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
@@ -39346,12 +36567,11 @@ static int test_wolfSSL_Tls12_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx)
static int test_wolfSSL_Tls12_Key_Logging_test(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
/* This test is intended for checking whether keylog callback is called
* in client during TLS handshake between the client and a server.
*/
- EXPECT_DECLS;
test_ssl_cbf server_cbf;
test_ssl_cbf client_cbf;
XFILE fp = XBADFILE;
@@ -39389,10 +36609,10 @@ static int test_wolfSSL_Tls12_Key_Logging_test(void)
}
/* a log starting with "CLIENT_RANDOM " should exit in the file */
ExpectIntEQ(found, 1);
-
- res = EXPECT_RESULT();
+ /* clean up */
+ ExpectIntEQ(rem_file("./MyKeyLog.txt"), 0);
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
- return res;
+ return EXPECT_RESULT();
}
#if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
@@ -39407,13 +36627,12 @@ static int test_wolfSSL_Tls13_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx)
static int test_wolfSSL_Tls13_Key_Logging_test(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
defined(HAVE_SECRET_CALLBACK)
/* This test is intended for checking whether keylog callback is called
* in client during TLS handshake between the client and a server.
*/
- EXPECT_DECLS;
test_ssl_cbf server_cbf;
test_ssl_cbf client_cbf;
XFILE fp = XBADFILE;
@@ -39473,12 +36692,11 @@ static int test_wolfSSL_Tls13_Key_Logging_test(void)
}
ExpectIntEQ(numfnd, 4);
}
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && WOLFSSL_TLS13 */
- return res;
+ return EXPECT_RESULT();
}
-#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
+#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES)
static int test_wolfSSL_Tls13_ECH_params(void)
{
EXPECT_DECLS;
@@ -39676,30 +36894,28 @@ static int post_auth_cb(WOLFSSL* ssl)
static int set_post_auth_cb(WOLFSSL* ssl)
{
- EXPECT_DECLS;
if (!wolfSSL_is_server(ssl)) {
+ EXPECT_DECLS;
ExpectIntEQ(wolfSSL_allow_post_handshake_auth(ssl), 0);
+ return EXPECT_RESULT();
}
- else {
- wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL);
- }
- return EXPECT_RESULT();
+ wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL);
+ return TEST_SUCCESS;
}
#endif
static int test_wolfSSL_Tls13_postauth(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
- EXPECT_DECLS;
test_ssl_cbf server_cbf;
test_ssl_cbf client_cbf;
/* test version failure doing post auth with TLS 1.2 connection */
- XMEMSET(&server_cbf, 0, sizeof(callback_functions));
- XMEMSET(&client_cbf, 0, sizeof(callback_functions));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
server_cbf.method = wolfTLSv1_2_server_method;
server_cbf.ssl_ready = set_post_auth_cb;
server_cbf.on_result = post_auth_version_cb;
@@ -39710,8 +36926,8 @@ static int test_wolfSSL_Tls13_postauth(void)
&server_cbf, NULL), TEST_SUCCESS);
/* tests on post auth with TLS 1.3 */
- XMEMSET(&server_cbf, 0, sizeof(callback_functions));
- XMEMSET(&client_cbf, 0, sizeof(callback_functions));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
server_cbf.method = wolfTLSv1_3_server_method;
server_cbf.ssl_ready = set_post_auth_cb;
client_cbf.ssl_ready = set_post_auth_cb;
@@ -39720,19 +36936,16 @@ static int test_wolfSSL_Tls13_postauth(void)
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
&server_cbf, NULL), TEST_SUCCESS);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NID(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
- EXPECT_DECLS;
int sigType;
int nameSz;
@@ -39798,18 +37011,15 @@ static int test_wolfSSL_X509_NID(void)
EVP_PKEY_free(pubKeyTmp);
X509_free(cert);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_srp_username(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
&& !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char *username = "TESTUSER";
@@ -39833,19 +37043,16 @@ static int test_wolfSSL_CTX_set_srp_username(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
/* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_srp_password(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \
!defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
WOLFSSL_CTX* ctx = NULL;
const char *username = "TESTUSER";
const char *password = "TESTPASSWORD";
@@ -39862,18 +37069,15 @@ static int test_wolfSSL_CTX_set_srp_password(void)
ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password),
SSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
/* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
X509_STORE *store = NULL;
#ifdef HAVE_CRL
@@ -39921,7 +37125,8 @@ static int test_wolfSSL_X509_STORE(void)
SSL_FILETYPE_PEM)));
ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
ExpectIntNE(X509_verify_cert(storeCtx), SSL_SUCCESS);
- ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx), CRL_CERT_REVOKED);
+ ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx),
+ WOLFSSL_X509_V_ERR_CERT_REVOKED);
X509_CRL_free(crl);
crl = NULL;
X509_STORE_free(store);
@@ -39963,8 +37168,10 @@ static int test_wolfSSL_X509_STORE(void)
SSL_SUCCESS);
}
else {
- ExpectIntEQ(SSL_set1_verify_cert_store(ssl, store),
- SSL_SUCCESS);
+ ExpectIntEQ(SSL_set1_verify_cert_store(ssl, store), SSL_SUCCESS);
+ #ifdef OPENSSL_ALL
+ ExpectIntEQ(SSL_CTX_set1_verify_cert_store(ctx, store), SSL_SUCCESS);
+ #endif
}
if (EXPECT_FAIL() || (i == 1)) {
X509_STORE_free(store);
@@ -39978,18 +37185,15 @@ static int test_wolfSSL_X509_STORE(void)
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
}
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_load_locations(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA)
- EXPECT_DECLS;
SSL_CTX *ctx = NULL;
X509_STORE *store = NULL;
@@ -40048,18 +37252,15 @@ static int test_wolfSSL_X509_STORE_load_locations(void)
#endif
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_X509_STORE_get0_objects(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
!defined(NO_WOLFSSL_DIR) && !defined(NO_RSA)
- EXPECT_DECLS;
X509_STORE *store = NULL;
X509_STORE *store_cpy = NULL;
SSL_CTX *ctx = NULL;
@@ -40131,18 +37332,15 @@ static int test_X509_STORE_get0_objects(void)
X509_STORE_free(store_cpy);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_CTX(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
- EXPECT_DECLS;
WOLFSSL_BN_CTX* bn_ctx = NULL;
WOLFSSL_BIGNUM* t = NULL;
@@ -40164,18 +37362,15 @@ static int test_wolfSSL_BN_CTX(void)
BN_CTX_free(NULL);
BN_CTX_free(bn_ctx);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* c = NULL;
@@ -40289,19 +37484,16 @@ static int test_wolfSSL_BN(void)
BN_free(b);
BN_free(c);
BN_clear_free(d);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
#if !defined(USE_INTEGER_HEAP_MATH) && !defined(HAVE_WOLF_BIGINT)
- EXPECT_DECLS;
BIGNUM* ap = NULL;
BIGNUM bv;
BIGNUM cv;
@@ -40336,18 +37528,15 @@ static int test_wolfSSL_BN_init(void)
ExpectIntEQ(BN_get_word(&dv), 1);
BN_free(ap);
-
- res = EXPECT_RESULT();
#endif
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_enc_dec(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* c = NULL;
@@ -40437,17 +37626,14 @@ static int test_wolfSSL_BN_enc_dec(void)
BN_free(b);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_word(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* c = NULL;
@@ -40525,18 +37711,15 @@ static int test_wolfSSL_BN_word(void)
BN_free(c);
BN_free(b);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_bits(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM emptyBN;
@@ -40581,18 +37764,15 @@ static int test_wolfSSL_BN_bits(void)
#endif
BN_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_shift(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM emptyBN;
@@ -40633,18 +37813,15 @@ static int test_wolfSSL_BN_shift(void)
BN_free(b);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_math(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* r = NULL;
@@ -40766,18 +37943,15 @@ static int test_wolfSSL_BN_math(void)
BN_free(r);
BN_free(b);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_math_mod(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* m = NULL;
@@ -40904,19 +38078,16 @@ static int test_wolfSSL_BN_math_mod(void)
BN_free(m);
BN_free(b);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_math_other(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM* b = NULL;
BIGNUM* r = NULL;
@@ -40946,7 +38117,7 @@ static int test_wolfSSL_BN_math_other(void)
ExpectIntEQ(BN_gcd(r, a, &emptyBN, NULL), 0);
/* END Invalid parameters. */
- /* No comman factors between 2 and 3. */
+ /* No common factors between 2 and 3. */
ExpectIntEQ(BN_set_word(a, 2), 1);
ExpectIntEQ(BN_set_word(b, 3), 1);
ExpectIntEQ(BN_gcd(r, a, b, NULL), 1);
@@ -40965,18 +38136,15 @@ static int test_wolfSSL_BN_math_other(void)
BN_free(r);
BN_free(b);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_rand(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_NO_BN)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_NO_BN)
BIGNUM* bn = NULL;
BIGNUM* range = NULL;
BIGNUM emptyBN;
@@ -41115,19 +38283,16 @@ static int test_wolfSSL_BN_rand(void)
BN_free(bn);
BN_free(range);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BN_prime(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA))
- EXPECT_DECLS;
BIGNUM* a = NULL;
BIGNUM* add = NULL;
BIGNUM* rem = NULL;
@@ -41183,11 +38348,9 @@ static int test_wolfSSL_BN_prime(void)
BN_free(rem);
BN_free(add);
BN_free(a);
-
- res = EXPECT_RESULT();
#endif
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@@ -41221,14 +38384,15 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl)
int i, num;
BIO* bio = NULL;
#endif
- (void) ctx;
+
+ ExpectNotNull(ctx);
+ ExpectNotNull(ssl);
+
fprintf(stderr, "\n===== msgcb called ====\n");
#if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)
ExpectTrue(SSL_get_peer_cert_chain(ssl) != NULL);
ExpectIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 2);
ExpectNotNull(SSL_get0_verified_chain(ssl));
-#else
- (void) ssl;
#endif
#if defined(OPENSSL_ALL) && defined(SESSION_CERTS) && !defined(NO_BIO)
@@ -41256,15 +38420,14 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl)
static int test_wolfSSL_msgCb(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- EXPECT_DECLS;
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
- XMEMSET(&client_cb, 0, sizeof(callback_functions));
- XMEMSET(&server_cb, 0, sizeof(callback_functions));
+ XMEMSET(&client_cb, 0, sizeof(client_cb));
+ XMEMSET(&server_cb, 0, sizeof(server_cb));
#ifndef WOLFSSL_NO_TLS12
client_cb.method = wolfTLSv1_2_client_method;
server_cb.method = wolfTLSv1_2_server_method;
@@ -41275,18 +38438,15 @@ static int test_wolfSSL_msgCb(void)
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
&server_cb, msgCb), TEST_SUCCESS);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_either_side(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- EXPECT_DECLS;
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
@@ -41306,18 +38466,15 @@ static int test_wolfSSL_either_side(void)
wolfSSL_CTX_free(client_cb.ctx);
wolfSSL_CTX_free(server_cb.ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DTLS_either_side(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS)
- EXPECT_DECLS;
test_ssl_cbf client_cb;
test_ssl_cbf server_cb;
@@ -41337,17 +38494,14 @@ static int test_wolfSSL_DTLS_either_side(void)
wolfSSL_CTX_free(client_cb.ctx);
wolfSSL_CTX_free(server_cb.ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_generate_cookie(void)
{
- int res = TEST_SKIPPED;
-#if defined(WOLFSSL_DTLS) && defined(OPENSSL_EXTRA) && defined(USE_WOLFSSL_IO)
EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(OPENSSL_EXTRA) && defined(USE_WOLFSSL_IO)
SSL_CTX* ctx = NULL;
SSL* ssl = NULL;
byte buf[FOURK_BUF] = {0};
@@ -41368,18 +38522,15 @@ static int test_generate_cookie(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_set_options(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
WOLFSSL* ssl = NULL;
WOLFSSL_CTX* ctx = NULL;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -41499,20 +38650,17 @@ static int test_wolfSSL_set_options(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_sk_SSL_CIPHER(void)
{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
+ !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
STACK_OF(SSL_CIPHER) *sk = NULL;
@@ -41538,20 +38686,17 @@ static int test_wolfSSL_sk_SSL_CIPHER(void)
/* sk is pointer to internal struct that should be free'd in SSL_free */
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
- #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+ !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
+ return EXPECT_RESULT();
}
static int test_wolfSSL_set1_curves_list(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
@@ -41600,19 +38745,16 @@ static int test_wolfSSL_set1_curves_list(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_set1_sigalgs_list(void)
{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
@@ -41728,11 +38870,9 @@ static int test_wolfSSL_set1_sigalgs_list(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
- #endif
- return res;
+#endif
+ return EXPECT_RESULT();
}
/* Testing wolfSSL_set_tlsext_status_type function.
@@ -41740,10 +38880,9 @@ static int test_wolfSSL_set1_sigalgs_list(void)
*/
static int test_wolfSSL_set_tlsext_status_type(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
!defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
- EXPECT_DECLS;
SSL* ssl = NULL;
SSL_CTX* ctx = NULL;
@@ -41757,20 +38896,17 @@ static int test_wolfSSL_set_tlsext_status_type(void)
ExpectIntEQ(SSL_get_tlsext_status_type(ssl), TLSEXT_STATUSTYPE_ocsp);
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST && !NO_RSA */
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_read_bio(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
- EXPECT_DECLS;
byte buff[6000];
XFILE f = XBADFILE;
int bytes;
@@ -41797,11 +38933,9 @@ static int test_wolfSSL_PEM_read_bio(void)
BIO_free(bio);
BUF_MEM_free(buf);
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
* !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+ return EXPECT_RESULT();
}
@@ -41821,9 +38955,8 @@ static long bioCallback(BIO *bio, int cmd, const char* argp, int argi,
static int test_wolfSSL_BIO(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
const unsigned char* p = NULL;
byte buff[20];
BIO* bio1 = NULL;
@@ -42052,10 +39185,8 @@ static int test_wolfSSL_BIO(void)
ExpectNotNull(bio1 = BIO_new(BIO_s_bio()));
BIO_vfree(NULL);
BIO_vfree(bio1);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* !NO_BIO */
@@ -42063,9 +39194,8 @@ static int test_wolfSSL_BIO(void)
static int test_wolfSSL_a2i_IPADDRESS(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(WOLFSSL_USER_IO)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(WOLFSSL_USER_IO)
const unsigned char* data = NULL;
int dataSz = 0;
ASN1_OCTET_STRING *st = NULL;
@@ -42100,55 +39230,16 @@ static int test_wolfSSL_a2i_IPADDRESS(void)
ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP6_ADDR_LEN);
ExpectIntEQ(XMEMCMP(data, ipv6_exp, dataSz), 0);
ASN1_STRING_free(st);
-
- res = EXPECT_RESULT();
#endif
- return res;
-}
-
-static int test_wolfSSL_DES_ecb_encrypt(void)
-{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
- WOLFSSL_DES_cblock input1,input2,output1,output2,back1,back2;
- WOLFSSL_DES_key_schedule key;
-
- XMEMCPY(key,"12345678",sizeof(WOLFSSL_DES_key_schedule));
- XMEMCPY(input1, "Iamhuman",sizeof(WOLFSSL_DES_cblock));
- XMEMCPY(input2, "Whoisit?",sizeof(WOLFSSL_DES_cblock));
- XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
- XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
- XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
- XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
-
- /* Encrypt messages */
- wolfSSL_DES_ecb_encrypt(&input1,&output1,&key,DES_ENCRYPT);
- wolfSSL_DES_ecb_encrypt(&input2,&output2,&key,DES_ENCRYPT);
-
- {
- /* Decrypt messages */
- int ret1 = 0;
- int ret2 = 0;
- wolfSSL_DES_ecb_encrypt(&output1,&back1,&key,DES_DECRYPT);
- ret1 = XMEMCMP((unsigned char *) back1,(unsigned char *) input1,sizeof(WOLFSSL_DES_cblock));
- AssertIntEQ(ret1,0);
- wolfSSL_DES_ecb_encrypt(&output2,&back2,&key,DES_DECRYPT);
- ret2 = XMEMCMP((unsigned char *) back2,(unsigned char *) input2,sizeof(WOLFSSL_DES_cblock));
- AssertIntEQ(ret2,0);
- }
-
- res = TEST_RES_CHECK(1);
- #endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_cmp_time(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \
&& !defined(USER_TIME) && !defined(TIME_OVERRIDES)
- EXPECT_DECLS;
WOLFSSL_ASN1_TIME asn_time;
time_t t;
@@ -42158,20 +39249,17 @@ static int test_wolfSSL_X509_cmp_time(void)
ExpectIntEQ(ASN1_TIME_set_string(&asn_time, "000222211515Z"), 1);
ExpectIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL));
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_time_adj(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \
!defined(USER_TIME) && !defined(TIME_OVERRIDES) && \
defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) && \
!defined(NO_ASN_TIME)
- EXPECT_DECLS;
X509* x509 = NULL;
time_t t;
time_t not_before;
@@ -42190,19 +39278,16 @@ static int test_wolfSSL_X509_time_adj(void)
ExpectNotNull(X509_gmtime_adj(X509_get_notAfter(x509), not_after));
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
- EXPECT_DECLS;
X509* x509 = NULL;
#ifndef NO_BIO
BIO* bio = NULL;
@@ -42268,62 +39353,58 @@ static int test_wolfSSL_X509(void)
X509_free(x509); /* refCount = 2 */
X509_free(x509); /* refCount = 1 */
X509_free(x509); /* refCount = 0, free */
-
- res = EXPECT_RESULT();
- #endif
- return res;
+#endif
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext_count(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
int ret = 0;
- WOLFSSL_X509* x509;
+ WOLFSSL_X509* x509 = NULL;
const char ocspRootCaFile[] = "./certs/ocsp/root-ca-cert.pem";
- FILE* f;
+ XFILE f = XBADFILE;
/* NULL parameter check */
- AssertIntEQ(X509_get_ext_count(NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_get_ext_count(NULL), WOLFSSL_FAILURE);
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
- SSL_FILETYPE_PEM));
- AssertIntEQ(X509_get_ext_count(x509), 5);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+ SSL_FILETYPE_PEM));
+ ExpectIntEQ(X509_get_ext_count(x509), 5);
wolfSSL_X509_free(x509);
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(ocspRootCaFile,
- SSL_FILETYPE_PEM));
- AssertIntEQ(X509_get_ext_count(x509), 5);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(ocspRootCaFile,
+ SSL_FILETYPE_PEM));
+ ExpectIntEQ(X509_get_ext_count(x509), 5);
wolfSSL_X509_free(x509);
- AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
+ ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
/* wolfSSL_X509_get_ext_count() valid input */
- AssertIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
+ ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
/* wolfSSL_X509_get_ext_count() NULL argument */
- AssertIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE);
+ ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE);
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_sign2(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
/* test requires WOLFSSL_AKID_NAME to match expected output */
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_AKID_NAME) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
defined(WOLFSSL_IP_ALT_NAME))
- EXPECT_DECLS;
WOLFSSL_X509 *x509 = NULL;
WOLFSSL_X509 *ca = NULL;
const unsigned char *der = NULL;
@@ -42344,8 +39425,8 @@ static int test_wolfSSL_X509_sign2(void)
const unsigned char expected[] = {
0x30, 0x82, 0x05, 0x13, 0x30, 0x82, 0x03, 0xFB, 0xA0, 0x03, 0x02, 0x01,
- 0x02, 0x02, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03, 0x7D, 0x4C, 0x07, 0x84,
- 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90, 0xDC, 0x48, 0x8D, 0xEA, 0x53, 0x30,
+ 0x02, 0x02, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55, 0x8A,
+ 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30,
0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
@@ -42424,34 +39505,34 @@ static int test_wolfSSL_X509_sign2(void)
0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E,
0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
- 0x6F, 0x6D, 0x82, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03, 0x7D, 0x4C, 0x07,
- 0x84, 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90, 0xDC, 0x48, 0x8D, 0xEA, 0x53,
+ 0x6F, 0x6D, 0x82, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55,
+ 0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8,
0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82,
- 0x01, 0x01, 0x00, 0x4A, 0xFD, 0x81, 0xC9, 0xE9, 0xE6, 0x2D, 0xC7, 0x1F,
- 0xFA, 0x0A, 0xDC, 0x80, 0x21, 0xCE, 0xD9, 0x27, 0xD4, 0xA4, 0xA1, 0xEC,
- 0x87, 0x50, 0xA9, 0xE4, 0x6D, 0xF6, 0x04, 0x93, 0x5A, 0x1E, 0x51, 0xF4,
- 0x8F, 0x92, 0x3E, 0x58, 0x90, 0xD7, 0xE5, 0xD7, 0x4A, 0x3D, 0xF3, 0xC6,
- 0x1E, 0xE4, 0x78, 0x57, 0xCB, 0xE7, 0xED, 0x3F, 0x6A, 0x7D, 0x1E, 0xE2,
- 0xF1, 0x9F, 0xAA, 0x18, 0x0A, 0xC9, 0x1A, 0xD6, 0x78, 0x71, 0xB3, 0xB6,
- 0xE9, 0x55, 0x84, 0x27, 0x36, 0xA0, 0x89, 0x5C, 0x5A, 0x0A, 0x97, 0x53,
- 0x95, 0x36, 0x68, 0x39, 0xA9, 0x17, 0x51, 0x84, 0x2A, 0x68, 0x5F, 0xAE,
- 0xF3, 0x26, 0x32, 0x57, 0x99, 0x4A, 0x65, 0xE2, 0x14, 0x1E, 0xD8, 0x00,
- 0x24, 0xC1, 0xD1, 0x75, 0x56, 0xD3, 0x99, 0xD3, 0x55, 0x10, 0x88, 0xEC,
- 0x13, 0x05, 0x89, 0x18, 0x58, 0x55, 0x86, 0xFF, 0xA1, 0x2C, 0xB1, 0x96,
- 0xE5, 0x63, 0x1C, 0x83, 0xCA, 0xF6, 0x58, 0x0C, 0xD5, 0xD2, 0x27, 0x70,
- 0x61, 0x87, 0xCC, 0x17, 0x36, 0x6A, 0x75, 0x55, 0xB1, 0x13, 0xB6, 0xC8,
- 0x94, 0x0B, 0x1F, 0xE0, 0x32, 0xCA, 0x94, 0xA2, 0x46, 0x95, 0xBC, 0xA2,
- 0xA0, 0x2A, 0x4C, 0xEB, 0xFE, 0x14, 0xA3, 0x1D, 0x38, 0x13, 0x07, 0xB9,
- 0x98, 0x62, 0x88, 0xF1, 0x8F, 0xBC, 0xD7, 0x3F, 0x72, 0xD4, 0x2F, 0x77,
- 0xF2, 0x48, 0x0E, 0x9C, 0xAC, 0xE1, 0x44, 0x88, 0x58, 0x9A, 0x8E, 0x81,
- 0xBD, 0xB8, 0x6E, 0xF4, 0x64, 0x9B, 0x3A, 0xF1, 0x1D, 0x13, 0xE3, 0x51,
- 0xB9, 0xD1, 0x4D, 0xA3, 0xB5, 0x5D, 0x7B, 0x18, 0xBD, 0xDE, 0xAB, 0x1F,
- 0x82, 0x23, 0xAE, 0x6E, 0xB7, 0xE9, 0xEA, 0x54, 0xE6, 0xF5, 0x3E, 0x10,
- 0x80, 0x25, 0x36, 0x83, 0x46, 0xB2, 0x97, 0x8D, 0x3A, 0x06, 0xB6, 0xCC,
- 0x8D, 0xBE, 0xB4, 0xE6, 0x5E, 0xCA, 0x7B
+ 0x01, 0x01, 0x00, 0x14, 0xFB, 0xD0, 0xCE, 0x31, 0x7F, 0xA5, 0x59, 0xFA,
+ 0x7C, 0x68, 0x26, 0xA7, 0xE8, 0x0D, 0x9F, 0x50, 0x57, 0xFA, 0x1C, 0x7C,
+ 0x5E, 0x43, 0xA4, 0x97, 0x47, 0xB6, 0x41, 0xAC, 0x63, 0xD3, 0x61, 0x8C,
+ 0x1F, 0x42, 0xEF, 0x53, 0xD0, 0xBA, 0x31, 0x4D, 0x99, 0x74, 0xA4, 0x60,
+ 0xDC, 0xC6, 0x6F, 0xCC, 0x1E, 0x25, 0x98, 0xE1, 0xA4, 0xA0, 0x67, 0x69,
+ 0x97, 0xE3, 0x97, 0x7C, 0x83, 0x28, 0xF1, 0xF4, 0x7D, 0x03, 0xA8, 0x31,
+ 0x77, 0xCC, 0xD1, 0x37, 0xEF, 0x7B, 0x4A, 0x71, 0x2D, 0x11, 0x7E, 0x92,
+ 0xF5, 0x67, 0xB7, 0x56, 0xBA, 0x28, 0xF8, 0xD6, 0xCE, 0x2A, 0x71, 0xE3,
+ 0x70, 0x6B, 0x09, 0x0F, 0x67, 0x6F, 0x7A, 0xE0, 0x89, 0xF6, 0x5E, 0x23,
+ 0x0C, 0x0A, 0x44, 0x4E, 0x65, 0x8E, 0x7B, 0x68, 0xD0, 0xAD, 0x76, 0x3E,
+ 0x2A, 0x0E, 0xA2, 0x05, 0x11, 0x74, 0x24, 0x08, 0x60, 0xED, 0x9F, 0x98,
+ 0x18, 0xE9, 0x91, 0x58, 0x36, 0xEC, 0xEC, 0x25, 0x6B, 0xBA, 0x9C, 0x87,
+ 0x38, 0x68, 0xDC, 0xDC, 0x15, 0x6F, 0x20, 0x68, 0xC4, 0xBF, 0x05, 0x5B,
+ 0x4A, 0x0C, 0x44, 0x2B, 0x92, 0x3F, 0x10, 0x99, 0xDC, 0xF6, 0x6C, 0x0E,
+ 0x34, 0x26, 0x6E, 0x6D, 0x4E, 0x12, 0xBC, 0x60, 0x8F, 0x27, 0x1D, 0x7A,
+ 0x00, 0x50, 0xBE, 0x23, 0xDE, 0x48, 0x47, 0x9F, 0xAD, 0x2F, 0x94, 0x3D,
+ 0x16, 0x73, 0x48, 0x6B, 0xC8, 0x97, 0xE6, 0xB4, 0xB3, 0x4B, 0xE1, 0x68,
+ 0x08, 0xC3, 0xE5, 0x34, 0x5F, 0x9B, 0xDA, 0xAB, 0xCA, 0x6D, 0x55, 0x32,
+ 0xEF, 0x6C, 0xEF, 0x9B, 0x8B, 0x5B, 0xC7, 0xF0, 0xC2, 0x0F, 0x8E, 0x93,
+ 0x09, 0x60, 0x3C, 0x0B, 0xDC, 0xBD, 0xDB, 0x4A, 0x2D, 0xD0, 0x98, 0xAA,
+ 0xAB, 0x6C, 0x6F, 0x6D, 0x6B, 0x6A, 0x5C, 0x33, 0xAC, 0xAD, 0xA8, 0x1B,
+ 0x38, 0x5D, 0x9F, 0xDA, 0xE7, 0x70, 0x07
};
pt = ca_key_der_2048;
@@ -42492,19 +39573,16 @@ static int test_wolfSSL_X509_sign2(void)
wolfSSL_ASN1_TIME_free(notBefore);
wolfSSL_ASN1_TIME_free(notAfter);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_sign(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_ASN_TIME) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA)
- EXPECT_DECLS;
int ret;
char *cn = NULL;
word32 cnSz;
@@ -42694,17 +39772,14 @@ static int test_wolfSSL_X509_sign(void)
EVP_PKEY_free(pub);
X509_free(x509);
X509_free(ca);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get0_tbs_sigalg(void)
{
- int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
X509* x509 = NULL;
const X509_ALGOR* alg;
@@ -42714,18 +39789,15 @@ static int test_wolfSSL_X509_get0_tbs_sigalg(void)
ExpectNotNull(alg = X509_get0_tbs_sigalg(x509));
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_ALGOR_get0(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_SHA256) && !defined(NO_RSA)
- EXPECT_DECLS;
X509* x509 = NULL;
const ASN1_OBJECT* obj = NULL;
const X509_ALGOR* alg = NULL;
@@ -42749,18 +39821,15 @@ static int test_wolfSSL_X509_ALGOR_get0(void)
ExpectIntEQ(OBJ_obj2nid(obj), NID_sha256WithRSAEncryption);
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_VERIFY_PARAM(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
X509_VERIFY_PARAM *paramTo = NULL;
X509_VERIFY_PARAM *paramFrom = NULL;
char testIPv4[] = "127.0.0.1";
@@ -42878,10 +39947,8 @@ static int test_wolfSSL_X509_VERIFY_PARAM(void)
X509_VERIFY_PARAM_free(paramTo);
X509_VERIFY_PARAM_free(paramFrom);
X509_VERIFY_PARAM_free(NULL); /* to confirm NULL parameter gives no harm */
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
@@ -42895,7 +39962,7 @@ static WC_INLINE int test_wolfSSL_check_domain_verify_cb(int preverify,
ExpectIntEQ(X509_STORE_CTX_get_error(store), 0);
ExpectIntEQ(preverify, 1);
ExpectIntGT(++test_wolfSSL_check_domain_verify_count, 0);
- return EXPECT_RESULT() == TEST_SUCCESS;
+ return EXPECT_SUCCESS();
}
static int test_wolfSSL_check_domain_client_cb(WOLFSSL* ssl)
@@ -42953,9 +40020,8 @@ static int test_wolfSSL_check_domain(void)
static int test_wolfSSL_X509_get_X509_PUBKEY(void)
{
- int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
X509* x509 = NULL;
X509_PUBKEY* pubKey;
@@ -42965,18 +40031,15 @@ static int test_wolfSSL_X509_get_X509_PUBKEY(void)
ExpectNotNull(pubKey = wolfSSL_X509_get_X509_PUBKEY(x509));
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_RSA(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_SHA256) && !defined(NO_RSA)
- EXPECT_DECLS;
X509* x509 = NULL;
ASN1_OBJECT* obj = NULL;
const ASN1_OBJECT* pa_oid = NULL;
@@ -43018,17 +40081,14 @@ static int test_wolfSSL_X509_PUBKEY_RSA(void)
X509_PUBKEY_free(pubKey2);
X509_free(x509);
EVP_PKEY_free(evpKey);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_EC(void)
{
- int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && defined(HAVE_ECC)
EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && defined(HAVE_ECC)
X509* x509 = NULL;
ASN1_OBJECT* obj = NULL;
ASN1_OBJECT* poid = NULL;
@@ -43066,17 +40126,14 @@ static int test_wolfSSL_X509_PUBKEY_EC(void)
X509_PUBKEY_free(pubKey2);
X509_free(x509);
EVP_PKEY_free(evpKey);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_DSA(void)
{
- int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_DSA)
EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_DSA)
word32 bytes;
#ifdef USE_CERT_BUFFERS_1024
byte tmp[ONEK_BUF];
@@ -43141,26 +40198,21 @@ static int test_wolfSSL_X509_PUBKEY_DSA(void)
X509_PUBKEY_free(pubKey);
EVP_PKEY_free(evpKey);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BUF(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
BUF_MEM* buf = NULL;
ExpectNotNull(buf = BUF_MEM_new());
ExpectIntEQ(BUF_MEM_grow(buf, 10), 10);
ExpectIntEQ(BUF_MEM_grow(buf, -1), 0);
BUF_MEM_free(buf);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
@@ -43232,9 +40284,8 @@ static int stub_rand_status(void)
static int test_wolfSSL_RAND_set_rand_method(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
RAND_METHOD rand_methods = {NULL, NULL, NULL, NULL, NULL, NULL};
unsigned char* buf = NULL;
int num = 0;
@@ -43287,17 +40338,14 @@ static int test_wolfSSL_RAND_set_rand_method(void)
RAND_set_rand_method(NULL);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RAND_bytes(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
const int size1 = RNG_MAX_BLOCK_LEN; /* in bytes */
const int size2 = RNG_MAX_BLOCK_LEN + 1; /* in bytes */
const int size3 = RNG_MAX_BLOCK_LEN * 2; /* in bytes */
@@ -43324,17 +40372,14 @@ static int test_wolfSSL_RAND_bytes(void)
ExpectIntEQ(RAND_bytes(my_buf, size4), 1);
XFREE(my_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RAND(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
byte seed[16];
XMEMSET(seed, 0, sizeof(seed));
@@ -43353,19 +40398,16 @@ static int test_wolfSSL_RAND(void)
ExpectIntEQ(RAND_write_file(NULL), 0);
}
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_Compat(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) && \
!defined(NO_BIO)
- EXPECT_DECLS;
PKCS8_PRIV_KEY_INFO* pt = NULL;
BIO* bio = NULL;
XFILE f = XBADFILE;
@@ -43396,17 +40438,14 @@ static int test_wolfSSL_PKCS8_Compat(void)
BIO_free(bio);
PKCS8_PRIV_KEY_INFO_free(pt);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS8_d2i(void)
{
- int res = TEST_SKIPPED;
-#if !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
/* This test ends up using HMAC as a part of PBKDF2, and HMAC
* requires a 12 byte password in FIPS mode. This test ends up
* trying to use an 8 byte password. */
@@ -43642,10 +40681,8 @@ static int test_wolfSSL_PKCS8_d2i(void)
#endif /* HAVE_ECC */
#endif /* !NO_FILESYSTEM */
-
- res = EXPECT_RESULT();
#endif /* HAVE_FIPS && OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
#if defined(ERROR_QUEUE_PER_THREAD) && !defined(NO_ERROR_QUEUE) && \
@@ -43697,7 +40734,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_logging(void* args)
/* test that the 3 errors over the max were dropped */
AssertIntEQ(errorCount, ERROR_QUEUE_MAX);
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif
@@ -43725,10 +40762,9 @@ static int test_error_queue_per_thread(void)
static int test_wolfSSL_ERR_put_error(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
- EXPECT_DECLS;
const char* file;
int line;
@@ -43792,10 +40828,8 @@ static int test_wolfSSL_ERR_put_error(void)
ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0);
ERR_clear_error();
ExpectIntEQ(ERR_get_error_line(&file, &line), 0);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/*
@@ -43804,10 +40838,8 @@ static int test_wolfSSL_ERR_put_error(void)
*/
static int test_wolfSSL_ERR_get_error_order(void)
{
- int res = TEST_SKIPPED;
-#ifdef WOLFSSL_HAVE_ERROR_QUEUE
EXPECT_DECLS;
-
+#if defined(WOLFSSL_HAVE_ERROR_QUEUE) && defined(OPENSSL_EXTRA)
/* Empty the queue. */
wolfSSL_ERR_clear_error();
@@ -43818,28 +40850,25 @@ static int test_wolfSSL_ERR_get_error_order(void)
ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_NO_SIGNER_E);
ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_SELF_SIGNED_E);
ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_SELF_SIGNED_E);
-
- res = EXPECT_RESULT();
-#endif /* WOLFSSL_HAVE_ERROR_QUEUE */
- return res;
+#endif /* WOLFSSL_HAVE_ERROR_QUEUE && OPENSSL_EXTRA */
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_ERR_print_errors(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL) && !defined(NO_ERROR_STRINGS)
- EXPECT_DECLS;
BIO* bio = NULL;
char buf[1024];
ExpectNotNull(bio = BIO_new(BIO_s_mem()));
ERR_clear_error(); /* clear out any error nodes */
ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0);
- /* Choosing -299 as an unused errno between MIN_CODE_E < x < WC_LAST_E. */
- ERR_put_error(0,SYS_F_BIND, -299, "asn.c", 100);
+ /* Choosing -600 as an unused errno. */
+ ERR_put_error(0,SYS_F_BIND, -600, "asn.c", 100);
ERR_print_errors(bio);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 56);
@@ -43848,17 +40877,15 @@ static int test_wolfSSL_ERR_print_errors(void)
buf, 55), 0);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 57);
ExpectIntEQ(XSTRNCMP(
- "error:299:wolfSSL library:unknown error number:asn.c:100",
+ "error:600:wolfSSL library:unknown error number:asn.c:100",
buf, 56), 0);
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 1);
ExpectIntEQ(buf[0], '\0');
ExpectIntEQ(ERR_get_error_line(NULL, NULL), 0);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
@@ -43872,10 +40899,9 @@ static int test_wolfSSL_error_cb(const char *str, size_t len, void *u)
static int test_wolfSSL_ERR_print_errors_cb(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
defined(DEBUG_WOLFSSL)
- EXPECT_DECLS;
BIO* bio = NULL;
char buf[1024];
@@ -43895,11 +40921,9 @@ static int test_wolfSSL_ERR_print_errors_cb(void)
ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 0);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
/*
* Testing WOLFSSL_ERROR_MSG
@@ -43916,7 +40940,7 @@ static int test_WOLFSSL_ERROR_MSG(void)
res = TEST_SUCCESS;
#endif
return res;
-}/*End test_WOLFSSL_ERROR_MSG*/
+} /* End test_WOLFSSL_ERROR_MSG */
/*
* Testing wc_ERR_remove_state
*/
@@ -43929,16 +40953,15 @@ static int test_wc_ERR_remove_state(void)
res = TEST_SUCCESS;
#endif
return res;
-}/*End test_wc_ERR_remove_state*/
+} /* End test_wc_ERR_remove_state */
/*
* Testing wc_ERR_print_errors_fp
*/
static int test_wc_ERR_print_errors_fp(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) && \
(!defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM))
- EXPECT_DECLS;
long sz;
XFILE fp = XBADFILE;
@@ -43957,11 +40980,9 @@ static int test_wc_ERR_print_errors_fp(void)
if (fp != XBADFILE)
XFCLOSE(fp);
(void)sz;
-
- res = EXPECT_RESULT();
#endif
- return res;
-}/*End test_wc_ERR_print_errors_fp*/
+ return EXPECT_RESULT();
+} /* End test_wc_ERR_print_errors_fp */
#ifdef DEBUG_WOLFSSL
static void Logging_cb(const int logLevel, const char *const logMessage)
{
@@ -43986,10 +41007,972 @@ static int test_wolfSSL_GetLoggingCb(void)
ExpectNull(wolfSSL_GetLoggingCb());
return EXPECT_RESULT();
-}/*End test_wolfSSL_GetLoggingCb*/
+} /* End test_wolfSSL_GetLoggingCb */
#endif /* !NO_BIO */
+static int test_wolfSSL_MD4(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_MD4)
+ MD4_CTX md4;
+ unsigned char out[16]; /* MD4_DIGEST_SIZE */
+ const char* msg = "12345678901234567890123456789012345678901234567890123456"
+ "789012345678901234567890";
+ const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f"
+ "\xcc\x05\x36";
+ int msgSz = (int)XSTRLEN(msg);
+
+
+ XMEMSET(out, 0, sizeof(out));
+ MD4_Init(&md4);
+ MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz);
+ MD4_Final(out, &md4);
+ ExpectIntEQ(XMEMCMP(out, test, sizeof(out)), 0);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_MD5(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
+ byte input1[] = "";
+ byte input2[] = "message digest";
+ byte hash[WC_MD5_DIGEST_SIZE];
+ unsigned char output1[] =
+ "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e";
+ unsigned char output2[] =
+ "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0";
+ WOLFSSL_MD5_CTX md5;
+
+ XMEMSET(&md5, 0, sizeof(md5));
+
+ /* Test cases for illegal parameters */
+ ExpectIntEQ(MD5_Init(NULL), 0);
+ ExpectIntEQ(MD5_Init(&md5), 1);
+ ExpectIntEQ(MD5_Update(NULL, input1, 0), 0);
+ ExpectIntEQ(MD5_Update(NULL, NULL, 0), 0);
+ ExpectIntEQ(MD5_Update(&md5, NULL, 1), 0);
+ ExpectIntEQ(MD5_Final(NULL, &md5), 0);
+ ExpectIntEQ(MD5_Final(hash, NULL), 0);
+ ExpectIntEQ(MD5_Final(NULL, NULL), 0);
+
+ /* Init MD5 CTX */
+ ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1);
+ ExpectIntEQ(wolfSSL_MD5_Update(&md5, input1, XSTRLEN((const char*)&input1)),
+ 1);
+ ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
+ ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
+
+ /* Init MD5 CTX */
+ ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1);
+ ExpectIntEQ(wolfSSL_MD5_Update(&md5, input2,
+ (int)XSTRLEN((const char*)input2)), 1);
+ ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
+ ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && \
+ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
+ ExpectPtrNE(MD5(NULL, 1, (byte*)&hash), &hash);
+ ExpectPtrEq(MD5(input1, 0, (byte*)&hash), &hash);
+ ExpectPtrNE(MD5(input1, 1, NULL), NULL);
+ ExpectPtrNE(MD5(NULL, 0, NULL), NULL);
+
+ ExpectPtrEq(MD5(input1, (int)XSTRLEN((const char*)&input1), (byte*)&hash),
+ &hash);
+ ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
+
+ ExpectPtrEq(MD5(input2, (int)XSTRLEN((const char*)&input2), (byte*)&hash),
+ &hash);
+ ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
+ {
+ byte data[] = "Data to be hashed.";
+ XMEMSET(hash, 0, WC_MD5_DIGEST_SIZE);
+
+ ExpectNotNull(MD5(data, sizeof(data), NULL));
+ ExpectNotNull(MD5(data, sizeof(data), hash));
+ ExpectNotNull(MD5(NULL, 0, hash));
+ ExpectNull(MD5(NULL, sizeof(data), hash));
+ }
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_MD5_Transform(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
+ byte input1[] = "";
+ byte input2[] = "abc";
+ byte local[WC_MD5_BLOCK_SIZE];
+ word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+ unsigned char output1[] =
+ "\x03\x1f\x1d\xac\x6e\xa5\x8e\xd0\x1f\xab\x67\xb7\x74\x31\x77\x91";
+ unsigned char output2[] =
+ "\xef\xd3\x79\x8d\x67\x17\x25\x90\xa4\x13\x79\xc7\xe3\xa7\x7b\xbc";
+#else
+ unsigned char output1[] =
+ "\xac\x1d\x1f\x03\xd0\x8e\xa5\x6e\xb7\x67\xab\x1f\x91\x77\x31\x74";
+ unsigned char output2[] =
+ "\x8d\x79\xd3\xef\x90\x25\x17\x67\xc7\x79\x13\xa4\xbc\x7b\xa7\xe3";
+#endif
+
+ union {
+ wc_Md5 native;
+ MD5_CTX compat;
+ } md5;
+
+ XMEMSET(&md5.compat, 0, sizeof(md5.compat));
+ XMEMSET(&local, 0, sizeof(local));
+
+ /* sanity check */
+ ExpectIntEQ(MD5_Transform(NULL, NULL), 0);
+ ExpectIntEQ(MD5_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(MD5_Transform(&md5.compat, NULL), 0);
+ ExpectIntEQ(wc_Md5Transform(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Md5Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Md5Transform(&md5.native, NULL), BAD_FUNC_ARG);
+
+ /* Init MD5 CTX */
+ ExpectIntEQ(wolfSSL_MD5_Init(&md5.compat), 1);
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
+
+ ExpectIntEQ(XMEMCMP(md5.native.digest, output1, WC_MD5_DIGEST_SIZE), 0);
+
+ /* Init MD5 CTX */
+ ExpectIntEQ(MD5_Init(&md5.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_MD5_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(md5.native.digest, output2, WC_MD5_DIGEST_SIZE), 0);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST)
+ #if !defined(NO_SHA) && defined(NO_OLD_SHA_NAMES) && \
+ (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
+ {
+ const unsigned char in[] = "abc";
+ unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
+ "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D";
+ unsigned char out[WC_SHA_DIGEST_SIZE];
+ unsigned char* p;
+ WOLFSSL_SHA_CTX sha;
+
+ XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
+ ExpectNotNull(SHA1(in, XSTRLEN((char*)in), out));
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+
+ /* SHA interface test */
+ XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
+
+ ExpectNull(SHA(NULL, XSTRLEN((char*)in), out));
+ ExpectNotNull(SHA(in, 0, out));
+ ExpectNotNull(SHA(in, XSTRLEN((char*)in), NULL));
+ ExpectNotNull(SHA(NULL, 0, out));
+ ExpectNotNull(SHA(NULL, 0, NULL));
+
+ ExpectNotNull(SHA(in, XSTRLEN((char*)in), out));
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+ ExpectNotNull(p = SHA(in, XSTRLEN((char*)in), NULL));
+ ExpectIntEQ(XMEMCMP(p, expected, WC_SHA_DIGEST_SIZE), 0);
+
+ ExpectIntEQ(wolfSSL_SHA_Init(&sha), 1);
+ ExpectIntEQ(wolfSSL_SHA_Update(&sha, in, XSTRLEN((char*)in)), 1);
+ ExpectIntEQ(wolfSSL_SHA_Final(out, &sha), 1);
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+
+ ExpectIntEQ(wolfSSL_SHA1_Init(&sha), 1);
+ ExpectIntEQ(wolfSSL_SHA1_Update(&sha, in, XSTRLEN((char*)in)), 1);
+ ExpectIntEQ(wolfSSL_SHA1_Final(out, &sha), 1);
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+ }
+ #endif
+
+ #if !defined(NO_SHA256)
+ {
+ const unsigned char in[] = "abc";
+ unsigned char expected[] =
+ "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+ "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+ "\x15\xAD";
+ unsigned char out[WC_SHA256_DIGEST_SIZE];
+ unsigned char* p;
+
+ XMEMSET(out, 0, WC_SHA256_DIGEST_SIZE);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+ ExpectNotNull(SHA256(in, XSTRLEN((char*)in), out));
+#else
+ ExpectNotNull(wolfSSL_SHA256(in, XSTRLEN((char*)in), out));
+#endif
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA256_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+ ExpectNotNull(p = SHA256(in, XSTRLEN((char*)in), NULL));
+#else
+ ExpectNotNull(p = wolfSSL_SHA256(in, XSTRLEN((char*)in), NULL));
+#endif
+ ExpectIntEQ(XMEMCMP(p, expected, WC_SHA256_DIGEST_SIZE), 0);
+ }
+ #endif
+
+ #if defined(WOLFSSL_SHA384)
+ {
+ const unsigned char in[] = "abc";
+ unsigned char expected[] =
+ "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+ "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+ "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+ "\xc8\x25\xa7";
+ unsigned char out[WC_SHA384_DIGEST_SIZE];
+ unsigned char* p;
+
+ XMEMSET(out, 0, WC_SHA384_DIGEST_SIZE);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+ ExpectNotNull(SHA384(in, XSTRLEN((char*)in), out));
+#else
+ ExpectNotNull(wolfSSL_SHA384(in, XSTRLEN((char*)in), out));
+#endif
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA384_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+ ExpectNotNull(p = SHA384(in, XSTRLEN((char*)in), NULL));
+#else
+ ExpectNotNull(p = wolfSSL_SHA384(in, XSTRLEN((char*)in), NULL));
+#endif
+ ExpectIntEQ(XMEMCMP(p, expected, WC_SHA384_DIGEST_SIZE), 0);
+ }
+ #endif
+
+ #if defined(WOLFSSL_SHA512)
+ {
+ const unsigned char in[] = "abc";
+ unsigned char expected[] =
+ "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+ "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+ "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+ "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+ "\xa5\x4c\xa4\x9f";
+ unsigned char out[WC_SHA512_DIGEST_SIZE];
+ unsigned char* p;
+
+ XMEMSET(out, 0, WC_SHA512_DIGEST_SIZE);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+ ExpectNotNull(SHA512(in, XSTRLEN((char*)in), out));
+#else
+ ExpectNotNull(wolfSSL_SHA512(in, XSTRLEN((char*)in), out));
+#endif
+ ExpectIntEQ(XMEMCMP(out, expected, WC_SHA512_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+ ExpectNotNull(p = SHA512(in, XSTRLEN((char*)in), NULL));
+#else
+ ExpectNotNull(p = wolfSSL_SHA512(in, XSTRLEN((char*)in), NULL));
+#endif
+ ExpectIntEQ(XMEMCMP(p, expected, WC_SHA512_DIGEST_SIZE), 0);
+ }
+ #endif
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA_Transform(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+ byte input1[] = "";
+ byte input2[] = "abc";
+ byte local[WC_SHA_BLOCK_SIZE];
+ word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+ unsigned char output1[] =
+ "\x92\xb4\x04\xe5\x56\x58\x8c\xed\x6c\x1a\xcd\x4e\xbf\x05\x3f\x68"
+ "\x09\xf7\x3a\x93";
+ unsigned char output2[] =
+ "\x97\xb2\x74\x8b\x4f\x5b\xbc\xca\x5b\xc0\xe6\xea\x2d\x40\xb4\xa0"
+ "\x7c\x6e\x08\xb8";
+#else
+ unsigned char output1[] =
+ "\xe5\x04\xb4\x92\xed\x8c\x58\x56\x4e\xcd\x1a\x6c\x68\x3f\x05\xbf"
+ "\x93\x3a\xf7\x09";
+ unsigned char output2[] =
+ "\x8b\x74\xb2\x97\xca\xbc\x5b\x4f\xea\xe6\xc0\x5b\xa0\xb4\x40\x2d"
+ "\xb8\x08\x6e\x7c";
+#endif
+
+ union {
+ wc_Sha native;
+ SHA_CTX compat;
+ } sha;
+ union {
+ wc_Sha native;
+ SHA_CTX compat;
+ } sha1;
+
+ XMEMSET(&sha.compat, 0, sizeof(sha.compat));
+ XMEMSET(&local, 0, sizeof(local));
+
+ /* sanity check */
+ ExpectIntEQ(SHA_Transform(NULL, NULL), 0);
+ ExpectIntEQ(SHA_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(SHA_Transform(&sha.compat, NULL), 0);
+ ExpectIntEQ(SHA1_Transform(NULL, NULL), 0);
+ ExpectIntEQ(SHA1_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(SHA1_Transform(&sha.compat, NULL), 0);
+ ExpectIntEQ(wc_ShaTransform(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ShaTransform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ShaTransform(&sha.native, NULL), BAD_FUNC_ARG);
+
+ /* Init SHA CTX */
+ ExpectIntEQ(SHA_Init(&sha.compat), 1);
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha.native.digest, output1, WC_SHA_DIGEST_SIZE), 0);
+ ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
+
+ /* Init SHA CTX */
+ ExpectIntEQ(SHA_Init(&sha.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha.native.digest, output2, WC_SHA_DIGEST_SIZE), 0);
+ ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
+
+ /* SHA1 */
+ XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
+ /* Init SHA CTX */
+ ExpectIntEQ(SHA1_Init(&sha1.compat), 1);
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha1.native.digest, output1, WC_SHA_DIGEST_SIZE), 0);
+ ExpectIntEQ(SHA1_Final(local, &sha1.compat), 1); /* frees resources */
+
+ /* Init SHA CTX */
+ ExpectIntEQ(SHA1_Init(&sha1.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha1.native.digest, output2, WC_SHA_DIGEST_SIZE), 0);
+ ExpectIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA224(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224) && \
+ !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
+ unsigned char input[] =
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+ unsigned char output[] =
+ "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
+ "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25";
+ size_t inLen;
+ byte hash[WC_SHA224_DIGEST_SIZE];
+ unsigned char* p;
+
+ inLen = XSTRLEN((char*)input);
+
+ XMEMSET(hash, 0, WC_SHA224_DIGEST_SIZE);
+
+ ExpectNull(SHA224(NULL, inLen, hash));
+ ExpectNotNull(SHA224(input, 0, hash));
+ ExpectNotNull(SHA224(input, inLen, NULL));
+ ExpectNotNull(SHA224(NULL, 0, hash));
+ ExpectNotNull(SHA224(NULL, 0, NULL));
+
+ ExpectNotNull(SHA224(input, inLen, hash));
+ ExpectIntEQ(XMEMCMP(hash, output, WC_SHA224_DIGEST_SIZE), 0);
+ ExpectNotNull(p = SHA224(input, inLen, NULL));
+ ExpectIntEQ(XMEMCMP(p, output, WC_SHA224_DIGEST_SIZE), 0);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA256(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
+ defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+ unsigned char input[] =
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+ unsigned char output[] =
+ "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+ "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+ "\x06\xC1";
+ size_t inLen;
+ byte hash[WC_SHA256_DIGEST_SIZE];
+
+ inLen = XSTRLEN((char*)input);
+
+ XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
+ ExpectNotNull(SHA256(input, inLen, hash));
+ ExpectIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA256_Transform(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+ !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
+ !defined(WOLFSSL_KCAPI_HASH)
+ byte input1[] = "";
+ byte input2[] = "abc";
+ byte local[WC_SHA256_BLOCK_SIZE];
+ word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+ unsigned char output1[] =
+ "\xda\x56\x98\xbe\x17\xb9\xb4\x69\x62\x33\x57\x99\x77\x9f\xbe\xca"
+ "\x8c\xe5\xd4\x91\xc0\xd2\x62\x43\xba\xfe\xf9\xea\x18\x37\xa9\xd8";
+ unsigned char output2[] =
+ "\x1d\x4e\xd4\x67\x67\x7c\x61\x67\x44\x10\x76\x26\x78\x10\xff\xb8"
+ "\x40\xc8\x9a\x39\x73\x16\x60\x8c\xa6\x61\xd6\x05\x91\xf2\x8c\x35";
+#else
+ unsigned char output1[] =
+ "\xbe\x98\x56\xda\x69\xb4\xb9\x17\x99\x57\x33\x62\xca\xbe\x9f\x77"
+ "\x91\xd4\xe5\x8c\x43\x62\xd2\xc0\xea\xf9\xfe\xba\xd8\xa9\x37\x18";
+ unsigned char output2[] =
+ "\x67\xd4\x4e\x1d\x67\x61\x7c\x67\x26\x76\x10\x44\xb8\xff\x10\x78"
+ "\x39\x9a\xc8\x40\x8c\x60\x16\x73\x05\xd6\x61\xa6\x35\x8c\xf2\x91";
+#endif
+ union {
+ wc_Sha256 native;
+ SHA256_CTX compat;
+ } sha256;
+
+ XMEMSET(&sha256.compat, 0, sizeof(sha256.compat));
+ XMEMSET(&local, 0, sizeof(local));
+
+ /* sanity check */
+ ExpectIntEQ(SHA256_Transform(NULL, NULL), 0);
+ ExpectIntEQ(SHA256_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(SHA256_Transform(&sha256.compat, NULL), 0);
+ ExpectIntEQ(wc_Sha256Transform(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha256Transform(&sha256.native, NULL), BAD_FUNC_ARG);
+
+ /* Init SHA256 CTX */
+ ExpectIntEQ(SHA256_Init(&sha256.compat), 1);
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha256.native.digest, output1, WC_SHA256_DIGEST_SIZE),
+ 0);
+ ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
+
+ /* Init SHA256 CTX */
+ ExpectIntEQ(SHA256_Init(&sha256.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_SHA256_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha256.native.digest, output2, WC_SHA256_DIGEST_SIZE),
+ 0);
+ ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA512_Transform(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+ !defined(WOLFSSL_KCAPI_HASH)
+ byte input1[] = "";
+ byte input2[] = "abc";
+ byte local[WC_SHA512_BLOCK_SIZE];
+ word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+ unsigned char output1[] =
+ "\xcf\x78\x81\xd5\x77\x4a\xcb\xe8\x53\x33\x62\xe0\xfb\xc7\x80\x70"
+ "\x02\x67\x63\x9d\x87\x46\x0e\xda\x30\x86\xcb\x40\xe8\x59\x31\xb0"
+ "\x71\x7d\xc9\x52\x88\xa0\x23\xa3\x96\xba\xb2\xc1\x4c\xe0\xb5\xe0"
+ "\x6f\xc4\xfe\x04\xea\xe3\x3e\x0b\x91\xf4\xd8\x0c\xbd\x66\x8b\xee";
+ unsigned char output2[] =
+ "\x11\x10\x93\x4e\xeb\xa0\xcc\x0d\xfd\x33\x43\x9c\xfb\x04\xc8\x21"
+ "\xa9\xb4\x26\x3d\xca\xab\x31\x41\xe2\xc6\xaa\xaf\xe1\x67\xd7\xab"
+ "\x31\x8f\x2e\x54\x2c\xba\x4e\x83\xbe\x88\xec\x9d\x8f\x2b\x38\x98"
+ "\x14\xd2\x4e\x9d\x53\x8b\x5e\x4d\xde\x68\x6c\x69\xaf\x20\x96\xf0";
+#else
+ unsigned char output1[] =
+ "\xe8\xcb\x4a\x77\xd5\x81\x78\xcf\x70\x80\xc7\xfb\xe0\x62\x33\x53"
+ "\xda\x0e\x46\x87\x9d\x63\x67\x02\xb0\x31\x59\xe8\x40\xcb\x86\x30"
+ "\xa3\x23\xa0\x88\x52\xc9\x7d\x71\xe0\xb5\xe0\x4c\xc1\xb2\xba\x96"
+ "\x0b\x3e\xe3\xea\x04\xfe\xc4\x6f\xee\x8b\x66\xbd\x0c\xd8\xf4\x91";
+ unsigned char output2[] =
+ "\x0d\xcc\xa0\xeb\x4e\x93\x10\x11\x21\xc8\x04\xfb\x9c\x43\x33\xfd"
+ "\x41\x31\xab\xca\x3d\x26\xb4\xa9\xab\xd7\x67\xe1\xaf\xaa\xc6\xe2"
+ "\x83\x4e\xba\x2c\x54\x2e\x8f\x31\x98\x38\x2b\x8f\x9d\xec\x88\xbe"
+ "\x4d\x5e\x8b\x53\x9d\x4e\xd2\x14\xf0\x96\x20\xaf\x69\x6c\x68\xde";
+#endif
+ union {
+ wc_Sha512 native;
+ SHA512_CTX compat;
+ } sha512;
+
+ XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
+ XMEMSET(&local, 0, sizeof(local));
+
+ /* sanity check */
+ ExpectIntEQ(SHA512_Transform(NULL, NULL), 0);
+ ExpectIntEQ(SHA512_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(SHA512_Transform(&sha512.compat, NULL), 0);
+ ExpectIntEQ(wc_Sha512Transform(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512Transform(&sha512.native, NULL), BAD_FUNC_ARG);
+
+ /* Init SHA512 CTX */
+ ExpectIntEQ(wolfSSL_SHA512_Init(&sha512.compat), 1);
+
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
+ WC_SHA512_DIGEST_SIZE), 0);
+ ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
+
+ /* Init SHA512 CTX */
+ ExpectIntEQ(SHA512_Init(&sha512.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
+ ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
+ WC_SHA512_DIGEST_SIZE), 0);
+ ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
+
+ (void)input1;
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA512_224_Transform(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \
+ !defined(WOLFSSL_NOSHA512_224)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+ !defined(WOLFSSL_KCAPI_HASH)
+ byte input1[] = "";
+ byte input2[] = "abc";
+ byte local[WC_SHA512_BLOCK_SIZE];
+ word32 sLen = 0;
+ unsigned char output1[] =
+ "\x94\x24\x66\xd4\x60\x3a\xeb\x23\x1d\xa8\x69\x31\x3c\xd2\xde\x11"
+ "\x48\x0f\x4a\x5a\xdf\x3a\x8d\x87\xcf\xcd\xbf\xa5\x03\x21\x50\xf1"
+ "\x8a\x0d\x0f\x0d\x3c\x07\xba\x52\xe0\xaa\x3c\xbb\xf1\xd3\x3f\xca"
+ "\x12\xa7\x61\xf8\x47\xda\x0d\x1b\x79\xc2\x65\x13\x92\xc1\x9c\xa5";
+ unsigned char output2[] =
+ "\x51\x28\xe7\x0b\xca\x1e\xbc\x5f\xd7\x34\x0b\x48\x30\xd7\xc2\x75"
+ "\x6d\x8d\x48\x2c\x1f\xc7\x9e\x2b\x20\x5e\xbb\x0f\x0e\x4d\xb7\x61"
+ "\x31\x76\x33\xa0\xb4\x3d\x5f\x93\xc1\x73\xac\xf7\x21\xff\x69\x17"
+ "\xce\x66\xe5\x1e\x31\xe7\xf3\x22\x0f\x0b\x34\xd7\x5a\x57\xeb\xbf";
+ union {
+ wc_Sha512 native;
+ SHA512_CTX compat;
+ } sha512;
+
+#ifdef BIG_ENDIAN_ORDER
+ ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1));
+ ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2));
+#endif
+
+ XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
+ XMEMSET(&local, 0, sizeof(local));
+
+ /* sanity check */
+ ExpectIntEQ(SHA512_224_Transform(NULL, NULL), 0);
+ ExpectIntEQ(SHA512_224_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(SHA512_224_Transform(&sha512.compat, NULL), 0);
+ ExpectIntEQ(wc_Sha512_224Transform(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_224Transform(NULL, (const byte*)&input1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_224Transform(&sha512.native, NULL), BAD_FUNC_ARG);
+
+ /* Init SHA512 CTX */
+ ExpectIntEQ(wolfSSL_SHA512_224_Init(&sha512.compat), 1);
+
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]),
+ 1);
+ ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
+ WC_SHA512_DIGEST_SIZE), 0);
+ /* frees resources */
+ ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1);
+
+ /* Init SHA512 CTX */
+ ExpectIntEQ(SHA512_224_Init(&sha512.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]),
+ 1);
+ ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
+ WC_SHA512_DIGEST_SIZE), 0);
+ /* frees resources */
+ ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA512_256_Transform(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \
+ !defined(WOLFSSL_NOSHA512_256)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+ !defined(WOLFSSL_KCAPI_HASH)
+ byte input1[] = "";
+ byte input2[] = "abc";
+ byte local[WC_SHA512_BLOCK_SIZE];
+ word32 sLen = 0;
+ unsigned char output1[] =
+ "\xf8\x37\x37\x5a\xd7\x2e\x56\xec\xe2\x51\xa8\x31\x3a\xa0\x63\x2b"
+ "\x7e\x7c\x64\xcc\xd9\xff\x2b\x6b\xeb\xc3\xd4\x4d\x7f\x8a\x3a\xb5"
+ "\x61\x85\x0b\x37\x30\x9f\x3b\x08\x5e\x7b\xd3\xbc\x6d\x00\x61\xc0"
+ "\x65\x9a\xd7\x73\xda\x40\xbe\xc1\xe5\x2f\xc6\x5d\xb7\x9f\xbe\x60";
+ unsigned char output2[] =
+ "\x22\xad\xc0\x30\xee\xd4\x6a\xef\x13\xee\x5a\x95\x8b\x1f\xb7\xb6"
+ "\xb6\xba\xc0\x44\xb8\x18\x3b\xf0\xf6\x4b\x70\x9f\x03\xba\x64\xa1"
+ "\xe1\xe3\x45\x15\x91\x7d\xcb\x0b\x9a\xf0\xd2\x8e\x47\x8b\x37\x78"
+ "\x91\x41\xa6\xc4\xb0\x29\x8f\x8b\xdd\x78\x5c\xf2\x73\x3f\x21\x31";
+ union {
+ wc_Sha512 native;
+ SHA512_CTX compat;
+ } sha512;
+
+#ifdef BIG_ENDIAN_ORDER
+ ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1));
+ ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2));
+#endif
+
+ XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
+ XMEMSET(&local, 0, sizeof(local));
+
+ /* sanity check */
+ ExpectIntEQ(SHA512_256_Transform(NULL, NULL), 0);
+ ExpectIntEQ(SHA512_256_Transform(NULL, (const byte*)&input1), 0);
+ ExpectIntEQ(SHA512_256_Transform(&sha512.compat, NULL), 0);
+ ExpectIntEQ(wc_Sha512_256Transform(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_256Transform(NULL, (const byte*)&input1),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wc_Sha512_256Transform(&sha512.native, NULL), BAD_FUNC_ARG);
+
+ /* Init SHA512 CTX */
+ ExpectIntEQ(wolfSSL_SHA512_256_Init(&sha512.compat), 1);
+
+ /* Do Transform*/
+ sLen = (word32)XSTRLEN((char*)input1);
+ XMEMCPY(local, input1, sLen);
+ ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]),
+ 1);
+ ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
+ WC_SHA512_DIGEST_SIZE), 0);
+ /* frees resources */
+ ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1);
+
+ /* Init SHA512 CTX */
+ ExpectIntEQ(SHA512_256_Init(&sha512.compat), 1);
+ sLen = (word32)XSTRLEN((char*)input2);
+ XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
+ XMEMCPY(local, input2, sLen);
+ ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]),
+ 1);
+ ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
+ WC_SHA512_DIGEST_SIZE), 0);
+ /* frees resources */
+ ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
+/* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a
+ * buffer of 64 bytes.
+ *
+ * returns the size of the digest buffer on success and a negative value on
+ * failure.
+ */
+static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest,
+ int* sz)
+{
+ EXPECT_DECLS;
+ HMAC_CTX ctx1;
+ HMAC_CTX ctx2;
+
+ unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+ "\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
+ unsigned char long_key[] =
+ "0123456789012345678901234567890123456789"
+ "0123456789012345678901234567890123456789"
+ "0123456789012345678901234567890123456789"
+ "0123456789012345678901234567890123456789";
+
+ unsigned char msg[] = "message to hash";
+ unsigned int digestSz = 64;
+ int keySz = sizeof(key);
+ int long_keySz = sizeof(long_key);
+ int msgSz = sizeof(msg);
+
+ unsigned char digest2[64];
+ unsigned int digestSz2 = 64;
+
+ HMAC_CTX_init(&ctx1);
+
+ ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx1);
+
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx2);
+
+ ExpectIntEQ(digestSz, digestSz2);
+ ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+ /* test HMAC_Init with NULL key */
+
+ /* init after copy */
+ HMAC_CTX_init(&ctx1);
+ ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+ ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx1);
+
+ ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx2);
+
+ ExpectIntEQ(digestSz, digestSz2);
+ ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+ /* long key */
+ HMAC_CTX_init(&ctx1);
+ ExpectIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type),
+ SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+ ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx1);
+
+ ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx2);
+
+ ExpectIntEQ(digestSz, digestSz2);
+ ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+ /* init before copy */
+ HMAC_CTX_init(&ctx1);
+ ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx1);
+
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
+ HMAC_CTX_cleanup(&ctx2);
+
+ ExpectIntEQ(digestSz, digestSz2);
+ ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+ *sz = digestSz;
+ return EXPECT_RESULT();
+}
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */
+
+static int test_wolfSSL_HMAC_CTX(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
+ unsigned char digest[64];
+ int digestSz;
+ WOLFSSL_HMAC_CTX* hmac_ctx = NULL;
+ WOLFSSL_HMAC_CTX ctx1;
+ WOLFSSL_HMAC_CTX ctx2;
+
+ ExpectNotNull(hmac_ctx = wolfSSL_HMAC_CTX_new());
+ ExpectIntEQ(wolfSSL_HMAC_CTX_Init(NULL), 1);
+ ExpectIntEQ(wolfSSL_HMAC_CTX_Init(hmac_ctx), 1);
+ wolfSSL_HMAC_CTX_free(NULL);
+ wolfSSL_HMAC_CTX_free(hmac_ctx);
+
+ XMEMSET(&ctx2, 0, sizeof(WOLFSSL_HMAC_CTX));
+ ExpectIntEQ(HMAC_CTX_init(NULL), 1);
+ ExpectIntEQ(HMAC_CTX_init(&ctx2), 1);
+ ExpectIntEQ(HMAC_CTX_copy(NULL, NULL), 0);
+ ExpectIntEQ(HMAC_CTX_copy(NULL, &ctx2), 0);
+ ExpectIntEQ(HMAC_CTX_copy(&ctx2, NULL), 0);
+#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \
+ ((! defined(HAVE_FIPS_VERSION)) || \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)))
+ /* Copy object that hasn't had a digest set - MD5. */
+ ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 1);
+#else
+ /* Copy object that hasn't had a digest set. */
+ ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 0);
+#endif
+ HMAC_CTX_cleanup(NULL);
+ HMAC_CTX_cleanup(&ctx2);
+
+ ExpectNull(HMAC_CTX_get_md(NULL));
+
+ #ifndef NO_SHA
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha1(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 20);
+ ExpectIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA"
+ "\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0);
+ #endif /* !NO_SHA */
+ #ifdef WOLFSSL_SHA224
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha224(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 28);
+ ExpectIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95"
+ "\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD"
+ "\x02\x0E", digest, digestSz), 0);
+ #endif /* WOLFSSL_SHA224 */
+ #ifndef NO_SHA256
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha256(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 32);
+ ExpectIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC"
+ "\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2"
+ "\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0);
+ #endif /* !NO_SHA256 */
+
+ #ifdef WOLFSSL_SHA384
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha384(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 48);
+ ExpectIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7"
+ "\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25"
+ "\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7"
+ "\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB",
+ digest, digestSz), 0);
+ #endif /* WOLFSSL_SHA384 */
+ #ifdef WOLFSSL_SHA512
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha512(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 64);
+ ExpectIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD"
+ "\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10"
+ "\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60"
+ "\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60"
+ "\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0",
+ digest, digestSz), 0);
+ #endif /* WOLFSSL_SHA512 */
+
+#ifdef WOLFSSL_SHA3
+ #ifndef WOLFSSL_NOSHA3_224
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_224(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 28);
+ ExpectIntEQ(XMEMCMP("\xdc\x53\x25\x3f\xc0\x9d\x2b\x0c\x7f\x59\x11\x17\x08"
+ "\x5c\xe8\x43\x31\x01\x5a\xb3\xe3\x08\x37\x71\x26\x0b"
+ "\x29\x0f", digest, digestSz), 0);
+ #endif
+ #ifndef WOLFSSL_NOSHA3_256
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_256(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 32);
+ ExpectIntEQ(XMEMCMP("\x0f\x00\x89\x82\x15\xce\xd6\x45\x01\x83\xce\xc8\x35"
+ "\xab\x71\x07\xc9\xfe\x61\x22\x38\xf9\x09\xad\x35\x65"
+ "\x43\x77\x24\xd4\x1e\xf4", digest, digestSz), 0);
+ #endif
+ #ifndef WOLFSSL_NOSHA3_384
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_384(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 48);
+ ExpectIntEQ(XMEMCMP("\x0f\x6a\xc0\xfb\xc3\xf2\x80\xb1\xb4\x04\xb6\xc8\x45"
+ "\x23\x3b\xb4\xbe\xc6\xea\x85\x07\xca\x8c\x71\xbb\x6e"
+ "\x79\xf6\xf9\x2b\x98\xf5\xef\x11\x39\xd4\x5d\xd3\xca"
+ "\xc0\xe6\x81\xf7\x73\xf9\x85\x5d\x4f",
+ digest, digestSz), 0);
+ #endif
+ #ifndef WOLFSSL_NOSHA3_512
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_512(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 64);
+ ExpectIntEQ(XMEMCMP("\x3e\x77\xe3\x59\x42\x89\xed\xc3\xa4\x26\x3d\xa4\x75"
+ "\xd2\x84\x8c\xb2\xf3\x25\x04\x47\x61\xce\x1c\x42\x86"
+ "\xcd\xf4\x56\xaa\x2f\x84\xb1\x3b\x18\xed\xe6\xd6\x48"
+ "\x15\xb0\x29\xc5\x9d\x32\xef\xdd\x3e\x09\xf6\xed\x9e"
+ "\x70\xbc\x1c\x63\xf7\x3b\x3e\xe1\xdc\x84\x9c\x1c",
+ digest, digestSz), 0);
+ #endif
+#endif
+
+ #if !defined(NO_MD5) && (!defined(HAVE_FIPS_VERSION) || \
+ HAVE_FIPS_VERSION <= 2)
+ ExpectIntEQ((test_HMAC_CTX_helper(EVP_md5(), digest, &digestSz)),
+ TEST_SUCCESS);
+ ExpectIntEQ(digestSz, 16);
+ ExpectIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F"
+ "\xE4\x98\xDD", digest, digestSz), 0);
+ #endif /* !NO_MD5 */
+#endif
+ return EXPECT_RESULT();
+}
+
#if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
@@ -44004,23 +41987,58 @@ static int test_openssl_hmac(const WOLFSSL_EVP_MD* md, int md_len)
ExpectNotNull(hmac = HMAC_CTX_new());
HMAC_CTX_init(hmac);
- ExpectIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key), md, e),
- SSL_SUCCESS);
+#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \
+ ((! defined(HAVE_FIPS_VERSION)) || \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)))
+ /* Get size on object that hasn't had a digest set - MD5. */
+ ExpectIntEQ(HMAC_size(hmac), 16);
+ ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 1);
+ ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 1);
+ ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 1);
+#else
+ ExpectIntEQ(HMAC_size(hmac), BAD_FUNC_ARG);
+ ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 0);
+ ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 0);
+ ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 0);
+#endif
+ ExpectIntEQ(HMAC_Init_ex(NULL, (void*)key, (int)sizeof(key), md, e), 0);
+ ExpectIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key), md, e), 1);
/* re-using test key as data to hash */
- ExpectIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), SSL_SUCCESS);
- ExpectIntEQ(HMAC_Update(hmac, NULL, 0), SSL_SUCCESS);
- ExpectIntEQ(HMAC_Final(hmac, hash, &len), SSL_SUCCESS);
+ ExpectIntEQ(HMAC_Update(NULL, key, (int)sizeof(key)), 0);
+ ExpectIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), 1);
+ ExpectIntEQ(HMAC_Update(hmac, key, 0), 1);
+ ExpectIntEQ(HMAC_Update(hmac, NULL, 0), 1);
+ ExpectIntEQ(HMAC_Update(hmac, NULL, (int)sizeof(key)), 1);
+ ExpectIntEQ(HMAC_Final(NULL, NULL, &len), 0);
+ ExpectIntEQ(HMAC_Final(hmac, NULL, &len), 0);
+ ExpectIntEQ(HMAC_Final(NULL, hash, &len), 0);
+ ExpectIntEQ(HMAC_Final(hmac, hash, &len), 1);
+ ExpectIntEQ(HMAC_Final(hmac, hash, NULL), 1);
ExpectIntEQ(len, md_len);
+ ExpectIntEQ(HMAC_size(NULL), 0);
ExpectIntEQ(HMAC_size(hmac), md_len);
ExpectStrEQ(HMAC_CTX_get_md(hmac), md);
+ HMAC_cleanup(NULL);
HMAC_cleanup(hmac);
HMAC_CTX_free(hmac);
len = 0;
+ ExpectNull(HMAC(NULL, key, (int)sizeof(key), NULL, 0, hash, &len));
+ ExpectNull(HMAC(md, NULL, (int)sizeof(key), NULL, 0, hash, &len));
+ ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, 0, NULL, &len));
ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, &len));
ExpectIntEQ(len, md_len);
+ ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, NULL));
+ /* With data. */
+ ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, (int)sizeof(key), hash,
+ &len));
+ /* With NULL data. */
+ ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, (int)sizeof(key), hash,
+ &len));
+ /* With zero length data. */
+ ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, 0, hash, &len));
return EXPECT_RESULT();
}
@@ -44028,11 +42046,10 @@ static int test_openssl_hmac(const WOLFSSL_EVP_MD* md, int md_len)
static int test_wolfSSL_HMAC(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
- EXPECT_DECLS;
#ifndef NO_SHA256
ExpectIntEQ(test_openssl_hmac(EVP_sha256(), (int)WC_SHA256_DIGEST_SIZE),
TEST_SUCCESS);
@@ -44071,63 +42088,1035 @@ static int test_wolfSSL_HMAC(void)
ExpectIntEQ(test_openssl_hmac(EVP_sha1(), (int)WC_SHA_DIGEST_SIZE),
TEST_SUCCESS);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CMAC(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_AES_DIRECT)
- EXPECT_DECLS;
int i;
- byte key[AES_128_KEY_SIZE];
+ byte key[AES_256_KEY_SIZE];
CMAC_CTX* cmacCtx = NULL;
byte out[AES_BLOCK_SIZE];
size_t outLen = AES_BLOCK_SIZE;
- for (i=0; i < AES_128_KEY_SIZE; ++i) {
+ for (i=0; i < AES_256_KEY_SIZE; ++i) {
key[i] = i;
}
ExpectNotNull(cmacCtx = CMAC_CTX_new());
/* Check CMAC_CTX_get0_cipher_ctx; return value not used. */
ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
- NULL), SSL_SUCCESS);
+ NULL), 1);
/* re-using test key as data to hash */
- ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), SSL_SUCCESS);
- ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), SSL_SUCCESS);
- ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), SSL_SUCCESS);
+ ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
+ ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1);
+ ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 1);
ExpectIntEQ(outLen, AES_BLOCK_SIZE);
+
+ /* No Update works. */
+ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
+ NULL), 1);
+ ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
+
+ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
+ NULL), 1);
+ /* Test parameters with CMAC_Update. */
+ ExpectIntEQ(CMAC_Update(NULL, NULL, 0), 0);
+ ExpectIntEQ(CMAC_Update(NULL, key, 0), 0);
+ ExpectIntEQ(CMAC_Update(NULL, NULL, AES_128_KEY_SIZE), 0);
+ ExpectIntEQ(CMAC_Update(NULL, key, AES_128_KEY_SIZE), 0);
+ ExpectIntEQ(CMAC_Update(cmacCtx, key, 0), 1);
+ ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1);
+ ExpectIntEQ(CMAC_Update(cmacCtx, NULL, AES_128_KEY_SIZE), 1);
+ /* Test parameters with CMAC_Final. */
+ ExpectIntEQ(CMAC_Final(NULL, NULL, NULL), 0);
+ ExpectIntEQ(CMAC_Final(NULL, out, NULL), 0);
+ ExpectIntEQ(CMAC_Final(NULL, NULL, &outLen), 0);
+ ExpectIntEQ(CMAC_Final(NULL, out, &outLen), 0);
+ ExpectIntEQ(CMAC_Final(cmacCtx, NULL, NULL), 1);
+ ExpectIntEQ(CMAC_Final(cmacCtx, NULL, &outLen), 1);
+ ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
CMAC_CTX_free(cmacCtx);
- /* give a key too small for the cipher, verify we get failure */
+ /* Test parameters with CMAC Init. */
cmacCtx = NULL;
ExpectNotNull(cmacCtx = CMAC_CTX_new());
ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
+ ExpectIntEQ(CMAC_Init(NULL, NULL, 0, NULL, NULL), 0);
+ ExpectIntEQ(CMAC_Init(NULL, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
+ NULL), 0);
+ ExpectIntEQ(CMAC_Init(cmacCtx, NULL, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
+ NULL), 0);
+ /* give a key too small for the cipher, verify we get failure */
ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_192_cbc(),
- NULL), SSL_FAILURE);
+ NULL), 0);
+ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, NULL, NULL), 0);
+ #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
+ /* Only AES-CBC supported. */
+ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_gcm(),
+ NULL), 0);
+ #endif
CMAC_CTX_free(cmacCtx);
- res = EXPECT_RESULT();
+ ExpectNull(CMAC_CTX_get0_cipher_ctx(NULL));
+ cmacCtx = NULL;
+ ExpectNotNull(cmacCtx = CMAC_CTX_new());
+ /* No Init. */
+ ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 0);
+ CMAC_CTX_free(cmacCtx);
+
+ /* Test AES-256-CBC */
+ cmacCtx = NULL;
+ ExpectNotNull(cmacCtx = CMAC_CTX_new());
+ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_256_KEY_SIZE, EVP_aes_256_cbc(),
+ NULL), 1);
+ ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
+ ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
+ CMAC_CTX_free(cmacCtx);
+
+ /* Test AES-192-CBC */
+ cmacCtx = NULL;
+ ExpectNotNull(cmacCtx = CMAC_CTX_new());
+ ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
+ NULL), 1);
+ ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
+ ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
+ CMAC_CTX_free(cmacCtx);
+
+ cmacCtx = NULL;
+ ExpectNotNull(cmacCtx = CMAC_CTX_new());
+ CMAC_CTX_free(cmacCtx);
#endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
- return res;
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
+ const_DES_cblock myDes;
+ DES_cblock iv;
+ DES_key_schedule key;
+ word32 i;
+ DES_LONG dl;
+ unsigned char msg[] = "hello wolfssl";
+ unsigned char weakKey[][8] = {
+ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
+ { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
+ { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
+ { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }
+ };
+ unsigned char semiWeakKey[][8] = {
+ { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
+ { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
+ { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
+ { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
+ { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
+ { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
+ { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
+ { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
+ { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
+ { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
+ { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
+ { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
+ };
+
+ DES_check_key(1);
+ DES_set_key(&myDes, &key);
+
+ /* check, check of odd parity */
+ XMEMSET(myDes, 4, sizeof(const_DES_cblock));
+ myDes[0] = 6; /* set even parity */
+ XMEMSET(key, 5, sizeof(DES_key_schedule));
+ ExpectIntEQ(DES_set_key_checked(&myDes, &key), -1);
+ ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
+ ExpectIntEQ(DES_set_key_checked(NULL, NULL), -2);
+ ExpectIntEQ(DES_set_key_checked(&myDes, NULL), -2);
+ ExpectIntEQ(DES_set_key_checked(NULL, &key), -2);
+
+ /* set odd parity for success case */
+ DES_set_odd_parity(&myDes);
+ ExpectIntEQ(DES_check_key_parity(&myDes), 1);
+ fprintf(stderr, "%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2],
+ myDes[3]);
+ ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
+ for (i = 0; i < sizeof(DES_key_schedule); i++) {
+ ExpectIntEQ(key[i], myDes[i]);
+ }
+ ExpectIntEQ(DES_is_weak_key(&myDes), 0);
+
+ /* check weak key */
+ XMEMSET(myDes, 1, sizeof(const_DES_cblock));
+ XMEMSET(key, 5, sizeof(DES_key_schedule));
+ ExpectIntEQ(DES_set_key_checked(&myDes, &key), -2);
+ ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
+
+ DES_set_key_unchecked(NULL, NULL);
+ DES_set_key_unchecked(&myDes, NULL);
+ DES_set_key_unchecked(NULL, &key);
+ /* compare arrays, should be the same */
+ /* now do unchecked copy of a weak key over */
+ DES_set_key_unchecked(&myDes, &key);
+ /* compare arrays, should be the same */
+ for (i = 0; i < sizeof(DES_key_schedule); i++) {
+ ExpectIntEQ(key[i], myDes[i]);
+ }
+ ExpectIntEQ(DES_is_weak_key(&myDes), 1);
+
+ myDes[7] = 2;
+ ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
+ ExpectIntEQ(DES_is_weak_key(&myDes), 0);
+ ExpectIntEQ(DES_is_weak_key(NULL), 1);
+
+ /* Test all weak keys. */
+ for (i = 0; i < sizeof(weakKey) / sizeof(*weakKey); i++) {
+ ExpectIntEQ(DES_set_key_checked(&weakKey[i], &key), -2);
+ }
+ /* Test all semi-weak keys. */
+ for (i = 0; i < sizeof(semiWeakKey) / sizeof(*semiWeakKey); i++) {
+ ExpectIntEQ(DES_set_key_checked(&semiWeakKey[i], &key), -2);
+ }
+
+ /* check DES_key_sched API */
+ XMEMSET(key, 1, sizeof(DES_key_schedule));
+ ExpectIntEQ(DES_key_sched(&myDes, NULL), 0);
+ ExpectIntEQ(DES_key_sched(NULL, &key), 0);
+ ExpectIntEQ(DES_key_sched(&myDes, &key), 0);
+ /* compare arrays, should be the same */
+ for (i = 0; i < sizeof(DES_key_schedule); i++) {
+ ExpectIntEQ(key[i], myDes[i]);
+ }
+
+
+ ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, NULL)), 0);
+ ExpectIntEQ((DES_cbc_cksum(msg, NULL, 0, NULL, NULL)), 0);
+ ExpectIntEQ((DES_cbc_cksum(NULL, &key, 0, NULL, NULL)), 0);
+ ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, &myDes, NULL)), 0);
+ ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, &iv)), 0);
+ ExpectIntEQ((DES_cbc_cksum(NULL, &key, sizeof(msg), &myDes, &iv)), 0);
+ ExpectIntEQ((DES_cbc_cksum(msg, NULL, sizeof(msg), &myDes, &iv)), 0);
+ ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), NULL, &iv)), 0);
+ ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, NULL)), 0);
+ /* DES_cbc_cksum should return the last 4 of the last 8 bytes after
+ * DES_cbc_encrypt on the input */
+ XMEMSET(iv, 0, sizeof(DES_cblock));
+ XMEMSET(myDes, 5, sizeof(DES_key_schedule));
+ ExpectIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0);
+ ExpectIntEQ(dl, 480052723);
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES_ncbc(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
+ const_DES_cblock myDes;
+ DES_cblock iv = {1};
+ DES_key_schedule key = {0};
+ unsigned char msg[] = "hello wolfssl";
+ unsigned char out[DES_BLOCK_SIZE * 2] = {0};
+ unsigned char pln[DES_BLOCK_SIZE * 2] = {0};
+
+ unsigned char exp[] = {0x31, 0x98, 0x2F, 0x3A, 0x55, 0xBF, 0xD8, 0xC4};
+ unsigned char exp2[] = {0xC7, 0x45, 0x8B, 0x28, 0x10, 0x53, 0xE0, 0x58};
+
+ /* partial block test */
+ DES_set_key(&key, &myDes);
+ DES_ncbc_encrypt(msg, out, 3, &myDes, &iv, DES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(exp, out, DES_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
+
+ DES_set_key(&key, &myDes);
+ XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
+ *((byte*)&iv) = 1;
+ DES_ncbc_encrypt(out, pln, 3, &myDes, &iv, DES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(msg, pln, 3), 0);
+ ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
+
+ /* full block test */
+ DES_set_key(&key, &myDes);
+ XMEMSET(pln, 0, DES_BLOCK_SIZE);
+ XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
+ *((byte*)&iv) = 1;
+ DES_ncbc_encrypt(msg, out, 8, &myDes, &iv, DES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(exp2, out, DES_BLOCK_SIZE), 0);
+ ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
+
+ DES_set_key(&key, &myDes);
+ XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
+ *((byte*)&iv) = 1;
+ DES_ncbc_encrypt(out, pln, 8, &myDes, &iv, DES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(msg, pln, 8), 0);
+ ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES_ecb_encrypt(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
+ WOLFSSL_DES_cblock input1, input2, output1, output2, back1, back2;
+ WOLFSSL_DES_key_schedule key;
+
+ XMEMCPY(key, "12345678", sizeof(WOLFSSL_DES_key_schedule));
+ XMEMCPY(input1, "Iamhuman", sizeof(WOLFSSL_DES_cblock));
+ XMEMCPY(input2, "Whoisit?", sizeof(WOLFSSL_DES_cblock));
+ XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
+ XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
+ XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
+ XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
+
+ wolfSSL_DES_ecb_encrypt(NULL, NULL, NULL, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(&input1, NULL, NULL, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(NULL, &output1, NULL, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(NULL, NULL, &key, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(&input1, &output1, NULL, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(&input1, NULL, &key, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(NULL, &output1, &key, DES_ENCRYPT);
+
+ /* Encrypt messages */
+ wolfSSL_DES_ecb_encrypt(&input1, &output1, &key, DES_ENCRYPT);
+ wolfSSL_DES_ecb_encrypt(&input2, &output2, &key, DES_ENCRYPT);
+
+ {
+ /* Decrypt messages */
+ int ret1 = 0;
+ int ret2 = 0;
+ wolfSSL_DES_ecb_encrypt(&output1, &back1, &key, DES_DECRYPT);
+ ExpectIntEQ(ret1 = XMEMCMP((unsigned char *)back1,
+ (unsigned char *)input1, sizeof(WOLFSSL_DES_cblock)), 0);
+ wolfSSL_DES_ecb_encrypt(&output2, &back2, &key, DES_DECRYPT);
+ ExpectIntEQ(ret2 = XMEMCMP((unsigned char *)back2,
+ (unsigned char *)input2, sizeof(WOLFSSL_DES_cblock)), 0);
+ }
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES_ede3_cbc_encrypt(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
+ unsigned char input1[8], input2[8];
+ unsigned char output1[8], output2[8];
+ unsigned char back1[8], back2[8];
+ WOLFSSL_DES_cblock iv1, iv2;
+ WOLFSSL_DES_key_schedule key1, key2, key3;
+ int i;
+
+ XMEMCPY(key1, "12345678", sizeof(WOLFSSL_DES_key_schedule));
+ XMEMCPY(key2, "23456781", sizeof(WOLFSSL_DES_key_schedule));
+ XMEMCPY(key3, "34567823", sizeof(WOLFSSL_DES_key_schedule));
+ XMEMCPY(input1, "Iamhuman", sizeof(input1));
+ XMEMCPY(input2, "Whoisit?", sizeof(input2));
+
+ XMEMSET(output1, 0, sizeof(output1));
+ XMEMSET(output2, 0, sizeof(output2));
+ XMEMSET(back1, 0, sizeof(back1));
+ XMEMSET(back2, 0, sizeof(back2));
+
+ XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+ XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+ /* Encrypt messages */
+ wolfSSL_DES_ede3_cbc_encrypt(input1, output1, 8, &key1, &key2, &key3, &iv1,
+ DES_ENCRYPT);
+ wolfSSL_DES_ede3_cbc_encrypt(input2, output2, 8, &key1, &key2, &key3, &iv2,
+ DES_ENCRYPT);
+
+ {
+ XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+ XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+ /* Decrypt messages */
+ wolfSSL_DES_ede3_cbc_encrypt(output1, back1, 8, &key1, &key2, &key3,
+ &iv1, DES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(back1, input1, sizeof(input1)), 0);
+ wolfSSL_DES_ede3_cbc_encrypt(output2, back2, 8, &key1, &key2, &key3,
+ &iv2, DES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(back2, input2, sizeof(input2)), 0);
+ }
+
+ for (i = 0; i < 8; i++) {
+ XMEMSET(output1, 0, sizeof(output1));
+ XMEMSET(output2, 0, sizeof(output2));
+ XMEMSET(back1, 0, sizeof(back1));
+ XMEMSET(back2, 0, sizeof(back2));
+
+ XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+ XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+ /* Encrypt partial messages */
+ wolfSSL_DES_ede3_cbc_encrypt(input1, output1, i, &key1, &key2, &key3,
+ &iv1, DES_ENCRYPT);
+ wolfSSL_DES_ede3_cbc_encrypt(input2, output2, i, &key1, &key2, &key3,
+ &iv2, DES_ENCRYPT);
+
+ {
+ XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+ XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+ /* Decrypt messages */
+ wolfSSL_DES_ede3_cbc_encrypt(output1, back1, i, &key1, &key2,
+ &key3, &iv1, DES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(back1, input1, i), 0);
+ wolfSSL_DES_ede3_cbc_encrypt(output2, back2, i, &key1, &key2,
+ &key3, &iv2, DES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(back2, input2, i), 0);
+ }
+ }
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_encrypt(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
+ && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+ AES_KEY enc;
+ AES_KEY dec;
+ const byte msg[] = {
+ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ };
+ const byte exp[] = {
+ 0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
+ 0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
+ };
+ const byte key[] = {
+ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+ };
+ byte eout[sizeof(msg)];
+ byte dout[sizeof(msg)];
+
+ ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &enc), 0);
+ ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &dec), 0);
+
+ wolfSSL_AES_encrypt(NULL, NULL, NULL);
+ wolfSSL_AES_encrypt(msg, NULL, NULL);
+ wolfSSL_AES_encrypt(NULL, eout, NULL);
+ wolfSSL_AES_encrypt(NULL, NULL, &enc);
+ wolfSSL_AES_encrypt(msg, eout, NULL);
+ wolfSSL_AES_encrypt(msg, NULL, &enc);
+ wolfSSL_AES_encrypt(NULL, eout, &enc);
+
+ wolfSSL_AES_decrypt(NULL, NULL, NULL);
+ wolfSSL_AES_decrypt(eout, NULL, NULL);
+ wolfSSL_AES_decrypt(NULL, dout, NULL);
+ wolfSSL_AES_decrypt(NULL, NULL, &dec);
+ wolfSSL_AES_decrypt(eout, dout, NULL);
+ wolfSSL_AES_decrypt(eout, NULL, &dec);
+ wolfSSL_AES_decrypt(NULL, dout, &dec);
+
+ wolfSSL_AES_encrypt(msg, eout, &enc);
+ ExpectIntEQ(XMEMCMP(eout, exp, AES_BLOCK_SIZE), 0);
+ wolfSSL_AES_decrypt(eout, dout, &dec);
+ ExpectIntEQ(XMEMCMP(dout, msg, AES_BLOCK_SIZE), 0);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_ecb_encrypt(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
+ && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+ AES_KEY aes;
+ const byte msg[] =
+ {
+ 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+ };
+
+ const byte verify[] =
+ {
+ 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
+ 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
+ };
+
+ const byte key[] =
+ {
+ 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+ 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+ 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+ 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
+ };
+
+
+ byte out[AES_BLOCK_SIZE];
+
+ ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
+
+#ifdef HAVE_AES_DECRYPT
+ ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
+#endif
+
+ /* test bad arguments */
+ AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
+ AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
+ AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_cbc_encrypt(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \
+ !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+ AES_KEY aes;
+ AES_KEY* aesN = NULL;
+ size_t len = 0;
+ size_t lenB = 0;
+ int keySz0 = 0;
+ int keySzN = -1;
+ byte out[AES_BLOCK_SIZE] = {0};
+ byte* outN = NULL;
+
+ /* Test vectors retrieved from:
+ * <begin URL>
+ * https://csrc.nist.gov/
+ * CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/
+ * documents/aes/KAT_AES.zip
+ * </end URL>
+ */
+ const byte* pt128N = NULL;
+ byte* key128N = NULL;
+ byte* iv128N = NULL;
+ byte iv128tmp[AES_BLOCK_SIZE] = {0};
+
+ const byte pt128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
+
+ const byte ct128[] = { 0x87,0x85,0xb1,0xa7,0x5b,0x0f,0x3b,0xd9,
+ 0x58,0xdc,0xd0,0xe2,0x93,0x18,0xc5,0x21 };
+
+ const byte iv128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
+
+ byte key128[] = { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
+ 0xff,0xff,0xf0,0x00,0x00,0x00,0x00,0x00 };
+
+
+ len = sizeof(pt128);
+
+ #define STRESS_T(a, b, c, d, e, f, g, h, i) \
+ wolfSSL_AES_cbc_encrypt(a, b, c, d, e, f); \
+ ExpectIntNE(XMEMCMP(b, g, h), i)
+
+ #define RESET_IV(x, y) XMEMCPY(x, y, AES_BLOCK_SIZE)
+
+ /* Stressing wolfSSL_AES_cbc_encrypt() */
+ STRESS_T(pt128N, out, len, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
+ STRESS_T(pt128, out, len, &aes, iv128N, 1, ct128, AES_BLOCK_SIZE, 0);
+
+ wolfSSL_AES_cbc_encrypt(pt128, outN, len, &aes, iv128tmp, AES_ENCRYPT);
+ ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
+ wolfSSL_AES_cbc_encrypt(pt128, out, len, aesN, iv128tmp, AES_ENCRYPT);
+ ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
+
+ STRESS_T(pt128, out, lenB, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
+
+ /* Stressing wolfSSL_AES_set_encrypt_key */
+ ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128N, sizeof(key128)*8, &aes),0);
+ ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, aesN),0);
+ ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySz0, &aes), 0);
+ ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySzN, &aes), 0);
+
+ /* Stressing wolfSSL_AES_set_decrypt_key */
+ ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, &aes),0);
+ ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, aesN),0);
+ ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySz0, &aes), 0);
+ ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySzN, &aes), 0);
+
+ #ifdef WOLFSSL_AES_128
+
+ /* wolfSSL_AES_cbc_encrypt() 128-bit */
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ RESET_IV(iv128tmp, iv128);
+
+ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, &aes), 0);
+ wolfSSL_AES_cbc_encrypt(pt128, out, len, &aes, iv128tmp, AES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
+ wc_AesFree((Aes*)&aes);
+
+ #ifdef HAVE_AES_DECRYPT
+
+ /* wolfSSL_AES_cbc_encrypt() 128-bit in decrypt mode */
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ RESET_IV(iv128tmp, iv128);
+ len = sizeof(ct128);
+
+ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key128, sizeof(key128)*8, &aes), 0);
+ wolfSSL_AES_cbc_encrypt(ct128, out, len, &aes, iv128tmp, AES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(out, pt128, AES_BLOCK_SIZE), 0);
+ wc_AesFree((Aes*)&aes);
+
+ #endif
+
+ #endif /* WOLFSSL_AES_128 */
+ #ifdef WOLFSSL_AES_192
+ {
+ /* Test vectors from NIST Special Publication 800-38A, 2001 Edition
+ * Appendix F.2.3 */
+
+ byte iv192tmp[AES_BLOCK_SIZE] = {0};
+
+ const byte pt192[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
+
+ const byte ct192[] = { 0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d,
+ 0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8 };
+
+ const byte iv192[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
+
+ byte key192[] = { 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
+ 0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
+ 0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b };
+
+ len = sizeof(pt192);
+
+ /* wolfSSL_AES_cbc_encrypt() 192-bit */
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ RESET_IV(iv192tmp, iv192);
+
+ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key192, sizeof(key192)*8, &aes), 0);
+ wolfSSL_AES_cbc_encrypt(pt192, out, len, &aes, iv192tmp, AES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(out, ct192, AES_BLOCK_SIZE), 0);
+ wc_AesFree((Aes*)&aes);
+
+ #ifdef HAVE_AES_DECRYPT
+
+ /* wolfSSL_AES_cbc_encrypt() 192-bit in decrypt mode */
+ len = sizeof(ct192);
+ RESET_IV(iv192tmp, iv192);
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+
+ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key192, sizeof(key192)*8, &aes), 0);
+ wolfSSL_AES_cbc_encrypt(ct192, out, len, &aes, iv192tmp, AES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(out, pt192, AES_BLOCK_SIZE), 0);
+ wc_AesFree((Aes*)&aes);
+
+ #endif
+ }
+ #endif /* WOLFSSL_AES_192 */
+ #ifdef WOLFSSL_AES_256
+ {
+ /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
+ * Appendix F.2.5 */
+ byte iv256tmp[AES_BLOCK_SIZE] = {0};
+
+ const byte pt256[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+ 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
+
+ const byte ct256[] = { 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
+ 0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6 };
+
+ const byte iv256[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
+
+ byte key256[] = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+ 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+ 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+ 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 };
+
+
+ len = sizeof(pt256);
+
+ /* wolfSSL_AES_cbc_encrypt() 256-bit */
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ RESET_IV(iv256tmp, iv256);
+
+ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
+ wolfSSL_AES_cbc_encrypt(pt256, out, len, &aes, iv256tmp, AES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(out, ct256, AES_BLOCK_SIZE), 0);
+ wc_AesFree((Aes*)&aes);
+
+ #ifdef HAVE_AES_DECRYPT
+
+ /* wolfSSL_AES_cbc_encrypt() 256-bit in decrypt mode */
+ len = sizeof(ct256);
+ RESET_IV(iv256tmp, iv256);
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+
+ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
+ wolfSSL_AES_cbc_encrypt(ct256, out, len, &aes, iv256tmp, AES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(out, pt256, AES_BLOCK_SIZE), 0);
+ wc_AesFree((Aes*)&aes);
+
+ #endif
+
+ #if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && \
+ !defined(HAVE_SELFTEST)
+ {
+ byte wrapCipher[sizeof(key256) + KEYWRAP_BLOCK_SIZE] = { 0 };
+ byte wrapPlain[sizeof(key256)] = { 0 };
+ byte wrapIV[KEYWRAP_BLOCK_SIZE] = { 0 };
+
+ /* wolfSSL_AES_wrap_key() 256-bit NULL iv */
+ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
+ 15), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
+ sizeof(key256)), sizeof(wrapCipher));
+ wc_AesFree((Aes*)&aes);
+
+ /* wolfSSL_AES_unwrap_key() 256-bit NULL iv */
+ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
+ 23), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
+ sizeof(wrapCipher)), sizeof(wrapPlain));
+ ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
+ XMEMSET(wrapCipher, 0, sizeof(wrapCipher));
+ XMEMSET(wrapPlain, 0, sizeof(wrapPlain));
+ wc_AesFree((Aes*)&aes);
+
+ /* wolfSSL_AES_wrap_key() 256-bit custom iv */
+ ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, key256,
+ sizeof(key256)), sizeof(wrapCipher));
+ wc_AesFree((Aes*)&aes);
+
+ /* wolfSSL_AES_unwrap_key() 256-bit custom iv */
+ ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, wrapPlain, wrapCipher,
+ sizeof(wrapCipher)), sizeof(wrapPlain));
+ ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
+ wc_AesFree((Aes*)&aes);
+
+ ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, NULL, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, NULL, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, wrapCipher, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, key256, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, wrapCipher, key256, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, NULL, key256, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, NULL, 0), 0);
+
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, NULL, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, NULL, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, wrapPlain, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, wrapCipher, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, wrapPlain, wrapCipher, 0),
+ 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher, 0),
+ 0);
+ ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, NULL, wrapCipher, 0), 0);
+ ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapPlain, NULL, 0), 0);
+ }
+ #endif /* HAVE_AES_KEYWRAP */
+ }
+ #endif /* WOLFSSL_AES_256 */
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_cfb128_encrypt(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(WOLFSSL_AES_CFB) && \
+ !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+ AES_KEY aesEnc;
+ AES_KEY aesDec;
+ const byte msg[] = {
+ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+ 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+ };
+ const byte exp[] = {
+ 0x16, 0xc9, 0x90, 0x6c, 0x04, 0x0c, 0xd1, 0x2f,
+ 0x84, 0x7b, 0x18, 0xed, 0xed, 0x6a, 0xb5, 0xfd
+ };
+ const byte key[] = {
+ 0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+ };
+ const byte ivData[] = {
+ 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+ 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+ };
+ byte out[AES_BLOCK_SIZE];
+ byte iv[AES_BLOCK_SIZE];
+ word32 i;
+ int num;
+
+ ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0);
+ XMEMCPY(iv, ivData, sizeof(iv));
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ AES_cfb128_encrypt(msg, out, sizeof(msg), &aesEnc, iv, NULL, AES_ENCRYPT);
+ ExpectIntEQ(XMEMCMP(out, exp, sizeof(msg)), 0);
+ ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+
+#ifdef HAVE_AES_DECRYPT
+ ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0);
+ XMEMCPY(iv, ivData, sizeof(iv));
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ AES_cfb128_encrypt(exp, out, sizeof(msg), &aesDec, iv, NULL, AES_DECRYPT);
+ ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0);
+ ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+#endif
+
+ for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(msg)); i++) {
+ ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0);
+ XMEMCPY(iv, ivData, sizeof(iv));
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ AES_cfb128_encrypt(msg, out, i, &aesEnc, iv, &num, AES_ENCRYPT);
+ ExpectIntEQ(num, i % AES_BLOCK_SIZE);
+ ExpectIntEQ(XMEMCMP(out, exp, i), 0);
+ if (i == 0) {
+ ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+ }
+ else {
+ ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+ }
+
+ #ifdef HAVE_AES_DECRYPT
+ ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0);
+ XMEMCPY(iv, ivData, sizeof(iv));
+ XMEMSET(out, 0, AES_BLOCK_SIZE);
+ AES_cfb128_encrypt(exp, out, i, &aesDec, iv, &num, AES_DECRYPT);
+ ExpectIntEQ(num, i % AES_BLOCK_SIZE);
+ ExpectIntEQ(XMEMCMP(out, msg, i), 0);
+ if (i == 0) {
+ ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+ }
+ else {
+ ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+ }
+ #endif
+ }
+
+ if (EXPECT_SUCCESS()) {
+ /* test bad arguments */
+ AES_cfb128_encrypt(NULL, NULL, 0, NULL, NULL, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(msg, NULL, 0, NULL, NULL, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(NULL, out, 0, NULL, NULL, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(NULL, NULL, 0, &aesDec, NULL, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(NULL, NULL, 0, NULL, iv, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(NULL, out, 0, &aesDec, iv, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(msg, NULL, 0, &aesDec, iv, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(msg, out, 0, NULL, iv, NULL, AES_DECRYPT);
+ AES_cfb128_encrypt(msg, out, 0, &aesDec, NULL, NULL, AES_DECRYPT);
+ }
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_CRYPTO_cts128(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \
+ defined(HAVE_CTS) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+ byte tmp[64]; /* Largest vector size */
+ /* Test vectors taken form RFC3962 Appendix B */
+ const testVector vects[] = {
+ {
+ "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+ "\x20",
+ "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
+ "\x97",
+ 17, 17
+ },
+ {
+ "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+ "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
+ "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
+ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
+ 31, 31
+ },
+ {
+ "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+ "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
+ "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
+ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
+ 32, 32
+ },
+ {
+ "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+ "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
+ "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
+ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
+ "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
+ "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
+ 47, 47
+ },
+ {
+ "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+ "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
+ "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
+ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
+ "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
+ "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
+ 48, 48
+ },
+ {
+ "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+ "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
+ "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
+ "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
+ "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
+ "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
+ "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
+ "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
+ 64, 64
+ }
+ };
+ byte keyBytes[AES_128_KEY_SIZE] = {
+ 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
+ 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
+ };
+ size_t i;
+ AES_KEY encKey;
+ byte iv[AES_IV_SIZE]; /* All-zero IV for all cases */
+
+ XMEMSET(tmp, 0, sizeof(tmp));
+
+ for (i = 0; i < sizeof(vects)/sizeof(vects[0]); i++) {
+ AES_KEY decKey;
+
+ ExpectIntEQ(AES_set_encrypt_key(keyBytes, AES_128_KEY_SIZE * 8,
+ &encKey), 0);
+ ExpectIntEQ(AES_set_decrypt_key(keyBytes, AES_128_KEY_SIZE * 8,
+ &decKey), 0);
+ XMEMSET(iv, 0, sizeof(iv));
+ ExpectIntEQ(CRYPTO_cts128_encrypt((const unsigned char*)vects[i].input,
+ tmp, vects[i].inLen, &encKey, iv, (cbc128_f)AES_cbc_encrypt),
+ vects[i].outLen);
+ ExpectIntEQ(XMEMCMP(tmp, vects[i].output, vects[i].outLen), 0);
+ XMEMSET(iv, 0, sizeof(iv));
+ ExpectIntEQ(CRYPTO_cts128_decrypt((const unsigned char*)vects[i].output,
+ tmp, vects[i].outLen, &decKey, iv, (cbc128_f)AES_cbc_encrypt),
+ vects[i].inLen);
+ ExpectIntEQ(XMEMCMP(tmp, vects[i].input, vects[i].inLen), 0);
+ }
+
+ ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, NULL, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, NULL, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, iv, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, &encKey, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, &encKey, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, NULL, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, NULL,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, iv, NULL), 0);
+ /* Length too small. */
+ ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 0, &encKey, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+
+ ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, NULL, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, NULL, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, iv, NULL), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, &encKey, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, &encKey, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, NULL, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, NULL,
+ (cbc128_f)AES_cbc_encrypt), 0);
+ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, iv, NULL), 0);
+ /* Length too small. */
+ ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 0, &encKey, iv,
+ (cbc128_f)AES_cbc_encrypt), 0);
+#endif /* !NO_AES && HAVE_AES_CBC && OPENSSL_EXTRA && HAVE_CTS */
+ return EXPECT_RESULT();
}
+static int test_wolfSSL_RC4(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_RC4) && defined(OPENSSL_EXTRA)
+ WOLFSSL_RC4_KEY rc4Key;
+ unsigned char key[] = {
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ };
+ unsigned char data[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ };
+ unsigned char enc[sizeof(data)];
+ unsigned char dec[sizeof(data)];
+ word32 i;
+ word32 j;
+
+ wolfSSL_RC4_set_key(NULL, -1, NULL);
+ wolfSSL_RC4_set_key(&rc4Key, -1, NULL);
+ wolfSSL_RC4_set_key(NULL, 0, NULL);
+ wolfSSL_RC4_set_key(NULL, -1, key);
+ wolfSSL_RC4_set_key(&rc4Key, 0, NULL);
+ wolfSSL_RC4_set_key(&rc4Key, -1, key);
+ wolfSSL_RC4_set_key(NULL, 0, key);
+
+ wolfSSL_RC4(NULL, 0, NULL, NULL);
+ wolfSSL_RC4(&rc4Key, 0, NULL, NULL);
+ wolfSSL_RC4(NULL, 0, data, NULL);
+ wolfSSL_RC4(NULL, 0, NULL, enc);
+ wolfSSL_RC4(&rc4Key, 0, data, NULL);
+ wolfSSL_RC4(&rc4Key, 0, NULL, enc);
+ wolfSSL_RC4(NULL, 0, data, enc);
+
+ ExpectIntEQ(1, 1);
+ for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(key)); i++) {
+ for (j = 0; EXPECT_SUCCESS() && (j <= sizeof(data)); j++) {
+ XMEMSET(enc, 0, sizeof(enc));
+ XMEMSET(dec, 0, sizeof(dec));
+
+ /* Encrypt */
+ wolfSSL_RC4_set_key(&rc4Key, i, key);
+ wolfSSL_RC4(&rc4Key, j, data, enc);
+ /* Decrypt */
+ wolfSSL_RC4_set_key(&rc4Key, i, key);
+ wolfSSL_RC4(&rc4Key, j, enc, dec);
+
+ ExpectIntEQ(XMEMCMP(dec, data, j), 0);
+ }
+ }
+#endif
+ return EXPECT_RESULT();
+}
static int test_wolfSSL_OBJ(void)
{
/* Password "wolfSSL test" is only 12 (96-bit) too short for testing in FIPS
* mode
*/
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_ASN) && \
!defined(HAVE_FIPS) && !defined(NO_SHA) && defined(WOLFSSL_CERT_EXT) && \
defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO)
- EXPECT_DECLS;
ASN1_OBJECT *obj = NULL;
ASN1_OBJECT *obj2 = NULL;
char buf[50];
@@ -44266,17 +43255,14 @@ static int test_wolfSSL_OBJ(void)
}
}
#endif /* HAVE_PKCS12 */
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_cmp(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
ASN1_OBJECT *obj = NULL;
ASN1_OBJECT *obj2 = NULL;
@@ -44292,17 +43278,15 @@ static int test_wolfSSL_OBJ_cmp(void)
ASN1_OBJECT_free(obj);
ASN1_OBJECT_free(obj2);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_txt2nid(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_WOLFSSL_STUB) && defined(WOLFSSL_APACHE_HTTPD)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(WOLFSSL_APACHE_HTTPD)
int i;
static const struct {
const char* sn;
@@ -44310,11 +43294,13 @@ static int test_wolfSSL_OBJ_txt2nid(void)
const char* oid;
int nid;
} testVals[] = {
+#ifdef WOLFSSL_APACHE_HTTPD
{ "tlsfeature", "TLS Feature", "1.3.6.1.5.5.7.1.24", NID_tlsfeature },
{ "id-on-dnsSRV", "SRVName", "1.3.6.1.5.5.7.8.7",
NID_id_on_dnsSRV },
{ "msUPN", "Microsoft User Principal Name",
"1.3.6.1.4.1.311.20.2.3", NID_ms_upn },
+#endif
{ NULL, NULL, NULL, NID_undef }
};
@@ -44328,18 +43314,15 @@ static int test_wolfSSL_OBJ_txt2nid(void)
ExpectIntEQ(OBJ_txt2nid(testVals[i].ln), testVals[i].nid);
ExpectIntEQ(OBJ_txt2nid(testVals[i].oid), testVals[i].nid);
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_txt2obj(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_APACHE_HTTPD) || (defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN))
- EXPECT_DECLS;
int i;
char buf[50];
ASN1_OBJECT* obj = NULL;
@@ -44413,20 +43396,17 @@ static int test_wolfSSL_OBJ_txt2obj(void)
ASN1_OBJECT_free(obj);
obj = NULL;
}
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_bio_X509(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(OPENSSL_ALL) && \
defined(WOLFSSL_AKID_NAME) && defined(WOLFSSL_CERT_EXT) && \
defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO) && !defined(NO_RSA) && \
!defined(NO_FILESYSTEM)
- EXPECT_DECLS;
/* This test contains the hard coded expected
* lengths. Update if necessary */
XFILE fp = XBADFILE;
@@ -44565,18 +43545,15 @@ static int test_wolfSSL_PEM_write_bio_X509(void)
X509_free(x509b);
BIO_free(input);
BIO_free(output);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_NAME_ENTRY(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
- EXPECT_DECLS;
X509* x509 = NULL;
#ifndef NO_BIO
BIO* bio = NULL;
@@ -44647,6 +43624,7 @@ static int test_wolfSSL_X509_NAME_ENTRY(void)
ExpectNotNull(subject = X509_NAME_oneline(nm, 0, 0));
ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila"));
+ ExpectNotNull(XSTRSTR(subject, "contentType=Server"));
#ifdef DEBUG_WOLFSSL
if (subject != NULL) {
fprintf(stderr, "\n\t%s\n", subject);
@@ -44685,25 +43663,21 @@ static int test_wolfSSL_X509_NAME_ENTRY(void)
BIO_free(bio);
#endif
X509_free(x509); /* free's nm */
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
-/* Note the lack of wolfSSL_ prefix...this is a compatability layer test. */
+/* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */
static int test_GENERAL_NAME_set0_othername(void) {
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \
- defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
+ defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_FPKI)
/* ./configure --enable-opensslall --enable-certgen --enable-certreq
* --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID
* -DWOLFSSL_ALT_NAMES -DWOLFSSL_FPKI' */
-
- EXPECT_DECLS;
const char * cert_fname = "./certs/server-cert.der";
const char * key_fname = "./certs/server-key.der";
X509* x509 = NULL;
@@ -44773,26 +43747,21 @@ static int test_GENERAL_NAME_set0_othername(void) {
X509_EXTENSION_free(ext);
X509_free(x509);
EVP_PKEY_free(priv);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
-/* Note the lack of wolfSSL_ prefix...this is a compatability layer test. */
+/* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */
static int test_othername_and_SID_ext(void) {
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \
defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_FPKI) && defined(WOLFSSL_ASN_TEMPLATE)
-
/* ./configure --enable-opensslall --enable-certgen --enable-certreq
* --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID
* -DWOLFSSL_ALT_NAMES -DWOLFSSL_FPKI' */
-
- EXPECT_DECLS;
const char* csr_fname = "./certs/csr.signed.der";
const char* key_fname = "./certs/server-key.der";
@@ -44938,17 +43907,15 @@ static int test_othername_and_SID_ext(void) {
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
X509_REQ_free(x509);
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_name(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
- EXPECT_DECLS;
X509* x509 = NULL;
X509_NAME* name = NULL;
@@ -44973,22 +43940,19 @@ static int test_wolfSSL_X509_set_name(void)
X509_free(x509);
X509_NAME_free(name);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_ALL && !NO_CERTS */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_notAfter(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \
&& !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
!defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) &&\
!defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT) && !defined(NO_BIO)
/* Generalized time will overflow time_t if not long */
- EXPECT_DECLS;
X509* x = NULL;
BIO* bio = NULL;
ASN1_TIME *asn_time = NULL;
@@ -45036,20 +44000,17 @@ static int test_wolfSSL_X509_set_notAfter(void)
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
X509_free(x);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_notBefore(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \
&& !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
!defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO)
- EXPECT_DECLS;
X509* x = NULL;
BIO* bio = NULL;
ASN1_TIME *asn_time = NULL;
@@ -45100,18 +44061,15 @@ static int test_wolfSSL_X509_set_notBefore(void)
XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
X509_free(x);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_set_version(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
!defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
- EXPECT_DECLS;
X509* x509 = NULL;
long v = 2L;
long maxInt = INT_MAX;
@@ -45129,27 +44087,32 @@ static int test_wolfSSL_X509_set_version(void)
/* Cleanup */
X509_free(x509);
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_BIO_gets(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
BIO* bio = NULL;
BIO* bio2 = NULL;
char msg[] = "\nhello wolfSSL\n security plus\t---...**adf\na...b.c";
char emp[] = "";
char bio_buffer[20];
int bufferSz = 20;
+#ifdef OPENSSL_ALL
+ BUF_MEM* emp_bm = NULL;
+ BUF_MEM* msg_bm = NULL;
+#endif
/* try with bad args */
ExpectNull(bio = BIO_new_mem_buf(NULL, sizeof(msg)));
+#ifdef OPENSSL_ALL
+ ExpectIntEQ(BIO_set_mem_buf(bio, NULL, BIO_NOCLOSE), BAD_FUNC_ARG);
+#endif
/* try with real msg */
ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1));
@@ -45171,6 +44134,49 @@ static int test_wolfSSL_BIO_gets(void)
ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
+#ifdef OPENSSL_ALL
+ /* test setting the mem_buf manually */
+ BIO_free(bio);
+ ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1));
+ ExpectNotNull(emp_bm = BUF_MEM_new());
+ ExpectNotNull(msg_bm = BUF_MEM_new());
+ ExpectIntEQ(BUF_MEM_grow(msg_bm, sizeof(msg)), sizeof(msg));
+ if (EXPECT_SUCCESS()) {
+ XFREE(msg_bm->data, NULL, DYNAMIC_TYPE_OPENSSL);
+ msg_bm->data = NULL;
+ }
+ /* emp size is 1 for terminator */
+ ExpectIntEQ(BUF_MEM_grow(emp_bm, sizeof(emp)), sizeof(emp));
+ if (EXPECT_SUCCESS()) {
+ XFREE(emp_bm->data, NULL, DYNAMIC_TYPE_OPENSSL);
+ emp_bm->data = emp;
+ msg_bm->data = msg;
+ }
+ ExpectIntEQ(BIO_set_mem_buf(bio, emp_bm, BIO_CLOSE), WOLFSSL_SUCCESS);
+
+ /* check reading an empty string */
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); /* just terminator */
+ ExpectStrEQ(emp, bio_buffer);
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */
+
+ /* BIO_gets reads a line of data */
+ ExpectIntEQ(BIO_set_mem_buf(bio, msg_bm, BIO_NOCLOSE), WOLFSSL_SUCCESS);
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0);
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1);
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14);
+ ExpectStrEQ(bio_buffer, "hello wolfSSL\n");
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19);
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
+ ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
+
+ if (EXPECT_SUCCESS())
+ emp_bm->data = NULL;
+ BUF_MEM_free(emp_bm);
+ if (EXPECT_SUCCESS())
+ msg_bm->data = NULL;
+ BUF_MEM_free(msg_bm);
+#endif
+
/* check not null terminated string */
BIO_free(bio);
bio = NULL;
@@ -45267,18 +44273,15 @@ static int test_wolfSSL_BIO_gets(void)
BIO_free(bio);
bio = NULL;
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_puts(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
BIO* bio = NULL;
char input[] = "hello\0world\n.....ok\n\0";
char output[128];
@@ -45298,17 +44301,14 @@ static int test_wolfSSL_BIO_puts(void)
ExpectIntEQ(BIO_puts(bio, ""), -1);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_dump(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
BIO* bio;
static const unsigned char data[] = {
0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
@@ -45366,9 +44366,8 @@ static int test_wolfSSL_BIO_dump(void)
ExpectIntEQ(XMEMCMP(output, expectedAll, sizeof(expectedAll) - 1), 0);
BIO_free(bio);
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
@@ -45386,11 +44385,10 @@ static int forceWantRead(WOLFSSL *ssl, char *buf, int sz, void *ctx)
static int test_wolfSSL_BIO_should_retry(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(USE_WOLFSSL_IO)
- EXPECT_DECLS;
tcp_ready ready;
func_args server_args;
THREAD_TYPE serverThread;
@@ -45434,12 +44432,11 @@ static int test_wolfSSL_BIO_should_retry(void)
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
/* force retry */
- ExpectNotNull(ssl = wolfSSL_new(ctx));
+ ExpectNotNull(bio = wolfSSL_BIO_new_ssl(ctx, 1));
+ ExpectIntEQ(BIO_get_ssl(bio, &ssl), 1);
+ ExpectNotNull(ssl);
ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
wolfSSL_SSLSetIORecv(ssl, forceWantRead);
-
- ExpectNotNull(bio = BIO_new(BIO_f_ssl()));
- ExpectIntEQ(BIO_set_ssl(bio, ssl, BIO_CLOSE), 1);
if (EXPECT_FAIL()) {
wolfSSL_free(ssl);
ssl = NULL;
@@ -45447,6 +44444,8 @@ static int test_wolfSSL_BIO_should_retry(void)
ExpectIntLE(BIO_write(bio, msg, msgSz), 0);
ExpectIntNE(BIO_should_retry(bio), 0);
+ ExpectIntEQ(BIO_should_read(bio), 0);
+ ExpectIntEQ(BIO_should_write(bio), 0);
/* now perform successful connection */
@@ -45456,9 +44455,21 @@ static int test_wolfSSL_BIO_should_retry(void)
ret = wolfSSL_get_error(ssl, -1);
if (ret == WOLFSSL_ERROR_WANT_READ || ret == WOLFSSL_ERROR_WANT_WRITE) {
ExpectIntNE(BIO_should_retry(bio), 0);
+
+ if (ret == WOLFSSL_ERROR_WANT_READ)
+ ExpectIntEQ(BIO_should_read(bio), 1);
+ else
+ ExpectIntEQ(BIO_should_read(bio), 0);
+
+ if (ret == WOLFSSL_ERROR_WANT_WRITE)
+ ExpectIntEQ(BIO_should_write(bio), 1);
+ else
+ ExpectIntEQ(BIO_should_write(bio), 0);
}
else {
ExpectIntEQ(BIO_should_retry(bio), 0);
+ ExpectIntEQ(BIO_should_read(bio), 0);
+ ExpectIntEQ(BIO_should_write(bio), 0);
}
ExpectIntEQ(XMEMCMP(reply, "I hear you fa shizzle!",
XSTRLEN("I hear you fa shizzle!")), 0);
@@ -45473,18 +44484,15 @@ static int test_wolfSSL_BIO_should_retry(void)
#ifdef WOLFSSL_TIRTOS
fdOpenSession(Task_self());
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_connect(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(HAVE_HTTP_CLIENT) && !defined(NO_WOLFSSL_CLIENT)
- EXPECT_DECLS;
tcp_ready ready;
func_args server_args;
THREAD_TYPE serverThread;
@@ -45584,18 +44592,15 @@ static int test_wolfSSL_BIO_connect(void)
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_tls(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
EXPECT_DECLS;
+#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
SSL_CTX* ctx = NULL;
SSL *ssl = NULL;
BIO *readBio = NULL;
@@ -45633,10 +44638,8 @@ static int test_wolfSSL_BIO_tls(void)
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
@@ -45666,16 +44669,15 @@ static THREAD_RETURN WOLFSSL_THREAD test_wolfSSL_BIO_accept_client(void* args)
wc_ecc_fp_free(); /* free per thread cache */
#endif
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif
static int test_wolfSSL_BIO_accept(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
defined(HAVE_HTTP_CLIENT)
- EXPECT_DECLS;
BIO* serverBindBio = NULL;
BIO* serverAcceptBio = NULL;
SSL* sslServer = NULL;
@@ -45715,17 +44717,14 @@ static int test_wolfSSL_BIO_accept(void)
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_write(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
BIO* bio = NULL;
BIO* bio64 = NULL;
BIO* bio_mem = NULL;
@@ -45811,18 +44810,15 @@ static int test_wolfSSL_BIO_write(void)
ExpectNotNull(bio = BIO_new_mem_buf(out, 0));
ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg));
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_printf(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL)
BIO* bio = NULL;
int sz = 7;
char msg[] = "TLS 1.3 for the world";
@@ -45836,17 +44832,14 @@ static int test_wolfSSL_BIO_printf(void)
ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 30);
ExpectIntEQ(XSTRNCMP(out, expected, sizeof(expected)), 0);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_f_md(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_SHA256)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_SHA256)
BIO* bio = NULL;
BIO* mem = NULL;
char msg[] = "message to hash";
@@ -45942,17 +44935,14 @@ static int test_wolfSSL_BIO_f_md(void)
EVP_PKEY_free(key);
BIO_free(bio);
BIO_free(mem);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_up_ref(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
BIO* bio = NULL;
ExpectNotNull(bio = BIO_new(BIO_f_md()));
@@ -45962,16 +44952,13 @@ static int test_wolfSSL_BIO_up_ref(void)
ExpectIntEQ(BIO_up_ref(bio), 1);
BIO_free(bio);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_reset(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
BIO* bio = NULL;
byte buf[16];
@@ -45990,10 +44977,8 @@ static int test_wolfSSL_BIO_reset(void)
ExpectIntEQ(BIO_read(bio, buf, 16), 16);
ExpectIntEQ(XMEMCMP(buf, "secure your data", 16), 0);
BIO_free(bio);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* !NO_BIO */
@@ -46002,103 +44987,372 @@ static int test_wolfSSL_BIO_reset(void)
/* test that the callback arg is correct */
static int certCbArg = 0;
-static int clientCertCb(WOLFSSL* ssl, void* arg)
+static int certCb(WOLFSSL* ssl, void* arg)
{
if (ssl == NULL || arg != &certCbArg)
return 0;
- if (wolfSSL_use_certificate_file(ssl, cliCertFile,
- WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
- return 0;
- if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
- WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
- return 0;
+ if (wolfSSL_is_server(ssl)) {
+ if (wolfSSL_use_certificate_file(ssl, svrCertFile,
+ WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+ return 0;
+ if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
+ WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+ return 0;
+ }
+ else {
+ if (wolfSSL_use_certificate_file(ssl, cliCertFile,
+ WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+ return 0;
+ if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
+ WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+ return 0;
+ }
return 1;
}
-static int clientCertSetupCb(WOLFSSL_CTX* ctx)
+static int certSetupCb(WOLFSSL_CTX* ctx)
{
- SSL_CTX_set_cert_cb(ctx, clientCertCb, &certCbArg);
+ SSL_CTX_set_cert_cb(ctx, certCb, &certCbArg);
return TEST_SUCCESS;
}
/**
- * This is only done because test_client_nofail has no way to stop
- * certificate and key loading
+ * This is only done because test_wolfSSL_client_server_nofail_memio has no way
+ * to stop certificate and key loading
*/
-static int clientCertClearCb(WOLFSSL* ssl)
+static int certClearCb(WOLFSSL* ssl)
{
/* Clear the loaded certs to force the callbacks to set them up */
SSL_certs_clear(ssl);
return TEST_SUCCESS;
}
-static int serverCertCb(WOLFSSL* ssl, void* arg)
+#endif
+
+static int test_wolfSSL_cert_cb(void)
{
- if (ssl == NULL || arg != &certCbArg)
- return 0;
- if (wolfSSL_use_certificate_file(ssl, svrCertFile,
- WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+ test_ssl_cbf func_cb_client;
+ test_ssl_cbf func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+
+ func_cb_client.ctx_ready = certSetupCb;
+ func_cb_client.ssl_ready = certClearCb;
+ func_cb_server.ctx_ready = certSetupCb;
+ func_cb_server.ssl_ready = certClearCb;
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
+ &func_cb_server, NULL), TEST_SUCCESS);
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+
+static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_cipher = NULL;
+static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs = NULL;
+static int test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx,
+ test_wolfSSL_cert_cb_dyn_ciphers_client_cipher), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
+ test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_cert_cb_dyn_ciphers_certCB(WOLFSSL* ssl, void* arg)
+{
+ const byte* suites = NULL;
+ word16 suiteSz = 0;
+ const byte* hashSigAlgo = NULL;
+ word16 hashSigAlgoSz = 0;
+ word16 idx = 0;
+ int haveRSA = 0;
+ int haveECC = 0;
+
+ (void)arg;
+
+ if (wolfSSL_get_client_suites_sigalgs(ssl, &suites, &suiteSz, &hashSigAlgo,
+ &hashSigAlgoSz) != WOLFSSL_SUCCESS)
return 0;
- if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
- WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+ if (suites == NULL || suiteSz == 0 || hashSigAlgo == NULL ||
+ hashSigAlgoSz == 0)
return 0;
+
+ for (idx = 0; idx < suiteSz; idx += 2) {
+ WOLFSSL_CIPHERSUITE_INFO info =
+ wolfSSL_get_ciphersuite_info(suites[idx], suites[idx+1]);
+
+ if (info.rsaAuth)
+ haveRSA = 1;
+ else if (info.eccAuth)
+ haveECC = 1;
+ }
+
+ if (hashSigAlgoSz > 0) {
+ /* sigalgs extension takes precedence over ciphersuites */
+ haveRSA = 0;
+ haveECC = 0;
+ }
+ for (idx = 0; idx < hashSigAlgoSz; idx += 2) {
+ int hashAlgo = 0;
+ int sigAlgo = 0;
+
+ if (wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1],
+ &hashAlgo, &sigAlgo) != 0)
+ return 0;
+
+ if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
+ haveRSA = 1;
+ else if (sigAlgo == ECDSAk)
+ haveECC = 1;
+ }
+
+ if (haveRSA) {
+ if (wolfSSL_use_certificate_file(ssl, svrCertFile, WOLFSSL_FILETYPE_PEM)
+ != WOLFSSL_SUCCESS)
+ return 0;
+ if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, WOLFSSL_FILETYPE_PEM)
+ != WOLFSSL_SUCCESS)
+ return 0;
+ }
+ else if (haveECC) {
+ if (wolfSSL_use_certificate_file(ssl, eccCertFile, WOLFSSL_FILETYPE_PEM)
+ != WOLFSSL_SUCCESS)
+ return 0;
+ if (wolfSSL_use_PrivateKey_file(ssl, eccKeyFile, WOLFSSL_FILETYPE_PEM)
+ != WOLFSSL_SUCCESS)
+ return 0;
+ }
+
return 1;
}
-static int serverCertSetupCb(WOLFSSL_CTX* ctx)
+static int test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready(WOLFSSL_CTX* ctx)
{
- SSL_CTX_set_cert_cb(ctx, serverCertCb, &certCbArg);
+ SSL_CTX_set_cert_cb(ctx, test_wolfSSL_cert_cb_dyn_ciphers_certCB, NULL);
+ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
return TEST_SUCCESS;
}
-/**
- * This is only done because test_server_nofail has no way to stop
- * certificate and key loading
- */
-static int serverCertClearCb(WOLFSSL* ssl)
+#endif
+
+/* Testing dynamic ciphers offered by client */
+static int test_wolfSSL_cert_cb_dyn_ciphers(void)
{
- /* Clear the loaded certs to force the callbacks to set them up */
- SSL_certs_clear(ssl);
- return TEST_SUCCESS;
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+ test_ssl_cbf func_cb_client;
+ test_ssl_cbf func_cb_server;
+ struct {
+ method_provider client_meth;
+ const char* client_ciphers;
+ const char* client_sigalgs;
+ const char* client_ca;
+ method_provider server_meth;
+ } test_params[] = {
+#if !defined(NO_SHA256) && defined(HAVE_AESGCM)
+#ifdef WOLFSSL_TLS13
+#if !defined(NO_RSA) && defined(WC_RSA_PSS)
+ {wolfTLSv1_3_client_method,
+ "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256",
+ "RSA-PSS+SHA256", caCertFile, wolfTLSv1_3_server_method},
+#endif
+#ifdef HAVE_ECC
+ {wolfTLSv1_3_client_method,
+ "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256",
+ "ECDSA+SHA256", caEccCertFile, wolfTLSv1_3_server_method},
+#endif
+#endif
+#ifndef WOLFSSL_NO_TLS12
+#if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_DH)
+ {wolfTLSv1_2_client_method,
+ "DHE-RSA-AES128-GCM-SHA256",
+ "RSA-PSS+SHA256", caCertFile, wolfTLSv1_2_server_method},
+#endif
+#ifdef HAVE_ECC
+ {wolfTLSv1_2_client_method,
+ "ECDHE-ECDSA-AES128-GCM-SHA256",
+ "ECDSA+SHA256", caEccCertFile, wolfTLSv1_2_server_method},
+#endif
+#endif
+#endif
+ };
+ size_t i;
+ size_t testCount = sizeof(test_params)/sizeof(*test_params);
+
+ if (testCount > 0) {
+ for (i = 0; i < testCount; i++) {
+ printf("\tTesting %s ciphers with %s sigalgs\n",
+ test_params[i].client_ciphers,
+ test_params[i].client_sigalgs);
+
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+
+ test_wolfSSL_cert_cb_dyn_ciphers_client_cipher =
+ test_params[i].client_ciphers;
+ test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs =
+ test_params[i].client_sigalgs;
+ func_cb_client.method = test_params[i].client_meth;
+ func_cb_client.caPemFile = test_params[i].client_ca;
+ func_cb_client.ctx_ready =
+ test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready;
+
+ func_cb_server.ctx_ready =
+ test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready;
+ func_cb_server.ssl_ready = certClearCb; /* Reuse from prev test */
+ func_cb_server.method = test_params[i].server_meth;
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
+ &func_cb_server, NULL), TEST_SUCCESS);
+ }
+ }
+#endif
+ return EXPECT_RESULT();
}
+static int test_wolfSSL_ciphersuite_auth(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+ WOLFSSL_CIPHERSUITE_INFO info;
+
+ (void)info;
+
+#ifndef WOLFSSL_NO_TLS12
+#ifdef HAVE_CHACHA
+ info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
+ ExpectIntEQ(info.rsaAuth, 1);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 0);
+
+ info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
+ ExpectIntEQ(info.rsaAuth, 0);
+ ExpectIntEQ(info.eccAuth, 1);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 0);
+
+ info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
+ TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256);
+ ExpectIntEQ(info.rsaAuth, 0);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 1);
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+#ifndef NO_RSA
+ info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA);
+ ExpectIntEQ(info.rsaAuth, 1);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 0);
+
+ info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+ ExpectIntEQ(info.rsaAuth, 1);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 1);
+ ExpectIntEQ(info.psk, 0);
+
+ info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
+ ExpectIntEQ(info.rsaAuth, 1);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 1);
+ ExpectIntEQ(info.psk, 0);
+#endif
+ info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
+ ExpectIntEQ(info.rsaAuth, 0);
+ ExpectIntEQ(info.eccAuth, 1);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 0);
+
+ info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
+ ExpectIntEQ(info.rsaAuth, 0);
+ ExpectIntEQ(info.eccAuth, 1);
+ ExpectIntEQ(info.eccStatic, 1);
+ ExpectIntEQ(info.psk, 0);
+
+ info = wolfSSL_get_ciphersuite_info(ECDHE_PSK_BYTE,
+ TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256);
+ ExpectIntEQ(info.rsaAuth, 0);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 1);
+#endif
#endif
-static int test_wolfSSL_cert_cb(void)
+#ifdef WOLFSSL_TLS13
+ info = wolfSSL_get_ciphersuite_info(TLS13_BYTE,
+ TLS_AES_128_GCM_SHA256);
+ ExpectIntEQ(info.rsaAuth, 0);
+ ExpectIntEQ(info.eccAuth, 0);
+ ExpectIntEQ(info.eccStatic, 0);
+ ExpectIntEQ(info.psk, 0);
+#endif
+
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_sigalg_info(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
EXPECT_DECLS;
- test_ssl_cbf func_cb_client;
- test_ssl_cbf func_cb_server;
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+ byte hashSigAlgo[WOLFSSL_MAX_SIGALGO];
+ word16 len = 0;
+ word16 idx = 0;
+ int allSigAlgs = SIG_ECDSA | SIG_RSA | SIG_SM2 | SIG_FALCON | SIG_DILITHIUM;
- XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
- XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+ InitSuitesHashSigAlgo_ex2(hashSigAlgo, allSigAlgs, 1, 0xFFFFFFFF, &len);
+ for (idx = 0; idx < len; idx += 2) {
+ int hashAlgo = 0;
+ int sigAlgo = 0;
- func_cb_client.ctx_ready = clientCertSetupCb;
- func_cb_client.ssl_ready = clientCertClearCb;
- func_cb_server.ctx_ready = serverCertSetupCb;
- func_cb_server.ssl_ready = serverCertClearCb;
+ ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0],
+ hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0);
- ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
- &func_cb_server, NULL), TEST_SUCCESS);
+ ExpectIntNE(hashAlgo, 0);
+ ExpectIntNE(sigAlgo, 0);
+ }
+
+ InitSuitesHashSigAlgo_ex2(hashSigAlgo, allSigAlgs | SIG_ANON, 1,
+ 0xFFFFFFFF, &len);
+ for (idx = 0; idx < len; idx += 2) {
+ int hashAlgo = 0;
+ int sigAlgo = 0;
+
+ ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0],
+ hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0);
+
+ ExpectIntNE(hashAlgo, 0);
+ }
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_SESSION(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
!defined(NO_SESSION_CACHE)
-
- WOLFSSL* ssl;
- WOLFSSL_CTX* ctx;
- WOLFSSL_SESSION* sess;
- WOLFSSL_SESSION* sess_copy;
+ WOLFSSL* ssl = NULL;
+ WOLFSSL_CTX* ctx = NULL;
+ WOLFSSL_SESSION* sess = NULL;
+ WOLFSSL_SESSION* sess_copy = NULL;
#ifdef OPENSSL_EXTRA
#ifdef HAVE_EXT_CACHE
unsigned char* sessDer = NULL;
@@ -46121,23 +45375,23 @@ static int test_wolfSSL_SESSION(void)
#if defined(WOLFSSL_TLS13) && (!defined(HAVE_SESSION_TICKET) && \
!defined(WOLFSSL_NO_TLS12) || !(defined(HAVE_CHACHA) && \
defined(HAVE_POLY1305) && !defined(HAVE_AESGCM)))
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#endif
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
+ ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
WOLFSSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
+ ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
WOLFSSL_FILETYPE_PEM));
- AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ENCRYPTED_KEYS
wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#ifdef HAVE_SESSION_TICKET
/* Use session tickets, for ticket tests below */
- AssertIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
#endif
XMEMSET(&server_args, 0, sizeof(func_args));
@@ -46158,9 +45412,9 @@ static int test_wolfSSL_SESSION(void)
wait_tcp_ready(&server_args);
/* client connection */
- ssl = wolfSSL_new(ctx);
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl);
- AssertIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
@@ -46175,7 +45429,7 @@ static int test_wolfSSL_SESSION(void)
ret = wolfSSL_connect(ssl);
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
@@ -46190,7 +45444,7 @@ static int test_wolfSSL_SESSION(void)
ret = wolfSSL_write(ssl, sendGET, (int)XSTRLEN(sendGET));
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
- AssertIntEQ(ret, (int)XSTRLEN(sendGET));
+ ExpectIntEQ(ret, (int)XSTRLEN(sendGET));
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
@@ -46205,12 +45459,12 @@ static int test_wolfSSL_SESSION(void)
ret = wolfSSL_read(ssl, msg, sizeof(msg));
err = wolfSSL_get_error(ssl, 0);
} while (err == WC_PENDING_E);
- AssertIntEQ(ret, 23);
+ ExpectIntEQ(ret, 23);
- AssertPtrNE((sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */
- AssertPtrNE((sess_copy = wolfSSL_get1_session(ssl)), NULL); /* ref count 2 */
+ ExpectPtrNE((sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */
+ ExpectPtrNE((sess_copy = wolfSSL_get1_session(ssl)), NULL); /* ref count 2 */
#ifdef HAVE_EXT_CACHE
- AssertPtrEq(sess, sess_copy); /* they should be the same pointer but without
+ ExpectPtrEq(sess, sess_copy); /* they should be the same pointer but without
* HAVE_EXT_CACHE we get new objects each time */
#endif
wolfSSL_SESSION_free(sess_copy); sess_copy = NULL;
@@ -46219,27 +45473,29 @@ static int test_wolfSSL_SESSION(void)
sess = wolfSSL_get_session(ssl);
#ifdef OPENSSL_EXTRA
- AssertIntEQ(SSL_SESSION_is_resumable(NULL), 0);
- AssertIntEQ(SSL_SESSION_is_resumable(sess), 1);
+ ExpectIntEQ(SSL_SESSION_is_resumable(NULL), 0);
+ ExpectIntEQ(SSL_SESSION_is_resumable(sess), 1);
- AssertIntEQ(wolfSSL_SESSION_has_ticket(NULL), 0);
- AssertIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(NULL), 0);
+ ExpectIntEQ(wolfSSL_SESSION_has_ticket(NULL), 0);
+ ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(NULL), 0);
#ifdef HAVE_SESSION_TICKET
- AssertIntEQ(wolfSSL_SESSION_has_ticket(sess), 1);
- AssertIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(sess),
+ ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 1);
+ ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(sess),
SESSION_TICKET_HINT_DEFAULT);
#else
- AssertIntEQ(wolfSSL_SESSION_has_ticket(sess), 0);
+ ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 0);
#endif
#else
(void)sess;
#endif /* OPENSSL_EXTRA */
/* Retain copy of the session for later testing */
- AssertNotNull(sess = wolfSSL_get1_session(ssl));
+ ExpectNotNull(sess = wolfSSL_get1_session(ssl));
wolfSSL_shutdown(ssl);
- wolfSSL_free(ssl);
+ wolfSSL_free(ssl); ssl = NULL;
+
+ CloseSocket(sockfd);
join_thread(serverThread);
@@ -46251,50 +45507,50 @@ static int test_wolfSSL_SESSION(void)
#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
{
- X509 *x509;
+ X509 *x509 = NULL;
char buf[30];
- int bufSz;
+ int bufSz = 0;
- AssertNotNull(x509 = SSL_SESSION_get0_peer(sess));
- AssertIntGT((bufSz = X509_NAME_get_text_by_NID(
- X509_get_subject_name(x509), NID_organizationalUnitName,
- buf, sizeof(buf))), 0);
- AssertIntNE((bufSz == 7 || bufSz == 16), 0); /* should be one of these*/
+ ExpectNotNull(x509 = SSL_SESSION_get0_peer(sess));
+ ExpectIntGT((bufSz = X509_NAME_get_text_by_NID(
+ X509_get_subject_name(x509), NID_organizationalUnitName, buf,
+ sizeof(buf))), 0);
+ ExpectIntNE((bufSz == 7 || bufSz == 16), 0); /* should be one of these*/
if (bufSz == 7) {
- AssertIntEQ(XMEMCMP(buf, "Support", bufSz), 0);
+ ExpectIntEQ(XMEMCMP(buf, "Support", bufSz), 0);
}
if (bufSz == 16) {
- AssertIntEQ(XMEMCMP(buf, "Programming-2048", bufSz), 0);
+ ExpectIntEQ(XMEMCMP(buf, "Programming-2048", bufSz), 0);
}
}
#endif
#ifdef HAVE_EXT_CACHE
- AssertNotNull(sess_copy = wolfSSL_SESSION_dup(sess));
- wolfSSL_SESSION_free(sess_copy);
+ ExpectNotNull(sess_copy = wolfSSL_SESSION_dup(sess));
+ wolfSSL_SESSION_free(sess_copy); sess_copy = NULL;
sess_copy = NULL;
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE)
/* get session from DER and update the timeout */
- AssertIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG);
- AssertIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0);
- wolfSSL_SESSION_free(sess);
+ ExpectIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG);
+ ExpectIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0);
+ wolfSSL_SESSION_free(sess); sess = NULL;
sess = NULL;
ptr = sessDer;
- AssertNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz));
- AssertNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL,
+ ExpectNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz));
+ ExpectNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL,
(const unsigned char**)&ptr, sz));
XFREE(sessDer, NULL, DYNAMIC_TYPE_OPENSSL);
sessDer = NULL;
- AssertIntGT(wolfSSL_SESSION_get_time(sess), 0);
- AssertIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
+ ExpectIntGT(wolfSSL_SESSION_get_time(sess), 0);
+ ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
#endif
/* successful set session test */
- AssertNotNull(ssl = wolfSSL_new(ctx));
- AssertIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
+ ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
#ifdef HAVE_SESSION_TICKET
/* Test set/get session ticket */
@@ -46303,52 +45559,179 @@ static int test_wolfSSL_SESSION(void)
char buf[64] = {0};
word32 bufSz = (word32)sizeof(buf);
- AssertIntEQ(SSL_SUCCESS,
+ ExpectIntEQ(SSL_SUCCESS,
wolfSSL_set_SessionTicket(ssl, (byte *)ticket,
(word32)XSTRLEN(ticket)));
- AssertIntEQ(SSL_SUCCESS,
+ ExpectIntEQ(SSL_SUCCESS,
wolfSSL_get_SessionTicket(ssl, (byte *)buf, &bufSz));
- AssertStrEQ(ticket, buf);
+ ExpectStrEQ(ticket, buf);
}
#endif
#ifdef OPENSSL_EXTRA
/* session timeout case */
/* make the session to be expired */
- AssertIntEQ(SSL_SESSION_set_timeout(sess,1), SSL_SUCCESS);
+ ExpectIntEQ(SSL_SESSION_set_timeout(sess,1), SSL_SUCCESS);
XSLEEP_MS(1200);
/* SSL_set_session should reject specified session but return success
* if WOLFSSL_ERROR_CODE_OPENSSL macro is defined for OpenSSL compatibility.
*/
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
- AssertIntEQ(wolfSSL_set_session(ssl,sess), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_SUCCESS);
#else
- AssertIntEQ(wolfSSL_set_session(ssl,sess), SSL_FAILURE);
+ ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_FAILURE);
#endif
- AssertIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
+#ifdef WOLFSSL_SESSION_ID_CTX
/* fail case with miss match session context IDs (use compatibility API) */
- AssertIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
+ ExpectIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
SSL_SUCCESS);
- AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
- wolfSSL_free(ssl);
+ ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+ wolfSSL_free(ssl); ssl = NULL;
- AssertIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
+ ExpectIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
SSL_FAILURE);
- AssertIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),
+ ExpectIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),
SSL_SUCCESS);
- AssertNotNull(ssl = wolfSSL_new(ctx));
- AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
+ ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+#endif
#endif /* OPENSSL_EXTRA */
wolfSSL_free(ssl);
wolfSSL_SESSION_free(sess);
wolfSSL_CTX_free(ctx);
+#endif
+ return EXPECT_RESULT();
+}
- res = TEST_RES_CHECK(1);
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
+ !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
+ !defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \
+ !defined(WOLFSSL_NO_TLS12)
+static WOLFSSL_SESSION* test_wolfSSL_SESSION_expire_sess = NULL;
+
+static void test_wolfSSL_SESSION_expire_downgrade_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ #ifdef WOLFSSL_ERROR_CODE_OPENSSL
+ /* returns previous timeout value */
+ AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), 500);
+ #else
+ AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), WOLFSSL_SUCCESS);
+ #endif
+}
+
+
+/* set the session to timeout in a second */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready(WOLFSSL* ssl)
+{
+ AssertIntEQ(wolfSSL_set_timeout(ssl, 2), 1);
+}
+
+
+/* store the client side session from the first successful connection */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_result(WOLFSSL* ssl)
+{
+ AssertPtrNE((test_wolfSSL_SESSION_expire_sess = wolfSSL_get1_session(ssl)),
+ NULL); /* ref count 1 */
+}
+
+
+/* wait till session is expired then set it in the WOLFSSL struct for use */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait(WOLFSSL* ssl)
+{
+ AssertIntEQ(wolfSSL_set_timeout(ssl, 1), 1);
+ AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
+ WOLFSSL_SUCCESS);
+ XSLEEP_MS(2000); /* wait 2 seconds for session to expire */
+}
+
+
+/* set expired session in the WOLFSSL struct for use */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set(WOLFSSL* ssl)
+{
+ XSLEEP_MS(1200); /* wait a second for session to expire */
+
+ /* set the expired session, call to set session fails but continuing on
+ after failure should be handled here */
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL)
+ AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
+ WOLFSSL_SUCCESS);
+#else
+ AssertIntNE(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
+ WOLFSSL_SUCCESS);
#endif
- return res;
+}
+
+
+/* check that the expired session was not reused */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse(WOLFSSL* ssl)
+{
+ /* since the session has expired it should not have been reused */
+ AssertIntEQ(wolfSSL_session_reused(ssl), 0);
+}
+#endif
+
+static int test_wolfSSL_SESSION_expire_downgrade(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
+ !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
+ !defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \
+ !defined(WOLFSSL_NO_TLS12)
+
+ WOLFSSL_CTX* ctx = NULL;
+ callback_functions server_cbf, client_cbf;
+
+ XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+ XMEMSET(&client_cbf, 0, sizeof(callback_functions));
+
+ /* force server side to use TLS 1.2 */
+ server_cbf.ctx = ctx;
+ server_cbf.method = wolfTLSv1_2_server_method;
+
+ client_cbf.method = wolfSSLv23_client_method;
+ server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
+ client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready;
+ client_cbf.on_result = test_wolfSSL_SESSION_expire_downgrade_ssl_result;
+
+ test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+
+ /* set the previously created session and wait till expired */
+ server_cbf.ctx = ctx;
+
+ client_cbf.method = wolfSSLv23_client_method;
+ server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
+ client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait;
+ client_cbf.on_result =
+ test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse;
+
+ test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+
+ /* set the previously created expired session */
+ server_cbf.ctx = ctx;
+
+ client_cbf.method = wolfSSLv23_client_method;
+ server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
+ client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set;
+ client_cbf.on_result =
+ test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse;
+
+ test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+
+ wolfSSL_SESSION_free(test_wolfSSL_SESSION_expire_sess);
+ wolfSSL_CTX_free(ctx);
+
+#endif
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
@@ -46387,21 +45770,26 @@ static void SessRemCtxCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
static int SessRemCtxSetupCb(WOLFSSL_CTX* ctx)
{
- EXPECT_DECLS;
SSL_CTX_sess_set_remove_cb(ctx, SessRemCtxCb);
#if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && \
!defined(NO_SESSION_CACHE_REF)
- /* Allow downgrade, set min version, and disable TLS 1.3.
- * Do this because without NO_SESSION_CACHE_REF we will want to return a
- * reference to the session cache. But with WOLFSSL_TLS13 and without
- * HAVE_SESSION_TICKET we won't have a session ID to be able to place the
- * session in the cache. In this case we need to downgrade to previous
- * versions to just use the legacy session ID field. */
- ExpectIntEQ(SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION), SSL_SUCCESS);
- ExpectIntEQ(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION),
- SSL_SUCCESS);
+ {
+ EXPECT_DECLS;
+ /* Allow downgrade, set min version, and disable TLS 1.3.
+ * Do this because without NO_SESSION_CACHE_REF we will want to return a
+ * reference to the session cache. But with WOLFSSL_TLS13 and without
+ * HAVE_SESSION_TICKET we won't have a session ID to be able to place
+ * the session in the cache. In this case we need to downgrade to
+ * previous versions to just use the legacy session ID field. */
+ ExpectIntEQ(SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION),
+ SSL_SUCCESS);
+ ExpectIntEQ(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION),
+ SSL_SUCCESS);
+ return EXPECT_RESULT();
+ }
+#else
+ return TEST_SUCCESS;
#endif
- return EXPECT_RESULT();
}
static int SessRemSslSetupCb(WOLFSSL* ssl)
@@ -46409,27 +45797,25 @@ static int SessRemSslSetupCb(WOLFSSL* ssl)
EXPECT_DECLS;
int* side;
- if (EXPECT_SUCCESS()) {
- if (SSL_is_server(ssl)) {
- side = &sessRemCtx_Server;
- serverSessRemCountMalloc++;
- ExpectNotNull(serverSess = SSL_get1_session(ssl));
- ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)),
- SSL_SUCCESS);
- }
- else {
- side = &sessRemCtx_Client;
- clientSessRemCountMalloc++;
- #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
- !defined(NO_SESSION_CACHE_REF)
- ExpectNotNull(clientSess = SSL_get1_session(ssl));
- ExpectIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)),
- SSL_SUCCESS);
- #endif
- }
- ExpectIntEQ(SSL_SESSION_set_ex_data(SSL_get_session(ssl),
- serverSessRemIdx, side), SSL_SUCCESS);
+ if (SSL_is_server(ssl)) {
+ side = &sessRemCtx_Server;
+ serverSessRemCountMalloc++;
+ ExpectNotNull(serverSess = SSL_get1_session(ssl));
+ ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)),
+ SSL_SUCCESS);
+ }
+ else {
+ side = &sessRemCtx_Client;
+ clientSessRemCountMalloc++;
+ #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
+ !defined(NO_SESSION_CACHE_REF)
+ ExpectNotNull(clientSess = SSL_get1_session(ssl));
+ ExpectIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)),
+ SSL_SUCCESS);
+#endif
}
+ ExpectIntEQ(SSL_SESSION_set_ex_data(SSL_get_session(ssl),
+ serverSessRemIdx, side), SSL_SUCCESS);
return EXPECT_RESULT();
}
@@ -46437,15 +45823,14 @@ static int SessRemSslSetupCb(WOLFSSL* ssl)
static int test_wolfSSL_CTX_sess_set_remove_cb(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
- EXPECT_DECLS;
/* Check that the remove callback gets called for external data in a
* session object */
test_ssl_cbf func_cb;
- XMEMSET(&func_cb, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb, 0, sizeof(func_cb));
func_cb.ctx_ready = SessRemCtxSetupCb;
func_cb.on_result = SessRemSslSetupCb;
@@ -46490,98 +45875,97 @@ static int test_wolfSSL_CTX_sess_set_remove_cb(void)
SSL_CTX_free(clientSessCtx);
SSL_SESSION_free(clientSess);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ticket_keys(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
!defined(NO_WOLFSSL_SERVER)
- WOLFSSL_CTX* ctx;
+ WOLFSSL_CTX* ctx = NULL;
byte keys[WOLFSSL_TICKET_KEYS_SZ];
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, 0),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, 0),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, 0),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, 0),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, 0),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, 0),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, 0),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, 0),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
+ ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_d2i_PUBKEY(void)
{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_EXTRA)
- BIO* bio;
- EVP_PKEY* pkey;
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
+ BIO* bio = NULL;
+ EVP_PKEY* pkey = NULL;
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertNull(d2i_PUBKEY_bio(NULL, NULL));
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectNull(d2i_PUBKEY_bio(NULL, NULL));
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
/* RSA PUBKEY test */
- AssertIntGT(BIO_write(bio, client_keypub_der_2048,
- sizeof_client_keypub_der_2048), 0);
- AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+ ExpectIntGT(BIO_write(bio, client_keypub_der_2048,
+ sizeof_client_keypub_der_2048), 0);
+ ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif
#if defined(USE_CERT_BUFFERS_256) && defined(HAVE_ECC)
/* ECC PUBKEY test */
- AssertIntGT(BIO_write(bio, ecc_clikeypub_der_256,
- sizeof_ecc_clikeypub_der_256), 0);
- AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+ ExpectIntGT(BIO_write(bio, ecc_clikeypub_der_256,
+ sizeof_ecc_clikeypub_der_256), 0);
+ ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DSA)
/* DSA PUBKEY test */
- AssertIntGT(BIO_write(bio, dsa_pub_key_der_2048,
- sizeof_dsa_pub_key_der_2048), 0);
- AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+ ExpectIntGT(BIO_write(bio, dsa_pub_key_der_2048,
+ sizeof_dsa_pub_key_der_2048), 0);
+ ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif
#if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DH) && \
@@ -46589,31 +45973,29 @@ defined(OPENSSL_EXTRA) && defined(WOLFSSL_DH_EXTRA)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION > 2))
/* DH PUBKEY test */
- AssertIntGT(BIO_write(bio, dh_pub_key_der_2048,
- sizeof_dh_pub_key_der_2048), 0);
- AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+ ExpectIntGT(BIO_write(bio, dh_pub_key_der_2048,
+ sizeof_dh_pub_key_der_2048), 0);
+ ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* USE_CERT_BUFFERS_2048 && !NO_DH && && OPENSSL_EXTRA */
BIO_free(bio);
(void)pkey;
+#endif
- res = TEST_RES_CHECK(1);
- #endif
-
- return res;
+ return EXPECT_RESULT();
}
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
static int test_wolfSSL_d2i_PrivateKeys_bio(void)
{
+ EXPECT_DECLS;
BIO* bio = NULL;
EVP_PKEY* pkey = NULL;
-#ifndef NO_RSA
-#endif
- WOLFSSL_CTX* ctx;
+ WOLFSSL_CTX* ctx = NULL;
#if defined(WOLFSSL_KEY_GEN)
unsigned char buff[4096];
@@ -46621,28 +46003,29 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
#endif
/* test creating new EVP_PKEY with bad arg */
- AssertNull((pkey = d2i_PrivateKey_bio(NULL, NULL)));
+ ExpectNull((pkey = d2i_PrivateKey_bio(NULL, NULL)));
/* test loading RSA key using BIO */
#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
{
- XFILE file;
+ XFILE file = XBADFILE;
const char* fname = "./certs/server-key.der";
size_t sz;
- byte* buf;
-
- file = XFOPEN(fname, "rb");
- AssertTrue((file != XBADFILE));
- AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0);
- sz = XFTELL(file);
- AssertTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
- AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
- AssertIntEQ(XFREAD(buf, 1, sz, file), sz);
- XFCLOSE(file);
+ byte* buf = NULL;
+
+ ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
+ ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
+ ExpectTrue((sz = XFTELL(file)) != 0);
+ ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
+ ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
+ ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
+ if (file != XBADFILE) {
+ XFCLOSE(file);
+ }
/* Test using BIO new mem and loading DER private key */
- AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
- AssertNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
+ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
+ ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
@@ -46654,23 +46037,23 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
/* test loading ECC key using BIO */
#if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
{
- XFILE file;
+ XFILE file = XBADFILE;
const char* fname = "./certs/ecc-key.der";
size_t sz;
- byte* buf;
-
- file = XFOPEN(fname, "rb");
- AssertTrue((file != XBADFILE));
- AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0);
- sz = XFTELL(file);
- AssertTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
- AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
- AssertIntEQ(XFREAD(buf, 1, sz, file), sz);
- XFCLOSE(file);
+ byte* buf = NULL;
+
+ ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
+ ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
+ ExpectTrue((sz = XFTELL(file)) != 0);
+ ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
+ ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
+ ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
+ if (file != XBADFILE)
+ XFCLOSE(file);
/* Test using BIO new mem and loading DER private key */
- AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
- AssertNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
+ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
+ ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
BIO_free(bio);
bio = NULL;
@@ -46679,11 +46062,11 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
}
#endif
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
#ifndef NO_WOLFSSL_SERVER
- AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
+ ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
- AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
+ ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
#if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
@@ -46691,39 +46074,39 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
{
RSA* rsa = NULL;
/* Tests bad parameters */
- AssertNull(d2i_RSAPrivateKey_bio(NULL, NULL));
+ ExpectNull(d2i_RSAPrivateKey_bio(NULL, NULL));
/* RSA not set yet, expecting to fail*/
- AssertIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), BAD_FUNC_ARG);
#if defined(USE_CERT_BUFFERS_2048) && defined(WOLFSSL_KEY_GEN)
/* set RSA using bio*/
- AssertIntGT(BIO_write(bio, client_key_der_2048,
+ ExpectIntGT(BIO_write(bio, client_key_der_2048,
sizeof_client_key_der_2048), 0);
- AssertNotNull(d2i_RSAPrivateKey_bio(bio, &rsa));
- AssertNotNull(rsa);
+ ExpectNotNull(d2i_RSAPrivateKey_bio(bio, &rsa));
+ ExpectNotNull(rsa);
- AssertIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS);
- /*i2d RSAprivate key tests */
- AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 1192);
- AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
+ /* i2d RSAprivate key tests */
+ ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 1192);
+ ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
sizeof_client_key_der_2048);
bufPtr -= sizeof_client_key_der_2048;
- AssertIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
+ ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
sizeof_client_key_der_2048), 0);
bufPtr = NULL;
- AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
+ ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
sizeof_client_key_der_2048);
- AssertNotNull(bufPtr);
- AssertIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
+ ExpectNotNull(bufPtr);
+ ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
sizeof_client_key_der_2048), 0);
XFREE(bufPtr, NULL, DYNAMIC_TYPE_OPENSSL);
RSA_free(rsa);
rsa = RSA_new();
- AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 0);
+ ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 0);
#endif /* USE_CERT_BUFFERS_2048 WOLFSSL_KEY_GEN */
RSA_free(rsa);
}
@@ -46733,57 +46116,60 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
BIO_free(bio);
bio = NULL;
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
-#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
+#endif /* OPENSSL_ALL || (WOLFSSL_ASIO && !NO_RSA) */
#endif /* !NO_BIO */
static int test_wolfSSL_sk_GENERAL_NAME(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA)
- X509* x509;
- GENERAL_NAME* gn;
+ X509* x509 = NULL;
+ GENERAL_NAME* gn = NULL;
unsigned char buf[4096];
- const unsigned char* bufPt;
- int bytes, i;
+ const unsigned char* bufPt = NULL;
+ int bytes = 0;
+ int i;
int j;
+ XFILE f = XBADFILE;
+ STACK_OF(GENERAL_NAME)* sk = NULL;
- XFILE f;
- STACK_OF(GENERAL_NAME)* sk;
-
- f = XFOPEN(cliCertDerFileExt, "rb");
- AssertTrue((f != XBADFILE));
- AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE);
+ ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
for (j = 0; j < 2; ++j) {
bufPt = buf;
- AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
+ ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
- AssertNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
+ ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
NID_subject_alt_name, NULL, NULL));
- AssertIntEQ(sk_GENERAL_NAME_num(sk), 1);
+ ExpectIntEQ(sk_GENERAL_NAME_num(sk), 1);
for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) {
- AssertNotNull(gn = sk_GENERAL_NAME_value(sk, i));
+ ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, i));
- switch (gn->type) {
- case GEN_DNS:
- fprintf(stderr, "found type GEN_DNS\n");
- break;
- case GEN_EMAIL:
- fprintf(stderr, "found type GEN_EMAIL\n");
- break;
- case GEN_URI:
- fprintf(stderr, "found type GEN_URI\n");
- break;
+ if (gn != NULL) {
+ switch (gn->type) {
+ case GEN_DNS:
+ fprintf(stderr, "found type GEN_DNS\n");
+ break;
+ case GEN_EMAIL:
+ fprintf(stderr, "found type GEN_EMAIL\n");
+ break;
+ case GEN_URI:
+ fprintf(stderr, "found type GEN_URI\n");
+ break;
+ }
}
}
X509_free(x509);
+ x509 = NULL;
if (j == 0) {
sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
}
@@ -46794,30 +46180,30 @@ static int test_wolfSSL_sk_GENERAL_NAME(void)
*/
GENERAL_NAMES_free(sk);
}
+ sk = NULL;
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_GENERAL_NAME_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_BIO) && !defined(NO_RSA)
- X509* x509;
- GENERAL_NAME* gn;
+ X509* x509 = NULL;
+ GENERAL_NAME* gn = NULL;
unsigned char buf[4096];
- const unsigned char* bufPt;
+ const unsigned char* bufPt = NULL;
int bytes;
- XFILE f;
- STACK_OF(GENERAL_NAME)* sk;
- BIO* out;
+ XFILE f = XBADFILE;
+ STACK_OF(GENERAL_NAME)* sk = NULL;
+ BIO* out = NULL;
unsigned char outbuf[128];
- X509_EXTENSION* ext;
- AUTHORITY_INFO_ACCESS* aia;
- ACCESS_DESCRIPTION* ad;
+ X509_EXTENSION* ext = NULL;
+ AUTHORITY_INFO_ACCESS* aia = NULL;
+ ACCESS_DESCRIPTION* ad = NULL;
+ ASN1_IA5STRING *dnsname = NULL;
const unsigned char v4Addr[] = {192,168,53,1};
const unsigned char v6Addr[] =
@@ -46837,507 +46223,378 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
const char* ediStr = "EdiPartyName:<unsupported>";
/* BIO to output */
- AssertNotNull(out = BIO_new(BIO_s_mem()));
+ ExpectNotNull(out = BIO_new(BIO_s_mem()));
/* test for NULL param */
gn = NULL;
- AssertIntEQ(GENERAL_NAME_print(NULL, NULL), 0);
- AssertIntEQ(GENERAL_NAME_print(NULL, gn), 0);
- AssertIntEQ(GENERAL_NAME_print(out, NULL), 0);
+ ExpectIntEQ(GENERAL_NAME_print(NULL, NULL), 0);
+ ExpectIntEQ(GENERAL_NAME_print(NULL, gn), 0);
+ ExpectIntEQ(GENERAL_NAME_print(out, NULL), 0);
/* test for GEN_DNS */
- f = XFOPEN(cliCertDerFileExt, "rb");
- AssertTrue((f != XBADFILE));
- AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE);
+ ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
bufPt = buf;
- AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
- AssertNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
+ ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
+ ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
NID_subject_alt_name, NULL, NULL));
- AssertNotNull(gn = sk_GENERAL_NAME_value(sk, 0));
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, 0));
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
- XMEMSET(outbuf,0,sizeof(outbuf));
- BIO_read(out, outbuf, sizeof(outbuf));
- AssertIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+ XMEMSET(outbuf, 0, sizeof(outbuf));
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
+ gn = NULL;
+ sk = NULL;
X509_free(x509);
+ x509 = NULL;
+
+ /* Lets test for setting as well. */
+ ExpectNotNull(gn = GENERAL_NAME_new());
+ ExpectNotNull(dnsname = ASN1_IA5STRING_new());
+ ExpectIntEQ(ASN1_STRING_set(dnsname, "example.com", -1), 1);
+ GENERAL_NAME_set0_value(gn, GEN_DNS, dnsname);
+ dnsname = NULL;
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
+ XMEMSET(outbuf, 0, sizeof(outbuf));
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+ GENERAL_NAME_free(gn);
/* test for GEN_URI */
- f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb");
- AssertTrue((f != XBADFILE));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 4));
- aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext);
- AssertNotNull(aia);
- ad = (WOLFSSL_ACCESS_DESCRIPTION *)wolfSSL_sk_value(aia, 0);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 4));
+ ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(
+ ext));
+ ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION *)wolfSSL_sk_value(aia, 0));
- gn = ad->location;
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ if (ad != NULL) {
+ gn = ad->location;
+ }
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
+ gn = NULL;
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0);
wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
+ aia = NULL;
aia = (AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext);
- AssertNotNull(aia);
+ ExpectNotNull(aia);
AUTHORITY_INFO_ACCESS_pop_free(aia, NULL);
+ aia = NULL;
X509_free(x509);
+ x509 = NULL;
/* test for GEN_IPADD */
/* ip v4 address */
- AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
- gn->type = GEN_IPADD;
- gn->d.iPAddress->length = sizeof(v4Addr);
- AssertIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v4Addr,
- sizeof(v4Addr)), 1);
+ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+ if (gn != NULL) {
+ gn->type = GEN_IPADD;
+ if (gn->d.iPAddress != NULL) {
+ gn->d.iPAddress->length = sizeof(v4Addr);
+ }
+ }
+ ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v4Addr,
+ sizeof(v4Addr)), 1);
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, v4addStr, XSTRLEN(v4addStr)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, v4addStr, XSTRLEN(v4addStr)), 0);
GENERAL_NAME_free(gn);
+ gn = NULL;
/* ip v6 address */
- AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
- gn->type = GEN_IPADD;
- gn->d.iPAddress->length = sizeof(v6Addr);
- AssertIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v6Addr,
- sizeof(v6Addr)), 1);
+ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+ if (gn != NULL) {
+ gn->type = GEN_IPADD;
+ if (gn->d.iPAddress != NULL) {
+ gn->d.iPAddress->length = sizeof(v6Addr);
+ }
+ }
+ ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v6Addr,
+ sizeof(v6Addr)), 1);
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, v6addStr, XSTRLEN(v6addStr)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, v6addStr, XSTRLEN(v6addStr)), 0);
GENERAL_NAME_free(gn);
+ gn = NULL;
/* test for GEN_EMAIL */
- AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
- gn->type = GEN_EMAIL;
- gn->d.rfc822Name->length = sizeof(email);
- AssertIntEQ(wolfSSL_ASN1_STRING_set(gn->d.rfc822Name, email,
- sizeof(email)), 1);
+ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+ if (gn != NULL) {
+ gn->type = GEN_EMAIL;
+ if (gn->d.rfc822Name != NULL) {
+ gn->d.rfc822Name->length = sizeof(email);
+ }
+ }
+ ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.rfc822Name, email, sizeof(email)),
+ 1);
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, emailStr, XSTRLEN(emailStr)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, emailStr, XSTRLEN(emailStr)), 0);
GENERAL_NAME_free(gn);
+ gn = NULL;
/* test for GEN_OTHERNAME */
- AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
- gn->type = GEN_OTHERNAME;
+ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+ if (gn != NULL) {
+ gn->type = GEN_OTHERNAME;
+ }
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, othrStr, XSTRLEN(othrStr)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, othrStr, XSTRLEN(othrStr)), 0);
GENERAL_NAME_free(gn);
+ gn = NULL;
/* test for GEN_X400 */
- AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
- gn->type = GEN_X400;
+ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+ if (gn != NULL) {
+ gn->type = GEN_X400;
+ }
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, x400Str, XSTRLEN(x400Str)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, x400Str, XSTRLEN(x400Str)), 0);
/* Restore to GEN_IA5 (default) to avoid memory leak. */
- gn->type = GEN_IA5;
+ if (gn != NULL) {
+ gn->type = GEN_IA5;
+ }
GENERAL_NAME_free(gn);
+ gn = NULL;
/* test for GEN_EDIPARTY */
- AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
- gn->type = GEN_EDIPARTY;
+ ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+ if (gn != NULL) {
+ gn->type = GEN_EDIPARTY;
+ }
- AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+ ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
XMEMSET(outbuf,0,sizeof(outbuf));
- AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
- AssertIntEQ(XSTRNCMP((const char*)outbuf, ediStr, XSTRLEN(ediStr)), 0);
+ ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+ ExpectIntEQ(XSTRNCMP((const char*)outbuf, ediStr, XSTRLEN(ediStr)), 0);
/* Restore to GEN_IA5 (default) to avoid memory leak. */
- gn->type = GEN_IA5;
+ if (gn != NULL) {
+ gn->type = GEN_IA5;
+ }
GENERAL_NAME_free(gn);
+ gn = NULL;
BIO_free(out);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_ALL */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_sk_DIST_POINT(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
!defined(NO_RSA)
- X509* x509;
+ X509* x509 = NULL;
unsigned char buf[4096];
const unsigned char* bufPt;
- int bytes, i, j;
- XFILE f;
+ int bytes;
+ int i;
+ int j;
+ XFILE f = XBADFILE;
DIST_POINT* dp;
DIST_POINT_NAME* dpn;
GENERAL_NAME* gn;
ASN1_IA5STRING* uri;
- STACK_OF(DIST_POINT)* dps;
- STACK_OF(GENERAL_NAME)* gns;
+ STACK_OF(DIST_POINT)* dps = NULL;
+ STACK_OF(GENERAL_NAME)* gns = NULL;
const char cliCertDerCrlDistPoint[] = "./certs/client-crl-dist.der";
- f = XFOPEN(cliCertDerCrlDistPoint, "rb");
- AssertTrue((f != XBADFILE));
- AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(cliCertDerCrlDistPoint, "rb")) != XBADFILE);
+ ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
bufPt = buf;
- AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
+ ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
- AssertNotNull(dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(x509,
- NID_crl_distribution_points, NULL, NULL));
+ ExpectNotNull(dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(x509,
+ NID_crl_distribution_points, NULL, NULL));
- AssertIntEQ(sk_DIST_POINT_num(dps), 1);
+ ExpectIntEQ(sk_DIST_POINT_num(dps), 1);
for (i = 0; i < sk_DIST_POINT_num(dps); i++) {
- AssertNotNull(dp = sk_DIST_POINT_value(dps, i));
- AssertNotNull(dpn = dp->distpoint);
+ ExpectNotNull(dp = sk_DIST_POINT_value(dps, i));
+ ExpectNotNull(dpn = dp->distpoint);
/* this should be type 0, fullname */
- AssertIntEQ(dpn->type, 0);
+ ExpectIntEQ(dpn->type, 0);
- gns = dp->distpoint->name.fullname;
- AssertNotNull(gns);
- AssertIntEQ(sk_GENERAL_NAME_num(gns), 1);
+ ExpectNotNull(gns = dp->distpoint->name.fullname);
+ ExpectIntEQ(sk_GENERAL_NAME_num(gns), 1);
for (j = 0; j < sk_GENERAL_NAME_num(gns); j++) {
- gn = sk_GENERAL_NAME_value(gns, j);
- AssertIntEQ(gn->type, GEN_URI);
- AssertNotNull(uri = gn->d.uniformResourceIdentifier);
- AssertNotNull(uri->data);
- AssertIntGT(uri->length, 0);
+ ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, j));
+ ExpectIntEQ(gn->type, GEN_URI);
+ ExpectNotNull(uri = gn->d.uniformResourceIdentifier);
+ ExpectNotNull(uri->data);
+ ExpectIntGT(uri->length, 0);
}
}
X509_free(x509);
CRL_DIST_POINTS_free(dps);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
-static int test_wolfSSL_MD4(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_MD4)
- MD4_CTX md4;
- unsigned char out[16]; /* MD4_DIGEST_SIZE */
- const char* msg = "12345678901234567890123456789012345678901234567890123456"
- "789012345678901234567890";
- const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f"
- "\xcc\x05\x36";
- int msgSz = (int)XSTRLEN(msg);
-
-
- XMEMSET(out, 0, sizeof(out));
- MD4_Init(&md4);
- MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz);
- MD4_Final(out, &md4);
- AssertIntEQ(XMEMCMP(out, test, sizeof(out)), 0);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
static int test_wolfSSL_verify_mode(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
- WOLFSSL* ssl;
- WOLFSSL_CTX* ctx;
-
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ WOLFSSL* ssl = NULL;
+ WOLFSSL_CTX* ctx = NULL;
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
- AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), SSL_SUCCESS);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
- AssertNotNull(ssl = SSL_new(ctx));
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
SSL_free(ssl);
+ ssl = NULL;
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
- AssertNotNull(ssl = SSL_new(ctx));
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0);
- AssertIntEQ(SSL_CTX_get_verify_mode(ctx), SSL_VERIFY_PEER);
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
+ ExpectIntEQ(SSL_CTX_get_verify_mode(ctx), SSL_VERIFY_PEER);
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
SSL_free(ssl);
+ ssl = NULL;
wolfSSL_CTX_set_verify(ctx,
- WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
- AssertNotNull(ssl = SSL_new(ctx));
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
- AssertIntEQ(SSL_get_verify_mode(ssl),
- WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+ WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
+ ExpectIntEQ(SSL_get_verify_mode(ssl),
+ WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
wolfSSL_set_verify(ssl, SSL_VERIFY_PEER, 0);
- AssertIntEQ(SSL_CTX_get_verify_mode(ctx),
- WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
+ ExpectIntEQ(SSL_CTX_get_verify_mode(ctx),
+ WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0);
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_EXCEPT_PSK, 0);
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_EXCEPT_PSK);
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_EXCEPT_PSK);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
wolfSSL_set_verify(ssl, SSL_VERIFY_POST_HANDSHAKE, 0);
- AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_POST_HANDSHAKE);
+ ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_POST_HANDSHAKE);
#endif
- AssertIntEQ(SSL_CTX_get_verify_mode(ctx),
- WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+ ExpectIntEQ(SSL_CTX_get_verify_mode(ctx),
+ WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_verify_depth(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
- WOLFSSL* ssl;
- WOLFSSL_CTX* ctx;
+ WOLFSSL* ssl = NULL;
+ WOLFSSL_CTX* ctx = NULL;
long depth;
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
- AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), SSL_SUCCESS);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ ExpectIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0);
- AssertIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0);
- AssertNotNull(ssl = SSL_new(ctx));
- AssertIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx));
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx));
SSL_free(ssl);
+ ssl = NULL;
SSL_CTX_set_verify_depth(ctx, -1);
- AssertIntEQ(depth, SSL_CTX_get_verify_depth(ctx));
+ ExpectIntEQ(depth, SSL_CTX_get_verify_depth(ctx));
SSL_CTX_set_verify_depth(ctx, 2);
- AssertIntEQ(2, SSL_CTX_get_verify_depth(ctx));
- AssertNotNull(ssl = SSL_new(ctx));
- AssertIntEQ(2, SSL_get_verify_depth(ssl));
+ ExpectIntEQ(2, SSL_CTX_get_verify_depth(ctx));
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(2, SSL_get_verify_depth(ssl));
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
-}
-
-#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
-/* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a
- * buffer of 64 bytes.
- *
- * returns the size of the digest buffer on success and a negative value on
- * failure.
- */
-static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
-{
- HMAC_CTX ctx1;
- HMAC_CTX ctx2;
-
- unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
- "\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
- unsigned char long_key[] =
- "0123456789012345678901234567890123456789"
- "0123456789012345678901234567890123456789"
- "0123456789012345678901234567890123456789"
- "0123456789012345678901234567890123456789";
-
- unsigned char msg[] = "message to hash";
- unsigned int digestSz = 64;
- int keySz = sizeof(key);
- int long_keySz = sizeof(long_key);
- int msgSz = sizeof(msg);
-
- unsigned char digest2[64];
- unsigned int digestSz2 = 64;
-
- HMAC_CTX_init(&ctx1);
-
- AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx1);
-
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx2);
-
- AssertIntEQ(digestSz, digestSz2);
- AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
- /* test HMAC_Init with NULL key */
-
- /* init after copy */
- HMAC_CTX_init(&ctx1);
- AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
- AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx1);
-
- AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx2);
-
- AssertIntEQ(digestSz, digestSz2);
- AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
- /* long key */
- HMAC_CTX_init(&ctx1);
- AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
- AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx1);
-
- AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx2);
-
- AssertIntEQ(digestSz, digestSz2);
- AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
- /* init before copy */
- HMAC_CTX_init(&ctx1);
- AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
- AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx1);
-
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
- AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
- HMAC_CTX_cleanup(&ctx2);
-
- AssertIntEQ(digestSz, digestSz2);
- AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
- return digestSz;
+ return EXPECT_RESULT();
}
-#endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */
-static int test_wolfSSL_HMAC_CTX(void)
+static int test_wolfSSL_verify_result(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
- unsigned char digest[64];
- int digestSz;
-
- #ifndef NO_SHA
- AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha1(), digest)), 20);
- AssertIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA"
- "\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0);
- #endif /* !NO_SHA */
- #ifdef WOLFSSL_SHA224
- AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha224(), digest)), 28);
- AssertIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95"
- "\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD"
- "\x02\x0E", digest, digestSz), 0);
-
- #endif /* WOLFSSL_SHA224 */
- #ifndef NO_SHA256
- AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha256(), digest)), 32);
- AssertIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC"
- "\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2"
- "\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0);
+ EXPECT_DECLS;
+#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(OPENSSL_ALL)) && !defined(NO_WOLFSSL_CLIENT)
+ WOLFSSL* ssl = NULL;
+ WOLFSSL_CTX* ctx = NULL;
+ long result = 0xDEADBEEF;
- #endif /* !NO_SHA256 */
+ ExpectIntEQ(WOLFSSL_FAILURE, wolfSSL_get_verify_result(ssl));
- #ifdef WOLFSSL_SHA384
- AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha384(), digest)), 48);
- AssertIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7"
- "\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25"
- "\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7"
- "\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB",
- digest, digestSz), 0);
- #endif /* WOLFSSL_SHA384 */
- #ifdef WOLFSSL_SHA512
- AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha512(), digest)), 64);
- AssertIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD"
- "\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10"
- "\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60"
- "\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60"
- "\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0",
- digest, digestSz), 0);
- #endif /* WOLFSSL_SHA512 */
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ ExpectNotNull(ssl = SSL_new(ctx));
- #if !defined(NO_MD5) && (!defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2)
- AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_md5(), digest)), 16);
- AssertIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F"
- "\xE4\x98\xDD", digest, digestSz), 0);
- #endif /* !NO_MD5 */
+ wolfSSL_set_verify_result(ssl, result);
+ ExpectIntEQ(result, wolfSSL_get_verify_result(ssl));
- res = TEST_RES_CHECK(1);
+ SSL_free(ssl);
+ SSL_CTX_free(ctx);
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
@@ -47358,124 +46615,21 @@ static void sslMsgCb(int w, int version, int type, const void* buf,
static int test_wolfSSL_msg_callback(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
- WOLFSSL* ssl;
- WOLFSSL_CTX* ctx;
-
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
- SSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
- SSL_FILETYPE_PEM));
- AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
- SSL_SUCCESS);
+ WOLFSSL* ssl = NULL;
+ WOLFSSL_CTX* ctx = NULL;
- AssertNotNull(ssl = SSL_new(ctx));
- AssertIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS);
- AssertIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS);
- AssertIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS);
+ ExpectIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS);
+ ExpectIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE);
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_SHA(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST)
- #if !defined(NO_SHA) && defined(NO_OLD_SHA_NAMES) && \
- (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
- {
- const unsigned char in[] = "abc";
- unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
- "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D";
- unsigned char out[WC_SHA_DIGEST_SIZE];
-
- XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
- AssertNotNull(SHA1(in, XSTRLEN((char*)in), out));
- AssertIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
-
- /* SHA interface test */
- XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
-
- AssertNull(SHA(NULL, XSTRLEN((char*)in), out));
- AssertNotNull(SHA(in, 0, out));
- AssertNotNull(SHA(in, XSTRLEN((char*)in), NULL));
- AssertNotNull(SHA(NULL, 0, out));
- AssertNotNull(SHA(NULL, 0, NULL));
-
- AssertNotNull(SHA(in, XSTRLEN((char*)in), out));
- AssertIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
- }
- #endif
-
- #if !defined(NO_SHA256)
- {
- const unsigned char in[] = "abc";
- unsigned char expected[] = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
- "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
- "\x15\xAD";
- unsigned char out[WC_SHA256_DIGEST_SIZE];
-
- XMEMSET(out, 0, WC_SHA256_DIGEST_SIZE);
-#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
- AssertNotNull(SHA256(in, XSTRLEN((char*)in), out));
-#else
- AssertNotNull(wolfSSL_SHA256(in, XSTRLEN((char*)in), out));
#endif
- AssertIntEQ(XMEMCMP(out, expected, WC_SHA256_DIGEST_SIZE), 0);
- }
- #endif
-
- #if defined(WOLFSSL_SHA384)
- {
- const unsigned char in[] = "abc";
- unsigned char expected[] = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
- "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
- "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
- "\xc8\x25\xa7";
- unsigned char out[WC_SHA384_DIGEST_SIZE];
-
- XMEMSET(out, 0, WC_SHA384_DIGEST_SIZE);
-#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
- AssertNotNull(SHA384(in, XSTRLEN((char*)in), out));
-#else
- AssertNotNull(wolfSSL_SHA384(in, XSTRLEN((char*)in), out));
-#endif
- AssertIntEQ(XMEMCMP(out, expected, WC_SHA384_DIGEST_SIZE), 0);
- }
- #endif
-
- #if defined(WOLFSSL_SHA512)
- {
- const unsigned char in[] = "abc";
- unsigned char expected[] = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
- "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
- "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
- "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
- "\xa5\x4c\xa4\x9f";
- unsigned char out[WC_SHA512_DIGEST_SIZE];
-
- XMEMSET(out, 0, WC_SHA512_DIGEST_SIZE);
-#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
- AssertNotNull(SHA512(in, XSTRLEN((char*)in), out));
-#else
- AssertNotNull(wolfSSL_SHA512(in, XSTRLEN((char*)in), out));
-#endif
- AssertIntEQ(XMEMCMP(out, expected, WC_SHA512_DIGEST_SIZE), 0);
- }
- #endif
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
+ return EXPECT_RESULT();
}
/* test_EVP_Cipher_extra, Extra-test on EVP_CipherUpdate/Final. see also test.c */
@@ -47555,10 +46709,9 @@ static void set_plain(unsigned char *plain, int rec)
static int test_wolfSSL_EVP_Cipher_extra(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) &&\
(!defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128))
-
/* aes128-cbc, keylen=16, ivlen=16 */
byte aes128_cbc_key[] = {
0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef,
@@ -47598,7 +46751,8 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
byte inb[BUFFSZ];
byte outb[BUFFSZ+16];
- int outl, inl;
+ int outl = 0;
+ int inl;
iv = aes128_cbc_iv;
ivlen = sizeof(aes128_cbc_iv);
@@ -47610,33 +46764,34 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
SSL_library_init();
- AssertNotNull(evp = EVP_CIPHER_CTX_new());
- AssertIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
+ ExpectNotNull(evp = EVP_CIPHER_CTX_new());
+ ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
- AssertIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
+ ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
klen = EVP_CIPHER_CTX_key_length(evp);
if (klen > 0 && keylen != klen) {
- AssertIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
+ ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
}
ilen = EVP_CIPHER_CTX_iv_length(evp);
if (ilen > 0 && ivlen != ilen) {
- AssertIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
+ ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
}
- AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+ ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
for (j = 0; j<RECORDS; j++)
{
inl = BUFFSZ;
get_record(plain, inb, inl);
- AssertIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, inb, inl)), 0);
+ ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, inb, inl)), 0);
set_record(cipher, outb, outl);
}
for (i = 0; test_drive[i]; i++) {
- AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+ ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+
init_offset();
test_drive_len[i] = 0;
@@ -47646,7 +46801,8 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
test_drive_len[i] += inl;
get_record(plain, inb, inl);
- AssertIntNE((ret = EVP_EncryptUpdate(evp, outb, &outl, inb, inl)), 0);
+ ExpectIntNE((ret = EVP_EncryptUpdate(evp, outb, &outl, inb, inl)),
+ 0);
/* output to cipher buffer, so that following Dec test can detect
if any error */
set_record(cipher, outb, outl);
@@ -47659,10 +46815,9 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
}
for (i = 0; test_drive[i]; i++) {
+ last_val = 0x0f;
- last_val = 0x0f;
-
- AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 0)), 0);
+ ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 0)), 0);
init_offset();
@@ -47670,61 +46825,63 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
inl = test_drive[i][j];
get_record(cipher, inb, inl);
- AssertIntNE((ret = EVP_DecryptUpdate(evp, outb, &outl, inb, inl)), 0);
+ ExpectIntNE((ret = EVP_DecryptUpdate(evp, outb, &outl, inb, inl)),
+ 0);
binary_dump(outb, outl);
- AssertIntEQ((ret = check_result(outb, outl)), 0);
- AssertFalse(outl > ((inl/16+1)*16) && outl > 16);
+ ExpectIntEQ((ret = check_result(outb, outl)), 0);
+ ExpectFalse(outl > ((inl/16+1)*16) && outl > 16);
}
ret = EVP_CipherFinal(evp, outb, &outl);
+
binary_dump(outb, outl);
ret = (((test_drive_len[i] % 16) != 0) && (ret == 0)) ||
(((test_drive_len[i] % 16) == 0) && (ret == 1));
- AssertTrue(ret);
+ ExpectTrue(ret);
}
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(evp), WOLFSSL_SUCCESS);
EVP_CIPHER_CTX_free(evp);
+ evp = NULL;
/* Do an extra test to verify correct behavior with empty input. */
- AssertNotNull(evp = EVP_CIPHER_CTX_new());
- AssertIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
+ ExpectNotNull(evp = EVP_CIPHER_CTX_new());
+ ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
- AssertIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
+ ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
klen = EVP_CIPHER_CTX_key_length(evp);
if (klen > 0 && keylen != klen) {
- AssertIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
+ ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
}
ilen = EVP_CIPHER_CTX_iv_length(evp);
if (ilen > 0 && ivlen != ilen) {
- AssertIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
+ ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
}
- AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+ ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
/* outl should be set to 0 after passing NULL, 0 for input args. */
outl = -1;
- AssertIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, NULL, 0)), 0);
- AssertIntEQ(outl, 0);
+ ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, NULL, 0)), 0);
+ ExpectIntEQ(outl, 0);
EVP_CIPHER_CTX_free(evp);
-
- res = TEST_RES_CHECK(1);
#endif /* test_EVP_Cipher */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_DHparams(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && \
!defined(NO_FILESYSTEM)
- DH* dh;
- XFILE fp;
+ DH* dh = NULL;
+ XFILE fp = XBADFILE;
unsigned char derOut[300];
unsigned char* derOutBuf = derOut;
int derOutSz = 0;
@@ -47736,618 +46893,145 @@ static int test_wolfSSL_PEM_read_DHparams(void)
XMEMSET(derExpected, 0, sizeof(derExpected));
/* open DH param file, read into DH struct */
- AssertNotNull(fp = XFOPEN(dhParamFile, "rb"));
+ ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE);
/* bad args */
- AssertNull(dh = PEM_read_DHparams(NULL, &dh, NULL, NULL));
- AssertNull(dh = PEM_read_DHparams(NULL, NULL, NULL, NULL));
+ ExpectNull(dh = PEM_read_DHparams(NULL, &dh, NULL, NULL));
+ ExpectNull(dh = PEM_read_DHparams(NULL, NULL, NULL, NULL));
/* good args */
- AssertNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
- XFCLOSE(fp);
+ ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
/* read in certs/dh2048.der for comparison against exported params */
- fp = XFOPEN("./certs/dh2048.der", "rb");
- AssertTrue(fp != XBADFILE);
- derExpectedSz = (int)XFREAD(derExpected, 1, sizeof(derExpected), fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE);
+ ExpectIntGT(derExpectedSz = (int)XFREAD(derExpected, 1, sizeof(derExpected),
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
/* export DH back to DER and compare */
derOutSz = wolfSSL_i2d_DHparams(dh, &derOutBuf);
- AssertIntEQ(derOutSz, derExpectedSz);
- AssertIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0);
+ ExpectIntEQ(derOutSz, derExpectedSz);
+ ExpectIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0);
DH_free(dh);
dh = NULL;
/* Test parsing with X9.42 header */
- fp = XFOPEN("./certs/x942dh2048.pem", "rb");
- AssertNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/x942dh2048.pem", "rb")) != XBADFILE);
+ ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
DH_free(dh);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_AES_ecb_encrypt(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB)
- AES_KEY aes;
- const byte msg[] =
- {
- 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
- 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
- };
-
- const byte verify[] =
- {
- 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
- 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
- };
-
- const byte key[] =
- {
- 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
- 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
- 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
- 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
- };
-
-
- byte out[AES_BLOCK_SIZE];
-
- AssertIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
- XMEMSET(out, 0, AES_BLOCK_SIZE);
- AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
- AssertIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
-
-#ifdef HAVE_AES_DECRYPT
- AssertIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
- XMEMSET(out, 0, AES_BLOCK_SIZE);
- AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
- AssertIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
-#endif
-
- /* test bad arguments */
- AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
- AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
- AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_MD5(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
- byte input1[] = "";
- byte input2[] = "message digest";
- byte hash[WC_MD5_DIGEST_SIZE];
- unsigned char output1[] =
- "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e";
- unsigned char output2[] =
- "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0";
- WOLFSSL_MD5_CTX md5;
-
- XMEMSET(&md5, 0, sizeof(md5));
-
- /* Test cases for illegal parameters */
- AssertIntEQ(MD5_Init(NULL), 0);
- AssertIntEQ(MD5_Init(&md5), 1);
- AssertIntEQ(MD5_Update(NULL, input1, 0), 0);
- AssertIntEQ(MD5_Update(NULL, NULL, 0), 0);
- AssertIntEQ(MD5_Update(&md5, NULL, 1), 0);
- AssertIntEQ(MD5_Final(NULL, &md5), 0);
- AssertIntEQ(MD5_Final(hash, NULL), 0);
- AssertIntEQ(MD5_Final(NULL, NULL), 0);
-
- /* Init MD5 CTX */
- AssertIntEQ(wolfSSL_MD5_Init(&md5), 1);
- AssertIntEQ(wolfSSL_MD5_Update(&md5, input1,
- XSTRLEN((const char*)&input1)), 1);
- AssertIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
- AssertIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
-
- /* Init MD5 CTX */
- AssertIntEQ(wolfSSL_MD5_Init(&md5), 1);
- AssertIntEQ(wolfSSL_MD5_Update(&md5, input2,
- (int)XSTRLEN((const char*)input2)), 1);
- AssertIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
- AssertIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
-#if !defined(NO_OLD_NAMES) && \
- (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
- AssertPtrNE(MD5(NULL, 1, (byte*)&hash), &hash);
- AssertPtrEq(MD5(input1, 0, (byte*)&hash), &hash);
- AssertPtrNE(MD5(input1, 1, NULL), NULL);
- AssertPtrNE(MD5(NULL, 0, NULL), NULL);
-
- AssertPtrEq(MD5(input1, (int)XSTRLEN((const char*)&input1), (byte*)&hash), &hash);
- AssertIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
-
- AssertPtrEq(MD5(input2, (int)XSTRLEN((const char*)&input2), (byte*)&hash), &hash);
- AssertIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
- {
- byte data[] = "Data to be hashed.";
- XMEMSET(hash, 0, WC_MD5_DIGEST_SIZE);
-
- AssertNotNull(MD5(data, sizeof(data), NULL));
- AssertNotNull(MD5(data, sizeof(data), hash));
- AssertNotNull(MD5(NULL, 0, hash));
- AssertNull(MD5(NULL, sizeof(data), hash));
- }
-#endif
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_MD5_Transform(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
- byte input1[] = "";
- byte input2[] = "abc";
- byte local[WC_MD5_BLOCK_SIZE];
- word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
- unsigned char output1[] =
- "\x03\x1f\x1d\xac\x6e\xa5\x8e\xd0\x1f\xab\x67\xb7\x74\x31\x77\x91";
- unsigned char output2[] =
- "\xef\xd3\x79\x8d\x67\x17\x25\x90\xa4\x13\x79\xc7\xe3\xa7\x7b\xbc";
-#else
- unsigned char output1[] =
- "\xac\x1d\x1f\x03\xd0\x8e\xa5\x6e\xb7\x67\xab\x1f\x91\x77\x31\x74";
- unsigned char output2[] =
- "\x8d\x79\xd3\xef\x90\x25\x17\x67\xc7\x79\x13\xa4\xbc\x7b\xa7\xe3";
-#endif
-
- union {
- wc_Md5 native;
- MD5_CTX compat;
- } md5;
-
- XMEMSET(&md5.compat, 0, sizeof(md5.compat));
- XMEMSET(&local, 0, sizeof(local));
-
- /* sanity check */
- AssertIntEQ(MD5_Transform(NULL, NULL), 0);
- AssertIntEQ(MD5_Transform(NULL, (const byte*)&input1), 0);
- AssertIntEQ(MD5_Transform(&md5.compat, NULL), 0);
- AssertIntEQ(wc_Md5Transform(NULL, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wc_Md5Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
- AssertIntEQ(wc_Md5Transform(&md5.native, NULL), BAD_FUNC_ARG);
-
- /* Init MD5 CTX */
- AssertIntEQ(wolfSSL_MD5_Init(&md5.compat), 1);
- /* Do Transform*/
- sLen = (word32)XSTRLEN((char*)input1);
- XMEMCPY(local, input1, sLen);
- AssertIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
-
- AssertIntEQ(XMEMCMP(md5.native.digest, output1,
- WC_MD5_DIGEST_SIZE), 0);
-
- /* Init MD5 CTX */
- AssertIntEQ(MD5_Init(&md5.compat), 1);
- sLen = (word32)XSTRLEN((char*)input2);
- XMEMSET(local, 0, WC_MD5_BLOCK_SIZE);
- XMEMCPY(local, input2, sLen);
- AssertIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(md5.native.digest, output2,
- WC_MD5_DIGEST_SIZE), 0);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_SHA224(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224) && \
- !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
- unsigned char input[] =
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- unsigned char output[] =
- "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
- "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25";
- size_t inLen;
- byte hash[WC_SHA224_DIGEST_SIZE];
-
- inLen = XSTRLEN((char*)input);
-
- XMEMSET(hash, 0, WC_SHA224_DIGEST_SIZE);
-
- AssertNull(SHA224(NULL, inLen, hash));
- AssertNotNull(SHA224(input, 0, hash));
- AssertNotNull(SHA224(input, inLen, NULL));
- AssertNotNull(SHA224(NULL, 0, hash));
- AssertNotNull(SHA224(NULL, 0, NULL));
-
- AssertNotNull(SHA224(input, inLen, hash));
- AssertIntEQ(XMEMCMP(hash, output, WC_SHA224_DIGEST_SIZE), 0);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-static int test_wolfSSL_SHA_Transform(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA)
-#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
- byte input1[] = "";
- byte input2[] = "abc";
- byte local[WC_SHA_BLOCK_SIZE];
- word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
- unsigned char output1[] =
- "\x92\xb4\x04\xe5\x56\x58\x8c\xed\x6c\x1a\xcd\x4e\xbf\x05\x3f\x68"
- "\x09\xf7\x3a\x93";
- unsigned char output2[] =
- "\x97\xb2\x74\x8b\x4f\x5b\xbc\xca\x5b\xc0\xe6\xea\x2d\x40\xb4\xa0"
- "\x7c\x6e\x08\xb8";
-#else
- unsigned char output1[] =
- "\xe5\x04\xb4\x92\xed\x8c\x58\x56\x4e\xcd\x1a\x6c\x68\x3f\x05\xbf"
- "\x93\x3a\xf7\x09";
- unsigned char output2[] =
- "\x8b\x74\xb2\x97\xca\xbc\x5b\x4f\xea\xe6\xc0\x5b\xa0\xb4\x40\x2d"
- "\xb8\x08\x6e\x7c";
-#endif
-
- union {
- wc_Sha native;
- SHA_CTX compat;
- } sha;
- union {
- wc_Sha native;
- SHA_CTX compat;
- } sha1;
-
- XMEMSET(&sha.compat, 0, sizeof(sha.compat));
- XMEMSET(&local, 0, sizeof(local));
-
- /* sanity check */
- AssertIntEQ(SHA_Transform(NULL, NULL), 0);
- AssertIntEQ(SHA_Transform(NULL, (const byte*)&input1), 0);
- AssertIntEQ(SHA_Transform(&sha.compat, NULL), 0);
- AssertIntEQ(SHA1_Transform(NULL, NULL), 0);
- AssertIntEQ(SHA1_Transform(NULL, (const byte*)&input1), 0);
- AssertIntEQ(SHA1_Transform(&sha.compat, NULL), 0);
- AssertIntEQ(wc_ShaTransform(NULL, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wc_ShaTransform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
- AssertIntEQ(wc_ShaTransform(&sha.native, NULL), BAD_FUNC_ARG);
-
- /* Init SHA CTX */
- AssertIntEQ(SHA_Init(&sha.compat), 1);
- /* Do Transform*/
- sLen = (word32)XSTRLEN((char*)input1);
- XMEMCPY(local, input1, sLen);
- AssertIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha.native.digest, output1,
- WC_SHA_DIGEST_SIZE), 0);
- AssertIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
-
- /* Init SHA CTX */
- AssertIntEQ(SHA_Init(&sha.compat), 1);
- sLen = (word32)XSTRLEN((char*)input2);
- XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
- XMEMCPY(local, input2, sLen);
- AssertIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha.native.digest, output2,
- WC_SHA_DIGEST_SIZE), 0);
- AssertIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
-
- /* SHA1 */
- XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
- /* Init SHA CTX */
- AssertIntEQ(SHA1_Init(&sha1.compat), 1);
- /* Do Transform*/
- sLen = (word32)XSTRLEN((char*)input1);
- XMEMCPY(local, input1, sLen);
- AssertIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha1.native.digest, output1,
- WC_SHA_DIGEST_SIZE), 0);
- AssertIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
-
- /* Init SHA CTX */
- AssertIntEQ(SHA1_Init(&sha1.compat), 1);
- sLen = (word32)XSTRLEN((char*)input2);
- XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
- XMEMCPY(local, input2, sLen);
- AssertIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha1.native.digest, output2,
- WC_SHA_DIGEST_SIZE), 0);
- AssertIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
-
- res = TEST_RES_CHECK(1);
-#endif
-#endif
- return res;
-}
-
-static int test_wolfSSL_SHA256_Transform(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
-#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
- !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
- !defined(WOLFSSL_KCAPI_HASH)
- byte input1[] = "";
- byte input2[] = "abc";
- byte local[WC_SHA256_BLOCK_SIZE];
- word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
- unsigned char output1[] =
- "\xda\x56\x98\xbe\x17\xb9\xb4\x69\x62\x33\x57\x99\x77\x9f\xbe\xca"
- "\x8c\xe5\xd4\x91\xc0\xd2\x62\x43\xba\xfe\xf9\xea\x18\x37\xa9\xd8";
- unsigned char output2[] =
- "\x1d\x4e\xd4\x67\x67\x7c\x61\x67\x44\x10\x76\x26\x78\x10\xff\xb8"
- "\x40\xc8\x9a\x39\x73\x16\x60\x8c\xa6\x61\xd6\x05\x91\xf2\x8c\x35";
-#else
- unsigned char output1[] =
- "\xbe\x98\x56\xda\x69\xb4\xb9\x17\x99\x57\x33\x62\xca\xbe\x9f\x77"
- "\x91\xd4\xe5\x8c\x43\x62\xd2\xc0\xea\xf9\xfe\xba\xd8\xa9\x37\x18";
- unsigned char output2[] =
- "\x67\xd4\x4e\x1d\x67\x61\x7c\x67\x26\x76\x10\x44\xb8\xff\x10\x78"
- "\x39\x9a\xc8\x40\x8c\x60\x16\x73\x05\xd6\x61\xa6\x35\x8c\xf2\x91";
-#endif
- union {
- wc_Sha256 native;
- SHA256_CTX compat;
- } sha256;
-
- XMEMSET(&sha256.compat, 0, sizeof(sha256.compat));
- XMEMSET(&local, 0, sizeof(local));
-
- /* sanity check */
- AssertIntEQ(SHA256_Transform(NULL, NULL), 0);
- AssertIntEQ(SHA256_Transform(NULL, (const byte*)&input1), 0);
- AssertIntEQ(SHA256_Transform(&sha256.compat, NULL), 0);
- AssertIntEQ(wc_Sha256Transform(NULL, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wc_Sha256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
- AssertIntEQ(wc_Sha256Transform(&sha256.native, NULL), BAD_FUNC_ARG);
-
- /* Init SHA256 CTX */
- AssertIntEQ(SHA256_Init(&sha256.compat), 1);
- /* Do Transform*/
- sLen = (word32)XSTRLEN((char*)input1);
- XMEMCPY(local, input1, sLen);
- AssertIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha256.native.digest, output1,
- WC_SHA256_DIGEST_SIZE), 0);
- AssertIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
-
- /* Init SHA256 CTX */
- AssertIntEQ(SHA256_Init(&sha256.compat), 1);
- sLen = (word32)XSTRLEN((char*)input2);
- XMEMSET(local, 0, WC_SHA256_BLOCK_SIZE);
- XMEMCPY(local, input2, sLen);
- AssertIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha256.native.digest, output2,
- WC_SHA256_DIGEST_SIZE), 0);
- AssertIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
-
- res = TEST_RES_CHECK(1);
-#endif
#endif
- return res;
-}
-
-static int test_wolfSSL_SHA256(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
- defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
- unsigned char input[] =
- "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
- unsigned char output[] =
- "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
- "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
- "\x06\xC1";
- size_t inLen;
- byte hash[WC_SHA256_DIGEST_SIZE];
-
- inLen = XSTRLEN((char*)input);
-
- XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
- AssertNotNull(SHA256(input, inLen, hash));
- AssertIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
+ return EXPECT_RESULT();
}
-static int test_wolfSSL_SHA512_Transform(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512)
-#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
- !defined(WOLFSSL_KCAPI_HASH)
- byte input1[] = "";
- byte input2[] = "abc";
- byte local[WC_SHA512_BLOCK_SIZE];
- word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
- unsigned char output1[] =
- "\xcf\x78\x81\xd5\x77\x4a\xcb\xe8\x53\x33\x62\xe0\xfb\xc7\x80\x70"
- "\x02\x67\x63\x9d\x87\x46\x0e\xda\x30\x86\xcb\x40\xe8\x59\x31\xb0"
- "\x71\x7d\xc9\x52\x88\xa0\x23\xa3\x96\xba\xb2\xc1\x4c\xe0\xb5\xe0"
- "\x6f\xc4\xfe\x04\xea\xe3\x3e\x0b\x91\xf4\xd8\x0c\xbd\x66\x8b\xee";
- unsigned char output2[] =
- "\x11\x10\x93\x4e\xeb\xa0\xcc\x0d\xfd\x33\x43\x9c\xfb\x04\xc8\x21"
- "\xa9\xb4\x26\x3d\xca\xab\x31\x41\xe2\xc6\xaa\xaf\xe1\x67\xd7\xab"
- "\x31\x8f\x2e\x54\x2c\xba\x4e\x83\xbe\x88\xec\x9d\x8f\x2b\x38\x98"
- "\x14\xd2\x4e\x9d\x53\x8b\x5e\x4d\xde\x68\x6c\x69\xaf\x20\x96\xf0";
-#else
- unsigned char output1[] =
- "\xe8\xcb\x4a\x77\xd5\x81\x78\xcf\x70\x80\xc7\xfb\xe0\x62\x33\x53"
- "\xda\x0e\x46\x87\x9d\x63\x67\x02\xb0\x31\x59\xe8\x40\xcb\x86\x30"
- "\xa3\x23\xa0\x88\x52\xc9\x7d\x71\xe0\xb5\xe0\x4c\xc1\xb2\xba\x96"
- "\x0b\x3e\xe3\xea\x04\xfe\xc4\x6f\xee\x8b\x66\xbd\x0c\xd8\xf4\x91";
- unsigned char output2[] =
- "\x0d\xcc\xa0\xeb\x4e\x93\x10\x11\x21\xc8\x04\xfb\x9c\x43\x33\xfd"
- "\x41\x31\xab\xca\x3d\x26\xb4\xa9\xab\xd7\x67\xe1\xaf\xaa\xc6\xe2"
- "\x83\x4e\xba\x2c\x54\x2e\x8f\x31\x98\x38\x2b\x8f\x9d\xec\x88\xbe"
- "\x4d\x5e\x8b\x53\x9d\x4e\xd2\x14\xf0\x96\x20\xaf\x69\x6c\x68\xde";
-#endif
- union {
- wc_Sha512 native;
- SHA512_CTX compat;
- } sha512;
-
- XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
- XMEMSET(&local, 0, sizeof(local));
-
- /* sanity check */
- AssertIntEQ(SHA512_Transform(NULL, NULL), 0);
- AssertIntEQ(SHA512_Transform(NULL, (const byte*)&input1), 0);
- AssertIntEQ(SHA512_Transform(&sha512.compat, NULL), 0);
- AssertIntEQ(wc_Sha512Transform(NULL, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wc_Sha512Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
- AssertIntEQ(wc_Sha512Transform(&sha512.native, NULL), BAD_FUNC_ARG);
-
- /* Init SHA512 CTX */
- AssertIntEQ(wolfSSL_SHA512_Init(&sha512.compat), 1);
-
- /* Do Transform*/
- sLen = (word32)XSTRLEN((char*)input1);
- XMEMCPY(local, input1, sLen);
- AssertIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha512.native.digest, output1,
- WC_SHA512_DIGEST_SIZE), 0);
- AssertIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
-
- /* Init SHA512 CTX */
- AssertIntEQ(SHA512_Init(&sha512.compat), 1);
- sLen = (word32)XSTRLEN((char*)input2);
- XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
- XMEMCPY(local, input2, sLen);
- AssertIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
- AssertIntEQ(XMEMCMP(sha512.native.digest, output2,
- WC_SHA512_DIGEST_SIZE), 0);
- AssertIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
-
- (void)input1;
-
- res = TEST_RES_CHECK(1);
-#endif
-#endif
- return res;
-}
static int test_wolfSSL_X509_get_serialNumber(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
- ASN1_INTEGER* a;
- BIGNUM* bn;
- X509* x509;
- char *serialHex;
+ ASN1_INTEGER* a = NULL;
+ BIGNUM* bn = NULL;
+ X509* x509 = NULL;
+ char *serialHex = NULL;
byte serial[3];
int serialSz;
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
- SSL_FILETYPE_PEM));
- AssertNotNull(a = X509_get_serialNumber(x509));
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+ SSL_FILETYPE_PEM));
+ ExpectNotNull(a = X509_get_serialNumber(x509));
/* check on value of ASN1 Integer */
- AssertNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
-
+ ExpectNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
+ a = NULL;
/* test setting serial number and then retrieving it */
- AssertNotNull(a = ASN1_INTEGER_new());
- ASN1_INTEGER_set(a, 3);
- AssertIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
+ ExpectNotNull(a = ASN1_INTEGER_new());
+ ExpectIntEQ(ASN1_INTEGER_set(a, 3), 1);
+ ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
serialSz = sizeof(serial);
- AssertIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
- WOLFSSL_SUCCESS);
- AssertIntEQ(serialSz, 1);
- AssertIntEQ(serial[0], 3);
+ ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(serialSz, 1);
+ ExpectIntEQ(serial[0], 3);
ASN1_INTEGER_free(a);
+ a = NULL;
/* test setting serial number with 0's in it */
serial[0] = 0x01;
serial[1] = 0x00;
serial[2] = 0x02;
- AssertNotNull(a = wolfSSL_ASN1_INTEGER_new());
- a->data[0] = ASN_INTEGER;
- a->data[1] = sizeof(serial);
- XMEMCPY(&a->data[2], serial, sizeof(serial));
- a->length = sizeof(serial) + 2;
- AssertIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
+ ExpectNotNull(a = wolfSSL_ASN1_INTEGER_new());
+ if (a != NULL) {
+ a->data[0] = ASN_INTEGER;
+ a->data[1] = sizeof(serial);
+ XMEMCPY(&a->data[2], serial, sizeof(serial));
+ a->length = sizeof(serial) + 2;
+ }
+ ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
XMEMSET(serial, 0, sizeof(serial));
serialSz = sizeof(serial);
- AssertIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
- WOLFSSL_SUCCESS);
- AssertIntEQ(serialSz, 3);
- AssertIntEQ(serial[0], 0x01);
- AssertIntEQ(serial[1], 0x00);
- AssertIntEQ(serial[2], 0x02);
+ ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(serialSz, 3);
+ ExpectIntEQ(serial[0], 0x01);
+ ExpectIntEQ(serial[1], 0x00);
+ ExpectIntEQ(serial[2], 0x02);
ASN1_INTEGER_free(a);
+ a = NULL;
X509_free(x509); /* free's a */
- AssertNotNull(serialHex = BN_bn2hex(bn));
+ ExpectNotNull(serialHex = BN_bn2hex(bn));
#ifndef WC_DISABLE_RADIX_ZERO_PAD
- AssertStrEQ(serialHex, "01");
+ ExpectStrEQ(serialHex, "01");
#else
- AssertStrEQ(serialHex, "1");
+ ExpectStrEQ(serialHex, "1");
#endif
OPENSSL_free(serialHex);
-
- AssertIntEQ(BN_get_word(bn), 1);
-
+ ExpectIntEQ(BN_get_word(bn), 1);
BN_free(bn);
/* hard test free'ing with dynamic buffer to make sure there is no leaks */
- a = ASN1_INTEGER_new();
- if (a) {
- AssertNotNull(a->data = (unsigned char*)XMALLOC(100, NULL,
- DYNAMIC_TYPE_OPENSSL));
+ ExpectNotNull(a = ASN1_INTEGER_new());
+ if (a != NULL) {
+ ExpectNotNull(a->data = (unsigned char*)XMALLOC(100, NULL,
+ DYNAMIC_TYPE_OPENSSL));
a->isDynamic = 1;
ASN1_INTEGER_free(a);
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OpenSSL_add_all_algorithms(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
- AssertIntEQ(wolfSSL_add_all_algorithms(),WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_add_all_algorithms(), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(),WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(),WOLFSSL_SUCCESS);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(), WOLFSSL_SUCCESS);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OPENSSL_hexstr2buf(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#define MAX_HEXSTR_BUFSZ 9
#define NUM_CASES 5
@@ -48375,94 +47059,89 @@ static int test_wolfSSL_OPENSSL_hexstr2buf(void)
long len = 0;
unsigned char* returnedBuf = NULL;
- for (i = 0; i < NUM_CASES; ++i) {
+ for (i = 0; i < NUM_CASES && EXPECT_SUCCESS(); ++i) {
returnedBuf = wolfSSL_OPENSSL_hexstr2buf(inputs[i], &len);
-
if (returnedBuf == NULL) {
- AssertIntEQ(expectedOutputs[i].ret, 0);
+ ExpectIntEQ(expectedOutputs[i].ret, 0);
continue;
}
- AssertIntEQ(expectedOutputs[i].ret, len);
+ ExpectIntEQ(expectedOutputs[i].ret, len);
for (j = 0; j < len; ++j) {
- AssertIntEQ(expectedOutputs[i].buffer[j], returnedBuf[j]);
+ ExpectIntEQ(expectedOutputs[i].buffer[j], returnedBuf[j]);
}
OPENSSL_free(returnedBuf);
+ returnedBuf = NULL;
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_CA_num(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
defined(HAVE_ECC) && !defined(NO_RSA)
- WOLFSSL_X509_STORE *store;
- WOLFSSL_X509 *x509_1, *x509_2;
+ WOLFSSL_X509_STORE *store = NULL;
+ WOLFSSL_X509 *x509_1 = NULL;
+ WOLFSSL_X509 *x509_2 = NULL;
int ca_num = 0;
- store = wolfSSL_X509_STORE_new();
- x509_1 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
- wolfSSL_X509_STORE_add_cert(store, x509_1);
- ca_num = wolfSSL_X509_CA_num(store);
- AssertIntEQ(ca_num, 1);
+ ExpectNotNull(store = wolfSSL_X509_STORE_new());
+ ExpectNotNull(x509_1 = wolfSSL_X509_load_certificate_file(svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_1), 1);
+ ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 1);
- x509_2 = wolfSSL_X509_load_certificate_file(eccCertFile, WOLFSSL_FILETYPE_PEM);
- wolfSSL_X509_STORE_add_cert(store, x509_2);
- ca_num = wolfSSL_X509_CA_num(store);
- AssertIntEQ(ca_num, 2);
+ ExpectNotNull(x509_2 = wolfSSL_X509_load_certificate_file(eccCertFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_2), 1);
+ ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 2);
wolfSSL_X509_free(x509_1);
wolfSSL_X509_free(x509_2);
wolfSSL_X509_STORE_free(store);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_ca(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
- WOLFSSL_X509 *x509;
+ WOLFSSL_X509 *x509 = NULL;
- x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
- AssertIntEQ(wolfSSL_X509_check_ca(x509), 1);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(wolfSSL_X509_check_ca(x509), 1);
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_check_ip_asc(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
- WOLFSSL_X509 *x509;
+ WOLFSSL_X509 *x509 = NULL;
- x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
+ WOLFSSL_FILETYPE_PEM));
#if 0
/* TODO: add cert gen for testing positive case */
- AssertIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.0.0.1", 0), 1);
+ ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.0.0.1", 0), 1);
#endif
- AssertIntEQ(wolfSSL_X509_check_ip_asc(x509, "0.0.0.0", 0), 0);
- AssertIntEQ(wolfSSL_X509_check_ip_asc(x509, NULL, 0), 0);
+ ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "0.0.0.0", 0), 0);
+ ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, NULL, 0), 0);
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_make_cert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && \
defined(WOLFSSL_CERT_EXT)
int ret;
@@ -48477,7 +47156,7 @@ static int test_wolfSSL_make_cert(void)
#ifdef OPENSSL_EXTRA
const unsigned char* pt;
int certSz;
- X509* x509;
+ X509* x509 = NULL;
X509_NAME* x509name;
X509_NAME_ENTRY* entry;
ASN1_STRING* entryValue;
@@ -48523,20 +47202,20 @@ static int test_wolfSSL_make_cert(void)
#endif
#endif /* WOLFSSL_MULTI_ATTRIB */
- AssertIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+ ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
#ifndef HAVE_FIPS
- AssertIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
+ ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
#else
- AssertIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
#endif
/* load test RSA key */
idx = 0;
#if defined(USE_CERT_BUFFERS_1024)
- AssertIntEQ(wc_RsaPrivateKeyDecode(server_key_der_1024, &idx, &key,
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_1024, &idx, &key,
sizeof_server_key_der_1024), 0);
#elif defined(USE_CERT_BUFFERS_2048)
- AssertIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key,
+ ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key,
sizeof_server_key_der_2048), 0);
#else
/* error case, no RSA key loaded, happens later */
@@ -48544,7 +47223,7 @@ static int test_wolfSSL_make_cert(void)
#endif
XMEMSET(&cert, 0 , sizeof(Cert));
- AssertIntEQ(wc_InitCert(&cert), 0);
+ ExpectIntEQ(wc_InitCert(&cert), 0);
XMEMCPY(&cert.subject, &name, sizeof(CertName));
XMEMCPY(cert.serial, mySerial, sizeof(mySerial));
@@ -48557,10 +47236,10 @@ static int test_wolfSSL_make_cert(void)
#endif
/* add SKID from the Public Key */
- AssertIntEQ(wc_SetSubjectKeyIdFromPublicKey(&cert, &key, NULL), 0);
+ ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey(&cert, &key, NULL), 0);
/* add AKID from the Public Key */
- AssertIntEQ(wc_SetAuthKeyIdFromPublicKey(&cert, &key, NULL), 0);
+ ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey(&cert, &key, NULL), 0);
ret = 0;
do {
@@ -48571,463 +47250,89 @@ static int test_wolfSSL_make_cert(void)
ret = wc_MakeSelfCert(&cert, der, FOURK_BUF, &key, &rng);
}
} while (ret == WC_PENDING_E);
- AssertIntGT(ret, 0);
+ ExpectIntGT(ret, 0);
#ifdef OPENSSL_EXTRA
/* der holds a certificate with DC's now check X509 parsing of it */
certSz = ret;
pt = der;
- AssertNotNull(x509 = d2i_X509(NULL, &pt, certSz));
- AssertNotNull(x509name = X509_get_subject_name(x509));
+ ExpectNotNull(x509 = d2i_X509(NULL, &pt, certSz));
+ ExpectNotNull(x509name = X509_get_subject_name(x509));
#ifdef WOLFSSL_MULTI_ATTRIB
- AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
-1)), 5);
- AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
idx)), 6);
- AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
idx)), -1);
#endif /* WOLFSSL_MULTI_ATTRIB */
/* compare DN at index 0 */
- AssertNotNull(entry = X509_NAME_get_entry(x509name, 0));
- AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
- AssertIntEQ(ASN1_STRING_length(entryValue), 2);
- AssertStrEQ((const char*)ASN1_STRING_data(entryValue), "US");
+ ExpectNotNull(entry = X509_NAME_get_entry(x509name, 0));
+ ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+ ExpectIntEQ(ASN1_STRING_length(entryValue), 2);
+ ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "US");
#ifndef WOLFSSL_MULTI_ATTRIB
/* compare Serial Number */
- AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_serialNumber,
+ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_serialNumber,
-1)), 7);
- AssertNotNull(entry = X509_NAME_get_entry(x509name, idx));
- AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
- AssertIntEQ(ASN1_STRING_length(entryValue), XSTRLEN("wolfSSL12345"));
- AssertStrEQ((const char*)ASN1_STRING_data(entryValue), "wolfSSL12345");
+ ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
+ ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+ ExpectIntEQ(ASN1_STRING_length(entryValue), XSTRLEN("wolfSSL12345"));
+ ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "wolfSSL12345");
#endif
#ifdef WOLFSSL_MULTI_ATTRIB
/* get first and second DC and compare result */
- AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
-1)), 5);
- AssertNotNull(entry = X509_NAME_get_entry(x509name, idx));
- AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
- AssertStrEQ((const char *)ASN1_STRING_data(entryValue), "com");
+ ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
+ ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+ ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "com");
- AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+ ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
idx)), 6);
- AssertNotNull(entry = X509_NAME_get_entry(x509name, idx));
- AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
- AssertStrEQ((const char *)ASN1_STRING_data(entryValue), "wolfssl");
+ ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
+ ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+ ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "wolfssl");
#endif /* WOLFSSL_MULTI_ATTRIB */
/* try invalid index locations for regression test and sanity check */
- AssertNull(entry = X509_NAME_get_entry(x509name, 11));
- AssertNull(entry = X509_NAME_get_entry(x509name, 20));
+ ExpectNull(entry = X509_NAME_get_entry(x509name, 11));
+ ExpectNull(entry = X509_NAME_get_entry(x509name, 20));
X509_free(x509);
#endif /* OPENSSL_EXTRA */
wc_FreeRsaKey(&key);
wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_version(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
- WOLFSSL_X509 *x509;
+ WOLFSSL_X509 *x509 = NULL;
- x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
- AssertNotNull(x509);
- AssertIntEQ((int)wolfSSL_X509_get_version(x509), 2);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ((int)wolfSSL_X509_get_version(x509), 2);
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
-}
-
-static int test_wolfSSL_DES_ncbc(void)
-{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
- const_DES_cblock myDes;
- DES_cblock iv = {1};
- DES_key_schedule key = {0};
- unsigned char msg[] = "hello wolfssl";
- unsigned char out[DES_BLOCK_SIZE * 2] = {0};
- unsigned char pln[DES_BLOCK_SIZE * 2] = {0};
-
- unsigned char exp[] = {0x31, 0x98, 0x2F, 0x3A, 0x55, 0xBF, 0xD8, 0xC4};
- unsigned char exp2[] = {0xC7, 0x45, 0x8B, 0x28, 0x10, 0x53, 0xE0, 0x58};
-
- /* partial block test */
- DES_set_key(&key, &myDes);
- DES_ncbc_encrypt(msg, out, 3, &myDes, &iv, DES_ENCRYPT);
- AssertIntEQ(XMEMCMP(exp, out, DES_BLOCK_SIZE), 0);
- AssertIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
-
- DES_set_key(&key, &myDes);
- XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
- *((byte*)&iv) = 1;
- DES_ncbc_encrypt(out, pln, 3, &myDes, &iv, DES_DECRYPT);
- AssertIntEQ(XMEMCMP(msg, pln, 3), 0);
- AssertIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
-
- /* full block test */
- DES_set_key(&key, &myDes);
- XMEMSET(pln, 0, DES_BLOCK_SIZE);
- XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
- *((byte*)&iv) = 1;
- DES_ncbc_encrypt(msg, out, 8, &myDes, &iv, DES_ENCRYPT);
- AssertIntEQ(XMEMCMP(exp2, out, DES_BLOCK_SIZE), 0);
- AssertIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
-
- DES_set_key(&key, &myDes);
- XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
- *((byte*)&iv) = 1;
- DES_ncbc_encrypt(out, pln, 8, &myDes, &iv, DES_DECRYPT);
- AssertIntEQ(XMEMCMP(msg, pln, 8), 0);
- AssertIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_AES_cbc_encrypt(void)
-{
- int res = TEST_SKIPPED;
-#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA)
- AES_KEY aes;
- AES_KEY* aesN = NULL;
- size_t len = 0;
- size_t lenB = 0;
- int keySz0 = 0;
- int keySzN = -1;
- byte out[AES_BLOCK_SIZE] = {0};
- byte* outN = NULL;
-
- /* Test vectors retrieved from:
- * <begin URL>
- * https://csrc.nist.gov/
- * CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/
- * documents/aes/KAT_AES.zip
- * </end URL>
- */
- const byte* pt128N = NULL;
- byte* key128N = NULL;
- byte* iv128N = NULL;
- byte iv128tmp[AES_BLOCK_SIZE] = {0};
-
- const byte pt128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
- 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
-
- const byte ct128[] = { 0x87,0x85,0xb1,0xa7,0x5b,0x0f,0x3b,0xd9,
- 0x58,0xdc,0xd0,0xe2,0x93,0x18,0xc5,0x21 };
-
- const byte iv128[] = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
- 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
-
- byte key128[] = { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
- 0xff,0xff,0xf0,0x00,0x00,0x00,0x00,0x00 };
-
-
- len = sizeof(pt128);
-
- #define STRESS_T(a, b, c, d, e, f, g, h, i) \
- wolfSSL_AES_cbc_encrypt(a, b, c, d, e, f); \
- AssertIntNE(XMEMCMP(b, g, h), i)
-
- #define RESET_IV(x, y) XMEMCPY(x, y, AES_BLOCK_SIZE)
-
- /* Stressing wolfSSL_AES_cbc_encrypt() */
- STRESS_T(pt128N, out, len, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
- STRESS_T(pt128, out, len, &aes, iv128N, 1, ct128, AES_BLOCK_SIZE, 0);
-
- wolfSSL_AES_cbc_encrypt(pt128, outN, len, &aes, iv128tmp, AES_ENCRYPT);
- AssertIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
- wolfSSL_AES_cbc_encrypt(pt128, out, len, aesN, iv128tmp, AES_ENCRYPT);
- AssertIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
-
- STRESS_T(pt128, out, lenB, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
-
- /* Stressing wolfSSL_AES_set_encrypt_key */
- AssertIntNE(wolfSSL_AES_set_encrypt_key(key128N, sizeof(key128)*8, &aes),0);
- AssertIntNE(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, aesN),0);
- AssertIntNE(wolfSSL_AES_set_encrypt_key(key128, keySz0, &aes), 0);
- AssertIntNE(wolfSSL_AES_set_encrypt_key(key128, keySzN, &aes), 0);
-
- /* Stressing wolfSSL_AES_set_decrypt_key */
- AssertIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, &aes),0);
- AssertIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, aesN),0);
- AssertIntNE(wolfSSL_AES_set_decrypt_key(key128, keySz0, &aes), 0);
- AssertIntNE(wolfSSL_AES_set_decrypt_key(key128, keySzN, &aes), 0);
-
- #ifdef WOLFSSL_AES_128
-
- /* wolfSSL_AES_cbc_encrypt() 128-bit */
- XMEMSET(out, 0, AES_BLOCK_SIZE);
- RESET_IV(iv128tmp, iv128);
-
- AssertIntEQ(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, &aes), 0);
- wolfSSL_AES_cbc_encrypt(pt128, out, len, &aes, iv128tmp, AES_ENCRYPT);
- AssertIntEQ(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
- wc_AesFree((Aes*)&aes);
-
- #ifdef HAVE_AES_DECRYPT
-
- /* wolfSSL_AES_cbc_encrypt() 128-bit in decrypt mode */
- XMEMSET(out, 0, AES_BLOCK_SIZE);
- RESET_IV(iv128tmp, iv128);
- len = sizeof(ct128);
-
- AssertIntEQ(wolfSSL_AES_set_decrypt_key(key128, sizeof(key128)*8, &aes), 0);
- wolfSSL_AES_cbc_encrypt(ct128, out, len, &aes, iv128tmp, AES_DECRYPT);
- AssertIntEQ(XMEMCMP(out, pt128, AES_BLOCK_SIZE), 0);
- wc_AesFree((Aes*)&aes);
-
- #endif
-
- #endif /* WOLFSSL_AES_128 */
- #ifdef WOLFSSL_AES_192
- {
- /* Test vectors from NIST Special Publication 800-38A, 2001 Edition
- * Appendix F.2.3 */
-
- byte iv192tmp[AES_BLOCK_SIZE] = {0};
-
- const byte pt192[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
- 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
-
- const byte ct192[] = { 0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d,
- 0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8 };
-
- const byte iv192[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
- 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
-
- byte key192[] = { 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
- 0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
- 0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b };
-
- len = sizeof(pt192);
-
- /* wolfSSL_AES_cbc_encrypt() 192-bit */
- XMEMSET(out, 0, AES_BLOCK_SIZE);
- RESET_IV(iv192tmp, iv192);
-
- AssertIntEQ(wolfSSL_AES_set_encrypt_key(key192, sizeof(key192)*8, &aes), 0);
- wolfSSL_AES_cbc_encrypt(pt192, out, len, &aes, iv192tmp, AES_ENCRYPT);
- AssertIntEQ(XMEMCMP(out, ct192, AES_BLOCK_SIZE), 0);
- wc_AesFree((Aes*)&aes);
-
- #ifdef HAVE_AES_DECRYPT
-
- /* wolfSSL_AES_cbc_encrypt() 192-bit in decrypt mode */
- len = sizeof(ct192);
- RESET_IV(iv192tmp, iv192);
- XMEMSET(out, 0, AES_BLOCK_SIZE);
-
- AssertIntEQ(wolfSSL_AES_set_decrypt_key(key192, sizeof(key192)*8, &aes), 0);
- wolfSSL_AES_cbc_encrypt(ct192, out, len, &aes, iv192tmp, AES_DECRYPT);
- AssertIntEQ(XMEMCMP(out, pt192, AES_BLOCK_SIZE), 0);
- wc_AesFree((Aes*)&aes);
-
- #endif
- }
- #endif /* WOLFSSL_AES_192 */
- #ifdef WOLFSSL_AES_256
- {
- /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
- * Appendix F.2.5 */
- byte iv256tmp[AES_BLOCK_SIZE] = {0};
-
- const byte pt256[] = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
- 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
-
- const byte ct256[] = { 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
- 0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6 };
-
- const byte iv256[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
- 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
-
- byte key256[] = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
- 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
- 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
- 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 };
-
-
- len = sizeof(pt256);
-
- /* wolfSSL_AES_cbc_encrypt() 256-bit */
- XMEMSET(out, 0, AES_BLOCK_SIZE);
- RESET_IV(iv256tmp, iv256);
-
- AssertIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
- wolfSSL_AES_cbc_encrypt(pt256, out, len, &aes, iv256tmp, AES_ENCRYPT);
- AssertIntEQ(XMEMCMP(out, ct256, AES_BLOCK_SIZE), 0);
- wc_AesFree((Aes*)&aes);
-
- #ifdef HAVE_AES_DECRYPT
-
- /* wolfSSL_AES_cbc_encrypt() 256-bit in decrypt mode */
- len = sizeof(ct256);
- RESET_IV(iv256tmp, iv256);
- XMEMSET(out, 0, AES_BLOCK_SIZE);
-
- AssertIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
- wolfSSL_AES_cbc_encrypt(ct256, out, len, &aes, iv256tmp, AES_DECRYPT);
- AssertIntEQ(XMEMCMP(out, pt256, AES_BLOCK_SIZE), 0);
- wc_AesFree((Aes*)&aes);
-
- #endif
-
- #if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
- {
- byte wrapCipher[sizeof(key256) + KEYWRAP_BLOCK_SIZE] = { 0 };
- byte wrapPlain[sizeof(key256)] = { 0 };
- byte wrapIV[KEYWRAP_BLOCK_SIZE] = { 0 };
-
- /* wolfSSL_AES_wrap_key() 256-bit NULL iv */
- AssertIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
- AssertIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
- 15), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
- sizeof(key256)), sizeof(wrapCipher));
- wc_AesFree((Aes*)&aes);
-
- /* wolfSSL_AES_unwrap_key() 256-bit NULL iv */
- AssertIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
- AssertIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
- 23), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
- sizeof(wrapCipher)), sizeof(wrapPlain));
- AssertIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
- XMEMSET(wrapCipher, 0, sizeof(wrapCipher));
- XMEMSET(wrapPlain, 0, sizeof(wrapPlain));
- wc_AesFree((Aes*)&aes);
-
- /* wolfSSL_AES_wrap_key() 256-bit custom iv */
- AssertIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
- AssertIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, key256,
- sizeof(key256)), sizeof(wrapCipher));
- wc_AesFree((Aes*)&aes);
-
- /* wolfSSL_AES_unwrap_key() 256-bit custom iv */
- AssertIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
- AssertIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, wrapPlain, wrapCipher,
- sizeof(wrapCipher)), sizeof(wrapPlain));
- AssertIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
- wc_AesFree((Aes*)&aes);
- }
- #endif /* HAVE_AES_KEYWRAP */
- }
- #endif /* WOLFSSL_AES_256 */
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_CRYPTO_cts128(void)
-{
- int res = TEST_SKIPPED;
-#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) \
- && defined(HAVE_CTS)
- byte tmp[64]; /* Largest vector size */
- /* Test vectors taken form RFC3962 Appendix B */
- const testVector vects[] = {
- {
- "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20",
- "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
- "\x97",
- 17, 17
- },
- {
- "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
- "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
- 31, 31
- },
- {
- "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
- "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
- 32, 32
- },
- {
- "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
- "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
- "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
- "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
- 47, 47
- },
- {
- "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
- "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
- "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
- "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
- 48, 48
- },
- {
- "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
- "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
- "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
- "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
- "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
- "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
- "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
- "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
- 64, 64
- }
- };
- byte keyBytes[AES_128_KEY_SIZE] = {
- 0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
- 0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
- };
- size_t i;
- XMEMSET(tmp, 0, sizeof(tmp));
- for (i = 0; i < sizeof(vects)/sizeof(vects[0]); i++) {
- AES_KEY encKey;
- AES_KEY decKey;
- byte iv[AES_IV_SIZE]; /* All-zero IV for all cases */
- XMEMSET(iv, 0, sizeof(iv));
- AssertIntEQ(AES_set_encrypt_key(keyBytes, AES_128_KEY_SIZE * 8, &encKey), 0);
- AssertIntEQ(AES_set_decrypt_key(keyBytes, AES_128_KEY_SIZE * 8, &decKey), 0);
- AssertIntEQ(CRYPTO_cts128_encrypt((const unsigned char*)vects[i].input,
- tmp, vects[i].inLen, &encKey, iv, (cbc128_f)AES_cbc_encrypt),
- vects[i].outLen);
- AssertIntEQ(XMEMCMP(tmp, vects[i].output, vects[i].outLen), 0);
- XMEMSET(iv, 0, sizeof(iv));
- AssertIntEQ(CRYPTO_cts128_decrypt((const unsigned char*)vects[i].output,
- tmp, vects[i].outLen, &decKey, iv, (cbc128_f)AES_cbc_encrypt),
- vects[i].inLen);
- AssertIntEQ(XMEMCMP(tmp, vects[i].input, vects[i].inLen), 0);
- }
-
- res = TEST_RES_CHECK(1);
-#endif /* !NO_AES && HAVE_AES_CBC && OPENSSL_EXTRA && HAVE_CTS */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL)
static int test_wolfSSL_sk_CIPHER_description(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA)
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
- int i,j,k;
+ int i;
int numCiphers = 0;
const SSL_METHOD *method = NULL;
const SSL_CIPHER *cipher = NULL;
@@ -49040,38 +47345,35 @@ static int test_wolfSSL_sk_CIPHER_description(void)
const char certPath[] = "./certs/client-cert.pem";
XMEMSET(buf, 0, sizeof(buf));
- AssertNotNull(method = TLSv1_2_client_method());
- AssertNotNull(ctx = SSL_CTX_new(method));
-
+ ExpectNotNull(method = TLSv1_2_client_method());
+ ExpectNotNull(ctx = SSL_CTX_new(method));
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
SSL_CTX_set_verify_depth(ctx, 4);
-
SSL_CTX_set_options(ctx, flags);
- AssertIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
+ ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
WOLFSSL_SUCCESS);
- AssertNotNull(ssl = SSL_new(ctx));
+ ExpectNotNull(ssl = SSL_new(ctx));
/* SSL_get_ciphers returns a stack of all configured ciphers
* A flag, getCipherAtOffset, is set to later have SSL_CIPHER_description
*/
- AssertNotNull(supportedCiphers = SSL_get_ciphers(ssl));
+ ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl));
/* loop through the amount of supportedCiphers */
numCiphers = sk_num(supportedCiphers);
for (i = 0; i < numCiphers; ++i) {
-
+ int j;
/* sk_value increments "sk->data.cipher->cipherOffset".
* wolfSSL_sk_CIPHER_description sets the description for
* the cipher based on the provided offset.
*/
-
if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) {
SSL_CIPHER_description(cipher, buf, sizeof(buf));
}
/* Search cipher description string for "unknown" descriptor */
for (j = 0; j < (int)XSTRLEN(buf); j++) {
- k = 0;
+ int k = 0;
while ((k < (int)XSTRLEN(badStr)) && (buf[j] == badStr[k])) {
test_str[k] = badStr[k];
j++;
@@ -49079,19 +47381,17 @@ static int test_wolfSSL_sk_CIPHER_description(void)
}
}
/* Fail if test_str == badStr == "unknown" */
- AssertStrNE(test_str,badStr);
+ ExpectStrNE(test_str,badStr);
}
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_get_ciphers_compat(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA)
const SSL_METHOD *method = NULL;
const char certPath[] = "./certs/client-cert.pem";
@@ -49100,37 +47400,32 @@ static int test_wolfSSL_get_ciphers_compat(void)
WOLFSSL *ssl = NULL;
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
- method = SSLv23_client_method();
- AssertNotNull(method);
- ctx = SSL_CTX_new(method);
- AssertNotNull(ctx);
-
+ ExpectNotNull(method = SSLv23_client_method());
+ ExpectNotNull(ctx = SSL_CTX_new(method));
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
SSL_CTX_set_verify_depth(ctx, 4);
-
SSL_CTX_set_options(ctx, flags);
- AssertIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
+ ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
WOLFSSL_SUCCESS);
- AssertNotNull(ssl = SSL_new(ctx));
+ ExpectNotNull(ssl = SSL_new(ctx));
/* Test Bad NULL input */
- AssertNull(supportedCiphers = SSL_get_ciphers(NULL));
+ ExpectNull(supportedCiphers = SSL_get_ciphers(NULL));
/* Test for Good input */
- AssertNotNull(supportedCiphers = SSL_get_ciphers(ssl));
+ ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl));
/* Further usage of SSL_get_ciphers/wolfSSL_get_ciphers_compat is
* tested in test_wolfSSL_sk_CIPHER_description according to Qt usage */
SSL_free(ssl);
SSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_PUBKEY_get(void)
{
+ EXPECT_DECLS;
WOLFSSL_X509_PUBKEY pubkey;
WOLFSSL_X509_PUBKEY* key;
WOLFSSL_EVP_PKEY evpkey ;
@@ -49146,20 +47441,20 @@ static int test_wolfSSL_X509_PUBKEY_get(void)
evpPkey->type = WOLFSSL_SUCCESS;
key->pkey = evpPkey;
- AssertNotNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
- AssertIntEQ(retEvpPkey->type, WOLFSSL_SUCCESS);
+ ExpectNotNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
+ ExpectIntEQ(retEvpPkey->type, WOLFSSL_SUCCESS);
- AssertNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(NULL));
+ ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(NULL));
key->pkey = NULL;
- AssertNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
+ ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
- return TEST_RES_CHECK(retEvpPkey == NULL);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
DSA *dsa = NULL;
DSA *setDsa = NULL;
@@ -49175,6 +47470,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
const unsigned char* dsaKeyDer = dsa_key_der_1024;
int dsaKeySz = sizeof_dsa_key_der_1024;
byte tmp[ONEK_BUF];
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
bytes = dsaKeySz;
@@ -49182,6 +47478,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
const unsigned char* dsaKeyDer = dsa_key_der_2048;
int dsaKeySz = sizeof_dsa_key_der_2048;
byte tmp[TWOK_BUF];
+
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
bytes = dsaKeySz;
@@ -49189,147 +47486,167 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
byte tmp[TWOK_BUF];
const unsigned char* dsaKeyDer = (const unsigned char*)tmp;
int dsaKeySz;
+ XFILE fp = XBADFILE;
+
XMEMSET(tmp, 0, sizeof(tmp));
- XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
- if (fp == XBADFILE) {
- return WOLFSSL_BAD_FILE;
- }
- dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+ ExpectIntGT(dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif /* END USE_CERT_BUFFERS_1024 */
/* Create hash to later Sign and Verify */
- AssertIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS);
- AssertIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS);
- AssertIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS);
/* Initialize pkey with der format dsa key */
- AssertNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
+ ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
(long)dsaKeySz));
/* Test wolfSSL_EVP_PKEY_get1_DSA */
/* Should Fail: NULL argument */
- AssertNull(dsa = EVP_PKEY_get0_DSA(NULL));
- AssertNull(dsa = EVP_PKEY_get1_DSA(NULL));
+ ExpectNull(dsa = EVP_PKEY_get0_DSA(NULL));
+ ExpectNull(dsa = EVP_PKEY_get1_DSA(NULL));
/* Should Pass: Initialized pkey argument */
- AssertNotNull(dsa = EVP_PKEY_get0_DSA(pkey));
- AssertNotNull(dsa = EVP_PKEY_get1_DSA(pkey));
+ ExpectNotNull(dsa = EVP_PKEY_get0_DSA(pkey));
+ ExpectNotNull(dsa = EVP_PKEY_get1_DSA(pkey));
#ifdef USE_CERT_BUFFERS_1024
- AssertIntEQ(DSA_bits(dsa), 1024);
+ ExpectIntEQ(DSA_bits(dsa), 1024);
#else
- AssertIntEQ(DSA_bits(dsa), 2048);
+ ExpectIntEQ(DSA_bits(dsa), 2048);
#endif
/* Sign */
- AssertIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS);
/* Verify. */
- AssertIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer),
+ ExpectIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer),
WOLFSSL_SUCCESS);
/* Test wolfSSL_EVP_PKEY_set1_DSA */
/* Should Fail: set1Pkey not initialized */
- AssertIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
+ ExpectIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
/* Initialize set1Pkey */
set1Pkey = EVP_PKEY_new();
/* Should Fail Verify: setDsa not initialized from set1Pkey */
- AssertIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer),
+ ExpectIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer),
WOLFSSL_SUCCESS);
/* Should Pass: set dsa into set1Pkey */
- AssertIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
DSA_free(dsa);
DSA_free(setDsa);
EVP_PKEY_free(pkey);
EVP_PKEY_free(set1Pkey);
-
- res = TEST_RES_CHECK(1);
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
- return res;
+ return EXPECT_RESULT();
} /* END test_EVP_PKEY_set1_get1_DSA */
+static int test_wolfSSL_DSA_generate_parameters(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \
+ !defined(HAVE_FIPS)
+ DSA *dsa = NULL;
+
+ ExpectNotNull(dsa = DSA_generate_parameters(2048, NULL, 0, NULL, NULL, NULL,
+ NULL));
+ DSA_free(dsa);
+#endif
+ return EXPECT_RESULT();
+}
+
static int test_wolfSSL_DSA_SIG(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FIPS)
- DSA *dsa = NULL;
- DSA *dsa2 = NULL;
- DSA_SIG *sig = NULL;
- const BIGNUM *p = NULL;
- const BIGNUM *q = NULL;
- const BIGNUM *g = NULL;
- const BIGNUM *pub = NULL;
- const BIGNUM *priv = NULL;
+ DSA *dsa = NULL;
+ DSA *dsa2 = NULL;
+ DSA_SIG *sig = NULL;
+ const BIGNUM *p = NULL;
+ const BIGNUM *q = NULL;
+ const BIGNUM *g = NULL;
+ const BIGNUM *pub = NULL;
+ const BIGNUM *priv = NULL;
+ BIGNUM *dup_p = NULL;
+ BIGNUM *dup_q = NULL;
+ BIGNUM *dup_g = NULL;
+ BIGNUM *dup_pub = NULL;
+ BIGNUM *dup_priv = NULL;
const byte digest[WC_SHA_DIGEST_SIZE] = {0};
- AssertNotNull(dsa = DSA_generate_parameters(2048,
- NULL, 0, NULL, NULL, NULL, NULL));
- DSA_free(dsa);
- AssertNotNull(dsa = DSA_new());
- AssertIntEQ(DSA_generate_parameters_ex(dsa, 2048,
- NULL, 0, NULL, NULL, NULL), 1);
- AssertIntEQ(DSA_generate_key(dsa), 1);
+ ExpectNotNull(dsa = DSA_new());
+ ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048, NULL, 0, NULL, NULL,
+ NULL), 1);
+ ExpectIntEQ(DSA_generate_key(dsa), 1);
DSA_get0_pqg(dsa, &p, &q, &g);
DSA_get0_key(dsa, &pub, &priv);
- AssertNotNull(p = BN_dup(p));
- AssertNotNull(q = BN_dup(q));
- AssertNotNull(g = BN_dup(g));
- AssertNotNull(pub = BN_dup(pub));
- AssertNotNull(priv = BN_dup(priv));
-
- AssertNotNull(sig = DSA_do_sign(digest, sizeof(digest), dsa));
- AssertNotNull(dsa2 = DSA_new());
- AssertIntEQ(DSA_set0_pqg(dsa2, (BIGNUM*)p, (BIGNUM*)q, (BIGNUM*)g), 1);
- AssertIntEQ(DSA_set0_key(dsa2, (BIGNUM*)pub, (BIGNUM*)priv), 1);
- AssertIntEQ(DSA_do_verify(digest, sizeof(digest), sig, dsa2), 1);
+ ExpectNotNull(dup_p = BN_dup(p));
+ ExpectNotNull(dup_q = BN_dup(q));
+ ExpectNotNull(dup_g = BN_dup(g));
+ ExpectNotNull(dup_pub = BN_dup(pub));
+ ExpectNotNull(dup_priv = BN_dup(priv));
+
+ ExpectNotNull(sig = DSA_do_sign(digest, sizeof(digest), dsa));
+ ExpectNotNull(dsa2 = DSA_new());
+ ExpectIntEQ(DSA_set0_pqg(dsa2, dup_p, dup_q, dup_g), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(dup_p);
+ BN_free(dup_q);
+ BN_free(dup_g);
+ }
+ ExpectIntEQ(DSA_set0_key(dsa2, dup_pub, dup_priv), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(dup_pub);
+ BN_free(dup_priv);
+ }
+ ExpectIntEQ(DSA_do_verify(digest, sizeof(digest), sig, dsa2), 1);
DSA_free(dsa);
DSA_free(dsa2);
DSA_SIG_free(sig);
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY (void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_ECC
- WOLFSSL_EC_KEY *ecKey = NULL;
- WOLFSSL_EC_KEY *ecGet1 = NULL;
- EVP_PKEY *pkey = NULL;
+ WOLFSSL_EC_KEY* ecKey = NULL;
+ WOLFSSL_EC_KEY* ecGet1 = NULL;
+ EVP_PKEY* pkey = NULL;
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
/* Test wolfSSL_EVP_PKEY_set1_EC_KEY */
- AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
/* Should fail since ecKey is empty */
- AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
- AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
/* Test wolfSSL_EVP_PKEY_get1_EC_KEY */
- AssertNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL));
- AssertNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey));
+ ExpectNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL));
+ ExpectNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey));
wolfSSL_EC_KEY_free(ecKey);
wolfSSL_EC_KEY_free(ecGet1);
EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif /* HAVE_ECC */
- return res;
+ return EXPECT_RESULT();
} /* END test_EVP_PKEY_set1_get1_EC_KEY */
static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
@@ -49337,7 +47654,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
- FILE* f = NULL;
+ XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
const char* dh2048 = "./certs/dh2048.der";
@@ -49346,91 +47663,89 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
XMEMSET(buf, 0, sizeof(buf));
- f = XFOPEN(dh2048, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
/* Load dh2048.der into DH with internal format */
- AssertNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+ ExpectNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len));
- AssertIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS);
- AssertIntEQ(code, 0);
+ ExpectIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS);
+ ExpectIntEQ(code, 0);
code = -1;
- pkey = wolfSSL_EVP_PKEY_new();
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
/* Set DH into PKEY */
- AssertIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
/* Get DH from PKEY */
- AssertNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey));
+ ExpectNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey));
- AssertIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS);
- AssertIntEQ(code, 0);
+ ExpectIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS);
+ ExpectIntEQ(code, 0);
EVP_PKEY_free(pkey);
DH_free(setDh);
DH_free(dh);
-
- res = TEST_RES_CHECK(1);
#endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
- return res;
+ return EXPECT_RESULT();
} /* END test_EVP_PKEY_set1_get1_DH */
static int test_wolfSSL_CTX_ctrl(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
char caFile[] = "./certs/client-ca.pem";
char clientFile[] = "./certs/client-cert.pem";
- SSL_CTX* ctx;
+ SSL_CTX* ctx = NULL;
X509* x509 = NULL;
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
byte buf[6000];
char file[] = "./certs/dsaparams.pem";
- XFILE f;
+ XFILE f = XBADFILE;
int bytes;
- BIO* bio;
- DSA* dsa;
- DH* dh;
+ BIO* bio = NULL;
+ DSA* dsa = NULL;
+ DH* dh = NULL;
#endif
#ifdef HAVE_ECC
- WOLFSSL_EC_KEY* ecKey;
+ WOLFSSL_EC_KEY* ecKey = NULL;
#endif
- AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
+ ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
- x509 = wolfSSL_X509_load_certificate_file(caFile, WOLFSSL_FILETYPE_PEM);
- AssertNotNull(x509);
- AssertIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_X509_free(x509);
+ }
- x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM);
- AssertNotNull(x509);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(clientFile,
+ WOLFSSL_FILETYPE_PEM));
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
/* Initialize DH */
- f = XFOPEN(file, "rb");
- AssertTrue((f != XBADFILE));
- bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
+ ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
- bio = BIO_new_mem_buf((void*)buf, bytes);
- AssertNotNull(bio);
+ ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
- dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL);
- AssertNotNull(dsa);
+ ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL));
- dh = wolfSSL_DSA_dup_DH(dsa);
- AssertNotNull(dh);
+ ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa));
#endif
#ifdef HAVE_ECC
/* Initialize WOLFSSL_EC_KEY */
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey),1);
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
#endif
#if !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)
@@ -49438,29 +47753,30 @@ static int test_wolfSSL_CTX_ctrl(void)
* Do not run with user RSA because wolfSSL_RSA_size is not currently
* allowed with user RSA */
{
- EVP_PKEY* pkey;
+ EVP_PKEY* pkey = NULL;
#if defined(HAVE_ECC)
- X509* ecX509;
+ X509* ecX509 = NULL;
#endif /* HAVE_ECC */
- AssertNotNull(pkey = X509_get_pubkey(x509));
+ ExpectNotNull(pkey = X509_get_pubkey(x509));
/* current RSA key is 2048 bit (256 bytes) */
- AssertIntEQ(EVP_PKEY_size(pkey), 256);
+ ExpectIntEQ(EVP_PKEY_size(pkey), 256);
EVP_PKEY_free(pkey);
+ pkey = NULL;
#if defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
- AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
- cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
- SSL_FILETYPE_ASN1));
+ ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
+ cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
+ SSL_FILETYPE_ASN1));
#else
- AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
- cliEccCertFile, SSL_FILETYPE_PEM));
+ ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
+ cliEccCertFile, SSL_FILETYPE_PEM));
#endif
- AssertNotNull(pkey = X509_get_pubkey(ecX509));
+ ExpectNotNull(pkey = X509_get_pubkey(ecX509));
/* current ECC key is 256 bit (32 bytes) */
- AssertIntEQ(EVP_PKEY_size(pkey), 32);
+ ExpectIntEQ(EVP_PKEY_size(pkey), 32);
X509_free(ecX509);
EVP_PKEY_free(pkey);
@@ -49469,73 +47785,75 @@ static int test_wolfSSL_CTX_ctrl(void)
#endif /* !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) */
/* Tests should fail with passed in NULL pointer */
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,NULL),
- SSL_FAILURE);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, NULL),
+ SSL_FAILURE);
#if !defined(NO_DH) && !defined(NO_DSA)
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,NULL),
- SSL_FAILURE);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, NULL),
+ SSL_FAILURE);
#endif
#ifdef HAVE_ECC
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,NULL),
- SSL_FAILURE);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, NULL),
+ SSL_FAILURE);
#endif
/* Test with SSL_CTRL_EXTRA_CHAIN_CERT
* wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_add_extra_chain_cert
*/
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,x509),
- SSL_SUCCESS);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509),
+ SSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_X509_free(x509);
+ }
/* Test with SSL_CTRL_OPTIONS
* wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_set_options
*/
- AssertTrue(wolfSSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,SSL_OP_NO_TLSv1,NULL)
- == SSL_OP_NO_TLSv1);
- AssertTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1);
+ ExpectTrue(wolfSSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, SSL_OP_NO_TLSv1,
+ NULL) == SSL_OP_NO_TLSv1);
+ ExpectTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1);
/* Test with SSL_CTRL_SET_TMP_DH
* wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_dh
*/
#if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,dh),
- SSL_SUCCESS);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh),
+ SSL_SUCCESS);
#endif
/* Test with SSL_CTRL_SET_TMP_ECDH
* wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_ecdh
*/
#ifdef HAVE_ECC
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,ecKey),
- SSL_SUCCESS);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecKey),
+ SSL_SUCCESS);
#endif
#ifdef WOLFSSL_ENCRYPTED_KEYS
- AssertNull(SSL_CTX_get_default_passwd_cb(ctx));
- AssertNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
-#endif
-
- /* Test for min/max proto */
- #ifndef WOLFSSL_NO_TLS12
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
- 0, NULL), SSL_SUCCESS);
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
- TLS1_2_VERSION, NULL), SSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
-
- #endif
- #ifdef WOLFSSL_TLS13
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
- 0, NULL), SSL_SUCCESS);
-
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
- TLS1_3_VERSION, NULL), SSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_3_VERSION);
- #ifndef WOLFSSL_NO_TLS12
- AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
- TLS1_2_VERSION, NULL), SSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION);
- #endif
- #endif
+ ExpectNull(SSL_CTX_get_default_passwd_cb(ctx));
+ ExpectNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
+#endif
+
+ /* Test for min/max proto */
+#ifndef WOLFSSL_NO_TLS12
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
+ 0, NULL), SSL_SUCCESS);
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
+ TLS1_2_VERSION, NULL), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
+#endif
+#ifdef WOLFSSL_TLS13
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
+ 0, NULL), SSL_SUCCESS);
+
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
+ TLS1_3_VERSION, NULL), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_3_VERSION);
+#ifndef WOLFSSL_NO_TLS12
+ ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
+ TLS1_2_VERSION, NULL), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION);
+#endif
+#endif
/* Cleanup and Pass */
#if !defined(NO_DH) && !defined(NO_DSA)
#ifndef NO_BIO
@@ -49548,154 +47866,193 @@ static int test_wolfSSL_CTX_ctrl(void)
wolfSSL_EC_KEY_free(ecKey);
#endif
SSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
- return res;
+ * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_assign(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
+#if !defined(NO_RSA) || !defined(NO_DSA) || defined(HAVE_ECC)
int type;
- WOLFSSL_EVP_PKEY* pkey;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
#ifndef NO_RSA
- WOLFSSL_RSA* rsa;
+ WOLFSSL_RSA* rsa = NULL;
#endif
#ifndef NO_DSA
- WOLFSSL_DSA* dsa;
+ WOLFSSL_DSA* dsa = NULL;
#endif
#ifdef HAVE_ECC
- WOLFSSL_EC_KEY* ecKey;
+ WOLFSSL_EC_KEY* ecKey = NULL;
#endif
- (void)pkey;
-
#ifndef NO_RSA
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- type = EVP_PKEY_RSA;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(rsa = wolfSSL_RSA_new());
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(NULL,type,rsa), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,NULL), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,-1,rsa), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,rsa), WOLFSSL_SUCCESS);
- wolfSSL_EVP_PKEY_free(pkey);
- res = TEST_RES_CHECK(1);
+ type = EVP_PKEY_RSA;
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(rsa = wolfSSL_RSA_new());
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, rsa), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, rsa), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, rsa), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_RSA_free(rsa);
}
+ wolfSSL_EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif /* NO_RSA */
#ifndef NO_DSA
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- type = EVP_PKEY_DSA;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(dsa = wolfSSL_DSA_new());
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(NULL,type,dsa), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,NULL), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,-1,dsa), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,dsa), WOLFSSL_SUCCESS);
- wolfSSL_EVP_PKEY_free(pkey);
- res = TEST_RES_CHECK(1);
+ type = EVP_PKEY_DSA;
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(dsa = wolfSSL_DSA_new());
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, dsa), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, dsa), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, dsa), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_DSA_free(dsa);
}
+ wolfSSL_EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif /* NO_DSA */
#ifdef HAVE_ECC
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- type = EVP_PKEY_EC;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(NULL,type,ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,NULL), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,-1,ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,ecKey), WOLFSSL_SUCCESS);
- wolfSSL_EVP_PKEY_free(pkey);
- res = TEST_RES_CHECK(1);
+ type = EVP_PKEY_EC;
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_EC_KEY_free(ecKey);
}
+ wolfSSL_EVP_PKEY_free(pkey);
+ pkey = NULL;
#endif /* HAVE_ECC */
+#endif /* !NO_RSA || !NO_DSA || HAVE_ECC */
+ return EXPECT_RESULT();
+}
- (void)type;
+static int test_wolfSSL_EVP_PKEY_assign_DH(void)
+{
+ EXPECT_DECLS;
+#if !defined(NO_DH) && \
+ !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+ XFILE f = XBADFILE;
+ unsigned char buf[4096];
+ const unsigned char* pt = buf;
+ const char* params1 = "./certs/dh2048.der";
+ long len = 0;
+ WOLFSSL_DH* dh = NULL;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
+ XMEMSET(buf, 0, sizeof(buf));
- return res;
+ /* Load DH parameters DER. */
+ ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
+
+ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+ ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
+
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+
+ /* Bad cases */
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WOLFSSL_FAILURE);
+
+ /* Good case */
+ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_DH_free(dh);
+ }
+
+ EVP_PKEY_free(pkey);
+#endif
+ return EXPECT_RESULT();
}
+
static int test_wolfSSL_EVP_PKEY_base_id(void)
{
- WOLFSSL_EVP_PKEY* pkey;
+ EXPECT_DECLS;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef);
- AssertIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA);
EVP_PKEY_free(pkey);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_id(void)
{
- WOLFSSL_EVP_PKEY* pkey;
+ EXPECT_DECLS;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0);
- AssertIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA);
EVP_PKEY_free(pkey);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_paramgen(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && \
- !defined(NO_ECC_SECP) && \
- /* This last bit is taken from ecc.c. It is the condition that
- * defines ECC256 */ \
+ EXPECT_DECLS;
+ /* ECC check taken from ecc.c. It is the condition that defines ECC256 */
+#if defined(OPENSSL_ALL) && !defined(NO_ECC_SECP) && \
((!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 256)
- EVP_PKEY_CTX* ctx;
- EVP_PKEY* pkey = NULL;
+ EVP_PKEY_CTX* ctx = NULL;
+ EVP_PKEY* pkey = NULL;
/* Test error conditions. */
- AssertIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WOLFSSL_FAILURE);
- AssertNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
- AssertIntEQ(EVP_PKEY_paramgen(ctx, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WOLFSSL_FAILURE);
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
+ ExpectIntEQ(EVP_PKEY_paramgen(ctx, NULL), WOLFSSL_FAILURE);
#ifndef NO_RSA
EVP_PKEY_CTX_free(ctx);
/* Parameter generation for RSA not supported yet. */
- AssertNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
- AssertIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_FAILURE);
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
+ ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_FAILURE);
#endif
#ifdef HAVE_ECC
EVP_PKEY_CTX_free(ctx);
- AssertNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
- AssertIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx,
- NID_X9_62_prime256v1), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
+ ExpectIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx,
+ NID_X9_62_prime256v1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
#endif
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_keygen(void)
{
+ EXPECT_DECLS;
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
@@ -49708,42 +48065,44 @@ static int test_wolfSSL_EVP_PKEY_keygen(void)
byte* derBuffer = NULL;
#endif
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
/* Bad cases */
- AssertIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), BAD_FUNC_ARG);
/* Good case */
- AssertIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0);
EVP_PKEY_CTX_free(ctx);
+ ctx = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
/* Test DH keygen */
{
- AssertNotNull(params = wolfSSL_EVP_PKEY_new());
- AssertNotNull(dh = DH_get_2048_256());
- AssertIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
- AssertNotNull(ctx = EVP_PKEY_CTX_new(params, NULL));
- AssertIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
+ ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(dh = DH_get_2048_256());
+ ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(params, NULL));
+ ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
DH_free(dh);
+ dh = NULL;
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(params);
/* try exporting generated key to DER, to verify */
- AssertNotNull(dh = EVP_PKEY_get1_DH(pkey));
+ ExpectNotNull(dh = EVP_PKEY_get1_DH(pkey));
DH_get0_key(dh, &pubkey, &privkey);
- AssertNotNull(pubkey);
- AssertNotNull(privkey);
- AssertNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL));
- AssertIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0);
+ ExpectNotNull(pubkey);
+ ExpectNotNull(privkey);
+ ExpectNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL));
+ ExpectIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0);
ASN1_INTEGER_free(asn1int);
DH_free(dh);
@@ -49753,48 +48112,47 @@ static int test_wolfSSL_EVP_PKEY_keygen(void)
}
#endif
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_keygen_init(void)
{
- WOLFSSL_EVP_PKEY* pkey;
- EVP_PKEY_CTX *ctx;
-
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ EXPECT_DECLS;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
+ EVP_PKEY_CTX *ctx = NULL;
- AssertIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(NULL), WOLFSSL_SUCCESS);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_missing_parameters(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB)
- WOLFSSL_EVP_PKEY* pkey;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0);
+ ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(NULL), 0);
EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_copy_parameters(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST) && (defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \
defined(WOLFSSL_OPENSSH)) && defined(WOLFSSL_DH_EXTRA) && \
!defined(NO_FILESYSTEM)
-
WOLFSSL_EVP_PKEY* params = NULL;
WOLFSSL_EVP_PKEY* copy = NULL;
DH* dh = NULL;
@@ -49806,73 +48164,69 @@ static int test_wolfSSL_EVP_PKEY_copy_parameters(void)
BIGNUM* q2;
/* create DH with DH_get_2048_256 params */
- AssertNotNull(params = wolfSSL_EVP_PKEY_new());
- AssertNotNull(dh = DH_get_2048_256());
- AssertIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
+ ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(dh = DH_get_2048_256());
+ ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
DH_get0_pqg(dh, (const BIGNUM**)&p1,
(const BIGNUM**)&q1,
(const BIGNUM**)&g1);
DH_free(dh);
+ dh = NULL;
/* create DH with random generated DH params */
- AssertNotNull(copy = wolfSSL_EVP_PKEY_new());
- AssertNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
- AssertIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS);
+ ExpectNotNull(copy = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
+ ExpectIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS);
DH_free(dh);
+ dh = NULL;
- AssertIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS);
- AssertNotNull(dh = EVP_PKEY_get1_DH(copy));
- AssertNotNull(dh->p);
- AssertNotNull(dh->g);
- AssertNotNull(dh->q);
+ ExpectIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS);
+ ExpectNotNull(dh = EVP_PKEY_get1_DH(copy));
+ ExpectNotNull(dh->p);
+ ExpectNotNull(dh->g);
+ ExpectNotNull(dh->q);
DH_get0_pqg(dh, (const BIGNUM**)&p2,
(const BIGNUM**)&q2,
(const BIGNUM**)&g2);
- AssertIntEQ(BN_cmp(p1, p2), 0);
- AssertIntEQ(BN_cmp(q1, q2), 0);
- AssertIntEQ(BN_cmp(g1, g2), 0);
+ ExpectIntEQ(BN_cmp(p1, p2), 0);
+ ExpectIntEQ(BN_cmp(q1, q2), 0);
+ ExpectIntEQ(BN_cmp(g1, g2), 0);
DH_free(dh);
EVP_PKEY_free(copy);
EVP_PKEY_free(params);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(void)
{
- WOLFSSL_EVP_PKEY* pkey;
- EVP_PKEY_CTX *ctx;
+ EXPECT_DECLS;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
+ EVP_PKEY_CTX* ctx = NULL;
int bits = 2048;
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-
- AssertIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits),
- WOLFSSL_SUCCESS);
-
+ ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits),
+ WOLFSSL_SUCCESS);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
{
+ EXPECT_DECLS;
/* This is large enough to be used for all key sizes */
byte key[AES_256_KEY_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
- int i, enumlen;
- EVP_CIPHER_CTX *ctx;
- const EVP_CIPHER *init;
-
- int enumArray[] = {
-
+ int i;
+ int nids[] = {
#ifdef HAVE_AES_CBC
NID_aes_128_cbc,
#endif
@@ -49891,7 +48245,6 @@ static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
#endif
};
int iv_lengths[] = {
-
#ifdef HAVE_AES_CBC
AES_BLOCK_SIZE,
#endif
@@ -49909,444 +48262,470 @@ static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
DES_BLOCK_SIZE,
#endif
};
+ int nidsLen = (sizeof(nids)/sizeof(int));
-
- enumlen = (sizeof(enumArray)/sizeof(int));
- for (i = 0; i < enumlen; i++) {
- ctx = EVP_CIPHER_CTX_new();
- init = wolfSSL_EVP_get_cipherbynid(enumArray[i]);
-
+ for (i = 0; i < nidsLen; i++) {
+ const EVP_CIPHER* init = wolfSSL_EVP_get_cipherbynid(nids[i]);
+ EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_iv_length(ctx), iv_lengths[i]);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_iv_length(ctx), iv_lengths[i]);
EVP_CIPHER_CTX_free(ctx);
}
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX_key_length(void)
{
- int res = TEST_SKIPPED;
-#if !defined(NO_DES3)
- byte key[AES_256_KEY_SIZE] = {0};
- byte iv[AES_BLOCK_SIZE] = {0};
- EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- const EVP_CIPHER *init = EVP_des_ede3_cbc();
-
- wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
-
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_key_length(ctx), 24);
-
- EVP_CIPHER_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
-}
-
-static int test_wolfSSL_EVP_CIPHER_CTX_set_key_length(void)
-{
- int res = TEST_SKIPPED;
-#if !defined(NO_DES3)
+ EXPECT_DECLS;
byte key[AES_256_KEY_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
- int keylen;
- EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
- const EVP_CIPHER *init = EVP_des_ede3_cbc();
+ int i;
+ int nids[] = {
+ #ifdef HAVE_AES_CBC
+ NID_aes_128_cbc,
+ NID_aes_256_cbc,
+ #endif
+ #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+ #ifdef HAVE_AESGCM
+ NID_aes_128_gcm,
+ NID_aes_256_gcm,
+ #endif
+ #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
+ #ifdef WOLFSSL_AES_COUNTER
+ NID_aes_128_ctr,
+ NID_aes_256_ctr,
+ #endif
+ #ifndef NO_DES3
+ NID_des_cbc,
+ NID_des_ede3_cbc,
+ #endif
+ };
+ int key_lengths[] = {
+ #ifdef HAVE_AES_CBC
+ AES_128_KEY_SIZE,
+ AES_256_KEY_SIZE,
+ #endif
+ #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
+ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+ #ifdef HAVE_AESGCM
+ AES_128_KEY_SIZE,
+ AES_256_KEY_SIZE,
+ #endif
+ #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
+ #ifdef WOLFSSL_AES_COUNTER
+ AES_128_KEY_SIZE,
+ AES_256_KEY_SIZE,
+ #endif
+ #ifndef NO_DES3
+ DES_KEY_SIZE,
+ DES3_KEY_SIZE,
+ #endif
+ };
+ int nidsLen = (sizeof(nids)/sizeof(int));
- wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ for (i = 0; i < nidsLen; i++) {
+ const EVP_CIPHER *init = wolfSSL_EVP_get_cipherbynid(nids[i]);
+ EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
+ wolfSSL_EVP_CIPHER_CTX_init(ctx);
- keylen = wolfSSL_EVP_CIPHER_CTX_key_length(ctx);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_key_length(ctx), key_lengths[i]);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, keylen),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, key_lengths[i]),
+ WOLFSSL_SUCCESS);
- EVP_CIPHER_CTX_free(ctx);
+ EVP_CIPHER_CTX_free(ctx);
+ }
- res = TEST_RES_CHECK(1);
-#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_CTX_set_iv(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_AESGCM) && !defined(NO_DES3)
- byte key[DES3_KEY_SIZE] = {0};
- byte iv[DES_BLOCK_SIZE] = {0};
int ivLen, keyLen;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+#ifdef HAVE_AESGCM
+ byte key[AES_128_KEY_SIZE] = {0};
+ byte iv[AES_BLOCK_SIZE] = {0};
+ const EVP_CIPHER *init = EVP_aes_128_gcm();
+#else
+ byte key[DES3_KEY_SIZE] = {0};
+ byte iv[DES_BLOCK_SIZE] = {0};
const EVP_CIPHER *init = EVP_des_ede3_cbc();
+#endif
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
ivLen = wolfSSL_EVP_CIPHER_CTX_iv_length(ctx);
keyLen = wolfSSL_EVP_CIPHER_CTX_key_length(ctx);
/* Bad cases */
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, iv, ivLen), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, NULL, ivLen), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, 0), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, NULL, 0), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, keyLen), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, iv, ivLen),
+ WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, NULL, ivLen),
+ WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, 0), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, NULL, 0), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, keyLen),
+ WOLFSSL_FAILURE);
/* Good case */
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, ivLen), 1);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, ivLen), 1);
EVP_CIPHER_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_CTX_new_id(void)
{
+ EXPECT_DECLS;
WOLFSSL_ENGINE* e = NULL;
int id = 0;
- EVP_PKEY_CTX *ctx;
+ EVP_PKEY_CTX *ctx = NULL;
- AssertNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e));
+ ExpectNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e));
EVP_PKEY_CTX_free(ctx);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_rc4(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RC4)
- res = TEST_RES_CHECK(wolfSSL_EVP_rc4() != NULL);
+ ExpectNotNull(wolfSSL_EVP_rc4());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_enc_null(void)
{
- return TEST_RES_CHECK(wolfSSL_EVP_enc_null() != NULL);
+ EXPECT_DECLS;
+ ExpectNotNull(wolfSSL_EVP_enc_null());
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_rc2_cbc(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_QT) && !defined(NO_WOLFSSL_STUB)
- res = TEST_RES_CHECK(wolfSSL_EVP_rc2_cbc() == NULL);
+ ExpectNull(wolfSSL_EVP_rc2_cbc());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_mdc2(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_WOLFSSL_STUB)
- res = TEST_RES_CHECK(wolfSSL_EVP_mdc2() == NULL);
+ ExpectNull(wolfSSL_EVP_mdc2());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_md4(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_MD4)
- res = TEST_RES_CHECK(wolfSSL_EVP_md4() != NULL);
+ ExpectNotNull(wolfSSL_EVP_md4());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_256_gcm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_AESGCM
- res = TEST_RES_CHECK(wolfSSL_EVP_aes_256_gcm() != NULL);
+ ExpectNotNull(wolfSSL_EVP_aes_256_gcm());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_192_gcm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_AESGCM
- res = TEST_RES_CHECK(wolfSSL_EVP_aes_192_gcm() != NULL);
+ ExpectNotNull(wolfSSL_EVP_aes_192_gcm());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_256_ccm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_AESCCM
- res = TEST_RES_CHECK(wolfSSL_EVP_aes_256_ccm() != NULL);
+ ExpectNotNull(wolfSSL_EVP_aes_256_ccm());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_192_ccm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_AESCCM
- res = TEST_RES_CHECK(wolfSSL_EVP_aes_192_ccm() != NULL);
+ ExpectNotNull(wolfSSL_EVP_aes_192_ccm());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_aes_128_ccm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_AESCCM
- res = TEST_RES_CHECK(wolfSSL_EVP_aes_128_ccm() != NULL);
+ ExpectNotNull(wolfSSL_EVP_aes_128_ccm());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_ripemd160(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_WOLFSSL_STUB)
- res = TEST_RES_CHECK(wolfSSL_EVP_ripemd160() == NULL);
+ ExpectNull(wolfSSL_EVP_ripemd160());
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_get_digestbynid(void)
{
+ EXPECT_DECLS;
+
#ifndef NO_MD5
- AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
+ ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
#endif
#ifndef NO_SHA
- AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
+ ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
#endif
#ifndef NO_SHA256
- AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_sha256));
+ ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha256));
#endif
- AssertNull(wolfSSL_EVP_get_digestbynid(0));
+ ExpectNull(wolfSSL_EVP_get_digestbynid(0));
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_MD_nid(void)
{
+ EXPECT_DECLS;
+
#ifndef NO_MD5
- AssertIntEQ(EVP_MD_nid(EVP_md5()), NID_md5);
+ ExpectIntEQ(EVP_MD_nid(EVP_md5()), NID_md5);
#endif
#ifndef NO_SHA
- AssertIntEQ(EVP_MD_nid(EVP_sha1()), NID_sha1);
+ ExpectIntEQ(EVP_MD_nid(EVP_sha1()), NID_sha1);
#endif
#ifndef NO_SHA256
- AssertIntEQ(EVP_MD_nid(EVP_sha256()), NID_sha256);
+ ExpectIntEQ(EVP_MD_nid(EVP_sha256()), NID_sha256);
#endif
- AssertIntEQ(EVP_MD_nid(NULL), NID_undef);
+ ExpectIntEQ(EVP_MD_nid(NULL), NID_undef);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_get0_EC_KEY(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC)
- WOLFSSL_EVP_PKEY* pkey;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
- AssertNotNull(pkey = EVP_PKEY_new());
- AssertNull(EVP_PKEY_get0_EC_KEY(pkey));
- EVP_PKEY_free(pkey);
+ ExpectNull(EVP_PKEY_get0_EC_KEY(NULL));
- res = TEST_RES_CHECK(1);
+ ExpectNotNull(pkey = EVP_PKEY_new());
+ ExpectNull(EVP_PKEY_get0_EC_KEY(pkey));
+ EVP_PKEY_free(pkey);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_X_STATE(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DES3) && !defined(NO_RC4)
byte key[DES3_KEY_SIZE] = {0};
byte iv[DES_IV_SIZE] = {0};
- EVP_CIPHER_CTX *ctx;
- const EVP_CIPHER *init;
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *init = NULL;
/* Bad test cases */
- ctx = EVP_CIPHER_CTX_new();
- init = EVP_des_ede3_cbc();
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(init = EVP_des_ede3_cbc());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
- AssertNull(wolfSSL_EVP_X_STATE(NULL));
- AssertNull(wolfSSL_EVP_X_STATE(ctx));
+ ExpectNull(wolfSSL_EVP_X_STATE(NULL));
+ ExpectNull(wolfSSL_EVP_X_STATE(ctx));
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Good test case */
- ctx = EVP_CIPHER_CTX_new();
- init = wolfSSL_EVP_rc4();
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(init = wolfSSL_EVP_rc4());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
- AssertNotNull(wolfSSL_EVP_X_STATE(ctx));
+ ExpectNotNull(wolfSSL_EVP_X_STATE(ctx));
EVP_CIPHER_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_X_STATE_LEN(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DES3) && !defined(NO_RC4)
byte key[DES3_KEY_SIZE] = {0};
byte iv[DES_IV_SIZE] = {0};
- EVP_CIPHER_CTX *ctx;
- const EVP_CIPHER *init;
+ EVP_CIPHER_CTX *ctx = NULL;
+ const EVP_CIPHER *init = NULL;
/* Bad test cases */
- ctx = EVP_CIPHER_CTX_new();
- init = EVP_des_ede3_cbc();
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(init = EVP_des_ede3_cbc());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_X_STATE_LEN(NULL), 0);
- AssertIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), 0);
+ ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(NULL), 0);
+ ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), 0);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Good test case */
- ctx = EVP_CIPHER_CTX_new();
- init = wolfSSL_EVP_rc4();
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(init = wolfSSL_EVP_rc4());
wolfSSL_EVP_CIPHER_CTX_init(ctx);
- AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), sizeof(Arc4));
+ ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), sizeof(Arc4));
EVP_CIPHER_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_block_size(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESGCM) || \
+ defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_ECB) || \
+ defined(WOLFSSL_AES_OFB) || !defined(NO_RC4) || \
+ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
#ifdef HAVE_AES_CBC
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- #ifdef WOLFSSL_AES_128
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_cbc()), AES_BLOCK_SIZE);
- #endif
- #ifdef WOLFSSL_AES_192
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_cbc()), AES_BLOCK_SIZE);
- #endif
- #ifdef WOLFSSL_AES_256
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_cbc()), AES_BLOCK_SIZE);
- #endif
- res = TEST_RES_CHECK(1);
- }
+ #ifdef WOLFSSL_AES_128
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_cbc()), AES_BLOCK_SIZE);
+ #endif
+ #ifdef WOLFSSL_AES_192
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_cbc()), AES_BLOCK_SIZE);
+ #endif
+ #ifdef WOLFSSL_AES_256
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_cbc()), AES_BLOCK_SIZE);
+ #endif
#endif
#ifdef HAVE_AESGCM
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- #ifdef WOLFSSL_AES_128
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_gcm()), 1);
- #endif
- #ifdef WOLFSSL_AES_192
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_gcm()), 1);
- #endif
- #ifdef WOLFSSL_AES_256
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_gcm()), 1);
- #endif
- res = TEST_RES_CHECK(1);
- }
+ #ifdef WOLFSSL_AES_128
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_gcm()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_192
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_gcm()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_256
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_gcm()), 1);
+ #endif
#endif
#ifdef HAVE_AESCCM
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- #ifdef WOLFSSL_AES_128
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ccm()), 1);
- #endif
- #ifdef WOLFSSL_AES_192
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ccm()), 1);
- #endif
- #ifdef WOLFSSL_AES_256
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ccm()), 1);
- #endif
- res = TEST_RES_CHECK(1);
- }
+ #ifdef WOLFSSL_AES_128
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ccm()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_192
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ccm()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_256
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ccm()), 1);
+ #endif
#endif
#ifdef WOLFSSL_AES_COUNTER
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- #ifdef WOLFSSL_AES_128
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ctr()), 1);
- #endif
- #ifdef WOLFSSL_AES_192
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ctr()), 1);
- #endif
- #ifdef WOLFSSL_AES_256
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ctr()), 1);
- #endif
- res = TEST_RES_CHECK(1);
- }
+ #ifdef WOLFSSL_AES_128
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ctr()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_192
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ctr()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_256
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ctr()), 1);
+ #endif
#endif
#ifdef HAVE_AES_ECB
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- #ifdef WOLFSSL_AES_128
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ecb()), AES_BLOCK_SIZE);
- #endif
- #ifdef WOLFSSL_AES_192
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ecb()), AES_BLOCK_SIZE);
- #endif
- #ifdef WOLFSSL_AES_256
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ecb()), AES_BLOCK_SIZE);
- #endif
- res = TEST_RES_CHECK(1);
- }
+ #ifdef WOLFSSL_AES_128
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ecb()), AES_BLOCK_SIZE);
+ #endif
+ #ifdef WOLFSSL_AES_192
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ecb()), AES_BLOCK_SIZE);
+ #endif
+ #ifdef WOLFSSL_AES_256
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ecb()), AES_BLOCK_SIZE);
+ #endif
#endif
#ifdef WOLFSSL_AES_OFB
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- #ifdef WOLFSSL_AES_128
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ofb()), 1);
- #endif
- #ifdef WOLFSSL_AES_192
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ofb()), 1);
- #endif
- #ifdef WOLFSSL_AES_256
- AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ofb()), 1);
- #endif
- res = TEST_RES_CHECK(1);
- }
+ #ifdef WOLFSSL_AES_128
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ofb()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_192
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ofb()), 1);
+ #endif
+ #ifdef WOLFSSL_AES_256
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ofb()), 1);
+ #endif
#endif
#ifndef NO_RC4
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- AssertIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1);
- res = TEST_RES_CHECK(1);
- }
+ ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1);
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- AssertIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1);
- res = TEST_RES_CHECK(1);
- }
+ ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1);
+#endif
#endif
- return res;
+#ifdef WOLFSSL_SM4_ECB
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ecb()), SM4_BLOCK_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_cbc()), SM4_BLOCK_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ctr()), 1);
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_gcm()), 1);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ccm()), 1);
+#endif
+
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_CIPHER_iv_length(void)
{
- int i, enumlen;
-
-
- int enumArray[] = {
+ EXPECT_DECLS;
+ int nids[] = {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
#ifdef WOLFSSL_AES_128
NID_aes_128_cbc,
@@ -50391,7 +48770,6 @@ static int test_wolfSSL_EVP_CIPHER_iv_length(void)
NID_chacha20_poly1305,
#endif
};
-
int iv_lengths[] = {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
#ifdef WOLFSSL_AES_128
@@ -50437,134 +48815,89 @@ static int test_wolfSSL_EVP_CIPHER_iv_length(void)
CHACHA20_POLY1305_AEAD_IV_SIZE,
#endif
};
+ int i;
+ int nidsLen = (sizeof(nids)/sizeof(int));
- enumlen = (sizeof(enumArray)/sizeof(int));
- for (i = 0; i < enumlen; i++) {
- const EVP_CIPHER *c = EVP_get_cipherbynid(enumArray[i]);
- AssertIntEQ(EVP_CIPHER_iv_length(c), iv_lengths[i]);
+ for (i = 0; i < nidsLen; i++) {
+ const EVP_CIPHER *c = EVP_get_cipherbynid(nids[i]);
+ ExpectIntEQ(EVP_CIPHER_iv_length(c), iv_lengths[i]);
}
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_SignInit_ex(void)
{
- WOLFSSL_EVP_MD_CTX mdCtx;
- WOLFSSL_ENGINE* e = 0;
- const EVP_MD* md;
- md = "SHA256";
+ EXPECT_DECLS;
+ WOLFSSL_EVP_MD_CTX mdCtx;
+ WOLFSSL_ENGINE* e = 0;
+ const EVP_MD* md = EVP_sha256();
wolfSSL_EVP_MD_CTX_init(&mdCtx);
- AssertIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
+ ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_DigestFinal_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_SHA256)
- WOLFSSL_EVP_MD_CTX mdCtx;
- unsigned int s = 0;
- unsigned char md[WC_SHA256_DIGEST_SIZE];
- unsigned char md2[WC_SHA256_DIGEST_SIZE];
+ WOLFSSL_EVP_MD_CTX mdCtx;
+ unsigned int s = 0;
+ unsigned char md[WC_SHA256_DIGEST_SIZE];
+ unsigned char md2[WC_SHA256_DIGEST_SIZE];
/* Bad Case */
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
-
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION > 2))
wolfSSL_EVP_MD_CTX_init(&mdCtx);
- AssertIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), 0);
- AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
+ ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), 0);
+ ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#else
-
wolfSSL_EVP_MD_CTX_init(&mdCtx);
- AssertIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
#endif
/* Good Case */
wolfSSL_EVP_MD_CTX_init(&mdCtx);
- AssertIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA256"), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md2, &s), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, EVP_sha256()), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md2, &s), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
#endif
- return res;
-}
-static int test_wolfSSL_EVP_PKEY_assign_DH(void)
-{
- int res = TEST_SKIPPED;
-#if !defined(NO_DH) && \
- !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
- FILE* f = NULL;
- unsigned char buf[4096];
- const unsigned char* pt = buf;
- const char* params1 = "./certs/dh2048.der";
- long len = 0;
- WOLFSSL_DH* dh = NULL;
- WOLFSSL_EVP_PKEY* pkey;
- XMEMSET(buf, 0, sizeof(buf));
-
-
- f = XFOPEN(params1, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
-
-
- AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
- AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
-
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-
- /* Bad cases */
- AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WOLFSSL_FAILURE);
-
- /* Good case */
- AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS);
-
- EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
-#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_QT_EVP_PKEY_CTX_free(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
- EVP_PKEY* pkey;
- EVP_PKEY_CTX* ctx;
+ EVP_PKEY* pkey = NULL;
+ EVP_PKEY_CTX* ctx = NULL;
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
- /* void */
- EVP_PKEY_CTX_free(ctx);
- AssertTrue(1);
- #else
- /* int */
- AssertIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS);
- #endif
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+ /* void */
+ EVP_PKEY_CTX_free(ctx);
+#else
+ /* int */
+ ExpectIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS);
+#endif
EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_param_check(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
@@ -50582,50 +48915,47 @@ static int test_wolfSSL_EVP_PKEY_param_check(void)
XMEMSET(buf, 0, sizeof(buf));
- f = XFOPEN(dh2048, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
/* Load dh2048.der into DH with internal format */
- AssertNotNull(setDh = d2i_DHparams(NULL, &pt, len));
- AssertIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS);
- AssertIntEQ(code, 0);
+ ExpectNotNull(setDh = d2i_DHparams(NULL, &pt, len));
+ ExpectIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS);
+ ExpectIntEQ(code, 0);
code = -1;
pkey = wolfSSL_EVP_PKEY_new();
/* Set DH into PKEY */
- AssertIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
/* create ctx from pkey */
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- AssertIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */);
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */);
- /* */
- /* TO DO invlaid case */
- /* */
+ /* TODO: more invalid cases */
+ ExpectIntEQ(EVP_PKEY_param_check(NULL), 0);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
DH_free(setDh);
DH_free(dh);
-
- res = TEST_RES_CHECK(1);
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_BytesToKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
byte key[AES_BLOCK_SIZE] = {0};
byte iv[AES_BLOCK_SIZE] = {0};
- int sz = 5;
int count = 0;
- const EVP_MD* md = "SHA256";
+ const EVP_MD* md = EVP_sha256();
const EVP_CIPHER *type;
const unsigned char *salt = (unsigned char *)"salt1234";
+ int sz = 5;
const byte data[] = {
0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
0x72,0x6c,0x64
@@ -50634,27 +48964,25 @@ static int test_wolfSSL_EVP_BytesToKey(void)
type = wolfSSL_EVP_get_cipherbynid(NID_aes_128_cbc);
/* Bad cases */
- AssertIntEQ(EVP_BytesToKey(NULL, md, salt, data, sz, count, key, iv),
+ ExpectIntEQ(EVP_BytesToKey(NULL, md, salt, data, sz, count, key, iv),
0);
- AssertIntEQ(EVP_BytesToKey(type, md, salt, NULL, sz, count, key, iv),
+ ExpectIntEQ(EVP_BytesToKey(type, md, salt, NULL, sz, count, key, iv),
16);
md = "2";
- AssertIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
+ ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
WOLFSSL_FAILURE);
/* Good case */
- md = "SHA256";
- AssertIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
+ md = EVP_sha256();
+ ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
16);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_evp_cipher_aes_gcm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST)) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION >= 2)))
@@ -50769,8 +49097,8 @@ static int test_evp_cipher_aes_gcm(void)
expCipherText2,
expCipherText3
};
- byte* cipherText;
- byte* calcPlainText;
+ byte* cipherText = NULL;
+ byte* calcPlainText = NULL;
byte tag[AES_BLOCK_SIZE];
EVP_CIPHER_CTX* encCtx = NULL;
EVP_CIPHER_CTX* decCtx = NULL;
@@ -50778,12 +49106,12 @@ static int test_evp_cipher_aes_gcm(void)
/****************************************************/
for (i = 0; i < 3; ++i) {
- AssertNotNull(encCtx = EVP_CIPHER_CTX_new());
- AssertNotNull(decCtx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(encCtx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(decCtx = EVP_CIPHER_CTX_new());
/* First iteration, set key before IV. */
if (i == 0) {
- AssertIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), key, NULL, 1),
+ ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), key, NULL, 1),
SSL_SUCCESS);
/*
@@ -50792,27 +49120,27 @@ static int test_evp_cipher_aes_gcm(void)
* subsequent EVP_CTRL_GCM_IV_GEN should fail. This matches OpenSSL
* behavior.
*/
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
(void*)iv), SSL_SUCCESS);
- AssertIntEQ(EVP_CipherInit(encCtx, NULL, NULL, iv, 1),
+ ExpectIntEQ(EVP_CipherInit(encCtx, NULL, NULL, iv, 1),
SSL_SUCCESS);
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_FAILURE);
- AssertIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), key, NULL, 0),
+ ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), key, NULL, 0),
SSL_SUCCESS);
- AssertIntEQ(EVP_CipherInit(decCtx, NULL, NULL, iv, 0),
+ ExpectIntEQ(EVP_CipherInit(decCtx, NULL, NULL, iv, 0),
SSL_SUCCESS);
}
/* Second iteration, IV before key. */
else {
- AssertIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), NULL, iv, 1),
+ ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), NULL, iv, 1),
SSL_SUCCESS);
- AssertIntEQ(EVP_CipherInit(encCtx, NULL, key, NULL, 1),
+ ExpectIntEQ(EVP_CipherInit(encCtx, NULL, key, NULL, 1),
SSL_SUCCESS);
- AssertIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), NULL, iv, 0),
+ ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), NULL, iv, 0),
SSL_SUCCESS);
- AssertIntEQ(EVP_CipherInit(decCtx, NULL, key, NULL, 0),
+ ExpectIntEQ(EVP_CipherInit(decCtx, NULL, key, NULL, 0),
SSL_SUCCESS);
}
@@ -50820,48 +49148,48 @@ static int test_evp_cipher_aes_gcm(void)
* EVP_CTRL_GCM_IV_GEN should fail if EVP_CTRL_GCM_SET_IV_FIXED hasn't
* been issued first.
*/
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_FAILURE);
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
(void*)iv), SSL_SUCCESS);
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
(void*)iv), SSL_SUCCESS);
for (j = 0; j < NUM_ENCRYPTIONS; ++j) {
/*************** Encrypt ***************/
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_SUCCESS);
/* Check current IV against expected. */
- AssertIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
+ ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
/* Add AAD. */
if (i == 2) {
/* Test streaming API. */
- AssertIntEQ(EVP_CipherUpdate(encCtx, NULL, &outl, aads[j],
+ ExpectIntEQ(EVP_CipherUpdate(encCtx, NULL, &outl, aads[j],
AAD_SIZE), SSL_SUCCESS);
}
else {
- AssertIntEQ(EVP_Cipher(encCtx, NULL, aads[j], AAD_SIZE),
+ ExpectIntEQ(EVP_Cipher(encCtx, NULL, aads[j], AAD_SIZE),
AAD_SIZE);
}
- AssertNotNull(cipherText = (byte*)XMALLOC(plainTextSzs[j], NULL,
+ ExpectNotNull(cipherText = (byte*)XMALLOC(plainTextSzs[j], NULL,
DYNAMIC_TYPE_TMP_BUFFER));
/* Encrypt plaintext. */
if (i == 2) {
- AssertIntEQ(EVP_CipherUpdate(encCtx, cipherText, &outl,
+ ExpectIntEQ(EVP_CipherUpdate(encCtx, cipherText, &outl,
plainTexts[j], plainTextSzs[j]),
SSL_SUCCESS);
}
else {
- AssertIntEQ(EVP_Cipher(encCtx, cipherText, plainTexts[j],
+ ExpectIntEQ(EVP_Cipher(encCtx, cipherText, plainTexts[j],
plainTextSzs[j]), plainTextSzs[j]);
}
if (i == 2) {
- AssertIntEQ(EVP_CipherFinal(encCtx, cipherText, &outl),
+ ExpectIntEQ(EVP_CipherFinal(encCtx, cipherText, &outl),
SSL_SUCCESS);
}
else {
@@ -50869,79 +49197,82 @@ static int test_evp_cipher_aes_gcm(void)
* Calling EVP_Cipher with NULL input and output for AES-GCM is
* akin to calling EVP_CipherFinal.
*/
- AssertIntGE(EVP_Cipher(encCtx, NULL, NULL, 0), 0);
+ ExpectIntGE(EVP_Cipher(encCtx, NULL, NULL, 0), 0);
}
/* Check ciphertext against expected. */
- AssertIntEQ(XMEMCMP(cipherText, expCipherTexts[j], plainTextSzs[j]),
+ ExpectIntEQ(XMEMCMP(cipherText, expCipherTexts[j], plainTextSzs[j]),
0);
/* Get and check tag against expected. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_GET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_GET_TAG,
sizeof(tag), tag), SSL_SUCCESS);
- AssertIntEQ(XMEMCMP(tag, expTags[j], sizeof(tag)), 0);
+ ExpectIntEQ(XMEMCMP(tag, expTags[j], sizeof(tag)), 0);
/*************** Decrypt ***************/
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_IV_GEN, -1,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_IV_GEN, -1,
currentIv), SSL_SUCCESS);
/* Check current IV against expected. */
- AssertIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
+ ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
/* Add AAD. */
if (i == 2) {
/* Test streaming API. */
- AssertIntEQ(EVP_CipherUpdate(decCtx, NULL, &outl, aads[j],
+ ExpectIntEQ(EVP_CipherUpdate(decCtx, NULL, &outl, aads[j],
AAD_SIZE), SSL_SUCCESS);
}
else {
- AssertIntEQ(EVP_Cipher(decCtx, NULL, aads[j], AAD_SIZE),
+ ExpectIntEQ(EVP_Cipher(decCtx, NULL, aads[j], AAD_SIZE),
AAD_SIZE);
}
/* Set expected tag. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_TAG,
sizeof(tag), tag), SSL_SUCCESS);
/* Decrypt ciphertext. */
- AssertNotNull(calcPlainText = (byte*)XMALLOC(plainTextSzs[j], NULL,
+ ExpectNotNull(calcPlainText = (byte*)XMALLOC(plainTextSzs[j], NULL,
DYNAMIC_TYPE_TMP_BUFFER));
if (i == 2) {
- AssertIntEQ(EVP_CipherUpdate(decCtx, calcPlainText, &outl,
+ ExpectIntEQ(EVP_CipherUpdate(decCtx, calcPlainText, &outl,
cipherText, plainTextSzs[j]),
SSL_SUCCESS);
}
else {
/* This first EVP_Cipher call will check the tag, too. */
- AssertIntEQ(EVP_Cipher(decCtx, calcPlainText, cipherText,
+ ExpectIntEQ(EVP_Cipher(decCtx, calcPlainText, cipherText,
plainTextSzs[j]), plainTextSzs[j]);
}
if (i == 2) {
- AssertIntEQ(EVP_CipherFinal(decCtx, calcPlainText, &outl),
+ ExpectIntEQ(EVP_CipherFinal(decCtx, calcPlainText, &outl),
SSL_SUCCESS);
}
else {
- AssertIntGE(EVP_Cipher(decCtx, NULL, NULL, 0), 0);
+ ExpectIntGE(EVP_Cipher(decCtx, NULL, NULL, 0), 0);
}
/* Check plaintext against expected. */
- AssertIntEQ(XMEMCMP(calcPlainText, plainTexts[j], plainTextSzs[j]),
+ ExpectIntEQ(XMEMCMP(calcPlainText, plainTexts[j], plainTextSzs[j]),
0);
XFREE(cipherText, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ cipherText = NULL;
XFREE(calcPlainText, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ calcPlainText = NULL;
}
EVP_CIPHER_CTX_free(encCtx);
+ encCtx = NULL;
EVP_CIPHER_CTX_free(decCtx);
+ decCtx = NULL;
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_ln(void)
{
+ EXPECT_DECLS;
const int nid_set[] = {
NID_commonName,
NID_serialNumber,
@@ -50972,20 +49303,20 @@ static int test_wolfSSL_OBJ_ln(void)
};
size_t i = 0, maxIdx = sizeof(ln_set)/sizeof(char*);
- AssertIntEQ(OBJ_ln2nid(NULL), NID_undef);
+ ExpectIntEQ(OBJ_ln2nid(NULL), NID_undef);
#ifdef HAVE_ECC
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
{
EC_builtin_curve r[27];
size_t nCurves = sizeof(r) / sizeof(r[0]);
- nCurves = EC_get_builtin_curves(r,nCurves);
+ nCurves = EC_get_builtin_curves(r, nCurves);
for (i = 0; i < nCurves; i++) {
/* skip ECC_CURVE_INVALID */
if (r[i].nid != ECC_CURVE_INVALID) {
- AssertIntEQ(OBJ_ln2nid(r[i].comment), r[i].nid);
- AssertStrEQ(OBJ_nid2ln(r[i].nid), r[i].comment);
+ ExpectIntEQ(OBJ_ln2nid(r[i].comment), r[i].nid);
+ ExpectStrEQ(OBJ_nid2ln(r[i].nid), r[i].comment);
}
}
}
@@ -50993,15 +49324,16 @@ static int test_wolfSSL_OBJ_ln(void)
#endif
for (i = 0; i < maxIdx; i++) {
- AssertIntEQ(OBJ_ln2nid(ln_set[i]), nid_set[i]);
- AssertStrEQ(OBJ_nid2ln(nid_set[i]), ln_set[i]);
+ ExpectIntEQ(OBJ_ln2nid(ln_set[i]), nid_set[i]);
+ ExpectStrEQ(OBJ_nid2ln(nid_set[i]), ln_set[i]);
}
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OBJ_sn(void)
{
+ EXPECT_DECLS;
int i = 0, maxIdx = 7;
const int nid_set[] = {NID_commonName,NID_countryName,NID_localityName,
NID_stateOrProvinceName,NID_organizationName,
@@ -51012,13 +49344,13 @@ static int test_wolfSSL_OBJ_sn(void)
WOLFSSL_ORG_NAME, WOLFSSL_ORGUNIT_NAME,
WOLFSSL_EMAIL_ADDR};
- AssertIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef);
+ ExpectIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef);
for (i = 0; i < maxIdx; i++) {
- AssertIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]);
- AssertStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]);
+ ExpectIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]);
+ ExpectStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]);
}
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#if !defined(NO_BIO)
@@ -51035,9 +49367,9 @@ static int TXT_DB_cmp(const WOLFSSL_STRING *a, const WOLFSSL_STRING *b)
static int test_wolfSSL_TXT_DB(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_BIO)
- BIO *bio;
+ BIO *bio = NULL;
TXT_DB *db = NULL;
const int columns = 6;
const char *fields[6] = {
@@ -51048,114 +49380,116 @@ static int test_wolfSSL_TXT_DB(void)
"unknown",
"/CN=rsa doe",
};
- char** fields_copy;
+ char** fields_copy = NULL;
/* Test read */
- AssertNotNull(bio = BIO_new(BIO_s_file()));
- AssertIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0);
- AssertNotNull(db = TXT_DB_read(bio, columns));
- AssertNotNull(fields_copy = (char**)XMALLOC(sizeof(fields), NULL,
- DYNAMIC_TYPE_OPENSSL));
- XMEMCPY(fields_copy, fields, sizeof(fields));
- AssertIntEQ(TXT_DB_insert(db, fields_copy), 1);
+ ExpectNotNull(bio = BIO_new(BIO_s_file()));
+ ExpectIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0);
+ ExpectNotNull(db = TXT_DB_read(bio, columns));
+ ExpectNotNull(fields_copy = (char**)XMALLOC(sizeof(fields), NULL,
+ DYNAMIC_TYPE_OPENSSL));
+ if (fields_copy != NULL) {
+ XMEMCPY(fields_copy, fields, sizeof(fields));
+ }
+ ExpectIntEQ(TXT_DB_insert(db, fields_copy), 1);
+ if (EXPECT_FAIL()) {
+ XFREE(fields_copy, NULL, DYNAMIC_TYPE_OPENSSL);
+ }
BIO_free(bio);
+ bio = NULL;
/* Test write */
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertIntEQ(TXT_DB_write(bio, db), 1484);
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(TXT_DB_write(bio, db), 1484);
BIO_free(bio);
/* Test index */
- AssertIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash,
- (wolf_lh_compare_cb)TXT_DB_cmp), 1);
- AssertNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+ ExpectIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash,
+ (wolf_lh_compare_cb)TXT_DB_cmp), 1);
+ ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "12DA";
- AssertNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+ ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "FFFF";
- AssertNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+ ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
fields[3] = "";
- AssertNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+ ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
TXT_DB_free(db);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_NCONF(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_BIO)
const char* confFile = "./tests/NCONF_test.cnf";
CONF* conf = NULL;
long eline = 0;
long num = 0;
- AssertNotNull(conf = NCONF_new(NULL));
+ ExpectNotNull(conf = NCONF_new(NULL));
- AssertIntEQ(NCONF_load(conf, confFile, &eline), 1);
- AssertIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1);
- AssertIntEQ(num, 1234);
- AssertIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1);
- AssertIntEQ(num, 4321);
- AssertStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir");
- AssertStrEQ(NCONF_get_string(conf, "section1", "file1_copy"),
- "./test-dir/file1");
- AssertStrEQ(NCONF_get_string(conf, "section2", "file_list"),
- "./test-dir/file1:./test-dir/file2:./section1:file2");
+ ExpectIntEQ(NCONF_load(conf, confFile, &eline), 1);
+ ExpectIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1);
+ ExpectIntEQ(num, 1234);
+ ExpectIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1);
+ ExpectIntEQ(num, 4321);
+ ExpectStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir");
+ ExpectStrEQ(NCONF_get_string(conf, "section1", "file1_copy"),
+ "./test-dir/file1");
+ ExpectStrEQ(NCONF_get_string(conf, "section2", "file_list"),
+ "./test-dir/file1:./test-dir/file2:./section1:file2");
NCONF_free(conf);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* OPENSSL_ALL */
static int test_wolfSSL_X509V3_EXT_get(void) {
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
- FILE* f;
+ XFILE f = XBADFILE;
int numOfExt =0;
int extNid = 0;
int i = 0;
- WOLFSSL_X509* x509;
- WOLFSSL_X509_EXTENSION* ext;
- const WOLFSSL_v3_ext_method* method;
+ WOLFSSL_X509* x509 = NULL;
+ WOLFSSL_X509_EXTENSION* ext = NULL;
+ const WOLFSSL_v3_ext_method* method = NULL;
- AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
+ ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
/* wolfSSL_X509V3_EXT_get() return struct and nid test */
- AssertIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
+ ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
for (i = 0; i < numOfExt; i++) {
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
- AssertIntNE((extNid = ext->obj->nid), NID_undef);
- AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
- AssertIntEQ(method->ext_nid, extNid);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+ ExpectIntNE((extNid = ext->obj->nid), NID_undef);
+ ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
+ ExpectIntEQ(method->ext_nid, extNid);
}
/* wolfSSL_X509V3_EXT_get() NULL argument test */
- AssertNull(method = wolfSSL_X509V3_EXT_get(NULL));
+ ExpectNull(method = wolfSSL_X509V3_EXT_get(NULL));
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509V3_EXT_nconf(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_ALL
const char *ext_names[] = {
"subjectKeyIdentifier",
"authorityKeyIdentifier",
"subjectAltName",
"keyUsage",
+ "extendedKeyUsage",
};
size_t ext_names_count = sizeof(ext_names)/sizeof(*ext_names);
int ext_nids[] = {
@@ -51163,193 +49497,244 @@ static int test_wolfSSL_X509V3_EXT_nconf(void)
NID_authority_key_identifier,
NID_subject_alt_name,
NID_key_usage,
+ NID_ext_key_usage,
};
size_t ext_nids_count = sizeof(ext_nids)/sizeof(*ext_nids);
const char *ext_values[] = {
"hash",
"hash",
"DNS:example.com, IP:127.0.0.1",
- "digitalSignature,keyEncipherment,dataEncipherment",
+ "digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,"
+ "keyAgreement,keyCertSign,cRLSign,encipherOnly,decipherOnly",
+ "serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,"
+ "OCSPSigning",
};
size_t i;
- X509_EXTENSION* ext;
- X509* x509 = X509_new();
+ X509_EXTENSION* ext = NULL;
+ X509* x509 = NULL;
+ unsigned int keyUsageFlags;
+ unsigned int extKeyUsageFlags;
+
+ ExpectNotNull(x509 = X509_new());
+
+ /* keyUsage / extKeyUsage should match string above */
+ keyUsageFlags = KU_DIGITAL_SIGNATURE
+ | KU_NON_REPUDIATION
+ | KU_KEY_ENCIPHERMENT
+ | KU_DATA_ENCIPHERMENT
+ | KU_KEY_AGREEMENT
+ | KU_KEY_CERT_SIGN
+ | KU_CRL_SIGN
+ | KU_ENCIPHER_ONLY
+ | KU_DECIPHER_ONLY;
+ extKeyUsageFlags = XKU_SSL_CLIENT
+ | XKU_SSL_SERVER
+ | XKU_CODE_SIGN
+ | XKU_SMIME
+ | XKU_TIMESTAMP
+ | XKU_OCSP_SIGN;
for (i = 0; i < ext_names_count; i++) {
- ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i], ext_values[i]);
- AssertNotNull(ext);
+ ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i],
+ ext_values[i]));
X509_EXTENSION_free(ext);
+ ext = NULL;
}
for (i = 0; i < ext_nids_count; i++) {
- ext = X509V3_EXT_nconf_nid(NULL, NULL, ext_nids[i], ext_values[i]);
- AssertNotNull(ext);
+ ExpectNotNull(ext = X509V3_EXT_nconf_nid(NULL, NULL, ext_nids[i],
+ ext_values[i]));
X509_EXTENSION_free(ext);
+ ext = NULL;
}
/* Test adding extension to X509 */
for (i = 0; i < ext_nids_count; i++) {
- ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i], ext_values[i]);
- AssertIntEQ(X509_add_ext(x509, ext, -1), WOLFSSL_SUCCESS);
+ ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i],
+ ext_values[i]));
+ ExpectIntEQ(X509_add_ext(x509, ext, -1), WOLFSSL_SUCCESS);
+
+ if (ext_nids[i] == NID_key_usage) {
+ ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
+ }
+ else if (ext_nids[i] == NID_ext_key_usage) {
+ ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
+ }
X509_EXTENSION_free(ext);
+ ext = NULL;
}
X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509V3_EXT(void) {
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
- FILE* f;
- int numOfExt = 0, nid = 0, i = 0, expected, actual;
- char* str;
- unsigned char* data;
- const WOLFSSL_v3_ext_method* method;
- WOLFSSL_X509* x509;
- WOLFSSL_X509_EXTENSION* ext;
- WOLFSSL_X509_EXTENSION* ext2;
- WOLFSSL_ASN1_OBJECT *obj, *adObj;
- WOLFSSL_ASN1_STRING* asn1str;
- WOLFSSL_AUTHORITY_KEYID* aKeyId;
- WOLFSSL_AUTHORITY_INFO_ACCESS* aia;
- WOLFSSL_BASIC_CONSTRAINTS* bc;
- WOLFSSL_ACCESS_DESCRIPTION* ad;
- WOLFSSL_GENERAL_NAME* gn;
+ XFILE f = XBADFILE;
+ int numOfExt = 0, nid = 0, i = 0, expected, actual = 0;
+ char* str = NULL;
+ unsigned char* data = NULL;
+ const WOLFSSL_v3_ext_method* method = NULL;
+ WOLFSSL_X509* x509 = NULL;
+ WOLFSSL_X509_EXTENSION* ext = NULL;
+ WOLFSSL_X509_EXTENSION* ext2 = NULL;
+ WOLFSSL_ASN1_OBJECT *obj = NULL;
+ WOLFSSL_ASN1_OBJECT *adObj = NULL;
+ WOLFSSL_ASN1_STRING* asn1str = NULL;
+ WOLFSSL_AUTHORITY_KEYID* aKeyId = NULL;
+ WOLFSSL_AUTHORITY_INFO_ACCESS* aia = NULL;
+ WOLFSSL_BASIC_CONSTRAINTS* bc = NULL;
+ WOLFSSL_ACCESS_DESCRIPTION* ad = NULL;
+ WOLFSSL_GENERAL_NAME* gn = NULL;
/* Check NULL argument */
- AssertNull(wolfSSL_X509V3_EXT_d2i(NULL));
+ ExpectNull(wolfSSL_X509V3_EXT_d2i(NULL));
/* Using OCSP cert with X509V3 extensions */
- AssertNotNull(f = fopen("./certs/ocsp/root-ca-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
+ ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
- AssertIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
+ ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
/* Basic Constraints */
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
- AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
- AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_basic_constraints);
- AssertNotNull(bc = (WOLFSSL_BASIC_CONSTRAINTS*)wolfSSL_X509V3_EXT_d2i(ext));
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+ ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+ ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_basic_constraints);
+ ExpectNotNull(bc = (WOLFSSL_BASIC_CONSTRAINTS*)wolfSSL_X509V3_EXT_d2i(ext));
- AssertIntEQ(bc->ca, 1);
- AssertNull(bc->pathlen);
+ ExpectIntEQ(bc->ca, 1);
+ ExpectNull(bc->pathlen);
wolfSSL_BASIC_CONSTRAINTS_free(bc);
+ bc = NULL;
i++;
/* Subject Key Identifier */
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
- AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
- AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_subject_key_identifier);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+ ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+ ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_subject_key_identifier);
- AssertNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
- AssertNotNull(ext2 = wolfSSL_X509V3_EXT_i2d(NID_subject_key_identifier, 0,
- asn1str));
+ ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
+ ExpectNotNull(ext2 = wolfSSL_X509V3_EXT_i2d(NID_subject_key_identifier, 0,
+ asn1str));
X509_EXTENSION_free(ext2);
- AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
- AssertNotNull(method->i2s);
- AssertNotNull(str = method->i2s((WOLFSSL_v3_ext_method*)method, asn1str));
+ ext2 = NULL;
+ ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
+ ExpectNotNull(method->i2s);
+ ExpectNotNull(str = method->i2s((WOLFSSL_v3_ext_method*)method, asn1str));
wolfSSL_ASN1_STRING_free(asn1str);
- actual = strcmp(str,
- "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
- AssertIntEQ(actual, 0);
+ asn1str = NULL;
+ if (str != NULL) {
+ actual = strcmp(str,
+ "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
+ }
+ ExpectIntEQ(actual, 0);
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ str = NULL;
i++;
/* Authority Key Identifier */
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
- AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
- AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_authority_key_identifier);
-
- AssertNotNull(aKeyId =
- (WOLFSSL_AUTHORITY_KEYID*)wolfSSL_X509V3_EXT_d2i(ext));
- AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
- AssertNotNull(asn1str = aKeyId->keyid);
- AssertNotNull(str =
- wolfSSL_i2s_ASN1_STRING((WOLFSSL_v3_ext_method*)method, asn1str));
- actual = strcmp(str,
- "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
- AssertIntEQ(actual, 0);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+ ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+ ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_authority_key_identifier);
+
+ ExpectNotNull(aKeyId = (WOLFSSL_AUTHORITY_KEYID*)wolfSSL_X509V3_EXT_d2i(
+ ext));
+ ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
+ ExpectNotNull(asn1str = aKeyId->keyid);
+ ExpectNotNull(str = wolfSSL_i2s_ASN1_STRING((WOLFSSL_v3_ext_method*)method,
+ asn1str));
+ asn1str = NULL;
+ if (str != NULL) {
+ actual = strcmp(str,
+ "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
+ }
+ ExpectIntEQ(actual, 0);
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ str = NULL;
wolfSSL_AUTHORITY_KEYID_free(aKeyId);
+ aKeyId = NULL;
i++;
/* Key Usage */
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
- AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
- AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+ ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+ ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage);
- AssertNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
+ ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
#if defined(WOLFSSL_QT)
- AssertNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str));
+ ExpectNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str));
#else
- AssertNotNull(data = wolfSSL_ASN1_STRING_data(asn1str));
+ ExpectNotNull(data = wolfSSL_ASN1_STRING_data(asn1str));
#endif
expected = KEYUSE_KEY_CERT_SIGN | KEYUSE_CRL_SIGN;
-#ifdef BIG_ENDIAN_ORDER
- actual = data[1];
-#else
- actual = data[0];
-#endif
- AssertIntEQ(actual, expected);
+ if (data != NULL) {
+ #ifdef BIG_ENDIAN_ORDER
+ actual = data[1];
+ #else
+ actual = data[0];
+ #endif
+ }
+ ExpectIntEQ(actual, expected);
wolfSSL_ASN1_STRING_free(asn1str);
+ asn1str = NULL;
#if 1
i++;
/* Authority Info Access */
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
- AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
- AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access);
- AssertNotNull(aia =
- (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext));
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+ ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+ ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access);
+ ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(
+ ext));
#if defined(WOLFSSL_QT)
- AssertIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
+ ExpectIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
#else
- AssertIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
+ ExpectIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
#endif
/* URI entry is an ACCESS_DESCRIPTION type */
#if defined(WOLFSSL_QT)
- AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0));
+ ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0));
#else
- AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0));
+ ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0));
#endif
- AssertNotNull(adObj = ad->method);
+ ExpectNotNull(adObj = ad->method);
/* Make sure nid is OCSP */
- AssertIntEQ(wolfSSL_OBJ_obj2nid(adObj), NID_ad_OCSP);
+ ExpectIntEQ(wolfSSL_OBJ_obj2nid(adObj), NID_ad_OCSP);
/* GENERAL_NAME stores URI as an ASN1_STRING */
- AssertNotNull(gn = ad->location);
- AssertIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */
- AssertNotNull(asn1str = gn->d.uniformResourceIdentifier);
- AssertIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22);
- #if defined(WOLFSSL_QT)
- str = (char*)ASN1_STRING_get0_data(asn1str);
- #else
- str = (char*)wolfSSL_ASN1_STRING_data(asn1str);
- #endif
- actual = strcmp(str, "http://127.0.0.1:22220");
- AssertIntEQ(actual, 0);
+ ExpectNotNull(gn = ad->location);
+ ExpectIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */
+ ExpectNotNull(asn1str = gn->d.uniformResourceIdentifier);
+ ExpectIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22);
+#if defined(WOLFSSL_QT)
+ ExpectNotNull(str = (char*)ASN1_STRING_get0_data(asn1str));
+#else
+ ExpectNotNull(str = (char*)wolfSSL_ASN1_STRING_data(asn1str));
+#endif
+ if (str != NULL) {
+ actual = strcmp(str, "http://127.0.0.1:22220");
+ }
+ ExpectIntEQ(actual, 0);
wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
+ aia = NULL;
#else
(void) aia; (void) ad; (void) adObj; (void) gn;
#endif
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_extension_flags(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
- XFILE f;
- X509* x509;
+ XFILE f = XBADFILE;
+ X509* x509 = NULL;
unsigned int extFlags;
unsigned int keyUsageFlags;
unsigned int extKeyUsageFlags;
@@ -51363,14 +49748,18 @@ static int test_wolfSSL_X509_get_extension_flags(void)
/* and the following extended key usage flags. */
extKeyUsageFlags = XKU_SSL_CLIENT | XKU_SMIME;
- f = XFOPEN("./certs/intermediate/client-int-cert.pem", "rb");
- AssertTrue(f != XBADFILE);
- AssertNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
- XFCLOSE(f);
- AssertIntEQ(X509_get_extension_flags(x509), extFlags);
- AssertIntEQ(X509_get_key_usage(x509), keyUsageFlags);
- AssertIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
+ ExpectTrue((f = XFOPEN("./certs/intermediate/client-int-cert.pem", "rb")) !=
+ XBADFILE);
+ ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
+ ExpectIntEQ(X509_get_extension_flags(x509), extFlags);
+ ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
+ ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
X509_free(x509);
+ x509 = NULL;
/* client-cert-ext.pem has the following extension flags. */
extFlags = EXFLAG_KUSAGE;
@@ -51379,103 +49768,100 @@ static int test_wolfSSL_X509_get_extension_flags(void)
| KU_KEY_CERT_SIGN
| KU_CRL_SIGN;
- AssertNotNull(f = fopen("./certs/client-cert-ext.pem", "rb"));
- AssertNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
- XFCLOSE(f);
- AssertIntEQ(X509_get_extension_flags(x509), extFlags);
- AssertIntEQ(X509_get_key_usage(x509), keyUsageFlags);
+ ExpectTrue((f = fopen("./certs/client-cert-ext.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
+ ExpectIntEQ(X509_get_extension_flags(x509), extFlags);
+ ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_ALL */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
int ret = 0;
- FILE* f;
- WOLFSSL_X509* x509;
+ XFILE f = XBADFILE;
+ WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* foundExtension;
- AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
- AssertIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
+ ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
+ ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
/* wolfSSL_X509_get_ext() valid input */
- AssertNotNull(foundExtension = wolfSSL_X509_get_ext(x509, 0));
+ ExpectNotNull(foundExtension = wolfSSL_X509_get_ext(x509, 0));
/* wolfSSL_X509_get_ext() valid x509, idx out of bounds */
- AssertNull(foundExtension = wolfSSL_X509_get_ext(x509, -1));
- AssertNull(foundExtension = wolfSSL_X509_get_ext(x509, 100));
+ ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, -1));
+ ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, 100));
/* wolfSSL_X509_get_ext() NULL x509, idx out of bounds */
- AssertNull(foundExtension = wolfSSL_X509_get_ext(NULL, -1));
- AssertNull(foundExtension = wolfSSL_X509_get_ext(NULL, 100));
+ ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, -1));
+ ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 100));
/* wolfSSL_X509_get_ext() NULL x509, valid idx */
- AssertNull(foundExtension = wolfSSL_X509_get_ext(NULL, 0));
+ ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 0));
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext_by_NID(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
int rc;
- FILE* f;
- WOLFSSL_X509* x509;
+ XFILE f = XBADFILE;
+ WOLFSSL_X509* x509 = NULL;
ASN1_OBJECT* obj = NULL;
- AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
+ ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
- rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1);
- AssertIntGE(rc, 0);
+ ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
+ -1), 0);
/* Start search from last location (should fail) */
- rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, rc);
- AssertIntGE(rc, -1);
+ ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
+ rc), -1);
- rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -2);
- AssertIntGE(rc, -1);
+ ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
+ -2), -1);
- rc = wolfSSL_X509_get_ext_by_NID(NULL, NID_basic_constraints, -1);
- AssertIntEQ(rc, -1);
+ ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(NULL, NID_basic_constraints,
+ -1), -1);
- rc = wolfSSL_X509_get_ext_by_NID(x509, NID_undef, -1);
- AssertIntEQ(rc, -1);
+ ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_undef, -1), -1);
/* NID_ext_key_usage, check also its nid and oid */
- rc = wolfSSL_X509_get_ext_by_NID(x509, NID_ext_key_usage, -1);
- AssertIntGT(rc, -1);
- AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(wolfSSL_X509_get_ext(x509, rc)));
- AssertIntEQ(obj->nid, NID_ext_key_usage);
- AssertIntEQ(obj->type, EXT_KEY_USAGE_OID);
+ ExpectIntGT(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_ext_key_usage, -1),
+ -1);
+ ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(wolfSSL_X509_get_ext(
+ x509, rc)));
+ ExpectIntEQ(obj->nid, NID_ext_key_usage);
+ ExpectIntEQ(obj->type, EXT_KEY_USAGE_OID);
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_get_ext_subj_alt_name(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
int rc;
- XFILE f;
- WOLFSSL_X509* x509;
+ XFILE f = XBADFILE;
+ WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext;
WOLFSSL_ASN1_STRING* sanString;
byte* sanDer;
@@ -51484,160 +49870,153 @@ static int test_wolfSSL_X509_get_ext_subj_alt_name(void)
0x30, 0x13, 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e,
0x63, 0x6f, 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01};
- f = XFOPEN("./certs/server-cert.pem", "rb");
- AssertTrue(f != XBADFILE);
- AssertNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
+ ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ XFCLOSE(f);
- rc = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1);
- AssertIntNE(rc, -1);
- AssertNotNull(ext = X509_get_ext(x509, rc));
- AssertNotNull(sanString = X509_EXTENSION_get_data(ext));
- AssertIntEQ(ASN1_STRING_length(sanString), sizeof(expectedDer));
- AssertNotNull(sanDer = ASN1_STRING_data(sanString));
- AssertIntEQ(XMEMCMP(sanDer, expectedDer, sizeof(expectedDer)), 0);
+ ExpectIntNE(rc = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1), -1);
+ ExpectNotNull(ext = X509_get_ext(x509, rc));
+ ExpectNotNull(sanString = X509_EXTENSION_get_data(ext));
+ ExpectIntEQ(ASN1_STRING_length(sanString), sizeof(expectedDer));
+ ExpectNotNull(sanDer = ASN1_STRING_data(sanString));
+ ExpectIntEQ(XMEMCMP(sanDer, expectedDer, sizeof(expectedDer)), 0);
X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_new(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined (OPENSSL_ALL)
- WOLFSSL_X509_EXTENSION* ext;
+ WOLFSSL_X509_EXTENSION* ext = NULL;
- AssertNotNull(ext = wolfSSL_X509_EXTENSION_new());
- AssertNotNull(ext->obj = wolfSSL_ASN1_OBJECT_new());
- ext->obj->nid = WOLFSSL_SUCCESS;
- AssertIntEQ(WOLFSSL_SUCCESS, ext->obj->nid);
+ ExpectNotNull(ext = wolfSSL_X509_EXTENSION_new());
+ ExpectNotNull(ext->obj = wolfSSL_ASN1_OBJECT_new());
wolfSSL_X509_EXTENSION_free(ext);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_get_object(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
- WOLFSSL_X509* x509;
- WOLFSSL_X509_EXTENSION* ext;
- WOLFSSL_ASN1_OBJECT* o;
- FILE* file;
+ WOLFSSL_X509* x509 = NULL;
+ WOLFSSL_X509_EXTENSION* ext = NULL;
+ WOLFSSL_ASN1_OBJECT* o = NULL;
+ XFILE file = XBADFILE;
- AssertNotNull(file = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
- fclose(file);
+ ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
+ if (file != XBADFILE)
+ XFCLOSE(file);
/* wolfSSL_X509_EXTENSION_get_object() testing ext idx 0 */
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
- AssertNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext));
- AssertIntEQ(o->nid, 128);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
+ ExpectNull(wolfSSL_X509_EXTENSION_get_object(NULL));
+ ExpectNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext));
+ ExpectIntEQ(o->nid, 128);
/* wolfSSL_X509_EXTENSION_get_object() NULL argument */
- AssertNull(o = wolfSSL_X509_EXTENSION_get_object(NULL));
+ ExpectNull(o = wolfSSL_X509_EXTENSION_get_object(NULL));
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_get_data(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
- WOLFSSL_X509* x509;
+ WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext;
WOLFSSL_ASN1_STRING* str;
- FILE* file;
+ XFILE file = XBADFILE;
- AssertNotNull(file = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
- fclose(file);
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
+ ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
+ if (file != XBADFILE)
+ XFCLOSE(file);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
- AssertNotNull(str = wolfSSL_X509_EXTENSION_get_data(ext));
+ ExpectNull(str = wolfSSL_X509_EXTENSION_get_data(NULL));
+ ExpectNotNull(str = wolfSSL_X509_EXTENSION_get_data(ext));
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_EXTENSION_get_critical(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
- WOLFSSL_X509* x509;
+ WOLFSSL_X509* x509 = NULL;
WOLFSSL_X509_EXTENSION* ext;
- FILE* file;
+ XFILE file = XBADFILE;
int crit;
- AssertNotNull(file = fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
- fclose(file);
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
+ ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
+ if (file != XBADFILE)
+ XFCLOSE(file);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
- crit = wolfSSL_X509_EXTENSION_get_critical(ext);
- AssertIntEQ(crit, 0);
+ ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(ext), 0);
wolfSSL_X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509V3_EXT_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_BIO) && \
!defined(NO_RSA)
{
- FILE* f;
- WOLFSSL_X509* x509;
+ XFILE f = XBADFILE;
+ WOLFSSL_X509* x509 = NULL;
X509_EXTENSION * ext = NULL;
int loc;
BIO *bio = NULL;
- AssertNotNull(f = fopen(svrCertFile, "rb"));
- AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
- fclose(f);
+ ExpectTrue((f = XFOPEN(svrCertFile, "rb")) != XBADFILE);
+ ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+ if (f != XBADFILE)
+ fclose(f);
- AssertNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
+ ExpectNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
- loc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1);
- AssertIntGT(loc, -1);
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
- AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
+ ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
+ NID_basic_constraints, -1), -1);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
+ ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
- loc = wolfSSL_X509_get_ext_by_NID(x509, NID_subject_key_identifier, -1);
- AssertIntGT(loc, -1);
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
- AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
+ ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
+ NID_subject_key_identifier, -1), -1);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
+ ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
- loc = wolfSSL_X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
- AssertIntGT(loc, -1);
- AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
- AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
+ ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
+ NID_authority_key_identifier, -1), -1);
+ ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
+ ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
wolfSSL_BIO_free(bio);
wolfSSL_X509_free(x509);
}
{
- X509 *x509;
- BIO *bio;
+ X509 *x509 = NULL;
+ BIO *bio = NULL;
X509_EXTENSION *ext;
unsigned int i;
unsigned int idx;
@@ -51650,279 +50029,298 @@ static int test_wolfSSL_X509V3_EXT_print(void)
};
int* n;
- AssertNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
+ ExpectNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt,
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt,
WOLFSSL_FILETYPE_PEM));
- fprintf(stderr, "\nPrinting extension values:\n");
+ ExpectIntGT(fprintf(stderr, "\nPrinting extension values:\n"), 0);
for (i = 0, n = nids; i<(sizeof(nids)/sizeof(int)); i++, n++) {
/* X509_get_ext_by_NID should return 3 for now. If that changes then
* update the index */
- AssertIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3);
- AssertNotNull(ext = X509_get_ext(x509, idx));
- AssertIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1);
- fprintf(stderr, "\n");
+ ExpectIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3);
+ ExpectNotNull(ext = X509_get_ext(x509, idx));
+ ExpectIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1);
+ ExpectIntGT(fprintf(stderr, "\n"), 0);
}
BIO_free(bio);
X509_free(x509);
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_cmp(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_RSA)
- FILE* file1;
- FILE* file2;
- WOLFSSL_X509* cert1;
- WOLFSSL_X509* cert2;
+ XFILE file1 = XBADFILE;
+ XFILE file2 = XBADFILE;
+ WOLFSSL_X509* cert1 = NULL;
+ WOLFSSL_X509* cert2 = NULL;
- AssertNotNull(file1=fopen("./certs/server-cert.pem", "rb"));
- AssertNotNull(file2=fopen("./certs/3072/client-cert.pem", "rb"));
+ ExpectTrue((file1 = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+ ExpectTrue((file2 = XFOPEN("./certs/3072/client-cert.pem", "rb")) !=
+ XBADFILE);
- AssertNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
- AssertNotNull(cert2 = wolfSSL_PEM_read_X509(file2, NULL, NULL, NULL));
- fclose(file1);
- fclose(file2);
+ ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
+ ExpectNotNull(cert2 = wolfSSL_PEM_read_X509(file2, NULL, NULL, NULL));
+ if (file1 != XBADFILE)
+ fclose(file1);
+ if (file2 != XBADFILE)
+ fclose(file2);
/* wolfSSL_X509_cmp() testing matching certs */
- AssertIntEQ(0, wolfSSL_X509_cmp(cert1, cert1));
+ ExpectIntEQ(0, wolfSSL_X509_cmp(cert1, cert1));
/* wolfSSL_X509_cmp() testing mismatched certs */
- AssertIntEQ(-1, wolfSSL_X509_cmp(cert1, cert2));
+ ExpectIntEQ(-1, wolfSSL_X509_cmp(cert1, cert2));
/* wolfSSL_X509_cmp() testing NULL, valid args */
- AssertIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, cert2));
+ ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, cert2));
/* wolfSSL_X509_cmp() testing valid, NULL args */
- AssertIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(cert1, NULL));
+ ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(cert1, NULL));
/* wolfSSL_X509_cmp() testing NULL, NULL args */
- AssertIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, NULL));
+ ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, NULL));
wolfSSL_X509_free(cert1);
wolfSSL_X509_free(cert2);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
-static int test_wolfSSL_PKEY_up_ref(void)
+static int test_wolfSSL_EVP_PKEY_up_ref(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL)
EVP_PKEY* pkey;
pkey = EVP_PKEY_new();
- AssertIntEQ(EVP_PKEY_up_ref(NULL), 0);
- AssertIntEQ(EVP_PKEY_up_ref(pkey), 1);
+ ExpectNotNull(pkey);
+ ExpectIntEQ(EVP_PKEY_up_ref(NULL), 0);
+ ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
EVP_PKEY_free(pkey);
- AssertIntEQ(EVP_PKEY_up_ref(pkey), 1);
+ ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
EVP_PKEY_free(pkey);
EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_and_i2d_PublicKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
- EVP_PKEY* pkey;
+ EVP_PKEY* pkey = NULL;
const unsigned char* p;
- unsigned char *der = NULL, *tmp = NULL;
+ unsigned char *der = NULL;
+ unsigned char *tmp = NULL;
int derLen;
p = client_keypub_der_2048;
/* Check that key can be successfully decoded. */
- AssertNotNull(pkey = wolfSSL_d2i_PublicKey(EVP_PKEY_RSA, NULL, &p,
+ ExpectNotNull(pkey = wolfSSL_d2i_PublicKey(EVP_PKEY_RSA, NULL, &p,
sizeof_client_keypub_der_2048));
/* Check that key can be successfully encoded. */
- AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
+ ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
/* Ensure that the encoded version matches the original. */
- AssertIntEQ(derLen, sizeof_client_keypub_der_2048);
- AssertIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
+ ExpectIntEQ(derLen, sizeof_client_keypub_der_2048);
+ ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
/* Do same test except with pre-allocated buffer to ensure the der pointer
* is advanced. */
tmp = der;
- AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
- AssertIntEQ(derLen, sizeof_client_keypub_der_2048);
- AssertIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
- AssertTrue(der + derLen == tmp);
+ ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
+ ExpectIntEQ(derLen, sizeof_client_keypub_der_2048);
+ ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
+ ExpectTrue(der + derLen == tmp);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(NO_CERTS) && \
!defined(NO_ASN) && !defined(NO_PWDBASED)
- EVP_PKEY* pkey;
+ EVP_PKEY* pkey = NULL;
const unsigned char* p;
- unsigned char *der = NULL, *tmp = NULL;
+ unsigned char *der = NULL;
+ unsigned char *tmp = NULL;
int derLen;
unsigned char pub_buf[65];
const int pub_len = 65;
- BN_CTX * ctx;
- EC_GROUP * curve;
- EC_KEY * ephemeral_key;
- const EC_POINT * h;
+ BN_CTX* ctx;
+ EC_GROUP* curve = NULL;
+ EC_KEY* ephemeral_key = NULL;
+ const EC_POINT* h;
/* Generate an x963 key pair and get public part into pub_buf */
- AssertNotNull(ctx = BN_CTX_new());
- AssertNotNull(curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
- AssertNotNull(ephemeral_key = EC_KEY_new_by_curve_name(
- NID_X9_62_prime256v1));
- AssertIntEQ(EC_KEY_generate_key(ephemeral_key), 1);
- AssertNotNull(h = EC_KEY_get0_public_key(ephemeral_key));
- AssertIntEQ(pub_len, EC_POINT_point2oct(curve, h,
- POINT_CONVERSION_UNCOMPRESSED,
- pub_buf, pub_len, ctx));
+ ExpectNotNull(ctx = BN_CTX_new());
+ ExpectNotNull(curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(ephemeral_key = EC_KEY_new_by_curve_name(
+ NID_X9_62_prime256v1));
+ ExpectIntEQ(EC_KEY_generate_key(ephemeral_key), 1);
+ ExpectNotNull(h = EC_KEY_get0_public_key(ephemeral_key));
+ ExpectIntEQ(pub_len, EC_POINT_point2oct(curve, h,
+ POINT_CONVERSION_UNCOMPRESSED, pub_buf, pub_len, ctx));
/* Prepare the EVP_PKEY */
- AssertNotNull(pkey = EVP_PKEY_new());
+ ExpectNotNull(pkey = EVP_PKEY_new());
p = pub_buf;
/* Check that key can be successfully decoded. */
- AssertNotNull(wolfSSL_d2i_PublicKey(EVP_PKEY_EC, &pkey, &p,
+ ExpectNotNull(wolfSSL_d2i_PublicKey(EVP_PKEY_EC, &pkey, &p,
pub_len));
/* Check that key can be successfully encoded. */
- AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
+ ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
/* Ensure that the encoded version matches the original. */
- AssertIntEQ(derLen, pub_len);
- AssertIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
+ ExpectIntEQ(derLen, pub_len);
+ ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
/* Do same test except with pre-allocated buffer to ensure the der pointer
* is advanced. */
tmp = der;
- AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
- AssertIntEQ(derLen, pub_len);
- AssertIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
- AssertTrue(der + derLen == tmp);
+ ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
+ ExpectIntEQ(derLen, pub_len);
+ ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
+ ExpectTrue(der + derLen == tmp);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
EVP_PKEY_free(pkey);
EC_KEY_free(ephemeral_key);
EC_GROUP_free(curve);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_and_i2d_DSAparams(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DSA)
- DSA* dsa;
- char file[] = "./certs/dsaparams.der";
- XFILE f;
- int derInLen;
- byte* derIn;
- int derOutLen;
+ DSA* dsa = NULL;
+ byte derIn[] = {
+ 0x30, 0x82, 0x01, 0x1f, 0x02, 0x81, 0x81, 0x00,
+ 0xcd, 0xde, 0x25, 0x68, 0x80, 0x53, 0x0d, 0xe5,
+ 0x77, 0xd6, 0xd2, 0x90, 0x39, 0x3f, 0x90, 0xa2,
+ 0x3f, 0x33, 0x94, 0x6e, 0xe8, 0x4f, 0x2b, 0x63,
+ 0xab, 0x30, 0xab, 0x15, 0xba, 0x11, 0xea, 0x8a,
+ 0x5d, 0x8d, 0xcc, 0xb8, 0xd4, 0xa1, 0xd5, 0xc1,
+ 0x47, 0x9d, 0x5a, 0x73, 0x6a, 0x62, 0x49, 0xd1,
+ 0x06, 0x07, 0x67, 0xf6, 0x2f, 0xa3, 0x39, 0xbd,
+ 0x4e, 0x0d, 0xb4, 0xd3, 0x22, 0x23, 0x84, 0xec,
+ 0x93, 0x26, 0x5a, 0x49, 0xee, 0x7c, 0x89, 0x48,
+ 0x66, 0x4d, 0xe8, 0xe8, 0xd8, 0x50, 0xfb, 0xa5,
+ 0x71, 0x9f, 0x22, 0x18, 0xe5, 0xe6, 0x0b, 0x46,
+ 0x87, 0x66, 0xee, 0x52, 0x8f, 0x46, 0x4f, 0xb5,
+ 0x03, 0xce, 0xed, 0xe3, 0xbe, 0xe5, 0xb5, 0x81,
+ 0xd2, 0x59, 0xe9, 0xc0, 0xad, 0x4d, 0xd0, 0x4d,
+ 0x26, 0xf7, 0xba, 0x50, 0xe8, 0xc9, 0x8f, 0xfe,
+ 0x24, 0x19, 0x3d, 0x2e, 0xa7, 0x52, 0x3c, 0x6d,
+ 0x02, 0x15, 0x00, 0xfb, 0x47, 0xfb, 0xec, 0x81,
+ 0x20, 0xc8, 0x1c, 0xe9, 0x4a, 0xba, 0x04, 0x6f,
+ 0x19, 0x9b, 0x94, 0xee, 0x82, 0x67, 0xd3, 0x02,
+ 0x81, 0x81, 0x00, 0x9b, 0x95, 0xbb, 0x85, 0xc5,
+ 0x58, 0x4a, 0x32, 0x9c, 0xaa, 0x44, 0x85, 0xd6,
+ 0x68, 0xdc, 0x3e, 0x14, 0xf4, 0xce, 0x6d, 0xa3,
+ 0x49, 0x38, 0xea, 0xd6, 0x61, 0x48, 0x92, 0x5a,
+ 0x40, 0x95, 0x49, 0x38, 0xaa, 0xe1, 0x39, 0x29,
+ 0x68, 0x58, 0x47, 0x8a, 0x4b, 0x01, 0xe1, 0x2e,
+ 0x8e, 0x6c, 0x63, 0x6f, 0x40, 0xca, 0x50, 0x3f,
+ 0x8c, 0x0b, 0x99, 0xe4, 0x72, 0x42, 0xb8, 0xb1,
+ 0xc2, 0x26, 0x48, 0xf1, 0x9c, 0x83, 0xc6, 0x37,
+ 0x2e, 0x5a, 0xae, 0x11, 0x09, 0xd9, 0xf3, 0xad,
+ 0x1f, 0x6f, 0xad, 0xad, 0x50, 0xe3, 0x78, 0x32,
+ 0xe6, 0xde, 0x8e, 0xaa, 0xbf, 0xd1, 0x00, 0x9f,
+ 0xb3, 0x02, 0x12, 0x19, 0xa2, 0x15, 0xec, 0x14,
+ 0x18, 0x5c, 0x0e, 0x26, 0xce, 0xf9, 0xae, 0xcc,
+ 0x7b, 0xb5, 0xd1, 0x26, 0xfc, 0x85, 0xfe, 0x14,
+ 0x93, 0xb6, 0x9d, 0x7d, 0x76, 0xe3, 0x35, 0x97,
+ 0x1e, 0xde, 0xc4
+ };
+ int derInLen = sizeof(derIn);
byte* derOut = NULL;
-
- f = XFOPEN(file, "rb");
- AssertTrue(f != XBADFILE);
- AssertTrue(XFSEEK(f, 0, XSEEK_END) == 0);
- derInLen = (int)XFTELL(f);
- AssertTrue(XFSEEK(f, 0, XSEEK_SET) == 0);
- AssertNotNull(derIn = (byte*)XMALLOC(derInLen, HEAP_HINT,
- DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntEQ(XFREAD(derIn, 1, derInLen, f), derInLen);
- XFCLOSE(f);
+ int derOutLen;
+ byte* p = derIn;
/* Check that params can be successfully decoded. */
- AssertNotNull(dsa = d2i_DSAparams(NULL, (const byte**)&derIn, derInLen));
+ ExpectNotNull(dsa = d2i_DSAparams(NULL, (const byte**)&p, derInLen));
/* Check that params can be successfully encoded. */
- AssertIntGE((derOutLen = i2d_DSAparams(dsa, &derOut)), 0);
+ ExpectIntGE((derOutLen = i2d_DSAparams(dsa, &derOut)), 0);
/* Ensure that the encoded version matches the original. */
- AssertIntEQ(derInLen, derOutLen);
- AssertIntEQ(XMEMCMP(derIn, derOut, derInLen), 0);
+ ExpectIntEQ(derInLen, derOutLen);
+ ExpectIntEQ(XMEMCMP(derIn, derOut, derInLen), 0);
- XFREE(derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(derOut, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
DSA_free(dsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_PrivateKey(void)
{
- int res = TEST_SKIPPED;
-#if (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_PWDBASED)
+ EXPECT_DECLS;
+#if (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(OPENSSL_EXTRA) && \
+ !defined(NO_ASN) && !defined(NO_PWDBASED)
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
{
- EVP_PKEY* pkey;
- const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
+ EVP_PKEY* pkey = NULL;
+ const unsigned char* server_key =
+ (const unsigned char*)server_key_der_2048;
unsigned char buf[FOURK_BUF];
unsigned char* pt = NULL;
int bufSz;
- AssertNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key,
- (long)sizeof_server_key_der_2048));
- AssertIntEQ(i2d_PrivateKey(pkey, NULL), 1193);
+ ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key,
+ (long)sizeof_server_key_der_2048));
+ ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 1193);
pt = buf;
- AssertIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 1193);
- AssertIntNE((pt - buf), 0);
- AssertIntEQ(XMEMCMP(buf, server_key_der_2048, bufSz), 0);
+ ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 1193);
+ ExpectIntNE((pt - buf), 0);
+ ExpectIntEQ(XMEMCMP(buf, server_key_der_2048, bufSz), 0);
EVP_PKEY_free(pkey);
}
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
{
- EVP_PKEY* pkey;
+ EVP_PKEY* pkey = NULL;
const unsigned char* client_key =
(const unsigned char*)ecc_clikey_der_256;
unsigned char buf[FOURK_BUF];
unsigned char* pt = NULL;
int bufSz;
- AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key,
- sizeof_ecc_clikey_der_256)));
- AssertIntEQ(i2d_PrivateKey(pkey, NULL), 121);
+ ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key,
+ (long)sizeof_ecc_clikey_der_256)));
+ ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 121);
pt = buf;
- AssertIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 121);
- AssertIntNE((pt - buf), 0);
- AssertIntEQ(XMEMCMP(buf, ecc_clikey_der_256, bufSz), 0);
+ ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 121);
+ ExpectIntNE((pt - buf), 0);
+ ExpectIntEQ(XMEMCMP(buf, ecc_clikey_der_256, bufSz), 0);
EVP_PKEY_free(pkey);
}
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_id_get0_info(void)
{
- int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP) && \
- !defined(NO_FILESYSTEM) && !defined(NO_RSA)
- X509* cert;
- X509* issuer;
- OCSP_CERTID* id;
- OCSP_CERTID* id2;
+ EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && \
+ defined(HAVE_OCSP) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+ X509* cert = NULL;
+ X509* issuer = NULL;
+ OCSP_CERTID* id = NULL;
+ OCSP_CERTID* id2 = NULL;
ASN1_STRING* name = NULL;
ASN1_OBJECT* pmd = NULL;
@@ -51930,58 +50328,55 @@ static int test_wolfSSL_OCSP_id_get0_info(void)
ASN1_INTEGER* serial = NULL;
ASN1_INTEGER* x509Int;
- AssertNotNull(cert =
- wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM));
- AssertNotNull(issuer =
- wolfSSL_X509_load_certificate_file(caCertFile, SSL_FILETYPE_PEM));
+ ExpectNotNull(cert = wolfSSL_X509_load_certificate_file(svrCertFile,
+ SSL_FILETYPE_PEM));
+ ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caCertFile,
+ SSL_FILETYPE_PEM));
- id = OCSP_cert_to_id(NULL, cert, issuer);
- AssertNotNull(id);
- id2 = OCSP_cert_to_id(NULL, cert, issuer);
- AssertNotNull(id2);
+ ExpectNotNull(id = OCSP_cert_to_id(NULL, cert, issuer));
+ ExpectNotNull(id2 = OCSP_cert_to_id(NULL, cert, issuer));
- AssertIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, NULL), 0);
- AssertIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, id), 1);
+ ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, NULL), 0);
+ ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, id), 1);
/* name, pmd, keyHash not supported yet, expect failure if not NULL */
- AssertIntEQ(OCSP_id_get0_info(&name, NULL, NULL, NULL, id), 0);
- AssertIntEQ(OCSP_id_get0_info(NULL, &pmd, NULL, NULL, id), 0);
- AssertIntEQ(OCSP_id_get0_info(NULL, NULL, &keyHash, NULL, id), 0);
+ ExpectIntEQ(OCSP_id_get0_info(&name, NULL, NULL, NULL, id), 0);
+ ExpectIntEQ(OCSP_id_get0_info(NULL, &pmd, NULL, NULL, id), 0);
+ ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, &keyHash, NULL, id), 0);
- AssertIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, &serial, id), 1);
- AssertNotNull(serial);
+ ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, &serial, id), 1);
+ ExpectNotNull(serial);
/* compare serial number to one in cert, should be equal */
- x509Int = X509_get_serialNumber(cert);
- AssertNotNull(x509Int);
- AssertIntEQ(x509Int->length, serial->length);
- AssertIntEQ(XMEMCMP(x509Int->data, serial->data, serial->length), 0);
+ ExpectNotNull(x509Int = X509_get_serialNumber(cert));
+ ExpectIntEQ(x509Int->length, serial->length);
+ ExpectIntEQ(XMEMCMP(x509Int->data, serial->data, serial->length), 0);
/* test OCSP_id_cmp */
- AssertIntNE(OCSP_id_cmp(NULL, NULL), 0);
- AssertIntNE(OCSP_id_cmp(id, NULL), 0);
- AssertIntNE(OCSP_id_cmp(NULL, id2), 0);
- AssertIntEQ(OCSP_id_cmp(id, id2), 0);
- id->issuerHash[0] = ~id->issuerHash[0];
- AssertIntNE(OCSP_id_cmp(id, id2), 0);
+ ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0);
+ ExpectIntNE(OCSP_id_cmp(id, NULL), 0);
+ ExpectIntNE(OCSP_id_cmp(NULL, id2), 0);
+ ExpectIntEQ(OCSP_id_cmp(id, id2), 0);
+ if (id != NULL) {
+ id->issuerHash[0] = ~id->issuerHash[0];
+ }
+ ExpectIntNE(OCSP_id_cmp(id, id2), 0);
OCSP_CERTID_free(id);
OCSP_CERTID_free(id2);
X509_free(cert); /* free's x509Int */
X509_free(issuer);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_OCSP_CERTID(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
WOLFSSL_OCSP_CERTID certId;
- byte* targetBuffer;
- byte* beginTargetBuffer;
+ byte* targetBuffer = NULL;
+ byte* p;
/* OCSP CertID bytes taken from PCAP */
byte rawCertId[] = {
0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
@@ -51992,49 +50387,46 @@ static int test_wolfSSL_i2d_OCSP_CERTID(void)
0xfd, 0xa3, 0xeb, 0x6e, 0xca, 0x75, 0xc8, 0x88, 0x43, 0x8b, 0x72, 0x4b,
0xcf, 0xbc, 0x91
};
- int ret, i;
+ int ret = 0;
+ int i;
XMEMSET(&certId, 0, sizeof(WOLFSSL_OCSP_CERTID));
certId.rawCertId = rawCertId;
certId.rawCertIdSize = sizeof(rawCertId);
- targetBuffer = (byte*)XMALLOC(sizeof(rawCertId), NULL, DYNAMIC_TYPE_TMP_BUFFER);
- beginTargetBuffer = targetBuffer;
- ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer);
- /* If target buffer is not null, function increments targetBuffer to point
- just past the end of the encoded data. */
- AssertPtrEq(targetBuffer, (beginTargetBuffer + sizeof(rawCertId)));
+ ExpectNotNull(targetBuffer = (byte*)XMALLOC(sizeof(rawCertId), NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ p = targetBuffer;
/* Function returns the size of the encoded data. */
- AssertIntEQ(ret, sizeof(rawCertId));
- for (i = 0; i < ret; ++i)
- {
- AssertIntEQ(beginTargetBuffer[i], rawCertId[i]);
+ ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &p), sizeof(rawCertId));
+ /* If target buffer is not null, function increments targetBuffer to point
+ * just past the end of the encoded data. */
+ ExpectPtrEq(p, (targetBuffer + sizeof(rawCertId)));
+ for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) {
+ ExpectIntEQ(targetBuffer[i], rawCertId[i]);
}
-
- XFREE(beginTargetBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ XFREE(targetBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
targetBuffer = NULL;
- ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer);
+
/* If target buffer is null, function allocates memory for a buffer and
- copies the encoded data into it. targetBuffer then points to the start of
- this newly allocate buffer. */
- AssertIntEQ(ret, sizeof(rawCertId));
- for (i = 0; i < ret; ++i)
- {
- AssertIntEQ(targetBuffer[i], rawCertId[i]);
+ * copies the encoded data into it. targetBuffer then points to the start of
+ * this newly allocate buffer. */
+ ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer),
+ sizeof(rawCertId));
+ for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) {
+ ExpectIntEQ(targetBuffer[i], rawCertId[i]);
}
-
XFREE(targetBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_OCSP_CERTID(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
WOLFSSL_OCSP_CERTID* certId;
+ WOLFSSL_OCSP_CERTID* certIdGood;
WOLFSSL_OCSP_CERTID* certIdBad;
const unsigned char* rawCertIdPtr;
@@ -52053,82 +50445,80 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
/* If the cert ID is NULL the function should allocate it and copy the
* data to it. */
certId = NULL;
- certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, sizeof(rawCertId));
-
- AssertNotNull(certId);
- AssertIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
-
- XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
- XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
+ ExpectNotNull(certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
+ sizeof(rawCertId)));
+ ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
+ if (certId != NULL) {
+ XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
+ XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
+ }
/* If the cert ID is not NULL the function will just copy the data to it. */
- certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
- DYNAMIC_TYPE_TMP_BUFFER);
- AssertNotNull(certId);
- XMEMSET(certId, 0, sizeof(*certId));
+ ExpectNotNull(certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectNotNull(certId);
+ ExpectNotNull(XMEMSET(certId, 0, sizeof(*certId)));
/* Reset rawCertIdPtr since it was push forward in the previous call. */
rawCertIdPtr = &rawCertId[0];
- certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, sizeof(rawCertId));
-
- AssertNotNull(certId);
- AssertIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
-
- XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
- XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ ExpectNotNull(certIdGood = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
+ sizeof(rawCertId)));
+ ExpectPtrEq(certIdGood, certId);
+ ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
+ if (certId != NULL) {
+ XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
+ XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ certId = NULL;
+ }
/* The below tests should fail when passed bad parameters. NULL should
* always be returned. */
- certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr, sizeof(rawCertId));
- AssertNull(certIdBad);
-
- certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL, sizeof(rawCertId));
- AssertNull(certIdBad);
-
- certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0);
- AssertNull(certIdBad);
-
- res = TEST_RES_CHECK(1);
+ ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr,
+ sizeof(rawCertId)));
+ ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL,
+ sizeof(rawCertId)));
+ ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0));
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_id_cmp(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
OCSP_CERTID id1;
OCSP_CERTID id2;
XMEMSET(&id1, 0, sizeof(id1));
XMEMSET(&id2, 0, sizeof(id2));
- AssertIntEQ(OCSP_id_cmp(&id1, &id2), 0);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(OCSP_id_cmp(&id1, &id2), 0);
+ ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0);
+ ExpectIntNE(OCSP_id_cmp(&id1, NULL), 0);
+ ExpectIntNE(OCSP_id_cmp(NULL, &id2), 0);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_SINGLERESP_get0_id(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
WOLFSSL_OCSP_SINGLERESP single;
const WOLFSSL_OCSP_CERTID* certId;
XMEMSET(&single, 0, sizeof(single));
- certId = wolfSSL_OCSP_SINGLERESP_get0_id(&single);
- AssertPtrEq(&single, certId);
+ certId = wolfSSL_OCSP_SINGLERESP_get0_id(&single);
+ ExpectPtrEq(&single, certId);
- res = TEST_RES_CHECK(1);
+ ExpectNull(wolfSSL_OCSP_SINGLERESP_get0_id(NULL));
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_single_get0_status(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
WOLFSSL_OCSP_SINGLERESP single;
CertStatus certStatus;
@@ -52149,52 +50539,46 @@ static int test_wolfSSL_OCSP_single_get0_status(void)
ret = wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, &thisDate,
&nextDate);
- AssertIntEQ(ret, CERT_GOOD);
- AssertPtrEq(thisDate, &certStatus.thisDateParsed);
- AssertPtrEq(nextDate, &certStatus.nextDateParsed);
+ ExpectIntEQ(ret, CERT_GOOD);
+ ExpectPtrEq(thisDate, &certStatus.thisDateParsed);
+ ExpectPtrEq(nextDate, &certStatus.nextDateParsed);
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wolfSSL_OCSP_single_get0_status(NULL, NULL, NULL, NULL, NULL),
+ CERT_GOOD);
+ ExpectIntEQ(wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, NULL,
+ NULL), CERT_GOOD);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_resp_count(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
WOLFSSL_OCSP_BASICRESP basicResp;
WOLFSSL_OCSP_SINGLERESP singleRespOne;
WOLFSSL_OCSP_SINGLERESP singleRespTwo;
- int count;
XMEMSET(&basicResp, 0, sizeof(WOLFSSL_OCSP_BASICRESP));
XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
XMEMSET(&singleRespTwo, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
- count = wolfSSL_OCSP_resp_count(&basicResp);
- AssertIntEQ(count, 0);
-
+ ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 0);
basicResp.single = &singleRespOne;
- count = wolfSSL_OCSP_resp_count(&basicResp);
- AssertIntEQ(count, 1);
-
+ ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 1);
singleRespOne.next = &singleRespTwo;
- count = wolfSSL_OCSP_resp_count(&basicResp);
- AssertIntEQ(count, 2);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 2);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OCSP_resp_get0(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
WOLFSSL_OCSP_BASICRESP basicResp;
WOLFSSL_OCSP_SINGLERESP singleRespOne;
WOLFSSL_OCSP_SINGLERESP singleRespTwo;
- WOLFSSL_OCSP_SINGLERESP* ret;
XMEMSET(&basicResp, 0, sizeof(WOLFSSL_OCSP_BASICRESP));
XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
@@ -52202,87 +50586,84 @@ static int test_wolfSSL_OCSP_resp_get0(void)
basicResp.single = &singleRespOne;
singleRespOne.next = &singleRespTwo;
-
- ret = wolfSSL_OCSP_resp_get0(&basicResp, 0);
- AssertPtrEq(ret, &singleRespOne);
-
- ret = wolfSSL_OCSP_resp_get0(&basicResp, 1);
- AssertPtrEq(ret, &singleRespTwo);
-
- res = TEST_RES_CHECK(1);
+ ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 0), &singleRespOne);
+ ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 1), &singleRespTwo);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_derive(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC)
-
- EVP_PKEY_CTX *ctx;
- unsigned char *skey;
+ EVP_PKEY_CTX *ctx = NULL;
+ unsigned char *skey = NULL;
size_t skeylen;
- EVP_PKEY *pkey, *peerkey;
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY *peerkey = NULL;
const unsigned char* key;
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
/* DH */
key = dh_key_der_2048;
- AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
- sizeof_dh_key_der_2048)));
- AssertIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1);
+ ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
+ sizeof_dh_key_der_2048)));
+ ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1);
key = dh_key_der_2048;
- AssertNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
- sizeof_dh_key_der_2048)));
- AssertIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1);
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- AssertIntEQ(EVP_PKEY_derive_init(ctx), 1);
- AssertIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
- AssertIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
- AssertNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL));
- AssertIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
+ ExpectNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
+ sizeof_dh_key_der_2048)));
+ ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1);
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
+ ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
+ ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
+ ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
+ DYNAMIC_TYPE_OPENSSL));
+ ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
EVP_PKEY_CTX_free(ctx);
+ ctx = NULL;
EVP_PKEY_free(peerkey);
+ peerkey = NULL;
EVP_PKEY_free(pkey);
+ pkey = NULL;
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
+ skey = NULL;
#endif
#ifdef HAVE_ECC
/* ECDH */
key = ecc_clikey_der_256;
- AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key,
- sizeof_ecc_clikey_der_256)));
+ ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key,
+ sizeof_ecc_clikey_der_256)));
key = ecc_clikeypub_der_256;
- AssertNotNull((peerkey = d2i_PUBKEY(NULL, &key,
- sizeof_ecc_clikeypub_der_256)));
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- AssertIntEQ(EVP_PKEY_derive_init(ctx), 1);
- AssertIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
- AssertIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
- AssertNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL));
- AssertIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
+ ExpectNotNull((peerkey = d2i_PUBKEY(NULL, &key,
+ sizeof_ecc_clikeypub_der_256)));
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
+ ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
+ ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
+ ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
+ DYNAMIC_TYPE_OPENSSL));
+ ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(peerkey);
EVP_PKEY_free(pkey);
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
#endif /* HAVE_ECC */
-
- res = TEST_RES_CHECK(1);
#endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */
#endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PBE_scrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 5))
#if !defined(NO_PWDBASED) && !defined(NO_SHA256)
-
int ret;
const char pwd[] = {'p','a','s','s','w','o','r','d'};
@@ -52304,82 +50685,78 @@ static int test_wolfSSL_EVP_PBE_scrypt(void)
/* N r p mx key keylen */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 0, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 0); /* N must be greater than 1 */
+ ExpectIntEQ(ret, 0); /* N must be greater than 1 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 3, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 0); /* N must be power of 2 */
+ ExpectIntEQ(ret, 0); /* N must be power of 2 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 0, 1, 0, key, 64);
- AssertIntEQ(ret, 0); /* r must be greater than 0 */
+ ExpectIntEQ(ret, 0); /* r must be greater than 0 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 0, 0, key, 64);
- AssertIntEQ(ret, 0); /* p must be greater than 0 */
+ ExpectIntEQ(ret, 0); /* p must be greater than 0 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 0);
- AssertIntEQ(ret, 0); /* keylen must be greater than 0 */
+ ExpectIntEQ(ret, 0); /* keylen must be greater than 0 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 9, 1, 0, key, 64);
- AssertIntEQ(ret, 0); /* r must be smaller than 9 */
+ ExpectIntEQ(ret, 0); /* r must be smaller than 9 */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, NULL, 64);
- AssertIntEQ(ret, 1); /* should succeed if key is NULL */
+ ExpectIntEQ(ret, 1); /* should succeed if key is NULL */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 1); /* should succeed */
+ ExpectIntEQ(ret, 1); /* should succeed */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, numOvr32, 1, 0,
key, 64);
- AssertIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */
+ ExpectIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, numOvr32, 0,
key, 64);
- AssertIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */
+ ExpectIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */
ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 0, 2, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 1); /* should succeed even if salt is NULL */
+ ExpectIntEQ(ret, 1); /* should succeed even if salt is NULL */
ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 4, 2, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/
+ ExpectIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/
ret = EVP_PBE_scrypt(NULL, 0, salt, saltlen, 2, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/
+ ExpectIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/
ret = EVP_PBE_scrypt(NULL, 4, salt, saltlen, 2, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */
+ ExpectIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */
ret = EVP_PBE_scrypt(NULL, 0, NULL, 0, 2, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */
+ ExpectIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 16, 1, 1, 0, key, 64);
- AssertIntEQ(ret, 1);
+ ExpectIntEQ(ret, 1);
ret = XMEMCMP(expectedKey, key, sizeof(expectedKey));
- AssertIntEQ(ret, 0); /* derived key must be the same as expected-key */
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(ret, 0); /* derived key must be the same as expected-key */
#endif /* !NO_PWDBASED && !NO_SHA256 */
#endif /* OPENSSL_EXTRA && HAVE_SCRYPT && HAVE_PBKDF2 */
- return res;
+ return EXPECT_RESULT();
}
static int test_no_op_functions(void)
{
- int res = TEST_SKIPPED;
- #if defined(OPENSSL_EXTRA)
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
/* this makes sure wolfSSL can compile and run these no-op functions */
SSL_load_error_strings();
ENGINE_load_builtin_engines();
OpenSSL_add_all_ciphers();
- AssertIntEQ(CRYPTO_malloc_init(), 0);
-
- res = TEST_RES_CHECK(1);
- #endif
- return res;
+ ExpectIntEQ(CRYPTO_malloc_init(), 0);
+#endif
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CRYPTO_memcmp(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
char a[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
"implementation of TLS/SSL for embedded devices to the cloud.";
@@ -52388,12 +50765,10 @@ static int test_wolfSSL_CRYPTO_memcmp(void)
char c[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
"implementation of TLS/SSL for embedded devices to the cloud!";
- AssertIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0);
- AssertIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0);
+ ExpectIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0);
#endif
- return res;
+ return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
@@ -52402,7 +50777,7 @@ static int test_wolfSSL_CRYPTO_memcmp(void)
static int test_wc_CreateEncryptedPKCS8Key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_PKCS8) && !defined(NO_PWDBASED) && defined(WOLFSSL_AES_256) \
&& !defined(NO_AES_CBC) && !defined(NO_RSA) && !defined(NO_SHA)
WC_RNG rng;
@@ -52413,170 +50788,162 @@ static int test_wc_CreateEncryptedPKCS8Key(void)
word32 passwordSz = (word32)XSTRLEN(password);
word32 tradIdx = 0;
- AssertIntEQ(wc_InitRng(&rng), 0);
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ ExpectIntEQ(wc_InitRng(&rng), 0);
/* Call with NULL for out buffer to get necessary length. */
- AssertIntEQ(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
+ ExpectIntEQ(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
sizeof_server_key_der_2048, NULL, &encKeySz, password, passwordSz,
PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL),
LENGTH_ONLY_E);
- AssertNotNull(encKey = (byte*)XMALLOC(encKeySz, HEAP_HINT,
+ ExpectNotNull(encKey = (byte*)XMALLOC(encKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
/* Call with the allocated out buffer. */
- AssertIntGT(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
+ ExpectIntGT(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
sizeof_server_key_der_2048, encKey, &encKeySz, password, passwordSz,
PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL),
0);
/* Decrypt the encrypted PKCS8 key we just made. */
- AssertIntGT((decKeySz = wc_DecryptPKCS8Key(encKey, encKeySz, password,
+ ExpectIntGT((decKeySz = wc_DecryptPKCS8Key(encKey, encKeySz, password,
passwordSz)), 0);
/* encKey now holds the decrypted key (decrypted in place). */
- AssertIntGT(wc_GetPkcs8TraditionalOffset(encKey, &tradIdx, decKeySz), 0);
+ ExpectIntGT(wc_GetPkcs8TraditionalOffset(encKey, &tradIdx, decKeySz), 0);
/* Check that the decrypted key matches the key prior to encryption. */
- AssertIntEQ(XMEMCMP(encKey + tradIdx, server_key_der_2048,
+ ExpectIntEQ(XMEMCMP(encKey + tradIdx, server_key_der_2048,
sizeof_server_key_der_2048), 0);
- if (encKey != NULL)
- XFREE(encKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ XFREE(encKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_GetPkcs8TraditionalOffset(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(HAVE_PKCS8)
- int length, derSz;
+ int length;
+ int derSz = 0;
word32 inOutIdx;
const char* path = "./certs/server-keyPkcs8.der";
- XFILE file;
+ XFILE file = XBADFILE;
byte der[2048];
- file = XFOPEN(path, "rb");
- AssertTrue(file != XBADFILE);
- derSz = (int)XFREAD(der, 1, sizeof(der), file);
- XFCLOSE(file);
+ ExpectTrue((file = XFOPEN(path, "rb")) != XBADFILE);
+ ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), file), 0);
+ if (file != XBADFILE)
+ XFCLOSE(file);
/* valid case */
inOutIdx = 0;
- length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
- AssertIntGT(length, 0);
+ ExpectIntGT(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz),
+ 0);
/* inOutIdx > sz */
inOutIdx = 4000;
- length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
- AssertIntEQ(length, BAD_FUNC_ARG);
+ ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz),
+ BAD_FUNC_ARG);
/* null input */
inOutIdx = 0;
- length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0);
- AssertIntEQ(length, BAD_FUNC_ARG);
+ ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0),
+ BAD_FUNC_ARG);
/* invalid input, fill buffer with 1's */
XMEMSET(der, 1, sizeof(der));
inOutIdx = 0;
- length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
- AssertIntEQ(length, ASN_PARSE_E);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz),
+ ASN_PARSE_E);
#endif /* NO_ASN */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_SetSubjectRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
const char* joiCertFile = "./certs/test/cert-ext-joi.der";
- WOLFSSL_X509* x509;
+ WOLFSSL_X509* x509 = NULL;
int peerCertSz;
- const byte* peerCertBuf;
+ const byte* peerCertBuf = NULL;
Cert forgedCert;
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1));
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
+ WOLFSSL_FILETYPE_ASN1));
- AssertNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
+ ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
- AssertIntEQ(0, wc_InitCert(&forgedCert));
+ ExpectIntEQ(0, wc_InitCert(&forgedCert));
- AssertIntEQ(0, wc_SetSubjectRaw(&forgedCert, peerCertBuf, peerCertSz));
+ ExpectIntEQ(0, wc_SetSubjectRaw(&forgedCert, peerCertBuf, peerCertSz));
wolfSSL_FreeX509(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_GetSubjectRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)
Cert cert;
byte *subjectRaw;
- AssertIntEQ(0, wc_InitCert(&cert));
- AssertIntEQ(0, wc_GetSubjectRaw(&subjectRaw, &cert));
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(0, wc_InitCert(&cert));
+ ExpectIntEQ(0, wc_GetSubjectRaw(&subjectRaw, &cert));
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_SetIssuerRaw(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
const char* joiCertFile = "./certs/test/cert-ext-joi.der";
- WOLFSSL_X509* x509;
+ WOLFSSL_X509* x509 = NULL;
int peerCertSz;
const byte* peerCertBuf;
Cert forgedCert;
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1));
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
+ WOLFSSL_FILETYPE_ASN1));
- AssertNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
+ ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
- AssertIntEQ(0, wc_InitCert(&forgedCert));
+ ExpectIntEQ(0, wc_InitCert(&forgedCert));
- AssertIntEQ(0, wc_SetIssuerRaw(&forgedCert, peerCertBuf, peerCertSz));
+ ExpectIntEQ(0, wc_SetIssuerRaw(&forgedCert, peerCertBuf, peerCertSz));
wolfSSL_FreeX509(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_SetIssueBuffer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
const char* joiCertFile = "./certs/test/cert-ext-joi.der";
- WOLFSSL_X509* x509;
+ WOLFSSL_X509* x509 = NULL;
int peerCertSz;
const byte* peerCertBuf;
Cert forgedCert;
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1));
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
+ WOLFSSL_FILETYPE_ASN1));
- AssertNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
+ ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
- AssertIntEQ(0, wc_InitCert(&forgedCert));
+ ExpectIntEQ(0, wc_InitCert(&forgedCert));
- AssertIntEQ(0, wc_SetIssuerBuffer(&forgedCert, peerCertBuf, peerCertSz));
+ ExpectIntEQ(0, wc_SetIssuerBuffer(&forgedCert, peerCertBuf, peerCertSz));
wolfSSL_FreeX509(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
/*
@@ -52584,21 +50951,19 @@ static int test_wc_SetIssueBuffer(void)
*/
static int test_wc_SetSubjectKeyId(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC)
Cert cert;
const char* file = "certs/ecc-client-keyPub.pem";
- AssertIntEQ(0, wc_InitCert(&cert));
- AssertIntEQ(0, wc_SetSubjectKeyId(&cert, file));
+ ExpectIntEQ(0, wc_InitCert(&cert));
+ ExpectIntEQ(0, wc_SetSubjectKeyId(&cert, file));
- AssertIntEQ(BAD_FUNC_ARG, wc_SetSubjectKeyId(NULL, file));
- AssertIntGT(0, wc_SetSubjectKeyId(&cert, "badfile.name"));
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubjectKeyId(NULL, file));
+ ExpectIntGT(0, wc_SetSubjectKeyId(&cert, "badfile.name"));
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_SetSubjectKeyId */
/*
@@ -52606,89 +50971,94 @@ static int test_wc_SetSubjectKeyId(void)
*/
static int test_wc_SetSubject(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC)
Cert cert;
const char* file = "./certs/ca-ecc-cert.pem";
- AssertIntEQ(0, wc_InitCert(&cert));
- AssertIntEQ(0, wc_SetSubject(&cert, file));
-
- AssertIntEQ(BAD_FUNC_ARG, wc_SetSubject(NULL, file));
- AssertIntGT(0, wc_SetSubject(&cert, "badfile.name"));
+ ExpectIntEQ(0, wc_InitCert(&cert));
+ ExpectIntEQ(0, wc_SetSubject(&cert, file));
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubject(NULL, file));
+ ExpectIntGT(0, wc_SetSubject(&cert, "badfile.name"));
#endif
- return res;
+ return EXPECT_RESULT();
} /* END test_wc_SetSubject */
static int test_CheckCertSignature(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && defined(WOLFSSL_SMALL_CERT_VERIFY)
WOLFSSL_CERT_MANAGER* cm = NULL;
#if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
- FILE* fp;
+ XFILE fp = XBADFILE;
byte cert[4096];
int certSz;
#endif
- AssertIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, NULL));
- AssertNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
- AssertIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, cm));
+ ExpectIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, NULL));
+ ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+ ExpectIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, cm));
#ifndef NO_RSA
#ifdef USE_CERT_BUFFERS_1024
- AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_1024,
+ ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_1024,
sizeof_server_cert_der_1024, NULL, cm));
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
ca_cert_der_1024, sizeof_ca_cert_der_1024,
WOLFSSL_FILETYPE_ASN1));
- AssertIntEQ(0, CheckCertSignature(server_cert_der_1024,
+ ExpectIntEQ(0, CheckCertSignature(server_cert_der_1024,
sizeof_server_cert_der_1024, NULL, cm));
#elif defined(USE_CERT_BUFFERS_2048)
- AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_2048,
+ ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_2048,
sizeof_server_cert_der_2048, NULL, cm));
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
ca_cert_der_2048, sizeof_ca_cert_der_2048,
WOLFSSL_FILETYPE_ASN1));
- AssertIntEQ(0, CheckCertSignature(server_cert_der_2048,
+ ExpectIntEQ(0, CheckCertSignature(server_cert_der_2048,
sizeof_server_cert_der_2048, NULL, cm));
#endif
#endif
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
- AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(serv_ecc_der_256,
+ ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(serv_ecc_der_256,
sizeof_serv_ecc_der_256, NULL, cm));
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
ca_ecc_cert_der_256, sizeof_ca_ecc_cert_der_256,
WOLFSSL_FILETYPE_ASN1));
- AssertIntEQ(0, CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256,
+ ExpectIntEQ(0, CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256,
NULL, cm));
#endif
#if !defined(NO_FILESYSTEM)
wolfSSL_CertManagerFree(cm);
- AssertNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+ cm = NULL;
+ ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
#ifndef NO_RSA
- AssertNotNull(fp = XFOPEN("./certs/server-cert.der", "rb"));
- AssertIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
- XFCLOSE(fp);
- AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
+ ExpectTrue((fp = XFOPEN("./certs/server-cert.der", "rb")) != XBADFILE);
+ ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
"./certs/ca-cert.pem", NULL));
- AssertIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
+ ExpectIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
#endif
#ifdef HAVE_ECC
- AssertNotNull(fp = XFOPEN("./certs/server-ecc.der", "rb"));
- AssertIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
- XFCLOSE(fp);
- AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
+ ExpectTrue((fp = XFOPEN("./certs/server-ecc.der", "rb")) != XBADFILE);
+ ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
"./certs/ca-ecc-cert.pem", NULL));
- AssertIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
+ ExpectIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
#endif
#endif
@@ -52699,32 +51069,28 @@ static int test_CheckCertSignature(void)
#endif
wolfSSL_CertManagerFree(cm);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_ParseCert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA)
DecodedCert decodedCert;
const byte* rawCert = client_cert_der_2048;
const int rawCertSize = sizeof_client_cert_der_2048;
wc_InitDecodedCert(&decodedCert, rawCert, rawCertSize, NULL);
- AssertIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
+ ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
#ifndef IGNORE_NAME_CONSTRAINTS
/* check that the subjects emailAddress was not put in the alt name list */
- AssertNotNull(decodedCert.subjectEmail);
- AssertNull(decodedCert.altEmailNames);
+ ExpectNotNull(decodedCert.subjectEmail);
+ ExpectNull(decodedCert.altEmailNames);
#endif
wc_FreeDecodedCert(&decodedCert);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Test wc_ParseCert decoding of various encodings and scenarios ensuring that
@@ -52733,7 +51099,7 @@ static int test_wc_ParseCert(void)
*/
static int test_wc_ParseCert_Error(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
@@ -52764,18 +51130,16 @@ static int test_wc_ParseCert_Error(void)
for (i = 0; i < tSz; i++) {
WOLFSSL_MSG_EX("i == %d", i);
wc_InitDecodedCert(&decodedCert, t[i].c, t[i].cSz, NULL);
- AssertIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), t[i].expRet);
+ ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), t[i].expRet);
wc_FreeDecodedCert(&decodedCert);
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_MakeCertWithPathLen(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) && \
defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC)
const byte expectedPathLen = 7;
@@ -52785,19 +51149,27 @@ static int test_MakeCertWithPathLen(void)
int derSize = 0;
WC_RNG rng;
ecc_key key;
+ int ret;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&cert, 0, sizeof(Cert));
+ XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
- AssertIntEQ(wc_InitRng(&rng), 0);
- AssertIntEQ(wc_ecc_init(&key), 0);
- AssertIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
- AssertIntEQ(wc_InitCert(&cert), 0);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
+ ExpectIntEQ(wc_InitCert(&cert), 0);
(void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
(void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
- (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com", CTC_NAME_SIZE);
- (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com", CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
+ CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
+ CTC_NAME_SIZE);
cert.selfSigned = 1;
cert.isCA = 1;
@@ -52809,22 +51181,77 @@ static int test_MakeCertWithPathLen(void)
cert.keyUsage |= KEYUSE_KEY_CERT_SIGN;
#endif
- AssertIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
- derSize = wc_SignCert(cert.bodySz, cert.sigType, der, FOURK_BUF, NULL,
- &key, &rng);
- AssertIntGE(derSize, 0);
+ ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
+ ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
+ FOURK_BUF, NULL, &key, &rng), 0);
wc_InitDecodedCert(&decodedCert, der, derSize, NULL);
- AssertIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
- AssertIntEQ(decodedCert.pathLength, expectedPathLen);
+ ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
+ ExpectIntEQ(decodedCert.pathLength, expectedPathLen);
wc_FreeDecodedCert(&decodedCert);
- AssertIntEQ(wc_ecc_free(&key), 0);
- AssertIntEQ(wc_FreeRng(&rng), 0);
+ ret = wc_ecc_free(&key);
+ ExpectIntEQ(ret, 0);
+ ret = wc_FreeRng(&rng);
+ ExpectIntEQ(ret, 0);
+#endif
+ return EXPECT_RESULT();
+}
- res = TEST_RES_CHECK(1);
+static int test_MakeCertWithCaFalse(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_ALLOW_ENCODING_CA_FALSE) && defined(WOLFSSL_CERT_REQ) && \
+ !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC)
+ const byte expectedIsCa = 0;
+ Cert cert;
+ DecodedCert decodedCert;
+ byte der[FOURK_BUF];
+ int derSize = 0;
+ WC_RNG rng;
+ ecc_key key;
+ int ret;
+
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ XMEMSET(&key, 0, sizeof(ecc_key));
+ XMEMSET(&cert, 0, sizeof(Cert));
+ XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
+
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ ExpectIntEQ(wc_ecc_init(&key), 0);
+ ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
+ ExpectIntEQ(wc_InitCert(&cert), 0);
+
+ (void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
+ CTC_NAME_SIZE);
+ (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
+ CTC_NAME_SIZE);
+
+ cert.selfSigned = 1;
+ cert.isCA = expectedIsCa;
+ cert.isCaSet = 1;
+ cert.sigType = CTC_SHA256wECDSA;
+
+ ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
+ ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
+ FOURK_BUF, NULL, &key, &rng), 0);
+
+ wc_InitDecodedCert(&decodedCert, der, derSize, NULL);
+ ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
+ ExpectIntEQ(decodedCert.isCA, expectedIsCa);
+
+ wc_FreeDecodedCert(&decodedCert);
+ ret = wc_ecc_free(&key);
+ ExpectIntEQ(ret, 0);
+ ret = wc_FreeRng(&rng);
+ ExpectIntEQ(ret, 0);
#endif
- return res;
+ return EXPECT_RESULT();
}
/*----------------------------------------------------------------------------*
@@ -52833,101 +51260,81 @@ static int test_MakeCertWithPathLen(void)
static int test_wc_ecc_get_curve_size_from_name(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_ECC
- int ret;
-
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
- ret = wc_ecc_get_curve_size_from_name("SECP256R1");
- AssertIntEQ(ret, 32);
+ ExpectIntEQ(wc_ecc_get_curve_size_from_name("SECP256R1"), 32);
#endif
-
/* invalid case */
- ret = wc_ecc_get_curve_size_from_name("BADCURVE");
- AssertIntEQ(ret, -1);
-
+ ExpectIntEQ(wc_ecc_get_curve_size_from_name("BADCURVE"), -1);
/* NULL input */
- ret = wc_ecc_get_curve_size_from_name(NULL);
- AssertIntEQ(ret, BAD_FUNC_ARG);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wc_ecc_get_curve_size_from_name(NULL), BAD_FUNC_ARG);
#endif /* HAVE_ECC */
- return res;
+ return EXPECT_RESULT();
}
static int test_wc_ecc_get_curve_id_from_name(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_ECC
- int id;
-
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
- id = wc_ecc_get_curve_id_from_name("SECP256R1");
- AssertIntEQ(id, ECC_SECP256R1);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"),
+ ECC_SECP256R1);
#endif
-
/* invalid case */
- id = wc_ecc_get_curve_id_from_name("BADCURVE");
- AssertIntEQ(id, -1);
-
+ ExpectIntEQ(wc_ecc_get_curve_id_from_name("BADCURVE"), -1);
/* NULL input */
- id = wc_ecc_get_curve_id_from_name(NULL);
- AssertIntEQ(id, BAD_FUNC_ARG);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_name(NULL), BAD_FUNC_ARG);
#endif /* HAVE_ECC */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
!defined(HAVE_SELFTEST) && \
!(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
-
static int test_wc_ecc_get_curve_id_from_dp_params(void)
{
- int id;
+ EXPECT_DECLS;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
- int curve_id;
ecc_key* key;
- const ecc_set_type* params;
+ const ecc_set_type* params = NULL;
int ret;
#endif
WOLFSSL_EC_KEY *ecKey = NULL;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
- id = wc_ecc_get_curve_id_from_name("SECP256R1");
- AssertIntEQ(id, ECC_SECP256R1);
-
- ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
- AssertNotNull(ecKey);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"), ECC_SECP256R1);
+ ExpectNotNull(ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- ret = EC_KEY_generate_key(ecKey);
+ if (EXPECT_SUCCESS()) {
+ ret = EC_KEY_generate_key(ecKey);
+ } else
+ ret = 0;
- if (ret == 0) {
+ if (ret == 1) {
/* normal test */
key = (ecc_key*)ecKey->internal;
- params = key->dp;
+ if (key != NULL) {
+ params = key->dp;
+ }
- curve_id = wc_ecc_get_curve_id_from_dp_params(params);
- AssertIntEQ(curve_id, id);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(params),
+ ECC_SECP256R1);
}
#endif
/* invalid case, NULL input*/
+ ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(NULL), BAD_FUNC_ARG);
- id = wc_ecc_get_curve_id_from_dp_params(NULL);
- AssertIntEQ(id, BAD_FUNC_ARG);
wolfSSL_EC_KEY_free(ecKey);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */
static int test_wc_ecc_get_curve_id_from_params(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_ECC
- int id;
-
const byte prime[] =
{
0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
@@ -52988,38 +51395,33 @@ static int test_wc_ecc_get_curve_id_from_params(void)
int fieldSize = 256;
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
- id = wc_ecc_get_curve_id_from_params(fieldSize, prime, sizeof(prime),
- Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
- Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
- AssertIntEQ(id, ECC_SECP256R1);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
+ prime, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf),
+ order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor),
+ ECC_SECP256R1);
#endif
/* invalid case, fieldSize = 0 */
- id = wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
- Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
- Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
- AssertIntEQ(id, ECC_CURVE_INVALID);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
+ Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
+ Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
/* invalid case, NULL prime */
- id = wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
- Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
- Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
- AssertIntEQ(id, BAD_FUNC_ARG);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
+ Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
+ Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), BAD_FUNC_ARG);
/* invalid case, invalid prime */
- id = wc_ecc_get_curve_id_from_params(fieldSize,
- primeInvalid, sizeof(primeInvalid),
- Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
- Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
- AssertIntEQ(id, ECC_CURVE_INVALID);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
+ primeInvalid, sizeof(primeInvalid),
+ Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
+ Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_PKEY_encrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA)
WOLFSSL_RSA* rsa = NULL;
@@ -53038,65 +51440,83 @@ static int test_wolfSSL_EVP_PKEY_encrypt(void)
byte* outDecTmp = NULL;
#endif
- AssertNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- XMEMSET(outEnc, 0, rsaKeySz);
- AssertNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- XMEMSET(outDec, 0, rsaKeySz);
+ ExpectNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (outEnc != NULL) {
+ XMEMSET(outEnc, 0, rsaKeySz);
+ }
+ ExpectNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (outDec != NULL) {
+ XMEMSET(outDec, 0, rsaKeySz);
+ }
- AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- AssertIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
- WOLFSSL_SUCCESS);
+ ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ RSA_free(rsa);
+ }
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
+ WOLFSSL_SUCCESS);
/* Test pkey references count is decremented. pkey shouldn't be destroyed
since ctx uses it.*/
- AssertIntEQ(pkey->ref.count, 2);
+ ExpectIntEQ(pkey->ref.count, 2);
EVP_PKEY_free(pkey);
- AssertIntEQ(pkey->ref.count, 1);
+ ExpectIntEQ(pkey->ref.count, 1);
/* Encrypt data */
/* Check that we can get the required output buffer length by passing in a
* NULL output buffer. */
- AssertIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen,
+ ExpectIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen,
(const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
- AssertIntEQ(rsaKeySz, outEncLen);
+ ExpectIntEQ(rsaKeySz, outEncLen);
/* Now do the actual encryption. */
- AssertIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen,
+ ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen,
(const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
/* Decrypt data */
- AssertIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
/* Check that we can get the required output buffer length by passing in a
* NULL output buffer. */
- AssertIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen),
+ ExpectIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen),
WOLFSSL_SUCCESS);
- AssertIntEQ(rsaKeySz, outDecLen);
+ ExpectIntEQ(rsaKeySz, outDecLen);
/* Now do the actual decryption. */
- AssertIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen),
+ ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen),
WOLFSSL_SUCCESS);
- AssertIntEQ(XMEMCMP(in, outDec, outDecLen), 0);
+ ExpectIntEQ(XMEMCMP(in, outDec, outDecLen), 0);
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
/* The input length must be the same size as the RSA key.*/
- AssertNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- XMEMSET(inTmp, 9, rsaKeySz);
- AssertNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- XMEMSET(outEncTmp, 0, rsaKeySz);
- AssertNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- XMEMSET(outDecTmp, 0, rsaKeySz);
- AssertIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp, outEncLen),
- WOLFSSL_SUCCESS);
- AssertIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0);
+ ExpectNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (inTmp != NULL) {
+ XMEMSET(inTmp, 9, rsaKeySz);
+ }
+ ExpectNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (outEncTmp != NULL) {
+ XMEMSET(outEncTmp, 0, rsaKeySz);
+ }
+ ExpectNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ if (outDecTmp != NULL) {
+ XMEMSET(outDecTmp, 0, rsaKeySz);
+ }
+ ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp,
+ outEncLen), WOLFSSL_SUCCESS);
+ ExpectIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0);
#endif
EVP_PKEY_CTX_free(ctx);
XFREE(outEnc, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -53106,18 +51526,52 @@ static int test_wolfSSL_EVP_PKEY_encrypt(void)
XFREE(outEncTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outDecTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
-static int test_wolfSSL_EVP_PKEY_sign_verify(void)
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
+ !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+ #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+ #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+ #endif
+#endif
+#endif
+#if defined(OPENSSL_EXTRA)
+#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
+ #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+ #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+ #endif
+#endif
+#endif
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+ #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+ #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+ #endif
+#endif
+#endif
+
+#ifdef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+static int test_wolfSSL_EVP_PKEY_sign_verify(int keyType)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
+ !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+ WOLFSSL_RSA* rsa = NULL;
+#endif
+#endif
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
WOLFSSL_DSA* dsa = NULL;
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+ WOLFSSL_EC_KEY* ecKey = NULL;
+#endif
+#endif
WOLFSSL_EVP_PKEY* pkey = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx_verify = NULL;
@@ -53131,275 +51585,295 @@ static int test_wolfSSL_EVP_PKEY_sign_verify(void)
size_t siglen;
size_t siglenOnlyLen;
size_t keySz = 2048/8; /* Bytes */
- int i;
- int encs[3] = {0};
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
- !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- encs[0] = EVP_PKEY_RSA;
-#endif
-#endif
-#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
- encs[1] = EVP_PKEY_DSA;
-#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- encs[2] = EVP_PKEY_EC;
-#endif
-#endif
-
- AssertNotNull(sig =
+ ExpectNotNull(sig =
(byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- AssertNotNull(sigVerify =
+ ExpectNotNull(sigVerify =
(byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
- for (i = 0; i < 3; i++) {
- if (encs[i] == 0)
- continue;
-
- siglen = keySz;
- XMEMSET(sig, 0, keySz);
- XMEMSET(sigVerify, 0, keySz);
+ siglen = keySz;
+ ExpectNotNull(XMEMSET(sig, 0, keySz));
+ ExpectNotNull(XMEMSET(sigVerify, 0, keySz));
- /* Generate hash */
- SHA256_Init(&c);
- SHA256_Update(&c, in, inlen);
- SHA256_Final(hash, &c);
+ /* Generate hash */
+ SHA256_Init(&c);
+ SHA256_Update(&c, in, inlen);
+ SHA256_Final(hash, &c);
#ifdef WOLFSSL_SMALL_STACK_CACHE
- /* workaround for small stack cache case */
- wc_Sha256Free((wc_Sha256*)&c);
+ /* workaround for small stack cache case */
+ wc_Sha256Free((wc_Sha256*)&c);
#endif
- /* Generate key */
- AssertNotNull(pkey = EVP_PKEY_new());
- switch (encs[i]) {
- case EVP_PKEY_RSA:
+ /* Generate key */
+ ExpectNotNull(pkey = EVP_PKEY_new());
+ switch (keyType) {
+ case EVP_PKEY_RSA:
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- {
- WOLFSSL_RSA* rsa = NULL;
- AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
- AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
- }
+ {
+ ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+ ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
+ }
#endif
#endif
- break;
- case EVP_PKEY_DSA:
+ break;
+ case EVP_PKEY_DSA:
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
- AssertNotNull(dsa = DSA_new());
- AssertIntEQ(DSA_generate_parameters_ex(dsa, 2048,
- NULL, 0, NULL, NULL, NULL), 1);
- AssertIntEQ(DSA_generate_key(dsa), 1);
- AssertIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS);
+ ExpectNotNull(dsa = DSA_new());
+ ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048,
+ NULL, 0, NULL, NULL, NULL), 1);
+ ExpectIntEQ(DSA_generate_key(dsa), 1);
+ ExpectIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS);
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
- break;
- case EVP_PKEY_EC:
+ break;
+ case EVP_PKEY_EC:
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- {
- WOLFSSL_EC_KEY* ecKey = NULL;
- AssertNotNull(ecKey = EC_KEY_new());
- AssertIntEQ(EC_KEY_generate_key(ecKey), 1);
- AssertIntEQ(
- EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+ {
+ ExpectNotNull(ecKey = EC_KEY_new());
+ ExpectIntEQ(EC_KEY_generate_key(ecKey), 1);
+ ExpectIntEQ(
+ EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ EC_KEY_free(ecKey);
}
+ }
#endif
#endif
- break;
- }
- AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
- AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+ break;
+ }
+ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- if (encs[i] == EVP_PKEY_RSA)
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
- WOLFSSL_SUCCESS);
+ if (keyType == EVP_PKEY_RSA)
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
+ WOLFSSL_SUCCESS);
#endif
#endif
- /* Check returning only length */
- AssertIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash,
- SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
- AssertIntGT(siglenOnlyLen, 0);
- /* Sign data */
- AssertIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash,
- SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
- AssertIntGE(siglenOnlyLen, siglen);
+ /* Check returning only length */
+ ExpectIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash,
+ SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
+ ExpectIntGT(siglenOnlyLen, 0);
+ /* Sign data */
+ ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash,
+ SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
+ ExpectIntGE(siglenOnlyLen, siglen);
- /* Verify signature */
- AssertNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL));
- AssertIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
+ /* Verify signature */
+ ExpectNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL));
+ ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- if (encs[i] == EVP_PKEY_RSA)
- AssertIntEQ(
- EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING),
- WOLFSSL_SUCCESS);
+ if (keyType == EVP_PKEY_RSA)
+ ExpectIntEQ(
+ EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING),
+ WOLFSSL_SUCCESS);
#endif
#endif
- AssertIntEQ(EVP_PKEY_verify(
- ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_verify(
- ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH),
- WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_verify(
+ ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_verify(
+ ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH),
+ WOLFSSL_FAILURE);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- if (encs[i] == EVP_PKEY_RSA) {
- #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT)
- /* Try RSA sign/verify with no padding. */
- AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
- siglen), WOLFSSL_SUCCESS);
- AssertIntGE(siglenOnlyLen, siglen);
- AssertIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
- RSA_NO_PADDING), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
- siglen), WOLFSSL_SUCCESS);
- #endif
+ if (keyType == EVP_PKEY_RSA) {
+ #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT)
+ /* Try RSA sign/verify with no padding. */
+ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
+ siglen), WOLFSSL_SUCCESS);
+ ExpectIntGE(siglenOnlyLen, siglen);
+ ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
+ RSA_NO_PADDING), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
+ siglen), WOLFSSL_SUCCESS);
+ #endif
- /* Wrong padding schemes. */
- AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx,
- RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
- AssertIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
- siglen), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
- RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
- AssertIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
- siglen), WOLFSSL_SUCCESS);
-
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
- RSA_PKCS1_PADDING), WOLFSSL_SUCCESS);
- }
+ /* Wrong padding schemes. */
+ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx,
+ RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
+ ExpectIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
+ siglen), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
+ RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
+ ExpectIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
+ siglen), WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
+ RSA_PKCS1_PADDING), WOLFSSL_SUCCESS);
+ }
#endif
#endif
- /* error cases */
- siglen = keySz; /* Reset because sig size may vary slightly */
- AssertIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
- AssertIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen),
- WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen),
- WOLFSSL_SUCCESS);
+ /* error cases */
+ siglen = keySz; /* Reset because sig size may vary slightly */
+ ExpectIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+ ExpectIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen),
+ WOLFSSL_SUCCESS);
- EVP_PKEY_free(pkey);
+ EVP_PKEY_free(pkey);
+ pkey = NULL;
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
- DSA_free(dsa);
- dsa = NULL;
+ DSA_free(dsa);
+ dsa = NULL;
#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
- EVP_PKEY_CTX_free(ctx_verify);
- EVP_PKEY_CTX_free(ctx);
- }
+ EVP_PKEY_CTX_free(ctx_verify);
+ ctx_verify = NULL;
+ EVP_PKEY_CTX_free(ctx);
+ ctx = NULL;
XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(sigVerify, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
+}
+#endif
+
+static int test_wolfSSL_EVP_PKEY_sign_verify_rsa(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
+ !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+ ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_RSA), TEST_SUCCESS);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_EVP_PKEY_sign_verify_dsa(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
+#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
+ ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_DSA), TEST_SUCCESS);
+#endif
+#endif
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_EVP_PKEY_sign_verify_ec(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+ ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_EC), TEST_SUCCESS);
+#endif
+#endif
+ return EXPECT_RESULT();
}
static int test_EVP_PKEY_rsa(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
- WOLFSSL_RSA* rsa;
- WOLFSSL_EVP_PKEY* pkey;
-
- AssertNotNull(rsa = wolfSSL_RSA_new());
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
- AssertPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
- wolfSSL_EVP_PKEY_free(pkey);
+ WOLFSSL_RSA* rsa = NULL;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
- res = TEST_RES_CHECK(1);
+ ExpectNotNull(rsa = wolfSSL_RSA_new());
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_RSA_free(rsa);
+ }
+ ExpectPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
+ wolfSSL_EVP_PKEY_free(pkey);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_EVP_PKEY_ec(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- WOLFSSL_EC_KEY* ecKey;
- WOLFSSL_EVP_PKEY* pkey;
+ WOLFSSL_EC_KEY* ecKey = NULL;
+ WOLFSSL_EVP_PKEY* pkey = NULL;
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
- AssertIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
/* Should fail since ecKey is empty */
- AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
- AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+ if (EXPECT_FAIL()) {
+ wolfSSL_EC_KEY_free(ecKey);
+ }
wolfSSL_EVP_PKEY_free(pkey);
-
- res = TEST_RES_CHECK(1);
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_EVP_PKEY_cmp(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
- EVP_PKEY *a, *b;
+ EVP_PKEY *a = NULL;
+ EVP_PKEY *b = NULL;
const unsigned char *in;
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
in = client_key_der_2048;
- AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+ ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
in = client_key_der_2048;
- AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+ ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
/* Test success case RSA */
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
- AssertIntEQ(EVP_PKEY_cmp(a, b), 1);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
#else
- AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
EVP_PKEY_free(b);
+ b = NULL;
EVP_PKEY_free(a);
+ a = NULL;
#endif
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
in = ecc_clikey_der_256;
- AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
+ ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
in = ecc_clikey_der_256;
- AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
+ ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
/* Test success case ECC */
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
- AssertIntEQ(EVP_PKEY_cmp(a, b), 1);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
#else
- AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
EVP_PKEY_free(b);
+ b = NULL;
EVP_PKEY_free(a);
+ a = NULL;
#endif
/* Test failure cases */
@@ -53407,59 +51881,58 @@ static int test_EVP_PKEY_cmp(void)
defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
in = client_key_der_2048;
- AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+ ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
in = ecc_clikey_der_256;
- AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
+ ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
- AssertIntEQ(EVP_PKEY_cmp(a, b), -1);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), -1);
#else
- AssertIntNE(EVP_PKEY_cmp(a, b), 0);
+ ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
#endif /* WOLFSSL_ERROR_CODE_OPENSSL */
EVP_PKEY_free(b);
+ b = NULL;
EVP_PKEY_free(a);
+ a = NULL;
#endif
/* invalid or empty failure cases */
a = EVP_PKEY_new();
b = EVP_PKEY_new();
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
- AssertIntEQ(EVP_PKEY_cmp(NULL, NULL), 0);
- AssertIntEQ(EVP_PKEY_cmp(a, NULL), 0);
- AssertIntEQ(EVP_PKEY_cmp(NULL, b), 0);
+ ExpectIntEQ(EVP_PKEY_cmp(NULL, NULL), 0);
+ ExpectIntEQ(EVP_PKEY_cmp(a, NULL), 0);
+ ExpectIntEQ(EVP_PKEY_cmp(NULL, b), 0);
#ifdef NO_RSA
/* Type check will fail since RSA is the default EVP key type */
- AssertIntEQ(EVP_PKEY_cmp(a, b), -2);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), -2);
#else
- AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
+ ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif
#else
- AssertIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
- AssertIntNE(EVP_PKEY_cmp(a, NULL), 0);
- AssertIntNE(EVP_PKEY_cmp(NULL, b), 0);
- AssertIntNE(EVP_PKEY_cmp(a, b), 0);
+ ExpectIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
+ ExpectIntNE(EVP_PKEY_cmp(a, NULL), 0);
+ ExpectIntNE(EVP_PKEY_cmp(NULL, b), 0);
+ ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
#endif
EVP_PKEY_free(b);
EVP_PKEY_free(a);
(void)in;
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_ERR_load_crypto_strings(void)
{
- int res = TEST_SKIPPED;
#if defined(OPENSSL_ALL)
ERR_load_crypto_strings();
-
- res = TEST_RES_CHECK(1);
+ return TEST_SUCCESS;
+#else
+ return TEST_SKIPPED;
#endif
- return res;
}
#if defined(OPENSSL_ALL) && !defined(NO_CERTS)
@@ -53471,27 +51944,27 @@ static void free_x509(X509* x)
static int test_sk_X509(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS)
{
- STACK_OF(X509)* s;
+ STACK_OF(X509)* s = NULL;
- AssertNotNull(s = sk_X509_new_null());
- AssertIntEQ(sk_X509_num(s), 0);
+ ExpectNotNull(s = sk_X509_new_null());
+ ExpectIntEQ(sk_X509_num(s), 0);
sk_X509_pop_free(s, NULL);
- AssertNotNull(s = sk_X509_new_null());
- AssertIntEQ(sk_X509_num(s), 0);
+ ExpectNotNull(s = sk_X509_new_null());
+ ExpectIntEQ(sk_X509_num(s), 0);
sk_X509_pop_free(s, NULL);
- AssertNotNull(s = sk_X509_new_null());
+ ExpectNotNull(s = sk_X509_new_null());
sk_X509_push(s, (X509*)1);
- AssertIntEQ(sk_X509_num(s), 1);
- AssertIntEQ((sk_X509_value(s, 0) == (X509*)1), 1);
+ ExpectIntEQ(sk_X509_num(s), 1);
+ ExpectIntEQ((sk_X509_value(s, 0) == (X509*)1), 1);
sk_X509_push(s, (X509*)2);
- AssertIntEQ(sk_X509_num(s), 2);
- AssertIntEQ((sk_X509_value(s, 0) == (X509*)2), 1);
- AssertIntEQ((sk_X509_value(s, 1) == (X509*)1), 1);
+ ExpectIntEQ(sk_X509_num(s), 2);
+ ExpectIntEQ((sk_X509_value(s, 0) == (X509*)2), 1);
+ ExpectIntEQ((sk_X509_value(s, 1) == (X509*)1), 1);
sk_X509_push(s, (X509*)2);
sk_X509_pop_free(s, free_x509);
}
@@ -53499,22 +51972,24 @@ static int test_sk_X509(void)
{
/* Push a list of 10 X509s onto stack, then verify that
* value(), push(), shift(), and pop() behave as expected. */
- STACK_OF(X509)* s;
+ STACK_OF(X509)* s = NULL;
X509* xList[10];
int i = 0;
const int len = (sizeof(xList) / sizeof(xList[0]));
- for (i = 0; i < len; ++i)
- AssertNotNull(xList[i] = X509_new());
+ for (i = 0; i < len; ++i) {
+ xList[i] = NULL;
+ ExpectNotNull(xList[i] = X509_new());
+ }
/* test push, pop, and free */
- AssertNotNull(s = sk_X509_new_null());
+ ExpectNotNull(s = sk_X509_new_null());
for (i = 0; i < len; ++i) {
sk_X509_push(s, xList[i]);
- AssertIntEQ(sk_X509_num(s), i + 1);
- AssertIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
- AssertIntEQ((sk_X509_value(s, i) == xList[0]), 1);
+ ExpectIntEQ(sk_X509_num(s), i + 1);
+ ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
+ ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1);
}
/* pop returns and removes last pushed on stack, which is index 0
@@ -53524,21 +51999,22 @@ static int test_sk_X509(void)
X509 * y = sk_X509_pop(s);
X509 * z = xList[len - 1 - i];
- AssertIntEQ((x == y), 1);
- AssertIntEQ((x == z), 1);
- AssertIntEQ(sk_X509_num(s), len - 1 - i);
+ ExpectIntEQ((x == y), 1);
+ ExpectIntEQ((x == z), 1);
+ ExpectIntEQ(sk_X509_num(s), len - 1 - i);
}
sk_free(s);
+ s = NULL;
/* test push, shift, and free */
- AssertNotNull(s = sk_X509_new_null());
+ ExpectNotNull(s = sk_X509_new_null());
for (i = 0; i < len; ++i) {
sk_X509_push(s, xList[i]);
- AssertIntEQ(sk_X509_num(s), i + 1);
- AssertIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
- AssertIntEQ((sk_X509_value(s, i) == xList[0]), 1);
+ ExpectIntEQ(sk_X509_num(s), i + 1);
+ ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
+ ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1);
}
/* shift returns and removes first pushed on stack, which is index i
@@ -53548,9 +52024,9 @@ static int test_sk_X509(void)
X509 * y = sk_X509_shift(s);
X509 * z = xList[i];
- AssertIntEQ((x == y), 1);
- AssertIntEQ((x == z), 1);
- AssertIntEQ(sk_X509_num(s), len - 1 - i);
+ ExpectIntEQ((x == y), 1);
+ ExpectIntEQ((x == z), 1);
+ ExpectIntEQ(sk_X509_num(s), len - 1 - i);
}
sk_free(s);
@@ -53558,67 +52034,65 @@ static int test_sk_X509(void)
for (i = 0; i < len; ++i)
X509_free(xList[i]);
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_sk_X509_CRL(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && defined(HAVE_CRL)
- X509_CRL* crl;
- XFILE fp;
- STACK_OF(X509_CRL)* s;
+ X509_CRL* crl = NULL;
+ XFILE fp = XBADFILE;
+ STACK_OF(X509_CRL)* s = NULL;
- fp = XFOPEN("./certs/crl/crl.pem", "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL));
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE);
+ ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+ NULL, NULL));
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
- AssertNotNull(s = sk_X509_CRL_new());
- AssertIntEQ(sk_X509_CRL_num(s), 0);
- AssertIntEQ(sk_X509_CRL_push(s, crl), 1);
- AssertIntEQ(sk_X509_CRL_num(s), 1);
- AssertPtrEq(sk_X509_CRL_value(s, 0), crl);
+ ExpectNotNull(s = sk_X509_CRL_new());
+ ExpectIntEQ(sk_X509_CRL_num(s), 0);
+ ExpectIntEQ(sk_X509_CRL_push(s, crl), 1);
+ if (EXPECT_FAIL()) {
+ X509_CRL_free(crl);
+ }
+ ExpectIntEQ(sk_X509_CRL_num(s), 1);
+ ExpectPtrEq(sk_X509_CRL_value(s, 0), crl);
sk_X509_CRL_free(s);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_X509_get_signature_nid(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
- X509* x509;
+ X509* x509 = NULL;
- AssertIntEQ(X509_get_signature_nid(NULL), 0);
- AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
- SSL_FILETYPE_PEM));
- AssertIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption);
+ ExpectIntEQ(X509_get_signature_nid(NULL), 0);
+ ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+ SSL_FILETYPE_PEM));
+ ExpectIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption);
X509_free(x509);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_X509_REQ(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO)
- X509_NAME* name;
+ X509_NAME* name = NULL;
#ifndef NO_RSA
- X509_NAME* subject;
+ X509_NAME* subject = NULL;
#endif
#if !defined(NO_RSA) || defined(HAVE_ECC)
- X509_REQ* req;
- EVP_PKEY* priv;
- EVP_PKEY* pub;
+ X509_REQ* req = NULL;
+ EVP_PKEY* priv = NULL;
+ EVP_PKEY* pub = NULL;
unsigned char* der = NULL;
int len;
#endif
@@ -53638,91 +52112,95 @@ static int test_X509_REQ(void)
const unsigned char* ecPub = (unsigned char*)ecc_clikeypub_der_256;
#endif
- AssertNotNull(name = X509_NAME_new());
- AssertIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
- (byte*)"wolfssl.com", 11, 0, 1),
- WOLFSSL_SUCCESS);
- AssertIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
- (byte*)"support@wolfssl.com", 19, -1,
- 1), WOLFSSL_SUCCESS);
+ ExpectNotNull(name = X509_NAME_new());
+ ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
+ (byte*)"wolfssl.com", 11, 0, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
+ (byte*)"support@wolfssl.com", 19, -1, 1), WOLFSSL_SUCCESS);
#ifndef NO_RSA
- AssertNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
- (long)sizeof_client_key_der_2048));
- AssertNotNull(pub = d2i_PUBKEY(NULL, &rsaPub,
- (long)sizeof_client_keypub_der_2048));
- AssertNotNull(req = X509_REQ_new());
- AssertIntEQ(X509_REQ_set_subject_name(NULL, name), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_set_subject_name(req, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
- AssertIntEQ(X509_REQ_set_pubkey(NULL, pub), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_set_pubkey(req, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
- AssertIntEQ(X509_REQ_sign(NULL, priv, EVP_sha256()), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
+ ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
+ (long)sizeof_client_key_der_2048));
+ ExpectNotNull(pub = d2i_PUBKEY(NULL, &rsaPub,
+ (long)sizeof_client_keypub_der_2048));
+ ExpectNotNull(req = X509_REQ_new());
+ ExpectIntEQ(X509_REQ_set_subject_name(NULL, name), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_set_subject_name(req, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_REQ_set_pubkey(NULL, pub), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_set_pubkey(req, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_REQ_sign(NULL, priv, EVP_sha256()), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
len = i2d_X509_REQ(req, &der);
DEBUG_WRITE_DER(der, len, "req.der");
#ifdef USE_CERT_BUFFERS_1024
- AssertIntEQ(len, 381);
+ ExpectIntEQ(len, 381);
#else
- AssertIntEQ(len, 643);
+ ExpectIntEQ(len, 643);
#endif
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
der = NULL;
mctx = EVP_MD_CTX_new();
- AssertIntEQ(EVP_DigestSignInit(mctx, &pkctx, EVP_sha256(), NULL, priv), WOLFSSL_SUCCESS);
- AssertIntEQ(X509_REQ_sign_ctx(req, mctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestSignInit(mctx, &pkctx, EVP_sha256(), NULL, priv),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_REQ_sign_ctx(req, mctx), WOLFSSL_SUCCESS);
EVP_MD_CTX_free(mctx);
+ mctx = NULL;
X509_REQ_free(NULL);
X509_REQ_free(req);
+ req = NULL;
/* Test getting the subject from a newly created X509_REQ */
- AssertNotNull(req = X509_REQ_new());
- AssertNotNull(subject = X509_REQ_get_subject_name(req));
- AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_commonName,
- MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 1);
- AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_countryName,
- MBSTRING_UTF8, (unsigned char*)"US", -1, -1, 0), 1);
- AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_localityName,
- MBSTRING_UTF8, (unsigned char*)"Bozeman", -1, -1, 0), 1);
- AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_stateOrProvinceName,
- MBSTRING_UTF8, (unsigned char*)"Montana", -1, -1, 0), 1);
- AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationName,
- MBSTRING_UTF8, (unsigned char*)"wolfSSL", -1, -1, 0), 1);
- AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationalUnitName,
- MBSTRING_UTF8, (unsigned char*)"Testing", -1, -1, 0), 1);
- AssertIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
- AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
+ ExpectNotNull(req = X509_REQ_new());
+ ExpectNotNull(subject = X509_REQ_get_subject_name(req));
+ ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_commonName,
+ MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 1);
+ ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_countryName,
+ MBSTRING_UTF8, (unsigned char*)"US", -1, -1, 0), 1);
+ ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_localityName,
+ MBSTRING_UTF8, (unsigned char*)"Bozeman", -1, -1, 0), 1);
+ ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_stateOrProvinceName,
+ MBSTRING_UTF8, (unsigned char*)"Montana", -1, -1, 0), 1);
+ ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationName,
+ MBSTRING_UTF8, (unsigned char*)"wolfSSL", -1, -1, 0), 1);
+ ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationalUnitName,
+ MBSTRING_UTF8, (unsigned char*)"Testing", -1, -1, 0), 1);
+ ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
len = i2d_X509_REQ(req, &der);
DEBUG_WRITE_DER(der, len, "req2.der");
#ifdef USE_CERT_BUFFERS_1024
- AssertIntEQ(len, 435);
+ ExpectIntEQ(len, 435);
#else
- AssertIntEQ(len, 696);
+ ExpectIntEQ(len, 696);
#endif
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
der = NULL;
EVP_PKEY_free(pub);
+ pub = NULL;
EVP_PKEY_free(priv);
+ priv = NULL;
X509_REQ_free(req);
+ req = NULL;
#endif
#ifdef HAVE_ECC
- AssertNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &ecPriv,
- sizeof_ecc_clikey_der_256));
- AssertNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &ecPub,
- sizeof_ecc_clikeypub_der_256));
- AssertNotNull(req = X509_REQ_new());
- AssertIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
- AssertIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
- AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
+ ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &ecPriv,
+ sizeof_ecc_clikey_der_256));
+ ExpectNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &ecPub,
+ sizeof_ecc_clikeypub_der_256));
+ ExpectNotNull(req = X509_REQ_new());
+ ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
+ ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
/* Signature is random and may be shorter or longer. */
- AssertIntGE((len = i2d_X509_REQ(req, &der)), 245);
- AssertIntLE(len, 253);
+ ExpectIntGE((len = i2d_X509_REQ(req, &der)), 245);
+ ExpectIntLE(len, 253);
XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
X509_REQ_free(req);
EVP_PKEY_free(pub);
@@ -53734,70 +52212,71 @@ static int test_X509_REQ(void)
#endif /* HAVE_ECC */
X509_NAME_free(name);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_PKCS7(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \
!defined(NO_RSA)
- PKCS7* pkcs7;
+ PKCS7* pkcs7 = NULL;
byte data[FOURK_BUF];
word32 len = sizeof(data);
const byte* p = data;
byte content[] = "Test data to encode.";
#if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
- BIO* bio;
+ BIO* bio = NULL;
byte key[sizeof(client_key_der_2048)];
word32 keySz = (word32)sizeof(key);
byte* out = NULL;
#endif
- AssertIntGT((len = CreatePKCS7SignedData(data, len, content,
- (word32)sizeof(content),
- 0, 0, 0, RSA_TYPE)), 0);
+ ExpectIntGT((len = CreatePKCS7SignedData(data, len, content,
+ (word32)sizeof(content), 0, 0, 0, RSA_TYPE)), 0);
- AssertNull(pkcs7 = d2i_PKCS7(NULL, NULL, len));
- AssertNull(pkcs7 = d2i_PKCS7(NULL, &p, 0));
- AssertNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
- AssertIntEQ(wolfSSL_PKCS7_verify(NULL, NULL, NULL, NULL, NULL,
- PKCS7_NOVERIFY), WOLFSSL_FAILURE);
+ ExpectNull(pkcs7 = d2i_PKCS7(NULL, NULL, len));
+ ExpectNull(pkcs7 = d2i_PKCS7(NULL, &p, 0));
+ ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
+ ExpectIntEQ(wolfSSL_PKCS7_verify(NULL, NULL, NULL, NULL, NULL,
+ PKCS7_NOVERIFY), WOLFSSL_FAILURE);
PKCS7_free(pkcs7);
+ pkcs7 = NULL;
/* fail case, without PKCS7_NOVERIFY */
p = data;
- AssertNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
- 0), WOLFSSL_FAILURE);
+ ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
+ 0), WOLFSSL_FAILURE);
PKCS7_free(pkcs7);
+ pkcs7 = NULL;
/* success case, with PKCS7_NOVERIFY */
p = data;
- AssertNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
- PKCS7_NOVERIFY), WOLFSSL_SUCCESS);
+ ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
+ PKCS7_NOVERIFY), WOLFSSL_SUCCESS);
#if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
/* test i2d */
XMEMCPY(key, client_key_der_2048, keySz);
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = (word32)sizeof(key);
- pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
- pkcs7->hashOID = SHA256h;
-#else
- pkcs7->hashOID = SHAh;
-#endif
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1);
+ if (pkcs7 != NULL) {
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = (word32)sizeof(key);
+ pkcs7->encryptOID = RSAk;
+ #ifdef NO_SHA
+ pkcs7->hashOID = SHA256h;
+ #else
+ pkcs7->hashOID = SHAh;
+ #endif
+ }
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1);
#ifndef NO_ASN_TIME
- AssertIntEQ(i2d_PKCS7(pkcs7, &out), 655);
+ ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 655);
#else
- AssertIntEQ(i2d_PKCS7(pkcs7, &out), 625);
+ ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 625);
#endif
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
BIO_free(bio);
@@ -53805,15 +52284,13 @@ static int test_wolfssl_PKCS7(void)
PKCS7_free(NULL);
PKCS7_free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS7_sign(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
@@ -53839,63 +52316,66 @@ static int test_wolfSSL_PKCS7_sign(void)
X509_STORE* store = NULL;
/* read signer cert/key into BIO */
- AssertNotNull(certBio = BIO_new_file(cert, "r"));
- AssertNotNull(keyBio = BIO_new_file(key, "r"));
- AssertNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
- AssertNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
+ ExpectNotNull(certBio = BIO_new_file(cert, "r"));
+ ExpectNotNull(keyBio = BIO_new_file(key, "r"));
+ ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
+ ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
/* read CA cert into store (for verify) */
- AssertNotNull(caBio = BIO_new_file(ca, "r"));
- AssertNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
- AssertNotNull(store = X509_STORE_new());
- AssertIntEQ(X509_STORE_add_cert(store, caCert), 1);
+ ExpectNotNull(caBio = BIO_new_file(ca, "r"));
+ ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
+ ExpectNotNull(store = X509_STORE_new());
+ ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1);
/* data to be signed into BIO */
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
/* PKCS7_sign, bad args: signer NULL */
- AssertNull(p7 = PKCS7_sign(NULL, signKey, NULL, inBio, 0));
+ ExpectNull(p7 = PKCS7_sign(NULL, signKey, NULL, inBio, 0));
/* PKCS7_sign, bad args: signer key NULL */
- AssertNull(p7 = PKCS7_sign(signCert, NULL, NULL, inBio, 0));
+ ExpectNull(p7 = PKCS7_sign(signCert, NULL, NULL, inBio, 0));
/* PKCS7_sign, bad args: in data NULL without PKCS7_STREAM */
- AssertNull(p7 = PKCS7_sign(signCert, signKey, NULL, NULL, 0));
+ ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, NULL, 0));
/* PKCS7_sign, bad args: PKCS7_NOCERTS flag not supported */
- AssertNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_NOCERTS));
+ ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_NOCERTS));
/* PKCS7_sign, bad args: PKCS7_PARTIAL flag not supported */
- AssertNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_PARTIAL));
+ ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_PARTIAL));
/* TEST SUCCESS: Not detached, not streaming, not MIME */
{
flags = PKCS7_BINARY;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* verify with d2i_PKCS7 */
tmpPtr = out;
- AssertNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
- AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+ ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
+ ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
PKCS7_free(p7Ver);
+ p7Ver = NULL;
/* verify with wc_PKCS7_VerifySignedData */
- AssertNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
- AssertIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0);
- AssertIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
+ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0);
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
/* compare the signer found to expected signer */
- AssertIntNE(p7Ver->verifyCertSz, 0);
+ ExpectIntNE(p7Ver->verifyCertSz, 0);
tmpPtr = NULL;
- AssertIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz);
- AssertIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0);
+ ExpectIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz);
+ ExpectIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0);
XFREE(tmpPtr, NULL, DYNAMIC_TYPE_OPENSSL);
tmpPtr = NULL;
wc_PKCS7_Free(p7Ver);
+ p7Ver = NULL;
- AssertNotNull(out);
+ ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
/* TEST SUCCESS: Not detached, streaming, not MIME. Also bad arg
@@ -53903,82 +52383,96 @@ static int test_wolfSSL_PKCS7_sign(void)
{
/* re-populate input BIO, may have been consumed */
BIO_free(inBio);
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ inBio = NULL;
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_BINARY | PKCS7_STREAM;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertIntEQ(PKCS7_final(p7, inBio, flags), 1);
- AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1);
+ ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* PKCS7_final, bad args: PKCS7 null */
- AssertIntEQ(PKCS7_final(NULL, inBio, 0), 0);
+ ExpectIntEQ(PKCS7_final(NULL, inBio, 0), 0);
/* PKCS7_final, bad args: PKCS7 null */
- AssertIntEQ(PKCS7_final(p7, NULL, 0), 0);
+ ExpectIntEQ(PKCS7_final(p7, NULL, 0), 0);
tmpPtr = out;
- AssertNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
- AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+ ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
+ ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
PKCS7_free(p7Ver);
+ p7Ver = NULL;
- AssertNotNull(out);
+ ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
/* TEST SUCCESS: Detached, not streaming, not MIME */
{
/* re-populate input BIO, may have been consumed */
BIO_free(inBio);
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ inBio = NULL;
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_BINARY | PKCS7_DETACHED;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* verify with wolfCrypt, d2i_PKCS7 does not support detached content */
- AssertNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
- p7Ver->content = data;
- p7Ver->contentSz = sizeof(data);
- AssertIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
+ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
+ if (p7Ver != NULL) {
+ p7Ver->content = data;
+ p7Ver->contentSz = sizeof(data);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
wc_PKCS7_Free(p7Ver);
+ p7Ver = NULL;
/* verify expected failure (NULL return) from d2i_PKCS7, it does not
* yet support detached content */
tmpPtr = out;
- AssertNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
+ ExpectNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
PKCS7_free(p7Ver);
+ p7Ver = NULL;
- AssertNotNull(out);
+ ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
out = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
/* TEST SUCCESS: Detached, streaming, not MIME */
{
/* re-populate input BIO, may have been consumed */
BIO_free(inBio);
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ inBio = NULL;
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_BINARY | PKCS7_DETACHED | PKCS7_STREAM;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertIntEQ(PKCS7_final(p7, inBio, flags), 1);
- AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1);
+ ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
/* verify with wolfCrypt, d2i_PKCS7 does not support detached content */
- AssertNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
- p7Ver->content = data;
- p7Ver->contentSz = sizeof(data);
- AssertIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
+ ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
+ if (p7Ver != NULL) {
+ p7Ver->content = data;
+ p7Ver->contentSz = sizeof(data);
+ }
+ ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
wc_PKCS7_Free(p7Ver);
+ p7Ver = NULL;
- AssertNotNull(out);
+ ExpectNotNull(out);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
PKCS7_free(p7);
+ p7 = NULL;
}
X509_STORE_free(store);
@@ -53989,33 +52483,28 @@ static int test_wolfSSL_PKCS7_sign(void)
BIO_free(keyBio);
BIO_free(certBio);
BIO_free(caBio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PKCS7_SIGNED_new(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
- PKCS7_SIGNED* pkcs7;
+ PKCS7_SIGNED* pkcs7 = NULL;
- pkcs7 = PKCS7_SIGNED_new();
- AssertNotNull(pkcs7);
- AssertIntEQ(pkcs7->contentOID, SIGNED_DATA);
+ ExpectNotNull(pkcs7 = PKCS7_SIGNED_new());
+ ExpectIntEQ(pkcs7->contentOID, SIGNED_DATA);
PKCS7_SIGNED_free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_write_bio_PKCS7(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
PKCS7* pkcs7 = NULL;
BIO* bio = NULL;
@@ -54048,19 +52537,27 @@ static int test_wolfSSL_PEM_write_bio_PKCS7(void)
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
- XFILE fp;
+ XFILE fp = XBADFILE;
int certSz;
int keySz;
- fp = XFOPEN("./certs/1024/client-cert.der", "rb");
- AssertTrue((fp != XBADFILE));
- certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/1024/client-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+ 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
#endif
#elif defined(HAVE_ECC)
#if defined(USE_CERT_BUFFERS_256)
@@ -54075,66 +52572,75 @@ static int test_wolfSSL_PEM_write_bio_PKCS7(void)
#else
unsigned char cert[ONEK_BUF];
unsigned char key[ONEK_BUF];
- XFILE fp;
+ XFILE fp = XBADFILE;
int certSz, keySz;
- fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
- AssertTrue(fp != XBADFILE);
- certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
+ fp), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- fp = XFOPEN("./certs/client-ecc-key.der", "rb");
- AssertTrue(fp != XBADFILE);
- keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+ XBADFILE);
+ ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
+ 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
#endif
#else
#error PKCS7 requires ECC or RSA
#endif
- AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+ ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
/* initialize with DER encoded cert */
- AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
+ ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
/* init rng */
- AssertIntEQ(wc_InitRng(&rng), 0);
-
- pkcs7->rng = &rng;
- pkcs7->content = (byte*)data; /* not used for ex */
- pkcs7->contentSz = (word32)sizeof(data);
- pkcs7->contentOID = SIGNED_DATA;
- pkcs7->privateKey = key;
- pkcs7->privateKeySz = (word32)sizeof(key);
- pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
- pkcs7->hashOID = SHA256h;
-#else
- pkcs7->hashOID = SHAh;
-#endif
- pkcs7->signedAttribs = NULL;
- pkcs7->signedAttribsSz = 0;
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+
+ if (pkcs7 != NULL) {
+ pkcs7->rng = &rng;
+ pkcs7->content = (byte*)data; /* not used for ex */
+ pkcs7->contentSz = (word32)sizeof(data);
+ pkcs7->contentOID = SIGNED_DATA;
+ pkcs7->privateKey = key;
+ pkcs7->privateKeySz = (word32)sizeof(key);
+ pkcs7->encryptOID = RSAk;
+ #ifdef NO_SHA
+ pkcs7->hashOID = SHA256h;
+ #else
+ pkcs7->hashOID = SHAh;
+ #endif
+ pkcs7->signedAttribs = NULL;
+ pkcs7->signedAttribsSz = 0;
+ }
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
/* Write PKCS#7 PEM to BIO, the function converts the DER to PEM cert*/
- AssertIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS);
+ ExpectIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS);
/* Read PKCS#7 PEM from BIO */
ret = wolfSSL_BIO_get_mem_data(bio, &cert_buf);
- AssertIntGE(ret, 0);
+ ExpectIntGE(ret, 0);
BIO_free(bio);
wc_PKCS7_Free(pkcs7);
wc_FreeRng(&rng);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifdef HAVE_SMIME
static int test_wolfSSL_SMIME_read_PKCS7(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
PKCS7* pkcs7 = NULL;
@@ -54144,80 +52650,89 @@ static int test_wolfSSL_SMIME_read_PKCS7(void)
const byte* outBuf = NULL;
int outBufLen = 0;
static const char contTypeText[] = "Content-Type: text/plain\r\n\r\n";
- XFILE smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r");
+ XFILE smimeTestFile = XBADFILE;
+
+ ExpectTrue((smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r")) !=
+ XBADFILE);
/* smime-test.p7s */
bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
- AssertNotNull(bio);
- AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+ ExpectNotNull(bio);
+ ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
- AssertNotNull(pkcs7);
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
- PKCS7_NOVERIFY), SSL_SUCCESS);
+ ExpectNotNull(pkcs7);
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+ PKCS7_NOVERIFY), SSL_SUCCESS);
XFCLOSE(smimeTestFile);
if (bcont) BIO_free(bcont);
+ bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
+ pkcs7 = NULL;
/* smime-test-multipart.p7s */
smimeTestFile = XFOPEN("./certs/test/smime-test-multipart.p7s", "r");
- AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
- AssertNotNull(pkcs7);
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
- PKCS7_NOVERIFY), SSL_SUCCESS);
+ ExpectNotNull(pkcs7);
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+ PKCS7_NOVERIFY), SSL_SUCCESS);
XFCLOSE(smimeTestFile);
if (bcont) BIO_free(bcont);
+ bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
+ pkcs7 = NULL;
/* smime-test-multipart-badsig.p7s */
smimeTestFile = XFOPEN("./certs/test/smime-test-multipart-badsig.p7s", "r");
- AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
- AssertNull(pkcs7);
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
- PKCS7_NOVERIFY), SSL_FAILURE);
+ ExpectNotNull(pkcs7); /* can read in the unverified smime bundle */
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+ PKCS7_NOVERIFY), SSL_FAILURE);
XFCLOSE(smimeTestFile);
if (bcont) BIO_free(bcont);
+ bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
+ pkcs7 = NULL;
/* smime-test-canon.p7s */
smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
- AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
- AssertNotNull(pkcs7);
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
- PKCS7_NOVERIFY), SSL_SUCCESS);
+ ExpectNotNull(pkcs7);
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+ PKCS7_NOVERIFY), SSL_SUCCESS);
XFCLOSE(smimeTestFile);
if (bcont) BIO_free(bcont);
+ bcont = NULL;
wolfSSL_PKCS7_free(pkcs7);
+ pkcs7 = NULL;
/* Test PKCS7_TEXT, PKCS7_verify() should remove Content-Type: text/plain */
smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
- AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
- AssertNotNull(pkcs7);
+ ExpectNotNull(pkcs7);
out = wolfSSL_BIO_new(BIO_s_mem());
- AssertNotNull(out);
- AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out,
- PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS);
- AssertIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0);
+ ExpectNotNull(out);
+ ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out,
+ PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS);
+ ExpectIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0);
/* Content-Type should not show up at beginning of output buffer */
- AssertIntGT(outBufLen, XSTRLEN(contTypeText));
- AssertIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0);
+ ExpectIntGT(outBufLen, XSTRLEN(contTypeText));
+ ExpectIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0);
BIO_free(out);
BIO_free(bio);
if (bcont) BIO_free(bcont);
wolfSSL_PKCS7_free(pkcs7);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_SMIME_write_PKCS7(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_RSA)
PKCS7* p7 = NULL;
PKCS7* p7Ver = NULL;
@@ -54240,101 +52755,121 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
X509_STORE* store = NULL;
/* read signer cert/key into BIO */
- AssertNotNull(certBio = BIO_new_file(cert, "r"));
- AssertNotNull(keyBio = BIO_new_file(key, "r"));
- AssertNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
- AssertNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
+ ExpectNotNull(certBio = BIO_new_file(cert, "r"));
+ ExpectNotNull(keyBio = BIO_new_file(key, "r"));
+ ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
+ ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
/* read CA cert into store (for verify) */
- AssertNotNull(caBio = BIO_new_file(ca, "r"));
- AssertNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
- AssertNotNull(store = X509_STORE_new());
- AssertIntEQ(X509_STORE_add_cert(store, caCert), 1);
+ ExpectNotNull(caBio = BIO_new_file(ca, "r"));
+ ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
+ ExpectNotNull(store = X509_STORE_new());
+ ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1);
/* generate and verify SMIME: not detached */
{
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_STREAM;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertNotNull(outBio = BIO_new(BIO_s_mem()));
- AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
/* bad arg: out NULL */
- AssertIntEQ(SMIME_write_PKCS7(NULL, p7, inBio, flags), 0);
+ ExpectIntEQ(SMIME_write_PKCS7(NULL, p7, inBio, flags), 0);
/* bad arg: pkcs7 NULL */
- AssertIntEQ(SMIME_write_PKCS7(outBio, NULL, inBio, flags), 0);
+ ExpectIntEQ(SMIME_write_PKCS7(outBio, NULL, inBio, flags), 0);
- AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
- AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+ ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+ ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
BIO_free(content);
+ content = NULL;
BIO_free(inBio);
+ inBio = NULL;
BIO_free(outBio);
+ outBio = NULL;
PKCS7_free(p7Ver);
+ p7Ver = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
/* generate and verify SMIME: not detached, add Content-Type */
{
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_STREAM | PKCS7_TEXT;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertNotNull(outBio = BIO_new(BIO_s_mem()));
- AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
- AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
- AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+ ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+ ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
BIO_free(content);
+ content = NULL;
BIO_free(inBio);
+ inBio = NULL;
BIO_free(outBio);
+ outBio = NULL;
PKCS7_free(p7Ver);
+ p7Ver = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
/* generate and verify SMIME: detached */
{
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_DETACHED | PKCS7_STREAM;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertNotNull(outBio = BIO_new(BIO_s_mem()));
- AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
- AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
- AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
+ ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+ ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
BIO_free(content);
+ content = NULL;
BIO_free(inBio);
+ inBio = NULL;
BIO_free(outBio);
+ outBio = NULL;
PKCS7_free(p7Ver);
+ p7Ver = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
/* generate and verify SMIME: PKCS7_TEXT to add Content-Type header */
{
- AssertNotNull(inBio = BIO_new(BIO_s_mem()));
- AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+ ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+ ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
flags = PKCS7_STREAM | PKCS7_DETACHED | PKCS7_TEXT;
- AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
- AssertNotNull(outBio = BIO_new(BIO_s_mem()));
- AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+ ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+ ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
- AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
- AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
+ ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+ ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
BIO_free(content);
+ content = NULL;
BIO_free(inBio);
+ inBio = NULL;
BIO_free(outBio);
+ outBio = NULL;
PKCS7_free(p7Ver);
+ p7Ver = NULL;
PKCS7_free(p7);
+ p7 = NULL;
}
X509_STORE_free(store);
@@ -54344,10 +52879,8 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
BIO_free(keyBio);
BIO_free(certBio);
BIO_free(caBio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* HAVE_SMIME */
#endif /* !NO_BIO */
@@ -54356,183 +52889,189 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
* returns 0) */
static int test_X509_STORE_No_SSL_CTX(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
- !defined(NO_WOLFSSL_DIR) && defined(HAVE_CRL) && \
+ EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
+ !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
- !defined(NO_RSA)
+ defined(HAVE_CRL) && !defined(NO_RSA)
- X509_STORE * store;
- X509_STORE_CTX * storeCtx;
- X509_CRL * crl;
- X509 * ca;
- X509 * cert;
+ X509_STORE * store = NULL;
+ X509_STORE_CTX * storeCtx = NULL;
+ X509_CRL * crl = NULL;
+ X509 * ca = NULL;
+ X509 * cert = NULL;
const char cliCrlPem[] = "./certs/crl/cliCrl.pem";
const char srvCert[] = "./certs/server-cert.pem";
const char caCert[] = "./certs/ca-cert.pem";
const char caDir[] = "./certs/crl/hash_pem";
- XFILE fp;
- X509_LOOKUP * lookup;
+ XFILE fp = XBADFILE;
+ X509_LOOKUP * lookup = NULL;
- AssertNotNull(store = (X509_STORE *)X509_STORE_new());
+ ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
/* Set up store with CA */
- AssertNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
- SSL_FILETYPE_PEM)));
- AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
+ ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
+ SSL_FILETYPE_PEM)));
+ ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
/* Add CRL lookup directory to store
* NOTE: test uses ./certs/crl/hash_pem/0fdb2da4.r0, which is a copy
* of crl.pem */
- AssertNotNull((lookup = X509_STORE_add_lookup(store,
- X509_LOOKUP_hash_dir())));
- AssertIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir,
- X509_FILETYPE_PEM, NULL), SSL_SUCCESS);
+ ExpectNotNull((lookup = X509_STORE_add_lookup(store,
+ X509_LOOKUP_hash_dir())));
+ ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir,
+ X509_FILETYPE_PEM, NULL), SSL_SUCCESS);
- AssertIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
- SSL_SUCCESS);
+ ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
+ SSL_SUCCESS);
/* Add CRL to store NOT containing the verified certificate, which
* forces use of the CRL lookup directory */
- fp = XFOPEN(cliCrlPem, "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
- NULL, NULL));
- XFCLOSE(fp);
- AssertIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
+ ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
+ ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+ NULL, NULL));
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
+ ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
/* Create verification context outside of an SSL session */
- AssertNotNull((storeCtx = X509_STORE_CTX_new()));
- AssertNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
- SSL_FILETYPE_PEM)));
- AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
+ ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
+ ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
+ SSL_FILETYPE_PEM)));
+ ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Perform verification, which should NOT indicate CRL missing due to the
* store CM's X509 store pointer being NULL */
- AssertIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
+ ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
X509_CRL_free(crl);
X509_STORE_free(store);
X509_STORE_CTX_free(storeCtx);
X509_free(cert);
X509_free(ca);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
/* Test of X509 store use outside of SSL context w/ CRL lookup, but
* with X509_LOOKUP_add_dir and X509_FILETYPE_ASN1. */
static int test_X509_LOOKUP_add_dir(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
- !defined(NO_WOLFSSL_DIR) && defined(HAVE_CRL) && \
+ EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
(defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
+ !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && \
(defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
- !defined(NO_RSA)
+ defined(HAVE_CRL) && !defined(NO_RSA)
- X509_STORE * store;
- X509_STORE_CTX * storeCtx;
- X509_CRL * crl;
- X509 * ca;
- X509 * cert;
+ X509_STORE * store = NULL;
+ X509_STORE_CTX * storeCtx = NULL;
+ X509_CRL * crl = NULL;
+ X509 * ca = NULL;
+ X509 * cert = NULL;
const char cliCrlPem[] = "./certs/crl/cliCrl.pem";
const char srvCert[] = "./certs/server-cert.pem";
const char caCert[] = "./certs/ca-cert.pem";
const char caDir[] = "./certs/crl/hash_der";
- XFILE fp;
- X509_LOOKUP * lookup;
+ XFILE fp = XBADFILE;
+ X509_LOOKUP * lookup = NULL;
- AssertNotNull(store = (X509_STORE *)X509_STORE_new());
+ ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
/* Set up store with CA */
- AssertNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
- SSL_FILETYPE_PEM)));
- AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
+ ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
+ SSL_FILETYPE_PEM)));
+ ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
/* Add CRL lookup directory to store.
* Test uses ./certs/crl/hash_der/0fdb2da4.r0, which is a copy
* of crl.der */
- AssertNotNull((lookup = X509_STORE_add_lookup(store,
- X509_LOOKUP_hash_dir())));
+ ExpectNotNull((lookup = X509_STORE_add_lookup(store,
+ X509_LOOKUP_hash_dir())));
- AssertIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_ASN1),
- SSL_SUCCESS);
+ ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_ASN1),
+ SSL_SUCCESS);
- AssertIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
- SSL_SUCCESS);
+ ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
+ SSL_SUCCESS);
/* Add CRL to store NOT containing the verified certificate, which
* forces use of the CRL lookup directory */
- fp = XFOPEN(cliCrlPem, "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
- NULL, NULL));
- XFCLOSE(fp);
- AssertIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
+ ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
+ ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+ NULL, NULL));
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
/* Create verification context outside of an SSL session */
- AssertNotNull((storeCtx = X509_STORE_CTX_new()));
- AssertNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
- SSL_FILETYPE_PEM)));
- AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
+ ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
+ ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
+ SSL_FILETYPE_PEM)));
+ ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Perform verification, which should NOT return CRL missing */
- AssertIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
+ ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
X509_CRL_free(crl);
+ crl = NULL;
X509_STORE_free(store);
+ store = NULL;
X509_STORE_CTX_free(storeCtx);
+ storeCtx = NULL;
X509_free(cert);
+ cert = NULL;
X509_free(ca);
+ ca = NULL;
/* Now repeat the same, but look for X509_FILETYPE_PEM.
* We should get CRL_MISSING at the end, because the lookup
* dir has only ASN1 CRLs. */
- AssertNotNull(store = (X509_STORE *)X509_STORE_new());
+ ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
- AssertNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
- SSL_FILETYPE_PEM)));
- AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
+ ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
+ SSL_FILETYPE_PEM)));
+ ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
- AssertNotNull((lookup = X509_STORE_add_lookup(store,
- X509_LOOKUP_hash_dir())));
+ ExpectNotNull((lookup = X509_STORE_add_lookup(store,
+ X509_LOOKUP_hash_dir())));
- AssertIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_PEM),
- SSL_SUCCESS);
+ ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_PEM),
+ SSL_SUCCESS);
- AssertIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
- SSL_SUCCESS);
+ ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
+ SSL_SUCCESS);
- fp = XFOPEN(cliCrlPem, "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
- NULL, NULL));
- XFCLOSE(fp);
- AssertIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
+ ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
+ ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+ NULL, NULL));
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
- AssertNotNull((storeCtx = X509_STORE_CTX_new()));
- AssertNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
- SSL_FILETYPE_PEM)));
- AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
+ ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
+ ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
+ SSL_FILETYPE_PEM)));
+ ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
/* Now we SHOULD get CRL_MISSING, because we looked for PEM
* in dir containing only ASN1/DER. */
- AssertIntEQ(X509_verify_cert(storeCtx), CRL_MISSING);
+ ExpectIntEQ(X509_verify_cert(storeCtx), WOLFSSL_FAILURE);
+ ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx), CRL_MISSING);
X509_CRL_free(crl);
X509_STORE_free(store);
X509_STORE_CTX_free(storeCtx);
X509_free(cert);
X509_free(ca);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
@@ -54541,125 +53080,128 @@ static int test_X509_LOOKUP_add_dir(void)
| Certificate Failure Checks
*----------------------------------------------------------------------------*/
#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
- !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
- /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
- static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz,
- int type)
- {
- int ret;
- WOLFSSL_CERT_MANAGER* cm = NULL;
-
- switch (type) {
- case TESTING_RSA:
- #ifdef NO_RSA
- fprintf(stderr, "RSA disabled, skipping test\n");
- return ASN_SIG_CONFIRM_E;
- #else
- break;
- #endif
- case TESTING_ECC:
- #ifndef HAVE_ECC
- fprintf(stderr, "ECC disabled, skipping test\n");
- return ASN_SIG_CONFIRM_E;
- #else
- break;
- #endif
- default:
- fprintf(stderr, "Bad function argument\n");
- return BAD_FUNC_ARG;
- }
- cm = wolfSSL_CertManagerNew();
- if (cm == NULL) {
- fprintf(stderr, "wolfSSL_CertManagerNew failed\n");
- return -1;
- }
-
- #ifndef NO_FILESYSTEM
- ret = wolfSSL_CertManagerLoadCA(cm, ca, 0);
- if (ret != WOLFSSL_SUCCESS) {
- fprintf(stderr, "wolfSSL_CertManagerLoadCA failed\n");
- wolfSSL_CertManagerFree(cm);
- return ret;
- }
- #else
- (void)ca;
- #endif
+ !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
+#if !defined(NO_RSA) || defined(HAVE_ECC)
+/* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
+static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz,
+ int type)
+{
+ int ret;
+ WOLFSSL_CERT_MANAGER* cm = NULL;
- ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, cert_sz, WOLFSSL_FILETYPE_ASN1);
- /* Let AssertIntEQ handle return code */
+ switch (type) {
+ case TESTING_RSA:
+ #ifdef NO_RSA
+ fprintf(stderr, "RSA disabled, skipping test\n");
+ return ASN_SIG_CONFIRM_E;
+ #else
+ break;
+ #endif
+ case TESTING_ECC:
+ #ifndef HAVE_ECC
+ fprintf(stderr, "ECC disabled, skipping test\n");
+ return ASN_SIG_CONFIRM_E;
+ #else
+ break;
+ #endif
+ default:
+ fprintf(stderr, "Bad function argument\n");
+ return BAD_FUNC_ARG;
+ }
+ cm = wolfSSL_CertManagerNew();
+ if (cm == NULL) {
+ fprintf(stderr, "wolfSSL_CertManagerNew failed\n");
+ return -1;
+ }
+#ifndef NO_FILESYSTEM
+ ret = wolfSSL_CertManagerLoadCA(cm, ca, 0);
+ if (ret != WOLFSSL_SUCCESS) {
+ fprintf(stderr, "wolfSSL_CertManagerLoadCA failed\n");
wolfSSL_CertManagerFree(cm);
-
return ret;
}
+#else
+ (void)ca;
+#endif
- #if !defined(NO_FILESYSTEM)
- static int test_RsaSigFailure_cm(void)
- {
- int ret = 0;
- const char* ca_cert = "./certs/ca-cert.pem";
- const char* server_cert = "./certs/server-cert.der";
- byte* cert_buf = NULL;
- size_t cert_sz = 0;
+ ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, cert_sz,
+ WOLFSSL_FILETYPE_ASN1);
+ /* Let ExpectIntEQ handle return code */
- ret = load_file(server_cert, &cert_buf, &cert_sz);
- if (ret == 0) {
- /* corrupt DER - invert last byte, which is signature */
- cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
+ wolfSSL_CertManagerFree(cm);
- /* test bad cert */
- ret = verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA);
- }
+ return ret;
+}
+#endif
- if (cert_buf)
- free(cert_buf);
+#if !defined(NO_FILESYSTEM)
+static int test_RsaSigFailure_cm(void)
+{
+ EXPECT_DECLS;
+#ifndef NO_RSA
+ const char* ca_cert = "./certs/ca-cert.pem";
+ const char* server_cert = "./certs/server-cert.der";
+ byte* cert_buf = NULL;
+ size_t cert_sz = 0;
+
+ ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0);
+ if (cert_buf != NULL) {
+ /* corrupt DER - invert last byte, which is signature */
+ cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
+ /* test bad cert */
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
- if (ret == WOLFSSL_FATAL_ERROR) {
- ret = 0;
- }
+ ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
+ WOLFSSL_FATAL_ERROR);
#else
- if (ret == ASN_SIG_CONFIRM_E) {
- ret = 0;
- }
-#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
- return TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
+ ASN_SIG_CONFIRM_E);
+#endif
}
- static int test_EccSigFailure_cm(void)
- {
- int ret = 0;
- /* self-signed ECC cert, so use server cert as CA */
- const char* ca_cert = "./certs/ca-ecc-cert.pem";
- const char* server_cert = "./certs/server-ecc.der";
- byte* cert_buf = NULL;
- size_t cert_sz = 0;
-
- ret = load_file(server_cert, &cert_buf, &cert_sz);
- if (ret == 0) {
- /* corrupt DER - invert last byte, which is signature */
- cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
+ /* load_file() uses malloc. */
+ if (cert_buf != NULL) {
+ free(cert_buf);
+ }
+#endif /* !NO_RSA */
+ return EXPECT_RESULT();
+}
- /* test bad cert */
- ret = verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC);
- }
+static int test_EccSigFailure_cm(void)
+{
+ EXPECT_DECLS;
+#ifdef HAVE_ECC
+ /* self-signed ECC cert, so use server cert as CA */
+ const char* ca_cert = "./certs/ca-ecc-cert.pem";
+ const char* server_cert = "./certs/server-ecc.der";
+ byte* cert_buf = NULL;
+ size_t cert_sz = 0;
- if (cert_buf)
- free(cert_buf);
+ ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0);
+ if (cert_buf != NULL) {
+ /* corrupt DER - invert last byte, which is signature */
+ cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
-#ifdef FP_ECC
- wc_ecc_fp_free();
-#endif
+ /* test bad cert */
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
- if (ret == WOLFSSL_FATAL_ERROR) {
- ret = 0;
- }
+ ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
+ WOLFSSL_FATAL_ERROR);
#else
- if (ret == ASN_SIG_CONFIRM_E) {
- ret = 0;
- }
-#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
- return TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
+ ASN_SIG_CONFIRM_E);
+#endif
+ }
+
+ /* load_file() uses malloc. */
+ if (cert_buf != NULL) {
+ free(cert_buf);
}
+#ifdef FP_ECC
+ wc_ecc_fp_free();
+#endif
+#endif /* HAVE_ECC */
+ return EXPECT_RESULT();
+}
#endif /* !NO_FILESYSTEM */
#endif /* NO_CERTS */
@@ -54679,24 +53221,25 @@ static char earlyDataBuffer[1];
static int test_tls13_apis(void)
{
- int ret = 0;
+ EXPECT_DECLS;
+ int ret;
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_CLIENT
- WOLFSSL_CTX* clientTls12Ctx;
- WOLFSSL* clientTls12Ssl;
+ WOLFSSL_CTX* clientTls12Ctx = NULL;
+ WOLFSSL* clientTls12Ssl = NULL;
#endif
#ifndef NO_WOLFSSL_SERVER
- WOLFSSL_CTX* serverTls12Ctx;
- WOLFSSL* serverTls12Ssl;
+ WOLFSSL_CTX* serverTls12Ctx = NULL;
+ WOLFSSL* serverTls12Ssl = NULL;
#endif
#endif
#ifndef NO_WOLFSSL_CLIENT
- WOLFSSL_CTX* clientCtx;
- WOLFSSL* clientSsl;
+ WOLFSSL_CTX* clientCtx = NULL;
+ WOLFSSL* clientSsl = NULL;
#endif
#ifndef NO_WOLFSSL_SERVER
- WOLFSSL_CTX* serverCtx;
- WOLFSSL* serverSsl;
+ WOLFSSL_CTX* serverCtx = NULL;
+ WOLFSSL* serverSsl = NULL;
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
const char* ourCert = svrCertFile;
const char* ourKey = svrKeyFile;
@@ -54752,7 +53295,8 @@ static int test_tls13_apis(void)
serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
#if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert);
- wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM);
+ wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey,
+ WOLFSSL_FILETYPE_PEM);
#endif
serverTls12Ssl = wolfSSL_new(serverTls12Ctx);
#endif
@@ -54769,28 +53313,30 @@ static int test_tls13_apis(void)
wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM);
#endif
serverSsl = wolfSSL_new(serverCtx);
- AssertNotNull(serverSsl);
+ ExpectNotNull(serverSsl);
#endif
#ifdef WOLFSSL_SEND_HRR_COOKIE
- AssertIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
+ WOLFSSL_SUCCESS);
#endif
#endif
#ifdef HAVE_SUPPORTED_CURVES
#ifdef HAVE_ECC
- AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1),
+ BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
do {
ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1);
@@ -54798,8 +53344,9 @@ static int test_tls13_apis(void)
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
- } while (ret == WC_PENDING_E);
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
+ }
+ while (ret == WC_PENDING_E);
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
@@ -54809,8 +53356,9 @@ static int test_tls13_apis(void)
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
- } while (ret == WC_PENDING_E);
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
+ }
+ while (ret == WC_PENDING_E);
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
do {
ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1);
@@ -54818,282 +53366,285 @@ static int test_tls13_apis(void)
if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW);
#endif
- } while (ret == WC_PENDING_E);
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
+ }
+ while (ret == WC_PENDING_E);
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
#endif
#elif defined(HAVE_CURVE25519)
- AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
+ WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
+ WOLFSSL_SUCCESS);
#endif
- AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
+ WOLFSSL_SUCCESS);
#endif
#elif defined(HAVE_CURVE448)
- AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X448), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X448), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X448),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X448),
+ WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X448),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X448),
+ WOLFSSL_SUCCESS);
#endif
- AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X448),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X448),
+ WOLFSSL_SUCCESS);
#endif
#else
- AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1),
+ BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
- NOT_COMPILED_IN);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
+ NOT_COMPILED_IN);
#endif
- AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
- NOT_COMPILED_IN);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
+ NOT_COMPILED_IN);
#endif
#endif
#if defined(HAVE_PQC)
- AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3),
+ WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_KYBER_LEVEL3),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_KYBER_LEVEL3),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_KYBER_LEVEL3),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_KYBER_LEVEL3),
+ WOLFSSL_SUCCESS);
#endif
#endif
- AssertIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
#endif
- AssertIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
#endif
#endif /* HAVE_SUPPORTED_CURVES */
- AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
+ ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
#endif
- AssertIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
+ ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
#endif
- AssertIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
+ ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
+ ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
#endif
- AssertIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
+ ExpectIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
+ ExpectIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
#endif
- AssertIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
+ ExpectIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
+ ExpectIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
#endif
- AssertIntEQ(wolfSSL_key_update_response(NULL, NULL), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_key_update_response(NULL, &required), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_key_update_response(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_key_update_response(NULL, &required), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_key_update_response(clientTls12Ssl, &required),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_key_update_response(clientTls12Ssl, &required),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_key_update_response(clientSsl, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_key_update_response(clientSsl, NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_key_update_response(serverSsl, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_key_update_response(serverSsl, NULL), BAD_FUNC_ARG);
#endif
#if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
- AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
+ ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
#endif
- AssertIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
+ ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
#endif
- AssertIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
+ ExpectIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
#endif
#endif
#ifdef HAVE_ECC
#ifndef WOLFSSL_NO_SERVER_GROUPS_EXT
- AssertIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
+ ExpectIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
#endif
#endif
#ifdef HAVE_SUPPORTED_CURVES
- AssertIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
- WOLFSSL_MAX_GROUP_COUNT + 1),
- BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, bad_groups, numGroups),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
+ WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, bad_groups, numGroups),
+ BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_set_groups(serverCtx, bad_groups, numGroups),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, bad_groups, numGroups),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
+ BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_set_groups(clientSsl, groups,
- WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_set_groups(clientSsl, bad_groups, numGroups),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups,
+ WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_groups(clientSsl, bad_groups, numGroups),
+ BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_set_groups(serverSsl, bad_groups, numGroups),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_groups(serverSsl, bad_groups, numGroups),
+ BAD_FUNC_ARG);
#endif
#ifdef OPENSSL_EXTRA
- AssertIntEQ(wolfSSL_CTX_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, NULL),
+ WOLFSSL_FAILURE);
#endif
- AssertIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList),
+ WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList),
- WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList),
+ WOLFSSL_FAILURE);
#endif
- AssertIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList),
+ WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_CTX_set1_groups_list(serverCtx, groupList),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set1_groups_list(serverCtx, groupList),
+ WOLFSSL_SUCCESS);
#endif
- AssertIntEQ(wolfSSL_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_set1_groups_list(clientSsl, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, NULL), WOLFSSL_FAILURE);
#endif
- AssertIntEQ(wolfSSL_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList),
- WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList),
+ WOLFSSL_FAILURE);
#endif
- AssertIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList),
+ WOLFSSL_SUCCESS);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_set1_groups_list(serverSsl, groupList),
- WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set1_groups_list(serverSsl, groupList),
+ WOLFSSL_SUCCESS);
#endif
#endif /* OPENSSL_EXTRA */
#endif /* HAVE_SUPPORTED_CURVES */
@@ -55101,149 +53652,140 @@ static int test_tls13_apis(void)
#ifdef WOLFSSL_EARLY_DATA
#ifndef OPENSSL_EXTRA
- AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
#else
- AssertIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef OPENSSL_EXTRA
- AssertIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
- AssertIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
#else
- AssertIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
- AssertIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
+ ExpectIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
+ ExpectIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
#ifndef OPENSSL_EXTRA
- AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
#else
- AssertIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0),
- BAD_FUNC_ARG);
- AssertIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
#endif
#endif
#ifndef OPENSSL_EXTRA
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
- AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32),
+ WOLFSSL_SUCCESS);
#else
- AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0);
+ ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0);
#endif
- AssertIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32);
+ ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32);
#else
- AssertIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1);
- AssertIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32);
+ ExpectIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1);
+ ExpectIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32);
#endif
#endif
#ifndef OPENSSL_EXTRA
- AssertIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG);
#else
- AssertIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef OPENSSL_EXTRA
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
- AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
#else
- AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), 0);
+ ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), 0);
#endif
- AssertIntEQ(wolfSSL_get_max_early_data(clientSsl), 17);
+ ExpectIntEQ(wolfSSL_get_max_early_data(clientSsl), 17);
#else
- AssertIntEQ(SSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_get_max_early_data(clientSsl), 17);
+ ExpectIntEQ(SSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_get_max_early_data(clientSsl), 17);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
#ifndef OPENSSL_EXTRA
- AssertIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
#else
- AssertIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
- AssertIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
#endif
#endif
#ifndef OPENSSL_EXTRA
#ifdef WOLFSSL_ERROR_CODE_OPENSSL
- AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), WOLFSSL_SUCCESS);
#else
- AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0);
+ ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0);
#endif
- AssertIntEQ(wolfSSL_get_max_early_data(serverSsl), 16);
+ ExpectIntEQ(wolfSSL_get_max_early_data(serverSsl), 16);
#else
- AssertIntEQ(SSL_set_max_early_data(serverSsl, 16), 1);
- AssertIntEQ(SSL_get_max_early_data(serverSsl), 16);
+ ExpectIntEQ(SSL_set_max_early_data(serverSsl, 16), 1);
+ ExpectIntEQ(SSL_get_max_early_data(serverSsl), 16);
#endif
#endif
- AssertIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
- &outSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
+ &outSz), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData),
- &outSz), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz),
- BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
- sizeof(earlyData), NULL),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData),
+ &outSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz),
+ BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
+ sizeof(earlyData), NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
- sizeof(earlyData), &outSz),
- SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
+ sizeof(earlyData), &outSz), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
- sizeof(earlyData), &outSz),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
+ sizeof(earlyData), &outSz), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
- sizeof(earlyData), &outSz),
- WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
+ sizeof(earlyData), &outSz), WOLFSSL_FATAL_ERROR);
#endif
- AssertIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,
- sizeof(earlyDataBuffer), &outSz),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,
+ sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
#ifndef NO_WOLFSSL_SERVER
- AssertIntEQ(wolfSSL_read_early_data(serverSsl, NULL,
- sizeof(earlyDataBuffer), &outSz),
- BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1, &outSz),
- BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
- sizeof(earlyDataBuffer), NULL),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_read_early_data(serverSsl, NULL,
+ sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1,
+ &outSz), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
+ sizeof(earlyDataBuffer), NULL), BAD_FUNC_ARG);
#endif
#ifndef NO_WOLFSSL_CLIENT
- AssertIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
- sizeof(earlyDataBuffer), &outSz),
- SIDE_ERROR);
+ ExpectIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
+ sizeof(earlyDataBuffer), &outSz), SIDE_ERROR);
#endif
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
- AssertIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
- sizeof(earlyDataBuffer), &outSz),
- BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
+ sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
#endif
- AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
- sizeof(earlyDataBuffer), &outSz),
- WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
+ sizeof(earlyDataBuffer), &outSz), WOLFSSL_FATAL_ERROR);
#endif
#endif
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EARLY_DATA)
- AssertIntLT(SSL_get_early_data_status(NULL), 0);
+ ExpectIntLT(SSL_get_early_data_status(NULL), 0);
#endif
@@ -55267,7 +53809,7 @@ static int test_tls13_apis(void)
#endif
#endif
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
@@ -55308,12 +53850,12 @@ static int CsRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
static int test_tls13_cipher_suites(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
defined(HAVE_ECC) && defined(BUILD_TLS_AES_128_GCM_SHA256) && \
defined(BUILD_TLS_AES_256_GCM_SHA384)
- WOLFSSL_CTX* ctx;
- WOLFSSL *ssl;
+ WOLFSSL_CTX* ctx = NULL;
+ WOLFSSL *ssl = NULL;
int i;
byte clientHello[] = {
0x16, 0x03, 0x03, 0x01, 0x9b, 0x01, 0x00, 0x01,
@@ -55391,10 +53933,10 @@ static int test_tls13_cipher_suites(void)
#endif
/* Set up wolfSSL context. */
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+ ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
WOLFSSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
+ ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
WOLFSSL_FILETYPE_PEM));
/* Read from 'msg'. */
wolfSSL_SetIORecv(ctx, CsRecv);
@@ -55402,13 +53944,13 @@ static int test_tls13_cipher_suites(void)
wolfSSL_SetIOSend(ctx, CsSend);
/* Test cipher suite list with many copies of a cipher suite. */
- AssertNotNull(ssl = wolfSSL_new(ctx));
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
msg.buffer = clientHello;
msg.length = (unsigned int)sizeof(clientHello);
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Force server to have as many occurrences of same cipher suite as
* possible. */
- {
+ if (ssl != NULL) {
Suites* suites = (Suites*)WOLFSSL_SUITES(ssl);
suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
for (i = 0; i < suites->suiteSz; i += 2) {
@@ -55417,8 +53959,9 @@ static int test_tls13_cipher_suites(void)
}
}
/* Test multiple occurrences of same cipher suite. */
- wolfSSL_accept_TLSv13(ssl);
+ ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
wolfSSL_free(ssl);
+ ssl = NULL;
/* Set client order opposite to server order:
* TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384 */
@@ -55428,63 +53971,63 @@ static int test_tls13_cipher_suites(void)
clientHello[csOff + 3] = TLS_AES_256_GCM_SHA384;
/* Test server order negotiation. */
- AssertNotNull(ssl = wolfSSL_new(ctx));
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
msg.buffer = clientHello;
msg.length = (unsigned int)sizeof(clientHello);
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */
- AssertIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
/* Negotiate cipher suites in server order: TLS13-AES256-GCM-SHA384 */
- wolfSSL_accept_TLSv13(ssl);
+ ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
/* Check refined order - server order. */
- AssertIntEQ(ssl->suites->suiteSz, 4);
- AssertIntEQ(ssl->suites->suites[0], TLS13_BYTE);
- AssertIntEQ(ssl->suites->suites[1], TLS_AES_256_GCM_SHA384);
- AssertIntEQ(ssl->suites->suites[2], TLS13_BYTE);
- AssertIntEQ(ssl->suites->suites[3], TLS_AES_128_GCM_SHA256);
+ ExpectIntEQ(ssl->suites->suiteSz, 4);
+ ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE);
+ ExpectIntEQ(ssl->suites->suites[1], TLS_AES_256_GCM_SHA384);
+ ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE);
+ ExpectIntEQ(ssl->suites->suites[3], TLS_AES_128_GCM_SHA256);
wolfSSL_free(ssl);
+ ssl = NULL;
/* Test client order negotiation. */
- AssertNotNull(ssl = wolfSSL_new(ctx));
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
msg.buffer = clientHello;
msg.length = (unsigned int)sizeof(clientHello);
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */
- AssertIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_UseClientSuites(ssl), 0);
+ ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseClientSuites(ssl), 0);
/* Negotiate cipher suites in client order: TLS13-AES128-GCM-SHA256 */
- wolfSSL_accept_TLSv13(ssl);
+ ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
/* Check refined order - client order. */
- AssertIntEQ(ssl->suites->suiteSz, 4);
- AssertIntEQ(ssl->suites->suites[0], TLS13_BYTE);
- AssertIntEQ(ssl->suites->suites[1], TLS_AES_128_GCM_SHA256);
- AssertIntEQ(ssl->suites->suites[2], TLS13_BYTE);
- AssertIntEQ(ssl->suites->suites[3], TLS_AES_256_GCM_SHA384);
+ ExpectIntEQ(ssl->suites->suiteSz, 4);
+ ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE);
+ ExpectIntEQ(ssl->suites->suites[1], TLS_AES_128_GCM_SHA256);
+ ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE);
+ ExpectIntEQ(ssl->suites->suites[3], TLS_AES_256_GCM_SHA384);
wolfSSL_free(ssl);
+ ssl = NULL;
/* Check duplicate detection is working. */
- AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, dupCs), WOLFSSL_SUCCESS);
- AssertIntEQ(ctx->suites->suiteSz, 4);
- AssertIntEQ(ctx->suites->suites[0], TLS13_BYTE);
- AssertIntEQ(ctx->suites->suites[1], TLS_AES_128_GCM_SHA256);
- AssertIntEQ(ctx->suites->suites[2], TLS13_BYTE);
- AssertIntEQ(ctx->suites->suites[3], TLS_AES_256_GCM_SHA384);
+ ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, dupCs), WOLFSSL_SUCCESS);
+ ExpectIntEQ(ctx->suites->suiteSz, 4);
+ ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE);
+ ExpectIntEQ(ctx->suites->suites[1], TLS_AES_128_GCM_SHA256);
+ ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE);
+ ExpectIntEQ(ctx->suites->suites[3], TLS_AES_256_GCM_SHA384);
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)
- AssertIntEQ(wolfSSL_CTX_set_cipher_list_bytes(ctx, dupCsBytes,
+ ExpectIntEQ(wolfSSL_CTX_set_cipher_list_bytes(ctx, dupCsBytes,
sizeof(dupCsBytes)), WOLFSSL_SUCCESS);
- AssertIntEQ(ctx->suites->suiteSz, 4);
- AssertIntEQ(ctx->suites->suites[0], TLS13_BYTE);
- AssertIntEQ(ctx->suites->suites[1], TLS_AES_256_GCM_SHA384);
- AssertIntEQ(ctx->suites->suites[2], TLS13_BYTE);
- AssertIntEQ(ctx->suites->suites[3], TLS_AES_128_GCM_SHA256);
+ ExpectIntEQ(ctx->suites->suiteSz, 4);
+ ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE);
+ ExpectIntEQ(ctx->suites->suites[1], TLS_AES_256_GCM_SHA384);
+ ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE);
+ ExpectIntEQ(ctx->suites->suites[3], TLS_AES_128_GCM_SHA256);
#endif
wolfSSL_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif
@@ -55559,11 +54102,10 @@ static int test_dh_ssl_setup_fail(WOLFSSL* ssl)
static int test_DhCallbacks(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \
!defined(NO_AES) && defined(HAVE_AES_CBC) && \
defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- EXPECT_DECLS;
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
int test;
@@ -55605,8 +54147,8 @@ static int test_DhCallbacks(void)
&func_cb_server, NULL), TEST_SUCCESS);
/* Test fail */
- XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
- XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
/* set callbacks to use DH functions */
func_cb_client.ctx_ready = &test_dh_ctx_setup;
@@ -55619,10 +54161,8 @@ static int test_DhCallbacks(void)
ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
&func_cb_server, NULL), TEST_FAIL);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* HAVE_PK_CALLBACKS */
@@ -55631,371 +54171,249 @@ static int test_DhCallbacks(void)
#ifdef TEST_RESEED_INTERVAL
static int test_wc_RNG_GenerateBlock_Reseed(void)
{
- int i, ret;
+ EXPECT_DECLS;
+ int i;
WC_RNG rng;
byte key[32];
- ret = wc_InitRng(&rng);
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- for (i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
- ret = wc_RNG_GenerateBlock(&rng, key, sizeof(key));
- if (ret != 0) {
- break;
- }
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ for (i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
+ ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0);
}
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
- wc_FreeRng(&rng);
-
- return TEST_RES_CHECK(ret == 0);
+ return EXPECT_RESULT();
}
#endif /* TEST_RESEED_INTERVAL */
static int test_wc_RNG_GenerateBlock(void)
{
- int i, ret;
+ EXPECT_DECLS;
+ int i;
WC_RNG rng;
byte key[32];
- ret = wc_InitRng(&rng);
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- for (i = 0; i < 10; i++) {
- ret = wc_RNG_GenerateBlock(&rng, key, sizeof(key));
- if (ret != 0) {
- break;
- }
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
+ for (i = 0; i < 10; i++) {
+ ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0);
}
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
- wc_FreeRng(&rng);
+ return EXPECT_RESULT();
+}
- (void)rng; /* for WC_NO_RNG case */
- (void)key;
+#endif /* HAVE_HASHDRBG */
- return TEST_RES_CHECK(ret == 0);
-}
-#endif
/*
* Testing get_rand_digit
*/
static int test_get_rand_digit(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(WC_NO_RNG) && defined(WOLFSSL_PUBLIC_MP)
- int ret = 0;
WC_RNG rng;
mp_digit d;
- ret = wc_InitRng(&rng);
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = get_rand_digit(&rng, &d);
- }
- if (ret == 0) {
- ret = get_rand_digit(NULL, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = get_rand_digit(NULL, &d);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = get_rand_digit(&rng, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- if (ret == 0) {
- ret = wc_FreeRng(&rng);
- }
+ ExpectIntEQ(get_rand_digit(&rng, &d), 0);
+ ExpectIntEQ(get_rand_digit(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(get_rand_digit(NULL, &d), BAD_FUNC_ARG);
+ ExpectIntEQ(get_rand_digit(&rng, NULL), BAD_FUNC_ARG);
- res = TEST_RES_CHECK(ret == 0);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
+ return EXPECT_RESULT();
+} /* End test_get_rand_digit*/
-}/* End test_get_rand_digit*/
/*
* Testing get_digit_count
*/
static int test_get_digit_count(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_PUBLIC_MP)
- int ret = 0;
mp_int a;
- if (mp_init(&a) != MP_OKAY) {
- ret = -1;
- }
- if (ret == 0) {
- ret = get_digit_count(NULL);
- }
- if (ret == 0) {
- ret = get_digit_count(&a);
- }
+ XMEMSET(&a, 0, sizeof(mp_int));
- mp_clear(&a);
+ ExpectIntEQ(mp_init(&a), 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(get_digit_count(NULL), 0);
+ ExpectIntEQ(get_digit_count(&a), 0);
+
+ mp_clear(&a);
#endif
- return res;
+ return EXPECT_RESULT();
+} /* End test_get_digit_count*/
-}/* End test_get_digit_count*/
/*
* Testing mp_cond_copy
*/
static int test_mp_cond_copy(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(HAVE_ECC) || defined(WOLFSSL_MP_COND_COPY)) && \
defined(WOLFSSL_PUBLIC_MP)
- int ret = 0;
- mp_int a;
- mp_int b;
- int copy = 0;
+ mp_int a;
+ mp_int b;
+ int copy = 0;
- if (mp_init(&a) != MP_OKAY) {
- ret = -1;
- }
- if (ret == 0) {
- if (mp_init(&b) != MP_OKAY) {
- ret = -1;
- }
- }
- if (ret == 0) {
- ret = mp_cond_copy(NULL, copy, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = mp_cond_copy(NULL, copy, &b);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = mp_cond_copy(&a, copy, NULL);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = mp_cond_copy(&a, copy, &b);
- }
+ XMEMSET(&a, 0, sizeof(mp_int));
+ XMEMSET(&b, 0, sizeof(mp_int));
+
+ ExpectIntEQ(mp_init(&a), MP_OKAY);
+ ExpectIntEQ(mp_init(&b), MP_OKAY);
+
+ ExpectIntEQ(mp_cond_copy(NULL, copy, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(mp_cond_copy(NULL, copy, &b), BAD_FUNC_ARG);
+ ExpectIntEQ(mp_cond_copy(&a, copy, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(mp_cond_copy(&a, copy, &b), 0);
mp_clear(&a);
mp_clear(&b);
-
- res = TEST_RES_CHECK(ret == 0);
#endif
- return res;
+ return EXPECT_RESULT();
+} /* End test_mp_cond_copy*/
-}/* End test_mp_cond_copy*/
/*
* Testing mp_rand
*/
static int test_mp_rand(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WC_RSA_BLINDING) && defined(WOLFSSL_PUBLIC_MP)
- int ret = 0;
- mp_int a;
- int digits = 1;
- WC_RNG rng;
+ mp_int a;
+ WC_RNG rng;
+ int digits = 1;
- if (mp_init(&a) != MP_OKAY) {
- ret = -1;
- }
- if (ret == 0) {
- ret = wc_InitRng(&rng);
- }
+ XMEMSET(&a, 0, sizeof(mp_int));
+ XMEMSET(&rng, 0, sizeof(WC_RNG));
- if (ret == 0) {
- ret = mp_rand(&a, digits, NULL);
- if (ret == MISSING_RNG_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = mp_rand(NULL, digits, &rng);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = mp_rand(&a, 0, &rng);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- ret = mp_rand(&a, digits, &rng);
- }
+ ExpectIntEQ(mp_init(&a), MP_OKAY);
+ ExpectIntEQ(wc_InitRng(&rng), 0);
- mp_clear(&a);
- wc_FreeRng(&rng);
+ ExpectIntEQ(mp_rand(&a, digits, NULL), MISSING_RNG_E);
+ ExpectIntEQ(mp_rand(NULL, digits, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(mp_rand(&a, 0, &rng), BAD_FUNC_ARG);
+ ExpectIntEQ(mp_rand(&a, digits, &rng), 0);
- res = TEST_RES_CHECK(ret == 0);
+ mp_clear(&a);
+ DoExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
-}/* End test_mp_rand*/
+ return EXPECT_RESULT();
+} /* End test_mp_rand*/
+
/*
* Testing get_digit
*/
static int test_get_digit(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_PUBLIC_MP)
- int ret = 0;
- mp_int a;
- int n = 0;
+ mp_int a;
+ int n = 0;
- if (mp_init(&a) != MP_OKAY) {
- ret = -1;
- }
- if (ret == 0) {
- if (get_digit(NULL, n) != 0) { /* Should not hit this */
- ret = -1;
- }
- }
- if (ret == 0) {
- if (get_digit(NULL, n) == 0) { /* Should hit this */
- ret = 0;
- }
- }
- if (ret == 0) {
- if (get_digit(&a, n) != 0) { /* Should not hit this */
- ret = -1;
- }
- }
- if (ret == 0) {
- if (get_digit(&a, n) == 0) { /* Should hit this */
- ret = 0;
- }
- }
+ XMEMSET(&a, 0, sizeof(mp_int));
- mp_clear(&a);
+ ExpectIntEQ(mp_init(&a), MP_OKAY);
+ ExpectIntEQ(get_digit(NULL, n), 0);
+ ExpectIntEQ(get_digit(&a, n), 0);
- res = TEST_RES_CHECK(ret == 0);
+ mp_clear(&a);
#endif
- return res;
-}/* End test_get_digit*/
+ return EXPECT_RESULT();
+} /* End test_get_digit*/
+
/*
* Testing wc_export_int
*/
static int test_wc_export_int(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(HAVE_ECC) || defined(WOLFSSL_EXPORT_INT)) && \
defined(WOLFSSL_PUBLIC_MP)
- int ret = 0;
- mp_int mp;
- byte buf[32];
- word32 keySz = (word32)sizeof(buf);
- word32 len = (word32)sizeof(buf);
+ mp_int mp;
+ byte buf[32];
+ word32 keySz = (word32)sizeof(buf);
+ word32 len = (word32)sizeof(buf);
- if (mp_init(&mp) != MP_OKAY) {
- ret = -1;
- }
- if (ret == 0) {
- ret = mp_set(&mp, 1234);
- }
- if (ret == 0) {
- ret = wc_export_int(NULL, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN);
- if (ret == BAD_FUNC_ARG) {
- ret = 0;
- }
- }
- if (ret == 0) {
- len = sizeof(buf)-1;
- ret = wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN);
- if (ret == BUFFER_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- len = sizeof(buf);
- ret = wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN);
- }
- if (ret == 0) {
- len = 4; /* test input too small */
- ret = wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR);
- if (ret == BUFFER_E) {
- ret = 0;
- }
- }
- if (ret == 0) {
- len = sizeof(buf);
- ret = wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR);
- /* hex version of 1234 is 04D2 and should be 4 digits + 1 null */
- if (ret == 0 && len != 5) {
- ret = BAD_FUNC_ARG;
- }
- }
+ XMEMSET(&mp, 0, sizeof(mp_int));
- mp_clear(&mp);
+ ExpectIntEQ(mp_init(&mp), MP_OKAY);
+ ExpectIntEQ(mp_set(&mp, 1234), 0);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_export_int(NULL, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN),
+ BAD_FUNC_ARG);
+ len = sizeof(buf)-1;
+ ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN),
+ BUFFER_E);
+ len = sizeof(buf);
+ ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN), 0);
+ len = 4; /* test input too small */
+ ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), BUFFER_E);
+ len = sizeof(buf);
+ ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), 0);
+ /* hex version of 1234 is 04D2 and should be 4 digits + 1 null */
+ ExpectIntEQ(len, 5);
+
+ mp_clear(&mp);
#endif
- return res;
+ return EXPECT_RESULT();
+
+} /* End test_wc_export_int*/
-}/* End test_wc_export_int*/
static int test_wc_InitRngNonce(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
- (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2))
- int ret;
- WC_RNG rng;
- byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
- "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
- word32 nonceSz = sizeof(nonce);
-
- ret = wc_InitRngNonce(&rng, nonce, nonceSz);
- wc_FreeRng(&rng);
+ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ HAVE_FIPS_VERSION >= 2))
+ WC_RNG rng;
+ byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
+ "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
+ word32 nonceSz = sizeof(nonce);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitRngNonce(&rng, nonce, nonceSz), 0);
+ ExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
-}/* End test_wc_InitRngNonce*/
+ return EXPECT_RESULT();
+} /* End test_wc_InitRngNonce*/
+
/*
* Testing wc_InitRngNonce_ex
*/
static int test_wc_InitRngNonce_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
- (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2))
- int ret;
- WC_RNG rng;
- byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
- "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
- word32 nonceSz = sizeof(nonce);
-
- ret = wc_InitRngNonce_ex(&rng, nonce, nonceSz, HEAP_HINT, testDevId);
- wc_FreeRng(&rng);
+ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ HAVE_FIPS_VERSION >= 2))
+ WC_RNG rng;
+ byte nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
+ "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
+ word32 nonceSz = sizeof(nonce);
- res = TEST_RES_CHECK(ret == 0);
+ ExpectIntEQ(wc_InitRngNonce_ex(&rng, nonce, nonceSz, HEAP_HINT, testDevId),
+ 0);
+ ExpectIntEQ(wc_FreeRng(&rng), 0);
#endif
- return res;
-}/*End test_wc_InitRngNonce_ex*/
+ return EXPECT_RESULT();
+} /* End test_wc_InitRngNonce_ex */
static int test_wolfSSL_X509_CRL(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL)
-
- X509_CRL *crl;
+ X509_CRL *crl = NULL;
char pem[][100] = {
"./certs/crl/crl.pem",
"./certs/crl/crl2.pem",
@@ -56005,7 +54423,7 @@ static int test_wolfSSL_X509_CRL(void)
""
};
#ifndef NO_BIO
- BIO *bio;
+ BIO *bio = NULL;
#endif
#ifdef HAVE_TEST_d2i_X509_CRL_fp
@@ -56015,63 +54433,82 @@ static int test_wolfSSL_X509_CRL(void)
""};
#endif
- XFILE fp;
+ XFILE fp = XBADFILE;
int i;
for (i = 0; pem[i][0] != '\0'; i++)
{
- fp = XFOPEN(pem[i], "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL));
- AssertNotNull(crl);
+ ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE);
+ ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+ NULL, NULL));
+ ExpectNotNull(crl);
X509_CRL_free(crl);
- XFCLOSE(fp);
- fp = XFOPEN(pem[i], "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull((X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)&crl, NULL, NULL));
- AssertNotNull(crl);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
+ ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE);
+ ExpectNotNull((X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)&crl, NULL,
+ NULL));
+ if (EXPECT_FAIL()) {
+ crl = NULL;
+ }
+ ExpectNotNull(crl);
X509_CRL_free(crl);
- XFCLOSE(fp);
+ crl = NULL;
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
}
#ifndef NO_BIO
for (i = 0; pem[i][0] != '\0'; i++)
{
- AssertNotNull(bio = BIO_new_file(pem[i], "rb"));
- AssertNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL));
+ ExpectNotNull(bio = BIO_new_file(pem[i], "rb"));
+ ExpectNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL));
X509_CRL_free(crl);
+ crl = NULL;
BIO_free(bio);
+ bio = NULL;
}
#endif
#ifdef HAVE_TEST_d2i_X509_CRL_fp
for (i = 0; der[i][0] != '\0'; i++) {
- fp = XFOPEN(der[i], "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL *)d2i_X509_CRL_fp((fp, X509_CRL **)NULL));
- AssertNotNull(crl);
+ ExpectTrue((fp = XFOPEN(der[i], "rb")) != XBADFILE);
+ ExpectTrue((fp != XBADFILE));
+ ExpectNotNull(crl = (X509_CRL *)d2i_X509_CRL_fp((fp, X509_CRL **)NULL));
+ ExpectNotNull(crl);
X509_CRL_free(crl);
- XFCLOSE(fp);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
fp = XFOPEN(der[i], "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull((X509_CRL *)d2i_X509_CRL_fp(fp, (X509_CRL **)&crl));
- AssertNotNull(crl);
+ ExpectTrue((fp != XBADFILE));
+ ExpectNotNull((X509_CRL *)d2i_X509_CRL_fp(fp, (X509_CRL **)&crl));
+ if (EXPECT_FAIL()) {
+ crl = NULL;
+ }
+ ExpectNotNull(crl);
X509_CRL_free(crl);
- XFCLOSE(fp);
+ crl = NULL;
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
}
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_load_crl_file(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && !defined(NO_BIO)
- EXPECT_DECLS;
int i;
char pem[][100] = {
"./certs/crl/crl.pem",
@@ -56153,20 +54590,43 @@ static int test_wolfSSL_X509_load_crl_file(void)
X509_STORE_free(store);
store = NULL;
+#endif
+ return EXPECT_RESULT();
+}
- res = EXPECT_RESULT();
+static int test_wolfSSL_i2d_X509(void)
+{
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
+ const unsigned char* cert_buf = server_cert_der_2048;
+ unsigned char* out = NULL;
+ unsigned char* tmp = NULL;
+ X509* cert = NULL;
+
+ ExpectNotNull(d2i_X509(&cert, &cert_buf, sizeof_server_cert_der_2048));
+ /* Pointer should be advanced */
+ ExpectPtrGT(cert_buf, server_cert_der_2048);
+ ExpectIntGT(i2d_X509(cert, &out), 0);
+ ExpectNotNull(out);
+ tmp = out;
+ ExpectIntGT(i2d_X509(cert, &tmp), 0);
+ ExpectPtrGT(tmp, out);
+
+ if (out != NULL)
+ XFREE(out, NULL, DYNAMIC_TYPE_OPENSSL);
+ X509_free(cert);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_X509_REQ(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && !defined(NO_BIO) && \
(defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && \
!defined(WOLFSSL_SP_MATH)
- /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der were
- * generated by libest
+ /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der
+ * were generated by libest
* ./certs/csr.attr.der contains sample attributes
* ./certs/csr.ext.der contains sample extensions */
const char* csrFile = "./certs/csr.signed.der";
@@ -56180,64 +54640,71 @@ static int test_wolfSSL_d2i_X509_REQ(void)
*/
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
const char* csrDsaFile = "./certs/csr.dsa.pem";
- XFILE f;
+ XFILE f = XBADFILE;
#endif
BIO* bio = NULL;
X509* req = NULL;
EVP_PKEY *pub_key = NULL;
{
- AssertNotNull(bio = BIO_new_file(csrFile, "rb"));
- AssertNotNull(d2i_X509_REQ_bio(bio, &req));
+ ExpectNotNull(bio = BIO_new_file(csrFile, "rb"));
+ ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
/*
* Extract the public key from the CSR
*/
- AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
- AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
X509_free(req);
+ req = NULL;
BIO_free(bio);
+ bio = NULL;
EVP_PKEY_free(pub_key);
+ pub_key = NULL;
}
{
#ifdef OPENSSL_ALL
X509_ATTRIBUTE* attr;
ASN1_TYPE *at;
#endif
- AssertNotNull(bio = BIO_new_file(csrPopFile, "rb"));
- AssertNotNull(d2i_X509_REQ_bio(bio, &req));
+ ExpectNotNull(bio = BIO_new_file(csrPopFile, "rb"));
+ ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
/*
* Extract the public key from the CSR
*/
- AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
- AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
#ifdef OPENSSL_ALL
/*
* Obtain the challenge password from the CSR
*/
- AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
- 1);
- AssertNotNull(attr = X509_REQ_get_attr(req, 1));
- AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
- AssertNotNull(at->value.asn1_string);
- AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "2xIE+qqp/rhyTXP+");
- AssertIntEQ(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), -1);
+ ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword,
+ -1), 1);
+ ExpectNotNull(attr = X509_REQ_get_attr(req, 1));
+ ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
+ ExpectNotNull(at->value.asn1_string);
+ ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string),
+ "2xIE+qqp/rhyTXP+");
+ ExpectIntEQ(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), -1);
#endif
X509_free(req);
+ req = NULL;
BIO_free(bio);
+ bio = NULL;
EVP_PKEY_free(pub_key);
+ pub_key = NULL;
}
{
#ifdef OPENSSL_ALL
@@ -56245,170 +54712,175 @@ static int test_wolfSSL_d2i_X509_REQ(void)
ASN1_TYPE *at;
STACK_OF(X509_EXTENSION) *exts = NULL;
#endif
- AssertNotNull(bio = BIO_new_file(csrExtFile, "rb"));
+ ExpectNotNull(bio = BIO_new_file(csrExtFile, "rb"));
/* This CSR contains an Extension Request attribute so
* we test extension parsing in a CSR attribute here. */
- AssertNotNull(d2i_X509_REQ_bio(bio, &req));
+ ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
/*
* Extract the public key from the CSR
*/
- AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
- AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
#ifdef OPENSSL_ALL
- AssertNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions(req));
- AssertIntEQ(sk_X509_EXTENSION_num(exts), 2);
+ ExpectNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions(
+ req));
+ ExpectIntEQ(sk_X509_EXTENSION_num(exts), 2);
sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
/*
* Obtain the challenge password from the CSR
*/
- AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
- 0);
- AssertNotNull(attr = X509_REQ_get_attr(req, 0));
- AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
- AssertNotNull(at->value.asn1_string);
- AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");
- AssertIntGE(X509_get_ext_by_NID(req, NID_key_usage, -1), 0);
- AssertIntGE(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), 0);
+ ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword,
+ -1), 0);
+ ExpectNotNull(attr = X509_REQ_get_attr(req, 0));
+ ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
+ ExpectNotNull(at->value.asn1_string);
+ ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");
+ ExpectIntGE(X509_get_ext_by_NID(req, NID_key_usage, -1), 0);
+ ExpectIntGE(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), 0);
#endif
X509_free(req);
+ req = NULL;
BIO_free(bio);
+ bio = NULL;
EVP_PKEY_free(pub_key);
+ pub_key = NULL;
}
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
{
- AssertNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
- AssertNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
+ ExpectNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
+ ExpectNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
/*
* Extract the public key from the CSR
*/
- AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+ ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
/*
* Verify the signature in the CSR
*/
- AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
X509_free(req);
+ req = NULL;
BIO_free(bio);
/* Run the same test, but with a file pointer instead of a BIO.
* (PEM_read_X509_REQ)*/
- AssertTrue((f = XFOPEN(csrDsaFile, "rb")) != XBADFILE);
- AssertNotNull(PEM_read_X509_REQ(f, &req, NULL, NULL));
- AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+ ExpectTrue((f = XFOPEN(csrDsaFile, "rb")) != XBADFILE);
+ ExpectNotNull(PEM_read_X509_REQ(f, &req, NULL, NULL));
+ ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
X509_free(req);
EVP_PKEY_free(pub_key);
}
-
- res = TEST_RES_CHECK(1);
#endif /* !NO_DSA && !HAVE_SELFTEST */
#endif /* WOLFSSL_CERT_REQ && (OPENSSL_ALL || OPENSSL_EXTRA) */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_X509(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA)
X509 *x509 = NULL;
- XFILE fp;
+ XFILE fp = XBADFILE;
- fp = XFOPEN(svrCertFile, "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL));
+ ExpectTrue((fp = XFOPEN(svrCertFile, "rb")) != XBADFILE);
+ ExpectNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL));
X509_free(x509);
- XFCLOSE(fp);
-
- res = TEST_RES_CHECK(1);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO)
const char* filename = "./certs/server-keyEnc.pem";
- XFILE fp;
+ XFILE fp = XBADFILE;
char* name = NULL;
char* header = NULL;
byte* data = NULL;
long len;
EVP_CIPHER_INFO cipher;
- WOLFSSL_BIO* bio;
- byte* fileData;
- size_t fileDataSz;
+ WOLFSSL_BIO* bio = NULL;
+ byte* fileData = NULL;
+ size_t fileDataSz = 0;
byte* out;
- fp = XFOPEN(filename, "rb");
- AssertTrue((fp != XBADFILE));
+ ExpectTrue((fp = XFOPEN(filename, "rb")) != XBADFILE);
/* Fail cases. */
- AssertIntEQ(PEM_read(fp, NULL, &header, &data, &len), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_read(fp, &name, NULL, &data, &len), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_read(fp, &name, &header, NULL, &len), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_read(fp, &name, &header, &data, NULL), WOLFSSL_FAILURE);
-
- AssertIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
-
- AssertIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
- AssertIntGT(XSTRLEN(header), 0);
- AssertIntGT(len, 0);
-
- AssertIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
- AssertIntGT((fileDataSz = XFTELL(fp)), 0);
- AssertIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
- AssertNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
- DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
- XFCLOSE(fp);
+ ExpectIntEQ(PEM_read(fp, NULL, &header, &data, &len), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_read(fp, &name, NULL, &data, &len), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_read(fp, &name, &header, NULL, &len), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_read(fp, &name, &header, &data, NULL), WOLFSSL_FAILURE);
+
+ ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
+ ExpectIntGT(XSTRLEN(header), 0);
+ ExpectIntGT(len, 0);
+
+ ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
+ ExpectIntGT((fileDataSz = XFTELL(fp)), 0);
+ ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
+ ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
+ ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
/* Fail cases. */
- AssertIntEQ(PEM_write_bio(NULL, name, header, data, len), 0);
- AssertIntEQ(PEM_write_bio(bio, NULL, header, data, len), 0);
- AssertIntEQ(PEM_write_bio(bio, name, NULL, data, len), 0);
- AssertIntEQ(PEM_write_bio(bio, name, header, NULL, len), 0);
+ ExpectIntEQ(PEM_write_bio(NULL, name, header, data, len), 0);
+ ExpectIntEQ(PEM_write_bio(bio, NULL, header, data, len), 0);
+ ExpectIntEQ(PEM_write_bio(bio, name, NULL, data, len), 0);
+ ExpectIntEQ(PEM_write_bio(bio, name, header, NULL, len), 0);
- AssertIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
- AssertIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
- AssertIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
+ ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
+ ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
+ ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
/* Fail cases. */
- AssertIntEQ(PEM_get_EVP_CIPHER_INFO(NULL, &cipher), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_get_EVP_CIPHER_INFO(header, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_get_EVP_CIPHER_INFO((char*)"", &cipher), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(NULL, &cipher), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_get_EVP_CIPHER_INFO((char*)"", &cipher), WOLFSSL_FAILURE);
#ifndef NO_DES3
- AssertIntEQ(PEM_get_EVP_CIPHER_INFO(header, &cipher), WOLFSSL_SUCCESS);
+ ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, &cipher), WOLFSSL_SUCCESS);
#endif
/* Fail cases. */
- AssertIntEQ(PEM_do_header(&cipher, NULL, &len, PasswordCallBack,
- (void*)"yassl123"), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_do_header(&cipher, data, NULL, PasswordCallBack,
- (void*)"yassl123"), WOLFSSL_FAILURE);
- AssertIntEQ(PEM_do_header(&cipher, data, &len, NULL,
- (void*)"yassl123"), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_do_header(&cipher, NULL, &len, PasswordCallBack,
+ (void*)"yassl123"), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_do_header(&cipher, data, NULL, PasswordCallBack,
+ (void*)"yassl123"), WOLFSSL_FAILURE);
+ ExpectIntEQ(PEM_do_header(&cipher, data, &len, NULL,
+ (void*)"yassl123"), WOLFSSL_FAILURE);
#if !defined(NO_DES3) && !defined(NO_MD5)
- AssertIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
+ ExpectIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
(void*)"yassl123"), WOLFSSL_SUCCESS);
#endif
BIO_free(bio);
+ bio = NULL;
XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ fileData = NULL;
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -56416,40 +54888,38 @@ static int test_wolfSSL_PEM_read(void)
name = NULL;
header = NULL;
data = NULL;
- fp = XFOPEN(svrKeyFile, "rb");
- AssertTrue((fp != XBADFILE));
- AssertIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
- AssertIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
- AssertIntEQ(XSTRLEN(header), 0);
- AssertIntGT(len, 0);
-
- AssertIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
- AssertIntGT((fileDataSz = XFTELL(fp)), 0);
- AssertIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
- AssertNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
- DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE);
+ ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
+ ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
+ ExpectIntEQ(XSTRLEN(header), 0);
+ ExpectIntGT(len, 0);
+
+ ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
+ ExpectIntGT((fileDataSz = XFTELL(fp)), 0);
+ ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
+ ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
- AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
- AssertIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
- AssertIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
- AssertIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
+ ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
+ ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
+ ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
+ ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
BIO_free(bio);
XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_gcm_AAD_2_parts(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
const byte iv[12] = { 0 };
@@ -56466,111 +54936,111 @@ static int test_wolfssl_EVP_aes_gcm_AAD_2_parts(void)
byte out2Part[16];
byte outTag2Part[16];
byte decryptBuf[16];
- int len;
+ int len = 0;
int tlen;
EVP_CIPHER_CTX* ctx = NULL;
/* ENCRYPT */
/* Send AAD and data in 1 part */
- AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
- AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
- AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
- AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
- AssertIntEQ(EVP_EncryptUpdate(ctx, out1Part, &len, cleartext,
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, out1Part, &len, cleartext,
sizeof(cleartext)), 1);
tlen += len;
- AssertIntEQ(EVP_EncryptFinal_ex(ctx, out1Part, &len), 1);
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out1Part, &len), 1);
tlen += len;
- AssertIntEQ(tlen, sizeof(cleartext));
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
+ ExpectIntEQ(tlen, sizeof(cleartext));
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
outTag1Part), 1);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* DECRYPT */
/* Send AAD and data in 1 part */
- AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
- AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
- AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
- AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part,
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part,
sizeof(cleartext)), 1);
tlen += len;
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
outTag1Part), 1);
- AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf, &len), 1);
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf, &len), 1);
tlen += len;
- AssertIntEQ(tlen, sizeof(cleartext));
+ ExpectIntEQ(tlen, sizeof(cleartext));
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
- AssertIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
+ ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
/* ENCRYPT */
/* Send AAD and data in 2 parts */
- AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
- AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
- AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
- AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, 1), 1);
- AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, 1), 1);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
1);
- AssertIntEQ(EVP_EncryptUpdate(ctx, out2Part, &len, cleartext, 1), 1);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part, &len, cleartext, 1), 1);
tlen += len;
- AssertIntEQ(EVP_EncryptUpdate(ctx, out2Part + tlen, &len, cleartext + 1,
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part + tlen, &len, cleartext + 1,
sizeof(cleartext) - 1), 1);
tlen += len;
- AssertIntEQ(EVP_EncryptFinal_ex(ctx, out2Part + tlen, &len), 1);
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out2Part + tlen, &len), 1);
tlen += len;
- AssertIntEQ(tlen, sizeof(cleartext));
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
+ ExpectIntEQ(tlen, sizeof(cleartext));
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
outTag2Part), 1);
- AssertIntEQ(XMEMCMP(out1Part, out2Part, sizeof(out1Part)), 0);
- AssertIntEQ(XMEMCMP(outTag1Part, outTag2Part, sizeof(outTag1Part)), 0);
+ ExpectIntEQ(XMEMCMP(out1Part, out2Part, sizeof(out1Part)), 0);
+ ExpectIntEQ(XMEMCMP(outTag1Part, outTag2Part, sizeof(outTag1Part)), 0);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* DECRYPT */
/* Send AAD and data in 2 parts */
- AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+ ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
tlen = 0;
- AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
1);
- AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
- AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, 1), 1);
- AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, 1), 1);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
1);
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, 1), 1);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, 1), 1);
tlen += len;
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptBuf + tlen, &len, out1Part + 1,
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf + tlen, &len, out1Part + 1,
sizeof(cleartext) - 1), 1);
tlen += len;
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
outTag1Part), 1);
- AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf + tlen, &len), 1);
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf + tlen, &len), 1);
tlen += len;
- AssertIntEQ(tlen, sizeof(cleartext));
+ ExpectIntEQ(tlen, sizeof(cleartext));
- AssertIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
+ ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
- /* Test AAD re-use */
+ /* Test AAD reuse */
EVP_CIPHER_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* Zero length plain text */
-
byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -56584,9 +55054,10 @@ static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
int ivSz = 12;
int plaintxtSz = 0;
unsigned char tag[16];
- unsigned char tag_kat[] =
- {0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9,
- 0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b};
+ unsigned char tag_kat[] = {
+ 0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9,
+ 0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b
+ };
byte ciphertxt[AES_BLOCK_SIZE * 4] = {0};
byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0};
@@ -56597,42 +55068,39 @@ static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
- AssertIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_gcm(), NULL, key, iv));
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
- plaintxtSz));
- AssertIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+ plaintxtSz));
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
ciphertxtSz += len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
- AssertIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
- AssertIntEQ(0, ciphertxtSz);
- AssertIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
+ ExpectIntEQ(0, ciphertxtSz);
+ ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
EVP_CIPHER_CTX_init(de);
- AssertIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_gcm(), NULL, key, iv));
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
decryptedtxtSz = len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
- AssertIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
decryptedtxtSz += len;
- AssertIntEQ(0, decryptedtxtSz);
+ ExpectIntEQ(0, decryptedtxtSz);
EVP_CIPHER_CTX_free(en);
EVP_CIPHER_CTX_free(de);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_gcm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-
/* A 256 bit key, AES_128 will use the first 128 bit*/
byte *key = (byte*)"01234567890123456789012345678901";
/* A 128 bit IV */
@@ -56656,76 +55124,258 @@ static int test_wolfssl_EVP_aes_gcm(void)
EVP_CIPHER_CTX de[2];
for (i = 0; i < 2; i++) {
-
EVP_CIPHER_CTX_init(&en[i]);
-
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL,
+ key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL,
+ NULL, NULL));
#endif
/* non-default must to set the IV length first */
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
- AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
- AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz));
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+ plaintxtSz));
ciphertxtSz = len;
- AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag));
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG,
+ AES_BLOCK_SIZE, tag));
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+ key, iv));
+#elif defined(WOLFSSL_AES_192)
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+ key, iv));
+#elif defined(WOLFSSL_AES_256)
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+ key, iv));
+#endif
+ }
+ else {
+#ifdef WOLFSSL_AES_128
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+ NULL, NULL));
+#elif defined(WOLFSSL_AES_192)
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+ NULL, NULL));
+#elif defined(WOLFSSL_AES_256)
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+ NULL, NULL));
+#endif
+ /* non-default must to set the IV length first */
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+ }
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ decryptedtxtSz = len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+ AES_BLOCK_SIZE, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ decryptedtxtSz += len;
+ ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+ ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+
+ /* modify tag*/
+ if (i == 0) {
+ /* Default uses 96-bits IV length */
+#ifdef WOLFSSL_AES_128
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+ key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+ NULL, NULL));
#endif
/* non-default must to set the IV length first */
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+ }
+ tag[AES_BLOCK_SIZE-1]+=0xBB;
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+ AES_BLOCK_SIZE, tag));
+ /* fail due to wrong tag */
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ ExpectIntEQ(0, len);
+
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+ }
+#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */
+ return EXPECT_RESULT();
+}
+
+static int test_wolfssl_EVP_aria_gcm(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ARIA) && \
+ !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
+
+ /* A 256 bit key, AES_128 will use the first 128 bit*/
+ byte *key = (byte*)"01234567890123456789012345678901";
+ /* A 128 bit IV */
+ byte *iv = (byte*)"0123456789012345";
+ int ivSz = ARIA_BLOCK_SIZE;
+ /* Message to be encrypted */
+ const int plaintxtSz = 40;
+ byte plaintxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
+ XMEMCPY(plaintxt,"for things to change you have to change",plaintxtSz);
+ /* Additional non-confidential data */
+ byte *aad = (byte*)"Don't spend major time on minor things.";
+
+ unsigned char tag[ARIA_BLOCK_SIZE] = {0};
+ int aadSz = (int)XSTRLEN((char*)aad);
+ byte ciphertxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
+ byte decryptedtxt[plaintxtSz];
+ int ciphertxtSz = 0;
+ int decryptedtxtSz = 0;
+ int len = 0;
+ int i = 0;
+ #define TEST_ARIA_GCM_COUNT 6
+ EVP_CIPHER_CTX en[TEST_ARIA_GCM_COUNT];
+ EVP_CIPHER_CTX de[TEST_ARIA_GCM_COUNT];
+
+ for (i = 0; i < TEST_ARIA_GCM_COUNT; i++) {
+
+ EVP_CIPHER_CTX_init(&en[i]);
+ switch (i) {
+ case 0:
+ /* Default uses 96-bits IV length */
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, key, iv));
+ break;
+ case 1:
+ /* Default uses 96-bits IV length */
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, key, iv));
+ break;
+ case 2:
+ /* Default uses 96-bits IV length */
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, key, iv));
+ break;
+ case 3:
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, NULL, NULL));
+ /* non-default must to set the IV length first */
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+ break;
+ case 4:
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, NULL, NULL));
+ /* non-default must to set the IV length first */
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+ break;
+ case 5:
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, NULL, NULL));
+ /* non-default must to set the IV length first */
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+ break;
+ }
+ XMEMSET(ciphertxt,0,sizeof(ciphertxt));
+ AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+ AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz));
+ ciphertxtSz = len;
+ AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+ AssertIntNE(0, XMEMCMP(plaintxt, ciphertxt, plaintxtSz));
+ ciphertxtSz += len;
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, ARIA_BLOCK_SIZE, tag));
+ AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+ EVP_CIPHER_CTX_init(&de[i]);
+ switch (i) {
+ case 0:
+ /* Default uses 96-bits IV length */
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, key, iv));
+ break;
+ case 1:
+ /* Default uses 96-bits IV length */
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, key, iv));
+ break;
+ case 2:
+ /* Default uses 96-bits IV length */
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, key, iv));
+ break;
+ case 3:
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, NULL, NULL));
+ /* non-default must to set the IV length first */
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+ break;
+ case 4:
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, NULL, NULL));
+ /* non-default must to set the IV length first */
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+ break;
+ case 5:
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, NULL, NULL));
+ /* non-default must to set the IV length first */
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+ break;
}
+ XMEMSET(decryptedtxt,0,sizeof(decryptedtxt));
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
decryptedtxtSz = len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag));
AssertIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
- AssertIntEQ(ciphertxtSz, decryptedtxtSz);
+ AssertIntEQ(plaintxtSz, decryptedtxtSz);
AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+ XMEMSET(decryptedtxt,0,sizeof(decryptedtxt));
/* modify tag*/
tag[AES_BLOCK_SIZE-1]+=0xBB;
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
+ AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag));
/* fail due to wrong tag */
AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
AssertIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
@@ -56740,11 +55390,10 @@ static int test_wolfssl_EVP_aes_gcm(void)
static int test_wolfssl_EVP_aes_ccm_zeroLen(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* Zero length plain text */
-
byte key[] = {
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -56768,41 +55417,38 @@ static int test_wolfssl_EVP_aes_ccm_zeroLen(void)
EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
- AssertIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_ccm(), NULL, key, iv));
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+ ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
plaintxtSz));
- AssertIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
ciphertxtSz += len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
- AssertIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
- AssertIntEQ(0, ciphertxtSz);
+ ExpectIntEQ(0, ciphertxtSz);
EVP_CIPHER_CTX_init(de);
- AssertIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_ccm(), NULL, key, iv));
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
decryptedtxtSz = len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
- AssertIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
decryptedtxtSz += len;
- AssertIntEQ(0, decryptedtxtSz);
+ ExpectIntEQ(0, decryptedtxtSz);
EVP_CIPHER_CTX_free(en);
EVP_CIPHER_CTX_free(de);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_EVP_aes_ccm(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
!defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-
/* A 256 bit key, AES_128 will use the first 128 bit*/
byte *key = (byte*)"01234567890123456789012345678901";
/* A 128 bit IV */
@@ -56822,117 +55468,115 @@ static int test_wolfssl_EVP_aes_ccm(void)
int decryptedtxtSz = 0;
int len = 0;
int i = 0;
+ int ret;
EVP_CIPHER_CTX en[2];
EVP_CIPHER_CTX de[2];
for (i = 0; i < 2; i++) {
-
EVP_CIPHER_CTX_init(&en[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- EVP_aes_128_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- EVP_aes_192_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- EVP_aes_256_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL,
+ key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- EVP_aes_128_ccm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- EVP_aes_192_ccm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- EVP_aes_256_ccm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL,
+ NULL, NULL));
#endif
/* non-default must to set the IV length first */
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i],
- EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
- NULL, NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
}
- AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
- AssertIntEQ(1, EVP_EncryptUpdate(&en[i],
- ciphertxt, &len, plaintxt, plaintxtSz));
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+ plaintxtSz));
ciphertxtSz = len;
- AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
ciphertxtSz += len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i],
- EVP_CTRL_CCM_GET_TAG, AES_BLOCK_SIZE, tag));
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG,
+ AES_BLOCK_SIZE, tag));
+ ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]);
+ ExpectIntEQ(ret, 1);
EVP_CIPHER_CTX_init(&de[i]);
if (i == 0) {
/* Default uses 96-bits IV length */
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
- EVP_aes_128_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
- EVP_aes_192_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL,
+ key, iv));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
- EVP_aes_256_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL,
+ key, iv));
#endif
}
else {
#ifdef WOLFSSL_AES_128
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
- EVP_aes_128_ccm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_192)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
- EVP_aes_192_ccm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL,
+ NULL, NULL));
#elif defined(WOLFSSL_AES_256)
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
- EVP_aes_256_ccm(), NULL, NULL, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL,
+ NULL, NULL));
#endif
/* non-default must to set the IV length first */
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i],
- EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
- AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
}
- AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
- AssertIntEQ(1, EVP_DecryptUpdate(&de[i],
- decryptedtxt, &len, ciphertxt, ciphertxtSz));
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
decryptedtxtSz = len;
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i],
- EVP_CTRL_CCM_SET_TAG, AES_BLOCK_SIZE, tag));
- AssertIntEQ(1, EVP_DecryptFinal_ex(&de[i],
- decryptedtxt, &len));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+ AES_BLOCK_SIZE, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
decryptedtxtSz += len;
- AssertIntEQ(ciphertxtSz, decryptedtxtSz);
- AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+ ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+ ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
/* modify tag*/
tag[AES_BLOCK_SIZE-1]+=0xBB;
- AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
- AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i],
- EVP_CTRL_CCM_SET_TAG, AES_BLOCK_SIZE, tag));
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+ AES_BLOCK_SIZE, tag));
/* fail due to wrong tag */
- AssertIntEQ(1, EVP_DecryptUpdate(&de[i],
- decryptedtxt, &len, ciphertxt, ciphertxtSz));
- AssertIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
- AssertIntEQ(0, len);
- AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ ExpectIntEQ(0, len);
+ ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]);
+ ExpectIntEQ(ret, 1);
}
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESCCM */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_EVP_chacha20_poly1305(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
byte key[CHACHA20_POLY1305_AEAD_KEYSIZE];
byte iv [CHACHA20_POLY1305_AEAD_IV_SIZE];
@@ -56941,150 +55585,657 @@ static int test_wolfssl_EVP_chacha20_poly1305(void)
byte cipherText[sizeof(plainText)];
byte decryptedText[sizeof(plainText)];
byte tag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
- EVP_CIPHER_CTX* ctx;
+ EVP_CIPHER_CTX* ctx = NULL;
int outSz;
/* Encrypt. */
- AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
- AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
/* Invalid IV length. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
CHACHA20_POLY1305_AEAD_IV_SIZE-1, NULL), WOLFSSL_FAILURE);
/* Valid IV length. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS);
/* Invalid tag length. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, NULL), WOLFSSL_FAILURE);
/* Valid tag length. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, NULL), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(aad));
- AssertIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+ ExpectIntEQ(outSz, sizeof(aad));
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(plainText));
- AssertIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, 0);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
/* Invalid tag length. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, tag), WOLFSSL_FAILURE);
/* Valid tag length. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Decrypt. */
- AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
- AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(aad));
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ ExpectIntEQ(outSz, sizeof(aad));
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(cipherText));
- AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+ ExpectIntEQ(outSz, sizeof(cipherText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, 0);
+ ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Test partial Inits. CipherInit() allow setting of key and iv
* in separate calls. */
- AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
- AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20_poly1305(),
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20_poly1305(),
key, NULL, 1), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_CipherUpdate(ctx, NULL, &outSz,
+ ExpectIntEQ(wolfSSL_EVP_CipherUpdate(ctx, NULL, &outSz,
aad, sizeof(aad)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(aad));
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ ExpectIntEQ(outSz, sizeof(aad));
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(cipherText));
- AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+ ExpectIntEQ(outSz, sizeof(cipherText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, 0);
+ ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfssl_EVP_chacha20(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA)
byte key[CHACHA_MAX_KEY_SZ];
byte iv [WOLFSSL_EVP_CHACHA_IV_BYTES];
byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
byte cipherText[sizeof(plainText)];
byte decryptedText[sizeof(plainText)];
- EVP_CIPHER_CTX* ctx;
+ EVP_CIPHER_CTX* ctx = NULL;
int outSz;
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(iv, 0, sizeof(iv));
/* Encrypt. */
- AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
- AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
/* Any tag length must fail - not an AEAD cipher. */
- AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
16, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
sizeof(plainText)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(plainText));
- AssertIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, 0);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Decrypt. */
- AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
- AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
NULL), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(cipherText));
- AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+ ExpectIntEQ(outSz, sizeof(cipherText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, 0);
+ ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
+ ctx = NULL;
/* Test partial Inits. CipherInit() allow setting of key and iv
* in separate calls. */
- AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
- AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20(),
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20(),
key, NULL, 1), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
sizeof(cipherText)), WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, sizeof(cipherText));
- AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+ ExpectIntEQ(outSz, sizeof(cipherText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
WOLFSSL_SUCCESS);
- AssertIntEQ(outSz, 0);
+ ExpectIntEQ(outSz, 0);
EVP_CIPHER_CTX_free(ctx);
+#endif
+ return EXPECT_RESULT();
+}
- res = TEST_RES_CHECK(1);
+static int test_wolfssl_EVP_sm4_ecb(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_ECB)
+ EXPECT_DECLS;
+ byte key[SM4_KEY_SIZE];
+ byte plainText[SM4_BLOCK_SIZE] = {
+ 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF,
+ 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
+ };
+ byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE];
+ byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE];
+ EVP_CIPHER_CTX* ctx;
+ int outSz;
+
+ XMEMSET(key, 0, sizeof(key));
+
+ /* Encrypt. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL),
+ WOLFSSL_SUCCESS);
+ /* Any tag length must fail - not an AEAD cipher. */
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
+ WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+ sizeof(plainText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, SM4_BLOCK_SIZE);
+ ExpectBufNE(cipherText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ /* Decrypt. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, NULL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ sizeof(cipherText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
+ ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ res = EXPECT_RESULT();
#endif
return res;
}
-static int test_wolfSSL_EVP_PKEY_hkdf(void)
+static int test_wolfssl_EVP_sm4_cbc(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CBC)
+ EXPECT_DECLS;
+ byte key[SM4_KEY_SIZE];
+ byte iv[SM4_BLOCK_SIZE];
+ byte plainText[SM4_BLOCK_SIZE] = {
+ 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF,
+ 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
+ };
+ byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE];
+ byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE];
+ EVP_CIPHER_CTX* ctx;
+ int outSz;
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(iv, 0, sizeof(iv));
+
+ /* Encrypt. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL),
+ WOLFSSL_SUCCESS);
+ /* Any tag length must fail - not an AEAD cipher. */
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
+ WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+ sizeof(plainText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, SM4_BLOCK_SIZE);
+ ExpectBufNE(cipherText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ /* Decrypt. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ sizeof(cipherText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
+ ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ /* Test partial Inits. CipherInit() allow setting of key and iv
+ * in separate calls. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_cbc(), key, NULL, 0),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 0),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ sizeof(cipherText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
+ ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+static int test_wolfssl_EVP_sm4_ctr(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CTR)
+ EXPECT_DECLS;
+ byte key[SM4_KEY_SIZE];
+ byte iv[SM4_BLOCK_SIZE];
+ byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
+ byte cipherText[sizeof(plainText)];
+ byte decryptedText[sizeof(plainText)];
+ EVP_CIPHER_CTX* ctx;
+ int outSz;
+
+ XMEMSET(key, 0, sizeof(key));
+ XMEMSET(iv, 0, sizeof(iv));
+
+ /* Encrypt. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL),
+ WOLFSSL_SUCCESS);
+ /* Any tag length must fail - not an AEAD cipher. */
+ ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
+ WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+ sizeof(plainText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(plainText));
+ ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
+ ExpectBufNE(cipherText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ /* Decrypt. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ sizeof(cipherText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(cipherText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
+ ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ /* Test partial Inits. CipherInit() allow setting of key and iv
+ * in separate calls. */
+ ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_ctr(), key, NULL, 1),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+ sizeof(cipherText)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, sizeof(cipherText));
+ ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(outSz, 0);
+ ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+ EVP_CIPHER_CTX_free(ctx);
+
+ res = EXPECT_RESULT();
+#endif
+ return res;
+}
+
+static int test_wolfssl_EVP_sm4_gcm_zeroLen(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM)
+ /* Zero length plain text */
+ EXPECT_DECLS;
+ byte key[] = {
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+ }; /* align */
+ byte iv[] = {
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+ }; /* align */
+ byte plaintxt[1];
+ int ivSz = 12;
+ int plaintxtSz = 0;
+ unsigned char tag[16];
+ unsigned char tag_kat[16] = {
+ 0x23,0x2f,0x0c,0xfe,0x30,0x8b,0x49,0xea,
+ 0x6f,0xc8,0x82,0x29,0xb5,0xdc,0x85,0x8d
+ };
+
+ byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+ byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+ int ciphertxtSz = 0;
+ int decryptedtxtSz = 0;
+ int len = 0;
+
+ EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
+
+ ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+ plaintxtSz));
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+ ciphertxtSz += len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+
+ ExpectIntEQ(0, ciphertxtSz);
+ ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
+
+ EVP_CIPHER_CTX_init(de);
+ ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_gcm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+ decryptedtxtSz = len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+ decryptedtxtSz += len;
+ ExpectIntEQ(0, decryptedtxtSz);
+
+ EVP_CIPHER_CTX_free(en);
+ EVP_CIPHER_CTX_free(de);
+
+ res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */
+ return res;
+}
+
+static int test_wolfssl_EVP_sm4_gcm(void)
{
int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM)
+ EXPECT_DECLS;
+ byte *key = (byte*)"0123456789012345";
+ /* A 128 bit IV */
+ byte *iv = (byte*)"0123456789012345";
+ int ivSz = SM4_BLOCK_SIZE;
+ /* Message to be encrypted */
+ byte *plaintxt = (byte*)"for things to change you have to change";
+ /* Additional non-confidential data */
+ byte *aad = (byte*)"Don't spend major time on minor things.";
+
+ unsigned char tag[SM4_BLOCK_SIZE] = {0};
+ int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
+ int aadSz = (int)XSTRLEN((char*)aad);
+ byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+ byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+ int ciphertxtSz = 0;
+ int decryptedtxtSz = 0;
+ int len = 0;
+ int i = 0;
+ EVP_CIPHER_CTX en[2];
+ EVP_CIPHER_CTX de[2];
+
+ for (i = 0; i < 2; i++) {
+ EVP_CIPHER_CTX_init(&en[i]);
+
+ if (i == 0) {
+ /* Default uses 96-bits IV length */
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, key,
+ iv));
+ }
+ else {
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, NULL,
+ NULL));
+ /* non-default must to set the IV length first */
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+ }
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+ plaintxtSz));
+ ciphertxtSz = len;
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+ ciphertxtSz += len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG,
+ SM4_BLOCK_SIZE, tag));
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+
+ EVP_CIPHER_CTX_init(&de[i]);
+ if (i == 0) {
+ /* Default uses 96-bits IV length */
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, key,
+ iv));
+ }
+ else {
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, NULL,
+ NULL));
+ /* non-default must to set the IV length first */
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+ }
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ decryptedtxtSz = len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+ SM4_BLOCK_SIZE, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ decryptedtxtSz += len;
+ ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+ ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+
+ /* modify tag*/
+ tag[SM4_BLOCK_SIZE-1]+=0xBB;
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+ SM4_BLOCK_SIZE, tag));
+ /* fail due to wrong tag */
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ ExpectIntEQ(0, len);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+ }
+
+ res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */
+ return res;
+}
+
+static int test_wolfssl_EVP_sm4_ccm_zeroLen(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM)
+ /* Zero length plain text */
+ EXPECT_DECLS;
+ byte key[] = {
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+ }; /* align */
+ byte iv[] = {
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+ }; /* align */
+ byte plaintxt[1];
+ int ivSz = 12;
+ int plaintxtSz = 0;
+ unsigned char tag[16];
+
+ byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+ byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+ int ciphertxtSz = 0;
+ int decryptedtxtSz = 0;
+ int len = 0;
+
+ EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
+ EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
+
+ ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+ plaintxtSz));
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+ ciphertxtSz += len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+
+ ExpectIntEQ(0, ciphertxtSz);
+
+ EVP_CIPHER_CTX_init(de);
+ ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_ccm(), NULL, key, iv));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+ decryptedtxtSz = len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+ decryptedtxtSz += len;
+ ExpectIntEQ(0, decryptedtxtSz);
+
+ EVP_CIPHER_CTX_free(en);
+ EVP_CIPHER_CTX_free(de);
+
+ res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */
+ return res;
+}
+
+static int test_wolfssl_EVP_sm4_ccm(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM)
+ EXPECT_DECLS;
+ byte *key = (byte*)"0123456789012345";
+ byte *iv = (byte*)"0123456789012";
+ int ivSz = (int)XSTRLEN((char*)iv);
+ /* Message to be encrypted */
+ byte *plaintxt = (byte*)"for things to change you have to change";
+ /* Additional non-confidential data */
+ byte *aad = (byte*)"Don't spend major time on minor things.";
+
+ unsigned char tag[SM4_BLOCK_SIZE] = {0};
+ int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
+ int aadSz = (int)XSTRLEN((char*)aad);
+ byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+ byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+ int ciphertxtSz = 0;
+ int decryptedtxtSz = 0;
+ int len = 0;
+ int i = 0;
+ EVP_CIPHER_CTX en[2];
+ EVP_CIPHER_CTX de[2];
+
+ for (i = 0; i < 2; i++) {
+ EVP_CIPHER_CTX_init(&en[i]);
+
+ if (i == 0) {
+ /* Default uses 96-bits IV length */
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, key,
+ iv));
+ }
+ else {
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, NULL,
+ NULL));
+ /* non-default must to set the IV length first */
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+ }
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+ plaintxtSz));
+ ciphertxtSz = len;
+ ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+ ciphertxtSz += len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG,
+ SM4_BLOCK_SIZE, tag));
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+
+ EVP_CIPHER_CTX_init(&de[i]);
+ if (i == 0) {
+ /* Default uses 96-bits IV length */
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, key,
+ iv));
+ }
+ else {
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, NULL,
+ NULL));
+ /* non-default must to set the IV length first */
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN,
+ ivSz, NULL));
+ ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+ }
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ decryptedtxtSz = len;
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+ SM4_BLOCK_SIZE, tag));
+ ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ decryptedtxtSz += len;
+ ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+ ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+
+ /* modify tag*/
+ tag[SM4_BLOCK_SIZE-1]+=0xBB;
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+ ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+ SM4_BLOCK_SIZE, tag));
+ /* fail due to wrong tag */
+ ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+ ciphertxtSz));
+ ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+ ExpectIntEQ(0, len);
+ ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+ }
+
+ res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */
+ return res;
+}
+
+static int test_wolfSSL_EVP_PKEY_hkdf(void)
+{
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_HKDF)
- EVP_PKEY_CTX* ctx;
+ EVP_PKEY_CTX* ctx = NULL;
byte salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
byte key[] = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
@@ -57116,134 +56267,132 @@ static int test_wolfSSL_EVP_PKEY_hkdf(void)
0xD7, 0xE2, 0x15, 0xBC, 0xB8, 0x10, 0xEF, 0x6C, 0x4D, 0x7A
};
- AssertNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)));
- AssertIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS);
+ ExpectNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)));
+ ExpectIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS);
/* NULL ctx. */
- AssertIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WOLFSSL_FAILURE);
/* NULL md. */
- AssertIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS);
/* NULL ctx. */
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)),
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)),
WOLFSSL_FAILURE);
/* NULL salt is ok. */
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)),
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)),
WOLFSSL_SUCCESS);
/* Salt length <= 0. */
/* Length 0 salt is ok. */
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)),
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)),
WOLFSSL_SUCCESS);
/* NULL ctx. */
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)),
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)),
WOLFSSL_FAILURE);
/* NULL key. */
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)),
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)),
WOLFSSL_FAILURE);
/* Key length <= 0 */
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)),
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)),
WOLFSSL_SUCCESS);
/* NULL ctx. */
- AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)),
+ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)),
WOLFSSL_FAILURE);
/* NULL info is ok. */
- AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)),
+ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)),
WOLFSSL_SUCCESS);
/* Info length <= 0 */
/* Length 0 info is ok. */
- AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WOLFSSL_FAILURE);
- AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)),
+ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)),
WOLFSSL_SUCCESS);
/* NULL ctx. */
- AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
+ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
WOLFSSL_FAILURE);
/* Extract and expand (default). */
- AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
- AssertIntEQ(outKeySz, sizeof(extractAndExpand));
- AssertIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0);
+ ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outKeySz, sizeof(extractAndExpand));
+ ExpectIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0);
/* Extract only. */
- AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
+ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
- AssertIntEQ(outKeySz, sizeof(extractOnly));
- AssertIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0);
+ ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outKeySz, sizeof(extractOnly));
+ ExpectIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0);
outKeySz = sizeof(outKey);
/* Expand only. */
- AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY),
+ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY),
WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
- AssertIntEQ(outKeySz, sizeof(expandOnly));
- AssertIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0);
+ ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outKeySz, sizeof(expandOnly));
+ ExpectIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0);
outKeySz = sizeof(outKey);
/* Extract and expand with appended additional info. */
- AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)),
+ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)),
WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx,
+ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx,
EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND), WOLFSSL_SUCCESS);
- AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
- AssertIntEQ(outKeySz, sizeof(extractAndExpandAddInfo));
- AssertIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0);
+ ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(outKeySz, sizeof(extractAndExpandAddInfo));
+ ExpectIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0);
EVP_PKEY_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA && HAVE_HKDF */
- return res;
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_PEM_X509_INFO_read_bio(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
- BIO* bio;
- X509_INFO* info;
- STACK_OF(X509_INFO)* sk;
- char* subject;
- char exp1[] = "/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
- char exp2[] = "/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Support/CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
+ BIO* bio = NULL;
+ X509_INFO* info = NULL;
+ STACK_OF(X509_INFO)* sk = NULL;
+ char* subject = NULL;
+ char exp1[] = "/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/"
+ "CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
+ char exp2[] = "/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Support/"
+ "CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
- AssertNotNull(bio = BIO_new(BIO_s_file()));
- AssertIntGT(BIO_read_filename(bio, svrCertFile), 0);
- AssertNotNull(sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
- AssertIntEQ(sk_X509_INFO_num(sk), 2);
+ ExpectNotNull(bio = BIO_new(BIO_s_file()));
+ ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0);
+ ExpectNotNull(sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
+ ExpectIntEQ(sk_X509_INFO_num(sk), 2);
/* using dereference to maintain testing for Apache port*/
- AssertNotNull(info = sk_X509_INFO_pop(sk));
- AssertNotNull(subject =
- X509_NAME_oneline(X509_get_subject_name(info->x509), 0, 0));
+ ExpectNotNull(info = sk_X509_INFO_pop(sk));
+ ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509),
+ 0, 0));
- AssertIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1)));
+ ExpectIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1)));
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
X509_INFO_free(info);
+ info = NULL;
- AssertNotNull(info = sk_X509_INFO_pop(sk));
- AssertNotNull(subject =
- X509_NAME_oneline(X509_get_subject_name(info->x509), 0, 0));
+ ExpectNotNull(info = sk_X509_INFO_pop(sk));
+ ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509),
+ 0, 0));
- AssertIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2)));
+ ExpectIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2)));
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
X509_INFO_free(info);
- AssertNull(info = sk_X509_INFO_pop(sk));
+ ExpectNull(info = sk_X509_INFO_pop(sk));
sk_X509_INFO_pop_free(sk, X509_INFO_free);
BIO_free(bio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_wolfSSL_X509_NAME_ENTRY_get_object(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
X509 *x509 = NULL;
X509_NAME* name = NULL;
int idx = 0;
@@ -57259,18 +56408,15 @@ static int test_wolfSSL_X509_NAME_ENTRY_get_object(void)
ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne));
X509_free(x509);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_STORE_get1_certs(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \
!defined(NO_FILESYSTEM) && !defined(NO_RSA)
- EXPECT_DECLS;
X509_STORE_CTX *storeCtx = NULL;
X509_STORE *store = NULL;
X509 *caX509 = NULL;
@@ -57314,21 +56460,50 @@ static int test_wolfSSL_X509_STORE_get1_certs(void)
X509_STORE_CTX_free(storeCtx);
X509_free(svrX509);
X509_free(caX509);
+#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
+ return EXPECT_RESULT();
+}
+static int test_wolfSSL_dup_CA_list(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_ALL)
+ EXPECT_DECLS;
+ STACK_OF(X509_NAME) *originalStack = NULL;
+ STACK_OF(X509_NAME) *copyStack = NULL;
+ int originalCount = 0;
+ int copyCount = 0;
+ X509_NAME *name = NULL;
+ int i;
+
+ originalStack = sk_X509_NAME_new_null();
+ ExpectNotNull(originalStack);
+
+ for (i = 0; i < 3; i++) {
+ name = X509_NAME_new();
+ ExpectNotNull(name);
+ AssertIntEQ(sk_X509_NAME_push(originalStack, name), WOLFSSL_SUCCESS);
+ }
+
+ copyStack = SSL_dup_CA_list(originalStack);
+ ExpectNotNull(copyStack);
+ originalCount = sk_X509_NAME_num(originalStack);
+ copyCount = sk_X509_NAME_num(copyStack);
+
+ AssertIntEQ(originalCount, copyCount);
+ sk_X509_NAME_pop_free(originalStack, X509_NAME_free);
+ sk_X509_NAME_pop_free(copyStack, X509_NAME_free);
+
+ originalStack = NULL;
+ copyStack = NULL;
res = EXPECT_RESULT();
-#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
+#endif /* OPENSSL_ALL */
return res;
}
-/* include misc.c here regardless of NO_INLINE, because misc.c implementations
- * have default (hidden) visibility, and in the absence of visibility, it's
- * benign to mask out the library implementation.
- */
-#define WOLFSSL_MISC_INCLUDED
-#include <wolfcrypt/src/misc.c>
-
static int test_ForceZero(void)
{
+ EXPECT_DECLS;
unsigned char data[32];
unsigned int i, j, len;
@@ -57345,138 +56520,134 @@ static int test_ForceZero(void)
for (j = 0; j < sizeof(data); j++) {
if (j < i || j >= i + len) {
- if (data[j] == 0x00)
- return -10200;
+ ExpectIntNE(data[j], 0x00);
+ }
+ else {
+ ExpectIntEQ(data[j], 0x00);
}
- else if (data[j] != 0x00)
- return -10201;
}
}
}
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#ifndef NO_BIO
static int test_wolfSSL_X509_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(XSNPRINTF)
- X509 *x509;
- BIO *bio;
+ X509 *x509 = NULL;
+ BIO *bio = NULL;
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR)
const X509_ALGOR *cert_sig_alg;
#endif
- x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
- AssertNotNull(x509);
+ ExpectNotNull(x509 = X509_load_certificate_file(svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
/* print to memory */
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
#if defined(WC_DISABLE_RADIX_ZERO_PAD)
/* Will print IP address subject alt name. */
- AssertIntEQ(BIO_get_mem_data(bio, NULL), 3349);
+ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3349);
#elif defined(NO_ASN_TIME)
/* Will print IP address subject alt name but not Validity. */
- AssertIntEQ(BIO_get_mem_data(bio, NULL), 3235);
+ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3235);
#else
/* Will print IP address subject alt name. */
- AssertIntEQ(BIO_get_mem_data(bio, NULL), 3350);
+ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3350);
#endif
#elif defined(NO_ASN_TIME)
/* With NO_ASN_TIME defined, X509_print skips printing Validity. */
- AssertIntEQ(BIO_get_mem_data(bio, NULL), 3213);
+ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3213);
#else
- AssertIntEQ(BIO_get_mem_data(bio, NULL), 3328);
+ ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3328);
#endif
BIO_free(bio);
+ bio = NULL;
- AssertNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
+ ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR)
/* Print signature */
- AssertNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509));
- AssertIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS);
+ ExpectNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509));
+ ExpectIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS);
#endif
/* print to stderr */
#if !defined(NO_WOLFSSL_DIR)
- AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
+ ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS);
#endif
/* print again */
- AssertIntEQ(X509_print_fp(stderr, x509), SSL_SUCCESS);
+ ExpectIntEQ(X509_print_fp(stderr, x509), SSL_SUCCESS);
X509_free(x509);
BIO_free(bio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_X509_CRL_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(HAVE_CRL)\
&& !defined(NO_FILESYSTEM) && defined(XSNPRINTF)
- X509_CRL* crl;
- BIO *bio;
- XFILE fp;
+ X509_CRL* crl = NULL;
+ BIO *bio = NULL;
+ XFILE fp = XBADFILE;
- fp = XFOPEN("./certs/crl/crl.pem", "rb");
- AssertTrue((fp != XBADFILE));
- AssertNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
- NULL, NULL));
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE);
+ ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+ NULL, NULL));
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertIntEQ(X509_CRL_print(bio, crl), SSL_SUCCESS);
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(X509_CRL_print(bio, crl), SSL_SUCCESS);
X509_CRL_free(crl);
BIO_free(bio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_BIO_get_len(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
BIO *bio = NULL;
const char txt[] = "Some example text to push to the BIO.";
- AssertIntEQ(wolfSSL_BIO_get_len(bio), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_BIO_get_len(bio), BAD_FUNC_ARG);
- AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
+ ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
- AssertIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt));
- AssertIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt));
+ ExpectIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt));
+ ExpectIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt));
BIO_free(bio);
+ bio = NULL;
- AssertNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
- AssertIntEQ(wolfSSL_BIO_get_len(bio), WOLFSSL_BAD_FILE);
+ ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
+ ExpectIntEQ(wolfSSL_BIO_get_len(bio), WOLFSSL_BAD_FILE);
BIO_free(bio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#endif /* !NO_BIO */
static int test_wolfSSL_RSA(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
defined(WOLFSSL_KEY_GEN)
- RSA* rsa;
+ RSA* rsa = NULL;
const BIGNUM *n;
const BIGNUM *e;
const BIGNUM *d;
@@ -57486,105 +56657,131 @@ static int test_wolfSSL_RSA(void)
const BIGNUM *dmq1;
const BIGNUM *iqmp;
- AssertNotNull(rsa = RSA_new());
- AssertIntEQ(RSA_size(NULL), 0);
- AssertIntEQ(RSA_size(rsa), 0);
- AssertIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 0);
- AssertIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 0);
- AssertIntEQ(RSA_set0_factors(rsa, NULL, NULL), 0);
+ ExpectNotNull(rsa = RSA_new());
+ ExpectIntEQ(RSA_size(NULL), 0);
+ ExpectIntEQ(RSA_size(rsa), 0);
+ ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 0);
+ ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 0);
+ ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 0);
#ifdef WOLFSSL_RSA_KEY_CHECK
- AssertIntEQ(RSA_check_key(rsa), 0);
+ ExpectIntEQ(RSA_check_key(rsa), 0);
#endif
RSA_free(rsa);
- AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
- AssertIntEQ(RSA_size(rsa), 256);
+ rsa = NULL;
+ ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+ ExpectIntEQ(RSA_size(rsa), 256);
#ifdef WOLFSSL_RSA_KEY_CHECK
- AssertIntEQ(RSA_check_key(NULL), 0);
- AssertIntEQ(RSA_check_key(rsa), 1);
+ ExpectIntEQ(RSA_check_key(NULL), 0);
+ ExpectIntEQ(RSA_check_key(rsa), 1);
#endif
/* sanity check */
- AssertIntEQ(RSA_bits(NULL), 0);
+ ExpectIntEQ(RSA_bits(NULL), 0);
/* key */
- AssertIntEQ(RSA_bits(rsa), 2048);
+ ExpectIntEQ(RSA_bits(rsa), 2048);
RSA_get0_key(rsa, &n, &e, &d);
- AssertPtrEq(rsa->n, n);
- AssertPtrEq(rsa->e, e);
- AssertPtrEq(rsa->d, d);
- AssertNotNull(n = BN_new());
- AssertNotNull(e = BN_new());
- AssertNotNull(d = BN_new());
- AssertIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1);
- AssertPtrEq(rsa->n, n);
- AssertPtrEq(rsa->e, e);
- AssertPtrEq(rsa->d, d);
- AssertIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 1);
- AssertIntEQ(RSA_set0_key(NULL, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 0);
+ ExpectPtrEq(rsa->n, n);
+ ExpectPtrEq(rsa->e, e);
+ ExpectPtrEq(rsa->d, d);
+ n = NULL;
+ e = NULL;
+ d = NULL;
+ ExpectNotNull(n = BN_new());
+ ExpectNotNull(e = BN_new());
+ ExpectNotNull(d = BN_new());
+ ExpectIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1);
+ if (EXPECT_FAIL()) {
+ BN_free((BIGNUM*)n);
+ BN_free((BIGNUM*)e);
+ BN_free((BIGNUM*)d);
+ }
+ ExpectPtrEq(rsa->n, n);
+ ExpectPtrEq(rsa->e, e);
+ ExpectPtrEq(rsa->d, d);
+ ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 1);
+ ExpectIntEQ(RSA_set0_key(NULL, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 0);
/* crt_params */
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
- AssertPtrEq(rsa->dmp1, dmp1);
- AssertPtrEq(rsa->dmq1, dmq1);
- AssertPtrEq(rsa->iqmp, iqmp);
- AssertNotNull(dmp1 = BN_new());
- AssertNotNull(dmq1 = BN_new());
- AssertNotNull(iqmp = BN_new());
- AssertIntEQ(RSA_set0_crt_params(rsa, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
+ ExpectPtrEq(rsa->dmp1, dmp1);
+ ExpectPtrEq(rsa->dmq1, dmq1);
+ ExpectPtrEq(rsa->iqmp, iqmp);
+ dmp1 = NULL;
+ dmq1 = NULL;
+ iqmp = NULL;
+ ExpectNotNull(dmp1 = BN_new());
+ ExpectNotNull(dmq1 = BN_new());
+ ExpectNotNull(iqmp = BN_new());
+ ExpectIntEQ(RSA_set0_crt_params(rsa, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
(BIGNUM*)iqmp), 1);
- AssertPtrEq(rsa->dmp1, dmp1);
- AssertPtrEq(rsa->dmq1, dmq1);
- AssertPtrEq(rsa->iqmp, iqmp);
- AssertIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 1);
- AssertIntEQ(RSA_set0_crt_params(NULL, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
+ if (EXPECT_FAIL()) {
+ BN_free((BIGNUM*)dmp1);
+ BN_free((BIGNUM*)dmq1);
+ BN_free((BIGNUM*)iqmp);
+ }
+ ExpectPtrEq(rsa->dmp1, dmp1);
+ ExpectPtrEq(rsa->dmq1, dmq1);
+ ExpectPtrEq(rsa->iqmp, iqmp);
+ ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 1);
+ ExpectIntEQ(RSA_set0_crt_params(NULL, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
(BIGNUM*)iqmp), 0);
RSA_get0_crt_params(NULL, NULL, NULL, NULL);
RSA_get0_crt_params(rsa, NULL, NULL, NULL);
RSA_get0_crt_params(NULL, &dmp1, &dmq1, &iqmp);
- AssertNull(dmp1);
- AssertNull(dmq1);
- AssertNull(iqmp);
+ ExpectNull(dmp1);
+ ExpectNull(dmq1);
+ ExpectNull(iqmp);
/* factors */
RSA_get0_factors(rsa, NULL, NULL);
RSA_get0_factors(rsa, &p, &q);
- AssertPtrEq(rsa->p, p);
- AssertPtrEq(rsa->q, q);
- AssertNotNull(p = BN_new());
- AssertNotNull(q = BN_new());
- AssertIntEQ(RSA_set0_factors(rsa, (BIGNUM*)p, (BIGNUM*)q), 1);
- AssertPtrEq(rsa->p, p);
- AssertPtrEq(rsa->q, q);
- AssertIntEQ(RSA_set0_factors(rsa, NULL, NULL), 1);
- AssertIntEQ(RSA_set0_factors(NULL, (BIGNUM*)p, (BIGNUM*)q), 0);
+ ExpectPtrEq(rsa->p, p);
+ ExpectPtrEq(rsa->q, q);
+ p = NULL;
+ q = NULL;
+ ExpectNotNull(p = BN_new());
+ ExpectNotNull(q = BN_new());
+ ExpectIntEQ(RSA_set0_factors(rsa, (BIGNUM*)p, (BIGNUM*)q), 1);
+ if (EXPECT_FAIL()) {
+ BN_free((BIGNUM*)p);
+ BN_free((BIGNUM*)q);
+ }
+ ExpectPtrEq(rsa->p, p);
+ ExpectPtrEq(rsa->q, q);
+ ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 1);
+ ExpectIntEQ(RSA_set0_factors(NULL, (BIGNUM*)p, (BIGNUM*)q), 0);
RSA_get0_factors(NULL, NULL, NULL);
RSA_get0_factors(NULL, &p, &q);
- AssertNull(p);
- AssertNull(q);
+ ExpectNull(p);
+ ExpectNull(q);
- AssertIntEQ(BN_hex2bn(&rsa->n, "1FFFFF"), 1);
- AssertIntEQ(RSA_bits(rsa), 21);
+ ExpectIntEQ(BN_hex2bn(&rsa->n, "1FFFFF"), 1);
+ ExpectIntEQ(RSA_bits(rsa), 21);
RSA_free(rsa);
+ rsa = NULL;
#if !defined(USE_FAST_MATH) || (FP_MAX_BITS >= (3072*2))
- AssertNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL));
- AssertIntEQ(RSA_size(rsa), 384);
- AssertIntEQ(RSA_bits(rsa), 3072);
+ ExpectNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL));
+ ExpectIntEQ(RSA_size(rsa), 384);
+ ExpectIntEQ(RSA_bits(rsa), 3072);
RSA_free(rsa);
+ rsa = NULL;
#endif
/* remove for now with odd key size until adjusting rsa key size check with
wc_MakeRsaKey()
- AssertNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL));
+ ExpectNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL));
RSA_free(rsa);
+ rsa = NULL;
*/
- AssertNull(RSA_generate_key(-1, 3, NULL, NULL));
- AssertNull(RSA_generate_key(RSA_MIN_SIZE - 1, 3, NULL, NULL));
- AssertNull(RSA_generate_key(RSA_MAX_SIZE + 1, 3, NULL, NULL));
- AssertNull(RSA_generate_key(2048, 0, NULL, NULL));
+ ExpectNull(RSA_generate_key(-1, 3, NULL, NULL));
+ ExpectNull(RSA_generate_key(RSA_MIN_SIZE - 1, 3, NULL, NULL));
+ ExpectNull(RSA_generate_key(RSA_MAX_SIZE + 1, 3, NULL, NULL));
+ ExpectNull(RSA_generate_key(2048, 0, NULL, NULL));
#if !defined(NO_FILESYSTEM) && !defined(NO_ASN)
@@ -57593,32 +56790,30 @@ static int test_wolfSSL_RSA(void)
byte der[FOURK_BUF];
const char PrivKeyPemFile[] = "certs/client-keyEnc.pem";
- XFILE f;
+ XFILE f = XBADFILE;
int bytes;
/* test loading encrypted RSA private pem w/o password */
- f = XFOPEN(PrivKeyPemFile, "rb");
- AssertTrue((f != XBADFILE));
- bytes = (int)XFREAD(buff, 1, sizeof(buff), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(PrivKeyPemFile, "rb")) != XBADFILE);
+ ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
XMEMSET(der, 0, sizeof(der));
/* test that error value is returned with no password */
- AssertIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), ""), 0);
+ ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), ""),
+ 0);
}
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_DER(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(NO_RSA) && !defined(HAVE_USER_RSA) && defined(OPENSSL_EXTRA)
-
- RSA *rsa;
+ RSA *rsa = NULL;
int i;
const unsigned char *buff = NULL;
unsigned char *newBuff = NULL;
@@ -57651,101 +56846,102 @@ static int test_wolfSSL_RSA_DER(void)
{NULL, 0}
};
- AssertNull(d2i_RSAPublicKey(&rsa, NULL, pub[0].sz));
+ ExpectNull(d2i_RSAPublicKey(&rsa, NULL, pub[0].sz));
buff = pub[0].der;
- AssertNull(d2i_RSAPublicKey(&rsa, &buff, 1));
- AssertNull(d2i_RSAPrivateKey(&rsa, NULL, tbl[0].sz));
+ ExpectNull(d2i_RSAPublicKey(&rsa, &buff, 1));
+ ExpectNull(d2i_RSAPrivateKey(&rsa, NULL, tbl[0].sz));
buff = tbl[0].der;
- AssertNull(d2i_RSAPrivateKey(&rsa, &buff, 1));
+ ExpectNull(d2i_RSAPrivateKey(&rsa, &buff, 1));
- AssertIntEQ(i2d_RSAPublicKey(NULL, NULL), BAD_FUNC_ARG);
+ ExpectIntEQ(i2d_RSAPublicKey(NULL, NULL), BAD_FUNC_ARG);
rsa = RSA_new();
- AssertIntEQ(i2d_RSAPublicKey(rsa, NULL), 0);
+ ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), 0);
RSA_free(rsa);
+ rsa = NULL;
for (i = 0; tbl[i].der != NULL; i++)
{
/* Passing in pointer results in pointer moving. */
buff = tbl[i].der;
- AssertNotNull(d2i_RSAPublicKey(&rsa, &buff, tbl[i].sz));
- AssertNotNull(rsa);
+ ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, tbl[i].sz));
+ ExpectNotNull(rsa);
RSA_free(rsa);
+ rsa = NULL;
}
for (i = 0; tbl[i].der != NULL; i++)
{
/* Passing in pointer results in pointer moving. */
buff = tbl[i].der;
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &buff, tbl[i].sz));
- AssertNotNull(rsa);
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &buff, tbl[i].sz));
+ ExpectNotNull(rsa);
RSA_free(rsa);
+ rsa = NULL;
}
for (i = 0; pub[i].der != NULL; i++)
{
buff = pub[i].der;
- AssertNotNull(d2i_RSAPublicKey(&rsa, &buff, pub[i].sz));
- AssertNotNull(rsa);
- AssertIntEQ(i2d_RSAPublicKey(rsa, NULL), pub[i].sz);
+ ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, pub[i].sz));
+ ExpectNotNull(rsa);
+ ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), pub[i].sz);
newBuff = NULL;
- AssertIntEQ(i2d_RSAPublicKey(rsa, &newBuff), pub[i].sz);
- AssertNotNull(newBuff);
- AssertIntEQ(XMEMCMP((void *)newBuff, (void *)pub[i].der, pub[i].sz), 0);
+ ExpectIntEQ(i2d_RSAPublicKey(rsa, &newBuff), pub[i].sz);
+ ExpectNotNull(newBuff);
+ ExpectIntEQ(XMEMCMP((void *)newBuff, (void *)pub[i].der, pub[i].sz), 0);
XFREE((void *)newBuff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
RSA_free(rsa);
+ rsa = NULL;
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_print(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
!defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_FAST_RSA) && !defined(NO_BIO) && defined(XFPRINTF)
- BIO *bio;
+ BIO *bio = NULL;
WOLFSSL_RSA* rsa = NULL;
- AssertNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
- AssertNotNull(rsa = RSA_new());
+ ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
+ ExpectNotNull(rsa = RSA_new());
- AssertIntEQ(RSA_print(NULL, rsa, 0), -1);
- AssertIntEQ(RSA_print_fp(XBADFILE, rsa, 0), 0);
- AssertIntEQ(RSA_print(bio, NULL, 0), -1);
- AssertIntEQ(RSA_print_fp(stderr, NULL, 0), 0);
+ ExpectIntEQ(RSA_print(NULL, rsa, 0), -1);
+ ExpectIntEQ(RSA_print_fp(XBADFILE, rsa, 0), 0);
+ ExpectIntEQ(RSA_print(bio, NULL, 0), -1);
+ ExpectIntEQ(RSA_print_fp(stderr, NULL, 0), 0);
/* Some very large number of indent spaces. */
- AssertIntEQ(RSA_print(bio, rsa, 128), -1);
+ ExpectIntEQ(RSA_print(bio, rsa, 128), -1);
/* RSA is empty. */
- AssertIntEQ(RSA_print(bio, rsa, 0), 0);
- AssertIntEQ(RSA_print_fp(stderr, rsa, 0), 0);
+ ExpectIntEQ(RSA_print(bio, rsa, 0), 0);
+ ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 0);
RSA_free(rsa);
- AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+ rsa = NULL;
+ ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
- AssertIntEQ(RSA_print(bio, rsa, 0), 1);
- AssertIntEQ(RSA_print(bio, rsa, 4), 1);
- AssertIntEQ(RSA_print(bio, rsa, -1), 1);
- AssertIntEQ(RSA_print_fp(stderr, rsa, 0), 1);
- AssertIntEQ(RSA_print_fp(stderr, rsa, 4), 1);
- AssertIntEQ(RSA_print_fp(stderr, rsa, -1), 1);
+ ExpectIntEQ(RSA_print(bio, rsa, 0), 1);
+ ExpectIntEQ(RSA_print(bio, rsa, 4), 1);
+ ExpectIntEQ(RSA_print(bio, rsa, -1), 1);
+ ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 1);
+ ExpectIntEQ(RSA_print_fp(stderr, rsa, 4), 1);
+ ExpectIntEQ(RSA_print_fp(stderr, rsa, -1), 1);
BIO_free(bio);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
-#ifndef NO_RSA
static int test_wolfSSL_RSA_padding_add_PKCS1_PSS(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
+#ifndef NO_RSA
#if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- RSA *rsa;
+ RSA *rsa = NULL;
const unsigned char *derBuf = client_key_der_2048;
unsigned char em[256] = {0}; /* len = 2048/8 */
/* Random data simulating a hash */
@@ -57755,62 +56951,60 @@ static int test_wolfSSL_RSA_padding_add_PKCS1_PSS(void)
0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28
};
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(NULL, em, mHash, EVP_sha256(),
- RSA_PSS_SALTLEN_DIGEST), 0);
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, NULL, mHash, EVP_sha256(),
- RSA_PSS_SALTLEN_DIGEST), 0);
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, NULL, EVP_sha256(),
- RSA_PSS_SALTLEN_DIGEST), 0);
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, NULL,
- RSA_PSS_SALTLEN_DIGEST), 0);
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), -5), 0);
-
- AssertIntEQ(RSA_verify_PKCS1_PSS(NULL, mHash, EVP_sha256(), em,
- RSA_PSS_SALTLEN_MAX_SIGN), 0);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, NULL, EVP_sha256(), em,
- RSA_PSS_SALTLEN_MAX_SIGN), 0);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, NULL, em,
- RSA_PSS_SALTLEN_MAX_SIGN), 0);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), NULL,
- RSA_PSS_SALTLEN_MAX_SIGN), 0);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
- RSA_PSS_SALTLEN_MAX_SIGN), 0);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, -5), 0);
-
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
- RSA_PSS_SALTLEN_DIGEST), 1);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
- RSA_PSS_SALTLEN_DIGEST), 1);
-
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
- RSA_PSS_SALTLEN_MAX_SIGN), 1);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
- RSA_PSS_SALTLEN_MAX_SIGN), 1);
-
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
- RSA_PSS_SALTLEN_MAX), 1);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
- RSA_PSS_SALTLEN_MAX), 1);
-
- AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), 10), 1);
- AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, 10), 1);
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(NULL, em, mHash, EVP_sha256(),
+ RSA_PSS_SALTLEN_DIGEST), 0);
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, NULL, mHash, EVP_sha256(),
+ RSA_PSS_SALTLEN_DIGEST), 0);
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, NULL, EVP_sha256(),
+ RSA_PSS_SALTLEN_DIGEST), 0);
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, NULL,
+ RSA_PSS_SALTLEN_DIGEST), 0);
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), -5), 0);
+
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(NULL, mHash, EVP_sha256(), em,
+ RSA_PSS_SALTLEN_MAX_SIGN), 0);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, NULL, EVP_sha256(), em,
+ RSA_PSS_SALTLEN_MAX_SIGN), 0);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, NULL, em,
+ RSA_PSS_SALTLEN_MAX_SIGN), 0);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), NULL,
+ RSA_PSS_SALTLEN_MAX_SIGN), 0);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+ RSA_PSS_SALTLEN_MAX_SIGN), 0);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, -5), 0);
+
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
+ RSA_PSS_SALTLEN_DIGEST), 1);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+ RSA_PSS_SALTLEN_DIGEST), 1);
+
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
+ RSA_PSS_SALTLEN_MAX_SIGN), 1);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+ RSA_PSS_SALTLEN_MAX_SIGN), 1);
+
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
+ RSA_PSS_SALTLEN_MAX), 1);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+ RSA_PSS_SALTLEN_MAX), 1);
+
+ ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), 10), 1);
+ ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, 10), 1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/
- return res;
-}
#endif
+ return EXPECT_RESULT();
+}
static int test_wolfSSL_RSA_sign_sha3(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
#if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG)
- RSA *rsa;
+ RSA* rsa = NULL;
const unsigned char *derBuf = client_key_der_2048;
unsigned char sigRet[256] = {0};
unsigned int sigLen = sizeof(sigRet);
@@ -57821,21 +57015,19 @@ static int test_wolfSSL_RSA_sign_sha3(void)
0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28
};
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
- AssertIntEQ(RSA_sign(NID_sha3_256, mHash, sizeof(mHash), sigRet,
- &sigLen, rsa), 1);
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
+ ExpectIntEQ(RSA_sign(NID_sha3_256, mHash, sizeof(mHash), sigRet, &sigLen,
+ rsa), 1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/
#endif /* !NO_RSA && WOLFSSL_SHA3 && !WOLFSSL_NOSHA3_256*/
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_get0_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
RSA *rsa = NULL;
const BIGNUM* n = NULL;
@@ -57860,115 +57052,118 @@ static int test_wolfSSL_RSA_get0_key(void)
RSA_get0_key(NULL, NULL, NULL, NULL);
RSA_get0_key(rsa, NULL, NULL, NULL);
RSA_get0_key(NULL, &n, &e, &d);
- AssertNull(n);
- AssertNull(e);
- AssertNull(d);
+ ExpectNull(n);
+ ExpectNull(e);
+ ExpectNull(d);
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, derSz));
- AssertNotNull(rsa);
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, derSz));
+ ExpectNotNull(rsa);
RSA_get0_key(rsa, NULL, NULL, NULL);
RSA_get0_key(rsa, &n, NULL, NULL);
- AssertNotNull(n);
+ ExpectNotNull(n);
RSA_get0_key(rsa, NULL, &e, NULL);
- AssertNotNull(e);
+ ExpectNotNull(e);
RSA_get0_key(rsa, NULL, NULL, &d);
- AssertNotNull(d);
+ ExpectNotNull(d);
RSA_get0_key(rsa, &n, &e, &d);
- AssertNotNull(n);
- AssertNotNull(e);
- AssertNotNull(d);
+ ExpectNotNull(n);
+ ExpectNotNull(e);
+ ExpectNotNull(d);
RSA_free(rsa);
}
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_meth(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
- RSA *rsa;
- RSA_METHOD *rsa_meth;
+ RSA *rsa = NULL;
+ RSA_METHOD *rsa_meth = NULL;
#ifdef WOLFSSL_KEY_GEN
- AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+ ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
RSA_free(rsa);
+ rsa = NULL;
#else
- AssertNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+ ExpectNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
#endif
- AssertNotNull(RSA_get_default_method());
+ ExpectNotNull(RSA_get_default_method());
wolfSSL_RSA_meth_free(NULL);
- AssertNull(wolfSSL_RSA_meth_new(NULL, 0));
+ ExpectNull(wolfSSL_RSA_meth_new(NULL, 0));
- AssertNotNull(rsa_meth =
- RSA_meth_new("placeholder RSA method", RSA_METHOD_FLAG_NO_CHECK));
+ ExpectNotNull(rsa_meth = RSA_meth_new("placeholder RSA method",
+ RSA_METHOD_FLAG_NO_CHECK));
#ifndef NO_WOLFSSL_STUB
- AssertIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1);
- AssertIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1);
- AssertIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1);
- AssertIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1);
- AssertIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1);
- AssertIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1);
- AssertIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1);
+ ExpectIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1);
#endif
- AssertIntEQ(RSA_flags(NULL), 0);
+ ExpectIntEQ(RSA_flags(NULL), 0);
RSA_set_flags(NULL, RSA_FLAG_CACHE_PUBLIC);
RSA_clear_flags(NULL, RSA_FLAG_CACHE_PUBLIC);
- AssertIntEQ(RSA_test_flags(NULL, RSA_FLAG_CACHE_PUBLIC), 0);
+ ExpectIntEQ(RSA_test_flags(NULL, RSA_FLAG_CACHE_PUBLIC), 0);
- AssertNotNull(rsa = RSA_new());
+ ExpectNotNull(rsa = RSA_new());
/* No method set. */
- AssertIntEQ(RSA_flags(rsa), 0);
+ ExpectIntEQ(RSA_flags(rsa), 0);
RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
- AssertIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
+ ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
- AssertIntEQ(RSA_set_method(NULL, rsa_meth), 1);
- AssertIntEQ(RSA_set_method(rsa, rsa_meth), 1);
- AssertNull(RSA_get_method(NULL));
- AssertPtrEq(RSA_get_method(rsa), rsa_meth);
- AssertIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK);
+ ExpectIntEQ(RSA_set_method(NULL, rsa_meth), 1);
+ ExpectIntEQ(RSA_set_method(rsa, rsa_meth), 1);
+ if (EXPECT_FAIL()) {
+ wolfSSL_RSA_meth_free(rsa_meth);
+ }
+ ExpectNull(RSA_get_method(NULL));
+ ExpectPtrEq(RSA_get_method(rsa), rsa_meth);
+ ExpectIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK);
RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
- AssertIntNE(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
- AssertIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC |
+ ExpectIntNE(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
+ ExpectIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC |
RSA_METHOD_FLAG_NO_CHECK);
RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
- AssertIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
- AssertIntNE(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC);
+ ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
+ ExpectIntNE(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC);
/* rsa_meth is freed here */
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_verify(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && \
!defined(NO_FILESYSTEM)
#ifndef NO_BIO
- XFILE fp;
- RSA *pKey, *pubKey;
- X509 *cert;
+ XFILE fp = XBADFILE;
+ RSA *pKey = NULL;
+ RSA *pubKey = NULL;
+ X509 *cert = NULL;
const char *text = "Hello wolfSSL !";
unsigned char hash[SHA256_DIGEST_LENGTH];
unsigned char signature[2048/8];
unsigned int signatureLength;
- byte *buf;
- BIO *bio;
+ byte *buf = NULL;
+ BIO *bio = NULL;
SHA256_CTX c;
- EVP_PKEY *evpPkey, *evpPubkey;
+ EVP_PKEY *evpPkey = NULL;
+ EVP_PKEY *evpPubkey = NULL;
size_t sz;
/* generate hash */
@@ -57981,39 +57176,41 @@ static int test_wolfSSL_RSA_verify(void)
#endif
/* read privete key file */
- fp = XFOPEN(svrKeyFile, "rb");
- AssertTrue((fp != XBADFILE));
- AssertIntEQ(XFSEEK(fp, 0, XSEEK_END), 0);
- sz = XFTELL(fp);
- AssertIntEQ(XFSEEK(fp, 0, XSEEK_SET), 0);
- AssertNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
- AssertIntEQ(XFREAD(buf, 1, sz, fp), sz);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE);
+ ExpectIntEQ(XFSEEK(fp, 0, XSEEK_END), 0);
+ ExpectTrue((sz = XFTELL(fp)) > 0);
+ ExpectIntEQ(XFSEEK(fp, 0, XSEEK_SET), 0);
+ ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
+ ExpectIntEQ(XFREAD(buf, 1, sz, fp), sz);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
/* read private key and sign hash data */
- AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
- AssertNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL));
- AssertNotNull(pKey = EVP_PKEY_get1_RSA(evpPkey));
- AssertIntEQ(RSA_sign(NID_sha256, hash, SHA256_DIGEST_LENGTH,
- signature, &signatureLength, pKey), SSL_SUCCESS);
+ ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
+ ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL));
+ ExpectNotNull(pKey = EVP_PKEY_get1_RSA(evpPkey));
+ ExpectIntEQ(RSA_sign(NID_sha256, hash, SHA256_DIGEST_LENGTH,
+ signature, &signatureLength, pKey), SSL_SUCCESS);
/* read public key and verify signed data */
- fp = XFOPEN(svrCertFile,"rb");
- AssertTrue((fp != XBADFILE));
- cert = PEM_read_X509(fp, 0, 0, 0 );
- XFCLOSE(fp);
- evpPubkey = X509_get_pubkey(cert);
- pubKey = EVP_PKEY_get1_RSA(evpPubkey);
- AssertIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
- signatureLength, pubKey), SSL_SUCCESS);
+ ExpectTrue((fp = XFOPEN(svrCertFile,"rb")) != XBADFILE);
+ ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
+ ExpectNotNull(evpPubkey = X509_get_pubkey(cert));
+ ExpectNotNull(pubKey = EVP_PKEY_get1_RSA(evpPubkey));
+ ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
+ signatureLength, pubKey), SSL_SUCCESS);
- AssertIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, NULL,
+ ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, NULL,
signatureLength, NULL), SSL_FAILURE);
- AssertIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, signature,
+ ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, signature,
signatureLength, pubKey), SSL_FAILURE);
- AssertIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, NULL,
+ ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, NULL,
signatureLength, pubKey), SSL_FAILURE);
- AssertIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
+ ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
signatureLength, NULL), SSL_FAILURE);
@@ -58024,16 +57221,14 @@ static int test_wolfSSL_RSA_verify(void)
X509_free(cert);
BIO_free(bio);
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
-
- res = TEST_RES_CHECK(1);
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_sign(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
RSA *rsa;
unsigned char hash[SHA256_DIGEST_LENGTH];
@@ -58057,43 +57252,42 @@ static int test_wolfSSL_RSA_sign(void)
der = privDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(RSA_sign(NID_rsaEncryption, NULL, 0, NULL, NULL, NULL), 0);
- AssertIntEQ(RSA_sign(NID_rsaEncryption, hash, sizeof(hash), signature,
+ /* Invalid parameters. */
+ ExpectIntEQ(RSA_sign(NID_rsaEncryption, NULL, 0, NULL, NULL, NULL), 0);
+ ExpectIntEQ(RSA_sign(NID_rsaEncryption, hash, sizeof(hash), signature,
&signatureLen, rsa), 0);
- AssertIntEQ(RSA_sign(NID_sha256, NULL, sizeof(hash), signature,
+ ExpectIntEQ(RSA_sign(NID_sha256, NULL, sizeof(hash), signature,
&signatureLen, rsa), 0);
- AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), NULL,
+ ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), NULL,
&signatureLen, rsa), 0);
- AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
NULL, rsa), 0);
- AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, NULL), 0);
- AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa), 1);
RSA_free(rsa);
der = pubDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+ ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
- AssertIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
signatureLen, rsa), 1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_sign_ex(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
- RSA *rsa;
+ RSA *rsa = NULL;
unsigned char hash[SHA256_DIGEST_LENGTH];
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
@@ -58125,63 +57319,61 @@ static int test_wolfSSL_RSA_sign_ex(void)
XMEMSET(hash, 0, sizeof(hash));
- AssertNotNull(rsa = wolfSSL_RSA_new());
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+ ExpectNotNull(rsa = wolfSSL_RSA_new());
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa, 1), 0);
wolfSSL_RSA_free(rsa);
der = privDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption,NULL, 0, NULL, NULL, NULL,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption,NULL, 0, NULL, NULL, NULL,
-1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption, hash, sizeof(hash),
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption, hash, sizeof(hash),
signature, &signatureLen, rsa, 1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
&signatureLen, rsa, 1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
&signatureLen, rsa, 1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
NULL, rsa, 1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, NULL, 1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa, -1), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
&signatureLen, rsa, 0), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
&signatureLen, rsa, 0), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
NULL, rsa, 0), 0);
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
&signatureLen, rsa, 1), 1);
/* Test returning encoded hash. */
- AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), encodedHash,
+ ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), encodedHash,
&encodedHashLen, rsa, 0), 1);
- AssertIntEQ(encodedHashLen, sizeof(expEncHash));
- AssertIntEQ(XMEMCMP(encodedHash, expEncHash, sizeof(expEncHash)), 0);
+ ExpectIntEQ(encodedHashLen, sizeof(expEncHash));
+ ExpectIntEQ(XMEMCMP(encodedHash, expEncHash, sizeof(expEncHash)), 0);
RSA_free(rsa);
der = pubDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+ ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
- AssertIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
+ ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
signatureLen, rsa), 1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_public_decrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
RSA *rsa;
unsigned char msg[SHA256_DIGEST_LENGTH];
@@ -58317,48 +57509,46 @@ static int test_wolfSSL_RSA_public_decrypt(void)
der = pubDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+ ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
- AssertIntEQ(RSA_public_decrypt(0, NULL, NULL, NULL, 0), -1);
- AssertIntEQ(RSA_public_decrypt(-1, encMsg, decMsg, rsa,
+ ExpectIntEQ(RSA_public_decrypt(0, NULL, NULL, NULL, 0), -1);
+ ExpectIntEQ(RSA_public_decrypt(-1, encMsg, decMsg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), NULL, decMsg, rsa,
+ ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), NULL, decMsg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
+ ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, NULL,
+ ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, NULL,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
+ ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
- AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
+ ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
RSA_PKCS1_PADDING), 32);
- AssertIntEQ(XMEMCMP(decMsg, msg, sizeof(msg)), 0);
+ ExpectIntEQ(XMEMCMP(decMsg, msg, sizeof(msg)), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \
defined(WC_RSA_NO_PADDING)
- AssertIntEQ(RSA_public_decrypt(sizeof(encMsgNoPad), encMsgNoPad, decMsg,
+ ExpectIntEQ(RSA_public_decrypt(sizeof(encMsgNoPad), encMsgNoPad, decMsg,
rsa, RSA_NO_PADDING), sizeof(decMsg));
/* Zeros before actual data. */
for (i = 0; i < (int)(sizeof(decMsg) - sizeof(msg)); i += sizeof(msg)) {
- AssertIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
+ ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
}
/* Check actual data. */
XMEMSET(msg, 0x01, sizeof(msg));
- AssertIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
+ ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
#endif
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_private_encrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
RSA *rsa;
unsigned char msg[SHA256_DIGEST_LENGTH];
@@ -58485,104 +57675,98 @@ static int test_wolfSSL_RSA_private_encrypt(void)
der = privDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(RSA_private_encrypt(0, NULL, NULL, NULL, 0), -1);
- AssertIntEQ(RSA_private_encrypt(0, msg, encMsg, rsa, RSA_PKCS1_PADDING),
+ ExpectIntEQ(RSA_private_encrypt(0, NULL, NULL, NULL, 0), -1);
+ ExpectIntEQ(RSA_private_encrypt(0, msg, encMsg, rsa, RSA_PKCS1_PADDING),
-1);
- AssertIntEQ(RSA_private_encrypt(sizeof(msg), NULL, encMsg, rsa,
+ ExpectIntEQ(RSA_private_encrypt(sizeof(msg), NULL, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, NULL, rsa,
+ ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, NULL,
+ ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, NULL,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
+ ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
- AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
+ ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PADDING), sizeof(encMsg));
- AssertIntEQ(XMEMCMP(encMsg, expEncMsg, sizeof(expEncMsg)), 0);
+ ExpectIntEQ(XMEMCMP(encMsg, expEncMsg, sizeof(expEncMsg)), 0);
#ifdef WC_RSA_NO_PADDING
/* Non-zero message. */
XMEMSET(msg, 0x01, sizeof(msg));
- AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
+ ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_NO_PADDING), sizeof(encMsg));
- AssertIntEQ(XMEMCMP(encMsg, expEncMsgNoPad, sizeof(expEncMsgNoPad)), 0);
+ ExpectIntEQ(XMEMCMP(encMsg, expEncMsgNoPad, sizeof(expEncMsgNoPad)), 0);
#endif
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_public_encrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
- RSA* rsa;
+ RSA* rsa = NULL;
const unsigned char msg[2048/8] = { 0 };
unsigned char encMsg[2048/8];
- AssertNotNull(rsa = RSA_new());
+ ExpectNotNull(rsa = RSA_new());
- AssertIntEQ(RSA_public_encrypt(-1, msg, encMsg, rsa,
+ ExpectIntEQ(RSA_public_encrypt(-1, msg, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_encrypt(sizeof(msg), NULL, encMsg, rsa,
+ ExpectIntEQ(RSA_public_encrypt(sizeof(msg), NULL, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, NULL, rsa,
+ ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, NULL,
+ ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, NULL,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
+ ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
/* Empty RSA key. */
- AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
+ ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
RSA_PKCS1_PADDING), -1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_private_decrypt(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
- RSA* rsa;
+ RSA* rsa = NULL;
unsigned char msg[2048/8];
const unsigned char encMsg[2048/8] = { 0 };
- AssertNotNull(rsa = RSA_new());
+ ExpectNotNull(rsa = RSA_new());
- AssertIntEQ(RSA_private_decrypt(-1, encMsg, msg, rsa,
+ ExpectIntEQ(RSA_private_decrypt(-1, encMsg, msg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), NULL, msg, rsa,
+ ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), NULL, msg, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
+ ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, NULL,
+ ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, NULL,
RSA_PKCS1_PADDING), -1);
- AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
+ ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
RSA_PKCS1_PSS_PADDING), -1);
/* Empty RSA key. */
- AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
+ ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
RSA_PKCS1_PADDING), -1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_GenAdd(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
RSA *rsa;
#ifdef USE_CERT_BUFFERS_1024
@@ -58600,36 +57784,34 @@ static int test_wolfSSL_RSA_GenAdd(void)
der = privDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(wolfSSL_RSA_GenAdd(NULL), -1);
+ ExpectIntEQ(wolfSSL_RSA_GenAdd(NULL), -1);
#ifndef RSA_LOW_MEM
- AssertIntEQ(wolfSSL_RSA_GenAdd(rsa), 1);
+ ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), 1);
#else
/* dmp1 and dmq1 are not set (allocated) when RSA_LOW_MEM. */
- AssertIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
+ ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
#endif
RSA_free(rsa);
der = pubDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+ ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
/* Need private values. */
- AssertIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
+ ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_blinding_on(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_STUB)
RSA *rsa;
- WOLFSSL_BN_CTX *bnCtx;
+ WOLFSSL_BN_CTX *bnCtx = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
@@ -58641,64 +57823,60 @@ static int test_wolfSSL_RSA_blinding_on(void)
der = privDer;
rsa = NULL;
- AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertNotNull(bnCtx = wolfSSL_BN_CTX_new());
+ ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(bnCtx = wolfSSL_BN_CTX_new());
/* Does nothing so all parameters are valid. */
- AssertIntEQ(wolfSSL_RSA_blinding_on(NULL, NULL), 1);
- AssertIntEQ(wolfSSL_RSA_blinding_on(rsa, NULL), 1);
- AssertIntEQ(wolfSSL_RSA_blinding_on(NULL, bnCtx), 1);
- AssertIntEQ(wolfSSL_RSA_blinding_on(rsa, bnCtx), 1);
+ ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, NULL), 1);
+ ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, NULL), 1);
+ ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, bnCtx), 1);
+ ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, bnCtx), 1);
wolfSSL_BN_CTX_free(bnCtx);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_ex_data(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA)
- RSA* rsa;
+ RSA* rsa = NULL;
unsigned char data[1];
- rsa = RSA_new();
+ ExpectNotNull(rsa = RSA_new());
- AssertNull(wolfSSL_RSA_get_ex_data(NULL, 0));
- AssertNull(wolfSSL_RSA_get_ex_data(rsa, 0));
+ ExpectNull(wolfSSL_RSA_get_ex_data(NULL, 0));
+ ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0));
#ifdef MAX_EX_DATA
- AssertNull(wolfSSL_RSA_get_ex_data(rsa, MAX_EX_DATA));
- AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, MAX_EX_DATA, data), 0);
+ ExpectNull(wolfSSL_RSA_get_ex_data(rsa, MAX_EX_DATA));
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, MAX_EX_DATA, data), 0);
#endif
- AssertIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, NULL), 0);
- AssertIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, data), 0);
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, NULL), 0);
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, data), 0);
#ifdef HAVE_EX_DATA
- AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 1);
- AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 1);
- AssertPtrEq(wolfSSL_RSA_get_ex_data(rsa, 0), data);
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 1);
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 1);
+ ExpectPtrEq(wolfSSL_RSA_get_ex_data(rsa, 0), data);
#else
- AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 0);
- AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 0);
- AssertNull(wolfSSL_RSA_get_ex_data(rsa, 0));
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 0);
+ ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 0);
+ ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0));
#endif
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif /* !NO_RSA && OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_RSA_LoadDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && (defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
- RSA *rsa;
+ RSA *rsa = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
@@ -58707,29 +57885,27 @@ static int test_wolfSSL_RSA_LoadDer(void)
size_t privDerSz = sizeof_client_key_der_2048;
#endif
- AssertNotNull(rsa = RSA_new());
+ ExpectNotNull(rsa = RSA_new());
- AssertIntEQ(wolfSSL_RSA_LoadDer(NULL, privDer, (int)privDerSz), -1);
- AssertIntEQ(wolfSSL_RSA_LoadDer(rsa, NULL, (int)privDerSz), -1);
- AssertIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, 0), -1);
+ ExpectIntEQ(wolfSSL_RSA_LoadDer(NULL, privDer, (int)privDerSz), -1);
+ ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, NULL, (int)privDerSz), -1);
+ ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, 0), -1);
- AssertIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, (int)privDerSz), 1);
+ ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, (int)privDerSz), 1);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif /* !NO_RSA && OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
/* Local API. */
static int test_wolfSSL_RSA_To_Der(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLFSSL_TEST_STATIC_BUILD
#if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA) && \
defined(OPENSSL_EXTRA) && !defined(NO_RSA)
- RSA* rsa;
+ RSA* rsa;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
@@ -58748,93 +57924,87 @@ static int test_wolfSSL_RSA_To_Der(void)
der = privDer;
rsa = NULL;
- AssertNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(wolfSSL_RSA_To_Der(NULL, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 2, HEAP_HINT), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(NULL, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 2, HEAP_HINT), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 0, HEAP_HINT), privDerSz);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 0, HEAP_HINT), privDerSz);
outDer = out;
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
- AssertIntEQ(XMEMCMP(out, privDer, privDerSz), 0);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
+ ExpectIntEQ(XMEMCMP(out, privDer, privDerSz), 0);
outDer = NULL;
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
- AssertNotNull(outDer);
- AssertIntEQ(XMEMCMP(outDer, privDer, privDerSz), 0);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
+ ExpectNotNull(outDer);
+ ExpectIntEQ(XMEMCMP(outDer, privDer, privDerSz), 0);
XFREE(outDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 1, HEAP_HINT), pubDerSz);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 1, HEAP_HINT), pubDerSz);
outDer = out;
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), pubDerSz);
- AssertIntEQ(XMEMCMP(out, pubDer, pubDerSz), 0);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), pubDerSz);
+ ExpectIntEQ(XMEMCMP(out, pubDer, pubDerSz), 0);
RSA_free(rsa);
- AssertNotNull(rsa = RSA_new());
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), BAD_FUNC_ARG);
+ ExpectNotNull(rsa = RSA_new());
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), BAD_FUNC_ARG);
RSA_free(rsa);
der = pubDer;
rsa = NULL;
- AssertNotNull(wolfSSL_d2i_RSAPublicKey(&rsa, &der, pubDerSz));
- AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
+ ExpectNotNull(wolfSSL_d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+ ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
/* wolfSSL_PEM_read_RSAPublicKey is a stub function. */
static int test_wolfSSL_PEM_read_RSAPublicKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
- XFILE file;
+ XFILE file = XBADFILE;
const char* fname = "./certs/server-keyPub.pem";
- RSA *rsa;
+ RSA *rsa = NULL;
- AssertNull(wolfSSL_PEM_read_RSAPublicKey(XBADFILE, NULL, NULL, NULL));
+ ExpectNull(wolfSSL_PEM_read_RSAPublicKey(XBADFILE, NULL, NULL, NULL));
- file = XFOPEN(fname, "rb");
- AssertTrue((file != XBADFILE));
- AssertNotNull((rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL)));
- AssertIntEQ(RSA_size(rsa), 256);
+ ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
+ ExpectNotNull(rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL));
+ ExpectIntEQ(RSA_size(rsa), 256);
RSA_free(rsa);
- XFCLOSE(file);
-
- res = TEST_RES_CHECK(1);
+ if (file != XBADFILE)
+ XFCLOSE(file);
#endif
- return res;
+ return EXPECT_RESULT();
}
/* wolfSSL_PEM_read_RSAPublicKey is a stub function. */
static int test_wolfSSL_PEM_write_RSA_PUBKEY(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA)
RSA* rsa = NULL;
- AssertIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(XBADFILE, NULL), 0);
- AssertIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, NULL), 0);
+ ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(XBADFILE, NULL), 0);
+ ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, NULL), 0);
/* Valid but stub so returns 0. */
- AssertIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, rsa), 0);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, rsa), 0);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_RSAPrivateKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_USER_RSA) && (defined(WOLFSSL_PEM_TO_DER) || \
defined(WOLFSSL_DER_TO_PEM)) && !defined(NO_FILESYSTEM)
- RSA* rsa;
+ RSA* rsa = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
@@ -58847,42 +58017,40 @@ static int test_wolfSSL_PEM_write_RSAPrivateKey(void)
unsigned char passwd[] = "password";
#endif
- AssertNotNull(rsa = RSA_new());
- AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
+ ExpectNotNull(rsa = RSA_new());
+ ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
NULL, NULL), 0);
RSA_free(rsa);
der = privDer;
rsa = NULL;
- AssertNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0,
+ ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0,
NULL, NULL), 0);
- AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0,
+ ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0,
NULL, NULL), 0);
- AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
+ ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
NULL, NULL), 1);
#ifndef NO_AES
- AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
+ ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
NULL, 0, NULL, NULL), 1);
- AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
+ ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
passwd, sizeof(passwd) - 1, NULL, NULL), 1);
#endif
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_mem_RSAPrivateKey(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_USER_RSA) && (defined(WOLFSSL_PEM_TO_DER) || \
defined(WOLFSSL_DER_TO_PEM))
- RSA* rsa;
+ RSA* rsa = NULL;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* privDer = client_key_der_1024;
size_t privDerSz = sizeof_client_key_der_1024;
@@ -58894,54 +58062,54 @@ static int test_wolfSSL_PEM_write_mem_RSAPrivateKey(void)
#ifndef NO_AES
unsigned char passwd[] = "password";
#endif
- unsigned char* pem;
+ unsigned char* pem = NULL;
int plen;
- AssertNotNull(rsa = RSA_new());
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
+ ExpectNotNull(rsa = RSA_new());
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
&plen), 0);
RSA_free(rsa);
der = privDer;
rsa = NULL;
- AssertNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+ ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(NULL, NULL, NULL, 0, &pem,
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(NULL, NULL, NULL, 0, &pem,
&plen), 0);
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, NULL,
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, NULL,
&plen), 0);
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
NULL), 0);
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
&plen), 1);
XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
+ pem = NULL;
#ifndef NO_AES
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
NULL, 0, &pem, &plen), 1);
XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
- AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
+ pem = NULL;
+ ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
passwd, sizeof(passwd) - 1, &pem, &plen), 1);
XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
#endif
RSA_free(rsa);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
DH *dh = NULL;
BIGNUM* p;
BIGNUM* q;
BIGNUM* g;
- BIGNUM* pub;
- BIGNUM* priv;
+ BIGNUM* pub = NULL;
+ BIGNUM* priv = NULL;
#if defined(OPENSSL_ALL)
#if !defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
@@ -58953,70 +58121,97 @@ static int test_wolfSSL_DH(void)
dh = NULL;
XMEMSET(buf, 0, sizeof(buf));
/* Test 2048 bit parameters */
- f = XFOPEN("./certs/dh2048.der", "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
- AssertNotNull(dh = d2i_DHparams(NULL, &pt, len));
- AssertNotNull(dh->p);
- AssertNotNull(dh->g);
- AssertTrue(pt == buf);
- AssertIntEQ(DH_generate_key(dh), 1);
- AssertIntEQ(DH_generate_key(dh), 1);
- AssertIntEQ(DH_compute_key(NULL, NULL, NULL), -1);
- AssertNotNull(pub = BN_new());
- AssertIntEQ(BN_set_word(pub, 1), 1);
- AssertIntEQ(DH_compute_key(buf, NULL, NULL), -1);
- AssertIntEQ(DH_compute_key(NULL, pub, NULL), -1);
- AssertIntEQ(DH_compute_key(NULL, NULL, dh), -1);
- AssertIntEQ(DH_compute_key(buf, pub, NULL), -1);
- AssertIntEQ(DH_compute_key(buf, NULL, dh), -1);
- AssertIntEQ(DH_compute_key(NULL, pub, dh), -1);
- AssertIntEQ(DH_compute_key(buf, pub, dh), -1);
+ ExpectNotNull(dh = d2i_DHparams(NULL, &pt, len));
+ ExpectNotNull(dh->p);
+ ExpectNotNull(dh->g);
+ ExpectTrue(pt == buf);
+ ExpectIntEQ(DH_generate_key(dh), 1);
+ ExpectIntEQ(DH_generate_key(dh), 1);
+ ExpectIntEQ(DH_compute_key(NULL, NULL, NULL), -1);
+ ExpectNotNull(pub = BN_new());
+ ExpectIntEQ(BN_set_word(pub, 1), 1);
+ ExpectIntEQ(DH_compute_key(buf, NULL, NULL), -1);
+ ExpectIntEQ(DH_compute_key(NULL, pub, NULL), -1);
+ ExpectIntEQ(DH_compute_key(NULL, NULL, dh), -1);
+ ExpectIntEQ(DH_compute_key(buf, pub, NULL), -1);
+ ExpectIntEQ(DH_compute_key(buf, NULL, dh), -1);
+ ExpectIntEQ(DH_compute_key(NULL, pub, dh), -1);
+ ExpectIntEQ(DH_compute_key(buf, pub, dh), -1);
BN_free(pub);
+ pub = NULL;
DH_get0_pqg(dh, (const BIGNUM**)&p,
(const BIGNUM**)&q,
(const BIGNUM**)&g);
- AssertPtrEq(p, dh->p);
- AssertPtrEq(q, dh->q);
- AssertPtrEq(g, dh->g);
+ ExpectPtrEq(p, dh->p);
+ ExpectPtrEq(q, dh->q);
+ ExpectPtrEq(g, dh->g);
DH_get0_key(NULL, (const BIGNUM**)&pub, (const BIGNUM**)&priv);
DH_get0_key(dh, (const BIGNUM**)&pub, (const BIGNUM**)&priv);
- AssertPtrEq(pub, dh->pub_key);
- AssertPtrEq(priv, dh->priv_key);
+ ExpectPtrEq(pub, dh->pub_key);
+ ExpectPtrEq(priv, dh->priv_key);
DH_get0_key(dh, (const BIGNUM**)&pub, NULL);
- AssertPtrEq(pub, dh->pub_key);
+ ExpectPtrEq(pub, dh->pub_key);
DH_get0_key(dh, NULL, (const BIGNUM**)&priv);
- AssertPtrEq(priv, dh->priv_key);
- AssertNotNull(pub = BN_new());
- AssertNotNull(priv = BN_new());
- AssertIntEQ(DH_set0_key(NULL, pub, priv), 0);
- AssertIntEQ(DH_set0_key(dh, pub, priv), 1);
- AssertNotNull(pub = BN_new());
- AssertIntEQ(DH_set0_key(dh, pub, NULL), 1);
- AssertNotNull(priv = BN_new());
- AssertIntEQ(DH_set0_key(dh, NULL, priv), 1);
- AssertPtrEq(pub, dh->pub_key);
- AssertPtrEq(priv, dh->priv_key);
+ ExpectPtrEq(priv, dh->priv_key);
+ pub = NULL;
+ priv = NULL;
+ ExpectNotNull(pub = BN_new());
+ ExpectNotNull(priv = BN_new());
+ ExpectIntEQ(DH_set0_key(NULL, pub, priv), 0);
+ ExpectIntEQ(DH_set0_key(dh, pub, priv), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(pub);
+ BN_free(priv);
+ }
+ pub = NULL;
+ priv = NULL;
+ ExpectNotNull(pub = BN_new());
+ ExpectIntEQ(DH_set0_key(dh, pub, NULL), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(pub);
+ }
+ ExpectNotNull(priv = BN_new());
+ ExpectIntEQ(DH_set0_key(dh, NULL, priv), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(priv);
+ }
+ ExpectPtrEq(pub, dh->pub_key);
+ ExpectPtrEq(priv, dh->priv_key);
+ pub = NULL;
+ priv = NULL;
DH_free(dh);
+ dh = NULL;
- AssertNotNull(dh = DH_new());
- AssertNotNull(p = BN_new());
- AssertIntEQ(BN_set_word(p, 1), 1);
- AssertIntEQ(DH_compute_key(buf, p, dh), -1);
- AssertNotNull(pub = BN_new());
- AssertNotNull(priv = BN_new());
- AssertIntEQ(DH_set0_key(dh, pub, priv), 1);
- AssertIntEQ(DH_compute_key(buf, p, dh), -1);
+ ExpectNotNull(dh = DH_new());
+ p = NULL;
+ ExpectNotNull(p = BN_new());
+ ExpectIntEQ(BN_set_word(p, 1), 1);
+ ExpectIntEQ(DH_compute_key(buf, p, dh), -1);
+ ExpectNotNull(pub = BN_new());
+ ExpectNotNull(priv = BN_new());
+ ExpectIntEQ(DH_set0_key(dh, pub, priv), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(pub);
+ BN_free(priv);
+ }
+ pub = NULL;
+ priv = NULL;
+ ExpectIntEQ(DH_compute_key(buf, p, dh), -1);
BN_free(p);
+ p = NULL;
DH_free(dh);
+ dh = NULL;
#ifdef WOLFSSL_KEY_GEN
- AssertNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
- AssertIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0);
+ ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
+ ExpectIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0);
DH_free(dh);
#endif
#endif /* !HAVE_FIPS || (HAVE_FIPS_VERSION && HAVE_FIPS_VERSION > 2) */
@@ -59029,8 +58224,7 @@ static int test_wolfSSL_DH(void)
(void)pub;
(void)priv;
- dh = wolfSSL_DH_new();
- AssertNotNull(dh);
+ ExpectNotNull(dh = wolfSSL_DH_new());
/* invalid parameters test */
DH_get0_pqg(NULL, (const BIGNUM**)&p,
@@ -59044,183 +58238,221 @@ static int test_wolfSSL_DH(void)
DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g);
DH_get0_pqg(dh, NULL, NULL, NULL);
- AssertTrue(1);
DH_get0_pqg(dh, (const BIGNUM**)&p,
(const BIGNUM**)&q,
(const BIGNUM**)&g);
- AssertPtrEq(p, NULL);
- AssertPtrEq(q, NULL);
- AssertPtrEq(g, NULL);
+ ExpectPtrEq(p, NULL);
+ ExpectPtrEq(q, NULL);
+ ExpectPtrEq(g, NULL);
DH_free(dh);
+ dh = NULL;
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS) && !defined(WOLFSSL_DH_EXTRA)) \
|| (defined(HAVE_FIPS_VERSION) && FIPS_VERSION_GT(2,0))
#if defined(OPENSSL_ALL) || \
defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
dh = wolfSSL_DH_new();
- AssertNotNull(dh);
+ ExpectNotNull(dh);
p = wolfSSL_BN_new();
- AssertNotNull(p);
- AssertIntEQ(BN_set_word(p, 11), 1);
+ ExpectNotNull(p);
+ ExpectIntEQ(BN_set_word(p, 11), 1);
g = wolfSSL_BN_new();
- AssertNotNull(g);
- AssertIntEQ(BN_set_word(g, 2), 1);
+ ExpectNotNull(g);
+ ExpectIntEQ(BN_set_word(g, 2), 1);
q = wolfSSL_BN_new();
- AssertNotNull(q);
- AssertIntEQ(BN_set_word(q, 5), 1);
- AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, p, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, q, NULL), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, g), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, p, q, g), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, g), 0);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, NULL), 0);
+ ExpectNotNull(q);
+ ExpectIntEQ(BN_set_word(q, 5), 1);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, q, NULL), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, g), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, q, g), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, g), 0);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, NULL), 0);
/* Don't need q. */
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(p);
+ BN_free(g);
+ }
+ p = NULL;
+ g = NULL;
/* Setting again will free the p and g. */
wolfSSL_BN_free(q);
+ q = NULL;
DH_free(dh);
+ dh = NULL;
dh = wolfSSL_DH_new();
- AssertNotNull(dh);
+ ExpectNotNull(dh);
p = wolfSSL_BN_new();
- AssertNotNull(p);
- AssertIntEQ(BN_set_word(p, 11), 1);
+ ExpectNotNull(p);
+ ExpectIntEQ(BN_set_word(p, 11), 1);
g = wolfSSL_BN_new();
- AssertNotNull(g);
- AssertIntEQ(BN_set_word(g, 2), 1);
+ ExpectNotNull(g);
+ ExpectIntEQ(BN_set_word(g, 2), 1);
q = wolfSSL_BN_new();
- AssertNotNull(q);
- AssertIntEQ(BN_set_word(q, 5), 1);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, g), 1);
+ ExpectNotNull(q);
+ ExpectIntEQ(BN_set_word(q, 5), 1);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, g), 1);
/* p, q and g are now owned by dh - don't free. */
+ if (EXPECT_FAIL()) {
+ BN_free(p);
+ BN_free(q);
+ BN_free(g);
+ }
+ p = NULL;
+ q = NULL;
+ g = NULL;
p = wolfSSL_BN_new();
- AssertNotNull(p);
- AssertIntEQ(BN_set_word(p, 11), 1);
+ ExpectNotNull(p);
+ ExpectIntEQ(BN_set_word(p, 11), 1);
g = wolfSSL_BN_new();
- AssertNotNull(g);
- AssertIntEQ(BN_set_word(g, 2), 1);
+ ExpectNotNull(g);
+ ExpectIntEQ(BN_set_word(g, 2), 1);
q = wolfSSL_BN_new();
- AssertNotNull(q);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, NULL), 1);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, NULL), 1);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, g), 1);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 1);
+ ExpectNotNull(q);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, NULL), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(p);
+ }
+ p = NULL;
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, NULL), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(q);
+ }
+ q = NULL;
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, g), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(g);
+ }
+ g = NULL;
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 1);
/* p, q and g are now owned by dh - don't free. */
DH_free(dh);
+ dh = NULL;
- AssertIntEQ(DH_generate_key(NULL), 0);
- AssertNotNull(dh = DH_new());
- AssertIntEQ(DH_generate_key(dh), 0);
+ ExpectIntEQ(DH_generate_key(NULL), 0);
+ ExpectNotNull(dh = DH_new());
+ ExpectIntEQ(DH_generate_key(dh), 0);
p = wolfSSL_BN_new();
- AssertNotNull(p);
- AssertIntEQ(BN_set_word(p, 0), 1);
+ ExpectNotNull(p);
+ ExpectIntEQ(BN_set_word(p, 0), 1);
g = wolfSSL_BN_new();
- AssertNotNull(g);
- AssertIntEQ(BN_set_word(g, 2), 1);
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
- AssertIntEQ(DH_generate_key(dh), 0);
+ ExpectNotNull(g);
+ ExpectIntEQ(BN_set_word(g, 2), 1);
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+ if (EXPECT_FAIL()) {
+ BN_free(p);
+ BN_free(g);
+ }
+ p = NULL;
+ g = NULL;
+ ExpectIntEQ(DH_generate_key(dh), 0);
DH_free(dh);
+ dh = NULL;
#endif
#endif
/* Test DH_up_ref() */
dh = wolfSSL_DH_new();
- AssertNotNull(dh);
- AssertIntEQ(wolfSSL_DH_up_ref(NULL), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS);
+ ExpectNotNull(dh);
+ ExpectIntEQ(wolfSSL_DH_up_ref(NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS);
DH_free(dh); /* decrease ref count */
DH_free(dh); /* free WOLFSSL_DH */
+ q = NULL;
- AssertNull((dh = DH_new_by_nid(NID_sha1)));
+ ExpectNull((dh = DH_new_by_nid(NID_sha1)));
#if (defined(HAVE_PUBLIC_FFDHE) || (defined(HAVE_FIPS) && \
FIPS_VERSION_EQ(2,0))) || (!defined(HAVE_PUBLIC_FFDHE) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)))
#ifdef HAVE_FFDHE_2048
- AssertNotNull((dh = DH_new_by_nid(NID_ffdhe2048)));
+ ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe2048)));
DH_free(dh);
+ q = NULL;
#endif
#ifdef HAVE_FFDHE_3072
- AssertNotNull((dh = DH_new_by_nid(NID_ffdhe3072)));
+ ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe3072)));
DH_free(dh);
+ q = NULL;
#endif
#ifdef HAVE_FFDHE_4096
- AssertNotNull((dh = DH_new_by_nid(NID_ffdhe4096)));
+ ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe4096)));
DH_free(dh);
+ q = NULL;
#endif
#else
- AssertNull((dh = DH_new_by_nid(NID_ffdhe2048)));
+ ExpectNull((dh = DH_new_by_nid(NID_ffdhe2048)));
#endif /* (HAVE_PUBLIC_FFDHE || (HAVE_FIPS && HAVE_FIPS_VERSION == 2)) ||
* (!HAVE_PUBLIC_FFDHE && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2))*/
- AssertIntEQ(wolfSSL_DH_size(NULL), -1);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(wolfSSL_DH_size(NULL), -1);
#endif /* OPENSSL_EXTRA && !NO_DH */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH_dup(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
defined(OPENSSL_EXTRA)
- DH *dh;
- DH *dhDup;
- WOLFSSL_BIGNUM* p;
- WOLFSSL_BIGNUM* g;
-
- AssertNotNull(p = wolfSSL_BN_new());
- AssertNotNull(g = wolfSSL_BN_new());
- AssertIntEQ(wolfSSL_BN_set_word(p, 11), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_BN_set_word(g, 2), WOLFSSL_SUCCESS);
+ DH *dh = NULL;
+ DH *dhDup = NULL;
- dhDup = wolfSSL_DH_dup(NULL);
- AssertNull(dhDup);
+ ExpectNotNull(dh = wolfSSL_DH_new());
- dh = wolfSSL_DH_new();
- AssertNotNull(dh);
+ ExpectNull(dhDup = wolfSSL_DH_dup(NULL));
+ ExpectNull(dhDup = wolfSSL_DH_dup(dh));
- dhDup = wolfSSL_DH_dup(dh);
- AssertNull(dhDup);
#if defined(OPENSSL_ALL) || \
defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
- AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
- dhDup = wolfSSL_DH_dup(dh);
- AssertNotNull(dhDup);
- wolfSSL_DH_free(dhDup);
-#else
- wolfSSL_BN_free(p);
- wolfSSL_BN_free(g);
+ {
+ WOLFSSL_BIGNUM* p = NULL;
+ WOLFSSL_BIGNUM* g = NULL;
+
+ ExpectNotNull(p = wolfSSL_BN_new());
+ ExpectNotNull(g = wolfSSL_BN_new());
+ ExpectIntEQ(wolfSSL_BN_set_word(p, 11), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_BN_set_word(g, 2), WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+ if (EXPECT_FAIL()) {
+ wolfSSL_BN_free(p);
+ wolfSSL_BN_free(g);
+ }
+
+ ExpectNotNull(dhDup = wolfSSL_DH_dup(dh));
+ wolfSSL_DH_free(dhDup);
+ }
#endif
wolfSSL_DH_free(dh);
- res = TEST_RES_CHECK(1);
#endif
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH_check(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_ALL
#ifndef NO_DH
#ifndef NO_BIO
#ifndef NO_DSA
byte buf[6000];
char file[] = "./certs/dsaparams.pem";
- XFILE f;
+ XFILE f = XBADFILE;
int bytes;
- BIO* bio;
- DSA* dsa;
+ BIO* bio = NULL;
+ DSA* dsa = NULL;
#elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)
static const byte dh2048[] = {
0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01,
@@ -59261,37 +58493,34 @@ static int test_wolfSSL_DH_check(void)
const byte* params;
#endif
DH* dh = NULL;
- WOLFSSL_BIGNUM* p;
- WOLFSSL_BIGNUM* g;
+ WOLFSSL_BIGNUM* p = NULL;
+ WOLFSSL_BIGNUM* g = NULL;
WOLFSSL_BIGNUM* pTmp = NULL;
WOLFSSL_BIGNUM* gTmp = NULL;
int codes = -1;
#ifndef NO_DSA
/* Initialize DH */
- f = XFOPEN(file, "rb");
- AssertTrue((f != XBADFILE));
- bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
+ ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+ if (f != XBADFILE)
+ XFCLOSE(f);
- bio = BIO_new_mem_buf((void*)buf, bytes);
- AssertNotNull(bio);
+ ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
- dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL);
- AssertNotNull(dsa);
+ ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL));
- dh = wolfSSL_DSA_dup_DH(dsa);
- AssertNotNull(dh);
+ ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa));
+ ExpectNotNull(dh);
BIO_free(bio);
DSA_free(dsa);
#elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)
params = dh2048;
- dh = wolfSSL_d2i_DHparams(NULL, &params, (long)sizeof(dh2048));
- AssertNotNull(dh);
+ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &params,
+ (long)sizeof(dh2048)));
#else
- dh = wolfSSL_DH_new_by_nid(NID_ffdhe2048);
- AssertNotNull(dh);
+ ExpectNotNull(dh = wolfSSL_DH_new_by_nid(NID_ffdhe2048));
#endif
/* Test assumed to be valid dh.
@@ -59299,131 +58528,147 @@ static int test_wolfSSL_DH_check(void)
* codes should be 0
* Invalid codes = {DH_NOT_SUITABLE_GENERATOR, DH_CHECK_P_NOT_PRIME}
*/
- AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
- AssertIntEQ(codes, 0);
+ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+ ExpectIntEQ(codes, 0);
/* Test NULL dh: expected BAD_FUNC_ARG */
- AssertIntEQ(wolfSSL_DH_check(NULL, &codes), 0);
+ ExpectIntEQ(wolfSSL_DH_check(NULL, &codes), 0);
/* Break dh prime to test if codes = DH_CHECK_P_NOT_PRIME */
- pTmp = dh->p;
- dh->p = NULL;
- AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
- AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
- AssertIntEQ(codes, DH_CHECK_P_NOT_PRIME);
- /* set dh->p back to normal so it wont fail on next tests */
- dh->p = pTmp;
- pTmp = NULL;
+ if (dh != NULL) {
+ pTmp = dh->p;
+ dh->p = NULL;
+ }
+ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+ ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+ ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME);
+ /* set dh->p back to normal so it won't fail on next tests */
+ if (dh != NULL) {
+ dh->p = pTmp;
+ pTmp = NULL;
+ }
/* Break dh generator to test if codes = DH_NOT_SUITABLE_GENERATOR */
- gTmp = dh->g;
- dh->g = NULL;
- AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
- AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
- AssertIntEQ(codes, DH_NOT_SUITABLE_GENERATOR);
- dh->g = gTmp;
- gTmp = NULL;
+ if (dh != NULL) {
+ gTmp = dh->g;
+ dh->g = NULL;
+ }
+ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+ ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+ ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR);
+ if (dh != NULL) {
+ dh->g = gTmp;
+ gTmp = NULL;
+ }
/* Cleanup */
DH_free(dh);
+ dh = NULL;
dh = DH_new();
- AssertNotNull(dh);
+ ExpectNotNull(dh);
/* Check empty DH. */
- AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
- AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
- AssertIntEQ(codes, DH_NOT_SUITABLE_GENERATOR | DH_CHECK_P_NOT_PRIME);
+ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+ ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+ ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR | DH_CHECK_P_NOT_PRIME);
/* Check non-prime valued p. */
- AssertNotNull(p = BN_new());
- AssertIntEQ(BN_set_word(p, 4), 1);
- AssertNotNull(g = BN_new());
- AssertIntEQ(BN_set_word(g, 2), 1);
- AssertIntEQ(DH_set0_pqg(dh, p, NULL, g), 1);
- AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
- AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
- AssertIntEQ(codes, DH_CHECK_P_NOT_PRIME);
+ ExpectNotNull(p = BN_new());
+ ExpectIntEQ(BN_set_word(p, 4), 1);
+ ExpectNotNull(g = BN_new());
+ ExpectIntEQ(BN_set_word(g, 2), 1);
+ ExpectIntEQ(DH_set0_pqg(dh, p, NULL, g), 1);
+ if (EXPECT_FAIL()) {
+ wolfSSL_BN_free(p);
+ wolfSSL_BN_free(g);
+ }
+ ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+ ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+ ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME);
DH_free(dh);
-
- res = TEST_RES_CHECK(1);
#endif
#endif /* !NO_DH && !NO_DSA */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH_prime(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
- WOLFSSL_BIGNUM* bn;
+ WOLFSSL_BIGNUM* bn = NULL;
#if WOLFSSL_MAX_BN_BITS >= 768
- WOLFSSL_BIGNUM* bn2;
+ WOLFSSL_BIGNUM* bn2 = NULL;
#endif
bn = wolfSSL_DH_768_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 768
- AssertNotNull(bn);
+ ExpectNotNull(bn);
bn2 = wolfSSL_DH_768_prime(bn);
- AssertNotNull(bn2);
- AssertTrue(bn == bn2);
+ ExpectNotNull(bn2);
+ ExpectTrue(bn == bn2);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
bn = wolfSSL_DH_1024_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 1024
- AssertNotNull(bn);
+ ExpectNotNull(bn);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
bn = wolfSSL_DH_2048_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 2048
- AssertNotNull(bn);
+ ExpectNotNull(bn);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
bn = wolfSSL_DH_3072_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 3072
- AssertNotNull(bn);
+ ExpectNotNull(bn);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
bn = wolfSSL_DH_4096_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 4096
- AssertNotNull(bn);
+ ExpectNotNull(bn);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
bn = wolfSSL_DH_6144_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 6144
- AssertNotNull(bn);
+ ExpectNotNull(bn);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
bn = wolfSSL_DH_8192_prime(NULL);
#if WOLFSSL_MAX_BN_BITS >= 8192
- AssertNotNull(bn);
+ ExpectNotNull(bn);
wolfSSL_BN_free(bn);
+ bn = NULL;
#else
- AssertNull(bn);
+ ExpectNull(bn);
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH_1536_prime(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
- BIGNUM* bn;
+ BIGNUM* bn = NULL;
unsigned char bits[200];
int sz = 192; /* known binary size */
const byte expected[] = {
@@ -59453,22 +58698,20 @@ static int test_wolfSSL_DH_1536_prime(void)
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
};
- bn = get_rfc3526_prime_1536(NULL);
- AssertNotNull(bn);
- AssertIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
- AssertIntEQ(0, XMEMCMP(expected, bits, sz));
+ ExpectNotNull(bn = get_rfc3526_prime_1536(NULL));
+ ExpectIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
+ ExpectIntEQ(0, XMEMCMP(expected, bits, sz));
BN_free(bn);
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH_get_2048_256(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH)
- WOLFSSL_DH* dh;
+ WOLFSSL_DH* dh = NULL;
const WOLFSSL_BIGNUM* pBn;
const WOLFSSL_BIGNUM* gBn;
const WOLFSSL_BIGNUM* qBn;
@@ -59528,51 +58771,52 @@ static int test_wolfSSL_DH_get_2048_256(void)
int pSz;
int qSz;
int gSz;
- byte* pReturned;
- byte* qReturned;
- byte* gReturned;
+ byte* pReturned = NULL;
+ byte* qReturned = NULL;
+ byte* gReturned = NULL;
- AssertNotNull((dh = wolfSSL_DH_get_2048_256()));
+ ExpectNotNull((dh = wolfSSL_DH_get_2048_256()));
wolfSSL_DH_get0_pqg(dh, &pBn, &qBn, &gBn);
- AssertIntGT((pSz = wolfSSL_BN_num_bytes(pBn)), 0);
- AssertNotNull(pReturned = (byte*)XMALLOC(pSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntGT((pSz = wolfSSL_BN_bn2bin(pBn, pReturned)), 0);
- AssertIntEQ(pSz, sizeof(pExpected));
- AssertIntEQ(XMEMCMP(pExpected, pReturned, pSz), 0);
+ ExpectIntGT((pSz = wolfSSL_BN_num_bytes(pBn)), 0);
+ ExpectNotNull(pReturned = (byte*)XMALLOC(pSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntGT((pSz = wolfSSL_BN_bn2bin(pBn, pReturned)), 0);
+ ExpectIntEQ(pSz, sizeof(pExpected));
+ ExpectIntEQ(XMEMCMP(pExpected, pReturned, pSz), 0);
- AssertIntGT((qSz = wolfSSL_BN_num_bytes(qBn)), 0);
- AssertNotNull(qReturned = (byte*)XMALLOC(qSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntGT((qSz = wolfSSL_BN_bn2bin(qBn, qReturned)), 0);
- AssertIntEQ(qSz, sizeof(qExpected));
- AssertIntEQ(XMEMCMP(qExpected, qReturned, qSz), 0);
+ ExpectIntGT((qSz = wolfSSL_BN_num_bytes(qBn)), 0);
+ ExpectNotNull(qReturned = (byte*)XMALLOC(qSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntGT((qSz = wolfSSL_BN_bn2bin(qBn, qReturned)), 0);
+ ExpectIntEQ(qSz, sizeof(qExpected));
+ ExpectIntEQ(XMEMCMP(qExpected, qReturned, qSz), 0);
- AssertIntGT((gSz = wolfSSL_BN_num_bytes(gBn)), 0);
- AssertNotNull(gReturned = (byte*)XMALLOC(gSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntGT((gSz = wolfSSL_BN_bn2bin(gBn, gReturned)), 0);
- AssertIntEQ(gSz, sizeof(gExpected));
- AssertIntEQ(XMEMCMP(gExpected, gReturned, gSz), 0);
+ ExpectIntGT((gSz = wolfSSL_BN_num_bytes(gBn)), 0);
+ ExpectNotNull(gReturned = (byte*)XMALLOC(gSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER));
+ ExpectIntGT((gSz = wolfSSL_BN_bn2bin(gBn, gReturned)), 0);
+ ExpectIntEQ(gSz, sizeof(gExpected));
+ ExpectIntEQ(XMEMCMP(gExpected, gReturned, gSz), 0);
wolfSSL_DH_free(dh);
XFREE(pReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(gReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(qReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_write_DHparams(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO) && \
!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
- DH* dh;
- BIO* bio;
- XFILE fp;
+ DH* dh = NULL;
+ BIO* bio = NULL;
+ XFILE fp = XBADFILE;
byte pem[2048];
- int pemSz;
+ int pemSz = 0;
const char expected[] =
"-----BEGIN DH PARAMETERS-----\n"
"MIIBCAKCAQEAsKEIBpwIE7pZBjy8MNX1AMFPRKfW70rGJScc6NKWUwpckd2iwpSE\n"
@@ -59590,60 +58834,70 @@ static int test_wolfSSL_PEM_write_DHparams(void)
"MAA=\n"
"-----END DH PARAMETERS-----\n";
- AssertNotNull(fp = XFOPEN(dhParamFile, "rb"));
- AssertIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
- XFCLOSE(fp);
+ ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE);
+ ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
- AssertNull(PEM_read_bio_DHparams(NULL, NULL, NULL, NULL));
+ ExpectNull(PEM_read_bio_DHparams(NULL, NULL, NULL, NULL));
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
- AssertIntEQ(BIO_write(bio, badPem, (int)sizeof(badPem)),
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+ ExpectIntEQ(BIO_write(bio, badPem, (int)sizeof(badPem)),
(int)sizeof(badPem));
- AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+ ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
BIO_free(bio);
+ bio = NULL;
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
- AssertIntEQ(BIO_write(bio, emptySeqPem, (int)sizeof(emptySeqPem)),
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+ ExpectIntEQ(BIO_write(bio, emptySeqPem, (int)sizeof(emptySeqPem)),
(int)sizeof(emptySeqPem));
- AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+ ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
BIO_free(bio);
+ bio = NULL;
- AssertNotNull(bio = BIO_new(BIO_s_mem()));
- AssertIntEQ(BIO_write(bio, pem, pemSz), pemSz);
- AssertNotNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+ ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+ ExpectIntEQ(BIO_write(bio, pem, pemSz), pemSz);
+ ExpectNotNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
BIO_free(bio);
+ bio = NULL;
- AssertNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb"));
- AssertIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS);
- AssertIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE);
+ ExpectNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb"));
+ ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS);
+ ExpectIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE);
DH_free(dh);
+ dh = NULL;
dh = wolfSSL_DH_new();
- AssertIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE);
- XFCLOSE(fp);
+ ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE);
+ if (fp != XBADFILE) {
+ XFCLOSE(fp);
+ fp = XBADFILE;
+ }
wolfSSL_DH_free(dh);
+ dh = NULL;
/* check results */
XMEMSET(pem, 0, sizeof(pem));
- AssertNotNull(fp = XFOPEN("./test-write-dhparams.pem", "rb"));
- AssertIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
- AssertIntEQ(XMEMCMP(pem, expected, pemSz), 0);
- XFCLOSE(fp);
-
- res = TEST_RES_CHECK(1);
+ ExpectTrue((fp = XFOPEN("./test-write-dhparams.pem", "rb")) != XBADFILE);
+ ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
+ ExpectIntEQ(XMEMCMP(pem, expected, pemSz), 0);
+ if (fp != XBADFILE)
+ XFCLOSE(fp);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_d2i_DHparams(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_ALL
#if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072))
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- FILE* f = NULL;
+ XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
#ifdef HAVE_FFDHE_2048
@@ -59658,67 +58912,67 @@ static int test_wolfSSL_d2i_DHparams(void)
/* Test 2048 bit parameters */
#ifdef HAVE_FFDHE_2048
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- f = XFOPEN(params1, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
+ ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE) {
XFCLOSE(f);
+ f = XBADFILE;
+ }
- /* Valid case */
- AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
- AssertNotNull(dh->p);
- AssertNotNull(dh->g);
- AssertTrue(pt == buf);
- AssertIntEQ(DH_set_length(NULL, BN_num_bits(dh->p)), 0);
- AssertIntEQ(DH_set_length(dh, BN_num_bits(dh->p)), 1);
- AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
+ /* Valid case */
+ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+ ExpectNotNull(dh->p);
+ ExpectNotNull(dh->g);
+ ExpectTrue(pt == buf);
+ ExpectIntEQ(DH_set_length(NULL, BN_num_bits(dh->p)), 0);
+ ExpectIntEQ(DH_set_length(dh, BN_num_bits(dh->p)), 1);
+ ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
- /* Invalid cases */
- AssertNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
- AssertNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
- AssertNull(wolfSSL_d2i_DHparams(NULL, &pt, 10));
+ /* Invalid cases */
+ ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
+ ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
+ ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, 10));
- DH_free(dh);
+ DH_free(dh);
+ dh = NULL;
- *buf = 0;
- pt = buf;
- res = TEST_RES_CHECK(1);
- }
+ *buf = 0;
+ pt = buf;
#endif /* HAVE_FFDHE_2048 */
/* Test 3072 bit parameters */
#ifdef HAVE_FFDHE_3072
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- f = XFOPEN(params2, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
+ ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE) {
XFCLOSE(f);
+ f = XBADFILE;
+ }
- /* Valid case */
- AssertNotNull(dh = wolfSSL_d2i_DHparams(&dh, &pt, len));
- AssertNotNull(dh->p);
- AssertNotNull(dh->g);
- AssertTrue(pt != buf);
- AssertIntEQ(DH_generate_key(dh), 1);
+ /* Valid case */
+ ExpectNotNull(dh = wolfSSL_d2i_DHparams(&dh, &pt, len));
+ ExpectNotNull(dh->p);
+ ExpectNotNull(dh->g);
+ ExpectTrue(pt != buf);
+ ExpectIntEQ(DH_generate_key(dh), 1);
- /* Invalid cases */
- AssertNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
- AssertNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
+ /* Invalid cases */
+ ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
+ ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
- DH_free(dh);
- res = TEST_RES_CHECK(1);
- }
+ DH_free(dh);
+ dh = NULL;
#endif /* HAVE_FFDHE_3072 */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_DH */
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_DH_LoadDer(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) && \
defined(OPENSSL_EXTRA)
static const byte dh2048[] = {
@@ -59757,31 +59011,28 @@ static int test_wolfSSL_DH_LoadDer(void)
0xfa, 0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f,
0x93, 0x02, 0x01, 0x02
};
- WOLFSSL_DH* dh;
+ WOLFSSL_DH* dh = NULL;
- dh = wolfSSL_DH_new();
- AssertNotNull(dh);
+ ExpectNotNull(dh = wolfSSL_DH_new());
- AssertIntEQ(wolfSSL_DH_LoadDer(NULL, NULL, 0), -1);
- AssertIntEQ(wolfSSL_DH_LoadDer(dh, NULL, 0), -1);
- AssertIntEQ(wolfSSL_DH_LoadDer(NULL, dh2048, sizeof(dh2048)), -1);
+ ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, NULL, 0), -1);
+ ExpectIntEQ(wolfSSL_DH_LoadDer(dh, NULL, 0), -1);
+ ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, dh2048, sizeof(dh2048)), -1);
- AssertIntEQ(wolfSSL_DH_LoadDer(dh, dh2048, sizeof(dh2048)), 1);
+ ExpectIntEQ(wolfSSL_DH_LoadDer(dh, dh2048, sizeof(dh2048)), 1);
wolfSSL_DH_free(dh);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_i2d_DHparams(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_ALL
#if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072))
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
- FILE* f;
+ XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt;
unsigned char* pt2;
@@ -59792,29 +59043,31 @@ static int test_wolfSSL_i2d_DHparams(void)
const char* params2 = "./certs/dh3072.der";
#endif
long len;
- WOLFSSL_DH* dh;
+ WOLFSSL_DH* dh = NULL;
/* Test 2048 bit parameters */
#ifdef HAVE_FFDHE_2048
pt = buf;
pt2 = buf;
- f = XFOPEN(params1, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
/* Valid case */
- AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
- AssertTrue(pt == buf);
- AssertIntEQ(DH_generate_key(dh), 1);
- AssertIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 268);
+ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+ ExpectTrue(pt == buf);
+ ExpectIntEQ(DH_generate_key(dh), 1);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 268);
/* Invalid case */
- AssertIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
/* Return length only */
- AssertIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268);
DH_free(dh);
@@ -59826,37 +59079,37 @@ static int test_wolfSSL_i2d_DHparams(void)
pt = buf;
pt2 = buf;
- f = XFOPEN(params2, "rb");
- AssertTrue(f != XBADFILE);
- len = (long)XFREAD(buf, 1, sizeof(buf), f);
- XFCLOSE(f);
+ ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE);
+ ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+ if (f != XBADFILE) {
+ XFCLOSE(f);
+ f = XBADFILE;
+ }
/* Valid case */
- AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
- AssertTrue(pt == buf);
- AssertIntEQ(DH_generate_key(dh), 1);
- AssertIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 396);
+ ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+ ExpectTrue(pt == buf);
+ ExpectIntEQ(DH_generate_key(dh), 1);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 396);
/* Invalid case */
- AssertIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
/* Return length only */
- AssertIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396);
DH_free(dh);
#endif
dh = DH_new();
- AssertNotNull(dh);
+ ExpectNotNull(dh);
pt2 = buf;
- AssertIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0);
+ ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0);
DH_free(dh);
-
- res = TEST_RES_CHECK(1);
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_DH && (HAVE_FFDHE_2048 || HAVE_FFDHE_3072) */
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_ECC) && !defined(OPENSSL_NO_PK)
@@ -59867,15 +59120,15 @@ static int test_wolfSSL_i2d_DHparams(void)
static int test_wolfSSL_EC_GROUP(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
- EC_GROUP *group;
- EC_GROUP *group2;
- EC_GROUP *group3;
+ EC_GROUP *group = NULL;
+ EC_GROUP *group2 = NULL;
+ EC_GROUP *group3 = NULL;
#ifndef HAVE_ECC_BRAINPOOL
- EC_GROUP *group4;
+ EC_GROUP *group4 = NULL;
#endif
- WOLFSSL_BIGNUM* order;
+ WOLFSSL_BIGNUM* order = NULL;
int group_bits;
int i;
static const int knownEccNids[] = {
@@ -59939,45 +59192,45 @@ static int test_wolfSSL_EC_GROUP(void)
};
int knowEccEnumsLen = (int)(sizeof(knownEccEnums) / sizeof(*knownEccEnums));
- AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
- AssertNotNull(group2 = EC_GROUP_dup(group));
- AssertNotNull(group3 = wolfSSL_EC_GROUP_new_by_curve_name(NID_secp384r1));
+ ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(group2 = EC_GROUP_dup(group));
+ ExpectNotNull(group3 = wolfSSL_EC_GROUP_new_by_curve_name(NID_secp384r1));
#ifndef HAVE_ECC_BRAINPOOL
- AssertNotNull(group4 = wolfSSL_EC_GROUP_new_by_curve_name(
+ ExpectNotNull(group4 = wolfSSL_EC_GROUP_new_by_curve_name(
NID_brainpoolP256r1));
#endif
- AssertNull(EC_GROUP_dup(NULL));
+ ExpectNull(EC_GROUP_dup(NULL));
- AssertIntEQ(wolfSSL_EC_GROUP_get_curve_name(NULL), 0);
- AssertIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
- AssertIntEQ((group_bits = EC_GROUP_order_bits(NULL)), 0);
- AssertIntEQ((group_bits = EC_GROUP_order_bits(group)), 256);
+ ExpectIntEQ((group_bits = EC_GROUP_order_bits(NULL)), 0);
+ ExpectIntEQ((group_bits = EC_GROUP_order_bits(group)), 256);
#ifndef HAVE_ECC_BRAINPOOL
- AssertIntEQ((group_bits = EC_GROUP_order_bits(group4)), 0);
+ ExpectIntEQ((group_bits = EC_GROUP_order_bits(group4)), 0);
#endif
- AssertIntEQ(wolfSSL_EC_GROUP_get_degree(NULL), 0);
- AssertIntEQ(wolfSSL_EC_GROUP_get_degree(group), 256);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(group), 256);
- AssertNotNull(order = BN_new());
- AssertIntEQ(wolfSSL_EC_GROUP_get_order(NULL, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_EC_GROUP_get_order(group, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_EC_GROUP_get_order(NULL, order, NULL), 0);
- AssertIntEQ(wolfSSL_EC_GROUP_get_order(group, order, NULL), 1);
+ ExpectNotNull(order = BN_new());
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, order, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, order, NULL), 1);
wolfSSL_BN_free(order);
- AssertNotNull(EC_GROUP_method_of(group));
+ ExpectNotNull(EC_GROUP_method_of(group));
- AssertIntEQ(EC_METHOD_get_field_type(NULL), 0);
- AssertIntEQ(EC_METHOD_get_field_type(EC_GROUP_method_of(group)),
+ ExpectIntEQ(EC_METHOD_get_field_type(NULL), 0);
+ ExpectIntEQ(EC_METHOD_get_field_type(EC_GROUP_method_of(group)),
NID_X9_62_prime_field);
- AssertIntEQ(wolfSSL_EC_GROUP_cmp(NULL, NULL, NULL), -1);
- AssertIntEQ(wolfSSL_EC_GROUP_cmp(group, NULL, NULL), -1);
- AssertIntEQ(wolfSSL_EC_GROUP_cmp(NULL, group, NULL), -1);
- AssertIntEQ(wolfSSL_EC_GROUP_cmp(group, group3, NULL), 1);
+ ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, NULL, NULL), -1);
+ ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, NULL, NULL), -1);
+ ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, group, NULL), -1);
+ ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, group3, NULL), 1);
#ifndef NO_WOLFSSL_STUB
wolfSSL_EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
@@ -59991,30 +59244,30 @@ static int test_wolfSSL_EC_GROUP(void)
EC_GROUP_free(group);
for (i = 0; i < knowEccNidsLen; i++) {
- AssertNotNull(group = EC_GROUP_new_by_curve_name(knownEccNids[i]));
- AssertIntGT(wolfSSL_EC_GROUP_get_degree(group), 0);
+ group = NULL;
+ ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccNids[i]));
+ ExpectIntGT(wolfSSL_EC_GROUP_get_degree(group), 0);
EC_GROUP_free(group);
}
for (i = 0; i < knowEccEnumsLen; i++) {
- AssertNotNull(group = EC_GROUP_new_by_curve_name(knownEccEnums[i]));
- AssertIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), knownEccNids[i]);
+ group = NULL;
+ ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccEnums[i]));
+ ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), knownEccNids[i]);
EC_GROUP_free(group);
}
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_PEM_read_bio_ECPKParameters(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && !defined(NO_BIO)
- EC_GROUP *group;
- BIO* bio;
+ EC_GROUP *group = NULL;
+ BIO* bio = NULL;
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP)
- EC_GROUP *ret;
+ EC_GROUP *ret = NULL;
static char ec_nc_p384[] = "-----BEGIN EC PARAMETERS-----\n"
"BgUrgQQAIg==\n"
"-----END EC PARAMETERS-----";
@@ -60033,89 +59286,96 @@ static int test_wolfSSL_PEM_read_bio_ECPKParameters(void)
"-----END EC PARAMETERS-----";
/* Test that first parameter, bio, being NULL fails. */
- AssertNull(PEM_read_bio_ECPKParameters(NULL, NULL, NULL, NULL));
+ ExpectNull(PEM_read_bio_ECPKParameters(NULL, NULL, NULL, NULL));
/* Test that reading named parameters works. */
- AssertNotNull(bio = BIO_new(BIO_s_file()));
- AssertIntEQ(BIO_read_filename(bio, eccKeyFile), WOLFSSL_SUCCESS);
- AssertNotNull(group = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
- AssertIntEQ(EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
+ ExpectNotNull(bio = BIO_new(BIO_s_file()));
+ ExpectIntEQ(BIO_read_filename(bio, eccKeyFile), WOLFSSL_SUCCESS);
+ ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+ ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
BIO_free(bio);
+ bio = NULL;
+ EC_GROUP_free(group);
+ group = NULL;
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP)
/* Test that reusing group works. */
- AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
+ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
sizeof(ec_nc_p384)));
- AssertNotNull(group = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
- AssertIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
+ ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
+ ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
BIO_free(bio);
+ bio = NULL;
EC_GROUP_free(group);
group = NULL;
/* Test that returning through group works. */
- AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
+ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
sizeof(ec_nc_p384)));
- AssertNotNull(ret = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
- AssertIntEQ(group == ret, 1);
- AssertIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
+ ExpectNotNull(ret = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
+ ExpectIntEQ(group == ret, 1);
+ ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
BIO_free(bio);
-#endif
+ bio = NULL;
EC_GROUP_free(group);
+ group = NULL;
+#endif
/* Test 0x30, 0x00 (not and object id) fails. */
- AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_1,
+ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_1,
sizeof(ec_nc_bad_1)));
- AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+ ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
+ bio = NULL;
/* Test 0x06, 0x00 (empty object id) fails. */
- AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_2,
+ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_2,
sizeof(ec_nc_bad_2)));
- AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+ ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
+ bio = NULL;
/* Test 0x06, 0x01 (badly formed object id) fails. */
- AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_3,
+ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_3,
sizeof(ec_nc_bad_3)));
- AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+ ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
+ bio = NULL;
/* Test invalid PEM encoding - invalid character. */
- AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_4,
+ ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_4,
sizeof(ec_nc_bad_4)));
- AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+ ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
BIO_free(bio);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_POINT(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(WOLFSSL_SP_MATH) && \
(!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
#ifdef OPENSSL_EXTRA
- BN_CTX* ctx;
- EC_GROUP* group;
+ BN_CTX* ctx = NULL;
+ EC_GROUP* group = NULL;
#ifndef HAVE_ECC_BRAINPOOL
- EC_GROUP* group2;
+ EC_GROUP* group2 = NULL;
#endif
- EC_POINT* Gxy;
- EC_POINT* new_point;
- EC_POINT* set_point;
- EC_POINT* infinity;
+ EC_POINT* Gxy = NULL;
+ EC_POINT* new_point = NULL;
+ EC_POINT* set_point = NULL;
+ EC_POINT* infinity = NULL;
BIGNUM* k = NULL;
BIGNUM* Gx = NULL;
BIGNUM* Gy = NULL;
BIGNUM* Gz = NULL;
- BIGNUM* X;
- BIGNUM* Y;
- BIGNUM* set_point_bn;
- char* hexStr;
+ BIGNUM* X = NULL;
+ BIGNUM* Y = NULL;
+ BIGNUM* set_point_bn = NULL;
+ char* hexStr = NULL;
const char* kTest = "F4F8338AFCC562C5C3F3E1E46A7EFECD"
"17AF381913FF7A96314EA47055EA0FD0";
@@ -60126,9 +59386,9 @@ static int test_wolfSSL_EC_POINT(void)
"2BCE33576B315ECECBB6406837BF51F5";
#ifndef HAVE_SELFTEST
- EC_POINT *tmp;
+ EC_POINT *tmp = NULL;
size_t bin_len;
- unsigned int blen;
+ unsigned int blen = 0;
unsigned char* buf = NULL;
unsigned char bufInf[1] = { 0x00 };
@@ -60164,175 +59424,196 @@ static int test_wolfSSL_EC_POINT(void)
#endif
#endif
- AssertNotNull(ctx = BN_CTX_new());
- AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(ctx = BN_CTX_new());
+ ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
#ifndef HAVE_ECC_BRAINPOOL
/* Used to make groups curve_idx == -1. */
- AssertNotNull(group2 = EC_GROUP_new_by_curve_name(NID_brainpoolP256r1));
+ ExpectNotNull(group2 = EC_GROUP_new_by_curve_name(NID_brainpoolP256r1));
#endif
- AssertNull(EC_POINT_new(NULL));
- AssertNotNull(Gxy = EC_POINT_new(group));
- AssertNotNull(new_point = EC_POINT_new(group));
- AssertNotNull(set_point = EC_POINT_new(group));
- AssertNotNull(X = BN_new());
- AssertNotNull(Y = BN_new());
- AssertNotNull(set_point_bn = BN_new());
+ ExpectNull(EC_POINT_new(NULL));
+ ExpectNotNull(Gxy = EC_POINT_new(group));
+ ExpectNotNull(new_point = EC_POINT_new(group));
+ ExpectNotNull(set_point = EC_POINT_new(group));
+ ExpectNotNull(X = BN_new());
+ ExpectNotNull(Y = BN_new());
+ ExpectNotNull(set_point_bn = BN_new());
- AssertNotNull(infinity = EC_POINT_new(group));
+ ExpectNotNull(infinity = EC_POINT_new(group));
/* load test values */
- AssertIntEQ(BN_hex2bn(&k, kTest), WOLFSSL_SUCCESS);
- AssertIntEQ(BN_hex2bn(&Gx, kGx), WOLFSSL_SUCCESS);
- AssertIntEQ(BN_hex2bn(&Gy, kGy), WOLFSSL_SUCCESS);
- AssertIntEQ(BN_hex2bn(&Gz, "1"), WOLFSSL_SUCCESS);
+ ExpectIntEQ(BN_hex2bn(&k, kTest), WOLFSSL_SUCCESS);
+ ExpectIntEQ(BN_hex2bn(&Gx, kGx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(BN_hex2bn(&Gy, kGy), WOLFSSL_SUCCESS);
+ ExpectIntEQ(BN_hex2bn(&Gz, "1"), WOLFSSL_SUCCESS);
/* populate coordinates for input point */
- Gxy->X = Gx;
- Gxy->Y = Gy;
- Gxy->Z = Gz;
+ if (Gxy != NULL) {
+ Gxy->X = Gx;
+ Gxy->Y = Gy;
+ Gxy->Z = Gz;
+ }
/* Test handling of NULL point. */
EC_POINT_clear_free(NULL);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
NULL, NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
NULL, NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
NULL, NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
X, NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
NULL, Y, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
X, Y, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
X, Y, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
NULL, Y, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
X, NULL, ctx), 0);
/* Getting point at infinity returns an error. */
- AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, infinity,
+ ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, infinity,
X, Y, ctx), 0);
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
- AssertIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0);
- AssertIntEQ(EC_POINT_add(group, NULL, NULL, NULL, ctx), 0);
- AssertIntEQ(EC_POINT_add(NULL, new_point, NULL, NULL, ctx), 0);
- AssertIntEQ(EC_POINT_add(NULL, NULL, new_point, NULL, ctx), 0);
- AssertIntEQ(EC_POINT_add(NULL, NULL, NULL, Gxy, ctx), 0);
- AssertIntEQ(EC_POINT_add(NULL, new_point, new_point, Gxy, ctx), 0);
- AssertIntEQ(EC_POINT_add(group, NULL, new_point, Gxy, ctx), 0);
- AssertIntEQ(EC_POINT_add(group, new_point, NULL, Gxy, ctx), 0);
- AssertIntEQ(EC_POINT_add(group, new_point, new_point, NULL, ctx), 0);
-
- AssertIntEQ(EC_POINT_mul(NULL, NULL, Gx, Gxy, k, ctx), 0);
- AssertIntEQ(EC_POINT_mul(NULL, new_point, Gx, Gxy, k, ctx), 0);
- AssertIntEQ(EC_POINT_mul(group, NULL, Gx, Gxy, k, ctx), 0);
-
- AssertIntEQ(EC_POINT_add(group, new_point, new_point, Gxy, ctx), 1);
+ ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(group, NULL, NULL, NULL, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(NULL, new_point, NULL, NULL, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(NULL, NULL, new_point, NULL, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, Gxy, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(NULL, new_point, new_point, Gxy, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(group, NULL, new_point, Gxy, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(group, new_point, NULL, Gxy, ctx), 0);
+ ExpectIntEQ(EC_POINT_add(group, new_point, new_point, NULL, ctx), 0);
+
+ ExpectIntEQ(EC_POINT_mul(NULL, NULL, Gx, Gxy, k, ctx), 0);
+ ExpectIntEQ(EC_POINT_mul(NULL, new_point, Gx, Gxy, k, ctx), 0);
+ ExpectIntEQ(EC_POINT_mul(group, NULL, Gx, Gxy, k, ctx), 0);
+
+ ExpectIntEQ(EC_POINT_add(group, new_point, new_point, Gxy, ctx), 1);
/* perform point multiplication */
- AssertIntEQ(EC_POINT_mul(group, new_point, Gx, Gxy, k, ctx), 1);
- AssertIntEQ(BN_is_zero(new_point->X), 0);
- AssertIntEQ(BN_is_zero(new_point->Y), 0);
- AssertIntEQ(BN_is_zero(new_point->Z), 0);
- AssertIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), 1);
- AssertIntEQ(BN_is_zero(new_point->X), 0);
- AssertIntEQ(BN_is_zero(new_point->Y), 0);
- AssertIntEQ(BN_is_zero(new_point->Z), 0);
- AssertIntEQ(EC_POINT_mul(group, new_point, Gx, NULL, NULL, ctx), 1);
- AssertIntEQ(BN_is_zero(new_point->X), 0);
- AssertIntEQ(BN_is_zero(new_point->Y), 0);
- AssertIntEQ(BN_is_zero(new_point->Z), 0);
- AssertIntEQ(EC_POINT_mul(group, new_point, NULL, NULL, NULL, ctx), 1);
- AssertIntEQ(BN_is_zero(new_point->X), 1);
- AssertIntEQ(BN_is_zero(new_point->Y), 1);
- AssertIntEQ(BN_is_zero(new_point->Z), 1);
+ ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, Gxy, k, ctx), 1);
+ ExpectIntEQ(BN_is_zero(new_point->X), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Z), 0);
+ ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), 1);
+ ExpectIntEQ(BN_is_zero(new_point->X), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Z), 0);
+ ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, NULL, NULL, ctx), 1);
+ ExpectIntEQ(BN_is_zero(new_point->X), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Z), 0);
+ ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, NULL, NULL, ctx), 1);
+ ExpectIntEQ(BN_is_zero(new_point->X), 1);
+ ExpectIntEQ(BN_is_zero(new_point->Y), 1);
+ ExpectIntEQ(BN_is_zero(new_point->Z), 1);
/* Set point to something. */
- AssertIntEQ(EC_POINT_add(group, new_point, Gxy, Gxy, ctx), 1);
+ ExpectIntEQ(EC_POINT_add(group, new_point, Gxy, Gxy, ctx), 1);
#else
- AssertIntEQ(EC_POINT_set_affine_coordinates_GFp(group, new_point, Gx, Gy,
+ ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, new_point, Gx, Gy,
ctx), 1);
- AssertIntEQ(BN_is_zero(new_point->X), 0);
- AssertIntEQ(BN_is_zero(new_point->Y), 0);
- AssertIntEQ(BN_is_zero(new_point->Z), 0);
+ ExpectIntEQ(BN_is_zero(new_point->X), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+ ExpectIntEQ(BN_is_zero(new_point->Z), 0);
#endif
/* check if point X coordinate is zero */
- AssertIntEQ(BN_is_zero(new_point->X), 0);
+ ExpectIntEQ(BN_is_zero(new_point->X), 0);
#if defined(USE_ECC_B_PARAM) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
- AssertIntEQ(EC_POINT_is_on_curve(group, new_point, ctx), 1);
+ ExpectIntEQ(EC_POINT_is_on_curve(group, new_point, ctx), 1);
#endif
/* extract the coordinates from point */
- AssertIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
+ ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
ctx), WOLFSSL_SUCCESS);
/* check if point X coordinate is zero */
- AssertIntEQ(BN_is_zero(X), WOLFSSL_FAILURE);
+ ExpectIntEQ(BN_is_zero(X), WOLFSSL_FAILURE);
/* set the same X and Y points in another object */
- AssertIntEQ(EC_POINT_set_affine_coordinates_GFp(group, set_point, X, Y,
+ ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, set_point, X, Y,
ctx), WOLFSSL_SUCCESS);
/* compare points as they should be the same */
- AssertIntEQ(EC_POINT_cmp(NULL, NULL, NULL, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(group, NULL, NULL, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(NULL, new_point, NULL, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(NULL, NULL, set_point, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(NULL, new_point, set_point, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(group, NULL, set_point, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(group, new_point, NULL, ctx), -1);
- AssertIntEQ(EC_POINT_cmp(group, new_point, set_point, ctx), 0);
+ ExpectIntEQ(EC_POINT_cmp(NULL, NULL, NULL, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(group, NULL, NULL, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(NULL, new_point, NULL, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(NULL, NULL, set_point, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(NULL, new_point, set_point, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(group, NULL, set_point, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(group, new_point, NULL, ctx), -1);
+ ExpectIntEQ(EC_POINT_cmp(group, new_point, set_point, ctx), 0);
/* Test copying */
- AssertIntEQ(EC_POINT_copy(NULL, NULL), 0);
- AssertIntEQ(EC_POINT_copy(NULL, set_point), 0);
- AssertIntEQ(EC_POINT_copy(new_point, NULL), 0);
- AssertIntEQ(EC_POINT_copy(new_point, set_point), 1);
+ ExpectIntEQ(EC_POINT_copy(NULL, NULL), 0);
+ ExpectIntEQ(EC_POINT_copy(NULL, set_point), 0);
+ ExpectIntEQ(EC_POINT_copy(new_point, NULL), 0);
+ ExpectIntEQ(EC_POINT_copy(new_point, set_point), 1);
/* Test inverting */
- AssertIntEQ(EC_POINT_invert(NULL, NULL, ctx), 0);
- AssertIntEQ(EC_POINT_invert(NULL, new_point, ctx), 0);
- AssertIntEQ(EC_POINT_invert(group, NULL, ctx), 0);
- AssertIntEQ(EC_POINT_invert(group, new_point, ctx), 1);
+ ExpectIntEQ(EC_POINT_invert(NULL, NULL, ctx), 0);
+ ExpectIntEQ(EC_POINT_invert(NULL, new_point, ctx), 0);
+ ExpectIntEQ(EC_POINT_invert(group, NULL, ctx), 0);
+ ExpectIntEQ(EC_POINT_invert(group, new_point, ctx), 1);
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+ !defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
+ !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+ {
+ EC_POINT* orig_point = NULL;
+ ExpectNotNull(orig_point = EC_POINT_new(group));
+ ExpectIntEQ(EC_POINT_add(group, orig_point, set_point, set_point, NULL),
+ 1);
+ /* new_point should be set_point inverted so adding it will revert
+ * the point back to set_point */
+ ExpectIntEQ(EC_POINT_add(group, orig_point, orig_point, new_point,
+ NULL), 1);
+ ExpectIntEQ(EC_POINT_cmp(group, orig_point, set_point, NULL), 0);
+ EC_POINT_free(orig_point);
+ }
+#endif
/* Test getting affine converts from projective. */
- AssertIntEQ(EC_POINT_copy(set_point, new_point), 1);
+ ExpectIntEQ(EC_POINT_copy(set_point, new_point), 1);
/* Force non-affine coordinates */
- AssertIntEQ(BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
+ ExpectIntEQ(BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
(WOLFSSL_BIGNUM*)BN_value_one()), 1);
- new_point->inSet = 0;
+ if (new_point != NULL) {
+ new_point->inSet = 0;
+ }
/* extract the coordinates from point */
- AssertIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
+ ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
ctx), WOLFSSL_SUCCESS);
/* check if point ordinates have changed. */
- AssertIntNE(BN_cmp(X, set_point->X), 0);
- AssertIntNE(BN_cmp(Y, set_point->Y), 0);
+ ExpectIntNE(BN_cmp(X, set_point->X), 0);
+ ExpectIntNE(BN_cmp(Y, set_point->Y), 0);
/* Test check for infinity */
#ifndef WOLF_CRYPTO_CB_ONLY_ECC
- AssertIntEQ(EC_POINT_is_at_infinity(NULL, NULL), 0);
- AssertIntEQ(EC_POINT_is_at_infinity(NULL, infinity), 0);
- AssertIntEQ(EC_POINT_is_at_infinity(group, NULL), 0);
- AssertIntEQ(EC_POINT_is_at_infinity(group, infinity), 1);
- AssertIntEQ(EC_POINT_is_at_infinity(group, Gxy), 0);
+ ExpectIntEQ(EC_POINT_is_at_infinity(NULL, NULL), 0);
+ ExpectIntEQ(EC_POINT_is_at_infinity(NULL, infinity), 0);
+ ExpectIntEQ(EC_POINT_is_at_infinity(group, NULL), 0);
+ ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 1);
+ ExpectIntEQ(EC_POINT_is_at_infinity(group, Gxy), 0);
#else
- AssertIntEQ(EC_POINT_is_at_infinity(group, infinity), 0);
+ ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 0);
#endif
- AssertPtrEq(EC_POINT_point2bn(group, set_point,
+ ExpectPtrEq(EC_POINT_point2bn(group, set_point,
POINT_CONVERSION_UNCOMPRESSED, set_point_bn, ctx), set_point_bn);
/* check bn2hex */
hexStr = BN_bn2hex(k);
- AssertStrEQ(hexStr, kTest);
+ ExpectStrEQ(hexStr, kTest);
#if !defined(NO_FILESYSTEM) && defined(XFPRINTF)
BN_print_fp(stderr, k);
fprintf(stderr, "\n");
@@ -60340,7 +59621,7 @@ static int test_wolfSSL_EC_POINT(void)
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = BN_bn2hex(Gx);
- AssertStrEQ(hexStr, kGx);
+ ExpectStrEQ(hexStr, kGx);
#if !defined(NO_FILESYSTEM) && defined(XFPRINTF)
BN_print_fp(stderr, Gx);
fprintf(stderr, "\n");
@@ -60348,7 +59629,7 @@ static int test_wolfSSL_EC_POINT(void)
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = BN_bn2hex(Gy);
- AssertStrEQ(hexStr, kGy);
+ ExpectStrEQ(hexStr, kGy);
#if !defined(NO_FILESYSTEM) && defined(XFPRINTF)
BN_print_fp(stderr, Gy);
fprintf(stderr, "\n");
@@ -60357,164 +59638,171 @@ static int test_wolfSSL_EC_POINT(void)
#ifndef HAVE_SELFTEST
/* Test point to hex */
- AssertNull(EC_POINT_point2hex(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectNull(EC_POINT_point2hex(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
ctx));
- AssertNull(EC_POINT_point2hex(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectNull(EC_POINT_point2hex(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
ctx));
- AssertNull(EC_POINT_point2hex(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectNull(EC_POINT_point2hex(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
ctx));
#ifndef HAVE_ECC_BRAINPOOL
/* Group not supported in wolfCrypt. */
- AssertNull(EC_POINT_point2hex(group2, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectNull(EC_POINT_point2hex(group2, Gxy, POINT_CONVERSION_UNCOMPRESSED,
ctx));
#endif
hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx);
- AssertStrEQ(hexStr, uncompG);
+ ExpectNotNull(hexStr);
+ ExpectStrEQ(hexStr, uncompG);
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_COMPRESSED, ctx);
- AssertStrEQ(hexStr, compG);
+ ExpectNotNull(hexStr);
+ ExpectStrEQ(hexStr, compG);
XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
/* Test point to oct */
- AssertIntEQ(EC_POINT_point2oct(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectIntEQ(EC_POINT_point2oct(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx), 0);
- AssertIntEQ(EC_POINT_point2oct(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectIntEQ(EC_POINT_point2oct(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx), 0);
- AssertIntEQ(EC_POINT_point2oct(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectIntEQ(EC_POINT_point2oct(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx), 0);
bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
NULL, 0, ctx);
- AssertIntEQ(bin_len, sizeof(binUncompG));
- AssertNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
+ ExpectIntEQ(bin_len, sizeof(binUncompG));
+ ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
DYNAMIC_TYPE_ECC));
- AssertIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+ ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
buf, bin_len, ctx), bin_len);
- AssertIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
+ ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
/* Infinity (x=0, y=0) encodes as '0x00'. */
- AssertIntEQ(EC_POINT_point2oct(group, infinity,
+ ExpectIntEQ(EC_POINT_point2oct(group, infinity,
POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 1);
- AssertIntEQ(EC_POINT_point2oct(group, infinity,
+ ExpectIntEQ(EC_POINT_point2oct(group, infinity,
POINT_CONVERSION_UNCOMPRESSED, bufInf, 0, ctx), 0);
- AssertIntEQ(EC_POINT_point2oct(group, infinity,
+ ExpectIntEQ(EC_POINT_point2oct(group, infinity,
POINT_CONVERSION_UNCOMPRESSED, bufInf, 1, ctx), 1);
- AssertIntEQ(bufInf[0], 0);
+ ExpectIntEQ(bufInf[0], 0);
wolfSSL_EC_POINT_dump(NULL, NULL);
/* Test point i2d */
- AssertIntEQ(ECPoint_i2d(NULL, NULL, NULL, &blen), 0);
- AssertIntEQ(ECPoint_i2d(NULL, Gxy, NULL, &blen), 0);
- AssertIntEQ(ECPoint_i2d(group, NULL, NULL, &blen), 0);
- AssertIntEQ(ECPoint_i2d(group, Gxy, NULL, NULL), 0);
- AssertIntEQ(ECPoint_i2d(group, Gxy, NULL, &blen), 1);
- AssertIntEQ(blen, sizeof(binUncompG));
- AssertNotNull(buf = (unsigned char*)XMALLOC(blen, NULL, DYNAMIC_TYPE_ECC));
+ ExpectIntEQ(ECPoint_i2d(NULL, NULL, NULL, &blen), 0);
+ ExpectIntEQ(ECPoint_i2d(NULL, Gxy, NULL, &blen), 0);
+ ExpectIntEQ(ECPoint_i2d(group, NULL, NULL, &blen), 0);
+ ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, NULL), 0);
+ ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, &blen), 1);
+ ExpectIntEQ(blen, sizeof(binUncompG));
+ ExpectNotNull(buf = (unsigned char*)XMALLOC(blen, NULL, DYNAMIC_TYPE_ECC));
blen -= 1;
- AssertIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 0);
+ ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 0);
blen += 1;
- AssertIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 1);
- AssertIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
+ ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 1);
+ ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
#ifdef HAVE_COMP_KEY
/* Test point to oct compressed */
bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, NULL,
0, ctx);
- AssertIntEQ(bin_len, sizeof(binCompG));
- AssertNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
+ ExpectIntEQ(bin_len, sizeof(binCompG));
+ ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
DYNAMIC_TYPE_ECC));
- AssertIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, buf,
+ ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, buf,
bin_len, ctx), bin_len);
- AssertIntEQ(XMEMCMP(buf, binCompG, sizeof(binCompG)), 0);
+ ExpectIntEQ(XMEMCMP(buf, binCompG, sizeof(binCompG)), 0);
XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
#endif
/* Test point BN */
- AssertNull(wolfSSL_EC_POINT_point2bn(NULL, NULL,
+ ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, NULL,
POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
- AssertNull(wolfSSL_EC_POINT_point2bn(NULL, Gxy,
+ ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, Gxy,
POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
- AssertNull(wolfSSL_EC_POINT_point2bn(group, NULL,
+ ExpectNull(wolfSSL_EC_POINT_point2bn(group, NULL,
POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
- AssertNull(wolfSSL_EC_POINT_point2bn(group, Gxy, 0, NULL, ctx));
+ ExpectNull(wolfSSL_EC_POINT_point2bn(group, Gxy, 0, NULL, ctx));
/* Test oct to point */
- AssertNotNull(tmp = EC_POINT_new(group));
- AssertIntEQ(EC_POINT_oct2point(NULL, NULL, binUncompG, sizeof(binUncompG),
+ ExpectNotNull(tmp = EC_POINT_new(group));
+ ExpectIntEQ(EC_POINT_oct2point(NULL, NULL, binUncompG, sizeof(binUncompG),
ctx), 0);
- AssertIntEQ(EC_POINT_oct2point(NULL, tmp, binUncompG, sizeof(binUncompG),
+ ExpectIntEQ(EC_POINT_oct2point(NULL, tmp, binUncompG, sizeof(binUncompG),
ctx), 0);
- AssertIntEQ(EC_POINT_oct2point(group, NULL, binUncompG, sizeof(binUncompG),
+ ExpectIntEQ(EC_POINT_oct2point(group, NULL, binUncompG, sizeof(binUncompG),
ctx), 0);
- AssertIntEQ(EC_POINT_oct2point(group, tmp, binUncompGBad,
+ ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompGBad,
sizeof(binUncompGBad), ctx), 0);
- AssertIntEQ(EC_POINT_oct2point(group, tmp, binUncompG, sizeof(binUncompG),
+ ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompG, sizeof(binUncompG),
ctx), 1);
- AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+ ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
+ tmp = NULL;
/* Test setting BN ordinates. */
- AssertNotNull(tmp = EC_POINT_new(group));
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
+ ExpectNotNull(tmp = EC_POINT_new(group));
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, NULL,
NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, NULL,
NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, Gx,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, Gx,
NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
Gy, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, Gx, Gy,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, Gx, Gy,
ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, Gx, Gy,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, Gx, Gy,
ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, NULL,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, NULL,
Gy, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx,
NULL, ctx), 0);
- AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, Gy,
+ ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, Gy,
ctx), 1);
EC_POINT_free(tmp);
+ tmp = NULL;
/* Test point d2i */
- AssertNotNull(tmp = EC_POINT_new(group));
- AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, NULL), 0);
- AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, NULL), 0);
- AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, NULL), 0);
- AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, tmp), 0);
- AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, tmp), 0);
- AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, tmp), 0);
- AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, NULL), 0);
- AssertIntEQ(ECPoint_d2i(binUncompGBad, sizeof(binUncompG), group, tmp), 0);
- AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, tmp), 1);
- AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+ ExpectNotNull(tmp = EC_POINT_new(group));
+ ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, NULL), 0);
+ ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, NULL), 0);
+ ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, NULL), 0);
+ ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, tmp), 0);
+ ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, tmp), 0);
+ ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, tmp), 0);
+ ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, NULL), 0);
+ ExpectIntEQ(ECPoint_d2i(binUncompGBad, sizeof(binUncompG), group, tmp), 0);
+ ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, tmp), 1);
+ ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
+ tmp = NULL;
#ifdef HAVE_COMP_KEY
/* Test oct compressed to point */
- AssertNotNull(tmp = EC_POINT_new(group));
- AssertIntEQ(EC_POINT_oct2point(group, tmp, binCompG, sizeof(binCompG), ctx),
+ ExpectNotNull(tmp = EC_POINT_new(group));
+ ExpectIntEQ(EC_POINT_oct2point(group, tmp, binCompG, sizeof(binCompG), ctx),
1);
- AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+ ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
+ tmp = NULL;
/* Test point d2i - compressed */
- AssertNotNull(tmp = EC_POINT_new(group));
- AssertIntEQ(ECPoint_d2i(binCompG, sizeof(binCompG), group, tmp), 1);
- AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+ ExpectNotNull(tmp = EC_POINT_new(group));
+ ExpectIntEQ(ECPoint_d2i(binCompG, sizeof(binCompG), group, tmp), 1);
+ ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
EC_POINT_free(tmp);
+ tmp = NULL;
#endif
#endif
/* test BN_mod_add */
- AssertIntEQ(BN_mod_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
+ ExpectIntEQ(BN_mod_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
(WOLFSSL_BIGNUM*)BN_value_one(), (WOLFSSL_BIGNUM*)BN_value_one(), NULL),
1);
- AssertIntEQ(BN_is_zero(new_point->Z), 1);
+ ExpectIntEQ(BN_is_zero(new_point->Z), 1);
/* cleanup */
BN_free(X);
@@ -60530,52 +59818,176 @@ static int test_wolfSSL_EC_POINT(void)
#endif
EC_GROUP_free(group);
BN_CTX_free(ctx);
-
- res = TEST_RES_CHECK(1);
#endif
#endif /* !WOLFSSL_SP_MATH && ( !HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
- return res;
+ return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SPAKE(void)
+{
+ EXPECT_DECLS;
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(WOLFSSL_ATECC508A) \
+ && !defined(WOLFSSL_ATECC608A) && !defined(HAVE_SELFTEST) && \
+ !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+ BIGNUM* x = NULL; /* kdc priv */
+ BIGNUM* y = NULL; /* client priv */
+ BIGNUM* w = NULL; /* shared value */
+ byte M_bytes[] = {
+ /* uncompressed */
+ 0x04,
+ /* x */
+ 0x88, 0x6e, 0x2f, 0x97, 0xac, 0xe4, 0x6e, 0x55, 0xba, 0x9d, 0xd7, 0x24,
+ 0x25, 0x79, 0xf2, 0x99, 0x3b, 0x64, 0xe1, 0x6e, 0xf3, 0xdc, 0xab, 0x95,
+ 0xaf, 0xd4, 0x97, 0x33, 0x3d, 0x8f, 0xa1, 0x2f,
+ /* y */
+ 0x5f, 0xf3, 0x55, 0x16, 0x3e, 0x43, 0xce, 0x22, 0x4e, 0x0b, 0x0e, 0x65,
+ 0xff, 0x02, 0xac, 0x8e, 0x5c, 0x7b, 0xe0, 0x94, 0x19, 0xc7, 0x85, 0xe0,
+ 0xca, 0x54, 0x7d, 0x55, 0xa1, 0x2e, 0x2d, 0x20
+ };
+ EC_POINT* M = NULL; /* shared value */
+ byte N_bytes[] = {
+ /* uncompressed */
+ 0x04,
+ /* x */
+ 0xd8, 0xbb, 0xd6, 0xc6, 0x39, 0xc6, 0x29, 0x37, 0xb0, 0x4d, 0x99, 0x7f,
+ 0x38, 0xc3, 0x77, 0x07, 0x19, 0xc6, 0x29, 0xd7, 0x01, 0x4d, 0x49, 0xa2,
+ 0x4b, 0x4f, 0x98, 0xba, 0xa1, 0x29, 0x2b, 0x49,
+ /* y */
+ 0x07, 0xd6, 0x0a, 0xa6, 0xbf, 0xad, 0xe4, 0x50, 0x08, 0xa6, 0x36, 0x33,
+ 0x7f, 0x51, 0x68, 0xc6, 0x4d, 0x9b, 0xd3, 0x60, 0x34, 0x80, 0x8c, 0xd5,
+ 0x64, 0x49, 0x0b, 0x1e, 0x65, 0x6e, 0xdb, 0xe7
+ };
+ EC_POINT* N = NULL; /* shared value */
+ EC_POINT* T = NULL; /* kdc pub */
+ EC_POINT* tmp1 = NULL; /* kdc pub */
+ EC_POINT* tmp2 = NULL; /* kdc pub */
+ EC_POINT* S = NULL; /* client pub */
+ EC_POINT* client_secret = NULL;
+ EC_POINT* kdc_secret = NULL;
+ EC_GROUP* group = NULL;
+ BN_CTX* bn_ctx = NULL;
+
+ /* Values taken from a test run of Kerberos 5 */
+
+ ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(bn_ctx = BN_CTX_new());
+
+ ExpectNotNull(M = EC_POINT_new(group));
+ ExpectNotNull(N = EC_POINT_new(group));
+ ExpectNotNull(T = EC_POINT_new(group));
+ ExpectNotNull(tmp1 = EC_POINT_new(group));
+ ExpectNotNull(tmp2 = EC_POINT_new(group));
+ ExpectNotNull(S = EC_POINT_new(group));
+ ExpectNotNull(client_secret = EC_POINT_new(group));
+ ExpectNotNull(kdc_secret = EC_POINT_new(group));
+ ExpectIntEQ(BN_hex2bn(&x, "DAC3027CD692B4BDF0EDFE9B7D0E4E7"
+ "E5D8768A725EAEEA6FC68EC239A17C0"), 1);
+ ExpectIntEQ(BN_hex2bn(&y, "6F6A1D394E26B1655A54B26DCE30D49"
+ "90CC47EBE08F809EF3FF7F6AEAABBB5"), 1);
+ ExpectIntEQ(BN_hex2bn(&w, "1D992AB8BA851B9BA05353453D81EE9"
+ "506AB395478F0AAB647752CF117B36250"), 1);
+ ExpectIntEQ(EC_POINT_oct2point(group, M, M_bytes, sizeof(M_bytes), bn_ctx),
+ 1);
+ ExpectIntEQ(EC_POINT_oct2point(group, N, N_bytes, sizeof(N_bytes), bn_ctx),
+ 1);
+
+ /* Function pattern similar to ossl_keygen and ossl_result in krb5 */
+
+ /* kdc */
+ /* T=x*P+w*M */
+ /* All in one function call */
+ ExpectIntEQ(EC_POINT_mul(group, T, x, M, w, bn_ctx), 1);
+ /* Spread into separate calls */
+ ExpectIntEQ(EC_POINT_mul(group, tmp1, x, NULL, NULL, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, M, w, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx),
+ 1);
+ ExpectIntEQ(EC_POINT_cmp(group, T, tmp1, bn_ctx), 0);
+ /* client */
+ /* S=y*P+w*N */
+ /* All in one function call */
+ ExpectIntEQ(EC_POINT_mul(group, S, y, N, w, bn_ctx), 1);
+ /* Spread into separate calls */
+ ExpectIntEQ(EC_POINT_mul(group, tmp1, y, NULL, NULL, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, N, w, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx),
+ 1);
+ ExpectIntEQ(EC_POINT_cmp(group, S, tmp1, bn_ctx), 0);
+ /* K=y*(T-w*M) */
+ ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, M, w, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_invert(group, client_secret, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_add(group, client_secret, T, client_secret, bn_ctx),
+ 1);
+ ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, client_secret, y,
+ bn_ctx), 1);
+ /* kdc */
+ /* K=x*(S-w*N) */
+ ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, N, w, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_invert(group, kdc_secret, bn_ctx), 1);
+ ExpectIntEQ(EC_POINT_add(group, kdc_secret, S, kdc_secret, bn_ctx),
+ 1);
+ ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, kdc_secret, x, bn_ctx),
+ 1);
+
+ /* kdc_secret == client_secret */
+ ExpectIntEQ(EC_POINT_cmp(group, client_secret, kdc_secret, bn_ctx), 0);
+
+ BN_free(x);
+ BN_free(y);
+ BN_free(w);
+ EC_POINT_free(M);
+ EC_POINT_free(N);
+ EC_POINT_free(T);
+ EC_POINT_free(tmp1);
+ EC_POINT_free(tmp2);
+ EC_POINT_free(S);
+ EC_POINT_free(client_secret);
+ EC_POINT_free(kdc_secret);
+ EC_GROUP_free(group);
+ BN_CTX_free(bn_ctx);
+#endif
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_generate(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
- WOLFSSL_EC_KEY* key;
+ WOLFSSL_EC_KEY* key = NULL;
#ifndef HAVE_ECC_BRAINPOOL
- WOLFSSL_EC_GROUP* group;
+ WOLFSSL_EC_GROUP* group = NULL;
#endif
- AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(NULL), 0);
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
wolfSSL_EC_KEY_free(key);
+ key = NULL;
#ifndef HAVE_ECC_BRAINPOOL
- AssertNotNull(group = wolfSSL_EC_GROUP_new_by_curve_name(
+ ExpectNotNull(group = wolfSSL_EC_GROUP_new_by_curve_name(
NID_brainpoolP256r1));
- AssertNotNull(key = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_set_group(key, group), 1);
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), 0);
+ ExpectNotNull(key = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_set_group(key, group), 1);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 0);
wolfSSL_EC_KEY_free(key);
wolfSSL_EC_GROUP_free(group);
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_EC_i2d(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(HAVE_FIPS)
- EC_KEY *key;
+ EC_KEY *key = NULL;
EC_KEY *copy = NULL;
- int len;
+ int len = 0;
unsigned char *buf = NULL;
- unsigned char *p;
+ unsigned char *p = NULL;
const unsigned char *tmp = NULL;
const unsigned char octBad[] = {
0x09, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc,
@@ -60586,362 +59998,374 @@ static int test_EC_i2d(void)
0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
};
- AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertIntEQ(EC_KEY_generate_key(key), 1);
- AssertIntGT((len = i2d_EC_PUBKEY(key, NULL)), 0);
- AssertNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
+ ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectIntEQ(EC_KEY_generate_key(key), 1);
+ ExpectIntGT((len = i2d_EC_PUBKEY(key, NULL)), 0);
+ ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = buf;
- AssertIntEQ(i2d_EC_PUBKEY(key, &p), len);
-
- AssertNull(o2i_ECPublicKey(NULL, NULL, -1));
- AssertNull(o2i_ECPublicKey(&copy, NULL, -1));
- AssertNull(o2i_ECPublicKey(&key, NULL, -1));
- AssertNull(o2i_ECPublicKey(NULL, &tmp, -1));
- AssertNull(o2i_ECPublicKey(NULL, NULL, 0));
- AssertNull(o2i_ECPublicKey(&key, NULL, 0));
- AssertNull(o2i_ECPublicKey(&key, &tmp, 0));
+ ExpectIntEQ(i2d_EC_PUBKEY(key, &p), len);
+
+ ExpectNull(o2i_ECPublicKey(NULL, NULL, -1));
+ ExpectNull(o2i_ECPublicKey(&copy, NULL, -1));
+ ExpectNull(o2i_ECPublicKey(&key, NULL, -1));
+ ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1));
+ ExpectNull(o2i_ECPublicKey(NULL, NULL, 0));
+ ExpectNull(o2i_ECPublicKey(&key, NULL, 0));
+ ExpectNull(o2i_ECPublicKey(&key, &tmp, 0));
tmp = buf;
- AssertNull(o2i_ECPublicKey(NULL, &tmp, 0));
- AssertNull(o2i_ECPublicKey(&copy, &tmp, 0));
- AssertNull(o2i_ECPublicKey(NULL, &tmp, -1));
- AssertNull(o2i_ECPublicKey(&key, &tmp, -1));
+ ExpectNull(o2i_ECPublicKey(NULL, &tmp, 0));
+ ExpectNull(o2i_ECPublicKey(&copy, &tmp, 0));
+ ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1));
+ ExpectNull(o2i_ECPublicKey(&key, &tmp, -1));
- AssertIntEQ(i2o_ECPublicKey(NULL, NULL), 0);
- AssertIntEQ(i2o_ECPublicKey(NULL, &buf), 0);
+ ExpectIntEQ(i2o_ECPublicKey(NULL, NULL), 0);
+ ExpectIntEQ(i2o_ECPublicKey(NULL, &buf), 0);
tmp = buf;
- AssertNull(d2i_ECPrivateKey(NULL, &tmp, 0));
- AssertNull(d2i_ECPrivateKey(NULL, &tmp, 1));
- AssertNull(d2i_ECPrivateKey(&copy, &tmp, 0));
- AssertNull(d2i_ECPrivateKey(&copy, &tmp, 1));
- AssertNull(d2i_ECPrivateKey(&key, &tmp, 0));
-
- AssertIntEQ(i2d_ECPrivateKey(NULL, &p), 0);
- AssertIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);
-
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer(NULL, NULL, -1), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, 0), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, -1, 0), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, -1, 0), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, 0, 0), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1,
+ ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 0));
+ ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 1));
+ ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 0));
+ ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 1));
+ ExpectNull(d2i_ECPrivateKey(&key, &tmp, 0));
+
+ ExpectIntEQ(i2d_ECPrivateKey(NULL, &p), 0);
+ ExpectIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);
+
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer(NULL, NULL, -1), -1);
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, 0), -1);
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, -1, 0), -1);
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, -1, 0), -1);
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, 0, 0), -1);
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, len,
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, len,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, len,
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, len,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, -1,
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, -1,
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, 0), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len,
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, 0), -1);
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len,
WOLFSSL_EC_KEY_LOAD_PRIVATE), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
WOLFSSL_EC_KEY_LOAD_PRIVATE), -1);
- AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
+ ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
buf = NULL;
+ buf = NULL;
- AssertIntGT((len = i2d_ECPrivateKey(key, NULL)), 0);
- AssertNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
+ ExpectIntGT((len = i2d_ECPrivateKey(key, NULL)), 0);
+ ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = buf;
- AssertIntEQ(i2d_ECPrivateKey(key, &p), len);
+ ExpectIntEQ(i2d_ECPrivateKey(key, &p), len);
p = NULL;
- AssertIntEQ(i2d_ECPrivateKey(key, &p), len);
+ ExpectIntEQ(i2d_ECPrivateKey(key, &p), len);
XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ p = NULL;
/* Bad point is also an invalid private key. */
tmp = octBad;
- AssertNull(d2i_ECPrivateKey(&copy, &tmp, sizeof(octBad)));
+ ExpectNull(d2i_ECPrivateKey(&copy, &tmp, sizeof(octBad)));
tmp = buf;
- AssertNotNull(d2i_ECPrivateKey(&copy, &tmp, len));
+ ExpectNotNull(d2i_ECPrivateKey(&copy, &tmp, len));
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
buf = NULL;
+ buf = NULL;
- AssertIntGT((len = i2o_ECPublicKey(key, NULL)), 0);
- AssertNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
+ ExpectIntGT((len = i2o_ECPublicKey(key, NULL)), 0);
+ ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
p = buf;
- AssertIntGT((len = i2o_ECPublicKey(key, &p)), 0);
+ ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0);
p = NULL;
- AssertIntGT((len = i2o_ECPublicKey(key, &p)), 0);
+ ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0);
tmp = buf;
- AssertNotNull(o2i_ECPublicKey(&copy, &tmp, len));
+ ExpectNotNull(o2i_ECPublicKey(&copy, &tmp, len));
tmp = octBad;
- AssertNull(o2i_ECPublicKey(&key, &tmp, sizeof(octBad)));
+ ExpectNull(o2i_ECPublicKey(&key, &tmp, sizeof(octBad)));
- AssertIntEQ(EC_KEY_check_key(NULL), 0);
- AssertIntEQ(EC_KEY_check_key(key), 1);
+ ExpectIntEQ(EC_KEY_check_key(NULL), 0);
+ ExpectIntEQ(EC_KEY_check_key(key), 1);
XFREE(p, NULL, DYNAMIC_TYPE_OPENSSL);
XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL);
EC_KEY_free(key);
EC_KEY_free(copy);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_curve(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
int nid = NID_secp160k1;
- const char* nid_name;
+ const char* nid_name = NULL;
- AssertNull(EC_curve_nid2nist(NID_sha256));
+ ExpectNull(EC_curve_nid2nist(NID_sha256));
- AssertNotNull(nid_name = EC_curve_nid2nist(nid));
- AssertIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0);
+ ExpectNotNull(nid_name = EC_curve_nid2nist(nid));
+ ExpectIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0);
- AssertIntEQ(EC_curve_nist2nid("INVALID"), 0);
- AssertIntEQ(EC_curve_nist2nid(nid_name), nid);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(EC_curve_nist2nid("INVALID"), 0);
+ ExpectIntEQ(EC_curve_nist2nid(nid_name), nid);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_dup(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS)
- WOLFSSL_EC_KEY* ecKey;
- WOLFSSL_EC_KEY* dupKey;
- ecc_key* srcKey;
- ecc_key* destKey;
+ WOLFSSL_EC_KEY* ecKey = NULL;
+ WOLFSSL_EC_KEY* dupKey = NULL;
+ ecc_key* srcKey = NULL;
+ ecc_key* destKey = NULL;
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
/* Valid cases */
- AssertNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
- AssertIntEQ(EC_KEY_check_key(dupKey), 1);
+ ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ ExpectIntEQ(EC_KEY_check_key(dupKey), 1);
/* Compare pubkey */
- srcKey = (ecc_key*)ecKey->internal;
- destKey = (ecc_key*)dupKey->internal;
- AssertIntEQ(wc_ecc_cmp_point(&srcKey->pubkey, &destKey->pubkey), 0);
+ if (ecKey != NULL) {
+ srcKey = (ecc_key*)ecKey->internal;
+ }
+ if (dupKey != NULL) {
+ destKey = (ecc_key*)dupKey->internal;
+ }
+ ExpectIntEQ(wc_ecc_cmp_point(&srcKey->pubkey, &destKey->pubkey), 0);
/* compare EC_GROUP */
- AssertIntEQ(wolfSSL_EC_GROUP_cmp(ecKey->group, dupKey->group, NULL), MP_EQ);
+ ExpectIntEQ(wolfSSL_EC_GROUP_cmp(ecKey->group, dupKey->group, NULL), MP_EQ);
/* compare EC_POINT */
- AssertIntEQ(wolfSSL_EC_POINT_cmp(ecKey->group, ecKey->pub_key, \
+ ExpectIntEQ(wolfSSL_EC_POINT_cmp(ecKey->group, ecKey->pub_key, \
dupKey->pub_key, NULL), MP_EQ);
/* compare BIGNUM */
- AssertIntEQ(wolfSSL_BN_cmp(ecKey->priv_key, dupKey->priv_key), MP_EQ);
+ ExpectIntEQ(wolfSSL_BN_cmp(ecKey->priv_key, dupKey->priv_key), MP_EQ);
wolfSSL_EC_KEY_free(dupKey);
+ dupKey = NULL;
/* Invalid cases */
/* NULL key */
- AssertNull(dupKey = wolfSSL_EC_KEY_dup(NULL));
+ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(NULL));
/* NULL ecc_key */
- wc_ecc_free((ecc_key*)ecKey->internal);
- XFREE(ecKey->internal, NULL, DYNAMIC_TYPE_ECC);
- ecKey->internal = NULL; /* Set ecc_key to NULL */
- AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ if (ecKey != NULL) {
+ wc_ecc_free((ecc_key*)ecKey->internal);
+ XFREE(ecKey->internal, NULL, DYNAMIC_TYPE_ECC);
+ ecKey->internal = NULL; /* Set ecc_key to NULL */
+ }
+ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
+ ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
+ dupKey = NULL;
/* NULL Group */
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
- wolfSSL_EC_GROUP_free(ecKey->group);
- ecKey->group = NULL; /* Set group to NULL */
- AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ if (ecKey != NULL) {
+ wolfSSL_EC_GROUP_free(ecKey->group);
+ ecKey->group = NULL; /* Set group to NULL */
+ }
+ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
+ ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
+ dupKey = NULL;
/* NULL public key */
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
- wc_ecc_del_point((ecc_point*)ecKey->pub_key->internal);
- ecKey->pub_key->internal = NULL; /* Set ecc_point to NULL */
- AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
-
- wolfSSL_EC_POINT_free(ecKey->pub_key);
- ecKey->pub_key = NULL; /* Set pub_key to NULL */
- AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ if (ecKey != NULL) {
+ wc_ecc_del_point((ecc_point*)ecKey->pub_key->internal);
+ ecKey->pub_key->internal = NULL; /* Set ecc_point to NULL */
+ }
+
+ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ if (ecKey != NULL) {
+ wolfSSL_EC_POINT_free(ecKey->pub_key);
+ ecKey->pub_key = NULL; /* Set pub_key to NULL */
+ }
+ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
+ ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
+ dupKey = NULL;
/* NULL private key */
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
- wolfSSL_BN_free(ecKey->priv_key);
- ecKey->priv_key = NULL; /* Set priv_key to NULL */
- AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ if (ecKey != NULL) {
+ wolfSSL_BN_free(ecKey->priv_key);
+ ecKey->priv_key = NULL; /* Set priv_key to NULL */
+ }
+ ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
wolfSSL_EC_KEY_free(ecKey);
+ ecKey = NULL;
wolfSSL_EC_KEY_free(dupKey);
+ dupKey = NULL;
/* Test EC_KEY_up_ref */
- AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EC_KEY_up_ref(NULL), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EC_KEY_up_ref(ecKey), WOLFSSL_SUCCESS);
+ ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EC_KEY_up_ref(NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EC_KEY_up_ref(ecKey), WOLFSSL_SUCCESS);
/* reference count doesn't follow duplicate */
- AssertNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
- AssertIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +1 */
- AssertIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +2 */
+ ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+ ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +1 */
+ ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +2 */
wolfSSL_EC_KEY_free(dupKey); /* 3 */
wolfSSL_EC_KEY_free(dupKey); /* 2 */
wolfSSL_EC_KEY_free(dupKey); /* 1, free */
wolfSSL_EC_KEY_free(ecKey); /* 2 */
wolfSSL_EC_KEY_free(ecKey); /* 1, free */
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_set_group(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \
defined(OPENSSL_EXTRA)
EC_KEY *key = NULL;
EC_GROUP *group = NULL;
const EC_GROUP *group2 = NULL;
- AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
- AssertNotNull(key = EC_KEY_new());
+ ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(key = EC_KEY_new());
- AssertNull(EC_KEY_get0_group(NULL));
- AssertIntEQ(EC_KEY_set_group(NULL, NULL), 0);
- AssertIntEQ(EC_KEY_set_group(key, NULL), 0);
- AssertIntEQ(EC_KEY_set_group(NULL, group), 0);
+ ExpectNull(EC_KEY_get0_group(NULL));
+ ExpectIntEQ(EC_KEY_set_group(NULL, NULL), 0);
+ ExpectIntEQ(EC_KEY_set_group(key, NULL), 0);
+ ExpectIntEQ(EC_KEY_set_group(NULL, group), 0);
- AssertIntEQ(EC_KEY_set_group(key, group), WOLFSSL_SUCCESS);
- AssertNotNull(group2 = EC_KEY_get0_group(key));
- AssertIntEQ(EC_GROUP_cmp(group2, group, NULL), 0);
+ ExpectIntEQ(EC_KEY_set_group(key, group), WOLFSSL_SUCCESS);
+ ExpectNotNull(group2 = EC_KEY_get0_group(key));
+ ExpectIntEQ(EC_GROUP_cmp(group2, group, NULL), 0);
EC_GROUP_free(group);
EC_KEY_free(key);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_set_conv_form(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) && !defined(NO_BIO)
- BIO* bio;
- EC_KEY* key;
+ BIO* bio = NULL;
+ EC_KEY* key = NULL;
/* Error condition: NULL key. */
- AssertIntLT(EC_KEY_get_conv_form(NULL), 0);
+ ExpectIntLT(EC_KEY_get_conv_form(NULL), 0);
- AssertNotNull(bio = BIO_new_file("./certs/ecc-keyPub.pem", "rb"));
- AssertNotNull(key = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
+ ExpectNotNull(bio = BIO_new_file("./certs/ecc-keyPub.pem", "rb"));
+ ExpectNotNull(key = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
/* Conversion form defaults to uncompressed. */
- AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
+ ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
#ifdef HAVE_COMP_KEY
/* Explicitly set to compressed. */
EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED);
- AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_COMPRESSED);
+ ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_COMPRESSED);
#else
/* Will still work just won't change anything. */
EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED);
- AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
+ ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
EC_KEY_set_conv_form(key, POINT_CONVERSION_UNCOMPRESSED);
- AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
+ ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
#endif
EC_KEY_set_conv_form(NULL, POINT_CONVERSION_UNCOMPRESSED);
BIO_free(bio);
EC_KEY_free(key);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_private_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
- WOLFSSL_EC_KEY* key;
+ WOLFSSL_EC_KEY* key = NULL;
WOLFSSL_BIGNUM* priv = NULL;
WOLFSSL_BIGNUM* priv2 = NULL;
WOLFSSL_BIGNUM* bn;
- AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertNotNull(priv = wolfSSL_BN_new());
- AssertNotNull(priv2 = wolfSSL_BN_new());
- AssertIntNE(BN_set_word(priv, 2), 0);
- AssertIntNE(BN_set_word(priv2, 2), 0);
+ ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(priv = wolfSSL_BN_new());
+ ExpectNotNull(priv2 = wolfSSL_BN_new());
+ ExpectIntNE(BN_set_word(priv, 2), 0);
+ ExpectIntNE(BN_set_word(priv2, 2), 0);
- AssertNull(wolfSSL_EC_KEY_get0_private_key(NULL));
+ ExpectNull(wolfSSL_EC_KEY_get0_private_key(NULL));
/* No private key set. */
- AssertNull(wolfSSL_EC_KEY_get0_private_key(key));
+ ExpectNull(wolfSSL_EC_KEY_get0_private_key(key));
- AssertIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, NULL), 0);
- AssertIntEQ(wolfSSL_EC_KEY_set_private_key(key, NULL), 0);
- AssertIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, priv), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, priv), 0);
- AssertIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv), 1);
- AssertNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
- AssertPtrNE(bn, priv);
- AssertIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv2), 1);
- AssertNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
- AssertPtrNE(bn, priv2);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv), 1);
+ ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
+ ExpectPtrNE(bn, priv);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv2), 1);
+ ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
+ ExpectPtrNE(bn, priv2);
wolfSSL_BN_free(priv2);
wolfSSL_BN_free(priv);
wolfSSL_EC_KEY_free(key);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_public_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
- WOLFSSL_EC_KEY* key;
- WOLFSSL_EC_POINT* pub;
- WOLFSSL_EC_POINT* point;
+ WOLFSSL_EC_KEY* key = NULL;
+ WOLFSSL_EC_POINT* pub = NULL;
+ WOLFSSL_EC_POINT* point = NULL;
- AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertNull(wolfSSL_EC_KEY_get0_public_key(NULL));
- AssertNotNull(wolfSSL_EC_KEY_get0_public_key(key));
+ ExpectNull(wolfSSL_EC_KEY_get0_public_key(NULL));
+ ExpectNotNull(wolfSSL_EC_KEY_get0_public_key(key));
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
- AssertNotNull(pub = wolfSSL_EC_KEY_get0_public_key(key));
+ ExpectNotNull(pub = wolfSSL_EC_KEY_get0_public_key(key));
- AssertIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, NULL), 0);
- AssertIntEQ(wolfSSL_EC_KEY_set_public_key(key, NULL), 0);
- AssertIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, pub), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, NULL), 0);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, pub), 0);
- AssertIntEQ(wolfSSL_EC_KEY_set_public_key(key, pub), 1);
- AssertNotNull(point = wolfSSL_EC_KEY_get0_public_key(key));
- AssertPtrEq(point, pub);
+ ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, pub), 1);
+ ExpectNotNull(point = wolfSSL_EC_KEY_get0_public_key(key));
+ ExpectPtrEq(point, pub);
wolfSSL_EC_KEY_free(key);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_KEY_print_fp(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(HAVE_ECC) && ((defined(HAVE_ECC224) && defined(HAVE_ECC256)) || \
defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 && \
defined(OPENSSL_EXTRA) && defined(XFPRINTF) && !defined(NO_FILESYSTEM) && \
@@ -60949,75 +60373,71 @@ static int test_wolfSSL_EC_KEY_print_fp(void)
EC_KEY* key = NULL;
/* Bad file pointer. */
- AssertIntEQ(wolfSSL_EC_KEY_print_fp(NULL, key, 0), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(NULL, key, 0), WOLFSSL_FAILURE);
/* NULL key. */
- AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, NULL, 0), WOLFSSL_FAILURE);
- AssertNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(NID_secp224r1)));
+ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, NULL, 0), WOLFSSL_FAILURE);
+ ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(NID_secp224r1)));
/* Negative indent. */
- AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, -1), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, -1), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
wolfSSL_EC_KEY_free(key);
- AssertNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(
+ ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(
NID_X9_62_prime256v1)));
- AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
wolfSSL_EC_KEY_free(key);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EC_get_builtin_curves(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
EC_builtin_curve* curves = NULL;
size_t crv_len = 0;
size_t i = 0;
- AssertIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0);
- AssertNotNull(curves = (EC_builtin_curve*)XMALLOC(
+ ExpectIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0);
+ ExpectNotNull(curves = (EC_builtin_curve*)XMALLOC(
sizeof(EC_builtin_curve) * crv_len, NULL, DYNAMIC_TYPE_TMP_BUFFER));
- AssertIntEQ((EC_get_builtin_curves(curves, 0)), crv_len);
- AssertIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len);
+ ExpectIntEQ((EC_get_builtin_curves(curves, 0)), crv_len);
+ ExpectIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len);
- for (i = 0; i < crv_len; i++) {
+ for (i = 0; EXPECT_SUCCESS() && (i < crv_len); i++) {
if (curves[i].comment != NULL) {
- AssertStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment);
+ ExpectStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment);
}
}
if (crv_len > 1) {
- AssertIntEQ(EC_get_builtin_curves(curves, crv_len - 1), crv_len - 1);
+ ExpectIntEQ(EC_get_builtin_curves(curves, crv_len - 1), crv_len - 1);
}
XFREE(curves, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
- res = TEST_RES_CHECK(1);
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_EXTRA || OPENSSL_ALL */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ECDSA_SIG(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
WOLFSSL_ECDSA_SIG* sig = NULL;
WOLFSSL_ECDSA_SIG* sig2 = NULL;
- WOLFSSL_BIGNUM* r;
- WOLFSSL_BIGNUM* s;
- const WOLFSSL_BIGNUM* r2;
- const WOLFSSL_BIGNUM* s2;
- const unsigned char* cp;
- unsigned char* p;
+ WOLFSSL_BIGNUM* r = NULL;
+ WOLFSSL_BIGNUM* s = NULL;
+ const WOLFSSL_BIGNUM* r2 = NULL;
+ const WOLFSSL_BIGNUM* s2 = NULL;
+ const unsigned char* cp = NULL;
+ unsigned char* p = NULL;
unsigned char outSig[8];
unsigned char sigData[8] =
{ 0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 };
@@ -61026,76 +60446,79 @@ static int test_wolfSSL_ECDSA_SIG(void)
wolfSSL_ECDSA_SIG_free(NULL);
- AssertNotNull(sig = wolfSSL_ECDSA_SIG_new());
- AssertNotNull(r = wolfSSL_BN_new());
- AssertNotNull(s = wolfSSL_BN_new());
- AssertIntEQ(wolfSSL_BN_set_word(r, 1), 1);
- AssertIntEQ(wolfSSL_BN_set_word(s, 1), 1);
+ ExpectNotNull(sig = wolfSSL_ECDSA_SIG_new());
+ ExpectNotNull(r = wolfSSL_BN_new());
+ ExpectNotNull(s = wolfSSL_BN_new());
+ ExpectIntEQ(wolfSSL_BN_set_word(r, 1), 1);
+ ExpectIntEQ(wolfSSL_BN_set_word(s, 1), 1);
wolfSSL_ECDSA_SIG_get0(NULL, NULL, NULL);
wolfSSL_ECDSA_SIG_get0(NULL, &r2, NULL);
wolfSSL_ECDSA_SIG_get0(NULL, NULL, &s2);
wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, NULL), 0);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, NULL), 0);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, s), 0);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, s), 0);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, s), 0);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, NULL), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, NULL), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, s), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, s), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, s), 0);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, NULL), 0);
r2 = NULL;
s2 = NULL;
wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2);
- AssertNull(r2);
- AssertNull(s2);
- AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, s), 1);
+ ExpectNull(r2);
+ ExpectNull(s2);
+ ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, s), 1);
+ if (EXPECT_FAIL()) {
+ wolfSSL_BN_free(r);
+ wolfSSL_BN_free(s);
+ }
wolfSSL_ECDSA_SIG_get0(sig, &r2, &s2);
- AssertPtrEq(r2, r);
- AssertPtrEq(s2, s);
+ ExpectPtrEq(r2, r);
+ ExpectPtrEq(s2, s);
r2 = NULL;
wolfSSL_ECDSA_SIG_get0(sig, &r2, NULL);
- AssertPtrEq(r2, r);
+ ExpectPtrEq(r2, r);
s2 = NULL;
wolfSSL_ECDSA_SIG_get0(sig, NULL, &s2);
- AssertPtrEq(s2, s);
+ ExpectPtrEq(s2, s);
/* r and s are freed when sig is freed. */
wolfSSL_ECDSA_SIG_free(sig);
+ sig = NULL;
- AssertNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData)));
+ ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData)));
cp = sigDataBad;
- AssertNull(wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigDataBad)));
+ ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigDataBad)));
cp = sigData;
- AssertNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData))));
- AssertIntEQ((cp == sigData + 8), 1);
+ ExpectNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData))));
+ ExpectIntEQ((cp == sigData + 8), 1);
cp = sigData;
- AssertNull(wolfSSL_d2i_ECDSA_SIG(&sig, NULL, sizeof(sigData)));
- AssertNotNull((sig2 = wolfSSL_d2i_ECDSA_SIG(&sig, &cp, sizeof(sigData))));
- AssertIntEQ((sig == sig2), 1);
+ ExpectNull(wolfSSL_d2i_ECDSA_SIG(&sig, NULL, sizeof(sigData)));
+ ExpectNotNull((sig2 = wolfSSL_d2i_ECDSA_SIG(&sig, &cp, sizeof(sigData))));
+ ExpectIntEQ((sig == sig2), 1);
cp = outSig;
p = outSig;
- AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, &p), 0);
- AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, NULL), 0);
- AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, NULL), 8);
- AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), sizeof(sigData));
- AssertIntEQ((p == outSig + 8), 1);
- AssertIntEQ(XMEMCMP(sigData, outSig, 8), 0);
+ ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, &p), 0);
+ ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, NULL), 0);
+ ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, NULL), 8);
+ ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), sizeof(sigData));
+ ExpectIntEQ((p == outSig + 8), 1);
+ ExpectIntEQ(XMEMCMP(sigData, outSig, 8), 0);
wolfSSL_ECDSA_SIG_free(sig);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_ECDSA_size_sign(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP)
- EC_KEY* key;
- ECDSA_SIG* ecdsaSig;
+ EC_KEY* key = NULL;
+ ECDSA_SIG* ecdsaSig = NULL;
int id;
byte hash[WC_MAX_DIGEST_SIZE];
byte hash2[WC_MAX_DIGEST_SIZE];
@@ -61106,246 +60529,258 @@ static int test_ECDSA_size_sign(void)
XMEMSET(hash2, 234, sizeof(hash2));
id = wc_ecc_get_curve_id_from_name("SECP256R1");
- AssertIntEQ(id, ECC_SECP256R1);
-
- AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertIntEQ(EC_KEY_generate_key(key), 1);
-
- AssertIntGE(ECDSA_size(NULL), 0);
-
- AssertIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, NULL), 0);
- AssertIntEQ(ECDSA_sign(0, NULL, sizeof(hash), sig, &sigSz, key), 0);
- AssertIntEQ(ECDSA_sign(0, hash, sizeof(hash), NULL, &sigSz, key), 0);
- AssertIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, NULL), 0);
- AssertIntEQ(ECDSA_verify(0, NULL, sizeof(hash), sig, sigSz, key), 0);
- AssertIntEQ(ECDSA_verify(0, hash, sizeof(hash), NULL, sigSz, key), 0);
-
- AssertIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, key), 1);
- AssertIntGE(ECDSA_size(key), sigSz);
- AssertIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, key), 1);
- AssertIntEQ(ECDSA_verify(0, hash2, sizeof(hash2), sig, sigSz, key), 0);
-
- AssertNull(ECDSA_do_sign(NULL, sizeof(hash), NULL));
- AssertNull(ECDSA_do_sign(NULL, sizeof(hash), key));
- AssertNull(ECDSA_do_sign(hash, sizeof(hash), NULL));
- AssertNotNull(ecdsaSig = ECDSA_do_sign(hash, sizeof(hash), key));
- AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, NULL), -1);
- AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, NULL), -1);
- AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, NULL), -1);
- AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, key), -1);
- AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, key), -1);
- AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, key), -1);
- AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, NULL), -1);
- AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, key), 1);
- AssertIntEQ(ECDSA_do_verify(hash2, sizeof(hash2), ecdsaSig, key), 0);
+ ExpectIntEQ(id, ECC_SECP256R1);
+
+ ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectIntEQ(EC_KEY_generate_key(key), 1);
+
+ ExpectIntGE(ECDSA_size(NULL), 0);
+
+ ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, NULL), 0);
+ ExpectIntEQ(ECDSA_sign(0, NULL, sizeof(hash), sig, &sigSz, key), 0);
+ ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), NULL, &sigSz, key), 0);
+ ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, NULL), 0);
+ ExpectIntEQ(ECDSA_verify(0, NULL, sizeof(hash), sig, sigSz, key), 0);
+ ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), NULL, sigSz, key), 0);
+
+ ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, key), 1);
+ ExpectIntGE(ECDSA_size(key), sigSz);
+ ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, key), 1);
+ ExpectIntEQ(ECDSA_verify(0, hash2, sizeof(hash2), sig, sigSz, key), 0);
+
+ ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), NULL));
+ ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), key));
+ ExpectNull(ECDSA_do_sign(hash, sizeof(hash), NULL));
+ ExpectNotNull(ecdsaSig = ECDSA_do_sign(hash, sizeof(hash), key));
+ ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, NULL), -1);
+ ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, NULL), -1);
+ ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, NULL), -1);
+ ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, key), -1);
+ ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, key), -1);
+ ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, key), -1);
+ ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, NULL), -1);
+ ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, key), 1);
+ ExpectIntEQ(ECDSA_do_verify(hash2, sizeof(hash2), ecdsaSig, key), 0);
ECDSA_SIG_free(ecdsaSig);
EC_KEY_free(key);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP */
- return res;
+ return EXPECT_RESULT();
}
static int test_ECDH_compute_key(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
- EC_KEY* key1;
- EC_KEY* key2;
- EC_POINT* pub1;
- EC_POINT* pub2;
+ EC_KEY* key1 = NULL;
+ EC_KEY* key2 = NULL;
+ EC_POINT* pub1 = NULL;
+ EC_POINT* pub2 = NULL;
byte secret1[32];
byte secret2[32];
int i;
- AssertNotNull(key1 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertIntEQ(EC_KEY_generate_key(key1), 1);
- AssertNotNull(pub1 = wolfSSL_EC_KEY_get0_public_key(key1));
- AssertNotNull(key2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertIntEQ(EC_KEY_generate_key(key2), 1);
- AssertNotNull(pub2 = wolfSSL_EC_KEY_get0_public_key(key2));
+ ExpectNotNull(key1 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectIntEQ(EC_KEY_generate_key(key1), 1);
+ ExpectNotNull(pub1 = wolfSSL_EC_KEY_get0_public_key(key1));
+ ExpectNotNull(key2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+ ExpectIntEQ(EC_KEY_generate_key(key2), 1);
+ ExpectNotNull(pub2 = wolfSSL_EC_KEY_get0_public_key(key2));
- AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, NULL, NULL), 0);
- AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, NULL, NULL),
+ ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, NULL, NULL), 0);
+ ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, NULL, NULL),
0);
- AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, NULL, NULL), 0);
- AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, key1, NULL), 0);
- AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, key1, NULL), 0);
- AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, key1, NULL),
+ ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, NULL, NULL), 0);
+ ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, key1, NULL), 0);
+ ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, key1, NULL), 0);
+ ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, key1, NULL),
0);
- AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, NULL, NULL),
+ ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, NULL, NULL),
0);
- AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1) - 16, pub2, key1,
+ ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1) - 16, pub2, key1,
NULL), 0);
- AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, key1, NULL),
+ ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, key1, NULL),
sizeof(secret1));
- AssertIntEQ(ECDH_compute_key(secret2, sizeof(secret2), pub1, key2, NULL),
+ ExpectIntEQ(ECDH_compute_key(secret2, sizeof(secret2), pub1, key2, NULL),
sizeof(secret2));
for (i = 0; i < (int)sizeof(secret1); i++) {
- AssertIntEQ(secret1[i], secret2[i]);
+ ExpectIntEQ(secret1[i], secret2[i]);
}
EC_KEY_free(key2);
EC_KEY_free(key1);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP &&
* !WOLF_CRYPTO_CB_ONLY_ECC */
- return res;
+ return EXPECT_RESULT();
}
#endif /* HAVE_ECC && !OPENSSL_NO_PK */
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
- defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
-static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
+ defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
+ !defined(NO_ASN_TIME)
+static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey,
+ int expectedDerSz)
{
+ EXPECT_DECLS;
X509* x509 = NULL;
BIGNUM* serial_number = NULL;
X509_NAME* name = NULL;
time_t epoch_off = 0;
ASN1_INTEGER* asn1_serial_number;
long not_before, not_after;
+ int derSz;
- AssertNotNull(x509 = X509_new());
+ ExpectNotNull(x509 = X509_new());
- AssertIntNE(X509_set_pubkey(x509, pkey), 0);
+ ExpectIntNE(X509_set_pubkey(x509, pkey), 0);
- AssertNotNull(serial_number = BN_new());
- AssertIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0);
- AssertNotNull(asn1_serial_number = X509_get_serialNumber(x509));
- AssertNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number));
+ ExpectNotNull(serial_number = BN_new());
+ ExpectIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0);
+ ExpectNotNull(asn1_serial_number = X509_get_serialNumber(x509));
+ ExpectNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number));
/* version 3 */
- AssertIntNE(X509_set_version(x509, 2L), 0);
+ ExpectIntNE(X509_set_version(x509, 2L), 0);
- AssertNotNull(name = X509_NAME_new());
+ ExpectNotNull(name = X509_NAME_new());
- AssertIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
+ ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
(unsigned char*)"www.wolfssl.com", -1, -1, 0), 0);
+ ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_pkcs9_contentType,
+ MBSTRING_UTF8,(unsigned char*)"Server", -1, -1, 0), 0);
- AssertIntNE(X509_set_subject_name(x509, name), 0);
- AssertIntNE(X509_set_issuer_name(x509, name), 0);
+ ExpectIntNE(X509_set_subject_name(x509, name), 0);
+ ExpectIntNE(X509_set_issuer_name(x509, name), 0);
not_before = (long)wc_Time(NULL);
not_after = not_before + (365 * 24 * 60 * 60);
- AssertNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &epoch_off));
- AssertNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &epoch_off));
+ ExpectNotNull(X509_time_adj(X509_get_notBefore(x509), not_before,
+ &epoch_off));
+ ExpectNotNull(X509_time_adj(X509_get_notAfter(x509), not_after,
+ &epoch_off));
+
+ ExpectIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
- AssertIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
+ ExpectNotNull(wolfSSL_X509_get_der(x509, &derSz));
+ ExpectIntGE(derSz, expectedDerSz);
BN_free(serial_number);
X509_NAME_free(name);
X509_free(x509);
- return 0;
+ return EXPECT_RESULT();
}
#endif
static int test_openssl_generate_key_and_cert(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
+ int expectedDerSz;
+ EVP_PKEY* pkey = NULL;
+#ifdef HAVE_ECC
+ EC_KEY* ec_key = NULL;
+#endif
#if !defined(NO_RSA)
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- EVP_PKEY* pkey = EVP_PKEY_new();
- int key_length = 2048;
- BIGNUM* exponent = BN_new();
- RSA* rsa = RSA_new();
-
- AssertNotNull(pkey);
- AssertNotNull(exponent);
- AssertNotNull(rsa);
-
- AssertIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0);
- #ifndef WOLFSSL_KEY_GEN
- AssertIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
-
- #if defined(USE_CERT_BUFFERS_1024)
- AssertIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024,
- sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0);
- key_length = 1024;
- #elif defined(USE_CERT_BUFFERS_2048)
- AssertIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048,
- sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0);
- #else
- RSA_free(rsa);
- rsa = NULL;
- #endif
- #else
- AssertIntEQ(RSA_generate_key_ex(NULL, key_length, exponent, NULL), 0);
- AssertIntEQ(RSA_generate_key_ex(rsa, 0, exponent, NULL), 0);
- AssertIntEQ(RSA_generate_key_ex(rsa, key_length, NULL, NULL), 0);
- AssertIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
- #endif
+ int key_length = 2048;
+ BIGNUM* exponent = NULL;
+ RSA* rsa = NULL;
- if (rsa) {
- AssertIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0);
+ ExpectNotNull(pkey = EVP_PKEY_new());
+ ExpectNotNull(exponent = BN_new());
+ ExpectNotNull(rsa = RSA_new());
- BN_free(exponent);
+ ExpectIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0);
+#ifndef WOLFSSL_KEY_GEN
+ ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
- #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
- defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
- test_openssl_make_self_signed_certificate(pkey);
- #endif
+ #if defined(USE_CERT_BUFFERS_1024)
+ ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024,
+ sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0);
+ key_length = 1024;
+ #elif defined(USE_CERT_BUFFERS_2048)
+ ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048,
+ sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0);
+ #else
+ RSA_free(rsa);
+ rsa = NULL;
+ #endif
+#else
+ ExpectIntEQ(RSA_generate_key_ex(NULL, key_length, exponent, NULL), 0);
+ ExpectIntEQ(RSA_generate_key_ex(rsa, 0, exponent, NULL), 0);
+ ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, NULL, NULL), 0);
+ ExpectIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
+#endif
+
+ if (rsa) {
+ ExpectIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0);
+ if (EXPECT_FAIL()) {
+ RSA_free(rsa);
}
- EVP_PKEY_free(pkey);
- res = TEST_RES_CHECK(1);
+ #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
+ defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
+ expectedDerSz = 743;
+ ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey,
+ expectedDerSz), TEST_SUCCESS);
+ #endif
}
+
+ EVP_PKEY_free(pkey);
+ pkey = NULL;
+ BN_free(exponent);
#endif /* !NO_RSA */
#ifdef HAVE_ECC
- if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
- EVP_PKEY* pkey = EVP_PKEY_new();
- EC_KEY* ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+ ExpectNotNull(pkey = EVP_PKEY_new());
+ ExpectNotNull(ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
- AssertNotNull(pkey);
- AssertNotNull(ec_key);
-
- #ifndef NO_WOLFSSL_STUB
- EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
- #endif
+#ifndef NO_WOLFSSL_STUB
+ EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
+#endif
- AssertIntNE(EC_KEY_generate_key(ec_key), 0);
- AssertIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
+ ExpectIntNE(EC_KEY_generate_key(ec_key), 0);
+ ExpectIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
+ if (EXPECT_FAIL()) {
+ EC_KEY_free(ec_key);
+ }
- #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
- defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
- test_openssl_make_self_signed_certificate(pkey);
- #endif
+#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
+ defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
+ expectedDerSz = 344;
+ ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey, expectedDerSz),
+ TEST_SUCCESS);
+#endif
- EVP_PKEY_free(pkey);
- res = TEST_RES_CHECK(1);
- }
+ EVP_PKEY_free(pkey);
#endif /* HAVE_ECC */
+ (void)pkey;
+ (void)expectedDerSz;
#endif /* OPENSSL_EXTRA */
- return res;
+
+ return EXPECT_RESULT();
}
static int test_stubs_are_stubs(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB)
+ EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB) && \
+ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx = NULL;
WOLFSSL_CTX* ctxN = NULL;
#ifndef NO_WOLFSSL_CLIENT
- ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
- AssertNotNull(ctx);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
#elif !defined(NO_WOLFSSL_SERVER)
- ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
- AssertNotNull(ctx);
- #else
- return res;
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#endif
- #define CHECKZERO_RET(x, y, z) AssertIntEQ((int) x(y), 0); \
- AssertIntEQ((int) x(z), 0)
+ #define CHECKZERO_RET(x, y, z) ExpectIntEQ((int) x(y), 0); \
+ ExpectIntEQ((int) x(z), 0)
/* test logic, all stubs return same result regardless of ctx being NULL
* as there are no sanity checks, it's just a stub! If at some
* point a stub is not a stub it should begin to return BAD_FUNC_ARG
@@ -61363,12 +60798,12 @@ static int test_stubs_are_stubs(void)
CHECKZERO_RET(wolfSSL_CTX_sess_cache_full, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_misses, ctx, ctxN);
CHECKZERO_RET(wolfSSL_CTX_sess_timeouts, ctx, ctxN);
+
wolfSSL_CTX_free(ctx);
ctx = NULL;
-
- res = TEST_RES_CHECK(1);
-#endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB */
- return res;
+#endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB && (!NO_WOLFSSL_CLIENT ||
+ * !NO_WOLFSSL_SERVER) */
+ return EXPECT_RESULT();
}
static int test_CONF_modules_xxx(void)
@@ -61376,18 +60811,12 @@ static int test_CONF_modules_xxx(void)
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
CONF_modules_free();
- AssertTrue(1); /* to confirm previous call gives no harm */
CONF_modules_unload(0);
- AssertTrue(1);
-
CONF_modules_unload(1);
- AssertTrue(1);
-
CONF_modules_unload(-1);
- AssertTrue(1);
- res = TEST_RES_CHECK(1);
+ res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA */
return res;
}
@@ -61413,40 +60842,36 @@ static int test_CRYPTO_set_dynlock_xxx(void)
CRYPTO_set_dynlock_lock_callback(
(void (*)(int, struct CRYPTO_dynlock_value *, const char*, int))1);
- AssertTrue(1); /* to confirm previous call gives no harm */
-
- res = TEST_RES_CHECK(1);
+ res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA */
return res;
}
static int test_CRYPTO_THREADID_xxx(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
CRYPTO_THREADID_current((CRYPTO_THREADID*)NULL);
CRYPTO_THREADID_current((CRYPTO_THREADID*)1);
- AssertIntEQ(CRYPTO_THREADID_hash((const CRYPTO_THREADID*)NULL), 0);
-
- res = TEST_RES_CHECK(1);
+ ExpectIntEQ(CRYPTO_THREADID_hash((const CRYPTO_THREADID*)NULL), 0);
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_ENGINE_cleanup(void)
{
int res = TEST_SKIPPED;
#if defined(OPENSSL_EXTRA)
ENGINE_cleanup();
- AssertTrue(1); /* to confirm previous call gives no harm */
- res = TEST_RES_CHECK(1);
+ res = TEST_SUCCESS;
#endif /* OPENSSL_EXTRA */
return res;
}
static int test_wolfSSL_CTX_LoadCRL(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
+ EXPECT_DECLS;
+#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
+ (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* badPath = "dummypath";
@@ -61455,22 +60880,37 @@ static int test_wolfSSL_CTX_LoadCRL(void)
const char* issuerCert = "./certs/client-cert.pem";
int derType = WOLFSSL_FILETYPE_ASN1;
int pemType = WOLFSSL_FILETYPE_PEM;
+#ifdef HAVE_CRL_MONITOR
int monitor = WOLFSSL_CRL_MONITOR;
+#else
+ int monitor = 0;
+#endif
WOLFSSL_CERT_MANAGER* cm = NULL;
- #define FAIL_T1(x, y, z, p, d) AssertIntEQ((int) x(y, z, p, d), \
+ #define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
BAD_FUNC_ARG)
- #define SUCC_T(x, y, z, p, d) AssertIntEQ((int) x(y, z, p, d), \
+ #define FAIL_T2(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
+ NOT_COMPILED_IN)
+ #define SUCC_T(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
WOLFSSL_SUCCESS)
-
- FAIL_T1(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
-
#ifndef NO_WOLFSSL_CLIENT
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ #define NEW_CTX(ctx) ExpectNotNull( \
+ (ctx) = wolfSSL_CTX_new(wolfSSLv23_client_method()))
#elif !defined(NO_WOLFSSL_SERVER)
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ #define NEW_CTX(ctx) ExpectNotNull( \
+ (ctx) = wolfSSL_CTX_new(wolfSSLv23_server_method()))
#else
- return;
+ #define NEW_CTX(ctx) return
+#endif
+
+ FAIL_T1(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
+
+ NEW_CTX(ctx);
+
+#ifndef HAVE_CRL_MONITOR
+ FAIL_T2(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, WOLFSSL_CRL_MONITOR);
+ wolfSSL_CTX_free(ctx);
+ NEW_CTX(ctx);
#endif
SUCC_T (wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
@@ -61478,49 +60918,81 @@ static int test_wolfSSL_CTX_LoadCRL(void)
SUCC_T (wolfSSL_CTX_LoadCRL, ctx, badPath, derType, monitor);
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
-#ifndef NO_WOLFSSL_CLIENT
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-#elif !defined(NO_WOLFSSL_SERVER)
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
-#else
- return;
-#endif
- AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
+ NEW_CTX(ctx);
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, validFilePath, pemType), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, validFilePath, pemType), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
-#ifndef NO_WOLFSSL_CLIENT
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-#elif !defined(NO_WOLFSSL_SERVER)
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
-#else
- return;
-#endif
- AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
+ NEW_CTX(ctx);
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
WOLFSSL_SUCCESS);
- AssertNotNull(ssl = wolfSSL_new(ctx));
- AssertIntEQ(wolfSSL_LoadCRLFile(ssl, validFilePath, pemType), WOLFSSL_SUCCESS);
+ ExpectNotNull(ssl = wolfSSL_new(ctx));
+ ExpectIntEQ(wolfSSL_LoadCRLFile(ssl, validFilePath, pemType), WOLFSSL_SUCCESS);
wolfSSL_free(ssl);
+ ssl = NULL;
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
- AssertNotNull(cm = wolfSSL_CertManagerNew());
- AssertIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, validFilePath, pemType), WOLFSSL_SUCCESS);
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+ ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, validFilePath, pemType),
+ WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
+#endif
+ return EXPECT_RESULT();
+}
- res = TEST_RES_CHECK(1);
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL)
+static int test_multiple_crls_same_issuer_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/crl.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
+}
#endif
- return res;
+
+static int test_multiple_crls_same_issuer(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL)
+ test_ssl_cbf client_cbs, server_cbs;
+ struct {
+ const char* server_cert;
+ const char* server_key;
+ } test_params[] = {
+ { "./certs/server-cert.pem", "./certs/server-key.pem" },
+ { "./certs/server-revoked-cert.pem", "./certs/server-revoked-key.pem" }
+ };
+ size_t i;
+
+ for (i = 0; i < (sizeof(test_params)/sizeof(*test_params)); i++) {
+ XMEMSET(&client_cbs, 0, sizeof(client_cbs));
+ XMEMSET(&server_cbs, 0, sizeof(server_cbs));
+
+ server_cbs.certPemFile = test_params[i].server_cert;
+ server_cbs.keyPemFile = test_params[i].server_key;
+ client_cbs.crlPemFile = "./certs/crl/extra-crls/general-server-crl.pem";
+
+ client_cbs.ctx_ready = test_multiple_crls_same_issuer_ctx_ready;
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
+ &server_cbs, NULL), TEST_FAIL);
+ }
+#endif
+ return EXPECT_RESULT();
}
static int test_SetTmpEC_DHE_Sz(void)
{
- int res = TEST_SKIPPED;
-#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT)
EXPECT_DECLS;
+#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx = NULL;
WOLFSSL *ssl = NULL;
@@ -61531,18 +61003,15 @@ static int test_SetTmpEC_DHE_Sz(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get0_privatekey(void)
{
- int res = TEST_SKIPPED;
-#ifdef OPENSSL_ALL
EXPECT_DECLS;
+#ifdef OPENSSL_ALL
WOLFSSL_CTX* ctx = NULL;
(void)ctx;
@@ -61570,19 +61039,17 @@ static int test_wolfSSL_CTX_get0_privatekey(void)
ExpectNotNull(SSL_CTX_get0_privatekey(ctx));
wolfSSL_CTX_free(ctx);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_dtls_set_mtu(void)
{
- int res = TEST_SKIPPED;
-#if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \
- !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_DTLS)
EXPECT_DECLS;
+#if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \
+ !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_DTLS) && \
+ !defined(WOLFSSL_NO_TLS12)
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
const char* testCertFile;
@@ -61614,15 +61081,13 @@ static int test_wolfSSL_dtls_set_mtu(void)
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
- defined(WOLFSSL_DTLS)
+ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
static WC_INLINE void generateDTLSMsg(byte* out, int outSz, word32 seq,
enum HandShakeType hsType, word16 length)
@@ -61742,7 +61207,7 @@ static int test_wolfSSL_dtls_plaintext(void) {
#endif
#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
- defined(WOLFSSL_DTLS)
+ defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
static void test_wolfSSL_dtls12_fragments_spammer(WOLFSSL* ssl)
{
@@ -61854,6 +61319,7 @@ static void test_wolfSSL_dtls13_fragments_spammer(WOLFSSL* ssl)
static int test_wolfSSL_dtls_fragments(void)
{
+ EXPECT_DECLS;
callback_functions func_cb_client;
callback_functions func_cb_server;
size_t i;
@@ -61862,8 +61328,10 @@ static int test_wolfSSL_dtls_fragments(void)
method_provider server_meth;
ssl_callback spammer;
} params[] = {
+#if !defined(WOLFSSL_NO_TLS12)
{wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
test_wolfSSL_dtls12_fragments_spammer},
+#endif
#ifdef WOLFSSL_DTLS13
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
test_wolfSSL_dtls13_fragments_spammer},
@@ -61874,7 +61342,6 @@ static int test_wolfSSL_dtls_fragments(void)
XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
-
func_cb_client.doUdp = func_cb_server.doUdp = 1;
func_cb_server.method = params[i].server_meth;
func_cb_client.method = params[i].client_meth;
@@ -61882,22 +61349,25 @@ static int test_wolfSSL_dtls_fragments(void)
test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
- AssertFalse(func_cb_client.return_code);
- AssertFalse(func_cb_server.return_code);
+ ExpectFalse(func_cb_client.return_code);
+ ExpectFalse(func_cb_server.return_code);
/* The socket should be closed by the server resulting in a
* socket error, fatal error or reading a close notify alert */
if (func_cb_client.last_err != SOCKET_ERROR_E &&
func_cb_client.last_err != WOLFSSL_ERROR_ZERO_RETURN &&
func_cb_client.last_err != FATAL_ERROR) {
- AssertIntEQ(func_cb_client.last_err, SOCKET_ERROR_E);
+ ExpectIntEQ(func_cb_client.last_err, SOCKET_ERROR_E);
}
/* Check the server returned an error indicating the msg buffer
* was full */
- AssertIntEQ(func_cb_server.last_err, DTLS_TOO_MANY_FRAGMENTS_E);
+ ExpectIntEQ(func_cb_server.last_err, DTLS_TOO_MANY_FRAGMENTS_E);
+
+ if (EXPECT_FAIL())
+ break;
}
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
static void test_wolfSSL_dtls_send_alert(WOLFSSL* ssl)
@@ -61926,10 +61396,15 @@ static int _test_wolfSSL_ignore_alert_before_cookie(byte version12)
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
client_cbs.doUdp = server_cbs.doUdp = 1;
if (version12) {
+#if !defined(WOLFSSL_NO_TLS12)
client_cbs.method = wolfDTLSv1_2_client_method;
server_cbs.method = wolfDTLSv1_2_server_method;
+#else
+ return TEST_SKIPPED;
+#endif
}
- else {
+ else
+ {
#ifdef WOLFSSL_DTLS13
client_cbs.method = wolfDTLSv1_3_client_method;
server_cbs.method = wolfDTLSv1_3_server_method;
@@ -62022,17 +61497,18 @@ static int _test_wolfSSL_dtls_bad_record(
static int test_wolfSSL_dtls_bad_record(void)
{
- int ret;
+ int ret = TEST_SUCCESS;
+#if !defined(WOLFSSL_NO_TLS12)
ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_2_client_method,
wolfDTLSv1_2_server_method);
+#endif
#ifdef WOLFSSL_DTLS13
- if (ret != TEST_SUCCESS)
- return ret;
- return _test_wolfSSL_dtls_bad_record(wolfDTLSv1_3_client_method,
+ if (ret == TEST_SUCCESS) {
+ ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_3_client_method,
wolfDTLSv1_3_server_method);
-#else
- return ret;
+ }
#endif /* WOLFSSL_DTLS13 */
+ return ret;
}
@@ -62414,6 +61890,7 @@ static word32 test_wolfSSL_dtls_stateless_HashWOLFSSL(const WOLFSSL* ssl)
sslCopy.buffers.outputBuffer.offset = 0;
sslCopy.error = 0;
sslCopy.curSize = 0;
+ sslCopy.curStartIdx = 0;
sslCopy.keys.curSeq_lo = 0;
XMEMSET(&sslCopy.curRL, 0, sizeof(sslCopy.curRL));
#ifdef WOLFSSL_DTLS13
@@ -62517,8 +61994,10 @@ static int test_wolfSSL_dtls_stateless(void)
ssl_callback client_ssl_ready;
ssl_callback server_ssl_ready;
} test_params[] = {
+#if !defined(WOLFSSL_NO_TLS12)
{wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_compare_stateless},
+#endif
#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
{wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_enable_hrrcookie},
@@ -62527,6 +62006,10 @@ static int test_wolfSSL_dtls_stateless(void)
#endif
};
+ if (0 == sizeof(test_params)){
+ return TEST_SKIPPED;
+ }
+
for (i = 0; i < sizeof(test_params)/sizeof(*test_params); i++) {
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
@@ -62598,7 +62081,7 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA)
#define VERIFY_ONE_CERT(a, b, c, d) \
do { \
- (a) = verify_cert_with_cm(c, d); \
+ (a) = verify_cert_with_cm(c, d);\
if ((a) != 0) \
return (b); \
else \
@@ -62637,8 +62120,8 @@ static int test_chainG(WOLFSSL_CERT_MANAGER* cm)
VERIFY_ONE_CERT(ret, i, cm, chainGArr[7]); /* if failure, i = -15 here */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -16 here */
-/* test validating the entity twice, should have no effect on pathLen since
- * entity/leaf cert */
+ /* test validating the entity twice, should have no effect on pathLen since
+ * entity/leaf cert */
VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -17 here */
return ret;
@@ -62737,87 +62220,58 @@ static int test_chainJ(WOLFSSL_CERT_MANAGER* cm)
static int test_various_pathlen_chains(void)
{
- int ret;
- WOLFSSL_CERT_MANAGER* cm;
+ EXPECT_DECLS;
+ WOLFSSL_CERT_MANAGER* cm = NULL;
/* Test chain G (large chain with varying pathLens) */
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
- AssertIntEQ(test_chainG(cm), -1);
+ ExpectIntEQ(test_chainG(cm), -1);
#else
- AssertIntEQ(test_chainG(cm), 0);
+ ExpectIntEQ(test_chainG(cm), 0);
#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
- ret = wolfSSL_CertManagerUnloadCAs(cm);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
/* end test chain G */
/* Test chain H (5 chain with same pathLens) */
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
- AssertIntLT(test_chainH(cm), 0);
-
- wolfSSL_CertManagerUnloadCAs(cm);
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+ ExpectIntLT(test_chainH(cm), 0);
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
- ret = wolfSSL_CertManagerUnloadCAs(cm);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
/* end test chain H */
/* Test chain I (only first ICA has pathLen set and it's set to 2,
* followed by 2 ICA's, should pass) */
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
- AssertIntEQ(test_chainI(cm), -1);
+ ExpectIntEQ(test_chainI(cm), -1);
#else
- AssertIntEQ(test_chainI(cm), 0);
+ ExpectIntEQ(test_chainI(cm), 0);
#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
- wolfSSL_CertManagerUnloadCAs(cm);
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
- ret = wolfSSL_CertManagerUnloadCAs(cm);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
/* Test chain J (Again only first ICA has pathLen set and it's set to 2,
* this time followed by 3 ICA's, should fail */
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
- AssertIntLT(test_chainJ(cm), 0);
-
- wolfSSL_CertManagerUnloadCAs(cm);
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+ ExpectIntLT(test_chainJ(cm), 0);
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
- if ((cm = wolfSSL_CertManagerNew()) == NULL) {
- fprintf(stderr, "cert manager new failed\n");
- return -1;
- }
- ret = wolfSSL_CertManagerUnloadCAs(cm);
+ ExpectNotNull(cm = wolfSSL_CertManagerNew());
+ ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
wolfSSL_CertManagerFree(cm);
- return TEST_RES_CHECK(ret == WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
}
#endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */
@@ -62829,7 +62283,7 @@ static int test_export_keying_material_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
(void)ctx;
- /* Succes Cases */
+ /* Success Cases */
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
"Test label", XSTR_SIZEOF("Test label"), NULL, 0, 0), 1);
ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
@@ -62878,9 +62332,8 @@ static int test_export_keying_material(void)
static int test_wolfSSL_THREADID_hash(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
CRYPTO_THREADID id;
CRYPTO_THREADID_current(NULL);
@@ -62888,32 +62341,28 @@ static int test_wolfSSL_THREADID_hash(void)
ExpectTrue(CRYPTO_THREADID_hash(NULL) == 0UL);
XMEMSET(&id, 0, sizeof(id));
ExpectTrue(CRYPTO_THREADID_hash(&id) == 0UL);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_ecdh_auto(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
WOLFSSL_CTX* ctx = NULL;
ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,0), 1);
ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,1), 1);
ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,0), 1);
ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,1), 1);
-
- res = EXPECT_RESULT();
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
{
+ EXPECT_DECLS;
callback_functions* callbacks = NULL;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
@@ -62923,10 +62372,11 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
char msg[] = "I hear you fa shizzle!";
int len = (int) XSTRLEN(msg);
char input[1024];
- int ret, err;
+ int ret;
+ int err = 0;
if (!args)
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
((func_args*)args)->return_code = TEST_FAIL;
@@ -62944,19 +62394,17 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
fdOpenSession(Task_self());
#endif
- AssertIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
+ caCertFile, 0));
- AssertIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
- WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx,
+ svrCertFile, WOLFSSL_FILETYPE_PEM));
- AssertIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
- WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM));
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
- AssertIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
+ ExpectIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#elif !defined(NO_DH)
SetDHCtx(ctx); /* will repick suites with DHE, higher priority than PSK */
@@ -62966,37 +62414,33 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
callbacks->ctx_ready(ctx);
ssl = wolfSSL_new(ctx);
- AssertNotNull(ssl);
+ ExpectNotNull(ssl);
/* listen and accept */
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
CloseSocket(sfd);
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
- do {
- err = 0; /* Reset error */
- ret = wolfSSL_accept(ssl);
- if (ret != WOLFSSL_SUCCESS) {
- err = wolfSSL_get_error(ssl, 0);
- }
- } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
-
- if (ret != WOLFSSL_SUCCESS) {
- wolfSSL_free(ssl);
- wolfSSL_CTX_free(ctx);
- CloseSocket(cfd);
- ((func_args*)args)->return_code = TEST_FAIL;
- return 0;
+ if (EXPECT_SUCCESS()) {
+ do {
+ err = 0; /* Reset error */
+ ret = wolfSSL_accept(ssl);
+ if (ret != WOLFSSL_SUCCESS) {
+ err = wolfSSL_get_error(ssl, 0);
+ }
+ } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
}
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
+
/* read and write data */
- XMEMSET( input, 0, sizeof(input));
+ XMEMSET(input, 0, sizeof(input));
- while (1) {
+ while (EXPECT_SUCCESS()) {
ret = wolfSSL_read(ssl, input, sizeof(input));
if (ret > 0) {
break;
@@ -63010,7 +62454,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
}
}
- if (err == WOLFSSL_ERROR_ZERO_RETURN) {
+ if (EXPECT_SUCCESS() && (err == WOLFSSL_ERROR_ZERO_RETURN)) {
do {
ret = wolfSSL_write(ssl, msg, len);
if (ret > 0) {
@@ -63020,21 +62464,27 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
}
/* bidirectional shutdown */
- while (wolfSSL_shutdown(ssl) != WOLFSSL_SUCCESS) {
- continue;
+ while (EXPECT_SUCCESS()) {
+ ret = wolfSSL_shutdown(ssl);
+ ExpectIntNE(ret, WOLFSSL_FATAL_ERROR);
+ if (ret == WOLFSSL_SUCCESS) {
+ break;
+ }
}
- /* wait for the peer to disconnect the tcp connection */
- do {
- ret = wolfSSL_read(ssl, input, sizeof(input));
- err = wolfSSL_get_error(ssl, ret);
- } while (ret > 0 || err != WOLFSSL_ERROR_ZERO_RETURN);
+ if (EXPECT_SUCCESS()) {
+ /* wait for the peer to disconnect the tcp connection */
+ do {
+ ret = wolfSSL_read(ssl, input, sizeof(input));
+ err = wolfSSL_get_error(ssl, ret);
+ } while (ret > 0 || err != WOLFSSL_ERROR_ZERO_RETURN);
+ }
/* detect TCP disconnect */
- AssertIntLE(ret,WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_get_error(ssl, ret), WOLFSSL_ERROR_ZERO_RETURN);
+ ExpectIntLE(ret,WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_get_error(ssl, ret), WOLFSSL_ERROR_ZERO_RETURN);
- ((func_args*)args)->return_code = TEST_SUCCESS;
+ ((func_args*)args)->return_code = EXPECT_RESULT();
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
@@ -63042,10 +62492,11 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
{
+ EXPECT_DECLS;
callback_functions* callbacks = NULL;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
@@ -63057,7 +62508,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
int ret, err;
if (!args)
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
((func_args*)args)->return_code = TEST_FAIL;
callbacks = ((func_args*)args)->callbacks;
@@ -63067,44 +62518,48 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
fdOpenSession(Task_self());
#endif
- AssertIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
+ caCertFile, 0));
- AssertIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
- WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx,
+ cliCertFile, WOLFSSL_FILETYPE_PEM));
- AssertIntEQ(WOLFSSL_SUCCESS,
- wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
- WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM));
- AssertNotNull((ssl = wolfSSL_new(ctx)));
+ ExpectNotNull((ssl = wolfSSL_new(ctx)));
tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, ssl);
- AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd));
+ ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd));
- do {
- err = 0; /* Reset error */
- ret = wolfSSL_connect(ssl);
- if (ret != WOLFSSL_SUCCESS) {
- err = wolfSSL_get_error(ssl, 0);
- }
- } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
+ if (EXPECT_SUCCESS()) {
+ do {
+ err = 0; /* Reset error */
+ ret = wolfSSL_connect(ssl);
+ if (ret != WOLFSSL_SUCCESS) {
+ err = wolfSSL_get_error(ssl, 0);
+ }
+ } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
+ }
- AssertIntGE(wolfSSL_write(ssl, msg, len), 0);
+ ExpectIntGE(wolfSSL_write(ssl, msg, len), 0);
- if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
- input[idx] = 0;
+ if (EXPECT_SUCCESS()) {
+ if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
+ input[idx] = 0;
+ }
}
- ret = wolfSSL_shutdown(ssl);
- if ( ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
+ if (EXPECT_SUCCESS()) {
ret = wolfSSL_shutdown(ssl);
+ if (ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
+ ret = wolfSSL_shutdown(ssl);
+ }
}
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
- ((func_args*)args)->return_code = TEST_SUCCESS;
+ ((func_args*)args)->return_code = EXPECT_RESULT();
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
@@ -63112,7 +62567,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
wc_ecc_fp_free(); /* free per thread cache */
#endif
- return 0;
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
#endif /* OPENSSL_EXTRA && WOLFSSL_ERROR_CODE_OPENSSL &&
HAVE_IO_TESTS_DEPENDENCIES && !WOLFSSL_NO_TLS12 */
@@ -63122,7 +62577,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
*/
static int test_wolfSSL_read_detect_TCP_disconnect(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \
defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
tcp_ready ready;
@@ -63168,71 +62623,75 @@ static int test_wolfSSL_read_detect_TCP_disconnect(void)
join_thread(clientThread);
join_thread(serverThread);
- AssertTrue(client_args.return_code);
- AssertTrue(server_args.return_code);
+ ExpectTrue(client_args.return_code);
+ ExpectTrue(server_args.return_code);
FreeTcpReady(&ready);
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_get_min_proto_version(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
- WOLFSSL_CTX *ctx;
-
- (void)ctx;
+ WOLFSSL_CTX *ctx = NULL;
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, SSL3_VERSION), WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, SSL3_VERSION),
+ WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ALLOW_SSLV3
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
#else
- AssertIntGT(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
+ ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
#endif
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
#ifdef WOLFSSL_ALLOW_TLSV10
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_method()));
#else
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
#endif
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_VERSION), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_VERSION),
+ WOLFSSL_SUCCESS);
#ifdef WOLFSSL_ALLOW_TLSV10
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
#else
- AssertIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
+ ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
#endif
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION), WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION),
+ WOLFSSL_SUCCESS);
#ifndef NO_OLD_TLS
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
#else
- AssertIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
+ ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
#endif
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
#ifndef WOLFSSL_NO_TLS12
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_method()));
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_method()));
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
#endif
#ifdef WOLFSSL_TLS13
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_method()));
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_3_VERSION);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_method()));
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_3_VERSION);
wolfSSL_CTX_free(ctx);
+ ctx = NULL;
#endif
-
- res = TEST_RES_CHECK(1);
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
@@ -63241,82 +62700,85 @@ static int test_wolfSSL_CTX_get_min_proto_version(void)
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))
static int test_wolfSSL_set_SSL_CTX(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) \
&& !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_TLS13) && \
!defined(NO_RSA)
- WOLFSSL_CTX *ctx1, *ctx2;
- WOLFSSL *ssl;
+ WOLFSSL_CTX *ctx1 = NULL;
+ WOLFSSL_CTX *ctx2 = NULL;
+ WOLFSSL *ssl = NULL;
const byte *session_id1 = (const byte *)"CTX1";
const byte *session_id2 = (const byte *)"CTX2";
- AssertNotNull(ctx1 = wolfSSL_CTX_new(wolfTLS_server_method()));
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx1, svrCertFile,
- WOLFSSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx1, svrKeyFile,
- WOLFSSL_FILETYPE_PEM));
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx1, TLS1_2_VERSION),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx1), TLS1_2_VERSION);
- AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx1), TLS1_3_VERSION);
- AssertIntEQ(wolfSSL_CTX_set_session_id_context(ctx1, session_id1, 4),
- WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx1 = wolfSSL_CTX_new(wolfTLS_server_method()));
+ ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx1, svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx1, svrKeyFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx1, TLS1_2_VERSION),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx1), TLS1_2_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx1), TLS1_3_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx1, session_id1, 4),
+ WOLFSSL_SUCCESS);
- AssertNotNull(ctx2 = wolfSSL_CTX_new(wolfTLS_server_method()));
- AssertTrue(wolfSSL_CTX_use_certificate_file(ctx2, svrCertFile,
- WOLFSSL_FILETYPE_PEM));
- AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx2, svrKeyFile,
- WOLFSSL_FILETYPE_PEM));
- AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx2, TLS1_2_VERSION),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_set_max_proto_version(ctx2, TLS1_2_VERSION),
- WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx2), TLS1_2_VERSION);
- AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx2), TLS1_2_VERSION);
- AssertIntEQ(wolfSSL_CTX_set_session_id_context(ctx2, session_id2, 4),
- WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx2 = wolfSSL_CTX_new(wolfTLS_server_method()));
+ ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx2, svrCertFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx2, svrKeyFile,
+ WOLFSSL_FILETYPE_PEM));
+ ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx2, TLS1_2_VERSION),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx2, TLS1_2_VERSION),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx2), TLS1_2_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx2), TLS1_2_VERSION);
+ ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx2, session_id2, 4),
+ WOLFSSL_SUCCESS);
#ifdef HAVE_SESSION_TICKET
- AssertIntEQ((wolfSSL_CTX_get_options(ctx1) & SSL_OP_NO_TICKET), 0);
+ ExpectIntEQ((wolfSSL_CTX_get_options(ctx1) & SSL_OP_NO_TICKET), 0);
wolfSSL_CTX_set_options(ctx2, SSL_OP_NO_TICKET);
- AssertIntNE((wolfSSL_CTX_get_options(ctx2) & SSL_OP_NO_TICKET), 0);
+ ExpectIntNE((wolfSSL_CTX_get_options(ctx2) & SSL_OP_NO_TICKET), 0);
#endif
- AssertNotNull(ssl = wolfSSL_new(ctx2));
- AssertIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
+ ExpectNotNull(ssl = wolfSSL_new(ctx2));
+ ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
#ifdef WOLFSSL_INT_H
- AssertIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0);
- AssertTrue(ssl->buffers.certificate == ctx2->certificate);
- AssertTrue(ssl->buffers.certChain == ctx2->certChain);
+#ifdef WOLFSSL_SESSION_ID_CTX
+ ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0);
+#endif
+ ExpectTrue(ssl->buffers.certificate == ctx2->certificate);
+ ExpectTrue(ssl->buffers.certChain == ctx2->certChain);
#endif
#ifdef HAVE_SESSION_TICKET
- AssertIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
+ ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
#endif
/* Set the ctx1 that has TLSv1.3 as max proto version */
- AssertNotNull(wolfSSL_set_SSL_CTX(ssl, ctx1));
+ ExpectNotNull(wolfSSL_set_SSL_CTX(ssl, ctx1));
/* MUST not change proto versions of ssl */
- AssertIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
+ ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
#ifdef HAVE_SESSION_TICKET
/* MUST not change */
- AssertIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
+ ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
#endif
/* MUST change */
#ifdef WOLFSSL_INT_H
- AssertTrue(ssl->buffers.certificate == ctx1->certificate);
- AssertTrue(ssl->buffers.certChain == ctx1->certChain);
- AssertIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0);
+ ExpectTrue(ssl->buffers.certificate == ctx1->certificate);
+ ExpectTrue(ssl->buffers.certChain == ctx1->certChain);
+#ifdef WOLFSSL_SESSION_ID_CTX
+ ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0);
+#endif
#endif
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx1);
wolfSSL_CTX_free(ctx2);
-
- res = TEST_RES_CHECK(1);
#endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
- return res;
+ return EXPECT_RESULT();
}
#endif /* defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
@@ -63325,160 +62787,150 @@ static int test_wolfSSL_set_SSL_CTX(void)
static int test_wolfSSL_security_level(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
- SSL_CTX *ctx;
+ SSL_CTX *ctx = NULL;
#ifdef WOLFSSL_TLS13
#ifdef NO_WOLFSSL_SERVER
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#else
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
#endif
+ SSL_CTX_set_security_level(NULL, 1);
SSL_CTX_set_security_level(ctx, 1);
- AssertTrue(1);
-
- AssertIntEQ(SSL_CTX_get_security_level(ctx), 0);
+ ExpectIntEQ(SSL_CTX_get_security_level(NULL), 0);
+ /* Stub so nothing happens. */
+ ExpectIntEQ(SSL_CTX_get_security_level(ctx), 0);
SSL_CTX_free(ctx);
#else
(void)ctx;
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_SSL_in_init(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_BIO)
- SSL_CTX* ctx;
- SSL* ssl;
+ SSL_CTX* ctx = NULL;
+ SSL* ssl = NULL;
const char* testCertFile;
const char* testKeyFile;
- #ifdef WOLFSSL_TLS13
- #ifdef NO_WOLFSSL_SERVER
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
- #else
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
- #endif
+#ifdef WOLFSSL_TLS13
+ #ifdef NO_WOLFSSL_SERVER
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
+ #else
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+ #endif
+#else
+ #ifdef NO_WOLFSSL_SERVER
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ #else
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ #endif
+#endif
#ifndef NO_RSA
- testCertFile = svrCertFile;
- testKeyFile = svrKeyFile;
+ testCertFile = svrCertFile;
+ testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
- testCertFile = eccCertFile;
- testKeyFile = eccKeyFile;
+ testCertFile = eccCertFile;
+ testKeyFile = eccKeyFile;
#else
- testCertFile = NULL;
- testKeyFile = NULL;
+ testCertFile = NULL;
+ testKeyFile = NULL;
#endif
- if (testCertFile != NULL && testKeyFile != NULL) {
- AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
- SSL_FILETYPE_PEM));
- AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
- SSL_FILETYPE_PEM));
- }
-
- ssl = SSL_new(ctx);
- AssertNotNull(ssl);
- AssertIntEQ(SSL_in_init(ssl), 1);
+ if ((testCertFile != NULL) && (testKeyFile != NULL)) {
+ ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
+ SSL_FILETYPE_PEM));
+ ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
+ SSL_FILETYPE_PEM));
+ }
- SSL_CTX_free(ctx);
- SSL_free(ssl);
- #else
- (void)ctx;
- (void)ssl;
- (void)testCertFile;
- (void)testKeyFile;
- #endif
+ ExpectNotNull(ssl = SSL_new(ctx));
+ ExpectIntEQ(SSL_in_init(ssl), 1);
- res = TEST_RES_CHECK(1);
+ SSL_CTX_free(ctx);
+ SSL_free(ssl);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CTX_set_timeout(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE)
int timeout;
-
- WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
+ WOLFSSL_CTX* ctx = NULL;
(void)timeout;
- AssertNotNull(ctx);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
/* in WOLFSSL_ERROR_CODE_OPENSSL macro guard,
* wolfSSL_CTX_set_timeout returns previous timeout value on success.
*/
- AssertIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
/* giving 0 as timeout value sets default timeout */
timeout = wolfSSL_CTX_set_timeout(ctx, 0);
- AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 20), timeout);
- AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 30), 20);
+ ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 20), timeout);
+ ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 30), 20);
#else
-
- AssertIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
- AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 100), 1);
- AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 0), 1);
-
+ ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
+ ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 100), 1);
+ ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 0), 1);
#endif
- wolfSSL_CTX_free(ctx);
- res = TEST_RES_CHECK(1);
+ wolfSSL_CTX_free(ctx);
#endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_OpenSSL_version(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
const char* ver;
- #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
- AssertNotNull(ver = OpenSSL_version(0));
- #else
- AssertNotNull(ver = OpenSSL_version());
- #endif
- AssertIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING,
- XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0);
-
- res = TEST_RES_CHECK(1);
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+ ExpectNotNull(ver = OpenSSL_version(0));
+#else
+ ExpectNotNull(ver = OpenSSL_version());
#endif
- return res;
+ ExpectIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING,
+ XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0);
+#endif
+ return EXPECT_RESULT();
}
static int test_CONF_CTX_CMDLINE(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL)
SSL_CTX* ctx = NULL;
SSL_CONF_CTX* cctx = NULL;
- AssertNotNull(cctx = SSL_CONF_CTX_new());
+ ExpectNotNull(cctx = SSL_CONF_CTX_new());
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
- AssertTrue(1);
/* set flags */
- AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CMDLINE),
- WOLFSSL_CONF_FLAG_CMDLINE);
- AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
- WOLFSSL_CONF_FLAG_CMDLINE | WOLFSSL_CONF_FLAG_CERTIFICATE);
+ ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CMDLINE),
+ WOLFSSL_CONF_FLAG_CMDLINE);
+ ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
+ WOLFSSL_CONF_FLAG_CMDLINE | WOLFSSL_CONF_FLAG_CERTIFICATE);
/* cmd invalid command */
- AssertIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
- AssertIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
- AssertIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
- AssertIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
+ ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
/* cmd Certificate and Private Key*/
{
@@ -63486,12 +62938,11 @@ static int test_CONF_CTX_CMDLINE(void)
const char* ourCert = svrCertFile;
const char* ourKey = svrKeyFile;
- AssertIntEQ(SSL_CONF_cmd(cctx, "-cert", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-cert", ourCert),
- WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-key", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-key", ourKey), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", ourCert), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", ourKey), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
@@ -63500,9 +62951,9 @@ static int test_CONF_CTX_CMDLINE(void)
#if defined(HAVE_ECC)
const char* curve = "secp256r1";
- AssertIntEQ(SSL_CONF_cmd(cctx, "-curves", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-curves", curve), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", curve), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
@@ -63510,9 +62961,9 @@ static int test_CONF_CTX_CMDLINE(void)
{
char* cipher = wolfSSL_get_cipher_list(0/*top priority*/);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-cipher", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-cipher", cipher), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", cipher), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
}
/* cmd DH parameter */
@@ -63520,45 +62971,41 @@ static int test_CONF_CTX_CMDLINE(void)
#if !defined(NO_DH) && !defined(NO_BIO)
const char* ourdhcert = "./certs/dh2048.pem";
- AssertIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL),
- -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "-dhparam", ourdhcert),
- WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", ourdhcert), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
+
SSL_CTX_free(ctx);
SSL_CONF_CTX_free(cctx);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_CONF_CTX_FILE(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL)
SSL_CTX* ctx = NULL;
SSL_CONF_CTX* cctx = NULL;
- AssertNotNull(cctx = SSL_CONF_CTX_new());
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ ExpectNotNull(cctx = SSL_CONF_CTX_new());
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
- AssertTrue(1);
/* set flags */
- AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_FILE),
- WOLFSSL_CONF_FLAG_FILE);
- AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
- WOLFSSL_CONF_FLAG_FILE | WOLFSSL_CONF_FLAG_CERTIFICATE);
+ ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_FILE),
+ WOLFSSL_CONF_FLAG_FILE);
+ ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
+ WOLFSSL_CONF_FLAG_FILE | WOLFSSL_CONF_FLAG_CERTIFICATE);
/* sanity check */
- AssertIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
- AssertIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
- AssertIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
- AssertIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
- AssertIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
+ ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
/* cmd Certificate and Private Key*/
{
@@ -63566,13 +63013,13 @@ static int test_CONF_CTX_FILE(void)
const char* ourCert = svrCertFile;
const char* ourKey = svrKeyFile;
- AssertIntEQ(SSL_CONF_cmd(cctx, "Certificate", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "Certificate", ourCert),
- WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", ourKey), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", ourCert),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", ourKey), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
@@ -63581,9 +63028,9 @@ static int test_CONF_CTX_FILE(void)
#if defined(HAVE_ECC)
const char* curve = "secp256r1";
- AssertIntEQ(SSL_CONF_cmd(cctx, "Curves", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "Curves", curve), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", curve), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
@@ -63591,9 +63038,10 @@ static int test_CONF_CTX_FILE(void)
{
char* cipher = wolfSSL_get_cipher_list(0/*top priority*/);
- AssertIntEQ(SSL_CONF_cmd(cctx, "CipherString", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "CipherString", cipher), WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", cipher),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
}
/* cmd DH parameter */
@@ -63601,91 +63049,90 @@ static int test_CONF_CTX_FILE(void)
#if !defined(NO_DH) && !defined(NO_BIO) && defined(HAVE_FFDHE_3072)
const char* ourdhcert = "./certs/dh3072.pem";
- AssertIntEQ(SSL_CONF_cmd(cctx, "DHParameters", NULL), -3);
- AssertIntEQ(SSL_CONF_cmd(cctx, "DHParameters", ourdhcert),
- WOLFSSL_SUCCESS);
- AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", NULL), -3);
+ ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", ourdhcert),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
#endif
}
+
SSL_CTX_free(ctx);
SSL_CONF_CTX_free(cctx);
-
- res = TEST_RES_CHECK(1);
#endif /* OPENSSL_EXTRA */
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_CRYPTO_get_ex_new_index(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef HAVE_EX_DATA
int idx1, idx2;
/* test for unsupported class index */
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG,
- 0,NULL, NULL, NULL, NULL ), -1);
- AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(
+ WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG,
+ 0,NULL, NULL, NULL, NULL ), -1);
+ ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20,
+ 0,NULL, NULL, NULL, NULL ), -1);
/* test for supported class index */
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
- 0,NULL, NULL, NULL, NULL );
+ 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
- 0,NULL, NULL, NULL, NULL );
- AssertIntNE(idx1, -1);
- AssertIntNE(idx2, -1);
- AssertIntNE(idx1, idx2);
+ 0,NULL, NULL, NULL, NULL );
+ ExpectIntNE(idx1, -1);
+ ExpectIntNE(idx2, -1);
+ ExpectIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
- 0,NULL, NULL, NULL, NULL );
+ 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
- 0,NULL, NULL, NULL, NULL );
- AssertIntNE(idx1, -1);
- AssertIntNE(idx2, -1);
- AssertIntNE(idx1, idx2);
+ 0,NULL, NULL, NULL, NULL );
+ ExpectIntNE(idx1, -1);
+ ExpectIntNE(idx2, -1);
+ ExpectIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
- 0,NULL, NULL, NULL, NULL );
+ 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
- 0,NULL, NULL, NULL, NULL );
- AssertIntNE(idx1, -1);
- AssertIntNE(idx2, -1);
- AssertIntNE(idx1, idx2);
+ 0,NULL, NULL, NULL, NULL );
+ ExpectIntNE(idx1, -1);
+ ExpectIntNE(idx2, -1);
+ ExpectIntNE(idx1, idx2);
idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
- 0,NULL, NULL, NULL, NULL );
+ 0,NULL, NULL, NULL, NULL );
idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
- 0,NULL, NULL, NULL, NULL );
- AssertIntNE(idx1, -1);
- AssertIntNE(idx2, -1);
- AssertIntNE(idx1, idx2);
-
- res = TEST_RES_CHECK(1);
+ 0,NULL, NULL, NULL, NULL );
+ ExpectIntNE(idx1, -1);
+ ExpectIntNE(idx2, -1);
+ ExpectIntNE(idx1, idx2);
#endif /* HAVE_EX_DATA */
- return res;
+ return EXPECT_RESULT();
}
#if defined(HAVE_EX_DATA) && defined(HAVE_EXT_CACHE) && \
@@ -63713,31 +63160,43 @@ static int test_wolfSSL_SESSION_get_ex_new_index_dup_cb(CRYPTO_EX_DATA* out,
const CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV,
void* arg)
{
- AssertNotNull(out);
- AssertNotNull(in);
- AssertPtrEq(*(void**)inPtr, SESSION_NEW_IDX_VAL);
- AssertPtrEq(CRYPTO_get_ex_data(in, idx), SESSION_NEW_IDX_VAL);
- AssertPtrEq(CRYPTO_get_ex_data(out, idx), SESSION_NEW_IDX_VAL);
- AssertIntEQ(argV, SESSION_NEW_IDX_LONG);
- AssertStrEQ(arg, SESSION_NEW_IDX_PTR);
+ EXPECT_DECLS;
+
+ ExpectNotNull(out);
+ ExpectNotNull(in);
+ ExpectPtrEq(*(void**)inPtr, SESSION_NEW_IDX_VAL);
+ ExpectPtrEq(CRYPTO_get_ex_data(in, idx), SESSION_NEW_IDX_VAL);
+ ExpectPtrEq(CRYPTO_get_ex_data(out, idx), SESSION_NEW_IDX_VAL);
+ ExpectIntEQ(argV, SESSION_NEW_IDX_LONG);
+ ExpectStrEQ(arg, SESSION_NEW_IDX_PTR);
*(void**)inPtr = SESSION_DUP_IDX_VAL;
- return SSL_SUCCESS;
+ if (EXPECT_SUCCESS()) {
+ return SSL_SUCCESS;
+ }
+ else {
+ return SSL_FAILURE;
+ }
}
static int test_wolfSSL_SESSION_get_ex_new_index_free_cb_called = 0;
static void test_wolfSSL_SESSION_get_ex_new_index_free_cb(void* p, void* ptr,
CRYPTO_EX_DATA* a, int idx, long argValue, void* arg)
{
- AssertNotNull(p);
- AssertNull(ptr);
- AssertPtrNE(CRYPTO_get_ex_data(a, idx), 0);
- AssertIntEQ(argValue, SESSION_NEW_IDX_LONG);
- AssertStrEQ(arg, SESSION_NEW_IDX_PTR);
- test_wolfSSL_SESSION_get_ex_new_index_free_cb_called++;
+ EXPECT_DECLS;
+
+ ExpectNotNull(p);
+ ExpectNull(ptr);
+ ExpectPtrNE(CRYPTO_get_ex_data(a, idx), 0);
+ ExpectIntEQ(argValue, SESSION_NEW_IDX_LONG);
+ ExpectStrEQ(arg, SESSION_NEW_IDX_PTR);
+ if (EXPECT_SUCCESS()) {
+ test_wolfSSL_SESSION_get_ex_new_index_free_cb_called++;
+ }
}
static int test_wolfSSL_SESSION_get_ex_new_index(void)
{
+ EXPECT_DECLS;
int idx = SSL_SESSION_get_ex_new_index(SESSION_NEW_IDX_LONG,
(void*)SESSION_NEW_IDX_PTR,
test_wolfSSL_SESSION_get_ex_new_index_new_cb,
@@ -63746,18 +63205,18 @@ static int test_wolfSSL_SESSION_get_ex_new_index(void)
SSL_SESSION* s = SSL_SESSION_new();
SSL_SESSION* d = NULL;
- AssertNotNull(s);
- AssertPtrEq(SSL_SESSION_get_ex_data(s, idx), SESSION_NEW_IDX_VAL);
- AssertNotNull(d = SSL_SESSION_dup(s));
- AssertPtrEq(SSL_SESSION_get_ex_data(d, idx), SESSION_DUP_IDX_VAL);
+ ExpectNotNull(s);
+ ExpectPtrEq(SSL_SESSION_get_ex_data(s, idx), SESSION_NEW_IDX_VAL);
+ ExpectNotNull(d = SSL_SESSION_dup(s));
+ ExpectPtrEq(SSL_SESSION_get_ex_data(d, idx), SESSION_DUP_IDX_VAL);
SSL_SESSION_free(s);
- AssertIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 1);
+ ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 1);
SSL_SESSION_free(d);
- AssertIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 2);
+ ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 2);
crypto_ex_cb_free(crypto_ex_cb_ctx_session);
crypto_ex_cb_ctx_session = NULL;
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#else
static int test_wolfSSL_SESSION_get_ex_new_index(void)
@@ -63768,63 +63227,58 @@ static int test_wolfSSL_SESSION_get_ex_new_index(void)
static int test_wolfSSL_set_psk_use_session_callback(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
- SSL_CTX* ctx;
- SSL* ssl;
+ SSL_CTX* ctx = NULL;
+ SSL* ssl = NULL;
const char* testCertFile;
const char* testKeyFile;
- #ifdef WOLFSSL_TLS13
- #ifdef NO_WOLFSSL_SERVER
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
- #else
- AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
- #endif
+#ifdef WOLFSSL_TLS13
+ #ifdef NO_WOLFSSL_SERVER
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
+ #else
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+ #endif
+#else
+ #ifdef NO_WOLFSSL_SERVER
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+ #else
+ ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+ #endif
+#endif
#ifndef NO_RSA
- testCertFile = svrCertFile;
- testKeyFile = svrKeyFile;
+ testCertFile = svrCertFile;
+ testKeyFile = svrKeyFile;
#elif defined(HAVE_ECC)
- testCertFile = eccCertFile;
- testKeyFile = eccKeyFile;
+ testCertFile = eccCertFile;
+ testKeyFile = eccKeyFile;
#else
- testCertFile = NULL;
- testKeyFile = NULL;
+ testCertFile = NULL;
+ testKeyFile = NULL;
#endif
- if (testCertFile != NULL && testKeyFile != NULL) {
- AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
- SSL_FILETYPE_PEM));
- AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
- SSL_FILETYPE_PEM));
- }
+ if ((testCertFile != NULL) && (testKeyFile != NULL)) {
+ ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
+ SSL_FILETYPE_PEM));
+ ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
+ SSL_FILETYPE_PEM));
+ }
- ssl = SSL_new(ctx);
- AssertNotNull(ssl);
+ ExpectNotNull(ssl = SSL_new(ctx));
- SSL_set_psk_use_session_callback(ssl,
- my_psk_use_session_cb);
- AssertTrue(1);
+ SSL_set_psk_use_session_callback(ssl, my_psk_use_session_cb);
- SSL_CTX_free(ctx);
- SSL_free(ssl);
- #else
- (void)ctx;
- (void)ssl;
- (void)testCertFile;
- (void)testKeyFile;
- #endif
-
- res = TEST_RES_CHECK(1);
+ SSL_CTX_free(ctx);
+ SSL_free(ssl);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_ERR_strings(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if !defined(NO_ERROR_STRINGS)
- EXPECT_DECLS;
const char* err1 = "unsupported cipher suite";
const char* err2 = "wolfSSL PEM routines";
const char* err = NULL;
@@ -63853,51 +63307,136 @@ static int test_wolfSSL_ERR_strings(void)
ExpectNotNull(err = wolfSSL_ERR_lib_error_string(-MIN_CODE_E+2));
ExpectIntEQ((*err == '\0'), 1);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_shake128(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \
defined(WOLFSSL_SHAKE128)
- EXPECT_DECLS;
const EVP_MD* md = NULL;
ExpectNotNull(md = EVP_shake128());
ExpectIntEQ(XSTRNCMP(md, "SHAKE128", XSTRLEN("SHAKE128")), 0);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_EVP_shake256(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \
defined(WOLFSSL_SHAKE256)
- EXPECT_DECLS;
const EVP_MD* md = NULL;
ExpectNotNull(md = EVP_shake256());
ExpectIntEQ(XSTRNCMP(md, "SHAKE256", XSTRLEN("SHAKE256")), 0);
+#endif
+
+ return EXPECT_RESULT();
+}
+
+/*
+ * Testing EVP digest API with SM3
+ */
+static int test_wolfSSL_EVP_sm3(void)
+{
+ int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM3)
+ EXPECT_DECLS;
+ const EVP_MD* md = NULL;
+ EVP_MD_CTX* mdCtx = NULL;
+ byte data[WC_SM3_BLOCK_SIZE * 4];
+ byte hash[WC_SM3_DIGEST_SIZE];
+ byte calcHash[WC_SM3_DIGEST_SIZE];
+ byte expHash[WC_SM3_DIGEST_SIZE] = {
+ 0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27,
+ 0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1,
+ 0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b,
+ 0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6
+ };
+ word32 chunk;
+ word32 i;
+ unsigned int sz;
+ int ret;
+
+ XMEMSET(data, 0, sizeof(data));
+
+ md = EVP_sm3();
+ ExpectTrue(md != NULL);
+ ExpectIntEQ(XSTRNCMP(md, "SM3", XSTRLEN("SM3")), 0);
+ mdCtx = EVP_MD_CTX_new();
+ ExpectTrue(mdCtx != NULL);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(EVP_DigestInit(NULL, md), BAD_FUNC_ARG);
+ /* Valid Parameters */
+ ExpectIntEQ(EVP_DigestInit(mdCtx, md), WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(EVP_DigestUpdate(NULL, NULL, 1), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 1), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_DigestUpdate(NULL, data, 1), WOLFSSL_FAILURE);
+
+ /* Valid Parameters */
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE - 2),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE * 2),
+ WOLFSSL_SUCCESS);
+ /* Ensure too many bytes for lengths. */
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_PAD_SIZE),
+ WOLFSSL_SUCCESS);
+
+ /* Invalid Parameters */
+ ExpectIntEQ(EVP_DigestFinal(NULL, NULL, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE);
+ ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE);
+
+ /* Valid Parameters */
+ ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS);
+ ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE);
+
+ /* Chunk tests. */
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, sizeof(data)), WOLFSSL_SUCCESS);
+ ExpectIntEQ(EVP_DigestFinal(mdCtx, calcHash, &sz), WOLFSSL_SUCCESS);
+ ExpectIntEQ(sz, WC_SM3_DIGEST_SIZE);
+ for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) {
+ for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) {
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i, chunk),
+ WOLFSSL_SUCCESS);
+ }
+ if (i < (word32)sizeof(data)) {
+ ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i,
+ (word32)sizeof(data) - i), WOLFSSL_SUCCESS);
+ }
+ ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS);
+ ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+ }
+
+ /* Not testing when the low 32-bit length overflows. */
+
+ ret = EVP_MD_CTX_cleanup(mdCtx);
+ ExpectIntEQ(ret, WOLFSSL_SUCCESS);
+ wolfSSL_EVP_MD_CTX_free(mdCtx);
res = EXPECT_RESULT();
#endif
-
return res;
-}
+} /* END test_EVP_sm3 */
static int test_EVP_blake2(void)
{
- int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && (defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S))
EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && (defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S))
const EVP_MD* md = NULL;
(void)md;
@@ -63910,11 +63449,9 @@ static int test_EVP_blake2(void)
ExpectNotNull(md = EVP_blake2s256());
ExpectIntEQ(XSTRNCMP(md, "BLAKE2S256", XSTRLEN("BLAKE2S256")), 0);
#endif
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA)
@@ -64014,10 +63551,9 @@ static int test_OBJ_NAME_do_all(void)
static int test_SSL_CIPHER_get_xxx(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM)
- EXPECT_DECLS;
const SSL_CIPHER* cipher = NULL;
STACK_OF(SSL_CIPHER) *supportedCiphers = NULL;
int i, numCiphers = 0;
@@ -64142,11 +63678,9 @@ static int test_SSL_CIPHER_get_xxx(void)
SSL_CTX_free(ctx);
SSL_free(ssl);
-
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
}
#if defined(WOLF_CRYPTO_CB) && defined(HAVE_IO_TESTS_DEPENDENCIES)
@@ -64362,12 +63896,13 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx)
}
/* tlsVer: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
-static void test_wc_CryptoCb_TLS(int tlsVer,
+static int test_wc_CryptoCb_TLS(int tlsVer,
const char* cliCaPemFile, const char* cliCertPemFile,
const char* cliPrivKeyPemFile, const char* cliPubKeyPemFile,
const char* svrCaPemFile, const char* svrCertPemFile,
const char* svrPrivKeyPemFile, const char* svrPubKeyPemFile)
{
+ EXPECT_DECLS;
callback_functions client_cbf;
callback_functions server_cbf;
@@ -64420,7 +63955,7 @@ static void test_wc_CryptoCb_TLS(int tlsVer,
if (server_cbf.method == NULL) {
/* not enabled */
- return;
+ return TEST_SUCCESS;
}
/* Setup the keys for the TLS test */
@@ -64444,28 +63979,32 @@ static void test_wc_CryptoCb_TLS(int tlsVer,
/* First test is at WOLFSSL_CTX level */
test_wolfSSL_client_server(&client_cbf, &server_cbf);
/* Check for success */
- AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
- AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
- /* Second test is a WOLFSSL object level */
- client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
- test_wolfSSL_client_server(&client_cbf, &server_cbf);
+ if (EXPECT_SUCCESS()) {
+ /* Second test is a WOLFSSL object level */
+ client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
+ test_wolfSSL_client_server(&client_cbf, &server_cbf);
+ }
/* Check for success */
- AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
- AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
/* Un register the devId's */
wc_CryptoCb_UnRegisterDevice(client_cbf.devId);
client_cbf.devId = INVALID_DEVID;
wc_CryptoCb_UnRegisterDevice(server_cbf.devId);
server_cbf.devId = INVALID_DEVID;
+
+ return EXPECT_RESULT();
}
#endif /* WOLF_CRYPTO_CB && HAVE_IO_TESTS_DEPENDENCIES */
static int test_wc_CryptoCb(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#ifdef WOLF_CRYPTO_CB
/* TODO: Add crypto callback API tests */
@@ -64476,43 +64015,45 @@ static int test_wc_CryptoCb(void)
#ifndef NO_RSA
for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
- test_wc_CryptoCb_TLS(tlsVer,
+ ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
svrCertFile, cliCertFile, cliKeyFile, cliKeyPubFile,
- cliCertFile, svrCertFile, svrKeyFile, svrKeyPubFile);
+ cliCertFile, svrCertFile, svrKeyFile, svrKeyPubFile),
+ TEST_SUCCESS);
}
#endif
#ifdef HAVE_ECC
for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
- test_wc_CryptoCb_TLS(tlsVer,
+ ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
caEccCertFile, cliEccCertFile, cliEccKeyFile, cliEccKeyPubFile,
- cliEccCertFile, eccCertFile, eccKeyFile, eccKeyPubFile);
+ cliEccCertFile, eccCertFile, eccKeyFile, eccKeyPubFile),
+ TEST_SUCCESS);
}
#endif
#ifdef HAVE_ED25519
for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) {
if (tlsVer == WOLFSSL_DTLSV1) continue;
- test_wc_CryptoCb_TLS(tlsVer,
+ ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
caEdCertFile, cliEdCertFile, cliEdKeyFile, cliEdKeyPubFile,
- cliEdCertFile, edCertFile, edKeyFile, edKeyPubFile);
+ cliEdCertFile, edCertFile, edKeyFile, edKeyPubFile),
+ TEST_SUCCESS);
}
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
-
- res = TEST_RES_CHECK(1);
#endif /* WOLF_CRYPTO_CB */
- return res;
+ return EXPECT_RESULT();
}
#if defined(WOLFSSL_STATIC_MEMORY) && defined(HAVE_IO_TESTS_DEPENDENCIES)
/* tlsVer: Example: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
-static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
+static int test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
const char* cliCaPemFile, const char* cliCertPemFile,
const char* cliPrivKeyPemFile,
const char* svrCaPemFile, const char* svrCertPemFile,
const char* svrPrivKeyPemFile,
byte* cliMem, word32 cliMemSz, byte* svrMem, word32 svrMemSz)
{
+ EXPECT_DECLS;
callback_functions client_cbf;
callback_functions server_cbf;
@@ -64565,7 +64106,7 @@ static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
if (server_cbf.method_ex == NULL) {
/* not enabled */
- return;
+ return TEST_SUCCESS;
}
/* Setup the keys for the TLS test */
@@ -64589,48 +64130,42 @@ static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
/* First test is at WOLFSSL_CTX level */
test_wolfSSL_client_server(&client_cbf, &server_cbf);
/* Check for success */
- AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
- AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
- /* Second test is a WOLFSSL object level */
- client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
- test_wolfSSL_client_server(&client_cbf, &server_cbf);
+ if (EXPECT_SUCCESS()) {
+ /* Second test is a WOLFSSL object level */
+ client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
+ test_wolfSSL_client_server(&client_cbf, &server_cbf);
+ }
/* Check for success */
- AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
- AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+ ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+
+ return EXPECT_RESULT();
}
#endif /* WOLFSSL_STATIC_MEMORY && HAVE_IO_TESTS_DEPENDENCIES */
#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
-#if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \
- defined(SESSION_CERTS)
- #ifdef OPENSSL_EXTRA
- #define TEST_TLS_STATIC_MEMSZ (400000)
- #else
- #define TEST_TLS_STATIC_MEMSZ (320000)
- #endif
-#else
- #define TEST_TLS_STATIC_MEMSZ (80000)
-#endif
-
static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx)
{
+ EXPECT_DECLS;
WOLFSSL *ssl1 = NULL, *ssl2 = NULL, *ssl3 = NULL;
WOLFSSL_MEM_STATS mem_stats;
WOLFSSL_MEM_CONN_STATS ssl_stats;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
- AssertIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
+ ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
+ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#endif
- AssertNotNull((ssl1 = wolfSSL_new(ctx)));
- AssertNotNull((ssl2 = wolfSSL_new(ctx)));
+ ExpectNotNull((ssl1 = wolfSSL_new(ctx)));
+ ExpectNotNull((ssl2 = wolfSSL_new(ctx)));
/* this should fail because kMaxCtxClients == 2 */
- AssertNull((ssl3 = wolfSSL_new(ctx)));
+ ExpectNull((ssl3 = wolfSSL_new(ctx)));
if (wolfSSL_is_static_memory(ssl1, &ssl_stats) == 1) {
#ifdef DEBUG_WOLFSSL
@@ -64650,13 +64185,13 @@ static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx)
wolfSSL_free(ssl1);
wolfSSL_free(ssl2);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
static int test_wolfSSL_CTX_StaticMemory(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
wolfSSL_method_func method_func;
WOLFSSL_CTX* ctx;
@@ -64685,60 +64220,59 @@ static int test_wolfSSL_CTX_StaticMemory(void)
/* Test creating CTX directly from static memory pool */
ctx = NULL;
- AssertIntEQ(wolfSSL_CTX_load_static_memory(
- &ctx, method_func, svrMem, sizeof(svrMem),
- 0, kMaxCtxClients), WOLFSSL_SUCCESS);
- test_wolfSSL_CTX_StaticMemory_SSL(ctx);
+ ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, method_func, svrMem,
+ sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS);
+ ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS);
wolfSSL_CTX_free(ctx);
ctx = NULL;
/* Test for heap allocated CTX, then assigning static pool to it */
- AssertNotNull(ctx = wolfSSL_CTX_new(method_func(NULL)));
- AssertIntEQ(wolfSSL_CTX_load_static_memory(&ctx,
- NULL, svrMem, sizeof(svrMem),
- 0, kMaxCtxClients), WOLFSSL_SUCCESS);
- test_wolfSSL_CTX_StaticMemory_SSL(ctx);
+ ExpectNotNull(ctx = wolfSSL_CTX_new(method_func(NULL)));
+ ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, NULL, svrMem,
+ sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS);
+ ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS);
wolfSSL_CTX_free(ctx);
/* TLS Level Tests using static memory */
#ifdef HAVE_IO_TESTS_DEPENDENCIES
#ifndef NO_RSA
for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
- test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
+ ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
svrCertFile, cliCertFile, cliKeyFile,
cliCertFile, svrCertFile, svrKeyFile,
- cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem));
+ cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
+ TEST_SUCCESS);
}
#endif
#ifdef HAVE_ECC
for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
- test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
+ ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
caEccCertFile, cliEccCertFile, cliEccKeyFile,
cliEccCertFile, eccCertFile, eccKeyFile,
- cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem));
+ cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
+ TEST_SUCCESS);
}
#endif
#ifdef HAVE_ED25519
for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) {
if (tlsVer == WOLFSSL_DTLSV1) continue;
- test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
+ ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
caEdCertFile, cliEdCertFile, cliEdKeyFile,
cliEdCertFile, edCertFile, edKeyFile,
- cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem));
+ cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
+ TEST_SUCCESS);
}
#endif
#endif /* HAVE_IO_TESTS_DEPENDENCIES */
-
- res = TEST_RES_CHECK(1);
#endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
- return res;
+ return EXPECT_RESULT();
}
static int test_openssl_FIPS_drbg(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(WC_NO_RNG) && defined(HAVE_HASHDRBG)
- DRBG_CTX* dctx;
+ DRBG_CTX* dctx = NULL;
byte data1[32], data2[32], zeroData[32];
byte testSeed[16];
size_t dlen = sizeof(data1);
@@ -64747,52 +64281,48 @@ static int test_openssl_FIPS_drbg(void)
XMEMSET(data1, 0, dlen);
XMEMSET(data2, 0, dlen);
XMEMSET(zeroData, 0, sizeof(zeroData));
- for (i=0; i<(int)sizeof(testSeed); i++) {
+ for (i = 0; i < (int)sizeof(testSeed); i++) {
testSeed[i] = (byte)i;
}
- AssertNotNull(dctx = FIPS_get_default_drbg());
- AssertIntEQ(FIPS_drbg_init(dctx, 0, 0), WOLFSSL_SUCCESS);
- AssertIntEQ(FIPS_drbg_set_callbacks(dctx, NULL, NULL, 20, NULL, NULL),
+ ExpectNotNull(dctx = FIPS_get_default_drbg());
+ ExpectIntEQ(FIPS_drbg_init(dctx, 0, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(FIPS_drbg_set_callbacks(dctx, NULL, NULL, 20, NULL, NULL),
WOLFSSL_SUCCESS);
- AssertIntEQ(FIPS_drbg_instantiate(dctx, NULL, 0), WOLFSSL_SUCCESS);
- AssertIntEQ(FIPS_drbg_generate(dctx, data1, dlen, 0, NULL, 0),
+ ExpectIntEQ(FIPS_drbg_instantiate(dctx, NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(FIPS_drbg_generate(dctx, data1, dlen, 0, NULL, 0),
WOLFSSL_SUCCESS);
- AssertIntNE(XMEMCMP(data1, zeroData, dlen), 0);
- AssertIntEQ(FIPS_drbg_reseed(dctx, testSeed, sizeof(testSeed)),
+ ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0);
+ ExpectIntEQ(FIPS_drbg_reseed(dctx, testSeed, sizeof(testSeed)),
WOLFSSL_SUCCESS);
- AssertIntEQ(FIPS_drbg_generate(dctx, data2, dlen, 0, NULL, 0),
+ ExpectIntEQ(FIPS_drbg_generate(dctx, data2, dlen, 0, NULL, 0),
WOLFSSL_SUCCESS);
- AssertIntNE(XMEMCMP(data1, zeroData, dlen), 0);
- AssertIntNE(XMEMCMP(data1, data2, dlen), 0);
- AssertIntEQ(FIPS_drbg_uninstantiate(dctx), WOLFSSL_SUCCESS);
+ ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0);
+ ExpectIntNE(XMEMCMP(data1, data2, dlen), 0);
+ ExpectIntEQ(FIPS_drbg_uninstantiate(dctx), WOLFSSL_SUCCESS);
#ifndef HAVE_GLOBAL_RNG
/* gets freed by wolfSSL_Cleanup() when HAVE_GLOBAL_RNG defined */
wolfSSL_FIPS_drbg_free(dctx);
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_FIPS_mode(void)
{
- int res = TEST_SKIPPED;
+ EXPECT_DECLS;
#if defined(OPENSSL_ALL)
#ifdef HAVE_FIPS
- AssertIntEQ(wolfSSL_FIPS_mode(), 1);
- AssertIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_FAILURE);
- AssertIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_FIPS_mode(), 1);
+ ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_SUCCESS);
#else
- AssertIntEQ(wolfSSL_FIPS_mode(), 0);
- AssertIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_SUCCESS);
- AssertIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_FAILURE);
+ ExpectIntEQ(wolfSSL_FIPS_mode(), 0);
+ ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_FAILURE);
#endif
-
- res = TEST_RES_CHECK(1);
#endif
- return res;
+ return EXPECT_RESULT();
}
#ifdef WOLFSSL_DTLS
@@ -64832,16 +64362,17 @@ static void DUW_TEST_print_window_binary(word32 h, word32 l, word32* w) {
* i - expected window[0]
*/
#define DUW_TEST(a,b,c,d,e,f,g,h,i) do { \
- wolfSSL_DtlsUpdateWindow((a), (b), &(c), &(d), (e)); \
+ ExpectIntEQ(wolfSSL_DtlsUpdateWindow((a), (b), &(c), &(d), (e)), 1); \
DUW_TEST_print_window_binary((a), (b), (e)); \
- AssertIntEQ((c), (f)); \
- AssertIntEQ((d), (g)); \
- AssertIntEQ((e)[1], (h)); \
- AssertIntEQ((e)[0], (i)); \
+ ExpectIntEQ((c), (f)); \
+ ExpectIntEQ((d), (g)); \
+ ExpectIntEQ((e)[1], (h)); \
+ ExpectIntEQ((e)[0], (i)); \
} while (0)
static int test_wolfSSL_DtlsUpdateWindow(void)
{
+ EXPECT_DECLS;
word32 window[WOLFSSL_DTLS_WINDOW_WORDS];
word32 next_lo = 0;
word16 next_hi = 0;
@@ -64884,7 +64415,7 @@ static int test_wolfSSL_DtlsUpdateWindow(void)
DUW_TEST(150, 0xFFFFFFFF, next_hi, next_lo, window, 151, 0, 0, 0x01);
DUW_TEST(152, 0xFFFFFFFF, next_hi, next_lo, window, 153, 0, 0, 0x01);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#endif /* WOLFSSL_DTLS */
@@ -64940,80 +64471,76 @@ static int DFB_TEST(WOLFSSL* ssl, word32 seq, word32 len, word32 f_offset,
return 0;
}
-static void DFB_TEST_RESET(WOLFSSL* ssl)
-{
- DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);
- ssl->dtls_rx_msg_list = NULL;
- ssl->dtls_rx_msg_list_sz = 0;
-}
-
static int test_wolfSSL_DTLS_fragment_buckets(void)
{
+ EXPECT_DECLS;
WOLFSSL ssl[1];
XMEMSET(ssl, 0, sizeof(*ssl));
- AssertIntEQ(DFB_TEST(ssl, 0, 100, 0, 100, 0, 1, 100), 0); /* 0-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 0, 100, 0, 100, 0, 1, 100), 0); /* 0-100 */
- AssertIntEQ(DFB_TEST(ssl, 1, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
- AssertIntEQ(DFB_TEST(ssl, 1, 100, 20, 20, 1, 0, 40), 0); /* 20-40 */
- AssertIntEQ(DFB_TEST(ssl, 1, 100, 40, 20, 1, 0, 60), 0); /* 40-60 */
- AssertIntEQ(DFB_TEST(ssl, 1, 100, 60, 20, 1, 0, 80), 0); /* 60-80 */
- AssertIntEQ(DFB_TEST(ssl, 1, 100, 80, 20, 0, 1, 100), 0); /* 80-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
+ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 20, 20, 1, 0, 40), 0); /* 20-40 */
+ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 40, 20, 1, 0, 60), 0); /* 40-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 60, 20, 1, 0, 80), 0); /* 60-80 */
+ ExpectIntEQ(DFB_TEST(ssl, 1, 100, 80, 20, 0, 1, 100), 0); /* 80-100 */
/* Test all permutations of 3 regions */
/* 1 2 3 */
- AssertIntEQ(DFB_TEST(ssl, 2, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
- AssertIntEQ(DFB_TEST(ssl, 2, 100, 30, 30, 1, 0, 60), 0); /* 30-60 */
- AssertIntEQ(DFB_TEST(ssl, 2, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 2, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 2, 100, 30, 30, 1, 0, 60), 0); /* 30-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 2, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
/* 1 3 2 */
- AssertIntEQ(DFB_TEST(ssl, 3, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
- AssertIntEQ(DFB_TEST(ssl, 3, 100, 60, 40, 2, 0, 70), 0); /* 60-100 */
- AssertIntEQ(DFB_TEST(ssl, 3, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 3, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 3, 100, 60, 40, 2, 0, 70), 0); /* 60-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 3, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */
/* 2 1 3 */
- AssertIntEQ(DFB_TEST(ssl, 4, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */
- AssertIntEQ(DFB_TEST(ssl, 4, 100, 0, 30, 1, 0, 60), 0); /* 0-30 */
- AssertIntEQ(DFB_TEST(ssl, 4, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 4, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 4, 100, 0, 30, 1, 0, 60), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 4, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
/* 2 3 1 */
- AssertIntEQ(DFB_TEST(ssl, 5, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */
- AssertIntEQ(DFB_TEST(ssl, 5, 100, 60, 40, 1, 0, 70), 0); /* 60-100 */
- AssertIntEQ(DFB_TEST(ssl, 5, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 5, 100, 30, 30, 1, 0, 30), 0); /* 30-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 5, 100, 60, 40, 1, 0, 70), 0); /* 60-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 5, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */
/* 3 1 2 */
- AssertIntEQ(DFB_TEST(ssl, 6, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */
- AssertIntEQ(DFB_TEST(ssl, 6, 100, 0, 30, 2, 0, 70), 0); /* 0-30 */
- AssertIntEQ(DFB_TEST(ssl, 6, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 6, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 6, 100, 0, 30, 2, 0, 70), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 6, 100, 30, 30, 0, 1, 100), 0); /* 30-60 */
/* 3 2 1 */
- AssertIntEQ(DFB_TEST(ssl, 7, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */
- AssertIntEQ(DFB_TEST(ssl, 7, 100, 30, 30, 1, 0, 70), 0); /* 30-60 */
- AssertIntEQ(DFB_TEST(ssl, 7, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 7, 100, 60, 40, 1, 0, 40), 0); /* 60-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 7, 100, 30, 30, 1, 0, 70), 0); /* 30-60 */
+ ExpectIntEQ(DFB_TEST(ssl, 7, 100, 0, 30, 0, 1, 100), 0); /* 0-30 */
/* Test overlapping regions */
- AssertIntEQ(DFB_TEST(ssl, 8, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
- AssertIntEQ(DFB_TEST(ssl, 8, 100, 20, 10, 1, 0, 30), 0); /* 20-30 */
- AssertIntEQ(DFB_TEST(ssl, 8, 100, 70, 10, 2, 0, 40), 0); /* 70-80 */
- AssertIntEQ(DFB_TEST(ssl, 8, 100, 20, 30, 2, 0, 60), 0); /* 20-50 */
- AssertIntEQ(DFB_TEST(ssl, 8, 100, 40, 60, 0, 1, 100), 0); /* 40-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 0, 30, 1, 0, 30), 0); /* 0-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 10, 1, 0, 30), 0); /* 20-30 */
+ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 70, 10, 2, 0, 40), 0); /* 70-80 */
+ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 30, 2, 0, 60), 0); /* 20-50 */
+ ExpectIntEQ(DFB_TEST(ssl, 8, 100, 40, 60, 0, 1, 100), 0); /* 40-100 */
/* Test overlapping multiple regions */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 30, 5, 2, 0, 25), 0); /* 30-35 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 40, 5, 3, 0, 30), 0); /* 40-45 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 50, 5, 4, 0, 35), 0); /* 50-55 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 60, 5, 5, 0, 40), 0); /* 60-65 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 70, 5, 6, 0, 45), 0); /* 70-75 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 30, 25, 4, 0, 55), 0); /* 30-55 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 55, 15, 2, 0, 65), 0); /* 55-70 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 75, 25, 2, 0, 90), 0); /* 75-100 */
- AssertIntEQ(DFB_TEST(ssl, 9, 100, 10, 25, 0, 1, 100), 0); /* 10-35 */
-
- AssertIntEQ(DFB_TEST(ssl, 10, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
- AssertIntEQ(DFB_TEST(ssl, 10, 100, 30, 20, 2, 0, 40), 0); /* 30-50 */
- AssertIntEQ(DFB_TEST(ssl, 10, 100, 0, 40, 1, 0, 50), 0); /* 0-40 */
- AssertIntEQ(DFB_TEST(ssl, 10, 100, 50, 50, 0, 1, 100), 0); /* 10-35 */
-
- DFB_TEST_RESET(ssl);
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 5, 2, 0, 25), 0); /* 30-35 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 40, 5, 3, 0, 30), 0); /* 40-45 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 50, 5, 4, 0, 35), 0); /* 50-55 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 60, 5, 5, 0, 40), 0); /* 60-65 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 70, 5, 6, 0, 45), 0); /* 70-75 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 25, 4, 0, 55), 0); /* 30-55 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 55, 15, 2, 0, 65), 0); /* 55-70 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 75, 25, 2, 0, 90), 0); /* 75-100 */
+ ExpectIntEQ(DFB_TEST(ssl, 9, 100, 10, 25, 0, 1, 100), 0); /* 10-35 */
+
+ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 0, 20, 1, 0, 20), 0); /* 0-20 */
+ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 30, 20, 2, 0, 40), 0); /* 30-50 */
+ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 0, 40, 1, 0, 50), 0); /* 0-40 */
+ ExpectIntEQ(DFB_TEST(ssl, 10, 100, 50, 50, 0, 1, 100), 0); /* 10-35 */
- return TEST_RES_CHECK(1);
+ DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);
+ ssl->dtls_rx_msg_list = NULL;
+ ssl->dtls_rx_msg_list_sz = 0;
+
+ return EXPECT_RESULT();
}
#endif
@@ -65021,94 +64548,83 @@ static int test_wolfSSL_DTLS_fragment_buckets(void)
#if !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
- !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
- !defined(NO_RSA)
+ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_wolfSSL_dtls_stateless2(void)
{
- WOLFSSL *ssl_c = NULL, *ssl_c2 = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_c2 = NULL;
+ WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- int ret;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
- if (ret != 0)
- return -1;
- ssl_c2 = wolfSSL_new(ctx_c);
- if (ssl_c2 == NULL)
- return -2;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+ ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c));
wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
/* send CH */
- ret = wolfSSL_connect(ssl_c2);
- if (ret == 0 || ssl_c2->error != WANT_READ)
- return -3;
- ret = wolfSSL_accept(ssl_s);
- if (ret == 0 || ssl_s->error != WANT_READ)
- return -4;
- if (test_ctx.c_len == 0)
- return -5;
+ ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c2->error == WANT_READ));
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == WANT_READ));
+ ExpectIntNE(test_ctx.c_len, 0);
/* consume HRR */
test_ctx.c_len = 0;
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
- if (ret != 0)
- return -6;
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#ifdef HAVE_MAX_FRAGMENT
static int test_wolfSSL_dtls_stateless_maxfrag(void)
{
- WOLFSSL *ssl_c = NULL, *ssl_c2 = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_c2 = NULL;
+ WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- word16 max_fragment;
- int ret;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ word16 max_fragment = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
- if (ret != 0)
- return -1;
- ssl_c2 = wolfSSL_new(ctx_c);
- if (ssl_c2 == NULL)
- return -2;
- ret = wolfSSL_UseMaxFragment(ssl_c2, WOLFSSL_MFL_2_8);
- if (ret != WOLFSSL_SUCCESS)
- return -3;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+ ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c));
+ ExpectIntEQ(wolfSSL_UseMaxFragment(ssl_c2, WOLFSSL_MFL_2_8),
+ WOLFSSL_SUCCESS);
wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
- max_fragment = ssl_s->max_fragment;
- /* send CH */
- ret = wolfSSL_connect(ssl_c2);
- if (ret == 0 || ssl_c2->error != WANT_READ)
- return -4;
- ret = wolfSSL_accept(ssl_s);
- if (ret == 0 || ssl_s->error != WANT_READ)
- return -5;
+ if (ssl_s != NULL) {
+ max_fragment = ssl_s->max_fragment;
+ }
+ /* send CH */
+ ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c2->error == WANT_READ));
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == WANT_READ));
/* CH without cookie shouldn't change state */
- if (ssl_s->max_fragment != max_fragment)
- return -6;
- if (test_ctx.c_len == 0)
- return -7;
+ ExpectIntEQ(ssl_s->max_fragment, max_fragment);
+ ExpectIntNE(test_ctx.c_len, 0);
/* consume HRR from buffer */
test_ctx.c_len = 0;
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
- if (ret != 0)
- return -8;
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#endif /* HAVE_MAX_FRAGMENT */
@@ -65125,146 +64641,122 @@ static int buf_is_hvr(const byte *data, int len)
static int _test_wolfSSL_dtls_stateless_resume(byte useticket, byte bad)
{
+ EXPECT_DECLS;
struct test_memio_ctx test_ctx;
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
- WOLFSSL_SESSION *sess;
- int ret, round_trips;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ WOLFSSL_SESSION *sess = NULL;
+ int round_trips;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
- if (ret != 0)
- return -1;
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c,
+ &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
#ifdef HAVE_SESSION_TICKET
if (useticket) {
- ret = wolfSSL_UseSessionTicket(ssl_c);
- if (ret != WOLFSSL_SUCCESS)
- return -2;
+ ExpectIntEQ(wolfSSL_UseSessionTicket(ssl_c), WOLFSSL_SUCCESS);
}
#endif
round_trips = ROUNDS_WITH_HVR;
- ret = test_memio_do_handshake(ssl_c, ssl_s, round_trips, &round_trips);
- if (ret != 0)
- return -3;
- if (round_trips != ROUNDS_WITH_HVR)
- return -4;
- sess = wolfSSL_get1_session(ssl_c);
- if (sess == NULL)
- return -5;
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, round_trips,
+ &round_trips), 0);
+ ExpectIntEQ(round_trips, ROUNDS_WITH_HVR);
+ ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
wolfSSL_shutdown(ssl_c);
wolfSSL_shutdown(ssl_s);
wolfSSL_free(ssl_c);
+ ssl_c = NULL;
wolfSSL_free(ssl_s);
+ ssl_s = NULL;
+
test_ctx.c_len = test_ctx.s_len = 0;
/* make resumption invalid */
- if (bad) {
+ if (bad && (sess != NULL)) {
if (useticket) {
#ifdef HAVE_SESSION_TICKET
- sess->ticket[0] = !sess->ticket[0];
+ if (sess->ticket != NULL) {
+ sess->ticket[0] = !sess->ticket[0];
+ }
#endif /* HAVE_SESSION_TICKET */
}
else {
sess->sessionID[0] = !sess->sessionID[0];
}
}
- ssl_c = wolfSSL_new(ctx_c);
- ssl_s = wolfSSL_new(ctx_s);
+ ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
+ ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c, &test_ctx);
wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_s, &test_ctx);
- ret = wolfSSL_set_session(ssl_c, sess);
- if (ret != WOLFSSL_SUCCESS)
- return -6;
- ret = wolfSSL_connect(ssl_c);
- if (ret == WOLFSSL_SUCCESS || ssl_c->error != WANT_READ)
- return -7;
- ret = wolfSSL_accept(ssl_s);
- if (ret == WOLFSSL_SUCCESS || ssl_s->error != WANT_READ)
- return -8;
- if (bad && !buf_is_hvr(test_ctx.c_buff, test_ctx.c_len))
- return -9;
- if (!bad && buf_is_hvr(test_ctx.c_buff, test_ctx.c_len))
- return -10;
+ ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
+ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c->error == WANT_READ));
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == WANT_READ));
+ ExpectFalse(bad && !buf_is_hvr(test_ctx.c_buff, test_ctx.c_len));
+ ExpectFalse(!bad && buf_is_hvr(test_ctx.c_buff, test_ctx.c_len));
if (!useticket) {
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, &round_trips);
- if (ret != 0)
- return -11;
- if (bad && round_trips != ROUNDS_WITH_HVR - 1)
- return -12;
- if (!bad && round_trips != ROUNDS_WITHOUT_HVR - 1)
- return -13;
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, &round_trips), 0);
+ ExpectFalse(bad && round_trips != ROUNDS_WITH_HVR - 1);
+ ExpectFalse(!bad && round_trips != ROUNDS_WITHOUT_HVR - 1);
}
wolfSSL_SESSION_free(sess);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
- return 0;
+ return EXPECT_RESULT();
}
static int test_wolfSSL_dtls_stateless_resume(void)
{
- int ret;
+ EXPECT_DECLS;
#ifdef HAVE_SESSION_TICKET
- ret = _test_wolfSSL_dtls_stateless_resume(1, 0);
- if (ret != 0)
- return TEST_RES_CHECK(ret);
- ret = _test_wolfSSL_dtls_stateless_resume(1, 1);
- if (ret != 0)
- return TEST_RES_CHECK(ret - 100);
+ ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 0), TEST_SUCCESS);
+ ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 1), TEST_SUCCESS);
#endif /* HAVE_SESION_TICKET */
- ret = _test_wolfSSL_dtls_stateless_resume(0, 0);
- if (ret != 0)
- return TEST_RES_CHECK(ret - 200);
- ret = _test_wolfSSL_dtls_stateless_resume(0, 1);
- if (ret != 0)
- return TEST_RES_CHECK(ret - 300);
- return TEST_RES_CHECK(TEST_SUCCESS);
+ ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 0), TEST_SUCCESS);
+ ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 1), TEST_SUCCESS);
+ return EXPECT_RESULT();
}
#endif /* WOLFSSL_DTLS_NO_HVR_ON_RESUME */
#if !defined(NO_OLD_TLS)
static int test_wolfSSL_dtls_stateless_downgrade(void)
{
- WOLFSSL_CTX *ctx_c = NULL, *ctx_c2 = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_c2 = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_c2 = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_c2 = NULL;
+ WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
- int ret;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
- if (ret != 0)
- return -1;
- ret = wolfSSL_CTX_SetMinVersion(ctx_s, WOLFSSL_DTLSV1);
- if (ret != WOLFSSL_SUCCESS)
- return -2;
- ctx_c2 = wolfSSL_CTX_new(wolfDTLSv1_client_method());
- if (ctx_c2 == NULL)
- return -3;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+ ExpectIntEQ(wolfSSL_CTX_SetMinVersion(ctx_s, WOLFSSL_DTLSV1),
+ WOLFSSL_SUCCESS);
+ ExpectNotNull(ctx_c2 = wolfSSL_CTX_new(wolfDTLSv1_client_method()));
wolfSSL_SetIORecv(ctx_c2, test_memio_read_cb);
wolfSSL_SetIOSend(ctx_c2, test_memio_write_cb);
- ssl_c2 = wolfSSL_new(ctx_c2);
- if (ssl_c2 == NULL)
- return -4;
+ ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c2));
wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
- /* send CH */
- ret = wolfSSL_connect(ssl_c2);
- if (ret == 0 || ssl_c2->error != WANT_READ)
- return -5;
- ret = wolfSSL_accept(ssl_s);
- if (ret == 0 || ssl_s->error != WANT_READ)
- return -6;
- if (test_ctx.c_len == 0)
- return -7;
+ /* send CH */
+ ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c2->error == WANT_READ));
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == WANT_READ));
+ ExpectIntNE(test_ctx.c_len, 0);
/* consume HRR */
test_ctx.c_len = 0;
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
- if (ret != 0)
- return -8;
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
wolfSSL_free(ssl_c2);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
@@ -65272,62 +64764,54 @@ static int test_wolfSSL_dtls_stateless_downgrade(void)
wolfSSL_CTX_free(ctx_c2);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#endif /* !defined(NO_OLD_TLS) */
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)*/
-#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
- !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
- !defined(NO_OLD_TLS) && !defined(NO_RSA)
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+ !defined(NO_OLD_TLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_WOLFSSL_dtls_version_alert(void)
{
+ EXPECT_DECLS;
struct test_memio_ctx test_ctx;
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
- int ret;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_2_client_method, wolfDTLSv1_server_method);
- if (ret != 0)
- return -1;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_2_client_method, wolfDTLSv1_server_method), 0);
/* client hello */
- ret = wolfSSL_connect(ssl_c);
- if (ret == 0 || ssl_c->error != WANT_READ )
- return -2;
+ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c->error == WANT_READ));
/* hrr */
- ret = wolfSSL_accept(ssl_s);
- if (ret == 0 || ssl_s->error != WANT_READ )
- return -3;
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == WANT_READ));
/* client hello 1 */
- ret = wolfSSL_connect(ssl_c);
- if (ret == 0 || ssl_c->error != WANT_READ )
- return -4;
+ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c->error == WANT_READ));
/* server hello */
- ret = wolfSSL_accept(ssl_s);
- if (ret == 0 || ssl_s->error != WANT_READ )
- return -5;
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == WANT_READ));
/* should fail */
- ret = wolfSSL_connect(ssl_c);
- if (ret == 0 || ssl_c->error != VERSION_ERROR)
- return -6;
+ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c->error == VERSION_ERROR));
/* shuould fail */
- ret = wolfSSL_accept(ssl_s);
- if (ret == 0 ||
- (ssl_s->error != VERSION_ERROR && ssl_s->error != FATAL_ERROR))
- return -7;
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_s->error == VERSION_ERROR || ssl_s->error == FATAL_ERROR));
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#else
static int test_WOLFSSL_dtls_version_alert(void)
@@ -65342,7 +64826,8 @@ static int test_WOLFSSL_dtls_version_alert(void)
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \
- (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
+ (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
+ && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler)
{
struct test_memio_ctx *test_ctx;
@@ -65389,141 +64874,120 @@ static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler)
static int test_ticket_nonce_check(WOLFSSL_SESSION *sess, byte len)
{
- int i;
-
- if (sess == NULL)
- return -1;
-
- if (sess->ticketNonce.len != len)
- return -1;
+ int ret = 0;
- for (i = 0; i < len; i++)
- if (sess->ticketNonce.data[i] != len)
- return -1;
+ if ((sess == NULL) || (sess->ticketNonce.len != len)) {
+ ret = -1;
+ }
+ else {
+ int i;
+ for (i = 0; i < len; i++) {
+ if (sess->ticketNonce.data[i] != len) {
+ ret = -1;
+ break;
+ }
+ }
+ }
- return 0;
+ return ret;
}
static int test_ticket_nonce_malloc_do(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len)
{
+ EXPECT_DECLS;
char *buf[1024];
- int ret;
- ret = send_new_session_ticket(ssl_s, len, len);
- if (ret != 0)
- return -1;
+ ExpectIntEQ(send_new_session_ticket(ssl_s, len, len), 0);
+ ExpectTrue((wolfSSL_recv(ssl_c, buf, 1024, 0) == WOLFSSL_FATAL_ERROR) &&
+ (ssl_c->error == WANT_READ));
- ret = wolfSSL_recv(ssl_c, buf, 1024, 0);
- if (ret != WOLFSSL_SUCCESS && ssl_c->error != WANT_READ)
- return -1;
+ ExpectIntEQ(test_ticket_nonce_check(ssl_c->session, len), 0);
- return test_ticket_nonce_check(ssl_c->session, len);
+ return EXPECT_RESULT();
}
static int test_ticket_nonce_cache(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len)
{
- WOLFSSL_SESSION *sess, *cached;
- WOLFSSL_CTX *ctx;
- int ret;
+ EXPECT_DECLS;
+ WOLFSSL_SESSION *sess = NULL;
+ WOLFSSL_SESSION *cached = NULL;
+ WOLFSSL_CTX *ctx = ssl_c->ctx;
- ctx = ssl_c->ctx;
+ ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, len), TEST_SUCCESS);
+ ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
- ret = test_ticket_nonce_malloc_do(ssl_s, ssl_c, len);
- if (ret != 0)
- return -1;
- sess = wolfSSL_get1_session(ssl_c);
- if (sess == NULL)
- return -1;
+ ExpectIntEQ(AddSessionToCache(ctx, sess, sess->sessionID, sess->sessionIDSz,
+ NULL, ssl_c->options.side, 1,NULL), 0);
- ret = AddSessionToCache(ctx, sess, sess->sessionID, sess->sessionIDSz,
- NULL, ssl_c->options.side, 1,NULL);
- if (ret != 0)
- return -1;
+ ExpectNotNull(cached = wolfSSL_SESSION_new());
- cached = wolfSSL_SESSION_new();
- if (cached == NULL)
- return -1;
+ ExpectIntEQ(wolfSSL_GetSessionFromCache(ssl_c, cached), WOLFSSL_SUCCESS);
- ret = wolfSSL_GetSessionFromCache(ssl_c, cached);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
-
- ret = test_ticket_nonce_check(cached, len);
- if (ret != 0)
- return -1;
+ ExpectIntEQ(test_ticket_nonce_check(cached, len), 0);
wolfSSL_SESSION_free(cached);
wolfSSL_SESSION_free(sess);
- return 0;
+ return EXPECT_RESULT();
}
static int test_ticket_nonce_malloc(void)
{
+ EXPECT_DECLS;
struct test_memio_ctx test_ctx;
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
- byte small, medium, big;
- int ret;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ byte small;
+ byte medium;
+ byte big;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfTLSv1_3_client_method, wolfTLSv1_3_server_method);
- if (ret != 0)
- return -1;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
/* will send ticket manually */
- wolfSSL_no_ticket_TLSv13(ssl_s);
+ ExpectIntEQ(wolfSSL_no_ticket_TLSv13(ssl_s), 0);
wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0);
- while (!ssl_c->options.handShakeDone && !ssl_s->options.handShakeDone) {
- ret = wolfSSL_connect(ssl_c);
- if (ret != WOLFSSL_SUCCESS && ssl_c->error != WANT_READ)
- return -2;
+ while (EXPECT_SUCCESS() && (ssl_c->options.handShakeDone == 0) &&
+ (ssl_s->options.handShakeDone == 0)) {
+ ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_SUCCESS) ||
+ (ssl_c->error == WANT_READ));
- ret = wolfSSL_accept(ssl_s);
- if (ret != WOLFSSL_SUCCESS && ssl_s->error != WANT_READ)
- return -3;
+ ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_SUCCESS) ||
+ (ssl_s->error == WANT_READ));
}
small = TLS13_TICKET_NONCE_STATIC_SZ;
medium = small + 20 <= 255 ? small + 20 : 255;
big = medium + 20 <= 255 ? small + 20 : 255;
- if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, small))
- return -1;
- if (ssl_c->session->ticketNonce.data !=
- ssl_c->session->ticketNonce.dataStatic)
- return -1;
- if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium))
- return -1;
- if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, big))
- return -1;
- if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium))
- return -5;
- if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, small))
- return -6;
-
- if (test_ticket_nonce_cache(ssl_s, ssl_c, small))
- return -1;
- if (test_ticket_nonce_cache(ssl_s, ssl_c, medium))
- return -1;
- if (test_ticket_nonce_cache(ssl_s, ssl_c, big))
- return -1;
- if (test_ticket_nonce_cache(ssl_s, ssl_c, medium))
- return -1;
- if (test_ticket_nonce_cache(ssl_s, ssl_c, small))
- return -1;
+ ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS);
+ ExpectPtrEq(ssl_c->session->ticketNonce.data,
+ ssl_c->session->ticketNonce.dataStatic);
+ ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium),
+ TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, big), TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium),
+ TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, big), TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS);
+ ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
- return 0;
+ return EXPECT_RESULT();
}
#endif /* WOLFSSL_TICKET_NONCE_MALLOC */
@@ -65532,60 +64996,52 @@ static int test_ticket_nonce_malloc(void)
!defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
!defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_RSA) && \
- defined(HAVE_ECC)
+ defined(HAVE_ECC) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
static int test_ticket_ret_create(void)
{
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
byte ticket[SESSION_TICKET_LEN];
struct test_memio_ctx test_ctx;
WOLFSSL_SESSION *sess = NULL;
- word16 ticketLen;
- int ret;
+ word16 ticketLen = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfTLSv1_2_client_method, wolfTLSv1_2_server_method);
- if (ret != 0)
- return TEST_FAIL;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0);
- wolfSSL_CTX_UseSessionTicket(ctx_c);
+ ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx_c), WOLFSSL_SUCCESS);
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
- if (ret != 0)
- return TEST_FAIL;
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
- sess = wolfSSL_get1_session(ssl_c);
- if (sess->ticketLen > SESSION_TICKET_LEN)
- return TEST_FAIL;
- ticketLen = sess->ticketLen;
- XMEMCPY(ticket, sess->ticket, sess->ticketLen);
+ ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
+ ExpectIntLE(sess->ticketLen, SESSION_TICKET_LEN);
+ if (sess != NULL) {
+ ticketLen = sess->ticketLen;
+ XMEMCPY(ticket, sess->ticket, sess->ticketLen);
+ }
wolfSSL_free(ssl_c);
+ ssl_c = NULL;
wolfSSL_free(ssl_s);
+ ssl_s = NULL;
- ssl_s = wolfSSL_new(ctx_s);
- if (ssl_s == NULL)
- return TEST_FAIL;
+ ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_s, &test_ctx);
- ssl_c = wolfSSL_new(ctx_c);
- if (ssl_c == NULL)
- return TEST_FAIL;
+ ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx);
wolfSSL_SetIOReadCtx(ssl_c, &test_ctx);
- wolfSSL_set_session(ssl_c, sess);
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
- if (ret != 0)
- return TEST_FAIL;
- if (ssl_c->session->ticketLen > SESSION_TICKET_LEN)
- return TEST_FAIL;
- if (ssl_c->session->ticketLen != ticketLen)
- return TEST_FAIL;
- if (XMEMCMP(ssl_c->session->ticket, ticket, ticketLen) == 0)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+ ExpectIntLE(ssl_c->session->ticketLen, SESSION_TICKET_LEN);
+ ExpectIntEQ(ssl_c->session->ticketLen, ticketLen);
+ ExpectTrue(XMEMCMP(ssl_c->session->ticket, ticket, ticketLen) != 0);
wolfSSL_SESSION_free(sess);
wolfSSL_free(ssl_c);
@@ -65593,7 +65049,7 @@ static int test_ticket_ret_create(void)
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#else
static int test_ticket_ret_create(void)
@@ -65602,14 +65058,16 @@ static int test_ticket_ret_create(void)
}
#endif
-#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && defined(HAVE_SESSION_TICKET) \
- && defined(OPENSSL_EXTRA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
- defined(HAVE_AESGCM) && !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
+#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && \
+ defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \
+ !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl)
{
int ret;
WOLFSSL_SESSION* session = NULL;
+
AssertIntEQ(wolfSSL_get_current_cipher_suite(ssl), 0x1301);
if (!wolfSSL_is_server(ssl)) {
session = wolfSSL_SESSION_dup(wolfSSL_get_session(ssl));
@@ -65639,7 +65097,7 @@ static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl)
/* Different ciphersuite so that the ticket will be invalidated based on
* the ciphersuite */
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384"),
- WOLFSSL_SUCCESS);
+ WOLFSSL_SUCCESS);
wolfSSL_set_psk_server_tls13_callback(ssl, my_psk_server_tls13_cb);
AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
}
@@ -65649,11 +65107,12 @@ static void test_ticket_and_psk_mixing_ssl_ready(WOLFSSL* ssl)
{
AssertIntEQ(wolfSSL_UseSessionTicket(ssl), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"),
- WOLFSSL_SUCCESS);
+ WOLFSSL_SUCCESS);
}
static int test_ticket_and_psk_mixing(void)
{
+ EXPECT_DECLS;
/* Test mixing tickets and regular PSK */
callback_functions client_cbs, server_cbs;
@@ -65670,10 +65129,10 @@ static int test_ticket_and_psk_mixing(void)
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
- AssertIntEQ(client_cbs.return_code, TEST_SUCCESS);
- AssertIntEQ(server_cbs.return_code, TEST_SUCCESS);
+ ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#else
static int test_ticket_and_psk_mixing(void)
@@ -65753,6 +65212,7 @@ static void test_prioritize_psk_ssl_ready(WOLFSSL* ssl)
static int test_prioritize_psk(void)
{
+ EXPECT_DECLS;
/* We always send the ticket first. With WOLFSSL_PRIORITIZE_PSK the order
* of the PSK's will be followed instead of the ciphersuite. */
callback_functions client_cbs, server_cbs;
@@ -65771,10 +65231,10 @@ static int test_prioritize_psk(void)
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
- AssertIntEQ(client_cbs.return_code, TEST_SUCCESS);
- AssertIntEQ(server_cbs.return_code, TEST_SUCCESS);
+ ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS);
+ ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#else
static int test_prioritize_psk(void)
@@ -65994,9 +65454,10 @@ static int test_TLS_13_ticket_different_ciphers(void)
}
#endif
#if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \
- defined(HAVE_IO_TESTS_DEPENDENCIES)
+ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
-#define TEST_WRONG_CS_CLIENT "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+#define TEST_WRONG_CS_CLIENT "DHE-RSA-AES128-SHA"
+/* AKA TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
byte test_extra_alerts_wrong_cs_sh[] = {
0x16, 0x03, 0x03, 0x00, 0x56, 0x02, 0x00, 0x00, 0x52, 0x03, 0x03, 0xef,
@@ -66013,30 +65474,24 @@ byte test_extra_alerts_wrong_cs_sh[] = {
static int test_extra_alerts_wrong_cs(void)
{
+ EXPECT_DECLS;
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_ALERT_HISTORY h;
WOLFSSL *ssl_c = NULL;
- int ret, err;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
- wolfTLSv1_2_client_method, NULL);
- if (ret != 0)
- return TEST_FAIL;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
+ wolfTLSv1_2_client_method, NULL), 0);
- ret = wolfSSL_set_cipher_list(ssl_c, TEST_WRONG_CS_CLIENT);
- if (ret != WOLFSSL_SUCCESS) {
- wolfSSL_free(ssl_c);
- wolfSSL_CTX_free(ctx_c);
- return TEST_SKIPPED;
- }
+ ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, TEST_WRONG_CS_CLIENT),
+ WOLFSSL_SUCCESS);
/* CH */
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
/* consume CH */
test_ctx.s_len = 0;
@@ -66045,22 +65500,17 @@ static int test_extra_alerts_wrong_cs(void)
sizeof(test_extra_alerts_wrong_cs_sh));
test_ctx.c_len = sizeof(test_extra_alerts_wrong_cs_sh);
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- if (ret == WOLFSSL_SUCCESS || err == WOLFSSL_ERROR_WANT_READ)
- return TEST_FAIL;
- ret = wolfSSL_get_alert_history(ssl_c, &h);
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
- if (h.last_tx.code != illegal_parameter)
- return TEST_FAIL;
- if (h.last_tx.level != alert_fatal)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
+ ExpectIntEQ(h.last_tx.code, illegal_parameter);
+ ExpectIntEQ(h.last_tx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
-
- return TEST_SUCCESS;
+#endif
+ return EXPECT_RESULT();
}
#else
static int test_extra_alerts_wrong_cs(void)
@@ -66070,7 +65520,7 @@ static int test_extra_alerts_wrong_cs(void)
#endif
#if !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_EXTRA_ALERTS) && \
- defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH)
+ defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH)
static void test_remove_msg(byte *msg, int tail_len, int *len, int msg_length)
{
@@ -66149,42 +65599,38 @@ static int test_remove_hs_msg_from_buffer(byte *buf, int *len, byte type,
static int test_remove_hs_message(byte hs_message_type,
int extra_round, byte alert_type)
{
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_ALERT_HISTORY h;
- int ret, err;
- byte found;
+ byte found = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfTLSv1_2_client_method, wolfTLSv1_2_server_method);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- AssertIntNE(ret, WOLFSSL_SUCCESS);
- AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
- ret = wolfSSL_accept(ssl_s);
- err = wolfSSL_get_error(ssl_s, ret);
- AssertIntNE(ret, WOLFSSL_SUCCESS);
- AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
+ ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
if (extra_round) {
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- AssertIntNE(ret, WOLFSSL_SUCCESS);
- AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
/* this will complete handshake from server side */
- ret = wolfSSL_accept(ssl_s);
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
}
- ret = test_remove_hs_msg_from_buffer(test_ctx.c_buff,
- &test_ctx.c_len, hs_message_type, &found);
- AssertIntEQ(ret, 0);
+ ExpectIntEQ(test_remove_hs_msg_from_buffer(test_ctx.c_buff,
+ &test_ctx.c_len, hs_message_type, &found), 0);
if (!found) {
wolfSSL_free(ssl_c);
@@ -66194,44 +65640,37 @@ static int test_remove_hs_message(byte hs_message_type,
return TEST_SKIPPED;
}
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- AssertIntNE(ret, WOLFSSL_SUCCESS);
- AssertIntNE(err, WOLFSSL_ERROR_WANT_READ);
- ret = wolfSSL_get_alert_history(ssl_c, &h);
- AssertIntEQ(ret, WOLFSSL_SUCCESS);
- if (alert_type != 0xff && h.last_tx.code != alert_type)
- return TEST_FAIL;
- if (h.last_tx.level != alert_fatal)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
+ ExpectTrue(alert_type == 0xff || h.last_tx.code == alert_type);
+ ExpectIntEQ(h.last_tx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
static int test_extra_alerts_skip_hs(void)
{
+ EXPECT_DECLS;
const byte _server_key_exchange = 12;
const byte _server_hello = 2;
const byte _certificate = 11;
- int ret;
/* server_hello */
- ret = test_remove_hs_message(_server_hello, 0,
- unexpected_message);
- AssertIntNE(ret, TEST_FAIL);
- ret = test_remove_hs_message(_certificate, 0,
- 0xff);
- AssertIntNE(ret, TEST_FAIL);
- ret = test_remove_hs_message(_server_key_exchange, 0,
- unexpected_message);
- AssertIntNE(ret, TEST_FAIL);
+ ExpectIntNE(test_remove_hs_message(_server_hello, 0,
+ unexpected_message), TEST_FAIL);
+ ExpectIntNE(test_remove_hs_message(_certificate, 0,
+ 0xff), TEST_FAIL);
+ ExpectIntNE(test_remove_hs_message(_server_key_exchange, 0,
+ unexpected_message), TEST_FAIL);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#else
static int test_extra_alerts_skip_hs(void)
@@ -66240,8 +65679,8 @@ static int test_extra_alerts_skip_hs(void)
}
#endif
-#if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
- defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH)
+#if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\
+ && defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH)
static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id,
unsigned char* key, unsigned int key_max_len)
@@ -66256,56 +65695,47 @@ static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id,
static int test_extra_alerts_bad_psk(void)
{
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
WOLFSSL_ALERT_HISTORY h;
- int ret, err;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfTLSv1_2_client_method, wolfTLSv1_2_server_method);
- if (ret != 0)
- return TEST_FAIL;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
- ret = wolfSSL_set_cipher_list(ssl_c, "DHE-PSK-AES128-GCM-SHA256");
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, "DHE-PSK-AES128-GCM-SHA256"),
+ WOLFSSL_SUCCESS);
- ret = wolfSSL_set_cipher_list(ssl_s, "DHE-PSK-AES128-GCM-SHA256");
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_set_cipher_list(ssl_s, "DHE-PSK-AES128-GCM-SHA256"),
+ WOLFSSL_SUCCESS);
wolfSSL_set_psk_server_callback(ssl_s, test_server_psk_cb);
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
- ret = wolfSSL_accept(ssl_s);
- err = wolfSSL_get_error(ssl_s, ret);
- if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+ ExpectIntEQ( wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- if (ret == WOLFSSL_SUCCESS || err == WOLFSSL_ERROR_WANT_READ)
- return TEST_FAIL;
- ret = wolfSSL_get_alert_history(ssl_c, &h);
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
- if (h.last_tx.code != handshake_failure)
- return TEST_FAIL;
- if (h.last_tx.level != alert_fatal)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
+ ExpectIntEQ(h.last_tx.code, handshake_failure);
+ ExpectIntEQ(h.last_tx.level, alert_fatal);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#else
static int test_extra_alerts_bad_psk(void)
@@ -66357,6 +65787,7 @@ static void test_harden_no_secure_renegotiation_on_cleanup(WOLFSSL* ssl)
static int test_harden_no_secure_renegotiation(void)
{
+ EXPECT_DECLS;
callback_functions client_cbs, server_cbs;
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
@@ -66369,12 +65800,13 @@ static int test_harden_no_secure_renegotiation(void)
server_cbs.on_cleanup = test_harden_no_secure_renegotiation_on_cleanup;
test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
- AssertIntEQ(client_cbs.return_code, TEST_FAIL);
- AssertIntEQ(client_cbs.last_err, SECURE_RENEGOTIATION_E);
- AssertIntEQ(server_cbs.return_code, TEST_FAIL);
- AssertIntEQ(server_cbs.last_err, SOCKET_ERROR_E);
+ ExpectIntEQ(client_cbs.return_code, TEST_FAIL);
+ ExpectIntEQ(client_cbs.last_err, SECURE_RENEGOTIATION_E);
+ ExpectIntEQ(server_cbs.return_code, TEST_FAIL);
+ ExpectTrue(server_cbs.last_err == SOCKET_ERROR_E ||
+ server_cbs.last_err == FATAL_ERROR);
- return TEST_RES_CHECK(1);
+ return EXPECT_RESULT();
}
#else
static int test_harden_no_secure_renegotiation(void)
@@ -66387,11 +65819,11 @@ static int test_harden_no_secure_renegotiation(void)
static int test_override_alt_cert_chain_cert_cb(int preverify,
WOLFSSL_X509_STORE_CTX* store)
{
- printf("preverify: %d\n", preverify);
- printf("store->error: %d\n", store->error);
- printf("error reason: %s\n", wolfSSL_ERR_reason_error_string(store->error));
+ fprintf(stderr, "preverify: %d\n", preverify);
+ fprintf(stderr, "store->error: %d\n", store->error);
+ fprintf(stderr, "error reason: %s\n", wolfSSL_ERR_reason_error_string(store->error));
if (store->error == OCSP_INVALID_STATUS) {
- printf("Overriding OCSP error\n");
+ fprintf(stderr, "Overriding OCSP error\n");
return 1;
}
#ifndef WOLFSSL_ALT_CERT_CHAINS
@@ -66402,7 +65834,7 @@ static int test_override_alt_cert_chain_cert_cb(int preverify,
|| store->error == WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
#endif
) && store->error_depth == store->totalCerts - 1) {
- printf("Overriding no signer error only for root cert\n");
+ fprintf(stderr, "Overriding no signer error only for root cert\n");
return 1;
}
#endif
@@ -66478,7 +65910,7 @@ static int test_override_alt_cert_chain(void)
XMEMSET(&client_cbs, 0, sizeof(client_cbs));
XMEMSET(&server_cbs, 0, sizeof(server_cbs));
- printf("test config: %d\n", (int)i);
+ fprintf(stderr, "test config: %d\n", (int)i);
client_cbs.ctx_ready = params[i].client_ctx_cb;
server_cbs.ctx_ready = params[i].server_ctx_cb;
@@ -66499,68 +65931,1070 @@ static int test_override_alt_cert_chain(void)
}
#endif
-#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+#if defined(HAVE_RPK)
+#define svrRpkCertFile "./certs/rpk/server-cert-rpk.der"
+#define clntRpkCertFile "./certs/rpk/client-cert-rpk.der"
-static int test_dtls13_bad_epoch_ch(void)
+#if defined(WOLFSSL_ALWAYS_VERIFY_CB)
+static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx)
{
+ int ret = WOLFSSL_SUCCESS;
+ (void)mode;
+ (void)strctx;
+ WOLFSSL_ENTER("MyRpkVerifyCb");
+ return ret;
+}
+#endif /* WOLFSSL_ALWAYS_VERIFY_CB */
+
+static WC_INLINE int test_rpk_memio_setup(
+ struct test_memio_ctx *ctx,
+ WOLFSSL_CTX **ctx_c,
+ WOLFSSL_CTX **ctx_s,
+ WOLFSSL **ssl_c,
+ WOLFSSL **ssl_s,
+ method_provider method_c,
+ method_provider method_s,
+ const char* certfile_c, int fmt_cc, /* client cert file path and format */
+ const char* certfile_s, int fmt_cs, /* server cert file path and format */
+ const char* pkey_c, int fmt_kc, /* client private key and format */
+ const char* pkey_s, int fmt_ks /* server private key and format */
+ )
+{
+ int ret;
+ if (ctx_c != NULL && *ctx_c == NULL) {
+ *ctx_c = wolfSSL_CTX_new(method_c());
+ if (*ctx_c == NULL) {
+ return -1;
+ }
+ wolfSSL_CTX_set_verify(*ctx_c, WOLFSSL_VERIFY_PEER, NULL);
+
+ ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+ wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
+ wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
+
+ ret = wolfSSL_CTX_use_certificate_file(*ctx_c, certfile_c, fmt_cc);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+ ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_c, pkey_c, fmt_kc);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+ }
+
+ if (ctx_s != NULL && *ctx_s == NULL) {
+ *ctx_s = wolfSSL_CTX_new(method_s());
+ if (*ctx_s == NULL) {
+ return -1;
+ }
+ wolfSSL_CTX_set_verify(*ctx_s, WOLFSSL_VERIFY_PEER, NULL);
+
+ ret = wolfSSL_CTX_load_verify_locations(*ctx_s, cliCertFile, 0);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+
+ ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, pkey_s, fmt_ks);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+ ret = wolfSSL_CTX_use_certificate_file(*ctx_s, certfile_s, fmt_cs);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+ wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
+ wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
+ if (ctx->s_ciphers != NULL) {
+ ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
+ if (ret != WOLFSSL_SUCCESS) {
+ return -1;
+ }
+ }
+ }
+
+ if (ctx_c != NULL && ssl_c != NULL) {
+ *ssl_c = wolfSSL_new(*ctx_c);
+ if (*ssl_c == NULL) {
+ return -1;
+ }
+ wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
+ wolfSSL_SetIOReadCtx(*ssl_c, ctx);
+ }
+ if (ctx_s != NULL && ssl_s != NULL) {
+ *ssl_s = wolfSSL_new(*ctx_s);
+ if (*ssl_s == NULL) {
+ return -1;
+ }
+ wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
+ wolfSSL_SetIOReadCtx(*ssl_s, ctx);
+#if !defined(NO_DH)
+ SetDH(*ssl_s);
+#endif
+ }
+
+ return 0;
+}
+#endif /* HAVE_RPK */
+
+static int test_rpk_set_xxx_cert_type(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_RPK)
+
+ char ctype[MAX_CLIENT_CERT_TYPE_CNT + 1]; /* prepare bigger buffer */
+ WOLFSSL_CTX* ctx = NULL;
+ WOLFSSL* ssl = NULL;
+ int tp;
+
+ ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
+ ExpectNotNull(ctx);
+
+ ssl = wolfSSL_new(ctx);
+ ExpectNotNull(ssl);
+
+ /*--------------------------------------------*/
+ /* tests for wolfSSL_CTX_set_client_cert_type */
+ /*--------------------------------------------*/
+
+ /* illegal parameter test caces */
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(NULL, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+ sizeof(ctype)),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
+ ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_X509;
+ ctype[1] = 10; /* set unknown cert type */
+
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+ /* pass larger type count */
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+ ctype[1] = WOLFSSL_CERT_TYPE_X509;
+ ctype[2] = 1; /* pass unacceptable type count */
+
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT + 1),
+ BAD_FUNC_ARG);
+
+ /* should accept NULL for type buffer */
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, NULL,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /* should accept zero for type count */
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+ 0),
+ WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /*--------------------------------------------*/
+ /* tests for wolfSSL_CTX_set_server_cert_type */
+ /*--------------------------------------------*/
+
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(NULL, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+ sizeof(ctype)),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
+ ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_X509;
+ ctype[1] = 10; /* set unknown cert type */
+
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+ /* pass larger type count */
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+ ctype[1] = WOLFSSL_CERT_TYPE_X509;
+ ctype[2] = 1; /* pass unacceptable type count */
+
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+ MAX_SERVER_CERT_TYPE_CNT + 1),
+ BAD_FUNC_ARG);
+
+ /* should accept NULL for type buffer */
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, NULL,
+ MAX_SERVER_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /* should accept zero for type count */
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+ 0),
+ WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /*--------------------------------------------*/
+ /* tests for wolfSSL_set_client_cert_type */
+ /*--------------------------------------------*/
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(NULL, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+ sizeof(ctype)),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
+ ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_X509;
+ ctype[1] = 10; /* set unknown cert type */
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+ /* pass larger type count */
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+ ctype[1] = WOLFSSL_CERT_TYPE_X509;
+ ctype[2] = 1; /* pass unacceptable type count */
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT + 1),
+ BAD_FUNC_ARG);
+
+ /* should accept NULL for type buffer */
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, NULL,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /* should accept zero for type count */
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+ 0),
+ WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+ MAX_CLIENT_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /*--------------------------------------------*/
+ /* tests for wolfSSL_CTX_set_server_cert_type */
+ /*--------------------------------------------*/
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(NULL, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+ sizeof(ctype)),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK; /* set an identical cert type */
+ ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+
+ ctype[0] = WOLFSSL_CERT_TYPE_X509;
+ ctype[1] = 10; /* set unknown cert type */
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ BAD_FUNC_ARG);
+ /* pass larger type count */
+ ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+ ctype[1] = WOLFSSL_CERT_TYPE_X509;
+ ctype[2] = 1; /* pass unacceptable type count */
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+ MAX_SERVER_CERT_TYPE_CNT + 1),
+ BAD_FUNC_ARG);
+
+ /* should accept NULL for type buffer */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, NULL,
+ MAX_SERVER_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /* should accept zero for type count */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+ 0),
+ WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+ MAX_SERVER_CERT_TYPE_CNT),
+ WOLFSSL_SUCCESS);
+
+ /*------------------------------------------------*/
+ /* tests for wolfSSL_get_negotiated_xxx_cert_type */
+ /*------------------------------------------------*/
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(NULL, &tp),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl, NULL),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(NULL, &tp),
+ BAD_FUNC_ARG);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl, NULL),
+ BAD_FUNC_ARG);
+
+
+ /* clean up */
+ wolfSSL_free(ssl);
+ wolfSSL_CTX_free(ctx);
+
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_tls13_rpk_handshake(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_RPK)
+ int ret = 0;
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
struct test_memio_ctx test_ctx;
- const int EPOCH_OFF = 3;
- int ret, err;
+ int err;
+ char certType_c[MAX_CLIENT_CERT_TYPE_CNT];
+ char certType_s[MAX_CLIENT_CERT_TYPE_CNT];
+ int typeCnt_c;
+ int typeCnt_s;
+ int tp;
+ (void)err;
+ (void)typeCnt_c;
+ (void)typeCnt_s;
+ (void)certType_c;
+ (void)certType_s;
+
+ /* TLS1.2
+ * Both client and server load x509 cert and start handshaking.
+ * Check no negotiation occurred.
+ */
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method);
- if (ret != 0)
- return TEST_FAIL;
- /* disable hrr cookie so we can later check msgsReceived.got_client_hello
- * with just one message */
- ret = wolfSSL_disable_hrr_cookie(ssl_s);
- if (ret != WOLFSSL_SUCCESS)
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+ cliCertFile, WOLFSSL_FILETYPE_PEM,
+ svrCertFile, WOLFSSL_FILETYPE_PEM,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM)
+ , 0);
+
+
+ /* set client certificate type in client end */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_s = 2;
+
+ /* both clien and server do not call client/server_cert_type APIs,
+ * expecting default settings works and no negotiation performed.
+ */
+
+ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
- ret = wolfSSL_connect(ssl_c);
- err = wolfSSL_get_error(ssl_c, ret);
- if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
+ /* confirm no negotiation occurred */
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+ /* Both client and server load x509 cert and start handshaking.
+ * Check no negotiation occurred.
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ cliCertFile, WOLFSSL_FILETYPE_PEM,
+ svrCertFile, WOLFSSL_FILETYPE_PEM,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* set client certificate type in client end */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_s = 2;
+
+ /* both clien and server do not call client/server_cert_type APIs,
+ * expecting default settings works and no negotiation performed.
+ */
+
+ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
- if (test_ctx.s_len < EPOCH_OFF + 2)
+ /* confirm no negotiation occurred */
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+ /* Both client and server load RPK cert and start handshaking.
+ * Confirm negotiated cert types match as expected.
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* set client certificate type in client end */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* set server certificate type in client end */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* set client certificate type in server end */
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* set server certificate type in server end */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
- /* first CH should use epoch 0x0 */
- if (test_ctx.s_buff[EPOCH_OFF] != 0x0 ||
- test_ctx.s_buff[EPOCH_OFF + 1] != 0x0)
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+ /* TLS1.2
+ * Both client and server load RPK cert and start handshaking.
+ * Confirm negotiated cert types match as expected.
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+ clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* set client certificate type in client end */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* set server certificate type in client end */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* set client certificate type in server end */
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* set server certificate type in server end */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
- /* change epoch to 2 */
- test_ctx.s_buff[EPOCH_OFF + 1] = 0x2;
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+ /* Both client and server load x509 cert.
+ * Have client call set_client_cert_type with both RPK and x509.
+ * This doesn't makes client add client cert type extension to ClientHello,
+ * since it does not load RPK cert actually.
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ cliCertFile, WOLFSSL_FILETYPE_PEM,
+ svrCertFile, WOLFSSL_FILETYPE_PEM,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* set client certificate type in client end */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ /* client indicates both RPK and x509 certs are available but loaded RPK
+ * cert only. It does not have client add client-cert-type extension in CH.
+ */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* client indicates both RPK and x509 certs are acceptable */
+ certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* server indicates both RPK and x509 certs are acceptable */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* server should indicate only RPK cert is available */
+ certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_s[1] = -1;
+ typeCnt_s = 1;
- ret = wolfSSL_accept(ssl_s);
- err = wolfSSL_get_error(ssl_s, ret);
- if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
- if (ssl_s->msgsReceived.got_client_hello == 1)
+ /* Negotiation for client-cert-type should NOT happen. Therefore -1 should
+ * be returned as cert type.
+ */
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+ /* Have client load RPK cert and have server load x509 cert.
+ * Check the negotiation result from both ends.
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ svrCertFile, WOLFSSL_FILETYPE_PEM,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* have client tell to use RPK cert */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = -1;
+ typeCnt_c = 1;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* have client tell to accept both RPK and x509 cert */
+ certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* have server accept to both RPK and x509 cert */
+ certType_c[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
+ typeCnt_c = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* does not call wolfSSL_set_server_cert_type intentionally in sesrver
+ * end, expecting the default setting works.
+ */
+
+
+ if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
return TEST_FAIL;
- /* resend the CH */
- ret = wolfSSL_dtls_got_timeout(ssl_c);
- if (ret != WOLFSSL_SUCCESS)
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+ /* Have both client and server load RPK cert, however, have server
+ * indicate its cert type x509.
+ * Client is expected to detect the cert type mismatch then to send alert
+ * with "unsupported_certificate".
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ svrRpkCertFile, WOLFSSL_FILETYPE_ASN1, /* server sends RPK cert */
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* have client tell to use RPK cert */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = -1;
+ typeCnt_c = 1;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* have client tell to accept both RPK and x509 cert */
+ certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* have server accept to both RPK and x509 cert */
+ certType_c[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
+ typeCnt_c = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* have server tell to use x509 cert intentionally. This will bring
+ * certificate type mismatch in client side.
+ */
+ certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_s[1] = -1;
+ typeCnt_s = 1;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* expect client detect cert type mismatch then send Alert */
+ ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
+ if (ret != -1)
return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, ret), UNSUPPORTED_CERTIFICATE);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+ /* Have client load x509 cert and server load RPK cert,
+ * however, have client indicate its cert type RPK.
+ * Server is expected to detect the cert type mismatch then to send alert
+ * with "unsupported_certificate".
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ cliCertFile, WOLFSSL_FILETYPE_PEM,
+ svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* have client tell to use RPK cert intentionally */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = -1;
+ typeCnt_c = 1;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* have client tell to accept both RPK and x509 cert */
+ certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* have server accept to both RPK and x509 cert */
+ certType_c[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
+ typeCnt_c = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* have server tell to use x509 cert intentionally. This will bring
+ * certificate type mismatch in client side.
+ */
+ certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+ certType_s[1] = -1;
+ typeCnt_s = 1;
+
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
+
+ /* expect server detect cert type mismatch then send Alert */
+ ExpectIntNE(ret, 0);
+ err = wolfSSL_get_error(ssl_c, ret);
+ ExpectIntEQ(err, UNSUPPORTED_CERTIFICATE);
+
+ /* client did not load RPK cert actually, so negotiation did not happen */
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ /* client did not load RPK cert actually, so negotiation did not happen */
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+
+
+#if defined(WOLFSSL_ALWAYS_VERIFY_CB)
+ /* Both client and server load RPK cert and set certificate verify
+ * callbacks then start handshaking.
+ * Confirm both side can refer the peer's cert.
+ */
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(
+ test_rpk_memio_setup(
+ &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ svrRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+ cliKeyFile, WOLFSSL_FILETYPE_PEM,
+ svrKeyFile, WOLFSSL_FILETYPE_PEM )
+ , 0);
+
+ /* set client certificate type in client end */
+ certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_c = 2;
+
+ certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+ certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+ typeCnt_s = 2;
+
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* set server certificate type in client end */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* set client certificate type in server end */
+ ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+ WOLFSSL_SUCCESS);
+
+ /* set server certificate type in server end */
+ ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+ WOLFSSL_SUCCESS);
+
+ /* set certificate verify callback to both client and server */
+ int isServer = 0;
+ wolfSSL_SetCertCbCtx(ssl_c, &isServer);
+ wolfSSL_set_verify(ssl_c, SSL_VERIFY_PEER, MyRpkVerifyCb);
+
+ isServer = 1;
+ wolfSSL_SetCertCbCtx(ssl_c, &isServer);
+ wolfSSL_set_verify(ssl_s, SSL_VERIFY_PEER, MyRpkVerifyCb);
+
ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
if (ret != 0)
return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+ ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+#endif /* WOLFSSL_ALWAYS_VERIFY_CB */
- return TEST_SUCCESS;
+#endif /* HAVE_RPK */
+ return EXPECT_RESULT();
+}
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+
+
+static int test_dtls13_bad_epoch_ch(void)
+{
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ const int EPOCH_OFF = 3;
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+
+ /* disable hrr cookie so we can later check msgsReceived.got_client_hello
+ * with just one message */
+ ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
+
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+
+ ExpectIntGE(test_ctx.s_len, EPOCH_OFF + 2);
+
+ /* first CH should use epoch 0x0 */
+ ExpectTrue((test_ctx.s_buff[EPOCH_OFF] == 0x0) &&
+ (test_ctx.s_buff[EPOCH_OFF + 1] == 0x0));
+
+ /* change epoch to 2 */
+ test_ctx.s_buff[EPOCH_OFF + 1] = 0x2;
+
+ ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+
+ ExpectIntNE(ssl_s->msgsReceived.got_client_hello, 1);
+
+ /* resend the CH */
+ ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+
+ return EXPECT_RESULT();
}
#else
static int test_dtls13_bad_epoch_ch(void)
@@ -66569,9 +67003,92 @@ static int test_dtls13_bad_epoch_ch(void)
}
#endif
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && !defined(NO_SESSION_CACHE)
+static int test_short_session_id_ssl_ready(WOLFSSL* ssl)
+{
+ EXPECT_DECLS;
+ WOLFSSL_SESSION *sess = NULL;
+ /* Setup the session to avoid errors */
+ ssl->session->timeout = -1;
+ ssl->session->side = WOLFSSL_CLIENT_END;
+#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
+ defined(HAVE_SESSION_TICKET))
+ ssl->session->version = ssl->version;
+#endif
+ /* Force a short session ID to be sent */
+ ssl->session->sessionIDSz = 4;
+#ifndef NO_SESSION_CACHE_REF
+ /* Allow the client cache to be used */
+ ssl->session->idLen = 4;
+#endif
+ ssl->session->isSetup = 1;
+ ExpectNotNull(sess = wolfSSL_get_session(ssl));
+ ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
+}
+
+static int test_short_session_id(void)
+{
+ EXPECT_DECLS;
+ test_ssl_cbf client_cbf;
+ test_ssl_cbf server_cbf;
+ size_t i;
+ struct {
+ method_provider client_meth;
+ method_provider server_meth;
+ const char* tls_version;
+ } params[] = {
+#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
+ defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID) && \
+ !defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
+/* With WOLFSSL_TLS13_MIDDLEBOX_COMPAT a short ID will result in an error */
+ { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" },
+#ifdef WOLFSSL_DTLS13
+ { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" },
+#endif
+#endif
+#ifndef WOLFSSL_NO_TLS12
+ { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" },
+#ifdef WOLFSSL_DTLS
+ { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" },
+#endif
+#endif
+#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
+ !defined(NO_DES3))
+ { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" },
+#ifdef WOLFSSL_DTLS
+ { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" },
+#endif
+#endif
+ };
+
+ fprintf(stderr, "\n");
+
+ for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
-#if defined(HAVE_NULL_CIPHER) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
- defined(WOLFSSL_DTLS13)
+ fprintf(stderr, "\tTesting short ID with %s\n", params[i].tls_version);
+
+ client_cbf.ssl_ready = test_short_session_id_ssl_ready;
+ client_cbf.method = params[i].client_meth;
+ server_cbf.method = params[i].server_meth;
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+ &server_cbf, NULL), TEST_SUCCESS);
+ }
+
+ return EXPECT_RESULT();
+}
+#else
+static int test_short_session_id(void)
+{
+ return TEST_SKIPPED;
+}
+#endif
+
+#if defined(HAVE_NULL_CIPHER) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) \
+ && defined(WOLFSSL_DTLS13)
static byte* test_find_string(const char *string,
byte *buf, int buf_size)
{
@@ -66587,44 +67104,38 @@ static byte* test_find_string(const char *string,
static int test_wolfSSL_dtls13_null_cipher(void)
{
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
struct test_memio_ctx test_ctx;
const char *test_str = "test";
- int ret, test_str_size;
- byte buf[255], *ptr;
+ int test_str_size;
+ byte buf[255], *ptr = NULL;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
test_ctx.c_ciphers = test_ctx.s_ciphers = "TLS13-SHA256-SHA256";
- ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
- wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method);
- if (ret != 0)
- return TEST_FAIL;
- ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
- if (ret != 0)
- return TEST_FAIL;
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
test_str_size = XSTRLEN("test") + 1;
- ret = wolfSSL_write(ssl_c, test_str, test_str_size);
- if (ret != test_str_size)
- return TEST_FAIL;
- ret = wolfSSL_read(ssl_s, buf, sizeof(buf));
- if (ret != test_str_size || XSTRCMP((char*)buf, test_str) != 0)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
+ ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size);
+ ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0);
- ret = wolfSSL_write(ssl_c, test_str, test_str_size);
- if (ret != test_str_size)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
/* check that the packet was sent cleartext */
- ptr = test_find_string(test_str, test_ctx.s_buff, test_ctx.s_len);
- if (ptr == NULL)
- return TEST_FAIL;
- /* modify the message */
- *ptr = 'H';
- /* bad messages should be ignored in DTLS */
- ret = wolfSSL_read(ssl_s, buf, sizeof(buf));
- if (ret != -1 || ssl_s->error != WANT_READ)
- return TEST_FAIL;
+ ExpectNotNull(ptr = test_find_string(test_str, test_ctx.s_buff,
+ test_ctx.s_len));
+ if (ptr != NULL) {
+ /* modify the message */
+ *ptr = 'H';
+ /* bad messages should be ignored in DTLS */
+ ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), -1);
+ ExpectIntEQ(ssl_s->error, WANT_READ);
+ }
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
@@ -66710,6 +67221,7 @@ static int test_dtls_msg_from_other_peer_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
* is done in test_dtls_msg_from_other_peer_cb */
static int test_dtls_msg_from_other_peer(void)
{
+ EXPECT_DECLS;
callback_functions client_cbs;
callback_functions server_cbs;
@@ -66724,11 +67236,10 @@ static int test_dtls_msg_from_other_peer(void)
test_wolfSSL_client_server_nofail_ex(&client_cbs, &server_cbs,
test_dtls_msg_from_other_peer_cb);
- if (client_cbs.return_code != WOLFSSL_SUCCESS ||
- server_cbs.return_code != WOLFSSL_SUCCESS)
- return TEST_FAIL;
+ ExpectIntEQ(client_cbs.return_code, WOLFSSL_SUCCESS);
+ ExpectIntEQ(server_cbs.return_code, WOLFSSL_SUCCESS);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#else
static int test_dtls_msg_from_other_peer(void)
@@ -66740,76 +67251,55 @@ static int test_dtls_msg_from_other_peer(void)
* !defined(SINGLE_THREADED) && !defined(NO_RSA) */
#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_IPV6) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
- defined(HAVE_IO_TESTS_DEPENDENCIES)
+ defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
static int test_dtls_ipv6_check(void)
{
- WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
- WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+ EXPECT_DECLS;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
SOCKADDR_IN fake_addr6;
- int sockfd;
- int ret;
+ int sockfd = -1;
- ctx_c = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
- if (ctx_c == NULL)
- return TEST_FAIL;
- ssl_c = wolfSSL_new(ctx_c);
- if (ssl_c == NULL)
- return TEST_FAIL;
- ctx_s = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
- if (ctx_s == NULL)
- return TEST_FAIL;
- ret = wolfSSL_CTX_use_PrivateKey_file(ctx_s, svrKeyFile,
- WOLFSSL_FILETYPE_PEM);
- if (ret != WOLFSSL_SUCCESS)
- return- -1;
- ret = wolfSSL_CTX_use_certificate_file(ctx_s, svrCertFile,
- WOLFSSL_FILETYPE_PEM);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
- ssl_s = wolfSSL_new(ctx_s);
- if (ssl_s == NULL)
- return TEST_FAIL;
+ ExpectNotNull(ctx_c = wolfSSL_CTX_new(wolfDTLSv1_2_client_method()));
+ ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
+ ExpectNotNull(ctx_s = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
+ ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx_s, svrKeyFile,
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx_s, svrCertFile,
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
XMEMSET((byte*)&fake_addr6, 0, sizeof(fake_addr6));
/* mimic a sockaddr_in6 struct, this way we can't test without
* WOLFSSL_IPV6 */
fake_addr6.sin_family = WOLFSSL_IP6;
- sockfd = socket(AF_INET, SOCK_DGRAM, 0);
- if (sockfd == -1)
- return TEST_FAIL;
- ret = wolfSSL_set_fd(ssl_c, sockfd);
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
+ ExpectIntNE(sockfd = socket(AF_INET, SOCK_DGRAM, 0), -1);
+ ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS);
/* can't return error here, as the peer is opaque for wolfssl library at
* this point */
- ret = wolfSSL_dtls_set_peer(ssl_c, &fake_addr6, sizeof(fake_addr6));
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
- ret = fcntl(sockfd, F_SETFL, O_NONBLOCK);
- if (ret == -1)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_c, &fake_addr6, sizeof(fake_addr6)),
+ WOLFSSL_SUCCESS);
+ ExpectIntNE(fcntl(sockfd, F_SETFL, O_NONBLOCK), -1);
wolfSSL_dtls_set_using_nonblock(ssl_c, 1);
- ret = wolfSSL_connect(ssl_c);
- if (ret != WOLFSSL_FAILURE && ssl_c->error != SOCKET_ERROR_E)
- return TEST_FAIL;
+ ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+ ExpectIntEQ(ssl_c->error, SOCKET_ERROR_E);
- ret = wolfSSL_dtls_set_peer(ssl_s, &fake_addr6, sizeof(fake_addr6));
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
- /* re-use the socket */
- ret = wolfSSL_set_fd(ssl_c, sockfd);
- if (ret != WOLFSSL_SUCCESS)
- return TEST_FAIL;
+ ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_s, &fake_addr6, sizeof(fake_addr6)),
+ WOLFSSL_SUCCESS);
+ /* reuse the socket */
+ ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS);
wolfSSL_dtls_set_using_nonblock(ssl_s, 1);
- ret = wolfSSL_accept(ssl_s);
- if (ret != WOLFSSL_FAILURE && ssl_s->error != SOCKET_ERROR_E)
- return TEST_FAIL;
- close(sockfd);
+ ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+ ExpectIntEQ(ssl_s->error, SOCKET_ERROR_E);
+ if (sockfd != -1)
+ close(sockfd);
wolfSSL_free(ssl_c);
wolfSSL_CTX_free(ctx_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_s);
- return TEST_SUCCESS;
+ return EXPECT_RESULT();
}
#else
static int test_dtls_ipv6_check(void)
@@ -66818,16 +67308,1582 @@ static int test_dtls_ipv6_check(void)
}
#endif
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
+
+static WOLFSSL_SESSION* test_wolfSSL_SCR_after_resumption_session = NULL;
+
+static void test_wolfSSL_SCR_after_resumption_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_wolfSSL_SCR_after_resumption_on_result(WOLFSSL* ssl)
+{
+ if (test_wolfSSL_SCR_after_resumption_session == NULL) {
+ test_wolfSSL_SCR_after_resumption_session = wolfSSL_get1_session(ssl);
+ AssertNotNull(test_wolfSSL_SCR_after_resumption_session);
+ }
+ else {
+ char testMsg[] = "Message after SCR";
+ char msgBuf[sizeof(testMsg)];
+ int ret;
+ if (!wolfSSL_is_server(ssl)) {
+ AssertIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_set_session(ssl,
+ test_wolfSSL_SCR_after_resumption_session));
+ }
+ AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
+ AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+ sizeof(testMsg));
+ ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
+ if (ret != sizeof(msgBuf)) /* Possibly APP_DATA_READY error. Retry. */
+ ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
+ AssertIntEQ(ret, sizeof(msgBuf));
+ }
+}
+
+static void test_wolfSSL_SCR_after_resumption_ssl_ready(WOLFSSL* ssl)
+{
+ AssertIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_set_session(ssl, test_wolfSSL_SCR_after_resumption_session));
+}
+
+static int test_wolfSSL_SCR_after_resumption(void)
+{
+ EXPECT_DECLS;
+ callback_functions func_cb_client;
+ callback_functions func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+
+ func_cb_client.method = wolfTLSv1_2_client_method;
+ func_cb_client.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready;
+ func_cb_client.on_result = test_wolfSSL_SCR_after_resumption_on_result;
+ func_cb_server.method = wolfTLSv1_2_server_method;
+ func_cb_server.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ func_cb_client.ssl_ready = test_wolfSSL_SCR_after_resumption_ssl_ready;
+ func_cb_server.on_result = test_wolfSSL_SCR_after_resumption_on_result;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ wolfSSL_SESSION_free(test_wolfSSL_SCR_after_resumption_session);
+
+ return EXPECT_RESULT();
+}
+
+#else
+static int test_wolfSSL_SCR_after_resumption(void)
+{
+ return TEST_SKIPPED;
+}
+#endif
+
static int test_wolfSSL_configure_args(void)
{
- int res = TEST_SKIPPED;
-#if defined(LIBWOLFSSL_CONFIGURE_ARGS) && defined(HAVE_WC_INTROSPECTION)
EXPECT_DECLS;
+#if defined(LIBWOLFSSL_CONFIGURE_ARGS) && defined(HAVE_WC_INTROSPECTION)
ExpectNotNull(wolfSSL_configure_args());
- res = EXPECT_RESULT();
#endif
- return res;
+ return EXPECT_RESULT();
+}
+
+static int test_dtls_no_extensions(void)
+{
+ EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
+ !defined(WOLFSSL_NO_TLS12)
+ WOLFSSL *ssl_s = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ struct test_memio_ctx test_ctx;
+ const byte chNoExtensions[] = {
+ /* Handshake type */
+ 0x16,
+ /* Version */
+ 0xfe, 0xff,
+ /* Epoch */
+ 0x00, 0x00,
+ /* Seq number */
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ /* Length */
+ 0x00, 0x40,
+ /* CH type */
+ 0x01,
+ /* Length */
+ 0x00, 0x00, 0x34,
+ /* Msg Seq */
+ 0x00, 0x00,
+ /* Frag offset */
+ 0x00, 0x00, 0x00,
+ /* Frag length */
+ 0x00, 0x00, 0x34,
+ /* Version */
+ 0xfe, 0xff,
+ /* Random */
+ 0x62, 0xfe, 0xbc, 0xfe, 0x2b, 0xfe, 0x3f, 0xeb, 0x03, 0xc4, 0xea, 0x37,
+ 0xe7, 0x47, 0x7e, 0x8a, 0xd9, 0xbf, 0x77, 0x0f, 0x6c, 0xb6, 0x77, 0x0b,
+ 0x03, 0x3f, 0x82, 0x2b, 0x21, 0x64, 0x57, 0x1d,
+ /* Session Length */
+ 0x00,
+ /* Cookie Length */
+ 0x00,
+ /* CS Length */
+ 0x00, 0x0c,
+ /* CS */
+ 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x39, 0x00, 0x33,
+ /* Comp Meths Length */
+ 0x01,
+ /* Comp Meths */
+ 0x00
+ /* And finally... no extensions */
+ };
+ int i;
+#ifdef OPENSSL_EXTRA
+ int repeats = 2;
+#else
+ int repeats = 1;
+#endif
+
+ for (i = 0; i < repeats; i++) {
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ ssl_s = NULL;
+ ctx_s = NULL;
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
+ NULL, wolfDTLS_server_method), 0);
+
+ XMEMCPY(test_ctx.s_buff, chNoExtensions, sizeof(chNoExtensions));
+ test_ctx.s_len = sizeof(chNoExtensions);
+
+#ifdef OPENSSL_EXTRA
+ if (i > 0) {
+ ExpectIntEQ(wolfSSL_set_max_proto_version(ssl_s, DTLS1_2_VERSION),
+ WOLFSSL_SUCCESS);
+ }
+#endif
+
+ ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+
+ /* Expecting a handshake msg. Either HVR or SH. */
+ ExpectIntGT(test_ctx.c_len, 0);
+ ExpectIntEQ(test_ctx.c_buff[0], 0x16);
+
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+ }
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_TLSX_CA_NAMES_bad_extension(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+ !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES) && \
+ defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA384) && \
+ defined(HAVE_NULL_CIPHER)
+ /* This test should only fail (with BUFFER_ERROR) when we actually try to
+ * parse the CA Names extension. Otherwise it will return other non-related
+ * errors. If CA Names will be parsed in more configurations, that should
+ * be reflected in the macro guard above. */
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL_CTX *ctx_c = NULL;
+ struct test_memio_ctx test_ctx;
+ /* HRR + SH using TLS_DHE_PSK_WITH_NULL_SHA384 */
+ const byte shBadCaNamesExt[] = {
+ 0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf,
+ 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e,
+ 0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07,
+ 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00,
+ 0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02,
+ 0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00,
+ 0x5c, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x03, 0xcf, 0x21, 0xad, 0x74,
+ 0x00, 0x00, 0x83, 0x3f, 0x3b, 0x80, 0x01, 0xac, 0x65, 0x8c, 0x19, 0x2a,
+ 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x02, 0x00, 0x9e, 0x09, 0x1c, 0xe8,
+ 0xa8, 0x09, 0x9c, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00,
+ 0x03, 0x3f, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x13, 0x05,
+ 0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x00, 0x09, 0x00, 0x00,
+ 0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x01, 0xff,
+ 0xff, 0xff, 0xff, 0xfa, 0x0d, 0x00, 0x00, 0x00, 0xad, 0x02
+ };
+ const byte shBadCaNamesExt2[] = {
+ 0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf,
+ 0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e,
+ 0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07,
+ 0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00,
+ 0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02,
+ 0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00,
+ 0x5e, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x7f, 0xd0, 0x2d, 0xea, 0x6e,
+ 0x53, 0xa1, 0x6a, 0xc9, 0xc8, 0x54, 0xef, 0x75, 0xe4, 0xd9, 0xc6, 0x3e,
+ 0x74, 0xcb, 0x30, 0x80, 0xcc, 0x83, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0xc0, 0x5a, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00,
+ 0x03, 0x03, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x53, 0x25,
+ 0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x02, 0x05, 0x00, 0x00,
+ 0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x06, 0x00,
+ 0x04, 0x00, 0x03, 0x30, 0x00, 0x13, 0x94, 0x00, 0x06, 0x00, 0x04, 0x02
+ };
+ int i = 0;
+
+ for (i = 0; i < 2; i++) {
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
+ wolfTLSv1_3_client_method, NULL), 0);
+
+ switch (i) {
+ case 0:
+ XMEMCPY(test_ctx.c_buff, shBadCaNamesExt,
+ sizeof(shBadCaNamesExt));
+ test_ctx.c_len = sizeof(shBadCaNamesExt);
+ break;
+ case 1:
+ XMEMCPY(test_ctx.c_buff, shBadCaNamesExt2,
+ sizeof(shBadCaNamesExt2));
+ test_ctx.c_len = sizeof(shBadCaNamesExt2);
+ break;
+ }
+
+ ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), OUT_OF_ORDER_E);
+#else
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), BUFFER_ERROR);
+#endif
+
+ wolfSSL_free(ssl_c);
+ ssl_c = NULL;
+ wolfSSL_CTX_free(ctx_c);
+ ctx_c = NULL;
+ }
+
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES)
+static void test_dtls_1_0_hvr_downgrade_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
+ WOLFSSL_SUCCESS);
+}
+
+static int test_dtls_1_0_hvr_downgrade(void)
+{
+ EXPECT_DECLS;
+ callback_functions func_cb_client;
+ callback_functions func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+ func_cb_client.doUdp = func_cb_server.doUdp = 1;
+ func_cb_client.method = wolfDTLS_client_method;
+ func_cb_server.method = wolfDTLSv1_2_server_method;
+ func_cb_client.ctx_ready = test_dtls_1_0_hvr_downgrade_ctx_ready;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ return EXPECT_RESULT();
+}
+#else
+static int test_dtls_1_0_hvr_downgrade(void)
+{
+ EXPECT_DECLS;
+ return EXPECT_RESULT();
+}
+#endif
+
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) && \
+ defined(HAVE_SESSION_TICKET)
+
+static WOLFSSL_SESSION* test_session_ticket_no_id_session = NULL;
+
+static void test_session_ticket_no_id_on_result(WOLFSSL* ssl)
+{
+ test_session_ticket_no_id_session = wolfSSL_get1_session(ssl);
+ AssertNotNull(test_session_ticket_no_id_session);
+}
+
+static void test_session_ticket_no_id_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ AssertIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_session_ticket_no_id_ssl_ready(WOLFSSL* ssl)
+{
+ test_session_ticket_no_id_session->sessionIDSz = 0;
+ AssertIntEQ(WOLFSSL_SUCCESS,
+ wolfSSL_set_session(ssl, test_session_ticket_no_id_session));
+}
+
+static int test_session_ticket_no_id(void)
+{
+ /* We are testing an expired (invalid crypto context in out case since the
+ * ctx changes) session ticket being sent with the session ID being 0
+ * length. */
+ EXPECT_DECLS;
+ callback_functions func_cb_client;
+ callback_functions func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+ func_cb_client.method = wolfTLSv1_2_client_method;
+ func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready;
+ func_cb_client.on_result = test_session_ticket_no_id_on_result;
+ func_cb_server.method = wolfTLSv1_2_server_method;
+ func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+ XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+ func_cb_client.method = wolfTLSv1_2_client_method;
+ func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready;
+ func_cb_client.ssl_ready = test_session_ticket_no_id_ssl_ready;
+ func_cb_server.method = wolfTLSv1_2_server_method;
+ func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ wolfSSL_SESSION_free(test_session_ticket_no_id_session);
+
+ return EXPECT_RESULT();
+}
+#else
+static int test_session_ticket_no_id(void)
+{
+ EXPECT_DECLS;
+ return EXPECT_RESULT();
+}
+#endif
+
+static int test_session_ticket_hs_update(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+ defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
+ struct test_memio_ctx test_ctx;
+ struct test_memio_ctx test_ctx2;
+ struct test_memio_ctx test_ctx3;
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_c2 = NULL;
+ WOLFSSL *ssl_c3 = NULL;
+ WOLFSSL *ssl_s = NULL;
+ WOLFSSL *ssl_s2 = NULL;
+ WOLFSSL *ssl_s3 = NULL;
+ WOLFSSL_SESSION *sess = NULL;
+ byte read_data[1];
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ XMEMSET(&test_ctx2, 0, sizeof(test_ctx2));
+ XMEMSET(&test_ctx3, 0, sizeof(test_ctx3));
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
+
+ /* Generate tickets */
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+ wolfSSL_SetLoggingPrefix("client");
+ /* Read the ticket msg */
+ ExpectIntEQ(wolfSSL_read(ssl_c, read_data, sizeof(read_data)),
+ WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ wolfSSL_SetLoggingPrefix(NULL);
+
+ ExpectIntEQ(test_memio_setup(&test_ctx2, &ctx_c, &ctx_s, &ssl_c2, &ssl_s2,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
+ ExpectIntEQ(test_memio_setup(&test_ctx3, &ctx_c, &ctx_s, &ssl_c3, &ssl_s3,
+ wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
+
+ ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
+ ExpectIntEQ(wolfSSL_set_session(ssl_c2, sess), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_set_session(ssl_c3, sess), WOLFSSL_SUCCESS);
+
+ wolfSSL_SetLoggingPrefix("client");
+ /* Exchange initial flights for the second connection */
+ ExpectIntEQ(wolfSSL_connect(ssl_c2), WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c2, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ wolfSSL_SetLoggingPrefix(NULL);
+ wolfSSL_SetLoggingPrefix("server");
+ ExpectIntEQ(wolfSSL_accept(ssl_s2), WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s2, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ wolfSSL_SetLoggingPrefix(NULL);
+
+ /* Complete third connection so that new tickets are exchanged */
+ ExpectIntEQ(test_memio_do_handshake(ssl_c3, ssl_s3, 10, NULL), 0);
+ /* Read the ticket msg */
+ wolfSSL_SetLoggingPrefix("client");
+ ExpectIntEQ(wolfSSL_read(ssl_c3, read_data, sizeof(read_data)),
+ WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c3, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+ wolfSSL_SetLoggingPrefix(NULL);
+
+ /* Complete second connection */
+ ExpectIntEQ(test_memio_do_handshake(ssl_c2, ssl_s2, 10, NULL), 0);
+
+ ExpectIntEQ(wolfSSL_session_reused(ssl_c2), 1);
+ ExpectIntEQ(wolfSSL_session_reused(ssl_c3), 1);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_c2);
+ wolfSSL_free(ssl_c3);
+ wolfSSL_free(ssl_s);
+ wolfSSL_free(ssl_s2);
+ wolfSSL_free(ssl_s3);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+ wolfSSL_SESSION_free(sess);
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
+static void test_dtls_downgrade_scr_server_ctx_ready_server(WOLFSSL_CTX* ctx)
+{
+ AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
+ WOLFSSL_SUCCESS);
+ AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_dtls_downgrade_scr_server_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_dtls_downgrade_scr_server_on_result(WOLFSSL* ssl)
+{
+ char testMsg[] = "Message after SCR";
+ char msgBuf[sizeof(testMsg)];
+ if (wolfSSL_is_server(ssl)) {
+ AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR);
+ AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY);
+ AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+ AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
+ AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+ sizeof(testMsg));
+ }
+ else {
+ AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+ sizeof(testMsg));
+ AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+ }
+}
+
+static int test_dtls_downgrade_scr_server(void)
+{
+ EXPECT_DECLS;
+ callback_functions func_cb_client;
+ callback_functions func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+ func_cb_client.doUdp = func_cb_server.doUdp = 1;
+ func_cb_client.method = wolfDTLSv1_2_client_method;
+ func_cb_server.method = wolfDTLS_server_method;
+ func_cb_client.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready;
+ func_cb_server.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready_server;
+ func_cb_client.on_result = test_dtls_downgrade_scr_server_on_result;
+ func_cb_server.on_result = test_dtls_downgrade_scr_server_on_result;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ return EXPECT_RESULT();
+}
+#else
+static int test_dtls_downgrade_scr_server(void)
+{
+ EXPECT_DECLS;
+ return EXPECT_RESULT();
+}
+#endif
+
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
+static void test_dtls_downgrade_scr_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
+ WOLFSSL_SUCCESS);
+ AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_dtls_downgrade_scr_on_result(WOLFSSL* ssl)
+{
+ char testMsg[] = "Message after SCR";
+ char msgBuf[sizeof(testMsg)];
+ if (wolfSSL_is_server(ssl)) {
+ AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR);
+ AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY);
+ AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+ AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
+ AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+ sizeof(testMsg));
+ }
+ else {
+ AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+ sizeof(testMsg));
+ AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+ }
+}
+
+static int test_dtls_downgrade_scr(void)
+{
+ EXPECT_DECLS;
+ callback_functions func_cb_client;
+ callback_functions func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+ func_cb_client.doUdp = func_cb_server.doUdp = 1;
+ func_cb_client.method = wolfDTLS_client_method;
+ func_cb_server.method = wolfDTLSv1_2_server_method;
+ func_cb_client.ctx_ready = test_dtls_downgrade_scr_ctx_ready;
+ func_cb_client.on_result = test_dtls_downgrade_scr_on_result;
+ func_cb_server.on_result = test_dtls_downgrade_scr_on_result;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+ return EXPECT_RESULT();
+}
+#else
+static int test_dtls_downgrade_scr(void)
+{
+ EXPECT_DECLS;
+ return EXPECT_RESULT();
+}
+#endif
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+ && !defined(WOLFSSL_NO_TLS12)
+
+static int test_dtls_client_hello_timeout_downgrade_read_cb(WOLFSSL *ssl,
+ char *data, int sz, void *ctx)
+{
+ static int call_counter = 0;
+ call_counter++;
+ (void)ssl;
+ (void)data;
+ (void)sz;
+ (void)ctx;
+ switch (call_counter) {
+ case 1:
+ case 2:
+ return WOLFSSL_CBIO_ERR_TIMEOUT;
+ case 3:
+ return WOLFSSL_CBIO_ERR_WANT_READ;
+ default:
+ AssertIntLE(call_counter, 3);
+ return -1;
+ }
+}
+#endif
+
+/* Make sure we don't send acks before getting a server hello */
+static int test_dtls_client_hello_timeout_downgrade(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+ && !defined(WOLFSSL_NO_TLS12)
+
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ DtlsRecordLayerHeader* dtlsRH;
+ size_t len;
+ byte sequence_number[8];
+ int i;
+
+ for (i = 0; i < 2; i++) {
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLS_client_method, wolfDTLSv1_2_server_method), 0);
+
+ if (i == 0) {
+ /* First time simulate timeout in IO layer */
+ /* CH1 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* HVR */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* CH2 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* SH flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Drop the SH */
+ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff);
+ len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+ XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
+ sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
+ (sizeof(DtlsRecordLayerHeader) + len));
+ test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
+ /* Read the remainder of the flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ wolfSSL_SSLSetIORecv(ssl_c,
+ test_dtls_client_hello_timeout_downgrade_read_cb);
+ /* CH3 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ wolfSSL_SSLSetIORecv(ssl_c, test_memio_read_cb);
+ }
+ else {
+ /* Second time call wolfSSL_dtls_got_timeout */
+ /* CH1 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* HVR */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* CH2 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* SH flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Drop the SH */
+ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff);
+ len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+ XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
+ sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
+ (sizeof(DtlsRecordLayerHeader) + len));
+ test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
+ /* Read the remainder of the flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Quick timeout should be set as we received at least one msg */
+ ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 1);
+ ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+ /* Quick timeout should be cleared after a quick timeout */
+ /* CH3 */
+ ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 0);
+ ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+ }
+
+ /* Parse out to make sure we got exactly one ClientHello message */
+ XMEMSET(&sequence_number, 0, sizeof(sequence_number));
+ /* Second ClientHello after HVR */
+ sequence_number[7] = 2;
+ dtlsRH = (DtlsRecordLayerHeader*)test_ctx.s_buff;
+ ExpectIntEQ(dtlsRH->type, handshake);
+ ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+ ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+ ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+ sizeof(sequence_number)), 0);
+ len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+ ExpectIntEQ(sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
+
+ /* Connection should be able to continue */
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = NULL;
+ ssl_s = NULL;
+ ctx_c = NULL;
+ ctx_s = NULL;
+ if (!EXPECT_SUCCESS())
+ break;
+ }
+
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+static int test_dtls_client_hello_timeout_read_cb(WOLFSSL *ssl, char *data,
+ int sz, void *ctx)
+{
+ static int call_counter = 0;
+ call_counter++;
+ (void)ssl;
+ (void)data;
+ (void)sz;
+ (void)ctx;
+ switch (call_counter) {
+ case 1:
+ return WOLFSSL_CBIO_ERR_TIMEOUT;
+ case 2:
+ return WOLFSSL_CBIO_ERR_WANT_READ;
+ default:
+ AssertIntLE(call_counter, 2);
+ return -1;
+ }
}
+#endif
+
+/* Make sure we don't send acks before getting a server hello */
+static int test_dtls_client_hello_timeout(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL_CTX *ctx_c = NULL;
+ struct test_memio_ctx test_ctx;
+ DtlsRecordLayerHeader* dtlsRH;
+ size_t idx;
+ size_t len;
+ byte sequence_number[8];
+ int i;
+
+ for (i = 0; i < 2; i++) {
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
+ wolfDTLSv1_3_client_method, NULL), 0);
+
+ if (i == 0) {
+ /* First time simulate timeout in IO layer */
+ wolfSSL_SSLSetIORecv(ssl_c, test_dtls_client_hello_timeout_read_cb);
+ ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ }
+ else {
+ /* Second time call wolfSSL_dtls_got_timeout */
+ ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+ }
+
+ /* Parse out to make sure we got exactly two ClientHello messages */
+ idx = 0;
+ XMEMSET(&sequence_number, 0, sizeof(sequence_number));
+ /* First ClientHello */
+ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx);
+ ExpectIntEQ(dtlsRH->type, handshake);
+ ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+ ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+ ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+ sizeof(sequence_number)), 0);
+ len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+ ExpectIntLT(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
+ idx += sizeof(DtlsRecordLayerHeader) + len;
+ /* Second ClientHello */
+ sequence_number[7] = 1;
+ dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx);
+ ExpectIntEQ(dtlsRH->type, handshake);
+ ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+ ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+ ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+ sizeof(sequence_number)), 0);
+ len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+ ExpectIntEQ(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_CTX_free(ctx_c);
+ ssl_c = NULL;
+ ctx_c = NULL;
+ if (!EXPECT_SUCCESS())
+ break;
+ }
+
+#endif
+ return EXPECT_RESULT();
+}
+
+/* DTLS test when dropping the changed cipher spec message */
+static int test_dtls_dropped_ccs(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
+ && !defined(WOLFSSL_NO_TLS12)
+
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ DtlsRecordLayerHeader* dtlsRH;
+ size_t len;
+ byte data[1];
+
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+
+ /* CH1 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* HVR */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* CH2 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Server first flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Client flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Server ccs + finished */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), 1);
+
+ /* Drop the ccs */
+ dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff;
+ len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+ ExpectIntEQ(len, 1);
+ ExpectIntEQ(dtlsRH->type, change_cipher_spec);
+ if (EXPECT_SUCCESS()) {
+ XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
+ sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
+ (sizeof(DtlsRecordLayerHeader) + len));
+ }
+ test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
+
+ /* Client rtx flight */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+ /* Server ccs + finished rtx */
+ ExpectIntEQ(wolfSSL_read(ssl_s, data, sizeof(data)), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Client processes finished */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), 1);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+#endif
+ return EXPECT_RESULT();
+}
+/**
+ * Make sure we don't send RSA Signature Hash Algorithms in the
+ * CertificateRequest when we don't have any such ciphers set.
+ * @return EXPECT_RESULT()
+ */
+static int test_certreq_sighash_algos(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
+ !defined(WOLFSSL_MAX_STRENGTH) && defined(HAVE_ECC) && \
+ defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
+ defined(HAVE_AES_CBC) && !defined(WOLFSSL_NO_TLS12)
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ int idx = 0;
+ int maxIdx = 0;
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ test_ctx.c_ciphers = test_ctx.s_ciphers =
+ "ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA384";
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
+
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx_c,
+ "./certs/ca-ecc-cert.pem", NULL), WOLFSSL_SUCCESS);
+
+ wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_PEER, NULL);
+ ExpectIntEQ(wolfSSL_use_PrivateKey_file(ssl_s, "./certs/ecc-key.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_use_certificate_file(ssl_s, "./certs/server-ecc.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+
+ ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_FATAL_ERROR);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
+ WOLFSSL_ERROR_WANT_READ);
+
+ /* Find the CertificateRequest message */
+ for (idx = 0; idx < test_ctx.c_len && EXPECT_SUCCESS();) {
+ word16 len;
+ ExpectIntEQ(test_ctx.c_buff[idx++], handshake);
+ ExpectIntEQ(test_ctx.c_buff[idx++], SSLv3_MAJOR);
+ ExpectIntEQ(test_ctx.c_buff[idx++], TLSv1_2_MINOR);
+ ato16(test_ctx.c_buff + idx, &len);
+ idx += OPAQUE16_LEN;
+ if (test_ctx.c_buff[idx] == certificate_request) {
+ idx++;
+ /* length */
+ idx += OPAQUE24_LEN;
+ /* cert types */
+ idx += 1 + test_ctx.c_buff[idx];
+ /* Sig algos */
+ ato16(test_ctx.c_buff + idx, &len);
+ idx += OPAQUE16_LEN;
+ maxIdx = idx + (int)len;
+ for (; idx < maxIdx && EXPECT_SUCCESS(); idx += OPAQUE16_LEN) {
+ if (test_ctx.c_buff[idx+1] == ED25519_SA_MINOR ||
+ test_ctx.c_buff[idx+1] == ED448_SA_MINOR)
+ ExpectIntEQ(test_ctx.c_buff[idx], NEW_SA_MAJOR);
+ else
+ ExpectIntEQ(test_ctx.c_buff[idx+1], ecc_dsa_sa_algo);
+ }
+ break;
+ }
+ else {
+ idx += (int)len;
+ }
+ }
+ ExpectIntLT(idx, test_ctx.c_len);
+
+
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+static int test_revoked_loaded_int_cert_ctx_ready1(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
+ myVerifyAction = VERIFY_USE_PREVERFIY;
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+ "./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+ "./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+ "./certs/crl/extra-crls/ca-int-cert-revoked.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+ "./certs/crl/ca-int.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
+}
+
+static int test_revoked_loaded_int_cert_ctx_ready2(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
+ myVerifyAction = VERIFY_USE_PREVERFIY;
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+ "./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+ "./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+ "./certs/intermediate/ca-int2-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+ "./certs/crl/ca-int2.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+ "./certs/crl/extra-crls/ca-int-cert-revoked.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+ "./certs/crl/ca-int.pem",
+ WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+ return EXPECT_RESULT();
+}
+#endif
+
+static int test_revoked_loaded_int_cert(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+ test_ssl_cbf client_cbf;
+ test_ssl_cbf server_cbf;
+ struct {
+ const char* certPemFile;
+ const char* keyPemFile;
+ ctx_cb client_ctx_ready;
+ } test_params[] = {
+ {"./certs/intermediate/ca-int2-cert.pem",
+ "./certs/intermediate/ca-int2-key.pem",
+ test_revoked_loaded_int_cert_ctx_ready1},
+ {"./certs/intermediate/server-chain.pem",
+ "./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2},
+ {"./certs/intermediate/server-chain-short.pem",
+ "./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2},
+ };
+ size_t i;
+
+ printf("\n");
+
+ for (i = 0; i < XELEM_CNT(test_params); i++) {
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+
+ printf("\tTesting with %s...\n", test_params[i].certPemFile);
+
+ server_cbf.certPemFile = test_params[i].certPemFile;
+ server_cbf.keyPemFile = test_params[i].keyPemFile;
+
+ client_cbf.ctx_ready = test_params[i].client_ctx_ready;
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+ &server_cbf, NULL), TEST_FAIL);
+#ifndef WOLFSSL_HAPROXY
+ ExpectIntEQ(client_cbf.last_err, CRL_CERT_REVOKED);
+#else
+ ExpectIntEQ(client_cbf.last_err, WOLFSSL_X509_V_ERR_CERT_REVOKED);
+#endif
+ ExpectIntEQ(server_cbf.last_err, FATAL_ERROR);
+
+ if (!EXPECT_SUCCESS())
+ break;
+ printf("\t%s passed\n", test_params[i].certPemFile);
+ }
+
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_dtls13_frag_ch_pq(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+ && defined(WOLFSSL_DTLS_CH_FRAG) && defined(HAVE_LIBOQS)
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ const char *test_str = "test";
+ int test_str_size;
+ byte buf[255];
+ int group = WOLFSSL_KYBER_LEVEL5;
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+ /* Add in a large post-quantum key share to make the CH long. */
+ ExpectIntEQ(wolfSSL_set_groups(ssl_c, &group, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, group), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS);
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+ ExpectStrEQ(wolfSSL_get_curve_name(ssl_c), "KYBER_LEVEL5");
+ ExpectStrEQ(wolfSSL_get_curve_name(ssl_s), "KYBER_LEVEL5");
+ test_str_size = XSTRLEN("test") + 1;
+ ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
+ ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size);
+ ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0);
+ ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
+ && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
+static int test_dtls_frag_ch_count_records(byte* b, int len)
+{
+ DtlsRecordLayerHeader* dtlsRH;
+ int records = 0;
+ size_t recordLen;
+ while (len > 0) {
+ records++;
+ dtlsRH = (DtlsRecordLayerHeader*)b;
+ recordLen = (dtlsRH->length[0] << 8) | dtlsRH->length[1];
+ b += sizeof(DtlsRecordLayerHeader) + recordLen;
+ len -= sizeof(DtlsRecordLayerHeader) + recordLen;
+ }
+ return records;
+}
+#endif
+
+static int test_dtls_frag_ch(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+ && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
+ WOLFSSL_CTX *ctx_c = NULL;
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ static unsigned int DUMMY_MTU = 256;
+ unsigned char four_frag_CH[] = {
+ 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xce, 0xfe, 0xfd, 0xf3, 0x94, 0x01, 0x33, 0x2c, 0xcf, 0x2c, 0x47, 0xb1,
+ 0xe5, 0xa1, 0x7b, 0x19, 0x3e, 0xac, 0x68, 0xdd, 0xe6, 0x17, 0x6b, 0x85,
+ 0xad, 0x5f, 0xfc, 0x7f, 0x6e, 0xf0, 0xb9, 0xe0, 0x2e, 0xca, 0x47, 0x00,
+ 0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
+ 0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
+ 0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
+ 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
+ 0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x02,
+ 0x7c, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20,
+ 0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06,
+ 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01,
+ 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x0c,
+ 0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00,
+ 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x02, 0x39, 0x02, 0x37, 0x00, 0x17,
+ 0x00, 0x41, 0x04, 0x94, 0xdf, 0x36, 0xd7, 0xb3, 0x90, 0x6d, 0x01, 0xa1,
+ 0xe6, 0xed, 0x67, 0xf4, 0xd9, 0x9d, 0x2c, 0xac, 0x57, 0x74, 0xff, 0x19,
+ 0xbe, 0x5a, 0xc9, 0x30, 0x11, 0xb7, 0x2b, 0x59, 0x47, 0x80, 0x7c, 0xa9,
+ 0xb7, 0x31, 0x8c, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x01, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00,
+ 0xce, 0x00, 0x00, 0xce, 0x9e, 0x13, 0x74, 0x3b, 0x86, 0xba, 0x69, 0x1f,
+ 0x12, 0xf7, 0xcd, 0x78, 0x53, 0xe8, 0x50, 0x4d, 0x71, 0x3f, 0x4b, 0x4e,
+ 0xeb, 0x3e, 0xe5, 0x43, 0x54, 0x78, 0x17, 0x6d, 0x00, 0x18, 0x00, 0x61,
+ 0x04, 0xd1, 0x99, 0x66, 0x4f, 0xda, 0xc7, 0x12, 0x3b, 0xff, 0xb2, 0xd6,
+ 0x2f, 0x35, 0xb6, 0x17, 0x1f, 0xb3, 0xd0, 0xb6, 0x52, 0xff, 0x97, 0x8b,
+ 0x01, 0xe8, 0xd9, 0x68, 0x71, 0x40, 0x02, 0xd5, 0x68, 0x3a, 0x58, 0xb2,
+ 0x5d, 0xee, 0xa4, 0xe9, 0x5f, 0xf4, 0xaf, 0x3e, 0x30, 0x9c, 0x3e, 0x2b,
+ 0xda, 0x61, 0x43, 0x99, 0x02, 0x35, 0x33, 0x9f, 0xcf, 0xb5, 0xd3, 0x28,
+ 0x19, 0x9d, 0x1c, 0xbe, 0x69, 0x07, 0x9e, 0xfc, 0xe4, 0x8e, 0xcd, 0x86,
+ 0x4a, 0x1b, 0xf0, 0xfc, 0x17, 0x94, 0x66, 0x53, 0xda, 0x24, 0x5e, 0xaf,
+ 0xce, 0xec, 0x62, 0x4c, 0x06, 0xb4, 0x52, 0x94, 0xb1, 0x4a, 0x7a, 0x8c,
+ 0x4f, 0x00, 0x19, 0x00, 0x85, 0x04, 0x00, 0x27, 0xeb, 0x99, 0x49, 0x7f,
+ 0xcb, 0x2c, 0x46, 0x54, 0x2d, 0x93, 0x5d, 0x25, 0x92, 0x58, 0x5e, 0x06,
+ 0xc3, 0x7c, 0xfb, 0x9a, 0xa7, 0xec, 0xcd, 0x9f, 0xe1, 0x6b, 0x2d, 0x78,
+ 0xf5, 0x16, 0xa9, 0x20, 0x52, 0x48, 0x19, 0x0f, 0x1a, 0xd0, 0xce, 0xd8,
+ 0x68, 0xb1, 0x4e, 0x7f, 0x33, 0x03, 0x7d, 0x0c, 0x39, 0xdb, 0x9c, 0x4b,
+ 0xf4, 0xe7, 0xc2, 0xf5, 0xdd, 0x51, 0x9b, 0x03, 0xa8, 0x53, 0x2b, 0xe6,
+ 0x00, 0x15, 0x4b, 0xff, 0xd2, 0xa0, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00,
+ 0x00, 0x00, 0x01, 0x9c, 0x00, 0x00, 0xce, 0x58, 0x30, 0x10, 0x3d, 0x46,
+ 0xcc, 0xca, 0x1a, 0x44, 0xc8, 0x58, 0x9b, 0x27, 0x17, 0x67, 0x31, 0x96,
+ 0x8a, 0x66, 0x39, 0xf4, 0xcc, 0xc1, 0x9f, 0x12, 0x1f, 0x01, 0x30, 0x50,
+ 0x16, 0xd6, 0x89, 0x97, 0xa3, 0x66, 0xd7, 0x99, 0x50, 0x09, 0x6e, 0x80,
+ 0x87, 0xe4, 0xa2, 0x88, 0xae, 0xb4, 0x23, 0x57, 0x2f, 0x12, 0x60, 0xe7,
+ 0x7d, 0x44, 0x2d, 0xad, 0xbe, 0xe9, 0x0d, 0x01, 0x00, 0x01, 0x00, 0xd5,
+ 0xdd, 0x62, 0xee, 0xf3, 0x0e, 0xd9, 0x30, 0x0e, 0x38, 0xf3, 0x48, 0xf4,
+ 0xc9, 0x8f, 0x8c, 0x20, 0xf7, 0xd3, 0xa8, 0xb3, 0x87, 0x3c, 0x98, 0x5d,
+ 0x70, 0xc5, 0x03, 0x76, 0xb7, 0xd5, 0x0b, 0x7b, 0x23, 0x97, 0x6b, 0xe3,
+ 0xb5, 0x18, 0xeb, 0x64, 0x55, 0x18, 0xb2, 0x8a, 0x90, 0x1a, 0x8f, 0x0e,
+ 0x15, 0xda, 0xb1, 0x8e, 0x7f, 0xee, 0x1f, 0xe0, 0x3b, 0xb9, 0xed, 0xfc,
+ 0x4e, 0x3f, 0x78, 0x16, 0x39, 0x95, 0x5f, 0xb7, 0xcb, 0x65, 0x55, 0x72,
+ 0x7b, 0x7d, 0x86, 0x2f, 0x8a, 0xe5, 0xee, 0xf7, 0x57, 0x40, 0xf3, 0xc4,
+ 0x96, 0x4f, 0x11, 0x4d, 0x85, 0xf9, 0x56, 0xfa, 0x3d, 0xf0, 0xc9, 0xa4,
+ 0xec, 0x1e, 0xaa, 0x47, 0x90, 0x53, 0xdf, 0xe1, 0xb7, 0x78, 0x18, 0xeb,
+ 0xdd, 0x0d, 0x89, 0xb7, 0xf6, 0x15, 0x0e, 0x55, 0x12, 0xb3, 0x23, 0x17,
+ 0x0b, 0x59, 0x6f, 0x83, 0x05, 0x6b, 0xa6, 0xf8, 0x6c, 0x3a, 0x9b, 0x1b,
+ 0x50, 0x93, 0x51, 0xea, 0x95, 0x2d, 0x99, 0x96, 0x38, 0x16, 0xfe, 0xfd,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x7e, 0x01, 0x00,
+ 0x02, 0xdc, 0x00, 0x00, 0x00, 0x02, 0x6a, 0x00, 0x00, 0x72, 0x2d, 0x66,
+ 0x3e, 0xf2, 0x36, 0x5a, 0xf2, 0x23, 0x8f, 0x28, 0x09, 0xa9, 0x55, 0x8c,
+ 0x8f, 0xc0, 0x0d, 0x61, 0x98, 0x33, 0x56, 0x87, 0x7a, 0xfd, 0xa7, 0x50,
+ 0x71, 0x84, 0x2e, 0x41, 0x58, 0x00, 0x87, 0xd9, 0x27, 0xe5, 0x7b, 0xf4,
+ 0x6d, 0x84, 0x4e, 0x2e, 0x0c, 0x80, 0x0c, 0xf3, 0x8a, 0x02, 0x4b, 0x99,
+ 0x3a, 0x1f, 0x9f, 0x18, 0x7d, 0x1c, 0xec, 0xad, 0x60, 0x54, 0xa6, 0xa3,
+ 0x2c, 0x82, 0x5e, 0xf8, 0x8f, 0xae, 0xe1, 0xc4, 0x82, 0x7e, 0x43, 0x43,
+ 0xc5, 0x99, 0x49, 0x05, 0xd3, 0xf6, 0xdf, 0xa1, 0xb5, 0x2d, 0x0c, 0x13,
+ 0x2f, 0x1e, 0xb6, 0x28, 0x7c, 0x5c, 0xa1, 0x02, 0x6b, 0x8d, 0xa3, 0xeb,
+ 0xd4, 0x58, 0xe6, 0xa0, 0x7e, 0x6b, 0xaa, 0x09, 0x43, 0x67, 0x71, 0x87,
+ 0xa5, 0xcb, 0x68, 0xf3
+ };
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+
+ /* Fragment msgs */
+ ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_c, DUMMY_MTU), WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_s, DUMMY_MTU), WOLFSSL_SUCCESS);
+
+ /* Add in some key shares to make the CH long */
+ ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP256R1),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP384R1),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP521R1),
+ WOLFSSL_SUCCESS);
+ ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_FFDHE_2048),
+ WOLFSSL_SUCCESS);
+
+ ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS);
+
+ /* Reject fragmented first CH */
+ ExpectIntEQ(test_dtls_frag_ch_count_records(four_frag_CH,
+ sizeof(four_frag_CH)), 4);
+ XMEMCPY(test_ctx.s_buff, four_frag_CH, sizeof(four_frag_CH));
+ test_ctx.s_len = sizeof(four_frag_CH);
+ while (test_ctx.s_len > 0 && EXPECT_SUCCESS()) {
+ int s_len = test_ctx.s_len;
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Fail if we didn't advance the buffer to avoid infinite loops */
+ ExpectIntLT(test_ctx.s_len, s_len);
+ }
+ /* Expect all fragments read */
+ ExpectIntEQ(test_ctx.s_len, 0);
+ /* Expect quietly dropping fragmented first CH */
+ ExpectIntEQ(test_ctx.c_len, 0);
+
+ /* CH1 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Count records. Expect 1 unfragmented CH */
+ ExpectIntEQ(test_dtls_frag_ch_count_records(test_ctx.s_buff,
+ test_ctx.s_len), 1);
+ /* HRR */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* CH2 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Count records. Expect fragmented CH */
+ ExpectIntGT(test_dtls_frag_ch_count_records(test_ctx.s_buff,
+ test_ctx.s_len), 1);
+
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+ ssl_c = ssl_s = NULL;
+ ctx_c = ctx_s = NULL;
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_dtls_empty_keyshare_with_cookie(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+ WOLFSSL_CTX *ctx_s = NULL;
+ WOLFSSL *ssl_s = NULL;
+ struct test_memio_ctx test_ctx;
+ unsigned char ch_empty_keyshare_with_cookie[] = {
+ 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01,
+ 0x12, 0x01, 0x00, 0x01, 0x06, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01,
+ 0x06, 0xfe, 0xfd, 0xfb, 0x8c, 0x9b, 0x28, 0xae, 0x50, 0x1c, 0x4d, 0xf3,
+ 0xb8, 0xcf, 0x4d, 0xd8, 0x7e, 0x93, 0x13, 0x7b, 0x9e, 0xd9, 0xeb, 0xe9,
+ 0x13, 0x4b, 0x0d, 0x7f, 0x2e, 0x43, 0x62, 0x8c, 0xe4, 0x57, 0x79, 0x00,
+ 0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
+ 0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
+ 0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
+ 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
+ 0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x00,
+ 0xa6, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x2c, 0x00, 0x47,
+ 0x00, 0x45, 0x20, 0xee, 0x4b, 0x17, 0x70, 0x63, 0xa0, 0x4c, 0x82, 0xbf,
+ 0x43, 0x01, 0x7d, 0x8d, 0xc1, 0x1b, 0x4e, 0x9b, 0xa0, 0x3c, 0x53, 0x1f,
+ 0xb7, 0xd1, 0x10, 0x81, 0xa8, 0xdf, 0xdf, 0x8c, 0x7f, 0xf3, 0x11, 0x13,
+ 0x01, 0x02, 0x3d, 0x3b, 0x7d, 0x14, 0x2c, 0x31, 0xb3, 0x60, 0x72, 0x4d,
+ 0xe5, 0x1a, 0xb2, 0xa3, 0x61, 0x77, 0x73, 0x03, 0x40, 0x0e, 0x5f, 0xc5,
+ 0x61, 0x38, 0x43, 0x56, 0x21, 0x4a, 0x95, 0xd5, 0x35, 0xa8, 0x0d, 0x00,
+ 0x0d, 0x00, 0x2a, 0x00, 0x28, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02,
+ 0x03, 0xfe, 0x0b, 0xfe, 0x0e, 0xfe, 0xa0, 0xfe, 0xa3, 0xfe, 0xa5, 0x08,
+ 0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06,
+ 0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00,
+ 0x18, 0x00, 0x16, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01,
+ 0x00, 0x02, 0x3a, 0x02, 0x3c, 0x02, 0x3d, 0x2f, 0x3a, 0x2f, 0x3c, 0x2f,
+ 0x3d, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x00, 0x02, 0x00, 0x00
+ };
+ DtlsRecordLayerHeader* dtlsRH;
+ byte sequence_number[8];
+
+ XMEMSET(&sequence_number, 0, sizeof(sequence_number));
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ XMEMCPY(test_ctx.s_buff, ch_empty_keyshare_with_cookie,
+ sizeof(ch_empty_keyshare_with_cookie));
+ test_ctx.s_len = sizeof(ch_empty_keyshare_with_cookie);
+ ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
+ NULL, wolfDTLSv1_3_server_method), 0);
+
+ /* CH1 */
+ ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Expect an alert. A plaintext alert should be exactly 15 bytes. */
+ ExpectIntEQ(test_ctx.c_len, 15);
+ dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff;
+ ExpectIntEQ(dtlsRH->type, alert);
+ ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+ ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+ sequence_number[7] = 1;
+ ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+ sizeof(sequence_number)), 0);
+ ExpectIntEQ(dtlsRH->length[0], 0);
+ ExpectIntEQ(dtlsRH->length[1], 2);
+ ExpectIntEQ(test_ctx.c_buff[13], alert_fatal);
+ ExpectIntEQ(test_ctx.c_buff[14], illegal_parameter);
+
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_s);
+#endif
+ return EXPECT_RESULT();
+}
+
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+ defined(HAVE_LIBOQS)
+static void test_tls13_pq_groups_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ int group = WOLFSSL_KYBER_LEVEL5;
+ AssertIntEQ(wolfSSL_CTX_set_groups(ctx, &group, 1), WOLFSSL_SUCCESS);
+}
+
+static void test_tls13_pq_groups_on_result(WOLFSSL* ssl)
+{
+ AssertStrEQ(wolfSSL_get_curve_name(ssl), "KYBER_LEVEL5");
+}
+#endif
+
+static int test_tls13_pq_groups(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+ defined(HAVE_LIBOQS)
+ callback_functions func_cb_client;
+ callback_functions func_cb_server;
+
+ XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+ XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+ func_cb_client.method = wolfTLSv1_3_client_method;
+ func_cb_server.method = wolfTLSv1_3_server_method;
+ func_cb_client.ctx_ready = test_tls13_pq_groups_ctx_ready;
+ func_cb_client.on_result = test_tls13_pq_groups_on_result;
+ func_cb_server.on_result = test_tls13_pq_groups_on_result;
+
+ test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+ ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+ ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+#endif
+ return EXPECT_RESULT();
+}
+
+static int test_dtls13_early_data(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) && \
+ defined(WOLFSSL_EARLY_DATA) && defined(HAVE_SESSION_TICKET)
+ struct test_memio_ctx test_ctx;
+ WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
+ WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+ WOLFSSL_SESSION *sess = NULL;
+ int written = 0;
+ int read = 0;
+ char msg[] = "This is early data";
+ char msg2[] = "This is client data";
+ char msg3[] = "This is server data";
+ char msg4[] = "This is server immediate data";
+ char msgBuf[50];
+
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+
+ /* Get a ticket so that we can do 0-RTT on the next connection */
+ ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+ ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
+
+ wolfSSL_free(ssl_c);
+ ssl_c = NULL;
+ wolfSSL_free(ssl_s);
+ ssl_s = NULL;
+ XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+ ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+ wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+ ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+ ExpectIntEQ(wolfSSL_dtls13_no_hrr_on_resume(ssl_s, 1), WOLFSSL_SUCCESS);
+#else
+ /* Let's test this but we generally don't recommend turning off the
+ * cookie exchange */
+ ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
+#endif
+
+ /* Test 0-RTT data */
+ ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg),
+ &written), sizeof(msg));
+ ExpectIntEQ(written, sizeof(msg));
+
+ ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
+ &read), sizeof(msg));
+ ExpectIntEQ(read, sizeof(msg));
+ ExpectStrEQ(msg, msgBuf);
+
+ /* Test 0.5-RTT data */
+ ExpectIntEQ(wolfSSL_write(ssl_s, msg4, sizeof(msg4)), sizeof(msg4));
+
+ ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), APP_DATA_READY);
+
+ ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg4));
+ ExpectStrEQ(msg4, msgBuf);
+
+ /* Complete handshake */
+ ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+ /* Use wolfSSL_is_init_finished to check if handshake is complete. Normally
+ * a user would loop until it is true but here we control both sides so we
+ * just assert the expected value. wolfSSL_read_early_data does not provide
+ * handshake status to us with non-blocking IO and we can't use
+ * wolfSSL_accept as TLS layer may return ZERO_RETURN due to early data
+ * parsing logic. */
+ ExpectFalse(wolfSSL_is_init_finished(ssl_s));
+ ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
+ &read), -1);
+ ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+
+ ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+
+ ExpectTrue(wolfSSL_is_init_finished(ssl_s));
+
+
+ /* Test bi-directional write */
+ ExpectIntEQ(wolfSSL_write(ssl_c, msg2, sizeof(msg2)), sizeof(msg2));
+ ExpectIntEQ(wolfSSL_read(ssl_s, msgBuf, sizeof(msgBuf)), sizeof(msg2));
+ ExpectStrEQ(msg2, msgBuf);
+ ExpectIntEQ(wolfSSL_write(ssl_s, msg3, sizeof(msg3)), sizeof(msg3));
+ ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg3));
+ ExpectStrEQ(msg3, msgBuf);
+
+ ExpectTrue(wolfSSL_session_reused(ssl_c));
+ ExpectTrue(wolfSSL_session_reused(ssl_s));
+
+ wolfSSL_SESSION_free(sess);
+ wolfSSL_free(ssl_c);
+ wolfSSL_free(ssl_s);
+ wolfSSL_CTX_free(ctx_c);
+ wolfSSL_CTX_free(ctx_s);
+#endif
+ return EXPECT_RESULT();
+}
+
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+static int test_self_signed_stapling_client_v1_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+ ExpectIntEQ(wolfSSL_CTX_UseOCSPStapling(ctx, WOLFSSL_CSR_OCSP,
+ WOLFSSL_CSR_OCSP_USE_NONCE), 1);
+ return EXPECT_RESULT();
+}
+#endif
+
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+static int test_self_signed_stapling_client_v2_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+ ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP,
+ WOLFSSL_CSR2_OCSP_USE_NONCE), 1);
+ return EXPECT_RESULT();
+}
+
+static int test_self_signed_stapling_client_v2_multi_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+ ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP_MULTI,
+ 0), 1);
+ return EXPECT_RESULT();
+}
+#endif
+
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+static int test_self_signed_stapling_server_ctx_ready(WOLFSSL_CTX* ctx)
+{
+ EXPECT_DECLS;
+ ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+ return EXPECT_RESULT();
+}
+#endif
+
+static int test_self_signed_stapling(void)
+{
+ EXPECT_DECLS;
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+ test_ssl_cbf client_cbf;
+ test_ssl_cbf server_cbf;
+ size_t i;
+ struct {
+ method_provider client_meth;
+ method_provider server_meth;
+ ctx_cb client_ctx;
+ const char* tls_version;
+ } params[] = {
+#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
+ { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+ test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_3 v1" },
+#endif
+#ifndef WOLFSSL_NO_TLS12
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+ { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+ test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_2 v1" },
+#endif
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+ { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+ test_self_signed_stapling_client_v2_ctx_ready, "TLSv1_2 v2" },
+ { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+ test_self_signed_stapling_client_v2_multi_ctx_ready,
+ "TLSv1_2 v2 multi" },
+#endif
+#endif
+ };
+
+ for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
+ XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+ XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+
+ printf("\nTesting self-signed cert with status request: %s\n",
+ params[i].tls_version);
+
+ client_cbf.method = params[i].client_meth;
+ client_cbf.ctx_ready = params[i].client_ctx;
+
+ server_cbf.method = params[i].server_meth;
+ server_cbf.certPemFile = "certs/ca-cert.pem";
+ server_cbf.keyPemFile = "certs/ca-key.pem";
+ server_cbf.ctx_ready = test_self_signed_stapling_server_ctx_ready;
+
+ ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+ &server_cbf, NULL), TEST_SUCCESS);
+ }
+#endif
+ return EXPECT_RESULT();
+}
+
/*----------------------------------------------------------------------------*
| Main
*----------------------------------------------------------------------------*/
@@ -66846,138 +68902,350 @@ int testAll = 1;
TEST_CASE testCases[] = {
TEST_DECL(test_fileAccess),
- TEST_DECL(test_wolfSSL_Init),
- TEST_DECL(test_wolfSSL_Method_Allocators),
-#ifndef NO_WOLFSSL_SERVER
- TEST_DECL(test_wolfSSL_CTX_new),
-#endif
- TEST_DECL(test_server_wolfSSL_new),
- TEST_DECL(test_client_wolfSSL_new),
-#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
- (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
- TEST_DECL(test_for_double_Free),
-#endif
-#ifdef HAVE_IO_TESTS_DEPENDENCIES
- TEST_DECL(test_wolfSSL_get_finished),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_CTX_add_session),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_CTX_add_session_ext),
-#endif
- TEST_DECL(test_SSL_CIPHER_get_xxx),
- TEST_DECL(test_wolfSSL_ERR_strings),
- TEST_DECL(test_wolfSSL_EVP_shake128),
- TEST_DECL(test_wolfSSL_EVP_shake256),
- TEST_DECL(test_EVP_blake2),
- TEST_DECL(test_EVP_MD_do_all),
- TEST_DECL(test_OBJ_NAME_do_all),
- TEST_DECL(test_wolfSSL_CTX_set_cipher_list_bytes),
- TEST_DECL(test_wolfSSL_CTX_use_certificate_file),
- TEST_DECL(test_wolfSSL_CTX_use_certificate_buffer),
- TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file),
- TEST_DECL(test_wolfSSL_CTX_load_verify_locations),
- /* Large number of memory allocations. */
- TEST_DECL(test_wolfSSL_CTX_load_system_CA_certs),
- TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse),
- TEST_DECL(test_wolfSSL_CheckOCSPResponse),
- TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer),
- TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer_ex),
- TEST_DECL(test_wolfSSL_CertManagerGetCerts),
- TEST_DECL(test_wolfSSL_CertManagerSetVerify),
- TEST_DECL(test_wolfSSL_CertManagerNameConstraint),
- TEST_DECL(test_wolfSSL_CertManagerNameConstraint2),
- TEST_DECL(test_wolfSSL_CertManagerNameConstraint3),
- TEST_DECL(test_wolfSSL_CertManagerNameConstraint4),
- TEST_DECL(test_wolfSSL_CertManagerNameConstraint5),
- TEST_DECL(test_wolfSSL_FPKI),
- TEST_DECL(test_wolfSSL_OtherName),
- TEST_DECL(test_wolfSSL_CertRsaPss),
- TEST_DECL(test_wolfSSL_CertManagerCRL),
- TEST_DECL(test_wolfSSL_CTX_load_verify_locations_ex),
- TEST_DECL(test_wolfSSL_CTX_load_verify_buffer_ex),
- TEST_DECL(test_wolfSSL_CTX_load_verify_chain_buffer_format),
- TEST_DECL(test_wolfSSL_CTX_add1_chain_cert),
- TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_file_format),
- TEST_DECL(test_wolfSSL_CTX_trust_peer_cert),
- TEST_DECL(test_wolfSSL_CTX_SetTmpDH_file),
- TEST_DECL(test_wolfSSL_CTX_SetTmpDH_buffer),
- TEST_DECL(test_wolfSSL_CTX_SetMinMaxDhKey_Sz),
- TEST_DECL(test_wolfSSL_CTX_der_load_verify_locations),
- TEST_DECL(test_wolfSSL_CTX_enable_disable),
- TEST_DECL(test_wolfSSL_CTX_ticket_API),
- TEST_DECL(test_wolfSSL_SetTmpDH_file),
- TEST_DECL(test_wolfSSL_SetTmpDH_buffer),
- TEST_DECL(test_wolfSSL_SetMinMaxDhKey_Sz),
- TEST_DECL(test_SetTmpEC_DHE_Sz),
- TEST_DECL(test_wolfSSL_CTX_get0_privatekey),
- TEST_DECL(test_wolfSSL_dtls_set_mtu),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_dtls_plaintext),
-#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
- defined(HAVE_IO_TESTS_DEPENDENCIES)
- TEST_DECL(test_wolfSSL_read_write),
- /* Can't memory test as server hangs if client fails before second connect.
- */
- TEST_DECL(test_wolfSSL_reuse_WOLFSSLobj),
- TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_1),
- TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_2),
- TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_3),
- TEST_DECL(test_wolfSSL_CTX_set_cipher_list),
- /* Can't memory test as server hangs. */
- TEST_DECL(test_wolfSSL_dtls_export),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_tls_export),
-#endif
- TEST_DECL(test_wolfSSL_SetMinVersion),
- TEST_DECL(test_wolfSSL_CTX_SetMinVersion),
+ /*********************************
+ * wolfcrypt
+ *********************************/
- /* TLS extensions tests */
-#ifdef HAVE_IO_TESTS_DEPENDENCIES
-#ifdef HAVE_SNI
- TEST_DECL(test_wolfSSL_UseSNI_params),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_UseSNI_connection),
- TEST_DECL(test_wolfSSL_SNI_GetFromBuffer),
-#endif /* HAVE_SNI */
-#endif
- TEST_DECL(test_wolfSSL_UseTrustedCA),
- TEST_DECL(test_wolfSSL_UseMaxFragment),
- TEST_DECL(test_wolfSSL_UseTruncatedHMAC),
- TEST_DECL(test_wolfSSL_UseSupportedCurve),
-#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_UseALPN_connection),
- TEST_DECL(test_wolfSSL_UseALPN_params),
+ TEST_DECL(test_ForceZero),
+
+ TEST_DECL(test_wolfCrypt_Init),
+
+ /* Locking with Compat Mutex */
+ TEST_DECL(test_wc_SetMutexCb),
+ TEST_DECL(test_wc_LockMutex_ex),
+
+ /* Digests */
+ TEST_DECL(test_wc_InitMd5),
+ TEST_DECL(test_wc_Md5Update),
+ TEST_DECL(test_wc_Md5Final),
+ TEST_DECL(test_wc_InitSha),
+ TEST_DECL(test_wc_ShaUpdate),
+ TEST_DECL(test_wc_ShaFinal),
+ TEST_DECL(test_wc_InitSha256),
+ TEST_DECL(test_wc_Sha256Update),
+ TEST_DECL(test_wc_Sha256Final),
+ TEST_DECL(test_wc_Sha256FinalRaw),
+ TEST_DECL(test_wc_Sha256GetFlags),
+ TEST_DECL(test_wc_Sha256Free),
+ TEST_DECL(test_wc_Sha256GetHash),
+ TEST_DECL(test_wc_Sha256Copy),
+
+ TEST_DECL(test_wc_InitSha224),
+ TEST_DECL(test_wc_Sha224Update),
+ TEST_DECL(test_wc_Sha224Final),
+ TEST_DECL(test_wc_Sha224SetFlags),
+ TEST_DECL(test_wc_Sha224GetFlags),
+ TEST_DECL(test_wc_Sha224Free),
+ TEST_DECL(test_wc_Sha224GetHash),
+ TEST_DECL(test_wc_Sha224Copy),
+
+ TEST_DECL(test_wc_InitSha512),
+ TEST_DECL(test_wc_Sha512Update),
+ TEST_DECL(test_wc_Sha512Final),
+ TEST_DECL(test_wc_Sha512GetFlags),
+ TEST_DECL(test_wc_Sha512FinalRaw),
+ TEST_DECL(test_wc_Sha512Free),
+ TEST_DECL(test_wc_Sha512GetHash),
+ TEST_DECL(test_wc_Sha512Copy),
+
+ TEST_DECL(test_wc_InitSha512_224),
+ TEST_DECL(test_wc_Sha512_224Update),
+ TEST_DECL(test_wc_Sha512_224Final),
+ TEST_DECL(test_wc_Sha512_224GetFlags),
+ TEST_DECL(test_wc_Sha512_224FinalRaw),
+ TEST_DECL(test_wc_Sha512_224Free),
+ TEST_DECL(test_wc_Sha512_224GetHash),
+ TEST_DECL(test_wc_Sha512_224Copy),
+ TEST_DECL(test_wc_InitSha512_256),
+ TEST_DECL(test_wc_Sha512_256Update),
+ TEST_DECL(test_wc_Sha512_256Final),
+ TEST_DECL(test_wc_Sha512_256GetFlags),
+ TEST_DECL(test_wc_Sha512_256FinalRaw),
+ TEST_DECL(test_wc_Sha512_256Free),
+ TEST_DECL(test_wc_Sha512_256GetHash),
+ TEST_DECL(test_wc_Sha512_256Copy),
+
+ TEST_DECL(test_wc_InitSha384),
+ TEST_DECL(test_wc_Sha384Update),
+ TEST_DECL(test_wc_Sha384Final),
+ TEST_DECL(test_wc_Sha384GetFlags),
+ TEST_DECL(test_wc_Sha384FinalRaw),
+ TEST_DECL(test_wc_Sha384Free),
+ TEST_DECL(test_wc_Sha384GetHash),
+ TEST_DECL(test_wc_Sha384Copy),
+
+ TEST_DECL(test_wc_InitBlake2b),
+ TEST_DECL(test_wc_InitBlake2b_WithKey),
+ TEST_DECL(test_wc_InitBlake2s_WithKey),
+ TEST_DECL(test_wc_InitRipeMd),
+ TEST_DECL(test_wc_RipeMdUpdate),
+ TEST_DECL(test_wc_RipeMdFinal),
+
+ TEST_DECL(test_wc_InitSha3),
+ TEST_DECL(testing_wc_Sha3_Update),
+ TEST_DECL(test_wc_Sha3_224_Final),
+ TEST_DECL(test_wc_Sha3_256_Final),
+ TEST_DECL(test_wc_Sha3_384_Final),
+ TEST_DECL(test_wc_Sha3_512_Final),
+ TEST_DECL(test_wc_Sha3_224_Copy),
+ TEST_DECL(test_wc_Sha3_256_Copy),
+ TEST_DECL(test_wc_Sha3_384_Copy),
+ TEST_DECL(test_wc_Sha3_512_Copy),
+ TEST_DECL(test_wc_Sha3_GetFlags),
+ TEST_DECL(test_wc_InitShake256),
+ TEST_DECL(testing_wc_Shake256_Update),
+ TEST_DECL(test_wc_Shake256_Final),
+ TEST_DECL(test_wc_Shake256_Copy),
+ TEST_DECL(test_wc_Shake256Hash),
+
+ /* SM3 Digest */
+ TEST_DECL(test_wc_InitSm3Free),
+ TEST_DECL(test_wc_Sm3UpdateFinal),
+ TEST_DECL(test_wc_Sm3GetHash),
+ TEST_DECL(test_wc_Sm3Copy),
+ TEST_DECL(test_wc_Sm3FinalRaw),
+ TEST_DECL(test_wc_Sm3GetSetFlags),
+ TEST_DECL(test_wc_Sm3Hash),
+
+ TEST_DECL(test_wc_HashInit),
+ TEST_DECL(test_wc_HashSetFlags),
+ TEST_DECL(test_wc_HashGetFlags),
+
+ /* HMAC */
+ TEST_DECL(test_wc_Md5HmacSetKey),
+ TEST_DECL(test_wc_Md5HmacUpdate),
+ TEST_DECL(test_wc_Md5HmacFinal),
+ TEST_DECL(test_wc_ShaHmacSetKey),
+ TEST_DECL(test_wc_ShaHmacUpdate),
+ TEST_DECL(test_wc_ShaHmacFinal),
+ TEST_DECL(test_wc_Sha224HmacSetKey),
+ TEST_DECL(test_wc_Sha224HmacUpdate),
+ TEST_DECL(test_wc_Sha224HmacFinal),
+ TEST_DECL(test_wc_Sha256HmacSetKey),
+ TEST_DECL(test_wc_Sha256HmacUpdate),
+ TEST_DECL(test_wc_Sha256HmacFinal),
+ TEST_DECL(test_wc_Sha384HmacSetKey),
+ TEST_DECL(test_wc_Sha384HmacUpdate),
+ TEST_DECL(test_wc_Sha384HmacFinal),
+
+ /* CMAC */
+ TEST_DECL(test_wc_InitCmac),
+ TEST_DECL(test_wc_CmacUpdate),
+ TEST_DECL(test_wc_CmacFinal),
+ TEST_DECL(test_wc_AesCmacGenerate),
+
+ /* Cipher */
+ TEST_DECL(test_wc_AesGcmStream),
+
+ TEST_DECL(test_wc_Des3_SetIV),
+ TEST_DECL(test_wc_Des3_SetKey),
+ TEST_DECL(test_wc_Des3_CbcEncryptDecrypt),
+ TEST_DECL(test_wc_Des3_CbcEncryptDecryptWithKey),
+ TEST_DECL(test_wc_Des3_EcbEncrypt),
+
+ TEST_DECL(test_wc_Chacha_SetKey),
+ TEST_DECL(test_wc_Chacha_Process),
+ TEST_DECL(test_wc_ChaCha20Poly1305_aead),
+ TEST_DECL(test_wc_Poly1305SetKey),
+
+ TEST_DECL(test_wc_CamelliaSetKey),
+ TEST_DECL(test_wc_CamelliaSetIV),
+ TEST_DECL(test_wc_CamelliaEncryptDecryptDirect),
+ TEST_DECL(test_wc_CamelliaCbcEncryptDecrypt),
+
+ TEST_DECL(test_wc_Arc4SetKey),
+ TEST_DECL(test_wc_Arc4Process),
+
+ TEST_DECL(test_wc_Rc2SetKey),
+ TEST_DECL(test_wc_Rc2SetIV),
+ TEST_DECL(test_wc_Rc2EcbEncryptDecrypt),
+ TEST_DECL(test_wc_Rc2CbcEncryptDecrypt),
+
+ /* AES cipher and GMAC. */
+ TEST_DECL(test_wc_AesSetKey),
+ TEST_DECL(test_wc_AesSetIV),
+ TEST_DECL(test_wc_AesCbcEncryptDecrypt),
+ TEST_DECL(test_wc_AesCtrEncryptDecrypt),
+ TEST_DECL(test_wc_AesGcmSetKey),
+ TEST_DECL(test_wc_AesGcmEncryptDecrypt),
+ TEST_DECL(test_wc_AesGcmMixedEncDecLongIV),
+ TEST_DECL(test_wc_GmacSetKey),
+ TEST_DECL(test_wc_GmacUpdate),
+ TEST_DECL(test_wc_AesCcmSetKey),
+ TEST_DECL(test_wc_AesCcmEncryptDecrypt),
+#if defined(WOLFSSL_AES_EAX) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+ TEST_DECL(test_wc_AesEaxVectors),
+ TEST_DECL(test_wc_AesEaxEncryptAuth),
+ TEST_DECL(test_wc_AesEaxDecryptAuth),
+#endif /* WOLFSSL_AES_EAX */
+
+ /* SM4 cipher */
+ TEST_DECL(test_wc_Sm4),
+ TEST_DECL(test_wc_Sm4Ecb),
+ TEST_DECL(test_wc_Sm4Cbc),
+ TEST_DECL(test_wc_Sm4Ctr),
+ TEST_DECL(test_wc_Sm4Gcm),
+ TEST_DECL(test_wc_Sm4Ccm),
+
+ /* RNG tests */
+#ifdef HAVE_HASHDRBG
+#ifdef TEST_RESEED_INTERVAL
+ TEST_DECL(test_wc_RNG_GenerateBlock_Reseed),
#endif
-#ifdef HAVE_ALPN_PROTOS_SUPPORT
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_set_alpn_protos),
+ TEST_DECL(test_wc_RNG_GenerateBlock),
#endif
- TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret),
- TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation),
- TEST_DECL(test_wolfSSL_SCR_Reconnect),
- TEST_DECL(test_tls_ext_duplicate),
-#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
- TEST_DECL(test_wolfSSL_Tls13_ECH_params),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_Tls13_ECH),
+ TEST_DECL(test_get_rand_digit),
+ TEST_DECL(test_wc_InitRngNonce),
+ TEST_DECL(test_wc_InitRngNonce_ex),
+
+ /* MP API tests */
+ TEST_DECL(test_get_digit_count),
+ TEST_DECL(test_mp_cond_copy),
+ TEST_DECL(test_mp_rand),
+ TEST_DECL(test_get_digit),
+ TEST_DECL(test_wc_export_int),
+
+ /* RSA */
+ TEST_DECL(test_wc_InitRsaKey),
+ TEST_DECL(test_wc_RsaPrivateKeyDecode),
+ TEST_DECL(test_wc_RsaPublicKeyDecode),
+ TEST_DECL(test_wc_RsaPublicKeyDecodeRaw),
+ TEST_DECL(test_wc_MakeRsaKey),
+ TEST_DECL(test_wc_CheckProbablePrime),
+ TEST_DECL(test_wc_RsaPSS_Verify),
+ TEST_DECL(test_wc_RsaPSS_VerifyCheck),
+ TEST_DECL(test_wc_RsaPSS_VerifyCheckInline),
+ TEST_DECL(test_wc_RsaKeyToDer),
+ TEST_DECL(test_wc_RsaKeyToPublicDer),
+ TEST_DECL(test_wc_RsaPublicEncryptDecrypt),
+ TEST_DECL(test_wc_RsaPublicEncryptDecrypt_ex),
+ TEST_DECL(test_wc_RsaEncryptSize),
+ TEST_DECL(test_wc_RsaSSL_SignVerify),
+ TEST_DECL(test_wc_RsaFlattenPublicKey),
+ TEST_DECL(test_RsaDecryptBoundsCheck),
+
+ /* DSA */
+ TEST_DECL(test_wc_InitDsaKey),
+ TEST_DECL(test_wc_DsaSignVerify),
+ TEST_DECL(test_wc_DsaPublicPrivateKeyDecode),
+ TEST_DECL(test_wc_MakeDsaKey),
+ TEST_DECL(test_wc_DsaKeyToDer),
+ TEST_DECL(test_wc_DsaKeyToPublicDer),
+ TEST_DECL(test_wc_DsaImportParamsRaw),
+ TEST_DECL(test_wc_DsaImportParamsRawCheck),
+ TEST_DECL(test_wc_DsaExportParamsRaw),
+ TEST_DECL(test_wc_DsaExportKeyRaw),
+
+ /* DH */
+ TEST_DECL(test_wc_DhPublicKeyDecode),
+
+ /* wolfCrypt ECC tests */
+ TEST_DECL(test_wc_ecc_get_curve_size_from_name),
+ TEST_DECL(test_wc_ecc_get_curve_id_from_name),
+ TEST_DECL(test_wc_ecc_get_curve_id_from_params),
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
+ !defined(HAVE_SELFTEST) && \
+ !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
+ TEST_DECL(test_wc_ecc_get_curve_id_from_dp_params),
#endif
+ TEST_DECL(test_wc_ecc_make_key),
+ TEST_DECL(test_wc_ecc_init),
+ TEST_DECL(test_wc_ecc_check_key),
+ TEST_DECL(test_wc_ecc_get_generator),
+ TEST_DECL(test_wc_ecc_size),
+ TEST_DECL(test_wc_ecc_params),
+ TEST_DECL(test_wc_ecc_signVerify_hash),
+ TEST_DECL(test_wc_ecc_shared_secret),
+ TEST_DECL(test_wc_ecc_export_x963),
+ TEST_DECL(test_wc_ecc_export_x963_ex),
+ TEST_DECL(test_wc_ecc_import_x963),
+ TEST_DECL(test_wc_ecc_import_private_key),
+ TEST_DECL(test_wc_ecc_export_private_only),
+ TEST_DECL(test_wc_ecc_rs_to_sig),
+ TEST_DECL(test_wc_ecc_import_raw),
+ TEST_DECL(test_wc_ecc_import_unsigned),
+ TEST_DECL(test_wc_ecc_sig_size),
+ TEST_DECL(test_wc_ecc_ctx_new),
+ TEST_DECL(test_wc_ecc_ctx_reset),
+ TEST_DECL(test_wc_ecc_ctx_set_peer_salt),
+ TEST_DECL(test_wc_ecc_ctx_set_info),
+ TEST_DECL(test_wc_ecc_encryptDecrypt),
+ TEST_DECL(test_wc_ecc_del_point),
+ TEST_DECL(test_wc_ecc_pointFns),
+ TEST_DECL(test_wc_ecc_shared_secret_ssh),
+ TEST_DECL(test_wc_ecc_verify_hash_ex),
+ TEST_DECL(test_wc_ecc_mulmod),
+ TEST_DECL(test_wc_ecc_is_valid_idx),
+ TEST_DECL(test_wc_ecc_get_curve_id_from_oid),
+ TEST_DECL(test_wc_ecc_sig_size_calc),
+ TEST_DECL(test_wc_EccPrivateKeyToDer),
- /* X509 tests */
- TEST_DECL(test_wolfSSL_X509_NAME_get_entry),
- TEST_DECL(test_wolfSSL_PKCS12),
- TEST_DECL(test_wolfSSL_no_password_cb),
- TEST_DECL(test_wolfSSL_PKCS8),
- TEST_DECL(test_wolfSSL_PKCS8_ED25519),
- TEST_DECL(test_wolfSSL_PKCS8_ED448),
- TEST_DECL(test_wolfSSL_PKCS5),
- TEST_DECL(test_wolfSSL_URI),
- TEST_DECL(test_wolfSSL_TBS),
- TEST_DECL(test_wolfSSL_X509_verify),
- TEST_DECL(test_wolfSSL_X509_TLS_version_test_1),
- TEST_DECL(test_wolfSSL_X509_TLS_version_test_2),
+ /* SM2 elliptic curve */
+ TEST_DECL(test_wc_ecc_sm2_make_key),
+ TEST_DECL(test_wc_ecc_sm2_shared_secret),
+ TEST_DECL(test_wc_ecc_sm2_create_digest),
+ TEST_DECL(test_wc_ecc_sm2_verify_hash_ex),
+ TEST_DECL(test_wc_ecc_sm2_verify_hash),
+ TEST_DECL(test_wc_ecc_sm2_sign_hash_ex),
+ TEST_DECL(test_wc_ecc_sm2_sign_hash),
+
+ /* Curve25519 */
+ TEST_DECL(test_wc_curve25519_init),
+ TEST_DECL(test_wc_curve25519_size),
+ TEST_DECL(test_wc_curve25519_export_key_raw),
+ TEST_DECL(test_wc_curve25519_export_key_raw_ex),
+ TEST_DECL(test_wc_curve25519_make_key),
+ TEST_DECL(test_wc_curve25519_shared_secret_ex),
+ TEST_DECL(test_wc_curve25519_make_pub),
+ TEST_DECL(test_wc_curve25519_export_public_ex),
+ TEST_DECL(test_wc_curve25519_export_private_raw_ex),
+ TEST_DECL(test_wc_curve25519_import_private_raw_ex),
+ TEST_DECL(test_wc_curve25519_import_private),
+
+ /* ED25519 */
+ TEST_DECL(test_wc_ed25519_make_key),
+ TEST_DECL(test_wc_ed25519_init),
+ TEST_DECL(test_wc_ed25519_sign_msg),
+ TEST_DECL(test_wc_ed25519_import_public),
+ TEST_DECL(test_wc_ed25519_import_private_key),
+ TEST_DECL(test_wc_ed25519_export),
+ TEST_DECL(test_wc_ed25519_size),
+ TEST_DECL(test_wc_ed25519_exportKey),
+ TEST_DECL(test_wc_Ed25519PublicKeyToDer),
+ TEST_DECL(test_wc_Ed25519KeyToDer),
+ TEST_DECL(test_wc_Ed25519PrivateKeyToDer),
+
+ /* Curve448 */
+ TEST_DECL(test_wc_curve448_make_key),
+ TEST_DECL(test_wc_curve448_shared_secret_ex),
+ TEST_DECL(test_wc_curve448_export_public_ex),
+ TEST_DECL(test_wc_curve448_export_private_raw_ex),
+ TEST_DECL(test_wc_curve448_export_key_raw),
+ TEST_DECL(test_wc_curve448_import_private_raw_ex),
+ TEST_DECL(test_wc_curve448_import_private),
+ TEST_DECL(test_wc_curve448_init),
+ TEST_DECL(test_wc_curve448_size),
+
+ /* Ed448 */
+ TEST_DECL(test_wc_ed448_make_key),
+ TEST_DECL(test_wc_ed448_init),
+ TEST_DECL(test_wc_ed448_sign_msg),
+ TEST_DECL(test_wc_ed448_import_public),
+ TEST_DECL(test_wc_ed448_import_private_key),
+ TEST_DECL(test_wc_ed448_export),
+ TEST_DECL(test_wc_ed448_size),
+ TEST_DECL(test_wc_ed448_exportKey),
+ TEST_DECL(test_wc_Ed448PublicKeyToDer),
+ TEST_DECL(test_wc_Ed448KeyToDer),
+ TEST_DECL(test_wc_Ed448PrivateKeyToDer),
+
+ /* Signature API */
+ TEST_DECL(test_wc_SignatureGetSize_ecc),
+ TEST_DECL(test_wc_SignatureGetSize_rsa),
+ /* PEM and DER APIs. */
TEST_DECL(test_wc_PemToDer),
TEST_DECL(test_wc_AllocDer),
TEST_DECL(test_wc_CertPemToDer),
@@ -66987,12 +69255,66 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wc_GetPubKeyDerFromCert),
TEST_DECL(test_wc_CheckCertSigPubKey),
- /* OCSP Stapling */
- TEST_DECL(test_wolfSSL_UseOCSPStapling),
- TEST_DECL(test_wolfSSL_UseOCSPStaplingV2),
+ /* wolfCrypt ASN tests */
+ TEST_DECL(test_ToTraditional),
+ TEST_DECL(test_wc_CreateEncryptedPKCS8Key),
+ TEST_DECL(test_wc_GetPkcs8TraditionalOffset),
- /* Multicast */
- TEST_DECL(test_wolfSSL_mcast),
+ /* Certificate */
+ TEST_DECL(test_wc_SetSubjectRaw),
+ TEST_DECL(test_wc_GetSubjectRaw),
+ TEST_DECL(test_wc_SetIssuerRaw),
+ TEST_DECL(test_wc_SetIssueBuffer),
+ TEST_DECL(test_wc_SetSubjectKeyId),
+ TEST_DECL(test_wc_SetSubject),
+ TEST_DECL(test_CheckCertSignature),
+ TEST_DECL(test_wc_ParseCert),
+ TEST_DECL(test_wc_ParseCert_Error),
+ TEST_DECL(test_MakeCertWithPathLen),
+ TEST_DECL(test_MakeCertWithCaFalse),
+ TEST_DECL(test_wc_SetKeyUsage),
+ TEST_DECL(test_wc_SetAuthKeyIdFromPublicKey_ex),
+ TEST_DECL(test_wc_SetSubjectBuffer),
+ TEST_DECL(test_wc_SetSubjectKeyIdFromPublicKey_ex),
+
+ /* wolfcrypt PKCS#7 */
+ TEST_DECL(test_wc_PKCS7_New),
+ TEST_DECL(test_wc_PKCS7_Init),
+ TEST_DECL(test_wc_PKCS7_InitWithCert),
+ TEST_DECL(test_wc_PKCS7_EncodeData),
+ TEST_DECL(test_wc_PKCS7_EncodeSignedData),
+ TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex),
+ TEST_DECL(test_wc_PKCS7_VerifySignedData_RSA),
+ TEST_DECL(test_wc_PKCS7_VerifySignedData_ECC),
+ TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData),
+ TEST_DECL(test_wc_PKCS7_EncodeEncryptedData),
+ TEST_DECL(test_wc_PKCS7_Degenerate),
+ TEST_DECL(test_wc_PKCS7_BER),
+ TEST_DECL(test_wc_PKCS7_signed_enveloped),
+ TEST_DECL(test_wc_PKCS7_NoDefaultSignedAttribs),
+ TEST_DECL(test_wc_PKCS7_SetOriEncryptCtx),
+ TEST_DECL(test_wc_PKCS7_SetOriDecryptCtx),
+ TEST_DECL(test_wc_PKCS7_DecodeCompressedData),
+
+ /* wolfCrypt PKCS#12 */
+ TEST_DECL(test_wc_i2d_PKCS12),
+
+ /*
+ * test_wolfCrypt_Cleanup needs to come after the above wolfCrypt tests to
+ * avoid memory leaks.
+ */
+ TEST_DECL(test_wolfCrypt_Cleanup),
+
+ TEST_DECL(test_wolfSSL_Init),
+
+ /*********************************
+ * OpenSSL compatibility API tests
+ *********************************/
+
+ /* If at some point a stub get implemented this test should fail indicating
+ * a need to implement a new test case
+ */
+ TEST_DECL(test_stubs_are_stubs),
/* ASN.1 compatibility API tests */
TEST_DECL(test_wolfSSL_ASN1_BIT_STRING),
@@ -67028,22 +69350,9 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_ASN1_TYPE),
TEST_DECL(test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS),
- /* compatibility tests */
TEST_DECL(test_wolfSSL_lhash),
- TEST_DECL(test_wolfSSL_X509_NAME),
- TEST_DECL(test_wolfSSL_X509_NAME_hash),
- TEST_DECL(test_wolfSSL_X509_NAME_print_ex),
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_X509_INFO_multiple_info),
- TEST_DECL(test_wolfSSL_X509_INFO),
-#endif
- TEST_DECL(test_wolfSSL_X509_subject_name_hash),
- TEST_DECL(test_wolfSSL_X509_issuer_name_hash),
- TEST_DECL(test_wolfSSL_X509_check_host),
- TEST_DECL(test_wolfSSL_X509_check_email),
- TEST_DECL(test_wolfSSL_DES),
+
TEST_DECL(test_wolfSSL_certs),
- TEST_DECL(test_wolfSSL_X509_check_private_key),
TEST_DECL(test_wolfSSL_private_keys),
TEST_DECL(test_wolfSSL_PEM_read_PrivateKey),
@@ -67053,6 +69362,8 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_PEM_file_RSAKey),
TEST_DECL(test_wolfSSL_PEM_file_RSAPrivateKey),
#ifndef NO_BIO
+ TEST_DECL(test_wolfSSL_BIO),
+ TEST_DECL(test_wolfSSL_PEM_read_bio),
TEST_DECL(test_wolfSSL_PEM_bio_RSAKey),
TEST_DECL(test_wolfSSL_PEM_bio_DSAKey),
TEST_DECL(test_wolfSSL_PEM_bio_ECKey),
@@ -67060,28 +69371,134 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_PEM_PUBKEY),
#endif
- TEST_DECL(test_DSA_do_sign_verify),
- TEST_DECL(test_wolfSSL_tmp_dh),
- TEST_DECL(test_wolfSSL_ctrl),
+ /* EVP API testing */
+ TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_new),
+ TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_free),
+ TEST_DECL(test_wolfSSL_EVP_EncodeInit),
+ TEST_DECL(test_wolfSSL_EVP_EncodeUpdate),
+ TEST_DECL(test_wolfSSL_EVP_EncodeFinal),
+ TEST_DECL(test_wolfSSL_EVP_DecodeInit),
+ TEST_DECL(test_wolfSSL_EVP_DecodeUpdate),
+ TEST_DECL(test_wolfSSL_EVP_DecodeFinal),
+ TEST_DECL(test_wolfSSL_EVP_shake128),
+ TEST_DECL(test_wolfSSL_EVP_shake256),
+ TEST_DECL(test_wolfSSL_EVP_sm3),
+ TEST_DECL(test_EVP_blake2),
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_EVP_md4),
+ TEST_DECL(test_wolfSSL_EVP_ripemd160),
+ TEST_DECL(test_wolfSSL_EVP_get_digestbynid),
+ TEST_DECL(test_wolfSSL_EVP_MD_nid),
+
+ TEST_DECL(test_wolfSSL_EVP_DigestFinal_ex),
+#endif
+
+ TEST_DECL(test_EVP_MD_do_all),
TEST_DECL(test_wolfSSL_EVP_MD_size),
TEST_DECL(test_wolfSSL_EVP_MD_pkey_type),
TEST_DECL(test_wolfSSL_EVP_Digest),
TEST_DECL(test_wolfSSL_EVP_Digest_all),
- TEST_DECL(test_wolfSSL_EVP_PKEY_new_mac_key),
- TEST_DECL(test_wolfSSL_EVP_PKEY_new_CMAC_key),
TEST_DECL(test_wolfSSL_EVP_MD_hmac_signing),
TEST_DECL(test_wolfSSL_EVP_MD_rsa_signing),
TEST_DECL(test_wolfSSL_EVP_MD_ecc_signing),
+
+ TEST_DECL(test_wolfssl_EVP_aes_gcm),
+ TEST_DECL(test_wolfssl_EVP_aes_gcm_AAD_2_parts),
+ TEST_DECL(test_wolfssl_EVP_aes_gcm_zeroLen),
+ TEST_DECL(test_wolfssl_EVP_aes_ccm),
+ TEST_DECL(test_wolfssl_EVP_aes_ccm_zeroLen),
+ TEST_DECL(test_wolfssl_EVP_chacha20),
+ TEST_DECL(test_wolfssl_EVP_chacha20_poly1305),
+ TEST_DECL(test_wolfssl_EVP_sm4_ecb),
+ TEST_DECL(test_wolfssl_EVP_sm4_cbc),
+ TEST_DECL(test_wolfssl_EVP_sm4_ctr),
+ TEST_DECL(test_wolfssl_EVP_sm4_gcm_zeroLen),
+ TEST_DECL(test_wolfssl_EVP_sm4_gcm),
+ TEST_DECL(test_wolfssl_EVP_sm4_ccm_zeroLen),
+ TEST_DECL(test_wolfssl_EVP_sm4_ccm),
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_EVP_aes_256_gcm),
+ TEST_DECL(test_wolfSSL_EVP_aes_192_gcm),
+ TEST_DECL(test_wolfSSL_EVP_aes_256_ccm),
+ TEST_DECL(test_wolfSSL_EVP_aes_192_ccm),
+ TEST_DECL(test_wolfSSL_EVP_aes_128_ccm),
+ TEST_DECL(test_wolfSSL_EVP_rc4),
+ TEST_DECL(test_wolfSSL_EVP_enc_null),
+ TEST_DECL(test_wolfSSL_EVP_rc2_cbc),
+ TEST_DECL(test_wolfSSL_EVP_mdc2),
+
+ TEST_DECL(test_evp_cipher_aes_gcm),
+#endif
+ TEST_DECL(test_wolfssl_EVP_aria_gcm),
+ TEST_DECL(test_wolfSSL_EVP_Cipher_extra),
+#ifdef OPENSSL_EXTRA
+ TEST_DECL(test_wolfSSL_EVP_get_cipherbynid),
+ TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX),
+#endif
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_iv_length),
+ TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_key_length),
+ TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_iv),
+ TEST_DECL(test_wolfSSL_EVP_CIPHER_block_size),
+ TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length),
+ TEST_DECL(test_wolfSSL_EVP_X_STATE),
+ TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN),
+ TEST_DECL(test_wolfSSL_EVP_BytesToKey),
+#endif
+
TEST_DECL(test_wolfSSL_EVP_PKEY_print_public),
- TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_new),
- TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_free),
- TEST_DECL(test_wolfSSL_EVP_EncodeInit),
- TEST_DECL(test_wolfSSL_EVP_EncodeUpdate),
- TEST_DECL(test_wolfSSL_EVP_EncodeFinal),
- TEST_DECL(test_wolfSSL_EVP_DecodeInit),
- TEST_DECL(test_wolfSSL_EVP_DecodeUpdate),
- TEST_DECL(test_wolfSSL_EVP_DecodeFinal),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_new_mac_key),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_new_CMAC_key),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_up_ref),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_hkdf),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_derive),
+ TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey),
+ TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey_ecc),
+#ifndef NO_BIO
+ TEST_DECL(test_wolfSSL_d2i_PUBKEY),
+#endif
+ TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams),
+ TEST_DECL(test_wolfSSL_i2d_PrivateKey),
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
+#ifndef NO_BIO
+ TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio),
+#endif /* !NO_BIO */
+#endif
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DSA),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DH),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_assign),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_assign_DH),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_base_id),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_id),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_paramgen),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_keygen),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_keygen_init),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_missing_parameters),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_copy_parameters),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_new_id),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_get0_EC_KEY),
+#endif
+
+ TEST_DECL(test_EVP_PKEY_rsa),
+ TEST_DECL(test_EVP_PKEY_ec),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_encrypt),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_rsa),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_dsa),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_ec),
+ TEST_DECL(test_EVP_PKEY_cmp),
+
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_EVP_SignInit_ex),
+ TEST_DECL(test_wolfSSL_EVP_PKEY_param_check),
+ TEST_DECL(test_wolfSSL_QT_EVP_PKEY_CTX_free),
+#endif
+
+ TEST_DECL(test_wolfSSL_EVP_PBE_scrypt),
+
TEST_DECL(test_wolfSSL_CTX_add_extra_chain_cert),
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
TEST_DECL(test_wolfSSL_ERR_peek_last_error_line),
@@ -67094,12 +69511,17 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wc_ERR_print_errors_fp),
#endif
TEST_DECL(test_wolfSSL_configure_args),
- TEST_DECL(test_wolfSSL_set_options),
TEST_DECL(test_wolfSSL_sk_SSL_CIPHER),
TEST_DECL(test_wolfSSL_set1_curves_list),
TEST_DECL(test_wolfSSL_set1_sigalgs_list),
+ TEST_DECL(test_wolfSSL_OtherName),
+ TEST_DECL(test_wolfSSL_FPKI),
+ TEST_DECL(test_wolfSSL_URI),
+ TEST_DECL(test_wolfSSL_TBS),
+
TEST_DECL(test_wolfSSL_X509_STORE_CTX),
+ TEST_DECL(test_X509_STORE_untrusted),
TEST_DECL(test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup),
TEST_DECL(test_wolfSSL_X509_STORE_CTX_get0_current_issuer),
TEST_DECL(test_wolfSSL_X509_STORE_set_flags),
@@ -67123,38 +69545,96 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_X509_cmp_time),
TEST_DECL(test_wolfSSL_X509_time_adj),
+ /* X509 tests */
+ TEST_DECL(test_wolfSSL_X509_subject_name_hash),
+ TEST_DECL(test_wolfSSL_X509_issuer_name_hash),
+ TEST_DECL(test_wolfSSL_X509_check_host),
+ TEST_DECL(test_wolfSSL_X509_check_email),
+ TEST_DECL(test_wolfSSL_X509_check_private_key),
TEST_DECL(test_wolfSSL_X509),
TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM),
TEST_DECL(test_wolfSSL_X509_sign),
TEST_DECL(test_wolfSSL_X509_sign2),
+ TEST_DECL(test_wolfSSL_X509_verify),
TEST_DECL(test_wolfSSL_X509_get0_tbs_sigalg),
TEST_DECL(test_wolfSSL_X509_ALGOR_get0),
TEST_DECL(test_wolfSSL_X509_get_X509_PUBKEY),
TEST_DECL(test_wolfSSL_X509_PUBKEY_RSA),
TEST_DECL(test_wolfSSL_X509_PUBKEY_EC),
TEST_DECL(test_wolfSSL_X509_PUBKEY_DSA),
+ TEST_DECL(test_wolfSSL_PEM_write_bio_X509),
+ TEST_DECL(test_wolfSSL_X509_NAME_get_entry),
+ TEST_DECL(test_wolfSSL_X509_NAME),
+ TEST_DECL(test_wolfSSL_X509_NAME_hash),
+ TEST_DECL(test_wolfSSL_X509_NAME_print_ex),
+ TEST_DECL(test_wolfSSL_X509_NAME_ENTRY),
+ TEST_DECL(test_wolfSSL_X509_set_name),
+ TEST_DECL(test_wolfSSL_X509_set_notAfter),
+ TEST_DECL(test_wolfSSL_X509_set_notBefore),
+ TEST_DECL(test_wolfSSL_X509_set_version),
+ TEST_DECL(test_wolfSSL_X509_get_serialNumber),
+ TEST_DECL(test_wolfSSL_X509_CRL),
+ TEST_DECL(test_wolfSSL_i2d_X509),
+ TEST_DECL(test_wolfSSL_d2i_X509_REQ),
+ TEST_DECL(test_wolfSSL_PEM_read_X509),
+ TEST_DECL(test_wolfSSL_X509_check_ca),
+ TEST_DECL(test_wolfSSL_X509_check_ip_asc),
+ TEST_DECL(test_wolfSSL_make_cert),
- TEST_DECL(test_wolfSSL_msgCb),
- TEST_DECL(test_wolfSSL_either_side),
- TEST_DECL(test_wolfSSL_DTLS_either_side),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_dtls_fragments),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_dtls_AEAD_limit),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_ignore_alert_before_cookie),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_dtls_bad_record),
- /* Uses Assert in handshake callback. */
- TEST_DECL(test_wolfSSL_dtls_stateless),
- TEST_DECL(test_generate_cookie),
+#ifndef NO_BIO
+ TEST_DECL(test_wolfSSL_X509_INFO_multiple_info),
+ TEST_DECL(test_wolfSSL_X509_INFO),
+ TEST_DECL(test_wolfSSL_PEM_X509_INFO_read_bio),
+#endif
- /* RAND compatability API */
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_X509_PUBKEY_get),
+#endif
+
+ TEST_DECL(test_wolfSSL_X509_CA_num),
+ TEST_DECL(test_wolfSSL_X509_get_version),
+#ifndef NO_BIO
+ TEST_DECL(test_wolfSSL_X509_print),
+ TEST_DECL(test_wolfSSL_X509_CRL_print),
+#endif
+ TEST_DECL(test_X509_get_signature_nid),
+ /* X509 extension testing. */
+ TEST_DECL(test_wolfSSL_X509_get_extension_flags),
+ TEST_DECL(test_wolfSSL_X509_get_ext),
+ TEST_DECL(test_wolfSSL_X509_get_ext_by_NID),
+ TEST_DECL(test_wolfSSL_X509_get_ext_subj_alt_name),
+ TEST_DECL(test_wolfSSL_X509_get_ext_count),
+ TEST_DECL(test_wolfSSL_X509_EXTENSION_new),
+ TEST_DECL(test_wolfSSL_X509_EXTENSION_get_object),
+ TEST_DECL(test_wolfSSL_X509_EXTENSION_get_data),
+ TEST_DECL(test_wolfSSL_X509_EXTENSION_get_critical),
+ TEST_DECL(test_wolfSSL_X509V3_EXT_get),
+ TEST_DECL(test_wolfSSL_X509V3_EXT_nconf),
+ TEST_DECL(test_wolfSSL_X509V3_EXT),
+ TEST_DECL(test_wolfSSL_X509V3_EXT_print),
+ TEST_DECL(test_wolfSSL_X509_cmp),
+
+ TEST_DECL(test_GENERAL_NAME_set0_othername),
+ TEST_DECL(test_othername_and_SID_ext),
+ TEST_DECL(test_wolfSSL_dup_CA_list),
+ /* OpenSSL sk_X509 API test */
+ TEST_DECL(test_sk_X509),
+ /* OpenSSL sk_X509_CRL API test */
+ TEST_DECL(test_sk_X509_CRL),
+
+ /* OpenSSL X509 REQ API test */
+ TEST_DECL(test_X509_REQ),
+
+ /* OpenSSL compatibility outside SSL context w/ CRL lookup directory */
+ TEST_DECL(test_X509_STORE_No_SSL_CTX),
+ TEST_DECL(test_X509_LOOKUP_add_dir),
+
+ /* RAND compatibility API */
TEST_DECL(test_wolfSSL_RAND_set_rand_method),
TEST_DECL(test_wolfSSL_RAND_bytes),
TEST_DECL(test_wolfSSL_RAND),
- /* BN compatability API */
+ /* BN compatibility API */
TEST_DECL(test_wolfSSL_BN_CTX),
TEST_DECL(test_wolfSSL_BN),
TEST_DECL(test_wolfSSL_BN_init),
@@ -67168,31 +69648,29 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_BN_rand),
TEST_DECL(test_wolfSSL_BN_prime),
- TEST_DECL(test_wolfSSL_CTX_get0_set1_param),
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_PEM_read_bio),
- TEST_DECL(test_wolfSSL_BIO),
-#endif
- TEST_DECL(test_wolfSSL_a2i_IPADDRESS),
- TEST_DECL(test_wolfSSL_BUF),
- TEST_DECL(test_wolfSSL_set_tlsext_status_type),
- /* Can't memory test as server hangs. */
- TEST_DECL(test_wolfSSL_CTX_set_client_CA_list),
- TEST_DECL(test_wolfSSL_CTX_add_client_CA),
- TEST_DECL(test_wolfSSL_CTX_set_srp_username),
- TEST_DECL(test_wolfSSL_CTX_set_srp_password),
- TEST_DECL(test_wolfSSL_CTX_set_keylog_callback),
- TEST_DECL(test_wolfSSL_CTX_get_keylog_callback),
- TEST_DECL(test_wolfSSL_Tls12_Key_Logging_test),
- /* Can't memory test as server hangs. */
- TEST_DECL(test_wolfSSL_Tls13_Key_Logging_test),
- TEST_DECL(test_wolfSSL_Tls13_postauth),
- TEST_DECL(test_wolfSSL_CTX_set_ecdh_auto),
- TEST_DECL(test_wolfSSL_set_minmax_proto_version),
- TEST_DECL(test_wolfSSL_CTX_set_max_proto_version),
- TEST_DECL(test_wolfSSL_THREADID_hash),
+ /* OpenSSL PKCS5 API test */
+ TEST_DECL(test_wolfSSL_PKCS5),
+
+ /* OpenSSL PKCS8 API test */
TEST_DECL(test_wolfSSL_PKCS8_Compat),
TEST_DECL(test_wolfSSL_PKCS8_d2i),
+
+ /* OpenSSL PKCS7 API test */
+ TEST_DECL(test_wolfssl_PKCS7),
+ TEST_DECL(test_wolfSSL_PKCS7_certs),
+ TEST_DECL(test_wolfSSL_PKCS7_sign),
+ TEST_DECL(test_wolfSSL_PKCS7_SIGNED_new),
+#ifndef NO_BIO
+ TEST_DECL(test_wolfSSL_PEM_write_bio_PKCS7),
+#ifdef HAVE_SMIME
+ TEST_DECL(test_wolfSSL_SMIME_read_PKCS7),
+ TEST_DECL(test_wolfSSL_SMIME_write_PKCS7),
+#endif /* HAVE_SMIME */
+#endif /* !NO_BIO */
+
+ /* OpenSSL PKCS12 API test */
+ TEST_DECL(test_wolfSSL_PKCS12),
+
/* Can't memory test as callbacks use Assert. */
TEST_DECL(test_error_queue_per_thread),
TEST_DECL(test_wolfSSL_ERR_put_error),
@@ -67200,20 +69678,16 @@ TEST_CASE testCases[] = {
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_ERR_print_errors),
#endif
- TEST_DECL(test_wolfSSL_HMAC),
- TEST_DECL(test_wolfSSL_CMAC),
+
+ TEST_DECL(test_OBJ_NAME_do_all),
TEST_DECL(test_wolfSSL_OBJ),
TEST_DECL(test_wolfSSL_OBJ_cmp),
TEST_DECL(test_wolfSSL_OBJ_txt2nid),
TEST_DECL(test_wolfSSL_OBJ_txt2obj),
- TEST_DECL(test_wolfSSL_PEM_write_bio_X509),
- TEST_DECL(test_wolfSSL_X509_NAME_ENTRY),
- TEST_DECL(test_GENERAL_NAME_set0_othername),
- TEST_DECL(test_othername_and_SID_ext),
- TEST_DECL(test_wolfSSL_X509_set_name),
- TEST_DECL(test_wolfSSL_X509_set_notAfter),
- TEST_DECL(test_wolfSSL_X509_set_notBefore),
- TEST_DECL(test_wolfSSL_X509_set_version),
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_OBJ_ln),
+ TEST_DECL(test_wolfSSL_OBJ_sn),
+#endif
#ifndef NO_BIO
TEST_DECL(test_wolfSSL_BIO_gets),
@@ -67222,76 +69696,33 @@ TEST_CASE testCases[] = {
/* Can't memory test as server hangs. */
TEST_DECL(test_wolfSSL_BIO_should_retry),
TEST_DECL(test_wolfSSL_BIO_write),
- /* Can't memory test as server hangs. */
- TEST_DECL(test_wolfSSL_BIO_connect),
- /* Can't memory test as server Asserts in thread. */
- TEST_DECL(test_wolfSSL_BIO_accept),
TEST_DECL(test_wolfSSL_BIO_printf),
TEST_DECL(test_wolfSSL_BIO_f_md),
TEST_DECL(test_wolfSSL_BIO_up_ref),
TEST_DECL(test_wolfSSL_BIO_reset),
- TEST_DECL(test_wolfSSL_BIO_tls),
+ TEST_DECL(test_wolfSSL_BIO_get_len),
#endif
- /* Converted above to use Expect unless where stated. */
#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- /* Converted to use Expect. */
TEST_DECL(test_wolfSSL_check_domain),
#endif
- /* Converted to use Expect. */
TEST_DECL(test_wolfSSL_cert_cb),
+ TEST_DECL(test_wolfSSL_cert_cb_dyn_ciphers),
+ TEST_DECL(test_wolfSSL_ciphersuite_auth),
+ TEST_DECL(test_wolfSSL_sigalg_info),
+ /* Can't memory test as tcp_connect aborts. */
TEST_DECL(test_wolfSSL_SESSION),
- /* Converted to use Expect. */
+ TEST_DECL(test_wolfSSL_SESSION_expire_downgrade),
TEST_DECL(test_wolfSSL_CTX_sess_set_remove_cb),
TEST_DECL(test_wolfSSL_ticket_keys),
- TEST_DECL(test_wolfSSL_DES_ecb_encrypt),
TEST_DECL(test_wolfSSL_sk_GENERAL_NAME),
TEST_DECL(test_wolfSSL_GENERAL_NAME_print),
TEST_DECL(test_wolfSSL_sk_DIST_POINT),
- TEST_DECL(test_wolfSSL_MD4),
TEST_DECL(test_wolfSSL_verify_mode),
TEST_DECL(test_wolfSSL_verify_depth),
- TEST_DECL(test_wolfSSL_HMAC_CTX),
+ TEST_DECL(test_wolfSSL_verify_result),
TEST_DECL(test_wolfSSL_msg_callback),
- TEST_DECL(test_wolfSSL_SHA),
- TEST_DECL(test_wolfSSL_AES_ecb_encrypt),
- TEST_DECL(test_wolfSSL_MD5),
- TEST_DECL(test_wolfSSL_MD5_Transform),
- TEST_DECL(test_wolfSSL_SHA_Transform),
- TEST_DECL(test_wolfSSL_SHA256),
- TEST_DECL(test_wolfSSL_SHA256_Transform),
- TEST_DECL(test_wolfSSL_SHA224),
- TEST_DECL(test_wolfSSL_SHA512_Transform),
- TEST_DECL(test_wolfSSL_X509_get_serialNumber),
- TEST_DECL(test_wolfSSL_X509_CRL),
- TEST_DECL(test_wolfSSL_d2i_X509_REQ),
- TEST_DECL(test_wolfSSL_PEM_read_X509),
- TEST_DECL(test_wolfSSL_PEM_read),
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_PEM_X509_INFO_read_bio),
-#endif
- TEST_DECL(test_wolfSSL_OpenSSL_add_all_algorithms),
- TEST_DECL(test_wolfSSL_OPENSSL_hexstr2buf),
- TEST_DECL(test_wolfSSL_X509_check_ca),
- TEST_DECL(test_wolfSSL_X509_check_ip_asc),
- TEST_DECL(test_wolfSSL_make_cert),
- TEST_DECL(test_wolfSSL_DES_ncbc),
- TEST_DECL(test_wolfSSL_AES_cbc_encrypt),
- TEST_DECL(test_wolfSSL_CRYPTO_cts128),
- TEST_DECL(test_wolfssl_EVP_aes_gcm_AAD_2_parts),
- TEST_DECL(test_wolfssl_EVP_aes_gcm),
- TEST_DECL(test_wolfssl_EVP_aes_gcm_zeroLen),
- TEST_DECL(test_wolfssl_EVP_aes_ccm),
- TEST_DECL(test_wolfssl_EVP_aes_ccm_zeroLen),
- TEST_DECL(test_wolfssl_EVP_chacha20_poly1305),
- TEST_DECL(test_wolfssl_EVP_chacha20),
- TEST_DECL(test_wolfSSL_EVP_PKEY_hkdf),
- TEST_DECL(test_wolfSSL_PKEY_up_ref),
- TEST_DECL(test_wolfSSL_EVP_Cipher_extra),
- TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey),
- TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey_ecc),
- TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams),
- TEST_DECL(test_wolfSSL_i2d_PrivateKey),
+
TEST_DECL(test_wolfSSL_OCSP_id_get0_info),
TEST_DECL(test_wolfSSL_i2d_OCSP_CERTID),
TEST_DECL(test_wolfSSL_d2i_OCSP_CERTID),
@@ -67300,88 +69731,74 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_OCSP_single_get0_status),
TEST_DECL(test_wolfSSL_OCSP_resp_count),
TEST_DECL(test_wolfSSL_OCSP_resp_get0),
- TEST_DECL(test_wolfSSL_EVP_PKEY_derive),
- TEST_DECL(test_wolfSSL_EVP_PBE_scrypt),
+
+ TEST_DECL(test_wolfSSL_PEM_read),
+
+ TEST_DECL(test_wolfSSL_OpenSSL_version),
+ TEST_DECL(test_wolfSSL_OpenSSL_add_all_algorithms),
+ TEST_DECL(test_wolfSSL_OPENSSL_hexstr2buf),
+
TEST_DECL(test_CONF_modules_xxx),
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_TXT_DB),
+ TEST_DECL(test_wolfSSL_NCONF),
+#endif
+
+ TEST_DECL(test_wolfSSL_CRYPTO_memcmp),
+ TEST_DECL(test_wolfSSL_CRYPTO_get_ex_new_index),
+ TEST_DECL(test_wolfSSL_SESSION_get_ex_new_index),
TEST_DECL(test_CRYPTO_set_dynlock_xxx),
TEST_DECL(test_CRYPTO_THREADID_xxx),
TEST_DECL(test_ENGINE_cleanup),
+ /* test the no op functions for compatibility */
+ TEST_DECL(test_no_op_functions),
+ /* OpenSSL error API tests */
+ TEST_DECL(test_ERR_load_crypto_strings),
+
#ifdef OPENSSL_ALL
- TEST_DECL(test_wolfSSL_X509_PUBKEY_get),
TEST_DECL(test_wolfSSL_sk_CIPHER_description),
TEST_DECL(test_wolfSSL_get_ciphers_compat),
- TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DSA),
- TEST_DECL(test_wolfSSL_DSA_SIG),
- TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY),
- TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DH),
+
TEST_DECL(test_wolfSSL_CTX_ctrl),
- TEST_DECL(test_wolfSSL_EVP_PKEY_assign),
- TEST_DECL(test_wolfSSL_EVP_PKEY_base_id),
- TEST_DECL(test_wolfSSL_EVP_PKEY_id),
- TEST_DECL(test_wolfSSL_EVP_PKEY_paramgen),
- TEST_DECL(test_wolfSSL_EVP_PKEY_keygen),
- TEST_DECL(test_wolfSSL_EVP_PKEY_keygen_init),
- TEST_DECL(test_wolfSSL_EVP_PKEY_missing_parameters),
- TEST_DECL(test_wolfSSL_EVP_PKEY_copy_parameters),
- TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_iv_length),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_key_length),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_key_length),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_iv),
- TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_new_id),
- TEST_DECL(test_wolfSSL_EVP_rc4),
- TEST_DECL(test_wolfSSL_EVP_enc_null),
- TEST_DECL(test_wolfSSL_EVP_rc2_cbc),
- TEST_DECL(test_wolfSSL_EVP_mdc2),
- TEST_DECL(test_wolfSSL_EVP_md4),
- TEST_DECL(test_wolfSSL_EVP_aes_256_gcm),
- TEST_DECL(test_wolfSSL_EVP_aes_192_gcm),
- TEST_DECL(test_wolfSSL_EVP_aes_256_ccm),
- TEST_DECL(test_wolfSSL_EVP_aes_192_ccm),
- TEST_DECL(test_wolfSSL_EVP_aes_128_ccm),
- TEST_DECL(test_wolfSSL_EVP_ripemd160),
- TEST_DECL(test_wolfSSL_EVP_get_digestbynid),
- TEST_DECL(test_wolfSSL_EVP_MD_nid),
- TEST_DECL(test_wolfSSL_EVP_PKEY_get0_EC_KEY),
- TEST_DECL(test_wolfSSL_EVP_X_STATE),
- TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_block_size),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length),
- TEST_DECL(test_wolfSSL_EVP_SignInit_ex),
- TEST_DECL(test_wolfSSL_EVP_DigestFinal_ex),
- TEST_DECL(test_wolfSSL_EVP_PKEY_assign_DH),
- TEST_DECL(test_wolfSSL_EVP_BytesToKey),
- TEST_DECL(test_wolfSSL_EVP_PKEY_param_check),
- TEST_DECL(test_wolfSSL_QT_EVP_PKEY_CTX_free),
- TEST_DECL(test_evp_cipher_aes_gcm),
- TEST_DECL(test_wolfSSL_OBJ_ln),
- TEST_DECL(test_wolfSSL_OBJ_sn),
- TEST_DECL(test_wolfSSL_TXT_DB),
- TEST_DECL(test_wolfSSL_NCONF),
#endif /* OPENSSL_ALL */
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_d2i_PUBKEY),
-#endif
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio),
-#endif /* !NO_BIO */
TEST_DECL(test_wolfSSL_CTX_use_certificate_ASN1),
#endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */
- TEST_DECL(test_wolfSSL_X509_CA_num),
- TEST_DECL(test_wolfSSL_X509_get_version),
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_X509_print),
- TEST_DECL(test_wolfSSL_X509_CRL_print),
- TEST_DECL(test_wolfSSL_BIO_get_len),
-#endif
+
+ /*********************************
+ * Crypto API tests
+ *********************************/
+
+ TEST_DECL(test_wolfSSL_MD4),
+ TEST_DECL(test_wolfSSL_MD5),
+ TEST_DECL(test_wolfSSL_MD5_Transform),
+ TEST_DECL(test_wolfSSL_SHA),
+ TEST_DECL(test_wolfSSL_SHA_Transform),
+ TEST_DECL(test_wolfSSL_SHA224),
+ TEST_DECL(test_wolfSSL_SHA256),
+ TEST_DECL(test_wolfSSL_SHA256_Transform),
+ TEST_DECL(test_wolfSSL_SHA512_Transform),
+ TEST_DECL(test_wolfSSL_SHA512_224_Transform),
+ TEST_DECL(test_wolfSSL_SHA512_256_Transform),
+ TEST_DECL(test_wolfSSL_HMAC_CTX),
+ TEST_DECL(test_wolfSSL_HMAC),
+ TEST_DECL(test_wolfSSL_CMAC),
+
+ TEST_DECL(test_wolfSSL_DES),
+ TEST_DECL(test_wolfSSL_DES_ncbc),
+ TEST_DECL(test_wolfSSL_DES_ecb_encrypt),
+ TEST_DECL(test_wolfSSL_DES_ede3_cbc_encrypt),
+ TEST_DECL(test_wolfSSL_AES_encrypt),
+ TEST_DECL(test_wolfSSL_AES_ecb_encrypt),
+ TEST_DECL(test_wolfSSL_AES_cbc_encrypt),
+ TEST_DECL(test_wolfSSL_AES_cfb128_encrypt),
+ TEST_DECL(test_wolfSSL_CRYPTO_cts128),
+ TEST_DECL(test_wolfSSL_RC4),
TEST_DECL(test_wolfSSL_RSA),
TEST_DECL(test_wolfSSL_RSA_DER),
TEST_DECL(test_wolfSSL_RSA_print),
-#ifndef NO_RSA
TEST_DECL(test_wolfSSL_RSA_padding_add_PKCS1_PSS),
-#endif
TEST_DECL(test_wolfSSL_RSA_sign_sha3),
TEST_DECL(test_wolfSSL_RSA_get0_key),
TEST_DECL(test_wolfSSL_RSA_meth),
@@ -67418,6 +69835,7 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wolfSSL_EC_GROUP),
TEST_DECL(test_wolfSSL_PEM_read_bio_ECPKParameters),
TEST_DECL(test_wolfSSL_EC_POINT),
+ TEST_DECL(test_wolfSSL_SPAKE),
TEST_DECL(test_wolfSSL_EC_KEY_generate),
TEST_DECL(test_EC_i2d),
TEST_DECL(test_wolfSSL_EC_curve),
@@ -67433,78 +69851,60 @@ TEST_CASE testCases[] = {
TEST_DECL(test_ECDH_compute_key),
#endif
- TEST_DECL(test_wolfSSL_X509V3_EXT_get),
- TEST_DECL(test_wolfSSL_X509V3_EXT_nconf),
- TEST_DECL(test_wolfSSL_X509V3_EXT),
- TEST_DECL(test_wolfSSL_X509_get_extension_flags),
- TEST_DECL(test_wolfSSL_X509_get_ext),
- TEST_DECL(test_wolfSSL_X509_get_ext_by_NID),
- TEST_DECL(test_wolfSSL_X509_get_ext_subj_alt_name),
- TEST_DECL(test_wolfSSL_X509_get_ext_count),
- TEST_DECL(test_wolfSSL_X509_EXTENSION_new),
- TEST_DECL(test_wolfSSL_X509_EXTENSION_get_object),
- TEST_DECL(test_wolfSSL_X509_EXTENSION_get_data),
- TEST_DECL(test_wolfSSL_X509_EXTENSION_get_critical),
- TEST_DECL(test_wolfSSL_X509V3_EXT_print),
- TEST_DECL(test_wolfSSL_X509_cmp),
+#ifdef OPENSSL_EXTRA
+ TEST_DECL(test_ED25519),
+ TEST_DECL(test_ED448),
+#endif
+
+ TEST_DECL(test_DSA_do_sign_verify),
+#ifdef OPENSSL_ALL
+ TEST_DECL(test_wolfSSL_DSA_generate_parameters),
+ TEST_DECL(test_wolfSSL_DSA_SIG),
+#endif
+
TEST_DECL(test_openssl_generate_key_and_cert),
- TEST_DECL(test_wolfSSL_CRYPTO_memcmp),
- TEST_DECL(test_wolfSSL_read_detect_TCP_disconnect),
- /* test the no op functions for compatibility */
- TEST_DECL(test_no_op_functions),
- /* OpenSSL EVP_PKEY API tests */
- TEST_DECL(test_EVP_PKEY_rsa),
- TEST_DECL(test_wolfSSL_EVP_PKEY_encrypt),
- TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify),
- TEST_DECL(test_EVP_PKEY_ec),
- TEST_DECL(test_EVP_PKEY_cmp),
- /* OpenSSL error API tests */
- TEST_DECL(test_ERR_load_crypto_strings),
- /* OpenSSL sk_X509 API test */
- TEST_DECL(test_sk_X509),
- /* OpenSSL sk_X509_CRL API test */
- TEST_DECL(test_sk_X509_CRL),
- /* OpenSSL X509 API test */
- TEST_DECL(test_X509_get_signature_nid),
- /* OpenSSL X509 REQ API test */
- TEST_DECL(test_X509_REQ),
- /* OpenSSL PKCS7 API test */
- TEST_DECL(test_wolfssl_PKCS7),
- /* Converted to use Expect. */
- TEST_DECL(test_wolfSSL_PKCS7_certs),
- TEST_DECL(test_wolfSSL_PKCS7_sign),
- TEST_DECL(test_wolfSSL_PKCS7_SIGNED_new),
-#ifndef NO_BIO
- TEST_DECL(test_wolfSSL_PEM_write_bio_PKCS7),
-#ifdef HAVE_SMIME
- TEST_DECL(test_wolfSSL_SMIME_read_PKCS7),
- TEST_DECL(test_wolfSSL_SMIME_write_PKCS7),
-#endif /* HAVE_SMIME */
-#endif /* !NO_BIO */
+ TEST_DECL(test_wolfSSL_FIPS_mode),
+ TEST_DECL(test_openssl_FIPS_drbg),
- /* OpenSSL compatibility outside SSL context w/ CRL lookup directory */
- TEST_DECL(test_X509_STORE_No_SSL_CTX),
- TEST_DECL(test_X509_LOOKUP_add_dir),
+ /*********************************
+ * CertManager API tests
+ *********************************/
- /* wolfCrypt ASN tests */
- TEST_DECL(test_wc_CreateEncryptedPKCS8Key),
- TEST_DECL(test_wc_GetPkcs8TraditionalOffset),
- TEST_DECL(test_wc_SetSubjectRaw),
- TEST_DECL(test_wc_GetSubjectRaw),
- TEST_DECL(test_wc_SetIssuerRaw),
- TEST_DECL(test_wc_SetIssueBuffer),
- TEST_DECL(test_wc_SetSubjectKeyId),
- TEST_DECL(test_wc_SetSubject),
- TEST_DECL(test_CheckCertSignature),
- TEST_DECL(test_wc_ParseCert),
- TEST_DECL(test_wc_ParseCert_Error),
- TEST_DECL(test_MakeCertWithPathLen),
+ TEST_DECL(test_wolfSSL_CertManagerAPI),
+ TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer),
+ TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer_ex),
+ TEST_DECL(test_wolfSSL_CertManagerGetCerts),
+ TEST_DECL(test_wolfSSL_CertManagerSetVerify),
+ TEST_DECL(test_wolfSSL_CertManagerNameConstraint),
+ TEST_DECL(test_wolfSSL_CertManagerNameConstraint2),
+ TEST_DECL(test_wolfSSL_CertManagerNameConstraint3),
+ TEST_DECL(test_wolfSSL_CertManagerNameConstraint4),
+ TEST_DECL(test_wolfSSL_CertManagerNameConstraint5),
+ TEST_DECL(test_wolfSSL_CertManagerCRL),
+ TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse),
+ TEST_DECL(test_wolfSSL_CheckOCSPResponse),
+#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
+ !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
+ !defined(WOLFSSL_NO_CLIENT_AUTH))
+ TEST_DECL(test_various_pathlen_chains),
+#endif
- /* wolfCrypt ECC tests */
- TEST_DECL(test_wc_ecc_get_curve_size_from_name),
- TEST_DECL(test_wc_ecc_get_curve_id_from_name),
- TEST_DECL(test_wc_ecc_get_curve_id_from_params),
+ /*********************************
+ * SSL/TLS API tests
+ *********************************/
+
+ TEST_DECL(test_wolfSSL_Method_Allocators),
+#ifndef NO_WOLFSSL_SERVER
+ TEST_DECL(test_wolfSSL_CTX_new),
+#endif
+ TEST_DECL(test_server_wolfSSL_new),
+ TEST_DECL(test_client_wolfSSL_new),
+#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
+ (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
+ TEST_DECL(test_for_double_Free),
+#endif
+ TEST_DECL(test_wolfSSL_set_options),
#ifdef WOLFSSL_TLS13
/* TLS v1.3 API tests */
@@ -67512,363 +69912,218 @@ TEST_CASE testCases[] = {
TEST_DECL(test_tls13_cipher_suites),
#endif
-#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
- !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
- /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
- /* Bad certificate signature tests */
- TEST_DECL(test_EccSigFailure_cm),
- TEST_DECL(test_RsaSigFailure_cm),
-#endif /* NO_CERTS */
-
-#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
- /* Converted to use Expect. */
- TEST_DECL(test_DhCallbacks),
-#endif
-
-#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
- /* Converted to use Expect. */
- TEST_DECL(test_export_keying_material),
-#endif
+ TEST_DECL(test_wolfSSL_tmp_dh),
+ TEST_DECL(test_wolfSSL_ctrl),
- TEST_DECL(test_wolfSSL_CTX_get_min_proto_version),
#if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
(defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))
TEST_DECL(test_wolfSSL_set_SSL_CTX),
#endif
-
+ TEST_DECL(test_wolfSSL_CTX_get_min_proto_version),
TEST_DECL(test_wolfSSL_security_level),
TEST_DECL(test_wolfSSL_SSL_in_init),
TEST_DECL(test_wolfSSL_CTX_set_timeout),
- TEST_DECL(test_wolfSSL_OpenSSL_version),
TEST_DECL(test_wolfSSL_set_psk_use_session_callback),
- TEST_DECL(test_ticket_and_psk_mixing),
- TEST_DECL(test_prioritize_psk),
TEST_DECL(test_CONF_CTX_FILE),
TEST_DECL(test_CONF_CTX_CMDLINE),
- TEST_DECL(test_wolfSSL_CRYPTO_get_ex_new_index),
- TEST_DECL(test_wolfSSL_SESSION_get_ex_new_index),
-
- /* wolfcrypt */
- TEST_DECL(test_wolfCrypt_Init),
- TEST_DECL(test_wc_InitMd5),
- TEST_DECL(test_wc_Md5Update),
- TEST_DECL(test_wc_Md5Final),
- TEST_DECL(test_wc_InitSha),
- TEST_DECL(test_wc_ShaUpdate),
- TEST_DECL(test_wc_ShaFinal),
- TEST_DECL(test_wc_InitSha256),
- TEST_DECL(test_wc_Sha256Update),
- TEST_DECL(test_wc_Sha256Final),
- TEST_DECL(test_wc_Sha256FinalRaw),
- TEST_DECL(test_wc_Sha256GetFlags),
- TEST_DECL(test_wc_Sha256Free),
- TEST_DECL(test_wc_Sha256GetHash),
- TEST_DECL(test_wc_Sha256Copy),
- TEST_DECL(test_wc_InitSha512),
- TEST_DECL(test_wc_Sha512Update),
- TEST_DECL(test_wc_Sha512Final),
- TEST_DECL(test_wc_Sha512GetFlags),
- TEST_DECL(test_wc_Sha512FinalRaw),
- TEST_DECL(test_wc_Sha512Free),
- TEST_DECL(test_wc_Sha512GetHash),
- TEST_DECL(test_wc_Sha512Copy),
-
- TEST_DECL(test_wc_InitSha512_224),
- TEST_DECL(test_wc_Sha512_224Update),
- TEST_DECL(test_wc_Sha512_224Final),
- TEST_DECL(test_wc_Sha512_224GetFlags),
- TEST_DECL(test_wc_Sha512_224FinalRaw),
- TEST_DECL(test_wc_Sha512_224Free),
- TEST_DECL(test_wc_Sha512_224GetHash),
- TEST_DECL(test_wc_Sha512_224Copy),
- TEST_DECL(test_wc_InitSha512_256),
- TEST_DECL(test_wc_Sha512_256Update),
- TEST_DECL(test_wc_Sha512_256Final),
- TEST_DECL(test_wc_Sha512_256GetFlags),
- TEST_DECL(test_wc_Sha512_256FinalRaw),
- TEST_DECL(test_wc_Sha512_256Free),
- TEST_DECL(test_wc_Sha512_256GetHash),
- TEST_DECL(test_wc_Sha512_256Copy),
-
- TEST_DECL(test_wc_InitSha384),
- TEST_DECL(test_wc_Sha384Update),
- TEST_DECL(test_wc_Sha384Final),
- TEST_DECL(test_wc_Sha384GetFlags),
- TEST_DECL(test_wc_Sha384FinalRaw),
- TEST_DECL(test_wc_Sha384Free),
- TEST_DECL(test_wc_Sha384GetHash),
- TEST_DECL(test_wc_Sha384Copy),
- TEST_DECL(test_wc_InitSha224),
- TEST_DECL(test_wc_Sha224Update),
- TEST_DECL(test_wc_Sha224Final),
- TEST_DECL(test_wc_Sha224SetFlags),
- TEST_DECL(test_wc_Sha224GetFlags),
- TEST_DECL(test_wc_Sha224Free),
- TEST_DECL(test_wc_Sha224GetHash),
- TEST_DECL(test_wc_Sha224Copy),
- TEST_DECL(test_wc_InitBlake2b),
- TEST_DECL(test_wc_InitBlake2b_WithKey),
- TEST_DECL(test_wc_InitBlake2s_WithKey),
- TEST_DECL(test_wc_InitRipeMd),
- TEST_DECL(test_wc_RipeMdUpdate),
- TEST_DECL(test_wc_RipeMdFinal),
- TEST_DECL(test_wc_InitSha3),
- TEST_DECL(testing_wc_Sha3_Update),
- TEST_DECL(test_wc_Sha3_224_Final),
- TEST_DECL(test_wc_Sha3_256_Final),
- TEST_DECL(test_wc_Sha3_384_Final),
- TEST_DECL(test_wc_Sha3_512_Final),
- TEST_DECL(test_wc_Sha3_224_Copy),
- TEST_DECL(test_wc_Sha3_256_Copy),
- TEST_DECL(test_wc_Sha3_384_Copy),
- TEST_DECL(test_wc_Sha3_512_Copy),
- TEST_DECL(test_wc_Sha3_GetFlags),
- TEST_DECL(test_wc_InitShake256),
- TEST_DECL(testing_wc_Shake256_Update),
- TEST_DECL(test_wc_Shake256_Final),
- TEST_DECL(test_wc_Shake256_Copy),
- TEST_DECL(test_wc_Shake256Hash),
-
- TEST_DECL(test_wc_Md5HmacSetKey),
- TEST_DECL(test_wc_Md5HmacUpdate),
- TEST_DECL(test_wc_Md5HmacFinal),
- TEST_DECL(test_wc_ShaHmacSetKey),
- TEST_DECL(test_wc_ShaHmacUpdate),
- TEST_DECL(test_wc_ShaHmacFinal),
- TEST_DECL(test_wc_Sha224HmacSetKey),
- TEST_DECL(test_wc_Sha224HmacUpdate),
- TEST_DECL(test_wc_Sha224HmacFinal),
- TEST_DECL(test_wc_Sha256HmacSetKey),
- TEST_DECL(test_wc_Sha256HmacUpdate),
- TEST_DECL(test_wc_Sha256HmacFinal),
- TEST_DECL(test_wc_Sha384HmacSetKey),
- TEST_DECL(test_wc_Sha384HmacUpdate),
- TEST_DECL(test_wc_Sha384HmacFinal),
-
- TEST_DECL(test_wc_HashInit),
- TEST_DECL(test_wc_HashSetFlags),
- TEST_DECL(test_wc_HashGetFlags),
+#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
+ !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
+ /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
+ /* Bad certificate signature tests */
+ TEST_DECL(test_EccSigFailure_cm),
+ TEST_DECL(test_RsaSigFailure_cm),
+#endif /* NO_CERTS */
- TEST_DECL(test_wc_InitCmac),
- TEST_DECL(test_wc_CmacUpdate),
- TEST_DECL(test_wc_CmacFinal),
- TEST_DECL(test_wc_AesCmacGenerate),
- TEST_DECL(test_wc_AesGcmStream),
+ /* PKCS8 testing */
+ TEST_DECL(test_wolfSSL_no_password_cb),
+ TEST_DECL(test_wolfSSL_PKCS8),
+ TEST_DECL(test_wolfSSL_PKCS8_ED25519),
+ TEST_DECL(test_wolfSSL_PKCS8_ED448),
- TEST_DECL(test_wc_Des3_SetIV),
- TEST_DECL(test_wc_Des3_SetKey),
- TEST_DECL(test_wc_Des3_CbcEncryptDecrypt),
- TEST_DECL(test_wc_Des3_CbcEncryptDecryptWithKey),
- TEST_DECL(test_wc_Des3_EcbEncrypt),
- TEST_DECL(test_wc_Chacha_SetKey),
- TEST_DECL(test_wc_Chacha_Process),
- TEST_DECL(test_wc_ChaCha20Poly1305_aead),
- TEST_DECL(test_wc_Poly1305SetKey),
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+ TEST_DECL(test_wolfSSL_get_finished),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_CTX_add_session),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls13),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls13),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls12),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls12),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls11),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls1),
+#endif
+ TEST_DECL(test_SSL_CIPHER_get_xxx),
+ TEST_DECL(test_wolfSSL_ERR_strings),
+ TEST_DECL(test_wolfSSL_CTX_set_cipher_list_bytes),
+ TEST_DECL(test_wolfSSL_CTX_use_certificate_file),
+ TEST_DECL(test_wolfSSL_CTX_use_certificate_buffer),
+ TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file),
+ TEST_DECL(test_wolfSSL_CTX_load_verify_locations),
+ /* Large number of memory allocations. */
+ TEST_DECL(test_wolfSSL_CTX_load_system_CA_certs),
- TEST_DECL(test_wc_CamelliaSetKey),
- TEST_DECL(test_wc_CamelliaSetIV),
- TEST_DECL(test_wc_CamelliaEncryptDecryptDirect),
- TEST_DECL(test_wc_CamelliaCbcEncryptDecrypt),
+ TEST_DECL(test_wolfSSL_CertRsaPss),
+ TEST_DECL(test_wolfSSL_CTX_load_verify_locations_ex),
+ TEST_DECL(test_wolfSSL_CTX_load_verify_buffer_ex),
+ TEST_DECL(test_wolfSSL_CTX_load_verify_chain_buffer_format),
+ TEST_DECL(test_wolfSSL_CTX_add1_chain_cert),
+ TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_file_format),
+ TEST_DECL(test_wolfSSL_CTX_trust_peer_cert),
+ TEST_DECL(test_wolfSSL_CTX_LoadCRL),
+ TEST_DECL(test_multiple_crls_same_issuer),
+ TEST_DECL(test_wolfSSL_CTX_SetTmpDH_file),
+ TEST_DECL(test_wolfSSL_CTX_SetTmpDH_buffer),
+ TEST_DECL(test_wolfSSL_CTX_SetMinMaxDhKey_Sz),
+ TEST_DECL(test_wolfSSL_CTX_der_load_verify_locations),
+ TEST_DECL(test_wolfSSL_CTX_enable_disable),
+ TEST_DECL(test_wolfSSL_CTX_ticket_API),
+ TEST_DECL(test_wolfSSL_SetTmpDH_file),
+ TEST_DECL(test_wolfSSL_SetTmpDH_buffer),
+ TEST_DECL(test_wolfSSL_SetMinMaxDhKey_Sz),
+ TEST_DECL(test_SetTmpEC_DHE_Sz),
+ TEST_DECL(test_wolfSSL_CTX_get0_privatekey),
+#ifdef WOLFSSL_DTLS
+ TEST_DECL(test_wolfSSL_DtlsUpdateWindow),
+ TEST_DECL(test_wolfSSL_DTLS_fragment_buckets),
+#endif
+ TEST_DECL(test_wolfSSL_dtls_set_mtu),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_dtls_plaintext),
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES)
+ TEST_DECL(test_wolfSSL_read_write),
+ /* Can't memory test as server hangs if client fails before second connect.
+ */
+ TEST_DECL(test_wolfSSL_reuse_WOLFSSLobj),
+ TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_1),
+ TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_2),
+ TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_3),
+ TEST_DECL(test_wolfSSL_CTX_set_cipher_list),
+ /* Can't memory test as server hangs. */
+ TEST_DECL(test_wolfSSL_dtls_export),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_tls_export),
+#endif
+ TEST_DECL(test_wolfSSL_dtls_export_peers),
+ TEST_DECL(test_wolfSSL_SetMinVersion),
+ TEST_DECL(test_wolfSSL_CTX_SetMinVersion),
- TEST_DECL(test_wc_Arc4SetKey),
- TEST_DECL(test_wc_Arc4Process),
+ /* wolfSSL handshake APIs. */
+ TEST_DECL(test_wolfSSL_CTX_get0_set1_param),
+ TEST_DECL(test_wolfSSL_a2i_IPADDRESS),
+ TEST_DECL(test_wolfSSL_BUF),
+ TEST_DECL(test_wolfSSL_set_tlsext_status_type),
+ /* Can't memory test as server hangs. */
+ TEST_DECL(test_wolfSSL_CTX_set_client_CA_list),
+ TEST_DECL(test_wolfSSL_CTX_add_client_CA),
+ TEST_DECL(test_wolfSSL_CTX_set_srp_username),
+ TEST_DECL(test_wolfSSL_CTX_set_srp_password),
+ TEST_DECL(test_wolfSSL_CTX_set_keylog_callback),
+ TEST_DECL(test_wolfSSL_CTX_get_keylog_callback),
+ TEST_DECL(test_wolfSSL_Tls12_Key_Logging_test),
+ /* Can't memory test as server hangs. */
+ TEST_DECL(test_wolfSSL_Tls13_Key_Logging_test),
+ TEST_DECL(test_wolfSSL_Tls13_postauth),
+ TEST_DECL(test_wolfSSL_CTX_set_ecdh_auto),
+ TEST_DECL(test_wolfSSL_set_minmax_proto_version),
+ TEST_DECL(test_wolfSSL_CTX_set_max_proto_version),
+ TEST_DECL(test_wolfSSL_THREADID_hash),
- TEST_DECL(test_wc_Rc2SetKey),
- TEST_DECL(test_wc_Rc2SetIV),
- TEST_DECL(test_wc_Rc2EcbEncryptDecrypt),
- TEST_DECL(test_wc_Rc2CbcEncryptDecrypt),
+ /* TLS extensions tests */
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+#ifdef HAVE_SNI
+ TEST_DECL(test_wolfSSL_UseSNI_params),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_UseSNI_connection),
+ TEST_DECL(test_wolfSSL_SNI_GetFromBuffer),
+#endif /* HAVE_SNI */
+#endif
+ TEST_DECL(test_wolfSSL_UseTrustedCA),
+ TEST_DECL(test_wolfSSL_UseMaxFragment),
+ TEST_DECL(test_wolfSSL_UseTruncatedHMAC),
+ TEST_DECL(test_wolfSSL_UseSupportedCurve),
+#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_UseALPN_connection),
+ TEST_DECL(test_wolfSSL_UseALPN_params),
+#endif
+#ifdef HAVE_ALPN_PROTOS_SUPPORT
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_set_alpn_protos),
+#endif
+ TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret),
+ TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation),
+ TEST_DECL(test_wolfSSL_SCR_Reconnect),
+ TEST_DECL(test_tls_ext_duplicate),
+#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
+ defined(HAVE_IO_TESTS_DEPENDENCIES)
+ TEST_DECL(test_wolfSSL_Tls13_ECH_params),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_Tls13_ECH),
+#endif
- TEST_DECL(test_wc_AesSetKey),
- TEST_DECL(test_wc_AesSetIV),
- TEST_DECL(test_wc_AesCbcEncryptDecrypt),
- TEST_DECL(test_wc_AesCtrEncryptDecrypt),
- TEST_DECL(test_wc_AesGcmSetKey),
- TEST_DECL(test_wc_AesGcmEncryptDecrypt),
- TEST_DECL(test_wc_AesGcmMixedEncDecLongIV),
- TEST_DECL(test_wc_GmacSetKey),
- TEST_DECL(test_wc_GmacUpdate),
- TEST_DECL(test_wc_InitRsaKey),
- TEST_DECL(test_wc_RsaPrivateKeyDecode),
- TEST_DECL(test_wc_RsaPublicKeyDecode),
- TEST_DECL(test_wc_RsaPublicKeyDecodeRaw),
- TEST_DECL(test_wc_MakeRsaKey),
- TEST_DECL(test_wc_SetKeyUsage),
+ TEST_DECL(test_wolfSSL_X509_TLS_version_test_1),
+ TEST_DECL(test_wolfSSL_X509_TLS_version_test_2),
- TEST_DECL(test_wc_CheckProbablePrime),
- TEST_DECL(test_wc_RsaPSS_Verify),
- TEST_DECL(test_wc_RsaPSS_VerifyCheck),
- TEST_DECL(test_wc_RsaPSS_VerifyCheckInline),
+ /* OCSP Stapling */
+ TEST_DECL(test_wolfSSL_UseOCSPStapling),
+ TEST_DECL(test_wolfSSL_UseOCSPStaplingV2),
+ TEST_DECL(test_self_signed_stapling),
- TEST_DECL(test_wc_SetMutexCb),
- TEST_DECL(test_wc_LockMutex_ex),
+ /* Multicast */
+ TEST_DECL(test_wolfSSL_mcast),
- TEST_DECL(test_wc_RsaKeyToDer),
- TEST_DECL(test_wc_RsaKeyToPublicDer),
- TEST_DECL(test_wc_RsaPublicEncryptDecrypt),
- TEST_DECL(test_wc_RsaPublicEncryptDecrypt_ex),
- TEST_DECL(test_wc_RsaEncryptSize),
- TEST_DECL(test_wc_RsaSSL_SignVerify),
- TEST_DECL(test_wc_RsaFlattenPublicKey),
- TEST_DECL(test_RsaDecryptBoundsCheck),
- TEST_DECL(test_wc_AesCcmSetKey),
- TEST_DECL(test_wc_AesCcmEncryptDecrypt),
- TEST_DECL(test_wc_InitDsaKey),
- TEST_DECL(test_wc_DsaSignVerify),
- TEST_DECL(test_wc_DsaPublicPrivateKeyDecode),
- TEST_DECL(test_wc_MakeDsaKey),
- TEST_DECL(test_wc_DsaKeyToDer),
- TEST_DECL(test_wc_DsaKeyToPublicDer),
- TEST_DECL(test_wc_DsaImportParamsRaw),
- TEST_DECL(test_wc_DsaImportParamsRawCheck),
- TEST_DECL(test_wc_DsaExportParamsRaw),
- TEST_DECL(test_wc_DsaExportKeyRaw),
+ TEST_DECL(test_wolfSSL_read_detect_TCP_disconnect),
- TEST_DECL(test_wc_SignatureGetSize_ecc),
- TEST_DECL(test_wc_SignatureGetSize_rsa),
- /*
- * test_wolfCrypt_Cleanup needs to come after the above wolfCrypt tests to
- * avoid memory leaks.
- */
- TEST_DECL(test_wolfCrypt_Cleanup),
+ TEST_DECL(test_wolfSSL_msgCb),
+ TEST_DECL(test_wolfSSL_either_side),
+ TEST_DECL(test_wolfSSL_DTLS_either_side),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_dtls_fragments),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_dtls_AEAD_limit),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_ignore_alert_before_cookie),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_dtls_bad_record),
+ /* Uses Assert in handshake callback. */
+ TEST_DECL(test_wolfSSL_dtls_stateless),
+ TEST_DECL(test_generate_cookie),
-#ifdef OPENSSL_EXTRA
- TEST_DECL(test_wolfSSL_EVP_get_cipherbynid),
- TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX),
- TEST_DECL(test_ED25519),
- TEST_DECL(test_ED448),
-#endif
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
- !defined(HAVE_SELFTEST) && \
- !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
- TEST_DECL(test_wc_ecc_get_curve_id_from_dp_params),
+#ifndef NO_BIO
+ /* Can't memory test as server hangs. */
+ TEST_DECL(test_wolfSSL_BIO_connect),
+ /* Can't memory test as server Asserts in thread. */
+ TEST_DECL(test_wolfSSL_BIO_accept),
+ TEST_DECL(test_wolfSSL_BIO_tls),
#endif
-#ifdef HAVE_HASHDRBG
-#ifdef TEST_RESEED_INTERVAL
- TEST_DECL(test_wc_RNG_GenerateBlock_Reseed),
-#endif
- TEST_DECL(test_wc_RNG_GenerateBlock),
+#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
+ TEST_DECL(test_DhCallbacks),
#endif
- TEST_DECL(test_get_rand_digit),
- TEST_DECL(test_get_digit_count),
- TEST_DECL(test_mp_cond_copy),
- TEST_DECL(test_mp_rand),
- TEST_DECL(test_get_digit),
- TEST_DECL(test_wc_export_int),
- TEST_DECL(test_wc_InitRngNonce),
- TEST_DECL(test_wc_InitRngNonce_ex),
- TEST_DECL(test_wc_ed25519_make_key),
- TEST_DECL(test_wc_ed25519_init),
- TEST_DECL(test_wc_ed25519_sign_msg),
- TEST_DECL(test_wc_ed25519_import_public),
- TEST_DECL(test_wc_ed25519_import_private_key),
- TEST_DECL(test_wc_ed25519_export),
- TEST_DECL(test_wc_ed25519_size),
- TEST_DECL(test_wc_ed25519_exportKey),
- TEST_DECL(test_wc_Ed25519PublicKeyToDer),
- TEST_DECL(test_wc_curve25519_init),
- TEST_DECL(test_wc_curve25519_size),
- TEST_DECL(test_wc_curve25519_export_key_raw),
- TEST_DECL(test_wc_curve25519_export_key_raw_ex),
- TEST_DECL(test_wc_curve25519_make_key),
- TEST_DECL(test_wc_curve25519_shared_secret_ex),
- TEST_DECL(test_wc_curve25519_make_pub),
- TEST_DECL(test_wc_curve25519_export_public_ex),
- TEST_DECL(test_wc_curve25519_export_private_raw_ex),
- TEST_DECL(test_wc_curve25519_import_private_raw_ex),
- TEST_DECL(test_wc_curve25519_import_private),
-
- TEST_DECL(test_wc_ed448_make_key),
- TEST_DECL(test_wc_ed448_init),
- TEST_DECL(test_wc_ed448_sign_msg),
- TEST_DECL(test_wc_ed448_import_public),
- TEST_DECL(test_wc_ed448_import_private_key),
- TEST_DECL(test_wc_ed448_export),
- TEST_DECL(test_wc_ed448_size),
- TEST_DECL(test_wc_ed448_exportKey),
- TEST_DECL(test_wc_Ed448PublicKeyToDer),
- TEST_DECL(test_wc_curve448_make_key),
- TEST_DECL(test_wc_curve448_shared_secret_ex),
- TEST_DECL(test_wc_curve448_export_public_ex),
- TEST_DECL(test_wc_curve448_export_private_raw_ex),
- TEST_DECL(test_wc_curve448_export_key_raw),
- TEST_DECL(test_wc_curve448_import_private_raw_ex),
- TEST_DECL(test_wc_curve448_import_private),
- TEST_DECL(test_wc_curve448_init),
- TEST_DECL(test_wc_curve448_size),
- TEST_DECL(test_wc_ecc_make_key),
- TEST_DECL(test_wc_ecc_init),
- TEST_DECL(test_wc_ecc_check_key),
- TEST_DECL(test_wc_ecc_get_generator),
- TEST_DECL(test_wc_ecc_size),
- TEST_DECL(test_wc_ecc_params),
- TEST_DECL(test_wc_ecc_signVerify_hash),
- TEST_DECL(test_wc_ecc_shared_secret),
- TEST_DECL(test_wc_ecc_export_x963),
- TEST_DECL(test_wc_ecc_export_x963_ex),
- TEST_DECL(test_wc_ecc_import_x963),
- TEST_DECL(ecc_import_private_key),
- TEST_DECL(test_wc_ecc_export_private_only),
- TEST_DECL(test_wc_ecc_rs_to_sig),
- TEST_DECL(test_wc_ecc_import_raw),
- TEST_DECL(test_wc_ecc_import_unsigned),
- TEST_DECL(test_wc_ecc_sig_size),
- TEST_DECL(test_wc_ecc_ctx_new),
- TEST_DECL(test_wc_ecc_ctx_reset),
- TEST_DECL(test_wc_ecc_ctx_set_peer_salt),
- TEST_DECL(test_wc_ecc_ctx_set_info),
- TEST_DECL(test_wc_ecc_encryptDecrypt),
- TEST_DECL(test_wc_ecc_del_point),
- TEST_DECL(test_wc_ecc_pointFns),
- TEST_DECL(test_wc_ecc_shared_secret_ssh),
- TEST_DECL(test_wc_ecc_verify_hash_ex),
- TEST_DECL(test_wc_ecc_mulmod),
- TEST_DECL(test_wc_ecc_is_valid_idx),
- TEST_DECL(test_wc_ecc_get_curve_id_from_oid),
- TEST_DECL(test_wc_ecc_sig_size_calc),
+#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+ TEST_DECL(test_export_keying_material),
+#endif
- TEST_DECL(test_ToTraditional),
- TEST_DECL(test_wc_EccPrivateKeyToDer),
- TEST_DECL(test_wc_DhPublicKeyDecode),
- TEST_DECL(test_wc_Ed25519KeyToDer),
- TEST_DECL(test_wc_Ed25519PrivateKeyToDer),
- TEST_DECL(test_wc_Ed448KeyToDer),
- TEST_DECL(test_wc_Ed448PrivateKeyToDer),
- TEST_DECL(test_wc_SetAuthKeyIdFromPublicKey_ex),
- TEST_DECL(test_wc_SetSubjectBuffer),
- TEST_DECL(test_wc_SetSubjectKeyIdFromPublicKey_ex),
+ /* Can't memory test as client/server Asserts in thread. */
+ TEST_DECL(test_ticket_and_psk_mixing),
+ /* Can't memory test as client/server Asserts in thread. */
+ TEST_DECL(test_prioritize_psk),
- TEST_DECL(test_wc_PKCS7_New),
- TEST_DECL(test_wc_PKCS7_Init),
- TEST_DECL(test_wc_PKCS7_InitWithCert),
- TEST_DECL(test_wc_PKCS7_EncodeData),
- TEST_DECL(test_wc_PKCS7_EncodeSignedData),
- TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex),
- TEST_DECL(test_wc_PKCS7_VerifySignedData),
- TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData),
- TEST_DECL(test_wc_PKCS7_EncodeEncryptedData),
- TEST_DECL(test_wc_PKCS7_Degenerate),
- TEST_DECL(test_wc_PKCS7_BER),
- TEST_DECL(test_PKCS7_signed_enveloped),
- TEST_DECL(test_wc_PKCS7_NoDefaultSignedAttribs),
- TEST_DECL(test_wc_PKCS7_SetOriEncryptCtx),
- TEST_DECL(test_wc_PKCS7_SetOriDecryptCtx),
- TEST_DECL(test_wc_PKCS7_DecodeCompressedData),
- TEST_DECL(test_wc_i2d_PKCS12),
- TEST_DECL(test_wolfSSL_CTX_LoadCRL),
- TEST_DECL(test_openssl_FIPS_drbg),
+ /* Can't memory test as client/server hangs. */
TEST_DECL(test_wc_CryptoCb),
+ /* Can't memory test as client/server hangs. */
TEST_DECL(test_wolfSSL_CTX_StaticMemory),
- TEST_DECL(test_wolfSSL_FIPS_mode),
-#ifdef WOLFSSL_DTLS
- TEST_DECL(test_wolfSSL_DtlsUpdateWindow),
- TEST_DECL(test_wolfSSL_DTLS_fragment_buckets),
-#endif
#if !defined(NO_FILESYSTEM) && \
defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
!defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
@@ -67886,41 +70141,51 @@ TEST_CASE testCases[] = {
#endif /* ! NO_RSA */
#endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
* !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) */
- /* Converted to use Expect. */
TEST_DECL(test_wolfSSL_CTX_set_ciphersuites),
- /* Converted to use Expect. */
TEST_DECL(test_wolfSSL_CRL_CERT_REVOKED_alert),
- /* Converted to use Expect. */
TEST_DECL(test_TLS_13_ticket_different_ciphers),
TEST_DECL(test_WOLFSSL_dtls_version_alert),
- TEST_DECL(test_ForceZero),
- TEST_DECL(test_wolfSSL_Cleanup),
#if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
&& defined(WOLFSSL_TLS13) && \
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
TEST_DECL(test_ticket_nonce_malloc),
#endif
-#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
- !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
- !defined(WOLFSSL_NO_CLIENT_AUTH))
- TEST_DECL(test_various_pathlen_chains),
-#endif
TEST_DECL(test_ticket_ret_create),
TEST_DECL(test_extra_alerts_wrong_cs),
TEST_DECL(test_extra_alerts_skip_hs),
TEST_DECL(test_extra_alerts_bad_psk),
+ /* Can't memory test as client/server Asserts. */
TEST_DECL(test_harden_no_secure_renegotiation),
- /* Converted to use Expect. */
TEST_DECL(test_override_alt_cert_chain),
+ TEST_DECL(test_rpk_set_xxx_cert_type),
+ TEST_DECL(test_tls13_rpk_handshake),
TEST_DECL(test_dtls13_bad_epoch_ch),
+ TEST_DECL(test_short_session_id),
TEST_DECL(test_wolfSSL_dtls13_null_cipher),
+ /* Can't memory test as client/server hangs. */
TEST_DECL(test_dtls_msg_from_other_peer),
TEST_DECL(test_dtls_ipv6_check),
- /* If at some point a stub get implemented this test should fail indicating
- * a need to implement a new test case
- */
- TEST_DECL(test_stubs_are_stubs)
+ TEST_DECL(test_wolfSSL_SCR_after_resumption),
+ TEST_DECL(test_dtls_no_extensions),
+ TEST_DECL(test_TLSX_CA_NAMES_bad_extension),
+ TEST_DECL(test_dtls_1_0_hvr_downgrade),
+ TEST_DECL(test_session_ticket_no_id),
+ TEST_DECL(test_session_ticket_hs_update),
+ TEST_DECL(test_dtls_downgrade_scr_server),
+ TEST_DECL(test_dtls_downgrade_scr),
+ TEST_DECL(test_dtls_client_hello_timeout_downgrade),
+ TEST_DECL(test_dtls_client_hello_timeout),
+ TEST_DECL(test_dtls_dropped_ccs),
+ TEST_DECL(test_certreq_sighash_algos),
+ TEST_DECL(test_revoked_loaded_int_cert),
+ TEST_DECL(test_dtls_frag_ch),
+ TEST_DECL(test_dtls13_frag_ch_pq),
+ TEST_DECL(test_dtls_empty_keyshare_with_cookie),
+ TEST_DECL(test_tls13_pq_groups),
+ TEST_DECL(test_dtls13_early_data),
+ /* This test needs to stay at the end to clean up any caches allocated. */
+ TEST_DECL(test_wolfSSL_Cleanup)
};
#define TEST_CASE_CNT (int)(sizeof(testCases) / sizeof(*testCases))
@@ -68018,12 +70283,28 @@ static const char* apitest_res_string(int res)
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
static double gettime_secs(void)
-{
- struct timeval tv;
- LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
+ #if defined(_MSC_VER) && defined(_WIN32)
+ {
+ /* there's no gettimeofday for Windows, so we'll use system time */
+ #define EPOCH_DIFF 11644473600LL
+ FILETIME currentFileTime;
+ GetSystemTimePreciseAsFileTime(&currentFileTime);
- return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
-}
+ ULARGE_INTEGER uli = { 0, 0 };
+ uli.LowPart = currentFileTime.dwLowDateTime;
+ uli.HighPart = currentFileTime.dwHighDateTime;
+
+ /* Convert to seconds since Unix epoch */
+ return (double)((uli.QuadPart - (EPOCH_DIFF * 10000000)) / 10000000.0);
+ }
+ #else
+ {
+ struct timeval tv;
+ LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
+
+ return (double)tv.tv_sec + (double)tv.tv_usec / 1000000.0;
+ }
+ #endif
#endif
int ApiTest(void)
@@ -68034,7 +70315,6 @@ int ApiTest(void)
#ifndef WOLFSSL_UNIT_TEST_NO_TIMING
double timeDiff;
#endif
- EXPECT_DECLS;
printf(" Begin API Tests\n");
fflush(stdout);
@@ -68054,8 +70334,26 @@ int ApiTest(void)
#endif
}
+ #ifdef WOLFSSL_DUMP_MEMIO_STREAM
+ if (res == 0) {
+ if (create_tmp_dir(tmpDirName, sizeof(tmpDirName) - 1) == NULL) {
+ printf("failed to create tmp dir\n");
+ res = 1;
+ }
+ else {
+ tmpDirNameSet = 1;
+ }
+ }
+ #endif
+
if (res == 0) {
for (i = 0; i < TEST_CASE_CNT; ++i) {
+ EXPECT_DECLS;
+
+ #ifdef WOLFSSL_DUMP_MEMIO_STREAM
+ currentTestName = testCases[i].name;
+ #endif
+
/* When not testing all cases then skip if not marked for running.
*/
if (!testAll && !testCases[i].run) {
@@ -68120,6 +70418,18 @@ int ApiTest(void)
fflush(stdout);
}
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+ if (tmpDirNameSet) {
+ printf("\nBinary dumps of the memio streams can be found in the\n"
+ "%s directory. This can be imported into\n"
+ "Wireshark by transforming the file with\n"
+ "\tod -Ax -tx1 -v stream.dump > stream.dump.hex\n"
+ "And then loading test_output.dump.hex into Wireshark using\n"
+ "the \"Import from Hex Dump...\" option and selecting the\n"
+ "TCP encapsulation option.\n", tmpDirName);
+ }
+#endif
+
printf(" End API Tests\n");
fflush(stdout);
return res;
diff --git a/extra/wolfssl/wolfssl/tests/include.am b/extra/wolfssl/wolfssl/tests/include.am
index 54c40f63..5ed4fe40 100644
--- a/extra/wolfssl/wolfssl/tests/include.am
+++ b/extra/wolfssl/wolfssl/tests/include.am
@@ -29,7 +29,9 @@ EXTRA_DIST += tests/unit.h \
tests/test-tls13-pq.conf \
tests/test-tls13-pq-2.conf \
tests/test-dtls13-pq.conf \
+ tests/test-dtls13-pq-frag.conf \
tests/test-dtls13-pq-2.conf \
+ tests/test-dtls13-pq-2-frag.conf \
tests/test-psk.conf \
tests/test-psk-no-id.conf \
tests/test-psk-no-id-sha2.conf \
@@ -66,7 +68,9 @@ EXTRA_DIST += tests/unit.h \
tests/test-dhprime.conf \
tests/test-p521.conf \
tests/test-ecc-cust-curves.conf \
+ tests/test-sm2.conf \
tests/NCONF_test.cnf \
tests/test-tls-downgrade.conf \
- tests/TXT_DB.txt
+ tests/TXT_DB.txt \
+ tests/utils.h
DISTCLEANFILES+= tests/.libs/unit.test
diff --git a/extra/wolfssl/wolfssl/tests/quic.c b/extra/wolfssl/wolfssl/tests/quic.c
index 0661fda7..a0443439 100644
--- a/extra/wolfssl/wolfssl/tests/quic.c
+++ b/extra/wolfssl/wolfssl/tests/quic.c
@@ -543,10 +543,11 @@ static int ctx_send_alert(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t
{
QuicTestContext *ctx = (QuicTestContext*)wolfSSL_get_app_data(ssl);
+ AssertNotNull(ctx);
+
if (ctx->verbose) {
printf("[%s] send_alert: level=%d, err=%d\n", ctx->name, level, err);
}
- AssertNotNull(ctx);
ctx->alert_level = level;
ctx->alert = alert;
return 1;
@@ -559,6 +560,8 @@ static int ctx_session_ticket_cb(WOLFSSL* ssl,
{
QuicTestContext *ctx = (QuicTestContext*)wolfSSL_get_app_data(ssl);
+ AssertNotNull(ctx);
+
(void)cb_ctx;
if (ticketSz < 0 || (size_t)ticketSz > sizeof(ctx->ticket)) {
printf("SESSION TICKET callback: ticket given is too large: %d bytes\n", ticketSz);
@@ -1154,7 +1157,7 @@ static int test_quic_server_hello(int verbose) {
/* we have the app secrets */
check_secrets(&tclient, wolfssl_encryption_application, 32, 32);
check_secrets(&tserver, wolfssl_encryption_application, 32, 32);
- /* verify client and server have the same secrets establishd */
+ /* verify client and server have the same secrets established */
assert_secrets_EQ(&tclient, &tserver, wolfssl_encryption_handshake);
assert_secrets_EQ(&tclient, &tserver, wolfssl_encryption_application);
/* AEAD cipher should be known */
@@ -1535,6 +1538,8 @@ static int new_session_cb(WOLFSSL *ssl, WOLFSSL_SESSION *session)
int ret = 0;
int sz;
+ AssertNotNull(ctx);
+
sz = wolfSSL_i2d_SSL_SESSION(session, NULL);
if (sz <= 0) {
printf("[%s] session serialization error: %d <- ", ctx->name, sz);
diff --git a/extra/wolfssl/wolfssl/tests/srp.c b/extra/wolfssl/wolfssl/tests/srp.c
index fa91237f..ef6aaad6 100644
--- a/extra/wolfssl/wolfssl/tests/srp.c
+++ b/extra/wolfssl/wolfssl/tests/srp.c
@@ -208,6 +208,7 @@ static void test_SrpSetPassword(void)
byte v[64];
word32 vSz = 0;
+ XMEMSET(v, 0, sizeof(v));
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
@@ -262,6 +263,7 @@ static void test_SrpGetPublic(void)
byte pub[64];
word32 pubSz = 0;
+ XMEMSET(pub, 0, sizeof(pub));
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
@@ -318,6 +320,8 @@ static void test_SrpComputeKey(void)
word32 clientPubKeySz = 64;
word32 serverPubKeySz = 64;
+ XMEMSET(clientPubKey, 0, sizeof(clientPubKey));
+ XMEMSET(serverPubKey, 0, sizeof(serverPubKey));
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
@@ -388,6 +392,10 @@ static void test_SrpGetProofAndVerify(void)
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
+ XMEMSET(clientPubKey, 0, sizeof(clientPubKey));
+ XMEMSET(serverPubKey, 0, sizeof(serverPubKey));
+ XMEMSET(clientProof, 0, sizeof(clientProof));
+ XMEMSET(serverProof, 0, sizeof(serverProof));
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
@@ -792,6 +800,10 @@ static void test_SrpKeyGenFunc_cb(void)
};
#endif
+ XMEMSET(clientPubKey, 0, sizeof(clientPubKey));
+ XMEMSET(serverPubKey, 0, sizeof(serverPubKey));
+ XMEMSET(clientProof, 0, sizeof(clientProof));
+ XMEMSET(serverProof, 0, sizeof(serverProof));
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA512, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA512, SRP_SERVER_SIDE));
diff --git a/extra/wolfssl/wolfssl/tests/suites.c b/extra/wolfssl/wolfssl/tests/suites.c
index f97d7edd..76aa4131 100644
--- a/extra/wolfssl/wolfssl/tests/suites.c
+++ b/extra/wolfssl/wolfssl/tests/suites.c
@@ -61,7 +61,8 @@
#include "examples/client/client.h"
#include "examples/server/server.h"
-#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+ !defined(SINGLE_THREADED)
static WOLFSSL_CTX* cipherSuiteCtx = NULL;
static char nonblockFlag[] = "-N";
static char noVerifyFlag[] = "-d";
@@ -303,12 +304,8 @@ static int execute_test_case(int svr_argc, char** svr_argv,
int forceCliDefCipherList)
{
#if defined(WOLFSSL_TIRTOS) || defined(WOLFSSL_SRTP)
- func_args cliArgs = {0};
- func_args svrArgs = {0};
- cliArgs.argc = cli_argc;
- cliArgs.argv = cli_argv;
- svrArgs.argc = svr_argc;
- svrArgs.argv = svr_argv;
+ func_args cliArgs = {0, NULL, 0, NULL, NULL, NULL};
+ func_args svrArgs = {0, NULL, 0, NULL, NULL, NULL};
#else
func_args cliArgs = {cli_argc, cli_argv, 0, NULL, NULL};
func_args svrArgs = {svr_argc, svr_argv, 0, NULL, NULL};
@@ -329,9 +326,17 @@ static int execute_test_case(int svr_argc, char** svr_argv,
int reqClientCert;
#endif
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
srtp_test_helper srtp_helper;
#endif
+
+#if defined(WOLFSSL_TIRTOS) || defined(WOLFSSL_SRTP)
+ cliArgs.argc = cli_argc;
+ cliArgs.argv = cli_argv;
+ svrArgs.argc = svr_argc;
+ svrArgs.argv = svr_argv;
+#endif
+
/* Is Valid Cipher and Version Checks */
/* build command list for the Is checks below */
commandLine[0] = '\0';
@@ -460,7 +465,7 @@ static int execute_test_case(int svr_argc, char** svr_argv,
InitTcpReady(&ready);
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
srtp_helper_init(&srtp_helper);
cliArgs.srtp_helper = &srtp_helper;
svrArgs.srtp_helper = &srtp_helper;
@@ -580,7 +585,7 @@ static int execute_test_case(int svr_argc, char** svr_argv,
#endif
FreeTcpReady(&ready);
-#if defined (WOLFSSL_SRTP) &&!defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined (WOLFSSL_SRTP) && defined(WOLFSSL_COND)
srtp_helper_free(&srtp_helper);
#endif
@@ -791,7 +796,8 @@ static void test_harness(void* vargs)
int SuiteTest(int argc, char** argv)
{
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
- !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+ !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
+ !defined(SINGLE_THREADED)
func_args args;
char argv0[3][80];
char* myArgv[3];
@@ -964,10 +970,31 @@ int SuiteTest(int argc, char** argv)
args.return_code = EXIT_FAILURE;
goto exit;
}
+ #ifdef WOLFSSL_DTLS_CH_FRAG
+ /* add DTLSv13 pq frag tests */
+ XSTRLCPY(argv0[1], "tests/test-dtls13-pq-frag.conf", sizeof(argv0[1]));
+ printf("starting DTLSv13 post-quantum groups tests with fragmentation\n");
+ test_harness(&args);
+ if (args.return_code != 0) {
+ printf("error from script %d\n", args.return_code);
+ args.return_code = EXIT_FAILURE;
+ goto exit;
+ }
+ #endif
#ifdef HAVE_LIBOQS
- /* add DTLSv13 pq tests */
+ /* add DTLSv13 pq 2 tests */
XSTRLCPY(argv0[1], "tests/test-dtls13-pq-2.conf", sizeof(argv0[1]));
- printf("starting DTLSv13 post-quantum groups tests\n");
+ printf("starting DTLSv13 post-quantum 2 groups tests\n");
+ test_harness(&args);
+ if (args.return_code != 0) {
+ printf("error from script %d\n", args.return_code);
+ args.return_code = EXIT_FAILURE;
+ goto exit;
+ }
+ #ifdef WOLFSSL_DTLS_CH_FRAG
+ /* add DTLSv13 pq 2 frag tests */
+ XSTRLCPY(argv0[1], "tests/test-dtls13-pq-2-frag.conf", sizeof(argv0[1]));
+ printf("starting DTLSv13 post-quantum 2 groups tests with fragmentation\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
@@ -976,6 +1003,7 @@ int SuiteTest(int argc, char** argv)
}
#endif
#endif
+ #endif
#endif
#if defined(WC_RSA_PSS) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
@@ -1275,6 +1303,18 @@ int SuiteTest(int argc, char** argv)
}
#endif /* HAVE_RSA and HAVE_ECC */
#endif /* !WC_STRICT_SIG */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+ (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM))
+ /* add SM2/SM3/SM4 test suites */
+ XSTRLCPY(argv0[1], "tests/test-sm2.conf", sizeof(argv0[1]));
+ printf("starting SM2/SM3/SM4 cipher suite tests\n");
+ test_harness(&args);
+ if (args.return_code != 0) {
+ printf("error from script %d\n", args.return_code);
+ args.return_code = EXIT_FAILURE;
+ goto exit;
+ }
+#endif
#ifndef NO_PSK
#ifndef WOLFSSL_NO_TLS12
#if !defined(NO_RSA) || defined(HAVE_ECC)
diff --git a/extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf
new file mode 100644
index 00000000..6ea8317d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf
@@ -0,0 +1,23 @@
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P384_KYBER_LEVEL3
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P384_KYBER_LEVEL3
+
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P521_KYBER_LEVEL5
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P521_KYBER_LEVEL5
diff --git a/extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf
new file mode 100644
index 00000000..01aaf477
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf
@@ -0,0 +1,24 @@
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL3
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL3
+
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL5
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL5
+
diff --git a/extra/wolfssl/wolfssl/tests/test-sm2.conf b/extra/wolfssl/wolfssl/tests/test-sm2.conf
new file mode 100644
index 00000000..d492e252
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/test-sm2.conf
@@ -0,0 +1,189 @@
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-A ./certs/sm2/client-sm2.pem
+-V
+# Remove -V when CRL for SM2 certificates available.
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/client-sm2.pem
+-k ./certs/sm2/client-sm2-priv.pem
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-GCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-GCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# Enable when CRL for SM2 certificates available.
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-A ./certs/sm2/client-sm2.pem
+-V
+# Remove -V when CRL for SM2 certificates available.
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/client-sm2.pem
+-k ./certs/sm2/client-sm2-priv.pem
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# Enable when CRL for SM2 certificates available.
+# server TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-A ./certs/sm2/client-sm2.pem
+-V
+# Remove -V when CRL for SM2 certificates available.
+
+# client TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-c ./certs/sm2/client-sm2.pem
+-k ./certs/sm2/client-sm2-priv.pem
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# GmSSL certificates and keys
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-A ./certs/sm2/self-sm2-cert.pem
+-V
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-d
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-A ./certs/sm2/self-sm2-cert.pem
+-V
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-C
diff --git a/extra/wolfssl/wolfssl/tests/unit.c b/extra/wolfssl/wolfssl/tests/unit.c
index 0f54f7a7..00bac225 100644
--- a/extra/wolfssl/wolfssl/tests/unit.c
+++ b/extra/wolfssl/wolfssl/tests/unit.c
@@ -27,6 +27,7 @@
#endif
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#include <stdio.h>
#include <tests/unit.h>
@@ -270,75 +271,3 @@ exit:
return ret;
}
-
-
-
-void wait_tcp_ready(func_args* args)
-{
-#ifdef SINGLE_THREADED
- (void)args;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_mutex_lock(&args->signal->mutex));
-
- if (!args->signal->ready)
- PTHREAD_CHECK_RET(pthread_cond_wait(&args->signal->cond,
- &args->signal->mutex));
- args->signal->ready = 0; /* reset */
-
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&args->signal->mutex));
-#else
- (void)args;
-#endif
-}
-
-
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
-{
-#ifdef SINGLE_THREADED
- (void)fun;
- (void)args;
- (void)thread;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_create(thread, 0, fun, args));
- return;
-#elif defined (WOLFSSL_TIRTOS)
- /* Initialize the defaults and set the parameters. */
- Task_Params taskParams;
- Task_Params_init(&taskParams);
- taskParams.arg0 = (UArg)args;
- taskParams.stackSize = 65535;
- *thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
- if (*thread == NULL) {
- fprintf(stderr, "Failed to create new Task\n");
- }
- Task_yield();
-#else
- *thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
-#endif
-}
-
-
-void join_thread(THREAD_TYPE thread)
-{
-#ifdef SINGLE_THREADED
- (void)thread;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_join(thread, 0));
-#elif defined (WOLFSSL_TIRTOS)
- while(1) {
- if (Task_getMode(thread) == Task_Mode_TERMINATED) {
- Task_sleep(5);
- break;
- }
- Task_yield();
- }
-#else
- int res = WaitForSingleObject((HANDLE)thread, INFINITE);
- assert(res == WAIT_OBJECT_0);
- res = CloseHandle((HANDLE)thread);
- assert(res);
- (void)res; /* Suppress un-used variable warning */
-#endif
-}
-
-
diff --git a/extra/wolfssl/wolfssl/tests/unit.h b/extra/wolfssl/wolfssl/tests/unit.h
index 53e25ab7..185fc22d 100644
--- a/extra/wolfssl/wolfssl/tests/unit.h
+++ b/extra/wolfssl/wolfssl/tests/unit.h
@@ -27,7 +27,7 @@
#include <wolfssl/test.h> /* thread and tcp stuff */
#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
-#define XABORT()
+#define XABORT() WC_DO_NOTHING
#else
#define XABORT() abort()
#endif
@@ -99,17 +99,17 @@
#else
#define AssertPtr(x, y, op, er) do { \
- PRAGMA_GCC_DIAG_PUSH; \
+ PRAGMA_GCC_DIAG_PUSH \
/* remarkably, without this inhibition, */ \
/* the _Pragma()s make the declarations warn. */ \
- PRAGMA_GCC("GCC diagnostic ignored \"-Wdeclaration-after-statement\""); \
+ PRAGMA_GCC("GCC diagnostic ignored \"-Wdeclaration-after-statement\"") \
/* inhibit "ISO C forbids conversion of function pointer */ \
/* to object pointer type [-Werror=pedantic]" */ \
- PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\""); \
+ PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"") \
void* _x = (void*)(x); \
void* _y = (void*)(y); \
Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y)); \
- PRAGMA_GCC_DIAG_POP; \
+ PRAGMA_GCC_DIAG_POP \
} while(0)
#endif
@@ -123,38 +123,40 @@
#define EXPECT_DECLS \
- int _ret = 0
+ int _ret = TEST_SKIPPED
#define EXPECT_RESULT() \
- ((_ret == 0) ? TEST_SUCCESS : TEST_FAIL)
+ _ret
#define EXPECT_SUCCESS() \
- (_ret == 0)
+ (_ret == TEST_SUCCESS)
#define EXPECT_FAIL() \
- (_ret != 0)
+ (_ret == TEST_FAIL)
#define ExpFail(description, result) do { \
printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
fputs("\n expected: ", stdout); printf description; \
fputs("\n result: ", stdout); printf result; fputs("\n\n", stdout); \
fflush(stdout); \
- _ret = -1; \
+ _ret = TEST_FAIL; \
} while (0)
-#define Expect(test, description, result) \
- if ((_ret == 0) && (!(test))) ExpFail(description, result)
+#define Expect(test, description, result) do { \
+ if (_ret != TEST_FAIL) { if (!(test)) ExpFail(description, result); \
+ else _ret = TEST_SUCCESS; } \
+} while (0)
#define ExpectTrue(x) Expect( (x), ("%s is true", #x), (#x " => FALSE"))
#define ExpectFalse(x) Expect(!(x), ("%s is false", #x), (#x " => TRUE"))
#define ExpectNotNull(x) Expect( (x), ("%s is not null", #x), (#x " => NULL"))
#define ExpectNull(x) do { \
- if (_ret == 0) { \
+ if (_ret != TEST_FAIL) { \
PEDANTIC_EXTENSION void* _x = (void*)(x); \
Expect(!_x, ("%s is null", #x), (#x " => %p", _x)); \
} \
} while(0)
#define ExpectInt(x, y, op, er) do { \
- if (_ret == 0) { \
+ if (_ret != TEST_FAIL) { \
int _x = (int)(x); \
int _y = (int)(y); \
Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y));\
@@ -169,10 +171,10 @@
#define ExpectIntLE(x, y) ExpectInt(x, y, <=, >)
#define ExpectStr(x, y, op, er) do { \
- if (_ret == 0) { \
+ if (_ret != TEST_FAIL) { \
const char* _x = (const char*)(x); \
const char* _y = (const char*)(y); \
- int _z = (_x && _y) ? strcmp(_x, _y) : -1; \
+ int _z = (_x && _y) ? XSTRCMP(_x, _y) : -1; \
Expect(_z op 0, ("%s " #op " %s", #x, #y), \
("\"%s\" " #er " \"%s\"", _x, _y));\
} \
@@ -186,18 +188,18 @@
#define ExpectStrLE(x, y) ExpectStr(x, y, <=, >)
#define ExpectPtr(x, y, op, er) do { \
- if (_ret == 0) { \
- PRAGMA_DIAG_PUSH; \
+ if (_ret != TEST_FAIL) { \
+ PRAGMA_DIAG_PUSH \
/* remarkably, without this inhibition, */ \
/* the _Pragma()s make the declarations warn. */ \
- PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\""); \
+ PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\"") \
/* inhibit "ISO C forbids conversion of function pointer */ \
/* to object pointer type [-Werror=pedantic]" */ \
- PRAGMA("GCC diagnostic ignored \"-Wpedantic\""); \
+ PRAGMA("GCC diagnostic ignored \"-Wpedantic\"") \
void* _x = (void*)(x); \
void* _y = (void*)(y); \
Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y));\
- PRAGMA_DIAG_POP; \
+ PRAGMA_DIAG_POP \
} \
} while(0)
@@ -209,7 +211,7 @@
#define ExpectPtrLE(x, y) ExpectPtr(x, y, <=, >)
#define ExpectBuf(x, y, z, op, er) do { \
- if (_ret == 0) { \
+ if (_ret != TEST_FAIL) { \
const byte* _x = (const byte*)(x); \
const byte* _y = (const byte*)(y); \
int _z = (int)(z); \
@@ -222,6 +224,74 @@
#define ExpectBufEQ(x, y, z) ExpectBuf(x, y, z, ==, !=)
#define ExpectBufNE(x, y, z) ExpectBuf(x, y, z, !=, ==)
+#define ExpectFail() ExpectTrue(0)
+
+
+#define DoExpectNull(x) do { \
+ PEDANTIC_EXTENSION void* _x = (void*)(x); \
+ Expect(!_x, ("%s is null", #x), (#x " => %p", _x)); \
+} while(0)
+
+#define DoExpectInt(x, y, op, er) do { \
+ int _x = (int)(x); \
+ int _y = (int)(y); \
+ Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y)); \
+} while(0)
+
+#define DoExpectIntEQ(x, y) DoExpectInt(x, y, ==, !=)
+#define DoExpectIntNE(x, y) DoExpectInt(x, y, !=, ==)
+#define DoExpectIntGT(x, y) DoExpectInt(x, y, >, <=)
+#define DoExpectIntLT(x, y) DoExpectInt(x, y, <, >=)
+#define DoExpectIntGE(x, y) DoExpectInt(x, y, >=, <)
+#define DoExpectIntLE(x, y) DoExpectInt(x, y, <=, >)
+
+#define DoExpectStr(x, y, op, er) do { \
+ const char* _x = (const char*)(x); \
+ const char* _y = (const char*)(y); \
+ int _z = (_x && _y) ? strcmp(_x, _y) : -1; \
+ Expect(_z op 0, ("%s " #op " %s", #x, #y), \
+ ("\"%s\" " #er " \"%s\"", _x, _y));\
+} while(0)
+
+#define DoExpectStrEQ(x, y) DoExpectStr(x, y, ==, !=)
+#define DoExpectStrNE(x, y) DoExpectStr(x, y, !=, ==)
+#define DoExpectStrGT(x, y) DoExpectStr(x, y, >, <=)
+#define DoExpectStrLT(x, y) DoExpectStr(x, y, <, >=)
+#define DoExpectStrGE(x, y) DoExpectStr(x, y, >=, <)
+#define DoExpectStrLE(x, y) DoExpectStr(x, y, <=, >)
+
+#define DoExpectPtr(x, y, op, er) do { \
+ PRAGMA_DIAG_PUSH \
+ /* remarkably, without this inhibition, */ \
+ /* the _Pragma()s make the declarations warn. */ \
+ PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\"") \
+ /* inhibit "ISO C forbids conversion of function pointer */ \
+ /* to object pointer type [-Werror=pedantic]" */ \
+ PRAGMA("GCC diagnostic ignored \"-Wpedantic\"") \
+ void* _x = (void*)(x); \
+ void* _y = (void*)(y); \
+ Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y)); \
+ PRAGMA_DIAG_POP \
+} while(0)
+
+#define DoExpectPtrEq(x, y) DoExpectPtr(x, y, ==, !=)
+#define DoExpectPtrNE(x, y) DoExpectPtr(x, y, !=, ==)
+#define DoExpectPtrGT(x, y) DoExpectPtr(x, y, >, <=)
+#define DoExpectPtrLT(x, y) DoExpectPtr(x, y, <, >=)
+#define DoExpectPtrGE(x, y) DoExpectPtr(x, y, >=, <)
+#define DoExpectPtrLE(x, y) DoExpectPtr(x, y, <=, >)
+
+#define DoExpectBuf(x, y, z, op, er) do { \
+ const byte* _x = (const byte*)(x); \
+ const byte* _y = (const byte*)(y); \
+ int _z = (int)(z); \
+ int _w = ((_x) && (_y)) ? XMEMCMP(_x, _y, _z) : -1; \
+ Expect(_w op 0, ("%s " #op " %s for %s", #x, #y, #z), \
+ ("\"%p\" " #er " \"%p\" for \"%d\"", _x, _y, _z));\
+} while(0)
+
+#define DoExpectBufEQ(x, y, z) DoExpectBuf(x, y, z, ==, !=)
+#define DoExpectBufNE(x, y, z) DoExpectBuf(x, y, z, !=, ==)
void ApiTest_PrintTestCases(void);
int ApiTest_RunIdx(int idx);
diff --git a/extra/wolfssl/wolfssl/tests/utils.h b/extra/wolfssl/wolfssl/tests/utils.h
new file mode 100644
index 00000000..46b16e2c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/utils.h
@@ -0,0 +1,385 @@
+/* utils.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <tests/unit.h>
+
+#ifndef NO_FILESYSTEM
+
+#ifdef _MSC_VER
+#include <direct.h>
+#endif
+
+#define TMP_DIR_PREFIX "tmpDir-"
+/* len is length of tmpDir name, assuming
+ * len does not include null terminating character */
+char* create_tmp_dir(char *tmpDir, int len)
+{
+ if (len < (int)XSTR_SIZEOF(TMP_DIR_PREFIX))
+ return NULL;
+
+ XMEMCPY(tmpDir, TMP_DIR_PREFIX, XSTR_SIZEOF(TMP_DIR_PREFIX));
+
+ if (mymktemp(tmpDir, len, len - XSTR_SIZEOF(TMP_DIR_PREFIX)) == NULL)
+ return NULL;
+
+#ifdef _MSC_VER
+ if (_mkdir(tmpDir) != 0)
+ return NULL;
+#elif defined(__MINGW32__)
+ if (mkdir(tmpDir) != 0)
+ return NULL;
+#else
+ if (mkdir(tmpDir, 0700) != 0)
+ return NULL;
+#endif
+
+ return tmpDir;
+}
+
+int rem_dir(const char* dirName)
+{
+#ifdef _MSC_VER
+ if (_rmdir(dirName) != 0)
+ return -1;
+#else
+ if (rmdir(dirName) != 0)
+ return -1;
+#endif
+ return 0;
+}
+
+int rem_file(const char* fileName)
+{
+#ifdef _MSC_VER
+ if (_unlink(fileName) != 0)
+ return -1;
+#else
+ if (unlink(fileName) != 0)
+ return -1;
+#endif
+ return 0;
+}
+
+int copy_file(const char* in, const char* out)
+{
+ byte buf[100];
+ XFILE inFile = XBADFILE;
+ XFILE outFile = XBADFILE;
+ size_t sz;
+ int ret = -1;
+
+ inFile = XFOPEN(in, "rb");
+ if (inFile == XBADFILE)
+ goto cleanup;
+
+ outFile = XFOPEN(out, "wb");
+ if (outFile == XBADFILE)
+ goto cleanup;
+
+ while ((sz = XFREAD(buf, 1, sizeof(buf), inFile)) != 0) {
+ if (XFWRITE(buf, 1, sz, outFile) != sz)
+ goto cleanup;
+ }
+
+ ret = 0;
+cleanup:
+ if (inFile != XBADFILE)
+ XFCLOSE(inFile);
+ if (outFile != XBADFILE)
+ XFCLOSE(outFile);
+ return ret;
+}
+#endif /* !NO_FILESYSTEM */
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
+ !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
+
+/* This set of memio functions allows for more fine tuned control of the TLS
+ * connection operations. For new tests, try to use ssl_memio first. */
+
+/* To dump the memory in gdb use
+ * dump memory client.bin test_ctx.c_buff test_ctx.c_buff+test_ctx.c_len
+ * dump memory server.bin test_ctx.s_buff test_ctx.s_buff+test_ctx.s_len
+ * This can be imported into Wireshark by transforming the file with
+ * od -Ax -tx1 -v client.bin > client.bin.hex
+ * od -Ax -tx1 -v server.bin > server.bin.hex
+ * And then loading test_output.dump.hex into Wireshark using the
+ * "Import from Hex Dump..." option ion and selecting the TCP
+ * encapsulation option.
+ */
+
+#define HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES
+
+#define TEST_MEMIO_BUF_SZ (64 * 1024)
+struct test_memio_ctx
+{
+ byte c_buff[TEST_MEMIO_BUF_SZ];
+ int c_len;
+ const char* c_ciphers;
+ byte s_buff[TEST_MEMIO_BUF_SZ];
+ int s_len;
+ const char* s_ciphers;
+};
+
+int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
+ int max_rounds, int *rounds);
+int test_memio_setup(struct test_memio_ctx *ctx,
+ WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
+ method_provider method_c, method_provider method_s);
+
+static WC_INLINE int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
+ void *ctx)
+{
+ struct test_memio_ctx *test_ctx;
+ byte *buf;
+ int *len;
+
+ test_ctx = (struct test_memio_ctx*)ctx;
+
+ if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
+ buf = test_ctx->c_buff;
+ len = &test_ctx->c_len;
+ }
+ else {
+ buf = test_ctx->s_buff;
+ len = &test_ctx->s_len;
+ }
+
+ if ((unsigned)(*len + sz) > TEST_MEMIO_BUF_SZ)
+ return WOLFSSL_CBIO_ERR_WANT_WRITE;
+
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+ {
+ WOLFSSL_BIO *dump_file = wolfSSL_BIO_new_file("test_memio.dump", "a");
+ if (dump_file != NULL) {
+ (void)wolfSSL_BIO_write(dump_file, data, sz);
+ wolfSSL_BIO_free(dump_file);
+ }
+ }
+#endif
+ XMEMCPY(buf + *len, data, sz);
+ *len += sz;
+
+ return sz;
+}
+
+static WC_INLINE int test_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
+ void *ctx)
+{
+ struct test_memio_ctx *test_ctx;
+ int read_sz;
+ byte *buf;
+ int *len;
+
+ test_ctx = (struct test_memio_ctx*)ctx;
+
+ if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
+ buf = test_ctx->s_buff;
+ len = &test_ctx->s_len;
+ }
+ else {
+ buf = test_ctx->c_buff;
+ len = &test_ctx->c_len;
+ }
+
+ if (*len == 0)
+ return WOLFSSL_CBIO_ERR_WANT_READ;
+
+ read_sz = sz < *len ? sz : *len;
+
+ XMEMCPY(data, buf, read_sz);
+ XMEMMOVE(buf, buf + read_sz, *len - read_sz);
+
+ *len -= read_sz;
+
+ return read_sz;
+}
+
+int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
+ int max_rounds, int *rounds)
+{
+ byte handshake_complete = 0, hs_c = 0, hs_s = 0;
+ int ret, err;
+
+ if (rounds != NULL)
+ *rounds = 0;
+ while (!handshake_complete && max_rounds > 0) {
+ if (!hs_c) {
+ wolfSSL_SetLoggingPrefix("client");
+ ret = wolfSSL_connect(ssl_c);
+ wolfSSL_SetLoggingPrefix(NULL);
+ if (ret == WOLFSSL_SUCCESS) {
+ hs_c = 1;
+ }
+ else {
+ err = wolfSSL_get_error(ssl_c, ret);
+ if (err != WOLFSSL_ERROR_WANT_READ &&
+ err != WOLFSSL_ERROR_WANT_WRITE)
+ return -1;
+ }
+ }
+ if (!hs_s) {
+ wolfSSL_SetLoggingPrefix("server");
+ ret = wolfSSL_accept(ssl_s);
+ wolfSSL_SetLoggingPrefix(NULL);
+ if (ret == WOLFSSL_SUCCESS) {
+ hs_s = 1;
+ }
+ else {
+ err = wolfSSL_get_error(ssl_s, ret);
+ if (err != WOLFSSL_ERROR_WANT_READ &&
+ err != WOLFSSL_ERROR_WANT_WRITE)
+ return -1;
+ }
+ }
+ handshake_complete = hs_c && hs_s;
+ max_rounds--;
+ if (rounds != NULL)
+ *rounds = *rounds + 1;
+ }
+
+ if (!handshake_complete)
+ return -1;
+
+ return 0;
+}
+
+int test_memio_setup(struct test_memio_ctx *ctx,
+ WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
+ method_provider method_c, method_provider method_s)
+{
+ int ret;
+
+ if (ctx_c != NULL && *ctx_c == NULL) {
+ *ctx_c = wolfSSL_CTX_new(method_c());
+ if (*ctx_c == NULL)
+ return -1;
+#ifndef NO_CERTS
+ ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
+ if (ret != WOLFSSL_SUCCESS)
+ return -1;
+#endif /* NO_CERTS */
+ wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
+ wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
+ if (ctx->c_ciphers != NULL) {
+ ret = wolfSSL_CTX_set_cipher_list(*ctx_c, ctx->c_ciphers);
+ if (ret != WOLFSSL_SUCCESS)
+ return -1;
+ }
+ }
+
+ if (ctx_s != NULL && *ctx_s == NULL) {
+ *ctx_s = wolfSSL_CTX_new(method_s());
+ if (*ctx_s == NULL)
+ return -1;
+#ifndef NO_CERTS
+ ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
+ WOLFSSL_FILETYPE_PEM);
+ if (ret != WOLFSSL_SUCCESS)
+ return- -1;
+ ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
+ WOLFSSL_FILETYPE_PEM);
+ if (ret != WOLFSSL_SUCCESS)
+ return -1;
+#endif
+ wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
+ wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
+ if (ctx->s_ciphers != NULL) {
+ ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
+ if (ret != WOLFSSL_SUCCESS)
+ return -1;
+ }
+ }
+
+ if (ctx_c != NULL && ssl_c != NULL) {
+ *ssl_c = wolfSSL_new(*ctx_c);
+ if (*ssl_c == NULL)
+ return -1;
+ wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
+ wolfSSL_SetIOReadCtx(*ssl_c, ctx);
+ }
+ if (ctx_s != NULL && ssl_s != NULL) {
+ *ssl_s = wolfSSL_new(*ctx_s);
+ if (*ssl_s == NULL)
+ return -1;
+ wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
+ wolfSSL_SetIOReadCtx(*ssl_s, ctx);
+#if !defined(NO_DH)
+ SetDH(*ssl_s);
+#endif
+ }
+
+ return 0;
+}
+#endif
+
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_COND)
+void signal_ready(tcp_ready* ready)
+{
+ THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+ ready->ready = 1;
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+}
+#endif
+
+void wait_tcp_ready(func_args* args)
+{
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_COND)
+ tcp_ready* ready = args->signal;
+ THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+ if (!ready->ready) {
+ THREAD_CHECK_RET(wolfSSL_CondWait(&ready->cond));
+ }
+ ready->ready = 0; /* reset */
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+#else
+ /* no threading wait or single threaded */
+ (void)args;
+#endif
+}
+
+#ifndef SINGLE_THREADED
+/* Start a thread.
+ *
+ * @param [in] fun Function to execute in thread.
+ * @param [in] args Object to send to function in thread.
+ * @param [out] thread Handle to thread.
+ */
+void start_thread(THREAD_CB fun, func_args* args, THREAD_TYPE* thread)
+{
+ THREAD_CHECK_RET(wolfSSL_NewThread(thread, fun, args));
+}
+
+
+/* Join thread to wait for completion.
+ *
+ * @param [in] thread Handle to thread.
+ */
+void join_thread(THREAD_TYPE thread)
+{
+ THREAD_CHECK_RET(wolfSSL_JoinThread(thread));
+}
+#endif /* SINGLE_THREADED */
diff --git a/extra/wolfssl/wolfssl/tests/w64wrapper.c b/extra/wolfssl/wolfssl/tests/w64wrapper.c
index ec8c63a1..926de49d 100644
--- a/extra/wolfssl/wolfssl/tests/w64wrapper.c
+++ b/extra/wolfssl/wolfssl/tests/w64wrapper.c
@@ -41,7 +41,7 @@ int w64wrapper_test(void)
a = w64From32(0x01020304, 0x05060708);
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_W64_WRAPPER_TEST)
- if (a.n != 0x0102030405060708)
+ if (a.n != 0x0102030405060708LL)
return -1;
#else
if (a.n[0] != 0x01020304 || a.n[1] != 0x05060708)
diff --git a/extra/wolfssl/wolfssl/testsuite/testsuite.c b/extra/wolfssl/wolfssl/testsuite/testsuite.c
index 1b6df1b1..753077aa 100644
--- a/extra/wolfssl/wolfssl/testsuite/testsuite.c
+++ b/extra/wolfssl/wolfssl/testsuite/testsuite.c
@@ -25,6 +25,7 @@
#endif
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/ssl.h>
#include <wolfssl/test.h>
@@ -44,6 +45,7 @@
#include <examples/server/server.h>
#include <examples/client/client.h>
+#include "tests/utils.h"
#ifndef NO_SHA256
void file_test(const char* file, byte* check);
@@ -57,6 +59,10 @@ static THREAD_RETURN simple_test(func_args *args);
static void simple_test(func_args *args);
#endif
static int test_tls(func_args* server_args);
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+ defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
+static int test_crl_monitor(void);
+#endif
static void show_ciphers(void);
static void cleanup_output(void);
static int validate_cleanup_output(void);
@@ -214,6 +220,16 @@ int testsuite_test(int argc, char** argv)
cleanup_output();
return server_args.return_code;
}
+
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+ defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
+ ret = test_crl_monitor();
+ if (ret != 0) {
+ cleanup_output();
+ return ret;
+ }
+#endif
+
#endif /* !NETOS */
show_ciphers();
@@ -247,6 +263,148 @@ int testsuite_test(int argc, char** argv)
}
#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+ defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
+#define CRL_MONITOR_TEST_ROUNDS 6
+#define CRL_MONITOR_REM_FILE_ATTEMPTS 20
+
+static int test_crl_monitor(void)
+{
+ func_args server_args;
+ func_args client_args;
+ THREAD_TYPE serverThread;
+ tcp_ready ready;
+ char buf[128];
+ char tmpDir[16];
+ char rounds[4];
+ char portNum[8];
+ const char* serverArgv[] = {
+ "testsuite",
+ "-A", "certs/ca-cert.pem",
+ "--crl-dir", tmpDir,
+ "-C", rounds,
+ "--quieter",
+ "-x",
+ "-p", "0"
+ };
+ const char* clientArgv[] = {
+ "testsuite",
+ "-C",
+ "-c", "certs/server-cert.pem",
+ "-k", "certs/server-key.pem",
+ "--quieter",
+ "-H", "exitWithRet",
+ "-p", portNum
+ };
+ int ret = -1;
+ int i = -1, j;
+
+ printf("\nRunning CRL monitor test\n");
+
+ sprintf(rounds, "%d", CRL_MONITOR_TEST_ROUNDS);
+
+ XMEMSET(&server_args, 0, sizeof(func_args));
+ XMEMSET(&client_args, 0, sizeof(func_args));
+
+ /* Create temp dir */
+ if (create_tmp_dir(tmpDir, sizeof(tmpDir) - 1) == NULL) {
+ fprintf(stderr, "Failed to create tmp dir");
+ goto cleanup;
+ }
+
+ server_args.argv = (char**)serverArgv;
+ server_args.argc = sizeof(serverArgv) / sizeof(*serverArgv);
+ client_args.signal = server_args.signal = &ready;
+ client_args.argv = (char**)clientArgv;
+ client_args.argc = sizeof(clientArgv) / sizeof(*clientArgv);
+
+ InitTcpReady(&ready);
+ start_thread(server_test, &server_args, &serverThread);
+ wait_tcp_ready(&server_args);
+ sprintf(portNum, "%d", server_args.signal->port);
+
+ for (i = 0; i < CRL_MONITOR_TEST_ROUNDS; i++) {
+ int expectFail;
+ if (i % 2 == 0) {
+ /* succeed on even rounds */
+ sprintf(buf, "%s/%s", tmpDir, "crl.pem");
+ if (copy_file("certs/crl/crl.pem", buf) != 0) {
+ fprintf(stderr, "[%d] Failed to copy file to %s\n", i, buf);
+ goto cleanup;
+ }
+ sprintf(buf, "%s/%s", tmpDir, "crl.revoked");
+ /* The monitor can be holding the file handle and this will cause
+ * the remove call to fail. Let's give the monitor a some time to
+ * finish up. */
+ for (j = 0; j < CRL_MONITOR_REM_FILE_ATTEMPTS; j++) {
+ /* i == 0 since there is nothing to delete in the first round */
+ if (i == 0 || rem_file(buf) == 0)
+ break;
+ XSLEEP_MS(100);
+ }
+ if (j == CRL_MONITOR_REM_FILE_ATTEMPTS) {
+ fprintf(stderr, "[%d] Failed to remove file %s\n", i, buf);
+ goto cleanup;
+ }
+ expectFail = 0;
+ }
+ else {
+ /* fail on odd rounds */
+ sprintf(buf, "%s/%s", tmpDir, "crl.revoked");
+ if (copy_file("certs/crl/crl.revoked", buf) != 0) {
+ fprintf(stderr, "[%d] Failed to copy file to %s\n", i, buf);
+ goto cleanup;
+ }
+ sprintf(buf, "%s/%s", tmpDir, "crl.pem");
+ /* The monitor can be holding the file handle and this will cause
+ * the remove call to fail. Let's give the monitor a some time to
+ * finish up. */
+ for (j = 0; j < CRL_MONITOR_REM_FILE_ATTEMPTS; j++) {
+ if (rem_file(buf) == 0)
+ break;
+ XSLEEP_MS(100);
+ }
+ if (j == CRL_MONITOR_REM_FILE_ATTEMPTS) {
+ fprintf(stderr, "[%d] Failed to remove file %s\n", i, buf);
+ goto cleanup;
+ }
+ expectFail = 1;
+ }
+ /* Give server a moment to register the file change */
+ XSLEEP_MS(100);
+
+ client_args.return_code = 0;
+ client_test(&client_args);
+
+ if (!expectFail) {
+ if (client_args.return_code != 0) {
+ fprintf(stderr, "[%d] Incorrect return %d\n", i,
+ client_args.return_code);
+ goto cleanup;
+ }
+ }
+ else {
+ if (client_args.return_code == 0) {
+ fprintf(stderr, "[%d] Expected failure\n", i);
+ goto cleanup;
+ }
+ }
+ }
+
+ join_thread(serverThread);
+ ret = 0;
+cleanup:
+ if (ret != 0 && i >= 0)
+ fprintf(stderr, "test_crl_monitor failed on iteration %d\n", i);
+ sprintf(buf, "%s/%s", tmpDir, "crl.pem");
+ rem_file(buf);
+ sprintf(buf, "%s/%s", tmpDir, "crl.revoked");
+ rem_file(buf);
+ (void)rem_dir(tmpDir);
+ return ret;
+}
+#endif
+
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
(!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC))
/* Perform a basic TLS handshake.
*
@@ -263,6 +421,8 @@ static int test_tls(func_args* server_args)
char* myArgv[NUMARGS];
char arg[3][128];
+ printf("\nRunning TLS test\n");
+
/* Set up command line arguments for echoclient to send input file
* and write echoed data to temporary output file. */
myArgv[0] = arg[0];
@@ -374,6 +534,8 @@ static void simple_test(func_args* args)
char *cliArgv[NUMARGS];
char argvc[3][32];
+ printf("\nRunning simple test\n");
+
for (i = 0; i < 9; i++)
svrArgv[i] = argvs[i];
for (i = 0; i < 3; i++)
@@ -424,149 +586,11 @@ static void simple_test(func_args* args)
}
#endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
-
-/* Wait for the server to be ready for a connection.
- *
- * @param [in] args Object to send to thread.
- */
-void wait_tcp_ready(func_args* args)
-{
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_mutex_lock(&args->signal->mutex));
-
- if (!args->signal->ready)
- PTHREAD_CHECK_RET(pthread_cond_wait(&args->signal->cond,
- &args->signal->mutex));
- args->signal->ready = 0; /* reset */
-
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&args->signal->mutex));
-#elif defined(NETOS)
- (void)tx_mutex_get(&args->signal->mutex, TX_WAIT_FOREVER);
-
- /* TODO:
- * if (!args->signal->ready)
- * pthread_cond_wait(&args->signal->cond, &args->signal->mutex);
- * args->signal->ready = 0; */
-
- (void)tx_mutex_put(&args->signal->mutex);
-#elif defined(USE_WINDOWS_API)
- /* Give peer a moment to get running */
- #if defined(__MINGW32__) || defined(__MINGW64__)
- Sleep(500);
- #else
- _sleep(500);
- #endif
- (void)args;
-#else
- (void)args;
-#endif
-}
-
-
-/* Start a thread.
- *
- * @param [in] fun Function to executre in thread.
- * @param [in] args Object to send to function in thread.
- * @param [out] thread Handle to thread.
- */
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
-{
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_create(thread, 0, fun, args));
- return;
-#elif defined(WOLFSSL_TIRTOS)
- /* Initialize the defaults and set the parameters. */
- Task_Params taskParams;
- Task_Params_init(&taskParams);
- taskParams.arg0 = (UArg)args;
- taskParams.stackSize = 65535;
- *thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
- if (*thread == NULL) {
- printf("Failed to create new Task\n");
- }
- Task_yield();
-#elif defined(NETOS)
- /* This can be adjusted by defining in user_settings.h, will default to 65k
- * in the event it is undefined */
- #ifndef TESTSUITE_THREAD_STACK_SZ
- #define TESTSUITE_THREAD_STACK_SZ 65535
- #endif
- int result;
- static void * TestSuiteThreadStack = NULL;
-
- /* Assume only one additional thread is created concurrently. */
- if (TestSuiteThreadStack == NULL)
- {
- TestSuiteThreadStack = (void *)malloc(TESTSUITE_THREAD_STACK_SZ);
- if (TestSuiteThreadStack == NULL)
- {
- printf ("Stack allocation failure.\n");
- return;
- }
- }
-
- memset (thread, 0, sizeof *thread);
-
- /* first create the idle thread:
- * ARGS:
- * Param1: pointer to thread
- * Param2: name
- * Param3 and 4: entry function and input
- * Param5: pointer to thread stack
- * Param6: stack size
- * Param7 and 8: priority level and preempt threshold
- * Param9 and 10: time slice and auto-start indicator */
- result = tx_thread_create(thread,
- "WolfSSL TestSuiteThread",
- (entry_functionType)fun, (ULONG)args,
- TestSuiteThreadStack,
- TESTSUITE_THREAD_STACK_SZ,
- 2, 2,
- 1, TX_AUTO_START);
- if (result != TX_SUCCESS)
- {
- printf("Ethernet Bypass Application: failed to create idle thread!\n");
- }
-
-#else
- *thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
-#endif
-}
-
-
-/* Join thread to wait for completion.
- *
- * @param [in] thread Handle to thread.
- */
-void join_thread(THREAD_TYPE thread)
-{
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_join(thread, 0));
-#elif defined(WOLFSSL_TIRTOS)
- while(1) {
- if (Task_getMode(thread) == Task_Mode_TERMINATED) {
- Task_sleep(5);
- break;
- }
- Task_yield();
- }
-#elif defined(NETOS)
- /* TODO: */
-#else
- int res = WaitForSingleObject((HANDLE)thread, INFINITE);
- assert(res == WAIT_OBJECT_0);
- res = CloseHandle((HANDLE)thread);
- assert(res);
- (void)res; /* Suppress un-used variable warning */
-#endif
-}
-
-
#ifndef NO_SHA256
/* Create SHA-256 hash of the file based on filename.
*
* @param [in] file Name of file.
- * @parma [out] check Buffer to hold SHA-256 hash.
+ * @param [out] check Buffer to hold SHA-256 hash.
*/
void file_test(const char* file, byte* check)
{
diff --git a/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj b/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj
index 95301f96..e41601f1 100644
--- a/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj
+++ b/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="../;../IDE/WIN"
- PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -117,7 +117,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="../;../IDE/WIN"
- PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj b/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj
index 6198565e..958f937f 100644
--- a/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj
+++ b/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj
@@ -159,7 +159,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -218,7 +218,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -237,7 +237,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -259,7 +259,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -281,7 +281,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -302,7 +302,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c
index 6609a2e2..49803d6d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c
@@ -22,48 +22,254 @@
/* wolfCrypt benchmark */
+/* Some common, optional build settings:
+ * these can also be set in wolfssl/options.h or user_settings.h
+ * -------------------------------------------------------------
+ * make the binary always use CSV format:
+ * WOLFSSL_BENCHMARK_FIXED_CSV
+ *
+ * choose to use the same units, regardless of scale. pick 1:
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_GB
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_MB
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_B
+ *
+ * when the output should be in machine-parseable format:
+ * GENERATE_MACHINE_PARSEABLE_REPORT
+ *
+ * use microseconds as the unit of time:
+ * BENCH_MICROSECOND
+ *
+ * display mean, max, min and sd of operation durations:
+ * MULTI_VALUE_STATISTICS
+ *
+ * Enable tracking of the stats into an allocated linked list:
+ * (use -print to display results):
+ * WC_BENCH_TRACK_STATS
+ *
+ * set the default devId for cryptocb to the value instead of INVALID_DEVID
+ * WC_USE_DEVID=0x1234
+ *
+ * Turn on benchmark timing debugging (CPU Cycles, RTOS ticks, etc)
+ * DEBUG_WOLFSSL_BENCHMARK_TIMING
+ *
+ */
+
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
-/* Some common, optional user settings */
-/* these can also be set in wolfssl/options.h or user_settings.h */
-/* ------------------------------------------------------------- */
-/* make the binary always use CSV format: */
-/* #define WOLFSSL_BENCHMARK_FIXED_CSV */
-/* */
-/* choose to use the same units, regardless of scale. pick 1: */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_GB */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_MB */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_KB */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_B */
-/* */
-/* when the output should be in machine-parseable format: */
-/* #define GENERATE_MACHINE_PARSEABLE_REPORT */
-/* */
-
-/* define the max length for each string of metric reported */
-#define __BENCHMARK_MAXIMUM_LINE_LENGTH 150
-
-/* some internal helpers to get values of settings */
-/* this first one gets the text name of the #define parameter */
-#define __BENCHMARK_VALUE_TO_STRING(x) #x
-
-/* this next one gets the text value of the assigned value of #define param */
-#define __BENCHMARK_VALUE(x) __BENCHMARK_VALUE_TO_STRING(x)
-
-#define WOLFSSL_FIXED_UNITS_PER_SEC "MB/s" /* may be re-set by fixed units */
-
#ifndef WOLFSSL_USER_SETTINGS
#include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/settings.h> /* also picks up user_settings.h */
+
+/* Macro to disable benchmark */
+#ifndef NO_CRYPT_BENCHMARK
+
#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/version.h>
#include <wolfssl/wolfcrypt/wc_port.h>
-#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/wolfmath.h>
+#include <wolfssl/wolfcrypt/memory.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/asn.h>
+#include <wolfssl/version.h>
+
+#ifdef HAVE_CHACHA
+ #include <wolfssl/wolfcrypt/chacha.h>
+#endif
+#ifdef HAVE_POLY1305
+ #include <wolfssl/wolfcrypt/poly1305.h>
+#endif
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+ #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
+#endif
+#ifndef NO_AES
+ #include <wolfssl/wolfcrypt/aes.h>
+#endif
+#ifdef HAVE_CAMELLIA
+ #include <wolfssl/wolfcrypt/camellia.h>
+#endif
+#ifdef WOLFSSL_SM4
+ #include <wolfssl/wolfcrypt/sm4.h>
+#endif
+#ifndef NO_MD5
+ #include <wolfssl/wolfcrypt/md5.h>
+#endif
+#ifndef NO_SHA
+ #include <wolfssl/wolfcrypt/sha.h>
+#endif
+#ifndef NO_SHA256
+ #include <wolfssl/wolfcrypt/sha256.h>
+#endif
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+ #include <wolfssl/wolfcrypt/sha512.h>
+#endif
+#ifdef WOLFSSL_SHA3
+ #include <wolfssl/wolfcrypt/sha3.h>
+#endif
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+#ifndef NO_RSA
+ #include <wolfssl/wolfcrypt/rsa.h>
+#endif
+#ifdef WOLFSSL_RIPEMD
+ #include <wolfssl/wolfcrypt/ripemd.h>
+#endif
+#ifdef WOLFSSL_CMAC
+ #include <wolfssl/wolfcrypt/cmac.h>
+#endif
+#ifndef NO_DH
+ #include <wolfssl/wolfcrypt/dh.h>
+#endif
+#ifndef NO_DES3
+ #include <wolfssl/wolfcrypt/des3.h>
+#endif
+#ifndef NO_RC4
+ #include <wolfssl/wolfcrypt/arc4.h>
+#endif
+#ifndef NO_HMAC
+ #include <wolfssl/wolfcrypt/hmac.h>
+#endif
+#ifdef WOLFSSL_SIPHASH
+ #include <wolfssl/wolfcrypt/siphash.h>
+#endif
+ #include <wolfssl/wolfcrypt/kdf.h>
+#ifndef NO_PWDBASED
+ #include <wolfssl/wolfcrypt/pwdbased.h>
+#endif
+#ifdef HAVE_ECC
+ #include <wolfssl/wolfcrypt/ecc.h>
+#endif
+#ifdef WOLFSSL_SM2
+ #include <wolfssl/wolfcrypt/sm2.h>
+#endif
+#ifdef HAVE_CURVE25519
+ #include <wolfssl/wolfcrypt/curve25519.h>
+#endif
+#ifdef HAVE_ED25519
+ #include <wolfssl/wolfcrypt/ed25519.h>
+#endif
+#ifdef HAVE_CURVE448
+ #include <wolfssl/wolfcrypt/curve448.h>
+#endif
+#ifdef HAVE_ED448
+ #include <wolfssl/wolfcrypt/ed448.h>
+#endif
+#ifdef WOLFSSL_HAVE_KYBER
+ #include <wolfssl/wolfcrypt/kyber.h>
+ #ifdef WOLFSSL_WC_KYBER
+ #include <wolfssl/wolfcrypt/wc_kyber.h>
+ #endif
+ #if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+ #include <wolfssl/wolfcrypt/ext_kyber.h>
+ #endif
+#endif
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+ #include <wolfssl/wolfcrypt/lms.h>
+ #ifdef HAVE_LIBLMS
+ #include <wolfssl/wolfcrypt/ext_lms.h>
+ #endif
+#endif
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+ #include <wolfssl/wolfcrypt/xmss.h>
+ #ifdef HAVE_LIBXMSS
+ #include <wolfssl/wolfcrypt/ext_xmss.h>
+ #endif
+#endif
+#ifdef WOLFCRYPT_HAVE_ECCSI
+ #include <wolfssl/wolfcrypt/eccsi.h>
+#endif
+#ifdef WOLFCRYPT_HAVE_SAKKE
+ #include <wolfssl/wolfcrypt/sakke.h>
+#endif
+
+#if defined(HAVE_PQC)
+ #if defined(HAVE_FALCON)
+ #include <wolfssl/wolfcrypt/falcon.h>
+ #endif
+ #if defined(HAVE_DILITHIUM)
+ #include <wolfssl/wolfcrypt/dilithium.h>
+ #endif
+ #if defined(HAVE_SPHINCS)
+ #include <wolfssl/wolfcrypt/sphincs.h>
+ #endif
+#endif
+
+#ifdef WOLF_CRYPTO_CB
+ #include <wolfssl/wolfcrypt/cryptocb.h>
+ #ifdef HAVE_INTEL_QA_SYNC
+ #include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
+ #endif
+ #ifdef HAVE_CAVIUM_OCTEON_SYNC
+ #include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
+ #endif
+ #ifdef HAVE_RENESAS_SYNC
+ #include <wolfssl/wolfcrypt/port/renesas/renesas_sync.h>
+ #endif
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+ #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef USE_FLAT_BENCHMARK_H
+ #include "benchmark.h"
+#else
+ #include "wolfcrypt/benchmark/benchmark.h"
+#endif
+
+
+/* define the max length for each string of metric reported */
+#ifndef WC_BENCH_MAX_LINE_LEN
+#define WC_BENCH_MAX_LINE_LEN 150
+#endif
+
+/* default units per second. See WOLFSSL_BENCHMARK_FIXED_UNITS_* to change */
+#define WOLFSSL_FIXED_UNIT "MB" /* may be re-set by fixed units */
+#define MILLION_VALUE 1000000.0
+
+#ifdef BENCH_MICROSECOND
+ #define WOLFSSL_FIXED_TIME_UNIT "μs"
+ #define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+#else
+ #define WOLFSSL_FIXED_TIME_UNIT "s"
+#endif
+
+#ifdef MULTI_VALUE_STATISTICS
+ #define STATS_CLAUSE_SEPARATOR ""
+ #define DECLARE_MULTI_VALUE_STATS_VARS() double max = 0, min = 0, sum = 0,\
+ squareSum = 0, prev = 0, delta;\
+ int runs = 0;
+ #define RECORD_MULTI_VALUE_STATS() if (runs == 0) {\
+ delta = current_time(0) - start;\
+ min = delta;\
+ max = delta;\
+ }\
+ else {\
+ delta = current_time(0) - prev;\
+ }\
+ if (max < delta)\
+ max = delta;\
+ else if (min > delta)\
+ min = delta;\
+ sum += delta;\
+ squareSum += delta * delta;\
+ runs++;\
+ prev = current_time(0)
+ #define RESET_MULTI_VALUE_STATS_VARS() prev = 0;\
+ runs = 0;\
+ sum = 0;\
+ squareSum = 0
+#else
+ #define STATS_CLAUSE_SEPARATOR "\n"
+ #define DECLARE_MULTI_VALUE_STATS_VARS()
+ #define RECORD_MULTI_VALUE_STATS() WC_DO_NOTHING
+ #define RESET_MULTI_VALUE_STATS_VARS() WC_DO_NOTHING
+#endif
#ifdef WOLFSSL_NO_FLOAT_FMT
#define FLT_FMT "%0ld,%09lu"
@@ -92,30 +298,53 @@
#define FLT_FMT_ARGS(x) x
#define FLT_FMT_PREC_ARGS(p, x) p, x
#define FLT_FMT_PREC2_ARGS(w, p, x) w, p, x
-#endif
+#endif /* WOLFSSL_NO_FLOAT_FMT */
#ifdef WOLFSSL_ESPIDF
- #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+ #ifdef configTICK_RATE_HZ
+ /* Define CPU clock cycles per tick of FreeRTOS clock
+ * CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ is typically a value like 240
+ * configTICK_RATE_HZ is typically 100 or 1000.
+ **/
+ #define CPU_TICK_CYCLES ( \
+ (CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * MILLION_VALUE) \
+ / configTICK_RATE_HZ \
+ )
+ #endif
+ #if defined(CONFIG_IDF_TARGET_ESP32C2)
#include "driver/gptimer.h"
static gptimer_handle_t esp_gptimer = NULL;
static gptimer_config_t esp_timer_config = {
.clk_src = GPTIMER_CLK_SRC_DEFAULT,
.direction = GPTIMER_COUNT_UP,
- .resolution_hz = CONFIG_XTAL_FREQ * 1000000,
+ .resolution_hz = CONFIG_XTAL_FREQ * 100000,
};
+ #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ #include <esp_cpu.h>
+ #include "driver/gptimer.h"
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ #define RESOLUTION_SCALE 100
+ static gptimer_handle_t esp_gptimer = NULL;
+ static gptimer_config_t esp_timer_config = {
+ .clk_src = GPTIMER_CLK_SRC_DEFAULT,
+ .direction = GPTIMER_COUNT_UP,
+ .resolution_hz = CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * (MILLION_VALUE / RESOLUTION_SCALE), /* CONFIG_XTAL_FREQ = 40, CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = 160 */
+ };
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
#elif defined(CONFIG_IDF_TARGET_ESP32) || \
defined(CONFIG_IDF_TARGET_ESP32S2) || \
defined(CONFIG_IDF_TARGET_ESP32S3)
#include <xtensa/hal.h>
+ #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+
#else
- #error "CONFIG_IDF_TARGET not implemented"
+ /* Other platform */
#endif
#include <esp_log.h>
-#endif
+#endif /* WOLFSSL_ESPIDF */
-#ifdef HAVE_PTHREAD
- #include <pthread.h>
-#endif
#if defined(HAVE_PTHREAD) || \
(!defined(NO_CRYPT_BENCHMARK) && !defined(NO_STDIO_FILESYSTEM) && \
!defined(NO_ERROR_STRINGS) && !defined(NO_MAIN_DRIVER) && \
@@ -127,28 +356,21 @@
#endif
#if defined(WOLFSSL_ZEPHYR) || defined(NO_STDIO_FILESYSTEM) || !defined(XFFLUSH)
-/* fflush in Zephyr doesn't work on stdout and stderr. Use
- * CONFIG_LOG_MODE_IMMEDIATE compilation option instead. */
-#undef XFFLUSH
-#define XFFLUSH(...) do {} while (0)
+ /* fflush in Zephyr doesn't work on stdout and stderr. Use
+ * CONFIG_LOG_MODE_IMMEDIATE compilation option instead. */
+ #undef XFFLUSH
+ #define XFFLUSH(...) WC_DO_NOTHING
#endif
-/* Macro to disable benchmark */
-#ifndef NO_CRYPT_BENCHMARK
-
+/* only for stack size check */
#include <wolfssl/wolfcrypt/mem_track.h>
-/* only for stack size check */
-#if defined(WOLFSSL_ASYNC_CRYPT)
- #ifndef WC_NO_ASYNC_THREADING
- #define WC_ENABLE_BENCH_THREADING
- #endif
+#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_NO_ASYNC_THREADING)
+ #define WC_ENABLE_BENCH_THREADING
#endif
-
-#ifdef USE_FLAT_BENCHMARK_H
- #include "benchmark.h"
-#else
- #include "wolfcrypt/benchmark/benchmark.h"
+/* enable tracking of stats for threaded benchmark */
+#if defined(WC_ENABLE_BENCH_THREADING) && !defined(WC_BENCH_TRACK_STATS)
+ #define WC_BENCH_TRACK_STATS
#endif
#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
@@ -189,7 +411,7 @@
static int printfk(const char *fmt, ...)
{
int ret;
- char line[__BENCHMARK_MAXIMUM_LINE_LENGTH];
+ char line[WC_BENCH_MAX_LINE_LEN];
va_list ap;
va_start(ap, fmt);
@@ -258,98 +480,6 @@
#endif
#endif
-#include <wolfssl/wolfcrypt/memory.h>
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/des3.h>
-#include <wolfssl/wolfcrypt/arc4.h>
-#include <wolfssl/wolfcrypt/chacha.h>
-#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
-#include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/poly1305.h>
-#include <wolfssl/wolfcrypt/camellia.h>
-#include <wolfssl/wolfcrypt/md5.h>
-#include <wolfssl/wolfcrypt/sha.h>
-#include <wolfssl/wolfcrypt/sha256.h>
-#include <wolfssl/wolfcrypt/sha512.h>
-#include <wolfssl/wolfcrypt/sha3.h>
-#include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/asn.h>
-#include <wolfssl/wolfcrypt/ripemd.h>
-#include <wolfssl/wolfcrypt/cmac.h>
-#ifndef NO_HMAC
- #include <wolfssl/wolfcrypt/hmac.h>
-#endif
-#ifdef WOLFSSL_SIPHASH
- #include <wolfssl/wolfcrypt/siphash.h>
-#endif
-#ifndef NO_PWDBASED
- #include <wolfssl/wolfcrypt/pwdbased.h>
-#endif
-#ifdef HAVE_ECC
- #include <wolfssl/wolfcrypt/ecc.h>
-#endif
-#ifdef HAVE_CURVE25519
- #include <wolfssl/wolfcrypt/curve25519.h>
-#endif
-#ifdef HAVE_ED25519
- #include <wolfssl/wolfcrypt/ed25519.h>
-#endif
-#ifdef HAVE_CURVE448
- #include <wolfssl/wolfcrypt/curve448.h>
-#endif
-#ifdef HAVE_ED448
- #include <wolfssl/wolfcrypt/ed448.h>
-#endif
-#ifdef WOLFSSL_HAVE_KYBER
- #include <wolfssl/wolfcrypt/kyber.h>
-#ifdef WOLFSSL_WC_KYBER
- #include <wolfssl/wolfcrypt/wc_kyber.h>
-#endif
-#if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
- #include <wolfssl/wolfcrypt/ext_kyber.h>
-#endif
-#endif
-#ifdef WOLFCRYPT_HAVE_ECCSI
- #include <wolfssl/wolfcrypt/eccsi.h>
-#endif
-#ifdef WOLFCRYPT_HAVE_SAKKE
- #include <wolfssl/wolfcrypt/sakke.h>
-#endif
-
-#if defined(HAVE_PQC)
- #if defined(HAVE_FALCON)
- #include <wolfssl/wolfcrypt/falcon.h>
- #endif
- #if defined(HAVE_DILITHIUM)
- #include <wolfssl/wolfcrypt/dilithium.h>
- #endif
- #if defined(HAVE_SPHINCS)
- #include <wolfssl/wolfcrypt/sphincs.h>
- #endif
-#endif
-
-#include <wolfssl/wolfcrypt/dh.h>
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef WOLF_CRYPTO_CB
- #include <wolfssl/wolfcrypt/cryptocb.h>
- #ifdef HAVE_INTEL_QA_SYNC
- #include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
- #endif
- #ifdef HAVE_CAVIUM_OCTEON_SYNC
- #include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
- #endif
- #ifdef HAVE_RENESAS_SYNC
- #include <wolfssl/wolfcrypt/port/renesas/renesas_sync.h>
- #endif
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
- #include <wolfssl/wolfcrypt/async.h>
-#endif
-
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips_test.h>
@@ -397,14 +527,14 @@
} while(0)
#endif
-#undef PTHREAD_CHECK_RET
-#define PTHREAD_CHECK_RET(...) do { \
- int _pthread_ret = (__VA_ARGS__); \
- if (_pthread_ret != 0) { \
- errno = _pthread_ret; \
+#undef THREAD_CHECK_RET
+#define THREAD_CHECK_RET(...) do { \
+ int _thread_ret = (__VA_ARGS__); \
+ if (_thread_ret != 0) { \
+ errno = _thread_ret; \
printf("%s%s L%d error %d for \"%s\"\n", \
err_prefix, __FILE__, __LINE__, \
- _pthread_ret, #__VA_ARGS__); \
+ _thread_ret, #__VA_ARGS__); \
XFFLUSH(stdout); \
_exit(1); \
} \
@@ -413,7 +543,7 @@
/* optional macro to add sleep between tests */
#ifndef TEST_SLEEP
/* stub the sleep macro */
- #define TEST_SLEEP()
+ #define TEST_SLEEP() WC_DO_NOTHING
#endif
#define TEST_STRING "Everyone gets Friday off."
@@ -439,6 +569,10 @@
#define BENCH_AES_CFB 0x00010000
#define BENCH_AES_OFB 0x00020000
#define BENCH_AES_SIV 0x00040000
+#define BENCH_SM4_CBC 0x00080000
+#define BENCH_SM4_GCM 0x00100000
+#define BENCH_SM4_CCM 0x00200000
+#define BENCH_SM4 (BENCH_SM4_CBC | BENCH_SM4_GCM | BENCH_SM4_CCM)
/* Digest algorithms. */
#define BENCH_MD5 0x00000001
#define BENCH_POLY1305 0x00000002
@@ -461,6 +595,7 @@
#define BENCH_RIPEMD 0x00004000
#define BENCH_BLAKE2B 0x00008000
#define BENCH_BLAKE2S 0x00010000
+#define BENCH_SM3 0x00020000
/* MAC algorithms. */
#define BENCH_CMAC 0x00000001
@@ -476,6 +611,9 @@
#define BENCH_PBKDF2 0x00000100
#define BENCH_SIPHASH 0x00000200
+/* KDF algorithms */
+#define BENCH_SRTP_KDF 0x00000001
+
/* Asymmetric algorithms. */
#define BENCH_RSA_KEYGEN 0x00000001
#define BENCH_RSA 0x00000002
@@ -497,6 +635,7 @@
#define BENCH_ECC_P256 0x01000000
#define BENCH_ECC_P384 0x02000000
#define BENCH_ECC_P521 0x04000000
+#define BENCH_SM2 0x08000000
#define BENCH_ECCSI_KEYGEN 0x00000020
#define BENCH_ECCSI_PAIRGEN 0x00000040
#define BENCH_ECCSI_VALIDATE 0x00000080
@@ -521,6 +660,10 @@
#define BENCH_SPHINCS_SMALL_LEVEL3_SIGN 0x00000010
#define BENCH_SPHINCS_SMALL_LEVEL5_SIGN 0x00000020
+/* Post-Quantum Stateful Hash-Based sig algorithms. */
+#define BENCH_LMS_HSS 0x00000001
+#define BENCH_XMSS_XMSSMT 0x00000002
+
/* Other */
#define BENCH_RNG 0x00000001
#define BENCH_SCRYPT 0x00000002
@@ -540,6 +683,11 @@
#endif
#endif
+#if (defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)) || \
+ (defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY))
+ #define BENCH_PQ_STATEFUL_HBS
+#endif
+
/* Benchmark all compiled in algorithms.
* When 1, ignore other benchmark algorithm values.
* 0, only benchmark algorithm values set.
@@ -551,6 +699,8 @@ static word32 bench_cipher_algs = 0;
static word32 bench_digest_algs = 0;
/* MAC algorithms to benchmark. */
static word32 bench_mac_algs = 0;
+/* KDF algorithms to benchmark. */
+static word32 bench_kdf_algs = 0;
/* Asymmetric algorithms to benchmark. */
static word32 bench_asym_algs = 0;
/* Post-Quantum Asymmetric algorithms to benchmark. */
@@ -559,6 +709,8 @@ static word32 bench_pq_asym_algs = 0;
static word32 bench_pq_asym_algs2 = 0;
/* Other cryptographic algorithms to benchmark. */
static word32 bench_other_algs = 0;
+/* Post-Quantum Stateful Hash-Based sig algorithms to benchmark. */
+static word32 bench_pq_hash_sig_algs = 0;
#if !defined(WOLFSSL_BENCHMARK_ALL) && !defined(NO_MAIN_DRIVER)
@@ -613,6 +765,18 @@ static const bench_alg bench_cipher_opt[] = {
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
{ "-chacha20-poly1305", BENCH_CHACHA20_POLY1305 },
#endif
+#ifdef WOLFSSL_SM4_CBC
+ { "-sm4-cbc", BENCH_SM4_CBC },
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ { "-sm4-gcm", BENCH_SM4_GCM },
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ { "-sm4-ccm", BENCH_SM4_CCM },
+#endif
+#ifdef WOLFSSL_SM4
+ { "-sm4", BENCH_SM4 },
+#endif
#ifndef NO_DES3
{ "-des", BENCH_DES },
#endif
@@ -671,6 +835,9 @@ static const bench_alg bench_digest_opt[] = {
{ "-shake256", BENCH_SHAKE256 },
#endif
#endif
+#ifdef WOLFSSL_SM3
+ { "-sm3", BENCH_SM3 },
+#endif
#ifdef WOLFSSL_RIPEMD
{ "-ripemd", BENCH_RIPEMD },
#endif
@@ -712,9 +879,18 @@ static const bench_alg bench_mac_opt[] = {
#ifndef NO_PWDBASED
{ "-pbkdf2", BENCH_PBKDF2 },
#endif
+#endif
#ifdef WOLFSSL_SIPHASH
{ "-siphash", BENCH_SIPHASH },
#endif
+ { NULL, 0 }
+};
+
+/* All recognized KDF algorithm choosing command line options. */
+static const bench_alg bench_kdf_opt[] = {
+ { "-kdf", 0xffffffff },
+#ifdef WC_SRTP_KDF
+ { "-srtp-kdf", BENCH_SRTP_KDF },
#endif
{ NULL, 0 }
};
@@ -743,6 +919,9 @@ static const bench_alg bench_asym_opt[] = {
#endif
{ "-ecc-all", BENCH_ECC_ALL },
#endif
+#ifdef WOLFSSL_SM2
+ { "-sm2", BENCH_SM2 },
+#endif
#ifdef HAVE_CURVE25519
{ "-curve25519-kg", BENCH_CURVE25519_KEYGEN },
#ifdef HAVE_CURVE25519_SHARED_SECRET
@@ -794,6 +973,26 @@ static const bench_alg bench_other_opt[] = {
#endif /* !WOLFSSL_BENCHMARK_ALL && !NO_MAIN_DRIVER */
+#if defined(BENCH_PQ_STATEFUL_HBS)
+typedef struct bench_pq_hash_sig_alg {
+ /* Command line option string. */
+ const char* str;
+ /* Bit values to set. */
+ word32 val;
+} bench_pq_hash_sig_alg;
+
+static const bench_pq_hash_sig_alg bench_pq_hash_sig_opt[] = {
+ { "-pq_hash_sig", 0xffffffff},
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+ { "-lms_hss", BENCH_LMS_HSS},
+#endif
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+ { "-xmss_xmssmt", BENCH_XMSS_XMSSMT},
+#endif
+ { NULL, 0}
+};
+#endif /* BENCH_PQ_STATEFUL_HBS */
+
#if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
/* The post-quantum-specific mapping of command line option to bit values and
* OQS name. */
@@ -824,26 +1023,26 @@ static const bench_pq_alg bench_pq_asym_opt[] = {
{ NULL, 0, NULL }
};
-#ifdef HAVE_LIBOQS
+#if defined(HAVE_LIBOQS) && defined(HAVE_SPHINCS)
/* All recognized post-quantum asymmetric algorithm choosing command line
* options. (Part 2) */
static const bench_pq_alg bench_pq_asym_opt2[] = {
{ "-pq", 0xffffffff, NULL},
{ "-sphincs_fast_level1", BENCH_SPHINCS_FAST_LEVEL1_SIGN,
- OQS_SIG_alg_sphincs_shake256_128f_simple },
+ OQS_SIG_alg_sphincs_shake_128f_simple },
{ "-sphincs_fast_level3", BENCH_SPHINCS_FAST_LEVEL3_SIGN,
- OQS_SIG_alg_sphincs_shake256_192f_simple },
+ OQS_SIG_alg_sphincs_shake_192f_simple },
{ "-sphincs_fast_level5", BENCH_SPHINCS_FAST_LEVEL5_SIGN,
- OQS_SIG_alg_sphincs_shake256_256f_simple },
+ OQS_SIG_alg_sphincs_shake_256f_simple },
{ "-sphincs_small_level1", BENCH_SPHINCS_SMALL_LEVEL1_SIGN,
- OQS_SIG_alg_sphincs_shake256_128s_simple },
+ OQS_SIG_alg_sphincs_shake_128s_simple },
{ "-sphincs_small_level3", BENCH_SPHINCS_SMALL_LEVEL3_SIGN,
- OQS_SIG_alg_sphincs_shake256_192s_simple },
+ OQS_SIG_alg_sphincs_shake_192s_simple },
{ "-sphincs_small_level5", BENCH_SPHINCS_SMALL_LEVEL5_SIGN,
- OQS_SIG_alg_sphincs_shake256_256s_simple },
+ OQS_SIG_alg_sphincs_shake_256s_simple },
{ NULL, 0, NULL }
};
-#endif /* HAVE_LIBOQS */
+#endif /* HAVE_LIBOQS && HAVE_SPHINCS */
#endif /* HAVE_PQC */
#ifdef HAVE_WNR
@@ -859,9 +1058,10 @@ static int lng_index = 0;
#ifndef NO_MAIN_DRIVER
#ifndef MAIN_NO_ARGS
-static const char* bench_Usage_msg1[][21] = {
+static const char* bench_Usage_msg1[][25] = {
/* 0 English */
- { "-? <num> Help, print this usage\n 0: English, 1: Japanese\n",
+ { "-? <num> Help, print this usage\n",
+ " 0: English, 1: Japanese\n",
"-csv Print terminal output in csv format\n",
"-base10 Display bytes as power of 10 (eg 1 kB = 1000 Bytes)\n",
"-no_aad No additional authentication data passed.\n",
@@ -881,17 +1081,24 @@ static const char* bench_Usage_msg1[][21] = {
"-p521 Measure ECC using P-521 curve.\n",
"-ecc-all Bench all enabled ECC curves.\n",
"-<alg> Algorithm to benchmark. Available algorithms include:\n",
- "-lng <num> Display benchmark result by specified language.\n 0: English, 1: Japanese\n",
+ ("-lng <num> Display benchmark result by specified language.\n"
+ " 0: English, 1: Japanese\n"
+ ),
"<num> Size of block in bytes\n",
- ("-blocks <num> Number of blocks. Can be used together with the 'Size of block'\n"
+ ("-blocks <num> Number of blocks. Can be used together with the "
+ "'Size of block'\n"
" option, but must be used after that one.\n"
),
"-threads <num> Number of threads to run\n",
- "-print Show benchmark stats summary\n"
+ "-print Show benchmark stats summary\n",
+ "-hash_input <file> Input data to use for hash benchmarking\n",
+ "-cipher_input <file> Input data to use for cipher benchmarking\n",
+ "-min_runs <num> Specify minimum number of operation runs\n"
},
#ifndef NO_MULTIBYTE_PRINT
/* 1 Japanese */
- { "-? <num> ヘルプ, 使ã„方を表示ã—ã¾ã™ã€‚\n 0: 英語〠1: 日本語\n",
+ { "-? <num> ヘルプ, 使ã„方を表示ã—ã¾ã™ã€‚\n",
+ " 0: 英語〠1: 日本語\n",
"-csv csv å½¢å¼ã§ç«¯æœ«ã«å‡ºåŠ›ã—ã¾ã™ã€‚\n",
"-base10 ãƒã‚¤ãƒˆã‚’10ã®ã¹ãä¹—ã§è¡¨ç¤ºã—ã¾ã™ã€‚(例 1 kB = 1000 Bytes)\n",
"-no_aad 追加ã®èªè¨¼ãƒ‡ãƒ¼ã‚¿ã‚’使用ã—ã¾ã›ã‚“.\n",
@@ -906,12 +1113,20 @@ static const char* bench_Usage_msg1[][21] = {
"-p384 Measure ECC using P-384 curve.\n",
"-p521 Measure ECC using P-521 curve.\n",
"-ecc-all Bench all enabled ECC curves.\n",
- "-<alg> アルゴリズムã®ãƒ™ãƒ³ãƒãƒžãƒ¼ã‚¯ã‚’実施ã—ã¾ã™ã€‚\n 利用å¯èƒ½ãªã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¯ä¸‹è¨˜ã‚’å«ã¿ã¾ã™:\n",
- "-lng <num> 指定ã•ã‚ŒãŸè¨€èªžã§ãƒ™ãƒ³ãƒãƒžãƒ¼ã‚¯çµæžœã‚’表示ã—ã¾ã™ã€‚\n 0: 英語〠1: 日本語\n",
+ ("-<alg> アルゴリズムã®ãƒ™ãƒ³ãƒãƒžãƒ¼ã‚¯ã‚’実施ã—ã¾ã™ã€‚\n"
+ " 利用å¯èƒ½ãªã‚¢ãƒ«ã‚´ãƒªã‚ºãƒ ã¯ä¸‹è¨˜ã‚’å«ã¿ã¾ã™:\n"
+ ),
+ ("-lng <num> 指定ã•ã‚ŒãŸè¨€èªžã§ãƒ™ãƒ³ãƒãƒžãƒ¼ã‚¯çµæžœã‚’表示ã—ã¾ã™ã€‚\n"
+ " 0: 英語〠1: 日本語\n"
+ ),
"<num> ブロックサイズをãƒã‚¤ãƒˆå˜ä½ã§æŒ‡å®šã—ã¾ã™ã€‚\n",
"-blocks <num> TBD.\n",
"-threads <num> 実行ã™ã‚‹ã‚¹ãƒ¬ãƒƒãƒ‰æ•°\n",
- "-print ベンãƒãƒžãƒ¼ã‚¯çµ±è¨ˆã®è¦ç´„を表示ã™ã‚‹\n"
+ "-print ベンãƒãƒžãƒ¼ã‚¯çµ±è¨ˆã®è¦ç´„を表示ã™ã‚‹\n",
+ /* TODO: translate below */
+ "-hash_input <file> Input data to use for hash benchmarking\n",
+ "-cipher_input <file> Input data to use for cipher benchmarking\n",
+ "-min_runs <num> Specify minimum number of operation runs\n"
},
#endif
};
@@ -919,7 +1134,13 @@ static const char* bench_Usage_msg1[][21] = {
#endif
static const char* bench_result_words1[][4] = {
- { "took", "seconds" , "Cycles per byte", NULL }, /* 0 English */
+ { "took",
+#ifdef BENCH_MICROSECOND
+ "microseconds"
+#else
+ "seconds"
+#endif
+ , "Cycles per byte", NULL }, /* 0 English */
#ifndef NO_MULTIBYTE_PRINT
{ "ã‚’" , "秒ã§å‡¦ç†", "1ãƒã‚¤ãƒˆã‚ãŸã‚Šã®ã‚µã‚¤ã‚¯ãƒ«æ•°", NULL }, /* 1 Japanese */
#endif
@@ -942,6 +1163,15 @@ static const char* bench_desc_words[][15] = {
#endif
+#ifdef MULTI_VALUE_STATISTICS
+static const char* bench_result_words3[][5] = {
+ /* 0 English */
+ { "max duration", "min duration" , "mean duration", "sd", NULL },
+ /* TODO: Add japenese version */
+ { "max duration", "min duration" , "mean duration", "sd", NULL }
+};
+#endif
+
#if defined(__GNUC__) && defined(__x86_64__) && !defined(NO_ASM) && !defined(WOLFSSL_SGX)
#define HAVE_GET_CYCLES
static WC_INLINE word64 get_intel_cycles(void);
@@ -950,15 +1180,15 @@ static const char* bench_desc_words[][15] = {
#define BEGIN_INTEL_CYCLES total_cycles = get_intel_cycles();
#define END_INTEL_CYCLES total_cycles = get_intel_cycles() - total_cycles;
/* s == size in bytes that 1 count represents, normally BENCH_SIZE */
- #define SHOW_INTEL_CYCLES(b, n, s) \
- (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), \
- " %s = " FLT_FMT_PREC2 "\n", \
- bench_result_words1[lng_index][2], \
- FLT_FMT_PREC2_ARGS(6, 2, count == 0 ? 0 : \
+ #define SHOW_INTEL_CYCLES(b, n, s) \
+ (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), \
+ " %s = " FLT_FMT_PREC2 STATS_CLAUSE_SEPARATOR, \
+ bench_result_words1[lng_index][2], \
+ FLT_FMT_PREC2_ARGS(6, 2, count == 0 ? 0 : \
(double)total_cycles / ((word64)count*(s))))
- #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
- (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), FLT_FMT_PREC ",\n", \
- FLT_FMT_PREC_ARGS(6, count == 0 ? 0 : \
+ #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
+ (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), FLT_FMT_PREC "," \
+ STATS_CLAUSE_SEPARATOR, FLT_FMT_PREC_ARGS(6, count == 0 ? 0 : \
(double)total_cycles / ((word64)count*(s))))
#elif defined(LINUX_CYCLE_COUNT)
#include <linux/perf_event.h>
@@ -983,14 +1213,16 @@ static const char* bench_desc_words[][15] = {
} while (0);
/* s == size in bytes that 1 count represents, normally BENCH_SIZE */
- #define SHOW_INTEL_CYCLES(b, n, s) \
- (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), \
- " %s = " FLT_FMT_PREC2 "\n", \
- bench_result_words1[lng_index][2], \
- FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)))
- #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
- (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
- FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
+ #define SHOW_INTEL_CYCLES(b, n, s) \
+ (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), \
+ " %s = " FLT_FMT_PREC2 STATS_CLAUSE_SEPARATOR, \
+ bench_result_words1[lng_index][2], \
+ FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / \
+ (count*s)))
+ #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
+ (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC "," \
+ STATS_CLAUSE_SEPARATOR, FLT_FMT_PREC_ARGS(6, (double)total_cycles \
+ / (count*s)))
#elif defined(SYNERGY_CYCLE_COUNT)
#include "hal_data.h"
@@ -1002,76 +1234,166 @@ static const char* bench_desc_words[][15] = {
#define END_INTEL_CYCLES total_cycles = DWT->CYCCNT - begin_cycles;
/* s == size in bytes that 1 count represents, normally BENCH_SIZE */
- #define SHOW_INTEL_CYCLES(b, n, s) \
- (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), \
- " %s = " FLT_FMT_PREC2 "\n", \
- bench_result_words1[lng_index][2], \
+ #define SHOW_INTEL_CYCLES(b, n, s) \
+ (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), \
+ " %s = " FLT_FMT_PREC2 STATS_CLAUSE_SEPARATOR, \
+ bench_result_words1[lng_index][2], \
FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)))
- #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
- (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
+ #define SHOW_INTEL_CYCLES_CSV(b, n, s) \
+ (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
#elif defined(WOLFSSL_ESPIDF)
- static THREAD_LS_T word64 begin_cycles;
- static THREAD_LS_T word64 total_cycles;
-
- /* the return value */
- static THREAD_LS_T word64 _xthal_get_ccount_ex = 0;
-
- /* the last value seen, adjusted for an overflow */
- static THREAD_LS_T word64 _xthal_get_ccount_last = 0;
-
/* TAG for ESP_LOGx() */
static const char* TAG = "wolfssl_benchmark";
- #define HAVE_GET_CYCLES
- #define INIT_CYCLE_COUNTER
- static WC_INLINE word64 get_xtensa_cycles(void);
+ static THREAD_LS_T word64 begin_cycles;
+ static THREAD_LS_T word64 begin_cycles_ticks;
+ static THREAD_LS_T word64 end_cycles;
+ static THREAD_LS_T word64 total_cycles;
- /* WARNING the hal UINT xthal_get_ccount() quietly rolls over. */
- #define BEGIN_ESP_CYCLES begin_cycles = (get_xtensa_cycles());
+ /* the return value, as a global var */
+ static THREAD_LS_T word64 _esp_get_cycle_count_ex = 0;
+
+ /* the last value seen, adjusted for an overflow, as a global var */
+ static THREAD_LS_T word64 _esp_cpu_count_last = 0;
+
+ static THREAD_LS_T TickType_t last_tickCount = 0; /* last FreeRTOS value */
+
+ /* esp_get_cpu_benchmark_cycles(void):
+ *
+ * Architecture-independant CPU clock counter.
+ * WARNING: the hal UINT xthal_get_ccount() quietly rolls over. */
+ static WC_INLINE word64 esp_get_cpu_benchmark_cycles(void);
+
+ /* Some vars for debugging, compare ticks to cycles */
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ static THREAD_LS_T word64 _esp_cpu_timer_last = 0;
+ static THREAD_LS_T word64 _esp_cpu_timer_diff = 0;
+ static THREAD_LS_T word64 _xthal_get_ccount_exAlt = 0;
+ static THREAD_LS_T word64 _xthal_get_ccount_exDiff = 0;
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
+ /* The ESP32 (both Xtensa and RISC-V have raw CPU counters). */
+ #if ESP_IDF_VERSION_MAJOR >= 5
+ /* esp_cpu_set_cycle_count() introduced in ESP-IDF v5 */
+ #define HAVE_GET_CYCLES
+ #define INIT_CYCLE_COUNTER do { \
+ ESP_LOGV(TAG, "INIT_CYCLE_COUNTER"); \
+ esp_cpu_set_cycle_count(0); \
+ } while (0);
+ #else
+ #define HAVE_GET_CYCLES
+ #define INIT_CYCLE_COUNTER do { \
+ ESP_LOGV(TAG, "INIT_CYCLE_COUNTER"); \
+ } while (0);
+ #endif
+
+ #define BEGIN_ESP_CYCLES do { \
+ ESP_LOGV(TAG, "BEGIN_ESP_CYCLES"); \
+ begin_cycles = esp_get_cpu_benchmark_cycles(); \
+ begin_cycles_ticks = xTaskGetTickCount(); \
+ } while (0);
/* since it rolls over, we have something that will tolerate one */
- #define END_ESP_CYCLES \
- ESP_LOGV(TAG,"%llu - %llu", \
- get_xtensa_cycles(), \
- begin_cycles \
- ); \
- total_cycles = (get_xtensa_cycles() - begin_cycles);
+ #define END_ESP_CYCLES \
+ end_cycles = esp_get_cpu_benchmark_cycles(); \
+ ESP_LOGV(TAG,"END_ESP_CYCLES %llu - %llu", \
+ end_cycles, \
+ begin_cycles \
+ ); \
+ total_cycles = (end_cycles - begin_cycles);
#define SHOW_ESP_CYCLES(b, n, s) \
- (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), \
- " %s = " FLT_FMT_PREC2 "\n", \
- bench_result_words1[lng_index][2], \
- FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)) \
- )
+ (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), \
+ " %s = " FLT_FMT_PREC2 "\n", \
+ bench_result_words1[lng_index][2], \
+ FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)) \
+ )
#define SHOW_ESP_CYCLES_CSV(b, n, s) \
- (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
- FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
+ (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
+ FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
- /* xthal_get_ccount_ex() is a single-overflow-tolerant extension to
- ** the Espressif `unsigned xthal_get_ccount()` which is known to overflow
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ /* 64 bit, unisgned, absolute difference
+ * used in CPU cycle counter debug calcs. */
+ static uint64_t esp_cycle_abs_diff(uint64_t x, uint64_t y)
+ {
+ uint64_t ret;
+ ret = (x > y) ? (x - y) : (y - x);
+ return ret;
+ }
+ #endif
+
+ /* esp_get_cycle_count_ex() is a single-overflow-tolerant extension to
+ ** the Espressif `unsigned xthal_get_ccount()` (Xtensa) or
+ ** `esp_cpu_get_cycle_count` (RISC-V) which are known to overflow
** at least once during full benchmark tests.
+ **
+ ** To test timing overflow, add a delay longer than max cycles:
+ ** vTaskDelay( (const TickType_t)(configTICK_RATE_HZ * 17 * 5) );
*/
- uint64_t xthal_get_ccount_ex()
+ uint64_t esp_get_cycle_count_ex()
{
- /* reminder: unsigned long long max = 18,446,744,073,709,551,615 */
-
- /* the currently observed clock counter value */
- #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- uint64_t thisVal = 0;
- ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer, &thisVal));
+ /* reminder: unsigned long long max = 18,446,744,073,709,551,615 */
+ /* unsigned int max = 4,294,967,295 */
+ uint64_t thisVal = 0; /* CPU counter, "this current value" as read. */
+ uint64_t thisIncrement = 0; /* The adjusted increment amount. */
+ uint64_t expected_diff = 0; /* FreeRTOS esimated expected CPU diff. */
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ uint32_t tickCount = 0; /* Currrent rtos tick counter. */
+ uint32_t tickDiff = 0; /* Tick difference from last check. */
+ uint32_t tickBeginDiff = 0; /* Tick difference from beginning. */
+ #endif
+
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ uint64_t thisTimerVal = 0; /* Timer Value as alternate to compare */
+ uint64_t diffDiff = 0; /* Difference between CPU & Timer differences:
+ * (current - last) */
+ ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer, &thisTimerVal));
+ thisTimerVal = thisTimerVal * RESOLUTION_SCALE;
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
+ thisVal = esp_cpu_get_cycle_count();
+
+ #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ thisVal = esp_cpu_get_cycle_count();
#else
- /* reminder unsupported CONFIG_IDF_TARGET captured above */
- uint64_t thisVal = xthal_get_ccount();
+ /* TODO: Why doesn't esp_cpu_get_cycle_count work for Xtensa?
+ * Calling current_time(1) to reset time causes thisVal overflow,
+ * on Xtensa, but not on RISC-V architecture. See also, below */
+ #ifndef __XTENSA__
+ thisVal = esp_cpu_get_cycle_count();
+ #else
+ thisVal = xthal_get_ccount(); /* or esp_cpu_get_cycle_count(); */
+ #endif
#endif
- /* if the current value is less than the previous value,
- ** we likely overflowed at least once.
- */
- if (thisVal < _xthal_get_ccount_last)
+
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ {
+ tickCount = xTaskGetTickCount(); /* Our local FreeRTOS tick count */
+ tickDiff = tickCount - last_tickCount; /* ticks since bench start */
+ expected_diff = CPU_TICK_CYCLES * tickDiff; /* CPU expected count */
+ ESP_LOGV(TAG, "CPU_TICK_CYCLES = %d", (int)CPU_TICK_CYCLES);
+ ESP_LOGV(TAG, "tickCount = %lu", tickCount);
+ ESP_LOGV(TAG, "last_tickCount = %lu", last_tickCount);
+ ESP_LOGV(TAG, "tickDiff = %lu", tickDiff);
+ ESP_LOGV(TAG, "expected_diff1 = %llu", expected_diff);
+ }
+ #endif
+
+ /* If either thisVal is smaller than last (overflow), and/or the
+ * expected value calculated from FreeRTOS tick difference that would
+ * have never fit into an unsigned 32 bit integer anyhow... then we
+ * need to adjust thisVal to save. */
+ if ( (thisVal < _esp_cpu_count_last) || (expected_diff > UINT_MAX) )
{
- /* Warning: we assume the return type of xthal_get_ccount()
- ** will always be unsigned int to add UINT_MAX.
+ /* Warning: we assume the return type of esp_cpu_get_cycle_count()
+ ** will always be unsigned int (or uint32_t) to add UINT_MAX.
**
** NOTE for long duration between calls with multiple overflows:
**
@@ -1082,22 +1404,113 @@ static const char* bench_desc_words[][15] = {
** as well call xthal_get_ccount_ex() with no more than one
** overflow CPU tick count, all will be well.
*/
- ESP_LOGV(TAG, "Alert: Detected xthal_get_ccount overflow, "
- "adding %ull", UINT_MAX);
- thisVal += (word64)UINT_MAX;
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGW(TAG,
+ "Alert: Detected xthal_get_ccount overflow at %llu, "
+ "adding UINT_MAX.",
+ thisVal);
+ #endif
+
+ /* double check expected diff calc */
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ expected_diff = (CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * MILLION_VALUE)
+ * tickDiff / configTICK_RATE_HZ;
+ ESP_LOGI(TAG, "expected_diff2 = %llu", expected_diff);
+ #endif
+ if (expected_diff > UINT_MAX) {
+ /* The number of cycles expected from FreeRTOS ticks is
+ * greater than the maximum size of an unsigned 32-bit
+ * integer, meaning multiple overflows occured. */
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGW(TAG, "expected_diff > UINT_MAX (%u)", UINT_MAX);
+ #endif
+ thisVal += expected_diff; /* FreeRTOS calc to our 64 bit val */
+ }
+ else {
+ thisVal += (word64)UINT_MAX; /* add 32 bit max to our 64 bit */
+ }
+
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ {
+ tickBeginDiff = tickCount - begin_cycles_ticks;
+
+ ESP_LOGI(TAG, "begin_cycles_ticks = %llu", begin_cycles_ticks);
+ ESP_LOGI(TAG, "tickDiff = %lu", tickDiff);
+ ESP_LOGI(TAG, "expected_diff = %llu", expected_diff);
+ ESP_LOGI(TAG, "tickBeginDiff = %lu", tickBeginDiff);
+
+ ESP_LOGW(TAG, "");
+ }
+ #endif
}
+ else {
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGI(TAG, "thisVal, read CPU = %llu", thisVal);
+ #endif
+ } /* if thisVal adjustment check */
+
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ if (thisTimerVal < _esp_cpu_timer_last)
+ {
+ ESP_LOGW(TAG, "Alert: Detected xthal_get_ccountAlt overflow, "
+ "adding %ull", UINT_MAX);
+ thisTimerVal += (word64)UINT_MAX;
+ }
+ /* Check an alternate counter using a timer */
- /* adjust our actual returned value that takes into account overflow */
- _xthal_get_ccount_ex += (thisVal - _xthal_get_ccount_last);
+ _esp_cpu_timer_diff = esp_cycle_abs_diff(_esp_cpu_count_last, _esp_cpu_timer_last);
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
- /* all of this took some time, so reset the "last seen" value */
- #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer,
- &_xthal_get_ccount_last));
- #else
- _xthal_get_ccount_last = xthal_get_ccount();
- #endif
- return _xthal_get_ccount_ex;
+ /* Adjust our actual returned value that takes into account overflow,
+ * increment 64 bit extended total by this 32 bit differential: */
+ thisIncrement = (thisVal - _esp_cpu_count_last);
+
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGI(TAG, "thisIncrement = %llu", thisIncrement);
+ #endif
+
+ /* Add our adjustment, taking into account overflows (see above) */
+ _esp_get_cycle_count_ex += thisIncrement;
+
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ _xthal_get_ccount_exDiff = esp_cycle_abs_diff(_esp_get_cycle_count_ex, _xthal_get_ccount_exAlt);
+ _xthal_get_ccount_exAlt += (thisTimerVal - _esp_cpu_timer_last);
+ diffDiff = esp_cycle_abs_diff(_xthal_get_ccount_exDiff, _esp_cpu_timer_diff);
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
+ /* all of this took some time, so reset the "last seen" value
+ * for the next measurement. */
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer,
+ &_esp_cpu_timer_last));
+ ESP_LOGI(TAG, "thisVal = %llu", thisVal);
+ ESP_LOGI(TAG, "thisTimerVal = %llu", thisTimerVal);
+ ESP_LOGI(TAG, "diffDiff = %llu", diffDiff);
+ ESP_LOGI(TAG, "_xthal_get_ccount_exDiff = %llu", _xthal_get_ccount_exDiff);
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+ _esp_cpu_count_last = esp_cpu_get_cycle_count();
+ ESP_LOGV(TAG, "_xthal_get_ccount_last = %llu", _esp_cpu_count_last);
+ }
+ #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ _esp_cpu_count_last = esp_cpu_get_cycle_count();
+ #else
+ /* TODO: Why doesn't esp_cpu_get_cycle_count work for Xtensa
+ * when resetting CPU cycle counter? FreeRTOS tick collison?
+ * thisVal = esp_cpu_get_cycle_count(); See also, above
+ * or thisVal = xthal_get_ccount(); */
+ #if ESP_IDF_VERSION_MAJOR < 5
+ _esp_cpu_count_last = xthal_get_ccount();
+ #else
+ _esp_cpu_count_last = esp_cpu_get_cycle_count();
+ #endif
+ #endif
+
+ /* Return the 64 bit extended total from 32 bit counter. */
+ return _esp_get_cycle_count_ex;
}
/* implement other architecture cycle counters here */
@@ -1109,8 +1522,13 @@ static const char* bench_desc_words[][15] = {
#define INIT_CYCLE_COUNTER
#define BEGIN_INTEL_CYCLES
#define END_INTEL_CYCLES
- #define SHOW_INTEL_CYCLES(b, n, s) b[XSTRLEN(b)] = '\n'
- #define SHOW_INTEL_CYCLES_CSV(b, n, s) b[XSTRLEN(b)] = '\n'
+ #ifdef MULTI_VALUE_STATISTICS
+ #define SHOW_INTEL_CYCLES(b, n, s) WC_DO_NOTHING
+ #define SHOW_INTEL_CYCLES_CSV(b, n, s) WC_DO_NOTHING
+ #else
+ #define SHOW_INTEL_CYCLES(b, n, s) b[XSTRLEN(b)] = '\n'
+ #define SHOW_INTEL_CYCLES_CSV(b, n, s) b[XSTRLEN(b)] = '\n'
+ #endif
#endif
/* determine benchmark buffer to use (if NO_FILESYSTEM) */
@@ -1185,7 +1603,12 @@ static const char* bench_desc_words[][15] = {
defined(HAVE_CURVE448) || defined(HAVE_ED448) || \
defined(WOLFSSL_HAVE_KYBER)
static const char* bench_result_words2[][5] = {
+#ifdef BENCH_MICROSECOND
+ { "ops took", "μsec" , "avg" , "ops/μsec", NULL }, /* 0 English
+ for μsec */
+#else
{ "ops took", "sec" , "avg" , "ops/sec", NULL }, /* 0 English */
+#endif
#ifndef NO_MULTIBYTE_PRINT
{ "回処ç†ã‚’", "秒ã§å®Ÿæ–½", "å¹³å‡", "処ç†/秒", NULL }, /* 1 Japanese */
#endif
@@ -1203,7 +1626,11 @@ static const char* bench_result_words2[][5] = {
static THREAD_LS_T int devId = WOLFSSL_CAAM_DEVID;
#else
+ #ifdef WC_USE_DEVID
+ static THREAD_LS_T int devId = WC_USE_DEVID;
+ #else
static THREAD_LS_T int devId = INVALID_DEVID;
+ #endif
#endif
/* Asynchronous helper macros */
@@ -1215,11 +1642,15 @@ static const char* bench_result_words2[][5] = {
static volatile int g_threadCount;
#endif
-#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_CAAM)
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_CAAM) || defined(WC_USE_DEVID)
#ifndef NO_HW_BENCH
#define BENCH_DEVID
#endif
- #define BENCH_DEVID_GET_NAME(useDeviceID) (useDeviceID) ? "HW" : "SW"
+ #ifndef HAVE_RENESAS_SYNC
+ #define BENCH_DEVID_GET_NAME(useDeviceID) (useDeviceID) ? "HW" : "SW"
+ #else
+ #define BENCH_DEVID_GET_NAME(useDeviceID) ""
+ #endif
#else
#define BENCH_DEVID_GET_NAME(useDeviceID) ""
#endif
@@ -1242,7 +1673,8 @@ static const char* bench_result_words2[][5] = {
/* if algo doesn't require calling again then use this flow */
if (state == WOLF_EVENT_STATE_DONE) {
if (callAgain) {
- /* needs called again, so allow it and handle completion in bench_async_handle */
+ /* needs called again, so allow it and handle completion in
+ * bench_async_handle */
allowNext = 1;
}
else {
@@ -1348,7 +1780,7 @@ static const char* bench_result_words2[][5] = {
}
return 0;
}
- #define bench_async_poll(p)
+ #define bench_async_poll(p) WC_DO_NOTHING
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -1369,7 +1801,9 @@ static const char* bench_result_words2[][5] = {
#define AES_AAD_OPTIONS_DEFAULT 0x3U
#endif
#endif
- #define AES_AAD_STRING(s) (aesAuthAddSz == 0 ? (s "-no_AAD") : (aesAuthAddSz == AES_AUTH_ADD_SZ ? (s) : (s "-custom")))
+ #define AES_AAD_STRING(s) \
+ (aesAuthAddSz == 0 ? (s "-no_AAD") : \
+ (aesAuthAddSz == AES_AUTH_ADD_SZ ? (s) : (s "-custom")))
enum en_aad_options {
AAD_SIZE_DEFAULT = 0x1U,
AAD_SIZE_ZERO = 0x2U,
@@ -1433,6 +1867,10 @@ static word32 bench_size = BENCH_SIZE;
static int base2 = 1;
static int digest_stream = 1;
+#ifdef MULTI_VALUE_STATISTICS
+static int minimum_runs = 0;
+#endif
+
#ifndef NO_RSA
/* Don't measure RSA sign/verify by default */
static int rsa_sign_verify = 0;
@@ -1459,6 +1897,10 @@ static int csv_format = 0;
/* globals for cipher tests */
static THREAD_LS_T byte* bench_plain = NULL;
static THREAD_LS_T byte* bench_cipher = NULL;
+#ifndef NO_FILESYSTEM
+static THREAD_LS_T char* hash_input = NULL;
+static THREAD_LS_T char* cipher_input = NULL;
+#endif
static const XGEN_ALIGN byte bench_key_buf[] =
{
@@ -1480,7 +1922,10 @@ static const XGEN_ALIGN byte bench_iv_buf[] =
};
static THREAD_LS_T byte* bench_key = NULL;
static THREAD_LS_T byte* bench_iv = NULL;
-
+#ifdef HAVE_RENESAS_SYNC
+static THREAD_LS_T byte* bench_key1 = NULL;
+static THREAD_LS_T byte* bench_key2 = NULL;
+#endif
#ifdef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_STATIC_MEMORY_TEST_SZ
static byte gBenchMemory[WOLFSSL_STATIC_MEMORY_TEST_SZ];
@@ -1510,14 +1955,19 @@ static void benchmark_static_init(int force)
#endif
base2 = 1;
digest_stream = 1;
+ #ifdef MULTI_VALUE_STATISTICS
+ minimum_runs = 0;
+ #endif
bench_all = 1;
bench_cipher_algs = 0;
bench_digest_algs = 0;
bench_mac_algs = 0;
+ bench_kdf_algs = 0;
bench_asym_algs = 0;
bench_pq_asym_algs = 0;
bench_other_algs = 0;
+ bench_pq_hash_sig_algs = 0;
csv_format = 0;
}
}
@@ -1533,11 +1983,11 @@ typedef enum bench_stat_type {
BENCH_STAT_IGNORE,
} bench_stat_type_t;
-#ifdef WC_ENABLE_BENCH_THREADING
+#ifdef WC_BENCH_TRACK_STATS
static int gPrintStats = 0;
-
- static pthread_mutex_t bench_lock = PTHREAD_MUTEX_INITIALIZER;
-
+ #ifdef WC_ENABLE_BENCH_THREADING
+ static pthread_mutex_t bench_lock = PTHREAD_MUTEX_INITIALIZER;
+ #endif
#ifndef BENCH_MAX_NAME_SZ
#define BENCH_MAX_NAME_SZ 24
#endif
@@ -1563,8 +2013,10 @@ typedef enum bench_stat_type {
{
bench_stats_t* bstat = NULL;
+ #ifdef WC_ENABLE_BENCH_THREADING
/* protect bench_stats_head and bench_stats_tail access */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+ THREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+ #endif
if (algo != NULL) {
/* locate existing in list */
@@ -1611,99 +2063,56 @@ typedef enum bench_stat_type {
if (bstat->lastRet > ret)
bstat->lastRet = ret; /* track last error */
}
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
-
+ #ifdef WC_ENABLE_BENCH_THREADING
+ THREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
+ #endif
return bstat;
}
void bench_stats_print(void)
{
bench_stats_t* bstat;
+ int digits;
+ #ifdef WC_ENABLE_BENCH_THREADING
/* protect bench_stats_head and bench_stats_tail access */
- PTHREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+ THREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+ #endif
+
+ #ifdef BENCH_MICROSECOND
+ digits = 5;
+ #else
+ digits = 3;
+ #endif
for (bstat = bench_stats_head; bstat != NULL; ) {
if (bstat->type == BENCH_STAT_SYM) {
- printf("%-16s%s " FLT_FMT_PREC2 " %s/s\n", bstat->desc,
+ printf("%-16s%s " FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT
+ "\n", bstat->desc,
BENCH_DEVID_GET_NAME(bstat->useDeviceID),
- FLT_FMT_PREC2_ARGS(8, 3, bstat->perfsec),
+ FLT_FMT_PREC2_ARGS(8, digits, bstat->perfsec),
base2 ? "MB" : "mB");
}
else {
- printf("%-5s %4d %-9s %s " FLT_FMT_PREC " ops/sec\n",
+ printf("%-5s %4d %-9s %s " FLT_FMT_PREC " ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec\n",
bstat->algo, bstat->strength, bstat->desc,
BENCH_DEVID_GET_NAME(bstat->useDeviceID),
- FLT_FMT_PREC_ARGS(3, bstat->perfsec));
+ FLT_FMT_PREC_ARGS(digits, bstat->perfsec));
}
bstat = bstat->next;
}
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
- }
-
-#else /* !WC_ENABLE_BENCH_THREADING */
-
- typedef struct bench_stats {
- const char* algo;
- const char* desc;
- double perfsec;
- const char* perftype;
- int strength;
- bench_stat_type_t type;
- int ret;
- } bench_stats_t;
- /* 16 threads and 8 different operations. */
- #define MAX_BENCH_STATS (16 * 8)
- static bench_stats_t gStats[MAX_BENCH_STATS];
- static int gStatsCount;
-
- static bench_stats_t* bench_stats_add(bench_stat_type_t type,
- const char* algo, int strength, const char* desc, int useDeviceID,
- double perfsec, const char* perftype, int ret)
- {
- bench_stats_t* bstat = NULL;
- if (gStatsCount >= MAX_BENCH_STATS)
- return bstat;
-
- bstat = &gStats[gStatsCount++];
- bstat->algo = algo;
- bstat->desc = desc;
- bstat->perfsec = perfsec;
- bstat->perftype = perftype;
- bstat->strength = strength;
- bstat->type = type;
- bstat->ret = ret;
-
- (void)useDeviceID;
-
- return bstat;
- }
-
- void bench_stats_print(void)
- {
- int i;
-
- for (i=0; i<gStatsCount; i++) {
- bench_stats_t* bstat = &gStats[i];
- if (bstat->type == BENCH_STAT_SYM) {
- printf("%-16s " FLT_FMT_PREC2 " %s/s\n", bstat->desc,
- FLT_FMT_PREC2_ARGS(8, 3, bstat->perfsec),
- base2 ? "MB" : "mB");
- }
- else if (bstat->type == BENCH_STAT_ASYM) {
- printf("%-5s %4d %-9s " FLT_FMT_PREC " ops/sec\n",
- bstat->algo, bstat->strength, bstat->desc,
- FLT_FMT_PREC_ARGS(3, bstat->perfsec));
- }
- }
+ #ifdef WC_ENABLE_BENCH_THREADING
+ THREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
+ #endif
}
-#endif /* WC_ENABLE_BENCH_THREADING */
+#endif /* WC_BENCH_TRACK_STATS */
static WC_INLINE void bench_stats_init(void)
{
-#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_NO_ASYNC_THREADING)
+#ifdef WC_BENCH_TRACK_STATS
bench_stats_head = NULL;
bench_stats_tail = NULL;
#endif
@@ -1716,9 +2125,10 @@ static WC_INLINE void bench_stats_start(int* count, double* start)
*start = current_time(1);
#ifdef WOLFSSL_ESPIDF
- ESP_LOGV(TAG, "finish total_cycles = %llu, start=" FLT_FMT,
- total_cycles, FLT_FMT_ARGS(*start) );
-
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGI(TAG, "bench_stats_start total_cycles = %llu, start=" FLT_FMT,
+ total_cycles, FLT_FMT_ARGS(*start) );
+ #endif
BEGIN_ESP_CYCLES
#else
BEGIN_INTEL_CYCLES
@@ -1726,16 +2136,33 @@ static WC_INLINE void bench_stats_start(int* count, double* start)
}
#ifdef WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS
- #define bench_stats_start(count, start) do { \
- SAVE_VECTOR_REGISTERS(pr_err("SAVE_VECTOR_REGISTERS failed for benchmark run."); \
- return; ); \
- bench_stats_start(count, start); \
+ #define bench_stats_start(count, start) do { \
+ SAVE_VECTOR_REGISTERS(pr_err( \
+ "SAVE_VECTOR_REGISTERS failed for benchmark run."); \
+ return; ); \
+ bench_stats_start(count, start); \
} while (0)
#endif
static WC_INLINE int bench_stats_check(double start)
{
- return ((current_time(0) - start) < BENCH_MIN_RUNTIME_SEC);
+ int ret = 0;
+ double this_current_time;
+ this_current_time = current_time(0); /* get the timestamp, no reset */
+#if defined(DEBUG_WOLFSSL_BENCHMARK_TIMING)
+ #if (WOLFSSL_ESPIDF)
+ ESP_LOGI(TAG, "bench_stats_check Current time %f, start %f",
+ this_current_time, start );
+ #endif
+#endif
+
+ ret = ((this_current_time - start) < BENCH_MIN_RUNTIME_SEC
+#ifdef BENCH_MICROSECOND
+ * 1000000
+#endif
+ );
+
+ return ret;
}
/* return text for units and scale the value of blocks as needed */
@@ -1745,25 +2172,25 @@ static const char* get_blocktype(double* blocks)
#if ( defined(WOLFSSL_BENCHMARK_FIXED_UNITS_G) || \
defined(WOLFSSL_BENCHMARK_FIXED_UNITS_GB))
- #undef WOLFSSL_FIXED_UNITS_PER_SEC
- #define WOLFSSL_FIXED_UNITS_PER_SEC "GB/s"
+ #undef WOLFSSL_FIXED_UNIT
+ #define WOLFSSL_FIXED_UNIT "GB"
*blocks /= (1024UL * 1024UL * 1024UL);
rt = "GiB";
#elif (defined(WOLFSSL_BENCHMARK_FIXED_UNITS_M) || \
defined(WOLFSSL_BENCHMARK_FIXED_UNITS_MB))
- #undef WOLFSSL_FIXED_UNITS_PER_SEC
- #define WOLFSSL_FIXED_UNITS_PER_SEC "MB/s"
+ #undef WOLFSSL_FIXED_UNIT
+ #define WOLFSSL_FIXED_UNIT "MB"
*blocks /= (1024UL * 1024UL);
rt = "MiB";
#elif (defined(WOLFSSL_BENCHMARK_FIXED_UNITS_K) || \
defined(WOLFSSL_BENCHMARK_FIXED_UNITS_KB))
- #undef WOLFSSL_FIXED_UNITS_PER_SEC
- #define WOLFSSL_FIXED_UNITS_PER_SEC "KB/s"
+ #undef WOLFSSL_FIXED_UNIT
+ #define WOLFSSL_FIXED_UNIT "KB"
*blocks /= 1024;
rt = "KiB";
#elif defined (WOLFSSL_BENCHMARK_FIXED_UNITS_B)
- #undef WOLFSSL_FIXED_UNITS_PER_SEC
- #define WOLFSSL_FIXED_UNITS_PER_SEC "bytes/s"
+ #undef WOLFSSL_FIXED_UNIT
+ #define WOLFSSL_FIXED_UNIT "bytes"
(void)(*blocks); /* no adjustment, just appease compiler for not used */
rt = "bytes";
#else
@@ -1824,6 +2251,66 @@ static const char* get_blocktype_base10(double* blocks)
return rt;
}
+#ifdef MULTI_VALUE_STATISTICS
+static double wc_sqroot(double in)
+{
+ /* do 32 iterations for the sqroot */
+ int iter = 32;
+ double root = in/3.0;
+
+ if (in < 0.0)
+ return -1;
+
+ for (int i=0; i < iter; i++)
+ root = (root + in / root) / 2.0;
+
+ return root;
+}
+
+static void bench_multi_value_stats(double max, double min, double sum,
+ double squareSum, int runs)
+{
+ double mean = 0;
+ double sd = 0;
+ char msg[WC_BENCH_MAX_LINE_LEN];
+ const char** word = bench_result_words3[lng_index];
+
+ XMEMSET(msg, 0, sizeof(msg));
+
+ mean = sum / runs;
+
+ /* Calculating standard deviation */
+ sd = (squareSum / runs) - (mean * mean);
+ sd = wc_sqroot(sd);
+
+ if (csv_format == 1) {
+ (void)XSNPRINTF(msg, sizeof(msg), FLT_FMT_PREC2 ","
+ FLT_FMT_PREC2 "," FLT_FMT_PREC2 "," FLT_FMT_PREC2 ",\n",
+ FLT_FMT_PREC2_ARGS(3, 3, max),
+ FLT_FMT_PREC2_ARGS(3, 3, min),
+ FLT_FMT_PREC2_ARGS(3, 3, mean),
+ FLT_FMT_PREC2_ARGS(3, 3, sd));
+ }
+ else{
+ (void)XSNPRINTF(msg, sizeof(msg), ", %s " FLT_FMT_PREC2 " "
+ WOLFSSL_FIXED_TIME_UNIT ", %s " FLT_FMT_PREC2 " "
+ WOLFSSL_FIXED_TIME_UNIT ", %s " FLT_FMT_PREC2 " "
+ WOLFSSL_FIXED_TIME_UNIT ", %s " FLT_FMT_PREC2 " "
+ WOLFSSL_FIXED_TIME_UNIT "\n",
+ word[0], FLT_FMT_PREC2_ARGS(3, 3, max),
+ word[1], FLT_FMT_PREC2_ARGS(3, 3, min),
+ word[2], FLT_FMT_PREC2_ARGS(3, 3, mean),
+ word[3], FLT_FMT_PREC2_ARGS(3, 3, sd));
+ }
+ printf("%s", msg);
+
+#ifndef WOLFSSL_SGX
+ XFFLUSH(stdout);
+#endif
+
+}
+#endif
+
/* countSz is number of bytes that 1 count represents. Normally bench_size,
* except for AES direct that operates on AES_BLOCK_SIZE blocks */
static void bench_stats_sym_finish(const char* desc, int useDeviceID,
@@ -1832,7 +2319,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
{
double total, persec = 0, blocks = (double)count;
const char* blockType;
- char msg[__BENCHMARK_MAXIMUM_LINE_LENGTH];
+ char msg[WC_BENCH_MAX_LINE_LEN];
const char** word = bench_result_words1[lng_index];
static int sym_header_printed = 0;
@@ -1846,8 +2333,8 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
total = current_time(0) - start;
-#ifdef WOLFSSL_ESPIDF
- ESP_LOGV(TAG, "%s total_cycles = %llu", desc, total_cycles);
+#if defined(WOLFSSL_ESPIDF) && defined(DEBUG_WOLFSSL_BENCHMARK_TIMING)
+ ESP_LOGI(TAG, "%s total_cycles = %llu", desc, total_cycles);
#endif
#ifdef LINUX_RUSAGE_UTIME
@@ -1863,11 +2350,15 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
/* machine parseable CSV */
#ifdef HAVE_GET_CYCLES
- printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,seconds_total,"
- WOLFSSL_FIXED_UNITS_PER_SEC ",cycles_total,Cycles per byte,\n");
+ printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,"
+ WOLFSSL_FIXED_TIME_UNIT "econds_total,"
+ WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT
+ ",cycles_total,Cycles per byte,");
#else
- printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,seconds_total,"
- WOLFSSL_FIXED_UNITS_PER_SEC ",cycles_total,\n");
+ printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,"
+ WOLFSSL_FIXED_TIME_UNIT "econds_total,"
+ WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT
+ ",cycles_total,");
#endif
#else
/* normal CSV */
@@ -1880,14 +2371,20 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
printf("\n\nSymmetric Ciphers:\n\n");
printf("Algorithm,"
BENCH_DEVID_COLUMN_HEADER
- WOLFSSL_FIXED_UNITS_PER_SEC ",Cycles per byte,\n");
+ WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT
+ ",Cycles per byte,");
#else
printf("\n\nSymmetric Ciphers:\n\n");
printf("Algorithm,"
BENCH_DEVID_COLUMN_HEADER
- WOLFSSL_FIXED_UNITS_PER_SEC ", \n");
+ WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT ",");
#endif
#endif
+ #ifdef MULTI_VALUE_STATISTICS
+ printf("max duration,min duration,mean duration,sd,\n");
+ #else
+ printf("\n");
+ #endif
sym_header_printed = 1;
}
}
@@ -1922,9 +2419,11 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
/* note this codepath brings in all the fields from the non-CSV case. */
#ifdef WOLFSSL_ESPIDF
#ifdef HAVE_GET_CYCLES
- (void)XSNPRINTF(msg, sizeof(msg), "sym,%s,%s,%lu," FLT_FMT "," FLT_FMT ",%lu,", desc,
+ (void)XSNPRINTF(msg, sizeof(msg),
+ "sym,%s,%s,%lu," FLT_FMT "," FLT_FMT ",%lu,", desc,
BENCH_DEVID_GET_NAME(useDeviceID),
- bytes_processed, FLT_FMT_ARGS(total), FLT_FMT_ARGS(persec),
+ bytes_processed, FLT_FMT_ARGS(total),
+ FLT_FMT_ARGS(persec),
(long unsigned int) total_cycles);
#else
#warning "HAVE_GET_CYCLES should be defined for WOLFSSL_ESPIDF"
@@ -1949,16 +2448,23 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
#endif
#elif defined(BENCH_DEVID)
(void)XSNPRINTF(msg, sizeof(msg), "%s,%s," FLT_FMT ",", desc,
- BENCH_DEVID_GET_NAME(useDeviceID), FLT_FMT_ARGS(persec));
+ BENCH_DEVID_GET_NAME(useDeviceID), FLT_FMT_ARGS(persec));
#else
- (void)XSNPRINTF(msg, sizeof(msg), "%s," FLT_FMT ",", desc, FLT_FMT_ARGS(persec));
+ (void)XSNPRINTF(msg, sizeof(msg), "%s," FLT_FMT ",", desc,
+ FLT_FMT_ARGS(persec));
#endif
#ifdef WOLFSSL_ESPIDF
SHOW_ESP_CYCLES_CSV(msg, sizeof(msg), countSz);
- ESP_LOGV(TAG, "finish total_cycles = %llu", total_cycles);
- /* implement other cycle counters here */
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGI(TAG, "bench_stats_sym_finish total_cycles = %llu",
+ total_cycles);
+ #endif
+
+ /* implement other cycle counters here */
+
#else
+ /* the default cycle counter is Intel */
SHOW_INTEL_CYCLES_CSV(msg, sizeof(msg), (unsigned)countSz);
#endif
} /* if (csv_format == 1) */
@@ -1967,30 +2473,30 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
#ifdef HAVE_GET_CYCLES
(void)XSNPRINTF(msg, sizeof(msg),
+ "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
+ FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT ", %lu cycles,",
+ desc, BENCH_DEVID_GET_NAME(useDeviceID),
+ FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
+ word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+ FLT_FMT_PREC2_ARGS(8, 3, persec), blockType,
+ (unsigned long) total_cycles);
+ #else
+ (void)XSNPRINTF(msg, sizeof(msg),
"%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
- FLT_FMT_PREC2 " %s/s, %lu cycles,",
+ FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT ",",
desc, BENCH_DEVID_GET_NAME(useDeviceID),
FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
- FLT_FMT_PREC2_ARGS(8, 3, persec), blockType,
- (unsigned long) total_cycles);
- #else
- (void)XSNPRINTF(msg, sizeof(msg),
- "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
- FLT_FMT_PREC2 " %s/s,",
- desc, BENCH_DEVID_GET_NAME(useDeviceID),
- FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
- word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
- FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
- #endif /* HAVE_GET_CYCLES */
+ FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
+ #endif /* HAVE_GET_CYCLES */
#else
(void)XSNPRINTF(msg, sizeof(msg),
- "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
- FLT_FMT_PREC2 " %s/s",
- desc, BENCH_DEVID_GET_NAME(useDeviceID),
- FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
- word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
- FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
+ "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
+ FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT,
+ desc, BENCH_DEVID_GET_NAME(useDeviceID),
+ FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
+ word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+ FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
#endif
#ifdef WOLFSSL_ESPIDF
@@ -2014,14 +2520,18 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
XFFLUSH(stdout);
#endif
+#ifdef WC_BENCH_TRACK_STATS
/* Add to thread stats */
bench_stats_add(BENCH_STAT_SYM, desc, 0, desc, useDeviceID, persec,
blockType, ret);
+#endif
(void)useDeviceID;
(void)ret;
+#ifdef WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS
RESTORE_VECTOR_REGISTERS();
+#endif
TEST_SLEEP();
} /* bench_stats_sym_finish */
@@ -2037,9 +2547,16 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
{
double total, each = 0, opsSec, milliEach;
const char **word = bench_result_words2[lng_index];
+#ifdef WC_BENCH_TRACK_STATS
const char* kOpsSec = "Ops/Sec";
+#endif
char msg[256];
static int asym_header_printed = 0;
+#ifdef BENCH_MICROSECOND
+ const int digits = 5;
+#else
+ const int digits = 3;
+#endif
XMEMSET(msg, 0, sizeof(msg));
@@ -2073,48 +2590,62 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
opsSec = 0;
}
+#ifdef BENCH_MICROSECOND
+ milliEach = each / 1000; /* milliseconds */
+#else
milliEach = each * 1000; /* milliseconds */
+#endif
SLEEP_ON_ERROR(ret);
+
+#ifdef MULTI_VALUE_STATISTICS /* Print without avg ms */
+ (void)milliEach;
+
/* format and print to terminal */
if (csv_format == 1) {
/* only print out header once */
if (asym_header_printed == 0) {
#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
#ifdef HAVE_GET_CYCLES
- printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/sec,"
- "ops,secs,cycles,cycles/op\n");
+ printf("%s", "\"asym\",Algorithm,key size,operation,ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+ "ecs,cycles,cycles/op,");
#else
- printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/sec,"
- "ops,secs\n");
+ printf("%s", "\"asym\",Algorithm,key size,operation,ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+ "ecs,");
#endif
#else
printf("\n%sAsymmetric Ciphers:\n\n", info_prefix);
- printf("%sAlgorithm,key size,operation,avg ms,ops/sec,\n",
- info_prefix);
+ printf("%sAlgorithm,key size,operation,ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec,", info_prefix);
#endif
+ printf("max duration,min duration,mean duration,sd,\n");
asym_header_printed = 1;
}
#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
#ifdef HAVE_GET_CYCLES
(void)XSNPRINTF(msg, sizeof(msg),
- "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d," FLT_FMT
- ",%lu," FLT_FMT_PREC "\n",
- algo, strength, desc, desc_extra, FLT_FMT_PREC_ARGS(3, milliEach),
- FLT_FMT_PREC_ARGS(3, opsSec),
- count, FLT_FMT_ARGS(total), (unsigned long) total_cycles,
- FLT_FMT_PREC_ARGS(6, (double)total_cycles / (double)count));
+ "asym,%s,%d,%s%s," FLT_FMT_PREC ",%d,"
+ FLT_FMT ",%lu," FLT_FMT_PREC STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ FLT_FMT_PREC_ARGS(digits, opsSec),
+ count, FLT_FMT_ARGS(total), (unsigned long)total_cycles,
+ FLT_FMT_PREC_ARGS(6,
+ (double)total_cycles / (double)count));
#else
(void)XSNPRINTF(msg, sizeof(msg),
- "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d," FLT_FMT "\n",
- algo, strength, desc, desc_extra, FLT_FMT_PREC_ARGS(3, milliEach),
- FLT_FMT_PREC_ARGS(3, opsSec),
+ "asym,%s,%d,%s%s," FLT_FMT_PREC ",%d,"
+ FLT_FMT STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ FLT_FMT_PREC_ARGS(digits, opsSec),
count, FLT_FMT_ARGS(total));
#endif
#else
- (void)XSNPRINTF(msg, sizeof(msg), "%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",\n", algo,
- strength, desc, desc_extra, FLT_FMT_PREC_ARGS(3, milliEach),
- FLT_FMT_PREC_ARGS(3, opsSec));
+ (void)XSNPRINTF(msg, sizeof(msg), "%s,%d,%s%s,"
+ FLT_FMT_PREC "," STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ FLT_FMT_PREC_ARGS(digits, opsSec));
#endif
} /* if (csv_format == 1) */
@@ -2122,30 +2653,121 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
#ifdef HAVE_GET_CYCLES
(void)XSNPRINTF(msg, sizeof(msg),
- "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s " FLT_FMT_PREC2 " ms,"
- " " FLT_FMT_PREC " %s, %lu cycles\n", algo, strength, desc,
- desc_extra, BENCH_DEVID_GET_NAME(useDeviceID),
- count, word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
+ "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, "
+ FLT_FMT_PREC " %s, %lu cycles" STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+ FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+ FLT_FMT_PREC_ARGS(digits, opsSec), word[3],
+ (unsigned long)total_cycles);
+ #else
+ (void)XSNPRINTF(msg, sizeof(msg),
+ "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, "
+ FLT_FMT_PREC " %s" STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+ FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+ FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
+ #endif /* HAVE_GET_CYCLES */
+#else
+ (void)XSNPRINTF(msg, sizeof(msg),
+ "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, "
+ FLT_FMT_PREC " %s" STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+ FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+ FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
+#endif
+ }
+#else /* MULTI_VALUE_STATISTICS. Print with avg ms */
+ /* format and print to terminal */
+ if (csv_format == 1) {
+ /* only print out header once */
+ if (asym_header_printed == 0) {
+#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
+ #ifdef HAVE_GET_CYCLES
+ printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+ "ecs,cycles,cycles/op,");
+ #else
+ printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+ "ecs,");
+ #endif
+#else
+ printf("\n%sAsymmetric Ciphers:\n\n", info_prefix);
+ printf("%sAlgorithm,key size,operation,avg ms,ops/"
+ WOLFSSL_FIXED_TIME_UNIT "ec,", info_prefix);
+#endif
+ printf("\n");
+ asym_header_printed = 1;
+ }
+#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
+ #ifdef HAVE_GET_CYCLES
+ (void)XSNPRINTF(msg, sizeof(msg),
+ "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d,"
+ FLT_FMT ",%lu," FLT_FMT_PREC STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ FLT_FMT_PREC_ARGS(3, milliEach),
+ FLT_FMT_PREC_ARGS(digits, opsSec),
+ count, FLT_FMT_ARGS(total), (unsigned long)total_cycles,
+ FLT_FMT_PREC_ARGS(6,
+ (double)total_cycles / (double)count));
+ #else
+ (void)XSNPRINTF(msg, sizeof(msg),
+ "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d,"
+ FLT_FMT STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ FLT_FMT_PREC_ARGS(3, milliEach),
+ FLT_FMT_PREC_ARGS(digits, opsSec),
+ count, FLT_FMT_ARGS(total));
+ #endif
+#else
+ (void)XSNPRINTF(msg, sizeof(msg), "%s,%d,%s%s," FLT_FMT_PREC ","
+ FLT_FMT_PREC "," STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ FLT_FMT_PREC_ARGS(3, milliEach),
+ FLT_FMT_PREC_ARGS(digits, opsSec));
+#endif
+ } /* if (csv_format == 1) */
+
+ else {
+#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
+ #ifdef HAVE_GET_CYCLES
+ (void)XSNPRINTF(msg, sizeof(msg),
+ "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s "
+ FLT_FMT_PREC2 " ms, " FLT_FMT_PREC " %s, %lu cycles"
+ STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+ FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
FLT_FMT_PREC2_ARGS(5, 3, milliEach),
- FLT_FMT_PREC_ARGS(3, opsSec), word[3], (unsigned long) total_cycles);
+ FLT_FMT_PREC_ARGS(digits, opsSec), word[3],
+ (unsigned long)total_cycles);
#else
(void)XSNPRINTF(msg, sizeof(msg),
- "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s " FLT_FMT_PREC2 " ms,"
- " " FLT_FMT_PREC " %s\n", algo, strength, desc,
- desc_extra, BENCH_DEVID_GET_NAME(useDeviceID),
- count, word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
+ "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s "
+ FLT_FMT_PREC2 " ms, " FLT_FMT_PREC " %s"
+ STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
+ BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+ FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
FLT_FMT_PREC2_ARGS(5, 3, milliEach),
- FLT_FMT_PREC_ARGS(3, opsSec), word[3]);
+ FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
#endif /* HAVE_GET_CYCLES */
#else
(void)XSNPRINTF(msg, sizeof(msg),
- "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s " FLT_FMT_PREC2 " ms,"
- " " FLT_FMT_PREC " %s\n", algo, strength, desc, desc_extra,
+ "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s "
+ FLT_FMT_PREC2 " ms, " FLT_FMT_PREC " %s"
+ STATS_CLAUSE_SEPARATOR,
+ algo, strength, desc, desc_extra,
BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
- FLT_FMT_PREC2_ARGS(5, 3, milliEach), FLT_FMT_PREC_ARGS(3, opsSec), word[3]);
+ FLT_FMT_PREC2_ARGS(5, 3, milliEach),
+ FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
#endif
}
+#endif /* MULTI_VALUE_STATISTICS */
printf("%s", msg);
/* show errors */
@@ -2158,14 +2780,18 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
XFFLUSH(stdout);
#endif
+#ifdef WC_BENCH_TRACK_STATS
/* Add to thread stats */
bench_stats_add(BENCH_STAT_ASYM, algo, strength, desc, useDeviceID, opsSec,
kOpsSec, ret);
+#endif
(void)useDeviceID;
(void)ret;
+#ifdef WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS
RESTORE_VECTOR_REGISTERS();
+#endif
TEST_SLEEP();
} /* bench_stats_asym_finish_ex */
@@ -2181,7 +2807,7 @@ static void bench_stats_asym_finish(const char* algo, int strength,
static WC_INLINE void bench_stats_free(void)
{
-#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_NO_ASYNC_THREADING)
+#ifdef WC_BENCH_TRACK_STATS
bench_stats_t* bstat;
for (bstat = bench_stats_head; bstat != NULL; ) {
bench_stats_t* next = bstat->next;
@@ -2200,7 +2826,7 @@ static WC_INLINE void bench_stats_free(void)
static void* benchmarks_do(void* args)
{
- int bench_buf_size;
+ long bench_buf_size;
#ifdef WOLFSSL_ASYNC_CRYPT
#ifndef WC_NO_ASYNC_THREADING
@@ -2284,8 +2910,101 @@ static void* benchmarks_do(void* args)
printf("%sBenchmark block buffer alloc failed!\n", err_prefix);
goto exit;
}
- XMEMSET(bench_plain, 0, (size_t)bench_buf_size);
- XMEMSET(bench_cipher, 0, (size_t)bench_buf_size);
+
+#ifndef NO_FILESYSTEM
+ if (hash_input) {
+ int rawSz;
+ XFILE file;
+ file = XFOPEN(hash_input, "rb");
+ if (file == XBADFILE)
+ goto exit;
+
+ if (XFSEEK(file, 0, XSEEK_END) != 0) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ bench_buf_size = XFTELL(file);
+ if(XFSEEK(file, 0, XSEEK_SET) != 0) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ XFREE(bench_plain, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+ rawSz = (int)bench_buf_size;
+ if (bench_buf_size % 16)
+ bench_buf_size += 16 - (bench_buf_size % 16);
+
+ bench_size = (word32)bench_buf_size;
+
+ bench_plain = (byte*)XMALLOC((size_t)bench_buf_size + 16*2,
+ HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+ if (bench_plain == NULL) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ if ((size_t)XFREAD(bench_plain, 1, rawSz, file)
+ != (size_t)rawSz) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ XFCLOSE(file);
+ }
+ else {
+ XMEMSET(bench_plain, 0, (size_t)bench_buf_size);
+ }
+
+ if (cipher_input) {
+ int rawSz;
+ XFILE file;
+ file = XFOPEN(cipher_input, "rb");
+ if (file == XBADFILE)
+ goto exit;
+
+ if (XFSEEK(file, 0, XSEEK_END) != 0) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ bench_buf_size = XFTELL(file);
+ if(XFSEEK(file, 0, XSEEK_SET) != 0) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ XFREE(bench_cipher, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+ rawSz = (int)bench_buf_size;
+ if (bench_buf_size % 16)
+ bench_buf_size += 16 - (bench_buf_size % 16);
+
+ if (bench_size > (word32)bench_buf_size)
+ bench_size = (word32)bench_buf_size;
+
+ bench_cipher = (byte*)XMALLOC((size_t)bench_buf_size + 16*2,
+ HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+ if (bench_cipher == NULL) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ if ((size_t)XFREAD(bench_cipher, 1, rawSz, file)
+ != (size_t)rawSz) {
+ XFCLOSE(file);
+ goto exit;
+ }
+
+ XFCLOSE(file);
+ }
+ else {
+ XMEMSET(bench_cipher, 0, (size_t)bench_buf_size);
+ }
+#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(HAVE_INTEL_QA_SYNC)
bench_key = (byte*)XMALLOC(sizeof(bench_key_buf),
@@ -2303,6 +3022,11 @@ static void* benchmarks_do(void* args)
}
XMEMCPY(bench_key, bench_key_buf, sizeof(bench_key_buf));
XMEMCPY(bench_iv, bench_iv_buf, sizeof(bench_iv_buf));
+#elif defined(HAVE_RENESAS_SYNC)
+ bench_key1 = (byte*)guser_PKCbInfo.wrapped_key_aes128;
+ bench_key2 = (byte*)guser_PKCbInfo.wrapped_key_aes256;
+ bench_key = (byte*)bench_key_buf;
+ bench_iv = (byte*)bench_iv_buf;
#else
bench_key = (byte*)bench_key_buf;
bench_iv = (byte*)bench_iv_buf;
@@ -2318,7 +3042,7 @@ static void* benchmarks_do(void* args)
#ifndef NO_SW_BENCH
bench_aescbc(0);
#endif
- #if defined(BENCH_DEVID) || defined(HAVE_RENESAS_SYNC)
+ #if defined(BENCH_DEVID)
bench_aescbc(1);
#endif
}
@@ -2334,8 +3058,12 @@ static void* benchmarks_do(void* args)
!defined(NO_HW_BENCH)
bench_aes_aad_options_wrap(bench_aesgcm, 1);
#endif
-
- bench_gmac();
+ #ifndef NO_SW_BENCH
+ bench_gmac(0);
+ #endif
+ #if defined(BENCH_DEVID)
+ bench_gmac(1);
+ #endif
}
#endif
#ifdef HAVE_AES_ECB
@@ -2386,6 +3114,18 @@ static void* benchmarks_do(void* args)
if (bench_all || (bench_cipher_algs & BENCH_CAMELLIA))
bench_camellia();
#endif
+#ifdef WOLFSSL_SM4_CBC
+ if (bench_all || (bench_cipher_algs & BENCH_SM4_CBC))
+ bench_sm4_cbc();
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ if (bench_all || (bench_cipher_algs & BENCH_SM4_GCM))
+ bench_sm4_gcm();
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ if (bench_all || (bench_cipher_algs & BENCH_SM4_CCM))
+ bench_sm4_ccm();
+#endif
#ifndef NO_RC4
if (bench_all || (bench_cipher_algs & BENCH_ARC4)) {
#ifndef NO_SW_BENCH
@@ -2565,6 +3305,16 @@ static void* benchmarks_do(void* args)
}
#endif /* WOLFSSL_SHAKE256 */
#endif
+#ifdef WOLFSSL_SM3
+ if (bench_all || (bench_digest_algs & BENCH_SM3)) {
+ #ifndef NO_SW_BENCH
+ bench_sm3(0);
+ #endif
+ #ifdef BENCH_DEVID
+ bench_sm3(1);
+ #endif
+ }
+#endif
#ifdef WOLFSSL_RIPEMD
if (bench_all || (bench_digest_algs & BENCH_RIPEMD))
bench_ripemd();
@@ -2652,12 +3402,18 @@ static void* benchmarks_do(void* args)
bench_pbkdf2();
}
#endif
- #ifdef WOLFSSL_SIPHASH
- if (bench_all || (bench_mac_algs & BENCH_SIPHASH)) {
- bench_siphash();
- }
- #endif
#endif /* NO_HMAC */
+#ifdef WOLFSSL_SIPHASH
+ if (bench_all || (bench_mac_algs & BENCH_SIPHASH)) {
+ bench_siphash();
+ }
+#endif
+
+#ifdef WC_SRTP_KDF
+ if (bench_all || (bench_kdf_algs & BENCH_SRTP_KDF)) {
+ bench_srtpkdf();
+ }
+#endif
#ifdef HAVE_SCRYPT
if (bench_all || (bench_other_algs & BENCH_SCRYPT))
@@ -2665,6 +3421,7 @@ static void* benchmarks_do(void* args)
#endif
#ifndef NO_RSA
+#ifndef HAVE_RENESAS_SYNC
#ifdef WOLFSSL_KEY_GEN
if (bench_all || (bench_asym_algs & BENCH_RSA_KEYGEN)) {
#ifndef NO_SW_BENCH
@@ -2706,6 +3463,7 @@ static void* benchmarks_do(void* args)
}
#endif
#endif
+#endif
#ifndef NO_DH
if (bench_all || (bench_asym_algs & BENCH_DH)) {
@@ -2732,6 +3490,18 @@ static void* benchmarks_do(void* args)
}
#endif
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+ if (bench_all || (bench_pq_hash_sig_algs & BENCH_LMS_HSS)) {
+ bench_lms();
+ }
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
+
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+ if (bench_all || (bench_pq_hash_sig_algs & BENCH_XMSS_XMSSMT)) {
+ bench_xmss();
+ }
+#endif /* if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY) */
+
#ifdef HAVE_ECC
if (bench_all || (bench_asym_algs & BENCH_ECC_MAKEKEY) ||
(bench_asym_algs & BENCH_ECC) ||
@@ -2754,7 +3524,7 @@ static void* benchmarks_do(void* args)
do {
#ifdef WOLFCRYPT_HAVE_SAKKE
- /* SAKKE is not useable with ECDH/ECDSA. Run separate test. */
+ /* SAKKE is not usable with ECDH/ECDSA. Run separate test. */
if (curveId == ECC_SAKKE_1) {
curveId++;
continue;
@@ -2795,6 +3565,11 @@ static void* benchmarks_do(void* args)
}
}
#endif
+#ifdef WOLFSSL_SM2
+ if (bench_all || (bench_asym_algs & BENCH_SM2)) {
+ bench_sm2(0);
+ }
+#endif
#ifdef HAVE_CURVE25519
if (bench_all || (bench_asym_algs & BENCH_CURVE25519_KEYGEN)) {
@@ -3004,7 +3779,7 @@ int benchmark_free(void)
{
int ret;
-#ifdef WC_ENABLE_BENCH_THREADING
+#ifdef WC_BENCH_TRACK_STATS
if (gPrintStats || devId != INVALID_DEVID) {
bench_stats_print();
}
@@ -3075,12 +3850,12 @@ static int benchmark_test_threaded(void* args)
}
for (i = 0; i < g_threadCount; i++) {
- PTHREAD_CHECK_RET(pthread_create(&g_threadData[i].thread_id,
+ THREAD_CHECK_RET(pthread_create(&g_threadData[i].thread_id,
NULL, run_bench, args));
}
for (i = 0; i < g_threadCount; i++) {
- PTHREAD_CHECK_RET(pthread_join(g_threadData[i].thread_id, 0));
+ THREAD_CHECK_RET(pthread_join(g_threadData[i].thread_id, 0));
}
printf("\n");
@@ -3181,6 +3956,7 @@ void bench_rng(void)
double start;
long pos, len, remain;
WC_RNG myrng;
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifndef HAVE_FIPS
ret = wc_InitRng_ex(&myrng, HEAP_HINT, devId);
@@ -3210,11 +3986,19 @@ void bench_rng(void)
remain -= len;
pos += len;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_rng:
bench_stats_sym_finish("RNG", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeRng(&myrng);
}
@@ -3232,6 +4016,7 @@ static void bench_aescbc_internal(int useDeviceID,
int ret = 0, i, count = 0, times, pending = 0;
Aes enc[BENCH_MAX_PENDING];
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* clear for done cleanup */
XMEMSET(enc, 0, sizeof(enc));
@@ -3269,13 +4054,21 @@ static void bench_aescbc_internal(int useDeviceID,
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_aes_enc:
bench_stats_sym_finish(encLabel, useDeviceID, count,
bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
if (ret < 0) {
goto exit;
@@ -3291,6 +4084,8 @@ exit_aes_enc:
}
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (times = 0; times < numBlocks || pending > 0; ) {
@@ -3309,12 +4104,21 @@ exit_aes_enc:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_aes_dec:
bench_stats_sym_finish(decLabel, useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_AES_DECRYPT */
@@ -3329,17 +4133,27 @@ exit:
void bench_aescbc(int useDeviceID)
{
#ifdef WOLFSSL_AES_128
+#ifdef HAVE_RENESAS_SYNC
+ bench_aescbc_internal(useDeviceID, bench_key1, 16, bench_iv,
+ "AES-128-CBC-enc", "AES-128-CBC-dec");
+#else
bench_aescbc_internal(useDeviceID, bench_key, 16, bench_iv,
"AES-128-CBC-enc", "AES-128-CBC-dec");
#endif
+#endif
#ifdef WOLFSSL_AES_192
bench_aescbc_internal(useDeviceID, bench_key, 24, bench_iv,
"AES-192-CBC-enc", "AES-192-CBC-dec");
#endif
#ifdef WOLFSSL_AES_256
+#ifdef HAVE_RENESAS_SYNC
+ bench_aescbc_internal(useDeviceID, bench_key2, 32, bench_iv,
+ "AES-256-CBC-enc", "AES-256-CBC-dec");
+#else
bench_aescbc_internal(useDeviceID, bench_key, 32, bench_iv,
"AES-256-CBC-enc", "AES-256-CBC-dec");
#endif
+#endif
}
#endif /* HAVE_AES_CBC */
@@ -3356,6 +4170,7 @@ static void bench_aesgcm_internal(int useDeviceID,
Aes dec[BENCH_MAX_PENDING+1];
#endif
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
@@ -3412,16 +4227,27 @@ static void bench_aesgcm_internal(int useDeviceID,
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_aes_gcm:
bench_stats_sym_finish(encLabel, useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#ifdef HAVE_AES_DECRYPT
XMEMSET(dec, 0, sizeof(dec));
+ RESET_MULTI_VALUE_STATS_VARS();
+
/* init keys */
for (i = 0; i < BENCH_MAX_PENDING; i++) {
if ((ret = wc_AesInit(&dec[i], HEAP_HINT,
@@ -3456,13 +4282,21 @@ exit_aes_gcm:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_aes_gcm_dec:
bench_stats_sym_finish(decLabel, useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_AES_DECRYPT */
(void)decLabel;
@@ -3496,6 +4330,7 @@ static void bench_aesgcm_stream_internal(int useDeviceID,
Aes dec[BENCH_MAX_PENDING];
#endif
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
@@ -3561,12 +4396,21 @@ static void bench_aesgcm_stream_internal(int useDeviceID,
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_aes_gcm:
bench_stats_sym_finish(encLabel, useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#ifdef HAVE_AES_DECRYPT
/* init keys */
@@ -3584,6 +4428,8 @@ exit_aes_gcm:
}
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (times = 0; times < numBlocks || pending > 0; ) {
@@ -3609,13 +4455,21 @@ exit_aes_gcm:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_aes_gcm_dec:
bench_stats_sym_finish(decLabel, useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_AES_DECRYPT */
(void)decLabel;
@@ -3645,18 +4499,28 @@ void bench_aesgcm(int useDeviceID)
#if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES) \
&& !defined(WOLFSSL_XILINX_CRYPT) \
|| defined(WOLFSSL_XILINX_CRYPT_VERSAL)
+#ifdef HAVE_RENESAS_SYNC
+ bench_aesgcm_internal(useDeviceID, bench_key1, 16, bench_iv, 12,
+ AES_GCM_STRING(128, enc), AES_GCM_STRING(128, dec));
+#else
bench_aesgcm_internal(useDeviceID, bench_key, 16, bench_iv, 12,
AES_GCM_STRING(128, enc), AES_GCM_STRING(128, dec));
#endif
+#endif
#if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES) \
&& !defined(WOLFSSL_XILINX_CRYPT)
bench_aesgcm_internal(useDeviceID, bench_key, 24, bench_iv, 12,
AES_GCM_STRING(192, enc), AES_GCM_STRING(192, dec));
#endif
#ifdef WOLFSSL_AES_256
+#ifdef HAVE_RENESAS_SYNC
+ bench_aesgcm_internal(useDeviceID, bench_key2, 32, bench_iv, 12,
+ AES_GCM_STRING(256, enc), AES_GCM_STRING(256, dec));
+#else
bench_aesgcm_internal(useDeviceID, bench_key, 32, bench_iv, 12,
AES_GCM_STRING(256, enc), AES_GCM_STRING(256, dec));
#endif
+#endif
#ifdef WOLFSSL_AESGCM_STREAM
#undef AES_GCM_STRING
#define AES_GCM_STRING(n, dir) AES_AAD_STRING("AES-" #n "-GCM-STREAM-" #dir)
@@ -3680,12 +4544,13 @@ void bench_aesgcm(int useDeviceID)
}
/* GMAC */
-void bench_gmac(void)
+void bench_gmac(int useDeviceID)
{
int ret, count = 0;
Gmac gmac;
double start;
byte tag[AES_AUTH_TAG_SZ];
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* determine GCM GHASH method */
#ifdef GCM_SMALL
@@ -3704,19 +4569,33 @@ void bench_gmac(void)
XMEMSET(bench_plain, 0, bench_size);
XMEMSET(tag, 0, sizeof(tag));
XMEMSET(&gmac, 0, sizeof(Gmac)); /* clear context */
- (void)wc_AesInit((Aes*)&gmac, HEAP_HINT, INVALID_DEVID);
+ (void)wc_AesInit((Aes*)&gmac, HEAP_HINT,
+ useDeviceID ? devId: INVALID_DEVID);
+#ifdef HAVE_RENESAS_SYNC
+ wc_GmacSetKey(&gmac, bench_key1, 16);
+#else
wc_GmacSetKey(&gmac, bench_key, 16);
-
+#endif
bench_stats_start(&count, &start);
do {
ret = wc_GmacUpdate(&gmac, bench_iv, 12, bench_plain, bench_size,
tag, sizeof(tag));
count++;
- } while (bench_stats_check(start));
+ RECORD_MULTI_VALUE_STATS();
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
wc_AesFree((Aes*)&gmac);
bench_stats_sym_finish(gmacStr, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
}
#endif /* HAVE_AESGCM */
@@ -3730,10 +4609,11 @@ static void bench_aesecb_internal(int useDeviceID,
int ret = 0, i, count = 0, times, pending = 0;
Aes enc[BENCH_MAX_PENDING];
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef HAVE_FIPS
- static const int benchSz = AES_BLOCK_SIZE;
+ const int benchSz = AES_BLOCK_SIZE;
#else
- static const int benchSz = BENCH_SIZE;
+ const int benchSz = (int)bench_size;
#endif
/* clear for done cleanup */
@@ -3779,12 +4659,21 @@ static void bench_aesecb_internal(int useDeviceID,
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_aes_enc:
bench_stats_sym_finish(encLabel, useDeviceID, count, benchSz,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#ifdef HAVE_AES_DECRYPT
/* init keys */
@@ -3796,6 +4685,8 @@ exit_aes_enc:
}
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
int outer_loop_limit = (10 * ((int)bench_size / benchSz)) + 1;
@@ -3819,12 +4710,21 @@ exit_aes_enc:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_aes_dec:
bench_stats_sym_finish(decLabel, useDeviceID, count, benchSz,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_AES_DECRYPT */
@@ -3860,6 +4760,13 @@ static void bench_aescfb_internal(const byte* key,
Aes enc;
double start;
int i, ret, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+ ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID);
+ if (ret != 0) {
+ printf("AesInit failed, ret = %d\n", ret);
+ return;
+ }
ret = wc_AesSetKey(&enc, key, keySz, iv, AES_ENCRYPTION);
if (ret != 0) {
@@ -3875,10 +4782,19 @@ static void bench_aescfb_internal(const byte* key,
printf("wc_AesCfbEncrypt failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(label, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
void bench_aescfb(void)
@@ -3904,6 +4820,7 @@ static void bench_aesofb_internal(const byte* key,
Aes enc;
double start;
int i, ret, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
ret = wc_AesInit(&enc, NULL, INVALID_DEVID);
if (ret != 0) {
@@ -3925,10 +4842,19 @@ static void bench_aesofb_internal(const byte* key,
printf("wc_AesCfbEncrypt failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(label, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_AesFree(&enc);
}
@@ -3954,6 +4880,7 @@ void bench_aesxts(void)
XtsAes aes;
double start;
int i, count, ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
static unsigned char k1[] = {
0xa1, 0xb9, 0x0c, 0xba, 0x3f, 0x06, 0xac, 0x35,
@@ -3982,10 +4909,19 @@ void bench_aesxts(void)
printf("wc_AesXtsEncrypt failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("AES-XTS-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_AesXtsFree(&aes);
/* decryption benchmark */
@@ -3996,6 +4932,8 @@ void bench_aesxts(void)
return;
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (i = 0; i < numBlocks; i++) {
@@ -4004,10 +4942,19 @@ void bench_aesxts(void)
printf("wc_AesXtsDecrypt failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("AES-XTS-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_AesXtsFree(&aes);
}
#endif /* WOLFSSL_AES_XTS */
@@ -4021,6 +4968,7 @@ static void bench_aesctr_internal(const byte* key, word32 keySz,
Aes enc;
double start;
int i, count, ret = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
if ((ret = wc_AesInit(&enc, HEAP_HINT,
useDeviceID ? devId : INVALID_DEVID)) != 0) {
@@ -4040,10 +4988,19 @@ static void bench_aesctr_internal(const byte* key, word32 keySz,
printf("wc_AesCtrEncrypt failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(label, useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_AesFree(&enc);
}
@@ -4069,6 +5026,7 @@ void bench_aesccm(int useDeviceID)
Aes enc;
double start;
int ret, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
@@ -4100,27 +5058,47 @@ void bench_aesccm(int useDeviceID)
ret |= wc_AesCcmEncrypt(&enc, bench_cipher, bench_plain, bench_size,
bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
bench_additional, 0);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(AES_AAD_STRING("AES-CCM-enc"), useDeviceID, count,
bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
if (ret != 0) {
printf("wc_AesCcmEncrypt failed, ret = %d\n", ret);
goto exit;
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (i = 0; i < numBlocks; i++) {
ret |= wc_AesCcmDecrypt(&enc, bench_plain, bench_cipher, bench_size,
bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
bench_additional, 0);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(AES_AAD_STRING("AES-CCM-dec"), useDeviceID, count,
bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
if (ret != 0) {
printf("wc_AesCcmEncrypt failed, ret = %d\n", ret);
goto exit;
@@ -4145,6 +5123,7 @@ static void bench_aessiv_internal(const byte* key, word32 keySz, const char*
byte siv[AES_BLOCK_SIZE];
int count = 0;
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
bench_stats_start(&count, &start);
do {
@@ -4156,10 +5135,21 @@ static void bench_aessiv_internal(const byte* key, word32 keySz, const char*
printf("wc_AesSivEncrypt failed (%d)\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(encLabel, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
bench_stats_start(&count, &start);
do {
@@ -4171,10 +5161,19 @@ static void bench_aessiv_internal(const byte* key, word32 keySz, const char*
printf("wc_AesSivDecrypt failed (%d)\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(decLabel, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
void bench_aessiv(void)
@@ -4194,6 +5193,7 @@ void bench_poly1305(void)
byte mac[16];
double start;
int ret = 0, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
if (digest_stream) {
ret = wc_Poly1305SetKey(&enc, bench_key, 32);
@@ -4210,11 +5210,15 @@ void bench_poly1305(void)
printf("Poly1305Update failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
wc_Poly1305Final(&enc, mac);
count += i;
- } while (bench_stats_check(start));
- bench_stats_sym_finish("POLY1305", 0, count, bench_size, start, ret);
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4231,11 +5235,19 @@ void bench_poly1305(void)
break;
}
wc_Poly1305Final(&enc, mac);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
- bench_stats_sym_finish("POLY1305", 0, count, bench_size, start, ret);
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
+ bench_stats_sym_finish("POLY1305", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif /* HAVE_POLY1305 */
@@ -4246,6 +5258,7 @@ void bench_camellia(void)
Camellia cam;
double start;
int ret, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
ret = wc_CamelliaSetKey(&cam, bench_key, 16, bench_iv);
if (ret != 0) {
@@ -4262,20 +5275,257 @@ void bench_camellia(void)
printf("CamelliaCbcEncrypt failed: %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("Camellia", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CBC
+void bench_sm4_cbc(void)
+{
+ wc_Sm4 sm4;
+ double start;
+ int ret;
+ int i;
+ int count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+ ret = wc_Sm4SetKey(&sm4, bench_key, SM4_KEY_SIZE);
+ if (ret != 0) {
+ printf("Sm4SetKey failed, ret = %d\n", ret);
+ return;
+ }
+ ret = wc_Sm4SetIV(&sm4, bench_iv);
+ if (ret != 0) {
+ printf("Sm4SetIV failed, ret = %d\n", ret);
+ return;
+ }
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_Sm4CbcEncrypt(&sm4, bench_cipher, bench_plain, bench_size);
+ if (ret < 0) {
+ printf("Sm4CbcEncrypt failed: %d\n", ret);
+ return;
+ }
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_sym_finish("SM4-CBC-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_Sm4CbcDecrypt(&sm4, bench_plain, bench_cipher, bench_size);
+ if (ret < 0) {
+ printf("Sm4CbcDecrypt failed: %d\n", ret);
+ return;
+ }
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_sym_finish("SM4-CBC-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif
+#ifdef WOLFSSL_SM4_GCM
+void bench_sm4_gcm(void)
+{
+ wc_Sm4 sm4;
+ double start;
+ int ret;
+ int i;
+ int count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+ WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
+ WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
+#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
+ if (bench_additional == NULL || bench_tag == NULL) {
+ printf("bench_aesgcm_internal malloc failed\n");
+ return;
+ }
+#endif
+
+ ret = wc_Sm4GcmSetKey(&sm4, bench_key, SM4_KEY_SIZE);
+ if (ret != 0) {
+ printf("Sm4GcmSetKey failed, ret = %d\n", ret);
+ return;
+ }
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_Sm4GcmEncrypt(&sm4, bench_cipher, bench_plain, bench_size,
+ bench_iv, GCM_NONCE_MID_SZ, bench_tag, SM4_BLOCK_SIZE,
+ bench_additional, aesAuthAddSz);
+ if (ret < 0) {
+ printf("Sm4GcmEncrypt failed: %d\n", ret);
+ return;
+ }
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_sym_finish("SM4-GCM-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_Sm4GcmDecrypt(&sm4, bench_plain, bench_cipher, bench_size,
+ bench_iv, GCM_NONCE_MID_SZ, bench_tag, SM4_BLOCK_SIZE,
+ bench_additional, aesAuthAddSz);
+ if (ret < 0) {
+ printf("Sm4GcmDecrypt failed: %d\n", ret);
+ return;
+ }
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_sym_finish("SM4-GCM-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CCM
+void bench_sm4_ccm()
+{
+ wc_Sm4 enc;
+ double start;
+ int ret, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+ WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
+ WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
+
+#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
+ if (bench_additional == NULL || bench_tag == NULL) {
+ printf("bench_aesccm malloc failed\n");
+ goto exit;
+ }
+#endif
+
+ XMEMSET(bench_tag, 0, AES_AUTH_TAG_SZ);
+ XMEMSET(bench_additional, 0, AES_AUTH_ADD_SZ);
+
+ if ((ret = wc_Sm4SetKey(&enc, bench_key, 16)) != 0) {
+ printf("wc_Sm4SetKey failed, ret = %d\n", ret);
+ goto exit;
+ }
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret |= wc_Sm4CcmEncrypt(&enc, bench_cipher, bench_plain, bench_size,
+ bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
+ bench_additional, 0);
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_sym_finish("SM4-CCM-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+ if (ret != 0) {
+ printf("wc_Sm4Encrypt failed, ret = %d\n", ret);
+ goto exit;
+ }
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret |= wc_Sm4CcmDecrypt(&enc, bench_plain, bench_cipher, bench_size,
+ bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
+ bench_additional, 0);
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_sym_finish("SM4-CCM-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+ if (ret != 0) {
+ printf("wc_Sm4Decrypt failed, ret = %d\n", ret);
+ goto exit;
+ }
+
+ exit:
+
+ WC_FREE_VAR(bench_additional, HEAP_HINT);
+ WC_FREE_VAR(bench_tag, HEAP_HINT);
+}
+#endif /* HAVE_AESCCM */
#ifndef NO_DES3
void bench_des(int useDeviceID)
{
int ret = 0, i, count = 0, times, pending = 0;
Des3 enc[BENCH_MAX_PENDING];
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* clear for done cleanup */
XMEMSET(enc, 0, sizeof(enc));
@@ -4313,11 +5563,20 @@ void bench_des(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_3des:
bench_stats_sym_finish("3DES", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -4334,6 +5593,7 @@ void bench_arc4(int useDeviceID)
int ret = 0, i, count = 0, times, pending = 0;
Arc4 enc[BENCH_MAX_PENDING];
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* clear for done cleanup */
XMEMSET(enc, 0, sizeof(enc));
@@ -4370,11 +5630,20 @@ void bench_arc4(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_arc4:
bench_stats_sym_finish("ARC4", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -4391,7 +5660,9 @@ void bench_chacha(void)
ChaCha enc;
double start;
int i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+ XMEMSET(&enc, 0, sizeof(enc));
wc_Chacha_SetKey(&enc, bench_key, 16);
bench_stats_start(&count, &start);
@@ -4399,10 +5670,19 @@ void bench_chacha(void)
for (i = 0; i < numBlocks; i++) {
wc_Chacha_SetIV(&enc, bench_iv, 0);
wc_Chacha_Process(&enc, bench_cipher, bench_plain, bench_size);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("CHACHA", 0, count, bench_size, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif /* HAVE_CHACHA*/
@@ -4411,6 +5691,7 @@ void bench_chacha20_poly1305_aead(void)
{
double start;
int ret = 0, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
byte authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
XMEMSET(authTag, 0, sizeof(authTag));
@@ -4424,10 +5705,19 @@ void bench_chacha20_poly1305_aead(void)
printf("wc_ChaCha20Poly1305_Encrypt error: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("CHA-POLY", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif /* HAVE_CHACHA && HAVE_POLY1305 */
@@ -4438,6 +5728,8 @@ void bench_md5(int useDeviceID)
wc_Md5 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_MD5_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4478,6 +5770,7 @@ void bench_md5(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -4497,7 +5790,11 @@ void bench_md5(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4510,12 +5807,20 @@ void bench_md5(int useDeviceID)
ret = wc_Md5Final(hash, digest[0]);
if (ret != 0)
goto exit_md5;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_md5:
bench_stats_sym_finish("MD5", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -4536,6 +5841,7 @@ void bench_sha(int useDeviceID)
wc_Sha hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4576,6 +5882,7 @@ void bench_sha(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -4595,7 +5902,11 @@ void bench_sha(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4609,12 +5920,20 @@ void bench_sha(int useDeviceID)
ret = wc_ShaFinal(hash, digest[0]);
if (ret != 0)
goto exit_sha;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha:
bench_stats_sym_finish("SHA", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -4633,6 +5952,7 @@ void bench_sha224(int useDeviceID)
wc_Sha224 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA224_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4670,6 +5990,7 @@ void bench_sha224(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -4688,7 +6009,11 @@ void bench_sha224(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4704,11 +6029,18 @@ void bench_sha224(int useDeviceID)
goto exit_sha224;
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha224:
bench_stats_sym_finish("SHA-224", useDeviceID, count,
bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -4720,12 +6052,14 @@ exit:
}
#endif
+
#ifndef NO_SHA256
void bench_sha256(int useDeviceID)
{
wc_Sha256 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA256_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4766,6 +6100,7 @@ void bench_sha256(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -4784,7 +6119,11 @@ void bench_sha256(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4798,16 +6137,22 @@ void bench_sha256(int useDeviceID)
ret = wc_Sha256Final(hash, digest[0]);
if (ret != 0)
goto exit_sha256;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha256:
bench_stats_sym_finish("SHA-256", useDeviceID, count, bench_size,
start, ret);
-
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
-
for (i = 0; i < BENCH_MAX_PENDING; i++) {
wc_Sha256Free(&hash[i]);
}
@@ -4822,6 +6167,7 @@ void bench_sha384(int useDeviceID)
wc_Sha384 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA384_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4859,6 +6205,7 @@ void bench_sha384(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -4877,7 +6224,11 @@ void bench_sha384(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4891,13 +6242,21 @@ void bench_sha384(int useDeviceID)
ret = wc_Sha384Final(hash, digest[0]);
if (ret != 0)
goto exit_sha384;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha384:
bench_stats_sym_finish("SHA-384", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -4915,6 +6274,7 @@ void bench_sha512(int useDeviceID)
wc_Sha512 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA512_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4952,6 +6312,7 @@ void bench_sha512(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -4970,7 +6331,11 @@ void bench_sha512(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -4984,13 +6349,21 @@ void bench_sha512(int useDeviceID)
ret = wc_Sha512Final(hash, digest[0]);
if (ret != 0)
goto exit_sha512;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha512:
bench_stats_sym_finish("SHA-512", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5008,7 +6381,8 @@ void bench_sha512_224(int useDeviceID)
wc_Sha512_224 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
- WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
+ DECLARE_MULTI_VALUE_STATS_VARS()
+ WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA512_224_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA512_224_DIGEST_SIZE, HEAP_HINT);
@@ -5045,6 +6419,7 @@ void bench_sha512_224(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5063,7 +6438,11 @@ void bench_sha512_224(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5077,13 +6456,21 @@ void bench_sha512_224(int useDeviceID)
ret = wc_Sha512_224Final(hash, digest[0]);
if (ret != 0)
goto exit_sha512_224;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha512_224:
bench_stats_sym_finish("SHA-512/224", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5102,6 +6489,7 @@ void bench_sha512_256(int useDeviceID)
wc_Sha512_256 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA512_256_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5139,6 +6527,7 @@ void bench_sha512_256(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5157,7 +6546,11 @@ void bench_sha512_256(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5171,13 +6564,21 @@ void bench_sha512_256(int useDeviceID)
ret = wc_Sha512_256Final(hash, digest[0]);
if (ret != 0)
goto exit_sha512_256;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha512_256:
bench_stats_sym_finish("SHA-512/256", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5199,6 +6600,7 @@ void bench_sha3_224(int useDeviceID)
wc_Sha3 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA3_224_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5236,6 +6638,7 @@ void bench_sha3_224(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5254,7 +6657,11 @@ void bench_sha3_224(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5268,13 +6675,21 @@ void bench_sha3_224(int useDeviceID)
ret = wc_Sha3_224_Final(hash, digest[0]);
if (ret != 0)
goto exit_sha3_224;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha3_224:
bench_stats_sym_finish("SHA3-224", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5291,6 +6706,7 @@ void bench_sha3_256(int useDeviceID)
{
wc_Sha3 hash[BENCH_MAX_PENDING];
double start;
+ DECLARE_MULTI_VALUE_STATS_VARS()
int ret = 0, i, count = 0, times, pending = 0;
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA3_256_DIGEST_SIZE, HEAP_HINT);
@@ -5329,6 +6745,7 @@ void bench_sha3_256(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5347,7 +6764,11 @@ void bench_sha3_256(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5361,13 +6782,21 @@ void bench_sha3_256(int useDeviceID)
ret = wc_Sha3_256_Final(hash, digest[0]);
if (ret != 0)
goto exit_sha3_256;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha3_256:
bench_stats_sym_finish("SHA3-256", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5385,6 +6814,7 @@ void bench_sha3_384(int useDeviceID)
wc_Sha3 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA3_384_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5422,6 +6852,7 @@ void bench_sha3_384(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5440,7 +6871,11 @@ void bench_sha3_384(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5454,13 +6889,21 @@ void bench_sha3_384(int useDeviceID)
ret = wc_Sha3_384_Final(hash, digest[0]);
if (ret != 0)
goto exit_sha3_384;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha3_384:
bench_stats_sym_finish("SHA3-384", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5478,6 +6921,7 @@ void bench_sha3_512(int useDeviceID)
wc_Sha3 hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA3_512_DIGEST_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5515,6 +6959,7 @@ void bench_sha3_512(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5533,7 +6978,11 @@ void bench_sha3_512(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5547,13 +6996,21 @@ void bench_sha3_512(int useDeviceID)
ret = wc_Sha3_512_Final(hash, digest[0]);
if (ret != 0)
goto exit_sha3_512;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_sha3_512:
bench_stats_sym_finish("SHA3-512", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5571,6 +7028,7 @@ void bench_shake128(int useDeviceID)
wc_Shake hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA3_128_BLOCK_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5608,6 +7066,7 @@ void bench_shake128(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5627,7 +7086,11 @@ void bench_shake128(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5642,13 +7105,21 @@ void bench_shake128(int useDeviceID)
WC_SHA3_128_BLOCK_SIZE);
if (ret != 0)
goto exit_shake128;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_shake128:
bench_stats_sym_finish("SHAKE128", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5666,6 +7137,7 @@ void bench_shake256(int useDeviceID)
wc_Shake hash[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_SHA3_256_BLOCK_SIZE, HEAP_HINT);
WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5703,6 +7175,7 @@ void bench_shake256(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
@@ -5722,7 +7195,11 @@ void bench_shake256(int useDeviceID)
}
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5737,13 +7214,21 @@ void bench_shake256(int useDeviceID)
WC_SHA3_256_BLOCK_SIZE);
if (ret != 0)
goto exit_shake256;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
exit_shake256:
bench_stats_sym_finish("SHAKE256", useDeviceID, count, bench_size,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -5756,6 +7241,110 @@ exit:
#endif /* WOLFSSL_SHAKE256 */
#endif
+#ifdef WOLFSSL_SM3
+void bench_sm3(int useDeviceID)
+{
+ wc_Sm3 hash[BENCH_MAX_PENDING];
+ double start;
+ int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+ WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING, WC_SM3_DIGEST_SIZE,
+ HEAP_HINT);
+ WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING, WC_SM3_DIGEST_SIZE,
+ HEAP_HINT);
+
+ /* clear for done cleanup */
+ XMEMSET(hash, 0, sizeof(hash));
+
+ if (digest_stream) {
+ /* init keys */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ ret = wc_InitSm3(&hash[i], HEAP_HINT,
+ useDeviceID ? devId: INVALID_DEVID);
+ if (ret != 0) {
+ printf("InitSm3 failed, ret = %d\n", ret);
+ goto exit;
+ }
+ }
+
+ bench_stats_start(&count, &start);
+ do {
+ for (times = 0; times < numBlocks || pending > 0; ) {
+ bench_async_poll(&pending);
+
+ /* while free pending slots in queue, submit ops */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&hash[i]),
+ 0, &times, numBlocks, &pending)) {
+ ret = wc_Sm3Update(&hash[i], bench_plain,
+ bench_size);
+ if (!bench_async_handle(&ret,
+ BENCH_ASYNC_GET_DEV(&hash[i]), 0, &times, &pending)) {
+ goto exit_sm3;
+ }
+ }
+ } /* for i */
+ RECORD_MULTI_VALUE_STATS();
+ } /* for times */
+ count += times;
+
+ times = 0;
+ do {
+ bench_async_poll(&pending);
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&hash[i]),
+ 0, &times, numBlocks, &pending)) {
+ ret = wc_Sm3Final(&hash[i], digest[i]);
+ if (!bench_async_handle(&ret,
+ BENCH_ASYNC_GET_DEV(&hash[i]), 0, &times, &pending)) {
+ goto exit_sm3;
+ }
+ }
+ } /* for i */
+ } while (pending > 0);
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
+ }
+ else {
+ bench_stats_start(&count, &start);
+ do {
+ for (times = 0; times < numBlocks; times++) {
+ ret = wc_InitSm3(hash, HEAP_HINT,
+ useDeviceID ? devId: INVALID_DEVID);
+ if (ret == 0)
+ ret = wc_Sm3Update(hash, bench_plain, bench_size);
+ if (ret == 0)
+ ret = wc_Sm3Final(hash, digest[0]);
+ if (ret != 0)
+ goto exit_sm3;
+ RECORD_MULTI_VALUE_STATS();
+ } /* for times */
+ count += times;
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
+ }
+exit_sm3:
+ bench_stats_sym_finish("SM3", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+exit:
+
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ wc_Sm3Free(&hash[i]);
+ }
+
+ WC_FREE_ARRAY(digest, BENCH_MAX_PENDING, HEAP_HINT);
+}
+#endif
+
#ifdef WOLFSSL_RIPEMD
void bench_ripemd(void)
@@ -5764,6 +7353,7 @@ void bench_ripemd(void)
byte digest[RIPEMD_DIGEST_SIZE];
double start;
int i, count, ret = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
if (digest_stream) {
ret = wc_InitRipeMd(&hash);
@@ -5780,6 +7370,7 @@ void bench_ripemd(void)
printf("wc_RipeMdUpdate failed, retval %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
ret = wc_RipeMdFinal(&hash, digest);
if (ret != 0) {
@@ -5788,7 +7379,11 @@ void bench_ripemd(void)
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5809,11 +7404,19 @@ void bench_ripemd(void)
printf("wc_RipeMdFinal failed, retval %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
bench_stats_sym_finish("RIPEMD", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
return;
}
@@ -5827,6 +7430,7 @@ void bench_blake2b(void)
byte digest[64];
double start;
int ret = 0, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
if (digest_stream) {
ret = wc_InitBlake2b(&b2b, 64);
@@ -5843,6 +7447,7 @@ void bench_blake2b(void)
printf("Blake2bUpdate failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
ret = wc_Blake2bFinal(&b2b, digest, 64);
if (ret != 0) {
@@ -5850,7 +7455,11 @@ void bench_blake2b(void)
return;
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5871,11 +7480,19 @@ void bench_blake2b(void)
printf("Blake2bFinal failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
bench_stats_sym_finish("BLAKE2b", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif
@@ -5886,6 +7503,7 @@ void bench_blake2s(void)
byte digest[32];
double start;
int ret = 0, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
if (digest_stream) {
ret = wc_InitBlake2s(&b2s, 32);
@@ -5902,6 +7520,7 @@ void bench_blake2s(void)
printf("Blake2sUpdate failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
ret = wc_Blake2sFinal(&b2s, digest, 32);
if (ret != 0) {
@@ -5909,7 +7528,11 @@ void bench_blake2s(void)
return;
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
else {
bench_stats_start(&count, &start);
@@ -5930,11 +7553,19 @@ void bench_blake2s(void)
printf("Blake2sFinal failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
}
bench_stats_sym_finish("BLAKE2s", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif
@@ -5948,6 +7579,7 @@ static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
word32 digestSz = sizeof(digest);
double start;
int ret, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef WOLFSSL_SECO_CAAM
unsigned int keyID;
int keyGroup = 1; /* group one was chosen arbitrarily */
@@ -5992,6 +7624,7 @@ static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
printf("CmacUpdate failed, ret = %d\n", ret);
return;
}
+ RECORD_MULTI_VALUE_STATS();
}
/* Note: final force zero's the Cmac struct */
ret = wc_CmacFinal(&cmac, digest, &digestSz);
@@ -6000,8 +7633,16 @@ static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
return;
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish(outMsg, useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
void bench_cmac(int useDeviceID)
@@ -6023,6 +7664,7 @@ void bench_scrypt(void)
byte derived[64];
double start;
int ret, i, count;
+ DECLARE_MULTI_VALUE_STATS_VARS()
bench_stats_start(&count, &start);
do {
@@ -6034,11 +7676,20 @@ void bench_scrypt(void)
printf("scrypt failed, ret = %d\n", ret);
goto exit;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit:
bench_stats_asym_finish("scrypt", 17, "", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif /* HAVE_SCRYPT */
@@ -6051,6 +7702,7 @@ static void bench_hmac(int useDeviceID, int type, int digestSz,
Hmac hmac[BENCH_MAX_PENDING];
double start;
int ret = 0, i, count = 0, times, pending = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef WOLFSSL_ASYNC_CRYPT
WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
WC_MAX_DIGEST_SIZE, HEAP_HINT);
@@ -6117,11 +7769,20 @@ static void bench_hmac(int useDeviceID, int type, int digestSz,
goto exit_hmac;
}
}
+ RECORD_MULTI_VALUE_STATS();
} /* for i */
} while (pending > 0);
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_hmac:
bench_stats_sym_finish(label, useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -6246,14 +7907,24 @@ void bench_pbkdf2(void)
0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06,
0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
byte derived[32];
+ DECLARE_MULTI_VALUE_STATS_VARS()
bench_stats_start(&count, &start);
do {
ret = wc_PBKDF2(derived, (const byte*)passwd32, (int)XSTRLEN(passwd32),
salt32, (int)sizeof(salt32), 1000, 32, WC_SHA256);
count++;
- } while (bench_stats_check(start));
+ RECORD_MULTI_VALUE_STATS();
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("PBKDF2", 32, count, 32, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#endif /* !NO_PWDBASED */
@@ -6267,26 +7938,149 @@ void bench_siphash(void)
const char* passwd16 = "passwordpassword";
byte out[16];
int i;
+ DECLARE_MULTI_VALUE_STATS_VARS()
bench_stats_start(&count, &start);
do {
for (i = 0; i < numBlocks; i++) {
ret = wc_SipHash((const byte*)passwd16, bench_plain, bench_size,
out, 8);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("SipHash-8", 1, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
bench_stats_start(&count, &start);
do {
for (i = 0; i < numBlocks; i++) {
ret = wc_SipHash((const byte*)passwd16, bench_plain, bench_size,
out, 16);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_sym_finish("SipHash-16", 1, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+}
+#endif
+
+#ifdef WC_SRTP_KDF
+void bench_srtpkdf(void)
+{
+ double start;
+ int count;
+ int ret = 0;
+ byte keyE[32];
+ byte keyA[20];
+ byte keyS[14];
+ const byte *key = bench_key_buf;
+ const byte salt[14] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e };
+ const byte index[6] = { 0x55, 0xAA, 0x55, 0xAA, 0x55, 0xAA };
+ int kdrIdx = 0;
+ int i;
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_SRTP_KDF(key, AES_128_KEY_SIZE, salt, sizeof(salt),
+ kdrIdx, index, keyE, AES_128_KEY_SIZE, keyA, sizeof(keyA),
+ keyS, sizeof(keyS));
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+ bench_stats_asym_finish("KDF", 128, "SRTP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_SRTP_KDF(key, AES_256_KEY_SIZE, salt, sizeof(salt),
+ kdrIdx, index, keyE, AES_256_KEY_SIZE, keyA, sizeof(keyA),
+ keyS, sizeof(keyS));
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+ bench_stats_asym_finish("KDF", 256, "SRTP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_SRTCP_KDF(key, AES_128_KEY_SIZE, salt, sizeof(salt),
+ kdrIdx, index, keyE, AES_128_KEY_SIZE, keyA, sizeof(keyA),
+ keyS, sizeof(keyS));
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+ bench_stats_asym_finish("KDF", 128, "SRTCP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ bench_stats_start(&count, &start);
+ do {
+ for (i = 0; i < numBlocks; i++) {
+ ret = wc_SRTCP_KDF(key, AES_256_KEY_SIZE, salt, sizeof(salt),
+ kdrIdx, index, keyE, AES_256_KEY_SIZE, keyA, sizeof(keyA),
+ keyS, sizeof(keyS));
+ RECORD_MULTI_VALUE_STATS();
+ }
+ count += i;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+ bench_stats_asym_finish("KDF", 256, "SRTCP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
}
#endif
@@ -6304,6 +8098,7 @@ static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
int ret = 0, i, count = 0, times, pending = 0;
const long rsa_e_val = WC_RSA_EXPONENT;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef WOLFSSL_SMALL_STACK
genKey = (RsaKey *)XMALLOC(sizeof(*genKey) * BENCH_MAX_PENDING,
@@ -6342,12 +8137,21 @@ static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit:
bench_stats_asym_finish("RSA", (int)keySz, desc[2], useDeviceID, count,
start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
/* cleanup */
for (i = 0; i < BENCH_MAX_PENDING; i++) {
@@ -6498,6 +8302,7 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
#endif
double start = 0.0F;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifndef WOLFSSL_RSA_VERIFY_ONLY
WC_DECLARE_VAR(message, byte, TEST_STRING_SZ, HEAP_HINT);
#endif
@@ -6563,12 +8368,21 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
+
exit_rsa_verify:
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[0],
useDeviceID, count, start, ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
#endif /* !WOLFSSL_RSA_VERIFY_ONLY */
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
@@ -6576,6 +8390,8 @@ exit_rsa_verify:
goto exit;
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
/* capture resulting encrypt length */
idx = (word32)(rsaKeySz/8);
@@ -6599,12 +8415,21 @@ exit_rsa_verify:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
+
exit_rsa_pub:
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[1],
useDeviceID, count, start, ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
}
else {
@@ -6629,16 +8454,27 @@ exit_rsa_pub:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
+
exit_rsa_sign:
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[4], useDeviceID,
count, start, ret);
-
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
if (ret < 0) {
goto exit;
}
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
/* capture resulting encrypt length */
@@ -6685,13 +8521,21 @@ exit_rsa_sign:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+ #ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+ #endif
+ );
exit_rsa_verifyinline:
bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[5],
useDeviceID, count, start, ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
exit:
@@ -6947,6 +8791,7 @@ void bench_dh(int useDeviceID)
int paramName = 0;
#endif
#endif
+ DECLARE_MULTI_VALUE_STATS_VARS()
WC_DECLARE_ARRAY(pub, byte, BENCH_MAX_PENDING,
BENCH_DH_KEY_SIZE, HEAP_HINT);
@@ -7083,6 +8928,7 @@ void bench_dh(int useDeviceID)
}
}
+
/* Key Gen */
bench_stats_start(&count, &start);
PRIVATE_KEY_UNLOCK();
@@ -7106,18 +8952,29 @@ void bench_dh(int useDeviceID)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
PRIVATE_KEY_LOCK();
exit_dh_gen:
bench_stats_asym_finish("DH", dhKeySz, desc[2],
useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
if (ret < 0) {
goto exit;
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
/* Generate key to use as other public */
PRIVATE_KEY_UNLOCK();
ret = wc_DhGenerateKeyPair(&dhKey[0], &gRng,
@@ -7146,14 +9003,23 @@ exit_dh_gen:
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
PRIVATE_KEY_LOCK();
exit:
bench_stats_asym_finish("DH", dhKeySz, desc[3],
useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
/* cleanup */
#ifdef WOLFSSL_SMALL_STACK
@@ -7184,6 +9050,7 @@ static void bench_kyber_keygen(int type, const char* name, int keySize,
int ret = 0, times, count, pending = 0;
double start;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* KYBER Make Key */
bench_stats_start(&count, &start);
@@ -7203,13 +9070,20 @@ static void bench_kyber_keygen(int type, const char* name, int keySize,
#endif
if (ret != 0)
goto exit;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- }
- while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit:
bench_stats_asym_finish(name, keySize, desc[2], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
static void bench_kyber_encap(const char* name, int keySize, KyberKey* key)
@@ -7220,6 +9094,7 @@ static void bench_kyber_encap(const char* name, int keySize, KyberKey* key)
byte ct[KYBER_MAX_CIPHER_TEXT_SIZE];
byte ss[KYBER_SS_SZ];
word32 ctSz;
+ DECLARE_MULTI_VALUE_STATS_VARS()
ret = wc_KyberKey_CipherTextSize(key, &ctSz);
if (ret != 0) {
@@ -7240,13 +9115,22 @@ static void bench_kyber_encap(const char* name, int keySize, KyberKey* key)
#endif
if (ret != 0)
goto exit_encap;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- }
- while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_encap:
bench_stats_asym_finish(name, keySize, desc[9], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
/* KYBER Decapsulate */
bench_stats_start(&count, &start);
@@ -7256,13 +9140,20 @@ exit_encap:
ret = wc_KyberKey_Decapsulate(key, ss, ct, ctSz);
if (ret != 0)
goto exit_decap;
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- }
- while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_decap:
bench_stats_asym_finish(name, keySize, desc[13], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
void bench_kyber(int type)
@@ -7299,9 +9190,635 @@ void bench_kyber(int type)
}
#endif
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+/* WC_LMS_PARM_L2_H10_W2
+ * signature length: 9300 */
+static const byte lms_priv_L2_H10_W2[64] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x62,0x62,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xC7,0x74,0x25,0x5B,0x2C,0xE8,0xDA,0x53,
+ 0xF0,0x7C,0x04,0x3F,0x64,0x2D,0x26,0x2C,
+ 0x46,0x1D,0xC8,0x90,0x77,0x59,0xD6,0xC0,
+ 0x56,0x46,0x7D,0x97,0x64,0xF2,0xA3,0xA1,
+ 0xF8,0xD0,0x3B,0x5F,0xAC,0x40,0xB9,0x9E,
+ 0x83,0x67,0xBF,0x92,0x8D,0xFE,0x45,0x79
+};
+
+static const byte lms_pub_L2_H10_W2[60] =
+{
+ 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x06,
+ 0x00,0x00,0x00,0x02,0xF8,0xD0,0x3B,0x5F,
+ 0xAC,0x40,0xB9,0x9E,0x83,0x67,0xBF,0x92,
+ 0x8D,0xFE,0x45,0x79,0x41,0xBC,0x2A,0x3B,
+ 0x9F,0xC0,0x11,0x12,0x93,0xF0,0x5A,0xA5,
+ 0xC1,0x88,0x29,0x79,0x6C,0x3E,0x0A,0x0F,
+ 0xEC,0x3B,0x3E,0xE4,0x38,0xD3,0xD2,0x34,
+ 0x7F,0xC8,0x91,0xB0
+};
+
+/* WC_LMS_PARM_L2_H10_W4
+ * signature length: 5076 */
+static const byte lms_priv_L2_H10_W4[64] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x63,0x63,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xAE,0x28,0x87,0x19,0x4F,0x4B,0x68,0x61,
+ 0x93,0x9A,0xC7,0x0E,0x33,0xB8,0xCE,0x96,
+ 0x66,0x0D,0xC7,0xB1,0xFA,0x94,0x80,0xA2,
+ 0x28,0x9B,0xCF,0xE2,0x08,0xB5,0x25,0xAC,
+ 0xFB,0xB8,0x65,0x5E,0xD1,0xCC,0x31,0xDA,
+ 0x2E,0x49,0x3A,0xEE,0xAF,0x63,0x70,0x5E
+};
+
+static const byte lms_pub_L2_H10_W4[60] =
+{
+ 0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x06,
+ 0x00,0x00,0x00,0x03,0xFB,0xB8,0x65,0x5E,
+ 0xD1,0xCC,0x31,0xDA,0x2E,0x49,0x3A,0xEE,
+ 0xAF,0x63,0x70,0x5E,0xA2,0xD5,0xB6,0x15,
+ 0x33,0x8C,0x9B,0xE9,0xE1,0x91,0x40,0x1A,
+ 0x12,0xE0,0xD7,0xBD,0xE4,0xE0,0x76,0xF5,
+ 0x04,0x90,0x76,0xA5,0x9A,0xA7,0x4E,0xFE,
+ 0x6B,0x9A,0xD3,0x14
+};
+
+/* WC_LMS_PARM_L3_H5_W4
+ * signature length: 7160 */
+static const byte lms_priv_L3_H5_W4[64] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x53,0x53,0x53,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0x38,0xD1,0xBE,0x68,0xD1,0x93,0xE1,0x14,
+ 0x6C,0x8B,0xED,0xE2,0x25,0x88,0xED,0xAC,
+ 0x57,0xBD,0x87,0x9F,0x54,0xF3,0x58,0xD9,
+ 0x4D,0xF5,0x6A,0xBD,0x71,0x99,0x6A,0x28,
+ 0x2F,0xE1,0xFC,0xD1,0xD1,0x0C,0x7C,0xF8,
+ 0xB4,0xDC,0xDF,0x7F,0x14,0x1A,0x7B,0x50
+};
+
+static const byte lms_pub_L3_H5_W4[60] =
+{
+ 0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x05,
+ 0x00,0x00,0x00,0x03,0x2F,0xE1,0xFC,0xD1,
+ 0xD1,0x0C,0x7C,0xF8,0xB4,0xDC,0xDF,0x7F,
+ 0x14,0x1A,0x7B,0x50,0x8E,0x3A,0xD4,0x05,
+ 0x0C,0x95,0x59,0xA0,0xCA,0x7A,0xD8,0xD6,
+ 0x5D,0xBD,0x42,0xBB,0xD5,0x82,0xB8,0x9C,
+ 0x52,0x37,0xB7,0x45,0x03,0xC2,0x06,0xCE,
+ 0xAB,0x4B,0x51,0x39
+};
+
+/* WC_LMS_PARM_L3_H5_W8
+ * signature length: 3992 */
+static const byte lms_priv_L3_H5_W8[64] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x54,0x54,0x54,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xA5,0x46,0x97,0x0C,0xA1,0x3C,0xEA,0x17,
+ 0x5C,0x9D,0x59,0xF4,0x0E,0x27,0x37,0xF3,
+ 0x6A,0x1C,0xF7,0x29,0x4A,0xCC,0xCD,0x7B,
+ 0x4F,0xE7,0x37,0x6E,0xEF,0xC1,0xBD,0xBD,
+ 0x04,0x5D,0x8E,0xDD,0xAA,0x47,0xCC,0xE6,
+ 0xCE,0x78,0x46,0x20,0x41,0x87,0xE0,0x85
+};
+
+static const byte lms_pub_L3_H5_W8[60] =
+{
+ 0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x05,
+ 0x00,0x00,0x00,0x04,0x04,0x5D,0x8E,0xDD,
+ 0xAA,0x47,0xCC,0xE6,0xCE,0x78,0x46,0x20,
+ 0x41,0x87,0xE0,0x85,0x0D,0x2C,0x46,0xB9,
+ 0x39,0x8C,0xA3,0x92,0x4F,0xCE,0x50,0x96,
+ 0x90,0x9C,0xF3,0x36,0x2E,0x09,0x15,0x3B,
+ 0x4B,0x34,0x17,0xE7,0xE2,0x55,0xFC,0x5B,
+ 0x83,0xAB,0x43,0xAF
+};
+
+/* WC_LMS_PARM_L3_H10_W4
+ * signature length: 7640 */
+static const byte lms_priv_L3_H10_W4[64] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x63,0x63,0x63,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xDF,0x98,0xAB,0xEC,0xFE,0x13,0x9F,0xF8,
+ 0xD7,0x2B,0x4F,0x4C,0x79,0x34,0xB8,0x89,
+ 0x24,0x6B,0x26,0x7D,0x7A,0x2E,0xA2,0xCB,
+ 0x82,0x75,0x4E,0x96,0x54,0x49,0xED,0xA0,
+ 0xAF,0xC7,0xA5,0xEE,0x8A,0xA2,0x83,0x99,
+ 0x4B,0x18,0x59,0x2B,0x66,0xC0,0x32,0xDB
+};
+
+static const byte lms_pub_L3_H10_W4[60] =
+{
+ 0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x06,
+ 0x00,0x00,0x00,0x03,0xAF,0xC7,0xA5,0xEE,
+ 0x8A,0xA2,0x83,0x99,0x4B,0x18,0x59,0x2B,
+ 0x66,0xC0,0x32,0xDB,0xC4,0x18,0xEB,0x11,
+ 0x17,0x7D,0xAA,0x93,0xFD,0xA0,0x70,0x4D,
+ 0x68,0x4B,0x63,0x8F,0xC2,0xE7,0xCA,0x34,
+ 0x14,0x31,0x0D,0xAA,0x18,0xBF,0x9B,0x32,
+ 0x8D,0x78,0xD5,0xA8
+};
+
+/* WC_LMS_PARM_L4_H5_W8
+ * signature length: 5340 */
+static const byte lms_priv_L4_H5_W8[64] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x54,0x54,0x54,0x54,0xFF,0xFF,0xFF,0xFF,
+ 0x46,0x8F,0x2A,0x4A,0x14,0x26,0xF0,0x89,
+ 0xFE,0xED,0x66,0x0F,0x73,0x69,0xB1,0x4C,
+ 0x47,0xA1,0x35,0x9F,0x7B,0xBA,0x08,0x03,
+ 0xEE,0xA2,0xEB,0xAD,0xB4,0x82,0x52,0x1F,
+ 0xFD,0x9B,0x22,0x82,0x42,0x1A,0x96,0x1E,
+ 0xE4,0xA1,0x9C,0x33,0xED,0xE6,0x9F,0xAB
+};
+
+static const byte lms_pub_L4_H5_W8[60] =
+{
+ 0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x05,
+ 0x00,0x00,0x00,0x04,0xFD,0x9B,0x22,0x82,
+ 0x42,0x1A,0x96,0x1E,0xE4,0xA1,0x9C,0x33,
+ 0xED,0xE6,0x9F,0xAB,0x6B,0x47,0x05,0x5B,
+ 0xA7,0xAD,0xF6,0x88,0xA5,0x4F,0xCD,0xF1,
+ 0xDA,0x29,0x67,0xC3,0x7F,0x2C,0x11,0xFE,
+ 0x85,0x1A,0x7A,0xD8,0xD5,0x46,0x74,0x3B,
+ 0x74,0x24,0x12,0xC8
+};
+
+static int lms_write_key_mem(const byte * priv, word32 privSz, void *context)
+{
+ /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! Production applications should
+ * write only to non-volatile storage. */
+ XMEMCPY(context, priv, privSz);
+ return WC_LMS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static int lms_read_key_mem(byte * priv, word32 privSz, void *context)
+{
+ /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! */
+ XMEMCPY(priv, context, privSz);
+ return WC_LMS_RC_READ_TO_MEMORY;
+}
+
+static void bench_lms_sign_verify(enum wc_LmsParm parm)
+{
+ LmsKey key;
+ int ret = 0;
+ const char * msg = TEST_STRING;
+ word32 msgSz = TEST_STRING_SZ;
+ byte * sig = NULL;
+ word32 sigSz = 0;
+ word32 privLen = 0;
+ int loaded = 0;
+ int times = 0;
+ int count = 0;
+ double start = 0.0F;
+ byte priv[HSS_MAX_PRIVATE_KEY_LEN];
+ const char * str = wc_LmsKey_ParmToStr(parm);
+
+ ret = wc_LmsKey_Init(&key, NULL, INVALID_DEVID);
+ if (ret) {
+ printf("wc_LmsKey_Init failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ ret = wc_LmsKey_SetLmsParm(&key, parm);
+ if (ret) {
+ printf("wc_LmsKey_SetLmsParm failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ switch (parm) {
+ case WC_LMS_PARM_L2_H10_W2:
+ XMEMCPY(priv, lms_priv_L2_H10_W2, sizeof(lms_priv_L2_H10_W2));
+ XMEMCPY(key.pub, lms_pub_L2_H10_W2, sizeof(lms_pub_L2_H10_W2));
+ break;
+
+ case WC_LMS_PARM_L2_H10_W4:
+ XMEMCPY(priv, lms_priv_L2_H10_W4, sizeof(lms_priv_L2_H10_W4));
+ XMEMCPY(key.pub, lms_pub_L2_H10_W4, sizeof(lms_pub_L2_H10_W4));
+ break;
+
+ case WC_LMS_PARM_L3_H5_W4:
+ XMEMCPY(priv, lms_priv_L3_H5_W4, sizeof(lms_priv_L3_H5_W4));
+ XMEMCPY(key.pub, lms_pub_L3_H5_W4, sizeof(lms_pub_L3_H5_W4));
+ break;
+
+ case WC_LMS_PARM_L3_H5_W8:
+ XMEMCPY(priv, lms_priv_L3_H5_W8, sizeof(lms_priv_L3_H5_W8));
+ XMEMCPY(key.pub, lms_pub_L3_H5_W8, sizeof(lms_pub_L3_H5_W8));
+ break;
+
+ case WC_LMS_PARM_L3_H10_W4:
+ XMEMCPY(priv, lms_priv_L3_H10_W4, sizeof(lms_priv_L3_H10_W4));
+ XMEMCPY(key.pub, lms_pub_L3_H10_W4, sizeof(lms_pub_L3_H10_W4));
+ break;
+
+ case WC_LMS_PARM_L4_H5_W8:
+ XMEMCPY(priv, lms_priv_L4_H5_W8, sizeof(lms_priv_L4_H5_W8));
+ XMEMCPY(key.pub, lms_pub_L4_H5_W8, sizeof(lms_pub_L4_H5_W8));
+ break;
+
+ case WC_LMS_PARM_NONE:
+ case WC_LMS_PARM_L1_H15_W2:
+ case WC_LMS_PARM_L1_H15_W4:
+ case WC_LMS_PARM_L2_H10_W8:
+ case WC_LMS_PARM_L3_H5_W2:
+ printf("bench_lms_sign_verify: unsupported benchmark option: %d\n",
+ parm);
+ goto exit_lms_sign_verify;
+ }
+
+ ret = wc_LmsKey_SetWriteCb(&key, lms_write_key_mem);
+ if (ret) {
+ fprintf(stderr, "error: wc_LmsKey_SetWriteCb failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ ret = wc_LmsKey_SetReadCb(&key, lms_read_key_mem);
+ if (ret) {
+ fprintf(stderr, "error: wc_LmsKey_SetReadCb failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ ret = wc_LmsKey_SetContext(&key, (void *) priv);
+ if (ret) {
+ fprintf(stderr, "error: wc_LmsKey_SetContext failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ /* Even with saved priv/pub keys, we must still reload the private
+ * key before using it. Reloading the private key is the bottleneck
+ * for larger heights. Only print load time in debug builds. */
+#if defined(DEBUG_WOLFSSL)
+ bench_stats_start(&count, &start);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+ ret = wc_LmsKey_Reload(&key);
+ if (ret) {
+ printf("wc_LmsKey_Reload failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ count +=1;
+
+ ret = wc_LmsKey_GetSigLen(&key, &sigSz);
+ if (ret) {
+ printf("wc_LmsKey_GetSigLen failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+ ret = wc_LmsKey_GetPrivLen(&key, &privLen);
+ if (ret) {
+ printf("wc_LmsKey_GetPrivLen failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+
+#if defined(DEBUG_WOLFSSL)
+ bench_stats_check(start);
+ bench_stats_asym_finish(str, (int)privLen, "load", 0,
+ count, start, ret);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+ loaded = 1;
+
+ sig = XMALLOC(sigSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sig == NULL) {
+ printf("bench_lms_sign_verify malloc failed\n");
+ goto exit_lms_sign_verify;
+ }
+
+ count = 0;
+ bench_stats_start(&count, &start);
+
+ do {
+ /* LMS is stateful. Async queuing not practical. */
+ for (times = 0; times < ntimes; ++times) {
+
+ ret = wc_LmsKey_Sign(&key, sig, &sigSz, (byte *) msg, msgSz);
+ if (ret) {
+ printf("wc_LmsKey_Sign failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+ RECORD_MULTI_VALUE_STATS();
+ }
+
+ count += times;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ bench_stats_asym_finish(str, (int)sigSz, "sign", 0,
+ count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
+ count = 0;
+ bench_stats_start(&count, &start);
+
+ do {
+ /* LMS is stateful. Async queuing not practical. */
+ for (times = 0; times < ntimes; ++times) {
+ ret = wc_LmsKey_Verify(&key, sig, sigSz, (byte *) msg, msgSz);
+ if (ret) {
+ printf("wc_LmsKey_Verify failed: %d\n", ret);
+ goto exit_lms_sign_verify;
+ }
+ RECORD_MULTI_VALUE_STATS();
+ }
+
+ count += times;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+exit_lms_sign_verify:
+ bench_stats_asym_finish(str, (int)sigSz, "verify", 0,
+ count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+
+ if (loaded) {
+ wc_LmsKey_Free(&key);
+ loaded = 0;
+ }
+
+ if (sig != NULL) {
+ XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ sig = NULL;
+ }
+
+ return;
+}
+
+void bench_lms(void)
+{
+ bench_lms_sign_verify(WC_LMS_PARM_L2_H10_W2);
+ bench_lms_sign_verify(WC_LMS_PARM_L2_H10_W4);
+ bench_lms_sign_verify(WC_LMS_PARM_L3_H5_W4);
+ bench_lms_sign_verify(WC_LMS_PARM_L3_H5_W8);
+ bench_lms_sign_verify(WC_LMS_PARM_L3_H10_W4);
+ bench_lms_sign_verify(WC_LMS_PARM_L4_H5_W8);
+ return;
+}
+
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
+
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+
+static enum wc_XmssRc xmss_write_key_mem(const byte * priv, word32 privSz,
+ void *context)
+{
+ /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! Production applications should
+ * write only to non-volatile storage. */
+ XMEMCPY(context, priv, privSz);
+ return WC_XMSS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static enum wc_XmssRc xmss_read_key_mem(byte * priv, word32 privSz,
+ void *context)
+{
+ /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! */
+ XMEMCPY(priv, context, privSz);
+ return WC_XMSS_RC_READ_TO_MEMORY;
+}
+
+static void bench_xmss_sign_verify(const char * params)
+{
+ WC_RNG rng;
+ XmssKey key;
+ word32 pkSz = 0;
+ word32 skSz = 0;
+ int freeRng = 0;
+ int freeKey = 0;
+ unsigned char * sk = NULL;
+ const char * msg = "XMSS post quantum signature test";
+ word32 msgSz = (word32) XSTRLEN(msg);
+ int ret = 0;
+ byte * sig = NULL;
+ word32 sigSz = 0;
+ int times = 0;
+ int count = 0;
+ double start = 0.0F;
+
+#ifndef HAVE_FIPS
+ ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
+#else
+ ret = wc_InitRng(&rng);
+#endif
+ if (ret != 0) {
+ fprintf(stderr, "error: wc_InitRng failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+ freeRng = 1;
+
+ ret = wc_XmssKey_Init(&key, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ fprintf(stderr, "wc_XmssKey_Init failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_SetParamStr(&key, params);
+ if (ret != 0) {
+ fprintf(stderr, "wc_XmssKey_SetParamStr failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_GetPubLen(&key, &pkSz);
+ if (pkSz != XMSS_SHA256_PUBLEN) {
+ fprintf(stderr, "error: xmss pub len: got %d, expected %d\n", pkSz,
+ XMSS_SHA256_PUBLEN);
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_GetPrivLen(&key, &skSz);
+ if (ret != 0 || skSz <= 0) {
+ fprintf(stderr, "error: wc_XmssKey_GetPrivLen failed\n");
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_GetSigLen(&key, &sigSz);
+ if (ret != 0 || sigSz <= 0) {
+ fprintf(stderr, "error: wc_XmssKey_GetSigLen failed\n");
+ goto exit_xmss_sign_verify;
+ }
+
+ /* Allocate secret keys.*/
+ sk = (unsigned char *)XMALLOC(skSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sk == NULL) {
+ fprintf(stderr, "error: allocate xmss sk failed\n");
+ goto exit_xmss_sign_verify;
+ }
+
+ /* Allocate signature array. */
+ sig = (byte *)XMALLOC(sigSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sig == NULL) {
+ fprintf(stderr, "error: allocate xmss sig failed\n");
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_SetWriteCb(&key, xmss_write_key_mem);
+ if (ret != 0) {
+ fprintf(stderr, "error: wc_XmssKey_SetWriteCb failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_SetReadCb(&key, xmss_read_key_mem);
+ if (ret != 0) {
+ fprintf(stderr, "error: wc_XmssKey_SetReadCb failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+ ret = wc_XmssKey_SetContext(&key, (void *) sk);
+ if (ret != 0) {
+ fprintf(stderr, "error: wc_XmssKey_SetContext failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
+ fprintf(stderr, "params: %s\n", params);
+ fprintf(stderr, "pkSz: %d\n", pkSz);
+ fprintf(stderr, "skSz: %d\n", skSz);
+ fprintf(stderr, "sigSz: %d\n", sigSz);
+#endif
+
+ /* Making the private key is the bottleneck
+ * for larger heights. Only print load time in debug builds. */
+#if defined(DEBUG_WOLFSSL)
+ bench_stats_start(&count, &start);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+ ret = wc_XmssKey_MakeKey(&key, &rng);
+ if (ret != 0) {
+ printf("wc_XmssKey_MakeKey failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+
+ count +=1;
+
+#if defined(DEBUG_WOLFSSL)
+ bench_stats_check(start);
+ bench_stats_asym_finish(params, (int)skSz, "load", 0,
+ count, start, ret);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+ freeKey = 1;
+
+ count = 0;
+ bench_stats_start(&count, &start);
+
+ do {
+ /* XMSS is stateful. Async queuing not practical. */
+ for (times = 0; times < ntimes; ++times) {
+
+ ret = wc_XmssKey_Sign(&key, sig, &sigSz, (byte *) msg, msgSz);
+ if (ret) {
+ printf("wc_XmssKey_Sign failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+ }
+
+ count += times;
+ } while (bench_stats_check(start));
+
+ bench_stats_asym_finish(params, (int)sigSz, "sign", 0,
+ count, start, ret);
+
+ count = 0;
+ bench_stats_start(&count, &start);
+
+ do {
+ /* XMSS is stateful. Async queuing not practical. */
+ for (times = 0; times < ntimes; ++times) {
+ ret = wc_XmssKey_Verify(&key, sig, sigSz, (byte *) msg, msgSz);
+ if (ret) {
+ printf("wc_XmssKey_Verify failed: %d\n", ret);
+ goto exit_xmss_sign_verify;
+ }
+ }
+
+ count += times;
+ } while (bench_stats_check(start));
+
+exit_xmss_sign_verify:
+ bench_stats_asym_finish(params, (int)sigSz, "verify", 0,
+ count, start, ret);
+
+ /* Cleanup everything. */
+ if (sig != NULL) {
+ XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ sig = NULL;
+ }
+
+ if (sk != NULL) {
+ XFREE(sk, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ sk = NULL;
+ }
+
+ if (freeRng) {
+ wc_FreeRng(&rng);
+ freeRng = 0;
+ }
+
+ if (freeKey) {
+ wc_XmssKey_Free(&key);
+ freeKey = 0;
+ }
+
+ return;
+}
+
+void bench_xmss(void)
+{
+ /* All NIST SP 800-208 approved SHA256 XMSS/XMSS^MT parameter
+ * sets.
+ *
+ * Note: not testing "XMSS-SHA2_16_256", "XMSS-SHA2_20_256",
+ * and "XMSSMT-SHA2_60/3_256", because their keygen can be
+ * very slow, their signatures and private keys quite large,
+ * and xmss private keys are not portable across different
+ * XMSS/XMSS^MT implementations.
+ *
+ * The bottleneck in key generation is the height of the first
+ * level tree (or h/d).
+ *
+ * h is the total height of the hyper tree, and d the number of
+ * trees.
+ * */
+ /* h/d h d */
+ bench_xmss_sign_verify("XMSS-SHA2_10_256"); /* 10 10 1 */
+ /* bench_xmss_sign_verify("XMSS-SHA2_16_256"); */ /* 16 16 1 */
+ /* bench_xmss_sign_verify("XMSS-SHA2_20_256"); */ /* 20 20 1 */
+ bench_xmss_sign_verify("XMSSMT-SHA2_20/2_256"); /* 10 20 2 */
+ bench_xmss_sign_verify("XMSSMT-SHA2_20/4_256"); /* 5 20 4 */
+ bench_xmss_sign_verify("XMSSMT-SHA2_40/4_256"); /* 10 40 4 */
+ bench_xmss_sign_verify("XMSSMT-SHA2_40/8_256"); /* 5 40 8 */
+ /* bench_xmss_sign_verify("XMSSMT-SHA2_60/3_256"); */ /* 20 60 3 */
+ bench_xmss_sign_verify("XMSSMT-SHA2_60/6_256"); /* 10 60 6 */
+ bench_xmss_sign_verify("XMSSMT-SHA2_60/12_256"); /* 5 60 12 */
+ return;
+}
+#endif /* if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY) */
+
#ifdef HAVE_ECC
-/* +8 for 'ECDSA [%s]' and null terminator */
+/* Maximum ECC name plus null terminator:
+ * "ECC [%15s]" and "ECDHE [%15s]" and "ECDSA [%15s]" */
#define BENCH_ECC_NAME_SZ (ECC_MAXNAME + 8)
/* run all benchmarks on a curve */
@@ -7343,6 +9860,7 @@ void bench_eccMakeKey(int useDeviceID, int curveId)
char name[BENCH_ECC_NAME_SZ];
double start;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef WOLFSSL_SMALL_STACK
genKey = (ecc_key *)XMALLOC(sizeof(*genKey) * BENCH_MAX_PENDING,
@@ -7386,15 +9904,23 @@ void bench_eccMakeKey(int useDeviceID, int curveId)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit:
(void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECC [%15s]",
wc_ecc_get_name(curveId));
bench_stats_asym_finish(name, keySize * 8, desc[2],
useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
/* cleanup */
for (i = 0; i < BENCH_MAX_PENDING; i++) {
@@ -7435,6 +9961,7 @@ void bench_ecc(int useDeviceID, int curveId)
word32 x[BENCH_MAX_PENDING];
double start = 0;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef HAVE_ECC_DHE
WC_DECLARE_ARRAY(shared, byte,
@@ -7539,9 +10066,15 @@ void bench_ecc(int useDeviceID, int curveId)
}
}
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
PRIVATE_KEY_UNLOCK();
exit_ecdhe:
(void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDHE [%15s]",
@@ -7549,10 +10082,16 @@ exit_ecdhe:
bench_stats_asym_finish(name, keySize * 8, desc[3],
useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
if (ret < 0) {
goto exit;
}
+
#endif /* HAVE_ECC_DHE */
#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
@@ -7589,9 +10128,14 @@ exit_ecdhe:
}
} /* bench_async_check */
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_ecdsa_sign:
(void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
@@ -7599,6 +10143,11 @@ exit_ecdsa_sign:
bench_stats_asym_finish(name, keySize * 8, desc[4],
useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
if (ret < 0) {
goto exit;
@@ -7632,9 +10181,14 @@ exit_ecdsa_sign:
}
} /* if bench_async_check */
} /* for i */
+ RECORD_MULTI_VALUE_STATS();
} /* for times */
count += times;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_ecdsa_verify:
(void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
@@ -7642,6 +10196,9 @@ exit_ecdsa_verify:
bench_stats_asym_finish(name, keySize * 8, desc[5],
useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_ECC_VERIFY */
#endif /* !NO_ASN && HAVE_ECC_SIGN */
@@ -7693,18 +10250,18 @@ void bench_eccEncrypt(int curveId)
ecc_key *userA = NULL, *userB = NULL;
byte *msg = NULL;
byte *out = NULL;
- char *name = NULL;
#else
ecc_key userA[1], userB[1];
byte msg[BENCH_ECCENCRYPT_MSG_SIZE];
byte out[BENCH_ECCENCRYPT_OUT_SIZE];
- char name[BENCH_ECC_NAME_SZ];
#endif
+ char name[BENCH_ECC_NAME_SZ];
int keySize;
word32 bench_plainSz = bench_size;
int ret, i, count;
double start;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#ifdef WOLFSSL_SMALL_STACK
userA = (ecc_key *)XMALLOC(sizeof(*userA),
@@ -7715,9 +10272,7 @@ void bench_eccEncrypt(int curveId)
HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
out = (byte *)XMALLOC(outSz,
HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- name = (char *)XMALLOC(BENCH_ECC_NAME_SZ,
- HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- if ((! userA) || (! userB) || (! msg) || (! out) || (! name)) {
+ if ((! userA) || (! userB) || (! msg) || (! out)) {
printf("bench_eccEncrypt malloc failed\n");
goto exit;
}
@@ -7776,14 +10331,24 @@ void bench_eccEncrypt(int curveId)
printf("wc_ecc_encrypt failed! %d\n", ret);
goto exit_enc;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
exit_enc:
(void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECC [%15s]",
wc_ecc_get_name(curveId));
bench_stats_asym_finish(name, keySize * 8, desc[6], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
bench_stats_start(&count, &start);
do {
@@ -7795,11 +10360,20 @@ exit_enc:
printf("wc_ecc_decrypt failed! %d\n", ret);
goto exit_dec;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_dec:
bench_stats_asym_finish(name, keySize * 8, desc[7], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
exit:
@@ -7817,14 +10391,337 @@ exit:
XFREE(msg, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (out)
XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- if (name)
- XFREE(name, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#else
wc_ecc_free(userB);
wc_ecc_free(userA);
#endif
}
#endif
+
+#ifdef WOLFSSL_SM2
+static void bench_sm2_MakeKey(int useDeviceID)
+{
+ int ret = 0, i, times, count, pending = 0;
+ int deviceID;
+ int keySize;
+ ecc_key genKey[BENCH_MAX_PENDING];
+ char name[BENCH_ECC_NAME_SZ];
+ double start;
+ const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+ deviceID = useDeviceID ? devId : INVALID_DEVID;
+ keySize = wc_ecc_get_curve_size_from_id(ECC_SM2P256V1);
+
+ /* clear for done cleanup */
+ XMEMSET(&genKey, 0, sizeof(genKey));
+
+ /* ECC Make Key */
+ bench_stats_start(&count, &start);
+ do {
+ /* while free pending slots in queue, submit ops */
+ for (times = 0; times < agreeTimes || pending > 0; ) {
+ bench_async_poll(&pending);
+
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 0,
+ &times, agreeTimes, &pending)) {
+
+ wc_ecc_free(&genKey[i]);
+ ret = wc_ecc_init_ex(&genKey[i], HEAP_HINT, deviceID);
+ if (ret < 0) {
+ goto exit;
+ }
+
+ ret = wc_ecc_sm2_make_key(&gRng, &genKey[i],
+ WC_ECC_FLAG_NONE);
+ if (!bench_async_handle(&ret,
+ BENCH_ASYNC_GET_DEV(&genKey[i]), 0, &times,
+ &pending)) {
+ goto exit;
+ }
+ }
+ } /* for i */
+ RECORD_MULTI_VALUE_STATS();
+ } /* for times */
+ count += times;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+exit:
+ (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECC [%15s]",
+ wc_ecc_get_name(ECC_SM2P256V1));
+ bench_stats_asym_finish(name, keySize * 8, desc[2], useDeviceID, count,
+ start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ /* cleanup */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ wc_ecc_free(&genKey[i]);
+ }
+}
+
+
+void bench_sm2(int useDeviceID)
+{
+ int ret = 0, i, times, count, pending = 0;
+ int deviceID;
+ int keySize;
+ char name[BENCH_ECC_NAME_SZ];
+ ecc_key genKey[BENCH_MAX_PENDING];
+#ifdef HAVE_ECC_DHE
+ ecc_key genKey2[BENCH_MAX_PENDING];
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+#ifdef HAVE_ECC_VERIFY
+ int verify[BENCH_MAX_PENDING];
+#endif
+#endif
+ word32 x[BENCH_MAX_PENDING];
+ double start = 0;
+ const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
+
+#ifdef HAVE_ECC_DHE
+ WC_DECLARE_ARRAY(shared, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+ WC_DECLARE_ARRAY(sig, byte, BENCH_MAX_PENDING, ECC_MAX_SIG_SIZE, HEAP_HINT);
+ WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+
+#ifdef HAVE_ECC_DHE
+ WC_INIT_ARRAY(shared, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+ WC_INIT_ARRAY(sig, byte, BENCH_MAX_PENDING, ECC_MAX_SIG_SIZE, HEAP_HINT);
+ WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+ deviceID = useDeviceID ? devId : INVALID_DEVID;
+
+ bench_sm2_MakeKey(useDeviceID);
+
+ /* clear for done cleanup */
+ XMEMSET(&genKey, 0, sizeof(genKey));
+#ifdef HAVE_ECC_DHE
+ XMEMSET(&genKey2, 0, sizeof(genKey2));
+#endif
+
+ keySize = wc_ecc_get_curve_size_from_id(ECC_SM2P256V1);
+
+ /* init keys */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ /* setup an context for each key */
+ if ((ret = wc_ecc_init_ex(&genKey[i], HEAP_HINT, deviceID)) < 0) {
+ goto exit;
+ }
+ ret = wc_ecc_sm2_make_key(&gRng, &genKey[i], WC_ECC_FLAG_NONE);
+ #ifdef WOLFSSL_ASYNC_CRYPT
+ ret = wc_AsyncWait(ret, &genKey[i].asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret < 0) {
+ goto exit;
+ }
+
+ #ifdef HAVE_ECC_DHE
+ if ((ret = wc_ecc_init_ex(&genKey2[i], HEAP_HINT, deviceID)) < 0) {
+ goto exit;
+ }
+ if ((ret = wc_ecc_sm2_make_key(&gRng, &genKey2[i],
+ WC_ECC_FLAG_NONE)) > 0) {
+ goto exit;
+ }
+ #endif
+ }
+
+#ifdef HAVE_ECC_DHE
+#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
+ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
+ !defined(HAVE_SELFTEST)
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ (void)wc_ecc_set_rng(&genKey[i], &gRng);
+ }
+#endif
+
+ /* ECC Shared Secret */
+ bench_stats_start(&count, &start);
+ PRIVATE_KEY_UNLOCK();
+ do {
+ for (times = 0; times < agreeTimes || pending > 0; ) {
+ bench_async_poll(&pending);
+
+ /* while free pending slots in queue, submit ops */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1,
+ &times, agreeTimes, &pending)) {
+ x[i] = (word32)keySize;
+ ret = wc_ecc_sm2_shared_secret(&genKey[i], &genKey2[i],
+ shared[i], &x[i]);
+ if (!bench_async_handle(&ret,
+ BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,
+ &pending)) {
+ goto exit_ecdhe;
+ }
+ }
+ } /* for i */
+ RECORD_MULTI_VALUE_STATS();
+ } /* for times */
+ count += times;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+ PRIVATE_KEY_UNLOCK();
+exit_ecdhe:
+ (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDHE [%15s]",
+ wc_ecc_get_name(ECC_SM2P256V1));
+
+ bench_stats_asym_finish(name, keySize * 8, desc[3], useDeviceID, count,
+ start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ if (ret < 0) {
+ goto exit;
+ }
+#endif /* HAVE_ECC_DHE */
+
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+
+ /* Init digest to sign */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ for (count = 0; count < keySize; count++) {
+ digest[i][count] = (byte)count;
+ }
+ }
+
+ RESET_MULTI_VALUE_STATS_VARS();
+
+ /* ECC Sign */
+ bench_stats_start(&count, &start);
+ do {
+ for (times = 0; times < agreeTimes || pending > 0; ) {
+ bench_async_poll(&pending);
+
+ /* while free pending slots in queue, submit ops */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1,
+ &times, agreeTimes, &pending)) {
+ if (genKey[i].state == 0)
+ x[i] = ECC_MAX_SIG_SIZE;
+ ret = wc_ecc_sm2_sign_hash(digest[i], (word32)keySize,
+ sig[i], &x[i], &gRng, &genKey[i]);
+ if (!bench_async_handle(&ret,
+ BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,
+ &pending)) {
+ goto exit_ecdsa_sign;
+ }
+ }
+ } /* for i */
+ RECORD_MULTI_VALUE_STATS();
+ } /* for times */
+ count += times;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+exit_ecdsa_sign:
+ (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
+ wc_ecc_get_name(ECC_SM2P256V1));
+
+ bench_stats_asym_finish(name, keySize * 8, desc[4], useDeviceID, count,
+ start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ if (ret < 0) {
+ goto exit;
+ }
+
+#ifdef HAVE_ECC_VERIFY
+
+ /* ECC Verify */
+ bench_stats_start(&count, &start);
+ do {
+ for (times = 0; times < agreeTimes || pending > 0; ) {
+ bench_async_poll(&pending);
+
+ /* while free pending slots in queue, submit ops */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1,
+ &times, agreeTimes, &pending)) {
+ if (genKey[i].state == 0)
+ verify[i] = 0;
+ ret = wc_ecc_sm2_verify_hash(sig[i], x[i], digest[i],
+ (word32)keySize, &verify[i], &genKey[i]);
+ if (!bench_async_handle(&ret,
+ BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,
+ &pending)) {
+ goto exit_ecdsa_verify;
+ }
+ }
+ } /* for i */
+ RECORD_MULTI_VALUE_STATS();
+ } /* for times */
+ count += times;
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
+exit_ecdsa_verify:
+ (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
+ wc_ecc_get_name(ECC_SM2P256V1));
+
+ bench_stats_asym_finish(name, keySize * 8, desc[5], useDeviceID, count,
+ start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+#endif /* HAVE_ECC_VERIFY */
+#endif /* !NO_ASN && HAVE_ECC_SIGN */
+
+exit:
+
+ /* cleanup */
+ for (i = 0; i < BENCH_MAX_PENDING; i++) {
+ wc_ecc_free(&genKey[i]);
+ #ifdef HAVE_ECC_DHE
+ wc_ecc_free(&genKey2[i]);
+ #endif
+ }
+
+#ifdef HAVE_ECC_DHE
+ WC_FREE_ARRAY(shared, BENCH_MAX_PENDING, HEAP_HINT);
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+ WC_FREE_ARRAY(sig, BENCH_MAX_PENDING, HEAP_HINT);
+ WC_FREE_ARRAY(digest, BENCH_MAX_PENDING, HEAP_HINT);
+#endif
+
+ (void)useDeviceID;
+ (void)pending;
+ (void)x;
+ (void)count;
+ (void)times;
+ (void)desc;
+ (void)start;
+ (void)name;
+}
+#endif /* WOLFSSL_SM2 */
#endif /* HAVE_ECC */
#ifdef HAVE_CURVE25519
@@ -7834,6 +10731,7 @@ void bench_curve25519KeyGen(int useDeviceID)
double start;
int ret = 0, i, count;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* Key Gen */
bench_stats_start(&count, &start);
@@ -7852,11 +10750,20 @@ void bench_curve25519KeyGen(int useDeviceID)
printf("wc_curve25519_make_key failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("CURVE", 25519, desc[2], useDeviceID, count, start,
ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#ifdef HAVE_CURVE25519_SHARED_SECRET
@@ -7868,6 +10775,7 @@ void bench_curve25519KeyAgree(int useDeviceID)
byte shared[32];
const char**desc = bench_desc_words[lng_index];
word32 x = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
wc_curve25519_init_ex(&genKey, HEAP_HINT,
useDeviceID ? devId : INVALID_DEVID);
@@ -7896,12 +10804,21 @@ void bench_curve25519KeyAgree(int useDeviceID)
printf("curve25519_shared_secret failed: %d\n", ret);
goto exit;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit:
bench_stats_asym_finish("CURVE", 25519, desc[3], useDeviceID, count, start,
ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_curve25519_free(&genKey2);
wc_curve25519_free(&genKey);
@@ -7912,10 +10829,12 @@ exit:
#ifdef HAVE_ED25519
void bench_ed25519KeyGen(void)
{
+#ifdef HAVE_ED25519_MAKE_KEY
ed25519_key genKey;
double start;
int i, count;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* Key Gen */
bench_stats_start(&count, &start);
@@ -7924,16 +10843,28 @@ void bench_ed25519KeyGen(void)
wc_ed25519_init(&genKey);
(void)wc_ed25519_make_key(&gRng, 32, &genKey);
wc_ed25519_free(&genKey);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ED", 25519, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+#endif /* HAVE_ED25519_MAKE_KEY */
}
void bench_ed25519KeySign(void)
{
+#ifdef HAVE_ED25519_MAKE_KEY
int ret;
+#endif
ed25519_key genKey;
#ifdef HAVE_ED25519_SIGN
double start;
@@ -7942,15 +10873,18 @@ void bench_ed25519KeySign(void)
byte msg[512];
word32 x = 0;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#endif
wc_ed25519_init(&genKey);
+#ifdef HAVE_ED25519_MAKE_KEY
ret = wc_ed25519_make_key(&gRng, ED25519_KEY_SIZE, &genKey);
if (ret != 0) {
printf("ed25519_make_key failed\n");
return;
}
+#endif
#ifdef HAVE_ED25519_SIGN
/* make dummy msg */
@@ -7966,11 +10900,22 @@ void bench_ed25519KeySign(void)
printf("ed25519_sign_msg failed\n");
goto exit_ed_sign;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_ed_sign:
bench_stats_asym_finish("ED", 25519, desc[4], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
#ifdef HAVE_ED25519_VERIFY
bench_stats_start(&count, &start);
@@ -7983,11 +10928,20 @@ exit_ed_sign:
printf("ed25519_verify_msg failed\n");
goto exit_ed_verify;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_ed_verify:
bench_stats_asym_finish("ED", 25519, desc[5], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_ED25519_VERIFY */
#endif /* HAVE_ED25519_SIGN */
@@ -8002,6 +10956,7 @@ void bench_curve448KeyGen(void)
double start;
int ret = 0, i, count;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* Key Gen */
bench_stats_start(&count, &start);
@@ -8013,10 +10968,19 @@ void bench_curve448KeyGen(void)
printf("wc_curve448_make_key failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("CURVE", 448, desc[2], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
#ifdef HAVE_CURVE448_SHARED_SECRET
@@ -8028,6 +10992,7 @@ void bench_curve448KeyAgree(void)
byte shared[56];
const char**desc = bench_desc_words[lng_index];
word32 x = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
wc_curve448_init(&genKey);
wc_curve448_init(&genKey2);
@@ -8054,11 +11019,20 @@ void bench_curve448KeyAgree(void)
printf("curve448_shared_secret failed: %d\n", ret);
goto exit;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit:
bench_stats_asym_finish("CURVE", 448, desc[3], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_curve448_free(&genKey2);
wc_curve448_free(&genKey);
@@ -8073,6 +11047,7 @@ void bench_ed448KeyGen(void)
double start;
int i, count;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* Key Gen */
bench_stats_start(&count, &start);
@@ -8081,10 +11056,19 @@ void bench_ed448KeyGen(void)
wc_ed448_init(&genKey);
(void)wc_ed448_make_key(&gRng, ED448_KEY_SIZE, &genKey);
wc_ed448_free(&genKey);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ED", 448, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
@@ -8099,6 +11083,7 @@ void bench_ed448KeySign(void)
byte msg[512];
word32 x = 0;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
#endif
wc_ed448_init(&genKey);
@@ -8124,11 +11109,22 @@ void bench_ed448KeySign(void)
printf("ed448_sign_msg failed\n");
goto exit_ed_sign;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_ed_sign:
bench_stats_asym_finish("ED", 448, desc[4], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
#ifdef HAVE_ED448_VERIFY
bench_stats_start(&count, &start);
@@ -8141,11 +11137,20 @@ exit_ed_sign:
printf("ed448_verify_msg failed\n");
goto exit_ed_verify;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
exit_ed_verify:
bench_stats_asym_finish("ED", 448, desc[5], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
#endif /* HAVE_ED448_VERIFY */
#endif /* HAVE_ED448_SIGN */
@@ -8162,6 +11167,7 @@ void bench_eccsiKeyGen(void)
int i, count;
const char**desc = bench_desc_words[lng_index];
int ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* Key Gen */
bench_stats_start(&count, &start);
@@ -8174,10 +11180,19 @@ void bench_eccsiKeyGen(void)
break;
}
wc_FreeEccsiKey(&genKey);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ECCSI", 256, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
void bench_eccsiPairGen(void)
@@ -8190,6 +11205,7 @@ void bench_eccsiPairGen(void)
ecc_point* pvt;
static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
int ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
(void)mp_init(&ssk);
pvt = wc_ecc_new_point();
@@ -8206,10 +11222,19 @@ void bench_eccsiPairGen(void)
printf("wc_MakeEccsiPair failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ECCSI", 256, desc[12], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeEccsiKey(&genKey);
wc_ecc_del_point(pvt);
@@ -8229,6 +11254,7 @@ void bench_eccsiValidate(void)
static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
int valid;
int ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
(void)mp_init(&ssk);
pvt = wc_ecc_new_point();
@@ -8248,10 +11274,19 @@ void bench_eccsiValidate(void)
valid);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ECCSI", 256, desc[11], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeEccsiKey(&genKey);
wc_ecc_del_point(pvt);
@@ -8274,6 +11309,7 @@ void bench_eccsi(void)
word32 sigSz = sizeof(sig);
int ret;
int verified;
+ DECLARE_MULTI_VALUE_STATS_VARS()
(void)mp_init(&ssk);
pvt = wc_ecc_new_point();
@@ -8296,10 +11332,21 @@ void bench_eccsi(void)
printf("wc_SignEccsiHash failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ECCSI", 256, desc[4], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
/* Derive */
bench_stats_start(&count, &start);
@@ -8313,10 +11360,19 @@ void bench_eccsi(void)
verified);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("ECCSI", 256, desc[5], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeEccsiKey(&genKey);
wc_ecc_del_point(pvt);
@@ -8333,6 +11389,7 @@ void bench_sakkeKeyGen(void)
int i, count;
const char**desc = bench_desc_words[lng_index];
int ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
/* Key Gen */
bench_stats_start(&count, &start);
@@ -8345,10 +11402,19 @@ void bench_sakkeKeyGen(void)
break;
}
wc_FreeSakkeKey(&genKey);
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("SAKKE", 1024, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
}
void bench_sakkeRskGen(void)
@@ -8360,6 +11426,7 @@ void bench_sakkeRskGen(void)
ecc_point* rsk;
static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
int ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
rsk = wc_ecc_new_point();
wc_InitSakkeKey_ex(&genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID);
@@ -8374,10 +11441,19 @@ void bench_sakkeRskGen(void)
printf("wc_MakeSakkeRsk failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("SAKKE", 1024, desc[8], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeSakkeKey(&genKey);
wc_ecc_del_point(rsk);
@@ -8395,6 +11471,7 @@ void bench_sakkeValidate(void)
static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
int valid;
int ret;
+ DECLARE_MULTI_VALUE_STATS_VARS()
rsk = wc_ecc_new_point();
(void)wc_InitSakkeKey_ex(&genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID);
@@ -8412,10 +11489,19 @@ void bench_sakkeValidate(void)
valid);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish("SAKKE", 1024, desc[11], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeSakkeKey(&genKey);
wc_ecc_del_point(rsk);
@@ -8439,6 +11525,7 @@ void bench_sakke(void)
word32 len = 0;
byte* iTable = NULL;
word32 iTableLen = 0;
+ DECLARE_MULTI_VALUE_STATS_VARS()
XMEMCPY(ssv, ssv_init, sizeof ssv);
@@ -8460,12 +11547,22 @@ void bench_sakke(void)
printf("wc_MakeSakkeEncapsulatedSSV failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
} /* for */
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
bench_stats_asym_finish_ex("SAKKE", 1024, desc[9], "-1",
0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
/* Derive */
bench_stats_start(&count, &start);
@@ -8478,12 +11575,21 @@ void bench_sakke(void)
printf("wc_DeriveSakkeSSV failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
if (ret != 0) break;
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-1",
0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
/* Calculate Point I and generate table. */
(void)wc_MakeSakkePointI(&genKey, id, sizeof(id));
@@ -8505,12 +11611,22 @@ void bench_sakke(void)
printf("wc_MakeSakkeEncapsulatedSSV failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
bench_stats_asym_finish_ex("SAKKE", 1024, desc[9], "-2", 0,
count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
(void)wc_SetSakkeRsk(&genKey, rsk, table, len);
@@ -8525,13 +11641,23 @@ void bench_sakke(void)
printf("wc_DeriveSakkeSSV failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
if (ret != 0) break;
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-2", 0,
count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
len = 0;
(void)wc_GenerateSakkeRskTable(&genKey, rsk, NULL, &len);
@@ -8552,12 +11678,23 @@ void bench_sakke(void)
printf("wc_DeriveSakkeSSV failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
if (ret != 0) break;
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-3",
0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+ RESET_MULTI_VALUE_STATS_VARS();
wc_ClearSakkePointITable(&genKey);
/* Derive with RSK table */
@@ -8571,12 +11708,21 @@ void bench_sakke(void)
printf("wc_DeriveSakkeSSV failed: %d\n", ret);
break;
}
+ RECORD_MULTI_VALUE_STATS();
}
if (ret != 0) break;
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
+
bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-4", 0,
count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
wc_FreeSakkeKey(&genKey);
wc_ecc_del_point(rsk);
@@ -8596,6 +11742,7 @@ void bench_falconKeySign(byte level)
byte msg[512];
word32 x = 0;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
ret = wc_falcon_init(&key);
if (ret != 0) {
@@ -8646,15 +11793,25 @@ void bench_falconKeySign(byte level)
printf("wc_falcon_sign_msg failed\n");
}
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
if (ret == 0) {
bench_stats_asym_finish("FALCON", level, desc[4], 0,
count, start, ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (i = 0; i < agreeTimes; i++) {
@@ -8668,13 +11825,21 @@ void bench_falconKeySign(byte level)
ret = -1;
}
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
if (ret == 0) {
bench_stats_asym_finish("FALCON", level, desc[5],
0, count, start, ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
wc_falcon_free(&key);
@@ -8692,6 +11857,7 @@ void bench_dilithiumKeySign(byte level)
byte msg[512];
word32 x = 0;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
ret = wc_dilithium_init(&key);
if (ret != 0) {
@@ -8748,15 +11914,25 @@ void bench_dilithiumKeySign(byte level)
printf("wc_dilithium_sign_msg failed\n");
}
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
if (ret == 0) {
bench_stats_asym_finish("DILITHIUM", level, desc[4], 0, count, start,
ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (i = 0; i < agreeTimes; i++) {
@@ -8771,13 +11947,21 @@ void bench_dilithiumKeySign(byte level)
ret = -1;
}
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
if (ret == 0) {
bench_stats_asym_finish("DILITHIUM", level, desc[5], 0, count, start,
ret);
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
wc_dilithium_free(&key);
@@ -8795,6 +11979,7 @@ void bench_sphincsKeySign(byte level, byte optim)
byte msg[512];
word32 x = 0;
const char**desc = bench_desc_words[lng_index];
+ DECLARE_MULTI_VALUE_STATS_VARS()
ret = wc_sphincs_init(&key);
if (ret != 0) {
@@ -8875,9 +12060,14 @@ void bench_sphincsKeySign(byte level, byte optim)
printf("wc_sphincs_sign_msg failed\n");
}
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
if (ret == 0) {
if (optim == FAST_VARIANT) {
@@ -8888,8 +12078,13 @@ void bench_sphincsKeySign(byte level, byte optim)
bench_stats_asym_finish("SPHINCS-SMALL", level, desc[4], 0, count,
start, ret);
}
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
+ RESET_MULTI_VALUE_STATS_VARS();
+
bench_stats_start(&count, &start);
do {
for (i = 0; i < agreeTimes; i++) {
@@ -8904,9 +12099,14 @@ void bench_sphincsKeySign(byte level, byte optim)
ret = -1;
}
}
+ RECORD_MULTI_VALUE_STATS();
}
count += i;
- } while (bench_stats_check(start));
+ } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+ || runs < minimum_runs
+#endif
+ );
if (ret == 0) {
if (optim == FAST_VARIANT) {
@@ -8917,6 +12117,9 @@ void bench_sphincsKeySign(byte level, byte optim)
bench_stats_asym_finish("SPHINCS-SMALL", level, desc[5], 0, count,
start, ret);
}
+ #ifdef MULTI_VALUE_STATISTICS
+ bench_multi_value_stats(max, min, sum, squareSum, runs);
+ #endif
}
wc_sphincs_free(&key);
@@ -8945,7 +12148,11 @@ void bench_sphincsKeySign(byte level, byte optim)
QueryPerformanceCounter(&count);
+#ifdef BENCH_MICROSECOND
+ return ((double)count.QuadPart * 1000000) / freq.QuadPart;
+#else
return (double)count.QuadPart / freq.QuadPart;
+#endif
}
#elif defined MICROCHIP_PIC32
@@ -8983,21 +12190,110 @@ void bench_sphincsKeySign(byte level, byte optim)
/* prototype definition */
int construct_argv();
extern char* __argv[22];
-#endif
+
+ /* current_time(reset)
+ *
+ * Benchmark passage of time, in fractional seconds.
+ * [reset] is non zero to adjust timer or counter to zero
+ *
+ * Use care when repeatedly calling calling. See implementation. */
double current_time(int reset)
{
+ double ret;
#if ESP_IDF_VERSION_MAJOR >= 4
- TickType_t tickCount;
+ TickType_t tickCount; /* typically 32 bit, local FreeRTOS ticks */
#else
portTickType tickCount;
#endif
- (void) reset;
+ #if defined(__XTENSA__)
+ (void)reset;
+ if (reset) {
+ /* TODO: Determine a mechanism for reset that does not interfere
+ * with freeRTOS tick. Using this code for Xtensa appears to cause
+ * RTOS tick timer to stick. See "last_tickCount unchanged".
+ ESP_LOGW(TAG, "Current_time() reset!");
+ portTICK_TYPE_ENTER_CRITICAL();
+ {
+ esp_cpu_set_cycle_count((esp_cpu_cycle_count_t)0);
+ _esp_cpu_count_last = xthal_get_ccount();
+ _esp_cpu_count_last = esp_cpu_get_cycle_count();
+ }
+ portTICK_TYPE_EXIT_CRITICAL();
+ */
+ }
+ #else
+ /* Only reset the CPU counter for RISC-V */
+ if (reset) {
+ ESP_LOGV(TAG, "current_time() reset!");
+ /* TODO: why does Espressif esp_cpu_get_cycle_count() cause
+ * unexpected rollovers in return values for Xtensa but not RISC-V?
+ * See also esp_get_cycle_count_ex() */
+ #ifdef __XTENSA__
+ _esp_cpu_count_last = xthal_get_ccount();
+ #else
+ esp_cpu_set_cycle_count((esp_cpu_cycle_count_t)0);
+ _esp_cpu_count_last = esp_cpu_get_cycle_count();
+ #endif
+ }
+ #endif
+
+ /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
+ tickCount = xTaskGetTickCount(); /* RTOS ticks, not CPU cycles!
+ The count of ticks since vTaskStartScheduler was called,
+ typiclly in app_startup.c */
+
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGV(TAG, "tickCount = %lu", tickCount);
+ if (tickCount == last_tickCount) {
+ ESP_LOGW(TAG, "last_tickCount unchanged? %lu", tickCount);
+
+ }
+ if (tickCount < last_tickCount) {
+ ESP_LOGW(TAG, "last_tickCount overflow?");
+ }
+ #endif
+
+ if (reset) {
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGW(TAG, "Assign last_tickCount = %lu", tickCount);
+ #endif
+ last_tickCount = tickCount;
+ }
+ else {
+ #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+ ESP_LOGW(TAG, "No Reset last_tickCount = %lu", tickCount);
+ #endif
+ }
+
+ #if defined(configTICK_RATE_HZ) && defined(CONFIG_FREERTOS_HZ)
+ ret = (double)tickCount / configTICK_RATE_HZ;
+ #else
+ ESP_LOGW(TAG, "Warning: configTICK_RATE_HZ not defined,"
+ "assuming 1000 Hz.");
+ ret = (double)(tickCount / 1000.0);
+ #endif /* configTICK_RATE_HZ */
+
+ return ret;
+
+ } /* current_time */
+#else
+ /* current_time(reset)
+ *
+ * Benchmark passage of time, in fractional seconds.
+ * [reset] is non zero to adjust timer or counter to zero
+ *
+ * Use care when repeatedly calling calling. See implementation. */
+ double current_time(int reset)
+ {
+ portTickType tickCount;
/* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
tickCount = xTaskGetTickCount();
return (double)tickCount / 1000;
}
+#endif
+
#elif defined (WOLFSSL_TIRTOS)
@@ -9020,6 +12316,14 @@ void bench_sphincsKeySign(byte level, byte optim)
return (double)OSA_TimeGetMsec() / 1000;
}
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+ double current_time(int reset)
+ {
+ (void)reset;
+ return (double)osKernelGetTickCount() / 1000.0;
+ }
+
#elif defined(WOLFSSL_EMBOS)
#include "RTOS.h"
@@ -9028,7 +12332,7 @@ void bench_sphincsKeySign(byte level, byte optim)
{
double time_now;
double current_s = OS_GetTime() / 1000.0;
- double current_us = OS_GetTime_us() / 1000000.0;
+ double current_us = OS_GetTime_us() / MILLION_VALUE;
time_now = (double)( current_s + current_us);
(void) reset;
@@ -9155,20 +12459,20 @@ void bench_sphincsKeySign(byte level, byte optim)
* outside wolfcrypt.
*/
return (double)rusage.ru_utime.tv_sec +
- (double)rusage.ru_utime.tv_usec / 1000000.0;
+ (double)rusage.ru_utime.tv_usec / MILLION_VALUE;
}
static void check_for_excessive_stime(const char *desc,
const char *desc_extra)
{
double start_utime = (double)base_rusage.ru_utime.tv_sec +
- (double)base_rusage.ru_utime.tv_usec / 1000000.0;
+ (double)base_rusage.ru_utime.tv_usec / MILLION_VALUE;
double start_stime = (double)base_rusage.ru_stime.tv_sec +
- (double)base_rusage.ru_stime.tv_usec / 1000000.0;
+ (double)base_rusage.ru_stime.tv_usec / MILLION_VALUE;
double cur_utime = (double)cur_rusage.ru_utime.tv_sec +
- (double)cur_rusage.ru_utime.tv_usec / 1000000.0;
+ (double)cur_rusage.ru_utime.tv_usec / MILLION_VALUE;
double cur_stime = (double)cur_rusage.ru_stime.tv_sec +
- (double)cur_rusage.ru_stime.tv_usec / 1000000.0;
+ (double)cur_rusage.ru_stime.tv_usec / MILLION_VALUE;
double stime_utime_ratio =
(cur_stime - start_stime) / (cur_utime - start_utime);
if (stime_utime_ratio > .1)
@@ -9193,13 +12497,17 @@ void bench_sphincsKeySign(byte level, byte optim)
double current_time(int reset)
{
- struct timeval tv;
+ struct timespec tv;
(void)reset;
- LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
+ LIBCALL_CHECK_RET(clock_gettime(CLOCK_REALTIME, &tv));
- return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
+ #ifdef BENCH_MICROSECOND
+ return (double)tv.tv_sec * 1000000 + (double)tv.tv_nsec / 1000;
+ #else
+ return (double)tv.tv_sec + (double)tv.tv_nsec / 1000000000;
+ #endif
}
#endif /* _WIN32 */
@@ -9207,9 +12515,12 @@ void bench_sphincsKeySign(byte level, byte optim)
#if defined(HAVE_GET_CYCLES)
#if defined(WOLFSSL_ESPIDF)
- static WC_INLINE word64 get_xtensa_cycles(void)
+ /* Generic CPU cycle counter for either Xtensa or RISC-V */
+ static WC_INLINE word64 esp_get_cpu_benchmark_cycles(void)
{
- return xthal_get_ccount_ex();
+ /* Reminder for long duration between calls with
+ * multiple overflows will not be detected. */
+ return esp_get_cycle_count_ex();
}
/* implement other architectures here */
@@ -9279,6 +12590,7 @@ static void Usage(void)
printf("benchmark\n");
printf("%s", bench_Usage_msg1[lng_index][e++]); /* option -? */
+ printf("%s", bench_Usage_msg1[lng_index][e++]); /* English / Japanese */
printf("%s", bench_Usage_msg1[lng_index][e++]); /* option -csv */
printf("%s", bench_Usage_msg1[lng_index][e++]); /* option -base10 */
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
@@ -9331,6 +12643,8 @@ static void Usage(void)
print_alg(bench_digest_opt[i].str, &line);
for (i=0; bench_mac_opt[i].str != NULL; i++)
print_alg(bench_mac_opt[i].str, &line);
+ for (i=0; bench_kdf_opt[i].str != NULL; i++)
+ print_alg(bench_kdf_opt[i].str, &line);
for (i=0; bench_asym_opt[i].str != NULL; i++)
print_alg(bench_asym_opt[i].str, &line);
for (i=0; bench_other_opt[i].str != NULL; i++)
@@ -9338,11 +12652,15 @@ static void Usage(void)
#if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
for (i=0; bench_pq_asym_opt[i].str != NULL; i++)
print_alg(bench_pq_asym_opt[i].str, &line);
-#if defined(HAVE_LIBOQS)
+#if defined(HAVE_LIBOQS) && defined(HAVE_SPHINCS)
for (i=0; bench_pq_asym_opt2[i].str != NULL; i++)
print_alg(bench_pq_asym_opt2[i].str, &line);
-#endif /* HAVE_LIBOQS */
+#endif /* HAVE_LIBOQS && HAVE_SPHINCS */
#endif /* HAVE_PQC */
+#if defined(BENCH_PQ_STATEFUL_HBS)
+ for (i=0; bench_pq_hash_sig_opt[i].str != NULL; i++)
+ print_alg(bench_pq_hash_sig_opt[i].str, &line);
+#endif /* BENCH_PQ_STATEFUL_HBS */
printf("\n");
#endif /* !WOLFSSL_BENCHMARK_ALL */
e++;
@@ -9353,7 +12671,21 @@ static void Usage(void)
printf("%s", bench_Usage_msg1[lng_index][e]); /* option -threads <num> */
#endif
e++;
+#ifdef WC_BENCH_TRACK_STATS
printf("%s", bench_Usage_msg1[lng_index][e]); /* option -print */
+#endif
+ e++;
+#ifndef NO_FILESYSTEM
+ printf("%s", bench_Usage_msg1[lng_index][e]); /* option -hash_input */
+#endif
+ e++;
+#ifndef NO_FILESYSTEM
+ printf("%s", bench_Usage_msg1[lng_index][e]); /* option -cipher_input */
+#endif
+#ifdef MULTI_VALUE_STATISTICS
+ e++;
+ printf("%s", bench_Usage_msg1[lng_index][e]); /* option -min_runs */
+#endif
}
/* Match the command line argument with the string.
@@ -9391,25 +12723,18 @@ static int string_matches(const char* arg, const char* str)
#endif
{
+ /* Code for main() or wolf_benchmark_task() */
#ifdef WOLFSSL_ESPIDF
int argc = construct_argv();
char** argv = (char**)__argv;
-
- #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- ESP_ERROR_CHECK(gptimer_new_timer(&esp_timer_config, &esp_gptimer));
- ESP_LOGI(TAG, "Enable ESP32-C3 timer ");
- ESP_ERROR_CHECK(gptimer_enable(esp_gptimer));
- ESP_ERROR_CHECK(gptimer_start(esp_gptimer));
- #endif
#elif defined(MAIN_NO_ARGS)
int argc = 0;
char** argv = NULL;
-
#endif
return wolfcrypt_benchmark_main(argc, argv);
}
-#endif /* NO_MAIN_DRIVER && NO_MAIN_FUNCTION */
+#endif /* !NO_MAIN_DRIVER && !NO_MAIN_FUNCTION */
int wolfcrypt_benchmark_main(int argc, char** argv)
{
@@ -9519,6 +12844,8 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
}
}
}
+#endif
+#ifdef WC_BENCH_TRACK_STATS
else if (string_matches(argv[1], "-print")) {
gPrintStats = 1;
}
@@ -9529,6 +12856,29 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
if (argc > 1)
numBlocks = XATOI(argv[1]);
}
+#ifndef NO_FILESYSTEM
+ else if (string_matches(argv[1], "-hash_input")) {
+ argc--;
+ argv++;
+ if (argc > 1)
+ hash_input = argv[1];
+ }
+ else if (string_matches(argv[1], "-cipher_input")) {
+ argc--;
+ argv++;
+ if (argc > 1)
+ cipher_input = argv[1];
+ }
+#endif
+#ifdef MULTI_VALUE_STATISTICS
+ else if (string_matches(argv[1], "-min_runs")) {
+ argc--;
+ argv++;
+ if (argc > 1) {
+ minimum_runs = XATOI(argv[1]);
+ }
+ }
+#endif
else if (argv[1][0] == '-') {
optMatched = 0;
#ifndef WOLFSSL_BENCHMARK_ALL
@@ -9557,6 +12907,14 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
optMatched = 1;
}
}
+ /* Known KDF algorithms */
+ for (i=0; !optMatched && bench_kdf_opt[i].str != NULL; i++) {
+ if (string_matches(argv[1], bench_kdf_opt[i].str)) {
+ bench_kdf_algs |= bench_kdf_opt[i].val;
+ bench_all = 0;
+ optMatched = 1;
+ }
+ }
/* Known asymmetric algorithms */
for (i=0; !optMatched && bench_asym_opt[i].str != NULL; i++) {
if (string_matches(argv[1], bench_asym_opt[i].str)) {
@@ -9574,6 +12932,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
optMatched = 1;
}
}
+ #ifdef HAVE_SPHINCS
/* Both bench_pq_asym_opt and bench_pq_asym_opt2 are looking for
* -pq, so we need to do a special case for -pq since optMatched
* was set to 1 just above. */
@@ -9589,6 +12948,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
optMatched = 1;
}
}
+ #endif
#endif /* HAVE_PQC */
/* Other known cryptographic algorithms */
for (i=0; !optMatched && bench_other_opt[i].str != NULL; i++) {
@@ -9598,6 +12958,17 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
optMatched = 1;
}
}
+
+ #if defined(BENCH_PQ_STATEFUL_HBS)
+ /* post-quantum stateful hash-based signatures */
+ for (i=0; !optMatched && bench_pq_hash_sig_opt[i].str != NULL; i++) {
+ if (string_matches(argv[1], bench_pq_hash_sig_opt[i].str)) {
+ bench_pq_hash_sig_algs |= bench_pq_hash_sig_opt[i].val;
+ bench_all = 0;
+ optMatched = 1;
+ }
+ }
+ #endif /* BENCH_PQ_STATEFUL_HBS */
#endif
if (!optMatched) {
printf("Option not recognized: %s\n", argv[1]);
@@ -9628,6 +12999,22 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
else
#endif
{
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ if (esp_gptimer == NULL) {
+ ESP_ERROR_CHECK(gptimer_new_timer(&esp_timer_config,
+ &esp_gptimer) );
+ }
+ ESP_ERROR_CHECK(gptimer_enable(esp_gptimer));
+ ESP_ERROR_CHECK(gptimer_start(esp_gptimer));
+ ESP_LOGI(TAG, "Enable %s timer", CONFIG_IDF_TARGET);
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+ }
+ #endif
+
#ifdef HAVE_STACK_SIZE
ret = StackSizeCheck(NULL, benchmark_test);
#else
@@ -9635,6 +13022,17 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
#endif
}
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+ ESP_ERROR_CHECK(gptimer_stop(esp_gptimer));
+ ESP_ERROR_CHECK(gptimer_disable(esp_gptimer));
+ #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+ }
+ #endif
+
return ret;
}
#endif /* !NO_MAIN_DRIVER */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h
index f119fc96..cefef7ca 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h
+++ b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h
@@ -51,7 +51,7 @@ void bench_chacha(void);
void bench_chacha20_poly1305_aead(void);
void bench_aescbc(int useDeviceID);
void bench_aesgcm(int useDeviceID);
-void bench_gmac(void);
+void bench_gmac(int useDeviceID);
void bench_aesccm(int useDeviceID);
void bench_aesecb(int useDeviceID);
void bench_aesxts(void);
@@ -61,6 +61,9 @@ void bench_aesofb(void);
void bench_aessiv(void);
void bench_poly1305(void);
void bench_camellia(void);
+void bench_sm4_cbc(void);
+void bench_sm4_gcm(void);
+void bench_sm4_ccm(void);
void bench_md5(int useDeviceID);
void bench_sha(int useDeviceID);
void bench_sha224(int useDeviceID);
@@ -81,6 +84,7 @@ void bench_sha3_384(int useDeviceID);
void bench_sha3_512(int useDeviceID);
void bench_shake128(int useDeviceID);
void bench_shake256(int useDeviceID);
+void bench_sm3(int useDeviceID);
void bench_ripemd(void);
void bench_cmac(int useDeviceID);
void bench_scrypt(void);
@@ -91,16 +95,20 @@ void bench_hmac_sha256(int useDeviceID);
void bench_hmac_sha384(int useDeviceID);
void bench_hmac_sha512(int useDeviceID);
void bench_siphash(void);
+void bench_srtpkdf(void);
void bench_rsaKeyGen(int useDeviceID);
void bench_rsaKeyGen_size(int useDeviceID, word32 keySz);
void bench_rsa(int useDeviceID);
void bench_rsa_key(int useDeviceID, word32 keySz);
void bench_dh(int useDeviceID);
void bench_kyber(int type);
+void bench_lms(void);
+void bench_xmss(void);
void bench_ecc_curve(int curveId);
void bench_eccMakeKey(int useDeviceID, int curveId);
void bench_ecc(int useDeviceID, int curveId);
void bench_eccEncrypt(int curveId);
+void bench_sm2(int useDeviceID);
void bench_curve25519KeyGen(int useDeviceID);
void bench_curve25519KeyAgree(int useDeviceID);
void bench_ed25519KeyGen(void);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj
index 3d65da23..a194b71c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj
+++ b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj
@@ -146,7 +146,7 @@
<SubSystem>Console</SubSystem>
<OptimizeReferences>true</OptimizeReferences>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
- <TargetMachine>MachineX86</TargetMachine>
+ <TargetMachine>MachineX64</TargetMachine>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c
index 7815efa3..d4e44d73 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c
@@ -76,223 +76,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
#endif
-#ifdef WOLFSSL_AES_SIV
+#if defined(WOLFSSL_AES_SIV)
#include <wolfssl/wolfcrypt/cmac.h>
-#endif
+#endif /* WOLFSSL_AES_SIV */
#if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
#include <wolfssl/wolfcrypt/port/psa/psa.h>
#endif
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
- int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
- int dir)
- {
- if (aes == NULL || !( (len == 16) || (len == 24) || (len == 32)) ) {
- return BAD_FUNC_ARG;
- }
-
- return AesSetKey_fips(aes, key, len, iv, dir);
- }
- int wc_AesSetIV(Aes* aes, const byte* iv)
- {
- if (aes == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return AesSetIV_fips(aes, iv);
- }
- #ifdef HAVE_AES_CBC
- int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
- {
- if (aes == NULL || out == NULL || in == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return AesCbcEncrypt_fips(aes, out, in, sz);
- }
- #ifdef HAVE_AES_DECRYPT
- int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
- {
- if (aes == NULL || out == NULL || in == NULL
- || sz % AES_BLOCK_SIZE != 0) {
- return BAD_FUNC_ARG;
- }
-
- return AesCbcDecrypt_fips(aes, out, in, sz);
- }
- #endif /* HAVE_AES_DECRYPT */
- #endif /* HAVE_AES_CBC */
-
- /* AES-CTR */
- #ifdef WOLFSSL_AES_COUNTER
- int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
- {
- if (aes == NULL || out == NULL || in == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return AesCtrEncrypt(aes, out, in, sz);
- }
- #endif
-
- /* AES-DIRECT */
- #if defined(WOLFSSL_AES_DIRECT)
- void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
- {
- AesEncryptDirect(aes, out, in);
- }
-
- #ifdef HAVE_AES_DECRYPT
- void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
- {
- AesDecryptDirect(aes, out, in);
- }
- #endif /* HAVE_AES_DECRYPT */
-
- int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
- const byte* iv, int dir)
- {
- return AesSetKeyDirect(aes, key, len, iv, dir);
- }
- #endif /* WOLFSSL_AES_DIRECT */
-
- /* AES-GCM */
- #ifdef HAVE_AESGCM
- int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
- {
- if (aes == NULL || !( (len == 16) || (len == 24) || (len == 32)) ) {
- return BAD_FUNC_ARG;
- }
-
- return AesGcmSetKey_fips(aes, key, len);
- }
- int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
- {
- if (aes == NULL || authTagSz > AES_BLOCK_SIZE ||
- authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ ||
- ivSz == 0 || ivSz > AES_BLOCK_SIZE) {
- return BAD_FUNC_ARG;
- }
-
- return AesGcmEncrypt_fips(aes, out, in, sz, iv, ivSz, authTag,
- authTagSz, authIn, authInSz);
- }
-
- #ifdef HAVE_AES_DECRYPT
- int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- const byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
- {
- if (aes == NULL || out == NULL || in == NULL || iv == NULL
- || authTag == NULL || authTagSz > AES_BLOCK_SIZE ||
- ivSz == 0 || ivSz > AES_BLOCK_SIZE) {
- return BAD_FUNC_ARG;
- }
-
- return AesGcmDecrypt_fips(aes, out, in, sz, iv, ivSz, authTag,
- authTagSz, authIn, authInSz);
- }
- #endif /* HAVE_AES_DECRYPT */
-
- int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
- {
- if (gmac == NULL || key == NULL || !((len == 16) ||
- (len == 24) || (len == 32)) ) {
- return BAD_FUNC_ARG;
- }
-
- return GmacSetKey(gmac, key, len);
- }
- int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
- const byte* authIn, word32 authInSz,
- byte* authTag, word32 authTagSz)
- {
- if (gmac == NULL || authTagSz > AES_BLOCK_SIZE ||
- authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
- return BAD_FUNC_ARG;
- }
-
- return GmacUpdate(gmac, iv, ivSz, authIn, authInSz,
- authTag, authTagSz);
- }
- #endif /* HAVE_AESGCM */
-
- /* AES-CCM */
- #if defined(HAVE_AESCCM) && \
- defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
- int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
- {
- return AesCcmSetKey(aes, key, keySz);
- }
- int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
- const byte* nonce, word32 nonceSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
- {
- /* sanity check on arguments */
- if (aes == NULL || out == NULL || in == NULL || nonce == NULL
- || authTag == NULL || nonceSz < 7 || nonceSz > 13)
- return BAD_FUNC_ARG;
-
- AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz, authTag,
- authTagSz, authIn, authInSz);
- return 0;
- }
-
- #ifdef HAVE_AES_DECRYPT
- int wc_AesCcmDecrypt(Aes* aes, byte* out,
- const byte* in, word32 inSz,
- const byte* nonce, word32 nonceSz,
- const byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
- {
-
- if (aes == NULL || out == NULL || in == NULL || nonce == NULL
- || authTag == NULL || nonceSz < 7 || nonceSz > 13) {
- return BAD_FUNC_ARG;
- }
-
- return AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz,
- authTag, authTagSz, authIn, authInSz);
- }
- #endif /* HAVE_AES_DECRYPT */
- #endif /* HAVE_AESCCM && HAVE_FIPS_VERSION 2 */
-
- int wc_AesInit(Aes* aes, void* h, int i)
- {
- if (aes == NULL)
- return BAD_FUNC_ARG;
-
- (void)h;
- (void)i;
-
- /* FIPS doesn't support */
- #ifdef WOLFSSL_KCAPI_AES
- return AesInit(aes, h, i);
- #else
- return 0;
- #endif
- }
- void wc_AesFree(Aes* aes)
- {
- (void)aes;
- /* FIPS doesn't support */
- #ifdef WOLFSSL_KCAPI_AES
- AesFree(aes);
- #endif
- }
-
-#else /* else build without fips, or for FIPS v2+ */
-
-
#if defined(WOLFSSL_TI_CRYPT)
#include <wolfcrypt/src/port/ti/ti-aes.c>
#else
@@ -323,7 +114,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#pragma warning(disable: 4127)
#endif
-
/* Define AES implementation includes and functions */
#if defined(STM32_CRYPTO)
/* STM32F2/F4/F7/L4/L5/H7/WB55 hardware AES support for ECB, CBC, CTR and GCM modes */
@@ -341,6 +131,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
CRYP_KeyInitTypeDef keyInit;
#endif
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
#ifdef WOLFSSL_STM32_CUBEMX
ret = wc_Stm32_Aes_Init(aes, &hcryp);
if (ret != 0)
@@ -417,6 +213,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
CRYP_Cmd(DISABLE);
#endif /* WOLFSSL_STM32_CUBEMX */
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -435,6 +232,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
CRYP_KeyInitTypeDef keyInit;
#endif
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
#ifdef WOLFSSL_STM32_CUBEMX
ret = wc_Stm32_Aes_Init(aes, &hcryp);
if (ret != 0)
@@ -520,6 +323,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
CRYP_Cmd(DISABLE);
#endif /* WOLFSSL_STM32_CUBEMX */
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -550,6 +354,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
if (ret != 0)
return ret;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
if (wolfSSL_CryptHwMutexLock() == 0) {
LTC_AES_EncryptEcb(LTC_BASE, inBlock, outBlock, AES_BLOCK_SIZE,
key, keySize);
@@ -567,6 +377,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
if (ret != 0)
return ret;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
if (wolfSSL_CryptHwMutexLock() == 0) {
LTC_AES_DecryptEcb(LTC_BASE, inBlock, outBlock, AES_BLOCK_SIZE,
key, keySize, kLTC_EncryptKey);
@@ -591,6 +407,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesEncrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
if (wolfSSL_CryptHwMutexLock() == 0) {
#ifdef FREESCALE_MMCAU_CLASSIC
if ((wc_ptr_t)outBlock % WOLFSSL_MMCAU_ALIGNMENT) {
@@ -610,6 +434,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesDecrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
if (wolfSSL_CryptHwMutexLock() == 0) {
#ifdef FREESCALE_MMCAU_CLASSIC
if ((wc_ptr_t)outBlock % WOLFSSL_MMCAU_ALIGNMENT) {
@@ -635,6 +466,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesEncrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
/* Thread mutex protection handled in Pic32Crypto */
return wc_Pic32AesCrypt(aes->key, aes->keylen, NULL, 0,
outBlock, inBlock, AES_BLOCK_SIZE,
@@ -646,6 +484,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesDecrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
/* Thread mutex protection handled in Pic32Crypto */
return wc_Pic32AesCrypt(aes->key, aes->keylen, NULL, 0,
outBlock, inBlock, AES_BLOCK_SIZE,
@@ -661,6 +506,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
Aes* aes, const byte* inBlock, byte* outBlock)
{
int ret;
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = nrf51_aes_encrypt(inBlock, (byte*)aes->key, aes->rounds,
@@ -674,26 +526,71 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#error nRF51 AES Hardware does not support decrypt
#endif /* HAVE_AES_DECRYPT */
-#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+#elif defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+ #include <esp_log.h>
+ #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+ const char* TAG = "aes";
- #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
-
- #if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT)
- static WARN_UNUSED_RESULT int wc_AesEncrypt(
+ /* We'll use SW for fallback:
+ * unsupported key lengths. (e.g. ESP32-S3)
+ * chipsets not implemented.
+ * hardware busy. */
+ #define NEED_AES_TABLES
+ #define NEED_AES_HW_FALLBACK
+ #define NEED_SOFTWARE_AES_SETKEY
+ #undef WOLFSSL_AES_DIRECT
+ #define WOLFSSL_AES_DIRECT
+
+ /* Encrypt: If we choose to never have a fallback to SW: */
+ #if !defined(NEED_AES_HW_FALLBACK) && (defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT))
+ static WARN_UNUSED_RESULT int wc_AesEncrypt( /* calling this one when NO_AES_192 is defined */
Aes* aes, const byte* inBlock, byte* outBlock)
{
+ int ret;
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
/* Thread mutex protection handled in esp_aes_hw_InUse */
- return wc_esp32AesEncrypt(aes, inBlock, outBlock);
+ #ifdef NEED_AES_HW_FALLBACK
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ ret = wc_esp32AesEncrypt(aes, inBlock, outBlock);
+ }
+ #else
+ ret = wc_esp32AesEncrypt(aes, inBlock, outBlock);
+ #endif
+ return ret;
}
#endif
- #if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT)
+ /* Decrypt: If we choose to never have a fallback to SW: */
+ #if !defined(NEED_AES_HW_FALLBACK) && (defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT))
static WARN_UNUSED_RESULT int wc_AesDecrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+ int ret = 0;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
/* Thread mutex protection handled in esp_aes_hw_InUse */
- return wc_esp32AesDecrypt(aes, inBlock, outBlock);
+ #ifdef NEED_AES_HW_FALLBACK
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ ret = wc_esp32AesDecrypt(aes, inBlock, outBlock);
+ }
+ else {
+ ret = wc_AesDecrypt_SW(aes, inBlock, outBlock);
+ }
+ #else
+ /* if we don't need fallback, always use HW */
+ ret = wc_esp32AesDecrypt(aes, inBlock, outBlock);
+ #endif
+ return ret;
}
#endif
@@ -709,7 +606,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#define AESNI_ALIGN 16
#endif
- static int checkAESNI = 0;
+ static int checkedAESNI = 0;
static int haveAESNI = 0;
static word32 intel_flags = 0;
@@ -724,71 +621,73 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
/* tell C compiler these are asm functions in case any mix up of ABI underscore
prefix between clang/gcc/llvm etc */
#ifdef HAVE_AES_CBC
- void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
+ void AES_CBC_encrypt_AESNI(const unsigned char* in, unsigned char* out,
unsigned char* ivec, unsigned long length,
const unsigned char* KS, int nr)
- XASM_LINK("AES_CBC_encrypt");
+ XASM_LINK("AES_CBC_encrypt_AESNI");
#ifdef HAVE_AES_DECRYPT
#if defined(WOLFSSL_AESNI_BY4) || defined(WOLFSSL_X86_BUILD)
- void AES_CBC_decrypt_by4(const unsigned char* in, unsigned char* out,
+ void AES_CBC_decrypt_AESNI_by4(const unsigned char* in, unsigned char* out,
unsigned char* ivec, unsigned long length,
const unsigned char* KS, int nr)
- XASM_LINK("AES_CBC_decrypt_by4");
+ XASM_LINK("AES_CBC_decrypt_AESNI_by4");
#elif defined(WOLFSSL_AESNI_BY6)
- void AES_CBC_decrypt_by6(const unsigned char* in, unsigned char* out,
+ void AES_CBC_decrypt_AESNI_by6(const unsigned char* in, unsigned char* out,
unsigned char* ivec, unsigned long length,
const unsigned char* KS, int nr)
- XASM_LINK("AES_CBC_decrypt_by6");
+ XASM_LINK("AES_CBC_decrypt_AESNI_by6");
#else /* WOLFSSL_AESNI_BYx */
- void AES_CBC_decrypt_by8(const unsigned char* in, unsigned char* out,
+ void AES_CBC_decrypt_AESNI_by8(const unsigned char* in, unsigned char* out,
unsigned char* ivec, unsigned long length,
const unsigned char* KS, int nr)
- XASM_LINK("AES_CBC_decrypt_by8");
+ XASM_LINK("AES_CBC_decrypt_AESNI_by8");
#endif /* WOLFSSL_AESNI_BYx */
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC */
- void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
+ void AES_ECB_encrypt_AESNI(const unsigned char* in, unsigned char* out,
unsigned long length, const unsigned char* KS, int nr)
- XASM_LINK("AES_ECB_encrypt");
+ XASM_LINK("AES_ECB_encrypt_AESNI");
#ifdef HAVE_AES_DECRYPT
- void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
+ void AES_ECB_decrypt_AESNI(const unsigned char* in, unsigned char* out,
unsigned long length, const unsigned char* KS, int nr)
- XASM_LINK("AES_ECB_decrypt");
+ XASM_LINK("AES_ECB_decrypt_AESNI");
#endif
- void AES_128_Key_Expansion(const unsigned char* userkey,
+ void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
unsigned char* key_schedule)
- XASM_LINK("AES_128_Key_Expansion");
+ XASM_LINK("AES_128_Key_Expansion_AESNI");
- void AES_192_Key_Expansion(const unsigned char* userkey,
+ void AES_192_Key_Expansion_AESNI(const unsigned char* userkey,
unsigned char* key_schedule)
- XASM_LINK("AES_192_Key_Expansion");
+ XASM_LINK("AES_192_Key_Expansion_AESNI");
- void AES_256_Key_Expansion(const unsigned char* userkey,
+ void AES_256_Key_Expansion_AESNI(const unsigned char* userkey,
unsigned char* key_schedule)
- XASM_LINK("AES_256_Key_Expansion");
+ XASM_LINK("AES_256_Key_Expansion_AESNI");
- static WARN_UNUSED_RESULT int AES_set_encrypt_key(
+ static WARN_UNUSED_RESULT int AES_set_encrypt_key_AESNI(
const unsigned char *userKey, const int bits, Aes* aes)
{
int ret;
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
if (!userKey || !aes)
return BAD_FUNC_ARG;
switch (bits) {
case 128:
- AES_128_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 10;
+ AES_128_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 10;
return 0;
case 192:
- AES_192_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 12;
+ AES_192_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 12;
return 0;
case 256:
- AES_256_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 14;
+ AES_256_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 14;
return 0;
default:
ret = BAD_FUNC_ARG;
@@ -798,7 +697,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
}
#ifdef HAVE_AES_DECRYPT
- static WARN_UNUSED_RESULT int AES_set_decrypt_key(
+ static WARN_UNUSED_RESULT int AES_set_decrypt_key_AESNI(
const unsigned char* userKey, const int bits, Aes* aes)
{
word32 nr;
@@ -810,6 +709,8 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
__m128i *Key_Schedule;
__m128i *Temp_Key_Schedule;
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
if (!userKey || !aes)
return BAD_FUNC_ARG;
@@ -819,7 +720,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
return MEMORY_E;
#endif
- if (AES_set_encrypt_key(userKey,bits,temp_key) == BAD_FUNC_ARG) {
+ if (AES_set_encrypt_key_AESNI(userKey,bits,temp_key) == BAD_FUNC_ARG) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES);
#endif
@@ -832,12 +733,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
nr = temp_key->rounds;
aes->rounds = nr;
-#ifdef WOLFSSL_SMALL_STACK
- SAVE_VECTOR_REGISTERS(XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES); return _svr_ret;);
-#else
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#endif
-
Key_Schedule[nr] = Temp_Key_Schedule[0];
Key_Schedule[nr-1] = _mm_aesimc_si128(Temp_Key_Schedule[1]);
Key_Schedule[nr-2] = _mm_aesimc_si128(Temp_Key_Schedule[2]);
@@ -861,8 +756,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
Key_Schedule[0] = Temp_Key_Schedule[nr];
- RESTORE_VECTOR_REGISTERS();
-
#ifdef WOLFSSL_SMALL_STACK
XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES);
#endif
@@ -878,6 +771,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesEncrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret =
+ wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
return wc_AesEncryptDirect(aes, outBlock, inBlock);
}
@@ -1020,6 +921,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesEncrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
return AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
}
#endif
@@ -1028,22 +936,30 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
static WARN_UNUSED_RESULT int wc_AesDecrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
}
#endif
#elif defined(WOLFSSL_KCAPI_AES)
- /* Only CBC and GCM that are in wolfcrypt/src/port/kcapi/kcapi_aes.c */
+ /* Only CBC and GCM are in wolfcrypt/src/port/kcapi/kcapi_aes.c */
#if defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AESCCM) || \
defined(WOLFSSL_CMAC) || defined(WOLFSSL_AES_OFB) || \
defined(WOLFSSL_AES_CFB) || defined(HAVE_AES_ECB) || \
- defined(WOLFSSL_AES_DIRECT) || \
+ defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_XTS) || \
(defined(HAVE_AES_CBC) && defined(WOLFSSL_NO_KCAPI_AES_CBC))
#define NEED_AES_TABLES
#endif
#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
/* implemented in wolfcrypt/src/port/psa/psa_aes.c */
+
#else
/* using wolfCrypt software implementation */
@@ -1054,12 +970,17 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#ifdef NEED_AES_TABLES
+#ifndef WC_AES_BITSLICED
+#if !defined(WOLFSSL_SILABS_SE_ACCEL) || \
+ defined(NO_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES) || \
+ defined(NEED_AES_HW_FALLBACK)
static const FLASH_QUALIFIER word32 rcon[] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000,
0x10000000, 0x20000000, 0x40000000, 0x80000000,
0x1B000000, 0x36000000,
/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
};
+#endif
#ifndef WOLFSSL_AES_SMALL_TABLES
static const FLASH_QUALIFIER word32 Te[4][256] = {
@@ -1329,7 +1250,7 @@ static const FLASH_QUALIFIER word32 Te[4][256] = {
}
};
-#ifdef HAVE_AES_DECRYPT
+#if defined(HAVE_AES_DECRYPT) && !defined(WOLFSSL_SILABS_SE_ACCEL)
static const FLASH_QUALIFIER word32 Td[4][256] = {
{
0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
@@ -1601,8 +1522,9 @@ static const FLASH_QUALIFIER word32 Td[4][256] = {
#endif /* WOLFSSL_AES_SMALL_TABLES */
#ifdef HAVE_AES_DECRYPT
-#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) \
- || defined(WOLFSSL_AES_DIRECT)
+#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC) && \
+ !defined(WOLFSSL_SILABS_SE_ACCEL)) || \
+ defined(WOLFSSL_AES_DIRECT)
static const FLASH_QUALIFIER byte Td4[256] =
{
0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
@@ -1701,12 +1623,15 @@ static WARN_UNUSED_RESULT word32 inv_col_mul(
byte t0 = t9 ^ tb ^ td;
return t0 ^ AES_XTIME(AES_XTIME(AES_XTIME(t0 ^ te) ^ td ^ te) ^ tb ^ te);
}
-#endif
+#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
+#endif /* WOLFSSL_AES_SMALL_TABLES */
#endif
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) || \
defined(HAVE_AESCCM) || defined(HAVE_AESGCM)
+#ifndef WC_AES_BITSLICED
+
#ifndef WC_CACHE_LINE_SZ
#if defined(__x86_64__) || defined(_M_X64) || \
(defined(__ILP32__) && (__ILP32__ >= 1))
@@ -1763,25 +1688,25 @@ static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchSBox(void)
#ifdef WOLFSSL_AES_TOUCH_LINES
#if WC_CACHE_LINE_SZ == 128
- #define WC_CACHE_LINE_BITS 5
- #define WC_CACHE_LINE_MASK_HI 0xe0
- #define WC_CACHE_LINE_MASK_LO 0x1f
- #define WC_CACHE_LINE_ADD 0x20
+ #define WC_CACHE_LINE_BITS 5
+ #define WC_CACHE_LINE_MASK_HI 0xe0
+ #define WC_CACHE_LINE_MASK_LO 0x1f
+ #define WC_CACHE_LINE_ADD 0x20
#elif WC_CACHE_LINE_SZ == 64
- #define WC_CACHE_LINE_BITS 4
- #define WC_CACHE_LINE_MASK_HI 0xf0
- #define WC_CACHE_LINE_MASK_LO 0x0f
- #define WC_CACHE_LINE_ADD 0x10
+ #define WC_CACHE_LINE_BITS 4
+ #define WC_CACHE_LINE_MASK_HI 0xf0
+ #define WC_CACHE_LINE_MASK_LO 0x0f
+ #define WC_CACHE_LINE_ADD 0x10
#elif WC_CACHE_LINE_SZ == 32
- #define WC_CACHE_LINE_BITS 3
- #define WC_CACHE_LINE_MASK_HI 0xf8
- #define WC_CACHE_LINE_MASK_LO 0x07
- #define WC_CACHE_LINE_ADD 0x08
-#elif WC_CACHE_LINE_SZ = 16
- #define WC_CACHE_LINE_BITS 2
- #define WC_CACHE_LINE_MASK_HI 0xfc
- #define WC_CACHE_LINE_MASK_LO 0x03
- #define WC_CACHE_LINE_ADD 0x04
+ #define WC_CACHE_LINE_BITS 3
+ #define WC_CACHE_LINE_MASK_HI 0xf8
+ #define WC_CACHE_LINE_MASK_LO 0x07
+ #define WC_CACHE_LINE_ADD 0x08
+#elif WC_CACHE_LINE_SZ == 16
+ #define WC_CACHE_LINE_BITS 2
+ #define WC_CACHE_LINE_MASK_HI 0xfc
+ #define WC_CACHE_LINE_MASK_LO 0x03
+ #define WC_CACHE_LINE_ADD 0x04
#else
#error Cache line size not supported
#endif
@@ -1967,6 +1892,7 @@ static word32 GetTable8_4(const byte* t, byte o0, byte o1, byte o2, byte o3)
}
#endif
#else
+
#define GetTable(t, o) t[o]
#define GetTable8(t, o) t[o]
#define GetTable_Multi(t, t0, o0, t1, o1, t2, o2, t3, o3) \
@@ -1978,83 +1904,24 @@ static word32 GetTable8_4(const byte* t, byte o0, byte o1, byte o2, byte o3)
((word32)(t)[o2] << 8) | ((word32)(t)[o3] << 0))
#endif
-/* Software AES - ECB Encrypt */
-static WARN_UNUSED_RESULT int wc_AesEncrypt(
- Aes* aes, const byte* inBlock, byte* outBlock)
+/* Encrypt a block using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] inBlock Block to encrypt.
+ * @param [out] outBlock Encrypted block.
+ * @param [in] r Rounds divided by 2.
+ */
+static void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+ word32 r)
{
word32 s0, s1, s2, s3;
word32 t0, t1, t2, t3;
- word32 r = aes->rounds >> 1;
- const word32* rk = aes->key;
-
- if (r > 7 || r == 0) {
- WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
- return KEYUSAGE_E;
- }
-
-#ifdef WOLFSSL_AESNI
- if (haveAESNI && aes->use_aesni) {
- #ifdef DEBUG_AESNI
- printf("about to aes encrypt\n");
- printf("in = %p\n", inBlock);
- printf("out = %p\n", outBlock);
- printf("aes->key = %p\n", aes->key);
- printf("aes->rounds = %d\n", aes->rounds);
- printf("sz = %d\n", AES_BLOCK_SIZE);
- #endif
-
- /* check alignment, decrypt doesn't need alignment */
- if ((wc_ptr_t)inBlock % AESNI_ALIGN) {
- #ifndef NO_WOLFSSL_ALLOC_ALIGN
- byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE + AESNI_ALIGN, aes->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- byte* tmp_align;
- if (tmp == NULL)
- return MEMORY_E;
-
- tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
+ const word32* rk;
- XMEMCPY(tmp_align, inBlock, AES_BLOCK_SIZE);
- AES_ECB_encrypt(tmp_align, tmp_align, AES_BLOCK_SIZE,
- (byte*)aes->key, (int)aes->rounds);
- XMEMCPY(outBlock, tmp_align, AES_BLOCK_SIZE);
- XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return 0;
- #else
- WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
- WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
- return BAD_ALIGN_E;
- #endif
- }
-
- AES_ECB_encrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
- (int)aes->rounds);
-
- return 0;
- }
- else {
- #ifdef DEBUG_AESNI
- printf("Skipping AES-NI\n");
- #endif
- }
-#endif
-#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
- AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
- return 0;
-#endif
-
-#if defined(WOLFSSL_IMXRT_DCP)
- if (aes->keylen == 16) {
- DCPAesEcbEncrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
- return 0;
- }
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
- if (aes->useSWCrypt == 0) {
- return se050_aes_crypt(aes, inBlock, outBlock, AES_BLOCK_SIZE,
- AES_ENCRYPTION, kAlgorithm_SSS_AES_ECB);
- }
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ rk = aes->key_C_fallback;
+#else
+ rk = aes->key;
#endif
/*
@@ -2315,58 +2182,597 @@ static WARN_UNUSED_RESULT int wc_AesEncrypt(
XMEMCPY(outBlock + sizeof(s0), &s1, sizeof(s1));
XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
+}
- return 0;
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+ !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Encrypt a number of blocks using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] in Block to encrypt.
+ * @param [out] out Encrypted block.
+ * @param [in] sz Number of blocks to encrypt.
+ */
+static void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+ word32 i;
+
+ for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+ AesEncrypt_C(aes, in, out, aes->rounds >> 1);
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
}
-#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT || HAVE_AESGCM */
+#endif
-#if defined(HAVE_AES_DECRYPT)
-#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) || \
- defined(WOLFSSL_AES_DIRECT)
+#else
-#ifndef WC_NO_CACHE_RESISTANT
-#ifndef WOLFSSL_AES_SMALL_TABLES
-/* load 4 Td Tables into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd(void)
+/* Bit-sliced implementation based on work by "circuit minimization team" (CMT):
+ * http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html
+ */
+/* http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/SLP_AES_113.txt */
+static void bs_sub_bytes(bs_word u[8])
+{
+ bs_word y1, y2, y3, y4, y5, y6, y7, y8, y9;
+ bs_word y10, y11, y12, y13, y14, y15, y16, y17, y18, y19;
+ bs_word y20, y21;
+ bs_word t0, t1, t2, t3, t4, t5, t6, t7, t8, t9;
+ bs_word t10, t11, t12, t13, t14, t15, t16, t17, t18, t19;
+ bs_word t20, t21, t22, t23, t24, t25, t26, t27, t28, t29;
+ bs_word t30, t31, t32, t33, t34, t35, t36, t37, t38, t39;
+ bs_word t40, t41, t42, t43, t44, t45;
+ bs_word z0, z1, z2, z3, z4, z5, z6, z7, z8, z9;
+ bs_word z10, z11, z12, z13, z14, z15, z16, z17;
+ bs_word tc1, tc2, tc3, tc4, tc5, tc6, tc7, tc8, tc9;
+ bs_word tc10, tc11, tc12, tc13, tc14, tc16, tc17, tc18;
+ bs_word tc20, tc21, tc26;
+ bs_word U0, U1, U2, U3, U4, U5, U6, U7;
+ bs_word S0, S1, S2, S3, S4, S5, S6, S7;
+
+ U0 = u[7];
+ U1 = u[6];
+ U2 = u[5];
+ U3 = u[4];
+ U4 = u[3];
+ U5 = u[2];
+ U6 = u[1];
+ U7 = u[0];
+
+ y14 = U3 ^ U5;
+ y13 = U0 ^ U6;
+ y9 = U0 ^ U3;
+ y8 = U0 ^ U5;
+ t0 = U1 ^ U2;
+ y1 = t0 ^ U7;
+ y4 = y1 ^ U3;
+ y12 = y13 ^ y14;
+ y2 = y1 ^ U0;
+ y5 = y1 ^ U6;
+ y3 = y5 ^ y8;
+ t1 = U4 ^ y12;
+ y15 = t1 ^ U5;
+ y20 = t1 ^ U1;
+ y6 = y15 ^ U7;
+ y10 = y15 ^ t0;
+ y11 = y20 ^ y9;
+ y7 = U7 ^ y11;
+ y17 = y10 ^ y11;
+ y19 = y10 ^ y8;
+ y16 = t0 ^ y11;
+ y21 = y13 ^ y16;
+ y18 = U0 ^ y16;
+ t2 = y12 & y15;
+ t3 = y3 & y6;
+ t4 = t3 ^ t2;
+ t5 = y4 & U7;
+ t6 = t5 ^ t2;
+ t7 = y13 & y16;
+ t8 = y5 & y1;
+ t9 = t8 ^ t7;
+ t10 = y2 & y7;
+ t11 = t10 ^ t7;
+ t12 = y9 & y11;
+ t13 = y14 & y17;
+ t14 = t13 ^ t12;
+ t15 = y8 & y10;
+ t16 = t15 ^ t12;
+ t17 = t4 ^ y20;
+ t18 = t6 ^ t16;
+ t19 = t9 ^ t14;
+ t20 = t11 ^ t16;
+ t21 = t17 ^ t14;
+ t22 = t18 ^ y19;
+ t23 = t19 ^ y21;
+ t24 = t20 ^ y18;
+ t25 = t21 ^ t22;
+ t26 = t21 & t23;
+ t27 = t24 ^ t26;
+ t28 = t25 & t27;
+ t29 = t28 ^ t22;
+ t30 = t23 ^ t24;
+ t31 = t22 ^ t26;
+ t32 = t31 & t30;
+ t33 = t32 ^ t24;
+ t34 = t23 ^ t33;
+ t35 = t27 ^ t33;
+ t36 = t24 & t35;
+ t37 = t36 ^ t34;
+ t38 = t27 ^ t36;
+ t39 = t29 & t38;
+ t40 = t25 ^ t39;
+ t41 = t40 ^ t37;
+ t42 = t29 ^ t33;
+ t43 = t29 ^ t40;
+ t44 = t33 ^ t37;
+ t45 = t42 ^ t41;
+ z0 = t44 & y15;
+ z1 = t37 & y6;
+ z2 = t33 & U7;
+ z3 = t43 & y16;
+ z4 = t40 & y1;
+ z5 = t29 & y7;
+ z6 = t42 & y11;
+ z7 = t45 & y17;
+ z8 = t41 & y10;
+ z9 = t44 & y12;
+ z10 = t37 & y3;
+ z11 = t33 & y4;
+ z12 = t43 & y13;
+ z13 = t40 & y5;
+ z14 = t29 & y2;
+ z15 = t42 & y9;
+ z16 = t45 & y14;
+ z17 = t41 & y8;
+ tc1 = z15 ^ z16;
+ tc2 = z10 ^ tc1;
+ tc3 = z9 ^ tc2;
+ tc4 = z0 ^ z2;
+ tc5 = z1 ^ z0;
+ tc6 = z3 ^ z4;
+ tc7 = z12 ^ tc4;
+ tc8 = z7 ^ tc6;
+ tc9 = z8 ^ tc7;
+ tc10 = tc8 ^ tc9;
+ tc11 = tc6 ^ tc5;
+ tc12 = z3 ^ z5;
+ tc13 = z13 ^ tc1;
+ tc14 = tc4 ^ tc12;
+ S3 = tc3 ^ tc11;
+ tc16 = z6 ^ tc8;
+ tc17 = z14 ^ tc10;
+ tc18 = tc13 ^ tc14;
+ S7 = ~(z12 ^ tc18);
+ tc20 = z15 ^ tc16;
+ tc21 = tc2 ^ z11;
+ S0 = tc3 ^ tc16;
+ S6 = ~(tc10 ^ tc18);
+ S4 = tc14 ^ S3;
+ S1 = ~(S3 ^ tc16);
+ tc26 = tc17 ^ tc20;
+ S2 = ~(tc26 ^ z17);
+ S5 = tc21 ^ tc17;
+
+ u[0] = S7;
+ u[1] = S6;
+ u[2] = S5;
+ u[3] = S4;
+ u[4] = S3;
+ u[5] = S2;
+ u[6] = S1;
+ u[7] = S0;
+}
+
+#define BS_MASK_BIT_SET(w, j, bmask) \
+ (((bs_word)0 - (((w) >> (j)) & (bs_word)1)) & (bmask))
+
+#define BS_TRANS_8(t, o, w, bmask, s) \
+ t[o + s + 0] |= BS_MASK_BIT_SET(w, s + 0, bmask); \
+ t[o + s + 1] |= BS_MASK_BIT_SET(w, s + 1, bmask); \
+ t[o + s + 2] |= BS_MASK_BIT_SET(w, s + 2, bmask); \
+ t[o + s + 3] |= BS_MASK_BIT_SET(w, s + 3, bmask); \
+ t[o + s + 4] |= BS_MASK_BIT_SET(w, s + 4, bmask); \
+ t[o + s + 5] |= BS_MASK_BIT_SET(w, s + 5, bmask); \
+ t[o + s + 6] |= BS_MASK_BIT_SET(w, s + 6, bmask); \
+ t[o + s + 7] |= BS_MASK_BIT_SET(w, s + 7, bmask)
+
+static void bs_transpose(bs_word* t, bs_word* blocks)
+{
+ bs_word bmask = 1;
+ int i;
+
+ XMEMSET(t, 0, sizeof(bs_word) * AES_BLOCK_BITS);
+
+ for (i = 0; i < BS_WORD_SIZE; i++) {
+ int j;
+ int o = 0;
+ for (j = 0; j < BS_BLOCK_WORDS; j++) {
+ #ifdef LITTLE_ENDIAN_ORDER
+ bs_word w = blocks[i * BS_BLOCK_WORDS + j];
+ #else
+ bs_word w = bs_bswap(blocks[i * BS_BLOCK_WORDS + j]);
+ #endif
+ #ifdef WOLFSSL_AES_NO_UNROLL
+ int k;
+ for (k = 0; k < BS_WORD_SIZE; k++) {
+ t[o + k] |= BS_MASK_BIT_SET(w, k, bmask);
+ }
+ #else
+ BS_TRANS_8(t, o, w, bmask, 0);
+ #if BS_WORD_SIZE >= 16
+ BS_TRANS_8(t, o, w, bmask, 8);
+ #endif
+ #if BS_WORD_SIZE >= 32
+ BS_TRANS_8(t, o, w, bmask, 16);
+ BS_TRANS_8(t, o, w, bmask, 24);
+ #endif
+ #if BS_WORD_SIZE >= 64
+ BS_TRANS_8(t, o, w, bmask, 32);
+ BS_TRANS_8(t, o, w, bmask, 40);
+ BS_TRANS_8(t, o, w, bmask, 48);
+ BS_TRANS_8(t, o, w, bmask, 56);
+ #endif
+ #endif
+ o += BS_WORD_SIZE;
+ }
+ bmask <<= 1;
+ }
+}
+
+#define BS_INV_TRANS_8(t, o, w, bmask, s) \
+ t[o + (s + 0) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 0, bmask); \
+ t[o + (s + 1) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 1, bmask); \
+ t[o + (s + 2) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 2, bmask); \
+ t[o + (s + 3) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 3, bmask); \
+ t[o + (s + 4) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 4, bmask); \
+ t[o + (s + 5) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 5, bmask); \
+ t[o + (s + 6) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 6, bmask); \
+ t[o + (s + 7) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 7, bmask)
+
+static void bs_inv_transpose(bs_word* t, bs_word* blocks)
{
- word32 x = 0;
- int i,j;
+ int o;
- for (i = 0; i < 4; i++) {
- /* 256 elements, each one is 4 bytes */
- for (j = 0; j < 256; j += WC_CACHE_LINE_SZ/4) {
- x &= Td[i][j];
+ XMEMSET(t, 0, sizeof(bs_word) * AES_BLOCK_BITS);
+
+ for (o = 0; o < BS_BLOCK_WORDS; o++) {
+ int i;
+ for (i = 0; i < BS_WORD_SIZE; i++) {
+ #ifdef LITTLE_ENDIAN_ORDER
+ bs_word bmask = (bs_word)1 << i;
+ #else
+ bs_word bmask = bs_bswap((bs_word)1 << i);
+ #endif
+ bs_word w = blocks[(o << BS_WORD_SHIFT) + i];
+ #ifdef WOLFSSL_AES_NO_UNROLL
+ int j;
+ for (j = 0; j < BS_WORD_SIZE; j++) {
+ t[j * BS_BLOCK_WORDS + o] |= BS_MASK_BIT_SET(w, j, bmask);
+ }
+ #else
+ BS_INV_TRANS_8(t, o, w, bmask, 0);
+ #if BS_WORD_SIZE >= 16
+ BS_INV_TRANS_8(t, o, w, bmask, 8);
+ #endif
+ #if BS_WORD_SIZE >= 32
+ BS_INV_TRANS_8(t, o, w, bmask, 16);
+ BS_INV_TRANS_8(t, o, w, bmask, 24);
+ #endif
+ #if BS_WORD_SIZE >= 64
+ BS_INV_TRANS_8(t, o, w, bmask, 32);
+ BS_INV_TRANS_8(t, o, w, bmask, 40);
+ BS_INV_TRANS_8(t, o, w, bmask, 48);
+ BS_INV_TRANS_8(t, o, w, bmask, 56);
+ #endif
+ #endif
}
}
- return x;
}
-#endif
-/* load Td Table4 into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd4(void)
+#define BS_ROW_OFF_0 0
+#define BS_ROW_OFF_1 32
+#define BS_ROW_OFF_2 64
+#define BS_ROW_OFF_3 96
+
+#define BS_ROW_ADD (AES_BLOCK_BITS / 16 + AES_BLOCK_BITS / 4)
+#define BS_IDX_MASK 0x7f
+
+#define BS_ASSIGN_8(d, od, s, os) \
+ d[(od) + 0] = s[(os) + 0]; \
+ d[(od) + 1] = s[(os) + 1]; \
+ d[(od) + 2] = s[(os) + 2]; \
+ d[(od) + 3] = s[(os) + 3]; \
+ d[(od) + 4] = s[(os) + 4]; \
+ d[(od) + 5] = s[(os) + 5]; \
+ d[(od) + 6] = s[(os) + 6]; \
+ d[(od) + 7] = s[(os) + 7]
+
+static void bs_shift_rows(bs_word* t, bs_word* b)
{
-#ifndef WOLFSSL_AES_TOUCH_LINES
- word32 x = 0;
int i;
- for (i = 0; i < 256; i += WC_CACHE_LINE_SZ) {
- x &= (word32)Td4[i];
+ for (i = 0; i < 128; i += 32) {
+ BS_ASSIGN_8(t, i + 0, b, ( 0 + i) & BS_IDX_MASK);
+ BS_ASSIGN_8(t, i + 8, b, ( 40 + i) & BS_IDX_MASK);
+ BS_ASSIGN_8(t, i + 16, b, ( 80 + i) & BS_IDX_MASK);
+ BS_ASSIGN_8(t, i + 24, b, (120 + i) & BS_IDX_MASK);
}
- return x;
+}
+
+#define BS_SHIFT_OFF_0 0
+#define BS_SHIFT_OFF_1 8
+#define BS_SHIFT_OFF_2 16
+#define BS_SHIFT_OFF_3 24
+
+/* Shift rows and mix columns.
+ * See: See https://eprint.iacr.org/2009/129.pdf - Appendix A
+ */
+
+#define BS_SHIFT_MIX_8(t, o, br0, br1, br2, br3, of) \
+ of = br0[7] ^ br1[7]; \
+ t[o+0] = br1[0] ^ br2[0] ^ br3[0] ^ of; \
+ t[o+1] = br0[0] ^ br1[0] ^ br1[1] ^ br2[1] ^ br3[1] ^ of; \
+ t[o+2] = br0[1] ^ br1[1] ^ br1[2] ^ br2[2] ^ br3[2]; \
+ t[o+3] = br0[2] ^ br1[2] ^ br1[3] ^ br2[3] ^ br3[3] ^ of; \
+ t[o+4] = br0[3] ^ br1[3] ^ br1[4] ^ br2[4] ^ br3[4] ^ of; \
+ t[o+5] = br0[4] ^ br1[4] ^ br1[5] ^ br2[5] ^ br3[5]; \
+ t[o+6] = br0[5] ^ br1[5] ^ br1[6] ^ br2[6] ^ br3[6]; \
+ t[o+7] = br0[6] ^ br1[6] ^ br1[7] ^ br2[7] ^ br3[7]
+
+static void bs_shift_mix(bs_word* t, bs_word* b)
+{
+ int i;
+ word8 or0 = BS_ROW_OFF_0 + BS_SHIFT_OFF_0;
+ word8 or1 = BS_ROW_OFF_1 + BS_SHIFT_OFF_1;
+ word8 or2 = BS_ROW_OFF_2 + BS_SHIFT_OFF_2;
+ word8 or3 = BS_ROW_OFF_3 + BS_SHIFT_OFF_3;
+
+ for (i = 0; i < AES_BLOCK_BITS; i += AES_BLOCK_BITS / 4) {
+ bs_word* br0 = b + or0;
+ bs_word* br1 = b + or1;
+ bs_word* br2 = b + or2;
+ bs_word* br3 = b + or3;
+ bs_word of;
+
+ BS_SHIFT_MIX_8(t, i + 0, br0, br1, br2, br3, of);
+ BS_SHIFT_MIX_8(t, i + 8, br1, br2, br3, br0, of);
+ BS_SHIFT_MIX_8(t, i + 16, br2, br3, br0, br1, of);
+ BS_SHIFT_MIX_8(t, i + 24, br3, br0, br1, br2, of);
+
+ or0 = (or0 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ or1 = (or1 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ or2 = (or2 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ or3 = (or3 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ }
+}
+
+static void bs_add_round_key(bs_word* out, bs_word* b, bs_word* rk)
+{
+ xorbufout((byte*)out, (byte*)b, (byte*)rk, BS_BLOCK_SIZE);
+}
+
+static void bs_sub_bytes_blocks(bs_word* b)
+{
+ int i;
+
+ for (i = 0; i < AES_BLOCK_BITS; i += 8) {
+ bs_sub_bytes(b + i);
+ }
+}
+
+static const FLASH_QUALIFIER byte bs_rcon[] = {
+ 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36,
+ /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+static void bs_ke_sub_bytes(unsigned char* out, unsigned char *in) {
+ bs_word block[AES_BLOCK_BITS];
+ bs_word trans[AES_BLOCK_BITS];
+
+ XMEMSET(block, 0, sizeof(block));
+ XMEMCPY(block, in, 4);
+
+ bs_transpose(trans, block);
+ bs_sub_bytes_blocks(trans);
+ bs_inv_transpose(block, trans);
+
+ XMEMCPY(out, block, 4);
+}
+
+static void bs_ke_transform(unsigned char* out, unsigned char *in, word8 i) {
+ /* Rotate the input 8 bits to the left */
+#ifdef LITTLE_ENDIAN_ORDER
+ *(word32*)out = rotrFixed(*(word32*)in, 8);
#else
- return 0;
-#endif
+ *(word32*)out = rotlFixed(*(word32*)in, 8);
+#endif
+ bs_ke_sub_bytes(out, out);
+ /* On just the first byte, add 2^i to the byte */
+ out[0] ^= bs_rcon[i];
+}
+
+static void bs_expand_key(unsigned char *in, word32 sz) {
+ unsigned char t[4];
+ word32 o;
+ word8 i = 0;
+
+ if (sz == 176) {
+ /* Total of 11 rounds - AES-128. */
+ for (o = 16; o < sz; o += 16) {
+ bs_ke_transform(t, in + o - 4, i);
+ i++;
+ *(word32*)(in + o + 0) = *(word32*)(in + o - 16) ^
+ *(word32*) t;
+ *(word32*)(in + o + 4) = *(word32*)(in + o - 12) ^
+ *(word32*)(in + o + 0);
+ *(word32*)(in + o + 8) = *(word32*)(in + o - 8) ^
+ *(word32*)(in + o + 4);
+ *(word32*)(in + o + 12) = *(word32*)(in + o - 4) ^
+ *(word32*)(in + o + 8);
+ }
+ }
+ else if (sz == 208) {
+ /* Total of 13 rounds - AES-192. */
+ for (o = 24; o < sz; o += 24) {
+ bs_ke_transform(t, in + o - 4, i);
+ i++;
+ *(word32*)(in + o + 0) = *(word32*)(in + o - 24) ^
+ *(word32*) t;
+ *(word32*)(in + o + 4) = *(word32*)(in + o - 20) ^
+ *(word32*)(in + o + 0);
+ *(word32*)(in + o + 8) = *(word32*)(in + o - 16) ^
+ *(word32*)(in + o + 4);
+ *(word32*)(in + o + 12) = *(word32*)(in + o - 12) ^
+ *(word32*)(in + o + 8);
+ *(word32*)(in + o + 16) = *(word32*)(in + o - 8) ^
+ *(word32*)(in + o + 12);
+ *(word32*)(in + o + 20) = *(word32*)(in + o - 4) ^
+ *(word32*)(in + o + 16);
+ }
+ }
+ else if (sz == 240) {
+ /* Total of 15 rounds - AES-256. */
+ for (o = 32; o < sz; o += 16) {
+ if ((o & 0x1f) == 0) {
+ bs_ke_transform(t, in + o - 4, i);
+ i++;
+ }
+ else {
+ bs_ke_sub_bytes(t, in + o - 4);
+ }
+ *(word32*)(in + o + 0) = *(word32*)(in + o - 32) ^
+ *(word32*) t;
+ *(word32*)(in + o + 4) = *(word32*)(in + o - 28) ^
+ *(word32*)(in + o + 0);
+ *(word32*)(in + o + 8) = *(word32*)(in + o - 24) ^
+ *(word32*)(in + o + 4);
+ *(word32*)(in + o + 12) = *(word32*)(in + o - 20) ^
+ *(word32*)(in + o + 8);
+ }
+ }
+}
+
+static void bs_set_key(bs_word* rk, const byte* key, word32 keyLen,
+ word32 rounds)
+{
+ int i;
+ byte bs_key[15 * AES_BLOCK_SIZE];
+ int ksSz = (rounds + 1) * AES_BLOCK_SIZE;
+ bs_word block[AES_BLOCK_BITS];
+
+ /* Fist round. */
+ XMEMCPY(bs_key, key, keyLen);
+ bs_expand_key(bs_key, ksSz);
+
+ for (i = 0; i < ksSz; i += AES_BLOCK_SIZE) {
+ int k;
+
+ XMEMCPY(block, bs_key + i, AES_BLOCK_SIZE);
+ for (k = BS_BLOCK_WORDS; k < AES_BLOCK_BITS; k += BS_BLOCK_WORDS) {
+ int l;
+ for (l = 0; l < BS_BLOCK_WORDS; l++) {
+ block[k + l] = block[l];
+ }
+ }
+ bs_transpose(rk, block);
+ rk += AES_BLOCK_BITS;
+ }
+}
+
+static void bs_encrypt(bs_word* state, bs_word* rk, word32 r)
+{
+ word32 i;
+ bs_word trans[AES_BLOCK_BITS];
+
+ bs_transpose(trans, state);
+
+ bs_add_round_key(trans, trans, rk);
+ for (i = 1; i < r; i++) {
+ bs_sub_bytes_blocks(trans);
+ bs_shift_mix(state, trans);
+ rk += AES_BLOCK_BITS;
+ bs_add_round_key(trans, state, rk);
+ }
+ bs_sub_bytes_blocks(trans);
+ bs_shift_rows(state, trans);
+ rk += AES_BLOCK_BITS;
+ bs_add_round_key(trans, state, rk);
+ bs_inv_transpose(state, trans);
+}
+
+/* Encrypt a block using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] inBlock Block to encrypt.
+ * @param [out] outBlock Encrypted block.
+ * @param [in] r Rounds divided by 2.
+ */
+static void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+ word32 r)
+{
+ bs_word state[AES_BLOCK_BITS];
+
+ (void)r;
+
+ XMEMCPY(state, inBlock, AES_BLOCK_SIZE);
+ XMEMSET(((byte*)state) + AES_BLOCK_SIZE, 0, sizeof(state) - AES_BLOCK_SIZE);
+
+ bs_encrypt(state, aes->bs_key, aes->rounds);
+
+ XMEMCPY(outBlock, state, AES_BLOCK_SIZE);
+}
+
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+ !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Encrypt a number of blocks using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] in Block to encrypt.
+ * @param [out] out Encrypted block.
+ * @param [in] sz Number of blocks to encrypt.
+ */
+static void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+ bs_word state[AES_BLOCK_BITS];
+
+ while (sz >= BS_BLOCK_SIZE) {
+ XMEMCPY(state, in, BS_BLOCK_SIZE);
+ bs_encrypt(state, aes->bs_key, aes->rounds);
+ XMEMCPY(out, state, BS_BLOCK_SIZE);
+ sz -= BS_BLOCK_SIZE;
+ in += BS_BLOCK_SIZE;
+ out += BS_BLOCK_SIZE;
+ }
+ if (sz > 0) {
+ XMEMCPY(state, in, sz);
+ XMEMSET(((byte*)state) + sz, 0, sizeof(state) - sz);
+ bs_encrypt(state, aes->bs_key, aes->rounds);
+ XMEMCPY(out, state, sz);
+ }
}
#endif
-/* Software AES - ECB Decrypt */
-static WARN_UNUSED_RESULT int wc_AesDecrypt(
+#endif /* !WC_AES_BITSLICED */
+
+/* this section disabled with NO_AES_192 */
+/* calling this one when missing NO_AES_192 */
+static WARN_UNUSED_RESULT int wc_AesEncrypt(
Aes* aes, const byte* inBlock, byte* outBlock)
{
- word32 s0, s1, s2, s3;
- word32 t0, t1, t2, t3;
- word32 r = aes->rounds >> 1;
- const word32* rk = aes->key;
+ word32 r;
+
+ if (aes == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
+ r = aes->rounds >> 1;
if (r > 7 || r == 0) {
WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
@@ -2374,9 +2780,11 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
}
#ifdef WOLFSSL_AESNI
- if (haveAESNI && aes->use_aesni) {
+ if (aes->use_aesni) {
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
#ifdef DEBUG_AESNI
- printf("about to aes decrypt\n");
+ printf("about to aes encrypt\n");
printf("in = %p\n", inBlock);
printf("out = %p\n", outBlock);
printf("aes->key = %p\n", aes->key);
@@ -2384,11 +2792,33 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
printf("sz = %d\n", AES_BLOCK_SIZE);
#endif
- /* if input and output same will overwrite input iv */
- if ((const byte*)aes->tmp != inBlock)
- XMEMCPY(aes->tmp, inBlock, AES_BLOCK_SIZE);
- AES_ECB_decrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
+ /* check alignment, decrypt doesn't need alignment */
+ if ((wc_ptr_t)inBlock % AESNI_ALIGN) {
+ #ifndef NO_WOLFSSL_ALLOC_ALIGN
+ byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE + AESNI_ALIGN, aes->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ byte* tmp_align;
+ if (tmp == NULL)
+ return MEMORY_E;
+
+ tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
+
+ XMEMCPY(tmp_align, inBlock, AES_BLOCK_SIZE);
+ AES_ECB_encrypt_AESNI(tmp_align, tmp_align, AES_BLOCK_SIZE,
+ (byte*)aes->key, (int)aes->rounds);
+ XMEMCPY(outBlock, tmp_align, AES_BLOCK_SIZE);
+ XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ return 0;
+ #else
+ WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
+ WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
+ return BAD_ALIGN_E;
+ #endif
+ }
+
+ AES_ECB_encrypt_AESNI(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
(int)aes->rounds);
+
return 0;
}
else {
@@ -2398,21 +2828,106 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
}
#endif /* WOLFSSL_AESNI */
#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
- return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
+ AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
+ return 0;
#endif
+
#if defined(WOLFSSL_IMXRT_DCP)
if (aes->keylen == 16) {
- DCPAesEcbDecrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
+ DCPAesEcbEncrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
return 0;
}
#endif
+
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
if (aes->useSWCrypt == 0) {
return se050_aes_crypt(aes, inBlock, outBlock, AES_BLOCK_SIZE,
- AES_DECRYPTION, kAlgorithm_SSS_AES_ECB);
+ AES_ENCRYPTION, kAlgorithm_SSS_AES_ECB);
}
#endif
+#if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
+ ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ return wc_esp32AesEncrypt(aes, inBlock, outBlock);
+ }
+ else {
+ /* For example, the ESP32-S3 does not support HW for len = 24,
+ * so fall back to SW */
+ #ifdef DEBUG_WOLFSSL
+ ESP_LOGW(TAG, "wc_AesEncrypt HW Falling back, unsupported keylen = %d",
+ aes->keylen);
+ #endif
+ }
+#endif
+
+ AesEncrypt_C(aes, inBlock, outBlock, r);
+
+ return 0;
+} /* wc_AesEncrypt */
+#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT || HAVE_AESGCM */
+
+#if defined(HAVE_AES_DECRYPT)
+#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC) && \
+ !defined(WOLFSSL_SILABS_SE_ACCEL)) || \
+ defined(WOLFSSL_AES_DIRECT)
+
+#ifndef WC_AES_BITSLICED
+#ifndef WC_NO_CACHE_RESISTANT
+#ifndef WOLFSSL_AES_SMALL_TABLES
+/* load 4 Td Tables into cache by cache line stride */
+static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd(void)
+{
+ word32 x = 0;
+ int i,j;
+
+ for (i = 0; i < 4; i++) {
+ /* 256 elements, each one is 4 bytes */
+ for (j = 0; j < 256; j += WC_CACHE_LINE_SZ/4) {
+ x &= Td[i][j];
+ }
+ }
+ return x;
+}
+#endif
+
+/* load Td Table4 into cache by cache line stride */
+static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd4(void)
+{
+#ifndef WOLFSSL_AES_TOUCH_LINES
+ word32 x = 0;
+ int i;
+
+ for (i = 0; i < 256; i += WC_CACHE_LINE_SZ) {
+ x &= (word32)Td4[i];
+ }
+ return x;
+#else
+ return 0;
+#endif
+}
+#endif
+
+/* Decrypt a block using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] inBlock Block to encrypt.
+ * @param [out] outBlock Encrypted block.
+ * @param [in] r Rounds divided by 2.
+ */
+static void AesDecrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+ word32 r)
+{
+ word32 s0, s1, s2, s3;
+ word32 t0, t1, t2, t3;
+ const word32* rk;
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ rk = aes->key_C_fallback;
+#else
+ rk = aes->key;
+#endif
+
/*
* map byte array block to cipher state
* and add initial round key:
@@ -2623,8 +3138,457 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
- return 0;
}
+
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+ !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Decrypt a number of blocks using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] in Block to encrypt.
+ * @param [out] out Encrypted block.
+ * @param [in] sz Number of blocks to encrypt.
+ */
+static void AesDecryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+ word32 i;
+
+ for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+ AesDecrypt_C(aes, in, out, aes->rounds >> 1);
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+}
+#endif
+
+#else
+
+/* http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/Sinv.txt */
+static void bs_inv_sub_bytes(bs_word u[8])
+{
+ bs_word U0, U1, U2, U3, U4, U5, U6, U7;
+ bs_word Y0, Y1, Y2, Y3, Y4, Y5, Y6, Y7;
+ bs_word RTL0, RTL1, RTL2;
+ bs_word sa0, sa1;
+ bs_word sb0, sb1;
+ bs_word ab0, ab1, ab2, ab3;
+ bs_word ab20, ab21, ab22, ab23;
+ bs_word al, ah, aa, bl, bh, bb;
+ bs_word abcd1, abcd2, abcd3, abcd4, abcd5, abcd6;
+ bs_word ph11, ph12, ph13, ph01, ph02, ph03;
+ bs_word pl01, pl02, pl03, pl11, pl12, pl13;
+ bs_word r1, r2, r3, r4, r5, r6, r7, r8, r9;
+ bs_word rr1, rr2;
+ bs_word r10, r11;
+ bs_word cp1, cp2, cp3, cp4;
+ bs_word vr1, vr2, vr3;
+ bs_word pr1, pr2, pr3;
+ bs_word wr1, wr2, wr3;
+ bs_word qr1, qr2, qr3;
+ bs_word tinv1, tinv2, tinv3, tinv4, tinv5, tinv6, tinv7, tinv8, tinv9;
+ bs_word tinv10, tinv11, tinv12, tinv13;
+ bs_word t01, t02;
+ bs_word d0, d1, d2, d3;
+ bs_word dl, dd, dh;
+ bs_word sd0, sd1;
+ bs_word p0, p1, p2, p3, p4, p6, p7;
+ bs_word X11, X13, X14, X16, X18, X19;
+ bs_word S0, S1, S2, S3, S4, S5, S6, S7;
+
+ U0 = u[7];
+ U1 = u[6];
+ U2 = u[5];
+ U3 = u[4];
+ U4 = u[3];
+ U5 = u[2];
+ U6 = u[1];
+ U7 = u[0];
+
+ Y0 = U0 ^ U3;
+ Y2 = ~(U1 ^ U3);
+ Y4 = U0 ^ Y2;
+ RTL0 = U6 ^ U7;
+ Y1 = Y2 ^ RTL0;
+ Y7 = ~(U2 ^ Y1);
+ RTL1 = U3 ^ U4;
+ Y6 = ~(U7 ^ RTL1);
+ Y3 = Y1 ^ RTL1;
+ RTL2 = ~(U0 ^ U2);
+ Y5 = U5 ^ RTL2;
+ sa1 = Y0 ^ Y2;
+ sa0 = Y1 ^ Y3;
+ sb1 = Y4 ^ Y6;
+ sb0 = Y5 ^ Y7;
+ ah = Y0 ^ Y1;
+ al = Y2 ^ Y3;
+ aa = sa0 ^ sa1;
+ bh = Y4 ^ Y5;
+ bl = Y6 ^ Y7;
+ bb = sb0 ^ sb1;
+ ab20 = sa0 ^ sb0;
+ ab22 = al ^ bl;
+ ab23 = Y3 ^ Y7;
+ ab21 = sa1 ^ sb1;
+ abcd1 = ah & bh;
+ rr1 = Y0 & Y4;
+ ph11 = ab20 ^ abcd1;
+ t01 = Y1 & Y5;
+ ph01 = t01 ^ abcd1;
+ abcd2 = al & bl;
+ r1 = Y2 & Y6;
+ pl11 = ab22 ^ abcd2;
+ r2 = Y3 & Y7;
+ pl01 = r2 ^ abcd2;
+ r3 = sa0 & sb0;
+ vr1 = aa & bb;
+ pr1 = vr1 ^ r3;
+ wr1 = sa1 & sb1;
+ qr1 = wr1 ^ r3;
+ ab0 = ph11 ^ rr1;
+ ab1 = ph01 ^ ab21;
+ ab2 = pl11 ^ r1;
+ ab3 = pl01 ^ qr1;
+ cp1 = ab0 ^ pr1;
+ cp2 = ab1 ^ qr1;
+ cp3 = ab2 ^ pr1;
+ cp4 = ab3 ^ ab23;
+ tinv1 = cp3 ^ cp4;
+ tinv2 = cp3 & cp1;
+ tinv3 = cp2 ^ tinv2;
+ tinv4 = cp1 ^ cp2;
+ tinv5 = cp4 ^ tinv2;
+ tinv6 = tinv5 & tinv4;
+ tinv7 = tinv3 & tinv1;
+ d2 = cp4 ^ tinv7;
+ d0 = cp2 ^ tinv6;
+ tinv8 = cp1 & cp4;
+ tinv9 = tinv4 & tinv8;
+ tinv10 = tinv4 ^ tinv2;
+ d1 = tinv9 ^ tinv10;
+ tinv11 = cp2 & cp3;
+ tinv12 = tinv1 & tinv11;
+ tinv13 = tinv1 ^ tinv2;
+ d3 = tinv12 ^ tinv13;
+ sd1 = d1 ^ d3;
+ sd0 = d0 ^ d2;
+ dl = d0 ^ d1;
+ dh = d2 ^ d3;
+ dd = sd0 ^ sd1;
+ abcd3 = dh & bh;
+ rr2 = d3 & Y4;
+ t02 = d2 & Y5;
+ abcd4 = dl & bl;
+ r4 = d1 & Y6;
+ r5 = d0 & Y7;
+ r6 = sd0 & sb0;
+ vr2 = dd & bb;
+ wr2 = sd1 & sb1;
+ abcd5 = dh & ah;
+ r7 = d3 & Y0;
+ r8 = d2 & Y1;
+ abcd6 = dl & al;
+ r9 = d1 & Y2;
+ r10 = d0 & Y3;
+ r11 = sd0 & sa0;
+ vr3 = dd & aa;
+ wr3 = sd1 & sa1;
+ ph12 = rr2 ^ abcd3;
+ ph02 = t02 ^ abcd3;
+ pl12 = r4 ^ abcd4;
+ pl02 = r5 ^ abcd4;
+ pr2 = vr2 ^ r6;
+ qr2 = wr2 ^ r6;
+ p0 = ph12 ^ pr2;
+ p1 = ph02 ^ qr2;
+ p2 = pl12 ^ pr2;
+ p3 = pl02 ^ qr2;
+ ph13 = r7 ^ abcd5;
+ ph03 = r8 ^ abcd5;
+ pl13 = r9 ^ abcd6;
+ pl03 = r10 ^ abcd6;
+ pr3 = vr3 ^ r11;
+ qr3 = wr3 ^ r11;
+ p4 = ph13 ^ pr3;
+ S7 = ph03 ^ qr3;
+ p6 = pl13 ^ pr3;
+ p7 = pl03 ^ qr3;
+ S3 = p1 ^ p6;
+ S6 = p2 ^ p6;
+ S0 = p3 ^ p6;
+ X11 = p0 ^ p2;
+ S5 = S0 ^ X11;
+ X13 = p4 ^ p7;
+ X14 = X11 ^ X13;
+ S1 = S3 ^ X14;
+ X16 = p1 ^ S7;
+ S2 = X14 ^ X16;
+ X18 = p0 ^ p4;
+ X19 = S5 ^ X16;
+ S4 = X18 ^ X19;
+
+ u[0] = S7;
+ u[1] = S6;
+ u[2] = S5;
+ u[3] = S4;
+ u[4] = S3;
+ u[5] = S2;
+ u[6] = S1;
+ u[7] = S0;
+}
+
+static void bs_inv_shift_rows(bs_word* b)
+{
+ bs_word t[AES_BLOCK_BITS];
+ int i;
+
+ for (i = 0; i < 128; i += 32) {
+ BS_ASSIGN_8(t, i + 0, b, ( 0 + i) & BS_IDX_MASK);
+ BS_ASSIGN_8(t, i + 8, b, (104 + i) & BS_IDX_MASK);
+ BS_ASSIGN_8(t, i + 16, b, ( 80 + i) & BS_IDX_MASK);
+ BS_ASSIGN_8(t, i + 24, b, ( 56 + i) & BS_IDX_MASK);
+ }
+
+ XMEMCPY(b, t, sizeof(t));
+}
+
+#define O0 0
+#define O1 8
+#define O2 16
+#define O3 24
+
+#define BS_INV_MIX_SHIFT_8(br, b, O0, O1, O2, O3, of0, of1, of2) \
+ of0 = b[O0+7] ^ b[O0+6] ^ b[O0+5] ^ b[O1 + 7] ^ b[O1+5] ^ \
+ b[O2+6] ^ b[O2+5] ^ b[O3+5]; \
+ of1 = b[O0+7] ^ b[O0+6] ^ b[O1+6] ^ \
+ b[O2+7] ^ b[O2+6] ^ b[O3+6]; \
+ of2 = b[O0+7] ^ b[O1+7] ^ \
+ b[O2+7] ^ b[O3+7]; \
+ \
+ br[0] = b[O1+0] ^ \
+ b[O2+0] ^ b[O3+0] ^ of0; \
+ br[1] = b[O0+0] ^ b[O1+0] ^ b[O1+1] ^ \
+ b[O2+1] ^ b[O3+1] ^ of0 ^ of1; \
+ br[2] = b[O0+1] ^ b[O0+0] ^ b[O1+1] ^ b[O1+2] ^ \
+ b[O2+2] ^ b[O2+0] ^ b[O3+2] ^ of1 ^ of2; \
+ br[3] = b[O0+2] ^ b[O0+1] ^ b[O0+0] ^ b[O1+0] ^ b[O1+2] ^ b[O1+3] ^ \
+ b[O2+3] ^ b[O2+1] ^ b[O2+0] ^ b[O3+3] ^ b[O3+0] ^ of0 ^ of2; \
+ br[4] = b[O0+3] ^ b[O0+2] ^ b[O0+1] ^ b[O1+1] ^ b[O1+3] ^ b[O1+4] ^ \
+ b[O2+4] ^ b[O2+2] ^ b[O2+1] ^ b[O3+4] ^ b[O3+1] ^ of0 ^ of1; \
+ br[5] = b[O0+4] ^ b[O0+3] ^ b[O0+2] ^ b[O1+2] ^ b[O1+4] ^ b[O1+5] ^ \
+ b[O2+5] ^ b[O2+3] ^ b[O2+2] ^ b[O3+5] ^ b[O3+2] ^ of1 ^ of2; \
+ br[6] = b[O0+5] ^ b[O0+4] ^ b[O0+3] ^ b[O1+3] ^ b[O1+5] ^ b[O1+6] ^ \
+ b[O2+6] ^ b[O2+4] ^ b[O2+3] ^ b[O3+6] ^ b[O3+3] ^ of2; \
+ br[7] = b[O0+6] ^ b[O0+5] ^ b[O0+4] ^ b[O1+4] ^ b[O1+6] ^ b[O1+7] ^ \
+ b[O2+7] ^ b[O2+5] ^ b[O2+4] ^ b[O3+7] ^ b[O3+4]
+
+/* Inverse mix columns and shift rows. */
+static void bs_inv_mix_shift(bs_word* t, bs_word* b)
+{
+ bs_word* bp = b;
+ word8 or0 = BS_ROW_OFF_0 + BS_SHIFT_OFF_0;
+ word8 or1 = BS_ROW_OFF_1 + BS_SHIFT_OFF_1;
+ word8 or2 = BS_ROW_OFF_2 + BS_SHIFT_OFF_2;
+ word8 or3 = BS_ROW_OFF_3 + BS_SHIFT_OFF_3;
+ int i;
+
+ for (i = 0; i < AES_BLOCK_BITS / 4; i += AES_BLOCK_BITS / 16) {
+ bs_word* br;
+ bs_word of0;
+ bs_word of1;
+ bs_word of2;
+
+ br = t + or0;
+ BS_INV_MIX_SHIFT_8(br, bp, O0, O1, O2, O3, of0, of1, of2);
+ br = t + or1;
+ BS_INV_MIX_SHIFT_8(br, bp, O1, O2, O3, O0, of0, of1, of2);
+ br = t + or2;
+ BS_INV_MIX_SHIFT_8(br, bp, O2, O3, O0, O1, of0, of1, of2);
+ br = t + or3;
+ BS_INV_MIX_SHIFT_8(br, bp, O3, O0, O1, O2, of0, of1, of2);
+
+ or0 = (or0 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ or1 = (or1 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ or2 = (or2 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+ or3 = (or3 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+
+ bp += AES_BLOCK_BITS / 4;
+ }
+}
+
+static void bs_inv_sub_bytes_blocks(bs_word* b)
+{
+ int i;
+
+ for (i = 0; i < AES_BLOCK_BITS; i += 8) {
+ bs_inv_sub_bytes(b + i);
+ }
+}
+
+static void bs_decrypt(bs_word* state, bs_word* rk, word32 r)
+{
+ int i;
+ bs_word trans[AES_BLOCK_BITS];
+
+ bs_transpose(trans, state);
+
+ rk += r * AES_BLOCK_BITS;
+ bs_add_round_key(trans, trans, rk);
+ bs_inv_shift_rows(trans);
+ bs_inv_sub_bytes_blocks(trans);
+ rk -= AES_BLOCK_BITS;
+ bs_add_round_key(trans, trans, rk);
+ for (i = (int)r - 2; i >= 0; i--) {
+ bs_inv_mix_shift(state, trans);
+ bs_inv_sub_bytes_blocks(state);
+ rk -= AES_BLOCK_BITS;
+ bs_add_round_key(trans, state, rk);
+ }
+
+ bs_inv_transpose(state, trans);
+}
+
+#ifdef WOLFSSL_AES_DIRECT
+/* Decrypt a block using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] inBlock Block to encrypt.
+ * @param [out] outBlock Encrypted block.
+ * @param [in] r Rounds divided by 2.
+ */
+static void AesDecrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+ word32 r)
+{
+ bs_word state[AES_BLOCK_BITS];
+
+ (void)r;
+
+ XMEMCPY(state, inBlock, AES_BLOCK_SIZE);
+ XMEMSET(((byte*)state) + AES_BLOCK_SIZE, 0, sizeof(state) - AES_BLOCK_SIZE);
+
+ bs_decrypt(state, aes->bs_key, aes->rounds);
+
+ XMEMCPY(outBlock, state, AES_BLOCK_SIZE);
+}
+#endif
+
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+ !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Decrypt a number of blocks using AES.
+ *
+ * @param [in] aes AES object.
+ * @param [in] in Block to encrypt.
+ * @param [out] out Encrypted block.
+ * @param [in] sz Number of blocks to encrypt.
+ */
+static void AesDecryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+ bs_word state[AES_BLOCK_BITS];
+
+ while (sz >= BS_BLOCK_SIZE) {
+ XMEMCPY(state, in, BS_BLOCK_SIZE);
+ bs_decrypt(state, aes->bs_key, aes->rounds);
+ XMEMCPY(out, state, BS_BLOCK_SIZE);
+ sz -= BS_BLOCK_SIZE;
+ in += BS_BLOCK_SIZE;
+ out += BS_BLOCK_SIZE;
+ }
+ if (sz > 0) {
+ XMEMCPY(state, in, sz);
+ XMEMSET(((byte*)state) + sz, 0, sizeof(state) - sz);
+ bs_decrypt(state, aes->bs_key, aes->rounds);
+ XMEMCPY(out, state, sz);
+ }
+}
+#endif
+
+#endif
+
+#if !defined(WC_AES_BITSLICED) || defined(WOLFSSL_AES_DIRECT)
+/* Software AES - ECB Decrypt */
+static WARN_UNUSED_RESULT int wc_AesDecrypt(
+ Aes* aes, const byte* inBlock, byte* outBlock)
+{
+ word32 r;
+
+ if (aes == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
+ r = aes->rounds >> 1;
+
+ if (r > 7 || r == 0) {
+ WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
+ return KEYUSAGE_E;
+ }
+
+#ifdef WOLFSSL_AESNI
+ if (aes->use_aesni) {
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
+ #ifdef DEBUG_AESNI
+ printf("about to aes decrypt\n");
+ printf("in = %p\n", inBlock);
+ printf("out = %p\n", outBlock);
+ printf("aes->key = %p\n", aes->key);
+ printf("aes->rounds = %d\n", aes->rounds);
+ printf("sz = %d\n", AES_BLOCK_SIZE);
+ #endif
+
+ /* if input and output same will overwrite input iv */
+ if ((const byte*)aes->tmp != inBlock)
+ XMEMCPY(aes->tmp, inBlock, AES_BLOCK_SIZE);
+ AES_ECB_decrypt_AESNI(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
+ (int)aes->rounds);
+ return 0;
+ }
+ else {
+ #ifdef DEBUG_AESNI
+ printf("Skipping AES-NI\n");
+ #endif
+ }
+#endif /* WOLFSSL_AESNI */
+#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
+ return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
+#endif
+#if defined(WOLFSSL_IMXRT_DCP)
+ if (aes->keylen == 16) {
+ DCPAesEcbDecrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
+ return 0;
+ }
+#endif
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
+ if (aes->useSWCrypt == 0) {
+ return se050_aes_crypt(aes, inBlock, outBlock, AES_BLOCK_SIZE,
+ AES_DECRYPTION, kAlgorithm_SSS_AES_ECB);
+ }
+#endif
+#if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ return wc_esp32AesDecrypt(aes, inBlock, outBlock);
+ }
+ else {
+ /* For example, the ESP32-S3 does not support HW for len = 24,
+ * so fall back to SW */
+ #ifdef DEBUG_WOLFSSL
+ ESP_LOGW(TAG, "wc_AesDecrypt HW Falling back, "
+ "unsupported keylen = %d", aes->keylen);
+ #endif
+ } /* else !wc_esp32AesSupportedKeyLen for ESP32 */
+#endif
+
+ AesDecrypt_C(aes, inBlock, outBlock, r);
+
+ return 0;
+} /* wc_AesDecrypt[_SW]() */
+#endif /* !WC_AES_BITSLICED || WOLFSSL_AES_DIRECT */
#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
#endif /* HAVE_AES_DECRYPT */
@@ -2650,6 +3614,14 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
return BAD_FUNC_ARG;
}
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
rk = aes->key;
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
@@ -2723,6 +3695,14 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
if (aes == NULL)
return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
@@ -2738,12 +3718,26 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
return 0;
}
#elif defined(FREESCALE_LTC)
- int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
- int dir)
+ int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
+ const byte* iv, int dir, int checkKeyLen)
{
- if (aes == NULL || !((keylen == 16) || (keylen == 24) || (keylen == 32)))
+ if (aes == NULL)
return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
+ if (checkKeyLen) {
+ if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+ return BAD_FUNC_ARG;
+ }
+ (void)dir;
+
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
@@ -2755,14 +3749,21 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
return wc_AesSetIV(aes, iv);
}
+ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+ const byte* iv, int dir)
+ {
+ return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
+ }
+
+
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
return wc_AesSetKey(aes, userKey, keylen, iv, dir);
}
#elif defined(FREESCALE_MMCAU)
- int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
- const byte* iv, int dir)
+ int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
+ const byte* iv, int dir, int checkKeyLen)
{
int ret;
byte* rk;
@@ -2772,11 +3773,22 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
(void)dir;
- if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
- return BAD_FUNC_ARG;
if (aes == NULL)
return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
+ if (checkKeyLen) {
+ if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+ return BAD_FUNC_ARG;
+ }
+
rk = (byte*)aes->key;
if (rk == NULL)
return BAD_FUNC_ARG;
@@ -2827,6 +3839,12 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
return ret;
}
+ int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+ const byte* iv, int dir)
+ {
+ return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
+ }
+
int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
@@ -2845,6 +3863,12 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
if (aes == NULL || keylen != 16)
return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
aes->keylen = keylen;
aes->rounds = keylen/4 + 6;
XMEMCPY(aes->key, userKey, keylen);
@@ -2863,19 +3887,28 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
{
return wc_AesSetKey(aes, userKey, keylen, iv, dir);
}
-#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
-
- int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+#elif defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+ /* This is the only definition for HW only.
+ * but needs to be renamed when fallback needed.
+ * See call in wc_AesSetKey() */
+ int wc_AesSetKey_for_ESP32(Aes* aes, const byte* userKey, word32 keylen,
const byte* iv, int dir)
{
(void)dir;
(void)iv;
-
+ ESP_LOGV(TAG, "wc_AesSetKey_for_ESP32");
if (aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) {
return BAD_FUNC_ARG;
}
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
#if !defined(WOLFSSL_AES_128)
if (keylen == 16) {
return BAD_FUNC_ARG;
@@ -2902,13 +3935,9 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
aes->left = 0;
#endif
return wc_AesSetIV(aes, iv);
- }
+ } /* wc_AesSetKey */
- int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
- const byte* iv, int dir)
- {
- return wc_AesSetKey(aes, userKey, keylen, iv, dir);
- }
+ /* end #elif ESP32 */
#elif defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
@@ -2923,6 +3952,16 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
keylen != AES_256_KEY_SIZE)) {
return BAD_FUNC_ARG;
}
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret2 =
+ wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret2 < 0)
+ return ret2;
+ }
+#endif
+
#if defined(AES_MAX_KEY_SIZE)
if (keylen > (AES_MAX_KEY_SIZE/8)) {
return BAD_FUNC_ARG;
@@ -2996,9 +4035,264 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
/* implemented in wolfcrypt/src/port/devcrypto/devcrypto_aes.c */
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
- /* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
+ /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
+
+#elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
+ /* implemented in wolfcrypt/src/port/renesas/renesas_fspsm_aes.c */
+
+#else
+ #define NEED_SOFTWARE_AES_SETKEY
+#endif
+/* Either we fell though with no HW support at all,
+ * or perhaps there's HW support for *some* keylengths
+ * and we need both HW and SW. */
+#ifdef NEED_SOFTWARE_AES_SETKEY
+
+#ifdef NEED_AES_TABLES
+
+#ifndef WC_AES_BITSLICED
+/* Set the AES key and expand.
+ *
+ * @param [in] aes AES object.
+ * @param [in] key Block to encrypt.
+ * @param [in] keySz Number of bytes in key.
+ * @param [in] dir Direction of crypt: AES_ENCRYPTION or AES_DECRYPTION.
+ */
+static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
+{
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ word32* rk = aes->key_C_fallback;
#else
+ word32* rk = aes->key;
+#endif
+ word32 temp;
+ unsigned int i = 0;
+
+ XMEMCPY(rk, key, keySz);
+#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
+ (!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES))
+ /* Always reverse words when using only SW */
+ {
+ ByteReverseWords(rk, rk, keySz);
+ }
+#else
+ /* Sometimes reverse words when using supported HW */
+ #if defined(WOLFSSL_ESPIDF)
+ /* Some platforms may need SW fallback (e.g. AES192) */
+ #if defined(NEED_AES_HW_FALLBACK)
+ {
+ ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ /* don't reverse for HW supported key lengths */
+ }
+ else {
+ ByteReverseWords(rk, rk, keySz);
+ }
+ }
+ #else
+ /* If we don't need SW fallback, don't need to reverse words. */
+ #endif /* NEED_AES_HW_FALLBACK */
+ #endif /* WOLFSSL_ESPIDF */
+#endif /* LITTLE_ENDIAN_ORDER, etc */
+
+ switch (keySz) {
+#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
+ defined(WOLFSSL_AES_128)
+ case 16:
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ temp = (word32)-1;
+ wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+ #endif
+ while (1)
+ {
+ temp = rk[3];
+ rk[4] = rk[0] ^
+ #ifndef WOLFSSL_AES_SMALL_TABLES
+ (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
+ (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
+ (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
+ (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
+ #else
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) << 8) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
+ #endif
+ rcon[i];
+ rk[5] = rk[1] ^ rk[4];
+ rk[6] = rk[2] ^ rk[5];
+ rk[7] = rk[3] ^ rk[6];
+ if (++i == 10)
+ break;
+ rk += 4;
+ }
+ break;
+#endif /* 128 */
+
+#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
+ defined(WOLFSSL_AES_192)
+ case 24:
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ temp = (word32)-1;
+ wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+ #endif
+ /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
+ while (1)
+ {
+ temp = rk[ 5];
+ rk[ 6] = rk[ 0] ^
+ #ifndef WOLFSSL_AES_SMALL_TABLES
+ (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
+ (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
+ (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
+ (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
+ #else
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) << 8) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
+ #endif
+ rcon[i];
+ rk[ 7] = rk[ 1] ^ rk[ 6];
+ rk[ 8] = rk[ 2] ^ rk[ 7];
+ rk[ 9] = rk[ 3] ^ rk[ 8];
+ if (++i == 8)
+ break;
+ rk[10] = rk[ 4] ^ rk[ 9];
+ rk[11] = rk[ 5] ^ rk[10];
+ rk += 6;
+ }
+ break;
+#endif /* 192 */
+
+#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
+ defined(WOLFSSL_AES_256)
+ case 32:
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ temp = (word32)-1;
+ wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+ #endif
+ while (1)
+ {
+ temp = rk[ 7];
+ rk[ 8] = rk[ 0] ^
+ #ifndef WOLFSSL_AES_SMALL_TABLES
+ (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
+ (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
+ (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
+ (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
+ #else
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) << 8) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
+ #endif
+ rcon[i];
+ rk[ 9] = rk[ 1] ^ rk[ 8];
+ rk[10] = rk[ 2] ^ rk[ 9];
+ rk[11] = rk[ 3] ^ rk[10];
+ if (++i == 7)
+ break;
+ temp = rk[11];
+ rk[12] = rk[ 4] ^
+ #ifndef WOLFSSL_AES_SMALL_TABLES
+ (GetTable(Te[2], GETBYTE(temp, 3)) & 0xff000000) ^
+ (GetTable(Te[3], GETBYTE(temp, 2)) & 0x00ff0000) ^
+ (GetTable(Te[0], GETBYTE(temp, 1)) & 0x0000ff00) ^
+ (GetTable(Te[1], GETBYTE(temp, 0)) & 0x000000ff);
+ #else
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 3)) << 24) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 16) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 8) ^
+ ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)));
+ #endif
+ rk[13] = rk[ 5] ^ rk[12];
+ rk[14] = rk[ 6] ^ rk[13];
+ rk[15] = rk[ 7] ^ rk[14];
+
+ rk += 8;
+ }
+ break;
+#endif /* 256 */
+ } /* switch */
+ ForceZero(&temp, sizeof(temp));
+
+#if defined(HAVE_AES_DECRYPT)
+ if (dir == AES_DECRYPTION) {
+ unsigned int j;
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ rk = aes->key_C_fallback;
+#else
+ rk = aes->key;
+#endif
+
+ /* invert the order of the round keys: */
+ for (i = 0, j = 4* aes->rounds; i < j; i += 4, j -= 4) {
+ temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
+ temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+ temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+ temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+ }
+ ForceZero(&temp, sizeof(temp));
+ #if !defined(WOLFSSL_AES_SMALL_TABLES)
+ /* apply the inverse MixColumn transform to all round keys but the
+ first and the last: */
+ for (i = 1; i < aes->rounds; i++) {
+ rk += 4;
+ rk[0] =
+ GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[0], 3)) & 0xff) ^
+ GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[0], 2)) & 0xff) ^
+ GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[0], 1)) & 0xff) ^
+ GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[0], 0)) & 0xff);
+ rk[1] =
+ GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[1], 3)) & 0xff) ^
+ GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[1], 2)) & 0xff) ^
+ GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[1], 1)) & 0xff) ^
+ GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[1], 0)) & 0xff);
+ rk[2] =
+ GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[2], 3)) & 0xff) ^
+ GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[2], 2)) & 0xff) ^
+ GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[2], 1)) & 0xff) ^
+ GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[2], 0)) & 0xff);
+ rk[3] =
+ GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[3], 3)) & 0xff) ^
+ GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[3], 2)) & 0xff) ^
+ GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[3], 1)) & 0xff) ^
+ GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[3], 0)) & 0xff);
+ }
+ #endif
+ }
+#else
+ (void)dir;
+#endif /* HAVE_AES_DECRYPT */
+
+#ifdef WOLFSSL_CHECK_MEM_ZERO
+ wc_MemZero_Check(&temp, sizeof(temp));
+#else
+ (void)temp;
+#endif
+}
+#else /* WC_AES_BITSLICED */
+/* Set the AES key and expand.
+ *
+ * @param [in] aes AES object.
+ * @param [in] key Block to encrypt.
+ * @param [in] keySz Number of bytes in key.
+ * @param [in] dir Direction of crypt: AES_ENCRYPTION or AES_DECRYPTION.
+ */
+static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
+{
+ /* No need to invert when decrypting. */
+ (void)dir;
+
+ bs_set_key(aes->bs_key, key, keySz, aes->rounds);
+}
+#endif /* WC_AES_BITSLICED */
+
+#endif /* NEED_AES_TABLES */
/* Software AES - SetKey */
static WARN_UNUSED_RESULT int wc_AesSetKeyLocal(
@@ -3006,16 +4300,37 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
int checkKeyLen)
{
int ret;
- word32 *rk;
- #ifdef NEED_AES_TABLES
- word32 temp;
- unsigned int i = 0;
- #endif
#ifdef WOLFSSL_IMX6_CAAM_BLOB
byte local[32];
word32 localSz = 32;
#endif
+ if (aes == NULL)
+ return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+#endif
+
+ switch (keylen) {
+ #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
+ defined(WOLFSSL_AES_128)
+ case 16:
+ #endif
+ #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
+ defined(WOLFSSL_AES_192)
+ case 24:
+ #endif
+ #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
+ defined(WOLFSSL_AES_256)
+ case 32:
+ #endif
+ break;
+ default:
+ return BAD_FUNC_ARG;
+ }
+
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
if (wc_MAXQ10XX_AesSetKey(aes, userKey, keylen) != 0) {
return WC_HW_E;
@@ -3113,12 +4428,21 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
aes->keylen = (int)keylen;
aes->rounds = (keylen/4) + 6;
+ ret = wc_AesSetIV(aes, iv);
+ if (ret != 0)
+ return ret;
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+#ifdef NEED_AES_TABLES
+ AesSetKey_C(aes, userKey, keylen, dir);
+#endif /* NEED_AES_TABLES */
+#endif /* WC_AES_C_DYNAMIC_FALLBACK */
#ifdef WOLFSSL_AESNI
aes->use_aesni = 0;
- if (checkAESNI == 0) {
+ if (checkedAESNI == 0) {
haveAESNI = Check_CPU_support_AES();
- checkAESNI = 1;
+ checkedAESNI = 1;
}
if (haveAESNI) {
#ifdef WOLFSSL_LINUXKM
@@ -3126,18 +4450,33 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
if ((wc_ptr_t)&aes->key & (wc_ptr_t)0xf) {
return BAD_ALIGN_E;
}
- #endif
- aes->use_aesni = 1;
- if (iv)
- XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
- else
- XMEMSET(aes->reg, 0, AES_BLOCK_SIZE);
- if (dir == AES_ENCRYPTION)
- return AES_set_encrypt_key(userKey, (int)keylen * 8, aes);
- #ifdef HAVE_AES_DECRYPT
- else
- return AES_set_decrypt_key(userKey, (int)keylen * 8, aes);
- #endif
+ #endif /* WOLFSSL_LINUXKM */
+ ret = SAVE_VECTOR_REGISTERS2();
+ if (ret == 0) {
+ if (dir == AES_ENCRYPTION)
+ ret = AES_set_encrypt_key_AESNI(userKey, (int)keylen * 8, aes);
+#ifdef HAVE_AES_DECRYPT
+ else
+ ret = AES_set_decrypt_key_AESNI(userKey, (int)keylen * 8, aes);
+#endif
+
+ RESTORE_VECTOR_REGISTERS();
+
+ if (ret == 0)
+ aes->use_aesni = 1;
+ else {
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ ret = 0;
+#endif
+ }
+ return ret;
+ } else {
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ return 0;
+#else
+ return ret;
+#endif
+ }
}
#endif /* WOLFSSL_AESNI */
@@ -3171,194 +4510,49 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
}
#endif
- rk = aes->key;
- XMEMCPY(rk, userKey, keylen);
+ XMEMCPY(aes->key, userKey, keylen);
+
+#ifndef WC_AES_BITSLICED
#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
- (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES))
- ByteReverseWords(rk, rk, keylen);
- #endif
+ (!defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_AES))
- #ifdef WOLFSSL_IMXRT_DCP
- /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
- temp = 0;
- if (keylen == 16)
- temp = DCPAesSetKey(aes, userKey, keylen, iv, dir);
- if (temp != 0)
- return WC_HW_E;
- #endif
+ /* software */
+ ByteReverseWords(aes->key, aes->key, keylen);
-#ifdef NEED_AES_TABLES
- switch (keylen) {
- #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
- defined(WOLFSSL_AES_128)
- case 16:
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- temp = (word32)-1;
- wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
- #endif
- while (1)
- {
- temp = rk[3];
- rk[4] = rk[0] ^
- #ifndef WOLFSSL_AES_SMALL_TABLES
- (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
- (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
- (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
- (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
- #else
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) << 8) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
- #endif
- rcon[i];
- rk[5] = rk[1] ^ rk[4];
- rk[6] = rk[2] ^ rk[5];
- rk[7] = rk[3] ^ rk[6];
- if (++i == 10)
- break;
- rk += 4;
- }
- break;
- #endif /* 128 */
-
- #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
- defined(WOLFSSL_AES_192)
- case 24:
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- temp = (word32)-1;
- wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
- #endif
- /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
- while (1)
- {
- temp = rk[ 5];
- rk[ 6] = rk[ 0] ^
- #ifndef WOLFSSL_AES_SMALL_TABLES
- (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
- (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
- (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
- (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
- #else
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) << 8) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
- #endif
- rcon[i];
- rk[ 7] = rk[ 1] ^ rk[ 6];
- rk[ 8] = rk[ 2] ^ rk[ 7];
- rk[ 9] = rk[ 3] ^ rk[ 8];
- if (++i == 8)
- break;
- rk[10] = rk[ 4] ^ rk[ 9];
- rk[11] = rk[ 5] ^ rk[10];
- rk += 6;
- }
- break;
- #endif /* 192 */
+ #elif defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ /* supported lengths don't get reversed */
+ ESP_LOGV(TAG, "wc_AesSetKeyLocal (no ByteReverseWords)");
+ }
+ else {
+ word32* rk = aes->key;
- #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
- defined(WOLFSSL_AES_256)
- case 32:
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- temp = (word32)-1;
- wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+ /* For example, the ESP32-S3 does not support HW for len = 24,
+ * so fall back to SW */
+ #ifdef DEBUG_WOLFSSL
+ ESP_LOGW(TAG, "wc_AesSetKeyLocal ByteReverseWords");
#endif
- while (1)
- {
- temp = rk[ 7];
- rk[ 8] = rk[ 0] ^
- #ifndef WOLFSSL_AES_SMALL_TABLES
- (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
- (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
- (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
- (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
- #else
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) << 8) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
- #endif
- rcon[i];
- rk[ 9] = rk[ 1] ^ rk[ 8];
- rk[10] = rk[ 2] ^ rk[ 9];
- rk[11] = rk[ 3] ^ rk[10];
- if (++i == 7)
- break;
- temp = rk[11];
- rk[12] = rk[ 4] ^
- #ifndef WOLFSSL_AES_SMALL_TABLES
- (GetTable(Te[2], GETBYTE(temp, 3)) & 0xff000000) ^
- (GetTable(Te[3], GETBYTE(temp, 2)) & 0x00ff0000) ^
- (GetTable(Te[0], GETBYTE(temp, 1)) & 0x0000ff00) ^
- (GetTable(Te[1], GETBYTE(temp, 0)) & 0x000000ff);
- #else
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 3)) << 24) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 16) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 8) ^
- ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)));
- #endif
- rk[13] = rk[ 5] ^ rk[12];
- rk[14] = rk[ 6] ^ rk[13];
- rk[15] = rk[ 7] ^ rk[14];
-
- rk += 8;
- }
- break;
- #endif /* 256 */
-
- default:
- return BAD_FUNC_ARG;
- } /* switch */
- ForceZero(&temp, sizeof(temp));
+ XMEMCPY(rk, userKey, keylen);
+ /* When not ESP32 HW, we need to reverse endianness */
+ ByteReverseWords(rk, rk, keylen);
+ }
+ #endif
- #if defined(HAVE_AES_DECRYPT)
- if (dir == AES_DECRYPTION) {
- unsigned int j;
- rk = aes->key;
-
- /* invert the order of the round keys: */
- for (i = 0, j = 4* aes->rounds; i < j; i += 4, j -= 4) {
- temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp;
- temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
- temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
- temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
- }
- ForceZero(&temp, sizeof(temp));
- #if !defined(WOLFSSL_AES_SMALL_TABLES)
- /* apply the inverse MixColumn transform to all round keys but the
- first and the last: */
- for (i = 1; i < aes->rounds; i++) {
- rk += 4;
- rk[0] =
- GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[0], 3)) & 0xff) ^
- GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[0], 2)) & 0xff) ^
- GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[0], 1)) & 0xff) ^
- GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[0], 0)) & 0xff);
- rk[1] =
- GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[1], 3)) & 0xff) ^
- GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[1], 2)) & 0xff) ^
- GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[1], 1)) & 0xff) ^
- GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[1], 0)) & 0xff);
- rk[2] =
- GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[2], 3)) & 0xff) ^
- GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[2], 2)) & 0xff) ^
- GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[2], 1)) & 0xff) ^
- GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[2], 0)) & 0xff);
- rk[3] =
- GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[3], 3)) & 0xff) ^
- GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[3], 2)) & 0xff) ^
- GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[3], 1)) & 0xff) ^
- GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[3], 0)) & 0xff);
- }
- #endif
+ #ifdef WOLFSSL_IMXRT_DCP
+ {
+ /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
+ word32 temp = 0;
+ if (keylen == 16)
+ temp = DCPAesSetKey(aes, userKey, keylen, iv, dir);
+ if (temp != 0)
+ return WC_HW_E;
}
- #else
- (void)dir;
- #endif /* HAVE_AES_DECRYPT */
- (void)temp;
+ #endif
+#endif /* !WC_AES_BITSLICED */
+
+#ifdef NEED_AES_TABLES
+ AesSetKey_C(aes, userKey, keylen, dir);
#endif /* NEED_AES_TABLES */
#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
@@ -3377,14 +4571,11 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
#ifdef WOLFSSL_IMX6_CAAM_BLOB
ForceZero(local, sizeof(local));
#endif
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(&temp, sizeof(temp));
- #endif
return ret;
- }
+ } /* wc_AesSetKeyLocal */
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
- const byte* iv, int dir)
+ const byte* iv, int dir)
{
if (aes == NULL) {
return BAD_FUNC_ARG;
@@ -3393,24 +4584,45 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
return BAD_FUNC_ARG;
}
+ /* sometimes hardware may not support all keylengths (e.g. ESP32-S3) */
+ #if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
+ ESP_LOGV(TAG, "wc_AesSetKey fallback check %d", keylen);
+ if (wc_esp32AesSupportedKeyLenValue(keylen)) {
+ ESP_LOGV(TAG, "wc_AesSetKey calling wc_AesSetKey_for_ESP32");
+ return wc_AesSetKey_for_ESP32(aes, userKey, keylen, iv, dir);
+ }
+ else {
+ #if defined(WOLFSSL_HW_METRICS)
+ /* It is interesting to know how many times we could not complete
+ * AES in hardware due to unsupported lengths. */
+ wc_esp32AesUnupportedLengthCountAdd();
+ #endif
+ #ifdef DEBUG_WOLFSSL
+ ESP_LOGW(TAG, "wc_AesSetKey HW Fallback, unsupported keylen = %d",
+ keylen);
+ #endif
+ }
+ #endif /* WOLFSSL_ESPIDF && NEED_AES_HW_FALLBACK */
+
return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
- }
+
+ } /* wc_AesSetKey() */
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
/* AES-CTR and AES-DIRECT need to use this for key setup */
/* This function allows key sizes that are not 128/192/256 bits */
- int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
- const byte* iv, int dir)
- {
- if (aes == NULL) {
- return BAD_FUNC_ARG;
- }
- if (keylen > sizeof(aes->key)) {
- return BAD_FUNC_ARG;
- }
-
- return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 0);
+ int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
+ const byte* iv, int dir)
+ {
+ if (aes == NULL) {
+ return BAD_FUNC_ARG;
}
+ if (keylen > sizeof(aes->key)) {
+ return BAD_FUNC_ARG;
+ }
+
+ return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 0);
+ }
#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
#endif /* wc_AesSetKey block */
@@ -3421,6 +4633,14 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
if (aes == NULL)
return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ {
+ int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+ if (ret < 0)
+ return ret;
+ }
+#endif
+
if (iv)
XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
else
@@ -3435,6 +4655,50 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return 0;
}
+#ifdef WOLFSSL_AESNI
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+
+#define VECTOR_REGISTERS_PUSH { \
+ int orig_use_aesni = aes->use_aesni; \
+ if (aes->use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) { \
+ aes->use_aesni = 0; \
+ } \
+ WC_DO_NOTHING
+
+#define VECTOR_REGISTERS_POP \
+ if (aes->use_aesni) \
+ RESTORE_VECTOR_REGISTERS(); \
+ else \
+ aes->use_aesni = orig_use_aesni; \
+ } \
+ WC_DO_NOTHING
+
+#else
+
+#define VECTOR_REGISTERS_PUSH { \
+ if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
+ return ret; \
+ } \
+ WC_DO_NOTHING
+
+#define VECTOR_REGISTERS_POP \
+ if (aes->use_aesni) { \
+ RESTORE_VECTOR_REGISTERS(); \
+ } \
+ } \
+ WC_DO_NOTHING
+
+#endif
+
+#else /* !WOLFSSL_AESNI */
+
+#define VECTOR_REGISTERS_PUSH { WC_DO_NOTHING
+#define VECTOR_REGISTERS_POP } WC_DO_NOTHING
+
+#endif /* !WOLFSSL_AESNI */
+
+
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)
#if defined(HAVE_COLDFIRE_SEC)
@@ -3450,53 +4714,43 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#elif defined(WOLFSSL_DEVCRYPTO_AES)
/* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
- #elif defined(WOLFSSL_LINUXKM) && defined(WOLFSSL_AESNI)
+ #else
- WARN_UNUSED_RESULT int wc_AesEncryptDirect(
- Aes* aes, byte* out, const byte* in)
+ /* Allow direct access to one block encrypt */
+ int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
{
int ret;
- if (haveAESNI && aes->use_aesni)
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+
+ if (aes == NULL)
+ return BAD_FUNC_ARG;
+ VECTOR_REGISTERS_PUSH;
ret = wc_AesEncrypt(aes, in, out);
- if (haveAESNI && aes->use_aesni)
- RESTORE_VECTOR_REGISTERS();
+ VECTOR_REGISTERS_POP;
return ret;
}
+
/* vector reg save/restore is explicit in all below calls to
* wc_Aes{En,De}cryptDirect(), so bypass the public version with a
* macro.
*/
#define wc_AesEncryptDirect(aes, out, in) wc_AesEncrypt(aes, in, out)
+
#ifdef HAVE_AES_DECRYPT
/* Allow direct access to one block decrypt */
- WARN_UNUSED_RESULT int wc_AesDecryptDirect(
- Aes* aes, byte* out, const byte* in)
+ int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
{
int ret;
- if (haveAESNI && aes->use_aesni)
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+
+ if (aes == NULL)
+ return BAD_FUNC_ARG;
+ VECTOR_REGISTERS_PUSH;
ret = wc_AesDecrypt(aes, in, out);
- if (haveAESNI && aes->use_aesni)
- RESTORE_VECTOR_REGISTERS();
+ VECTOR_REGISTERS_POP;
return ret;
}
- #define wc_AesDecryptDirect(aes, out, in) wc_AesDecrypt(aes, in, out)
- #endif /* HAVE_AES_DECRYPT */
- #else
+ #define wc_AesDecryptDirect(aes, out, in) wc_AesDecrypt(aes, in, out)
- /* Allow direct access to one block encrypt */
- int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
- {
- return wc_AesEncrypt(aes, in, out);
- }
- #ifdef HAVE_AES_DECRYPT
- /* Allow direct access to one block decrypt */
- int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
- {
- return wc_AesDecrypt(aes, in, out);
- }
#endif /* HAVE_AES_DECRYPT */
#endif /* AES direct block */
#endif /* WOLFSSL_AES_DIRECT */
@@ -3562,6 +4816,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
HAL_CRYP_DeInit(&hcryp);
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -3624,6 +4879,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
HAL_CRYP_DeInit(&hcryp);
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -3708,6 +4964,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
/* disable crypto processor */
CRYP_Cmd(DISABLE);
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -3802,6 +5059,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
/* disable crypto processor */
CRYP_Cmd(DISABLE);
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -4051,6 +5309,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#ifdef HAVE_AES_DECRYPT
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
+ int ret;
int offset = 0;
byte* iv;
byte temp_block[AES_BLOCK_SIZE];
@@ -4069,7 +5328,9 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
- wc_AesDecrypt(aes, in + offset, out + offset);
+ ret = wc_AesDecrypt(aes, in + offset, out + offset);
+ if (ret != 0)
+ return ret;
/* XOR block with IV for CBC */
xorbuf(out + offset, iv, AES_BLOCK_SIZE);
@@ -4146,17 +5407,15 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return ret;
}
#endif /* HAVE_AES_DECRYPT */
-#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+#elif defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+
+ /* We'll use SW for fall back:
+ * unsupported key lengths
+ * hardware busy */
+ #define NEED_SW_AESCBC
+ #define NEED_AESCBC_HW_FALLBACK
- int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
- {
- return wc_esp32AesCbcEncrypt(aes, out, in, sz);
- }
- int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
- {
- return wc_esp32AesCbcDecrypt(aes, out, in, sz);
- }
#elif defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
@@ -4180,17 +5439,24 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
/* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
- /* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
+ /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
#elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
/* implemented in wolfcrypt/src/port/psa/psa_aes.c */
#else
+ /* Reminder: Some HW implementations may also define this as needed.
+ * (e.g. for unsupported key length fallback) */
+ #define NEED_SW_AESCBC
+#endif
+#ifdef NEED_SW_AESCBC
/* Software AES - CBC Encrypt */
- int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+
+int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
word32 blocks;
+ int ret;
if (aes == NULL || out == NULL || in == NULL) {
return BAD_FUNC_ARG;
@@ -4235,7 +5501,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return IntelQaSymAesCbcEncrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen,
(byte*)aes->reg, AES_BLOCK_SIZE);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_ENCRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@@ -4254,10 +5520,23 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return se050_aes_crypt(aes, in, out, sz, AES_ENCRYPTION,
kAlgorithm_SSS_AES_CBC);
}
- #endif
-
- #ifdef WOLFSSL_AESNI
- if (haveAESNI) {
+ else
+ #elif defined(WOLFSSL_ESPIDF) && defined(NEED_AESCBC_HW_FALLBACK)
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ ESP_LOGV(TAG, "wc_AesCbcEncrypt calling wc_esp32AesCbcEncrypt");
+ return wc_esp32AesCbcEncrypt(aes, out, in, sz);
+ }
+ else {
+ /* For example, the ESP32-S3 does not support HW for len = 24,
+ * so fall back to SW */
+ #ifdef DEBUG_WOLFSSL
+ ESP_LOGW(TAG, "wc_AesCbcEncrypt HW Falling back, "
+ "unsupported keylen = %d", aes->keylen);
+ #endif
+ }
+ #elif defined(WOLFSSL_AESNI)
+ VECTOR_REGISTERS_PUSH;
+ if (aes->use_aesni) {
#ifdef DEBUG_AESNI
printf("about to aes cbc encrypt\n");
printf("in = %p\n", in);
@@ -4274,58 +5553,63 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
byte* tmp = (byte*)XMALLOC(sz + AES_BLOCK_SIZE + AESNI_ALIGN,
aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
byte* tmp_align;
- if (tmp == NULL) return MEMORY_E;
-
- tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
- XMEMCPY(tmp_align, in, sz);
- SAVE_VECTOR_REGISTERS(XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER); return _svr_ret;);
- AES_CBC_encrypt(tmp_align, tmp_align, (byte*)aes->reg, sz,
- (byte*)aes->key, (int)aes->rounds);
- RESTORE_VECTOR_REGISTERS();
- /* store iv for next call */
- XMEMCPY(aes->reg, tmp_align + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
-
- XMEMCPY(out, tmp_align, sz);
- XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return 0;
+ if (tmp == NULL)
+ ret = MEMORY_E;
+ else {
+ tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
+ XMEMCPY(tmp_align, in, sz);
+ AES_CBC_encrypt_AESNI(tmp_align, tmp_align, (byte*)aes->reg, sz,
+ (byte*)aes->key, (int)aes->rounds);
+ /* store iv for next call */
+ XMEMCPY(aes->reg, tmp_align + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+ XMEMCPY(out, tmp_align, sz);
+ XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ ret = 0;
+ }
#else
WOLFSSL_MSG("AES-CBC encrypt with bad alignment");
WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
- return BAD_ALIGN_E;
+ ret = BAD_ALIGN_E;
#endif
- }
-
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_CBC_encrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
- (int)aes->rounds);
- RESTORE_VECTOR_REGISTERS();
- /* store iv for next call */
- XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+ } else {
+ AES_CBC_encrypt_AESNI(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+ (int)aes->rounds);
+ /* store iv for next call */
+ XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
- return 0;
+ ret = 0;
+ }
}
+ else
#endif
+ {
+ ret = 0;
+ while (blocks--) {
+ xorbuf((byte*)aes->reg, in, AES_BLOCK_SIZE);
+ ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->reg);
+ if (ret != 0)
+ break;
+ XMEMCPY(out, aes->reg, AES_BLOCK_SIZE);
- while (blocks--) {
- int ret;
- xorbuf((byte*)aes->reg, in, AES_BLOCK_SIZE);
- ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->reg);
- if (ret != 0)
- return ret;
- XMEMCPY(out, aes->reg, AES_BLOCK_SIZE);
-
- out += AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ }
}
- return 0;
- }
+ #ifdef WOLFSSL_AESNI
+ VECTOR_REGISTERS_POP;
+ #endif
- #ifdef HAVE_AES_DECRYPT
+ return ret;
+ } /* wc_AesCbcEncrypt */
+
+#ifdef HAVE_AES_DECRYPT
/* Software AES - CBC Decrypt */
int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
word32 blocks;
+ int ret;
if (aes == NULL || out == NULL || in == NULL) {
return BAD_FUNC_ARG;
@@ -4335,6 +5619,21 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return 0;
}
+ #if defined(WOLFSSL_ESPIDF) && defined(NEED_AESCBC_HW_FALLBACK)
+ if (wc_esp32AesSupportedKeyLen(aes)) {
+ ESP_LOGV(TAG, "wc_AesCbcDecrypt calling wc_esp32AesCbcDecrypt");
+ return wc_esp32AesCbcDecrypt(aes, out, in, sz);
+ }
+ else {
+ /* For example, the ESP32-S3 does not support HW for len = 24,
+ * so fall back to SW */
+ #ifdef DEBUG_WOLFSSL
+ ESP_LOGW(TAG, "wc_AesCbcDecrypt HW Falling back, "
+ "unsupported keylen = %d", aes->keylen);
+ #endif
+ }
+ #endif
+
blocks = sz / AES_BLOCK_SIZE;
if (sz % AES_BLOCK_SIZE) {
#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
@@ -4371,7 +5670,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
return IntelQaSymAesCbcDecrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen,
(byte*)aes->reg, AES_BLOCK_SIZE);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_DECRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@@ -4392,8 +5691,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
}
#endif
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- if (haveAESNI) {
+ if (aes->use_aesni) {
#ifdef DEBUG_AESNI
printf("about to aes cbc decrypt\n");
printf("in = %p\n", in);
@@ -4406,41 +5707,105 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
/* if input and output same will overwrite input iv */
XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
#if defined(WOLFSSL_AESNI_BY4) || defined(WOLFSSL_X86_BUILD)
- AES_CBC_decrypt_by4(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+ AES_CBC_decrypt_AESNI_by4(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
aes->rounds);
#elif defined(WOLFSSL_AESNI_BY6)
- AES_CBC_decrypt_by6(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+ AES_CBC_decrypt_AESNI_by6(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
aes->rounds);
#else /* WOLFSSL_AESNI_BYx */
- AES_CBC_decrypt_by8(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+ AES_CBC_decrypt_AESNI_by8(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
(int)aes->rounds);
#endif /* WOLFSSL_AESNI_BYx */
/* store iv for next call */
- RESTORE_VECTOR_REGISTERS();
XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
- return 0;
+ ret = 0;
}
+ else
#endif
+ {
+ ret = 0;
+#ifdef WC_AES_BITSLICED
+ if (in != out) {
+ unsigned char dec[AES_BLOCK_SIZE * BS_WORD_SIZE];
+
+ while (blocks > BS_WORD_SIZE) {
+ AesDecryptBlocks_C(aes, in, dec, AES_BLOCK_SIZE * BS_WORD_SIZE);
+ xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+ xorbufout(out + AES_BLOCK_SIZE, dec + AES_BLOCK_SIZE, in,
+ AES_BLOCK_SIZE * (BS_WORD_SIZE - 1));
+ XMEMCPY(aes->reg, in + (AES_BLOCK_SIZE * (BS_WORD_SIZE - 1)),
+ AES_BLOCK_SIZE);
+ in += AES_BLOCK_SIZE * BS_WORD_SIZE;
+ out += AES_BLOCK_SIZE * BS_WORD_SIZE;
+ blocks -= BS_WORD_SIZE;
+ }
+ if (blocks > 0) {
+ AesDecryptBlocks_C(aes, in, dec, blocks * AES_BLOCK_SIZE);
+ xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+ xorbufout(out + AES_BLOCK_SIZE, dec + AES_BLOCK_SIZE, in,
+ AES_BLOCK_SIZE * (blocks - 1));
+ XMEMCPY(aes->reg, in + (AES_BLOCK_SIZE * (blocks - 1)),
+ AES_BLOCK_SIZE);
+ blocks = 0;
+ }
+ }
+ else {
+ unsigned char dec[AES_BLOCK_SIZE * BS_WORD_SIZE];
+ int i;
+
+ while (blocks > BS_WORD_SIZE) {
+ AesDecryptBlocks_C(aes, in, dec, AES_BLOCK_SIZE * BS_WORD_SIZE);
+ XMEMCPY(aes->tmp, in + (BS_WORD_SIZE - 1) * AES_BLOCK_SIZE,
+ AES_BLOCK_SIZE);
+ for (i = BS_WORD_SIZE-1; i >= 1; i--) {
+ xorbufout(out + i * AES_BLOCK_SIZE,
+ dec + i * AES_BLOCK_SIZE, in + (i - 1) * AES_BLOCK_SIZE,
+ AES_BLOCK_SIZE);
+ }
+ xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+ XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
- while (blocks--) {
- int ret;
- XMEMCPY(aes->tmp, in, AES_BLOCK_SIZE);
- ret = wc_AesDecrypt(aes, (byte*)aes->tmp, out);
- if (ret != 0)
- return ret;
- xorbuf(out, (byte*)aes->reg, AES_BLOCK_SIZE);
- /* store iv for next call */
- XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+ in += AES_BLOCK_SIZE * BS_WORD_SIZE;
+ out += AES_BLOCK_SIZE * BS_WORD_SIZE;
+ blocks -= BS_WORD_SIZE;
+ }
+ if (blocks > 0) {
+ AesDecryptBlocks_C(aes, in, dec, blocks * AES_BLOCK_SIZE);
+ XMEMCPY(aes->tmp, in + (blocks - 1) * AES_BLOCK_SIZE,
+ AES_BLOCK_SIZE);
+ for (i = blocks-1; i >= 1; i--) {
+ xorbufout(out + i * AES_BLOCK_SIZE,
+ dec + i * AES_BLOCK_SIZE, in + (i - 1) * AES_BLOCK_SIZE,
+ AES_BLOCK_SIZE);
+ }
+ xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+ XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
- out += AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
+ blocks = 0;
+ }
+ }
+#else
+ while (blocks--) {
+ XMEMCPY(aes->tmp, in, AES_BLOCK_SIZE);
+ ret = wc_AesDecrypt(aes, in, out);
+ if (ret != 0)
+ return ret;
+ xorbuf(out, (byte*)aes->reg, AES_BLOCK_SIZE);
+ /* store iv for next call */
+ XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+
+ out += AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ }
+#endif
}
- return 0;
+ VECTOR_REGISTERS_POP;
+
+ return ret;
}
- #endif /* HAVE_AES_DECRYPT */
+#endif /* HAVE_AES_DECRYPT */
#endif /* AES-CBC block */
#endif /* HAVE_AES_CBC */
@@ -4562,6 +5927,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#endif /* WOLFSSL_STM32_CUBEMX */
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
return ret;
}
@@ -4634,8 +6000,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
#elif defined(WOLFSSL_DEVCRYPTO_AES)
/* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
- #elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+ #elif defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
/* esp32 doesn't support CRT mode by hw. */
/* use aes ecnryption plus sw implementation */
#define NEED_AES_CTR_SOFT
@@ -4664,7 +6030,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
byte scratch[AES_BLOCK_SIZE];
- int ret;
+ int ret = 0;
word32 processed;
if (aes == NULL || out == NULL || in == NULL) {
@@ -4692,6 +6058,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
aes->left -= processed;
sz -= processed;
+ VECTOR_REGISTERS_PUSH;
+
#if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
!defined(XTRANSFORM_AESCTRBLOCK)
if (in != out && sz >= AES_BLOCK_SIZE) {
@@ -4725,13 +6093,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
XTRANSFORM_AESCTRBLOCK(aes, out, in);
#else
ret = wc_AesEncrypt(aes, (byte*)aes->reg, scratch);
- if (ret != 0) {
- ForceZero(scratch, AES_BLOCK_SIZE);
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(scratch, AES_BLOCK_SIZE);
- #endif
- return ret;
- }
+ if (ret != 0)
+ break;
xorbuf(scratch, in, AES_BLOCK_SIZE);
XMEMCPY(out, scratch, AES_BLOCK_SIZE);
#endif
@@ -4746,25 +6109,38 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
}
/* handle non block size remaining and store unused byte count in left */
- if (sz) {
+ if ((ret == 0) && sz) {
ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp);
- if (ret != 0) {
- ForceZero(scratch, AES_BLOCK_SIZE);
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(scratch, AES_BLOCK_SIZE);
- #endif
- return ret;
+ if (ret == 0) {
+ IncrementAesCounter((byte*)aes->reg);
+ aes->left = AES_BLOCK_SIZE - sz;
+ xorbufout(out, in, aes->tmp, sz);
}
- IncrementAesCounter((byte*)aes->reg);
-
- aes->left = AES_BLOCK_SIZE - sz;
- xorbufout(out, in, aes->tmp, sz);
}
+ if (ret < 0)
+ ForceZero(scratch, AES_BLOCK_SIZE);
+
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(scratch, AES_BLOCK_SIZE);
#endif
- return 0;
+
+ VECTOR_REGISTERS_POP;
+
+ return ret;
+ }
+
+ int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir)
+ {
+ if (aes == NULL) {
+ return BAD_FUNC_ARG;
+ }
+ if (len > sizeof(aes->key)) {
+ return BAD_FUNC_ARG;
+ }
+
+ return wc_AesSetKeyLocal(aes, key, len, iv, dir, 0);
}
#endif /* NEED_AES_CTR_SOFT */
@@ -4883,12 +6259,12 @@ static WC_INLINE void RIGHTSHIFTX(byte* x)
#ifdef GCM_TABLE
-static void GenerateM0(Aes* aes)
+void GenerateM0(Gcm* gcm)
{
int i, j;
- byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+ byte (*m)[AES_BLOCK_SIZE] = gcm->M0;
- XMEMCPY(m[128], aes->H, AES_BLOCK_SIZE);
+ XMEMCPY(m[128], gcm->H, AES_BLOCK_SIZE);
for (i = 64; i > 0; i /= 2) {
XMEMCPY(m[i], m[i*2], AES_BLOCK_SIZE);
@@ -4917,17 +6293,17 @@ static WC_INLINE void Shift4_M0(byte *r8, byte *z8)
}
#endif
-static void GenerateM0(Aes* aes)
+void GenerateM0(Gcm* gcm)
{
#if !defined(BIG_ENDIAN_ORDER) && !defined(WC_16BIT_CPU)
int i;
#endif
- byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+ byte (*m)[AES_BLOCK_SIZE] = gcm->M0;
/* 0 times -> 0x0 */
XMEMSET(m[0x0], 0, AES_BLOCK_SIZE);
/* 1 times -> 0x8 */
- XMEMCPY(m[0x8], aes->H, AES_BLOCK_SIZE);
+ XMEMCPY(m[0x8], gcm->H, AES_BLOCK_SIZE);
/* 2 times -> 0x4 */
XMEMCPY(m[0x4], m[0x8], AES_BLOCK_SIZE);
RIGHTSHIFTX(m[0x4]);
@@ -5000,6 +6376,7 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
if (!((len == 16) || (len == 24) || (len == 32)))
return BAD_FUNC_ARG;
+
if (aes == NULL) {
#ifdef WOLFSSL_IMX6_CAAM_BLOB
ForceZero(local, sizeof(local));
@@ -5008,32 +6385,37 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
}
#ifdef OPENSSL_EXTRA
- XMEMSET(aes->aadH, 0, sizeof(aes->aadH));
- aes->aadLen = 0;
+ XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH));
+ aes->gcm.aadLen = 0;
#endif
XMEMSET(iv, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
#ifdef WOLFSSL_AESGCM_STREAM
aes->gcmKeySet = 1;
#endif
-
- #ifdef WOLFSSL_AESNI
- /* AES-NI code generates its own H value. */
- if (haveAESNI)
- return ret;
- #endif /* WOLFSSL_AESNI */
#if defined(WOLFSSL_SECO_CAAM)
if (aes->devId == WOLFSSL_SECO_DEVID) {
return ret;
}
#endif /* WOLFSSL_SECO_CAAM */
+ #if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
+ return ret;
+ #endif /* WOLFSSL_RENESAS_RSIP && WOLFSSL_RENESAS_FSPSM_CRYPTONLY*/
+
#if !defined(FREESCALE_LTC_AES_GCM)
- if (ret == 0)
- ret = wc_AesEncrypt(aes, iv, aes->H);
+ if (ret == 0) {
+ VECTOR_REGISTERS_PUSH;
+ /* AES-NI code generates its own H value, but generate it here too, to
+ * assure pure-C fallback is always usable.
+ */
+ ret = wc_AesEncrypt(aes, iv, aes->gcm.H);
+ VECTOR_REGISTERS_POP;
+ }
if (ret == 0) {
#if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT)
- GenerateM0(aes);
+ GenerateM0(&aes->gcm);
#endif /* GCM_TABLE */
}
#endif /* FREESCALE_LTC_AES_GCM */
@@ -5062,12 +6444,12 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
#define HAVE_INTEL_AVX2
#endif /* USE_INTEL_SPEEDUP */
-void AES_GCM_encrypt(const unsigned char *in, unsigned char *out,
+void AES_GCM_encrypt_aesni(const unsigned char *in, unsigned char *out,
const unsigned char* addt, const unsigned char* ivec,
unsigned char *tag, word32 nbytes,
word32 abytes, word32 ibytes,
word32 tbytes, const unsigned char* key, int nr)
- XASM_LINK("AES_GCM_encrypt");
+ XASM_LINK("AES_GCM_encrypt_aesni");
#ifdef HAVE_INTEL_AVX1
void AES_GCM_encrypt_avx1(const unsigned char *in, unsigned char *out,
const unsigned char* addt, const unsigned char* ivec,
@@ -5088,12 +6470,12 @@ void AES_GCM_encrypt_avx2(const unsigned char *in, unsigned char *out,
#endif /* HAVE_INTEL_AVX1 */
#ifdef HAVE_AES_DECRYPT
-void AES_GCM_decrypt(const unsigned char *in, unsigned char *out,
+void AES_GCM_decrypt_aesni(const unsigned char *in, unsigned char *out,
const unsigned char* addt, const unsigned char* ivec,
const unsigned char *tag, word32 nbytes, word32 abytes,
word32 ibytes, word32 tbytes, const unsigned char* key,
int nr, int* res)
- XASM_LINK("AES_GCM_decrypt");
+ XASM_LINK("AES_GCM_decrypt_aesni");
#ifdef HAVE_INTEL_AVX1
void AES_GCM_decrypt_avx1(const unsigned char *in, unsigned char *out,
const unsigned char* addt, const unsigned char* ivec,
@@ -5140,7 +6522,7 @@ static void GMULT(byte* X, byte* Y)
}
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz)
{
byte x[AES_BLOCK_SIZE];
@@ -5148,11 +6530,11 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
word32 blocks, partial;
byte* h;
- if (aes == NULL) {
+ if (gcm == NULL) {
return;
}
- h = aes->H;
+ h = gcm->H;
XMEMSET(x, 0, AES_BLOCK_SIZE);
/* Hash in A, the Additional Authentication Data */
@@ -5204,7 +6586,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
*
* @param [in] aes AES GCM object.
*/
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
/* GHASH one block of data..
*
@@ -5216,14 +6598,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE); \
- GMULT(AES_TAG(aes), aes->H); \
+ GMULT(AES_TAG(aes), aes->gcm.H); \
} \
while (0)
#endif /* WOLFSSL_AESGCM_STREAM */
/* end GCM_SMALL */
#elif defined(GCM_TABLE)
-static const byte R[256][2] = {
+ALIGN16 static const byte R[256][2] = {
{0x00, 0x00}, {0x01, 0xc2}, {0x03, 0x84}, {0x02, 0x46},
{0x07, 0x08}, {0x06, 0xca}, {0x04, 0x8c}, {0x05, 0x4e},
{0x0e, 0x10}, {0x0f, 0xd2}, {0x0d, 0x94}, {0x0c, 0x56},
@@ -5313,6 +6695,38 @@ static void GMULT(byte *x, byte m[256][AES_BLOCK_SIZE])
xorbuf(Z, m[x[0]], AES_BLOCK_SIZE);
XMEMCPY(x, Z, AES_BLOCK_SIZE);
+#elif defined(WC_32BIT_CPU)
+ byte Z[AES_BLOCK_SIZE + AES_BLOCK_SIZE];
+ byte a;
+ word32* pZ;
+ word32* pm;
+ word32* px = (word32*)(x);
+ int i;
+
+ pZ = (word32*)(Z + 15 + 1);
+ pm = (word32*)(m[x[15]]);
+ pZ[0] = pm[0];
+ pZ[1] = pm[1];
+ pZ[2] = pm[2];
+ pZ[3] = pm[3];
+ a = Z[16 + 15];
+ Z[15] = R[a][0];
+ Z[16] ^= R[a][1];
+ for (i = 14; i > 0; i--) {
+ pZ = (word32*)(Z + i + 1);
+ pm = (word32*)(m[x[i]]);
+ pZ[0] ^= pm[0];
+ pZ[1] ^= pm[1];
+ pZ[2] ^= pm[2];
+ pZ[3] ^= pm[3];
+ a = Z[16 + i];
+ Z[i] = R[a][0];
+ Z[i+1] ^= R[a][1];
+ }
+ pZ = (word32*)(Z + 1);
+ pm = (word32*)(m[x[0]]);
+ px[0] = pZ[0] ^ pm[0]; px[1] = pZ[1] ^ pm[1];
+ px[2] = pZ[2] ^ pm[2]; px[3] = pZ[3] ^ pm[3];
#else
byte Z[AES_BLOCK_SIZE + AES_BLOCK_SIZE];
byte a;
@@ -5343,14 +6757,14 @@ static void GMULT(byte *x, byte m[256][AES_BLOCK_SIZE])
#endif
}
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz)
{
byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
word32 blocks, partial;
- if (aes == NULL) {
+ if (gcm == NULL) {
return;
}
@@ -5362,14 +6776,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
partial = aSz % AES_BLOCK_SIZE;
while (blocks--) {
xorbuf(x, a, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
a += AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, a, partial);
xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
}
}
@@ -5379,14 +6793,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
partial = cSz % AES_BLOCK_SIZE;
while (blocks--) {
xorbuf(x, c, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
c += AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, c, partial);
xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
}
}
@@ -5394,7 +6808,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
FlattenSzInBits(&scratch[0], aSz);
FlattenSzInBits(&scratch[8], cSz);
xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
@@ -5405,7 +6819,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
*
* @param [in] aes AES GCM object.
*/
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
/* GHASH one block of data..
*
@@ -5417,7 +6831,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE); \
- GMULT(AES_TAG(aes), aes->M0); \
+ GMULT(AES_TAG(aes), aes->gcm.M0); \
} \
while (0)
#endif /* WOLFSSL_AESGCM_STREAM */
@@ -5464,7 +6878,7 @@ static const word16 R[32] = {
* H: hash key = encrypt(key, 0)
* x = x * H in field
*
- * x: cumlative result
+ * x: cumulative result
* m: 4-bit table
* [0..15] * H
*/
@@ -5643,14 +7057,14 @@ static WC_INLINE void GMULT(byte *x, byte m[32][AES_BLOCK_SIZE])
}
#endif
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz)
{
byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
word32 blocks, partial;
- if (aes == NULL) {
+ if (gcm == NULL) {
return;
}
@@ -5662,14 +7076,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
partial = aSz % AES_BLOCK_SIZE;
while (blocks--) {
xorbuf(x, a, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
a += AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, a, partial);
xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
}
}
@@ -5679,14 +7093,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
partial = cSz % AES_BLOCK_SIZE;
while (blocks--) {
xorbuf(x, c, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
c += AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, c, partial);
xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
}
}
@@ -5694,7 +7108,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
FlattenSzInBits(&scratch[0], aSz);
FlattenSzInBits(&scratch[8], cSz);
xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->M0);
+ GMULT(x, gcm->M0);
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
@@ -5705,7 +7119,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
*
* @param [in] aes AES GCM object.
*/
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
/* GHASH one block of data..
*
@@ -5717,7 +7131,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE); \
- GMULT(AES_TAG(aes), (aes)->M0); \
+ GMULT(AES_TAG(aes), (aes)->gcm.M0); \
} \
while (0)
#endif /* WOLFSSL_AESGCM_STREAM */
@@ -5761,18 +7175,18 @@ static void GMULT(word64* X, word64* Y)
}
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz)
{
word64 x[2] = {0,0};
word32 blocks, partial;
word64 bigH[2];
- if (aes == NULL) {
+ if (gcm == NULL) {
return;
}
- XMEMCPY(bigH, aes->H, AES_BLOCK_SIZE);
+ XMEMCPY(bigH, gcm->H, AES_BLOCK_SIZE);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords64(bigH, bigH, AES_BLOCK_SIZE);
#endif
@@ -5804,10 +7218,10 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
}
#ifdef OPENSSL_EXTRA
/* store AAD partial tag for next call */
- aes->aadH[0] = (word32)((x[0] & 0xFFFFFFFF00000000ULL) >> 32);
- aes->aadH[1] = (word32)(x[0] & 0xFFFFFFFF);
- aes->aadH[2] = (word32)((x[1] & 0xFFFFFFFF00000000ULL) >> 32);
- aes->aadH[3] = (word32)(x[1] & 0xFFFFFFFF);
+ gcm->aadH[0] = (word32)((x[0] & 0xFFFFFFFF00000000ULL) >> 32);
+ gcm->aadH[1] = (word32)(x[0] & 0xFFFFFFFF);
+ gcm->aadH[2] = (word32)((x[1] & 0xFFFFFFFF00000000ULL) >> 32);
+ gcm->aadH[3] = (word32)(x[1] & 0xFFFFFFFF);
#endif
}
@@ -5818,9 +7232,9 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
partial = cSz % AES_BLOCK_SIZE;
#ifdef OPENSSL_EXTRA
/* Start from last AAD partial tag */
- if(aes->aadLen) {
- x[0] = ((word64)aes->aadH[0]) << 32 | aes->aadH[1];
- x[1] = ((word64)aes->aadH[2]) << 32 | aes->aadH[3];
+ if(gcm->aadLen) {
+ x[0] = ((word64)gcm->aadH[0]) << 32 | gcm->aadH[1];
+ x[1] = ((word64)gcm->aadH[2]) << 32 | gcm->aadH[3];
}
#endif
while (blocks--) {
@@ -5850,8 +7264,8 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
word64 len[2];
len[0] = aSz; len[1] = cSz;
#ifdef OPENSSL_EXTRA
- if (aes->aadLen)
- len[0] = (word64)aes->aadLen;
+ if (gcm->aadLen)
+ len[0] = (word64)gcm->aadLen;
#endif
/* Lengths are in bytes. Convert to bits. */
len[0] *= 8;
@@ -5877,7 +7291,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
* @param [in] aes AES GCM object.
*/
#define GHASH_INIT_EXTRA(aes) \
- ByteReverseWords64((word64*)aes->H, (word64*)aes->H, AES_BLOCK_SIZE)
+ ByteReverseWords64((word64*)aes->gcm.H, (word64*)aes->gcm.H, AES_BLOCK_SIZE)
/* GHASH one block of data..
*
@@ -5889,7 +7303,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
word64* x = (word64*)AES_TAG(aes); \
- word64* h = (word64*)aes->H; \
+ word64* h = (word64*)aes->gcm.H; \
word64 block64[2]; \
XMEMCPY(block64, block, AES_BLOCK_SIZE); \
ByteReverseWords64(block64, block64, AES_BLOCK_SIZE); \
@@ -5909,11 +7323,11 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_LEN_BLOCK(aes) \
do { \
word64* x = (word64*)AES_TAG(aes); \
- word64* h = (word64*)aes->H; \
+ word64* h = (word64*)aes->gcm.H; \
word64 len[2]; \
len[0] = aes->aSz; len[1] = aes->cSz; \
- if (aes->aadLen) \
- len[0] = (word64)aes->aadLen; \
+ if (aes->gcm.aadLen) \
+ len[0] = (word64)aes->gcm.aadLen; \
/* Lengths are in bytes. Convert to bits. */ \
len[0] *= 8; \
len[1] *= 8; \
@@ -5934,7 +7348,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_LEN_BLOCK(aes) \
do { \
word64* x = (word64*)AES_TAG(aes); \
- word64* h = (word64*)aes->H; \
+ word64* h = (word64*)aes->gcm.H; \
word64 len[2]; \
len[0] = aes->aSz; len[1] = aes->cSz; \
/* Lengths are in bytes. Convert to bits. */ \
@@ -5955,7 +7369,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
*
* @param [in] aes AES GCM object.
*/
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
/* GHASH one block of data..
*
@@ -5967,7 +7381,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
word64* x = (word64*)AES_TAG(aes); \
- word64* h = (word64*)aes->H; \
+ word64* h = (word64*)aes->gcm.H; \
word64 block64[2]; \
XMEMCPY(block64, block, AES_BLOCK_SIZE); \
x[0] ^= block64[0]; \
@@ -5986,11 +7400,11 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_LEN_BLOCK(aes) \
do { \
word64* x = (word64*)AES_TAG(aes); \
- word64* h = (word64*)aes->H; \
+ word64* h = (word64*)aes->gcm.H; \
word64 len[2]; \
len[0] = aes->aSz; len[1] = aes->cSz; \
- if (aes->aadLen) \
- len[0] = (word64)aes->aadLen; \
+ if (aes->gcm.aadLen) \
+ len[0] = (word64)aes->gcm.aadLen; \
/* Lengths are in bytes. Convert to bits. */ \
len[0] *= 8; \
len[1] *= 8; \
@@ -6010,7 +7424,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_LEN_BLOCK(aes) \
do { \
word64* x = (word64*)AES_TAG(aes); \
- word64* h = (word64*)aes->H; \
+ word64* h = (word64*)aes->gcm.H; \
word64 len[2]; \
len[0] = aes->aSz; len[1] = aes->cSz; \
/* Lengths are in bytes. Convert to bits. */ \
@@ -6078,18 +7492,18 @@ static void GMULT(word32* X, word32* Y)
}
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
word32 cSz, byte* s, word32 sSz)
{
word32 x[4] = {0,0,0,0};
word32 blocks, partial;
word32 bigH[4];
- if (aes == NULL) {
+ if (gcm == NULL) {
return;
}
- XMEMCPY(bigH, aes->H, AES_BLOCK_SIZE);
+ XMEMCPY(bigH, gcm->H, AES_BLOCK_SIZE);
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords(bigH, bigH, AES_BLOCK_SIZE);
#endif
@@ -6187,7 +7601,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
* @param [in, out] aes AES GCM object.
*/
#define GHASH_INIT_EXTRA(aes) \
- ByteReverseWords((word32*)aes->H, (word32*)aes->H, AES_BLOCK_SIZE)
+ ByteReverseWords((word32*)aes->gcm.H, (word32*)aes->gcm.H, AES_BLOCK_SIZE)
/* GHASH one block of data..
*
@@ -6199,7 +7613,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
word32* x = (word32*)AES_TAG(aes); \
- word32* h = (word32*)aes->H; \
+ word32* h = (word32*)aes->gcm.H; \
word32 bigEnd[4]; \
XMEMCPY(bigEnd, block, AES_BLOCK_SIZE); \
ByteReverseWords(bigEnd, bigEnd, AES_BLOCK_SIZE); \
@@ -6221,7 +7635,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
do { \
word32 len[4]; \
word32* x = (word32*)AES_TAG(aes); \
- word32* h = (word32*)aes->H; \
+ word32* h = (word32*)aes->gcm.H; \
len[0] = (aes->aSz >> (8*sizeof(aes->aSz) - 3)); \
len[1] = aes->aSz << 3; \
len[2] = (aes->cSz >> (8*sizeof(aes->cSz) - 3)); \
@@ -6239,7 +7653,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
*
* @param [in] aes AES GCM object.
*/
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
/* GHASH one block of data..
*
@@ -6251,7 +7665,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
word32* x = (word32*)AES_TAG(aes); \
- word32* h = (word32*)aes->H; \
+ word32* h = (word32*)aes->gcm.H; \
word32 block32[4]; \
XMEMCPY(block32, block, AES_BLOCK_SIZE); \
x[0] ^= block32[0]; \
@@ -6270,7 +7684,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
do { \
word32 len[4]; \
word32* x = (word32*)AES_TAG(aes); \
- word32* h = (word32*)aes->H; \
+ word32* h = (word32*)aes->gcm.H; \
len[0] = (aes->aSz >> (8*sizeof(aes->aSz) - 3)); \
len[1] = aes->aSz << 3; \
len[2] = (aes->cSz >> (8*sizeof(aes->cSz) - 3)); \
@@ -6315,7 +7729,7 @@ static void GHASH_INIT(Aes* aes) {
/* Reset counts of AAD and cipher text. */
aes->aOver = 0;
aes->cOver = 0;
- /* Extra initialization baed on implementation. */
+ /* Extra initialization based on implementation. */
GHASH_INIT_EXTRA(aes);
}
@@ -6394,7 +7808,7 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
sz = (byte)cSz;
}
XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
- /* Update count of unsed encrypted counter. */
+ /* Update count of unused encrypted counter. */
aes->cOver += sz;
if (aes->cOver == AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
@@ -6540,7 +7954,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
pCtr[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
}
XMEMCPY(ctrInit, ctr, sizeof(ctr)); /* save off initial counter for GMAC */
@@ -6571,7 +7985,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
/* if IV is not 12 calculate GHASH using software */
if (ivSz != GCM_NONCE_MID_SZ
#ifndef CRYP_HEADERWIDTHUNIT_BYTE
- /* or harware that does not support partial block */
+ /* or hardware that does not support partial block */
|| sz == 0 || partial != 0
#endif
#if !defined(CRYP_HEADERWIDTHUNIT_BYTE) && !defined(STM32_AESGCM_PARTIAL)
@@ -6708,12 +8122,13 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
ret = AES_GCM_AUTH_E;
#endif /* WOLFSSL_STM32_CUBEMX */
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
if (ret == 0) {
/* return authTag */
if (authTag) {
if (useSwGhash) {
- GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+ GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
ret = wc_AesEncrypt(aes, (byte*)ctrInit, (byte*)tag);
if (ret == 0) {
xorbuf(authTag, tag, authTagSz);
@@ -6771,12 +8186,12 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
else {
/* Counter is GHASH of IV. */
#ifdef OPENSSL_EXTRA
- word32 aadTemp = aes->aadLen;
- aes->aadLen = 0;
+ word32 aadTemp = aes->gcm.aadLen;
+ aes->gcm.aadLen = 0;
#endif
- GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
#ifdef OPENSSL_EXTRA
- aes->aadLen = aadTemp;
+ aes->gcm.aadLen = aadTemp;
#endif
}
XMEMCPY(initialCounter, counter, AES_BLOCK_SIZE);
@@ -6836,7 +8251,7 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
xorbufout(c, scratch, p, partial);
}
if (authTag) {
- GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+ GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
ret = wc_AesEncrypt(aes, initialCounter, scratch);
if (ret != 0)
return ret;
@@ -6844,7 +8259,7 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
#ifdef OPENSSL_EXTRA
if (!in && !sz)
/* store AAD size for next call */
- aes->aadLen = authInSz;
+ aes->gcm.aadLen = authInSz;
#endif
}
@@ -6857,6 +8272,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
+ int ret;
+
/* argument checks */
if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0) {
return BAD_FUNC_ARG;
@@ -6898,7 +8315,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return IntelQaSymAesGcmEncrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_ENCRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@@ -6931,38 +8348,41 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
authTag, authTagSz, authIn, authInSz);
#endif /* STM32_CRYPTO_AES_GCM */
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- #ifdef HAVE_INTEL_AVX2
- if (IS_INTEL_AVX2(intel_flags)) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_encrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
- authTagSz, (const byte*)aes->key, (int)aes->rounds);
- RESTORE_VECTOR_REGISTERS();
- return 0;
- }
- else
- #endif
- #if defined(HAVE_INTEL_AVX1)
- if (IS_INTEL_AVX1(intel_flags)) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_encrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
- authTagSz, (const byte*)aes->key, (int)aes->rounds);
- RESTORE_VECTOR_REGISTERS();
- return 0;
- }
- else
- #endif
- if (haveAESNI) {
- AES_GCM_encrypt(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+ if (aes->use_aesni) {
+#ifdef HAVE_INTEL_AVX2
+ if (IS_INTEL_AVX2(intel_flags)) {
+ AES_GCM_encrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+ authTagSz, (const byte*)aes->key, (int)aes->rounds);
+ ret = 0;
+ }
+ else
+#endif
+#if defined(HAVE_INTEL_AVX1)
+ if (IS_INTEL_AVX1(intel_flags)) {
+ AES_GCM_encrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+ authTagSz, (const byte*)aes->key, (int)aes->rounds);
+ ret = 0;
+ } else
+#endif
+ {
+ AES_GCM_encrypt_aesni(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
authTagSz, (const byte*)aes->key, (int)aes->rounds);
- return 0;
+ ret = 0;
+ }
}
else
-#endif
+#endif /* WOLFSSL_AESNI */
{
- return AES_GCM_encrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
- authIn, authInSz);
+ ret = AES_GCM_encrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
+ authIn, authInSz);
}
+
+ VECTOR_REGISTERS_POP;
+
+ return ret;
}
#endif
@@ -7052,7 +8472,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
pCtr[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
}
/* Make copy of expected authTag, which could get corrupted in some
@@ -7073,7 +8493,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
/* if IV is not 12 calculate GHASH using software */
if (ivSz != GCM_NONCE_MID_SZ
#ifndef CRYP_HEADERWIDTHUNIT_BYTE
- /* or harware that does not support partial block */
+ /* or hardware that does not support partial block */
|| sz == 0 || partial != 0
#endif
#if !defined(CRYP_HEADERWIDTHUNIT_BYTE) && !defined(STM32_AESGCM_PARTIAL)
@@ -7081,7 +8501,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
|| authPadSz != authInSz
#endif
) {
- GHASH(aes, authIn, authInSz, in, sz, (byte*)tag, sizeof(tag));
+ GHASH(&aes->gcm, authIn, authInSz, in, sz, (byte*)tag, sizeof(tag));
ret = wc_AesEncrypt(aes, (byte*)ctr, (byte*)partialBlock);
if (ret != 0)
return ret;
@@ -7242,6 +8662,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
XMEMCPY(tag, partialBlock, authTagSz);
#endif /* WOLFSSL_STM32_CUBEMX */
wolfSSL_CryptHwMutexUnLock();
+ wc_Stm32_Aes_Cleanup();
/* Check authentication tag */
if (ConstantCompare((const byte*)tagExpected, (byte*)tag, authTagSz) != 0) {
@@ -7295,17 +8716,17 @@ int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
else {
/* Counter is GHASH of IV. */
#ifdef OPENSSL_EXTRA
- word32 aadTemp = aes->aadLen;
- aes->aadLen = 0;
+ word32 aadTemp = aes->gcm.aadLen;
+ aes->gcm.aadLen = 0;
#endif
- GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
#ifdef OPENSSL_EXTRA
- aes->aadLen = aadTemp;
+ aes->gcm.aadLen = aadTemp;
#endif
}
/* Calc the authTag again using received auth data and the cipher text */
- GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
+ GHASH(&aes->gcm, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
ret = wc_AesEncrypt(aes, counter, EKY0);
if (ret != 0)
return ret;
@@ -7328,7 +8749,7 @@ int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
if (!out) {
/* authenticated, non-confidential data */
/* store AAD size for next call */
- aes->aadLen = authInSz;
+ aes->gcm.aadLen = authInSz;
}
#endif
@@ -7412,6 +8833,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
+ int ret;
#ifdef WOLFSSL_AESNI
int res = AES_GCM_AUTH_E;
#endif
@@ -7457,7 +8879,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return IntelQaSymAesGcmDecrypt(&aes->asyncDev, out, in, sz,
(const byte*)aes->devKey, aes->keylen, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_DECRYPT)) {
WC_ASYNC_SW* sw = &aes->asyncDev.sw;
sw->aes.aes = aes;
@@ -7490,49 +8912,61 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
authTag, authTagSz, authIn, authInSz);
#endif /* STM32_CRYPTO_AES_GCM */
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- #ifdef HAVE_INTEL_AVX2
- if (IS_INTEL_AVX2(intel_flags)) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_decrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
- authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
- RESTORE_VECTOR_REGISTERS();
- if (res == 0)
- return AES_GCM_AUTH_E;
- return 0;
- }
- else
- #endif
- #if defined(HAVE_INTEL_AVX1)
- if (IS_INTEL_AVX1(intel_flags)) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_decrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
- authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
- RESTORE_VECTOR_REGISTERS();
- if (res == 0)
- return AES_GCM_AUTH_E;
- return 0;
- }
- else
- #endif
- if (haveAESNI) {
- AES_GCM_decrypt(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+ if (aes->use_aesni) {
+#ifdef HAVE_INTEL_AVX2
+ if (IS_INTEL_AVX2(intel_flags)) {
+ AES_GCM_decrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+ authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
+ if (res == 0)
+ ret = AES_GCM_AUTH_E;
+ else
+ ret = 0;
+ }
+ else
+#endif
+#if defined(HAVE_INTEL_AVX1)
+ if (IS_INTEL_AVX1(intel_flags)) {
+ AES_GCM_decrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+ authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
+ if (res == 0)
+ ret = AES_GCM_AUTH_E;
+ else
+ ret = 0;
+ }
+ else
+#endif
+ {
+ AES_GCM_decrypt_aesni(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
- if (res == 0)
- return AES_GCM_AUTH_E;
- return 0;
+ if (res == 0)
+ ret = AES_GCM_AUTH_E;
+ else
+ ret = 0;
+ }
}
else
-#endif
+#endif /* WOLFSSL_AESNI */
{
- return AES_GCM_decrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
- authIn, authInSz);
+ ret = AES_GCM_decrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
+ authIn, authInSz);
}
+
+ VECTOR_REGISTERS_POP;
+
+ return ret;
}
#endif
#endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
#ifdef WOLFSSL_AESGCM_STREAM
+
+#if defined(WC_AES_C_DYNAMIC_FALLBACK) && defined(WOLFSSL_AESNI)
+ #error "AES-GCM streaming with AESNI is incompatible with WC_AES_C_DYNAMIC_FALLBACK."
+#endif
+
/* Initialize the AES GCM cipher with an IV. C implementation.
*
* @param [in, out] aes AES object.
@@ -7544,6 +8978,10 @@ static WARN_UNUSED_RESULT int AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz
ALIGN32 byte counter[AES_BLOCK_SIZE];
int ret;
+#ifdef WOLFSSL_AESNI
+ aes->use_aesni = 0;
+#endif
+
if (ivSz == GCM_NONCE_MID_SZ) {
/* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
XMEMCPY(counter, iv, ivSz);
@@ -7554,12 +8992,12 @@ static WARN_UNUSED_RESULT int AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz
else {
/* Counter is GHASH of IV. */
#ifdef OPENSSL_EXTRA
- word32 aadTemp = aes->aadLen;
- aes->aadLen = 0;
+ word32 aadTemp = aes->gcm.aadLen;
+ aes->gcm.aadLen = 0;
#endif
- GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
#ifdef OPENSSL_EXTRA
- aes->aadLen = aadTemp;
+ aes->gcm.aadLen = aadTemp;
#endif
}
@@ -7686,7 +9124,7 @@ static WARN_UNUSED_RESULT int AesGcmFinal_C(
xorbuf(authTag, AES_INITCTR(aes), authTagSz);
#ifdef OPENSSL_EXTRA
/* store AAD size for next call */
- aes->aadLen = aes->aSz;
+ aes->gcm.aadLen = aes->aSz;
#endif
/* Zeroize last block to protect sensitive data. */
ForceZero(AES_LASTBLOCK(aes), AES_BLOCK_SIZE);
@@ -7767,6 +9205,8 @@ extern void AES_GCM_encrypt_final_aesni(unsigned char* tag,
static WARN_UNUSED_RESULT int AesGcmInit_aesni(
Aes* aes, const byte* iv, word32 ivSz)
{
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
/* Reset state fields. */
aes->aSz = 0;
aes->cSz = 0;
@@ -7778,28 +9218,25 @@ static WARN_UNUSED_RESULT int AesGcmInit_aesni(
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_init_avx2((byte*)aes->key, (int)aes->rounds, iv, ivSz, aes->H,
- AES_COUNTER(aes), AES_INITCTR(aes));
- RESTORE_VECTOR_REGISTERS();
+ AES_GCM_init_avx2((byte*)aes->key, (int)aes->rounds, iv, ivSz,
+ aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_init_avx1((byte*)aes->key, (int)aes->rounds, iv, ivSz, aes->H,
- AES_COUNTER(aes), AES_INITCTR(aes));
- RESTORE_VECTOR_REGISTERS();
+ AES_GCM_init_avx1((byte*)aes->key, (int)aes->rounds, iv, ivSz,
+ aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
}
else
#endif
{
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_GCM_init_aesni((byte*)aes->key, (int)aes->rounds, iv, ivSz, aes->H,
- AES_COUNTER(aes), AES_INITCTR(aes));
- RESTORE_VECTOR_REGISTERS();
+ AES_GCM_init_aesni((byte*)aes->key, (int)aes->rounds, iv, ivSz,
+ aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
}
+
+ aes->use_aesni = 1;
+
return 0;
}
@@ -7838,20 +9275,20 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
else
#endif
{
AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
/* Reset count. */
aes->aOver = 0;
@@ -7869,20 +9306,20 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_aad_update_avx2(a, blocks * AES_BLOCK_SIZE,
- AES_TAG(aes), aes->H);
+ AES_TAG(aes), aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_aad_update_avx1(a, blocks * AES_BLOCK_SIZE,
- AES_TAG(aes), aes->H);
+ AES_TAG(aes), aes->gcm.H);
}
else
#endif
{
AES_GCM_aad_update_aesni(a, blocks * AES_BLOCK_SIZE,
- AES_TAG(aes), aes->H);
+ AES_TAG(aes), aes->gcm.H);
}
/* Skip over to end of AAD blocks. */
a += blocks * AES_BLOCK_SIZE;
@@ -7901,19 +9338,21 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
/* GHASH last AAD block. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
- AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
+ aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
- AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
+ aes->gcm.H);
}
else
#endif
{
AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
/* Clear partial count for next time through. */
aes->aOver = 0;
@@ -7940,7 +9379,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
int partial;
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
/* Hash in A, the Authentication Data */
ret = AesGcmAadUpdate_aesni(aes, a, aSz, (cSz > 0) && (c != NULL));
if (ret != 0)
@@ -7959,27 +9399,27 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
/* Encrypt some of the plaintext. */
xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, p, sz);
XMEMCPY(c, AES_LASTGBLOCK(aes) + aes->cOver, sz);
- /* Update count of unsed encrypted counter. */
+ /* Update count of unused encrypted counter. */
aes->cOver += sz;
if (aes->cOver == AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
else
#endif
{
AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
/* Reset count. */
aes->cOver = 0;
@@ -7998,7 +9438,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_encrypt_update_avx2((byte*)aes->key, (int)aes->rounds,
- c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+ c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
}
else
@@ -8006,14 +9446,14 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_encrypt_update_avx1((byte*)aes->key, (int)aes->rounds,
- c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+ c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
}
else
#endif
{
AES_GCM_encrypt_update_aesni((byte*)aes->key, (int)aes->rounds,
- c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+ c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
}
/* Skip over to end of blocks. */
@@ -8050,7 +9490,6 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
aes->cOver = (byte)partial;
}
}
- RESTORE_VECTOR_REGISTERS();
return 0;
}
@@ -8069,7 +9508,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni(
/* AAD block incomplete when > 0 */
byte over = aes->aOver;
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
if (aes->cOver > 0) {
/* Cipher text block incomplete. */
over = aes->cOver;
@@ -8080,41 +9520,43 @@ static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni(
/* GHASH last cipher block. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
- AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
+ aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
- AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
+ aes->gcm.H);
}
else
#endif
{
AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
}
/* Calculate the authentication tag. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_encrypt_final_avx2(AES_TAG(aes), authTag, authTagSz, aes->cSz,
- aes->aSz, aes->H, AES_INITCTR(aes));
+ aes->aSz, aes->gcm.H, AES_INITCTR(aes));
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_encrypt_final_avx1(AES_TAG(aes), authTag, authTagSz, aes->cSz,
- aes->aSz, aes->H, AES_INITCTR(aes));
+ aes->aSz, aes->gcm.H, AES_INITCTR(aes));
}
else
#endif
{
AES_GCM_encrypt_final_aesni(AES_TAG(aes), authTag, authTagSz, aes->cSz,
- aes->aSz, aes->H, AES_INITCTR(aes));
+ aes->aSz, aes->gcm.H, AES_INITCTR(aes));
}
- RESTORE_VECTOR_REGISTERS();
+
return 0;
}
@@ -8156,7 +9598,7 @@ extern void AES_GCM_decrypt_final_aesni(unsigned char* tag,
*
* @param [in, out] aes AES object.
* @param [out] p Buffer to hold plaintext.
- * @param [in] c Buffer holding ciper text.
+ * @param [in] c Buffer holding cipher text.
* @param [in] cSz Length of cipher text/plaintext in bytes.
* @param [in] a Buffer holding authentication data.
* @param [in] aSz Length of authentication data in bytes.
@@ -8168,7 +9610,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
int partial;
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
/* Hash in A, the Authentication Data */
ret = AesGcmAadUpdate_aesni(aes, a, aSz, (cSz > 0) && (c != NULL));
if (ret != 0)
@@ -8189,27 +9632,27 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
/* Decrypt some of the cipher text. */
xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
XMEMCPY(p, AES_LASTGBLOCK(aes) + aes->cOver, sz);
- /* Update count of unsed encrypted counter. */
+ /* Update count of unused encrypted counter. */
aes->cOver += sz;
if (aes->cOver == AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_ghash_block_avx2(AES_LASTBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_ghash_block_avx1(AES_LASTBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
else
#endif
{
AES_GCM_ghash_block_aesni(AES_LASTBLOCK(aes), AES_TAG(aes),
- aes->H);
+ aes->gcm.H);
}
/* Reset count. */
aes->cOver = 0;
@@ -8228,7 +9671,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_decrypt_update_avx2((byte*)aes->key, (int)aes->rounds,
- p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+ p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
}
else
@@ -8236,14 +9679,14 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_decrypt_update_avx1((byte*)aes->key, (int)aes->rounds,
- p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+ p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
}
else
#endif
{
AES_GCM_decrypt_update_aesni((byte*)aes->key, (int)aes->rounds,
- p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+ p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
AES_COUNTER(aes));
}
/* Skip over to end of blocks. */
@@ -8280,7 +9723,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
aes->cOver = (byte)partial;
}
}
- RESTORE_VECTOR_REGISTERS();
+
return 0;
}
@@ -8304,7 +9747,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni(
byte over = aes->aOver;
byte *lastBlock = AES_LASTGBLOCK(aes);
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ASSERT_SAVED_VECTOR_REGISTERS();
+
if (aes->cOver > 0) {
/* Cipher text block incomplete. */
over = aes->cOver;
@@ -8316,40 +9760,40 @@ static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni(
/* Hash the last block of cipher text. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
- AES_GCM_ghash_block_avx2(lastBlock, AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_avx2(lastBlock, AES_TAG(aes), aes->gcm.H);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
- AES_GCM_ghash_block_avx1(lastBlock, AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_avx1(lastBlock, AES_TAG(aes), aes->gcm.H);
}
else
#endif
{
- AES_GCM_ghash_block_aesni(lastBlock, AES_TAG(aes), aes->H);
+ AES_GCM_ghash_block_aesni(lastBlock, AES_TAG(aes), aes->gcm.H);
}
}
/* Calculate and compare the authentication tag. */
#ifdef HAVE_INTEL_AVX2
if (IS_INTEL_AVX2(intel_flags)) {
AES_GCM_decrypt_final_avx2(AES_TAG(aes), authTag, authTagSz, aes->cSz,
- aes->aSz, aes->H, AES_INITCTR(aes), &res);
+ aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
}
else
#endif
#ifdef HAVE_INTEL_AVX1
if (IS_INTEL_AVX1(intel_flags)) {
AES_GCM_decrypt_final_avx1(AES_TAG(aes), authTag, authTagSz, aes->cSz,
- aes->aSz, aes->H, AES_INITCTR(aes), &res);
+ aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
}
else
#endif
{
AES_GCM_decrypt_final_aesni(AES_TAG(aes), authTag, authTagSz, aes->cSz,
- aes->aSz, aes->H, AES_INITCTR(aes), &res);
+ aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
}
- RESTORE_VECTOR_REGISTERS();
+
/* Return error code when calculated doesn't match input. */
if (res == 0) {
ret = AES_GCM_AUTH_E;
@@ -8418,15 +9862,10 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
if (iv != NULL) {
/* Initialize with the IV. */
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- if (haveAESNI
- #ifdef HAVE_INTEL_AVX2
- || IS_INTEL_AVX2(intel_flags)
- #endif
- #ifdef HAVE_INTEL_AVX1
- || IS_INTEL_AVX1(intel_flags)
- #endif
- ) {
+ if (aes->use_aesni) {
ret = AesGcmInit_aesni(aes, iv, ivSz);
}
else
@@ -8435,7 +9874,10 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
ret = AesGcmInit_C(aes, iv, ivSz);
}
- aes->nonceSet = 1;
+ VECTOR_REGISTERS_POP;
+
+ if (ret == 0)
+ aes->nonceSet = 1;
}
}
@@ -8547,15 +9989,10 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
if (ret == 0) {
/* Encrypt with AAD and/or plaintext. */
- #if defined(WOLFSSL_AESNI)
- if (haveAESNI
- #ifdef HAVE_INTEL_AVX2
- || IS_INTEL_AVX2(intel_flags)
- #endif
- #ifdef HAVE_INTEL_AVX1
- || IS_INTEL_AVX1(intel_flags)
- #endif
- ) {
+ VECTOR_REGISTERS_PUSH;
+
+ #ifdef WOLFSSL_AESNI
+ if (aes->use_aesni) {
ret = AesGcmEncryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
}
else
@@ -8563,12 +10000,14 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
{
/* Encrypt the plaintext. */
ret = AesGcmCryptUpdate_C(aes, out, in, sz);
- if (ret != 0)
- return ret;
- /* Update the authenication tag with any authentication data and the
- * new cipher text. */
- GHASH_UPDATE(aes, authIn, authInSz, out, sz);
+ if (ret == 0) {
+ /* Update the authentication tag with any authentication data and the
+ * new cipher text. */
+ GHASH_UPDATE(aes, authIn, authInSz, out, sz);
+ }
}
+
+ VECTOR_REGISTERS_POP;
}
return ret;
@@ -8605,15 +10044,9 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
if (ret == 0) {
/* Calculate authentication tag. */
+ VECTOR_REGISTERS_PUSH;
#ifdef WOLFSSL_AESNI
- if (haveAESNI
- #ifdef HAVE_INTEL_AVX2
- || IS_INTEL_AVX2(intel_flags)
- #endif
- #ifdef HAVE_INTEL_AVX1
- || IS_INTEL_AVX1(intel_flags)
- #endif
- ) {
+ if (aes->use_aesni) {
ret = AesGcmEncryptFinal_aesni(aes, authTag, authTagSz);
}
else
@@ -8621,6 +10054,7 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
{
ret = AesGcmFinal_C(aes, authTag, authTagSz);
}
+ VECTOR_REGISTERS_POP;
}
if ((ret == 0) && aes->ctrSet) {
@@ -8693,26 +10127,21 @@ int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
if (ret == 0) {
/* Decrypt with AAD and/or cipher text. */
- #if defined(WOLFSSL_AESNI)
- if (haveAESNI
- #ifdef HAVE_INTEL_AVX2
- || IS_INTEL_AVX2(intel_flags)
- #endif
- #ifdef HAVE_INTEL_AVX1
- || IS_INTEL_AVX1(intel_flags)
- #endif
- ) {
+ VECTOR_REGISTERS_PUSH;
+ #ifdef WOLFSSL_AESNI
+ if (aes->use_aesni) {
ret = AesGcmDecryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
}
else
#endif
{
- /* Update the authenication tag with any authentication data and
+ /* Update the authentication tag with any authentication data and
* cipher text. */
GHASH_UPDATE(aes, authIn, authInSz, in, sz);
/* Decrypt the cipher text. */
ret = AesGcmCryptUpdate_C(aes, out, in, sz);
}
+ VECTOR_REGISTERS_POP;
}
return ret;
@@ -8749,15 +10178,9 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
if (ret == 0) {
/* Calculate authentication tag and compare with one passed in.. */
+ VECTOR_REGISTERS_PUSH;
#ifdef WOLFSSL_AESNI
- if (haveAESNI
- #ifdef HAVE_INTEL_AVX2
- || IS_INTEL_AVX2(intel_flags)
- #endif
- #ifdef HAVE_INTEL_AVX1
- || IS_INTEL_AVX1(intel_flags)
- #endif
- ) {
+ if (aes->use_aesni) {
ret = AesGcmDecryptFinal_aesni(aes, authTag, authTagSz);
}
else
@@ -8773,12 +10196,9 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
}
}
}
+ VECTOR_REGISTERS_POP;
}
- /* reset the state */
- if (ret == 0)
- wc_AesFree(aes);
-
return ret;
}
#endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
@@ -9297,12 +10717,12 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
-#ifndef WOLFSSL_AESNI
- byte A[AES_BLOCK_SIZE];
- byte B[AES_BLOCK_SIZE];
-#else
+#ifdef WOLFSSL_AESNI
ALIGN128 byte A[AES_BLOCK_SIZE * 4];
ALIGN128 byte B[AES_BLOCK_SIZE * 4];
+#else
+ byte A[AES_BLOCK_SIZE];
+ byte B[AES_BLOCK_SIZE];
#endif
byte lenSz;
word32 i;
@@ -9351,67 +10771,38 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
wc_MemZero_Add("wc_AesCcmEncrypt B", B, sizeof(B));
#endif
+ VECTOR_REGISTERS_PUSH;
ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
#ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Add("wc_AesCcmEncrypt A", A, sizeof(A));
+ if (ret == 0)
+ wc_MemZero_Add("wc_AesCcmEncrypt A", A, sizeof(A));
#endif
- if (authInSz > 0) {
+ if ((ret == 0) && (authInSz > 0))
ret = roll_auth(aes, authIn, authInSz, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
- }
- if (inSz > 0) {
+
+ if ((ret == 0) && (inSz > 0))
ret = roll_x(aes, in, inSz, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
- }
- XMEMCPY(authTag, A, authTagSz);
- B[0] = lenSz - 1;
- for (i = 0; i < lenSz; i++)
- B[AES_BLOCK_SIZE - 1 - i] = 0;
- ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
+ if (ret == 0) {
+ XMEMCPY(authTag, A, authTagSz);
+
+ B[0] = lenSz - 1;
+ for (i = 0; i < lenSz; i++)
+ B[AES_BLOCK_SIZE - 1 - i] = 0;
+ ret = wc_AesEncrypt(aes, B, A);
}
- xorbuf(authTag, A, authTagSz);
- B[15] = 1;
+ if (ret == 0) {
+ xorbuf(authTag, A, authTagSz);
+ B[15] = 1;
+ }
#ifdef WOLFSSL_AESNI
- if (haveAESNI && aes->use_aesni) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ if ((ret == 0) && aes->use_aesni) {
while (inSz >= AES_BLOCK_SIZE * 4) {
AesCcmCtrIncSet4(B, lenSz);
- AES_ECB_encrypt(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
+ AES_ECB_encrypt_AESNI(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
(int)aes->rounds);
xorbuf(A, in, AES_BLOCK_SIZE * 4);
@@ -9423,39 +10814,26 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
AesCcmCtrInc4(B, lenSz);
}
- RESTORE_VECTOR_REGISTERS();
}
#endif
- while (inSz >= AES_BLOCK_SIZE) {
- ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
- xorbuf(A, in, AES_BLOCK_SIZE);
- XMEMCPY(out, A, AES_BLOCK_SIZE);
+ if (ret == 0) {
+ while (inSz >= AES_BLOCK_SIZE) {
+ ret = wc_AesEncrypt(aes, B, A);
+ if (ret != 0)
+ break;
+ xorbuf(A, in, AES_BLOCK_SIZE);
+ XMEMCPY(out, A, AES_BLOCK_SIZE);
- AesCcmCtrInc(B, lenSz);
- inSz -= AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
+ AesCcmCtrInc(B, lenSz);
+ inSz -= AES_BLOCK_SIZE;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
}
- if (inSz > 0) {
+ if ((ret == 0) && (inSz > 0)) {
ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
+ }
+ if ((ret == 0) && (inSz > 0)) {
xorbuf(A, in, inSz);
XMEMCPY(out, A, inSz);
}
@@ -9468,7 +10846,9 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
wc_MemZero_Check(B, sizeof(B));
#endif
- return 0;
+ VECTOR_REGISTERS_POP;
+
+ return ret;
}
#ifdef HAVE_AES_DECRYPT
@@ -9478,19 +10858,19 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz)
{
-#ifndef WOLFSSL_AESNI
- byte A[AES_BLOCK_SIZE];
- byte B[AES_BLOCK_SIZE];
-#else
+#ifdef WOLFSSL_AESNI
ALIGN128 byte B[AES_BLOCK_SIZE * 4];
ALIGN128 byte A[AES_BLOCK_SIZE * 4];
+#else
+ byte A[AES_BLOCK_SIZE];
+ byte B[AES_BLOCK_SIZE];
#endif
byte* o;
byte lenSz;
word32 i, oSz;
byte mask = 0xFF;
const word32 wordSz = (word32)sizeof(word32);
- int ret;
+ int ret = 0;
/* sanity check on arguments */
if (aes == NULL || (inSz != 0 && (in == NULL || out == NULL)) ||
@@ -9533,13 +10913,14 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
wc_MemZero_Add("wc_AesCcmEncrypt B", B, sizeof(B));
#endif
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- if (haveAESNI && aes->use_aesni) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ if (aes->use_aesni) {
while (oSz >= AES_BLOCK_SIZE * 4) {
AesCcmCtrIncSet4(B, lenSz);
- AES_ECB_encrypt(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
+ AES_ECB_encrypt_AESNI(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
(int)aes->rounds);
xorbuf(A, in, AES_BLOCK_SIZE * 4);
@@ -9551,131 +10932,79 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
AesCcmCtrInc4(B, lenSz);
}
- RESTORE_VECTOR_REGISTERS();
}
#endif
+
while (oSz >= AES_BLOCK_SIZE) {
ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
+ if (ret != 0)
+ break;
xorbuf(A, in, AES_BLOCK_SIZE);
XMEMCPY(o, A, AES_BLOCK_SIZE);
-
AesCcmCtrInc(B, lenSz);
oSz -= AES_BLOCK_SIZE;
in += AES_BLOCK_SIZE;
o += AES_BLOCK_SIZE;
}
- if (inSz > 0) {
+
+ if ((ret == 0) && (inSz > 0))
ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
+
+ if ((ret == 0) && (inSz > 0)) {
xorbuf(A, in, oSz);
XMEMCPY(o, A, oSz);
+ for (i = 0; i < lenSz; i++)
+ B[AES_BLOCK_SIZE - 1 - i] = 0;
+ ret = wc_AesEncrypt(aes, B, A);
}
- for (i = 0; i < lenSz; i++)
- B[AES_BLOCK_SIZE - 1 - i] = 0;
- ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
-
- o = out;
- oSz = inSz;
+ if (ret == 0) {
+ o = out;
+ oSz = inSz;
- B[0] = (byte)((authInSz > 0 ? 64 : 0)
- + (8 * (((byte)authTagSz - 2) / 2))
- + (lenSz - 1));
- for (i = 0; i < lenSz; i++) {
- if (mask && i >= wordSz)
- mask = 0x00;
- B[AES_BLOCK_SIZE - 1 - i] = (byte)((inSz >> ((8 * i) & mask)) & mask);
- }
+ B[0] = (byte)((authInSz > 0 ? 64 : 0)
+ + (8 * (((byte)authTagSz - 2) / 2))
+ + (lenSz - 1));
+ for (i = 0; i < lenSz; i++) {
+ if (mask && i >= wordSz)
+ mask = 0x00;
+ B[AES_BLOCK_SIZE - 1 - i] = (byte)((inSz >> ((8 * i) & mask)) & mask);
+ }
- ret = wc_AesEncrypt(aes, B, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
+ ret = wc_AesEncrypt(aes, B, A);
}
- if (authInSz > 0) {
- ret = roll_auth(aes, authIn, authInSz, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
+ if (ret == 0) {
+ if (authInSz > 0)
+ ret = roll_auth(aes, authIn, authInSz, A);
}
- if (inSz > 0) {
+ if ((ret == 0) && (inSz > 0))
ret = roll_x(aes, o, oSz, A);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
- }
- }
- B[0] = lenSz - 1;
- for (i = 0; i < lenSz; i++)
- B[AES_BLOCK_SIZE - 1 - i] = 0;
- ret = wc_AesEncrypt(aes, B, B);
- if (ret != 0) {
- ForceZero(A, sizeof(A));
- ForceZero(B, sizeof(B));
- #ifdef WOLFSSL_CHECK_MEM_ZERO
- wc_MemZero_Check(A, sizeof(A));
- wc_MemZero_Check(B, sizeof(B));
- #endif
- return ret;
+ if (ret == 0) {
+ B[0] = lenSz - 1;
+ for (i = 0; i < lenSz; i++)
+ B[AES_BLOCK_SIZE - 1 - i] = 0;
+ ret = wc_AesEncrypt(aes, B, B);
}
- xorbuf(A, B, authTagSz);
- if (ConstantCompare(A, authTag, (int)authTagSz) != 0) {
- /* If the authTag check fails, don't keep the decrypted data.
- * Unfortunately, you need the decrypted data to calculate the
- * check value. */
- #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) && \
- defined(ACVP_VECTOR_TESTING)
+ if (ret == 0)
+ xorbuf(A, B, authTagSz);
+
+ if (ret == 0) {
+ if (ConstantCompare(A, authTag, (int)authTagSz) != 0) {
+ /* If the authTag check fails, don't keep the decrypted data.
+ * Unfortunately, you need the decrypted data to calculate the
+ * check value. */
+ #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) && \
+ defined(ACVP_VECTOR_TESTING)
WOLFSSL_MSG("Preserve output for vector responses");
- #else
+ #else
if (inSz > 0)
XMEMSET(out, 0, inSz);
- #endif
- ret = AES_CCM_AUTH_E;
+ #endif
+ ret = AES_CCM_AUTH_E;
+ }
}
ForceZero(A, sizeof(A));
@@ -9687,6 +11016,8 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
wc_MemZero_Check(B, sizeof(B));
#endif
+ VECTOR_REGISTERS_POP;
+
return ret;
}
@@ -9784,7 +11115,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
aes->heap, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */
-#ifdef WOLFSSL_AFALG
+#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
aes->alFd = WC_SOCK_NOTSET;
aes->rdFd = WC_SOCK_NOTSET;
#endif
@@ -9809,8 +11140,8 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
#ifdef HAVE_AESGCM
#ifdef OPENSSL_EXTRA
- XMEMSET(aes->aadH, 0, sizeof(aes->aadH));
- aes->aadLen = 0;
+ XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH));
+ aes->gcm.aadLen = 0;
#endif
#endif
@@ -9829,6 +11160,15 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
ret = wc_psa_aes_init(aes);
#endif
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ XMEMSET(&aes->ctx, 0, sizeof(aes->ctx));
+#endif
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ if (ret == 0)
+ ret = wc_debug_CipherLifecycleInit(&aes->CipherLifecycleTag, aes->heap);
+#endif
+
return ret;
}
@@ -9884,6 +11224,10 @@ void wc_AesFree(Aes* aes)
if (aes == NULL)
return;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1);
+#endif
+
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
wolfAsync_DevCtxFree(&aes->asyncDev, WOLFSSL_ASYNC_MARKER_AES);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -9939,12 +11283,17 @@ void wc_AesFree(Aes* aes)
wc_MAXQ10XX_AesFree(aes);
#endif
+#if ((defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_AES))
+ wc_fspsm_Aesfree(aes);
+#endif
+
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(aes, sizeof(Aes));
#endif
}
-
int wc_AesGetKeySize(Aes* aes, word32* keySize)
{
int ret = 0;
@@ -9986,6 +11335,16 @@ int wc_AesGetKeySize(Aes* aes, word32* keySize)
#endif /* !WOLFSSL_TI_CRYPT */
+/* the earlier do-nothing default definitions for VECTOR_REGISTERS_{PUSH,POP}
+ * are missed when WOLFSSL_TI_CRYPT or WOLFSSL_ARMASM.
+ */
+#ifndef VECTOR_REGISTERS_PUSH
+ #define VECTOR_REGISTERS_PUSH { WC_DO_NOTHING
+#endif
+#ifndef VECTOR_REGISTERS_POP
+ #define VECTOR_REGISTERS_POP } WC_DO_NOTHING
+#endif
+
#ifdef HAVE_AES_ECB
#if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
!defined(WOLFSSL_QNX_CAAM)
@@ -10023,16 +11382,17 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
static WARN_UNUSED_RESULT int _AesEcbEncrypt(
Aes* aes, byte* out, const byte* in, word32 sz)
{
- word32 blocks = sz / AES_BLOCK_SIZE;
+ int ret = 0;
#ifdef WOLF_CRYPTO_CB
#ifndef WOLF_CRYPTO_CB_FIND
if (aes->devId != INVALID_DEVID)
#endif
{
- int ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
+ ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
return ret;
+ ret = 0;
/* fall-through when unavailable */
}
#endif
@@ -10040,38 +11400,50 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt(
if (aes->keylen == 16)
return DCPAesEcbEncrypt(aes, out, in, sz);
#endif
+
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- if (haveAESNI && aes->use_aesni) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_ECB_encrypt(in, out, sz, (byte*)aes->key, (int)aes->rounds);
- RESTORE_VECTOR_REGISTERS();
- blocks = 0;
+ if (aes->use_aesni) {
+ AES_ECB_encrypt_AESNI(in, out, sz, (byte*)aes->key, (int)aes->rounds);
}
+ else
+#endif
+ {
+#ifndef WOLFSSL_ARMASM
+ AesEncryptBlocks_C(aes, in, out, sz);
+#else
+ word32 i;
+
+ for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+ ret = wc_AesEncryptDirect(aes, out, in);
+ if (ret != 0)
+ break;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
#endif
- while (blocks > 0) {
- int ret = wc_AesEncryptDirect(aes, out, in);
- if (ret != 0)
- return ret;
- out += AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- blocks--;
}
- return 0;
+
+ VECTOR_REGISTERS_POP;
+
+ return ret;
}
static WARN_UNUSED_RESULT int _AesEcbDecrypt(
Aes* aes, byte* out, const byte* in, word32 sz)
{
- word32 blocks = sz / AES_BLOCK_SIZE;
+ int ret = 0;
#ifdef WOLF_CRYPTO_CB
#ifndef WOLF_CRYPTO_CB_FIND
if (aes->devId != INVALID_DEVID)
#endif
{
- int ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
+ ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
if (ret != CRYPTOCB_UNAVAILABLE)
return ret;
+ ret = 0;
/* fall-through when unavailable */
}
#endif
@@ -10079,51 +11451,56 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt(
if (aes->keylen == 16)
return DCPAesEcbDecrypt(aes, out, in, sz);
#endif
+
+ VECTOR_REGISTERS_PUSH;
+
#ifdef WOLFSSL_AESNI
- if (haveAESNI && aes->use_aesni) {
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- AES_ECB_decrypt(in, out, sz, (byte*)aes->key, (int)aes->rounds);
- RESTORE_VECTOR_REGISTERS();
- blocks = 0;
+ if (aes->use_aesni) {
+ AES_ECB_decrypt_AESNI(in, out, sz, (byte*)aes->key, (int)aes->rounds);
}
+ else
+#endif
+ {
+#ifndef WOLFSSL_ARMASM
+ AesDecryptBlocks_C(aes, in, out, sz);
+#else
+ word32 i;
+
+ for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+ ret = wc_AesDecryptDirect(aes, out, in);
+ if (ret != 0)
+ break;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
#endif
- while (blocks > 0) {
- int ret = wc_AesDecryptDirect(aes, out, in);
- if (ret != 0)
- return ret;
- out += AES_BLOCK_SIZE;
- in += AES_BLOCK_SIZE;
- blocks--;
}
- return 0;
+
+ VECTOR_REGISTERS_POP;
+
+ return ret;
}
int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
- int ret;
-
if ((in == NULL) || (out == NULL) || (aes == NULL))
return BAD_FUNC_ARG;
+ if ((sz % AES_BLOCK_SIZE) != 0) {
+ return BAD_LENGTH_E;
+ }
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- ret = _AesEcbEncrypt(aes, out, in, sz);
- RESTORE_VECTOR_REGISTERS();
-
- return ret;
+ return _AesEcbEncrypt(aes, out, in, sz);
}
int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
{
- int ret;
-
if ((in == NULL) || (out == NULL) || (aes == NULL))
return BAD_FUNC_ARG;
+ if ((sz % AES_BLOCK_SIZE) != 0) {
+ return BAD_LENGTH_E;
+ }
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
- ret = _AesEcbDecrypt(aes, out, in, sz);
- RESTORE_VECTOR_REGISTERS();
-
- return ret;
+ return _AesEcbDecrypt(aes, out, in, sz);
}
#endif
#endif /* HAVE_AES_ECB */
@@ -10165,7 +11542,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackEncrypt(
in += processed;
sz -= processed;
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ VECTOR_REGISTERS_PUSH;
while (sz >= AES_BLOCK_SIZE) {
/* Using aes->tmp here for inline case i.e. in=out */
@@ -10211,7 +11588,8 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackEncrypt(
#endif
aes->left -= sz;
}
- RESTORE_VECTOR_REGISTERS();
+
+ VECTOR_REGISTERS_POP;
return ret;
}
@@ -10255,7 +11633,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackDecrypt(
in += processed;
sz -= processed;
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ VECTOR_REGISTERS_PUSH;
while (sz > AES_BLOCK_SIZE) {
/* Using aes->tmp here for inline case i.e. in=out */
@@ -10299,7 +11677,8 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackDecrypt(
aes->left = AES_BLOCK_SIZE - sz;
xorbufout(out, in, aes->tmp, sz);
}
- RESTORE_VECTOR_REGISTERS();
+
+ VECTOR_REGISTERS_POP;
return ret;
}
@@ -10382,7 +11761,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB8(
return 0;
}
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ VECTOR_REGISTERS_PUSH;
while (sz > 0) {
ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
@@ -10414,7 +11793,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB8(
sz -= 1;
}
- RESTORE_VECTOR_REGISTERS();
+ VECTOR_REGISTERS_POP;
return ret;
}
@@ -10438,7 +11817,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
return 0;
}
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ VECTOR_REGISTERS_PUSH;
while (sz > 0) {
ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
@@ -10491,7 +11870,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
}
}
- RESTORE_VECTOR_REGISTERS();
+ VECTOR_REGISTERS_POP;
return ret;
}
@@ -10669,7 +12048,7 @@ int wc_AesKeyWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
XMEMCPY(tmp, iv, KEYWRAP_BLOCK_SIZE);
}
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ VECTOR_REGISTERS_PUSH;
for (j = 0; j <= 5; j++) {
for (i = 1; i <= inSz / KEYWRAP_BLOCK_SIZE; i++) {
@@ -10692,7 +12071,8 @@ int wc_AesKeyWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
break;
r = out + KEYWRAP_BLOCK_SIZE;
}
- RESTORE_VECTOR_REGISTERS();
+
+ VECTOR_REGISTERS_POP;
if (ret != 0)
return ret;
@@ -10781,7 +12161,7 @@ int wc_AesKeyUnWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
XMEMCPY(out, in + KEYWRAP_BLOCK_SIZE, inSz - KEYWRAP_BLOCK_SIZE);
XMEMSET(t, 0, sizeof(t));
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ VECTOR_REGISTERS_PUSH;
/* initialize counter to 6n */
n = (inSz - 1) / KEYWRAP_BLOCK_SIZE;
@@ -10807,7 +12187,8 @@ int wc_AesKeyUnWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
if (ret != 0)
break;
}
- RESTORE_VECTOR_REGISTERS();
+
+ VECTOR_REGISTERS_POP;
if (ret != 0)
return ret;
@@ -10871,6 +12252,24 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
/* Galios Field to use */
#define GF_XTS 0x87
+int wc_AesXtsInit(XtsAes* aes, void* heap, int devId)
+{
+ int ret = 0;
+
+ if (aes == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) {
+ return ret;
+ }
+ if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) {
+ return ret;
+ }
+
+ return 0;
+}
+
/* This is to help with setting keys to correct encrypt or decrypt type.
*
* tweak AES key for tweak in XTS
@@ -10882,12 +12281,9 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
* heap heap hint to use for memory. Can be NULL
* devId id to use with async crypto. Can be 0
*
- * Note: is up to user to call wc_AesFree on tweak and aes key when done.
- *
* return 0 on success
*/
-int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
- void* heap, int devId)
+int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key, word32 len, int dir)
{
word32 keySz;
int ret = 0;
@@ -10896,13 +12292,6 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
return BAD_FUNC_ARG;
}
- if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) {
- return ret;
- }
- if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) {
- return ret;
- }
-
keySz = len/2;
if (keySz != 16 && keySz != 32) {
WOLFSSL_MSG("Unsupported key size");
@@ -10915,11 +12304,46 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
if (ret != 0) {
wc_AesFree(&aes->aes);
}
+#ifdef WOLFSSL_AESNI
+ if (aes->aes.use_aesni != aes->tweak.use_aesni) {
+ if (aes->aes.use_aesni)
+ aes->aes.use_aesni = 0;
+ else
+ aes->tweak.use_aesni = 0;
+ }
+#endif
}
return ret;
}
+/* Combined call to wc_AesXtsInit() and wc_AesXtsSetKeyNoInit().
+ *
+ * Note: is up to user to call wc_AesXtsFree when done.
+ *
+ * return 0 on success
+ */
+int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
+ void* heap, int devId)
+{
+ int ret = 0;
+
+ if (aes == NULL || key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ret = wc_AesXtsInit(aes, heap, devId);
+ if (ret != 0)
+ return ret;
+
+ ret = wc_AesXtsSetKeyNoInit(aes, key, len, dir);
+
+ if (ret != 0)
+ wc_AesXtsFree(aes);
+
+ return ret;
+}
+
/* This is used to free up resources used by Aes structs
*
@@ -10994,6 +12418,42 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz,
return wc_AesXtsDecrypt(aes, out, in, sz, (const byte*)i, AES_BLOCK_SIZE);
}
+#ifdef WOLFSSL_AESNI
+
+#if defined(USE_INTEL_SPEEDUP)
+ #define HAVE_INTEL_AVX1
+ #define HAVE_INTEL_AVX2
+#endif /* USE_INTEL_SPEEDUP */
+
+void AES_XTS_encrypt_aesni(const unsigned char *in, unsigned char *out, word32 sz,
+ const unsigned char* i, const unsigned char* key,
+ const unsigned char* key2, int nr)
+ XASM_LINK("AES_XTS_encrypt_aesni");
+#ifdef HAVE_INTEL_AVX1
+void AES_XTS_encrypt_avx1(const unsigned char *in, unsigned char *out,
+ word32 sz, const unsigned char* i,
+ const unsigned char* key, const unsigned char* key2,
+ int nr)
+ XASM_LINK("AES_XTS_encrypt_avx1");
+#endif /* HAVE_INTEL_AVX1 */
+
+#ifdef HAVE_AES_DECRYPT
+void AES_XTS_decrypt_aesni(const unsigned char *in, unsigned char *out, word32 sz,
+ const unsigned char* i, const unsigned char* key,
+ const unsigned char* key2, int nr)
+ XASM_LINK("AES_XTS_decrypt_aesni");
+#ifdef HAVE_INTEL_AVX1
+void AES_XTS_decrypt_avx1(const unsigned char *in, unsigned char *out,
+ word32 sz, const unsigned char* i,
+ const unsigned char* key, const unsigned char* key2,
+ int nr)
+ XASM_LINK("AES_XTS_decrypt_avx1");
+#endif /* HAVE_INTEL_AVX1 */
+#endif /* HAVE_AES_DECRYPT */
+
+#endif /* WOLFSSL_AESNI */
+
+#if !defined(WOLFSSL_ARMASM) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
#ifdef HAVE_AES_ECB
/* helper function for encrypting / decrypting full buffer at once */
static WARN_UNUSED_RESULT int _AesXtsHelper(
@@ -11042,131 +12502,308 @@ static WARN_UNUSED_RESULT int _AesXtsHelper(
* in input plain text buffer to encrypt
* sz size of both out and in buffers
* i value to use for tweak
+ *
+ * returns 0 on success
+ */
+/* Software AES - XTS Encrypt */
+static int AesXtsEncrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+ const byte* i)
+{
+ int ret = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ Aes *aes = &xaes->aes;
+ Aes *tweak = &xaes->tweak;
+ byte tmp[AES_BLOCK_SIZE];
+
+ XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
+ * key setup passed to encrypt direct*/
+
+ ret = wc_AesEncryptDirect(tweak, tmp, i);
+
+ if (ret != 0)
+ return ret;
+
+#ifdef HAVE_AES_ECB
+ /* encrypt all of buffer at once when possible */
+ if (in != out) { /* can not handle inline */
+ XMEMCPY(out, tmp, AES_BLOCK_SIZE);
+ if ((ret = _AesXtsHelper(aes, out, in, sz, AES_ENCRYPTION)) != 0)
+ return ret;
+ }
+#endif
+
+ while (blocks > 0) {
+ word32 j;
+ byte carry = 0;
+
+#ifdef HAVE_AES_ECB
+ if (in == out)
+#endif
+ { /* check for if inline */
+ byte buf[AES_BLOCK_SIZE];
+
+ XMEMCPY(buf, in, AES_BLOCK_SIZE);
+ xorbuf(buf, tmp, AES_BLOCK_SIZE);
+ ret = wc_AesEncryptDirect(aes, out, buf);
+ if (ret != 0)
+ return ret;
+ }
+ xorbuf(out, tmp, AES_BLOCK_SIZE);
+
+ /* multiply by shift left and propagate carry */
+ for (j = 0; j < AES_BLOCK_SIZE; j++) {
+ byte tmpC;
+
+ tmpC = (tmp[j] >> 7) & 0x01;
+ tmp[j] = (byte)((tmp[j] << 1) + carry);
+ carry = tmpC;
+ }
+ if (carry) {
+ tmp[0] ^= GF_XTS;
+ }
+
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ sz -= AES_BLOCK_SIZE;
+ blocks--;
+ }
+
+ /* stealing operation of XTS to handle left overs */
+ if (sz > 0) {
+ byte buf[AES_BLOCK_SIZE];
+
+ XMEMCPY(buf, out - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+ if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
+ return BUFFER_E;
+ }
+ if (in != out) {
+ XMEMCPY(out, buf, sz);
+ XMEMCPY(buf, in, sz);
+ }
+ else {
+ byte buf2[AES_BLOCK_SIZE];
+
+ XMEMCPY(buf2, buf, sz);
+ XMEMCPY(buf, in, sz);
+ XMEMCPY(out, buf2, sz);
+ }
+
+ xorbuf(buf, tmp, AES_BLOCK_SIZE);
+ ret = wc_AesEncryptDirect(aes, out - AES_BLOCK_SIZE, buf);
+ if (ret == 0)
+ xorbuf(out - AES_BLOCK_SIZE, tmp, AES_BLOCK_SIZE);
+ }
+
+ return ret;
+}
+
+/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
+ *
+ * xaes AES keys to use for block encrypt/decrypt
+ * out output buffer to hold cipher text
+ * in input plain text buffer to encrypt
+ * sz size of both out and in buffers
+ * i value to use for tweak
* iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input
* adds a sanity check on how the user calls the function.
*
* returns 0 on success
*/
-/* Software AES - XTS Encrypt */
int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
const byte* i, word32 iSz)
{
- int ret = 0;
- word32 blocks = (sz / AES_BLOCK_SIZE);
- Aes *aes, *tweak;
+ int ret;
if (xaes == NULL || out == NULL || in == NULL) {
return BAD_FUNC_ARG;
}
- aes = &xaes->aes;
- tweak = &xaes->tweak;
-
if (iSz < AES_BLOCK_SIZE) {
return BAD_FUNC_ARG;
}
- if (blocks > 0) {
- byte tmp[AES_BLOCK_SIZE];
+ if (sz < AES_BLOCK_SIZE) {
+ WOLFSSL_MSG("Plain text input too small for encryption");
+ return BAD_FUNC_ARG;
+ }
+
+ {
+#ifdef WOLFSSL_AESNI
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ int orig_use_aesni = xaes->aes.use_aesni;
+#endif
+ if (xaes->aes.use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) {
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ xaes->aes.use_aesni = 0;
+ xaes->tweak.use_aesni = 0;
+#else
+ return ret;
+#endif
+ }
+ if (xaes->aes.use_aesni) {
+#if defined(HAVE_INTEL_AVX1)
+ if (IS_INTEL_AVX1(intel_flags)) {
+ AES_XTS_encrypt_avx1(in, out, sz, i, (const byte*)xaes->aes.key,
+ (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+ ret = 0;
+ }
+ else
+#endif
+ {
+ AES_XTS_encrypt_aesni(in, out, sz, i, (const byte*)xaes->aes.key,
+ (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+ ret = 0;
+ }
+ }
+ else
+#endif
+ {
+ ret = AesXtsEncrypt_sw(xaes, out, in, sz, i);
+ }
+
+#ifdef WOLFSSL_AESNI
+ if (xaes->aes.use_aesni)
+ RESTORE_VECTOR_REGISTERS();
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ else if (orig_use_aesni) {
+ xaes->aes.use_aesni = orig_use_aesni;
+ xaes->tweak.use_aesni = orig_use_aesni;
+ }
+#endif
+#endif
+ }
+
+ return ret;
+}
+
+/* Same process as encryption but Aes key is AES_DECRYPTION type.
+ *
+ * xaes AES keys to use for block encrypt/decrypt
+ * out output buffer to hold plain text
+ * in input cipher text buffer to decrypt
+ * sz size of both out and in buffers
+ * i value to use for tweak
+ *
+ * returns 0 on success
+ */
+/* Software AES - XTS Decrypt */
+static int AesXtsDecrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+ const byte* i)
+{
+ int ret = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ Aes *aes = &xaes->aes;
+ Aes *tweak = &xaes->tweak;
+ word32 j;
+ byte carry = 0;
+ byte tmp[AES_BLOCK_SIZE];
+ byte stl = (sz % AES_BLOCK_SIZE);
- XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
- * key setup passed to encrypt direct*/
+ XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
+ * key setup passed to decrypt direct*/
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ret = wc_AesEncryptDirect(tweak, tmp, i);
+ if (ret != 0)
+ return ret;
- ret = wc_AesEncryptDirect(tweak, tmp, i);
+ /* if Stealing then break out of loop one block early to handle special
+ * case */
+ if (stl > 0) {
+ blocks--;
+ }
- if (ret != 0) {
- RESTORE_VECTOR_REGISTERS();
+#ifdef HAVE_AES_ECB
+ /* decrypt all of buffer at once when possible */
+ if (in != out) { /* can not handle inline */
+ XMEMCPY(out, tmp, AES_BLOCK_SIZE);
+ if ((ret = _AesXtsHelper(aes, out, in, sz, AES_DECRYPTION)) != 0)
return ret;
- }
+ }
+#endif
- #ifdef HAVE_AES_ECB
- /* encrypt all of buffer at once when possible */
- if (in != out) { /* can not handle inline */
- XMEMCPY(out, tmp, AES_BLOCK_SIZE);
- if ((ret = _AesXtsHelper(aes, out, in, sz, AES_ENCRYPTION)) != 0) {
- RESTORE_VECTOR_REGISTERS();
+ while (blocks > 0) {
+#ifdef HAVE_AES_ECB
+ if (in == out)
+#endif
+ { /* check for if inline */
+ byte buf[AES_BLOCK_SIZE];
+
+ XMEMCPY(buf, in, AES_BLOCK_SIZE);
+ xorbuf(buf, tmp, AES_BLOCK_SIZE);
+ ret = wc_AesDecryptDirect(aes, out, buf);
+ if (ret != 0)
return ret;
- }
}
- #endif
+ xorbuf(out, tmp, AES_BLOCK_SIZE);
- while (blocks > 0) {
- word32 j;
- byte carry = 0;
+ /* multiply by shift left and propagate carry */
+ for (j = 0; j < AES_BLOCK_SIZE; j++) {
+ byte tmpC;
- #ifdef HAVE_AES_ECB
- if (in == out)
- #endif
- { /* check for if inline */
- byte buf[AES_BLOCK_SIZE];
-
- XMEMCPY(buf, in, AES_BLOCK_SIZE);
- xorbuf(buf, tmp, AES_BLOCK_SIZE);
- ret = wc_AesEncryptDirect(aes, out, buf);
- if (ret != 0) {
- RESTORE_VECTOR_REGISTERS();
- return ret;
- }
- }
- xorbuf(out, tmp, AES_BLOCK_SIZE);
+ tmpC = (tmp[j] >> 7) & 0x01;
+ tmp[j] = (byte)((tmp[j] << 1) + carry);
+ carry = tmpC;
+ }
+ if (carry) {
+ tmp[0] ^= GF_XTS;
+ }
+ carry = 0;
- /* multiply by shift left and propagate carry */
- for (j = 0; j < AES_BLOCK_SIZE; j++) {
- byte tmpC;
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ sz -= AES_BLOCK_SIZE;
+ blocks--;
+ }
- tmpC = (tmp[j] >> 7) & 0x01;
- tmp[j] = (byte)((tmp[j] << 1) + carry);
- carry = tmpC;
- }
- if (carry) {
- tmp[0] ^= GF_XTS;
- }
+ /* stealing operation of XTS to handle left overs */
+ if (sz >= AES_BLOCK_SIZE) {
+ byte buf[AES_BLOCK_SIZE];
+ byte tmp2[AES_BLOCK_SIZE];
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- sz -= AES_BLOCK_SIZE;
- blocks--;
- }
+ /* multiply by shift left and propagate carry */
+ for (j = 0; j < AES_BLOCK_SIZE; j++) {
+ byte tmpC;
- /* stealing operation of XTS to handle left overs */
- if (sz > 0) {
- byte buf[AES_BLOCK_SIZE];
+ tmpC = (tmp[j] >> 7) & 0x01;
+ tmp2[j] = (byte)((tmp[j] << 1) + carry);
+ carry = tmpC;
+ }
+ if (carry) {
+ tmp2[0] ^= GF_XTS;
+ }
- XMEMCPY(buf, out - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
- if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
- RESTORE_VECTOR_REGISTERS();
- return BUFFER_E;
- }
- if (in != out) {
- XMEMCPY(out, buf, sz);
- XMEMCPY(buf, in, sz);
- }
- else {
- byte buf2[AES_BLOCK_SIZE];
+ XMEMCPY(buf, in, AES_BLOCK_SIZE);
+ xorbuf(buf, tmp2, AES_BLOCK_SIZE);
+ ret = wc_AesDecryptDirect(aes, out, buf);
+ if (ret != 0)
+ return ret;
+ xorbuf(out, tmp2, AES_BLOCK_SIZE);
- XMEMCPY(buf2, buf, sz);
- XMEMCPY(buf, in, sz);
- XMEMCPY(out, buf2, sz);
- }
+ /* tmp2 holds partial | last */
+ XMEMCPY(tmp2, out, AES_BLOCK_SIZE);
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ sz -= AES_BLOCK_SIZE;
- xorbuf(buf, tmp, AES_BLOCK_SIZE);
- ret = wc_AesEncryptDirect(aes, out - AES_BLOCK_SIZE, buf);
- if (ret == 0)
- xorbuf(out - AES_BLOCK_SIZE, tmp, AES_BLOCK_SIZE);
+ /* Make buffer with end of cipher text | last */
+ XMEMCPY(buf, tmp2, AES_BLOCK_SIZE);
+ if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
+ return BUFFER_E;
}
- RESTORE_VECTOR_REGISTERS();
- }
- else {
- WOLFSSL_MSG("Plain text input too small for encryption");
- return BAD_FUNC_ARG;
+ XMEMCPY(buf, in, sz);
+ XMEMCPY(out, tmp2, sz);
+
+ xorbuf(buf, tmp, AES_BLOCK_SIZE);
+ ret = wc_AesDecryptDirect(aes, tmp2, buf);
+ if (ret != 0)
+ return ret;
+ xorbuf(tmp2, tmp, AES_BLOCK_SIZE);
+ XMEMCPY(out - AES_BLOCK_SIZE, tmp2, AES_BLOCK_SIZE);
}
return ret;
}
-
/* Same process as encryption but Aes key is AES_DECRYPTION type.
*
* xaes AES keys to use for block encrypt/decrypt
@@ -11179,155 +12816,169 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
*
* returns 0 on success
*/
-/* Software AES - XTS Decrypt */
int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
const byte* i, word32 iSz)
{
- int ret = 0;
- word32 blocks = (sz / AES_BLOCK_SIZE);
- Aes *aes, *tweak;
+ int ret;
if (xaes == NULL || out == NULL || in == NULL) {
return BAD_FUNC_ARG;
}
- aes = &xaes->aes;
- tweak = &xaes->tweak;
-
if (iSz < AES_BLOCK_SIZE) {
return BAD_FUNC_ARG;
}
- if (blocks > 0) {
- word32 j;
- byte carry = 0;
- byte tmp[AES_BLOCK_SIZE];
- byte stl = (sz % AES_BLOCK_SIZE);
-
- XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
- * key setup passed to decrypt direct*/
+ if (sz < AES_BLOCK_SIZE) {
+ WOLFSSL_MSG("Cipher text input too small for decryption");
+ return BAD_FUNC_ARG;
+ }
- SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ {
+#ifdef WOLFSSL_AESNI
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ int orig_use_aesni = xaes->aes.use_aesni;
+#endif
- ret = wc_AesEncryptDirect(tweak, tmp, i);
- if (ret != 0) {
- RESTORE_VECTOR_REGISTERS();
- return ret;
+ if (xaes->aes.use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) {
+ xaes->aes.use_aesni = 0;
+ xaes->tweak.use_aesni = 0;
}
-
- /* if Stealing then break out of loop one block early to handle special
- * case */
- if (stl > 0) {
- blocks--;
+ if (xaes->aes.use_aesni) {
+#if defined(HAVE_INTEL_AVX1)
+ if (IS_INTEL_AVX1(intel_flags)) {
+ AES_XTS_decrypt_avx1(in, out, sz, i, (const byte*)xaes->aes.key,
+ (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+ ret = 0;
+ }
+ else
+#endif
+ {
+ AES_XTS_decrypt_aesni(in, out, sz, i, (const byte*)xaes->aes.key,
+ (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+ ret = 0;
+ }
+ }
+ else
+#endif
+ {
+ ret = AesXtsDecrypt_sw(xaes, out, in, sz, i);
}
- #ifdef HAVE_AES_ECB
- /* decrypt all of buffer at once when possible */
- if (in != out) { /* can not handle inline */
- XMEMCPY(out, tmp, AES_BLOCK_SIZE);
- if ((ret = _AesXtsHelper(aes, out, in, sz, AES_DECRYPTION)) != 0) {
- RESTORE_VECTOR_REGISTERS();
- return ret;
- }
+#ifdef WOLFSSL_AESNI
+ if (xaes->aes.use_aesni)
+ RESTORE_VECTOR_REGISTERS();
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ else if (orig_use_aesni) {
+ xaes->aes.use_aesni = orig_use_aesni;
+ xaes->tweak.use_aesni = orig_use_aesni;
}
- #endif
+#endif
+#endif
- while (blocks > 0) {
- #ifdef HAVE_AES_ECB
- if (in == out)
- #endif
- { /* check for if inline */
- byte buf[AES_BLOCK_SIZE];
-
- XMEMCPY(buf, in, AES_BLOCK_SIZE);
- xorbuf(buf, tmp, AES_BLOCK_SIZE);
- ret = wc_AesDecryptDirect(aes, out, buf);
- if (ret != 0) {
- RESTORE_VECTOR_REGISTERS();
- return ret;
- }
- }
- xorbuf(out, tmp, AES_BLOCK_SIZE);
+ return ret;
+ }
+}
+#endif /* !WOLFSSL_ARMASM || WOLFSSL_ARMASM_NO_HW_CRYPTO */
- /* multiply by shift left and propagate carry */
- for (j = 0; j < AES_BLOCK_SIZE; j++) {
- byte tmpC;
+/* Same as wc_AesXtsEncryptSector but the sector gets incremented by one every
+ * sectorSz bytes
+ *
+ * xaes AES keys to use for block encrypt
+ * out output buffer to hold cipher text
+ * in input plain text buffer to encrypt
+ * sz size of both out and in buffers
+ * sector value to use for tweak
+ * sectorSz size of the sector
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
+ word32 sz, word64 sector, word32 sectorSz)
+{
+ int ret = 0;
+ word32 iter = 0;
+ word32 sectorCount;
+ word32 remainder;
- tmpC = (tmp[j] >> 7) & 0x01;
- tmp[j] = (byte)((tmp[j] << 1) + carry);
- carry = tmpC;
- }
- if (carry) {
- tmp[0] ^= GF_XTS;
- }
- carry = 0;
+ if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
+ return BAD_FUNC_ARG;
+ }
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- sz -= AES_BLOCK_SIZE;
- blocks--;
- }
+ if (sz < AES_BLOCK_SIZE) {
+ WOLFSSL_MSG("Cipher text input too small for encryption");
+ return BAD_FUNC_ARG;
+ }
- /* stealing operation of XTS to handle left overs */
- if (sz >= AES_BLOCK_SIZE) {
- byte buf[AES_BLOCK_SIZE];
- byte tmp2[AES_BLOCK_SIZE];
+ sectorCount = sz / sectorSz;
+ remainder = sz % sectorSz;
- /* multiply by shift left and propagate carry */
- for (j = 0; j < AES_BLOCK_SIZE; j++) {
- byte tmpC;
+ while (sectorCount) {
+ ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
+ in + (iter * sectorSz), sectorSz, sector);
+ if (ret != 0)
+ break;
- tmpC = (tmp[j] >> 7) & 0x01;
- tmp2[j] = (byte)((tmp[j] << 1) + carry);
- carry = tmpC;
- }
- if (carry) {
- tmp2[0] ^= GF_XTS;
- }
+ sectorCount--;
+ iter++;
+ sector++;
+ }
- XMEMCPY(buf, in, AES_BLOCK_SIZE);
- xorbuf(buf, tmp2, AES_BLOCK_SIZE);
- ret = wc_AesDecryptDirect(aes, out, buf);
- if (ret != 0) {
- RESTORE_VECTOR_REGISTERS();
- return ret;
- }
- xorbuf(out, tmp2, AES_BLOCK_SIZE);
+ if (remainder && ret == 0)
+ ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
+ in + (iter * sectorSz), remainder, sector);
- /* tmp2 holds partial | last */
- XMEMCPY(tmp2, out, AES_BLOCK_SIZE);
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- sz -= AES_BLOCK_SIZE;
+ return ret;
+}
- /* Make buffer with end of cipher text | last */
- XMEMCPY(buf, tmp2, AES_BLOCK_SIZE);
- if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
- RESTORE_VECTOR_REGISTERS();
- return BUFFER_E;
- }
- XMEMCPY(buf, in, sz);
- XMEMCPY(out, tmp2, sz);
+/* Same as wc_AesXtsEncryptConsecutiveSectors but Aes key is AES_DECRYPTION type
+ *
+ * xaes AES keys to use for block decrypt
+ * out output buffer to hold cipher text
+ * in input plain text buffer to encrypt
+ * sz size of both out and in buffers
+ * sector value to use for tweak
+ * sectorSz size of the sector
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
+ word32 sz, word64 sector, word32 sectorSz)
+{
+ int ret = 0;
+ word32 iter = 0;
+ word32 sectorCount;
+ word32 remainder;
- xorbuf(buf, tmp, AES_BLOCK_SIZE);
- ret = wc_AesDecryptDirect(aes, tmp2, buf);
- if (ret != 0) {
- RESTORE_VECTOR_REGISTERS();
- return ret;
- }
- xorbuf(tmp2, tmp, AES_BLOCK_SIZE);
- XMEMCPY(out - AES_BLOCK_SIZE, tmp2, AES_BLOCK_SIZE);
- }
- RESTORE_VECTOR_REGISTERS();
+ if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
+ return BAD_FUNC_ARG;
}
- else {
- WOLFSSL_MSG("Plain text input too small for encryption");
+
+ if (sz < AES_BLOCK_SIZE) {
+ WOLFSSL_MSG("Cipher text input too small for decryption");
return BAD_FUNC_ARG;
}
+ sectorCount = sz / sectorSz;
+ remainder = sz % sectorSz;
+
+ while (sectorCount) {
+ ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
+ in + (iter * sectorSz), sectorSz, sector);
+ if (ret != 0)
+ break;
+
+ sectorCount--;
+ iter++;
+ sector++;
+ }
+
+ if (remainder && ret == 0)
+ ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
+ in + (iter * sectorSz), remainder, sector);
+
return ret;
}
-
#endif /* WOLFSSL_AES_XTS */
#ifdef WOLFSSL_AES_SIV
@@ -11572,5 +13223,518 @@ int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
#endif /* WOLFSSL_AES_SIV */
-#endif /* HAVE_FIPS */
+#if defined(WOLFSSL_AES_EAX)
+
+/*
+ * AES EAX one-shot API
+ * Encrypts input data and computes an auth tag over the input
+ * auth data and ciphertext
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ /* output computed auth tag */
+ byte* authTag, word32 authTagSz,
+ /* input data to authenticate */
+ const byte* authIn, word32 authInSz)
+{
+#if defined(WOLFSSL_SMALL_STACK)
+ AesEax *eax;
+#else
+ AesEax eax_mem;
+ AesEax *eax = &eax_mem;
+#endif
+ int ret;
+ int eaxInited = 0;
+
+ if (key == NULL || out == NULL || in == NULL || nonce == NULL
+ || authTag == NULL || authIn == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#if defined(WOLFSSL_SMALL_STACK)
+ if ((eax = (AesEax *)XMALLOC(sizeof(AesEax),
+ NULL,
+ DYNAMIC_TYPE_AES_EAX)) == NULL) {
+ return MEMORY_E;
+ }
+#endif
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+ goto cleanup;
+ }
+ eaxInited = 1;
+
+ if ((ret = wc_AesEaxEncryptUpdate(eax, out, in, inSz, NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxEncryptFinal(eax, authTag, authTagSz)) != 0) {
+ goto cleanup;
+ }
+
+cleanup:
+ if (eaxInited)
+ wc_AesEaxFree(eax);
+#if defined(WOLFSSL_SMALL_STACK)
+ XFREE(eax, NULL, DYNAMIC_TYPE_AES_EAX);
+#endif
+ return ret;
+}
+
+
+/*
+ * AES EAX one-shot API
+ * Decrypts and authenticates data against a supplied auth tag
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ /* auth tag to verify against */
+ const byte* authTag, word32 authTagSz,
+ /* input data to authenticate */
+ const byte* authIn, word32 authInSz)
+{
+#if defined(WOLFSSL_SMALL_STACK)
+ AesEax *eax;
+#else
+ AesEax eax_mem;
+ AesEax *eax = &eax_mem;
+#endif
+ int ret;
+ int eaxInited = 0;
+
+ if (key == NULL || out == NULL || in == NULL || nonce == NULL
+ || authTag == NULL || authIn == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#if defined(WOLFSSL_SMALL_STACK)
+ if ((eax = (AesEax *)XMALLOC(sizeof(AesEax),
+ NULL,
+ DYNAMIC_TYPE_AES_EAX)) == NULL) {
+ return MEMORY_E;
+ }
+#endif
+
+ if ((ret = wc_AesEaxInit(eax,
+ key, keySz,
+ nonce, nonceSz,
+ authIn, authInSz)) != 0) {
+
+ goto cleanup;
+ }
+ eaxInited = 1;
+
+ if ((ret = wc_AesEaxDecryptUpdate(eax, out, in, inSz, NULL, 0)) != 0) {
+ goto cleanup;
+ }
+
+ if ((ret = wc_AesEaxDecryptFinal(eax, authTag, authTagSz)) != 0) {
+ goto cleanup;
+ }
+
+cleanup:
+ if (eaxInited)
+ wc_AesEaxFree(eax);
+#if defined(WOLFSSL_SMALL_STACK)
+ XFREE(eax, NULL, DYNAMIC_TYPE_AES_EAX);
+#endif
+ return ret;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Initializes an AES EAX encryption or decryption operation. This must be
+ * called before any other EAX APIs are used on the AesEax struct
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxInit(AesEax* eax,
+ const byte* key, word32 keySz,
+ const byte* nonce, word32 nonceSz,
+ const byte* authIn, word32 authInSz)
+{
+ int ret = 0;
+ word32 cmacSize;
+ int aesInited = 0;
+ int nonceCmacInited = 0;
+ int aadCmacInited = 0;
+
+ if (eax == NULL || key == NULL || nonce == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ XMEMSET(eax->prefixBuf, 0, sizeof(eax->prefixBuf));
+
+ if ((ret = wc_AesInit(&eax->aes, NULL, INVALID_DEVID)) != 0) {
+ goto out;
+ }
+ aesInited = 1;
+
+ if ((ret = wc_AesSetKey(&eax->aes,
+ key,
+ keySz,
+ NULL,
+ AES_ENCRYPTION)) != 0) {
+ goto out;
+ }
+
+ /*
+ * OMAC the nonce to use as the IV for CTR encryption and auth tag chunk
+ * N' = OMAC^0_K(N)
+ */
+ if ((ret = wc_InitCmac(&eax->nonceCmac,
+ key,
+ keySz,
+ WC_CMAC_AES,
+ NULL)) != 0) {
+ return ret;
+ }
+ nonceCmacInited = 1;
+
+ if ((ret = wc_CmacUpdate(&eax->nonceCmac,
+ eax->prefixBuf,
+ sizeof(eax->prefixBuf))) != 0) {
+ goto out;
+ }
+
+ if ((ret = wc_CmacUpdate(&eax->nonceCmac, nonce, nonceSz)) != 0) {
+ goto out;
+ }
+
+ cmacSize = AES_BLOCK_SIZE;
+ if ((ret = wc_CmacFinal(&eax->nonceCmac,
+ eax->nonceCmacFinal,
+ &cmacSize)) != 0) {
+ goto out;
+ }
+
+ if ((ret = wc_AesSetIV(&eax->aes, eax->nonceCmacFinal)) != 0) {
+ goto out;
+ }
+
+ /*
+ * start the OMAC used to build the auth tag chunk for the AD .
+ * This CMAC is continued in subsequent update calls when more auth data is
+ * provided
+ * H' = OMAC^1_K(H)
+ */
+ eax->prefixBuf[AES_BLOCK_SIZE-1] = 1;
+ if ((ret = wc_InitCmac(&eax->aadCmac,
+ key,
+ keySz,
+ WC_CMAC_AES,
+ NULL)) != 0) {
+ goto out;
+ }
+ aadCmacInited = 1;
+
+ if ((ret = wc_CmacUpdate(&eax->aadCmac,
+ eax->prefixBuf,
+ sizeof(eax->prefixBuf))) != 0) {
+ goto out;
+ }
+
+ if (authIn != NULL) {
+ if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
+ goto out;
+ }
+ }
+
+ /*
+ * start the OMAC to create auth tag chunk for ciphertext. This MAC will be
+ * updated in subsequent calls to encrypt/decrypt
+ * C' = OMAC^2_K(C)
+ */
+ eax->prefixBuf[AES_BLOCK_SIZE-1] = 2;
+ if ((ret = wc_InitCmac(&eax->ciphertextCmac,
+ key,
+ keySz,
+ WC_CMAC_AES,
+ NULL)) != 0) {
+ goto out;
+ }
+
+ if ((ret = wc_CmacUpdate(&eax->ciphertextCmac,
+ eax->prefixBuf,
+ sizeof(eax->prefixBuf))) != 0) {
+ goto out;
+ }
+
+out:
+
+ if (ret != 0) {
+ if (aesInited)
+ wc_AesFree(&eax->aes);
+ if (nonceCmacInited)
+ wc_CmacFree(&eax->nonceCmac);
+ if (aadCmacInited)
+ wc_CmacFree(&eax->aadCmac);
+ }
+
+ return ret;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Encrypts input plaintext using AES EAX mode, adding optional auth data to
+ * the authentication stream
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
+ const byte* in, word32 inSz,
+ const byte* authIn, word32 authInSz)
+{
+ int ret;
+
+ if (eax == NULL || out == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /*
+ * Encrypt the plaintext using AES CTR
+ * C = CTR(M)
+ */
+ if ((ret = wc_AesCtrEncrypt(&eax->aes, out, in, inSz)) != 0) {
+ return ret;
+ }
+
+ /*
+ * update OMAC with new ciphertext
+ * C' = OMAC^2_K(C)
+ */
+ if ((ret = wc_CmacUpdate(&eax->ciphertextCmac, out, inSz)) != 0) {
+ return ret;
+ }
+
+ /* If there exists new auth data, update the OMAC for that as well */
+ if (authIn != NULL) {
+ if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Decrypts input ciphertext using AES EAX mode, adding optional auth data to
+ * the authentication stream
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
+ const byte* in, word32 inSz,
+ const byte* authIn, word32 authInSz)
+{
+ int ret;
+
+ if (eax == NULL || out == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /*
+ * Decrypt the plaintext using AES CTR
+ * C = CTR(M)
+ */
+ if ((ret = wc_AesCtrEncrypt(&eax->aes, out, in, inSz)) != 0) {
+ return ret;
+ }
+
+ /*
+ * update OMAC with new ciphertext
+ * C' = OMAC^2_K(C)
+ */
+ if ((ret = wc_CmacUpdate(&eax->ciphertextCmac, in, inSz)) != 0) {
+ return ret;
+ }
+
+ /* If there exists new auth data, update the OMAC for that as well */
+ if (authIn != NULL) {
+ if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Provides additional auth data information to the authentication
+ * stream for an authenticated encryption or decryption operation
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxAuthDataUpdate(AesEax* eax, const byte* authIn, word32 authInSz)
+{
+ return wc_CmacUpdate(&eax->aadCmac, authIn, authInSz);
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Finalizes the authenticated encryption operation, computing the auth tag
+ * over previously supplied auth data and computed ciphertext
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxEncryptFinal(AesEax* eax, byte* authTag, word32 authTagSz)
+{
+ word32 cmacSize;
+ int ret;
+ word32 i;
+
+ if (eax == NULL || authTag == NULL || authTagSz > AES_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Complete the OMAC for the ciphertext */
+ cmacSize = AES_BLOCK_SIZE;
+ if ((ret = wc_CmacFinalNoFree(&eax->ciphertextCmac,
+ eax->ciphertextCmacFinal,
+ &cmacSize)) != 0) {
+ return ret;
+ }
+
+ /* Complete the OMAC for auth data */
+ cmacSize = AES_BLOCK_SIZE;
+ if ((ret = wc_CmacFinalNoFree(&eax->aadCmac,
+ eax->aadCmacFinal,
+ &cmacSize)) != 0) {
+ return ret;
+ }
+
+ /*
+ * Concatenate all three auth tag chunks into the final tag, truncating
+ * at the specified tag length
+ * T = Tag [first authTagSz bytes]
+ */
+ for (i = 0; i < authTagSz; i++) {
+ authTag[i] = eax->nonceCmacFinal[i]
+ ^ eax->aadCmacFinal[i]
+ ^ eax->ciphertextCmacFinal[i];
+ }
+
+ return 0;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Finalizes the authenticated decryption operation, computing the auth tag
+ * for the previously supplied auth data and cipher text and validating it
+ * against a provided auth tag
+ *
+ * Returns 0 on success
+ * Return error code for failure
+ */
+int wc_AesEaxDecryptFinal(AesEax* eax,
+ const byte* authIn, word32 authInSz)
+{
+ int ret;
+ word32 i;
+ word32 cmacSize;
+
+#if defined(WOLFSSL_SMALL_STACK)
+ byte *authTag;
+#else
+ byte authTag[AES_BLOCK_SIZE];
+#endif
+
+ if (eax == NULL || authIn == NULL || authInSz > AES_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Complete the OMAC for the ciphertext */
+ cmacSize = AES_BLOCK_SIZE;
+ if ((ret = wc_CmacFinalNoFree(&eax->ciphertextCmac,
+ eax->ciphertextCmacFinal,
+ &cmacSize)) != 0) {
+ return ret;
+ }
+
+ /* Complete the OMAC for auth data */
+ cmacSize = AES_BLOCK_SIZE;
+ if ((ret = wc_CmacFinalNoFree(&eax->aadCmac,
+ eax->aadCmacFinal,
+ &cmacSize)) != 0) {
+ return ret;
+ }
+
+#if defined(WOLFSSL_SMALL_STACK)
+ authTag = (byte*)XMALLOC(AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (authTag == NULL) {
+ return MEMORY_E;
+ }
+#endif
+
+ /*
+ * Concatenate all three auth tag chunks into the final tag, truncating
+ * at the specified tag length
+ * T = Tag [first authInSz bytes]
+ */
+ for (i = 0; i < authInSz; i++) {
+ authTag[i] = eax->nonceCmacFinal[i]
+ ^ eax->aadCmacFinal[i]
+ ^ eax->ciphertextCmacFinal[i];
+ }
+
+ if (ConstantCompare((const byte*)authTag, authIn, (int)authInSz) != 0) {
+ ret = AES_EAX_AUTH_E;
+ }
+ else {
+ ret = 0;
+ }
+
+#if defined(WOLFSSL_SMALL_STACK)
+ XFREE(authTag, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+ return ret;
+}
+
+/*
+ * Frees the underlying CMAC and AES contexts. Must be called when done using
+ * the AES EAX context structure.
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxFree(AesEax* eax)
+{
+ if (eax == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ (void)wc_CmacFree(&eax->ciphertextCmac);
+ (void)wc_CmacFree(&eax->aadCmac);
+ wc_AesFree(&eax->aes);
+
+ return 0;
+}
+
+#endif /* WOLFSSL_AES_EAX */
+
#endif /* !NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S
index 89ebc7be..afaa0d40 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S
@@ -30,7 +30,7 @@
#ifdef WOLFSSL_X86_64_BUILD
/*
-AES_CBC_encrypt (const unsigned char *in,
+AES_CBC_encrypt_AESNI (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
@@ -38,11 +38,11 @@ AES_CBC_encrypt (const unsigned char *in,
int nr)
*/
#ifndef __APPLE__
-.globl AES_CBC_encrypt
-AES_CBC_encrypt:
+.globl AES_CBC_encrypt_AESNI
+AES_CBC_encrypt_AESNI:
#else
-.globl _AES_CBC_encrypt
-_AES_CBC_encrypt:
+.globl _AES_CBC_encrypt_AESNI
+_AES_CBC_encrypt_AESNI:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
@@ -95,7 +95,7 @@ ret
#if defined(WOLFSSL_AESNI_BY4)
/*
-AES_CBC_decrypt_by4 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by4 (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
@@ -103,11 +103,11 @@ AES_CBC_decrypt_by4 (const unsigned char *in,
int nr)
*/
#ifndef __APPLE__
-.globl AES_CBC_decrypt_by4
-AES_CBC_decrypt_by4:
+.globl AES_CBC_decrypt_AESNI_by4
+AES_CBC_decrypt_AESNI_by4:
#else
-.globl _AES_CBC_decrypt_by4
-_AES_CBC_decrypt_by4:
+.globl _AES_CBC_decrypt_AESNI_by4
+_AES_CBC_decrypt_AESNI_by4:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
@@ -276,7 +276,7 @@ DEND_4:
#elif defined(WOLFSSL_AESNI_BY6)
/*
-AES_CBC_decrypt_by6 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by6 (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
@@ -284,11 +284,11 @@ AES_CBC_decrypt_by6 (const unsigned char *in,
int nr)
*/
#ifndef __APPLE__
-.globl AES_CBC_decrypt_by6
-AES_CBC_decrypt_by6:
+.globl AES_CBC_decrypt_AESNI_by6
+AES_CBC_decrypt_AESNI_by6:
#else
-.globl _AES_CBC_decrypt_by6
-_AES_CBC_decrypt_by6:
+.globl _AES_CBC_decrypt_AESNI_by6
+_AES_CBC_decrypt_AESNI_by6:
#endif
# parameter 1: %rdi - in
# parameter 2: %rsi - out
@@ -504,7 +504,7 @@ DEND_6:
#else /* WOLFSSL_AESNI_BYx */
/*
-AES_CBC_decrypt_by8 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by8 (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
@@ -512,11 +512,11 @@ AES_CBC_decrypt_by8 (const unsigned char *in,
int nr)
*/
#ifndef __APPLE__
-.globl AES_CBC_decrypt_by8
-AES_CBC_decrypt_by8:
+.globl AES_CBC_decrypt_AESNI_by8
+AES_CBC_decrypt_AESNI_by8:
#else
-.globl _AES_CBC_decrypt_by8
-_AES_CBC_decrypt_by8:
+.globl _AES_CBC_decrypt_AESNI_by8
+_AES_CBC_decrypt_AESNI_by8:
#endif
# parameter 1: %rdi - in
# parameter 2: %rsi - out
@@ -761,18 +761,18 @@ DEND_8:
/*
-AES_ECB_encrypt (const unsigned char *in,
+AES_ECB_encrypt_AESNI (const unsigned char *in,
unsigned char *out,
unsigned long length,
const unsigned char *KS,
int nr)
*/
#ifndef __APPLE__
-.globl AES_ECB_encrypt
-AES_ECB_encrypt:
+.globl AES_ECB_encrypt_AESNI
+AES_ECB_encrypt_AESNI:
#else
-.globl _AES_ECB_encrypt
-_AES_ECB_encrypt:
+.globl _AES_ECB_encrypt_AESNI
+_AES_ECB_encrypt_AESNI:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
@@ -925,18 +925,18 @@ EECB_END_4:
/*
-AES_ECB_decrypt (const unsigned char *in,
+AES_ECB_decrypt_AESNI (const unsigned char *in,
unsigned char *out,
unsigned long length,
const unsigned char *KS,
int nr)
*/
#ifndef __APPLE__
-.globl AES_ECB_decrypt
-AES_ECB_decrypt:
+.globl AES_ECB_decrypt_AESNI
+AES_ECB_decrypt_AESNI:
#else
-.globl _AES_ECB_decrypt
-_AES_ECB_decrypt:
+.globl _AES_ECB_decrypt_AESNI
+_AES_ECB_decrypt_AESNI:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
@@ -1092,20 +1092,19 @@ DECB_END_4:
/*
-void AES_128_Key_Expansion(const unsigned char* userkey,
+void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
unsigned char* key_schedule);
*/
.align 16,0x90
#ifndef __APPLE__
-.globl AES_128_Key_Expansion
-AES_128_Key_Expansion:
+.globl AES_128_Key_Expansion_AESNI
+AES_128_Key_Expansion_AESNI:
#else
-.globl _AES_128_Key_Expansion
-_AES_128_Key_Expansion:
+.globl _AES_128_Key_Expansion_AESNI
+_AES_128_Key_Expansion_AESNI:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
-movl $10, 240(%rsi)
movdqu (%rdi), %xmm1
movdqa %xmm1, (%rsi)
@@ -1158,15 +1157,15 @@ ret
/*
-void AES_192_Key_Expansion (const unsigned char *userkey,
+void AES_192_Key_Expansion_AESNI (const unsigned char *userkey,
unsigned char *key)
*/
#ifndef __APPLE__
-.globl AES_192_Key_Expansion
-AES_192_Key_Expansion:
+.globl AES_192_Key_Expansion_AESNI
+AES_192_Key_Expansion_AESNI:
#else
-.globl _AES_192_Key_Expansion
-_AES_192_Key_Expansion:
+.globl _AES_192_Key_Expansion_AESNI
+_AES_192_Key_Expansion_AESNI:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
@@ -1249,15 +1248,15 @@ ret
/*
-void AES_256_Key_Expansion (const unsigned char *userkey,
+void AES_256_Key_Expansion_AESNI (const unsigned char *userkey,
unsigned char *key)
*/
#ifndef __APPLE__
-.globl AES_256_Key_Expansion
-AES_256_Key_Expansion:
+.globl AES_256_Key_Expansion_AESNI
+AES_256_Key_Expansion_AESNI:
#else
-.globl _AES_256_Key_Expansion
-_AES_256_Key_Expansion:
+.globl _AES_256_Key_Expansion_AESNI
+_AES_256_Key_Expansion_AESNI:
#endif
# parameter 1: %rdi
# parameter 2: %rsi
@@ -1337,7 +1336,7 @@ ret
#elif defined WOLFSSL_X86_BUILD
/*
-AES_CBC_encrypt (const unsigned char *in,
+AES_CBC_encrypt_AESNI (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
@@ -1345,11 +1344,11 @@ AES_CBC_encrypt (const unsigned char *in,
int nr)
*/
#ifndef __APPLE__
-.globl AES_CBC_encrypt
-AES_CBC_encrypt:
+.globl AES_CBC_encrypt_AESNI
+AES_CBC_encrypt_AESNI:
#else
-.globl _AES_CBC_encrypt
-_AES_CBC_encrypt:
+.globl _AES_CBC_encrypt_AESNI
+_AES_CBC_encrypt_AESNI:
#endif
# parameter 1: stack[4] => %edi
# parameter 2: stack[8] => %esi
@@ -1416,7 +1415,7 @@ _AES_CBC_encrypt:
/*
-AES_CBC_decrypt_by4 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by4 (const unsigned char *in,
unsigned char *out,
unsigned char ivec[16],
unsigned long length,
@@ -1424,11 +1423,11 @@ AES_CBC_decrypt_by4 (const unsigned char *in,
int nr)
*/
#ifndef __APPLE__
-.globl AES_CBC_decrypt_by4
-AES_CBC_decrypt_by4:
+.globl AES_CBC_decrypt_AESNI_by4
+AES_CBC_decrypt_AESNI_by4:
#else
-.globl _AES_CBC_decrypt_by4
-_AES_CBC_decrypt_by4:
+.globl _AES_CBC_decrypt_AESNI_by4
+_AES_CBC_decrypt_AESNI_by4:
#endif
# parameter 1: stack[4] => %edi
# parameter 2: stack[8] => %esi
@@ -1614,18 +1613,18 @@ DEND_4:
ret
/*
-AES_ECB_encrypt (const unsigned char *in,
+AES_ECB_encrypt_AESNI (const unsigned char *in,
unsigned char *out,
unsigned long length,
const unsigned char *KS,
int nr)
*/
#ifndef __APPLE__
-.globl AES_ECB_encrypt
-AES_ECB_encrypt:
+.globl AES_ECB_encrypt_AESNI
+AES_ECB_encrypt_AESNI:
#else
-.globl _AES_ECB_encrypt
-_AES_ECB_encrypt:
+.globl _AES_ECB_encrypt_AESNI
+_AES_ECB_encrypt_AESNI:
#endif
# parameter 1: stack[4] => %edi
# parameter 2: stack[8] => %esi
@@ -1791,18 +1790,18 @@ EECB_END_4:
/*
-AES_ECB_decrypt (const unsigned char *in,
+AES_ECB_decrypt_AESNI (const unsigned char *in,
unsigned char *out,
unsigned long length,
const unsigned char *KS,
int nr)
*/
#ifndef __APPLE__
-.globl AES_ECB_decrypt
-AES_ECB_decrypt:
+.globl AES_ECB_decrypt_AESNI
+AES_ECB_decrypt_AESNI:
#else
-.globl _AES_ECB_decrypt
-_AES_ECB_decrypt:
+.globl _AES_ECB_decrypt_AESNI
+_AES_ECB_decrypt_AESNI:
#endif
# parameter 1: stack[4] => %edi
# parameter 2: stack[8] => %esi
@@ -1969,16 +1968,16 @@ DECB_END_4:
/*
-void AES_128_Key_Expansion(const unsigned char* userkey,
+void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
unsigned char* key_schedule);
*/
.align 16,0x90
#ifndef __APPLE__
-.globl AES_128_Key_Expansion
-AES_128_Key_Expansion:
+.globl AES_128_Key_Expansion_AESNI
+AES_128_Key_Expansion_AESNI:
#else
-.globl _AES_128_Key_Expansion
-_AES_128_Key_Expansion:
+.globl _AES_128_Key_Expansion_AESNI
+_AES_128_Key_Expansion_AESNI:
#endif
# parameter 1: stack[4] => %eax
# parameter 2: stack[8] => %edx
@@ -2038,15 +2037,15 @@ PREPARE_ROUNDKEY_128:
/*
-void AES_192_Key_Expansion (const unsigned char *userkey,
+void AES_192_Key_Expansion_AESNI (const unsigned char *userkey,
unsigned char *key)
*/
#ifndef __APPLE__
-.globl AES_192_Key_Expansion
-AES_192_Key_Expansion:
+.globl AES_192_Key_Expansion_AESNI
+AES_192_Key_Expansion_AESNI:
#else
-.globl _AES_192_Key_Expansion
-_AES_192_Key_Expansion:
+.globl _AES_192_Key_Expansion_AESNI
+_AES_192_Key_Expansion_AESNI:
#endif
# parameter 1: stack[4] => %eax
# parameter 2: stack[8] => %edx
@@ -2131,15 +2130,15 @@ PREPARE_ROUNDKEY_192:
/*
-void AES_256_Key_Expansion (const unsigned char *userkey,
+void AES_256_Key_Expansion_AESNI (const unsigned char *userkey,
unsigned char *key)
*/
#ifndef __APPLE__
-.globl AES_256_Key_Expansion
-AES_256_Key_Expansion:
+.globl AES_256_Key_Expansion_AESNI
+AES_256_Key_Expansion_AESNI:
#else
-.globl _AES_256_Key_Expansion
-_AES_256_Key_Expansion:
+.globl _AES_256_Key_Expansion_AESNI
+_AES_256_Key_Expansion_AESNI:
#endif
# parameter 1: stack[4] => %eax
# parameter 2: stack[8] => %edx
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm
index f57876f6..72fe237b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm
@@ -47,14 +47,14 @@ ENDIF
; /*
-; AES_CBC_encrypt[const ,unsigned char*in
+; AES_CBC_encrypt_AESNI[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,char ivec+16
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
-AES_CBC_encrypt PROC
+AES_CBC_encrypt_AESNI PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
@@ -117,16 +117,16 @@ LAST:
mov rdi,rax
mov rsi,r11
ret
-AES_CBC_encrypt ENDP
+AES_CBC_encrypt_AESNI ENDP
-; void AES_CBC_decrypt_by4(const unsigned char* in,
+; void AES_CBC_decrypt_AESNI_by4(const unsigned char* in,
; unsigned char* out,
; unsigned char ivec[16],
; unsigned long length,
; const unsigned char* KS,
; int nr)
-AES_CBC_decrypt_by4 PROC
+AES_CBC_decrypt_AESNI_by4 PROC
; parameter 1: rdi
; parameter 2: rsi
; parameter 3: rdx
@@ -325,16 +325,16 @@ DEND_4:
movdqa xmm15, [rsp+112]
add rsp, 8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
ret
-AES_CBC_decrypt_by4 ENDP
+AES_CBC_decrypt_AESNI_by4 ENDP
-; void AES_CBC_decrypt_by6(const unsigned char *in,
+; void AES_CBC_decrypt_AESNI_by6(const unsigned char *in,
; unsigned char *out,
; unsigned char ivec[16],
; unsigned long length,
; const unsigned char *KS,
; int nr)
-AES_CBC_decrypt_by6 PROC
+AES_CBC_decrypt_AESNI_by6 PROC
; parameter 1: rdi - in
; parameter 2: rsi - out
; parameter 3: rdx - ivec
@@ -582,16 +582,16 @@ DEND_6:
movdqa xmm14, [rsp+128]
add rsp, 8+9*16 ; 8 = align stack , 9 xmm6-14 16 bytes each
ret
-AES_CBC_decrypt_by6 ENDP
+AES_CBC_decrypt_AESNI_by6 ENDP
-; void AES_CBC_decrypt_by8(const unsigned char *in,
+; void AES_CBC_decrypt_AESNI_by8(const unsigned char *in,
; unsigned char *out,
; unsigned char ivec[16],
; unsigned long length,
; const unsigned char *KS,
; int nr)
-AES_CBC_decrypt_by8 PROC
+AES_CBC_decrypt_AESNI_by8 PROC
; parameter 1: rdi - in
; parameter 2: rsi - out
; parameter 3: rdx - ivec
@@ -865,18 +865,18 @@ DEND_8:
movdqa xmm13, [rsp+112]
add rsp, 8+8*16 ; 8 = align stack , 8 xmm6-13 16 bytes each
ret
-AES_CBC_decrypt_by8 ENDP
+AES_CBC_decrypt_AESNI_by8 ENDP
; /*
-; AES_ECB_encrypt[const ,unsigned char*in
+; AES_ECB_encrypt_AESNI[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
-; . globl AES_ECB_encrypt
-AES_ECB_encrypt PROC
+; . globl AES_ECB_encrypt_AESNI
+AES_ECB_encrypt_AESNI PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
@@ -1054,17 +1054,17 @@ EECB_END_4:
movdqa xmm12, [rsp+48]
add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
ret
-AES_ECB_encrypt ENDP
+AES_ECB_encrypt_AESNI ENDP
; /*
-; AES_ECB_decrypt[const ,unsigned char*in
+; AES_ECB_decrypt_AESNI[const ,unsigned char*in
; unsigned ,char*out
; unsigned ,long length
; const ,unsigned char*KS
; int nr]
; */
-; . globl AES_ECB_decrypt
-AES_ECB_decrypt PROC
+; . globl AES_ECB_decrypt_AESNI
+AES_ECB_decrypt_AESNI PROC
;# parameter 1: rdi
;# parameter 2: rsi
;# parameter 3: rdx
@@ -1241,17 +1241,17 @@ DECB_END_4:
movdqa xmm12, [rsp+48]
add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
ret
-AES_ECB_decrypt ENDP
+AES_ECB_decrypt_AESNI ENDP
; /*
-; void ,AES_128_Key_Expansion[const unsigned char*userkey
+; void ,AES_128_Key_Expansion_AESNI[const unsigned char*userkey
; unsigned char*key_schedule]/
; */
; . align 16,0x90
-; . globl AES_128_Key_Expansion
-AES_128_Key_Expansion PROC
+; . globl AES_128_Key_Expansion_AESNI
+AES_128_Key_Expansion_AESNI PROC
;# parameter 1: rdi
;# parameter 2: rsi
@@ -1322,14 +1322,14 @@ PREPARE_ROUNDKEY_128:
pxor xmm1,xmm3
pxor xmm1,xmm2
ret
-AES_128_Key_Expansion ENDP
+AES_128_Key_Expansion_AESNI ENDP
; /*
-; void ,AES_192_Key_Expansion[const unsigned char*userkey
+; void ,AES_192_Key_Expansion_AESNI[const unsigned char*userkey
; unsigned char*key]
; */
-; . globl AES_192_Key_Expansion
-AES_192_Key_Expansion PROC
+; . globl AES_192_Key_Expansion_AESNI
+AES_192_Key_Expansion_AESNI PROC
;# parameter 1: rdi
;# parameter 2: rsi
@@ -1426,14 +1426,14 @@ PREPARE_ROUNDKEY_192:
pxor xmm3,xmm4
pxor xmm3,xmm2
ret
-AES_192_Key_Expansion ENDP
+AES_192_Key_Expansion_AESNI ENDP
; /*
-; void ,AES_256_Key_Expansion[const unsigned char*userkey
+; void ,AES_256_Key_Expansion_AESNI[const unsigned char*userkey
; unsigned char*key]
; */
-; . globl AES_256_Key_Expansion
-AES_256_Key_Expansion PROC
+; . globl AES_256_Key_Expansion_AESNI
+AES_256_Key_Expansion_AESNI PROC
;# parameter 1: rdi
;# parameter 2: rsi
@@ -1495,7 +1495,7 @@ AES_256_Key_Expansion PROC
mov rdi,rax
mov rsi,r11
ret
-AES_256_Key_Expansion ENDP
+AES_256_Key_Expansion_AESNI ENDP
MAKE_RK256_a:
pshufd xmm2,xmm2,0ffh
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S
index 82db934a..4175888f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S
@@ -1,5 +1,5 @@
-/* aes_gcm_asm
- *
+/* aes_gcm_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
@@ -180,15 +180,15 @@ L_aes_gcm_mod2_128:
.quad 0x1, 0xc200000000000000
#ifndef __APPLE__
.text
-.globl AES_GCM_encrypt
-.type AES_GCM_encrypt,@function
+.globl AES_GCM_encrypt_aesni
+.type AES_GCM_encrypt_aesni,@function
.align 16
-AES_GCM_encrypt:
+AES_GCM_encrypt_aesni:
#else
.section __TEXT,__text
-.globl _AES_GCM_encrypt
+.globl _AES_GCM_encrypt_aesni
.p2align 4
-_AES_GCM_encrypt:
+_AES_GCM_encrypt_aesni:
#endif /* __APPLE__ */
pushq %r13
pushq %r12
@@ -207,7 +207,7 @@ _AES_GCM_encrypt:
pxor %xmm6, %xmm6
cmpl $12, %ebx
movl %ebx, %edx
- jne L_AES_GCM_encrypt_iv_not_12
+ jne L_AES_GCM_encrypt_aesni_iv_not_12
# # Calculate values when IV is 12 bytes
# Set counter based on IV
movl $0x1000000, %ecx
@@ -247,7 +247,7 @@ _AES_GCM_encrypt:
aesenc %xmm7, %xmm1
cmpl $11, %r10d
movdqa 160(%r15), %xmm7
- jl L_AES_GCM_encrypt_calc_iv_12_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_12_last
aesenc %xmm7, %xmm5
aesenc %xmm7, %xmm1
movdqa 176(%r15), %xmm7
@@ -255,20 +255,20 @@ _AES_GCM_encrypt:
aesenc %xmm7, %xmm1
cmpl $13, %r10d
movdqa 192(%r15), %xmm7
- jl L_AES_GCM_encrypt_calc_iv_12_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_12_last
aesenc %xmm7, %xmm5
aesenc %xmm7, %xmm1
movdqa 208(%r15), %xmm7
aesenc %xmm7, %xmm5
aesenc %xmm7, %xmm1
movdqa 224(%r15), %xmm7
-L_AES_GCM_encrypt_calc_iv_12_last:
+L_AES_GCM_encrypt_aesni_calc_iv_12_last:
aesenclast %xmm7, %xmm5
aesenclast %xmm7, %xmm1
pshufb L_aes_gcm_bswap_mask(%rip), %xmm5
movdqu %xmm1, 144(%rsp)
- jmp L_AES_GCM_encrypt_iv_done
-L_AES_GCM_encrypt_iv_not_12:
+ jmp L_AES_GCM_encrypt_aesni_iv_done
+L_AES_GCM_encrypt_aesni_iv_not_12:
# Calculate values when IV is not 12 bytes
# H = Encrypt X(=0)
movdqa (%r15), %xmm5
@@ -283,27 +283,27 @@ L_AES_GCM_encrypt_iv_not_12:
aesenc 144(%r15), %xmm5
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc %xmm9, %xmm5
aesenc 176(%r15), %xmm5
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc %xmm9, %xmm5
aesenc 208(%r15), %xmm5
movdqa 224(%r15), %xmm9
-L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last:
aesenclast %xmm9, %xmm5
pshufb L_aes_gcm_bswap_mask(%rip), %xmm5
# Calc counter
# Initialization vector
cmpl $0x00, %edx
movq $0x00, %rcx
- je L_AES_GCM_encrypt_calc_iv_done
+ je L_AES_GCM_encrypt_aesni_calc_iv_done
cmpl $16, %edx
- jl L_AES_GCM_encrypt_calc_iv_lt16
+ jl L_AES_GCM_encrypt_aesni_calc_iv_lt16
andl $0xfffffff0, %edx
-L_AES_GCM_encrypt_calc_iv_16_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_16_loop:
movdqu (%rax,%rcx,1), %xmm8
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
pxor %xmm8, %xmm4
@@ -363,22 +363,22 @@ L_AES_GCM_encrypt_calc_iv_16_loop:
pxor %xmm2, %xmm4
addl $16, %ecx
cmpl %edx, %ecx
- jl L_AES_GCM_encrypt_calc_iv_16_loop
+ jl L_AES_GCM_encrypt_aesni_calc_iv_16_loop
movl %ebx, %edx
cmpl %edx, %ecx
- je L_AES_GCM_encrypt_calc_iv_done
-L_AES_GCM_encrypt_calc_iv_lt16:
+ je L_AES_GCM_encrypt_aesni_calc_iv_done
+L_AES_GCM_encrypt_aesni_calc_iv_lt16:
subq $16, %rsp
pxor %xmm8, %xmm8
xorl %ebx, %ebx
movdqu %xmm8, (%rsp)
-L_AES_GCM_encrypt_calc_iv_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_loop:
movzbl (%rax,%rcx,1), %r13d
movb %r13b, (%rsp,%rbx,1)
incl %ecx
incl %ebx
cmpl %edx, %ecx
- jl L_AES_GCM_encrypt_calc_iv_loop
+ jl L_AES_GCM_encrypt_aesni_calc_iv_loop
movdqu (%rsp), %xmm8
addq $16, %rsp
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -437,7 +437,7 @@ L_AES_GCM_encrypt_calc_iv_loop:
pxor %xmm1, %xmm2
pxor %xmm7, %xmm2
pxor %xmm2, %xmm4
-L_AES_GCM_encrypt_calc_iv_done:
+L_AES_GCM_encrypt_aesni_calc_iv_done:
# T = Encrypt counter
pxor %xmm0, %xmm0
shll $3, %edx
@@ -512,28 +512,28 @@ L_AES_GCM_encrypt_calc_iv_done:
aesenc 144(%r15), %xmm8
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc %xmm9, %xmm8
aesenc 176(%r15), %xmm8
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc %xmm9, %xmm8
aesenc 208(%r15), %xmm8
movdqa 224(%r15), %xmm9
-L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last:
aesenclast %xmm9, %xmm8
movdqu %xmm8, 144(%rsp)
-L_AES_GCM_encrypt_iv_done:
+L_AES_GCM_encrypt_aesni_iv_done:
# Additional authentication data
movl %r11d, %edx
cmpl $0x00, %edx
- je L_AES_GCM_encrypt_calc_aad_done
+ je L_AES_GCM_encrypt_aesni_calc_aad_done
xorl %ecx, %ecx
cmpl $16, %edx
- jl L_AES_GCM_encrypt_calc_aad_lt16
+ jl L_AES_GCM_encrypt_aesni_calc_aad_lt16
andl $0xfffffff0, %edx
-L_AES_GCM_encrypt_calc_aad_16_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_16_loop:
movdqu (%r12,%rcx,1), %xmm8
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
pxor %xmm8, %xmm6
@@ -593,22 +593,22 @@ L_AES_GCM_encrypt_calc_aad_16_loop:
pxor %xmm2, %xmm6
addl $16, %ecx
cmpl %edx, %ecx
- jl L_AES_GCM_encrypt_calc_aad_16_loop
+ jl L_AES_GCM_encrypt_aesni_calc_aad_16_loop
movl %r11d, %edx
cmpl %edx, %ecx
- je L_AES_GCM_encrypt_calc_aad_done
-L_AES_GCM_encrypt_calc_aad_lt16:
+ je L_AES_GCM_encrypt_aesni_calc_aad_done
+L_AES_GCM_encrypt_aesni_calc_aad_lt16:
subq $16, %rsp
pxor %xmm8, %xmm8
xorl %ebx, %ebx
movdqu %xmm8, (%rsp)
-L_AES_GCM_encrypt_calc_aad_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_loop:
movzbl (%r12,%rcx,1), %r13d
movb %r13b, (%rsp,%rbx,1)
incl %ecx
incl %ebx
cmpl %edx, %ecx
- jl L_AES_GCM_encrypt_calc_aad_loop
+ jl L_AES_GCM_encrypt_aesni_calc_aad_loop
movdqu (%rsp), %xmm8
addq $16, %rsp
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -667,7 +667,7 @@ L_AES_GCM_encrypt_calc_aad_loop:
pxor %xmm1, %xmm2
pxor %xmm7, %xmm2
pxor %xmm2, %xmm6
-L_AES_GCM_encrypt_calc_aad_done:
+L_AES_GCM_encrypt_aesni_calc_aad_done:
# Calculate counter and H
pshufb L_aes_gcm_bswap_epi64(%rip), %xmm4
movdqa %xmm5, %xmm9
@@ -685,7 +685,7 @@ L_AES_GCM_encrypt_calc_aad_done:
xorq %rbx, %rbx
cmpl $0x80, %r9d
movl %r9d, %r13d
- jl L_AES_GCM_encrypt_done_128
+ jl L_AES_GCM_encrypt_aesni_done_128
andl $0xffffff80, %r13d
movdqa %xmm6, %xmm2
# H ^ 1
@@ -1104,7 +1104,7 @@ L_AES_GCM_encrypt_calc_aad_done:
aesenc %xmm7, %xmm15
cmpl $11, %r10d
movdqa 160(%r15), %xmm7
- jl L_AES_GCM_encrypt_enc_done
+ jl L_AES_GCM_encrypt_aesni_enc_done
aesenc %xmm7, %xmm8
aesenc %xmm7, %xmm9
aesenc %xmm7, %xmm10
@@ -1124,7 +1124,7 @@ L_AES_GCM_encrypt_calc_aad_done:
aesenc %xmm7, %xmm15
cmpl $13, %r10d
movdqa 192(%r15), %xmm7
- jl L_AES_GCM_encrypt_enc_done
+ jl L_AES_GCM_encrypt_aesni_enc_done
aesenc %xmm7, %xmm8
aesenc %xmm7, %xmm9
aesenc %xmm7, %xmm10
@@ -1143,7 +1143,7 @@ L_AES_GCM_encrypt_calc_aad_done:
aesenc %xmm7, %xmm14
aesenc %xmm7, %xmm15
movdqa 224(%r15), %xmm7
-L_AES_GCM_encrypt_enc_done:
+L_AES_GCM_encrypt_aesni_enc_done:
aesenclast %xmm7, %xmm8
aesenclast %xmm7, %xmm9
movdqu (%rdi), %xmm0
@@ -1178,9 +1178,9 @@ L_AES_GCM_encrypt_enc_done:
movdqu %xmm15, 112(%rsi)
cmpl $0x80, %r13d
movl $0x80, %ebx
- jle L_AES_GCM_encrypt_end_128
+ jle L_AES_GCM_encrypt_aesni_end_128
# More 128 bytes of input
-L_AES_GCM_encrypt_ghash_128:
+L_AES_GCM_encrypt_aesni_ghash_128:
leaq (%rdi,%rbx,1), %rcx
leaq (%rsi,%rbx,1), %rdx
movdqu 128(%rsp), %xmm8
@@ -1448,7 +1448,7 @@ L_AES_GCM_encrypt_ghash_128:
pxor %xmm3, %xmm2
cmpl $11, %r10d
movdqa 160(%r15), %xmm7
- jl L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
aesenc %xmm7, %xmm8
aesenc %xmm7, %xmm9
aesenc %xmm7, %xmm10
@@ -1468,7 +1468,7 @@ L_AES_GCM_encrypt_ghash_128:
aesenc %xmm7, %xmm15
cmpl $13, %r10d
movdqa 192(%r15), %xmm7
- jl L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
aesenc %xmm7, %xmm8
aesenc %xmm7, %xmm9
aesenc %xmm7, %xmm10
@@ -1487,7 +1487,7 @@ L_AES_GCM_encrypt_ghash_128:
aesenc %xmm7, %xmm14
aesenc %xmm7, %xmm15
movdqa 224(%r15), %xmm7
-L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done:
aesenclast %xmm7, %xmm8
aesenclast %xmm7, %xmm9
movdqu (%rcx), %xmm0
@@ -1522,8 +1522,8 @@ L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
movdqu %xmm15, 112(%rdx)
addl $0x80, %ebx
cmpl %r13d, %ebx
- jl L_AES_GCM_encrypt_ghash_128
-L_AES_GCM_encrypt_end_128:
+ jl L_AES_GCM_encrypt_aesni_ghash_128
+L_AES_GCM_encrypt_aesni_end_128:
movdqa L_aes_gcm_bswap_mask(%rip), %xmm4
pshufb %xmm4, %xmm8
pshufb %xmm4, %xmm9
@@ -1710,14 +1710,14 @@ L_AES_GCM_encrypt_end_128:
pxor %xmm4, %xmm2
pxor %xmm2, %xmm6
movdqu (%rsp), %xmm5
-L_AES_GCM_encrypt_done_128:
+L_AES_GCM_encrypt_aesni_done_128:
movl %r9d, %edx
cmpl %edx, %ebx
- jge L_AES_GCM_encrypt_done_enc
+ jge L_AES_GCM_encrypt_aesni_done_enc
movl %r9d, %r13d
andl $0xfffffff0, %r13d
cmpl %r13d, %ebx
- jge L_AES_GCM_encrypt_last_block_done
+ jge L_AES_GCM_encrypt_aesni_last_block_done
leaq (%rdi,%rbx,1), %rcx
leaq (%rsi,%rbx,1), %rdx
movdqu 128(%rsp), %xmm8
@@ -1737,16 +1737,16 @@ L_AES_GCM_encrypt_done_128:
aesenc 144(%r15), %xmm8
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
aesenc %xmm9, %xmm8
aesenc 176(%r15), %xmm8
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
aesenc %xmm9, %xmm8
aesenc 208(%r15), %xmm8
movdqa 224(%r15), %xmm9
-L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last:
aesenclast %xmm9, %xmm8
movdqu (%rcx), %xmm9
pxor %xmm9, %xmm8
@@ -1755,8 +1755,8 @@ L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
pxor %xmm8, %xmm6
addl $16, %ebx
cmpl %r13d, %ebx
- jge L_AES_GCM_encrypt_last_block_ghash
-L_AES_GCM_encrypt_last_block_start:
+ jge L_AES_GCM_encrypt_aesni_last_block_ghash
+L_AES_GCM_encrypt_aesni_last_block_start:
leaq (%rdi,%rbx,1), %rcx
leaq (%rsi,%rbx,1), %rdx
movdqu 128(%rsp), %xmm8
@@ -1801,16 +1801,16 @@ L_AES_GCM_encrypt_last_block_start:
pxor %xmm3, %xmm6
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_encrypt_aesenc_gfmul_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
aesenc %xmm9, %xmm8
aesenc 176(%r15), %xmm8
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_encrypt_aesenc_gfmul_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
aesenc %xmm9, %xmm8
aesenc 208(%r15), %xmm8
movdqa 224(%r15), %xmm9
-L_AES_GCM_encrypt_aesenc_gfmul_last:
+L_AES_GCM_encrypt_aesni_aesenc_gfmul_last:
aesenclast %xmm9, %xmm8
movdqu (%rcx), %xmm9
pxor %xmm9, %xmm8
@@ -1819,8 +1819,8 @@ L_AES_GCM_encrypt_aesenc_gfmul_last:
pxor %xmm8, %xmm6
addl $16, %ebx
cmpl %r13d, %ebx
- jl L_AES_GCM_encrypt_last_block_start
-L_AES_GCM_encrypt_last_block_ghash:
+ jl L_AES_GCM_encrypt_aesni_last_block_start
+L_AES_GCM_encrypt_aesni_last_block_ghash:
pshufd $0x4e, %xmm5, %xmm9
pshufd $0x4e, %xmm6, %xmm10
movdqa %xmm6, %xmm11
@@ -1861,11 +1861,11 @@ L_AES_GCM_encrypt_last_block_ghash:
pxor %xmm13, %xmm14
pxor %xmm8, %xmm14
pxor %xmm14, %xmm6
-L_AES_GCM_encrypt_last_block_done:
+L_AES_GCM_encrypt_aesni_last_block_done:
movl %r9d, %ecx
movl %ecx, %edx
andl $15, %ecx
- jz L_AES_GCM_encrypt_aesenc_last15_enc_avx_done
+ jz L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done
movdqu 128(%rsp), %xmm4
pshufb L_aes_gcm_bswap_epi64(%rip), %xmm4
pxor (%r15), %xmm4
@@ -1880,21 +1880,21 @@ L_AES_GCM_encrypt_last_block_done:
aesenc 144(%r15), %xmm4
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
aesenc %xmm9, %xmm4
aesenc 176(%r15), %xmm4
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
aesenc %xmm9, %xmm4
aesenc 208(%r15), %xmm4
movdqa 224(%r15), %xmm9
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last:
aesenclast %xmm9, %xmm4
subq $16, %rsp
xorl %ecx, %ecx
movdqu %xmm4, (%rsp)
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop:
movzbl (%rdi,%rbx,1), %r13d
xorb (%rsp,%rcx,1), %r13b
movb %r13b, (%rsi,%rbx,1)
@@ -1902,16 +1902,16 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
incl %ebx
incl %ecx
cmpl %edx, %ebx
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop
xorq %r13, %r13
cmpl $16, %ecx
- je L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop:
+ je L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop:
movb %r13b, (%rsp,%rcx,1)
incl %ecx
cmpl $16, %ecx
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc:
movdqu (%rsp), %xmm4
addq $16, %rsp
pshufb L_aes_gcm_bswap_mask(%rip), %xmm4
@@ -1956,8 +1956,8 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
pxor %xmm13, %xmm14
pxor %xmm8, %xmm14
pxor %xmm14, %xmm6
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_done:
-L_AES_GCM_encrypt_done_enc:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done:
+L_AES_GCM_encrypt_aesni_done_enc:
movl %r9d, %edx
movl %r11d, %ecx
shlq $3, %rdx
@@ -2009,19 +2009,19 @@ L_AES_GCM_encrypt_done_enc:
movdqu 144(%rsp), %xmm0
pxor %xmm6, %xmm0
cmpl $16, %r14d
- je L_AES_GCM_encrypt_store_tag_16
+ je L_AES_GCM_encrypt_aesni_store_tag_16
xorq %rcx, %rcx
movdqu %xmm0, (%rsp)
-L_AES_GCM_encrypt_store_tag_loop:
+L_AES_GCM_encrypt_aesni_store_tag_loop:
movzbl (%rsp,%rcx,1), %r13d
movb %r13b, (%r8,%rcx,1)
incl %ecx
cmpl %r14d, %ecx
- jne L_AES_GCM_encrypt_store_tag_loop
- jmp L_AES_GCM_encrypt_store_tag_done
-L_AES_GCM_encrypt_store_tag_16:
+ jne L_AES_GCM_encrypt_aesni_store_tag_loop
+ jmp L_AES_GCM_encrypt_aesni_store_tag_done
+L_AES_GCM_encrypt_aesni_store_tag_16:
movdqu %xmm0, (%r8)
-L_AES_GCM_encrypt_store_tag_done:
+L_AES_GCM_encrypt_aesni_store_tag_done:
addq $0xa0, %rsp
popq %r15
popq %r14
@@ -2030,19 +2030,19 @@ L_AES_GCM_encrypt_store_tag_done:
popq %r13
repz retq
#ifndef __APPLE__
-.size AES_GCM_encrypt,.-AES_GCM_encrypt
+.size AES_GCM_encrypt_aesni,.-AES_GCM_encrypt_aesni
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl AES_GCM_decrypt
-.type AES_GCM_decrypt,@function
+.globl AES_GCM_decrypt_aesni
+.type AES_GCM_decrypt_aesni,@function
.align 16
-AES_GCM_decrypt:
+AES_GCM_decrypt_aesni:
#else
.section __TEXT,__text
-.globl _AES_GCM_decrypt
+.globl _AES_GCM_decrypt_aesni
.p2align 4
-_AES_GCM_decrypt:
+_AES_GCM_decrypt_aesni:
#endif /* __APPLE__ */
pushq %r13
pushq %r12
@@ -2063,7 +2063,7 @@ _AES_GCM_decrypt:
pxor %xmm6, %xmm6
cmpl $12, %ebx
movl %ebx, %edx
- jne L_AES_GCM_decrypt_iv_not_12
+ jne L_AES_GCM_decrypt_aesni_iv_not_12
# # Calculate values when IV is 12 bytes
# Set counter based on IV
movl $0x1000000, %ecx
@@ -2103,7 +2103,7 @@ _AES_GCM_decrypt:
aesenc %xmm7, %xmm1
cmpl $11, %r10d
movdqa 160(%r15), %xmm7
- jl L_AES_GCM_decrypt_calc_iv_12_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_12_last
aesenc %xmm7, %xmm5
aesenc %xmm7, %xmm1
movdqa 176(%r15), %xmm7
@@ -2111,20 +2111,20 @@ _AES_GCM_decrypt:
aesenc %xmm7, %xmm1
cmpl $13, %r10d
movdqa 192(%r15), %xmm7
- jl L_AES_GCM_decrypt_calc_iv_12_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_12_last
aesenc %xmm7, %xmm5
aesenc %xmm7, %xmm1
movdqa 208(%r15), %xmm7
aesenc %xmm7, %xmm5
aesenc %xmm7, %xmm1
movdqa 224(%r15), %xmm7
-L_AES_GCM_decrypt_calc_iv_12_last:
+L_AES_GCM_decrypt_aesni_calc_iv_12_last:
aesenclast %xmm7, %xmm5
aesenclast %xmm7, %xmm1
pshufb L_aes_gcm_bswap_mask(%rip), %xmm5
movdqu %xmm1, 144(%rsp)
- jmp L_AES_GCM_decrypt_iv_done
-L_AES_GCM_decrypt_iv_not_12:
+ jmp L_AES_GCM_decrypt_aesni_iv_done
+L_AES_GCM_decrypt_aesni_iv_not_12:
# Calculate values when IV is not 12 bytes
# H = Encrypt X(=0)
movdqa (%r15), %xmm5
@@ -2139,27 +2139,27 @@ L_AES_GCM_decrypt_iv_not_12:
aesenc 144(%r15), %xmm5
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc %xmm9, %xmm5
aesenc 176(%r15), %xmm5
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc %xmm9, %xmm5
aesenc 208(%r15), %xmm5
movdqa 224(%r15), %xmm9
-L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last:
aesenclast %xmm9, %xmm5
pshufb L_aes_gcm_bswap_mask(%rip), %xmm5
# Calc counter
# Initialization vector
cmpl $0x00, %edx
movq $0x00, %rcx
- je L_AES_GCM_decrypt_calc_iv_done
+ je L_AES_GCM_decrypt_aesni_calc_iv_done
cmpl $16, %edx
- jl L_AES_GCM_decrypt_calc_iv_lt16
+ jl L_AES_GCM_decrypt_aesni_calc_iv_lt16
andl $0xfffffff0, %edx
-L_AES_GCM_decrypt_calc_iv_16_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_16_loop:
movdqu (%rax,%rcx,1), %xmm8
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
pxor %xmm8, %xmm4
@@ -2219,22 +2219,22 @@ L_AES_GCM_decrypt_calc_iv_16_loop:
pxor %xmm2, %xmm4
addl $16, %ecx
cmpl %edx, %ecx
- jl L_AES_GCM_decrypt_calc_iv_16_loop
+ jl L_AES_GCM_decrypt_aesni_calc_iv_16_loop
movl %ebx, %edx
cmpl %edx, %ecx
- je L_AES_GCM_decrypt_calc_iv_done
-L_AES_GCM_decrypt_calc_iv_lt16:
+ je L_AES_GCM_decrypt_aesni_calc_iv_done
+L_AES_GCM_decrypt_aesni_calc_iv_lt16:
subq $16, %rsp
pxor %xmm8, %xmm8
xorl %ebx, %ebx
movdqu %xmm8, (%rsp)
-L_AES_GCM_decrypt_calc_iv_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_loop:
movzbl (%rax,%rcx,1), %r13d
movb %r13b, (%rsp,%rbx,1)
incl %ecx
incl %ebx
cmpl %edx, %ecx
- jl L_AES_GCM_decrypt_calc_iv_loop
+ jl L_AES_GCM_decrypt_aesni_calc_iv_loop
movdqu (%rsp), %xmm8
addq $16, %rsp
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -2293,7 +2293,7 @@ L_AES_GCM_decrypt_calc_iv_loop:
pxor %xmm1, %xmm2
pxor %xmm7, %xmm2
pxor %xmm2, %xmm4
-L_AES_GCM_decrypt_calc_iv_done:
+L_AES_GCM_decrypt_aesni_calc_iv_done:
# T = Encrypt counter
pxor %xmm0, %xmm0
shll $3, %edx
@@ -2368,28 +2368,28 @@ L_AES_GCM_decrypt_calc_iv_done:
aesenc 144(%r15), %xmm8
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc %xmm9, %xmm8
aesenc 176(%r15), %xmm8
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc %xmm9, %xmm8
aesenc 208(%r15), %xmm8
movdqa 224(%r15), %xmm9
-L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last:
aesenclast %xmm9, %xmm8
movdqu %xmm8, 144(%rsp)
-L_AES_GCM_decrypt_iv_done:
+L_AES_GCM_decrypt_aesni_iv_done:
# Additional authentication data
movl %r11d, %edx
cmpl $0x00, %edx
- je L_AES_GCM_decrypt_calc_aad_done
+ je L_AES_GCM_decrypt_aesni_calc_aad_done
xorl %ecx, %ecx
cmpl $16, %edx
- jl L_AES_GCM_decrypt_calc_aad_lt16
+ jl L_AES_GCM_decrypt_aesni_calc_aad_lt16
andl $0xfffffff0, %edx
-L_AES_GCM_decrypt_calc_aad_16_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_16_loop:
movdqu (%r12,%rcx,1), %xmm8
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
pxor %xmm8, %xmm6
@@ -2449,22 +2449,22 @@ L_AES_GCM_decrypt_calc_aad_16_loop:
pxor %xmm2, %xmm6
addl $16, %ecx
cmpl %edx, %ecx
- jl L_AES_GCM_decrypt_calc_aad_16_loop
+ jl L_AES_GCM_decrypt_aesni_calc_aad_16_loop
movl %r11d, %edx
cmpl %edx, %ecx
- je L_AES_GCM_decrypt_calc_aad_done
-L_AES_GCM_decrypt_calc_aad_lt16:
+ je L_AES_GCM_decrypt_aesni_calc_aad_done
+L_AES_GCM_decrypt_aesni_calc_aad_lt16:
subq $16, %rsp
pxor %xmm8, %xmm8
xorl %ebx, %ebx
movdqu %xmm8, (%rsp)
-L_AES_GCM_decrypt_calc_aad_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_loop:
movzbl (%r12,%rcx,1), %r13d
movb %r13b, (%rsp,%rbx,1)
incl %ecx
incl %ebx
cmpl %edx, %ecx
- jl L_AES_GCM_decrypt_calc_aad_loop
+ jl L_AES_GCM_decrypt_aesni_calc_aad_loop
movdqu (%rsp), %xmm8
addq $16, %rsp
pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -2523,7 +2523,7 @@ L_AES_GCM_decrypt_calc_aad_loop:
pxor %xmm1, %xmm2
pxor %xmm7, %xmm2
pxor %xmm2, %xmm6
-L_AES_GCM_decrypt_calc_aad_done:
+L_AES_GCM_decrypt_aesni_calc_aad_done:
# Calculate counter and H
pshufb L_aes_gcm_bswap_epi64(%rip), %xmm4
movdqa %xmm5, %xmm9
@@ -2541,7 +2541,7 @@ L_AES_GCM_decrypt_calc_aad_done:
xorl %ebx, %ebx
cmpl $0x80, %r9d
movl %r9d, %r13d
- jl L_AES_GCM_decrypt_done_128
+ jl L_AES_GCM_decrypt_aesni_done_128
andl $0xffffff80, %r13d
movdqa %xmm6, %xmm2
# H ^ 1
@@ -2840,7 +2840,7 @@ L_AES_GCM_decrypt_calc_aad_done:
pxor %xmm8, %xmm14
pxor %xmm14, %xmm7
movdqu %xmm7, 112(%rsp)
-L_AES_GCM_decrypt_ghash_128:
+L_AES_GCM_decrypt_aesni_ghash_128:
leaq (%rdi,%rbx,1), %rcx
leaq (%rsi,%rbx,1), %rdx
movdqu 128(%rsp), %xmm8
@@ -3108,7 +3108,7 @@ L_AES_GCM_decrypt_ghash_128:
pxor %xmm3, %xmm2
cmpl $11, %r10d
movdqa 160(%r15), %xmm7
- jl L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
aesenc %xmm7, %xmm8
aesenc %xmm7, %xmm9
aesenc %xmm7, %xmm10
@@ -3128,7 +3128,7 @@ L_AES_GCM_decrypt_ghash_128:
aesenc %xmm7, %xmm15
cmpl $13, %r10d
movdqa 192(%r15), %xmm7
- jl L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
aesenc %xmm7, %xmm8
aesenc %xmm7, %xmm9
aesenc %xmm7, %xmm10
@@ -3147,7 +3147,7 @@ L_AES_GCM_decrypt_ghash_128:
aesenc %xmm7, %xmm14
aesenc %xmm7, %xmm15
movdqa 224(%r15), %xmm7
-L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done:
aesenclast %xmm7, %xmm8
aesenclast %xmm7, %xmm9
movdqu (%rcx), %xmm0
@@ -3182,18 +3182,18 @@ L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
movdqu %xmm15, 112(%rdx)
addl $0x80, %ebx
cmpl %r13d, %ebx
- jl L_AES_GCM_decrypt_ghash_128
+ jl L_AES_GCM_decrypt_aesni_ghash_128
movdqa %xmm2, %xmm6
movdqu (%rsp), %xmm5
-L_AES_GCM_decrypt_done_128:
+L_AES_GCM_decrypt_aesni_done_128:
movl %r9d, %edx
cmpl %edx, %ebx
- jge L_AES_GCM_decrypt_done_dec
+ jge L_AES_GCM_decrypt_aesni_done_dec
movl %r9d, %r13d
andl $0xfffffff0, %r13d
cmpl %r13d, %ebx
- jge L_AES_GCM_decrypt_last_block_done
-L_AES_GCM_decrypt_last_block_start:
+ jge L_AES_GCM_decrypt_aesni_last_block_done
+L_AES_GCM_decrypt_aesni_last_block_start:
leaq (%rdi,%rbx,1), %rcx
leaq (%rsi,%rbx,1), %rdx
movdqu (%rcx), %xmm1
@@ -3242,28 +3242,28 @@ L_AES_GCM_decrypt_last_block_start:
pxor %xmm3, %xmm6
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_decrypt_aesenc_gfmul_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
aesenc %xmm9, %xmm8
aesenc 176(%r15), %xmm8
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_decrypt_aesenc_gfmul_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
aesenc %xmm9, %xmm8
aesenc 208(%r15), %xmm8
movdqa 224(%r15), %xmm9
-L_AES_GCM_decrypt_aesenc_gfmul_last:
+L_AES_GCM_decrypt_aesni_aesenc_gfmul_last:
aesenclast %xmm9, %xmm8
movdqu (%rcx), %xmm9
pxor %xmm9, %xmm8
movdqu %xmm8, (%rdx)
addl $16, %ebx
cmpl %r13d, %ebx
- jl L_AES_GCM_decrypt_last_block_start
-L_AES_GCM_decrypt_last_block_done:
+ jl L_AES_GCM_decrypt_aesni_last_block_start
+L_AES_GCM_decrypt_aesni_last_block_done:
movl %r9d, %ecx
movl %ecx, %edx
andl $15, %ecx
- jz L_AES_GCM_decrypt_aesenc_last15_dec_avx_done
+ jz L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done
movdqu 128(%rsp), %xmm4
pshufb L_aes_gcm_bswap_epi64(%rip), %xmm4
pxor (%r15), %xmm4
@@ -3278,23 +3278,23 @@ L_AES_GCM_decrypt_last_block_done:
aesenc 144(%r15), %xmm4
cmpl $11, %r10d
movdqa 160(%r15), %xmm9
- jl L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
aesenc %xmm9, %xmm4
aesenc 176(%r15), %xmm4
cmpl $13, %r10d
movdqa 192(%r15), %xmm9
- jl L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
aesenc %xmm9, %xmm4
aesenc 208(%r15), %xmm4
movdqa 224(%r15), %xmm9
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last:
aesenclast %xmm9, %xmm4
subq $32, %rsp
xorl %ecx, %ecx
movdqu %xmm4, (%rsp)
pxor %xmm0, %xmm0
movdqu %xmm0, 16(%rsp)
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop:
movzbl (%rdi,%rbx,1), %r13d
movb %r13b, 16(%rsp,%rcx,1)
xorb (%rsp,%rcx,1), %r13b
@@ -3302,7 +3302,7 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
incl %ebx
incl %ecx
cmpl %edx, %ebx
- jl L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop
+ jl L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop
movdqu 16(%rsp), %xmm4
addq $32, %rsp
pshufb L_aes_gcm_bswap_mask(%rip), %xmm4
@@ -3347,8 +3347,8 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
pxor %xmm13, %xmm14
pxor %xmm8, %xmm14
pxor %xmm14, %xmm6
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_done:
-L_AES_GCM_decrypt_done_dec:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done:
+L_AES_GCM_decrypt_aesni_done_dec:
movl %r9d, %edx
movl %r11d, %ecx
shlq $3, %rdx
@@ -3400,24 +3400,24 @@ L_AES_GCM_decrypt_done_dec:
movdqu 144(%rsp), %xmm0
pxor %xmm6, %xmm0
cmpl $16, %r14d
- je L_AES_GCM_decrypt_cmp_tag_16
+ je L_AES_GCM_decrypt_aesni_cmp_tag_16
subq $16, %rsp
xorq %rcx, %rcx
xorq %rbx, %rbx
movdqu %xmm0, (%rsp)
-L_AES_GCM_decrypt_cmp_tag_loop:
+L_AES_GCM_decrypt_aesni_cmp_tag_loop:
movzbl (%rsp,%rcx,1), %r13d
xorb (%r8,%rcx,1), %r13b
orb %r13b, %bl
incl %ecx
cmpl %r14d, %ecx
- jne L_AES_GCM_decrypt_cmp_tag_loop
+ jne L_AES_GCM_decrypt_aesni_cmp_tag_loop
cmpb $0x00, %bl
sete %bl
addq $16, %rsp
xorq %rcx, %rcx
- jmp L_AES_GCM_decrypt_cmp_tag_done
-L_AES_GCM_decrypt_cmp_tag_16:
+ jmp L_AES_GCM_decrypt_aesni_cmp_tag_done
+L_AES_GCM_decrypt_aesni_cmp_tag_16:
movdqu (%r8), %xmm1
pcmpeqb %xmm1, %xmm0
pmovmskb %xmm0, %rdx
@@ -3425,7 +3425,7 @@ L_AES_GCM_decrypt_cmp_tag_16:
xorl %ebx, %ebx
cmpl $0xffff, %edx
sete %bl
-L_AES_GCM_decrypt_cmp_tag_done:
+L_AES_GCM_decrypt_aesni_cmp_tag_done:
movl %ebx, (%rbp)
addq $0xa8, %rsp
popq %rbp
@@ -3436,7 +3436,7 @@ L_AES_GCM_decrypt_cmp_tag_done:
popq %r13
repz retq
#ifndef __APPLE__
-.size AES_GCM_decrypt,.-AES_GCM_decrypt
+.size AES_GCM_decrypt_aesni,.-AES_GCM_decrypt_aesni
#endif /* __APPLE__ */
#ifdef WOLFSSL_AESGCM_STREAM
#ifndef __APPLE__
@@ -3472,53 +3472,53 @@ _AES_GCM_init_aesni:
movdqa %xmm4, %xmm1
movdqa (%rdi), %xmm5
pxor %xmm5, %xmm1
- movdqa 16(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 32(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 48(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 64(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 80(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 96(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 112(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 128(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 144(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
+ movdqa 16(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 32(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 48(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 64(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 80(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 96(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 112(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 128(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 144(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
cmpl $11, %esi
- movdqa 160(%rdi), %xmm7
+ movdqa 160(%rdi), %xmm6
jl L_AES_GCM_init_aesni_calc_iv_12_last
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 176(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 176(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
cmpl $13, %esi
- movdqa 192(%rdi), %xmm7
+ movdqa 192(%rdi), %xmm6
jl L_AES_GCM_init_aesni_calc_iv_12_last
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 208(%rdi), %xmm7
- aesenc %xmm7, %xmm5
- aesenc %xmm7, %xmm1
- movdqa 224(%rdi), %xmm7
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 208(%rdi), %xmm6
+ aesenc %xmm6, %xmm5
+ aesenc %xmm6, %xmm1
+ movdqa 224(%rdi), %xmm6
L_AES_GCM_init_aesni_calc_iv_12_last:
- aesenclast %xmm7, %xmm5
- aesenclast %xmm7, %xmm1
+ aesenclast %xmm6, %xmm5
+ aesenclast %xmm6, %xmm1
pshufb L_aes_gcm_bswap_mask(%rip), %xmm5
movdqu %xmm1, %xmm15
jmp L_AES_GCM_init_aesni_iv_done
@@ -3536,18 +3536,18 @@ L_AES_GCM_init_aesni_iv_not_12:
aesenc 128(%rdi), %xmm5
aesenc 144(%rdi), %xmm5
cmpl $11, %esi
- movdqa 160(%rdi), %xmm9
+ movdqa 160(%rdi), %xmm8
jl L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
- aesenc %xmm9, %xmm5
+ aesenc %xmm8, %xmm5
aesenc 176(%rdi), %xmm5
cmpl $13, %esi
- movdqa 192(%rdi), %xmm9
+ movdqa 192(%rdi), %xmm8
jl L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
- aesenc %xmm9, %xmm5
+ aesenc %xmm8, %xmm5
aesenc 208(%rdi), %xmm5
- movdqa 224(%rdi), %xmm9
+ movdqa 224(%rdi), %xmm8
L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
- aesenclast %xmm9, %xmm5
+ aesenclast %xmm8, %xmm5
pshufb L_aes_gcm_bswap_mask(%rip), %xmm5
# Calc counter
# Initialization vector
@@ -3558,9 +3558,9 @@ L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
jl L_AES_GCM_init_aesni_calc_iv_lt16
andl $0xfffffff0, %edx
L_AES_GCM_init_aesni_calc_iv_16_loop:
- movdqu (%r10,%rcx,1), %xmm8
- pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
- pxor %xmm8, %xmm4
+ movdqu (%r10,%rcx,1), %xmm7
+ pshufb L_aes_gcm_bswap_mask(%rip), %xmm7
+ pxor %xmm7, %xmm4
pshufd $0x4e, %xmm4, %xmm1
pshufd $0x4e, %xmm5, %xmm2
movdqa %xmm5, %xmm3
@@ -3573,28 +3573,28 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
pxor %xmm0, %xmm1
pxor %xmm3, %xmm1
movdqa %xmm1, %xmm2
- movdqa %xmm0, %xmm7
+ movdqa %xmm0, %xmm6
movdqa %xmm3, %xmm4
pslldq $8, %xmm2
psrldq $8, %xmm1
- pxor %xmm2, %xmm7
+ pxor %xmm2, %xmm6
pxor %xmm1, %xmm4
- movdqa %xmm7, %xmm0
+ movdqa %xmm6, %xmm0
movdqa %xmm4, %xmm1
psrld $31, %xmm0
psrld $31, %xmm1
- pslld $0x01, %xmm7
+ pslld $0x01, %xmm6
pslld $0x01, %xmm4
movdqa %xmm0, %xmm2
pslldq $4, %xmm0
psrldq $12, %xmm2
pslldq $4, %xmm1
por %xmm2, %xmm4
- por %xmm0, %xmm7
+ por %xmm0, %xmm6
por %xmm1, %xmm4
- movdqa %xmm7, %xmm0
- movdqa %xmm7, %xmm1
- movdqa %xmm7, %xmm2
+ movdqa %xmm6, %xmm0
+ movdqa %xmm6, %xmm1
+ movdqa %xmm6, %xmm2
pslld $31, %xmm0
pslld $30, %xmm1
pslld $25, %xmm2
@@ -3603,17 +3603,17 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
movdqa %xmm0, %xmm1
psrldq $4, %xmm1
pslldq $12, %xmm0
- pxor %xmm0, %xmm7
- movdqa %xmm7, %xmm2
- movdqa %xmm7, %xmm3
- movdqa %xmm7, %xmm0
+ pxor %xmm0, %xmm6
+ movdqa %xmm6, %xmm2
+ movdqa %xmm6, %xmm3
+ movdqa %xmm6, %xmm0
psrld $0x01, %xmm2
psrld $2, %xmm3
psrld $7, %xmm0
pxor %xmm3, %xmm2
pxor %xmm0, %xmm2
pxor %xmm1, %xmm2
- pxor %xmm7, %xmm2
+ pxor %xmm6, %xmm2
pxor %xmm2, %xmm4
addl $16, %ecx
cmpl %edx, %ecx
@@ -3623,9 +3623,9 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
je L_AES_GCM_init_aesni_calc_iv_done
L_AES_GCM_init_aesni_calc_iv_lt16:
subq $16, %rsp
- pxor %xmm8, %xmm8
+ pxor %xmm7, %xmm7
xorl %r13d, %r13d
- movdqu %xmm8, (%rsp)
+ movdqu %xmm7, (%rsp)
L_AES_GCM_init_aesni_calc_iv_loop:
movzbl (%r10,%rcx,1), %r12d
movb %r12b, (%rsp,%r13,1)
@@ -3633,10 +3633,10 @@ L_AES_GCM_init_aesni_calc_iv_loop:
incl %r13d
cmpl %edx, %ecx
jl L_AES_GCM_init_aesni_calc_iv_loop
- movdqu (%rsp), %xmm8
+ movdqu (%rsp), %xmm7
addq $16, %rsp
- pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
- pxor %xmm8, %xmm4
+ pshufb L_aes_gcm_bswap_mask(%rip), %xmm7
+ pxor %xmm7, %xmm4
pshufd $0x4e, %xmm4, %xmm1
pshufd $0x4e, %xmm5, %xmm2
movdqa %xmm5, %xmm3
@@ -3649,28 +3649,28 @@ L_AES_GCM_init_aesni_calc_iv_loop:
pxor %xmm0, %xmm1
pxor %xmm3, %xmm1
movdqa %xmm1, %xmm2
- movdqa %xmm0, %xmm7
+ movdqa %xmm0, %xmm6
movdqa %xmm3, %xmm4
pslldq $8, %xmm2
psrldq $8, %xmm1
- pxor %xmm2, %xmm7
+ pxor %xmm2, %xmm6
pxor %xmm1, %xmm4
- movdqa %xmm7, %xmm0
+ movdqa %xmm6, %xmm0
movdqa %xmm4, %xmm1
psrld $31, %xmm0
psrld $31, %xmm1
- pslld $0x01, %xmm7
+ pslld $0x01, %xmm6
pslld $0x01, %xmm4
movdqa %xmm0, %xmm2
pslldq $4, %xmm0
psrldq $12, %xmm2
pslldq $4, %xmm1
por %xmm2, %xmm4
- por %xmm0, %xmm7
+ por %xmm0, %xmm6
por %xmm1, %xmm4
- movdqa %xmm7, %xmm0
- movdqa %xmm7, %xmm1
- movdqa %xmm7, %xmm2
+ movdqa %xmm6, %xmm0
+ movdqa %xmm6, %xmm1
+ movdqa %xmm6, %xmm2
pslld $31, %xmm0
pslld $30, %xmm1
pslld $25, %xmm2
@@ -3679,17 +3679,17 @@ L_AES_GCM_init_aesni_calc_iv_loop:
movdqa %xmm0, %xmm1
psrldq $4, %xmm1
pslldq $12, %xmm0
- pxor %xmm0, %xmm7
- movdqa %xmm7, %xmm2
- movdqa %xmm7, %xmm3
- movdqa %xmm7, %xmm0
+ pxor %xmm0, %xmm6
+ movdqa %xmm6, %xmm2
+ movdqa %xmm6, %xmm3
+ movdqa %xmm6, %xmm0
psrld $0x01, %xmm2
psrld $2, %xmm3
psrld $7, %xmm0
pxor %xmm3, %xmm2
pxor %xmm0, %xmm2
pxor %xmm1, %xmm2
- pxor %xmm7, %xmm2
+ pxor %xmm6, %xmm2
pxor %xmm2, %xmm4
L_AES_GCM_init_aesni_calc_iv_done:
# T = Encrypt counter
@@ -3709,28 +3709,28 @@ L_AES_GCM_init_aesni_calc_iv_done:
pxor %xmm0, %xmm1
pxor %xmm3, %xmm1
movdqa %xmm1, %xmm2
- movdqa %xmm0, %xmm7
+ movdqa %xmm0, %xmm6
movdqa %xmm3, %xmm4
pslldq $8, %xmm2
psrldq $8, %xmm1
- pxor %xmm2, %xmm7
+ pxor %xmm2, %xmm6
pxor %xmm1, %xmm4
- movdqa %xmm7, %xmm0
+ movdqa %xmm6, %xmm0
movdqa %xmm4, %xmm1
psrld $31, %xmm0
psrld $31, %xmm1
- pslld $0x01, %xmm7
+ pslld $0x01, %xmm6
pslld $0x01, %xmm4
movdqa %xmm0, %xmm2
pslldq $4, %xmm0
psrldq $12, %xmm2
pslldq $4, %xmm1
por %xmm2, %xmm4
- por %xmm0, %xmm7
+ por %xmm0, %xmm6
por %xmm1, %xmm4
- movdqa %xmm7, %xmm0
- movdqa %xmm7, %xmm1
- movdqa %xmm7, %xmm2
+ movdqa %xmm6, %xmm0
+ movdqa %xmm6, %xmm1
+ movdqa %xmm6, %xmm2
pslld $31, %xmm0
pslld $30, %xmm1
pslld $25, %xmm2
@@ -3739,45 +3739,45 @@ L_AES_GCM_init_aesni_calc_iv_done:
movdqa %xmm0, %xmm1
psrldq $4, %xmm1
pslldq $12, %xmm0
- pxor %xmm0, %xmm7
- movdqa %xmm7, %xmm2
- movdqa %xmm7, %xmm3
- movdqa %xmm7, %xmm0
+ pxor %xmm0, %xmm6
+ movdqa %xmm6, %xmm2
+ movdqa %xmm6, %xmm3
+ movdqa %xmm6, %xmm0
psrld $0x01, %xmm2
psrld $2, %xmm3
psrld $7, %xmm0
pxor %xmm3, %xmm2
pxor %xmm0, %xmm2
pxor %xmm1, %xmm2
- pxor %xmm7, %xmm2
+ pxor %xmm6, %xmm2
pxor %xmm2, %xmm4
pshufb L_aes_gcm_bswap_mask(%rip), %xmm4
# Encrypt counter
- movdqa (%rdi), %xmm8
- pxor %xmm4, %xmm8
- aesenc 16(%rdi), %xmm8
- aesenc 32(%rdi), %xmm8
- aesenc 48(%rdi), %xmm8
- aesenc 64(%rdi), %xmm8
- aesenc 80(%rdi), %xmm8
- aesenc 96(%rdi), %xmm8
- aesenc 112(%rdi), %xmm8
- aesenc 128(%rdi), %xmm8
- aesenc 144(%rdi), %xmm8
+ movdqa (%rdi), %xmm7
+ pxor %xmm4, %xmm7
+ aesenc 16(%rdi), %xmm7
+ aesenc 32(%rdi), %xmm7
+ aesenc 48(%rdi), %xmm7
+ aesenc 64(%rdi), %xmm7
+ aesenc 80(%rdi), %xmm7
+ aesenc 96(%rdi), %xmm7
+ aesenc 112(%rdi), %xmm7
+ aesenc 128(%rdi), %xmm7
+ aesenc 144(%rdi), %xmm7
cmpl $11, %esi
- movdqa 160(%rdi), %xmm9
+ movdqa 160(%rdi), %xmm8
jl L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
- aesenc %xmm9, %xmm8
- aesenc 176(%rdi), %xmm8
+ aesenc %xmm8, %xmm7
+ aesenc 176(%rdi), %xmm7
cmpl $13, %esi
- movdqa 192(%rdi), %xmm9
+ movdqa 192(%rdi), %xmm8
jl L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
- aesenc %xmm9, %xmm8
- aesenc 208(%rdi), %xmm8
- movdqa 224(%rdi), %xmm9
+ aesenc %xmm8, %xmm7
+ aesenc 208(%rdi), %xmm7
+ movdqa 224(%rdi), %xmm8
L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last:
- aesenclast %xmm9, %xmm8
- movdqu %xmm8, %xmm15
+ aesenclast %xmm8, %xmm7
+ movdqu %xmm7, %xmm15
L_AES_GCM_init_aesni_iv_done:
movdqa %xmm15, (%rax)
pshufb L_aes_gcm_bswap_epi64(%rip), %xmm4
@@ -3809,9 +3809,9 @@ _AES_GCM_aad_update_aesni:
movdqa (%rax), %xmm6
xorl %ecx, %ecx
L_AES_GCM_aad_update_aesni_16_loop:
- movdqu (%rdi,%rcx,1), %xmm8
- pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
- pxor %xmm8, %xmm5
+ movdqu (%rdi,%rcx,1), %xmm7
+ pshufb L_aes_gcm_bswap_mask(%rip), %xmm7
+ pxor %xmm7, %xmm5
pshufd $0x4e, %xmm5, %xmm1
pshufd $0x4e, %xmm6, %xmm2
movdqa %xmm6, %xmm3
@@ -3888,38 +3888,38 @@ _AES_GCM_encrypt_block_aesni:
#endif /* __APPLE__ */
movq %rdx, %r10
movq %rcx, %r11
- movdqu (%r8), %xmm8
- movdqa %xmm8, %xmm9
- pshufb L_aes_gcm_bswap_epi64(%rip), %xmm8
- paddd L_aes_gcm_one(%rip), %xmm9
- pxor (%rdi), %xmm8
- movdqu %xmm9, (%r8)
- aesenc 16(%rdi), %xmm8
- aesenc 32(%rdi), %xmm8
- aesenc 48(%rdi), %xmm8
- aesenc 64(%rdi), %xmm8
- aesenc 80(%rdi), %xmm8
- aesenc 96(%rdi), %xmm8
- aesenc 112(%rdi), %xmm8
- aesenc 128(%rdi), %xmm8
- aesenc 144(%rdi), %xmm8
+ movdqu (%r8), %xmm0
+ movdqa %xmm0, %xmm1
+ pshufb L_aes_gcm_bswap_epi64(%rip), %xmm0
+ paddd L_aes_gcm_one(%rip), %xmm1
+ pxor (%rdi), %xmm0
+ movdqu %xmm1, (%r8)
+ aesenc 16(%rdi), %xmm0
+ aesenc 32(%rdi), %xmm0
+ aesenc 48(%rdi), %xmm0
+ aesenc 64(%rdi), %xmm0
+ aesenc 80(%rdi), %xmm0
+ aesenc 96(%rdi), %xmm0
+ aesenc 112(%rdi), %xmm0
+ aesenc 128(%rdi), %xmm0
+ aesenc 144(%rdi), %xmm0
cmpl $11, %esi
- movdqa 160(%rdi), %xmm9
+ movdqa 160(%rdi), %xmm1
jl L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
- aesenc %xmm9, %xmm8
- aesenc 176(%rdi), %xmm8
+ aesenc %xmm1, %xmm0
+ aesenc 176(%rdi), %xmm0
cmpl $13, %esi
- movdqa 192(%rdi), %xmm9
+ movdqa 192(%rdi), %xmm1
jl L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
- aesenc %xmm9, %xmm8
- aesenc 208(%rdi), %xmm8
- movdqa 224(%rdi), %xmm9
+ aesenc %xmm1, %xmm0
+ aesenc 208(%rdi), %xmm0
+ movdqa 224(%rdi), %xmm1
L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last:
- aesenclast %xmm9, %xmm8
- movdqu (%r11), %xmm9
- pxor %xmm9, %xmm8
- movdqu %xmm8, (%r10)
- pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
+ aesenclast %xmm1, %xmm0
+ movdqu (%r11), %xmm1
+ pxor %xmm1, %xmm0
+ movdqu %xmm0, (%r10)
+ pshufb L_aes_gcm_bswap_mask(%rip), %xmm0
repz retq
#ifndef __APPLE__
.size AES_GCM_encrypt_block_aesni,.-AES_GCM_encrypt_block_aesni
@@ -3938,9 +3938,9 @@ _AES_GCM_ghash_block_aesni:
#endif /* __APPLE__ */
movdqa (%rsi), %xmm4
movdqa (%rdx), %xmm5
- movdqu (%rdi), %xmm8
- pshufb L_aes_gcm_bswap_mask(%rip), %xmm8
- pxor %xmm8, %xmm4
+ movdqu (%rdi), %xmm7
+ pshufb L_aes_gcm_bswap_mask(%rip), %xmm7
+ pxor %xmm7, %xmm4
pshufd $0x4e, %xmm4, %xmm1
pshufd $0x4e, %xmm5, %xmm2
movdqa %xmm5, %xmm3
@@ -5243,16 +5243,16 @@ _AES_GCM_encrypt_final_aesni:
movdqa (%rdi), %xmm4
movdqa (%r9), %xmm5
movdqa (%r8), %xmm6
- movdqa %xmm5, %xmm9
movdqa %xmm5, %xmm8
- psrlq $63, %xmm9
- psllq $0x01, %xmm8
- pslldq $8, %xmm9
- por %xmm9, %xmm8
+ movdqa %xmm5, %xmm7
+ psrlq $63, %xmm8
+ psllq $0x01, %xmm7
+ pslldq $8, %xmm8
+ por %xmm8, %xmm7
pshufd $0xff, %xmm5, %xmm5
psrad $31, %xmm5
pand L_aes_gcm_mod2_128(%rip), %xmm5
- pxor %xmm8, %xmm5
+ pxor %xmm7, %xmm5
movl %r10d, %edx
movl %r11d, %ecx
shlq $3, %rdx
@@ -5260,46 +5260,46 @@ _AES_GCM_encrypt_final_aesni:
pinsrq $0x00, %rdx, %xmm0
pinsrq $0x01, %rcx, %xmm0
pxor %xmm0, %xmm4
- pshufd $0x4e, %xmm5, %xmm9
- pshufd $0x4e, %xmm4, %xmm10
- movdqa %xmm4, %xmm11
- movdqa %xmm4, %xmm8
- pclmulqdq $0x11, %xmm5, %xmm11
- pclmulqdq $0x00, %xmm5, %xmm8
- pxor %xmm5, %xmm9
- pxor %xmm4, %xmm10
- pclmulqdq $0x00, %xmm10, %xmm9
- pxor %xmm8, %xmm9
- pxor %xmm11, %xmm9
- movdqa %xmm9, %xmm10
- movdqa %xmm11, %xmm4
- pslldq $8, %xmm10
- psrldq $8, %xmm9
+ pshufd $0x4e, %xmm5, %xmm8
+ pshufd $0x4e, %xmm4, %xmm9
+ movdqa %xmm4, %xmm10
+ movdqa %xmm4, %xmm7
+ pclmulqdq $0x11, %xmm5, %xmm10
+ pclmulqdq $0x00, %xmm5, %xmm7
+ pxor %xmm5, %xmm8
+ pxor %xmm4, %xmm9
+ pclmulqdq $0x00, %xmm9, %xmm8
+ pxor %xmm7, %xmm8
pxor %xmm10, %xmm8
- pxor %xmm9, %xmm4
- movdqa %xmm8, %xmm12
- movdqa %xmm8, %xmm13
- movdqa %xmm8, %xmm14
- pslld $31, %xmm12
- pslld $30, %xmm13
- pslld $25, %xmm14
- pxor %xmm13, %xmm12
- pxor %xmm14, %xmm12
- movdqa %xmm12, %xmm13
- psrldq $4, %xmm13
- pslldq $12, %xmm12
- pxor %xmm12, %xmm8
- movdqa %xmm8, %xmm14
- movdqa %xmm8, %xmm10
movdqa %xmm8, %xmm9
- psrld $0x01, %xmm14
- psrld $2, %xmm10
- psrld $7, %xmm9
- pxor %xmm10, %xmm14
- pxor %xmm9, %xmm14
- pxor %xmm13, %xmm14
- pxor %xmm8, %xmm14
- pxor %xmm14, %xmm4
+ movdqa %xmm10, %xmm4
+ pslldq $8, %xmm9
+ psrldq $8, %xmm8
+ pxor %xmm9, %xmm7
+ pxor %xmm8, %xmm4
+ movdqa %xmm7, %xmm11
+ movdqa %xmm7, %xmm12
+ movdqa %xmm7, %xmm13
+ pslld $31, %xmm11
+ pslld $30, %xmm12
+ pslld $25, %xmm13
+ pxor %xmm12, %xmm11
+ pxor %xmm13, %xmm11
+ movdqa %xmm11, %xmm12
+ psrldq $4, %xmm12
+ pslldq $12, %xmm11
+ pxor %xmm11, %xmm7
+ movdqa %xmm7, %xmm13
+ movdqa %xmm7, %xmm9
+ movdqa %xmm7, %xmm8
+ psrld $0x01, %xmm13
+ psrld $2, %xmm9
+ psrld $7, %xmm8
+ pxor %xmm9, %xmm13
+ pxor %xmm8, %xmm13
+ pxor %xmm12, %xmm13
+ pxor %xmm7, %xmm13
+ pxor %xmm13, %xmm4
pshufb L_aes_gcm_bswap_mask(%rip), %xmm4
movdqu %xmm6, %xmm0
pxor %xmm4, %xmm0
@@ -6113,16 +6113,16 @@ _AES_GCM_decrypt_final_aesni:
movdqa (%rdi), %xmm6
movdqa (%r9), %xmm5
movdqa (%r8), %xmm15
- movdqa %xmm5, %xmm9
movdqa %xmm5, %xmm8
- psrlq $63, %xmm9
- psllq $0x01, %xmm8
- pslldq $8, %xmm9
- por %xmm9, %xmm8
+ movdqa %xmm5, %xmm7
+ psrlq $63, %xmm8
+ psllq $0x01, %xmm7
+ pslldq $8, %xmm8
+ por %xmm8, %xmm7
pshufd $0xff, %xmm5, %xmm5
psrad $31, %xmm5
pand L_aes_gcm_mod2_128(%rip), %xmm5
- pxor %xmm8, %xmm5
+ pxor %xmm7, %xmm5
movl %r10d, %edx
movl %r11d, %ecx
shlq $3, %rdx
@@ -6130,46 +6130,46 @@ _AES_GCM_decrypt_final_aesni:
pinsrq $0x00, %rdx, %xmm0
pinsrq $0x01, %rcx, %xmm0
pxor %xmm0, %xmm6
- pshufd $0x4e, %xmm5, %xmm9
- pshufd $0x4e, %xmm6, %xmm10
- movdqa %xmm6, %xmm11
- movdqa %xmm6, %xmm8
- pclmulqdq $0x11, %xmm5, %xmm11
- pclmulqdq $0x00, %xmm5, %xmm8
- pxor %xmm5, %xmm9
- pxor %xmm6, %xmm10
- pclmulqdq $0x00, %xmm10, %xmm9
- pxor %xmm8, %xmm9
- pxor %xmm11, %xmm9
- movdqa %xmm9, %xmm10
- movdqa %xmm11, %xmm6
- pslldq $8, %xmm10
- psrldq $8, %xmm9
+ pshufd $0x4e, %xmm5, %xmm8
+ pshufd $0x4e, %xmm6, %xmm9
+ movdqa %xmm6, %xmm10
+ movdqa %xmm6, %xmm7
+ pclmulqdq $0x11, %xmm5, %xmm10
+ pclmulqdq $0x00, %xmm5, %xmm7
+ pxor %xmm5, %xmm8
+ pxor %xmm6, %xmm9
+ pclmulqdq $0x00, %xmm9, %xmm8
+ pxor %xmm7, %xmm8
pxor %xmm10, %xmm8
- pxor %xmm9, %xmm6
- movdqa %xmm8, %xmm12
- movdqa %xmm8, %xmm13
- movdqa %xmm8, %xmm14
- pslld $31, %xmm12
- pslld $30, %xmm13
- pslld $25, %xmm14
- pxor %xmm13, %xmm12
- pxor %xmm14, %xmm12
- movdqa %xmm12, %xmm13
- psrldq $4, %xmm13
- pslldq $12, %xmm12
- pxor %xmm12, %xmm8
- movdqa %xmm8, %xmm14
- movdqa %xmm8, %xmm10
movdqa %xmm8, %xmm9
- psrld $0x01, %xmm14
- psrld $2, %xmm10
- psrld $7, %xmm9
- pxor %xmm10, %xmm14
- pxor %xmm9, %xmm14
- pxor %xmm13, %xmm14
- pxor %xmm8, %xmm14
- pxor %xmm14, %xmm6
+ movdqa %xmm10, %xmm6
+ pslldq $8, %xmm9
+ psrldq $8, %xmm8
+ pxor %xmm9, %xmm7
+ pxor %xmm8, %xmm6
+ movdqa %xmm7, %xmm11
+ movdqa %xmm7, %xmm12
+ movdqa %xmm7, %xmm13
+ pslld $31, %xmm11
+ pslld $30, %xmm12
+ pslld $25, %xmm13
+ pxor %xmm12, %xmm11
+ pxor %xmm13, %xmm11
+ movdqa %xmm11, %xmm12
+ psrldq $4, %xmm12
+ pslldq $12, %xmm11
+ pxor %xmm11, %xmm7
+ movdqa %xmm7, %xmm13
+ movdqa %xmm7, %xmm9
+ movdqa %xmm7, %xmm8
+ psrld $0x01, %xmm13
+ psrld $2, %xmm9
+ psrld $7, %xmm8
+ pxor %xmm9, %xmm13
+ pxor %xmm8, %xmm13
+ pxor %xmm12, %xmm13
+ pxor %xmm7, %xmm13
+ pxor %xmm13, %xmm6
pshufb L_aes_gcm_bswap_mask(%rip), %xmm6
movdqu %xmm15, %xmm0
pxor %xmm6, %xmm0
@@ -9133,53 +9133,53 @@ _AES_GCM_init_avx1:
# H = Encrypt X(=0) and T = Encrypt counter
vmovdqa (%rdi), %xmm5
vpxor %xmm5, %xmm4, %xmm1
- vmovdqa 16(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 32(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 48(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 64(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 80(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 96(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 112(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 128(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 144(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
+ vmovdqa 16(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 32(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 48(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 64(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 80(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 96(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 112(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 128(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 144(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
cmpl $11, %esi
- vmovdqa 160(%rdi), %xmm7
+ vmovdqa 160(%rdi), %xmm6
jl L_AES_GCM_init_avx1_calc_iv_12_last
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 176(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 176(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
cmpl $13, %esi
- vmovdqa 192(%rdi), %xmm7
+ vmovdqa 192(%rdi), %xmm6
jl L_AES_GCM_init_avx1_calc_iv_12_last
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 208(%rdi), %xmm7
- vaesenc %xmm7, %xmm5, %xmm5
- vaesenc %xmm7, %xmm1, %xmm1
- vmovdqa 224(%rdi), %xmm7
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 208(%rdi), %xmm6
+ vaesenc %xmm6, %xmm5, %xmm5
+ vaesenc %xmm6, %xmm1, %xmm1
+ vmovdqa 224(%rdi), %xmm6
L_AES_GCM_init_avx1_calc_iv_12_last:
- vaesenclast %xmm7, %xmm5, %xmm5
- vaesenclast %xmm7, %xmm1, %xmm1
+ vaesenclast %xmm6, %xmm5, %xmm5
+ vaesenclast %xmm6, %xmm1, %xmm1
vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm5, %xmm5
vmovdqu %xmm1, %xmm15
jmp L_AES_GCM_init_avx1_iv_done
@@ -9197,18 +9197,18 @@ L_AES_GCM_init_avx1_iv_not_12:
vaesenc 128(%rdi), %xmm5, %xmm5
vaesenc 144(%rdi), %xmm5, %xmm5
cmpl $11, %esi
- vmovdqa 160(%rdi), %xmm9
+ vmovdqa 160(%rdi), %xmm8
jl L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
- vaesenc %xmm9, %xmm5, %xmm5
+ vaesenc %xmm8, %xmm5, %xmm5
vaesenc 176(%rdi), %xmm5, %xmm5
cmpl $13, %esi
- vmovdqa 192(%rdi), %xmm9
+ vmovdqa 192(%rdi), %xmm8
jl L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
- vaesenc %xmm9, %xmm5, %xmm5
+ vaesenc %xmm8, %xmm5, %xmm5
vaesenc 208(%rdi), %xmm5, %xmm5
- vmovdqa 224(%rdi), %xmm9
+ vmovdqa 224(%rdi), %xmm8
L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
- vaesenclast %xmm9, %xmm5, %xmm5
+ vaesenclast %xmm8, %xmm5, %xmm5
vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm5, %xmm5
# Calc counter
# Initialization vector
@@ -9219,9 +9219,9 @@ L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
jl L_AES_GCM_init_avx1_calc_iv_lt16
andl $0xfffffff0, %edx
L_AES_GCM_init_avx1_calc_iv_16_loop:
- vmovdqu (%r10,%rcx,1), %xmm8
- vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
- vpxor %xmm8, %xmm4, %xmm4
+ vmovdqu (%r10,%rcx,1), %xmm7
+ vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+ vpxor %xmm7, %xmm4, %xmm4
# ghash_gfmul_avx
vpshufd $0x4e, %xmm4, %xmm1
vpshufd $0x4e, %xmm5, %xmm2
@@ -9232,38 +9232,38 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
vpclmulqdq $0x00, %xmm2, %xmm1, %xmm1
vpxor %xmm0, %xmm1, %xmm1
vpxor %xmm3, %xmm1, %xmm1
- vmovdqa %xmm0, %xmm7
+ vmovdqa %xmm0, %xmm6
vmovdqa %xmm3, %xmm4
vpslldq $8, %xmm1, %xmm2
vpsrldq $8, %xmm1, %xmm1
- vpxor %xmm2, %xmm7, %xmm7
+ vpxor %xmm2, %xmm6, %xmm6
vpxor %xmm1, %xmm4, %xmm4
- vpsrld $31, %xmm7, %xmm0
+ vpsrld $31, %xmm6, %xmm0
vpsrld $31, %xmm4, %xmm1
- vpslld $0x01, %xmm7, %xmm7
+ vpslld $0x01, %xmm6, %xmm6
vpslld $0x01, %xmm4, %xmm4
vpsrldq $12, %xmm0, %xmm2
vpslldq $4, %xmm0, %xmm0
vpslldq $4, %xmm1, %xmm1
vpor %xmm2, %xmm4, %xmm4
- vpor %xmm0, %xmm7, %xmm7
+ vpor %xmm0, %xmm6, %xmm6
vpor %xmm1, %xmm4, %xmm4
- vpslld $31, %xmm7, %xmm0
- vpslld $30, %xmm7, %xmm1
- vpslld $25, %xmm7, %xmm2
+ vpslld $31, %xmm6, %xmm0
+ vpslld $30, %xmm6, %xmm1
+ vpslld $25, %xmm6, %xmm2
vpxor %xmm1, %xmm0, %xmm0
vpxor %xmm2, %xmm0, %xmm0
vmovdqa %xmm0, %xmm1
vpsrldq $4, %xmm1, %xmm1
vpslldq $12, %xmm0, %xmm0
- vpxor %xmm0, %xmm7, %xmm7
- vpsrld $0x01, %xmm7, %xmm2
- vpsrld $2, %xmm7, %xmm3
- vpsrld $7, %xmm7, %xmm0
+ vpxor %xmm0, %xmm6, %xmm6
+ vpsrld $0x01, %xmm6, %xmm2
+ vpsrld $2, %xmm6, %xmm3
+ vpsrld $7, %xmm6, %xmm0
vpxor %xmm3, %xmm2, %xmm2
vpxor %xmm0, %xmm2, %xmm2
vpxor %xmm1, %xmm2, %xmm2
- vpxor %xmm7, %xmm2, %xmm2
+ vpxor %xmm6, %xmm2, %xmm2
vpxor %xmm2, %xmm4, %xmm4
addl $16, %ecx
cmpl %edx, %ecx
@@ -9273,9 +9273,9 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
je L_AES_GCM_init_avx1_calc_iv_done
L_AES_GCM_init_avx1_calc_iv_lt16:
subq $16, %rsp
- vpxor %xmm8, %xmm8, %xmm8
+ vpxor %xmm7, %xmm7, %xmm7
xorl %r13d, %r13d
- vmovdqu %xmm8, (%rsp)
+ vmovdqu %xmm7, (%rsp)
L_AES_GCM_init_avx1_calc_iv_loop:
movzbl (%r10,%rcx,1), %r12d
movb %r12b, (%rsp,%r13,1)
@@ -9283,10 +9283,10 @@ L_AES_GCM_init_avx1_calc_iv_loop:
incl %r13d
cmpl %edx, %ecx
jl L_AES_GCM_init_avx1_calc_iv_loop
- vmovdqu (%rsp), %xmm8
+ vmovdqu (%rsp), %xmm7
addq $16, %rsp
- vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
- vpxor %xmm8, %xmm4, %xmm4
+ vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+ vpxor %xmm7, %xmm4, %xmm4
# ghash_gfmul_avx
vpshufd $0x4e, %xmm4, %xmm1
vpshufd $0x4e, %xmm5, %xmm2
@@ -9297,38 +9297,38 @@ L_AES_GCM_init_avx1_calc_iv_loop:
vpclmulqdq $0x00, %xmm2, %xmm1, %xmm1
vpxor %xmm0, %xmm1, %xmm1
vpxor %xmm3, %xmm1, %xmm1
- vmovdqa %xmm0, %xmm7
+ vmovdqa %xmm0, %xmm6
vmovdqa %xmm3, %xmm4
vpslldq $8, %xmm1, %xmm2
vpsrldq $8, %xmm1, %xmm1
- vpxor %xmm2, %xmm7, %xmm7
+ vpxor %xmm2, %xmm6, %xmm6
vpxor %xmm1, %xmm4, %xmm4
- vpsrld $31, %xmm7, %xmm0
+ vpsrld $31, %xmm6, %xmm0
vpsrld $31, %xmm4, %xmm1
- vpslld $0x01, %xmm7, %xmm7
+ vpslld $0x01, %xmm6, %xmm6
vpslld $0x01, %xmm4, %xmm4
vpsrldq $12, %xmm0, %xmm2
vpslldq $4, %xmm0, %xmm0
vpslldq $4, %xmm1, %xmm1
vpor %xmm2, %xmm4, %xmm4
- vpor %xmm0, %xmm7, %xmm7
+ vpor %xmm0, %xmm6, %xmm6
vpor %xmm1, %xmm4, %xmm4
- vpslld $31, %xmm7, %xmm0
- vpslld $30, %xmm7, %xmm1
- vpslld $25, %xmm7, %xmm2
+ vpslld $31, %xmm6, %xmm0
+ vpslld $30, %xmm6, %xmm1
+ vpslld $25, %xmm6, %xmm2
vpxor %xmm1, %xmm0, %xmm0
vpxor %xmm2, %xmm0, %xmm0
vmovdqa %xmm0, %xmm1
vpsrldq $4, %xmm1, %xmm1
vpslldq $12, %xmm0, %xmm0
- vpxor %xmm0, %xmm7, %xmm7
- vpsrld $0x01, %xmm7, %xmm2
- vpsrld $2, %xmm7, %xmm3
- vpsrld $7, %xmm7, %xmm0
+ vpxor %xmm0, %xmm6, %xmm6
+ vpsrld $0x01, %xmm6, %xmm2
+ vpsrld $2, %xmm6, %xmm3
+ vpsrld $7, %xmm6, %xmm0
vpxor %xmm3, %xmm2, %xmm2
vpxor %xmm0, %xmm2, %xmm2
vpxor %xmm1, %xmm2, %xmm2
- vpxor %xmm7, %xmm2, %xmm2
+ vpxor %xmm6, %xmm2, %xmm2
vpxor %xmm2, %xmm4, %xmm4
L_AES_GCM_init_avx1_calc_iv_done:
# T = Encrypt counter
@@ -9346,66 +9346,66 @@ L_AES_GCM_init_avx1_calc_iv_done:
vpclmulqdq $0x00, %xmm2, %xmm1, %xmm1
vpxor %xmm0, %xmm1, %xmm1
vpxor %xmm3, %xmm1, %xmm1
- vmovdqa %xmm0, %xmm7
+ vmovdqa %xmm0, %xmm6
vmovdqa %xmm3, %xmm4
vpslldq $8, %xmm1, %xmm2
vpsrldq $8, %xmm1, %xmm1
- vpxor %xmm2, %xmm7, %xmm7
+ vpxor %xmm2, %xmm6, %xmm6
vpxor %xmm1, %xmm4, %xmm4
- vpsrld $31, %xmm7, %xmm0
+ vpsrld $31, %xmm6, %xmm0
vpsrld $31, %xmm4, %xmm1
- vpslld $0x01, %xmm7, %xmm7
+ vpslld $0x01, %xmm6, %xmm6
vpslld $0x01, %xmm4, %xmm4
vpsrldq $12, %xmm0, %xmm2
vpslldq $4, %xmm0, %xmm0
vpslldq $4, %xmm1, %xmm1
vpor %xmm2, %xmm4, %xmm4
- vpor %xmm0, %xmm7, %xmm7
+ vpor %xmm0, %xmm6, %xmm6
vpor %xmm1, %xmm4, %xmm4
- vpslld $31, %xmm7, %xmm0
- vpslld $30, %xmm7, %xmm1
- vpslld $25, %xmm7, %xmm2
+ vpslld $31, %xmm6, %xmm0
+ vpslld $30, %xmm6, %xmm1
+ vpslld $25, %xmm6, %xmm2
vpxor %xmm1, %xmm0, %xmm0
vpxor %xmm2, %xmm0, %xmm0
vmovdqa %xmm0, %xmm1
vpsrldq $4, %xmm1, %xmm1
vpslldq $12, %xmm0, %xmm0
- vpxor %xmm0, %xmm7, %xmm7
- vpsrld $0x01, %xmm7, %xmm2
- vpsrld $2, %xmm7, %xmm3
- vpsrld $7, %xmm7, %xmm0
+ vpxor %xmm0, %xmm6, %xmm6
+ vpsrld $0x01, %xmm6, %xmm2
+ vpsrld $2, %xmm6, %xmm3
+ vpsrld $7, %xmm6, %xmm0
vpxor %xmm3, %xmm2, %xmm2
vpxor %xmm0, %xmm2, %xmm2
vpxor %xmm1, %xmm2, %xmm2
- vpxor %xmm7, %xmm2, %xmm2
+ vpxor %xmm6, %xmm2, %xmm2
vpxor %xmm2, %xmm4, %xmm4
vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm4, %xmm4
# Encrypt counter
- vmovdqa (%rdi), %xmm8
- vpxor %xmm4, %xmm8, %xmm8
- vaesenc 16(%rdi), %xmm8, %xmm8
- vaesenc 32(%rdi), %xmm8, %xmm8
- vaesenc 48(%rdi), %xmm8, %xmm8
- vaesenc 64(%rdi), %xmm8, %xmm8
- vaesenc 80(%rdi), %xmm8, %xmm8
- vaesenc 96(%rdi), %xmm8, %xmm8
- vaesenc 112(%rdi), %xmm8, %xmm8
- vaesenc 128(%rdi), %xmm8, %xmm8
- vaesenc 144(%rdi), %xmm8, %xmm8
+ vmovdqa (%rdi), %xmm7
+ vpxor %xmm4, %xmm7, %xmm7
+ vaesenc 16(%rdi), %xmm7, %xmm7
+ vaesenc 32(%rdi), %xmm7, %xmm7
+ vaesenc 48(%rdi), %xmm7, %xmm7
+ vaesenc 64(%rdi), %xmm7, %xmm7
+ vaesenc 80(%rdi), %xmm7, %xmm7
+ vaesenc 96(%rdi), %xmm7, %xmm7
+ vaesenc 112(%rdi), %xmm7, %xmm7
+ vaesenc 128(%rdi), %xmm7, %xmm7
+ vaesenc 144(%rdi), %xmm7, %xmm7
cmpl $11, %esi
- vmovdqa 160(%rdi), %xmm9
+ vmovdqa 160(%rdi), %xmm8
jl L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
- vaesenc %xmm9, %xmm8, %xmm8
- vaesenc 176(%rdi), %xmm8, %xmm8
+ vaesenc %xmm8, %xmm7, %xmm7
+ vaesenc 176(%rdi), %xmm7, %xmm7
cmpl $13, %esi
- vmovdqa 192(%rdi), %xmm9
+ vmovdqa 192(%rdi), %xmm8
jl L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
- vaesenc %xmm9, %xmm8, %xmm8
- vaesenc 208(%rdi), %xmm8, %xmm8
- vmovdqa 224(%rdi), %xmm9
+ vaesenc %xmm8, %xmm7, %xmm7
+ vaesenc 208(%rdi), %xmm7, %xmm7
+ vmovdqa 224(%rdi), %xmm8
L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last:
- vaesenclast %xmm9, %xmm8, %xmm8
- vmovdqu %xmm8, %xmm15
+ vaesenclast %xmm8, %xmm7, %xmm7
+ vmovdqu %xmm7, %xmm15
L_AES_GCM_init_avx1_iv_done:
vmovdqa %xmm15, (%rax)
vpshufb L_avx1_aes_gcm_bswap_epi64(%rip), %xmm4, %xmm4
@@ -9437,9 +9437,9 @@ _AES_GCM_aad_update_avx1:
vmovdqa (%rax), %xmm6
xorl %ecx, %ecx
L_AES_GCM_aad_update_avx1_16_loop:
- vmovdqu (%rdi,%rcx,1), %xmm8
- vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
- vpxor %xmm8, %xmm5, %xmm5
+ vmovdqu (%rdi,%rcx,1), %xmm7
+ vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+ vpxor %xmm7, %xmm5, %xmm5
# ghash_gfmul_avx
vpshufd $0x4e, %xmm5, %xmm1
vpshufd $0x4e, %xmm6, %xmm2
@@ -9506,37 +9506,37 @@ _AES_GCM_encrypt_block_avx1:
#endif /* __APPLE__ */
movq %rdx, %r10
movq %rcx, %r11
- vmovdqu (%r8), %xmm9
- vpshufb L_avx1_aes_gcm_bswap_epi64(%rip), %xmm9, %xmm8
- vpaddd L_avx1_aes_gcm_one(%rip), %xmm9, %xmm9
- vmovdqu %xmm9, (%r8)
- vpxor (%rdi), %xmm8, %xmm8
- vaesenc 16(%rdi), %xmm8, %xmm8
- vaesenc 32(%rdi), %xmm8, %xmm8
- vaesenc 48(%rdi), %xmm8, %xmm8
- vaesenc 64(%rdi), %xmm8, %xmm8
- vaesenc 80(%rdi), %xmm8, %xmm8
- vaesenc 96(%rdi), %xmm8, %xmm8
- vaesenc 112(%rdi), %xmm8, %xmm8
- vaesenc 128(%rdi), %xmm8, %xmm8
- vaesenc 144(%rdi), %xmm8, %xmm8
+ vmovdqu (%r8), %xmm1
+ vpshufb L_avx1_aes_gcm_bswap_epi64(%rip), %xmm1, %xmm0
+ vpaddd L_avx1_aes_gcm_one(%rip), %xmm1, %xmm1
+ vmovdqu %xmm1, (%r8)
+ vpxor (%rdi), %xmm0, %xmm0
+ vaesenc 16(%rdi), %xmm0, %xmm0
+ vaesenc 32(%rdi), %xmm0, %xmm0
+ vaesenc 48(%rdi), %xmm0, %xmm0
+ vaesenc 64(%rdi), %xmm0, %xmm0
+ vaesenc 80(%rdi), %xmm0, %xmm0
+ vaesenc 96(%rdi), %xmm0, %xmm0
+ vaesenc 112(%rdi), %xmm0, %xmm0
+ vaesenc 128(%rdi), %xmm0, %xmm0
+ vaesenc 144(%rdi), %xmm0, %xmm0
cmpl $11, %esi
- vmovdqa 160(%rdi), %xmm9
+ vmovdqa 160(%rdi), %xmm1
jl L_AES_GCM_encrypt_block_avx1_aesenc_block_last
- vaesenc %xmm9, %xmm8, %xmm8
- vaesenc 176(%rdi), %xmm8, %xmm8
+ vaesenc %xmm1, %xmm0, %xmm0
+ vaesenc 176(%rdi), %xmm0, %xmm0
cmpl $13, %esi
- vmovdqa 192(%rdi), %xmm9
+ vmovdqa 192(%rdi), %xmm1
jl L_AES_GCM_encrypt_block_avx1_aesenc_block_last
- vaesenc %xmm9, %xmm8, %xmm8
- vaesenc 208(%rdi), %xmm8, %xmm8
- vmovdqa 224(%rdi), %xmm9
+ vaesenc %xmm1, %xmm0, %xmm0
+ vaesenc 208(%rdi), %xmm0, %xmm0
+ vmovdqa 224(%rdi), %xmm1
L_AES_GCM_encrypt_block_avx1_aesenc_block_last:
- vaesenclast %xmm9, %xmm8, %xmm8
- vmovdqu (%r11), %xmm9
- vpxor %xmm9, %xmm8, %xmm8
- vmovdqu %xmm8, (%r10)
- vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
+ vaesenclast %xmm1, %xmm0, %xmm0
+ vmovdqu (%r11), %xmm1
+ vpxor %xmm1, %xmm0, %xmm0
+ vmovdqu %xmm0, (%r10)
+ vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm0, %xmm0
vzeroupper
repz retq
#ifndef __APPLE__
@@ -9556,9 +9556,9 @@ _AES_GCM_ghash_block_avx1:
#endif /* __APPLE__ */
vmovdqa (%rsi), %xmm4
vmovdqa (%rdx), %xmm5
- vmovdqu (%rdi), %xmm8
- vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
- vpxor %xmm8, %xmm4, %xmm4
+ vmovdqu (%rdi), %xmm7
+ vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+ vpxor %xmm7, %xmm4, %xmm4
# ghash_gfmul_avx
vpshufd $0x4e, %xmm4, %xmm1
vpshufd $0x4e, %xmm5, %xmm2
@@ -10654,14 +10654,14 @@ _AES_GCM_encrypt_final_avx1:
vmovdqa (%rdi), %xmm4
vmovdqa (%r9), %xmm5
vmovdqa (%r8), %xmm6
- vpsrlq $63, %xmm5, %xmm9
- vpsllq $0x01, %xmm5, %xmm8
- vpslldq $8, %xmm9, %xmm9
- vpor %xmm9, %xmm8, %xmm8
+ vpsrlq $63, %xmm5, %xmm8
+ vpsllq $0x01, %xmm5, %xmm7
+ vpslldq $8, %xmm8, %xmm8
+ vpor %xmm8, %xmm7, %xmm7
vpshufd $0xff, %xmm5, %xmm5
vpsrad $31, %xmm5, %xmm5
vpand L_avx1_aes_gcm_mod2_128(%rip), %xmm5, %xmm5
- vpxor %xmm8, %xmm5, %xmm5
+ vpxor %xmm7, %xmm5, %xmm5
movl %r10d, %edx
movl %r11d, %ecx
shlq $3, %rdx
@@ -10671,35 +10671,35 @@ _AES_GCM_encrypt_final_avx1:
vpunpcklqdq %xmm1, %xmm0, %xmm0
vpxor %xmm0, %xmm4, %xmm4
# ghash_gfmul_red_avx
- vpshufd $0x4e, %xmm5, %xmm9
- vpshufd $0x4e, %xmm4, %xmm10
- vpclmulqdq $0x11, %xmm5, %xmm4, %xmm11
- vpclmulqdq $0x00, %xmm5, %xmm4, %xmm8
- vpxor %xmm5, %xmm9, %xmm9
- vpxor %xmm4, %xmm10, %xmm10
- vpclmulqdq $0x00, %xmm10, %xmm9, %xmm9
- vpxor %xmm8, %xmm9, %xmm9
- vpxor %xmm11, %xmm9, %xmm9
- vpslldq $8, %xmm9, %xmm10
- vpsrldq $8, %xmm9, %xmm9
+ vpshufd $0x4e, %xmm5, %xmm8
+ vpshufd $0x4e, %xmm4, %xmm9
+ vpclmulqdq $0x11, %xmm5, %xmm4, %xmm10
+ vpclmulqdq $0x00, %xmm5, %xmm4, %xmm7
+ vpxor %xmm5, %xmm8, %xmm8
+ vpxor %xmm4, %xmm9, %xmm9
+ vpclmulqdq $0x00, %xmm9, %xmm8, %xmm8
+ vpxor %xmm7, %xmm8, %xmm8
vpxor %xmm10, %xmm8, %xmm8
- vpxor %xmm9, %xmm11, %xmm4
- vpslld $31, %xmm8, %xmm12
- vpslld $30, %xmm8, %xmm13
- vpslld $25, %xmm8, %xmm14
- vpxor %xmm13, %xmm12, %xmm12
- vpxor %xmm14, %xmm12, %xmm12
- vpsrldq $4, %xmm12, %xmm13
- vpslldq $12, %xmm12, %xmm12
- vpxor %xmm12, %xmm8, %xmm8
- vpsrld $0x01, %xmm8, %xmm14
- vpsrld $2, %xmm8, %xmm10
- vpsrld $7, %xmm8, %xmm9
- vpxor %xmm10, %xmm14, %xmm14
- vpxor %xmm9, %xmm14, %xmm14
- vpxor %xmm13, %xmm14, %xmm14
- vpxor %xmm8, %xmm14, %xmm14
- vpxor %xmm14, %xmm4, %xmm4
+ vpslldq $8, %xmm8, %xmm9
+ vpsrldq $8, %xmm8, %xmm8
+ vpxor %xmm9, %xmm7, %xmm7
+ vpxor %xmm8, %xmm10, %xmm4
+ vpslld $31, %xmm7, %xmm11
+ vpslld $30, %xmm7, %xmm12
+ vpslld $25, %xmm7, %xmm13
+ vpxor %xmm12, %xmm11, %xmm11
+ vpxor %xmm13, %xmm11, %xmm11
+ vpsrldq $4, %xmm11, %xmm12
+ vpslldq $12, %xmm11, %xmm11
+ vpxor %xmm11, %xmm7, %xmm7
+ vpsrld $0x01, %xmm7, %xmm13
+ vpsrld $2, %xmm7, %xmm9
+ vpsrld $7, %xmm7, %xmm8
+ vpxor %xmm9, %xmm13, %xmm13
+ vpxor %xmm8, %xmm13, %xmm13
+ vpxor %xmm12, %xmm13, %xmm13
+ vpxor %xmm7, %xmm13, %xmm13
+ vpxor %xmm13, %xmm4, %xmm4
vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm4, %xmm4
vpxor %xmm6, %xmm4, %xmm0
cmpl $16, %eax
@@ -11356,14 +11356,14 @@ _AES_GCM_decrypt_final_avx1:
vmovdqa (%rdi), %xmm6
vmovdqa (%r9), %xmm5
vmovdqa (%r8), %xmm15
- vpsrlq $63, %xmm5, %xmm9
- vpsllq $0x01, %xmm5, %xmm8
- vpslldq $8, %xmm9, %xmm9
- vpor %xmm9, %xmm8, %xmm8
+ vpsrlq $63, %xmm5, %xmm8
+ vpsllq $0x01, %xmm5, %xmm7
+ vpslldq $8, %xmm8, %xmm8
+ vpor %xmm8, %xmm7, %xmm7
vpshufd $0xff, %xmm5, %xmm5
vpsrad $31, %xmm5, %xmm5
vpand L_avx1_aes_gcm_mod2_128(%rip), %xmm5, %xmm5
- vpxor %xmm8, %xmm5, %xmm5
+ vpxor %xmm7, %xmm5, %xmm5
movl %r10d, %edx
movl %r11d, %ecx
shlq $3, %rdx
@@ -11373,35 +11373,35 @@ _AES_GCM_decrypt_final_avx1:
vpunpcklqdq %xmm1, %xmm0, %xmm0
vpxor %xmm0, %xmm6, %xmm6
# ghash_gfmul_red_avx
- vpshufd $0x4e, %xmm5, %xmm9
- vpshufd $0x4e, %xmm6, %xmm10
- vpclmulqdq $0x11, %xmm5, %xmm6, %xmm11
- vpclmulqdq $0x00, %xmm5, %xmm6, %xmm8
- vpxor %xmm5, %xmm9, %xmm9
- vpxor %xmm6, %xmm10, %xmm10
- vpclmulqdq $0x00, %xmm10, %xmm9, %xmm9
- vpxor %xmm8, %xmm9, %xmm9
- vpxor %xmm11, %xmm9, %xmm9
- vpslldq $8, %xmm9, %xmm10
- vpsrldq $8, %xmm9, %xmm9
+ vpshufd $0x4e, %xmm5, %xmm8
+ vpshufd $0x4e, %xmm6, %xmm9
+ vpclmulqdq $0x11, %xmm5, %xmm6, %xmm10
+ vpclmulqdq $0x00, %xmm5, %xmm6, %xmm7
+ vpxor %xmm5, %xmm8, %xmm8
+ vpxor %xmm6, %xmm9, %xmm9
+ vpclmulqdq $0x00, %xmm9, %xmm8, %xmm8
+ vpxor %xmm7, %xmm8, %xmm8
vpxor %xmm10, %xmm8, %xmm8
- vpxor %xmm9, %xmm11, %xmm6
- vpslld $31, %xmm8, %xmm12
- vpslld $30, %xmm8, %xmm13
- vpslld $25, %xmm8, %xmm14
- vpxor %xmm13, %xmm12, %xmm12
- vpxor %xmm14, %xmm12, %xmm12
- vpsrldq $4, %xmm12, %xmm13
- vpslldq $12, %xmm12, %xmm12
- vpxor %xmm12, %xmm8, %xmm8
- vpsrld $0x01, %xmm8, %xmm14
- vpsrld $2, %xmm8, %xmm10
- vpsrld $7, %xmm8, %xmm9
- vpxor %xmm10, %xmm14, %xmm14
- vpxor %xmm9, %xmm14, %xmm14
- vpxor %xmm13, %xmm14, %xmm14
- vpxor %xmm8, %xmm14, %xmm14
- vpxor %xmm14, %xmm6, %xmm6
+ vpslldq $8, %xmm8, %xmm9
+ vpsrldq $8, %xmm8, %xmm8
+ vpxor %xmm9, %xmm7, %xmm7
+ vpxor %xmm8, %xmm10, %xmm6
+ vpslld $31, %xmm7, %xmm11
+ vpslld $30, %xmm7, %xmm12
+ vpslld $25, %xmm7, %xmm13
+ vpxor %xmm12, %xmm11, %xmm11
+ vpxor %xmm13, %xmm11, %xmm11
+ vpsrldq $4, %xmm11, %xmm12
+ vpslldq $12, %xmm11, %xmm11
+ vpxor %xmm11, %xmm7, %xmm7
+ vpsrld $0x01, %xmm7, %xmm13
+ vpsrld $2, %xmm7, %xmm9
+ vpsrld $7, %xmm7, %xmm8
+ vpxor %xmm9, %xmm13, %xmm13
+ vpxor %xmm8, %xmm13, %xmm13
+ vpxor %xmm12, %xmm13, %xmm13
+ vpxor %xmm7, %xmm13, %xmm13
+ vpxor %xmm13, %xmm6, %xmm6
vpshufb L_avx1_aes_gcm_bswap_mask(%rip), %xmm6, %xmm6
vpxor %xmm15, %xmm6, %xmm0
cmpl $16, %eax
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm
index 031a0961..c0e3682f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm
@@ -1,5 +1,5 @@
-; /* aes_gcm_asm
-; *
+; /* aes_gcm_asm.asm */
+; /*
; * Copyright (C) 2006-2023 wolfSSL Inc.
; *
; * This file is part of wolfSSL.
@@ -96,7 +96,7 @@ L_aes_gcm_mod2_128 QWORD 1, 13979173243358019584
ptr_L_aes_gcm_mod2_128 QWORD L_aes_gcm_mod2_128
_DATA ENDS
_text SEGMENT READONLY PARA
-AES_GCM_encrypt PROC
+AES_GCM_encrypt_aesni PROC
push r13
push rdi
push rsi
@@ -115,12 +115,22 @@ AES_GCM_encrypt PROC
mov r14d, DWORD PTR [rsp+128]
mov r15, QWORD PTR [rsp+136]
mov r10d, DWORD PTR [rsp+144]
- sub rsp, 160
+ sub rsp, 320
+ movdqu [rsp+160], xmm6
+ movdqu [rsp+176], xmm7
+ movdqu [rsp+192], xmm8
+ movdqu [rsp+208], xmm9
+ movdqu [rsp+224], xmm10
+ movdqu [rsp+240], xmm11
+ movdqu [rsp+256], xmm12
+ movdqu [rsp+272], xmm13
+ movdqu [rsp+288], xmm14
+ movdqu [rsp+304], xmm15
pxor xmm4, xmm4
pxor xmm6, xmm6
cmp ebx, 12
mov edx, ebx
- jne L_AES_GCM_encrypt_iv_not_12
+ jne L_AES_GCM_encrypt_aesni_iv_not_12
; # Calculate values when IV is 12 bytes
; Set counter based on IV
mov ecx, 16777216
@@ -160,7 +170,7 @@ AES_GCM_encrypt PROC
aesenc xmm1, xmm7
cmp r10d, 11
movdqa xmm7, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_calc_iv_12_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_12_last
aesenc xmm5, xmm7
aesenc xmm1, xmm7
movdqa xmm7, OWORD PTR [r15+176]
@@ -168,20 +178,20 @@ AES_GCM_encrypt PROC
aesenc xmm1, xmm7
cmp r10d, 13
movdqa xmm7, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_calc_iv_12_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_12_last
aesenc xmm5, xmm7
aesenc xmm1, xmm7
movdqa xmm7, OWORD PTR [r15+208]
aesenc xmm5, xmm7
aesenc xmm1, xmm7
movdqa xmm7, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_calc_iv_12_last:
+L_AES_GCM_encrypt_aesni_calc_iv_12_last:
aesenclast xmm5, xmm7
aesenclast xmm1, xmm7
pshufb xmm5, OWORD PTR L_aes_gcm_bswap_mask
movdqu [rsp+144], xmm1
- jmp L_AES_GCM_encrypt_iv_done
-L_AES_GCM_encrypt_iv_not_12:
+ jmp L_AES_GCM_encrypt_aesni_iv_done
+L_AES_GCM_encrypt_aesni_iv_not_12:
; Calculate values when IV is not 12 bytes
; H = Encrypt X(=0)
movdqa xmm5, OWORD PTR [r15]
@@ -196,27 +206,27 @@ L_AES_GCM_encrypt_iv_not_12:
aesenc xmm5, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc xmm5, xmm9
aesenc xmm5, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc xmm5, xmm9
aesenc xmm5, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last:
aesenclast xmm5, xmm9
pshufb xmm5, OWORD PTR L_aes_gcm_bswap_mask
; Calc counter
; Initialization vector
cmp edx, 0
mov rcx, 0
- je L_AES_GCM_encrypt_calc_iv_done
+ je L_AES_GCM_encrypt_aesni_calc_iv_done
cmp edx, 16
- jl L_AES_GCM_encrypt_calc_iv_lt16
+ jl L_AES_GCM_encrypt_aesni_calc_iv_lt16
and edx, 4294967280
-L_AES_GCM_encrypt_calc_iv_16_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_16_loop:
movdqu xmm8, [rax+rcx]
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
pxor xmm4, xmm8
@@ -276,22 +286,22 @@ L_AES_GCM_encrypt_calc_iv_16_loop:
pxor xmm4, xmm2
add ecx, 16
cmp ecx, edx
- jl L_AES_GCM_encrypt_calc_iv_16_loop
+ jl L_AES_GCM_encrypt_aesni_calc_iv_16_loop
mov edx, ebx
cmp ecx, edx
- je L_AES_GCM_encrypt_calc_iv_done
-L_AES_GCM_encrypt_calc_iv_lt16:
+ je L_AES_GCM_encrypt_aesni_calc_iv_done
+L_AES_GCM_encrypt_aesni_calc_iv_lt16:
sub rsp, 16
pxor xmm8, xmm8
xor ebx, ebx
movdqu [rsp], xmm8
-L_AES_GCM_encrypt_calc_iv_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_loop:
movzx r13d, BYTE PTR [rax+rcx]
mov BYTE PTR [rsp+rbx], r13b
inc ecx
inc ebx
cmp ecx, edx
- jl L_AES_GCM_encrypt_calc_iv_loop
+ jl L_AES_GCM_encrypt_aesni_calc_iv_loop
movdqu xmm8, [rsp]
add rsp, 16
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -350,7 +360,7 @@ L_AES_GCM_encrypt_calc_iv_loop:
pxor xmm2, xmm1
pxor xmm2, xmm7
pxor xmm4, xmm2
-L_AES_GCM_encrypt_calc_iv_done:
+L_AES_GCM_encrypt_aesni_calc_iv_done:
; T = Encrypt counter
pxor xmm0, xmm0
shl edx, 3
@@ -425,28 +435,28 @@ L_AES_GCM_encrypt_calc_iv_done:
aesenc xmm8, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last:
aesenclast xmm8, xmm9
movdqu [rsp+144], xmm8
-L_AES_GCM_encrypt_iv_done:
+L_AES_GCM_encrypt_aesni_iv_done:
; Additional authentication data
mov edx, r11d
cmp edx, 0
- je L_AES_GCM_encrypt_calc_aad_done
+ je L_AES_GCM_encrypt_aesni_calc_aad_done
xor ecx, ecx
cmp edx, 16
- jl L_AES_GCM_encrypt_calc_aad_lt16
+ jl L_AES_GCM_encrypt_aesni_calc_aad_lt16
and edx, 4294967280
-L_AES_GCM_encrypt_calc_aad_16_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_16_loop:
movdqu xmm8, [r12+rcx]
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
pxor xmm6, xmm8
@@ -506,22 +516,22 @@ L_AES_GCM_encrypt_calc_aad_16_loop:
pxor xmm6, xmm2
add ecx, 16
cmp ecx, edx
- jl L_AES_GCM_encrypt_calc_aad_16_loop
+ jl L_AES_GCM_encrypt_aesni_calc_aad_16_loop
mov edx, r11d
cmp ecx, edx
- je L_AES_GCM_encrypt_calc_aad_done
-L_AES_GCM_encrypt_calc_aad_lt16:
+ je L_AES_GCM_encrypt_aesni_calc_aad_done
+L_AES_GCM_encrypt_aesni_calc_aad_lt16:
sub rsp, 16
pxor xmm8, xmm8
xor ebx, ebx
movdqu [rsp], xmm8
-L_AES_GCM_encrypt_calc_aad_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_loop:
movzx r13d, BYTE PTR [r12+rcx]
mov BYTE PTR [rsp+rbx], r13b
inc ecx
inc ebx
cmp ecx, edx
- jl L_AES_GCM_encrypt_calc_aad_loop
+ jl L_AES_GCM_encrypt_aesni_calc_aad_loop
movdqu xmm8, [rsp]
add rsp, 16
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -580,7 +590,7 @@ L_AES_GCM_encrypt_calc_aad_loop:
pxor xmm2, xmm1
pxor xmm2, xmm7
pxor xmm6, xmm2
-L_AES_GCM_encrypt_calc_aad_done:
+L_AES_GCM_encrypt_aesni_calc_aad_done:
; Calculate counter and H
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_epi64
movdqa xmm9, xmm5
@@ -598,7 +608,7 @@ L_AES_GCM_encrypt_calc_aad_done:
xor rbx, rbx
cmp r9d, 128
mov r13d, r9d
- jl L_AES_GCM_encrypt_done_128
+ jl L_AES_GCM_encrypt_aesni_done_128
and r13d, 4294967168
movdqa xmm2, xmm6
; H ^ 1
@@ -1017,7 +1027,7 @@ L_AES_GCM_encrypt_calc_aad_done:
aesenc xmm15, xmm7
cmp r10d, 11
movdqa xmm7, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_enc_done
+ jl L_AES_GCM_encrypt_aesni_enc_done
aesenc xmm8, xmm7
aesenc xmm9, xmm7
aesenc xmm10, xmm7
@@ -1037,7 +1047,7 @@ L_AES_GCM_encrypt_calc_aad_done:
aesenc xmm15, xmm7
cmp r10d, 13
movdqa xmm7, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_enc_done
+ jl L_AES_GCM_encrypt_aesni_enc_done
aesenc xmm8, xmm7
aesenc xmm9, xmm7
aesenc xmm10, xmm7
@@ -1056,7 +1066,7 @@ L_AES_GCM_encrypt_calc_aad_done:
aesenc xmm14, xmm7
aesenc xmm15, xmm7
movdqa xmm7, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_enc_done:
+L_AES_GCM_encrypt_aesni_enc_done:
aesenclast xmm8, xmm7
aesenclast xmm9, xmm7
movdqu xmm0, [rdi]
@@ -1091,9 +1101,9 @@ L_AES_GCM_encrypt_enc_done:
movdqu [rsi+112], xmm15
cmp r13d, 128
mov ebx, 128
- jle L_AES_GCM_encrypt_end_128
+ jle L_AES_GCM_encrypt_aesni_end_128
; More 128 bytes of input
-L_AES_GCM_encrypt_ghash_128:
+L_AES_GCM_encrypt_aesni_ghash_128:
lea rcx, QWORD PTR [rdi+rbx]
lea rdx, QWORD PTR [rsi+rbx]
movdqu xmm8, [rsp+128]
@@ -1361,7 +1371,7 @@ L_AES_GCM_encrypt_ghash_128:
pxor xmm2, xmm3
cmp r10d, 11
movdqa xmm7, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
aesenc xmm8, xmm7
aesenc xmm9, xmm7
aesenc xmm10, xmm7
@@ -1381,7 +1391,7 @@ L_AES_GCM_encrypt_ghash_128:
aesenc xmm15, xmm7
cmp r10d, 13
movdqa xmm7, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
aesenc xmm8, xmm7
aesenc xmm9, xmm7
aesenc xmm10, xmm7
@@ -1400,7 +1410,7 @@ L_AES_GCM_encrypt_ghash_128:
aesenc xmm14, xmm7
aesenc xmm15, xmm7
movdqa xmm7, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done:
aesenclast xmm8, xmm7
aesenclast xmm9, xmm7
movdqu xmm0, [rcx]
@@ -1435,8 +1445,8 @@ L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
movdqu [rdx+112], xmm15
add ebx, 128
cmp ebx, r13d
- jl L_AES_GCM_encrypt_ghash_128
-L_AES_GCM_encrypt_end_128:
+ jl L_AES_GCM_encrypt_aesni_ghash_128
+L_AES_GCM_encrypt_aesni_end_128:
movdqa xmm4, OWORD PTR L_aes_gcm_bswap_mask
pshufb xmm8, xmm4
pshufb xmm9, xmm4
@@ -1623,14 +1633,14 @@ L_AES_GCM_encrypt_end_128:
pxor xmm2, xmm4
pxor xmm6, xmm2
movdqu xmm5, [rsp]
-L_AES_GCM_encrypt_done_128:
+L_AES_GCM_encrypt_aesni_done_128:
mov edx, r9d
cmp ebx, edx
- jge L_AES_GCM_encrypt_done_enc
+ jge L_AES_GCM_encrypt_aesni_done_enc
mov r13d, r9d
and r13d, 4294967280
cmp ebx, r13d
- jge L_AES_GCM_encrypt_last_block_done
+ jge L_AES_GCM_encrypt_aesni_last_block_done
lea rcx, QWORD PTR [rdi+rbx]
lea rdx, QWORD PTR [rsi+rbx]
movdqu xmm8, [rsp+128]
@@ -1650,16 +1660,16 @@ L_AES_GCM_encrypt_done_128:
aesenc xmm8, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last:
aesenclast xmm8, xmm9
movdqu xmm9, [rcx]
pxor xmm8, xmm9
@@ -1668,8 +1678,8 @@ L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
pxor xmm6, xmm8
add ebx, 16
cmp ebx, r13d
- jge L_AES_GCM_encrypt_last_block_ghash
-L_AES_GCM_encrypt_last_block_start:
+ jge L_AES_GCM_encrypt_aesni_last_block_ghash
+L_AES_GCM_encrypt_aesni_last_block_start:
lea rcx, QWORD PTR [rdi+rbx]
lea rdx, QWORD PTR [rsi+rbx]
movdqu xmm8, [rsp+128]
@@ -1714,16 +1724,16 @@ L_AES_GCM_encrypt_last_block_start:
pxor xmm6, xmm3
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_aesenc_gfmul_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_aesenc_gfmul_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_gfmul_last:
+L_AES_GCM_encrypt_aesni_aesenc_gfmul_last:
aesenclast xmm8, xmm9
movdqu xmm9, [rcx]
pxor xmm8, xmm9
@@ -1732,8 +1742,8 @@ L_AES_GCM_encrypt_aesenc_gfmul_last:
pxor xmm6, xmm8
add ebx, 16
cmp ebx, r13d
- jl L_AES_GCM_encrypt_last_block_start
-L_AES_GCM_encrypt_last_block_ghash:
+ jl L_AES_GCM_encrypt_aesni_last_block_start
+L_AES_GCM_encrypt_aesni_last_block_ghash:
pshufd xmm9, xmm5, 78
pshufd xmm10, xmm6, 78
movdqa xmm11, xmm6
@@ -1774,11 +1784,11 @@ L_AES_GCM_encrypt_last_block_ghash:
pxor xmm14, xmm13
pxor xmm14, xmm8
pxor xmm6, xmm14
-L_AES_GCM_encrypt_last_block_done:
+L_AES_GCM_encrypt_aesni_last_block_done:
mov ecx, r9d
mov edx, ecx
and ecx, 15
- jz L_AES_GCM_encrypt_aesenc_last15_enc_avx_done
+ jz L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done
movdqu xmm4, [rsp+128]
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_epi64
pxor xmm4, [r15]
@@ -1793,21 +1803,21 @@ L_AES_GCM_encrypt_last_block_done:
aesenc xmm4, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
aesenc xmm4, xmm9
aesenc xmm4, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
aesenc xmm4, xmm9
aesenc xmm4, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last:
aesenclast xmm4, xmm9
sub rsp, 16
xor ecx, ecx
movdqu [rsp], xmm4
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop:
movzx r13d, BYTE PTR [rdi+rbx]
xor r13b, BYTE PTR [rsp+rcx]
mov BYTE PTR [rsi+rbx], r13b
@@ -1815,16 +1825,16 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
inc ebx
inc ecx
cmp ebx, edx
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop
xor r13, r13
cmp ecx, 16
- je L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop:
+ je L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop:
mov BYTE PTR [rsp+rcx], r13b
inc ecx
cmp ecx, 16
- jl L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
+ jl L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc:
movdqu xmm4, [rsp]
add rsp, 16
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_mask
@@ -1869,8 +1879,8 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
pxor xmm14, xmm13
pxor xmm14, xmm8
pxor xmm6, xmm14
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_done:
-L_AES_GCM_encrypt_done_enc:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done:
+L_AES_GCM_encrypt_aesni_done_enc:
mov edx, r9d
mov ecx, r11d
shl rdx, 3
@@ -1922,20 +1932,30 @@ L_AES_GCM_encrypt_done_enc:
movdqu xmm0, [rsp+144]
pxor xmm0, xmm6
cmp r14d, 16
- je L_AES_GCM_encrypt_store_tag_16
+ je L_AES_GCM_encrypt_aesni_store_tag_16
xor rcx, rcx
movdqu [rsp], xmm0
-L_AES_GCM_encrypt_store_tag_loop:
+L_AES_GCM_encrypt_aesni_store_tag_loop:
movzx r13d, BYTE PTR [rsp+rcx]
mov BYTE PTR [r8+rcx], r13b
inc ecx
cmp ecx, r14d
- jne L_AES_GCM_encrypt_store_tag_loop
- jmp L_AES_GCM_encrypt_store_tag_done
-L_AES_GCM_encrypt_store_tag_16:
+ jne L_AES_GCM_encrypt_aesni_store_tag_loop
+ jmp L_AES_GCM_encrypt_aesni_store_tag_done
+L_AES_GCM_encrypt_aesni_store_tag_16:
movdqu [r8], xmm0
-L_AES_GCM_encrypt_store_tag_done:
- add rsp, 160
+L_AES_GCM_encrypt_aesni_store_tag_done:
+ movdqu xmm6, [rsp+160]
+ movdqu xmm7, [rsp+176]
+ movdqu xmm8, [rsp+192]
+ movdqu xmm9, [rsp+208]
+ movdqu xmm10, [rsp+224]
+ movdqu xmm11, [rsp+240]
+ movdqu xmm12, [rsp+256]
+ movdqu xmm13, [rsp+272]
+ movdqu xmm14, [rsp+288]
+ movdqu xmm15, [rsp+304]
+ add rsp, 320
pop r15
pop r14
pop rbx
@@ -1944,10 +1964,10 @@ L_AES_GCM_encrypt_store_tag_done:
pop rdi
pop r13
ret
-AES_GCM_encrypt ENDP
+AES_GCM_encrypt_aesni ENDP
_text ENDS
_text SEGMENT READONLY PARA
-AES_GCM_decrypt PROC
+AES_GCM_decrypt_aesni PROC
push r13
push rdi
push rsi
@@ -1968,12 +1988,22 @@ AES_GCM_decrypt PROC
mov r15, QWORD PTR [rsp+144]
mov r10d, DWORD PTR [rsp+152]
mov rbp, QWORD PTR [rsp+160]
- sub rsp, 168
+ sub rsp, 328
+ movdqu [rsp+168], xmm6
+ movdqu [rsp+184], xmm7
+ movdqu [rsp+200], xmm8
+ movdqu [rsp+216], xmm9
+ movdqu [rsp+232], xmm10
+ movdqu [rsp+248], xmm11
+ movdqu [rsp+264], xmm12
+ movdqu [rsp+280], xmm13
+ movdqu [rsp+296], xmm14
+ movdqu [rsp+312], xmm15
pxor xmm4, xmm4
pxor xmm6, xmm6
cmp ebx, 12
mov edx, ebx
- jne L_AES_GCM_decrypt_iv_not_12
+ jne L_AES_GCM_decrypt_aesni_iv_not_12
; # Calculate values when IV is 12 bytes
; Set counter based on IV
mov ecx, 16777216
@@ -2013,7 +2043,7 @@ AES_GCM_decrypt PROC
aesenc xmm1, xmm7
cmp r10d, 11
movdqa xmm7, OWORD PTR [r15+160]
- jl L_AES_GCM_decrypt_calc_iv_12_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_12_last
aesenc xmm5, xmm7
aesenc xmm1, xmm7
movdqa xmm7, OWORD PTR [r15+176]
@@ -2021,20 +2051,20 @@ AES_GCM_decrypt PROC
aesenc xmm1, xmm7
cmp r10d, 13
movdqa xmm7, OWORD PTR [r15+192]
- jl L_AES_GCM_decrypt_calc_iv_12_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_12_last
aesenc xmm5, xmm7
aesenc xmm1, xmm7
movdqa xmm7, OWORD PTR [r15+208]
aesenc xmm5, xmm7
aesenc xmm1, xmm7
movdqa xmm7, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_calc_iv_12_last:
+L_AES_GCM_decrypt_aesni_calc_iv_12_last:
aesenclast xmm5, xmm7
aesenclast xmm1, xmm7
pshufb xmm5, OWORD PTR L_aes_gcm_bswap_mask
movdqu [rsp+144], xmm1
- jmp L_AES_GCM_decrypt_iv_done
-L_AES_GCM_decrypt_iv_not_12:
+ jmp L_AES_GCM_decrypt_aesni_iv_done
+L_AES_GCM_decrypt_aesni_iv_not_12:
; Calculate values when IV is not 12 bytes
; H = Encrypt X(=0)
movdqa xmm5, OWORD PTR [r15]
@@ -2049,27 +2079,27 @@ L_AES_GCM_decrypt_iv_not_12:
aesenc xmm5, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc xmm5, xmm9
aesenc xmm5, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
aesenc xmm5, xmm9
aesenc xmm5, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last:
aesenclast xmm5, xmm9
pshufb xmm5, OWORD PTR L_aes_gcm_bswap_mask
; Calc counter
; Initialization vector
cmp edx, 0
mov rcx, 0
- je L_AES_GCM_decrypt_calc_iv_done
+ je L_AES_GCM_decrypt_aesni_calc_iv_done
cmp edx, 16
- jl L_AES_GCM_decrypt_calc_iv_lt16
+ jl L_AES_GCM_decrypt_aesni_calc_iv_lt16
and edx, 4294967280
-L_AES_GCM_decrypt_calc_iv_16_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_16_loop:
movdqu xmm8, [rax+rcx]
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
pxor xmm4, xmm8
@@ -2129,22 +2159,22 @@ L_AES_GCM_decrypt_calc_iv_16_loop:
pxor xmm4, xmm2
add ecx, 16
cmp ecx, edx
- jl L_AES_GCM_decrypt_calc_iv_16_loop
+ jl L_AES_GCM_decrypt_aesni_calc_iv_16_loop
mov edx, ebx
cmp ecx, edx
- je L_AES_GCM_decrypt_calc_iv_done
-L_AES_GCM_decrypt_calc_iv_lt16:
+ je L_AES_GCM_decrypt_aesni_calc_iv_done
+L_AES_GCM_decrypt_aesni_calc_iv_lt16:
sub rsp, 16
pxor xmm8, xmm8
xor ebx, ebx
movdqu [rsp], xmm8
-L_AES_GCM_decrypt_calc_iv_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_loop:
movzx r13d, BYTE PTR [rax+rcx]
mov BYTE PTR [rsp+rbx], r13b
inc ecx
inc ebx
cmp ecx, edx
- jl L_AES_GCM_decrypt_calc_iv_loop
+ jl L_AES_GCM_decrypt_aesni_calc_iv_loop
movdqu xmm8, [rsp]
add rsp, 16
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -2203,7 +2233,7 @@ L_AES_GCM_decrypt_calc_iv_loop:
pxor xmm2, xmm1
pxor xmm2, xmm7
pxor xmm4, xmm2
-L_AES_GCM_decrypt_calc_iv_done:
+L_AES_GCM_decrypt_aesni_calc_iv_done:
; T = Encrypt counter
pxor xmm0, xmm0
shl edx, 3
@@ -2278,28 +2308,28 @@ L_AES_GCM_decrypt_calc_iv_done:
aesenc xmm8, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last:
aesenclast xmm8, xmm9
movdqu [rsp+144], xmm8
-L_AES_GCM_decrypt_iv_done:
+L_AES_GCM_decrypt_aesni_iv_done:
; Additional authentication data
mov edx, r11d
cmp edx, 0
- je L_AES_GCM_decrypt_calc_aad_done
+ je L_AES_GCM_decrypt_aesni_calc_aad_done
xor ecx, ecx
cmp edx, 16
- jl L_AES_GCM_decrypt_calc_aad_lt16
+ jl L_AES_GCM_decrypt_aesni_calc_aad_lt16
and edx, 4294967280
-L_AES_GCM_decrypt_calc_aad_16_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_16_loop:
movdqu xmm8, [r12+rcx]
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
pxor xmm6, xmm8
@@ -2359,22 +2389,22 @@ L_AES_GCM_decrypt_calc_aad_16_loop:
pxor xmm6, xmm2
add ecx, 16
cmp ecx, edx
- jl L_AES_GCM_decrypt_calc_aad_16_loop
+ jl L_AES_GCM_decrypt_aesni_calc_aad_16_loop
mov edx, r11d
cmp ecx, edx
- je L_AES_GCM_decrypt_calc_aad_done
-L_AES_GCM_decrypt_calc_aad_lt16:
+ je L_AES_GCM_decrypt_aesni_calc_aad_done
+L_AES_GCM_decrypt_aesni_calc_aad_lt16:
sub rsp, 16
pxor xmm8, xmm8
xor ebx, ebx
movdqu [rsp], xmm8
-L_AES_GCM_decrypt_calc_aad_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_loop:
movzx r13d, BYTE PTR [r12+rcx]
mov BYTE PTR [rsp+rbx], r13b
inc ecx
inc ebx
cmp ecx, edx
- jl L_AES_GCM_decrypt_calc_aad_loop
+ jl L_AES_GCM_decrypt_aesni_calc_aad_loop
movdqu xmm8, [rsp]
add rsp, 16
pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -2433,7 +2463,7 @@ L_AES_GCM_decrypt_calc_aad_loop:
pxor xmm2, xmm1
pxor xmm2, xmm7
pxor xmm6, xmm2
-L_AES_GCM_decrypt_calc_aad_done:
+L_AES_GCM_decrypt_aesni_calc_aad_done:
; Calculate counter and H
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_epi64
movdqa xmm9, xmm5
@@ -2451,7 +2481,7 @@ L_AES_GCM_decrypt_calc_aad_done:
xor ebx, ebx
cmp r9d, 128
mov r13d, r9d
- jl L_AES_GCM_decrypt_done_128
+ jl L_AES_GCM_decrypt_aesni_done_128
and r13d, 4294967168
movdqa xmm2, xmm6
; H ^ 1
@@ -2750,7 +2780,7 @@ L_AES_GCM_decrypt_calc_aad_done:
pxor xmm14, xmm8
pxor xmm7, xmm14
movdqu [rsp+112], xmm7
-L_AES_GCM_decrypt_ghash_128:
+L_AES_GCM_decrypt_aesni_ghash_128:
lea rcx, QWORD PTR [rdi+rbx]
lea rdx, QWORD PTR [rsi+rbx]
movdqu xmm8, [rsp+128]
@@ -3018,7 +3048,7 @@ L_AES_GCM_decrypt_ghash_128:
pxor xmm2, xmm3
cmp r10d, 11
movdqa xmm7, OWORD PTR [r15+160]
- jl L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
aesenc xmm8, xmm7
aesenc xmm9, xmm7
aesenc xmm10, xmm7
@@ -3038,7 +3068,7 @@ L_AES_GCM_decrypt_ghash_128:
aesenc xmm15, xmm7
cmp r10d, 13
movdqa xmm7, OWORD PTR [r15+192]
- jl L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+ jl L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
aesenc xmm8, xmm7
aesenc xmm9, xmm7
aesenc xmm10, xmm7
@@ -3057,7 +3087,7 @@ L_AES_GCM_decrypt_ghash_128:
aesenc xmm14, xmm7
aesenc xmm15, xmm7
movdqa xmm7, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done:
aesenclast xmm8, xmm7
aesenclast xmm9, xmm7
movdqu xmm0, [rcx]
@@ -3092,18 +3122,18 @@ L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
movdqu [rdx+112], xmm15
add ebx, 128
cmp ebx, r13d
- jl L_AES_GCM_decrypt_ghash_128
+ jl L_AES_GCM_decrypt_aesni_ghash_128
movdqa xmm6, xmm2
movdqu xmm5, [rsp]
-L_AES_GCM_decrypt_done_128:
+L_AES_GCM_decrypt_aesni_done_128:
mov edx, r9d
cmp ebx, edx
- jge L_AES_GCM_decrypt_done_dec
+ jge L_AES_GCM_decrypt_aesni_done_dec
mov r13d, r9d
and r13d, 4294967280
cmp ebx, r13d
- jge L_AES_GCM_decrypt_last_block_done
-L_AES_GCM_decrypt_last_block_start:
+ jge L_AES_GCM_decrypt_aesni_last_block_done
+L_AES_GCM_decrypt_aesni_last_block_start:
lea rcx, QWORD PTR [rdi+rbx]
lea rdx, QWORD PTR [rsi+rbx]
movdqu xmm1, [rcx]
@@ -3152,28 +3182,28 @@ L_AES_GCM_decrypt_last_block_start:
pxor xmm6, xmm3
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_decrypt_aesenc_gfmul_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_decrypt_aesenc_gfmul_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
aesenc xmm8, xmm9
aesenc xmm8, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_aesenc_gfmul_last:
+L_AES_GCM_decrypt_aesni_aesenc_gfmul_last:
aesenclast xmm8, xmm9
movdqu xmm9, [rcx]
pxor xmm8, xmm9
movdqu [rdx], xmm8
add ebx, 16
cmp ebx, r13d
- jl L_AES_GCM_decrypt_last_block_start
-L_AES_GCM_decrypt_last_block_done:
+ jl L_AES_GCM_decrypt_aesni_last_block_start
+L_AES_GCM_decrypt_aesni_last_block_done:
mov ecx, r9d
mov edx, ecx
and ecx, 15
- jz L_AES_GCM_decrypt_aesenc_last15_dec_avx_done
+ jz L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done
movdqu xmm4, [rsp+128]
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_epi64
pxor xmm4, [r15]
@@ -3188,23 +3218,23 @@ L_AES_GCM_decrypt_last_block_done:
aesenc xmm4, [r15+144]
cmp r10d, 11
movdqa xmm9, OWORD PTR [r15+160]
- jl L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
aesenc xmm4, xmm9
aesenc xmm4, [r15+176]
cmp r10d, 13
movdqa xmm9, OWORD PTR [r15+192]
- jl L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+ jl L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
aesenc xmm4, xmm9
aesenc xmm4, [r15+208]
movdqa xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last:
aesenclast xmm4, xmm9
sub rsp, 32
xor ecx, ecx
movdqu [rsp], xmm4
pxor xmm0, xmm0
movdqu [rsp+16], xmm0
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop:
movzx r13d, BYTE PTR [rdi+rbx]
mov BYTE PTR [rsp+rcx+16], r13b
xor r13b, BYTE PTR [rsp+rcx]
@@ -3212,7 +3242,7 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
inc ebx
inc ecx
cmp ebx, edx
- jl L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop
+ jl L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop
movdqu xmm4, [rsp+16]
add rsp, 32
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_mask
@@ -3257,8 +3287,8 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
pxor xmm14, xmm13
pxor xmm14, xmm8
pxor xmm6, xmm14
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_done:
-L_AES_GCM_decrypt_done_dec:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done:
+L_AES_GCM_decrypt_aesni_done_dec:
mov edx, r9d
mov ecx, r11d
shl rdx, 3
@@ -3310,24 +3340,24 @@ L_AES_GCM_decrypt_done_dec:
movdqu xmm0, [rsp+144]
pxor xmm0, xmm6
cmp r14d, 16
- je L_AES_GCM_decrypt_cmp_tag_16
+ je L_AES_GCM_decrypt_aesni_cmp_tag_16
sub rsp, 16
xor rcx, rcx
xor rbx, rbx
movdqu [rsp], xmm0
-L_AES_GCM_decrypt_cmp_tag_loop:
+L_AES_GCM_decrypt_aesni_cmp_tag_loop:
movzx r13d, BYTE PTR [rsp+rcx]
xor r13b, BYTE PTR [r8+rcx]
or bl, r13b
inc ecx
cmp ecx, r14d
- jne L_AES_GCM_decrypt_cmp_tag_loop
+ jne L_AES_GCM_decrypt_aesni_cmp_tag_loop
cmp rbx, 0
sete bl
add rsp, 16
xor rcx, rcx
- jmp L_AES_GCM_decrypt_cmp_tag_done
-L_AES_GCM_decrypt_cmp_tag_16:
+ jmp L_AES_GCM_decrypt_aesni_cmp_tag_done
+L_AES_GCM_decrypt_aesni_cmp_tag_16:
movdqu xmm1, [r8]
pcmpeqb xmm0, xmm1
pmovmskb rdx, xmm0
@@ -3335,9 +3365,19 @@ L_AES_GCM_decrypt_cmp_tag_16:
xor ebx, ebx
cmp edx, 65535
sete bl
-L_AES_GCM_decrypt_cmp_tag_done:
+L_AES_GCM_decrypt_aesni_cmp_tag_done:
mov DWORD PTR [rbp], ebx
- add rsp, 168
+ movdqu xmm6, [rsp+168]
+ movdqu xmm7, [rsp+184]
+ movdqu xmm8, [rsp+200]
+ movdqu xmm9, [rsp+216]
+ movdqu xmm10, [rsp+232]
+ movdqu xmm11, [rsp+248]
+ movdqu xmm12, [rsp+264]
+ movdqu xmm13, [rsp+280]
+ movdqu xmm14, [rsp+296]
+ movdqu xmm15, [rsp+312]
+ add rsp, 328
pop rbp
pop r15
pop r14
@@ -3347,7 +3387,7 @@ L_AES_GCM_decrypt_cmp_tag_done:
pop rdi
pop r13
ret
-AES_GCM_decrypt ENDP
+AES_GCM_decrypt_aesni ENDP
_text ENDS
_text SEGMENT READONLY PARA
AES_GCM_init_aesni PROC
@@ -3363,7 +3403,11 @@ AES_GCM_init_aesni PROC
mov rax, QWORD PTR [rsp+80]
mov r8, QWORD PTR [rsp+88]
mov r9, QWORD PTR [rsp+96]
- sub rsp, 16
+ sub rsp, 80
+ movdqu [rsp+16], xmm6
+ movdqu [rsp+32], xmm7
+ movdqu [rsp+48], xmm8
+ movdqu [rsp+64], xmm15
pxor xmm4, xmm4
mov edx, r11d
cmp edx, 12
@@ -3378,53 +3422,53 @@ AES_GCM_init_aesni PROC
movdqa xmm1, xmm4
movdqa xmm5, OWORD PTR [rdi]
pxor xmm1, xmm5
- movdqa xmm7, OWORD PTR [rdi+16]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+32]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+48]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+64]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+80]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+96]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+112]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+128]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+144]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
+ movdqa xmm6, OWORD PTR [rdi+16]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+32]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+48]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+64]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+80]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+96]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+112]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+128]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+144]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
cmp esi, 11
- movdqa xmm7, OWORD PTR [rdi+160]
+ movdqa xmm6, OWORD PTR [rdi+160]
jl L_AES_GCM_init_aesni_calc_iv_12_last
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+176]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+176]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
cmp esi, 13
- movdqa xmm7, OWORD PTR [rdi+192]
+ movdqa xmm6, OWORD PTR [rdi+192]
jl L_AES_GCM_init_aesni_calc_iv_12_last
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+208]
- aesenc xmm5, xmm7
- aesenc xmm1, xmm7
- movdqa xmm7, OWORD PTR [rdi+224]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+208]
+ aesenc xmm5, xmm6
+ aesenc xmm1, xmm6
+ movdqa xmm6, OWORD PTR [rdi+224]
L_AES_GCM_init_aesni_calc_iv_12_last:
- aesenclast xmm5, xmm7
- aesenclast xmm1, xmm7
+ aesenclast xmm5, xmm6
+ aesenclast xmm1, xmm6
pshufb xmm5, OWORD PTR L_aes_gcm_bswap_mask
movdqu xmm15, xmm1
jmp L_AES_GCM_init_aesni_iv_done
@@ -3442,18 +3486,18 @@ L_AES_GCM_init_aesni_iv_not_12:
aesenc xmm5, [rdi+128]
aesenc xmm5, [rdi+144]
cmp esi, 11
- movdqa xmm9, OWORD PTR [rdi+160]
+ movdqa xmm8, OWORD PTR [rdi+160]
jl L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
- aesenc xmm5, xmm9
+ aesenc xmm5, xmm8
aesenc xmm5, [rdi+176]
cmp esi, 13
- movdqa xmm9, OWORD PTR [rdi+192]
+ movdqa xmm8, OWORD PTR [rdi+192]
jl L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
- aesenc xmm5, xmm9
+ aesenc xmm5, xmm8
aesenc xmm5, [rdi+208]
- movdqa xmm9, OWORD PTR [rdi+224]
+ movdqa xmm8, OWORD PTR [rdi+224]
L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
- aesenclast xmm5, xmm9
+ aesenclast xmm5, xmm8
pshufb xmm5, OWORD PTR L_aes_gcm_bswap_mask
; Calc counter
; Initialization vector
@@ -3464,9 +3508,9 @@ L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
jl L_AES_GCM_init_aesni_calc_iv_lt16
and edx, 4294967280
L_AES_GCM_init_aesni_calc_iv_16_loop:
- movdqu xmm8, [r10+rcx]
- pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
- pxor xmm4, xmm8
+ movdqu xmm7, [r10+rcx]
+ pshufb xmm7, OWORD PTR L_aes_gcm_bswap_mask
+ pxor xmm4, xmm7
pshufd xmm1, xmm4, 78
pshufd xmm2, xmm5, 78
movdqa xmm3, xmm5
@@ -3479,28 +3523,28 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
pxor xmm1, xmm0
pxor xmm1, xmm3
movdqa xmm2, xmm1
- movdqa xmm7, xmm0
+ movdqa xmm6, xmm0
movdqa xmm4, xmm3
pslldq xmm2, 8
psrldq xmm1, 8
- pxor xmm7, xmm2
+ pxor xmm6, xmm2
pxor xmm4, xmm1
- movdqa xmm0, xmm7
+ movdqa xmm0, xmm6
movdqa xmm1, xmm4
psrld xmm0, 31
psrld xmm1, 31
- pslld xmm7, 1
+ pslld xmm6, 1
pslld xmm4, 1
movdqa xmm2, xmm0
pslldq xmm0, 4
psrldq xmm2, 12
pslldq xmm1, 4
por xmm4, xmm2
- por xmm7, xmm0
+ por xmm6, xmm0
por xmm4, xmm1
- movdqa xmm0, xmm7
- movdqa xmm1, xmm7
- movdqa xmm2, xmm7
+ movdqa xmm0, xmm6
+ movdqa xmm1, xmm6
+ movdqa xmm2, xmm6
pslld xmm0, 31
pslld xmm1, 30
pslld xmm2, 25
@@ -3509,17 +3553,17 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
movdqa xmm1, xmm0
psrldq xmm1, 4
pslldq xmm0, 12
- pxor xmm7, xmm0
- movdqa xmm2, xmm7
- movdqa xmm3, xmm7
- movdqa xmm0, xmm7
+ pxor xmm6, xmm0
+ movdqa xmm2, xmm6
+ movdqa xmm3, xmm6
+ movdqa xmm0, xmm6
psrld xmm2, 1
psrld xmm3, 2
psrld xmm0, 7
pxor xmm2, xmm3
pxor xmm2, xmm0
pxor xmm2, xmm1
- pxor xmm2, xmm7
+ pxor xmm2, xmm6
pxor xmm4, xmm2
add ecx, 16
cmp ecx, edx
@@ -3529,9 +3573,9 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
je L_AES_GCM_init_aesni_calc_iv_done
L_AES_GCM_init_aesni_calc_iv_lt16:
sub rsp, 16
- pxor xmm8, xmm8
+ pxor xmm7, xmm7
xor r13d, r13d
- movdqu [rsp], xmm8
+ movdqu [rsp], xmm7
L_AES_GCM_init_aesni_calc_iv_loop:
movzx r12d, BYTE PTR [r10+rcx]
mov BYTE PTR [rsp+r13], r12b
@@ -3539,10 +3583,10 @@ L_AES_GCM_init_aesni_calc_iv_loop:
inc r13d
cmp ecx, edx
jl L_AES_GCM_init_aesni_calc_iv_loop
- movdqu xmm8, [rsp]
+ movdqu xmm7, [rsp]
add rsp, 16
- pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
- pxor xmm4, xmm8
+ pshufb xmm7, OWORD PTR L_aes_gcm_bswap_mask
+ pxor xmm4, xmm7
pshufd xmm1, xmm4, 78
pshufd xmm2, xmm5, 78
movdqa xmm3, xmm5
@@ -3555,28 +3599,28 @@ L_AES_GCM_init_aesni_calc_iv_loop:
pxor xmm1, xmm0
pxor xmm1, xmm3
movdqa xmm2, xmm1
- movdqa xmm7, xmm0
+ movdqa xmm6, xmm0
movdqa xmm4, xmm3
pslldq xmm2, 8
psrldq xmm1, 8
- pxor xmm7, xmm2
+ pxor xmm6, xmm2
pxor xmm4, xmm1
- movdqa xmm0, xmm7
+ movdqa xmm0, xmm6
movdqa xmm1, xmm4
psrld xmm0, 31
psrld xmm1, 31
- pslld xmm7, 1
+ pslld xmm6, 1
pslld xmm4, 1
movdqa xmm2, xmm0
pslldq xmm0, 4
psrldq xmm2, 12
pslldq xmm1, 4
por xmm4, xmm2
- por xmm7, xmm0
+ por xmm6, xmm0
por xmm4, xmm1
- movdqa xmm0, xmm7
- movdqa xmm1, xmm7
- movdqa xmm2, xmm7
+ movdqa xmm0, xmm6
+ movdqa xmm1, xmm6
+ movdqa xmm2, xmm6
pslld xmm0, 31
pslld xmm1, 30
pslld xmm2, 25
@@ -3585,17 +3629,17 @@ L_AES_GCM_init_aesni_calc_iv_loop:
movdqa xmm1, xmm0
psrldq xmm1, 4
pslldq xmm0, 12
- pxor xmm7, xmm0
- movdqa xmm2, xmm7
- movdqa xmm3, xmm7
- movdqa xmm0, xmm7
+ pxor xmm6, xmm0
+ movdqa xmm2, xmm6
+ movdqa xmm3, xmm6
+ movdqa xmm0, xmm6
psrld xmm2, 1
psrld xmm3, 2
psrld xmm0, 7
pxor xmm2, xmm3
pxor xmm2, xmm0
pxor xmm2, xmm1
- pxor xmm2, xmm7
+ pxor xmm2, xmm6
pxor xmm4, xmm2
L_AES_GCM_init_aesni_calc_iv_done:
; T = Encrypt counter
@@ -3615,28 +3659,28 @@ L_AES_GCM_init_aesni_calc_iv_done:
pxor xmm1, xmm0
pxor xmm1, xmm3
movdqa xmm2, xmm1
- movdqa xmm7, xmm0
+ movdqa xmm6, xmm0
movdqa xmm4, xmm3
pslldq xmm2, 8
psrldq xmm1, 8
- pxor xmm7, xmm2
+ pxor xmm6, xmm2
pxor xmm4, xmm1
- movdqa xmm0, xmm7
+ movdqa xmm0, xmm6
movdqa xmm1, xmm4
psrld xmm0, 31
psrld xmm1, 31
- pslld xmm7, 1
+ pslld xmm6, 1
pslld xmm4, 1
movdqa xmm2, xmm0
pslldq xmm0, 4
psrldq xmm2, 12
pslldq xmm1, 4
por xmm4, xmm2
- por xmm7, xmm0
+ por xmm6, xmm0
por xmm4, xmm1
- movdqa xmm0, xmm7
- movdqa xmm1, xmm7
- movdqa xmm2, xmm7
+ movdqa xmm0, xmm6
+ movdqa xmm1, xmm6
+ movdqa xmm2, xmm6
pslld xmm0, 31
pslld xmm1, 30
pslld xmm2, 25
@@ -3645,52 +3689,56 @@ L_AES_GCM_init_aesni_calc_iv_done:
movdqa xmm1, xmm0
psrldq xmm1, 4
pslldq xmm0, 12
- pxor xmm7, xmm0
- movdqa xmm2, xmm7
- movdqa xmm3, xmm7
- movdqa xmm0, xmm7
+ pxor xmm6, xmm0
+ movdqa xmm2, xmm6
+ movdqa xmm3, xmm6
+ movdqa xmm0, xmm6
psrld xmm2, 1
psrld xmm3, 2
psrld xmm0, 7
pxor xmm2, xmm3
pxor xmm2, xmm0
pxor xmm2, xmm1
- pxor xmm2, xmm7
+ pxor xmm2, xmm6
pxor xmm4, xmm2
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_mask
; Encrypt counter
- movdqa xmm8, OWORD PTR [rdi]
- pxor xmm8, xmm4
- aesenc xmm8, [rdi+16]
- aesenc xmm8, [rdi+32]
- aesenc xmm8, [rdi+48]
- aesenc xmm8, [rdi+64]
- aesenc xmm8, [rdi+80]
- aesenc xmm8, [rdi+96]
- aesenc xmm8, [rdi+112]
- aesenc xmm8, [rdi+128]
- aesenc xmm8, [rdi+144]
+ movdqa xmm7, OWORD PTR [rdi]
+ pxor xmm7, xmm4
+ aesenc xmm7, [rdi+16]
+ aesenc xmm7, [rdi+32]
+ aesenc xmm7, [rdi+48]
+ aesenc xmm7, [rdi+64]
+ aesenc xmm7, [rdi+80]
+ aesenc xmm7, [rdi+96]
+ aesenc xmm7, [rdi+112]
+ aesenc xmm7, [rdi+128]
+ aesenc xmm7, [rdi+144]
cmp esi, 11
- movdqa xmm9, OWORD PTR [rdi+160]
+ movdqa xmm8, OWORD PTR [rdi+160]
jl L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
- aesenc xmm8, xmm9
- aesenc xmm8, [rdi+176]
+ aesenc xmm7, xmm8
+ aesenc xmm7, [rdi+176]
cmp esi, 13
- movdqa xmm9, OWORD PTR [rdi+192]
+ movdqa xmm8, OWORD PTR [rdi+192]
jl L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
- aesenc xmm8, xmm9
- aesenc xmm8, [rdi+208]
- movdqa xmm9, OWORD PTR [rdi+224]
+ aesenc xmm7, xmm8
+ aesenc xmm7, [rdi+208]
+ movdqa xmm8, OWORD PTR [rdi+224]
L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last:
- aesenclast xmm8, xmm9
- movdqu xmm15, xmm8
+ aesenclast xmm7, xmm8
+ movdqu xmm15, xmm7
L_AES_GCM_init_aesni_iv_done:
movdqa OWORD PTR [r9], xmm15
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_epi64
paddd xmm4, OWORD PTR L_aes_gcm_one
movdqa OWORD PTR [rax], xmm5
movdqa OWORD PTR [r8], xmm4
- add rsp, 16
+ movdqu xmm6, [rsp+16]
+ movdqu xmm7, [rsp+32]
+ movdqu xmm8, [rsp+48]
+ movdqu xmm15, [rsp+64]
+ add rsp, 80
pop r14
pop r13
pop r12
@@ -3702,13 +3750,16 @@ _text ENDS
_text SEGMENT READONLY PARA
AES_GCM_aad_update_aesni PROC
mov rax, rcx
+ sub rsp, 32
+ movdqu [rsp], xmm6
+ movdqu [rsp+16], xmm7
movdqa xmm5, OWORD PTR [r8]
movdqa xmm6, OWORD PTR [r9]
xor ecx, ecx
L_AES_GCM_aad_update_aesni_16_loop:
- movdqu xmm8, [rax+rcx]
- pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
- pxor xmm5, xmm8
+ movdqu xmm7, [rax+rcx]
+ pshufb xmm7, OWORD PTR L_aes_gcm_bswap_mask
+ pxor xmm5, xmm7
pshufd xmm1, xmm5, 78
pshufd xmm2, xmm6, 78
movdqa xmm3, xmm6
@@ -3767,6 +3818,9 @@ L_AES_GCM_aad_update_aesni_16_loop:
cmp ecx, edx
jl L_AES_GCM_aad_update_aesni_16_loop
movdqa OWORD PTR [r8], xmm5
+ movdqu xmm6, [rsp]
+ movdqu xmm7, [rsp+16]
+ add rsp, 32
ret
AES_GCM_aad_update_aesni ENDP
_text ENDS
@@ -3775,48 +3829,51 @@ AES_GCM_encrypt_block_aesni PROC
mov r10, r8
mov r11, r9
mov rax, QWORD PTR [rsp+40]
- movdqu xmm8, [rax]
- movdqa xmm9, xmm8
- pshufb xmm8, OWORD PTR L_aes_gcm_bswap_epi64
- paddd xmm9, OWORD PTR L_aes_gcm_one
- pxor xmm8, [rcx]
- movdqu [rax], xmm9
- aesenc xmm8, [rcx+16]
- aesenc xmm8, [rcx+32]
- aesenc xmm8, [rcx+48]
- aesenc xmm8, [rcx+64]
- aesenc xmm8, [rcx+80]
- aesenc xmm8, [rcx+96]
- aesenc xmm8, [rcx+112]
- aesenc xmm8, [rcx+128]
- aesenc xmm8, [rcx+144]
+ movdqu xmm0, [rax]
+ movdqa xmm1, xmm0
+ pshufb xmm0, OWORD PTR L_aes_gcm_bswap_epi64
+ paddd xmm1, OWORD PTR L_aes_gcm_one
+ pxor xmm0, [rcx]
+ movdqu [rax], xmm1
+ aesenc xmm0, [rcx+16]
+ aesenc xmm0, [rcx+32]
+ aesenc xmm0, [rcx+48]
+ aesenc xmm0, [rcx+64]
+ aesenc xmm0, [rcx+80]
+ aesenc xmm0, [rcx+96]
+ aesenc xmm0, [rcx+112]
+ aesenc xmm0, [rcx+128]
+ aesenc xmm0, [rcx+144]
cmp edx, 11
- movdqa xmm9, OWORD PTR [rcx+160]
+ movdqa xmm1, OWORD PTR [rcx+160]
jl L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
- aesenc xmm8, xmm9
- aesenc xmm8, [rcx+176]
+ aesenc xmm0, xmm1
+ aesenc xmm0, [rcx+176]
cmp edx, 13
- movdqa xmm9, OWORD PTR [rcx+192]
+ movdqa xmm1, OWORD PTR [rcx+192]
jl L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
- aesenc xmm8, xmm9
- aesenc xmm8, [rcx+208]
- movdqa xmm9, OWORD PTR [rcx+224]
+ aesenc xmm0, xmm1
+ aesenc xmm0, [rcx+208]
+ movdqa xmm1, OWORD PTR [rcx+224]
L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last:
- aesenclast xmm8, xmm9
- movdqu xmm9, [r11]
- pxor xmm8, xmm9
- movdqu [r10], xmm8
- pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
+ aesenclast xmm0, xmm1
+ movdqu xmm1, [r11]
+ pxor xmm0, xmm1
+ movdqu [r10], xmm0
+ pshufb xmm0, OWORD PTR L_aes_gcm_bswap_mask
ret
AES_GCM_encrypt_block_aesni ENDP
_text ENDS
_text SEGMENT READONLY PARA
AES_GCM_ghash_block_aesni PROC
+ sub rsp, 32
+ movdqu [rsp], xmm6
+ movdqu [rsp+16], xmm7
movdqa xmm4, OWORD PTR [rdx]
movdqa xmm5, OWORD PTR [r8]
- movdqu xmm8, [rcx]
- pshufb xmm8, OWORD PTR L_aes_gcm_bswap_mask
- pxor xmm4, xmm8
+ movdqu xmm7, [rcx]
+ pshufb xmm7, OWORD PTR L_aes_gcm_bswap_mask
+ pxor xmm4, xmm7
pshufd xmm1, xmm4, 78
pshufd xmm2, xmm5, 78
movdqa xmm3, xmm5
@@ -3872,6 +3929,9 @@ AES_GCM_ghash_block_aesni PROC
pxor xmm2, xmm6
pxor xmm4, xmm2
movdqa OWORD PTR [rdx], xmm4
+ movdqu xmm6, [rsp]
+ movdqu xmm7, [rsp+16]
+ add rsp, 32
ret
AES_GCM_ghash_block_aesni ENDP
_text ENDS
@@ -3890,7 +3950,17 @@ AES_GCM_encrypt_update_aesni PROC
mov r12, QWORD PTR [rsp+88]
mov r14, QWORD PTR [rsp+96]
mov r15, QWORD PTR [rsp+104]
- sub rsp, 160
+ sub rsp, 320
+ movdqu [rsp+160], xmm6
+ movdqu [rsp+176], xmm7
+ movdqu [rsp+192], xmm8
+ movdqu [rsp+208], xmm9
+ movdqu [rsp+224], xmm10
+ movdqu [rsp+240], xmm11
+ movdqu [rsp+256], xmm12
+ movdqu [rsp+272], xmm13
+ movdqu [rsp+288], xmm14
+ movdqu [rsp+304], xmm15
movdqa xmm6, OWORD PTR [r12]
movdqa xmm5, OWORD PTR [r14]
movdqa xmm9, xmm5
@@ -5085,7 +5155,17 @@ L_AES_GCM_encrypt_update_aesni_last_block_ghash:
L_AES_GCM_encrypt_update_aesni_last_block_done:
L_AES_GCM_encrypt_update_aesni_done_enc:
movdqa OWORD PTR [r12], xmm6
- add rsp, 160
+ movdqu xmm6, [rsp+160]
+ movdqu xmm7, [rsp+176]
+ movdqu xmm8, [rsp+192]
+ movdqu xmm9, [rsp+208]
+ movdqu xmm10, [rsp+224]
+ movdqu xmm11, [rsp+240]
+ movdqu xmm12, [rsp+256]
+ movdqu xmm13, [rsp+272]
+ movdqu xmm14, [rsp+288]
+ movdqu xmm15, [rsp+304]
+ add rsp, 320
pop rdi
pop r15
pop r14
@@ -5105,20 +5185,28 @@ AES_GCM_encrypt_final_aesni PROC
mov r11d, DWORD PTR [rsp+64]
mov r12, QWORD PTR [rsp+72]
mov r14, QWORD PTR [rsp+80]
- sub rsp, 16
+ sub rsp, 144
+ movdqu [rsp+16], xmm6
+ movdqu [rsp+32], xmm7
+ movdqu [rsp+48], xmm8
+ movdqu [rsp+64], xmm9
+ movdqu [rsp+80], xmm10
+ movdqu [rsp+96], xmm11
+ movdqu [rsp+112], xmm12
+ movdqu [rsp+128], xmm13
movdqa xmm4, OWORD PTR [rax]
movdqa xmm5, OWORD PTR [r12]
movdqa xmm6, OWORD PTR [r14]
- movdqa xmm9, xmm5
movdqa xmm8, xmm5
- psrlq xmm9, 63
- psllq xmm8, 1
- pslldq xmm9, 8
- por xmm8, xmm9
+ movdqa xmm7, xmm5
+ psrlq xmm8, 63
+ psllq xmm7, 1
+ pslldq xmm8, 8
+ por xmm7, xmm8
pshufd xmm5, xmm5, 255
psrad xmm5, 31
pand xmm5, OWORD PTR L_aes_gcm_mod2_128
- pxor xmm5, xmm8
+ pxor xmm5, xmm7
mov edx, r10d
mov ecx, r11d
shl rdx, 3
@@ -5126,46 +5214,46 @@ AES_GCM_encrypt_final_aesni PROC
pinsrq xmm0, rdx, 0
pinsrq xmm0, rcx, 1
pxor xmm4, xmm0
- pshufd xmm9, xmm5, 78
- pshufd xmm10, xmm4, 78
- movdqa xmm11, xmm4
- movdqa xmm8, xmm4
- pclmulqdq xmm11, xmm5, 17
- pclmulqdq xmm8, xmm5, 0
- pxor xmm9, xmm5
- pxor xmm10, xmm4
- pclmulqdq xmm9, xmm10, 0
- pxor xmm9, xmm8
- pxor xmm9, xmm11
- movdqa xmm10, xmm9
- movdqa xmm4, xmm11
- pslldq xmm10, 8
- psrldq xmm9, 8
+ pshufd xmm8, xmm5, 78
+ pshufd xmm9, xmm4, 78
+ movdqa xmm10, xmm4
+ movdqa xmm7, xmm4
+ pclmulqdq xmm10, xmm5, 17
+ pclmulqdq xmm7, xmm5, 0
+ pxor xmm8, xmm5
+ pxor xmm9, xmm4
+ pclmulqdq xmm8, xmm9, 0
+ pxor xmm8, xmm7
pxor xmm8, xmm10
- pxor xmm4, xmm9
- movdqa xmm12, xmm8
- movdqa xmm13, xmm8
- movdqa xmm14, xmm8
- pslld xmm12, 31
- pslld xmm13, 30
- pslld xmm14, 25
- pxor xmm12, xmm13
- pxor xmm12, xmm14
- movdqa xmm13, xmm12
- psrldq xmm13, 4
- pslldq xmm12, 12
- pxor xmm8, xmm12
- movdqa xmm14, xmm8
- movdqa xmm10, xmm8
movdqa xmm9, xmm8
- psrld xmm14, 1
- psrld xmm10, 2
- psrld xmm9, 7
- pxor xmm14, xmm10
- pxor xmm14, xmm9
- pxor xmm14, xmm13
- pxor xmm14, xmm8
- pxor xmm4, xmm14
+ movdqa xmm4, xmm10
+ pslldq xmm9, 8
+ psrldq xmm8, 8
+ pxor xmm7, xmm9
+ pxor xmm4, xmm8
+ movdqa xmm11, xmm7
+ movdqa xmm12, xmm7
+ movdqa xmm13, xmm7
+ pslld xmm11, 31
+ pslld xmm12, 30
+ pslld xmm13, 25
+ pxor xmm11, xmm12
+ pxor xmm11, xmm13
+ movdqa xmm12, xmm11
+ psrldq xmm12, 4
+ pslldq xmm11, 12
+ pxor xmm7, xmm11
+ movdqa xmm13, xmm7
+ movdqa xmm9, xmm7
+ movdqa xmm8, xmm7
+ psrld xmm13, 1
+ psrld xmm9, 2
+ psrld xmm8, 7
+ pxor xmm13, xmm9
+ pxor xmm13, xmm8
+ pxor xmm13, xmm12
+ pxor xmm13, xmm7
+ pxor xmm4, xmm13
pshufb xmm4, OWORD PTR L_aes_gcm_bswap_mask
movdqu xmm0, xmm6
pxor xmm0, xmm4
@@ -5183,7 +5271,15 @@ L_AES_GCM_encrypt_final_aesni_store_tag_loop:
L_AES_GCM_encrypt_final_aesni_store_tag_16:
movdqu [r9], xmm0
L_AES_GCM_encrypt_final_aesni_store_tag_done:
- add rsp, 16
+ movdqu xmm6, [rsp+16]
+ movdqu xmm7, [rsp+32]
+ movdqu xmm8, [rsp+48]
+ movdqu xmm9, [rsp+64]
+ movdqu xmm10, [rsp+80]
+ movdqu xmm11, [rsp+96]
+ movdqu xmm12, [rsp+112]
+ movdqu xmm13, [rsp+128]
+ add rsp, 144
pop r14
pop r12
pop r13
@@ -5206,7 +5302,17 @@ AES_GCM_decrypt_update_aesni PROC
mov r12, QWORD PTR [rsp+96]
mov r14, QWORD PTR [rsp+104]
mov r15, QWORD PTR [rsp+112]
- sub rsp, 168
+ sub rsp, 328
+ movdqu [rsp+168], xmm6
+ movdqu [rsp+184], xmm7
+ movdqu [rsp+200], xmm8
+ movdqu [rsp+216], xmm9
+ movdqu [rsp+232], xmm10
+ movdqu [rsp+248], xmm11
+ movdqu [rsp+264], xmm12
+ movdqu [rsp+280], xmm13
+ movdqu [rsp+296], xmm14
+ movdqu [rsp+312], xmm15
movdqa xmm6, OWORD PTR [r12]
movdqa xmm5, OWORD PTR [r14]
movdqa xmm9, xmm5
@@ -5943,7 +6049,17 @@ L_AES_GCM_decrypt_update_aesni_aesenc_gfmul_last:
L_AES_GCM_decrypt_update_aesni_last_block_done:
L_AES_GCM_decrypt_update_aesni_done_dec:
movdqa OWORD PTR [r12], xmm6
- add rsp, 168
+ movdqu xmm6, [rsp+168]
+ movdqu xmm7, [rsp+184]
+ movdqu xmm8, [rsp+200]
+ movdqu xmm9, [rsp+216]
+ movdqu xmm10, [rsp+232]
+ movdqu xmm11, [rsp+248]
+ movdqu xmm12, [rsp+264]
+ movdqu xmm13, [rsp+280]
+ movdqu xmm14, [rsp+296]
+ movdqu xmm15, [rsp+312]
+ add rsp, 328
pop rsi
pop rdi
pop r15
@@ -5967,20 +6083,29 @@ AES_GCM_decrypt_final_aesni PROC
mov r12, QWORD PTR [rsp+88]
mov r14, QWORD PTR [rsp+96]
mov rbp, QWORD PTR [rsp+104]
- sub rsp, 16
+ sub rsp, 160
+ movdqu [rsp+16], xmm6
+ movdqu [rsp+32], xmm7
+ movdqu [rsp+48], xmm8
+ movdqu [rsp+64], xmm9
+ movdqu [rsp+80], xmm10
+ movdqu [rsp+96], xmm11
+ movdqu [rsp+112], xmm12
+ movdqu [rsp+128], xmm13
+ movdqu [rsp+144], xmm15
movdqa xmm6, OWORD PTR [rax]
movdqa xmm5, OWORD PTR [r12]
movdqa xmm15, OWORD PTR [r14]
- movdqa xmm9, xmm5
movdqa xmm8, xmm5
- psrlq xmm9, 63
- psllq xmm8, 1
- pslldq xmm9, 8
- por xmm8, xmm9
+ movdqa xmm7, xmm5
+ psrlq xmm8, 63
+ psllq xmm7, 1
+ pslldq xmm8, 8
+ por xmm7, xmm8
pshufd xmm5, xmm5, 255
psrad xmm5, 31
pand xmm5, OWORD PTR L_aes_gcm_mod2_128
- pxor xmm5, xmm8
+ pxor xmm5, xmm7
mov edx, r10d
mov ecx, r11d
shl rdx, 3
@@ -5988,46 +6113,46 @@ AES_GCM_decrypt_final_aesni PROC
pinsrq xmm0, rdx, 0
pinsrq xmm0, rcx, 1
pxor xmm6, xmm0
- pshufd xmm9, xmm5, 78
- pshufd xmm10, xmm6, 78
- movdqa xmm11, xmm6
- movdqa xmm8, xmm6
- pclmulqdq xmm11, xmm5, 17
- pclmulqdq xmm8, xmm5, 0
- pxor xmm9, xmm5
- pxor xmm10, xmm6
- pclmulqdq xmm9, xmm10, 0
- pxor xmm9, xmm8
- pxor xmm9, xmm11
- movdqa xmm10, xmm9
- movdqa xmm6, xmm11
- pslldq xmm10, 8
- psrldq xmm9, 8
+ pshufd xmm8, xmm5, 78
+ pshufd xmm9, xmm6, 78
+ movdqa xmm10, xmm6
+ movdqa xmm7, xmm6
+ pclmulqdq xmm10, xmm5, 17
+ pclmulqdq xmm7, xmm5, 0
+ pxor xmm8, xmm5
+ pxor xmm9, xmm6
+ pclmulqdq xmm8, xmm9, 0
+ pxor xmm8, xmm7
pxor xmm8, xmm10
- pxor xmm6, xmm9
- movdqa xmm12, xmm8
- movdqa xmm13, xmm8
- movdqa xmm14, xmm8
- pslld xmm12, 31
- pslld xmm13, 30
- pslld xmm14, 25
- pxor xmm12, xmm13
- pxor xmm12, xmm14
- movdqa xmm13, xmm12
- psrldq xmm13, 4
- pslldq xmm12, 12
- pxor xmm8, xmm12
- movdqa xmm14, xmm8
- movdqa xmm10, xmm8
movdqa xmm9, xmm8
- psrld xmm14, 1
- psrld xmm10, 2
- psrld xmm9, 7
- pxor xmm14, xmm10
- pxor xmm14, xmm9
- pxor xmm14, xmm13
- pxor xmm14, xmm8
- pxor xmm6, xmm14
+ movdqa xmm6, xmm10
+ pslldq xmm9, 8
+ psrldq xmm8, 8
+ pxor xmm7, xmm9
+ pxor xmm6, xmm8
+ movdqa xmm11, xmm7
+ movdqa xmm12, xmm7
+ movdqa xmm13, xmm7
+ pslld xmm11, 31
+ pslld xmm12, 30
+ pslld xmm13, 25
+ pxor xmm11, xmm12
+ pxor xmm11, xmm13
+ movdqa xmm12, xmm11
+ psrldq xmm12, 4
+ pslldq xmm11, 12
+ pxor xmm7, xmm11
+ movdqa xmm13, xmm7
+ movdqa xmm9, xmm7
+ movdqa xmm8, xmm7
+ psrld xmm13, 1
+ psrld xmm9, 2
+ psrld xmm8, 7
+ pxor xmm13, xmm9
+ pxor xmm13, xmm8
+ pxor xmm13, xmm12
+ pxor xmm13, xmm7
+ pxor xmm6, xmm13
pshufb xmm6, OWORD PTR L_aes_gcm_bswap_mask
movdqu xmm0, xmm15
pxor xmm0, xmm6
@@ -6059,7 +6184,16 @@ L_AES_GCM_decrypt_final_aesni_cmp_tag_16:
sete r15b
L_AES_GCM_decrypt_final_aesni_cmp_tag_done:
mov DWORD PTR [rbp], r15d
- add rsp, 16
+ movdqu xmm6, [rsp+16]
+ movdqu xmm7, [rsp+32]
+ movdqu xmm8, [rsp+48]
+ movdqu xmm9, [rsp+64]
+ movdqu xmm10, [rsp+80]
+ movdqu xmm11, [rsp+96]
+ movdqu xmm12, [rsp+112]
+ movdqu xmm13, [rsp+128]
+ movdqu xmm15, [rsp+144]
+ add rsp, 160
pop r15
pop rbp
pop r14
@@ -6144,7 +6278,17 @@ AES_GCM_encrypt_avx1 PROC
mov r14d, DWORD PTR [rsp+128]
mov r15, QWORD PTR [rsp+136]
mov r10d, DWORD PTR [rsp+144]
- sub rsp, 160
+ sub rsp, 320
+ vmovdqu OWORD PTR [rsp+160], xmm6
+ vmovdqu OWORD PTR [rsp+176], xmm7
+ vmovdqu OWORD PTR [rsp+192], xmm8
+ vmovdqu OWORD PTR [rsp+208], xmm9
+ vmovdqu OWORD PTR [rsp+224], xmm10
+ vmovdqu OWORD PTR [rsp+240], xmm11
+ vmovdqu OWORD PTR [rsp+256], xmm12
+ vmovdqu OWORD PTR [rsp+272], xmm13
+ vmovdqu OWORD PTR [rsp+288], xmm14
+ vmovdqu OWORD PTR [rsp+304], xmm15
vpxor xmm4, xmm4, xmm4
vpxor xmm6, xmm6, xmm6
mov edx, ebx
@@ -7692,7 +7836,17 @@ L_AES_GCM_encrypt_avx1_store_tag_16:
vmovdqu OWORD PTR [r8], xmm0
L_AES_GCM_encrypt_avx1_store_tag_done:
vzeroupper
- add rsp, 160
+ vmovdqu xmm6, OWORD PTR [rsp+160]
+ vmovdqu xmm7, OWORD PTR [rsp+176]
+ vmovdqu xmm8, OWORD PTR [rsp+192]
+ vmovdqu xmm9, OWORD PTR [rsp+208]
+ vmovdqu xmm10, OWORD PTR [rsp+224]
+ vmovdqu xmm11, OWORD PTR [rsp+240]
+ vmovdqu xmm12, OWORD PTR [rsp+256]
+ vmovdqu xmm13, OWORD PTR [rsp+272]
+ vmovdqu xmm14, OWORD PTR [rsp+288]
+ vmovdqu xmm15, OWORD PTR [rsp+304]
+ add rsp, 320
pop r15
pop r14
pop rbx
@@ -7725,7 +7879,17 @@ AES_GCM_decrypt_avx1 PROC
mov r15, QWORD PTR [rsp+144]
mov r10d, DWORD PTR [rsp+152]
mov rbp, QWORD PTR [rsp+160]
- sub rsp, 168
+ sub rsp, 328
+ vmovdqu OWORD PTR [rsp+168], xmm6
+ vmovdqu OWORD PTR [rsp+184], xmm7
+ vmovdqu OWORD PTR [rsp+200], xmm8
+ vmovdqu OWORD PTR [rsp+216], xmm9
+ vmovdqu OWORD PTR [rsp+232], xmm10
+ vmovdqu OWORD PTR [rsp+248], xmm11
+ vmovdqu OWORD PTR [rsp+264], xmm12
+ vmovdqu OWORD PTR [rsp+280], xmm13
+ vmovdqu OWORD PTR [rsp+296], xmm14
+ vmovdqu OWORD PTR [rsp+312], xmm15
vpxor xmm4, xmm4, xmm4
vpxor xmm6, xmm6, xmm6
cmp ebx, 12
@@ -8864,7 +9028,17 @@ L_AES_GCM_decrypt_avx1_cmp_tag_16:
L_AES_GCM_decrypt_avx1_cmp_tag_done:
mov DWORD PTR [rbp], ebx
vzeroupper
- add rsp, 168
+ vmovdqu xmm6, OWORD PTR [rsp+168]
+ vmovdqu xmm7, OWORD PTR [rsp+184]
+ vmovdqu xmm8, OWORD PTR [rsp+200]
+ vmovdqu xmm9, OWORD PTR [rsp+216]
+ vmovdqu xmm10, OWORD PTR [rsp+232]
+ vmovdqu xmm11, OWORD PTR [rsp+248]
+ vmovdqu xmm12, OWORD PTR [rsp+264]
+ vmovdqu xmm13, OWORD PTR [rsp+280]
+ vmovdqu xmm14, OWORD PTR [rsp+296]
+ vmovdqu xmm15, OWORD PTR [rsp+312]
+ add rsp, 328
pop rbp
pop r15
pop r14
@@ -8889,7 +9063,11 @@ AES_GCM_init_avx1 PROC
mov rax, QWORD PTR [rsp+72]
mov r8, QWORD PTR [rsp+80]
mov r9, QWORD PTR [rsp+88]
- sub rsp, 16
+ sub rsp, 80
+ vmovdqu OWORD PTR [rsp+16], xmm6
+ vmovdqu OWORD PTR [rsp+32], xmm7
+ vmovdqu OWORD PTR [rsp+48], xmm8
+ vmovdqu OWORD PTR [rsp+64], xmm15
vpxor xmm4, xmm4, xmm4
mov edx, r11d
cmp edx, 12
@@ -8903,53 +9081,53 @@ AES_GCM_init_avx1 PROC
; H = Encrypt X(=0) and T = Encrypt counter
vmovdqa xmm5, OWORD PTR [rdi]
vpxor xmm1, xmm4, xmm5
- vmovdqa xmm7, OWORD PTR [rdi+16]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+32]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+48]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+64]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+80]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+96]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+112]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+128]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+144]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
+ vmovdqa xmm6, OWORD PTR [rdi+16]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+32]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+48]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+64]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+80]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+96]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+112]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+128]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+144]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
cmp esi, 11
- vmovdqa xmm7, OWORD PTR [rdi+160]
+ vmovdqa xmm6, OWORD PTR [rdi+160]
jl L_AES_GCM_init_avx1_calc_iv_12_last
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+176]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+176]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
cmp esi, 13
- vmovdqa xmm7, OWORD PTR [rdi+192]
+ vmovdqa xmm6, OWORD PTR [rdi+192]
jl L_AES_GCM_init_avx1_calc_iv_12_last
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+208]
- vaesenc xmm5, xmm5, xmm7
- vaesenc xmm1, xmm1, xmm7
- vmovdqa xmm7, OWORD PTR [rdi+224]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+208]
+ vaesenc xmm5, xmm5, xmm6
+ vaesenc xmm1, xmm1, xmm6
+ vmovdqa xmm6, OWORD PTR [rdi+224]
L_AES_GCM_init_avx1_calc_iv_12_last:
- vaesenclast xmm5, xmm5, xmm7
- vaesenclast xmm1, xmm1, xmm7
+ vaesenclast xmm5, xmm5, xmm6
+ vaesenclast xmm1, xmm1, xmm6
vpshufb xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_bswap_mask
vmovdqu xmm15, xmm1
jmp L_AES_GCM_init_avx1_iv_done
@@ -8967,18 +9145,18 @@ L_AES_GCM_init_avx1_iv_not_12:
vaesenc xmm5, xmm5, [rdi+128]
vaesenc xmm5, xmm5, [rdi+144]
cmp esi, 11
- vmovdqa xmm9, OWORD PTR [rdi+160]
+ vmovdqa xmm8, OWORD PTR [rdi+160]
jl L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
- vaesenc xmm5, xmm5, xmm9
+ vaesenc xmm5, xmm5, xmm8
vaesenc xmm5, xmm5, [rdi+176]
cmp esi, 13
- vmovdqa xmm9, OWORD PTR [rdi+192]
+ vmovdqa xmm8, OWORD PTR [rdi+192]
jl L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
- vaesenc xmm5, xmm5, xmm9
+ vaesenc xmm5, xmm5, xmm8
vaesenc xmm5, xmm5, [rdi+208]
- vmovdqa xmm9, OWORD PTR [rdi+224]
+ vmovdqa xmm8, OWORD PTR [rdi+224]
L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
- vaesenclast xmm5, xmm5, xmm9
+ vaesenclast xmm5, xmm5, xmm8
vpshufb xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_bswap_mask
; Calc counter
; Initialization vector
@@ -8989,9 +9167,9 @@ L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
jl L_AES_GCM_init_avx1_calc_iv_lt16
and edx, 4294967280
L_AES_GCM_init_avx1_calc_iv_16_loop:
- vmovdqu xmm8, OWORD PTR [r10+rcx]
- vpshufb xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
- vpxor xmm4, xmm4, xmm8
+ vmovdqu xmm7, OWORD PTR [r10+rcx]
+ vpshufb xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+ vpxor xmm4, xmm4, xmm7
; ghash_gfmul_avx
vpshufd xmm1, xmm4, 78
vpshufd xmm2, xmm5, 78
@@ -9002,38 +9180,38 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
vpclmulqdq xmm1, xmm1, xmm2, 0
vpxor xmm1, xmm1, xmm0
vpxor xmm1, xmm1, xmm3
- vmovdqa xmm7, xmm0
+ vmovdqa xmm6, xmm0
vmovdqa xmm4, xmm3
vpslldq xmm2, xmm1, 8
vpsrldq xmm1, xmm1, 8
- vpxor xmm7, xmm7, xmm2
+ vpxor xmm6, xmm6, xmm2
vpxor xmm4, xmm4, xmm1
- vpsrld xmm0, xmm7, 31
+ vpsrld xmm0, xmm6, 31
vpsrld xmm1, xmm4, 31
- vpslld xmm7, xmm7, 1
+ vpslld xmm6, xmm6, 1
vpslld xmm4, xmm4, 1
vpsrldq xmm2, xmm0, 12
vpslldq xmm0, xmm0, 4
vpslldq xmm1, xmm1, 4
vpor xmm4, xmm4, xmm2
- vpor xmm7, xmm7, xmm0
+ vpor xmm6, xmm6, xmm0
vpor xmm4, xmm4, xmm1
- vpslld xmm0, xmm7, 31
- vpslld xmm1, xmm7, 30
- vpslld xmm2, xmm7, 25
+ vpslld xmm0, xmm6, 31
+ vpslld xmm1, xmm6, 30
+ vpslld xmm2, xmm6, 25
vpxor xmm0, xmm0, xmm1
vpxor xmm0, xmm0, xmm2
vmovdqa xmm1, xmm0
vpsrldq xmm1, xmm1, 4
vpslldq xmm0, xmm0, 12
- vpxor xmm7, xmm7, xmm0
- vpsrld xmm2, xmm7, 1
- vpsrld xmm3, xmm7, 2
- vpsrld xmm0, xmm7, 7
+ vpxor xmm6, xmm6, xmm0
+ vpsrld xmm2, xmm6, 1
+ vpsrld xmm3, xmm6, 2
+ vpsrld xmm0, xmm6, 7
vpxor xmm2, xmm2, xmm3
vpxor xmm2, xmm2, xmm0
vpxor xmm2, xmm2, xmm1
- vpxor xmm2, xmm2, xmm7
+ vpxor xmm2, xmm2, xmm6
vpxor xmm4, xmm4, xmm2
add ecx, 16
cmp ecx, edx
@@ -9043,9 +9221,9 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
je L_AES_GCM_init_avx1_calc_iv_done
L_AES_GCM_init_avx1_calc_iv_lt16:
sub rsp, 16
- vpxor xmm8, xmm8, xmm8
+ vpxor xmm7, xmm7, xmm7
xor r13d, r13d
- vmovdqu OWORD PTR [rsp], xmm8
+ vmovdqu OWORD PTR [rsp], xmm7
L_AES_GCM_init_avx1_calc_iv_loop:
movzx r12d, BYTE PTR [r10+rcx]
mov BYTE PTR [rsp+r13], r12b
@@ -9053,10 +9231,10 @@ L_AES_GCM_init_avx1_calc_iv_loop:
inc r13d
cmp ecx, edx
jl L_AES_GCM_init_avx1_calc_iv_loop
- vmovdqu xmm8, OWORD PTR [rsp]
+ vmovdqu xmm7, OWORD PTR [rsp]
add rsp, 16
- vpshufb xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
- vpxor xmm4, xmm4, xmm8
+ vpshufb xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+ vpxor xmm4, xmm4, xmm7
; ghash_gfmul_avx
vpshufd xmm1, xmm4, 78
vpshufd xmm2, xmm5, 78
@@ -9067,38 +9245,38 @@ L_AES_GCM_init_avx1_calc_iv_loop:
vpclmulqdq xmm1, xmm1, xmm2, 0
vpxor xmm1, xmm1, xmm0
vpxor xmm1, xmm1, xmm3
- vmovdqa xmm7, xmm0
+ vmovdqa xmm6, xmm0
vmovdqa xmm4, xmm3
vpslldq xmm2, xmm1, 8
vpsrldq xmm1, xmm1, 8
- vpxor xmm7, xmm7, xmm2
+ vpxor xmm6, xmm6, xmm2
vpxor xmm4, xmm4, xmm1
- vpsrld xmm0, xmm7, 31
+ vpsrld xmm0, xmm6, 31
vpsrld xmm1, xmm4, 31
- vpslld xmm7, xmm7, 1
+ vpslld xmm6, xmm6, 1
vpslld xmm4, xmm4, 1
vpsrldq xmm2, xmm0, 12
vpslldq xmm0, xmm0, 4
vpslldq xmm1, xmm1, 4
vpor xmm4, xmm4, xmm2
- vpor xmm7, xmm7, xmm0
+ vpor xmm6, xmm6, xmm0
vpor xmm4, xmm4, xmm1
- vpslld xmm0, xmm7, 31
- vpslld xmm1, xmm7, 30
- vpslld xmm2, xmm7, 25
+ vpslld xmm0, xmm6, 31
+ vpslld xmm1, xmm6, 30
+ vpslld xmm2, xmm6, 25
vpxor xmm0, xmm0, xmm1
vpxor xmm0, xmm0, xmm2
vmovdqa xmm1, xmm0
vpsrldq xmm1, xmm1, 4
vpslldq xmm0, xmm0, 12
- vpxor xmm7, xmm7, xmm0
- vpsrld xmm2, xmm7, 1
- vpsrld xmm3, xmm7, 2
- vpsrld xmm0, xmm7, 7
+ vpxor xmm6, xmm6, xmm0
+ vpsrld xmm2, xmm6, 1
+ vpsrld xmm3, xmm6, 2
+ vpsrld xmm0, xmm6, 7
vpxor xmm2, xmm2, xmm3
vpxor xmm2, xmm2, xmm0
vpxor xmm2, xmm2, xmm1
- vpxor xmm2, xmm2, xmm7
+ vpxor xmm2, xmm2, xmm6
vpxor xmm4, xmm4, xmm2
L_AES_GCM_init_avx1_calc_iv_done:
; T = Encrypt counter
@@ -9116,66 +9294,66 @@ L_AES_GCM_init_avx1_calc_iv_done:
vpclmulqdq xmm1, xmm1, xmm2, 0
vpxor xmm1, xmm1, xmm0
vpxor xmm1, xmm1, xmm3
- vmovdqa xmm7, xmm0
+ vmovdqa xmm6, xmm0
vmovdqa xmm4, xmm3
vpslldq xmm2, xmm1, 8
vpsrldq xmm1, xmm1, 8
- vpxor xmm7, xmm7, xmm2
+ vpxor xmm6, xmm6, xmm2
vpxor xmm4, xmm4, xmm1
- vpsrld xmm0, xmm7, 31
+ vpsrld xmm0, xmm6, 31
vpsrld xmm1, xmm4, 31
- vpslld xmm7, xmm7, 1
+ vpslld xmm6, xmm6, 1
vpslld xmm4, xmm4, 1
vpsrldq xmm2, xmm0, 12
vpslldq xmm0, xmm0, 4
vpslldq xmm1, xmm1, 4
vpor xmm4, xmm4, xmm2
- vpor xmm7, xmm7, xmm0
+ vpor xmm6, xmm6, xmm0
vpor xmm4, xmm4, xmm1
- vpslld xmm0, xmm7, 31
- vpslld xmm1, xmm7, 30
- vpslld xmm2, xmm7, 25
+ vpslld xmm0, xmm6, 31
+ vpslld xmm1, xmm6, 30
+ vpslld xmm2, xmm6, 25
vpxor xmm0, xmm0, xmm1
vpxor xmm0, xmm0, xmm2
vmovdqa xmm1, xmm0
vpsrldq xmm1, xmm1, 4
vpslldq xmm0, xmm0, 12
- vpxor xmm7, xmm7, xmm0
- vpsrld xmm2, xmm7, 1
- vpsrld xmm3, xmm7, 2
- vpsrld xmm0, xmm7, 7
+ vpxor xmm6, xmm6, xmm0
+ vpsrld xmm2, xmm6, 1
+ vpsrld xmm3, xmm6, 2
+ vpsrld xmm0, xmm6, 7
vpxor xmm2, xmm2, xmm3
vpxor xmm2, xmm2, xmm0
vpxor xmm2, xmm2, xmm1
- vpxor xmm2, xmm2, xmm7
+ vpxor xmm2, xmm2, xmm6
vpxor xmm4, xmm4, xmm2
vpshufb xmm4, xmm4, OWORD PTR L_avx1_aes_gcm_bswap_mask
; Encrypt counter
- vmovdqa xmm8, OWORD PTR [rdi]
- vpxor xmm8, xmm8, xmm4
- vaesenc xmm8, xmm8, [rdi+16]
- vaesenc xmm8, xmm8, [rdi+32]
- vaesenc xmm8, xmm8, [rdi+48]
- vaesenc xmm8, xmm8, [rdi+64]
- vaesenc xmm8, xmm8, [rdi+80]
- vaesenc xmm8, xmm8, [rdi+96]
- vaesenc xmm8, xmm8, [rdi+112]
- vaesenc xmm8, xmm8, [rdi+128]
- vaesenc xmm8, xmm8, [rdi+144]
+ vmovdqa xmm7, OWORD PTR [rdi]
+ vpxor xmm7, xmm7, xmm4
+ vaesenc xmm7, xmm7, [rdi+16]
+ vaesenc xmm7, xmm7, [rdi+32]
+ vaesenc xmm7, xmm7, [rdi+48]
+ vaesenc xmm7, xmm7, [rdi+64]
+ vaesenc xmm7, xmm7, [rdi+80]
+ vaesenc xmm7, xmm7, [rdi+96]
+ vaesenc xmm7, xmm7, [rdi+112]
+ vaesenc xmm7, xmm7, [rdi+128]
+ vaesenc xmm7, xmm7, [rdi+144]
cmp esi, 11
- vmovdqa xmm9, OWORD PTR [rdi+160]
+ vmovdqa xmm8, OWORD PTR [rdi+160]
jl L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
- vaesenc xmm8, xmm8, xmm9
- vaesenc xmm8, xmm8, [rdi+176]
+ vaesenc xmm7, xmm7, xmm8
+ vaesenc xmm7, xmm7, [rdi+176]
cmp esi, 13
- vmovdqa xmm9, OWORD PTR [rdi+192]
+ vmovdqa xmm8, OWORD PTR [rdi+192]
jl L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
- vaesenc xmm8, xmm8, xmm9
- vaesenc xmm8, xmm8, [rdi+208]
- vmovdqa xmm9, OWORD PTR [rdi+224]
+ vaesenc xmm7, xmm7, xmm8
+ vaesenc xmm7, xmm7, [rdi+208]
+ vmovdqa xmm8, OWORD PTR [rdi+224]
L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last:
- vaesenclast xmm8, xmm8, xmm9
- vmovdqu xmm15, xmm8
+ vaesenclast xmm7, xmm7, xmm8
+ vmovdqu xmm15, xmm7
L_AES_GCM_init_avx1_iv_done:
vmovdqa OWORD PTR [r9], xmm15
vpshufb xmm4, xmm4, OWORD PTR L_avx1_aes_gcm_bswap_epi64
@@ -9183,7 +9361,11 @@ L_AES_GCM_init_avx1_iv_done:
vmovdqa OWORD PTR [rax], xmm5
vmovdqa OWORD PTR [r8], xmm4
vzeroupper
- add rsp, 16
+ vmovdqu xmm6, OWORD PTR [rsp+16]
+ vmovdqu xmm7, OWORD PTR [rsp+32]
+ vmovdqu xmm8, OWORD PTR [rsp+48]
+ vmovdqu xmm15, OWORD PTR [rsp+64]
+ add rsp, 80
pop r13
pop r12
pop rsi
@@ -9194,13 +9376,16 @@ _text ENDS
_text SEGMENT READONLY PARA
AES_GCM_aad_update_avx1 PROC
mov rax, rcx
+ sub rsp, 32
+ vmovdqu OWORD PTR [rsp], xmm6
+ vmovdqu OWORD PTR [rsp+16], xmm7
vmovdqa xmm5, OWORD PTR [r8]
vmovdqa xmm6, OWORD PTR [r9]
xor ecx, ecx
L_AES_GCM_aad_update_avx1_16_loop:
- vmovdqu xmm8, OWORD PTR [rax+rcx]
- vpshufb xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
- vpxor xmm5, xmm5, xmm8
+ vmovdqu xmm7, OWORD PTR [rax+rcx]
+ vpshufb xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+ vpxor xmm5, xmm5, xmm7
; ghash_gfmul_avx
vpshufd xmm1, xmm5, 78
vpshufd xmm2, xmm6, 78
@@ -9249,6 +9434,9 @@ L_AES_GCM_aad_update_avx1_16_loop:
jl L_AES_GCM_aad_update_avx1_16_loop
vmovdqa OWORD PTR [r8], xmm5
vzeroupper
+ vmovdqu xmm6, OWORD PTR [rsp]
+ vmovdqu xmm7, OWORD PTR [rsp+16]
+ add rsp, 32
ret
AES_GCM_aad_update_avx1 ENDP
_text ENDS
@@ -9257,48 +9445,51 @@ AES_GCM_encrypt_block_avx1 PROC
mov r10, r8
mov r11, r9
mov rax, QWORD PTR [rsp+40]
- vmovdqu xmm9, OWORD PTR [rax]
- vpshufb xmm8, xmm9, OWORD PTR L_avx1_aes_gcm_bswap_epi64
- vpaddd xmm9, xmm9, OWORD PTR L_avx1_aes_gcm_one
- vmovdqu OWORD PTR [rax], xmm9
- vpxor xmm8, xmm8, [rcx]
- vaesenc xmm8, xmm8, [rcx+16]
- vaesenc xmm8, xmm8, [rcx+32]
- vaesenc xmm8, xmm8, [rcx+48]
- vaesenc xmm8, xmm8, [rcx+64]
- vaesenc xmm8, xmm8, [rcx+80]
- vaesenc xmm8, xmm8, [rcx+96]
- vaesenc xmm8, xmm8, [rcx+112]
- vaesenc xmm8, xmm8, [rcx+128]
- vaesenc xmm8, xmm8, [rcx+144]
+ vmovdqu xmm1, OWORD PTR [rax]
+ vpshufb xmm0, xmm1, OWORD PTR L_avx1_aes_gcm_bswap_epi64
+ vpaddd xmm1, xmm1, OWORD PTR L_avx1_aes_gcm_one
+ vmovdqu OWORD PTR [rax], xmm1
+ vpxor xmm0, xmm0, [rcx]
+ vaesenc xmm0, xmm0, [rcx+16]
+ vaesenc xmm0, xmm0, [rcx+32]
+ vaesenc xmm0, xmm0, [rcx+48]
+ vaesenc xmm0, xmm0, [rcx+64]
+ vaesenc xmm0, xmm0, [rcx+80]
+ vaesenc xmm0, xmm0, [rcx+96]
+ vaesenc xmm0, xmm0, [rcx+112]
+ vaesenc xmm0, xmm0, [rcx+128]
+ vaesenc xmm0, xmm0, [rcx+144]
cmp edx, 11
- vmovdqa xmm9, OWORD PTR [rcx+160]
+ vmovdqa xmm1, OWORD PTR [rcx+160]
jl L_AES_GCM_encrypt_block_avx1_aesenc_block_last
- vaesenc xmm8, xmm8, xmm9
- vaesenc xmm8, xmm8, [rcx+176]
+ vaesenc xmm0, xmm0, xmm1
+ vaesenc xmm0, xmm0, [rcx+176]
cmp edx, 13
- vmovdqa xmm9, OWORD PTR [rcx+192]
+ vmovdqa xmm1, OWORD PTR [rcx+192]
jl L_AES_GCM_encrypt_block_avx1_aesenc_block_last
- vaesenc xmm8, xmm8, xmm9
- vaesenc xmm8, xmm8, [rcx+208]
- vmovdqa xmm9, OWORD PTR [rcx+224]
+ vaesenc xmm0, xmm0, xmm1
+ vaesenc xmm0, xmm0, [rcx+208]
+ vmovdqa xmm1, OWORD PTR [rcx+224]
L_AES_GCM_encrypt_block_avx1_aesenc_block_last:
- vaesenclast xmm8, xmm8, xmm9
- vmovdqu xmm9, OWORD PTR [r11]
- vpxor xmm8, xmm8, xmm9
- vmovdqu OWORD PTR [r10], xmm8
- vpshufb xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
+ vaesenclast xmm0, xmm0, xmm1
+ vmovdqu xmm1, OWORD PTR [r11]
+ vpxor xmm0, xmm0, xmm1
+ vmovdqu OWORD PTR [r10], xmm0
+ vpshufb xmm0, xmm0, OWORD PTR L_avx1_aes_gcm_bswap_mask
vzeroupper
ret
AES_GCM_encrypt_block_avx1 ENDP
_text ENDS
_text SEGMENT READONLY PARA
AES_GCM_ghash_block_avx1 PROC
+ sub rsp, 32
+ vmovdqu OWORD PTR [rsp], xmm6
+ vmovdqu OWORD PTR [rsp+16], xmm7
vmovdqa xmm4, OWORD PTR [rdx]
vmovdqa xmm5, OWORD PTR [r8]
- vmovdqu xmm8, OWORD PTR [rcx]
- vpshufb xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
- vpxor xmm4, xmm4, xmm8
+ vmovdqu xmm7, OWORD PTR [rcx]
+ vpshufb xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+ vpxor xmm4, xmm4, xmm7
; ghash_gfmul_avx
vpshufd xmm1, xmm4, 78
vpshufd xmm2, xmm5, 78
@@ -9344,6 +9535,9 @@ AES_GCM_ghash_block_avx1 PROC
vpxor xmm4, xmm4, xmm2
vmovdqa OWORD PTR [rdx], xmm4
vzeroupper
+ vmovdqu xmm6, OWORD PTR [rsp]
+ vmovdqu xmm7, OWORD PTR [rsp+16]
+ add rsp, 32
ret
AES_GCM_ghash_block_avx1 ENDP
_text ENDS
@@ -9362,7 +9556,17 @@ AES_GCM_encrypt_update_avx1 PROC
mov r12, QWORD PTR [rsp+88]
mov r14, QWORD PTR [rsp+96]
mov r15, QWORD PTR [rsp+104]
- sub rsp, 160
+ sub rsp, 320
+ vmovdqu OWORD PTR [rsp+160], xmm6
+ vmovdqu OWORD PTR [rsp+176], xmm7
+ vmovdqu OWORD PTR [rsp+192], xmm8
+ vmovdqu OWORD PTR [rsp+208], xmm9
+ vmovdqu OWORD PTR [rsp+224], xmm10
+ vmovdqu OWORD PTR [rsp+240], xmm11
+ vmovdqu OWORD PTR [rsp+256], xmm12
+ vmovdqu OWORD PTR [rsp+272], xmm13
+ vmovdqu OWORD PTR [rsp+288], xmm14
+ vmovdqu OWORD PTR [rsp+304], xmm15
vmovdqa xmm6, OWORD PTR [r12]
vmovdqa xmm5, OWORD PTR [r14]
vpsrlq xmm9, xmm5, 63
@@ -10360,7 +10564,17 @@ L_AES_GCM_encrypt_update_avx1_last_block_done:
L_AES_GCM_encrypt_update_avx1_done_enc:
vmovdqa OWORD PTR [r12], xmm6
vzeroupper
- add rsp, 160
+ vmovdqu xmm6, OWORD PTR [rsp+160]
+ vmovdqu xmm7, OWORD PTR [rsp+176]
+ vmovdqu xmm8, OWORD PTR [rsp+192]
+ vmovdqu xmm9, OWORD PTR [rsp+208]
+ vmovdqu xmm10, OWORD PTR [rsp+224]
+ vmovdqu xmm11, OWORD PTR [rsp+240]
+ vmovdqu xmm12, OWORD PTR [rsp+256]
+ vmovdqu xmm13, OWORD PTR [rsp+272]
+ vmovdqu xmm14, OWORD PTR [rsp+288]
+ vmovdqu xmm15, OWORD PTR [rsp+304]
+ add rsp, 320
pop rdi
pop r15
pop r14
@@ -10380,18 +10594,26 @@ AES_GCM_encrypt_final_avx1 PROC
mov r11d, DWORD PTR [rsp+64]
mov r12, QWORD PTR [rsp+72]
mov r14, QWORD PTR [rsp+80]
- sub rsp, 16
+ sub rsp, 144
+ vmovdqu OWORD PTR [rsp+16], xmm6
+ vmovdqu OWORD PTR [rsp+32], xmm7
+ vmovdqu OWORD PTR [rsp+48], xmm8
+ vmovdqu OWORD PTR [rsp+64], xmm9
+ vmovdqu OWORD PTR [rsp+80], xmm10
+ vmovdqu OWORD PTR [rsp+96], xmm11
+ vmovdqu OWORD PTR [rsp+112], xmm12
+ vmovdqu OWORD PTR [rsp+128], xmm13
vmovdqa xmm4, OWORD PTR [rax]
vmovdqa xmm5, OWORD PTR [r12]
vmovdqa xmm6, OWORD PTR [r14]
- vpsrlq xmm9, xmm5, 63
- vpsllq xmm8, xmm5, 1
- vpslldq xmm9, xmm9, 8
- vpor xmm8, xmm8, xmm9
+ vpsrlq xmm8, xmm5, 63
+ vpsllq xmm7, xmm5, 1
+ vpslldq xmm8, xmm8, 8
+ vpor xmm7, xmm7, xmm8
vpshufd xmm5, xmm5, 255
vpsrad xmm5, xmm5, 31
vpand xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_mod2_128
- vpxor xmm5, xmm5, xmm8
+ vpxor xmm5, xmm5, xmm7
mov edx, r10d
mov ecx, r11d
shl rdx, 3
@@ -10401,35 +10623,35 @@ AES_GCM_encrypt_final_avx1 PROC
vpunpcklqdq xmm0, xmm0, xmm1
vpxor xmm4, xmm4, xmm0
; ghash_gfmul_red_avx
- vpshufd xmm9, xmm5, 78
- vpshufd xmm10, xmm4, 78
- vpclmulqdq xmm11, xmm4, xmm5, 17
- vpclmulqdq xmm8, xmm4, xmm5, 0
- vpxor xmm9, xmm9, xmm5
- vpxor xmm10, xmm10, xmm4
- vpclmulqdq xmm9, xmm9, xmm10, 0
- vpxor xmm9, xmm9, xmm8
- vpxor xmm9, xmm9, xmm11
- vpslldq xmm10, xmm9, 8
- vpsrldq xmm9, xmm9, 8
+ vpshufd xmm8, xmm5, 78
+ vpshufd xmm9, xmm4, 78
+ vpclmulqdq xmm10, xmm4, xmm5, 17
+ vpclmulqdq xmm7, xmm4, xmm5, 0
+ vpxor xmm8, xmm8, xmm5
+ vpxor xmm9, xmm9, xmm4
+ vpclmulqdq xmm8, xmm8, xmm9, 0
+ vpxor xmm8, xmm8, xmm7
vpxor xmm8, xmm8, xmm10
- vpxor xmm4, xmm11, xmm9
- vpslld xmm12, xmm8, 31
- vpslld xmm13, xmm8, 30
- vpslld xmm14, xmm8, 25
- vpxor xmm12, xmm12, xmm13
- vpxor xmm12, xmm12, xmm14
- vpsrldq xmm13, xmm12, 4
- vpslldq xmm12, xmm12, 12
- vpxor xmm8, xmm8, xmm12
- vpsrld xmm14, xmm8, 1
- vpsrld xmm10, xmm8, 2
- vpsrld xmm9, xmm8, 7
- vpxor xmm14, xmm14, xmm10
- vpxor xmm14, xmm14, xmm9
- vpxor xmm14, xmm14, xmm13
- vpxor xmm14, xmm14, xmm8
- vpxor xmm4, xmm4, xmm14
+ vpslldq xmm9, xmm8, 8
+ vpsrldq xmm8, xmm8, 8
+ vpxor xmm7, xmm7, xmm9
+ vpxor xmm4, xmm10, xmm8
+ vpslld xmm11, xmm7, 31
+ vpslld xmm12, xmm7, 30
+ vpslld xmm13, xmm7, 25
+ vpxor xmm11, xmm11, xmm12
+ vpxor xmm11, xmm11, xmm13
+ vpsrldq xmm12, xmm11, 4
+ vpslldq xmm11, xmm11, 12
+ vpxor xmm7, xmm7, xmm11
+ vpsrld xmm13, xmm7, 1
+ vpsrld xmm9, xmm7, 2
+ vpsrld xmm8, xmm7, 7
+ vpxor xmm13, xmm13, xmm9
+ vpxor xmm13, xmm13, xmm8
+ vpxor xmm13, xmm13, xmm12
+ vpxor xmm13, xmm13, xmm7
+ vpxor xmm4, xmm4, xmm13
vpshufb xmm4, xmm4, OWORD PTR L_avx1_aes_gcm_bswap_mask
vpxor xmm0, xmm4, xmm6
cmp r8d, 16
@@ -10447,7 +10669,15 @@ L_AES_GCM_encrypt_final_avx1_store_tag_16:
vmovdqu OWORD PTR [r9], xmm0
L_AES_GCM_encrypt_final_avx1_store_tag_done:
vzeroupper
- add rsp, 16
+ vmovdqu xmm6, OWORD PTR [rsp+16]
+ vmovdqu xmm7, OWORD PTR [rsp+32]
+ vmovdqu xmm8, OWORD PTR [rsp+48]
+ vmovdqu xmm9, OWORD PTR [rsp+64]
+ vmovdqu xmm10, OWORD PTR [rsp+80]
+ vmovdqu xmm11, OWORD PTR [rsp+96]
+ vmovdqu xmm12, OWORD PTR [rsp+112]
+ vmovdqu xmm13, OWORD PTR [rsp+128]
+ add rsp, 144
pop r14
pop r12
pop r13
@@ -10469,7 +10699,17 @@ AES_GCM_decrypt_update_avx1 PROC
mov r12, QWORD PTR [rsp+88]
mov r14, QWORD PTR [rsp+96]
mov r15, QWORD PTR [rsp+104]
- sub rsp, 168
+ sub rsp, 328
+ vmovdqu OWORD PTR [rsp+168], xmm6
+ vmovdqu OWORD PTR [rsp+184], xmm7
+ vmovdqu OWORD PTR [rsp+200], xmm8
+ vmovdqu OWORD PTR [rsp+216], xmm9
+ vmovdqu OWORD PTR [rsp+232], xmm10
+ vmovdqu OWORD PTR [rsp+248], xmm11
+ vmovdqu OWORD PTR [rsp+264], xmm12
+ vmovdqu OWORD PTR [rsp+280], xmm13
+ vmovdqu OWORD PTR [rsp+296], xmm14
+ vmovdqu OWORD PTR [rsp+312], xmm15
vmovdqa xmm6, OWORD PTR [r12]
vmovdqa xmm5, OWORD PTR [r14]
vpsrlq xmm9, xmm5, 63
@@ -11051,7 +11291,17 @@ L_AES_GCM_decrypt_update_avx1_last_block_done:
L_AES_GCM_decrypt_update_avx1_done_dec:
vmovdqa OWORD PTR [r12], xmm6
vzeroupper
- add rsp, 168
+ vmovdqu xmm6, OWORD PTR [rsp+168]
+ vmovdqu xmm7, OWORD PTR [rsp+184]
+ vmovdqu xmm8, OWORD PTR [rsp+200]
+ vmovdqu xmm9, OWORD PTR [rsp+216]
+ vmovdqu xmm10, OWORD PTR [rsp+232]
+ vmovdqu xmm11, OWORD PTR [rsp+248]
+ vmovdqu xmm12, OWORD PTR [rsp+264]
+ vmovdqu xmm13, OWORD PTR [rsp+280]
+ vmovdqu xmm14, OWORD PTR [rsp+296]
+ vmovdqu xmm15, OWORD PTR [rsp+312]
+ add rsp, 328
pop rdi
pop r15
pop r14
@@ -11074,18 +11324,27 @@ AES_GCM_decrypt_final_avx1 PROC
mov r12, QWORD PTR [rsp+88]
mov r14, QWORD PTR [rsp+96]
mov rbp, QWORD PTR [rsp+104]
- sub rsp, 16
+ sub rsp, 160
+ vmovdqu OWORD PTR [rsp+16], xmm6
+ vmovdqu OWORD PTR [rsp+32], xmm7
+ vmovdqu OWORD PTR [rsp+48], xmm8
+ vmovdqu OWORD PTR [rsp+64], xmm9
+ vmovdqu OWORD PTR [rsp+80], xmm10
+ vmovdqu OWORD PTR [rsp+96], xmm11
+ vmovdqu OWORD PTR [rsp+112], xmm12
+ vmovdqu OWORD PTR [rsp+128], xmm13
+ vmovdqu OWORD PTR [rsp+144], xmm15
vmovdqa xmm6, OWORD PTR [rax]
vmovdqa xmm5, OWORD PTR [r12]
vmovdqa xmm15, OWORD PTR [r14]
- vpsrlq xmm9, xmm5, 63
- vpsllq xmm8, xmm5, 1
- vpslldq xmm9, xmm9, 8
- vpor xmm8, xmm8, xmm9
+ vpsrlq xmm8, xmm5, 63
+ vpsllq xmm7, xmm5, 1
+ vpslldq xmm8, xmm8, 8
+ vpor xmm7, xmm7, xmm8
vpshufd xmm5, xmm5, 255
vpsrad xmm5, xmm5, 31
vpand xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_mod2_128
- vpxor xmm5, xmm5, xmm8
+ vpxor xmm5, xmm5, xmm7
mov edx, r10d
mov ecx, r11d
shl rdx, 3
@@ -11095,35 +11354,35 @@ AES_GCM_decrypt_final_avx1 PROC
vpunpcklqdq xmm0, xmm0, xmm1
vpxor xmm6, xmm6, xmm0
; ghash_gfmul_red_avx
- vpshufd xmm9, xmm5, 78
- vpshufd xmm10, xmm6, 78
- vpclmulqdq xmm11, xmm6, xmm5, 17
- vpclmulqdq xmm8, xmm6, xmm5, 0
- vpxor xmm9, xmm9, xmm5
- vpxor xmm10, xmm10, xmm6
- vpclmulqdq xmm9, xmm9, xmm10, 0
- vpxor xmm9, xmm9, xmm8
- vpxor xmm9, xmm9, xmm11
- vpslldq xmm10, xmm9, 8
- vpsrldq xmm9, xmm9, 8
+ vpshufd xmm8, xmm5, 78
+ vpshufd xmm9, xmm6, 78
+ vpclmulqdq xmm10, xmm6, xmm5, 17
+ vpclmulqdq xmm7, xmm6, xmm5, 0
+ vpxor xmm8, xmm8, xmm5
+ vpxor xmm9, xmm9, xmm6
+ vpclmulqdq xmm8, xmm8, xmm9, 0
+ vpxor xmm8, xmm8, xmm7
vpxor xmm8, xmm8, xmm10
- vpxor xmm6, xmm11, xmm9
- vpslld xmm12, xmm8, 31
- vpslld xmm13, xmm8, 30
- vpslld xmm14, xmm8, 25
- vpxor xmm12, xmm12, xmm13
- vpxor xmm12, xmm12, xmm14
- vpsrldq xmm13, xmm12, 4
- vpslldq xmm12, xmm12, 12
- vpxor xmm8, xmm8, xmm12
- vpsrld xmm14, xmm8, 1
- vpsrld xmm10, xmm8, 2
- vpsrld xmm9, xmm8, 7
- vpxor xmm14, xmm14, xmm10
- vpxor xmm14, xmm14, xmm9
- vpxor xmm14, xmm14, xmm13
- vpxor xmm14, xmm14, xmm8
- vpxor xmm6, xmm6, xmm14
+ vpslldq xmm9, xmm8, 8
+ vpsrldq xmm8, xmm8, 8
+ vpxor xmm7, xmm7, xmm9
+ vpxor xmm6, xmm10, xmm8
+ vpslld xmm11, xmm7, 31
+ vpslld xmm12, xmm7, 30
+ vpslld xmm13, xmm7, 25
+ vpxor xmm11, xmm11, xmm12
+ vpxor xmm11, xmm11, xmm13
+ vpsrldq xmm12, xmm11, 4
+ vpslldq xmm11, xmm11, 12
+ vpxor xmm7, xmm7, xmm11
+ vpsrld xmm13, xmm7, 1
+ vpsrld xmm9, xmm7, 2
+ vpsrld xmm8, xmm7, 7
+ vpxor xmm13, xmm13, xmm9
+ vpxor xmm13, xmm13, xmm8
+ vpxor xmm13, xmm13, xmm12
+ vpxor xmm13, xmm13, xmm7
+ vpxor xmm6, xmm6, xmm13
vpshufb xmm6, xmm6, OWORD PTR L_avx1_aes_gcm_bswap_mask
vpxor xmm0, xmm6, xmm15
cmp r8d, 16
@@ -11155,7 +11414,16 @@ L_AES_GCM_decrypt_final_avx1_cmp_tag_16:
L_AES_GCM_decrypt_final_avx1_cmp_tag_done:
mov DWORD PTR [rbp], r15d
vzeroupper
- add rsp, 16
+ vmovdqu xmm6, OWORD PTR [rsp+16]
+ vmovdqu xmm7, OWORD PTR [rsp+32]
+ vmovdqu xmm8, OWORD PTR [rsp+48]
+ vmovdqu xmm9, OWORD PTR [rsp+64]
+ vmovdqu xmm10, OWORD PTR [rsp+80]
+ vmovdqu xmm11, OWORD PTR [rsp+96]
+ vmovdqu xmm12, OWORD PTR [rsp+112]
+ vmovdqu xmm13, OWORD PTR [rsp+128]
+ vmovdqu xmm15, OWORD PTR [rsp+144]
+ add rsp, 160
pop r15
pop rbp
pop r14
@@ -11246,7 +11514,17 @@ AES_GCM_encrypt_avx2 PROC
mov r14d, DWORD PTR [rsp+128]
mov rsi, QWORD PTR [rsp+136]
mov r9d, DWORD PTR [rsp+144]
- sub rsp, 160
+ sub rsp, 320
+ vmovdqu OWORD PTR [rsp+160], xmm6
+ vmovdqu OWORD PTR [rsp+176], xmm7
+ vmovdqu OWORD PTR [rsp+192], xmm8
+ vmovdqu OWORD PTR [rsp+208], xmm9
+ vmovdqu OWORD PTR [rsp+224], xmm10
+ vmovdqu OWORD PTR [rsp+240], xmm11
+ vmovdqu OWORD PTR [rsp+256], xmm12
+ vmovdqu OWORD PTR [rsp+272], xmm13
+ vmovdqu OWORD PTR [rsp+288], xmm14
+ vmovdqu OWORD PTR [rsp+304], xmm15
vpxor xmm4, xmm4, xmm4
vpxor xmm6, xmm6, xmm6
mov edx, ebx
@@ -12517,7 +12795,17 @@ L_AES_GCM_encrypt_avx2_store_tag_16:
vmovdqu OWORD PTR [r15], xmm0
L_AES_GCM_encrypt_avx2_store_tag_done:
vzeroupper
- add rsp, 160
+ vmovdqu xmm6, OWORD PTR [rsp+160]
+ vmovdqu xmm7, OWORD PTR [rsp+176]
+ vmovdqu xmm8, OWORD PTR [rsp+192]
+ vmovdqu xmm9, OWORD PTR [rsp+208]
+ vmovdqu xmm10, OWORD PTR [rsp+224]
+ vmovdqu xmm11, OWORD PTR [rsp+240]
+ vmovdqu xmm12, OWORD PTR [rsp+256]
+ vmovdqu xmm13, OWORD PTR [rsp+272]
+ vmovdqu xmm14, OWORD PTR [rsp+288]
+ vmovdqu xmm15, OWORD PTR [rsp+304]
+ add rsp, 320
pop rsi
pop r14
pop rbx
@@ -12550,7 +12838,17 @@ AES_GCM_decrypt_avx2 PROC
mov rsi, QWORD PTR [rsp+144]
mov r9d, DWORD PTR [rsp+152]
mov rbp, QWORD PTR [rsp+160]
- sub rsp, 168
+ sub rsp, 328
+ vmovdqu OWORD PTR [rsp+168], xmm6
+ vmovdqu OWORD PTR [rsp+184], xmm7
+ vmovdqu OWORD PTR [rsp+200], xmm8
+ vmovdqu OWORD PTR [rsp+216], xmm9
+ vmovdqu OWORD PTR [rsp+232], xmm10
+ vmovdqu OWORD PTR [rsp+248], xmm11
+ vmovdqu OWORD PTR [rsp+264], xmm12
+ vmovdqu OWORD PTR [rsp+280], xmm13
+ vmovdqu OWORD PTR [rsp+296], xmm14
+ vmovdqu OWORD PTR [rsp+312], xmm15
vpxor xmm4, xmm4, xmm4
vpxor xmm6, xmm6, xmm6
mov edx, ebx
@@ -13481,7 +13779,17 @@ L_AES_GCM_decrypt_avx2_cmp_tag_16:
L_AES_GCM_decrypt_avx2_cmp_tag_done:
mov DWORD PTR [rbp], eax
vzeroupper
- add rsp, 168
+ vmovdqu xmm6, OWORD PTR [rsp+168]
+ vmovdqu xmm7, OWORD PTR [rsp+184]
+ vmovdqu xmm8, OWORD PTR [rsp+200]
+ vmovdqu xmm9, OWORD PTR [rsp+216]
+ vmovdqu xmm10, OWORD PTR [rsp+232]
+ vmovdqu xmm11, OWORD PTR [rsp+248]
+ vmovdqu xmm12, OWORD PTR [rsp+264]
+ vmovdqu xmm13, OWORD PTR [rsp+280]
+ vmovdqu xmm14, OWORD PTR [rsp+296]
+ vmovdqu xmm15, OWORD PTR [rsp+312]
+ add rsp, 328
pop rbp
pop rsi
pop r15
@@ -13506,7 +13814,9 @@ AES_GCM_init_avx2 PROC
mov rax, QWORD PTR [rsp+72]
mov r8, QWORD PTR [rsp+80]
mov r9, QWORD PTR [rsp+88]
- sub rsp, 16
+ sub rsp, 48
+ vmovdqu OWORD PTR [rsp+16], xmm6
+ vmovdqu OWORD PTR [rsp+32], xmm7
vpxor xmm4, xmm4, xmm4
mov edx, r11d
cmp edx, 12
@@ -13755,7 +14065,9 @@ L_AES_GCM_init_avx2_iv_done:
vmovdqu OWORD PTR [rax], xmm5
vmovdqu OWORD PTR [r8], xmm4
vzeroupper
- add rsp, 16
+ vmovdqu xmm6, OWORD PTR [rsp+16]
+ vmovdqu xmm7, OWORD PTR [rsp+32]
+ add rsp, 48
pop r12
pop rsi
pop rdi
@@ -13766,6 +14078,8 @@ _text ENDS
_text SEGMENT READONLY PARA
AES_GCM_aad_update_avx2 PROC
mov rax, rcx
+ sub rsp, 16
+ vmovdqu OWORD PTR [rsp], xmm6
vmovdqu xmm4, OWORD PTR [r8]
vmovdqu xmm5, OWORD PTR [r9]
xor ecx, ecx
@@ -13808,6 +14122,8 @@ L_AES_GCM_aad_update_avx2_16_loop:
jl L_AES_GCM_aad_update_avx2_16_loop
vmovdqu OWORD PTR [r8], xmm4
vzeroupper
+ vmovdqu xmm6, OWORD PTR [rsp]
+ add rsp, 16
ret
AES_GCM_aad_update_avx2 ENDP
_text ENDS
@@ -13868,6 +14184,8 @@ AES_GCM_encrypt_block_avx2 ENDP
_text ENDS
_text SEGMENT READONLY PARA
AES_GCM_ghash_block_avx2 PROC
+ sub rsp, 16
+ vmovdqu OWORD PTR [rsp], xmm6
vmovdqu xmm4, OWORD PTR [rdx]
vmovdqu xmm5, OWORD PTR [r8]
vmovdqu xmm0, OWORD PTR [rcx]
@@ -13905,6 +14223,8 @@ AES_GCM_ghash_block_avx2 PROC
vpxor xmm4, xmm4, xmm1
vmovdqu OWORD PTR [rdx], xmm4
vzeroupper
+ vmovdqu xmm6, OWORD PTR [rsp]
+ add rsp, 16
ret
AES_GCM_ghash_block_avx2 ENDP
_text ENDS
@@ -13923,7 +14243,17 @@ AES_GCM_encrypt_update_avx2 PROC
mov r12, QWORD PTR [rsp+88]
mov r13, QWORD PTR [rsp+96]
mov r14, QWORD PTR [rsp+104]
- sub rsp, 152
+ sub rsp, 312
+ vmovdqu OWORD PTR [rsp+152], xmm6
+ vmovdqu OWORD PTR [rsp+168], xmm7
+ vmovdqu OWORD PTR [rsp+184], xmm8
+ vmovdqu OWORD PTR [rsp+200], xmm9
+ vmovdqu OWORD PTR [rsp+216], xmm10
+ vmovdqu OWORD PTR [rsp+232], xmm11
+ vmovdqu OWORD PTR [rsp+248], xmm12
+ vmovdqu OWORD PTR [rsp+264], xmm13
+ vmovdqu OWORD PTR [rsp+280], xmm14
+ vmovdqu OWORD PTR [rsp+296], xmm15
vmovdqu xmm6, OWORD PTR [r12]
vmovdqu xmm5, OWORD PTR [r13]
vmovdqu xmm4, OWORD PTR [r14]
@@ -14754,7 +15084,17 @@ L_AES_GCM_encrypt_update_avx2_done_enc:
vmovdqu OWORD PTR [r12], xmm6
vmovdqu OWORD PTR [r14], xmm4
vzeroupper
- add rsp, 152
+ vmovdqu xmm6, OWORD PTR [rsp+152]
+ vmovdqu xmm7, OWORD PTR [rsp+168]
+ vmovdqu xmm8, OWORD PTR [rsp+184]
+ vmovdqu xmm9, OWORD PTR [rsp+200]
+ vmovdqu xmm10, OWORD PTR [rsp+216]
+ vmovdqu xmm11, OWORD PTR [rsp+232]
+ vmovdqu xmm12, OWORD PTR [rsp+248]
+ vmovdqu xmm13, OWORD PTR [rsp+264]
+ vmovdqu xmm14, OWORD PTR [rsp+280]
+ vmovdqu xmm15, OWORD PTR [rsp+296]
+ add rsp, 312
pop rdi
pop r15
pop r14
@@ -14770,7 +15110,9 @@ AES_GCM_encrypt_final_avx2 PROC
mov eax, DWORD PTR [rsp+56]
mov r10, QWORD PTR [rsp+64]
mov r11, QWORD PTR [rsp+72]
- sub rsp, 16
+ sub rsp, 48
+ vmovdqu OWORD PTR [rsp+16], xmm6
+ vmovdqu OWORD PTR [rsp+32], xmm7
vmovdqu xmm4, OWORD PTR [rcx]
vmovdqu xmm5, OWORD PTR [r10]
vmovdqu xmm6, OWORD PTR [r11]
@@ -14824,7 +15166,9 @@ L_AES_GCM_encrypt_final_avx2_store_tag_16:
vmovdqu OWORD PTR [rdx], xmm0
L_AES_GCM_encrypt_final_avx2_store_tag_done:
vzeroupper
- add rsp, 16
+ vmovdqu xmm6, OWORD PTR [rsp+16]
+ vmovdqu xmm7, OWORD PTR [rsp+32]
+ add rsp, 48
pop r13
pop r12
ret
@@ -14845,7 +15189,17 @@ AES_GCM_decrypt_update_avx2 PROC
mov r12, QWORD PTR [rsp+88]
mov r14, QWORD PTR [rsp+96]
mov r15, QWORD PTR [rsp+104]
- sub rsp, 168
+ sub rsp, 328
+ vmovdqu OWORD PTR [rsp+168], xmm6
+ vmovdqu OWORD PTR [rsp+184], xmm7
+ vmovdqu OWORD PTR [rsp+200], xmm8
+ vmovdqu OWORD PTR [rsp+216], xmm9
+ vmovdqu OWORD PTR [rsp+232], xmm10
+ vmovdqu OWORD PTR [rsp+248], xmm11
+ vmovdqu OWORD PTR [rsp+264], xmm12
+ vmovdqu OWORD PTR [rsp+280], xmm13
+ vmovdqu OWORD PTR [rsp+296], xmm14
+ vmovdqu OWORD PTR [rsp+312], xmm15
vmovdqu xmm6, OWORD PTR [r12]
vmovdqu xmm5, OWORD PTR [r14]
vmovdqu xmm4, OWORD PTR [r15]
@@ -15329,7 +15683,17 @@ L_AES_GCM_decrypt_update_avx2_done_dec:
vmovdqu OWORD PTR [r12], xmm6
vmovdqu OWORD PTR [r15], xmm4
vzeroupper
- add rsp, 168
+ vmovdqu xmm6, OWORD PTR [rsp+168]
+ vmovdqu xmm7, OWORD PTR [rsp+184]
+ vmovdqu xmm8, OWORD PTR [rsp+200]
+ vmovdqu xmm9, OWORD PTR [rsp+216]
+ vmovdqu xmm10, OWORD PTR [rsp+232]
+ vmovdqu xmm11, OWORD PTR [rsp+248]
+ vmovdqu xmm12, OWORD PTR [rsp+264]
+ vmovdqu xmm13, OWORD PTR [rsp+280]
+ vmovdqu xmm14, OWORD PTR [rsp+296]
+ vmovdqu xmm15, OWORD PTR [rsp+312]
+ add rsp, 328
pop rdi
pop r15
pop r14
@@ -15347,7 +15711,9 @@ AES_GCM_decrypt_final_avx2 PROC
mov r10, QWORD PTR [rsp+72]
mov r11, QWORD PTR [rsp+80]
mov r12, QWORD PTR [rsp+88]
- sub rsp, 16
+ sub rsp, 48
+ vmovdqu OWORD PTR [rsp+16], xmm6
+ vmovdqu OWORD PTR [rsp+32], xmm7
vmovdqu xmm4, OWORD PTR [rcx]
vmovdqu xmm5, OWORD PTR [r10]
vmovdqu xmm6, OWORD PTR [r11]
@@ -15412,7 +15778,9 @@ L_AES_GCM_decrypt_final_avx2_cmp_tag_16:
L_AES_GCM_decrypt_final_avx2_cmp_tag_done:
mov DWORD PTR [r12], r10d
vzeroupper
- add rsp, 16
+ vmovdqu xmm6, OWORD PTR [rsp+16]
+ vmovdqu xmm7, OWORD PTR [rsp+32]
+ add rsp, 48
pop r14
pop r13
pop r12
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S
new file mode 100644
index 00000000..fedead84
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S
@@ -0,0 +1,1449 @@
+/* aes_xts_asm.S */
+/*
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef WOLFSSL_USER_SETTINGS
+#ifdef WOLFSSL_USER_SETTINGS_ASM
+/*
+ * user_settings_asm.h is a file generated by the script user_settings_asm.sh.
+ * The script takes in a user_settings.h and produces user_settings_asm.h, which
+ * is a stripped down version of user_settings.h containing only preprocessor
+ * directives. This makes the header safe to include in assembly (.S) files.
+ */
+#include "user_settings_asm.h"
+#else
+/*
+ * Note: if user_settings.h contains any C code (e.g. a typedef or function
+ * prototype), including it here in an assembly (.S) file will cause an
+ * assembler failure. See user_settings_asm.h above.
+ */
+#include "user_settings.h"
+#endif /* WOLFSSL_USER_SETTINGS_ASM */
+#endif /* WOLFSSL_USER_SETTINGS */
+
+#ifndef HAVE_INTEL_AVX1
+#define HAVE_INTEL_AVX1
+#endif /* HAVE_INTEL_AVX1 */
+#ifndef NO_AVX2_SUPPORT
+#define HAVE_INTEL_AVX2
+#endif /* NO_AVX2_SUPPORT */
+
+#ifdef WOLFSSL_AES_XTS
+#ifdef WOLFSSL_X86_64_BUILD
+#ifndef __APPLE__
+.data
+#else
+.section __DATA,__data
+#endif /* __APPLE__ */
+L_aes_xts_gc_xts:
+.long 0x87,0x1,0x1,0x1
+#ifndef __APPLE__
+.text
+.globl AES_XTS_encrypt_aesni
+.type AES_XTS_encrypt_aesni,@function
+.align 16
+AES_XTS_encrypt_aesni:
+#else
+.section __TEXT,__text
+.globl _AES_XTS_encrypt_aesni
+.p2align 4
+_AES_XTS_encrypt_aesni:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ movq %rdx, %rax
+ movq %rcx, %r12
+ movl 24(%rsp), %r10d
+ subq $0x40, %rsp
+ movdqu L_aes_xts_gc_xts(%rip), %xmm12
+ movdqu (%r12), %xmm0
+ # aes_enc_block
+ pxor (%r9), %xmm0
+ movdqu 16(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 32(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 48(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 64(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 80(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 96(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 112(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 128(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 144(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ cmpl $11, %r10d
+ movdqu 160(%r9), %xmm5
+ jl L_AES_XTS_encrypt_aesni_tweak_aes_enc_block_last
+ aesenc %xmm5, %xmm0
+ movdqu 176(%r9), %xmm6
+ aesenc %xmm6, %xmm0
+ cmpl $13, %r10d
+ movdqu 192(%r9), %xmm5
+ jl L_AES_XTS_encrypt_aesni_tweak_aes_enc_block_last
+ aesenc %xmm5, %xmm0
+ movdqu 208(%r9), %xmm6
+ aesenc %xmm6, %xmm0
+ movdqu 224(%r9), %xmm5
+L_AES_XTS_encrypt_aesni_tweak_aes_enc_block_last:
+ aesenclast %xmm5, %xmm0
+ xorl %r13d, %r13d
+ cmpl $0x40, %eax
+ movl %eax, %r11d
+ jl L_AES_XTS_encrypt_aesni_done_64
+ andl $0xffffffc0, %r11d
+L_AES_XTS_encrypt_aesni_enc_64:
+ # 64 bytes of input
+ # aes_enc_64
+ leaq (%rdi,%r13,1), %rcx
+ leaq (%rsi,%r13,1), %rdx
+ movdqu (%rcx), %xmm8
+ movdqu 16(%rcx), %xmm9
+ movdqu 32(%rcx), %xmm10
+ movdqu 48(%rcx), %xmm11
+ movdqa %xmm0, %xmm4
+ movdqa %xmm0, %xmm1
+ psrad $31, %xmm4
+ pslld $0x01, %xmm1
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm1
+ movdqa %xmm1, %xmm4
+ movdqa %xmm1, %xmm2
+ psrad $31, %xmm4
+ pslld $0x01, %xmm2
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm2
+ movdqa %xmm2, %xmm4
+ movdqa %xmm2, %xmm3
+ psrad $31, %xmm4
+ pslld $0x01, %xmm3
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm3
+ pxor %xmm0, %xmm8
+ pxor %xmm1, %xmm9
+ pxor %xmm2, %xmm10
+ pxor %xmm3, %xmm11
+ # aes_enc_block
+ movdqu (%r8), %xmm4
+ pxor %xmm4, %xmm8
+ pxor %xmm4, %xmm9
+ pxor %xmm4, %xmm10
+ pxor %xmm4, %xmm11
+ movdqu 16(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 32(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 48(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 64(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 80(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 96(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 112(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 128(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 144(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm4
+ jl L_AES_XTS_encrypt_aesni_aes_enc_64_aes_enc_block_last
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 176(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm4
+ jl L_AES_XTS_encrypt_aesni_aes_enc_64_aes_enc_block_last
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 208(%r8), %xmm4
+ aesenc %xmm4, %xmm8
+ aesenc %xmm4, %xmm9
+ aesenc %xmm4, %xmm10
+ aesenc %xmm4, %xmm11
+ movdqu 224(%r8), %xmm4
+L_AES_XTS_encrypt_aesni_aes_enc_64_aes_enc_block_last:
+ aesenclast %xmm4, %xmm8
+ aesenclast %xmm4, %xmm9
+ aesenclast %xmm4, %xmm10
+ aesenclast %xmm4, %xmm11
+ pxor %xmm0, %xmm8
+ pxor %xmm1, %xmm9
+ pxor %xmm2, %xmm10
+ pxor %xmm3, %xmm11
+ movdqu %xmm8, (%rdx)
+ movdqu %xmm9, 16(%rdx)
+ movdqu %xmm10, 32(%rdx)
+ movdqu %xmm11, 48(%rdx)
+ movdqa %xmm3, %xmm4
+ movdqa %xmm3, %xmm0
+ psrad $31, %xmm4
+ pslld $0x01, %xmm0
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm0
+ addl $0x40, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_encrypt_aesni_enc_64
+L_AES_XTS_encrypt_aesni_done_64:
+ cmpl %eax, %r13d
+ movl %eax, %r11d
+ je L_AES_XTS_encrypt_aesni_done_enc
+ subl %r13d, %r11d
+ cmpl $16, %r11d
+ movl %eax, %r11d
+ jl L_AES_XTS_encrypt_aesni_last_15
+ andl $0xfffffff0, %r11d
+ # 16 bytes of input
+L_AES_XTS_encrypt_aesni_enc_16:
+ leaq (%rdi,%r13,1), %rcx
+ movdqu (%rcx), %xmm8
+ pxor %xmm0, %xmm8
+ # aes_enc_block
+ pxor (%r8), %xmm8
+ movdqu 16(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 32(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 48(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 64(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 80(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 96(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 112(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 128(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 144(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm5
+ jl L_AES_XTS_encrypt_aesni_aes_enc_block_last
+ aesenc %xmm5, %xmm8
+ movdqu 176(%r8), %xmm6
+ aesenc %xmm6, %xmm8
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm5
+ jl L_AES_XTS_encrypt_aesni_aes_enc_block_last
+ aesenc %xmm5, %xmm8
+ movdqu 208(%r8), %xmm6
+ aesenc %xmm6, %xmm8
+ movdqu 224(%r8), %xmm5
+L_AES_XTS_encrypt_aesni_aes_enc_block_last:
+ aesenclast %xmm5, %xmm8
+ pxor %xmm0, %xmm8
+ leaq (%rsi,%r13,1), %rcx
+ movdqu %xmm8, (%rcx)
+ movdqa %xmm0, %xmm4
+ psrad $31, %xmm4
+ pslld $0x01, %xmm0
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm0
+ addl $16, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_encrypt_aesni_enc_16
+ cmpl %eax, %r13d
+ je L_AES_XTS_encrypt_aesni_done_enc
+L_AES_XTS_encrypt_aesni_last_15:
+ subq $16, %r13
+ leaq (%rsi,%r13,1), %rcx
+ movdqu (%rcx), %xmm8
+ addq $16, %r13
+ movdqu %xmm8, (%rsp)
+ xorq %rdx, %rdx
+L_AES_XTS_encrypt_aesni_last_15_byte_loop:
+ movb (%rsp,%rdx,1), %r11b
+ movb (%rdi,%r13,1), %cl
+ movb %r11b, (%rsi,%r13,1)
+ movb %cl, (%rsp,%rdx,1)
+ incl %r13d
+ incl %edx
+ cmpl %eax, %r13d
+ jl L_AES_XTS_encrypt_aesni_last_15_byte_loop
+ subq %rdx, %r13
+ movdqu (%rsp), %xmm8
+ subq $16, %r13
+ pxor %xmm0, %xmm8
+ # aes_enc_block
+ pxor (%r8), %xmm8
+ movdqu 16(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 32(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 48(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 64(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 80(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 96(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 112(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 128(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ movdqu 144(%r8), %xmm5
+ aesenc %xmm5, %xmm8
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm5
+ jl L_AES_XTS_encrypt_aesni_last_15_aes_enc_block_last
+ aesenc %xmm5, %xmm8
+ movdqu 176(%r8), %xmm6
+ aesenc %xmm6, %xmm8
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm5
+ jl L_AES_XTS_encrypt_aesni_last_15_aes_enc_block_last
+ aesenc %xmm5, %xmm8
+ movdqu 208(%r8), %xmm6
+ aesenc %xmm6, %xmm8
+ movdqu 224(%r8), %xmm5
+L_AES_XTS_encrypt_aesni_last_15_aes_enc_block_last:
+ aesenclast %xmm5, %xmm8
+ pxor %xmm0, %xmm8
+ leaq (%rsi,%r13,1), %rcx
+ movdqu %xmm8, (%rcx)
+L_AES_XTS_encrypt_aesni_done_enc:
+ addq $0x40, %rsp
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size AES_XTS_encrypt_aesni,.-AES_XTS_encrypt_aesni
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl AES_XTS_decrypt_aesni
+.type AES_XTS_decrypt_aesni,@function
+.align 16
+AES_XTS_decrypt_aesni:
+#else
+.section __TEXT,__text
+.globl _AES_XTS_decrypt_aesni
+.p2align 4
+_AES_XTS_decrypt_aesni:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ movq %rdx, %rax
+ movq %rcx, %r12
+ movl 24(%rsp), %r10d
+ subq $16, %rsp
+ movdqu L_aes_xts_gc_xts(%rip), %xmm12
+ movdqu (%r12), %xmm0
+ # aes_enc_block
+ pxor (%r9), %xmm0
+ movdqu 16(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 32(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 48(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 64(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 80(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 96(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 112(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 128(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ movdqu 144(%r9), %xmm5
+ aesenc %xmm5, %xmm0
+ cmpl $11, %r10d
+ movdqu 160(%r9), %xmm5
+ jl L_AES_XTS_decrypt_aesni_tweak_aes_enc_block_last
+ aesenc %xmm5, %xmm0
+ movdqu 176(%r9), %xmm6
+ aesenc %xmm6, %xmm0
+ cmpl $13, %r10d
+ movdqu 192(%r9), %xmm5
+ jl L_AES_XTS_decrypt_aesni_tweak_aes_enc_block_last
+ aesenc %xmm5, %xmm0
+ movdqu 208(%r9), %xmm6
+ aesenc %xmm6, %xmm0
+ movdqu 224(%r9), %xmm5
+L_AES_XTS_decrypt_aesni_tweak_aes_enc_block_last:
+ aesenclast %xmm5, %xmm0
+ xorl %r13d, %r13d
+ movl %eax, %r11d
+ andl $0xfffffff0, %r11d
+ cmpl %eax, %r11d
+ je L_AES_XTS_decrypt_aesni_mul16_64
+ subl $16, %r11d
+ cmpl $16, %r11d
+ jl L_AES_XTS_decrypt_aesni_last_31_start
+L_AES_XTS_decrypt_aesni_mul16_64:
+ cmpl $0x40, %r11d
+ jl L_AES_XTS_decrypt_aesni_done_64
+ andl $0xffffffc0, %r11d
+L_AES_XTS_decrypt_aesni_dec_64:
+ # 64 bytes of input
+ # aes_dec_64
+ leaq (%rdi,%r13,1), %rcx
+ leaq (%rsi,%r13,1), %rdx
+ movdqu (%rcx), %xmm8
+ movdqu 16(%rcx), %xmm9
+ movdqu 32(%rcx), %xmm10
+ movdqu 48(%rcx), %xmm11
+ movdqa %xmm0, %xmm4
+ movdqa %xmm0, %xmm1
+ psrad $31, %xmm4
+ pslld $0x01, %xmm1
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm1
+ movdqa %xmm1, %xmm4
+ movdqa %xmm1, %xmm2
+ psrad $31, %xmm4
+ pslld $0x01, %xmm2
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm2
+ movdqa %xmm2, %xmm4
+ movdqa %xmm2, %xmm3
+ psrad $31, %xmm4
+ pslld $0x01, %xmm3
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm3
+ pxor %xmm0, %xmm8
+ pxor %xmm1, %xmm9
+ pxor %xmm2, %xmm10
+ pxor %xmm3, %xmm11
+ # aes_dec_block
+ movdqu (%r8), %xmm4
+ pxor %xmm4, %xmm8
+ pxor %xmm4, %xmm9
+ pxor %xmm4, %xmm10
+ pxor %xmm4, %xmm11
+ movdqu 16(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 32(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 48(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 64(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 80(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 96(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 112(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 128(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 144(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm4
+ jl L_AES_XTS_decrypt_aesni_aes_dec_64_aes_dec_block_last
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 176(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm4
+ jl L_AES_XTS_decrypt_aesni_aes_dec_64_aes_dec_block_last
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 208(%r8), %xmm4
+ aesdec %xmm4, %xmm8
+ aesdec %xmm4, %xmm9
+ aesdec %xmm4, %xmm10
+ aesdec %xmm4, %xmm11
+ movdqu 224(%r8), %xmm4
+L_AES_XTS_decrypt_aesni_aes_dec_64_aes_dec_block_last:
+ aesdeclast %xmm4, %xmm8
+ aesdeclast %xmm4, %xmm9
+ aesdeclast %xmm4, %xmm10
+ aesdeclast %xmm4, %xmm11
+ pxor %xmm0, %xmm8
+ pxor %xmm1, %xmm9
+ pxor %xmm2, %xmm10
+ pxor %xmm3, %xmm11
+ movdqu %xmm8, (%rdx)
+ movdqu %xmm9, 16(%rdx)
+ movdqu %xmm10, 32(%rdx)
+ movdqu %xmm11, 48(%rdx)
+ movdqa %xmm3, %xmm4
+ movdqa %xmm3, %xmm0
+ psrad $31, %xmm4
+ pslld $0x01, %xmm0
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm0
+ addl $0x40, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_decrypt_aesni_dec_64
+L_AES_XTS_decrypt_aesni_done_64:
+ cmpl %eax, %r13d
+ movl %eax, %r11d
+ je L_AES_XTS_decrypt_aesni_done_dec
+ andl $0xfffffff0, %r11d
+ cmpl %eax, %r11d
+ je L_AES_XTS_decrypt_aesni_mul16
+ subl $16, %r11d
+ subl %r13d, %r11d
+ cmpl $16, %r11d
+ jl L_AES_XTS_decrypt_aesni_last_31_start
+ addl %r13d, %r11d
+L_AES_XTS_decrypt_aesni_mul16:
+L_AES_XTS_decrypt_aesni_dec_16:
+ # 16 bytes of input
+ leaq (%rdi,%r13,1), %rcx
+ movdqu (%rcx), %xmm8
+ pxor %xmm0, %xmm8
+ # aes_dec_block
+ pxor (%r8), %xmm8
+ movdqu 16(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 32(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 48(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 64(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 80(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 96(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 112(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 128(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 144(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm5
+ jl L_AES_XTS_decrypt_aesni_aes_dec_block_last
+ aesdec %xmm5, %xmm8
+ movdqu 176(%r8), %xmm6
+ aesdec %xmm6, %xmm8
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm5
+ jl L_AES_XTS_decrypt_aesni_aes_dec_block_last
+ aesdec %xmm5, %xmm8
+ movdqu 208(%r8), %xmm6
+ aesdec %xmm6, %xmm8
+ movdqu 224(%r8), %xmm5
+L_AES_XTS_decrypt_aesni_aes_dec_block_last:
+ aesdeclast %xmm5, %xmm8
+ pxor %xmm0, %xmm8
+ leaq (%rsi,%r13,1), %rcx
+ movdqu %xmm8, (%rcx)
+ movdqa %xmm0, %xmm4
+ psrad $31, %xmm4
+ pslld $0x01, %xmm0
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm0
+ addl $16, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_decrypt_aesni_dec_16
+ cmpl %eax, %r13d
+ je L_AES_XTS_decrypt_aesni_done_dec
+L_AES_XTS_decrypt_aesni_last_31_start:
+ movdqa %xmm0, %xmm4
+ movdqa %xmm0, %xmm7
+ psrad $31, %xmm4
+ pslld $0x01, %xmm7
+ pshufd $0x93, %xmm4, %xmm4
+ pand %xmm12, %xmm4
+ pxor %xmm4, %xmm7
+ leaq (%rdi,%r13,1), %rcx
+ movdqu (%rcx), %xmm8
+ pxor %xmm7, %xmm8
+ # aes_dec_block
+ pxor (%r8), %xmm8
+ movdqu 16(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 32(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 48(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 64(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 80(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 96(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 112(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 128(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 144(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm5
+ jl L_AES_XTS_decrypt_aesni_last_31_aes_dec_block_last
+ aesdec %xmm5, %xmm8
+ movdqu 176(%r8), %xmm6
+ aesdec %xmm6, %xmm8
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm5
+ jl L_AES_XTS_decrypt_aesni_last_31_aes_dec_block_last
+ aesdec %xmm5, %xmm8
+ movdqu 208(%r8), %xmm6
+ aesdec %xmm6, %xmm8
+ movdqu 224(%r8), %xmm5
+L_AES_XTS_decrypt_aesni_last_31_aes_dec_block_last:
+ aesdeclast %xmm5, %xmm8
+ pxor %xmm7, %xmm8
+ movdqu %xmm8, (%rsp)
+ addq $16, %r13
+ xorq %rdx, %rdx
+L_AES_XTS_decrypt_aesni_last_31_byte_loop:
+ movb (%rsp,%rdx,1), %r11b
+ movb (%rdi,%r13,1), %cl
+ movb %r11b, (%rsi,%r13,1)
+ movb %cl, (%rsp,%rdx,1)
+ incl %r13d
+ incl %edx
+ cmpl %eax, %r13d
+ jl L_AES_XTS_decrypt_aesni_last_31_byte_loop
+ subq %rdx, %r13
+ movdqu (%rsp), %xmm8
+ pxor %xmm0, %xmm8
+ # aes_dec_block
+ pxor (%r8), %xmm8
+ movdqu 16(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 32(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 48(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 64(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 80(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 96(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 112(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 128(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ movdqu 144(%r8), %xmm5
+ aesdec %xmm5, %xmm8
+ cmpl $11, %r10d
+ movdqu 160(%r8), %xmm5
+ jl L_AES_XTS_decrypt_aesni_last_31_2_aes_dec_block_last
+ aesdec %xmm5, %xmm8
+ movdqu 176(%r8), %xmm6
+ aesdec %xmm6, %xmm8
+ cmpl $13, %r10d
+ movdqu 192(%r8), %xmm5
+ jl L_AES_XTS_decrypt_aesni_last_31_2_aes_dec_block_last
+ aesdec %xmm5, %xmm8
+ movdqu 208(%r8), %xmm6
+ aesdec %xmm6, %xmm8
+ movdqu 224(%r8), %xmm5
+L_AES_XTS_decrypt_aesni_last_31_2_aes_dec_block_last:
+ aesdeclast %xmm5, %xmm8
+ pxor %xmm0, %xmm8
+ subq $16, %r13
+ leaq (%rsi,%r13,1), %rcx
+ movdqu %xmm8, (%rcx)
+L_AES_XTS_decrypt_aesni_done_dec:
+ addq $16, %rsp
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size AES_XTS_decrypt_aesni,.-AES_XTS_decrypt_aesni
+#endif /* __APPLE__ */
+#ifdef HAVE_INTEL_AVX1
+#ifndef __APPLE__
+.data
+#else
+.section __DATA,__data
+#endif /* __APPLE__ */
+L_avx1_aes_xts_gc_xts:
+.long 0x87,0x1,0x1,0x1
+#ifndef __APPLE__
+.text
+.globl AES_XTS_encrypt_avx1
+.type AES_XTS_encrypt_avx1,@function
+.align 16
+AES_XTS_encrypt_avx1:
+#else
+.section __TEXT,__text
+.globl _AES_XTS_encrypt_avx1
+.p2align 4
+_AES_XTS_encrypt_avx1:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ movq %rdx, %rax
+ movq %rcx, %r12
+ movl 24(%rsp), %r10d
+ subq $0x40, %rsp
+ vmovdqu L_avx1_aes_xts_gc_xts(%rip), %xmm12
+ vmovdqu (%r12), %xmm0
+ # aes_enc_block
+ vpxor (%r9), %xmm0, %xmm0
+ vmovdqu 16(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 32(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 48(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 64(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 80(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 96(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 112(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 128(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 144(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ cmpl $11, %r10d
+ vmovdqu 160(%r9), %xmm5
+ jl L_AES_XTS_encrypt_avx1_tweak_aes_enc_block_last
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 176(%r9), %xmm6
+ vaesenc %xmm6, %xmm0, %xmm0
+ cmpl $13, %r10d
+ vmovdqu 192(%r9), %xmm5
+ jl L_AES_XTS_encrypt_avx1_tweak_aes_enc_block_last
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 208(%r9), %xmm6
+ vaesenc %xmm6, %xmm0, %xmm0
+ vmovdqu 224(%r9), %xmm5
+L_AES_XTS_encrypt_avx1_tweak_aes_enc_block_last:
+ vaesenclast %xmm5, %xmm0, %xmm0
+ xorl %r13d, %r13d
+ cmpl $0x40, %eax
+ movl %eax, %r11d
+ jl L_AES_XTS_encrypt_avx1_done_64
+ andl $0xffffffc0, %r11d
+L_AES_XTS_encrypt_avx1_enc_64:
+ # 64 bytes of input
+ # aes_enc_64
+ leaq (%rdi,%r13,1), %rcx
+ leaq (%rsi,%r13,1), %rdx
+ vmovdqu (%rcx), %xmm8
+ vmovdqu 16(%rcx), %xmm9
+ vmovdqu 32(%rcx), %xmm10
+ vmovdqu 48(%rcx), %xmm11
+ vpsrad $31, %xmm0, %xmm4
+ vpslld $0x01, %xmm0, %xmm1
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm1, %xmm1
+ vpsrad $31, %xmm1, %xmm4
+ vpslld $0x01, %xmm1, %xmm2
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm2, %xmm2
+ vpsrad $31, %xmm2, %xmm4
+ vpslld $0x01, %xmm2, %xmm3
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm3, %xmm3
+ vpxor %xmm0, %xmm8, %xmm8
+ vpxor %xmm1, %xmm9, %xmm9
+ vpxor %xmm2, %xmm10, %xmm10
+ vpxor %xmm3, %xmm11, %xmm11
+ # aes_enc_block
+ vmovdqu (%r8), %xmm4
+ vpxor %xmm4, %xmm8, %xmm8
+ vpxor %xmm4, %xmm9, %xmm9
+ vpxor %xmm4, %xmm10, %xmm10
+ vpxor %xmm4, %xmm11, %xmm11
+ vmovdqu 16(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 32(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 48(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 64(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 80(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 96(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 112(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 128(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 144(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm4
+ jl L_AES_XTS_encrypt_avx1_aes_enc_64_aes_enc_block_last
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 176(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm4
+ jl L_AES_XTS_encrypt_avx1_aes_enc_64_aes_enc_block_last
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 208(%r8), %xmm4
+ vaesenc %xmm4, %xmm8, %xmm8
+ vaesenc %xmm4, %xmm9, %xmm9
+ vaesenc %xmm4, %xmm10, %xmm10
+ vaesenc %xmm4, %xmm11, %xmm11
+ vmovdqu 224(%r8), %xmm4
+L_AES_XTS_encrypt_avx1_aes_enc_64_aes_enc_block_last:
+ vaesenclast %xmm4, %xmm8, %xmm8
+ vaesenclast %xmm4, %xmm9, %xmm9
+ vaesenclast %xmm4, %xmm10, %xmm10
+ vaesenclast %xmm4, %xmm11, %xmm11
+ vpxor %xmm0, %xmm8, %xmm8
+ vpxor %xmm1, %xmm9, %xmm9
+ vpxor %xmm2, %xmm10, %xmm10
+ vpxor %xmm3, %xmm11, %xmm11
+ vmovdqu %xmm8, (%rdx)
+ vmovdqu %xmm9, 16(%rdx)
+ vmovdqu %xmm10, 32(%rdx)
+ vmovdqu %xmm11, 48(%rdx)
+ vpsrad $31, %xmm3, %xmm4
+ vpslld $0x01, %xmm3, %xmm0
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm0, %xmm0
+ addl $0x40, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_encrypt_avx1_enc_64
+L_AES_XTS_encrypt_avx1_done_64:
+ cmpl %eax, %r13d
+ movl %eax, %r11d
+ je L_AES_XTS_encrypt_avx1_done_enc
+ subl %r13d, %r11d
+ cmpl $16, %r11d
+ movl %eax, %r11d
+ jl L_AES_XTS_encrypt_avx1_last_15
+ andl $0xfffffff0, %r11d
+ # 16 bytes of input
+L_AES_XTS_encrypt_avx1_enc_16:
+ leaq (%rdi,%r13,1), %rcx
+ vmovdqu (%rcx), %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ # aes_enc_block
+ vpxor (%r8), %xmm8, %xmm8
+ vmovdqu 16(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 32(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 48(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 64(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 80(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 96(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 112(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 128(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 144(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm5
+ jl L_AES_XTS_encrypt_avx1_aes_enc_block_last
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 176(%r8), %xmm6
+ vaesenc %xmm6, %xmm8, %xmm8
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm5
+ jl L_AES_XTS_encrypt_avx1_aes_enc_block_last
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 208(%r8), %xmm6
+ vaesenc %xmm6, %xmm8, %xmm8
+ vmovdqu 224(%r8), %xmm5
+L_AES_XTS_encrypt_avx1_aes_enc_block_last:
+ vaesenclast %xmm5, %xmm8, %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ leaq (%rsi,%r13,1), %rcx
+ vmovdqu %xmm8, (%rcx)
+ vpsrad $31, %xmm0, %xmm4
+ vpslld $0x01, %xmm0, %xmm0
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm0, %xmm0
+ addl $16, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_encrypt_avx1_enc_16
+ cmpl %eax, %r13d
+ je L_AES_XTS_encrypt_avx1_done_enc
+L_AES_XTS_encrypt_avx1_last_15:
+ subq $16, %r13
+ leaq (%rsi,%r13,1), %rcx
+ vmovdqu (%rcx), %xmm8
+ addq $16, %r13
+ vmovdqu %xmm8, (%rsp)
+ xorq %rdx, %rdx
+L_AES_XTS_encrypt_avx1_last_15_byte_loop:
+ movb (%rsp,%rdx,1), %r11b
+ movb (%rdi,%r13,1), %cl
+ movb %r11b, (%rsi,%r13,1)
+ movb %cl, (%rsp,%rdx,1)
+ incl %r13d
+ incl %edx
+ cmpl %eax, %r13d
+ jl L_AES_XTS_encrypt_avx1_last_15_byte_loop
+ subq %rdx, %r13
+ vmovdqu (%rsp), %xmm8
+ subq $16, %r13
+ vpxor %xmm0, %xmm8, %xmm8
+ # aes_enc_block
+ vpxor (%r8), %xmm8, %xmm8
+ vmovdqu 16(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 32(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 48(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 64(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 80(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 96(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 112(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 128(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 144(%r8), %xmm5
+ vaesenc %xmm5, %xmm8, %xmm8
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm5
+ jl L_AES_XTS_encrypt_avx1_last_15_aes_enc_block_last
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 176(%r8), %xmm6
+ vaesenc %xmm6, %xmm8, %xmm8
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm5
+ jl L_AES_XTS_encrypt_avx1_last_15_aes_enc_block_last
+ vaesenc %xmm5, %xmm8, %xmm8
+ vmovdqu 208(%r8), %xmm6
+ vaesenc %xmm6, %xmm8, %xmm8
+ vmovdqu 224(%r8), %xmm5
+L_AES_XTS_encrypt_avx1_last_15_aes_enc_block_last:
+ vaesenclast %xmm5, %xmm8, %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ leaq (%rsi,%r13,1), %rcx
+ vmovdqu %xmm8, (%rcx)
+L_AES_XTS_encrypt_avx1_done_enc:
+ vzeroupper
+ addq $0x40, %rsp
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size AES_XTS_encrypt_avx1,.-AES_XTS_encrypt_avx1
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl AES_XTS_decrypt_avx1
+.type AES_XTS_decrypt_avx1,@function
+.align 16
+AES_XTS_decrypt_avx1:
+#else
+.section __TEXT,__text
+.globl _AES_XTS_decrypt_avx1
+.p2align 4
+_AES_XTS_decrypt_avx1:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ movq %rdx, %rax
+ movq %rcx, %r12
+ movl 24(%rsp), %r10d
+ subq $16, %rsp
+ vmovdqu L_avx1_aes_xts_gc_xts(%rip), %xmm12
+ vmovdqu (%r12), %xmm0
+ # aes_enc_block
+ vpxor (%r9), %xmm0, %xmm0
+ vmovdqu 16(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 32(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 48(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 64(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 80(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 96(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 112(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 128(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 144(%r9), %xmm5
+ vaesenc %xmm5, %xmm0, %xmm0
+ cmpl $11, %r10d
+ vmovdqu 160(%r9), %xmm5
+ jl L_AES_XTS_decrypt_avx1_tweak_aes_enc_block_last
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 176(%r9), %xmm6
+ vaesenc %xmm6, %xmm0, %xmm0
+ cmpl $13, %r10d
+ vmovdqu 192(%r9), %xmm5
+ jl L_AES_XTS_decrypt_avx1_tweak_aes_enc_block_last
+ vaesenc %xmm5, %xmm0, %xmm0
+ vmovdqu 208(%r9), %xmm6
+ vaesenc %xmm6, %xmm0, %xmm0
+ vmovdqu 224(%r9), %xmm5
+L_AES_XTS_decrypt_avx1_tweak_aes_enc_block_last:
+ vaesenclast %xmm5, %xmm0, %xmm0
+ xorl %r13d, %r13d
+ movl %eax, %r11d
+ andl $0xfffffff0, %r11d
+ cmpl %eax, %r11d
+ je L_AES_XTS_decrypt_avx1_mul16_64
+ subl $16, %r11d
+ cmpl $16, %r11d
+ jl L_AES_XTS_decrypt_avx1_last_31_start
+L_AES_XTS_decrypt_avx1_mul16_64:
+ cmpl $0x40, %r11d
+ jl L_AES_XTS_decrypt_avx1_done_64
+ andl $0xffffffc0, %r11d
+L_AES_XTS_decrypt_avx1_dec_64:
+ # 64 bytes of input
+ # aes_dec_64
+ leaq (%rdi,%r13,1), %rcx
+ leaq (%rsi,%r13,1), %rdx
+ vmovdqu (%rcx), %xmm8
+ vmovdqu 16(%rcx), %xmm9
+ vmovdqu 32(%rcx), %xmm10
+ vmovdqu 48(%rcx), %xmm11
+ vpsrad $31, %xmm0, %xmm4
+ vpslld $0x01, %xmm0, %xmm1
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm1, %xmm1
+ vpsrad $31, %xmm1, %xmm4
+ vpslld $0x01, %xmm1, %xmm2
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm2, %xmm2
+ vpsrad $31, %xmm2, %xmm4
+ vpslld $0x01, %xmm2, %xmm3
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm3, %xmm3
+ vpxor %xmm0, %xmm8, %xmm8
+ vpxor %xmm1, %xmm9, %xmm9
+ vpxor %xmm2, %xmm10, %xmm10
+ vpxor %xmm3, %xmm11, %xmm11
+ # aes_dec_block
+ vmovdqu (%r8), %xmm4
+ vpxor %xmm4, %xmm8, %xmm8
+ vpxor %xmm4, %xmm9, %xmm9
+ vpxor %xmm4, %xmm10, %xmm10
+ vpxor %xmm4, %xmm11, %xmm11
+ vmovdqu 16(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 32(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 48(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 64(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 80(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 96(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 112(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 128(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 144(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm4
+ jl L_AES_XTS_decrypt_avx1_aes_dec_64_aes_dec_block_last
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 176(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm4
+ jl L_AES_XTS_decrypt_avx1_aes_dec_64_aes_dec_block_last
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 208(%r8), %xmm4
+ vaesdec %xmm4, %xmm8, %xmm8
+ vaesdec %xmm4, %xmm9, %xmm9
+ vaesdec %xmm4, %xmm10, %xmm10
+ vaesdec %xmm4, %xmm11, %xmm11
+ vmovdqu 224(%r8), %xmm4
+L_AES_XTS_decrypt_avx1_aes_dec_64_aes_dec_block_last:
+ vaesdeclast %xmm4, %xmm8, %xmm8
+ vaesdeclast %xmm4, %xmm9, %xmm9
+ vaesdeclast %xmm4, %xmm10, %xmm10
+ vaesdeclast %xmm4, %xmm11, %xmm11
+ vpxor %xmm0, %xmm8, %xmm8
+ vpxor %xmm1, %xmm9, %xmm9
+ vpxor %xmm2, %xmm10, %xmm10
+ vpxor %xmm3, %xmm11, %xmm11
+ vmovdqu %xmm8, (%rdx)
+ vmovdqu %xmm9, 16(%rdx)
+ vmovdqu %xmm10, 32(%rdx)
+ vmovdqu %xmm11, 48(%rdx)
+ vpsrad $31, %xmm3, %xmm4
+ vpslld $0x01, %xmm3, %xmm0
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm0, %xmm0
+ addl $0x40, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_decrypt_avx1_dec_64
+L_AES_XTS_decrypt_avx1_done_64:
+ cmpl %eax, %r13d
+ movl %eax, %r11d
+ je L_AES_XTS_decrypt_avx1_done_dec
+ andl $0xfffffff0, %r11d
+ cmpl %eax, %r11d
+ je L_AES_XTS_decrypt_avx1_mul16
+ subl $16, %r11d
+ subl %r13d, %r11d
+ cmpl $16, %r11d
+ jl L_AES_XTS_decrypt_avx1_last_31_start
+ addl %r13d, %r11d
+L_AES_XTS_decrypt_avx1_mul16:
+L_AES_XTS_decrypt_avx1_dec_16:
+ # 16 bytes of input
+ leaq (%rdi,%r13,1), %rcx
+ vmovdqu (%rcx), %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ # aes_dec_block
+ vpxor (%r8), %xmm8, %xmm8
+ vmovdqu 16(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 32(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 48(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 64(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 80(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 96(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 112(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 128(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 144(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm5
+ jl L_AES_XTS_decrypt_avx1_aes_dec_block_last
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 176(%r8), %xmm6
+ vaesdec %xmm6, %xmm8, %xmm8
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm5
+ jl L_AES_XTS_decrypt_avx1_aes_dec_block_last
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 208(%r8), %xmm6
+ vaesdec %xmm6, %xmm8, %xmm8
+ vmovdqu 224(%r8), %xmm5
+L_AES_XTS_decrypt_avx1_aes_dec_block_last:
+ vaesdeclast %xmm5, %xmm8, %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ leaq (%rsi,%r13,1), %rcx
+ vmovdqu %xmm8, (%rcx)
+ vpsrad $31, %xmm0, %xmm4
+ vpslld $0x01, %xmm0, %xmm0
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm0, %xmm0
+ addl $16, %r13d
+ cmpl %r11d, %r13d
+ jl L_AES_XTS_decrypt_avx1_dec_16
+ cmpl %eax, %r13d
+ je L_AES_XTS_decrypt_avx1_done_dec
+L_AES_XTS_decrypt_avx1_last_31_start:
+ vpsrad $31, %xmm0, %xmm4
+ vpslld $0x01, %xmm0, %xmm7
+ vpshufd $0x93, %xmm4, %xmm4
+ vpand %xmm12, %xmm4, %xmm4
+ vpxor %xmm4, %xmm7, %xmm7
+ leaq (%rdi,%r13,1), %rcx
+ vmovdqu (%rcx), %xmm8
+ vpxor %xmm7, %xmm8, %xmm8
+ # aes_dec_block
+ vpxor (%r8), %xmm8, %xmm8
+ vmovdqu 16(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 32(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 48(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 64(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 80(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 96(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 112(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 128(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 144(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm5
+ jl L_AES_XTS_decrypt_avx1_last_31_aes_dec_block_last
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 176(%r8), %xmm6
+ vaesdec %xmm6, %xmm8, %xmm8
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm5
+ jl L_AES_XTS_decrypt_avx1_last_31_aes_dec_block_last
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 208(%r8), %xmm6
+ vaesdec %xmm6, %xmm8, %xmm8
+ vmovdqu 224(%r8), %xmm5
+L_AES_XTS_decrypt_avx1_last_31_aes_dec_block_last:
+ vaesdeclast %xmm5, %xmm8, %xmm8
+ vpxor %xmm7, %xmm8, %xmm8
+ vmovdqu %xmm8, (%rsp)
+ addq $16, %r13
+ xorq %rdx, %rdx
+L_AES_XTS_decrypt_avx1_last_31_byte_loop:
+ movb (%rsp,%rdx,1), %r11b
+ movb (%rdi,%r13,1), %cl
+ movb %r11b, (%rsi,%r13,1)
+ movb %cl, (%rsp,%rdx,1)
+ incl %r13d
+ incl %edx
+ cmpl %eax, %r13d
+ jl L_AES_XTS_decrypt_avx1_last_31_byte_loop
+ subq %rdx, %r13
+ vmovdqu (%rsp), %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ # aes_dec_block
+ vpxor (%r8), %xmm8, %xmm8
+ vmovdqu 16(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 32(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 48(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 64(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 80(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 96(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 112(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 128(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 144(%r8), %xmm5
+ vaesdec %xmm5, %xmm8, %xmm8
+ cmpl $11, %r10d
+ vmovdqu 160(%r8), %xmm5
+ jl L_AES_XTS_decrypt_avx1_last_31_2_aes_dec_block_last
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 176(%r8), %xmm6
+ vaesdec %xmm6, %xmm8, %xmm8
+ cmpl $13, %r10d
+ vmovdqu 192(%r8), %xmm5
+ jl L_AES_XTS_decrypt_avx1_last_31_2_aes_dec_block_last
+ vaesdec %xmm5, %xmm8, %xmm8
+ vmovdqu 208(%r8), %xmm6
+ vaesdec %xmm6, %xmm8, %xmm8
+ vmovdqu 224(%r8), %xmm5
+L_AES_XTS_decrypt_avx1_last_31_2_aes_dec_block_last:
+ vaesdeclast %xmm5, %xmm8, %xmm8
+ vpxor %xmm0, %xmm8, %xmm8
+ subq $16, %r13
+ leaq (%rsi,%r13,1), %rcx
+ vmovdqu %xmm8, (%rcx)
+L_AES_XTS_decrypt_avx1_done_dec:
+ vzeroupper
+ addq $16, %rsp
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size AES_XTS_decrypt_avx1,.-AES_XTS_decrypt_avx1
+#endif /* __APPLE__ */
+#endif /* HAVE_INTEL_AVX1 */
+#endif /* WOLFSSL_X86_64_BUILD */
+#endif /* WOLFSSL_AES_XTS */
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c
index ea2b4e6d..c735ebfe 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c
@@ -118,7 +118,7 @@ WC_INLINE static int set_cpuid_flags(void) {
if(IS_INTEL_BMI2 && IS_INTEL_ADX){ func; ret ; }
#else
- #define IF_HAVE_INTEL_MULX(func, ret)
+ #define IF_HAVE_INTEL_MULX(func, ret) WC_DO_NOTHING
#endif
#if defined(TFM_X86) && !defined(TFM_SSE2)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c b/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c
index 3e00b133..6147dea8 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c
@@ -63,13 +63,15 @@ ASN Options:
does not perform a PKI validation, so it is not a secure solution.
Only enabled for OCSP.
* WOLFSSL_NO_OCSP_ISSUER_CHECK: Can be defined for backwards compatibility to
- disable checking of OCSP subject hash with issuer hash.
+ disable checking of https://www.rfc-editor.org/rfc/rfc6960#section-4.2.2.2.
* WOLFSSL_SMALL_CERT_VERIFY: Verify the certificate signature without using
DecodedCert. Doubles up on some code but allows smaller dynamic memory
usage.
* WOLFSSL_NO_OCSP_DATE_CHECK: Disable date checks for OCSP responses. This
may be required when the system's real-time clock is not very accurate.
It is recommended to enforce the nonce check instead if possible.
+ * WOLFSSL_NO_CRL_DATE_CHECK: Disable date checks for CRL's.
+ * WOLFSSL_NO_CRL_NEXT_DATE: Do not fail if CRL next date is missing
* WOLFSSL_FORCE_OCSP_NONCE_CHECK: Require nonces to be available in OCSP
responses. The nonces are optional and may not be supported by all
responders. If it can be ensured that the used responder sends nonces this
@@ -94,6 +96,9 @@ ASN Options:
cost of taking up more memory. Adds initials, givenname, dnQualifer for
example.
* WC_ASN_HASH_SHA256: Force use of SHA2-256 for the internal hash ID calcs.
+ * WOLFSSL_ALLOW_ENCODING_CA_FALSE: Allow encoding BasicConstraints CA:FALSE
+ * which is discouraged by X.690 specification - default values shall not
+ * be encoded.
*/
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -142,6 +147,10 @@ ASN Options:
#include <wolfssl/wolfcrypt/ecc.h>
#endif
+#ifdef WOLFSSL_SM2
+ #include <wolfssl/wolfcrypt/sm2.h>
+#endif
+
#ifdef HAVE_ED25519
#include <wolfssl/wolfcrypt/ed25519.h>
#endif
@@ -172,7 +181,7 @@ ASN Options:
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
#endif
@@ -186,8 +195,11 @@ ASN Options:
#include <wolfssl/wolfcrypt/cryptocb.h>
#endif
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#ifndef WOLFCRYPT_ONLY
#include <wolfssl/internal.h>
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
#include <wolfssl/openssl/objects.h>
#endif
@@ -304,15 +316,13 @@ static const char* TagString(byte tag)
/* Calculates the minimum number of bytes required to encode the value.
*
- * Only support up to 2^24-1.
- *
* @param [in] value Value to be encoded.
* @return Number of bytes to encode value.
*/
static word32 BytePrecision(word32 value)
{
word32 i;
- for (i = (word32)sizeof(value) - 1; i; --i)
+ for (i = (word32)sizeof(value); i; --i)
if (value >> ((i - 1) * WOLFSSL_BIT_SIZE))
break;
@@ -502,7 +512,7 @@ static word32 SizeASNLength(word32 length)
* @param [in, out] err Error variable.
* @param [in] heap Dynamic memory allocation hint.
*/
- #define ALLOC_ASNGETDATA(name, cnt, err, heap)
+ #define ALLOC_ASNGETDATA(name, cnt, err, heap) WC_DO_NOTHING
/* Clears the memory of the dynamic BER encoding data.
*
@@ -519,7 +529,7 @@ static word32 SizeASNLength(word32 length)
* @param [in] name Variable name to declare.
* @param [in] heap Dynamic memory allocation hint.
*/
- #define FREE_ASNGETDATA(name, heap)
+ #define FREE_ASNGETDATA(name, heap) WC_DO_NOTHING
/* Declare the variable that is the dynamic data for encoding DER data.
*
@@ -536,7 +546,7 @@ static word32 SizeASNLength(word32 length)
* @param [in, out] err Error variable.
* @param [in] heap Dynamic memory allocation hint.
*/
- #define ALLOC_ASNSETDATA(name, cnt, err, heap)
+ #define ALLOC_ASNSETDATA(name, cnt, err, heap) WC_DO_NOTHING
/* Clears the memory of the dynamic BER encoding data.
*
@@ -553,7 +563,7 @@ static word32 SizeASNLength(word32 length)
* @param [in] name Variable name to declare.
* @param [in] heap Dynamic memory allocation hint.
*/
- #define FREE_ASNSETDATA(name, heap)
+ #define FREE_ASNSETDATA(name, heap) WC_DO_NOTHING
#endif
@@ -588,7 +598,7 @@ static word32 SizeASNLength(word32 length)
* @param [in] data_a Data to place in each item. Lengths set were not known.
* @param [in] i Index of item to check.
* @return 1 when ASN.1 item is an integer and MSB is 1.
- * @erturn 0 otherwise.
+ * @return 0 otherwise.
*/
#define ASNIntMSBSet(asn, data_a, i) \
(((asn)[i].tag == ASN_INTEGER) && \
@@ -632,13 +642,13 @@ static word32 SizeASN_Num(word32 n, int bits, byte tag)
* @param [in] idx Index of item working on.
*/
static void SizeASN_CalcDataLength(const ASNItem* asn, ASNSetData *data,
- int idx, int max)
+ int idx, int maxIdx)
{
int j;
data[idx].data.buffer.length = 0;
/* Sum the item length of all items underneath. */
- for (j = idx + 1; j < max; j++) {
+ for (j = idx + 1; j < maxIdx; j++) {
/* Stop looking if the next ASN.1 is same level or higher. */
if (asn[j].depth <= asn[idx].depth)
break;
@@ -1771,7 +1781,7 @@ static int GetASN_ItemsDebug(const char* name, const ASNItem* asn,
* @param [in, out] inOutIdx On in, index to start decoding from.
* On out, index of next encoded byte.
* @param [out] len Length of data under SEQUENCE.
- * @param [in] maxIdx Maximim index of data. Index of byte after SEQ.
+ * @param [in] maxIdx Maximum index of data. Index of byte after SEQ.
* @param [in] complete All data used with SEQUENCE and data under.
* @return 0 on success.
* @return BUFFER_E when not enough data to complete decode.
@@ -2541,7 +2551,6 @@ int GetOctetString(const byte* input, word32* inOutIdx, int* len, word32 maxIdx)
return GetASNHeader(input, ASN_OCTET_STRING, inOutIdx, len, maxIdx);
}
-#ifndef WOLFSSL_ASN_TEMPLATE
/* Get the DER/BER encoding of an ASN.1 INTEGER header.
*
* Removes the leading zero byte when found.
@@ -2555,7 +2564,7 @@ int GetOctetString(const byte* input, word32* inOutIdx, int* len, word32 maxIdx)
* or invalid use of or missing leading zero.
* Otherwise, 0 to indicate success.
*/
-static int GetASNInt(const byte* input, word32* inOutIdx, int* len,
+int GetASNInt(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx)
{
int ret;
@@ -2591,6 +2600,7 @@ static int GetASNInt(const byte* input, word32* inOutIdx, int* len,
return 0;
}
+#ifndef WOLFSSL_ASN_TEMPLATE
#ifndef NO_CERTS
/* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than
* 7 bits.
@@ -2621,6 +2631,7 @@ static int GetInteger7Bit(const byte* input, word32* inOutIdx, word32 maxIdx)
*inOutIdx = idx;
return b;
}
+#endif /* !NO_CERTS */
#if defined(WC_RSA_PSS) && !defined(NO_RSA)
/* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than
@@ -2668,7 +2679,6 @@ static int GetInteger16Bit(const byte* input, word32* inOutIdx, word32 maxIdx)
return n;
}
#endif /* WC_RSA_PSS && !NO_RSA */
-#endif /* !NO_CERTS */
#endif /* !WOLFSSL_ASN_TEMPLATE */
#if !defined(NO_DSA) && !defined(NO_SHA)
@@ -2893,7 +2903,7 @@ int SetASNInt(int len, byte firstByte, byte* output)
}
/* Encode length - passing NULL for output will not encode. */
idx += (int)SetLength((word32)len, output ? output + idx : NULL);
- /* Put out pre-pended 0 as well. */
+ /* Put out prepended 0 as well. */
if (firstByte & 0x80) {
if (output) {
/* Write out 0 byte. */
@@ -3127,51 +3137,40 @@ int GetShortInt(const byte* input, word32* inOutIdx, int* number, word32 maxIdx)
defined(HAVE_PKCS12)
/* Set small integer, 32 bits or less. DER encoding with no leading 0s
* returns total amount written including ASN tag and length byte on success */
-int SetShortInt(byte* input, word32* inOutIdx, word32 number, word32 maxIdx)
+int SetShortInt(byte* output, word32* inOutIdx, word32 number, word32 maxIdx)
{
word32 idx = *inOutIdx;
- int len = 0;
+ word32 len;
int i;
- byte ar[MAX_LENGTH_SZ];
- /* check for room for type and length bytes */
- if ((idx + 2) > maxIdx)
+ if (number == 0)
+ len = 1;
+ else
+ len = BytePrecision(number);
+
+ /* check for room for type and length bytes. */
+ if ((idx + 2 + len) > maxIdx)
return BUFFER_E;
- input[idx++] = ASN_INTEGER;
- idx++; /* place holder for length byte */
- if (MAX_LENGTH_SZ + idx > maxIdx)
+ /* check that MAX_SHORT_SZ allows this size of ShortInt. */
+ if (2 + len > MAX_SHORT_SZ)
return ASN_PARSE_E;
- /* find first non zero byte */
- XMEMSET(ar, 0, MAX_LENGTH_SZ);
- c32toa(number, ar);
- for (i = 0; i < MAX_LENGTH_SZ; i++) {
- if (ar[i] != 0) {
- break;
- }
- }
+ output[idx++] = ASN_INTEGER;
+ output[idx++] = (byte)len;
- /* handle case of 0 */
- if (i == MAX_LENGTH_SZ) {
- input[idx++] = 0; len++;
- }
+ for (i = (int)len - 1; i >= 0; --i)
+ output[idx++] = (byte)(number >> (i * WOLFSSL_BIT_SIZE));
- for (; i < MAX_LENGTH_SZ && idx < maxIdx; i++) {
- input[idx++] = ar[i]; len++;
- }
-
- /* jump back to beginning of input buffer using unaltered inOutIdx value
- * and set number of bytes for integer, then update the index value */
- input[*inOutIdx + 1] = (byte)len;
+ len = idx - *inOutIdx;
*inOutIdx = idx;
- return len + 2; /* size of integer bytes plus ASN TAG and length byte */
+ return (int)len;
}
#endif /* !WOLFSSL_ASN_TEMPLATE || HAVE_PKCS8 || HAVE_PKCS12 */
#endif /* !NO_PWDBASED */
-#ifndef WOLFSSL_ASN_TEMPLATE
+#if !defined(WOLFSSL_ASN_TEMPLATE) && !defined(NO_CERTS)
/* May not have one, not an error */
static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version,
word32 maxIdx)
@@ -3276,8 +3275,21 @@ static int GetIntPositive(mp_int* mpi, const byte* input, word32* inOutIdx,
if (ret != 0)
return ret;
- if (((input[idx] & 0x80) == 0x80) && (input[idx - 1] != 0x00))
+ /* should not be hit but adding in an additional sanity check */
+ if (idx + length > maxIdx) {
return MP_INIT_E;
+ }
+
+ if ((input[idx] & 0x80) == 0x80) {
+ if (idx < 1) {
+ /* needs at least one byte for length value */
+ return MP_INIT_E;
+ }
+
+ if (input[idx - 1] != 0x00) {
+ return MP_INIT_E;
+ }
+ }
if (initNum) {
if (mp_init(mpi) != MP_OKAY)
@@ -4028,6 +4040,10 @@ static word32 SetBitString16Bit(word16 val, byte* output)
static const byte sigSha3_512wEcdsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 12};
#endif
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ /* 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75 */
+ static const byte sigSm3wSm2Oid[] = {42, 129, 28, 207, 85, 1, 131, 117};
+ #endif
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
static const byte sigEd25519Oid[] = {43, 101, 112};
@@ -4362,6 +4378,9 @@ static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1};
#if !defined(NO_DES3) && !defined(NO_SHA)
static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3};
#endif
+#if defined(WC_RC2) && !defined(NO_SHA)
+static const byte pbe40Rc2Cbc[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 6};
+#endif
#ifdef HAVE_LIBZ
/* zlib compression */
@@ -4643,6 +4662,12 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
break;
#endif
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case CTC_SM3wSM2:
+ oid = sigSm3wSm2Oid;
+ *oidSz = sizeof(sigSm3wSm2Oid);
+ break;
+ #endif
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
case CTC_ED25519:
@@ -5169,6 +5194,13 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
*oidSz = sizeof(pbeSha1Des3);
break;
#endif
+ #if !defined(NO_SHA) && defined(WC_RC2)
+ case PBE_SHA1_40RC2_CBC_SUM:
+ case PBE_SHA1_40RC2_CBC:
+ oid = pbe40Rc2Cbc;
+ *oidSz = sizeof(pbe40Rc2Cbc);
+ break;
+ #endif
case PBES2_SUM:
case PBES2:
oid = pbes2;
@@ -5438,13 +5470,18 @@ static int CheckCurve(word32 oid)
* @return BAD_FUNC_ARG when in or outSz is NULL.
* @return BUFFER_E when buffer too small.
*/
+int wc_EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
+{
+ return EncodeObjectId(in, inSz, out, outSz);
+}
+
int EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
{
int i, x, len;
word32 d, t;
/* check args */
- if (in == NULL || outSz == NULL) {
+ if (in == NULL || outSz == NULL || inSz <= 0) {
return BAD_FUNC_ARG;
}
@@ -5513,7 +5550,8 @@ int EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
}
#endif /* HAVE_OID_ENCODING */
-#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT)
+#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT) || \
+ defined(OPENSSL_ALL)
/* Encode dotted form of OID into byte array version.
*
* @param [in] in Byte array containing OID.
@@ -5560,7 +5598,7 @@ int DecodeObjectId(const byte* in, word32 inSz, word16* out, word32* outSz)
return 0;
}
-#endif /* HAVE_OID_DECODING */
+#endif /* HAVE_OID_DECODING || WOLFSSL_ASN_PRINT || OPENSSL_ALL */
/* Decode the header of a BER/DER encoded OBJECT ID.
*
@@ -5700,7 +5738,7 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
actualOidSz = (word32)length;
#endif /* NO_VERIFY_OID */
-#if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
+#if defined(HAVE_PQC) && defined(HAVE_LIBOQS) && defined(HAVE_SPHINCS)
/* Since we are summing it up, there could be collisions...and indeed there
* are: SPHINCS_FAST_LEVEL1 and SPHINCS_FAST_LEVEL3.
*
@@ -5709,7 +5747,8 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
*
* These hacks will hopefully disappear when new standardized OIDs appear.
*/
- if (memcmp(&input[idx], sigSphincsFast_Level3Oid,
+ if (idx + (word32)sizeof(sigSphincsFast_Level3Oid) < (word32)length &&
+ XMEMCMP(&input[idx], sigSphincsFast_Level3Oid,
sizeof(sigSphincsFast_Level3Oid)) == 0) {
found_collision = SPHINCS_FAST_LEVEL3k;
}
@@ -6032,6 +6071,7 @@ static int RsaPssHashOidToMgf1(word32 oid, int* mgf)
return ret;
}
+#ifndef NO_CERTS
/* Convert a hash OID to a fake signature OID.
*
* @param [in] oid Hash OID.
@@ -6079,6 +6119,7 @@ static int RsaPssHashOidToSigOid(word32 oid, word32* sigOid)
return ret;
}
+#endif
#ifdef WOLFSSL_ASN_TEMPLATE
/* ASN tag for hashAlgorigthm. */
@@ -6934,7 +6975,7 @@ int ToTraditional(byte* input, word32 sz)
#endif /* HAVE_PKCS8 || HAVE_PKCS12 */
-#if defined(HAVE_PKCS8) && !defined(NO_CERTS)
+#if defined(HAVE_PKCS8)
int wc_GetPkcs8TraditionalOffset(byte* input, word32* inOutIdx, word32 sz)
{
@@ -7067,10 +7108,11 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
SetASN_Int8Bit(&dataASN[PKCS8KEYASN_IDX_VER], PKCS8v0);
/* Set key OID that corresponds to key data. */
SetASN_OID(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_KEY], (word32)algoID,
- oidKeyType);
+ oidKeyType);
if (curveOID != NULL && oidSz > 0) {
/* ECC key and curveOID set to write. */
- SetASN_Buffer(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE], curveOID, oidSz);
+ SetASN_Buffer(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE],
+ curveOID, oidSz);
}
else {
/* EC curve OID to encode. */
@@ -7107,7 +7149,7 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
#endif /* WOLFSSL_ASN_TEMPLATE */
}
-#endif /* HAVE_PKCS8 && !NO_CERTS */
+#endif /* HAVE_PKCS8 */
#if defined(HAVE_PKCS12) || !defined(NO_CHECK_PRIVATE_KEY)
/* check that the private key is a pair for the public key
@@ -8159,6 +8201,14 @@ static int GetAlgoV2(int encAlgId, const byte** oid, int *len, int* id,
*blkSz = 8;
break;
#endif
+#if defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC)
+ case AES128CBCb:
+ *len = sizeof(blkAes128CbcOid);
+ *oid = blkAes128CbcOid;
+ *id = PBE_AES128_CBC;
+ *blkSz = 16;
+ break;
+#endif
#if defined(WOLFSSL_AES_256) && defined(HAVE_AES_CBC)
case AES256CBCb:
*len = sizeof(blkAes256CbcOid);
@@ -8228,7 +8278,7 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
padSz = (word32)((blockSz - ((int)keySz & (blockSz - 1))) &
(blockSz - 1));
/* inner = OCT salt INT itt */
- innerLen = 2 + saltSz + 2 + (itt < 256 ? 1 : 2);
+ innerLen = 2 + saltSz + 2 + ((itt < 256) ? 1 : ((itt < 65536) ? 2 : 3));
if (version != PKCS5v2) {
pbeOidBuf = OidFromId((word32)pbeId, oidPBEType, &pbeOidBufSz);
@@ -9078,7 +9128,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
DECL_ASNSETDATA(dataASN, p8EncPbes1ASN_Length);
int ret = 0;
int sz = 0;
- int version;
+ int version = 0;
int id = -1;
int blockSz = 0;
word32 pkcs8Sz = 0;
@@ -9181,7 +9231,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
#ifndef NO_RSA
#ifndef HAVE_USER_RSA
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
/* This function is to retrieve key position information in a cert.*
* The information will be used to call TSIP TLS-linked API for *
* certificate verification. */
@@ -9870,7 +9920,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
/* determine size */
if (exportPriv) {
- /* octect string: priv */
+ /* octet string: priv */
privSz = SetASNIntMP(&key->priv, -1, NULL);
if (privSz < 0)
return privSz;
@@ -9938,7 +9988,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
return ret;
idx += total;
- /* octect string: priv */
+ /* octet string: priv */
if (exportPriv) {
idx += (word32)SetOctetString((word32)privSz, output + idx);
idx += (word32)SetASNIntMP(&key->priv, -1, output + idx);
@@ -11072,6 +11122,7 @@ int wc_DsaKeyToParamsDer_ex(DsaKey* key, byte* output, word32* inLen)
#endif /* NO_DSA */
+#ifndef NO_CERTS
/* Initialize decoded certificate object with buffer of DER encoding.
*
* @param [in, out] cert Decoded certificate object.
@@ -11130,9 +11181,7 @@ void InitDecodedCert_ex(DecodedCert* cert,
#endif /* WOLFSSL_HAVE_ISSUER_NAMES */
#endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
- #ifndef NO_CERTS
InitSignatureCtx(&cert->sigCtx, heap, devId);
- #endif
}
}
@@ -11160,6 +11209,9 @@ void FreeAltNames(DNS_entry* altNames, void* heap)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
XFREE(altNames->ipString, heap, DYNAMIC_TYPE_ALTNAME);
#endif
+ #if defined(OPENSSL_ALL)
+ XFREE(altNames->ridString, heap, DYNAMIC_TYPE_ALTNAME);
+ #endif
XFREE(altNames, heap, DYNAMIC_TYPE_ALTNAME);
altNames = tmp;
}
@@ -11239,13 +11291,11 @@ void FreeDecodedCert(DecodedCert* cert)
if (cert->subjectName != NULL)
wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->subjectName);
#endif /* WOLFSSL_X509_NAME_AVAILABLE */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (cert->sce_tsip_encRsaKeyIdx != NULL)
XFREE(cert->sce_tsip_encRsaKeyIdx, cert->heap, DYNAMIC_TYPE_RSA);
#endif
-#ifndef NO_CERTS
FreeSignatureCtx(&cert->sigCtx);
-#endif
}
void wc_FreeDecodedCert(DecodedCert* cert)
@@ -11286,7 +11336,7 @@ static int GetCertHeader(DecodedCert* cert)
#if defined(HAVE_ED25519) || defined(HAVE_ED448) || (defined(HAVE_PQC) && \
defined(HAVE_LIBOQS))
-/* Store the key data under the BIT_STRING in dynamicly allocated data.
+/* Store the key data under the BIT_STRING in dynamically allocated data.
*
* @param [in, out] cert Certificate object.
* @param [in] source Buffer containing encoded key.
@@ -11304,8 +11354,8 @@ static int StoreKey(DecodedCert* cert, const byte* source, word32* srcIdx,
ret = CheckBitString(source, srcIdx, &length, maxIdx, 1, NULL);
if (ret == 0) {
#ifdef HAVE_OCSP
- ret = CalcHashId(source + *srcIdx, (word32)length,
- cert->subjectKeyHash);
+ ret = CalcHashId_ex(source + *srcIdx, (word32)length,
+ cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
}
if (ret == 0) {
#endif
@@ -11327,8 +11377,530 @@ static int StoreKey(DecodedCert* cert, const byte* source, word32* srcIdx,
return ret;
}
#endif /* HAVE_ED25519 || HAVE_ED448 */
+#endif
+
+#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
+
+static int SetCurve(ecc_key* key, byte* output, size_t outSz)
+{
+#ifdef HAVE_OID_ENCODING
+ int ret;
+#endif
+ int idx;
+ word32 oidSz = 0;
+
+ /* validate key */
+ if (key == NULL || key->dp == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#ifdef HAVE_OID_ENCODING
+ ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, NULL, &oidSz);
+ if (ret != 0) {
+ return ret;
+ }
+#else
+ oidSz = key->dp->oidSz;
+#endif
+
+ idx = SetObjectId((int)oidSz, output);
+
+ /* length only */
+ if (output == NULL) {
+ return idx + (int)oidSz;
+ }
+
+ /* verify output buffer has room */
+ if (oidSz > outSz)
+ return BUFFER_E;
+
+#ifdef HAVE_OID_ENCODING
+ ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, output+idx, &oidSz);
+ if (ret != 0) {
+ return ret;
+ }
+#else
+ XMEMCPY(output+idx, key->dp->oid, oidSz);
+#endif
+ idx += (int)oidSz;
+
+ return idx;
+}
+
+#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
+
+#ifdef HAVE_ECC
+#ifdef WOLFSSL_ASN_TEMPLATE
+/* ASN.1 template for ECC public key (SubjectPublicKeyInfo).
+ * RFC 5480, 2 - Subject Public Key Information Fields
+ * 2.1.1 - Unrestricted Algorithm Identifier and Parameters
+ * X9.62 ECC point format.
+ * See ASN.1 template 'eccSpecifiedASN' for specifiedCurve.
+ */
+static const ASNItem eccPublicKeyASN[] = {
+/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 },
+ /* AlgorithmIdentifier */
+/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 },
+ /* algorithm */
+/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 },
+ /* namedCurve */
+/* ALGOID_CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 2 },
+ /* specifiedCurve - explicit parameters */
+/* ALGOID_PARAMS */ { 2, ASN_SEQUENCE, 1, 0, 2 },
+ /* Public Key */
+/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 },
+};
+enum {
+ ECCPUBLICKEYASN_IDX_SEQ = 0,
+ ECCPUBLICKEYASN_IDX_ALGOID_SEQ,
+ ECCPUBLICKEYASN_IDX_ALGOID_OID,
+ ECCPUBLICKEYASN_IDX_ALGOID_CURVEID,
+ ECCPUBLICKEYASN_IDX_ALGOID_PARAMS,
+ ECCPUBLICKEYASN_IDX_PUBKEY
+};
+
+/* Number of items in ASN.1 template for ECC public key. */
+#define eccPublicKeyASN_Length (sizeof(eccPublicKeyASN) / sizeof(ASNItem))
+#endif /* WOLFSSL_ASN_TEMPLATE */
+#endif /* HAVE_ECC */
+
+#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
+
+/* Encode public ECC key in DER format.
+ *
+ * RFC 5480, 2 - Subject Public Key Information Fields
+ * 2.1.1 - Unrestricted Algorithm Identifier and Parameters
+ * X9.62 ECC point format.
+ * SEC 1 Ver. 2.0, C.2 - Syntax for Elliptic Curve Domain Parameters
+ *
+ * @param [out] output Buffer to put encoded data in.
+ * @param [in] key ECC key object.
+ * @param [in] outLen Size of buffer in bytes.
+ * @param [in] with_header Whether to use SubjectPublicKeyInfo format.
+ * @return Size of encoded data in bytes on success.
+ * @return BAD_FUNC_ARG when key or key's parameters is NULL.
+ * @return MEMORY_E when dynamic memory allocation failed.
+ */
+static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
+ int with_header, int comp)
+{
+#ifndef WOLFSSL_ASN_TEMPLATE
+ int ret;
+ word32 idx = 0, curveSz, algoSz, pubSz, bitStringSz;
+ byte bitString[1 + MAX_LENGTH_SZ + 1]; /* 6 */
+ byte algo[MAX_ALGO_SZ]; /* 20 */
+
+ /* public size */
+ pubSz = key->dp ? (word32)key->dp->size : MAX_ECC_BYTES;
+ if (comp)
+ pubSz = 1 + pubSz;
+ else
+ pubSz = 1 + 2 * pubSz;
+
+ /* check for buffer overflow */
+ if (output != NULL && pubSz > (word32)outLen) {
+ return BUFFER_E;
+ }
+
+ /* headers */
+ if (with_header) {
+ ret = SetCurve(key, NULL, 0);
+ if (ret <= 0) {
+ return ret;
+ }
+ curveSz = (word32)ret;
+ ret = 0;
+
+ /* calculate size */
+ algoSz = SetAlgoID(ECDSAk, algo, oidKeyType, (int)curveSz);
+ bitStringSz = SetBitString(pubSz, 0, bitString);
+ idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz, NULL);
+
+ /* check for buffer overflow */
+ if (output != NULL &&
+ curveSz + algoSz + bitStringSz + idx + pubSz > (word32)outLen) {
+ return BUFFER_E;
+ }
+
+ idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz,
+ output);
+ /* algo */
+ if (output)
+ XMEMCPY(output + idx, algo, algoSz);
+ idx += algoSz;
+ /* curve */
+ if (output)
+ (void)SetCurve(key, output + idx, curveSz);
+ idx += curveSz;
+ /* bit string */
+ if (output)
+ XMEMCPY(output + idx, bitString, bitStringSz);
+ idx += bitStringSz;
+ }
+
+ /* pub */
+ if (output) {
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_ecc_export_x963_ex(key, output + idx, &pubSz, comp);
+ PRIVATE_KEY_LOCK();
+ if (ret != 0) {
+ return ret;
+ }
+ }
+ idx += pubSz;
+
+ return (int)idx;
+#else
+ word32 pubSz = 0;
+ int sz = 0;
+ int ret = 0;
+ int curveIdSz = 0;
+ byte* curveOid = NULL;
+
+ /* Check key validity. */
+ if ((key == NULL) || (key->dp == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ if (ret == 0) {
+ /* Calculate the size of the encoded public point. */
+ PRIVATE_KEY_UNLOCK();
+ #if defined(HAVE_COMP_KEY) && defined(HAVE_FIPS) && \
+ defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2)
+ /* in earlier versions of FIPS the get length functionality is not
+ * available with compressed keys */
+ pubSz = key->dp ? key->dp->size : MAX_ECC_BYTES;
+ if (comp)
+ pubSz = 1 + pubSz;
+ else
+ pubSz = 1 + 2 * pubSz;
+ ret = LENGTH_ONLY_E;
+ #else
+ ret = wc_ecc_export_x963_ex(key, NULL, &pubSz, comp);
+ #endif
+ PRIVATE_KEY_LOCK();
+ /* LENGTH_ONLY_E on success. */
+ if (ret == LENGTH_ONLY_E) {
+ ret = 0;
+ }
+ }
+ if ((ret == 0) && with_header) {
+ /* Including SubjectPublicKeyInfo header. */
+ DECL_ASNSETDATA(dataASN, eccPublicKeyASN_Length);
+
+ CALLOC_ASNSETDATA(dataASN, eccPublicKeyASN_Length, ret, key->heap);
+
+ /* Get the length of the named curve OID to put into the encoding. */
+ curveIdSz = SetCurve(key, NULL, 0);
+ if (curveIdSz < 0) {
+ ret = curveIdSz;
+ }
+
+ if (ret == 0) {
+ /* Set the key type OID. */
+ SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk,
+ oidKeyType);
+ /* Set the curve OID. */
+ SetASN_ReplaceBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID],
+ NULL, (word32)curveIdSz);
+ /* Don't try to write out explicit parameters. */
+ dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1;
+ /* Set size of public point to ensure space is made for it. */
+ SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz);
+ /* Calculate size of ECC public key. */
+ ret = SizeASN_Items(eccPublicKeyASN, dataASN,
+ eccPublicKeyASN_Length, &sz);
+ }
+
+ /* Check buffer, if passed in, is big enough for encoded data. */
+ if ((ret == 0) && (output != NULL) && (sz > outLen)) {
+ ret = BUFFER_E;
+ }
+ if ((ret == 0) && (output != NULL)) {
+ /* Encode ECC public key. */
+ SetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length,
+ output);
+ /* Skip to where public point is to be encoded. */
+ output += sz - (int)pubSz;
+ /* Cache the location to place the name curve OID. */
+ curveOid = (byte*)
+ dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID].data.buffer.data;
+ }
+
+ FREE_ASNSETDATA(dataASN, key->heap);
+ }
+ else if ((ret == 0) && (output != NULL) && (pubSz > (word32)outLen)) {
+ ret = BUFFER_E;
+ }
+ else {
+ /* Total size is the public point size. */
+ sz = (int)pubSz;
+ }
+
+ if ((ret == 0) && (output != NULL)) {
+ /* Put named curve OID data into encoding. */
+ curveIdSz = SetCurve(key, curveOid, (size_t)curveIdSz);
+ if (curveIdSz < 0) {
+ ret = curveIdSz;
+ }
+ }
+ if ((ret == 0) && (output != NULL)) {
+ /* Encode public point. */
+ PRIVATE_KEY_UNLOCK();
+ ret = wc_ecc_export_x963_ex(key, output, &pubSz, comp);
+ PRIVATE_KEY_LOCK();
+ }
+ if (ret == 0) {
+ /* Return the size of the encoding. */
+ ret = sz;
+ }
+
+ return ret;
+#endif
+}
+
+
+/* Encode the public part of an ECC key in a DER.
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in] key ECC key object.
+ * @param [out] output Buffer to hold DER encoding.
+ * @param [in] inLen Size of buffer in bytes.
+ * @param [in] with_AlgCurve Whether to use SubjectPublicKeyInfo format.
+ * @return Size of encoded data in bytes on success.
+ * @return BAD_FUNC_ARG when key or key's parameters is NULL.
+ * @return MEMORY_E when dynamic memory allocation failed.
+ */
+WOLFSSL_ABI
+int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
+ int with_AlgCurve)
+{
+ return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, 0);
+}
+
+int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output, word32 inLen,
+ int with_AlgCurve, int comp)
+{
+ return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, comp);
+}
+
+int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve)
+{
+ return SetEccPublicKey(NULL, key, 0, with_AlgCurve, 0);
+}
+
+#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
+
+#ifdef WOLFSSL_ASN_TEMPLATE
+#if defined(WC_ENABLE_ASYM_KEY_EXPORT) || defined(WC_ENABLE_ASYM_KEY_IMPORT)
+/* ASN.1 template for Ed25519 and Ed448 public key (SubkectPublicKeyInfo).
+ * RFC 8410, 4 - Subject Public Key Fields
+ */
+static const ASNItem edPubKeyASN[] = {
+ /* SubjectPublicKeyInfo */
+/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 },
+ /* AlgorithmIdentifier */
+/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 },
+ /* Ed25519/Ed448 OID */
+/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 1 },
+ /* Public key stream */
+/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 },
+};
+enum {
+ EDPUBKEYASN_IDX_SEQ = 0,
+ EDPUBKEYASN_IDX_ALGOID_SEQ,
+ EDPUBKEYASN_IDX_ALGOID_OID,
+ EDPUBKEYASN_IDX_PUBKEY
+};
+
+/* Number of items in ASN.1 template for Ed25519 and Ed448 public key. */
+#define edPubKeyASN_Length (sizeof(edPubKeyASN) / sizeof(ASNItem))
+#endif /* WC_ENABLE_ASYM_KEY_EXPORT || WC_ENABLE_ASYM_KEY_IMPORT */
+#endif /* WOLFSSL_ASN_TEMPLATE */
+
+#ifdef WC_ENABLE_ASYM_KEY_EXPORT
+
+/* Build ASN.1 formatted public key based on RFC 8410
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in] pubKey public key buffer
+ * @param [in] pubKeyLen public key buffer length
+ * @param [out] output Buffer to put encoded data in (optional)
+ * @param [in] outLen Size of buffer in bytes
+ * @param [in] keyType is "enum Key_Sum" like ED25519k
+ * @param [in] withHeader Whether to include SubjectPublicKeyInfo around key.
+ * @return Size of encoded data in bytes on success
+ * @return BAD_FUNC_ARG when key is NULL.
+ * @return MEMORY_E when dynamic memory allocation failed.
+ */
+int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
+ byte* output, word32 outLen, int keyType, int withHeader)
+{
+ int ret = 0;
+#ifndef WOLFSSL_ASN_TEMPLATE
+ word32 idx = 0;
+ word32 seqDataSz = 0;
+ word32 sz;
+#else
+ int sz = 0;
+ DECL_ASNSETDATA(dataASN, edPubKeyASN_Length);
+#endif
+
+ if (pubKey == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#ifndef WOLFSSL_ASN_TEMPLATE
+ /* calculate size */
+ if (withHeader) {
+ word32 algoSz = SetAlgoID(keyType, NULL, oidKeyType, 0);
+ word32 bitStringSz = SetBitString(pubKeyLen, 0, NULL);
+
+ seqDataSz = algoSz + bitStringSz + pubKeyLen;
+ sz = SetSequence(seqDataSz, NULL) + seqDataSz;
+ }
+ else {
+ sz = pubKeyLen;
+ }
+
+ /* checkout output size */
+ if (output != NULL && sz > outLen) {
+ ret = BUFFER_E;
+ }
+
+ /* headers */
+ if (ret == 0 && output != NULL && withHeader) {
+ /* sequence */
+ idx = SetSequence(seqDataSz, output);
+ /* algo */
+ idx += SetAlgoID(keyType, output + idx, oidKeyType, 0);
+ /* bit string */
+ idx += SetBitString(pubKeyLen, 0, output + idx);
+ }
+
+ if (ret == 0 && output != NULL) {
+ /* pub */
+ XMEMCPY(output + idx, pubKey, pubKeyLen);
+ idx += pubKeyLen;
-#if !defined(NO_RSA)
+ sz = idx;
+ }
+
+ if (ret == 0) {
+ ret = (int)sz;
+ }
+#else
+ if (withHeader) {
+ CALLOC_ASNSETDATA(dataASN, edPubKeyASN_Length, ret, NULL);
+
+ if (ret == 0) {
+ /* Set the OID. */
+ SetASN_OID(&dataASN[EDPUBKEYASN_IDX_ALGOID_OID], (word32)keyType,
+ oidKeyType);
+ /* Leave space for public point. */
+ SetASN_Buffer(&dataASN[EDPUBKEYASN_IDX_PUBKEY], NULL, pubKeyLen);
+ /* Calculate size of public key encoding. */
+ ret = SizeASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, &sz);
+ }
+ if ((ret == 0) && (output != NULL) && (sz > (int)outLen)) {
+ ret = BUFFER_E;
+ }
+ if ((ret == 0) && (output != NULL)) {
+ /* Encode public key. */
+ SetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, output);
+ /* Set location to encode public point. */
+ output = (byte*)dataASN[EDPUBKEYASN_IDX_PUBKEY].data.buffer.data;
+ }
+
+ FREE_ASNSETDATA(dataASN, NULL);
+ }
+ else if ((output != NULL) && (pubKeyLen > outLen)) {
+ ret = BUFFER_E;
+ }
+ else if (ret == 0) {
+ sz = (int)pubKeyLen;
+ }
+
+ if ((ret == 0) && (output != NULL)) {
+ /* Put public key into space provided. */
+ XMEMCPY(output, pubKey, pubKeyLen);
+ }
+ if (ret == 0) {
+ ret = sz;
+ }
+#endif /* WOLFSSL_ASN_TEMPLATE */
+ return ret;
+}
+#endif /* WC_ENABLE_ASYM_KEY_EXPORT */
+
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+/* Encode the public part of an Ed25519 key in DER.
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in] key Ed25519 key object.
+ * @param [out] output Buffer to put encoded data in.
+ * @param [in] outLen Size of buffer in bytes.
+ * @param [in] withAlg Whether to use SubjectPublicKeyInfo format.
+ * @return Size of encoded data in bytes on success.
+ * @return BAD_FUNC_ARG when key is NULL.
+ * @return MEMORY_E when dynamic memory allocation failed.
+ */
+int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
+ int withAlg)
+{
+ int ret;
+ byte pubKey[ED25519_PUB_KEY_SIZE];
+ word32 pubKeyLen = (word32)sizeof(pubKey);
+
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ret = wc_ed25519_export_public(key, pubKey, &pubKeyLen);
+ if (ret == 0) {
+ ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
+ ED25519k, withAlg);
+ }
+ return ret;
+}
+#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT */
+
+#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
+/* Encode the public part of an Ed448 key in DER.
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in] key Ed448 key object.
+ * @param [out] output Buffer to put encoded data in.
+ * @param [in] outLen Size of buffer in bytes.
+ * @param [in] withAlg Whether to use SubjectPublicKeyInfo format.
+ * @return Size of encoded data in bytes on success.
+ * @return BAD_FUNC_ARG when key is NULL.
+ * @return MEMORY_E when dynamic memory allocation failed.
+ */
+int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
+ int withAlg)
+{
+ int ret;
+ byte pubKey[ED448_PUB_KEY_SIZE];
+ word32 pubKeyLen = (word32)sizeof(pubKey);
+
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ret = wc_ed448_export_public(key, pubKey, &pubKeyLen);
+ if (ret == 0) {
+ ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
+ ED448k, withAlg);
+ }
+ return ret;
+}
+#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */
+#if !defined(NO_RSA) && !defined(NO_CERTS)
#ifdef WOLFSSL_ASN_TEMPLATE
/* ASN.1 template for header before RSA key in certificate. */
static const ASNItem rsaCertKeyASN[] = {
@@ -11374,7 +11946,7 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
if (GetSequence(source, srcIdx, &length, pubIdx + (word32)pubLen) < 0)
return ASN_PARSE_E;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
cert->sigCtx.CertAtt.pubkey_n_start =
cert->sigCtx.CertAtt.pubkey_e_start = pubIdx;
#endif
@@ -11386,7 +11958,8 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
*srcIdx += (word32)length;
#ifdef HAVE_OCSP
- return CalcHashId(cert->publicKey, cert->pubKeySize, cert->subjectKeyHash);
+ return CalcHashId_ex(cert->publicKey, cert->pubKeySize,
+ cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
#else
return 0;
#endif
@@ -11409,24 +11982,24 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
cert->publicKeyIndex = dataASN[RSACERTKEYASN_IDX_SEQ].offset;
#endif
- #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
/* Start of SEQUENCE. */
cert->sigCtx.CertAtt.pubkey_n_start =
cert->sigCtx.CertAtt.pubkey_e_start = dataASN[RSACERTKEYASN_IDX_SEQ].offset;
#endif
#ifdef HAVE_OCSP
/* Calculate the hash of the public key for OCSP. */
- ret = CalcHashId(cert->publicKey, cert->pubKeySize,
- cert->subjectKeyHash);
+ ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize,
+ cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
#endif
}
return ret;
#endif /* WOLFSSL_ASN_TEMPLATE */
}
-#endif /* !NO_RSA */
+#endif /* !NO_RSA && !NO_CERTS */
-#ifdef HAVE_ECC
+#if defined(HAVE_ECC) && !defined(NO_CERTS)
#ifdef WOLFSSL_ASN_TEMPLATE
/* ASN.1 template for header before ECC key in certificate. */
@@ -11445,6 +12018,11 @@ enum {
/* Number of items in ASN.1 template for header before ECC key in cert. */
#define eccCertKeyASN_Length (sizeof(eccCertKeyASN) / sizeof(ASNItem))
+
+#ifdef WOLFSSL_CUSTOM_CURVES
+static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
+ ecc_key* key, void* heap, int* curveSz);
+#endif /* WOLFSSL_CUSTOM_CURVES */
#endif /* WOLFSSL_ASN_TEMPLATE */
/* Store public ECC key in certificate object.
@@ -11495,7 +12073,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
if ((ret = CheckCurve(cert->pkCurveOID)) < 0)
return ECC_CURVE_OID_E;
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
cert->sigCtx.CertAtt.curve_id = ret;
#else
(void)ret;
@@ -11504,7 +12082,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
ret = CheckBitString(source, srcIdx, &length, maxIdx, 1, NULL);
if (ret != 0)
return ret;
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
cert->sigCtx.CertAtt.pubkey_n_start =
cert->sigCtx.CertAtt.pubkey_e_start = (*srcIdx + 1);
cert->sigCtx.CertAtt.pubkey_n_len = ((length - 1) >> 1);
@@ -11518,8 +12096,8 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
#endif
#ifdef HAVE_OCSP
- ret = CalcHashId(source + *srcIdx, (word32)length,
- cert->subjectKeyHash);
+ ret = CalcHashId_ex(source + *srcIdx, (word32)length,
+ cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
if (ret != 0)
return ret;
#endif
@@ -11558,7 +12136,18 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
/* Store curve OID. */
cert->pkCurveOID = dataASN[ECCCERTKEYASN_IDX_OID].data.oid.sum;
}
- /* Ignore explicit parameters. */
+ else {
+ #ifdef WOLFSSL_CUSTOM_CURVES
+ /* Parse explicit parameters. */
+ ret = EccSpecifiedECDomainDecode(
+ dataASN[ECCCERTKEYASN_IDX_PARAMS].data.ref.data,
+ dataASN[ECCCERTKEYASN_IDX_PARAMS].data.ref.length, NULL,
+ NULL, &cert->pkCurveSize);
+ #else
+ /* Explicit parameters not supported in build configuration. */
+ ret = ASN_PARSE_E;
+ #endif
+ }
#ifdef WOLFSSL_MAXQ10XX_TLS
cert->publicKeyIndex =
@@ -11567,10 +12156,13 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
#endif
#ifdef HAVE_OCSP
- /* Calculate the hash of the subject public key for OCSP. */
- ret = CalcHashId(dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data,
- dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length,
- cert->subjectKeyHash);
+ if (ret == 0) {
+ /* Calculate the hash of the subject public key for OCSP. */
+ ret = CalcHashId_ex(
+ dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data,
+ dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length,
+ cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
+ }
}
if (ret == 0) {
#endif
@@ -11596,8 +12188,9 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
return ret;
#endif /* WOLFSSL_ASN_TEMPLATE */
}
-#endif /* HAVE_ECC */
+#endif /* HAVE_ECC && !NO_CERTS */
+#ifndef NO_CERTS
#if !defined(NO_DSA)
#ifdef WOLFSSL_ASN_TEMPLATE
/* ASN.1 template for DSA key in certificate.
@@ -11690,7 +12283,7 @@ static int ParseDsaKey(const byte* source, word32* srcIdx, word32 maxIdx,
* Stores the public key in fields of the certificate object.
* Validates the BER/DER items and does not store in a key object.
*
- * @param [in, out] cert Decoded certificate oject.
+ * @param [in, out] cert Decoded certificate object.
* @param [in] source BER/DER encoded SubjectPublicKeyInfo block.
* @param [in, out] inOutIdx On in, start of public key.
* On out, start of ASN.1 item after public key.
@@ -11713,7 +12306,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
int ret = 0;
int length;
- /* Validate paramaters. */
+ /* Validate parameters. */
if (source == NULL) {
return ASN_PARSE_E;
}
@@ -11795,6 +12388,9 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
break;
#endif /* NO_RSA */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2k:
+ #endif
case ECDSAk:
ret = StoreEccKey(cert, source, &srcIdx, maxIdx, source + pubIdx,
(word32)pubLen);
@@ -11883,6 +12479,31 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
/* Return error code. */
return ret;
}
+#endif
+
+/* Return the hash algorithm to use with the signature algorithm.
+ *
+ * @param [in] oidSum Signature id.
+ * @return Hash algorithm id.
+ */
+int HashIdAlg(word32 oidSum)
+{
+ (void)oidSum;
+
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (oidSum == CTC_SM3wSM2) {
+ return WC_SM3;
+ }
+ if (oidSum == SM2k) {
+ return WC_SM3;
+ }
+#endif
+#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
+ return WC_SHA256;
+#else
+ return WC_SHA;
+#endif
+}
/* Calculate hash of the id using the SHA-1 or SHA-256.
*
@@ -11894,18 +12515,55 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
*/
int CalcHashId(const byte* data, word32 len, byte* hash)
{
+ /* Use default hash algorithm. */
+ return CalcHashId_ex(data, len, hash,
+#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
+ WC_SHA256
+#else
+ WC_SHA
+#endif
+ );
+}
+
+/* Calculate hash of the id using the SHA-1 or SHA-256.
+ *
+ * @param [in] data Data to hash.
+ * @param [in] len Length of data to hash.
+ * @param [out] hash Buffer to hold hash.
+ * @return 0 on success.
+ * @return MEMORY_E when dynamic memory allocation fails.
+ */
+int CalcHashId_ex(const byte* data, word32 len, byte* hash, int hashAlg)
+{
int ret;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (hashAlg == WC_SM3) {
+ ret = wc_Sm3Hash(data, len, hash);
+ }
+ else
+#endif
#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
- ret = wc_Sha256Hash(data, len, hash);
+ if (hashAlg == WC_SHA256) {
+ ret = wc_Sha256Hash(data, len, hash);
+ }
+ else
#elif !defined(NO_SHA)
- ret = wc_ShaHash(data, len, hash);
+ if (hashAlg == WC_SHA) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ XMEMSET(hash + WC_SHA_DIGEST_SIZE, 0, KEYID_SIZE - WC_SHA_DIGEST_SIZE);
+ #endif
+ ret = wc_ShaHash(data, len, hash);
+ }
+ else
#else
- ret = NOT_COMPILED_IN;
(void)data;
(void)len;
(void)hash;
#endif
+ {
+ ret = NOT_COMPILED_IN;
+ }
return ret;
}
@@ -11921,16 +12579,24 @@ int CalcHashId(const byte* data, word32 len, byte* hash)
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
-static int GetHashId(const byte* id, int length, byte* hash)
+static int GetHashId(const byte* id, int length, byte* hash, int hashAlg)
{
int ret;
- if (length == KEYID_SIZE) {
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (length == wc_HashGetDigestSize(wc_HashTypeConvert(hashAlg)))
+#else
+ if (length == KEYID_SIZE)
+#endif
+ {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ XMEMSET(hash + length, 0, KEYID_SIZE - length);
+ #endif
XMEMCPY(hash, id, (size_t)length);
ret = 0;
}
else {
- ret = CalcHashId(id, (word32)length, hash);
+ ret = CalcHashId_ex(id, (word32)length, hash, hashAlg);
}
return ret;
@@ -12280,9 +12946,9 @@ static const byte rdnChoice[] = {
static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
{
int ret = 0;
- int nameSz;
+ size_t nameSz;
char tmpName[WOLFSSL_MAX_IPSTR] = {0};
- char* ip;
+ unsigned char* ip;
if (entry == NULL || entry->type != ASN_IP_TYPE) {
return BAD_FUNC_ARG;
@@ -12293,7 +12959,7 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
WOLFSSL_MSG("Unexpected IP size");
return BAD_FUNC_ARG;
}
- ip = entry->name;
+ ip = (unsigned char*)entry->name;
/* store IP addresses as a string */
if (entry->len == WOLFSSL_IP4_ADDR_LEN) {
@@ -12307,7 +12973,7 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
}
if (entry->len == WOLFSSL_IP6_ADDR_LEN) {
- int i;
+ size_t i;
for (i = 0; i < 8; i++) {
if (XSNPRINTF(tmpName + i * 5, sizeof(tmpName) - i * 5,
"%02X%02X%s", 0xFF & ip[2 * i], 0xFF & ip[2 * i + 1],
@@ -12320,8 +12986,9 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
}
}
- nameSz = (int)XSTRLEN(tmpName);
- entry->ipString = (char*)XMALLOC(nameSz + 1, heap, DYNAMIC_TYPE_ALTNAME);
+ nameSz = XSTRLEN(tmpName);
+ entry->ipString = (char*)XMALLOC(nameSz + 1, heap,
+ DYNAMIC_TYPE_ALTNAME);
if (entry->ipString == NULL) {
ret = MEMORY_E;
}
@@ -12337,6 +13004,91 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
}
#endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
+#if defined(OPENSSL_ALL)
+/* used to set the human readable string for the registeredID with an
+ * ASN_RID_TYPE DNS entry
+ * return 0 on success
+ */
+static int GenerateDNSEntryRIDString(DNS_entry* entry, void* heap)
+{
+ int i, j, ret = 0;
+ int nameSz = 0;
+ int nid = 0;
+ int tmpSize = MAX_OID_SZ;
+ word32 oid = 0;
+ word32 idx = 0;
+ word16 tmpName[MAX_OID_SZ];
+ char oidName[MAX_OID_SZ];
+ char* finalName;
+
+ if (entry == NULL || entry->type != ASN_RID_TYPE) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (entry->len <= 0) {
+ return BAD_FUNC_ARG;
+ }
+
+ XMEMSET(&oidName, 0, MAX_OID_SZ);
+
+ ret = GetOID((const byte*)entry->name, &idx, &oid, oidIgnoreType,
+ entry->len);
+
+ if (ret == 0 && (nid = oid2nid(oid, oidCsrAttrType)) > 0) {
+ /* OID has known string value */
+ finalName = (char*)wolfSSL_OBJ_nid2ln(nid);
+ }
+ else {
+ /* Decode OBJECT_ID into dotted form array. */
+ ret = DecodeObjectId((const byte*)(entry->name),(word32)entry->len,
+ tmpName, (word32*)&tmpSize);
+
+ if (ret == 0) {
+ j = 0;
+ /* Append each number of dotted form. */
+ for (i = 0; i < tmpSize; i++) {
+ if (j >= MAX_OID_SZ) {
+ return BUFFER_E;
+ }
+
+ if (i < tmpSize - 1) {
+ ret = XSNPRINTF(oidName + j, MAX_OID_SZ - j, "%d.", tmpName[i]);
+ }
+ else {
+ ret = XSNPRINTF(oidName + j, MAX_OID_SZ - j, "%d", tmpName[i]);
+ }
+
+ if (ret >= 0) {
+ j += ret;
+ }
+ else {
+ return BUFFER_E;
+ }
+ }
+ ret = 0;
+ finalName = oidName;
+ }
+ }
+
+ if (ret == 0) {
+ nameSz = (int)XSTRLEN((const char*)finalName);
+
+ entry->ridString = (char*)XMALLOC(nameSz + 1, heap,
+ DYNAMIC_TYPE_ALTNAME);
+
+ if (entry->ridString == NULL) {
+ ret = MEMORY_E;
+ }
+
+ if (ret == 0) {
+ XMEMCPY(entry->ridString, finalName, nameSz + 1);
+ }
+ }
+
+ return ret;
+}
+#endif /* OPENSSL_ALL && WOLFSSL_ASN_TEMPLATE */
+
#ifdef WOLFSSL_ASN_TEMPLATE
#if defined(WOLFSSL_CERT_GEN) || !defined(NO_CERTS)
@@ -12415,6 +13167,15 @@ static int SetDNSEntry(DecodedCert* cert, const char* str, int strLen,
XMEMCPY(dnsEntry->name, str, (size_t)strLen);
dnsEntry->name[strLen] = '\0';
+#if defined(OPENSSL_ALL)
+ /* store registeredID as a string */
+ if (type == ASN_RID_TYPE) {
+ if ((ret = GenerateDNSEntryRIDString(dnsEntry, cert->heap)) != 0) {
+ XFREE(dnsEntry->name, cert->heap, DYNAMIC_TYPE_ALTNAME);
+ XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
+ }
+ }
+#endif
#if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
/* store IP addresses as a string */
if (type == ASN_IP_TYPE) {
@@ -12561,6 +13322,18 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid,
*nid = NID_favouriteDrink;
#endif
}
+#ifdef WOLFSSL_CERT_REQ
+ else if (oidSz == sizeof(attrPkcs9ContentTypeOid) &&
+ XMEMCMP(oid, attrPkcs9ContentTypeOid, oidSz) == 0) {
+ /* Set the pkcs9_contentType, type string, length and NID. */
+ id = ASN_CONTENT_TYPE;
+ typeStr = WOLFSSL_CONTENT_TYPE;
+ typeStrLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
+ #ifdef WOLFSSL_X509_NAME_AVAILABLE
+ *nid = NID_pkcs9_contentType;
+ #endif
+ }
+#endif
/* Other OIDs that start with the same values. */
else if (oidSz == sizeof(dcOid) && XMEMCMP(oid, dcOid, oidSz-1) == 0) {
WOLFSSL_MSG("Unknown pilot attribute type");
@@ -12663,12 +13436,14 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
/* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
* calculated over the entire DER encoding of the Name field, including
* the tag and length. */
- if (CalcHashId(input + *inOutIdx, maxIdx - *inOutIdx, hash) != 0)
+ if (CalcHashId_ex(input + *inOutIdx, maxIdx - *inOutIdx, hash,
+ HashIdAlg(cert->signatureOID)) != 0) {
return ASN_PARSE_E;
+ }
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
!defined(WOLFCRYPT_ONLY)
- dName = wolfSSL_X509_NAME_new();
+ dName = wolfSSL_X509_NAME_new_ex(cert->heap);
if (dName == NULL) {
return MEMORY_E;
}
@@ -13210,7 +13985,6 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
nid = NID_userId;
#endif /* OPENSSL_EXTRA */
break;
-
case ASN_DOMAIN_COMPONENT:
copy = WOLFSSL_DOMAIN_COMPONENT;
copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
@@ -13229,7 +14003,15 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
nid = NID_favouriteDrink;
#endif /* OPENSSL_EXTRA */
break;
-
+ case ASN_CONTENT_TYPE:
+ copy = WOLFSSL_CONTENT_TYPE;
+ copyLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
+ #if (defined(OPENSSL_EXTRA) || \
+ defined(OPENSSL_EXTRA_X509_SMALL)) \
+ && !defined(WOLFCRYPT_ONLY)
+ nid = NID_pkcs9_contentType;
+ #endif /* OPENSSL_EXTRA */
+ break;
default:
WOLFSSL_MSG("Unknown pilot attribute type");
#if (defined(OPENSSL_EXTRA) || \
@@ -13316,7 +14098,8 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
/* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
* calculated over the entire DER encoding of the Name field, including
* the tag and length. */
- if (CalcHashId(input + srcIdx, maxIdx - srcIdx, hash) != 0) {
+ if (CalcHashId_ex(input + srcIdx, maxIdx - srcIdx, hash,
+ HashIdAlg(cert->signatureOID)) != 0) {
ret = ASN_PARSE_E;
}
@@ -13324,8 +14107,8 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
#ifdef WOLFSSL_X509_NAME_AVAILABLE
if (ret == 0) {
- /* Create an X509_NAME to hold data for OpenSSL compatability APIs. */
- dName = wolfSSL_X509_NAME_new();
+ /* Create an X509_NAME to hold data for OpenSSL compatibility APIs. */
+ dName = wolfSSL_X509_NAME_new_ex(cert->heap);
if (dName == NULL) {
ret = MEMORY_E;
}
@@ -13395,7 +14178,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
if (nid != 0) {
/* Add an entry to the X509_NAME. */
if (wolfSSL_X509_NAME_add_entry_by_NID(dName, nid, enc, str,
- strLen, -1, -1) != WOLFSSL_SUCCESS) {
+ (int)strLen, -1, -1) != WOLFSSL_SUCCESS) {
ret = ASN_PARSE_E;
}
}
@@ -13415,15 +14198,17 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
#if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
defined(HAVE_LIGHTY)) && \
(defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
- dName->rawLen = min(cert->issuerRawLen, WC_ASN_NAME_MAX);
- XMEMCPY(dName->raw, cert->issuerRaw, dName->rawLen);
+ dName->rawLen = (int)min((word32)cert->issuerRawLen,
+ WC_ASN_NAME_MAX);
+ XMEMCPY(dName->raw, cert->issuerRaw, (size_t)dName->rawLen);
#endif
cert->issuerName = dName;
}
else {
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
- dName->rawLen = min(cert->subjectRawLen, WC_ASN_NAME_MAX);
- XMEMCPY(dName->raw, cert->subjectRaw, dName->rawLen);
+ dName->rawLen = (int)min((word32)cert->subjectRawLen,
+ WC_ASN_NAME_MAX);
+ XMEMCPY(dName->raw, cert->subjectRaw, (size_t)dName->rawLen);
#endif
cert->subjectName = dName;
}
@@ -13701,7 +14486,7 @@ int GetTimeString(byte* date, int format, char* buf, int len)
}
idx = 4; /* use idx now for char buffer */
- if (XSNPRINTF(buf + idx, len - idx, "%2d %02d:%02d:%02d %d GMT",
+ if (XSNPRINTF(buf + idx, (size_t)(len - idx), "%2d %02d:%02d:%02d %d GMT",
t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec, (int)t.tm_year + 1900)
>= len - idx)
{
@@ -13713,6 +14498,23 @@ int GetTimeString(byte* date, int format, char* buf, int len)
}
#endif /* OPENSSL_ALL || WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
+/* Check time struct for valid values. Returns 0 for success */
+static int ValidateGmtime(struct tm* inTime)
+{
+ int ret = 1;
+ if ((inTime != NULL) &&
+ (inTime->tm_sec >= 0) && (inTime->tm_sec <= 61) &&
+ (inTime->tm_min >= 0) && (inTime->tm_min <= 59) &&
+ (inTime->tm_hour >= 0) && (inTime->tm_hour <= 23) &&
+ (inTime->tm_mday >= 1) && (inTime->tm_mday <= 31) &&
+ (inTime->tm_mon >= 0) && (inTime->tm_mon <= 11) &&
+ (inTime->tm_wday >= 0) && (inTime->tm_wday <= 6) &&
+ (inTime->tm_yday >= 0) && (inTime->tm_yday <= 365)) {
+ ret = 0;
+ }
+
+ return ret;
+}
#if !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
!defined(TIME_OVERRIDES) && (defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7))
@@ -13789,7 +14591,7 @@ int GetFormattedTime(void* currTime, byte* buf, word32 len)
return BAD_FUNC_ARG;
ts = (struct tm *)XGMTIME((time_t*)currTime, tmpTime);
- if (ts == NULL) {
+ if (ValidateGmtime(ts)) {
WOLFSSL_MSG("failed to get time data.");
return ASN_TIME_E;
}
@@ -13893,6 +14695,9 @@ static WC_INLINE int DateLessThan(const struct tm* a, const struct tm* b)
/* like atoi but only use first byte */
/* Make sure before and after dates are valid */
+/* date = ASN.1 raw */
+/* format = ASN_UTC_TIME or ASN_GENERALIZED_TIME */
+/* dateType = AFTER or BEFORE */
int wc_ValidateDate(const byte* date, byte format, int dateType)
{
time_t ltime;
@@ -13953,10 +14758,10 @@ int wc_ValidateDate(const byte* date, byte format, int dateType)
return 0;
}
- ltime -= (time_t)timeDiff ;
+ ltime -= (time_t)timeDiff;
localTime = XGMTIME(&ltime, tmpTime);
- if (localTime == NULL) {
+ if (ValidateGmtime(localTime)) {
WOLFSSL_MSG("XGMTIME failed");
return 0;
}
@@ -14124,7 +14929,7 @@ static int GetDateInfo(const byte* source, word32* idx, const byte** pDate,
#endif
}
-#ifndef WOLFSSL_ASN_TEMPLATE
+#if !defined(NO_CERTS) && !defined(WOLFSSL_ASN_TEMPLATE)
static int GetDate(DecodedCert* cert, int dateType, int verify, int maxIdx)
{
int ret, length;
@@ -14192,7 +14997,7 @@ static int GetValidity(DecodedCert* cert, int verify, int maxIdx)
return 0;
}
-#endif /* !WOLFSSL_ASN_TEMPLATE */
+#endif /* !NO_CERTS && !WOLFSSL_ASN_TEMPLATE */
int wc_GetDateInfo(const byte* certDate, int certDateSz, const byte** date,
@@ -14246,7 +15051,7 @@ int wc_GetCertDates(Cert* cert, struct tm* before, struct tm* after)
#endif /* WOLFSSL_CERT_GEN && WOLFSSL_ALT_NAMES */
#endif /* !NO_ASN_TIME */
-#ifndef WOLFSSL_ASN_TEMPLATE
+#if !defined(WOLFSSL_ASN_TEMPLATE) && !defined(NO_CERTS)
static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx)
{
int length;
@@ -14287,6 +15092,7 @@ static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx)
}
#endif
+#ifndef NO_CERTS
#ifdef WOLFSSL_ASN_TEMPLATE
/* TODO: move code around to not require this. */
static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
@@ -14294,6 +15100,54 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
int stopAfterPubKey);
#endif
+/* Assumes the target is a Raw-Public-Key certificate and parsed up to the
+ * public key. Returns CRYPTOCB_UNAVAILABLE if it determines that the cert is
+ * different from the Paw-Public-Key cert. In that case, cert->srcIdx is not
+ * consumed so as succeeding parse function can take over.
+ * In case that the target is Raw-Public-Key cert and contains a public key,
+ * returns 0 and consumes cert->srcIdx so as a public key retrieval function
+ * can follow.
+ */
+#if defined(HAVE_RPK)
+int TryDecodeRPKToKey(DecodedCert* cert)
+{
+ int ret = 0, len;
+ word32 tmpIdx;
+ word32 oid;
+
+ WOLFSSL_ENTER("TryDecodeRPKToKey");
+
+ if (cert == NULL)
+ return BAD_FUNC_ARG;
+
+ tmpIdx = cert->srcIdx;
+
+ /* both X509 cert and RPK cert should start with a Sequence tag */
+ if (ret == 0) {
+ if (GetSequence(cert->source, &tmpIdx, &len, cert->maxIdx) < 0)
+ ret = ASN_PARSE_E;
+ }
+ /* TBSCertificate of X509 or AlgorithmIdentifier of RPK cert */
+ if (ret == 0) {
+ if (GetSequence(cert->source, &tmpIdx, &len, cert->maxIdx) < 0)
+ ret = ASN_PARSE_E;
+ }
+ /* OBJ ID should be next in RPK cert */
+ if (ret == 0) {
+ if (GetObjectId(cert->source, &tmpIdx, &oid, oidKeyType, cert->maxIdx)
+ < 0)
+ ret = CRYPTOCB_UNAVAILABLE;
+ }
+ /* consume cert->srcIdx */
+ if (ret == 0) {
+ WOLFSSL_MSG("Looks like RPK certificate");
+ cert->srcIdx = tmpIdx;
+ }
+ WOLFSSL_LEAVE("TryDecodeRPKToKey", ret);
+ return ret;
+}
+#endif /* HAVE_RPK */
+
/* Parse the certificate up to the X.509 public key.
*
* If cert data is invalid then badDate get set to error value.
@@ -14386,6 +15240,20 @@ int DecodeToKey(DecodedCert* cert, int verify)
int badDate = 0;
int ret;
+#if defined(HAVE_RPK)
+
+ /* Raw Public Key certificate has only a SubjectPublicKeyInfo structure
+ * as its contents. So try to call GetCertKey to get public key from it.
+ * If it fails, the cert should be a X509 cert and proceed to process as
+ * x509 cert. */
+ ret = GetCertKey(cert, cert->source, &cert->srcIdx, cert->maxIdx);
+ if (ret == 0) {
+ WOLFSSL_MSG("Raw Public Key certificate found and parsed");
+ cert->isRPK = 1;
+ return ret;
+ }
+#endif /* HAVE_RPK */
+
if ( (ret = wc_GetPubX509(cert, verify, &badDate)) < 0)
return ret;
@@ -14396,9 +15264,8 @@ int DecodeToKey(DecodedCert* cert, int verify)
else
#endif
{
- cert->selfSigned = XMEMCMP(cert->issuerHash,
- cert->subjectHash,
- KEYID_SIZE) == 0 ? 1 : 0;
+ cert->selfSigned = XMEMCMP(cert->issuerHash, cert->subjectHash,
+ KEYID_SIZE) == 0 ? 1 : 0;
}
ret = GetCertKey(cert, cert->source, &cert->srcIdx, cert->maxIdx);
@@ -14425,7 +15292,7 @@ int DecodeToKey(DecodedCert* cert, int verify)
#endif /* WOLFSSL_ASN_TEMPLATE */
}
-#if !defined(NO_CERTS) && !defined(WOLFSSL_ASN_TEMPLATE)
+#if !defined(WOLFSSL_ASN_TEMPLATE)
static int GetSignature(DecodedCert* cert)
{
int length;
@@ -14445,7 +15312,8 @@ static int GetSignature(DecodedCert* cert)
return 0;
}
-#endif /* !NO_CERTS && !WOLFSSL_ASN_TEMPLATE */
+#endif /* !WOLFSSL_ASN_TEMPLATE */
+#endif /* !NO_CERTS */
#ifndef WOLFSSL_ASN_TEMPLATE
static word32 SetOctetString8Bit(word32 len, byte* output)
@@ -14603,7 +15471,7 @@ word32 SetOthername(void *name, byte *output)
{
WOLFSSL_ASN1_OTHERNAME *nm = (WOLFSSL_ASN1_OTHERNAME *)name;
char *nameStr = NULL;
- int nameSz = 0;
+ word32 nameSz = 0;
word32 len = 0;
if ((nm == NULL) || (nm->value == NULL)) {
@@ -14612,7 +15480,7 @@ word32 SetOthername(void *name, byte *output)
}
nameStr = nm->value->value.utf8string->data;
- nameSz = nm->value->value.utf8string->length;
+ nameSz = (word32)nm->value->value.utf8string->length;
len = nm->type_id->objSz +
SetHeader(ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC, nameSz + 2, NULL) +
@@ -14635,56 +15503,6 @@ word32 SetOthername(void *name, byte *output)
}
#endif /* OPENSSL_EXTRA */
-#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
-
-static int SetCurve(ecc_key* key, byte* output, size_t outSz)
-{
-#ifdef HAVE_OID_ENCODING
- int ret;
-#endif
- int idx;
- word32 oidSz = 0;
-
- /* validate key */
- if (key == NULL || key->dp == NULL) {
- return BAD_FUNC_ARG;
- }
-
-#ifdef HAVE_OID_ENCODING
- ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, NULL, &oidSz);
- if (ret != 0) {
- return ret;
- }
-#else
- oidSz = key->dp->oidSz;
-#endif
-
- idx = SetObjectId((int)oidSz, output);
-
- /* length only */
- if (output == NULL) {
- return idx + (int)oidSz;
- }
-
- /* verify output buffer has room */
- if (oidSz > outSz)
- return BUFFER_E;
-
-#ifdef HAVE_OID_ENCODING
- ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, output+idx, &oidSz);
- if (ret != 0) {
- return ret;
- }
-#else
- XMEMCPY(output+idx, key->dp->oid, oidSz);
-#endif
- idx += (int)oidSz;
-
- return idx;
-}
-
-#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
-
#ifdef HAVE_ECC
/* Determines whether the signature algorithm is using ECDSA.
@@ -14720,6 +15538,9 @@ static WC_INLINE int IsSigAlgoECC(word32 algoOID)
#ifdef HAVE_ECC
|| IsSigAlgoECDSA(algoOID)
#endif
+ #ifdef WOLFSSL_SM2
+ || (algoOID == SM2k)
+ #endif
#ifdef HAVE_ED25519
|| (algoOID == ED25519k)
#endif
@@ -15038,6 +15859,9 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
#endif
#ifdef HAVE_ECC
case ECDSAk:
+ #ifdef WOLFSSL_SM2
+ case SM2k:
+ #endif
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC)
if (sigCtx->key.ecc->nb_ctx != NULL) {
@@ -15222,6 +16046,14 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
break;
#endif
#endif
+ #if defined(WOLFSSL_SM2) & defined(WOLFSSL_SM3)
+ case CTC_SM3wSM2:
+ if ((ret = wc_Sm3Hash(buf, bufSz, digest)) == 0) {
+ *typeH = SM3h;
+ *digestSz = WC_SM3_DIGEST_SIZE;
+ }
+ break;
+ #endif
#ifdef HAVE_ED25519
case CTC_ED25519:
/* Hashes done in signing operation.
@@ -15288,7 +16120,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
byte* rsaKeyIdx)
{
int ret = 0;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
CertAttribute* certatt = NULL;
#endif
@@ -15306,7 +16138,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
WOLFSSL_ENTER("ConfirmSignature");
-#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_FSPSM_TLS)
(void)rsaKeyIdx;
#else
#if !defined(NO_RSA) || defined(HAVE_ECC)
@@ -15365,6 +16197,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
else
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (sigOID == CTC_SM3wSM2) {
+ ; /* SM2 hash requires public key. Done later. */
+ }
+ else
+ #endif
{
ret = HashForSignature(buf, bufSz, sigOID, sigCtx->digest,
&sigCtx->typeH, &sigCtx->digestSz, 1);
@@ -15432,15 +16270,18 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
sigCtx->key.dsa = (DsaKey*)XMALLOC(sizeof(DsaKey),
sigCtx->heap, DYNAMIC_TYPE_DSA);
- sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
- sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
- if (sigCtx->key.dsa == NULL || sigCtx->sigCpy == NULL) {
+ if (sigCtx->key.dsa == NULL) {
ERROR_OUT(MEMORY_E, exit_cs);
}
if ((ret = wc_InitDsaKey_h(sigCtx->key.dsa, sigCtx->heap)) != 0) {
WOLFSSL_MSG("wc_InitDsaKey_h error");
goto exit_cs;
}
+ sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
+ sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
+ if (sigCtx->sigCpy == NULL) {
+ ERROR_OUT(MEMORY_E, exit_cs);
+ }
if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa,
keySz)) != 0) {
WOLFSSL_MSG("ASN Key decode error DSA");
@@ -15530,6 +16371,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
#endif /* !NO_DSA && !HAVE_SELFTEST */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2k:
+ #endif
case ECDSAk:
{
word32 idx = 0;
@@ -15959,12 +16803,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
key, keySz,
sigCtx->pkCtxRsa);
}
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
else
#else
if (!sigCtx->pkCbRsa || ret == CRYPTOCB_UNAVAILABLE)
- #endif /* WOLFSSL_RENESAS_SCEPROTECT */
+ #endif /* WOLFSSL_RENESAS_FSPSM_TLS */
#endif /* HAVE_PK_CALLBACKS */
{
ret = wc_RsaSSL_VerifyInline(sigCtx->sigCpy, sigSz,
@@ -15981,9 +16825,50 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
break;
}
#endif /* !NO_DSA && !HAVE_SELFTEST */
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2k:
+ {
+ /* OpenSSL creates signature without CERT_SIG_ID. */
+ ret = wc_ecc_sm2_create_digest(CERT_SIG_ID, 0, buf, bufSz,
+ WC_HASH_TYPE_SM3, sigCtx->digest, WC_SM3_DIGEST_SIZE,
+ sigCtx->key.ecc);
+ if (ret == 0) {
+ sigCtx->typeH = SM3h;
+ sigCtx->digestSz = WC_SM3_DIGEST_SIZE;
+ }
+ else {
+ WOLFSSL_MSG("SM2wSM3 create digest failed");
+ WOLFSSL_ERROR_VERBOSE(ret);
+ goto exit_cs;
+ }
+ ret = wc_ecc_sm2_verify_hash(sig, sigSz, sigCtx->digest,
+ sigCtx->digestSz, &sigCtx->verify, sigCtx->key.ecc);
+ break;
+ }
+ #endif
#if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY)
case ECDSAk:
{
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if (sigOID == CTC_SM3wSM2) {
+ ret = wc_ecc_sm2_create_digest(CERT_SIG_ID,
+ CERT_SIG_ID_SZ, buf, bufSz, WC_HASH_TYPE_SM3,
+ sigCtx->digest, WC_SM3_DIGEST_SIZE,
+ sigCtx->key.ecc);
+ if (ret == 0) {
+ sigCtx->typeH = SM3h;
+ sigCtx->digestSz = WC_SM3_DIGEST_SIZE;
+ }
+ else {
+ WOLFSSL_MSG("SM2wSM3 create digest failed");
+ WOLFSSL_ERROR_VERBOSE(ret);
+ goto exit_cs;
+ }
+ ret = wc_ecc_sm2_verify_hash(sig, sigSz, sigCtx->digest,
+ sigCtx->digestSz, &sigCtx->verify, sigCtx->key.ecc);
+ }
+ else
+ #endif
#if defined(HAVE_PK_CALLBACKS)
if (sigCtx->pkCbEcc) {
ret = sigCtx->pkCbEcc(
@@ -15992,12 +16877,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
key, keySz, &sigCtx->verify,
sigCtx->pkCtxEcc);
}
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
else
#else
if (!sigCtx->pkCbEcc || ret == CRYPTOCB_UNAVAILABLE)
- #endif /* WOLFSSL_RENESAS_SCEPROTECT */
+ #endif /* WOLFSSL_RENESAS_FSPSM_TLS */
#endif /* HAVE_PK_CALLBACKS */
{
ret = wc_ecc_verify_hash(sig, sigSz, sigCtx->digest,
@@ -16118,7 +17003,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
{
int encodedSigSz, verifySz;
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT)
+ defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (sigCtx->CertAtt.verifyByTSIP_SCE == 1) break;
#endif
#ifdef WOLFSSL_SMALL_STACK
@@ -16169,6 +17054,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
}
#endif /* !NO_DSA && !HAVE_SELFTEST */
#ifdef HAVE_ECC
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ case SM2k:
+ #endif
case ECDSAk:
{
if (sigCtx->verify == 1) {
@@ -16437,9 +17325,11 @@ static int MatchBaseName(int type, const char* name, int nameSz,
}
while (nameSz > 0) {
- if (XTOLOWER((unsigned char)*name++) !=
- XTOLOWER((unsigned char)*base++))
+ if (XTOLOWER((unsigned char)*name) !=
+ XTOLOWER((unsigned char)*base))
return 0;
+ name++;
+ base++;
nameSz--;
}
@@ -16533,7 +17423,7 @@ static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
name = cert->altNames;
break;
case ASN_RFC822_TYPE:
- /* Shouldn't it validade E= in subject as well? */
+ /* Shouldn't it validate E= in subject as well? */
name = cert->altEmailNames;
/* Add subject email for checking. */
@@ -16917,10 +17807,19 @@ static int DecodeGeneralName(const byte* input, word32* inOutIdx, byte tag,
ret = SetDNSEntry(cert, (const char*)(input + idx), len, ASN_IP_TYPE,
&cert->altNames);
if (ret == 0) {
- idx += len;
+ idx += (word32)len;
}
}
#endif /* WOLFSSL_QT || OPENSSL_ALL */
+
+ /* GeneralName choice: registeredID */
+ else if (tag == (ASN_CONTEXT_SPECIFIC | ASN_RID_TYPE)) {
+ ret = SetDNSEntry(cert, (const char*)(input + idx), len,
+ ASN_RID_TYPE, &cert->altNames);
+ if (ret == 0) {
+ idx += (word32)len;
+ }
+ }
#endif /* IGNORE_NAME_CONSTRAINTS */
#if defined(WOLFSSL_SEP) || defined(WOLFSSL_FPKI)
/* GeneralName choice: otherName */
@@ -16929,8 +17828,7 @@ static int DecodeGeneralName(const byte* input, word32* inOutIdx, byte tag,
ret = DecodeOtherName(cert, input, &idx, idx + (word32)len);
}
#endif
- /* GeneralName choice: dNSName, x400Address, ediPartyName,
- * registeredID */
+ /* GeneralName choice: dNSName, x400Address, ediPartyName */
else {
WOLFSSL_MSG("\tUnsupported name type, skipping");
idx += (word32)len;
@@ -17440,7 +18338,55 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
length -= strLen;
idx += (word32)strLen;
}
-#endif /* WOLFSSL_QT || OPENSSL_ALL */
+#endif /* WOLFSSL_QT || OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
+#if defined(OPENSSL_ALL)
+ else if (current_byte == (ASN_CONTEXT_SPECIFIC | ASN_RID_TYPE)) {
+ DNS_entry* rid;
+ int strLen;
+ word32 lenStartIdx = idx;
+ WOLFSSL_MSG("Decoding Subject Alt. Name: Registered Id");
+
+ if (GetLength(input, &idx, &strLen, sz) < 0) {
+ WOLFSSL_MSG("\tfail: str length");
+ return ASN_PARSE_E;
+ }
+ length -= (idx - lenStartIdx);
+ /* check that strLen at index is not past input buffer */
+ if (strLen + idx > sz) {
+ return BUFFER_E;
+ }
+
+ rid = AltNameNew(cert->heap);
+ if (rid == NULL) {
+ WOLFSSL_MSG("\tOut of Memory");
+ return MEMORY_E;
+ }
+
+ rid->type = ASN_RID_TYPE;
+ rid->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap,
+ DYNAMIC_TYPE_ALTNAME);
+ if (rid->name == NULL) {
+ WOLFSSL_MSG("\tOut of Memory");
+ XFREE(rid, cert->heap, DYNAMIC_TYPE_ALTNAME);
+ return MEMORY_E;
+ }
+ rid->len = strLen;
+ XMEMCPY(rid->name, &input[idx], strLen);
+ rid->name[strLen] = '\0';
+
+ if (GenerateDNSEntryRIDString(rid, cert->heap) != 0) {
+ WOLFSSL_MSG("\tOut of Memory for registered Id string");
+ XFREE(rid->name, cert->heap, DYNAMIC_TYPE_ALTNAME);
+ XFREE(rid, cert->heap, DYNAMIC_TYPE_ALTNAME);
+ return MEMORY_E;
+ }
+
+ AddAltName(cert, rid);
+
+ length -= strLen;
+ idx += (word32)strLen;
+ }
+#endif /* OPENSSL_ALL */
#endif /* IGNORE_NAME_CONSTRAINTS */
else if (current_byte ==
(ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE)) {
@@ -17566,7 +18512,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
}
#ifdef WOLFSSL_ASN_TEMPLATE
-/* ASN.1 template for BasicContraints.
+/* ASN.1 template for BasicConstraints.
* X.509: RFC 5280, 4.2.1.9 - BasicConstraints.
*/
static const ASNItem basicConsASN[] = {
@@ -17653,7 +18599,7 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert)
word32 idx = 0;
byte isCA = 0;
- WOLFSSL_ENTER("DecodeBasicCaConstraints");
+ WOLFSSL_ENTER("DecodeBasicCaConstraint");
CALLOC_ASNGETDATA(dataASN, basicConsASN_Length, ret, cert->heap);
@@ -17670,15 +18616,22 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert)
if ((ret == 0) && (dataASN[BASICCONSASN_IDX_SEQ].length != 0)) {
/* Bad encoding when CA Boolean is false
* (default when not present). */
+#if !defined(ASN_TEMPLATE_SKIP_ISCA_CHECK) && \
+ !defined(WOLFSSL_ALLOW_ENCODING_CA_FALSE)
if ((dataASN[BASICCONSASN_IDX_CA].length != 0) && (!isCA)) {
WOLFSSL_ERROR_VERBOSE(ASN_PARSE_E);
ret = ASN_PARSE_E;
}
+#endif
/* Path length must be a 7-bit value. */
if ((ret == 0) && (cert->pathLength >= (1 << 7))) {
WOLFSSL_ERROR_VERBOSE(ASN_PARSE_E);
ret = ASN_PARSE_E;
}
+ if ((ret == 0) && cert->pathLength > WOLFSSL_MAX_PATH_LEN) {
+ WOLFSSL_ERROR_VERBOSE(ASN_PATHLEN_SIZE_E);
+ ret = ASN_PATHLEN_SIZE_E;
+ }
/* Store CA boolean and whether a path length was seen. */
if (ret == 0) {
/* isCA in certificate is a 1 bit of a byte. */
@@ -17918,7 +18871,7 @@ static int DecodeCrlDist(const byte* input, word32 sz, DecodedCert* cert)
if (ret == 0) {
/* Get the GeneralName choice */
GetASN_Choice(&dataASN[CRLDISTASN_IDX_DP_DISTPOINT_FN_GN], generalNameChoice);
- /* Parse CRL distribtion point. */
+ /* Parse CRL distribution point. */
ret = GetASN_Items(crlDistASN, dataASN, crlDistASN_Length, 0, input,
&idx, sz);
}
@@ -17999,7 +18952,6 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
#ifndef WOLFSSL_ASN_TEMPLATE
word32 idx = 0;
int length = 0;
- int count = 0;
byte b = 0;
word32 oid;
@@ -18009,7 +18961,7 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
if (GetSequence(input, &idx, &length, sz) < 0)
return ASN_PARSE_E;
- while ((idx < (word32)sz) && (count < MAX_AIA_SZ)) {
+ while ((idx < (word32)sz)) {
/* Unwrap a single AIA */
if (GetSequence(input, &idx, &length, sz) < 0)
return ASN_PARSE_E;
@@ -18027,23 +18979,22 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
return ASN_PARSE_E;
/* Set ocsp entry */
- if (b == GENERALNAME_URI && oid == AIA_OCSP_OID)
+ if (b == GENERALNAME_URI && oid == AIA_OCSP_OID &&
+ cert->extAuthInfo == NULL)
{
cert->extAuthInfoSz = length;
cert->extAuthInfo = input + idx;
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
- count++;
- #else
+ #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT)
break;
#endif
}
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
/* Set CaIssuers entry */
- else if ((b == GENERALNAME_URI) && oid == AIA_CA_ISSUER_OID)
+ else if ((b == GENERALNAME_URI) && oid == AIA_CA_ISSUER_OID &&
+ cert->extAuthInfoCaIssuer == NULL)
{
cert->extAuthInfoCaIssuerSz = length;
cert->extAuthInfoCaIssuer = input + idx;
- count++;
}
#endif
idx += (word32)length;
@@ -18053,7 +19004,6 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
#else
word32 idx = 0;
int length = 0;
- int count = 0;
int ret = 0;
WOLFSSL_ENTER("DecodeAuthInfo");
@@ -18063,7 +19013,7 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
ret = ASN_PARSE_E;
}
- while ((ret == 0) && (idx < (word32)sz) && (count < MAX_AIA_SZ)) {
+ while ((ret == 0) && (idx < (word32)sz)) {
ASNGetData dataASN[accessDescASN_Length];
/* Clear dynamic data and retrieve OID and name. */
@@ -18078,14 +19028,13 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
/* Check we have OCSP and URI. */
if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum == AIA_OCSP_OID) &&
- (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) {
+ (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI) &&
+ (cert->extAuthInfo == NULL)) {
/* Store URI for OCSP lookup. */
GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC],
&cert->extAuthInfo, &sz32);
cert->extAuthInfoSz = (int)sz32;
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
- count++;
- #else
+ #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT)
break;
#endif
}
@@ -18093,12 +19042,12 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
/* Check we have CA Issuer and URI. */
else if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum ==
AIA_CA_ISSUER_OID) &&
- (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) {
+ (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI) &&
+ (cert->extAuthInfoCaIssuer == NULL)) {
/* Set CaIssuers entry */
GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC],
&cert->extAuthInfoCaIssuer, &sz32);
- cert->extAuthInfoCaIssuerSz = sz32;
- count++;
+ cert->extAuthInfoCaIssuerSz = (int)sz32;
}
#endif
/* Otherwise skip. */
@@ -18134,9 +19083,9 @@ enum {
#define authKeyIdASN_Length (sizeof(authKeyIdASN) / sizeof(ASNItem))
#endif
-/* Decode authority information access extension in a certificate.
+/* Decode authority key identifier extension in a certificate.
*
- * X.509: RFC 5280, 4.2.2.1 - Authority Information Access.
+ * X.509: RFC 5280, 4.2.1.1 - Authority Key Identifier.
*
* @param [in] input Buffer holding data.
* @param [in] sz Size of data in buffer.
@@ -18185,11 +19134,11 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
cert->extAuthKeyIdSz = length;
#endif /* OPENSSL_EXTRA */
- return GetHashId(input + idx, length, cert->extAuthKeyId);
+ return GetHashId(input + idx, length, cert->extAuthKeyId,
+ HashIdAlg(cert->signatureOID));
#else
DECL_ASNGETDATA(dataASN, authKeyIdASN_Length);
int ret = 0;
- word32 idx = 0;
WOLFSSL_ENTER("DecodeAuthKeyId");
@@ -18197,31 +19146,59 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
if (ret == 0) {
/* Parse an authority key identifier. */
+ word32 idx = 0;
ret = GetASN_Items(authKeyIdASN, dataASN, authKeyIdASN_Length, 1, input,
&idx, sz);
}
- if (ret == 0) {
- /* Key id is optional. */
- if (dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data == NULL) {
- WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available");
- }
- else {
+ /* Each field is optional */
+ if (ret == 0 && dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data != NULL) {
#ifdef OPENSSL_EXTRA
- /* Store the authority key id. */
-#ifdef WOLFSSL_AKID_NAME
- cert->extRawAuthKeyIdSrc = input;
- cert->extRawAuthKeyIdSz = sz;
-#endif
- GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_KEYID], &cert->extAuthKeyIdSrc,
- &cert->extAuthKeyIdSz);
+ GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_KEYID],
+ &cert->extAuthKeyIdSrc, &cert->extAuthKeyIdSz);
#endif /* OPENSSL_EXTRA */
+ /* Get the hash or hash of the hash if wrong size. */
+ ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
+ (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
+ cert->extAuthKeyId, HashIdAlg(cert->signatureOID));
+ }
+#ifdef WOLFSSL_AKID_NAME
+ if (ret == 0 && dataASN[AUTHKEYIDASN_IDX_ISSUER].data.ref.data != NULL) {
+ /* We only support using one (first) name. Parse the name to perform
+ * a sanity check. */
+ word32 idx = 0;
+ ASNGetData nameASN[altNameASN_Length];
+ XMEMSET(nameASN, 0, sizeof(nameASN));
+ /* Parse GeneralName with the choices supported. */
+ GetASN_Choice(&nameASN[ALTNAMEASN_IDX_GN], generalNameChoice);
+ /* Decode a GeneralName choice. */
+ ret = GetASN_Items(altNameASN, nameASN, altNameASN_Length, 0,
+ dataASN[AUTHKEYIDASN_IDX_ISSUER].data.ref.data, &idx,
+ dataASN[AUTHKEYIDASN_IDX_ISSUER].data.ref.length);
- /* Get the hash or hash of the hash if wrong size. */
- ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
- (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
- cert->extAuthKeyId);
+ if (ret == 0) {
+ GetASN_GetConstRef(&nameASN[ALTNAMEASN_IDX_GN],
+ &cert->extAuthKeyIdIssuer, &cert->extAuthKeyIdIssuerSz);
}
}
+ if (ret == 0 && dataASN[AUTHKEYIDASN_IDX_SERIAL].data.ref.data != NULL) {
+ GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_SERIAL],
+ &cert->extAuthKeyIdIssuerSN, &cert->extAuthKeyIdIssuerSNSz);
+ }
+ if (ret == 0) {
+ if ((cert->extAuthKeyIdIssuerSz > 0) ^
+ (cert->extAuthKeyIdIssuerSNSz > 0)) {
+ WOLFSSL_MSG("authorityCertIssuer and authorityCertSerialNumber MUST"
+ " both be present or both be absent");
+ }
+ }
+#endif /* WOLFSSL_AKID_NAME */
+ if (ret == 0) {
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_AKID_NAME)
+ /* Store the raw authority key id. */
+ cert->extRawAuthKeyIdSrc = input;
+ cert->extRawAuthKeyIdSz = sz;
+#endif /* OPENSSL_EXTRA */
+ }
FREE_ASNGETDATA(dataASN, cert->heap);
return ret;
@@ -18230,7 +19207,7 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
/* Decode subject key id extension in a certificate.
*
- * X.509: RFC 5280, 4.2.2.1 - Authority Information Access.
+ * X.509: RFC 5280, 4.2.1.2 - Subject Key Identifier.
*
* @param [in] input Buffer holding data.
* @param [in] sz Size of data in buffer.
@@ -18252,11 +19229,12 @@ static int DecodeSubjKeyId(const byte* input, word32 sz, DecodedCert* cert)
if (ret > 0) {
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
cert->extSubjKeyIdSrc = &input[idx];
- cert->extSubjKeyIdSz = length;
+ cert->extSubjKeyIdSz = (word32)length;
#endif /* OPENSSL_EXTRA */
/* Get the hash or hash of the hash if wrong size. */
- ret = GetHashId(input + idx, length, cert->extSubjKeyId);
+ ret = GetHashId(input + idx, length, cert->extSubjKeyId,
+ HashIdAlg(cert->signatureOID));
}
return ret;
@@ -18279,7 +19257,7 @@ enum {
/* Decode key usage extension in a certificate.
*
- * X.509: RFC 5280, 4.2.2.1 - Authority Information Access.
+ * X.509: RFC 5280, 4.2.1.3 - Key Usage.
*
* @param [in] input Buffer holding data.
* @param [in] sz Size of data in buffer.
@@ -18313,14 +19291,24 @@ static int DecodeKeyUsage(const byte* input, word32 sz, DecodedCert* cert)
#else
ASNGetData dataASN[keyUsageASN_Length];
word32 idx = 0;
+ byte keyUsage[2];
+ word32 keyUsageSz = sizeof(keyUsage);
+ int ret;
WOLFSSL_ENTER("DecodeKeyUsage");
/* Clear dynamic data and set where to store extended key usage. */
XMEMSET(dataASN, 0, sizeof(dataASN));
- GetASN_Int16Bit(&dataASN[KEYUSAGEASN_IDX_STR], &cert->extKeyUsage);
+ GetASN_Buffer(&dataASN[KEYUSAGEASN_IDX_STR], keyUsage, &keyUsageSz);
/* Parse key usage. */
- return GetASN_Items(keyUsageASN, dataASN, keyUsageASN_Length, 0, input,
+ ret = GetASN_Items(keyUsageASN, dataASN, keyUsageASN_Length, 0, input,
&idx, sz);
+ if (ret == 0) {
+ /* Decode the bit string number as LE */
+ cert->extKeyUsage = (word16)(keyUsage[0]);
+ if (keyUsageSz == 2)
+ cert->extKeyUsage |= (word16)(keyUsage[1] << 8);
+ }
+ return ret;
#endif /* WOLFSSL_ASN_TEMPLATE */
}
@@ -18437,7 +19425,7 @@ static int DecodeExtKeyUsage(const byte* input, word32 sz, DecodedCert* cert)
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* Keep reference for WOLFSSL_X509. */
cert->extExtKeyUsageSrc = input + idx;
- cert->extExtKeyUsageSz = length;
+ cert->extExtKeyUsageSz = (word32)length;
#endif
}
@@ -18610,7 +19598,7 @@ static int DecodeSubtreeGeneralName(const byte* input, word32 sz, byte tag,
/* Decode a subtree of a name constraints in a certificate.
*
- * X.509: RFC 5280, 4.2.1.10 - Name Contraints.
+ * X.509: RFC 5280, 4.2.1.10 - Name Constraints.
*
* @param [in] input Buffer holding data.
* @param [in] sz Size of data in buffer.
@@ -18742,7 +19730,7 @@ static int DecodeSubtree(const byte* input, word32 sz, Base_entry** head,
#ifdef WOLFSSL_ASN_TEMPLATE
/* ASN.1 template for NameConstraints.
- * X.509: RFC 5280, 4.2.1.10 - Name Contraints.
+ * X.509: RFC 5280, 4.2.1.10 - Name Constraints.
*/
static const ASNItem nameConstraintsASN[] = {
/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 },
@@ -18874,7 +19862,7 @@ int DecodePolicyOID(char *out, word32 outSz, const byte *in, word32 inSz)
w = BUFFER_E;
goto exit;
}
- outIdx += w;
+ outIdx += (word32)w;
val = 0;
while (inIdx < inSz && outIdx < outSz) {
@@ -18892,7 +19880,7 @@ int DecodePolicyOID(char *out, word32 outSz, const byte *in, word32 inSz)
w = BUFFER_E;
goto exit;
}
- outIdx += w;
+ outIdx += (word32)w;
val = 0;
}
inIdx++;
@@ -19011,7 +19999,7 @@ exit:
return ASN_PARSE_E;
}
#ifndef WOLFSSL_DUP_CERTPOL
- /* From RFC 5280 section 4.2.1.3 "A certificate policy OID MUST
+ /* From RFC 5280 section 4.2.1.4 "A certificate policy OID MUST
* NOT appear more than once in a certificate policies
* extension". This is a sanity check for duplicates.
* extCertPolicies should only have OID values, additional
@@ -19120,11 +20108,11 @@ exit:
}
}
#ifndef WOLFSSL_DUP_CERTPOL
- /* From RFC 5280 section 4.2.1.3 "A certificate policy OID MUST
+ /* From RFC 5280 section 4.2.1.4 "A certificate policy OID MUST
* NOT appear more than once in a certificate policies
* extension". This is a sanity check for duplicates.
* extCertPolicies should only have OID values, additional
- * qualifiers need to be stored in a seperate array. */
+ * qualifiers need to be stored in a separate array. */
for (i = 0; (ret == 0) && (i < cert->extCertPoliciesNb); i++) {
if (XMEMCMP(cert->extCertPolicies[i],
cert->extCertPolicies[cert->extCertPoliciesNb],
@@ -19169,7 +20157,7 @@ enum {
SUBJDIRATTRASN_IDX_SET,
};
-/* Number of items in ASN.1 template for BasicContraints. */
+/* Number of items in ASN.1 template for BasicConstraints. */
#define subjDirAttrASN_Length (sizeof(subjDirAttrASN) / sizeof(ASNItem))
#endif
/* Decode subject directory attributes extension in a certificate.
@@ -19183,7 +20171,7 @@ enum {
* @return ASN_PARSE_E when BER encoded data does not match ASN.1 items or
* is invalid.
*/
-static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
+static int DecodeSubjDirAttr(const byte* input, word32 sz, DecodedCert* cert)
{
#ifndef WOLFSSL_ASN_TEMPLATE
word32 idx = 0;
@@ -19280,7 +20268,8 @@ static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
ret = ASN_PARSE_E;
}
if (ret == 0) {
- XMEMCPY(cert->countryOfCitizenship, setData + setIdx, cuLen);
+ XMEMCPY(cert->countryOfCitizenship, setData + setIdx,
+ (size_t)cuLen);
cert->countryOfCitizenship[COUNTRY_CODE_LEN] = 0;
}
}
@@ -19292,7 +20281,7 @@ static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
#endif /* WOLFSSL_SUBJ_DIR_ATTR */
#ifdef WOLFSSL_SUBJ_INFO_ACC
-/* Decode subject infomation access extension in a certificate.
+/* Decode subject information access extension in a certificate.
*
* X.509: RFC 5280, 4.2.2.2 - Subject Information Access.
*
@@ -19305,7 +20294,7 @@ static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
* is invalid.
* @return MEMORY_E on dynamic memory allocation failure.
*/
-static int DecodeSubjInfoAcc(const byte* input, int sz, DecodedCert* cert)
+static int DecodeSubjInfoAcc(const byte* input, word32 sz, DecodedCert* cert)
{
word32 idx = 0;
int length = 0;
@@ -19358,11 +20347,11 @@ static int DecodeSubjInfoAcc(const byte* input, int sz, DecodedCert* cert)
/* Set caRepo entry */
if (b == GENERALNAME_URI && oid == AIA_CA_REPO_OID) {
- cert->extSubjInfoAccCaRepoSz = length;
+ cert->extSubjInfoAccCaRepoSz = (word32)length;
cert->extSubjInfoAccCaRepo = input + idx;
break;
}
- idx += length;
+ idx += (word32)length;
}
if (cert->extSubjInfoAccCaRepo == NULL ||
@@ -19457,7 +20446,19 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
case AUTH_INFO_OID:
VERIFY_AND_SET_OID(cert->extAuthInfoSet);
cert->extAuthInfoCrit = critical ? 1 : 0;
- if (DecodeAuthInfo(input, length, cert) < 0) {
+ #ifndef WOLFSSL_ALLOW_CRIT_AIA
+ /* This check is added due to RFC 5280 section 4.2.2.1
+ * stating that conforming CA's must mark this extension
+ * as non-critical. When parsing extensions check that
+ * certificate was made in compliance with this. */
+ if (critical) {
+ WOLFSSL_MSG("Critical Authority Information Access is not"
+ "allowed");
+ WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_AIA if wanted");
+ ret = ASN_CRIT_EXT_E;
+ }
+ #endif
+ if ((ret == 0) && (DecodeAuthInfo(input, length, cert) < 0)) {
ret = ASN_PARSE_E;
}
break;
@@ -19473,17 +20474,17 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
case AUTH_KEY_OID:
VERIFY_AND_SET_OID(cert->extAuthKeyIdSet);
cert->extAuthKeyIdCrit = critical ? 1 : 0;
- #ifndef WOLFSSL_ALLOW_CRIT_SKID
- /* This check is added due to RFC 5280 section 4.2.1.1
- * stating that conforming CA's must mark this extension
- * as non-critical. When parsing extensions check that
- * certificate was made in compliance with this. */
- if (critical) {
- WOLFSSL_MSG("Critical Auth Key ID is not allowed");
- WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
- ret = ASN_CRIT_EXT_E;
- }
- #endif
+ #ifndef WOLFSSL_ALLOW_CRIT_AKID
+ /* This check is added due to RFC 5280 section 4.2.1.1
+ * stating that conforming CA's must mark this extension
+ * as non-critical. When parsing extensions check that
+ * certificate was made in compliance with this. */
+ if (critical) {
+ WOLFSSL_MSG("Critical Auth Key ID is not allowed");
+ WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_AKID if wanted");
+ ret = ASN_CRIT_EXT_E;
+ }
+ #endif
if ((ret == 0) && (DecodeAuthKeyId(input, length, cert) < 0)) {
ret = ASN_PARSE_E;
}
@@ -19493,17 +20494,17 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
case SUBJ_KEY_OID:
VERIFY_AND_SET_OID(cert->extSubjKeyIdSet);
cert->extSubjKeyIdCrit = critical ? 1 : 0;
- #ifndef WOLFSSL_ALLOW_CRIT_SKID
- /* This check is added due to RFC 5280 section 4.2.1.2
- * stating that conforming CA's must mark this extension
- * as non-critical. When parsing extensions check that
- * certificate was made in compliance with this. */
- if (critical) {
- WOLFSSL_MSG("Critical Subject Key ID is not allowed");
- WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
- ret = ASN_CRIT_EXT_E;
- }
- #endif
+ #ifndef WOLFSSL_ALLOW_CRIT_SKID
+ /* This check is added due to RFC 5280 section 4.2.1.2
+ * stating that conforming CA's must mark this extension
+ * as non-critical. When parsing extensions check that
+ * certificate was made in compliance with this. */
+ if (critical) {
+ WOLFSSL_MSG("Critical Subject Key ID is not allowed");
+ WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
+ ret = ASN_CRIT_EXT_E;
+ }
+ #endif
if ((ret == 0) && (DecodeSubjKeyId(input, length, cert) < 0)) {
ret = ASN_PARSE_E;
@@ -19512,21 +20513,21 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
/* Certificate policies. */
case CERT_POLICY_OID:
- #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
- VERIFY_AND_SET_OID(cert->extCertPolicySet);
- #if defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extCertPolicyCrit = critical ? 1 : 0;
- #endif
- #endif
- #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT) || \
- defined(WOLFSSL_QT)
- if (DecodeCertPolicy(input, length, cert) < 0) {
- ret = ASN_PARSE_E;
- }
- #else
- WOLFSSL_MSG("Certificate Policy extension not supported yet.");
+ #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
+ VERIFY_AND_SET_OID(cert->extCertPolicySet);
+ #if defined(OPENSSL_EXTRA) || \
+ defined(OPENSSL_EXTRA_X509_SMALL)
+ cert->extCertPolicyCrit = critical ? 1 : 0;
#endif
+ #endif
+ #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT) || \
+ defined(WOLFSSL_QT)
+ if (DecodeCertPolicy(input, length, cert) < 0) {
+ ret = ASN_PARSE_E;
+ }
+ #else
+ WOLFSSL_MSG("Certificate Policy extension not supported yet.");
+ #endif
break;
/* Key usage. */
@@ -19643,7 +20644,7 @@ enum {
CERTEXTHDRASN_IDX_EXTSEQ
};
-/* Number of itesm in ASN.1 template for extensions. */
+/* Number of items in ASN.1 template for extensions. */
#define certExtHdrASN_Length (sizeof(certExtHdrASN) / sizeof(ASNItem))
/* ASN.1 template for Extension.
@@ -19820,7 +20821,7 @@ end:
/* Clear dynamic data. */
XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length);
- /* Ensure OID is an extention type. */
+ /* Ensure OID is an extension type. */
GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType);
/* Set criticality variable. */
GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical);
@@ -19878,6 +20879,41 @@ end:
}
#ifdef WOLFSSL_ASN_TEMPLATE
+
+#if defined(HAVE_RPK)
+/* ASN template for a Raw Public Key certificate defined RFC7250. */
+static const ASNItem RPKCertASN[] = {
+/* SubjectPublicKeyInfo ::= SEQUENCE */ { 0, ASN_SEQUENCE, 1, 1, 0 },
+ /* algorithm AlgorithmIdentifier */
+ /* AlgorithmIdentifier ::= SEQUENCE */ { 1, ASN_SEQUENCE, 1, 1, 0 },
+ /* Algorithm OBJECT IDENTIFIER */
+ /* TBS_SPUBKEYINFO_ALGO_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 },
+ /* parameters ANY defined by algorithm OPTIONAL */
+ /* TBS_SPUBKEYINFO_ALGO_NULL */ { 2, ASN_TAG_NULL, 0, 0, 2 },
+ /* TBS_SPUBKEYINFO_ALGO_CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 2 },
+#ifdef WC_RSA_PSS
+ /* TBS_SPUBKEYINFO_ALGO_P_SEQ */ { 2, ASN_SEQUENCE, 1, 0, 2 },
+#endif
+ /* subjectPublicKey BIT STRING */
+ /* TBS_SPUBKEYINFO_PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 },
+};
+/* Number of items in ASN template for a RawPublicKey certificate. */
+#define RPKCertASN_Length (sizeof(RPKCertASN) / sizeof(ASNItem))
+
+enum {
+ RPKCERTASN_IDX_SPUBKEYINFO_SEQ = 0,
+ RPKCERTASN_IDX_SPUBKEYINFO_ALGO_SEQ,
+ RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID,
+ RPKCERTASN_IDX_SPUBKEYINFO_ALGO_NULL,
+ RPKCERTASN_IDX_SPUBKEYINFO_ALGO_CURVEID,
+#ifdef WC_RSA_PSS
+ RPKCERTASN_IDX_SPUBKEYINFO_ALGO_P_SEQ,
+#endif
+ RPKCERTASN_IDX_SPUBKEYINFO_PUBKEY,
+};
+
+#endif /* HAVE_RPK */
+
/* ASN template for an X509 certificate.
* X.509: RFC 5280, 4.1 - Basic Certificate Fields.
*/
@@ -19887,12 +20923,12 @@ static const ASNItem x509CertASN[] = {
/* tbsCertificate TBSCertificate */
/* TBSCertificate ::= SEQUENCE */
/* TBS_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 },
- /* version [0] EXPLICT Version DEFAULT v1 */
+ /* version [0] EXPLICIT Version DEFAULT v1 */
/* TBS_VER */ { 2, ASN_CONTEXT_SPECIFIC | ASN_X509_CERT_VERSION, 1, 1, 1 },
/* Version ::= INTEGER { v1(0), v2(1), v3(2) */
/* TBS_VER_INT */ { 3, ASN_INTEGER, 0, 0, 0 },
/* serialNumber CertificateSerialNumber */
- /* CetificateSerialNumber ::= INTEGER */
+ /* CertificateSerialNumber ::= INTEGER */
/* TBS_SERIAL */ { 2, ASN_INTEGER, 0, 0, 0 },
/* signature AlgorithmIdentifier */
/* AlgorithmIdentifier ::= SEQUENCE */
@@ -20082,6 +21118,40 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
word32 pubKeyEnd = 0;
int done = 0;
+#if defined(HAVE_RPK)
+ /* try to parse the cert as Raw Public Key cert */
+ DECL_ASNGETDATA(RPKdataASN, RPKCertASN_Length);
+ CALLOC_ASNGETDATA(RPKdataASN, RPKCertASN_Length, ret, cert->heap);
+ GetASN_OID(&RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID],
+ oidKeyType);
+ GetASN_OID(&RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_CURVEID],
+ oidCurveType);
+ ret = GetASN_Items(RPKCertASN, RPKdataASN, RPKCertASN_Length, 1,
+ cert->source, &cert->srcIdx, cert->maxIdx);
+ if (ret == 0) {
+ cert->keyOID =
+ RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID].data.oid.sum;
+
+ /* Parse the public key. */
+ pubKeyOffset = RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_SEQ].offset;
+ pubKeyEnd = cert->maxIdx;
+ ret = GetCertKey(cert, cert->source, &pubKeyOffset, pubKeyEnd);
+ if (ret == 0) {
+ WOLFSSL_MSG("Raw Public Key certificate found and parsed");
+ cert->isRPK = 1;
+ }
+ }
+ /* Dispose of memory before allocating for extension decoding. */
+ FREE_ASNGETDATA(RPKdataASN, cert->heap);
+
+ if (ret == 0) {
+ return ret;
+ }
+ else {
+ ret = 0; /* proceed to the original x509 parsing */
+ }
+#endif /* HAVE_RPK */
+
CALLOC_ASNGETDATA(dataASN, x509CertASN_Length, ret, cert->heap);
if (ret == 0) {
@@ -20132,7 +21202,8 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
i = (dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC].tag != 0)
? X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC
: X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT;
- if ((CheckDate(&dataASN[i], BEFORE) < 0) && verify) {
+ if ((CheckDate(&dataASN[i], BEFORE) < 0) && (verify != NO_VERIFY) &&
+ (verify != VERIFY_SKIP_DATE)) {
badDate = ASN_BEFORE_DATE_E;
}
/* Store reference to BEFOREdate. */
@@ -20143,7 +21214,8 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
i = (dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC].tag != 0)
? X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC
: X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT;
- if ((CheckDate(&dataASN[i], AFTER) < 0) && verify) {
+ if ((CheckDate(&dataASN[i], AFTER) < 0) && (verify != NO_VERIFY) &&
+ (verify != VERIFY_SKIP_DATE)) {
badDate = ASN_AFTER_DATE_E;
}
/* Store reference to AFTER date. */
@@ -20401,7 +21473,7 @@ static const byte strAttrChoice[] = {
*
* @param [in] cert Certificate request object.
* @param [out] criticalExt Critical extension return code.
- * @param [in] oid OID decribing which attribute was found.
+ * @param [in] oid OID describing which attribute was found.
* @param [in] aIdx Index into certificate source to start parsing.
* @param [in] input Attribute value data.
* @param [in] maxIdx Maximum index to parse to.
@@ -20477,6 +21549,22 @@ static int DecodeCertReqAttrValue(DecodedCert* cert, int* criticalExt,
}
break;
+ case UNSTRUCTURED_NAME_OID:
+ /* Clear dynamic data and specify choices acceptable. */
+ XMEMSET(strDataASN, 0, sizeof(strDataASN));
+ GetASN_Choice(&strDataASN[STRATTRASN_IDX_STR], strAttrChoice);
+ /* Parse a string. */
+ ret = GetASN_Items(strAttrASN, strDataASN, strAttrASN_Length,
+ 1, input, &idx, maxIdx);
+ if (ret == 0) {
+ /* Store references to unstructured name. */
+ cert->unstructuredName =
+ (char*)strDataASN[STRATTRASN_IDX_STR].data.ref.data;
+ cert->unstructuredNameLen = (int)strDataASN[STRATTRASN_IDX_STR].
+ data.ref.length;
+ }
+ break;
+
/* Certificate extensions to be included in generated certificate.
* PKCS#9: RFC 2985, 5.4.2 - Extension request
*/
@@ -20721,7 +21809,7 @@ int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
#if (!defined(WOLFSSL_NO_MALLOC) && !defined(NO_WOLFSSL_CM_VERIFY)) || \
defined(WOLFSSL_DYN_CERT)
- /* cert->subjectCN not stored as copy of WOLFSSL_NO_MALLOC defind */
+ /* cert->subjectCN not stored as copy of WOLFSSL_NO_MALLOC defined */
if (cert->subjectCNLen > 0) {
ptr = (char*)XMALLOC((size_t)cert->subjectCNLen + 1, cert->heap,
DYNAMIC_TYPE_SUBJECT_CN);
@@ -20760,29 +21848,10 @@ int wc_ParseCert(DecodedCert* cert, int type, int verify, void* cm)
return ParseCert(cert, type, verify, cm);
}
-#if !defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_X509_SMALL) && \
- !defined(GetCA)
-/* from SSL proper, for locking can't do find here anymore.
- * brought in from internal.h if built with compat layer.
- * if defined(GetCA), it's a predefined macro and these prototypes
- * would conflict.
- */
-#ifdef __cplusplus
- extern "C" {
-#endif
- Signer* GetCA(void* signers, byte* hash);
- #ifndef NO_SKID
- Signer* GetCAByName(void* signers, byte* hash);
- #endif
-#ifdef __cplusplus
- }
-#endif
-
-#endif /* !OPENSSL_EXTRA && !OPENSSL_EXTRA_X509_SMALL && !GetCA */
-
-#if defined(WOLFCRYPT_ONLY)
+#ifdef WOLFCRYPT_ONLY
/* dummy functions, not using wolfSSL so don't need actual ones */
+Signer* GetCA(void* signers, byte* hash);
Signer* GetCA(void* signers, byte* hash)
{
(void)hash;
@@ -20791,6 +21860,7 @@ Signer* GetCA(void* signers, byte* hash)
}
#ifndef NO_SKID
+Signer* GetCAByName(void* signers, byte* hash);
Signer* GetCAByName(void* signers, byte* hash)
{
(void)hash;
@@ -20799,6 +21869,21 @@ Signer* GetCAByName(void* signers, byte* hash)
}
#endif /* NO_SKID */
+#ifdef WOLFSSL_AKID_NAME
+Signer* GetCAByAKID(void* vp, const byte* issuer, word32 issuerSz,
+ const byte* serial, word32 serialSz);
+Signer* GetCAByAKID(void* vp, const byte* issuer, word32 issuerSz,
+ const byte* serial, word32 serialSz)
+{
+ (void)issuer;
+ (void)issuerSz;
+ (void)serial;
+ (void)serialSz;
+
+ return (Signer*)vp;
+}
+#endif
+
#endif /* WOLFCRYPT_ONLY */
#if defined(WOLFSSL_NO_TRUSTED_CERTS_VERIFY) && !defined(NO_SKID)
@@ -20825,6 +21910,7 @@ static Signer* GetCABySubjectAndPubKey(DecodedCert* cert, void* cm)
*
* @param [in] input Input data.
* @param [in] maxIdx Maximum index for data.
+ * @param [in] sigOID Signature OID for determining hash algorithm.
* @param [out] hash Hash of AKI.
* @param [out] set Whether the hash buffer was set.
* @param [in] heap Dynamic memory allocation hint.
@@ -20833,10 +21919,10 @@ static Signer* GetCABySubjectAndPubKey(DecodedCert* cert, void* cm)
* is invalid.
* @return MEMORY_E on dynamic memory allocation failure.
*/
-static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set,
- void* heap)
+static int GetAKIHash(const byte* input, word32 maxIdx, word32 sigOID,
+ byte* hash, int* set, void* heap)
{
- /* AKI and Certificate Extenion ASN.1 templates are the same length. */
+ /* AKI and Certificate Extension ASN.1 templates are the same length. */
DECL_ASNGETDATA(dataASN, certExtASN_Length);
int ret = 0;
word32 idx = 0;
@@ -20882,9 +21968,9 @@ static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set,
*set = 1;
/* Get the hash or hash of the hash if wrong size. */
ret = GetHashId(
- dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
- dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
- hash);
+ dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
+ (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
+ hash, HashIdAlg(sigOID));
}
break;
}
@@ -21149,7 +22235,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
/* Get the hash or hash of the hash if wrong
* size. */
ret = GetHashId(cert + extIdx, extLen,
- hash);
+ hash, HashIdAlg(signatureOID));
}
}
break;
@@ -21171,14 +22257,16 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
if (extAuthKeyIdSet)
ca = GetCA(cm, hash);
if (ca == NULL) {
- ret = CalcHashId(cert + issuerIdx, issuerSz, hash);
+ ret = CalcHashId_ex(cert + issuerIdx, issuerSz, hash,
+ HashIdAlg(signatureOID));
if (ret == 0)
ca = GetCAByName(cm, hash);
}
}
#else
if (ret == 0 && pubKey == NULL) {
- ret = CalcHashId(cert + issuerIdx, issuerSz, hash);
+ ret = CalcHashId_ex(cert + issuerIdx, issuerSz, hash,
+ HashIdAlg(signatureOID));
if (ret == 0)
ca = GetCA(cm, hash);
}
@@ -21407,7 +22495,8 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
/* Find the AKI extension in list of extensions and get hash. */
if ((!req) && (akiData != NULL)) {
/* TODO: test case */
- ret = GetAKIHash(akiData, akiLen, hash, &extAuthKeyIdSet, heap);
+ ret = GetAKIHash(akiData, akiLen, sigOID, hash, &extAuthKeyIdSet,
+ heap);
}
/* Get the CA by hash one was found. */
@@ -21418,7 +22507,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
#endif
{
/* Try hash of issuer name. */
- ret = CalcHashId(caName, caNameLen, hash);
+ ret = CalcHashId_ex(caName, caNameLen, hash, HashIdAlg(sigOID));
if (ret == 0) {
ca = GetCAByName(cm, hash);
}
@@ -21428,7 +22517,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
/* Extract public key information. */
pubKey = ca->publicKey;
pubKeySz = ca->pubKeySize;
- pubKeyOID = ca->keyOID;
+ pubKeyOID = (int)ca->keyOID;
}
else {
/* No public key to verify with. */
@@ -21450,7 +22539,8 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
/* Check signature. */
ret = ConfirmSignature(sigCtx, tbs, tbsSz, pubKey, pubKeySz,
- pubKeyOID, sig, sigSz, sigOID, sigParams, sigParamsSz, NULL);
+ (word32)pubKeyOID, sig, sigSz, sigOID, sigParams, sigParamsSz,
+ NULL);
if (ret != 0) {
WOLFSSL_MSG("Confirm signature failed");
}
@@ -21589,7 +22679,7 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
}
/* Skip data if required. */
else if (op.op == DECODE_INSTR_OVER) {
- o += l;
+ o += (word32)l;
}
}
}
@@ -21598,7 +22688,7 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
/* Return the public key data and length.
* Skip first byte of BIT_STRING data: unused bits. */
*pubKey = cert + o + 1;
- *pubKeySz = l - 1;
+ *pubKeySz = (word32)(l - 1);
}
return ret;
@@ -21614,7 +22704,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
int len = 0;
#endif
#endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
int idx = 0;
#endif
byte* sce_tsip_encRsaKeyIdx;
@@ -21643,7 +22733,11 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
}
WOLFSSL_MSG("Parsed Past Key");
-
+#if defined(HAVE_RPK)
+ if (cert->isRPK) {
+ return ret;
+ }
+#endif /* HAVE_RPK */
#ifdef WOLFSSL_CERT_REQ
/* Read attributes */
@@ -21888,14 +22982,38 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
WOLFSSL_ERROR_VERBOSE(ret);
return ret;
}
+#if defined(HAVE_RPK)
+ if (cert->isRPK) {
+ return ret;
+ }
+#endif /* HAVE_RPK */
}
#endif
+ #ifndef ALLOW_INVALID_CERTSIGN
+ /* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.9
+ * If the cA boolean is not asserted, then the keyCertSign bit in the
+ * key usage extension MUST NOT be asserted. */
+ if (!cert->isCA && cert->extKeyUsageSet &&
+ (cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) {
+ WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
+ return KEYUSAGE_E;
+ }
+ #endif
+
#ifndef NO_SKID
if (cert->extSubjKeyIdSet == 0 && cert->publicKey != NULL &&
cert->pubKeySize > 0) {
- ret = CalcHashId(cert->publicKey, cert->pubKeySize,
- cert->extSubjKeyId);
+ if (cert->signatureOID == CTC_SM3wSM2) {
+ /* TODO: GmSSL creates IDs this way but whole public key info
+ * block should be hashed. */
+ ret = CalcHashId_ex(cert->publicKey + cert->pubKeySize - 65, 65,
+ cert->extSubjKeyId, HashIdAlg(cert->signatureOID));
+ }
+ else {
+ ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize,
+ cert->extSubjKeyId, HashIdAlg(cert->signatureOID));
+ }
if (ret != 0) {
WOLFSSL_ERROR_VERBOSE(ret);
return ret;
@@ -21909,13 +23027,20 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
#ifndef NO_SKID
if (cert->extAuthKeyIdSet) {
cert->ca = GetCA(cm, cert->extAuthKeyId);
+ #ifdef WOLFSSL_AKID_NAME
+ if (cert->ca == NULL) {
+ cert->ca = GetCAByAKID(cm, cert->extAuthKeyIdIssuer,
+ cert->extAuthKeyIdIssuerSz, cert->extAuthKeyIdIssuerSN,
+ cert->extAuthKeyIdIssuerSNSz);
+ }
+ #endif
}
if (cert->ca == NULL && cert->extSubjKeyIdSet
&& verify != VERIFY_OCSP) {
cert->ca = GetCA(cm, cert->extSubjKeyId);
}
if (cert->ca != NULL && XMEMCMP(cert->issuerHash,
- cert->ca->subjectNameHash, KEYID_SIZE) != 0) {
+ cert->ca->subjectNameHash, KEYID_SIZE) != 0) {
cert->ca = NULL;
}
if (cert->ca == NULL) {
@@ -21947,93 +23072,31 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
}
}
- if (cert->selfSigned) {
- cert->maxPathLen = WOLFSSL_MAX_PATH_LEN;
- } else {
- /* RFC 5280 Section 4.2.1.9:
- *
- * load/receive check
- *
- * 1) Is CA boolean set?
- * No - SKIP CHECK
- * Yes - Check key usage
- * 2) Is Key usage extension present?
- * No - goto 3
- * Yes - check keyCertSign assertion
- * 2.a) Is keyCertSign asserted?
- * No - goto 4
- * Yes - goto 3
- * 3) Is pathLen set?
- * No - goto 4
- * Yes - check pathLen against maxPathLen.
- * 3.a) Is pathLen less than maxPathLen?
- * No - goto 4
- * Yes - set maxPathLen to pathLen and EXIT
- * 4) Is maxPathLen > 0?
- * Yes - Reduce by 1
- * No - ERROR
- */
+ /* Set to WOLFSSL_MAX_PATH_LEN by default in InitDecodedCert_ex */
+ if (cert->pathLengthSet)
+ cert->maxPathLen = cert->pathLength;
- if (cert->ca && cert->pathLengthSet) {
- int checkPathLen = 0;
- int decrementMaxPathLen = 0;
- cert->maxPathLen = cert->pathLength;
- if (cert->isCA) {
- WOLFSSL_MSG("\tCA boolean set");
- if (cert->extKeyUsageSet) {
- WOLFSSL_MSG("\tExtension Key Usage Set");
- if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) {
- checkPathLen = 1;
- }
- else {
- decrementMaxPathLen = 1;
- }
- }
- else {
- checkPathLen = 1;
- } /* !cert->ca check */
- } /* cert is not a CA (assuming entity cert) */
-
- if (checkPathLen && cert->pathLengthSet) {
- if (cert->pathLength < cert->ca->maxPathLen) {
- WOLFSSL_MSG("\tmaxPathLen status: set to pathLength");
- cert->maxPathLen = cert->pathLength;
- }
- else {
- decrementMaxPathLen = 1;
- }
- }
-
- if (decrementMaxPathLen && cert->ca->maxPathLen > 0) {
- WOLFSSL_MSG("\tmaxPathLen status: reduce by 1");
- cert->maxPathLen = (byte)(cert->ca->maxPathLen - 1);
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
- WOLFSSL_MSG("\tmaxPathLen status: OK");
- }
- } else if (decrementMaxPathLen && cert->ca->maxPathLen == 0) {
+ if (!cert->selfSigned) {
+ /* Need to perform a pathlen check on anything that will be used
+ * to sign certificates later on. Otherwise, pathLen doesn't
+ * mean anything.
+ * Nothing to check if we don't have the issuer of this cert. */
+ if (type != CERT_TYPE && cert->isCA && cert->extKeyUsageSet &&
+ (cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0 && cert->ca) {
+ if (cert->ca->maxPathLen == 0) {
+ /* This cert CAN NOT be used as an intermediate cert. The
+ * issuer does not allow it. */
cert->maxPathLen = 0;
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
+ if (verify != NO_VERIFY) {
WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0");
WOLFSSL_MSG("\tmaxPathLen status: ERROR");
WOLFSSL_ERROR_VERBOSE(ASN_PATHLEN_INV_E);
return ASN_PATHLEN_INV_E;
}
}
- } else if (cert->ca && cert->isCA) {
- /* case where cert->pathLength extension is not set */
- if (cert->ca->maxPathLen > 0) {
- cert->maxPathLen = (byte)(cert->ca->maxPathLen - 1);
- } else {
- cert->maxPathLen = 0;
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
- WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0");
- WOLFSSL_MSG("\tmaxPathLen status: ERROR");
- WOLFSSL_ERROR_VERBOSE(ASN_PATHLEN_INV_E);
- return ASN_PATHLEN_INV_E;
- }
+ else {
+ cert->maxPathLen = (byte)min(cert->ca->maxPathLen - 1,
+ cert->maxPathLen);
}
}
}
@@ -22044,12 +23107,12 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
if (cert->ca) {
/* Need the CA's public key hash for OCSP */
XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash,
- KEYID_SIZE);
+ KEYID_SIZE);
}
}
#endif /* HAVE_OCSP */
}
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
/* prepare for TSIP TLS cert verification API use */
if (cert->keyOID == RSAk) {
/* to call TSIP API, it needs keys position info in bytes */
@@ -22063,7 +23126,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
return ret;
}
cert->sigCtx.CertAtt.certBegin = cert->certBegin;
- } else if (cert->keyOID == ECDSAk) {
+ }
+ else if (cert->keyOID == ECDSAk) {
cert->sigCtx.CertAtt.certBegin = cert->certBegin;
}
/* check if we can use TSIP for cert verification */
@@ -22317,24 +23381,6 @@ void FreeTrustedPeerTable(TrustedPeerCert** table, int rows, void* heap)
}
#endif /* WOLFSSL_TRUST_PEER_CERT */
-int SetMyVersion(word32 version, byte* output, int header)
-{
- int i = 0;
-
- if (output == NULL)
- return BAD_FUNC_ARG;
-
- if (header) {
- output[i++] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
- output[i++] = 3;
- }
- output[i++] = ASN_INTEGER;
- output[i++] = 0x01;
- output[i++] = (byte)version;
-
- return i;
-}
-
#if !defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_PKCS7)
int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
word32 outputSz, int maxSnSz)
@@ -22385,6 +23431,27 @@ int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
#endif /* !NO_CERTS */
+#if defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_PKCS12) || \
+ (defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT))
+int SetMyVersion(word32 version, byte* output, int header)
+{
+ int i = 0;
+
+ if (output == NULL)
+ return BAD_FUNC_ARG;
+
+ if (header) {
+ output[i++] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
+ output[i++] = 3;
+ }
+ output[i++] = ASN_INTEGER;
+ output[i++] = 0x01;
+ output[i++] = (byte)version;
+
+ return i;
+}
+#endif
+
#ifndef WOLFSSL_ASN_TEMPLATE
int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
byte* serial, int* serialSz, word32 maxIdx)
@@ -22436,6 +23503,7 @@ int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
/* Determine dynamic type */
switch (type) {
case CA_TYPE: dynType = DYNAMIC_TYPE_CA; break;
+ case CHAIN_CERT_TYPE:
case CERT_TYPE: dynType = DYNAMIC_TYPE_CERT; break;
case CRL_TYPE: dynType = DYNAMIC_TYPE_CRL; break;
case DSA_TYPE: dynType = DYNAMIC_TYPE_DSA; break;
@@ -22600,6 +23668,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
switch (type) {
case CA_TYPE: /* same as below */
case TRUSTED_PEER_TYPE:
+ case CHAIN_CERT_TYPE:
case CERT_TYPE:
if (header) *header = BEGIN_CERT;
if (footer) *footer = END_CERT;
@@ -23145,7 +24214,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
const char* bufferEnd = (const char*)(buff + longSz);
long neededSz;
int ret = 0;
- int sz = (int)longSz;
+ word32 sz = (word32)longSz;
int encrypted_key = 0;
DerBuffer* der;
word32 algId = 0;
@@ -23164,7 +24233,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
/* map header if not found for type */
for (;;) {
- headerEnd = XSTRNSTR((char*)buff, header, (word32)sz);
+ headerEnd = XSTRNSTR((char*)buff, header, sz);
if (headerEnd) {
break;
}
@@ -23247,7 +24316,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
headerEnd = XSTRNSTR((char*)buff, PRIV_KEY_SUFFIX, sz);
if (headerEnd) {
const char* beginEnd;
- int endLen;
+ unsigned int endLen;
beginEnd = headerEnd + XSTR_SIZEOF(PRIV_KEY_SUFFIX);
if (beginEnd >= (char*)buff + sz) {
@@ -23271,7 +24340,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
}
/* headerEnd now points to beginning of header */
- XMEMCPY(beginBuf, headerEnd, beginEnd - headerEnd);
+ XMEMCPY(beginBuf, headerEnd, (size_t)(beginEnd - headerEnd));
beginBuf[beginEnd - headerEnd] = '\0';
/* look for matching footer */
footer = XSTRNSTR(beginEnd,
@@ -23291,10 +24360,10 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
return BUFFER_E;
}
- endLen = (unsigned int)(beginEnd - headerEnd -
+ endLen = (unsigned int)((size_t)(beginEnd - headerEnd) -
(XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX) -
XSTR_SIZEOF(END_PRIV_KEY_PREFIX)));
- XMEMCPY(endBuf, footer, endLen);
+ XMEMCPY(endBuf, footer, (size_t)endLen);
endBuf[endLen] = '\0';
header = beginBuf;
@@ -23380,7 +24449,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
/* set up der buffer */
neededSz = (long)(footerEnd - headerEnd);
- if (neededSz > sz || neededSz <= 0)
+ if (neededSz > (long)sz || neededSz <= 0)
return BUFFER_E;
ret = AllocDer(pDer, (word32)neededSz, type, heap);
@@ -23659,7 +24728,8 @@ int wc_CertPemToDer(const unsigned char* pem, int pemSz,
return BAD_FUNC_ARG;
}
- if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) {
+ if (type != CERT_TYPE && type != CHAIN_CERT_TYPE && type != CA_TYPE &&
+ type != CERTREQ_TYPE) {
WOLFSSL_MSG("Bad cert type");
return BAD_FUNC_ARG;
}
@@ -24016,7 +25086,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
}
if (uuid == NULL) {
- *uuidSz = id->len;
+ *uuidSz = (word32)id->len;
return LENGTH_ONLY_E;
}
@@ -24024,7 +25094,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
return BUFFER_E;
}
- XMEMCPY(uuid, id->name, id->len);
+ XMEMCPY(uuid, id->name, (size_t)id->len);
ret = 0; /* success */
break;
}
@@ -24034,7 +25104,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
}
-/* reutrns 0 on success */
+/* returns 0 on success */
int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
{
int ret = ALT_NAME_E;
@@ -24044,7 +25114,7 @@ int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
id = FindAltName(cert, ASN_OTHER_TYPE, id);
if (id != NULL && id->oidSum == FASCN_OID) {
if (fascn == NULL) {
- *fascnSz = id->len;
+ *fascnSz = (word32)id->len;
return LENGTH_ONLY_E;
}
@@ -24052,7 +25122,7 @@ int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
return BUFFER_E;
}
- XMEMCPY(fascn, id->name, id->len);
+ XMEMCPY(fascn, id->name, (size_t)id->len);
ret = 0; /* success */
}
} while (id != NULL);
@@ -24590,7 +25660,7 @@ typedef struct DerCert {
int keyUsageSz; /* encoded KeyUsage extension length */
int extKeyUsageSz; /* encoded ExtendedKeyUsage extension length */
#ifndef IGNORE_NETSCAPE_CERT_TYPE
- int nsCertTypeSz; /* encoded Netscape Certifcate Type
+ int nsCertTypeSz; /* encoded Netscape Certificate Type
* extension length */
#endif
int certPoliciesSz; /* encoded CertPolicies extension length*/
@@ -24685,477 +25755,6 @@ static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz,
#endif /* WOLFSSL_CERT_GEN */
-#ifdef HAVE_ECC
-#ifdef WOLFSSL_ASN_TEMPLATE
-/* ASN.1 template for ECC public key (SubjectPublicKeyInfo).
- * RFC 5480, 2 - Subject Public Key Information Fields
- * 2.1.1 - Unrestricted Algorithm Identifier and Parameters
- * X9.62 ECC point format.
- * See ASN.1 template 'eccSpecifiedASN' for specifiedCurve.
- */
-static const ASNItem eccPublicKeyASN[] = {
-/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 },
- /* AlgorithmIdentifier */
-/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 },
- /* algorithm */
-/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 0 },
- /* namedCurve */
-/* ALGOID_CURVEID */ { 2, ASN_OBJECT_ID, 0, 0, 2 },
- /* specifiedCurve - explicit parameters */
-/* ALGOID_PARAMS */ { 2, ASN_SEQUENCE, 1, 0, 2 },
- /* Public Key */
-/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 },
-};
-enum {
- ECCPUBLICKEYASN_IDX_SEQ = 0,
- ECCPUBLICKEYASN_IDX_ALGOID_SEQ,
- ECCPUBLICKEYASN_IDX_ALGOID_OID,
- ECCPUBLICKEYASN_IDX_ALGOID_CURVEID,
- ECCPUBLICKEYASN_IDX_ALGOID_PARAMS,
- ECCPUBLICKEYASN_IDX_PUBKEY
-};
-
-/* Number of items in ASN.1 template for ECC public key. */
-#define eccPublicKeyASN_Length (sizeof(eccPublicKeyASN) / sizeof(ASNItem))
-#endif /* WOLFSSL_ASN_TEMPLATE */
-#endif /* HAVE_ECC */
-
-#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
-
-/* Encode public ECC key in DER format.
- *
- * RFC 5480, 2 - Subject Public Key Information Fields
- * 2.1.1 - Unrestricted Algorithm Identifier and Parameters
- * X9.62 ECC point format.
- * SEC 1 Ver. 2.0, C.2 - Syntax for Elliptic Curve Domain Parameters
- *
- * @param [out] output Buffer to put encoded data in.
- * @param [in] key ECC key object.
- * @param [in] outLen Size of buffer in bytes.
- * @param [in] with_header Whether to use SubjectPublicKeyInfo format.
- * @return Size of encoded data in bytes on success.
- * @return BAD_FUNC_ARG when key or key's parameters is NULL.
- * @return MEMORY_E when dynamic memory allocation failed.
- */
-static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
- int with_header, int comp)
-{
-#ifndef WOLFSSL_ASN_TEMPLATE
- int ret;
- word32 idx = 0, curveSz, algoSz, pubSz, bitStringSz;
- byte bitString[1 + MAX_LENGTH_SZ + 1]; /* 6 */
- byte algo[MAX_ALGO_SZ]; /* 20 */
-
- /* public size */
- pubSz = key->dp ? (word32)key->dp->size : MAX_ECC_BYTES;
- if (comp)
- pubSz = 1 + pubSz;
- else
- pubSz = 1 + 2 * pubSz;
-
- /* check for buffer overflow */
- if (output != NULL && pubSz > (word32)outLen) {
- return BUFFER_E;
- }
-
- /* headers */
- if (with_header) {
- ret = SetCurve(key, NULL, 0);
- if (ret <= 0) {
- return ret;
- }
- curveSz = (word32)ret;
- ret = 0;
-
- /* calculate size */
- algoSz = SetAlgoID(ECDSAk, algo, oidKeyType, (int)curveSz);
- bitStringSz = SetBitString(pubSz, 0, bitString);
- idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz, NULL);
-
- /* check for buffer overflow */
- if (output != NULL &&
- curveSz + algoSz + bitStringSz + idx + pubSz > (word32)outLen) {
- return BUFFER_E;
- }
-
- idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz,
- output);
- /* algo */
- if (output)
- XMEMCPY(output + idx, algo, algoSz);
- idx += algoSz;
- /* curve */
- if (output)
- (void)SetCurve(key, output + idx, curveSz);
- idx += curveSz;
- /* bit string */
- if (output)
- XMEMCPY(output + idx, bitString, bitStringSz);
- idx += bitStringSz;
- }
-
- /* pub */
- if (output) {
- PRIVATE_KEY_UNLOCK();
- ret = wc_ecc_export_x963_ex(key, output + idx, &pubSz, comp);
- PRIVATE_KEY_LOCK();
- if (ret != 0) {
- return ret;
- }
- }
- idx += pubSz;
-
- return (int)idx;
-#else
- word32 pubSz = 0;
- int sz = 0;
- int ret = 0;
- int curveIdSz = 0;
- byte* curveOid = NULL;
-
- /* Check key validity. */
- if ((key == NULL) || (key->dp == NULL)) {
- ret = BAD_FUNC_ARG;
- }
-
- if (ret == 0) {
- /* Calculate the size of the encoded public point. */
- PRIVATE_KEY_UNLOCK();
- #if defined(HAVE_COMP_KEY) && defined(HAVE_FIPS) && \
- defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2)
- /* in earlier versions of FIPS the get length functionality is not
- * available with compressed keys */
- pubSz = key->dp ? key->dp->size : MAX_ECC_BYTES;
- if (comp)
- pubSz = 1 + pubSz;
- else
- pubSz = 1 + 2 * pubSz;
- ret = LENGTH_ONLY_E;
- #else
- ret = wc_ecc_export_x963_ex(key, NULL, &pubSz, comp);
- #endif
- PRIVATE_KEY_LOCK();
- /* LENGTH_ONLY_E on success. */
- if (ret == LENGTH_ONLY_E) {
- ret = 0;
- }
- }
- if ((ret == 0) && with_header) {
- /* Including SubjectPublicKeyInfo header. */
- DECL_ASNSETDATA(dataASN, eccPublicKeyASN_Length);
-
- CALLOC_ASNSETDATA(dataASN, eccPublicKeyASN_Length, ret, key->heap);
-
- /* Get the length of the named curve OID to put into the encoding. */
- curveIdSz = SetCurve(key, NULL, 0);
- if (curveIdSz < 0) {
- ret = curveIdSz;
- }
-
- if (ret == 0) {
- /* Set the key type OID. */
- SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk,
- oidKeyType);
- /* Set the curve OID. */
- SetASN_ReplaceBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID],
- NULL, (word32)curveIdSz);
- /* Don't try to write out explicit parameters. */
- dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1;
- /* Set size of public point to ensure space is made for it. */
- SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz);
- /* Calculate size of ECC public key. */
- ret = SizeASN_Items(eccPublicKeyASN, dataASN,
- eccPublicKeyASN_Length, &sz);
- }
-
- /* Check buffer, if passed in, is big enough for encoded data. */
- if ((ret == 0) && (output != NULL) && (sz > outLen)) {
- ret = BUFFER_E;
- }
- if ((ret == 0) && (output != NULL)) {
- /* Encode ECC public key. */
- SetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length,
- output);
- /* Skip to where public point is to be encoded. */
- output += sz - (int)pubSz;
- /* Cache the location to place the name curve OID. */
- curveOid = (byte*)
- dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID].data.buffer.data;
- }
-
- FREE_ASNSETDATA(dataASN, key->heap);
- }
- else if ((ret == 0) && (output != NULL) && (pubSz > (word32)outLen)) {
- ret = BUFFER_E;
- }
- else {
- /* Total size is the public point size. */
- sz = (int)pubSz;
- }
-
- if ((ret == 0) && (output != NULL)) {
- /* Put named curve OID data into encoding. */
- curveIdSz = SetCurve(key, curveOid, (size_t)curveIdSz);
- if (curveIdSz < 0) {
- ret = curveIdSz;
- }
- }
- if ((ret == 0) && (output != NULL)) {
- /* Encode public point. */
- PRIVATE_KEY_UNLOCK();
- ret = wc_ecc_export_x963_ex(key, output, &pubSz, comp);
- PRIVATE_KEY_LOCK();
- }
- if (ret == 0) {
- /* Return the size of the encoding. */
- ret = sz;
- }
-
- return ret;
-#endif
-}
-
-
-/* Encode the public part of an ECC key in a DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in] key ECC key object.
- * @param [out] output Buffer to hold DER encoding.
- * @param [in] inLen Size of buffer in bytes.
- * @param [in] with_AlgCurve Whether to use SubjectPublicKeyInfo format.
- * @return Size of encoded data in bytes on success.
- * @return BAD_FUNC_ARG when key or key's parameters is NULL.
- * @return MEMORY_E when dynamic memory allocation failed.
- */
-WOLFSSL_ABI
-int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
- int with_AlgCurve)
-{
- return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, 0);
-}
-
-int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output, word32 inLen,
- int with_AlgCurve, int comp)
-{
- return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, comp);
-}
-
-int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve)
-{
- return SetEccPublicKey(NULL, key, 0, with_AlgCurve, 0);
-}
-
-#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
-
-#ifdef WOLFSSL_ASN_TEMPLATE
-#if defined(WC_ENABLE_ASYM_KEY_EXPORT) || defined(WC_ENABLE_ASYM_KEY_IMPORT)
-/* ASN.1 template for Ed25519 and Ed448 public key (SubkectPublicKeyInfo).
- * RFC 8410, 4 - Subject Public Key Fields
- */
-static const ASNItem edPubKeyASN[] = {
- /* SubjectPublicKeyInfo */
-/* SEQ */ { 0, ASN_SEQUENCE, 1, 1, 0 },
- /* AlgorithmIdentifier */
-/* ALGOID_SEQ */ { 1, ASN_SEQUENCE, 1, 1, 0 },
- /* Ed25519/Ed448 OID */
-/* ALGOID_OID */ { 2, ASN_OBJECT_ID, 0, 0, 1 },
- /* Public key stream */
-/* PUBKEY */ { 1, ASN_BIT_STRING, 0, 0, 0 },
-};
-enum {
- EDPUBKEYASN_IDX_SEQ = 0,
- EDPUBKEYASN_IDX_ALGOID_SEQ,
- EDPUBKEYASN_IDX_ALGOID_OID,
- EDPUBKEYASN_IDX_PUBKEY
-};
-
-/* Number of items in ASN.1 template for Ed25519 and Ed448 public key. */
-#define edPubKeyASN_Length (sizeof(edPubKeyASN) / sizeof(ASNItem))
-#endif /* WC_ENABLE_ASYM_KEY_EXPORT || WC_ENABLE_ASYM_KEY_IMPORT */
-#endif /* WOLFSSL_ASN_TEMPLATE */
-
-#ifdef WC_ENABLE_ASYM_KEY_EXPORT
-
-/* Build ASN.1 formatted public key based on RFC 8410
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in] pubKey public key buffer
- * @param [in] pubKeyLen public ket buffer length
- * @param [out] output Buffer to put encoded data in (optional)
- * @param [in] outLen Size of buffer in bytes
- * @param [in] keyType is "enum Key_Sum" like ED25519k
- * @param [in] withHeader Whether to include SubjectPublicKeyInfo around key.
- * @return Size of encoded data in bytes on success
- * @return BAD_FUNC_ARG when key is NULL.
- * @return MEMORY_E when dynamic memory allocation failed.
- */
-int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
- byte* output, word32 outLen, int keyType, int withHeader)
-{
- int ret = 0;
-#ifndef WOLFSSL_ASN_TEMPLATE
- word32 idx = 0;
- word32 seqDataSz = 0;
- word32 sz;
-#else
- int sz = 0;
- DECL_ASNSETDATA(dataASN, edPubKeyASN_Length);
-#endif
-
- if (pubKey == NULL) {
- return BAD_FUNC_ARG;
- }
-
-#ifndef WOLFSSL_ASN_TEMPLATE
- /* calculate size */
- if (withHeader) {
- word32 algoSz = SetAlgoID(keyType, NULL, oidKeyType, 0);
- word32 bitStringSz = SetBitString(pubKeyLen, 0, NULL);
-
- seqDataSz = algoSz + bitStringSz + pubKeyLen;
- sz = SetSequence(seqDataSz, NULL) + seqDataSz;
- }
- else {
- sz = pubKeyLen;
- }
-
- /* checkout output size */
- if (output != NULL && sz > outLen) {
- ret = BUFFER_E;
- }
-
- /* headers */
- if (ret == 0 && output != NULL && withHeader) {
- /* sequence */
- idx = SetSequence(seqDataSz, output);
- /* algo */
- idx += SetAlgoID(keyType, output + idx, oidKeyType, 0);
- /* bit string */
- idx += SetBitString(pubKeyLen, 0, output + idx);
- }
-
- if (ret == 0 && output != NULL) {
- /* pub */
- XMEMCPY(output + idx, pubKey, pubKeyLen);
- idx += pubKeyLen;
-
- sz = idx;
- }
-
- if (ret == 0) {
- ret = (int)sz;
- }
-#else
- if (withHeader) {
- CALLOC_ASNSETDATA(dataASN, edPubKeyASN_Length, ret, NULL);
-
- if (ret == 0) {
- /* Set the OID. */
- SetASN_OID(&dataASN[EDPUBKEYASN_IDX_ALGOID_OID], (word32)keyType,
- oidKeyType);
- /* Leave space for public point. */
- SetASN_Buffer(&dataASN[EDPUBKEYASN_IDX_PUBKEY], NULL, pubKeyLen);
- /* Calculate size of public key encoding. */
- ret = SizeASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, &sz);
- }
- if ((ret == 0) && (output != NULL) && (sz > (int)outLen)) {
- ret = BUFFER_E;
- }
- if ((ret == 0) && (output != NULL)) {
- /* Encode public key. */
- SetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, output);
- /* Set location to encode public point. */
- output = (byte*)dataASN[EDPUBKEYASN_IDX_PUBKEY].data.buffer.data;
- }
-
- FREE_ASNSETDATA(dataASN, NULL);
- }
- else if ((output != NULL) && (pubKeyLen > outLen)) {
- ret = BUFFER_E;
- }
- else if (ret == 0) {
- sz = (int)pubKeyLen;
- }
-
- if ((ret == 0) && (output != NULL)) {
- /* Put public key into space provided. */
- XMEMCPY(output, pubKey, pubKeyLen);
- }
- if (ret == 0) {
- ret = sz;
- }
-#endif /* WOLFSSL_ASN_TEMPLATE */
- return ret;
-}
-#endif /* WC_ENABLE_ASYM_KEY_EXPORT */
-
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-/* Encode the public part of an Ed25519 key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in] key Ed25519 key object.
- * @param [out] output Buffer to put encoded data in.
- * @param [in] outLen Size of buffer in bytes.
- * @param [in] withAlg Whether to use SubjectPublicKeyInfo format.
- * @return Size of encoded data in bytes on success.
- * @return BAD_FUNC_ARG when key is NULL.
- * @return MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
- int withAlg)
-{
- int ret;
- byte pubKey[ED25519_PUB_KEY_SIZE];
- word32 pubKeyLen = (word32)sizeof(pubKey);
-
- if (key == NULL) {
- return BAD_FUNC_ARG;
- }
-
- ret = wc_ed25519_export_public(key, pubKey, &pubKeyLen);
- if (ret == 0) {
- ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
- ED25519k, withAlg);
- }
- return ret;
-}
-#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT */
-
-#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-/* Encode the public part of an Ed448 key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in] key Ed448 key object.
- * @param [out] output Buffer to put encoded data in.
- * @param [in] outLen Size of buffer in bytes.
- * @param [in] withAlg Whether to use SubjectPublicKeyInfo format.
- * @return Size of encoded data in bytes on success.
- * @return BAD_FUNC_ARG when key is NULL.
- * @return MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
- int withAlg)
-{
- int ret;
- byte pubKey[ED448_PUB_KEY_SIZE];
- word32 pubKeyLen = (word32)sizeof(pubKey);
-
- if (key == NULL) {
- return BAD_FUNC_ARG;
- }
-
- ret = wc_ed448_export_public(key, pubKey, &pubKeyLen);
- if (ret == 0) {
- ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
- ED448k, withAlg);
- }
- return ret;
-}
-#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */
#ifdef WOLFSSL_CERT_GEN
#ifndef NO_ASN_TIME
@@ -25447,10 +26046,9 @@ static int SetCaWithPathLen(byte* out, word32 outSz, byte pathLen)
return (int)sizeof(caPathLenBasicConstASN1);
}
-
-/* encode CA basic constraints true
+/* encode CA basic constraints
* return total bytes written */
-static int SetCa(byte* out, word32 outSz)
+static int SetCaEx(byte* out, word32 outSz, byte isCa)
{
/* ASN1->DER sequence for Basic Constraints True */
const byte caBasicConstASN1[] = {
@@ -25466,9 +26064,20 @@ static int SetCa(byte* out, word32 outSz)
XMEMCPY(out, caBasicConstASN1, sizeof(caBasicConstASN1));
+ if (!isCa) {
+ out[sizeof(caBasicConstASN1)-1] = isCa;
+ }
+
return (int)sizeof(caBasicConstASN1);
}
+/* encode CA basic constraints true
+ * return total bytes written */
+static int SetCa(byte* out, word32 outSz)
+{
+ return SetCaEx(out, outSz, 1);
+}
+
/* encode basic constraints without CA Boolean
* return total bytes written */
static int SetBC(byte* out, word32 outSz)
@@ -26261,6 +26870,12 @@ static int EncodeName(EncodedName* name, const char* nameStr,
firstSz = cname->custom.oidSz;
break;
#endif
+ #ifdef WOLFSSL_CERT_REQ
+ case ASN_CONTENT_TYPE:
+ thisLen += (int)sizeof(attrPkcs9ContentTypeOid);
+ firstSz = (int)sizeof(attrPkcs9ContentTypeOid);
+ break;
+ #endif
default:
thisLen += DN_OID_SZ;
firstSz = DN_OID_SZ;
@@ -26325,6 +26940,15 @@ static int EncodeName(EncodedName* name, const char* nameStr,
name->encoded[idx++] = nameTag;
break;
#endif
+ #ifdef WOLFSSL_CERT_REQ
+ case ASN_CONTENT_TYPE:
+ XMEMCPY(name->encoded + idx, attrPkcs9ContentTypeOid,
+ sizeof(attrPkcs9ContentTypeOid));
+ idx += (int)sizeof(attrPkcs9ContentTypeOid);
+ /* str type */
+ name->encoded[idx++] = nameTag;
+ break;
+ #endif
default:
name->encoded[idx++] = 0x55;
name->encoded[idx++] = 0x04;
@@ -26397,6 +27021,12 @@ static int EncodeName(EncodedName* name, const char* nameStr,
oidSz = cname->custom.oidSz;
break;
#endif
+ #ifdef WOLFSSL_CERT_REQ
+ case ASN_CONTENT_TYPE:
+ oid = attrPkcs9ContentTypeOid;
+ oidSz = sizeof(attrPkcs9ContentTypeOid);
+ break;
+ #endif
default:
/* Construct OID using type. */
dnOid[2] = type;
@@ -26455,6 +27085,132 @@ int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr,
}
#endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
+#if (defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)) || \
+ (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
+
+/* Convert key usage string (comma delimited, null terminated) to word16
+ * Returns 0 on success, negative on error */
+int ParseKeyUsageStr(const char* value, word16* keyUsage, void* heap)
+{
+ int ret = 0;
+ char *token, *str, *ptr;
+ word32 len = 0;
+ word16 usage = 0;
+
+ if (value == NULL || keyUsage == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* duplicate string (including terminator) */
+ len = (word32)XSTRLEN(value);
+ str = (char*)XMALLOC(len + 1, heap, DYNAMIC_TYPE_TMP_BUFFER);
+ if (str == NULL) {
+ return MEMORY_E;
+ }
+ XMEMCPY(str, value, len + 1);
+
+ /* parse value, and set corresponding Key Usage value */
+ if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
+ XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+ return KEYUSAGE_E;
+ }
+ while (token != NULL) {
+ if (!XSTRCASECMP(token, "digitalSignature"))
+ usage |= KEYUSE_DIGITAL_SIG;
+ else if (!XSTRCASECMP(token, "nonRepudiation") ||
+ !XSTRCASECMP(token, "contentCommitment"))
+ usage |= KEYUSE_CONTENT_COMMIT;
+ else if (!XSTRCASECMP(token, "keyEncipherment"))
+ usage |= KEYUSE_KEY_ENCIPHER;
+ else if (!XSTRCASECMP(token, "dataEncipherment"))
+ usage |= KEYUSE_DATA_ENCIPHER;
+ else if (!XSTRCASECMP(token, "keyAgreement"))
+ usage |= KEYUSE_KEY_AGREE;
+ else if (!XSTRCASECMP(token, "keyCertSign"))
+ usage |= KEYUSE_KEY_CERT_SIGN;
+ else if (!XSTRCASECMP(token, "cRLSign"))
+ usage |= KEYUSE_CRL_SIGN;
+ else if (!XSTRCASECMP(token, "encipherOnly"))
+ usage |= KEYUSE_ENCIPHER_ONLY;
+ else if (!XSTRCASECMP(token, "decipherOnly"))
+ usage |= KEYUSE_DECIPHER_ONLY;
+ else {
+ ret = KEYUSAGE_E;
+ break;
+ }
+
+ token = XSTRTOK(NULL, ",", &ptr);
+ }
+
+ XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (ret == 0) {
+ *keyUsage = usage;
+ }
+
+ return ret;
+}
+
+/* Convert extended key usage string (comma delimited, null terminated) to byte
+ * Returns 0 on success, negative on error */
+int ParseExtKeyUsageStr(const char* value, byte* extKeyUsage, void* heap)
+{
+ int ret = 0;
+ char *token, *str, *ptr;
+ word32 len = 0;
+ byte usage = 0;
+
+ if (value == NULL || extKeyUsage == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* duplicate string (including terminator) */
+ len = (word32)XSTRLEN(value);
+ str = (char*)XMALLOC(len + 1, heap, DYNAMIC_TYPE_TMP_BUFFER);
+ if (str == NULL) {
+ return MEMORY_E;
+ }
+ XMEMCPY(str, value, len + 1);
+
+ /* parse value, and set corresponding Key Usage value */
+ if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
+ XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+ return EXTKEYUSAGE_E;
+ }
+ while (token != NULL) {
+ if (!XSTRCASECMP(token, "any"))
+ usage |= EXTKEYUSE_ANY;
+ else if (!XSTRCASECMP(token, "serverAuth"))
+ usage |= EXTKEYUSE_SERVER_AUTH;
+ else if (!XSTRCASECMP(token, "clientAuth"))
+ usage |= EXTKEYUSE_CLIENT_AUTH;
+ else if (!XSTRCASECMP(token, "codeSigning"))
+ usage |= EXTKEYUSE_CODESIGN;
+ else if (!XSTRCASECMP(token, "emailProtection"))
+ usage |= EXTKEYUSE_EMAILPROT;
+ else if (!XSTRCASECMP(token, "timeStamping"))
+ usage |= EXTKEYUSE_TIMESTAMP;
+ else if (!XSTRCASECMP(token, "OCSPSigning"))
+ usage |= EXTKEYUSE_OCSP_SIGN;
+ else {
+ ret = EXTKEYUSAGE_E;
+ break;
+ }
+
+ token = XSTRTOK(NULL, ",", &ptr);
+ }
+
+ XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (ret == 0) {
+ *extKeyUsage = usage;
+ }
+
+ return ret;
+}
+
+#endif /* (CERT_GEN && CERT_EXT) || (OPENSSL_ALL || OPENSSL_EXTRA) */
+
#ifdef WOLFSSL_CERT_GEN
/* Encodes one attribute of the name (issuer/subject)
* call we_EncodeName_ex with 0x16, IA5String for email type
@@ -27072,6 +27828,13 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz,
dataASN[CERTEXTSASN_IDX_BC_PATHLEN].noOut = 1;
}
}
+ #ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
+ else if (cert->isCaSet) {
+ SetASN_Boolean(&dataASN[CERTEXTSASN_IDX_BC_CA], 0);
+ SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_BC_OID], bcOID, sizeof(bcOID));
+ dataASN[CERTEXTSASN_IDX_BC_PATHLEN].noOut = 1;
+ }
+ #endif
else if (cert->basicConstSet) {
/* Set Basic Constraints to be a non Certificate Authority. */
SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_BC_OID], bcOID, sizeof(bcOID));
@@ -27127,7 +27890,7 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz,
#ifdef WOLFSSL_AKID_NAME
if (cert->rawAkid) {
SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_AKID_STR],
- cert->akid, cert->akidSz);
+ cert->akid, (word32)cert->akidSz);
/* cert->akid contains the internal ext structure */
SetASNItem_NoOutBelow(dataASN, certExtsASN,
CERTEXTSASN_IDX_AKID_STR, certExtsASN_Length);
@@ -27383,7 +28146,7 @@ static int SetValidity(byte* output, int daysValid)
/* subtract 1 day of seconds for more compliance */
then = now - 86400;
expandedTime = XGMTIME(&then, tmpTime);
- if (expandedTime == NULL) {
+ if (ValidateGmtime(expandedTime)) {
WOLFSSL_MSG("XGMTIME failed");
return 0; /* error */
}
@@ -27402,7 +28165,7 @@ static int SetValidity(byte* output, int daysValid)
/* add daysValid of seconds */
then = now + (daysValid * (time_t)86400);
expandedTime = XGMTIME(&then, tmpTime);
- if (expandedTime == NULL) {
+ if (ValidateGmtime(expandedTime)) {
WOLFSSL_MSG("XGMTIME failed");
return 0; /* error */
}
@@ -27451,7 +28214,7 @@ static int SetValidity(byte* before, byte* after, int daysValid)
/* subtract 1 day of seconds for more compliance */
then = now - 86400;
expandedTime = XGMTIME(&then, tmpTime);
- if (expandedTime == NULL) {
+ if (ValidateGmtime(expandedTime)) {
WOLFSSL_MSG("XGMTIME failed");
ret = DATE_E;
}
@@ -27467,7 +28230,7 @@ static int SetValidity(byte* before, byte* after, int daysValid)
/* add daysValid of seconds */
then = now + (daysValid * (time_t)86400);
expandedTime = XGMTIME(&then, tmpTime);
- if (expandedTime == NULL) {
+ if (ValidateGmtime(expandedTime)) {
WOLFSSL_MSG("XGMTIME failed");
ret = DATE_E;
}
@@ -27720,7 +28483,17 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
der->extensionsSz += der->caSz;
}
+#ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
/* Set CA */
+ else if (cert->isCaSet) {
+ der->caSz = SetCaEx(der->ca, sizeof(der->ca), cert->isCA);
+ if (der->caSz <= 0)
+ return EXTENSIONS_E;
+
+ der->extensionsSz += der->caSz;
+ }
+#endif
+ /* Set CA true */
else if (cert->isCA) {
der->caSz = SetCa(der->ca, sizeof(der->ca));
if (der->caSz <= 0)
@@ -28287,9 +29060,15 @@ int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
/* In place, put body between SEQUENCE and signature. */
if (ret == 0) {
- /* Set sigature OID and signature data. */
+ /* Set signature OID and signature data. */
SetASN_OID(&dataASN[SIGASN_IDX_SIGALGO_OID], (word32)sigAlgoType,
oidSigType);
+ if (dataASN[SIGASN_IDX_SIGALGO_OID].data.buffer.data == NULL) {
+ /* The OID was not found or compiled in! */
+ ret = ASN_UNKNOWN_OID_E;
+ }
+ }
+ if (ret == 0) {
if (IsSigAlgoECC((word32)sigAlgoType)) {
/* ECDSA and EdDSA doesn't have NULL tagged item. */
dataASN[SIGASN_IDX_SIGALGO_NULL].noOut = 1;
@@ -28720,7 +29499,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.buffer.length, 0);
}
if (ret >= 0) {
- /* Store encoded certifcate body size. */
+ /* Store encoded certificate body size. */
cert->bodySz = sz;
/* Return the encoding size. */
ret = sz;
@@ -29112,7 +29891,17 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
der->extensionsSz += der->caSz;
}
+#ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
/* Set CA */
+ else if (cert->isCaSet) {
+ der->caSz = SetCaEx(der->ca, sizeof(der->ca), cert->isCA);
+ if (der->caSz <= 0)
+ return EXTENSIONS_E;
+
+ der->extensionsSz += der->caSz;
+ }
+#endif
+ /* Set CA true */
else if (cert->isCA) {
der->caSz = SetCa(der->ca, sizeof(der->ca));
if (der->caSz <= 0)
@@ -29343,6 +30132,11 @@ static const ASNItem certReqBodyASN[] = {
/* ATTRS_CPW_SET */ { 3, ASN_SET, 1, 1, 0 },
/* ATTRS_CPW_PS */ { 4, ASN_PRINTABLE_STRING, 0, 0, 0 },
/* ATTRS_CPW_UTF */ { 4, ASN_UTF8STRING, 0, 0, 0 },
+/* ATTRS_USN_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 1 },
+/* ATTRS_USN_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 },
+/* ATTRS_USN_SET */ { 3, ASN_SET, 1, 1, 0 },
+/* ATTRS_USN_PS */ { 4, ASN_PRINTABLE_STRING, 0, 0, 0 },
+/* ATTRS_USN_UTF */ { 4, ASN_UTF8STRING, 0, 0, 0 },
/* Extensions Attribute */
/* EXT_SEQ */ { 2, ASN_SEQUENCE, 1, 1, 1 },
/* EXT_OID */ { 3, ASN_OBJECT_ID, 0, 0, 0 },
@@ -29360,6 +30154,11 @@ enum {
CERTREQBODYASN_IDX_ATTRS_CPW_SET,
CERTREQBODYASN_IDX_ATTRS_CPW_PS,
CERTREQBODYASN_IDX_ATTRS_CPW_UTF,
+ CERTREQBODYASN_IDX_ATTRS_USN_SEQ,
+ CERTREQBODYASN_IDX_ATTRS_USN_OID,
+ CERTREQBODYASN_IDX_ATTRS_USN_SET,
+ CERTREQBODYASN_IDX_ATTRS_USN_PS,
+ CERTREQBODYASN_IDX_ATTRS_USN_UTF,
CERTREQBODYASN_IDX_EXT_SEQ,
CERTREQBODYASN_IDX_EXT_OID,
CERTREQBODYASN_IDX_EXT_SET,
@@ -29613,6 +30412,23 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
SetASNItem_NoOutNode(dataASN, certReqBodyASN,
CERTREQBODYASN_IDX_ATTRS_CPW_SEQ, certReqBodyASN_Length);
}
+ if (cert->unstructuredName[0] != '\0') {
+ /* Add unstructured name attribute. */
+ /* Set unstructured name OID. */
+ SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_USN_OID],
+ attrUnstructuredNameOid, sizeof(attrUnstructuredNameOid));
+ /* PRINTABLE_STRING - set buffer */
+ SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_USN_PS],
+ (byte*)cert->unstructuredName,
+ (word32)XSTRLEN(cert->unstructuredName));
+ /* UTF8STRING - don't encode */
+ dataASN[CERTREQBODYASN_IDX_ATTRS_USN_UTF].noOut = 1;
+ }
+ else {
+ /* Leave out unstructured name attribute item. */
+ SetASNItem_NoOutNode(dataASN, certReqBodyASN,
+ CERTREQBODYASN_IDX_ATTRS_USN_SEQ, certReqBodyASN_Length);
+ }
if (extSz > 0) {
/* Set extension attribute OID. */
SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_EXT_OID], attrExtensionRequestOid,
@@ -29665,7 +30481,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
dataASN[CERTREQBODYASN_IDX_EXT_BODY].data.buffer.length, 1);
}
if (ret >= 0) {
- /* Store encoded certifcate request body size. */
+ /* Store encoded certificate request body size. */
cert->bodySz = sz;
/* Return the encoding size. */
ret = sz;
@@ -29963,12 +30779,22 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
/* Compute SKID by hashing public key */
if (kid_type == SKID_TYPE) {
- ret = CalcHashId(buf, (word32)bufferSz, cert->skid);
+ int hashId = HashIdAlg((word32)cert->sigType);
+ ret = CalcHashId_ex(buf, (word32)bufferSz, cert->skid, hashId);
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ cert->skidSz = wc_HashGetDigestSize(wc_HashTypeConvert(hashId));
+ #else
cert->skidSz = KEYID_SIZE;
+ #endif
}
else if (kid_type == AKID_TYPE) {
- ret = CalcHashId(buf, (word32)bufferSz, cert->akid);
+ int hashId = HashIdAlg((word32)cert->sigType);
+ ret = CalcHashId_ex(buf, (word32)bufferSz, cert->akid, hashId);
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ cert->akidSz = wc_HashGetDigestSize(wc_HashTypeConvert(hashId));
+ #else
cert->akidSz = KEYID_SIZE;
+ #endif
}
else
ret = BAD_FUNC_ARG;
@@ -30182,6 +31008,9 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
wc_ecc_free(eckey);
XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
#endif
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+ (void)idx;
+#endif
return ret;
}
@@ -30202,9 +31031,14 @@ static int SetAuthKeyIdFromDcert(Cert* cert, DecodedCert* decoded)
}
else {
- /* Put the SKID of CA to AKID of certificate */
- XMEMCPY(cert->akid, decoded->extSubjKeyId, KEYID_SIZE);
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ cert->akidSz = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ cert->sigType)));
+ #else
cert->akidSz = KEYID_SIZE;
+ #endif
+ /* Put the SKID of CA to AKID of certificate */
+ XMEMCPY(cert->akid, decoded->extSubjKeyId, (size_t)cert->akidSz);
}
return ret;
@@ -30264,56 +31098,14 @@ int wc_SetAuthKeyId(Cert *cert, const char* file)
int wc_SetKeyUsage(Cert *cert, const char *value)
{
int ret = 0;
- char *token, *str, *ptr;
- word32 len;
if (cert == NULL || value == NULL)
return BAD_FUNC_ARG;
cert->keyUsage = 0;
- /* duplicate string (including terminator) */
- len = (word32)XSTRLEN(value);
- str = (char*)XMALLOC(len+1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (str == NULL)
- return MEMORY_E;
- XMEMCPY(str, value, len+1);
-
- /* parse value, and set corresponding Key Usage value */
- if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return KEYUSAGE_E;
- }
- while (token != NULL)
- {
- if (!XSTRCASECMP(token, "digitalSignature"))
- cert->keyUsage |= KEYUSE_DIGITAL_SIG;
- else if (!XSTRCASECMP(token, "nonRepudiation") ||
- !XSTRCASECMP(token, "contentCommitment"))
- cert->keyUsage |= KEYUSE_CONTENT_COMMIT;
- else if (!XSTRCASECMP(token, "keyEncipherment"))
- cert->keyUsage |= KEYUSE_KEY_ENCIPHER;
- else if (!XSTRCASECMP(token, "dataEncipherment"))
- cert->keyUsage |= KEYUSE_DATA_ENCIPHER;
- else if (!XSTRCASECMP(token, "keyAgreement"))
- cert->keyUsage |= KEYUSE_KEY_AGREE;
- else if (!XSTRCASECMP(token, "keyCertSign"))
- cert->keyUsage |= KEYUSE_KEY_CERT_SIGN;
- else if (!XSTRCASECMP(token, "cRLSign"))
- cert->keyUsage |= KEYUSE_CRL_SIGN;
- else if (!XSTRCASECMP(token, "encipherOnly"))
- cert->keyUsage |= KEYUSE_ENCIPHER_ONLY;
- else if (!XSTRCASECMP(token, "decipherOnly"))
- cert->keyUsage |= KEYUSE_DECIPHER_ONLY;
- else {
- ret = KEYUSAGE_E;
- break;
- }
-
- token = XSTRTOK(NULL, ",", &ptr);
- }
+ ret = ParseKeyUsageStr(value, &cert->keyUsage, cert->heap);
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
@@ -30321,52 +31113,14 @@ int wc_SetKeyUsage(Cert *cert, const char *value)
int wc_SetExtKeyUsage(Cert *cert, const char *value)
{
int ret = 0;
- char *token, *str, *ptr;
- word32 len;
if (cert == NULL || value == NULL)
return BAD_FUNC_ARG;
cert->extKeyUsage = 0;
- /* duplicate string (including terminator) */
- len = (word32)XSTRLEN(value);
- str = (char*)XMALLOC(len+1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (str == NULL)
- return MEMORY_E;
- XMEMCPY(str, value, len+1);
-
- /* parse value, and set corresponding Key Usage value */
- if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return EXTKEYUSAGE_E;
- }
-
- while (token != NULL)
- {
- if (!XSTRCASECMP(token, "any"))
- cert->extKeyUsage |= EXTKEYUSE_ANY;
- else if (!XSTRCASECMP(token, "serverAuth"))
- cert->extKeyUsage |= EXTKEYUSE_SERVER_AUTH;
- else if (!XSTRCASECMP(token, "clientAuth"))
- cert->extKeyUsage |= EXTKEYUSE_CLIENT_AUTH;
- else if (!XSTRCASECMP(token, "codeSigning"))
- cert->extKeyUsage |= EXTKEYUSE_CODESIGN;
- else if (!XSTRCASECMP(token, "emailProtection"))
- cert->extKeyUsage |= EXTKEYUSE_EMAILPROT;
- else if (!XSTRCASECMP(token, "timeStamping"))
- cert->extKeyUsage |= EXTKEYUSE_TIMESTAMP;
- else if (!XSTRCASECMP(token, "OCSPSigning"))
- cert->extKeyUsage |= EXTKEYUSE_OCSP_SIGN;
- else {
- ret = EXTKEYUSAGE_E;
- break;
- }
+ ret = ParseExtKeyUsageStr(value, &cert->extKeyUsage, cert->heap);
- token = XSTRTOK(NULL, ",", &ptr);
- }
-
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
@@ -30428,9 +31182,9 @@ int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
ext = &cert->customCertExt[cert->customCertExtCount];
- ext->oid = oid;
+ ext->oid = (char*)oid;
ext->crit = (critical == 0) ? 0 : 1;
- ext->val = der;
+ ext->val = (byte*)der;
ext->valSz = derSz;
cert->customCertExtCount++;
@@ -31111,7 +31865,7 @@ int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g)
/* Encode the DH parameters into buffer. */
SetASN_Items(dhParamASN, dataASN, dhParamASN_Length, out);
/* Set the actual encoding size. */
- *outLen = sz;
+ *outLen = (word32)sz;
}
return ret;
@@ -31196,9 +31950,16 @@ int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
}
if (ret == 0) {
/* Encode DSA signature into buffer. */
- SetASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, out);
- /* Set the actual encoding size. */
- *outLen = (word32)sz;
+ ret = SetASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, out);
+ if (ret >= 0) {
+ if (ret == sz) {
+ /* Set the actual encoding size. */
+ *outLen = (word32)sz;
+ ret = 0;
+ } else {
+ ret = BAD_STATE_E;
+ }
+ }
}
return ret;
@@ -31288,6 +32049,14 @@ int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen,
/* Clear dynamic data and set buffers for r and s */
XMEMSET(dataASN, 0, sizeof(dataASN));
+ while ((rLen > 1) && (r[0] == 0)) {
+ rLen--;
+ r++;
+ }
+ while ((sLen > 1) && (s[0] == 0)) {
+ sLen--;
+ s++;
+ }
SetASN_Buffer(&dataASN[DSASIGASN_IDX_R], r, rLen);
SetASN_Buffer(&dataASN[DSASIGASN_IDX_S], s, sLen);
@@ -31461,7 +32230,7 @@ int DecodeECC_DSA_Sig_Ex(const byte* sig, word32 sigLen, mp_int* r, mp_int* s,
#ifdef WOLFSSL_ASN_TEMPLATE
-#ifdef WOLFSSL_CUSTOM_CURVES
+#if defined(HAVE_ECC) && defined(WOLFSSL_CUSTOM_CURVES)
/* Convert data to hex string.
*
* Big-endian byte array is converted to big-endian hexadecimal string.
@@ -31495,7 +32264,7 @@ static void DataToHexString(const byte* input, word32 inSz, char* out)
* @param [out] out Allocated buffer holding hex string.
* @param [in] heap Dynamic memory allocation hint.
* @param [in] heapType Type of heap to use.
- * @return 0 on succcess.
+ * @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
static int DataToHexStringAlloc(const byte* input, word32 inSz, char** out,
@@ -31569,7 +32338,7 @@ enum {
/* Number of items in ASN.1 template for SpecifiedECDomain. */
#define eccSpecifiedASN_Length (sizeof(eccSpecifiedASN) / sizeof(ASNItem))
-/* OID indicating the prime field is explicity defined. */
+/* OID indicating the prime field is explicitly defined. */
static const byte primeFieldOID[] = {
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01
};
@@ -31577,7 +32346,7 @@ static const char ecSetCustomName[] = "Custom";
/* Explicit EC parameter values. */
static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
- ecc_key* key)
+ ecc_key* key, void* heap, int* curveSz)
{
DECL_ASNGETDATA(dataASN, eccSpecifiedASN_Length);
int ret = 0;
@@ -31589,8 +32358,8 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
word32 baseLen;
/* Allocate a new parameter set. */
- curve = (ecc_set_type*)XMALLOC(sizeof(*curve), key->heap,
- DYNAMIC_TYPE_ECC_BUFFER);
+ curve = (ecc_set_type*)XMALLOC(sizeof(*curve), heap,
+ DYNAMIC_TYPE_ECC_BUFFER);
if (curve == NULL) {
ret = MEMORY_E;
}
@@ -31599,7 +32368,7 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
XMEMSET(curve, 0, sizeof(*curve));
}
- CALLOC_ASNGETDATA(dataASN, eccSpecifiedASN_Length, ret, key->heap);
+ CALLOC_ASNGETDATA(dataASN, eccSpecifiedASN_Length, ret, heap);
if (ret == 0) {
/* Set name to be: "Custom" */
@@ -31625,15 +32394,19 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
}
#ifndef WOLFSSL_NO_ASN_STRICT
/* Only version 2 and above can have a seed. */
- if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_PARAM_SEED].tag != 0) &&
+ if (ret == 0) {
+ if ((dataASN[ECCSPECIFIEDASN_IDX_PARAM_SEED].tag != 0) &&
(version < 2)) {
- ret = ASN_PARSE_E;
+ ret = ASN_PARSE_E;
+ }
}
#endif
/* Only version 2 and above can have a hash algorithm. */
- if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_HASH_SEQ].tag != 0) &&
+ if (ret == 0) {
+ if ((dataASN[ECCSPECIFIEDASN_IDX_HASH_SEQ].tag != 0) &&
(version < 2)) {
- ret = ASN_PARSE_E;
+ ret = ASN_PARSE_E;
+ }
}
if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_COFACTOR].tag != 0)) {
/* Store optional co-factor. */
@@ -31658,13 +32431,13 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
if (ret == 0) {
/* Base X-ordinate */
ret = DataToHexStringAlloc(base + 1, (word32)curve->size,
- (char**)&curve->Gx, key->heap,
+ (char**)&curve->Gx, heap,
DYNAMIC_TYPE_ECC_BUFFER);
}
if (ret == 0) {
/* Base Y-ordinate */
ret = DataToHexStringAlloc(base + 1 + curve->size, (word32)curve->size,
- (char**)&curve->Gy, key->heap,
+ (char**)&curve->Gy, heap,
DYNAMIC_TYPE_ECC_BUFFER);
}
if (ret == 0) {
@@ -31672,28 +32445,28 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
ret = DataToHexStringAlloc(
dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.length,
- (char**)&curve->prime, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+ (char**)&curve->prime, heap, DYNAMIC_TYPE_ECC_BUFFER);
}
if (ret == 0) {
/* Parameter A */
ret = DataToHexStringAlloc(
dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.length,
- (char**)&curve->Af, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+ (char**)&curve->Af, heap, DYNAMIC_TYPE_ECC_BUFFER);
}
if (ret == 0) {
/* Parameter B */
ret = DataToHexStringAlloc(
dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.length,
- (char**)&curve->Bf, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+ (char**)&curve->Bf, heap, DYNAMIC_TYPE_ECC_BUFFER);
}
if (ret == 0) {
/* Order of curve */
ret = DataToHexStringAlloc(
dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.data,
dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.length,
- (char**)&curve->order, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+ (char**)&curve->order, heap, DYNAMIC_TYPE_ECC_BUFFER);
}
#else
if (ret == 0) {
@@ -31720,26 +32493,31 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
}
#endif /* WOLFSSL_ECC_CURVE_STATIC */
- /* Store parameter set in key. */
- if ((ret == 0) && (wc_ecc_set_custom_curve(key, curve) < 0)) {
- ret = ASN_PARSE_E;
+ if (key) {
+ /* Store parameter set in key. */
+ if ((ret == 0) && (wc_ecc_set_custom_curve(key, curve) < 0)) {
+ ret = ASN_PARSE_E;
+ }
+ if (ret == 0) {
+ /* The parameter set was allocated.. */
+ key->deallocSet = 1;
+ }
}
- if (ret == 0) {
- /* The parameter set was allocated.. */
- key->deallocSet = 1;
+
+ if ((ret == 0) && (curveSz)) {
+ *curveSz = curve->size;
}
if ((ret != 0) && (curve != NULL)) {
- /* Failed to set parameters so free paramter set. */
- wc_ecc_free_curve(curve, key->heap);
+ /* Failed to set parameters so free parameter set. */
+ wc_ecc_free_curve(curve, heap);
}
- FREE_ASNGETDATA(dataASN, key->heap);
+ FREE_ASNGETDATA(dataASN, heap);
return ret;
}
#endif /* WOLFSSL_CUSTOM_CURVES */
#endif /* WOLFSSL_ASN_TEMPLATE */
-
#ifdef HAVE_ECC
#ifdef WOLFSSL_ASN_TEMPLATE
@@ -31806,6 +32584,9 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
if (ToTraditionalInline_ex(input, inOutIdx, inSz, &algId) < 0) {
/* ignore error, did not have pkcs8 header */
}
+ else {
+ curve_id = wc_ecc_get_oid(algId, NULL, NULL);
+ }
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E;
@@ -31915,7 +32696,7 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
byte version;
int ret = 0;
int curve_id = ECC_CURVE_DEF;
-#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
+#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12) || defined(SM2)
word32 algId = 0;
#endif
@@ -31924,11 +32705,14 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
ret = BAD_FUNC_ARG;
}
-#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
+#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12) || defined(SM2)
/* if has pkcs8 header skip it */
if (ToTraditionalInline_ex(input, inOutIdx, inSz, &algId) < 0) {
/* ignore error, did not have pkcs8 header */
}
+ else {
+ curve_id = wc_ecc_get_oid(algId, NULL, NULL);
+ }
#endif
CALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, key->heap);
@@ -31942,8 +32726,10 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
inOutIdx, inSz);
}
/* Only version 1 supported. */
- if ((ret == 0) && (version != 1)) {
- ret = ASN_PARSE_E;
+ if (ret == 0) {
+ if (version != 1) {
+ ret = ASN_PARSE_E;
+ }
}
/* Curve Parameters are optional. */
if ((ret == 0) && (dataASN[ECCKEYASN_IDX_PARAMS].tag != 0)) {
@@ -31959,7 +32745,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
/* Parse explicit parameters. */
ret = EccSpecifiedECDomainDecode(
dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.data,
- dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.length, key);
+ dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.length, key,
+ key->heap, NULL);
#else
/* Explicit parameters not supported in build configuration. */
ret = ASN_PARSE_E;
@@ -32343,10 +33130,14 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
if (ret == 0) {
/* Clear dynamic data for ECC public key. */
XMEMSET(dataASN, 0, sizeof(*dataASN) * eccPublicKeyASN_Length);
+#if !defined(WOLFSSL_SM2) || !defined(WOLFSSL_SM3)
/* Set required ECDSA OID and ignore the curve OID type. */
GetASN_ExpBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], keyEcdsaOid,
sizeof(keyEcdsaOid));
- GetASN_OID(&dataASN[oidIdx], oidIgnoreType);
+#else
+ GetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], oidKeyType);
+#endif
+ GetASN_OID(&dataASN[oidIdx], oidCurveType);
/* Decode the public ECC key. */
ret = GetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length, 1,
input, inOutIdx, inSz);
@@ -32360,7 +33151,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
/* Clear dynamic data for ECC private key. */
XMEMSET(dataASN, 0, sizeof(*dataASN) * eccKeyASN_Length);
/* Check named curve OID type. */
- GetASN_OID(&dataASN[oidIdx], oidIgnoreType);
+ GetASN_OID(&dataASN[oidIdx], oidCurveType);
/* Try private key format .*/
ret = GetASN_Items(eccKeyASN, dataASN, eccKeyASN_Length, 1, input,
inOutIdx, inSz);
@@ -32370,6 +33161,14 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
}
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ if ((ret == 0) && (oidIdx == ECCPUBLICKEYASN_IDX_ALGOID_CURVEID)) {
+ int oidSum = dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID].data.oid.sum;
+ if ((oidSum != ECDSAk) && (oidSum != SM2k)) {
+ ret = ASN_PARSE_E;
+ }
+ }
+#endif
if (ret == 0) {
if (dataASN[oidIdx].tag != 0) {
/* Named curve - check and get id. */
@@ -32382,7 +33181,8 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
#ifdef WOLFSSL_CUSTOM_CURVES
/* Parse explicit parameters. */
ret = EccSpecifiedECDomainDecode(dataASN[specIdx].data.ref.data,
- dataASN[specIdx].data.ref.length, key);
+ dataASN[specIdx].data.ref.length, key,
+ key->heap, NULL);
#else
/* Explicit parameters not supported in build configuration. */
ret = ASN_PARSE_E;
@@ -32406,7 +33206,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
/* build DER formatted ECC key, include optional public key if requested,
* return length on success, negative on error */
-static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
+int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
int pubIn, int curveIn)
{
#ifndef WOLFSSL_ASN_TEMPLATE
@@ -32722,8 +33522,6 @@ int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen)
return wc_BuildEccKeyDer(key, output, &inLen, 0, 1);
}
-
-
#ifdef HAVE_PKCS8
/* Write only private ecc key or both private and public parts to unencrypted
@@ -32899,6 +33697,9 @@ int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
if (input == NULL || inOutIdx == NULL || inSz == 0 ||
privKey == NULL || privKeyLen == NULL) {
+ #ifdef WOLFSSL_ASN_TEMPLATE
+ FREE_ASNGETDATA(dataASN, NULL);
+ #endif
return BAD_FUNC_ARG;
}
@@ -33116,7 +33917,7 @@ int wc_Ed25519PrivateKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz)
{
int ret;
- byte privKey[ED25519_KEY_SIZE], pubKey[ED25519_PUB_KEY_SIZE];
+ byte privKey[ED25519_KEY_SIZE], pubKey[2*ED25519_PUB_KEY_SIZE+1];
word32 privKeyLen = (word32)sizeof(privKey);
word32 pubKeyLen = (word32)sizeof(pubKey);
@@ -33142,7 +33943,7 @@ int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
ed25519_key* key, word32 inSz)
{
int ret;
- byte pubKey[ED25519_PUB_KEY_SIZE];
+ byte pubKey[2*ED25519_PUB_KEY_SIZE+1];
word32 pubKeyLen = (word32)sizeof(pubKey);
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
@@ -33206,9 +34007,9 @@ int wc_Curve25519PublicKeyDecode(const byte* input, word32* inOutIdx,
* Pass NULL for output to get the size of the encoding.
*
* @param [in] privKey private key buffer
- * @param [in] privKeyLen private ket buffer length
+ * @param [in] privKeyLen private key buffer length
* @param [in] pubKey public key buffer (optional)
- * @param [in] pubKeyLen public ket buffer length
+ * @param [in] pubKeyLen public key buffer length
* @param [out] output Buffer to put encoded data in (optional)
* @param [in] outLen Size of buffer in bytes
* @param [in] keyType is "enum Key_Sum" like ED25519k
@@ -33433,7 +34234,7 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx,
ed448_key* key, word32 inSz)
{
int ret;
- byte pubKey[ED448_PUB_KEY_SIZE];
+ byte pubKey[2 * ED448_PUB_KEY_SIZE + 1];
word32 pubKeyLen = (word32)sizeof(pubKey);
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
@@ -33843,6 +34644,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
#else
DECL_ASNGETDATA(dataASN, singleResponseASN_Length);
int ret = 0;
+ word32 ocspDigestSize = OCSP_DIGEST_SIZE;
CertStatus* cs = NULL;
word32 serialSz;
word32 issuerHashLen;
@@ -33889,17 +34691,28 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
ret = GetASN_Items(singleResponseASN, dataASN, singleResponseASN_Length,
1, source, ioIndex, size);
}
+ if (ret == 0) {
+ single->hashAlgoOID =
+ dataASN[SINGLERESPONSEASN_IDX_CID_HASHALGO_OID].data.oid.sum;
+ ocspDigestSize = (word32)wc_HashGetDigestSize(
+ wc_OidGetHash((int)single->hashAlgoOID));
+ }
/* Validate the issuer hash length is the size required. */
- if ((ret == 0) && (issuerHashLen != OCSP_DIGEST_SIZE)) {
+ if ((ret == 0) && (issuerHashLen != ocspDigestSize)) {
ret = ASN_PARSE_E;
}
/* Validate the issuer key hash length is the size required. */
- if ((ret == 0) && (issuerKeyHashLen != OCSP_DIGEST_SIZE)) {
- ret = ASN_PARSE_E;
+ if (ret == 0) {
+ if (issuerKeyHashLen != ocspDigestSize) {
+ ret = ASN_PARSE_E;
+ }
}
if (ret == 0) {
/* Store serial size. */
- cs->serialSz = serialSz;
+ cs->serialSz = (int)serialSz;
+ /* Set the hash algorithm OID */
+ single->hashAlgoOID =
+ dataASN[SINGLERESPONSEASN_IDX_CID_HASHALGO_OID].data.oid.sum;
/* Determine status by which item was found. */
if (dataASN[SINGLERESPONSEASN_IDX_CS_GOOD].tag != 0) {
@@ -33930,7 +34743,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
at = &cs->thisDateParsed;
at->type = ASN_GENERALIZED_TIME;
XMEMCPY(at->data, cs->thisDate, thisDateLen);
- at->length = thisDateLen;
+ at->length = (int)thisDateLen;
#endif
}
if ((ret == 0) &&
@@ -33954,7 +34767,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
at = &cs->nextDateParsed;
at->type = ASN_GENERALIZED_TIME;
XMEMCPY(at->data, cs->nextDate, nextDateLen);
- at->length = nextDateLen;
+ at->length = (int)nextDateLen;
#endif
}
if (ret == 0) {
@@ -34095,7 +34908,7 @@ static int DecodeOcspRespExtensions(byte* source, word32* ioIndex,
source, &idx, sz);
if (ret == 0) {
word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum;
- int length = dataASN[CERTEXTASN_IDX_VAL].length;
+ int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
if (oid == OCSP_NONCE_OID) {
/* Extract nonce data. */
@@ -34110,7 +34923,7 @@ static int DecodeOcspRespExtensions(byte* source, word32* ioIndex,
/* Ignore all other extension types. */
/* Skip over rest of extension. */
- idx += length;
+ idx += (word32)length;
}
}
@@ -34279,12 +35092,16 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
1, source, ioIndex, size);
}
/* Only support v1 == 0 */
- if ((ret == 0) && (version != 0)) {
- ret = ASN_PARSE_E;
+ if (ret == 0) {
+ if (version != 0) {
+ ret = ASN_PARSE_E;
+ }
}
/* Ensure date is a minimal size. */
- if ((ret == 0) && (dateSz < MIN_DATE_SIZE)) {
- ret = ASN_PARSE_E;
+ if (ret == 0) {
+ if (dateSz < MIN_DATE_SIZE) {
+ ret = ASN_PARSE_E;
+ }
}
if (ret == 0) {
/* TODO: use byName/byKey fields. */
@@ -34330,8 +35147,8 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
if (ret == 0) {
/* Decode SingleResponse into OcspEntry. */
ret = DecodeSingleResponse(source, &idx,
- dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset,
- dataASN[OCSPRESPDATAASN_IDX_RESP].length, single);
+ dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset,
+ (int)dataASN[OCSPRESPDATAASN_IDX_RESP].length, single);
/* single->used set on successful decode. */
}
}
@@ -34669,7 +35486,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
if ((ret == 0) &&
(dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) {
#endif
- /* Initialize the crtificate object. */
+ /* Initialize the certificate object. */
InitDecodedCert(cert, resp->cert, resp->certSz, heap);
certInit = 1;
/* Parse the certificate and don't verify if we don't have access to
@@ -34680,6 +35497,13 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
WOLFSSL_MSG("\tOCSP Responder certificate parsing failed");
}
}
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK
+ if ((ret == 0) &&
+ (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL) &&
+ !noVerify) {
+ ret = CheckOcspResponder(resp, cert, cm);
+ }
+#endif /* WOLFSSL_NO_OCSP_ISSUER_CHECK */
if ((ret == 0) &&
(dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) {
/* TODO: ConfirmSignature is blocking here */
@@ -34701,7 +35525,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
Signer* ca;
int sigValid = -1;
- /* Resonse didn't have a certificate - lookup CA. */
+ /* Response didn't have a certificate - lookup CA. */
#ifndef NO_SKID
ca = GetCA(cm, resp->single->issuerKeyHash);
#else
@@ -34951,7 +35775,7 @@ static const ASNItem ocspNonceExtASN[] = {
/* EXT */ { 1, ASN_SEQUENCE, 1, 1, 0 },
/* extnId */
/* EXT_OID */ {2, ASN_OBJECT_ID, 0, 0, 0 },
- /* critcal not encoded. */
+ /* critical not encoded. */
/* extnValue */
/* EXT_VAL */ {2, ASN_OCTET_STRING, 0, 1, 0 },
/* nonce */
@@ -35032,7 +35856,7 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
SetASN_Buffer(&dataASN[OCSPNONCEEXTASN_IDX_EXT_OID], NonceObjId,
sizeof(NonceObjId));
SetASN_Buffer(&dataASN[OCSPNONCEEXTASN_IDX_EXT_NONCE], req->nonce,
- req->nonceSz);
+ (word32)req->nonceSz);
/* Calculate size of nonce extension. */
ret = SizeASN_Items(ocspNonceExtASN, dataASN, ocspNonceExtASN_Length,
&sz);
@@ -35053,7 +35877,7 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
FREE_ASNSETDATA(dataASN, req->heap);
}
- return ret;
+ return (word32)ret;
#endif /* WOLFSSL_ASN_TEMPLATE */
}
@@ -35118,17 +35942,20 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
byte extArray[MAX_OCSP_EXT_SZ];
word32 seqSz[5], algoSz, issuerSz, issuerKeySz, extSz, totalSz;
int i, snSz;
+ int keyIdSz;
WOLFSSL_ENTER("EncodeOcspRequest");
#ifdef NO_SHA
algoSz = SetAlgoID(SHA256h, algoArray, oidHashType, 0);
+ keyIdSz = WC_SHA256_DIGEST_SIZE;
#else
algoSz = SetAlgoID(SHAh, algoArray, oidHashType, 0);
+ keyIdSz = WC_SHA_DIGEST_SIZE;
#endif
- issuerSz = SetDigest(req->issuerHash, KEYID_SIZE, issuerArray);
- issuerKeySz = SetDigest(req->issuerKeyHash, KEYID_SIZE, issuerKeyArray);
+ issuerSz = SetDigest(req->issuerHash, keyIdSz, issuerArray);
+ issuerKeySz = SetDigest(req->issuerKeyHash, keyIdSz, issuerKeyArray);
snSz = SetSerialNumber(req->serial, req->serialSz, snArray,
MAX_SN_SZ, MAX_SN_SZ);
extSz = 0;
@@ -35186,6 +36013,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
word32 extSz = 0;
int sz = 0;
int ret = 0;
+ word32 keyIdSz;
WOLFSSL_ENTER("EncodeOcspRequest");
@@ -35196,22 +36024,24 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
#ifdef NO_SHA
SetASN_OID(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID], SHA256h,
oidHashType);
+ keyIdSz = WC_SHA256_DIGEST_SIZE;
#else
SetASN_OID(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID], SHAh,
oidHashType);
+ keyIdSz = WC_SHA_DIGEST_SIZE;
#endif
/* Set issuer, issuer key hash and serial number of certificate being
* checked. */
SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_ISSUER],
- req->issuerHash, KEYID_SIZE);
+ req->issuerHash, keyIdSz);
SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_ISSUERKEY],
- req->issuerKeyHash, KEYID_SIZE);
+ req->issuerKeyHash, keyIdSz);
SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_SERIAL],
- req->serial, req->serialSz);
+ req->serial, (word32)req->serialSz);
/* Only extension to write is nonce - check if one to encode. */
if (req->nonceSz) {
/* Get size of extensions and leave space for them in encoding. */
- ret = extSz = EncodeOcspRequestExtensions(req, NULL, 0);
+ ret = (int)(extSz = EncodeOcspRequestExtensions(req, NULL, 0));
SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT], NULL, extSz);
if (ret > 0) {
ret = 0;
@@ -35236,7 +36066,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
SetASN_Items(ocspRequestASN, dataASN, ocspRequestASN_Length, output);
if (req->nonceSz) {
/* Encode extensions into space provided. */
- ret = EncodeOcspRequestExtensions(req,
+ ret = (int)EncodeOcspRequestExtensions(req,
(byte*)dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT].data.buffer.data,
extSz);
if (ret > 0) {
@@ -35273,24 +36103,24 @@ int InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce,
XMEMCPY(req->issuerHash, cert->issuerHash, KEYID_SIZE);
XMEMCPY(req->issuerKeyHash, cert->issuerKeyHash, KEYID_SIZE);
- req->serial = (byte*)XMALLOC(cert->serialSz, req->heap,
+ req->serial = (byte*)XMALLOC((size_t)cert->serialSz, req->heap,
DYNAMIC_TYPE_OCSP_REQUEST);
if (req->serial == NULL)
return MEMORY_E;
- XMEMCPY(req->serial, cert->serial, cert->serialSz);
+ XMEMCPY(req->serial, cert->serial, (size_t)cert->serialSz);
req->serialSz = cert->serialSz;
if (cert->extAuthInfoSz != 0 && cert->extAuthInfo != NULL) {
- req->url = (byte*)XMALLOC(cert->extAuthInfoSz + 1, req->heap,
- DYNAMIC_TYPE_OCSP_REQUEST);
+ req->url = (byte*)XMALLOC((size_t)cert->extAuthInfoSz + 1,
+ req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
if (req->url == NULL) {
XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP);
req->serial = NULL;
return MEMORY_E;
}
- XMEMCPY(req->url, cert->extAuthInfo, cert->extAuthInfoSz);
+ XMEMCPY(req->url, cert->extAuthInfo, (size_t)cert->extAuthInfoSz);
req->urlSz = cert->extAuthInfoSz;
req->url[req->urlSz] = 0;
}
@@ -35341,6 +36171,14 @@ void FreeOcspRequest(OcspRequest* req)
if (req->url)
XFREE(req->url, req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
req->url = NULL;
+
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
+ defined(HAVE_LIGHTY)
+ if (req->cid != NULL)
+ wolfSSL_OCSP_CERTID_free((WOLFSSL_OCSP_CERTID*)req->cid);
+ req->cid = NULL;
+#endif
}
}
@@ -35348,6 +36186,7 @@ void FreeOcspRequest(OcspRequest* req)
int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
{
int cmp = -1; /* default as not matching, cmp gets set on each check */
+ int ocspDigestSize;
OcspEntry *single, *next, *prev = NULL, *top;
WOLFSSL_ENTER("CompareOcspReqResp");
@@ -35374,7 +36213,7 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
return cmp;
}
- cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz);
+ cmp = XMEMCMP(req->nonce, resp->nonce, (size_t)req->nonceSz);
if (cmp != 0) {
WOLFSSL_MSG("\tnonce mismatch");
return cmp;
@@ -35383,11 +36222,20 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
/* match based on found status and return */
for (single = resp->single; single; single = next) {
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ ocspDigestSize = wc_HashGetDigestSize(
+ wc_OidGetHash(single->hashAlgoOID));
+ #else
+ ocspDigestSize = OCSP_DIGEST_SIZE;
+ #endif
cmp = req->serialSz - single->status->serialSz;
if (cmp == 0) {
- cmp = XMEMCMP(req->serial, single->status->serial, req->serialSz)
- || XMEMCMP(req->issuerHash, single->issuerHash, OCSP_DIGEST_SIZE)
- || XMEMCMP(req->issuerKeyHash, single->issuerKeyHash, OCSP_DIGEST_SIZE);
+ cmp = XMEMCMP(req->serial, single->status->serial,
+ (size_t)req->serialSz)
+ || XMEMCMP(req->issuerHash, single->issuerHash,
+ (size_t)ocspDigestSize)
+ || XMEMCMP(req->issuerKeyHash, single->issuerKeyHash,
+ (size_t)ocspDigestSize);
if (cmp == 0) {
/* match found */
if (resp->single != single && prev) {
@@ -35433,6 +36281,14 @@ enum {
/* store WC_SHA hash of NAME */
int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
{
+ /* Use summy signature OID. */
+ return GetNameHash_ex(source, idx, hash, maxIdx, 0);
+}
+
+/* store WC_SHA hash of NAME */
+int GetNameHash_ex(const byte* source, word32* idx, byte* hash, int maxIdx,
+ word32 sigOID)
+{
#ifndef WOLFSSL_ASN_TEMPLATE
int length; /* length of all distinguished names */
int ret;
@@ -35460,7 +36316,8 @@ int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
if (GetSequence(source, idx, &length, (word32)maxIdx) < 0)
return ASN_PARSE_E;
- ret = CalcHashId(source + dummy, (word32)length + *idx - dummy, hash);
+ ret = CalcHashId_ex(source + dummy, (word32)length + *idx - dummy, hash,
+ HashIdAlg(sigOID));
*idx += (word32)length;
@@ -35480,10 +36337,10 @@ int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
* calculated over the entire DER encoding of the Name field, including
* the tag and length. */
/* Calculate hash of complete name including SEQUENCE. */
- ret = CalcHashId(
+ ret = CalcHashId_ex(
GetASNItem_Addr(dataASN[NAMEHASHASN_IDX_NAME], source),
GetASNItem_Length(dataASN[NAMEHASHASN_IDX_NAME], source),
- hash);
+ hash, HashIdAlg(sigOID));
}
return ret;
@@ -35497,13 +36354,13 @@ static char* GetNameFromDer(const byte* source, int sz)
{
char* out;
- out = (char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL);
+ out = (char*)XMALLOC((size_t)sz, NULL, DYNAMIC_TYPE_OPENSSL);
if (out == NULL) {
WOLFSSL_MSG("Name malloc failed");
return NULL;
}
- XMEMCPY(out, source, sz);
+ XMEMCPY(out, source, (size_t)sz);
return out;
}
@@ -35569,7 +36426,7 @@ enum {
/* Get Revoked Cert list, 0 on success */
static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx,
- DecodedCRL* dcrl, int maxIdx)
+ DecodedCRL* dcrl, word32 maxIdx)
{
#ifndef WOLFSSL_ASN_TEMPLATE
int ret;
@@ -35673,7 +36530,7 @@ static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx,
}
if (ret == 0) {
/* Store size of serial number. */
- rc->serialSz = serialSz;
+ rc->serialSz = (int)serialSz;
rc->revDateFormat = (dataASN[REVOKEDASN_IDX_TIME_UTC].tag != 0)
? dataASN[REVOKEDASN_IDX_TIME_UTC].tag
: dataASN[REVOKEDASN_IDX_TIME_GT].tag;
@@ -35713,7 +36570,7 @@ static int ParseCRL_RevokedCerts(RevokedCert* rcert, DecodedCRL* dcrl,
{
int ret = 0;
- /* Parse each revoked cerificate. */
+ /* Parse each revoked certificate. */
while ((ret == 0) && (idx < maxIdx)) {
/* Parse a revoked certificate. */
if (GetRevoked(rcert, buff, &idx, dcrl, maxIdx) < 0) {
@@ -35798,7 +36655,7 @@ static int PaseCRL_CheckSignature(DecodedCRL* dcrl, const byte* buff, void* cm)
}
/* Check issuerHash matched CA's subjectNameHash. */
if ((ca != NULL) && (XMEMCMP(dcrl->issuerHash, ca->subjectNameHash,
- KEYID_SIZE) != 0)) {
+ KEYID_SIZE) != 0)) {
ca = NULL;
}
if (ca == NULL) {
@@ -35870,7 +36727,7 @@ static int ParseCRL_CertList(RevokedCert* rcert, DecodedCRL* dcrl,
dcrl->issuer = (byte*)GetNameFromDer(buf + idx, (int)dcrl->issuerSz);
#endif
- if (GetNameHash(buf, &idx, dcrl->issuerHash, sz) < 0)
+ if (GetNameHash_ex(buf, &idx, dcrl->issuerHash, sz, oid) < 0)
return ASN_PARSE_E;
if (GetBasicDate(buf, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0)
@@ -35894,7 +36751,7 @@ static int ParseCRL_CertList(RevokedCert* rcert, DecodedCRL* dcrl,
if (doNextDate)
#endif
{
-#ifndef NO_ASN_TIME
+#if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
if (verify != NO_VERIFY &&
!XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) {
WOLFSSL_MSG("CRL after date is no longer valid");
@@ -35960,7 +36817,8 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
dcrl->extAuthKeyIdSet = 1;
/* Get the hash or hash of the hash if wrong size. */
- ret = GetHashId(input + idx, length, dcrl->extAuthKeyId);
+ ret = GetHashId(input + idx, length, dcrl->extAuthKeyId,
+ HashIdAlg(dcrl->signatureOID));
return ret;
#else
@@ -35975,7 +36833,7 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
if (ret == 0) {
/* Parse an authority key identifier. */
ret = GetASN_Items(authKeyIdASN, dataASN, authKeyIdASN_Length, 1, input,
- &idx, sz);
+ &idx, (word32)sz);
}
if (ret == 0) {
/* Key id is optional. */
@@ -35985,8 +36843,8 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
else {
/* Get the hash or hash of the hash if wrong size. */
ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
- dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
- dcrl->extAuthKeyId);
+ (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
+ dcrl->extAuthKeyId, HashIdAlg(dcrl->signatureOID));
}
}
@@ -36165,7 +37023,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
/* Clear dynamic data. */
XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length);
- /* Ensure OID is an extention type. */
+ /* Ensure OID is an extension type. */
GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType);
/* Set criticality variable. */
GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical);
@@ -36176,11 +37034,11 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
/* OID in extension. */
word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum;
/* Length of extension data. */
- int length = dataASN[CERTEXTASN_IDX_VAL].length;
+ int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
if (oid == AUTH_KEY_OID) {
#ifndef NO_SKID
- /* Parse Authority Key Id extesion.
+ /* Parse Authority Key Id extension.
* idx is at start of OCTET_STRING data. */
ret = ParseCRL_AuthKeyIdExt(buf + idx, length, dcrl);
if (ret != 0) {
@@ -36191,7 +37049,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
/* TODO: Parse CRL Number extension */
/* TODO: check criticality */
/* Move index on to next extension. */
- idx += length;
+ idx += (word32)length;
}
}
@@ -36319,7 +37177,7 @@ int ParseCRL(RevokedCert* rcert, DecodedCRL* dcrl, const byte* buff, word32 sz,
ca = GetCA(cm, dcrl->extAuthKeyId); /* more unique than issuerHash */
}
if (ca != NULL && XMEMCMP(dcrl->issuerHash, ca->subjectNameHash,
- KEYID_SIZE) != 0) {
+ KEYID_SIZE) != 0) {
ca = NULL;
}
if (ca == NULL) {
@@ -36423,7 +37281,7 @@ end:
dcrl->nextDateFormat = (dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC].tag != 0)
? dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC].tag
: dataASN[CRLASN_IDX_TBS_NEXTUPDATE_GT].tag;
- #ifndef NO_ASN_TIME
+ #if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
if (dcrl->nextDateFormat != 0) {
/* Next date was set, so validate it. */
if (verify != NO_VERIFY &&
@@ -36434,8 +37292,8 @@ end:
}
}
}
- if (ret == 0) {
- #endif
+ if (ret == 0) { /* in "no time" cases above "ret" is not set */
+ #endif /* !NO_ASN_TIME && !WOLFSSL_NO_CRL_DATE_CHECK */
#ifdef OPENSSL_EXTRA
/* Parse and store the issuer name. */
dcrl->issuerSz = GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER],
@@ -36445,16 +37303,17 @@ end:
(int)dcrl->issuerSz);
#endif
/* Calculate the Hash id from the issuer name. */
- ret = CalcHashId(GetASNItem_Addr(dataASN[CRLASN_IDX_TBS_ISSUER], buff),
+ ret = CalcHashId_ex(
+ GetASNItem_Addr(dataASN[CRLASN_IDX_TBS_ISSUER], buff),
GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER], buff),
- dcrl->issuerHash);
+ dcrl->issuerHash, HashIdAlg(dcrl->signatureOID));
if (ret < 0) {
ret = ASN_PARSE_E;
}
}
if ((ret == 0) && (dataASN[CRLASN_IDX_TBS_REVOKEDCERTS].tag != 0)) {
- /* Parse revoked cerificates - starting after SEQUENCE OF. */
+ /* Parse revoked certificates - starting after SEQUENCE OF. */
ret = ParseCRL_RevokedCerts(rcert, dcrl, buff,
GetASNItem_DataIdx(dataASN[CRLASN_IDX_TBS_REVOKEDCERTS], buff),
GetASNItem_EndIdx(dataASN[CRLASN_IDX_TBS_REVOKEDCERTS], buff));
@@ -36635,7 +37494,7 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
GetASN_Int8Bit(&dataASN[PIVCERTASN_IDX_INFO], &info);
/* Start parsing from start of buffer. */
idx = 0;
- /* Parse PIV cetificate data. */
+ /* Parse PIV certificate data. */
ret = GetASN_Items(pivCertASN, dataASN, pivCertASN_Length, 1, buf, &idx,
totalSz);
if (ret == 0) {
@@ -36696,13 +37555,17 @@ int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
goto error;
}
nextHdr = (MimeHdr*)XMALLOC(sizeof(MimeHdr), NULL, DYNAMIC_TYPE_PKCS7);
+ if (nextHdr == NULL) {
+ ret = MEMORY_E;
+ goto error;
+ }
+ XMEMSET(nextHdr, 0, sizeof(MimeHdr));
nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
DYNAMIC_TYPE_PKCS7);
- if (nextHdr == NULL || nextParam == NULL) {
+ if (nextParam == NULL) {
ret = MEMORY_E;
goto error;
}
- XMEMSET(nextHdr, 0, sizeof(MimeHdr));
XMEMSET(nextParam, 0, sizeof(MimeParam));
curLine = XSTRTOK(in, "\r\n", &ptr);
@@ -36744,8 +37607,10 @@ int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
}
else if (mimeStatus == MIME_BODYVAL && cur == ';' && pos >= 1) {
end = pos-1;
- if (bodyVal != NULL)
+ if (bodyVal != NULL) {
XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
+ bodyVal = NULL;
+ }
ret = wc_MIME_header_strip(curLine, &bodyVal, start, end);
if (ret) {
goto error;
@@ -36842,7 +37707,8 @@ error:
XFREE(nameAttr, NULL, DYNAMIC_TYPE_PKCS7);
if (bodyVal != NULL)
XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
+ if (nextParam != NULL)
+ XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
return ret;
}
@@ -37006,7 +37872,7 @@ int wc_MIME_free_hdrs(MimeHdr* head)
#ifdef WOLFSSL_ASN_PRINT
/*******************************************************************************
- * ASN.1 Parsing and Printing Implemenation
+ * ASN.1 Parsing and Printing Implementation
******************************************************************************/
/* Initialize ASN.1 print options.
@@ -37147,9 +38013,6 @@ int wc_Asn1_SetFile(Asn1* asn1, XFILE file)
return ret;
}
-/* Maximum OID dotted form size. */
-#define ASN1_OID_DOTTED_MAX_SZ 16
-
/* Print OID in dotted form or as hex bytes.
*
* @param [in] file File pointer to write to.
@@ -37167,7 +38030,7 @@ static void PrintObjectIdNum(XFILE file, unsigned char* oid, word32 len)
/* Print out each number of dotted form. */
for (i = 0; i < num; i++) {
XFPRINTF(file, "%d", dotted_nums[i]);
- /* Add separetor. */
+ /* Add separator. */
if (i < num - 1) {
XFPRINTF(file, ".");
}
@@ -37177,7 +38040,7 @@ static void PrintObjectIdNum(XFILE file, unsigned char* oid, word32 len)
/* Print out bytes as we couldn't decode. */
for (i = 0; i < len; i++) {
XFPRINTF(file, "%02x", oid[i]);
- /* Add separetor. */
+ /* Add separator. */
if (i < len - 1) {
XFPRINTF(file, ":");
}
@@ -37577,7 +38440,7 @@ static void DumpHeader(Asn1* asn1, Asn1PrintOptions* opts)
}
}
-/* Print ASN.1 item info based on header and indeces.
+/* Print ASN.1 item info based on header and indices.
*
* @param [in] asn1 ASN.1 parse object.
* @param [in] opts ASN.1 options for printing.
@@ -37678,7 +38541,7 @@ static int wc_Asn1_Print(Asn1* asn1, Asn1PrintOptions* opts)
/* Done with this ASN.1 item. */
asn1->part = ASN_PART_TAG;
}
- /* Check end indeces are valid. */
+ /* Check end indices are valid. */
ret = CheckDepth(asn1);
}
}
@@ -37700,7 +38563,7 @@ static int wc_Asn1_Print(Asn1* asn1, Asn1PrintOptions* opts)
}
/* Step past data to next ASN.1 item. */
asn1->curr += asn1->item.len;
- /* Update the depth based on end indeces. */
+ /* Update the depth based on end indices. */
UpdateDepth(asn1);
/* Done with this ASN.1 item. */
asn1->part = ASN_PART_TAG;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c b/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c
index 76912b1e..9f2897f2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c
@@ -1464,7 +1464,7 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io)
* API for compatibility
*/
-static void Camellia_EncryptBlock(const int keyBitLength,
+static void Camellia_EncryptBlock(const word32 keyBitLength,
const unsigned char *plaintext,
const KEY_TABLE_TYPE keyTable,
unsigned char *ciphertext)
@@ -1495,7 +1495,7 @@ static void Camellia_EncryptBlock(const int keyBitLength,
PUTU32(ciphertext + 12, tmp[3]);
}
-static void Camellia_DecryptBlock(const int keyBitLength,
+static void Camellia_DecryptBlock(const word32 keyBitLength,
const unsigned char *ciphertext,
const KEY_TABLE_TYPE keyTable,
unsigned char *plaintext)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c
index 91e6bf0e..d3a982ed 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c
@@ -28,17 +28,18 @@ D. J. Bernstein
Public domain.
*/
-#ifdef WOLFSSL_ARMASM
- /* implementation is located in wolfcrypt/src/port/arm/armv8-chacha.c */
-#else
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
-#if defined(HAVE_CHACHA) && !defined(WOLFSSL_ARMASM)
+#if defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_ARMASM_NO_NEON)
+ /* implementation is located in wolfcrypt/src/port/arm/armv8-chacha.c */
+
+#else
+#if defined(HAVE_CHACHA)
#include <wolfssl/wolfcrypt/chacha.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -436,6 +437,6 @@ void wc_Chacha_purge_current_block(ChaCha* ctx) {
}
}
-#endif /* HAVE_CHACHA*/
+#endif /* HAVE_CHACHA */
-#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM && !WOLFSSL_ARMASM_NO_NEON */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c
index e4ebd101..0c37de74 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c
@@ -355,9 +355,9 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(
int isEncrypt)
{
int ret;
- ssize_t dst_len = isEncrypt ?
- (ssize_t)src_len + POLY1305_DIGEST_SIZE :
- (ssize_t)src_len - POLY1305_DIGEST_SIZE;
+ long int dst_len = isEncrypt ?
+ (long int)src_len + POLY1305_DIGEST_SIZE :
+ (long int)src_len - POLY1305_DIGEST_SIZE;
const byte *src_i;
byte *dst_i;
size_t src_len_rem;
@@ -375,7 +375,7 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(
goto out;
}
- if ((ssize_t)dst_space < dst_len) {
+ if ((long int)dst_space < dst_len) {
ret = BUFFER_E;
goto out;
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S
index 6fafafab..9ca854cb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S
@@ -1,5 +1,5 @@
-/* chacha_asm
- *
+/* chacha_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c b/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c
index e3b9f39e..7cade190 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c
@@ -115,11 +115,12 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
XMEMSET(cmac, 0, sizeof(Cmac));
#ifdef WOLF_CRYPTO_CB
+ /* Set devId regardless of value (invalid or not) */
+ cmac->devId = devId;
#ifndef WOLF_CRYPTO_CB_FIND
if (devId != INVALID_DEVID)
#endif
{
- cmac->devId = devId;
cmac->devCtx = NULL;
ret = wc_CryptoCb_Cmac(cmac, key, keySz, NULL, 0, NULL, NULL,
@@ -136,6 +137,8 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
return BAD_FUNC_ARG;
}
+ ret = wc_AesInit(&cmac->aes, heap, devId);
+
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
cmac->useSWCrypt = useSW;
if (cmac->useSWCrypt == 1) {
@@ -143,7 +146,10 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
}
#endif
- ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
+ if (ret == 0) {
+ ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
+ }
+
if (ret == 0) {
byte l[AES_BLOCK_SIZE];
@@ -217,8 +223,24 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
return ret;
}
+int wc_CmacFree(Cmac* cmac)
+{
+ if (cmac == NULL)
+ return BAD_FUNC_ARG;
+#if defined(WOLFSSL_HASH_KEEP)
+ /* TODO: msg is leaked if wc_CmacFinal() is not called
+ * e.g. when multiple calls to wc_CmacUpdate() and one fails but
+ * wc_CmacFinal() not called. */
+ if (cmac->msg != NULL) {
+ XFREE(cmac->msg, cmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+#endif
+ wc_AesFree(&cmac->aes);
+ ForceZero(cmac, sizeof(Cmac));
+ return 0;
+}
-int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
+int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
{
int ret;
const byte* subKey;
@@ -270,22 +292,19 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
XMEMCPY(out, cmac->digest, *outSz);
}
-#if defined(WOLFSSL_HASH_KEEP)
- /* TODO: msg is leaked if wc_CmacFinal() is not called
- * e.g. when multiple calls to wc_CmacUpdate() and one fails but
- * wc_CmacFinal() not called. */
- if (cmac->msg != NULL) {
- XFREE(cmac->msg, cmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
- cmac->msg = NULL;
- }
-#endif
- wc_AesFree(&cmac->aes);
- ForceZero(cmac, sizeof(Cmac));
+ return 0;
+}
+int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz) {
+ int ret;
+
+ if (cmac == NULL)
+ return BAD_FUNC_ARG;
+ ret = wc_CmacFinalNoFree(cmac, out, outSz);
+ (void)wc_CmacFree(cmac);
return ret;
}
-
int wc_AesCmacGenerate(byte* out, word32* outSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c b/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c
index 766e0c91..58c154c5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c
@@ -245,6 +245,7 @@ int wc_DeCompressDynamic(byte** out, int maxSz, int memoryType,
stream.opaque = (voidpf)0;
if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS | windowBits) != Z_OK) {
+ XFREE(tmp, heap, memoryType);
return DECOMPRESS_INIT_E;
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c
index 13edcc49..cc09ec04 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c
@@ -22,6 +22,20 @@
/* This framework provides a central place for crypto hardware integration
using the devId scheme. If not supported return `CRYPTOCB_UNAVAILABLE`. */
+/* Some common, optional build settings:
+ * these can also be set in wolfssl/options.h or user_settings.h
+ * -------------------------------------------------------------
+ * enable the find device callback functions
+ * WOLF_CRYPTO_CB_FIND
+ *
+ * enable the command callback functions to invoke the callback during
+ * register and unregister
+ * WOLF_CRYPTO_CB_CMD
+ *
+ * enable debug InfoString functions
+ * DEBUG_CRYPTOCB
+ */
+
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -34,6 +48,10 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
+#ifdef HAVE_ARIA
+ #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+#endif
+
#ifdef WOLFSSL_CAAM
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#endif
@@ -58,6 +76,9 @@ static CryptoDevCallbackFind CryptoCb_FindCb = NULL;
static const char* GetAlgoTypeStr(int algo)
{
switch (algo) { /* enum wc_AlgoType */
+#ifdef WOLF_CRYPTO_CB_CMD
+ case WC_ALGO_TYPE_NONE: return "None-Command";
+#endif
case WC_ALGO_TYPE_HASH: return "Hash";
case WC_ALGO_TYPE_CIPHER: return "Cipher";
case WC_ALGO_TYPE_PK: return "PK";
@@ -133,6 +154,17 @@ static const char* GetRsaType(int type)
}
#endif
+#ifdef WOLF_CRYPTO_CB_CMD
+static const char* GetCryptoCbCmdTypeStr(int type)
+{
+ switch (type) {
+ case WC_CRYPTOCB_CMD_TYPE_REGISTER: return "Register";
+ case WC_CRYPTOCB_CMD_TYPE_UNREGISTER: return "UnRegister";
+ }
+ return NULL;
+}
+#endif
+
WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
{
if (info == NULL)
@@ -165,6 +197,12 @@ WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type),
GetHashTypeStr(info->hmac.macType), info->hmac.macType);
}
+#ifdef WOLF_CRYPTO_CB_CMD
+ else if (info->algo_type == WC_ALGO_TYPE_NONE) {
+ printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type),
+ GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type);
+ }
+#endif
else {
printf("CryptoCb: %s \n", GetAlgoTypeStr(info->algo_type));
}
@@ -219,11 +257,28 @@ static WC_INLINE int wc_CryptoCb_TranslateErrorCode(int ret)
return ret;
}
+/* Helper function to reset a device entry to invalid */
+static WC_INLINE void wc_CryptoCb_ClearDev(CryptoCb *dev)
+{
+ XMEMSET(dev, 0, sizeof(*dev));
+ dev->devId = INVALID_DEVID;
+}
+
void wc_CryptoCb_Init(void)
{
int i;
- for (i=0; i<MAX_CRYPTO_DEVID_CALLBACKS; i++) {
- gCryptoDev[i].devId = INVALID_DEVID;
+ for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) {
+ wc_CryptoCb_ClearDev(&gCryptoDev[i]);
+ }
+}
+
+void wc_CryptoCb_Cleanup(void)
+{
+ int i;
+ for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) {
+ if(gCryptoDev[i].devId != INVALID_DEVID) {
+ wc_CryptoCb_UnRegisterDevice(gCryptoDev[i].devId);
+ }
}
}
@@ -251,6 +306,8 @@ void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb)
int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
{
+ int rc = 0;
+
/* find existing or new */
CryptoCb* dev = wc_CryptoCb_GetDevice(devId);
if (dev == NULL)
@@ -260,19 +317,64 @@ int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
return BUFFER_E; /* out of devices */
dev->devId = devId;
- dev->cb = cb;
- dev->ctx = ctx;
-
- return 0;
+ dev->cb = cb;
+ dev->ctx = ctx;
+
+#ifdef WOLF_CRYPTO_CB_CMD
+ if (cb != NULL) {
+ /* Invoke callback with register command */
+ wc_CryptoInfo info;
+ XMEMSET(&info, 0, sizeof(info));
+ info.algo_type = WC_ALGO_TYPE_NONE;
+ info.cmd.type = WC_CRYPTOCB_CMD_TYPE_REGISTER;
+ info.cmd.ctx = ctx; /* cb may update on success */
+
+ rc = cb(devId, &info, ctx);
+ if (rc == 0) {
+ /* Success. Update dev->ctx */
+ dev->ctx = info.cmd.ctx;
+ }
+ else if ((rc == CRYPTOCB_UNAVAILABLE) ||
+ (rc == NOT_COMPILED_IN)) {
+ /* Not implemented. Return success*/
+ rc = 0;
+ }
+ else {
+ /* Error in callback register cmd. Don't register */
+ wc_CryptoCb_ClearDev(dev);
+ }
+ }
+#endif
+ return rc;
}
void wc_CryptoCb_UnRegisterDevice(int devId)
{
- CryptoCb* dev = wc_CryptoCb_GetDevice(devId);
- if (dev) {
- XMEMSET(dev, 0, sizeof(*dev));
- dev->devId = INVALID_DEVID;
+ CryptoCb* dev = NULL;
+
+ /* Can't unregister the invalid device */
+ if (devId == INVALID_DEVID)
+ return;
+
+ /* Find the matching dev */
+ dev = wc_CryptoCb_GetDevice(devId);
+ if (dev == NULL)
+ return;
+
+#ifdef WOLF_CRYPTO_CB_CMD
+ if (dev->cb != NULL) {
+ /* Invoke callback with unregister command.*/
+ wc_CryptoInfo info;
+ XMEMSET(&info, 0, sizeof(info));
+ info.algo_type = WC_ALGO_TYPE_NONE;
+ info.cmd.type = WC_CRYPTOCB_CMD_TYPE_UNREGISTER;
+ info.cmd.ctx = NULL; /* Not used */
+
+ /* Ignore errors here */
+ dev->cb(devId, &info, dev->ctx);
}
+#endif
+ wc_CryptoCb_ClearDev(dev);
}
#ifndef NO_RSA
@@ -1337,6 +1439,10 @@ int wc_CryptoCb_DefaultDevID(void)
/* conditional macro selection based on build */
#ifdef WOLFSSL_CAAM_DEVID
ret = WOLFSSL_CAAM_DEVID;
+#elif defined(HAVE_ARIA)
+ ret = WOLFSSL_ARIA_DEVID;
+#elif defined(WC_USE_DEVID)
+ ret = WC_USE_DEVID;
#else
ret = INVALID_DEVID;
#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c b/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c
index d97a1868..e5c3593b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c
@@ -58,7 +58,13 @@ const curve25519_set_type curve25519_sets[] = {
}
};
-static const unsigned char kCurve25519BasePoint[CURVE25519_KEYSIZE] = {9};
+static const word32 kCurve25519BasePoint[CURVE25519_KEYSIZE/sizeof(word32)] = {
+#ifdef BIG_ENDIAN_ORDER
+ 0x09000000
+#else
+ 9
+#endif
+};
/* Curve25519 private key must be less than order */
/* These functions clamp private k and check it */
@@ -133,7 +139,7 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
SAVE_VECTOR_REGISTERS(return _svr_ret;);
- ret = curve25519(pub, priv, kCurve25519BasePoint);
+ ret = curve25519(pub, priv, (byte*)kCurve25519BasePoint);
RESTORE_VECTOR_REGISTERS();
#endif
@@ -325,14 +331,11 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
}
}
#endif
- if (ret != 0) {
- ForceZero(&o, sizeof(o));
- return ret;
+ if (ret == 0) {
+ curve25519_copy_point(out, o.point, endian);
+ *outlen = CURVE25519_KEYSIZE;
}
- curve25519_copy_point(out, o.point, endian);
- *outlen = CURVE25519_KEYSIZE;
-
ForceZero(&o, sizeof(o));
return ret;
@@ -372,7 +375,7 @@ int wc_curve25519_export_public_ex(curve25519_key* key, byte* out,
(int)sizeof(key->k), key->k);
key->pubSet = (ret == 0);
}
- /* export public point with endianess */
+ /* export public point with endianness */
curve25519_copy_point(out, key->p.point, endian);
*outLen = CURVE25519_KEYSIZE;
@@ -410,7 +413,7 @@ int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
return ECC_BAD_ARG_E;
}
- /* import public point with endianess */
+ /* import public point with endianness */
curve25519_copy_point(key->p.point, in, endian);
key->pubSet = 1;
@@ -535,7 +538,7 @@ int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
return ECC_BAD_ARG_E;
}
- /* export private scalar with endianess */
+ /* export private scalar with endianness */
curve25519_copy_point(out, key->k, endian);
*outLen = CURVE25519_KEYSIZE;
@@ -632,7 +635,7 @@ int wc_curve25519_import_private_ex(const byte* priv, word32 privSz,
se050_curve25519_free_key(key);
#endif
- /* import private scalar with endianess */
+ /* import private scalar with endianness */
curve25519_copy_point(key->k, priv, endian);
key->privSet = 1;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c
index d932a4a2..650c33a3 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c
@@ -49,85 +49,6 @@
#include <wolfssl/wolfcrypt/cryptocb.h>
#endif
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
- int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
- {
- return Des_SetKey(des, key, iv, dir);
- }
- int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
- {
- if (des == NULL || key == NULL || dir < 0) {
- return BAD_FUNC_ARG;
- }
-
- return Des3_SetKey_fips(des, key, iv, dir);
- }
- int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
- {
- return Des_CbcEncrypt(des, out, in, sz);
- }
- int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
- {
- return Des_CbcDecrypt(des, out, in, sz);
- }
- int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
- {
- if (des == NULL || out == NULL || in == NULL) {
- return BAD_FUNC_ARG;
- }
- return Des3_CbcEncrypt_fips(des, out, in, sz);
- }
- int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
- {
- if (des == NULL || out == NULL || in == NULL) {
- return BAD_FUNC_ARG;
- }
- return Des3_CbcDecrypt_fips(des, out, in, sz);
- }
-
- #ifdef WOLFSSL_DES_ECB
- /* One block, compatibility only */
- int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
- {
- return Des_EcbEncrypt(des, out, in, sz);
- }
- int wc_Des3_EcbEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
- {
- return Des3_EcbEncrypt(des, out, in, sz);
- }
- #endif /* WOLFSSL_DES_ECB */
-
- void wc_Des_SetIV(Des* des, const byte* iv)
- {
- Des_SetIV(des, iv);
- }
- int wc_Des3_SetIV(Des3* des, const byte* iv)
- {
- return Des3_SetIV_fips(des, iv);
- }
-
- int wc_Des3Init(Des3* des3, void* heap, int devId)
- {
- (void)des3;
- (void)heap;
- (void)devId;
- /* FIPS doesn't support:
- return Des3Init(des3, heap, devId); */
- return 0;
- }
- void wc_Des3Free(Des3* des3)
- {
- (void)des3;
- /* FIPS doesn't support:
- Des3Free(des3); */
- }
-
-#else /* else build without fips, or for FIPS v2 */
-
-
#if defined(WOLFSSL_TI_CRYPT)
#include <wolfcrypt/src/port/ti/ti-des3.c>
#else
@@ -517,7 +438,7 @@
#elif defined(HAVE_COLDFIRE_SEC)
- #include <wolfssl/ctaocrypt/types.h>
+ #include <wolfssl/wolfcrypt/types.h>
#include "sec.h"
#include "mcf5475_sec.h"
@@ -1695,7 +1616,7 @@
#elif defined(HAVE_INTEL_QA)
return IntelQaSymDes3CbcEncrypt(&des->asyncDev, out, in, sz,
(const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_ENCRYPT)) {
WC_ASYNC_SW* sw = &des->asyncDev.sw;
sw->des.des = des;
@@ -1746,7 +1667,7 @@
#elif defined(HAVE_INTEL_QA)
return IntelQaSymDes3CbcDecrypt(&des->asyncDev, out, in, sz,
(const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_DECRYPT)) {
WC_ASYNC_SW* sw = &des->asyncDev.sw;
sw->des.des = des;
@@ -1889,5 +1810,4 @@ void wc_Des3Free(Des3* des3)
}
#endif /* WOLFSSL_TI_CRYPT */
-#endif /* HAVE_FIPS */
#endif /* NO_DES3 */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c b/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c
index f89b5525..e638a51c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c
@@ -1021,7 +1021,7 @@ static int _ffc_pairwise_consistency_test(DhKey* key,
/* if not using fixed points use DiscreteLogWorkFactor function for unusual size
otherwise round up on size needed */
#ifndef WOLFSSL_DH_CONST
- #define WOLFSSL_DH_ROUND(x)
+ #define WOLFSSL_DH_ROUND(x) WC_DO_NOTHING
#else
#define WOLFSSL_DH_ROUND(x) \
do { \
@@ -1352,7 +1352,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
*pubSz = (word32)mp_unsigned_bin_size(y);
mp_clear(y);
- mp_clear(x);
+ mp_forcezero(x);
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
@@ -1433,7 +1433,7 @@ static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
#elif defined(HAVE_CAVIUM)
/* TODO: Not implemented - use software for now */
-#else /* WOLFSSL_ASYNC_CRYPT_SW */
+#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_GEN)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->dhGen.key = key;
@@ -2207,7 +2207,7 @@ static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
#elif defined(HAVE_CAVIUM)
/* TODO: Not implemented - use software for now */
-#else /* WOLFSSL_ASYNC_CRYPT_SW */
+#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_AGREE)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->dhAgree.key = key;
@@ -2886,6 +2886,11 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
ret = 0;
unsigned char *buf = NULL;
+#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_NO_MALLOC)
+ XMEMSET(tmp, 0, sizeof(tmp));
+ XMEMSET(tmp2, 0, sizeof(tmp2));
+#endif
+
if (rng == NULL || dh == NULL)
ret = BAD_FUNC_ARG;
@@ -2934,9 +2939,22 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (ret == 0) {
- if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
- ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL))
+ if ((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL,
+ DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
+ ret = MEMORY_E;
+ }
+ else {
+ XMEMSET(tmp, 0, sizeof(*tmp));
+ }
+ }
+ if (ret == 0) {
+ if ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL,
+ DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
ret = MEMORY_E;
+ }
+ else {
+ XMEMSET(tmp2, 0, sizeof(*tmp2));
+ }
}
#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c
index 1e4f59a3..3cdcffe3 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c
@@ -260,7 +260,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
*/
switch (modulus_size) {
#ifdef WOLFSSL_DSA_768_MODULUS
- /* This key length is unsecure and only included for bind 9 testing */
+ /* This key length is insecure and only included for bind 9 testing */
case 768:
#endif
case 1024:
@@ -641,7 +641,7 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
{
- /* use sha1 by default for backwards compatability */
+ /* use sha1 by default for backwards compatibility */
return wc_DsaSign_ex(digest, WC_SHA_DIGEST_SIZE, out, key, rng);
}
@@ -756,7 +756,7 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
break;
}
- /* k is a random numnber and it should be less than q-1
+ /* k is a random number and it should be less than q-1
* if k greater than repeat
*/
/* Step 6 */
@@ -976,7 +976,7 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
{
- /* use sha1 by default for backwards compatability */
+ /* use sha1 by default for backwards compatibility */
return wc_DsaVerify_ex(digest, WC_SHA_DIGEST_SIZE, sig, key, answer);
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c
index 7bee4b16..c4ad9e8a 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c
@@ -92,6 +92,12 @@ Possible ECC enable options:
* Enables implementations that protect data that is in
* encrypted memory.
* default: off
+ * WOLFSSL_ECC_GEN_REJECT_SAMPLING
+ * Enables generation of scalar (private key and ECDSA
+ * nonce) to be performed using reject sampling algorithm.
+ * Use this when CPU state can be closely observed by
+ * attacker.
+ * default: off
*/
/*
@@ -101,6 +107,7 @@ ECC Curve Types:
* HAVE_ECC_SECPR3 Enables SECP R3 curves default: off
* HAVE_ECC_BRAINPOOL Enables Brainpool curves default: off
* HAVE_ECC_KOBLITZ Enables Koblitz curves default: off
+ * WOLFSSL_SM2 Enables SM2 curves default: off
*/
/*
@@ -215,13 +222,30 @@ ECC Curve Sizes:
#endif
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
- !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \
- !defined(WOLFSSL_CRYPTOCELL) && !defined(NO_ECC_MAKE_PUB) && \
+ !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+ !defined(WOLFSSL_KCAPI_ECC) && !defined(WOLFSSL_SE050) && \
+ !defined(WOLFSSL_XILINX_CRYPT_VERSAL) && !defined(WOLFSSL_STM32_PKA)
+ #undef HAVE_ECC_VERIFY_HELPER
+ #define HAVE_ECC_VERIFY_HELPER
+#endif
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+ !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+ !defined(WOLFSSL_KCAPI_ECC) && !defined(NO_ECC_MAKE_PUB) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
#undef HAVE_ECC_MAKE_PUB
#define HAVE_ECC_MAKE_PUB
#endif
+#if !defined(WOLFSSL_SP_MATH) && \
+ !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+ !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+ !defined(WOLFSSL_SE050) && !defined(WOLFSSL_STM32_PKA) && \
+ !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+ #undef HAVE_ECC_CHECK_PUBKEY_ORDER
+ #define HAVE_ECC_CHECK_PUBKEY_ORDER
+#endif
+
#if defined(WOLFSSL_SP_MATH_ALL) && SP_INT_BITS < MAX_ECC_BITS_NEEDED
#define MAX_ECC_BITS_USE SP_INT_BITS
#else
@@ -319,7 +343,7 @@ enum {
#endif
#define ecc_oid_secp112r1_sz CODED_SECP112R1_SZ
#endif /* !NO_ECC_SECP */
- #ifdef HAVE_ECC_SECPR2
+ #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
#ifdef HAVE_OID_ENCODING
#define CODED_SECP112R2 {1,3,132,0,7}
#define CODED_SECP112R2_SZ 5
@@ -333,7 +357,7 @@ enum {
#define ecc_oid_secp112r2 CODED_SECP112R2
#endif
#define ecc_oid_secp112r2_sz CODED_SECP112R2_SZ
- #endif /* HAVE_ECC_SECPR2 */
+ #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
#endif /* ECC112 */
#ifdef ECC128
#ifndef NO_ECC_SECP
@@ -351,7 +375,7 @@ enum {
#endif
#define ecc_oid_secp128r1_sz CODED_SECP128R1_SZ
#endif /* !NO_ECC_SECP */
- #ifdef HAVE_ECC_SECPR2
+ #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
#ifdef HAVE_OID_ENCODING
#define CODED_SECP128R2 {1,3,132,0,29}
#define CODED_SECP128R2_SZ 5
@@ -365,7 +389,7 @@ enum {
#define ecc_oid_secp128r2 CODED_SECP128R2
#endif
#define ecc_oid_secp128r2_sz CODED_SECP128R2_SZ
- #endif /* HAVE_ECC_SECPR2 */
+ #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
#endif /* ECC128 */
#ifdef ECC160
#ifndef FP_ECC
@@ -649,6 +673,21 @@ enum {
#define ecc_oid_brainpoolp256r1_sz CODED_BRAINPOOLP256R1_SZ
#endif /* HAVE_ECC_BRAINPOOL */
#endif /* ECC256 */
+ #if defined(WOLFSSL_SM2)
+ #ifdef HAVE_OID_ENCODING
+ #define CODED_SM2P256V1 {1,2,156,10197,1,301}
+ #define CODED_SM2P256V1_SZ 6
+ #else
+ #define CODED_SM2P256V1 {0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2d}
+ #define CODED_SM2P256V1_SZ 8
+ #endif
+ #ifndef WOLFSSL_ECC_CURVE_STATIC
+ static const ecc_oid_t ecc_oid_sm2p256v1[] = CODED_SM2P256V1;
+ #else
+ #define ecc_oid_sm2p256v1 CODED_SM2P256V1
+ #endif
+ #define ecc_oid_sm2p256v1_sz CODED_SM2P256V1_SZ
+ #endif /* WOLFSSL_SM2 */
#ifdef ECC320
#ifdef HAVE_ECC_BRAINPOOL
#ifdef HAVE_OID_ENCODING
@@ -757,7 +796,7 @@ const ecc_set_type ecc_sets[] = {
1, /* cofactor */
},
#endif /* !NO_ECC_SECP */
- #ifdef HAVE_ECC_SECPR2
+ #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
{
14, /* size/bytes */
ECC_SECP112R2, /* ID */
@@ -773,7 +812,7 @@ const ecc_set_type ecc_sets[] = {
ECC_SECP112R2_OID, /* oid sum */
4, /* cofactor */
},
- #endif /* HAVE_ECC_SECPR2 */
+ #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
#endif /* ECC112 */
#ifdef ECC128
#ifndef NO_ECC_SECP
@@ -793,7 +832,7 @@ const ecc_set_type ecc_sets[] = {
1, /* cofactor */
},
#endif /* !NO_ECC_SECP */
- #ifdef HAVE_ECC_SECPR2
+ #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
{
16, /* size/bytes */
ECC_SECP128R2, /* ID */
@@ -809,7 +848,7 @@ const ecc_set_type ecc_sets[] = {
ECC_SECP128R2_OID, /* oid sum */
4, /* cofactor */
},
- #endif /* HAVE_ECC_SECPR2 */
+ #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
#endif /* ECC128 */
#ifdef ECC160
#ifndef FP_ECC
@@ -1129,6 +1168,25 @@ const ecc_set_type ecc_sets[] = {
},
#endif /* HAVE_ECC_BRAINPOOL */
#endif /* ECC256 */
+ #if defined(WOLFSSL_SM2)
+ {
+ 32, /* size/bytes */
+ ECC_SM2P256V1, /* ID */
+ "SM2P256V1", /* curve name */
+
+ /* bottom of draft-shen-sm2-ecdsa-02, recommended values */
+ "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", /* prime */
+ "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", /* A */
+ "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", /* B */
+ "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", /* order */
+ "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", /* Gx */
+ "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", /* Gy */
+ ecc_oid_sm2p256v1, /* oid/oidSz */
+ ecc_oid_sm2p256v1_sz,
+ ECC_SM2P256V1_OID, /* oid sum */
+ 1, /* cofactor */
+ },
+ #endif /* WOLFSSL_SM2 */
#ifdef ECC320
#ifdef HAVE_ECC_BRAINPOOL
{
@@ -1274,18 +1332,11 @@ const size_t ecc_sets_count = ECC_SET_COUNT - 1;
static oid_cache_t ecc_oid_cache[ECC_SET_COUNT];
#endif
-
+/* Forward declarations */
#if defined(HAVE_COMP_KEY) && defined(HAVE_ECC_KEY_EXPORT)
static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen);
#endif
-
-
-
-#if !defined(WOLFSSL_SP_MATH) && \
- !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
- !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
- !defined(WOLFSSL_SE050) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
- !defined(WOLFSSL_STM32_PKA)
+#ifdef HAVE_ECC_CHECK_PUBKEY_ORDER
static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
mp_int* prime, mp_int* order);
#endif
@@ -1296,8 +1347,18 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng);
#endif
-int mp_jacobi(mp_int* a, mp_int* n, int* c);
-int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret);
+#ifdef HAVE_COMP_KEY
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+ !defined(WOLFSSL_CRYPTOCELL)
+
+#ifndef WOLFSSL_SP_MATH
+#if !defined(SQRTMOD_USE_MOD_EXP)
+static int mp_jacobi(mp_int* a, mp_int* n, int* c);
+#endif
+static int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret);
+#endif
+#endif
+#endif
/* Curve Specs */
@@ -1335,25 +1396,22 @@ typedef struct ecc_curve_spec {
byte load_mask;
} ecc_curve_spec;
-enum ecc_curve_load_mask {
- ECC_CURVE_FIELD_NONE = 0x00,
- ECC_CURVE_FIELD_PRIME = 0x01,
- ECC_CURVE_FIELD_AF = 0x02,
+ #define ECC_CURVE_FIELD_NONE 0x00
+ #define ECC_CURVE_FIELD_PRIME 0x01
+ #define ECC_CURVE_FIELD_AF 0x02
#ifdef USE_ECC_B_PARAM
- ECC_CURVE_FIELD_BF = 0x04,
+ #define ECC_CURVE_FIELD_BF 0x04
#endif
- ECC_CURVE_FIELD_ORDER = 0x08,
- ECC_CURVE_FIELD_GX = 0x10,
- ECC_CURVE_FIELD_GY = 0x20,
+ #define ECC_CURVE_FIELD_ORDER 0x08
+ #define ECC_CURVE_FIELD_GX 0x10
+ #define ECC_CURVE_FIELD_GY 0x20
#ifdef USE_ECC_B_PARAM
- ECC_CURVE_FIELD_ALL = 0x3F,
- ECC_CURVE_FIELD_COUNT = 6,
+ #define ECC_CURVE_FIELD_ALL 0x3F
+ #define ECC_CURVE_FIELD_COUNT 6
#else
- ECC_CURVE_FIELD_ALL = 0x3B,
- ECC_CURVE_FIELD_COUNT = 5,
+ #define ECC_CURVE_FIELD_ALL 0x3B
+ #define ECC_CURVE_FIELD_COUNT 5
#endif
- WOLF_ENUM_DUMMY_LAST_ELEMENT(ecc_curve_load_mask)
-};
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
static const u32 xil_curve_type[ECC_CURVE_MAX] = {
@@ -1409,8 +1467,8 @@ static int xil_mpi_import(mp_int *mpi,
#endif
#define DECLARE_CURVE_SPECS(intcount) ecc_curve_spec* curve = NULL
- #define ALLOC_CURVE_SPECS(intcount, err)
- #define FREE_CURVE_SPECS()
+ #define ALLOC_CURVE_SPECS(intcount, err) WC_DO_NOTHING
+ #define FREE_CURVE_SPECS() WC_DO_NOTHING
#elif defined(WOLFSSL_SMALL_STACK)
#ifdef WOLFSSL_SP_MATH_ALL
#define DECLARE_CURVE_SPECS(intcount) \
@@ -1465,8 +1523,8 @@ static int xil_mpi_import(mp_int *mpi,
curve->spec_ints = spec_ints; \
curve->spec_count = (intcount)
#endif
- #define ALLOC_CURVE_SPECS(intcount, err)
- #define FREE_CURVE_SPECS()
+ #define ALLOC_CURVE_SPECS(intcount, err) WC_DO_NOTHING
+ #define FREE_CURVE_SPECS() WC_DO_NOTHING
#endif /* ECC_CACHE_CURVE */
static void wc_ecc_curve_cache_free_spec_item(ecc_curve_spec* curve, mp_int* item,
@@ -2107,6 +2165,12 @@ done:
(void)a;
(void)mp;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((modBits == 256) && (!mp_is_bit_set(modulus, 224))) {
+ return sp_ecc_proj_add_point_sm2_256(P->x, P->y, P->z, Q->x, Q->y, Q->z,
+ R->x, R->y, R->z);
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (modBits == 256) {
return sp_ecc_proj_add_point_256(P->x, P->y, P->z, Q->x, Q->y, Q->z,
@@ -2471,6 +2535,11 @@ static int _ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
(void)a;
(void)mp;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((modBits == 256) && (!mp_is_bit_set(modulus, 224))) {
+ return sp_ecc_proj_dbl_point_sm2_256(P->x, P->y, P->z, R->x, R->y, R->z);
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (modBits == 256) {
return sp_ecc_proj_dbl_point_256(P->x, P->y, P->z, R->x, R->y, R->z);
@@ -2723,6 +2792,11 @@ done:
(void)mp;
(void)ct;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+ return sp_ecc_map_sm2_256(P->x, P->y, P->z);
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (mp_count_bits(modulus) == 256) {
return sp_ecc_map_256(P->x, P->y, P->z);
@@ -2906,21 +2980,11 @@ static int ecc_mulmod(const mp_int* k, ecc_point* tG, ecc_point* R,
#else
static int wc_ecc_gen_z(WC_RNG* rng, int size, ecc_point* p, mp_int* modulus,
- mp_digit mp, mp_int* tx, mp_int* ty)
+ mp_digit mp, mp_int* tx, mp_int* ty, mp_int* mu)
{
int err = MP_OKAY;
- DECL_MP_INT_SIZE_DYN(mu, mp_bitsused(modulus), MAX_ECC_BITS_USE);
- NEW_MP_INT_SIZE(mu, mp_bitsused(modulus), NULL, DYNAMIC_TYPE_ECC);
-#ifdef MP_INT_SIZE_CHECK_NULL
- if (mu == NULL)
- err = MEMORY_E;
-#endif
-
- if (err == MP_OKAY)
- err = INIT_MP_INT_SIZE(mu, mp_bitsused(modulus));
- if (err == MP_OKAY)
- err = mp_montgomery_calc_normalization(mu, modulus);
+ err = mp_montgomery_calc_normalization(mu, modulus);
/* Generate random value to multiply into p->z. */
if (err == MP_OKAY)
err = wc_ecc_gen_k(rng, size, ty, modulus);
@@ -2953,9 +3017,6 @@ static int wc_ecc_gen_z(WC_RNG* rng, int size, ecc_point* p, mp_int* modulus,
if (err == MP_OKAY)
err = mp_montgomery_reduce(p->y, modulus, mp);
- mp_clear(mu);
- FREE_MP_INT_SIZE(mu, NULL, DYNAMIC_TYPE_ECC);
-
return err;
}
@@ -2993,9 +3054,25 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
#ifndef WC_NO_CACHE_RESISTANT
/* First bit always 1 (fix at end) and swap equals first bit */
int swap = 1;
+#ifdef WOLFSSL_SMALL_STACK
+ mp_int* tmp = NULL;
+#else
+ mp_int tmp[1];
+#endif
#endif
int infinity;
+#ifndef WC_NO_CACHE_RESISTANT
+#ifdef WOLFSSL_SMALL_STACK
+ tmp = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);
+ if (tmp == NULL) {
+ err = MEMORY_E;
+ }
+#endif
+ if (err == MP_OKAY)
+ err = mp_init(tmp);
+#endif
+
/* Step 1: R[0] = P; R[1] = P */
/* R[0] = P */
if (err == MP_OKAY)
@@ -3015,9 +3092,9 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
/* Randomize z ordinates to obfuscate timing. */
if ((err == MP_OKAY) && (rng != NULL))
- err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[2]->x, R[2]->y);
+ err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[2]->x, R[2]->y, kt);
if ((err == MP_OKAY) && (rng != NULL))
- err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[2]->x, R[2]->y);
+ err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[2]->x, R[2]->y, kt);
if (err == MP_OKAY) {
/* Order could be one greater than the size of the modulus. */
@@ -3050,12 +3127,18 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
#else
/* Swap R[0] and R[1] if other index is needed. */
swap ^= (int)b;
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, swap);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, swap);
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used, swap,
+ tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used, swap,
+ tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used, swap,
+ tmp);
+ }
swap = (int)b;
if (err == MP_OKAY)
@@ -3070,12 +3153,18 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
#ifndef WC_NO_CACHE_RESISTANT
/* Swap back if last bit is 0. */
swap ^= 1;
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, swap);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, swap);
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used, swap,
+ tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used, swap,
+ tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used, swap,
+ tmp);
+ }
#endif
/* Step 5: b = k[0]; R[b] = R[b] - P */
@@ -3094,21 +3183,32 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
&infinity);
#else
/* Swap R[0] and R[1], if necessary, to operate on the one we want. */
- err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, (int)b);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, (int)b);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, (int)b);
+ err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used, (int)b,
+ tmp);
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used,
+ (int)b, tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used,
+ (int)b, tmp);
+ }
if (err == MP_OKAY)
err = ecc_projective_add_point_safe(R[0], R[2], R[0], a, modulus,
mp, &infinity);
/* Swap back if necessary. */
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, (int)b);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, (int)b);
- if (err == MP_OKAY)
- err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, (int)b);
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used,
+ (int)b, tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used,
+ (int)b, tmp);
+ }
+ if (err == MP_OKAY) {
+ err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used,
+ (int)b, tmp);
+ }
#endif
}
@@ -3120,6 +3220,10 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
if (err == MP_OKAY)
err = mp_copy(R[0]->z, Q->z);
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WC_NO_CACHE_RESISTANT)
+ XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
+#endif
+
return err;
}
@@ -3211,10 +3315,10 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
/* Randomize z ordinates to obfuscate timing. */
if ((err == MP_OKAY) && (rng != NULL))
err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[TMP_IDX]->x,
- R[TMP_IDX]->y);
+ R[TMP_IDX]->y, kt);
if ((err == MP_OKAY) && (rng != NULL))
err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[TMP_IDX]->x,
- R[TMP_IDX]->y);
+ R[TMP_IDX]->y, kt);
if (err == MP_OKAY) {
/* Order could be one greater than the size of the modulus. */
@@ -3595,6 +3699,11 @@ exit:
}
#ifdef WOLFSSL_HAVE_SP_ECC
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+ return sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (mp_count_bits(modulus) == 256) {
return sp_ecc_mulmod_256(k, G, R, map, heap);
@@ -3795,6 +3904,11 @@ exit:
(void)rng;
#ifdef WOLFSSL_HAVE_SP_ECC
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+ return sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (mp_count_bits(modulus) == 256) {
return sp_ecc_mulmod_256(k, G, R, map, heap);
@@ -4586,6 +4700,14 @@ int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
}
else
#endif /* ! WOLFSSL_SP_NO_256 */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (private_key->idx != ECC_CUSTOM_IDX &&
+ ecc_sets[private_key->idx].id == ECC_SM2P256V1) {
+ err = sp_ecc_secret_gen_sm2_256(k, point, out, outlen,
+ private_key->heap);
+ }
+ else
+#endif
#ifdef WOLFSSL_SP_384
if (private_key->idx != ECC_CUSTOM_IDX &&
ecc_sets[private_key->idx].id == ECC_SECP384R1) {
@@ -4886,11 +5008,6 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
if (private_key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
err = wc_ecc_shared_secret_gen_async(private_key, point,
out, outlen);
- if (err == 0) {
- /* exit early */
- RESTORE_VECTOR_REGISTERS();
- return err;
- }
}
else
#endif
@@ -5024,6 +5141,7 @@ int wc_ecc_point_is_at_infinity(ecc_point* p)
int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
{
#ifndef WC_NO_RNG
+#ifndef WOLFSSL_ECC_GEN_REJECT_SAMPLING
int err;
byte buf[ECC_MAXSIZE_GEN];
@@ -5066,6 +5184,54 @@ int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
return err;
#else
+ int err;
+ byte buf[ECC_MAXSIZE_GEN];
+ int bits;
+
+ if ((rng == NULL) || (size < 0) || (size + 8 > ECC_MAXSIZE_GEN) ||
+ (k == NULL) || (order == NULL)) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Get actual bit count of order. */
+ bits = mp_count_bits(order);
+ size = (bits + 7) >> 3;
+
+ /* generate number in range of order through rejection sampling. */
+ /* see section A.2.2 and A.4.2 in FIPS 186-5 */
+ do {
+ /* A.2.2 step 3: make up random string */
+ err = wc_RNG_GenerateBlock(rng, buf, (word32)size);
+ #ifdef WOLFSSL_CHECK_MEM_ZERO
+ wc_MemZero_Add("wc_ecc_gen_k buf", buf, size);
+ #endif
+ /* Generated multiple of 8 bits but now make it size of order. */
+ if ((bits & 0x7) > 0) {
+ buf[0] &= (1 << (bits & 0x7)) - 1;
+ }
+
+ /* A.2.2 step 4: convert to integer. */
+ /* A.4.2 step 3: Convert the bit string to integer x. */
+ if (err == 0) {
+ err = mp_read_unsigned_bin(k, buf, (word32)size);
+ }
+
+ /* A.4.2 step 4, 5: x must be in range [1, n-1] */
+ if ((err == MP_OKAY) && !mp_iszero(k) &&
+ (mp_cmp_ct(k, order, order->used) == MP_LT)) {
+ break;
+ }
+ }
+ while (err == MP_OKAY);
+
+ ForceZero(buf, ECC_MAXSIZE_GEN);
+#ifdef WOLFSSL_CHECK_MEM_ZERO
+ wc_MemZero_Check(buf, ECC_MAXSIZE_GEN);
+#endif
+
+ return err;
+#endif
+#else
(void)rng;
(void)size;
(void)k;
@@ -5169,6 +5335,12 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curve,
err = sp_ecc_mulmod_base_256(key->k, pub, 1, key->heap);
}
else
+#endif /* WOLFSSL_SP_NO_256 */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ err = sp_ecc_mulmod_base_sm2_256(key->k, pub, 1, key->heap);
+ }
+ else
#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
@@ -5367,7 +5539,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
/* TODO: Not implemented */
#elif defined(HAVE_INTEL_QA)
/* Implemented in ecc_make_pub_ex for the pub calc */
- #else
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_MAKE)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->eccMake.rng = rng;
@@ -5475,7 +5647,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->privKey), key->dp->size);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(key->keyRaw),
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->keyRaw),
2 * key->dp->size);
err = XSecure_EllipticGenerateKey(&(key->xSec.cinst),
@@ -5487,7 +5659,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
err = WC_HW_E;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(key->keyRaw),
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->keyRaw),
2 * key->dp->size);
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
@@ -5546,6 +5718,15 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
}
else
#endif /* !WOLFSSL_SP_NO_256 */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ err = sp_ecc_make_key_sm2_256(rng, key->k, &key->pubkey, key->heap);
+ if (err == MP_OKAY) {
+ key->type = ECC_PRIVATEKEY;
+ }
+ }
+ else
+#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
#ifndef WC_ECC_NONBLOCK
@@ -5612,6 +5793,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifndef ALT_ECC_SIZE
err = mp_init(key->k);
#else
+ err = 0;
key->k = (mp_int*)key->ka;
alt_fp_init(key->k);
#endif
@@ -6186,7 +6368,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->privKey), keysize);
WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(K), keysize);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(out), keysize * 2);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(out), keysize * 2);
err = XSecure_EllipticGenerateSign(&(key->xSec.cinst),
xil_curve_type[key->dp->id],
@@ -6199,7 +6381,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
err = WC_HW_E;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(out), keysize * 2);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(out), keysize * 2);
mp_reverse(&out[0], keysize);
mp_reverse(&out[keysize], keysize);
@@ -6753,6 +6935,16 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
#endif
}
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ int ret;
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ret = sp_ecc_sign_sm2_256(in, inlen, rng, key->k, r, s, sign_k,
+ key->heap);
+ RESTORE_VECTOR_REGISTERS();
+ return ret;
+ }
+ #endif
#ifdef WOLFSSL_SP_384
if (ecc_sets[key->idx].id == ECC_SECP384R1) {
#ifdef WC_ECC_NONBLOCK
@@ -6870,6 +7062,9 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
#ifndef WOLFSSL_SP_NO_256
&& ecc_sets[key->idx].id != ECC_SECP256R1
#endif
+ #ifdef WOLFSSL_SP_SM2
+ && ecc_sets[key->idx].id != ECC_SM2P256V1
+ #endif
#ifdef WOLFSSL_SP_384
&& ecc_sets[key->idx].id != ECC_SECP384R1
#endif
@@ -7539,7 +7734,10 @@ int wc_ecc_free(ecc_key* key)
mp_clear(key->pubkey.y);
mp_clear(key->pubkey.z);
- mp_forcezero(key->k);
+#ifdef ALT_ECC_SIZE
+ if (key->k)
+#endif
+ mp_forcezero(key->k);
#ifdef WOLFSSL_CUSTOM_CURVES
if (key->deallocSet && key->dp != NULL)
@@ -7658,6 +7856,13 @@ int ecc_projective_dbl_point_safe(ecc_point *P, ecc_point *R, mp_int* a,
}
else {
err = _ecc_projective_dbl_point(P, R, a, modulus, mp);
+ if ((err == MP_OKAY) && mp_iszero(R->z)) {
+ err = mp_set(R->x, 0);
+ if (err == MP_OKAY)
+ err = mp_set(R->y, 0);
+ if (err == MP_OKAY)
+ err = mp_set(R->z, 1);
+ }
}
return err;
@@ -8244,6 +8449,7 @@ static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
}
#endif /* !WOLFSSL_STM32_PKA && !WOLFSSL_PSOC6_CRYPTO */
+#ifdef HAVE_ECC_VERIFY_HELPER
static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key)
{
@@ -8270,6 +8476,9 @@ static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
#ifndef WOLFSSL_SP_NO_256
&& ecc_sets[key->idx].id != ECC_SECP256R1
#endif
+ #ifdef WOLFSSL_SP_SM2
+ && ecc_sets[key->idx].id != ECC_SM2P256V1
+ #endif
#ifdef WOLFSSL_SP_384
&& ecc_sets[key->idx].id != ECC_SECP384R1
#endif
@@ -8319,6 +8528,21 @@ static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
#endif
}
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ #if defined(FP_ECC_CONTROL) && !defined(WOLFSSL_DSP_BUILD)
+ return sp_ecc_cache_verify_sm2_256(hash, hashlen, key->pubkey.x,
+ key->pubkey.y, key->pubkey.z, r, s, res,
+ sp_ecc_get_cache_entry_256(&(key->pubkey), ECC_SM2P256V1,
+ key->fpIdx, key->fpBuild, key->heap),
+ key->heap);
+ #endif
+ #if !defined(FP_ECC_CONTROL)
+ return sp_ecc_verify_sm2_256(hash, hashlen, key->pubkey.x,
+ key->pubkey.y, key->pubkey.z, r, s, res, key->heap);
+ #endif
+ }
+ #endif
#ifdef WOLFSSL_SP_384
if (ecc_sets[key->idx].id == ECC_SECP384R1) {
#ifdef WC_ECC_NONBLOCK
@@ -8616,6 +8840,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
return err;
}
#endif /* !WOLFSSL_SP_MATH || FREESCALE_LTC_ECC */
+#endif /* HAVE_ECC_VERIFY_HELPER */
/**
Verify an ECC signature
@@ -8692,10 +8917,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
}
#endif
-#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
- defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
- defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050) || \
- defined(WOLFSSL_XILINX_CRYPT_VERSAL)
+#ifndef HAVE_ECC_VERIFY_HELPER
#ifndef WOLFSSL_SE050
/* Extract R and S with front zero padding (if required),
@@ -8842,7 +9064,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
(void)curveLoaded;
wc_ecc_curve_free(curve);
FREE_CURVE_SPECS();
-#endif /* WOLFSSL_ATECC508A */
+#endif /* HAVE_ECC_VERIFY_HELPER */
(void)keySz;
(void)hashlen;
@@ -8942,6 +9164,13 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
}
else
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (curve_idx != ECC_CUSTOM_IDX &&
+ ecc_sets[curve_idx].id == ECC_SM2P256V1) {
+ sp_ecc_uncompress_sm2_256(point->x, pointType, point->y);
+ }
+ else
+ #endif
#ifdef WOLFSSL_SP_384
if (curve_idx != ECC_CUSTOM_IDX &&
ecc_sets[curve_idx].id == ECC_SECP384R1) {
@@ -9089,7 +9318,7 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
return err;
}
-/* function for backwards compatiblity with previous implementations */
+/* function for backwards compatibility with previous implementations */
int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx,
ecc_point* point)
{
@@ -9487,6 +9716,11 @@ static int _ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime)
(void)b;
#ifdef WOLFSSL_HAVE_SP_ECC
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((mp_count_bits(prime) == 256) && (!mp_is_bit_set(prime, 224))) {
+ return sp_ecc_is_point_sm2_256(ecp->x, ecp->y);
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (mp_count_bits(prime) == 256) {
return sp_ecc_is_point_256(ecp->x, ecp->y);
@@ -9582,6 +9816,14 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
}
else
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ if (err == MP_OKAY) {
+ err = sp_ecc_mulmod_base_sm2_256(key->k, res, 1, key->heap);
+ }
+ }
+ else
+#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
if (err == MP_OKAY) {
@@ -9783,7 +10025,7 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng)
}
#endif /* (FIPS v5 or later || WOLFSSL_VALIDATE_ECC_KEYGEN) &&!WOLFSSL_KCAPI_ECC */
-#ifndef WOLFSSL_SP_MATH
+#ifdef HAVE_ECC_CHECK_PUBKEY_ORDER
/* validate order * pubkey = point at infinity, 0 on success */
static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
mp_int* prime, mp_int* order)
@@ -9815,6 +10057,13 @@ static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
}
else
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (key->idx != ECC_CUSTOM_IDX &&
+ ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ err = sp_ecc_mulmod_sm2_256(order, pubkey, inf, 1, key->heap);
+ }
+ else
+#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX &&
ecc_sets[key->idx].id == ECC_SECP384R1) {
@@ -9920,6 +10169,12 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
}
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+ return sp_ecc_check_key_sm2_256(key->pubkey.x, key->pubkey.y,
+ key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
+ }
+#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
return sp_ecc_check_key_384(key->pubkey.x, key->pubkey.y,
@@ -9941,11 +10196,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
#endif
#ifndef WOLFSSL_SP_MATH
-#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
- defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
- defined(WOLFSSL_SE050) || defined(WOLF_CRYPTO_CB_ONLY_ECC) || \
- defined(WOLFSSL_XILINX_CRYPT_VERSAL) || defined(WOLFSSL_STM32_PKA)
-
+#ifndef HAVE_ECC_CHECK_PUBKEY_ORDER
/* consider key check success on HW crypto
* ex: ATECC508/608A, CryptoCell and Silabs
*
@@ -10077,7 +10328,8 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
#endif
FREE_CURVE_SPECS();
-#endif /* HW Based Crypto */
+#endif /* HAVE_ECC_CHECK_PUBKEY_ORDER */
+
#else
err = WC_KEY_SIZE_E;
#endif /* !WOLFSSL_SP_MATH */
@@ -10300,6 +10552,12 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
}
else
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if (key->dp->id == ECC_SM2P256V1) {
+ sp_ecc_uncompress_sm2_256(key->pubkey.x, pointType, key->pubkey.y);
+ }
+ else
+ #endif
#ifdef WOLFSSL_SP_384
if (key->dp->id == ECC_SECP384R1) {
err = sp_ecc_uncompress_384(key->pubkey.x, pointType,
@@ -10350,7 +10608,7 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
}
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
if (err == MP_OKAY)
- err = silabs_ecc_import(key, keysize);
+ err = silabs_ecc_import(key, keysize, 1, 0);
#elif defined(WOLFSSL_SE050)
if (err == MP_OKAY) {
/* reset key ID, in case used before */
@@ -10597,18 +10855,6 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
ret = mp_read_unsigned_bin(key->k, priv, privSz);
}
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
- if (ret == MP_OKAY)
- ret = mp_read_unsigned_bin(key->k, priv, privSz);
-
- if (ret == MP_OKAY) {
- if (pub) {
- ret = silabs_ecc_import(key, key->dp->size);
- }
- else {
- ret = silabs_ecc_import_private(key, key->dp->size);
- }
- }
#elif defined(WOLFSSL_QNX_CAAM) || defined(WOLFSSL_IMXRT1170_CAAM)
if ((wc_ecc_size(key) + WC_CAAM_MAC_SZ) == (int)privSz) {
#ifdef WOLFSSL_CAAM_BLACK_KEY_SM
@@ -10699,6 +10945,13 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
if (ret == 0) {
ret = mp_read_radix(order, key->dp->order, MP_RADIX_HEX);
}
+ #ifdef WOLFSSL_SM2
+ /* SM2 curve: private key must be less than order-1. */
+ if ((ret == 0) && (key->idx != ECC_CUSTOM_IDX) &&
+ (ecc_sets[key->idx].id == ECC_SM2P256V1)) {
+ ret = mp_sub_d(order, 1, order);
+ }
+ #endif
if ((ret == 0) && (mp_cmp(key->k, order) != MP_LT)) {
ret = ECC_PRIV_KEY_E;
}
@@ -10726,6 +10979,10 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
if (ret == 0) {
ret = wc_MAXQ10XX_EccSetKey(key, key->dp->size);
}
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+ if (ret == 0) {
+ ret = silabs_ecc_import(key, key->dp->size, (pub != NULL), 1);
+ }
#endif
return ret;
@@ -10866,7 +11123,7 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
#endif
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
- defined(WOLFSSL_SILABS_SE_ACCEL) || defined(WOLFSSL_CRYPTOCELL)
+ defined(WOLFSSL_CRYPTOCELL)
word32 keySz = 0;
#endif
@@ -10955,11 +11212,6 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
err = wc_export_int(key->pubkey.y, &key->pubkey_raw[keySz],
&keySz, keySz, WC_TYPE_UNSIGNED_BIN);
}
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
- keySz = key->dp->size;
- if (err == MP_OKAY) {
- err = silabs_ecc_sig_to_rs(key, keySz);
- }
#elif defined(WOLFSSL_CRYPTOCELL)
if (err == MP_OKAY) {
keyRaw[0] = ECC_POINT_UNCOMP;
@@ -11039,9 +11291,6 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
/* Hardware doesn't support loading private key */
err = NOT_COMPILED_IN;
- #elif defined(WOLFSSL_SILABS_SE_ACCEL)
- err = silabs_ecc_import_private_raw(key, keySz, d, encType);
-
#elif defined(WOLFSSL_CRYPTOCELL)
key->type = ECC_PRIVATEKEY;
@@ -11123,6 +11372,10 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
if (err == MP_OKAY) {
err = wc_MAXQ10XX_EccSetKey(key, key->dp->size);
}
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+ if (err == MP_OKAY) {
+ err = silabs_ecc_import(key, key->dp->size, 1, (d != NULL));
+ }
#endif
if (err != MP_OKAY) {
@@ -12856,10 +13109,19 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
return IS_POINT_E;
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+ int ret;
+ SAVE_VECTOR_REGISTERS(return _svr_ret);
+ ret = sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+ RESTORE_VECTOR_REGISTERS();
+ return ret;
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (mp_count_bits(modulus) == 256) {
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret);
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_mulmod_256(k, G, R, map, heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -12868,7 +13130,7 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef WOLFSSL_SP_384
if (mp_count_bits(modulus) == 384) {
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret);
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_mulmod_384(k, G, R, map, heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -12877,7 +13139,7 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef WOLFSSL_SP_521
if (mp_count_bits(modulus) == 521) {
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret);
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_mulmod_521(k, G, R, map, heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -13025,10 +13287,19 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
return IS_POINT_E;
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+ if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+ int ret;
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
+ ret = sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+ RESTORE_VECTOR_REGISTERS();
+ return ret;
+ }
+#endif
#ifndef WOLFSSL_SP_NO_256
if (mp_count_bits(modulus) == 256) {
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret);
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_mulmod_256(k, G, R, map, heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -13037,7 +13308,7 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef WOLFSSL_SP_384
if (mp_count_bits(modulus) == 384) {
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret);
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_mulmod_384(k, G, R, map, heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -13046,7 +13317,7 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef WOLFSSL_SP_521
if (mp_count_bits(modulus) == 521) {
int ret;
- SAVE_VECTOR_REGISTERS(return _svr_ret);
+ SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_mulmod_521(k, G, R, map, heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -13620,7 +13891,9 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret + pubKeySz,
&sharedSz);
#endif
- } while (ret == WC_PENDING_E);
+ }
+ while (ret == WC_PENDING_E);
+
if (ret == 0) {
#ifdef WOLFSSL_ECIES_ISO18033
/* KDF data is encoded public key and secret. */
@@ -13632,6 +13905,30 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, (word32)keysLen);
break;
+ case ecHKDF_SHA1 :
+ ret = wc_HKDF(WC_SHA, sharedSecret, sharedSz, ctx->kdfSalt,
+ ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
+ keys, (word32)keysLen);
+ break;
+#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER)
+ case ecKDF_X963_SHA1 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+ ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+ break;
+ case ecKDF_X963_SHA256 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+ ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+ break;
+ case ecKDF_SHA1 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+ NULL, 0, keys, (word32)keysLen);
+ break;
+ case ecKDF_SHA256 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+ NULL, 0, keys, (word32)keysLen);
+ break;
+#endif
+
default:
ret = BAD_FUNC_ARG;
@@ -14027,6 +14324,29 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
keys, (word32)keysLen);
break;
+ case ecHKDF_SHA1 :
+ ret = wc_HKDF(WC_SHA, sharedSecret, sharedSz, ctx->kdfSalt,
+ ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
+ keys, (word32)keysLen);
+ break;
+#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER)
+ case ecKDF_X963_SHA1 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+ ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+ break;
+ case ecKDF_X963_SHA256 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+ ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+ break;
+ case ecKDF_SHA1 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+ NULL, 0, keys, (word32)keysLen);
+ break;
+ case ecKDF_SHA256 :
+ ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+ NULL, 0, keys, (word32)keysLen);
+ break;
+#endif
default:
ret = BAD_FUNC_ARG;
@@ -14213,9 +14533,10 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
!defined(WOLFSSL_CRYPTOCELL)
#ifndef WOLFSSL_SP_MATH
+#if !defined(SQRTMOD_USE_MOD_EXP)
/* computes the jacobi c = (a | n) (or Legendre if n is prime)
*/
-int mp_jacobi(mp_int* a, mp_int* n, int* c)
+static int mp_jacobi(mp_int* a, mp_int* n, int* c)
{
#ifdef WOLFSSL_SMALL_STACK
mp_int* a1 = NULL;
@@ -14332,6 +14653,7 @@ done:
return res;
}
+#endif /* !SQRTMOD_USE_MOD_EXP */
/* Solves the modular equation x^2 = n (mod p)
@@ -14339,20 +14661,46 @@ done:
* The result is returned in the third argument x
* the function returns MP_OKAY on success, MP_VAL or another error on failure
*/
-int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
+static int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
{
-#ifdef SQRTMOD_USE_MOD_EXP
+#if defined(SQRTMOD_USE_MOD_EXP)
int res;
-
+ mp_digit i;
mp_int e;
+ /* first handle the simple cases n = 0 or n = 1 */
+ if (mp_cmp_d(n, 0) == MP_EQ) {
+ mp_zero(ret);
+ return MP_OKAY;
+ }
+ if (mp_cmp_d(n, 1) == MP_EQ) {
+ return mp_set(ret, 1);
+ }
+
+ if (mp_iseven(prime)) {
+ return MP_VAL;
+ }
+
SAVE_VECTOR_REGISTERS(return _svr_ret;);
res = mp_init(&e);
if (res == MP_OKAY)
+ res = mp_mod_d(prime, 8, &i);
+ if (res == MP_OKAY && i == 1) {
+ return MP_VAL;
+ }
+ /* prime mod 8 = 5 */
+ else if (res == MP_OKAY && i == 5) {
+ res = mp_sub_d(prime, 1, &e);
+ if (res == MP_OKAY)
+ res = mp_div_2d(&e, 2, &e, NULL);
+ }
+ /* prime mod 4 = 3 */
+ else if (res == MP_OKAY && ((i == 3) || (i == 7))) {
res = mp_add_d(prime, 1, &e);
- if (res == MP_OKAY)
- res = mp_div_2d(&e, 2, &e, NULL);
+ if (res == MP_OKAY)
+ res = mp_div_2d(&e, 2, &e, NULL);
+ }
if (res == MP_OKAY)
res = mp_exptmod(n, &e, prime, ret);
@@ -14491,9 +14839,24 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
if (res == MP_OKAY && legendre == -1)
break;
+#if defined(WOLFSSL_CUSTOM_CURVES)
+ /* P224R1 succeeds with a value of 11. */
+ if (mp_cmp_d(Z, 22) == MP_EQ) {
+ /* This is to clamp the loop in case 'prime' is not really prime */
+ res = MP_VAL;
+ break;
+ }
+#endif
+
/* Z = Z + 1 */
if (res == MP_OKAY)
res = mp_add_d(Z, 1, Z);
+
+ if ((res == MP_OKAY) && (mp_cmp(Z,prime) == MP_EQ)) {
+ /* This is to clamp the loop in case 'prime' is not really prime */
+ res = MP_VAL;
+ break;
+ }
}
/* C = Z ^ Q mod prime */
@@ -14530,6 +14893,11 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
if (mp_cmp_d(t1, 1) == MP_EQ)
break;
res = mp_exptmod(t1, two, prime, t1);
+ if ((res == MP_OKAY) && (mp_cmp_d(M,i) == MP_EQ)) {
+ /* This is to clamp the loop in case 'prime' is not really prime */
+ res = MP_VAL;
+ break;
+ }
if (res == MP_OKAY)
i++;
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c b/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c
index ed2e2b8b..836243be 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c
@@ -1350,15 +1350,13 @@ static int eccsi_mulmod_base_add(EccsiKey* key, const mp_int* n,
{
int err = 0;
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
+#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
(ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
err = sp_ecc_mulmod_base_add_256(n, a, 1, res, map, key->heap);
}
else
#endif
-#endif
#ifndef WOLFSSL_SP_MATH
{
EccsiKeyParams* params = &key->params;
@@ -1377,7 +1375,12 @@ static int eccsi_mulmod_base_add(EccsiKey* key, const mp_int* n,
{
err = NOT_COMPILED_IN;
}
+ (void)key;
+ (void)n;
+ (void)a;
+ (void)res;
(void)mp;
+ (void)map;
#endif
return err;
@@ -1401,15 +1404,13 @@ static int eccsi_mulmod_point(EccsiKey* key, const mp_int* n, ecc_point* point,
{
int err;
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
+#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
(ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
err = sp_ecc_mulmod_256(n, point, res, map, key->heap);
}
else
#endif
-#endif
{
EccsiKeyParams* params = &key->params;
@@ -1437,8 +1438,7 @@ static int eccsi_mulmod_point(EccsiKey* key, const mp_int* n, ecc_point* point,
static int eccsi_mulmod_point_add(EccsiKey* key, const mp_int* n,
ecc_point* point, ecc_point* a, ecc_point* res, mp_digit mp, int map)
{
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
+#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
int err = NOT_COMPILED_IN;
if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
@@ -1449,7 +1449,6 @@ static int eccsi_mulmod_point_add(EccsiKey* key, const mp_int* n,
(void)mp;
return err;
-#endif
#else
int err;
EccsiKeyParams* params = &key->params;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c
index 3b9988bc..6dfb7a0f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c
@@ -182,11 +182,12 @@ static int ed25519_hash(ed25519_key* key, const byte* in, word32 inLen,
return ret;
}
+#ifdef HAVE_ED25519_MAKE_KEY
int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
word32 pubKeySz)
{
int ret = 0;
- byte az[ED25519_PRV_KEY_SIZE];
+ ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
#if !defined(FREESCALE_LTC_ECC)
ge_p3 A;
#endif
@@ -267,6 +268,7 @@ int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key)
return ret;
}
+#endif /* HAVE_ED25519_MAKE_KEY */
#ifdef HAVE_ED25519_SIGN
@@ -294,14 +296,14 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
ret = se050_ed25519_sign_msg(in, inLen, out, outLen, key);
#else
#ifdef FREESCALE_LTC_ECC
- byte tempBuf[ED25519_PRV_KEY_SIZE];
+ ALIGN16 byte tempBuf[ED25519_PRV_KEY_SIZE];
ltc_pkha_ecc_point_t ltcPoint = {0};
#else
ge_p3 R;
#endif
- byte nonce[WC_SHA512_DIGEST_SIZE];
- byte hram[WC_SHA512_DIGEST_SIZE];
- byte az[ED25519_PRV_KEY_SIZE];
+ ALIGN16 byte nonce[WC_SHA512_DIGEST_SIZE];
+ ALIGN16 byte hram[WC_SHA512_DIGEST_SIZE];
+ ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
/* sanity check on arguments */
if (in == NULL || out == NULL || outLen == NULL || key == NULL ||
@@ -615,8 +617,8 @@ static int ed25519_verify_msg_final_with_sha(const byte* sig, word32 sigLen,
int* res, ed25519_key* key,
wc_Sha512 *sha)
{
- byte rcheck[ED25519_KEY_SIZE];
- byte h[WC_SHA512_DIGEST_SIZE];
+ ALIGN16 byte rcheck[ED25519_KEY_SIZE];
+ ALIGN16 byte h[WC_SHA512_DIGEST_SIZE];
#ifndef FREESCALE_LTC_ECC
ge_p3 A;
ge_p2 R;
@@ -1236,7 +1238,8 @@ int wc_ed25519_export_key(ed25519_key* key,
int wc_ed25519_check_key(ed25519_key* key)
{
int ret = 0;
- unsigned char pubKey[ED25519_PUB_KEY_SIZE];
+#ifdef HAVE_ED25519_MAKE_KEY
+ ALIGN16 unsigned char pubKey[ED25519_PUB_KEY_SIZE];
if (!key->pubKeySet)
ret = PUBLIC_KEY_E;
@@ -1244,6 +1247,9 @@ int wc_ed25519_check_key(ed25519_key* key)
ret = wc_ed25519_make_public(key, pubKey, sizeof(pubKey));
if (ret == 0 && XMEMCMP(pubKey, key->p, ED25519_PUB_KEY_SIZE) != 0)
ret = PUBLIC_KEY_E;
+#else
+ (void)key;
+#endif /* HAVE_ED25519_MAKE_KEY */
return ret;
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c
index 3bd9972e..8eb83372 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c
@@ -168,7 +168,7 @@ static int ed448_hash(ed448_key* key, const byte* in, word32 inLen,
/* Derive the public key for the private key.
*
* key [in] Ed448 key object.
- * pubKey [in] Byte array to hold te public key.
+ * pubKey [in] Byte array to hold the public key.
* pubKeySz [in] Size of the array in bytes.
* returns BAD_FUNC_ARG when key is NULL or pubKeySz is not equal to
* ED448_PUB_KEY_SIZE,
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/error.c b/extra/wolfssl/wolfssl/wolfcrypt/src/error.c
index 27bf6538..929e0bfd 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/error.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/error.c
@@ -63,7 +63,7 @@ const char* wc_GetErrorString(int error)
case WC_PENDING_E:
return "wolfCrypt Operation Pending (would block / eagain) error";
- case WC_NOT_PENDING_E:
+ case WC_NO_PENDING_E:
return "wolfCrypt operation not pending error";
case MP_INIT_E :
@@ -589,6 +589,18 @@ const char* wc_GetErrorString(int error)
case ASN_LEN_E:
return "ASN.1 length invalid";
+ case SM4_GCM_AUTH_E:
+ return "SM4-GCM Authentication check fail";
+
+ case SM4_CCM_AUTH_E:
+ return "SM4-CCM Authentication check fail";
+
+ case FIPS_DEGRADED_E:
+ return "FIPS module in DEGRADED mode";
+
+ case AES_EAX_AUTH_E:
+ return "AES-EAX Authentication check fail";
+
default:
return "unknown error number";
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c b/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c
index 0316b34f..cdda3947 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c
@@ -47,7 +47,6 @@
#include <wolfssl/openssl/kdf.h>
#include <wolfssl/wolfcrypt/wolfmath.h>
-
static const struct s_ent {
const enum wc_HashType macType;
const int nid;
@@ -101,6 +100,9 @@ static const struct s_ent {
#ifndef WOLFSSL_NOSHA3_512
{WC_HASH_TYPE_SHA3_512, NID_sha3_512, "SHA3_512"},
#endif
+#ifdef WOLFSSL_SM3
+ {WC_HASH_TYPE_SM3, NID_sm3, "SM3"},
+#endif /* WOLFSSL_SHA512 */
#ifdef HAVE_BLAKE2
{WC_HASH_TYPE_BLAKE2B, NID_blake2b512, "BLAKE2B512"},
#endif
@@ -144,14 +146,16 @@ static const struct s_ent {
#endif
#endif /* WOLFSSL_AES_OFB */
- #ifdef WOLFSSL_AES_XTS
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
static const char EVP_AES_128_XTS[] = "AES-128-XTS";
#endif
#ifdef WOLFSSL_AES_256
static const char EVP_AES_256_XTS[] = "AES-256-XTS";
#endif
- #endif /* WOLFSSL_AES_XTS */
+ #endif /* WOLFSSL_AES_XTS &&
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
#ifdef WOLFSSL_AES_CFB
#ifdef WOLFSSL_AES_128
@@ -234,6 +238,13 @@ static const struct s_ent {
#endif
#endif
+#ifdef HAVE_ARIA
+ #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+ static const char EVP_ARIA_128_GCM[] = "ARIA-128-GCM";
+ static const char EVP_ARIA_192_GCM[] = "ARIA-192-GCM";
+ static const char EVP_ARIA_256_GCM[] = "ARIA-256-GCM";
+#endif
+
#ifndef NO_DES3
static const char EVP_DES_CBC[] = "DES-CBC";
static const char EVP_DES_ECB[] = "DES-ECB";
@@ -254,6 +265,22 @@ static const struct s_ent {
static const char EVP_CHACHA20[] = "CHACHA20";
#endif
+#ifdef WOLFSSL_SM4_ECB
+ static const char EVP_SM4_ECB[] = "SM4-ECB";
+#endif /* WOLFSSL_SM4_ECB */
+#ifdef WOLFSSL_SM4_CBC
+ static const char EVP_SM4_CBC[] = "SM4-CBC";
+#endif /* WOLFSSL_SM4_CBC */
+#ifdef WOLFSSL_SM4_CTR
+ static const char EVP_SM4_CTR[] = "SM4-CTR";
+#endif /* WOLFSSL_SM4_CTR */
+#ifdef WOLFSSL_SM4_GCM
+ static const char EVP_SM4_GCM[] = "SM4-GCM";
+#endif /* WOLFSSL_SM4_GCM */
+#ifdef WOLFSSL_SM4_CCM
+ static const char EVP_SM4_CCM[] = "SM4-CCM";
+#endif /* WOLFSSL_SM4_CCM */
+
static const char EVP_NULL[] = "NULL";
#define EVP_CIPHER_TYPE_MATCHES(x, y) (XSTRCMP(x,y) == 0)
@@ -305,7 +332,7 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
case AES_192_OFB_TYPE: return 24;
case AES_256_OFB_TYPE: return 32;
#endif
- #if defined(WOLFSSL_AES_XTS)
+ #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
/* Two keys for XTS. */
case AES_128_XTS_TYPE: return 16 * 2;
case AES_256_XTS_TYPE: return 32 * 2;
@@ -343,6 +370,21 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
#ifdef HAVE_CHACHA
case CHACHA20_TYPE: return CHACHA_MAX_KEY_SZ;
#endif
+ #ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE: return 16;
+ #endif
+ #ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE: return 16;
+ #endif
+ #ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE: return 16;
+ #endif
+ #ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE: return 16;
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE: return 16;
+ #endif
default:
return 0;
}
@@ -390,7 +432,7 @@ int wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void)
{
- WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof *ctx,
+ WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof(*ctx),
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (ctx) {
WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_new");
@@ -495,7 +537,7 @@ int wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
#define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \
printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}}
#else
-#define PRINT_BUF(b, sz)
+#define PRINT_BUF(b, sz) WC_DO_NOTHING
#endif
static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz)
@@ -508,7 +550,7 @@ static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz
} else {
fill = sz;
}
- XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill);
+ XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, (size_t)fill);
ctx->bufUsed += fill;
return fill;
} else return 0;
@@ -516,9 +558,10 @@ static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz
static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out,
- const unsigned char *in, int inl)
+ const unsigned char *in, int inLen)
{
int ret = 0;
+ word32 inl = (word32)inLen;
switch (ctx->cipherType) {
#if !defined(NO_AES)
@@ -591,15 +634,15 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
ret = wc_AesCfbDecrypt(&ctx->cipher.aes, out, in, inl);
break;
#endif
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case AES_128_XTS_TYPE:
case AES_256_XTS_TYPE:
if (ctx->enc)
ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl,
- ctx->iv, ctx->ivSz);
+ ctx->iv, (word32)ctx->ivSz);
else
ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl,
- ctx->iv, ctx->ivSz);
+ ctx->iv, (word32)ctx->ivSz);
break;
#endif
#endif /* !NO_AES */
@@ -628,8 +671,30 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
#ifndef NO_RC4
case ARC4_TYPE:
wc_Arc4Process(&ctx->cipher.arc4, out, in, inl);
- break;
+ break;
#endif
+#if defined(WOLFSSL_SM4_ECB)
+ case SM4_ECB_TYPE:
+ if (ctx->enc)
+ wc_Sm4EcbEncrypt(&ctx->cipher.sm4, out, in, inl);
+ else
+ wc_Sm4EcbDecrypt(&ctx->cipher.sm4, out, in, inl);
+ break;
+#endif
+#if defined(WOLFSSL_SM4_CBC)
+ case SM4_CBC_TYPE:
+ if (ctx->enc)
+ wc_Sm4CbcEncrypt(&ctx->cipher.sm4, out, in, inl);
+ else
+ wc_Sm4CbcDecrypt(&ctx->cipher.sm4, out, in, inl);
+ break;
+#endif
+#if defined(WOLFSSL_SM4_CTR)
+ case SM4_CTR_TYPE:
+ wc_Sm4CtrEncrypt(&ctx->cipher.sm4, out, in, inl);
+ break;
+#endif
+
default:
ret = WOLFSSL_FAILURE;
}
@@ -641,16 +706,16 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
}
-#if defined(HAVE_AESGCM)
-#ifndef WOLFSSL_AESGCM_STREAM
+#if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM)
+#if defined(WOLFSSL_SM4_GCM) || !defined(WOLFSSL_AESGCM_STREAM)
static int wolfSSL_EVP_CipherUpdate_GCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
const unsigned char *in, int inl) {
if (in && inl > 0) {
byte* tmp = (byte*)XREALLOC(ctx->authIn,
- ctx->authInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
+ (size_t)(ctx->authInSz + inl), NULL, DYNAMIC_TYPE_OPENSSL);
if (tmp) {
ctx->authIn = tmp;
- XMEMCPY(ctx->authIn + ctx->authInSz, in, inl);
+ XMEMCPY(ctx->authIn + ctx->authInSz, in, (size_t)inl);
ctx->authInSz += inl;
}
else {
@@ -664,9 +729,113 @@ static int wolfSSL_EVP_CipherUpdate_GCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl,
+ const unsigned char *in, int inLen)
+{
+ word32 inl = (word32)inLen;
+
+#if defined(WOLFSSL_SM4_GCM) || !defined(WOLFSSL_AESGCM_STREAM)
+#if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_AESGCM_STREAM)
+ if (ctx->cipherType == SM4_GCM_TYPE)
+#endif
+ {
+ int ret = 0;
+
+ *outl = inl;
+ if (out) {
+ /* Buffer input for one-shot API */
+ if (inl > 0) {
+ byte* tmp;
+ tmp = (byte*)XREALLOC(ctx->authBuffer,
+ (size_t)(ctx->authBufferLen + inl), NULL,
+ DYNAMIC_TYPE_OPENSSL);
+ if (tmp) {
+ XMEMCPY(tmp + ctx->authBufferLen, in, (size_t)inl);
+ ctx->authBufferLen += inl;
+ ctx->authBuffer = tmp;
+ *outl = 0;
+ }
+ else {
+ ret = MEMORY_E;
+ }
+ }
+ }
+ else {
+ ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, in, inl);
+ }
+
+ if (ret != 0) {
+ *outl = 0;
+ return WOLFSSL_FAILURE;
+ }
+
+ return WOLFSSL_SUCCESS;
+ }
+#endif
+#if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_AESGCM_STREAM)
+ else
+#endif
+#if defined(WOLFSSL_AESGCM_STREAM)
+ {
+ int ret;
+
+ /* When out is NULL then this is AAD. */
+ if (out == NULL) {
+ if (ctx->enc) {
+ ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, NULL, NULL, 0,
+ in, inl);
+ }
+ else {
+ ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, NULL, NULL, 0,
+ in, inl);
+ }
+ }
+ /* When out is not NULL then this is plaintext/cipher text. */
+ else {
+ if (ctx->enc) {
+ ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, out, in, inl,
+ NULL, 0);
+ }
+ else {
+ ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, out, in, inl,
+ NULL, 0);
+ }
+ }
+ *outl = (int)inl;
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ }
+ return ret;
+ }
+#endif /* WOLFSSL_AESGCM_STREAM */
+}
+#endif /* HAVE_AESGCM || WOLFSSL_SM4_GCM */
+
+#if defined(HAVE_AESCCM) || defined(WOLFSSL_SM4_CCM)
+static int wolfSSL_EVP_CipherUpdate_CCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
+ const unsigned char *in, int inl) {
+ if (in && inl > 0) {
+ byte* tmp = (byte*)XREALLOC(ctx->authIn,
+ (size_t)(ctx->authInSz + inl), NULL, DYNAMIC_TYPE_OPENSSL);
+ if (tmp) {
+ ctx->authIn = tmp;
+ XMEMCPY(ctx->authIn + ctx->authInSz, in, (size_t)inl);
+ ctx->authInSz += inl;
+ }
+ else {
+ WOLFSSL_MSG("realloc error");
+ return MEMORY_E;
+ }
+ }
+ return 0;
+}
+
+static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
+ unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
-#ifndef WOLFSSL_AESGCM_STREAM
int ret = 0;
*outl = inl;
@@ -675,10 +844,10 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
if (inl > 0) {
byte* tmp;
tmp = (byte*)XREALLOC(ctx->authBuffer,
- ctx->authBufferLen + inl, NULL,
+ (size_t)(ctx->authBufferLen + inl), NULL,
DYNAMIC_TYPE_OPENSSL);
if (tmp) {
- XMEMCPY(tmp + ctx->authBufferLen, in, inl);
+ XMEMCPY(tmp + ctx->authBufferLen, in, (size_t)inl);
ctx->authBufferLen += inl;
ctx->authBuffer = tmp;
*outl = 0;
@@ -689,7 +858,7 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
}
}
else {
- ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, in, inl);
+ ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, in, inl);
}
if (ret != 0) {
@@ -698,52 +867,19 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
}
return WOLFSSL_SUCCESS;
-#else
- int ret;
-
- /* When out is NULL then this is AAD. */
- if (out == NULL) {
- if (ctx->enc) {
- ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, NULL, NULL, 0, in,
- inl);
- }
- else {
- ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, NULL, NULL, 0, in,
- inl);
- }
- }
- /* When out is not NULL then this is plaintext/cipher text. */
- else {
- if (ctx->enc) {
- ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, out, in, inl, NULL,
- 0);
- }
- else {
- ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, out, in, inl, NULL,
- 0);
- }
- }
- *outl = inl;
- if (ret == 0) {
- ret = WOLFSSL_SUCCESS;
- }
- else {
- ret = WOLFSSL_FAILURE;
- }
- return ret;
-#endif /* WOLFSSL_AESGCM_STREAM */
}
-#endif /* HAVE_AESGCM */
+#endif /* HAVE_AESCCM || WOLFSSL_SM4_CCM */
-#if defined(HAVE_AESCCM)
-static int wolfSSL_EVP_CipherUpdate_CCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
- const unsigned char *in, int inl) {
+#if defined(HAVE_ARIA)
+static int wolfSSL_EVP_CipherUpdate_AriaGCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
+ const unsigned char *in, int inl)
+{
if (in && inl > 0) {
byte* tmp = (byte*)XREALLOC(ctx->authIn,
- ctx->authInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
+ (size_t)ctx->authInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
if (tmp) {
ctx->authIn = tmp;
- XMEMCPY(ctx->authIn + ctx->authInSz, in, inl);
+ XMEMCPY(ctx->authIn + ctx->authInSz, in, (size_t)inl);
ctx->authInSz += inl;
}
else {
@@ -754,7 +890,7 @@ static int wolfSSL_EVP_CipherUpdate_CCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
return 0;
}
-static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
+static int wolfSSL_EVP_CipherUpdate_AriaGCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
@@ -765,11 +901,15 @@ static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
/* Buffer input for one-shot API */
if (inl > 0) {
byte* tmp;
+ int size = ctx->authBufferLen + inl;
+ if (ctx->enc == 0) { /* Append extra space for the tag */
+ size = WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(size);
+ }
tmp = (byte*)XREALLOC(ctx->authBuffer,
- ctx->authBufferLen + inl, NULL,
+ (size_t)size, NULL,
DYNAMIC_TYPE_OPENSSL);
if (tmp) {
- XMEMCPY(tmp + ctx->authBufferLen, in, inl);
+ XMEMCPY(tmp + ctx->authBufferLen, in, (size_t)inl);
ctx->authBufferLen += inl;
ctx->authBuffer = tmp;
*outl = 0;
@@ -780,7 +920,7 @@ static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
}
}
else {
- ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, in, inl);
+ ret = wolfSSL_EVP_CipherUpdate_AriaGCM_AAD(ctx, in, inl);
}
if (ret != 0) {
@@ -790,7 +930,8 @@ static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
return WOLFSSL_SUCCESS;
}
-#endif /* HAVE_AESCCM */
+#endif /* HAVE_ARIA */
+
/* returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */
int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
@@ -833,11 +974,18 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
* additional auth data */
return wolfSSL_EVP_CipherUpdate_CCM(ctx, out, outl, in, inl);
#endif /* !defined(NO_AES) && defined(HAVE_AESCCM) */
+#if defined(HAVE_ARIA)
+ case ARIA_128_GCM_TYPE:
+ case ARIA_192_GCM_TYPE:
+ case ARIA_256_GCM_TYPE:
+ /* if out == NULL, in/inl contains the additional auth data */
+ return wolfSSL_EVP_CipherUpdate_AriaGCM(ctx, out, outl, in, inl);
+#endif /* defined(HAVE_ARIA) */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
case CHACHA20_POLY1305_TYPE:
if (out == NULL) {
if (wc_ChaCha20Poly1305_UpdateAad(&ctx->cipher.chachaPoly, in,
- inl) != 0) {
+ (word32)inl) != 0) {
WOLFSSL_MSG("wc_ChaCha20Poly1305_UpdateAad failed");
return WOLFSSL_FAILURE;
}
@@ -848,7 +996,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
}
else {
if (wc_ChaCha20Poly1305_UpdateData(&ctx->cipher.chachaPoly, in,
- out, inl) != 0) {
+ out, (word32)inl) != 0) {
WOLFSSL_MSG("wc_ChaCha20Poly1305_UpdateData failed");
return WOLFSSL_FAILURE;
}
@@ -860,13 +1008,25 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
#endif
#ifdef HAVE_CHACHA
case CHACHA20_TYPE:
- if (wc_Chacha_Process(&ctx->cipher.chacha, out, in, inl) != 0) {
+ if (wc_Chacha_Process(&ctx->cipher.chacha, out, in, (word32)inl) !=
+ 0) {
WOLFSSL_MSG("wc_ChaCha_Process failed");
return WOLFSSL_FAILURE;
}
*outl = inl;
return WOLFSSL_SUCCESS;
#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ /* if out == NULL, in/inl contains the additional auth data */
+ return wolfSSL_EVP_CipherUpdate_GCM(ctx, out, outl, in, inl);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ /* if out == NULL, in/inl contains the
+ * additional auth data */
+ return wolfSSL_EVP_CipherUpdate_CCM(ctx, out, outl, in, inl);
+#endif
default:
/* fall-through */
break;
@@ -894,7 +1054,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
* Update the last block stored if one has already been stored */
if (ctx->enc == 0) {
if (ctx->lastUsed == 1) {
- XMEMCPY(out, ctx->lastBlock, ctx->block_size);
+ XMEMCPY(out, ctx->lastBlock, (size_t)ctx->block_size);
*outl+= ctx->block_size;
out += ctx->block_size;
}
@@ -923,7 +1083,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
* Update the last block stored if one has already been stored */
if ((ctx->enc == 0) && (ctx->lastUsed == 1)) {
PRINT_BUF(ctx->lastBlock, ctx->block_size);
- XMEMCPY(out, ctx->lastBlock, ctx->block_size);
+ XMEMCPY(out, ctx->lastBlock, (size_t)ctx->block_size);
*outl += ctx->block_size;
out += ctx->block_size;
ctx->lastUsed = 0;
@@ -950,7 +1110,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
blocks = blocks - 1; /* save last block to check padding in
* EVP_CipherFinal call */
XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks],
- ctx->block_size);
+ (size_t)ctx->block_size);
}
*outl += ctx->block_size * blocks;
}
@@ -990,19 +1150,18 @@ static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *buff)
return ctx->block_size - n;
}
-#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM)) && \
- ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
- || FIPS_VERSION_GE(2,0))
+#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+ ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || FIPS_VERSION_GE(2,0))
static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
{
int i;
- for (i = ctrSz-1; i >= 0; i--) {
+ for (i = (int)ctrSz-1; i >= 0; i--) {
if (++ctr[i])
break;
}
}
-#endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
- * HAVE_FIPS_VERSION >= 2 */
+#endif
int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl)
@@ -1047,8 +1206,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
ctx->authBufferLen = 0;
if (ctx->authIncIv) {
- IncCtr((byte*)ctx->cipher.aes.reg,
- ctx->cipher.aes.nonceSz);
+ IncCtr((byte*)ctx->cipher.aes.reg, ctx->cipher.aes.nonceSz);
ctx->authIncIv = 0;
}
}
@@ -1060,28 +1218,27 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
*outl = 0;
if (ctx->enc) {
ret = wc_AesGcmEncryptFinal(&ctx->cipher.aes, ctx->authTag,
- ctx->authTagSz);
+ (word32)ctx->authTagSz);
}
else {
ret = wc_AesGcmDecryptFinal(&ctx->cipher.aes, ctx->authTag,
- ctx->authTagSz);
+ (word32)ctx->authTagSz);
if (ctx->authIncIv) {
IncCtr((byte*)ctx->cipher.aes.reg, ctx->cipher.aes.nonceSz);
}
}
- if (ret == 0) {
- /* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
- if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
- (byte*)ctx->cipher.aes.reg,
- ctx->ivSz) != 0) {
- WOLFSSL_MSG("wc_AesGcmInit failed");
- ret = WOLFSSL_FAILURE;
- }
- else {
- ret = WOLFSSL_SUCCESS;
- }
- }
- else {
+
+ if (ret == 0)
+ ret = WOLFSSL_SUCCESS;
+ else
+ ret = WOLFSSL_FAILURE;
+
+ /* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
+ if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
+ (byte*)ctx->cipher.aes.reg,
+ (word32)ctx->ivSz) != 0)
+ {
+ WOLFSSL_MSG("wc_AesGcmInit failed");
ret = WOLFSSL_FAILURE;
}
#endif /* WOLFSSL_AESGCM_STREAM */
@@ -1107,16 +1264,20 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
case AES_256_CCM_TYPE:
if ((ctx->authBuffer && ctx->authBufferLen > 0)
|| (ctx->authBufferLen == 0)) {
- if (ctx->enc)
+ if (ctx->enc) {
ret = wc_AesCcmEncrypt(&ctx->cipher.aes, out,
- ctx->authBuffer, ctx->authBufferLen,
- ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
- ctx->authIn, ctx->authInSz);
- else
+ ctx->authBuffer, (word32)ctx->authBufferLen,
+ ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+ (word32)ctx->authTagSz, ctx->authIn,
+ (word32)ctx->authInSz);
+ }
+ else {
ret = wc_AesCcmDecrypt(&ctx->cipher.aes, out,
- ctx->authBuffer, ctx->authBufferLen,
- ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
- ctx->authIn, ctx->authInSz);
+ ctx->authBuffer, (word32)ctx->authBufferLen,
+ ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+ (word32)ctx->authTagSz, ctx->authIn,
+ (word32)ctx->authInSz);
+ }
if (ret == 0) {
ret = WOLFSSL_SUCCESS;
@@ -1132,8 +1293,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
ctx->authBufferLen = 0;
if (ctx->authIncIv) {
- IncCtr((byte*)ctx->cipher.aes.reg,
- ctx->cipher.aes.nonceSz);
+ IncCtr((byte*)ctx->cipher.aes.reg, ctx->cipher.aes.nonceSz);
ctx->authIncIv = 0;
}
}
@@ -1156,6 +1316,61 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
break;
#endif /* HAVE_AESCCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
* HAVE_FIPS_VERSION >= 2 */
+#if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
+ || FIPS_VERSION_GE(2,0))
+ case ARIA_128_GCM_TYPE:
+ case ARIA_192_GCM_TYPE:
+ case ARIA_256_GCM_TYPE:
+ if ((ctx->authBuffer && ctx->authBufferLen > 0)
+ || (ctx->authBufferLen == 0)) {
+ if (ctx->enc)
+ ret = wc_AriaEncrypt(&ctx->cipher.aria, out,
+ ctx->authBuffer, ctx->authBufferLen,
+ ctx->iv, ctx->ivSz, ctx->authIn, ctx->authInSz,
+ ctx->authTag, ctx->authTagSz);
+ else
+ ret = wc_AriaDecrypt(&ctx->cipher.aria, out,
+ ctx->authBuffer, ctx->authBufferLen,
+ ctx->iv, ctx->ivSz, ctx->authIn, ctx->authInSz,
+ ctx->authTag, ctx->authTagSz);
+
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ *outl = ctx->authBufferLen;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ *outl = 0;
+ }
+
+ XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx->authBuffer = NULL;
+ ctx->authBufferLen = 0;
+
+ if (ctx->authIncIv) {
+ IncCtr((byte*)ctx->cipher.aria.nonce,
+ ctx->cipher.aria.nonceSz);
+ ctx->authIncIv = 0;
+ }
+ }
+ else {
+ *outl = 0;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ if (ctx->authIncIv) {
+ ctx->authIncIv = 0;
+ }
+ else {
+ /* Clear IV, since IV reuse is not recommended for AES GCM. */
+ XMEMSET(ctx->iv, 0, ARIA_BLOCK_SIZE);
+ }
+ if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
+ ret = WOLFSSL_FAILURE;
+ }
+ }
+ break;
+#endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+ * HAVE_FIPS_VERSION >= 2 */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
case CHACHA20_POLY1305_TYPE:
if (wc_ChaCha20Poly1305_Final(&ctx->cipher.chachaPoly,
@@ -1167,6 +1382,109 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
*outl = 0;
return WOLFSSL_SUCCESS;
}
+ break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ if ((ctx->authBuffer && ctx->authBufferLen > 0) ||
+ (ctx->authBufferLen == 0)) {
+ if (ctx->enc)
+ ret = wc_Sm4GcmEncrypt(&ctx->cipher.sm4, out,
+ ctx->authBuffer, ctx->authBufferLen,
+ ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+ ctx->authIn, ctx->authInSz);
+ else
+ ret = wc_Sm4GcmDecrypt(&ctx->cipher.sm4, out,
+ ctx->authBuffer, ctx->authBufferLen,
+ ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+ ctx->authIn, ctx->authInSz);
+
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ *outl = ctx->authBufferLen;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ *outl = 0;
+ }
+
+ XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx->authBuffer = NULL;
+ ctx->authBufferLen = 0;
+
+ if (ctx->authIncIv) {
+ IncCtr((byte*)ctx->cipher.sm4.iv, ctx->cipher.sm4.nonceSz);
+ ctx->authIncIv = 0;
+ }
+ }
+ else {
+ *outl = 0;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ if (ctx->authIncIv) {
+ ctx->authIncIv = 0;
+ }
+ else {
+ /* Clear IV, since IV reuse is not recommended for SM4 GCM.
+ */
+ XMEMSET(ctx->iv, 0, SM4_BLOCK_SIZE);
+ }
+ if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
+ ret = WOLFSSL_FAILURE;
+ }
+ }
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ if ((ctx->authBuffer && ctx->authBufferLen > 0) ||
+ (ctx->authBufferLen == 0)) {
+ if (ctx->enc)
+ ret = wc_Sm4CcmEncrypt(&ctx->cipher.sm4, out,
+ ctx->authBuffer, ctx->authBufferLen,
+ ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+ ctx->authIn, ctx->authInSz);
+ else
+ ret = wc_Sm4CcmDecrypt(&ctx->cipher.sm4, out,
+ ctx->authBuffer, ctx->authBufferLen,
+ ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+ ctx->authIn, ctx->authInSz);
+
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ *outl = ctx->authBufferLen;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ *outl = 0;
+ }
+
+ XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx->authBuffer = NULL;
+ ctx->authBufferLen = 0;
+
+ if (ctx->authIncIv) {
+ IncCtr((byte*)ctx->cipher.sm4.iv, ctx->cipher.sm4.nonceSz);
+ ctx->authIncIv = 0;
+ }
+ }
+ else {
+ *outl = 0;
+ }
+ if (ret == WOLFSSL_SUCCESS) {
+ if (ctx->authIncIv) {
+ ctx->authIncIv = 0;
+ }
+ else {
+ /* Clear IV, since IV reuse is not recommended
+ * for SM4 CCM. */
+ XMEMSET(ctx->iv, 0, SM4_BLOCK_SIZE);
+ }
+ if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
+ ret = WOLFSSL_FAILURE;
+ }
+ }
+ break;
#endif
default:
if (!out)
@@ -1207,7 +1525,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
int fl;
PRINT_BUF(ctx->lastBlock, ctx->block_size);
if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
- XMEMCPY(out, ctx->lastBlock, fl);
+ XMEMCPY(out, ctx->lastBlock, (size_t)fl);
*outl = fl;
if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
/* return error in cases where the block length is
@@ -1230,7 +1548,8 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
}
if (ret == WOLFSSL_SUCCESS) {
-#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM)) && \
+#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
|| FIPS_VERSION_GE(2,0))
byte tmp = 0;
@@ -1251,6 +1570,12 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
ctx->cipherType == AES_192_CCM_TYPE ||
ctx->cipherType == AES_256_CCM_TYPE
#endif
+ #ifdef WOLFSSL_SM4_GCM
+ || ctx->cipherType == SM4_GCM_TYPE
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ || ctx->cipherType == SM4_CCM_TYPE
+ #endif
) {
tmp = ctx->authIvGenEnable;
}
@@ -1259,9 +1584,9 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
/* reset cipher state after final */
ret = wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
-#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM)) && \
- ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
- || FIPS_VERSION_GE(2,0))
+#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+ ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || FIPS_VERSION_GE(2,0))
if (FALSE
#ifdef HAVE_AESGCM
|| ctx->cipherType == AES_128_GCM_TYPE ||
@@ -1273,8 +1598,14 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
ctx->cipherType == AES_192_CCM_TYPE ||
ctx->cipherType == AES_256_CCM_TYPE
#endif
+ #ifdef WOLFSSL_SM4_GCM
+ || ctx->cipherType == SM4_GCM_TYPE
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ || ctx->cipherType == SM4_CCM_TYPE
+ #endif
) {
- ctx->authIvGenEnable = tmp;
+ ctx->authIvGenEnable = (tmp == 1);
}
#endif
}
@@ -1319,7 +1650,7 @@ int wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
fl = ctx->block_size;
}
else {
- XMEMCPY(out, ctx->lastBlock, fl);
+ XMEMCPY(out, ctx->lastBlock, (size_t)fl);
}
*outl = fl;
}
@@ -1336,7 +1667,7 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
{
if (ctx == NULL) return BAD_FUNC_ARG;
switch (ctx->cipherType) {
-#if !defined(NO_AES) || !defined(NO_DES3)
+#if !defined(NO_AES) || !defined(NO_DES3) || defined(WOLFSSL_SM4)
#if !defined(NO_AES)
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
case AES_128_CBC_TYPE:
@@ -1374,10 +1705,15 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
case AES_192_OFB_TYPE:
case AES_256_OFB_TYPE:
#endif
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case AES_128_XTS_TYPE:
case AES_256_XTS_TYPE:
#endif
+#if defined(HAVE_ARIA)
+ case ARIA_128_GCM_TYPE:
+ case ARIA_192_GCM_TYPE:
+ case ARIA_256_GCM_TYPE:
+#endif
case AES_128_ECB_TYPE:
case AES_192_ECB_TYPE:
@@ -1389,8 +1725,23 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
case DES_EDE3_CBC_TYPE:
case DES_EDE3_ECB_TYPE:
#endif
+#ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+#endif
return ctx->block_size;
-#endif /* !NO_AES || !NO_DES3 */
+#endif /* !NO_AES || !NO_DES3 || WOLFSSL_SM4 */
default:
return 0;
}
@@ -1482,7 +1833,7 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
return AES_256_ECB_TYPE;
#endif
#endif /*HAVE_AES_CBC */
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_XTS))
return AES_128_XTS_TYPE;
@@ -1545,6 +1896,14 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
#endif
#endif
#endif /* !NO_AES */
+#if defined(HAVE_ARIA)
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_128_GCM))
+ return ARIA_128_GCM_TYPE;
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_192_GCM))
+ return ARIA_192_GCM_TYPE;
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_256_GCM))
+ return ARIA_256_GCM_TYPE;
+#endif /* HAVE_ARIA */
#ifndef NO_RC4
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4))
@@ -1561,94 +1920,145 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
return CHACHA20_TYPE;
#endif
+#ifdef WOLFSSL_SM4_ECB
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_ECB))
+ return SM4_ECB_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CBC))
+ return SM4_CBC_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CTR))
+ return SM4_CTR_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_GCM))
+ return SM4_GCM_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CCM))
+ return SM4_CCM_TYPE;
+#endif
+
else return 0;
}
int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
{
- if (cipher == NULL) return BAD_FUNC_ARG;
- switch (cipherType(cipher)) {
+ if (cipher == NULL)
+ return BAD_FUNC_ARG;
+
+ switch (cipherType(cipher)) {
#if !defined(NO_AES)
- #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
- case AES_128_CBC_TYPE:
- case AES_192_CBC_TYPE:
- case AES_256_CBC_TYPE:
- return AES_BLOCK_SIZE;
- #endif
- #if defined(HAVE_AESGCM)
- case AES_128_GCM_TYPE:
- case AES_192_GCM_TYPE:
- case AES_256_GCM_TYPE:
- return 1;
- #endif
- #if defined(HAVE_AESCCM)
- case AES_128_CCM_TYPE:
- case AES_192_CCM_TYPE:
- case AES_256_CCM_TYPE:
- return 1;
- #endif
- #if defined(WOLFSSL_AES_COUNTER)
- case AES_128_CTR_TYPE:
- case AES_192_CTR_TYPE:
- case AES_256_CTR_TYPE:
- return 1;
- #endif
- #if defined(HAVE_AES_ECB)
- case AES_128_ECB_TYPE:
- case AES_192_ECB_TYPE:
- case AES_256_ECB_TYPE:
- return AES_BLOCK_SIZE;
- #endif
- #if defined(WOLFSSL_AES_CFB)
- case AES_128_CFB1_TYPE:
- case AES_192_CFB1_TYPE:
- case AES_256_CFB1_TYPE:
- case AES_128_CFB8_TYPE:
- case AES_192_CFB8_TYPE:
- case AES_256_CFB8_TYPE:
- case AES_128_CFB128_TYPE:
- case AES_192_CFB128_TYPE:
- case AES_256_CFB128_TYPE:
- return 1;
- #endif
- #if defined(WOLFSSL_AES_OFB)
- case AES_128_OFB_TYPE:
- case AES_192_OFB_TYPE:
- case AES_256_OFB_TYPE:
- return 1;
- #endif
- #if defined(WOLFSSL_AES_XTS)
- case AES_128_XTS_TYPE:
- case AES_256_XTS_TYPE:
- return 1;
- #endif
-#endif /* NO_AES */
+ #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
+ case AES_128_CBC_TYPE:
+ case AES_192_CBC_TYPE:
+ case AES_256_CBC_TYPE:
+ return AES_BLOCK_SIZE;
+ #endif
+ #if defined(HAVE_AESGCM)
+ case AES_128_GCM_TYPE:
+ case AES_192_GCM_TYPE:
+ case AES_256_GCM_TYPE:
+ return 1;
+ #endif
+ #if defined(HAVE_AESCCM)
+ case AES_128_CCM_TYPE:
+ case AES_192_CCM_TYPE:
+ case AES_256_CCM_TYPE:
+ return 1;
+ #endif
+ #if defined(WOLFSSL_AES_COUNTER)
+ case AES_128_CTR_TYPE:
+ case AES_192_CTR_TYPE:
+ case AES_256_CTR_TYPE:
+ return 1;
+ #endif
+ #if defined(HAVE_AES_ECB)
+ case AES_128_ECB_TYPE:
+ case AES_192_ECB_TYPE:
+ case AES_256_ECB_TYPE:
+ return AES_BLOCK_SIZE;
+ #endif
+ #if defined(WOLFSSL_AES_CFB)
+ case AES_128_CFB1_TYPE:
+ case AES_192_CFB1_TYPE:
+ case AES_256_CFB1_TYPE:
+ case AES_128_CFB8_TYPE:
+ case AES_192_CFB8_TYPE:
+ case AES_256_CFB8_TYPE:
+ case AES_128_CFB128_TYPE:
+ case AES_192_CFB128_TYPE:
+ case AES_256_CFB128_TYPE:
+ return 1;
+ #endif
+ #if defined(WOLFSSL_AES_OFB)
+ case AES_128_OFB_TYPE:
+ case AES_192_OFB_TYPE:
+ case AES_256_OFB_TYPE:
+ return 1;
+ #endif
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
+ case AES_128_XTS_TYPE:
+ case AES_256_XTS_TYPE:
+ return 1;
+ #endif
+ #endif /* NO_AES */
-#ifndef NO_RC4
- case ARC4_TYPE:
- return 1;
+ #ifndef NO_RC4
+ case ARC4_TYPE:
+ return 1;
+ #endif
+#if defined(HAVE_ARIA)
+ case ARIA_128_GCM_TYPE:
+ case ARIA_192_GCM_TYPE:
+ case ARIA_256_GCM_TYPE:
+ return 1;
#endif
#ifndef NO_DES3
- case DES_CBC_TYPE: return 8;
- case DES_EDE3_CBC_TYPE: return 8;
- case DES_ECB_TYPE: return 8;
- case DES_EDE3_ECB_TYPE: return 8;
+ case DES_CBC_TYPE: return 8;
+ case DES_EDE3_CBC_TYPE: return 8;
+ case DES_ECB_TYPE: return 8;
+ case DES_EDE3_ECB_TYPE: return 8;
#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
- case CHACHA20_POLY1305_TYPE:
- return 1;
+ case CHACHA20_POLY1305_TYPE:
+ return 1;
#endif
#ifdef HAVE_CHACHA
- case CHACHA20_TYPE:
- return 1;
+ case CHACHA20_TYPE:
+ return 1;
#endif
- default:
- return 0;
- }
+#ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+ return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+ return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+ return 1;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ return 1;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ return 1;
+#endif
+
+ default:
+ return 0;
+ }
}
unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
@@ -1699,7 +2109,8 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
case AES_256_OFB_TYPE:
return WOLFSSL_EVP_CIPH_OFB_MODE;
#endif
- #if defined(WOLFSSL_AES_XTS)
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case AES_128_XTS_TYPE:
case AES_256_XTS_TYPE:
return WOLFSSL_EVP_CIPH_XTS_MODE;
@@ -1709,6 +2120,13 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
case AES_256_ECB_TYPE:
return WOLFSSL_EVP_CIPH_ECB_MODE;
#endif /* !NO_AES */
+ #if defined(HAVE_ARIA)
+ case ARIA_128_GCM_TYPE:
+ case ARIA_192_GCM_TYPE:
+ case ARIA_256_GCM_TYPE:
+ return WOLFSSL_EVP_CIPH_GCM_MODE |
+ WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+ #endif
#ifndef NO_DES3
case DES_CBC_TYPE:
case DES_EDE3_CBC_TYPE:
@@ -1730,47 +2148,73 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
case CHACHA20_TYPE:
return WOLFSSL_EVP_CIPH_STREAM_CIPHER;
#endif
+ #ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+ return WOLFSSL_EVP_CIPH_ECB_MODE;
+ #endif
+ #ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+ return WOLFSSL_EVP_CIPH_CBC_MODE;
+ #endif
+ #ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+ return WOLFSSL_EVP_CIPH_CTR_MODE;
+ #endif
+ #ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ return WOLFSSL_EVP_CIPH_GCM_MODE |
+ WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ return WOLFSSL_EVP_CIPH_CCM_MODE |
+ WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+ #endif
default:
return 0;
- }
+ }
}
unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
{
- if (cipher == NULL) return 0;
- return WOLFSSL_CIPHER_mode(cipher) & WOLFSSL_EVP_CIPH_MODE;
+ if (cipher == NULL)
+ return 0;
+ return WOLFSSL_CIPHER_mode(cipher) & WOLFSSL_EVP_CIPH_MODE;
}
void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
{
if (ctx != NULL) {
- ctx->flags |= flags;
+ ctx->flags |= (unsigned long)flags;
}
}
void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
{
if (ctx != NULL) {
- ctx->flags &= ~flags;
+ ctx->flags &= (unsigned long)~flags;
}
}
unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
{
- if (cipher == NULL) return 0;
- return WOLFSSL_CIPHER_mode(cipher);
+ if (cipher == NULL)
+ return 0;
+ return WOLFSSL_CIPHER_mode(cipher);
}
-int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
+int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx,
+ int padding)
{
- if (ctx == NULL) return BAD_FUNC_ARG;
- if (padding) {
- ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
- }
- else {
- ctx->flags |= WOLFSSL_EVP_CIPH_NO_PADDING;
- }
- return 1;
+ if (ctx == NULL)
+ return BAD_FUNC_ARG;
+ if (padding) {
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_NO_PADDING;
+ }
+ else {
+ ctx->flags |= WOLFSSL_EVP_CIPH_NO_PADDING;
+ }
+ return 1;
}
int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest)
@@ -1793,9 +2237,9 @@ int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx)
{
if (ctx == NULL)
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
- return;
+ return;
#else
- return 0;
+ return 0;
#endif
WOLFSSL_ENTER("wolfSSL_EVP_PKEY_CTX_free");
if (ctx->pkey != NULL)
@@ -2108,7 +2552,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_
return WOLFSSL_FAILURE;
}
/* Length of extract only is always the length of the hash. */
- *keylen = hkdfHashSz;
+ *keylen = (size_t)hkdfHashSz;
}
}
else if (ctx->pkey->hkdfMode == EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) {
@@ -2176,14 +2620,15 @@ int wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(WOLFSSL_EVP_PKEY_CTX* ctx,
if (ctx->pkey->hkdfSalt != NULL) {
XFREE(ctx->pkey->hkdfSalt, NULL, DYNAMIC_TYPE_SALT);
}
- ctx->pkey->hkdfSalt = (byte*)XMALLOC(saltSz, NULL, DYNAMIC_TYPE_SALT);
+ ctx->pkey->hkdfSalt = (byte*)XMALLOC((size_t)saltSz, NULL,
+ DYNAMIC_TYPE_SALT);
if (ctx->pkey->hkdfSalt == NULL) {
WOLFSSL_MSG("Failed to allocate HKDF salt buffer.");
ret = WOLFSSL_FAILURE;
}
else {
- XMEMCPY(ctx->pkey->hkdfSalt, salt, saltSz);
- ctx->pkey->hkdfSaltSz = saltSz;
+ XMEMCPY(ctx->pkey->hkdfSalt, salt, (size_t)saltSz);
+ ctx->pkey->hkdfSaltSz = (word32)saltSz;
}
}
@@ -2212,14 +2657,15 @@ int wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(WOLFSSL_EVP_PKEY_CTX* ctx,
if (ctx->pkey->hkdfKey != NULL) {
XFREE(ctx->pkey->hkdfKey, NULL, DYNAMIC_TYPE_KEY);
}
- ctx->pkey->hkdfKey = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_KEY);
+ ctx->pkey->hkdfKey = (byte*)XMALLOC((size_t)keySz, NULL,
+ DYNAMIC_TYPE_KEY);
if (ctx->pkey->hkdfKey == NULL) {
WOLFSSL_MSG("Failed to allocate HKDF key buffer.");
ret = WOLFSSL_FAILURE;
}
else {
- XMEMCPY(ctx->pkey->hkdfKey, key, keySz);
- ctx->pkey->hkdfKeySz = keySz;
+ XMEMCPY(ctx->pkey->hkdfKey, key, (size_t)keySz);
+ ctx->pkey->hkdfKeySz = (word32)keySz;
}
}
@@ -2245,17 +2691,20 @@ int wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(WOLFSSL_EVP_PKEY_CTX* ctx,
}
if (ret == WOLFSSL_SUCCESS && info != NULL && infoSz > 0) {
+ unsigned char* p;
/* If there's already info in the buffer, append. */
- ctx->pkey->hkdfInfo = (byte*)XREALLOC(ctx->pkey->hkdfInfo,
- ctx->pkey->hkdfInfoSz + infoSz, NULL, DYNAMIC_TYPE_INFO);
- if (ctx->pkey->hkdfInfo == NULL) {
+ p = (byte*)XREALLOC(ctx->pkey->hkdfInfo,
+ (size_t)(ctx->pkey->hkdfInfoSz + (word32)infoSz), NULL,
+ DYNAMIC_TYPE_INFO);
+ if (p == NULL) {
WOLFSSL_MSG("Failed to reallocate larger HKDF info buffer.");
ret = WOLFSSL_FAILURE;
}
else {
+ ctx->pkey->hkdfInfo = p;
XMEMCPY(ctx->pkey->hkdfInfo + ctx->pkey->hkdfInfoSz, info,
- infoSz);
- ctx->pkey->hkdfInfoSz += infoSz;
+ (size_t)infoSz);
+ ctx->pkey->hkdfInfoSz += (word32)infoSz;
}
}
@@ -2342,7 +2791,7 @@ int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
return WOLFSSL_FAILURE;
}
- *outLen = len;
+ *outLen = (size_t)len;
return WOLFSSL_SUCCESS;
}
@@ -2350,7 +2799,7 @@ int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
ctx->pkey->rsa, ctx->padding);
if (len < 0) break;
else {
- *outLen = len;
+ *outLen = (size_t)len;
return WOLFSSL_SUCCESS;
}
#endif /* NO_RSA */
@@ -2445,7 +2894,7 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
return WOLFSSL_FAILURE;
}
- *outLen = len;
+ *outLen = (size_t)len;
return WOLFSSL_SUCCESS;
}
@@ -2454,7 +2903,7 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
if (len < 0)
break;
else {
- *outLen = len;
+ *outLen = (size_t)len;
return WOLFSSL_SUCCESS;
}
#endif /* NO_RSA */
@@ -2593,7 +3042,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
return WOLFSSL_FAILURE;
bytes *= 2;
if (!sig) {
- *siglen = bytes;
+ *siglen = (size_t)bytes;
return WOLFSSL_SUCCESS;
}
if ((int)*siglen < bytes)
@@ -2604,7 +3053,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
return ret;
if (bytes == WOLFSSL_FAILURE)
return WOLFSSL_FAILURE;
- *siglen = bytes;
+ *siglen = (size_t)bytes;
return WOLFSSL_SUCCESS;
}
#endif /* NO_DSA */
@@ -2627,7 +3076,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
ret = wc_ecc_sig_size(eckey);
if (ret == 0)
return WOLFSSL_FAILURE;
- *siglen = ret;
+ *siglen = (size_t)ret;
return WOLFSSL_SUCCESS;
}
ecdsaSig = wolfSSL_ECDSA_do_sign(tbs, (int)tbslen, ctx->pkey->ecc);
@@ -2642,7 +3091,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
wolfSSL_ECDSA_SIG_free(ecdsaSig);
if (ret == 0)
return WOLFSSL_FAILURE;
- *siglen = ret;
+ *siglen = (size_t)ret;
return WOLFSSL_SUCCESS;
}
#endif /* HAVE_ECC */
@@ -3215,7 +3664,7 @@ int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
/* check public key */
if (a->pkey.ptr && b->pkey.ptr) {
- if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, a->pkey_sz) != 0) {
+ if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, (size_t)a->pkey_sz) != 0) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
}
@@ -3469,7 +3918,7 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
bytes = wolfSSL_BN_num_bytes(pkey->dsa->q);
if (bytes == WOLFSSL_FAILURE || (int)*siglen < bytes * 2)
return WOLFSSL_FAILURE;
- *siglen = bytes * 2;
+ *siglen = (unsigned int)(bytes * 2);
return WOLFSSL_SUCCESS;
}
#endif
@@ -3581,14 +4030,15 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, WOLFSSL_ENGINE* e,
pkey = wolfSSL_EVP_PKEY_new();
if (pkey != NULL) {
- pkey->pkey.ptr = (char*)XMALLOC(keylen, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+ pkey->pkey.ptr = (char*)XMALLOC((size_t)keylen, NULL,
+ DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey->pkey.ptr == NULL && keylen > 0) {
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
}
else {
if (keylen) {
- XMEMCPY(pkey->pkey.ptr, key, keylen);
+ XMEMCPY(pkey->pkey.ptr, key, (size_t)keylen);
}
pkey->pkey_sz = keylen;
pkey->type = pkey->save_type = type;
@@ -3629,7 +4079,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e,
pkey = wolfSSL_EVP_PKEY_new();
if (pkey != NULL) {
- pkey->pkey.ptr = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+ pkey->pkey.ptr = (char*)XMALLOC((size_t)len, NULL,
+ DYNAMIC_TYPE_PUBLIC_KEY);
if (pkey->pkey.ptr == NULL && len > 0) {
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
@@ -3637,7 +4088,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e,
}
else {
if (len) {
- XMEMCPY(pkey->pkey.ptr, priv, len);
+ XMEMCPY(pkey->pkey.ptr, priv, (size_t)len);
}
pkey->pkey_sz = (int)len;
pkey->type = pkey->save_type = EVP_PKEY_CMAC;
@@ -3664,6 +4115,86 @@ const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
return (const unsigned char*)pkey->pkey.ptr;
}
+static int wolfssl_evp_md_to_hash_type(const WOLFSSL_EVP_MD *type,
+ int* hashType)
+{
+ int ret = 0;
+
+#ifndef NO_SHA256
+ if (XSTRCMP(type, "SHA256") == 0) {
+ *hashType = WC_SHA256;
+ }
+ else
+#endif
+#ifndef NO_SHA
+ if ((XSTRCMP(type, "SHA") == 0) || (XSTRCMP(type, "SHA1") == 0)) {
+ *hashType = WC_SHA;
+ }
+ else
+#endif /* NO_SHA */
+#ifdef WOLFSSL_SHA224
+ if (XSTRCMP(type, "SHA224") == 0) {
+ *hashType = WC_SHA224;
+ }
+ else
+#endif
+#ifdef WOLFSSL_SHA384
+ if (XSTRCMP(type, "SHA384") == 0) {
+ *hashType = WC_SHA384;
+ }
+ else
+#endif
+#ifdef WOLFSSL_SHA512
+ if (XSTRCMP(type, "SHA512") == 0) {
+ *hashType = WC_SHA512;
+ }
+ else
+#endif
+#ifdef WOLFSSL_SHA3
+ #ifndef WOLFSSL_NOSHA3_224
+ if (XSTRCMP(type, "SHA3_224") == 0) {
+ *hashType = WC_SHA3_224;
+ }
+ else
+ #endif
+ #ifndef WOLFSSL_NOSHA3_256
+ if (XSTRCMP(type, "SHA3_256") == 0) {
+ *hashType = WC_SHA3_256;
+ }
+ else
+ #endif
+ #ifndef WOLFSSL_NOSHA3_384
+ if (XSTRCMP(type, "SHA3_384") == 0) {
+ *hashType = WC_SHA3_384;
+ }
+ else
+ #endif
+ #ifndef WOLFSSL_NOSHA3_512
+ if (XSTRCMP(type, "SHA3_512") == 0) {
+ *hashType = WC_SHA3_512;
+ }
+ else
+ #endif
+#endif
+#ifdef WOLFSSL_SM3
+ if (XSTRCMP(type, "SM3") == 0) {
+ *hashType = WC_SM3;
+ }
+ else
+#endif
+#ifndef NO_MD5
+ if (XSTRCMP(type, "MD5") == 0) {
+ *hashType = WC_MD5;
+ }
+ else
+#endif
+ {
+ ret = BAD_FUNC_ARG;
+ }
+
+ return ret;
+}
+
/* Initialize an EVP_DigestSign/Verify operation.
* Initialize a digest for RSA and ECC keys, or HMAC for HMAC key.
*/
@@ -3681,80 +4212,28 @@ static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx,
return WOLFSSL_FAILURE;
}
type = wolfSSL_EVP_get_digestbynid(default_digest);
- if (!type) {
+ if (type == NULL) {
return BAD_FUNC_ARG;
}
}
if (pkey->type == EVP_PKEY_HMAC) {
- int hashType;
-
- #ifndef NO_SHA256
- if (XSTRCMP(type, "SHA256") == 0) {
- hashType = WC_SHA256;
- } else
- #endif
- #ifndef NO_SHA
- if ((XSTRCMP(type, "SHA") == 0) || (XSTRCMP(type, "SHA1") == 0)) {
- hashType = WC_SHA;
- } else
- #endif /* NO_SHA */
- #ifdef WOLFSSL_SHA224
- if (XSTRCMP(type, "SHA224") == 0) {
- hashType = WC_SHA224;
- } else
- #endif
- #ifdef WOLFSSL_SHA384
- if (XSTRCMP(type, "SHA384") == 0) {
- hashType = WC_SHA384;
- } else
- #endif
- #ifdef WOLFSSL_SHA512
- if (XSTRCMP(type, "SHA512") == 0) {
- hashType = WC_SHA512;
- } else
- #endif
-#ifdef WOLFSSL_SHA3
- #ifndef WOLFSSL_NOSHA3_224
- if (XSTRCMP(type, "SHA3_224") == 0) {
- hashType = WC_SHA3_224;
- } else
- #endif
- #ifndef WOLFSSL_NOSHA3_256
- if (XSTRCMP(type, "SHA3_256") == 0) {
- hashType = WC_SHA3_256;
- } else
- #endif
- #ifndef WOLFSSL_NOSHA3_384
- if (XSTRCMP(type, "SHA3_384") == 0) {
- hashType = WC_SHA3_384;
- } else
- #endif
- #ifndef WOLFSSL_NOSHA3_512
- if (XSTRCMP(type, "SHA3_512") == 0) {
- hashType = WC_SHA3_512;
- } else
- #endif
-#endif
- #ifndef NO_MD5
- if (XSTRCMP(type, "MD5") == 0) {
- hashType = WC_MD5;
- } else
- #endif
- return BAD_FUNC_ARG;
-
- {
- size_t keySz = 0;
- const unsigned char* key;
+ int hashType;
+ int ret;
+ size_t keySz = 0;
+ const unsigned char* key;
- key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
+ ret = wolfssl_evp_md_to_hash_type(type, &hashType);
+ if (ret != 0) {
+ return ret;
+ }
- if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
- return WOLFSSL_FAILURE;
+ key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
+ if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
- if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
- return WOLFSSL_FAILURE;
- }
+ if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
+ return WOLFSSL_FAILURE;
ctx->isHMAC = 1;
}
@@ -3819,9 +4298,9 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx,
}
/* Get the length of the mac based on the digest algorithm. */
-static int wolfssl_mac_len(unsigned char macType)
+static unsigned int wolfssl_mac_len(unsigned char macType)
{
- int hashLen;
+ unsigned int hashLen;
switch (macType) {
#ifndef NO_MD5
@@ -3888,6 +4367,12 @@ static int wolfssl_mac_len(unsigned char macType)
#endif
#endif
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ hashLen = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif /* WOLFSSL_SM3 */
+
default:
hashLen = 0;
}
@@ -3945,7 +4430,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
#ifndef NO_RSA
else if (ctx->pctx->pkey->type == EVP_PKEY_RSA) {
if (sig == NULL) {
- *siglen = wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
+ *siglen = (size_t)wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
return WOLFSSL_SUCCESS;
}
}
@@ -3954,8 +4439,8 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
else if (ctx->pctx->pkey->type == EVP_PKEY_EC) {
if (sig == NULL) {
/* SEQ + INT + INT */
- *siglen = ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx].size * 2
- + 8;
+ *siglen = (size_t)ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx].
+ size * 2 + 8;
return WOLFSSL_SUCCESS;
}
}
@@ -3970,7 +4455,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
*siglen = hashLen;
/* May be a truncated signature. */
- XMEMCPY(sig, digest, *siglen);
+ XMEMCPY(sig, digest, (size_t)*siglen);
ret = WOLFSSL_SUCCESS;
}
else {
@@ -3998,7 +4483,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
case EVP_PKEY_EC: {
int len;
WOLFSSL_ECDSA_SIG *ecdsaSig;
- ecdsaSig = wolfSSL_ECDSA_do_sign(digest, hashLen,
+ ecdsaSig = wolfSSL_ECDSA_do_sign(digest, (int)hashLen,
ctx->pctx->pkey->ecc);
if (ecdsaSig == NULL)
break;
@@ -4006,7 +4491,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
wolfSSL_ECDSA_SIG_free(ecdsaSig);
if (len == 0)
break;
- *siglen = len;
+ *siglen = (size_t)len;
ret = WOLFSSL_SUCCESS;
break;
}
@@ -4072,7 +4557,7 @@ int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
if (ctx->isHMAC) {
/* Check HMAC result matches the signature. */
- if (XMEMCMP(sig, digest, siglen) == 0)
+ if (XMEMCMP(sig, digest, (size_t)siglen) == 0)
return WOLFSSL_SUCCESS;
return WOLFSSL_FAILURE;
}
@@ -4101,7 +4586,7 @@ int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
ecdsaSig = wolfSSL_d2i_ECDSA_SIG(NULL, &sig, (long)siglen);
if (ecdsaSig == NULL)
return WOLFSSL_FAILURE;
- ret = wolfSSL_ECDSA_do_verify(digest, hashLen, ecdsaSig,
+ ret = wolfSSL_ECDSA_do_verify(digest, (int)hashLen, ecdsaSig,
ctx->pctx->pkey->ecc);
wolfSSL_ECDSA_SIG_free(ecdsaSig);
return ret;
@@ -4190,7 +4675,7 @@ int wolfSSL_EVP_read_pw_string(char* buf, int bufSz, const char* banner, int v)
}
#endif /* WOLFSSL_APACHE_HTTPD */
-#if !defined(NO_PWDBASED) && !defined(NO_SHA)
+#if !defined(NO_PWDBASED) && !defined(NO_SHA) && !defined(NO_HMAC)
int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt,
int saltlen, int iter,
@@ -4216,7 +4701,7 @@ int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
}
#endif /* !NO_PWDBASED !NO_SHA*/
-#if !defined(NO_PWDBASED)
+#if !defined(NO_PWDBASED) && !defined(NO_HMAC)
int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const unsigned char *salt,
int saltlen, int iter,
@@ -4359,7 +4844,7 @@ static const struct cipher{
#endif
#endif
- #ifdef HAVE_AES_OFB
+ #ifdef WOLFSSL_AES_OFB
#ifdef WOLFSSL_AES_128
{AES_128_OFB_TYPE, EVP_AES_128_OFB, NID_aes_128_ofb},
#endif
@@ -4371,7 +4856,8 @@ static const struct cipher{
#endif
#endif
- #ifdef HAVE_AES_XTS
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
{AES_128_XTS_TYPE, EVP_AES_128_XTS, NID_aes_128_xts},
#endif
@@ -4429,6 +4915,12 @@ static const struct cipher{
#endif
#endif
+#ifdef HAVE_ARIA
+ {ARIA_128_GCM_TYPE, EVP_ARIA_128_GCM, NID_aria_128_gcm},
+ {ARIA_192_GCM_TYPE, EVP_ARIA_192_GCM, NID_aria_192_gcm},
+ {ARIA_256_GCM_TYPE, EVP_ARIA_256_GCM, NID_aria_256_gcm},
+#endif
+
#ifndef NO_DES3
{DES_CBC_TYPE, EVP_DES_CBC, NID_des_cbc},
{DES_ECB_TYPE, EVP_DES_ECB, NID_des_ecb},
@@ -4449,6 +4941,22 @@ static const struct cipher{
{CHACHA20_TYPE, EVP_CHACHA20, NID_chacha20},
#endif
+#ifdef WOLFSSL_SM4_ECB
+ {SM4_ECB_TYPE, EVP_SM4_ECB, NID_sm4_ecb},
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ {SM4_CBC_TYPE, EVP_SM4_CBC, NID_sm4_cbc},
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ {SM4_CTR_TYPE, EVP_SM4_CTR, NID_sm4_ctr},
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ {SM4_GCM_TYPE, EVP_SM4_GCM, NID_sm4_gcm},
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ {SM4_CCM_TYPE, EVP_SM4_CCM, NID_sm4_ccm},
+#endif
+
{ 0, NULL, 0}
};
@@ -4557,6 +5065,30 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name)
#endif
#endif
#endif
+#ifdef HAVE_ARIA
+ {EVP_ARIA_128_GCM, "aria-128-gcm"},
+ {EVP_ARIA_128_GCM, "id-aria128-GCM"},
+ {EVP_ARIA_192_GCM, "aria-192-gcm"},
+ {EVP_ARIA_192_GCM, "id-aria192-GCM"},
+ {EVP_ARIA_256_GCM, "aria-256-gcm"},
+ {EVP_ARIA_256_GCM, "id-aria256-GCM"},
+#endif
+#ifdef WOLFSSL_SM4_EBC
+ {EVP_SM4_ECB, "sm4-ecb"},
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ {EVP_SM4_CBC, "sm4"},
+ {EVP_SM4_CBC, "sm4-cbc"},
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ {EVP_SM4_CTR, "sm4-ctr"},
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ {EVP_SM4_GCM, "sm4-gcm"},
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ {EVP_SM4_CCM, "sm4-ccm"},
+#endif
#ifndef NO_RC4
{EVP_ARC4, "RC4"},
#endif
@@ -4678,6 +5210,15 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
#endif
#endif
+#ifdef HAVE_ARIA
+ case NID_aria_128_gcm:
+ return wolfSSL_EVP_aria_128_gcm();
+ case NID_aria_192_gcm:
+ return wolfSSL_EVP_aria_192_gcm();
+ case NID_aria_256_gcm:
+ return wolfSSL_EVP_aria_256_gcm();
+#endif
+
#ifndef NO_DES3
case NID_des_cbc:
return wolfSSL_EVP_des_cbc();
@@ -4703,6 +5244,27 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
return wolfSSL_EVP_chacha20();
#endif
+#ifdef WOLFSSL_SM4_ECB
+ case NID_sm4_ecb:
+ return wolfSSL_EVP_sm4_ecb();
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ case NID_sm4_cbc:
+ return wolfSSL_EVP_sm4_cbc();
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case NID_sm4_ctr:
+ return wolfSSL_EVP_sm4_ctr();
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case NID_sm4_gcm:
+ return wolfSSL_EVP_sm4_gcm();
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case NID_sm4_ccm:
+ return wolfSSL_EVP_sm4_ccm();
+#endif
+
default:
WOLFSSL_MSG("Bad cipher id value");
}
@@ -4834,6 +5396,12 @@ void wolfSSL_EVP_init(void)
ret = NOT_COMPILED_IN;
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3Copy(&src->hash.digest.sm3,
+ &des->hash.digest.sm3);
+ break;
+ #endif
case WC_HASH_TYPE_NONE:
case WC_HASH_TYPE_MD2:
case WC_HASH_TYPE_MD4:
@@ -5002,7 +5570,8 @@ void wolfSSL_EVP_init(void)
#endif /* WOLFSSL_AES_256 */
#endif /* WOLFSSL_AES_OFB */
- #ifdef WOLFSSL_AES_XTS
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_xts(void)
{
@@ -5018,7 +5587,8 @@ void wolfSSL_EVP_init(void)
return EVP_AES_256_XTS;
}
#endif /* WOLFSSL_AES_256 */
- #endif /* WOLFSSL_AES_XTS */
+ #endif /* WOLFSSL_AES_XTS &&
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
@@ -5081,7 +5651,6 @@ void wolfSSL_EVP_init(void)
}
#endif /* WOLFSSL_AES_2128 */
-
#ifdef WOLFSSL_AES_192
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void)
{
@@ -5129,6 +5698,24 @@ void wolfSSL_EVP_init(void)
#endif /* HAVE_AES_ECB */
#endif /* NO_AES */
+#ifdef HAVE_ARIA
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_128_gcm(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_aria_128_gcm");
+ return EVP_ARIA_128_GCM;
+ }
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_192_gcm(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_aria_192_gcm");
+ return EVP_ARIA_192_GCM;
+ }
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_256_gcm(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_aria_256_gcm");
+ return EVP_ARIA_256_GCM;
+ }
+#endif /* HAVE_ARIA */
+
#ifndef NO_DES3
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void)
{
@@ -5180,6 +5767,42 @@ void wolfSSL_EVP_init(void)
}
#endif
+#ifdef WOLFSSL_SM4_ECB
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ecb(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_sm4_ecb");
+ return EVP_SM4_ECB;
+ }
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_cbc(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_sm4_cbc");
+ return EVP_SM4_CBC;
+ }
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ctr(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_sm4_ctr");
+ return EVP_SM4_CTR;
+ }
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_gcm(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_sm4_gcm");
+ return EVP_SM4_GCM;
+ }
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ccm(void)
+ {
+ WOLFSSL_ENTER("wolfSSL_EVP_sm4_ccm");
+ return EVP_SM4_CCM;
+ }
+#endif
+
const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void)
{
WOLFSSL_ENTER("wolfSSL_EVP_enc_null");
@@ -5224,7 +5847,8 @@ void wolfSSL_EVP_init(void)
case EVP_CTRL_SET_KEY_LENGTH:
ret = wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, arg);
break;
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \
(defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
case EVP_CTRL_AEAD_SET_IVLEN:
if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0)
@@ -5237,6 +5861,22 @@ void wolfSSL_EVP_init(void)
}
else
#endif /* HAVE_CHACHA && HAVE_POLY1305 */
+ #if defined(WOLFSSL_SM4_GCM)
+ if (ctx->cipherType == SM4_GCM_TYPE) {
+ if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+ break;
+ }
+ }
+ else
+ #endif
+ #if defined(WOLFSSL_SM4_CCM)
+ if (ctx->cipherType == SM4_CCM_TYPE) {
+ if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+ break;
+ }
+ }
+ else
+ #endif
{
if (arg <= 0 || arg > AES_BLOCK_SIZE)
break;
@@ -5244,7 +5884,8 @@ void wolfSSL_EVP_init(void)
ret = wolfSSL_EVP_CIPHER_CTX_set_iv_length(ctx, arg);
break;
-#if defined(HAVE_AESGCM) || (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+#if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM) || \
+ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
case EVP_CTRL_AEAD_SET_IV_FIXED:
if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0)
break;
@@ -5263,13 +5904,13 @@ void wolfSSL_EVP_init(void)
break;
}
/* arg is 4...(ctx->ivSz - 8) */
- XMEMCPY(ctx->iv, ptr, arg);
+ XMEMCPY(ctx->iv, ptr, (size_t)arg);
if (wc_InitRng(&rng) != 0) {
WOLFSSL_MSG("wc_InitRng failed");
break;
}
- if (wc_RNG_GenerateBlock(&rng, ctx->iv + arg,
- ctx->ivSz - arg) == 0) {
+ if (wc_RNG_GenerateBlock(&rng, ctx->iv + arg,
+ (word32)(ctx->ivSz - arg)) == 0) {
ret = WOLFSSL_SUCCESS;
} else {
/* rng is freed immediately after if block so no need
@@ -5283,7 +5924,7 @@ void wolfSSL_EVP_init(void)
break;
}
}
- #ifdef HAVE_AESGCM
+ #if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM)
if (ret == WOLFSSL_SUCCESS) {
/*
* OpenSSL requires that a EVP_CTRL_AEAD_SET_IV_FIXED
@@ -5295,9 +5936,9 @@ void wolfSSL_EVP_init(void)
#endif
#endif /* !WC_NO_RNG */
break;
-#endif /* HAVE_AESGCM || (HAVE_CHACHA && HAVE_POLY1305) */
-#if defined(HAVE_AESGCM) && !defined(_WIN32) && !defined(HAVE_SELFTEST) && \
- (!defined(HAVE_FIPS) || FIPS_VERSION_GE(2,0))
+#endif /* HAVE_AESGCM || WOLFSSL_SM4_GCM || (HAVE_CHACHA && HAVE_POLY1305) */
+#if (defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM)) && !defined(_WIN32) && \
+ !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(2,0))
/*
* Using EVP_CTRL_GCM_IV_GEN is a way to do AES-GCM encrypt/decrypt
* multiple times with EVP_Cipher without having to call
@@ -5321,14 +5962,14 @@ void wolfSSL_EVP_init(void)
break;
}
if (arg <= 0 || arg > ctx->ivSz) {
- XMEMCPY(ptr, ctx->iv, ctx->ivSz);
+ XMEMCPY(ptr, ctx->iv, (size_t)ctx->ivSz);
}
else {
/*
* Copy the last "arg" bytes of ctx->iv into the buffer at
* "ptr." Not sure why OpenSSL does this, but it does.
*/
- XMEMCPY(ptr, ctx->iv + ctx->ivSz - arg, arg);
+ XMEMCPY(ptr, ctx->iv + ctx->ivSz - arg, (size_t)arg);
}
/*
@@ -5338,8 +5979,8 @@ void wolfSSL_EVP_init(void)
ctx->authIncIv = 1;
ret = WOLFSSL_SUCCESS;
break;
-#endif /* HAVE_AESGCM && !_WIN32 && !HAVE_SELFTEST && (!HAVE_FIPS ||
- * FIPS_VERSION >= 2)*/
+#endif /* (HAVE_AESGCM || WOLFSSL_SM4_GCM) && !_WIN32 && !HAVE_SELFTEST &&
+ * !HAVE_FIPS || FIPS_VERSION >= 2)*/
case EVP_CTRL_AEAD_SET_TAG:
if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0)
break;
@@ -5351,17 +5992,43 @@ void wolfSSL_EVP_init(void)
ctx->authTagSz = arg;
ret = WOLFSSL_SUCCESS;
if (ptr != NULL) {
- XMEMCPY(ctx->authTag, ptr, arg);
+ XMEMCPY(ctx->authTag, ptr, (size_t)arg);
}
break;
}
else
#endif /* HAVE_CHACHA && HAVE_POLY1305 */
+#if defined(WOLFSSL_SM4_GCM)
+ if (ctx->cipherType == SM4_GCM_TYPE) {
+ if ((arg <= 0) || (arg > SM4_BLOCK_SIZE) || (ptr == NULL)) {
+ break;
+ }
+
+ XMEMCPY(ctx->authTag, ptr, (size_t)arg);
+ ctx->authTagSz = arg;
+ ret = WOLFSSL_SUCCESS;
+ break;
+ }
+ else
+#endif
+#if defined(WOLFSSL_SM4_CCM)
+ if (ctx->cipherType == SM4_CCM_TYPE) {
+ if ((arg <= 0) || (arg > SM4_BLOCK_SIZE) || (ptr == NULL)) {
+ break;
+ }
+
+ XMEMCPY(ctx->authTag, ptr, (size_t)arg);
+ ctx->authTagSz = arg;
+ ret = WOLFSSL_SUCCESS;
+ break;
+ }
+ else
+#endif
{
if(arg <= 0 || arg > 16 || (ptr == NULL))
break;
- XMEMCPY(ctx->authTag, ptr, arg);
+ XMEMCPY(ctx->authTag, ptr, (size_t)arg);
ctx->authTagSz = arg;
ret = WOLFSSL_SUCCESS;
break;
@@ -5378,17 +6045,34 @@ void wolfSSL_EVP_init(void)
}
else
#endif /* HAVE_CHACHA && HAVE_POLY1305 */
+#if defined(WOLFSSL_SM4_GCM)
+ if (ctx->cipherType == SM4_GCM_TYPE) {
+ if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+ break;
+ }
+ }
+ else
+#endif
+#if defined(WOLFSSL_SM4_CCM)
+ if (ctx->cipherType == SM4_CCM_TYPE) {
+ if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+ break;
+ }
+ }
+ else
+#endif
{
if (arg <= 0 || arg > AES_BLOCK_SIZE)
break;
}
if (ptr != NULL) {
- XMEMCPY(ptr, ctx->authTag, arg);
+ XMEMCPY(ptr, ctx->authTag, (size_t)arg);
ret = WOLFSSL_SUCCESS;
}
break;
-#endif /* HAVE_AESGCM || HAVE_AESCCM || (HAVE_CHACHA && HAVE_POLY1305) */
+#endif /* HAVE_AESGCM || HAVE_AESCCM || WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM ||
+ * HAVE_ARIA || (HAVE_CHACHA && HAVE_POLY1305) */
default:
WOLFSSL_MSG("EVP_CIPHER_CTX_ctrl operation not yet handled");
break;
@@ -5397,33 +6081,34 @@ void wolfSSL_EVP_init(void)
}
/* WOLFSSL_SUCCESS on ok */
- int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
+ static int wolfSSL_EVP_CIPHER_CTX_cleanup_cipher(
+ WOLFSSL_EVP_CIPHER_CTX* ctx)
{
- WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_cleanup");
+ int ret = WOLFSSL_SUCCESS;
if (ctx) {
#if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+ switch (ctx->cipherType) {
#if (defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)) || \
defined(HAVE_AESCCM) || \
- defined(HAVE_AESCBC) || \
+ defined(HAVE_AES_CBC) || \
defined(WOLFSSL_AES_COUNTER) || \
defined(HAVE_AES_ECB) || \
- defined(HAVE_AES_CFB) || \
- defined(HAVE_AES_OFB) || \
+ defined(WOLFSSL_AES_CFB) || \
+ defined(WOLFSSL_AES_OFB) || \
defined(WOLFSSL_AES_XTS)
- switch (ctx->cipherType) {
- #if defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)
+ #if defined(HAVE_AESGCM)
case AES_128_GCM_TYPE:
case AES_192_GCM_TYPE:
case AES_256_GCM_TYPE:
- #endif /* HAVE_AESGCM && WOLFSSL_AESGCM_STREAM */
+ #endif /* HAVE_AESGCM */
#if defined(HAVE_AESCCM)
case AES_128_CCM_TYPE:
case AES_192_CCM_TYPE:
case AES_256_CCM_TYPE:
#endif /* HAVE_AESCCM */
- #ifdef HAVE_AESCBC
+ #ifdef HAVE_AES_CBC
case AES_128_CBC_TYPE:
case AES_192_CBC_TYPE:
case AES_256_CBC_TYPE:
@@ -5438,7 +6123,7 @@ void wolfSSL_EVP_init(void)
case AES_192_ECB_TYPE:
case AES_256_ECB_TYPE:
#endif
- #ifdef HAVE_AES_CFB
+ #ifdef WOLFSSL_AES_CFB
case AES_128_CFB1_TYPE:
case AES_192_CFB1_TYPE:
case AES_256_CFB1_TYPE:
@@ -5449,31 +6134,81 @@ void wolfSSL_EVP_init(void)
case AES_192_CFB128_TYPE:
case AES_256_CFB128_TYPE:
#endif
- #ifdef HAVE_AES_OFB
+ #ifdef WOLFSSL_AES_OFB
case AES_128_OFB_TYPE:
case AES_192_OFB_TYPE:
case AES_256_OFB_TYPE:
#endif
- #ifdef WOLFSSL_AES_XTS
+ wc_AesFree(&ctx->cipher.aes);
+ ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ break;
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case AES_128_XTS_TYPE:
case AES_256_XTS_TYPE:
+ wc_AesXtsFree(&ctx->cipher.xts);
+ ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ break;
+ #endif
+#endif /* AES */
+ #ifdef HAVE_ARIA
+ case ARIA_128_GCM_TYPE:
+ case ARIA_192_GCM_TYPE:
+ case ARIA_256_GCM_TYPE:
+ {
+ int result = wc_AriaFreeCrypt(&ctx->cipher.aria);
+ if (result != 0) {
+ WOLFSSL_MSG("wc_AriaFreeCrypt failure");
+ ret = result;
+ }
+ }
+ break;
#endif
- wc_AesFree(&ctx->cipher.aes);
}
-#endif /* AES */
#endif /* not FIPS or FIPS v2+ */
+#ifdef WOLFSSL_SM4
+ switch (ctx->cipherType) {
+ #ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+ #endif
+ #ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+ #endif
+ #ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+ #endif
+ #ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ #endif
+ wc_Sm4Free(&ctx->cipher.sm4);
+ }
+#endif
+ }
+ return ret;
+ }
+
+ int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
+ {
+ int ret = WOLFSSL_SUCCESS;
+ WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_cleanup");
+ if (ctx) {
+ wolfSSL_EVP_CIPHER_CTX_cleanup_cipher(ctx);
ctx->cipherType = WOLFSSL_EVP_CIPH_TYPE_INIT; /* not yet initialized */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
if (ctx->key) {
- ForceZero(ctx->key, ctx->keyLen);
+ ForceZero(ctx->key, (word32)ctx->keyLen);
XFREE(ctx->key, NULL, DYNAMIC_TYPE_OPENSSL);
ctx->key = NULL;
}
#endif
ctx->keyLen = 0;
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
if (ctx->authBuffer) {
XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
ctx->authBuffer = NULL;
@@ -5489,7 +6224,7 @@ void wolfSSL_EVP_init(void)
#endif
}
- return WOLFSSL_SUCCESS;
+ return ret;
}
/* Permanent stub for Qt compilation. */
@@ -5532,7 +6267,7 @@ void wolfSSL_EVP_init(void)
goto end;
if (data == NULL) {
- ret = info->keySz;
+ ret = (int)info->keySz;
goto end;
}
@@ -5540,10 +6275,10 @@ void wolfSSL_EVP_init(void)
if (ret == WOLFSSL_FAILURE)
goto end;
- ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt,
- EVP_SALT_SIZE, count, hashType, NULL);
+ ret = wc_PBKDF1_ex(key, (int)info->keySz, iv, (int)info->ivSz, data, sz,
+ salt, EVP_SALT_SIZE, count, hashType, NULL);
if (ret == 0)
- ret = info->keySz;
+ ret = (int)info->keySz;
end:
#ifdef WOLFSSL_SMALL_STACK
@@ -5615,7 +6350,7 @@ void wolfSSL_EVP_init(void)
if (ctx->ivSz == 0) {
ctx->ivSz = GCM_NONCE_MID_SZ;
}
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
if (enc == 0 || enc == 1) {
@@ -5647,6 +6382,13 @@ void wolfSSL_EVP_init(void)
}
#endif
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ ret = WOLFSSL_FAILURE;
+ else
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
+
#ifndef WOLFSSL_AESGCM_STREAM
if (ret == WOLFSSL_SUCCESS && key &&
wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
@@ -5655,7 +6397,7 @@ void wolfSSL_EVP_init(void)
}
#endif /* !WOLFSSL_AESGCM_STREAM */
if (ret == WOLFSSL_SUCCESS && iv &&
- wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, ctx->ivSz)) {
+ wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, (word32)ctx->ivSz)) {
WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
ret = WOLFSSL_FAILURE;
}
@@ -5667,8 +6409,8 @@ void wolfSSL_EVP_init(void)
if (ret == WOLFSSL_SUCCESS &&
(key || (iv && ctx->cipher.aes.gcmKeySet)) &&
wc_AesGcmInit(&ctx->cipher.aes, key,
- (key == NULL) ? 0 : ctx->keyLen, iv,
- (iv == NULL) ? 0 : ctx->ivSz) != 0) {
+ (key == NULL) ? 0 : (word32)ctx->keyLen, iv,
+ (iv == NULL) ? 0 : (word32)ctx->ivSz) != 0) {
WOLFSSL_MSG("wc_AesGcmInit() failed");
ret = WOLFSSL_FAILURE;
}
@@ -5751,7 +6493,7 @@ void wolfSSL_EVP_init(void)
if (ctx->enc) {
/* Calculate authentication tag. */
ret = wc_AesGcmEncryptFinal(&ctx->cipher.aes,
- ctx->authTag, ctx->authTagSz);
+ ctx->authTag, (word32)ctx->authTagSz);
/*
* wc_AesGcmEncryptFinal increments the IV in
* ctx->cipher.aes.reg, so we don't call IncCtr here.
@@ -5760,7 +6502,7 @@ void wolfSSL_EVP_init(void)
else {
/* Calculate authentication tag and compare. */
ret = wc_AesGcmDecryptFinal(&ctx->cipher.aes,
- ctx->authTag, ctx->authTagSz);
+ ctx->authTag, (word32)ctx->authTagSz);
if (ctx->authIncIv) {
IncCtr((byte*)ctx->cipher.aes.reg,
ctx->cipher.aes.nonceSz);
@@ -5769,9 +6511,9 @@ void wolfSSL_EVP_init(void)
/* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
(byte*)ctx->cipher.aes.reg,
- ctx->ivSz) != 0) {
+ (word32)ctx->ivSz) != 0) {
WOLFSSL_MSG("wc_AesGcmInit failed");
- return WOLFSSL_FATAL_ERROR;
+ return WOLFSSL_FAILURE;
}
ctx->authIncIv = 0;
}
@@ -5782,12 +6524,12 @@ void wolfSSL_EVP_init(void)
* NULL).
*/
if (ctx->authIn != NULL) {
- XMEMSET(ctx->authIn, 0, ctx->authInSz);
+ XMEMSET(ctx->authIn, 0, (size_t)ctx->authInSz);
}
ctx->authInSz = 0;
}
if (ret == 0) {
- ret = len;
+ ret = (int)len;
}
return ret;
@@ -5815,7 +6557,7 @@ void wolfSSL_EVP_init(void)
if (ctx->ivSz == 0) {
ctx->ivSz = GCM_NONCE_MID_SZ;
}
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CCM_MODE |
WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
if (enc == 0 || enc == 1) {
@@ -5847,13 +6589,23 @@ void wolfSSL_EVP_init(void)
}
#endif
+ if (ret == WOLFSSL_SUCCESS) {
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0) {
+ WOLFSSL_MSG("wc_AesInit() failed");
+ ret = WOLFSSL_FAILURE;
+ } else
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
+ }
+
if (ret == WOLFSSL_SUCCESS && key &&
- wc_AesCcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
+ wc_AesCcmSetKey(&ctx->cipher.aes, key, (word32)ctx->keyLen)) {
WOLFSSL_MSG("wc_AesCcmSetKey() failed");
ret = WOLFSSL_FAILURE;
}
if (ret == WOLFSSL_SUCCESS && iv &&
- wc_AesCcmSetNonce(&ctx->cipher.aes, iv, ctx->ivSz)) {
+ wc_AesCcmSetNonce(&ctx->cipher.aes, iv, (word32)ctx->ivSz)) {
WOLFSSL_MSG("wc_AesCcmSetNonce() failed");
ret = WOLFSSL_FAILURE;
}
@@ -5877,20 +6629,20 @@ void wolfSSL_EVP_init(void)
/* No destination means only AAD. */
if (src != NULL && dst == NULL) {
- ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, src, len);
+ ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, src, (int)len);
}
else if (src != NULL && dst != NULL) {
if (ctx->enc) {
ret = wc_AesCcmEncrypt(&ctx->cipher.aes, dst, src,
- len, ctx->iv, ctx->ivSz, ctx->authTag,
- ctx->authTagSz, ctx->authIn,
- ctx->authInSz);
+ len, ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+ (word32)ctx->authTagSz, ctx->authIn,
+ (word32)ctx->authInSz);
}
else {
ret = wc_AesCcmDecrypt(&ctx->cipher.aes, dst, src,
- len, ctx->iv, ctx->ivSz, ctx->authTag,
- ctx->authTagSz, ctx->authIn,
- ctx->authInSz);
+ len, ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+ (word32)ctx->authTagSz, ctx->authIn,
+ (word32)ctx->authInSz);
}
if (ctx->authIncIv) {
IncCtr((byte*)ctx->cipher.aes.reg,
@@ -5904,12 +6656,12 @@ void wolfSSL_EVP_init(void)
* NULL).
*/
if (ctx->authIn != NULL) {
- XMEMSET(ctx->authIn, 0, ctx->authInSz);
+ XMEMSET(ctx->authIn, 0, (size_t)ctx->authInSz);
}
ctx->authInSz = 0;
}
if (ret == 0) {
- ret = len;
+ ret = (int)len;
}
return ret;
@@ -5917,6 +6669,86 @@ void wolfSSL_EVP_init(void)
#endif /* HAVE_AESCCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
* HAVE_FIPS_VERSION >= 2 */
+#if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
+ || FIPS_VERSION_GE(2,0))
+ static int EvpCipherInitAriaGCM(WOLFSSL_EVP_CIPHER_CTX* ctx,
+ const WOLFSSL_EVP_CIPHER* type,
+ const byte* key, const byte* iv, int enc)
+ {
+ int ret = WOLFSSL_SUCCESS;
+
+ if (ctx->cipherType == ARIA_128_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_128_GCM))) {
+ WOLFSSL_MSG("EVP_ARIA_128_GCM");
+ ctx->cipherType = ARIA_128_GCM_TYPE;
+ ctx->keyLen = ARIA_128_KEY_SIZE;
+ } else if (ctx->cipherType == ARIA_192_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_192_GCM))) {
+ WOLFSSL_MSG("EVP_ARIA_192_GCM");
+ ctx->cipherType = ARIA_192_GCM_TYPE;
+ ctx->keyLen = ARIA_192_KEY_SIZE;
+ } else if (ctx->cipherType == ARIA_256_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_256_GCM))) {
+ WOLFSSL_MSG("EVP_ARIA_256_GCM");
+ ctx->cipherType = ARIA_256_GCM_TYPE;
+ ctx->keyLen = ARIA_256_KEY_SIZE;
+ } else {
+ WOLFSSL_MSG("Unrecognized cipher type");
+ return WOLFSSL_FAILURE;
+ }
+
+ if (ctx->authIn) {
+ XFREE(ctx->authIn, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx->authIn = NULL;
+ }
+ ctx->authInSz = 0;
+
+ ctx->block_size = AES_BLOCK_SIZE;
+ ctx->authTagSz = AES_BLOCK_SIZE;
+ if (ctx->ivSz == 0) {
+ ctx->ivSz = GCM_NONCE_MID_SZ;
+ }
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
+ WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+ if (enc == 0 || enc == 1) {
+ ctx->enc = enc ? 1 : 0;
+ }
+
+ switch(ctx->cipherType) {
+ case ARIA_128_GCM_TYPE:
+ ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_128BITKEY);
+ break;
+ case ARIA_192_GCM_TYPE:
+ ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_192BITKEY);
+ break;
+ case ARIA_256_GCM_TYPE:
+ ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_256BITKEY);
+ break;
+ default:
+ WOLFSSL_MSG("Not implemented cipherType");
+ return WOLFSSL_NOT_IMPLEMENTED; /* This should never happen */
+ }
+ if (ret != 0) {
+ WOLFSSL_MSG(MC_GetErrorString(ret));
+ WOLFSSL_MSG(MC_GetError(ctx->cipher.aria.hSession));
+ return WOLFSSL_FAILURE;
+ }
+
+ if (key && wc_AriaSetKey(&ctx->cipher.aria, (byte *)key)) {
+ WOLFSSL_MSG("wc_AriaSetKey() failed");
+ return WOLFSSL_FAILURE;
+ }
+ if (iv && wc_AriaGcmSetExtIV(&ctx->cipher.aria, iv, ctx->ivSz)) {
+ WOLFSSL_MSG("wc_AriaGcmSetIV() failed");
+ return WOLFSSL_FAILURE;
+ }
+
+ return WOLFSSL_SUCCESS;
+ }
+#endif /* HAVE_ARIA && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+ * HAVE_FIPS_VERSION >= 2 */
+
/* return WOLFSSL_SUCCESS on ok, 0 on failure to match API compatibility */
int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
const WOLFSSL_EVP_CIPHER* type, const byte* key,
@@ -5942,6 +6774,7 @@ void wolfSSL_EVP_init(void)
XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher));
ctx->flags = 0;
}
+
/* always clear buffer state */
ctx->bufUsed = 0;
ctx->lastUsed = 0;
@@ -5959,16 +6792,21 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CBC))) {
WOLFSSL_MSG("EVP_AES_128_CBC");
ctx->cipherType = AES_128_CBC_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 16;
ctx->block_size = AES_BLOCK_SIZE;
ctx->ivSz = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -5984,16 +6822,21 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CBC))) {
WOLFSSL_MSG("EVP_AES_192_CBC");
ctx->cipherType = AES_192_CBC_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 24;
ctx->block_size = AES_BLOCK_SIZE;
ctx->ivSz = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6009,16 +6852,21 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CBC))) {
WOLFSSL_MSG("EVP_AES_256_CBC");
ctx->cipherType = AES_256_CBC_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 32;
ctx->block_size = AES_BLOCK_SIZE;
ctx->ivSz = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
if (ret != 0){
WOLFSSL_MSG("AesSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6073,7 +6921,8 @@ void wolfSSL_EVP_init(void)
|| ctx->cipherType == AES_256_CCM_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CCM))
#endif
- ) {
+ )
+ {
if (EvpCipherInitAesCCM(ctx, type, key, iv, enc)
!= WOLFSSL_SUCCESS) {
return WOLFSSL_FAILURE;
@@ -6086,7 +6935,7 @@ void wolfSSL_EVP_init(void)
if (ctx->cipherType == AES_128_CTR_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CTR))) {
WOLFSSL_MSG("EVP_AES_128_CTR");
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->cipherType = AES_128_CTR_TYPE;
ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->keyLen = 16;
@@ -6097,9 +6946,14 @@ void wolfSSL_EVP_init(void)
#endif
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 1);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 1);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6115,7 +6969,7 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CTR))) {
WOLFSSL_MSG("EVP_AES_192_CTR");
ctx->cipherType = AES_192_CTR_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->keyLen = 24;
ctx->block_size = NO_PADDING_BLOCK_SIZE;
@@ -6125,9 +6979,14 @@ void wolfSSL_EVP_init(void)
#endif
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 1);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 1);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6143,7 +7002,7 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CTR))) {
WOLFSSL_MSG("EVP_AES_256_CTR");
ctx->cipherType = AES_256_CTR_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
ctx->keyLen = 32;
ctx->block_size = NO_PADDING_BLOCK_SIZE;
@@ -6153,9 +7012,14 @@ void wolfSSL_EVP_init(void)
#endif
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 1);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 1);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6173,15 +7037,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_ECB))) {
WOLFSSL_MSG("EVP_AES_128_ECB");
ctx->cipherType = AES_128_ECB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 16;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ NULL, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
}
if (ret != 0)
return WOLFSSL_FAILURE;
@@ -6192,15 +7061,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_ECB))) {
WOLFSSL_MSG("EVP_AES_192_ECB");
ctx->cipherType = AES_192_ECB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 24;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ NULL, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
}
if (ret != 0)
return WOLFSSL_FAILURE;
@@ -6211,15 +7085,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_ECB))) {
WOLFSSL_MSG("EVP_AES_256_ECB");
ctx->cipherType = AES_256_ECB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 32;
ctx->block_size = AES_BLOCK_SIZE;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ NULL, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
}
if (ret != 0)
return WOLFSSL_FAILURE;
@@ -6232,15 +7111,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB1))) {
WOLFSSL_MSG("EVP_AES_128_CFB1");
ctx->cipherType = AES_128_CFB1_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 16;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6256,15 +7140,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB1))) {
WOLFSSL_MSG("EVP_AES_192_CFB1");
ctx->cipherType = AES_192_CFB1_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 24;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6280,15 +7169,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB1))) {
WOLFSSL_MSG("EVP_AES_256_CFB1");
ctx->cipherType = AES_256_CFB1_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 32;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0){
WOLFSSL_MSG("AesSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6308,15 +7202,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB8))) {
WOLFSSL_MSG("EVP_AES_128_CFB8");
ctx->cipherType = AES_128_CFB8_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 16;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6332,15 +7231,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB8))) {
WOLFSSL_MSG("EVP_AES_192_CFB8");
ctx->cipherType = AES_192_CFB8_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 24;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6356,15 +7260,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB8))) {
WOLFSSL_MSG("EVP_AES_256_CFB8");
ctx->cipherType = AES_256_CFB8_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 32;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0){
WOLFSSL_MSG("AesSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6384,15 +7293,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB128))) {
WOLFSSL_MSG("EVP_AES_128_CFB128");
ctx->cipherType = AES_128_CFB128_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 16;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6408,15 +7322,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB128))) {
WOLFSSL_MSG("EVP_AES_192_CFB128");
ctx->cipherType = AES_192_CFB128_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 24;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6432,15 +7351,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB128))) {
WOLFSSL_MSG("EVP_AES_256_CFB128");
ctx->cipherType = AES_256_CFB128_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CFB_MODE;
ctx->keyLen = 32;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0){
WOLFSSL_MSG("AesSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6462,15 +7386,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_OFB))) {
WOLFSSL_MSG("EVP_AES_128_OFB");
ctx->cipherType = AES_128_OFB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
ctx->keyLen = 16;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6486,15 +7415,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_OFB))) {
WOLFSSL_MSG("EVP_AES_192_OFB");
ctx->cipherType = AES_192_OFB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
ctx->keyLen = 24;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0)
return WOLFSSL_FAILURE;
}
@@ -6510,15 +7444,20 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_OFB))) {
WOLFSSL_MSG("EVP_AES_256_OFB");
ctx->cipherType = AES_256_OFB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_OFB_MODE;
ctx->keyLen = 32;
ctx->block_size = 1;
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+ return WOLFSSL_FAILURE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
if (key) {
- ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
- AES_ENCRYPTION, 0);
+ ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+ iv, AES_ENCRYPTION, 0);
if (ret != 0){
WOLFSSL_MSG("AesSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6533,14 +7472,15 @@ void wolfSSL_EVP_init(void)
}
}
#endif /* WOLFSSL_AES_256 */
- #endif /* HAVE_AES_OFB */
- #ifdef WOLFSSL_AES_XTS
+ #endif /* WOLFSSL_AES_OFB */
+ #if defined(WOLFSSL_AES_XTS) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_XTS_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_XTS))) {
WOLFSSL_MSG("EVP_AES_128_XTS");
ctx->cipherType = AES_128_XTS_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
ctx->keyLen = 32;
ctx->block_size = 1;
@@ -6548,16 +7488,27 @@ void wolfSSL_EVP_init(void)
if (iv != NULL) {
if (iv != ctx->iv) /* Valgrind error when src == dst */
- XMEMCPY(ctx->iv, iv, ctx->ivSz);
+ XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
}
else
XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ ret = wc_AesXtsInit(&ctx->cipher.xts, NULL, 0);
+ if (ret != 0) {
+ WOLFSSL_MSG("wc_AesXtsInit() failed");
+ return WOLFSSL_FAILURE;
+ }
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
+
if (key) {
- ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
+ ret = wc_AesXtsSetKeyNoInit(&ctx->cipher.xts, key,
+ (word32)ctx->keyLen,
+ ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
if (ret != 0) {
WOLFSSL_MSG("wc_AesXtsSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6570,7 +7521,7 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_XTS))) {
WOLFSSL_MSG("EVP_AES_256_XTS");
ctx->cipherType = AES_256_XTS_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_XTS_MODE;
ctx->keyLen = 64;
ctx->block_size = 1;
@@ -6578,16 +7529,27 @@ void wolfSSL_EVP_init(void)
if (iv != NULL) {
if (iv != ctx->iv) /* Valgrind error when src == dst */
- XMEMCPY(ctx->iv, iv, ctx->ivSz);
+ XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
}
else
XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
if (enc == 0 || enc == 1)
ctx->enc = enc ? 1 : 0;
+
+ if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+ ret = wc_AesXtsInit(&ctx->cipher.xts, NULL, 0);
+ if (ret != 0) {
+ WOLFSSL_MSG("wc_AesXtsInit() failed");
+ return WOLFSSL_FAILURE;
+ }
+ ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+ }
+
if (key) {
- ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
- ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
+ ret = wc_AesXtsSetKeyNoInit(&ctx->cipher.xts, key,
+ (word32)ctx->keyLen,
+ ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
if (ret != 0) {
WOLFSSL_MSG("wc_AesXtsSetKey() failed");
return WOLFSSL_FAILURE;
@@ -6595,14 +7557,32 @@ void wolfSSL_EVP_init(void)
}
}
#endif /* WOLFSSL_AES_256 */
- #endif /* HAVE_AES_XTS */
+ #endif /* WOLFSSL_AES_XTS &&
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
#endif /* NO_AES */
+ #if defined(HAVE_ARIA)
+ if (ctx->cipherType == ARIA_128_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_128_GCM))
+ || ctx->cipherType == ARIA_192_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_192_GCM))
+ || ctx->cipherType == ARIA_256_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_256_GCM))
+ ) {
+ if (EvpCipherInitAriaGCM(ctx, type, key, iv, enc)
+ != WOLFSSL_SUCCESS) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ #endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+ * HAVE_FIPS_VERSION >= 2 */
+
+
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
if (ctx->cipherType == CHACHA20_POLY1305_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_CHACHA20_POLY1305))) {
WOLFSSL_MSG("EVP_CHACHA20_POLY1305");
ctx->cipherType = CHACHA20_POLY1305_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
ctx->keyLen = CHACHA20_POLY1305_AEAD_KEYSIZE;
ctx->block_size = CHACHA_CHUNK_BYTES;
@@ -6619,13 +7599,13 @@ void wolfSSL_EVP_init(void)
* since wc_ChaCha20Poly1305_Init() does not. */
if (key != NULL) {
if (!ctx->key) {
- ctx->key = (byte*)XMALLOC(ctx->keyLen, NULL,
+ ctx->key = (byte*)XMALLOC((size_t)ctx->keyLen, NULL,
DYNAMIC_TYPE_OPENSSL);
if (!ctx->key) {
return MEMORY_E;
}
}
- XMEMCPY(ctx->key, key, ctx->keyLen);
+ XMEMCPY(ctx->key, key, (size_t)ctx->keyLen);
}
if ((ctx->key != NULL && iv != NULL) && wc_ChaCha20Poly1305_Init(
&ctx->cipher.chachaPoly, ctx->key, iv, ctx->enc) != 0) {
@@ -6639,15 +7619,15 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_CHACHA20))) {
WOLFSSL_MSG("EVP_CHACHA20");
ctx->cipherType = CHACHA20_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->keyLen = CHACHA_MAX_KEY_SZ;
ctx->block_size = 1;
ctx->ivSz = WOLFSSL_EVP_CHACHA_IV_BYTES;
if (enc == 0 || enc == 1) {
ctx->enc = (byte) enc;
}
- if (key != NULL && wc_Chacha_SetKey(&ctx->cipher.chacha,
- key, ctx->keyLen) != 0) {
+ if (key != NULL && wc_Chacha_SetKey(&ctx->cipher.chacha, key,
+ (word32)ctx->keyLen) != 0) {
WOLFSSL_MSG("wc_Chacha_SetKey() failed");
return WOLFSSL_FAILURE;
}
@@ -6667,12 +7647,147 @@ void wolfSSL_EVP_init(void)
}
}
#endif
+#ifdef WOLFSSL_SM4_ECB
+ if (ctx->cipherType == SM4_ECB_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_ECB))) {
+ WOLFSSL_MSG("EVP_SM4_ECB");
+ ctx->cipherType = SM4_ECB_TYPE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
+ ctx->keyLen = SM4_KEY_SIZE;
+ ctx->block_size = SM4_BLOCK_SIZE;
+ if (enc == 0 || enc == 1)
+ ctx->enc = enc ? 1 : 0;
+ if (key) {
+ ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+ }
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ if (ctx->cipherType == SM4_CBC_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CBC))) {
+ WOLFSSL_MSG("EVP_SM4_CBC");
+ ctx->cipherType = SM4_CBC_TYPE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
+ ctx->keyLen = SM4_KEY_SIZE;
+ ctx->block_size = SM4_BLOCK_SIZE;
+ ctx->ivSz = SM4_BLOCK_SIZE;
+ if (enc == 0 || enc == 1)
+ ctx->enc = enc ? 1 : 0;
+ if (key != NULL) {
+ ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ if (iv != NULL) {
+ ret = wc_Sm4SetIV(&ctx->cipher.sm4, iv);
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ }
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ if (ctx->cipherType == SM4_CTR_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CTR))) {
+ WOLFSSL_MSG("EVP_SM4_CTR");
+ ctx->cipherType = SM4_CTR_TYPE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_CTR_MODE;
+ ctx->keyLen = SM4_KEY_SIZE;
+ ctx->block_size = NO_PADDING_BLOCK_SIZE;
+ ctx->ivSz = SM4_BLOCK_SIZE;
+ if (enc == 0 || enc == 1)
+ ctx->enc = enc ? 1 : 0;
+ if (key != NULL) {
+ ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ if (iv != NULL) {
+ ret = wc_Sm4SetIV(&ctx->cipher.sm4, iv);
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ }
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ if (ctx->cipherType == SM4_GCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_GCM))) {
+ WOLFSSL_MSG("EVP_SM4_GCM");
+ ctx->cipherType = SM4_GCM_TYPE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
+ WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+ ctx->block_size = NO_PADDING_BLOCK_SIZE;
+ ctx->keyLen = SM4_KEY_SIZE;
+ if (ctx->ivSz == 0) {
+ ctx->ivSz = GCM_NONCE_MID_SZ;
+ }
+ ctx->authTagSz = SM4_BLOCK_SIZE;
+ if (ctx->authIn) {
+ XFREE(ctx->authIn, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx->authIn = NULL;
+ }
+ ctx->authInSz = 0;
+ if (enc == 0 || enc == 1)
+ ctx->enc = enc ? 1 : 0;
+ if (key != NULL) {
+ ret = wc_Sm4GcmSetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ if (iv != NULL) {
+ XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
+ }
+ }
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ if (ctx->cipherType == SM4_CCM_TYPE ||
+ (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CCM))) {
+ WOLFSSL_MSG("EVP_SM4_CCM");
+ ctx->cipherType = SM4_CCM_TYPE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags |= WOLFSSL_EVP_CIPH_CCM_MODE |
+ WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+ ctx->block_size = NO_PADDING_BLOCK_SIZE;
+ ctx->keyLen = SM4_KEY_SIZE;
+ if (ctx->ivSz == 0) {
+ ctx->ivSz = GCM_NONCE_MID_SZ;
+ }
+ ctx->authTagSz = SM4_BLOCK_SIZE;
+ if (ctx->authIn) {
+ XFREE(ctx->authIn, NULL, DYNAMIC_TYPE_OPENSSL);
+ ctx->authIn = NULL;
+ }
+ ctx->authInSz = 0;
+ if (enc == 0 || enc == 1)
+ ctx->enc = enc ? 1 : 0;
+ if (key != NULL) {
+ ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+ if (ret != 0) {
+ return WOLFSSL_FAILURE;
+ }
+ }
+ if (iv != NULL) {
+ XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
+ }
+ }
+#endif
#ifndef NO_DES3
if (ctx->cipherType == DES_CBC_TYPE ||
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_CBC))) {
WOLFSSL_MSG("EVP_DES_CBC");
ctx->cipherType = DES_CBC_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 8;
ctx->block_size = DES_BLOCK_SIZE;
@@ -6694,7 +7809,7 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_ECB))) {
WOLFSSL_MSG("EVP_DES_ECB");
ctx->cipherType = DES_ECB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 8;
ctx->block_size = DES_BLOCK_SIZE;
@@ -6714,7 +7829,7 @@ void wolfSSL_EVP_init(void)
EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_CBC))) {
WOLFSSL_MSG("EVP_DES_EDE3_CBC");
ctx->cipherType = DES_EDE3_CBC_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_CBC_MODE;
ctx->keyLen = 24;
ctx->block_size = DES_BLOCK_SIZE;
@@ -6739,7 +7854,7 @@ void wolfSSL_EVP_init(void)
EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_ECB))) {
WOLFSSL_MSG("EVP_DES_EDE3_ECB");
ctx->cipherType = DES_EDE3_ECB_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_ECB_MODE;
ctx->keyLen = 24;
ctx->block_size = DES_BLOCK_SIZE;
@@ -6758,13 +7873,13 @@ void wolfSSL_EVP_init(void)
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARC4))) {
WOLFSSL_MSG("ARC4");
ctx->cipherType = ARC4_TYPE;
- ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+ ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
ctx->flags |= WOLFSSL_EVP_CIPH_STREAM_CIPHER;
ctx->block_size = 1;
if (ctx->keyLen == 0) /* user may have already set */
ctx->keyLen = 16; /* default to 128 */
if (key)
- wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
+ wc_Arc4SetKey(&ctx->cipher.arc4, key, (word32)ctx->keyLen);
}
#endif /* NO_RC4 */
if (ctx->cipherType == NULL_CIPHER_TYPE ||
@@ -6839,6 +7954,15 @@ void wolfSSL_EVP_init(void)
#endif /* NO_AES */
+#ifdef HAVE_ARIA
+ case ARIA_128_GCM_TYPE :
+ return NID_aria_128_gcm;
+ case ARIA_192_GCM_TYPE :
+ return NID_aria_192_gcm;
+ case ARIA_256_GCM_TYPE :
+ return NID_aria_256_gcm;
+#endif
+
#ifndef NO_DES3
case DES_CBC_TYPE :
return NID_des_cbc;
@@ -6866,6 +7990,31 @@ void wolfSSL_EVP_init(void)
return NID_chacha20;
#endif
+#ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE:
+ return NID_sm4_ecb;
+#endif
+
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE:
+ return NID_sm4_cbc;
+#endif
+
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE:
+ return NID_sm4_ctr;
+#endif
+
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE:
+ return NID_sm4_gcm;
+#endif
+
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE:
+ return NID_sm4_ccm;
+#endif
+
case NULL_CIPHER_TYPE :
WOLFSSL_ERROR_MSG("Null cipher has no NID");
FALL_THROUGH;
@@ -6956,7 +8105,7 @@ void wolfSSL_EVP_init(void)
return WOLFSSL_FAILURE;
}
- XMEMCPY(iv, ctx->iv, ivLen);
+ XMEMCPY(iv, ctx->iv, (size_t)ivLen);
return WOLFSSL_SUCCESS;
}
@@ -6982,6 +8131,17 @@ void wolfSSL_EVP_init(void)
ctx->cipherType != AES_192_CCM_TYPE &&
ctx->cipherType != AES_256_CCM_TYPE
#endif
+ #ifdef HAVE_ARIA
+ && ctx->cipherType != ARIA_128_GCM_TYPE &&
+ ctx->cipherType != ARIA_192_GCM_TYPE &&
+ ctx->cipherType != ARIA_256_GCM_TYPE
+ #endif
+ #ifdef WOLFSSL_SM4_GCM
+ && ctx->cipherType != SM4_GCM_TYPE
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ && ctx->cipherType != SM4_CCM_TYPE
+ #endif
))) {
WOLFSSL_MSG("Bad argument.");
return WOLFSSL_FATAL_ERROR;
@@ -7006,7 +8166,7 @@ void wolfSSL_EVP_init(void)
else
ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
+ ret = (int)((len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE);
break;
#endif /* HAVE_AES_CBC */
@@ -7021,7 +8181,7 @@ void wolfSSL_EVP_init(void)
else
ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = len;
+ ret = (int)len;
break;
case AES_128_CFB8_TYPE:
case AES_192_CFB8_TYPE:
@@ -7032,7 +8192,7 @@ void wolfSSL_EVP_init(void)
else
ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = len;
+ ret = (int)len;
break;
#endif /* !HAVE_SELFTEST && !HAVE_FIPS */
case AES_128_CFB128_TYPE:
@@ -7044,7 +8204,7 @@ void wolfSSL_EVP_init(void)
else
ret = wc_AesCfbDecrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = len;
+ ret = (int)len;
break;
#endif /* WOLFSSL_AES_CFB */
#if defined(WOLFSSL_AES_OFB)
@@ -7057,23 +8217,23 @@ void wolfSSL_EVP_init(void)
else
ret = wc_AesOfbDecrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = len;
+ ret = (int)len;
break;
#endif /* WOLFSSL_AES_OFB */
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case AES_128_XTS_TYPE:
case AES_256_XTS_TYPE:
WOLFSSL_MSG("AES XTS");
if (ctx->enc)
ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len,
- ctx->iv, ctx->ivSz);
+ ctx->iv, (word32)ctx->ivSz);
else
ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len,
- ctx->iv, ctx->ivSz);
+ ctx->iv, (word32)ctx->ivSz);
if (ret == 0)
- ret = len;
+ ret = (int)len;
break;
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
#if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
|| FIPS_VERSION_GE(2,0))
@@ -7105,7 +8265,7 @@ void wolfSSL_EVP_init(void)
else
ret = wc_AesEcbDecrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
+ ret = (int)((len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE);
break;
#endif
#ifdef WOLFSSL_AES_COUNTER
@@ -7115,11 +8275,31 @@ void wolfSSL_EVP_init(void)
WOLFSSL_MSG("AES CTR");
ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
if (ret == 0)
- ret = len;
+ ret = (int)len;
break;
#endif /* WOLFSSL_AES_COUNTER */
#endif /* NO_AES */
+#if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
+ || FIPS_VERSION_GE(2,0))
+ case ARIA_128_GCM_TYPE :
+ case ARIA_192_GCM_TYPE :
+ case ARIA_256_GCM_TYPE :
+ WOLFSSL_MSG("ARIA GCM");
+ if (ctx->enc) {
+ ret = wc_AriaEncrypt(&ctx->cipher.aria, dst, src, len,
+ ctx->iv, ctx->ivSz, NULL, 0,
+ ctx->authTag, ctx->authTagSz);
+ }
+ else {
+ ret = wc_AriaDecrypt(&ctx->cipher.aria, dst, src, len,
+ ctx->iv, ctx->ivSz, NULL, 0,
+ ctx->authTag, ctx->authTagSz);
+ }
+ break;
+#endif /* HAVE_ARIA&& ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+ * HAVE_FIPS_VERSION >= 2 */
+
#ifndef NO_DES3
case DES_CBC_TYPE :
WOLFSSL_MSG("DES CBC");
@@ -7128,7 +8308,7 @@ void wolfSSL_EVP_init(void)
else
wc_Des_CbcDecrypt(&ctx->cipher.des, dst, src, len);
if (ret == 0)
- ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+ ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
break;
case DES_EDE3_CBC_TYPE :
WOLFSSL_MSG("DES3 CBC");
@@ -7137,20 +8317,20 @@ void wolfSSL_EVP_init(void)
else
ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len);
if (ret == 0)
- ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+ ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
break;
#ifdef WOLFSSL_DES_ECB
case DES_ECB_TYPE :
WOLFSSL_MSG("DES ECB");
ret = wc_Des_EcbEncrypt(&ctx->cipher.des, dst, src, len);
if (ret == 0)
- ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+ ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
break;
case DES_EDE3_ECB_TYPE :
WOLFSSL_MSG("DES3 ECB");
ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, dst, src, len);
if (ret == 0)
- ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+ ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
break;
#endif
#endif /* !NO_DES3 */
@@ -7160,14 +8340,116 @@ void wolfSSL_EVP_init(void)
WOLFSSL_MSG("ARC4");
wc_Arc4Process(&ctx->cipher.arc4, dst, src, len);
if (ret == 0)
- ret = len;
+ ret = (int)len;
+ break;
+#endif
+
+ /* TODO: Chacha??? */
+
+#ifdef WOLFSSL_SM4_ECB
+ case SM4_ECB_TYPE :
+ WOLFSSL_MSG("Sm4 ECB");
+ if (ctx->enc)
+ ret = wc_Sm4EcbEncrypt(&ctx->cipher.sm4, dst, src, len);
+ else
+ ret = wc_Sm4EcbDecrypt(&ctx->cipher.sm4, dst, src, len);
+ if (ret == 0)
+ ret = (int)((len / SM4_BLOCK_SIZE) * SM4_BLOCK_SIZE);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE :
+ WOLFSSL_MSG("Sm4 CBC");
+ if (ctx->enc)
+ ret = wc_Sm4CbcEncrypt(&ctx->cipher.sm4, dst, src, len);
+ else
+ ret = wc_Sm4CbcDecrypt(&ctx->cipher.sm4, dst, src, len);
+ if (ret == 0)
+ ret = (int)((len / SM4_BLOCK_SIZE) * SM4_BLOCK_SIZE);
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE :
+ WOLFSSL_MSG("AES CTR");
+ ret = wc_Sm4CtrEncrypt(&ctx->cipher.sm4, dst, src, len);
+ if (ret == 0)
+ ret = (int)len;
+ break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE :
+ WOLFSSL_MSG("SM4 GCM");
+ /* No destination means only AAD. */
+ if (src != NULL && dst == NULL) {
+ ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, src, len);
+ }
+ else if (src != NULL && dst != NULL) {
+ if (ctx->enc) {
+ ret = wc_Sm4GcmEncrypt(&ctx->cipher.sm4, dst, src,
+ len, ctx->iv, ctx->ivSz, ctx->authTag,
+ ctx->authTagSz, ctx->authIn,
+ ctx->authInSz);
+ }
+ else {
+ ret = wc_Sm4GcmDecrypt(&ctx->cipher.sm4, dst, src,
+ len, ctx->iv, ctx->ivSz, ctx->authTag,
+ ctx->authTagSz, ctx->authIn,
+ ctx->authInSz);
+ }
+ if (ctx->authIncIv) {
+ IncCtr((byte*)ctx->cipher.sm4.iv,
+ ctx->cipher.sm4.nonceSz);
+ ctx->authIncIv = 0;
+ }
+ }
+ break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE :
+ WOLFSSL_MSG("SM4 CCM");
+ /* No destination means only AAD. */
+ if (src != NULL && dst == NULL) {
+ ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, src, len);
+ }
+ else if (src != NULL && dst != NULL) {
+ if (ctx->enc) {
+ ret = wc_Sm4CcmEncrypt(&ctx->cipher.sm4, dst, src,
+ len, ctx->iv, ctx->ivSz, ctx->authTag,
+ ctx->authTagSz, ctx->authIn,
+ ctx->authInSz);
+ }
+ else {
+ ret = wc_Sm4CcmDecrypt(&ctx->cipher.sm4, dst, src,
+ len, ctx->iv, ctx->ivSz, ctx->authTag,
+ ctx->authTagSz, ctx->authIn,
+ ctx->authInSz);
+ }
+ if (ctx->authIncIv) {
+ IncCtr((byte*)ctx->cipher.sm4.iv,
+ ctx->cipher.sm4.nonceSz);
+ ctx->authIncIv = 0;
+ }
+ }
+ if (src == NULL) {
+ /*
+ * Clear any leftover AAD on final (final is when src is
+ * NULL).
+ */
+ if (ctx->authIn != NULL) {
+ XMEMSET(ctx->authIn, 0, (size_t)ctx->authInSz);
+ }
+ ctx->authInSz = 0;
+ }
+ if (ret == 0) {
+ ret = (int)len;
+ }
break;
#endif
case NULL_CIPHER_TYPE :
WOLFSSL_MSG("NULL CIPHER");
- XMEMCPY(dst, src, len);
- ret = len;
+ XMEMCPY(dst, src, (size_t)len);
+ ret = (int)len;
break;
default: {
@@ -7253,7 +8535,7 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
derSz = ret;
#ifdef HAVE_PKCS8
if (key->pkcs8HeaderSz) {
- ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, NULL, derSz,
+ ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, NULL, (word32)derSz,
RSAk, NULL, 0);
if (ret == LENGTH_ONLY_E)
ret = 0;
@@ -7273,14 +8555,14 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
}
#ifdef WOLFSSL_NO_REALLOC
- derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
+ derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap, DYNAMIC_TYPE_DER);
if (derBuf != NULL) {
- XMEMCPY(derBuf, pkey->pkey.ptr, pkey->pkey_sz);
+ XMEMCPY(derBuf, pkey->pkey.ptr, (size_t)pkey->pkey_sz);
XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_DER);
pkey->pkey.ptr = NULL;
}
#else
- derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz,
+ derBuf = (byte*)XREALLOC(pkey->pkey.ptr, (size_t)derSz,
pkey->heap, DYNAMIC_TYPE_DER);
#endif
if (derBuf == NULL) {
@@ -7292,33 +8574,35 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
pkey->pkey.ptr = (char*)derBuf;
if (rsa->type == RSA_PRIVATE) {
- ret = wc_RsaKeyToDer(rsa, derBuf, derSz);
+ ret = wc_RsaKeyToDer(rsa, derBuf, (word32)derSz);
if (ret > 0) {
derSz = ret;
#ifdef HAVE_PKCS8
if (key->pkcs8HeaderSz) {
byte* keyBuf = derBuf;
int keySz = derSz;
- derSz = pkcs8Sz;
+ word32 sz = pkcs8Sz;
/* Need new buffer for PKCS8 since we can't
* do this in-place */
- derBuf = (byte*)XMALLOC(pkcs8Sz, pkey->heap,
+ derBuf = (byte*)XMALLOC((size_t)pkcs8Sz, pkey->heap,
DYNAMIC_TYPE_DER);
if (derBuf != NULL) {
- ret = wc_CreatePKCS8Key(derBuf, (word32*)&derSz, keyBuf,
- keySz, RSAk, NULL, 0);
+ ret = wc_CreatePKCS8Key(derBuf, &sz, keyBuf, (word32)keySz,
+ RSAk, NULL, 0);
XFREE(keyBuf, pkey->heap, DYNAMIC_TYPE_DER);
pkey->pkey.ptr = (char*)derBuf;
}
- else
+ else {
ret = MEMORY_E;
+ }
+ derSz = (int)sz;
}
#endif
}
}
else {
/* Public key to DER */
- ret = wc_RsaKeyToPublicDer(rsa, derBuf, derSz);
+ ret = wc_RsaKeyToPublicDer(rsa, derBuf, (word32)derSz);
if (ret > 0)
derSz = ret;
}
@@ -7433,7 +8717,8 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
/* 4 > size of pub, priv, p, q, g + ASN.1 additional information */
derMax = 4 * wolfSSL_BN_num_bytes(key->g) + AES_BLOCK_SIZE;
- derBuf = (byte*)XMALLOC(derMax, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ derBuf = (byte*)XMALLOC((size_t)derMax, pkey->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
if (derBuf == NULL) {
WOLFSSL_MSG("malloc failed");
return WOLFSSL_FAILURE;
@@ -7441,11 +8726,11 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
if (dsa->type == DSA_PRIVATE) {
/* Private key to DER */
- derSz = wc_DsaKeyToDer(dsa, derBuf, derMax);
+ derSz = wc_DsaKeyToDer(dsa, derBuf, (word32)derMax);
}
else {
/* Public key to DER */
- derSz = wc_DsaKeyToPublicDer(dsa, derBuf, derMax);
+ derSz = wc_DsaKeyToPublicDer(dsa, derBuf, (word32)derMax);
}
if (derSz < 0) {
@@ -7459,14 +8744,15 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
return WOLFSSL_FAILURE;
}
- pkey->pkey.ptr = (char*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
+ pkey->pkey.ptr = (char*)XMALLOC((size_t)derSz, pkey->heap,
+ DYNAMIC_TYPE_DER);
if (pkey->pkey.ptr == NULL) {
WOLFSSL_MSG("key malloc failed");
XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
pkey->pkey_sz = derSz;
- XMEMCPY(pkey->pkey.ptr, derBuf, derSz);
+ XMEMCPY(pkey->pkey.ptr, derBuf, (size_t)derSz);
XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_SUCCESS;
@@ -7630,7 +8916,7 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
return WOLFSSL_FAILURE;
}
- derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (derBuf == NULL) {
WOLFSSL_MSG("malloc failed");
return WOLFSSL_FAILURE;
@@ -7653,7 +8939,7 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
/* Store DH key into pkey (DER format) */
pkey->pkey.ptr = (char*)derBuf;
- pkey->pkey_sz = derSz;
+ pkey->pkey_sz = (int)derSz;
return WOLFSSL_SUCCESS;
}
@@ -7769,7 +9055,8 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
if (key->pkcs8HeaderSz) {
/* when key has pkcs8 header the pkey should too */
if (wc_EccKeyToPKCS8(ecc, NULL, (word32*)&derSz) == LENGTH_ONLY_E) {
- derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL);
+ derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap,
+ DYNAMIC_TYPE_OPENSSL);
if (derBuf) {
if (wc_EccKeyToPKCS8(ecc, derBuf, (word32*)&derSz) >= 0) {
if (pkey->pkey.ptr) {
@@ -7798,9 +9085,10 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
/* if not, the pkey will be traditional ecc key */
if ((derSz = wc_EccKeyDerSize(ecc, 1)) > 0) {
- derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL);
+ derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap,
+ DYNAMIC_TYPE_OPENSSL);
if (derBuf) {
- if (wc_EccKeyToDer(ecc, derBuf, derSz) >= 0) {
+ if (wc_EccKeyToDer(ecc, derBuf, (word32)derSz) >= 0) {
if (pkey->pkey.ptr) {
XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_OPENSSL);
}
@@ -7817,12 +9105,13 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
}
}
else if (ecc->type == ECC_PUBLICKEY) {
- if ((derSz = (word32)wc_EccPublicKeyDerSize(ecc, 1)) > 0) {
- derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz, NULL,
+ if ((derSz = wc_EccPublicKeyDerSize(ecc, 1)) > 0) {
+ derBuf = (byte*)XREALLOC(pkey->pkey.ptr, (size_t)derSz, NULL,
DYNAMIC_TYPE_OPENSSL);
if (derBuf != NULL) {
pkey->pkey.ptr = (char*)derBuf;
- if ((derSz = wc_EccPublicKeyToDer(ecc, derBuf, derSz, 1)) < 0) {
+ if ((derSz = wc_EccPublicKeyToDer(ecc, derBuf, (word32)derSz,
+ 1)) < 0) {
XFREE(derBuf, NULL, DYNAMIC_TYPE_OPENSSL);
derBuf = NULL;
}
@@ -7946,6 +9235,11 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
{
WOLFSSL_MSG("wolfSSL_EVP_CIPHER_CTX_iv_length");
+ if (ctx == NULL) {
+ WOLFSSL_MSG("No context");
+ return 0;
+ }
+
switch (ctx->cipherType) {
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
@@ -8025,12 +9319,22 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
WOLFSSL_MSG("AES OFB");
return AES_BLOCK_SIZE;
#endif /* WOLFSSL_AES_OFB */
-#ifdef WOLFSSL_AES_XTS
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
case AES_128_XTS_TYPE:
case AES_256_XTS_TYPE:
WOLFSSL_MSG("AES XTS");
return AES_BLOCK_SIZE;
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
+#ifdef HAVE_ARIA
+ case ARIA_128_GCM_TYPE :
+ case ARIA_192_GCM_TYPE :
+ case ARIA_256_GCM_TYPE :
+ WOLFSSL_MSG("ARIA GCM");
+ if (ctx->ivSz != 0) {
+ return ctx->ivSz;
+ }
+ return GCM_NONCE_MID_SZ;
+#endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
case CHACHA20_POLY1305_TYPE:
WOLFSSL_MSG("CHACHA20 POLY1305");
@@ -8041,6 +9345,32 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
WOLFSSL_MSG("CHACHA20");
return WOLFSSL_EVP_CHACHA_IV_BYTES;
#endif /* HAVE_CHACHA */
+#ifdef WOLFSSL_SM4_CBC
+ case SM4_CBC_TYPE :
+ WOLFSSL_MSG("SM4 CBC");
+ return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ case SM4_CTR_TYPE :
+ WOLFSSL_MSG("SM4 CTR");
+ return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ case SM4_GCM_TYPE :
+ WOLFSSL_MSG("SM4 GCM");
+ if (ctx->ivSz != 0) {
+ return ctx->ivSz;
+ }
+ return GCM_NONCE_MID_SZ;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ case SM4_CCM_TYPE :
+ WOLFSSL_MSG("SM4 CCM");
+ if (ctx->ivSz != 0) {
+ return ctx->ivSz;
+ }
+ return CCM_NONCE_MIN_SZ;
+#endif
case NULL_CIPHER_TYPE :
WOLFSSL_MSG("NULL");
@@ -8118,7 +9448,7 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
return AES_BLOCK_SIZE;
#endif
#endif
-#ifdef WOLFSSL_AES_XTS
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
if (XSTRCMP(name, EVP_AES_128_XTS) == 0)
return AES_BLOCK_SIZE;
@@ -8128,9 +9458,17 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
if (XSTRCMP(name, EVP_AES_256_XTS) == 0)
return AES_BLOCK_SIZE;
#endif /* WOLFSSL_AES_256 */
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
#endif
+#ifdef HAVE_ARIA
+ if (XSTRCMP(name, EVP_ARIA_128_GCM) == 0)
+ return GCM_NONCE_MID_SZ;
+ if (XSTRCMP(name, EVP_ARIA_192_GCM) == 0)
+ return GCM_NONCE_MID_SZ;
+ if (XSTRCMP(name, EVP_ARIA_256_GCM) == 0)
+ return GCM_NONCE_MID_SZ;
+#endif /* HAVE_ARIA */
#ifndef NO_DES3
if ((XSTRCMP(name, EVP_DES_CBC) == 0) ||
@@ -8149,6 +9487,23 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
return WOLFSSL_EVP_CHACHA_IV_BYTES;
#endif
+#ifdef WOLFSSL_SM4_CBC
+ if (XSTRCMP(name, EVP_SM4_CBC) == 0)
+ return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ if (XSTRCMP(name, EVP_SM4_CTR) == 0)
+ return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ if (XSTRCMP(name, EVP_SM4_GCM) == 0)
+ return GCM_NONCE_MID_SZ;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ if (XSTRCMP(name, EVP_SM4_CCM) == 0)
+ return CCM_NONCE_MIN_SZ;
+#endif
+
(void)name;
return 0;
@@ -8297,9 +9652,10 @@ int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key)
RsaKey* rsa = (RsaKey*)key->internal;
int ret = wc_RsaKeyToDer(rsa, NULL, 0);
if (ret > 0) {
- int derSz = ret;
- byte* derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (derBuf) {
+ word32 derSz = (word32)ret;
+ byte* derBuf = (byte*)XMALLOC((size_t)derSz, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (derBuf != NULL) {
ret = wc_RsaKeyToDer(rsa, derBuf, derSz);
if (ret >= 0) {
pkey->pkey_sz = ret;
@@ -8392,12 +9748,13 @@ int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
if (err != WOLFSSL_SUCCESS)
return err;
- if (wc_Hash((enum wc_HashType)hashType, in, inSz, out, hashSz) != 0) {
+ if (wc_Hash((enum wc_HashType)hashType, in, (word32)inSz, out,
+ (word32)hashSz) != 0) {
return WOLFSSL_FAILURE;
}
if (outSz != NULL)
- *outSz = hashSz;
+ *outSz = (unsigned int)hashSz;
(void)eng;
return WOLFSSL_SUCCESS;
@@ -8650,13 +10007,20 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+ const WOLFSSL_EVP_MD* wolfSSL_EVP_sm3(void)
+ {
+ WOLFSSL_ENTER("EVP_sm3");
+ return EVP_get_digestbyname("SM3");
+ }
+#endif /* WOLFSSL_SM3 */
WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new(void)
{
WOLFSSL_EVP_MD_CTX* ctx;
WOLFSSL_ENTER("EVP_MD_CTX_new");
- ctx = (WOLFSSL_EVP_MD_CTX*)XMALLOC(sizeof *ctx, NULL,
+ ctx = (WOLFSSL_EVP_MD_CTX*)XMALLOC(sizeof(*ctx), NULL,
DYNAMIC_TYPE_OPENSSL);
if (ctx){
wolfSSL_EVP_MD_CTX_init(ctx);
@@ -8913,6 +10277,11 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
wc_Sha3_512_Free((wc_Sha3*)&ctx->hash.digest);
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ wc_Sm3Free(&ctx->hash.digest.sm3);
+ break;
+ #endif
case WC_HASH_TYPE_NONE:
/* Not an error since an unused struct could be free'd or
* reset. */
@@ -9032,6 +10401,17 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
} else
#endif
#endif
+ #ifdef WOLFSSL_SM3
+ if (XSTRCMP(md, "SM3") == 0) {
+ ret = wc_InitSm3(&ctx->hash.digest.sm3, NULL, INVALID_DEVID);
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ }
+ } else
+ #endif
{
ctx->macType = WC_HASH_TYPE_NONE;
return BAD_FUNC_ARG;
@@ -9139,6 +10519,17 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
(unsigned long)sz);
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3Update(&ctx->hash.digest.sm3, data, (word32)sz);
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ }
+ break;
+ #endif
case WC_HASH_TYPE_NONE:
case WC_HASH_TYPE_MD2:
case WC_HASH_TYPE_MD5_SHA:
@@ -9252,6 +10643,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
if (s) *s = WC_SHA3_512_DIGEST_SIZE;
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3Final(&ctx->hash.digest.sm3, md);
+ if (ret == 0) {
+ ret = WOLFSSL_SUCCESS;
+ }
+ else {
+ ret = WOLFSSL_FAILURE;
+ }
+ if (s) *s = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif
case WC_HASH_TYPE_NONE:
case WC_HASH_TYPE_MD2:
case WC_HASH_TYPE_MD5_SHA:
@@ -9312,6 +10715,10 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id)
case NID_sha512:
return wolfSSL_EVP_sha512();
#endif
+#ifdef WOLFSSL_SM3
+ case NID_sm3:
+ return wolfSSL_EVP_sm3();
+#endif
default:
WOLFSSL_MSG("Bad digest id value");
}
@@ -9384,6 +10791,11 @@ int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type)
}
#endif
#endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+ if (XSTRCMP(type, "SM3") == 0) {
+ return WC_SM3_BLOCK_SIZE;
+ } else
+#endif
return BAD_FUNC_ARG;
}
@@ -9461,9 +10873,14 @@ int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type)
#ifndef WOLFSSL_NOSHA3_512
if (XSTRCMP(type, "SHA3_512") == 0) {
return WC_SHA3_512_DIGEST_SIZE;
- }
+ } else
#endif
#endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+ if (XSTRCMP(type, "SM3") == 0) {
+ return WC_SM3_DIGEST_SIZE;
+ }
+#endif
return BAD_FUNC_ARG;
}
@@ -9796,7 +11213,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
int wsz;
/* parse key to get modulus and exponent */
- if (wc_RsaPublicKeyDecode_ex(pkey, &inOutIdx, pkeySz,
+ if (wc_RsaPublicKeyDecode_ex(pkey, &inOutIdx, (word32)pkeySz,
&n, &nSz, &e, &eSz) != 0) {
break;
}
@@ -9809,7 +11226,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
- if (mp_set_int(a, bitlen) != 0) {
+ if (mp_set_int(a, (unsigned long)bitlen) != 0) {
break;
}
if (mp_todecimal(a, (char*)buff) != 0) {
@@ -9837,7 +11254,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
nSz++;
}
- if (PrintHexWithColon(out, n, nSz,
+ if (PrintHexWithColon(out, n, (int)nSz,
indent + 4, 1/* lower case */) != WOLFSSL_SUCCESS) {
break;
}
@@ -9972,7 +11389,7 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
}
if (res == WOLFSSL_SUCCESS) {
- res = wc_EccPublicKeyDecode(pkey, &inOutIdx, key, pkeySz) == 0;
+ res = wc_EccPublicKeyDecode(pkey, &inOutIdx, key, (word32)pkeySz) == 0;
}
if (res == WOLFSSL_SUCCESS) {
@@ -10016,7 +11433,7 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
res = wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) > 0;
}
if (res == WOLFSSL_SUCCESS) {
- res = mp_set_int(a, bitlen) == 0;
+ res = mp_set_int(a, (unsigned long)bitlen) == 0;
}
if (res == WOLFSSL_SUCCESS) {
res = mp_todecimal(a, (char*)buff) == 0;
@@ -10040,7 +11457,8 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
res = wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) > 0;
}
if (res == WOLFSSL_SUCCESS) {
- res = PrintHexWithColon(out, pub, pubSz, indent + 4, 0/* upper case */);
+ /* upper case */
+ res = PrintHexWithColon(out, pub, (int)pubSz, indent + 4, 0);
}
if (res == WOLFSSL_SUCCESS) {
res = Indent(out, indent) >= 0;
@@ -10148,26 +11566,27 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
int idx;
int wsz;
- if (GetSequence(pkey, &inOutIdx, &length, pkeySz) < 0) {
+ if (GetSequence(pkey, &inOutIdx, &length, (word32)pkeySz) < 0) {
break;
}
- if (GetSequence(pkey, &inOutIdx, &length, pkeySz) < 0) {
+ if (GetSequence(pkey, &inOutIdx, &length, (word32)pkeySz) < 0) {
break;
}
- if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, pkeySz) != 0) {
+ if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, (word32)pkeySz) !=
+ 0) {
break;
}
- if (GetSequence(pkey, &inOutIdx, &length, pkeySz) < 0) {
+ if (GetSequence(pkey, &inOutIdx, &length, (word32)pkeySz) < 0) {
break;
}
/* find P */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
break;
}
p = (byte*)(pkey + inOutIdx);
@@ -10182,53 +11601,53 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
}
}
- inOutIdx += length;
+ inOutIdx += (word32)length;
/* find Q */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
break;
}
q = (byte*)(pkey + inOutIdx);
qSz = length;
- inOutIdx += length;
+ inOutIdx += (word32)length;
/* find G */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
break;
}
g = (byte*)(pkey + inOutIdx);
gSz = length;
- inOutIdx += length;
+ inOutIdx += (word32)length;
/* find Y */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_BIT_STRING) {
break;
}
- if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
break;
}
inOutIdx++; /* skip the first byte( unused byte number)*/
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
break;
}
y = (byte*)(pkey + inOutIdx);
@@ -10241,7 +11660,7 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
- if (mp_set_int(a, bitlen) != 0) {
+ if (mp_set_int(a, (unsigned long)bitlen) != 0) {
break;
}
if (mp_todecimal(a, (char*)buff) != 0) {
@@ -10371,40 +11790,41 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
int idx;
int wsz;
- if (GetSequence(pkey, &inOutIdx, (int*)&length, pkeySz) < 0) {
+ if (GetSequence(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) < 0) {
break;
}
- if (GetSequence(pkey, &inOutIdx, (int*)&length, pkeySz) < 0) {
+ if (GetSequence(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) < 0) {
break;
}
- if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, pkeySz) < 0) {
+ if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, (word32)pkeySz) <
+ 0) {
break;
}
- if (GetSequence(pkey, &inOutIdx, (int*)&length, pkeySz) < 0) {
+ if (GetSequence(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) < 0) {
break;
}
/* get prime element */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
break;
}
prime = (byte*)(pkey + inOutIdx);
- primeSz = length;
+ primeSz = (int)length;
inOutIdx += length;
/* get generator element */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
break;
}
if (length != 1) {
@@ -10414,26 +11834,26 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
inOutIdx += length;
/* get public-key element */
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_BIT_STRING) {
break;
}
- if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
break;
}
inOutIdx ++;
- if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+ if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
break;
}
if (tagFound != ASN_INTEGER) {
break;
}
- if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+ if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
break;
}
- publicKeySz = length;
+ publicKeySz = (int)length;
publicKey = (byte*)(pkey + inOutIdx);
if (bitlen == 0) {
@@ -10452,7 +11872,7 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
- if (mp_set_int(a, bitlen) != 0) {
+ if (mp_set_int(a, (unsigned long)bitlen) != 0) {
break;
}
if (mp_todecimal(a, (char*)buff) != 0) {
@@ -10714,6 +12134,11 @@ int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
} else
#endif
#endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+ if (XSTRCMP("SM3", evp) == 0) {
+ hash = WC_HASH_TYPE_SM3;
+ } else
+#endif
#ifdef WOLFSSL_MD2
if (XSTRCMP("MD2", evp) == 0) {
hash = WC_HASH_TYPE_MD2;
@@ -10760,7 +12185,7 @@ struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new(void)
{
WOLFSSL_EVP_ENCODE_CTX* ctx = NULL;
WOLFSSL_ENTER("wolfSSL_EVP_ENCODE_CTX_new");
- ctx = (WOLFSSL_EVP_ENCODE_CTX*)XMALLOC( sizeof(WOLFSSL_EVP_ENCODE_CTX),
+ ctx = (WOLFSSL_EVP_ENCODE_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_ENCODE_CTX),
NULL, DYNAMIC_TYPE_OPENSSL );
if (ctx != NULL) {
@@ -10792,7 +12217,7 @@ int wolfSSL_EVP_EncodeBlock(unsigned char *out, const unsigned char *in,
if (out == NULL || in == NULL)
return WOLFSSL_FATAL_ERROR;
- if (Base64_Encode(in, inLen, out, &ret) == 0)
+ if (Base64_Encode_NoNl(in, (word32)inLen, out, &ret) == 0)
return (int)ret;
else
return WOLFSSL_FATAL_ERROR;
@@ -10808,7 +12233,7 @@ int wolfSSL_EVP_DecodeBlock(unsigned char *out, const unsigned char *in,
if (out == NULL || in == NULL)
return WOLFSSL_FATAL_ERROR;
- if (Base64_Decode(in, inLen, out, &ret) == 0)
+ if (Base64_Decode(in, (word32)inLen, out, &ret) == 0)
return (int)ret;
else
return WOLFSSL_FATAL_ERROR;
@@ -10851,8 +12276,9 @@ int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
* to create a block(48bytes) for encoding
*/
if (ctx->remaining > 0 && inl > 0) {
- int cpysz = min((BASE64_ENCODE_BLOCK_SIZE - ctx->remaining), inl);
- XMEMCPY(ctx->data + ctx->remaining, in, cpysz);
+ int cpysz = (int)min(
+ (word32)(BASE64_ENCODE_BLOCK_SIZE - ctx->remaining), (word32)inl);
+ XMEMCPY(ctx->data + ctx->remaining, in, (size_t)cpysz);
ctx->remaining += cpysz;
in += cpysz;
inl -= cpysz;
@@ -10862,10 +12288,10 @@ int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
/* Base64_Encode asks the out buff size via the 4th param*/
outsz = BASE64_ENCODE_RESULT_BLOCK_SIZE + 1;
res = Base64_Encode(ctx->data, BASE64_ENCODE_BLOCK_SIZE, out,
- &outsz);
+ &outsz);
if (res == 0) {
ctx->remaining = 0;
- *outl = outsz;
+ *outl = (int)outsz;
}
else
return 0; /* return with error */
@@ -10887,7 +12313,7 @@ int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
in += BASE64_ENCODE_BLOCK_SIZE;
inl -= BASE64_ENCODE_BLOCK_SIZE;
out += outsz;
- *outl += outsz;
+ *outl += (int)outsz;
}
else {
*outl = 0;
@@ -10898,7 +12324,7 @@ int wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
/* if remaining data exists, copy them into ctx for the next call*/
if (inl > 0) {
XMEMSET(ctx->data, 0, sizeof(ctx->data));
- XMEMCPY(ctx->data, in, inl);
+ XMEMCPY(ctx->data, in, (size_t)inl);
ctx->remaining = inl;
}
@@ -10927,9 +12353,9 @@ void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
}
/* process remaining data in ctx */
outsz = BASE64_ENCODE_RESULT_BLOCK_SIZE + 1; /* 64 byte and one for LF*/
- res = Base64_Encode(ctx->data, ctx->remaining ,out, &outsz);
+ res = Base64_Encode(ctx->data, (word32)ctx->remaining, out, &outsz);
if (res == 0)
- *outl = outsz;
+ *outl = (int)outsz;
else
*outl = 0;
@@ -10989,14 +12415,15 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
return 1;
}
- inLen = inl;
+ inLen = (word32)inl;
*outl = 0;
/* if the remaining data exist in the ctx, add input data to them to create
a block(4bytes) for decoding*/
- if ( ctx->remaining > 0 && inl > 0) {
+ if (ctx->remaining > 0 && inl > 0) {
- int cpySz = min((BASE64_DECODE_BLOCK_SIZE - ctx->remaining), inl);
+ int cpySz = (int)min(
+ (word32)(BASE64_DECODE_BLOCK_SIZE - ctx->remaining), (word32)inl);
for ( i = 0; cpySz > 0 && inLen > 0; i++) {
if (Base64_SkipNewline(in, &inLen, &j) == ASN_INPUT_E) {
@@ -11015,7 +12442,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
outsz = sizeof(ctx->data);
res = Base64_Decode( ctx->data, BASE64_DECODE_BLOCK_SIZE, out, &outsz);
if (res == 0) {
- *outl += outsz;
+ *outl += (int)outsz;
out += outsz;
ctx->remaining = 0;
@@ -11111,7 +12538,7 @@ int wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
return -1;
}
- *outl += outsz;
+ *outl += (int)outsz;
out += outsz;
}
/* copy left data to ctx */
@@ -11179,7 +12606,7 @@ int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
if (ctx->remaining > 0) {
int res;
- inLen = ctx->remaining;
+ inLen = (word32)ctx->remaining;
if ((res = Base64_SkipNewline(ctx->data, &inLen, &j)) != 0) {
*outl = 0;
if (res == BUFFER_E) /* means no valid data to decode in buffer */
@@ -11189,10 +12616,10 @@ int wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
}
- outsz = ctx->remaining;
- res = Base64_Decode(ctx->data, ctx->remaining, out, &outsz);
+ outsz = (word32)ctx->remaining;
+ res = Base64_Decode(ctx->data, (word32)ctx->remaining, out, &outsz);
if (res == 0) {
- *outl = outsz;
+ *outl = (int)outsz;
return 1;
}
else {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c
index 3246de0f..834d9890 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c
@@ -548,7 +548,7 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss,
* @param [in] in Buffer holding encoded key.
* @param [in] len Length of data in buffer.
* @return 0 on success.
- * @return BAD_FUNC_ARG when key ot in is NULL.
+ * @return BAD_FUNC_ARG when key or in is NULL.
* @return NOT_COMPILED_IN when key type is not supported.
* @return BUFFER_E when len is not the correct size.
*/
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c
new file mode 100644
index 00000000..a5155076
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c
@@ -0,0 +1,972 @@
+/* ext_lms.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/logging.h>
+
+#ifdef WOLFSSL_HAVE_LMS
+#include <wolfssl/wolfcrypt/ext_lms.h>
+
+#ifdef NO_INLINE
+ #include <wolfssl/wolfcrypt/misc.h>
+#else
+ #define WOLFSSL_MISC_INCLUDED
+ #include <wolfcrypt/src/misc.c>
+#endif
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+/* If built against hss_lib_thread.a, the hash-sigs lib will spawn
+ * worker threads to parallelize cpu intensive tasks. This will mainly
+ * speedup key generation and signing, and to a lesser extent
+ * verifying for larger levels values.
+ *
+ * Their default max is 16 worker threads, but can be capped with
+ * hss_extra_info_set_threads(). To be safe we are capping at 4 here.
+ * */
+#define EXT_LMS_MAX_THREADS (4)
+
+/* The hash-sigs hss_generate_private_key API requires a generate_random
+ * callback that only has output and length args. The RNG struct must be global
+ * to the function. Maybe there should be a wc_LmsKey_SetRngCb. */
+static THREAD_LS_T WC_RNG * LmsRng = NULL;
+
+static bool LmsGenerateRand(void * output, size_t length)
+{
+ int ret = 0;
+
+ if (output == NULL || LmsRng == NULL) {
+ return false;
+ }
+
+ if (length == 0) {
+ return true;
+ }
+
+ ret = wc_RNG_GenerateBlock(LmsRng, output, (word32) length);
+
+ if (ret) {
+ WOLFSSL_MSG("error: LmsGenerateRand failed");
+ return false;
+ }
+
+ return true;
+}
+
+/* Write callback passed into hash-sigs hss lib.
+ *
+ * Returns true on success. */
+static bool LmsWritePrivKey(unsigned char *private_key,
+ size_t len_private_key, void *lmsKey)
+{
+ LmsKey * key = (LmsKey *) lmsKey;
+ enum wc_LmsRc ret = WC_LMS_RC_NONE;
+
+ if (private_key == NULL || key == NULL || len_private_key <= 0) {
+ WOLFSSL_MSG("error: LmsWritePrivKey: invalid args");
+ return false;
+ }
+
+ if (key->state != WC_LMS_STATE_PARMSET && key->state != WC_LMS_STATE_OK) {
+ /* The LmsKey is not ready for writing. */
+ WOLFSSL_MSG("error: LmsWritePrivKey: LMS key not in writeable state");
+ return false;
+ }
+
+ if (key->write_private_key == NULL) {
+ WOLFSSL_MSG("error: LmsWritePrivKey: LMS key write callback not set");
+ key->state = WC_LMS_STATE_BAD;
+ return false;
+ }
+
+ /* Use write callback that saves private key to non-volatile storage. */
+ ret = key->write_private_key(private_key, (word32)len_private_key,
+ key->context);
+
+ if (ret != WC_LMS_RC_SAVED_TO_NV_MEMORY) {
+ WOLFSSL_MSG("error: LmsKey write_private_key failed");
+ WOLFSSL_MSG(wc_LmsKey_RcToStr(ret));
+ key->state = WC_LMS_STATE_BAD;
+ return false;
+ }
+
+ return true;
+}
+
+/* Read callback passed into hash-sigs hss lib.
+ *
+ * Returns true on success. */
+static bool LmsReadPrivKey(unsigned char *private_key,
+ size_t len_private_key, void *lmsKey)
+{
+ LmsKey * key = (LmsKey *) lmsKey;
+ enum wc_LmsRc ret = WC_LMS_RC_NONE;
+
+ if (private_key == NULL || key == NULL || len_private_key <= 0) {
+ WOLFSSL_MSG("error: LmsReadPrivKey: invalid args");
+ return false;
+ }
+
+ if (key->state != WC_LMS_STATE_PARMSET && key->state != WC_LMS_STATE_OK) {
+ /* The LmsKey is not ready for reading. */
+ WOLFSSL_MSG("error: LmsReadPrivKey: LMS key not in readable state");
+ return false;
+ }
+
+ if (key->read_private_key == NULL) {
+ WOLFSSL_MSG("error: LmsReadPrivKey: LMS key read callback not set");
+ key->state = WC_LMS_STATE_BAD;
+ return false;
+ }
+
+ /* Use read callback that reads private key from non-volatile storage. */
+ ret = key->read_private_key(private_key, (word32)len_private_key,
+ key->context);
+
+ if (ret != WC_LMS_RC_READ_TO_MEMORY) {
+ WOLFSSL_MSG("error: LmsKey read_private_key failed");
+ WOLFSSL_MSG(wc_LmsKey_RcToStr(ret));
+ key->state = WC_LMS_STATE_BAD;
+ return false;
+ }
+
+ return true;
+}
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+
+const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm)
+{
+ switch (lmsParm) {
+ case WC_LMS_PARM_NONE:
+ return "LMS_NONE";
+
+ case WC_LMS_PARM_L1_H15_W2:
+ return "LMS/HSS L1_H15_W2";
+
+ case WC_LMS_PARM_L1_H15_W4:
+ return "LMS/HSS L1_H15_W4";
+
+ case WC_LMS_PARM_L2_H10_W2:
+ return "LMS/HSS L2_H10_W2";
+
+ case WC_LMS_PARM_L2_H10_W4:
+ return "LMS/HSS L2_H10_W4";
+
+ case WC_LMS_PARM_L2_H10_W8:
+ return "LMS/HSS L2_H10_W8";
+
+ case WC_LMS_PARM_L3_H5_W2:
+ return "LMS/HSS L3_H5_W2";
+
+ case WC_LMS_PARM_L3_H5_W4:
+ return "LMS/HSS L3_H5_W4";
+
+ case WC_LMS_PARM_L3_H5_W8:
+ return "LMS/HSS L3_H5_W8";
+
+ case WC_LMS_PARM_L3_H10_W4:
+ return "LMS/HSS L3_H10_W4";
+
+ case WC_LMS_PARM_L4_H5_W8:
+ return "LMS/HSS L4_H5_W8";
+
+ default:
+ WOLFSSL_MSG("error: invalid LMS parameter");
+ break;
+ }
+
+ return "LMS_INVALID";
+}
+
+const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsEc)
+{
+ switch (lmsEc) {
+ case WC_LMS_RC_NONE:
+ return "LMS_RC_NONE";
+
+ case WC_LMS_RC_BAD_ARG:
+ return "LMS_RC_BAD_ARG";
+
+ case WC_LMS_RC_WRITE_FAIL:
+ return "LMS_RC_WRITE_FAIL";
+
+ case WC_LMS_RC_READ_FAIL:
+ return "LMS_RC_READ_FAIL";
+
+ case WC_LMS_RC_SAVED_TO_NV_MEMORY:
+ return "LMS_RC_SAVED_TO_NV_MEMORY";
+
+ case WC_LMS_RC_READ_TO_MEMORY:
+ return "LMS_RC_READ_TO_MEMORY";
+
+ default:
+ WOLFSSL_MSG("error: invalid LMS error code");
+ break;
+ }
+
+ return "LMS_RC_INVALID";
+}
+
+/* Init an LMS key.
+ *
+ * Call this before setting the params of an LMS key.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_Init(LmsKey * key, void * heap, int devId)
+{
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ (void) heap;
+ (void) devId;
+
+ ForceZero(key, sizeof(LmsKey));
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+ hss_init_extra_info(&key->info);
+ /* Set the max number of worker threads that hash-sigs can spawn. */
+ hss_extra_info_set_threads(&key->info, EXT_LMS_MAX_THREADS);
+
+ key->working_key = NULL;
+ key->write_private_key = NULL;
+ key->read_private_key = NULL;
+ key->context = NULL;
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+ key->state = WC_LMS_STATE_INITED;
+
+ return 0;
+}
+
+/* Set the wc_LmsParm of an LMS key.
+ *
+ * Use this if you wish to set a key with a predefined parameter set,
+ * such as WC_LMS_PARM_L2_H10_W8.
+ *
+ * Key must be inited before calling this.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetLmsParm(LmsKey * key, enum wc_LmsParm lmsParm)
+{
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* If NONE is passed, default to the lowest predefined set. */
+ switch (lmsParm) {
+ case WC_LMS_PARM_NONE:
+ case WC_LMS_PARM_L1_H15_W2:
+ return wc_LmsKey_SetParameters(key, 1, 15, 2);
+
+ case WC_LMS_PARM_L1_H15_W4:
+ return wc_LmsKey_SetParameters(key, 1, 15, 4);
+
+ case WC_LMS_PARM_L2_H10_W2:
+ return wc_LmsKey_SetParameters(key, 2, 10, 2);
+
+ case WC_LMS_PARM_L2_H10_W4:
+ return wc_LmsKey_SetParameters(key, 2, 10, 4);
+
+ case WC_LMS_PARM_L2_H10_W8:
+ return wc_LmsKey_SetParameters(key, 2, 10, 8);
+
+ case WC_LMS_PARM_L3_H5_W2:
+ return wc_LmsKey_SetParameters(key, 3, 5, 2);
+
+ case WC_LMS_PARM_L3_H5_W4:
+ return wc_LmsKey_SetParameters(key, 3, 5, 4);
+
+ case WC_LMS_PARM_L3_H5_W8:
+ return wc_LmsKey_SetParameters(key, 3, 5, 8);
+
+ case WC_LMS_PARM_L3_H10_W4:
+ return wc_LmsKey_SetParameters(key, 3, 10, 4);
+
+ case WC_LMS_PARM_L4_H5_W8:
+ return wc_LmsKey_SetParameters(key, 4, 5, 8);
+
+ default:
+ WOLFSSL_MSG("error: invalid LMS parameter set");
+ break;
+ }
+
+ return BAD_FUNC_ARG;
+}
+
+/* Set the parameters of an LMS key.
+ *
+ * Use this if you wish to set specific parameters not found in the
+ * wc_LmsParm predefined sets. See comments in lms.h for allowed
+ * parameters.
+ *
+ * Key must be inited before calling this.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetParameters(LmsKey * key, int levels, int height,
+ int winternitz)
+{
+ int i = 0;
+ param_set_t lm = LMS_SHA256_N32_H5;
+ param_set_t ots = LMOTS_SHA256_N32_W1;
+
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_LMS_STATE_INITED) {
+ WOLFSSL_MSG("error: LmsKey needs init");
+ return -1;
+ }
+
+ /* Verify inputs make sense.
+ *
+ * Note: there does not seem to be a define for min or
+ * max Winternitz integer in hash-sigs lib or RFC8554. */
+
+ if (levels < MIN_HSS_LEVELS || levels > MAX_HSS_LEVELS) {
+ WOLFSSL_MSG("error: invalid level parameter");
+ return BAD_FUNC_ARG;
+ }
+
+ if (height < MIN_MERKLE_HEIGHT || height > MAX_MERKLE_HEIGHT) {
+ WOLFSSL_MSG("error: invalid height parameter");
+ return BAD_FUNC_ARG;
+ }
+
+ switch (height) {
+ case 5:
+ lm = LMS_SHA256_N32_H5;
+ break;
+ case 10:
+ lm = LMS_SHA256_N32_H10;
+ break;
+ case 15:
+ lm = LMS_SHA256_N32_H15;
+ break;
+ case 20:
+ lm = LMS_SHA256_N32_H20;
+ break;
+ case 25:
+ lm = LMS_SHA256_N32_H25;
+ break;
+ default:
+ WOLFSSL_MSG("error: invalid height parameter");
+ return BAD_FUNC_ARG;
+ }
+
+ switch (winternitz) {
+ case 1:
+ ots = LMOTS_SHA256_N32_W1;
+ break;
+ case 2:
+ ots = LMOTS_SHA256_N32_W2;
+ break;
+ case 4:
+ ots = LMOTS_SHA256_N32_W4;
+ break;
+ case 8:
+ ots = LMOTS_SHA256_N32_W8;
+ break;
+ default:
+ WOLFSSL_MSG("error: invalid winternitz parameter");
+ return BAD_FUNC_ARG;
+ }
+
+ key->levels = levels;
+
+ for (i = 0; i < levels; ++i) {
+ key->lm_type[i] = lm;
+ key->lm_ots_type[i] = ots;
+ }
+
+ /* Move the state to params set.
+ * Key is ready for MakeKey or Reload. */
+ key->state = WC_LMS_STATE_PARMSET;
+
+ return 0;
+}
+
+/* Get the parameters of an LMS key.
+ *
+ * Key must be inited and parameters set before calling this.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_GetParameters(const LmsKey * key, int * levels, int * height,
+ int * winternitz)
+{
+ if (key == NULL || levels == NULL || height == NULL || winternitz == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* This shouldn't happen, but check the LmsKey parameters aren't invalid. */
+
+ if (key->levels < MIN_HSS_LEVELS || key->levels > MAX_HSS_LEVELS) {
+ WOLFSSL_MSG("error: LmsKey invalid level parameter");
+ return -1;
+ }
+
+ *levels = key->levels;
+
+ switch (key->lm_type[0]) {
+ case LMS_SHA256_N32_H5:
+ *height = 5;
+ break;
+ case LMS_SHA256_N32_H10:
+ *height = 10;
+ break;
+ case LMS_SHA256_N32_H15:
+ *height = 15;
+ break;
+ case LMS_SHA256_N32_H20:
+ *height = 20;
+ break;
+ case LMS_SHA256_N32_H25:
+ *height = 25;
+ break;
+ default:
+ WOLFSSL_MSG("error: LmsKey invalid height parameter");
+ return -1;
+ }
+
+ switch (key->lm_ots_type[0]) {
+ case LMOTS_SHA256_N32_W1:
+ *winternitz = 1;
+ break;
+ case LMOTS_SHA256_N32_W2:
+ *winternitz = 2;
+ break;
+ case LMOTS_SHA256_N32_W4:
+ *winternitz = 4;
+ break;
+ case LMOTS_SHA256_N32_W8:
+ *winternitz = 8;
+ break;
+ default:
+ WOLFSSL_MSG("error: LmsKey invalid winternitz parameter");
+ return -1;
+ }
+
+ return 0;
+}
+
+/* Frees the LMS key from memory.
+ *
+ * This does not affect the private key saved to non-volatile storage.
+ * */
+void wc_LmsKey_Free(LmsKey* key)
+{
+ if (key == NULL) {
+ return;
+ }
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+ if (key->working_key != NULL) {
+ hss_free_working_key(key->working_key);
+ key->working_key = NULL;
+ }
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+
+ ForceZero(key, sizeof(LmsKey));
+
+ key->state = WC_LMS_STATE_FREED;
+
+ return;
+}
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+/* Set the write private key callback to the LMS key structure.
+ *
+ * The callback must be able to write/update the private key to
+ * non-volatile storage.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetWriteCb(LmsKey * key, write_private_key_cb write_cb)
+{
+ if (key == NULL || write_cb == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Changing the write callback of an already working key is forbidden. */
+ if (key->state == WC_LMS_STATE_OK) {
+ WOLFSSL_MSG("error: wc_LmsKey_SetWriteCb: key in use");
+ return -1;
+ }
+
+ key->write_private_key = write_cb;
+
+ return 0;
+}
+
+/* Set the read private key callback to the LMS key structure.
+ *
+ * The callback must be able to read the private key from
+ * non-volatile storage.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetReadCb(LmsKey * key, read_private_key_cb read_cb)
+{
+ if (key == NULL || read_cb == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Changing the read callback of an already working key is forbidden. */
+ if (key->state == WC_LMS_STATE_OK) {
+ WOLFSSL_MSG("error: wc_LmsKey_SetReadCb: key in use");
+ return -1;
+ }
+
+ key->read_private_key = read_cb;
+
+ return 0;
+}
+
+/* Sets the context to be used by write and read callbacks.
+ *
+ * E.g. this could be a filename if the callbacks write/read to file.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetContext(LmsKey * key, void * context)
+{
+ if (key == NULL || context == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Setting context of an already working key is forbidden. */
+ if (key->state == WC_LMS_STATE_OK) {
+ WOLFSSL_MSG("error: wc_LmsKey_SetContext: key in use");
+ return -1;
+ }
+
+ key->context = context;
+
+ return 0;
+}
+
+/* Make the LMS private/public key pair. The key must have its parameters
+ * set before calling this.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG * rng)
+{
+ bool result = true;
+
+ if (key == NULL || rng == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_LMS_STATE_PARMSET) {
+ WOLFSSL_MSG("error: LmsKey not ready for generation");
+ return -1;
+ }
+
+ if (key->write_private_key == NULL || key->read_private_key == NULL) {
+ WOLFSSL_MSG("error: LmsKey write/read callbacks are not set");
+ return -1;
+ }
+
+ if (key->context == NULL) {
+ WOLFSSL_MSG("error: LmsKey context is not set");
+ return -1;
+ }
+
+ LmsRng = rng;
+
+ /* TODO: The hash-sigs lib allows you to save variable length auxiliary
+ * data, which can be used to speed up key reloading when signing. The
+ * aux data can be 300B - 1KB in size.
+ *
+ * Not implemented at the moment.
+ *
+ * key->aux_data_len = hss_get_aux_data_len(AUX_DATA_MAX_LEN, key->levels,
+ * key->lm_type,
+ * key->lm_ots_type);
+ *
+ * key->aux_data = XMALLOC(key->aux_data_len, NULL,
+ * DYNAMIC_TYPE_TMP_BUFFER);
+ */
+
+ /* First generate the private key using the parameters and callbacks.
+ * If successful, private key will be saved to non-volatile storage,
+ * and the public key will be in memory. */
+ result = hss_generate_private_key(LmsGenerateRand, key->levels,
+ key->lm_type, key->lm_ots_type,
+ LmsWritePrivKey, key,
+ key->pub, sizeof(key->pub),
+ NULL, 0, &key->info);
+
+ if (!result) {
+ WOLFSSL_MSG("error: hss_generate_private_key failed");
+ key->state = WC_LMS_STATE_BAD;
+ return -1;
+ }
+
+ /* Once generated, now we must load the private key so we have
+ * an hss working key for signing operations. */
+ key->working_key = hss_load_private_key(LmsReadPrivKey, key,
+ 0, NULL, 0, &key->info);
+
+ if (key->working_key == NULL) {
+ WOLFSSL_MSG("error: hss_load_private_key failed");
+ key->state = WC_LMS_STATE_BAD;
+ return -1;
+ }
+
+ /* This should not happen, but check just in case. */
+ if (wc_LmsKey_SigsLeft(key) == 0) {
+ WOLFSSL_MSG("error: generated LMS key signatures exhausted");
+ key->state = WC_LMS_STATE_NOSIGS;
+ return -1;
+ }
+
+ key->state = WC_LMS_STATE_OK;
+
+ return 0;
+}
+
+/* Reload a key that has been prepared with the appropriate params and
+ * data. Use this if you wish to resume signing with an existing key.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * Returns 0 on success. */
+int wc_LmsKey_Reload(LmsKey * key)
+{
+ bool result = true;
+
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_LMS_STATE_PARMSET) {
+ WOLFSSL_MSG("error: LmsKey not ready for reload");
+ return -1;
+ }
+
+ if (key->write_private_key == NULL || key->read_private_key == NULL) {
+ WOLFSSL_MSG("error: LmsKey write/read callbacks are not set");
+ return -1;
+ }
+
+ if (key->context == NULL) {
+ WOLFSSL_MSG("error: LmsKey context is not set");
+ return -1;
+ }
+
+ key->working_key = hss_load_private_key(LmsReadPrivKey, key,
+ 0, NULL, 0, &key->info);
+
+ if (key->working_key == NULL) {
+ WOLFSSL_MSG("error: hss_load_private_key failed");
+ key->state = WC_LMS_STATE_BAD;
+ return -1;
+ }
+
+ result = hss_get_parameter_set(&key->levels, key->lm_type,
+ key->lm_ots_type, LmsReadPrivKey, key);
+
+ if (!result) {
+ WOLFSSL_MSG("error: hss_get_parameter_set failed");
+ key->state = WC_LMS_STATE_BAD;
+ hss_free_working_key(key->working_key);
+ key->working_key = NULL;
+ return -1;
+ }
+
+ /* Double check the key actually has signatures left. */
+ if (wc_LmsKey_SigsLeft(key) == 0) {
+ WOLFSSL_MSG("error: reloaded LMS key signatures exhausted");
+ key->state = WC_LMS_STATE_NOSIGS;
+ return -1;
+ }
+
+ key->state = WC_LMS_STATE_OK;
+
+ return 0;
+}
+
+/* Given a levels, height, winternitz parameter set, determine
+ * the private key length */
+int wc_LmsKey_GetPrivLen(const LmsKey * key, word32 * len)
+{
+ if (key == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ *len = (word32) hss_get_private_key_len(key->levels, key->lm_type,
+ key->lm_ots_type);
+
+ return 0;
+}
+
+int wc_LmsKey_Sign(LmsKey* key, byte * sig, word32 * sigSz, const byte * msg,
+ int msgSz)
+{
+ bool result = true;
+ size_t len = 0;
+
+ if (key == NULL || sig == NULL || sigSz == NULL || msg == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (msgSz <= 0) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state == WC_LMS_STATE_NOSIGS) {
+ WOLFSSL_MSG("error: LMS signatures exhausted");
+ return -1;
+ }
+ else if (key->state != WC_LMS_STATE_OK) {
+ /* The key had an error the last time it was used, and we
+ * can't guarantee its state. */
+ WOLFSSL_MSG("error: can't sign, LMS key not in good state");
+ return -1;
+ }
+
+ len = hss_get_signature_len(key->levels, key->lm_type, key->lm_ots_type);
+
+ if (len == 0) {
+ /* Key parameters are invalid. */
+ WOLFSSL_MSG("error: hss_get_signature_len failed");
+ key->state = WC_LMS_STATE_BAD;
+ return -1;
+ }
+
+ result = hss_generate_signature(key->working_key, LmsWritePrivKey,
+ key, (const void *) msg, msgSz,
+ sig, len, &key->info);
+
+ if (!result) {
+ if (wc_LmsKey_SigsLeft(key) == 0) {
+ WOLFSSL_MSG("error: LMS signatures exhausted");
+ key->state = WC_LMS_STATE_NOSIGS;
+ return -1;
+ }
+
+ WOLFSSL_MSG("error: hss_generate_signature failed");
+ key->state = WC_LMS_STATE_BAD;
+ return -1;
+ }
+
+ *sigSz = (word32) len;
+
+ return 0;
+}
+
+/* Returns 1 if there are signatures remaining.
+ * Returns 0 if available signatures are exhausted.
+ *
+ * Note: the number of remaining signatures is hidden behind an opaque
+ * pointer in the hash-sigs lib. We could add a counter here that is
+ * decremented on every signature. The number of available signatures
+ * grows as
+ * N = 2 ** (levels * height)
+ * so it would need to be a big integer. */
+int wc_LmsKey_SigsLeft(LmsKey * key)
+{
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (hss_extra_info_test_last_signature(&key->info)) {
+ return 0;
+ }
+
+ return 1;
+}
+
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY*/
+
+/* Given a levels, height, winternitz parameter set, determine
+ * the public key length */
+int wc_LmsKey_GetPubLen(const LmsKey * key, word32 * len)
+{
+ if (key == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ *len = (word32) hss_get_public_key_len(key->levels, key->lm_type,
+ key->lm_ots_type);
+
+ return 0;
+}
+
+/* Export a generated public key and parameter set from one LmsKey
+ * to another. Use this to prepare a signature verification LmsKey
+ * that is pub only.
+ *
+ * Though the public key is all that is used to verify signatures,
+ * the parameter set is needed to calculate the signature length
+ * before hand. */
+int wc_LmsKey_ExportPub(LmsKey * keyDst, const LmsKey * keySrc)
+{
+ if (keyDst == NULL || keySrc == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ForceZero(keyDst, sizeof(LmsKey));
+
+ XMEMCPY(keyDst->pub, keySrc->pub, sizeof(keySrc->pub));
+ XMEMCPY(keyDst->lm_type, keySrc->lm_type, sizeof(keySrc->lm_type));
+ XMEMCPY(keyDst->lm_ots_type, keySrc->lm_ots_type,
+ sizeof(keySrc->lm_ots_type));
+
+ keyDst->levels = keySrc->levels;
+
+ /* Mark this key as verify only, to prevent misuse. */
+ keyDst->state = WC_LMS_STATE_VERIFYONLY;
+
+ return 0;
+}
+
+/* Exports the raw LMS public key buffer from key to out buffer.
+ * The out buffer should be large enough to hold the public key, and
+ * outLen should indicate the size of the buffer.
+ *
+ * - Returns 0 on success, and sets outLen to LMS pubLen.
+ * - Returns BUFFER_E if outLen < LMS pubLen.
+ *
+ * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
+ * */
+int wc_LmsKey_ExportPubRaw(const LmsKey * key, byte * out, word32 * outLen)
+{
+ int ret = 0;
+ word32 pubLen = 0;
+
+ if (key == NULL || out == NULL || outLen == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ret = wc_LmsKey_GetPubLen(key, &pubLen);
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: wc_LmsKey_GetPubLen failed");
+ return -1;
+ }
+
+ if (*outLen < pubLen) {
+ return BUFFER_E;
+ }
+
+ XMEMCPY(out, key->pub, pubLen);
+ *outLen = pubLen;
+
+ return 0;
+}
+
+/* Imports a raw public key buffer from in array to LmsKey key.
+ *
+ * The LMS parameters must be set first with wc_LmsKey_SetLmsParm or
+ * wc_LmsKey_SetParameters, and inLen must match the length returned
+ * by wc_LmsKey_GetPubLen.
+ *
+ * - Returns 0 on success.
+ * - Returns BUFFER_E if inlen != LMS pubLen.
+ *
+ * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
+ * */
+int wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in, word32 inLen)
+{
+ int ret = 0;
+ word32 pubLen = 0;
+
+ if (key == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ret = wc_LmsKey_GetPubLen(key, &pubLen);
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: wc_LmsKey_GetPubLen failed");
+ return -1;
+ }
+
+ if (inLen != pubLen) {
+ /* Something inconsistent. Parameters weren't set, or input
+ * pub key is wrong.*/
+ return BUFFER_E;
+ }
+
+ XMEMCPY(key->pub, in, pubLen);
+
+ return 0;
+}
+
+/* Given a levels, height, winternitz parameter set, determine
+ * the signature length.
+ *
+ * Call this before wc_LmsKey_Sign so you know the length of
+ * the required signature buffer. */
+int wc_LmsKey_GetSigLen(const LmsKey * key, word32 * len)
+{
+ if (key == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ *len = (word32) hss_get_signature_len(key->levels, key->lm_type,
+ key->lm_ots_type);
+
+ return 0;
+}
+
+int wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz,
+ const byte * msg, int msgSz)
+{
+ bool result = true;
+
+ if (key == NULL || sig == NULL || msg == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#ifdef WOLFSSL_LMS_VERIFY_ONLY
+ result = hss_validate_signature(key->pub, (const void *) msg, msgSz, sig,
+ sigSz, NULL);
+#else
+ result = hss_validate_signature(key->pub, (const void *) msg, msgSz, sig,
+ sigSz, &key->info);
+#endif
+
+
+ if (!result) {
+ WOLFSSL_MSG("error: hss_validate_signature failed");
+ return -1;
+ }
+
+ return 0;
+}
+
+#endif /* WOLFSSL_HAVE_LMS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c
new file mode 100644
index 00000000..b1e5e46d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c
@@ -0,0 +1,981 @@
+/* ext_xmss.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+
+#ifdef WOLFSSL_HAVE_XMSS
+#include <wolfssl/wolfcrypt/ext_xmss.h>
+
+#ifdef NO_INLINE
+ #include <wolfssl/wolfcrypt/misc.h>
+#else
+ #define WOLFSSL_MISC_INCLUDED
+ #include <wolfcrypt/src/misc.c>
+#endif
+
+#include <xmss_callbacks.h>
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+static THREAD_LS_T WC_RNG * xmssRng = NULL;
+
+/* RNG callback used by xmss.
+ * */
+static int rng_cb(void * output, size_t length)
+{
+ int ret = 0;
+
+ if (output == NULL || xmssRng == NULL) {
+ return -1;
+ }
+
+ if (length == 0) {
+ return 0;
+ }
+
+ ret = wc_RNG_GenerateBlock(xmssRng, (byte *)output, (word32)length);
+
+ if (ret) {
+ WOLFSSL_MSG("error: XMSS rng_cb failed");
+ return -1;
+ }
+
+ return 0;
+}
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+
+/* SHA256 callback used by XMSS.
+ * */
+static int sha256_cb(const unsigned char *in, unsigned long long inlen,
+ unsigned char *out)
+{
+ wc_Sha256 sha;
+
+ if (wc_InitSha256_ex(&sha, NULL, INVALID_DEVID) != 0) {
+ WOLFSSL_MSG("SHA256 Init failed");
+ return -1;
+ }
+
+ if (wc_Sha256Update(&sha, in, (word32) inlen) != 0) {
+ WOLFSSL_MSG("SHA256 Update failed");
+ return -1;
+ }
+
+ if (wc_Sha256Final(&sha, out) != 0) {
+ WOLFSSL_MSG("SHA256 Final failed");
+ wc_Sha256Free(&sha);
+ return -1;
+ }
+ wc_Sha256Free(&sha);
+
+ return 0;
+}
+
+/* Init an XMSS key.
+ *
+ * Call this before setting the params of an XMSS key.
+ *
+ * key [in] The XMSS key to init.
+ * heap [in] Unused.
+ * devId [in] Unused.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * */
+int wc_XmssKey_Init(XmssKey * key, void * heap, int devId)
+{
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ (void) heap;
+ (void) devId;
+
+ ForceZero(key, sizeof(XmssKey));
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+ key->sk = NULL;
+ key->sk_len = 0;
+ key->write_private_key = NULL;
+ key->read_private_key = NULL;
+ key->context = NULL;
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+ key->state = WC_XMSS_STATE_INITED;
+
+ return 0;
+}
+
+/* Sets the XMSS key parameters, given an OID.
+ *
+ * Note: XMSS and XMSS^MT parameter sets do have overlapping
+ * OIDs, therefore is_xmssmt is necessary to toggle.
+ *
+ * key [in] The XMSS key to set.
+ * OID [in] The XMSS parameter set OID.
+ * is_xmssmt [in] 1 The OID is assumed to be XMSS^MT.
+ * 0 The OID is assumed to be XMSS.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on parse failure.
+ * */
+static int wc_XmssKey_SetOid(XmssKey * key, uint32_t oid, int is_xmssmt)
+{
+ int ret = 0;
+
+ if (key == NULL || oid == 0) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Parse the OID and load the XMSS params structure. */
+ if (is_xmssmt) {
+ ret = xmssmt_parse_oid(&key->params, oid);
+ }
+ else {
+ ret = xmss_parse_oid(&key->params, oid);
+ }
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: XMSS parse oid failed");
+ return -1;
+ }
+
+ /* Finally, sanity check that this is a supported parameter set.
+ *
+ * We are only supporting XMSS/XMSS^MT with SHA256 parameter sets
+ * that NIST SP 800-208 has standardized. See patched xmss-reference
+ * params.h for the defines. */
+ if (key->params.func != XMSS_SHA2 ||
+ key->params.n != XMSS_SHA256_N ||
+ key->params.padding_len != XMSS_SHA256_PADDING_LEN ||
+ key->params.wots_w != 16 ||
+ key->params.wots_len != XMSS_SHA256_WOTS_LEN) {
+ WOLFSSL_MSG("error: unsupported XMSS/XMSS^MT parameter set");
+ return -1;
+ }
+
+ ret = xmss_set_sha_cb(sha256_cb);
+ if (ret != 0) {
+ WOLFSSL_MSG("error: xmss_set_sha_cb failed");
+ return -1;
+ }
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+ ret = xmss_set_rng_cb(rng_cb);
+ if (ret != 0) {
+ WOLFSSL_MSG("error: xmss_set_rng_cb failed");
+ return -1;
+ }
+#endif
+
+ key->oid = oid;
+ key->is_xmssmt = is_xmssmt;
+ key->state = WC_XMSS_STATE_PARMSET;
+
+ return 0;
+}
+
+/* Set the XMSS key parameter string.
+ *
+ * The input string must be one of the supported param set names in
+ * the "Name" section from the table in wolfssl/wolfcrypt/xmss.h,
+ * e.g. "XMSS-SHA2_10_256" or "XMSSMT-SHA2_20/4_256".
+ *
+ * key [in] The XMSS key to set.
+ * str [in] The XMSS/XMSS^MT parameter string.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on failure.
+ * */
+int wc_XmssKey_SetParamStr(XmssKey * key, const char * str)
+{
+ int ret = 0;
+ uint32_t oid = 0;
+ int is_xmssmt = 0;
+
+ if (key == NULL || str == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_XMSS_STATE_INITED) {
+ WOLFSSL_MSG("error: XMSS key needs init");
+ return BAD_FUNC_ARG;
+ }
+
+ switch(XSTRLEN(str)) {
+ case XMSS_NAME_LEN:
+ is_xmssmt = 0;
+ break;
+ case XMSSMT_NAME_MIN_LEN:
+ case XMSSMT_NAME_MAX_LEN:
+ is_xmssmt = 1;
+ break;
+ default:
+ WOLFSSL_MSG("error: XMSS param str invalid length");
+ return BAD_FUNC_ARG;
+ }
+
+ /* Convert XMSS param string to OID. */
+ if (is_xmssmt) {
+ ret = xmssmt_str_to_oid(&oid, str);
+ }
+ else {
+ ret = xmss_str_to_oid(&oid, str);
+ }
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: xmssmt_str_to_oid failed");
+ return -1;
+ }
+
+ return wc_XmssKey_SetOid(key, oid, is_xmssmt);
+}
+
+/* Force zeros and frees the XMSS key from memory.
+ *
+ * This does not touch the private key saved to non-volatile storage.
+ *
+ * This is the only function that frees the key->sk array.
+ *
+ * key [in] The XMSS key.
+ *
+ * returns void
+ * */
+void wc_XmssKey_Free(XmssKey* key)
+{
+ if (key == NULL) {
+ return;
+ }
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+ if (key->sk != NULL) {
+ ForceZero(key->sk, key->sk_len);
+ XFREE(key->sk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ key->sk = NULL;
+ key->sk_len = 0;
+ }
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+
+ ForceZero(key, sizeof(XmssKey));
+
+ key->state = WC_XMSS_STATE_FREED;
+
+ return;
+}
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+/* Sets the XMSS write private key callback.
+ *
+ * The callback must be able to write/update the private key to
+ * non-volatile storage.
+ *
+ * key [in] The XMSS key.
+ * write_cb [in] The write private key callback.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on failure.
+ * */
+int wc_XmssKey_SetWriteCb(XmssKey * key, write_private_key_cb write_cb)
+{
+ if (key == NULL || write_cb == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Changing the write callback of an already working key is forbidden. */
+ if (key->state == WC_XMSS_STATE_OK) {
+ WOLFSSL_MSG("error: wc_XmssKey_SetWriteCb: key in use");
+ return -1;
+ }
+
+ key->write_private_key = write_cb;
+
+ return 0;
+}
+
+/* Sets the XMSS read private key callback.
+ *
+ * The callback must be able to read the private key from
+ * non-volatile storage.
+ *
+ * key [in] The XMSS key.
+ * read_cb [in] The read private key callback.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on failure.
+ * */
+int wc_XmssKey_SetReadCb(XmssKey * key, read_private_key_cb read_cb)
+{
+ if (key == NULL || read_cb == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Changing the read callback of an already working key is forbidden. */
+ if (key->state == WC_XMSS_STATE_OK) {
+ WOLFSSL_MSG("error: wc_XmssKey_SetReadCb: key in use");
+ return -1;
+ }
+
+ key->read_private_key = read_cb;
+
+ return 0;
+}
+
+/* Sets the XMSS context to be used by write and read callbacks.
+ *
+ * E.g. this could be a filename if the callbacks write/read to file.
+ *
+ * key [in] The XMSS key.
+ * context [in] The context pointer.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on failure.
+ * */
+int wc_XmssKey_SetContext(XmssKey * key, void * context)
+{
+ if (key == NULL || context == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Setting context of an already working key is forbidden. */
+ if (key->state == WC_XMSS_STATE_OK) {
+ WOLFSSL_MSG("error: wc_XmssKey_SetContext: key in use");
+ return -1;
+ }
+
+ key->context = context;
+
+ return 0;
+}
+
+
+/* Allocates the XMSS secret key (sk) array.
+ *
+ * The XMSS/XMSS^MT secret key length is a function of the
+ * parameters, and can't be allocated until the param string
+ * has been set with SetParamStr.
+ *
+ * This is only called by MakeKey() and Reload().
+ *
+ * Note: the XMSS sk array is force zeroed after every use.
+ *
+ * key [in] The XMSS key.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on failure.
+ * */
+static int wc_XmssKey_AllocSk(XmssKey* key)
+{
+ int ret = 0;
+
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->sk != NULL) {
+ WOLFSSL_MSG("error: XMSS secret key already exists");
+ return -1;
+ }
+
+ /* The XMSS/XMSS^MT secret key length is a function of the
+ * parameters. Therefore can't allocate this until param
+ * string has been set. */
+ ret = wc_XmssKey_GetPrivLen(key, &key->sk_len);
+
+ if (ret != 0 || key->sk_len <= 0) {
+ WOLFSSL_MSG("error: wc_XmssKey_GetPrivLen failed");
+ return -1;
+ }
+
+ key->sk = (unsigned char *)XMALLOC(key->sk_len, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER);
+
+ if (key->sk == NULL) {
+ WOLFSSL_MSG("error: malloc XMSS key->sk failed");
+ return -1;
+ }
+
+ ForceZero(key->sk, key->sk_len);
+
+ return 0;
+}
+
+/* Make the XMSS/XMSS^MT private/public key pair. The key must have its parameters
+ * set before calling this.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * This function and Reload() are the only functions that allocate
+ * key->sk array. wc_XmssKey_FreeKey is the only function that
+ * deallocates key->sk.
+ *
+ * key [in] The XMSS key to make.
+ * rng [in] Initialized WC_RNG pointer.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on verify fail.
+ * */
+int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG * rng)
+{
+ int ret = 0;
+ enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
+
+ if (key == NULL || rng == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_XMSS_STATE_PARMSET) {
+ WOLFSSL_MSG("error: XmssKey not ready for generation");
+ return -1;
+ }
+
+ if (key->write_private_key == NULL || key->read_private_key == NULL) {
+ WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
+ return -1;
+ }
+
+ if (key->context == NULL) {
+ WOLFSSL_MSG("error: XmssKey context is not set");
+ return -1;
+ }
+
+ /* Allocate sk array. */
+ ret = wc_XmssKey_AllocSk(key);
+
+ if (ret != 0) {
+ return ret;
+ }
+
+ xmssRng = rng;
+
+ /* Finally make the secret public key pair. Immediately write it to NV
+ * storage and then clear from memory. */
+ if (key->is_xmssmt) {
+ ret = xmssmt_keypair(key->pk, key->sk, key->oid);
+ }
+ else {
+ ret = xmss_keypair(key->pk, key->sk, key->oid);
+ }
+
+ if (ret == 0) {
+ cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
+ }
+
+ ForceZero(key->sk, key->sk_len);
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: XMSS keypair failed");
+ key->state = WC_XMSS_STATE_BAD;
+ return -1;
+ }
+
+ if (cb_rc != WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
+ WOLFSSL_MSG("error: XMSS write to NV storage failed");
+ key->state = WC_XMSS_STATE_BAD;
+ return -1;
+ }
+
+ key->state = WC_XMSS_STATE_OK;
+
+ return 0;
+}
+
+/* This function allocates the secret key buffer, and does a
+ * quick sanity check to verify the secret key is readable
+ * from NV storage, and then force zeros the key from memory.
+ *
+ * On success it sets the key state to OK.
+ *
+ * Use this function to resume signing with an already existing
+ * XMSS key pair.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * Returns 0 on success.
+ *
+ * This function and MakeKey are the only functions that allocate
+ * key->sk array. wc_XmssKey_FreeKey is the only function that
+ * deallocates key->sk.
+ *
+ * key [in] XMSS key to load.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on load fail.
+ * */
+int wc_XmssKey_Reload(XmssKey * key)
+{
+ int ret = 0;
+ enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
+
+ if (key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_XMSS_STATE_PARMSET) {
+ WOLFSSL_MSG("error: XmssKey not ready for reload");
+ return -1;
+ }
+
+ if (key->write_private_key == NULL || key->read_private_key == NULL) {
+ WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
+ return -1;
+ }
+
+ if (key->context == NULL) {
+ WOLFSSL_MSG("error: XmssKey context is not set");
+ return -1;
+ }
+
+ /* Allocate sk array. */
+ ret = wc_XmssKey_AllocSk(key);
+
+ if (ret != 0) {
+ return ret;
+ }
+
+ /* Read the current secret key from NV storage. Force clear it
+ * immediately. This is just to sanity check the secret key
+ * is readable from permanent storage. */
+ cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
+ ForceZero(key->sk, key->sk_len);
+
+ if (cb_rc != WC_XMSS_RC_READ_TO_MEMORY) {
+ WOLFSSL_MSG("error: XMSS read from NV storage failed");
+ key->state = WC_XMSS_STATE_BAD;
+ return -1;
+ }
+
+ key->state = WC_XMSS_STATE_OK;
+
+ return 0;
+}
+
+/* Gets the XMSS/XMSS^MT private key length.
+ *
+ * Parameters must be set before calling this, as the key size (sk_bytes)
+ * is a function of the parameters.
+ *
+ * Note: the XMSS/XMSS^MT private key format is implementation specific,
+ * and not standardized. Interoperability of XMSS private keys should
+ * not be expected.
+ *
+ * key [in] The XMSS key.
+ * len [out] The length of the private key in bytes.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on sign fail.
+ * */
+int wc_XmssKey_GetPrivLen(const XmssKey * key, word32 * len)
+{
+ if (key == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_XMSS_STATE_OK && key->state != WC_XMSS_STATE_PARMSET) {
+ /* params.sk_bytes not set yet. */
+ return -1;
+ }
+
+ *len = XMSS_OID_LEN + (word32) key->params.sk_bytes;
+
+ return 0;
+}
+
+/* Signs the message using the XMSS secret key, and
+ * updates the secret key on NV storage.
+ *
+ * Both operations must succeed to be considered
+ * successful.
+ *
+ * On success: sets key state to WC_XMSS_STATE_OK.
+ * On failure: sets key state to WC_XMSS_STATE_BAD
+ *
+ * If no signatures are left, sets state to WC_XMSS_STATE_NOSIGS.
+ */
+static void wc_XmssKey_SignUpdate(XmssKey* key, byte * sig, word32 * sigLen,
+ const byte * msg, int msgLen)
+{
+ int ret = -1;
+ unsigned long long len = *sigLen;
+ enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
+
+ /* Set the key state to bad by default. State is presumed bad
+ * unless a correct sign and update operation happen together. */
+ key->state = WC_XMSS_STATE_BAD;
+ *sigLen = 0;
+
+ /* Read the current secret key from NV storage.*/
+ cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
+
+ if (cb_rc == WC_XMSS_RC_READ_TO_MEMORY) {
+ /* Read was good. Now sign and update the secret key in memory. */
+ if (key->is_xmssmt) {
+ ret = xmssmt_sign(key->sk, sig, &len, msg, msgLen);
+ }
+ else {
+ ret = xmss_sign(key->sk, sig, &len, msg, msgLen);
+ }
+
+ if (ret == 0 && len == key->params.sig_bytes) {
+ /* The signature succeeded. key->sk is now updated and must be
+ * committed to NV storage. */
+ cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
+
+ if (cb_rc == WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
+ /* key->sk was successfully committed to NV storage. Set the
+ * key state to OK, and set the sigLen. */
+ key->state = WC_XMSS_STATE_OK;
+ *sigLen = (word32) len;
+ }
+ else {
+ /* Write to NV storage failed. Erase the signature from
+ * memory. */
+ ForceZero(sig, key->params.sig_bytes);
+ WOLFSSL_MSG("error: XMSS write_private_key failed");
+ }
+ }
+ else if (ret == -2) {
+ /* Signature space exhausted. */
+ key->state = WC_XMSS_STATE_NOSIGS;
+ WOLFSSL_MSG("error: no XMSS signatures remaining");
+ }
+ else {
+ /* Something failed or inconsistent in signature. Erase the
+ * signature just to be safe. */
+ ForceZero(sig, key->params.sig_bytes);
+ WOLFSSL_MSG("error: XMSS sign failed");
+ }
+ }
+ else {
+ /* Read from NV storage failed. */
+ WOLFSSL_MSG("error: XMSS read_private_key failed");
+ }
+
+ /* Force zero the secret key from memory always. */
+ ForceZero(key->sk, key->sk_len);
+
+ return;
+}
+
+/* Sign the message using the XMSS secret key.
+ *
+ * key [in] XMSS key to use to sign.
+ * sig [in] Buffer to write signature into.
+ * sigLen [in/out] On in, size of buffer.
+ * On out, the length of the signature in bytes.
+ * msg [in] Message to sign.
+ * msgLen [in] Length of the message in bytes.
+ *
+ * returns 0 on success.
+ * returns -1 on sign fail.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns BUFFER_E when sigLen is too small.
+ */
+int wc_XmssKey_Sign(XmssKey* key, byte * sig, word32 * sigLen, const byte * msg,
+ int msgLen)
+{
+ if (key == NULL || sig == NULL || sigLen == NULL || msg == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (msgLen <= 0) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (*sigLen < key->params.sig_bytes) {
+ /* Signature buffer too small. */
+ WOLFSSL_MSG("error: XMSS sig buffer too small");
+ return BUFFER_E;
+ }
+
+ if (key->state == WC_XMSS_STATE_NOSIGS) {
+ WOLFSSL_MSG("error: XMSS signatures exhausted");
+ return -1;
+ }
+ else if (key->state != WC_XMSS_STATE_OK) {
+ /* The key had an error the last time it was used, and we
+ * can't guarantee its state. */
+ WOLFSSL_MSG("error: can't sign, XMSS key not in good state");
+ return -1;
+ }
+
+ if (key->write_private_key == NULL || key->read_private_key == NULL) {
+ WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
+ return -1;
+ }
+
+ if (key->context == NULL) {
+ WOLFSSL_MSG("error: XmssKey context is not set");
+ return -1;
+ }
+
+ /* Finally, sign and update the secret key. */
+ wc_XmssKey_SignUpdate(key, sig, sigLen, msg, msgLen);
+
+ return (key->state == WC_XMSS_STATE_OK) ? 0 : -1;
+}
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY*/
+
+/* Get the XMSS/XMSS^MT public key length. The public key
+ * is static in size and does not depend on parameters,
+ * other than the choice of SHA256 as hashing function.
+ *
+ * key [in] The XMSS key.
+ * len [out] The length of the public key.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ */
+int wc_XmssKey_GetPubLen(const XmssKey * key, word32 * len)
+{
+ if (key == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ *len = XMSS_SHA256_PUBLEN;
+
+ return 0;
+}
+
+/* Export a generated public key and parameter set from one XmssKey
+ * to another. Use this to prepare a signature verification XmssKey
+ * that is pub only.
+ *
+ * keyDst [out] Destination key for copy.
+ * keySrc [in] Source key for copy.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * */
+int wc_XmssKey_ExportPub(XmssKey * keyDst, const XmssKey * keySrc)
+{
+ if (keyDst == NULL || keySrc == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ForceZero(keyDst, sizeof(XmssKey));
+
+ XMEMCPY(keyDst->pk, keySrc->pk, sizeof(keySrc->pk));
+
+ keyDst->oid = keySrc->oid;
+ keyDst->is_xmssmt = keySrc->is_xmssmt;
+
+ /* Mark keyDst as verify only, to prevent misuse. */
+ keyDst->state = WC_XMSS_STATE_VERIFYONLY;
+
+ return 0;
+}
+
+/* Exports the raw XMSS public key buffer from key to out buffer.
+ * The out buffer should be large enough to hold the public key, and
+ * outLen should indicate the size of the buffer.
+ *
+ * key [in] XMSS key.
+ * out [out] Array holding public key.
+ * outLen [in/out] On in, size of buffer.
+ * On out, the length of the public key.
+ *
+ * returns 0 on success.
+ * returns -1 on failure.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns BUFFER_E if array is too small.
+ * */
+int wc_XmssKey_ExportPubRaw(const XmssKey * key, byte * out, word32 * outLen)
+{
+ int ret = 0;
+ word32 pubLen = 0;
+
+ if (key == NULL || out == NULL || outLen == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ ret = wc_XmssKey_GetPubLen(key, &pubLen);
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: wc_XmssKey_GetPubLen failed");
+ return -1;
+ }
+
+ if (*outLen < pubLen) {
+ return BUFFER_E;
+ }
+
+ XMEMCPY(out, key->pk, pubLen);
+ *outLen = pubLen;
+
+ return 0;
+}
+
+/* Imports a raw public key buffer from in array to XmssKey key.
+ *
+ * The XMSS parameters must be set first with wc_XmssKey_SetParamStr,
+ * and inLen must match the length returned by wc_XmssKey_GetPubLen.
+ *
+ * key [in] XMSS key.
+ * in [in] Array holding public key.
+ * inLen [in] Length of array in bytes.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns BUFFER_E if array is incorrect size.
+ * returns -1 on failure.
+ * */
+int wc_XmssKey_ImportPubRaw(XmssKey * key, const byte * in, word32 inLen)
+{
+ int ret = 0;
+ word32 pubLen = 0;
+
+ if (key == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_XMSS_STATE_PARMSET) {
+ /* XMSS key not ready for import. Param str must be set first. */
+ WOLFSSL_MSG("error: XMSS key not ready for import");
+ return -1;
+ }
+
+ ret = wc_XmssKey_GetPubLen(key, &pubLen);
+
+ if (ret != 0) {
+ WOLFSSL_MSG("error: wc_XmssKey_GetPubLen failed");
+ return -1;
+ }
+
+ if (inLen != pubLen) {
+ /* Something inconsistent. Parameters weren't set, or input
+ * pub key is wrong.*/
+ return BUFFER_E;
+ }
+
+ XMEMCPY(key->pk, in, pubLen);
+
+ key->state = WC_XMSS_STATE_VERIFYONLY;
+
+ return 0;
+}
+
+/* Gets the XMSS/XMSS^MT signature length.
+ *
+ * Parameters must be set before calling this, as the signature size
+ * is a function of the parameters.
+ *
+ * Note: call this before wc_XmssKey_Sign or Verify so you know the
+ * length of the required signature buffer.
+ *
+ * key [in] XMSS key to use to sign.
+ * len [out] The length of the signature in bytes.
+ *
+ * returns 0 on success.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns -1 on sign fail.
+ * */
+int wc_XmssKey_GetSigLen(const XmssKey * key, word32 * len)
+{
+ if (key == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (key->state != WC_XMSS_STATE_OK && key->state != WC_XMSS_STATE_PARMSET) {
+ return -1;
+ }
+
+ *len = key->params.sig_bytes;
+
+ return 0;
+}
+
+/* Verify the signature using the XMSS public key.
+ *
+ * Requires that XMSS parameters have been set with
+ * wc_XmssKey_SetParamStr, and that a public key is available
+ * from importing or MakeKey().
+ *
+ * Call wc_XmssKey_GetSigLen() before this function to determine
+ * length of the signature buffer.
+ *
+ * key [in] XMSS key to use to verify.
+ * sig [in] Signature to verify.
+ * sigLen [in] Size of signature in bytes.
+ * msg [in] Message to verify.
+ * msgLen [in] Length of the message in bytes.
+ *
+ * returns 0 on success.
+ * returns -1 on verify fail.
+ * returns BAD_FUNC_ARG when a parameter is NULL.
+ * returns BUFFER_E when sigLen is too small.
+ */
+int wc_XmssKey_Verify(XmssKey * key, const byte * sig, word32 sigLen,
+ const byte * msg, int msgLen)
+{
+ int ret = 0;
+ unsigned long long msg_len = 0;
+
+ msg_len = msgLen;
+
+ if (key == NULL || sig == NULL || msg == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (sigLen < key->params.sig_bytes) {
+ /* Signature buffer too small. */
+ return BUFFER_E;
+ }
+
+ if (key->state != WC_XMSS_STATE_OK &&
+ key->state != WC_XMSS_STATE_VERIFYONLY) {
+ /* XMSS key not ready for verification. Param str must be
+ * set first, and Reload() called. */
+ WOLFSSL_MSG("error: XMSS key not ready for verification");
+ return -1;
+ }
+
+ if (key->is_xmssmt) {
+ ret = xmssmt_sign_open(msg, &msg_len, sig, sigLen, key->pk);
+ }
+ else {
+ ret = xmss_sign_open(msg, &msg_len, sig, sigLen, key->pk);
+ }
+
+ if (ret != 0 || (int) msg_len != msgLen) {
+ WOLFSSL_MSG("error: XMSS verify failed");
+ return -1;
+ }
+
+ return ret;
+}
+
+#endif /* WOLFSSL_HAVE_XMSS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c
index cbc305d2..73853b79 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c
@@ -167,7 +167,7 @@ void fe448_sub(word8* r, const word8* a, const word8* b)
}
}
-/* Mulitply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
+/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -192,7 +192,7 @@ void fe448_mul39081(word8* r, const word8* a)
}
}
-/* Mulitply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
+/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -448,7 +448,7 @@ void fe448_neg(word8* r, const word8* a)
}
/* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calcualting y-ordinate from x-ordinate for Ed448.
+ * Used for calculating y-ordinate from x-ordinate for Ed448.
*
* r [in] Field element to hold result.
* a [in] Field element to exponentiate.
@@ -609,62 +609,62 @@ void fe448_to_bytes(unsigned char* b, const sword64* a)
in4 += o; t = o << 56; in7 -= (sword64)t;
/* Output as bytes */
- b[ 0] = (in0 >> 0);
- b[ 1] = (in0 >> 8);
- b[ 2] = (in0 >> 16);
- b[ 3] = (in0 >> 24);
- b[ 4] = (in0 >> 32);
- b[ 5] = (in0 >> 40);
- b[ 6] = (in0 >> 48);
- b[ 7] = (in1 >> 0);
- b[ 8] = (in1 >> 8);
- b[ 9] = (in1 >> 16);
- b[10] = (in1 >> 24);
- b[11] = (in1 >> 32);
- b[12] = (in1 >> 40);
- b[13] = (in1 >> 48);
- b[14] = (in2 >> 0);
- b[15] = (in2 >> 8);
- b[16] = (in2 >> 16);
- b[17] = (in2 >> 24);
- b[18] = (in2 >> 32);
- b[19] = (in2 >> 40);
- b[20] = (in2 >> 48);
- b[21] = (in3 >> 0);
- b[22] = (in3 >> 8);
- b[23] = (in3 >> 16);
- b[24] = (in3 >> 24);
- b[25] = (in3 >> 32);
- b[26] = (in3 >> 40);
- b[27] = (in3 >> 48);
- b[28] = (in4 >> 0);
- b[29] = (in4 >> 8);
- b[30] = (in4 >> 16);
- b[31] = (in4 >> 24);
- b[32] = (in4 >> 32);
- b[33] = (in4 >> 40);
- b[34] = (in4 >> 48);
- b[35] = (in5 >> 0);
- b[36] = (in5 >> 8);
- b[37] = (in5 >> 16);
- b[38] = (in5 >> 24);
- b[39] = (in5 >> 32);
- b[40] = (in5 >> 40);
- b[41] = (in5 >> 48);
- b[42] = (in6 >> 0);
- b[43] = (in6 >> 8);
- b[44] = (in6 >> 16);
- b[45] = (in6 >> 24);
- b[46] = (in6 >> 32);
- b[47] = (in6 >> 40);
- b[48] = (in6 >> 48);
- b[49] = (in7 >> 0);
- b[50] = (in7 >> 8);
- b[51] = (in7 >> 16);
- b[52] = (in7 >> 24);
- b[53] = (in7 >> 32);
- b[54] = (in7 >> 40);
- b[55] = (in7 >> 48);
+ b[ 0] = (byte)(in0 >> 0);
+ b[ 1] = (byte)(in0 >> 8);
+ b[ 2] = (byte)(in0 >> 16);
+ b[ 3] = (byte)(in0 >> 24);
+ b[ 4] = (byte)(in0 >> 32);
+ b[ 5] = (byte)(in0 >> 40);
+ b[ 6] = (byte)(in0 >> 48);
+ b[ 7] = (byte)(in1 >> 0);
+ b[ 8] = (byte)(in1 >> 8);
+ b[ 9] = (byte)(in1 >> 16);
+ b[10] = (byte)(in1 >> 24);
+ b[11] = (byte)(in1 >> 32);
+ b[12] = (byte)(in1 >> 40);
+ b[13] = (byte)(in1 >> 48);
+ b[14] = (byte)(in2 >> 0);
+ b[15] = (byte)(in2 >> 8);
+ b[16] = (byte)(in2 >> 16);
+ b[17] = (byte)(in2 >> 24);
+ b[18] = (byte)(in2 >> 32);
+ b[19] = (byte)(in2 >> 40);
+ b[20] = (byte)(in2 >> 48);
+ b[21] = (byte)(in3 >> 0);
+ b[22] = (byte)(in3 >> 8);
+ b[23] = (byte)(in3 >> 16);
+ b[24] = (byte)(in3 >> 24);
+ b[25] = (byte)(in3 >> 32);
+ b[26] = (byte)(in3 >> 40);
+ b[27] = (byte)(in3 >> 48);
+ b[28] = (byte)(in4 >> 0);
+ b[29] = (byte)(in4 >> 8);
+ b[30] = (byte)(in4 >> 16);
+ b[31] = (byte)(in4 >> 24);
+ b[32] = (byte)(in4 >> 32);
+ b[33] = (byte)(in4 >> 40);
+ b[34] = (byte)(in4 >> 48);
+ b[35] = (byte)(in5 >> 0);
+ b[36] = (byte)(in5 >> 8);
+ b[37] = (byte)(in5 >> 16);
+ b[38] = (byte)(in5 >> 24);
+ b[39] = (byte)(in5 >> 32);
+ b[40] = (byte)(in5 >> 40);
+ b[41] = (byte)(in5 >> 48);
+ b[42] = (byte)(in6 >> 0);
+ b[43] = (byte)(in6 >> 8);
+ b[44] = (byte)(in6 >> 16);
+ b[45] = (byte)(in6 >> 24);
+ b[46] = (byte)(in6 >> 32);
+ b[47] = (byte)(in6 >> 40);
+ b[48] = (byte)(in6 >> 48);
+ b[49] = (byte)(in7 >> 0);
+ b[50] = (byte)(in7 >> 8);
+ b[51] = (byte)(in7 >> 16);
+ b[52] = (byte)(in7 >> 24);
+ b[53] = (byte)(in7 >> 32);
+ b[54] = (byte)(in7 >> 40);
+ b[55] = (byte)(in7 >> 48);
}
/* Set the field element to 0.
@@ -788,7 +788,7 @@ void fe448_sub(sword64* r, const sword64* a, const sword64* b)
r[7] = a[7] - b[7];
}
-/* Mulitply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
+/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -826,7 +826,7 @@ void fe448_mul39081(sword64* r, const sword64* a)
r[7] = (sword64)t7;
}
-/* Mulitply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
+/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -1087,8 +1087,8 @@ int curve448(byte* r, const byte* n, const byte* a)
for (i = 447; i >= 0; --i) {
unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
swap ^= b;
- fe448_cswap(x2, x3, swap);
- fe448_cswap(z2, z3, swap);
+ fe448_cswap(x2, x3, (int)swap);
+ fe448_cswap(z2, z3, (int)swap);
swap = b;
/* Montgomery Ladder - double and add */
@@ -1172,7 +1172,7 @@ void fe448_neg(sword64* r, const sword64* a)
}
/* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calcualting y-ordinate from x-ordinate for Ed448.
+ * Used for calculating y-ordinate from x-ordinate for Ed448.
*
* r [in] Field element to hold result.
* a [in] Field element to exponentiate.
@@ -1434,62 +1434,62 @@ void fe448_to_bytes(unsigned char* b, const sword32* a)
in8 += o; t = o << 28; in15 -= (sword32)t;
/* Output as bytes */
- b[ 0] = (in0 >> 0);
- b[ 1] = (in0 >> 8);
- b[ 2] = (in0 >> 16);
- b[ 3] = (in0 >> 24) + ((in1 >> 0) << 4);
- b[ 4] = (in1 >> 4);
- b[ 5] = (in1 >> 12);
- b[ 6] = (in1 >> 20);
- b[ 7] = (in2 >> 0);
- b[ 8] = (in2 >> 8);
- b[ 9] = (in2 >> 16);
- b[10] = (in2 >> 24) + ((in3 >> 0) << 4);
- b[11] = (in3 >> 4);
- b[12] = (in3 >> 12);
- b[13] = (in3 >> 20);
- b[14] = (in4 >> 0);
- b[15] = (in4 >> 8);
- b[16] = (in4 >> 16);
- b[17] = (in4 >> 24) + ((in5 >> 0) << 4);
- b[18] = (in5 >> 4);
- b[19] = (in5 >> 12);
- b[20] = (in5 >> 20);
- b[21] = (in6 >> 0);
- b[22] = (in6 >> 8);
- b[23] = (in6 >> 16);
- b[24] = (in6 >> 24) + ((in7 >> 0) << 4);
- b[25] = (in7 >> 4);
- b[26] = (in7 >> 12);
- b[27] = (in7 >> 20);
- b[28] = (in8 >> 0);
- b[29] = (in8 >> 8);
- b[30] = (in8 >> 16);
- b[31] = (in8 >> 24) + ((in9 >> 0) << 4);
- b[32] = (in9 >> 4);
- b[33] = (in9 >> 12);
- b[34] = (in9 >> 20);
- b[35] = (in10 >> 0);
- b[36] = (in10 >> 8);
- b[37] = (in10 >> 16);
- b[38] = (in10 >> 24) + ((in11 >> 0) << 4);
- b[39] = (in11 >> 4);
- b[40] = (in11 >> 12);
- b[41] = (in11 >> 20);
- b[42] = (in12 >> 0);
- b[43] = (in12 >> 8);
- b[44] = (in12 >> 16);
- b[45] = (in12 >> 24) + ((in13 >> 0) << 4);
- b[46] = (in13 >> 4);
- b[47] = (in13 >> 12);
- b[48] = (in13 >> 20);
- b[49] = (in14 >> 0);
- b[50] = (in14 >> 8);
- b[51] = (in14 >> 16);
- b[52] = (in14 >> 24) + ((in15 >> 0) << 4);
- b[53] = (in15 >> 4);
- b[54] = (in15 >> 12);
- b[55] = (in15 >> 20);
+ b[ 0] = (byte)(in0 >> 0);
+ b[ 1] = (byte)(in0 >> 8);
+ b[ 2] = (byte)(in0 >> 16);
+ b[ 3] = (byte)(in0 >> 24) + ((in1 >> 0) << 4);
+ b[ 4] = (byte)(in1 >> 4);
+ b[ 5] = (byte)(in1 >> 12);
+ b[ 6] = (byte)(in1 >> 20);
+ b[ 7] = (byte)(in2 >> 0);
+ b[ 8] = (byte)(in2 >> 8);
+ b[ 9] = (byte)(in2 >> 16);
+ b[10] = (byte)(in2 >> 24) + ((in3 >> 0) << 4);
+ b[11] = (byte)(in3 >> 4);
+ b[12] = (byte)(in3 >> 12);
+ b[13] = (byte)(in3 >> 20);
+ b[14] = (byte)(in4 >> 0);
+ b[15] = (byte)(in4 >> 8);
+ b[16] = (byte)(in4 >> 16);
+ b[17] = (byte)(in4 >> 24) + ((in5 >> 0) << 4);
+ b[18] = (byte)(in5 >> 4);
+ b[19] = (byte)(in5 >> 12);
+ b[20] = (byte)(in5 >> 20);
+ b[21] = (byte)(in6 >> 0);
+ b[22] = (byte)(in6 >> 8);
+ b[23] = (byte)(in6 >> 16);
+ b[24] = (byte)(in6 >> 24) + ((in7 >> 0) << 4);
+ b[25] = (byte)(in7 >> 4);
+ b[26] = (byte)(in7 >> 12);
+ b[27] = (byte)(in7 >> 20);
+ b[28] = (byte)(in8 >> 0);
+ b[29] = (byte)(in8 >> 8);
+ b[30] = (byte)(in8 >> 16);
+ b[31] = (byte)(in8 >> 24) + ((in9 >> 0) << 4);
+ b[32] = (byte)(in9 >> 4);
+ b[33] = (byte)(in9 >> 12);
+ b[34] = (byte)(in9 >> 20);
+ b[35] = (byte)(in10 >> 0);
+ b[36] = (byte)(in10 >> 8);
+ b[37] = (byte)(in10 >> 16);
+ b[38] = (byte)(in10 >> 24) + ((in11 >> 0) << 4);
+ b[39] = (byte)(in11 >> 4);
+ b[40] = (byte)(in11 >> 12);
+ b[41] = (byte)(in11 >> 20);
+ b[42] = (byte)(in12 >> 0);
+ b[43] = (byte)(in12 >> 8);
+ b[44] = (byte)(in12 >> 16);
+ b[45] = (byte)(in12 >> 24) + ((in13 >> 0) << 4);
+ b[46] = (byte)(in13 >> 4);
+ b[47] = (byte)(in13 >> 12);
+ b[48] = (byte)(in13 >> 20);
+ b[49] = (byte)(in14 >> 0);
+ b[50] = (byte)(in14 >> 8);
+ b[51] = (byte)(in14 >> 16);
+ b[52] = (byte)(in14 >> 24) + ((in15 >> 0) << 4);
+ b[53] = (byte)(in15 >> 4);
+ b[54] = (byte)(in15 >> 12);
+ b[55] = (byte)(in15 >> 20);
}
/* Set the field element to 0.
@@ -1699,7 +1699,7 @@ void fe448_reduce(sword32* a)
o = a[15] >> 28; a[0] += (sword32)o;
a[8] += (sword32)o; a[15] -= (sword32)(o << 28);
}
-/* Mulitply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
+/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -1761,7 +1761,7 @@ void fe448_mul39081(sword32* r, const sword32* a)
r[15] = (sword32)t15;
}
-/* Mulitply two field elements. r = a * b
+/* Multiply two field elements. r = a * b
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -1891,7 +1891,7 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b
r[15] = (sword32)t15;
}
-/* Mulitply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
+/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
*
* r [in] Field element to hold result.
* a [in] Field element to multiply.
@@ -2178,8 +2178,8 @@ int curve448(byte* r, const byte* n, const byte* a)
for (i = 447; i >= 0; --i) {
unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
swap ^= b;
- fe448_cswap(x2, x3, swap);
- fe448_cswap(z2, z3, swap);
+ fe448_cswap(x2, x3, (int)swap);
+ fe448_cswap(z2, z3, (int)swap);
swap = b;
/* Montgomery Ladder - double and add */
@@ -2271,7 +2271,7 @@ void fe448_neg(sword32* r, const sword32* a)
}
/* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calcualting y-ordinate from x-ordinate for Ed448.
+ * Used for calculating y-ordinate from x-ordinate for Ed448.
*
* r [in] Field element to hold result.
* a [in] Field element to exponentiate.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S
index 2cc2c5fd..7f6192ac 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S
@@ -1,5 +1,5 @@
-/* fe_x25519_asm
- *
+/* fe_x25519_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
@@ -116,17 +116,6 @@ L_fe_init_get_flags:
movq %rax, _fe_mul121666_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_sq2_avx2@GOTPCREL(%rip), %rax
-#else
- leaq _fe_sq2_avx2(%rip), %rax
-#endif /* __APPLE__ */
-#ifndef __APPLE__
- movq fe_sq2_p@GOTPCREL(%rip), %rdx
- movq %rax, (%rdx)
-#else
- movq %rax, _fe_sq2_p(%rip)
-#endif /* __APPLE__ */
-#ifndef __APPLE__
movq fe_invert_avx2@GOTPCREL(%rip), %rax
#else
leaq _fe_invert_avx2(%rip), %rax
@@ -148,6 +137,18 @@ L_fe_init_get_flags:
#else
movq %rax, _curve25519_p(%rip)
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+ movq fe_sq2_avx2@GOTPCREL(%rip), %rax
+#else
+ leaq _fe_sq2_avx2(%rip), %rax
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ movq fe_sq2_p@GOTPCREL(%rip), %rdx
+ movq %rax, (%rdx)
+#else
+ movq %rax, _fe_sq2_p(%rip)
+#endif /* __APPLE__ */
#ifndef __APPLE__
movq fe_pow22523_avx2@GOTPCREL(%rip), %rax
#else
@@ -160,82 +161,105 @@ L_fe_init_get_flags:
movq %rax, _fe_pow22523_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_to_p2_avx2@GOTPCREL(%rip), %rax
+ movq ge_p1p1_to_p2_avx2@GOTPCREL(%rip), %rax
+#else
+ leaq _ge_p1p1_to_p2_avx2(%rip), %rax
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ movq ge_p1p1_to_p2_p@GOTPCREL(%rip), %rdx
+ movq %rax, (%rdx)
+#else
+ movq %rax, _ge_p1p1_to_p2_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ movq ge_p1p1_to_p3_avx2@GOTPCREL(%rip), %rax
+#else
+ leaq _ge_p1p1_to_p3_avx2(%rip), %rax
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ movq ge_p1p1_to_p3_p@GOTPCREL(%rip), %rdx
+ movq %rax, (%rdx)
+#else
+ movq %rax, _ge_p1p1_to_p3_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ movq ge_p2_dbl_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_to_p2_avx2(%rip), %rax
+ leaq _ge_p2_dbl_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_to_p2_p@GOTPCREL(%rip), %rdx
+ movq ge_p2_dbl_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_to_p2_p(%rip)
+ movq %rax, _ge_p2_dbl_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_to_p3_avx2@GOTPCREL(%rip), %rax
+ movq ge_madd_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_to_p3_avx2(%rip), %rax
+ leaq _ge_madd_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_to_p3_p@GOTPCREL(%rip), %rdx
+ movq ge_madd_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_to_p3_p(%rip)
+ movq %rax, _ge_madd_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_dbl_avx2@GOTPCREL(%rip), %rax
+ movq ge_msub_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_dbl_avx2(%rip), %rax
+ leaq _ge_msub_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_dbl_p@GOTPCREL(%rip), %rdx
+ movq ge_msub_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_dbl_p(%rip)
+ movq %rax, _ge_msub_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_madd_avx2@GOTPCREL(%rip), %rax
+ movq ge_add_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_madd_avx2(%rip), %rax
+ leaq _ge_add_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_madd_p@GOTPCREL(%rip), %rdx
+ movq ge_add_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_madd_p(%rip)
+ movq %rax, _ge_add_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_msub_avx2@GOTPCREL(%rip), %rax
+ movq ge_sub_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_msub_avx2(%rip), %rax
+ leaq _ge_sub_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_msub_p@GOTPCREL(%rip), %rdx
+ movq ge_sub_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_msub_p(%rip)
+ movq %rax, _ge_sub_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_add_avx2@GOTPCREL(%rip), %rax
+ movq sc_reduce_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_add_avx2(%rip), %rax
+ leaq _sc_reduce_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_add_p@GOTPCREL(%rip), %rdx
+ movq sc_reduce_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_add_p(%rip)
+ movq %rax, _sc_reduce_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_sub_avx2@GOTPCREL(%rip), %rax
+ movq sc_muladd_avx2@GOTPCREL(%rip), %rax
#else
- leaq _fe_ge_sub_avx2(%rip), %rax
+ leaq _sc_muladd_avx2(%rip), %rax
#endif /* __APPLE__ */
#ifndef __APPLE__
- movq fe_ge_sub_p@GOTPCREL(%rip), %rdx
+ movq sc_muladd_p@GOTPCREL(%rip), %rdx
movq %rax, (%rdx)
#else
- movq %rax, _fe_ge_sub_p(%rip)
+ movq %rax, _sc_muladd_p(%rip)
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
L_fe_init_flags_done:
#ifndef __APPLE__
movq cpuFlagsSet@GOTPCREL(%rip), %rdx
@@ -400,21 +424,19 @@ _fe_sub:
movq 16(%rsi), %r8
movq 24(%rsi), %r9
subq (%rdx), %rax
- movq $0x00, %r10
sbbq 8(%rdx), %rcx
- movq $-19, %r11
sbbq 16(%rdx), %r8
- movq $0x7fffffffffffffff, %r12
sbbq 24(%rdx), %r9
- sbbq $0x00, %r10
- # Mask the modulus
- andq %r10, %r11
- andq %r10, %r12
+ sbbq %r11, %r11
+ shldq $0x01, %r9, %r11
+ movq $0x7fffffffffffffff, %r12
+ imulq $-19, %r11
+ andq %r12, %r9
# Add modulus (if underflow)
- addq %r11, %rax
- adcq %r10, %rcx
- adcq %r10, %r8
- adcq %r12, %r9
+ subq %r11, %rax
+ sbbq $0x00, %rcx
+ sbbq $0x00, %r8
+ sbbq $0x00, %r9
movq %rax, (%rdi)
movq %rcx, 8(%rdi)
movq %r8, 16(%rdi)
@@ -443,21 +465,20 @@ _fe_add:
addq (%rdx), %rax
movq 16(%rsi), %r8
adcq 8(%rdx), %rcx
- movq 24(%rsi), %r10
+ movq 24(%rsi), %r9
adcq 16(%rdx), %r8
- movq $-19, %r11
- adcq 24(%rdx), %r10
+ adcq 24(%rdx), %r9
+ movq $0x00, %r11
+ adcq $0x00, %r11
+ shldq $0x01, %r9, %r11
movq $0x7fffffffffffffff, %r12
- movq %r10, %r9
- sarq $63, %r10
- # Mask the modulus
- andq %r10, %r11
- andq %r10, %r12
+ imulq $19, %r11
+ andq %r12, %r9
# Sub modulus (if overflow)
- subq %r11, %rax
- sbbq %r10, %rcx
- sbbq %r10, %r8
- sbbq %r12, %r9
+ addq %r11, %rax
+ adcq $0x00, %rcx
+ adcq $0x00, %r8
+ adcq $0x00, %r9
movq %rax, (%rdi)
movq %rcx, 8(%rdi)
movq %r8, 16(%rdi)
@@ -943,26 +964,6 @@ _fe_mul121666:
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_sq2
-.type fe_sq2,@function
-.align 16
-fe_sq2:
-#else
-.section __TEXT,__text
-.globl _fe_sq2
-.p2align 4
-_fe_sq2:
-#endif /* __APPLE__ */
-#ifndef __APPLE__
- jmpq *fe_sq2_p(%rip)
-#else
- jmpq *_fe_sq2_p(%rip)
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.size fe_sq2,.-fe_sq2
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.text
.globl fe_invert
.type fe_invert,@function
.align 16
@@ -1001,6 +1002,30 @@ _curve25519:
#ifndef __APPLE__
.size curve25519,.-curve25519
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl fe_sq2
+.type fe_sq2,@function
+.align 16
+fe_sq2:
+#else
+.section __TEXT,__text
+.globl _fe_sq2
+.p2align 4
+_fe_sq2:
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ jmpq *fe_sq2_p(%rip)
+#else
+ jmpq *_fe_sq2_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.size fe_sq2,.-fe_sq2
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
.globl fe_pow22523
@@ -1021,147 +1046,207 @@ _fe_pow22523:
#ifndef __APPLE__
.size fe_pow22523,.-fe_pow22523
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_to_p2
-.type fe_ge_to_p2,@function
+.globl ge_p1p1_to_p2
+.type ge_p1p1_to_p2,@function
.align 16
-fe_ge_to_p2:
+ge_p1p1_to_p2:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p2
+.globl _ge_p1p1_to_p2
.p2align 4
-_fe_ge_to_p2:
+_ge_p1p1_to_p2:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_to_p2_p(%rip)
+ jmpq *ge_p1p1_to_p2_p(%rip)
#else
- jmpq *_fe_ge_to_p2_p(%rip)
+ jmpq *_ge_p1p1_to_p2_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_to_p2,.-fe_ge_to_p2
+.size ge_p1p1_to_p2,.-ge_p1p1_to_p2
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_to_p3
-.type fe_ge_to_p3,@function
+.globl ge_p1p1_to_p3
+.type ge_p1p1_to_p3,@function
.align 16
-fe_ge_to_p3:
+ge_p1p1_to_p3:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p3
+.globl _ge_p1p1_to_p3
.p2align 4
-_fe_ge_to_p3:
+_ge_p1p1_to_p3:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_to_p3_p(%rip)
+ jmpq *ge_p1p1_to_p3_p(%rip)
#else
- jmpq *_fe_ge_to_p3_p(%rip)
+ jmpq *_ge_p1p1_to_p3_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_to_p3,.-fe_ge_to_p3
+.size ge_p1p1_to_p3,.-ge_p1p1_to_p3
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_dbl
-.type fe_ge_dbl,@function
+.globl ge_p2_dbl
+.type ge_p2_dbl,@function
.align 16
-fe_ge_dbl:
+ge_p2_dbl:
#else
.section __TEXT,__text
-.globl _fe_ge_dbl
+.globl _ge_p2_dbl
.p2align 4
-_fe_ge_dbl:
+_ge_p2_dbl:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_dbl_p(%rip)
+ jmpq *ge_p2_dbl_p(%rip)
#else
- jmpq *_fe_ge_dbl_p(%rip)
+ jmpq *_ge_p2_dbl_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_dbl,.-fe_ge_dbl
+.size ge_p2_dbl,.-ge_p2_dbl
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_madd
-.type fe_ge_madd,@function
+.globl ge_madd
+.type ge_madd,@function
.align 16
-fe_ge_madd:
+ge_madd:
#else
.section __TEXT,__text
-.globl _fe_ge_madd
+.globl _ge_madd
.p2align 4
-_fe_ge_madd:
+_ge_madd:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_madd_p(%rip)
+ jmpq *ge_madd_p(%rip)
#else
- jmpq *_fe_ge_madd_p(%rip)
+ jmpq *_ge_madd_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_madd,.-fe_ge_madd
+.size ge_madd,.-ge_madd
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_msub
-.type fe_ge_msub,@function
+.globl ge_msub
+.type ge_msub,@function
.align 16
-fe_ge_msub:
+ge_msub:
#else
.section __TEXT,__text
-.globl _fe_ge_msub
+.globl _ge_msub
.p2align 4
-_fe_ge_msub:
+_ge_msub:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_msub_p(%rip)
+ jmpq *ge_msub_p(%rip)
#else
- jmpq *_fe_ge_msub_p(%rip)
+ jmpq *_ge_msub_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_msub,.-fe_ge_msub
+.size ge_msub,.-ge_msub
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_add
-.type fe_ge_add,@function
+.globl ge_add
+.type ge_add,@function
.align 16
-fe_ge_add:
+ge_add:
#else
.section __TEXT,__text
-.globl _fe_ge_add
+.globl _ge_add
.p2align 4
-_fe_ge_add:
+_ge_add:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_add_p(%rip)
+ jmpq *ge_add_p(%rip)
#else
- jmpq *_fe_ge_add_p(%rip)
+ jmpq *_ge_add_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_add,.-fe_ge_add
+.size ge_add,.-ge_add
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
-.globl fe_ge_sub
-.type fe_ge_sub,@function
+.globl ge_sub
+.type ge_sub,@function
.align 16
-fe_ge_sub:
+ge_sub:
#else
.section __TEXT,__text
-.globl _fe_ge_sub
+.globl _ge_sub
.p2align 4
-_fe_ge_sub:
+_ge_sub:
#endif /* __APPLE__ */
#ifndef __APPLE__
- jmpq *fe_ge_sub_p(%rip)
+ jmpq *ge_sub_p(%rip)
#else
- jmpq *_fe_ge_sub_p(%rip)
+ jmpq *_ge_sub_p(%rip)
#endif /* __APPLE__ */
#ifndef __APPLE__
-.size fe_ge_sub,.-fe_ge_sub
+.size ge_sub,.-ge_sub
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl sc_reduce
+.type sc_reduce,@function
+.align 16
+sc_reduce:
+#else
+.section __TEXT,__text
+.globl _sc_reduce
+.p2align 4
+_sc_reduce:
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+ jmpq *sc_reduce_p(%rip)
+#else
+ jmpq *_sc_reduce_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.size sc_reduce,.-sc_reduce
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl sc_muladd
+.type sc_muladd,@function
+.align 16
+sc_muladd:
+#else
+.section __TEXT,__text
+.globl _sc_muladd
+.p2align 4
+_sc_muladd:
#endif /* __APPLE__ */
#ifndef __APPLE__
+ jmpq *sc_muladd_p(%rip)
+#else
+ jmpq *_sc_muladd_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.size sc_muladd,.-sc_muladd
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#endif /* HAVE_ED25519 */
+#ifndef __APPLE__
.data
.type cpuFlagsSet, @object
.size cpuFlagsSet,4
@@ -1223,18 +1308,6 @@ _fe_mul121666_p:
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_sq2_p, @object
-.size fe_sq2_p,8
-fe_sq2_p:
- .quad fe_sq2_x64
-#else
-.section __DATA,__data
-.p2align 2
-_fe_sq2_p:
- .quad _fe_sq2_x64
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.data
.type fe_invert_p, @object
.size fe_invert_p,8
fe_invert_p:
@@ -1257,6 +1330,19 @@ curve25519_p:
_curve25519_p:
.quad _curve25519_x64
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.data
+.type fe_sq2_p, @object
+.size fe_sq2_p,8
+fe_sq2_p:
+ .quad fe_sq2_x64
+#else
+.section __DATA,__data
+.p2align 2
+_fe_sq2_p:
+ .quad _fe_sq2_x64
+#endif /* __APPLE__ */
#ifndef __APPLE__
.data
.type fe_pow22523_p, @object
@@ -1271,88 +1357,113 @@ _fe_pow22523_p:
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_to_p2_p, @object
-.size fe_ge_to_p2_p,8
-fe_ge_to_p2_p:
- .quad fe_ge_to_p2_x64
+.type ge_p1p1_to_p2_p, @object
+.size ge_p1p1_to_p2_p,8
+ge_p1p1_to_p2_p:
+ .quad ge_p1p1_to_p2_x64
+#else
+.section __DATA,__data
+.p2align 2
+_ge_p1p1_to_p2_p:
+ .quad _ge_p1p1_to_p2_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.data
+.type ge_p1p1_to_p3_p, @object
+.size ge_p1p1_to_p3_p,8
+ge_p1p1_to_p3_p:
+ .quad ge_p1p1_to_p3_x64
+#else
+.section __DATA,__data
+.p2align 2
+_ge_p1p1_to_p3_p:
+ .quad _ge_p1p1_to_p3_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.data
+.type ge_p2_dbl_p, @object
+.size ge_p2_dbl_p,8
+ge_p2_dbl_p:
+ .quad ge_p2_dbl_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_to_p2_p:
- .quad _fe_ge_to_p2_x64
+_ge_p2_dbl_p:
+ .quad _ge_p2_dbl_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_to_p3_p, @object
-.size fe_ge_to_p3_p,8
-fe_ge_to_p3_p:
- .quad fe_ge_to_p3_x64
+.type ge_madd_p, @object
+.size ge_madd_p,8
+ge_madd_p:
+ .quad ge_madd_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_to_p3_p:
- .quad _fe_ge_to_p3_x64
+_ge_madd_p:
+ .quad _ge_madd_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_dbl_p, @object
-.size fe_ge_dbl_p,8
-fe_ge_dbl_p:
- .quad fe_ge_dbl_x64
+.type ge_msub_p, @object
+.size ge_msub_p,8
+ge_msub_p:
+ .quad ge_msub_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_dbl_p:
- .quad _fe_ge_dbl_x64
+_ge_msub_p:
+ .quad _ge_msub_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_madd_p, @object
-.size fe_ge_madd_p,8
-fe_ge_madd_p:
- .quad fe_ge_madd_x64
+.type ge_add_p, @object
+.size ge_add_p,8
+ge_add_p:
+ .quad ge_add_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_madd_p:
- .quad _fe_ge_madd_x64
+_ge_add_p:
+ .quad _ge_add_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_msub_p, @object
-.size fe_ge_msub_p,8
-fe_ge_msub_p:
- .quad fe_ge_msub_x64
+.type ge_sub_p, @object
+.size ge_sub_p,8
+ge_sub_p:
+ .quad ge_sub_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_msub_p:
- .quad _fe_ge_msub_x64
+_ge_sub_p:
+ .quad _ge_sub_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_add_p, @object
-.size fe_ge_add_p,8
-fe_ge_add_p:
- .quad fe_ge_add_x64
+.type sc_reduce_p, @object
+.size sc_reduce_p,8
+sc_reduce_p:
+ .quad sc_reduce_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_add_p:
- .quad _fe_ge_add_x64
+_sc_reduce_p:
+ .quad _sc_reduce_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.data
-.type fe_ge_sub_p, @object
-.size fe_ge_sub_p,8
-fe_ge_sub_p:
- .quad fe_ge_sub_x64
+.type sc_muladd_p, @object
+.size sc_muladd_p,8
+sc_muladd_p:
+ .quad sc_muladd_x64
#else
.section __DATA,__data
.p2align 2
-_fe_ge_sub_p:
- .quad _fe_ge_sub_x64
+_sc_muladd_p:
+ .quad _sc_muladd_x64
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
#ifndef __APPLE__
.text
.globl fe_mul_x64
@@ -1470,55 +1581,43 @@ _fe_mul_x64:
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbx, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbx
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %r8
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbx, %r8
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
+ movq $0x7fffffffffffffff, %rbx
+ movq %r11, %rax
+ sarq $63, %rax
+ andq $19, %rax
andq %rbx, %r11
addq %rax, %r8
adcq $0x00, %r9
adcq $0x00, %r10
adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %r8, (%rdi)
movq %r9, 8(%rdi)
@@ -1621,55 +1720,43 @@ _fe_sq_x64:
addq %r15, %r12
adcq $0x00, %r13
adcq $0x00, %r14
- # Reduce
+ movq $38, %rax
+ mulq %r14
+ addq %rax, %r10
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %r15
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- shldq $0x01, %r10, %r11
+ shldq $0x01, %r10, %rdx
+ imulq $19, %rdx, %rdx
andq %r15, %r10
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %r15
+ movq $38, %rax
mulq %r11
xorq %r11, %r11
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r11
mulq %r12
xorq %r12, %r12
addq %rax, %r8
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
adcq %rdx, %r13
- mulq %r14
- # Add remaining product results in
- addq %r11, %r8
+ addq %r15, %rcx
+ adcq %r11, %r8
adcq %r12, %r9
adcq %r13, %r10
- adcq %rax, %r10
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r10, %rdx
- imulq $19, %rdx, %rax
+ movq $0x7fffffffffffffff, %r15
+ movq %r10, %rax
+ sarq $63, %rax
+ andq $19, %rax
andq %r15, %r10
addq %rax, %rcx
adcq $0x00, %r8
adcq $0x00, %r9
adcq $0x00, %r10
- # Reduce if top bit set
- movq %r10, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %r15, %r10
- addq %rdx, %rcx
- adcq $0x00, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
# Store
movq %rcx, (%rdi)
movq %r8, 8(%rdi)
@@ -1774,55 +1861,34 @@ L_fe_sq_n_x64:
addq %rbx, %r13
adcq $0x00, %r14
adcq $0x00, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbx, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbx
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %r8
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbx, %r8
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %r8, (%rdi)
movq %r9, 8(%rdi)
@@ -1892,169 +1958,6 @@ _fe_mul121666_x64:
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_sq2_x64
-.type fe_sq2_x64,@function
-.align 16
-fe_sq2_x64:
-#else
-.section __TEXT,__text
-.globl _fe_sq2_x64
-.p2align 4
-_fe_sq2_x64:
-#endif /* __APPLE__ */
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
- pushq %rbx
- # Square * 2
- # A[0] * A[1]
- movq (%rsi), %rax
- mulq 8(%rsi)
- movq %rax, %r8
- movq %rdx, %r9
- # A[0] * A[2]
- movq (%rsi), %rax
- mulq 16(%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[0] * A[3]
- movq (%rsi), %rax
- mulq 24(%rsi)
- xorq %r11, %r11
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * A[2]
- movq 8(%rsi), %rax
- mulq 16(%rsi)
- xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[1] * A[3]
- movq 8(%rsi), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- # A[2] * A[3]
- movq 16(%rsi), %rax
- mulq 24(%rsi)
- xorq %r13, %r13
- addq %rax, %r12
- adcq %rdx, %r13
- # Double
- xorq %r14, %r14
- addq %r8, %r8
- adcq %r9, %r9
- adcq %r10, %r10
- adcq %r11, %r11
- adcq %r12, %r12
- adcq %r13, %r13
- adcq $0x00, %r14
- # A[0] * A[0]
- movq (%rsi), %rax
- mulq %rax
- movq %rax, %rcx
- movq %rdx, %r15
- # A[1] * A[1]
- movq 8(%rsi), %rax
- mulq %rax
- addq %r15, %r8
- adcq %rax, %r9
- adcq $0x00, %rdx
- movq %rdx, %r15
- # A[2] * A[2]
- movq 16(%rsi), %rax
- mulq %rax
- addq %r15, %r10
- adcq %rax, %r11
- adcq $0x00, %rdx
- movq %rdx, %r15
- # A[3] * A[3]
- movq 24(%rsi), %rax
- mulq %rax
- addq %rax, %r13
- adcq %rdx, %r14
- addq %r15, %r12
- adcq $0x00, %r13
- adcq $0x00, %r14
- # Reduce
- movq $0x7fffffffffffffff, %rbx
- xorq %rax, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $3, %r14, %rax
- shldq $2, %r13, %r14
- shldq $2, %r12, %r13
- shldq $2, %r11, %r12
- shldq $2, %r10, %r11
- shldq $0x01, %r9, %r10
- shldq $0x01, %r8, %r9
- shldq $0x01, %rcx, %r8
- shlq $0x01, %rcx
- andq %rbx, %r10
- # Two out left, one in right
- andq %rbx, %r14
- # Multiply top bits by 19*19
- imulq $0x169, %rax, %r15
- # Multiply top half by 19
- movq $19, %rax
- mulq %r11
- xorq %r11, %r11
- addq %rax, %rcx
- movq $19, %rax
- adcq %rdx, %r11
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
- mulq %r14
- # Add remaining produce results in
- addq %r15, %rcx
- adcq %r11, %r8
- adcq %r12, %r9
- adcq %r13, %r10
- adcq %rax, %r10
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r10, %rdx
- imulq $19, %rdx, %rax
- andq %rbx, %r10
- addq %rax, %rcx
- adcq $0x00, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- # Reduce if top bit set
- movq %r10, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r10
- addq %rdx, %rcx
- adcq $0x00, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- # Store
- movq %rcx, (%rdi)
- movq %r8, 8(%rdi)
- movq %r9, 16(%rdi)
- movq %r10, 24(%rdi)
- popq %rbx
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- repz retq
-#ifndef __APPLE__
-.size fe_sq2_x64,.-fe_sq2_x64
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.text
.globl fe_invert_x64
.type fe_invert_x64,@function
.align 16
@@ -2328,9 +2231,9 @@ _curve25519_x64:
pushq %rbx
pushq %rbp
movq %rdx, %r8
- subq $0xb8, %rsp
+ subq $0xb0, %rsp
xorq %rbx, %rbx
- movq %rdi, 176(%rsp)
+ movq %rdi, 168(%rsp)
# Set one
movq $0x01, (%rdi)
movq $0x00, 8(%rdi)
@@ -2355,12 +2258,12 @@ _curve25519_x64:
movq %r9, 72(%rsp)
movq %r10, 80(%rsp)
movq %r11, 88(%rsp)
- movb $62, 168(%rsp)
- movq $3, 160(%rsp)
-L_curve25519_x64_words:
+ movq $0xfe, %r9
L_curve25519_x64_bits:
- movq 160(%rsp), %r9
- movb 168(%rsp), %cl
+ movq %r9, 160(%rsp)
+ movq %r9, %rcx
+ andq $63, %rcx
+ shrq $6, %r9
movq (%rsi,%r9,8), %rbp
shrq %cl, %rbp
andq $0x01, %rbp
@@ -2409,48 +2312,45 @@ L_curve25519_x64_bits:
xorq %r10, 48(%rsp)
xorq %r11, 56(%rsp)
movq %rbp, %rbx
+ # Add-Sub
# Add
movq (%rdi), %rcx
movq 8(%rdi), %r9
movq 16(%rdi), %r10
- movq 24(%rdi), %rbp
+ movq 24(%rdi), %r11
movq %rcx, %r12
addq (%rsp), %rcx
movq %r9, %r13
adcq 8(%rsp), %r9
movq %r10, %r14
adcq 16(%rsp), %r10
- movq %rbp, %r15
- adcq 24(%rsp), %rbp
- movq $-19, %rax
- movq %rbp, %r11
+ movq %r11, %r15
+ adcq 24(%rsp), %r11
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r11, %rax
movq $0x7fffffffffffffff, %rdx
- sarq $63, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ imulq $19, %rax
+ andq %rdx, %r11
# Sub modulus (if overflow)
- subq %rax, %rcx
- sbbq %rbp, %r9
- sbbq %rbp, %r10
- sbbq %rdx, %r11
+ addq %rax, %rcx
+ adcq $0x00, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
# Sub
subq (%rsp), %r12
- movq $0x00, %rbp
sbbq 8(%rsp), %r13
- movq $-19, %rax
sbbq 16(%rsp), %r14
- movq $0x7fffffffffffffff, %rdx
sbbq 24(%rsp), %r15
- sbbq $0x00, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ sbbq %rax, %rax
+ shldq $0x01, %r15, %rax
+ imulq $-19, %rax
+ andq %rdx, %r15
# Add modulus (if underflow)
- addq %rax, %r12
- adcq %rbp, %r13
- adcq %rbp, %r14
- adcq %rdx, %r15
+ subq %rax, %r12
+ sbbq $0x00, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
movq %rcx, (%rdi)
movq %r9, 8(%rdi)
movq %r10, 16(%rdi)
@@ -2459,204 +2359,180 @@ L_curve25519_x64_bits:
movq %r13, 136(%rsp)
movq %r14, 144(%rsp)
movq %r15, 152(%rsp)
+ # Add-Sub
# Add
movq 64(%rsp), %rcx
movq 72(%rsp), %r9
movq 80(%rsp), %r10
- movq 88(%rsp), %rbp
+ movq 88(%rsp), %r11
movq %rcx, %r12
addq 32(%rsp), %rcx
movq %r9, %r13
adcq 40(%rsp), %r9
movq %r10, %r14
adcq 48(%rsp), %r10
- movq %rbp, %r15
- adcq 56(%rsp), %rbp
- movq $-19, %rax
- movq %rbp, %r11
+ movq %r11, %r15
+ adcq 56(%rsp), %r11
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r11, %rax
movq $0x7fffffffffffffff, %rdx
- sarq $63, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ imulq $19, %rax
+ andq %rdx, %r11
# Sub modulus (if overflow)
- subq %rax, %rcx
- sbbq %rbp, %r9
- sbbq %rbp, %r10
- sbbq %rdx, %r11
+ addq %rax, %rcx
+ adcq $0x00, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
# Sub
subq 32(%rsp), %r12
- movq $0x00, %rbp
sbbq 40(%rsp), %r13
- movq $-19, %rax
sbbq 48(%rsp), %r14
- movq $0x7fffffffffffffff, %rdx
sbbq 56(%rsp), %r15
- sbbq $0x00, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ sbbq %rax, %rax
+ shldq $0x01, %r15, %rax
+ imulq $-19, %rax
+ andq %rdx, %r15
# Add modulus (if underflow)
- addq %rax, %r12
- adcq %rbp, %r13
- adcq %rbp, %r14
- adcq %rdx, %r15
- movq %rcx, (%rsp)
- movq %r9, 8(%rsp)
- movq %r10, 16(%rsp)
- movq %r11, 24(%rsp)
+ subq %rax, %r12
+ sbbq $0x00, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
+ movq %rcx, 32(%rsp)
+ movq %r9, 40(%rsp)
+ movq %r10, 48(%rsp)
+ movq %r11, 56(%rsp)
movq %r12, 96(%rsp)
movq %r13, 104(%rsp)
movq %r14, 112(%rsp)
movq %r15, 120(%rsp)
# Multiply
# A[0] * B[0]
- movq (%rdi), %rax
- mulq 96(%rsp)
+ movq 128(%rsp), %rax
+ mulq 32(%rsp)
movq %rax, %rcx
movq %rdx, %r9
# A[0] * B[1]
- movq 8(%rdi), %rax
- mulq 96(%rsp)
+ movq 136(%rsp), %rax
+ mulq 32(%rsp)
xorq %r10, %r10
addq %rax, %r9
adcq %rdx, %r10
# A[1] * B[0]
- movq (%rdi), %rax
- mulq 104(%rsp)
+ movq 128(%rsp), %rax
+ mulq 40(%rsp)
xorq %r11, %r11
addq %rax, %r9
adcq %rdx, %r10
adcq $0x00, %r11
# A[0] * B[2]
- movq 16(%rdi), %rax
- mulq 96(%rsp)
+ movq 144(%rsp), %rax
+ mulq 32(%rsp)
addq %rax, %r10
adcq %rdx, %r11
# A[1] * B[1]
- movq 8(%rdi), %rax
- mulq 104(%rsp)
+ movq 136(%rsp), %rax
+ mulq 40(%rsp)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[2] * B[0]
- movq (%rdi), %rax
- mulq 112(%rsp)
+ movq 128(%rsp), %rax
+ mulq 48(%rsp)
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[0] * B[3]
- movq 24(%rdi), %rax
- mulq 96(%rsp)
+ movq 152(%rsp), %rax
+ mulq 32(%rsp)
xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[2]
- movq 16(%rdi), %rax
- mulq 104(%rsp)
+ movq 144(%rsp), %rax
+ mulq 40(%rsp)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[2] * B[1]
- movq 8(%rdi), %rax
- mulq 112(%rsp)
+ movq 136(%rsp), %rax
+ mulq 48(%rsp)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[3] * B[0]
- movq (%rdi), %rax
- mulq 120(%rsp)
+ movq 128(%rsp), %rax
+ mulq 56(%rsp)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[3]
- movq 24(%rdi), %rax
- mulq 104(%rsp)
+ movq 152(%rsp), %rax
+ mulq 40(%rsp)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[2]
- movq 16(%rdi), %rax
- mulq 112(%rsp)
+ movq 144(%rsp), %rax
+ mulq 48(%rsp)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[3] * B[1]
- movq 8(%rdi), %rax
- mulq 120(%rsp)
+ movq 136(%rsp), %rax
+ mulq 56(%rsp)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[3]
- movq 24(%rdi), %rax
- mulq 112(%rsp)
+ movq 152(%rsp), %rax
+ mulq 48(%rsp)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[2]
- movq 16(%rdi), %rax
- mulq 120(%rsp)
+ movq 144(%rsp), %rax
+ mulq 56(%rsp)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[3]
- movq 24(%rdi), %rax
- mulq 120(%rsp)
+ movq 152(%rsp), %rax
+ mulq 56(%rsp)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, 32(%rsp)
movq %r9, 40(%rsp)
@@ -2664,152 +2540,131 @@ L_curve25519_x64_bits:
movq %r11, 56(%rsp)
# Multiply
# A[0] * B[0]
- movq 128(%rsp), %rax
- mulq (%rsp)
+ movq (%rdi), %rax
+ mulq 96(%rsp)
movq %rax, %rcx
movq %rdx, %r9
# A[0] * B[1]
- movq 136(%rsp), %rax
- mulq (%rsp)
+ movq 8(%rdi), %rax
+ mulq 96(%rsp)
xorq %r10, %r10
addq %rax, %r9
adcq %rdx, %r10
# A[1] * B[0]
- movq 128(%rsp), %rax
- mulq 8(%rsp)
+ movq (%rdi), %rax
+ mulq 104(%rsp)
xorq %r11, %r11
addq %rax, %r9
adcq %rdx, %r10
adcq $0x00, %r11
# A[0] * B[2]
- movq 144(%rsp), %rax
- mulq (%rsp)
+ movq 16(%rdi), %rax
+ mulq 96(%rsp)
addq %rax, %r10
adcq %rdx, %r11
# A[1] * B[1]
- movq 136(%rsp), %rax
- mulq 8(%rsp)
+ movq 8(%rdi), %rax
+ mulq 104(%rsp)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[2] * B[0]
- movq 128(%rsp), %rax
- mulq 16(%rsp)
+ movq (%rdi), %rax
+ mulq 112(%rsp)
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[0] * B[3]
- movq 152(%rsp), %rax
- mulq (%rsp)
+ movq 24(%rdi), %rax
+ mulq 96(%rsp)
xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[2]
- movq 144(%rsp), %rax
- mulq 8(%rsp)
+ movq 16(%rdi), %rax
+ mulq 104(%rsp)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[2] * B[1]
- movq 136(%rsp), %rax
- mulq 16(%rsp)
+ movq 8(%rdi), %rax
+ mulq 112(%rsp)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[3] * B[0]
- movq 128(%rsp), %rax
- mulq 24(%rsp)
+ movq (%rdi), %rax
+ mulq 120(%rsp)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[3]
- movq 152(%rsp), %rax
- mulq 8(%rsp)
+ movq 24(%rdi), %rax
+ mulq 104(%rsp)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[2]
- movq 144(%rsp), %rax
- mulq 16(%rsp)
+ movq 16(%rdi), %rax
+ mulq 112(%rsp)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[3] * B[1]
- movq 136(%rsp), %rax
- mulq 24(%rsp)
+ movq 8(%rdi), %rax
+ mulq 120(%rsp)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[3]
- movq 152(%rsp), %rax
- mulq 16(%rsp)
+ movq 24(%rdi), %rax
+ mulq 112(%rsp)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[2]
- movq 144(%rsp), %rax
- mulq 24(%rsp)
+ movq 16(%rdi), %rax
+ mulq 120(%rsp)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[3]
- movq 152(%rsp), %rax
- mulq 24(%rsp)
+ movq 24(%rdi), %rax
+ mulq 120(%rsp)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, (%rsp)
movq %r9, 8(%rsp)
@@ -2887,55 +2742,34 @@ L_curve25519_x64_bits:
addq %rbp, %r13
adcq $0x00, %r14
adcq $0x00, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, 96(%rsp)
movq %r9, 104(%rsp)
@@ -3013,110 +2847,86 @@ L_curve25519_x64_bits:
addq %rbp, %r13
adcq $0x00, %r14
adcq $0x00, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, 128(%rsp)
movq %r9, 136(%rsp)
movq %r10, 144(%rsp)
movq %r11, 152(%rsp)
+ # Add-Sub
# Add
- movq 32(%rsp), %rcx
- movq 40(%rsp), %r9
- movq 48(%rsp), %r10
- movq 56(%rsp), %rbp
+ movq (%rsp), %rcx
+ movq 8(%rsp), %r9
+ movq 16(%rsp), %r10
+ movq 24(%rsp), %r11
movq %rcx, %r12
- addq (%rsp), %rcx
+ addq 32(%rsp), %rcx
movq %r9, %r13
- adcq 8(%rsp), %r9
+ adcq 40(%rsp), %r9
movq %r10, %r14
- adcq 16(%rsp), %r10
- movq %rbp, %r15
- adcq 24(%rsp), %rbp
- movq $-19, %rax
- movq %rbp, %r11
+ adcq 48(%rsp), %r10
+ movq %r11, %r15
+ adcq 56(%rsp), %r11
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r11, %rax
movq $0x7fffffffffffffff, %rdx
- sarq $63, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ imulq $19, %rax
+ andq %rdx, %r11
# Sub modulus (if overflow)
- subq %rax, %rcx
- sbbq %rbp, %r9
- sbbq %rbp, %r10
- sbbq %rdx, %r11
+ addq %rax, %rcx
+ adcq $0x00, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
# Sub
- subq (%rsp), %r12
- movq $0x00, %rbp
- sbbq 8(%rsp), %r13
- movq $-19, %rax
- sbbq 16(%rsp), %r14
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rsp), %r15
- sbbq $0x00, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ subq 32(%rsp), %r12
+ sbbq 40(%rsp), %r13
+ sbbq 48(%rsp), %r14
+ sbbq 56(%rsp), %r15
+ sbbq %rax, %rax
+ shldq $0x01, %r15, %rax
+ imulq $-19, %rax
+ andq %rdx, %r15
# Add modulus (if underflow)
- addq %rax, %r12
- adcq %rbp, %r13
- adcq %rbp, %r14
- adcq %rdx, %r15
+ subq %rax, %r12
+ sbbq $0x00, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
movq %rcx, 64(%rsp)
movq %r9, 72(%rsp)
movq %r10, 80(%rsp)
movq %r11, 88(%rsp)
- movq %r12, (%rsp)
- movq %r13, 8(%rsp)
- movq %r14, 16(%rsp)
- movq %r15, 24(%rsp)
+ movq %r12, 32(%rsp)
+ movq %r13, 40(%rsp)
+ movq %r14, 48(%rsp)
+ movq %r15, 56(%rsp)
# Multiply
# A[0] * B[0]
movq 96(%rsp), %rax
@@ -3216,55 +3026,34 @@ L_curve25519_x64_bits:
mulq 152(%rsp)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, (%rdi)
movq %r9, 8(%rdi)
@@ -3276,58 +3065,56 @@ L_curve25519_x64_bits:
movq 144(%rsp), %r10
movq 152(%rsp), %r11
subq 96(%rsp), %rcx
- movq $0x00, %rbp
sbbq 104(%rsp), %r9
- movq $-19, %rax
sbbq 112(%rsp), %r10
- movq $0x7fffffffffffffff, %rdx
sbbq 120(%rsp), %r11
- sbbq $0x00, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ sbbq %rax, %rax
+ shldq $0x01, %r11, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $-19, %rax
+ andq %rdx, %r11
# Add modulus (if underflow)
- addq %rax, %rcx
- adcq %rbp, %r9
- adcq %rbp, %r10
- adcq %rdx, %r11
+ subq %rax, %rcx
+ sbbq $0x00, %r9
+ sbbq $0x00, %r10
+ sbbq $0x00, %r11
movq %rcx, 128(%rsp)
movq %r9, 136(%rsp)
movq %r10, 144(%rsp)
movq %r11, 152(%rsp)
# Square
# A[0] * A[1]
- movq (%rsp), %rax
- mulq 8(%rsp)
+ movq 32(%rsp), %rax
+ mulq 40(%rsp)
movq %rax, %r9
movq %rdx, %r10
# A[0] * A[2]
- movq (%rsp), %rax
- mulq 16(%rsp)
+ movq 32(%rsp), %rax
+ mulq 48(%rsp)
xorq %r11, %r11
addq %rax, %r10
adcq %rdx, %r11
# A[0] * A[3]
- movq (%rsp), %rax
- mulq 24(%rsp)
+ movq 32(%rsp), %rax
+ mulq 56(%rsp)
xorq %r12, %r12
addq %rax, %r11
adcq %rdx, %r12
# A[1] * A[2]
- movq 8(%rsp), %rax
- mulq 16(%rsp)
+ movq 40(%rsp), %rax
+ mulq 48(%rsp)
xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * A[3]
- movq 8(%rsp), %rax
- mulq 24(%rsp)
+ movq 40(%rsp), %rax
+ mulq 56(%rsp)
addq %rax, %r12
adcq %rdx, %r13
# A[2] * A[3]
- movq 16(%rsp), %rax
- mulq 24(%rsp)
+ movq 48(%rsp), %rax
+ mulq 56(%rsp)
xorq %r14, %r14
addq %rax, %r13
adcq %rdx, %r14
@@ -3341,86 +3128,65 @@ L_curve25519_x64_bits:
adcq %r14, %r14
adcq $0x00, %r15
# A[0] * A[0]
- movq (%rsp), %rax
+ movq 32(%rsp), %rax
mulq %rax
movq %rax, %rcx
movq %rdx, %rbp
# A[1] * A[1]
- movq 8(%rsp), %rax
+ movq 40(%rsp), %rax
mulq %rax
addq %rbp, %r9
adcq %rax, %r10
adcq $0x00, %rdx
movq %rdx, %rbp
# A[2] * A[2]
- movq 16(%rsp), %rax
+ movq 48(%rsp), %rax
mulq %rax
addq %rbp, %r11
adcq %rax, %r12
adcq $0x00, %rdx
movq %rdx, %rbp
# A[3] * A[3]
- movq 24(%rsp), %rax
+ movq 56(%rsp), %rax
mulq %rax
addq %rax, %r14
adcq %rdx, %r15
addq %rbp, %r13
adcq $0x00, %r14
adcq $0x00, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
- movq %rcx, (%rsp)
- movq %r9, 8(%rsp)
- movq %r10, 16(%rsp)
- movq %r11, 24(%rsp)
+ movq %rcx, 32(%rsp)
+ movq %r9, 40(%rsp)
+ movq %r10, 48(%rsp)
+ movq %r11, 56(%rsp)
# Multiply by 121666
movq $0x1db42, %rax
mulq 128(%rsp)
@@ -3450,10 +3216,10 @@ L_curve25519_x64_bits:
adcq $0x00, %r9
adcq $0x00, %r10
adcq $0x00, %r11
- movq %rcx, 32(%rsp)
- movq %r9, 40(%rsp)
- movq %r10, 48(%rsp)
- movq %r11, 56(%rsp)
+ movq %rcx, (%rsp)
+ movq %r9, 8(%rsp)
+ movq %r10, 16(%rsp)
+ movq %r11, 24(%rsp)
# Square
# A[0] * A[1]
movq 64(%rsp), %rax
@@ -3526,55 +3292,34 @@ L_curve25519_x64_bits:
addq %rbp, %r13
adcq $0x00, %r14
adcq $0x00, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, 64(%rsp)
movq %r9, 72(%rsp)
@@ -3583,176 +3328,154 @@ L_curve25519_x64_bits:
# Add
movq 96(%rsp), %rcx
movq 104(%rsp), %r9
- addq 32(%rsp), %rcx
+ addq (%rsp), %rcx
movq 112(%rsp), %r10
- adcq 40(%rsp), %r9
- movq 120(%rsp), %rbp
- adcq 48(%rsp), %r10
- movq $-19, %rax
- adcq 56(%rsp), %rbp
+ adcq 8(%rsp), %r9
+ movq 120(%rsp), %r11
+ adcq 16(%rsp), %r10
+ adcq 24(%rsp), %r11
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r11, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rbp, %r11
- sarq $63, %rbp
- # Mask the modulus
- andq %rbp, %rax
- andq %rbp, %rdx
+ imulq $19, %rax
+ andq %rdx, %r11
# Sub modulus (if overflow)
- subq %rax, %rcx
- sbbq %rbp, %r9
- sbbq %rbp, %r10
- sbbq %rdx, %r11
+ addq %rax, %rcx
+ adcq $0x00, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
movq %rcx, 96(%rsp)
movq %r9, 104(%rsp)
movq %r10, 112(%rsp)
movq %r11, 120(%rsp)
# Multiply
# A[0] * B[0]
- movq (%rsp), %rax
+ movq 32(%rsp), %rax
mulq (%r8)
movq %rax, %rcx
movq %rdx, %r9
# A[0] * B[1]
- movq 8(%rsp), %rax
+ movq 40(%rsp), %rax
mulq (%r8)
xorq %r10, %r10
addq %rax, %r9
adcq %rdx, %r10
# A[1] * B[0]
- movq (%rsp), %rax
+ movq 32(%rsp), %rax
mulq 8(%r8)
xorq %r11, %r11
addq %rax, %r9
adcq %rdx, %r10
adcq $0x00, %r11
# A[0] * B[2]
- movq 16(%rsp), %rax
+ movq 48(%rsp), %rax
mulq (%r8)
addq %rax, %r10
adcq %rdx, %r11
# A[1] * B[1]
- movq 8(%rsp), %rax
+ movq 40(%rsp), %rax
mulq 8(%r8)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[2] * B[0]
- movq (%rsp), %rax
+ movq 32(%rsp), %rax
mulq 16(%r8)
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[0] * B[3]
- movq 24(%rsp), %rax
+ movq 56(%rsp), %rax
mulq (%r8)
xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[2]
- movq 16(%rsp), %rax
+ movq 48(%rsp), %rax
mulq 8(%r8)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[2] * B[1]
- movq 8(%rsp), %rax
+ movq 40(%rsp), %rax
mulq 16(%r8)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[3] * B[0]
- movq (%rsp), %rax
+ movq 32(%rsp), %rax
mulq 24(%r8)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[3]
- movq 24(%rsp), %rax
+ movq 56(%rsp), %rax
mulq 8(%r8)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[2]
- movq 16(%rsp), %rax
+ movq 48(%rsp), %rax
mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[3] * B[1]
- movq 8(%rsp), %rax
+ movq 40(%rsp), %rax
mulq 24(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[3]
- movq 24(%rsp), %rax
+ movq 56(%rsp), %rax
mulq 16(%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[2]
- movq 16(%rsp), %rax
+ movq 48(%rsp), %rax
mulq 24(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[3]
- movq 24(%rsp), %rax
+ movq 56(%rsp), %rax
mulq 24(%r8)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, 32(%rsp)
movq %r9, 40(%rsp)
@@ -3857,65 +3580,42 @@ L_curve25519_x64_bits:
mulq 152(%rsp)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbp, %r11
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbp, %r11
- addq %rdx, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
# Store
movq %rcx, (%rsp)
movq %r9, 8(%rsp)
movq %r10, 16(%rsp)
movq %r11, 24(%rsp)
- decb 168(%rsp)
+ movq 160(%rsp), %r9
+ decq %r9
jge L_curve25519_x64_bits
- movq $63, 168(%rsp)
- decb 160(%rsp)
- jge L_curve25519_x64_words
# Invert
leaq 32(%rsp), %rdi
movq %rsp, %rsi
@@ -4153,7 +3853,7 @@ L_curve25519_x64_bits:
#else
callq _fe_mul_x64
#endif /* __APPLE__ */
- movq 176(%rsp), %rdi
+ movq 168(%rsp), %rdi
# Multiply
# A[0] * B[0]
movq (%rsp), %rax
@@ -4253,77 +3953,66 @@ L_curve25519_x64_bits:
mulq 24(%rdi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
+ movq $38, %rax
+ mulq %r15
+ addq %rax, %r11
+ adcq $0x00, %rdx
movq $0x7fffffffffffffff, %rbp
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rdx
+ imulq $19, %rdx, %rdx
andq %rbp, %r11
- # Multiply top half by 19
- movq $19, %rax
+ movq %rdx, %rbp
+ movq $38, %rax
mulq %r12
xorq %r12, %r12
addq %rax, %rcx
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r12
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ addq %rbp, %rcx
+ adcq %r12, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
+ movq $0x7fffffffffffffff, %rbp
+ movq %r11, %rax
+ sarq $63, %rax
+ andq $19, %rax
andq %rbp, %r11
addq %rax, %rcx
adcq $0x00, %r9
adcq $0x00, %r10
adcq $0x00, %r11
- # Reduce if top bit set
+ movq $0x7fffffffffffffff, %rax
+ movq %rcx, %rdx
+ addq $19, %rdx
+ movq %r9, %rdx
+ adcq $0x00, %rdx
+ movq %r10, %rdx
+ adcq $0x00, %rdx
movq %r11, %rdx
+ adcq $0x00, %rdx
sarq $63, %rdx
andq $19, %rdx
- andq %rbp, %r11
+ andq %rax, %r11
addq %rdx, %rcx
adcq $0x00, %r9
adcq $0x00, %r10
adcq $0x00, %r11
- movq %rcx, %rax
- addq $19, %rax
- movq %r9, %rax
- adcq $0x00, %rax
- movq %r10, %rax
- adcq $0x00, %rax
- movq %r11, %rax
- adcq $0x00, %rax
- sarq $63, %rax
- andq $19, %rax
- addq %rax, %rcx
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- andq %rbp, %r11
# Store
movq %rcx, (%rdi)
movq %r9, 8(%rdi)
movq %r10, 16(%rdi)
movq %r11, 24(%rdi)
xorq %rax, %rax
- addq $0xb8, %rsp
+ addq $0xb0, %rsp
popq %rbp
popq %rbx
popq %r15
@@ -4334,6 +4023,149 @@ L_curve25519_x64_bits:
#ifndef __APPLE__
.size curve25519_x64,.-curve25519_x64
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl fe_sq2_x64
+.type fe_sq2_x64,@function
+.align 16
+fe_sq2_x64:
+#else
+.section __TEXT,__text
+.globl _fe_sq2_x64
+.p2align 4
+_fe_sq2_x64:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ # Square * 2
+ # A[0] * A[1]
+ movq (%rsi), %rax
+ mulq 8(%rsi)
+ movq %rax, %r8
+ movq %rdx, %r9
+ # A[0] * A[2]
+ movq (%rsi), %rax
+ mulq 16(%rsi)
+ xorq %r10, %r10
+ addq %rax, %r9
+ adcq %rdx, %r10
+ # A[0] * A[3]
+ movq (%rsi), %rax
+ mulq 24(%rsi)
+ xorq %r11, %r11
+ addq %rax, %r10
+ adcq %rdx, %r11
+ # A[1] * A[2]
+ movq 8(%rsi), %rax
+ mulq 16(%rsi)
+ xorq %r12, %r12
+ addq %rax, %r10
+ adcq %rdx, %r11
+ adcq $0x00, %r12
+ # A[1] * A[3]
+ movq 8(%rsi), %rax
+ mulq 24(%rsi)
+ addq %rax, %r11
+ adcq %rdx, %r12
+ # A[2] * A[3]
+ movq 16(%rsi), %rax
+ mulq 24(%rsi)
+ xorq %r13, %r13
+ addq %rax, %r12
+ adcq %rdx, %r13
+ # Double
+ xorq %r14, %r14
+ addq %r8, %r8
+ adcq %r9, %r9
+ adcq %r10, %r10
+ adcq %r11, %r11
+ adcq %r12, %r12
+ adcq %r13, %r13
+ adcq $0x00, %r14
+ # A[0] * A[0]
+ movq (%rsi), %rax
+ mulq %rax
+ movq %rax, %rcx
+ movq %rdx, %r15
+ # A[1] * A[1]
+ movq 8(%rsi), %rax
+ mulq %rax
+ addq %r15, %r8
+ adcq %rax, %r9
+ adcq $0x00, %rdx
+ movq %rdx, %r15
+ # A[2] * A[2]
+ movq 16(%rsi), %rax
+ mulq %rax
+ addq %r15, %r10
+ adcq %rax, %r11
+ adcq $0x00, %rdx
+ movq %rdx, %r15
+ # A[3] * A[3]
+ movq 24(%rsi), %rax
+ mulq %rax
+ addq %rax, %r13
+ adcq %rdx, %r14
+ addq %r15, %r12
+ adcq $0x00, %r13
+ adcq $0x00, %r14
+ movq $38, %rax
+ mulq %r14
+ addq %rax, %r10
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r15
+ shldq $0x01, %r10, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r15, %r10
+ movq %rdx, %r15
+ movq $38, %rax
+ mulq %r11
+ xorq %r11, %r11
+ addq %rax, %rcx
+ movq $38, %rax
+ adcq %rdx, %r11
+ mulq %r12
+ xorq %r12, %r12
+ addq %rax, %r8
+ movq $38, %rax
+ adcq %rdx, %r12
+ mulq %r13
+ xorq %r13, %r13
+ addq %rax, %r9
+ adcq %rdx, %r13
+ addq %r15, %rcx
+ adcq %r11, %r8
+ adcq %r12, %r9
+ adcq %r13, %r10
+ mov %r10, %rax
+ shldq $0x01, %r9, %r10
+ shldq $0x01, %r8, %r9
+ shldq $0x01, %rcx, %r8
+ shlq $0x01, %rcx
+ movq $0x7fffffffffffffff, %r15
+ shrq $62, %rax
+ andq %r15, %r10
+ imulq $19, %rax, %rax
+ addq %rax, %rcx
+ adcq $0x00, %r8
+ adcq $0x00, %r9
+ adcq $0x00, %r10
+ # Store
+ movq %rcx, (%rdi)
+ movq %r8, 8(%rdi)
+ movq %r9, 16(%rdi)
+ movq %r10, 24(%rdi)
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size fe_sq2_x64,.-fe_sq2_x64
+#endif /* __APPLE__ */
#ifndef __APPLE__
.text
.globl fe_pow22523_x64
@@ -4591,4961 +4423,4678 @@ _fe_pow22523_x64:
repz retq
#ifndef __APPLE__
.text
-.globl fe_ge_to_p2_x64
-.type fe_ge_to_p2_x64,@function
+.globl ge_p1p1_to_p2_x64
+.type ge_p1p1_to_p2_x64,@function
.align 16
-fe_ge_to_p2_x64:
+ge_p1p1_to_p2_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p2_x64
+.globl _ge_p1p1_to_p2_x64
.p2align 4
-_fe_ge_to_p2_x64:
+_ge_p1p1_to_p2_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $40, %rsp
- movq %rsi, (%rsp)
- movq %rdx, 8(%rsp)
- movq %rcx, 16(%rsp)
- movq %r8, 24(%rsp)
- movq %r9, 32(%rsp)
- movq 16(%rsp), %rsi
- movq 88(%rsp), %rbx
+ pushq %rbx
+ subq $16, %rsp
+ movq %rdi, (%rsp)
+ movq %rsi, 8(%rsp)
+ movq %rsi, %rcx
+ addq $0x60, %rcx
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 24(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $0x40, %rsi
+ addq $0x40, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 32(%rsp), %rsi
- movq 88(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ movq %rsi, %rcx
+ subq $32, %rcx
+ subq $32, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $40, %rsp
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $16, %rsp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_to_p2_x64,.-fe_ge_to_p2_x64
+.size ge_p1p1_to_p2_x64,.-ge_p1p1_to_p2_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_to_p3_x64
-.type fe_ge_to_p3_x64,@function
+.globl ge_p1p1_to_p3_x64
+.type ge_p1p1_to_p3_x64,@function
.align 16
-fe_ge_to_p3_x64:
+ge_p1p1_to_p3_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p3_x64
+.globl _ge_p1p1_to_p3_x64
.p2align 4
-_fe_ge_to_p3_x64:
+_ge_p1p1_to_p3_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $40, %rsp
- movq %rsi, (%rsp)
- movq %rdx, 8(%rsp)
- movq %rcx, 16(%rsp)
- movq %r8, 24(%rsp)
- movq %r9, 32(%rsp)
- movq 24(%rsp), %rsi
- movq 96(%rsp), %rbx
+ pushq %rbx
+ subq $16, %rsp
+ movq %rdi, (%rsp)
+ movq %rsi, 8(%rsp)
+ movq %rsi, %rcx
+ addq $0x60, %rcx
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 32(%rsp), %rsi
- movq 88(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ movq %rsi, %rcx
+ addq $32, %rcx
+ addq $0x60, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 88(%rsp), %rsi
- movq 96(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $0x40, %rsi
+ subq $0x40, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq 24(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ movq %rsi, %rcx
+ addq $32, %rcx
+ addq $32, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r9
+ movq %rdx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
+ # A[1] * B[0]
+ movq (%rcx), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
mulq 8(%rsi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
+ # A[2] * B[0]
+ movq (%rcx), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rsi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
+ # A[3] * B[0]
+ movq (%rcx), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rsi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rsi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rsi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $40, %rsp
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $16, %rsp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_to_p3_x64,.-fe_ge_to_p3_x64
+.size ge_p1p1_to_p3_x64,.-ge_p1p1_to_p3_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_dbl_x64
-.type fe_ge_dbl_x64,@function
+.globl ge_p2_dbl_x64
+.type ge_p2_dbl_x64,@function
.align 16
-fe_ge_dbl_x64:
+ge_p2_dbl_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_dbl_x64
+.globl _ge_p2_dbl_x64
.p2align 4
-_fe_ge_dbl_x64:
+_ge_p2_dbl_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ subq $16, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq (%rsp), %rdi
- movq 32(%rsp), %rsi
+ addq $0x40, %rdi
# Square
# A[0] * A[1]
movq (%rsi), %rax
mulq 8(%rsi)
- movq %rax, %r9
- movq %rdx, %r10
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * A[2]
movq (%rsi), %rax
mulq 16(%rsi)
- xorq %r11, %r11
- addq %rax, %r10
- adcq %rdx, %r11
- # A[0] * A[3]
- movq (%rsi), %rax
- mulq 24(%rsi)
xorq %r12, %r12
addq %rax, %r11
adcq %rdx, %r12
+ # A[0] * A[3]
+ movq (%rsi), %rax
+ mulq 24(%rsi)
+ xorq %r13, %r13
+ addq %rax, %r12
+ adcq %rdx, %r13
# A[1] * A[2]
movq 8(%rsi), %rax
mulq 16(%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
+ xorq %r14, %r14
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
# A[1] * A[3]
movq 8(%rsi), %rax
mulq 24(%rsi)
- addq %rax, %r12
- adcq %rdx, %r13
+ addq %rax, %r13
+ adcq %rdx, %r14
# A[2] * A[3]
movq 16(%rsi), %rax
mulq 24(%rsi)
- xorq %r14, %r14
- addq %rax, %r13
- adcq %rdx, %r14
- # Double
xorq %r15, %r15
- addq %r9, %r9
- adcq %r10, %r10
+ addq %rax, %r14
+ adcq %rdx, %r15
+ # Double
+ xorq %rbx, %rbx
+ addq %r10, %r10
adcq %r11, %r11
adcq %r12, %r12
adcq %r13, %r13
adcq %r14, %r14
- adcq $0x00, %r15
+ adcq %r15, %r15
+ adcq $0x00, %rbx
# A[0] * A[0]
movq (%rsi), %rax
mulq %rax
- movq %rax, %r8
- movq %rdx, %rcx
+ movq %rax, %r9
+ movq %rdx, %r8
# A[1] * A[1]
movq 8(%rsi), %rax
mulq %rax
- addq %rcx, %r9
- adcq %rax, %r10
+ addq %r8, %r10
+ adcq %rax, %r11
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[2] * A[2]
movq 16(%rsi), %rax
mulq %rax
- addq %rcx, %r11
- adcq %rax, %r12
+ addq %r8, %r12
+ adcq %rax, %r13
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[3] * A[3]
movq 24(%rsi), %rax
mulq %rax
- addq %rax, %r14
- adcq %rdx, %r15
- addq %rcx, %r13
- adcq $0x00, %r14
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ addq %r8, %r14
adcq $0x00, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq 40(%rsp), %rsi
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $32, %rsi
# Square
# A[0] * A[1]
movq (%rsi), %rax
mulq 8(%rsi)
- movq %rax, %r9
- movq %rdx, %r10
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * A[2]
movq (%rsi), %rax
mulq 16(%rsi)
- xorq %r11, %r11
- addq %rax, %r10
- adcq %rdx, %r11
- # A[0] * A[3]
- movq (%rsi), %rax
- mulq 24(%rsi)
xorq %r12, %r12
addq %rax, %r11
adcq %rdx, %r12
+ # A[0] * A[3]
+ movq (%rsi), %rax
+ mulq 24(%rsi)
+ xorq %r13, %r13
+ addq %rax, %r12
+ adcq %rdx, %r13
# A[1] * A[2]
movq 8(%rsi), %rax
mulq 16(%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
+ xorq %r14, %r14
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
# A[1] * A[3]
movq 8(%rsi), %rax
mulq 24(%rsi)
- addq %rax, %r12
- adcq %rdx, %r13
+ addq %rax, %r13
+ adcq %rdx, %r14
# A[2] * A[3]
movq 16(%rsi), %rax
mulq 24(%rsi)
- xorq %r14, %r14
- addq %rax, %r13
- adcq %rdx, %r14
- # Double
xorq %r15, %r15
- addq %r9, %r9
- adcq %r10, %r10
+ addq %rax, %r14
+ adcq %rdx, %r15
+ # Double
+ xorq %rbx, %rbx
+ addq %r10, %r10
adcq %r11, %r11
adcq %r12, %r12
adcq %r13, %r13
adcq %r14, %r14
- adcq $0x00, %r15
+ adcq %r15, %r15
+ adcq $0x00, %rbx
# A[0] * A[0]
movq (%rsi), %rax
mulq %rax
- movq %rax, %r8
- movq %rdx, %rcx
+ movq %rax, %r9
+ movq %rdx, %r8
# A[1] * A[1]
movq 8(%rsi), %rax
mulq %rax
- addq %rcx, %r9
- adcq %rax, %r10
+ addq %r8, %r10
+ adcq %rax, %r11
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[2] * A[2]
movq 16(%rsi), %rax
mulq %rax
- addq %rcx, %r11
- adcq %rax, %r12
+ addq %r8, %r12
+ adcq %rax, %r13
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[3] * A[3]
movq 24(%rsi), %rax
mulq %rax
- addq %rax, %r14
- adcq %rdx, %r15
- addq %rcx, %r13
- adcq $0x00, %r14
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ addq %r8, %r14
adcq $0x00, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
+ adcq %r15, %r12
+ # Store
+ movq %rdi, %rsi
+ subq $32, %rdi
+ # Add-Sub
+ # Add
+ movq %r9, %r13
+ addq (%rsi), %r9
+ movq %r10, %r14
+ adcq 8(%rsi), %r10
+ movq %r11, %r15
+ adcq 16(%rsi), %r11
+ movq %r12, %rbx
+ adcq 24(%rsi), %r12
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r12, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $19, %rax
+ andq %rdx, %r12
+ # Sub modulus (if overflow)
+ addq %rax, %r9
adcq $0x00, %r10
adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
+ adcq $0x00, %r12
+ # Sub
+ subq (%rsi), %r13
+ sbbq 8(%rsi), %r14
+ sbbq 16(%rsi), %r15
+ sbbq 24(%rsi), %rbx
+ sbbq %rax, %rax
+ shldq $0x01, %rbx, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbx
+ # Add modulus (if underflow)
+ subq %rax, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ movq %r13, (%rsi)
+ movq %r14, 8(%rsi)
+ movq %r15, 16(%rsi)
+ movq %rbx, 24(%rsi)
+ movq 8(%rsp), %rcx
+ movq %rcx, %rsi
+ addq $32, %rsi
+ subq $32, %rdi
+ # Add
+ movq (%rsi), %r9
+ movq 8(%rsi), %r10
+ addq (%rcx), %r9
+ movq 16(%rsi), %r11
+ adcq 8(%rcx), %r10
+ movq 24(%rsi), %r12
+ adcq 16(%rcx), %r11
+ adcq 24(%rcx), %r12
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r12, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $19, %rax
+ andq %rdx, %r12
+ # Sub modulus (if overflow)
+ addq %rax, %r9
adcq $0x00, %r10
adcq $0x00, %r11
- # Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- movq 128(%rsp), %rsi
- # Square * 2
+ adcq $0x00, %r12
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ # Square
# A[0] * A[1]
- movq (%rsi), %rax
- mulq 8(%rsi)
- movq %rax, %r9
- movq %rdx, %r10
+ movq (%rdi), %rax
+ mulq 8(%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * A[2]
- movq (%rsi), %rax
- mulq 16(%rsi)
- xorq %r11, %r11
- addq %rax, %r10
- adcq %rdx, %r11
- # A[0] * A[3]
- movq (%rsi), %rax
- mulq 24(%rsi)
+ movq (%rdi), %rax
+ mulq 16(%rdi)
xorq %r12, %r12
addq %rax, %r11
adcq %rdx, %r12
- # A[1] * A[2]
- movq 8(%rsi), %rax
- mulq 16(%rsi)
+ # A[0] * A[3]
+ movq (%rdi), %rax
+ mulq 24(%rdi)
xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * A[3]
- movq 8(%rsi), %rax
- mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
- # A[2] * A[3]
- movq 16(%rsi), %rax
- mulq 24(%rsi)
+ # A[1] * A[2]
+ movq 8(%rdi), %rax
+ mulq 16(%rdi)
xorq %r14, %r14
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[1] * A[3]
+ movq 8(%rdi), %rax
+ mulq 24(%rdi)
addq %rax, %r13
adcq %rdx, %r14
- # Double
+ # A[2] * A[3]
+ movq 16(%rdi), %rax
+ mulq 24(%rdi)
xorq %r15, %r15
- addq %r9, %r9
- adcq %r10, %r10
+ addq %rax, %r14
+ adcq %rdx, %r15
+ # Double
+ xorq %rbx, %rbx
+ addq %r10, %r10
adcq %r11, %r11
adcq %r12, %r12
adcq %r13, %r13
adcq %r14, %r14
- adcq $0x00, %r15
+ adcq %r15, %r15
+ adcq $0x00, %rbx
# A[0] * A[0]
- movq (%rsi), %rax
+ movq (%rdi), %rax
mulq %rax
- movq %rax, %r8
- movq %rdx, %rcx
+ movq %rax, %r9
+ movq %rdx, %r8
# A[1] * A[1]
- movq 8(%rsi), %rax
+ movq 8(%rdi), %rax
mulq %rax
- addq %rcx, %r9
- adcq %rax, %r10
+ addq %r8, %r10
+ adcq %rax, %r11
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[2] * A[2]
- movq 16(%rsi), %rax
+ movq 16(%rdi), %rax
mulq %rax
- addq %rcx, %r11
- adcq %rax, %r12
+ addq %r8, %r12
+ adcq %rax, %r13
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[3] * A[3]
- movq 24(%rsi), %rax
+ movq 24(%rdi), %rax
mulq %rax
- addq %rax, %r14
- adcq %rdx, %r15
- addq %rcx, %r13
- adcq $0x00, %r14
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ addq %r8, %r14
adcq $0x00, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rbx
- xorq %rax, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $3, %r15, %rax
- shldq $2, %r14, %r15
- shldq $2, %r13, %r14
- shldq $2, %r12, %r13
- shldq $2, %r11, %r12
- shldq $0x01, %r10, %r11
- shldq $0x01, %r9, %r10
- shldq $0x01, %r8, %r9
- shlq $0x01, %r8
- andq %rbx, %r11
- # Two out left, one in right
- andq %rbx, %r15
- # Multiply top bits by 19*19
- imulq $0x169, %rax, %rcx
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining produce results in
- addq %rcx, %r8
- adcq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rbx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 32(%rsp), %rsi
- movq 40(%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Sub
+ subq (%rsi), %r9
+ sbbq 8(%rsi), %r10
+ sbbq 16(%rsi), %r11
+ sbbq 24(%rsi), %r12
+ sbbq %rax, %rax
+ shldq $0x01, %r12, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rdi
- movq 8(%rsp), %rsi
- # Square
+ imulq $-19, %rax
+ andq %rdx, %r12
+ # Add modulus (if underflow)
+ subq %rax, %r9
+ sbbq $0x00, %r10
+ sbbq $0x00, %r11
+ sbbq $0x00, %r12
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $0x40, %rcx
+ # Square * 2
# A[0] * A[1]
- movq (%rsi), %rax
- mulq 8(%rsi)
- movq %rax, %r9
- movq %rdx, %r10
+ movq (%rcx), %rax
+ mulq 8(%rcx)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * A[2]
- movq (%rsi), %rax
- mulq 16(%rsi)
- xorq %r11, %r11
- addq %rax, %r10
- adcq %rdx, %r11
- # A[0] * A[3]
- movq (%rsi), %rax
- mulq 24(%rsi)
+ movq (%rcx), %rax
+ mulq 16(%rcx)
xorq %r12, %r12
addq %rax, %r11
adcq %rdx, %r12
- # A[1] * A[2]
- movq 8(%rsi), %rax
- mulq 16(%rsi)
+ # A[0] * A[3]
+ movq (%rcx), %rax
+ mulq 24(%rcx)
xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * A[3]
- movq 8(%rsi), %rax
- mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
- # A[2] * A[3]
- movq 16(%rsi), %rax
- mulq 24(%rsi)
+ # A[1] * A[2]
+ movq 8(%rcx), %rax
+ mulq 16(%rcx)
xorq %r14, %r14
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[1] * A[3]
+ movq 8(%rcx), %rax
+ mulq 24(%rcx)
addq %rax, %r13
adcq %rdx, %r14
- # Double
+ # A[2] * A[3]
+ movq 16(%rcx), %rax
+ mulq 24(%rcx)
xorq %r15, %r15
- addq %r9, %r9
- adcq %r10, %r10
+ addq %rax, %r14
+ adcq %rdx, %r15
+ # Double
+ xorq %rbx, %rbx
+ addq %r10, %r10
adcq %r11, %r11
adcq %r12, %r12
adcq %r13, %r13
adcq %r14, %r14
- adcq $0x00, %r15
+ adcq %r15, %r15
+ adcq $0x00, %rbx
# A[0] * A[0]
- movq (%rsi), %rax
+ movq (%rcx), %rax
mulq %rax
- movq %rax, %r8
- movq %rdx, %rcx
+ movq %rax, %r9
+ movq %rdx, %r8
# A[1] * A[1]
- movq 8(%rsi), %rax
+ movq 8(%rcx), %rax
mulq %rax
- addq %rcx, %r9
- adcq %rax, %r10
+ addq %r8, %r10
+ adcq %rax, %r11
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[2] * A[2]
- movq 16(%rsi), %rax
+ movq 16(%rcx), %rax
mulq %rax
- addq %rcx, %r11
- adcq %rax, %r12
+ addq %r8, %r12
+ adcq %rax, %r13
adcq $0x00, %rdx
- movq %rdx, %rcx
+ movq %rdx, %r8
# A[3] * A[3]
- movq 24(%rsi), %rax
+ movq 24(%rcx), %rax
mulq %rax
- addq %rax, %r14
- adcq %rdx, %r15
- addq %rcx, %r13
- adcq $0x00, %r14
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ addq %r8, %r14
adcq $0x00, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
+ adcq $0x00, %rbx
+ movq $38, %rax
+ mulq %rbx
+ addq %rax, %r12
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r8, %r12
+ movq %rdx, %r8
+ movq $38, %rax
mulq %r13
xorq %r13, %r13
addq %rax, %r9
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r13
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
+ xorq %r15, %r15
+ addq %rax, %r11
+ adcq %rdx, %r15
+ addq %r8, %r9
adcq %r13, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
+ adcq %r15, %r12
+ mov %r12, %rax
+ shldq $0x01, %r11, %r12
+ shldq $0x01, %r10, %r11
+ shldq $0x01, %r9, %r10
+ shlq $0x01, %r9
+ movq $0x7fffffffffffffff, %r8
+ shrq $62, %rax
+ andq %r8, %r12
+ imulq $19, %rax, %rax
+ addq %rax, %r9
adcq $0x00, %r10
adcq $0x00, %r11
+ adcq $0x00, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 16(%rsp), %rsi
- movq (%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
- movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq 16(%rsp), %rsi
- movq (%rsp), %rbx
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- movq 24(%rsp), %rsi
- movq 16(%rsp), %rbx
+ movq %rdi, %rsi
+ addq $0x40, %rsi
+ addq $0x60, %rdi
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
+ subq (%rsi), %r9
+ sbbq 8(%rsi), %r10
+ sbbq 16(%rsi), %r11
+ sbbq 24(%rsi), %r12
+ sbbq %rax, %rax
+ shldq $0x01, %r12, %rax
movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $-19, %rax
+ andq %rdx, %r12
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $0x50, %rsp
+ subq %rax, %r9
+ sbbq $0x00, %r10
+ sbbq $0x00, %r11
+ sbbq $0x00, %r12
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $16, %rsp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_dbl_x64,.-fe_ge_dbl_x64
+.size ge_p2_dbl_x64,.-ge_p2_dbl_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_madd_x64
-.type fe_ge_madd_x64,@function
+.globl ge_madd_x64
+.type ge_madd_x64,@function
.align 16
-fe_ge_madd_x64:
+ge_madd_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_madd_x64
+.globl _ge_madd_x64
.p2align 4
-_fe_ge_madd_x64:
+_ge_madd_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rcx
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq (%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %rcx, 16(%rsp)
+ movq %rsi, %r8
+ movq %rsi, %rcx
+ addq $32, %rcx
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq (%rcx), %r10
+ movq 8(%rcx), %r11
+ movq 16(%rcx), %r12
+ movq 24(%rcx), %r13
+ movq %r10, %r14
+ addq (%r8), %r10
+ movq %r11, %r15
+ adcq 8(%r8), %r11
+ movq %r12, %rbx
+ adcq 16(%r8), %r12
+ movq %r13, %rbp
+ adcq 24(%r8), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%r8), %r14
+ sbbq 8(%r8), %r15
+ sbbq 16(%r8), %rbx
+ sbbq 24(%r8), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq (%rsp), %rsi
- movq 152(%rsp), %rbx
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rcx
+ addq $32, %rcx
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
+ xorq %r12, %r12
+ addq %rax, %r11
+ adcq %rdx, %r12
# A[1] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
+ xorq %r13, %r13
+ addq %rax, %r11
+ adcq %rdx, %r12
+ adcq $0x00, %r13
# A[0] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rcx), %rax
mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
+ addq %rax, %r12
+ adcq %rdx, %r13
# A[1] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq 8(%rsi)
- xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
+ xorq %r14, %r14
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
# A[2] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
# A[0] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rcx), %rax
mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
+ xorq %r15, %r15
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
# A[1] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rcx), %rax
mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
# A[2] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
# A[3] * B[0]
- movq (%rbx), %rax
+ movq (%rcx), %rax
mulq 24(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
# A[1] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rcx), %rax
mulq 8(%rsi)
- xorq %r14, %r14
- addq %rax, %r12
- adcq %rdx, %r13
- adcq $0x00, %r14
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
# A[2] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rcx), %rax
mulq 16(%rsi)
- addq %rax, %r12
- adcq %rdx, %r13
- adcq $0x00, %r14
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
# A[3] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rcx), %rax
mulq 24(%rsi)
- addq %rax, %r12
- adcq %rdx, %r13
- adcq $0x00, %r14
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
# A[2] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rcx), %rax
mulq 16(%rsi)
- xorq %r15, %r15
- addq %rax, %r13
- adcq %rdx, %r14
- adcq $0x00, %r15
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
# A[3] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rcx), %rax
mulq 24(%rsi)
- addq %rax, %r13
- adcq %rdx, %r14
- adcq $0x00, %r15
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
# A[3] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rcx), %rax
mulq 24(%rsi)
- addq %rax, %r14
- adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 8(%rsp), %rsi
- movq 160(%rsp), %rbx
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ addq $0x60, %r8
+ addq $32, %rcx
+ addq $0x60, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%r8)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%r8)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%r8)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%r8)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%r8)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%r8)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%r8)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- movq 144(%rsp), %rsi
- movq 136(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ subq $0x40, %rcx
+ subq $0x60, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rdi
- movq 128(%rsp), %rsi
- movq 128(%rsp), %rbx
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ subq $32, %r8
+ # Double
+ movq (%r8), %r10
+ movq 8(%r8), %r11
+ addq %r10, %r10
+ movq 16(%r8), %r12
+ adcq %r11, %r11
+ movq 24(%r8), %r13
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %rdi, %rsi
+ addq $0x60, %rsi
+ addq $0x40, %rdi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $0x50, %rsp
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_madd_x64,.-fe_ge_madd_x64
+.size ge_madd_x64,.-ge_madd_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_msub_x64
-.type fe_ge_msub_x64,@function
+.globl ge_msub_x64
+.type ge_msub_x64,@function
.align 16
-fe_ge_msub_x64:
+ge_msub_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_msub_x64
+.globl _ge_msub_x64
.p2align 4
-_fe_ge_msub_x64:
+_ge_msub_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rcx
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq (%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %rcx, 16(%rsp)
+ movq %rsi, %r8
+ movq %rsi, %rcx
+ addq $32, %rcx
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq (%rcx), %r10
+ movq 8(%rcx), %r11
+ movq 16(%rcx), %r12
+ movq 24(%rcx), %r13
+ movq %r10, %r14
+ addq (%r8), %r10
+ movq %r11, %r15
+ adcq 8(%r8), %r11
+ movq %r12, %rbx
+ adcq 16(%r8), %r12
+ movq %r13, %rbp
+ adcq 24(%r8), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%r8), %r14
+ sbbq 8(%r8), %r15
+ sbbq 16(%r8), %rbx
+ sbbq 24(%r8), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq (%rsp), %rsi
- movq 160(%rsp), %rbx
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rcx
+ addq $32, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 8(%rsp), %rsi
- movq 152(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ addq $0x60, %r8
+ addq $0x40, %rcx
+ addq $0x40, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%r8)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%r8)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%r8)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%r8)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%r8)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%r8)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%r8)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- movq 144(%rsp), %rsi
- movq 136(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ subq $32, %rcx
+ subq $0x60, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rdi
- movq 128(%rsp), %rsi
- movq 128(%rsp), %rbx
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ subq $32, %r8
+ addq $0x40, %rdi
+ # Double
+ movq (%r8), %r10
+ movq 8(%r8), %r11
+ addq %r10, %r10
+ movq 16(%r8), %r12
+ adcq %r11, %r11
+ movq 24(%r8), %r13
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $0x50, %rsp
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
+ # Add modulus (if underflow)
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_msub_x64,.-fe_ge_msub_x64
+.size ge_msub_x64,.-ge_msub_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_add_x64
-.type fe_ge_add_x64,@function
+.globl ge_add_x64
+.type ge_add_x64,@function
.align 16
-fe_ge_add_x64:
+ge_add_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_add_x64
+.globl _ge_add_x64
.p2align 4
-_fe_ge_add_x64:
+_ge_add_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rcx
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq (%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %rcx, 16(%rsp)
+ movq %rsi, %r8
+ movq %rsi, %rcx
+ addq $32, %rcx
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq (%rcx), %r10
+ movq 8(%rcx), %r11
+ movq 16(%rcx), %r12
+ movq 24(%rcx), %r13
+ movq %r10, %r14
+ addq (%r8), %r10
+ movq %r11, %r15
+ adcq 8(%r8), %r11
+ movq %r12, %rbx
+ adcq 16(%r8), %r12
+ movq %r13, %rbp
+ adcq 24(%r8), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%r8), %r14
+ sbbq 8(%r8), %r15
+ sbbq 16(%r8), %rbx
+ sbbq 24(%r8), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq (%rsp), %rsi
- movq 160(%rsp), %rbx
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rcx
+ addq $32, %rcx
+ addq $32, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 8(%rsp), %rsi
- movq 168(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ addq $0x60, %r8
+ addq $0x40, %rcx
+ addq $0x40, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%r8)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%r8)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%r8)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%r8)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%r8)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%r8)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%r8)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- movq 152(%rsp), %rsi
- movq 136(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ subq $0x60, %rcx
+ subq $0x60, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 128(%rsp), %rsi
- movq 144(%rsp), %rbx
+ # Add-Sub
+ # Add
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
+ # Sub modulus (if overflow)
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
+ # Add modulus (if underflow)
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ subq $32, %r8
+ addq $0x40, %rcx
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%r8)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%r8)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%r8)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%r8)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%r8)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%r8)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%r8)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rdi
- movq (%rsp), %rsi
- movq (%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
- movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ addq $0x40, %rdi
+ # Double
+ addq %r10, %r10
+ adcq %r11, %r11
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $0x50, %rsp
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_add_x64,.-fe_ge_add_x64
+.size ge_add_x64,.-ge_add_x64
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_sub_x64
-.type fe_ge_sub_x64,@function
+.globl ge_sub_x64
+.type ge_sub_x64,@function
.align 16
-fe_ge_sub_x64:
+ge_sub_x64:
#else
.section __TEXT,__text
-.globl _fe_ge_sub_x64
+.globl _ge_sub_x64
.p2align 4
-_fe_ge_sub_x64:
+_ge_sub_x64:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rcx
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq (%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %rcx, 16(%rsp)
+ movq %rsi, %r8
+ movq %rsi, %rcx
+ addq $32, %rcx
+ movq %rdi, %rsi
+ addq $32, %rsi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
+ movq (%rcx), %r10
+ movq 8(%rcx), %r11
+ movq 16(%rcx), %r12
+ movq 24(%rcx), %r13
+ movq %r10, %r14
+ addq (%r8), %r10
+ movq %r11, %r15
+ adcq 8(%r8), %r11
+ movq %r12, %rbx
+ adcq 16(%r8), %r12
+ movq %r13, %rbp
+ adcq 24(%r8), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
# Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 40(%rsp), %rsi
- movq 32(%rsp), %rbx
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
+ subq (%r8), %r14
+ sbbq 8(%r8), %r15
+ sbbq 16(%r8), %rbx
+ sbbq 24(%r8), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
# Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq (%rsp), %rsi
- movq 168(%rsp), %rbx
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rcx
+ addq $32, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 8(%rsp), %rsi
- movq 160(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ addq $0x60, %r8
+ addq $0x60, %rcx
+ addq $0x40, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%r8)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%r8)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
- xorq %r13, %r13
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
- addq %rax, %r11
- adcq %rdx, %r12
- adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%r8)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%r8)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%r8)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%r8)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%r8)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
- adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- movq 152(%rsp), %rsi
- movq 136(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ subq $0x40, %rcx
+ subq $0x60, %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
- mulq (%rsi)
- movq %rax, %r8
- movq %rdx, %r9
+ movq (%rcx), %rax
+ mulq (%rdi)
+ movq %rax, %r10
+ movq %rdx, %r11
# A[0] * B[1]
- movq 8(%rbx), %rax
- mulq (%rsi)
- xorq %r10, %r10
- addq %rax, %r9
- adcq %rdx, %r10
- # A[1] * B[0]
- movq (%rbx), %rax
- mulq 8(%rsi)
- xorq %r11, %r11
- addq %rax, %r9
- adcq %rdx, %r10
- adcq $0x00, %r11
- # A[0] * B[2]
- movq 16(%rbx), %rax
- mulq (%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- # A[1] * B[1]
- movq 8(%rbx), %rax
- mulq 8(%rsi)
+ movq 8(%rcx), %rax
+ mulq (%rdi)
xorq %r12, %r12
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[2] * B[0]
- movq (%rbx), %rax
- mulq 16(%rsi)
- addq %rax, %r10
- adcq %rdx, %r11
- adcq $0x00, %r12
- # A[0] * B[3]
- movq 24(%rbx), %rax
- mulq (%rsi)
+ addq %rax, %r11
+ adcq %rdx, %r12
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%rdi)
xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%rdi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %r14, %r14
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq $0x00, %r14
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%rdi)
+ xorq %r15, %r15
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
# A[1] * B[2]
- movq 16(%rbx), %rax
- mulq 8(%rsi)
+ movq 16(%rcx), %rax
+ mulq 8(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%rdi)
+ xorq %rbx, %rbx
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%rdi)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%rdi)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
+ mulq %r14
+ xorq %r14, %r14
+ addq %rax, %r10
+ movq $38, %rax
+ adcq %rdx, %r14
+ mulq %r15
+ xorq %r15, %r15
addq %rax, %r11
- adcq %rdx, %r12
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
+ adcq %r14, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
+ # Store
+ # Add-Sub
+ # Add
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
+ # Sub modulus (if overflow)
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
adcq $0x00, %r13
- # A[2] * B[1]
- movq 8(%rbx), %rax
- mulq 16(%rsi)
+ # Sub
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
+ # Add modulus (if underflow)
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ subq $32, %r8
+ addq $32, %rcx
+ # Multiply
+ # A[0] * B[0]
+ movq (%rcx), %rax
+ mulq (%r8)
+ movq %rax, %r10
+ movq %rdx, %r11
+ # A[0] * B[1]
+ movq 8(%rcx), %rax
+ mulq (%r8)
+ xorq %r12, %r12
addq %rax, %r11
adcq %rdx, %r12
- adcq $0x00, %r13
- # A[3] * B[0]
- movq (%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[0]
+ movq (%rcx), %rax
+ mulq 8(%r8)
+ xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
- # A[1] * B[3]
- movq 24(%rbx), %rax
- mulq 8(%rsi)
- xorq %r14, %r14
+ # A[0] * B[2]
+ movq 16(%rcx), %rax
+ mulq (%r8)
addq %rax, %r12
adcq %rdx, %r13
- adcq $0x00, %r14
- # A[2] * B[2]
- movq 16(%rbx), %rax
- mulq 16(%rsi)
+ # A[1] * B[1]
+ movq 8(%rcx), %rax
+ mulq 8(%r8)
+ xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[3] * B[1]
- movq 8(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[0]
+ movq (%rcx), %rax
+ mulq 16(%r8)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
- # A[2] * B[3]
- movq 24(%rbx), %rax
- mulq 16(%rsi)
+ # A[0] * B[3]
+ movq 24(%rcx), %rax
+ mulq (%r8)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[2]
- movq 16(%rbx), %rax
- mulq 24(%rsi)
+ # A[1] * B[2]
+ movq 16(%rcx), %rax
+ mulq 8(%r8)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
- # A[3] * B[3]
- movq 24(%rbx), %rax
- mulq 24(%rsi)
+ # A[2] * B[1]
+ movq 8(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[3] * B[0]
+ movq (%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r13
+ adcq %rdx, %r14
+ adcq $0x00, %r15
+ # A[1] * B[3]
+ movq 24(%rcx), %rax
+ mulq 8(%r8)
+ xorq %rbx, %rbx
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
- addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
- addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
+ adcq $0x00, %rbx
+ # A[2] * B[2]
+ movq 16(%rcx), %rax
+ mulq 16(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[3] * B[1]
+ movq 8(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r14
+ adcq %rdx, %r15
+ adcq $0x00, %rbx
+ # A[2] * B[3]
+ movq 24(%rcx), %rax
+ mulq 16(%r8)
+ xorq %rbp, %rbp
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[2]
+ movq 16(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %r15
+ adcq %rdx, %rbx
+ adcq $0x00, %rbp
+ # A[3] * B[3]
+ movq 24(%rcx), %rax
+ mulq 24(%r8)
+ addq %rax, %rbx
+ adcq %rdx, %rbp
+ movq $38, %rax
+ mulq %rbp
+ addq %rax, %r13
+ adcq $0x00, %rdx
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %rdx
+ imulq $19, %rdx, %rdx
+ andq %r9, %r13
+ movq %rdx, %r9
+ movq $38, %rax
mulq %r14
xorq %r14, %r14
addq %rax, %r10
- movq $19, %rax
+ movq $38, %rax
adcq %rdx, %r14
mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
+ xorq %r15, %r15
+ addq %rax, %r11
+ movq $38, %rax
+ adcq %rdx, %r15
+ mulq %rbx
+ xorq %rbx, %rbx
+ addq %rax, %r12
+ adcq %rdx, %rbx
+ addq %r9, %r10
adcq %r14, %r11
+ adcq %r15, %r12
+ adcq %rbx, %r13
+ # Store
+ # Double
+ addq %r10, %r10
+ adcq %r11, %r11
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
+ # Sub modulus (if overflow)
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %rdi, %rsi
+ addq $0x40, %rsi
+ addq $0x60, %rdi
+ # Add-Sub
+ # Add
+ movq %r10, %r14
+ addq (%rdi), %r10
+ movq %r11, %r15
+ adcq 8(%rdi), %r11
+ movq %r12, %rbx
+ adcq 16(%rdi), %r12
+ movq %r13, %rbp
+ adcq 24(%rdi), %r13
+ movq $0x00, %rax
+ adcq $0x00, %rax
+ shldq $0x01, %r13, %rax
+ movq $0x7fffffffffffffff, %rdx
+ imulq $19, %rax
+ andq %rdx, %r13
+ # Sub modulus (if overflow)
+ addq %rax, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rdi), %r14
+ sbbq 8(%rdi), %r15
+ sbbq 16(%rdi), %rbx
+ sbbq 24(%rdi), %rbp
+ sbbq %rax, %rax
+ shldq $0x01, %rbp, %rax
+ imulq $-19, %rax
+ andq %rdx, %rbp
+ # Add modulus (if underflow)
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size ge_sub_x64,.-ge_sub_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl sc_reduce_x64
+.type sc_reduce_x64,@function
+.align 16
+sc_reduce_x64:
+#else
+.section __TEXT,__text
+.globl _sc_reduce_x64
+.p2align 4
+_sc_reduce_x64:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ pushq %rbx
+ pushq %rbp
+ movq (%rdi), %r8
+ movq 8(%rdi), %r9
+ movq 16(%rdi), %r10
+ movq 24(%rdi), %r11
+ movq 32(%rdi), %r12
+ movq 40(%rdi), %r13
+ movq 48(%rdi), %r14
+ movq 56(%rdi), %r15
+ movq %r15, %rcx
+ movq $0xfffffffffffffff, %rsi
+ shrq $56, %rcx
+ shldq $4, %r14, %r15
+ shldq $4, %r13, %r14
+ shldq $4, %r12, %r13
+ shldq $4, %r11, %r12
+ andq %rsi, %r11
+ andq %rsi, %r15
+ # Add order times bits 504..511
+ subq %rcx, %r14
+ sbbq $0x00, %r15
+ movq $0xeb2106215d086329, %rax
+ mulq %rcx
+ movq $0x00, %rsi
+ addq %rax, %r13
+ movq $0xa7ed9ce5a30a2c13, %rax
+ adcq %rdx, %rsi
+ mulq %rcx
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq %rsi, %r14
+ adcq $0x00, %r15
+ # Sub product of top 4 words and order
+ movq $0xa7ed9ce5a30a2c13, %rcx
+ movq %r12, %rax
+ mulq %rcx
+ mov $0x00, %rbp
+ addq %rax, %r8
+ adcq %rdx, %rbp
+ movq %r13, %rax
+ mulq %rcx
+ movq $0x00, %rsi
+ addq %rax, %r9
+ adcq %rdx, %rsi
+ movq %r14, %rax
+ mulq %rcx
+ addq %rbp, %r9
+ adcq %rax, %r10
+ adcq %rdx, %r11
+ mov $0x00, %rbx
+ adcq $0x00, %rbx
+ movq %r15, %rax
+ mulq %rcx
+ addq %rsi, %r10
adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
+ adcq %rdx, %rbx
+ movq $0xeb2106215d086329, %rcx
+ movq %r12, %rax
+ mulq %rcx
+ mov $0x00, %rbp
+ addq %rax, %r9
+ adcq %rdx, %rbp
+ movq %r13, %rax
+ mulq %rcx
+ movq $0x00, %rsi
+ addq %rax, %r10
+ adcq %rdx, %rsi
+ movq %r14, %rax
+ mulq %rcx
+ addq %rbp, %r10
+ adcq %rax, %r11
+ adcq %rdx, %rbx
+ mov $0x00, %rbp
+ adcq $0x00, %rbp
+ movq %r15, %rax
+ mulq %rcx
+ addq %rsi, %r11
+ adcq %rax, %rbx
+ adcq %rdx, %rbp
+ subq %r12, %r10
+ movq %rbx, %r12
+ sbbq %r13, %r11
+ movq %rbp, %r13
+ sbbq %r14, %r12
+ sbbq %r15, %r13
+ movq %r13, %rcx
+ sarq $57, %rcx
+ # Conditionally subtract order starting at bit 125
+ movq $0xa000000000000000, %rax
+ movq $0xcb024c634b9eba7d, %rdx
+ movq $0x29bdf3bd45ef39a, %rbx
+ movq $0x200000000000000, %rbp
+ andq %rcx, %rax
+ andq %rcx, %rdx
+ andq %rcx, %rbx
+ andq %rcx, %rbp
+ addq %rax, %r9
+ adcq %rdx, %r10
+ adcq %rbx, %r11
+ adcq $0x00, %r12
+ adcq %rbp, %r13
+ # Move bits 252-376 to own registers
+ movq $0xfffffffffffffff, %rcx
+ shldq $4, %r12, %r13
+ shldq $4, %r11, %r12
andq %rcx, %r11
+ # Sub product of top 2 words and order
+ # * -5812631a5cf5d3ed
+ movq $0xa7ed9ce5a30a2c13, %rcx
+ movq %r12, %rax
+ mulq %rcx
+ movq $0x00, %rbx
addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
+ adcq %rdx, %r9
+ adcq $0x00, %rbx
+ movq %r13, %rax
+ mulq %rcx
+ addq %rax, %r9
+ adcq %rdx, %rbx
+ # * -14def9dea2f79cd7
+ movq $0xeb2106215d086329, %rcx
+ movq %r12, %rax
+ mulq %rcx
+ movq $0x00, %rbp
+ addq %rax, %r9
+ adcq %rdx, %r10
+ adcq $0x00, %rbp
+ movq %r13, %rax
+ mulq %rcx
+ addq %rax, %r10
+ adcq %rdx, %rbp
+ # Add overflows at 2 * 64
+ movq $0xfffffffffffffff, %rsi
+ andq %rsi, %r11
+ addq %rbx, %r10
+ adcq %rbp, %r11
+ # Subtract top at 2 * 64
+ subq %r12, %r10
+ sbbq %r13, %r11
+ sbbq %rsi, %rsi
+ # Conditional sub order
+ movq $0x5812631a5cf5d3ed, %rax
+ movq $0x14def9dea2f79cd6, %rdx
+ movq $0x1000000000000000, %rbx
+ andq %rsi, %rax
+ andq %rsi, %rdx
+ andq %rsi, %rbx
+ addq %rax, %r8
+ movq $0xfffffffffffffff, %rax
+ adcq %rdx, %r9
adcq $0x00, %r10
- adcq $0x00, %r11
- # Store
+ adcq %rbx, %r11
+ andq %rax, %r11
+ # Store result
movq %r8, (%rdi)
movq %r9, 8(%rdi)
movq %r10, 16(%rdi)
movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 128(%rsp), %rsi
- movq 144(%rsp), %rbx
+ popq %rbp
+ popq %rbx
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size sc_reduce_x64,.-sc_reduce_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl sc_muladd_x64
+.type sc_muladd_x64,@function
+.align 16
+sc_muladd_x64:
+#else
+.section __TEXT,__text
+.globl _sc_muladd_x64
+.p2align 4
+_sc_muladd_x64:
+#endif /* __APPLE__ */
+ pushq %rbp
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ pushq %rbx
+ movq %rdx, %rbp
# Multiply
# A[0] * B[0]
- movq (%rbx), %rax
+ movq (%rbp), %rax
mulq (%rsi)
movq %rax, %r8
movq %rdx, %r9
# A[0] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rbp), %rax
mulq (%rsi)
xorq %r10, %r10
addq %rax, %r9
adcq %rdx, %r10
# A[1] * B[0]
- movq (%rbx), %rax
+ movq (%rbp), %rax
mulq 8(%rsi)
xorq %r11, %r11
addq %rax, %r9
adcq %rdx, %r10
adcq $0x00, %r11
# A[0] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rbp), %rax
mulq (%rsi)
addq %rax, %r10
adcq %rdx, %r11
# A[1] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rbp), %rax
mulq 8(%rsi)
xorq %r12, %r12
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[2] * B[0]
- movq (%rbx), %rax
+ movq (%rbp), %rax
mulq 16(%rsi)
addq %rax, %r10
adcq %rdx, %r11
adcq $0x00, %r12
# A[0] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rbp), %rax
mulq (%rsi)
xorq %r13, %r13
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rbp), %rax
mulq 8(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[2] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rbp), %rax
mulq 16(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[3] * B[0]
- movq (%rbx), %rax
+ movq (%rbp), %rax
mulq 24(%rsi)
addq %rax, %r11
adcq %rdx, %r12
adcq $0x00, %r13
# A[1] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rbp), %rax
mulq 8(%rsi)
xorq %r14, %r14
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rbp), %rax
mulq 16(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[3] * B[1]
- movq 8(%rbx), %rax
+ movq 8(%rbp), %rax
mulq 24(%rsi)
addq %rax, %r12
adcq %rdx, %r13
adcq $0x00, %r14
# A[2] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rbp), %rax
mulq 16(%rsi)
xorq %r15, %r15
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[2]
- movq 16(%rbx), %rax
+ movq 16(%rbp), %rax
mulq 24(%rsi)
addq %rax, %r13
adcq %rdx, %r14
adcq $0x00, %r15
# A[3] * B[3]
- movq 24(%rbx), %rax
+ movq 24(%rbp), %rax
mulq 24(%rsi)
addq %rax, %r14
adcq %rdx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ # Add c to a * b
+ addq (%rcx), %r8
+ adcq 8(%rcx), %r9
+ adcq 16(%rcx), %r10
+ adcq 24(%rcx), %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ adcq $0x00, %r14
+ adcq $0x00, %r15
+ movq %r15, %rbx
+ movq $0xfffffffffffffff, %rcx
+ shrq $56, %rbx
+ shldq $4, %r14, %r15
+ shldq $4, %r13, %r14
+ shldq $4, %r12, %r13
+ shldq $4, %r11, %r12
andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rax
- mulq %r12
- xorq %r12, %r12
+ andq %rcx, %r15
+ # Add order times bits 504..507
+ subq %rbx, %r14
+ sbbq $0x00, %r15
+ movq $0xeb2106215d086329, %rax
+ mulq %rbx
+ movq $0x00, %rcx
+ addq %rax, %r13
+ movq $0xa7ed9ce5a30a2c13, %rax
+ adcq %rdx, %rcx
+ mulq %rbx
+ addq %rax, %r12
+ adcq %rdx, %r13
+ adcq %rcx, %r14
+ adcq $0x00, %r15
+ # Sub product of top 4 words and order
+ movq $0xa7ed9ce5a30a2c13, %rbx
+ movq %r12, %rax
+ mulq %rbx
+ mov $0x00, %rbp
addq %rax, %r8
- movq $19, %rax
- adcq %rdx, %r12
- mulq %r13
- xorq %r13, %r13
+ adcq %rdx, %rbp
+ movq %r13, %rax
+ mulq %rbx
+ movq $0x00, %rcx
addq %rax, %r9
- movq $19, %rax
- adcq %rdx, %r13
- mulq %r14
- xorq %r14, %r14
+ adcq %rdx, %rcx
+ movq %r14, %rax
+ mulq %rbx
+ addq %rbp, %r9
+ adcq %rax, %r10
+ adcq %rdx, %r11
+ mov $0x00, %rsi
+ adcq $0x00, %rsi
+ movq %r15, %rax
+ mulq %rbx
+ addq %rcx, %r10
+ adcq %rax, %r11
+ adcq %rdx, %rsi
+ movq $0xeb2106215d086329, %rbx
+ movq %r12, %rax
+ mulq %rbx
+ mov $0x00, %rbp
+ addq %rax, %r9
+ adcq %rdx, %rbp
+ movq %r13, %rax
+ mulq %rbx
+ movq $0x00, %rcx
addq %rax, %r10
- movq $19, %rax
- adcq %rdx, %r14
- mulq %r15
- # Add remaining product results in
- addq %r12, %r9
- adcq %r13, %r10
- adcq %r14, %r11
+ adcq %rdx, %rcx
+ movq %r14, %rax
+ mulq %rbx
+ addq %rbp, %r10
adcq %rax, %r11
- adcq $0x00, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
+ adcq %rdx, %rsi
+ mov $0x00, %rbp
+ adcq $0x00, %rbp
+ movq %r15, %rax
+ mulq %rbx
+ addq %rcx, %r11
+ adcq %rax, %rsi
+ adcq %rdx, %rbp
+ subq %r12, %r10
+ movq %rsi, %r12
+ sbbq %r13, %r11
+ movq %rbp, %r13
+ sbbq %r14, %r12
+ sbbq %r15, %r13
+ movq %r13, %rbx
+ sarq $57, %rbx
+ # Conditionally subtract order starting at bit 125
+ movq $0xa000000000000000, %rax
+ movq $0xcb024c634b9eba7d, %rdx
+ movq $0x29bdf3bd45ef39a, %rsi
+ movq $0x200000000000000, %rbp
+ andq %rbx, %rax
+ andq %rbx, %rdx
+ andq %rbx, %rsi
+ andq %rbx, %rbp
+ addq %rax, %r9
+ adcq %rdx, %r10
+ adcq %rsi, %r11
+ adcq $0x00, %r12
+ adcq %rbp, %r13
+ # Move bits 252-376 to own registers
+ movq $0xfffffffffffffff, %rbx
+ shldq $4, %r12, %r13
+ shldq $4, %r11, %r12
+ andq %rbx, %r11
+ # Sub product of top 2 words and order
+ # * -5812631a5cf5d3ed
+ movq $0xa7ed9ce5a30a2c13, %rbx
+ movq %r12, %rax
+ mulq %rbx
+ movq $0x00, %rsi
addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
+ adcq %rdx, %r9
+ adcq $0x00, %rsi
+ movq %r13, %rax
+ mulq %rbx
+ addq %rax, %r9
+ adcq %rdx, %rsi
+ # * -14def9dea2f79cd7
+ movq $0xeb2106215d086329, %rbx
+ movq %r12, %rax
+ mulq %rbx
+ movq $0x00, %rbp
+ addq %rax, %r9
+ adcq %rdx, %r10
+ adcq $0x00, %rbp
+ movq %r13, %rax
+ mulq %rbx
+ addq %rax, %r10
+ adcq %rdx, %rbp
+ # Add overflows at 2 * 64
+ movq $0xfffffffffffffff, %rcx
andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rdi
- movq (%rsp), %rsi
- movq (%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
- movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Add modulus (if underflow)
- addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 16(%rsp), %rsi
- movq 8(%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
- movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
+ addq %rsi, %r10
+ adcq %rbp, %r11
+ # Subtract top at 2 * 64
+ subq %r12, %r10
+ sbbq %r13, %r11
+ sbbq %rcx, %rcx
+ # Conditional sub order
+ movq $0x5812631a5cf5d3ed, %rax
+ movq $0x14def9dea2f79cd6, %rdx
+ movq $0x1000000000000000, %rsi
andq %rcx, %rax
andq %rcx, %rdx
- # Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rbx), %r8
- movq $0x00, %rcx
- sbbq 8(%rbx), %r9
- movq $-19, %rax
- sbbq 16(%rbx), %r10
- movq $0x7fffffffffffffff, %rdx
- sbbq 24(%rbx), %r11
- sbbq $0x00, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Add modulus (if underflow)
+ andq %rcx, %rsi
addq %rax, %r8
- adcq %rcx, %r9
- adcq %rcx, %r10
- adcq %rdx, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rdi
- leaq 48(%rsp), %rsi
- movq 24(%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rcx
- adcq 16(%rbx), %r10
- movq $-19, %rax
- adcq 24(%rbx), %rcx
- movq $0x7fffffffffffffff, %rdx
- movq %rcx, %r11
- sarq $63, %rcx
- # Mask the modulus
- andq %rcx, %rax
- andq %rcx, %rdx
- # Sub modulus (if overflow)
- subq %rax, %r8
- sbbq %rcx, %r9
- sbbq %rcx, %r10
- sbbq %rdx, %r11
+ movq $0xfffffffffffffff, %rax
+ adcq %rdx, %r9
+ adcq $0x00, %r10
+ adcq %rsi, %r11
+ andq %rax, %r11
+ # Store result
movq %r8, (%rdi)
movq %r9, 8(%rdi)
movq %r10, 16(%rdi)
movq %r11, 24(%rdi)
- addq $0x50, %rsp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
+ popq %rbp
repz retq
#ifndef __APPLE__
-.size fe_ge_sub_x64,.-fe_ge_sub_x64
+.size sc_muladd_x64,.-sc_muladd_x64
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
#ifdef HAVE_INTEL_AVX2
#ifndef __APPLE__
.text
@@ -9575,12 +9124,11 @@ _fe_mul_avx2:
mulxq 8(%rsi), %rax, %rcx
xorq %r15, %r15
adcxq %rax, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
+ # A[3] * B[1]
+ movq 8(%rbx), %rdx
+ mulxq 24(%rsi), %r12, %r13
adcxq %rcx, %r10
# A[0] * B[1]
- movq 8(%rbx), %rdx
mulxq (%rsi), %rax, %rcx
adoxq %rax, %r9
# A[2] * B[1]
@@ -9604,10 +9152,10 @@ _fe_mul_avx2:
mulxq 8(%rsi), %rdx, %rax
adcxq %rcx, %r11
adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
+ # A[1] * B[3]
+ movq 24(%rbx), %rdx
adoxq %rax, %r11
- mulxq 24(%rsi), %rax, %rcx
+ mulxq 8(%rsi), %rax, %rcx
adcxq %rax, %r12
# A[2] * B[2]
movq 16(%rbx), %rdx
@@ -9626,34 +9174,33 @@ _fe_mul_avx2:
xorq %rcx, %rcx
adcxq %rdx, %r11
# A[3] * B[0]
- movq (%rbx), %rdx
+ movq 24(%rsi), %rdx
adcxq %rax, %r12
- mulxq 24(%rsi), %rdx, %rax
+ mulxq (%rbx), %rdx, %rax
adoxq %rdx, %r11
adoxq %rax, %r12
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rbx), %rdx, %rax
+ adcxq %rdx, %r13
# A[2] * B[3]
movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rax
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rbx), %rdx
adcxq %rax, %r14
- mulxq 24(%rsi), %rax, %rdx
+ mulxq 16(%rsi), %rax, %rdx
adcxq %rcx, %r15
adoxq %rax, %r13
adoxq %rdx, %r14
adoxq %rcx, %r15
- # Reduce
+ movq $38, %rdx
+ mulxq %r15, %r15, %rax
+ addq %r15, %r11
+ adcq $0x00, %rax
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rax
+ imulq $19, %rax, %rax
andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
+ adoxq %rax, %r8
mulxq %r12, %rax, %r12
adcxq %rax, %r8
adoxq %r12, %r9
@@ -9663,20 +9210,8 @@ _fe_mul_avx2:
mulxq %r14, %rax, %r14
adcxq %rax, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
+ adcxq %rcx, %r11
movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
movq %r11, %rdx
sarq $63, %rdx
andq $19, %rdx
@@ -9717,93 +9252,81 @@ _fe_sq_avx2:
pushq %r14
pushq %r15
# Square
- # A[0] * A[1]
movq (%rsi), %rdx
- mulxq 8(%rsi), %r9, %r10
+ movq 8(%rsi), %rax
+ # A[0] * A[1]
+ movq %rdx, %r15
+ mulxq %rax, %r9, %r10
# A[0] * A[3]
mulxq 24(%rsi), %r11, %r12
# A[2] * A[1]
movq 16(%rsi), %rdx
- mulxq 8(%rsi), %rcx, %rbx
- xorq %r15, %r15
+ mulxq %rax, %rcx, %rbx
+ xorq %r8, %r8
adoxq %rcx, %r11
# A[2] * A[3]
mulxq 24(%rsi), %r13, %r14
adoxq %rbx, %r12
# A[2] * A[0]
- mulxq (%rsi), %rcx, %rbx
- adoxq %r15, %r13
+ mulxq %r15, %rcx, %rbx
+ adoxq %r8, %r13
adcxq %rcx, %r10
- adoxq %r15, %r14
+ adoxq %r8, %r14
# A[1] * A[3]
- movq 8(%rsi), %rdx
- mulxq 24(%rsi), %rax, %r8
+ movq %rax, %rdx
+ mulxq 24(%rsi), %rcx, %rdx
adcxq %rbx, %r11
- adcxq %rax, %r12
- adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
+ adcxq %rcx, %r12
+ adcxq %rdx, %r13
+ adcxq %r8, %r14
# A[0] * A[0]
- movq (%rsi), %rdx
- mulxq %rdx, %r8, %rax
+ movq %r15, %rdx
+ mulxq %rdx, %r8, %rcx
+ xorq %r15, %r15
adcxq %r9, %r9
# A[1] * A[1]
- movq 8(%rsi), %rdx
+ movq %rax, %rdx
+ adoxq %rcx, %r9
mulxq %rdx, %rcx, %rbx
adcxq %r10, %r10
- adoxq %rax, %r9
- adcxq %r11, %r11
adoxq %rcx, %r10
+ adcxq %r11, %r11
# A[2] * A[2]
movq 16(%rsi), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r12, %r12
adoxq %rbx, %r11
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r12, %r12
+ adoxq %rbx, %r12
adcxq %r13, %r13
- adoxq %rax, %r12
# A[3] * A[3]
movq 24(%rsi), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r14, %r14
adoxq %rcx, %r13
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r14, %r14
+ adoxq %rcx, %r14
adcxq %r15, %r15
- adoxq %rax, %r14
adoxq %rbx, %r15
- # Reduce
+ movq $38, %rdx
+ mulxq %r15, %r15, %rbx
+ addq %r15, %r11
+ adcq $0x00, %rbx
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rbx
+ imulq $19, %rbx, %rbx
andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
- mulxq %r12, %rax, %r12
- adcxq %rax, %r8
+ adoxq %rbx, %r8
+ mulxq %r12, %rbx, %r12
+ adcxq %rbx, %r8
adoxq %r12, %r9
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
+ mulxq %r13, %rbx, %r13
+ adcxq %rbx, %r9
adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
+ mulxq %r14, %rbx, %r14
+ adcxq %rbx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
+ adcxq %rcx, %r11
movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
movq %r11, %rdx
sarq $63, %rdx
andq $19, %rdx
@@ -9847,101 +9370,80 @@ _fe_sq_n_avx2:
movq %rdx, %rbp
L_fe_sq_n_avx2:
# Square
- # A[0] * A[1]
movq (%rsi), %rdx
- mulxq 8(%rsi), %r9, %r10
+ movq 8(%rsi), %rax
+ # A[0] * A[1]
+ movq %rdx, %r15
+ mulxq %rax, %r9, %r10
# A[0] * A[3]
mulxq 24(%rsi), %r11, %r12
# A[2] * A[1]
movq 16(%rsi), %rdx
- mulxq 8(%rsi), %rcx, %rbx
- xorq %r15, %r15
+ mulxq %rax, %rcx, %rbx
+ xorq %r8, %r8
adoxq %rcx, %r11
# A[2] * A[3]
mulxq 24(%rsi), %r13, %r14
adoxq %rbx, %r12
# A[2] * A[0]
- mulxq (%rsi), %rcx, %rbx
- adoxq %r15, %r13
+ mulxq %r15, %rcx, %rbx
+ adoxq %r8, %r13
adcxq %rcx, %r10
- adoxq %r15, %r14
+ adoxq %r8, %r14
# A[1] * A[3]
- movq 8(%rsi), %rdx
- mulxq 24(%rsi), %rax, %r8
+ movq %rax, %rdx
+ mulxq 24(%rsi), %rcx, %rdx
adcxq %rbx, %r11
- adcxq %rax, %r12
- adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
+ adcxq %rcx, %r12
+ adcxq %rdx, %r13
+ adcxq %r8, %r14
# A[0] * A[0]
- movq (%rsi), %rdx
- mulxq %rdx, %r8, %rax
+ movq %r15, %rdx
+ mulxq %rdx, %r8, %rcx
+ xorq %r15, %r15
adcxq %r9, %r9
# A[1] * A[1]
- movq 8(%rsi), %rdx
+ movq %rax, %rdx
+ adoxq %rcx, %r9
mulxq %rdx, %rcx, %rbx
adcxq %r10, %r10
- adoxq %rax, %r9
- adcxq %r11, %r11
adoxq %rcx, %r10
+ adcxq %r11, %r11
# A[2] * A[2]
movq 16(%rsi), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r12, %r12
adoxq %rbx, %r11
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r12, %r12
+ adoxq %rbx, %r12
adcxq %r13, %r13
- adoxq %rax, %r12
# A[3] * A[3]
movq 24(%rsi), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r14, %r14
adoxq %rcx, %r13
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r14, %r14
+ adoxq %rcx, %r14
adcxq %r15, %r15
- adoxq %rax, %r14
adoxq %rbx, %r15
- # Reduce
+ movq $38, %rdx
+ mulxq %r15, %r15, %rbx
+ addq %r15, %r11
+ adcq $0x00, %rbx
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
+ shldq $0x01, %r11, %rbx
+ imulq $19, %rbx, %rbx
andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
- mulxq %r12, %rax, %r12
- adcxq %rax, %r8
+ adoxq %rbx, %r8
+ mulxq %r12, %rbx, %r12
+ adcxq %rbx, %r8
adoxq %r12, %r9
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
+ mulxq %r13, %rbx, %r13
+ adcxq %rbx, %r9
adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
+ mulxq %r14, %rbx, %r14
+ adcxq %rbx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ adcxq %rcx, %r11
# Store
movq %r8, (%rdi)
movq %r9, 8(%rdi)
@@ -10002,144 +9504,6 @@ _fe_mul121666_avx2:
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_sq2_avx2
-.type fe_sq2_avx2,@function
-.align 16
-fe_sq2_avx2:
-#else
-.section __TEXT,__text
-.globl _fe_sq2_avx2
-.p2align 4
-_fe_sq2_avx2:
-#endif /* __APPLE__ */
- pushq %rbx
- pushq %r12
- pushq %r13
- pushq %r14
- pushq %r15
- # Square * 2
- # A[0] * A[1]
- movq (%rsi), %rdx
- mulxq 8(%rsi), %r9, %r10
- # A[0] * A[3]
- mulxq 24(%rsi), %r11, %r12
- # A[2] * A[1]
- movq 16(%rsi), %rdx
- mulxq 8(%rsi), %rcx, %rbx
- xorq %r15, %r15
- adoxq %rcx, %r11
- # A[2] * A[3]
- mulxq 24(%rsi), %r13, %r14
- adoxq %rbx, %r12
- # A[2] * A[0]
- mulxq (%rsi), %rcx, %rbx
- adoxq %r15, %r13
- adcxq %rcx, %r10
- adoxq %r15, %r14
- # A[1] * A[3]
- movq 8(%rsi), %rdx
- mulxq 24(%rsi), %rax, %r8
- adcxq %rbx, %r11
- adcxq %rax, %r12
- adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
- # A[0] * A[0]
- movq (%rsi), %rdx
- mulxq %rdx, %r8, %rax
- adcxq %r9, %r9
- # A[1] * A[1]
- movq 8(%rsi), %rdx
- mulxq %rdx, %rcx, %rbx
- adcxq %r10, %r10
- adoxq %rax, %r9
- adcxq %r11, %r11
- adoxq %rcx, %r10
- # A[2] * A[2]
- movq 16(%rsi), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r12, %r12
- adoxq %rbx, %r11
- adcxq %r13, %r13
- adoxq %rax, %r12
- # A[3] * A[3]
- movq 24(%rsi), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r14, %r14
- adoxq %rcx, %r13
- adcxq %r15, %r15
- adoxq %rax, %r14
- adoxq %rbx, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rbx
- xorq %rax, %rax
- # Move top half into t4-t7 and remove top bit from t3 and double
- shldq $3, %r15, %rax
- shldq $2, %r14, %r15
- shldq $2, %r13, %r14
- shldq $2, %r12, %r13
- shldq $2, %r11, %r12
- shldq $0x01, %r10, %r11
- shldq $0x01, %r9, %r10
- shldq $0x01, %r8, %r9
- shlq $0x01, %r8
- andq %rbx, %r11
- # Two out left, one in right
- andq %rbx, %r15
- # Multiply top bits by 19*19
- imulq $0x169, %rax, %rcx
- xorq %rbx, %rbx
- # Multiply top half by 19
- movq $19, %rdx
- adoxq %rcx, %r8
- mulxq %r12, %rax, %r12
- adcxq %rax, %r8
- adoxq %r12, %r9
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
- adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
- adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rax
- andq %rbx, %r11
- addq %rax, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- popq %r15
- popq %r14
- popq %r13
- popq %r12
- popq %rbx
- repz retq
-#ifndef __APPLE__
-.size fe_sq2_avx2,.-fe_sq2_avx2
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.text
.globl fe_invert_avx2
.type fe_invert_avx2,@function
.align 16
@@ -10413,9 +9777,9 @@ _curve25519_avx2:
pushq %r15
pushq %rbp
movq %rdx, %r8
- subq $0xc0, %rsp
- movq $0x00, 184(%rsp)
- movq %rdi, 176(%rsp)
+ subq $0xb8, %rsp
+ movq $0x00, 176(%rsp)
+ movq %rdi, 168(%rsp)
# Set one
movq $0x01, (%rdi)
movq $0x00, 8(%rdi)
@@ -10440,18 +9804,18 @@ _curve25519_avx2:
movq %r10, 72(%rsp)
movq %r11, 80(%rsp)
movq %r12, 88(%rsp)
- movb $62, 168(%rsp)
- movq $3, 160(%rsp)
-L_curve25519_avx2_words:
+ movq $0xfe, %rbx
L_curve25519_avx2_bits:
- movq 184(%rsp), %rbx
- movq 160(%rsp), %r9
- movb 168(%rsp), %cl
- movq (%rsi,%r9,8), %rax
- shrq %cl, %rax
- andq $0x01, %rax
- xorq %rax, %rbx
- negq %rbx
+ movq 176(%rsp), %rax
+ movq %rbx, 160(%rsp)
+ movq %rbx, %rcx
+ andq $63, %rcx
+ shrq $6, %rbx
+ movq (%rsi,%rbx,8), %rbx
+ shrq %cl, %rbx
+ andq $0x01, %rbx
+ xorq %rbx, %rax
+ negq %rax
# Conditional Swap
movq (%rdi), %r9
movq 8(%rdi), %r10
@@ -10461,10 +9825,10 @@ L_curve25519_avx2_bits:
xorq 72(%rsp), %r10
xorq 80(%rsp), %r11
xorq 88(%rsp), %r12
- andq %rbx, %r9
- andq %rbx, %r10
- andq %rbx, %r11
- andq %rbx, %r12
+ andq %rax, %r9
+ andq %rax, %r10
+ andq %rax, %r11
+ andq %rax, %r12
xorq %r9, (%rdi)
xorq %r10, 8(%rdi)
xorq %r11, 16(%rdi)
@@ -10482,10 +9846,10 @@ L_curve25519_avx2_bits:
xorq 40(%rsp), %r10
xorq 48(%rsp), %r11
xorq 56(%rsp), %r12
- andq %rbx, %r9
- andq %rbx, %r10
- andq %rbx, %r11
- andq %rbx, %r12
+ andq %rax, %r9
+ andq %rax, %r10
+ andq %rax, %r11
+ andq %rax, %r12
xorq %r9, (%rsp)
xorq %r10, 8(%rsp)
xorq %r11, 16(%rsp)
@@ -10494,49 +9858,46 @@ L_curve25519_avx2_bits:
xorq %r10, 40(%rsp)
xorq %r11, 48(%rsp)
xorq %r12, 56(%rsp)
- movq %rax, 184(%rsp)
+ movq %rbx, 176(%rsp)
+ # Add-Sub
# Add
movq (%rdi), %r9
movq 8(%rdi), %r10
movq 16(%rdi), %r11
- movq 24(%rdi), %rax
+ movq 24(%rdi), %r12
movq %r9, %r13
addq (%rsp), %r9
movq %r10, %r14
adcq 8(%rsp), %r10
movq %r11, %r15
adcq 16(%rsp), %r11
- movq %rax, %rbp
- adcq 24(%rsp), %rax
- movq $-19, %rcx
- movq %rax, %r12
+ movq %r12, %rbp
+ adcq 24(%rsp), %r12
+ movq $0x00, %rcx
+ adcq $0x00, %rcx
+ shldq $0x01, %r12, %rcx
movq $0x7fffffffffffffff, %rbx
- sarq $63, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ imulq $19, %rcx
+ andq %rbx, %r12
# Sub modulus (if overflow)
- subq %rcx, %r9
- sbbq %rax, %r10
- sbbq %rax, %r11
- sbbq %rbx, %r12
+ addq %rcx, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
# Sub
subq (%rsp), %r13
- movq $0x00, %rax
sbbq 8(%rsp), %r14
- movq $-19, %rcx
sbbq 16(%rsp), %r15
- movq $0x7fffffffffffffff, %rbx
sbbq 24(%rsp), %rbp
- sbbq $0x00, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ sbbq %rcx, %rcx
+ shldq $0x01, %rbp, %rcx
+ imulq $-19, %rcx
+ andq %rbx, %rbp
# Add modulus (if underflow)
- addq %rcx, %r13
- adcq %rax, %r14
- adcq %rax, %r15
- adcq %rbx, %rbp
+ subq %rcx, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbp
movq %r9, (%rdi)
movq %r10, 8(%rdi)
movq %r11, 16(%rdi)
@@ -10545,145 +9906,140 @@ L_curve25519_avx2_bits:
movq %r14, 136(%rsp)
movq %r15, 144(%rsp)
movq %rbp, 152(%rsp)
+ # Add-Sub
# Add
movq 64(%rsp), %r9
movq 72(%rsp), %r10
movq 80(%rsp), %r11
- movq 88(%rsp), %rax
+ movq 88(%rsp), %r12
movq %r9, %r13
addq 32(%rsp), %r9
movq %r10, %r14
adcq 40(%rsp), %r10
movq %r11, %r15
adcq 48(%rsp), %r11
- movq %rax, %rbp
- adcq 56(%rsp), %rax
- movq $-19, %rcx
- movq %rax, %r12
+ movq %r12, %rbp
+ adcq 56(%rsp), %r12
+ movq $0x00, %rcx
+ adcq $0x00, %rcx
+ shldq $0x01, %r12, %rcx
movq $0x7fffffffffffffff, %rbx
- sarq $63, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ imulq $19, %rcx
+ andq %rbx, %r12
# Sub modulus (if overflow)
- subq %rcx, %r9
- sbbq %rax, %r10
- sbbq %rax, %r11
- sbbq %rbx, %r12
+ addq %rcx, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
# Sub
subq 32(%rsp), %r13
- movq $0x00, %rax
sbbq 40(%rsp), %r14
- movq $-19, %rcx
sbbq 48(%rsp), %r15
- movq $0x7fffffffffffffff, %rbx
sbbq 56(%rsp), %rbp
- sbbq $0x00, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ sbbq %rcx, %rcx
+ shldq $0x01, %rbp, %rcx
+ imulq $-19, %rcx
+ andq %rbx, %rbp
# Add modulus (if underflow)
- addq %rcx, %r13
- adcq %rax, %r14
- adcq %rax, %r15
- adcq %rbx, %rbp
- movq %r9, (%rsp)
- movq %r10, 8(%rsp)
- movq %r11, 16(%rsp)
- movq %r12, 24(%rsp)
+ subq %rcx, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbp
+ movq %r9, 32(%rsp)
+ movq %r10, 40(%rsp)
+ movq %r11, 48(%rsp)
+ movq %r12, 56(%rsp)
movq %r13, 96(%rsp)
movq %r14, 104(%rsp)
movq %r15, 112(%rsp)
movq %rbp, 120(%rsp)
# Multiply
# A[0] * B[0]
- movq (%rdi), %rdx
- mulxq 96(%rsp), %r9, %r10
+ movq 128(%rsp), %rdx
+ mulxq 32(%rsp), %r9, %r10
# A[2] * B[0]
- mulxq 112(%rsp), %r11, %r12
+ mulxq 48(%rsp), %r11, %r12
# A[1] * B[0]
- mulxq 104(%rsp), %rcx, %rbx
+ mulxq 40(%rsp), %rcx, %rbx
xorq %rbp, %rbp
adcxq %rcx, %r10
- # A[1] * B[3]
- movq 24(%rdi), %rdx
- mulxq 104(%rsp), %r13, %r14
+ # A[3] * B[1]
+ movq 136(%rsp), %rdx
+ mulxq 56(%rsp), %r13, %r14
adcxq %rbx, %r11
# A[0] * B[1]
- movq 8(%rdi), %rdx
- mulxq 96(%rsp), %rcx, %rbx
+ mulxq 32(%rsp), %rcx, %rbx
adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 112(%rsp), %rcx, %r15
+ mulxq 48(%rsp), %rcx, %r15
adoxq %rbx, %r11
adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rdi), %rdx
- mulxq 104(%rsp), %rcx, %rbx
+ movq 144(%rsp), %rdx
+ mulxq 40(%rsp), %rcx, %rbx
adcxq %r15, %r13
adoxq %rcx, %r12
adcxq %rbp, %r14
adoxq %rbx, %r13
# A[0] * B[2]
- mulxq 96(%rsp), %rcx, %rbx
+ mulxq 32(%rsp), %rcx, %rbx
adoxq %rbp, %r14
xorq %r15, %r15
adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rdi), %rdx
- mulxq 104(%rsp), %rdx, %rcx
+ movq 136(%rsp), %rdx
+ mulxq 40(%rsp), %rdx, %rcx
adcxq %rbx, %r12
adoxq %rdx, %r11
- # A[3] * B[1]
- movq 8(%rdi), %rdx
+ # A[1] * B[3]
+ movq 152(%rsp), %rdx
adoxq %rcx, %r12
- mulxq 120(%rsp), %rcx, %rbx
+ mulxq 40(%rsp), %rcx, %rbx
adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rdi), %rdx
- mulxq 112(%rsp), %rdx, %rcx
+ movq 144(%rsp), %rdx
+ mulxq 48(%rsp), %rdx, %rcx
adcxq %rbx, %r14
adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rdi), %rdx
+ movq 152(%rsp), %rdx
adoxq %rcx, %r14
- mulxq 120(%rsp), %rcx, %rbx
+ mulxq 56(%rsp), %rcx, %rbx
adoxq %rbp, %r15
adcxq %rcx, %r15
# A[0] * B[3]
- mulxq 96(%rsp), %rdx, %rcx
+ mulxq 32(%rsp), %rdx, %rcx
adcxq %rbx, %rbp
xorq %rbx, %rbx
adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rdi), %rdx
+ movq 56(%rsp), %rdx
adcxq %rcx, %r13
- mulxq 120(%rsp), %rdx, %rcx
+ mulxq 128(%rsp), %rdx, %rcx
adoxq %rdx, %r12
adoxq %rcx, %r13
- # A[2] * B[3]
- movq 24(%rdi), %rdx
- mulxq 112(%rsp), %rdx, %rcx
- adcxq %rdx, %r14
# A[3] * B[2]
- movq 16(%rdi), %rdx
+ movq 56(%rsp), %rdx
+ mulxq 144(%rsp), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 152(%rsp), %rdx
adcxq %rcx, %r15
- mulxq 120(%rsp), %rcx, %rdx
+ mulxq 48(%rsp), %rcx, %rdx
adcxq %rbx, %rbp
adoxq %rcx, %r14
adoxq %rdx, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rcx
+ addq %rbp, %r12
+ adcq $0x00, %rcx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
andq %rbx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rbx, %rbx
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
@@ -10693,28 +10049,7 @@ L_curve25519_avx2_bits:
mulxq %r15, %rcx, %r15
adcxq %rcx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rcx
- andq %rbx, %r12
- addq %rcx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rbx, %r12
# Store
movq %r9, 32(%rsp)
movq %r10, 40(%rsp)
@@ -10722,93 +10057,91 @@ L_curve25519_avx2_bits:
movq %r12, 56(%rsp)
# Multiply
# A[0] * B[0]
- movq 128(%rsp), %rdx
- mulxq (%rsp), %r9, %r10
+ movq (%rdi), %rdx
+ mulxq 96(%rsp), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rsp), %r11, %r12
+ mulxq 112(%rsp), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rsp), %rcx, %rbx
+ mulxq 104(%rsp), %rcx, %rbx
xorq %rbp, %rbp
adcxq %rcx, %r10
- # A[1] * B[3]
- movq 152(%rsp), %rdx
- mulxq 8(%rsp), %r13, %r14
+ # A[3] * B[1]
+ movq 8(%rdi), %rdx
+ mulxq 120(%rsp), %r13, %r14
adcxq %rbx, %r11
# A[0] * B[1]
- movq 136(%rsp), %rdx
- mulxq (%rsp), %rcx, %rbx
+ mulxq 96(%rsp), %rcx, %rbx
adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rsp), %rcx, %r15
+ mulxq 112(%rsp), %rcx, %r15
adoxq %rbx, %r11
adcxq %rcx, %r12
# A[1] * B[2]
- movq 144(%rsp), %rdx
- mulxq 8(%rsp), %rcx, %rbx
+ movq 16(%rdi), %rdx
+ mulxq 104(%rsp), %rcx, %rbx
adcxq %r15, %r13
adoxq %rcx, %r12
adcxq %rbp, %r14
adoxq %rbx, %r13
# A[0] * B[2]
- mulxq (%rsp), %rcx, %rbx
+ mulxq 96(%rsp), %rcx, %rbx
adoxq %rbp, %r14
xorq %r15, %r15
adcxq %rcx, %r11
# A[1] * B[1]
- movq 136(%rsp), %rdx
- mulxq 8(%rsp), %rdx, %rcx
+ movq 8(%rdi), %rdx
+ mulxq 104(%rsp), %rdx, %rcx
adcxq %rbx, %r12
adoxq %rdx, %r11
- # A[3] * B[1]
- movq 136(%rsp), %rdx
+ # A[1] * B[3]
+ movq 24(%rdi), %rdx
adoxq %rcx, %r12
- mulxq 24(%rsp), %rcx, %rbx
+ mulxq 104(%rsp), %rcx, %rbx
adcxq %rcx, %r13
# A[2] * B[2]
- movq 144(%rsp), %rdx
- mulxq 16(%rsp), %rdx, %rcx
+ movq 16(%rdi), %rdx
+ mulxq 112(%rsp), %rdx, %rcx
adcxq %rbx, %r14
adoxq %rdx, %r13
# A[3] * B[3]
- movq 152(%rsp), %rdx
+ movq 24(%rdi), %rdx
adoxq %rcx, %r14
- mulxq 24(%rsp), %rcx, %rbx
+ mulxq 120(%rsp), %rcx, %rbx
adoxq %rbp, %r15
adcxq %rcx, %r15
# A[0] * B[3]
- mulxq (%rsp), %rdx, %rcx
+ mulxq 96(%rsp), %rdx, %rcx
adcxq %rbx, %rbp
xorq %rbx, %rbx
adcxq %rdx, %r12
# A[3] * B[0]
- movq 128(%rsp), %rdx
+ movq 120(%rsp), %rdx
adcxq %rcx, %r13
- mulxq 24(%rsp), %rdx, %rcx
+ mulxq (%rdi), %rdx, %rcx
adoxq %rdx, %r12
adoxq %rcx, %r13
- # A[2] * B[3]
- movq 152(%rsp), %rdx
- mulxq 16(%rsp), %rdx, %rcx
- adcxq %rdx, %r14
# A[3] * B[2]
- movq 144(%rsp), %rdx
+ movq 120(%rsp), %rdx
+ mulxq 16(%rdi), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rdi), %rdx
adcxq %rcx, %r15
- mulxq 24(%rsp), %rcx, %rdx
+ mulxq 112(%rsp), %rcx, %rdx
adcxq %rbx, %rbp
adoxq %rcx, %r14
adoxq %rdx, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rcx
+ addq %rbp, %r12
+ adcq $0x00, %rcx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
andq %rbx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rbx, %rbx
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
@@ -10818,285 +10151,219 @@ L_curve25519_avx2_bits:
mulxq %r15, %rcx, %r15
adcxq %rcx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rcx
- andq %rbx, %r12
- addq %rcx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rbx, %r12
# Store
movq %r9, (%rsp)
movq %r10, 8(%rsp)
movq %r11, 16(%rsp)
movq %r12, 24(%rsp)
# Square
- # A[0] * A[1]
movq 128(%rsp), %rdx
- mulxq 136(%rsp), %r10, %r11
+ movq 136(%rsp), %rax
+ # A[0] * A[1]
+ movq %rdx, %rbp
+ mulxq %rax, %r10, %r11
# A[0] * A[3]
mulxq 152(%rsp), %r12, %r13
# A[2] * A[1]
movq 144(%rsp), %rdx
- mulxq 136(%rsp), %rcx, %rbx
- xorq %rbp, %rbp
+ mulxq %rax, %rcx, %rbx
+ xorq %r9, %r9
adoxq %rcx, %r12
# A[2] * A[3]
mulxq 152(%rsp), %r14, %r15
adoxq %rbx, %r13
# A[2] * A[0]
- mulxq 128(%rsp), %rcx, %rbx
- adoxq %rbp, %r14
+ mulxq %rbp, %rcx, %rbx
+ adoxq %r9, %r14
adcxq %rcx, %r11
- adoxq %rbp, %r15
+ adoxq %r9, %r15
# A[1] * A[3]
- movq 136(%rsp), %rdx
- mulxq 152(%rsp), %rax, %r9
+ movq %rax, %rdx
+ mulxq 152(%rsp), %rcx, %rdx
adcxq %rbx, %r12
- adcxq %rax, %r13
- adcxq %r9, %r14
- adcxq %rbp, %r15
- # Double with Carry Flag
- xorq %rbp, %rbp
+ adcxq %rcx, %r13
+ adcxq %rdx, %r14
+ adcxq %r9, %r15
# A[0] * A[0]
- movq 128(%rsp), %rdx
- mulxq %rdx, %r9, %rax
+ movq %rbp, %rdx
+ mulxq %rdx, %r9, %rcx
+ xorq %rbp, %rbp
adcxq %r10, %r10
# A[1] * A[1]
- movq 136(%rsp), %rdx
+ movq %rax, %rdx
+ adoxq %rcx, %r10
mulxq %rdx, %rcx, %rbx
adcxq %r11, %r11
- adoxq %rax, %r10
- adcxq %r12, %r12
adoxq %rcx, %r11
+ adcxq %r12, %r12
# A[2] * A[2]
movq 144(%rsp), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r13, %r13
adoxq %rbx, %r12
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r13, %r13
+ adoxq %rbx, %r13
adcxq %r14, %r14
- adoxq %rax, %r13
# A[3] * A[3]
movq 152(%rsp), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r15, %r15
adoxq %rcx, %r14
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r15, %r15
+ adoxq %rcx, %r15
adcxq %rbp, %rbp
- adoxq %rax, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rbx
+ addq %rbp, %r12
+ adcq $0x00, %rbx
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rbx
+ imulq $19, %rbx, %rbx
andq %rcx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
+ adoxq %rbx, %r9
+ mulxq %r13, %rbx, %r13
+ adcxq %rbx, %r9
adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
+ mulxq %r14, %rbx, %r14
+ adcxq %rbx, %r10
adoxq %r14, %r11
- mulxq %r15, %rax, %r15
- adcxq %rax, %r11
+ mulxq %r15, %rbx, %r15
+ adcxq %rbx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r12
- addq %rax, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rcx, %r12
# Store
movq %r9, 96(%rsp)
movq %r10, 104(%rsp)
movq %r11, 112(%rsp)
movq %r12, 120(%rsp)
# Square
- # A[0] * A[1]
movq (%rdi), %rdx
- mulxq 8(%rdi), %r10, %r11
+ movq 8(%rdi), %rax
+ # A[0] * A[1]
+ movq %rdx, %rbp
+ mulxq %rax, %r10, %r11
# A[0] * A[3]
mulxq 24(%rdi), %r12, %r13
# A[2] * A[1]
movq 16(%rdi), %rdx
- mulxq 8(%rdi), %rcx, %rbx
- xorq %rbp, %rbp
+ mulxq %rax, %rcx, %rbx
+ xorq %r9, %r9
adoxq %rcx, %r12
# A[2] * A[3]
mulxq 24(%rdi), %r14, %r15
adoxq %rbx, %r13
# A[2] * A[0]
- mulxq (%rdi), %rcx, %rbx
- adoxq %rbp, %r14
+ mulxq %rbp, %rcx, %rbx
+ adoxq %r9, %r14
adcxq %rcx, %r11
- adoxq %rbp, %r15
+ adoxq %r9, %r15
# A[1] * A[3]
- movq 8(%rdi), %rdx
- mulxq 24(%rdi), %rax, %r9
+ movq %rax, %rdx
+ mulxq 24(%rdi), %rcx, %rdx
adcxq %rbx, %r12
- adcxq %rax, %r13
- adcxq %r9, %r14
- adcxq %rbp, %r15
- # Double with Carry Flag
- xorq %rbp, %rbp
+ adcxq %rcx, %r13
+ adcxq %rdx, %r14
+ adcxq %r9, %r15
# A[0] * A[0]
- movq (%rdi), %rdx
- mulxq %rdx, %r9, %rax
+ movq %rbp, %rdx
+ mulxq %rdx, %r9, %rcx
+ xorq %rbp, %rbp
adcxq %r10, %r10
# A[1] * A[1]
- movq 8(%rdi), %rdx
+ movq %rax, %rdx
+ adoxq %rcx, %r10
mulxq %rdx, %rcx, %rbx
adcxq %r11, %r11
- adoxq %rax, %r10
- adcxq %r12, %r12
adoxq %rcx, %r11
+ adcxq %r12, %r12
# A[2] * A[2]
movq 16(%rdi), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r13, %r13
adoxq %rbx, %r12
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r13, %r13
+ adoxq %rbx, %r13
adcxq %r14, %r14
- adoxq %rax, %r13
# A[3] * A[3]
movq 24(%rdi), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r15, %r15
adoxq %rcx, %r14
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r15, %r15
+ adoxq %rcx, %r15
adcxq %rbp, %rbp
- adoxq %rax, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rbx
+ addq %rbp, %r12
+ adcq $0x00, %rbx
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rbx
+ imulq $19, %rbx, %rbx
andq %rcx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
+ adoxq %rbx, %r9
+ mulxq %r13, %rbx, %r13
+ adcxq %rbx, %r9
adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
+ mulxq %r14, %rbx, %r14
+ adcxq %rbx, %r10
adoxq %r14, %r11
- mulxq %r15, %rax, %r15
- adcxq %rax, %r11
+ mulxq %r15, %rbx, %r15
+ adcxq %rbx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r12
- addq %rax, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rcx, %r12
# Store
movq %r9, 128(%rsp)
movq %r10, 136(%rsp)
movq %r11, 144(%rsp)
movq %r12, 152(%rsp)
+ # Add-Sub
# Add
- movq 32(%rsp), %r9
- movq 40(%rsp), %r10
- movq 48(%rsp), %r11
- movq 56(%rsp), %rax
+ movq (%rsp), %r9
+ movq 8(%rsp), %r10
+ movq 16(%rsp), %r11
+ movq 24(%rsp), %r12
movq %r9, %r13
- addq (%rsp), %r9
+ addq 32(%rsp), %r9
movq %r10, %r14
- adcq 8(%rsp), %r10
+ adcq 40(%rsp), %r10
movq %r11, %r15
- adcq 16(%rsp), %r11
- movq %rax, %rbp
- adcq 24(%rsp), %rax
- movq $-19, %rcx
- movq %rax, %r12
+ adcq 48(%rsp), %r11
+ movq %r12, %rbp
+ adcq 56(%rsp), %r12
+ movq $0x00, %rcx
+ adcq $0x00, %rcx
+ shldq $0x01, %r12, %rcx
movq $0x7fffffffffffffff, %rbx
- sarq $63, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ imulq $19, %rcx
+ andq %rbx, %r12
# Sub modulus (if overflow)
- subq %rcx, %r9
- sbbq %rax, %r10
- sbbq %rax, %r11
- sbbq %rbx, %r12
+ addq %rcx, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
# Sub
- subq (%rsp), %r13
- movq $0x00, %rax
- sbbq 8(%rsp), %r14
- movq $-19, %rcx
- sbbq 16(%rsp), %r15
- movq $0x7fffffffffffffff, %rbx
- sbbq 24(%rsp), %rbp
- sbbq $0x00, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ subq 32(%rsp), %r13
+ sbbq 40(%rsp), %r14
+ sbbq 48(%rsp), %r15
+ sbbq 56(%rsp), %rbp
+ sbbq %rcx, %rcx
+ shldq $0x01, %rbp, %rcx
+ imulq $-19, %rcx
+ andq %rbx, %rbp
# Add modulus (if underflow)
- addq %rcx, %r13
- adcq %rax, %r14
- adcq %rax, %r15
- adcq %rbx, %rbp
+ subq %rcx, %r13
+ sbbq $0x00, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbp
movq %r9, 64(%rsp)
movq %r10, 72(%rsp)
movq %r11, 80(%rsp)
movq %r12, 88(%rsp)
- movq %r13, (%rsp)
- movq %r14, 8(%rsp)
- movq %r15, 16(%rsp)
- movq %rbp, 24(%rsp)
+ movq %r13, 32(%rsp)
+ movq %r14, 40(%rsp)
+ movq %r15, 48(%rsp)
+ movq %rbp, 56(%rsp)
# Multiply
# A[0] * B[0]
movq 96(%rsp), %rdx
@@ -11107,12 +10374,11 @@ L_curve25519_avx2_bits:
mulxq 136(%rsp), %rcx, %rbx
xorq %rbp, %rbp
adcxq %rcx, %r10
- # A[1] * B[3]
- movq 120(%rsp), %rdx
- mulxq 136(%rsp), %r13, %r14
+ # A[3] * B[1]
+ movq 104(%rsp), %rdx
+ mulxq 152(%rsp), %r13, %r14
adcxq %rbx, %r11
# A[0] * B[1]
- movq 104(%rsp), %rdx
mulxq 128(%rsp), %rcx, %rbx
adoxq %rcx, %r10
# A[2] * B[1]
@@ -11136,10 +10402,10 @@ L_curve25519_avx2_bits:
mulxq 136(%rsp), %rdx, %rcx
adcxq %rbx, %r12
adoxq %rdx, %r11
- # A[3] * B[1]
- movq 104(%rsp), %rdx
+ # A[1] * B[3]
+ movq 120(%rsp), %rdx
adoxq %rcx, %r12
- mulxq 152(%rsp), %rcx, %rbx
+ mulxq 136(%rsp), %rcx, %rbx
adcxq %rcx, %r13
# A[2] * B[2]
movq 112(%rsp), %rdx
@@ -11158,34 +10424,33 @@ L_curve25519_avx2_bits:
xorq %rbx, %rbx
adcxq %rdx, %r12
# A[3] * B[0]
- movq 96(%rsp), %rdx
+ movq 152(%rsp), %rdx
adcxq %rcx, %r13
- mulxq 152(%rsp), %rdx, %rcx
+ mulxq 96(%rsp), %rdx, %rcx
adoxq %rdx, %r12
adoxq %rcx, %r13
+ # A[3] * B[2]
+ movq 152(%rsp), %rdx
+ mulxq 112(%rsp), %rdx, %rcx
+ adcxq %rdx, %r14
# A[2] * B[3]
movq 120(%rsp), %rdx
- mulxq 144(%rsp), %rdx, %rcx
- adcxq %rdx, %r14
- # A[3] * B[2]
- movq 112(%rsp), %rdx
adcxq %rcx, %r15
- mulxq 152(%rsp), %rcx, %rdx
+ mulxq 144(%rsp), %rcx, %rdx
adcxq %rbx, %rbp
adoxq %rcx, %r14
adoxq %rdx, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rcx
+ addq %rbp, %r12
+ adcq $0x00, %rcx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
andq %rbx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rbx, %rbx
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
@@ -11195,28 +10460,7 @@ L_curve25519_avx2_bits:
mulxq %r15, %rcx, %r15
adcxq %rcx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rcx
- andq %rbx, %r12
- addq %rcx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rbx, %r12
# Store
movq %r9, (%rdi)
movq %r10, 8(%rdi)
@@ -11228,126 +10472,103 @@ L_curve25519_avx2_bits:
movq 144(%rsp), %r11
movq 152(%rsp), %r12
subq 96(%rsp), %r9
- movq $0x00, %rax
sbbq 104(%rsp), %r10
- movq $-19, %rcx
sbbq 112(%rsp), %r11
- movq $0x7fffffffffffffff, %rbx
sbbq 120(%rsp), %r12
- sbbq $0x00, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ sbbq %rcx, %rcx
+ shldq $0x01, %r12, %rcx
+ movq $0x7fffffffffffffff, %rbx
+ imulq $-19, %rcx
+ andq %rbx, %r12
# Add modulus (if underflow)
- addq %rcx, %r9
- adcq %rax, %r10
- adcq %rax, %r11
- adcq %rbx, %r12
+ subq %rcx, %r9
+ sbbq $0x00, %r10
+ sbbq $0x00, %r11
+ sbbq $0x00, %r12
movq %r9, 128(%rsp)
movq %r10, 136(%rsp)
movq %r11, 144(%rsp)
movq %r12, 152(%rsp)
# Square
+ movq 32(%rsp), %rdx
+ movq 40(%rsp), %rax
# A[0] * A[1]
- movq (%rsp), %rdx
- mulxq 8(%rsp), %r10, %r11
+ movq %rdx, %rbp
+ mulxq %rax, %r10, %r11
# A[0] * A[3]
- mulxq 24(%rsp), %r12, %r13
+ mulxq 56(%rsp), %r12, %r13
# A[2] * A[1]
- movq 16(%rsp), %rdx
- mulxq 8(%rsp), %rcx, %rbx
- xorq %rbp, %rbp
+ movq 48(%rsp), %rdx
+ mulxq %rax, %rcx, %rbx
+ xorq %r9, %r9
adoxq %rcx, %r12
# A[2] * A[3]
- mulxq 24(%rsp), %r14, %r15
+ mulxq 56(%rsp), %r14, %r15
adoxq %rbx, %r13
# A[2] * A[0]
- mulxq (%rsp), %rcx, %rbx
- adoxq %rbp, %r14
+ mulxq %rbp, %rcx, %rbx
+ adoxq %r9, %r14
adcxq %rcx, %r11
- adoxq %rbp, %r15
+ adoxq %r9, %r15
# A[1] * A[3]
- movq 8(%rsp), %rdx
- mulxq 24(%rsp), %rax, %r9
+ movq %rax, %rdx
+ mulxq 56(%rsp), %rcx, %rdx
adcxq %rbx, %r12
- adcxq %rax, %r13
- adcxq %r9, %r14
- adcxq %rbp, %r15
- # Double with Carry Flag
- xorq %rbp, %rbp
+ adcxq %rcx, %r13
+ adcxq %rdx, %r14
+ adcxq %r9, %r15
# A[0] * A[0]
- movq (%rsp), %rdx
- mulxq %rdx, %r9, %rax
+ movq %rbp, %rdx
+ mulxq %rdx, %r9, %rcx
+ xorq %rbp, %rbp
adcxq %r10, %r10
# A[1] * A[1]
- movq 8(%rsp), %rdx
+ movq %rax, %rdx
+ adoxq %rcx, %r10
mulxq %rdx, %rcx, %rbx
adcxq %r11, %r11
- adoxq %rax, %r10
- adcxq %r12, %r12
adoxq %rcx, %r11
+ adcxq %r12, %r12
# A[2] * A[2]
- movq 16(%rsp), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r13, %r13
+ movq 48(%rsp), %rdx
adoxq %rbx, %r12
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r13, %r13
+ adoxq %rbx, %r13
adcxq %r14, %r14
- adoxq %rax, %r13
# A[3] * A[3]
- movq 24(%rsp), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r15, %r15
+ movq 56(%rsp), %rdx
adoxq %rcx, %r14
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r15, %r15
+ adoxq %rcx, %r15
adcxq %rbp, %rbp
- adoxq %rax, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rbx
+ addq %rbp, %r12
+ adcq $0x00, %rbx
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rbx
+ imulq $19, %rbx, %rbx
andq %rcx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
+ adoxq %rbx, %r9
+ mulxq %r13, %rbx, %r13
+ adcxq %rbx, %r9
adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
+ mulxq %r14, %rbx, %r14
+ adcxq %rbx, %r10
adoxq %r14, %r11
- mulxq %r15, %rax, %r15
- adcxq %rax, %r11
+ mulxq %r15, %rbx, %r15
+ adcxq %rbx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r12
- addq %rax, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rcx, %r12
# Store
- movq %r9, (%rsp)
- movq %r10, 8(%rsp)
- movq %r11, 16(%rsp)
- movq %r12, 24(%rsp)
+ movq %r9, 32(%rsp)
+ movq %r10, 40(%rsp)
+ movq %r11, 48(%rsp)
+ movq %r12, 56(%rsp)
movq $0x1db42, %rdx
mulxq 128(%rsp), %r9, %rbp
mulxq 136(%rsp), %r10, %r15
@@ -11365,106 +10586,85 @@ L_curve25519_avx2_bits:
adcq $0x00, %r10
adcq $0x00, %r11
adcq $0x00, %r12
- movq %r9, 32(%rsp)
- movq %r10, 40(%rsp)
- movq %r11, 48(%rsp)
- movq %r12, 56(%rsp)
+ movq %r9, (%rsp)
+ movq %r10, 8(%rsp)
+ movq %r11, 16(%rsp)
+ movq %r12, 24(%rsp)
# Square
- # A[0] * A[1]
movq 64(%rsp), %rdx
- mulxq 72(%rsp), %r10, %r11
+ movq 72(%rsp), %rax
+ # A[0] * A[1]
+ movq %rdx, %rbp
+ mulxq %rax, %r10, %r11
# A[0] * A[3]
mulxq 88(%rsp), %r12, %r13
# A[2] * A[1]
movq 80(%rsp), %rdx
- mulxq 72(%rsp), %rcx, %rbx
- xorq %rbp, %rbp
+ mulxq %rax, %rcx, %rbx
+ xorq %r9, %r9
adoxq %rcx, %r12
# A[2] * A[3]
mulxq 88(%rsp), %r14, %r15
adoxq %rbx, %r13
# A[2] * A[0]
- mulxq 64(%rsp), %rcx, %rbx
- adoxq %rbp, %r14
+ mulxq %rbp, %rcx, %rbx
+ adoxq %r9, %r14
adcxq %rcx, %r11
- adoxq %rbp, %r15
+ adoxq %r9, %r15
# A[1] * A[3]
- movq 72(%rsp), %rdx
- mulxq 88(%rsp), %rax, %r9
+ movq %rax, %rdx
+ mulxq 88(%rsp), %rcx, %rdx
adcxq %rbx, %r12
- adcxq %rax, %r13
- adcxq %r9, %r14
- adcxq %rbp, %r15
- # Double with Carry Flag
- xorq %rbp, %rbp
+ adcxq %rcx, %r13
+ adcxq %rdx, %r14
+ adcxq %r9, %r15
# A[0] * A[0]
- movq 64(%rsp), %rdx
- mulxq %rdx, %r9, %rax
+ movq %rbp, %rdx
+ mulxq %rdx, %r9, %rcx
+ xorq %rbp, %rbp
adcxq %r10, %r10
# A[1] * A[1]
- movq 72(%rsp), %rdx
+ movq %rax, %rdx
+ adoxq %rcx, %r10
mulxq %rdx, %rcx, %rbx
adcxq %r11, %r11
- adoxq %rax, %r10
- adcxq %r12, %r12
adoxq %rcx, %r11
+ adcxq %r12, %r12
# A[2] * A[2]
movq 80(%rsp), %rdx
- mulxq %rdx, %rax, %rcx
- adcxq %r13, %r13
adoxq %rbx, %r12
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r13, %r13
+ adoxq %rbx, %r13
adcxq %r14, %r14
- adoxq %rax, %r13
# A[3] * A[3]
movq 88(%rsp), %rdx
- mulxq %rdx, %rax, %rbx
- adcxq %r15, %r15
adoxq %rcx, %r14
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r15, %r15
+ adoxq %rcx, %r15
adcxq %rbp, %rbp
- adoxq %rax, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rbx
+ addq %rbp, %r12
+ adcq $0x00, %rbx
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rbx
+ imulq $19, %rbx, %rbx
andq %rcx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rcx, %rcx
- mulxq %r13, %rax, %r13
- adcxq %rax, %r9
+ adoxq %rbx, %r9
+ mulxq %r13, %rbx, %r13
+ adcxq %rbx, %r9
adoxq %r13, %r10
- mulxq %r14, %rax, %r14
- adcxq %rax, %r10
+ mulxq %r14, %rbx, %r14
+ adcxq %rbx, %r10
adoxq %r14, %r11
- mulxq %r15, %rax, %r15
- adcxq %rax, %r11
+ mulxq %r15, %rbx, %r15
+ adcxq %rbx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rax
- andq %rcx, %r12
- addq %rax, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rcx, %r12
# Store
movq %r9, 64(%rsp)
movq %r10, 72(%rsp)
@@ -11473,31 +10673,30 @@ L_curve25519_avx2_bits:
# Add
movq 96(%rsp), %r9
movq 104(%rsp), %r10
- addq 32(%rsp), %r9
+ addq (%rsp), %r9
movq 112(%rsp), %r11
- adcq 40(%rsp), %r10
- movq 120(%rsp), %rax
- adcq 48(%rsp), %r11
- movq $-19, %rcx
- adcq 56(%rsp), %rax
+ adcq 8(%rsp), %r10
+ movq 120(%rsp), %r12
+ adcq 16(%rsp), %r11
+ adcq 24(%rsp), %r12
+ movq $0x00, %rcx
+ adcq $0x00, %rcx
+ shldq $0x01, %r12, %rcx
movq $0x7fffffffffffffff, %rbx
- movq %rax, %r12
- sarq $63, %rax
- # Mask the modulus
- andq %rax, %rcx
- andq %rax, %rbx
+ imulq $19, %rcx
+ andq %rbx, %r12
# Sub modulus (if overflow)
- subq %rcx, %r9
- sbbq %rax, %r10
- sbbq %rax, %r11
- sbbq %rbx, %r12
+ addq %rcx, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
movq %r9, 96(%rsp)
movq %r10, 104(%rsp)
movq %r11, 112(%rsp)
movq %r12, 120(%rsp)
# Multiply
# A[0] * B[0]
- movq (%rsp), %rdx
+ movq 32(%rsp), %rdx
mulxq (%r8), %r9, %r10
# A[2] * B[0]
mulxq 16(%r8), %r11, %r12
@@ -11505,12 +10704,11 @@ L_curve25519_avx2_bits:
mulxq 8(%r8), %rcx, %rbx
xorq %rbp, %rbp
adcxq %rcx, %r10
- # A[1] * B[3]
- movq 24(%rsp), %rdx
- mulxq 8(%r8), %r13, %r14
+ # A[3] * B[1]
+ movq 40(%rsp), %rdx
+ mulxq 24(%r8), %r13, %r14
adcxq %rbx, %r11
# A[0] * B[1]
- movq 8(%rsp), %rdx
mulxq (%r8), %rcx, %rbx
adoxq %rcx, %r10
# A[2] * B[1]
@@ -11518,7 +10716,7 @@ L_curve25519_avx2_bits:
adoxq %rbx, %r11
adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rsp), %rdx
+ movq 48(%rsp), %rdx
mulxq 8(%r8), %rcx, %rbx
adcxq %r15, %r13
adoxq %rcx, %r12
@@ -11530,22 +10728,22 @@ L_curve25519_avx2_bits:
xorq %r15, %r15
adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rsp), %rdx
+ movq 40(%rsp), %rdx
mulxq 8(%r8), %rdx, %rcx
adcxq %rbx, %r12
adoxq %rdx, %r11
- # A[3] * B[1]
- movq 8(%rsp), %rdx
+ # A[1] * B[3]
+ movq 56(%rsp), %rdx
adoxq %rcx, %r12
- mulxq 24(%r8), %rcx, %rbx
+ mulxq 8(%r8), %rcx, %rbx
adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rsp), %rdx
+ movq 48(%rsp), %rdx
mulxq 16(%r8), %rdx, %rcx
adcxq %rbx, %r14
adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rsp), %rdx
+ movq 56(%rsp), %rdx
adoxq %rcx, %r14
mulxq 24(%r8), %rcx, %rbx
adoxq %rbp, %r15
@@ -11556,34 +10754,33 @@ L_curve25519_avx2_bits:
xorq %rbx, %rbx
adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rsp), %rdx
+ movq 24(%r8), %rdx
adcxq %rcx, %r13
- mulxq 24(%r8), %rdx, %rcx
+ mulxq 32(%rsp), %rdx, %rcx
adoxq %rdx, %r12
adoxq %rcx, %r13
- # A[2] * B[3]
- movq 24(%rsp), %rdx
- mulxq 16(%r8), %rdx, %rcx
- adcxq %rdx, %r14
# A[3] * B[2]
- movq 16(%rsp), %rdx
+ movq 24(%r8), %rdx
+ mulxq 48(%rsp), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 56(%rsp), %rdx
adcxq %rcx, %r15
- mulxq 24(%r8), %rcx, %rdx
+ mulxq 16(%r8), %rcx, %rdx
adcxq %rbx, %rbp
adoxq %rcx, %r14
adoxq %rdx, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rcx
+ addq %rbp, %r12
+ adcq $0x00, %rcx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
andq %rbx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rbx, %rbx
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
@@ -11593,28 +10790,7 @@ L_curve25519_avx2_bits:
mulxq %r15, %rcx, %r15
adcxq %rcx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rcx
- andq %rbx, %r12
- addq %rcx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rbx, %r12
# Store
movq %r9, 32(%rsp)
movq %r10, 40(%rsp)
@@ -11630,12 +10806,11 @@ L_curve25519_avx2_bits:
mulxq 136(%rsp), %rcx, %rbx
xorq %rbp, %rbp
adcxq %rcx, %r10
- # A[1] * B[3]
- movq 120(%rsp), %rdx
- mulxq 136(%rsp), %r13, %r14
+ # A[3] * B[1]
+ movq 104(%rsp), %rdx
+ mulxq 152(%rsp), %r13, %r14
adcxq %rbx, %r11
# A[0] * B[1]
- movq 104(%rsp), %rdx
mulxq 128(%rsp), %rcx, %rbx
adoxq %rcx, %r10
# A[2] * B[1]
@@ -11659,10 +10834,10 @@ L_curve25519_avx2_bits:
mulxq 136(%rsp), %rdx, %rcx
adcxq %rbx, %r12
adoxq %rdx, %r11
- # A[3] * B[1]
- movq 104(%rsp), %rdx
+ # A[1] * B[3]
+ movq 120(%rsp), %rdx
adoxq %rcx, %r12
- mulxq 152(%rsp), %rcx, %rbx
+ mulxq 136(%rsp), %rcx, %rbx
adcxq %rcx, %r13
# A[2] * B[2]
movq 112(%rsp), %rdx
@@ -11681,34 +10856,33 @@ L_curve25519_avx2_bits:
xorq %rbx, %rbx
adcxq %rdx, %r12
# A[3] * B[0]
- movq 96(%rsp), %rdx
+ movq 152(%rsp), %rdx
adcxq %rcx, %r13
- mulxq 152(%rsp), %rdx, %rcx
+ mulxq 96(%rsp), %rdx, %rcx
adoxq %rdx, %r12
adoxq %rcx, %r13
+ # A[3] * B[2]
+ movq 152(%rsp), %rdx
+ mulxq 112(%rsp), %rdx, %rcx
+ adcxq %rdx, %r14
# A[2] * B[3]
movq 120(%rsp), %rdx
- mulxq 144(%rsp), %rdx, %rcx
- adcxq %rdx, %r14
- # A[3] * B[2]
- movq 112(%rsp), %rdx
adcxq %rcx, %r15
- mulxq 152(%rsp), %rcx, %rdx
+ mulxq 144(%rsp), %rcx, %rdx
adcxq %rbx, %rbp
adoxq %rcx, %r14
adoxq %rdx, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rcx
+ addq %rbp, %r12
+ adcq $0x00, %rcx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
andq %rbx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rbx, %rbx
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
@@ -11718,38 +10892,15 @@ L_curve25519_avx2_bits:
mulxq %r15, %rcx, %r15
adcxq %rcx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
- movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rcx
- andq %rbx, %r12
- addq %rcx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
- movq %r12, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rbx, %r12
- addq %rdx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
+ adcxq %rbx, %r12
# Store
movq %r9, (%rsp)
movq %r10, 8(%rsp)
movq %r11, 16(%rsp)
movq %r12, 24(%rsp)
- decb 168(%rsp)
+ movq 160(%rsp), %rbx
+ decq %rbx
jge L_curve25519_avx2_bits
- movq $63, 168(%rsp)
- decb 160(%rsp)
- jge L_curve25519_avx2_words
# Invert
leaq 32(%rsp), %rdi
movq %rsp, %rsi
@@ -11987,7 +11138,7 @@ L_curve25519_avx2_bits:
#else
callq _fe_mul_avx2
#endif /* __APPLE__ */
- movq 176(%rsp), %rdi
+ movq 168(%rsp), %rdi
# Multiply
# A[0] * B[0]
movq (%rsp), %rdx
@@ -11998,12 +11149,11 @@ L_curve25519_avx2_bits:
mulxq 8(%rdi), %rcx, %rbx
xorq %rbp, %rbp
adcxq %rcx, %r10
- # A[1] * B[3]
- movq 24(%rsp), %rdx
- mulxq 8(%rdi), %r13, %r14
+ # A[3] * B[1]
+ movq 8(%rsp), %rdx
+ mulxq 24(%rdi), %r13, %r14
adcxq %rbx, %r11
# A[0] * B[1]
- movq 8(%rsp), %rdx
mulxq (%rdi), %rcx, %rbx
adoxq %rcx, %r10
# A[2] * B[1]
@@ -12027,10 +11177,10 @@ L_curve25519_avx2_bits:
mulxq 8(%rdi), %rdx, %rcx
adcxq %rbx, %r12
adoxq %rdx, %r11
- # A[3] * B[1]
- movq 8(%rsp), %rdx
+ # A[1] * B[3]
+ movq 24(%rsp), %rdx
adoxq %rcx, %r12
- mulxq 24(%rdi), %rcx, %rbx
+ mulxq 8(%rdi), %rcx, %rbx
adcxq %rcx, %r13
# A[2] * B[2]
movq 16(%rsp), %rdx
@@ -12049,34 +11199,33 @@ L_curve25519_avx2_bits:
xorq %rbx, %rbx
adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rsp), %rdx
+ movq 24(%rdi), %rdx
adcxq %rcx, %r13
- mulxq 24(%rdi), %rdx, %rcx
+ mulxq (%rsp), %rdx, %rcx
adoxq %rdx, %r12
adoxq %rcx, %r13
+ # A[3] * B[2]
+ movq 24(%rdi), %rdx
+ mulxq 16(%rsp), %rdx, %rcx
+ adcxq %rdx, %r14
# A[2] * B[3]
movq 24(%rsp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
- adcxq %rdx, %r14
- # A[3] * B[2]
- movq 16(%rsp), %rdx
adcxq %rcx, %r15
- mulxq 24(%rdi), %rcx, %rdx
+ mulxq 16(%rdi), %rcx, %rdx
adcxq %rbx, %rbp
adoxq %rcx, %r14
adoxq %rdx, %r15
adoxq %rbx, %rbp
- # Reduce
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %rcx
+ addq %rbp, %r12
+ adcq $0x00, %rcx
movq $0x7fffffffffffffff, %rbx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r15, %rbp
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
andq %rbx, %r12
- # Multiply top half by 19
- movq $19, %rdx
xorq %rbx, %rbx
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
@@ -12086,20 +11235,8 @@ L_curve25519_avx2_bits:
mulxq %r15, %rcx, %r15
adcxq %rcx, %r11
adoxq %r15, %r12
- mulxq %rbp, %rbp, %rdx
- adcxq %rbp, %r12
- adoxq %rbx, %rdx
- adcxq %rbx, %rdx
- # Overflow
- shldq $0x01, %r12, %rdx
+ adcxq %rbx, %r12
movq $0x7fffffffffffffff, %rbx
- imulq $19, %rdx, %rcx
- andq %rbx, %r12
- addq %rcx, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- adcq $0x00, %r12
- # Reduce if top bit set
movq %r12, %rdx
sarq $63, %rdx
andq $19, %rdx
@@ -12108,7 +11245,7 @@ L_curve25519_avx2_bits:
adcq $0x00, %r10
adcq $0x00, %r11
adcq $0x00, %r12
- movq $0x7fffffffffffffff, %rbx
+ movq $0x7fffffffffffffff, %rcx
movq %r9, %rdx
addq $19, %rdx
movq %r10, %rdx
@@ -12119,18 +11256,18 @@ L_curve25519_avx2_bits:
adcq $0x00, %rdx
sarq $63, %rdx
andq $19, %rdx
+ andq %rcx, %r12
addq %rdx, %r9
adcq $0x00, %r10
adcq $0x00, %r11
adcq $0x00, %r12
- andq %rbx, %r12
# Store
movq %r9, (%rdi)
movq %r10, 8(%rdi)
movq %r11, 16(%rdi)
movq %r12, 24(%rdi)
xorq %rax, %rax
- addq $0xc0, %rsp
+ addq $0xb8, %rsp
popq %rbp
popq %r15
popq %r14
@@ -12141,6 +11278,126 @@ L_curve25519_avx2_bits:
#ifndef __APPLE__
.size curve25519_avx2,.-curve25519_avx2
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl fe_sq2_avx2
+.type fe_sq2_avx2,@function
+.align 16
+fe_sq2_avx2:
+#else
+.section __TEXT,__text
+.globl _fe_sq2_avx2
+.p2align 4
+_fe_sq2_avx2:
+#endif /* __APPLE__ */
+ pushq %rbx
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ # Square * 2
+ movq (%rsi), %rdx
+ movq 8(%rsi), %rax
+ # A[0] * A[1]
+ movq %rdx, %r15
+ mulxq %rax, %r9, %r10
+ # A[0] * A[3]
+ mulxq 24(%rsi), %r11, %r12
+ # A[2] * A[1]
+ movq 16(%rsi), %rdx
+ mulxq %rax, %rcx, %rbx
+ xorq %r8, %r8
+ adoxq %rcx, %r11
+ # A[2] * A[3]
+ mulxq 24(%rsi), %r13, %r14
+ adoxq %rbx, %r12
+ # A[2] * A[0]
+ mulxq %r15, %rcx, %rbx
+ adoxq %r8, %r13
+ adcxq %rcx, %r10
+ adoxq %r8, %r14
+ # A[1] * A[3]
+ movq %rax, %rdx
+ mulxq 24(%rsi), %rcx, %rdx
+ adcxq %rbx, %r11
+ adcxq %rcx, %r12
+ adcxq %rdx, %r13
+ adcxq %r8, %r14
+ # A[0] * A[0]
+ movq %r15, %rdx
+ mulxq %rdx, %r8, %rcx
+ xorq %r15, %r15
+ adcxq %r9, %r9
+ # A[1] * A[1]
+ movq %rax, %rdx
+ adoxq %rcx, %r9
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r10, %r10
+ adoxq %rcx, %r10
+ adcxq %r11, %r11
+ # A[2] * A[2]
+ movq 16(%rsi), %rdx
+ adoxq %rbx, %r11
+ mulxq %rdx, %rbx, %rcx
+ adcxq %r12, %r12
+ adoxq %rbx, %r12
+ adcxq %r13, %r13
+ # A[3] * A[3]
+ movq 24(%rsi), %rdx
+ adoxq %rcx, %r13
+ mulxq %rdx, %rcx, %rbx
+ adcxq %r14, %r14
+ adoxq %rcx, %r14
+ adcxq %r15, %r15
+ adoxq %rbx, %r15
+ movq $38, %rdx
+ mulxq %r15, %r15, %rax
+ addq %r15, %r11
+ adcq $0x00, %rax
+ movq $0x7fffffffffffffff, %rcx
+ shldq $0x01, %r11, %rax
+ imulq $19, %rax, %rax
+ andq %rcx, %r11
+ xorq %rcx, %rcx
+ adoxq %rax, %r8
+ mulxq %r12, %rax, %r12
+ adcxq %rax, %r8
+ adoxq %r12, %r9
+ mulxq %r13, %rax, %r13
+ adcxq %rax, %r9
+ adoxq %r13, %r10
+ mulxq %r14, %rax, %r14
+ adcxq %rax, %r10
+ adoxq %r14, %r11
+ adcxq %rcx, %r11
+ mov %r11, %rax
+ shldq $0x01, %r10, %r11
+ shldq $0x01, %r9, %r10
+ shldq $0x01, %r8, %r9
+ shlq $0x01, %r8
+ movq $0x7fffffffffffffff, %rcx
+ shrq $62, %rax
+ andq %rcx, %r11
+ imulq $19, %rax, %rax
+ addq %rax, %r8
+ adcq $0x00, %r9
+ adcq $0x00, %r10
+ adcq $0x00, %r11
+ # Store
+ movq %r8, (%rdi)
+ movq %r9, 8(%rdi)
+ movq %r10, 16(%rdi)
+ movq %r11, 24(%rdi)
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
+ popq %rbx
+ repz retq
+#ifndef __APPLE__
+.size fe_sq2_avx2,.-fe_sq2_avx2
+#endif /* __APPLE__ */
#ifndef __APPLE__
.text
.globl fe_pow22523_avx2
@@ -12218,7 +11475,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 32(%rsp), %rdi
leaq 32(%rsp), %rsi
- movb $4, %dl
+ movq $4, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12241,7 +11498,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 32(%rsp), %rdi
leaq 32(%rsp), %rsi
- movb $9, %dl
+ movq $9, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12264,7 +11521,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 64(%rsp), %rdi
leaq 64(%rsp), %rsi
- movb $19, %dl
+ movq $19, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12287,7 +11544,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 32(%rsp), %rdi
leaq 32(%rsp), %rsi
- movb $9, %dl
+ movq $9, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12310,7 +11567,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 32(%rsp), %rdi
leaq 32(%rsp), %rsi
- movb $49, %dl
+ movq $49, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12333,7 +11590,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 64(%rsp), %rdi
leaq 64(%rsp), %rsi
- movb $0x63, %dl
+ movq $0x63, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12356,7 +11613,7 @@ _fe_pow22523_avx2:
#endif /* __APPLE__ */
leaq 32(%rsp), %rdi
leaq 32(%rsp), %rsi
- movb $49, %dl
+ movq $49, %rdx
#ifndef __APPLE__
callq fe_sq_n_avx2@plt
#else
@@ -12398,4197 +11655,3916 @@ _fe_pow22523_avx2:
repz retq
#ifndef __APPLE__
.text
-.globl fe_ge_to_p2_avx2
-.type fe_ge_to_p2_avx2,@function
+.globl ge_p1p1_to_p2_avx2
+.type ge_p1p1_to_p2_avx2,@function
.align 16
-fe_ge_to_p2_avx2:
+ge_p1p1_to_p2_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p2_avx2
+.globl _ge_p1p1_to_p2_avx2
.p2align 4
-_fe_ge_to_p2_avx2:
+_ge_p1p1_to_p2_avx2:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $40, %rsp
- movq %rsi, (%rsp)
- movq %rdx, 8(%rsp)
- movq %rcx, 16(%rsp)
- movq %r8, 24(%rsp)
- movq %r9, 32(%rsp)
- movq 16(%rsp), %rsi
- movq 88(%rsp), %rbx
+ pushq %rbx
+ subq $16, %rsp
+ movq %rdi, (%rsp)
+ movq %rsi, 8(%rsp)
+ leaq 96(%rsi), %rax
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rbx), %rdx
+ movq 8(%rax), %rdx
mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rbx), %rdx
+ movq 16(%rax), %rdx
mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
+ movq 24(%rsi), %rdx
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 24(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ leaq 64(%rsi), %rsi
+ leaq 64(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rbx), %rdx
+ movq 8(%rax), %rdx
mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rbx), %rdx
+ movq 16(%rax), %rdx
mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
+ movq 24(%rsi), %rdx
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 88(%rsp), %rsi
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ leaq -32(%rsi), %rax
+ leaq -32(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rsi), %rdx
- mulxq (%rbx), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rbx), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rbx), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rsi), %rdx
- mulxq 8(%rbx), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rsi), %rdx
- mulxq (%rbx), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rbx), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rsi), %rdx
- mulxq 8(%rbx), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rbx), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rsi), %rdx
- mulxq 8(%rbx), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rsi), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rbx), %rcx, %rax
- adcxq %rcx, %r12
+ movq 8(%rax), %rdx
+ mulxq 8(%rsi), %rdx, %rcx
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rsi), %rdx
- mulxq 16(%rbx), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ movq 16(%rax), %rdx
+ mulxq 16(%rsi), %rdx, %rcx
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rsi), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rbx), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
- mulxq (%rbx), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ mulxq (%rsi), %rdx, %rcx
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rsi), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rbx), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
movq 24(%rsi), %rdx
- mulxq 16(%rbx), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rsi), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rbx), %rcx, %rdx
- adcxq %rax, %r15
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $40, %rsp
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $16, %rsp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_to_p2_avx2,.-fe_ge_to_p2_avx2
+.size ge_p1p1_to_p2_avx2,.-ge_p1p1_to_p2_avx2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_to_p3_avx2
-.type fe_ge_to_p3_avx2,@function
+.globl ge_p1p1_to_p3_avx2
+.type ge_p1p1_to_p3_avx2,@function
.align 16
-fe_ge_to_p3_avx2:
+ge_p1p1_to_p3_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p3_avx2
+.globl _ge_p1p1_to_p3_avx2
.p2align 4
-_fe_ge_to_p3_avx2:
+_ge_p1p1_to_p3_avx2:
#endif /* __APPLE__ */
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $40, %rsp
- movq %rsi, (%rsp)
- movq %rdx, 8(%rsp)
- movq %rcx, 16(%rsp)
- movq %r8, 24(%rsp)
- movq %r9, 32(%rsp)
- movq 24(%rsp), %rsi
- movq 96(%rsp), %rbx
+ pushq %rbx
+ subq $16, %rsp
+ movq %rdi, (%rsp)
+ movq %rsi, 8(%rsp)
+ leaq 96(%rsi), %rax
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rbx), %rdx
+ movq 8(%rax), %rdx
mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rbx), %rdx
+ movq 16(%rax), %rdx
mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
+ movq 24(%rsi), %rdx
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq (%rsp), %rdi
- movq 32(%rsp), %rsi
- movq 88(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ leaq 32(%rsi), %rax
+ leaq 96(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rbx), %rdx
+ movq 8(%rax), %rdx
mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rbx), %rdx
+ movq 16(%rax), %rdx
mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
+ movq 24(%rsi), %rdx
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq 96(%rsp), %rsi
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ leaq 64(%rsi), %rsi
+ leaq -64(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rsi), %rdx
- mulxq (%rbx), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rbx), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rbx), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rsi), %rdx
- mulxq 8(%rbx), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rsi), %rdx
- mulxq (%rbx), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rbx), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rsi), %rdx
- mulxq 8(%rbx), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rbx), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rsi), %rdx
- mulxq 8(%rbx), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rsi), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rbx), %rcx, %rax
- adcxq %rcx, %r12
+ movq 8(%rax), %rdx
+ mulxq 8(%rsi), %rdx, %rcx
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rsi), %rdx
- mulxq 16(%rbx), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ movq 16(%rax), %rdx
+ mulxq 16(%rsi), %rdx, %rcx
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rsi), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rbx), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
- mulxq (%rbx), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ mulxq (%rsi), %rdx, %rcx
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rsi), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rbx), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
movq 24(%rsi), %rdx
- mulxq 16(%rbx), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rsi), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rbx), %rcx, %rdx
- adcxq %rax, %r15
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq 24(%rsp), %rsi
- movq 32(%rsp), %rbx
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ leaq 32(%rsi), %rax
+ leaq 32(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r9, %r10
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r11, %r12
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %rcx, %r8
+ xorq %rbx, %rbx
+ adcxq %rcx, %r10
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r13, %r14
+ adcxq %r8, %r11
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rcx, %r10
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %rcx, %r15
+ adoxq %r8, %r11
+ adcxq %rcx, %r12
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %rcx, %r8
adcxq %r15, %r13
- adoxq %rax, %r12
+ adoxq %rcx, %r12
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %rcx, %r8
+ adoxq %rbx, %r14
+ xorq %r15, %r15
+ adcxq %rcx, %r11
# A[1] * B[1]
- movq 8(%rbx), %rdx
+ movq 8(%rax), %rdx
mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
+ adcxq %r8, %r12
+ adoxq %rdx, %r11
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r12
+ mulxq 8(%rsi), %rcx, %r8
+ adcxq %rcx, %r13
# A[2] * B[2]
- movq 16(%rbx), %rdx
+ movq 16(%rax), %rdx
mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
- adoxq %rdx, %r12
+ adcxq %r8, %r14
+ adoxq %rdx, %r13
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r14
+ mulxq 24(%rsi), %rcx, %r8
+ adoxq %rbx, %r15
+ adcxq %rcx, %r15
# A[0] * B[3]
mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ adcxq %r8, %rbx
+ xorq %r8, %r8
+ adcxq %rdx, %r12
# A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
- # A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
+ movq 24(%rsi), %rdx
+ adcxq %rcx, %r13
+ mulxq (%rax), %rdx, %rcx
+ adoxq %rdx, %r12
adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %rcx
+ adcxq %rdx, %r14
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %rcx, %r15
+ mulxq 16(%rsi), %rcx, %rdx
+ adcxq %r8, %rbx
+ adoxq %rcx, %r14
+ adoxq %rdx, %r15
+ adoxq %r8, %rbx
+ movq $38, %rdx
+ mulxq %rbx, %rbx, %rcx
+ addq %rbx, %r12
+ adcq $0x00, %rcx
+ movq $0x7fffffffffffffff, %r8
+ shldq $0x01, %r12, %rcx
+ imulq $19, %rcx, %rcx
+ andq %r8, %r12
+ xorq %r8, %r8
+ adoxq %rcx, %r9
mulxq %r13, %rcx, %r13
adcxq %rcx, %r9
adoxq %r13, %r10
mulxq %r14, %rcx, %r14
adcxq %rcx, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %rcx, %r15
+ adcxq %rcx, %r11
+ adoxq %r15, %r12
+ adcxq %r8, %r12
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- addq $40, %rsp
+ movq %r9, (%rdi)
+ movq %r10, 8(%rdi)
+ movq %r11, 16(%rdi)
+ movq %r12, 24(%rdi)
+ addq $16, %rsp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_to_p3_avx2,.-fe_ge_to_p3_avx2
+.size ge_p1p1_to_p3_avx2,.-ge_p1p1_to_p3_avx2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_dbl_avx2
-.type fe_ge_dbl_avx2,@function
+.globl ge_p2_dbl_avx2
+.type ge_p2_dbl_avx2,@function
.align 16
-fe_ge_dbl_avx2:
+ge_p2_dbl_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_dbl_avx2
+.globl _ge_p2_dbl_avx2
.p2align 4
-_fe_ge_dbl_avx2:
+_ge_p2_dbl_avx2:
#endif /* __APPLE__ */
- pushq %rbp
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $48, %rsp
+ pushq %rbx
+ pushq %rbp
+ subq $16, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq 32(%rsp), %rsi
+ leaq 64(%rdi), %rdi
# Square
- # A[0] * A[1]
movq (%rsi), %rdx
- mulxq 8(%rsi), %r9, %r10
+ movq 8(%rsi), %r9
+ # A[0] * A[1]
+ movq %rdx, %rbp
+ mulxq %r9, %r11, %r12
# A[0] * A[3]
- mulxq 24(%rsi), %r11, %r12
+ mulxq 24(%rsi), %r13, %r14
# A[2] * A[1]
movq 16(%rsi), %rdx
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adoxq %rcx, %r11
+ mulxq %r9, %rcx, %r8
+ xorq %r10, %r10
+ adoxq %rcx, %r13
# A[2] * A[3]
- mulxq 24(%rsi), %r13, %r14
- adoxq %rax, %r12
+ mulxq 24(%rsi), %r15, %rbx
+ adoxq %r8, %r14
# A[2] * A[0]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- adcxq %rcx, %r10
- adoxq %r15, %r14
+ mulxq %rbp, %rcx, %r8
+ adoxq %r10, %r15
+ adcxq %rcx, %r12
+ adoxq %r10, %rbx
# A[1] * A[3]
- movq 8(%rsi), %rdx
- mulxq 24(%rsi), %rbp, %r8
- adcxq %rax, %r11
- adcxq %rbp, %r12
+ movq %r9, %rdx
+ mulxq 24(%rsi), %rcx, %rdx
adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
+ adcxq %rcx, %r14
+ adcxq %rdx, %r15
+ adcxq %r10, %rbx
# A[0] * A[0]
- movq (%rsi), %rdx
- mulxq %rdx, %r8, %rbp
- adcxq %r9, %r9
- # A[1] * A[1]
- movq 8(%rsi), %rdx
- mulxq %rdx, %rcx, %rax
- adcxq %r10, %r10
- adoxq %rbp, %r9
+ movq %rbp, %rdx
+ mulxq %rdx, %r10, %rcx
+ xorq %rbp, %rbp
adcxq %r11, %r11
- adoxq %rcx, %r10
- # A[2] * A[2]
- movq 16(%rsi), %rdx
- mulxq %rdx, %rbp, %rcx
+ # A[1] * A[1]
+ movq %r9, %rdx
+ adoxq %rcx, %r11
+ mulxq %rdx, %rcx, %r8
adcxq %r12, %r12
- adoxq %rax, %r11
+ adoxq %rcx, %r12
adcxq %r13, %r13
- adoxq %rbp, %r12
- # A[3] * A[3]
- movq 24(%rsi), %rdx
- mulxq %rdx, %rbp, %rax
+ # A[2] * A[2]
+ movq 16(%rsi), %rdx
+ adoxq %r8, %r13
+ mulxq %rdx, %r8, %rcx
adcxq %r14, %r14
- adoxq %rcx, %r13
+ adoxq %r8, %r14
adcxq %r15, %r15
- adoxq %rbp, %r14
- adoxq %rax, %r15
- # Reduce
+ # A[3] * A[3]
+ movq 24(%rsi), %rdx
+ adoxq %rcx, %r15
+ mulxq %rdx, %rcx, %r8
+ adcxq %rbx, %rbx
+ adoxq %rcx, %rbx
+ adcxq %rbp, %rbp
+ adoxq %r8, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rdx
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %rcx, %r13
xorq %rcx, %rcx
- mulxq %r12, %rbp, %r12
- adcxq %rbp, %r8
- adoxq %r12, %r9
- mulxq %r13, %rbp, %r13
- adcxq %rbp, %r9
- adoxq %r13, %r10
- mulxq %r14, %rbp, %r14
- adcxq %rbp, %r10
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rbp
- andq %rcx, %r11
- addq %rbp, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %rcx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 16(%rsp), %rdi
- movq 40(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq 32(%rsi), %rsi
# Square
+ movq (%rsi), %rdx
+ movq 8(%rsi), %r9
# A[0] * A[1]
- movq (%rbx), %rdx
- mulxq 8(%rbx), %r9, %r10
+ movq %rdx, %rbp
+ mulxq %r9, %r11, %r12
# A[0] * A[3]
- mulxq 24(%rbx), %r11, %r12
+ mulxq 24(%rsi), %r13, %r14
# A[2] * A[1]
- movq 16(%rbx), %rdx
- mulxq 8(%rbx), %rcx, %rax
- xorq %r15, %r15
- adoxq %rcx, %r11
+ movq 16(%rsi), %rdx
+ mulxq %r9, %rcx, %r8
+ xorq %r10, %r10
+ adoxq %rcx, %r13
# A[2] * A[3]
- mulxq 24(%rbx), %r13, %r14
- adoxq %rax, %r12
+ mulxq 24(%rsi), %r15, %rbx
+ adoxq %r8, %r14
# A[2] * A[0]
- mulxq (%rbx), %rcx, %rax
- adoxq %r15, %r13
- adcxq %rcx, %r10
- adoxq %r15, %r14
+ mulxq %rbp, %rcx, %r8
+ adoxq %r10, %r15
+ adcxq %rcx, %r12
+ adoxq %r10, %rbx
# A[1] * A[3]
- movq 8(%rbx), %rdx
- mulxq 24(%rbx), %rbp, %r8
- adcxq %rax, %r11
- adcxq %rbp, %r12
+ movq %r9, %rdx
+ mulxq 24(%rsi), %rcx, %rdx
adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
+ adcxq %rcx, %r14
+ adcxq %rdx, %r15
+ adcxq %r10, %rbx
# A[0] * A[0]
- movq (%rbx), %rdx
- mulxq %rdx, %r8, %rbp
- adcxq %r9, %r9
- # A[1] * A[1]
- movq 8(%rbx), %rdx
- mulxq %rdx, %rcx, %rax
- adcxq %r10, %r10
- adoxq %rbp, %r9
+ movq %rbp, %rdx
+ mulxq %rdx, %r10, %rcx
+ xorq %rbp, %rbp
adcxq %r11, %r11
- adoxq %rcx, %r10
- # A[2] * A[2]
- movq 16(%rbx), %rdx
- mulxq %rdx, %rbp, %rcx
+ # A[1] * A[1]
+ movq %r9, %rdx
+ adoxq %rcx, %r11
+ mulxq %rdx, %rcx, %r8
adcxq %r12, %r12
- adoxq %rax, %r11
+ adoxq %rcx, %r12
adcxq %r13, %r13
- adoxq %rbp, %r12
- # A[3] * A[3]
- movq 24(%rbx), %rdx
- mulxq %rdx, %rbp, %rax
+ # A[2] * A[2]
+ movq 16(%rsi), %rdx
+ adoxq %r8, %r13
+ mulxq %rdx, %r8, %rcx
adcxq %r14, %r14
- adoxq %rcx, %r13
+ adoxq %r8, %r14
adcxq %r15, %r15
- adoxq %rbp, %r14
- adoxq %rax, %r15
- # Reduce
+ # A[3] * A[3]
+ movq 24(%rsi), %rdx
+ adoxq %rcx, %r15
+ mulxq %rdx, %rcx, %r8
+ adcxq %rbx, %rbx
+ adoxq %rcx, %rbx
+ adcxq %rbp, %rbp
+ adoxq %r8, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rdx
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %rcx, %r13
xorq %rcx, %rcx
- mulxq %r12, %rbp, %r12
- adcxq %rbp, %r8
- adoxq %r12, %r9
- mulxq %r13, %rbp, %r13
- adcxq %rbp, %r9
- adoxq %r13, %r10
- mulxq %r14, %rbp, %r14
- adcxq %rbp, %r10
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rbp
- andq %rcx, %r11
- addq %rbp, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %rcx, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
+ movq %rdi, %rsi
+ leaq -32(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq (%rbx), %r8
- movq 16(%rsi), %r10
- adcq 8(%rbx), %r9
- movq 24(%rsi), %rdx
- adcq 16(%rbx), %r10
- movq $-19, %rcx
- adcq 24(%rbx), %rdx
- movq $0x7fffffffffffffff, %rax
- movq %rdx, %r11
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ movq %r10, %r14
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %rcx
+ adcq $0x00, %rcx
+ shldq $0x01, %r13, %rcx
+ movq $0x7fffffffffffffff, %r8
+ imulq $19, %rcx
+ andq %r8, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 24(%rsp), %rsi
+ addq %rcx, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %rcx, %rcx
+ shldq $0x01, %rbp, %rcx
+ imulq $-19, %rcx
+ andq %r8, %rbp
+ # Add modulus (if underflow)
+ subq %rcx, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 8(%rsp), %rax
+ leaq 32(%rax), %rsi
+ leaq -32(%rdi), %rdi
+ # Add
+ movq (%rsi), %r10
+ movq 8(%rsi), %r11
+ addq (%rax), %r10
+ movq 16(%rsi), %r12
+ adcq 8(%rax), %r11
+ movq 24(%rsi), %r13
+ adcq 16(%rax), %r12
+ adcq 24(%rax), %r13
+ movq $0x00, %rcx
+ adcq $0x00, %rcx
+ shldq $0x01, %r13, %rcx
+ movq $0x7fffffffffffffff, %r8
+ imulq $19, %rcx
+ andq %r8, %r13
+ # Sub modulus (if overflow)
+ addq %rcx, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
# Square
- # A[0] * A[1]
movq (%rdi), %rdx
- mulxq 8(%rdi), %r9, %r10
+ movq 8(%rdi), %r9
+ # A[0] * A[1]
+ movq %rdx, %rbp
+ mulxq %r9, %r11, %r12
# A[0] * A[3]
- mulxq 24(%rdi), %r11, %r12
+ mulxq 24(%rdi), %r13, %r14
# A[2] * A[1]
movq 16(%rdi), %rdx
- mulxq 8(%rdi), %rcx, %rax
- xorq %r15, %r15
- adoxq %rcx, %r11
+ mulxq %r9, %rcx, %r8
+ xorq %r10, %r10
+ adoxq %rcx, %r13
# A[2] * A[3]
- mulxq 24(%rdi), %r13, %r14
- adoxq %rax, %r12
+ mulxq 24(%rdi), %r15, %rbx
+ adoxq %r8, %r14
# A[2] * A[0]
- mulxq (%rdi), %rcx, %rax
- adoxq %r15, %r13
- adcxq %rcx, %r10
- adoxq %r15, %r14
+ mulxq %rbp, %rcx, %r8
+ adoxq %r10, %r15
+ adcxq %rcx, %r12
+ adoxq %r10, %rbx
# A[1] * A[3]
- movq 8(%rdi), %rdx
- mulxq 24(%rdi), %rbp, %r8
- adcxq %rax, %r11
- adcxq %rbp, %r12
+ movq %r9, %rdx
+ mulxq 24(%rdi), %rcx, %rdx
adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
+ adcxq %rcx, %r14
+ adcxq %rdx, %r15
+ adcxq %r10, %rbx
# A[0] * A[0]
- movq (%rdi), %rdx
- mulxq %rdx, %r8, %rbp
- adcxq %r9, %r9
- # A[1] * A[1]
- movq 8(%rdi), %rdx
- mulxq %rdx, %rcx, %rax
- adcxq %r10, %r10
- adoxq %rbp, %r9
+ movq %rbp, %rdx
+ mulxq %rdx, %r10, %rcx
+ xorq %rbp, %rbp
adcxq %r11, %r11
- adoxq %rcx, %r10
- # A[2] * A[2]
- movq 16(%rdi), %rdx
- mulxq %rdx, %rbp, %rcx
+ # A[1] * A[1]
+ movq %r9, %rdx
+ adoxq %rcx, %r11
+ mulxq %rdx, %rcx, %r8
adcxq %r12, %r12
- adoxq %rax, %r11
+ adoxq %rcx, %r12
adcxq %r13, %r13
- adoxq %rbp, %r12
- # A[3] * A[3]
- movq 24(%rdi), %rdx
- mulxq %rdx, %rbp, %rax
+ # A[2] * A[2]
+ movq 16(%rdi), %rdx
+ adoxq %r8, %r13
+ mulxq %rdx, %r8, %rcx
adcxq %r14, %r14
- adoxq %rcx, %r13
+ adoxq %r8, %r14
adcxq %r15, %r15
- adoxq %rbp, %r14
- adoxq %rax, %r15
- # Reduce
+ # A[3] * A[3]
+ movq 24(%rdi), %rdx
+ adoxq %rcx, %r15
+ mulxq %rdx, %rcx, %r8
+ adcxq %rbx, %rbx
+ adoxq %rcx, %rbx
+ adcxq %rbp, %rbp
+ adoxq %r8, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
movq $0x7fffffffffffffff, %rcx
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rcx, %r11
- # Multiply top half by 19
- movq $19, %rdx
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %rcx, %r13
xorq %rcx, %rcx
- mulxq %r12, %rbp, %r12
- adcxq %rbp, %r8
- adoxq %r12, %r9
- mulxq %r13, %rbp, %r13
- adcxq %rbp, %r9
- adoxq %r13, %r10
- mulxq %r14, %rbp, %r14
- adcxq %rbp, %r10
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rcx, %rdx
- adcxq %rcx, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rcx
- imulq $19, %rdx, %rbp
- andq %rcx, %r11
- addq %rbp, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rcx, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %rcx, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 16(%rsp), %rsi
- movq (%rsp), %rbx
- # Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %rdx
- movq %r8, %r12
- addq (%rbx), %r8
- movq %r9, %r13
- adcq 8(%rbx), %r9
- movq %r10, %r14
- adcq 16(%rbx), %r10
- movq %rdx, %r15
- adcq 24(%rbx), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ leaq 32(%rdi), %rsi
# Sub
- subq (%rbx), %r12
- movq $0x00, %rdx
- sbbq 8(%rbx), %r13
- movq $-19, %rcx
- sbbq 16(%rbx), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbx), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rsi)
- movq %r13, 8(%rsi)
- movq %r14, 16(%rsi)
- movq %r15, 24(%rsi)
- movq 24(%rsp), %rsi
- # Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rdi), %r8
- movq $0x00, %rdx
- sbbq 8(%rdi), %r9
- movq $-19, %rcx
- sbbq 16(%rdi), %r10
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r11
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r10
+ sbbq 8(%rsi), %r11
+ sbbq 16(%rsi), %r12
+ sbbq 24(%rsi), %r13
+ sbbq %rcx, %rcx
+ shldq $0x01, %r13, %rcx
+ movq $0x7fffffffffffffff, %r8
+ imulq $-19, %rcx
+ andq %r8, %r13
# Add modulus (if underflow)
- addq %rcx, %r8
- adcq %rdx, %r9
- adcq %rdx, %r10
- adcq %rax, %r11
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq 104(%rsp), %rdi
+ subq %rcx, %r10
+ sbbq $0x00, %r11
+ sbbq $0x00, %r12
+ sbbq $0x00, %r13
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq 64(%rax), %rax
# Square * 2
+ movq (%rax), %rdx
+ movq 8(%rax), %r9
# A[0] * A[1]
- movq (%rdi), %rdx
- mulxq 8(%rdi), %r9, %r10
+ movq %rdx, %rbp
+ mulxq %r9, %r11, %r12
# A[0] * A[3]
- mulxq 24(%rdi), %r11, %r12
+ mulxq 24(%rax), %r13, %r14
# A[2] * A[1]
- movq 16(%rdi), %rdx
- mulxq 8(%rdi), %rcx, %rax
- xorq %r15, %r15
- adoxq %rcx, %r11
+ movq 16(%rax), %rdx
+ mulxq %r9, %rcx, %r8
+ xorq %r10, %r10
+ adoxq %rcx, %r13
# A[2] * A[3]
- mulxq 24(%rdi), %r13, %r14
- adoxq %rax, %r12
+ mulxq 24(%rax), %r15, %rbx
+ adoxq %r8, %r14
# A[2] * A[0]
- mulxq (%rdi), %rcx, %rax
- adoxq %r15, %r13
- adcxq %rcx, %r10
- adoxq %r15, %r14
+ mulxq %rbp, %rcx, %r8
+ adoxq %r10, %r15
+ adcxq %rcx, %r12
+ adoxq %r10, %rbx
# A[1] * A[3]
- movq 8(%rdi), %rdx
- mulxq 24(%rdi), %rbp, %r8
- adcxq %rax, %r11
- adcxq %rbp, %r12
+ movq %r9, %rdx
+ mulxq 24(%rax), %rcx, %rdx
adcxq %r8, %r13
- adcxq %r15, %r14
- # Double with Carry Flag
- xorq %r15, %r15
+ adcxq %rcx, %r14
+ adcxq %rdx, %r15
+ adcxq %r10, %rbx
# A[0] * A[0]
- movq (%rdi), %rdx
- mulxq %rdx, %r8, %rbp
- adcxq %r9, %r9
- # A[1] * A[1]
- movq 8(%rdi), %rdx
- mulxq %rdx, %rcx, %rax
- adcxq %r10, %r10
- adoxq %rbp, %r9
+ movq %rbp, %rdx
+ mulxq %rdx, %r10, %rcx
+ xorq %rbp, %rbp
adcxq %r11, %r11
- adoxq %rcx, %r10
- # A[2] * A[2]
- movq 16(%rdi), %rdx
- mulxq %rdx, %rbp, %rcx
+ # A[1] * A[1]
+ movq %r9, %rdx
+ adoxq %rcx, %r11
+ mulxq %rdx, %rcx, %r8
adcxq %r12, %r12
- adoxq %rax, %r11
+ adoxq %rcx, %r12
adcxq %r13, %r13
- adoxq %rbp, %r12
- # A[3] * A[3]
- movq 24(%rdi), %rdx
- mulxq %rdx, %rbp, %rax
+ # A[2] * A[2]
+ movq 16(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq %rdx, %r8, %rcx
adcxq %r14, %r14
- adoxq %rcx, %r13
+ adoxq %r8, %r14
adcxq %r15, %r15
- adoxq %rbp, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- xorq %rbp, %rbp
- # Move top half into t4-t7 and remove top bit from t3 and double
- shldq $3, %r15, %rbp
- shldq $2, %r14, %r15
- shldq $2, %r13, %r14
- shldq $2, %r12, %r13
- shldq $2, %r11, %r12
- shldq $0x01, %r10, %r11
- shldq $0x01, %r9, %r10
- shldq $0x01, %r8, %r9
- shlq $0x01, %r8
- andq %rax, %r11
- # Two out left, one in right
- andq %rax, %r15
- # Multiply top bits by 19*19
- imulq $0x169, %rbp, %rcx
- xorq %rax, %rax
- # Multiply top half by 19
- movq $19, %rdx
- adoxq %rcx, %r8
- mulxq %r12, %rbp, %r12
- adcxq %rbp, %r8
- adoxq %r12, %r9
- mulxq %r13, %rbp, %r13
- adcxq %rbp, %r9
- adoxq %r13, %r10
- mulxq %r14, %rbp, %r14
- adcxq %rbp, %r10
- adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rbp
- andq %rax, %r11
- addq %rbp, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
+ # A[3] * A[3]
+ movq 24(%rax), %rdx
+ adoxq %rcx, %r15
+ mulxq %rdx, %rcx, %r8
+ adcxq %rbx, %rbx
+ adoxq %rcx, %rbx
+ adcxq %rbp, %rbp
+ adoxq %r8, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r9
+ addq %rbp, %r13
adcq $0x00, %r9
- adcq $0x00, %r10
+ movq $0x7fffffffffffffff, %rcx
+ shldq $0x01, %r13, %r9
+ imulq $19, %r9, %r9
+ andq %rcx, %r13
+ xorq %rcx, %rcx
+ adoxq %r9, %r10
+ mulxq %r14, %r9, %r14
+ adcxq %r9, %r10
+ adoxq %r14, %r11
+ mulxq %r15, %r9, %r15
+ adcxq %r9, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r9, %rbx
+ adcxq %r9, %r12
+ adoxq %rbx, %r13
+ adcxq %rcx, %r13
+ mov %r13, %r9
+ shldq $0x01, %r12, %r13
+ shldq $0x01, %r11, %r12
+ shldq $0x01, %r10, %r11
+ shlq $0x01, %r10
+ movq $0x7fffffffffffffff, %rcx
+ shrq $62, %r9
+ andq %rcx, %r13
+ imulq $19, %r9, %r9
+ addq %r9, %r10
adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 16(%rsp), %rdi
+ leaq 64(%rdi), %rsi
+ leaq 96(%rdi), %rdi
# Sub
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %r11
- subq (%rdi), %r8
- movq $0x00, %rdx
- sbbq 8(%rdi), %r9
- movq $-19, %rcx
- sbbq 16(%rdi), %r10
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r11
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r10
+ sbbq 8(%rsi), %r11
+ sbbq 16(%rsi), %r12
+ sbbq 24(%rsi), %r13
+ sbbq %rcx, %rcx
+ shldq $0x01, %r13, %rcx
+ movq $0x7fffffffffffffff, %r8
+ imulq $-19, %rcx
+ andq %r8, %r13
# Add modulus (if underflow)
- addq %rcx, %r8
- adcq %rdx, %r9
- adcq %rdx, %r10
- adcq %rax, %r11
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- addq $48, %rsp
+ subq %rcx, %r10
+ sbbq $0x00, %r11
+ sbbq $0x00, %r12
+ sbbq $0x00, %r13
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ addq $16, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
- popq %rbp
repz retq
#ifndef __APPLE__
-.size fe_ge_dbl_avx2,.-fe_ge_dbl_avx2
+.size ge_p2_dbl_avx2,.-ge_p2_dbl_avx2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_madd_avx2
-.type fe_ge_madd_avx2,@function
+.globl ge_madd_avx2
+.type ge_madd_avx2,@function
.align 16
-fe_ge_madd_avx2:
+ge_madd_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_madd_avx2
+.globl _ge_madd_avx2
.p2align 4
-_fe_ge_madd_avx2:
+_ge_madd_avx2:
#endif /* __APPLE__ */
- pushq %rbp
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $48, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rax
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq 8(%rsp), %rsi
- movq 40(%rsp), %rbx
- movq 32(%rsp), %rbp
- # Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rbp), %r8
- movq %r9, %r13
- adcq 8(%rbp), %r9
- movq %r10, %r14
- adcq 16(%rbp), %r10
- movq %rdx, %r15
- adcq 24(%rbp), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- # Sub
- subq (%rbp), %r12
- movq $0x00, %rdx
- sbbq 8(%rbp), %r13
- movq $-19, %rcx
- sbbq 16(%rbp), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbp), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rsi)
- movq %r13, 8(%rsi)
- movq %r14, 16(%rsi)
- movq %r15, 24(%rsi)
- movq 16(%rsp), %rbx
- movq 128(%rsp), %rbp
+ movq %rax, 16(%rsp)
+ leaq 96(%rsi), %rcx
+ leaq 64(%rax), %rax
+ leaq 96(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rdi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rcx), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rdi), %r10, %r11
+ mulxq 16(%rcx), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rdi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rdi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rcx), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rcx), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rdi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rcx), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rdi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rcx), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rdi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rdi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rcx), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rdi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rdi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rcx), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rcx), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rdi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rcx), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rdi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rdi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
+ mulxq (%rcx), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rcx), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rdi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rcx), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rcx), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq 136(%rsp), %rdi
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %rsi, %rcx
+ leaq 32(%rsi), %rax
+ leaq -64(%rdi), %rsi
+ leaq -96(%rdi), %rdi
+ # Add-Sub
+ # Add
+ movq (%rax), %r10
+ movq 8(%rax), %r11
+ movq 16(%rax), %r12
+ movq 24(%rax), %r13
+ movq %r10, %r14
+ addq (%rcx), %r10
+ movq %r11, %r15
+ adcq 8(%rcx), %r11
+ movq %r12, %rbx
+ adcq 16(%rcx), %r12
+ movq %r13, %rbp
+ adcq 24(%rcx), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
+ # Sub modulus (if overflow)
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rcx), %r14
+ sbbq 8(%rcx), %r15
+ sbbq 16(%rcx), %rbx
+ sbbq 24(%rcx), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
+ # Add modulus (if underflow)
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rax
# Multiply
# A[0] * B[0]
- movq (%rdi), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rdi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rdi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rdi), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rdi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rdi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rdi), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rdi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rdi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rdi), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rdi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rdi), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rdi), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rdi), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rdi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rdi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rdi), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rdi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ mulxq (%rdi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
+ adcxq %rdx, %r13
# A[3] * B[0]
- movq (%rdi), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
movq 24(%rdi), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rdi), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rdi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rdi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 24(%rsp), %rdi
- movq 120(%rsp), %rsi
- movq 112(%rsp), %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq 32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rsi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rsi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rsi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rsi), %rdx, %rcx
+ mulxq (%rsi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rsi), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rsi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rdi
- movq (%rsp), %rsi
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ # Add-Sub
# Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rdi), %r8
- movq %r9, %r13
- adcq 8(%rdi), %r9
+ movq (%rdi), %r10
+ movq 8(%rdi), %r11
+ movq 16(%rdi), %r12
+ movq 24(%rdi), %r13
movq %r10, %r14
- adcq 16(%rdi), %r10
- movq %rdx, %r15
- adcq 24(%rdi), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rdi), %r12
- movq $0x00, %rdx
- sbbq 8(%rdi), %r13
- movq $-19, %rcx
- sbbq 16(%rdi), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rsi)
- movq %r13, 8(%rsi)
- movq %r14, 16(%rsi)
- movq %r15, 24(%rsi)
- movq 104(%rsp), %rdi
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ leaq 64(%rcx), %rcx
# Double
- movq (%rdi), %r8
- movq 8(%rdi), %r9
- addq %r8, %r8
- movq 16(%rdi), %r10
- adcq %r9, %r9
- movq 24(%rdi), %rdx
- adcq %r10, %r10
- movq $-19, %rcx
- adcq %rdx, %rdx
- movq $0x7fffffffffffffff, %rax
- movq %rdx, %r11
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ movq (%rcx), %r10
+ movq 8(%rcx), %r11
+ addq %r10, %r10
+ movq 16(%rcx), %r12
+ adcq %r11, %r11
+ movq 24(%rcx), %r13
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq 24(%rsp), %rdi
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ leaq 96(%rdi), %rsi
+ leaq 64(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rdi), %r8
- movq %r9, %r13
- adcq 8(%rdi), %r9
movq %r10, %r14
- adcq 16(%rdi), %r10
- movq %rdx, %r15
- adcq 24(%rdi), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rdi), %r12
- movq $0x00, %rdx
- sbbq 8(%rdi), %r13
- movq $-19, %rcx
- sbbq 16(%rdi), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq %r12, (%rdi)
- movq %r13, 8(%rdi)
- movq %r14, 16(%rdi)
- movq %r15, 24(%rdi)
- addq $48, %rsp
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
- popq %rbp
repz retq
#ifndef __APPLE__
-.size fe_ge_madd_avx2,.-fe_ge_madd_avx2
+.size ge_madd_avx2,.-ge_madd_avx2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_msub_avx2
-.type fe_ge_msub_avx2,@function
+.globl ge_msub_avx2
+.type ge_msub_avx2,@function
.align 16
-fe_ge_msub_avx2:
+ge_msub_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_msub_avx2
+.globl _ge_msub_avx2
.p2align 4
-_fe_ge_msub_avx2:
+_ge_msub_avx2:
#endif /* __APPLE__ */
- pushq %rbp
- pushq %rbx
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $48, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rax
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq 8(%rsp), %rsi
- movq 40(%rsp), %rbx
- movq 32(%rsp), %rbp
- # Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rbp), %r8
- movq %r9, %r13
- adcq 8(%rbp), %r9
- movq %r10, %r14
- adcq 16(%rbp), %r10
- movq %rdx, %r15
- adcq 24(%rbp), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- # Sub
- subq (%rbp), %r12
- movq $0x00, %rdx
- sbbq 8(%rbp), %r13
- movq $-19, %rcx
- sbbq 16(%rbp), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbp), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rsi)
- movq %r13, 8(%rsi)
- movq %r14, 16(%rsi)
- movq %r15, 24(%rsi)
- movq 16(%rsp), %rbx
- movq 136(%rsp), %rbp
+ movq %rax, 16(%rsp)
+ leaq 96(%rsi), %rcx
+ leaq 64(%rax), %rax
+ leaq 96(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rdi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rcx), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rdi), %r10, %r11
+ mulxq 16(%rcx), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rdi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rdi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rcx), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rcx), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rdi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rcx), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rdi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rcx), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rdi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rdi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rcx), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rdi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rdi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rcx), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rcx), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rdi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rcx), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rdi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rdi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
+ mulxq (%rcx), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rcx), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rdi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rcx), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rcx), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq 128(%rsp), %rdi
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %rsi, %rcx
+ leaq 32(%rsi), %rax
+ leaq -64(%rdi), %rsi
+ leaq -96(%rdi), %rdi
+ # Add-Sub
+ # Add
+ movq (%rax), %r10
+ movq 8(%rax), %r11
+ movq 16(%rax), %r12
+ movq 24(%rax), %r13
+ movq %r10, %r14
+ addq (%rcx), %r10
+ movq %r11, %r15
+ adcq 8(%rcx), %r11
+ movq %r12, %rbx
+ adcq 16(%rcx), %r12
+ movq %r13, %rbp
+ adcq 24(%rcx), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
+ # Sub modulus (if overflow)
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rcx), %r14
+ sbbq 8(%rcx), %r15
+ sbbq 16(%rcx), %rbx
+ sbbq 24(%rcx), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
+ # Add modulus (if underflow)
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rax
+ leaq 32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rdi), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rdi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rdi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rdi), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rdi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rdi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rdi), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rdi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rdi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rdi), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rdi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rdi), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rdi), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rdi), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rdi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rdi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rdi), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rdi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
+ mulxq (%rdi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
+ adcxq %rdx, %r13
# A[3] * B[0]
- movq (%rdi), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
movq 24(%rdi), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rdx, %r13
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rdi), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rdi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rdi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 24(%rsp), %rdi
- movq 120(%rsp), %rsi
- movq 112(%rsp), %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq -32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rsi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rsi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rsi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rsi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rsi), %rdx, %rcx
+ mulxq (%rsi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rsi), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rsi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq 8(%rsp), %rsi
- movq (%rsp), %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ # Add-Sub
# Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rsi), %r8
- movq %r9, %r13
- adcq 8(%rsi), %r9
+ movq (%rdi), %r10
+ movq 8(%rdi), %r11
+ movq 16(%rdi), %r12
+ movq 24(%rdi), %r13
movq %r10, %r14
- adcq 16(%rsi), %r10
- movq %rdx, %r15
- adcq 24(%rsi), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rsi), %r12
- movq $0x00, %rdx
- sbbq 8(%rsi), %r13
- movq $-19, %rcx
- sbbq 16(%rsi), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rsi), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq %r12, (%rbp)
- movq %r13, 8(%rbp)
- movq %r14, 16(%rbp)
- movq %r15, 24(%rbp)
- movq 104(%rsp), %rsi
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ leaq 64(%rcx), %rcx
# Double
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- addq %r8, %r8
- movq 16(%rsi), %r10
- adcq %r9, %r9
- movq 24(%rsi), %rdx
- adcq %r10, %r10
- movq $-19, %rcx
- adcq %rdx, %rdx
- movq $0x7fffffffffffffff, %rax
- movq %rdx, %r11
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ movq (%rcx), %r10
+ movq 8(%rcx), %r11
+ addq %r10, %r10
+ movq 16(%rcx), %r12
+ adcq %r11, %r11
+ movq 24(%rcx), %r13
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ leaq 96(%rdi), %rsi
+ leaq 64(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rdi), %r8
- movq %r9, %r13
- adcq 8(%rdi), %r9
movq %r10, %r14
- adcq 16(%rdi), %r10
- movq %rdx, %r15
- adcq 24(%rdi), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rdi), %r12
- movq $0x00, %rdx
- sbbq 8(%rdi), %r13
- movq $-19, %rcx
- sbbq 16(%rdi), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rbx)
- movq %r13, 8(%rbx)
- movq %r14, 16(%rbx)
- movq %r15, 24(%rbx)
- addq $48, %rsp
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbx
- popq %rbp
repz retq
#ifndef __APPLE__
-.size fe_ge_msub_avx2,.-fe_ge_msub_avx2
+.size ge_msub_avx2,.-ge_msub_avx2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_add_avx2
-.type fe_ge_add_avx2,@function
+.globl ge_add_avx2
+.type ge_add_avx2,@function
.align 16
-fe_ge_add_avx2:
+ge_add_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_add_avx2
+.globl _ge_add_avx2
.p2align 4
-_fe_ge_add_avx2:
+_ge_add_avx2:
#endif /* __APPLE__ */
- pushq %rbx
- pushq %rbp
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rax
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq 8(%rsp), %rsi
- movq 40(%rsp), %rbx
- movq 32(%rsp), %rbp
- # Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rbp), %r8
- movq %r9, %r13
- adcq 8(%rbp), %r9
- movq %r10, %r14
- adcq 16(%rbp), %r10
- movq %rdx, %r15
- adcq 24(%rbp), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- # Sub
- subq (%rbp), %r12
- movq $0x00, %rdx
- sbbq 8(%rbp), %r13
- movq $-19, %rcx
- sbbq 16(%rbp), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbp), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rsi)
- movq %r13, 8(%rsi)
- movq %r14, 16(%rsi)
- movq %r15, 24(%rsi)
- movq 16(%rsp), %rbx
- movq 168(%rsp), %rbp
+ movq %rax, 16(%rsp)
+ leaq 96(%rsi), %rcx
+ leaq 96(%rax), %rax
+ leaq 96(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rdi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rcx), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rdi), %r10, %r11
+ mulxq 16(%rcx), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rdi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rdi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rcx), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rcx), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rdi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rcx), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rdi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rcx), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rdi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rdi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rcx), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rdi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rdi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rcx), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rcx), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rdi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rcx), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rdi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rdi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
+ mulxq (%rcx), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rcx), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rdi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rcx), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rcx), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq 176(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %rsi, %rcx
+ leaq 32(%rsi), %rax
+ leaq -64(%rdi), %rsi
+ leaq -96(%rdi), %rdi
+ # Add-Sub
+ # Add
+ movq (%rax), %r10
+ movq 8(%rax), %r11
+ movq 16(%rax), %r12
+ movq 24(%rax), %r13
+ movq %r10, %r14
+ addq (%rcx), %r10
+ movq %r11, %r15
+ adcq 8(%rcx), %r11
+ movq %r12, %rbx
+ adcq 16(%rcx), %r12
+ movq %r13, %rbp
+ adcq 24(%rcx), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
+ # Sub modulus (if overflow)
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rcx), %r14
+ sbbq 8(%rcx), %r15
+ sbbq 16(%rcx), %rbx
+ sbbq 24(%rcx), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
+ # Add modulus (if underflow)
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rax
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rdi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rdi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rdi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rdi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rdi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rdi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rdi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbx), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rdi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rdi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rdi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
+ mulxq (%rdi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rdi), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rdi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rdi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 24(%rsp), %rsi
- movq 160(%rsp), %rbx
- movq 144(%rsp), %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq 32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rbx), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rbx), %r10, %r11
+ mulxq 16(%rsi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rbx), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rbx), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rbx), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rbx), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rbx), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rbx), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rbx), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rbx), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rbx), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rsi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rsi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rbx), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rsi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rbx), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rbx), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rbx), %rdx, %rcx
+ mulxq (%rsi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rsi), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rbx), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rsi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 136(%rsp), %rsi
- movq 152(%rsp), %rbx
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ leaq 64(%rcx), %rcx
+ leaq 32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rcx), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rcx), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rcx), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rcx), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rcx), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rcx), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rcx), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbx), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rcx), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rcx), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rcx), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
+ mulxq (%rcx), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rcx), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rcx), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rcx), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rsi
+ leaq 64(%rdi), %rdi
# Double
- movq (%rdi), %r8
- movq 8(%rdi), %r9
- addq %r8, %r8
- movq 16(%rdi), %r10
- adcq %r9, %r9
- movq 24(%rdi), %rdx
- adcq %r10, %r10
- movq $-19, %rcx
- adcq %rdx, %rdx
- movq $0x7fffffffffffffff, %rax
- movq %rdx, %r11
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq %r10, %r10
+ adcq %r11, %r11
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 8(%rsp), %rbx
- movq 16(%rsp), %rbp
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq -64(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rbp), %r8
- movq 8(%rbp), %r9
- movq 16(%rbp), %r10
- movq 24(%rbp), %rdx
- movq %r8, %r12
- addq (%rbx), %r8
- movq %r9, %r13
- adcq 8(%rbx), %r9
+ movq (%rdi), %r10
+ movq 8(%rdi), %r11
+ movq 16(%rdi), %r12
+ movq 24(%rdi), %r13
movq %r10, %r14
- adcq 16(%rbx), %r10
- movq %rdx, %r15
- adcq 24(%rbx), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rbx), %r12
- movq $0x00, %rdx
- sbbq 8(%rbx), %r13
- movq $-19, %rcx
- sbbq 16(%rbx), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbx), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq %r12, (%rdi)
- movq %r13, 8(%rdi)
- movq %r14, 16(%rdi)
- movq %r15, 24(%rdi)
- movq 24(%rsp), %rdi
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ leaq 96(%rdi), %rsi
+ leaq 64(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %rdx
- movq %r8, %r12
- addq (%rdi), %r8
- movq %r9, %r13
- adcq 8(%rdi), %r9
+ movq (%rdi), %r10
+ movq 8(%rdi), %r11
+ movq 16(%rdi), %r12
+ movq 24(%rdi), %r13
movq %r10, %r14
- adcq 16(%rdi), %r10
- movq %rdx, %r15
- adcq 24(%rdi), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rdi), %r12
- movq $0x00, %rdx
- sbbq 8(%rdi), %r13
- movq $-19, %rcx
- sbbq 16(%rdi), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rbp)
- movq %r9, 8(%rbp)
- movq %r10, 16(%rbp)
- movq %r11, 24(%rbp)
- movq %r12, (%rdi)
- movq %r13, 8(%rdi)
- movq %r14, 16(%rdi)
- movq %r15, 24(%rdi)
- addq $0x50, %rsp
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
- popq %rbp
- popq %rbx
repz retq
#ifndef __APPLE__
-.size fe_ge_add_avx2,.-fe_ge_add_avx2
+.size ge_add_avx2,.-ge_add_avx2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_sub_avx2
-.type fe_ge_sub_avx2,@function
+.globl ge_sub_avx2
+.type ge_sub_avx2,@function
.align 16
-fe_ge_sub_avx2:
+ge_sub_avx2:
#else
.section __TEXT,__text
-.globl _fe_ge_sub_avx2
+.globl _ge_sub_avx2
.p2align 4
-_fe_ge_sub_avx2:
+_ge_sub_avx2:
#endif /* __APPLE__ */
- pushq %rbx
- pushq %rbp
pushq %r12
pushq %r13
pushq %r14
pushq %r15
- subq $0x50, %rsp
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %rax
+ subq $24, %rsp
movq %rdi, (%rsp)
movq %rsi, 8(%rsp)
- movq %rdx, 16(%rsp)
- movq %rcx, 24(%rsp)
- movq %r8, 32(%rsp)
- movq %r9, 40(%rsp)
- movq 8(%rsp), %rsi
- movq 40(%rsp), %rbx
- movq 32(%rsp), %rbp
- # Add
- movq (%rbx), %r8
- movq 8(%rbx), %r9
- movq 16(%rbx), %r10
- movq 24(%rbx), %rdx
- movq %r8, %r12
- addq (%rbp), %r8
- movq %r9, %r13
- adcq 8(%rbp), %r9
- movq %r10, %r14
- adcq 16(%rbp), %r10
- movq %rdx, %r15
- adcq 24(%rbp), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- # Sub
- subq (%rbp), %r12
- movq $0x00, %rdx
- sbbq 8(%rbp), %r13
- movq $-19, %rcx
- sbbq 16(%rbp), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbp), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
- # Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- movq %r12, (%rsi)
- movq %r13, 8(%rsi)
- movq %r14, 16(%rsi)
- movq %r15, 24(%rsi)
- movq 16(%rsp), %rbx
- movq 176(%rsp), %rbp
+ movq %rax, 16(%rsp)
+ leaq 96(%rsi), %rcx
+ leaq 96(%rax), %rax
+ leaq 96(%rdi), %rdi
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rdi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rcx), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rdi), %r10, %r11
+ mulxq 16(%rcx), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rdi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rdi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rcx), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rcx), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rdi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rcx), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rdi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rcx), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rdi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rdi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rcx), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rdi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rdi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rcx), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rcx), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rdi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rcx), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rdi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rdi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rdi), %rdx, %rcx
+ mulxq (%rcx), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rcx), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rdi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rcx), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rcx), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq 168(%rsp), %rbx
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %rsi, %rcx
+ leaq 32(%rsi), %rax
+ leaq -64(%rdi), %rsi
+ leaq -96(%rdi), %rdi
+ # Add-Sub
+ # Add
+ movq (%rax), %r10
+ movq 8(%rax), %r11
+ movq 16(%rax), %r12
+ movq 24(%rax), %r13
+ movq %r10, %r14
+ addq (%rcx), %r10
+ movq %r11, %r15
+ adcq 8(%rcx), %r11
+ movq %r12, %rbx
+ adcq 16(%rcx), %r12
+ movq %r13, %rbp
+ adcq 24(%rcx), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
+ # Sub modulus (if overflow)
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ # Sub
+ subq (%rcx), %r14
+ sbbq 8(%rcx), %r15
+ sbbq 16(%rcx), %rbx
+ sbbq 24(%rcx), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
+ # Add modulus (if underflow)
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ movq 16(%rsp), %rax
+ leaq 32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rdi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rdi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rdi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rdi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rdi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rdi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rdi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbx), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rdi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rdi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rdi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rdi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
+ mulxq (%rdi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rdi), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rdi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rdi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 24(%rsp), %rsi
- movq 160(%rsp), %rbx
- movq 144(%rsp), %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq -32(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbp), %rdx
- mulxq (%rbx), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rsi), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rbx), %r10, %r11
+ mulxq 16(%rsi), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rbx), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbp), %rdx
- mulxq 8(%rbx), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rsi), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rsi), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbp), %rdx
- mulxq (%rbx), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rsi), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rbx), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rsi), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbp), %rdx
- mulxq 8(%rbx), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rbx), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rsi), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbp), %rdx
- mulxq 8(%rbx), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbp), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rbx), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbp), %rdx
- mulxq 16(%rbx), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rsi), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rsi), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rsi), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbp), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rbx), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rsi), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rbx), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbp), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rbx), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbp), %rdx
- mulxq 16(%rbx), %rdx, %rcx
+ mulxq (%rsi), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rsi), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbp), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rbx), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rsi), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rsi), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 136(%rsp), %rsi
- movq 152(%rsp), %rbx
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ leaq 64(%rcx), %rcx
+ leaq 64(%rax), %rax
# Multiply
# A[0] * B[0]
- movq (%rbx), %rdx
- mulxq (%rsi), %r8, %r9
+ movq (%rax), %rdx
+ mulxq (%rcx), %r10, %r11
# A[2] * B[0]
- mulxq 16(%rsi), %r10, %r11
+ mulxq 16(%rcx), %r12, %r13
# A[1] * B[0]
- mulxq 8(%rsi), %rcx, %rax
- xorq %r15, %r15
- adcxq %rcx, %r9
- # A[1] * B[3]
- movq 24(%rbx), %rdx
- mulxq 8(%rsi), %r12, %r13
- adcxq %rax, %r10
+ mulxq 8(%rcx), %r8, %r9
+ xorq %rbp, %rbp
+ adcxq %r8, %r11
+ # A[3] * B[1]
+ movq 8(%rax), %rdx
+ mulxq 24(%rcx), %r14, %r15
+ adcxq %r9, %r12
# A[0] * B[1]
- movq 8(%rbx), %rdx
- mulxq (%rsi), %rcx, %rax
- adoxq %rcx, %r9
+ mulxq (%rcx), %r8, %r9
+ adoxq %r8, %r11
# A[2] * B[1]
- mulxq 16(%rsi), %rcx, %r14
- adoxq %rax, %r10
- adcxq %rcx, %r11
+ mulxq 16(%rcx), %r8, %rbx
+ adoxq %r9, %r12
+ adcxq %r8, %r13
# A[1] * B[2]
- movq 16(%rbx), %rdx
- mulxq 8(%rsi), %rcx, %rax
- adcxq %r14, %r12
- adoxq %rcx, %r11
- adcxq %r15, %r13
- adoxq %rax, %r12
+ movq 16(%rax), %rdx
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %rbx, %r14
+ adoxq %r8, %r13
+ adcxq %rbp, %r15
+ adoxq %r9, %r14
# A[0] * B[2]
- mulxq (%rsi), %rcx, %rax
- adoxq %r15, %r13
- xorq %r14, %r14
- adcxq %rcx, %r10
+ mulxq (%rcx), %r8, %r9
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %r8, %r12
# A[1] * B[1]
- movq 8(%rbx), %rdx
- mulxq 8(%rsi), %rdx, %rcx
- adcxq %rax, %r11
- adoxq %rdx, %r10
- # A[3] * B[1]
- movq 8(%rbx), %rdx
- adoxq %rcx, %r11
- mulxq 24(%rsi), %rcx, %rax
- adcxq %rcx, %r12
- # A[2] * B[2]
- movq 16(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
- adcxq %rax, %r13
+ movq 8(%rax), %rdx
+ mulxq 8(%rcx), %rdx, %r8
+ adcxq %r9, %r13
adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%rax), %rdx
+ adoxq %r8, %r13
+ mulxq 8(%rcx), %r8, %r9
+ adcxq %r8, %r14
+ # A[2] * B[2]
+ movq 16(%rax), %rdx
+ mulxq 16(%rcx), %rdx, %r8
+ adcxq %r9, %r15
+ adoxq %rdx, %r14
# A[3] * B[3]
- movq 24(%rbx), %rdx
- adoxq %rcx, %r13
- mulxq 24(%rsi), %rcx, %rax
- adoxq %r15, %r14
- adcxq %rcx, %r14
+ movq 24(%rax), %rdx
+ adoxq %r8, %r15
+ mulxq 24(%rcx), %r8, %r9
+ adoxq %rbp, %rbx
+ adcxq %r8, %rbx
# A[0] * B[3]
- mulxq (%rsi), %rdx, %rcx
- adcxq %rax, %r15
- xorq %rax, %rax
- adcxq %rdx, %r11
- # A[3] * B[0]
- movq (%rbx), %rdx
- adcxq %rcx, %r12
- mulxq 24(%rsi), %rdx, %rcx
- adoxq %rdx, %r11
- adoxq %rcx, %r12
- # A[2] * B[3]
- movq 24(%rbx), %rdx
- mulxq 16(%rsi), %rdx, %rcx
+ mulxq (%rcx), %rdx, %r8
+ adcxq %r9, %rbp
+ xorq %r9, %r9
adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rcx), %rdx
+ adcxq %r8, %r14
+ mulxq (%rax), %rdx, %r8
+ adoxq %rdx, %r13
+ adoxq %r8, %r14
# A[3] * B[2]
- movq 16(%rbx), %rdx
- adcxq %rcx, %r14
- mulxq 24(%rsi), %rcx, %rdx
- adcxq %rax, %r15
- adoxq %rcx, %r13
- adoxq %rdx, %r14
- adoxq %rax, %r15
- # Reduce
- movq $0x7fffffffffffffff, %rax
- # Move top half into t4-t7 and remove top bit from t3
- shldq $0x01, %r14, %r15
- shldq $0x01, %r13, %r14
- shldq $0x01, %r12, %r13
- shldq $0x01, %r11, %r12
- andq %rax, %r11
- # Multiply top half by 19
- movq $19, %rdx
- xorq %rax, %rax
- mulxq %r12, %rcx, %r12
- adcxq %rcx, %r8
- adoxq %r12, %r9
- mulxq %r13, %rcx, %r13
- adcxq %rcx, %r9
- adoxq %r13, %r10
- mulxq %r14, %rcx, %r14
- adcxq %rcx, %r10
+ movq 24(%rcx), %rdx
+ mulxq 16(%rax), %rdx, %r8
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%rax), %rdx
+ adcxq %r8, %rbx
+ mulxq 16(%rcx), %r8, %rdx
+ adcxq %r9, %rbp
+ adoxq %r8, %r15
+ adoxq %rdx, %rbx
+ adoxq %r9, %rbp
+ movq $38, %rdx
+ mulxq %rbp, %rbp, %r8
+ addq %rbp, %r13
+ adcq $0x00, %r8
+ movq $0x7fffffffffffffff, %r9
+ shldq $0x01, %r13, %r8
+ imulq $19, %r8, %r8
+ andq %r9, %r13
+ xorq %r9, %r9
+ adoxq %r8, %r10
+ mulxq %r14, %r8, %r14
+ adcxq %r8, %r10
adoxq %r14, %r11
- mulxq %r15, %r15, %rdx
- adcxq %r15, %r11
- adoxq %rax, %rdx
- adcxq %rax, %rdx
- # Overflow
- shldq $0x01, %r11, %rdx
- movq $0x7fffffffffffffff, %rax
- imulq $19, %rdx, %rcx
- andq %rax, %r11
- addq %rcx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
- # Reduce if top bit set
- movq %r11, %rdx
- sarq $63, %rdx
- andq $19, %rdx
- andq %rax, %r11
- addq %rdx, %r8
- adcq $0x00, %r9
- adcq $0x00, %r10
- adcq $0x00, %r11
+ mulxq %r15, %r8, %r15
+ adcxq %r8, %r11
+ adoxq %r15, %r12
+ mulxq %rbx, %r8, %rbx
+ adcxq %r8, %r12
+ adoxq %rbx, %r13
+ adcxq %r9, %r13
# Store
- movq %r8, (%rdi)
- movq %r9, 8(%rdi)
- movq %r10, 16(%rdi)
- movq %r11, 24(%rdi)
- leaq 48(%rsp), %rsi
+ leaq 64(%rdi), %rdi
# Double
- movq (%rdi), %r8
- movq 8(%rdi), %r9
- addq %r8, %r8
- movq 16(%rdi), %r10
- adcq %r9, %r9
- movq 24(%rdi), %rdx
- adcq %r10, %r10
- movq $-19, %rcx
- adcq %rdx, %rdx
- movq $0x7fffffffffffffff, %rax
- movq %rdx, %r11
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq %r10, %r10
+ adcq %r11, %r11
+ adcq %r12, %r12
+ adcq %r13, %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
- movq %r8, (%rsi)
- movq %r9, 8(%rsi)
- movq %r10, 16(%rsi)
- movq %r11, 24(%rsi)
- movq 8(%rsp), %rbx
- movq 16(%rsp), %rbp
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ leaq -64(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rbp), %r8
- movq 8(%rbp), %r9
- movq 16(%rbp), %r10
- movq 24(%rbp), %rdx
- movq %r8, %r12
- addq (%rbx), %r8
- movq %r9, %r13
- adcq 8(%rbx), %r9
+ movq (%rdi), %r10
+ movq 8(%rdi), %r11
+ movq 16(%rdi), %r12
+ movq 24(%rdi), %r13
movq %r10, %r14
- adcq 16(%rbx), %r10
- movq %rdx, %r15
- adcq 24(%rbx), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rsi), %r10
+ movq %r11, %r15
+ adcq 8(%rsi), %r11
+ movq %r12, %rbx
+ adcq 16(%rsi), %r12
+ movq %r13, %rbp
+ adcq 24(%rsi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rbx), %r12
- movq $0x00, %rdx
- sbbq 8(%rbx), %r13
- movq $-19, %rcx
- sbbq 16(%rbx), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rbx), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rsi), %r14
+ sbbq 8(%rsi), %r15
+ sbbq 16(%rsi), %rbx
+ sbbq 24(%rsi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
- movq %r8, (%rbx)
- movq %r9, 8(%rbx)
- movq %r10, 16(%rbx)
- movq %r11, 24(%rbx)
- movq %r12, (%rdi)
- movq %r13, 8(%rdi)
- movq %r14, 16(%rdi)
- movq %r15, 24(%rdi)
- movq 24(%rsp), %rdi
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rsi)
+ movq %r11, 8(%rsi)
+ movq %r12, 16(%rsi)
+ movq %r13, 24(%rsi)
+ movq %r14, (%rdi)
+ movq %r15, 8(%rdi)
+ movq %rbx, 16(%rdi)
+ movq %rbp, 24(%rdi)
+ leaq 64(%rdi), %rsi
+ leaq 96(%rdi), %rdi
+ # Add-Sub
# Add
- movq (%rsi), %r8
- movq 8(%rsi), %r9
- movq 16(%rsi), %r10
- movq 24(%rsi), %rdx
- movq %r8, %r12
- addq (%rdi), %r8
- movq %r9, %r13
- adcq 8(%rdi), %r9
+ movq (%rsi), %r10
+ movq 8(%rsi), %r11
+ movq 16(%rsi), %r12
+ movq 24(%rsi), %r13
movq %r10, %r14
- adcq 16(%rdi), %r10
- movq %rdx, %r15
- adcq 24(%rdi), %rdx
- movq $-19, %rcx
- movq %rdx, %r11
- movq $0x7fffffffffffffff, %rax
- sarq $63, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ addq (%rdi), %r10
+ movq %r11, %r15
+ adcq 8(%rdi), %r11
+ movq %r12, %rbx
+ adcq 16(%rdi), %r12
+ movq %r13, %rbp
+ adcq 24(%rdi), %r13
+ movq $0x00, %r8
+ adcq $0x00, %r8
+ shldq $0x01, %r13, %r8
+ movq $0x7fffffffffffffff, %r9
+ imulq $19, %r8
+ andq %r9, %r13
# Sub modulus (if overflow)
- subq %rcx, %r8
- sbbq %rdx, %r9
- sbbq %rdx, %r10
- sbbq %rax, %r11
+ addq %r8, %r10
+ adcq $0x00, %r11
+ adcq $0x00, %r12
+ adcq $0x00, %r13
# Sub
- subq (%rdi), %r12
- movq $0x00, %rdx
- sbbq 8(%rdi), %r13
- movq $-19, %rcx
- sbbq 16(%rdi), %r14
- movq $0x7fffffffffffffff, %rax
- sbbq 24(%rdi), %r15
- sbbq $0x00, %rdx
- # Mask the modulus
- andq %rdx, %rcx
- andq %rdx, %rax
+ subq (%rdi), %r14
+ sbbq 8(%rdi), %r15
+ sbbq 16(%rdi), %rbx
+ sbbq 24(%rdi), %rbp
+ sbbq %r8, %r8
+ shldq $0x01, %rbp, %r8
+ imulq $-19, %r8
+ andq %r9, %rbp
# Add modulus (if underflow)
- addq %rcx, %r12
- adcq %rdx, %r13
- adcq %rdx, %r14
- adcq %rax, %r15
+ subq %r8, %r14
+ sbbq $0x00, %r15
+ sbbq $0x00, %rbx
+ sbbq $0x00, %rbp
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
+ movq %r14, (%rsi)
+ movq %r15, 8(%rsi)
+ movq %rbx, 16(%rsi)
+ movq %rbp, 24(%rsi)
+ addq $24, %rsp
+ popq %rbp
+ popq %rbx
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
+ repz retq
+#ifndef __APPLE__
+.size ge_sub_avx2,.-ge_sub_avx2
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl sc_reduce_avx2
+.type sc_reduce_avx2,@function
+.align 16
+sc_reduce_avx2:
+#else
+.section __TEXT,__text
+.globl _sc_reduce_avx2
+.p2align 4
+_sc_reduce_avx2:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ pushq %rbx
+ pushq %rbp
+ movq (%rdi), %r8
+ movq 8(%rdi), %r9
+ movq 16(%rdi), %r10
+ movq 24(%rdi), %r11
+ movq 32(%rdi), %r12
+ movq 40(%rdi), %r13
+ movq 48(%rdi), %r14
+ movq 56(%rdi), %r15
+ movq %r15, %rax
+ movq $0xfffffffffffffff, %rcx
+ shrq $56, %rax
+ shldq $4, %r14, %r15
+ shldq $4, %r13, %r14
+ shldq $4, %r12, %r13
+ shldq $4, %r11, %r12
+ andq %rcx, %r11
+ andq %rcx, %r15
+ # Add order times bits 504..511
+ subq %rax, %r14
+ sbbq $0x00, %r15
+ movq $0xeb2106215d086329, %rdx
+ mulxq %rax, %rsi, %rcx
+ movq $0xa7ed9ce5a30a2c13, %rdx
+ addq %rsi, %r13
+ mulxq %rax, %rsi, %rbx
+ adcq $0x00, %rcx
+ addq %rsi, %r12
+ adcq %rbx, %r13
+ adcq %rcx, %r14
+ adcq $0x00, %r15
+ # Sub product of top 4 words and order
+ movq $0xa7ed9ce5a30a2c13, %rdx
+ mulx %r12, %rcx, %rax
+ addq %rcx, %r8
+ adcq %rax, %r9
+ mulx %r14, %rcx, %rax
+ adcq %rcx, %r10
+ adcq %rax, %r11
+ mov $0x00, %rsi
+ adcq $0x00, %rsi
+ mulx %r13, %rcx, %rax
+ addq %rcx, %r9
+ adcq %rax, %r10
+ mulx %r15, %rcx, %rax
+ adcq %rcx, %r11
+ adcq %rax, %rsi
+ movq $0xeb2106215d086329, %rdx
+ mulx %r12, %rcx, %rax
+ addq %rcx, %r9
+ adcq %rax, %r10
+ mulx %r14, %rcx, %rax
+ adcq %rcx, %r11
+ adcq %rax, %rsi
+ mov $0x00, %rbx
+ adcq $0x00, %rbx
+ mulx %r13, %rcx, %rax
+ addq %rcx, %r10
+ adcq %rax, %r11
+ mulx %r15, %rcx, %rax
+ adcq %rcx, %rsi
+ adcq %rax, %rbx
+ subq %r12, %r10
+ movq %rsi, %r12
+ sbbq %r13, %r11
+ movq %rbx, %r13
+ sbbq %r14, %r12
+ sbbq %r15, %r13
+ movq %r13, %rax
+ sarq $57, %rax
+ # Conditionally subtract order starting at bit 125
+ movq $0xa000000000000000, %rsi
+ movq $0xcb024c634b9eba7d, %rbx
+ movq $0x29bdf3bd45ef39a, %rbp
+ movq $0x200000000000000, %rcx
+ andq %rax, %rsi
+ andq %rax, %rbx
+ andq %rax, %rbp
+ andq %rax, %rcx
+ addq %rsi, %r9
+ adcq %rbx, %r10
+ adcq %rbp, %r11
+ adcq $0x00, %r12
+ adcq %rcx, %r13
+ # Move bits 252-376 to own registers
+ movq $0xfffffffffffffff, %rax
+ shldq $4, %r12, %r13
+ shldq $4, %r11, %r12
+ andq %rax, %r11
+ # Sub product of top 2 words and order
+ # * -5812631a5cf5d3ed
+ movq $0xa7ed9ce5a30a2c13, %rdx
+ mulx %r12, %rbp, %rax
+ movq $0x00, %rsi
+ addq %rbp, %r8
+ adcq %rax, %r9
+ mulx %r13, %rbp, %rax
+ adcq $0x00, %rsi
+ addq %rbp, %r9
+ adcq %rax, %rsi
+ # * -14def9dea2f79cd7
+ movq $0xeb2106215d086329, %rdx
+ mulx %r12, %rbp, %rax
+ movq $0x00, %rbx
+ addq %rbp, %r9
+ adcq %rax, %r10
+ mulx %r13, %rbp, %rax
+ adcq $0x00, %rbx
+ addq %rbp, %r10
+ adcq %rax, %rbx
+ # Add overflows at 2 * 64
+ movq $0xfffffffffffffff, %rcx
+ andq %rcx, %r11
+ addq %rsi, %r10
+ adcq %rbx, %r11
+ # Subtract top at 2 * 64
+ subq %r12, %r10
+ sbbq %r13, %r11
+ sbbq %rcx, %rcx
+ # Conditional sub order
+ movq $0x5812631a5cf5d3ed, %rsi
+ movq $0x14def9dea2f79cd6, %rbx
+ movq $0x1000000000000000, %rbp
+ andq %rcx, %rsi
+ andq %rcx, %rbx
+ andq %rcx, %rbp
+ addq %rsi, %r8
+ movq $0xfffffffffffffff, %rsi
+ adcq %rbx, %r9
+ adcq $0x00, %r10
+ adcq %rbp, %r11
+ andq %rsi, %r11
+ # Store result
movq %r8, (%rdi)
movq %r9, 8(%rdi)
movq %r10, 16(%rdi)
movq %r11, 24(%rdi)
- movq %r12, (%rbp)
- movq %r13, 8(%rbp)
- movq %r14, 16(%rbp)
- movq %r15, 24(%rbp)
- addq $0x50, %rsp
+ popq %rbp
+ popq %rbx
popq %r15
popq %r14
popq %r13
popq %r12
+ repz retq
+#ifndef __APPLE__
+.size sc_reduce_avx2,.-sc_reduce_avx2
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl sc_muladd_avx2
+.type sc_muladd_avx2,@function
+.align 16
+sc_muladd_avx2:
+#else
+.section __TEXT,__text
+.globl _sc_muladd_avx2
+.p2align 4
+_sc_muladd_avx2:
+#endif /* __APPLE__ */
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ pushq %rbx
+ pushq %rbp
+ movq %rdx, %r8
+ movq %rcx, %r9
+ # Multiply
+ # A[0] * B[0]
+ movq (%r8), %rdx
+ mulxq (%rsi), %r10, %r11
+ # A[2] * B[0]
+ mulxq 16(%rsi), %r12, %r13
+ # A[1] * B[0]
+ mulxq 8(%rsi), %rax, %rcx
+ xorq %rbp, %rbp
+ adcxq %rax, %r11
+ # A[3] * B[1]
+ movq 8(%r8), %rdx
+ mulxq 24(%rsi), %r14, %r15
+ adcxq %rcx, %r12
+ # A[0] * B[1]
+ mulxq (%rsi), %rax, %rcx
+ adoxq %rax, %r11
+ # A[2] * B[1]
+ mulxq 16(%rsi), %rax, %rbx
+ adoxq %rcx, %r12
+ adcxq %rax, %r13
+ # A[1] * B[2]
+ movq 16(%r8), %rdx
+ mulxq 8(%rsi), %rax, %rcx
+ adcxq %rbx, %r14
+ adoxq %rax, %r13
+ adcxq %rbp, %r15
+ adoxq %rcx, %r14
+ # A[0] * B[2]
+ mulxq (%rsi), %rax, %rcx
+ adoxq %rbp, %r15
+ xorq %rbx, %rbx
+ adcxq %rax, %r12
+ # A[1] * B[1]
+ movq 8(%r8), %rdx
+ mulxq 8(%rsi), %rdx, %rax
+ adcxq %rcx, %r13
+ adoxq %rdx, %r12
+ # A[1] * B[3]
+ movq 24(%r8), %rdx
+ adoxq %rax, %r13
+ mulxq 8(%rsi), %rax, %rcx
+ adcxq %rax, %r14
+ # A[2] * B[2]
+ movq 16(%r8), %rdx
+ mulxq 16(%rsi), %rdx, %rax
+ adcxq %rcx, %r15
+ adoxq %rdx, %r14
+ # A[3] * B[3]
+ movq 24(%r8), %rdx
+ adoxq %rax, %r15
+ mulxq 24(%rsi), %rax, %rcx
+ adoxq %rbp, %rbx
+ adcxq %rax, %rbx
+ # A[0] * B[3]
+ mulxq (%rsi), %rdx, %rax
+ adcxq %rcx, %rbp
+ xorq %rcx, %rcx
+ adcxq %rdx, %r13
+ # A[3] * B[0]
+ movq 24(%rsi), %rdx
+ adcxq %rax, %r14
+ mulxq (%r8), %rdx, %rax
+ adoxq %rdx, %r13
+ adoxq %rax, %r14
+ # A[3] * B[2]
+ movq 24(%rsi), %rdx
+ mulxq 16(%r8), %rdx, %rax
+ adcxq %rdx, %r15
+ # A[2] * B[3]
+ movq 24(%r8), %rdx
+ adcxq %rax, %rbx
+ mulxq 16(%rsi), %rax, %rdx
+ adcxq %rcx, %rbp
+ adoxq %rax, %r15
+ adoxq %rdx, %rbx
+ adoxq %rcx, %rbp
+ # Add c to a * b
+ addq (%r9), %r10
+ adcq 8(%r9), %r11
+ adcq 16(%r9), %r12
+ adcq 24(%r9), %r13
+ adcq $0x00, %r14
+ adcq $0x00, %r15
+ adcq $0x00, %rbx
+ adcq $0x00, %rbp
+ movq %rbp, %rax
+ movq $0xfffffffffffffff, %rcx
+ shrq $56, %rax
+ shldq $4, %rbx, %rbp
+ shldq $4, %r15, %rbx
+ shldq $4, %r14, %r15
+ shldq $4, %r13, %r14
+ andq %rcx, %r13
+ andq %rcx, %rbp
+ # Add order times bits 504..507
+ subq %rax, %rbx
+ sbbq $0x00, %rbp
+ movq $0xeb2106215d086329, %rdx
+ mulxq %rax, %rsi, %rcx
+ movq $0xa7ed9ce5a30a2c13, %rdx
+ addq %rsi, %r15
+ mulxq %rax, %rsi, %r8
+ adcq $0x00, %rcx
+ addq %rsi, %r14
+ adcq %r8, %r15
+ adcq %rcx, %rbx
+ adcq $0x00, %rbp
+ # Sub product of top 4 words and order
+ movq $0xa7ed9ce5a30a2c13, %rdx
+ mulx %r14, %rcx, %rax
+ addq %rcx, %r10
+ adcq %rax, %r11
+ mulx %rbx, %rcx, %rax
+ adcq %rcx, %r12
+ adcq %rax, %r13
+ mov $0x00, %rsi
+ adcq $0x00, %rsi
+ mulx %r15, %rcx, %rax
+ addq %rcx, %r11
+ adcq %rax, %r12
+ mulx %rbp, %rcx, %rax
+ adcq %rcx, %r13
+ adcq %rax, %rsi
+ movq $0xeb2106215d086329, %rdx
+ mulx %r14, %rcx, %rax
+ addq %rcx, %r11
+ adcq %rax, %r12
+ mulx %rbx, %rcx, %rax
+ adcq %rcx, %r13
+ adcq %rax, %rsi
+ mov $0x00, %r8
+ adcq $0x00, %r8
+ mulx %r15, %rcx, %rax
+ addq %rcx, %r12
+ adcq %rax, %r13
+ mulx %rbp, %rcx, %rax
+ adcq %rcx, %rsi
+ adcq %rax, %r8
+ subq %r14, %r12
+ movq %rsi, %r14
+ sbbq %r15, %r13
+ movq %r8, %r15
+ sbbq %rbx, %r14
+ sbbq %rbp, %r15
+ movq %r15, %rax
+ sarq $57, %rax
+ # Conditionally subtract order starting at bit 125
+ movq $0xa000000000000000, %rsi
+ movq $0xcb024c634b9eba7d, %r8
+ movq $0x29bdf3bd45ef39a, %r9
+ movq $0x200000000000000, %rcx
+ andq %rax, %rsi
+ andq %rax, %r8
+ andq %rax, %r9
+ andq %rax, %rcx
+ addq %rsi, %r11
+ adcq %r8, %r12
+ adcq %r9, %r13
+ adcq $0x00, %r14
+ adcq %rcx, %r15
+ # Move bits 252-376 to own registers
+ movq $0xfffffffffffffff, %rax
+ shldq $4, %r14, %r15
+ shldq $4, %r13, %r14
+ andq %rax, %r13
+ # Sub product of top 2 words and order
+ # * -5812631a5cf5d3ed
+ movq $0xa7ed9ce5a30a2c13, %rdx
+ mulx %r14, %r9, %rax
+ movq $0x00, %rsi
+ addq %r9, %r10
+ adcq %rax, %r11
+ mulx %r15, %r9, %rax
+ adcq $0x00, %rsi
+ addq %r9, %r11
+ adcq %rax, %rsi
+ # * -14def9dea2f79cd7
+ movq $0xeb2106215d086329, %rdx
+ mulx %r14, %r9, %rax
+ movq $0x00, %r8
+ addq %r9, %r11
+ adcq %rax, %r12
+ mulx %r15, %r9, %rax
+ adcq $0x00, %r8
+ addq %r9, %r12
+ adcq %rax, %r8
+ # Add overflows at 2 * 64
+ movq $0xfffffffffffffff, %rcx
+ andq %rcx, %r13
+ addq %rsi, %r12
+ adcq %r8, %r13
+ # Subtract top at 2 * 64
+ subq %r14, %r12
+ sbbq %r15, %r13
+ sbbq %rcx, %rcx
+ # Conditional sub order
+ movq $0x5812631a5cf5d3ed, %rsi
+ movq $0x14def9dea2f79cd6, %r8
+ movq $0x1000000000000000, %r9
+ andq %rcx, %rsi
+ andq %rcx, %r8
+ andq %rcx, %r9
+ addq %rsi, %r10
+ movq $0xfffffffffffffff, %rsi
+ adcq %r8, %r11
+ adcq $0x00, %r12
+ adcq %r9, %r13
+ andq %rsi, %r13
+ # Store result
+ movq %r10, (%rdi)
+ movq %r11, 8(%rdi)
+ movq %r12, 16(%rdi)
+ movq %r13, 24(%rdi)
popq %rbp
popq %rbx
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
repz retq
#ifndef __APPLE__
-.size fe_ge_sub_avx2,.-fe_ge_sub_avx2
+.size sc_muladd_avx2,.-sc_muladd_avx2
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
#endif /* HAVE_INTEL_AVX2 */
#if defined(__linux__) && defined(__ELF__)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c
index fbc1c1f3..7065b9af 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c
@@ -648,62 +648,62 @@ void sc448_reduce(byte* b)
o = d[ 6] >> 56; d[ 7] += o; d[ 6] = d[ 6] & 0xffffffffffffff;
/* Convert to bytes */
- b[ 0] = (d[0 ] >> 0);
- b[ 1] = (d[0 ] >> 8);
- b[ 2] = (d[0 ] >> 16);
- b[ 3] = (d[0 ] >> 24);
- b[ 4] = (d[0 ] >> 32);
- b[ 5] = (d[0 ] >> 40);
- b[ 6] = (d[0 ] >> 48);
- b[ 7] = (d[1 ] >> 0);
- b[ 8] = (d[1 ] >> 8);
- b[ 9] = (d[1 ] >> 16);
- b[10] = (d[1 ] >> 24);
- b[11] = (d[1 ] >> 32);
- b[12] = (d[1 ] >> 40);
- b[13] = (d[1 ] >> 48);
- b[14] = (d[2 ] >> 0);
- b[15] = (d[2 ] >> 8);
- b[16] = (d[2 ] >> 16);
- b[17] = (d[2 ] >> 24);
- b[18] = (d[2 ] >> 32);
- b[19] = (d[2 ] >> 40);
- b[20] = (d[2 ] >> 48);
- b[21] = (d[3 ] >> 0);
- b[22] = (d[3 ] >> 8);
- b[23] = (d[3 ] >> 16);
- b[24] = (d[3 ] >> 24);
- b[25] = (d[3 ] >> 32);
- b[26] = (d[3 ] >> 40);
- b[27] = (d[3 ] >> 48);
- b[28] = (d[4 ] >> 0);
- b[29] = (d[4 ] >> 8);
- b[30] = (d[4 ] >> 16);
- b[31] = (d[4 ] >> 24);
- b[32] = (d[4 ] >> 32);
- b[33] = (d[4 ] >> 40);
- b[34] = (d[4 ] >> 48);
- b[35] = (d[5 ] >> 0);
- b[36] = (d[5 ] >> 8);
- b[37] = (d[5 ] >> 16);
- b[38] = (d[5 ] >> 24);
- b[39] = (d[5 ] >> 32);
- b[40] = (d[5 ] >> 40);
- b[41] = (d[5 ] >> 48);
- b[42] = (d[6 ] >> 0);
- b[43] = (d[6 ] >> 8);
- b[44] = (d[6 ] >> 16);
- b[45] = (d[6 ] >> 24);
- b[46] = (d[6 ] >> 32);
- b[47] = (d[6 ] >> 40);
- b[48] = (d[6 ] >> 48);
- b[49] = (d[7 ] >> 0);
- b[50] = (d[7 ] >> 8);
- b[51] = (d[7 ] >> 16);
- b[52] = (d[7 ] >> 24);
- b[53] = (d[7 ] >> 32);
- b[54] = (d[7 ] >> 40);
- b[55] = (d[7 ] >> 48);
+ b[ 0] = (byte)(d[0 ] >> 0);
+ b[ 1] = (byte)(d[0 ] >> 8);
+ b[ 2] = (byte)(d[0 ] >> 16);
+ b[ 3] = (byte)(d[0 ] >> 24);
+ b[ 4] = (byte)(d[0 ] >> 32);
+ b[ 5] = (byte)(d[0 ] >> 40);
+ b[ 6] = (byte)(d[0 ] >> 48);
+ b[ 7] = (byte)(d[1 ] >> 0);
+ b[ 8] = (byte)(d[1 ] >> 8);
+ b[ 9] = (byte)(d[1 ] >> 16);
+ b[10] = (byte)(d[1 ] >> 24);
+ b[11] = (byte)(d[1 ] >> 32);
+ b[12] = (byte)(d[1 ] >> 40);
+ b[13] = (byte)(d[1 ] >> 48);
+ b[14] = (byte)(d[2 ] >> 0);
+ b[15] = (byte)(d[2 ] >> 8);
+ b[16] = (byte)(d[2 ] >> 16);
+ b[17] = (byte)(d[2 ] >> 24);
+ b[18] = (byte)(d[2 ] >> 32);
+ b[19] = (byte)(d[2 ] >> 40);
+ b[20] = (byte)(d[2 ] >> 48);
+ b[21] = (byte)(d[3 ] >> 0);
+ b[22] = (byte)(d[3 ] >> 8);
+ b[23] = (byte)(d[3 ] >> 16);
+ b[24] = (byte)(d[3 ] >> 24);
+ b[25] = (byte)(d[3 ] >> 32);
+ b[26] = (byte)(d[3 ] >> 40);
+ b[27] = (byte)(d[3 ] >> 48);
+ b[28] = (byte)(d[4 ] >> 0);
+ b[29] = (byte)(d[4 ] >> 8);
+ b[30] = (byte)(d[4 ] >> 16);
+ b[31] = (byte)(d[4 ] >> 24);
+ b[32] = (byte)(d[4 ] >> 32);
+ b[33] = (byte)(d[4 ] >> 40);
+ b[34] = (byte)(d[4 ] >> 48);
+ b[35] = (byte)(d[5 ] >> 0);
+ b[36] = (byte)(d[5 ] >> 8);
+ b[37] = (byte)(d[5 ] >> 16);
+ b[38] = (byte)(d[5 ] >> 24);
+ b[39] = (byte)(d[5 ] >> 32);
+ b[40] = (byte)(d[5 ] >> 40);
+ b[41] = (byte)(d[5 ] >> 48);
+ b[42] = (byte)(d[6 ] >> 0);
+ b[43] = (byte)(d[6 ] >> 8);
+ b[44] = (byte)(d[6 ] >> 16);
+ b[45] = (byte)(d[6 ] >> 24);
+ b[46] = (byte)(d[6 ] >> 32);
+ b[47] = (byte)(d[6 ] >> 40);
+ b[48] = (byte)(d[6 ] >> 48);
+ b[49] = (byte)(d[7 ] >> 0);
+ b[50] = (byte)(d[7 ] >> 8);
+ b[51] = (byte)(d[7 ] >> 16);
+ b[52] = (byte)(d[7 ] >> 24);
+ b[53] = (byte)(d[7 ] >> 32);
+ b[54] = (byte)(d[7 ] >> 40);
+ b[55] = (byte)(d[7 ] >> 48);
b[56] = 0;
}
@@ -894,70 +894,70 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
| ((sword64) (d[55]) << 48);
/* a * b + d */
- t[ 0] = dd[ 0] + (sword128)ad[ 0] * bd[ 0];
- t[ 1] = dd[ 1] + (sword128)ad[ 0] * bd[ 1]
- + (sword128)ad[ 1] * bd[ 0];
- t[ 2] = dd[ 2] + (sword128)ad[ 0] * bd[ 2]
- + (sword128)ad[ 1] * bd[ 1]
- + (sword128)ad[ 2] * bd[ 0];
- t[ 3] = dd[ 3] + (sword128)ad[ 0] * bd[ 3]
- + (sword128)ad[ 1] * bd[ 2]
- + (sword128)ad[ 2] * bd[ 1]
- + (sword128)ad[ 3] * bd[ 0];
- t[ 4] = dd[ 4] + (sword128)ad[ 0] * bd[ 4]
- + (sword128)ad[ 1] * bd[ 3]
- + (sword128)ad[ 2] * bd[ 2]
- + (sword128)ad[ 3] * bd[ 1]
- + (sword128)ad[ 4] * bd[ 0];
- t[ 5] = dd[ 5] + (sword128)ad[ 0] * bd[ 5]
- + (sword128)ad[ 1] * bd[ 4]
- + (sword128)ad[ 2] * bd[ 3]
- + (sword128)ad[ 3] * bd[ 2]
- + (sword128)ad[ 4] * bd[ 1]
- + (sword128)ad[ 5] * bd[ 0];
- t[ 6] = dd[ 6] + (sword128)ad[ 0] * bd[ 6]
- + (sword128)ad[ 1] * bd[ 5]
- + (sword128)ad[ 2] * bd[ 4]
- + (sword128)ad[ 3] * bd[ 3]
- + (sword128)ad[ 4] * bd[ 2]
- + (sword128)ad[ 5] * bd[ 1]
- + (sword128)ad[ 6] * bd[ 0];
- t[ 7] = dd[ 7] + (sword128)ad[ 0] * bd[ 7]
- + (sword128)ad[ 1] * bd[ 6]
- + (sword128)ad[ 2] * bd[ 5]
- + (sword128)ad[ 3] * bd[ 4]
- + (sword128)ad[ 4] * bd[ 3]
- + (sword128)ad[ 5] * bd[ 2]
- + (sword128)ad[ 6] * bd[ 1]
- + (sword128)ad[ 7] * bd[ 0];
- t[ 8] = (sword128)ad[ 1] * bd[ 7]
- + (sword128)ad[ 2] * bd[ 6]
- + (sword128)ad[ 3] * bd[ 5]
- + (sword128)ad[ 4] * bd[ 4]
- + (sword128)ad[ 5] * bd[ 3]
- + (sword128)ad[ 6] * bd[ 2]
- + (sword128)ad[ 7] * bd[ 1];
- t[ 9] = (sword128)ad[ 2] * bd[ 7]
- + (sword128)ad[ 3] * bd[ 6]
- + (sword128)ad[ 4] * bd[ 5]
- + (sword128)ad[ 5] * bd[ 4]
- + (sword128)ad[ 6] * bd[ 3]
- + (sword128)ad[ 7] * bd[ 2];
- t[10] = (sword128)ad[ 3] * bd[ 7]
- + (sword128)ad[ 4] * bd[ 6]
- + (sword128)ad[ 5] * bd[ 5]
- + (sword128)ad[ 6] * bd[ 4]
- + (sword128)ad[ 7] * bd[ 3];
- t[11] = (sword128)ad[ 4] * bd[ 7]
- + (sword128)ad[ 5] * bd[ 6]
- + (sword128)ad[ 6] * bd[ 5]
- + (sword128)ad[ 7] * bd[ 4];
- t[12] = (sword128)ad[ 5] * bd[ 7]
- + (sword128)ad[ 6] * bd[ 6]
- + (sword128)ad[ 7] * bd[ 5];
- t[13] = (sword128)ad[ 6] * bd[ 7]
- + (sword128)ad[ 7] * bd[ 6];
- t[14] = (sword128)ad[ 7] * bd[ 7];
+ t[ 0] = (word128)dd[ 0] + (sword128)ad[ 0] * bd[ 0];
+ t[ 1] = (word128)dd[ 1] + (sword128)ad[ 0] * bd[ 1]
+ + (sword128)ad[ 1] * bd[ 0];
+ t[ 2] = (word128)dd[ 2] + (sword128)ad[ 0] * bd[ 2]
+ + (sword128)ad[ 1] * bd[ 1]
+ + (sword128)ad[ 2] * bd[ 0];
+ t[ 3] = (word128)dd[ 3] + (sword128)ad[ 0] * bd[ 3]
+ + (sword128)ad[ 1] * bd[ 2]
+ + (sword128)ad[ 2] * bd[ 1]
+ + (sword128)ad[ 3] * bd[ 0];
+ t[ 4] = (word128)dd[ 4] + (sword128)ad[ 0] * bd[ 4]
+ + (sword128)ad[ 1] * bd[ 3]
+ + (sword128)ad[ 2] * bd[ 2]
+ + (sword128)ad[ 3] * bd[ 1]
+ + (sword128)ad[ 4] * bd[ 0];
+ t[ 5] = (word128)dd[ 5] + (sword128)ad[ 0] * bd[ 5]
+ + (sword128)ad[ 1] * bd[ 4]
+ + (sword128)ad[ 2] * bd[ 3]
+ + (sword128)ad[ 3] * bd[ 2]
+ + (sword128)ad[ 4] * bd[ 1]
+ + (sword128)ad[ 5] * bd[ 0];
+ t[ 6] = (word128)dd[ 6] + (sword128)ad[ 0] * bd[ 6]
+ + (sword128)ad[ 1] * bd[ 5]
+ + (sword128)ad[ 2] * bd[ 4]
+ + (sword128)ad[ 3] * bd[ 3]
+ + (sword128)ad[ 4] * bd[ 2]
+ + (sword128)ad[ 5] * bd[ 1]
+ + (sword128)ad[ 6] * bd[ 0];
+ t[ 7] = (word128)dd[ 7] + (sword128)ad[ 0] * bd[ 7]
+ + (sword128)ad[ 1] * bd[ 6]
+ + (sword128)ad[ 2] * bd[ 5]
+ + (sword128)ad[ 3] * bd[ 4]
+ + (sword128)ad[ 4] * bd[ 3]
+ + (sword128)ad[ 5] * bd[ 2]
+ + (sword128)ad[ 6] * bd[ 1]
+ + (sword128)ad[ 7] * bd[ 0];
+ t[ 8] = (word128) (sword128)ad[ 1] * bd[ 7]
+ + (sword128)ad[ 2] * bd[ 6]
+ + (sword128)ad[ 3] * bd[ 5]
+ + (sword128)ad[ 4] * bd[ 4]
+ + (sword128)ad[ 5] * bd[ 3]
+ + (sword128)ad[ 6] * bd[ 2]
+ + (sword128)ad[ 7] * bd[ 1];
+ t[ 9] = (word128) (sword128)ad[ 2] * bd[ 7]
+ + (sword128)ad[ 3] * bd[ 6]
+ + (sword128)ad[ 4] * bd[ 5]
+ + (sword128)ad[ 5] * bd[ 4]
+ + (sword128)ad[ 6] * bd[ 3]
+ + (sword128)ad[ 7] * bd[ 2];
+ t[10] = (word128) (sword128)ad[ 3] * bd[ 7]
+ + (sword128)ad[ 4] * bd[ 6]
+ + (sword128)ad[ 5] * bd[ 5]
+ + (sword128)ad[ 6] * bd[ 4]
+ + (sword128)ad[ 7] * bd[ 3];
+ t[11] = (word128) (sword128)ad[ 4] * bd[ 7]
+ + (sword128)ad[ 5] * bd[ 6]
+ + (sword128)ad[ 6] * bd[ 5]
+ + (sword128)ad[ 7] * bd[ 4];
+ t[12] = (word128) (sword128)ad[ 5] * bd[ 7]
+ + (sword128)ad[ 6] * bd[ 6]
+ + (sword128)ad[ 7] * bd[ 5];
+ t[13] = (word128) (sword128)ad[ 6] * bd[ 7]
+ + (sword128)ad[ 7] * bd[ 6];
+ t[14] = (word128) (sword128)ad[ 7] * bd[ 7];
t[15] = 0;
/* Mod curve order */
@@ -1045,62 +1045,62 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
o = rd[ 6] >> 56; rd[ 7] += o; rd[ 6] = rd[ 6] & 0xffffffffffffff;
/* Convert to bytes */
- r[ 0] = (rd[0 ] >> 0);
- r[ 1] = (rd[0 ] >> 8);
- r[ 2] = (rd[0 ] >> 16);
- r[ 3] = (rd[0 ] >> 24);
- r[ 4] = (rd[0 ] >> 32);
- r[ 5] = (rd[0 ] >> 40);
- r[ 6] = (rd[0 ] >> 48);
- r[ 7] = (rd[1 ] >> 0);
- r[ 8] = (rd[1 ] >> 8);
- r[ 9] = (rd[1 ] >> 16);
- r[10] = (rd[1 ] >> 24);
- r[11] = (rd[1 ] >> 32);
- r[12] = (rd[1 ] >> 40);
- r[13] = (rd[1 ] >> 48);
- r[14] = (rd[2 ] >> 0);
- r[15] = (rd[2 ] >> 8);
- r[16] = (rd[2 ] >> 16);
- r[17] = (rd[2 ] >> 24);
- r[18] = (rd[2 ] >> 32);
- r[19] = (rd[2 ] >> 40);
- r[20] = (rd[2 ] >> 48);
- r[21] = (rd[3 ] >> 0);
- r[22] = (rd[3 ] >> 8);
- r[23] = (rd[3 ] >> 16);
- r[24] = (rd[3 ] >> 24);
- r[25] = (rd[3 ] >> 32);
- r[26] = (rd[3 ] >> 40);
- r[27] = (rd[3 ] >> 48);
- r[28] = (rd[4 ] >> 0);
- r[29] = (rd[4 ] >> 8);
- r[30] = (rd[4 ] >> 16);
- r[31] = (rd[4 ] >> 24);
- r[32] = (rd[4 ] >> 32);
- r[33] = (rd[4 ] >> 40);
- r[34] = (rd[4 ] >> 48);
- r[35] = (rd[5 ] >> 0);
- r[36] = (rd[5 ] >> 8);
- r[37] = (rd[5 ] >> 16);
- r[38] = (rd[5 ] >> 24);
- r[39] = (rd[5 ] >> 32);
- r[40] = (rd[5 ] >> 40);
- r[41] = (rd[5 ] >> 48);
- r[42] = (rd[6 ] >> 0);
- r[43] = (rd[6 ] >> 8);
- r[44] = (rd[6 ] >> 16);
- r[45] = (rd[6 ] >> 24);
- r[46] = (rd[6 ] >> 32);
- r[47] = (rd[6 ] >> 40);
- r[48] = (rd[6 ] >> 48);
- r[49] = (rd[7 ] >> 0);
- r[50] = (rd[7 ] >> 8);
- r[51] = (rd[7 ] >> 16);
- r[52] = (rd[7 ] >> 24);
- r[53] = (rd[7 ] >> 32);
- r[54] = (rd[7 ] >> 40);
- r[55] = (rd[7 ] >> 48);
+ r[ 0] = (byte)(rd[0 ] >> 0);
+ r[ 1] = (byte)(rd[0 ] >> 8);
+ r[ 2] = (byte)(rd[0 ] >> 16);
+ r[ 3] = (byte)(rd[0 ] >> 24);
+ r[ 4] = (byte)(rd[0 ] >> 32);
+ r[ 5] = (byte)(rd[0 ] >> 40);
+ r[ 6] = (byte)(rd[0 ] >> 48);
+ r[ 7] = (byte)(rd[1 ] >> 0);
+ r[ 8] = (byte)(rd[1 ] >> 8);
+ r[ 9] = (byte)(rd[1 ] >> 16);
+ r[10] = (byte)(rd[1 ] >> 24);
+ r[11] = (byte)(rd[1 ] >> 32);
+ r[12] = (byte)(rd[1 ] >> 40);
+ r[13] = (byte)(rd[1 ] >> 48);
+ r[14] = (byte)(rd[2 ] >> 0);
+ r[15] = (byte)(rd[2 ] >> 8);
+ r[16] = (byte)(rd[2 ] >> 16);
+ r[17] = (byte)(rd[2 ] >> 24);
+ r[18] = (byte)(rd[2 ] >> 32);
+ r[19] = (byte)(rd[2 ] >> 40);
+ r[20] = (byte)(rd[2 ] >> 48);
+ r[21] = (byte)(rd[3 ] >> 0);
+ r[22] = (byte)(rd[3 ] >> 8);
+ r[23] = (byte)(rd[3 ] >> 16);
+ r[24] = (byte)(rd[3 ] >> 24);
+ r[25] = (byte)(rd[3 ] >> 32);
+ r[26] = (byte)(rd[3 ] >> 40);
+ r[27] = (byte)(rd[3 ] >> 48);
+ r[28] = (byte)(rd[4 ] >> 0);
+ r[29] = (byte)(rd[4 ] >> 8);
+ r[30] = (byte)(rd[4 ] >> 16);
+ r[31] = (byte)(rd[4 ] >> 24);
+ r[32] = (byte)(rd[4 ] >> 32);
+ r[33] = (byte)(rd[4 ] >> 40);
+ r[34] = (byte)(rd[4 ] >> 48);
+ r[35] = (byte)(rd[5 ] >> 0);
+ r[36] = (byte)(rd[5 ] >> 8);
+ r[37] = (byte)(rd[5 ] >> 16);
+ r[38] = (byte)(rd[5 ] >> 24);
+ r[39] = (byte)(rd[5 ] >> 32);
+ r[40] = (byte)(rd[5 ] >> 40);
+ r[41] = (byte)(rd[5 ] >> 48);
+ r[42] = (byte)(rd[6 ] >> 0);
+ r[43] = (byte)(rd[6 ] >> 8);
+ r[44] = (byte)(rd[6 ] >> 16);
+ r[45] = (byte)(rd[6 ] >> 24);
+ r[46] = (byte)(rd[6 ] >> 32);
+ r[47] = (byte)(rd[6 ] >> 40);
+ r[48] = (byte)(rd[6 ] >> 48);
+ r[49] = (byte)(rd[7 ] >> 0);
+ r[50] = (byte)(rd[7 ] >> 8);
+ r[51] = (byte)(rd[7 ] >> 16);
+ r[52] = (byte)(rd[7 ] >> 24);
+ r[53] = (byte)(rd[7 ] >> 32);
+ r[54] = (byte)(rd[7 ] >> 40);
+ r[55] = (byte)(rd[7 ] >> 48);
r[56] = 0;
}
@@ -5449,62 +5449,62 @@ void sc448_reduce(byte* b)
o = d[14] >> 28; d[15] += o; d[14] = d[14] & 0xfffffff;
/* Convert to bytes */
- b[ 0] = (d[0 ] >> 0);
- b[ 1] = (d[0 ] >> 8);
- b[ 2] = (d[0 ] >> 16);
- b[ 3] = (d[0 ] >> 24) + ((d[1 ] >> 0) << 4);
- b[ 4] = (d[1 ] >> 4);
- b[ 5] = (d[1 ] >> 12);
- b[ 6] = (d[1 ] >> 20);
- b[ 7] = (d[2 ] >> 0);
- b[ 8] = (d[2 ] >> 8);
- b[ 9] = (d[2 ] >> 16);
- b[10] = (d[2 ] >> 24) + ((d[3 ] >> 0) << 4);
- b[11] = (d[3 ] >> 4);
- b[12] = (d[3 ] >> 12);
- b[13] = (d[3 ] >> 20);
- b[14] = (d[4 ] >> 0);
- b[15] = (d[4 ] >> 8);
- b[16] = (d[4 ] >> 16);
- b[17] = (d[4 ] >> 24) + ((d[5 ] >> 0) << 4);
- b[18] = (d[5 ] >> 4);
- b[19] = (d[5 ] >> 12);
- b[20] = (d[5 ] >> 20);
- b[21] = (d[6 ] >> 0);
- b[22] = (d[6 ] >> 8);
- b[23] = (d[6 ] >> 16);
- b[24] = (d[6 ] >> 24) + ((d[7 ] >> 0) << 4);
- b[25] = (d[7 ] >> 4);
- b[26] = (d[7 ] >> 12);
- b[27] = (d[7 ] >> 20);
- b[28] = (d[8 ] >> 0);
- b[29] = (d[8 ] >> 8);
- b[30] = (d[8 ] >> 16);
- b[31] = (d[8 ] >> 24) + ((d[9 ] >> 0) << 4);
- b[32] = (d[9 ] >> 4);
- b[33] = (d[9 ] >> 12);
- b[34] = (d[9 ] >> 20);
- b[35] = (d[10] >> 0);
- b[36] = (d[10] >> 8);
- b[37] = (d[10] >> 16);
- b[38] = (d[10] >> 24) + ((d[11] >> 0) << 4);
- b[39] = (d[11] >> 4);
- b[40] = (d[11] >> 12);
- b[41] = (d[11] >> 20);
- b[42] = (d[12] >> 0);
- b[43] = (d[12] >> 8);
- b[44] = (d[12] >> 16);
- b[45] = (d[12] >> 24) + ((d[13] >> 0) << 4);
- b[46] = (d[13] >> 4);
- b[47] = (d[13] >> 12);
- b[48] = (d[13] >> 20);
- b[49] = (d[14] >> 0);
- b[50] = (d[14] >> 8);
- b[51] = (d[14] >> 16);
- b[52] = (d[14] >> 24) + ((d[15] >> 0) << 4);
- b[53] = (d[15] >> 4);
- b[54] = (d[15] >> 12);
- b[55] = (d[15] >> 20);
+ b[ 0] = (byte)(d[0 ] >> 0);
+ b[ 1] = (byte)(d[0 ] >> 8);
+ b[ 2] = (byte)(d[0 ] >> 16);
+ b[ 3] = (byte)(d[0 ] >> 24) + ((d[1 ] >> 0) << 4);
+ b[ 4] = (byte)(d[1 ] >> 4);
+ b[ 5] = (byte)(d[1 ] >> 12);
+ b[ 6] = (byte)(d[1 ] >> 20);
+ b[ 7] = (byte)(d[2 ] >> 0);
+ b[ 8] = (byte)(d[2 ] >> 8);
+ b[ 9] = (byte)(d[2 ] >> 16);
+ b[10] = (byte)(d[2 ] >> 24) + ((d[3 ] >> 0) << 4);
+ b[11] = (byte)(d[3 ] >> 4);
+ b[12] = (byte)(d[3 ] >> 12);
+ b[13] = (byte)(d[3 ] >> 20);
+ b[14] = (byte)(d[4 ] >> 0);
+ b[15] = (byte)(d[4 ] >> 8);
+ b[16] = (byte)(d[4 ] >> 16);
+ b[17] = (byte)(d[4 ] >> 24) + ((d[5 ] >> 0) << 4);
+ b[18] = (byte)(d[5 ] >> 4);
+ b[19] = (byte)(d[5 ] >> 12);
+ b[20] = (byte)(d[5 ] >> 20);
+ b[21] = (byte)(d[6 ] >> 0);
+ b[22] = (byte)(d[6 ] >> 8);
+ b[23] = (byte)(d[6 ] >> 16);
+ b[24] = (byte)(d[6 ] >> 24) + ((d[7 ] >> 0) << 4);
+ b[25] = (byte)(d[7 ] >> 4);
+ b[26] = (byte)(d[7 ] >> 12);
+ b[27] = (byte)(d[7 ] >> 20);
+ b[28] = (byte)(d[8 ] >> 0);
+ b[29] = (byte)(d[8 ] >> 8);
+ b[30] = (byte)(d[8 ] >> 16);
+ b[31] = (byte)(d[8 ] >> 24) + ((d[9 ] >> 0) << 4);
+ b[32] = (byte)(d[9 ] >> 4);
+ b[33] = (byte)(d[9 ] >> 12);
+ b[34] = (byte)(d[9 ] >> 20);
+ b[35] = (byte)(d[10] >> 0);
+ b[36] = (byte)(d[10] >> 8);
+ b[37] = (byte)(d[10] >> 16);
+ b[38] = (byte)(d[10] >> 24) + ((d[11] >> 0) << 4);
+ b[39] = (byte)(d[11] >> 4);
+ b[40] = (byte)(d[11] >> 12);
+ b[41] = (byte)(d[11] >> 20);
+ b[42] = (byte)(d[12] >> 0);
+ b[43] = (byte)(d[12] >> 8);
+ b[44] = (byte)(d[12] >> 16);
+ b[45] = (byte)(d[12] >> 24) + ((d[13] >> 0) << 4);
+ b[46] = (byte)(d[13] >> 4);
+ b[47] = (byte)(d[13] >> 12);
+ b[48] = (byte)(d[13] >> 20);
+ b[49] = (byte)(d[14] >> 0);
+ b[50] = (byte)(d[14] >> 8);
+ b[51] = (byte)(d[14] >> 16);
+ b[52] = (byte)(d[14] >> 24) + ((d[15] >> 0) << 4);
+ b[53] = (byte)(d[15] >> 4);
+ b[54] = (byte)(d[15] >> 12);
+ b[55] = (byte)(d[15] >> 20);
b[56] = 0;
}
@@ -5719,262 +5719,262 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
| (((sword32)((d[55] ) >> 0)) << 20);
/* a * b + d */
- t[ 0] = dd[ 0] + (sword64)ad[ 0] * bd[ 0];
- t[ 1] = dd[ 1] + (sword64)ad[ 0] * bd[ 1]
- + (sword64)ad[ 1] * bd[ 0];
- t[ 2] = dd[ 2] + (sword64)ad[ 0] * bd[ 2]
- + (sword64)ad[ 1] * bd[ 1]
- + (sword64)ad[ 2] * bd[ 0];
- t[ 3] = dd[ 3] + (sword64)ad[ 0] * bd[ 3]
- + (sword64)ad[ 1] * bd[ 2]
- + (sword64)ad[ 2] * bd[ 1]
- + (sword64)ad[ 3] * bd[ 0];
- t[ 4] = dd[ 4] + (sword64)ad[ 0] * bd[ 4]
- + (sword64)ad[ 1] * bd[ 3]
- + (sword64)ad[ 2] * bd[ 2]
- + (sword64)ad[ 3] * bd[ 1]
- + (sword64)ad[ 4] * bd[ 0];
- t[ 5] = dd[ 5] + (sword64)ad[ 0] * bd[ 5]
- + (sword64)ad[ 1] * bd[ 4]
- + (sword64)ad[ 2] * bd[ 3]
- + (sword64)ad[ 3] * bd[ 2]
- + (sword64)ad[ 4] * bd[ 1]
- + (sword64)ad[ 5] * bd[ 0];
- t[ 6] = dd[ 6] + (sword64)ad[ 0] * bd[ 6]
- + (sword64)ad[ 1] * bd[ 5]
- + (sword64)ad[ 2] * bd[ 4]
- + (sword64)ad[ 3] * bd[ 3]
- + (sword64)ad[ 4] * bd[ 2]
- + (sword64)ad[ 5] * bd[ 1]
- + (sword64)ad[ 6] * bd[ 0];
- t[ 7] = dd[ 7] + (sword64)ad[ 0] * bd[ 7]
- + (sword64)ad[ 1] * bd[ 6]
- + (sword64)ad[ 2] * bd[ 5]
- + (sword64)ad[ 3] * bd[ 4]
- + (sword64)ad[ 4] * bd[ 3]
- + (sword64)ad[ 5] * bd[ 2]
- + (sword64)ad[ 6] * bd[ 1]
- + (sword64)ad[ 7] * bd[ 0];
- t[ 8] = dd[ 8] + (sword64)ad[ 0] * bd[ 8]
- + (sword64)ad[ 1] * bd[ 7]
- + (sword64)ad[ 2] * bd[ 6]
- + (sword64)ad[ 3] * bd[ 5]
- + (sword64)ad[ 4] * bd[ 4]
- + (sword64)ad[ 5] * bd[ 3]
- + (sword64)ad[ 6] * bd[ 2]
- + (sword64)ad[ 7] * bd[ 1]
- + (sword64)ad[ 8] * bd[ 0];
- t[ 9] = dd[ 9] + (sword64)ad[ 0] * bd[ 9]
- + (sword64)ad[ 1] * bd[ 8]
- + (sword64)ad[ 2] * bd[ 7]
- + (sword64)ad[ 3] * bd[ 6]
- + (sword64)ad[ 4] * bd[ 5]
- + (sword64)ad[ 5] * bd[ 4]
- + (sword64)ad[ 6] * bd[ 3]
- + (sword64)ad[ 7] * bd[ 2]
- + (sword64)ad[ 8] * bd[ 1]
- + (sword64)ad[ 9] * bd[ 0];
- t[10] = dd[10] + (sword64)ad[ 0] * bd[10]
- + (sword64)ad[ 1] * bd[ 9]
- + (sword64)ad[ 2] * bd[ 8]
- + (sword64)ad[ 3] * bd[ 7]
- + (sword64)ad[ 4] * bd[ 6]
- + (sword64)ad[ 5] * bd[ 5]
- + (sword64)ad[ 6] * bd[ 4]
- + (sword64)ad[ 7] * bd[ 3]
- + (sword64)ad[ 8] * bd[ 2]
- + (sword64)ad[ 9] * bd[ 1]
- + (sword64)ad[10] * bd[ 0];
- t[11] = dd[11] + (sword64)ad[ 0] * bd[11]
- + (sword64)ad[ 1] * bd[10]
- + (sword64)ad[ 2] * bd[ 9]
- + (sword64)ad[ 3] * bd[ 8]
- + (sword64)ad[ 4] * bd[ 7]
- + (sword64)ad[ 5] * bd[ 6]
- + (sword64)ad[ 6] * bd[ 5]
- + (sword64)ad[ 7] * bd[ 4]
- + (sword64)ad[ 8] * bd[ 3]
- + (sword64)ad[ 9] * bd[ 2]
- + (sword64)ad[10] * bd[ 1]
- + (sword64)ad[11] * bd[ 0];
- t[12] = dd[12] + (sword64)ad[ 0] * bd[12]
- + (sword64)ad[ 1] * bd[11]
- + (sword64)ad[ 2] * bd[10]
- + (sword64)ad[ 3] * bd[ 9]
- + (sword64)ad[ 4] * bd[ 8]
- + (sword64)ad[ 5] * bd[ 7]
- + (sword64)ad[ 6] * bd[ 6]
- + (sword64)ad[ 7] * bd[ 5]
- + (sword64)ad[ 8] * bd[ 4]
- + (sword64)ad[ 9] * bd[ 3]
- + (sword64)ad[10] * bd[ 2]
- + (sword64)ad[11] * bd[ 1]
- + (sword64)ad[12] * bd[ 0];
- t[13] = dd[13] + (sword64)ad[ 0] * bd[13]
- + (sword64)ad[ 1] * bd[12]
- + (sword64)ad[ 2] * bd[11]
- + (sword64)ad[ 3] * bd[10]
- + (sword64)ad[ 4] * bd[ 9]
- + (sword64)ad[ 5] * bd[ 8]
- + (sword64)ad[ 6] * bd[ 7]
- + (sword64)ad[ 7] * bd[ 6]
- + (sword64)ad[ 8] * bd[ 5]
- + (sword64)ad[ 9] * bd[ 4]
- + (sword64)ad[10] * bd[ 3]
- + (sword64)ad[11] * bd[ 2]
- + (sword64)ad[12] * bd[ 1]
- + (sword64)ad[13] * bd[ 0];
- t[14] = dd[14] + (sword64)ad[ 0] * bd[14]
- + (sword64)ad[ 1] * bd[13]
- + (sword64)ad[ 2] * bd[12]
- + (sword64)ad[ 3] * bd[11]
- + (sword64)ad[ 4] * bd[10]
- + (sword64)ad[ 5] * bd[ 9]
- + (sword64)ad[ 6] * bd[ 8]
- + (sword64)ad[ 7] * bd[ 7]
- + (sword64)ad[ 8] * bd[ 6]
- + (sword64)ad[ 9] * bd[ 5]
- + (sword64)ad[10] * bd[ 4]
- + (sword64)ad[11] * bd[ 3]
- + (sword64)ad[12] * bd[ 2]
- + (sword64)ad[13] * bd[ 1]
- + (sword64)ad[14] * bd[ 0];
- t[15] = dd[15] + (sword64)ad[ 0] * bd[15]
- + (sword64)ad[ 1] * bd[14]
- + (sword64)ad[ 2] * bd[13]
- + (sword64)ad[ 3] * bd[12]
- + (sword64)ad[ 4] * bd[11]
- + (sword64)ad[ 5] * bd[10]
- + (sword64)ad[ 6] * bd[ 9]
- + (sword64)ad[ 7] * bd[ 8]
- + (sword64)ad[ 8] * bd[ 7]
- + (sword64)ad[ 9] * bd[ 6]
- + (sword64)ad[10] * bd[ 5]
- + (sword64)ad[11] * bd[ 4]
- + (sword64)ad[12] * bd[ 3]
- + (sword64)ad[13] * bd[ 2]
- + (sword64)ad[14] * bd[ 1]
- + (sword64)ad[15] * bd[ 0];
- t[16] = (sword64)ad[ 1] * bd[15]
- + (sword64)ad[ 2] * bd[14]
- + (sword64)ad[ 3] * bd[13]
- + (sword64)ad[ 4] * bd[12]
- + (sword64)ad[ 5] * bd[11]
- + (sword64)ad[ 6] * bd[10]
- + (sword64)ad[ 7] * bd[ 9]
- + (sword64)ad[ 8] * bd[ 8]
- + (sword64)ad[ 9] * bd[ 7]
- + (sword64)ad[10] * bd[ 6]
- + (sword64)ad[11] * bd[ 5]
- + (sword64)ad[12] * bd[ 4]
- + (sword64)ad[13] * bd[ 3]
- + (sword64)ad[14] * bd[ 2]
- + (sword64)ad[15] * bd[ 1];
- t[17] = (sword64)ad[ 2] * bd[15]
- + (sword64)ad[ 3] * bd[14]
- + (sword64)ad[ 4] * bd[13]
- + (sword64)ad[ 5] * bd[12]
- + (sword64)ad[ 6] * bd[11]
- + (sword64)ad[ 7] * bd[10]
- + (sword64)ad[ 8] * bd[ 9]
- + (sword64)ad[ 9] * bd[ 8]
- + (sword64)ad[10] * bd[ 7]
- + (sword64)ad[11] * bd[ 6]
- + (sword64)ad[12] * bd[ 5]
- + (sword64)ad[13] * bd[ 4]
- + (sword64)ad[14] * bd[ 3]
- + (sword64)ad[15] * bd[ 2];
- t[18] = (sword64)ad[ 3] * bd[15]
- + (sword64)ad[ 4] * bd[14]
- + (sword64)ad[ 5] * bd[13]
- + (sword64)ad[ 6] * bd[12]
- + (sword64)ad[ 7] * bd[11]
- + (sword64)ad[ 8] * bd[10]
- + (sword64)ad[ 9] * bd[ 9]
- + (sword64)ad[10] * bd[ 8]
- + (sword64)ad[11] * bd[ 7]
- + (sword64)ad[12] * bd[ 6]
- + (sword64)ad[13] * bd[ 5]
- + (sword64)ad[14] * bd[ 4]
- + (sword64)ad[15] * bd[ 3];
- t[19] = (sword64)ad[ 4] * bd[15]
- + (sword64)ad[ 5] * bd[14]
- + (sword64)ad[ 6] * bd[13]
- + (sword64)ad[ 7] * bd[12]
- + (sword64)ad[ 8] * bd[11]
- + (sword64)ad[ 9] * bd[10]
- + (sword64)ad[10] * bd[ 9]
- + (sword64)ad[11] * bd[ 8]
- + (sword64)ad[12] * bd[ 7]
- + (sword64)ad[13] * bd[ 6]
- + (sword64)ad[14] * bd[ 5]
- + (sword64)ad[15] * bd[ 4];
- t[20] = (sword64)ad[ 5] * bd[15]
- + (sword64)ad[ 6] * bd[14]
- + (sword64)ad[ 7] * bd[13]
- + (sword64)ad[ 8] * bd[12]
- + (sword64)ad[ 9] * bd[11]
- + (sword64)ad[10] * bd[10]
- + (sword64)ad[11] * bd[ 9]
- + (sword64)ad[12] * bd[ 8]
- + (sword64)ad[13] * bd[ 7]
- + (sword64)ad[14] * bd[ 6]
- + (sword64)ad[15] * bd[ 5];
- t[21] = (sword64)ad[ 6] * bd[15]
- + (sword64)ad[ 7] * bd[14]
- + (sword64)ad[ 8] * bd[13]
- + (sword64)ad[ 9] * bd[12]
- + (sword64)ad[10] * bd[11]
- + (sword64)ad[11] * bd[10]
- + (sword64)ad[12] * bd[ 9]
- + (sword64)ad[13] * bd[ 8]
- + (sword64)ad[14] * bd[ 7]
- + (sword64)ad[15] * bd[ 6];
- t[22] = (sword64)ad[ 7] * bd[15]
- + (sword64)ad[ 8] * bd[14]
- + (sword64)ad[ 9] * bd[13]
- + (sword64)ad[10] * bd[12]
- + (sword64)ad[11] * bd[11]
- + (sword64)ad[12] * bd[10]
- + (sword64)ad[13] * bd[ 9]
- + (sword64)ad[14] * bd[ 8]
- + (sword64)ad[15] * bd[ 7];
- t[23] = (sword64)ad[ 8] * bd[15]
- + (sword64)ad[ 9] * bd[14]
- + (sword64)ad[10] * bd[13]
- + (sword64)ad[11] * bd[12]
- + (sword64)ad[12] * bd[11]
- + (sword64)ad[13] * bd[10]
- + (sword64)ad[14] * bd[ 9]
- + (sword64)ad[15] * bd[ 8];
- t[24] = (sword64)ad[ 9] * bd[15]
- + (sword64)ad[10] * bd[14]
- + (sword64)ad[11] * bd[13]
- + (sword64)ad[12] * bd[12]
- + (sword64)ad[13] * bd[11]
- + (sword64)ad[14] * bd[10]
- + (sword64)ad[15] * bd[ 9];
- t[25] = (sword64)ad[10] * bd[15]
- + (sword64)ad[11] * bd[14]
- + (sword64)ad[12] * bd[13]
- + (sword64)ad[13] * bd[12]
- + (sword64)ad[14] * bd[11]
- + (sword64)ad[15] * bd[10];
- t[26] = (sword64)ad[11] * bd[15]
- + (sword64)ad[12] * bd[14]
- + (sword64)ad[13] * bd[13]
- + (sword64)ad[14] * bd[12]
- + (sword64)ad[15] * bd[11];
- t[27] = (sword64)ad[12] * bd[15]
- + (sword64)ad[13] * bd[14]
- + (sword64)ad[14] * bd[13]
- + (sword64)ad[15] * bd[12];
- t[28] = (sword64)ad[13] * bd[15]
- + (sword64)ad[14] * bd[14]
- + (sword64)ad[15] * bd[13];
- t[29] = (sword64)ad[14] * bd[15]
- + (sword64)ad[15] * bd[14];
- t[30] = (sword64)ad[15] * bd[15];
+ t[ 0] = (word64)dd[ 0] + (sword64)ad[ 0] * bd[ 0];
+ t[ 1] = (word64)dd[ 1] + (sword64)ad[ 0] * bd[ 1]
+ + (sword64)ad[ 1] * bd[ 0];
+ t[ 2] = (word64)dd[ 2] + (sword64)ad[ 0] * bd[ 2]
+ + (sword64)ad[ 1] * bd[ 1]
+ + (sword64)ad[ 2] * bd[ 0];
+ t[ 3] = (word64)dd[ 3] + (sword64)ad[ 0] * bd[ 3]
+ + (sword64)ad[ 1] * bd[ 2]
+ + (sword64)ad[ 2] * bd[ 1]
+ + (sword64)ad[ 3] * bd[ 0];
+ t[ 4] = (word64)dd[ 4] + (sword64)ad[ 0] * bd[ 4]
+ + (sword64)ad[ 1] * bd[ 3]
+ + (sword64)ad[ 2] * bd[ 2]
+ + (sword64)ad[ 3] * bd[ 1]
+ + (sword64)ad[ 4] * bd[ 0];
+ t[ 5] = (word64)dd[ 5] + (sword64)ad[ 0] * bd[ 5]
+ + (sword64)ad[ 1] * bd[ 4]
+ + (sword64)ad[ 2] * bd[ 3]
+ + (sword64)ad[ 3] * bd[ 2]
+ + (sword64)ad[ 4] * bd[ 1]
+ + (sword64)ad[ 5] * bd[ 0];
+ t[ 6] = (word64)dd[ 6] + (sword64)ad[ 0] * bd[ 6]
+ + (sword64)ad[ 1] * bd[ 5]
+ + (sword64)ad[ 2] * bd[ 4]
+ + (sword64)ad[ 3] * bd[ 3]
+ + (sword64)ad[ 4] * bd[ 2]
+ + (sword64)ad[ 5] * bd[ 1]
+ + (sword64)ad[ 6] * bd[ 0];
+ t[ 7] = (word64)dd[ 7] + (sword64)ad[ 0] * bd[ 7]
+ + (sword64)ad[ 1] * bd[ 6]
+ + (sword64)ad[ 2] * bd[ 5]
+ + (sword64)ad[ 3] * bd[ 4]
+ + (sword64)ad[ 4] * bd[ 3]
+ + (sword64)ad[ 5] * bd[ 2]
+ + (sword64)ad[ 6] * bd[ 1]
+ + (sword64)ad[ 7] * bd[ 0];
+ t[ 8] = (word64)dd[ 8] + (sword64)ad[ 0] * bd[ 8]
+ + (sword64)ad[ 1] * bd[ 7]
+ + (sword64)ad[ 2] * bd[ 6]
+ + (sword64)ad[ 3] * bd[ 5]
+ + (sword64)ad[ 4] * bd[ 4]
+ + (sword64)ad[ 5] * bd[ 3]
+ + (sword64)ad[ 6] * bd[ 2]
+ + (sword64)ad[ 7] * bd[ 1]
+ + (sword64)ad[ 8] * bd[ 0];
+ t[ 9] = (word64)dd[ 9] + (sword64)ad[ 0] * bd[ 9]
+ + (sword64)ad[ 1] * bd[ 8]
+ + (sword64)ad[ 2] * bd[ 7]
+ + (sword64)ad[ 3] * bd[ 6]
+ + (sword64)ad[ 4] * bd[ 5]
+ + (sword64)ad[ 5] * bd[ 4]
+ + (sword64)ad[ 6] * bd[ 3]
+ + (sword64)ad[ 7] * bd[ 2]
+ + (sword64)ad[ 8] * bd[ 1]
+ + (sword64)ad[ 9] * bd[ 0];
+ t[10] = (word64)dd[10] + (sword64)ad[ 0] * bd[10]
+ + (sword64)ad[ 1] * bd[ 9]
+ + (sword64)ad[ 2] * bd[ 8]
+ + (sword64)ad[ 3] * bd[ 7]
+ + (sword64)ad[ 4] * bd[ 6]
+ + (sword64)ad[ 5] * bd[ 5]
+ + (sword64)ad[ 6] * bd[ 4]
+ + (sword64)ad[ 7] * bd[ 3]
+ + (sword64)ad[ 8] * bd[ 2]
+ + (sword64)ad[ 9] * bd[ 1]
+ + (sword64)ad[10] * bd[ 0];
+ t[11] = (word64)dd[11] + (sword64)ad[ 0] * bd[11]
+ + (sword64)ad[ 1] * bd[10]
+ + (sword64)ad[ 2] * bd[ 9]
+ + (sword64)ad[ 3] * bd[ 8]
+ + (sword64)ad[ 4] * bd[ 7]
+ + (sword64)ad[ 5] * bd[ 6]
+ + (sword64)ad[ 6] * bd[ 5]
+ + (sword64)ad[ 7] * bd[ 4]
+ + (sword64)ad[ 8] * bd[ 3]
+ + (sword64)ad[ 9] * bd[ 2]
+ + (sword64)ad[10] * bd[ 1]
+ + (sword64)ad[11] * bd[ 0];
+ t[12] = (word64)dd[12] + (sword64)ad[ 0] * bd[12]
+ + (sword64)ad[ 1] * bd[11]
+ + (sword64)ad[ 2] * bd[10]
+ + (sword64)ad[ 3] * bd[ 9]
+ + (sword64)ad[ 4] * bd[ 8]
+ + (sword64)ad[ 5] * bd[ 7]
+ + (sword64)ad[ 6] * bd[ 6]
+ + (sword64)ad[ 7] * bd[ 5]
+ + (sword64)ad[ 8] * bd[ 4]
+ + (sword64)ad[ 9] * bd[ 3]
+ + (sword64)ad[10] * bd[ 2]
+ + (sword64)ad[11] * bd[ 1]
+ + (sword64)ad[12] * bd[ 0];
+ t[13] = (word64)dd[13] + (sword64)ad[ 0] * bd[13]
+ + (sword64)ad[ 1] * bd[12]
+ + (sword64)ad[ 2] * bd[11]
+ + (sword64)ad[ 3] * bd[10]
+ + (sword64)ad[ 4] * bd[ 9]
+ + (sword64)ad[ 5] * bd[ 8]
+ + (sword64)ad[ 6] * bd[ 7]
+ + (sword64)ad[ 7] * bd[ 6]
+ + (sword64)ad[ 8] * bd[ 5]
+ + (sword64)ad[ 9] * bd[ 4]
+ + (sword64)ad[10] * bd[ 3]
+ + (sword64)ad[11] * bd[ 2]
+ + (sword64)ad[12] * bd[ 1]
+ + (sword64)ad[13] * bd[ 0];
+ t[14] = (word64)dd[14] + (sword64)ad[ 0] * bd[14]
+ + (sword64)ad[ 1] * bd[13]
+ + (sword64)ad[ 2] * bd[12]
+ + (sword64)ad[ 3] * bd[11]
+ + (sword64)ad[ 4] * bd[10]
+ + (sword64)ad[ 5] * bd[ 9]
+ + (sword64)ad[ 6] * bd[ 8]
+ + (sword64)ad[ 7] * bd[ 7]
+ + (sword64)ad[ 8] * bd[ 6]
+ + (sword64)ad[ 9] * bd[ 5]
+ + (sword64)ad[10] * bd[ 4]
+ + (sword64)ad[11] * bd[ 3]
+ + (sword64)ad[12] * bd[ 2]
+ + (sword64)ad[13] * bd[ 1]
+ + (sword64)ad[14] * bd[ 0];
+ t[15] = (word64)dd[15] + (sword64)ad[ 0] * bd[15]
+ + (sword64)ad[ 1] * bd[14]
+ + (sword64)ad[ 2] * bd[13]
+ + (sword64)ad[ 3] * bd[12]
+ + (sword64)ad[ 4] * bd[11]
+ + (sword64)ad[ 5] * bd[10]
+ + (sword64)ad[ 6] * bd[ 9]
+ + (sword64)ad[ 7] * bd[ 8]
+ + (sword64)ad[ 8] * bd[ 7]
+ + (sword64)ad[ 9] * bd[ 6]
+ + (sword64)ad[10] * bd[ 5]
+ + (sword64)ad[11] * bd[ 4]
+ + (sword64)ad[12] * bd[ 3]
+ + (sword64)ad[13] * bd[ 2]
+ + (sword64)ad[14] * bd[ 1]
+ + (sword64)ad[15] * bd[ 0];
+ t[16] = (word64) (sword64)ad[ 1] * bd[15]
+ + (sword64)ad[ 2] * bd[14]
+ + (sword64)ad[ 3] * bd[13]
+ + (sword64)ad[ 4] * bd[12]
+ + (sword64)ad[ 5] * bd[11]
+ + (sword64)ad[ 6] * bd[10]
+ + (sword64)ad[ 7] * bd[ 9]
+ + (sword64)ad[ 8] * bd[ 8]
+ + (sword64)ad[ 9] * bd[ 7]
+ + (sword64)ad[10] * bd[ 6]
+ + (sword64)ad[11] * bd[ 5]
+ + (sword64)ad[12] * bd[ 4]
+ + (sword64)ad[13] * bd[ 3]
+ + (sword64)ad[14] * bd[ 2]
+ + (sword64)ad[15] * bd[ 1];
+ t[17] = (word64) (sword64)ad[ 2] * bd[15]
+ + (sword64)ad[ 3] * bd[14]
+ + (sword64)ad[ 4] * bd[13]
+ + (sword64)ad[ 5] * bd[12]
+ + (sword64)ad[ 6] * bd[11]
+ + (sword64)ad[ 7] * bd[10]
+ + (sword64)ad[ 8] * bd[ 9]
+ + (sword64)ad[ 9] * bd[ 8]
+ + (sword64)ad[10] * bd[ 7]
+ + (sword64)ad[11] * bd[ 6]
+ + (sword64)ad[12] * bd[ 5]
+ + (sword64)ad[13] * bd[ 4]
+ + (sword64)ad[14] * bd[ 3]
+ + (sword64)ad[15] * bd[ 2];
+ t[18] = (word64) (sword64)ad[ 3] * bd[15]
+ + (sword64)ad[ 4] * bd[14]
+ + (sword64)ad[ 5] * bd[13]
+ + (sword64)ad[ 6] * bd[12]
+ + (sword64)ad[ 7] * bd[11]
+ + (sword64)ad[ 8] * bd[10]
+ + (sword64)ad[ 9] * bd[ 9]
+ + (sword64)ad[10] * bd[ 8]
+ + (sword64)ad[11] * bd[ 7]
+ + (sword64)ad[12] * bd[ 6]
+ + (sword64)ad[13] * bd[ 5]
+ + (sword64)ad[14] * bd[ 4]
+ + (sword64)ad[15] * bd[ 3];
+ t[19] = (word64) (sword64)ad[ 4] * bd[15]
+ + (sword64)ad[ 5] * bd[14]
+ + (sword64)ad[ 6] * bd[13]
+ + (sword64)ad[ 7] * bd[12]
+ + (sword64)ad[ 8] * bd[11]
+ + (sword64)ad[ 9] * bd[10]
+ + (sword64)ad[10] * bd[ 9]
+ + (sword64)ad[11] * bd[ 8]
+ + (sword64)ad[12] * bd[ 7]
+ + (sword64)ad[13] * bd[ 6]
+ + (sword64)ad[14] * bd[ 5]
+ + (sword64)ad[15] * bd[ 4];
+ t[20] = (word64) (sword64)ad[ 5] * bd[15]
+ + (sword64)ad[ 6] * bd[14]
+ + (sword64)ad[ 7] * bd[13]
+ + (sword64)ad[ 8] * bd[12]
+ + (sword64)ad[ 9] * bd[11]
+ + (sword64)ad[10] * bd[10]
+ + (sword64)ad[11] * bd[ 9]
+ + (sword64)ad[12] * bd[ 8]
+ + (sword64)ad[13] * bd[ 7]
+ + (sword64)ad[14] * bd[ 6]
+ + (sword64)ad[15] * bd[ 5];
+ t[21] = (word64) (sword64)ad[ 6] * bd[15]
+ + (sword64)ad[ 7] * bd[14]
+ + (sword64)ad[ 8] * bd[13]
+ + (sword64)ad[ 9] * bd[12]
+ + (sword64)ad[10] * bd[11]
+ + (sword64)ad[11] * bd[10]
+ + (sword64)ad[12] * bd[ 9]
+ + (sword64)ad[13] * bd[ 8]
+ + (sword64)ad[14] * bd[ 7]
+ + (sword64)ad[15] * bd[ 6];
+ t[22] = (word64) (sword64)ad[ 7] * bd[15]
+ + (sword64)ad[ 8] * bd[14]
+ + (sword64)ad[ 9] * bd[13]
+ + (sword64)ad[10] * bd[12]
+ + (sword64)ad[11] * bd[11]
+ + (sword64)ad[12] * bd[10]
+ + (sword64)ad[13] * bd[ 9]
+ + (sword64)ad[14] * bd[ 8]
+ + (sword64)ad[15] * bd[ 7];
+ t[23] = (word64) (sword64)ad[ 8] * bd[15]
+ + (sword64)ad[ 9] * bd[14]
+ + (sword64)ad[10] * bd[13]
+ + (sword64)ad[11] * bd[12]
+ + (sword64)ad[12] * bd[11]
+ + (sword64)ad[13] * bd[10]
+ + (sword64)ad[14] * bd[ 9]
+ + (sword64)ad[15] * bd[ 8];
+ t[24] = (word64) (sword64)ad[ 9] * bd[15]
+ + (sword64)ad[10] * bd[14]
+ + (sword64)ad[11] * bd[13]
+ + (sword64)ad[12] * bd[12]
+ + (sword64)ad[13] * bd[11]
+ + (sword64)ad[14] * bd[10]
+ + (sword64)ad[15] * bd[ 9];
+ t[25] = (word64) (sword64)ad[10] * bd[15]
+ + (sword64)ad[11] * bd[14]
+ + (sword64)ad[12] * bd[13]
+ + (sword64)ad[13] * bd[12]
+ + (sword64)ad[14] * bd[11]
+ + (sword64)ad[15] * bd[10];
+ t[26] = (word64) (sword64)ad[11] * bd[15]
+ + (sword64)ad[12] * bd[14]
+ + (sword64)ad[13] * bd[13]
+ + (sword64)ad[14] * bd[12]
+ + (sword64)ad[15] * bd[11];
+ t[27] = (word64) (sword64)ad[12] * bd[15]
+ + (sword64)ad[13] * bd[14]
+ + (sword64)ad[14] * bd[13]
+ + (sword64)ad[15] * bd[12];
+ t[28] = (word64) (sword64)ad[13] * bd[15]
+ + (sword64)ad[14] * bd[14]
+ + (sword64)ad[15] * bd[13];
+ t[29] = (word64) (sword64)ad[14] * bd[15]
+ + (sword64)ad[15] * bd[14];
+ t[30] = (word64) (sword64)ad[15] * bd[15];
t[31] = 0;
/* Mod curve order */
@@ -6202,62 +6202,62 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
o = rd[14] >> 28; rd[15] += o; rd[14] = rd[14] & 0xfffffff;
/* Convert to bytes */
- r[ 0] = (rd[0 ] >> 0);
- r[ 1] = (rd[0 ] >> 8);
- r[ 2] = (rd[0 ] >> 16);
- r[ 3] = (rd[0 ] >> 24) + ((rd[1 ] >> 0) << 4);
- r[ 4] = (rd[1 ] >> 4);
- r[ 5] = (rd[1 ] >> 12);
- r[ 6] = (rd[1 ] >> 20);
- r[ 7] = (rd[2 ] >> 0);
- r[ 8] = (rd[2 ] >> 8);
- r[ 9] = (rd[2 ] >> 16);
- r[10] = (rd[2 ] >> 24) + ((rd[3 ] >> 0) << 4);
- r[11] = (rd[3 ] >> 4);
- r[12] = (rd[3 ] >> 12);
- r[13] = (rd[3 ] >> 20);
- r[14] = (rd[4 ] >> 0);
- r[15] = (rd[4 ] >> 8);
- r[16] = (rd[4 ] >> 16);
- r[17] = (rd[4 ] >> 24) + ((rd[5 ] >> 0) << 4);
- r[18] = (rd[5 ] >> 4);
- r[19] = (rd[5 ] >> 12);
- r[20] = (rd[5 ] >> 20);
- r[21] = (rd[6 ] >> 0);
- r[22] = (rd[6 ] >> 8);
- r[23] = (rd[6 ] >> 16);
- r[24] = (rd[6 ] >> 24) + ((rd[7 ] >> 0) << 4);
- r[25] = (rd[7 ] >> 4);
- r[26] = (rd[7 ] >> 12);
- r[27] = (rd[7 ] >> 20);
- r[28] = (rd[8 ] >> 0);
- r[29] = (rd[8 ] >> 8);
- r[30] = (rd[8 ] >> 16);
- r[31] = (rd[8 ] >> 24) + ((rd[9 ] >> 0) << 4);
- r[32] = (rd[9 ] >> 4);
- r[33] = (rd[9 ] >> 12);
- r[34] = (rd[9 ] >> 20);
- r[35] = (rd[10] >> 0);
- r[36] = (rd[10] >> 8);
- r[37] = (rd[10] >> 16);
- r[38] = (rd[10] >> 24) + ((rd[11] >> 0) << 4);
- r[39] = (rd[11] >> 4);
- r[40] = (rd[11] >> 12);
- r[41] = (rd[11] >> 20);
- r[42] = (rd[12] >> 0);
- r[43] = (rd[12] >> 8);
- r[44] = (rd[12] >> 16);
- r[45] = (rd[12] >> 24) + ((rd[13] >> 0) << 4);
- r[46] = (rd[13] >> 4);
- r[47] = (rd[13] >> 12);
- r[48] = (rd[13] >> 20);
- r[49] = (rd[14] >> 0);
- r[50] = (rd[14] >> 8);
- r[51] = (rd[14] >> 16);
- r[52] = (rd[14] >> 24) + ((rd[15] >> 0) << 4);
- r[53] = (rd[15] >> 4);
- r[54] = (rd[15] >> 12);
- r[55] = (rd[15] >> 20);
+ r[ 0] = (byte)(rd[0 ] >> 0);
+ r[ 1] = (byte)(rd[0 ] >> 8);
+ r[ 2] = (byte)(rd[0 ] >> 16);
+ r[ 3] = (byte)(rd[0 ] >> 24) + ((rd[1 ] >> 0) << 4);
+ r[ 4] = (byte)(rd[1 ] >> 4);
+ r[ 5] = (byte)(rd[1 ] >> 12);
+ r[ 6] = (byte)(rd[1 ] >> 20);
+ r[ 7] = (byte)(rd[2 ] >> 0);
+ r[ 8] = (byte)(rd[2 ] >> 8);
+ r[ 9] = (byte)(rd[2 ] >> 16);
+ r[10] = (byte)(rd[2 ] >> 24) + ((rd[3 ] >> 0) << 4);
+ r[11] = (byte)(rd[3 ] >> 4);
+ r[12] = (byte)(rd[3 ] >> 12);
+ r[13] = (byte)(rd[3 ] >> 20);
+ r[14] = (byte)(rd[4 ] >> 0);
+ r[15] = (byte)(rd[4 ] >> 8);
+ r[16] = (byte)(rd[4 ] >> 16);
+ r[17] = (byte)(rd[4 ] >> 24) + ((rd[5 ] >> 0) << 4);
+ r[18] = (byte)(rd[5 ] >> 4);
+ r[19] = (byte)(rd[5 ] >> 12);
+ r[20] = (byte)(rd[5 ] >> 20);
+ r[21] = (byte)(rd[6 ] >> 0);
+ r[22] = (byte)(rd[6 ] >> 8);
+ r[23] = (byte)(rd[6 ] >> 16);
+ r[24] = (byte)(rd[6 ] >> 24) + ((rd[7 ] >> 0) << 4);
+ r[25] = (byte)(rd[7 ] >> 4);
+ r[26] = (byte)(rd[7 ] >> 12);
+ r[27] = (byte)(rd[7 ] >> 20);
+ r[28] = (byte)(rd[8 ] >> 0);
+ r[29] = (byte)(rd[8 ] >> 8);
+ r[30] = (byte)(rd[8 ] >> 16);
+ r[31] = (byte)(rd[8 ] >> 24) + ((rd[9 ] >> 0) << 4);
+ r[32] = (byte)(rd[9 ] >> 4);
+ r[33] = (byte)(rd[9 ] >> 12);
+ r[34] = (byte)(rd[9 ] >> 20);
+ r[35] = (byte)(rd[10] >> 0);
+ r[36] = (byte)(rd[10] >> 8);
+ r[37] = (byte)(rd[10] >> 16);
+ r[38] = (byte)(rd[10] >> 24) + ((rd[11] >> 0) << 4);
+ r[39] = (byte)(rd[11] >> 4);
+ r[40] = (byte)(rd[11] >> 12);
+ r[41] = (byte)(rd[11] >> 20);
+ r[42] = (byte)(rd[12] >> 0);
+ r[43] = (byte)(rd[12] >> 8);
+ r[44] = (byte)(rd[12] >> 16);
+ r[45] = (byte)(rd[12] >> 24) + ((rd[13] >> 0) << 4);
+ r[46] = (byte)(rd[13] >> 4);
+ r[47] = (byte)(rd[13] >> 12);
+ r[48] = (byte)(rd[13] >> 20);
+ r[49] = (byte)(rd[14] >> 0);
+ r[50] = (byte)(rd[14] >> 8);
+ r[51] = (byte)(rd[14] >> 16);
+ r[52] = (byte)(rd[14] >> 24) + ((rd[15] >> 0) << 4);
+ r[53] = (byte)(rd[15] >> 4);
+ r[54] = (byte)(rd[15] >> 12);
+ r[55] = (byte)(rd[15] >> 20);
r[56] = 0;
}
@@ -10455,7 +10455,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p)
fe448_mul(x, p->X, recip);
fe448_mul(y, p->Y, recip);
fe448_to_bytes(b, y);
- b[56] = fe448_isnegative(x) << 7;
+ b[56] = (byte)fe448_isnegative(x) << 7;
}
/* Convert point to byte array assuming z is 1.
@@ -10466,7 +10466,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p)
static void ge448_p2z1_to_bytes(byte *b, const ge448_p2 *p)
{
fe448_to_bytes(b, p->Y);
- b[56] = fe448_isnegative(p->X) << 7;
+ b[56] = (byte)fe448_isnegative(p->X) << 7;
}
/* Compress the point to y-ordinate and negative bit.
@@ -10543,7 +10543,7 @@ static void ge448_select(ge448_precomp* r, int pos, byte b)
{
ge448 minusx[16];
byte bnegative = negative(b);
- byte babs = b - (((-bnegative) & b) << 1);
+ byte babs = (byte)(b - (((-bnegative) & b) << 1));
ge448_precomp_0(r);
cmov(r, &base[pos][0], babs, 1);
@@ -10575,12 +10575,12 @@ void ge448_scalarmult_base(ge448_p2* r, const byte* a)
e[2 * i + 0] = ((a[i] >> 0) & 0xf) + carry;
carry = e[2 * i + 0] + 8;
carry >>= 4;
- e[2 * i + 0] -= carry << 4;
+ e[2 * i + 0] -= (byte)(carry << 4);
e[2 * i + 1] = ((a[i] >> 4) & 0xf) + carry;
carry = e[2 * i + 1] + 8;
carry >>= 4;
- e[2 * i + 1] -= carry << 4;
+ e[2 * i + 1] -= (byte)(carry << 4);
}
e[112] = carry;
/* each e[i] is between -8 and 8 */
@@ -10633,10 +10633,11 @@ static void slide(sword8 *r, const byte *a)
}
if (r[i] + (r[i + b] << b) <= 31) {
- r[i] += r[i + b] << b; r[i + b] = 0;
+ r[i] += (sword8)(r[i + b] << b);
+ r[i + b] = 0;
}
else if (r[i] - (r[i + b] << b) >= -31) {
- r[i] -= r[i + b] << b;
+ r[i] -= (sword8)(r[i + b] << b);
for (k = i + b; k < 448; ++k) {
if (!r[k]) {
r[k] = 1;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c
index c4fa510c..abe6ea69 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c
@@ -442,28 +442,6 @@ void ge_scalarmult_base(ge_p3 *R,const unsigned char *nonce)
/* pack the point h into array s */
-void ge_p3_tobytes(unsigned char *s,const ge_p3 *h)
-{
- byte x[F25519_SIZE];
- byte y[F25519_SIZE];
- byte z1[F25519_SIZE];
- byte parity;
-
- fe_inv__distinct(z1, h->Z);
- fe_mul__distinct(x, h->X, z1);
- fe_mul__distinct(y, h->Y, z1);
-
- fe_normalize(x);
- fe_normalize(y);
-
- parity = (x[0] & 1) << 7;
- lm_copy(s, y);
- fe_normalize(s);
- s[31] |= parity;
-}
-
-
-/* pack the point h into array s */
void ge_tobytes(unsigned char *s,const ge_p2 *h)
{
byte x[F25519_SIZE];
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c
index 95f4f308..57a838cd 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c
@@ -58,19 +58,23 @@
static void ge_p2_0(ge_p2 *h);
#ifndef CURVED25519_ASM
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
static void ge_precomp_0(ge_precomp *h);
+#endif
static void ge_p3_to_p2(ge_p2 *r,const ge_p3 *p);
#endif
static WC_INLINE void ge_p3_to_cached(ge_cached *r,const ge_p3 *p);
+
+#ifndef CURVED25519_ASM
static void ge_p1p1_to_p2(ge_p2 *r,const ge_p1p1 *p);
static WC_INLINE void ge_p1p1_to_p3(ge_p3 *r,const ge_p1p1 *p);
static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p);
static void ge_p3_dbl(ge_p1p1 *r,const ge_p3 *p);
-
static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q);
static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q);
static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q);
static WC_INLINE void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q);
+#endif
/*
ge means group element.
@@ -95,28 +99,6 @@ Representations:
#define ORDER_4 0x1dea2f
#define ORDER_5 0xa6f7c
-#ifdef CURVED25519_ASM_32BIT
-word64 load_3(const unsigned char *in)
-{
- word64 result;
- result = (word64) in[0];
- result |= ((word64) in[1]) << 8;
- result |= ((word64) in[2]) << 16;
- return result;
-}
-
-
-word64 load_4(const unsigned char *in)
-{
- word64 result;
- result = (word64) in[0];
- result |= ((word64) in[1]) << 8;
- result |= ((word64) in[2]) << 16;
- result |= ((word64) in[3]) << 24;
- return result;
-}
-#endif
-
/*
Input:
s[0]+256*s[1]+...+256^63*s[63] = s
@@ -126,6 +108,7 @@ Output:
where l = 2^252 + 27742317777372353535851937790883648493.
Overwrites s in place.
*/
+#ifndef CURVED25519_ASM
void sc_reduce(byte* s)
{
sword64 t[24];
@@ -638,7 +621,9 @@ void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
s[30] = (byte)(t[11] >> 9);
s[31] = (byte)(t[11] >> 17);
}
+#endif
#else
+#ifndef CURVED25519_ASM
static word64 load_6(const byte* a)
{
word64 n;
@@ -744,38 +729,38 @@ void sc_reduce(byte* s)
carry = t[ 3] >> 42; t[ 4] += carry; t[ 3] &= MASK_42;
carry = t[ 4] >> 42; t[ 5] += carry; t[ 4] &= MASK_42;
- s[ 0] = (t[ 0] >> 0);
- s[ 1] = (t[ 0] >> 8);
- s[ 2] = (t[ 0] >> 16);
- s[ 3] = (t[ 0] >> 24);
- s[ 4] = (t[ 0] >> 32);
- s[ 5] = (t[ 0] >> 40) | (t[ 1] << 2);
- s[ 6] = (t[ 1] >> 6);
- s[ 7] = (t[ 1] >> 14);
- s[ 8] = (t[ 1] >> 22);
- s[ 9] = (t[ 1] >> 30);
- s[10] = (t[ 1] >> 38) | (t[ 2] << 4);
- s[11] = (t[ 2] >> 4);
- s[12] = (t[ 2] >> 12);
- s[13] = (t[ 2] >> 20);
- s[14] = (t[ 2] >> 28);
- s[15] = (t[ 2] >> 36) | (t[ 3] << 6);
- s[16] = (t[ 3] >> 2);
- s[17] = (t[ 3] >> 10);
- s[18] = (t[ 3] >> 18);
- s[19] = (t[ 3] >> 26);
- s[20] = (t[ 3] >> 34);
- s[21] = (t[ 4] >> 0);
- s[22] = (t[ 4] >> 8);
- s[23] = (t[ 4] >> 16);
- s[24] = (t[ 4] >> 24);
- s[25] = (t[ 4] >> 32);
- s[26] = (t[ 4] >> 40) | (t[ 5] << 2);
- s[27] = (t[ 5] >> 6);
- s[28] = (t[ 5] >> 14);
- s[29] = (t[ 5] >> 22);
- s[30] = (t[ 5] >> 30);
- s[31] = (t[ 5] >> 38);
+ s[ 0] = (byte)(t[ 0] >> 0);
+ s[ 1] = (byte)(t[ 0] >> 8);
+ s[ 2] = (byte)(t[ 0] >> 16);
+ s[ 3] = (byte)(t[ 0] >> 24);
+ s[ 4] = (byte)(t[ 0] >> 32);
+ s[ 5] = (byte)(t[ 0] >> 40) | (byte)(t[ 1] << 2);
+ s[ 6] = (byte)(t[ 1] >> 6);
+ s[ 7] = (byte)(t[ 1] >> 14);
+ s[ 8] = (byte)(t[ 1] >> 22);
+ s[ 9] = (byte)(t[ 1] >> 30);
+ s[10] = (byte)(t[ 1] >> 38) | (byte)(t[ 2] << 4);
+ s[11] = (byte)(t[ 2] >> 4);
+ s[12] = (byte)(t[ 2] >> 12);
+ s[13] = (byte)(t[ 2] >> 20);
+ s[14] = (byte)(t[ 2] >> 28);
+ s[15] = (byte)(t[ 2] >> 36) | (byte)(t[ 3] << 6);
+ s[16] = (byte)(t[ 3] >> 2);
+ s[17] = (byte)(t[ 3] >> 10);
+ s[18] = (byte)(t[ 3] >> 18);
+ s[19] = (byte)(t[ 3] >> 26);
+ s[20] = (byte)(t[ 3] >> 34);
+ s[21] = (byte)(t[ 4] >> 0);
+ s[22] = (byte)(t[ 4] >> 8);
+ s[23] = (byte)(t[ 4] >> 16);
+ s[24] = (byte)(t[ 4] >> 24);
+ s[25] = (byte)(t[ 4] >> 32);
+ s[26] = (byte)(t[ 4] >> 40) | (byte)(t[ 5] << 2);
+ s[27] = (byte)(t[ 5] >> 6);
+ s[28] = (byte)(t[ 5] >> 14);
+ s[29] = (byte)(t[ 5] >> 22);
+ s[30] = (byte)(t[ 5] >> 30);
+ s[31] = (byte)(t[ 5] >> 38);
}
/*
@@ -896,59 +881,57 @@ void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
carry = t[ 3] >> 42; t[ 4] += carry; t[ 3] &= MASK_42;
carry = t[ 4] >> 42; t[ 5] += carry; t[ 4] &= MASK_42;
- s[ 0] = (t[ 0] >> 0);
- s[ 1] = (t[ 0] >> 8);
- s[ 2] = (t[ 0] >> 16);
- s[ 3] = (t[ 0] >> 24);
- s[ 4] = (t[ 0] >> 32);
- s[ 5] = (t[ 0] >> 40) | (t[ 1] << 2);
- s[ 6] = (t[ 1] >> 6);
- s[ 7] = (t[ 1] >> 14);
- s[ 8] = (t[ 1] >> 22);
- s[ 9] = (t[ 1] >> 30);
- s[10] = (t[ 1] >> 38) | (t[ 2] << 4);
- s[11] = (t[ 2] >> 4);
- s[12] = (t[ 2] >> 12);
- s[13] = (t[ 2] >> 20);
- s[14] = (t[ 2] >> 28);
- s[15] = (t[ 2] >> 36) | (t[ 3] << 6);
- s[16] = (t[ 3] >> 2);
- s[17] = (t[ 3] >> 10);
- s[18] = (t[ 3] >> 18);
- s[19] = (t[ 3] >> 26);
- s[20] = (t[ 3] >> 34);
- s[21] = (t[ 4] >> 0);
- s[22] = (t[ 4] >> 8);
- s[23] = (t[ 4] >> 16);
- s[24] = (t[ 4] >> 24);
- s[25] = (t[ 4] >> 32);
- s[26] = (t[ 4] >> 40) | (t[ 5] << 2);
- s[27] = (t[ 5] >> 6);
- s[28] = (t[ 5] >> 14);
- s[29] = (t[ 5] >> 22);
- s[30] = (t[ 5] >> 30);
- s[31] = (t[ 5] >> 38);
+ s[ 0] = (byte)(t[ 0] >> 0);
+ s[ 1] = (byte)(t[ 0] >> 8);
+ s[ 2] = (byte)(t[ 0] >> 16);
+ s[ 3] = (byte)(t[ 0] >> 24);
+ s[ 4] = (byte)(t[ 0] >> 32);
+ s[ 5] = (byte)(t[ 0] >> 40) | (byte)(t[ 1] << 2);
+ s[ 6] = (byte)(t[ 1] >> 6);
+ s[ 7] = (byte)(t[ 1] >> 14);
+ s[ 8] = (byte)(t[ 1] >> 22);
+ s[ 9] = (byte)(t[ 1] >> 30);
+ s[10] = (byte)(t[ 1] >> 38) | (byte)(t[ 2] << 4);
+ s[11] = (byte)(t[ 2] >> 4);
+ s[12] = (byte)(t[ 2] >> 12);
+ s[13] = (byte)(t[ 2] >> 20);
+ s[14] = (byte)(t[ 2] >> 28);
+ s[15] = (byte)(t[ 2] >> 36) | (byte)(t[ 3] << 6);
+ s[16] = (byte)(t[ 3] >> 2);
+ s[17] = (byte)(t[ 3] >> 10);
+ s[18] = (byte)(t[ 3] >> 18);
+ s[19] = (byte)(t[ 3] >> 26);
+ s[20] = (byte)(t[ 3] >> 34);
+ s[21] = (byte)(t[ 4] >> 0);
+ s[22] = (byte)(t[ 4] >> 8);
+ s[23] = (byte)(t[ 4] >> 16);
+ s[24] = (byte)(t[ 4] >> 24);
+ s[25] = (byte)(t[ 4] >> 32);
+ s[26] = (byte)(t[ 4] >> 40) | (byte)(t[ 5] << 2);
+ s[27] = (byte)(t[ 5] >> 6);
+ s[28] = (byte)(t[ 5] >> 14);
+ s[29] = (byte)(t[ 5] >> 22);
+ s[30] = (byte)(t[ 5] >> 30);
+ s[31] = (byte)(t[ 5] >> 38);
}
+#endif /* !CURVED25519_ASM */
#endif /* !HAVE___UINT128_T || NO_CURVED25519_128BIT */
int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz)
{
- ge x,y,z;
- ge_p3 g;
- byte bArray[ED25519_KEY_SIZE];
+ ge_p2 g;
+ ALIGN16 byte bArray[ED25519_KEY_SIZE];
+ ALIGN16 byte x[ED25519_PUB_KEY_SIZE];
+ ALIGN16 byte y[ED25519_PUB_KEY_SIZE];
word32 i;
- fe_0(x);
- fe_0(y);
- fe_1(z);
- fe_frombytes(x, xIn);
- fe_frombytes(y, yIn);
-
- fe_copy(g.X, x);
- fe_copy(g.Y, y);
- fe_copy(g.Z, z);
+ XMEMCPY(x, xIn, ED25519_PUB_KEY_SIZE);
+ XMEMCPY(y, yIn, ED25519_PUB_KEY_SIZE);
+ fe_frombytes(g.X, x);
+ fe_frombytes(g.Y, y);
+ fe_1(g.Z);
- ge_p3_tobytes(bArray, &g);
+ ge_tobytes(bArray, &g);
for (i = 0; i < keySz; i++) {
out[keySz - 1 - i] = bArray[i];
@@ -961,9 +944,9 @@ int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz)
/*
r = p + q
*/
+#ifndef CURVED25519_ASM
static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
{
-#ifndef CURVED25519_ASM
ge t0;
fe_add(r->X,p->Y,p->X);
fe_sub(r->Y,p->Y,p->X);
@@ -976,31 +959,27 @@ static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
fe_add(r->Y,r->Z,r->Y);
fe_add(r->Z,t0,r->T);
fe_sub(r->T,t0,r->T);
-#else
- fe_ge_add(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->Z, q->T2d,
- q->YplusX, q->YminusX);
-#endif
}
+#endif
#ifndef CURVED25519_ASM
/* ge_scalar mult base */
-static unsigned char equal(signed char b,signed char c)
+static unsigned char equal(unsigned char b,unsigned char c)
{
- unsigned char ub = b;
- unsigned char uc = c;
- unsigned char x = ub ^ uc; /* 0: yes; 1..255: no */
+ unsigned char x = b ^ c; /* 0: yes; 1..255: no */
word32 y = x; /* 0: yes; 1..255: no */
y -= 1; /* 4294967295: yes; 0..254: no */
y >>= 31; /* 1: yes; 0: no */
return (unsigned char)y;
}
-
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
static unsigned char negative(signed char b)
{
return ((unsigned char)b) >> 7;
}
+#endif
static WC_INLINE void cmov(ge_precomp *t,const ge_precomp *u,unsigned char b,
@@ -1013,6 +992,7 @@ static WC_INLINE void cmov(ge_precomp *t,const ge_precomp *u,unsigned char b,
}
#endif
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
#ifdef CURVED25519_ASM_64BIT
static const ge_precomp base[64][8] = {
{
@@ -9098,7 +9078,7 @@ static void ge_select(ge_precomp *t,int pos,signed char b)
#ifndef CURVED25519_ASM
ge_precomp minust;
unsigned char bnegative = negative(b);
- unsigned char babs = b - (((-bnegative) & b) << 1);
+ unsigned char babs = (unsigned char)(b - (((-bnegative) & b) << 1));
ge_precomp_0(t);
cmov(t,&base[pos][0],babs,1);
@@ -9148,7 +9128,7 @@ void ge_scalarmult_base(ge_p3 *h,const unsigned char *a)
e[i] += carry;
carry = e[i] + 8;
carry >>= 4;
- e[i] -= carry << 4;
+ e[i] -= (signed char)(carry << 4);
}
e[63] += carry;
/* each e[i] is between -8 and 8 */
@@ -9190,6 +9170,7 @@ void ge_scalarmult_base(ge_p3 *h,const unsigned char *a)
}
#endif
}
+#endif /* HAVE_ED25519_SIGN || HAVE_ED25519_MAKE_KEY */
#define SLIDE_SIZE 256
@@ -9209,9 +9190,9 @@ static void slide(signed char *r,const unsigned char *a)
for (b = 1;b <= 6 && i + b < SLIDE_SIZE;++b) {
if (r[i + b]) {
if (r[i] + (r[i + b] << b) <= 15) {
- r[i] += r[i + b] << b; r[i + b] = 0;
+ r[i] += (signed char)(r[i + b] << b); r[i + b] = 0;
} else if (r[i] - (r[i + b] << b) >= -15) {
- r[i] -= r[i + b] << b;
+ r[i] -= (signed char)(r[i + b] << b);
for (k = i + b;k < SLIDE_SIZE;++k) {
if (!r[k]) {
r[k] = 1;
@@ -9598,9 +9579,9 @@ int ge_frombytes_negate_vartime(ge_p3 *h,const unsigned char *s)
r = p + q
*/
+#ifndef CURVED25519_ASM
static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
{
-#ifndef CURVED25519_ASM
ge t0;
fe_add(r->X,p->Y,p->X);
fe_sub(r->Y,p->Y,p->X);
@@ -9612,11 +9593,8 @@ static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
fe_add(r->Y,r->Z,r->Y);
fe_add(r->Z,t0,r->T);
fe_sub(r->T,t0,r->T);
-#else
- fe_ge_madd(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->xy2d,
- q->yplusx, q->yminusx);
-#endif
}
+#endif
/* ge msub */
@@ -9625,9 +9603,9 @@ static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
r = p - q
*/
+#ifndef CURVED25519_ASM
static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
{
-#ifndef CURVED25519_ASM
ge t0;
fe_add(r->X,p->Y,p->X);
fe_sub(r->Y,p->Y,p->X);
@@ -9639,11 +9617,8 @@ static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
fe_add(r->Y,r->Z,r->Y);
fe_sub(r->Z,t0,r->T);
fe_add(r->T,t0,r->T);
-#else
- fe_ge_msub(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->xy2d,
- q->yplusx, q->yminusx);
-#endif
}
+#endif
/* ge p1p1 to p2 */
@@ -9651,16 +9626,14 @@ static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
r = p
*/
+#ifndef CURVED25519_ASM
static void ge_p1p1_to_p2(ge_p2 *r,const ge_p1p1 *p)
{
-#ifndef CURVED25519_ASM
fe_mul(r->X,p->X,p->T);
fe_mul(r->Y,p->Y,p->Z);
fe_mul(r->Z,p->Z,p->T);
-#else
- fe_ge_to_p2(r->X, r->Y, r->Z, p->X, p->Y, p->Z, p->T);
-#endif
}
+#endif
/* ge p1p1 to p3 */
@@ -9669,17 +9642,15 @@ static void ge_p1p1_to_p2(ge_p2 *r,const ge_p1p1 *p)
r = p
*/
+#ifndef CURVED25519_ASM
static WC_INLINE void ge_p1p1_to_p3(ge_p3 *r,const ge_p1p1 *p)
{
-#ifndef CURVED25519_ASM
fe_mul(r->X,p->X,p->T);
fe_mul(r->Y,p->Y,p->Z);
fe_mul(r->Z,p->Z,p->T);
fe_mul(r->T,p->X,p->Y);
-#else
- fe_ge_to_p3(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T);
-#endif
}
+#endif
/* ge p2 0 */
@@ -9698,9 +9669,9 @@ static void ge_p2_0(ge_p2 *h)
r = 2 * p
*/
+#ifndef CURVED25519_ASM
static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p)
{
-#ifndef CURVED25519_ASM
ge t0;
fe_sq(r->X,p->X);
fe_sq(r->Z,p->Y);
@@ -9711,10 +9682,8 @@ static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p)
fe_sub(r->Z,r->Z,r->X);
fe_sub(r->X,t0,r->Y);
fe_sub(r->T,r->T,r->Z);
-#else
- fe_ge_dbl(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z);
-#endif
}
+#endif
/* ge p3 dble */
@@ -9723,16 +9692,14 @@ static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p)
r = 2 * p
*/
+#ifndef CURVED25519_ASM
static void ge_p3_dbl(ge_p1p1 *r,const ge_p3 *p)
{
-#ifndef CURVED25519_ASM
ge_p2 q;
ge_p3_to_p2(&q,p);
ge_p2_dbl(r,&q);
-#else
- fe_ge_dbl(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z);
-#endif
}
+#endif
/* ge p3 to cached */
@@ -9786,6 +9753,7 @@ static void ge_p3_to_p2(ge_p2 *r,const ge_p3 *p)
#endif
+#ifdef GE_P3_TOBYTES_IMPL
/* ge p3 tobytes */
void ge_p3_tobytes(unsigned char *s,const ge_p3 *h)
{
@@ -9797,11 +9765,13 @@ void ge_p3_tobytes(unsigned char *s,const ge_p3 *h)
fe_mul(x,h->X,recip);
fe_mul(y,h->Y,recip);
fe_tobytes(s,y);
- s[31] ^= fe_isnegative(x) << 7;
+ s[31] ^= (unsigned char)(fe_isnegative(x) << 7);
}
+#endif
#ifndef CURVED25519_ASM
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
/* ge_precomp_0 */
static void ge_precomp_0(ge_precomp *h)
{
@@ -9810,6 +9780,7 @@ static void ge_precomp_0(ge_precomp *h)
fe_0(h->xy2d);
}
#endif
+#endif
/* ge_sub */
@@ -9817,9 +9788,9 @@ static void ge_precomp_0(ge_precomp *h)
r = p - q
*/
+#ifndef CURVED25519_ASM
static WC_INLINE void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
{
-#ifndef CURVED25519_ASM
ge t0;
fe_add(r->X,p->Y,p->X);
fe_sub(r->Y,p->Y,p->X);
@@ -9832,12 +9803,8 @@ static WC_INLINE void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
fe_add(r->Y,r->Z,r->Y);
fe_sub(r->Z,t0,r->T);
fe_add(r->T,t0,r->T);
-#else
- fe_ge_sub(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->Z, q->T2d,
- q->YplusX, q->YminusX);
-#endif
}
-
+#endif
/* ge tobytes */
void ge_tobytes(unsigned char *s,const ge_p2 *h)
@@ -9850,7 +9817,7 @@ void ge_tobytes(unsigned char *s,const ge_p2 *h)
fe_mul(x,h->X,recip);
fe_mul(y,h->Y,recip);
fe_tobytes(s,y);
- s[31] ^= fe_isnegative(x) << 7;
+ s[31] ^= (unsigned char)(fe_isnegative(x) << 7);
}
#endif /* !ED25519_SMALL */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c
index 7a146359..7f614803 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c
@@ -59,7 +59,8 @@ enum Hash_Sum {
SHA3_384h = 422,
SHA3_512h = 423,
SHAKE128h = 424,
- SHAKE256h = 425
+ SHAKE256h = 425,
+ SM3h = 640 /* 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x11 */
};
#endif /* !NO_ASN */
@@ -121,6 +122,11 @@ enum wc_HashType wc_HashTypeConvert(int hashType)
eHashType = WC_HASH_TYPE_SHA3_512;
break;
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ eHashType = WC_HASH_TYPE_SM3;
+ break;
+ #endif
default:
eHashType = WC_HASH_TYPE_NONE;
break;
@@ -222,6 +228,11 @@ int wc_HashGetOID(enum wc_HashType hash_type)
oid = SHAKE256h;
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ oid = SM3h;
+ break;
+ #endif
/* Not Supported */
case WC_HASH_TYPE_MD4:
@@ -289,6 +300,11 @@ enum wc_HashType wc_OidGetHash(int oid)
hash_type = WC_HASH_TYPE_SHA3_512;
break;
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case SM3h:
+ hash_type = WC_HASH_TYPE_SM3;
+ break;
+ #endif
default:
break;
}
@@ -395,6 +411,12 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ dig_size = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif
+
/* Not Supported */
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
case WC_HASH_TYPE_SHAKE128:
@@ -508,6 +530,12 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type)
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ block_size = WC_SM3_BLOCK_SIZE;
+ break;
+ #endif
+
/* Not Supported */
#if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
case WC_HASH_TYPE_SHAKE128:
@@ -626,6 +654,12 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3Hash(data, data_len, hash);
+ break;
+ #endif
+
/* Not Supported */
case WC_HASH_TYPE_MD2:
case WC_HASH_TYPE_MD4:
@@ -723,6 +757,12 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_InitSm3(&hash->sm3, heap, devId);
+ break;
+ #endif
+
/* not supported */
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD2:
@@ -829,6 +869,12 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3Update(&hash->sm3, data, dataSz);
+ break;
+ #endif
+
/* not supported */
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD2:
@@ -926,6 +972,12 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3Final(&hash->sm3, out);
+ break;
+ #endif
+
/* not supported */
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD2:
@@ -1035,6 +1087,13 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ wc_Sm3Free(&hash->sm3);
+ ret = 0;
+ break;
+ #endif
+
/* not supported */
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD2:
@@ -1110,6 +1169,12 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3SetFlags(&hash->sm3, flags);
+ break;
+ #endif
+
/* not supported */
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD2:
@@ -1183,6 +1248,12 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
#endif
break;
+ #ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+ ret = wc_Sm3GetFlags(&hash->sm3, flags);
+ break;
+ #endif
+
/* not supported */
case WC_HASH_TYPE_MD5_SHA:
case WC_HASH_TYPE_MD2:
@@ -1763,6 +1834,43 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
#endif /* WOLFSSL_SHAKE_256 */
#endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+ int wc_Sm3Hash(const byte* data, word32 len, byte* hash)
+ {
+ int ret = 0;
+ #ifdef WOLFSSL_SMALL_STACK
+ wc_Sm3* sm3;
+ #else
+ wc_Sm3 sm3[1];
+ #endif
+
+ #ifdef WOLFSSL_SMALL_STACK
+ sm3 = (wc_Sm3*)XMALLOC(sizeof(wc_Sm3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sm3 == NULL)
+ return MEMORY_E;
+ #endif
+
+ if ((ret = wc_InitSm3(sm3, NULL, INVALID_DEVID)) != 0) {
+ WOLFSSL_MSG("InitSm3 failed");
+ }
+ else {
+ if ((ret = wc_Sm3Update(sm3, data, len)) != 0) {
+ WOLFSSL_MSG("Sm3Update failed");
+ }
+ else if ((ret = wc_Sm3Final(sm3, hash)) != 0) {
+ WOLFSSL_MSG("Sm3Final failed");
+ }
+ wc_Sm3Free(sm3);
+ }
+
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(sm3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ #endif
+
+ return ret;
+ }
+#endif /* !WOLFSSL_NOSHA3_224 */
+
#endif /* !NO_HASH_WRAPPER */
#ifdef WOLFSSL_HASH_KEEP
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c b/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c
index 05886875..83e693b2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c
@@ -65,82 +65,14 @@
#endif
-/* fips wrapper calls, user can call direct */
-/* If building for old FIPS. */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
- /* does init */
- int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
- {
- if (hmac == NULL || (key == NULL && keySz != 0) ||
- !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 ||
- type == WC_SHA384 || type == WC_SHA512)) {
- return BAD_FUNC_ARG;
- }
-
- return HmacSetKey_fips(hmac, type, key, keySz);
- }
- int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
- {
- if (hmac == NULL || (in == NULL && sz > 0)) {
- return BAD_FUNC_ARG;
- }
-
- return HmacUpdate_fips(hmac, in, sz);
- }
- int wc_HmacFinal(Hmac* hmac, byte* out)
- {
- if (hmac == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return HmacFinal_fips(hmac, out);
- }
- int wolfSSL_GetHmacMaxSize(void)
- {
- return CyaSSL_GetHmacMaxSize();
- }
-
- int wc_HmacInit(Hmac* hmac, void* heap, int devId)
- {
- #ifndef WOLFSSL_KCAPI_HMAC
- (void)hmac;
- (void)heap;
- (void)devId;
- return 0;
- #else
- return HmacInit(hmac, heap, devId);
- #endif
- }
- void wc_HmacFree(Hmac* hmac)
- {
- #ifndef WOLFSSL_KCAPI_HMAC
- (void)hmac;
- #else
- HmacFree(hmac);
- #endif
- }
-
- #ifdef HAVE_HKDF
- int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
- const byte* salt, word32 saltSz,
- const byte* info, word32 infoSz,
- byte* out, word32 outSz)
- {
- return HKDF(type, inKey, inKeySz, salt, saltSz,
- info, infoSz, out, outSz);
- }
- #endif /* HAVE_HKDF */
-
-#else /* else build without fips, or for new fips */
-
-
int wc_HmacSizeByType(int type)
{
int ret;
if (!(type == WC_MD5 || type == WC_SHA ||
+ #ifdef WOLFSSL_SM3
+ type == WC_SM3 ||
+ #endif
type == WC_SHA224 || type == WC_SHA256 ||
type == WC_SHA384 || type == WC_SHA512 ||
type == WC_SHA3_224 || type == WC_SHA3_256 ||
@@ -200,7 +132,12 @@ int wc_HmacSizeByType(int type)
case WC_SHA3_512:
ret = WC_SHA3_512_DIGEST_SIZE;
break;
+ #endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = WC_SM3_DIGEST_SIZE;
+ break;
#endif
default:
@@ -278,6 +215,12 @@ int _InitHmac(Hmac* hmac, int type, void* heap)
#endif
#endif
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = wc_InitSm3(&hmac->hash.sm3, heap, devId);
+ break;
+ #endif
+
default:
ret = BAD_FUNC_ARG;
break;
@@ -306,6 +249,9 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
if (hmac == NULL || (key == NULL && length != 0) ||
!(type == WC_MD5 || type == WC_SHA ||
+ #ifdef WOLFSSL_SM3
+ type == WC_SM3 ||
+ #endif
type == WC_SHA224 || type == WC_SHA256 ||
type == WC_SHA384 || type == WC_SHA512 ||
type == WC_SHA3_224 || type == WC_SHA3_256 ||
@@ -558,6 +504,27 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
#endif
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ hmac_block_size = WC_SM3_BLOCK_SIZE;
+ if (length <= WC_SM3_BLOCK_SIZE) {
+ if (key != NULL) {
+ XMEMCPY(ip, key, length);
+ }
+ }
+ else {
+ ret = wc_Sm3Update(&hmac->hash.sm3, key, length);
+ if (ret != 0)
+ break;
+ ret = wc_Sm3Final(&hmac->hash.sm3, ip);
+ if (ret != 0)
+ break;
+
+ length = WC_SM3_DIGEST_SIZE;
+ }
+ break;
+ #endif
+
default:
return BAD_FUNC_ARG;
}
@@ -670,6 +637,13 @@ static int HmacKeyInnerHash(Hmac* hmac)
#endif
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = wc_Sm3Update(&hmac->hash.sm3, (byte*)hmac->ipad,
+ WC_SM3_BLOCK_SIZE);
+ break;
+ #endif
+
default:
break;
}
@@ -776,6 +750,12 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
#endif
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = wc_Sm3Update(&hmac->hash.sm3, msg, length);
+ break;
+ #endif
+
default:
break;
}
@@ -993,6 +973,23 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
#endif
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ ret = wc_Sm3Final(&hmac->hash.sm3, (byte*)hmac->innerHash);
+ if (ret != 0)
+ break;
+ ret = wc_Sm3Update(&hmac->hash.sm3, (byte*)hmac->opad,
+ WC_SM3_BLOCK_SIZE);
+ if (ret != 0)
+ break;
+ ret = wc_Sm3Update(&hmac->hash.sm3, (byte*)hmac->innerHash,
+ WC_SM3_DIGEST_SIZE);
+ if (ret != 0)
+ break;
+ ret = wc_Sm3Final(&hmac->hash.sm3, hash);
+ break;
+ #endif
+
default:
ret = BAD_FUNC_ARG;
break;
@@ -1167,9 +1164,17 @@ void wc_HmacFree(Hmac* hmac)
#endif
#endif /* WOLFSSL_SHA3 */
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ wc_Sm3Free(&hmac->hash.sm3);
+ break;
+ #endif
+
default:
break;
}
+
+ ForceZero(hmac, sizeof(*hmac));
}
#endif /* WOLFSSL_KCAPI_HMAC */
@@ -1366,5 +1371,4 @@ int wolfSSL_GetHmacMaxSize(void)
#endif /* HAVE_HKDF */
-#endif /* HAVE_FIPS */
#endif /* NO_HMAC */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c b/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c
index b0d7dc44..15e8d856 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c
@@ -117,7 +117,7 @@ static int I2OSP(int n, int w, byte* out)
}
/* make sure the byte string is cleared */
- XMEMSET( out, 0, w );
+ XMEMSET(out, 0, (size_t)w);
for (i = 0; i < w && n > 0; i++) {
out[w-(i + 1)] = (byte)n;
@@ -138,9 +138,9 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
}
XMEMSET(hpke, 0, sizeof(*hpke));
- hpke->kem = kem;
- hpke->kdf = kdf;
- hpke->aead = aead;
+ hpke->kem = (word32)kem;
+ hpke->kdf = (word32)kdf;
+ hpke->aead = (word32)aead;
hpke->heap = heap;
/* set kem_suite_id */
@@ -177,7 +177,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
hpke->curve_id = ECC_SECP256R1;
hpke->Nsecret = WC_SHA256_DIGEST_SIZE;
hpke->Nh = WC_SHA256_DIGEST_SIZE;
- hpke->Ndh = wc_ecc_get_curve_size_from_id(hpke->curve_id);
+ hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
hpke->Npk = 1 + hpke->Ndh * 2;
break;
#endif
@@ -187,7 +187,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
hpke->curve_id = ECC_SECP384R1;
hpke->Nsecret = WC_SHA384_DIGEST_SIZE;
hpke->Nh = WC_SHA384_DIGEST_SIZE;
- hpke->Ndh = wc_ecc_get_curve_size_from_id(hpke->curve_id);
+ hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
hpke->Npk = 1 + hpke->Ndh * 2;
break;
#endif
@@ -197,7 +197,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
hpke->curve_id = ECC_SECP521R1;
hpke->Nsecret = WC_SHA512_DIGEST_SIZE;
hpke->Nh = WC_SHA512_DIGEST_SIZE;
- hpke->Ndh = wc_ecc_get_curve_size_from_id(hpke->curve_id);
+ hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
hpke->Npk = 1 + hpke->Ndh * 2;
break;
#endif
@@ -272,7 +272,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
}
if ((int)hpke->Ndh < 0) {
- return hpke->Ndh;
+ return (int)hpke->Ndh;
}
return ret;
@@ -332,7 +332,7 @@ int wc_HpkeGenerateKeyPair(Hpke* hpke, void** keypair, WC_RNG* rng)
ret = MEMORY_E;
if (ret != 0 && *keypair != NULL) {
- wc_HpkeFreeKey(hpke, hpke->kem, *keypair, hpke->heap);
+ wc_HpkeFreeKey(hpke, (word16)hpke->kem, *keypair, hpke->heap);
*keypair = NULL;
}
@@ -373,7 +373,7 @@ int wc_HpkeSerializePublicKey(Hpke* hpke, void* key, byte* out, word16* outSz)
break;
}
- *outSz = tmpOutSz;
+ *outSz = (word16)tmpOutSz;
return ret;
}
@@ -430,7 +430,7 @@ int wc_HpkeDeserializePublicKey(Hpke* hpke, void** key, const byte* in,
ret = MEMORY_E;
if (ret != 0 && *key != NULL) {
- wc_HpkeFreeKey(hpke, hpke->kem, *key, hpke->heap);
+ wc_HpkeFreeKey(hpke, (word16)hpke->kem, *key, hpke->heap);
*key = NULL;
}
@@ -547,7 +547,7 @@ static int wc_HpkeLabeledExpand(Hpke* hpke, byte* suite_id, word32 suite_id_len,
#endif
/* copy length */
- ret = I2OSP(L, 2, labeled_info);
+ ret = I2OSP((int)L, 2, labeled_info);
labeled_info_p = labeled_info + 2;
if (ret == 0) {
@@ -593,7 +593,7 @@ static int wc_HpkeContextComputeNonce(Hpke* hpke, HpkeBaseContext* context,
/* convert the sequence into a byte string with the same length as the
* nonce */
- ret = I2OSP(context->seq, hpke->Nn, seq_bytes);
+ ret = I2OSP(context->seq, (int)hpke->Nn, seq_bytes);
if (ret == 0) {
xorbufout(out, context->base_nonce, seq_bytes, hpke->Nn);
}
@@ -759,8 +759,8 @@ static int wc_HpkeEncap(Hpke* hpke, void* ephemeralKey, void* receiverKey,
return BAD_FUNC_ARG;
}
- receiverPubKeySz = hpke->Npk;
- ephemeralPubKeySz = hpke->Npk;
+ receiverPubKeySz = (word16)hpke->Npk;
+ ephemeralPubKeySz = (word16)hpke->Npk;
#ifdef WOLFSSL_SMALL_STACK
dh = (byte*)XMALLOC(hpke->Ndh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -785,8 +785,10 @@ static int wc_HpkeEncap(Hpke* hpke, void* ephemeralKey, void* receiverKey,
#ifdef ECC_TIMING_RESISTANT
rng = wc_rng_new(NULL, 0, hpke->heap);
- if (rng == NULL)
- return RNG_FAILURE_E;
+ if (rng == NULL) {
+ ret = RNG_FAILURE_E;
+ break;
+ }
wc_ecc_set_rng((ecc_key*)ephemeralKey, rng);
#endif
@@ -990,7 +992,7 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey,
return BAD_FUNC_ARG;
}
- receiverPubKeySz = hpke->Npk;
+ receiverPubKeySz = (word16)hpke->Npk;
#ifdef WOLFSSL_SMALL_STACK
dh = (byte*)XMALLOC(hpke->Ndh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1048,7 +1050,7 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey,
}
if (ephemeralKey != NULL)
- wc_HpkeFreeKey(hpke, hpke->kem, ephemeralKey, hpke->heap);
+ wc_HpkeFreeKey(hpke, (word16)hpke->kem, ephemeralKey, hpke->heap);
if (ret == 0) {
/* copy pubKey into kemContext */
@@ -1125,6 +1127,7 @@ static int wc_HpkeContextOpenBase(Hpke* hpke, HpkeBaseContext* context,
return BAD_FUNC_ARG;
}
+ XMEMSET(nonce, 0, sizeof(nonce));
#ifdef WOLFSSL_SMALL_STACK
aes_key = (Aes*)XMALLOC(sizeof(Aes), hpke->heap, DYNAMIC_TYPE_AES);
if (aes_key == NULL) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/include.am b/extra/wolfssl/wolfssl/wolfcrypt/src/include.am
index 608b9356..2a501411 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/include.am
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/include.am
@@ -63,6 +63,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/arm/armv8-aes.c \
wolfcrypt/src/port/arm/armv8-sha256.c \
wolfcrypt/src/port/arm/armv8-chacha.c \
+ wolfcrypt/src/port/aria/aria-crypt.c \
+ wolfcrypt/src/port/aria/aria-cryptocb.c \
wolfcrypt/src/port/nxp/ksdk_port.c \
wolfcrypt/src/port/nxp/dcp_port.c \
wolfcrypt/src/port/nxp/se050_port.c \
@@ -120,11 +122,12 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/arm/cryptoCellHash.c \
wolfcrypt/src/port/Renesas/renesas_tsip_aes.c \
wolfcrypt/src/port/Renesas/renesas_tsip_sha.c \
+ wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c \
wolfcrypt/src/port/Renesas/renesas_tsip_util.c \
- wolfcrypt/src/port/Renesas/renesas_sce_util.c \
- wolfcrypt/src/port/Renesas/renesas_sce_aes.c \
- wolfcrypt/src/port/Renesas/renesas_sce_sha.c \
- wolfcrypt/src/port/Renesas/renesas_sce_rsa.c \
+ wolfcrypt/src/port/Renesas/renesas_fspsm_util.c \
+ wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c \
+ wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c \
+ wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c \
wolfcrypt/src/port/Renesas/renesas_common.c \
wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c \
wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c \
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c b/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c
index 5ea1cb5a..21ae2353 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c
@@ -553,6 +553,15 @@ int mp_exch (mp_int * a, mp_int * b)
return MP_OKAY;
}
+int mp_cond_swap_ct_ex (mp_int * a, mp_int * b, int c, int m, mp_int * t)
+{
+ (void)c;
+ (void)t;
+ if (m == 1)
+ mp_exch(a, b);
+ return MP_OKAY;
+}
+
int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
{
(void)c;
@@ -946,7 +955,7 @@ int wolfcrypt_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
}
#ifdef BN_MP_EXPTMOD_BASE_2
- if (G->used == 1 && G->dp[0] == 2) {
+ if (G->used == 1 && G->dp[0] == 2 && mp_isodd(P) == MP_YES) {
return mp_exptmod_base_2(X, P, Y);
}
#endif
@@ -976,7 +985,7 @@ int wolfcrypt_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
}
#endif
- /* if the modulus is odd or dr != 0 use the montgomery method */
+ /* if the modulus is odd use the montgomery method, or use other known */
#ifdef BN_MP_EXPTMOD_FAST_C
if (mp_isodd (P) == MP_YES || dr != 0) {
return mp_exptmod_fast (G, X, P, Y, dr);
@@ -1976,7 +1985,6 @@ int mp_dr_is_modulus(mp_int *a)
return 1;
}
-
/* computes Y == G**X mod P, HAC pp.616, Algorithm 14.85
*
* Uses a left-to-right k-ary sliding window to compute the modular
@@ -2104,7 +2112,10 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) {
goto LBL_M;
}
- redux = mp_reduce_2k;
+ /* mp of zero is not usable */
+ if (mp != 0) {
+ redux = mp_reduce_2k;
+ }
#endif
}
@@ -3057,47 +3068,83 @@ int mp_submod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
/* d = a + b (mod c) */
int mp_addmod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
{
- int res;
- mp_int t;
+ int res;
+ mp_int t;
- if ((res = mp_init (&t)) != MP_OKAY) {
- return res;
- }
+ if ((res = mp_init (&t)) != MP_OKAY) {
+ return res;
+ }
- res = mp_add (a, b, &t);
- if (res == MP_OKAY) {
- res = mp_mod (&t, c, d);
- }
+ res = mp_add (a, b, &t);
+ if (res == MP_OKAY) {
+ res = mp_mod (&t, c, d);
+ }
- mp_clear (&t);
+ mp_clear (&t);
- return res;
+ return res;
}
/* d = a - b (mod c) - a < c and b < c and positive */
int mp_submod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
{
- int res;
+ int res;
+ mp_int t;
+ mp_int* r = d;
+
+ if (c == d) {
+ r = &t;
+
+ if ((res = mp_init (r)) != MP_OKAY) {
+ return res;
+ }
+ }
- res = mp_sub(a, b, d);
- if (res == MP_OKAY && mp_isneg(d)) {
- res = mp_add(d, c, d);
+ res = mp_sub (a, b, r);
+ if (res == MP_OKAY) {
+ if (mp_isneg (r)) {
+ res = mp_add (r, c, d);
+ } else if (c == d) {
+ res = mp_copy (r, d);
}
+ }
- return res;
+ if (c == d) {
+ mp_clear (r);
+ }
+
+ return res;
}
/* d = a + b (mod c) - a < c and b < c and positive */
int mp_addmod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
{
- int res;
+ int res;
+ mp_int t;
+ mp_int* r = d;
+
+ if (c == d) {
+ r = &t;
+
+ if ((res = mp_init (r)) != MP_OKAY) {
+ return res;
+ }
+ }
- res = mp_add(a, b, d);
- if (res == MP_OKAY && mp_cmp(d, c) != MP_LT) {
- res = mp_sub(d, c, d);
+ res = mp_add (a, b, r);
+ if (res == MP_OKAY) {
+ if (mp_cmp (r, c) != MP_LT) {
+ res = mp_sub (r, c, d);
+ } else if (c == d) {
+ res = mp_copy (r, d);
}
+ }
- return res;
+ if (c == d) {
+ mp_clear (r);
+ }
+
+ return res;
}
/* computes b = a*a */
@@ -3314,7 +3361,7 @@ int mp_init_size (mp_int * a, int size)
}
-/* the jist of squaring...
+/* the list of squaring...
* you do like mult except the offset of the tmpx [one that
* starts closer to zero] can't equal the offset of tmpy.
* So basically you set up iy like before then you min it with
@@ -4378,9 +4425,6 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) /* //NOLINT(misc-no-recursion) *
/* old number of used digits in c */
oldused = c->used;
- /* sign always positive */
- c->sign = MP_ZPOS;
-
/* source alias */
tmpa = a->dp;
@@ -4431,6 +4475,9 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) /* //NOLINT(misc-no-recursion) *
ix = 1;
}
+ /* sign always positive */
+ c->sign = MP_ZPOS;
+
/* now zero to oldused */
while (ix++ < oldused) {
*tmpc++ = 0;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c b/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c
index 948caf69..4921e5bb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c
@@ -52,6 +52,9 @@
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/kdf.h>
+#ifdef WC_SRTP_KDF
+#include <wolfssl/wolfcrypt/aes.h>
+#endif
#if defined(WOLFSSL_HAVE_PRF) && !defined(NO_HMAC)
@@ -113,6 +116,13 @@ int wc_PRF(byte* result, word32 resLen, const byte* secret,
break;
#endif
+ #ifdef WOLFSSL_SM3
+ case sm3_mac:
+ hash = WC_SM3;
+ len = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif
+
#ifndef NO_SHA
case sha_mac:
hash = WC_SHA;
@@ -129,7 +139,7 @@ int wc_PRF(byte* result, word32 resLen, const byte* secret,
if (lastLen)
times += 1;
- /* times == 0 iif resLen == 0, but times == 0 abides clang static analyzer
+ /* times == 0 if resLen == 0, but times == 0 abides clang static analyzer
while resLen == 0 doesn't */
if (times == 0)
return BAD_FUNC_ARG;
@@ -376,6 +386,13 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
len = WC_SHA512_DIGEST_SIZE;
break;
#endif
+
+ #ifdef WOLFSSL_SM3
+ case WC_SM3:
+ len = WC_SM3_DIGEST_SIZE;
+ break;
+ #endif
+
default:
return BAD_FUNC_ARG;
}
@@ -856,4 +873,478 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
#endif /* WOLFSSL_WOLFSSH */
+#ifdef WC_SRTP_KDF
+/* Calculate first block to encrypt.
+ *
+ * @param [in] salt Random value to XOR in.
+ * @param [in] saltSz Size of random value in bytes.
+ * @param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise
+ * kdr = 2^kdrIdx.
+ * @param [in] index Index value to XOR in.
+ * @param [in] indexSz Size of index value in bytes.
+ * @param [out] block First block to encrypt.
+ */
+static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx,
+ const byte* index, byte indexSz, unsigned char* block)
+{
+ word32 i;
+
+ /* XOR salt into zeroized buffer. */
+ for (i = 0; i < WC_SRTP_MAX_SALT - saltSz; i++) {
+ block[i] = 0;
+ }
+ XMEMCPY(block + WC_SRTP_MAX_SALT - saltSz, salt, saltSz);
+ block[WC_SRTP_MAX_SALT] = 0;
+ /* block[15] is counter. */
+
+ /* When kdrIdx is -1, don't XOR in index. */
+ if (kdrIdx >= 0) {
+ /* Get the number of bits to shift index by. */
+ word32 bits = kdrIdx & 0x7;
+ /* Reduce index size by number of bytes to remove. */
+ indexSz -= kdrIdx >> 3;
+
+ if ((kdrIdx & 0x7) == 0) {
+ /* Just XOR in as no bit shifting. */
+ for (i = 0; i < indexSz; i++) {
+ block[i + WC_SRTP_MAX_SALT - indexSz] ^= index[i];
+ }
+ }
+ else {
+ /* XOR in as bit shifted index. */
+ block[WC_SRTP_MAX_SALT - indexSz] ^= index[0] >> bits;
+ for (i = 1; i < indexSz; i++) {
+ block[i + WC_SRTP_MAX_SALT - indexSz] ^=
+ (index[i-1] << (8 - bits)) |
+ (index[i+0] >> bits );
+ }
+ }
+ }
+}
+
+/* Derive a key given the first block.
+ *
+ * @param [in, out] block First block to encrypt. Need label XORed in.
+ * @param [in] indexSz Size of index in bytes to calculate where label is
+ * XORed into.
+ * @param [in] label Label byte that differs for each key.
+ * @param [out] key Derived key.
+ * @param [in] keySz Size of key to derive in bytes.
+ * @param [in] aes AES object to encrypt with.
+ * @return 0 on success.
+ */
+static int wc_srtp_kdf_derive_key(byte* block, byte indexSz, byte label,
+ byte* key, word32 keySz, Aes* aes)
+{
+ int i;
+ int ret = 0;
+ /* Calculate the number of full blocks needed for derived key. */
+ int blocks = keySz / AES_BLOCK_SIZE;
+
+ /* XOR in label. */
+ block[WC_SRTP_MAX_SALT - indexSz - 1] ^= label;
+ for (i = 0; (ret == 0) && (i < blocks); i++) {
+ /* Set counter. */
+ block[15] = i;
+ /* Encrypt block into key buffer. */
+ ret = wc_AesEcbEncrypt(aes, key, block, AES_BLOCK_SIZE);
+ /* Reposition for more derived key. */
+ key += AES_BLOCK_SIZE;
+ /* Reduce the count of key bytes required. */
+ keySz -= AES_BLOCK_SIZE;
+ }
+ /* Do any partial blocks. */
+ if ((ret == 0) && (keySz > 0)) {
+ byte enc[AES_BLOCK_SIZE];
+ /* Set counter. */
+ block[15] = i;
+ /* Encrypt block into temporary. */
+ ret = wc_AesEcbEncrypt(aes, enc, block, AES_BLOCK_SIZE);
+ if (ret == 0) {
+ /* Copy into key required amount. */
+ XMEMCPY(key, enc, keySz);
+ }
+ }
+ /* XOR out label. */
+ block[WC_SRTP_MAX_SALT - indexSz - 1] ^= label;
+
+ return ret;
+}
+
+/* Derive keys using SRTP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in] key Key to use with encryption.
+ * @param [in] keySz Size of key in bytes.
+ * @param [in] salt Random non-secret value.
+ * @param [in] saltSz Size of random in bytes.
+ * @param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise
+ * kdr = 2^kdrIdx.
+ * @param [in] index Index value to XOR in.
+ * @param [out] key1 First key. Label value of 0x00.
+ * @param [in] key1Sz Size of first key in bytes.
+ * @param [out] key2 Second key. Label value of 0x01.
+ * @param [in] key2Sz Size of second key in bytes.
+ * @param [out] key3 Third key. Label value of 0x02.
+ * @param [in] key3Sz Size of third key in bytes.
+ * @return BAD_FUNC_ARG when key or salt is NULL.
+ * @return BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return MEMORY_E on dynamic memory allocation failure.
+ * @return 0 on success.
+ */
+int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+ int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+ word32 key2Sz, byte* key3, word32 key3Sz)
+{
+ int ret = 0;
+ byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ Aes* aes = NULL;
+#else
+ Aes aes[1];
+#endif
+ int aes_inited = 0;
+
+ /* Validate parameters. */
+ if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+ (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ if (ret == 0) {
+ aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+ if (aes == NULL) {
+ ret = MEMORY_E;
+ }
+ }
+ if (aes != NULL)
+#endif
+ {
+ XMEMSET(aes, 0, sizeof(Aes));
+ }
+
+ /* Setup AES object. */
+ if (ret == 0) {
+ ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+ }
+ if (ret == 0) {
+ aes_inited = 1;
+ ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+ }
+
+ /* Calculate first block that can be used in each derivation. */
+ if (ret == 0) {
+ wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTP_INDEX_LEN,
+ block);
+ }
+
+ /* Calculate first key if required. */
+ if ((ret == 0) && (key1 != NULL)) {
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN,
+ WC_SRTP_LABEL_ENCRYPTION, key1, key1Sz, aes);
+ }
+ /* Calculate second key if required. */
+ if ((ret == 0) && (key2 != NULL)) {
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN,
+ WC_SRTP_LABEL_MSG_AUTH, key2, key2Sz, aes);
+ }
+ /* Calculate third key if required. */
+ if ((ret == 0) && (key3 != NULL)) {
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN,
+ WC_SRTP_LABEL_SALT, key3, key3Sz, aes);
+ }
+
+ if (aes_inited)
+ wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+ return ret;
+}
+
+/* Derive keys using SRTCP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in] key Key to use with encryption.
+ * @param [in] keySz Size of key in bytes.
+ * @param [in] salt Random non-secret value.
+ * @param [in] saltSz Size of random in bytes.
+ * @param [in] kdrIdx Key derivation rate index. kdr = 0 when -1, otherwise
+ * kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
+ * @param [in] index Index value to XOR in.
+ * @param [out] key1 First key. Label value of 0x03.
+ * @param [in] key1Sz Size of first key in bytes.
+ * @param [out] key2 Second key. Label value of 0x04.
+ * @param [in] key2Sz Size of second key in bytes.
+ * @param [out] key3 Third key. Label value of 0x05.
+ * @param [in] key3Sz Size of third key in bytes.
+ * @return BAD_FUNC_ARG when key or salt is NULL.
+ * @return BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return MEMORY_E on dynamic memory allocation failure.
+ * @return 0 on success.
+ */
+int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+ int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+ word32 key2Sz, byte* key3, word32 key3Sz)
+{
+ int ret = 0;
+ byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ Aes* aes = NULL;
+#else
+ Aes aes[1];
+#endif
+ int aes_inited = 0;
+
+ /* Validate parameters. */
+ if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+ (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ if (ret == 0) {
+ aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+ if (aes == NULL) {
+ ret = MEMORY_E;
+ }
+ }
+ if (aes != NULL)
+#endif
+ {
+ XMEMSET(aes, 0, sizeof(Aes));
+ }
+
+ /* Setup AES object. */
+ if (ret == 0) {
+ ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+ }
+ if (ret == 0) {
+ aes_inited = 1;
+ ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+ }
+
+ /* Calculate first block that can be used in each derivation. */
+ if (ret == 0) {
+ wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTCP_INDEX_LEN,
+ block);
+ }
+
+ /* Calculate first key if required. */
+ if ((ret == 0) && (key1 != NULL)) {
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN,
+ WC_SRTCP_LABEL_ENCRYPTION, key1, key1Sz, aes);
+ }
+ /* Calculate second key if required. */
+ if ((ret == 0) && (key2 != NULL)) {
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN,
+ WC_SRTCP_LABEL_MSG_AUTH, key2, key2Sz, aes);
+ }
+ /* Calculate third key if required. */
+ if ((ret == 0) && (key3 != NULL)) {
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN,
+ WC_SRTCP_LABEL_SALT, key3, key3Sz, aes);
+ }
+
+ if (aes_inited)
+ wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+ return ret;
+}
+
+/* Derive key with label using SRTP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in] key Key to use with encryption.
+ * @param [in] keySz Size of key in bytes.
+ * @param [in] salt Random non-secret value.
+ * @param [in] saltSz Size of random in bytes.
+ * @param [in] kdrIdx Key derivation rate index. kdr = 0 when -1, otherwise
+ * kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
+ * @param [in] index Index value to XOR in.
+ * @param [in] label Label to use when deriving key.
+ * @param [out] outKey Derived key.
+ * @param [in] outKeySz Size of derived key in bytes.
+ * @return BAD_FUNC_ARG when key, salt or outKey is NULL.
+ * @return BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return MEMORY_E on dynamic memory allocation failure.
+ * @return 0 on success.
+ */
+int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+ word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+ word32 outKeySz)
+{
+ int ret = 0;
+ byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ Aes* aes = NULL;
+#else
+ Aes aes[1];
+#endif
+ int aes_inited = 0;
+
+ /* Validate parameters. */
+ if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+ (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
+ (outKey == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ if (ret == 0) {
+ aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+ if (aes == NULL) {
+ ret = MEMORY_E;
+ }
+ }
+ if (aes != NULL)
+#endif
+ {
+ XMEMSET(aes, 0, sizeof(Aes));
+ }
+
+ /* Setup AES object. */
+ if (ret == 0) {
+ ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+ }
+ if (ret == 0) {
+ aes_inited = 1;
+ ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+ }
+
+ /* Calculate first block that can be used in each derivation. */
+ if (ret == 0) {
+ wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTP_INDEX_LEN,
+ block);
+ }
+ if (ret == 0) {
+ /* Calculate key. */
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN, label, outKey,
+ outKeySz, aes);
+ }
+
+ if (aes_inited)
+ wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+ return ret;
+
+}
+
+/* Derive key with label using SRTCP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in] key Key to use with encryption.
+ * @param [in] keySz Size of key in bytes.
+ * @param [in] salt Random non-secret value.
+ * @param [in] saltSz Size of random in bytes.
+ * @param [in] kdrIdx Key derivation rate index. kdr = 0 when -1, otherwise
+ * kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
+ * @param [in] index Index value to XOR in.
+ * @param [in] label Label to use when deriving key.
+ * @param [out] outKey Derived key.
+ * @param [in] outKeySz Size of derived key in bytes.
+ * @return BAD_FUNC_ARG when key, salt or outKey is NULL.
+ * @return BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return MEMORY_E on dynamic memory allocation failure.
+ * @return 0 on success.
+ */
+int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+ word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+ word32 outKeySz)
+{
+ int ret = 0;
+ byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+ Aes* aes = NULL;
+#else
+ Aes aes[1];
+#endif
+ int aes_inited = 0;
+
+ /* Validate parameters. */
+ if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+ (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
+ (outKey == NULL)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+#ifdef WOLFSSL_SMALL_STACK
+ if (ret == 0) {
+ aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+ if (aes == NULL) {
+ ret = MEMORY_E;
+ }
+ }
+ if (aes != NULL)
+#endif
+ {
+ XMEMSET(aes, 0, sizeof(Aes));
+ }
+
+ /* Setup AES object. */
+ if (ret == 0) {
+ ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+ }
+ if (ret == 0) {
+ aes_inited = 1;
+ ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+ }
+
+ /* Calculate first block that can be used in each derivation. */
+ if (ret == 0) {
+ wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTCP_INDEX_LEN,
+ block);
+ }
+ if (ret == 0) {
+ /* Calculate key. */
+ ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN, label, outKey,
+ outKeySz, aes);
+ }
+
+ if (aes_inited)
+ wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+ XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+ return ret;
+
+}
+
+/* Converts a kdr value to an index to use in SRTP/SRTCP KDF API.
+ *
+ * @param [in] kdr Key derivation rate to convert.
+ * @return Key derivation rate as an index.
+ */
+int wc_SRTP_KDF_kdr_to_idx(word32 kdr)
+{
+ int idx = -1;
+
+ /* Keep shifting value down and incrementing index until top bit is gone. */
+ while (kdr != 0) {
+ kdr >>= 1;
+ idx++;
+ }
+
+ /* Index of top bit set. */
+ return idx;
+}
+#endif /* WC_SRTP_KDF */
+
#endif /* NO_KDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c b/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c
index 04d218d1..afa0c6f0 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c
@@ -127,6 +127,7 @@ THREAD_LS_T void *StackSizeCheck_stackOffsetPointer = 0;
/* Set these to default values initially. */
static wolfSSL_Logging_cb log_function = NULL;
static int loggingEnabled = 0;
+THREAD_LS_T const char* log_prefix = NULL;
#if defined(WOLFSSL_APACHE_MYNEWT)
#include "log/log.h"
@@ -135,13 +136,6 @@ static struct log mynewt_log;
#endif /* DEBUG_WOLFSSL */
-#ifdef DEBUG_VECTOR_REGISTER_ACCESS
-THREAD_LS_T int wc_svr_count = 0;
-THREAD_LS_T const char *wc_svr_last_file = NULL;
-THREAD_LS_T int wc_svr_last_line = -1;
-#endif
-
-
/* allow this to be set to NULL, so logs can be redirected to default output */
int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb f)
{
@@ -186,6 +180,15 @@ void wolfSSL_Debugging_OFF(void)
#endif
}
+WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix)
+{
+#ifdef DEBUG_WOLFSSL
+ log_prefix = prefix;
+#else
+ (void)prefix;
+#endif
+}
+
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
* The code is not thread-safe.
@@ -316,14 +319,17 @@ static void wolfssl_log(const int logLevel, const char *const logMessage)
defined(HAVE_STACK_SIZE_VERBOSE) && defined(HAVE_STACK_SIZE_VERBOSE_LOG)
STACK_SIZE_CHECKPOINT_MSG(logMessage);
#else
- fprintf(stderr, "%s\n", logMessage);
+ if (log_prefix != NULL)
+ fprintf(stderr, "[%s]: %s\n", log_prefix, logMessage);
+ else
+ fprintf(stderr, "%s\n", logMessage);
#endif
}
}
#ifndef WOLFSSL_DEBUG_ERRORS_ONLY
-#if !defined(_WIN32) && defined(XVSNPRINTF) && !defined(NO_WOLFSSL_MSG_EX)
+#if defined(XVSNPRINTF) && !defined(NO_WOLFSSL_MSG_EX)
#include <stdarg.h> /* for var args */
#ifndef WOLFSSL_MSG_EX_BUF_SZ
#define WOLFSSL_MSG_EX_BUF_SZ 100
@@ -430,7 +436,7 @@ WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void)
#endif /* !WOLFSSL_DEBUG_ERRORS_ONLY */
#endif /* DEBUG_WOLFSSL */
-#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || defined(HAVE_MEMCACHED)
#ifdef WOLFSSL_HAVE_ERROR_QUEUE
@@ -477,7 +483,7 @@ static int get_abs_idx(int relative_idx)
return (int)((wc_errors.head_idx + wc_errors.count - 1)
% ERROR_QUEUE_MAX);
}
- return (int)((wc_errors.head_idx + relative_idx) % ERROR_QUEUE_MAX);
+ return (int)((wc_errors.head_idx + (size_t)relative_idx) % ERROR_QUEUE_MAX);
}
/**
@@ -526,13 +532,13 @@ static int pass_entry(struct wc_error_entry *entry,
static void set_entry(struct wc_error_entry *entry, int error,
const char *file, const char *reason, int line)
{
- int sz;
+ size_t sz;
XMEMSET(entry, 0, sizeof(struct wc_error_entry));
entry->err = error;
entry->line = line;
- sz = (int)XSTRLEN(reason);
+ sz = XSTRLEN(reason);
if (sz > WOLFSSL_MAX_ERROR_SZ - 1) {
sz = WOLFSSL_MAX_ERROR_SZ - 1;
}
@@ -541,7 +547,7 @@ static void set_entry(struct wc_error_entry *entry, int error,
entry->reason[WOLFSSL_MAX_ERROR_SZ - 1] = '\0';
}
- sz = (int)XSTRLEN(file);
+ sz = XSTRLEN(file);
if (sz > WOLFSSL_MAX_ERROR_SZ - 1) {
sz = WOLFSSL_MAX_ERROR_SZ - 1;
}
@@ -628,7 +634,7 @@ void wc_RemoveErrorNode(int relative_idx)
if (abs_idx >= (int)wc_errors.head_idx) {
/* removed entry sits "above" head (or is head),
* move entries below it "up" */
- move_count = (abs_idx - (int)wc_errors.head_idx);
+ move_count = (size_t)abs_idx - wc_errors.head_idx;
if (move_count > 0) {
XMEMMOVE(&wc_errors.entries[wc_errors.head_idx + 1],
&wc_errors.entries[wc_errors.head_idx],
@@ -642,7 +648,7 @@ void wc_RemoveErrorNode(int relative_idx)
* move entries above it "down" */
int last_idx = get_abs_idx(-1);
if (last_idx >= abs_idx) { /* this SHOULD always be true */
- move_count = (last_idx - abs_idx);
+ move_count = (size_t)(last_idx - abs_idx);
if (move_count > 0) {
XMEMMOVE(&wc_errors.entries[abs_idx],
&wc_errors.entries[abs_idx + 1],
@@ -725,7 +731,7 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
/**
* Get the error value at the HEAD of the ERR queue or 0 if the queue
- * is emtpy. The HEAD entry is removed by this call.
+ * is empty. The HEAD entry is removed by this call.
*/
unsigned long wc_GetErrorNodeErr(void)
{
@@ -746,7 +752,7 @@ unsigned long wc_GetErrorNodeErr(void)
wc_ClearErrorNodes();
}
}
- return ret;
+ return (unsigned long)ret;
}
#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
@@ -1450,7 +1456,8 @@ void wc_ERR_print_errors_fp(XFILE fp)
#endif /* !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) */
-#endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) */
+#endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+ || defined(HAVE_MEMCACHED) */
/*
* When using OPENSSL_EXTRA or DEBUG_WOLFSSL_VERBOSE macro then WOLFSSL_ERROR is
@@ -1495,7 +1502,7 @@ void WOLFSSL_ERROR(int error)
"wolfSSL error occurred, error = %d line:%u file:%s",
error, line, file);
- if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) {
+ if (wc_AddErrorNode(error, (int)line, buffer, (char*)file) != 0) {
WOLFSSL_MSG("Error creating logging node");
/* with void function there is no return here, continue on
* to unlock mutex and log what buffer was created. */
@@ -1533,4 +1540,3 @@ void WOLFSSL_ERROR_MSG(const char* msg)
}
#endif /* DEBUG_WOLFSSL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
-
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c b/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c
index 480d6937..789704e6 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c
@@ -107,7 +107,7 @@ void wc_Md2Update(Md2* md2, const byte* data, word32 len)
t = md2->X[j+6] ^= S[t];
t = md2->X[j+7] ^= S[t];
}
- t = (t + i) & 0xFF;
+ t = (byte)((t + i) & 0xFF);
}
}
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c b/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c
index f70206ba..565d9107 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c
@@ -31,16 +31,7 @@
#define WOLFSSL_NEED_LINUX_CURRENT
#endif
-#include <wolfssl/wolfcrypt/settings.h>
-
-/* check old macros @wc_fips */
-#if defined(USE_CYASSL_MEMORY) && !defined(USE_WOLFSSL_MEMORY)
- #define USE_WOLFSSL_MEMORY
-#endif
-#if defined(CYASSL_MALLOC_CHECK) && !defined(WOLFSSL_MALLOC_CHECK)
- #define WOLFSSL_MALLOC_CHECK
-#endif
-
+#include <wolfssl/wolfcrypt/types.h>
/*
Possible memory options:
@@ -128,6 +119,51 @@ int wolfSSL_GetAllocators(wolfSSL_Malloc_cb* mf,
return 0;
}
+#ifdef WOLFSSL_MEM_FAIL_COUNT
+static wolfSSL_Mutex memFailMutex;
+int mem_fail_allocs = 0;
+int mem_fail_frees = 0;
+int mem_fail_cnt = 0;
+
+void wc_MemFailCount_Init()
+{
+ char* cnt;
+ wc_InitMutex(&memFailMutex);
+ cnt = getenv("MEM_FAIL_CNT");
+ if (cnt != NULL) {
+ fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
+ mem_fail_cnt = atoi(cnt);
+ }
+}
+static int wc_MemFailCount_AllocMem(void)
+{
+ int ret = 1;
+
+ wc_LockMutex(&memFailMutex);
+ if ((mem_fail_cnt > 0) && (mem_fail_cnt <= mem_fail_allocs + 1)) {
+ ret = 0;
+ }
+ else {
+ mem_fail_allocs++;
+ }
+ wc_UnLockMutex(&memFailMutex);
+
+ return ret;
+}
+static void wc_MemFailCount_FreeMem(void)
+{
+ wc_LockMutex(&memFailMutex);
+ mem_fail_frees++;
+ wc_UnLockMutex(&memFailMutex);
+}
+void wc_MemFailCount_Free()
+{
+ wc_FreeMutex(&memFailMutex);
+ fprintf(stderr, "MemFailCount Total: %d\n", mem_fail_allocs);
+ fprintf(stderr, "MemFailCount Frees: %d\n", mem_fail_frees);
+}
+#endif
+
#ifndef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_CHECK_MEM_ZERO
@@ -269,50 +305,6 @@ void wc_MemZero_Check(void* addr, size_t len)
}
#endif /* WOLFSSL_CHECK_MEM_ZERO */
-#ifdef WOLFSSL_MEM_FAIL_COUNT
-static wolfSSL_Mutex memFailMutex;
-int mem_fail_allocs = 0;
-int mem_fail_frees = 0;
-int mem_fail_cnt = 0;
-
-void wc_MemFailCount_Init()
-{
- wc_InitMutex(&memFailMutex);
- char* cnt = getenv("MEM_FAIL_CNT");
- if (cnt != NULL) {
- fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
- mem_fail_cnt = atoi(cnt);
- }
-}
-static int wc_MemFailCount_AllocMem(void)
-{
- int ret = 1;
-
- wc_LockMutex(&memFailMutex);
- if ((mem_fail_cnt > 0) && (mem_fail_cnt <= mem_fail_allocs + 1)) {
- ret = 0;
- }
- else {
- mem_fail_allocs++;
- }
- wc_UnLockMutex(&memFailMutex);
-
- return ret;
-}
-static void wc_MemFailCount_FreeMem(void)
-{
- wc_LockMutex(&memFailMutex);
- mem_fail_frees++;
- wc_UnLockMutex(&memFailMutex);
-}
-void wc_MemFailCount_Free()
-{
- wc_FreeMutex(&memFailMutex);
- fprintf(stderr, "MemFailCount Total: %d\n", mem_fail_allocs);
- fprintf(stderr, "MemFailCount Frees: %d\n", mem_fail_frees);
-}
-#endif
-
#ifdef WOLFSSL_DEBUG_MEMORY
void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line)
#else
@@ -1239,7 +1231,6 @@ void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type)
/* Example for user io pool, shared build may need definitions in lib proper */
-#include <wolfssl/wolfcrypt/types.h>
#include <stdlib.h>
#ifndef HAVE_THREAD_LS
@@ -1324,8 +1315,13 @@ void *xmalloc(size_t n, void* heap, int type, const char* func,
}
#endif
- if (malloc_function)
+ if (malloc_function) {
+#ifndef WOLFSSL_STATIC_MEMORY
p32 = malloc_function(n + sizeof(word32) * 4);
+#else
+ p32 = malloc_function(n + sizeof(word32) * 4, heap, type);
+#endif
+ }
else
p32 = malloc(n + sizeof(word32) * 4);
@@ -1362,8 +1358,13 @@ void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
oldLen = oldp32[0];
}
- if (realloc_function)
+ if (realloc_function) {
+#ifndef WOLFSSL_STATIC_MEMORY
p32 = realloc_function(oldp32, n + sizeof(word32) * 4);
+#else
+ p32 = realloc_function(oldp32, n + sizeof(word32) * 4, heap, type);
+#endif
+ }
else
p32 = realloc(oldp32, n + sizeof(word32) * 4);
@@ -1403,8 +1404,13 @@ void xfree(void *p, void* heap, int type, const char* func, const char* file,
fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%u\n", p, p32[0], type,
func, file, line);
- if (free_function)
+ if (free_function) {
+#ifndef WOLFSSL_STATIC_MEMORY
free_function(p32);
+#else
+ free_function(p32, heap, type);
+#endif
+ }
else
free(p32);
}
@@ -1432,6 +1438,106 @@ void __attribute__((no_instrument_function))
}
#endif
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+static const byte wc_debug_cipher_lifecycle_tag_value[] =
+ { 'W', 'o', 'l', 'f' };
+
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleInit(
+ void **CipherLifecycleTag,
+ void *heap)
+{
+ if (CipherLifecycleTag == NULL)
+ return BAD_FUNC_ARG;
+ *CipherLifecycleTag = (void *)XMALLOC(
+ sizeof(wc_debug_cipher_lifecycle_tag_value),
+ heap,
+ DYNAMIC_TYPE_DEBUG_TAG);
+ if (*CipherLifecycleTag == NULL)
+ return MEMORY_E;
+ XMEMCPY(*CipherLifecycleTag,
+ wc_debug_cipher_lifecycle_tag_value,
+ sizeof(wc_debug_cipher_lifecycle_tag_value));
+ return 0;
+}
+
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleCheck(
+ void *CipherLifecycleTag,
+ int abort_p)
+{
+ int ret;
+ if (CipherLifecycleTag == NULL) {
+ ret = BAD_STATE_E;
+ goto out;
+ }
+ if (XMEMCMP(CipherLifecycleTag,
+ wc_debug_cipher_lifecycle_tag_value,
+ sizeof(wc_debug_cipher_lifecycle_tag_value)) != 0)
+ {
+ ret = BAD_STATE_E;
+ goto out;
+ }
+ ret = 0;
+
+out:
+ if ((ret < 0) && abort_p)
+ abort();
+
+ return ret;
+}
+
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(
+ void **CipherLifecycleTag,
+ void *heap,
+ int abort_p)
+{
+ int ret;
+ if (CipherLifecycleTag == NULL)
+ return BAD_FUNC_ARG;
+ ret = wc_debug_CipherLifecycleCheck(*CipherLifecycleTag, abort_p);
+ if (ret != 0)
+ return ret;
+ XFREE(*CipherLifecycleTag, heap, DYNAMIC_TYPE_DEBUG_TAG);
+ *CipherLifecycleTag = NULL;
+ return 0;
+}
+#endif /* WC_DEBUG_CIPHER_LIFECYCLE */
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS
+THREAD_LS_T int wc_svr_count = 0;
+THREAD_LS_T const char *wc_svr_last_file = NULL;
+THREAD_LS_T int wc_svr_last_line = -1;
+THREAD_LS_T int wc_debug_vector_registers_retval =
+ WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL;
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
+
+WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
+ static THREAD_LS_T struct drand48_data wc_svr_fuzzing_state;
+ static THREAD_LS_T int wc_svr_fuzzing_seeded = 0;
+ long result;
+
+ if (wc_debug_vector_registers_retval)
+ return wc_debug_vector_registers_retval;
+
+ if (wc_svr_fuzzing_seeded == 0) {
+ long seed = WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED;
+ char *seed_envstr = getenv("WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED");
+ if (seed_envstr)
+ seed = strtol(seed_envstr, NULL, 0);
+ (void)srand48_r(seed, &wc_svr_fuzzing_state);
+ wc_svr_fuzzing_seeded = 1;
+ }
+ (void)lrand48_r(&wc_svr_fuzzing_state, &result);
+ if (result & 1)
+ return IO_FAILED_E;
+ else
+ return 0;
+}
+
+#endif
+
+#endif
+
#ifdef WOLFSSL_LINUXKM
#include "../../linuxkm/linuxkm_memory.c"
#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c
index f80c9c64..62cd9b40 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c
@@ -104,13 +104,13 @@ masking and clearing memory logic.
WC_MISC_STATIC WC_INLINE word32 rotlFixed(word32 x, word32 y)
{
- return (x << y) | (x >> (sizeof(y) * 8 - y));
+ return (x << y) | (x >> (sizeof(x) * 8 - y));
}
/* This routine performs a right circular arithmetic shift of <x> by <y> value. */
WC_MISC_STATIC WC_INLINE word32 rotrFixed(word32 x, word32 y)
{
- return (x >> y) | (x << (sizeof(y) * 8 - y));
+ return (x >> y) | (x << (sizeof(x) * 8 - y));
}
#endif
@@ -120,14 +120,14 @@ masking and clearing memory logic.
/* This routine performs a left circular arithmetic shift of <x> by <y> value */
WC_MISC_STATIC WC_INLINE word16 rotlFixed16(word16 x, word16 y)
{
- return (x << y) | (x >> (sizeof(y) * 8 - y));
+ return (x << y) | (x >> (sizeof(x) * 8 - y));
}
/* This routine performs a right circular arithmetic shift of <x> by <y> value */
WC_MISC_STATIC WC_INLINE word16 rotrFixed16(word16 x, word16 y)
{
- return (x >> y) | (x << (sizeof(y) * 8 - y));
+ return (x >> y) | (x << (sizeof(x) * 8 - y));
}
#endif /* WC_RC2 */
@@ -273,11 +273,11 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
{
word32 i;
byte* o;
- byte* b;
+ const byte* b;
const byte* m;
o = (byte*)out;
- b = (byte*)buf;
+ b = (const byte*)buf;
m = (const byte*)mask;
@@ -285,6 +285,15 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
((wc_ptr_t)b) % WOLFSSL_WORD_SIZE &&
((wc_ptr_t)b) % WOLFSSL_WORD_SIZE ==
((wc_ptr_t)m) % WOLFSSL_WORD_SIZE) {
+ /* type-punning helpers */
+ union {
+ byte* bp;
+ wolfssl_word* wp;
+ } tpo;
+ union {
+ const byte* bp;
+ const wolfssl_word* wp;
+ } tpb, tpm;
/* Alignment checks out. Possible to XOR words. */
/* Move alignment so that it lines up with a
* WOLFSSL_WORD_SIZE boundary */
@@ -292,8 +301,13 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
*(o++) = (byte)(*(b++) ^ *(m++));
count--;
}
- XorWordsOut( (wolfssl_word**)&o, (const wolfssl_word**)&b,
- (const wolfssl_word**)&m, count / WOLFSSL_WORD_SIZE);
+ tpo.bp = o;
+ tpb.bp = b;
+ tpm.bp = m;
+ XorWordsOut( &tpo.wp, &tpb.wp, &tpm.wp, count / WOLFSSL_WORD_SIZE);
+ o = tpo.bp;
+ b = tpb.bp;
+ m = tpm.bp;
count %= WOLFSSL_WORD_SIZE;
}
@@ -326,6 +340,15 @@ WC_MISC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
if (((wc_ptr_t)b) % WOLFSSL_WORD_SIZE ==
((wc_ptr_t)m) % WOLFSSL_WORD_SIZE) {
+ /* type-punning helpers */
+ union {
+ byte* bp;
+ wolfssl_word* wp;
+ } tpb;
+ union {
+ const byte* bp;
+ const wolfssl_word* wp;
+ } tpm;
/* Alignment checks out. Possible to XOR words. */
/* Move alignment so that it lines up with a
* WOLFSSL_WORD_SIZE boundary */
@@ -333,8 +356,11 @@ WC_MISC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
*(b++) ^= *(m++);
count--;
}
- XorWords( (wolfssl_word**)&b,
- (const wolfssl_word**)&m, count / WOLFSSL_WORD_SIZE);
+ tpb.bp = b;
+ tpm.bp = m;
+ XorWords( &tpb.wp, &tpm.wp, count / WOLFSSL_WORD_SIZE);
+ b = tpb.bp;
+ m = tpm.bp;
count %= WOLFSSL_WORD_SIZE;
}
@@ -472,6 +498,15 @@ WC_MISC_STATIC WC_INLINE void ato32(const byte* c, word32* wc_u32)
(word32)c[3];
}
+/* convert opaque to 32 bit integer. Interpret as little endian. */
+WC_MISC_STATIC WC_INLINE void ato32le(const byte* c, word32* wc_u32)
+{
+ *wc_u32 = (word32)c[0] |
+ ((word32)c[1] << 8) |
+ ((word32)c[2] << 16) |
+ ((word32)c[3] << 24);
+}
+
WC_MISC_STATIC WC_INLINE word32 btoi(byte b)
{
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c
index 47a58346..22e64150 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c
@@ -28,7 +28,8 @@
#include <wolfssl/wolfcrypt/settings.h>
#if defined(HAVE_PKCS12) && \
- !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC)
+ !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \
+ !defined(NO_CERTS)
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/asn_public.h>
@@ -1229,7 +1230,7 @@ static int PKCS12_CheckConstructedZero(byte* data, word32 dataSz, word32* idx)
static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
word32 dataSz, word32* idx, int* curIdx)
{
- byte* mergedData = NULL; /* buffer for concatonated strings */
+ byte* mergedData = NULL; /* buffer for concatenated strings */
word32 mergedSz = 0; /* total size of merged strings */
int encryptedContentSz = 0;
int originalEncSz = 0;
@@ -1243,7 +1244,7 @@ static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
ret = ASN_PARSE_E;
}
- /* Loop through octet strings and concatonate them without
+ /* Loop through octet strings and concatenate them without
* the tags and length */
while ((int)*idx < originalEncSz + *curIdx) {
if (GetASNTag(data, idx, &tag, dataSz) < 0) {
@@ -1281,7 +1282,7 @@ static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
*idx += SetLength(mergedSz, &data[*idx]);
if (mergedSz > 0) {
- /* Copy over concatonated octet strings into data buffer */
+ /* Copy over concatenated octet strings into data buffer */
XMEMCPY(&data[*idx], mergedData, mergedSz);
XFREE(mergedData, pkcs12->heap, DYNAMIC_TYPE_PKCS);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c
index ce7d77c9..507d9eee 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c
@@ -2374,6 +2374,7 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
word32 totalSz, total2Sz;
int idx = 0, ret = 0;
int digEncAlgoId, digEncAlgoType;
+ int keyIdSize;
byte* flatSignedAttribs = NULL;
word32 flatSignedAttribsSz = 0;
@@ -2392,6 +2393,13 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
return BAD_FUNC_ARG;
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ pkcs7->publicKeyOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
+
#ifdef WOLFSSL_SMALL_STACK
signedDataOid = (byte *)XMALLOC(MAX_OID_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (signedDataOid == NULL) {
@@ -2485,11 +2493,10 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
} else if (pkcs7->sidType == CMS_SKID) {
/* SubjectKeyIdentifier */
- esd->issuerSKIDSz = SetOctetString(KEYID_SIZE, esd->issuerSKID);
- esd->issuerSKIDSeqSz = SetExplicit(0, esd->issuerSKIDSz + KEYID_SIZE,
+ esd->issuerSKIDSz = SetOctetString(keyIdSize, esd->issuerSKID);
+ esd->issuerSKIDSeqSz = SetExplicit(0, esd->issuerSKIDSz + keyIdSize,
esd->issuerSKIDSeq);
- signerInfoSz += (esd->issuerSKIDSz + esd->issuerSKIDSeqSz +
- KEYID_SIZE);
+ signerInfoSz += (esd->issuerSKIDSz + esd->issuerSKIDSeqSz + keyIdSize);
/* version MUST be 3 */
esd->signerVersionSz = SetMyVersion(3, esd->signerVersion, 0);
@@ -2723,8 +2730,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
idx += esd->issuerSKIDSeqSz;
XMEMCPY(output2 + idx, esd->issuerSKID, esd->issuerSKIDSz);
idx += esd->issuerSKIDSz;
- XMEMCPY(output2 + idx, pkcs7->issuerSubjKeyId, KEYID_SIZE);
- idx += KEYID_SIZE;
+ XMEMCPY(output2 + idx, pkcs7->issuerSubjKeyId, keyIdSize);
+ idx += keyIdSize;
} else if (pkcs7->sidType == DEGENERATE_SID) {
/* no signer infos in degenerate case */
} else {
@@ -3779,7 +3786,10 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,
word32 hashSz)
{
int ret = 0, digestSz = 0, innerAttribSz = 0;
+ int contentLen = 0;
word32 idx = 0;
+ word32 contentIdx = 0;
+ byte* content = NULL;
byte* digestBuf = NULL;
#ifdef WOLFSSL_SMALL_STACK
byte* digest = NULL;
@@ -3838,7 +3848,29 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,
#endif
XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ);
- ret = wc_Hash(hashType, pkcs7->content, pkcs7->contentSz, digest,
+ content = pkcs7->content;
+ contentLen = pkcs7->contentSz;
+
+ if (pkcs7->contentIsPkcs7Type == 1) {
+ /* Content follows PKCS#7 RFC, which defines type as ANY. CMS
+ * mandates OCTET_STRING which has already been stripped off.
+ * For PKCS#7 message digest calculation, digest is calculated
+ * only on the "value" of the DER encoding. As such, advance past
+ * the tag and length */
+ if (contentLen > 1) {
+ contentIdx++;
+ }
+
+ if (GetLength_ex(content, &contentIdx, &contentLen,
+ contentLen, 1) < 0) {
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ #endif
+ return ASN_PARSE_E;
+ }
+ }
+
+ ret = wc_Hash(hashType, content + contentIdx, contentLen, digest,
MAX_PKCS7_DIGEST_SZ);
if (ret < 0) {
WOLFSSL_MSG("Error hashing PKCS7 content for verification");
@@ -4428,11 +4460,13 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
byte* cert = NULL;
byte* signedAttrib = NULL;
byte* contentType = NULL;
+ int encapContentInfoLen = 0;
int contentSz = 0, sigSz = 0, certSz = 0, signedAttribSz = 0;
word32 localIdx, start;
byte degenerate = 0;
byte detached = 0;
byte tag = 0;
+ word16 contentIsPkcs7Type = 0;
#ifdef ASN_BER_TO_DER
byte* der;
#endif
@@ -4593,7 +4627,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
WOLFSSL_MSG("PKCS#7 signedData needs to be version 1 or 3");
ret = ASN_VERSION_E;
}
- pkcs7->version = version;
+ pkcs7->version = (byte)version;
/* Get the set of DigestAlgorithmIdentifiers */
if (ret == 0 && GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
@@ -4642,7 +4676,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
#endif
/* Get the inner ContentInfo sequence */
- if (GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
+ if (GetSequence_ex(pkiMsg, &idx, &encapContentInfoLen, pkiMsgSz,
NO_USER_CHECK) < 0)
ret = ASN_PARSE_E;
@@ -4650,7 +4684,8 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
if (ret == 0) {
int isIndef = 0;
word32 tmpIdx = idx;
- if (length == 0 && pkiMsg[idx-1] == ASN_INDEF_LENGTH) {
+ if (encapContentInfoLen == 0 &&
+ pkiMsg[idx-1] == ASN_INDEF_LENGTH) {
isIndef = 1;
}
if (GetASNObjectId(pkiMsg, &idx, &length, pkiMsgSz) == 0) {
@@ -4675,7 +4710,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
if (ret != 0)
break;
- /* Check for content info, it could be omitted when degenerate */
+ /* Check for content, it could be omitted when degenerate */
localIdx = idx;
ret = 0;
if (localIdx + 1 > pkiMsgSz) {
@@ -4683,75 +4718,114 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
break;
}
+ /* Set error state if no more data left in ContentInfo, meaning
+ * no content - may be detached. Will recover from error below */
+ if ((encapContentInfoLen != 0) &&
+ (encapContentInfoLen - contentTypeSz == 0)) {
+ ret = ASN_PARSE_E;
+ }
+
+ /* PKCS#7 spec:
+ * content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
+ * CMS spec:
+ * eContent [0] EXPLICIT OCTET STRING OPTIONAL
+ */
if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) != 0)
ret = ASN_PARSE_E;
if (ret == 0 && tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
ret = ASN_PARSE_E;
+ /* Get length of inner eContent payload. For CMS, spec defines
+ * OCTET_STRING will be next. If so, we use the length retrieved
+ * there. PKCS#7 spec defines ANY as eContent type. In this case
+ * we fall back and save this content length for use later */
if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length, pkiMsgSz,
- NO_USER_CHECK) <= 0)
+ NO_USER_CHECK) <= 0) {
ret = ASN_PARSE_E;
+ }
if (localIdx >= pkiMsgSz) {
ret = BUFFER_E;
}
+ /* Save idx to back up in case of PKCS#7 eContent */
+ start = localIdx;
+
/* get length of content in the case that there is multiple parts */
if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0)
ret = ASN_PARSE_E;
- if (ret == 0 && tag == (ASN_OCTET_STRING | ASN_CONSTRUCTED)) {
- multiPart = 1;
+ if (ret == 0 &&
+ (tag != (ASN_OCTET_STRING | ASN_CONSTRUCTED) &&
+ (tag != ASN_OCTET_STRING))) {
- /* Get length of all OCTET_STRINGs. */
- if (GetLength_ex(pkiMsg, &localIdx, &contentLen, pkiMsgSz,
- NO_USER_CHECK) < 0)
+ /* If reached end of ContentInfo, or we see the next element
+ * ([0] IMPLICIT CertificateSet), set error state. Either
+ * true error or detached */
+ if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
ret = ASN_PARSE_E;
-
- /* Check whether there is one OCTET_STRING inside. */
- start = localIdx;
- if (localIdx >= pkiMsgSz) {
- ret = BUFFER_E;
}
- if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz)
- != 0)
- ret = ASN_PARSE_E;
+ /* Back up before getting tag, process as PKCS#7 ANY and use
+ * this as start of content. */
+ localIdx = start;
+ pkcs7->contentIsPkcs7Type = 1;
+ }
+ else {
+ /* CMS eContent OCTET_STRING */
+ if (ret == 0 && tag == (ASN_OCTET_STRING | ASN_CONSTRUCTED)) {
+ multiPart = 1;
- if (ret == 0 && tag != ASN_OCTET_STRING)
- ret = ASN_PARSE_E;
+ /* Get length of all OCTET_STRINGs. */
+ if (GetLength_ex(pkiMsg, &localIdx, &contentLen, pkiMsgSz,
+ NO_USER_CHECK) < 0)
+ ret = ASN_PARSE_E;
- if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
- pkiMsgSz, NO_USER_CHECK) < 0)
- ret = ASN_PARSE_E;
+ /* Check whether there is one OCTET_STRING inside. */
+ start = localIdx;
+ if (localIdx >= pkiMsgSz) {
+ ret = BUFFER_E;
+ }
- if (ret == 0) {
- /* Use single OCTET_STRING directly, or reset length. */
- if (localIdx - start + length == (word32)contentLen) {
- multiPart = 0;
- } else {
- /* reset length to outer OCTET_STRING for bundle size
- * check below */
- length = contentLen;
+ if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz)
+ != 0)
+ ret = ASN_PARSE_E;
+
+ if (ret == 0 && tag != ASN_OCTET_STRING)
+ ret = ASN_PARSE_E;
+
+ if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
+ pkiMsgSz, NO_USER_CHECK) < 0)
+ ret = ASN_PARSE_E;
+
+ if (ret == 0) {
+ /* Use single OCTET_STRING directly, or reset length. */
+ if (localIdx - start + length == (word32)contentLen) {
+ multiPart = 0;
+ } else {
+ /* reset length to outer OCTET_STRING for bundle
+ * size check below */
+ length = contentLen;
+ }
+ localIdx = start;
}
- localIdx = start;
- }
- if (ret != 0) {
- /* failed ASN1 parsing during OCTET_STRING checks */
- break;
+ if (ret != 0) {
+ /* failed ASN1 parsing during OCTET_STRING checks */
+ break;
+ }
}
- }
- /* get length of content in case of single part */
- if (ret == 0 && !multiPart) {
- if (tag != ASN_OCTET_STRING)
- ret = ASN_PARSE_E;
+ /* get length of content in case of single part */
+ if (ret == 0 && !multiPart) {
+ if (tag != ASN_OCTET_STRING)
+ ret = ASN_PARSE_E;
- if (ret == 0 && GetLength_ex(pkiMsg, &localIdx,
- &length, pkiMsgSz, NO_USER_CHECK) < 0)
- ret = ASN_PARSE_E;
+ if (ret == 0 && GetLength_ex(pkiMsg, &localIdx,
+ &length, pkiMsgSz, NO_USER_CHECK) < 0)
+ ret = ASN_PARSE_E;
+ }
}
/* update idx if successful */
@@ -4839,7 +4913,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
if (multiPart) {
pkcs7->stream->expected = contentLen + ASN_TAG_SZ;
}
- pkcs7->stream->multi = multiPart;
+ pkcs7->stream->multi = (byte)multiPart;
#endif
wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE3);
@@ -5104,6 +5178,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
pkcs7->der = NULL;
#endif
version = pkcs7->version;
+ contentIsPkcs7Type = pkcs7->contentIsPkcs7Type;
if (ret == 0) {
byte isDynamic = (byte)pkcs7->isDynamic;
@@ -5139,11 +5214,14 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
contentDynamic = NULL;
}
+ /* Restore content is PKCS#7 flag */
+ pkcs7->contentIsPkcs7Type = contentIsPkcs7Type;
+
#ifndef NO_PKCS7_STREAM
pkcs7->stream = stream;
#endif
}
- pkcs7->version = version;
+ pkcs7->version = (byte)version;
#ifdef ASN_BER_TO_DER
pkcs7->der = der;
#endif
@@ -5661,6 +5739,7 @@ static WC_PKCS7_KARI* wc_PKCS7_KariNew(PKCS7* pkcs7, byte direction)
XFREE(kari, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return NULL;
}
+ XMEMSET(kari->decoded, 0, sizeof(DecodedCert));
kari->recipKey = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
@@ -5764,29 +5843,30 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
int ret;
word32 idx;
- if (kari == NULL || kari->decoded == NULL ||
- cert == NULL || certSz == 0)
+ if (kari == NULL || kari->decoded == NULL) {
return BAD_FUNC_ARG;
+ }
/* decode certificate */
- InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
- kari->decodedInit = 1;
- ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
- if (ret < 0)
- return ret;
+ if (cert != NULL) {
+ InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
+ kari->decodedInit = 1;
+ ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
+ if (ret < 0)
+ return ret;
- /* only supports ECDSA for now */
- if (kari->decoded->keyOID != ECDSAk) {
- WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
- return BAD_FUNC_ARG;
- }
+ /* only supports ECDSA for now */
+ if (kari->decoded->keyOID != ECDSAk) {
+ WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
+ return BAD_FUNC_ARG;
+ }
- /* make sure subject key id was read from cert */
- if (kari->decoded->extSubjKeyIdSet == 0) {
- WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
- return BAD_FUNC_ARG;
+ /* make sure subject key id was read from cert */
+ if (kari->decoded->extSubjKeyIdSet == 0) {
+ WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
+ return BAD_FUNC_ARG;
+ }
}
-
ret = wc_ecc_init_ex(kari->recipKey, kari->heap, kari->devId);
if (ret != 0)
return ret;
@@ -5795,6 +5875,10 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
/* get recip public key */
if (kari->direction == WC_PKCS7_ENCODE) {
+ if (cert == NULL) {
+ WOLFSSL_MSG("Error recipient cert can not be null with encode");
+ return BAD_FUNC_ARG;
+ }
idx = 0;
ret = wc_EccPublicKeyDecode(kari->decoded->publicKey, &idx,
@@ -6023,11 +6107,15 @@ static int wc_PKCS7_KariGenerateKEK(WC_PKCS7_KARI* kari, WC_RNG* rng,
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
ret = wc_ecc_set_rng(kari->senderKey, rng);
- if (ret != 0)
+ if (ret != 0) {
+ XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
return ret;
+ }
ret = wc_ecc_set_rng(kari->recipKey, rng);
- if (ret != 0)
+ if (ret != 0) {
+ XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
return ret;
+ }
#else
(void)rng;
#endif
@@ -6118,6 +6206,7 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
int ret = 0;
int keySz, direction = 0;
int blockKeySz = 0;
+ int keyIdSize;
/* ASN.1 layout */
int totalSz = 0;
@@ -6169,6 +6258,13 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
byte encryptedKey[MAX_ENCRYPTED_KEY_SZ];
#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ pkcs7->publicKeyOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
+
/* allocate and init memory for recipient */
recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
@@ -6294,12 +6390,12 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
totalSz += (encryptedKeyOctetSz + encryptedKeySz);
/* SubjectKeyIdentifier */
- subjKeyIdOctetSz = SetOctetString(KEYID_SIZE, subjKeyIdOctet);
- totalSz += (subjKeyIdOctetSz + KEYID_SIZE);
+ subjKeyIdOctetSz = SetOctetString(keyIdSize, subjKeyIdOctet);
+ totalSz += (subjKeyIdOctetSz + keyIdSize);
/* RecipientKeyIdentifier IMPLICIT [0] */
recipKeyIdSeqSz = SetImplicit(ASN_SEQUENCE, 0, subjKeyIdOctetSz +
- KEYID_SIZE, recipKeyIdSeq);
+ keyIdSize, recipKeyIdSeq);
totalSz += recipKeyIdSeqSz;
/* RecipientEncryptedKey */
@@ -6423,8 +6519,8 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
XMEMCPY(recip->recip + idx, subjKeyIdOctet, subjKeyIdOctetSz);
idx += subjKeyIdOctetSz;
/* subject key id */
- XMEMCPY(recip->recip + idx, kari->decoded->extSubjKeyId, KEYID_SIZE);
- idx += KEYID_SIZE;
+ XMEMCPY(recip->recip + idx, kari->decoded->extSubjKeyId, keyIdSize);
+ idx += keyIdSize;
XMEMCPY(recip->recip + idx, encryptedKeyOctet, encryptedKeyOctetSz);
idx += encryptedKeyOctetSz;
/* encrypted CEK */
@@ -6473,6 +6569,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
WC_RNG rng;
word32 idx = 0;
word32 encryptedKeySz = 0;
+ int keyIdSize;
int ret = 0, blockKeySz;
int verSz = 0, issuerSz = 0, snSz = 0, keyEncAlgSz = 0;
@@ -6599,6 +6696,13 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
return ret;
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ decoded->signatureOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
+
if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
/* version, must be 0 for IssuerAndSerialNumber */
@@ -6655,7 +6759,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
verSz = SetMyVersion(2, ver, 0);
recip->recipVersion = 2;
- issuerSKIDSz = SetLength(KEYID_SIZE, issuerSKID);
+ issuerSKIDSz = SetLength(keyIdSize, issuerSKID);
} else {
FreeDecodedCert(decoded);
#ifdef WOLFSSL_SMALL_STACK
@@ -6815,10 +6919,10 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
} else {
recipSeqSz = SetSequence(verSz + ASN_TAG_SZ + issuerSKIDSz +
- KEYID_SIZE + keyEncAlgSz + encKeyOctetStrSz +
+ keyIdSize + keyEncAlgSz + encKeyOctetStrSz +
encryptedKeySz, recipSeq);
- if (recipSeqSz + verSz + ASN_TAG_SZ + issuerSKIDSz + KEYID_SIZE +
+ if (recipSeqSz + verSz + ASN_TAG_SZ + issuerSKIDSz + keyIdSize +
keyEncAlgSz + encKeyOctetStrSz + encryptedKeySz > MAX_RECIP_SZ) {
WOLFSSL_MSG("RecipientInfo output buffer too small");
FreeDecodedCert(decoded);
@@ -6852,8 +6956,8 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
idx += ASN_TAG_SZ;
XMEMCPY(recip->recip + idx, issuerSKID, issuerSKIDSz);
idx += issuerSKIDSz;
- XMEMCPY(recip->recip + idx, pkcs7->issuerSubjKeyId, KEYID_SIZE);
- idx += KEYID_SIZE;
+ XMEMCPY(recip->recip + idx, pkcs7->issuerSubjKeyId, keyIdSize);
+ idx += keyIdSize;
}
XMEMCPY(recip->recip + idx, keyAlgArray, keyEncAlgSz);
idx += keyEncAlgSz;
@@ -7588,7 +7692,7 @@ static int wc_PKCS7_PwriKek_KeyWrap(PKCS7* pkcs7, const byte* kek, word32 kekSz,
if (*outSz < (word32)outLen)
return BUFFER_E;
- out[0] = cekSz;
+ out[0] = (byte)cekSz;
out[1] = ~cek[0];
out[2] = ~cek[1];
out[3] = ~cek[2];
@@ -8567,6 +8671,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
{
int length, encryptedKeySz = 0, ret = 0;
int keySz, version, sidType = 0;
+ int keyIdSize;
word32 encOID = 0;
word32 keyIdx;
byte issuerHash[KEYID_SIZE];
@@ -8592,6 +8697,14 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
mp_int serialNum[1];
RsaKey privKey[1];
#endif
+ XMEMSET(issuerHash, 0, sizeof(issuerHash));
+
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ pkcs7->publicKeyOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
switch (pkcs7->state) {
case WC_PKCS7_DECRYPT_KTRI:
@@ -8680,11 +8793,12 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
- if (GetNameHash(pkiMsg, idx, issuerHash, pkiMsgSz) < 0)
+ if (GetNameHash_ex(pkiMsg, idx, issuerHash, pkiMsgSz,
+ pkcs7->publicKeyOID) < 0)
return ASN_PARSE_E;
/* if we found correct recipient, issuer hashes will match */
- if (XMEMCMP(issuerHash, pkcs7->issuerHash, KEYID_SIZE) == 0) {
+ if (XMEMCMP(issuerHash, pkcs7->issuerHash, keyIdSize) == 0) {
*recipFound = 1;
}
@@ -8732,15 +8846,15 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
- if (KEYID_SIZE > pkiMsgSz - (*idx))
+ if ((word32)keyIdSize > pkiMsgSz - (*idx))
return BUFFER_E;
/* if we found correct recipient, SKID will match */
if (XMEMCMP(pkiMsg + (*idx), pkcs7->issuerSubjKeyId,
- KEYID_SIZE) == 0) {
+ keyIdSize) == 0) {
*recipFound = 1;
}
- (*idx) += KEYID_SIZE;
+ (*idx) += keyIdSize;
}
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
@@ -9149,11 +9263,19 @@ static int wc_PKCS7_KariGetSubjectKeyIdentifier(WC_PKCS7_KARI* kari,
{
int length;
byte tag;
+ int keyIdSize;
if (kari == NULL || pkiMsg == NULL || idx == NULL || recipFound == NULL ||
rid == NULL)
return BAD_FUNC_ARG;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ kari->decoded->signatureOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
+
/* remove RecipientKeyIdentifier IMPLICIT [0] */
if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
return ASN_PARSE_E;
@@ -9178,14 +9300,14 @@ static int wc_PKCS7_KariGetSubjectKeyIdentifier(WC_PKCS7_KARI* kari,
if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
- if (length != KEYID_SIZE)
+ if (length != keyIdSize)
return ASN_PARSE_E;
- XMEMCPY(rid, pkiMsg + (*idx), KEYID_SIZE);
+ XMEMCPY(rid, pkiMsg + (*idx), keyIdSize);
(*idx) += length;
/* subject key id should match if recipient found */
- if (XMEMCMP(rid, kari->decoded->extSubjKeyId, KEYID_SIZE) == 0) {
+ if (XMEMCMP(rid, kari->decoded->extSubjKeyId, keyIdSize) == 0) {
*recipFound = 1;
}
@@ -9200,6 +9322,7 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
int* recipFound, byte* rid)
{
int length, ret;
+ int keyIdSize;
#ifdef WOLFSSL_SMALL_STACK
mp_int* serial;
mp_int* recipSerial;
@@ -9212,15 +9335,31 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
return BAD_FUNC_ARG;
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ kari->decoded->signatureOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
+
/* remove IssuerAndSerialNumber */
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
- if (GetNameHash(pkiMsg, idx, rid, pkiMsgSz) < 0)
+ if (GetNameHash_ex(pkiMsg, idx, rid, pkiMsgSz,
+ kari->decoded->signatureOID) < 0) {
return ASN_PARSE_E;
+ }
/* if we found correct recipient, issuer hashes will match */
- if (XMEMCMP(rid, kari->decoded->issuerHash, KEYID_SIZE) == 0) {
+ if (kari->decodedInit == 1) {
+ if (XMEMCMP(rid, kari->decoded->issuerHash, keyIdSize) == 0) {
+ *recipFound = 1;
+ }
+ }
+ else {
+ /* can not confirm recipient serial number with no cert provided */
+ WOLFSSL_MSG("No recipient cert loaded to match with CMS serial number");
*recipFound = 1;
}
@@ -9246,7 +9385,9 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
return ASN_PARSE_E;
}
- ret = mp_read_unsigned_bin(recipSerial, kari->decoded->serial,
+ ret = mp_init(recipSerial);
+ if (ret == MP_OKAY)
+ ret = mp_read_unsigned_bin(recipSerial, kari->decoded->serial,
kari->decoded->serialSz);
if (ret != MP_OKAY) {
mp_clear(serial);
@@ -9258,7 +9399,8 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
return ret;
}
- if (mp_cmp(recipSerial, serial) != MP_EQ) {
+ if (kari->decodedInit == 1 &&
+ mp_cmp(recipSerial, serial) != MP_EQ) {
mp_clear(serial);
mp_clear(recipSerial);
WOLFSSL_MSG("CMS serial number does not match recipient");
@@ -9876,6 +10018,7 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
int ret, keySz;
int encryptedKeySz;
int direction = 0;
+ int keyIdSize;
word32 keyAgreeOID, keyWrapOID;
byte rid[KEYID_SIZE];
@@ -9893,12 +10036,17 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
WOLFSSL_ENTER("wc_PKCS7_DecryptKari");
if (pkcs7 == NULL || pkiMsg == NULL ||
- ((pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0) &&
- pkcs7->wrapCEKCb == NULL) ||
idx == NULL || decryptedKey == NULL || decryptedKeySz == NULL) {
return BAD_FUNC_ARG;
}
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+ pkcs7->publicKeyOID)));
+#else
+ keyIdSize = KEYID_SIZE;
+#endif
+
switch (pkcs7->state) {
case WC_PKCS7_DECRYPT_KARI: {
WC_PKCS7_KARI* kari;
@@ -9928,17 +10076,15 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
/* parse cert and key */
- if (pkcs7->singleCert != NULL) {
- ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
- pkcs7->singleCertSz, pkcs7->privateKey,
- pkcs7->privateKeySz);
- if (ret != 0) {
- wc_PKCS7_KariFree(kari);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
- #endif
- return ret;
- }
+ ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
+ pkcs7->singleCertSz, pkcs7->privateKey,
+ pkcs7->privateKeySz);
+ if (ret != 0) {
+ wc_PKCS7_KariFree(kari);
+ #ifdef WOLFSSL_SMALL_STACK
+ XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+ #endif
+ return ret;
}
/* remove OriginatorIdentifierOrKey */
@@ -10054,7 +10200,7 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
tmpKeySz = (word32)ret;
keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey, encryptedKeySz,
- rid, KEYID_SIZE, tmpKeyDer, tmpKeySz,
+ rid, keyIdSize, tmpKeyDer, tmpKeySz,
decryptedKey, *decryptedKeySz,
keyWrapOID, (int)PKCS7_KARI, direction);
XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -10699,7 +10845,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in,
byte* encryptedContent = NULL;
int explicitOctet = 0;
word32 localIdx;
- byte tag;
+ byte tag = 0;
if (pkcs7 == NULL)
return BAD_FUNC_ARG;
@@ -11679,6 +11825,10 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
}
#endif
+#ifndef WOLFSSL_SMALL_STACK
+ XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ);
+#endif
+
switch (pkcs7->state) {
case WC_PKCS7_START:
case WC_PKCS7_INFOSET_START:
@@ -11710,6 +11860,9 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
ret = MEMORY_E;
break;
}
+ else {
+ XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ);
+ }
#ifndef NO_PKCS7_STREAM
pkcs7->stream->key = decryptedKey;
#endif
@@ -11982,7 +12135,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
encodedAttribs = pkiMsg + idx;
idx++;
- if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+ if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) <= 0)
ret = ASN_PARSE_E;
#ifndef NO_PKCS7_STREAM
pkcs7->stream->expected = length;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S
index efe7be5f..ba1d2944 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S
@@ -1,5 +1,5 @@
-/* poly1305_asm
- *
+/* poly1305_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
@@ -324,7 +324,7 @@ L_poly1305_avx_final_no_more:
movq %rcx, %r8
andq $3, %rcx
shrq $2, %r8
- # Multily by 5
+ # Multiply by 5
leaq 0(%r8,%r8,4), %r8
addq %r8, %rax
adcq $0x00, %rdx
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md
index fe98e3be..5d2fa27e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md
@@ -1,35 +1,74 @@
# ESP32 Port
-Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
+Support for the ESP32 on-board cryptographic hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
+
+* ESP32 - Supported
+* ESP32S2 - Supported
+* ESP32S3 - Supported
+* ESP32C2 - Software only (contact support to request hardware acceleration)
+* ESP32C3 - Supported
+* ESP32C6 - Supported
+* ESP32H2 - Software only (contact support to request hardware acceleration)
## ESP32 Acceleration
-For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
+More details about ESP32 HW Accelerationcan be found in:
+
+* [ESP32 Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
+* [ESP32-S2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s2_technical_reference_manual_en.pdf)
+* [ESP32-S3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf)
+* [ESP32-C2 (aka ESP8684 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp8684_technical_reference_manual_en.pdf)
+* [ESP32-C3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf)
+* [ESP32-C6 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c6_technical_reference_manual_en.pdf)
+* [ESP32-H2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-h2_technical_reference_manual_en.pdf)
### Building
-To enable hw acceleration :
+Simply run `ESP-IDF.py` in any of the [Espressif/ESP-IDF/Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples).
+See the respective project README files. Examples are also available using wolfssl as a [Managed Component](https://components.espressif.com/components/wolfssl/wolfssl).
+
+Hardware acceleration is enabled by default. All settings should be adjusted in the respective project component
+`user_settings.h` file. See the example in [template example](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h).
+In particular, comment out the `NO_[feature_name]` macros to enable hardware encryption:
-* Uncomment out `#define WOLFSSL_ESPIDF` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
-* Uncomment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_AES */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
-To disable portions of the hardware acceleration you can optionally define:
+To disable specific portions of the hardware acceleration you can optionally define:
```c
-/* Disabled SHA, AES and RSA acceleration */
-#define NO_ESP32WROOM32_CRYPT
-/* Disabled AES acceleration */
-#define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
-/* Disabled SHA acceleration */
-#define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
-/* Disabled RSA Primitive acceleration */
-#define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+/* Disable all SHA, AES and RSA acceleration */
+#define NO_ESP32_CRYPT
+
+/* Disable only AES acceleration */
+#define NO_WOLFSSL_ESP32_CRYPT_AES
+
+/* Disabled only SHA acceleration */
+#define NO_WOLFSSL_ESP32_CRYPT_HASH
+
+/* Disabled only RSA Primitive acceleration */
+#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
```
+See the [wolfcrypt/port/Espressif/esp32-crypt.h](https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h)
+for more details on fine tuning and debugging options.
+
### Coding
-In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`.
+In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers.
+If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` (typically defined in the `CMakeLists.txt`)
+and adding your own `user_settings.h` file. You can find a good reference in the [Espressif examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
+as well as other examples such as [IDE/GCC-ARM/Header/user_settings.h](https://github.com/wolfSSL/wolfssl/blob/master/IDE/GCC-ARM/Header/user_settings.h).
+
+To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:
+
+To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:
+```
+static int __attribute__((section(".iram1"))) memblock_peek(volatile u_int32_t mem_address)
+```
### Benchmarks
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c
index 09105a51..84211ee2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c
@@ -23,21 +23,23 @@
* WOLFSSL_SUCCESS and WOLFSSL_FAILURE values should only
* be used in the ssl layer, not in wolfCrypt
**/
-#include <string.h>
-#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+
#ifndef NO_AES
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
-#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
#include <wolfssl/wolfcrypt/aes.h>
-#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#include <wolfssl/wolfcrypt/error-crypt.h>
/* breadcrumb tag text for ESP_LOG() */
@@ -49,21 +51,25 @@ static wolfSSL_Mutex aes_mutex;
/* keep track as to whether esp aes is initialized */
static int espaes_CryptHwMutexInit = 0;
+#if defined(WOLFSSL_HW_METRICS)
+ static unsigned long esp_aes_unsupported_length_usage_ct = 0;
+#endif
+
/*
* lock hw engine.
* this should be called before using engine.
*
* returns 0 if the hw lock was initialized and mutex lock
*/
-static int esp_aes_hw_InUse()
+static int esp_aes_hw_InUse(void)
{
- int ret = 0;
+ int ret = ESP_OK;
ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
if (espaes_CryptHwMutexInit == 0) {
ret = esp_CryptHwMutexInit(&aes_mutex);
- if (ret == 0) {
+ if (ret == ESP_OK) {
/* flag esp aes as initialized */
espaes_CryptHwMutexInit = 1;
}
@@ -75,8 +81,11 @@ static int esp_aes_hw_InUse()
/* esp aes has already been initialized */
}
- if (ret == 0) {
- /* lock hardware */
+ if (ret == ESP_OK) {
+ /* lock hardware; there should be exactly one instance
+ * of esp_CryptHwMutexLock(&aes_mutex ...) in code */
+ /* TODO - do we really want to wait?
+ * probably not */
ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY);
}
else {
@@ -84,15 +93,26 @@ static int esp_aes_hw_InUse()
}
- if (ret == 0) {
+ if (ret == ESP_OK) {
/* Enable AES hardware */
periph_module_enable(PERIPH_AES_MODULE);
- #if CONFIG_IDF_TARGET_ESP32S3
- /* Select working mode. Can be typical or DMA.
- * 0 => typical
- * 1 => DMA */
- DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
+ #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
+ {
+ /* Select working mode. Can be typical or DMA.
+ * 0 => typical
+ * 1 => DMA */
+ DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
+ }
+ #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ /* Select working mode. Can be typical or DMA.
+ * 0 => typical
+ * 1 => DMA */
+ DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
+ }
#endif
}
@@ -117,15 +137,15 @@ static void esp_aes_hw_Leave( void )
/*
* set key to hardware key registers.
- * return 0 on success; -1 if mode isn't supported.
+ * return ESP_OK = 0 on success; BAD_FUNC_ARG if mode isn't supported.
*/
static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
{
- int ret = 0;
+ int ret = ESP_OK;
word32 i;
word32 mode_ = 0;
- ESP_LOGV(TAG, " enter esp_aes_hw_Set_KeyMode");
+ ESP_LOGV(TAG, " enter esp_aes_hw_Set_KeyMode %d", mode);
/* check mode */
if (mode == ESP32_AES_UPDATEKEY_ENCRYPT) {
@@ -141,38 +161,74 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
}
} /* if mode */
- if (ret == 0) {
+ /*
+ ** ESP32: see table 22-1 in ESP32 Technical Reference
+ ** ESP32-S3: see table 19-2 in ESP32-S3 Technical Reference
+ ** ESP32-C3:
+ ** ESP32-C6: see table 18-2 in ESP32-C6 Technical Reference
+ **
+ ** Mode Algorithm ESP32 ESP32S3 ESP32C3 ESP32C6
+ ** 0 AES-128 Encryption y y y y
+ ** 1 AES-192 Encryption y n n n
+ ** 2 AES-256 Encryption y y y y
+ ** 3 reserved n n n n
+ ** 4 AES-128 Decryption y y y y
+ ** 5 AES-192 Decryption y n n n
+ ** 6 AES-256 Decryption y y y y
+ ** 7 reserved n n n n
+ */
+ switch(ctx->keylen){
+ case 24: mode_ += 1; break;
+ case 32: mode_ += 2; break;
+ default: break;
+ }
- /* update key */
- for (i = 0; i < (ctx->keylen) / sizeof(word32); i++) {
- DPORT_REG_WRITE(AES_KEY_BASE + (i * 4), *(((word32*)ctx->key) + i));
- }
+ /* Some specific modes are not supported on some targets. */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ #define TARGET_AES_KEY_BASE AES_KEY_BASE
+ if (mode_ == 3 || mode_ > 6) {
+ /* this should have been detected in aes.c and fall back to SW */
+ ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+ ret = BAD_FUNC_ARG;
+ }
- /*
- ** ESP32: see table 22-1 in ESP32 Technical Reference
- ** ESP32S3: see table 19-2 in ESP32S3 Technical Reference
- ** mode Algorithm ESP32 ESP32S3
- ** 0 AES-128 Encryption y y
- ** 1 AES-192 Encryption y n
- ** 2 AES-256 Encryption y y
- ** 4 AES-128 Decryption y y
- ** 5 AES-192 Decryption y n
- ** 6 AES-256 Decryption y y
- */
- switch(ctx->keylen){
- case 24: mode_ += 1; break;
- case 32: mode_ += 2; break;
- default: break;
- }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ #define TARGET_AES_KEY_BASE AES_KEY_BASE
+ if (mode_ == 1 || mode_ == 3 || mode_ == 5 || mode_ > 6) {
+ /* this should have been detected in aes.c and fall back to SW */
+ ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+ ret = BAD_FUNC_ARG;
+ }
- #if CONFIG_IDF_TARGET_ESP32S3
- if (mode_ == 1 || mode_ == 5 || mode_ == 7) {
- ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
- ret = BAD_FUNC_ARG;
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ #define TARGET_AES_KEY_BASE AES_KEY_BASE
+ if (mode_ == 1 || mode_ == 3|| mode_ == 5 || mode_ > 6) {
+ /* this should have been detected in aes.c and fall back to SW */
+ ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+ ret = BAD_FUNC_ARG;
+ }
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ #define TARGET_AES_KEY_BASE AES_KEY_0_REG
+ if (mode_ == 1 || mode_ == 3 || mode_ == 5 || mode_ > 6) {
+ /* this should have been detected in aes.c and fall back to SW */
+ ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+ ret = BAD_FUNC_ARG;
+ }
+#else
+ /* assume all modes supported, use AES_KEY_BASE */
+ #define TARGET_AES_KEY_BASE AES_KEY_BASE
+#endif
+
+ /* */
+ if (ret == ESP_OK) {
+ /* update key */
+ for (i = 0; i < (ctx->keylen) / sizeof(word32); i++) {
+ DPORT_REG_WRITE((volatile word32*)(TARGET_AES_KEY_BASE + (i * 4)),
+ *(((word32*)ctx->key) + i)
+ );
}
- #endif
- if (ret == 0) {
+ if (ret == ESP_OK) {
DPORT_REG_WRITE(AES_MODE_REG, mode_);
}
ESP_LOGV(TAG, " leave esp_aes_hw_Setkey");
@@ -189,19 +245,38 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
*/
static void esp_aes_bk(const byte* in, byte* out)
{
- const word32 *inwords = (const word32 *)in;
+ const word32* inwords;
+ uint32_t* outwords;
-#if ESP_IDF_VERSION_MAJOR >= 4
- uint32_t *outwords = (uint32_t *)out;
-#else
- word32 *outwords = (word32 *)out;
-#endif
+ inwords = (const word32*)in;
+ outwords = (uint32_t*)out;
ESP_LOGV(TAG, "enter esp_aes_bk");
-#if CONFIG_IDF_TARGET_ESP32S3
- /* See esp32 - s3 technical reference manual:
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* copy text for encrypting/decrypting blocks */
+ DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
+ DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
+ DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
+ DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
+
+ /* start engine */
+ DPORT_REG_WRITE(AES_START_REG, 1);
+
+ /* wait until finishing the process */
+ while (1) {
+ if (DPORT_REG_READ(AES_IDLE_REG) == 1) {
+ break;
+ }
+ }
+
+ /* read-out blocks */
+ esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* See ESP32-C3 technical reference manual:
** 19.4.3 Operation process using CPU working mode.
- ** The ESP32-S3 also supports a DMA mode.
+ ** The ESP32-C3 also supports a DMA mode. (not ywt implemented)
**
** Copy text for encrypting/decrypting blocks: */
DPORT_REG_WRITE(AES_TEXT_IN_BASE, inwords[0]);
@@ -214,61 +289,158 @@ static void esp_aes_bk(const byte* in, byte* out)
/* wait until finishing the process */
while (DPORT_REG_READ(AES_STATE_REG) != 0) {
- /* wating for the hardware accelerator to complete operation. */
+ /* waiting for the hardware accelerator to complete operation. */
}
/* read-out blocks */
- esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_BASE, 4);
-#else
- /* copy text for encrypting/decrypting blocks */
- DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
- DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
- DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
- DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
+ esp_dport_access_read_buffer((uint32_t*)outwords, AES_TEXT_OUT_BASE, 4);
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* See ESP32-C6 technical reference manual:
+ ** 18.4.3 Operation process using CPU working mode.
+ ** The ESP32-C6 also supports a DMA mode. (not ywt implemented)
+ **
+ ** Copy text for encrypting/decrypting blocks: */
+ DPORT_REG_WRITE(AES_TEXT_IN_0_REG, inwords[0]);
+ DPORT_REG_WRITE(AES_TEXT_IN_1_REG, inwords[1]);
+ DPORT_REG_WRITE(AES_TEXT_IN_2_REG, inwords[2]);
+ DPORT_REG_WRITE(AES_TEXT_IN_3_REG, inwords[3]);
/* start engine */
- DPORT_REG_WRITE(AES_START_REG, 1);
+ DPORT_REG_WRITE(AES_TRIGGER_REG, 1);
/* wait until finishing the process */
- while (1) {
- if (DPORT_REG_READ(AES_IDLE_REG) == 1) {
- break;
- }
+ while (DPORT_REG_READ(AES_STATE_REG) != 0) {
+ /* waiting for the hardware accelerator to complete operation. */
}
/* read-out blocks */
- esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
+ esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_0_REG, 4);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* See esp32 - s3 technical reference manual:
+ ** 19.4.3 Operation process using CPU working mode.
+ ** The ESP32-S3 also supports a DMA mode.
+ **
+ ** Copy text for encrypting/decrypting blocks: */
+ DPORT_REG_WRITE(AES_TEXT_IN_BASE, inwords[0]);
+ DPORT_REG_WRITE(AES_TEXT_IN_BASE + 4, inwords[1]);
+ DPORT_REG_WRITE(AES_TEXT_IN_BASE + 8, inwords[2]);
+ DPORT_REG_WRITE(AES_TEXT_IN_BASE + 12, inwords[3]);
+
+ /* start engine */
+ DPORT_REG_WRITE(AES_TRIGGER_REG, 1);
+
+ /* wait until finishing the process */
+ while (DPORT_REG_READ(AES_STATE_REG) != 0) {
+ /* waiting for the hardware accelerator to complete operation. */
+ }
+
+ /* read-out blocks */
+ esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_BASE, 4);
+
+#else
+ ESP_LOGW(TAG, "Warning: esp_aes_bk called for unsupported target: %s",
+ CONFIG_IDF_TARGET)
+
#endif
ESP_LOGV(TAG, "leave esp_aes_bk");
} /* esp_aes_bk */
/*
+* wc_esp32AesSupportedKeyLen
+* @brief: returns 1 if AES key length supported in HW, 0 if not
+* @param aes:a value of a ley length */
+int wc_esp32AesSupportedKeyLenValue(int keylen)
+{
+ int ret = ESP_OK;
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ if (keylen == 16 || keylen == 24 || keylen == 32) {
+ ret = 1;
+ }
+ else {
+ ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+ }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ if (keylen == 16 || keylen == 32) {
+ ret = 1;
+ }
+ else {
+ ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+ }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ if (keylen == 16 || keylen == 32) {
+ ret = 1;
+ }
+ else {
+ ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+ }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ ret = ESP_OK; /* not yet implemented */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ if (keylen == 16 || keylen == 32) {
+ ret = 1;
+ }
+ else {
+ ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+ }
+
+#else
+ ret = ESP_OK; /* if we don't know, then it is not supported */
+
+#endif
+ return ret;
+}
+
+/*
+* wc_esp32AesSupportedKeyLen
+* @brief: returns 1 if AES key length supported in HW, 0 if not
+* @param aes: a pointer of the AES object used to encrypt data */
+int wc_esp32AesSupportedKeyLen(struct Aes* aes)
+{
+ int ret;
+ if (aes == NULL) {
+ ret = ESP_OK; /* we need a valid aes object to get its keylength */
+ }
+ else {
+ ret = wc_esp32AesSupportedKeyLenValue(aes->keylen);
+ }
+ return ret;
+}
+
+/*
* wc_esp32AesEncrypt
* @brief: a one block encrypt of the input block, into the output block
* @param aes: a pointer of the AES object used to encrypt data
-* @param in : a pointer of the input buffer containing plain text to be encrypted
-* @param out: a pointer of the output buffer in which to store the cipher text of
-* the encrypted message
+* @param in : a pointer of the input buffer containing
+* plain text to be encrypted
+* @param out: a pointer of the output buffer in which to store the
+* cipher text of the encrypted message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
{
- int ret = 0;
+ int ret = ESP_OK;
ESP_LOGV(TAG, "enter wc_esp32AesEncrypt");
/* lock the hw engine */
ret = esp_aes_hw_InUse();
- if (ret == 0) {
+ if (ret == ESP_OK) {
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
- if (ret != 0) {
- ESP_LOGE(TAG, "wc_esp32AesEncrypt failed during esp_aes_hw_Set_KeyMode");
+ if (ret != ESP_OK) {
+ ESP_LOGE(TAG, "wc_esp32AesEncrypt failed "
+ "during esp_aes_hw_Set_KeyMode");
}
}
/* load the key into the register */
- if (ret == 0) {
+ if (ret == ESP_OK) {
/* process a one block of AES */
esp_aes_bk(in, out);
}
@@ -282,9 +454,10 @@ int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
* wc_esp32AesDecrypt
* @brief: a one block decrypt of the input block, into the output block
* @param aes: a pointer of the AES object used to decrypt data
-* @param in : a pointer of the input buffer containing plain text to be decrypted
-* @param out: a pointer of the output buffer in which to store the cipher text of
-* the decrypted message
+* @param in : a pointer of the input buffer containing
+* plain text to be decrypted
+* @param out: a pointer of the output buffer in which to store the
+* cipher text of the decrypted message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
@@ -296,14 +469,15 @@ int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
esp_aes_hw_InUse();
/* load the key into the register */
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
- if (ret != 0) {
- ESP_LOGE(TAG, "wc_esp32AesDecrypt failed during esp_aes_hw_Set_KeyMode");
+ if (ret != ESP_OK) {
+ ESP_LOGE(TAG, "wc_esp32AesDecrypt failed "
+ "during esp_aes_hw_Set_KeyMode");
/* release hw */
esp_aes_hw_Leave();
ret = BAD_FUNC_ARG;
}
- if (ret == 0) {
+ if (ret == ESP_OK) {
/* process a one block of AES */
esp_aes_bk(in, out);
/* release hw engine */
@@ -316,12 +490,13 @@ int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
/*
* wc_esp32AesCbcEncrypt
* @brief: Encrypts a plain text message from the input buffer, and places the
-* resulting cipher text into the output buffer using cipher block chaining
-* with AES.
+* resulting cipher text into the output buffer using cipher block
+* chaining with AES.
* @param aes: a pointer of the AES object used to encrypt data
-* @param out: a pointer of the output buffer in which to store the cipher text of
-* the encrypted message
-* @param in : a pointer of the input buffer containing plain text to be encrypted
+* @param out: a pointer of the output buffer in which to store the
+ cipher text of the encrypted message
+* @param in : a pointer of the input buffer containing
+* plain text to be encrypted
* @param sz : size of input message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
@@ -340,14 +515,14 @@ int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
ret = esp_aes_hw_InUse();
- if (ret == 0) {
+ if (ret == ESP_OK) {
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
- if (ret != 0) {
- ESP_LOGE(TAG, "wc_esp32AesCbcEncrypt failed HW Set KeyMode");
+ if (ret != ESP_OK) {
+ ESP_LOGW(TAG, "wc_esp32AesCbcEncrypt failed HW Set KeyMode");
}
} /* if set esp_aes_hw_InUse successful */
- if (ret == 0) {
+ if (ret == ESP_OK) {
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@@ -363,22 +538,23 @@ int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
/* store IV for next block */
XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
} /* while (blocks--) */
- } /* if Set Mode successful (ret == 0) */
+ } /* if Set Mode successful (ret == ESP_OK) */
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcEncrypt");
- return 0;
+ return ret;
} /* wc_esp32AesCbcEncrypt */
/*
* wc_esp32AesCbcDecrypt
* @brief: Encrypts a plain text message from the input buffer, and places the
-* resulting cipher text into the output buffer using cipher block chaining
-* with AES.
+* resulting cipher text into the output buffer using cipher block
+* chaining with AES.
* @param aes: a pointer of the AES object used to decrypt data
-* @param out: a pointer of the output buffer in which to store the cipher text of
-* the decrypted message
-* @param in : a pointer of the input buffer containing plain text to be decrypted
+* @param out: a pointer of the output buffer in which to store the
+* cipher text of the decrypted message
+* @param in : a pointer of the input buffer containing
+* plain text to be decrypted
* @param sz : size of input message
* @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
*/
@@ -398,14 +574,14 @@ int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
ret = esp_aes_hw_InUse();
- if (ret == 0) {
+ if (ret == ESP_OK) {
ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
- if (ret != 0) {
- ESP_LOGE(TAG, "wc_esp32AesCbcDecrypt failed HW Set KeyMode");
+ if (ret != ESP_OK) {
+ ESP_LOGW(TAG, "wc_esp32AesCbcDecrypt failed HW Set KeyMode");
}
}
- if (ret == 0) {
+ if (ret == ESP_OK) {
while (blocks--) {
XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
@@ -421,12 +597,49 @@ int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
offset += AES_BLOCK_SIZE;
} /* while (blocks--) */
- } /* if Set Mode was successful (ret == 0) */
+ } /* if Set Mode was successful (ret == ESP_OK) */
esp_aes_hw_Leave();
ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt");
- return 0;
+ return ret;
} /* wc_esp32AesCbcDecrypt */
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT */
+#endif /* WOLFSSL_ESP32_CRYPT */
#endif /* NO_AES */
+
+/* Metrics */
+#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+
+#if defined(WOLFSSL_HW_METRICS)
+
+/* increment esp_aes_unsupported_length_usage_ct and return current value */
+int wc_esp32AesUnupportedLengthCountAdd(void) {
+ esp_aes_unsupported_length_usage_ct++;
+ return esp_aes_unsupported_length_usage_ct;
+}
+
+#endif /* WOLFSSL_HW_METRICS */
+
+/* Show AES Metrics when enabled, otherwise callable but no action. */
+int esp_hw_show_aes_metrics(void)
+{
+ int ret = ESP_OK;
+
+#if defined(WOLFSSL_HW_METRICS)
+
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "------------- wolfSSL ESP HW AES Metrics----------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+
+ ESP_LOGI(TAG, "esp_aes_unsupported_length_usage_ct = %lu",
+ esp_aes_unsupported_length_usage_ct);
+#else
+ /* no HW math, no HW math metrics */
+
+#endif /* WOLFSSL_HW_METRICS */
+
+ return ret;
+}
+#endif /* WOLFSSL_ESP32_CRYPT && !NO_WOLFSSL_ESP32_CRYPT_AES */
+
+#endif /* WOLFSSL_ESPIDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c
index 982991ac..20fb4ee9 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c
@@ -18,20 +18,43 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-#include <string.h>
-#include <stdio.h>
+
+/*
+ * See ESP32 Technical Reference Manual - RSA Accelerator Chapter
+ *
+ * esp_mp_exptmod() Large Number Modular Exponentiation Z = X^Y mod M
+ * esp_mp_mulmod() Large Number Modular Multiplication Z = X × Y mod M
+ * esp_mp_mul() Large Number Multiplication Z = X × Y
+ *
+ * The ESP32 RSA Accelerator supports operand lengths of:
+ * N ∈ {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096} bits. The bit length
+ * of arguments Z, X, Y , M, and r can be any one from the N set, but all
+ * numbers in a calculation must be of the same length.
+ *
+ * The bit length of M′ is always 32.
+ *
+ * Also, beware: "we have uint32_t == unsigned long for both Xtensa and RISC-V"
+ * see https://github.com/espressif/esp-idf/issues/9511#issuecomment-1207342464
+ * https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/release-5.x/5.0/gcc.html
+ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
-#include "wolfssl/wolfcrypt/logging.h"
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#include <wolfssl/wolfcrypt/logging.h>
#if !defined(NO_RSA) || defined(HAVE_ECC)
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
@@ -41,25 +64,138 @@
#endif
#include <wolfssl/wolfcrypt/wolfmath.h>
-static const char* const TAG = "wolfssl_mp";
+#ifndef SINGLE_THREADED
+ /* Espressif freeRTOS */
+ #include <freertos/semphr.h>
+#endif
#define ESP_HW_RSAMAX_BIT 4096
#define ESP_HW_MULTI_RSAMAX_BITS 2048
#define ESP_HW_RSAMIN_BIT 512
-#define BYTE_TO_WORDS(s) (((s+3)>>2)) /* (s+(4-1))/ 4 */
-#define BITS_TO_WORDS(s) (((s+31)>>3)>>2) /* (s+(32-1))/ 8/ 4*/
+
+/* (s+(4-1))/ 4 */
+#define BYTE_TO_WORDS(s) (((s+3)>>2))
+
+/* (s+(32-1))/ 8/ 4*/
+#define BITS_TO_WORDS(s) (((s+31)>>3)>>2)
+
#define BITS_IN_ONE_WORD 32
-#define MP_NG -1
+#ifndef ESP_RSA_MULM_BITS
+ #define ESP_RSA_MULM_BITS 16
+#endif
+
+#ifndef ESP_RSA_EXPT_XBITS
+ #define ESP_RSA_EXPT_XBITS 8
+#endif
+
+#ifndef ESP_RSA_EXPT_YBITS
+ #define ESP_RSA_EXPT_YBITS 8
+#endif
#define ESP_TIMEOUT(cnt) (cnt >= ESP_RSA_TIMEOUT_CNT)
+#if defined(CONFIG_IDF_TARGET_ESP32C3)
+ #include <soc/system_reg.h>
+ #include <soc/hwcrypto_reg.h>
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ #include <soc/pcr_reg.h>
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ #include <soc/system_reg.h>
+ #include <soc/hwcrypto_reg.h>
+#endif
+
+static const char* const TAG = "wolfssl_esp32_mp";
+
+#ifdef DEBUG_WOLFSSL
+ static int hw_validation = 0; /* validating HW and SW? (prevent HW call) */
+ #define SET_HW_VALIDATION {hw_validation = 1;}
+ #define CLR_HW_VALIDATION {hw_validation = 0;}
+ #define IS_HW_VALIDATION (hw_validation == 1)
+ #undef WOLFSSL_HW_METRICS
+
+ /* usage metrics always on during debug */
+ #define WOLFSSL_HW_METRICS
+#endif
+
+/* For esp_mp_exptmod and esp_mp_mulmod we need a variety of calculated helper
+** values to properly setup the hardware. See esp_mp_montgomery_init() */
+struct esp_mp_helper
+{
+ MATH_INT_T r_inv; /* result of calculated Montgomery helper */
+ word32 exp;
+ word32 Xs; /* how many bits in X operand */
+ word32 Ys; /* how many bits in Y operand */
+ word32 Ms; /* how many bits in M operand */
+ word32 Rs; /* how many bits in R_inv calc */
+ word32 maxWords_sz; /* maximum words expected */
+ word32 hwWords_sz;
+ mp_digit mp; /* result of calculated Montgomery M' helper */
+#ifdef DEBUG_WOLFSSL
+ mp_digit mp2; /* optional compare to alternate Montgomery calc */
+#endif
+};
+
+static portMUX_TYPE wc_rsa_reg_lock = portMUX_INITIALIZER_UNLOCKED;
+
+/* usage metrics can be turned on independently of debugging */
+#ifdef WOLFSSL_HW_METRICS
+ static unsigned long esp_mp_max_used = 0;
+
+ static unsigned long esp_mp_mulmod_small_x_ct = 0;
+ static unsigned long esp_mp_mulmod_small_y_ct = 0;
+
+ static unsigned long esp_mp_max_timeout = 0;
+
+ #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ static unsigned long esp_mp_mul_usage_ct = 0;
+ static unsigned long esp_mp_mul_error_ct = 0;
+ #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+ #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ static unsigned long esp_mp_mulmod_usage_ct = 0;
+ static unsigned long esp_mp_mulmod_fallback_ct = 0;
+ static unsigned long esp_mp_mulmod_even_mod_ct = 0;
+ static unsigned long esp_mp_mulmod_error_ct = 0;
+ #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+ #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ static unsigned long esp_mp_exptmod_usage_ct = 0;
+ static unsigned long esp_mp_exptmod_error_ct = 0;
+ static unsigned long esp_mp_exptmod_fallback_ct = 0;
+ #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+#endif
+
/* mutex */
-static wolfSSL_Mutex mp_mutex;
-static int espmp_CryptHwMutexInit = 0;
+#ifdef SINGLE_THREADED
+ int single_thread_locked = 0;
+#else
+ static wolfSSL_Mutex mp_mutex;
+ static int espmp_CryptHwMutexInit = 0;
+#endif
+
+#ifdef DEBUG_WOLFSSL
+ /* when debugging, we'll double-check the mutex with call depth */
+ #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ static int esp_mp_exptmod_depth_counter = 0;
+ #endif /* NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+#endif /* DEBUG_WOLFSSL */
+
/*
* check if the HW is ready before accessing it
*
+* See 24.3.1 Initialization of ESP32 Technical Reference Manual
+* https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
+*
+* The RSA Accelerator is activated by enabling the corresponding peripheral
+* clock, and by clearing the DPORT_RSA_PD bit in the DPORT_RSA_PD_CTRL_REG
+* register. This releases the RSA Accelerator from reset.
+*
+* See esp_mp_hw_lock().
+*
+* Note we'll also keep track locally if the lock was called at all.
+* For instance, fallback to SW for very small operand and we won't lock HW.
+*
* When the RSA Accelerator is released from reset, the register RSA_CLEAN_REG
* reads 0 and an initialization process begins. Hardware initializes the four
* memory blocks by setting them to 0. After initialization is complete,
@@ -69,27 +205,82 @@ static int espmp_CryptHwMutexInit = 0;
*/
static int esp_mp_hw_wait_clean(void)
{
- int ret = MP_OKAY;
+ int ret = MP_OKAY;
word32 timeout = 0;
-#if CONFIG_IDF_TARGET_ESP32S3
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* RSA_CLEAN_REG is now called RSA_QUERY_CLEAN_REG.
+ ** hwcrypto_reg.h maintains RSA_CLEAN_REG for backwards compatibility:
+ ** so this block _might_ not be needed in some circumstances. */
+ ESP_EM__PRE_MP_HW_WAIT_CLEAN
- while (!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(RSA_QUERY_CLEAN_REG) != 1)
- {
- /* wait. expected delay 1 to 2 uS */
+ /* wait until ready,
+ ** or timeout counter exceeds ESP_RSA_TIMEOUT_CNT in user_settings */
+ while(!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(RSA_CLEAN_REG) == 0) {
+ /* wait. expected delay 1 to 2 uS */
+ ESP_EM__MP_HW_WAIT_CLEAN
}
-#else
- /* RSA_CLEAN_REG is now called RSA_QUERY_CLEAN_REG. hwcrypto_reg.h maintains
- * RSA_CLEAN_REG for backwards compatibility so this block _might_ be not needed. */
- while(!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(RSA_CLEAN_REG) != 1) {
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+ ESP_EM__PRE_MP_HW_WAIT_CLEAN
+ while (!ESP_TIMEOUT(++timeout) &&
+ DPORT_REG_READ(RSA_QUERY_CLEAN_REG) != 1) {
/* wait. expected delay 1 to 2 uS */
+ ESP_EM__MP_HW_WAIT_CLEAN
}
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ ESP_EM__PRE_MP_HW_WAIT_CLEAN
+ while (!ESP_TIMEOUT(++timeout) &&
+ DPORT_REG_READ(RSA_QUERY_CLEAN_REG) != 1) {
+ /* wait. expected delay 1 to 2 uS */
+ ESP_EM__MP_HW_WAIT_CLEAN
+ }
+#else
+ /* no HW timeout if we don't know the platform. assumes no HW */
#endif
+ #if defined(WOLFSSL_HW_METRICS)
+ {
+ esp_mp_max_timeout = (timeout > esp_mp_max_timeout) ? timeout :
+ esp_mp_max_timeout;
+ }
+ #endif
+
if (ESP_TIMEOUT(timeout)) {
ESP_LOGE(TAG, "esp_mp_hw_wait_clean waiting HW ready timed out.");
- ret = MP_NG;
+ ret = WC_HW_WAIT_E; /* hardware is busy, MP_HW_BUSY; */
+ }
+ return ret;
+}
+
+/*
+** esp_mp_hw_islocked() - detect if we've locked the HW for use.
+**
+** WARNING: this does *not* detect separate calls to the
+** periph_module_disable() and periph_module_enable().
+*/
+static int esp_mp_hw_islocked(void)
+{
+ int ret = FALSE;
+#ifdef SINGLE_THREADED
+ if (single_thread_locked == FALSE) {
+ /* not in use */
+ ESP_LOGV(TAG, "SINGLE_THREADED esp_mp_hw_islocked = false");
+ }
+ else {
+ ESP_LOGV(TAG, "SINGLE_THREADED esp_mp_hw_islocked = true");
+ ret = TRUE;
}
+#else
+ TaskHandle_t mutexHolder = xSemaphoreGetMutexHolder(mp_mutex);
+ if (mutexHolder == NULL) {
+ /* Mutex is not in use */
+ ESP_LOGV(TAG, "multi-threaded esp_mp_hw_islocked = false");
+ }
+ else {
+ ESP_LOGV(TAG, "multi-threaded esp_mp_hw_islocked = true");
+ ret = TRUE;
+ }
+#endif
return ret;
}
@@ -99,7 +290,7 @@ static int esp_mp_hw_wait_clean(void)
* Lock HW engine.
* This should be called before using engine.
*
-* Returns 0 if the HW lock was initialized and mutex lock.
+* Returns 0 (ESP_OK) if the HW lock was initialized and mutex lock.
*
* See Chapter 24:
* https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
@@ -115,98 +306,294 @@ static int esp_mp_hw_wait_clean(void)
* after being released from reset, and before writing to any RSA Accelerator
* memory blocks or registers for the first time.
*/
-static int esp_mp_hw_lock()
+static int esp_mp_hw_lock(void)
{
- int ret = 0;
+ int ret = ESP_OK;
ESP_LOGV(TAG, "enter esp_mp_hw_lock");
-
- if (espmp_CryptHwMutexInit == 0) {
+#ifdef SINGLE_THREADED
+ single_thread_locked = TRUE;
+#else
+ if (espmp_CryptHwMutexInit == ESP_OK) {
ret = esp_CryptHwMutexInit(&mp_mutex);
- if (ret == 0) {
+ if (ret == ESP_OK) {
/* flag esp mp as initialized */
- espmp_CryptHwMutexInit = 1;
+ espmp_CryptHwMutexInit = TRUE;
}
else {
ESP_LOGE(TAG, "mp mutex initialization failed.");
}
}
else {
- /* ESP AES has already been initialized */
+ /* mp_mutex has already been initialized */
}
- if (ret == 0) {
- /* lock hardware */
- ret = esp_CryptHwMutexLock(&mp_mutex, portMAX_DELAY);
- if (ret != 0) {
+ /* Set our mutex to indicate the HW is in use */
+ if (ret == ESP_OK) {
+ /* lock hardware; there should be exactly one instance
+ * of esp_CryptHwMutexLock(&mp_mutex ...) in code */
+ /* TODO - do we really want to wait?
+ * probably not */
+ ret = esp_CryptHwMutexLock(&mp_mutex, ESP_MP_HW_LOCK_MAX_DELAY);
+ if (ret != ESP_OK) {
ESP_LOGE(TAG, "mp engine lock failed.");
- ret = MP_NG;
+ ret = WC_HW_WAIT_E; /* caller is expected to fall back to SW */
}
}
+#endif /* not SINGLE_THREADED */
-#if CONFIG_IDF_TARGET_ESP32S3
- /* Activate the RSA accelerator. See 20.3 of ESP32-S3 technical manual.
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* Enable RSA hardware */
+ if (ret == ESP_OK) {
+ periph_module_enable(PERIPH_RSA_MODULE);
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ /* clear bit to enable hardware operation; (set to disable) */
+ DPORT_REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+ ESP_EM__POST_SP_MP_HW_LOCK
+
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ }
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* Activate the RSA accelerator. See 20.3 of ESP32-C3 technical manual.
+ * periph_module_enable doesn't seem to be documented and in private folder
+ * with v5 release. Maybe it will be deprecated?
+ *
+ * The ESP32-C3 RSA Accelerator is activated by:
+ * setting the SYSTEM_CRYPTO_RSA_CLK_EN bit in the SYSTEM_PERIP_CLK_EN1_REG
+ * register and:
+ * clearing the SYSTEM_RSA_MEM_PD bit in the SYSTEM_RSA_PD_CTRL_REG reg.
+ * This releases the RSA Accelerator from reset.*/
+ if (ret == ESP_OK) {
+ periph_module_enable(PERIPH_RSA_MODULE);
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ DPORT_REG_SET_BIT((volatile void *)(SYSTEM_PERIP_CLK_EN1_REG),
+ SYSTEM_CRYPTO_RSA_CLK_EN );
+ DPORT_REG_CLR_BIT((volatile void *)(SYSTEM_RSA_PD_CTRL_REG),
+ SYSTEM_RSA_MEM_PD );
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ }
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* See: 21.3 Functional Description
+ *
+ * The RSA accelerator is activated on the ESP32-C6 by:
+ * setting the PCR_RSA_CLK_EN bit
+ * and
+ * clearing the PCR_RSA_RST_EN bit
+ * in the PCR_RSA_CONF_REG register.
+ *
+ * Additionally, users also need to clear PCR_DS_RST_EN bit to
+ * reset Digital Signature (DS).*/
+ if (ret == ESP_OK) {
+ periph_module_enable(PERIPH_RSA_MODULE);
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ /* TODO: When implementing DS (Digital Signature HW), need to
+ * check if it is in use before disabling: */
+ DPORT_REG_CLR_BIT((volatile void *)(PCR_DS_CONF_REG),
+ PCR_DS_RST_EN );
+
+ DPORT_REG_SET_BIT((volatile void *)(PCR_RSA_CONF_REG),
+ PCR_RSA_CLK_EN );
+ DPORT_REG_CLR_BIT((volatile void *)(PCR_RSA_CONF_REG),
+ PCR_RSA_RST_EN );
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* Activate the RSA accelerator. See 18.3 of ESP32-S2 technical manual.
* periph_module_enable doesn't seem to be documented and in private folder
* with v5 release. Maybe it will be deprecated? */
- if (ret == 0) {
+ if (ret == ESP_OK) {
periph_module_enable(PERIPH_RSA_MODULE);
-
- /* clear bit to enable hardware operation; (set to disable) */
- DPORT_REG_CLR_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ /* Note these names are different from those in the documentation!
+ *
+ * Documenation lists the same names as the ESP32-C3:
+ *
+ * DPORT_REG_SET_BIT((volatile void *)(SYSTEM_PERIP_CLK_EN1_REG),
+ * SYSTEM_CRYPTO_RSA_CLK_EN );
+ * DPORT_REG_CLR_BIT((volatile void *)(SYSTEM_RSA_PD_CTRL_REG),
+ * SYSTEM_RSA_MEM_PD );
+ *
+ * However, in the sytem_reg.h, the names below were found:
+ */
+ DPORT_REG_SET_BIT((volatile void *)(DPORT_CPU_PERIP_CLK_EN1_REG),
+ DPORT_CRYPTO_RSA_CLK_EN );
+ DPORT_REG_CLR_BIT((volatile void *)(DPORT_RSA_PD_CTRL_REG),
+ DPORT_RSA_MEM_PD );
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
}
-#else
- /* Enable RSA hardware */
- if (ret == 0) {
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* Activate the RSA accelerator. See 20.3 of ESP32-S3 technical manual.
+ * periph_module_enable doesn't seem to be documented and in private folder
+ * with v5 release. Maybe it will be deprecated? */
+ if (ret == ESP_OK) {
periph_module_enable(PERIPH_RSA_MODULE);
-
- /* clear bit to enable hardware operation; (set to disable) */
- DPORT_REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ /* clear bit to enable hardware operation; (set to disable) */
+ DPORT_REG_CLR_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
}
+#else
+ /* when unknown or not implemented, assume there's no HW to lock */
#endif
/* reminder: wait until RSA_CLEAN_REG reads 1
- * see esp_mp_hw_wait_clean()
- */
-
+ ** see esp_mp_hw_wait_clean() */
ESP_LOGV(TAG, "leave esp_mp_hw_lock");
return ret;
}
/*
-* Release HW engine
+** Release RSA HW engine
*/
-static void esp_mp_hw_unlock( void )
+static int esp_mp_hw_unlock(void)
{
-#if CONFIG_IDF_TARGET_ESP32S3
- /* Deactivate the RSA accelerator. See 20.3 of ESP32-S3 technical manual.
- * periph_module_enable doesn't seem to be documented and in private folder
- * with v5 release. Maybe it will be deprecated? */
- DPORT_REG_SET_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
- periph_module_disable(PERIPH_RSA_MODULE);
+ int ret = MP_OKAY;
+ if (esp_mp_hw_islocked()) {
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* set bit to disabled hardware operation; (clear to enable) */
+ DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+
+ /* Disable RSA hardware */
+ periph_module_disable(PERIPH_RSA_MODULE);
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* Deactivate the RSA accelerator.
+ * See 20.3 of ESP32-C3 technical manual.
+ * periph_module_enable doesn't seem to be documented and in private
+ * folder with v5 release. Maybe it will be deprecated?
+ * The ESP32-C3 RSA Accelerator is activated by:
+ * setting the SYSTEM_CRYPTO_RSA_CLK_EN bit
+ * in the SYSTEM_PERIP_CLK_EN1_REG register and:
+ * clearing the SYSTEM_RSA_MEM_PD bit
+ * in the SYSTEM_RSA_PD_CTRL_REG reg.
+ * This releases the RSA Accelerator from reset.*/
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ DPORT_REG_CLR_BIT(
+ (volatile void *)(DR_REG_RSA_BASE + SYSTEM_CRYPTO_RSA_CLK_EN),
+ SYSTEM_PERIP_CLK_EN1_REG);
+ DPORT_REG_SET_BIT(
+ (volatile void *)(DR_REG_RSA_BASE + SYSTEM_RSA_MEM_PD),
+ SYSTEM_RSA_PD_CTRL_REG);
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* TODO: When implementing DS (Digital Signature HW), need to
+ * notify RSA HW is available. */
+
+ portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+ {
+ DPORT_REG_SET_BIT((volatile void *)(PCR_RSA_CONF_REG),
+ PCR_RSA_RST_EN);
+ DPORT_REG_CLR_BIT((volatile void *)(PCR_RSA_CONF_REG),
+ PCR_RSA_CLK_EN);
+ }
+ portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* Deactivate the RSA accelerator.
+ * See 20.3 of ESP32-S3 technical manual.
+ * periph_module_enable doesn't seem to be documented and is
+ * in private folder with v5 release. Maybe it will be deprecated? */
+ DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_MEM_PD);
+ periph_module_disable(PERIPH_RSA_MODULE);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* Deactivate the RSA accelerator.
+ * See 20.3 of ESP32-S3 technical manual.
+ * periph_module_enable doesn't seem to be documented and is
+ * in private folder with v5 release. Maybe it will be deprecated? */
+ DPORT_REG_SET_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
+ periph_module_disable(PERIPH_RSA_MODULE);
+#else
+ /* unknown platform, assume no HW to unlock */
+ ESP_LOGW(TAG, "Warning: esp_mp_hw_unlock called for unknown target");
+#endif /* per-SoC unlock */
+#if defined(SINGLE_THREADED)
+ single_thread_locked = FALSE;
#else
- /* set bit to disabled hardware operation; (clear to enable)
- */
- DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+ esp_CryptHwMutexUnLock(&mp_mutex);
+#endif /* SINGLE_THREADED */
- /* Disable RSA hardware */
- periph_module_disable(PERIPH_RSA_MODULE);
-#endif
+ ESP_LOGV(TAG, "exit esp_mp_hw_unlock");
+ }
+ else {
+ ESP_LOGW(TAG, "Warning: esp_mp_hw_unlock called when not locked.");
+ }
- /* unlock */
- esp_CryptHwMutexUnLock(&mp_mutex);
+ return ret;
}
-/* this is based on an article by Cetin Kaya Koc,
- * A New Algorithm for Inversion: mod p^k, June 28 2017 */
+/* Only mulmod and mulexp_mod HW accelerator need Montgomery math prep: M' */
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) \
+ || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+
static int esp_calc_Mdash(MATH_INT_T *M, word32 k, mp_digit* md)
{
+ int ret = MP_OKAY;
+ ESP_LOGV(TAG, "\nBegin esp_calc_Mdash \n");
+
+#ifdef USE_ALT_MPRIME
+ /* M' = M^(-1) mod b; b = 2^32 */
+
+ /* Call Large Number Modular Exponentiation
+ *
+ * Z = X^Y mod M
+ *
+ * mp_exptmod notation: Y = (G ^ X) mod P
+ *
+ * G is our parameter: M
+ */
+ MATH_INT_T X[1] = { };
+ MATH_INT_T P[1] = { };
+ MATH_INT_T Y[1] = { };
+ word32 Xs;
+
+ ESP_LOGV(TAG, "\nBegin esp_calc_Mdash USE_ALT_MPRIME\n");
+
+ mp_init(X);
+ mp_init(P);
+ mp_init(Y);
+
+ /* MATH_INT_T value of (-1) */
+ X->dp[0] = 1;
+ X->sign = MP_NEG;
+ X->used = 1;
+
+ Xs = mp_count_bits(X);
+
+ /* MATH_INT_T value of 2^32 */
+ P->dp[1] = 1;
+ P->used = 2;
+
+ /* this fails due to even P number; ((b & 1) == 0) in fp_montgomery_setup()
+ * called from _fp_exptmod_ct, called from fp_exptmod */
+ ret = mp_exptmod(M, X, P, Y);
+
+ *md = Y->dp[0];
+ ESP_LOGI(TAG, "esp_calc_Mdash %u", *md);
+#else
+ /* this is based on an article by Cetin Kaya Koc,
+ * A New Algorithm for Inversion: mod p^k, June 28 2017 */
int i;
int xi;
int b0 = 1;
int bi;
word32 N = 0;
word32 x;
+ ESP_LOGV(TAG, "\nBegin esp_calc_Mdash\n");
N = M->dp[0];
bi = b0;
@@ -222,74 +609,276 @@ static int esp_calc_Mdash(MATH_INT_T *M, word32 k, mp_digit* md)
}
/* 2's complement */
*md = ~x + 1;
- return MP_OKAY;
+#endif
+
+ ESP_LOGV(TAG, "\nEnd esp_calc_Mdash \n");
+ return ret;
}
+#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_[MULMOD/EXPTMOD] for M' */
-/* start HW process */
-static void process_start(word32 reg)
+/* the result may need to have extra bytes zeroed or used length adjusted */
+static int esp_clean_result(MATH_INT_T* Z, int used_padding)
{
- /* clear interrupt */
- DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
- /* start process */
- DPORT_REG_WRITE(reg, 1);
+ int ret = MP_OKAY;
+ uint16_t this_extra;
+
+/* TODO remove this section if MP_SIZE accepted into sp_int.h
+** See https://github.com/wolfSSL/wolfssl/pull/6565 */
+ uint16_t dp_length = 0; (void) dp_length;
+#ifdef USE_FAST_MATH
+ #undef MP_SIZE
+ #define MP_SIZE FP_SIZE
+ dp_length = FP_SIZE;
+#else
+ #undef MP_SIZE
+ #define MP_SIZE 128
+ dp_length = SP_INT_DIGITS;
+#endif
+/* TODO end */
+
+ this_extra = Z->used;
+ if (this_extra > MP_SIZE) {
+ ESP_LOGW(TAG, "Warning (Z->used: %d) > (MP_SIZE: %d); adjusting...",
+ Z->used, MP_SIZE);
+ this_extra = MP_SIZE;
+ }
+
+ while (Z->dp[this_extra] > 0 && (this_extra < MP_SIZE)) {
+ ESP_LOGV(TAG, "Adjust! %d", this_extra);
+ Z->dp[this_extra] = 0;
+ this_extra++;
+ }
+
+ /* trim any trailing zeros and adjust z.used size */
+ if (Z->used > 0) {
+ ESP_LOGV(TAG, "ZTrim: Z->used = %d", Z->used);
+ for (size_t i = Z->used; i > 0; i--) {
+ if (Z->dp[i - 1] == 0) {
+ /* last element in zero based array */
+ Z->used = i - 1;
+ }
+ else {
+ break; /* if not zero, nothing else to do */
+ }
+ }
+ ESP_LOGV(TAG, "New Z->used = %d", Z->used);
+ }
+ else {
+ ESP_LOGV(TAG, "no z-trim needed");
+ }
+
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ if (Z->sign != 0) {
+ mp_setneg(Z); /* any value other than zero is assumed negative */
+ }
+#endif
+
+ /* a result of 1 is interesting */
+ if ((Z->dp[0] == 1) && (Z->used == 1)) {
+ /*
+ * When the exponent is 0: In this case, the result of the modular
+ * exponentiation operation will always be 1, regardless of the value
+ * of the base.
+ *
+ * When the base is 1: If the base is equal to 1, then the result of
+ * the modular exponentiation operation will always be 1, regardless
+ * of the value of the exponent.
+ *
+ * When the exponent is equal to the totient of the modulus: If the
+ * exponent is equal to the totient of the modulus, and the base is
+ * relatively prime to the modulus, then the result of the modular
+ * exponentiation operation will be 1.
+ */
+ ESP_LOGV(TAG, "Z->dp[0] == 1");
+ }
+
+ return ret;
}
-/* wait until done */
+/* Start HW process. Reg is SoC-specific register. */
+static int process_start(u_int32_t reg)
+{
+ int ret = MP_OKAY;
+ /* see 3.16 "software needs to always use the "volatile"
+ ** attribute when accessing registers in these two address spaces. */
+ DPORT_REG_WRITE((volatile word32*)reg, 1);
+ ESP_EM__POST_PROCESS_START;
+
+ return ret;
+}
+
+/* wait until RSA math register indicates operation completed */
static int wait_until_done(word32 reg)
{
+ int ret = MP_OKAY;
word32 timeout = 0;
+
/* wait until done && not timeout */
- while (!ESP_TIMEOUT(++timeout) &&
- DPORT_REG_READ(reg) != 1) {
- /* wait */
+ ESP_EM__MP_HW_WAIT_DONE;
+ while (!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(reg) != 1) {
+ asm volatile("nop"); /* wait */
}
+ ESP_EM__DPORT_FIFO_READ;
+
+#if defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* Write 1 or 0 to the RSA_INT_ENA_REG register to
+ * enable or disable the interrupt function. */
+ DPORT_REG_WRITE(RSA_INT_CLR_REG, 1); /* write 1 to clear */
+ DPORT_REG_WRITE(RSA_INT_ENA_REG, 0); /* disable */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* not currently clearing / disable on C3 */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
+
+#else
/* clear interrupt */
DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
+#endif
+
if (ESP_TIMEOUT(timeout)) {
- ESP_LOGE(TAG, "rsa operation is timed out.");
- return MP_NG;
+ ESP_LOGE(TAG, "rsa operation timed out.");
+ ret = WC_HW_E; /* MP_HW_ERROR; */
}
- return MP_OKAY;
+ return ret;
}
/* read data from memory into mp_init */
-static void esp_memblock_to_mpint(word32 mem_address,
- MATH_INT_T* mp,
- word32 numwords)
+static int esp_memblock_to_mpint(const word32 mem_address,
+ MATH_INT_T* mp,
+ word32 numwords)
{
- esp_dport_access_read_buffer((uint32_t*)mp->dp, mem_address, numwords);
+ int ret = MP_OKAY;
+#ifdef USE_ESP_DPORT_ACCESS_READ_BUFFER
+ esp_dport_access_read_buffer((word32*)mp->dp, mem_address, numwords);
+#else
+ ESP_EM__PRE_DPORT_READ;
+ DPORT_INTERRUPT_DISABLE();
+ ESP_EM__READ_NON_FIFO_REG;
+ for (volatile word32 i = 0; i < numwords; ++i) {
+ ESP_EM__3_16;
+ mp->dp[i] = DPORT_SEQUENCE_REG_READ(
+ (volatile word32)(mem_address + i * 4));
+ }
+ DPORT_INTERRUPT_RESTORE();
+#endif
mp->used = numwords;
+
+#if defined(ESP_VERIFY_MEMBLOCK)
+ ret = XMEMCMP((const word32 *)mem_address, /* HW reg memory */
+ (const word32 *)&mp->dp, /* our dp value */
+ numwords * sizeof(word32));
+
+ if (ret != ESP_OK) {
+ ESP_LOGW(TAG, "Validation Failure esp_memblock_to_mpint.\n"
+ "Reading %u Words at Address = 0x%08x",
+ (int)(numwords * sizeof(word32)),
+ (unsigned int)mem_address);
+ ESP_LOGI(TAG, "Trying again... ");
+ esp_dport_access_read_buffer((word32*)mp->dp, mem_address, numwords);
+ mp->used = numwords;
+ if (0 != XMEMCMP((const void *)mem_address,
+ (const void *)&mp->dp,
+ numwords * sizeof(word32))) {
+ ESP_LOGE(TAG, "Validation Failure esp_memblock_to_mpint "
+ "a second time. Giving up.");
+ ret = MP_VAL;
+ }
+ else {
+ ESP_LOGI(TAG, "Successfully re-read after Validation Failure.");
+ ret = MP_VAL;
+ }
+ }
+#endif
+ return ret;
}
-/* write mp_init into memory block
- */
-static void esp_mpint_to_memblock(word32 mem_address, const MATH_INT_T* mp,
- const word32 bits,
- const word32 hwords)
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+/* Write 0x00 to [wordSz] words of register memory starting at mem_address */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+/* only the classic has memblock clear due to slightly different data layout */
+static int esp_zero_memblock(u_int32_t mem_address, int wordSz)
{
+ int ret = MP_OKAY;
+
+ ESP_EM__PRE_DPORT_WRITE;
+ DPORT_INTERRUPT_DISABLE();
+ for (int i=0; i < wordSz; i++) {
+ DPORT_REG_WRITE(
+ (volatile u_int32_t *)(mem_address + (i * sizeof(word32))),
+ (u_int32_t)(0) /* zero memory blocks [wordSz] words long */
+ );
+ }
+ DPORT_INTERRUPT_RESTORE();
+ return ret;
+}
+#endif /* CONFIG_IDF_TARGET_ESP32 */
+#endif /* not NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* write MATH_INT_T mp value (dp[]) into memory block */
+static int esp_mpint_to_memblock(u_int32_t mem_address,
+ const MATH_INT_T* mp,
+ const word32 bits,
+ const word32 hwords)
+{
+ int ret = MP_OKAY;
+
/* init */
- word32 i;
- word32 len = (bits / 8 + ((bits & 7) != 0 ? 1 : 0));
+ word32 i; /* memory offset counter */
+ word32 len; /* actual number of words to write to register */
+ len = (bits / 8 + ((bits & 7) != 0 ? 1 : 0));
len = (len + sizeof(word32)-1) / sizeof(word32);
+ /* write */
+ ESP_EM__PRE_DPORT_WRITE;
+ DPORT_INTERRUPT_DISABLE();
for (i=0; i < hwords; i++) {
if (i < len) {
- DPORT_REG_WRITE(mem_address + (i * sizeof(word32)), mp->dp[i]);
+ /* write our data */
+ ESP_LOGV(TAG, "Write i = %d value.", i);
+ DPORT_REG_WRITE(
+ (volatile u_int32_t*)(mem_address + (i * sizeof(word32))),
+ mp->dp[i]
+ ); /* DPORT_REG_WRITE */
}
else {
- DPORT_REG_WRITE(mem_address + (i * sizeof(word32)), 0);
+ /* write zeros */
+ /* TODO we may be able to skip zero in certain circumstances */
+ if (i == 0) {
+ ESP_LOGV(TAG, "esp_mpint_to_memblock zero?");
+ }
+ ESP_LOGV(TAG, "Write i = %d value = zero.", i);
+ DPORT_REG_WRITE(
+ (volatile u_int32_t*)(mem_address + (i * sizeof(word32))),
+ (u_int32_t)0 /* writing 4 bytes of zero */
+ ); /* DPORT_REG_WRITE */
}
}
+ DPORT_INTERRUPT_RESTORE();
+
+ /* optional re-read verify */
+#if defined(ESP_VERIFY_MEMBLOCK)
+ len = XMEMCMP((const void *)mem_address, /* HW reg memory */
+ (const void *)&mp->dp, /* our dp value */
+ hwords * sizeof(word32)
+ );
+ if (len != 0) {
+ ESP_LOGE(TAG, "esp_mpint_to_memblock compare fails at %d", len);
+ #ifdef DEBUG_WOLFSSL
+ esp_show_mp("mp", (MATH_INT_T*)mp);
+ #endif
+ ret = MP_VAL;
+ }
+#endif
+ return ret;
}
/* return needed HW words.
* supported words length
- * words : {16 , 32, 48, 64, 80, 96, 112, 128}
- * bits : {512,1024, 1536, 2048, 2560, 3072, 3584, 4096}
+ * words : { 16, 32, 48, 64, 80, 96, 112, 128}
+ * bits : {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096}
*/
static word32 words2hwords(word32 wd)
{
@@ -307,143 +896,426 @@ static word32 bits2words(word32 bits)
return ((bits + (d - 1)) / d);
}
+/* exptmod and mulmod helpers as needed */
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) \
+ || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+/* rinv and M' only used for mulmod and mulexp_mod */
+
/* get rinv */
static int esp_get_rinv(MATH_INT_T *rinv, MATH_INT_T *M, word32 exp)
{
- int ret = 0;
+#ifdef DEBUG_WOLFSSL
+ MATH_INT_T rinv2[1];
+ MATH_INT_T M2[1];
+ int reti = MP_OKAY;
+#endif
+ int ret = MP_OKAY;
+
+ ESP_LOGV(TAG, "\nBegin esp_get_rinv \n");
+#ifdef DEBUG_WOLFSSL
+ mp_copy(M, M2); /* copy (src = M) to (dst = M2) */
+ mp_copy(rinv, rinv2); /* copy (src = M) to (dst = M2) */
+#endif
- /* 2^(exp)*/
- if ((ret = mp_2expt(rinv, exp)) != MP_OKAY) {
+ /* 2^(exp)
+ *
+ * rinv will have all zeros with a 1 in last word.
+ * e.g. exp=2048 will have a 1 in dp[0x40] = dp[64]
+ * this is the 65'th element (zero based)
+ * Value for used = 0x41 = 65
+ **/
+ ret = mp_2expt(rinv, exp);
+ if (ret == MP_OKAY) {
+ ret = mp_mod(rinv, M, rinv);
+ }
+ else {
ESP_LOGE(TAG, "failed to calculate mp_2expt()");
- return ret;
}
/* r_inv = R^2 mod M(=P) */
- if (ret == 0 && (ret = mp_mod(rinv, M, rinv)) != MP_OKAY) {
+ if (ret == MP_OKAY) {
+ ESP_LOGV(TAG, "esp_get_rinv compute success");
+ }
+ else {
ESP_LOGE(TAG, "failed to calculate mp_mod()");
- return ret;
}
+#ifdef DEBUG_WOLFSSL
+ if (ret == MP_OKAY) {
+
+ /* computes a = B**n mod b without division or multiplication useful for
+ * normalizing numbers in a Montgomery system. */
+ reti = mp_montgomery_calc_normalization(rinv2, M2);
+ if (reti == MP_OKAY) {
+ ESP_LOGV(TAG, "mp_montgomery_calc_normalization = %d", reti);
+ }
+ else {
+ ESP_LOGW(TAG, "Error Montgomery calc M2 result = %d", reti);
+ }
+ }
+#endif
+
+ ESP_LOGV(TAG, "\nEnd esp_get_rinv \n");
return ret;
}
+#endif /* ! xEXPTMOD || ! xMULMOD for rinv */
-/* Z = X * Y; */
-int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
+/* during debug, we'll compare HW to SW results */
+int esp_hw_validation_active(void)
{
- int ret;
+#ifdef DEBUG_WOLFSSL
+ return IS_HW_VALIDATION;
+#else
+ return 0; /* we're never validating when not debugging */
+#endif
+}
-#ifdef WOLFSSL_SP_INT_NEGATIVE
- /* neg check: X*Y becomes negative */
- int neg;
+/* useful during debugging and error display,
+ * we can show all the mp helper calc values */
+int esp_show_mph(struct esp_mp_helper* mph)
+{
+ int ret = MP_OKAY;
- /* aka (X->sign == Y->sign) ? MP_ZPOS : MP_NEG; , but with mp_isneg(): */
- neg = (mp_isneg(X) == mp_isneg(Y)) ? MP_ZPOS : MP_NEG;
- if (neg) {
- /* Negative numbers are relatively infrequent.
- * May be interesting during verbose debugging: */
- ESP_LOGV(TAG, "mp_isneg(X) = %d; mp_isneg(Y) = %d; neg = %d ",
- mp_isneg(X), mp_isneg(Y), neg);
+ if (mph == NULL) {
+ /* if a bad mp helper passed, we cannot use HW */
+ ESP_LOGE(TAG, "ERROR: Bad esp_mp_helper for esp_show_mph");
+ return MP_VAL;
}
+
+ if (mph->Xs != 0)
+ ESP_LOGI(TAG, "Xs %d", mph->Xs);
+ if (mph->Ys != 0)
+ ESP_LOGI(TAG, "Ys %d", mph->Ys);
+ if (mph->Ms != 0)
+ ESP_LOGI(TAG, "Ms %d", mph->Ms);
+ if (mph->Rs != 0)
+ ESP_LOGI(TAG, "Rs %d", mph->Rs);
+ if (mph->maxWords_sz != 0)
+ ESP_LOGI(TAG, "maxWords_sz %d", mph->maxWords_sz);
+ if (mph->hwWords_sz != 0)
+ ESP_LOGI(TAG, "hwWords_sz %d", mph->hwWords_sz);
+ if (mph->mp != 0)
+ ESP_LOGI(TAG, "mp %d", mph->mp);
+#ifdef DEBUG_WOLFSSL
+ if (mph->mp2 != 0)
+ ESP_LOGI(TAG, "mp2 %d", mph->mp2);
#endif
- ret = MP_OKAY; /* assume success until proven wrong */
+ if (mph->r_inv.used != 0)
+ esp_show_mp("r_inv", &(mph->r_inv));
+ return ret;
+}
-#if CONFIG_IDF_TARGET_ESP32S3
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) \
+ || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+/* only when using exptmod or mulmod, we have some helper functions. */
- int BitsInX = mp_count_bits(X);
- int BitsInY = mp_count_bits(Y);
+/* given X, Y, M - setup mp hardware and other helper values.*/
+int esp_mp_montgomery_init(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M,
+ struct esp_mp_helper* mph)
+{
+ int ret = MP_OKAY;
+ int exp;
- /* X & Y must be represented by the same number of bits. Must be
- * enough to represent the larger one. */
- int MinXYBits = max(BitsInX, BitsInY);
+ if (mph == NULL) {
+ /* if a bad mp helper passed, we cannot use HW */
+ ESP_LOGE(TAG, "ERROR: Bad esp_mp_helper, falling back to SW");
+ return MP_HW_FALLBACK;
+ }
+ if ((X == NULL) || (Y == NULL) || (M == NULL) ) {
+ /* if a bad operand passed, we cannot use HW */
+ ESP_LOGE(TAG, "ERROR: Bad Montgomery operand, falling back to SW");
+ return MP_HW_FALLBACK;
+ }
+ XMEMSET(mph, 0, sizeof(struct esp_mp_helper));
+ mph->Xs = mp_count_bits(X); /* X's = the number of bits needed */
+
+#if (ESP_PROHIBIT_SMALL_X == TRUE)
+ /* optionally prohibit small X.
+ ** note this is very common in ECC: [1] * [Y] mod [M] */
+ if ((X->used == 1) && (X->dp[1] < (1 << 8))) {
+ #ifdef WOLFSSL_HW_METRICS
+ esp_mp_mulmod_small_x_ct++;
+ #endif
+ ESP_LOGW(TAG, "esp_mp_montgomery_init MP_HW_FALLBACK Xs = %d",
+ mph->Xs);
+ ret = MP_HW_FALLBACK;
+ }
+#endif
- /* Figure out how many words we need to represent each operand & the result. */
- int WordsForOperand = bits2words(MinXYBits);
- int WordsForResult = bits2words(BitsInX + BitsInY);
+ /* prohibit small Y */
+ if (ret == MP_OKAY) {
+ mph->Ys = mp_count_bits(Y); /* init Y's to pass to Montgomery init */
+
+ if (mph->Xs <= ESP_RSA_EXPT_XBITS) {
+ /* hard floor 8 bits, problematic in some older ESP32 chips */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* track how many times we fall back */
+ esp_mp_mulmod_small_x_ct++;
+ }
+ #endif
+ ESP_LOGV(TAG,
+ "esp_mp_montgomery_init MP_HW_FALLBACK Xs = %d",
+ mph->Xs);
+ ret = MP_HW_FALLBACK; /* fall back to software calc at exit */
+ } /* mph->Xs <= ESP_RSA_EXPT_XBITS */
+ else {
+ if (mph->Ys <= ESP_RSA_EXPT_YBITS) {
+ /* hard floor 8 bits, problematic in some older ESP32 chips */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* track how many times we fall back */
+ esp_mp_mulmod_small_y_ct++;
+ }
+ #endif
+ ESP_LOGV(TAG,
+ "esp_mp_montgomery_init MP_HW_FALLBACK Ys = %d",
+ mph->Ys);
+ ret = MP_HW_FALLBACK; /* fall back to software calc at exit */
+ } /* Ys <= ESP_RSA_EXPT_YBITS */
+ else {
+ /* X and Y size ok, continue... */
+ mph->Ms = mp_count_bits(M);
+ /* maximum bits and words for writing to HW */
+ mph->maxWords_sz = bits2words(max(mph->Xs,
+ max(mph->Ys, mph->Ms)));
+ mph->hwWords_sz = words2hwords(mph->maxWords_sz);
+
+ if ((mph->hwWords_sz << 5) > ESP_HW_RSAMAX_BIT) {
+ ESP_LOGW(TAG, "Warning: hwWords_sz = %d (%d bits)"
+ " exceeds HW maximum bits (%d), "
+ " falling back to SW.",
+ mph->hwWords_sz,
+ mph->hwWords_sz << 5,
+ ESP_HW_RSAMAX_BIT);
+ ret = MP_HW_FALLBACK;
+ } /* hwWords_sz check */
+ } /* X and Y size ok */
+ } /* X size check */
+ } /* Prior operation ok */
+
+ ESP_LOGV(TAG, "hwWords_sz = %d", mph->hwWords_sz);
- /* Make sure we are within capabilities of hardware. */
- if ( (WordsForOperand * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS ) {
- ESP_LOGW(TAG, "exceeds max bit length(2048)");
- return MP_VAL; /* Error: value is not able to be used. */
+ /* calculate r_inv = R^2 mode M
+ * where: R = b^n, and b = 2^32
+ * accordingly R^2 = 2^(n*32*2)
+ */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ exp = mph->hwWords_sz << 6;
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+ exp = mph->maxWords_sz * BITS_IN_ONE_WORD * 2;
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ exp = mph->maxWords_sz * BITS_IN_ONE_WORD * 2;
+#else
+ exp = 0; /* no HW, no Montgomery HW init */
+#endif
+
+ if (ret == MP_OKAY && (M != NULL)) {
+ ret = mp_init((mp_int*)&(mph->r_inv));
+ if (ret == MP_OKAY) {
+ ret = esp_get_rinv( (mp_int*)&(mph->r_inv), M, exp);
+ if (ret == MP_OKAY) {
+ mph->Rs = mp_count_bits((mp_int*)&(mph->r_inv));
+ }
+ else {
+ ESP_LOGE(TAG, "calculate r_inv failed.");
+ ret = MP_VAL;
+ } /* esp_get_rinv check */
+ } /* mp_init success */
+ else {
+ ESP_LOGE(TAG, "calculate r_inv failed mp_init.");
+ ret = MP_MEM;
+ } /* mp_init check */
+ } /* calculate r_inv */
+
+ /* if we were successful in r_inv, next get M' */
+ if (ret == MP_OKAY) {
+#ifdef DEBUG_WOLFSSL
+ ret = mp_montgomery_setup(M, &(mph->mp2) );
+#endif
+ /* calc M' */
+ /* if Pm is odd, uses mp_montgomery_setup() */
+ ret = esp_calc_Mdash(M, 32/* bits */, &(mph->mp));
+ if (ret != MP_OKAY) {
+ ESP_LOGE(TAG, "failed esp_calc_Mdash()");
+ }
}
- /* Steps to perform large number multiplication. Calculates Z = X x Y. The number of
- * bits in the operands (X, Y) is N. N can be 32x, where x = {1,2,3,...64}, so the
- * maximum number of bits in the X and Y is 2048.
- * See 20.3.3 of ESP32-S3 technical manual
- * 1. Lock the hardware so no-one else uses it and wait until it is ready.
- * 2. Enable/disable interrupt that signals completion -- we don't use the interrupt.
- * 3. Write number of words required for result to the RSA_MODE_REG (now called RSA_LENGTH_REG).
- * Number of words required for the result is 2 * words for operand - 1
- * 4. Load X, Y operands to memory blocks. Note the Y value must be written to
- * right aligned.
- * 5. Start the operation by writing 1 to RSA_MULT_START_REG, then wait for it
- * to complete by monitoring RSA_IDLE_REG (which is now called RSA_QUERY_INTERRUPT_REG).
- * 6. Read the result out.
- * 7. Release the hardware lock so others can use it.
- * x. Clear the interrupt flag, if you used it (we don't). */
+#ifdef DEBUG_WOLFSSL
+ if (ret == MP_OKAY) {
+ if (mph->mp == mph->mp2) {
+ ESP_LOGV(TAG, "M' match esp_calc_Mdash vs mp_montgomery_setup "
+ "= %ul !", mph->mp);
+ }
+ else {
+ ESP_LOGW(TAG,
+ "\n\n"
+ "M' MISMATCH esp_calc_Mdash = 0x%08x = %d \n"
+ "vs mp_montgomery_setup = 0x%08x = %d \n\n",
+ mph->mp,
+ mph->mp,
+ mph->mp2,
+ mph->mp2);
+ mph->mp = mph->mp2;
+ }
+ }
+ else {
+ #if 0
+ esp_show_mp("X", X);
+ esp_show_mp("Y", Y);
+ esp_show_mp("M", M);
+ esp_show_mph(mph);
+ #endif
- /* 1. lock HW for use & wait until it is ready. */
- if ( ((ret = esp_mp_hw_lock()) != MP_OKAY) ||
- ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) ) {
- return ret;
+ if (ret == MP_HW_FALLBACK) {
+ ESP_LOGV(TAG, "esp_mp_montgomery_init exit falling back.");
+
+ }
+ else {
+ ESP_LOGE(TAG, "esp_mp_montgomery_init failed: return code = %d",
+ ret);
+ }
}
+#endif
+
+ return ret;
+} /* esp_mp_montgomery_init */
+
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_[EXPTMOD|MULMOD] */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+/* Large Number Multiplication
+ *
+ * See 24.3.3 of the ESP32 Technical Reference Manual
+ *
+ * Z = X * Y; */
+int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
+{
+/* During debug, we may be validating against SW result. */
+#ifdef DEBUG_WOLFSSL
+ /* create a place to store copies to perform duplicate operations.
+ ** copies needed as some operations overwrite operands: e.g. X = X * Y */
+ MATH_INT_T X2[1];
+ MATH_INT_T Y2[1];
+ MATH_INT_T Z2[1];
+ MATH_INT_T PEEK[1];
+#endif
+
+ int ret = MP_OKAY; /* assume success until proven wrong */
+ int mp_mul_lock_called = FALSE; /* May fall back to SW; track if locked */
- /* 2. Disable completion interrupt signal; we don't use.
- ** 0 => no interrupt; 1 => interrupt on completion. */
- DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+ /* we don't use the mph helper for mp_mul, so we'll calculate locally: */
+ word32 Xs;
+ word32 Ys;
+ word32 Zs;
+ word32 maxWords_sz = 0;
+ word32 hwWords_sz = 0;
+ word32 resultWords_sz = 0;
- /* 3. Write number of words required for result. */
- if ( (WordsForOperand * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
- ESP_LOGW(TAG, "result exceeds max bit length");
- return MP_VAL; /* Error: value is not able to be used. */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ word32 left_pad_offset = 0;
+#endif
+
+/* if we are supporting negative numbers, check that first since operands
+ * may be later modified (e.g. Z = Z * X) */
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ /* neg check: X*Y becomes negative */
+ int res_sign;
+
+ /* aka (X->sign == Y->sign) ? MP_ZPOS : MP_NEG; , but with mp_isneg(): */
+ res_sign = (mp_isneg(X) == mp_isneg(Y)) ? MP_ZPOS : MP_NEG;
+ if (res_sign) {
+ /* Negative numbers are relatively infrequent.
+ * May be interesting during verbose debugging: */
+ ESP_LOGV(TAG, "mp_isneg(X) = %d; mp_isneg(Y) = %d; neg = %d ",
+ mp_isneg(X), mp_isneg(Y), res_sign);
}
- DPORT_REG_WRITE(RSA_LENGTH_REG, (WordsForOperand * 2 - 1) );
+#endif
- /* 4. Load X, Y operands. Maximum is 64 words (64*8*4 = 2048 bits) */
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
- X, BitsInX, WordsForOperand);
- esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + WordsForOperand * 4,
- Y, BitsInY, WordsForOperand);
+#ifdef WOLFSSL_HW_METRICS
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used : esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used : esp_mp_max_used;
+#endif
+ /* if either operand is zero, there's nothing to do.
+ * Y checked first, as it was observed to be zero during
+ * wolfcrypt tests more often than X */
+ if (mp_iszero(Y) || mp_iszero(X)) {
+ mp_forcezero(Z);
+ return MP_OKAY;
+ }
- /* 5. Start operation and wait until it completes. */
- process_start(RSA_MULT_START_REG);
- ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
- if (MP_OKAY != ret) {
- return ret;
+#ifdef DEBUG_WOLFSSL
+ /* The caller should have checked if the call was for a SW validation.
+ * During debug, we'll return an error. */
+ if (esp_hw_validation_active()) {
+ return MP_HW_VALIDATION_ACTIVE;
}
- /* 6. read the result form MEM_Z */
- esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, WordsForResult);
+ /* these occur many times during RSA calcs */
+ if (X == Z) {
+ ESP_LOGV(TAG, "mp_mul X == Z");
+ }
+ if (Y == Z) {
+ ESP_LOGV(TAG, "mp_mul Y == Z");
+ }
- /* 7. clear and release HW */
- esp_mp_hw_unlock();
+ mp_init(X2);
+ mp_init(Y2);
+ mp_init(Z2);
- /* end if CONFIG_IDF_TARGET_ESP32S3 */
+ mp_copy(X, X2); /* copy (src = X) to (dst = X2) */
+ mp_copy(Y, Y2); /* copy (src = Y) to (dst = Y2) */
+ mp_copy(Z, Z2); /* copy (src = Z) to (dst = Z2) */
-#else /* not CONFIG_IDF_TARGET_ESP32S3 */
- /* assumed to be regular Xtensa here */
- word32 Xs;
- word32 Ys;
- word32 Zs;
- word32 maxWords_sz;
- word32 hwWords_sz;
+ if (IS_HW_VALIDATION) {
+ ESP_LOGE(TAG, "Caller must not try HW when validation active.");
+ }
+ else {
+ SET_HW_VALIDATION; /* force next mp_mul to SW for compare */
+ mp_mul(X2, Y2, Z2);
+ CLR_HW_VALIDATION;
+ }
+#endif /* DEBUG_WOLFSSL */
- /* ask bits number */
Xs = mp_count_bits(X);
Ys = mp_count_bits(Y);
Zs = Xs + Ys;
- /* maximum bits and words for writing to HW */
- maxWords_sz = bits2words(max(Xs, Ys));
- hwWords_sz = words2hwords(maxWords_sz);
+ /* RSA Accelerator only supports Large Number Multiplication
+ * with operand length N = 32 × x,
+ * where x ∈ {1, 2, 3, . . . , 64} */
+ if (Xs > 64 || Ys > 64) {
+ return MP_HW_FALLBACK; /* TODO add count metric on size fallback */
+ }
- /* sanity check */
- if((hwWords_sz<<5) > ESP_HW_MULTI_RSAMAX_BITS) {
- ESP_LOGW(TAG, "exceeds max bit length(2048)");
- return MP_VAL; /* Error: value is not able to be used. */
+ if (Zs <= sizeof(mp_digit)*8) {
+ Z->dp[0] = X->dp[0] * Y->dp[0];
+ Z->used = 1;
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ Z->sign = res_sign; /* See above mp_isneg() for negative detection */
+#endif
+ return MP_OKAY;
}
+ if (ret == MP_OKAY) {
+ /* maximum bits and words for writing to HW */
+ maxWords_sz = bits2words(max(Xs, Ys));
+ hwWords_sz = words2hwords(maxWords_sz);
+
+ resultWords_sz = bits2words(Xs + Ys);
+ /* sanity check */
+ if ( (hwWords_sz << 5) > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "exceeds max bit length(2048) (a)");
+ ret = MP_HW_FALLBACK; /* Error: value is not able to be used. */
+ }
+ }
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* assumed to be regular ESP32 Xtensa here */
+
/*Steps to use HW in the following order:
* 1. wait until clean HW engine
* 2. Write(2*N/512bits - 1 + 8) to MULT_MODE_REG
@@ -451,464 +1323,1762 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
* need to write data to each memory block only according to the length
* of the number.
* 4. Write 1 to MUL_START_REG
- * 5. Wait for the first operation to be done. Poll INTERRUPT_REG until it reads 1.
- * (Or until the INTER interrupt is generated.)
+ * 5. Wait for the first operation to be done.
+ * Poll INTERRUPT_REG until it reads 1.
+ * (Or until the INTER interrupt is generated.)
* 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
* 7. Read the Z from RSA_Z_MEM
* 8. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
* 9. Release the HW engine
*/
- /* lock HW for use */
- if ((ret = esp_mp_hw_lock()) != MP_OKAY) {
- return ret;
+
+ /* Y (left-extend)
+ * Accelerator supports large-number multiplication with only
+ * four operand lengths of N ∈ {512, 1024, 1536, 2048} */
+ left_pad_offset = maxWords_sz << 2;
+ if (left_pad_offset <= 512 >> 3) {
+ left_pad_offset = 512 >> 3; /* 64 bytes (16 words) */
+ }
+ else {
+ if (left_pad_offset <= 1024 >> 3) {
+ left_pad_offset = 1024 >> 3; /* 128 bytes = 32 words */
+ }
+ else {
+ if (left_pad_offset <= 1536 >> 3) {
+ left_pad_offset = 1536 >> 3; /* 192 bytes = 48 words */
+ }
+ else {
+ if (left_pad_offset <= 2048 >> 3) {
+ left_pad_offset = 2048 >> 3; /* 256 bytes = 64 words */
+ }
+ else {
+ ret = MP_VAL;
+ ESP_LOGE(TAG, "Unsupported operand length: %d",
+ hwWords_sz);
+ }
+ }
+ }
}
- if((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
- return ret;
+ /* lock HW for use, enable peripheral clock */
+ if (ret == MP_OKAY) {
+ mp_mul_lock_called = TRUE; /* we'll not try to unlock
+ * unless we locked it here. */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Only track max values when using HW */
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+ esp_mp_max_used;
+ }
+ #endif
+
+ ret = esp_mp_hw_lock();
}
- /* step.1 (2*N/512) => N/256. 512 bits => 16 words */
- DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hwWords_sz >> 3) - 1 + 8);
- /* step.2 write X, M and r_inv into memory */
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
- X,
- Xs,
- hwWords_sz);
- /* Y(let-extend) */
- esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + (hwWords_sz<<2),
- Y,
- Ys,
- hwWords_sz);
- /* step.3 start process */
- process_start(RSA_MULT_START_REG);
-
- /* step.4,5 wait until done */
- ret = wait_until_done(RSA_INTERRUPT_REG);
- if (ret != MP_OKAY) {
- ESP_LOGE(TAG, "wait_until_done failed.");
- return ret;
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
}
- /* step.6 read the result form MEM_Z */
- esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Zs));
- /* step.7 clear and release HW */
- esp_mp_hw_unlock();
+ if (ret == MP_OKAY) {
+ /* step.1 (2*N/512) => N/256. 512 bits => 16 words */
+ /* Write 2*N/512 - 1 + 8 */
+
+ DPORT_REG_WRITE(RSA_MULT_MODE_REG,
+ (2 * left_pad_offset * 8 / 512) - 1 + 8);
+
+ /* step.2 write X into memory */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ Xs,
+ hwWords_sz);
+
+ /* write zeros from RSA_MEM_Z_BLOCK_BASE to left_pad_offset - 1 */
+ esp_zero_memblock(RSA_MEM_Z_BLOCK_BASE,
+ (left_pad_offset - 1) / sizeof(int));
+
+ /* write the left-padded Y value into Z */
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + (left_pad_offset),
+ Y,
+ Ys,
+ hwWords_sz);
+
+ #ifdef DEBUG_WOLFSSL
+ /* save value to peek at the result stored in RSA_MEM_Z_BLOCK_BASE */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE,
+ PEEK,
+ 128);
+ #endif
+
+ /* step.3 start process */
+ process_start(RSA_MULT_START_REG);
+
+ /* step.4,5 wait until done */
+ ret = wait_until_done(RSA_INTERRUPT_REG);
+
+ /* step.6 read the result form MEM_Z */
+ if (ret == MP_OKAY) {
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, resultWords_sz);
+ }
+#ifndef DEBUG_WOLFSSL
+ else {
+ ESP_LOGE(TAG, "ERROR: wait_until_done failed in esp32_mp");
+ }
+#endif
+ } /* end of processing */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* Unlike the ESP32 that is limited to only four operand lengths,
+ * the ESP32-C3 The RSA Accelerator supports large-number modular
+ * multiplication with operands of 128 different lengths.
+ *
+ * X & Y must be represented by the same number of bits. Must be
+ * enough to represent the larger one. */
+
+ /* Figure out how many words we need to
+ * represent each operand & the result. */
+
+ /* Make sure we are within capabilities of hardware. */
+ if ((hwWords_sz * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "exceeds max bit length(%d)", ESP_HW_MULTI_RSAMAX_BITS);
+ ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+ }
+ if ((hwWords_sz * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
+ ESP_LOGW(TAG, "result exceeds max bit length(%d)", ESP_HW_RSAMAX_BIT );
+ ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+ }
+
+ /* Steps to perform large number multiplication. Calculates Z = X * Y.
+ * The number of bits in the operands (X, Y) is N. N can be 32x, where
+ * x = {1,2,3,...64}, so the maximum number of bits in X and Y is 2048.
+ * See 20.3.3 of ESP32-S3 technical manual
+ * 1. Lock the hardware so no-one else uses it and wait until it is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write number of words required for result to the RSA_MODE_REG
+ * (now called RSA_LENGTH_REG).
+ * Number of words required for the result is 2 * words for operand - 1
+ * 4. Load X, Y operands to memory blocks.
+ * Note the Y value must be written to as right aligned.
+ * 5. Start the operation by writing 1 to RSA_MULT_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 6. Read the result out.
+ * 7. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
+
+ /* 1. lock HW for use & wait until it is ready. */
+ /* lock HW for use, enable peripheral clock */
+ if (ret == MP_OKAY) {
+ mp_mul_lock_called = TRUE; /* Do not try to unlock unless we locked */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Only track max values when using HW */
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+ esp_mp_max_used;
+ }
+ #endif
+
+ ret = esp_mp_hw_lock();
+ } /* the only thing we expect is success or busy */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
+
+ /* HW multiply */
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+ /* 3. Write number of words required for result. */
+ DPORT_REG_WRITE(RSA_LENGTH_REG, (hwWords_sz * 2 - 1));
+
+ /* 4. Load X, Y operands. Maximum is 64 words (64*8*4 = 2048 bits) */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ Xs,
+ hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + hwWords_sz * 4,
+ Y,
+ Ys,
+ hwWords_sz);
+
+ /* 5. Start operation and wait until it completes. */
+ process_start(RSA_MULT_START_REG);
+ ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+ }
+ if (ret == MP_OKAY) {
+ /* 6. read the result form MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, resultWords_sz);
+ }
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* Unlike the ESP32 that is limited to only four operand lengths,
+ * the ESP32-C6 The RSA Accelerator supports large-number modular
+ * multiplication with operands of 128 different lengths.
+ *
+ * X & Y must be represented by the same number of bits. Must be
+ * enough to represent the larger one. */
+
+ /* Figure out how many words we need to
+ * represent each operand & the result. */
+
+ /* Make sure we are within capabilities of hardware. */
+ if ((hwWords_sz * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "exceeds max bit length(%d)", ESP_HW_MULTI_RSAMAX_BITS);
+ ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+ }
+ if ((hwWords_sz * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
+ ESP_LOGW(TAG, "result exceeds max bit length(%d)", ESP_HW_RSAMAX_BIT );
+ ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+ }
-#endif /* CONFIG_IDF_TARGET_ESP32S3 or not */
+ /* Steps to perform large number multiplication. Calculates Z = X * Y.
+ * The number of bits in the operands (X, Y) is N.
+ * N can be 32x, where x = {1,2,3,...64},
+ * so the maximum number of bits in the X and Y is 2048.
+ * See 20.3.3 of ESP32-S3 technical manual
+ * 1. Lock the hardware so no-one else uses it and wait until it is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write number of words required for result to the RSA_MODE_REG
+ * (now called RSA_LENGTH_REG).
+ * Number of words required for the result is 2 * words for operand - 1
+ * 4. Load X, Y operands to memory blocks.
+ * Note the Y value must be written to right aligned.
+ * 5. Start the operation by writing 1 to RSA_MULT_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 6. Read the result out.
+ * 7. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
+
+ /* 1. lock HW for use & wait until it is ready. */
+ /* lock HW for use, enable peripheral clock */
+ if (ret == MP_OKAY) {
+ mp_mul_lock_called = TRUE; /* Do not try to unlock unless we locked */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Only track max values when using HW */
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+ esp_mp_max_used;
+ }
+ #endif
+
+ ret = esp_mp_hw_lock();
+ } /* the only thing we expect is success or busy */
+
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
+
+ /* HW multiply */
+ if (ret == MP_OKAY) {
+ /* 1. Disable completion interrupt signal; we don't use.
+ * Write 1 (enable) or 0 (disable) to the RSA_INT_ENA_REG register.
+ * 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
+ /* 2. Write number of words required for result. */
+ /* see 21.3.3 Write (/N16 − 1) to the RSA_MODE_REG register */
+ DPORT_REG_WRITE(RSA_MODE_REG, (hwWords_sz * 2 - 1));
+
+ /* 3. Write Xi and Yi for ∈ {0, 1, . . . , n − 1} to memory blocks
+ * RSA_X_MEM and RSA_Z_MEM
+ * Maximum is 64 words (64*8*4 = 2048 bits) */
+ esp_mpint_to_memblock(RSA_X_MEM,
+ X,
+ Xs,
+ hwWords_sz);
+ esp_mpint_to_memblock(RSA_Z_MEM + hwWords_sz * 4,
+ Y,
+ Ys,
+ hwWords_sz);
+
+ /* 4. Write 1 to the RSA_SET_START_MULT register */
+ ret = process_start(RSA_SET_START_MULT_REG);
+
+ }
+ /* 5. Wait for the completion of computation, which happens when the
+ * content of RSA_QUERY_IDLE becomes 1 or the RSA interrupt occurs. */
+ if (ret == MP_OKAY) {
+ ret = wait_until_done(RSA_QUERY_IDLE_REG);
+ }
+
+ if (ret == MP_OKAY) {
+ /* 6. read the result from MEM_Z */
+ esp_memblock_to_mpint(RSA_Z_MEM, Z, resultWords_sz);
+ }
+ /* end ESP32-C6 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* Unlike the ESP32 that is limited to only four operand lengths,
+ * the ESP32-S3 The RSA Accelerator supports large-number modular
+ * multiplication with operands of 128 different lengths.
+ *
+ * X & Y must be represented by the same number of bits. Must be
+ * enough to represent the larger one. */
+
+ /* Figure out how many words we need to
+ * represent each operand & the result. */
+
+ /* Make sure we are within capabilities of hardware. */
+ if ((hwWords_sz * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "exceeds max bit length(%d)", ESP_HW_MULTI_RSAMAX_BITS);
+ ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+ }
+ if ((hwWords_sz * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
+ ESP_LOGW(TAG, "result exceeds max bit length(%d)", ESP_HW_RSAMAX_BIT );
+ ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+ }
+
+ /* Steps to perform large number multiplication. Calculates Z = X * Y.
+ * The number of bits in the operands (X, Y) is N.
+ * N can be 32x, where x = {1,2,3,...64},
+ * so the maximum number of bits in the X and Y is 2048.
+ * See 20.3.3 of ESP32-S3 technical manual
+ * 1. Lock the hardware so no-one else uses it and wait until it is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write number of words required for result to the RSA_MODE_REG
+ * (now called RSA_LENGTH_REG).
+ * Number of words required for the result is 2 * words for operand - 1
+ * 4. Load X, Y operands to memory blocks.
+ * Note the Y value must be written to right aligned.
+ * 5. Start the operation by writing 1 to RSA_MULT_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 6. Read the result out.
+ * 7. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
+
+ /* 1. lock HW for use & wait until it is ready. */
+ if (ret == MP_OKAY) {
+ mp_mul_lock_called = TRUE; /* Don't try to unlock unless we locked. */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Only track max values when using HW */
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+ esp_mp_max_used;
+ }
+ #endif
+
+ ret = esp_mp_hw_lock();
+ } /* the only thing we expect is success or busy */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
+
+ /* HW multiply */
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+ /* 3. Write number of words required for result. */
+ DPORT_REG_WRITE(RSA_LENGTH_REG, (hwWords_sz * 2 - 1));
+
+ /* 4. Load X, Y operands. Maximum is 64 words (64*8*4 = 2048 bits) */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ Xs,
+ hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + hwWords_sz * 4,
+ Y,
+ Ys,
+ hwWords_sz);
+
+ /* 5. Start operation and wait until it completes. */
+ process_start(RSA_MULT_START_REG);
+ ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+ }
+ if (ret == MP_OKAY) {
+ /* 6. read the result form MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, resultWords_sz);
+ }
+
+ /*
+ ** end if CONFIG_IDF_TARGET_ESP32S3
+ */
+#else
+ ret = MP_HW_FALLBACK;
+#endif /* target HW calcs*/
/* common exit for all chipset types */
-#ifdef WOLFSSL_SP_INT_NEGATIVE
- if (!mp_iszero(Z) && neg) {
- /* for non-zero negative numbers, set negative flag for our result:
- * Z->sign = FP_NEG */
- mp_setneg(Z);
+
+ /* step.7 clear and release HW */
+ if (mp_mul_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called");
+ }
+
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ if (ret == MP_OKAY) {
+ if (!mp_iszero(Z) && res_sign) {
+ /* for non-zero negative numbers, set negative flag for our result:
+ * Z->sign = FP_NEG */
+ ESP_LOGV(TAG, "Setting Z to negative result!");
+ mp_setneg(Z);
+ }
+ else {
+ Z->sign = MP_ZPOS;
+ }
+ }
+#endif
+
+ if (ret == MP_OKAY) {
+ /* never clean the result for anything other than success, as we may
+ * fall back to SW and we don't want to muck up operand values. */
+ esp_clean_result(Z, 0);
+ }
+
+#ifdef DEBUG_WOLFSSL
+ if (mp_cmp(X, X2) != 0) {
+ /* this may be interesting when operands change (e.g. z=x*z mode m) */
+ /* ESP_LOGE(TAG, "mp_mul X vs X2 mismatch!"); */
+ }
+ if (mp_cmp(Y, Y2) != 0) {
+ /* this may be interesting when operands change (e.g. z=y*z mode m) */
+ /* ESP_LOGE(TAG, "mp_mul Y vs Y2 mismatch!"); */
+ }
+ if (mp_cmp(Z, Z2) != 0) {
+ int found_z_used = Z->used;
+
+ ESP_LOGE(TAG, "mp_mul Z vs Z2 mismatch!");
+ ESP_LOGI(TAG, "Xs = %d", Xs);
+ ESP_LOGI(TAG, "Ys = %d", Ys);
+ ESP_LOGI(TAG, "Zs = %d", Zs);
+ ESP_LOGI(TAG, "found_z_used = %d", found_z_used);
+ ESP_LOGI(TAG, "z.used = %d", Z->used);
+ ESP_LOGI(TAG, "hwWords_sz = %d", hwWords_sz);
+ ESP_LOGI(TAG, "maxWords_sz = %d", maxWords_sz);
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ ESP_LOGI(TAG, "left_pad_offset = %d", left_pad_offset);
+#endif
+ ESP_LOGI(TAG, "hwWords_sz<<2 = %d", hwWords_sz << 2);
+ esp_show_mp("X", X2); /* show X2 copy, as X may have been clobbered */
+ esp_show_mp("Y", Y2); /* show Y2 copy, as Y may have been clobbered */
+ esp_show_mp("Peek Z", PEEK); /* this is the Z before start */
+ esp_show_mp("Z", Z); /* this is the HW result */
+ esp_show_mp("Z2", Z2); /* this is the SW result */
+ #ifndef NO_RECOVER_SOFTWARE_CALC
+ ESP_LOGW(TAG, "Recovering mp_mul error with software result");
+ mp_copy(Z2, Z); /* copy (src = Z2) to (dst = Z) */
+ #else
+ ret = MP_VAL;
+ #endif
}
#endif
+#ifdef WOLFSSL_HW_METRICS
+ esp_mp_mul_usage_ct++;
+ esp_mp_max_used = (Z->used > esp_mp_max_used) ? Z->used : esp_mp_max_used;
+ if (ret != MP_OKAY) {
+ esp_mp_mul_error_ct++; /* includes fallback */
+ }
+#endif
+
+ ESP_LOGV(TAG, "\nEnd esp_mp_mul \n");
+
return ret;
-}
+} /* esp_mp_mul() */
+#endif /* Use HW mp_mul: ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL*/
-/* Z = X * Y (mod M) */
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+/* Large Number Modular Multiplication
+ *
+ * See 24.3.3 of the ESP32 Technical Reference Manual
+ *
+ * Z = X × Y mod M */
int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
{
- int ret = 0;
- int negcheck;
- word32 Xs;
- word32 Ys;
- word32 Ms;
- word32 maxWords_sz;
- word32 hwWords_sz;
- word32 zwords;
+ struct esp_mp_helper mph[1]; /* we'll save some values in this mp helper */
+ MATH_INT_T tmpZ[1] = { };
+#ifdef DEBUG_WOLFSSL
+ MATH_INT_T X2[1] = { };
+ MATH_INT_T Y2[1] = { };
+ MATH_INT_T M2[1] = { };
+ MATH_INT_T Z2[1] = { };
+ MATH_INT_T PEEK[1] = { };
+ (void) PEEK;
+#endif
- MATH_INT_T r_inv;
- MATH_INT_T tmpZ;
- mp_digit mp;
+ int ret = MP_OKAY;
+ int mulmod_lock_called = FALSE;
+ word32 zwords = 0;
- uint32_t Exponent;
-#if CONFIG_IDF_TARGET_ESP32S3
- uint32_t OperandBits;
- int WordsForOperand;
-# endif
-
- /* neg check - X*Y becomes negative */
- negcheck = mp_isneg(X) != mp_isneg(Y) ? 1 : 0;
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ int negcheck = 0;
+#endif
- /* ask bits number */
- Xs = mp_count_bits(X);
- Ys = mp_count_bits(Y);
- Ms = mp_count_bits(M);
+#ifdef DEBUG_WOLFSSL
+ int reti = 0; /* interim return value used only during HW==SW validation */
+#endif
- /* maximum bits and words for writing to HW */
- maxWords_sz = bits2words(max(Xs, max(Ys, Ms)));
- zwords = bits2words(min(Ms, Xs + Ys));
- hwWords_sz = words2hwords(maxWords_sz);
+#if defined(CONFIG_IDF_TARGET_ESP32)
- if ((hwWords_sz << 5) > ESP_HW_RSAMAX_BIT) {
- ESP_LOGE(TAG, "exceeds HW maximum bits");
- return MP_VAL; /* Error: value is not able to be used. */
- }
- /* calculate r_inv = R^2 mode M
- * where: R = b^n, and b = 2^32
- * accordingly R^2 = 2^(n*32*2)
- */
-#if CONFIG_IDF_TARGET_ESP32S3
- Exponent = maxWords_sz * BITS_IN_ONE_WORD * 2;
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+ word32 OperandBits;
+ int WordsForOperand;
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ word32 OperandBits;
+ int WordsForOperand;
#else
- Exponent = hwWords_sz << 6;
+ ret = MP_HW_FALLBACK;
#endif
- ret = mp_init_multi(&tmpZ, &r_inv, NULL, NULL, NULL, NULL);
- if (ret == 0 && (ret = esp_get_rinv(&r_inv, M, Exponent)) != MP_OKAY) {
- ESP_LOGE(TAG, "calculate r_inv failed.");
- mp_clear(&tmpZ);
- mp_clear(&r_inv);
+
+ ESP_LOGV(TAG, "\nBegin esp_mp_mulmod \n");
+
+ /* do we have an even moduli? */
+ if ((M->dp[0] & 1) == 0) {
+#ifndef NO_ESP_MP_MUL_EVEN_ALT_CALC
+ /* Z = X × Y mod M in mixed HW & SW*/
+ ret = esp_mp_mul(X, Y, tmpZ); /* HW X * Y */
+ if (ret == MP_OKAY) {
+ /* z = tmpZ mod M, 0 <= Z < M */
+ ret = mp_mod(tmpZ, M, Z); /* SW mod M */
+ }
+ ESP_LOGV(TAG, "alternate mp_mul calc!");
+ return ret;
+#else
+ #ifdef WOLFSSL_HW_METRICS
+ esp_mp_mulmod_even_mod_ct++;
+ #endif
+ ESP_LOGV(TAG, "esp_mp_mulmod does not support even numbers");
+ ret = MP_HW_FALLBACK; /* let the software figure out what to do */
return ret;
+#endif /* NO_ESP_MP_MUL_EVEN_ALTERNATE */
+ } /* even moduli check */
+
+#ifdef DEBUG_WOLFSSL
+ /* we're only validating HW when in debug mode */
+ if (esp_hw_validation_active()) {
+ ESP_LOGV(TAG, "MP_HW_VALIDATION_ACTIVE");
+ return MP_HW_VALIDATION_ACTIVE;
}
+#endif
- /* lock HW for use */
- if ((ret = esp_mp_hw_lock()) != MP_OKAY) {
- mp_clear(&tmpZ);
- mp_clear(&r_inv);
- return ret;
+#ifdef DEBUG_WOLFSSL
+ if (IS_HW_VALIDATION) {
+ ESP_LOGE(TAG, "Caller must not try HW when validation active.");
}
- /* Calculate M' */
- if ((ret = esp_calc_Mdash(M, 32/* bits */, &mp)) != MP_OKAY) {
- ESP_LOGE(TAG, "failed to calculate M dash");
- mp_clear(&tmpZ);
- mp_clear(&r_inv);
- return ret;
+ else {
+ /* when validating, save SW in [V]2 for later comparison to HW */
+ mp_init(X2);
+ mp_init(Y2);
+ mp_init(M2);
+ mp_init(Z2);
+
+ mp_copy(X, X2); /* copy (src = X) to (dst = X2) */
+ mp_copy(Y, Y2); /* copy (src = Y) to (dst = Y2) */
+ mp_copy(M, M2); /* copy (src = M) to (dst = M2) */
+ mp_copy(Z, Z2); /* copy (src = Z) to (dst = Z2) */
+
+ SET_HW_VALIDATION; /* for the next mulmod to be SW for HW validation */
+ reti = mp_mulmod(X2, Y2, M2, Z2);
+ if (reti == 0) {
+ ESP_LOGV(TAG, "wolfSSL mp_mulmod during validation success");
+ }
+ else {
+ ESP_LOGE(TAG, "wolfSSL mp_mulmod during validation failed");
+ }
+ CLR_HW_VALIDATION;
+ }
+#endif /* DEBUG_WOLFSSL */
+
+ if (ret == MP_OKAY) {
+
+ /* neg check: X*Y becomes negative, we'll need adjustment */
+ #if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ negcheck = mp_isneg(X) != mp_isneg(Y) ? 1 : 0;
+ #endif
+
+ /* calculate r_inv = R^2 mod M
+ * where: R = b^n, and b = 2^32
+ * accordingly R^2 = 2^(n*32*2)
+ */
+ ret = esp_mp_montgomery_init(X, Y, M, mph);
+ if (ret == MP_OKAY) {
+ ESP_LOGV(TAG, "esp_mp_exptmod esp_mp_montgomery_init success.");
+ }
+ else {
+ #ifdef WOLFSSL_HW_METRICS
+ if (ret == MP_HW_FALLBACK) {
+ esp_mp_mulmod_fallback_ct++;
+ }
+ else {
+ esp_mp_mulmod_error_ct++;
+ }
+ #endif
+ return ret;
+ }
+ zwords = bits2words(min(mph->Ms, mph->Xs + mph->Ys));
}
-#if CONFIG_IDF_TARGET_ESP32S3
- /* Steps to perform large number modular multiplication. Calculates Z = (X x Y) modulo M.
- * The number of bits in the operands (X, Y) is N. N can be 32x, where x = {1,2,3,...64}, so the
- * maximum number of bits in the X and Y is 2048. We must use the same number of words to represent
- * the bits in X, Y and M.
- * See 20.3.3 of ESP32-S3 technical manual
+ /* we'll use hardware only for a minimum number of bits */
+ if (mph->Xs <= ESP_RSA_MULM_BITS || mph->Ys <= ESP_RSA_MULM_BITS) {
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ esp_mp_mulmod_small_y_ct++; /* track how many times we fall back */
+ }
+ #endif
+ ret = MP_HW_FALLBACK;
+ /* TODO add debug metrics */
+ #ifdef WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+ {
+ ESP_LOGV(TAG, "esp_mp_mulmod falling back for ESP_RSA_MULM_BITS!");
+ }
+ #endif
+ }
+
+ /* lock HW for use, enable peripheral clock */
+ if (ret == MP_OKAY) {
+ mulmod_lock_called = TRUE; /* Don't try to unlock unless we locked */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Only track max values when using HW */
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (M->used > esp_mp_max_used) ? M->used :
+ esp_mp_max_used;
+ }
+ #endif
+
+ ret = esp_mp_hw_lock();
+ }
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* Classic ESP32, non-S3 Xtensa */
+
+ /*Steps to use HW in the following order:
+ * prep: wait until clean HW engine
+ *
+ * 1. Write (N/512bits - 1) to MULT_MODE_REG
+ * 2. Write X,M(=G, X, P) to memory blocks
+ * need to write data to each memory block only according to the length
+ * of the number.
+ * 3. Write M' to M_PRIME_REG
+ * 4. Write 1 to MODEXP_START_REG
+ * 5. Wait for the first round of the operation to be completed.
+ * Poll RSA_INTERRUPT_REG until it reads 1,
+ * or until the RSA_INTR interrupt is generated.
+ * (Or until the INTER interrupt is generated.)
+ * 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
+ * 7. Write Yi (i ∈ [0, n) ∩ N) to RSA_X_MEM
+ * Users need to write to the memory block only according to the length
+ * of the number. Data beyond this length is ignored.
+ * 8. Write 1 to RSA_MULT_START_REG
+ * 9. Wait for the second operation to be completed.
+ * Poll INTERRUPT_REG until it reads 1.
+ * 10. Read the Zi (i ∈ [0, n) ∩ N) from RSA_Z_MEM
+ * 11. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
+ *
+ * post: Release the HW engine
+ *
+ * After the operation, the RSA_MULT_MODE_REG register, and memory blocks
+ * RSA_M_MEM and RSA_M_PRIME_REG remain unchanged. Users do not need to
+ * refresh these registers or memory blocks if the values remain the same.
+ */
+
+ if (ret == MP_OKAY) {
+ /* Prep wait for the engine */
+ ret = esp_mp_hw_wait_clean();
+ }
+
+ if (ret == MP_OKAY) {
+ /* step.1
+ * Write (N/512bits - 1) to MULT_MODE_REG
+ * 512 bits => 16 words */
+ DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1);
+#if defined(DEBUG_WOLFSSL)
+ ESP_LOGV(TAG, "RSA_MULT_MODE_REG = %d", (mph->hwWords_sz >> 4) - 1);
+#endif /* WOLFSSL_DEBUG */
+
+ /* step.2 write X, M, and r_inv into memory.
+ * The capacity of each memory block is 128 words.
+ * The memory blocks use the little endian format for storage, i.e.
+ * the least significant digit of each number is in lowest address.*/
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X, mph->Xs, mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+ M, mph->Ms, mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+ &(mph->r_inv), mph->Rs, mph->hwWords_sz);
+
+ /* step.3 write M' into memory */
+ /* confirmed that mp2 does not support even modulus.
+ * indeed we see a failure, but we can predict when modules is odd
+ * or when mp != mp2[0] */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+ ESP_EM__3_16;
+
+ /* step.4 start process */
+ process_start(RSA_MULT_START_REG);
+
+ /* step.5,6 wait until done */
+ wait_until_done(RSA_INTERRUPT_REG);
+
+ /* step.7 Y to MEM_X */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ Y, mph->Ys,
+ mph->hwWords_sz);
+
+#ifdef DEBUG_WOLFSSL
+ /* save value to peek at the result stored in RSA_MEM_Z_BLOCK_BASE */
+ esp_memblock_to_mpint(RSA_MEM_X_BLOCK_BASE,
+ PEEK,
+ 128);
+ esp_clean_result(PEEK, 0);
+#endif /* DEBUG_WOLFSSL */
+
+ /* step.8 start process */
+ process_start(RSA_MULT_START_REG);
+
+ /* step.9,11 wait until done */
+ wait_until_done(RSA_INTERRUPT_REG);
+
+ /* step.12 read the result from MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, tmpZ, zwords);
+ } /* step 1 .. 12 */
+
+ /* step.13 clear and release HW */
+ if (mulmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called");
+ }
+ /* end of ESP32 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* Steps to perform large number modular multiplication.
+ * Calculates Z = (X * Y) modulo M.
+ * The number of bits in the operands (X, Y) is N. N can be 32x, where
+ * x = {1,2,3,...64}, so the maximum number of bits in the X and Y is 2048.
+ * We must use the same number of words to represent bits in X, Y and M.
+ * See 20.3.3 of ESP32-C3 technical manual
* 1. Wait until the hardware is ready.
- * 2. Enable/disable interrupt that signals completion -- we don't use the interrupt.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
* 3. Write the number of words required to represent the operands to the
* RSA_MODE_REG (now called RSA_LENGTH_REG).
* 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
* 5. Load X, Y, M, r' operands to memory blocks.
- * 6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG, then wait for it
- * to complete by monitoring RSA_IDLE_REG (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
* 7. Read the result out.
* 8. Release the hardware lock so others can use it.
* x. Clear the interrupt flag, if you used it (we don't). */
/* 1. Wait until hardware is ready. */
- if ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
- return ret;
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
}
- /* 2. Disable completion interrupt signal; we don't use.
- ** 0 => no interrupt; 1 => interrupt on completion. */
- DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
- /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
- OperandBits = max(max(Xs, Ys), Ms);
- if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
- ESP_LOGW(TAG, "result exceeds max bit length");
- return MP_VAL; /* Error: value is not able to be used. */
+ /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+ OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+ if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "result exceeds max bit length");
+ return MP_VAL; /* Error: value is not able to be used. */
+ }
+ WordsForOperand = bits2words(OperandBits);
+ /* alt inline calc:
+ * DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1); */
+ DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+ /* 4. Write M' value into RSA_M_PRIME_REG
+ * (now called RSA_M_DASH_REG) */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+ /* Select acceleration options. */
+ DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+
+ /* 5. Load X, Y, M, r' operands.
+ * Note RSA_MEM_RB_BLOCK_BASE == RSA_MEM_Z_BLOC_BASE on ESP32s3*/
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+ Y,
+ mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_RB_BLOCK_BASE,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* 6. Start operation and wait until it completes. */
+ process_start(RSA_MOD_MULT_START_REG); /* esp_mp_mulmod */
}
- WordsForOperand = bits2words(OperandBits);
- DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
- /* 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG) */
- DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+ if (ret == MP_OKAY) {
+ ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+ }
- /* Select acceleration options. */
- DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+ if (ret == MP_OKAY) {
+ /* 7. read the result from MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, tmpZ, zwords);
+ }
- /* 5. Load X, Y, M, r' operands.
- * Note RSA_MEM_RB_BLOCK_BASE == RSA_MEM_Z_BLOC_BASE on ESP32s3*/
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_RB_BLOCK_BASE, &r_inv, mp_count_bits(&r_inv), hwWords_sz);
+ /* 8. clear and release HW */
+ if (mulmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called, esp_mp_hw_unlock skipped");
+ }
+ /* end if CONFIG_IDF_TARGET_ESP32C3 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* Steps to perform large number modular multiplication.
+ * Calculates Z = (X * Y) modulo M.
+ * The number of bits in the operands (X, Y) is N. N can be 32x,where
+ * x = {1,2,3,...64}, so the maximum number of bits in X and Y is 2048.
+ * We must use the same number of words to represent the bits X, Y and M.
+ * See 20.3.3 of ESP32-S3 technical manual
+ * 1. Wait until the hardware is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write the number of words required to represent the operands to the
+ * RSA_MODE_REG (now called RSA_LENGTH_REG).
+ * 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+ * 5. Load X, Y, M, r' operands to memory blocks.
+ * 6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 7. Read the result out.
+ * 8. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
- /* 6. Start operation and wait until it completes. */
- process_start(RSA_MOD_MULT_START_REG);
- ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
- if (MP_OKAY != ret) {
- return ret;
+ /* 1. Wait until hardware is ready for esp_mp_mulmod. */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
+
+ /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+ OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+ if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "result exceeds max bit length");
+ return MP_VAL; /* Error: value is not able to be used. */
+ }
+ WordsForOperand = bits2words(OperandBits);
+ /* alt inline calc:
+ * DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1); */
+ DPORT_REG_WRITE(RSA_MODE_REG, WordsForOperand - 1);
+
+ /* 4. Write M' value into RSA_M_PRIME_REG
+ * (now called RSA_M_DASH_REG) */
+ DPORT_REG_WRITE(RSA_M_PRIME_REG, mph->mp);
+
+ /* Select acceleration options. */
+ DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+ DPORT_REG_WRITE(RSA_SEARCH_POS_REG, 0); /* or RSA_SEARCH_ENABLE */
+
+ /* 5. Load X, Y, M, r' operands.
+ * Note RSA_MEM_RB_BLOCK_BASE == RSA_M_MEM on ESP32-C6*/
+ esp_mpint_to_memblock(RSA_X_MEM,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_Y_MEM,
+ Y,
+ mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_M_MEM,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_Z_MEM,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* 6. Start operation and wait until it completes. */
+ process_start(RSA_SET_START_MODMULT_REG); /* reminder: esp_mp_mulmod */
}
- /* 7. read the result form MEM_Z */
- esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, &tmpZ, zwords);
+ /* 5. Wait for the completion of computation, which happens when the
+ * content of RSA_QUERY_IDLE becomes 1 or the RSA interrupt occurs. */
+ if (ret == MP_OKAY) {
+ ret = wait_until_done(RSA_QUERY_IDLE_REG);
+ }
+ if (ret == MP_OKAY) {
+ /* 7. read the result from MEM_Z */
+ esp_memblock_to_mpint(RSA_Z_MEM, tmpZ, zwords);
+ }
/* 8. clear and release HW */
- esp_mp_hw_unlock();
-
- if (negcheck) {
- mp_sub(M, &tmpZ, &tmpZ);
+ if (mulmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called, esp_mp_hw_unlock skipped");
}
- mp_copy(&tmpZ, Z);
- mp_clear(&tmpZ);
- mp_clear(&r_inv);
+ /* end if CONFIG_IDF_TARGET_ESP32C3 or CONFIG_IDF_TARGET_ESP32C6 */
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* Steps to perform large number modular multiplication.
+ * Calculates Z = (X * Y) modulo M.
+ * The number of bits in the operands (X, Y) is N. N can be 32x, where
+ * x = {1,2,3,...64}, so the maximum number of bits in the X and Y is 2048.
+ * We must use the same number of words to represent bits in X, Y and M.
+ * See 20.3.3 of ESP32-S3 technical manual.
+ * 1. Wait until the hardware is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write the number of words required to represent the operands to the
+ * RSA_MODE_REG (now called RSA_LENGTH_REG).
+ * 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+ * 5. Load X, Y, M, r' operands to memory blocks.
+ * 6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 7. Read the result out.
+ * 8. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
- return ret;
- /* end if CONFIG_IDF_TARGET_ESP32S3 */
-#else
- /* non-S3 Xtensa */
+ /* 1. Wait until hardware is ready. */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
- /*Steps to use HW in the following order:
- * 1. wait until clean HW engine
- * 2. Write(N/512bits - 1) to MULT_MODE_REG
- * 3. Write X,M(=G, X, P) to memory blocks
- * need to write data to each memory block only according to the length
- * of the number.
- * 4. Write M' to M_PRIME_REG
- * 5. Write 1 to MODEXP_START_REG
- * 6. Wait for the first operation to be done. Poll INTERRUPT_REG until it reads 1.
- * (Or until the INTER interrupt is generated.)
- * 7. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
- * 8. Write Y to RSA_X_MEM
- * 9. Write 1 to RSA_MULT_START_REG
- * 10. Wait for the second operation to be completed. Poll INTERRUPT_REG until it reads 1.
- * 11. Read the Z from RSA_Z_MEM
- * 12. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
- * 13. Release the HW engine
- */
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
- if ( (ret = esp_mp_hw_wait_clean()) != MP_OKAY ) {
- return ret;
+ /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+ OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+ if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "result exceeds max bit length");
+ return MP_VAL; /* Error: value is not able to be used. */
+ }
+ WordsForOperand = bits2words(OperandBits);
+ /* alt inline calc:
+ * DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1); */
+ DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+ /* 4. Write M' value into RSA_M_PRIME_REG
+ * (now called RSA_M_DASH_REG) */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+ /* Select acceleration options. */
+ DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+
+ /* 5. Load X, Y, M, r' operands.
+ * Note RSA_MEM_RB_BLOCK_BASE == RSA_MEM_Z_BLOC_BASE on ESP32s3*/
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+ Y,
+ mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_RB_BLOCK_BASE,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* 6. Start operation and wait until it completes. */
+ process_start(RSA_MOD_MULT_START_REG); /* Reminder: esp_mp_mulmod() */
+ asm volatile("memw");
+ asm volatile("nop");
+ asm volatile("nop");
+ asm volatile("nop");
+ asm volatile("nop");
+ asm volatile("nop");
+ asm volatile("nop");
}
- /* step.1 512 bits => 16 words */
- DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hwWords_sz >> 4) - 1);
-
- /* step.2 write X, M and r_inv into memory */
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
- &r_inv,
- mp_count_bits(&r_inv),
- hwWords_sz);
- /* step.3 write M' into memory */
- DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+ if (ret == MP_OKAY) {
+ ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+ }
- /* step.4 start process */
- process_start(RSA_MULT_START_REG);
+ if (ret == MP_OKAY) {
+ /* 7. read the result from MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, tmpZ, zwords);
+ }
- /* step.5,6 wait until done */
- wait_until_done(RSA_INTERRUPT_REG);
- /* step.7 Y to MEM_X */
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, Y, Ys, hwWords_sz);
+ /* 8. clear and release HW */
+ if (mulmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ if (ret == MP_HW_FALLBACK) {
+ ESP_LOGV(TAG, "Lock not called due to no-lock MP_HW_FALLBACK");
+ }
+ else {
+ ESP_LOGW(TAG, "Lock unexpectedly not called");
+ }
+ }
- /* step.8 start process */
- process_start(RSA_MULT_START_REG);
+ /* end if CONFIG_IDF_TARGET_ESP32S3 */
+#else
+ /* for all non-supported chipsets, fall back to SW calcs */
+ ret = MP_HW_FALLBACK;
+#endif
- /* step.9,11 wait until done */
- wait_until_done(RSA_INTERRUPT_REG);
+ if (ret == MP_OKAY) {
+ /* additional steps */
+ /* this is needed for known issue when Z is greater than M */
+ if (mp_cmp(tmpZ, M) == MP_GT) {
+ /* Z -= M */
+ mp_sub(tmpZ, M, tmpZ);
+ ESP_LOGV(TAG, "Z is greater than M");
+ }
+ #if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ if (negcheck) {
+ mp_sub(M, tmpZ, tmpZ);
+ ESP_LOGV(TAG, "neg check adjustment");
+ }
+ #endif
+ mp_copy(tmpZ, Z); /* copy tmpZ to result Z */
- /* step.12 read the result from MEM_Z */
- esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, &tmpZ, zwords);
+ esp_clean_result(Z, 0);
+ }
- /* step.13 clear and release HW */
- esp_mp_hw_unlock();
+#ifdef WOLFSSL_HW_METRICS
+ esp_mp_mulmod_usage_ct++;
+ if (ret == MP_HW_FALLBACK) {
+ ESP_LOGV(TAG, "esp_mp_mulmod HW Fallback tick");
+ esp_mp_mulmod_fallback_ct++;
+ }
+#endif
- /* additional steps */
- /* this needs for known issue when Z is greater than M */
- if (mp_cmp(&tmpZ, M) == MP_GT) {
- /* Z -= M */
- mp_sub(&tmpZ, M, &tmpZ);
+#ifdef DEBUG_WOLFSSL
+ if (ret == MP_HW_FALLBACK) {
+ ESP_LOGI(TAG, "HW Fallback");
}
- if (negcheck) {
- mp_sub(M, &tmpZ, &tmpZ);
+ else {
+ if (mp_cmp(X, X2) != 0) {
+ ESP_LOGV(TAG, "mp_mul X vs X2 mismatch!");
+ }
+ if (mp_cmp(Y, Y2) != 0) {
+ ESP_LOGV(TAG, "mp_mul Y vs Y2 mismatch!");
+ }
+
+ if (mp_cmp(Z, Z2) != 0) {
+ ESP_LOGE(TAG, "esp_mp_mulmod Z vs Z2 mismatch!");
+
+ esp_mp_mulmod_error_ct++;
+ int found_z_used = Z->used;
+
+ ESP_LOGI(TAG, "Xs = %d", mph->Xs);
+ ESP_LOGI(TAG, "Ys = %d", mph->Ys);
+ ESP_LOGI(TAG, "found_z_used = %d", found_z_used);
+ ESP_LOGI(TAG, "z.used = %d", Z->used);
+ ESP_LOGI(TAG, "hwWords_sz = %d", mph->hwWords_sz);
+ ESP_LOGI(TAG, "maxWords_sz = %d", mph->maxWords_sz);
+ ESP_LOGI(TAG, "hwWords_sz<<2 = %d", mph->hwWords_sz << 2);
+
+ /* parameters may have been collbered; Show cpied values */
+ esp_show_mp("X", X2);
+ esp_show_mp("Y", Y2);
+ esp_show_mp("M", M2);
+
+ ESP_LOGI(TAG, "Xs = %d", mph->Xs);
+ ESP_LOGI(TAG, "Ys = %d", mph->Ys);
+ ESP_LOGI(TAG, "found_z_used = %d", found_z_used);
+ ESP_LOGI(TAG, "z.used = %d", Z->used);
+ ESP_LOGI(TAG, "hwWords_sz = %d", mph->hwWords_sz);
+ ESP_LOGI(TAG, "maxWords_sz = %d", mph->maxWords_sz);
+ ESP_LOGI(TAG, "hwWords_sz<<2 = %d", mph->hwWords_sz << 2);
+ esp_show_mp("X", X2); /* X2 copy, as X may have been clobbered */
+ esp_show_mp("Y", Y2); /* Y2 copy, as Y may have been clobbered */
+ esp_show_mp("M", M2); /* M2 copy, as M may have been clobbered */
+ esp_show_mp("r_inv", &(mph->r_inv)); /*show r_inv */
+ ESP_LOGI(TAG, "mp = 0x%08x = %u", mph->mp, mph->mp);
+
+ if (mph->mp == mph->mp2) {
+ ESP_LOGI(TAG, "M' match esp_calc_Mdash vs mp_montgomery_setup"
+ " = %d !", mph->mp);
+ }
+ else {
+ ESP_LOGW(TAG,
+ "\n\n"
+ "M' MISMATCH esp_calc_Mdash = 0x%08x = %d \n"
+ "vs mp_montgomery_setup = 0x%08x = %d \n\n",
+ mph->mp,
+ mph->mp,
+ mph->mp2,
+ mph->mp2);
+ mph->mp = mph->mp2;
+ }
+
+
+ esp_show_mp("HW Z", Z); /* this is the HW result */
+ esp_show_mp("SW Z2", Z2); /* this is the SW result */
+ ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries",
+ esp_mp_mulmod_usage_ct);
+ ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
+ esp_mp_mulmod_error_ct);
+ ESP_LOGI(TAG, "");
+ esp_show_mp("HW Z", Z); /* this is the HW result */
+ esp_show_mp("SW Z2", Z2); /* this is the SW result */
+ ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries",
+ esp_mp_mulmod_usage_ct);
+ ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
+ esp_mp_mulmod_error_ct);
+ ESP_LOGI(TAG, "");
+
+
+ #ifndef NO_RECOVER_SOFTWARE_CALC
+ {
+ ESP_LOGW(TAG, "Recovering mp_mul error with software result");
+ mp_copy(Z2, Z); /* copy (src = Z2) to (dst = Z) */
+ }
+ #else
+ {
+ /* If we are not recovering, then we have an error. */
+ ret = MP_VAL;
+ }
+ #endif
+ }
+ else {
+ ESP_LOGV(TAG, "esp_mp_mulmod success!");
+ }
}
- mp_copy(&tmpZ, Z);
+#endif /* DEBUG_WOLFSSL */
- mp_clear(&tmpZ);
- mp_clear(&r_inv);
+ /* cleanup and exit */
+ mp_clear(tmpZ);
+ mp_clear(&(mph->r_inv));
- return ret;
+ ESP_LOGV(TAG, "\nEnd esp_mp_mulmod \n");
+ if (ret == MP_OKAY || ret == MP_HW_FALLBACK) {
+ ESP_LOGV(TAG, "esp_mp_mulmod exit success ");
+ }
+ else {
+ ESP_LOGW(TAG, "esp_mp_mulmod exit failed = %d", ret);
+ }
+
+#ifdef WOLFSSL_HW_METRICS
+ /* calculate max used after any cleanup */
+ esp_mp_max_used = (Z->used > esp_mp_max_used) ? Z->used : esp_mp_max_used;
#endif
-}
+ return ret;
+} /* esp_mp_mulmod */
+#endif /* Use HW mulmod: ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/* Large Number Modular Exponentiation
*
* Z = X^Y mod M
*
- * See:
- * ESP32, Chapter 24, https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
- * ESP32s3, section 20.3.1, https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf
+ * ESP32, Section 24.3.2 https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
+ * ESP32S3, Section 20.3.1, https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf
+ *
* The operation is based on Montgomery multiplication. Aside from the
* arguments X, Y , and M, two additional ones are needed —r and M′
.* These arguments are calculated in advance by software.
.*
.* The RSA Accelerator supports operand lengths of N ∈ {512, 1024, 1536, 2048,
-.* 2560, 3072, 3584, 4096} bits on the ESP32 and N ∈ [32, 4096] bits on the ESP32s3.
-.* The bit length of arguments Z, X, Y , M, and r can be any one from the N set,
-.* but all numbers in a calculation must be of the same length.
+.* 2560, 3072, 3584, 4096} bits on the ESP32 and N ∈ [32, 4096] bits
+ * on the ESP32s3.
+.* The bit length of arguments Z, X, Y , M, and r can be any one from
+ * the N set, but all numbers in a calculation must be of the same length.
.* The bit length of M′ is always 32.
.*
-.* Note some DH references may use: Y = (G ^ X) mod P
- */
-int esp_mp_exptmod(MATH_INT_T* X, MATH_INT_T* Y, word32 Ys, MATH_INT_T* M, MATH_INT_T* Z)
+ * Z = (X ^ Y) mod M : Espressif generic notation
+ * Y = (G ^ X) mod P : wolfSSL DH reference notation */
+int esp_mp_exptmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
{
- int ret = 0;
+ /* Danger! Do not initialize any function parameters, not even the result Z.
+ * Some operations such as (rnd = rnd^e) will wipe out the rnd operand
+ * value upon initialization.
+ * (e.g. the address of X and Z could be the same when called) */
+ struct esp_mp_helper mph[1]; /* we'll save some mp helper data here */
+ int ret = MP_OKAY;
+ int exptmod_lock_called = FALSE;
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* different calc */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+ word32 OperandBits;
+ word32 WordsForOperand;
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ word32 OperandBits;
+ word32 WordsForOperand;
+#else
+ /* no HW */
+#endif
- word32 Xs;
- word32 Ms;
- word32 maxWords_sz;
- word32 hwWords_sz;
+ ESP_LOGV(TAG, "\nBegin esp_mp_exptmod \n");
+#ifdef WOLFSSL_HW_METRICS
+ esp_mp_exptmod_usage_ct++;
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used : esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used : esp_mp_max_used;
+ esp_mp_max_used = (M->used > esp_mp_max_used) ? M->used : esp_mp_max_used;
+#endif
- MATH_INT_T r_inv;
- mp_digit mp;
+ if (mp_iszero(M)) {
+#ifdef DEBUG_WOLFSSL
+ ESP_LOGI(TAG, "esp_mp_exptmod M is zero!");
+#endif
+#ifdef WOLFSSL_HW_METRICS
+ esp_mp_exptmod_fallback_ct++;
+#endif
+ return MP_HW_FALLBACK; /* fall back and let SW decide how to handle */
+ }
-#if CONFIG_IDF_TARGET_ESP32S3
- uint32_t OperandBits;
- uint32_t WordsForOperand;
+ if (mp_isone(M)) {
+#ifdef DEBUG_WOLFSSL
+ ESP_LOGI(TAG, "esp_mp_exptmod M is one!");
#endif
+ mp_clear(Z);
+ return MP_OKAY; /* mod zero is zero */
+ }
- /* ask bits number */
- Xs = mp_count_bits(X);
- Ms = mp_count_bits(M);
- /* maximum bits and words for writing to HW */
- maxWords_sz = bits2words(max(Xs, max(Ys, Ms)));
- hwWords_sz = words2hwords(maxWords_sz);
+ ret = esp_mp_montgomery_init(X, Y, M, mph);
- if ((hwWords_sz << 5) > ESP_HW_RSAMAX_BIT) {
- ESP_LOGE(TAG, "exceeds HW maximum bits");
- return MP_VAL; /* Error: value is not able to be used. */
+ if (ret == MP_OKAY) {
+ ESP_LOGV(TAG, "esp_mp_exptmod esp_mp_montgomery_init success.");
}
- /* calculate r_inv = R^2 mode M
- * where: R = b^n, and b = 2^32
- * accordingly R^2 = 2^(n*32*2)
- */
- ret = mp_init(&r_inv);
- if ( (ret == 0) &&
- ((ret = esp_get_rinv(&r_inv, M, (hwWords_sz << 6))) != MP_OKAY) ) {
- ESP_LOGE(TAG, "calculate r_inv failed.");
- mp_clear(&r_inv);
+ else {
+#ifdef WOLFSSL_HW_METRICS
+ if (ret == MP_HW_FALLBACK) {
+ esp_mp_exptmod_fallback_ct++;
+ }
+ else {
+ esp_mp_exptmod_error_ct++;
+ }
+#endif
return ret;
}
+
+#ifdef DEBUG_WOLFSSL
+ if (esp_hw_validation_active()) {
+ /* recall there's only one HW for all math accelerations */
+ return MP_HW_VALIDATION_ACTIVE;
+ }
+
+ if (esp_mp_exptmod_depth_counter != 0) {
+ ESP_LOGE(TAG, "esp_mp_exptmod Depth Counter Error!");
+ }
+ esp_mp_exptmod_depth_counter++;
+#endif
+
+ /*
+ max bits = 0x400 = 1024 bits
+1024 / 8 = 128 bytes
+ 128 / 4 = 32 words (0x20)
+ */
+
/* lock and init the HW */
- if ( (ret = esp_mp_hw_lock()) != MP_OKAY ) {
- mp_clear(&r_inv);
- return ret;
+ if (ret == MP_OKAY) {
+ exptmod_lock_called = TRUE; /* Don't try to unlock unless we locked */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Only track max values when using HW */
+ esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+ esp_mp_max_used;
+ esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+ esp_mp_max_used;
+ }
+ #endif
+
+ ret = esp_mp_hw_lock();
+ if (ret != MP_OKAY) {
+ ESP_LOGE(TAG, "esp_mp_hw_lock failed");
+ #ifdef DEBUG_WOLFSSL
+ esp_mp_exptmod_depth_counter--;
+ #endif
+ }
+ } /* the only thing we expect is success or busy */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* non-ESP32S3 Xtensa (regular ESP32) */
+
+ /* Steps to use HW in the following order:
+ * 1. Write(N/512bits - 1) to MODEXP_MODE_REG
+ * 2. Write X, Y, M and r_inv to memory blocks
+ * need to write data to each memory block only according to the length
+ * of the number.
+ * 3. Write M' to M_PRIME_REG
+ * 4. Write 1 to MODEXP_START_REG
+ * 5. Wait for the operation to be done. Poll INTERRUPT_REG until it reads 1.
+ * (Or until the INTER interrupt is generated.)
+ * 6. Read the result Z(=Y) from Z_MEM
+ * 7. Write 1 to INTERRUPT_REG to clear the interrupt.
+ */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ #ifdef WOLFSSL_HW_METRICS
+ if (ret != MP_OKAY) {
+ esp_mp_exptmod_error_ct++;
+ }
+ #endif
}
- /* calc M' */
- /* if Pm is odd, uses mp_montgomery_setup() */
- if ( (ret = esp_calc_Mdash(M, 32/* bits */, &mp)) != MP_OKAY ) {
- ESP_LOGE(TAG, "failed to calculate M dash");
- mp_clear(&r_inv);
- return ret;
+
+ if (ret == MP_OKAY) {
+ /* step.1 */
+ ESP_LOGV(TAG,
+ "hwWords_sz = %d, num = %d",
+ mph->hwWords_sz,
+ (mph->hwWords_sz >> 4) - 1
+ );
+
+ DPORT_REG_WRITE(RSA_MODEXP_MODE_REG, (mph->hwWords_sz >> 4) - 1);
+ /* step.2 write G, X, P, r_inv and M' into memory */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+ Y, mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* step.3 write M' into memory */
+ ESP_LOGV(TAG, "M' = %d", mph->mp);
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+ ESP_EM__3_16;
+
+ /* step.4 start process */
+ process_start(RSA_MODEXP_START_REG); /* was RSA_START_MODEXP_REG;
+ * RSA_MODEXP_START_REG in docs? */
+
+ /* step.5 wait until done */
+ wait_until_done(RSA_INTERRUPT_REG);
+ /* step.6 read a result form memory */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(mph->Ms));
}
-#if CONFIG_IDF_TARGET_ESP32S3
- /* Steps to perform large number modular exponentiation. Calculates Z = (X ^ Y) modulo M.
- * The number of bits in the operands (X, Y) is N. N can be 32x, where x = {1,2,3,...64}, so the
- * maximum number of bits in the X and Y is 2048.
+ /* step.7 clear and release expt_mod HW */
+ if (exptmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called");
+ }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ /* Steps to perform large number modular exponentiation.
+ * Calculates Z = (X ^ Y) modulo M.
+ * The number of bits in the operands (X, Y) is N. N can be 32x,
+ * where x = {1,2,3,...64}; maximum number of bits in the X and Y is 2048.
* See 20.3.3 of ESP32-S3 technical manual
* 1. Wait until the hardware is ready.
- * 2. Enable/disable interrupt that signals completion -- we don't use the interrupt.
- * 3. Write (N_bits/32 - 1) to the RSA_MODE_REG (now called RSA_LENGTH_REG).
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write (N_bits/32 - 1) to the RSA_MODE_REG
+ * (now called RSA_LENGTH_REG).
* Here N_bits is the maximum number of bits in X, Y and M.
* 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
* 5. Load X, Y, M, r' operands to memory blocks.
- * 6. Start the operation by writing 1 to RSA_MODEXP_START_REG, then wait for it
- * to complete by monitoring RSA_IDLE_REG (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 6. Start the operation by writing 1 to RSA_MODEXP_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
* 7. Read the result out.
* 8. Release the hardware lock so others can use it.
* x. Clear the interrupt flag, if you used it (we don't). */
/* 1. Wait until hardware is ready. */
- if ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
- return ret;
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
+
+ if (ret == MP_OKAY) {
+ OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+ if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "result exceeds max bit length");
+ ret = MP_VAL; /* Error: value is not able to be used. */
+ }
+ else {
+ WordsForOperand = bits2words(OperandBits);
+ }
}
- /* 2. Disable completion interrupt signal; we don't use.
- ** 0 => no interrupt; 1 => interrupt on completion. */
- DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+ /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+ DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+ /* 4. Write M' value into RSA_M_PRIME_REG
+ * (now called RSA_M_DASH_REG) */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+ /* 5. Load X, Y, M, r' operands. */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+ Y,
+ mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* 6. Start operation and wait until it completes. */
+ process_start(RSA_MODEXP_START_REG);
+ ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+ }
- /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
- OperandBits = max(max(Xs, Ys), Ms);
- if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
- ESP_LOGW(TAG, "result exceeds max bit length");
- return MP_VAL; /* Error: value is not able to be used. */
+ if (MP_OKAY == ret) {
+ /* 7. read the result form MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(mph->Ms));
}
- WordsForOperand = bits2words(OperandBits);
- DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
- /* 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG) */
- DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+ /* 8. clear and release HW */
+ if (exptmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called");
+ }
+ /* end if CONFIG_IDF_TARGET_ESP32C3 */
- /* 5. Load X, Y, M, r' operands. */
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE, &r_inv,
- mp_count_bits(&r_inv), hwWords_sz);
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* Steps to perform large number modular exponentiation.
+ * Calculates Z = (X ^ Y) modulo M.
+ * The number of bits in the operands (X, Y) is N. N can be 32x,
+ * where x = {1,2,3,...64}; maximum number of bits in the X and Y is 2048.
+ * See 20.3.3 of ESP32-S3 technical manual
+ * 1. Wait until the hardware is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write (N_bits/32 - 1) to the RSA_MODE_REG
+ * (now called RSA_LENGTH_REG).
+ * Here N_bits is the maximum number of bits in X, Y and M.
+ * 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+ * 5. Load X, Y, M, r' operands to memory blocks.
+ * 6. Start the operation by writing 1 to RSA_MODEXP_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 7. Read the result out.
+ * 8. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
- /* 6. Start operation and wait until it completes. */
- process_start(RSA_MODEXP_START_REG);
- ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
- if (MP_OKAY != ret) {
- return ret;
+ /* 1. Wait until hardware is ready. */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
}
- /* 7. read the result form MEM_Z */
- esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Ms));
+ if (ret == MP_OKAY) {
+ OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+ if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "result exceeds max bit length");
+ ret = MP_VAL; /* Error: value is not able to be used. */
+ }
+ else {
+ WordsForOperand = bits2words(OperandBits);
+ }
+ }
+
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
+
+ /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+ DPORT_REG_WRITE(RSA_MODE_REG, WordsForOperand - 1);
+
+ /* 4. Write M' value into RSA_M_PRIME_REG */
+ DPORT_REG_WRITE(RSA_M_PRIME_REG, mph->mp);
+
+ /* 5. Load X, Y, M, r' operands. */
+ esp_mpint_to_memblock(RSA_X_MEM,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_Y_MEM,
+ Y,
+ mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_M_MEM,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_Z_MEM,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* 6. Start operation and wait until it completes. */
+ /* Write 1 to the RSA_SET_START_MODEXP field of the
+ * RSA_SET_START_MODEXP_REG register to start computation.*/
+ process_start(RSA_SET_START_MODEXP_REG);
+ ret = wait_until_done(RSA_QUERY_IDLE_REG);
+ }
+
+ if (MP_OKAY == ret) {
+ /* 7. read the result form MEM_Z */
+ esp_memblock_to_mpint(RSA_Z_MEM, Z, BITS_TO_WORDS(mph->Ms));
+ }
/* 8. clear and release HW */
- esp_mp_hw_unlock();
+ if (exptmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called");
+ }
+ /* end if CONFIG_IDF_TARGET_ESP32C6 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ /* Steps to perform large number modular exponentiation.
+ * Calculates Z = (X ^ Y) modulo M.
+ * The number of bits in the operands (X, Y) is N. N can be 32x,
+ * where x = {1,2,3,...64}; the maximum number of bits in X and Y is 2048.
+ * See 20.3.3 of ESP32-S3 technical manual:
+ * 1. Wait until the hardware is ready.
+ * 2. Enable/disable interrupt that signals completion
+ * -- we don't use the interrupt.
+ * 3. Write (N_bits/32 - 1) to the RSA_MODE_REG
+ * (now called RSA_LENGTH_REG).
+ * Here N_bits is the maximum number of bits in X, Y and M.
+ * 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+ * 5. Load X, Y, M, r' operands to memory blocks.
+ * 6. Start the operation by writing 1 to RSA_MODEXP_START_REG,
+ * then wait for it to complete by monitoring RSA_IDLE_REG
+ * (which is now called RSA_QUERY_INTERRUPT_REG).
+ * 7. Read the result out.
+ * 8. Release the hardware lock so others can use it.
+ * x. Clear the interrupt flag, if you used it (we don't). */
- mp_clear(&r_inv);
+ /* 1. Wait until hardware is ready. */
+ if (ret == MP_OKAY) {
+ ret = esp_mp_hw_wait_clean();
+ }
+
+ if (ret == MP_OKAY) {
+ OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+ if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "result exceeds max bit length");
+ ret = MP_VAL; /* Error: value is not able to be used. */
+ }
+ else {
+ WordsForOperand = bits2words(OperandBits);
+ }
+ }
+
+ if (ret == MP_OKAY) {
+ /* 2. Disable completion interrupt signal; we don't use.
+ ** 0 => no interrupt; 1 => interrupt on completion. */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+ /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+ DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+ /* 4. Write M' value into RSA_M_PRIME_REG
+ * (now called RSA_M_DASH_REG) */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+ /* 5. Load X, Y, M, r' operands. */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+ X,
+ mph->Xs,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+ Y,
+ mph->Ys,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+ M,
+ mph->Ms,
+ mph->hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+ &(mph->r_inv),
+ mph->Rs,
+ mph->hwWords_sz);
+
+ /* 6. Start operation and wait until it completes. */
+ process_start(RSA_MODEXP_START_REG);
+ ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+ }
+
+ if (MP_OKAY == ret) {
+ /* 7. read the result form MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(mph->Ms));
+ }
+
+ /* 8. clear and release HW */
+ if (exptmod_lock_called) {
+ ret = esp_mp_hw_unlock();
+ }
+ else {
+ ESP_LOGV(TAG, "Lock not called");
+ }
- return ret;
/* end if CONFIG_IDF_TARGET_ESP32S3 */
#else
- /* non-ESP32S3 Xtensa (regular ESP32) */
+ /* unknown or unsupported targets fall back to SW */
+ ret = MP_HW_FALLBACK;
+#endif
- /* Steps to use HW in the following order:
- * 1. Write(N/512bits - 1) to MODEXP_MODE_REG
- * 2. Write X, Y, M and r_inv to memory blocks
- * need to write data to each memory block only according to the length
- * of the number.
- * 3. Write M' to M_PRIME_REG
- * 4. Write 1 to MODEXP_START_REG
- * 5. Wait for the operation to be done. Poll INTERRUPT_REG until it reads 1.
- * (Or until the INTER interrupt is generated.)
- * 6. Read the result Z(=Y) from Z_MEM
- * 7. Write 1 to INTERRUPT_REG to clear the interrupt.
- */
- if ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
- return ret;
+#ifdef DEBUG_WOLFSSL
+ if (esp_mp_exptmod_depth_counter != 1) {
+ ESP_LOGE(TAG, "esp_mp_exptmod exit Depth Counter Error!");
}
+ esp_mp_exptmod_depth_counter--;
+#endif
- /* step.1 */
- DPORT_REG_WRITE(RSA_MODEXP_MODE_REG, (hwWords_sz >> 4) - 1);
- /* step.2 write G, X, P, r_inv and M' into memory */
- esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
- esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
- &r_inv,
- mp_count_bits(&r_inv),
- hwWords_sz);
- /* step.3 write M' into memory */
- DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
- /* step.4 start process */
- process_start(RSA_START_MODEXP_REG);
-
- /* step.5 wait until done */
- wait_until_done(RSA_INTERRUPT_REG);
- /* step.6 read a result form memory */
- esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Ms));
- /* step.7 clear and release HW */
- esp_mp_hw_unlock();
-
- mp_clear(&r_inv);
+ /* never modify the result if we are falling back as the result
+ * may be the same as one of the operands! */
+ if (ret == MP_OKAY) {
+ esp_clean_result(Z, 0);
+ }
+#ifdef WOLFSSL_HW_METRICS
+ esp_mp_max_used = (Z->used > esp_mp_max_used) ? Z->used : esp_mp_max_used;
+#endif
return ret;
-#endif
-}
+} /* esp_mp_exptmod */
+#endif /* Use HW expmod: ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) &&
- * !NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI) &&
+ * !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
#endif /* !NO_RSA || HAVE_ECC */
+
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) && defined(WOLFSSL_HW_METRICS)
+int esp_hw_show_mp_metrics(void)
+{
+ int ret;
+#if !defined(NO_ESP32_CRYPT) && defined(HW_MATH_ENABLED)
+ ret = MP_OKAY;
+
+#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+ ESP_LOGI(TAG, "esp_mp_mul HW disabled with "
+ "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL");
+#else
+ /* Metrics: esp_mp_mul() */
+ ESP_LOGI(TAG, ""); /* mul follows */
+ ESP_LOGI(TAG, "esp_mp_mul HW acceleration enabled.");
+ ESP_LOGI(TAG, "Number of calls to esp_mp_mul: %lu",
+ esp_mp_mul_usage_ct);
+ if (esp_mp_mul_error_ct == 0) {
+ ESP_LOGI(TAG, "Success: no esp_mp_mul() errors.");
+ }
+ else {
+ ESP_LOGW(TAG, "Number of esp_mp_mul failures: %lu",
+ esp_mp_mul_error_ct);
+ ret = MP_VAL;
+ }
+#endif
+
+#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+ ESP_LOGI(TAG, "esp_mp_mulmod HW disabled with "
+ "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD");
+#else
+ /* Metrics: esp_mp_mulmod() */
+ ESP_LOGI(TAG, ""); /* mulmod follows */
+
+ ESP_LOGI(TAG, "esp_mp_mulmod HW acceleration enabled.");
+ /* Metrics: esp_mp_mulmod() */
+ ESP_LOGI(TAG, "Number of calls to esp_mp_mulmod: %lu",
+ esp_mp_mulmod_usage_ct);
+ ESP_LOGI(TAG, "Number of fallback to SW mp_mulmod: %lu",
+ esp_mp_mulmod_fallback_ct);
+
+ if (esp_mp_mulmod_error_ct == 0) {
+ ESP_LOGI(TAG, "Success: no esp_mp_mulmod errors.");
+ }
+ else {
+ ESP_LOGW(TAG, "Number of esp_mp_mulmod failures: %lu",
+ esp_mp_mulmod_error_ct);
+ ret = MP_VAL;
+ }
+
+ if (esp_mp_mulmod_even_mod_ct == 0) {
+ ESP_LOGI(TAG, "Success: no esp_mp_mulmod even mod.");
+ }
+ else {
+ ESP_LOGW(TAG, "Number of esp_mp_mulmod even mod: %lu",
+ esp_mp_mulmod_even_mod_ct);
+ }
+
+ if (esp_mp_mulmod_error_ct == 0) {
+ ESP_LOGI(TAG, "Success: no esp_mp_mulmod small x or y.");
+ }
+ else {
+ ESP_LOGW(TAG, "Number of esp_mp_mulmod small x: %lu",
+ esp_mp_mulmod_small_x_ct);
+ ESP_LOGW(TAG, "Number of esp_mp_mulmod small y: %lu",
+ esp_mp_mulmod_small_y_ct);
+ }
+#endif /* MULMOD disabled: !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ ESP_LOGI(TAG, "esp_mp_exptmod HW disabled with "
+ "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD");
+#else
+ /* Metrics: sp_mp_exptmod() */
+ ESP_LOGI(TAG, ""); /* exptmod follows */
+
+ ESP_LOGI(TAG, "Number of calls to esp_mp_exptmod: %lu",
+ esp_mp_exptmod_usage_ct);
+ ESP_LOGI(TAG, "Number of fallback to SW mp_exptmod: %lu",
+ esp_mp_exptmod_fallback_ct);
+ if (esp_mp_exptmod_error_ct == 0) {
+ ESP_LOGI(TAG, "Success: no esp_mp_exptmod errors.");
+ }
+ else {
+ ESP_LOGW(TAG, "Number of esp_mp_exptmod errors: %lu",
+ esp_mp_exptmod_error_ct);
+ ret = MP_VAL;
+ }
+#endif /* EXPTMOD not disabled !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+ ESP_LOGI(TAG, "Max N->used: esp_mp_max_used = %lu", esp_mp_max_used);
+ ESP_LOGI(TAG, "Max timeout: esp_mp_max_timeout = %lu", esp_mp_max_timeout);
+
+#else
+ /* no HW math, no HW math metrics */
+ ret = ESP_OK;
+#endif /* HW_MATH_ENABLED */
+
+
+ return ret;
+}
+#endif /* WOLFSSL_HW_METRICS */
+
+#endif /* WOLFSSL_ESPIDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c
index 39f4ad8a..30ba0e7b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c
@@ -18,11 +18,24 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+
+/*
+ * ESP32-C3: https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf
+ * see page 335: no SHA-512
+ *
+ */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+
/*****************************************************************************/
/* this entire file content is excluded when NO_SHA, NO_SHA256
* or when using WC_SHA384 or WC_SHA512
@@ -34,12 +47,20 @@
/* this entire file content is excluded if not using HW hash acceleration */
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
-/* TODO this may be chip type dependent: add support for others */
-#include <hal/clk_gate_ll.h> /* ESP32-WROOM */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ #include <hal/sha_hal.h>
+ #include <hal/sha_ll.h>
+ #include <hal/clk_gate_ll.h>
+#else
+ #include <hal/clk_gate_ll.h> /* ESP32-WROOM */
+#endif
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/sha512.h>
@@ -56,22 +77,138 @@
static const char* TAG = "wolf_hw_sha";
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* keep track of the currently active SHA hash object for interleaving */
+ const static word32 ** _active_digest_address = 0;
+#endif
+
#ifdef NO_SHA
#define WC_SHA_DIGEST_SIZE 20
#endif
+#if defined(DEBUG_WOLFSSL)
+ /* Only when debugging, we'll keep tracking of block numbers. */
+ static int this_block_num = 0;
+#endif
+
/* RTOS mutex or just InUse variable */
#if defined(SINGLE_THREADED)
static int InUse = 0;
#else
static wolfSSL_Mutex sha_mutex = NULL;
+#endif
- #if defined(DEBUG_WOLFSSL)
- /* Only when debugging, we'll keep tracking of block numbers. */
- static int this_block_num = 0;
+#ifdef WOLFSSL_DEBUG_MUTEX
+ #ifndef WOLFSSL_TEST_STRAY
+ /* unless turned on, we won't be testing for strays */
+ #define WOLFSSL_TEST_STRAY 0
+ #endif
+#endif
+
+/* usage metrics can be turned on independently of debugging */
+#ifdef WOLFSSL_HW_METRICS
+ static unsigned long esp_sha_hw_copy_ct = 0;
+ static unsigned long esp_sha1_hw_usage_ct = 0;
+ static unsigned long esp_sha1_sw_fallback_usage_ct = 0;
+ static unsigned long esp_sha_reverse_words_ct = 0;
+ static unsigned long esp_sha1_hw_hash_usage_ct = 0;
+ static unsigned long esp_sha2_224_hw_hash_usage_ct = 0;
+ static unsigned long esp_sha2_256_hw_hash_usage_ct = 0;
+ static unsigned long esp_sha256_sw_fallback_usage_ct = 0;
+ static unsigned long esp_byte_reversal_checks_ct = 0;
+ static unsigned long esp_byte_reversal_needed_ct = 0;
+#endif
+
+#if defined(ESP_MONITOR_HW_TASK_LOCK)
+ static void * mutex_ctx_owner = 0;
+ static TaskHandle_t mutex_ctx_task = 0;
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED;
+ WC_ESP32SHA* stray_ctx;
+ /* each ctx keeps track of the intializer for HW. when debugging
+ * we'll have a global variable to indicate which has the lock. */
+ static int _sha_lock_count = 0;
+ static int _sha_call_count = 0;
+
+ int esp_sha_call_count(void)
+ {
+ return _sha_call_count;
+ }
+
+ int esp_sha_lock_count(void)
+ {
+ return _sha_lock_count;
+ }
+
+ void* esp_sha_mutex_ctx_owner(void)
+ {
+ void* ret = 0;
+ taskENTER_CRITICAL(&sha_crit_sect);
+ {
+ ret = mutex_ctx_owner;
+ }
+ taskEXIT_CRITICAL(&sha_crit_sect);
+ return ret;
+ };
+ #else
+ int esp_sha_mutex_ctx_owner(void)
+ {
+ return (int)sha_mutex;
+ }
#endif
#endif
+/*
+** The wolfCrypt functions for LITTLE_ENDIAN_ORDER typically
+** reverse the byte order. Except when the hardware doesn't expect it.
+**
+** Returns 0 (FALSE) or 1 (TRUE); see wolfSSL types.h
+*/
+int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx)
+{
+ int ret = TRUE; /* assume we'll need reversal, look for exceptions */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ if (ctx == NULL) {
+ ESP_LOGE(TAG, " ctx is null");
+ /* return true for bad params */
+ }
+ else {
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ esp_byte_reversal_checks_ct++;
+ }
+ #endif
+ if (ctx->mode == ESP32_SHA_HW) {
+ ESP_LOGV(TAG, " No reversal, ESP32_SHA_HW");
+ ret = FALSE;
+ }
+ else {
+ ret = TRUE;
+ ESP_LOGV(TAG, " Need byte reversal, %d", ctx->mode);
+ /* return true for SW; only HW C3 skips reversal at this time. */
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ esp_byte_reversal_needed_ct++;
+ }
+ #endif
+ if (ctx->mode == ESP32_SHA_INIT) {
+ ESP_LOGW(TAG, "esp_sha_need_byte_reversal during init?");
+ ESP_LOGW(TAG, "forgot to try HW lock first?");
+ }
+ }
+ }
+#else
+ /* other platforms always return true */
+#endif
+ return ret;
+}
+
/* esp_sha_init
**
** ctx: any wolfSSL ctx from any hash algo
@@ -87,21 +224,33 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
{
int ret = 0;
-#if defined(CONFIG_IDF_TARGET_ESP32) || defined(CONFIG_IDF_TARGET_ESP32S3)
+#if defined(CONFIG_IDF_TARGET_ESP32) || \
+ defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
switch (hash_type) { /* check each wolfSSL hash type WC_[n] */
case WC_HASH_TYPE_SHA:
ctx->sha_type = SHA1; /* assign Espressif SHA HW type */
ret = esp_sha_init_ctx(ctx);
break;
+ case WC_HASH_TYPE_SHA224:
+ #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
+ ctx->sha_type = SHA2_224; /* assign Espressif SHA HW type */
+ ret = esp_sha_init_ctx(ctx);
+ #else
+ /* Don't call init, always SW as there's no HW. */
+ ctx->mode = ESP32_SHA_SW;
+ #endif
+ break;
+
case WC_HASH_TYPE_SHA256:
ctx->sha_type = SHA2_256; /* assign Espressif SHA HW type */
ret = esp_sha_init_ctx(ctx);
break;
- #ifdef CONFIG_IDF_TARGET_ESP32S3
+ #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
case WC_HASH_TYPE_SHA384:
- /* TODO is SHA384 really not supported on -S3? */
ctx->mode = ESP32_SHA_SW;
ctx->sha_type = SHA2_384; /* Espressif type, but we won't use HW */
break;
@@ -138,13 +287,53 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
ESP_LOGW(TAG, "Unexpected hash_type in esp_sha_init");
break;
}
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ switch (hash_type) { /* check each wolfSSL hash type WC_[n] */
+ #ifndef NO_SHA
+ case WC_HASH_TYPE_SHA:
+ ctx->sha_type = SHA1; /* assign Espressif SHA HW type */
+ ret = esp_sha_init_ctx(ctx);
+ break;
+ #endif
+
+ case WC_HASH_TYPE_SHA224:
+ ctx->sha_type = SHA2_224; /* assign Espressif SHA HW type */
+ ret = esp_sha_init_ctx(ctx);
+ break;
+
+ case WC_HASH_TYPE_SHA256:
+ ctx->sha_type = SHA2_256; /* assign Espressif SHA HW type */
+ ret = esp_sha_init_ctx(ctx);
+ break;
+
+ default:
+ /* We fall through to SW when there's no enabled HW, above. */
+ ctx->mode = ESP32_SHA_SW;
+ ret = 0;
+ /* If there's no HW, the ctx reference should cause build error.
+ ** The type should be gated away when there's no HW at all! */
+ ctx->isfirstblock = true;
+ ctx->sha_type = hash_type;
+ ESP_LOGW(TAG, "Unsupported hash_type = %d in esp_sha_init, "
+ "falling back to SW", hash_type);
+ break;
+ }
+
#else
/* other chipsets will be implemented here */
-#endif /* defined(CONFIG_IDF_TARGET_ESP32) || defined(CONFIG_IDF_TARGET_ESP32S3) */
+ ESP_LOGW(TAG, "SW Fallback; CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
+ ctx->mode = ESP32_SHA_SW;
+#endif /* CONFIG_IDF_TARGET_ESP32 ||
+ * CONFIG_IDF_TARGET_ESP32S2 ||
+ * CONFIG_IDF_TARGET_ESP32S3 */
return ret;
}
+#ifndef NO_SHAx /* TODO cannot currently turn off SHA */
/* we'll call a separate init as there's only 1 HW acceleration */
int esp_sha_init_ctx(WC_ESP32SHA* ctx)
{
@@ -153,6 +342,12 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
/* we'll keep track of who initialized this */
ctx->initializer = ctx; /* save our address in the initializer */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* Keep track of which freeRTOS task actually locks HW */
+ ctx->task_owner = xTaskGetCurrentTaskHandle();
+ }
+ #endif
ctx->mode = ESP32_SHA_INIT;
}
else {
@@ -167,6 +362,22 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
/* we should never have an unexpected mode in a known ctx */
switch (ctx->mode) {
+ case ESP32_SHA_FREED:
+ ESP_LOGW(TAG, "Warning: ESP32_SHA_FREED status");
+
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ if (ctx->task_owner == xTaskGetCurrentTaskHandle()) {
+ esp_sha_hw_unlock(ctx);
+ }
+ else {
+ ESP_LOGW(TAG, "Warning: unable to unlock ctx mutex ");
+ }
+ #else
+ esp_sha_hw_unlock(ctx);
+ #endif
+ ctx->mode = ESP32_SHA_INIT;
+ /* fall through to init */
+
case ESP32_SHA_INIT:
case ESP32_SHA_SW:
/* nothing interesting here */
@@ -182,7 +393,7 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
break;
default:
- /* This should almost occur. We'd need to have an
+ /* This should almost never occur. We'd need to have an
** uninitialized ctx that just happens to include the
** breadcrumb initializer with the same address. */
ESP_LOGW(TAG, "ALERT: unexpected WC_ESP32SHA ctx mode: "
@@ -202,9 +413,20 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
**
** In either case, initialize: */
ctx->initializer = ctx; /* set a new address */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* not HW mode, so we are not interested in task owner */
+ ctx->task_owner = 0;
+ }
+ #endif
/* Always set to ESP32_SHA_INIT, but give debug info as to why: */
switch (ctx->mode) {
+ case ESP32_SHA_FREED:
+ ESP_LOGE(TAG, "ERROR: unexpected ESP32_SHA_FREED");
+ ctx->mode = ESP32_SHA_INIT;
+ break;
+
case ESP32_SHA_INIT:
/* if we are already in init mode, nothing to do. */
break;
@@ -226,7 +448,8 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
case ESP32_SHA_HW_COPY:
/* This is an interesting but acceptable situation:
** an anticipated active HW copy that will demote to SW. */
- ESP_LOGV(TAG, "HW WC_ESP32SHA ctx mode = ESP32_SHA_HW_COPY.");
+ ESP_LOGV(TAG, "HW WC_ESP32SHA ctx mode = "
+ "ESP32_SHA_HW_COPY.");
break;
default:
@@ -257,6 +480,7 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
** If there's a problem, likely some undesired operation
** outside of wolfSSL.
*/
+ /* TODO debug check if HW actually locked; */
esp_sha_hw_unlock(ctx);
ctx->mode = ESP32_SHA_INIT;
break;
@@ -294,7 +518,8 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
ctx->isfirstblock = true;
ctx->lockDepth = 0; /* new objects will always start with lock depth = 0 */
- return 0; /* Always return success. We assume all issues handled, above. */
+ return ESP_OK; /* Always return success.
+ * We assume all issues handled, above. */
} /* esp_sha_init_ctx */
/*
@@ -306,24 +531,43 @@ int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst)
if (src->ctx.mode == ESP32_SHA_HW) {
/* this is an interesting situation to copy HW digest to SW */
ESP_LOGV(TAG, "esp_sha_ctx_copy esp_sha_digest_process");
-
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ esp_sha_hw_copy_ct++;
+ }
+ #endif
/* Get a copy of the HW digest, but don't process it. */
ret = esp_sha_digest_process(dst, 0);
if (ret == 0) {
- /* note we arrived here only because the src is already in HW mode */
- dst->ctx.mode = ESP32_SHA_HW_COPY; /* provide init hint to SW revert */
+ /* Note we arrived here only because
+ * the src is already in HW mode.
+ * provide init hint to SW revert: */
+ dst->ctx.mode = ESP32_SHA_HW_COPY;
/* initializer will be set during init */
ret = esp_sha_init(&(dst->ctx), WC_HASH_TYPE_SHA);
if (ret != 0) {
- ESP_LOGE(TAG, "Error during esp_sha_ctx_copy in esp_sha_init.");
+ ESP_LOGE(TAG, "Error during esp_sha_ctx_copy "
+ "in esp_sha_init.");
}
}
else {
- ESP_LOGE(TAG, "Error during esp_sha_ctx_copy in esp_sha_digest_process.");
+ ESP_LOGE(TAG, "Error during esp_sha_ctx_copy "
+ "in esp_sha_digest_process.");
}
if (dst->ctx.mode == ESP32_SHA_SW) {
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* Reverse digest for C2/C3/C6 RISC-V platform
+ * only when HW enabled but fallback to SW. */
+ ByteReverseWords(dst->digest, dst->digest, WC_SHA_DIGEST_SIZE);
+ #ifdef WOLFSSL_HW_METRICS
+ esp_sha_reverse_words_ct++;
+ #endif
+ #endif
/* The normal revert to SW in copy is expected */
ESP_LOGV(TAG, "Confirmed SHA Copy set to SW");
}
@@ -339,27 +583,42 @@ int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst)
** No special HW init needed in SW mode.
** but we need to set our initializer breadcrumb: */
dst->ctx.initializer = &(dst->ctx); /* assign new breadcrumb to dst */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* not HW mode for copy, so we are not interested in task owner */
+ dst->ctx.task_owner = 0;
+ }
+ #endif
+
ret = 0;
}
return ret;
} /* esp_sha_ctx_copy */
+#endif
+
/*
** internal sha224 ctx copy (no ESP HW)
*/
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
int esp_sha224_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
{
/* There's no 224 hardware on ESP32 */
dst->ctx.initializer = &dst->ctx; /* assign the initializer to dst */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* not HW mode for copy, so we are not interested in task owner */
+ dst->ctx.task_owner = 0;
+ }
+ #endif
- /* always set to SW, as there's no ESP32 HW for SHA224.
- ** TODO: add support for ESP32-S2. ESP32-S3, ESP32-C3 here.
- */
dst->ctx.mode = ESP32_SHA_SW;
- return 0;
+ return ESP_OK;
} /* esp_sha224_ctx_copy */
+#endif
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
/*
** internal sha256 ctx copy for ESP HW
*/
@@ -368,8 +627,12 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
int ret;
if (src->ctx.mode == ESP32_SHA_HW) {
/* Get a copy of the HW digest, but don't process it. */
- ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process");
- ret = esp_sha256_digest_process(dst, 0);
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ {
+ ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process");
+ }
+ #endif
+ ret = esp_sha256_digest_process(dst, 0); /* TODO Use FALSE*/
if (ret == 0) {
/* provide init hint to possibly SW revert */
@@ -380,6 +643,17 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
}
if (dst->ctx.mode == ESP32_SHA_SW) {
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ /* Reverse digest byte order for C3 fallback to SW. */
+ ByteReverseWords(dst->digest,
+ dst->digest,
+ WC_SHA256_DIGEST_SIZE);
+ }
+ #endif
ESP_LOGV(TAG, "Confirmed wc_Sha256 Copy set to SW");
}
else {
@@ -393,17 +667,36 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
** No special HW init needed in SW mode.
** but we need to set our initializer: */
dst->ctx.initializer = &dst->ctx; /* assign the initializer to dst */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* not HW mode, so we are not interested in task owner */
+ dst->ctx.task_owner = 0;
+ }
+ #endif
} /* not (src->ctx.mode == ESP32_SHA_HW) */
return ret;
} /* esp_sha256_ctx_copy */
+#endif
+#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
/*
** internal sha384 ctx copy for ESP HW
*/
int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
{
- int ret;
+ int ret = 0;
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ /* We should ever be calling the HW sHA384 copy for this target. */
+ ESP_LOGW(TAG, "Warning: esp_sha384_ctx_copy() called for %s!",
+ CONFIG_IDF_TARGET);
+ ESP_LOGW(TAG, "There's no SHA384 HW for this CONFIG_IDF_TARGET");
+ }
+#else
if (src->ctx.mode == ESP32_SHA_HW) {
/* Get a copy of the HW digest, but don't process it. */
ESP_LOGI(TAG, "esp_sha384_ctx_copy esp_sha512_digest_process");
@@ -415,11 +708,13 @@ int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
/* initializer will be set during init */
ret = esp_sha_init(&(dst->ctx), WC_HASH_TYPE_SHA384);
if (ret != 0) {
- ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy in esp_sha_init.");
+ ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy "
+ "in esp_sha_init.");
}
}
else {
- ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy in esp_sha512_digest_process.");
+ ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy "
+ "in esp_sha512_digest_process.");
}
/* just some diagnostic runtime info */
@@ -437,18 +732,35 @@ int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
** No special HW init needed in SW mode.
** but we need to set our initializer: */
dst->ctx.initializer = &dst->ctx; /* assign the initializer to dst */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* not HW mode for copy, so we are not interested in task owner */
+ dst->ctx.task_owner = 0;
+ }
+ #endif
} /* not (src->ctx.mode == ESP32_SHA_HW) */
-
+#endif
return ret;
} /* esp_sha384_ctx_copy */
+#endif
+#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
/*
** Internal sha512 ctx copy for ESP HW.
** If HW already active, fall back to SW for this ctx.
*/
int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
{
- int ret;
+ int ret = ESP_OK; /* Assume success (zero) */
+
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* there's no SHA512 HW on the RISC-V SoC so there's nothing to do. */
+#elif defined(CONFIG_IDF_TARGET_ESP32) || \
+ defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
if (src->ctx.mode == ESP32_SHA_HW) {
/* Get a copy of the HW digest, but don't process it. */
ESP_LOGI(TAG, "esp_sha512_ctx_copy esp_sha512_digest_process");
@@ -476,18 +788,31 @@ int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
/* reminder this happened in XMEMCOPY, above: dst->ctx = src->ctx;
** No special HW init needed when not in active HW mode.
** but we need to set our initializer breadcrumb: */
+ /* TODO: instead of what is NOT supported, gate on what IS known to be supported */
+ #if !defined(CONFIG_IDF_TARGET_ESP32C2) && \
+ !defined(CONFIG_IDF_TARGET_ESP32C3) && \
+ !defined(CONFIG_IDF_TARGET_ESP32C6)
dst->ctx.initializer = &dst->ctx; /*breadcrumb is this ctx address */
+ #endif
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ {
+ /* not HW mode for copy, so we are not interested in task owner */
+ dst->ctx.task_owner = 0;
+ }
+ #endif
}
+#endif
return ret;
} /* esp_sha512_ctx_copy */
+#endif
/*
-** determine the digest size, depending on SHA type.
+** Determine the digest size, depending on SHA type.
**
** See FIPS PUB 180-4, Instruction Section 1.
**
-** see ESP32 shah.h for values:
+** See ESP32 shah.h for values:
**
** enum SHA_TYPE {
** SHA1 = 0,
@@ -502,45 +827,77 @@ int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
** Returns zero for bad digest size type request.
**
*/
-static word32 wc_esp_sha_digest_size(enum SHA_TYPE type)
+static word32 wc_esp_sha_digest_size(WC_ESP_SHA_TYPE type)
{
int ret = 0;
ESP_LOGV(TAG, " esp_sha_digest_size");
+#if CONFIG_IDF_TARGET_ARCH_RISCV
+/*
+ * SHA1 = 0,
+ * SHA2_224,
+ * SHA2_256,
+ */
switch (type) {
#ifndef NO_SHA
case SHA1: /* typically 20 bytes */
ret = WC_SHA_DIGEST_SIZE;
break;
-#endif
+ #endif
#ifdef WOLFSSL_SHA224
- /*
- no SHA224 HW at this time.
case SHA2_224:
ret = WC_SHA224_DIGEST_SIZE;
break;
- */
#endif
#ifndef NO_SHA256
case SHA2_256: /* typically 32 bytes */
ret = WC_SHA256_DIGEST_SIZE;
break;
-#endif
+ #endif
+ default:
+ ESP_LOGE(TAG, "Bad SHA type in wc_esp_sha_digest_size");
+ ret = 0;
+ break;
+ }
+#else
+ /* Xtensa */
+ switch (type) {
+ #ifndef NO_SHA
+ case SHA1: /* typically 20 bytes */
+ ret = WC_SHA_DIGEST_SIZE;
+ break;
+ #endif
+
+ #ifdef WOLFSSL_SHA224
+ #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
+ case SHA2_224:
+ ret = WC_SHA224_DIGEST_SIZE;
+ break;
+ #endif
+ #endif
+
+ #ifndef NO_SHA256
+ case SHA2_256: /* typically 32 bytes */
+ ret = WC_SHA256_DIGEST_SIZE;
+ break;
+ #endif
#ifdef WOLFSSL_SHA384
case SHA2_384:
ret = WC_SHA384_DIGEST_SIZE;
break;
-#endif
+ #endif
#ifdef WOLFSSL_SHA512
case SHA2_512: /* typically 64 bytes */
ret = WC_SHA512_DIGEST_SIZE;
break;
-#endif
+ #endif
default:
ESP_LOGE(TAG, "Bad SHA type in wc_esp_sha_digest_size");
ret = 0;
break;
}
+#endif
return ret; /* Return value is a size, not an error code. */
} /* wc_esp_sha_digest_size */
@@ -551,10 +908,18 @@ static word32 wc_esp_sha_digest_size(enum SHA_TYPE type)
static int wc_esp_wait_until_idle(void)
{
int ret = 0; /* assume success */
-
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* ESP32-C3 RISC-V TODO */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ int loop_ct = 10000;
+
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* ESP32-C3 and ESP32-C6 RISC-V */
+ while ((sha_ll_busy() == true) && (loop_ct > 0)) {
+ loop_ct--;
+ /* do nothing while waiting. */
+ }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
while (REG_READ(SHA_BUSY_REG)) {
/* do nothing while waiting. */
}
@@ -566,7 +931,10 @@ static int wc_esp_wait_until_idle(void)
/* do nothing while waiting. */
}
#endif
-
+ if (loop_ct <= 0)
+ {
+ ESP_LOGI(TAG, "too long to exit wc_esp_wait_until_idle");
+ }
return ret;
} /* wc_esp_wait_until_idle */
@@ -581,8 +949,6 @@ static int wc_esp_wait_until_idle(void)
**
** Note that enable / disable only occurs when ref_counts[periph] == 0
**
-** TODO: check if this works with other ESP32 platforms ESP32-C3,
-** ESP32-S3, etc. (A: generally, no. RISC-V has different HW accelerator.)
*/
int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
{
@@ -593,7 +959,7 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
int max_unroll_count = 1000; /* never get stuck in a hardware wait loop */
#if defined(CONFIG_IDF_TARGET_ESP32)
- uint32_t this_sha_mask; /* this is the bit-mask for our SHA CLK_EN_REG */
+ word32 this_sha_mask; /* this is the bit-mask for our SHA CLK_EN_REG */
#endif
if (ctx == NULL) {
@@ -601,17 +967,24 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
return BAD_FUNC_ARG;
}
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* RISC-V Architecture: TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /************* RISC-V Architecture *************/
+ (void)max_unroll_count;
+ (void)_active_digest_address;
+ ets_sha_disable();
+ /* We don't check for unroll as done below, for Xtensa*/
#else
- /* Xtensa Architecture */
+ /************* Xtensa Architecture *************/
- /* unwind prior calls to THIS ctx. decrement ref_counts[periph] */
- /* only when ref_counts[periph] == 0 does something actually happen */
+ /* unwind prior calls to THIS ctx. decrement ref_counts[periph]
+ ** only when ref_counts[periph] == 0 does something actually happen. */
/* once the value we read is a 0 in the DPORT_PERI_CLK_EN_REG bit
* then we have fully unrolled the enables via ref_counts[periph]==0 */
-#if CONFIG_IDF_TARGET_ESP32S3
+#if defined(CONFIG_IDF_TARGET_ESP32S2) ||defined(CONFIG_IDF_TARGET_ESP32S3)
/* once the value we read is a 0 in the DPORT_PERI_CLK_EN_REG bit
* then we have fully unrolled the enables via ref_counts[periph]==0 */
while (periph_ll_periph_enabled(PERIPH_SHA_MODULE)) {
@@ -630,7 +1003,7 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
/* we'll only try this some unreasonable number of times
* before giving up */
if (actual_unroll_count > max_unroll_count) {
- ret = -1; /* failed to unroll */
+ ret = ESP_FAIL; /* failed to unroll */
break;
}
}
@@ -660,6 +1033,116 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
return ret;
} /* esp_unroll_sha_module_enable */
+int esp_sha_set_stray(WC_ESP32SHA* ctx)
+{
+ int ret = 0;
+#ifdef WOLFSSL_DEBUG_MUTEX
+ stray_ctx = ctx;
+ ret= (int)stray_ctx;
+#endif
+ return ret;
+}
+
+/*
+** return HW lock owner, otherwise zero if not locked.
+**
+** When WOLFSSL_DEBUG_MUTEX is defined, additional
+** debugging capabilities are available.
+*/
+int esp_sha_hw_islocked(WC_ESP32SHA* ctx)
+{
+ int ret = 0;
+#ifdef WOLFSSL_DEBUG_MUTEX
+ taskENTER_CRITICAL(&sha_crit_sect);
+ {
+ ret = (int)mutex_ctx_owner;
+ if (ctx == 0) {
+ /* we are not checking if a given ctx has the lock */
+ }
+ else {
+ if (ret == (int)ctx->initializer) {
+ /* confirmed this object is the owner */
+ }
+ else {
+ /* this object is not the lock owner */
+ }
+ }
+ }
+ taskEXIT_CRITICAL(&sha_crit_sect);
+#else
+ #ifdef SINGLE_THREADED
+ {
+ ret = InUse;
+ }
+ #else
+ {
+ ret = (int)sha_mutex;
+ }
+ #endif
+ return ret;
+#endif
+
+
+#ifdef WOLFSSL_DEBUG_MUTEX
+ if (ret == 0) {
+ ESP_LOGV(TAG, ">> NOT LOCKED esp_sha_hw_islocked");
+ }
+ else {
+ ESP_LOGV(TAG, ">> LOCKED esp_sha_hw_islocked for %x",
+ (int)esp_sha_mutex_ctx_owner());
+ }
+#endif
+ return ret;
+}
+
+/*
+ * The HW is typically unlocked when the SHA hash wc_Sha[nn]Final() is called.
+ * However, in the case of TS connections, the in progress hash may at times be
+ * abandoned. Thus this function should be called at free time. See internal.c
+ */
+int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx)
+{
+ int ret = 0;
+ ret = esp_sha_hw_islocked(ctx); /* get the owner of the current lock */
+ if (ret == 0) {
+ /* no lock */
+ }
+ else {
+ if (ret == (int)ctx) {
+ /* found a match for this object */
+ if (ret == (int)(ctx->initializer)) {
+ /* confirmed match*/
+ }
+ else {
+ /* the only mismatch expected may be in a mullti-thread RTOS */
+ ESP_LOGE(TAG, "ERROR: esp_sha_release_unfinished_lock for %x"
+ " but found %x", ret, (int)(ctx->initializer));
+ }
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ ESP_LOGE(TAG, "\n>>>> esp_sha_release_unfinished_lock %x\n", ret);
+ #endif
+ /* unlock only if this ctx is the intializer of the lock */
+ #ifdef SINGLE_THREADED
+ {
+ ret = esp_sha_hw_unlock(ctx);
+ }
+ #else
+ {
+ if (ctx->task_owner == xTaskGetCurrentTaskHandle()) {
+ ret = esp_sha_hw_unlock(ctx);
+ }
+ else {
+ /* We cannot free a SHA onbject locks from a different task.
+ * So give the ctx a hint for the other task to clean it up. */
+ ctx->mode = ESP32_SHA_FREED;
+ }
+ }
+ #endif
+
+ }
+ }
+ return ret;
+}
/*
** lock HW engine.
** this should be called before using engine.
@@ -668,7 +1151,18 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
{
int ret = 0;
- ESP_LOGV(TAG, "enter esp_sha_hw_lock %x", (int)ctx->initializer);
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ ESP_LOGI(TAG, "enter esp_sha_hw_lock for %x", (int)ctx->initializer);
+#endif
+
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ taskENTER_CRITICAL(&sha_crit_sect);
+ {
+ /* let's keep track of how many times we call this */
+ _sha_call_count++;
+ }
+ taskEXIT_CRITICAL(&sha_crit_sect);
+ #endif
if (ctx == NULL) {
ESP_LOGE(TAG, " esp_sha_try_hw_lock called with NULL ctx");
@@ -694,9 +1188,9 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
else {
/* this should not happens */
ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
- return -1;
+ return ESP_FAIL;
}
-#else /* not defined(SINGLE_THREADED) */
+#else /* not ESP_FAILfined(SINGLE_THREADED) */
/*
** there's only one SHA engine for all the hash types
** so when any hash is in use, no others can use it.
@@ -720,60 +1214,185 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
/* created, but not yet locked */
ret = esp_CryptHwMutexInit(&sha_mutex);
if (ret == 0) {
- ESP_LOGV(TAG, "esp_CryptHwMutexInit sha_mutex init success.");
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ ESP_LOGI(TAG, "esp_CryptHwMutexInit sha_mutex init success.");
+ mutex_ctx_owner = 0;
+ #endif
}
else {
ESP_LOGE(TAG, "esp_CryptHwMutexInit sha_mutex failed.");
sha_mutex = 0;
ESP_LOGI(TAG, "Revert to ctx->mode = ESP32_SHA_SW.");
+
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ ESP_LOGI(TAG, "Current mutext owner = %x",
+ (int)esp_sha_mutex_ctx_owner());
+ #endif
+
ctx->mode = ESP32_SHA_SW;
- return 0; /* success, just not using HW */
+ return ESP_OK; /* success, just not using HW */
}
}
+#ifdef ESP_MONITOR_HW_TASK_LOCK
+ if (mutex_ctx_task == 0 || mutex_ctx_owner == 0) {
+ /* no known stray mutex task owner */
+ }
+ else {
+ if (mutex_ctx_task == xTaskGetCurrentTaskHandle()) {
+ ESP_LOGI(TAG, "Found mutex_ctx_task");
+ if (((WC_ESP32SHA*)mutex_ctx_owner)->mode == ESP32_SHA_FREED) {
+ ESP_LOGW(TAG, "ESP32_SHA_FREED unlocking mutex_ctx_task = %x"
+ " for mutex_ctx_owner = %x",
+ (int)mutex_ctx_task, (int)mutex_ctx_owner );
+ esp_CryptHwMutexUnLock(&sha_mutex);
+ ((WC_ESP32SHA*)mutex_ctx_owner)->mode = ESP32_SHA_INIT;
+ mutex_ctx_task = 0;
+ mutex_ctx_owner = 0;
+ }
+ else {
+ if (ctx->mode == ESP32_SHA_FREED) {
+ ESP_LOGW(TAG, "ESP32_SHA_FREED unlocking ctx = %x"
+ " for ctx.initializer = %x",
+ (int)ctx, (int)ctx->initializer );
+ esp_CryptHwMutexUnLock(&sha_mutex);
+ ctx->mode = ESP32_SHA_INIT;
+ mutex_ctx_task = 0;
+ mutex_ctx_owner = 0;
+ }
+ }
+ }
+ }
+#endif /* ESP_MONITOR_HW_TASK_LOCK */
+
/* check if this SHA has been operated as SW or HW, or not yet init */
if (ctx->mode == ESP32_SHA_INIT) {
/* try to lock the HW engine */
- ESP_LOGV(TAG, "ESP32_SHA_INIT\n");
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ ESP_LOGI(TAG, "ESP32_SHA_INIT for %x\n", (int)ctx->initializer);
+#endif
+ /* lock hardware; there should be exactly one instance
+ * of esp_CryptHwMutexLock(&sha_mutex ...) in code.
+ *
+ * we don't wait:
+ * either the engine is free, or we fall back to SW.
+ *
+ * TODO: allow for SHA interleave on chips that support it.
+ */
- /* we don't wait:
- ** either the engine is free, or we fall back to SW
- **/
if (esp_CryptHwMutexLock(&sha_mutex, (TickType_t)0) == 0) {
+ /* we've successfully locked */
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ mutex_ctx_task = xTaskGetCurrentTaskHandle();
+ #endif
+
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ if (esp_sha_call_count() == 8 && WOLFSSL_TEST_STRAY) {
+ /* Once we've locked 10 times here,
+ * we'll force a fallback to SW until other thread unlocks. */
+ taskENTER_CRITICAL(&sha_crit_sect);
+ {
+ (void)stray_ctx;
+ if (stray_ctx == NULL) {
+ /* no peek task */
+ }
+ else {
+ stray_ctx->initializer = stray_ctx;
+ mutex_ctx_owner = (void*)stray_ctx->initializer;
+ }
+ }
+ taskEXIT_CRITICAL(&sha_crit_sect);
+ if (stray_ctx == NULL) {
+ ESP_LOGW(TAG, "WOLFSSL_DEBUG_MUTEX on, but stray_ctx "
+ "is NULL; are you running the peek task to "
+ "set the stay test?");
+ }
+ else {
+ ESP_LOGI(TAG, "%x", (int)stray_ctx->initializer);
+ ESP_LOGI(TAG, "%x", (int)&stray_ctx);
+ ESP_LOGW(TAG,
+ "\n\nLocking with stray\n\n"
+ "WOLFSSL_DEBUG_MUTEX call count 8, "
+ "ctx->mode = ESP32_SHA_SW %x\n\n",
+ (int)mutex_ctx_owner);
+ ctx->task_owner = xTaskGetCurrentTaskHandle();
+ ctx->mode = ESP32_SHA_SW;
+ return ESP_OK; /* success, but revert to SW */
+ }
+ }
+ #endif
+
/* check to see if we had a prior fail and need to unroll enables */
+ #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ ESP_LOGW(TAG, "Locking for ctx %x, current mutex_ctx_owner = %x",
+ (int)&ctx, (int)esp_sha_mutex_ctx_owner());
+ #endif
ret = esp_unroll_sha_module_enable(ctx);
- ESP_LOGV(TAG, "Hardware Mode, lock depth = %d, %x",
+ #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ ESP_LOGI(TAG, "Hardware Mode Active, lock depth = %d, for %x",
ctx->lockDepth, (int)ctx->initializer);
+ #endif
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ taskENTER_CRITICAL(&sha_crit_sect);
+ {
+ mutex_ctx_owner = (void*)ctx->initializer;
+ /* let's keep track of how many times we lock this */
+ _sha_lock_count++;
+ }
+ taskEXIT_CRITICAL(&sha_crit_sect);
+ #endif
if (ctx->lockDepth > 0) {
/* it is unlikely that this would ever occur,
** as the mutex should be gate keeping */
ESP_LOGW(TAG, "WARNING: Hardware Mode "
- "interesting lock depth = %d, %x",
+ "interesting lock depth = %d, for this %x",
ctx->lockDepth, (int)ctx->initializer);
}
}
else {
/* We should have otherwise anticipated this; how did we get here?
** This code should rarely, ideally never be reached. */
- ESP_LOGI(TAG, "\nHardware in use; Mode REVERT to ESP32_SHA_SW\n");
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ ESP_LOGI(TAG, "\nHardware in use by %x; "
+ "Mode REVERT to ESP32_SHA_SW for %x\n",
+ (int)esp_sha_mutex_ctx_owner(),
+ (int)ctx->initializer);
+ ESP_LOGI(TAG, "Software Mode, lock depth = %d, for this %x",
+ ctx->lockDepth, (int)ctx->initializer);
+ ESP_LOGI(TAG, "Current mutext owner = %x",
+ (int)esp_sha_mutex_ctx_owner());
+ #endif
ctx->mode = ESP32_SHA_SW;
- return 0; /* success, but revert to SW */
+ return ESP_OK; /* success, but revert to SW */
}
} /* (ctx->mode == ESP32_SHA_INIT) */
else {
/* this should not happen: called during mode != ESP32_SHA_INIT */
ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
- return -1;
+ return ESP_FAIL;
}
#endif /* not defined(SINGLE_THREADED) */
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* ESP32-C3 RISC-V TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ ESP_LOGV(TAG, "ets_sha_enable for RISC-V");
+ ets_sha_enable();
+ ctx->mode = ESP32_SHA_HW;
+ }
#else
if (ret == 0) {
ctx->lockDepth++; /* depth for THIS ctx (there could be others!) */
+ #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ {
+ printf("1) Lock depth @ %d = %d for WC_ESP32SHA @ %0x\n",
+ __LINE__, ctx->lockDepth, (unsigned)ctx);
+ }
+ #endif
periph_module_enable(PERIPH_SHA_MODULE);
ctx->mode = ESP32_SHA_HW;
}
@@ -788,14 +1407,22 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
} /* esp_sha_try_hw_lock */
/*
-** release HW engine. when we don't have it locked, SHA module is DISABLED
+** Release HW engine. when we don't have it locked, SHA module is DISABLED.
+** Note this is not the semaphore tracking who has the HW.
*/
int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
{
+ int ret = ESP_OK; /* assume success (zero) */
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
ESP_LOGV(TAG, "enter esp_sha_hw_unlock");
+#endif
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* ESP32-C3 RISC-V TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ ets_sha_disable(); /* disable also resets active, ongoing hash */
+ ESP_LOGV(TAG, "ets_sha_disable in esp_sha_hw_unlock()");
#else
/* Disable AES hardware */
periph_module_disable(PERIPH_SHA_MODULE);
@@ -805,6 +1432,10 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
* and periph_module_disable() need to be unwound.
*
* see ref_counts[periph] in file: periph_ctrl.c */
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ printf("2) esp_sha_hw_unlock Lock depth @ %d = %d for WC_ESP32SHA @ %0x\n",
+ __LINE__, ctx->lockDepth, (unsigned)ctx);
+#endif
if (ctx->lockDepth > 0) {
ctx->lockDepth--;
}
@@ -812,14 +1443,51 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
ctx->lockDepth = 0;
}
-#if defined(SINGLE_THREADED)
- InUse = 0;
-#else
- /* unlock HW engine for next use */
- esp_CryptHwMutexUnLock(&sha_mutex);
+#if defined(ESP_MONITOR_HW_TASK_LOCK) && defined(WOLFSSL_ESP32_HW_LOCK_DEBUG)
+ printf("3) esp_sha_hw_unlock Lock depth @ %d = %d for WC_ESP32SHA @ %0x\n",
+ __LINE__, ctx->lockDepth, (unsigned)ctx);
#endif
- ESP_LOGV(TAG, "leave esp_sha_hw_unlock, %x", (int)ctx->initializer);
- return 0;
+ if (0 == ctx->lockDepth)
+ {
+ #if defined(SINGLE_THREADED)
+ InUse = 0;
+ #else
+ /* unlock HW engine for next use */
+ #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ {
+ ESP_LOGW(TAG, "Unlocking for %x, from ctx %x, & = %x, "
+ "mutex_ctx_owner = %x",
+ (int)esp_sha_mutex_ctx_owner(),
+ (int)ctx,
+ (int)&ctx,
+ (int)esp_sha_mutex_ctx_owner());
+ ESP_LOGW(TAG, "&sha_mutex = %x", (int)&sha_mutex);
+ }
+ #endif /* WOLFSSL_ESP32_HW_LOCK_DEBUG */
+ esp_CryptHwMutexUnLock(&sha_mutex);
+ #ifdef ESP_MONITOR_HW_TASK_LOCK
+ mutex_ctx_task = 0;
+ #endif
+ #endif
+
+ #ifdef WOLFSSL_DEBUG_MUTEX
+ taskENTER_CRITICAL(&sha_crit_sect);
+ {
+ mutex_ctx_owner = 0;
+ }
+ taskEXIT_CRITICAL(&sha_crit_sect);
+ #endif
+ }
+ else
+ {
+ ESP_LOGE(TAG, "ERROR unlock lockDepth not zero");
+ ret = ESP_FAIL;
+ }
+ #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+ ESP_LOGI(TAG, "leave esp_sha_hw_unlock, %x", (int)ctx->initializer);
+ #endif
+
+ return ret;
} /* esp_sha_hw_unlock */
/*
@@ -827,10 +1495,17 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
* Assumes register already loaded.
* Returns a negative value error code upon failure.
*/
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* ESP32-C3 HAL has built-in process start, nothing to declare here. */
+#else
+ /* Everything else uses esp_sha_start_process() */
static int esp_sha_start_process(WC_ESP32SHA* sha)
{
int ret = 0;
-#if defined(CONFIG_IDF_TARGET_ESP32S3)
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
uint8_t HardwareAlgorithm;
#endif
@@ -840,16 +1515,43 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
ESP_LOGV(TAG, " enter esp_sha_start_process");
- #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* ESP32-C3 RISC-V TODO */
- #elif defined(CONFIG_IDF_TARGET_ESP32S3)
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ ESP_LOGV(TAG, "SHA1 SHA_START_REG");
+ if (sha->isfirstblock) {
+ sha_ll_start_block(SHA2_256);
+ sha->isfirstblock = false;
+
+ ESP_LOGV(TAG, " set sha->isfirstblock = 0");
+
+ #if defined(DEBUG_WOLFSSL)
+ this_block_num = 1; /* one-based counter, just for debug info */
+ #endif
+ } /* first block */
+ else {
+ sha_ll_continue_block(SHA2_256);
+
+ #if defined(DEBUG_WOLFSSL)
+ this_block_num++; /* one-based counter */
+ ESP_LOGV(TAG, " continue block #%d", this_block_num);
+ #endif
+ } /* not first block */
+ /***** END CONFIG_IDF_TARGET_ESP32C2 aka ESP8684 or
+ * CONFIG_IDF_TARGET_ESP32C3 or
+ * CONFIG_IDF_TARGET_ESP32C6 *****/
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
/* Translate from Wolf SHA type to hardware algorithm. */
HardwareAlgorithm = 0;
switch (sha->sha_type) {
case SHA1:
HardwareAlgorithm = 0;
break;
+ case SHA2_224:
+ HardwareAlgorithm = 1;
+ break;
case SHA2_256:
HardwareAlgorithm = 2;
break;
@@ -866,7 +1568,7 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
default:
/* Unsupported SHA mode. */
sha->mode = ESP32_SHA_FAIL_NEED_UNROLL;
- return -1;
+ return ESP_FAIL;
}
REG_WRITE(SHA_MODE_REG, HardwareAlgorithm);
@@ -890,7 +1592,9 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
#endif
} /* not first block */
-#else /* not ESP32S3 */
+ /* end ESP32S3 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32)
if (sha->isfirstblock) {
/* start registers for first message block
* we don't make any relational memory position assumptions.
@@ -918,7 +1622,7 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
default:
sha->mode = ESP32_SHA_FAIL_NEED_UNROLL;
- ret = -1;
+ ret = ESP_FAIL;
break;
}
@@ -960,10 +1664,13 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
default:
/* error for unsupported other values */
sha->mode = ESP32_SHA_FAIL_NEED_UNROLL;
- ret = -1;
+ ret = ESP_FAIL;
break;
}
}
+ /* end standard ESP32 */
+ #else
+ ESP_LOGE(TAG, "Unsupported hardware");
#endif
#if defined(DEBUG_WOLFSSL)
@@ -975,6 +1682,7 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
return ret;
}
+#endif /* esp_sha_start_process !CONFIG_IDF_TARGET_ESP32C3/C6 */
/*
** process message block
@@ -983,13 +1691,15 @@ static int wc_esp_process_block(WC_ESP32SHA* ctx, /* see ctx->sha_type */
const word32* data,
word32 len)
{
- int ret = 0; /* assume success */
+ int ret = ESP_OK; /* assume success */
word32 word32_to_save = (len) / (sizeof(word32));
-#ifdef CONFIG_IDF_TARGET_ESP32S3
- uint32_t* MessageSource;
- uint32_t* AcceleratorMessage;
-#else
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ word32* MessageSource;
+ word32* AcceleratorMessage;
+#elif CONFIG_IDF_TARGET_ESP32
int i;
+#else
+ /* not used */
#endif
ESP_LOGV(TAG, " enter esp_process_block");
if (word32_to_save > 0x31) {
@@ -1000,43 +1710,124 @@ static int wc_esp_process_block(WC_ESP32SHA* ctx, /* see ctx->sha_type */
/* wait until the engine is available */
ret = wc_esp_wait_until_idle();
-#if CONFIG_IDF_TARGET_ESP32S3
- MessageSource = (uint32_t*)data;
- AcceleratorMessage = (uint32_t*)(SHA_TEXT_BASE);
- while (word32_to_save--) {
- /* Must swap endianness of data loaded into hardware accelerator to produce
- * correct result. Using DPORT_REG_WRITE doesn't avoid this for ESP32s3.
- * Note: data sheet claims we also need to swap endianness across 64 byte words
- * when doing SHA-512, but the SHA-512 result is not correct if you do that. */
- DPORT_REG_WRITE(AcceleratorMessage, __builtin_bswap32(*MessageSource));
- ++AcceleratorMessage;
- ++MessageSource;
- } /* (word32_to_save--) */
-
-#else
+#if defined(CONFIG_IDF_TARGET_ESP32)
/* load [len] words of message data into HW */
for (i = 0; i < word32_to_save; i++) {
/* by using DPORT_REG_WRITE, we avoid the need
* to call __builtin_bswap32 to address endianness.
*
* a useful watch array cast to watch at runtime:
- * ((uint32_t[32]) (*(volatile uint32_t *)(SHA_TEXT_BASE)))
+ * ((word32[32]) (*(volatile word32 *)(SHA_TEXT_BASE)))
*
* Write value to DPORT register (does not require protecting)
*/
- #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* ESP32-C3 RISC-V TODO */
- #else
DPORT_REG_WRITE(SHA_TEXT_BASE + (i*sizeof(word32)), *(data + i));
- #endif
/* memw confirmed auto inserted by compiler here */
}
-#endif
-
/* notify HW to start process
* see ctx->sha_type
* reg data does not change until we are ready to read */
ret = esp_sha_start_process(ctx);
+ /***** END CONFIG_IDF_TARGET_ESP32 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /************* RISC-V Architecture *************
+ *
+ * SHA_M_1_REG is not a macro:
+ * DPORT_REG_WRITE(SHA_M_1_REG + (i*sizeof(word32)), *(data + i));
+ *
+ * but we have this HAL: sha_ll_fill_text_block
+ *
+ * Note that unlike the plain ESP32 that has only 1 register, we can write
+ * the entire block.
+ * SHA_TEXT_BASE = 0x6003b080
+ * SHA_H_BASE = 0x6003b040
+ * see hash: (word32[08]) (*(volatile uint32_t *)(SHA_H_BASE))
+ * message: (word32[16]) (*(volatile uint32_t *)(SHA_TEXT_BASE))
+ * ((word32[16]) (*(volatile uint32_t *)(SHA_TEXT_BASE)))
+ */
+ if (&data != _active_digest_address) {
+ ESP_LOGV(TAG, "TODO Moving alternate ctx->for_digest");
+ /* move last known digest into HW reg during interleave */
+ /* sha_ll_write_digest(ctx->sha_type, ctx->for_digest,
+ WC_SHA256_BLOCK_SIZE); */
+ _active_digest_address = &data;
+ }
+ if (ctx->isfirstblock) {
+ ets_sha_enable(); /* will clear initial digest */
+ #if defined(DEBUG_WOLFSSL)
+ {
+ this_block_num = 1; /* one-based counter, just for debug info */
+ }
+ #endif
+ }
+ else {
+ #if defined(DEBUG_WOLFSSL)
+ {
+ this_block_num++;
+ }
+ #endif
+ }
+ /* call Espressif HAL for this hash*/
+ sha_hal_hash_block(ctx->sha_type,
+ (void *)(data),
+ word32_to_save,
+ ctx->isfirstblock);
+ ctx->isfirstblock = 0; /* once we hash a block,
+ * we're no longer at the first */
+ /***** END CONFIG_IDF_TARGET_ESP32C2 or
+ * CONFIG_IDF_TARGET_ESP8684 or
+ * CONFIG_IDF_TARGET_ESP32C3 or
+ * CONFIG_IDF_TARGET_ESP32C6 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+ MessageSource = (word32*)data;
+ AcceleratorMessage = (word32*)(SHA_TEXT_BASE);
+ while (word32_to_save--) {
+ /* Must swap endianness of data loaded into hardware accelerator
+ * to produce correct result. Using DPORT_REG_WRITE doesn't avoid this
+ * for ESP32s3.
+ * Note: data sheet claims we also need to swap endianness across
+ * 64 byte words when doing SHA-512, but the SHA-512 result is not
+ * correct if you do that. */
+ DPORT_REG_WRITE(AcceleratorMessage, __builtin_bswap32(*MessageSource));
+ ++AcceleratorMessage;
+ ++MessageSource;
+ } /* (word32_to_save--) */
+ /* notify HW to start process
+ * see ctx->sha_type
+ * reg data does not change until we are ready to read */
+ ret = esp_sha_start_process(ctx);
+ /***** END CONFIG_IDF_TARGET_ESP32S2 or CONFIG_IDF_TARGET_ESP32S3 */
+
+#else
+ ret = ESP_FAIL;
+ ESP_LOGE(TAG, "ERROR: (CONFIG_IDF_TARGET not supported");
+#endif
+
+#ifdef WOLFSSL_HW_METRICS
+ switch (ctx->sha_type) {
+ case SHA1:
+ esp_sha1_hw_hash_usage_ct++;
+ break;
+
+ #ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+ case SHA2_224:
+ esp_sha2_224_hw_hash_usage_ct++;
+ break;
+ #endif
+
+ case SHA2_256:
+ esp_sha2_256_hw_hash_usage_ct++;
+ break;
+
+ default:
+ break;
+ }
+#endif
ESP_LOGV(TAG, " leave esp_process_block");
return ret;
@@ -1049,12 +1840,12 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
{
word32 digestSz;
-#if CONFIG_IDF_TARGET_ESP32S3
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
uint64_t* pHash64Buffer;
uint32_t* pHashDestination;
size_t szHashWords;
size_t szHash64Words;
-# endif
+#endif
ESP_LOGV(TAG, "enter esp_digest_state");
@@ -1063,16 +1854,35 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
}
/* sanity check */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ if (ctx->sha_type == SHA_INVALID) {
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ if (ctx->sha_type == SHA_TYPE_MAX) {
+#else
+ ESP_LOGE(TAG, "unexpected target for wc_esp_digest_state");
+ {
+#endif /* conditional sanity check on she_type */
+ ctx->mode = ESP32_SHA_FAIL_NEED_UNROLL;
+ ESP_LOGE(TAG, "error. sha_type %d is invalid.", ctx->sha_type);
+ return ESP_FAIL;
+ }
+
digestSz = wc_esp_sha_digest_size(ctx->sha_type);
if (digestSz == 0) {
ctx->mode = ESP32_SHA_FAIL_NEED_UNROLL;
ESP_LOGE(TAG, "unexpected error. sha_type is invalid.");
- return -1;
+ return ESP_FAIL;
}
-#if CONFIG_IDF_TARGET_ESP32S3
+
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
if (ctx->isfirstblock == true) {
/* no hardware use yet. Nothing to do yet */
- return 0;
+ return ESP_OK;
}
/* wait until idle */
@@ -1080,7 +1890,7 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
/* read hash result into buffer & flip endianness */
pHashDestination = (uint32_t*)hash;
- szHashWords = wc_esp_sha_digest_size(ctx->sha_type) / sizeof(uint32_t);
+ szHashWords = wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32);
esp_dport_access_read_buffer(pHashDestination, SHA_H_BASE, szHashWords);
if (ctx->sha_type == SHA2_512) {
@@ -1101,14 +1911,34 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
} /* not (ctx->sha_type == SHA2_512) */
/* end if CONFIG_IDF_TARGET_ESP32S3 */
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ wc_esp_wait_until_idle();
+ sha_ll_read_digest(
+ ctx->sha_type,
+ (void *)hash,
+ wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32)
+ );
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ wc_esp_wait_until_idle();
+ sha_ll_read_digest(
+ ctx->sha_type,
+ (void *)hash,
+ wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32)
+ );
#else
/* not CONFIG_IDF_TARGET_ESP32S3 */
/* wait until idle */
wc_esp_wait_until_idle();
/* each sha_type register is at a different location */
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
- /* ESP32-C3 RISC-V TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ /* nothing here for S2 */
#else
switch (ctx->sha_type) {
case SHA1:
@@ -1133,12 +1963,12 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
default:
ctx->mode = ESP32_SHA_FAIL_NEED_UNROLL;
- return -1;
+ return ESP_FAIL;
}
if (ctx->isfirstblock == true) {
/* no hardware use yet. Nothing to do yet */
- return 0;
+ return ESP_OK;
}
/* LOAD final digest */
@@ -1162,11 +1992,11 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
*/
esp_dport_access_read_buffer(
-#if ESP_IDF_VERSION_MAJOR >= 4
+ #if ESP_IDF_VERSION_MAJOR >= 4
(uint32_t*)(hash), /* the result will be found in hash upon exit */
-#else
+ #else
(word32*)(hash), /* the result will be found in hash upon exit */
-#endif
+ #endif
SHA_TEXT_BASE, /* there's a fixed reg addr for all SHA */
digestSz / sizeof(word32) /* # 4-byte */
);
@@ -1184,10 +2014,10 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
}
}
#endif
-#endif /* not CONFIG_IDF_TARGET_ESP32S3 */
+#endif /* not CONFIG_IDF_TARGET_ESP32S3, C3, else... */
ESP_LOGV(TAG, "leave esp_digest_state");
- return 0;
+ return ESP_OK;
} /* wc_esp_digest_state */
#ifndef NO_SHA
@@ -1229,7 +2059,7 @@ int esp_sha_digest_process(struct wc_Sha* sha, byte blockprocess)
#endif /* NO_SHA */
-#ifndef NO_SHA256
+#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
/*
** sha256 process
**
@@ -1241,17 +2071,33 @@ int esp_sha256_process(struct wc_Sha256* sha, const byte* data)
ESP_LOGV(TAG, " enter esp_sha256_process");
- if ((&sha->ctx)->sha_type == SHA2_256) {
+ switch ((&sha->ctx)->sha_type) {
+ case SHA2_256:
#if defined(DEBUG_WOLFSSL_VERBOSE)
- ESP_LOGV(TAG, " confirmed SHA type call match");
+ ESP_LOGV(TAG, " confirmed SHA256 type call match");
#endif
- }
- else {
- ret = -1;
+ wc_esp_process_block(&sha->ctx,
+ (const word32*)data,
+ WC_SHA256_BLOCK_SIZE);
+ break;
+
+#if defined(WOLFSSL_SHA224) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224)
+ case SHA2_224:
+ #if defined(DEBUG_WOLFSSL_VERBOSE)
+ ESP_LOGV(TAG, " confirmed SHA224 type call match");
+ #endif
+ wc_esp_process_block(&sha->ctx,
+ (const word32*)data,
+ WC_SHA224_BLOCK_SIZE);
+ break;
+#endif
+
+ default:
+ ret = ESP_FAIL;
ESP_LOGE(TAG, " ERROR SHA type call mismatch");
+ break;
}
- wc_esp_process_block(&sha->ctx, (const word32*)data, WC_SHA256_BLOCK_SIZE);
ESP_LOGV(TAG, " leave esp_sha256_process");
@@ -1266,16 +2112,17 @@ int esp_sha256_process(struct wc_Sha256* sha, const byte* data)
*/
int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockprocess)
{
- int ret = 0;
+ int ret = ESP_OK;
ESP_LOGV(TAG, "enter esp_sha256_digest_process");
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
if (blockprocess) {
wc_esp_process_block(&sha->ctx, sha->buffer, WC_SHA256_BLOCK_SIZE);
}
wc_esp_digest_state(&sha->ctx, (byte*)sha->digest);
-
+#endif
ESP_LOGV(TAG, "leave esp_sha256_digest_process");
return ret;
} /* esp_sha256_digest_process */
@@ -1293,6 +2140,12 @@ int esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
ESP_LOGV(TAG, "enter esp_sha512_block");
/* start register offset */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* No SHA-512 HW on RISC-V SoC, so nothing to do. */
+#else
/* note that in SW mode, wolfSSL uses 64 bit words */
if (sha->ctx.mode == ESP32_SHA_SW) {
ByteReverseWords64(sha->buffer,
@@ -1321,6 +2174,7 @@ int esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
ret = wc_esp_process_block(&sha->ctx, data, WC_SHA512_BLOCK_SIZE);
}
ESP_LOGV(TAG, "leave esp_sha512_block");
+#endif
return ret;
} /* esp_sha512_block */
@@ -1347,7 +2201,15 @@ int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
{
int ret = 0;
ESP_LOGV(TAG, "enter esp_sha512_digest_process");
-
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ {
+ ESP_LOGW(TAG, "Warning: no SHA512 HW to digest on %s",
+ CONFIG_IDF_TARGET);
+ }
+#else
if (blockproc) {
word32* data = (word32*)sha->buffer;
@@ -1361,8 +2223,54 @@ int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
}
ESP_LOGV(TAG, "leave esp_sha512_digest_process");
+#endif
return ret;
} /* esp_sha512_digest_process */
#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT */
+#endif /* WOLFSSL_ESP32_CRYPT */
#endif /* !defined(NO_SHA) ||... */
+
+#if defined(WOLFSSL_ESP32_CRYPT) && defined(WOLFSSL_HW_METRICS)
+int esp_sw_sha256_count_add(void) {
+ esp_sha256_sw_fallback_usage_ct++;
+ return esp_sha256_sw_fallback_usage_ct;
+}
+
+int esp_hw_show_sha_metrics(void)
+{
+ int ret = 0;
+#ifdef WOLFSSL_ESP32_CRYPT
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+ ESP_LOGI(TAG, "------------- wolfSSL ESP HW SHA Metrics----------------");
+ ESP_LOGI(TAG, "--------------------------------------------------------");
+
+ ESP_LOGI(TAG, "esp_sha_hw_copy_ct = %lu",
+ esp_sha_hw_copy_ct);
+ ESP_LOGI(TAG, "esp_sha1_hw_usage_ct = %lu",
+ esp_sha1_hw_usage_ct);
+ ESP_LOGI(TAG, "esp_sha1_sw_fallback_usage_ct = %lu",
+ esp_sha1_sw_fallback_usage_ct);
+ ESP_LOGI(TAG, "esp_sha_reverse_words_ct = %lu",
+ esp_sha_reverse_words_ct);
+ ESP_LOGI(TAG, "esp_sha1_hw_hash_usage_ct = %lu",
+ esp_sha1_hw_hash_usage_ct);
+ ESP_LOGI(TAG, "esp_sha2_224_hw_hash_usage_ct = %lu",
+ esp_sha2_224_hw_hash_usage_ct);
+ ESP_LOGI(TAG, "esp_sha2_256_hw_hash_usage_ct = %lu",
+ esp_sha2_256_hw_hash_usage_ct);
+ ESP_LOGI(TAG, "esp_byte_reversal_checks_ct = %lu",
+ esp_byte_reversal_checks_ct);
+ ESP_LOGI(TAG, "esp_byte_reversal_needed_ct = %lu",
+ esp_byte_reversal_needed_ct);
+
+#else
+ /* no HW math, no HW math metrics */
+ ret = 0;
+#endif /* HW_MATH_ENABLED */
+
+
+ return ret;
+}
+#endif /* WOLFSSL_ESP32_CRYPT and WOLFSSL_HW_METRICS */
+
+#endif /* WOLFSSL_ESPIDF (exclude entire contents for non-Espressif projects */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c
index 172e661a..162b38fd 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c
@@ -18,10 +18,57 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+
+/* Espressif */
+#include <esp_log.h>
+#include <esp_err.h>
+#if ESP_IDF_VERSION_MAJOR > 4
+ #include <hal/efuse_hal.h>
+#endif
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/wolfmath.h> /* needed to print MATH_INT_T value */
+#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/version.h>
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+/*
+** Version / Platform info.
+**
+** This could evolve into a wolfSSL-wide feature. For now, here only. See:
+** https://github.com/wolfSSL/wolfssl/pull/6149
+*/
+
+#define WOLFSSL_VERSION_PRINTF(...) ESP_LOGI(TAG, __VA_ARGS__)
+/*
+ * If used in other platforms:
+ * #include <stdio.h>
+ * #define WOLFSSL_VERSION_PRINTF(...) { printf(__VA_ARGS__); printf("\n"); }
+ */
+
+static const char* TAG = "esp32_util";
+
+/* Variable holding number of times ESP32 restarted since first boot.
+ * It is placed into RTC memory using RTC_DATA_ATTR and
+ * maintains its value when ESP32 wakes from deep sleep.
+ */
+RTC_DATA_ATTR static int _boot_count = 0;
+static int esp_ShowMacroStatus_need_header = 0;
+/* Some helpers for macro display */
+#define STRING_OF(macro) #macro
+#define STR_IFNDEF(macro) STRING_OF(macro)
+
+#if defined(WOLFSSL_ESP32_CRYPT) && \
(!defined(NO_AES) || !defined(NO_SHA) || !defined(NO_SHA256) ||\
defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512))
@@ -29,6 +76,8 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
+/* big nums can be very long, perhaps unitialized, so limit displayed words */
+#define MAX_WORDS_ESP_SHOW_MP 32
/*
* initialize our mutex used to lock hardware access
@@ -49,9 +98,10 @@ int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
/*
* call the ESP-IDF mutex lock; xSemaphoreTake
- *
+ * this is a general mutex locker, used for different mutex objects for
+ * different HW acclerators or other single-use HW features.
*/
-int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBlockTime) {
+int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
if (mutex == NULL) {
WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
return BAD_MUTEX_E;
@@ -60,7 +110,7 @@ int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBlockTime) {
#ifdef SINGLE_THREADED
return wc_LockMutex(mutex); /* xSemaphoreTake take with portMAX_DELAY */
#else
- return ((xSemaphoreTake( *mutex, xBlockTime ) == pdTRUE) ? 0 : BAD_MUTEX_E);
+ return ((xSemaphoreTake(*mutex, block_time) == pdTRUE) ? 0 : BAD_MUTEX_E);
#endif
}
@@ -78,25 +128,16 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
return wc_UnLockMutex(mutex);
#else
xSemaphoreGive(*mutex);
- return 0;
+ return ESP_OK;
#endif
}
+#endif /* WOLFSSL_ESP32_CRYPT, etc. */
-/*
-** Version / Platform info.
+
+/* esp_ShowExtendedSystemInfo and supporting info.
**
-** This could evolve into a wolfSSL-wide feature. For now, here only. See:
-** https://github.com/wolfSSL/wolfssl/pull/6149
+** available regardless if HW acceleration is turned on or not.
*/
-#if defined(WOLFSSL_ESPIDF)
- #include <esp_log.h>
- #include "sdkconfig.h"
- const char* TAG = "Version Info";
- #define WOLFSSL_VERSION_PRINTF(...) ESP_LOGI(TAG, __VA_ARGS__)
-#else
- #include <stdio.h>
- #define WOLFSSL_VERSION_PRINTF(...) { printf(__VA_ARGS__); printf("\n"); }
-#endif
/*
*******************************************************************************
@@ -108,7 +149,7 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
** Specific platforms: Espressif
*/
#if defined(WOLFSSL_ESPIDF)
-static int ShowExtendedSystemInfo_platform_espressif()
+static int ShowExtendedSystemInfo_platform_espressif(void)
{
#if defined(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ)
WOLFSSL_VERSION_PRINTF("CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ: %u MHz",
@@ -147,15 +188,24 @@ static int ShowExtendedSystemInfo_platform_espressif()
char thisHWM = 0;
WOLFSSL_VERSION_PRINTF("Stack HWM: %x", (size_t) &thisHWM);
#else
- WOLFSSL_VERSION_PRINTF("Stack HWM: %d",
- uxTaskGetStackHighWaterMark(NULL));
+ #ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ {
+ WOLFSSL_VERSION_PRINTF("Stack HWM: %d",
+ uxTaskGetStackHighWaterMark(NULL));
+ }
+ #endif /* INCLUDE_uxTaskGetStackHighWaterMark */
+
#endif
#elif CONFIG_IDF_TARGET_ESP32S2
WOLFSSL_VERSION_PRINTF("Xthal_have_ccount = %u",
Xthal_have_ccount);
#elif CONFIG_IDF_TARGET_ESP32C6
- /* not supported at this time */
+ /* TODO find Xthal for C6 */
+#elif CONFIG_IDF_TARGET_ESP32C2
+ /* TODO find Xthal for C6 */
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+ /* TODO find Xthal for C6 */
#elif CONFIG_IDF_TARGET_ESP32C3
/* not supported at this time */
#elif CONFIG_IDF_TARGET_ESP32S3
@@ -170,40 +220,71 @@ static int ShowExtendedSystemInfo_platform_espressif()
#endif
/* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
- WOLFSSL_VERSION_PRINTF("NO_ESP32WROOM32_CRYPT defined! "
+#if defined(NO_ESP32_CRYPT)
+ WOLFSSL_VERSION_PRINTF("NO_ESP32_CRYPT defined! "
"HW acceleration DISABLED.");
#else
/* first show what platform hardware acceleration is enabled
** (some new platforms may not be supported yet) */
-#if defined(CONFIG_IDF_TARGET_ESP32)
- WOLFSSL_VERSION_PRINTF("ESP32WROOM32_CRYPT is enabled for ESP32.");
-#elif defined(CONFIG_IDF_TARGET_ESP32S2)
- WOLFSSL_VERSION_PRINTF("ESP32WROOM32_CRYPT is enabled for ESP32-S2.");
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
- WOLFSSL_VERSION_PRINTF("ESP32WROOM32_CRYPT is enabled for ESP32-S3.");
-#else
-#error "ESP32WROOM32_CRYPT not yet supported on this IDF TARGET"
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32.");
+ #elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S2.");
+ #elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S3.");
+ #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C2.");
+ #elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C3.");
+ #elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C6.");
+ #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-H2.");
+ #else
+ /* This should have been detected & disabled in user_settins.h */
+ #error "ESP32_CRYPT not yet supported on this IDF TARGET"
+ #endif
+
+ /* Even though enabled, some specifics may be disabled */
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_HASH is defined!"
+ "(disabled HW SHA).");
+ #endif
+
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+ WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_AES is defined! "
+ "(disabled HW AES).");
+ #endif
+
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+ WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_RSA_PRI defined! "
+ "(disabled HW RSA)");
+ #endif
#endif
- /* Even though enabled, some specifics may be disabled */
-#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
- WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH is defined!"
- "(disabled HW SHA).");
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ WOLFSSL_VERSION_PRINTF("SM Ciphers enabled");
+ #if defined(WOLFSSL_SM2)
+ WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM2 enabled");
+ #else
+ WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM2 NOT enabled");
+ #endif
+
+ #if defined(WOLFSSL_SM3)
+ WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM3 enabled");
+ #else
+ WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM3 NOT enabled");
+ #endif
+
+ #if defined(WOLFSSL_SM4)
+ WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM4 enabled");
+ #else
+ WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM4 NOT enabled");
+ #endif
#endif
-#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
- WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32WROOM32_CRYPT_AES is defined!"
- "(disabled HW AES).");
-#endif
-
-#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI defined!"
- "(disabled HW RSA)");
-#endif
-#endif
-
- return 0;
+ return ESP_OK;
}
#endif
@@ -216,22 +297,21 @@ static int ShowExtendedSystemInfo_platform_espressif()
/*
** All platforms: git details
*/
-static int ShowExtendedSystemInfo_git()
+static int ShowExtendedSystemInfo_git(void)
{
-#if defined(HAVE_WC_INTROSPECTION) && !defined(ALLOW_BINARY_MISMATCH_INTROSPECTION)
-#pragma message("WARNING: both HAVE_VERSION_EXTENDED_INFO and " \
- "HAVE_WC_INTROSPECTION are enabled. Some extended " \
- "information details will not be available.")
-
- WOLFSSL_VERSION_PRINTF("HAVE_WC_INTROSPECTION enabled. "
- "Some extended system details not available.");
-#else
/* Display some interesting git values that may change,
** but not desired for introspection which requires object code to be
** maximally bitwise-invariant.
*/
+
+#if defined(LIBWOLFSSL_VERSION_GIT_TAG)
+ /* git config describe --tags --abbrev=0 */
+ WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_TAG = %s",
+ LIBWOLFSSL_VERSION_GIT_TAG);
+#endif
+
#if defined(LIBWOLFSSL_VERSION_GIT_ORIGIN)
- /* git config --get remote.origin.url */
+ /* git config --get remote.origin.url */
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_ORIGIN = %s",
LIBWOLFSSL_VERSION_GIT_ORIGIN);
#endif
@@ -243,28 +323,30 @@ static int ShowExtendedSystemInfo_git()
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
+ /* git rev-parse HEAD */
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_HASH = %s",
LIBWOLFSSL_VERSION_GIT_HASH);
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
+ /* git rev-parse --short HEAD */
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s",
LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
#endif
#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
+ /* git show --no-patch --no-notes --pretty=\'\%cd\' */
WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s",
LIBWOLFSSL_VERSION_GIT_HASH_DATE);
#endif
-#endif /* else not HAVE_WC_INTROSPECTION */
- return 0;
+ return ESP_OK;
}
/*
** All platforms: thread details
*/
-static int ShowExtendedSystemInfo_thread()
+static int ShowExtendedSystemInfo_thread(void)
{
/* all platforms: stack high water mark check */
#if defined(SINGLE_THREADED)
@@ -272,13 +354,13 @@ static int ShowExtendedSystemInfo_thread()
#else
WOLFSSL_VERSION_PRINTF("NOT SINGLE_THREADED");
#endif
- return 0;
+ return ESP_OK;
}
/*
** All Platforms: platform details
*/
-static int ShowExtendedSystemInfo_platform()
+static int ShowExtendedSystemInfo_platform(void)
{
#if defined(WOLFSSL_ESPIDF)
#if defined(CONFIG_IDF_TARGET)
@@ -287,49 +369,442 @@ static int ShowExtendedSystemInfo_platform()
ShowExtendedSystemInfo_platform_espressif();
#endif
#endif
- return 0;
+ return ESP_OK;
+}
+
+int esp_increment_boot_count(void)
+{
+ return ++_boot_count;
+}
+
+int esp_current_boot_count(void)
+{
+ return _boot_count;
+}
+
+/* See macro helpers above; not_defined is macro name when *not* defined */
+static int show_macro(char* s, char* not_defined)
+{
+ char hd1[] = "Macro Name Defined Not Defined";
+ char hd2[] = "------------------------- --------- -------------";
+ char msg[] = "......................... ";
+ /* 012345678901234567890123456789012345678901234567890 */
+ /* 1 2 3 4 5 */
+ size_t i = 0;
+ #define MAX_STATUS_NAME_LENGTH 25
+ #define ESP_SMS_ENA_POS 30
+ #define ESP_SMS_DIS_POS 42
+
+ /* save our string (s) into the space-padded message (msg) */
+ while (s[i] != '\0' && msg[i] != '\0' && (i < MAX_STATUS_NAME_LENGTH)) {
+ msg[i] = s[i];
+ i++;
+ }
+
+ /* Depending on if defined, put an "x" in the appropriate column */
+ if (not_defined == NULL || not_defined[0] == '\0') {
+ msg[ESP_SMS_ENA_POS] = 'X';
+ msg[ESP_SMS_ENA_POS+1] = 0; /* end of line to eliminate space pad */
+ }
+ else {
+ msg[ESP_SMS_DIS_POS] = 'X';
+ msg[ESP_SMS_DIS_POS+1] = 0; /* end of line to eliminate space pad */
+ }
+
+ /* do we need a header? */
+ if (esp_ShowMacroStatus_need_header) {
+ ESP_LOGI(TAG, "%s", hd1);
+ ESP_LOGI(TAG, "%s", hd2);
+ esp_ShowMacroStatus_need_header = 0;
+ }
+
+ /* show the macro name with the "x" in the defined/not defined column */
+ ESP_LOGI(TAG, "%s", msg);
+ return ESP_OK;
}
+/* Show some interesting settings */
+int ShowExtendedSystemInfo_config(void)
+{
+ esp_ShowMacroStatus_need_header = 1;
+
+ show_macro("NO_ESPIDF_DEFAULT", STR_IFNDEF(NO_ESPIDF_DEFAULT));
+
+ show_macro("HW_MATH_ENABLED", STR_IFNDEF(HW_MATH_ENABLED));
+
+ /* Features */
+ show_macro("WOLFSSL_SHA224", STR_IFNDEF(WOLFSSL_SHA224));
+ show_macro("WOLFSSL_SHA384", STR_IFNDEF(WOLFSSL_SHA384));
+ show_macro("WOLFSSL_SHA512", STR_IFNDEF(WOLFSSL_SHA512));
+ show_macro("WOLFSSL_SHA3", STR_IFNDEF(WOLFSSL_SHA3));
+ show_macro("HAVE_ED25519", STR_IFNDEF(HAVE_ED25519));
+ show_macro("HAVE_AES_ECB", STR_IFNDEF(HAVE_AES_ECB));
+ show_macro("HAVE_AES_DIRECT", STR_IFNDEF(HAVE_AES_DIRECT));
+
+ /* Math Library Selection */
+ show_macro("USE_FAST_MATH", STR_IFNDEF(USE_FAST_MATH));
+ show_macro("WOLFSSL_SP_MATH_ALL", STR_IFNDEF(WOLFSSL_SP_MATH_ALL));
+#ifdef WOLFSSL_SP_RISCV32
+ show_macro("WOLFSSL_SP_RISCV32", STR_IFNDEF(WOLFSSL_SP_RISCV32));
+#endif
+ show_macro("SP_MATH", STR_IFNDEF(SP_MATH));
+
+ /* Diagnostics */
+ show_macro("WOLFSSL_HW_METRICS", STR_IFNDEF(WOLFSSL_HW_METRICS));
+
+ /* Optimizations */
+ show_macro("RSA_LOW_MEM", STR_IFNDEF(RSA_LOW_MEM));
+
+ /* Security Hardening */
+ show_macro("WC_NO_HARDEN", STR_IFNDEF(WC_NO_HARDEN));
+ show_macro("TFM_TIMING_RESISTANT", STR_IFNDEF(TFM_TIMING_RESISTANT));
+ show_macro("ECC_TIMING_RESISTANT", STR_IFNDEF(ECC_TIMING_RESISTANT));
+
+ /* WC_NO_CACHE_RESISTANT is only important if another process can be
+ * run on the device. With embedded it is less likely to be exploitable.
+ * Timing attacks are usually by probe. So typically turn this on: */
+ show_macro("WC_NO_CACHE_RESISTANT", STR_IFNDEF(WC_NO_CACHE_RESISTANT));
+
+ /* Side channel bit slicing */
+ show_macro("WC_AES_BITSLICED", STR_IFNDEF(WC_AES_BITSLICED));
+
+ /* Unrolling will normally improve performance,
+ * so make sure WOLFSSL_AES_NO_UNROLL isn't defined unless you want it. */
+ show_macro("WOLFSSL_AES_NO_UNROLL", STR_IFNDEF(WOLFSSL_AES_NO_UNROLL));
+ show_macro("TFM_TIMING_RESISTANT", STR_IFNDEF(TFM_TIMING_RESISTANT));
+ show_macro("ECC_TIMING_RESISTANT", STR_IFNDEF(ECC_TIMING_RESISTANT));
+ show_macro("WC_RSA_BLINDING", STR_IFNDEF(WC_RSA_BLINDING));
+ show_macro("NO_WRITEV", STR_IFNDEF(NO_WRITEV));
+
+ /* Environment */
+ show_macro("FREERTOS", STR_IFNDEF(FREERTOS));
+ show_macro("NO_WOLFSSL_DIR", STR_IFNDEF(NO_WOLFSSL_DIR));
+ show_macro("WOLFSSL_NO_CURRDIR", STR_IFNDEF(WOLFSSL_NO_CURRDIR));
+ show_macro("WOLFSSL_LWIP", STR_IFNDEF(WOLFSSL_LWIP));
+
+ ESP_LOGI(TAG, "");
+#if defined(CONFIG_COMPILER_OPTIMIZATION_DEFAULT)
+ ESP_LOGI(TAG, "Compiler Optimization: Default");
+#elif defined(CONFIG_COMPILER_OPTIMIZATION_SIZE)
+ ESP_LOGI(TAG, "Compiler Optimization: Size");
+#elif defined(CONFIG_COMPILER_OPTIMIZATION_PERF)
+ ESP_LOGI(TAG, "Compiler Optimization: Performance");
+#elif defined(CONFIG_COMPILER_OPTIMIZATION_NONE)
+ ESP_LOGI(TAG, "Compiler Optimization: None");
+#else
+ ESP_LOGI(TAG, "Compiler Optimization: Unknown");
+#endif
+ ESP_LOGI(TAG, "");
+
+ return ESP_OK;
+}
/*
*******************************************************************************
-** The public ShowExtendedSystemInfo()
+** The internal, portable, but currently private ShowExtendedSystemInfo()
*******************************************************************************
*/
-
int ShowExtendedSystemInfo(void)
+{
+#if ESP_IDF_VERSION_MAJOR > 4
+ unsigned chip_rev = -1;
+#endif
+
+#ifdef HAVE_ESP_CLK
+ /* esp_clk.h is private */
+ int cpu_freq = 0;
+#endif
+
+ WOLFSSL_VERSION_PRINTF("Extended Version and Platform Information.");
+
+#if defined(HAVE_WC_INTROSPECTION) && \
+ !defined(ALLOW_BINARY_MISMATCH_INTROSPECTION)
+#pragma message("WARNING: both HAVE_VERSION_EXTENDED_INFO and " \
+ "HAVE_WC_INTROSPECTION are enabled. Some extended " \
+ "information details will not be available.")
+
+ WOLFSSL_VERSION_PRINTF("HAVE_WC_INTROSPECTION enabled. "
+ "Some extended system details not available.");
+#endif /* else not HAVE_WC_INTROSPECTION */
+
+#if ESP_IDF_VERSION_MAJOR > 4
+ chip_rev = efuse_hal_chip_revision();
+ ESP_LOGI(TAG, "Chip revision: v%d.%d", chip_rev / 100, chip_rev % 100);
+#endif
+
+#ifdef HAVE_ESP_CLK
+ cpu_freq = esp_clk_cpu_freq();
+ ESP_EARLY_LOGI(TAG, "cpu freq: %d Hz", cpu_freq);
+#endif
+
+#if defined(SHOW_SSID_AND_PASSWORD)
+ ESP_LOGW(TAG, "WARNING: SSID and plain text WiFi "
+ "password displayed in startup logs. ");
+ ESP_LOGW(TAG, "Remove SHOW_SSID_AND_PASSWORD from user_settings.h "
+ "to disable.");
+#else
+ ESP_LOGI(TAG, "SSID and plain text WiFi "
+ "password not displayed in startup logs.");
+ ESP_LOGI(TAG, " Define SHOW_SSID_AND_PASSWORD to enable display.");
+#endif
+
+#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
+ /* CMake may have detected undesired multiple installs, so give warning. */
+ WOLFSSL_VERSION_PRINTF("");
+ WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
+ WOLFSSL_VERSION_PRINTF("Check ESP-IDF components and "
+ "local project [components] directory.");
+ WOLFSSL_VERSION_PRINTF("");
+#else
+ #ifdef WOLFSSL_USER_SETTINGS_DIR
+ {
+ ESP_LOGI(TAG, "Using wolfSSL user_settings.h in %s",
+ WOLFSSL_USER_SETTINGS_DIR);
+ }
+ #else
{
- WOLFSSL_VERSION_PRINTF("Extended Version and Platform Information.");
+ ESP_LOGW(TAG, "Warning: old cmake, user_settings.h location unknown.");
+ }
+ #endif
+#endif
#if defined(LIBWOLFSSL_VERSION_STRING)
- WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_STRING = %s",
- LIBWOLFSSL_VERSION_STRING);
+ WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_STRING = %s",
+ LIBWOLFSSL_VERSION_STRING);
#endif
#if defined(LIBWOLFSSL_VERSION_HEX)
- WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_HEX = %x",
- LIBWOLFSSL_VERSION_HEX);
+ WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_HEX = %x",
+ LIBWOLFSSL_VERSION_HEX);
#endif
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
- /* CMake may have detected undesired multiple installs, so give warning. */
- WOLFSSL_VERSION_PRINTF("");
- WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
- WOLFSSL_VERSION_PRINTF("Check ESP-IDF and local project [components] directory.");
- WOLFSSL_VERSION_PRINTF("");
+ /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* ESP_RSA_MULM_BITS should be set to at least 16 for ESP32 */
+ #if defined(ESP_RSA_MULM_BITS)
+ #if (ESP_RSA_MULM_BITS < 16)
+ ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS < 16 for ESP32");
+ #endif
+ #else
+ ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS not defined for ESP32");
+ #endif
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || defined(CONFIG_IDF_TARGET_ESP8684)
+ ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
+ );
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
+ );
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
+ );
+/* ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount); */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ #if defined(CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ)
+ ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
+ );
+ #endif
+
+ ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ #if defined(CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ)
+ ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+ CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+ );
+ #endif
+
+ ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#else
+
#endif
- ShowExtendedSystemInfo_git(); /* may be limited during active introspection */
- ShowExtendedSystemInfo_platform();
- ShowExtendedSystemInfo_thread();
- return 0;
- }
+ /* all platforms: stack high water mark check */
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+ ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+#endif
+ ESP_LOGI(TAG, "");
+
+ ShowExtendedSystemInfo_config();
+ ShowExtendedSystemInfo_git();
+ ShowExtendedSystemInfo_platform();
+ ShowExtendedSystemInfo_thread();
+ /* show number of RTC sleep boots */
+ esp_increment_boot_count();
+ ESP_LOGI(TAG, "Boot count: %d", esp_current_boot_count());
+ return ESP_OK;
+}
-int esp_ShowExtendedSystemInfo()
+int esp_ShowExtendedSystemInfo(void)
{
+ /* Someday the ShowExtendedSystemInfo may be global.
+ * See https://github.com/wolfSSL/wolfssl/pull/6149 */
return ShowExtendedSystemInfo();
}
+/* Print a MATH_INT_T attribute list.
+ *
+ * Note with the right string parameters, the result can be pasted as
+ * initialization code.
+ */
+int esp_show_mp_attributes(char* c, MATH_INT_T* X)
+{
+ static const char* MP_TAG = "MATH_INT_T";
+ int ret = ESP_OK;
+
+ if (X == NULL) {
+ ret = ESP_FAIL;
+ ESP_LOGV(MP_TAG, "esp_show_mp_attributes called with X == NULL");
+ }
+ else {
+ ESP_LOGI(MP_TAG, "");
+ ESP_LOGI(MP_TAG, "%s.used = %d;", c, X->used);
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+ ESP_LOGI(MP_TAG, "%s.sign = %d;", c, X->sign);
+#endif
+ }
+ return ret;
+}
+
+/* Print a MATH_INT_T value.
+ *
+ * Note with the right string parameters, the result can be pasted as
+ * initialization code.
+ */
+int esp_show_mp(char* c, MATH_INT_T* X)
+{
+ static const char* MP_TAG = "MATH_INT_T";
+ int ret = MP_OKAY;
+ int words_to_show = 0;
+
+ if (X == NULL) {
+ ret = ESP_FAIL;
+ ESP_LOGV(MP_TAG, "esp_show_mp called with X == NULL");
+ }
+ else {
+ words_to_show = X->used;
+ /* if too small, we'll show just 1 word */
+ if (words_to_show < 1) {
+ ESP_LOGI(MP_TAG, "Bad word count. Adjusting from %d to %d",
+ words_to_show,
+ 1);
+ words_to_show = 1;
+ }
+ #ifdef MAX_WORDS_ESP_SHOW_MP
+ /* if too big, we'll show MAX_WORDS_ESP_SHOW_MP words */
+ if (words_to_show > MAX_WORDS_ESP_SHOW_MP) {
+ ESP_LOGI(MP_TAG, "Limiting word count from %d to %d",
+ words_to_show,
+ MAX_WORDS_ESP_SHOW_MP);
+ words_to_show = MAX_WORDS_ESP_SHOW_MP;
+ }
+ #endif
+ ESP_LOGI(MP_TAG, "%s:",c);
+ esp_show_mp_attributes(c, X);
+ for (size_t i = 0; i < words_to_show; i++) {
+ ESP_LOGI(MP_TAG, "%s.dp[%2d] = 0x%08x; /* %2d */ ",
+ c, /* the supplied variable name */
+ i, /* the index, i for dp[%d] */
+ (unsigned int)X->dp[i], /* the value */
+ i /* the index, again, for comment */
+ );
+ }
+ ESP_LOGI(MP_TAG, "");
+ }
+ return ret;
+}
+
+/* Perform a full mp_cmp and binary compare.
+ * (typically only used during debugging) */
+int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
+{
+ int ret = MP_OKAY;
+ int e = memcmp(A, B, sizeof(mp_int));
+ if (mp_cmp(A, B) == MP_EQ) {
+ if (e == 0) {
+ /* we always want to be here: both esp_show_mp and binary equal! */
+ ESP_LOGV(TAG, "fp_cmp and memcmp match for %s and %s!",
+ name_A, name_B);
+ }
+ else {
+ ret = MP_VAL;
+ ESP_LOGE(TAG, "fp_cmp match, memcmp mismatch for %s and %s!",
+ name_A, name_B);
+ if (A->dp[0] == 1) {
+ ESP_LOGE(TAG, "Both memcmp and fp_cmp fail for %s and %s!",
+ name_A, name_B);
+ }
+ }
+ }
+ else {
+ ret = MP_VAL;
+ if (e == 0) {
+ /* if mp_cmp says different,
+ * but memcmp says equal, that's a problem */
+ ESP_LOGE(TAG, "memcmp error for %s and %s!",
+ name_A, name_B);
+ }
+ else {
+ /* in the normal case where mp_cmp and memcmp say the
+ * values are different, we'll optionally show details. */
+ ESP_LOGI(TAG, "e = %d", e);
+ ESP_LOGE(TAG, "fp_cmp mismatch! memcmp "
+ "offset 0x%02x for %s vs %s!",
+ e, name_A, name_B);
+ if (A->dp[0] == 1) {
+ ESP_LOGE(TAG, "Both memcmp and fp_cmp fail for %s and %s!",
+ name_A, name_B);
+ }
+ }
+ ESP_LOGV(TAG, "Mismatch for %s and %s!",
+ name_A, name_B);
+ }
+
+ if (ret == MP_OKAY) {
+ ESP_LOGV(TAG, "esp_mp_cmp equal for %s and %s!",
+ name_A, name_B);
+ }
+ else {
+ /* esp_show_mp(name_A, A); */
+ /* esp_show_mp(name_B, B); */
+ }
+ return ret;
+}
+
+int esp_hw_show_metrics(void)
+{
+#if defined(WOLFSSL_HW_METRICS)
+ #if defined(WOLFSSL_ESP32_CRYPT)
+ esp_hw_show_sha_metrics();
+ #else
+ ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT not defined, "
+ "HW SHA hash not enabled");
+ #endif
+
+ #if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
+ esp_hw_show_mp_metrics();
+ #else
+ ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT_RSA_PRI not defined, "
+ "HW math not enabled");
+ #endif
+
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+ ESP_LOGI(TAG, "NO_WOLFSSL_ESP32_CRYPT_AES is defined, "
+ "HW AES not enabled");
+ #else
+ esp_hw_show_aes_metrics();
+ #endif
+#else
+ ESP_LOGV(TAG, "WOLFSSL_HW_METRICS is not enabled");
#endif
+ return ESP_OK;
+}
+#endif /* WOLFSSL_ESPIDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c
index 92401bd0..00deff3d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c
@@ -21,19 +21,24 @@
#include <wolfssl/wolfcrypt/settings.h>
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) \
- || defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) \
- || defined(WOLFSSL_RENESAS_TSIP_TLS)
-
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
- #define cmn_hw_lock wc_sce_hw_lock
- #define cmn_hw_unlock wc_sce_hw_unlock
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) \
+ || defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) \
+ || defined(WOLFSSL_RENESAS_TSIP_TLS) \
+ || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+ #define cmn_hw_lock wc_fspsm_hw_lock
+ #define cmn_hw_unlock wc_fspsm_hw_unlock
+#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#define cmn_hw_lock tsip_hw_lock
#define cmn_hw_unlock tsip_hw_unlock
+
+ #define FSPSM_ST TsipUserCtx;
+ #define MAX_FSPSM_CBINDEX 5
#endif
#include <wolfssl/wolfcrypt/wc_port.h>
@@ -43,26 +48,41 @@
#include <wolfssl/error-ssl.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/port/renesas/renesas_cmn.h>
uint32_t g_CAscm_Idx = (uint32_t)-1; /* index of CM table */
static int gdevId = 7890; /* initial dev Id for Crypt Callback */
#ifdef WOLF_CRYPTO_CB
+/* store callback ctx by devId */
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+FSPSM_ST *gCbCtx[MAX_FSPSM_CBINDEX];
+#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+#define FSPSM_ST TsipUserCtx;
+#define MAX_FSPSM_CBINDEX 5
+TsipUserCtx *gCbCtx[MAX_FSPSM_CBINDEX];
+#endif
#include <wolfssl/wolfcrypt/cryptocb.h>
+
WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl)
{
int ret = 0;
WOLFSSL_ENTER("Renesas_cmn_Cleanup");
+ (void) ssl;
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_TlsCleanup(ssl);
#endif
-
+
WOLFSSL_LEAVE("Renesas_cmn_Cleanup", ret);
return ret;
}
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, word32* outSz,
@@ -79,7 +99,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
}
/* This function is a callback passed to wolfSSL_CTX_SetRsaSignCheckCb.
* It tries to verify the signature passed to it by decrypting with a public
- * key.
+ * key.
* returns 0 on success, CRYPTOCB_UNAVAILABLE when public key is not set.
*/
WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
@@ -92,9 +112,9 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
WOLFSSL_ENTER("Renesas_cmn_RsaSignCheckCb");
#if defined(WOLFSSL_RENESAS_TSIP)
-
+
return tsip_VerifyRsaPkcsCb(ssl, sig, sigSz, out, keyDer, keySz, ctx);
-
+
#endif /* WOLFSSL_RENESAS_TSIP */
WOLFSSL_LEAVE("Renesas_cmn_RsaSignCheckCb", ret);
@@ -111,10 +131,12 @@ WOLFSSL_LOCAL int Renesas_cmn_EccSignCb(WOLFSSL* ssl,
WOLFSSL_ENTER("Renesas_cmn_EccSignCb");
/* This is just a stub function that provides no logic */
-
+
WOLFSSL_LEAVE("Renesas_cmn_EccSignCb", ret);
return ret;
}
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+
/* Renesas Security Library Common Callback
* For Crypto Callbacks
*
@@ -129,11 +151,12 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
WOLFSSL_ENTER("Renesas_cmn_CryptoDevCb");
-#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) \
+ || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
#endif
if (info == NULL || ctx == NULL)
@@ -144,15 +167,19 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->algo_type, cbInfo->session_key_set);
#endif
-#if defined(WOLFSSL_RENESAS_TSIP)
+#if defined(WOLFSSL_RENESAS_TSIP) \
+ || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
ret = CRYPTOCB_UNAVAILABLE;
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
#if !defined(NO_AES) || !defined(NO_DES3)
#ifdef HAVE_AESGCM
- if (info->cipher.type == WC_CIPHER_AES_GCM &&
- cbInfo->session_key_set == 1) {
+ if (info->cipher.type == WC_CIPHER_AES_GCM
+ #ifdef WOLFSSL_RENESAS_TSIP_TLS
+ && cbInfo->session_key_set == 1
+ #endif
+ ) {
if (info->cipher.enc) {
ret = wc_tsip_AesGcmEncrypt(
@@ -186,8 +213,11 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
}
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
- if (info->cipher.type == WC_CIPHER_AES_CBC &&
- cbInfo->session_key_set == 1) {
+ if (info->cipher.type == WC_CIPHER_AES_CBC
+ #ifdef WOLFSSL_RENESAS_TSIP_TLS
+ && cbInfo->session_key_set == 1
+ #endif
+ ) {
if (info->cipher.enc) {
ret = wc_tsip_AesCbcEncrypt(
@@ -208,7 +238,15 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES || !NO_DES3 */
}
- /* Is called for signing
+ #if defined(WOLFSSL_KEY_GEN)
+ if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
+ (info->pk.rsakg.size == 1024 ||
+ info->pk.rsakg.size == 2048)) {
+ ret = wc_tsip_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
+ }
+ #endif
+
+ /* Is called for signing
* Can handle only RSA PkCS#1v1.5 padding scheme here.
*/
if (info->algo_type == WC_ALGO_TYPE_PK) {
@@ -217,16 +255,21 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT) {
ret = tsip_SignRsaPkcs(info, ctx);
}
+ #if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
+ ret = wc_tsip_RsaVerifyPkcs(info, ctx);
+ }
+ #endif
}
#endif /* NO_RSA */
- #if defined(HAVE_ECC)
+ #if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
ret = tsip_SignEcdsa(info, ctx);
}
#endif /* HAVE_ECC */
}
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
@@ -241,26 +284,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
(cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 16))) {
- if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
- info->cipher.aesgcm_enc.aes->keylen == 32) {
-
- XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes256,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aesgcm_enc.aes->ctx.keySize = 32;
-
- }
- else if (
- cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
- info->cipher.aesgcm_enc.aes->keylen == 16) {
-
- XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes128,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aesgcm_enc.aes->ctx.keySize = 16;
- }
-
- ret = wc_sce_AesGcmEncrypt(
+ ret = wc_fspsm_AesGcmEncrypt(
info->cipher.aesgcm_enc.aes,
(byte*)info->cipher.aesgcm_enc.out,
(byte*)info->cipher.aesgcm_enc.in,
@@ -280,26 +304,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
(cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 16)) {
- if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
- info->cipher.aesgcm_dec.aes->keylen == 32) {
-
- XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes256,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aesgcm_dec.aes->ctx.keySize = 32;
-
- }
- else if (
- cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
- info->cipher.aesgcm_dec.aes->keylen == 16) {
-
- XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes128,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aesgcm_dec.aes->ctx.keySize = 16;
- }
-
- ret = wc_sce_AesGcmDecrypt(
+ ret = wc_fspsm_AesGcmDecrypt(
info->cipher.aesgcm_dec.aes,
(byte*)info->cipher.aesgcm_dec.out,
(byte*)info->cipher.aesgcm_dec.in,
@@ -321,50 +326,15 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aescbc.aes->keylen == 32) ||
(cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 16))) {
-
if (info->cipher.enc) {
- if (
- cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
- info->cipher.aescbc.aes->keylen == 32) {
- XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes256,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aescbc.aes->ctx.keySize = 32;
-
- }
- else if (
- cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
- && info->cipher.aescbc.aes->keylen == 16) {
- XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes128,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aescbc.aes->ctx.keySize = 16;
- }
-
- ret = wc_sce_AesCbcEncrypt(
+ ret = wc_fspsm_AesCbcEncrypt(
info->cipher.aescbc.aes,
(byte*)info->cipher.aescbc.out,
(byte*)info->cipher.aescbc.in,
info->cipher.aescbc.sz);
}
else {
- if (
- cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
- info->cipher.aescbc.aes->keylen == 32) {
- XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes256,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aescbc.aes->ctx.keySize = 32;
- } else if (
- cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
- && info->cipher.aescbc.aes->keylen == 16) {
- XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
- &cbInfo->sce_wrapped_key_aes128,
- sizeof(sce_aes_wrapped_key_t));
- info->cipher.aescbc.aes->ctx.keySize = 16;
- }
-
- ret = wc_sce_AesCbcDecrypt(
+ ret = wc_fspsm_AesCbcDecrypt(
info->cipher.aescbc.aes,
(byte*)info->cipher.aescbc.out,
(byte*)info->cipher.aescbc.in,
@@ -374,45 +344,39 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES || !NO_DES3 */
}
- #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+ #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
else if (info->algo_type == WC_ALGO_TYPE_PK) {
-
+
#if !defined(NO_RSA)
#if defined(WOLFSSL_KEY_GEN)
if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
(info->pk.rsakg.size == 1024 ||
info->pk.rsakg.size == 2048)) {
- ret = wc_sce_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
+ ret = wc_fspsm_MakeRsaKey(info->pk.rsakg.key,
+ info->pk.rsakg.size, (void*)ctx);
}
#endif
if (info->pk.type == WC_PK_TYPE_RSA) {
- /* to perform RSA on SCE, wrapped keys should be installed
+ /* to perform RSA on SCE, wrapped keys should be installed
* in advance. SCE supports 1024 or 2048 bits key size.
* otherwise, falls-through happens.
*/
- if (cbInfo->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1
- ||
- cbInfo->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1
- ||
- cbInfo->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1
- ||
- cbInfo->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1
- ) {
-
+ if (info->pk.rsa.key->ctx.keySz == 1024 ||
+ info->pk.rsa.key->ctx.keySz == 2048) {
+
if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT ||
info->pk.rsa.type == RSA_PUBLIC_ENCRYPT )
{
- ret = wc_sce_RsaFunction(info->pk.rsa.in,
+ ret = wc_fspsm_RsaFunction(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
- info->pk.rsa.outLen,
+ &info->pk.rsa.outLen,
info->pk.rsa.type,
info->pk.rsa.key,
- info->pk.rsa.rng,
- (void*)ctx);
+ info->pk.rsa.rng);
}
else if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT /* sign */){
- ret = wc_sce_RsaSign(info->pk.rsa.in,
+ ret = wc_fspsm_RsaSign(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
@@ -420,7 +384,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
(void*)ctx);
}
else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
- ret = wc_sce_RsaVerify(info->pk.rsa.in,
+ ret = wc_fspsm_RsaVerify(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
@@ -436,7 +400,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
"RSA operation falls through to SW operation.");
}
}
- #endif /* NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+ #endif /* NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
}
#endif /* NO_RSA */
#endif /* TSIP or SCE */
@@ -460,21 +424,36 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_usable(ssl, session_key_generated);
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- ret = wc_sce_usable(ssl, session_key_generated);
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ ret = wc_fspsm_usable(ssl, session_key_generated);
#endif
return ret;
}
/* Renesas Security Library Common Method
+ * Get Callback ctx by devId
+ *
+ * devId : devId to get its CTX
+ * return asocciated CTX when the method is successfully called.
+ * otherwise, NULL
+ */
+WOLFSSL_LOCAL void *Renesas_cmn_GetCbCtxBydevId(int devId)
+{
+ if (devId >= 7890 && devId <= (MAX_FSPSM_CBINDEX + 7890))
+ return gCbCtx[devId - 7890];
+ else
+ return NULL;
+}
+
+/* Renesas Security Library Common Method
* Crypt Callback initialization
*
* ssl : a pointer to WOLFSSL object
* ctx : callback context
* return valid device Id on success, otherwise INVALID_DEVIID
- * device Id starts from 7890, and increases + 1 its number
+ * device Id starts from 7890, and increases + 1 its number
* when the method is successfully called.
*/
int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
@@ -482,15 +461,17 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
(void)ssl;
(void)ctx;
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS) \
+ || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
#endif
if (cbInfo == NULL
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
+ #if (!defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) &&\
+ !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(HAVE_RENESAS_SYNC)
|| ssl == NULL) {
#else
@@ -508,15 +489,16 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
WOLFSSL_MSG("Failed to lock tsip hw");
return INVALID_DEVID;
}
-
- if (wc_CryptoCb_RegisterDevice(cbInfo->devId,
+
+ if (wc_CryptoCb_RegisterDevice(cbInfo->devId,
Renesas_cmn_CryptoDevCb, cbInfo) < 0) {
/* undo devId number */
gdevId--;
return INVALID_DEVID;
}
- #if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
+ #if !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
+ !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) && \
!defined(HAVE_RENESAS_SYNC)
if (ssl)
wolfSSL_SetDevId(ssl, cbInfo->devId);
@@ -525,7 +507,9 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
if (gdevId < 0) {
gdevId = 7890;
}
-
+
+ gCbCtx[cbInfo->devId - 7890] = (void*)cbInfo;
+
return cbInfo->devId;
}
@@ -542,10 +526,10 @@ void wc_CryptoCb_CleanupRenesasCmn(int* id)
}
#endif /* WOLF_CRYPTO_CB */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
- /* WOLFSSL_RENESAS_TSIP_TLS*/
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS|| WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+ WOLFSSL_RENESAS_TSIP_TLS || WOLFSSL_RENESAS_TSIP_CRYPTONLY */
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
/* Renesas Security Library Common Method
* Check CA index if CA can be used for SCE/TSIP because
@@ -563,9 +547,9 @@ WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx)
/* check if the root CA has been verified by TSIP/SCE,
* and it exists in the CM table.
*/
-static byte sce_tsip_rootCAverified(void)
+static byte fspsm_tsip_rootCAverified(void)
{
- WOLFSSL_ENTER("sce_tsip_rootCAverified");
+ WOLFSSL_ENTER("fspsm_tsip_rootCAverified");
return (g_CAscm_Idx != (uint32_t)-1 ? 1:0);
}
/* Renesas Security Library Common Callback
@@ -601,16 +585,16 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl, unsigned char* sig,
wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
}
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- ret = wc_SCE_RsaVerify(ssl, sig, sigSz, out,key, keySz, ctx);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ ret = wc_fspsm_RsaVerifyTLS(ssl, sig, sigSz, out,key, keySz, ctx);
if (ret == 0) {
/* Set Callback for SharedSecret when successful */
- wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret);
+ wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, fspsm_EccSharedSecret);
wolfSSL_SetEccSharedSecretCtx(ssl, ctx);
}
else {
- WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+ WOLFSSL_MSG("failed R_XXX_TLS_ServerKeyExchangeVerify");
wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
}
@@ -652,16 +636,16 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
}
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- ret = wc_SCE_EccVerify(ssl, sig, sigSz, hash, hashSz, key, keySz,
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ ret = wc_fspsm_EccVerifyTLS(ssl, sig, sigSz, hash, hashSz, key, keySz,
result, ctx);
if (ret == 0 && *result == 1) {
/* Set callback for SharedSecret when being successful */
- wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret);
+ wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, fspsm_EccSharedSecret);
wolfSSL_SetEccSharedSecretCtx(ssl, ctx);
}
else {
- WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+ WOLFSSL_MSG("failed R_XXXX_TLS_ServerKeyExchangeVerify");
wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
}
@@ -681,15 +665,15 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
* cm_row CA index
* return FSP_SUCCESS(0) on success, otherwise WOLFSSL_FATAL_ERROR
*/
-int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
- word32 key_n_start, word32 key_n_len, word32 key_e_start,
+int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
+ word32 key_n_start, word32 key_n_len, word32 key_e_start,
word32 key_e_len, word32 cm_row)
{
int ret;
WOLFSSL_ENTER("wc_Renesas_cmn_RootCertVerify");
- if (sce_tsip_rootCAverified() == 0) {
+ if (fspsm_tsip_rootCAverified() == 0) {
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = wc_tsip_tls_RootCertVerify(cert, cert_len, key_n_start,
@@ -697,9 +681,9 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
if (ret != TSIP_SUCCESS) {
ret = WOLFSSL_FATAL_ERROR;
}
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
- ret = wc_sce_tls_RootCertVerify(cert, cert_len, key_n_start,
+ ret = wc_fspsm_tls_RootCertVerify(cert, cert_len, key_n_start,
key_n_len, key_e_start, key_e_len, cm_row);
if (ret != FSP_SUCCESS) {
ret = WOLFSSL_FATAL_ERROR;
@@ -739,8 +723,8 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = wc_tsip_generateVerifyData(ssl->arrays->tsip_masterSecret,
side, handshake_hash, hashes);
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- ret = wc_sce_generateVerifyData(ssl->arrays->sce_masterSecret,
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ ret = wc_fspsm_generateVerifyData(ssl->arrays->fspsm_masterSecret,
side, handshake_hash, hashes);
#endif
}
@@ -752,7 +736,7 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
/* Renesas Security Library Common Callback
* Callback for setting Encrypt Keys.
- * Register callback for setting Encrypt Keys when keys are generated
+ * Register callback for setting Encrypt Keys when keys are generated
* by SCE/TSIP
*
* ssl the WOLFSSL object
@@ -771,10 +755,10 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
-
+
if (cbInfo->session_key_set == 1) {
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
if (cbInfo->keyflgs_tls.bits.session_key_set == 1) {
@@ -807,23 +791,23 @@ WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx)
int ret = -1;
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
#endif
(void)ctx;
-
+
WOLFSSL_ENTER("Renesas_cmn_generateSessionKey");
if (Renesas_cmn_usable(ssl, 0)) {
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = wc_tsip_generateSessionKey(ssl, (TsipUserCtx*)ctx, cbInfo->devId);
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- ret = wc_sce_generateSessionKey(ssl, ctx, cbInfo->devId);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ ret = wc_fspsm_generateSessionKey(ssl, ctx, cbInfo->devId);
#endif
- }
+ }
else {
ret = PROTOCOLCB_UNAVAILABLE;
}
-
+
if (ret == 0) {
wolfSSL_CTX_SetEncryptKeysCb(ssl->ctx, Renesas_cmn_EncryptKeys);
wolfSSL_SetEncryptKeysCtx(ssl, ctx);
@@ -867,9 +851,9 @@ WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl,
else
ret = PROTOCOLCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (Renesas_cmn_usable(ssl, 0)) {
- ret = wc_sce_generatePremasterSecret(premaster, preSz);
+ ret = wc_fspsm_generatePremasterSecret(premaster, preSz);
ssl->arrays->preMasterSz = preSz;
}
else
@@ -933,17 +917,17 @@ WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(struct WOLFSSL* ssl, void* ctx)
else
ret = PROTOCOLCB_UNAVAILABLE;
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (Renesas_cmn_usable(ssl, 0)) {
- ret = wc_sce_generateMasterSecret(
+ ret = wc_fspsm_generateMasterSecret(
ssl->options.cipherSuite0,
ssl->options.cipherSuite,
ssl->arrays->preMasterSecret,
ssl->arrays->clientRandom,
ssl->arrays->serverRandom,
- ssl->arrays->sce_masterSecret);
+ ssl->arrays->fspsm_masterSecret);
if (ret == 0) {
- wc_sce_storeKeyCtx(ssl, ctx);
+ wc_fspsm_storeKeyCtx(ssl, ctx);
/* set Session Key generation Callback for use */
wolfSSL_CTX_SetGenSessionKeyCb(ssl->ctx,
Renesas_cmn_generateSessionKey);
@@ -1016,9 +1000,10 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in,
ret = CRYPTOCB_UNAVAILABLE;
}
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- if (wc_sce_usable(ssl, 0) && EncSz == 256) {
- ret = wc_sce_generateEncryptPreMasterSecret(ssl, out, outSz);
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ if (wc_fspsm_usable(ssl, 0) && EncSz == 256) {
+ ret = wc_fspsm_generateEncryptPreMasterSecret(ssl, out,
+ (uint32_t*)outSz);
}
else {
if (EncSz != 256)
@@ -1058,9 +1043,10 @@ WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message,
}
else
ret = PROTOCOLCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
- if (wc_sce_usable(ssl, 1)) {
- ret = wc_sce_Sha256VerifyHmac(ssl, message, messageSz, macSz, content);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ if (wc_fspsm_usable(ssl, 1)) {
+ ret = wc_fspsm_Sha256VerifyHmac(ssl, message,
+ messageSz, macSz, content);
}
else
ret = PROTOCOLCB_UNAVAILABLE;
@@ -1114,11 +1100,11 @@ WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest,
}
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (Renesas_cmn_usable(ssl, 1)) {
if (ssl->specs.hash_size == WC_SHA256_DIGEST_SIZE) {
wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
- ret = wc_sce_Sha256GenerateHmac(ssl, myInner,
+ ret = wc_fspsm_Sha256GenerateHmac(ssl, myInner,
WOLFSSL_TLS_HMAC_INNER_SZ, in, sz, digest);
}
else
@@ -1189,9 +1175,10 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbRsaVerify(unsigned char* sig,
else
ret = CRYPTOCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (CertAtt->keyIndex != NULL) {
- ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz,
+ ret = wc_fspsm_tls_CertVerify(CertAtt->cert, CertAtt->certSz,
+ sig, sigSz,
CertAtt->pubkey_n_start - CertAtt->certBegin,
CertAtt->pubkey_n_len - 1,
CertAtt->pubkey_e_start - CertAtt->certBegin,
@@ -1273,9 +1260,10 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig,
}
else
ret = CRYPTOCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (CertAtt->keyIndex != NULL) {
- ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz,
+ ret = wc_fspsm_tls_CertVerify(CertAtt->cert, CertAtt->certSz,
+ sig, sigSz,
CertAtt->pubkey_n_start - CertAtt->certBegin,
CertAtt->pubkey_n_len - 1,
CertAtt->pubkey_e_start - CertAtt->certBegin,
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c
new file mode 100644
index 00000000..cb053573
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c
@@ -0,0 +1,816 @@
+/* renesas_fspsm_aes.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef NO_AES
+
+#if (defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
+
+#include <wolfssl/wolfcrypt/wc_port.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/internal.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#ifdef WOLF_CRYPTO_CB
+ #include <wolfssl/wolfcrypt/cryptocb.h>
+#endif
+#include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
+
+#ifdef NO_INLINE
+ #include <wolfssl/wolfcrypt/misc.h>
+#else
+ #define WOLFSSL_MISC_INCLUDED
+ #include <wolfcrypt/src/misc.c>
+#endif
+
+struct Aes;
+
+WOLFSSL_LOCAL void *Renesas_cmn_GetCbCtxBydevId(int devId);
+
+#define SCE_AES_GCM_AUTH_TAG_SIZE 16
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+extern FSPSM_INSTANCE gFSPSM_ctrl;
+#endif
+
+typedef fsp_err_t (*aesGcmEncInitFn)
+ (FSPSM_AESGCM_HANDLE*, FSPSM_AES_PWKEY, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmEncUpdateFn)
+ (FSPSM_AESGCM_HANDLE*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmEncFinalFn)
+ (FSPSM_AESGCM_HANDLE*, uint8_t*, uint32_t*, uint8_t*);
+
+typedef fsp_err_t (*aesGcmDecInitFn)
+ (FSPSM_AESGCM_HANDLE*, FSPSM_AES_PWKEY, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmDecUpdateFn)
+ (FSPSM_AESGCM_HANDLE*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmDecFinalFn)
+ (FSPSM_AESGCM_HANDLE*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+/* wrapper for Gcm encrypt init */
+static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h,
+ FSPSM_AES_PWKEY k, uint8_t* iv,
+ uint32_t iv_l)
+{
+ (void) h;
+ return R_RSIP_AES_GCM_EncryptInit(&gFSPSM_ctrl, (FSPSM_AES_PWKEY const)k,
+ (uint8_t* const)iv, iv_l);
+}
+/* wrapper for Gcm encrypt update */
+static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h,
+ uint8_t* p_plain, uint8_t* p_cipher, uint32_t plain_length,
+ uint8_t* p_add, uint32_t add_len)
+{
+ (void) h;
+ return R_RSIP_AES_GCM_EncryptUpdate(&gFSPSM_ctrl, (uint8_t* const) p_plain,
+ (uint8_t* const) p_cipher,
+ (uint32_t const) plain_length,
+ (uint8_t* const) p_add,
+ (uint32_t const) add_len);
+}
+/* wrapper for Gcm encrypt final */
+static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h,
+ uint8_t* p_cipher, uint32_t* c_len,
+ uint8_t* p_atag)
+{
+ (void) h;
+ return R_RSIP_AES_GCM_EncryptFinal(&gFSPSM_ctrl, (uint8_t* const) p_cipher,
+ (uint32_t* const) c_len,
+ (uint8_t* const) p_atag);
+}
+/* wrapper for Gcm decrypt init */
+static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h,
+ FSPSM_AES_PWKEY k, uint8_t* iv, uint32_t iv_l)
+{
+ (void) h;
+ return R_RSIP_AES_GCM_DecryptInit(&gFSPSM_ctrl, (FSPSM_AES_PWKEY const)k,
+ (uint8_t* const)iv, iv_l);
+}
+/* wrapper for Gcm decrypt update */
+static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h,
+ uint8_t* p_cipher, uint8_t* p_plain, uint32_t c_length,
+ uint8_t* p_add, uint32_t add_len)
+{
+ (void) h;
+ return R_RSIP_AES_GCM_DecryptUpdate(&gFSPSM_ctrl, (uint8_t* const) p_cipher,
+ (uint8_t* const) p_plain,
+ (uint32_t const) c_length,
+ (uint8_t* const) p_add,
+ (uint32_t const) add_len);
+}
+/* wrapper for Gcm decrypt final */
+static fsp_err_t _R_RSIP_AES_GCM_DecryptFinal(FSPSM_AESGCM_HANDLE* h,
+ uint8_t* p_plain, uint32_t* plain_len,
+ uint8_t* p_atag, uint32_t atag_len)
+{
+ (void) h;
+ return R_RSIP_AES_GCM_DecryptFinal(&gFSPSM_ctrl, (uint8_t* const) p_plain,
+ (uint32_t* const) plain_len,
+ (uint8_t* const) p_atag,
+ (uint32_t const) atag_len);
+}
+/* wrapper for aes cbc encrypt init */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_EncryptInit(FSPSM_AES_HANDLE* h,
+ FSPSM_AES_PWKEY k,
+ uint8_t* iv)
+{
+ (void) h;
+ return R_RSIP_AES_Cipher_EncryptInit(&gFSPSM_ctrl,
+ RSIP_AES_MODE_CBC,
+ k, iv);
+}
+/* wrapper for aes cbc encrypt update */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_EncryptUpdate(FSPSM_AES_HANDLE* h,
+ uint8_t* p_plain,
+ uint8_t* p_cipher,
+ uint32_t plain_length)
+{
+ (void) h;
+ return R_RSIP_AES_Cipher_EncryptUpdate(&gFSPSM_ctrl,
+ (const uint8_t* const)p_plain,
+ (uint8_t* const)p_cipher,
+ (const uint32_t)plain_length);
+}
+/* wrapper for aes cbc encrypt final */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_EncryptFinal(FSPSM_AES_HANDLE* h,
+ uint8_t* p_cipher,
+ uint32_t* cipher_lengh)
+{
+ (void) h;
+ return R_RSIP_AES_Cipher_EncryptFinal(&gFSPSM_ctrl,
+ (uint8_t* const)p_cipher,
+ (uint32_t* const)cipher_lengh);
+}
+/* wrapper for aes cbc decrypt init */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_DecryptInit(FSPSM_AES_HANDLE* h,
+ FSPSM_AES_PWKEY k,
+ uint8_t* iv)
+{
+ (void) h;
+ return R_RSIP_AES_Cipher_DecryptInit(&gFSPSM_ctrl,
+ RSIP_AES_MODE_CBC,
+ k, iv);
+}
+/* wrapper for aes cbc decrypt update */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_DecryptUpdate(FSPSM_AES_HANDLE* h,
+ uint8_t* p_cipher,
+ uint8_t* p_plain,
+ uint32_t cipher_lengh)
+{
+ (void) h;
+ return R_RSIP_AES_Cipher_DecryptUpdate(&gFSPSM_ctrl,
+ (const uint8_t* const)p_cipher,
+ (uint8_t* const)p_plain,
+ (const uint32_t)cipher_lengh);
+}
+/* wrapper for aes cbc encrypt final */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_DecryptFinal(FSPSM_AES_HANDLE* h,
+ uint8_t* p_plain,
+ uint32_t* plain_lengh)
+{
+ (void) h;
+ return R_RSIP_AES_Cipher_DecryptFinal(&gFSPSM_ctrl,
+ (uint8_t* const)p_plain,
+ (uint32_t* const)plain_lengh);
+}
+#endif
+/* Perform Aes Gcm encryption by FSP SM
+ *
+ * aes The AES object.
+ * out Buffer to hold cipher text
+ * in Buffer to hold plaintext
+ * sz Length of cipher text/plaintext in bytes
+ * iv Buffer holding IV/nonce
+ * ivSz Length of IV/nonce in bytes
+ * authTag Buffer to hold authentication data
+ * authTagSz Length of authentication data in bytes
+ * ctx The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ byte* iv, word32 ivSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz,
+ void* ctx)
+{
+ int ret;
+ FSPSM_AESGCM_HANDLE _handle;
+ uint32_t dataLen = sz;
+ FSPSM_ST *info = (FSPSM_ST*)ctx;
+
+ aesGcmEncInitFn initFn;
+ aesGcmEncUpdateFn updateFn;
+ aesGcmEncFinalFn finalFn;
+
+ uint8_t* plainBuf = NULL;
+ uint8_t* cipherBuf = NULL;
+ uint8_t* aTagBuf = NULL;
+ uint8_t delta;
+ const uint8_t* iv_l = NULL;
+ uint32_t ivSz_l = 0;
+
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+ FSPSM_HMAC_WKEY key_client_mac;
+ FSPSM_HMAC_WKEY key_server_mac;
+#endif
+ FSPSM_AES_PWKEY key_client_aes = NULL;
+ FSPSM_AES_PWKEY key_server_aes = NULL;
+ (void) key_server_aes;
+
+ /* sanity check */
+ if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
+ WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
+ return BAD_FUNC_ARG;
+ }
+
+ if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
+ WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
+ return BAD_FUNC_ARG;
+ }
+
+ if (aes->ctx.keySize == 16) {
+ initFn = FSPSM_AES128GCMEnc_Init;
+ updateFn = FSPSM_AES128GCMEnc_Up;
+ finalFn = FSPSM_AES128GCMEnc_Final;
+ }
+ else {
+ initFn = FSPSM_AES256GCMEnc_Init;
+ updateFn = FSPSM_AES256GCMEnc_Up;
+ finalFn = FSPSM_AES256GCMEnc_Final;
+ }
+
+
+ /* check if AES GCM can be used by FSP SM */
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+
+ /* allocate buffers for plain text, cipher text and authTag to make sure
+ * those buffers 32bit aligned as SCE requests.
+ */
+ delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
+ (byte)(AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE));
+ plainBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
+ cipherBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
+ aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
+ DYNAMIC_TYPE_AES);
+
+ if ((sz > 0 && plainBuf == NULL) ||
+ ((sz + delta) > 0 && cipherBuf == NULL) || aTagBuf == NULL) {
+ WOLFSSL_MSG("wc_fspsm_AesGcmEncrypt: buffer allocation failed");
+ ret = -1;
+ }
+
+ if (ret == 0) {
+ XMEMCPY(plainBuf, in, sz);
+ XMEMSET((void*)cipherBuf, 0, sz + delta);
+ XMEMSET((void*)authTag, 0, authTagSz);
+ }
+
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ if (ret == 0 &&
+ info->keyflgs_tls.bits.session_key_set == 1) {
+ /* generate AES-GCM session key. The key stored in
+ * Aes.ctx.tsip_keyIdx is not used here.
+ */
+ key_client_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ if (key_client_aes == NULL || key_server_aes == NULL) {
+ XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
+ return MEMORY_E;
+ }
+
+ ret = FSPSM_SESSIONKEY_GEN_FUNC(
+ info->cipher,
+ (uint32_t*)info->masterSecret,
+ (uint8_t*) info->clientRandom,
+ (uint8_t*) info->serverRandom,
+ &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
+ &key_client_mac,
+ &key_server_mac,
+ key_client_aes,
+ key_server_aes,
+ NULL, NULL);
+ if (ret != FSP_SUCCESS) {
+ WOLFSSL_MSG("R_XXX_TLS_SessionKeyGenerate failed");
+ ret = -1;
+ }
+
+ }
+ else {
+ #else
+ if (ret == 0) {
+ #endif
+ if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
+ info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
+ key_client_aes = aes->ctx.wrapped_key;
+ iv_l = iv;
+ ivSz_l = ivSz;
+ }
+ else {
+ WOLFSSL_MSG("AES key for FSP SM is not set.");
+ ret = -1;
+ }
+ }
+
+ if (ret == 0) {
+
+ /* since generated session key is coupled to iv, no need to pass
+ * them init func.
+ */
+ ret = initFn(&_handle, key_client_aes, (uint8_t*)iv_l, ivSz_l);
+
+ if (ret == FSP_SUCCESS) {
+ ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
+ authInSz);
+ }
+ if (ret == FSP_SUCCESS) {
+ ret = updateFn(&_handle, plainBuf, cipherBuf, sz, NULL, 0UL);
+ }
+ if (ret != FSP_SUCCESS) {
+ WOLFSSL_MSG("R_XXXX_AesXXXGcmEncryptUpdate2: failed");
+ ret = -1;
+ }
+
+ if (ret == FSP_SUCCESS) {
+ /* Once R_SCE_AesxxxGcmEncryptInit or R_SCE_AesxxxEncryptUpdate is
+ * called, R_SCE_AesxxxGcmEncryptFinal must be called regardless of
+ * the result of the previous call. Otherwise, SCE can not come out
+ * from its error state and all the trailing APIs will fail.
+ */
+ dataLen = 0;
+ ret = finalFn(&_handle,
+ cipherBuf + (sz + delta - AES_BLOCK_SIZE),
+ &dataLen,
+ aTagBuf);
+
+ if (ret == FSP_SUCCESS) {
+ /* copy encrypted data to out */
+ if (sz != dataLen) {
+ WOLFSSL_MSG("sz is not equal to dataLen!!!!");
+ ret = -1;
+ } else {
+ XMEMCPY(out, cipherBuf, dataLen);
+ /* copy auth tag to caller's buffer */
+ XMEMCPY((void*)authTag, (void*)aTagBuf,
+ min(authTagSz, SCE_AES_GCM_AUTH_TAG_SIZE ));
+ }
+ }
+ else {
+ WOLFSSL_MSG("R_SCE_AesxxxGcmEncryptFinal: failed");
+ ret = -1;
+ }
+ }
+ }
+
+ XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
+ if (info->keyflgs_tls.bits.session_key_set == 1 &&
+ key_client_aes != NULL)
+ XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
+ if (info->keyflgs_tls.bits.session_key_set == 1 &&
+ key_server_aes != NULL)
+ XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
+ wc_fspsm_hw_unlock();
+ }
+
+ return ret;
+}
+/* Perform Aes Gcm decryption by FSP SM
+ *
+ * aes The AES object.
+ * out Buffer to hold plaintext
+ * in Buffer to hold cipher text
+ * sz Length of cipher text/plaintext in bytes
+ * iv Buffer holding IV/nonce
+ * ivSz Length of IV/nonce in bytes
+ * authTag Buffer to hold authentication data
+ * authTagSz Length of authentication data in bytes
+ * ctx The Callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ const byte* iv, word32 ivSz,
+ const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz,
+ void* ctx)
+{
+ int ret;
+ FSPSM_AESGCM_HANDLE _handle;
+ uint32_t dataLen = sz;
+ FSPSM_ST *info = (FSPSM_ST*)ctx;
+
+ aesGcmDecInitFn initFn;
+ aesGcmDecUpdateFn updateFn;
+ aesGcmDecFinalFn finalFn;
+
+ uint8_t* cipherBuf = NULL;
+ uint8_t* plainBuf = NULL;
+ uint8_t* aTagBuf = NULL;
+ uint8_t delta;
+ const uint8_t* iv_l = NULL;
+ uint32_t ivSz_l = 0;
+
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+ FSPSM_HMAC_WKEY key_client_mac;
+ FSPSM_HMAC_WKEY key_server_mac;
+#endif
+ FSPSM_AES_PWKEY key_client_aes = NULL;
+ FSPSM_AES_PWKEY key_server_aes = NULL;
+ (void) key_client_aes;
+ /* sanity check */
+ if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
+ WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
+ return BAD_FUNC_ARG;
+ }
+
+ if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
+ WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
+ return BAD_FUNC_ARG;
+ }
+
+ if (aes->ctx.keySize == 16) {
+ initFn = FSPSM_AES128GCMDec_Init;
+ updateFn = FSPSM_AES128GCMDec_Up;
+ finalFn = FSPSM_AES128GCMDec_Final;
+ }
+ else {
+ initFn = FSPSM_AES256GCMDec_Init;
+ updateFn = FSPSM_AES256GCMDec_Up;
+ finalFn = FSPSM_AES256GCMDec_Final;
+ }
+
+
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ /* allocate buffers for plain-text, cipher-text, authTag and AAD.
+ * TSIP requests those buffers 32bit aligned.
+ */
+ delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
+ (byte)(AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE));
+ cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
+ plainBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
+ aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
+ DYNAMIC_TYPE_AES);
+
+ if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
+ ret = -1;
+ }
+
+ if (ret == 0) {
+ XMEMSET((void*)plainBuf, 0, sz);
+ XMEMCPY(cipherBuf, in, sz);
+ XMEMCPY(aTagBuf, authTag, authTagSz);
+ }
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ if (ret == 0 &&
+ info->keyflgs_tls.bits.session_key_set == 1) {
+ /* generate AES-GCM session key. The key stored in
+ * Aes.ctx.tsip_keyIdx is not used here.
+ */
+ key_client_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ if (key_client_aes == NULL || key_server_aes == NULL) {
+ XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
+ return MEMORY_E;
+ }
+
+ ret = FSPSM_SESSIONKEY_GEN_FUNC(
+ info->cipher,
+ (uint32_t*)info->masterSecret,
+ (uint8_t*) info->clientRandom,
+ (uint8_t*) info->serverRandom,
+ (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
+ &key_client_mac,
+ &key_server_mac,
+ key_client_aes,
+ key_server_aes,
+ NULL, NULL);
+ if (ret != FSP_SUCCESS) {
+ WOLFSSL_MSG("R_XXXX_TLS_SessionKeyGenerate failed");
+ ret = -1;
+ }
+ }
+ else {
+ #else
+ if (ret == 0) {
+ #endif
+ if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
+ info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
+
+ key_server_aes = aes->ctx.wrapped_key;
+ iv_l = iv;
+ ivSz_l = ivSz;
+ }
+ else {
+ WOLFSSL_MSG("AES key for FSP SM is not set.");
+ ret = -1;
+ }
+ }
+
+ if (ret == 0) {
+ /* since key_index has iv and ivSz in it, no need to pass them init
+ * func. Pass NULL and 0 as 3rd and 4th parameter respectively.
+ */
+ ret = initFn(&_handle, key_server_aes, (uint8_t*)iv_l, ivSz_l);
+
+
+ if (ret == FSP_SUCCESS) {
+ /* pass only AAD and it's size before passing cipher text */
+ ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
+ authInSz);
+ }
+ if (ret == FSP_SUCCESS) {
+ ret = updateFn(&_handle, cipherBuf, plainBuf, sz, NULL, 0UL);
+ }
+ if (ret != FSP_SUCCESS) {
+ WOLFSSL_MSG("R_XXXX_AesXXXGcmDecryptUpdate: failed in decrypt");
+ ret = -1;
+ }
+
+ if (ret == FSP_SUCCESS) {
+ dataLen = 0;
+ ret = finalFn(&_handle,
+ plainBuf + (sz + delta - AES_BLOCK_SIZE),
+ &dataLen,
+ aTagBuf,
+ min(16, authTagSz));
+
+ if (ret == FSP_SUCCESS) {
+ /* copy plain data to out */
+ if (sz != dataLen) {
+ WOLFSSL_MSG("sz is not equal to dataLen!!!!");
+ ret = -1;
+ }
+ else {
+ XMEMCPY(out, plainBuf, dataLen);
+ }
+ }
+ else {
+ WOLFSSL_MSG("R_XXXX_AesXXXGcmDecryptFinal: failed");
+ ret = -1;
+ }
+ }
+ }
+
+ XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
+ XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+ if (info->keyflgs_tls.bits.session_key_set == 1 &&
+ key_client_aes != NULL)
+ XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
+ if (info->keyflgs_tls.bits.session_key_set == 1 &&
+ key_server_aes != NULL)
+ XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
+ wc_fspsm_hw_unlock();
+ }
+
+ return ret;
+}
+/* Perform Aes Cbc encryption by FSP SM
+ *
+ * aes The AES object.
+ * out Buffer to hold cipher text
+ * in Buffer to hold plain text
+ * sz Length of cipher text/plaintext in bytes
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_AesCbcEncrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz)
+{
+ FSPSM_AES_HANDLE _handle;
+ int ret;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ uint32_t dataLength;
+ byte *iv;
+
+ if ((in == NULL) || (out == NULL) || (aes == NULL))
+ return BAD_FUNC_ARG;
+
+ /* while doing TLS handshake, SCE driver keeps true-key and iv *
+ * on the device. iv is dummy */
+ iv = (uint8_t*)aes->reg;
+
+ if ((ret = wc_fspsm_hw_lock()) != 0) {
+ WOLFSSL_MSG("Failed to lock");
+ return ret;
+ }
+
+ if (aes->ctx.keySize == 16) {
+ ret = FSPSM_AES128CBCEnc_Init(&_handle,
+ aes->ctx.wrapped_key,
+ iv);
+ }
+ else if (aes->ctx.keySize == 32) {
+ ret = FSPSM_AES256CBCEnc_Init(&_handle,
+ aes->ctx.wrapped_key,
+ iv);
+ }
+ else {
+ WOLFSSL_MSG("invalid key Size for SCE. Key size is neither 16 or 32.");
+ wc_fspsm_hw_unlock();
+ return -1;
+ }
+
+ while (ret == FSP_SUCCESS && blocks--) {
+
+ if (aes->ctx.keySize == 16)
+ ret = FSPSM_AES128CBCEnc_Up(&_handle, (uint8_t*)in,
+ (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+ else
+ ret = FSPSM_AES256CBCEnc_Up(&_handle, (uint8_t*)in,
+ (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+
+ if (ret == FSP_SUCCESS) {
+ if (aes->ctx.keySize == 16) {
+ ret = FSPSM_AES128CBCEnc_Final(&_handle, out, &dataLength);
+ }
+ else {
+ ret = FSPSM_AES256CBCEnc_Final(&_handle, out, &dataLength);
+ }
+ }
+ else {
+ WOLFSSL_MSG("SCE AES CBC encryption failed");
+ ret = -1;
+ }
+
+ wc_fspsm_hw_unlock();
+ return ret;
+}
+/* Perform Aes Cbc decryption by SCE
+ *
+ * aes The AES object.
+ * out Buffer to hold plain text
+ * in Buffer to hold cipher text
+ * sz Length of cipher text/plaintext in bytes
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_AesCbcDecrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz)
+{
+ FSPSM_AES_HANDLE _handle;
+ int ret;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ uint32_t dataLength;
+ byte *iv;
+
+ if ((in == NULL) || (out == NULL) || (aes == NULL))
+ return BAD_FUNC_ARG;
+
+ iv = (uint8_t*)aes->reg;
+
+ if ((ret = wc_fspsm_hw_lock()) != 0) {
+ WOLFSSL_MSG("Failed to lock");
+ return ret;
+ }
+
+ if (aes->ctx.keySize == 16) {
+ ret = FSPSM_AES128CBCDec_Init(&_handle,
+ aes->ctx.wrapped_key,
+ iv);
+ }
+ else if (aes->ctx.keySize == 32) {
+ ret = FSPSM_AES256CBCDec_Init(&_handle,
+ aes->ctx.wrapped_key,
+ iv);
+ }
+ else {
+ wc_fspsm_hw_unlock();
+ return -1;
+ }
+
+ while (ret == FSP_SUCCESS && blocks--) {
+
+ if (aes->ctx.keySize == 16)
+ ret = FSPSM_AES128CBCDec_Up(&_handle, (uint8_t*)in,
+ (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+ else
+ ret = FSPSM_AES256CBCDec_Up(&_handle, (uint8_t*)in,
+ (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+
+ in += AES_BLOCK_SIZE;
+ out += AES_BLOCK_SIZE;
+ }
+
+ if (ret == FSP_SUCCESS) {
+ if (aes->ctx.keySize == 16)
+ ret = FSPSM_AES128CBCDec_Final(&_handle, out, &dataLength);
+ else
+ ret = FSPSM_AES256CBCDec_Final(&_handle, out, &dataLength);
+ }
+ else {
+ WOLFSSL_MSG("SCE AES CBC decryption failed");
+ ret = -1;
+ }
+
+ wc_fspsm_hw_unlock();
+ return ret;
+}
+
+
+/* free contentx related to FSP SM
+ *
+ * aes The AES object.
+ * return none
+ */
+WOLFSSL_LOCAL void wc_fspsm_Aesfree(Aes* aes)
+{
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ /* In the case of session key, memory is allocated
+ * therefore, it should be freed here
+ */
+ if (aes->ctx.setup == 1 && aes->ctx.wrapped_key) {
+ XFREE(aes->ctx.wrapped_key, aes->heap, DYNAMIC_TYPE_AES);
+ aes->ctx.setup = 0;
+ }
+#else
+ if (aes->ctx.wrapped_key) {
+ /* aes ctx just points user created wrapped key
+ * in the case of CryptOnly Mode
+ * therefore, it just sets pointing to NULL.
+ * user key should be freed by owner(user)
+ */
+ aes->ctx.wrapped_key = NULL;
+ }
+#endif
+}
+
+#if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+ const byte* iv, int dir)
+{
+ (void) userKey;
+ (void) dir;
+
+ if (aes == NULL || userKey == NULL ||
+ !((keylen == 16) || (keylen == 32))) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (aes->devId == INVALID_DEVID) {
+ return BAD_FUNC_ARG;
+ }
+
+#ifdef WOLFSSL_AES_COUNTER
+ aes->left = 0;
+#endif
+
+ /* if there is previous key, free */
+ if(aes->ctx.wrapped_key)
+ wc_fspsm_Aesfree(aes);
+ /* Generate aes key based on length */
+ aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)userKey;
+ aes->keylen = (int)keylen;
+ aes->ctx.keySize = keylen;
+
+ return wc_AesSetIV(aes, iv);
+}
+#endif
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS
+ WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+ NO_WOLFSSL_RENESAS_FSPSM_AES */
+#endif /* NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c
new file mode 100644
index 00000000..5db4435d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c
@@ -0,0 +1,322 @@
+/* renesas_fspsm_rsa.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_RSA) && \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+extern FSPSM_INSTANCE gFSPSM_ctrl;
+#endif
+
+/* Set Ctx pointer to NULL.
+ * A created wrapped key should be freed by user
+ *
+ * key RsaKey object
+ * return none
+ */
+WOLFSSL_LOCAL void wc_fspsm_RsaKeyFree(RsaKey *key)
+{
+ if (key == NULL)
+ return;
+
+ if(key->ctx.wrapped_pri1024_key)
+ key->ctx.wrapped_pri1024_key = NULL;
+
+ if(key->ctx.wrapped_pub1024_key)
+ key->ctx.wrapped_pub1024_key = NULL;
+
+ if(key->ctx.wrapped_pri2048_key)
+ key->ctx.wrapped_pri2048_key = NULL;
+
+ if(key->ctx.wrapped_pub2048_key)
+ key->ctx.wrapped_pub2048_key = NULL;
+}
+
+/* Set Rsa key by pre-created wrapped user key
+ *
+ * key RsaKey object
+ * size desired keylenth, in bits. supports 1024 or 2048 bits
+ * ctx Callback context including pointer to hold generated key
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_MakeRsaKey(RsaKey *key, int size, void* ctx)
+{
+ FSPSM_ST *info = (FSPSM_ST*)ctx;
+
+ /* sanity check */
+ if (key == NULL || size < 0 || ctx == NULL)
+ return BAD_FUNC_ARG;
+
+ if (size == 1024) {
+ if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set != 1 ||
+ info->keyflgs_crypt.bits.rsapub1024_installedkey_set != 1) {
+ WOLFSSL_MSG("Caller should create user key in advance.");
+ WOLFSSL_MSG("Caller also need to installedkey to 1.");
+ return BAD_FUNC_ARG;
+ }
+ key->ctx.wrapped_pri1024_key = info->wrapped_key_rsapri1024;
+ key->ctx.wrapped_pub1024_key = info->wrapped_key_rsapub1024;
+ key->ctx.keySz = 1024;
+ } else if (size == 2048) {
+ if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set != 1 ||
+ info->keyflgs_crypt.bits.rsapub2048_installedkey_set != 1) {
+ WOLFSSL_MSG("Caller should create user key in advance.");
+ WOLFSSL_MSG("Caller also need to installedkey to 1.");
+ return BAD_FUNC_ARG;
+ }
+ key->ctx.wrapped_pri2048_key = info->wrapped_key_rsapri2048;
+ key->ctx.wrapped_pub2048_key = info->wrapped_key_rsapub2048;
+ key->ctx.keySz = 2048;
+ } else
+ return CRYPTOCB_UNAVAILABLE;
+
+ return 0;
+}
+
+/* Perform rsa encryption/decryption by FSP SM
+ * Assumes to be called by Crypt Callback
+ *
+ * in Buffer to hold plain text
+ * inLen Length of plain text in bytes
+ * out Buffer to hold cipher text
+ * outLen Length of cipher in bytes
+ * key Rsa key object
+ * rng rng object
+ * ctx Callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, int type, struct RsaKey* key,
+ struct WC_RNG* rng)
+{
+ int ret;
+
+ FSPSM_RSA_DATA plain;
+ FSPSM_RSA_DATA cipher;
+
+ int keySize;
+
+ (void) key;
+ (void) rng;
+
+ /* sanity check */
+ if (in == NULL || out == NULL ||
+ ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
+ return BAD_FUNC_ARG;
+ }
+
+ keySize = (int)key->ctx.keySz;
+
+ if (keySize == 0) {
+ WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
+ "1024 or 2048 bits.");
+ return BAD_FUNC_ARG;
+ }
+
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ if (type == RSA_PUBLIC_ENCRYPT) {
+
+ plain.pdata = (byte*)in;
+ plain.data_length = inLen;
+ cipher.pdata = out;
+ cipher.data_length = *outLen;
+
+ if (keySize == 1024) {
+ ret = FSPSM_RSA1024_PKCSENC_FUNC(&plain, &cipher,
+ (FSPSM_RSA1024_WPB_KEY*)
+ key->ctx.wrapped_pub1024_key);
+ }
+ else {
+ ret = FSPSM_RSA2048_PKCSENC_FUNC(&plain, &cipher,
+ (FSPSM_RSA2048_WPB_KEY*)
+ key->ctx.wrapped_pub2048_key);
+ }
+ }
+ else if (type == RSA_PRIVATE_DECRYPT) {
+ plain.pdata = out;
+ plain.data_length = *outLen;
+ cipher.pdata = (byte*)in;
+ cipher.data_length = inLen;
+
+ if (keySize == 1024) {
+ ret = FSPSM_RSA1024_PKCSDEC_FUNC(&cipher, &plain,
+ (FSPSM_RSA1024_WPI_KEY*)
+ key->ctx.wrapped_pri1024_key, &outLen);
+ }
+ else {
+ ret = FSPSM_RSA2048_PKCSDEC_FUNC(&cipher, &plain,
+ (FSPSM_RSA2048_WPI_KEY*)
+ key->ctx.wrapped_pri2048_key, &outLen);
+ }
+ }
+
+ wc_fspsm_hw_unlock();
+ }
+ return ret;
+}
+
+/* Perform Rsa sign by FSP SM
+ * Assumes to be called by Crypt Callback
+ *
+ * in Buffer to hold plaintext
+ * inLen Length of plaintext in bytes
+ * out Buffer to hold generated signature
+ * outLen Length of signature in bytes
+ * key rsa key object
+ * ctx The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+
+WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
+ word32* outLen, struct RsaKey* key, void* ctx)
+{
+ int ret;
+
+ FSPSM_RSA_DATA message_hash;
+ FSPSM_RSA_DATA signature;
+ FSPSM_ST *info = (FSPSM_ST*)ctx;
+ int keySize;
+
+ /* sanity check */
+ if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL ||
+ ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
+ return BAD_FUNC_ARG;
+ }
+
+ keySize = (int)key->ctx.keySz;
+
+ message_hash.pdata = (byte *)in;
+ message_hash.data_length = inLen;
+ message_hash.data_type =
+ info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
+ signature.pdata = out;
+ signature.data_length = (word32*)outLen;
+
+ #if defined(WOLFSSL_RENESAS_RSIP)
+ message_hash.hash_type = signature.hash_type =
+ info->hash_type; /* hash type */
+ #endif
+
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ if (keySize == 1024) {
+
+ ret = FSPSM_RSA1024_SIGN_FUNC(&message_hash,
+ &signature,
+ (FSPSM_RSA1024_WPI_KEY *)
+ key->ctx.wrapped_pri1024_key,
+ HW_SCE_RSA_HASH_SHA256);
+ }
+ else {
+
+ ret = FSPSM_RSA2048_SIGN_FUNC(&message_hash,
+ &signature,
+ (FSPSM_RSA2048_WPI_KEY *)
+ key->ctx.wrapped_pri2048_key,
+ HW_SCE_RSA_HASH_SHA256);
+ }
+
+ wc_fspsm_hw_unlock();
+ }
+
+ return ret;
+}
+
+/* Perform Rsa verify by FSP SM
+ * Assumes to be called by Crypt Callback
+ *
+ * in Buffer to hold plaintext
+ * inLen Length of plaintext in bytes
+ * out Buffer to hold generated signature
+ * outLen Length of signature in bytes
+ * key rsa key object
+ * ctx The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+
+WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
+ word32* outLen,struct RsaKey* key, void* ctx)
+{
+ int ret;
+
+ FSPSM_RSA_DATA message_hash;
+ FSPSM_RSA_DATA signature;
+ FSPSM_ST *info = (FSPSM_ST*)ctx;
+ int keySize;
+
+ (void) key;
+
+ /* sanity check */
+ if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL ||
+ ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
+ return BAD_FUNC_ARG;
+ }
+
+ keySize = (int)key->ctx.keySz;
+
+
+ message_hash.pdata =(byte*)in;
+ message_hash.data_length = inLen;
+ message_hash.data_type =
+ info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
+
+ signature.pdata = out;
+ signature.data_length = (word32*)outLen;
+ #if defined(WOLFSSL_RENESAS_RSIP)
+ message_hash.hash_type = signature.hash_type =
+ info->hash_type; /* hash type */
+ #endif
+
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ if (keySize == 1024) {
+ ret = FSPSM_RSA1024_VRY_FUNC(&signature,
+ &message_hash,
+ (FSPSM_RSA1024_WPB_KEY *)
+ key->ctx.wrapped_pub1024_key,
+ HW_SCE_RSA_HASH_SHA256);
+ }
+ else {
+ ret = FSPSM_RSA2048_VRY_FUNC(&signature,
+ &message_hash,
+ (FSPSM_RSA2048_WPB_KEY *)
+ key->ctx.wrapped_pub2048_key,
+ HW_SCE_RSA_HASH_SHA256 );
+ }
+ wc_fspsm_hw_unlock();
+ }
+
+ return ret;
+}
+
+#endif /* !NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c
new file mode 100644
index 00000000..52df6da3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c
@@ -0,0 +1,686 @@
+/* renesas_fspsm_sha.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_SHA256)
+
+#include <wolfssl/wolfcrypt/logging.h>
+
+#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+ defined(WOLFSSL_RENESAS_RSIP)) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+extern FSPSM_INSTANCE gFSPSM_ctrl;
+
+/* wrapper for RSIP SHA1 Init */
+static fsp_err_t _R_RSIP_SHA1_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA1 );
+}
+/* wrapper for RSIP SHA224 Init */
+static fsp_err_t _R_RSIP_SHA224_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA224 );
+}
+/* wrapper for RSIP SHA256 Init */
+static fsp_err_t _R_RSIP_SHA256_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA256 );
+}
+/* wrapper for RSIP SHA384 Init */
+static fsp_err_t _R_RSIP_SHA384_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA384 );
+}
+/* wrapper for RSIP SHA512 Init */
+static fsp_err_t _R_RSIP_SHA512_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA512 );
+}
+/* wrapper for RSIP SHA512_224 Init */
+static fsp_err_t _R_RSIP_SHA512_224_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA512_224 );
+}
+/* wrapper for RSIP SHA512_256 Init */
+static fsp_err_t _R_RSIP_SHA512_256_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+ return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA512_256 );
+}
+/* wrapper for RSIP SHA Update */
+static fsp_err_t _R_RSIP_SHA_GenerateUpdate(FSPSM_SHA_HANDLE* h,
+ uint8_t* m, uint32_t len)
+{
+ return R_RSIP_SHA_GenerateUpdate(&gFSPSM_ctrl, h, m, len );
+}
+/* wrapper for RSIP SHA Final */
+static fsp_err_t _R_RSIP_SHA_GenerateFinal(FSPSM_SHA_HANDLE* h,
+ uint8_t* d, uint32_t *sz)
+{
+ (void) sz;
+ return R_RSIP_SHA_GenerateFinal(&gFSPSM_ctrl, h, d);
+}
+#endif /* WOLFSSL_RENESAS_RSIP */
+/* Free up allocation for msg
+ *
+ * hash The FSPSM Hash object.
+ * no return value
+ */
+static void FSPSM_HashFree(wolfssl_FSPSM_Hash* hash)
+{
+ if (hash == NULL)
+ return;
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ if (hash->msg != NULL) {
+ XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ hash->msg = NULL;
+ }
+#endif
+
+}
+/* copy hash result from src to dst */
+static int FSPSM_HashCopy(wolfssl_FSPSM_Hash* src, wolfssl_FSPSM_Hash* dst)
+{
+ if (src == NULL || dst == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ XMEMCPY(dst, src, sizeof(wolfssl_FSPSM_Hash));
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ if (src->len > 0 && src->msg != NULL) {
+ dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ if (dst->msg == NULL) {
+ return MEMORY_E;
+ }
+ XMEMCPY(dst->msg, src->msg, src->len);
+ }
+#endif
+ return 0;
+}
+/* Initialize Hash object
+ *
+ * hash The FSPSM Hash object.
+ * heap Buffer to hold heap if available
+ * devId device Id
+ * return 0 on success, BAD_FUNC_ARG when has is NULL
+ */
+static int FSPSM_HashInit(wolfssl_FSPSM_Hash* hash, void* heap, int devId,
+ word32 sha_type)
+{
+#if defined(WOLFSSL_RENESAS_RSIP)
+ int ret;
+ fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+#endif
+ if (hash == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ (void)devId;
+ XMEMSET(hash, 0, sizeof(wolfssl_FSPSM_Hash));
+ hash->sha_type = sha_type;
+ hash->heap = heap;
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ hash->len = 0;
+ hash->used = 0;
+ hash->msg = NULL;
+
+#elif defined(WOLFSSL_RENESAS_RSIP)
+
+ switch(hash->sha_type) {
+ case FSPSM_SHA1:
+ Init = FSPSM_SHA1_Init;
+ break;
+ case FSPSM_SHA256:
+ Init = FSPSM_SHA256_Init;
+ break;
+ case FSPSM_SHA224:
+ Init = FSPSM_SHA224_Init;
+ break;
+ case FSPSM_SHA384:
+ Init = FSPSM_SHA384_Init;
+ break;
+ case FSPSM_SHA512:
+ Init = FSPSM_SHA512_Init;
+ break;
+ case FSPSM_SHA512_224:
+ Init = FSPSM_SHA512_224_Init;
+ break;
+ case FSPSM_SHA512_256:
+ Init = FSPSM_SHA512_256_Init;
+ break;
+ default:
+ return BAD_FUNC_ARG;
+ }
+ wc_fspsm_hw_lock();
+ ret = Init(&hash->handle);
+ wc_fspsm_hw_unlock();
+ return ret;
+#endif
+
+ return 0;
+}
+
+/* Add data to msg(work buffer) for final hash operation
+ *
+ * hash The FSPSM Hash object.
+ * data Buffer to hold plain text for hash
+ * sz Length of data
+ * return 0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure
+ */
+static int FSPSM_HashUpdate(wolfssl_FSPSM_Hash* hash,
+ const byte* data, word32 sz)
+{
+#if defined(WOLFSSL_RENESAS_RSIP)
+ int ret;
+ fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+#endif
+
+ if (hash == NULL || (sz > 0 && data == NULL)) {
+ return BAD_FUNC_ARG;
+ }
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ if (hash->len < hash->used + sz) {
+ if (hash->msg == NULL) {
+ hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ else {
+#ifdef FREERTOS
+ byte* pt = (byte*)XMALLOC(hash->used + sz, hash->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (pt == NULL) {
+ return MEMORY_E;
+ }
+ XMEMCPY(pt, hash->msg, hash->used);
+ XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ hash->msg = NULL;
+ hash->msg = pt;
+#else
+ byte* pt = (byte*)XREALLOC(hash->msg, hash->used + sz, hash->heap,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (pt == NULL) {
+ return MEMORY_E;
+ }
+ hash->msg = pt;
+#endif
+ }
+ if (hash->msg == NULL) {
+ return MEMORY_E;
+ }
+ hash->len = hash->used + sz;
+ }
+ XMEMCPY(hash->msg + hash->used, data , sz);
+ hash->used += sz;
+#elif defined(WOLFSSL_RENESAS_RSIP)
+
+ switch(hash->sha_type) {
+ case FSPSM_SHA1:
+ Update = FSPSM_SHA1_Up;
+ break;
+ case FSPSM_SHA256:
+ Update = FSPSM_SHA256_Up;
+ break;
+ case FSPSM_SHA224:
+ Update = FSPSM_SHA224_Up;
+ break;
+ case FSPSM_SHA384:
+ Update = FSPSM_SHA384_Up;
+ break;
+ case FSPSM_SHA512:
+ Update = FSPSM_SHA512_Up;
+ break;
+ case FSPSM_SHA512_224:
+ Update = FSPSM_SHA512_224_Up;
+ break;
+ case FSPSM_SHA512_256:
+ Update = FSPSM_SHA512_256_Up;
+ break;
+ default:
+ return BAD_FUNC_ARG;
+ }
+ wc_fspsm_hw_lock();
+ ret = Update(&hash->handle, data, sz);
+ wc_fspsm_hw_unlock();
+ return ret;
+#endif
+ return 0;
+}
+
+/* Perform hash operation using accumulated msg
+ *
+ * hash The FSPSM Hash object.
+ * out Buffer to hold hashed text
+ * outSz Length of out
+ * return FSP_SUCCESS(0) on success,
+ * otherwise BAD_FUNC_ARG or FSP Error code on failure
+ */
+static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
+{
+ int ret = FSP_SUCCESS;
+ fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
+ uint32_t sz;
+ void* heap;
+ (void) outSz;
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ FSPSM_SHA_HANDLE handle;
+ fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+ fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+
+ if (hash == NULL || out == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (hash->sha_type == FSPSM_SHA256) {
+ Init = FSPSM_SHA256_Init;
+ Update = FSPSM_SHA256_Up;
+ Final = FSPSM_SHA256_Final;
+ } else
+ return BAD_FUNC_ARG;
+
+ wc_fspsm_hw_lock();
+
+ if (Init(&handle) == FSP_SUCCESS) {
+ ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
+ if (ret == FSP_SUCCESS) {
+ ret = Final(&handle, out, (uint32_t*)&sz);
+ if (ret != FSP_SUCCESS
+ #if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ || sz != outSz
+ #endif
+ ) {
+ WOLFSSL_MSG("Sha operation failed");
+ WOLFSSL_ERROR(WC_HW_E);
+ ret = WC_HW_E;
+ }
+ }
+ }
+ wc_fspsm_hw_unlock();
+
+#elif defined(WOLFSSL_RENESAS_RSIP)
+ switch(hash->sha_type) {
+ case FSPSM_SHA1:
+ Final = FSPSM_SHA1_Final;
+ break;
+ case FSPSM_SHA256:
+ Final = FSPSM_SHA256_Final;
+ break;
+ case FSPSM_SHA224:
+ Final = FSPSM_SHA224_Final;
+ break;
+ case FSPSM_SHA384:
+ Final = FSPSM_SHA384_Final;
+ break;
+ case FSPSM_SHA512:
+ Final = FSPSM_SHA512_Final;
+ break;
+ case FSPSM_SHA512_224:
+ Final = FSPSM_SHA512_224_Final;
+ break;
+ case FSPSM_SHA512_256:
+ Final = FSPSM_SHA512_256_Final;
+ break;
+ default:
+ return BAD_FUNC_ARG;
+ }
+
+ wc_fspsm_hw_lock();
+ ret = Final(&hash->handle, out, (uint32_t*)&sz);
+ if (ret != FSP_SUCCESS) {
+ WOLFSSL_MSG("Sha operation failed");
+ WOLFSSL_ERROR(WC_HW_E);
+ ret = WC_HW_E;
+ }
+ wc_fspsm_hw_unlock();
+#endif
+
+ heap = hash->heap;
+
+ FSPSM_HashFree(hash);
+ FSPSM_HashInit(hash, heap, 0, hash->sha_type);
+
+ return ret;
+}
+/* Hash operation to message and return a result */
+static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
+{
+ int ret = FSP_SUCCESS;
+ fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
+ uint32_t sz = 0;
+ (void) outSz;
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ FSPSM_SHA_HANDLE handle;
+ fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+ fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+#elif defined(WOLFSSL_RENESAS_RSIP)
+ wolfssl_FSPSM_Hash hashCopy;
+#endif
+
+
+ if (hash == NULL || out == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ if (hash->sha_type == FSPSM_SHA256) {
+ Init = FSPSM_SHA256_Init;
+ Update = FSPSM_SHA256_Up;
+ Final = FSPSM_SHA256_Final;
+ } else
+ return BAD_FUNC_ARG;
+
+ wc_fspsm_hw_lock();
+ if (Init(&handle) == FSP_SUCCESS) {
+ ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
+ if (ret == FSP_SUCCESS) {
+ ret = Final(&handle, out, &sz);
+ if (ret != FSP_SUCCESS
+ #if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ || sz != outSz
+ #endif
+ ) {
+ WOLFSSL_MSG("Sha operation failed");
+ WOLFSSL_ERROR(WC_HW_E);
+ ret = WC_HW_E;
+ }
+ }
+ }
+ wc_fspsm_hw_unlock();
+
+#elif defined(WOLFSSL_RENESAS_RSIP)
+ switch(hash->sha_type) {
+ case FSPSM_SHA1:
+ Final = FSPSM_SHA1_Final;
+ break;
+ case FSPSM_SHA256:
+ Final = FSPSM_SHA256_Final;
+ break;
+ case FSPSM_SHA224:
+ Final = FSPSM_SHA224_Final;
+ break;
+ case FSPSM_SHA384:
+ Final = FSPSM_SHA384_Final;
+ break;
+ case FSPSM_SHA512:
+ Final = FSPSM_SHA512_Final;
+ break;
+ case FSPSM_SHA512_224:
+ Final = FSPSM_SHA512_224_Final;
+ break;
+ case FSPSM_SHA512_256:
+ Final = FSPSM_SHA512_256_Final;
+ break;
+ default:
+ return BAD_FUNC_ARG;
+ }
+
+
+ if(FSPSM_HashCopy(hash, &hashCopy) != 0) {
+ WOLFSSL_MSG("ShaCopy operation failed");
+ WOLFSSL_ERROR(WC_HW_E);
+ ret = WC_HW_E;
+ }
+ wc_fspsm_hw_lock();
+ ret = Final(&hashCopy.handle, out, (uint32_t*)&sz);
+ if (ret != FSP_SUCCESS) {
+ WOLFSSL_MSG("Sha operation failed");
+ WOLFSSL_ERROR(WC_HW_E);
+ ret = WC_HW_E;
+ }
+ wc_fspsm_hw_unlock();
+
+#endif
+
+ return ret;
+}
+
+
+
+#if !defined(NO_SHA) && defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha.h>
+
+int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
+{
+ return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA1);
+}
+
+int wc_ShaUpdate(wc_Sha* sha, const byte* in, word32 sz)
+{
+ return FSPSM_HashUpdate(sha, in, sz);
+}
+
+int wc_ShaFinal(wc_Sha* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA_DIGEST_SIZE);
+}
+
+int wc_ShaGetHash(wc_Sha* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA_DIGEST_SIZE);
+}
+
+int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+#endif /* !NO_SHA && WOLFSSL_RENESAS_RSIP*/
+
+#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha256.h>
+
+/* WolfCrypt wrapper function for RX64 SHA224 Init */
+int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
+{
+ return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA224);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Update */
+int wc_Sha224Update(wc_Sha224* sha, const byte* in, word32 sz)
+{
+ return FSPSM_HashUpdate(sha, in, sz);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Final */
+int wc_Sha224Final(wc_Sha224* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA224_DIGEST_SIZE);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Get */
+int wc_Sha224GetHash(wc_Sha224* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA224_DIGEST_SIZE);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Copy */
+int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+#endif /* WOLFSSL_SHA224 */
+
+#if !defined(NO_SHA256)
+#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+ defined(WOLFSSL_RENESAS_RSIP)) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha256.h>
+
+/* wrapper for wc_InitSha256_ex */
+int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
+{
+ return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA256);
+}
+/* wrapper for wc_Sha256Update */
+int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
+{
+ return FSPSM_HashUpdate(sha, in, sz);
+}
+/* wrapper for wc_Sha256Final */
+int wc_Sha256Final(wc_Sha256* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA256_DIGEST_SIZE);
+}
+/* wrapper for wc_Sha256GetHash */
+int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
+}
+/* wrapper for wc_Sha256Copy */
+int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+#endif /* !NO_SHA256 */
+#endif /* WOLFSSL_RENESAS_SCEPROTECT) || \
+ * WOLFSSL_RENESAS_RSIP */
+
+#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha512.h>
+/* wrapper for wc_InitSha384_ex */
+int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devid)
+{
+ return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA384);
+}
+/* wrapper for wc_InitSha384_ex */
+int wc_Sha384Update(wc_Sha384* sha, const byte* in, word32 sz)
+{
+ return FSPSM_HashUpdate(sha, in, sz);
+}
+/* wrapper for wc_Sha384Final */
+int wc_Sha384Final(wc_Sha384* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA384_DIGEST_SIZE);
+}
+/* wrapper for wc_Sha384GetHash */
+int wc_Sha384GetHash(wc_Sha384* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA384_DIGEST_SIZE);
+}
+/* wrapper for wc_Sha384Copy */
+int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+#endif /* WOLFSSL_SHA384 */
+
+#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha512.h>
+
+/* wrapper for wc_InitSha512_ex */
+int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devid)
+{
+ return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA512);
+}
+
+/* wrapper for wc_Sha512Update */
+int wc_Sha512Update(wc_Sha512* sha, const byte* in, word32 sz)
+{
+ return FSPSM_HashUpdate(sha, in, sz);
+}
+
+/* wrapper for wc_Sha512Final */
+int wc_Sha512Final(wc_Sha512* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA512_DIGEST_SIZE);
+}
+/* wrapper for wc_Sha512GetHash */
+int wc_Sha512GetHash(wc_Sha512* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA512_DIGEST_SIZE);
+}
+/* wrapper for wc_Sha512Copy */
+int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+
+#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+#if !defined(WOLFSSL_NOSHA512_224) && \
+ (defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
+
+/* create KCAPI handle for SHA512 operation */
+int wc_InitSha512_224_ex(wc_Sha512* sha, void* heap, int devid)
+{
+ return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA512_224);
+}
+
+int wc_Sha512_224Final(wc_Sha512* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA512_224_DIGEST_SIZE);
+}
+int wc_Sha512_224GetHash(wc_Sha512* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA512_224_DIGEST_SIZE);
+}
+
+int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+#endif /* !WOLFSSL_NOSHA512_224 */
+
+#if !defined(WOLFSSL_NOSHA512_256) && \
+ (defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
+
+/* create KCAPI handle for SHA512 operation */
+int wc_InitSha512_256_ex(wc_Sha512* sha, void* heap, int devid)
+{
+ return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA512_256);
+}
+
+int wc_Sha512_256Final(wc_Sha512* sha, byte* hash)
+{
+ return FSPSM_HashFinal(sha, hash, WC_SHA512_256_DIGEST_SIZE);
+}
+int wc_Sha512_256GetHash(wc_Sha512* sha, byte* hash)
+{
+ return FSPSM_HashGet(sha, hash, WC_SHA512_224_DIGEST_SIZE);
+}
+
+int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst)
+{
+ return FSPSM_HashCopy(src, dst);
+}
+#endif /* !WOLFSSL_NOSHA512_256 */
+#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
+
+#endif /* WOLFSSL_SHA512 */
+
+
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS */
+#endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_util.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c
index 6d791700..1ecf750e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_util.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c
@@ -1,4 +1,4 @@
-/* renesas_sce_util.c
+/* renesas_fspsm_util.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -18,15 +18,24 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+
+#if defined(WOLFSSL_RENESAS_RSIP) || \
+ defined(WOLFSSL_RENESAS_SCEPROTECT)
+
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h>
+
+/* expect to have these variables defined at user application */
+extern FSPSM_INSTANCE gFSPSM_ctrl;
+extern FSPSM_CONFIG gFSPSM_cfg;
+
+#if defined(WOLFSSL_RENESAS_FSPSM)
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
#include <wolfssl/wolfcrypt/memory.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -39,38 +48,41 @@
#if defined(DEBUG_PK_CB)
#define WOLFSSL_PKMSG(_f_, ...) printf(_f_, ##__VA_ARGS__)
#else
- #define WOLFSSL_PKMSG(_f_, ...)
+ #define WOLFSSL_PKMSG(_f_, ...) WC_DO_NOTHING
#endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
-WOLFSSL_GLOBAL SCE_PKCbInfo gSCE_PKCbInfo;
+#if defined(WOLFSSL_RENESAS_FSPSM_ECC)
+WOLFSSL_GLOBAL FSPSM_ST_PKC gPKCbInfo;
#endif
-/* expect to have these variables defined at user application */
-extern sce_instance_ctrl_t sce_ctrl;
-extern sce_cfg_t sce_cfg;
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
static const byte* ca_cert_sig;
-static sce_key_data g_user_key_info;
+static fspsm_key_data g_user_key_info;
static uint32_t g_encrypted_publicCA_key[HW_SCE_SINST_WORD_SIZE];
extern uint32_t g_CAscm_Idx; /* index of CM table */
-wolfSSL_Mutex sce_mutex;
-static int sce_CryptHwMutexInit_ = 0;
-static uint32_t sce_sess_idx = 0;
+static uint32_t fspsm_sess_idx = 0;
+#endif
+
+#endif /* WOLFSSL_RENESAS_FSPSM*/
+
+wolfSSL_Mutex fspsm_mutex;
+static int fspsm_CryptHwMutexInit_ = 0;
+
/* Mutex Init */
-static int sce_CryptHwMutexInit(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexInit(wolfSSL_Mutex* mutex)
{
return wc_InitMutex(mutex);
}
/* Mutex Lock */
-static int sce_CryptHwMutexLock(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexLock(wolfSSL_Mutex* mutex)
{
return wc_LockMutex(mutex);
}
/* Mutex Unlock */
-static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
{
return wc_UnLockMutex(mutex);
}
@@ -79,23 +91,23 @@ static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
* lock hw engine
* this should be called before using engine.
*/
-WOLFSSL_LOCAL int wc_sce_hw_lock()
+WOLFSSL_LOCAL int wc_fspsm_hw_lock()
{
int ret = 0;
- if (sce_CryptHwMutexInit_ == 0) {
+ if (fspsm_CryptHwMutexInit_ == 0) {
- ret = sce_CryptHwMutexInit(&sce_mutex);
+ ret = fspsm_CryptHwMutexInit(&fspsm_mutex);
if (ret == 0) {
- sce_CryptHwMutexInit_ = 1;
+ fspsm_CryptHwMutexInit_ = 1;
}
else {
WOLFSSL_MSG(" mutex initialization failed.");
return -1;
}
}
- if (sce_CryptHwMutexLock(&sce_mutex) != 0) {
+ if (fspsm_CryptHwMutexLock(&fspsm_mutex) != 0) {
/* this should not happens */
return -1;
}
@@ -106,26 +118,28 @@ WOLFSSL_LOCAL int wc_sce_hw_lock()
/*
* release hw engine
*/
-WOLFSSL_LOCAL void wc_sce_hw_unlock(void)
+WOLFSSL_LOCAL void wc_fspsm_hw_unlock(void)
{
- sce_CryptHwMutexUnLock(&sce_mutex);
+ fspsm_CryptHwMutexUnLock(&fspsm_mutex);
}
/* Open sce driver for use */
-WOLFSSL_LOCAL int wc_sce_Open()
+WOLFSSL_LOCAL int wc_fspsm_Open()
{
- WOLFSSL_ENTER("wc_sce_Open");
+ WOLFSSL_ENTER("wc_fspsm_Open");
int ret;
- if ((ret = wc_sce_hw_lock()) == 0) {
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
- ret = R_SCE_Open(&sce_ctrl, &sce_cfg);
+ ret = FSPSM_OPEN(&gFSPSM_ctrl, &gFSPSM_cfg);
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("RENESAS SCE Open failed");
}
+
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
- ret = R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall(
+ ret = FSPSM_ROOTCA_RSA2048(
g_user_key_info.encrypted_provisioning_key,
g_user_key_info.iv,
g_user_key_info.encrypted_user_tls_key,
@@ -138,28 +152,28 @@ WOLFSSL_LOCAL int wc_sce_Open()
else {
WOLFSSL_MSG("Failed to lock sce hw ");
}
-
+ #endif
}
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
- WOLFSSL_LEAVE("wc_sce_Open", ret);
+ WOLFSSL_LEAVE("wc_fspsm_Open", ret);
return ret;
}
/* close SCE driver */
-WOLFSSL_LOCAL void wc_sce_Close()
+WOLFSSL_LOCAL void wc_fspsm_Close()
{
WOLFSSL_ENTER("sce Close");
int ret;
- if ((ret = wc_sce_hw_lock()) == 0) {
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
/* close SCE */
- ret = R_SCE_Close(&sce_ctrl);
+ ret = FSPSM_CLOSE(&gFSPSM_ctrl);
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("RENESAS SCE Close failed");
}
@@ -169,15 +183,44 @@ WOLFSSL_LOCAL void wc_sce_Close()
}
}
-#ifndef WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
+#define RANDGEN_WORDS 4
+WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 sz)
+{
+ /* Generate PRNG based on NIST SP800-90A AES CTR-DRBG */
+ int ret = 0;
+ word32 buffer[RANDGEN_WORDS];
+
+ while (sz > 0) {
+ word32 len = sizeof(buffer);
+
+ if (sz < len) {
+ len = sz;
+ }
+ /* return 4 words random number*/
+ ret = R_RANDOM_GEN(buffer);
+ if(ret == FSP_SUCCESS) {
+ XMEMCPY(output, &buffer, len);
+ output += len;
+ sz -= len;
+ } else {
+ WOLFSSL_MSG_EX("FSP SM Rnd Generate() Returned 0x%08x", ret);
+ return WC_HW_E;
+ }
+ }
+ return ret;
+}
+
+#if defined(WOLFSSL_RENESAS_FSPSM) && \
+ defined(WOLFSSL_RENESAS_FSPSM_TLS)
-#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
+#if defined(WOLFSSL_RENESAS_FSPSM_ECC)
/* Verify Server Key Exchange while doing ECDH key exchange */
-static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig,
- uint32_t sigSz, void* ctx)
+static int fspsm_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl,
+ const uint8_t* sig,
+ uint32_t sigSz, void* ctx)
{
int ret = WOLFSSL_FAILURE;
- User_SCEPKCbInfo* cbInfo;
+ FSPSM_ST* cbInfo;
byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES];
byte *peerkey = NULL;
@@ -188,7 +231,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
if (ssl == NULL || sig == NULL || ctx == NULL)
return ret;
- cbInfo = (User_SCEPKCbInfo*)ctx;
+ cbInfo = (FSPSM_ST*)ctx;
/* export public peer public key */
ret = wc_ecc_export_public_raw(ssl->peerEccKey, qx, &qxLen, qy, &qyLen);
@@ -210,9 +253,9 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
XMEMCPY(&peerkey[4], qx, qxLen);
XMEMCPY(&peerkey[4+qxLen], qy, qyLen);
- if ((ret = wc_sce_hw_lock()) == 0) {
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
/* 0 : RSA 2048bit, 1 : Reserved, 2 : ECDSA P-256 */
- ret = R_SCE_TLS_ServerKeyExchangeVerify(
+ ret = FSPSM_TLS_SVRKEYExVfy(
type,
(uint8_t*) ssl->arrays->clientRandom,
(uint8_t*) ssl->arrays->serverRandom,
@@ -222,7 +265,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
(uint32_t*)cbInfo->encrypted_ephemeral_ecdh_public_key);
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+ WOLFSSL_MSG("failed R_fspsm_TLS_ServerKeyExchangeVerify");
cbInfo->keyflgs_tls.bits.pk_key_set = 0;
}
else {
@@ -235,13 +278,13 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
}
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
/* Callback for Rsa Verify */
-WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
+WOLFSSL_LOCAL int wc_fspsm_RsaVerifyTLS(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
uint8_t** out, const byte* key, uint32_t keySz, void* ctx)
{
int ret = WOLFSSL_FAILURE;
@@ -251,8 +294,8 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
WOLFSSL_PKMSG("SCE RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz);
- if (wc_sce_usable(ssl, 0))
- ret = SCE_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
+ if (wc_fspsm_usable(ssl, 0))
+ ret = fspsm_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
else
ret = CRYPTOCB_UNAVAILABLE;
@@ -264,7 +307,7 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
return ret;
}
/* Callback for Ecc Verify */
-WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
+WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(WOLFSSL* ssl, const uint8_t* sig,
uint32_t sigSz, const uint8_t* hash, uint32_t hashSz,
const uint8_t* key, uint32_t keySz, int* result, void* ctx)
{
@@ -283,7 +326,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
WOLFSSL_PKMSG("SCE ECC Verify: ssl->options.serverState = %d sigSz %d, hashSz %d, keySz %d\n",
ssl->options.serverState, sigSz, hashSz, keySz);
- if (!wc_sce_usable(ssl, 0)) {
+ if (!wc_fspsm_usable(ssl, 0)) {
WOLFSSL_PKMSG("Cannot handle cipher suite by SCE");
return CRYPTOCB_UNAVAILABLE;
}
@@ -322,7 +365,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
}
}
- ret = SCE_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
+ ret = fspsm_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
if (sigforSCE)
XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP);
@@ -339,8 +382,11 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
return ret;
}
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
/* Callback for ECC shared secret */
-WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
+WOLFSSL_LOCAL int fspsm_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
uint8_t* pubKeyDer, unsigned int* pubKeySz,
uint8_t* out, unsigned int* outlen, int side, void* ctx)
{
@@ -348,7 +394,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
(void) otherKey;
(void) side;
- User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
(void)ssl;
(void)cbInfo;
@@ -362,9 +408,9 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id);
if (cbInfo->keyflgs_tls.bits.pk_key_set == 1) {
- if ((ret = wc_sce_hw_lock()) == 0) {
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
/* Generate ECC PUblic key pair */
- ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate(
+ ret = FSPSM_TLS_ECCS256R1_KPG(
&cbInfo->ecc_p256_wrapped_key,
(uint8_t*)&cbInfo->ecc_ecdh_public_key/* Qx 32 bytes and Qy 32 bytes*/ );
if (ret != FSP_SUCCESS) {
@@ -372,14 +418,14 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
return ret;
}
- /* copy generated ecdh public key inot buffer */
+ /* copy generated ecdh public key into buffer */
pubKeyDer[0] = ECC_POINT_UNCOMP;
*pubKeySz = 1 + sizeof(cbInfo->ecc_ecdh_public_key);
XMEMCPY(&pubKeyDer[1], &cbInfo->ecc_ecdh_public_key,
sizeof(cbInfo->ecc_ecdh_public_key));
/* Generate Premaster Secret */
- ret = R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1(
+ ret = FSPSM_TLS_PREMASTERGEN(
(uint32_t*)&cbInfo->encrypted_ephemeral_ecdh_public_key,
&cbInfo->ecc_p256_wrapped_key,
(uint32_t*)out/* pre-master secret 64 bytes */);
@@ -398,7 +444,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
}
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
*outlen = 64;
WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen);
@@ -428,7 +474,7 @@ static uint32_t GetSceCipherSuite(
break;
default:
- sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+ sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
break;
}
WOLFSSL_MSG("<< GetSceCipherSuite");
@@ -436,7 +482,7 @@ static uint32_t GetSceCipherSuite(
}
else if (cipherSuiteFirst == ECC_BYTE)
{
- sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+ sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
/* comment out until implementation completes */
switch(cipherSuite) {
@@ -457,12 +503,12 @@ static uint32_t GetSceCipherSuite(
break;
default:
- sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+ sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
break;
}
}
else{
- sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+ sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
}
WOLFSSL_MSG("<< GetSceCipherSuite");
@@ -474,10 +520,10 @@ static uint32_t GetSceCipherSuite(
/* ssl : a pointer to WOLFSSL object */
/* session_key_generated : if session key has been generated */
/* return 1 for usable, 0 for unusable */
-WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
+WOLFSSL_LOCAL int wc_fspsm_usable(const WOLFSSL *ssl,
uint8_t session_key_generated)
{
- WOLFSSL_ENTER("sce_usable");
+ WOLFSSL_ENTER("fspsm_usable");
uint32_t sceCipher;
byte side;
const Ciphers *enc;
@@ -518,7 +564,7 @@ WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
ssl->options.cipherSuite);
side = ssl->options.side;
- if (sceCipher != (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE
+ if (sceCipher != (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE
&& side == WOLFSSL_CLIENT_END)
return 1;
else
@@ -526,44 +572,45 @@ WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
}
/* Generate Hmac by sha256*/
-WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const WOLFSSL *ssl,const uint8_t* myInner,
- uint32_t innerSz,const uint8_t* in, uint32_t sz, byte* digest)
+WOLFSSL_LOCAL int wc_fspsm_Sha256GenerateHmac(const WOLFSSL *ssl,
+ const uint8_t* myInner, uint32_t innerSz,const uint8_t* in,
+ uint32_t sz, byte* digest)
{
- WOLFSSL_ENTER("sce_Sha256HmacGenerate");
+ WOLFSSL_ENTER("fspsm_Sha256HmacGenerate");
- sce_hmac_sha_handle_t _handle;
- sce_hmac_sha_wrapped_key_t wrapped_key;
+ FSPSM_HMAC_HANDLE _handle;
+ FSPSM_HMAC_WKEY wrapped_key;
int ret;
if ((ssl == NULL) || (myInner == NULL) || (in == NULL) ||
(digest == NULL))
return BAD_FUNC_ARG;
- wrapped_key = ssl->keys.sce_client_write_MAC_secret;
+ wrapped_key = ssl->keys.fspsm_client_write_MAC_secret;
- if ((ret = wc_sce_hw_lock()) != 0) {
+ if ((ret = wc_fspsm_hw_lock()) != 0) {
WOLFSSL_MSG("hw lock failed");
return ret;
}
- ret = R_SCE_SHA256HMAC_GenerateInit(
+ ret = FSPSM_S256HMAC_GInt(
&_handle,
&wrapped_key);
if (ret == FSP_SUCCESS)
- ret = R_SCE_SHA256HMAC_GenerateUpdate(
+ ret = FSPSM_S256HMAC_GUp(
&_handle,
(uint8_t*)myInner,
innerSz);
if (ret == FSP_SUCCESS)
- ret = R_SCE_SHA256HMAC_GenerateUpdate(
+ ret = FSPSM_S256HMAC_GUp(
&_handle,
(uint8_t*)in,
sz);
if (ret == FSP_SUCCESS)
- ret = R_SCE_SHA256HMAC_GenerateFinal(
+ ret = FSPSM_S256HMAC_GFnl(
&_handle,
digest);
@@ -571,29 +618,29 @@ WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const WOLFSSL *ssl,const uint8_t* my
ret = WOLFSSL_FAILURE;
/* unlock hw */
- wc_sce_hw_unlock();
- WOLFSSL_LEAVE("sce_Sha256HmacGenerate", ret);
+ wc_fspsm_hw_unlock();
+ WOLFSSL_LEAVE("fspsm_Sha256HmacGenerate", ret);
return ret;
}
/* Verify hmac */
-WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const WOLFSSL *ssl,
+WOLFSSL_LOCAL int wc_fspsm_Sha256VerifyHmac(const WOLFSSL *ssl,
const uint8_t* message, uint32_t messageSz,
uint32_t macSz, uint32_t content)
{
- WOLFSSL_ENTER("sce_Sha256HmacVerify");
+ WOLFSSL_ENTER("fspsm_Sha256HmacVerify");
- sce_hmac_sha_handle_t _handle;
- sce_hmac_sha_wrapped_key_t wrapped_key;
+ FSPSM_HMAC_HANDLE _handle;
+ FSPSM_HMAC_WKEY wrapped_key;
byte myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
int ret;
if ((ssl == NULL) || (message == NULL))
return BAD_FUNC_ARG;
- wrapped_key = ssl->keys.sce_server_write_MAC_secret;
+ wrapped_key = ssl->keys.fspsm_server_write_MAC_secret;
- if ((ret = wc_sce_hw_lock()) != 0) {
+ if ((ret = wc_fspsm_hw_lock()) != 0) {
WOLFSSL_MSG("hw lock failed");
return ret;
}
@@ -601,44 +648,45 @@ WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const WOLFSSL *ssl,
wolfSSL_SetTlsHmacInner((WOLFSSL*)ssl, myInner,
(word32)messageSz, (int)content, 1);
- ret = R_SCE_SHA256HMAC_VerifyInit(
+ ret = FSPSM_S256HMAC_VInt(
&_handle,
&wrapped_key);
if (ret == FSP_SUCCESS)
- ret = R_SCE_SHA256HMAC_VerifyUpdate(
+ ret = FSPSM_S256HMAC_VUp(
&_handle,
(uint8_t*)myInner,
WOLFSSL_TLS_HMAC_INNER_SZ);
if (ret == FSP_SUCCESS)
- ret = R_SCE_SHA256HMAC_VerifyUpdate(
+ ret = FSPSM_S256HMAC_VUp(
&_handle,
(uint8_t*)message,
(uint32_t)messageSz);
if (ret == FSP_SUCCESS)
- ret = R_SCE_SHA256HMAC_VerifyFinal(
+ ret = FSPSM_S256HMAC_VFnl(
&_handle,
(uint8_t*)(message+messageSz),
(uint32_t)macSz);
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("SCE Mac verification failed");
+ WOLFSSL_MSG("FSP SM Mac verification failed");
}
/* unlock hw */
- wc_sce_hw_unlock();
- WOLFSSL_LEAVE("sce_Sha256HmacVerify", ret);
+ wc_fspsm_hw_unlock();
+ WOLFSSL_LEAVE("fspsm_Sha256HmacVerify", ret);
return ret;
}
/* generate Verify Data based on master secret */
-WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret */
- const uint8_t *side, const uint8_t *handshake_hash,
- uint8_t *hashes /* out */)
+WOLFSSL_LOCAL int wc_fspsm_generateVerifyData(
+ const uint8_t *ms, /* master secret */
+ const uint8_t *side, const uint8_t *handshake_hash,
+ uint8_t *hashes /* out */)
{
- WOLFSSL_ENTER("sce_generateVerifyData");
+ WOLFSSL_ENTER("fspsm_generateVerifyData");
int ret ;
uint32_t l_side = SCE_TLS_GENERATE_CLIENT_VERIFY;
@@ -652,31 +700,33 @@ WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret
l_side = SCE_TLS_GENERATE_SERVER_VERIFY;
}
- if ((ret = wc_sce_hw_lock()) == 0) {
- ret = R_SCE_TLS_VerifyDataGenerate(l_side, (uint32_t*)ms,
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ ret = FSPSM_VERIFY_DATA_FUNC(l_side, (uint32_t*)ms,
(uint8_t*)handshake_hash, hashes/* out */);
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_TLS_VerifyDataGenerate failed");
+ WOLFSSL_MSG("R_fspsm_TLS_VerifyDataGenerate failed");
}
}
/* unlock hw */
- wc_sce_hw_unlock();
- WOLFSSL_LEAVE("sce_generateVerifyData", ret);
+ wc_fspsm_hw_unlock();
+ WOLFSSL_LEAVE("fspsm_generateVerifyData", ret);
return ret;
}
/* generate keys for TLS communication */
-WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
- User_SCEPKCbInfo* cbInfo, int devId)
+WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
+ FSPSM_ST* cbInfo, int devId)
{
- WOLFSSL_MSG("sce_generateSessionKey()");
+ WOLFSSL_MSG("fspsm_generateSessionKey()");
int ret;
Ciphers *enc;
Ciphers *dec;
- sce_hmac_sha_wrapped_key_t key_client_mac;
- sce_hmac_sha_wrapped_key_t key_server_mac;
- sce_aes_wrapped_key_t key_client_aes;
- sce_aes_wrapped_key_t key_server_aes;
+ FSPSM_HMAC_WKEY key_client_mac;
+ FSPSM_HMAC_WKEY key_server_mac;
+
+ FSPSM_AES_PWKEY key_client_aes = NULL;
+ FSPSM_AES_PWKEY key_server_aes = NULL;
+
uint32_t sceCS = GetSceCipherSuite(ssl->options.cipherSuite0,
ssl->options.cipherSuite);
@@ -684,7 +734,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
return BAD_FUNC_ARG;
- if ((ret = wc_sce_hw_lock()) == 0) {
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
if (sceCS == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ||
sceCS == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
{
@@ -695,23 +745,31 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
}
else {
- ret = R_SCE_TLS_SessionKeyGenerate(
+ key_client_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ if (key_client_aes == NULL || key_server_aes == NULL) {
+ return MEMORY_E;
+ }
+
+ ret = FSPSM_SESSIONKEY_GEN_FUNC(
GetSceCipherSuite(
ssl->options.cipherSuite0,
ssl->options.cipherSuite),
- (uint32_t*)ssl->arrays->sce_masterSecret,
+ (uint32_t*)ssl->arrays->fspsm_masterSecret,
(uint8_t*) ssl->arrays->clientRandom,
(uint8_t*) ssl->arrays->serverRandom,
NULL,
&key_client_mac,
&key_server_mac,
- &key_client_aes,
- &key_server_aes,
+ key_client_aes,
+ key_server_aes,
NULL, NULL);
}
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
+ WOLFSSL_MSG("R_fspsm_TLS_SessionKeyGenerate failed");
}
else {
/* succeeded creating session keys */
@@ -726,8 +784,12 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
if (enc->aes == NULL)
return MEMORY_E;
}
-
XMEMSET(enc->aes, 0, sizeof(Aes));
+ enc->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
+ (sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ if (enc->aes->ctx.wrapped_key == NULL)
+ return MEMORY_E;
}
if (dec) {
if (dec->aes == NULL) {
@@ -739,26 +801,31 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
}
return MEMORY_E;
}
- }
-
- XMEMSET(dec->aes, 0, sizeof(Aes));
+ XMEMSET(dec->aes, 0, sizeof(Aes));
+
+ dec->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
+ (sizeof(FSPSM_AES_WKEY),
+ aes->heap, DYNAMIC_TYPE_AE);
+ if (dec->aes->ctx.wrapped_key == NULL)
+ return MEMORY_E;
+ }
}
/* copy key index into aes */
if (ssl->options.side == PROVISION_CLIENT) {
- XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_client_aes,
- sizeof(key_client_aes));
- XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_server_aes,
- sizeof(key_server_aes));
+ XMEMCPY(enc->aes->ctx.wrapped_key, key_client_aes,
+ sizeof(FSPSM_AES_WKEY));
+ XMEMCPY(dec->aes->ctx.wrapped_key, key_server_aes,
+ sizeof(FSPSM_AES_WKEY));
}
else {
- XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_server_aes,
- sizeof(key_server_aes));
- XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_client_aes,
- sizeof(key_client_aes));
+ XMEMCPY(enc->aes->ctx.wrapped_key, key_server_aes,
+ sizeof(FSPSM_AES_WKEY));
+ XMEMCPY(dec->aes->ctx.wrapped_key, key_client_aes,
+ sizeof(FSPSM_AES_WKEY));
}
/* copy mac key index into keys */
- ssl->keys.sce_client_write_MAC_secret = key_client_mac;
- ssl->keys.sce_server_write_MAC_secret = key_server_mac;
+ ssl->keys.fspsm_client_write_MAC_secret = key_client_mac;
+ ssl->keys.fspsm_server_write_MAC_secret = key_server_mac;
/* set up key size and marked ready */
if (enc) {
@@ -775,8 +842,8 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
dec->setup = 1;
}
- if (cbInfo->sce_cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
- cbInfo->sce_cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
+ if (cbInfo->cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
+ cbInfo->cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
enc->aes->nonceSz = AEAD_MAX_IMP_SZ;
dec->aes->nonceSz = AEAD_MAX_IMP_SZ;
}
@@ -786,19 +853,26 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
/* marked as session key is set */
cbInfo->keyflgs_tls.bits.session_key_set = 1;
}
+
+ if (key_client_aes)
+ XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
+ if (key_server_aes)
+ XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
+
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
+
}
else {
WOLFSSL_LEAVE("hw lock failed", ret);
}
- WOLFSSL_LEAVE("sce_generateSessionKey", ret);
+ WOLFSSL_LEAVE("fspsm_generateSessionKey", ret);
return ret;
}
/* generate master secret based on pre-master which is generated by SCE */
-WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
+WOLFSSL_LOCAL int wc_fspsm_generateMasterSecret(
uint8_t cipherSuiteFirst,
uint8_t cipherSuite,
const uint8_t *pr, /* pre-master */
@@ -806,7 +880,7 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
const uint8_t *sr, /* server random */
uint8_t *ms)
{
- WOLFSSL_ENTER("sce_generateMasterSecretEx");
+ WOLFSSL_ENTER("fspsm_generateMasterSecretEx");
int ret;
if ((pr == NULL) || (cr == NULL) || (sr == NULL) ||
@@ -817,49 +891,49 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
if (sceCS == 0xffffffff)
return BAD_FUNC_ARG;
- if ((ret = wc_sce_hw_lock()) == 0) {
- ret = R_SCE_TLS_MasterSecretGenerate(
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ ret = FSPSM_MASTERSECRET_GEN_FUNC(
sceCS,
(uint32_t*)pr,
(uint8_t*)cr, (uint8_t*)sr, (uint32_t*)ms);
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_TLS_MasterSecretGenerate failed");
+ WOLFSSL_MSG("R_fspsm_TLS_MasterSecretGenerate failed");
}
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
}
else {
WOLFSSL_MSG(" hw lock failed ");
}
- WOLFSSL_LEAVE("sce_generateMasterSecret", ret);
+ WOLFSSL_LEAVE("fspsm_generateMasterSecret", ret);
return ret;
}
/* generate pre-Master secrete by SCE */
-WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
+WOLFSSL_LOCAL int wc_fspsm_generatePremasterSecret(uint8_t *premaster,
uint32_t preSz)
{
- WOLFSSL_ENTER("sce_generatePremasterSecret");
+ WOLFSSL_ENTER("fspsm_generatePremasterSecret");
int ret;
if (premaster == NULL)
return BAD_FUNC_ARG;
- if ((ret = wc_sce_hw_lock()) == 0 && preSz >=
+ if ((ret = wc_fspsm_hw_lock()) == 0 && preSz >=
(SCE_TLS_MASTER_SECRET_WORD_SIZE*4)) {
/* generate pre-master, 80 bytes */
- ret = R_SCE_TLS_PreMasterSecretGenerateForRSA2048((uint32_t*)premaster);
+ ret = FSPSM_PREGEN_FUNC((uint32_t*)premaster);
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG(" R_SCE_TLS_GeneratePreMasterSecret failed");
+ WOLFSSL_MSG(" R_fspsm_TLS_GeneratePreMasterSecret failed");
}
/* unlock hw */
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
}
else {
WOLFSSL_MSG(" hw lock failed or preSz is smaller than 80");
}
- WOLFSSL_LEAVE("sce_generatePremasterSecret", ret);
+ WOLFSSL_LEAVE("fspsm_generatePremasterSecret", ret);
return ret;
}
@@ -867,20 +941,20 @@ WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
/*
* generate encrypted pre-Master secrete by SCE
*/
-WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
+WOLFSSL_LOCAL int wc_fspsm_generateEncryptPreMasterSecret(
WOLFSSL* ssl,
uint8_t* out,
uint32_t* outSz)
{
- WOLFSSL_MSG("sce_generateEncryptPreMasterSecret");
+ WOLFSSL_MSG("fspsm_generateEncryptPreMasterSecret");
int ret;
if ((ssl == NULL) || (out == NULL) || (outSz == NULL))
return BAD_FUNC_ARG;
- if ((ret = wc_sce_hw_lock()) == 0) {
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
if (*outSz >= 256)
- ret = R_SCE_TLS_PreMasterSecretEncryptWithRSA2048(
+ ret = FSPSM_PREGENENC_FUNC(
(uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
(uint32_t*)ssl->arrays->preMasterSecret,
(uint8_t*)out);
@@ -888,7 +962,7 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
ret = -1;
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 failed");
+ WOLFSSL_MSG("R_fspsm_TLS_PreMasterSecretEncryptWithRSA2048 failed");
}
else {
*outSz = 256; /* SCE can only handles 2048 RSA */
@@ -898,26 +972,26 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
Renesas_cmn_genMasterSecret);
wolfSSL_SetGenMasterSecretCtx(ssl, ctx);
}
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
}
else {
WOLFSSL_MSG(" hw lock failed ");
}
- WOLFSSL_LEAVE("sce_generateEncryptPreMasterSecret", ret);
+ WOLFSSL_LEAVE("fspsm_generateEncryptPreMasterSecret", ret);
return ret;
}
/* Certificate verification by SCE */
-WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
+WOLFSSL_LOCAL int wc_fspsm_tls_CertVerify(
const uint8_t* cert, uint32_t certSz,
const uint8_t* signature, uint32_t sigSz,
uint32_t key_n_start,uint32_t key_n_len,
uint32_t key_e_start,uint32_t key_e_len,
- uint8_t* sce_encPublickey)
+ uint8_t* fspsm_encPublickey)
{
- WOLFSSL_ENTER("sce_tls_CertVerify");
+ WOLFSSL_ENTER("fspsm_tls_CertVerify");
int ret;
uint8_t *sigforSCE;
uint8_t *pSig;
@@ -935,8 +1009,8 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
WOLFSSL_MSG(" signature for ca verification is not set");
return -1;
}
- if (!sce_encPublickey) {
- WOLFSSL_MSG(" sce_encPublickey is NULL.");
+ if (!fspsm_encPublickey) {
+ WOLFSSL_MSG(" fspsm_encPublickey is NULL.");
return -1;
}
@@ -980,36 +1054,36 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
}
- if ((ret = wc_sce_hw_lock()) == 0) {
- ret = R_SCE_TLS_CertificateVerify(
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ ret = FSPSM_TLSCERT_VRY(
g_user_key_info.encrypted_user_tls_key_type,
(uint32_t*)g_encrypted_publicCA_key,/* encrypted public key */
- (uint8_t*)cert, /* certificate der */
- certSz, /* length of der */
+ (uint8_t*)cert, /* certificate der */
+ certSz, /* length of der */
(uint8_t*)pSig, /* sign data by RSA PSS */
key_n_start, /* start position of public key n in bytes */
(key_n_start + key_n_len), /* length of the public key n */
key_e_start, /* start pos, key e in bytes */
(key_e_start + key_e_len), /* length of the public key e */
- (uint32_t*)sce_encPublickey /* returned encrypted key */
+ (uint32_t*)fspsm_encPublickey /* returned encrypted key */
);
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG(" R_TSIP_TlsCertificateVerification() failed");
+ WOLFSSL_MSG(" R_XXX_TlsCertificateVerification() failed");
}
if (sigforSCE) {
XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP);
}
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
}
else {
WOLFSSL_MSG(" hw lock failed ");
}
- WOLFSSL_LEAVE("sce_tls_CertVerify", ret);
+ WOLFSSL_LEAVE("fspsm_tls_CertVerify", ret);
return ret;
}
/* Root Certificate verification */
-WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
+WOLFSSL_LOCAL int wc_fspsm_tls_RootCertVerify(
const uint8_t* cert, uint32_t cert_len,
uint32_t key_n_start, uint32_t key_n_len,
uint32_t key_e_start, uint32_t key_e_len,
@@ -1019,7 +1093,7 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
/* call to generate encrypted public key for certificate verification */
uint8_t *signature = (uint8_t*)ca_cert_sig;
- WOLFSSL_ENTER("wc_sce_tls_RootCertVerify");
+ WOLFSSL_ENTER("wc_fspsm_tls_RootCertVerify");
if (cert == NULL)
return BAD_FUNC_ARG;
@@ -1029,8 +1103,8 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
return -1;
}
- if ((ret = wc_sce_hw_lock()) == 0) {
- ret = R_SCE_TLS_RootCertificateVerify(
+ if ((ret = wc_fspsm_hw_lock()) == 0) {
+ ret = FSPSM_TLSROOTCERT_VRY(
g_user_key_info.encrypted_user_tls_key_type,
(uint8_t*)cert, /* CA cert */
(uint32_t)cert_len, /* length of CA cert */
@@ -1042,55 +1116,63 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
g_encrypted_publicCA_key); /* RSA-2048 public key 560 bytes */
/* ECDSA 96 bytes */
if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG(" R_SCE_TLS_RootCertificateVerify() failed");
+ WOLFSSL_MSG(" R_fspsm_TLS_RootCertificateVerify() failed");
}
else {
g_CAscm_Idx = cm_row;
}
- wc_sce_hw_unlock();
+ wc_fspsm_hw_unlock();
}
else {
WOLFSSL_MSG(" hw lock failed ");
}
- WOLFSSL_LEAVE("wc_sce_tls_RootCertVerify", ret);
+ WOLFSSL_LEAVE("wc_fspsm_tls_RootCertVerify", ret);
return ret;
}
/* store elements for session key generation into ssl->keys.
* return 0 on success, negative value on failure
*/
-WOLFSSL_LOCAL int wc_sce_storeKeyCtx(WOLFSSL* ssl, User_SCEPKCbInfo* info)
+WOLFSSL_LOCAL int wc_fspsm_storeKeyCtx(WOLFSSL* ssl, FSPSM_ST* info)
{
int ret = 0;
- WOLFSSL_ENTER("sce_storeKeyCtx");
+ WOLFSSL_ENTER("fspsm_storeKeyCtx");
if (ssl == NULL || info == NULL)
ret = BAD_FUNC_ARG;
if (ret == 0) {
- XMEMCPY(info->sce_masterSecret, ssl->arrays->sce_masterSecret,
- SCE_TLS_MASTERSECRET_SIZE);
- XMEMCPY(info->sce_clientRandom, ssl->arrays->clientRandom, 32);
- XMEMCPY(info->sce_serverRandom, ssl->arrays->serverRandom, 32);
+ XMEMCPY(info->masterSecret, ssl->arrays->fspsm_masterSecret,
+ FSPSM_TLS_MASTERSECRET_SIZE);
+ XMEMCPY(info->clientRandom, ssl->arrays->clientRandom, 32);
+ XMEMCPY(info->serverRandom, ssl->arrays->serverRandom, 32);
- info->sce_cipher = (uint8_t)GetSceCipherSuite(ssl->options.cipherSuite0,
+ info->cipher = (uint8_t)GetSceCipherSuite(ssl->options.cipherSuite0,
ssl->options.cipherSuite);
}
- WOLFSSL_LEAVE("sce_storeKeyCtx", ret);
+ WOLFSSL_LEAVE("fspsm_storeKeyCtx", ret);
return ret;
}
/* to inform ca certificate sign */
/* signature format expects RSA 2048 PSS with SHA256 */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign)
+#else
+WOLFSSL_API void wc_fspsm_inform_cert_sign(const uint8_t *sign)
+#endif
{
if (sign)
ca_cert_sig = sign;
}
/* let wolfSSL know user key information using TLS operation by SCE */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
WOLFSSL_API void wc_sce_inform_user_keys(
+#else
+WOLFSSL_API void wc_fspsm_inform_user_keys(
+#endif
uint8_t* encrypted_provisioning_key,
uint8_t* iv,
uint8_t* encrypted_user_tls_key,
@@ -1119,7 +1201,11 @@ WOLFSSL_API void wc_sce_inform_user_keys(
/* Set callbacks needed for sce TLS api handling */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
+#else
+WOLFSSL_API void wc_fspsm_set_callbacks(WOLFSSL_CTX* ctx)
+#endif
{
wolfSSL_CTX_SetEccVerifyCb(ctx, Renesas_cmn_EccVerify);
wolfSSL_CTX_SetRsaVerifyCb(ctx, Renesas_cmn_RsaVerify);
@@ -1131,15 +1217,20 @@ WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL);
}
/* Set callback contexts needed for sce TLS api handling */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
+#else
+WOLFSSL_API int wc_fspsm_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
+#endif
{
- if (sce_sess_idx > MAX_SCE_CBINDEX) {
+ if (fspsm_sess_idx > MAX_FSPSM_CBINDEX) {
WOLFSSL_MSG("exceeds maximum session index");
return -1;
}
- gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx;
- gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
- gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.session_key_set = 0;
+ gPKCbInfo.user_PKCbInfo[fspsm_sess_idx] = (FSPSM_ST*)user_ctx;
+ gPKCbInfo.user_PKCbInfo[fspsm_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
+ gPKCbInfo.user_PKCbInfo[fspsm_sess_idx]->keyflgs_tls.bits.session_key_set
+ = 0;
wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
wolfSSL_SetRsaEncCtx(ssl, user_ctx);
@@ -1151,10 +1242,11 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
/* set up crypt callback */
wc_CryptoCb_CryptInitRenesasCmn(ssl, user_ctx);
- gSCE_PKCbInfo.num_session = ++sce_sess_idx;
+ gPKCbInfo.num_session = ++fspsm_sess_idx;
return 0;
}
-#endif /* !WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /* !WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS || WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_FSPSM) && WOLFSSL_RENESAS_FSPSM_TLS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c
deleted file mode 100644
index adad4d5d..00000000
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c
+++ /dev/null
@@ -1,589 +0,0 @@
-/* renesas_sce_aes.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifdef HAVE_CONFIG_H
- #include <config.h>
-#endif
-#include <wolfssl/wolfcrypt/settings.h>
-
-#ifndef NO_AES
-
-#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
- !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_AES)
-
-#include <wolfssl/wolfcrypt/wc_port.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/internal.h>
-#include <wolfssl/wolfcrypt/aes.h>
-#include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
-
-#ifdef NO_INLINE
- #include <wolfssl/wolfcrypt/misc.h>
-#else
- #define WOLFSSL_MISC_INCLUDED
- #include <wolfcrypt/src/misc.c>
-#endif
-
-struct Aes;
-
-#define SCE_AES_GCM_AUTH_TAG_SIZE 16
-
-typedef fsp_err_t (*aesGcmEncInitFn)
- (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmEncUpdateFn)
- (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmEncFinalFn)
- (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*);
-
-typedef fsp_err_t (*aesGcmDecInitFn)
- (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmDecUpdateFn)
- (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmDecFinalFn)
- (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
-
-/* Perform Aes Gcm encryption by SCE
- *
- * aes The AES object.
- * out Buffer to hold cipher text
- * in Buffer to hold plaintext
- * sz Length of cipher text/plaintext in bytes
- * iv Buffer holding IV/nonce
- * ivSz Length of IV/nonce in bytes
- * authTag Buffer to hold authentication data
- * authTagSz Length of authentication data in bytes
- * ctx The callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
- const byte* in, word32 sz,
- byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz,
- void* ctx)
-{
- int ret;
- sce_gcm_handle_t _handle;
- uint32_t dataLen = sz;
- User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
-
- aesGcmEncInitFn initFn;
- aesGcmEncUpdateFn updateFn;
- aesGcmEncFinalFn finalFn;
-
- uint8_t* plainBuf = NULL;
- uint8_t* cipherBuf = NULL;
- uint8_t* aTagBuf = NULL;
- uint8_t delta;
- const uint8_t* iv_l = NULL;
- uint32_t ivSz_l = 0;
-
- sce_hmac_sha_wrapped_key_t key_client_mac;
- sce_hmac_sha_wrapped_key_t key_server_mac;
- sce_aes_wrapped_key_t key_client_aes;
- sce_aes_wrapped_key_t key_server_aes;
-
- /* sanity check */
- if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
- return BAD_FUNC_ARG;
- }
-
- if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
- WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
- return BAD_FUNC_ARG;
- }
-
- if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
- WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
- return BAD_FUNC_ARG;
- }
-
- if (aes->ctx.keySize == 16) {
- initFn = R_SCE_AES128GCM_EncryptInit;
- updateFn = R_SCE_AES128GCM_EncryptUpdate;
- finalFn = R_SCE_AES128GCM_EncryptFinal;
- }
- else {
- initFn = R_SCE_AES256GCM_EncryptInit;
- updateFn = R_SCE_AES256GCM_EncryptUpdate;
- finalFn = R_SCE_AES256GCM_EncryptFinal;
- }
-
-
- /* check if AES GCM can be used by SCE */
- if ((ret = wc_sce_hw_lock()) == 0) {
-
- /* allocate buffers for plaintext, ciphertext and authTag to make sure
- * those buffers 32bit aligned as SCE requests.
- */
- delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
- AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE);
- plainBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
- cipherBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
- aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
- DYNAMIC_TYPE_AES);
-
- if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
- WOLFSSL_MSG("wc_sce_AesGcmEncrypt: buffer allocation failed");
- ret = -1;
- }
-
- if (ret == 0) {
- XMEMCPY(plainBuf, in, sz);
- XMEMSET((void*)cipherBuf, 0, sz + delta);
- XMEMSET((void*)authTag, 0, authTagSz);
- }
-
- #if defined(WOLFSSL_RENESAS_SCEPROTECT)
- if (ret == 0 &&
- info->keyflgs_tls.bits.session_key_set == 1) {
- /* generate AES-GCM session key. The key stored in
- * Aes.ctx.tsip_keyIdx is not used here.
- */
- ret = R_SCE_TLS_SessionKeyGenerate(
- info->sce_cipher,
- (uint32_t*)info->sce_masterSecret,
- (uint8_t*) info->sce_clientRandom,
- (uint8_t*) info->sce_serverRandom,
- &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
- &key_client_mac,
- &key_server_mac,
- &key_client_aes,
- &key_server_aes,
- NULL, NULL);
- if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
- ret = -1;
- }
-
- }
- else {
- #else
- if (ret == 0) {
- #endif
- if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
- if (aes->ctx.keySize == 32) {
- XMEMCPY(&key_client_aes,
- (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
- sizeof(sce_aes_wrapped_key_t));
- }
- else {
- XMEMCPY(&key_client_aes,
- (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
- sizeof(sce_aes_wrapped_key_t));
- }
- iv_l = iv;
- ivSz_l = ivSz;
- }
- else {
- WOLFSSL_MSG("AES key for SCE is not set.");
- ret = -1;
- }
- }
-
- if (ret == 0) {
-
- /* since generated session key is coupled to iv, no need to pass
- * them init func.
- */
- ret = initFn(&_handle, &key_client_aes, (uint8_t*)iv_l, ivSz_l);
-
- if (ret == FSP_SUCCESS) {
- ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
- authInSz);
- }
- if (ret == FSP_SUCCESS) {
- ret = updateFn(&_handle, plainBuf, cipherBuf, sz, NULL, 0UL);
- }
- if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_AesXXXGcmEncryptUpdate2: failed");
- ret = -1;
- }
-
- if (ret == FSP_SUCCESS) {
- /* Once R_SCE_AesxxxGcmEncryptInit or R_SCE_AesxxxEncryptUpdate is
- * called, R_SCE_AesxxxGcmEncryptFinal must be called regardless of
- * the result of the previous call. Otherwise, SCE can not come out
- * from its error state and all the trailing APIs will fail.
- */
- dataLen = 0;
- ret = finalFn(&_handle,
- cipherBuf + (sz + delta - AES_BLOCK_SIZE),
- &dataLen,
- aTagBuf);
-
- if (ret == FSP_SUCCESS) {
- /* copy encrypted data to out */
- if (sz != dataLen) {
- WOLFSSL_MSG("sz is not equal to dataLen!!!!");
- ret = -1;
- } else {
- XMEMCPY(out, cipherBuf, dataLen);
- /* copy auth tag to caller's buffer */
- XMEMCPY((void*)authTag, (void*)aTagBuf,
- min(authTagSz, SCE_AES_GCM_AUTH_TAG_SIZE ));
- }
- }
- else {
- WOLFSSL_MSG("R_SCE_AesxxxGcmEncryptFinal: failed");
- ret = -1;
- }
- }
- }
-
- XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
- XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
- XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
-
- wc_sce_hw_unlock();
-
- }
-
- return ret;
-}
-/* Perform Aes Gcm decryption by SCE
- *
- * aes The AES object.
- * out Buffer to hold plaintext
- * in Buffer to hold cipher text
- * sz Length of cipher text/plaintext in bytes
- * iv Buffer holding IV/nonce
- * ivSz Length of IV/nonce in bytes
- * authTag Buffer to hold authentication data
- * authTagSz Length of authentication data in bytes
- * ctx The Callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
- const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- const byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz,
- void* ctx)
-{
- int ret;
- sce_gcm_handle_t _handle;
- uint32_t dataLen = sz;
- User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
-
- aesGcmDecInitFn initFn;
- aesGcmDecUpdateFn updateFn;
- aesGcmDecFinalFn finalFn;
-
- uint8_t* cipherBuf = NULL;
- uint8_t* plainBuf = NULL;
- uint8_t* aTagBuf = NULL;
- uint8_t delta;
- const uint8_t* iv_l = NULL;
- uint32_t ivSz_l = 0;
-
- sce_hmac_sha_wrapped_key_t key_client_mac;
- sce_hmac_sha_wrapped_key_t key_server_mac;
- sce_aes_wrapped_key_t key_client_aes;
- sce_aes_wrapped_key_t key_server_aes;
-
- /* sanity check */
- if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
- return BAD_FUNC_ARG;
- }
-
- if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
- WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
- return BAD_FUNC_ARG;
- }
-
- if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
- WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
- return BAD_FUNC_ARG;
- }
-
- if (aes->ctx.keySize == 16) {
- initFn = R_SCE_AES128GCM_DecryptInit;
- updateFn = R_SCE_AES128GCM_DecryptUpdate;
- finalFn = R_SCE_AES128GCM_DecryptFinal;
- }
- else {
- initFn = R_SCE_AES256GCM_DecryptInit;
- updateFn = R_SCE_AES256GCM_DecryptUpdate;
- finalFn = R_SCE_AES256GCM_DecryptFinal;
- }
-
-
- if ((ret = wc_sce_hw_lock()) == 0) {
- /* allocate buffers for plain-text, cipher-text, authTag and AAD.
- * TSIP requests those buffers 32bit aligned.
- */
- delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
- AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE);
- cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
- plainBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
- aTagBuf = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
- DYNAMIC_TYPE_AES);
-
- if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
- ret = -1;
- }
-
- if (ret == 0) {
- XMEMSET((void*)plainBuf, 0, sz);
- XMEMCPY(cipherBuf, in, sz);
- XMEMCPY(aTagBuf, authTag, authTagSz);
- }
- #if defined(WOLFSSL_RENESAS_SCEPROTECT)
- if (ret == 0 &&
- info->keyflgs_tls.bits.session_key_set == 1) {
- /* generate AES-GCM session key. The key stored in
- * Aes.ctx.tsip_keyIdx is not used here.
- */
- ret = R_SCE_TLS_SessionKeyGenerate(
- info->sce_cipher,
- (uint32_t*)info->sce_masterSecret,
- (uint8_t*) info->sce_clientRandom,
- (uint8_t*) info->sce_serverRandom,
- (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
- &key_client_mac,
- &key_server_mac,
- &key_client_aes,
- &key_server_aes,
- NULL, NULL);
- if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
- ret = -1;
- }
- }
- else {
- #else
- if (ret == 0) {
- #endif
- if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
- if (aes->ctx.keySize == 32) {
- XMEMCPY(&key_server_aes,
- (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
- sizeof(sce_aes_wrapped_key_t));
- }
- else {
- XMEMCPY(&key_server_aes,
- (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
- sizeof(sce_aes_wrapped_key_t));
- }
- iv_l = iv;
- ivSz_l = ivSz;
- }
- else {
- WOLFSSL_MSG("AES key for SCE is not set.");
- ret = -1;
- }
- }
-
- if (ret == 0) {
- /* since key_index has iv and ivSz in it, no need to pass them init
- * func. Pass NULL and 0 as 3rd and 4th parameter respectively.
- */
- ret = initFn(&_handle, &key_server_aes, (uint8_t*)iv_l, ivSz_l);
-
-
- if (ret == FSP_SUCCESS) {
- /* pass only AAD and it's size before passing cipher text */
- ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
- authInSz);
- }
- if (ret == FSP_SUCCESS) {
- ret = updateFn(&_handle, cipherBuf, plainBuf, sz, NULL, 0UL);
- }
- if (ret != FSP_SUCCESS) {
- WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptUpdate: failed in decrypt");
- ret = -1;
- }
-
- if (ret == FSP_SUCCESS) {
- dataLen = 0;
- ret = finalFn(&_handle,
- plainBuf + (sz + delta - AES_BLOCK_SIZE),
- &dataLen,
- aTagBuf,
- min(16, authTagSz));
-
- if (ret == FSP_SUCCESS) {
- /* copy plain data to out */
- if (sz != dataLen) {
- WOLFSSL_MSG("sz is not equal to dataLen!!!!");
- ret = -1;
- }
- else {
- XMEMCPY(out, plainBuf, dataLen);
- }
- }
- else {
- WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptFinal: failed");
- ret = -1;
- }
- }
- }
-
- XFREE(aTagBuf, aes->heap, DYNAMIC_TYPE_AES);
- XFREE(plainBuf, aes->heap, DYNAMIC_TYPE_AES);
- XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
-
- wc_sce_hw_unlock();
- }
-
- return ret;
-}
-/* Perform Aes Cbc encryption by SCE
- *
- * aes The AES object.
- * out Buffer to hold cipher text
- * in Buffer to hold plain text
- * sz Length of cipher text/plaintext in bytes
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
- const byte* in, word32 sz)
-{
- sce_aes_handle_t _handle;
- word32 ret;
- word32 blocks = (sz / AES_BLOCK_SIZE);
- uint32_t dataLength;
- byte *iv;
-
- if ((in == NULL) || (out == NULL) || (aes == NULL))
- return BAD_FUNC_ARG;
-
- /* while doing TLS handshake, SCE driver keeps true-key and iv *
- * on the device. iv is dummy */
- iv = (uint8_t*)aes->reg;
-
- if ((ret = wc_sce_hw_lock()) != 0) {
- WOLFSSL_MSG("Failed to lock");
- return ret;
- }
-
- if (aes->ctx.keySize == 16) {
- ret = R_SCE_AES128CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
- }
- else if (aes->ctx.keySize == 32) {
- ret = R_SCE_AES256CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
- }
- else {
- WOLFSSL_MSG("invalid key Size for SCE. Key size is neither 16 or 32.");
- wc_sce_hw_unlock();
- return -1;
- }
-
- while (ret == FSP_SUCCESS && blocks--) {
-
- if (aes->ctx.keySize == 16)
- ret = R_SCE_AES128CBC_EncryptUpdate(&_handle, (uint8_t*)in,
- (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
- else
- ret = R_SCE_AES256CBC_EncryptUpdate(&_handle, (uint8_t*)in,
- (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
-
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
-
- if (ret == FSP_SUCCESS) {
- if (aes->ctx.keySize == 16) {
- ret = R_SCE_AES128CBC_EncryptFinal(&_handle, out, &dataLength);
- }
- else {
- ret = R_SCE_AES256CBC_EncryptFinal(&_handle, out, &dataLength);
- }
- }
- else {
- WOLFSSL_MSG("SCE AES CBC encryption failed");
- ret = -1;
- }
-
- wc_sce_hw_unlock();
- return ret;
-}
-/* Perform Aes Cbc decryption by SCE
- *
- * aes The AES object.
- * out Buffer to hold plain text
- * in Buffer to hold cipher text
- * sz Length of cipher text/plaintext in bytes
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
-{
- sce_aes_handle_t _handle;
- word32 ret;
- word32 blocks = (sz / AES_BLOCK_SIZE);
- uint32_t dataLength;
- byte *iv;
-
- if ((in == NULL) || (out == NULL) || (aes == NULL))
- return BAD_FUNC_ARG;
-
- iv = (uint8_t*)aes->reg;
-
- if ((ret = wc_sce_hw_lock()) != 0) {
- WOLFSSL_MSG("Failed to lock");
- return ret;
- }
-
- if (aes->ctx.keySize == 16) {
- ret = R_SCE_AES128CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
- }
- else if (aes->ctx.keySize == 32) {
- ret = R_SCE_AES256CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
- }
- else {
- wc_sce_hw_unlock();
- return -1;
- }
-
- while (ret == FSP_SUCCESS && blocks--) {
-
- if (aes->ctx.keySize == 16)
- ret = R_SCE_AES128CBC_DecryptUpdate(&_handle, (uint8_t*)in,
- (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
- else
- ret = R_SCE_AES256CBC_DecryptUpdate(&_handle, (uint8_t*)in,
- (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
-
- in += AES_BLOCK_SIZE;
- out += AES_BLOCK_SIZE;
- }
-
- if (ret == FSP_SUCCESS) {
- if (aes->ctx.keySize == 16)
- ret = R_SCE_AES128CBC_DecryptFinal(&_handle, out, &dataLength);
- else
- ret = R_SCE_AES256CBC_DecryptFinal(&_handle, out, &dataLength);
- }
- else {
- WOLFSSL_MSG("SCE AES CBC decryption failed");
- ret = -1;
- }
-
- wc_sce_hw_unlock();
- return ret;
-}
-
-#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */
-#endif /* NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c
deleted file mode 100644
index e866556a..00000000
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c
+++ /dev/null
@@ -1,437 +0,0 @@
-/* renesas_sce_rsa.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#if !defined(NO_RSA) && \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-
-#include <string.h>
-#include <stdio.h>
-
-#ifdef HAVE_CONFIG_H
- #include <config.h>
-#endif
-
-#include <wolfssl/wolfcrypt/settings.h>
-#include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
-
-/* Make Rsa key for SCE and set it to callback ctx
- * Assumes to be called by Crypt Callback
- *
- * size desired keylenth, in bits. supports 1024 or 2048 bits
- * ctx Callback context including pointer to hold generated key
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
-{
- fsp_err_t ret;
- User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
-
- sce_rsa1024_wrapped_pair_key_t *wrapped_pair1024_key = NULL;
- sce_rsa2048_wrapped_pair_key_t *wrapped_pair2048_key = NULL;
-
- /* sanity check */
- if (ctx == NULL)
- return BAD_FUNC_ARG;
-
-
- if ((ret = wc_sce_hw_lock()) == 0) {
- if (size == 1024) {
- wrapped_pair1024_key =
- (sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
- sizeof(sce_rsa1024_wrapped_pair_key_t), NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
- if (wrapped_pair1024_key == NULL)
- return MEMORY_E;
-
- ret = R_SCE_RSA1024_WrappedKeyPairGenerate(wrapped_pair1024_key);
- }
- else if (size == 2048) {
- wrapped_pair2048_key =
- (sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
- sizeof(sce_rsa2048_wrapped_pair_key_t), NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
- if (wrapped_pair2048_key == NULL)
- return MEMORY_E;
-
- ret = R_SCE_RSA2048_WrappedKeyPairGenerate(wrapped_pair2048_key);
- }
- else
- return CRYPTOCB_UNAVAILABLE;
-
- if (ret == FSP_SUCCESS) {
- if (size == 1024) {
- if (info->sce_wrapped_key_rsapri1024 != NULL) {
- XFREE(info->sce_wrapped_key_rsapri1024, NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
- }
- if (info->sce_wrapped_key_rsapub1024 != NULL) {
- XFREE(info->sce_wrapped_key_rsapub1024, NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
- }
- info->sce_wrapped_key_rsapri1024 =
- (sce_rsa1024_private_wrapped_key_t*)XMALLOC(
- sizeof(sce_rsa1024_private_wrapped_key_t), NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
-
- if (info->sce_wrapped_key_rsapri1024 == NULL) {
- XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
- return MEMORY_E;
- }
-
- info->sce_wrapped_key_rsapub1024 =
- (sce_rsa1024_public_wrapped_key_t*)XMALLOC(
- sizeof(sce_rsa1024_public_wrapped_key_t), NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
-
- if (info->sce_wrapped_key_rsapub1024 == NULL) {
- XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
- XFREE(info->sce_wrapped_key_rsapub1024, 0,
- DYNAMIC_TYPE_RSA_BUFFER);
- return MEMORY_E;
- }
- /* copy generated key pair and free malloced key */
- XMEMCPY(info->sce_wrapped_key_rsapri1024,
- &wrapped_pair1024_key->priv_key,
- sizeof(sce_rsa1024_private_wrapped_key_t));
- XMEMCPY(info->sce_wrapped_key_rsapub1024,
- &wrapped_pair1024_key->pub_key,
- sizeof(sce_rsa1024_public_wrapped_key_t));
- XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-
- info->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
- info->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
- }
- else if (size == 2048) {
- if (info->sce_wrapped_key_rsapri2048 != NULL) {
- XFREE(info->sce_wrapped_key_rsapri2048, NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
- }
- if (info->sce_wrapped_key_rsapub2048 != NULL) {
- XFREE(info->sce_wrapped_key_rsapub2048, NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
- }
- info->sce_wrapped_key_rsapri2048 =
- (sce_rsa2048_private_wrapped_key_t*)XMALLOC(
- sizeof(sce_rsa2048_private_wrapped_key_t), NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
-
- if (info->sce_wrapped_key_rsapri2048 == NULL) {
- XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
- return MEMORY_E;
- }
-
- info->sce_wrapped_key_rsapub2048 =
- (sce_rsa2048_public_wrapped_key_t*)XMALLOC(
- sizeof(sce_rsa2048_public_wrapped_key_t), NULL,
- DYNAMIC_TYPE_RSA_BUFFER);
-
- if (info->sce_wrapped_key_rsapub2048 == NULL) {
- XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
- XFREE(info->sce_wrapped_key_rsapub1024, 0,
- DYNAMIC_TYPE_RSA_BUFFER);
- return MEMORY_E;
- }
- /* copy generated key pair and free malloced key */
- XMEMCPY(info->sce_wrapped_key_rsapri2048,
- &wrapped_pair2048_key->priv_key,
- sizeof(sce_rsa2048_private_wrapped_key_t));
- XMEMCPY(info->sce_wrapped_key_rsapub2048,
- &wrapped_pair2048_key->pub_key,
- sizeof(sce_rsa2048_public_wrapped_key_t));
- XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-
- info->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
- info->keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
-
- }
- }
- else {
- WOLFSSL_MSG("Failed to generate key pair by SCE");
- return CRYPTOCB_UNAVAILABLE;
- }
-
- wc_sce_hw_unlock();
- }
-}
-
-/* Perform rsa encryption/decryption by SCE
- * Assumes to be called by Crypt Callback
- *
- * in Buffer to hold plain text
- * inLen Length of plain text in bytes
- * out Buffer to hold cipher text
- * outLen Length of cipher in bytes
- * key Rsa key object
- * rng rng object
- * ctx Callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
- word32 outLen, int type, struct RsaKey* key,
- struct WC_RNG* rng, void* ctx)
-{
- int ret;
-
- sce_rsa_byte_data_t plain;
- sce_rsa_byte_data_t cipher;
- User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
-
- int keySize;
-
- (void) key;
- (void) rng;
-
- /* sanity check */
- if (in == NULL || out == NULL || outLen == NULL ||
- ctx == NULL){
- return BAD_FUNC_ARG;
- }
-
- keySize = 0;
- if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
- keySize = 2048;
- else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
- keySize = 1024;
-
- if (keySize == 0) {
- WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
- "1024 or 2048 bits.");
- return BAD_FUNC_ARG;
- }
-
- if ((ret = wc_sce_hw_lock()) == 0) {
- if (type == RSA_PUBLIC_ENCRYPT) {
-
- plain.pdata = (byte*)in;
- plain.data_length = inLen;
- cipher.pdata = out;
- cipher.data_length = outLen;
-
- if (keySize == 1024) {
- if(info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1)
- ret = R_SCE_RSAES_PKCS1024_Encrypt(&plain, &cipher,
- (sce_rsa1024_public_wrapped_key_t*)
- info->sce_wrapped_key_rsapub1024);
- else {
- WOLFSSL_MSG("wrapped public 1024 bits key is not set.");
- return BAD_FUNC_ARG;
- }
- }
- else {
- if(info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1)
- ret = R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher,
- (sce_rsa2048_public_wrapped_key_t*)
- info->sce_wrapped_key_rsapub2048);
- else {
- WOLFSSL_MSG("wrapped public 2048 bits key is not set.");
- return BAD_FUNC_ARG;
- }
- }
- }
- else if (type == RSA_PRIVATE_DECRYPT) {
- plain.pdata = out;
- plain.data_length = outLen;
- cipher.pdata = (byte*)in;
- cipher.data_length = inLen;
-
- if (keySize == 1024) {
- if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1)
- ret = R_SCE_RSAES_PKCS1024_Decrypt(&cipher, &plain,
- (sce_rsa1024_private_wrapped_key_t*)
- info->sce_wrapped_key_rsapri1024);
- else {
- WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
- return BAD_FUNC_ARG;
- }
- }
- else {
- if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1)
- ret = R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain,
- (sce_rsa2048_private_wrapped_key_t*)
- info->sce_wrapped_key_rsapri2048);
- else {
- WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
- return BAD_FUNC_ARG;
- }
- }
- }
-
- wc_sce_hw_unlock();
- }
- return ret;
-}
-
-/* Perform Rsa sign by SCE
- * Assumes to be called by Crypt Callback
- *
- * in Buffer to hold plaintext
- * inLen Length of plaintext in bytes
- * out Buffer to hold generated signature
- * outLen Length of signature in bytes
- * key rsa key object
- * ctx The callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-
-WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
- word32* outLen, struct RsaKey* key, void* ctx)
-{
- int ret;
-
- sce_rsa_byte_data_t message_hash;
- sce_rsa_byte_data_t signature;
- User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
- int keySize;
-
- (void) key;
-
- /* sanity check */
- if (in == NULL || out == NULL || outLen == NULL ||
- key == NULL || ctx == NULL){
- return BAD_FUNC_ARG;
- }
-
- keySize = 0;
- if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
- keySize = 2048;
- else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
- keySize = 1024;
-
- if (keySize == 0) {
- WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
- return BAD_FUNC_ARG;
- }
-
- message_hash.pdata = in;
- message_hash.data_length = inLen;
- message_hash.data_type =
- info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
- signature.pdata = out;
- signature.data_length = outLen;
-
- if ((ret = wc_sce_hw_lock()) == 0) {
- if (keySize == 1024) {
-
- ret = R_SCE_RSASSA_PKCS1024_SignatureGenerate(&message_hash,
- &signature,
- (sce_rsa1024_private_wrapped_key_t *)
- info->sce_wrapped_key_rsapri1024,
- HW_SCE_RSA_HASH_SHA256);
- }
- else {
-
- ret = R_SCE_RSASSA_PKCS2048_SignatureGenerate(&message_hash,
- &signature,
- (sce_rsa2048_private_wrapped_key_t *)
- info->sce_wrapped_key_rsapri2048,
- HW_SCE_RSA_HASH_SHA256);
- }
-
- wc_sce_hw_unlock();
- }
-
- return ret;
-}
-
-/* Perform Rsa verify by SCE
- * Assumes to be called by Crypt Callback
- *
- * in Buffer to hold plaintext
- * inLen Length of plaintext in bytes
- * out Buffer to hold generated signature
- * outLen Length of signature in bytes
- * key rsa key object
- * ctx The callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-
-WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
- word32* outLen,struct RsaKey* key, void* ctx)
-{
- int ret;
-
- sce_rsa_byte_data_t message_hash;
- sce_rsa_byte_data_t signature;
- User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
- int keySize;
-
- (void) key;
-
- /* sanity check */
- if (in == NULL || out == NULL || outLen == NULL ||
- key == NULL || ctx == NULL){
- return BAD_FUNC_ARG;
- }
-
- keySize = 0;
- if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
- keySize = 2048;
- else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
- info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
- keySize = 1024;
-
- if (keySize == 0) {
- WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
- return BAD_FUNC_ARG;
- }
-
-
- message_hash.pdata = in;
- message_hash.data_length = inLen;
- message_hash.data_type =
- info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
-
- signature.pdata = out;
- signature.data_length = outLen;
-
- if ((ret = wc_sce_hw_lock()) == 0) {
- if (keySize == 1024) {
-
- ret = R_SCE_RSASSA_PKCS1024_SignatureVerify(&signature,
- &message_hash,
- (sce_rsa1024_public_wrapped_key_t *)
- info->sce_wrapped_key_rsapub1024,
- HW_SCE_RSA_HASH_SHA256);
- }
- else {
-
- ret = R_SCE_RSASSA_PKCS2048_SignatureVerify(&signature,
- &message_hash,
- (sce_rsa2048_public_wrapped_key_t *)
- info->sce_wrapped_key_rsapub2048,
- HW_SCE_RSA_HASH_SHA256 );
- }
-
- wc_sce_hw_unlock();
- }
-
- return ret;
-}
-
-#endif /* !NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c
deleted file mode 100644
index 959ea956..00000000
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* renesas_sce_sha.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-#include <string.h>
-#include <stdio.h>
-
-#ifdef HAVE_CONFIG_H
- #include <config.h>
-#endif
-#include <wolfssl/wolfcrypt/settings.h>
-
-#if !defined(NO_SHA256)
-
-#include <wolfssl/wolfcrypt/logging.h>
-
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
-
-/* Free up allocation for msg
- *
- * hash The SCE Hash object.
- * no return value
- */
-static void SCEHashFree(wolfssl_SCE_Hash* hash)
-{
- if (hash == NULL)
- return;
-
- if (hash->msg != NULL) {
- XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
- hash->msg = NULL;
- }
-}
-/* Initialize Hash object
- *
- * hash The SCE Hash object.
- * heap Buffer to hold heap if available
- * devId device Id
- * return 0 on success, BAD_FUNC_ARG when has is NULL
- */
-static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId,
- word32 sha_type)
-{
- if (hash == NULL) {
- return BAD_FUNC_ARG;
- }
-
- (void)devId;
- XMEMSET(hash, 0, sizeof(wolfssl_SCE_Hash));
-
- hash->heap = heap;
- hash->len = 0;
- hash->used = 0;
- hash->msg = NULL;
- hash->sha_type = sha_type;
-
- return 0;
-}
-
-/* Add data to msg(work buffer) for final hash operation
- *
- * hash The SCE Hash object.
- * data Buffer to hold plain text for hash
- * sz Length of data
- * return 0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure
- */
-static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
-{
- if (hash == NULL || (sz > 0 && data == NULL)) {
- return BAD_FUNC_ARG;
- }
-
- if (hash->len < hash->used + sz) {
- if (hash->msg == NULL) {
- hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- }
- else {
-#ifdef FREERTOS
- byte* pt = (byte*)XMALLOC(hash->used + sz, hash->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (pt == NULL) {
- return MEMORY_E;
- }
- XMEMCPY(pt, hash->msg, hash->used);
- XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
- hash->msg = NULL;
- hash->msg = pt;
-#else
- byte* pt = (byte*)XREALLOC(hash->msg, hash->used + sz, hash->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (pt == NULL) {
- return MEMORY_E;
- }
- hash->msg = pt;
-#endif
- }
- if (hash->msg == NULL) {
- return MEMORY_E;
- }
- hash->len = hash->used + sz;
- }
- XMEMCPY(hash->msg + hash->used, data , sz);
- hash->used += sz;
-
- return 0;
-}
-
-/* Perform hash operation using accumulated msg
- *
- * hash The SCE Hash object.
- * out Buffer to hold hashed text
- * outSz Length of out
- * return FSP_SUCCESS(0) on success,
- * otherwise BAD_FUNC_ARG or FSP Error code on failure
- */
-static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
-{
- int ret;
- void* heap;
- sce_sha_md5_handle_t handle;
- uint32_t sz;
-
- fsp_err_t (*Init)(sce_sha_md5_handle_t*);
- fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
- fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
-
- if (hash == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
-
- if (hash->sha_type == SCE_SHA256) {
- Init = R_SCE_SHA256_Init;
- Update = R_SCE_SHA256_Update;
- Final = R_SCE_SHA256_Final;
- }
- else
- return BAD_FUNC_ARG;
-
- heap = hash->heap;
-
- wc_sce_hw_lock();
-
- if (Init(&handle) == FSP_SUCCESS) {
- ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
- if (ret == FSP_SUCCESS) {
- ret = Final(&handle, out, (uint32_t*)&sz);
- if (ret != FSP_SUCCESS || sz != outSz) {
- return ret;
- }
- }
- }
- wc_sce_hw_unlock();
-
- SCEHashFree(hash);
- return SCEHashInit(hash, heap, 0, hash->sha_type);
-}
-/* Hash operation to message and return a result */
-static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
-{
- int ret;
- sce_sha_md5_handle_t handle;
- uint32_t sz;
-
- fsp_err_t (*Init)(sce_sha_md5_handle_t*);
- fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
- fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
-
- if (hash == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
-
- if (hash->sha_type == SCE_SHA256) {
- Init = R_SCE_SHA256_Init;
- Update = R_SCE_SHA256_Update;
- Final = R_SCE_SHA256_Final;
- }
- else
- return BAD_FUNC_ARG;
-
- wc_sce_hw_lock();
-
- if (Init(&handle) == FSP_SUCCESS) {
- ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
- if (ret == FSP_SUCCESS) {
- ret = Final(&handle, out, &sz);
- if (ret != FSP_SUCCESS || sz != outSz) {
- return ret;
- }
- }
- }
-
- wc_sce_hw_unlock();
-
- return 0;
-}
-/* copy hash result from src to dst */
-static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst)
-{
- if (src == NULL || dst == NULL) {
- return BAD_FUNC_ARG;
- }
-
- XMEMCPY(dst, src, sizeof(wolfssl_SCE_Hash));
-
- if (src->len > 0 && src->msg != NULL) {
- dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (dst->msg == NULL) {
- return MEMORY_E;
- }
- XMEMCPY(dst->msg, src->msg, src->len);
- }
-
- return 0;
-}
-
-#if !defined(NO_SHA256)
-#include <wolfssl/wolfcrypt/sha256.h>
-
-/* wrapper for wc_InitSha256_ex */
-int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
-{
- return SCEHashInit(sha, heap, devId, SCE_SHA256);
-}
-/* wrapper for wc_Sha256Update */
-int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
-{
- return SCEHashUpdate(sha, in, sz);
-}
-/* wrapper for wc_Sha256Final */
-int wc_Sha256Final(wc_Sha256* sha, byte* hash)
-{
- return SCEHashFinal(sha, hash, WC_SHA256_DIGEST_SIZE);
-}
-/* wrapper for wc_Sha256GetHash */
-int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
-{
- return SCEHashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
-}
-/* wrapper for wc_Sha256Copy */
-int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
-{
- return SCEHashCopy(src, dst);
-}
-#endif /* !NO_SHA256 */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT */
-#endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
index 334d0433..d4f47419 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
@@ -30,7 +30,8 @@
#ifndef NO_AES
-#if defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES)
#include <wolfssl/wolfcrypt/wc_port.h>
@@ -60,7 +61,7 @@ typedef e_tsip_err_t (*aesGcmDecUpdateFn)
typedef e_tsip_err_t (*aesGcmDecFinalFn)
(tsip_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
-
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
/* function pointer type defs for TLSv13 handshake AES-GCM/CCM encryption */
typedef e_tsip_err_t (*Tls13AesEncInitFn)
@@ -109,17 +110,17 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
tsip_aes_key_index_t* key = NULL;
WOLFSSL_ENTER("tsip_Tls13AesEncrypt");
-
+
if ((ssl == NULL) || (input == NULL) || (output == NULL) || (sz == 0)) {
return BAD_FUNC_ARG;
- }
+ }
if (ssl->options.side != WOLFSSL_CLIENT_END) {
return CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
}
/* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
+ tuc = ssl->RenesasUserCtx;
if (tuc == NULL) {
WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
return CRYPTOCB_UNAVAILABLE;
@@ -165,7 +166,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
cs,
key,
sz);
-
+
if (err != TSIP_SUCCESS) {
WOLFSSL_MSG("R_TSIP_Tls13DecryptUpdate error");
ret = WC_HW_E;
@@ -179,7 +180,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
dataSz = min(remain, AES_BLOCK_SIZE);
ForceZero(plain, sizeof(plain));
ForceZero(cipher, sizeof(cipher));
- XMEMCPY(plain, input + idxIn, dataSz);
+ XMEMCPY(plain, input + idxIn, dataSz);
err = R_TSIP_Tls13EncryptUpdate(
@@ -187,13 +188,13 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
(uint8_t*)plain,
(uint8_t*)cipher,
dataSz);
-
+
if (err == TSIP_SUCCESS) {
if (dataSz >= AES_BLOCK_SIZE) {
XMEMCPY(output + idxOut, cipher, dataSz);
idxOut += dataSz;
}
- idxIn += dataSz;
+ idxIn += dataSz;
remain -= dataSz;
}
else {
@@ -259,14 +260,14 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
if ((ssl == NULL) || (input == NULL) || (output == NULL) || (sz == 0)) {
return BAD_FUNC_ARG;
- }
+ }
if (ssl->options.side != WOLFSSL_CLIENT_END) {
return CRYPTOCB_UNAVAILABLE; /* expecting to fallback to S/W */
}
/* get user context for TSIP */
- tuc = ssl->RenesasUserCtx;
+ tuc = ssl->RenesasUserCtx;
if (tuc == NULL) {
WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
return CRYPTOCB_UNAVAILABLE;
@@ -304,7 +305,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
blocks = sz / AES_BLOCK_SIZE;
remain = sz;
conRemain = sz - TSIP_AES_GCM_AUTH_TAG_SIZE;
-
+
if ((ret = tsip_hw_lock()) == 0) {
err = R_TSIP_Tls13DecryptInit(
@@ -314,7 +315,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
cs,
key,
sz);
-
+
if (err != TSIP_SUCCESS) {
WOLFSSL_MSG("R_TSIP_Tls13DecryptInit error");
ret = WC_HW_E;
@@ -334,14 +335,14 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
(uint8_t*)cipher,
(uint8_t*)plain,
dataSz);
-
+
if (err == TSIP_SUCCESS) {
if (dataSz >= AES_BLOCK_SIZE && conRemain >= AES_BLOCK_SIZE) {
XMEMCPY(output + idxOut, plain, dataSz);
idxOut += dataSz;
conRemain -= min(conRemain, dataSz);
}
- idxIn += dataSz;
+ idxIn += dataSz;
remain -= dataSz;
}
else {
@@ -374,13 +375,13 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
WOLFSSL_LEAVE("tsip_Tls13AesDecrypt", ret);
return ret;
}
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
#if (WOLFSSL_RENESAS_TSIP_VER >= 109)
#ifdef WOLF_CRYPTO_CB
-WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
+WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
void* ctx)
{
int ret = NOT_COMPILED_IN;
@@ -390,13 +391,16 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
if (info == NULL || ctx == NULL)
return BAD_FUNC_ARG;
-
+
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
#if !defined(NO_AES) || !defined(NO_DES3)
#ifdef HAVE_AESGCM
- if (info->cipher.type == WC_CIPHER_AES_GCM &&
- cbInfo->session_key_set == 1) {
+ if (info->cipher.type == WC_CIPHER_AES_GCM
+ #ifdef WOLFSSL_RENESAS_TSIP_TLS
+ && cbInfo->session_key_set == 1
+ #endif
+ ) {
if (info->cipher.enc) {
ret = wc_tsip_AesGcmEncrypt(
@@ -430,8 +434,11 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
}
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
- if (info->cipher.type == WC_CIPHER_AES_CBC &&
- cbInfo->session_key_set == 1) {
+ if (info->cipher.type == WC_CIPHER_AES_CBC
+ #ifdef WOLFSSL_RENESAS_TSIP_TLS
+ && cbInfo->session_key_set == 1
+ #endif
+ ) {
if (info->cipher.enc) {
ret = wc_tsip_AesCbcEncrypt(
@@ -680,7 +687,8 @@ int wc_tsip_AesGcmEncrypt(
XMEMCPY(aadBuf, authIn, authInSz);
}
- if (ret == 0 &&
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ if (ret == 0 &&
userCtx->session_key_set == 1) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
@@ -701,8 +709,11 @@ int wc_tsip_AesGcmEncrypt(
WOLFSSL_MSG("R_TSIP_TlsGenerateSessionKey failed");
ret = -1;
}
- } else if (userCtx->user_aes128_key_set == 1 ||
- userCtx->user_aes256_key_set == 1) {
+ } else
+ #endif
+ if (ret == 0 &&
+ (userCtx->user_aes128_key_set == 1 ||
+ userCtx->user_aes256_key_set == 1)) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_client_aes, &userCtx->user_aes256_key_index,
sizeof(tsip_aes_key_index_t));
@@ -726,7 +737,7 @@ int wc_tsip_AesGcmEncrypt(
err = initFn(&hdl, &key_client_aes, (uint8_t*)iv_l, ivSz_l);
if (err == TSIP_SUCCESS) {
- err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf, authInSz);
+ err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf, authInSz);
}
if (err == TSIP_SUCCESS) {
err = updateFn(&hdl, plainBuf, cipherBuf, sz, NULL, 0UL);
@@ -814,14 +825,14 @@ int wc_tsip_AesGcmDecrypt(
uint8_t* aadBuf = NULL;
const uint8_t* iv_l = NULL;
uint32_t ivSz_l = 0;
-
+
tsip_aes_key_index_t key_server_aes;
TsipUserCtx *userCtx;
WOLFSSL_ENTER("wc_tsip_AesGcmDecrypt");
if (aes == NULL || in == NULL || out == NULL || sz == 0 || ctx == NULL ||
- iv == 0 ||
+ iv == 0 ||
(authInSz != 0 && authIn == NULL) ||
(authInSz == 0 && authIn != NULL) ||
(authTagSz != 0 && authTag == NULL) ||
@@ -875,7 +886,8 @@ int wc_tsip_AesGcmDecrypt(
XMEMCPY(aadBuf, authIn, authInSz);
}
- if (ret == 0 &&
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ if (ret == 0 &&
userCtx->session_key_set == 1) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
@@ -895,8 +907,12 @@ int wc_tsip_AesGcmDecrypt(
WOLFSSL_MSG("R_TSIP_TlsGenerateSessionKey failed");
ret = -1;
}
- } else if (userCtx->user_aes128_key_set == 1 ||
- userCtx->user_aes256_key_set == 1) {
+ } else
+
+ #endif
+ if (ret == 0 &&
+ (userCtx->user_aes128_key_set == 1 ||
+ userCtx->user_aes256_key_set == 1)) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_server_aes, &userCtx->user_aes256_key_index,
sizeof(tsip_aes_key_index_t));
@@ -905,10 +921,10 @@ int wc_tsip_AesGcmDecrypt(
XMEMCPY(&key_server_aes, &userCtx->user_aes128_key_index,
sizeof(tsip_aes_key_index_t));
}
-
+
iv_l = iv;
ivSz_l = ivSz;
-
+
}
if (ret == 0) {
@@ -959,5 +975,6 @@ int wc_tsip_AesGcmDecrypt(
WOLFSSL_LEAVE("wc_tsip_AesGcmDecrypt", ret);
return ret;
}
-#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */
+#endif /* WOLFSSL_RENESAS_TSIP_TLS) || WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ && NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES */
#endif /* NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
new file mode 100644
index 00000000..1a77b402
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
@@ -0,0 +1,302 @@
+/* renesas_sce_rsa.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_RSA) && \
+ (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
+
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/error-ssl.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
+
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+/* Make Rsa key for TSIP and set it to callback ctx
+ * Assumes to be called by Crypt Callback
+ *
+ * size desired keylenth, in bits. supports 1024 or 2048 bits
+ * ctx Callback context including pointer to hold generated key
+ * return TSIP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
+{
+ e_tsip_err_t ret;
+ TsipUserCtx *info = (TsipUserCtx*)ctx;
+
+ tsip_rsa1024_key_pair_index_t *tsip_pair1024_key = NULL;
+ tsip_rsa2048_key_pair_index_t *tsip_pair2048_key = NULL;
+
+ /* sanity check */
+ if (ctx == NULL)
+ return BAD_FUNC_ARG;
+
+ if ((ret = tsip_hw_lock()) == 0) {
+ if (size == 1024) {
+ tsip_pair1024_key =
+ (tsip_rsa1024_key_pair_index_t*)XMALLOC(
+ sizeof(tsip_rsa1024_key_pair_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ if (tsip_pair1024_key == NULL)
+ return MEMORY_E;
+
+ ret = R_TSIP_GenerateRsa1024RandomKeyIndex(tsip_pair1024_key);
+ }
+ else if (size == 2048) {
+ tsip_pair2048_key =
+ (tsip_rsa2048_key_pair_index_t*)XMALLOC(
+ sizeof(tsip_rsa2048_key_pair_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ if (tsip_pair2048_key == NULL)
+ return MEMORY_E;
+
+ ret = R_TSIP_GenerateRsa2048RandomKeyIndex(tsip_pair2048_key);
+ }
+ else
+ return CRYPTOCB_UNAVAILABLE;
+
+ if (ret == TSIP_SUCCESS) {
+ if (size == 1024) {
+ if (info->rsa1024pri_keyIdx != NULL) {
+ XFREE(info->rsa1024pri_keyIdx, NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ }
+ if (info->rsa1024pub_keyIdx != NULL) {
+ XFREE(info->rsa1024pub_keyIdx, NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ }
+ info->rsa1024pri_keyIdx =
+ (tsip_rsa1024_private_key_index_t*)XMALLOC(
+ sizeof(tsip_rsa1024_private_key_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+
+ if (info->rsa1024pri_keyIdx == NULL) {
+ XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+ return MEMORY_E;
+ }
+
+ info->rsa1024pub_keyIdx =
+ (tsip_rsa1024_public_key_index_t*)XMALLOC(
+ sizeof(tsip_rsa1024_public_key_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+
+ if (info->rsa1024pub_keyIdx == NULL) {
+ XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+ XFREE(info->rsa1024pri_keyIdx, 0,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ return MEMORY_E;
+ }
+ /* copy generated key pair and free malloced key */
+ XMEMCPY(info->rsa1024pri_keyIdx,
+ &tsip_pair1024_key->private,
+ sizeof(tsip_rsa1024_private_key_index_t));
+ XMEMCPY(info->rsa1024pub_keyIdx,
+ &tsip_pair1024_key->public,
+ sizeof(tsip_rsa1024_public_key_index_t));
+ XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+
+ info->keyflgs_crypt.bits.rsapri1024_key_set = 1;
+ info->keyflgs_crypt.bits.rsapub1024_key_set = 1;
+ }
+ else if (size == 2048) {
+ if (info->rsa2048pri_keyIdx != NULL) {
+ XFREE(info->rsa2048pri_keyIdx, NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ }
+ if (info->rsa2048pub_keyIdx != NULL) {
+ XFREE(info->rsa2048pub_keyIdx, NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ }
+ info->rsa2048pri_keyIdx =
+ (tsip_rsa2048_private_key_index_t*)XMALLOC(
+ sizeof(tsip_rsa2048_private_key_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+
+ if (info->rsa2048pri_keyIdx == NULL) {
+ XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+ return MEMORY_E;
+ }
+
+ info->rsa2048pub_keyIdx =
+ (tsip_rsa2048_public_key_index_t*)XMALLOC(
+ sizeof(tsip_rsa2048_public_key_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+
+ if (info->rsa2048pub_keyIdx == NULL) {
+ XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+ XFREE(info->rsa2048pri_keyIdx, 0,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ return MEMORY_E;
+ }
+ /* copy generated key pair and free malloced key */
+ XMEMCPY(info->rsa2048pri_keyIdx,
+ &tsip_pair2048_key->private,
+ sizeof(tsip_rsa2048_private_key_index_t));
+ XMEMCPY(info->rsa2048pub_keyIdx,
+ &tsip_pair2048_key->public,
+ sizeof(tsip_rsa2048_public_key_index_t));
+ XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+
+ info->keyflgs_crypt.bits.rsapri2048_key_set = 1;
+ info->keyflgs_crypt.bits.rsapub2048_key_set = 1;
+
+ }
+ }
+ else {
+ WOLFSSL_MSG("Failed to generate key pair by TSIP");
+ return CRYPTOCB_UNAVAILABLE;
+ }
+
+ tsip_hw_unlock();
+ }
+
+ return 0;
+}
+
+
+/* Perform Rsa verify by TSIP
+ * Assumes to be called by Crypt Callback
+ *
+ * in Buffer to hold plaintext
+ * inLen Length of plaintext in bytes
+ * out Buffer to hold generated signature
+ * outLen Length of signature in bytes
+ * key rsa key object
+ * ctx The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+
+WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
+{
+ int ret = 0;
+ e_tsip_err_t err = TSIP_SUCCESS;
+ tsip_rsa_byte_data_t hashData, sigData;
+
+ uint8_t tsip_hash_type;
+
+
+ /* sanity check */
+ if (info == NULL || tuc == NULL){
+ return BAD_FUNC_ARG;
+ }
+
+ if (ret == 0) {
+ if (tuc->sing_hash_type == md5_mac)
+ tsip_hash_type = R_TSIP_RSA_HASH_MD5;
+ else if (tuc->sing_hash_type == sha_mac)
+ tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
+ else if (tuc->sing_hash_type == sha256_mac)
+ tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
+ else
+ ret = CRYPTOCB_UNAVAILABLE;
+ }
+
+ switch (tuc->wrappedKeyType) {
+ case TSIP_KEY_TYPE_RSA1024:
+ if (tuc->keyflgs_crypt.bits.rsapub1024_key_set != 1)
+ {
+ ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
+
+ WOLFSSL_MSG("tsip rsa private key 1024 not set");
+ if (ret != 0)
+ ret = CRYPTOCB_UNAVAILABLE;
+
+ }
+ break;
+ case TSIP_KEY_TYPE_RSA2048:
+ if (tuc->keyflgs_crypt.bits.rsapub2048_key_set != 1)
+ {
+ ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
+
+ WOLFSSL_MSG("tsip rsa private key 1024 not set");
+ if (ret != 0)
+ ret = CRYPTOCB_UNAVAILABLE;
+ }
+ break;
+ default:
+ WOLFSSL_MSG("wrapped private key is not supported");
+ ret = CRYPTOCB_UNAVAILABLE;
+ break;
+ }
+
+ if (ret == 0) {
+ hashData.pdata = (uint8_t*)info->pk.rsa.in;
+ hashData.data_length = info->pk.rsa.inLen;
+ hashData.data_type =
+ tuc->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
+
+ sigData.pdata = (uint8_t*)info->pk.rsa.out;
+ sigData.data_length = info->pk.rsa.outLen;
+
+ if ((ret = tsip_hw_lock()) == 0) {
+ switch (tuc->wrappedKeyType) {
+ case TSIP_KEY_TYPE_RSA1024:
+ err = R_TSIP_RsassaPkcs1024SignatureVerification(&sigData,
+ &hashData,
+ (tsip_rsa1024_public_key_index_t *)
+ tuc->rsa1024pub_keyIdx,
+ tsip_hash_type);
+ if (err == TSIP_ERR_AUTHENTICATION) {
+ ret = SIG_VERIFY_E;
+ }
+ else if (err == TSIP_SUCCESS) {
+ ret = 0;
+ }
+ else {
+ ret = WC_HW_E;
+ }
+ break;
+ case TSIP_KEY_TYPE_RSA2048:
+ err = R_TSIP_RsassaPkcs2048SignatureVerification(&sigData,
+ &hashData,
+ (tsip_rsa2048_public_key_index_t *)
+ tuc->rsa2048pub_keyIdx,
+ tsip_hash_type);
+ if (err == TSIP_ERR_AUTHENTICATION) {
+ ret = SIG_VERIFY_E;
+ }
+ else if (err == TSIP_SUCCESS) {
+ ret = 0;
+ }
+ else {
+ ret = WC_HW_E;
+ }
+ break;
+ }
+ tsip_hw_unlock();
+ }
+ }
+
+ return ret;
+}
+#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_TSIP_TLS || \
+ WOLFSSL_RENESAS_TSIP_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
index 66d2d586..a1a02f3b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
@@ -36,18 +36,16 @@
#include <wolfssl/wolfcrypt/logging.h>
-#if defined(WOLFSSL_RENESAS_TSIP_CRYPT)
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
#include <wolfssl/wolfcrypt/memory.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
-#if !defined(NO_SHA) && !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
-#include <wolfssl/wolfcrypt/sha.h>
-
extern struct WOLFSSL_HEAP_HINT* tsip_heap_hint;
-
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
/* get hmac from handshake messages exchanged with server.
*
*/
@@ -278,7 +276,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash,
WOLFSSL_LEAVE("tsip_GetMessageSha256", ret);
return ret;
}
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
@@ -471,7 +469,9 @@ static int TSIPHashCopy(wolfssl_TSIP_Hash* src, wolfssl_TSIP_Hash* dst)
return 0;
}
- /* */
+#if !defined(NO_SHA) && !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha.h>
+
int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
{
return TSIPHashInit(sha, heap, devId, TSIP_SHA1);
@@ -496,7 +496,7 @@ int wc_ShaCopy(wc_Sha256* src, wc_Sha256* dst)
{
return TSIPHashCopy(src, dst);
}
-#endif /* !NO_SHA */
+#endif /* !NO_SHA && !NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH*/
#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
#include <wolfssl/wolfcrypt/sha256.h>
@@ -527,5 +527,5 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
return TSIPHashCopy(src, dst);
}
#endif /* !NO_SHA256 */
-#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */
+#endif /* WOLFSSL_RENESAS_TSIP_TLS || WOLFSSL_RENESAS_TSIP_CRYPTONLY */
#endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c
index 0ebc718c..8c98ffb7 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c
@@ -56,22 +56,21 @@ typedef e_tsip_err_t (*shaHmacFinalFn)
/* ./ca-cert.der.sign, */
/* expect to have these variables defined at user application */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=109)
+#if defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=109)
extern uint32_t s_inst2[R_TSIP_SINST2_WORD_SIZE];
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=106)
+#elif defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=106)
extern uint32_t s_flash[];
extern uint32_t s_inst1[R_TSIP_SINST_WORD_SIZE];
#endif
wolfSSL_Mutex tsip_mutex;
static int tsip_CryptHwMutexInit_ = 0;
-static const byte* ca_cert_sig = NULL;
static tsip_key_data g_user_key_info;
-
struct WOLFSSL_HEAP_HINT* tsip_heap_hint = NULL;
/* tsip only keep one encrypted ca public key */
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+static const byte* ca_cert_sig = NULL;
static uint32_t g_encrypted_publicCA_key[R_TSIP_SINST_WORD_SIZE];
/* index of CM table. must be global since renesas_common access it. */
@@ -103,7 +102,38 @@ static int tsip_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
{
return wc_UnLockMutex(mutex);
}
-#ifdef WOLF_PRIVATE_KEY_ID
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+/* Set client encrypted public key data.
+ * parameters:
+ * ssl WOLFSSL object
+ * keyBuf buffer holding wrapped key which Renesas key tool generated.
+ * keyBufLen buffer length
+ * keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
+ * return 0 on success, others on failure.
+ */
+WOLFSSL_API int tsip_use_PublicKey_buffer_TLS(WOLFSSL* ssl,
+ const char* keyBuf, int keyBufLen, int keyType)
+{
+ int ret = 0;
+ TsipUserCtx* tuc = NULL;
+
+ WOLFSSL_ENTER("tsip_use_PublicKey_buffer_TLS");
+
+ if (ssl == NULL
+ || keyBuf == NULL || keyBufLen == 0) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ if (ret == 0){
+ tuc = ssl->RenesasUserCtx;
+ tuc->wrappedPublicKey = (uint8_t*)keyBuf;
+ tuc->wrappedKeyType = keyType;
+ }
+
+ WOLFSSL_LEAVE("tsip_use_PublicKey_buffer", ret);
+ return ret;
+}
/* Set client encrypted private key data.
* parameters:
* ssl WOLFSSL object
@@ -112,13 +142,13 @@ static int tsip_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
* keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
* return 0 on success, others on failure.
*/
-WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
+WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
const char* keyBuf, int keyBufLen, int keyType)
{
int ret = 0;
TsipUserCtx* tuc = NULL;
-
- WOLFSSL_ENTER("tsip_use_PrivateKey_buffer");
+
+ WOLFSSL_ENTER("tsip_use_PrivateKey_buffer_TLS");
if (ssl == NULL || keyBuf == NULL || keyBufLen == 0 ) {
ret = BAD_FUNC_ARG;
@@ -130,47 +160,81 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
tuc->wrappedKeyType = keyType;
/* store keyType as Id since Id capacity is 32 bytes */
- ret = wolfSSL_use_PrivateKey_Id(ssl,
+ ret = wolfSSL_use_PrivateKey_Id(ssl,
(const unsigned char*)keyBuf, 32, tuc->devId);
if (ret == WOLFSSL_SUCCESS) {
- ret = 0;
- }
+ ret = 0;
+ }
}
- WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer", ret);
+ WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer_TLS", ret);
return ret;
}
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
/* Set client encrypted public key data.
* parameters:
- * ssl WOLFSSL object
+ * uc Tsip user context
* keyBuf buffer holding wrapped key which Renesas key tool generated.
* keyBufLen buffer length
* keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
* return 0 on success, others on failure.
*/
-WOLFSSL_API int tsip_use_PublicKey_buffer(WOLFSSL* ssl,
+WOLFSSL_API int tsip_use_PublicKey_buffer_crypt(TsipUserCtx *uc,
const char* keyBuf, int keyBufLen, int keyType)
{
int ret = 0;
TsipUserCtx* tuc = NULL;
- WOLFSSL_ENTER("tsip_use_PublicKey_buffer");
+ WOLFSSL_ENTER("tsip_use_PublicKey_buffer_crypt");
- if (ssl == NULL || keyBuf == NULL || keyBufLen == 0) {
+ if (uc == NULL
+ || keyBuf == NULL || keyBufLen == 0) {
ret = BAD_FUNC_ARG;
}
if (ret == 0){
- tuc = ssl->RenesasUserCtx;
+ tuc = uc;
tuc->wrappedPublicKey = (uint8_t*)keyBuf;
tuc->wrappedKeyType = keyType;
}
- WOLFSSL_LEAVE("tsip_use_PublicKey_buffer", ret);
+ WOLFSSL_LEAVE("tsip_use_PublicKey_buffer_crypt", ret);
return ret;
}
-#endif /* WOLF_PRIVATE_KEY_ID */
+/* Set client encrypted private key data.
+ * parameters:
+ * uc Tsip user context
+ * keyBuf buffer holding wrapped key which Renesas key tool generated.
+ * keyBufLen buffer length
+ * keyType 0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
+ * return 0 on success, others on failure.
+ */
+WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
+ const char* keyBuf, int keyBufLen, int keyType)
+{
+ int ret = 0;
+ TsipUserCtx* tuc = NULL;
+
+ WOLFSSL_ENTER("tsip_use_PrivateKey_buffer_crypt");
+
+ if (uc == NULL || keyBuf == NULL || keyBufLen == 0 ) {
+ ret = BAD_FUNC_ARG;
+ }
+ if (ret == 0){
+ tuc = uc;
+
+ tuc->wrappedPrivateKey = (uint8_t*)keyBuf;
+ tuc->wrappedKeyType = keyType;
+ }
+
+ WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer_crypt", ret);
+ return ret;
+}
+#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
+
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
/* Obsolete function. Use tsip_use_PrivateKey_buffer instead.
* Set client encrypted private key data.
@@ -332,7 +396,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
&(tuc->handle13),
TSIP_TLS13_MODE_FULL_HANDSHAKE,
&(tuc->EcdhPrivKey13Idx), /* private key index */
- &(kse->pubKey[1])); /* genereted public key */
+ &(kse->pubKey[1])); /* generated public key */
if (err != TSIP_SUCCESS){ret = WC_HW_E;}
@@ -422,7 +486,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
if ((ret = tsip_hw_lock()) == 0) {
tuc->SharedSecret_set = 0;
- pubkeyraw = kse->ke + 1; /* peer's raw publick key data */
+ pubkeyraw = kse->ke + 1; /* peer's raw public key data */
/* derive shared secret */
err = R_TSIP_Tls13GenerateEcdheSharedSecret(
@@ -1582,192 +1646,14 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
}
#endif /* WOLFSSL_TLS13 */
-/*
- * Import wrapped private key then convert it into TSIP key_index format.
- * The target key should be set with tsip_use_PrivateKey_buffer in advance.
- * Acceptable key types are:
- * TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
- * TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
- * TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
- */
-static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
-{
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
- uint8_t* iv = g_user_key_info.iv;
- uint8_t* encPrivKey;
-
- WOLFSSL_ENTER("tsipImportPrivateKey");
-
- if (tuc == NULL)
- return BAD_FUNC_ARG;
-
- encPrivKey = tuc->wrappedPrivateKey;
-
- if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) {
- WOLFSSL_MSG("Missing some key materials used for import" );
- return CRYPTOCB_UNAVAILABLE;
- }
-
- if (ret == 0) {
- if (keyType != tuc->wrappedKeyType) {
- WOLFSSL_MSG("No public key of specified type is set" );
- return CRYPTOCB_UNAVAILABLE;
- }
- }
-
- if ((ret = tsip_hw_lock()) == 0) {
- switch (keyType) {
-
- #if !defined(NO_RSA)
- case TSIP_KEY_TYPE_RSA2048:
-
- tuc->ClientRsa2048PrivKey_set = 0;
- err = R_TSIP_GenerateRsa2048PrivateKeyIndex(
- provisioning_key, iv, (uint8_t*)encPrivKey,
- &(tuc->Rsa2048PrivateKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientRsa2048PrivKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
-
- case TSIP_KEY_TYPE_RSA4096:
- /* not supported as of TSIPv1.15 */
- ret = CRYPTOCB_UNAVAILABLE;
- break;
-
- #if defined(HAVE_ECC)
- case TSIP_KEY_TYPE_ECDSAP256:
-
- tuc->ClientEccP256PrivKey_set = 0;
- err = R_TSIP_GenerateEccP256PrivateKeyIndex(
- provisioning_key, iv, (uint8_t*)encPrivKey,
- &(tuc->EcdsaP256PrivateKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientEccP256PrivKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
-
- default:
- ret = BAD_FUNC_ARG;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- WOLFSSL_LEAVE("tsipImportPrivateKey", ret);
- return ret;
-}
-/*
- * Import wrapped public key then convert it into TSIP key_index format.
- * The target key should be set with tsip_use_PublicKey_buffer in advance.
- * Acceptable key types are:
- * TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
- * TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
- * TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
- */
-static int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
-{
- int ret = 0;
- e_tsip_err_t err = TSIP_SUCCESS;
- uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
- uint8_t* iv = g_user_key_info.iv;
- uint8_t* encPubKey;
-
- WOLFSSL_ENTER("tsipImportPublicKey");
-
- if (tuc == NULL ) {
- return BAD_FUNC_ARG;
- }
-
- encPubKey = tuc->wrappedPublicKey;
-
- if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) {
- WOLFSSL_MSG("Missing some key materials used for import" );
- return CRYPTOCB_UNAVAILABLE;
- }
-
- if (ret == 0) {
- if (keyType != tuc->wrappedKeyType) {
- WOLFSSL_MSG("No public key of specified type is set" );
- return CRYPTOCB_UNAVAILABLE;
- }
- }
-
- if ((ret = tsip_hw_lock()) == 0) {
- switch(keyType) {
-
- #if !defined(NO_RSA)
- case TSIP_KEY_TYPE_RSA2048:
-
- tuc->ClientRsa2048PubKey_set = 0;
- err = R_TSIP_GenerateRsa2048PublicKeyIndex(
- provisioning_key, iv, (uint8_t*)encPubKey,
- &(tuc->Rsa2048PublicKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientRsa2048PubKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
-
- #if !defined(NO_RSA)
- case TSIP_KEY_TYPE_RSA4096:
- /* not supported as of TSIPv1.15 */
- ret = CRYPTOCB_UNAVAILABLE;
- break;
- #endif
-
- #if defined(HAVE_ECC)
- case TSIP_KEY_TYPE_ECDSAP256:
-
- tuc->ClientEccP256PubKey_set = 0;
- err = R_TSIP_GenerateEccP256PublicKeyIndex(
- provisioning_key, iv, (uint8_t*)encPubKey,
- &(tuc->EcdsaP256PublicKeyIdx));
- if (err == TSIP_SUCCESS) {
- tuc->ClientEccP256PubKey_set = 1;
- }
- else {
- ret = WC_HW_E;
- }
- break;
- #endif
-
- default:
- ret = BAD_FUNC_ARG;
- break;
- }
- tsip_hw_unlock();
- }
- else {
- WOLFSSL_MSG("mutex locking error");
- }
- WOLFSSL_LEAVE("tsipImportPublicKey", ret);
- return ret;
-}
-
-
#if defined(WOLFSSL_TLS13)
/* Send the TLS v1.3 CertificateVerify message. A part of the message is
* processed by TSIP for acceleration.
*
* Prior to this function call, the appropriate key-pair should be set via
- * tsip_use_PrivateKey_buffer and tsip_use_PublicKey_buffer APIs. Those key pair
- * can be generated by the tool named "Renesas secure flash programmer".
+ * tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS APIs.
+ * Those key pair can be generated by the tool named
+ * "Renesas secure flash programmer".
* When RSA certificate is used, both public and private keys should be set.
* The public key is used for self-verify the generated certificateVerify
* message. When ECC certificate is used, the self-verify will be performed only
@@ -2039,7 +1925,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
return ret;
}
#endif /* WOLFSSL_TLS13 */
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
@@ -2113,7 +1999,7 @@ static uint32_t GetTsipCipherSuite(
return tsipCipher;
}
-/* Attempt to get a public key exchaged with the peer in ECDHE.
+/* Attempt to get a public key exchanged with the peer in ECDHE.
* the public key is verified by given signature then stored into ctx.
*
* return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE on failure.
@@ -2453,6 +2339,212 @@ static byte _tls2tsipdef(byte cipher)
return def;
}
#endif
+
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
+/*
+ * Import wrapped private key then convert it into TSIP key_index format.
+ * The target key should be set with tsip_use_PrivateKey_buffer in advance.
+ * Acceptable key types are:
+ * TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
+ * TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
+ * TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
+ */
+static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
+{
+ int ret = 0;
+ e_tsip_err_t err = TSIP_SUCCESS;
+ uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
+ uint8_t* iv = g_user_key_info.iv;
+ uint8_t* encPrivKey;
+
+ WOLFSSL_ENTER("tsipImportPrivateKey");
+
+ if (tuc == NULL)
+ return BAD_FUNC_ARG;
+
+ encPrivKey = tuc->wrappedPrivateKey;
+
+ if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) {
+ WOLFSSL_MSG("Missing some key materials used for import" );
+ return CRYPTOCB_UNAVAILABLE;
+ }
+
+ if (ret == 0) {
+ if (keyType != tuc->wrappedKeyType) {
+ WOLFSSL_MSG("No public key of specified type is set" );
+ return CRYPTOCB_UNAVAILABLE;
+ }
+ }
+
+ if ((ret = tsip_hw_lock()) == 0) {
+ switch (keyType) {
+
+ #if !defined(NO_RSA)
+ case TSIP_KEY_TYPE_RSA2048:
+
+ tuc->ClientRsa2048PrivKey_set = 0;
+ err = R_TSIP_GenerateRsa2048PrivateKeyIndex(
+ provisioning_key, iv, (uint8_t*)encPrivKey,
+ &(tuc->Rsa2048PrivateKeyIdx));
+ if (err == TSIP_SUCCESS) {
+ tuc->ClientRsa2048PrivKey_set = 1;
+ }
+ else {
+ ret = WC_HW_E;
+ }
+ break;
+ #endif
+
+ case TSIP_KEY_TYPE_RSA4096:
+ /* not supported as of TSIPv1.15 */
+ ret = CRYPTOCB_UNAVAILABLE;
+ break;
+
+ #if defined(HAVE_ECC)
+ case TSIP_KEY_TYPE_ECDSAP256:
+
+ tuc->ClientEccP256PrivKey_set = 0;
+ err = R_TSIP_GenerateEccP256PrivateKeyIndex(
+ provisioning_key, iv, (uint8_t*)encPrivKey,
+ &(tuc->EcdsaP256PrivateKeyIdx));
+ if (err == TSIP_SUCCESS) {
+ tuc->ClientEccP256PrivKey_set = 1;
+ }
+ else {
+ ret = WC_HW_E;
+ }
+ break;
+ #endif
+
+ default:
+ ret = BAD_FUNC_ARG;
+ break;
+ }
+ tsip_hw_unlock();
+ }
+ else {
+ WOLFSSL_MSG("mutex locking error");
+ }
+ WOLFSSL_LEAVE("tsipImportPrivateKey", ret);
+ return ret;
+}
+
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+
+/*
+ * Import wrapped public key then convert it into TSIP key_index format.
+ * The target key should be set with tsip_use_PublicKey_buffer in advance.
+ * Acceptable key types are:
+ * TSIP_KEY_TYPE_RSA2048 rsa 2048 bit key
+ * TSIP_KEY_TYPE_RSA4096 rsa 4096 bit key(Not supported as of now)
+ * TSIP_KEY_TYPE_ECDSAP256 ecdsa p256r1 key
+ */
+WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
+{
+ int ret = 0;
+ e_tsip_err_t err = TSIP_SUCCESS;
+ uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
+ uint8_t* iv = g_user_key_info.iv;
+ uint8_t* encPubKey;
+
+ WOLFSSL_ENTER("tsipImportPublicKey");
+
+ if (tuc == NULL ) {
+ return BAD_FUNC_ARG;
+ }
+
+ encPubKey = tuc->wrappedPublicKey;
+
+ if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) {
+ WOLFSSL_MSG("Missing some key materials used for import" );
+ return CRYPTOCB_UNAVAILABLE;
+ }
+
+ if (ret == 0) {
+ if (keyType != tuc->wrappedKeyType) {
+ WOLFSSL_MSG("No public key of specified type is set" );
+ return CRYPTOCB_UNAVAILABLE;
+ }
+ }
+
+ if ((ret = tsip_hw_lock()) == 0) {
+ switch(keyType) {
+
+ #if !defined(NO_RSA)
+ case TSIP_KEY_TYPE_RSA2048:
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ tuc->ClientRsa2048PubKey_set = 0;
+ #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ if (tuc->rsa2048pub_keyIdx != NULL) {
+ XFREE(tuc->rsa2048pub_keyIdx, NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ }
+
+ tuc->rsa2048pub_keyIdx =
+ (tsip_rsa2048_public_key_index_t*)XMALLOC(
+ sizeof(tsip_rsa2048_public_key_index_t), NULL,
+ DYNAMIC_TYPE_RSA_BUFFER);
+ if (tuc->rsa2048pub_keyIdx == NULL) {
+ return MEMORY_E;
+ }
+ #endif
+ err = R_TSIP_GenerateRsa2048PublicKeyIndex(
+ provisioning_key, iv, (uint8_t*)encPubKey,
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ &(tuc->Rsa2048PublicKeyIdx)
+ #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ tuc->rsa2048pub_keyIdx
+ #endif
+ );
+ if (err == TSIP_SUCCESS) {
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ tuc->ClientRsa2048PubKey_set = 1;
+ #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+ tuc->keyflgs_crypt.bits.rsapub2048_key_set = 1;
+ #endif
+ }
+ else {
+ ret = WC_HW_E;
+ }
+ break;
+ #endif
+
+ #if !defined(NO_RSA)
+ case TSIP_KEY_TYPE_RSA4096:
+ /* not supported as of TSIPv1.15 */
+ ret = CRYPTOCB_UNAVAILABLE;
+ break;
+ #endif
+
+ #if defined(HAVE_ECC) && \
+ defined(WOLFSSL_RENESAS_TSIP_TLS)
+ case TSIP_KEY_TYPE_ECDSAP256:
+
+ tuc->ClientEccP256PubKey_set = 0;
+ err = R_TSIP_GenerateEccP256PublicKeyIndex(
+ provisioning_key, iv, (uint8_t*)encPubKey,
+ &(tuc->EcdsaP256PublicKeyIdx));
+ if (err == TSIP_SUCCESS) {
+ tuc->ClientEccP256PubKey_set = 1;
+ }
+ else {
+ ret = WC_HW_E;
+ }
+ break;
+ #endif
+
+ default:
+ ret = BAD_FUNC_ARG;
+ break;
+ }
+ tsip_hw_unlock();
+ }
+ else {
+ WOLFSSL_MSG("mutex locking error");
+ }
+ WOLFSSL_LEAVE("tsipImportPublicKey", ret);
+ return ret;
+}
/*
* lock hw engine.
* this should be called before using engine.
@@ -2488,7 +2580,7 @@ WOLFSSL_LOCAL void tsip_hw_unlock(void)
{
tsip_CryptHwMutexUnLock(&tsip_mutex);
}
-
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
/* check if tsip tls functions can be used for the cipher */
/* return :1 when tsip can be used , 0 not be used. */
int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
@@ -2584,7 +2676,7 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
WOLFSSL_LEAVE("tsip_usable", ret);
return ret;
}
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
/* open TSIP driver
@@ -2598,13 +2690,13 @@ WOLFSSL_LOCAL int tsip_Open(void)
if ((ret = tsip_hw_lock()) == 0) {
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=109)
+#if defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=109)
ret = R_TSIP_Open(NULL,NULL);
if (ret != TSIP_SUCCESS) {
WOLFSSL_MSG("RENESAS TSIP Open failed");
}
-
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS)
if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
ret = R_TSIP_GenerateTlsRsaPublicKeyIndex(
@@ -2634,14 +2726,14 @@ WOLFSSL_LOCAL int tsip_Open(void)
g_CAscm_Idx = (uint32_t)-1;
}
}
-
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=106)
+ #endif
+#elif defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=106)
ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
if (ret != TSIP_SUCCESS) {
WOLFSSL_MSG("RENESAS TSIP Open failed");
}
-
+ #if defined(WOLFSSL_RENESAS_TLS)
/* generate TLS Rsa public key for Certificate verification */
if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
ret = R_TSIP_GenerateTlsRsaPublicKeyIndex(
@@ -2668,6 +2760,7 @@ WOLFSSL_LOCAL int tsip_Open(void)
g_CAscm_Idx = (uint32_t)-1;
}
}
+ #endif
#else
ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
if (ret != TSIP_SUCCESS) {
@@ -2707,16 +2800,30 @@ WOLFSSL_LOCAL void tsip_Close(void)
WOLFSSL_LEAVE("tsip_Close", 0);
}
-/* Support functions for TSIP TLS Capability */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS)
-
-/* to inform ca certificate sign */
-/* signature format expects RSA 2048 PSS with SHA256 */
-void tsip_inform_cert_sign(const byte *sign)
+int wc_tsip_GenerateRandBlock(byte* output, word32 sz)
{
- if (sign)
- ca_cert_sig = sign;
+ /* Generate PRNG based on NIST SP800-90A AES CTR-DRBG */
+ int ret = 0;
+ word32 buffer[4];
+
+ while (sz > 0) {
+ word32 len = sizeof(buffer);
+
+ if (sz < len) {
+ len = sz;
+ }
+ /* return 4 words random number*/
+ ret = R_TSIP_GenerateRandomNumber((uint32_t*)buffer);
+ if(ret == TSIP_SUCCESS) {
+ XMEMCPY(output, &buffer, len);
+ output += len;
+ sz -= len;
+ } else
+ return ret;
+ }
+ return ret;
}
+
#if (WOLFSSL_RENESAS_TSIP_VER>=109)
void tsip_inform_user_keys_ex(
byte* encrypted_provisioning_key,
@@ -2767,8 +2874,16 @@ void tsip_inform_user_keys(
}
#endif
+/* Support functions for TSIP TLS Capability */
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
-
+/* to inform ca certificate sign */
+/* signature format expects RSA 2048 PSS with SHA256 */
+void tsip_inform_cert_sign(const byte *sign)
+{
+ if (sign)
+ ca_cert_sig = sign;
+}
/* Sha1Hmac */
int wc_tsip_Sha1HmacGenerate(
const WOLFSSL *ssl,
@@ -3552,15 +3667,20 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
WOLFSSL_ENTER("tsip_SignRsaPkcs");
- if (info == NULL || tuc == NULL || tuc->ssl == NULL) {
+ if (info == NULL || tuc == NULL
+ #ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ || tuc->ssl == NULL
+ #endif
+ ) {
ret = BAD_FUNC_ARG;
}
-
+
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
if (ret == 0) {
ssl = tuc->ssl;
if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
+ ssl->version.minor == TLSv1_3_MINOR) {
ret = CRYPTOCB_UNAVAILABLE;
}
}
@@ -3570,6 +3690,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
}
+
if (ret == 0) {
if (ssl->options.hashAlgo == md5_mac)
tsip_hash_type = R_TSIP_RSA_HASH_MD5;
@@ -3578,23 +3699,83 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
else if (ssl->options.hashAlgo == sha256_mac)
tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
else
- ret = CRYPTOCB_UNAVAILABLE;
+ ret = CRYPTOCB_UNAVAILABLE;
}
-
+#else
+ (void)ssl;
+
if (ret == 0) {
+ if (tuc->sing_hash_type == md5_mac)
+ tsip_hash_type = R_TSIP_RSA_HASH_MD5;
+ else if (tuc->sing_hash_type == sha_mac)
+ tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
+ else if (tuc->sing_hash_type == sha256_mac)
+ tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
+ else
+ ret = CRYPTOCB_UNAVAILABLE;
+ }
+
+ switch (tuc->wrappedKeyType) {
+ case TSIP_KEY_TYPE_RSA1024:
+ if (tuc->keyflgs_crypt.bits.rsapri1024_key_set != 1)
+ {
+ WOLFSSL_MSG("tsip rsa private key 2048 not set");
+ ret = CRYPTOCB_UNAVAILABLE;
+ }
+ break;
+ case TSIP_KEY_TYPE_RSA2048:
+ if (tuc->keyflgs_crypt.bits.rsapri2048_key_set != 1)
+ {
+ WOLFSSL_MSG("tsip rsa private key 2048 not set");
+ ret = CRYPTOCB_UNAVAILABLE;
+ }
+ break;
+ default:
+ WOLFSSL_MSG("wrapped private key is not supported");
+ ret = CRYPTOCB_UNAVAILABLE;
+ break;
+ }
+
+#endif
+
+ if (ret == 0) {
+ #ifdef WOLFSSL_RENESAS_TSIP_TLS
hashData.pdata = (uint8_t*)ssl->buffers.digest.buffer;
hashData.data_type = 1;
sigData.pdata = (uint8_t*)info->pk.rsa.in;
sigData.data_length = 0; /* signature size will be returned here */
-
+ #else
+ hashData.pdata = (uint8_t*)info->pk.rsa.in;
+ hashData.data_length= info->pk.rsa.inLen;
+ hashData.data_type = tuc->keyflgs_crypt.bits.message_type;
+ sigData.pdata = (uint8_t*)info->pk.rsa.out;
+ sigData.data_length = 0;
+ #endif
if ((ret = tsip_hw_lock()) == 0) {
switch (tuc->wrappedKeyType) {
-
+ #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ case TSIP_KEY_TYPE_RSA1024:
+ err = R_TSIP_RsassaPkcs1024SignatureGenerate(
+ &hashData, &sigData,
+ (tsip_rsa1024_private_key_index_t*)
+ tuc->rsa1024pri_keyIdx,
+ tsip_hash_type);
+
+ if (err != TSIP_SUCCESS) {
+ ret = WC_HW_E;
+ }
+ break;
+ #endif
case TSIP_KEY_TYPE_RSA2048:
err = R_TSIP_RsassaPkcs2048SignatureGenerate(
&hashData, &sigData,
+ #ifdef WOLFSSL_RENESAS_TSIP_TLS
&tuc->Rsa2048PrivateKeyIdx,
+ #else
+ (tsip_rsa2048_private_key_index_t*)
+ tuc->rsa2048pri_keyIdx,
+ #endif
tsip_hash_type);
if (err != TSIP_SUCCESS) {
@@ -3624,7 +3805,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
}
#endif /* !NO_RSA */
-#if !defined(NO_RSA)
+#if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_TSIP_TLS)
WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
WOLFSSL* ssl,
unsigned char* sig, unsigned int sigSz,
@@ -3647,7 +3828,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
}
if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
+ ssl->version.minor == TLSv1_3_MINOR) {
ret = CRYPTOCB_UNAVAILABLE;
}
@@ -3719,9 +3900,9 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
WOLFSSL_LEAVE("tsip_VerifyRsaPkcsCb", ret);
return ret;
}
-#endif /* !NO_RSA */
+#endif /* !NO_RSA && TSIP_TLS */
-#if defined(HAVE_ECC)
+#if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
/* Perform signing with the client's ECC private key on hash value of messages
* exchanged with server.
*
@@ -3761,7 +3942,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
ssl = tuc->ssl;
if (ssl->version.major == SSLv3_MAJOR &&
- ssl->version.minor == TLSv1_3_MINOR) {
+ ssl->version.minor == TLSv1_3_MINOR) {
ret = CRYPTOCB_UNAVAILABLE;
}
}
@@ -3861,7 +4042,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
WOLFSSL_LEAVE("tsip_SignEcdsa", ret);
return ret;
}
-#endif /* HAVE_ECC */
+#endif /* HAVE_ECC && TSIP_TLS */
#ifdef WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c
index 66bbf9c0..27ee88f6 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c
@@ -58,6 +58,14 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
byte* key = (byte*)aes->key;
#endif
+ if (aes->alFd <= 0) {
+ aes->alFd = wc_Afalg_Socket();
+ if (aes->alFd < 0) {
+ WOLFSSL_MSG("Unable to open an AF_ALG socket");
+ return WC_AFALG_SOCK_E;
+ }
+ }
+
aes->rdFd = wc_Afalg_CreateRead(aes->alFd, type, name);
if (aes->rdFd < 0) {
WOLFSSL_MSG("Unable to accept and get AF_ALG read socket");
@@ -71,7 +79,11 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
aes->rdFd = WC_SOCK_NOTSET;
return WC_AFALG_SOCK_E;
}
+#ifdef WOLFSSL_AFALG_XILINX_AES
+ ForceZero(key, sizeof(aes->msgBuf));
+#else
ForceZero(key, sizeof(aes->key));
+#endif
/* set up CMSG headers */
XMEMSET((byte*)&(aes->msg), 0, sizeof(struct msghdr));
@@ -669,7 +681,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
XMEMCPY(initalCounter, iv, ivSz);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
- GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+ GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret < 0) {
return ret;
@@ -822,7 +834,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
XMEMCPY(initalCounter, iv, ivSz);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
tag = buf;
- GHASH(aes, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret < 0)
return ret;
@@ -874,7 +886,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
/* check on tag */
if (authIn != NULL && authInSz > 0) {
- GHASH(aes, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret < 0)
return ret;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c
new file mode 100644
index 00000000..202ae8b3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c
@@ -0,0 +1,298 @@
+/* aria-crypt.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher, an encryption algorithm
+developed by the Korean Agency for Technology (KATS). It uses a 128-bit block
+size and a key size of 128, 192, or 256 bits.
+
+*/
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ARIA
+
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+#include <wolfssl/error-ssl.h>
+#include <wolfssl/ssl.h>
+
+/* return 0 on success or WC_INIT_E on failure */
+int wc_AriaInitCrypt(wc_Aria* aria, MC_ALGID algo)
+{
+ MC_RV rv = MC_OK;
+
+ MC_APIMODE gApimode = MC_MODE_KCMV;
+ MC_ALGMODE algMode = MC_ALGMODE_GCM;
+ MC_PADTYPE algPad = MC_PADTYPE_NONE;
+
+ if (aria == NULL)
+ return BAD_FUNC_ARG;
+
+ if (rv == MC_OK)
+ rv = MC_Initialize(NULL);
+
+ if (rv == MC_OK)
+ rv = wc_AriaFreeCrypt(aria);
+
+ if (rv == MC_OK)
+ rv = MC_OpenSession(&(aria->hSession));
+
+ if (rv == MC_OK)
+ rv = MC_SetApiMode(aria->hSession, gApimode);
+
+ if (rv == MC_OK)
+ rv = MC_SetOption(aria->hSession, algMode, algPad);
+
+ if (rv == MC_OK) {
+ aria->algo = algo;
+ XMEMSET(aria->nonce,0,sizeof(aria->nonce));
+ aria->nonceSz = 0;
+ }
+
+ if (rv != MC_OK) {
+ if (aria->hSession != NULL) {
+ MC_CloseSession(aria->hSession);
+ aria->hSession = NULL;
+ }
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return WC_INIT_E;
+ }
+ return 0;
+}
+
+/* return 0 on success or BAD_STATE_E on failure */
+int wc_AriaFreeCrypt(wc_Aria* aria)
+{
+ MC_RV rv = MC_OK;
+
+ if (aria == NULL)
+ return 0;
+
+ if (aria->hKey != NULL) {
+ if (rv == MC_OK) rv = MC_DestroyObject(aria->hSession, aria->hKey);
+ if (rv == MC_OK) aria->hKey = NULL;
+ }
+ if (aria->hSession != NULL) {
+ if (rv == MC_OK) rv = MC_CloseSession(aria->hSession);
+ if (rv == MC_OK) aria->hSession = NULL;
+ }
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_STATE_E;
+ }
+ return 0;
+}
+
+/* return 0 on success or BAD_FUNC_ARG/PUBLIC_KEY_E on failure */
+int wc_AriaSetKey(wc_Aria* aria, byte* key)
+{
+ MC_RV rv = MC_OK;
+ MC_UINT keylen;
+ if (aria->algo == MC_ALGID_ARIA_128BITKEY) {
+ keylen = ARIA_128_KEY_SIZE;
+ } else if (aria->algo == MC_ALGID_ARIA_192BITKEY) {
+ keylen = ARIA_192_KEY_SIZE;
+ } else if (aria->algo == MC_ALGID_ARIA_256BITKEY) {
+ keylen = ARIA_256_KEY_SIZE;
+ } else {
+ WOLFSSL_MSG_EX("Unsupported algorithm: %d", aria->algo);
+ return PUBLIC_KEY_E;
+ }
+
+ if (aria->hKey != NULL) {
+ if (rv == MC_OK)
+ rv = MC_DestroyObject(aria->hSession, aria->hKey);
+ if (rv == MC_OK)
+ aria->hKey = NULL;
+ }
+ if (rv == MC_OK)
+ rv = MC_CreateObject(aria->hSession, (MC_UCHAR*)key, keylen, &(aria->hKey));
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_FUNC_ARG;
+ }
+ return 0;
+}
+
+static WARN_UNUSED_RESULT WC_INLINE int CheckAriaGcmIvSize(int ivSz) {
+ return (ivSz == GCM_NONCE_MIN_SZ ||
+ ivSz == GCM_NONCE_MID_SZ ||
+ ivSz == GCM_NONCE_MAX_SZ);
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaGcmSetExtIV(wc_Aria* aria, const byte* iv, word32 ivSz)
+{
+ int ret = 0;
+
+ if (aria == NULL || iv == NULL || !CheckAriaGcmIvSize((int)ivSz)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ if (ret == 0) {
+ XMEMCPY((byte*)aria->nonce, iv, ivSz);
+ aria->nonceSz = ivSz;
+ }
+
+ return ret;
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaGcmSetIV(wc_Aria* aria, word32 ivSz,
+ const byte* ivFixed, word32 ivFixedSz,
+ WC_RNG* rng)
+{
+ int ret = 0;
+
+ if (aria == NULL || rng == NULL || !CheckAriaGcmIvSize((int)ivSz) ||
+ (ivFixed == NULL && ivFixedSz != 0) ||
+ (ivFixed != NULL && ivFixedSz != AES_IV_FIXED_SZ)) {
+ ret = BAD_FUNC_ARG;
+ }
+
+ if (ret == 0) {
+ byte* iv = (byte*)aria->nonce;
+
+ if (ivFixedSz)
+ XMEMCPY(iv, ivFixed, ivFixedSz);
+
+ ret = wc_RNG_GenerateBlock(rng, iv + ivFixedSz, ivSz - ivFixedSz);
+ }
+
+ if (ret == 0) {
+ aria->nonceSz = ivSz;
+ }
+
+ return ret;
+}
+
+/* 'out' buffer is expected to be 'inSz + authTagSz'
+ * return 0 on success or BAD_FUNC_ARG/ENCRYPT_ERROR on failure */
+int wc_AriaEncrypt(wc_Aria* aria, byte* out, byte* in, word32 inSz,
+ byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+ byte* authTag, word32 authTagSz)
+{
+ MC_RV rv = MC_OK;
+
+ MC_ALGPARAM param;
+ MC_UINT outSz = inSz + authTagSz;
+ MC_ALGORITHM mcAlg;
+ XMEMSET(&param,0,sizeof(MC_ALGPARAM));
+ param.pNonce = iv;
+ param.pAData = aad;
+ param.nNonce = ivSz;
+ param.nAData = aadSz;
+ param.nTLen = authTagSz;
+ param.nDataLen = inSz;
+ XMEMSET(&mcAlg,0,sizeof(MC_ALGORITHM));
+ mcAlg.mcAlgId = aria->algo;
+ mcAlg.pParam = (MC_UCHAR*)&param;
+ mcAlg.nParam = sizeof(param);
+
+ if (authTag == NULL || iv == NULL || authTagSz > ARIA_BLOCK_SIZE ||
+ authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ ||
+ ivSz == 0 || ivSz > ARIA_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+ if (out == NULL || in == NULL || inSz == 0) {
+ return BAD_FUNC_ARG;
+ }
+ if (out <= in + inSz && in <= out + inSz) { /* check for overlapping range */
+ return BAD_FUNC_ARG;
+ }
+
+ if (rv == MC_OK)
+ rv = MC_EncryptInit(aria->hSession, &mcAlg, aria->hKey);
+
+ if (rv == MC_OK)
+ rv = MC_Encrypt(aria->hSession, in, inSz, out, &outSz);
+
+ if (rv == MC_OK)
+ XMEMCPY(authTag, out + inSz, authTagSz);
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return ENCRYPT_ERROR;
+ }
+ return 0;
+}
+
+/* 'in' buffer is expected to be 'inSz + authTagSz'
+ * return 0 on success or BAD_FUNC_ARG/ENCRYPT_ERROR on failure */
+int wc_AriaDecrypt(wc_Aria* aria, byte* out, byte* in, word32 inSz,
+ byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+ byte* authTag, word32 authTagSz)
+{
+ MC_RV rv = MC_OK;
+
+ MC_ALGPARAM param;
+ MC_UINT outSz = inSz;
+ MC_ALGORITHM mcAlg;
+ XMEMSET(&param,0,sizeof(MC_ALGPARAM));
+ param.pNonce = iv;
+ param.pAData = aad;
+ param.nNonce = ivSz;
+ param.nAData = aadSz;
+ param.nTLen = authTagSz;
+ param.nDataLen = inSz;
+ XMEMSET(&mcAlg,0,sizeof(MC_ALGORITHM));
+ mcAlg.mcAlgId = aria->algo;
+ mcAlg.pParam = (MC_UCHAR*)&param;
+ mcAlg.nParam = sizeof(param);
+
+ if (authTag == NULL || iv == NULL || authTagSz > ARIA_BLOCK_SIZE ||
+ authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ ||
+ ivSz == 0 || ivSz > ARIA_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+ if (out == NULL || in == NULL || inSz == 0) {
+ return BAD_FUNC_ARG;
+ }
+ if (out <= in + inSz && in <= out + inSz) { /* check for overlapping range */
+ return BAD_FUNC_ARG;
+ }
+
+ if (rv == MC_OK)
+ rv = MC_DecryptInit(aria->hSession, &mcAlg, aria->hKey);
+
+ if (rv == MC_OK) {
+ XMEMCPY((byte*)in + inSz, authTag, authTagSz);
+ inSz += authTagSz;
+ }
+ if (rv == MC_OK)
+ rv = MC_Decrypt(aria->hSession, in, inSz, out, &outSz);
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return DECRYPT_ERROR;
+ }
+ return 0;
+}
+#endif /* HAVE_ARIA */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c
new file mode 100644
index 00000000..e52509a5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c
@@ -0,0 +1,599 @@
+/* aria-cryptocb.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher, an encryption algorithm
+developed by the Korean Agency for Technology (KATS). It uses a 128-bit block
+size and a key size of 128, 192, or 256 bits.
+
+*/
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ARIA
+
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+
+int wc_AriaInit(void)
+{
+ MC_RV rv = MC_OK;
+ static char isInit = 0;
+
+ if (isInit == 0) {
+ if (rv == MC_OK)
+ rv = MC_Initialize(NULL);
+ if (rv == MC_OK)
+ isInit = 1;
+
+ #ifdef WOLF_CRYPTO_CB
+ if (rv == MC_OK) {
+ rv = wc_CryptoDev_RegisterDevice(WOLFSSL_ARIA_DEVID, wc_AriaCryptoCb, NULL);
+ }
+ #endif
+ }
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return WC_INIT_E;
+ }
+ return 0;
+}
+
+/* return 0 on success or WC_INIT_E on failure */
+int wc_AriaInitSha(MC_HSESSION* hSession, MC_ALGID algo)
+{
+ MC_RV rv = MC_OK;
+
+ MC_APIMODE gApimode = MC_MODE_KCMV;
+ MC_ALGORITHM mcAlg = {algo, NULL, 0};
+
+ WOLFSSL_MSG_EX("AriaInitSha(0x%X)",algo);
+
+ if (hSession == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (rv == MC_OK)
+ rv = wc_AriaInit();
+
+ if (rv == MC_OK)
+ rv = MC_OpenSession(hSession);
+
+ if (rv == MC_OK)
+ rv = MC_SetApiMode(*hSession, gApimode);
+
+ if (rv == MC_OK)
+ rv = MC_DigestInit(*hSession, &mcAlg);
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return WC_INIT_E;
+ }
+ return 0;
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaShaUpdate(MC_HSESSION hSession, byte* data, word32 len)
+{
+ MC_RV rv = MC_OK;
+ WOLFSSL_ENTER("AriaShaUpdate");
+
+ if (data == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (rv == MC_OK)
+ rv = MC_DigestUpdate(hSession, data, len);
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_FUNC_ARG;
+ }
+ return 0;
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaShaFinal(MC_HSESSION hSession, byte* out, word32* len)
+{
+ MC_RV rv = MC_OK;
+ WOLFSSL_ENTER("AriaShaFinal");
+
+ if (out == NULL || len == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ /* Do an extra DigestUpdate noop just in case it is never explicitly called. */
+ if (rv == MC_OK)
+ rv = MC_DigestUpdate(hSession, NULL, 0);
+
+ if (rv == MC_OK)
+ rv = MC_DigestFinal(hSession, out, len);
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_FUNC_ARG;
+ }
+ /* WOLFSSL_MSG_EX("Digest len: %d", *len); */
+ return 0;
+}
+
+/* return 0 on success or BAD_STATE_E on failure */
+int wc_AriaFree(MC_HSESSION* hSession, MC_HOBJECT *obj1)
+{
+ MC_RV rv = MC_OK;
+ WOLFSSL_ENTER("AriaFree");
+
+ if (hSession == NULL && obj1 != NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (obj1 != NULL) {
+ if (rv == MC_OK)
+ rv = MC_DestroyObject(*hSession, *obj1);
+ if (rv == MC_OK)
+ *obj1 = NULL;
+ }
+
+ if (hSession != NULL) {
+ if (rv == MC_OK)
+ rv = MC_CloseSession(*hSession);
+ if (rv == MC_OK)
+ *hSession = NULL;
+ }
+
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_STATE_E;
+ }
+ return 0;
+}
+
+int wc_AriaSign(byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key)
+{
+ MC_HOBJECT hPrikey = 0;
+ MC_HSESSION hSession = 0;
+
+ const ecc_set_type* dp;
+ MC_RV rv = MC_OK;
+
+ MC_APIMODE gApimode = MC_MODE_KCMV;
+ MC_ALGORITHM mcAlg = {MC_ALGID_NONE, NULL, 0};
+ byte keyAsn1[ARIA_KEYASN1_MAXSZ];
+ word32 keyAsn1Sz=(word32)sizeof(keyAsn1);
+
+ WOLFSSL_ENTER("AriaSign");
+
+ if (in == NULL || out == NULL || outSz == NULL || key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (rv == MC_OK)
+ rv = wc_AriaInit();
+
+ if (rv == MC_OK)
+ rv = MC_OpenSession(&hSession);
+
+ if (rv == MC_OK)
+ rv = MC_SetApiMode(hSession, gApimode);
+
+ if (rv == MC_OK) {
+ int ret = wc_BuildEccKeyDer(key,keyAsn1,&keyAsn1Sz,0,0);
+ if (ret < 0) { rv = ret; }
+ else { keyAsn1Sz = ret; }
+ }
+
+ WOLFSSL_MSG_EX("AriaSign key(%d):",keyAsn1Sz);
+ WOLFSSL_BUFFER(keyAsn1,keyAsn1Sz);
+
+ WOLFSSL_MSG_EX("AriaSign rv=%d",rv);
+
+ if (key->dp != NULL) {
+ dp = key->dp;
+ }
+ else {
+ dp = wc_ecc_get_curve_params(key->idx);
+ }
+
+ if (dp->id == ECC_SECP256R1) {
+ mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P256_r1;
+ } else if (dp->id == ECC_SECP224R1) {
+ mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P224_12;
+ } else {
+ rv = MC_ERR_UNSUPPORTED_ALGORITHM;
+ }
+
+ if (rv == MC_OK)
+ rv = MC_CreateObject(hSession, keyAsn1, keyAsn1Sz, &hPrikey);
+ WOLFSSL_MSG_EX("AriaSign CreateObject rv=%d",rv);
+
+ if (rv == MC_OK)
+ rv = MC_SignInit(hSession, &mcAlg, hPrikey);
+ WOLFSSL_MSG_EX("AriaSign SignInit rv=%d",rv);
+
+ if (rv == MC_OK)
+ rv = MC_Sign(hSession, in, inSz, out, outSz);
+ WOLFSSL_MSG_EX("AriaSign Sign rv=%d",rv);
+
+ wc_AriaFree(&hSession, &hPrikey);
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_STATE_E;
+ }
+ return 0;
+}
+
+int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz,
+ int* res, ecc_key* key)
+{
+ MC_HOBJECT hPubkey = 0;
+ MC_HSESSION hSession = 0;
+
+ const ecc_set_type* dp;
+ MC_RV rv = MC_OK;
+
+ MC_APIMODE gApimode = MC_MODE_KCMV;
+ MC_ALGORITHM mcAlg = {MC_ALGID_NONE, NULL, 0};
+ byte keyarr[ARIA_KEYASN1_MAXSZ];
+ word32 keySz=sizeof(keyarr);
+
+ WOLFSSL_ENTER("AriaVerify");
+
+ if (sig == NULL || hash == NULL || res == NULL || key == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ *res = 0; /* Default to invalid signature */
+
+ if (rv == MC_OK)
+ rv = wc_AriaInit();
+
+ if (rv == MC_OK)
+ rv = MC_OpenSession(&hSession);
+
+ if (rv == MC_OK)
+ rv = MC_SetApiMode(hSession, gApimode);
+
+ if (rv == MC_OK) {
+ int ret = wc_EccPublicKeyToDer(key,keyarr,keySz,0);
+ if (ret < 0) { rv = ret; }
+ else { keySz = ret; }
+ }
+
+ WOLFSSL_MSG_EX("AriaVerify key(%d):",keySz);
+ WOLFSSL_BUFFER(keyarr,keySz);
+
+ WOLFSSL_MSG_EX("AriaVerify rv=%d",rv);
+
+ if (key->dp != NULL) {
+ dp = key->dp;
+ }
+ else {
+ dp = wc_ecc_get_curve_params(key->idx);
+ }
+
+ if (dp->id == ECC_SECP256R1) {
+ mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P256_r1;
+ } else if (dp->id == ECC_SECP224R1) {
+ mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P224_12;
+ } else {
+ rv = MC_ERR_UNSUPPORTED_ALGORITHM;
+ }
+
+ if (rv == MC_OK)
+ rv = MC_CreateObject(hSession, keyarr, keySz, &hPubkey);
+ WOLFSSL_MSG_EX("AriaVerify CreateObject rv=%d",rv);
+
+ if (rv == MC_OK)
+ rv = MC_VerifyInit(hSession, &mcAlg, hPubkey);
+ WOLFSSL_MSG_EX("AriaVerify VerifyInit rv=%d",rv);
+
+ if (rv == MC_OK)
+ rv = MC_Verify(hSession, hash, hashSz, sig, sigSz);
+ WOLFSSL_MSG_EX("AriaVerify Verify rv=%d",rv);
+
+ wc_AriaFree(&hSession, &hPubkey);
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_STATE_E;
+ }
+ *res = 1; /* Valid signature */
+ return 0;
+}
+
+int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key,
+ byte* out, word32* outSz)
+{
+ MC_HOBJECT hPrikey = 0;
+ MC_HSESSION hSession = 0;
+
+ const ecc_set_type* dp;
+ MC_RV rv = MC_OK;
+
+ MC_APIMODE gApimode = MC_MODE_KCMV;
+ MC_ALGORITHM mcAlg = {MC_ALGID_NONE, NULL, 0};
+ byte pubAsn1[ARIA_KEYASN1_MAXSZ];
+ word32 pubAsn1Sz=sizeof(pubAsn1);
+ byte privAsn1[ARIA_KEYASN1_MAXSZ];
+ word32 privAsn1Sz=sizeof(privAsn1);
+
+ WOLFSSL_ENTER("AriaDerive");
+
+ if (private_key == NULL || public_key == NULL ||
+ out == NULL || outSz == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (rv == MC_OK)
+ rv = wc_AriaInit();
+
+ if (rv == MC_OK)
+ rv = MC_OpenSession(&hSession);
+
+ if (rv == MC_OK)
+ rv = MC_SetApiMode(hSession, gApimode);
+
+ if (rv == MC_OK) {
+ int ret = wc_EccPublicKeyToDer(public_key,pubAsn1,pubAsn1Sz,0);
+ if (ret < 0) {
+ rv = ret;
+ } else {
+ pubAsn1Sz = ret;
+ }
+ WOLFSSL_MSG_EX("AriaDerive PublicKeyToDer ret=%d",ret);
+ }
+ WOLFSSL_MSG_EX("AriaVerify pubAsn1(%d):",pubAsn1Sz);
+ WOLFSSL_BUFFER(pubAsn1,pubAsn1Sz);
+ mcAlg.pParam=pubAsn1;
+ mcAlg.nParam=pubAsn1Sz;
+
+ if (rv == MC_OK) {
+ int ret = wc_BuildEccKeyDer(private_key,privAsn1,&privAsn1Sz,0,0);
+ if (ret < 0) {
+ rv = ret;
+ } else {
+ privAsn1Sz = ret;
+ }
+ WOLFSSL_MSG_EX("AriaDerive PrivateKeyToDer ret=%d",ret);
+ }
+ WOLFSSL_MSG_EX("AriaVerify privAsn1(%d):",privAsn1Sz);
+ WOLFSSL_BUFFER(privAsn1,privAsn1Sz);
+
+ if (private_key->dp != NULL) {
+ dp = private_key->dp;
+ }
+ else {
+ dp = wc_ecc_get_curve_params(private_key->idx);
+ }
+
+ if (dp->id == ECC_SECP256R1) {
+ mcAlg.mcAlgId = MC_ALGID_ECDH_P256_r1;
+ } else if (dp->id == ECC_SECP224R1) {
+ mcAlg.mcAlgId = MC_ALGID_ECDH_P224_12;
+ } else {
+ rv = MC_ERR_UNSUPPORTED_ALGORITHM;
+ }
+
+ if (rv == MC_OK)
+ rv = MC_CreateObject(hSession, privAsn1, privAsn1Sz, &hPrikey);
+ WOLFSSL_MSG_EX("AriaDerive CreateObject rv=%d",rv);
+
+ if (rv == MC_OK)
+ rv = MC_DeriveKey(hSession, &mcAlg, hPrikey, out, outSz);
+ WOLFSSL_MSG_EX("AriaDerive DeriveKey rv=%d",rv);
+
+ wc_AriaFree(&hSession, &hPrikey);
+ if (rv != MC_OK) {
+ WOLFSSL_MSG(MC_GetErrorString(rv));
+ return BAD_STATE_E;
+ }
+ return 0;
+}
+
+#ifdef WOLF_CRYPTO_CB
+ static void printOutput(const char* strName, unsigned char* data,
+ unsigned int dataSz)
+ {
+ #ifdef DEBUG_WOLFSSL
+ WOLFSSL_MSG_EX("%s (%d):", strName,dataSz);
+ WOLFSSL_BUFFER(data,dataSz);
+ #else
+ #if 0
+ unsigned int i;
+ int line = 1;
+
+ printf("%s:\n",strName);
+ printf(" ");
+ for(i=1; i<=dataSz; i++)
+ {
+ printf(",0x%02X", data[i-1]);
+ if(!(i%16) && i!= dataSz) printf("\n ");
+ else if(!(i%4)) printf(" ");
+ }
+ printf("\n");
+ #else
+ (void)strName;
+ (void)data;
+ (void)dataSz;
+ #endif
+ #endif
+ }
+
+ int wc_AriaCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
+ {
+ int ret = CRYPTOCB_UNAVAILABLE; /* return this to bypass HW and use SW */
+ (void)ctx;
+
+ if (info == NULL)
+ return BAD_FUNC_ARG;
+
+ #ifdef DEBUG_CRYPTOCB
+ wc_CryptoCb_InfoString(info);
+ #endif
+
+ if (info->algo_type == WC_ALGO_TYPE_PK) {
+ if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
+ /* set devId to invalid, so software is used */
+ info->pk.eccsign.key->devId = INVALID_DEVID;
+
+ printOutput((char *)"eccsign.in (before)",
+ (byte *)info->pk.eccsign.in,info->pk.eccsign.inlen);
+ printOutput((char *)"eccsign.out(before)",
+ (byte *)info->pk.eccsign.out,*(info->pk.eccsign.outlen));
+ printOutput((char *)"eccsign.key(before)",
+ (byte *)info->pk.eccsign.key,sizeof(info->pk.eccsign.key));
+
+ byte buf[ARIA_KEYASN1_MAXSZ];
+ word32 bufSz = sizeof(buf);
+ ret = wc_AriaSign((byte *)info->pk.eccsign.in,info->pk.eccsign.inlen,
+ buf,&bufSz,
+ info->pk.eccsign.key);
+ if (ret != 0) {
+ ret = CRYPTOCB_UNAVAILABLE;
+ } else {
+ memcpy(info->pk.eccsign.out, buf, bufSz);
+ *(info->pk.eccsign.outlen) = bufSz;
+ }
+
+ printOutput((char *)"eccsign.in (after)",
+ (byte *)info->pk.eccsign.in,info->pk.eccsign.inlen);
+ printOutput((char *)"eccsign.out(after)",
+ (byte *)info->pk.eccsign.out,*(info->pk.eccsign.outlen));
+ printOutput((char *)"eccsign.key(after)",
+ (byte *)info->pk.eccsign.key,sizeof(info->pk.eccsign.key));
+
+ /* reset devId */
+ info->pk.eccsign.key->devId = devIdArg;
+ }
+ else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
+ /* set devId to invalid, so software is used */
+ info->pk.eccverify.key->devId = INVALID_DEVID;
+
+ printOutput((char *)"eccverify.sig (before)",
+ (byte *)info->pk.eccverify.sig,info->pk.eccverify.siglen);
+ printOutput((char *)"eccverify.hash(before)",
+ (byte *)info->pk.eccverify.hash,info->pk.eccverify.hashlen);
+ printOutput((char *)"eccverify.key (before)",
+ (byte *)info->pk.eccverify.key,sizeof(info->pk.eccverify.key));
+
+ ret = wc_AriaVerify((byte *)info->pk.eccverify.sig,info->pk.eccverify.siglen,
+ (byte *)info->pk.eccverify.hash, info->pk.eccverify.hashlen,
+ info->pk.eccverify.res, info->pk.eccverify.key);
+
+ printOutput((char *)"eccverify.sig (after)",
+ (byte *)info->pk.eccverify.sig,info->pk.eccverify.siglen);
+ printOutput((char *)"eccverify.hash(after)",
+ (byte *)info->pk.eccverify.hash,info->pk.eccverify.hashlen);
+ printOutput((char *)"eccverify.key (after)",
+ (byte *)info->pk.eccverify.key,sizeof(info->pk.eccverify.key));
+
+ if (ret != 0)
+ ret = CRYPTOCB_UNAVAILABLE;
+ /* reset devId */
+ info->pk.eccverify.key->devId = devIdArg;
+ }
+ else if (info->pk.type == WC_PK_TYPE_ECDH) {
+ /* set devId to invalid, so software is used */
+ info->pk.ecdh.private_key->devId = INVALID_DEVID;
+
+ ret = wc_AriaDerive(
+ info->pk.ecdh.private_key, info->pk.ecdh.public_key,
+ info->pk.ecdh.out, info->pk.ecdh.outlen);
+
+ if (ret != 0)
+ ret = CRYPTOCB_UNAVAILABLE;
+ /* reset devId */
+ info->pk.ecdh.private_key->devId = devIdArg;
+ }
+ }
+ else if (info->algo_type == WC_ALGO_TYPE_HASH) {
+ if (info->hash.type == WC_HASH_TYPE_SHA256) {
+ if (info->hash.sha256 == NULL)
+ return CRYPTOCB_UNAVAILABLE;
+
+ /* set devId to invalid, so software is used */
+ info->hash.sha256->devId = INVALID_DEVID;
+
+ if (info->hash.sha256->hSession == NULL) {
+ ret = wc_AriaInitSha(&(info->hash.sha256->hSession), MC_ALGID_SHA256);
+ }
+
+ if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+ && (info->hash.in != NULL)) {
+ ret = wc_AriaShaUpdate(info->hash.sha256->hSession,
+ (byte *) info->hash.in, info->hash.inSz);
+ }
+ if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+ && (info->hash.digest != NULL)) {
+ MC_UINT digestSz = 32;
+ ret = wc_AriaShaFinal(info->hash.sha256->hSession,
+ info->hash.digest, &digestSz);
+ if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+ ret = wc_AriaFree(&(info->hash.sha256->hSession),NULL);
+ }
+ if (ret != 0)
+ ret = CRYPTOCB_UNAVAILABLE;
+ /* reset devId */
+ info->hash.sha256->devId = devIdArg;
+ }
+ else if (info->hash.type == WC_HASH_TYPE_SHA384) {
+ if (info->hash.sha384 == NULL)
+ return CRYPTOCB_UNAVAILABLE;
+
+ /* set devId to invalid, so software is used */
+ info->hash.sha384->devId = INVALID_DEVID;
+
+ if (info->hash.sha384->hSession == NULL) {
+ ret = wc_AriaInitSha(&(info->hash.sha384->hSession), MC_ALGID_SHA384);
+ }
+
+ if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+ && (info->hash.in != NULL)) {
+ ret = wc_AriaShaUpdate(info->hash.sha384->hSession,
+ (byte *) info->hash.in, info->hash.inSz);
+ }
+ if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+ && (info->hash.digest != NULL)) {
+ MC_UINT digestSz = 48;
+ ret = wc_AriaShaFinal(info->hash.sha384->hSession,
+ info->hash.digest, &digestSz);
+ if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+ ret = wc_AriaFree(&(info->hash.sha384->hSession),NULL);
+ }
+ if (ret != 0) ret = CRYPTOCB_UNAVAILABLE;
+ /* reset devId */
+ info->hash.sha384->devId = devIdArg;
+ }
+ }
+
+ return ret;
+ }
+#endif /* WOLF_CRYPTO_CB */
+
+#endif /* HAVE_ARIA */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
index b6d71723..12578411 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
@@ -30,12 +30,278 @@
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
+#ifndef NO_AES
+#ifdef HAVE_AES_DECRYPT
.text
- .type L_AES_ARM32_te, %object
- .size L_AES_ARM32_te, 1024
+ .type L_AES_ARM32_td_data, %object
+ .size L_AES_ARM32_td_data, 1024
.align 4
-L_AES_ARM32_te:
+L_AES_ARM32_td_data:
+ .word 0x5051f4a7
+ .word 0x537e4165
+ .word 0xc31a17a4
+ .word 0x963a275e
+ .word 0xcb3bab6b
+ .word 0xf11f9d45
+ .word 0xabacfa58
+ .word 0x934be303
+ .word 0x552030fa
+ .word 0xf6ad766d
+ .word 0x9188cc76
+ .word 0x25f5024c
+ .word 0xfc4fe5d7
+ .word 0xd7c52acb
+ .word 0x80263544
+ .word 0x8fb562a3
+ .word 0x49deb15a
+ .word 0x6725ba1b
+ .word 0x9845ea0e
+ .word 0xe15dfec0
+ .word 0x2c32f75
+ .word 0x12814cf0
+ .word 0xa38d4697
+ .word 0xc66bd3f9
+ .word 0xe7038f5f
+ .word 0x9515929c
+ .word 0xebbf6d7a
+ .word 0xda955259
+ .word 0x2dd4be83
+ .word 0xd3587421
+ .word 0x2949e069
+ .word 0x448ec9c8
+ .word 0x6a75c289
+ .word 0x78f48e79
+ .word 0x6b99583e
+ .word 0xdd27b971
+ .word 0xb6bee14f
+ .word 0x17f088ad
+ .word 0x66c920ac
+ .word 0xb47dce3a
+ .word 0x1863df4a
+ .word 0x82e51a31
+ .word 0x60975133
+ .word 0x4562537f
+ .word 0xe0b16477
+ .word 0x84bb6bae
+ .word 0x1cfe81a0
+ .word 0x94f9082b
+ .word 0x58704868
+ .word 0x198f45fd
+ .word 0x8794de6c
+ .word 0xb7527bf8
+ .word 0x23ab73d3
+ .word 0xe2724b02
+ .word 0x57e31f8f
+ .word 0x2a6655ab
+ .word 0x7b2eb28
+ .word 0x32fb5c2
+ .word 0x9a86c57b
+ .word 0xa5d33708
+ .word 0xf2302887
+ .word 0xb223bfa5
+ .word 0xba02036a
+ .word 0x5ced1682
+ .word 0x2b8acf1c
+ .word 0x92a779b4
+ .word 0xf0f307f2
+ .word 0xa14e69e2
+ .word 0xcd65daf4
+ .word 0xd50605be
+ .word 0x1fd13462
+ .word 0x8ac4a6fe
+ .word 0x9d342e53
+ .word 0xa0a2f355
+ .word 0x32058ae1
+ .word 0x75a4f6eb
+ .word 0x390b83ec
+ .word 0xaa4060ef
+ .word 0x65e719f
+ .word 0x51bd6e10
+ .word 0xf93e218a
+ .word 0x3d96dd06
+ .word 0xaedd3e05
+ .word 0x464de6bd
+ .word 0xb591548d
+ .word 0x571c45d
+ .word 0x6f0406d4
+ .word 0xff605015
+ .word 0x241998fb
+ .word 0x97d6bde9
+ .word 0xcc894043
+ .word 0x7767d99e
+ .word 0xbdb0e842
+ .word 0x8807898b
+ .word 0x38e7195b
+ .word 0xdb79c8ee
+ .word 0x47a17c0a
+ .word 0xe97c420f
+ .word 0xc9f8841e
+ .word 0x0
+ .word 0x83098086
+ .word 0x48322bed
+ .word 0xac1e1170
+ .word 0x4e6c5a72
+ .word 0xfbfd0eff
+ .word 0x560f8538
+ .word 0x1e3daed5
+ .word 0x27362d39
+ .word 0x640a0fd9
+ .word 0x21685ca6
+ .word 0xd19b5b54
+ .word 0x3a24362e
+ .word 0xb10c0a67
+ .word 0xf9357e7
+ .word 0xd2b4ee96
+ .word 0x9e1b9b91
+ .word 0x4f80c0c5
+ .word 0xa261dc20
+ .word 0x695a774b
+ .word 0x161c121a
+ .word 0xae293ba
+ .word 0xe5c0a02a
+ .word 0x433c22e0
+ .word 0x1d121b17
+ .word 0xb0e090d
+ .word 0xadf28bc7
+ .word 0xb92db6a8
+ .word 0xc8141ea9
+ .word 0x8557f119
+ .word 0x4caf7507
+ .word 0xbbee99dd
+ .word 0xfda37f60
+ .word 0x9ff70126
+ .word 0xbc5c72f5
+ .word 0xc544663b
+ .word 0x345bfb7e
+ .word 0x768b4329
+ .word 0xdccb23c6
+ .word 0x68b6edfc
+ .word 0x63b8e4f1
+ .word 0xcad731dc
+ .word 0x10426385
+ .word 0x40139722
+ .word 0x2084c611
+ .word 0x7d854a24
+ .word 0xf8d2bb3d
+ .word 0x11aef932
+ .word 0x6dc729a1
+ .word 0x4b1d9e2f
+ .word 0xf3dcb230
+ .word 0xec0d8652
+ .word 0xd077c1e3
+ .word 0x6c2bb316
+ .word 0x99a970b9
+ .word 0xfa119448
+ .word 0x2247e964
+ .word 0xc4a8fc8c
+ .word 0x1aa0f03f
+ .word 0xd8567d2c
+ .word 0xef223390
+ .word 0xc787494e
+ .word 0xc1d938d1
+ .word 0xfe8ccaa2
+ .word 0x3698d40b
+ .word 0xcfa6f581
+ .word 0x28a57ade
+ .word 0x26dab78e
+ .word 0xa43fadbf
+ .word 0xe42c3a9d
+ .word 0xd507892
+ .word 0x9b6a5fcc
+ .word 0x62547e46
+ .word 0xc2f68d13
+ .word 0xe890d8b8
+ .word 0x5e2e39f7
+ .word 0xf582c3af
+ .word 0xbe9f5d80
+ .word 0x7c69d093
+ .word 0xa96fd52d
+ .word 0xb3cf2512
+ .word 0x3bc8ac99
+ .word 0xa710187d
+ .word 0x6ee89c63
+ .word 0x7bdb3bbb
+ .word 0x9cd2678
+ .word 0xf46e5918
+ .word 0x1ec9ab7
+ .word 0xa8834f9a
+ .word 0x65e6956e
+ .word 0x7eaaffe6
+ .word 0x821bccf
+ .word 0xe6ef15e8
+ .word 0xd9bae79b
+ .word 0xce4a6f36
+ .word 0xd4ea9f09
+ .word 0xd629b07c
+ .word 0xaf31a4b2
+ .word 0x312a3f23
+ .word 0x30c6a594
+ .word 0xc035a266
+ .word 0x37744ebc
+ .word 0xa6fc82ca
+ .word 0xb0e090d0
+ .word 0x1533a7d8
+ .word 0x4af10498
+ .word 0xf741ecda
+ .word 0xe7fcd50
+ .word 0x2f1791f6
+ .word 0x8d764dd6
+ .word 0x4d43efb0
+ .word 0x54ccaa4d
+ .word 0xdfe49604
+ .word 0xe39ed1b5
+ .word 0x1b4c6a88
+ .word 0xb8c12c1f
+ .word 0x7f466551
+ .word 0x49d5eea
+ .word 0x5d018c35
+ .word 0x73fa8774
+ .word 0x2efb0b41
+ .word 0x5ab3671d
+ .word 0x5292dbd2
+ .word 0x33e91056
+ .word 0x136dd647
+ .word 0x8c9ad761
+ .word 0x7a37a10c
+ .word 0x8e59f814
+ .word 0x89eb133c
+ .word 0xeecea927
+ .word 0x35b761c9
+ .word 0xede11ce5
+ .word 0x3c7a47b1
+ .word 0x599cd2df
+ .word 0x3f55f273
+ .word 0x791814ce
+ .word 0xbf73c737
+ .word 0xea53f7cd
+ .word 0x5b5ffdaa
+ .word 0x14df3d6f
+ .word 0x867844db
+ .word 0x81caaff3
+ .word 0x3eb968c4
+ .word 0x2c382434
+ .word 0x5fc2a340
+ .word 0x72161dc3
+ .word 0xcbce225
+ .word 0x8b283c49
+ .word 0x41ff0d95
+ .word 0x7139a801
+ .word 0xde080cb3
+ .word 0x9cd8b4e4
+ .word 0x906456c1
+ .word 0x617bcb84
+ .word 0x70d532b6
+ .word 0x74486c5c
+ .word 0x42d0b857
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .type L_AES_ARM32_te_data, %object
+ .size L_AES_ARM32_te_data, 1024
+ .align 4
+L_AES_ARM32_te_data:
.word 0xa5c66363
.word 0x84f87c7c
.word 0x99ee7777
@@ -292,273 +558,231 @@ L_AES_ARM32_te:
.word 0xfca85454
.word 0xd66dbbbb
.word 0x3a2c1616
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
.text
.type L_AES_ARM32_td, %object
- .size L_AES_ARM32_td, 1024
+ .size L_AES_ARM32_td, 12
.align 4
L_AES_ARM32_td:
- .word 0x5051f4a7
- .word 0x537e4165
- .word 0xc31a17a4
- .word 0x963a275e
- .word 0xcb3bab6b
- .word 0xf11f9d45
- .word 0xabacfa58
- .word 0x934be303
- .word 0x552030fa
- .word 0xf6ad766d
- .word 0x9188cc76
- .word 0x25f5024c
- .word 0xfc4fe5d7
- .word 0xd7c52acb
- .word 0x80263544
- .word 0x8fb562a3
- .word 0x49deb15a
- .word 0x6725ba1b
- .word 0x9845ea0e
- .word 0xe15dfec0
- .word 0x2c32f75
- .word 0x12814cf0
- .word 0xa38d4697
- .word 0xc66bd3f9
- .word 0xe7038f5f
- .word 0x9515929c
- .word 0xebbf6d7a
- .word 0xda955259
- .word 0x2dd4be83
- .word 0xd3587421
- .word 0x2949e069
- .word 0x448ec9c8
- .word 0x6a75c289
- .word 0x78f48e79
- .word 0x6b99583e
- .word 0xdd27b971
- .word 0xb6bee14f
- .word 0x17f088ad
- .word 0x66c920ac
- .word 0xb47dce3a
- .word 0x1863df4a
- .word 0x82e51a31
- .word 0x60975133
- .word 0x4562537f
- .word 0xe0b16477
- .word 0x84bb6bae
- .word 0x1cfe81a0
- .word 0x94f9082b
- .word 0x58704868
- .word 0x198f45fd
- .word 0x8794de6c
- .word 0xb7527bf8
- .word 0x23ab73d3
- .word 0xe2724b02
- .word 0x57e31f8f
- .word 0x2a6655ab
- .word 0x7b2eb28
- .word 0x32fb5c2
- .word 0x9a86c57b
- .word 0xa5d33708
- .word 0xf2302887
- .word 0xb223bfa5
- .word 0xba02036a
- .word 0x5ced1682
- .word 0x2b8acf1c
- .word 0x92a779b4
- .word 0xf0f307f2
- .word 0xa14e69e2
- .word 0xcd65daf4
- .word 0xd50605be
- .word 0x1fd13462
- .word 0x8ac4a6fe
- .word 0x9d342e53
- .word 0xa0a2f355
- .word 0x32058ae1
- .word 0x75a4f6eb
- .word 0x390b83ec
- .word 0xaa4060ef
- .word 0x65e719f
- .word 0x51bd6e10
- .word 0xf93e218a
- .word 0x3d96dd06
- .word 0xaedd3e05
- .word 0x464de6bd
- .word 0xb591548d
- .word 0x571c45d
- .word 0x6f0406d4
- .word 0xff605015
- .word 0x241998fb
- .word 0x97d6bde9
- .word 0xcc894043
- .word 0x7767d99e
- .word 0xbdb0e842
- .word 0x8807898b
- .word 0x38e7195b
- .word 0xdb79c8ee
- .word 0x47a17c0a
- .word 0xe97c420f
- .word 0xc9f8841e
- .word 0x0
- .word 0x83098086
- .word 0x48322bed
- .word 0xac1e1170
- .word 0x4e6c5a72
- .word 0xfbfd0eff
- .word 0x560f8538
- .word 0x1e3daed5
- .word 0x27362d39
- .word 0x640a0fd9
- .word 0x21685ca6
- .word 0xd19b5b54
- .word 0x3a24362e
- .word 0xb10c0a67
- .word 0xf9357e7
- .word 0xd2b4ee96
- .word 0x9e1b9b91
- .word 0x4f80c0c5
- .word 0xa261dc20
- .word 0x695a774b
- .word 0x161c121a
- .word 0xae293ba
- .word 0xe5c0a02a
- .word 0x433c22e0
- .word 0x1d121b17
- .word 0xb0e090d
- .word 0xadf28bc7
- .word 0xb92db6a8
- .word 0xc8141ea9
- .word 0x8557f119
- .word 0x4caf7507
- .word 0xbbee99dd
- .word 0xfda37f60
- .word 0x9ff70126
- .word 0xbc5c72f5
- .word 0xc544663b
- .word 0x345bfb7e
- .word 0x768b4329
- .word 0xdccb23c6
- .word 0x68b6edfc
- .word 0x63b8e4f1
- .word 0xcad731dc
- .word 0x10426385
- .word 0x40139722
- .word 0x2084c611
- .word 0x7d854a24
- .word 0xf8d2bb3d
- .word 0x11aef932
- .word 0x6dc729a1
- .word 0x4b1d9e2f
- .word 0xf3dcb230
- .word 0xec0d8652
- .word 0xd077c1e3
- .word 0x6c2bb316
- .word 0x99a970b9
- .word 0xfa119448
- .word 0x2247e964
- .word 0xc4a8fc8c
- .word 0x1aa0f03f
- .word 0xd8567d2c
- .word 0xef223390
- .word 0xc787494e
- .word 0xc1d938d1
- .word 0xfe8ccaa2
- .word 0x3698d40b
- .word 0xcfa6f581
- .word 0x28a57ade
- .word 0x26dab78e
- .word 0xa43fadbf
- .word 0xe42c3a9d
- .word 0xd507892
- .word 0x9b6a5fcc
- .word 0x62547e46
- .word 0xc2f68d13
- .word 0xe890d8b8
- .word 0x5e2e39f7
- .word 0xf582c3af
- .word 0xbe9f5d80
- .word 0x7c69d093
- .word 0xa96fd52d
- .word 0xb3cf2512
- .word 0x3bc8ac99
- .word 0xa710187d
- .word 0x6ee89c63
- .word 0x7bdb3bbb
- .word 0x9cd2678
- .word 0xf46e5918
- .word 0x1ec9ab7
- .word 0xa8834f9a
- .word 0x65e6956e
- .word 0x7eaaffe6
- .word 0x821bccf
- .word 0xe6ef15e8
- .word 0xd9bae79b
- .word 0xce4a6f36
- .word 0xd4ea9f09
- .word 0xd629b07c
- .word 0xaf31a4b2
- .word 0x312a3f23
- .word 0x30c6a594
- .word 0xc035a266
- .word 0x37744ebc
- .word 0xa6fc82ca
- .word 0xb0e090d0
- .word 0x1533a7d8
- .word 0x4af10498
- .word 0xf741ecda
- .word 0xe7fcd50
- .word 0x2f1791f6
- .word 0x8d764dd6
- .word 0x4d43efb0
- .word 0x54ccaa4d
- .word 0xdfe49604
- .word 0xe39ed1b5
- .word 0x1b4c6a88
- .word 0xb8c12c1f
- .word 0x7f466551
- .word 0x49d5eea
- .word 0x5d018c35
- .word 0x73fa8774
- .word 0x2efb0b41
- .word 0x5ab3671d
- .word 0x5292dbd2
- .word 0x33e91056
- .word 0x136dd647
- .word 0x8c9ad761
- .word 0x7a37a10c
- .word 0x8e59f814
- .word 0x89eb133c
- .word 0xeecea927
- .word 0x35b761c9
- .word 0xede11ce5
- .word 0x3c7a47b1
- .word 0x599cd2df
- .word 0x3f55f273
- .word 0x791814ce
- .word 0xbf73c737
- .word 0xea53f7cd
- .word 0x5b5ffdaa
- .word 0x14df3d6f
- .word 0x867844db
- .word 0x81caaff3
- .word 0x3eb968c4
- .word 0x2c382434
- .word 0x5fc2a340
- .word 0x72161dc3
- .word 0xcbce225
- .word 0x8b283c49
- .word 0x41ff0d95
- .word 0x7139a801
- .word 0xde080cb3
- .word 0x9cd8b4e4
- .word 0x906456c1
- .word 0x617bcb84
- .word 0x70d532b6
- .word 0x74486c5c
- .word 0x42d0b857
-#ifndef NO_AES
+ .word L_AES_ARM32_td_data
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .type L_AES_ARM32_te, %object
+ .size L_AES_ARM32_te, 12
+ .align 4
+L_AES_ARM32_te:
+ .word L_AES_ARM32_te_data
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+ .text
+ .align 4
+ .globl AES_invert_key
+ .type AES_invert_key, %function
+AES_invert_key:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ adr r12, L_AES_ARM32_te
+ ldr r12, [r12]
+ adr lr, L_AES_ARM32_td
+ ldr lr, [lr]
+ add r10, r0, r1, lsl #4
+ mov r11, r1
+L_AES_invert_key_loop:
+ ldm r0, {r2, r3, r4, r5}
+ ldm r10, {r6, r7, r8, r9}
+ stm r10, {r2, r3, r4, r5}
+ stm r0!, {r6, r7, r8, r9}
+ subs r11, r11, #2
+ sub r10, r10, #16
+ bne L_AES_invert_key_loop
+ sub r0, r0, r1, lsl #3
+ add r0, r0, #16
+ sub r11, r1, #1
+L_AES_invert_key_mix_loop:
+ ldm r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r2, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r2
+#endif
+#else
+ ubfx r6, r2, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r2, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r2, ror #8
+#endif
+#else
+ ubfx r7, r2, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r2, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r2, ror #16
+#endif
+#else
+ ubfx r8, r2, #16, #8
+#endif
+ lsr r9, r2, #24
+ ldrb r6, [r12, r6, lsl #2]
+ ldrb r7, [r12, r7, lsl #2]
+ ldrb r8, [r12, r8, lsl #2]
+ ldrb r9, [r12, r9, lsl #2]
+ ldr r6, [lr, r6, lsl #2]
+ ldr r7, [lr, r7, lsl #2]
+ ldr r8, [lr, r8, lsl #2]
+ ldr r9, [lr, r9, lsl #2]
+ eor r8, r8, r6, ror #16
+ eor r8, r8, r7, ror #8
+ eor r8, r8, r9, ror #24
+ str r8, [r0], #4
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r3, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r3
+#endif
+#else
+ ubfx r6, r3, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r3, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r3, ror #8
+#endif
+#else
+ ubfx r7, r3, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r3, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r3, ror #16
+#endif
+#else
+ ubfx r8, r3, #16, #8
+#endif
+ lsr r9, r3, #24
+ ldrb r6, [r12, r6, lsl #2]
+ ldrb r7, [r12, r7, lsl #2]
+ ldrb r8, [r12, r8, lsl #2]
+ ldrb r9, [r12, r9, lsl #2]
+ ldr r6, [lr, r6, lsl #2]
+ ldr r7, [lr, r7, lsl #2]
+ ldr r8, [lr, r8, lsl #2]
+ ldr r9, [lr, r9, lsl #2]
+ eor r8, r8, r6, ror #16
+ eor r8, r8, r7, ror #8
+ eor r8, r8, r9, ror #24
+ str r8, [r0], #4
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r4, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r4
+#endif
+#else
+ ubfx r6, r4, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r4, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r4, ror #8
+#endif
+#else
+ ubfx r7, r4, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r4, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r4, ror #16
+#endif
+#else
+ ubfx r8, r4, #16, #8
+#endif
+ lsr r9, r4, #24
+ ldrb r6, [r12, r6, lsl #2]
+ ldrb r7, [r12, r7, lsl #2]
+ ldrb r8, [r12, r8, lsl #2]
+ ldrb r9, [r12, r9, lsl #2]
+ ldr r6, [lr, r6, lsl #2]
+ ldr r7, [lr, r7, lsl #2]
+ ldr r8, [lr, r8, lsl #2]
+ ldr r9, [lr, r9, lsl #2]
+ eor r8, r8, r6, ror #16
+ eor r8, r8, r7, ror #8
+ eor r8, r8, r9, ror #24
+ str r8, [r0], #4
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r5, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r5
+#endif
+#else
+ ubfx r6, r5, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r5, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r5, ror #8
+#endif
+#else
+ ubfx r7, r5, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r5, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r5, ror #16
+#endif
+#else
+ ubfx r8, r5, #16, #8
+#endif
+ lsr r9, r5, #24
+ ldrb r6, [r12, r6, lsl #2]
+ ldrb r7, [r12, r7, lsl #2]
+ ldrb r8, [r12, r8, lsl #2]
+ ldrb r9, [r12, r9, lsl #2]
+ ldr r6, [lr, r6, lsl #2]
+ ldr r7, [lr, r7, lsl #2]
+ ldr r8, [lr, r8, lsl #2]
+ ldr r9, [lr, r9, lsl #2]
+ eor r8, r8, r6, ror #16
+ eor r8, r8, r7, ror #8
+ eor r8, r8, r9, ror #24
+ str r8, [r0], #4
+ subs r11, r11, #1
+ bne L_AES_invert_key_mix_loop
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size AES_invert_key,.-AES_invert_key
+#endif /* HAVE_AES_DECRYPT */
.text
- .type L_AES_SEK_ARM32_rcon, %object
- .size L_AES_SEK_ARM32_rcon, 40
+ .type L_AES_ARM32_rcon, %object
+ .size L_AES_ARM32_rcon, 40
.align 4
-L_AES_SEK_ARM32_rcon:
+L_AES_ARM32_rcon:
.word 0x1000000
.word 0x2000000
.word 0x4000000
@@ -575,62 +799,132 @@ L_AES_SEK_ARM32_rcon:
.type AES_set_encrypt_key, %function
AES_set_encrypt_key:
push {r4, r5, r6, r7, r8, lr}
- adr r4, AES_set_encrypt_key
- mov r8, #AES_set_encrypt_key-L_AES_ARM32_te
- sub r8, r4, r8
- adr lr, L_AES_SEK_ARM32_rcon
+ adr r8, L_AES_ARM32_te
+ ldr r8, [r8]
+ adr lr, L_AES_ARM32_rcon
cmp r1, #0x80
beq L_AES_set_encrypt_key_start_128
cmp r1, #0xc0
beq L_AES_set_encrypt_key_start_192
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ # REV r4, r4
+ eor r3, r4, r4, ror #16
+ bic r3, r3, #0xff0000
+ ror r4, r4, #8
+ eor r4, r4, r3, lsr #8
+ # REV r5, r5
+ eor r3, r5, r5, ror #16
+ bic r3, r3, #0xff0000
+ ror r5, r5, #8
+ eor r5, r5, r3, lsr #8
+ # REV r6, r6
+ eor r3, r6, r6, ror #16
+ bic r3, r3, #0xff0000
+ ror r6, r6, #8
+ eor r6, r6, r3, lsr #8
+ # REV r7, r7
+ eor r3, r7, r7, ror #16
+ bic r3, r3, #0xff0000
+ ror r7, r7, #8
+ eor r7, r7, r3, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
stm r2!, {r4, r5, r6, r7}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ # REV r4, r4
+ eor r3, r4, r4, ror #16
+ bic r3, r3, #0xff0000
+ ror r4, r4, #8
+ eor r4, r4, r3, lsr #8
+ # REV r5, r5
+ eor r3, r5, r5, ror #16
+ bic r3, r3, #0xff0000
+ ror r5, r5, #8
+ eor r5, r5, r3, lsr #8
+ # REV r6, r6
+ eor r3, r6, r6, ror #16
+ bic r3, r3, #0xff0000
+ ror r6, r6, #8
+ eor r6, r6, r3, lsr #8
+ # REV r7, r7
+ eor r3, r7, r7, ror #16
+ bic r3, r3, #0xff0000
+ ror r7, r7, #8
+ eor r7, r7, r3, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
stm r2, {r4, r5, r6, r7}
sub r2, r2, #16
mov r12, #6
L_AES_set_encrypt_key_loop_256:
- mov r3, r7
- mov r7, #0xff
- and r5, r7, r3, lsr #8
- and r4, r7, r3
- and r6, r7, r3, lsr #16
- lsr r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r7, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r7
+#endif
+#else
+ ubfx r4, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r7, #16
+ lsr r5, r5, #24
+#else
+ uxtb r5, r7, ror #8
+#endif
+#else
+ ubfx r5, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r7, #8
+ lsr r6, r6, #24
+#else
+ uxtb r6, r7, ror #16
+#endif
+#else
+ ubfx r6, r7, #16, #8
+#endif
+ lsr r7, r7, #24
ldrb r4, [r8, r4, lsl #2]
- ldrb r6, [r8, r6, lsl #2]
ldrb r5, [r8, r5, lsl #2]
- ldrb r3, [r8, r3, lsl #2]
- eor r3, r3, r4, lsl #8
+ ldrb r6, [r8, r6, lsl #2]
+ ldrb r7, [r8, r7, lsl #2]
+ eor r3, r7, r4, lsl #8
eor r3, r3, r5, lsl #16
eor r3, r3, r6, lsl #24
ldm r2!, {r4, r5, r6, r7}
@@ -644,11 +938,37 @@ L_AES_set_encrypt_key_loop_256:
stm r2, {r4, r5, r6, r7}
sub r2, r2, #16
mov r3, r7
- mov r7, #0xff
- and r4, r7, r3, lsr #8
- and r5, r7, r3, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r3, #16
+ lsr r4, r4, #24
+#else
+ uxtb r4, r3, ror #8
+#endif
+#else
+ ubfx r4, r3, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r3, #8
+ lsr r5, r5, #24
+#else
+ uxtb r5, r3, ror #16
+#endif
+#else
+ ubfx r5, r3, #16, #8
+#endif
lsr r6, r3, #24
- and r3, r7, r3
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r3, r3, #24
+ lsr r3, r3, #24
+#else
+ uxtb r3, r3
+#endif
+#else
+ ubfx r3, r3, #0, #8
+#endif
ldrb r4, [r8, r4, lsl #2]
ldrb r6, [r8, r6, lsl #2]
ldrb r5, [r8, r5, lsl #2]
@@ -666,17 +986,42 @@ L_AES_set_encrypt_key_loop_256:
sub r2, r2, #16
subs r12, r12, #1
bne L_AES_set_encrypt_key_loop_256
- mov r3, r7
- mov r7, #0xff
- and r5, r7, r3, lsr #8
- and r4, r7, r3
- and r6, r7, r3, lsr #16
- lsr r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r7, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r7
+#endif
+#else
+ ubfx r4, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r7, #16
+ lsr r5, r5, #24
+#else
+ uxtb r5, r7, ror #8
+#endif
+#else
+ ubfx r5, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r7, #8
+ lsr r6, r6, #24
+#else
+ uxtb r6, r7, ror #16
+#endif
+#else
+ ubfx r6, r7, #16, #8
+#endif
+ lsr r7, r7, #24
ldrb r4, [r8, r4, lsl #2]
- ldrb r6, [r8, r6, lsl #2]
ldrb r5, [r8, r5, lsl #2]
- ldrb r3, [r8, r3, lsl #2]
- eor r3, r3, r4, lsl #8
+ ldrb r6, [r8, r6, lsl #2]
+ ldrb r7, [r8, r7, lsl #2]
+ eor r3, r7, r4, lsl #8
eor r3, r3, r5, lsl #16
eor r3, r3, r6, lsl #24
ldm r2!, {r4, r5, r6, r7}
@@ -691,32 +1036,65 @@ L_AES_set_encrypt_key_loop_256:
sub r2, r2, #16
b L_AES_set_encrypt_key_end
L_AES_set_encrypt_key_start_192:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r1, [r0, #20]
ldr r0, [r0, #16]
#else
ldrd r0, r1, [r0, #16]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ # REV r4, r4
+ eor r3, r4, r4, ror #16
+ bic r3, r3, #0xff0000
+ ror r4, r4, #8
+ eor r4, r4, r3, lsr #8
+ # REV r5, r5
+ eor r3, r5, r5, ror #16
+ bic r3, r3, #0xff0000
+ ror r5, r5, #8
+ eor r5, r5, r3, lsr #8
+ # REV r6, r6
+ eor r3, r6, r6, ror #16
+ bic r3, r3, #0xff0000
+ ror r6, r6, #8
+ eor r6, r6, r3, lsr #8
+ # REV r7, r7
+ eor r3, r7, r7, ror #16
+ bic r3, r3, #0xff0000
+ ror r7, r7, #8
+ eor r7, r7, r3, lsr #8
+ # REV r0, r0
+ eor r3, r0, r0, ror #16
+ bic r3, r3, #0xff0000
+ ror r0, r0, #8
+ eor r0, r0, r3, lsr #8
+ # REV r1, r1
+ eor r3, r1, r1, ror #16
+ bic r3, r3, #0xff0000
+ ror r1, r1, #8
+ eor r1, r1, r3, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
rev r0, r0
rev r1, r1
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
stm r2, {r4, r5, r6, r7}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r0, [r2, #16]
str r1, [r2, #20]
#else
@@ -725,17 +1103,42 @@ L_AES_set_encrypt_key_start_192:
mov r7, r1
mov r12, #7
L_AES_set_encrypt_key_loop_192:
- mov r3, r7
- mov r5, #0xff
- and r1, r5, r3, lsr #8
- and r0, r5, r3
- and r4, r5, r3, lsr #16
- lsr r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r0, r7, #24
+ lsr r0, r0, #24
+#else
+ uxtb r0, r7
+#endif
+#else
+ ubfx r0, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r1, r7, #16
+ lsr r1, r1, #24
+#else
+ uxtb r1, r7, ror #8
+#endif
+#else
+ ubfx r1, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r7, #8
+ lsr r4, r4, #24
+#else
+ uxtb r4, r7, ror #16
+#endif
+#else
+ ubfx r4, r7, #16, #8
+#endif
+ lsr r7, r7, #24
ldrb r0, [r8, r0, lsl #2]
- ldrb r4, [r8, r4, lsl #2]
ldrb r1, [r8, r1, lsl #2]
- ldrb r3, [r8, r3, lsl #2]
- eor r3, r3, r0, lsl #8
+ ldrb r4, [r8, r4, lsl #2]
+ ldrb r7, [r8, r7, lsl #2]
+ eor r3, r7, r0, lsl #8
eor r3, r3, r1, lsl #16
eor r3, r3, r4, lsl #24
ldm r2!, {r0, r1, r4, r5, r6, r7}
@@ -750,17 +1153,42 @@ L_AES_set_encrypt_key_loop_192:
stm r2, {r0, r1, r4, r5, r6, r7}
subs r12, r12, #1
bne L_AES_set_encrypt_key_loop_192
- mov r3, r7
- mov r5, #0xff
- and r1, r5, r3, lsr #8
- and r0, r5, r3
- and r4, r5, r3, lsr #16
- lsr r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r0, r7, #24
+ lsr r0, r0, #24
+#else
+ uxtb r0, r7
+#endif
+#else
+ ubfx r0, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r1, r7, #16
+ lsr r1, r1, #24
+#else
+ uxtb r1, r7, ror #8
+#endif
+#else
+ ubfx r1, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r7, #8
+ lsr r4, r4, #24
+#else
+ uxtb r4, r7, ror #16
+#endif
+#else
+ ubfx r4, r7, #16, #8
+#endif
+ lsr r7, r7, #24
ldrb r0, [r8, r0, lsl #2]
- ldrb r4, [r8, r4, lsl #2]
ldrb r1, [r8, r1, lsl #2]
- ldrb r3, [r8, r3, lsl #2]
- eor r3, r3, r0, lsl #8
+ ldrb r4, [r8, r4, lsl #2]
+ ldrb r7, [r8, r7, lsl #2]
+ eor r3, r7, r0, lsl #8
eor r3, r3, r1, lsl #16
eor r3, r3, r4, lsl #24
ldm r2!, {r0, r1, r4, r5, r6, r7}
@@ -773,36 +1201,84 @@ L_AES_set_encrypt_key_loop_192:
stm r2, {r0, r1, r4, r5}
b L_AES_set_encrypt_key_end
L_AES_set_encrypt_key_start_128:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ # REV r4, r4
+ eor r3, r4, r4, ror #16
+ bic r3, r3, #0xff0000
+ ror r4, r4, #8
+ eor r4, r4, r3, lsr #8
+ # REV r5, r5
+ eor r3, r5, r5, ror #16
+ bic r3, r3, #0xff0000
+ ror r5, r5, #8
+ eor r5, r5, r3, lsr #8
+ # REV r6, r6
+ eor r3, r6, r6, ror #16
+ bic r3, r3, #0xff0000
+ ror r6, r6, #8
+ eor r6, r6, r3, lsr #8
+ # REV r7, r7
+ eor r3, r7, r7, ror #16
+ bic r3, r3, #0xff0000
+ ror r7, r7, #8
+ eor r7, r7, r3, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
stm r2, {r4, r5, r6, r7}
mov r12, #10
L_AES_set_encrypt_key_loop_128:
- mov r3, r7
- mov r7, #0xff
- and r5, r7, r3, lsr #8
- and r4, r7, r3
- and r6, r7, r3, lsr #16
- lsr r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r7, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r7
+#endif
+#else
+ ubfx r4, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r7, #16
+ lsr r5, r5, #24
+#else
+ uxtb r5, r7, ror #8
+#endif
+#else
+ ubfx r5, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r7, #8
+ lsr r6, r6, #24
+#else
+ uxtb r6, r7, ror #16
+#endif
+#else
+ ubfx r6, r7, #16, #8
+#endif
+ lsr r7, r7, #24
ldrb r4, [r8, r4, lsl #2]
- ldrb r6, [r8, r6, lsl #2]
ldrb r5, [r8, r5, lsl #2]
- ldrb r3, [r8, r3, lsl #2]
- eor r3, r3, r4, lsl #8
+ ldrb r6, [r8, r6, lsl #2]
+ ldrb r7, [r8, r7, lsl #2]
+ eor r3, r7, r4, lsl #8
eor r3, r3, r5, lsl #16
eor r3, r3, r6, lsl #24
ldm r2!, {r4, r5, r6, r7}
@@ -818,756 +1294,2056 @@ L_AES_set_encrypt_key_loop_128:
L_AES_set_encrypt_key_end:
pop {r4, r5, r6, r7, r8, pc}
.size AES_set_encrypt_key,.-AES_set_encrypt_key
-#ifdef HAVE_AES_DECRYPT
- .text
- .align 4
- .globl AES_invert_key
- .type AES_invert_key, %function
-AES_invert_key:
- push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- adr r4, AES_invert_key
- mov r9, #AES_invert_key-L_AES_ARM32_te
- mov r10, #AES_invert_key-L_AES_ARM32_td
- sub r9, r4, r9
- sub r10, r4, r10
- add r8, r0, r1, lsl #4
- mov r11, r1
-L_AES_invert_key_loop:
- ldm r0, {r2, r3, r12, lr}
- ldm r8, {r4, r5, r6, r7}
- stm r8, {r2, r3, r12, lr}
- stm r0!, {r4, r5, r6, r7}
- subs r11, r11, #2
- sub r8, r8, #16
- bne L_AES_invert_key_loop
- sub r0, r0, r1, lsl #3
- add r0, r0, #16
- sub r11, r1, #1
- mov r1, #0xff
-L_AES_invert_key_mix_loop:
- ldm r0, {r2, r3, r12, lr}
- lsr r4, r2, #24
- and r7, r1, r2
- and r8, r1, r2, lsr #16
- and r6, r1, r2, lsr #8
- ldrb r4, [r9, r4, lsl #2]
- ldrb r7, [r9, r7, lsl #2]
- ldrb r8, [r9, r8, lsl #2]
- ldrb r6, [r9, r6, lsl #2]
- ldr r4, [r10, r4, lsl #2]
- ldr r7, [r10, r7, lsl #2]
- ldr r8, [r10, r8, lsl #2]
- ldr r6, [r10, r6, lsl #2]
- eor r8, r8, r4, ror #24
- eor r8, r8, r7, ror #16
- eor r8, r8, r6, ror #8
- str r8, [r0], #4
- lsr r4, r3, #24
- and r7, r1, r3
- and r8, r1, r3, lsr #16
- and r6, r1, r3, lsr #8
- ldrb r4, [r9, r4, lsl #2]
- ldrb r7, [r9, r7, lsl #2]
- ldrb r8, [r9, r8, lsl #2]
- ldrb r6, [r9, r6, lsl #2]
- ldr r4, [r10, r4, lsl #2]
- ldr r7, [r10, r7, lsl #2]
- ldr r8, [r10, r8, lsl #2]
- ldr r6, [r10, r6, lsl #2]
- eor r8, r8, r4, ror #24
- eor r8, r8, r7, ror #16
- eor r8, r8, r6, ror #8
- str r8, [r0], #4
- lsr r4, r12, #24
- and r7, r1, r12
- and r8, r1, r12, lsr #16
- and r6, r1, r12, lsr #8
- ldrb r4, [r9, r4, lsl #2]
- ldrb r7, [r9, r7, lsl #2]
- ldrb r8, [r9, r8, lsl #2]
- ldrb r6, [r9, r6, lsl #2]
- ldr r4, [r10, r4, lsl #2]
- ldr r7, [r10, r7, lsl #2]
- ldr r8, [r10, r8, lsl #2]
- ldr r6, [r10, r6, lsl #2]
- eor r8, r8, r4, ror #24
- eor r8, r8, r7, ror #16
- eor r8, r8, r6, ror #8
- str r8, [r0], #4
- lsr r4, lr, #24
- and r7, r1, lr
- and r8, r1, lr, lsr #16
- and r6, r1, lr, lsr #8
- ldrb r4, [r9, r4, lsl #2]
- ldrb r7, [r9, r7, lsl #2]
- ldrb r8, [r9, r8, lsl #2]
- ldrb r6, [r9, r6, lsl #2]
- ldr r4, [r10, r4, lsl #2]
- ldr r7, [r10, r7, lsl #2]
- ldr r8, [r10, r8, lsl #2]
- ldr r6, [r10, r6, lsl #2]
- eor r8, r8, r4, ror #24
- eor r8, r8, r7, ror #16
- eor r8, r8, r6, ror #8
- str r8, [r0], #4
- subs r11, r11, #1
- bne L_AES_invert_key_mix_loop
- pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size AES_invert_key,.-AES_invert_key
-#endif /* HAVE_AES_DECRYPT */
-#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
.text
.align 4
.globl AES_encrypt_block
.type AES_encrypt_block, %function
AES_encrypt_block:
-L_AES_encrypt_block_14:
- push {r2, lr}
- ldr lr, [sp, #12]
- mov r2, #6
- b L_AES_encrypt_block_nr
-L_AES_encrypt_block_12:
- push {r2, lr}
- ldr lr, [sp, #12]
- mov r2, #5
- b L_AES_encrypt_block_nr
-L_AES_encrypt_block_10:
- push {r2, lr}
- ldr lr, [sp, #12]
- mov r2, #4
+ push {lr}
L_AES_encrypt_block_nr:
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r5, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r5, ror #16
+#endif
+#else
+ ubfx r8, r5, #16, #8
+#endif
lsr r11, r4, #24
- and r1, r12, r7
- and r8, r12, r5, lsr #16
- and r0, r12, r6, lsr #8
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- ldr r8, [lr, r8, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- and r9, r12, r6, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r6, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r6, ror #8
+#endif
+#else
+ ubfx lr, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r7, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r7
+#endif
+#else
+ ubfx r2, r7, #0, #8
+#endif
+ ldr r8, [r0, r8, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r9, r6, #8
+ lsr r9, r9, #24
+#else
+ uxtb r9, r6, ror #16
+#endif
+#else
+ ubfx r9, r6, #16, #8
+#endif
eor r8, r8, r11, ror #24
lsr r11, r5, #24
- eor r8, r8, r0, ror #8
- and r0, r12, r7, lsr #8
- eor r8, r8, r1, ror #16
- and r1, r12, r4
- ldr r9, [lr, r9, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r10, r12, r7, lsr #16
+ eor r8, r8, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r7, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r7, ror #8
+#endif
+#else
+ ubfx lr, r7, #8, #8
+#endif
+ eor r8, r8, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r4, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r4
+#endif
+#else
+ ubfx r2, r4, #0, #8
+#endif
+ ldr r9, [r0, r9, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r10, r7, #8
+ lsr r10, r10, #24
+#else
+ uxtb r10, r7, ror #16
+#endif
+#else
+ ubfx r10, r7, #16, #8
+#endif
eor r9, r9, r11, ror #24
lsr r11, r6, #24
- eor r9, r9, r0, ror #8
- and r0, r12, r4, lsr #8
- eor r9, r9, r1, ror #16
- and r1, r12, r5
- ldr r10, [lr, r10, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r6, r12, r6
+ eor r9, r9, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r4, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r4, ror #8
+#endif
+#else
+ ubfx lr, r4, #8, #8
+#endif
+ eor r9, r9, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r5, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r5
+#endif
+#else
+ ubfx r2, r5, #0, #8
+#endif
+ ldr r10, [r0, r10, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r6, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r6
+#endif
+#else
+ ubfx r6, r6, #0, #8
+#endif
eor r10, r10, r11, ror #24
- and r11, r12, r4, lsr #16
- eor r10, r10, r0, ror #8
- lsr r0, r7, #24
- eor r10, r10, r1, ror #16
- and r1, r12, r5, lsr #8
- ldr r6, [lr, r6, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- eor r0, r0, r6, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r11, r4, #8
+ lsr r11, r11, #24
+#else
+ uxtb r11, r4, ror #16
+#endif
+#else
+ ubfx r11, r4, #16, #8
+#endif
+ eor r10, r10, lr, ror #8
+ lsr lr, r7, #24
+ eor r10, r10, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r5, #16
+ lsr r2, r2, #24
+#else
+ uxtb r2, r5, ror #8
+#endif
+#else
+ ubfx r2, r5, #8, #8
+#endif
+ ldr r6, [r0, r6, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+ eor lr, lr, r6, ror #24
ldm r3!, {r4, r5, r6, r7}
- eor r11, r11, r0, ror #24
- eor r11, r11, r1, ror #8
+ eor r11, r11, lr, ror #24
+ eor r11, r11, r2, ror #8
# XOR in Key Schedule
eor r8, r8, r4
eor r9, r9, r5
eor r10, r10, r6
eor r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r9, #8
+ lsr r4, r4, #24
+#else
+ uxtb r4, r9, ror #16
+#endif
+#else
+ ubfx r4, r9, #16, #8
+#endif
lsr r7, r8, #24
- and r1, r12, r11
- and r4, r12, r9, lsr #16
- and r0, r12, r10, lsr #8
- ldr r7, [lr, r7, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- ldr r4, [lr, r4, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- and r5, r12, r10, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r10, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r10, ror #8
+#endif
+#else
+ ubfx lr, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r11, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r11
+#endif
+#else
+ ubfx r2, r11, #0, #8
+#endif
+ ldr r4, [r0, r4, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r10, #8
+ lsr r5, r5, #24
+#else
+ uxtb r5, r10, ror #16
+#endif
+#else
+ ubfx r5, r10, #16, #8
+#endif
eor r4, r4, r7, ror #24
lsr r7, r9, #24
- eor r4, r4, r0, ror #8
- and r0, r12, r11, lsr #8
- eor r4, r4, r1, ror #16
- and r1, r12, r8
- ldr r5, [lr, r5, lsl #2]
- ldr r7, [lr, r7, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r6, r12, r11, lsr #16
+ eor r4, r4, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r11, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r11, ror #8
+#endif
+#else
+ ubfx lr, r11, #8, #8
+#endif
+ eor r4, r4, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r8, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r8
+#endif
+#else
+ ubfx r2, r8, #0, #8
+#endif
+ ldr r5, [r0, r5, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r11, #8
+ lsr r6, r6, #24
+#else
+ uxtb r6, r11, ror #16
+#endif
+#else
+ ubfx r6, r11, #16, #8
+#endif
eor r5, r5, r7, ror #24
lsr r7, r10, #24
- eor r5, r5, r0, ror #8
- and r0, r12, r8, lsr #8
- eor r5, r5, r1, ror #16
- and r1, r12, r9
- ldr r6, [lr, r6, lsl #2]
- ldr r7, [lr, r7, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r10, r12, r10
+ eor r5, r5, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r8, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r8, ror #8
+#endif
+#else
+ ubfx lr, r8, #8, #8
+#endif
+ eor r5, r5, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r9, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r9
+#endif
+#else
+ ubfx r2, r9, #0, #8
+#endif
+ ldr r6, [r0, r6, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r10, r10, #24
+ lsr r10, r10, #24
+#else
+ uxtb r10, r10
+#endif
+#else
+ ubfx r10, r10, #0, #8
+#endif
eor r6, r6, r7, ror #24
- and r7, r12, r8, lsr #16
- eor r6, r6, r0, ror #8
- lsr r0, r11, #24
- eor r6, r6, r1, ror #16
- and r1, r12, r9, lsr #8
- ldr r10, [lr, r10, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r7, [lr, r7, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- eor r0, r0, r10, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r8, #8
+ lsr r7, r7, #24
+#else
+ uxtb r7, r8, ror #16
+#endif
+#else
+ ubfx r7, r8, #16, #8
+#endif
+ eor r6, r6, lr, ror #8
+ lsr lr, r11, #24
+ eor r6, r6, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r9, #16
+ lsr r2, r2, #24
+#else
+ uxtb r2, r9, ror #8
+#endif
+#else
+ ubfx r2, r9, #8, #8
+#endif
+ ldr r10, [r0, r10, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+ eor lr, lr, r10, ror #24
ldm r3!, {r8, r9, r10, r11}
- eor r7, r7, r0, ror #24
- eor r7, r7, r1, ror #8
+ eor r7, r7, lr, ror #24
+ eor r7, r7, r2, ror #8
# XOR in Key Schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- subs r2, r2, #1
+ subs r1, r1, #1
bne L_AES_encrypt_block_nr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r5, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r5, ror #16
+#endif
+#else
+ ubfx r8, r5, #16, #8
+#endif
lsr r11, r4, #24
- and r1, r12, r7
- and r8, r12, r5, lsr #16
- and r0, r12, r6, lsr #8
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- ldr r8, [lr, r8, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- and r9, r12, r6, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r6, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r6, ror #8
+#endif
+#else
+ ubfx lr, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r7, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r7
+#endif
+#else
+ ubfx r2, r7, #0, #8
+#endif
+ ldr r8, [r0, r8, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r9, r6, #8
+ lsr r9, r9, #24
+#else
+ uxtb r9, r6, ror #16
+#endif
+#else
+ ubfx r9, r6, #16, #8
+#endif
eor r8, r8, r11, ror #24
lsr r11, r5, #24
- eor r8, r8, r0, ror #8
- and r0, r12, r7, lsr #8
- eor r8, r8, r1, ror #16
- and r1, r12, r4
- ldr r9, [lr, r9, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r10, r12, r7, lsr #16
+ eor r8, r8, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r7, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r7, ror #8
+#endif
+#else
+ ubfx lr, r7, #8, #8
+#endif
+ eor r8, r8, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r4, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r4
+#endif
+#else
+ ubfx r2, r4, #0, #8
+#endif
+ ldr r9, [r0, r9, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r10, r7, #8
+ lsr r10, r10, #24
+#else
+ uxtb r10, r7, ror #16
+#endif
+#else
+ ubfx r10, r7, #16, #8
+#endif
eor r9, r9, r11, ror #24
lsr r11, r6, #24
- eor r9, r9, r0, ror #8
- and r0, r12, r4, lsr #8
- eor r9, r9, r1, ror #16
- and r1, r12, r5
- ldr r10, [lr, r10, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r6, r12, r6
+ eor r9, r9, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r4, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r4, ror #8
+#endif
+#else
+ ubfx lr, r4, #8, #8
+#endif
+ eor r9, r9, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r5, #24
+ lsr r2, r2, #24
+#else
+ uxtb r2, r5
+#endif
+#else
+ ubfx r2, r5, #0, #8
+#endif
+ ldr r10, [r0, r10, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r6, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r6
+#endif
+#else
+ ubfx r6, r6, #0, #8
+#endif
eor r10, r10, r11, ror #24
- and r11, r12, r4, lsr #16
- eor r10, r10, r0, ror #8
- lsr r0, r7, #24
- eor r10, r10, r1, ror #16
- and r1, r12, r5, lsr #8
- ldr r6, [lr, r6, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- eor r0, r0, r6, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r11, r4, #8
+ lsr r11, r11, #24
+#else
+ uxtb r11, r4, ror #16
+#endif
+#else
+ ubfx r11, r4, #16, #8
+#endif
+ eor r10, r10, lr, ror #8
+ lsr lr, r7, #24
+ eor r10, r10, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r5, #16
+ lsr r2, r2, #24
+#else
+ uxtb r2, r5, ror #8
+#endif
+#else
+ ubfx r2, r5, #8, #8
+#endif
+ ldr r6, [r0, r6, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r2, [r0, r2, lsl #2]
+ eor lr, lr, r6, ror #24
ldm r3!, {r4, r5, r6, r7}
- eor r11, r11, r0, ror #24
- eor r11, r11, r1, ror #8
+ eor r11, r11, lr, ror #24
+ eor r11, r11, r2, ror #8
# XOR in Key Schedule
eor r8, r8, r4
eor r9, r9, r5
eor r10, r10, r6
eor r11, r11, r7
- and r7, r12, r10, lsr #8
- lsr r1, r8, #24
- and r4, r12, r11
- and r0, r12, r9, lsr #16
- ldrb r7, [lr, r7, lsl #2]
- ldrb r1, [lr, r1, lsl #2]
- ldrb r4, [lr, r4, lsl #2]
- ldrb r0, [lr, r0, lsl #2]
- and r5, r12, r8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r11, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r11
+#endif
+#else
+ ubfx r4, r11, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r10, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r10, ror #8
+#endif
+#else
+ ubfx r7, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r9, #8
+ lsr lr, lr, #24
+#else
+ uxtb lr, r9, ror #16
+#endif
+#else
+ ubfx lr, r9, #16, #8
+#endif
+ lsr r2, r8, #24
+ ldrb r4, [r0, r4, lsl #2]
+ ldrb r7, [r0, r7, lsl #2]
+ ldrb lr, [r0, lr, lsl #2]
+ ldrb r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r8, #24
+ lsr r5, r5, #24
+#else
+ uxtb r5, r8
+#endif
+#else
+ ubfx r5, r8, #0, #8
+#endif
eor r4, r4, r7, lsl #8
- and r7, r12, r11, lsr #8
- eor r4, r4, r0, lsl #16
- and r0, r12, r10, lsr #16
- eor r4, r4, r1, lsl #24
- lsr r1, r9, #24
- ldrb r7, [lr, r7, lsl #2]
- ldrb r1, [lr, r1, lsl #2]
- ldrb r5, [lr, r5, lsl #2]
- ldrb r0, [lr, r0, lsl #2]
- and r6, r12, r9
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r11, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r11, ror #8
+#endif
+#else
+ ubfx r7, r11, #8, #8
+#endif
+ eor r4, r4, lr, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r10, #8
+ lsr lr, lr, #24
+#else
+ uxtb lr, r10, ror #16
+#endif
+#else
+ ubfx lr, r10, #16, #8
+#endif
+ eor r4, r4, r2, lsl #24
+ lsr r2, r9, #24
+ ldrb r5, [r0, r5, lsl #2]
+ ldrb r7, [r0, r7, lsl #2]
+ ldrb lr, [r0, lr, lsl #2]
+ ldrb r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r9, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r9
+#endif
+#else
+ ubfx r6, r9, #0, #8
+#endif
eor r5, r5, r7, lsl #8
- and r7, r12, r8, lsr #8
- eor r5, r5, r0, lsl #16
- and r0, r12, r11, lsr #16
- eor r5, r5, r1, lsl #24
- lsr r1, r10, #24
- ldrb r7, [lr, r7, lsl #2]
- ldrb r1, [lr, r1, lsl #2]
- ldrb r6, [lr, r6, lsl #2]
- ldrb r0, [lr, r0, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r8, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r8, ror #8
+#endif
+#else
+ ubfx r7, r8, #8, #8
+#endif
+ eor r5, r5, lr, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r11, #8
+ lsr lr, lr, #24
+#else
+ uxtb lr, r11, ror #16
+#endif
+#else
+ ubfx lr, r11, #16, #8
+#endif
+ eor r5, r5, r2, lsl #24
+ lsr r2, r10, #24
+ ldrb r6, [r0, r6, lsl #2]
+ ldrb r7, [r0, r7, lsl #2]
+ ldrb lr, [r0, lr, lsl #2]
+ ldrb r2, [r0, r2, lsl #2]
lsr r11, r11, #24
eor r6, r6, r7, lsl #8
- and r7, r12, r10
- eor r6, r6, r0, lsl #16
- and r0, r12, r9, lsr #8
- eor r6, r6, r1, lsl #24
- and r1, r12, r8, lsr #16
- ldrb r11, [lr, r11, lsl #2]
- ldrb r0, [lr, r0, lsl #2]
- ldrb r7, [lr, r7, lsl #2]
- ldrb r1, [lr, r1, lsl #2]
- eor r0, r0, r11, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r10, #24
+ lsr r7, r7, #24
+#else
+ uxtb r7, r10
+#endif
+#else
+ ubfx r7, r10, #0, #8
+#endif
+ eor r6, r6, lr, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r9, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r9, ror #8
+#endif
+#else
+ ubfx lr, r9, #8, #8
+#endif
+ eor r6, r6, r2, lsl #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r8, #8
+ lsr r2, r2, #24
+#else
+ uxtb r2, r8, ror #16
+#endif
+#else
+ ubfx r2, r8, #16, #8
+#endif
+ ldrb r11, [r0, r11, lsl #2]
+ ldrb r7, [r0, r7, lsl #2]
+ ldrb lr, [r0, lr, lsl #2]
+ ldrb r2, [r0, r2, lsl #2]
+ eor lr, lr, r11, lsl #16
ldm r3, {r8, r9, r10, r11}
- eor r7, r7, r0, lsl #8
- eor r7, r7, r1, lsl #16
+ eor r7, r7, lr, lsl #8
+ eor r7, r7, r2, lsl #16
# XOR in Key Schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- str lr, [sp, #12]
- pop {r2, lr}
- bx lr
- bx lr
+ pop {pc}
.size AES_encrypt_block,.-AES_encrypt_block
#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
.text
+ .type L_AES_ARM32_te_ecb, %object
+ .size L_AES_ARM32_te_ecb, 12
+ .align 4
+L_AES_ARM32_te_ecb:
+ .word L_AES_ARM32_te_data
+ .text
.align 4
.globl AES_ECB_encrypt
.type AES_ECB_encrypt, %function
AES_ECB_encrypt:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- adr r4, AES_ECB_encrypt
- mov lr, #AES_ECB_encrypt-L_AES_ARM32_te
- sub lr, r4, lr
+ mov lr, r0
+ adr r0, L_AES_ARM32_te_ecb
+ ldr r0, [r0]
ldr r12, [sp, #36]
+ push {r3}
cmp r12, #10
beq L_AES_ECB_encrypt_start_block_128
cmp r12, #12
beq L_AES_ECB_encrypt_start_block_192
- mov r12, #0xff
L_AES_ECB_encrypt_loop_block_256:
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- push {r0, r1}
- push {r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ push {r1, r2, lr}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_14
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #6
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_ECB_encrypt_loop_block_256
b L_AES_ECB_encrypt_end
L_AES_ECB_encrypt_start_block_192:
- mov r12, #0xff
L_AES_ECB_encrypt_loop_block_192:
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- push {r0, r1}
- push {r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ push {r1, r2, lr}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_12
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #5
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_ECB_encrypt_loop_block_192
b L_AES_ECB_encrypt_end
L_AES_ECB_encrypt_start_block_128:
- mov r12, #0xff
L_AES_ECB_encrypt_loop_block_128:
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- push {r0, r1}
- push {r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ push {r1, r2, lr}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_10
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #4
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_ECB_encrypt_loop_block_128
L_AES_ECB_encrypt_end:
+ pop {r3}
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size AES_ECB_encrypt,.-AES_ECB_encrypt
#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
#ifdef HAVE_AES_CBC
.text
+ .type L_AES_ARM32_te_cbc, %object
+ .size L_AES_ARM32_te_cbc, 12
+ .align 4
+L_AES_ARM32_te_cbc:
+ .word L_AES_ARM32_te_data
+ .text
.align 4
.globl AES_CBC_encrypt
.type AES_CBC_encrypt, %function
AES_CBC_encrypt:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- ldr r12, [sp, #36]
- ldr lr, [sp, #40]
- ldm lr, {r4, r5, r6, r7}
- push {lr}
- adr r8, AES_CBC_encrypt
- mov lr, #AES_CBC_encrypt-L_AES_ARM32_te
- sub lr, r8, lr
- cmp r12, #10
+ ldr r8, [sp, #36]
+ ldr r9, [sp, #40]
+ mov lr, r0
+ adr r0, L_AES_ARM32_te_cbc
+ ldr r0, [r0]
+ ldm r9, {r4, r5, r6, r7}
+ push {r3, r9}
+ cmp r8, #10
beq L_AES_CBC_encrypt_start_block_128
- cmp r12, #12
+ cmp r8, #12
beq L_AES_CBC_encrypt_start_block_192
- mov r12, #0xff
L_AES_CBC_encrypt_loop_block_256:
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- push {r0, r1}
- push {r3, lr}
- ldm r3!, {r8, r9, r10, r11}
+ push {r1, r2, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_14
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #6
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CBC_encrypt_loop_block_256
b L_AES_CBC_encrypt_end
L_AES_CBC_encrypt_start_block_192:
- mov r12, #0xff
L_AES_CBC_encrypt_loop_block_192:
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- push {r0, r1}
- push {r3, lr}
- ldm r3!, {r8, r9, r10, r11}
+ push {r1, r2, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_12
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #5
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CBC_encrypt_loop_block_192
b L_AES_CBC_encrypt_end
L_AES_CBC_encrypt_start_block_128:
- mov r12, #0xff
L_AES_CBC_encrypt_loop_block_128:
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- push {r0, r1}
- push {r3, lr}
- ldm r3!, {r8, r9, r10, r11}
+ push {r1, r2, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_10
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #4
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CBC_encrypt_loop_block_128
L_AES_CBC_encrypt_end:
- pop {lr}
- stm lr, {r4, r5, r6, r7}
+ pop {r3, r9}
+ stm r9, {r4, r5, r6, r7}
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size AES_CBC_encrypt,.-AES_CBC_encrypt
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_COUNTER
.text
+ .type L_AES_ARM32_te_ctr, %object
+ .size L_AES_ARM32_te_ctr, 12
+ .align 4
+L_AES_ARM32_te_ctr:
+ .word L_AES_ARM32_te_data
+ .text
.align 4
.globl AES_CTR_encrypt
.type AES_CTR_encrypt, %function
AES_CTR_encrypt:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
ldr r12, [sp, #36]
- ldr lr, [sp, #40]
- ldm lr, {r4, r5, r6, r7}
+ ldr r8, [sp, #40]
+ mov lr, r0
+ adr r0, L_AES_ARM32_te_ctr
+ ldr r0, [r0]
+ ldm r8, {r4, r5, r6, r7}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r10, r4, r4, ror #16
+ eor r11, r5, r5, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ eor r4, r4, r10, lsr #8
+ eor r5, r5, r11, lsr #8
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- stm lr, {r4, r5, r6, r7}
- push {lr}
- adr r8, AES_CTR_encrypt
- mov lr, #AES_CTR_encrypt-L_AES_ARM32_te
- sub lr, r8, lr
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ stm r8, {r4, r5, r6, r7}
+ push {r3, r8}
cmp r12, #10
beq L_AES_CTR_encrypt_start_block_128
cmp r12, #12
beq L_AES_CTR_encrypt_start_block_192
- mov r12, #0xff
L_AES_CTR_encrypt_loop_block_256:
- push {r0, r1}
- ldr r0, [sp, #8]
+ push {r1, r2, lr}
+ ldr lr, [sp, #16]
adds r11, r7, #1
adcs r10, r6, #0
adcs r9, r5, #0
adc r8, r4, #0
- stm r0, {r8, r9, r10, r11}
- push {r3, lr}
+ stm lr, {r8, r9, r10, r11}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_14
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #6
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
- eor r4, r8
- eor r5, r9
- eor r6, r10
- eor r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- ldr r8, [sp]
ldm r8, {r4, r5, r6, r7}
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CTR_encrypt_loop_block_256
b L_AES_CTR_encrypt_end
L_AES_CTR_encrypt_start_block_192:
- mov r12, #0xff
L_AES_CTR_encrypt_loop_block_192:
- push {r0, r1}
- ldr r0, [sp, #8]
+ push {r1, r2, lr}
+ ldr lr, [sp, #16]
adds r11, r7, #1
adcs r10, r6, #0
adcs r9, r5, #0
adc r8, r4, #0
- stm r0, {r8, r9, r10, r11}
- push {r3, lr}
+ stm lr, {r8, r9, r10, r11}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_12
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #5
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
- eor r4, r8
- eor r5, r9
- eor r6, r10
- eor r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- ldr r8, [sp]
ldm r8, {r4, r5, r6, r7}
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CTR_encrypt_loop_block_192
b L_AES_CTR_encrypt_end
L_AES_CTR_encrypt_start_block_128:
- mov r12, #0xff
L_AES_CTR_encrypt_loop_block_128:
- push {r0, r1}
- ldr r0, [sp, #8]
+ push {r1, r2, lr}
+ ldr lr, [sp, #16]
adds r11, r7, #1
adcs r10, r6, #0
adcs r9, r5, #0
adc r8, r4, #0
- stm r0, {r8, r9, r10, r11}
- push {r3, lr}
+ stm lr, {r8, r9, r10, r11}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_10
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #4
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
- eor r4, r8
- eor r5, r9
- eor r6, r10
- eor r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- ldr r8, [sp]
ldm r8, {r4, r5, r6, r7}
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CTR_encrypt_loop_block_128
L_AES_CTR_encrypt_end:
- pop {lr}
+ pop {r3, r8}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r10, r4, r4, ror #16
+ eor r11, r5, r5, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ eor r4, r4, r10, lsr #8
+ eor r5, r5, r11, lsr #8
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- stm lr, {r4, r5, r6, r7}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ stm r8, {r4, r5, r6, r7}
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size AES_CTR_encrypt,.-AES_CTR_encrypt
#endif /* WOLFSSL_AES_COUNTER */
-#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
#ifdef HAVE_AES_DECRYPT
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
.text
+ .align 4
+ .globl AES_decrypt_block
+ .type AES_decrypt_block, %function
+AES_decrypt_block:
+ push {lr}
+L_AES_decrypt_block_nr:
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r7, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r7, ror #16
+#endif
+#else
+ ubfx r8, r7, #16, #8
+#endif
+ lsr r11, r4, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r6, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r6, ror #8
+#endif
+#else
+ ubfx r12, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r5, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r5
+#endif
+#else
+ ubfx lr, r5, #0, #8
+#endif
+ ldr r8, [r0, r8, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r9, r4, #8
+ lsr r9, r9, #24
+#else
+ uxtb r9, r4, ror #16
+#endif
+#else
+ ubfx r9, r4, #16, #8
+#endif
+ eor r8, r8, r11, ror #24
+ lsr r11, r5, #24
+ eor r8, r8, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r7, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r7, ror #8
+#endif
+#else
+ ubfx r12, r7, #8, #8
+#endif
+ eor r8, r8, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r6, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r6
+#endif
+#else
+ ubfx lr, r6, #0, #8
+#endif
+ ldr r9, [r0, r9, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r10, r5, #8
+ lsr r10, r10, #24
+#else
+ uxtb r10, r5, ror #16
+#endif
+#else
+ ubfx r10, r5, #16, #8
+#endif
+ eor r9, r9, r11, ror #24
+ lsr r11, r6, #24
+ eor r9, r9, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r4, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r4, ror #8
+#endif
+#else
+ ubfx r12, r4, #8, #8
+#endif
+ eor r9, r9, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r7, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r7
+#endif
+#else
+ ubfx lr, r7, #0, #8
+#endif
+ ldr r10, [r0, r10, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r4, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r4
+#endif
+#else
+ ubfx r4, r4, #0, #8
+#endif
+ eor r10, r10, r11, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r11, r6, #8
+ lsr r11, r11, #24
+#else
+ uxtb r11, r6, ror #16
+#endif
+#else
+ ubfx r11, r6, #16, #8
+#endif
+ eor r10, r10, r12, ror #8
+ lsr r12, r7, #24
+ eor r10, r10, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r5, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r5, ror #8
+#endif
+#else
+ ubfx lr, r5, #8, #8
+#endif
+ ldr r4, [r0, r4, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ eor r12, r12, r4, ror #24
+ ldm r3!, {r4, r5, r6, r7}
+ eor r11, r11, lr, ror #8
+ eor r11, r11, r12, ror #24
+ # XOR in Key Schedule
+ eor r8, r8, r4
+ eor r9, r9, r5
+ eor r10, r10, r6
+ eor r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r11, #8
+ lsr r4, r4, #24
+#else
+ uxtb r4, r11, ror #16
+#endif
+#else
+ ubfx r4, r11, #16, #8
+#endif
+ lsr r7, r8, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r10, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r10, ror #8
+#endif
+#else
+ ubfx r12, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r9, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r9
+#endif
+#else
+ ubfx lr, r9, #0, #8
+#endif
+ ldr r4, [r0, r4, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r8, #8
+ lsr r5, r5, #24
+#else
+ uxtb r5, r8, ror #16
+#endif
+#else
+ ubfx r5, r8, #16, #8
+#endif
+ eor r4, r4, r7, ror #24
+ lsr r7, r9, #24
+ eor r4, r4, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r11, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r11, ror #8
+#endif
+#else
+ ubfx r12, r11, #8, #8
+#endif
+ eor r4, r4, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r10, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r10
+#endif
+#else
+ ubfx lr, r10, #0, #8
+#endif
+ ldr r5, [r0, r5, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r9, #8
+ lsr r6, r6, #24
+#else
+ uxtb r6, r9, ror #16
+#endif
+#else
+ ubfx r6, r9, #16, #8
+#endif
+ eor r5, r5, r7, ror #24
+ lsr r7, r10, #24
+ eor r5, r5, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r8, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r8, ror #8
+#endif
+#else
+ ubfx r12, r8, #8, #8
+#endif
+ eor r5, r5, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r11, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r11
+#endif
+#else
+ ubfx lr, r11, #0, #8
+#endif
+ ldr r6, [r0, r6, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r8, #24
+ lsr r8, r8, #24
+#else
+ uxtb r8, r8
+#endif
+#else
+ ubfx r8, r8, #0, #8
+#endif
+ eor r6, r6, r7, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r10, #8
+ lsr r7, r7, #24
+#else
+ uxtb r7, r10, ror #16
+#endif
+#else
+ ubfx r7, r10, #16, #8
+#endif
+ eor r6, r6, r12, ror #8
+ lsr r12, r11, #24
+ eor r6, r6, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r9, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r9, ror #8
+#endif
+#else
+ ubfx lr, r9, #8, #8
+#endif
+ ldr r8, [r0, r8, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr r7, [r0, r7, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ eor r12, r12, r8, ror #24
+ ldm r3!, {r8, r9, r10, r11}
+ eor r7, r7, lr, ror #8
+ eor r7, r7, r12, ror #24
+ # XOR in Key Schedule
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ subs r1, r1, #1
+ bne L_AES_decrypt_block_nr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r8, r7, #8
+ lsr r8, r8, #24
+#else
+ uxtb r8, r7, ror #16
+#endif
+#else
+ ubfx r8, r7, #16, #8
+#endif
+ lsr r11, r4, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r6, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r6, ror #8
+#endif
+#else
+ ubfx r12, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r5, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r5
+#endif
+#else
+ ubfx lr, r5, #0, #8
+#endif
+ ldr r8, [r0, r8, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r9, r4, #8
+ lsr r9, r9, #24
+#else
+ uxtb r9, r4, ror #16
+#endif
+#else
+ ubfx r9, r4, #16, #8
+#endif
+ eor r8, r8, r11, ror #24
+ lsr r11, r5, #24
+ eor r8, r8, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r7, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r7, ror #8
+#endif
+#else
+ ubfx r12, r7, #8, #8
+#endif
+ eor r8, r8, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r6, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r6
+#endif
+#else
+ ubfx lr, r6, #0, #8
+#endif
+ ldr r9, [r0, r9, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r10, r5, #8
+ lsr r10, r10, #24
+#else
+ uxtb r10, r5, ror #16
+#endif
+#else
+ ubfx r10, r5, #16, #8
+#endif
+ eor r9, r9, r11, ror #24
+ lsr r11, r6, #24
+ eor r9, r9, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r4, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r4, ror #8
+#endif
+#else
+ ubfx r12, r4, #8, #8
+#endif
+ eor r9, r9, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r7, #24
+ lsr lr, lr, #24
+#else
+ uxtb lr, r7
+#endif
+#else
+ ubfx lr, r7, #0, #8
+#endif
+ ldr r10, [r0, r10, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r4, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r4
+#endif
+#else
+ ubfx r4, r4, #0, #8
+#endif
+ eor r10, r10, r11, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r11, r6, #8
+ lsr r11, r11, #24
+#else
+ uxtb r11, r6, ror #16
+#endif
+#else
+ ubfx r11, r6, #16, #8
+#endif
+ eor r10, r10, r12, ror #8
+ lsr r12, r7, #24
+ eor r10, r10, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r5, #16
+ lsr lr, lr, #24
+#else
+ uxtb lr, r5, ror #8
+#endif
+#else
+ ubfx lr, r5, #8, #8
+#endif
+ ldr r4, [r0, r4, lsl #2]
+ ldr r12, [r0, r12, lsl #2]
+ ldr r11, [r0, r11, lsl #2]
+ ldr lr, [r0, lr, lsl #2]
+ eor r12, r12, r4, ror #24
+ ldm r3!, {r4, r5, r6, r7}
+ eor r11, r11, lr, ror #8
+ eor r11, r11, r12, ror #24
+ # XOR in Key Schedule
+ eor r8, r8, r4
+ eor r9, r9, r5
+ eor r10, r10, r6
+ eor r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r4, r9, #24
+ lsr r4, r4, #24
+#else
+ uxtb r4, r9
+#endif
+#else
+ ubfx r4, r9, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r10, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r10, ror #8
+#endif
+#else
+ ubfx r7, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r11, #8
+ lsr r12, r12, #24
+#else
+ uxtb r12, r11, ror #16
+#endif
+#else
+ ubfx r12, r11, #16, #8
+#endif
+ lsr lr, r8, #24
+ ldrb r4, [r2, r4]
+ ldrb r7, [r2, r7]
+ ldrb r12, [r2, r12]
+ ldrb lr, [r2, lr]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r5, r10, #24
+ lsr r5, r5, #24
+#else
+ uxtb r5, r10
+#endif
+#else
+ ubfx r5, r10, #0, #8
+#endif
+ eor r4, r4, r7, lsl #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r11, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r11, ror #8
+#endif
+#else
+ ubfx r7, r11, #8, #8
+#endif
+ eor r4, r4, r12, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r8, #8
+ lsr r12, r12, #24
+#else
+ uxtb r12, r8, ror #16
+#endif
+#else
+ ubfx r12, r8, #16, #8
+#endif
+ eor r4, r4, lr, lsl #24
+ lsr lr, r9, #24
+ ldrb r7, [r2, r7]
+ ldrb lr, [r2, lr]
+ ldrb r5, [r2, r5]
+ ldrb r12, [r2, r12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r6, r11, #24
+ lsr r6, r6, #24
+#else
+ uxtb r6, r11
+#endif
+#else
+ ubfx r6, r11, #0, #8
+#endif
+ eor r5, r5, r7, lsl #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r8, #16
+ lsr r7, r7, #24
+#else
+ uxtb r7, r8, ror #8
+#endif
+#else
+ ubfx r7, r8, #8, #8
+#endif
+ eor r5, r5, r12, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r9, #8
+ lsr r12, r12, #24
+#else
+ uxtb r12, r9, ror #16
+#endif
+#else
+ ubfx r12, r9, #16, #8
+#endif
+ eor r5, r5, lr, lsl #24
+ lsr lr, r10, #24
+ ldrb r7, [r2, r7]
+ ldrb lr, [r2, lr]
+ ldrb r6, [r2, r6]
+ ldrb r12, [r2, r12]
+ lsr r11, r11, #24
+ eor r6, r6, r7, lsl #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r7, r8, #24
+ lsr r7, r7, #24
+#else
+ uxtb r7, r8
+#endif
+#else
+ ubfx r7, r8, #0, #8
+#endif
+ eor r6, r6, r12, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r12, r9, #16
+ lsr r12, r12, #24
+#else
+ uxtb r12, r9, ror #8
+#endif
+#else
+ ubfx r12, r9, #8, #8
+#endif
+ eor r6, r6, lr, lsl #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl lr, r10, #8
+ lsr lr, lr, #24
+#else
+ uxtb lr, r10, ror #16
+#endif
+#else
+ ubfx lr, r10, #16, #8
+#endif
+ ldrb r11, [r2, r11]
+ ldrb r12, [r2, r12]
+ ldrb r7, [r2, r7]
+ ldrb lr, [r2, lr]
+ eor r12, r12, r11, lsl #16
+ ldm r3, {r8, r9, r10, r11}
+ eor r7, r7, r12, lsl #8
+ eor r7, r7, lr, lsl #16
+ # XOR in Key Schedule
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ pop {pc}
+ .size AES_decrypt_block,.-AES_decrypt_block
+ .text
+ .type L_AES_ARM32_td_ecb, %object
+ .size L_AES_ARM32_td_ecb, 12
+ .align 4
+L_AES_ARM32_td_ecb:
+ .word L_AES_ARM32_td_data
+ .text
.type L_AES_ARM32_td4, %object
.size L_AES_ARM32_td4, 256
.align 4
@@ -1828,234 +3604,6 @@ L_AES_ARM32_td4:
.byte 0x21
.byte 0xc
.byte 0x7d
- .text
- .align 4
- .globl AES_decrypt_block
- .type AES_decrypt_block, %function
-AES_decrypt_block:
-L_AES_decrypt_block_14:
- push {lr}
- ldr lr, [sp, #8]
- mov r12, #6
- b L_AES_decrypt_block_nr
-L_AES_decrypt_block_12:
- push {lr}
- ldr lr, [sp, #8]
- mov r12, #5
- b L_AES_decrypt_block_nr
-L_AES_decrypt_block_10:
- push {lr}
- ldr lr, [sp, #8]
- mov r12, #4
-L_AES_decrypt_block_nr:
- lsr r11, r4, #24
- and r1, r2, r5
- and r8, r2, r7, lsr #16
- and r0, r2, r6, lsr #8
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- ldr r8, [lr, r8, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- and r9, r2, r4, lsr #16
- eor r8, r8, r11, ror #24
- lsr r11, r5, #24
- eor r8, r8, r0, ror #8
- and r0, r2, r7, lsr #8
- eor r8, r8, r1, ror #16
- and r1, r2, r6
- ldr r9, [lr, r9, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r10, r2, r5, lsr #16
- eor r9, r9, r11, ror #24
- lsr r11, r6, #24
- eor r9, r9, r0, ror #8
- and r0, r2, r4, lsr #8
- eor r9, r9, r1, ror #16
- and r1, r2, r7
- ldr r10, [lr, r10, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r4, r2, r4
- eor r10, r10, r11, ror #24
- and r11, r2, r6, lsr #16
- eor r10, r10, r0, ror #8
- lsr r0, r7, #24
- eor r10, r10, r1, ror #16
- and r1, r2, r5, lsr #8
- ldr r4, [lr, r4, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- eor r0, r0, r4, ror #24
- ldm r3!, {r4, r5, r6, r7}
- eor r11, r11, r1, ror #8
- eor r11, r11, r0, ror #24
- # XOR in Key Schedule
- eor r8, r8, r4
- eor r9, r9, r5
- eor r10, r10, r6
- eor r11, r11, r7
- lsr r7, r8, #24
- and r1, r2, r9
- and r4, r2, r11, lsr #16
- and r0, r2, r10, lsr #8
- ldr r7, [lr, r7, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- ldr r4, [lr, r4, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- and r5, r2, r8, lsr #16
- eor r4, r4, r7, ror #24
- lsr r7, r9, #24
- eor r4, r4, r0, ror #8
- and r0, r2, r11, lsr #8
- eor r4, r4, r1, ror #16
- and r1, r2, r10
- ldr r5, [lr, r5, lsl #2]
- ldr r7, [lr, r7, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r6, r2, r9, lsr #16
- eor r5, r5, r7, ror #24
- lsr r7, r10, #24
- eor r5, r5, r0, ror #8
- and r0, r2, r8, lsr #8
- eor r5, r5, r1, ror #16
- and r1, r2, r11
- ldr r6, [lr, r6, lsl #2]
- ldr r7, [lr, r7, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r8, r2, r8
- eor r6, r6, r7, ror #24
- and r7, r2, r10, lsr #16
- eor r6, r6, r0, ror #8
- lsr r0, r11, #24
- eor r6, r6, r1, ror #16
- and r1, r2, r9, lsr #8
- ldr r8, [lr, r8, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r7, [lr, r7, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- eor r0, r0, r8, ror #24
- ldm r3!, {r8, r9, r10, r11}
- eor r7, r7, r1, ror #8
- eor r7, r7, r0, ror #24
- # XOR in Key Schedule
- eor r4, r4, r8
- eor r5, r5, r9
- eor r6, r6, r10
- eor r7, r7, r11
- subs r12, r12, #1
- bne L_AES_decrypt_block_nr
- lsr r11, r4, #24
- and r1, r2, r5
- and r8, r2, r7, lsr #16
- and r0, r2, r6, lsr #8
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- ldr r8, [lr, r8, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- and r9, r2, r4, lsr #16
- eor r8, r8, r11, ror #24
- lsr r11, r5, #24
- eor r8, r8, r0, ror #8
- and r0, r2, r7, lsr #8
- eor r8, r8, r1, ror #16
- and r1, r2, r6
- ldr r9, [lr, r9, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r10, r2, r5, lsr #16
- eor r9, r9, r11, ror #24
- lsr r11, r6, #24
- eor r9, r9, r0, ror #8
- and r0, r2, r4, lsr #8
- eor r9, r9, r1, ror #16
- and r1, r2, r7
- ldr r10, [lr, r10, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- and r4, r2, r4
- eor r10, r10, r11, ror #24
- and r11, r2, r6, lsr #16
- eor r10, r10, r0, ror #8
- lsr r0, r7, #24
- eor r10, r10, r1, ror #16
- and r1, r2, r5, lsr #8
- ldr r4, [lr, r4, lsl #2]
- ldr r0, [lr, r0, lsl #2]
- ldr r11, [lr, r11, lsl #2]
- ldr r1, [lr, r1, lsl #2]
- eor r0, r0, r4, ror #24
- ldm r3!, {r4, r5, r6, r7}
- eor r11, r11, r1, ror #8
- eor r11, r11, r0, ror #24
- # XOR in Key Schedule
- eor r8, r8, r4
- eor r9, r9, r5
- eor r10, r10, r6
- eor r11, r11, r7
- adr r12, L_AES_ARM32_td4
- and r7, r2, r10, lsr #8
- lsr r1, r8, #24
- and r4, r2, r9
- and r0, r2, r11, lsr #16
- ldrb r7, [r12, r7]
- ldrb r1, [r12, r1]
- ldrb r4, [r12, r4]
- ldrb r0, [r12, r0]
- and r5, r2, r10
- eor r4, r4, r7, lsl #8
- and r7, r2, r11, lsr #8
- eor r4, r4, r0, lsl #16
- and r0, r2, r8, lsr #16
- eor r4, r4, r1, lsl #24
- lsr r1, r9, #24
- ldrb r7, [r12, r7]
- ldrb r1, [r12, r1]
- ldrb r5, [r12, r5]
- ldrb r0, [r12, r0]
- and r6, r2, r11
- eor r5, r5, r7, lsl #8
- and r7, r2, r8, lsr #8
- eor r5, r5, r0, lsl #16
- and r0, r2, r9, lsr #16
- eor r5, r5, r1, lsl #24
- lsr r1, r10, #24
- ldrb r7, [r12, r7]
- ldrb r1, [r12, r1]
- ldrb r6, [r12, r6]
- ldrb r0, [r12, r0]
- lsr r11, r11, #24
- eor r6, r6, r7, lsl #8
- and r7, r2, r8
- eor r6, r6, r0, lsl #16
- and r0, r2, r9, lsr #8
- eor r6, r6, r1, lsl #24
- and r1, r2, r10, lsr #16
- ldrb r11, [r12, r11]
- ldrb r0, [r12, r0]
- ldrb r7, [r12, r7]
- ldrb r1, [r12, r1]
- eor r0, r0, r11, lsl #16
- ldm r3, {r8, r9, r10, r11}
- eor r7, r7, r0, lsl #8
- eor r7, r7, r1, lsl #16
- # XOR in Key Schedule
- eor r4, r4, r8
- eor r5, r5, r9
- eor r6, r6, r10
- eor r7, r7, r11
- str lr, [sp, #8]
- pop {lr}
- bx lr
- bx lr
- .size AES_decrypt_block,.-AES_decrypt_block
#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
.text
.align 4
@@ -2063,116 +3611,225 @@ L_AES_decrypt_block_nr:
.type AES_ECB_decrypt, %function
AES_ECB_decrypt:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- ldr r12, [sp, #36]
- mov r8, r12
- adr r4, AES_ECB_decrypt
- mov lr, #AES_ECB_decrypt-L_AES_ARM32_td
- sub lr, r4, lr
+ ldr r8, [sp, #36]
+ mov lr, r0
+ adr r0, L_AES_ARM32_td_ecb
+ ldr r0, [r0]
+ mov r12, r2
+ adr r2, L_AES_ARM32_td4
cmp r8, #10
beq L_AES_ECB_decrypt_start_block_128
cmp r8, #12
beq L_AES_ECB_decrypt_start_block_192
L_AES_ECB_decrypt_loop_block_256:
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- push {r0, r1, r2}
- mov r2, #0xff
- push {r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ push {r1, r3, r12, lr}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_14
- pop {r3, lr}
- pop {r0, r1, r2}
+ mov r1, #6
+ bl AES_decrypt_block
+ pop {r1, r3, r12, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_ECB_decrypt_loop_block_256
b L_AES_ECB_decrypt_end
L_AES_ECB_decrypt_start_block_192:
L_AES_ECB_decrypt_loop_block_192:
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- push {r0, r1, r2}
- mov r2, #0xff
- push {r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ push {r1, r3, r12, lr}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_12
- pop {r3, lr}
- pop {r0, r1, r2}
+ mov r1, #5
+ bl AES_decrypt_block
+ pop {r1, r3, r12, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_ECB_decrypt_loop_block_192
b L_AES_ECB_decrypt_end
L_AES_ECB_decrypt_start_block_128:
L_AES_ECB_decrypt_loop_block_128:
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- push {r0, r1, r2}
- mov r2, #0xff
- push {r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ push {r1, r3, r12, lr}
ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_10
- pop {r3, lr}
- pop {r0, r1, r2}
+ mov r1, #4
+ bl AES_decrypt_block
+ pop {r1, r3, r12, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_ECB_decrypt_loop_block_128
L_AES_ECB_decrypt_end:
@@ -2186,71 +3843,95 @@ L_AES_ECB_decrypt_end:
.type AES_CBC_decrypt, %function
AES_CBC_decrypt:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #24
- ldr r12, [sp, #60]
- ldr lr, [sp, #64]
- str lr, [sp, #20]
- str r3, [sp]
- adr r8, AES_CBC_decrypt
- mov lr, #AES_CBC_decrypt-L_AES_ARM32_td
- sub lr, r8, lr
- mov r8, r12
- str lr, [sp, #4]
+ ldr r8, [sp, #36]
+ ldr r4, [sp, #40]
+ mov lr, r0
+ adr r0, L_AES_ARM32_td_ecb
+ ldr r0, [r0]
+ mov r12, r2
+ adr r2, L_AES_ARM32_td4
+ push {r3, r4}
cmp r8, #10
beq L_AES_CBC_decrypt_loop_block_128
cmp r8, #12
beq L_AES_CBC_decrypt_loop_block_192
L_AES_CBC_decrypt_loop_block_256:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r0, [sp, #8]
- str r1, [sp, #12]
+ push {r1, r12, lr}
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [lr, #16]
+ str r5, [lr, #20]
#else
- strd r0, r1, [sp, #8]
+ strd r4, r5, [lr, #16]
#endif
- str r2, [sp, #16]
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [lr, #24]
+ str r7, [lr, #28]
#else
- strd r4, r5, [r0, #16]
+ strd r6, r7, [lr, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #24]
- str r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
#else
- strd r6, r7, [r0, #24]
-#endif
- mov r2, #0xff
- ldm r3!, {r8, r9, r10, r11}
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_14
+ mov r1, #6
+ bl AES_decrypt_block
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r0, [sp, #20]
- ldm r0, {r8, r9, r10, r11}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm lr, {r8, r9, r10, r11}
+ pop {r1, r12, lr}
ldr r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
-#else
- ldrd r0, r1, [sp, #8]
-#endif
- ldr r2, [sp, #16]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
@@ -2259,71 +3940,97 @@ L_AES_CBC_decrypt_loop_block_256:
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
beq L_AES_CBC_decrypt_end_odd
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r0, [sp, #8]
- str r1, [sp, #12]
+ push {r1, r12, lr}
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [lr]
+ str r5, [lr, #4]
#else
- strd r0, r1, [sp, #8]
+ strd r4, r5, [lr]
#endif
- str r2, [sp, #16]
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [lr, #8]
+ str r7, [lr, #12]
#else
- strd r4, r5, [r0]
+ strd r6, r7, [lr, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
#else
- strd r6, r7, [r0, #8]
-#endif
- mov r2, #0xff
- ldm r3!, {r8, r9, r10, r11}
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_14
+ mov r1, #6
+ bl AES_decrypt_block
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r0, #16]
- ldr r9, [r0, #20]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r8, [lr, #16]
+ ldr r9, [lr, #20]
#else
- ldrd r8, r9, [r0, #16]
+ ldrd r8, r9, [lr, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r0, #24]
- ldr r11, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r10, [lr, #24]
+ ldr r11, [lr, #28]
#else
- ldrd r10, r11, [r0, #24]
+ ldrd r10, r11, [lr, #24]
#endif
+ pop {r1, r12, lr}
ldr r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
-#else
- ldrd r0, r1, [sp, #8]
-#endif
- ldr r2, [sp, #16]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
@@ -2332,62 +4039,88 @@ L_AES_CBC_decrypt_loop_block_256:
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CBC_decrypt_loop_block_256
b L_AES_CBC_decrypt_end
L_AES_CBC_decrypt_loop_block_192:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r0, [sp, #8]
- str r1, [sp, #12]
+ push {r1, r12, lr}
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [lr, #16]
+ str r5, [lr, #20]
#else
- strd r0, r1, [sp, #8]
+ strd r4, r5, [lr, #16]
#endif
- str r2, [sp, #16]
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [lr, #24]
+ str r7, [lr, #28]
#else
- strd r4, r5, [r0, #16]
+ strd r6, r7, [lr, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #24]
- str r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
#else
- strd r6, r7, [r0, #24]
-#endif
- mov r2, #0xff
- ldm r3!, {r8, r9, r10, r11}
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_12
+ mov r1, #5
+ bl AES_decrypt_block
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r0, [sp, #20]
- ldm r0, {r8, r9, r10, r11}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm lr, {r8, r9, r10, r11}
+ pop {r1, r12, lr}
ldr r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
-#else
- ldrd r0, r1, [sp, #8]
-#endif
- ldr r2, [sp, #16]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
@@ -2396,71 +4129,97 @@ L_AES_CBC_decrypt_loop_block_192:
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
beq L_AES_CBC_decrypt_end_odd
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r0, [sp, #8]
- str r1, [sp, #12]
+ push {r1, r12, lr}
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [lr]
+ str r5, [lr, #4]
#else
- strd r0, r1, [sp, #8]
+ strd r4, r5, [lr]
#endif
- str r2, [sp, #16]
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [lr, #8]
+ str r7, [lr, #12]
#else
- strd r4, r5, [r0]
+ strd r6, r7, [lr, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
#else
- strd r6, r7, [r0, #8]
-#endif
- mov r2, #0xff
- ldm r3!, {r8, r9, r10, r11}
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_12
+ mov r1, #5
+ bl AES_decrypt_block
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r0, #16]
- ldr r9, [r0, #20]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r8, [lr, #16]
+ ldr r9, [lr, #20]
#else
- ldrd r8, r9, [r0, #16]
+ ldrd r8, r9, [lr, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r0, #24]
- ldr r11, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r10, [lr, #24]
+ ldr r11, [lr, #28]
#else
- ldrd r10, r11, [r0, #24]
+ ldrd r10, r11, [lr, #24]
#endif
+ pop {r1, r12, lr}
ldr r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
-#else
- ldrd r0, r1, [sp, #8]
-#endif
- ldr r2, [sp, #16]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
@@ -2469,62 +4228,88 @@ L_AES_CBC_decrypt_loop_block_192:
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CBC_decrypt_loop_block_192
b L_AES_CBC_decrypt_end
L_AES_CBC_decrypt_loop_block_128:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r0, [sp, #8]
- str r1, [sp, #12]
+ push {r1, r12, lr}
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [lr, #16]
+ str r5, [lr, #20]
#else
- strd r0, r1, [sp, #8]
+ strd r4, r5, [lr, #16]
#endif
- str r2, [sp, #16]
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [lr, #24]
+ str r7, [lr, #28]
#else
- strd r4, r5, [r0, #16]
+ strd r6, r7, [lr, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #24]
- str r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
#else
- strd r6, r7, [r0, #24]
-#endif
- mov r2, #0xff
- ldm r3!, {r8, r9, r10, r11}
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_10
+ mov r1, #4
+ bl AES_decrypt_block
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r0, [sp, #20]
- ldm r0, {r8, r9, r10, r11}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm lr, {r8, r9, r10, r11}
+ pop {r1, r12, lr}
ldr r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
-#else
- ldrd r0, r1, [sp, #8]
-#endif
- ldr r2, [sp, #16]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
@@ -2533,71 +4318,97 @@ L_AES_CBC_decrypt_loop_block_128:
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
beq L_AES_CBC_decrypt_end_odd
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r0, [sp, #8]
- str r1, [sp, #12]
+ push {r1, r12, lr}
+ ldr r4, [lr]
+ ldr r5, [lr, #4]
+ ldr r6, [lr, #8]
+ ldr r7, [lr, #12]
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [lr]
+ str r5, [lr, #4]
#else
- strd r0, r1, [sp, #8]
+ strd r4, r5, [lr]
#endif
- str r2, [sp, #16]
- ldr r4, [r0]
- ldr r5, [r0, #4]
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [lr, #8]
+ str r7, [lr, #12]
#else
- strd r4, r5, [r0]
+ strd r6, r7, [lr, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
#else
- strd r6, r7, [r0, #8]
-#endif
- mov r2, #0xff
- ldm r3!, {r8, r9, r10, r11}
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldm r3!, {r8, r9, r10, r11}
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_decrypt_block_10
+ mov r1, #4
+ bl AES_decrypt_block
+ ldr lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r0, #16]
- ldr r9, [r0, #20]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r8, [lr, #16]
+ ldr r9, [lr, #20]
#else
- ldrd r8, r9, [r0, #16]
+ ldrd r8, r9, [lr, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r0, #24]
- ldr r11, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r10, [lr, #24]
+ ldr r11, [lr, #28]
#else
- ldrd r10, r11, [r0, #24]
+ ldrd r10, r11, [lr, #24]
#endif
+ pop {r1, r12, lr}
ldr r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
-#else
- ldrd r0, r1, [sp, #8]
-#endif
- ldr r2, [sp, #16]
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
@@ -2606,40 +4417,39 @@ L_AES_CBC_decrypt_loop_block_128:
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- subs r2, r2, #16
- add r0, r0, #16
+ subs r12, r12, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_CBC_decrypt_loop_block_128
b L_AES_CBC_decrypt_end
L_AES_CBC_decrypt_end_odd:
- ldr lr, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [lr, #16]
- ldr r9, [lr, #20]
+ ldr r4, [sp, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r8, [r4, #16]
+ ldr r9, [r4, #20]
#else
- ldrd r8, r9, [lr, #16]
+ ldrd r8, r9, [r4, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [lr, #24]
- ldr r11, [lr, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r10, [r4, #24]
+ ldr r11, [r4, #28]
#else
- ldrd r10, r11, [lr, #24]
+ ldrd r10, r11, [r4, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [lr]
- str r9, [lr, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [r4]
+ str r9, [r4, #4]
#else
- strd r8, r9, [lr]
+ strd r8, r9, [r4]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [lr, #8]
- str r11, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r10, [r4, #8]
+ str r11, [r4, #12]
#else
- strd r10, r11, [lr, #8]
+ strd r10, r11, [r4, #8]
#endif
L_AES_CBC_decrypt_end:
- ldr lr, [sp, #4]
- add sp, sp, #24
+ pop {r3, r4}
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size AES_CBC_decrypt,.-AES_CBC_decrypt
#endif /* HAVE_AES_CBC */
@@ -3211,10 +5021,33 @@ L_GCM_gmult_len_start_block:
eor r9, r9, r5
eor r10, r10, r6
eor r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ # REV r8, r8
+ eor r3, r8, r8, ror #16
+ bic r3, r3, #0xff0000
+ ror r8, r8, #8
+ eor r8, r8, r3, lsr #8
+ # REV r9, r9
+ eor r3, r9, r9, ror #16
+ bic r3, r3, #0xff0000
+ ror r9, r9, #8
+ eor r9, r9, r3, lsr #8
+ # REV r10, r10
+ eor r3, r10, r10, ror #16
+ bic r3, r3, #0xff0000
+ ror r10, r10, #8
+ eor r10, r10, r3, lsr #8
+ # REV r11, r11
+ eor r3, r11, r11, ror #16
+ bic r3, r3, #0xff0000
+ ror r11, r11, #8
+ eor r11, r11, r3, lsr #8
+#else
rev r8, r8
rev r9, r9
rev r10, r10
rev r11, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
stm r0, {r8, r9, r10, r11}
pop {r3}
subs r3, r3, #16
@@ -3223,159 +5056,258 @@ L_GCM_gmult_len_start_block:
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size GCM_gmult_len,.-GCM_gmult_len
.text
+ .type L_AES_ARM32_te_gcm, %object
+ .size L_AES_ARM32_te_gcm, 12
+ .align 4
+L_AES_ARM32_te_gcm:
+ .word L_AES_ARM32_te_data
+ .text
.align 4
.globl AES_GCM_encrypt
.type AES_GCM_encrypt, %function
AES_GCM_encrypt:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
ldr r12, [sp, #36]
- ldr lr, [sp, #40]
- ldm lr, {r4, r5, r6, r7}
+ ldr r8, [sp, #40]
+ mov lr, r0
+ adr r0, L_AES_ARM32_te_gcm
+ ldr r0, [r0]
+ ldm r8, {r4, r5, r6, r7}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r10, r4, r4, ror #16
+ eor r11, r5, r5, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ eor r4, r4, r10, lsr #8
+ eor r5, r5, r11, lsr #8
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- stm lr, {r4, r5, r6, r7}
- push {lr}
- adr r8, AES_GCM_encrypt
- mov lr, #AES_GCM_encrypt-L_AES_ARM32_te
- sub lr, r8, lr
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ stm r8, {r4, r5, r6, r7}
+ push {r3, r8}
cmp r12, #10
beq L_AES_GCM_encrypt_start_block_128
cmp r12, #12
beq L_AES_GCM_encrypt_start_block_192
- mov r12, #0xff
L_AES_GCM_encrypt_loop_block_256:
- push {r0, r1}
- ldr r0, [sp, #8]
+ push {r1, r2, lr}
+ ldr lr, [sp, #16]
add r7, r7, #1
- str r7, [r0, #12]
- push {r3, lr}
ldm r3!, {r8, r9, r10, r11}
+ str r7, [lr, #12]
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_14
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #6
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
- eor r4, r8
- eor r5, r9
- eor r6, r10
- eor r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- ldr r8, [sp]
ldm r8, {r4, r5, r6, r7}
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_GCM_encrypt_loop_block_256
b L_AES_GCM_encrypt_end
L_AES_GCM_encrypt_start_block_192:
- mov r12, #0xff
L_AES_GCM_encrypt_loop_block_192:
- push {r0, r1}
- ldr r0, [sp, #8]
+ push {r1, r2, lr}
+ ldr lr, [sp, #16]
add r7, r7, #1
- str r7, [r0, #12]
- push {r3, lr}
ldm r3!, {r8, r9, r10, r11}
+ str r7, [lr, #12]
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_12
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #5
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
- eor r4, r8
- eor r5, r9
- eor r6, r10
- eor r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- ldr r8, [sp]
ldm r8, {r4, r5, r6, r7}
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_GCM_encrypt_loop_block_192
b L_AES_GCM_encrypt_end
L_AES_GCM_encrypt_start_block_128:
- mov r12, #0xff
L_AES_GCM_encrypt_loop_block_128:
- push {r0, r1}
- ldr r0, [sp, #8]
+ push {r1, r2, lr}
+ ldr lr, [sp, #16]
add r7, r7, #1
- str r7, [r0, #12]
- push {r3, lr}
ldm r3!, {r8, r9, r10, r11}
+ str r7, [lr, #12]
# Round: 0 - XOR in key schedule
eor r4, r4, r8
eor r5, r5, r9
eor r6, r6, r10
eor r7, r7, r11
- bl L_AES_encrypt_block_10
- pop {r3, lr}
- pop {r0, r1}
+ mov r1, #4
+ bl AES_encrypt_block
+ pop {r1, r2, lr}
+ ldr r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- ldr r8, [r0]
- ldr r9, [r0, #4]
- ldr r10, [r0, #8]
- ldr r11, [r0, #12]
- eor r4, r8
- eor r5, r9
- eor r6, r10
- eor r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ ldr r8, [lr]
+ ldr r9, [lr, #4]
+ ldr r10, [lr, #8]
+ ldr r11, [lr, #12]
+ eor r4, r4, r8
+ eor r5, r5, r9
+ eor r6, r6, r10
+ eor r7, r7, r11
+ ldr r8, [sp, #4]
str r4, [r1]
str r5, [r1, #4]
str r6, [r1, #8]
str r7, [r1, #12]
- ldr r8, [sp]
ldm r8, {r4, r5, r6, r7}
subs r2, r2, #16
- add r0, r0, #16
+ add lr, lr, #16
add r1, r1, #16
bne L_AES_GCM_encrypt_loop_block_128
L_AES_GCM_encrypt_end:
- pop {lr}
+ pop {r3, r8}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ eor r10, r4, r4, ror #16
+ eor r11, r5, r5, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ eor r4, r4, r10, lsr #8
+ eor r5, r5, r11, lsr #8
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#else
rev r4, r4
rev r5, r5
rev r6, r6
rev r7, r7
- stm lr, {r4, r5, r6, r7}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ stm r8, {r4, r5, r6, r7}
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size AES_GCM_encrypt,.-AES_GCM_encrypt
#endif /* HAVE_AESGCM */
#endif /* !NO_AES */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
#endif /* WOLFSSL_ARMASM */
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
new file mode 100644
index 00000000..fbc60fbd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
@@ -0,0 +1,4794 @@
+/* armv8-32-aes-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./aes/aes.rb arm32 ../wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
+#ifndef NO_AES
+#include <wolfssl/wolfcrypt/aes.h>
+
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t L_AES_ARM32_td_data[] = {
+ 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e,
+ 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303,
+ 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
+ 0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3,
+ 0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0,
+ 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
+ 0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259,
+ 0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8,
+ 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
+ 0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a,
+ 0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f,
+ 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
+ 0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8,
+ 0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab,
+ 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
+ 0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682,
+ 0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2,
+ 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
+ 0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb,
+ 0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10,
+ 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
+ 0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015,
+ 0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e,
+ 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
+ 0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000,
+ 0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72,
+ 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
+ 0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e,
+ 0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91,
+ 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
+ 0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17,
+ 0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9,
+ 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
+ 0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e,
+ 0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1,
+ 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
+ 0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1,
+ 0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3,
+ 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
+ 0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390,
+ 0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b,
+ 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
+ 0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46,
+ 0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af,
+ 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
+ 0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb,
+ 0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a,
+ 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
+ 0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c,
+ 0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266,
+ 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
+ 0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6,
+ 0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604,
+ 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
+ 0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41,
+ 0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647,
+ 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
+ 0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1,
+ 0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737,
+ 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
+ 0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340,
+ 0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95,
+ 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
+ 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857,
+};
+
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t L_AES_ARM32_te_data[] = {
+ 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b,
+ 0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5,
+ 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
+ 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676,
+ 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d,
+ 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
+ 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf,
+ 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0,
+ 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
+ 0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc,
+ 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1,
+ 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
+ 0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3,
+ 0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a,
+ 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
+ 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575,
+ 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a,
+ 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
+ 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3,
+ 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484,
+ 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
+ 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b,
+ 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939,
+ 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
+ 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb,
+ 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585,
+ 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
+ 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8,
+ 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f,
+ 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
+ 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121,
+ 0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2,
+ 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
+ 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717,
+ 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d,
+ 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
+ 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc,
+ 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888,
+ 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
+ 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb,
+ 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a,
+ 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
+ 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262,
+ 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979,
+ 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
+ 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9,
+ 0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea,
+ 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
+ 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e,
+ 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6,
+ 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
+ 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a,
+ 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666,
+ 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
+ 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9,
+ 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e,
+ 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
+ 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494,
+ 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9,
+ 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
+ 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d,
+ 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868,
+ 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
+ 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616,
+};
+
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t* L_AES_ARM32_td = L_AES_ARM32_td_data;
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_ARM32_te = L_AES_ARM32_te_data;
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+void AES_invert_key(unsigned char* ks, word32 rounds);
+void AES_invert_key(unsigned char* ks_p, word32 rounds_p)
+{
+ register unsigned char* ks asm ("r0") = (unsigned char*)ks_p;
+ register word32 rounds asm ("r1") = (word32)rounds_p;
+ register uint32_t* L_AES_ARM32_te_c asm ("r2") = (uint32_t*)L_AES_ARM32_te;
+ register uint32_t* L_AES_ARM32_td_c asm ("r3") = (uint32_t*)L_AES_ARM32_td;
+
+ __asm__ __volatile__ (
+ "mov r12, %[L_AES_ARM32_te]\n\t"
+ "mov lr, %[L_AES_ARM32_td]\n\t"
+ "add r10, %[ks], %[rounds], lsl #4\n\t"
+ "mov r11, %[rounds]\n\t"
+ "\n"
+ "L_AES_invert_key_loop_%=: \n\t"
+ "ldm %[ks], {r2, r3, r4, r5}\n\t"
+ "ldm r10, {r6, r7, r8, r9}\n\t"
+ "stm r10, {r2, r3, r4, r5}\n\t"
+ "stm %[ks]!, {r6, r7, r8, r9}\n\t"
+ "subs r11, r11, #2\n\t"
+ "sub r10, r10, #16\n\t"
+ "bne L_AES_invert_key_loop_%=\n\t"
+ "sub %[ks], %[ks], %[rounds], lsl #3\n\t"
+ "add %[ks], %[ks], #16\n\t"
+ "sub r11, %[rounds], #1\n\t"
+ "\n"
+ "L_AES_invert_key_mix_loop_%=: \n\t"
+ "ldm %[ks], {r2, r3, r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r2, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r2\n\t"
+#endif
+#else
+ "ubfx r6, r2, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r2, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r2, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r2, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r2, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r2, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r2, #16, #8\n\t"
+#endif
+ "lsr r9, r2, #24\n\t"
+ "ldrb r6, [r12, r6, lsl #2]\n\t"
+ "ldrb r7, [r12, r7, lsl #2]\n\t"
+ "ldrb r8, [r12, r8, lsl #2]\n\t"
+ "ldrb r9, [r12, r9, lsl #2]\n\t"
+ "ldr r6, [lr, r6, lsl #2]\n\t"
+ "ldr r7, [lr, r7, lsl #2]\n\t"
+ "ldr r8, [lr, r8, lsl #2]\n\t"
+ "ldr r9, [lr, r9, lsl #2]\n\t"
+ "eor r8, r8, r6, ror #16\n\t"
+ "eor r8, r8, r7, ror #8\n\t"
+ "eor r8, r8, r9, ror #24\n\t"
+ "str r8, [%[ks]], #4\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r3, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r3\n\t"
+#endif
+#else
+ "ubfx r6, r3, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r3, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r3, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r3, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r3, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r3, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r3, #16, #8\n\t"
+#endif
+ "lsr r9, r3, #24\n\t"
+ "ldrb r6, [r12, r6, lsl #2]\n\t"
+ "ldrb r7, [r12, r7, lsl #2]\n\t"
+ "ldrb r8, [r12, r8, lsl #2]\n\t"
+ "ldrb r9, [r12, r9, lsl #2]\n\t"
+ "ldr r6, [lr, r6, lsl #2]\n\t"
+ "ldr r7, [lr, r7, lsl #2]\n\t"
+ "ldr r8, [lr, r8, lsl #2]\n\t"
+ "ldr r9, [lr, r9, lsl #2]\n\t"
+ "eor r8, r8, r6, ror #16\n\t"
+ "eor r8, r8, r7, ror #8\n\t"
+ "eor r8, r8, r9, ror #24\n\t"
+ "str r8, [%[ks]], #4\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r4, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r4\n\t"
+#endif
+#else
+ "ubfx r6, r4, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r4, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r4, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r4, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r4, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r4, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r4, #16, #8\n\t"
+#endif
+ "lsr r9, r4, #24\n\t"
+ "ldrb r6, [r12, r6, lsl #2]\n\t"
+ "ldrb r7, [r12, r7, lsl #2]\n\t"
+ "ldrb r8, [r12, r8, lsl #2]\n\t"
+ "ldrb r9, [r12, r9, lsl #2]\n\t"
+ "ldr r6, [lr, r6, lsl #2]\n\t"
+ "ldr r7, [lr, r7, lsl #2]\n\t"
+ "ldr r8, [lr, r8, lsl #2]\n\t"
+ "ldr r9, [lr, r9, lsl #2]\n\t"
+ "eor r8, r8, r6, ror #16\n\t"
+ "eor r8, r8, r7, ror #8\n\t"
+ "eor r8, r8, r9, ror #24\n\t"
+ "str r8, [%[ks]], #4\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r5, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r5\n\t"
+#endif
+#else
+ "ubfx r6, r5, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r5, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r5, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r5, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r5, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r5, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r5, #16, #8\n\t"
+#endif
+ "lsr r9, r5, #24\n\t"
+ "ldrb r6, [r12, r6, lsl #2]\n\t"
+ "ldrb r7, [r12, r7, lsl #2]\n\t"
+ "ldrb r8, [r12, r8, lsl #2]\n\t"
+ "ldrb r9, [r12, r9, lsl #2]\n\t"
+ "ldr r6, [lr, r6, lsl #2]\n\t"
+ "ldr r7, [lr, r7, lsl #2]\n\t"
+ "ldr r8, [lr, r8, lsl #2]\n\t"
+ "ldr r9, [lr, r9, lsl #2]\n\t"
+ "eor r8, r8, r6, ror #16\n\t"
+ "eor r8, r8, r7, ror #8\n\t"
+ "eor r8, r8, r9, ror #24\n\t"
+ "str r8, [%[ks]], #4\n\t"
+ "subs r11, r11, #1\n\t"
+ "bne L_AES_invert_key_mix_loop_%=\n\t"
+ : [ks] "+r" (ks), [rounds] "+r" (rounds), [L_AES_ARM32_te] "+r" (L_AES_ARM32_te_c), [L_AES_ARM32_td] "+r" (L_AES_ARM32_td_c)
+ :
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AES_DECRYPT */
+static const uint32_t L_AES_ARM32_rcon[] = {
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000,
+ 0x10000000, 0x20000000, 0x40000000, 0x80000000,
+ 0x1b000000, 0x36000000,
+};
+
+void AES_set_encrypt_key(const unsigned char* key, word32 len, unsigned char* ks);
+void AES_set_encrypt_key(const unsigned char* key_p, word32 len_p, unsigned char* ks_p)
+{
+ register const unsigned char* key asm ("r0") = (const unsigned char*)key_p;
+ register word32 len asm ("r1") = (word32)len_p;
+ register unsigned char* ks asm ("r2") = (unsigned char*)ks_p;
+ register uint32_t* L_AES_ARM32_te_c asm ("r3") = (uint32_t*)L_AES_ARM32_te;
+ register uint32_t* L_AES_ARM32_rcon_c asm ("r4") = (uint32_t*)&L_AES_ARM32_rcon;
+
+ __asm__ __volatile__ (
+ "mov r8, %[L_AES_ARM32_te]\n\t"
+ "mov lr, %[L_AES_ARM32_rcon]\n\t"
+ "cmp %[len], #0x80\n\t"
+ "beq L_AES_set_encrypt_key_start_128_%=\n\t"
+ "cmp %[len], #0xc0\n\t"
+ "beq L_AES_set_encrypt_key_start_192_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [%[key]]\n\t"
+ "ldr r5, [%[key], #4]\n\t"
+#else
+ "ldrd r4, r5, [%[key]]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [%[key], #8]\n\t"
+ "ldr r7, [%[key], #12]\n\t"
+#else
+ "ldrd r6, r7, [%[key], #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ /* REV r4, r4 */
+ "eor r3, r4, r4, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "eor r4, r4, r3, lsr #8\n\t"
+ /* REV r5, r5 */
+ "eor r3, r5, r5, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r5, r5, r3, lsr #8\n\t"
+ /* REV r6, r6 */
+ "eor r3, r6, r6, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "eor r6, r6, r3, lsr #8\n\t"
+ /* REV r7, r7 */
+ "eor r3, r7, r7, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r7, r7, r3, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm %[ks]!, {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [%[key], #16]\n\t"
+ "ldr r5, [%[key], #20]\n\t"
+#else
+ "ldrd r4, r5, [%[key], #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [%[key], #24]\n\t"
+ "ldr r7, [%[key], #28]\n\t"
+#else
+ "ldrd r6, r7, [%[key], #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ /* REV r4, r4 */
+ "eor r3, r4, r4, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "eor r4, r4, r3, lsr #8\n\t"
+ /* REV r5, r5 */
+ "eor r3, r5, r5, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r5, r5, r3, lsr #8\n\t"
+ /* REV r6, r6 */
+ "eor r3, r6, r6, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "eor r6, r6, r3, lsr #8\n\t"
+ /* REV r7, r7 */
+ "eor r3, r7, r7, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r7, r7, r3, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+ "sub %[ks], %[ks], #16\n\t"
+ "mov r12, #6\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_loop_256_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r7, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r7\n\t"
+#endif
+#else
+ "ubfx r4, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r7, #16\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r5, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r7, #8\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r6, r7, #16, #8\n\t"
+#endif
+ "lsr r7, r7, #24\n\t"
+ "ldrb r4, [r8, r4, lsl #2]\n\t"
+ "ldrb r5, [r8, r5, lsl #2]\n\t"
+ "ldrb r6, [r8, r6, lsl #2]\n\t"
+ "ldrb r7, [r8, r7, lsl #2]\n\t"
+ "eor r3, r7, r4, lsl #8\n\t"
+ "eor r3, r3, r5, lsl #16\n\t"
+ "eor r3, r3, r6, lsl #24\n\t"
+ "ldm %[ks]!, {r4, r5, r6, r7}\n\t"
+ "eor r4, r4, r3\n\t"
+ "ldm lr!, {r3}\n\t"
+ "eor r4, r4, r3\n\t"
+ "eor r5, r5, r4\n\t"
+ "eor r6, r6, r5\n\t"
+ "eor r7, r7, r6\n\t"
+ "add %[ks], %[ks], #16\n\t"
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+ "sub %[ks], %[ks], #16\n\t"
+ "mov r3, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r3, #16\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r3, ror #8\n\t"
+#endif
+#else
+ "ubfx r4, r3, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r3, #8\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r3, ror #16\n\t"
+#endif
+#else
+ "ubfx r5, r3, #16, #8\n\t"
+#endif
+ "lsr r6, r3, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r3, r3, #24\n\t"
+ "lsr r3, r3, #24\n\t"
+#else
+ "uxtb r3, r3\n\t"
+#endif
+#else
+ "ubfx r3, r3, #0, #8\n\t"
+#endif
+ "ldrb r4, [r8, r4, lsl #2]\n\t"
+ "ldrb r6, [r8, r6, lsl #2]\n\t"
+ "ldrb r5, [r8, r5, lsl #2]\n\t"
+ "ldrb r3, [r8, r3, lsl #2]\n\t"
+ "eor r3, r3, r4, lsl #8\n\t"
+ "eor r3, r3, r5, lsl #16\n\t"
+ "eor r3, r3, r6, lsl #24\n\t"
+ "ldm %[ks]!, {r4, r5, r6, r7}\n\t"
+ "eor r4, r4, r3\n\t"
+ "eor r5, r5, r4\n\t"
+ "eor r6, r6, r5\n\t"
+ "eor r7, r7, r6\n\t"
+ "add %[ks], %[ks], #16\n\t"
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+ "sub %[ks], %[ks], #16\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_AES_set_encrypt_key_loop_256_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r7, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r7\n\t"
+#endif
+#else
+ "ubfx r4, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r7, #16\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r5, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r7, #8\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r6, r7, #16, #8\n\t"
+#endif
+ "lsr r7, r7, #24\n\t"
+ "ldrb r4, [r8, r4, lsl #2]\n\t"
+ "ldrb r5, [r8, r5, lsl #2]\n\t"
+ "ldrb r6, [r8, r6, lsl #2]\n\t"
+ "ldrb r7, [r8, r7, lsl #2]\n\t"
+ "eor r3, r7, r4, lsl #8\n\t"
+ "eor r3, r3, r5, lsl #16\n\t"
+ "eor r3, r3, r6, lsl #24\n\t"
+ "ldm %[ks]!, {r4, r5, r6, r7}\n\t"
+ "eor r4, r4, r3\n\t"
+ "ldm lr!, {r3}\n\t"
+ "eor r4, r4, r3\n\t"
+ "eor r5, r5, r4\n\t"
+ "eor r6, r6, r5\n\t"
+ "eor r7, r7, r6\n\t"
+ "add %[ks], %[ks], #16\n\t"
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+ "sub %[ks], %[ks], #16\n\t"
+ "b L_AES_set_encrypt_key_end_%=\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_start_192_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [%[key]]\n\t"
+ "ldr r5, [%[key], #4]\n\t"
+#else
+ "ldrd r4, r5, [%[key]]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [%[key], #8]\n\t"
+ "ldr r7, [%[key], #12]\n\t"
+#else
+ "ldrd r6, r7, [%[key], #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr %[len], [%[key], #20]\n\t"
+ "ldr %[key], [%[key], #16]\n\t"
+#else
+ "ldrd %[key], %[len], [%[key], #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ /* REV r4, r4 */
+ "eor r3, r4, r4, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "eor r4, r4, r3, lsr #8\n\t"
+ /* REV r5, r5 */
+ "eor r3, r5, r5, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r5, r5, r3, lsr #8\n\t"
+ /* REV r6, r6 */
+ "eor r3, r6, r6, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "eor r6, r6, r3, lsr #8\n\t"
+ /* REV r7, r7 */
+ "eor r3, r7, r7, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r7, r7, r3, lsr #8\n\t"
+ /* REV r0, r0 */
+ "eor r3, %[key], %[key], ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror %[key], %[key], #8\n\t"
+ "eor %[key], %[key], r3, lsr #8\n\t"
+ /* REV r1, r1 */
+ "eor r3, %[len], %[len], ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror %[len], %[len], #8\n\t"
+ "eor %[len], %[len], r3, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+ "rev %[key], %[key]\n\t"
+ "rev %[len], %[len]\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str %[key], [%[ks], #16]\n\t"
+ "str %[len], [%[ks], #20]\n\t"
+#else
+ "strd %[key], %[len], [%[ks], #16]\n\t"
+#endif
+ "mov r7, %[len]\n\t"
+ "mov r12, #7\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_loop_192_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r0, r7, #24\n\t"
+ "lsr r0, r0, #24\n\t"
+#else
+ "uxtb r0, r7\n\t"
+#endif
+#else
+ "ubfx r0, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r1, r7, #16\n\t"
+ "lsr r1, r1, #24\n\t"
+#else
+ "uxtb r1, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r1, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r7, #8\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r4, r7, #16, #8\n\t"
+#endif
+ "lsr r7, r7, #24\n\t"
+ "ldrb r0, [r8, r0, lsl #2]\n\t"
+ "ldrb r1, [r8, r1, lsl #2]\n\t"
+ "ldrb r4, [r8, r4, lsl #2]\n\t"
+ "ldrb r7, [r8, r7, lsl #2]\n\t"
+ "eor r3, r7, r0, lsl #8\n\t"
+ "eor r3, r3, r1, lsl #16\n\t"
+ "eor r3, r3, r4, lsl #24\n\t"
+ "ldm %[ks]!, {r0, r1, r4, r5, r6, r7}\n\t"
+ "eor r0, r0, r3\n\t"
+ "ldm lr!, {r3}\n\t"
+ "eor r0, r0, r3\n\t"
+ "eor r1, r1, r0\n\t"
+ "eor r4, r4, r1\n\t"
+ "eor r5, r5, r4\n\t"
+ "eor r6, r6, r5\n\t"
+ "eor r7, r7, r6\n\t"
+ "stm %[ks], {r0, r1, r4, r5, r6, r7}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_AES_set_encrypt_key_loop_192_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r0, r7, #24\n\t"
+ "lsr r0, r0, #24\n\t"
+#else
+ "uxtb r0, r7\n\t"
+#endif
+#else
+ "ubfx r0, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r1, r7, #16\n\t"
+ "lsr r1, r1, #24\n\t"
+#else
+ "uxtb r1, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r1, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r7, #8\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r4, r7, #16, #8\n\t"
+#endif
+ "lsr r7, r7, #24\n\t"
+ "ldrb r0, [r8, r0, lsl #2]\n\t"
+ "ldrb r1, [r8, r1, lsl #2]\n\t"
+ "ldrb r4, [r8, r4, lsl #2]\n\t"
+ "ldrb r7, [r8, r7, lsl #2]\n\t"
+ "eor r3, r7, r0, lsl #8\n\t"
+ "eor r3, r3, r1, lsl #16\n\t"
+ "eor r3, r3, r4, lsl #24\n\t"
+ "ldm %[ks]!, {r0, r1, r4, r5, r6, r7}\n\t"
+ "eor r0, r0, r3\n\t"
+ "ldm lr!, {r3}\n\t"
+ "eor r0, r0, r3\n\t"
+ "eor r1, r1, r0\n\t"
+ "eor r4, r4, r1\n\t"
+ "eor r5, r5, r4\n\t"
+ "stm %[ks], {r0, r1, r4, r5}\n\t"
+ "b L_AES_set_encrypt_key_end_%=\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_start_128_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [%[key]]\n\t"
+ "ldr r5, [%[key], #4]\n\t"
+#else
+ "ldrd r4, r5, [%[key]]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [%[key], #8]\n\t"
+ "ldr r7, [%[key], #12]\n\t"
+#else
+ "ldrd r6, r7, [%[key], #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ /* REV r4, r4 */
+ "eor r3, r4, r4, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "eor r4, r4, r3, lsr #8\n\t"
+ /* REV r5, r5 */
+ "eor r3, r5, r5, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r5, r5, r3, lsr #8\n\t"
+ /* REV r6, r6 */
+ "eor r3, r6, r6, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "eor r6, r6, r3, lsr #8\n\t"
+ /* REV r7, r7 */
+ "eor r3, r7, r7, ror #16\n\t"
+ "bic r3, r3, #0xff0000\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r7, r7, r3, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+ "mov r12, #10\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_loop_128_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r7, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r7\n\t"
+#endif
+#else
+ "ubfx r4, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r7, #16\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r5, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r7, #8\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r6, r7, #16, #8\n\t"
+#endif
+ "lsr r7, r7, #24\n\t"
+ "ldrb r4, [r8, r4, lsl #2]\n\t"
+ "ldrb r5, [r8, r5, lsl #2]\n\t"
+ "ldrb r6, [r8, r6, lsl #2]\n\t"
+ "ldrb r7, [r8, r7, lsl #2]\n\t"
+ "eor r3, r7, r4, lsl #8\n\t"
+ "eor r3, r3, r5, lsl #16\n\t"
+ "eor r3, r3, r6, lsl #24\n\t"
+ "ldm %[ks]!, {r4, r5, r6, r7}\n\t"
+ "eor r4, r4, r3\n\t"
+ "ldm lr!, {r3}\n\t"
+ "eor r4, r4, r3\n\t"
+ "eor r5, r5, r4\n\t"
+ "eor r6, r6, r5\n\t"
+ "eor r7, r7, r6\n\t"
+ "stm %[ks], {r4, r5, r6, r7}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_AES_set_encrypt_key_loop_128_%=\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_end_%=: \n\t"
+ : [key] "+r" (key), [len] "+r" (len), [ks] "+r" (ks), [L_AES_ARM32_te] "+r" (L_AES_ARM32_te_c), [L_AES_ARM32_rcon] "+r" (L_AES_ARM32_rcon_c)
+ :
+ : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+void AES_encrypt_block(const uint32_t* te, int nr, int len, const uint32_t* ks);
+void AES_encrypt_block(const uint32_t* te_p, int nr_p, int len_p, const uint32_t* ks_p)
+{
+ register const uint32_t* te asm ("r0") = (const uint32_t*)te_p;
+ register int nr asm ("r1") = (int)nr_p;
+ register int len asm ("r2") = (int)len_p;
+ register const uint32_t* ks asm ("r3") = (const uint32_t*)ks_p;
+
+ __asm__ __volatile__ (
+ "\n"
+ "L_AES_encrypt_block_nr_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r5, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r5, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r5, #16, #8\n\t"
+#endif
+ "lsr r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r6, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r6, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r7, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r7\n\t"
+#endif
+#else
+ "ubfx r2, r7, #0, #8\n\t"
+#endif
+ "ldr r8, [%[te], r8, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r9, r6, #8\n\t"
+ "lsr r9, r9, #24\n\t"
+#else
+ "uxtb r9, r6, ror #16\n\t"
+#endif
+#else
+ "ubfx r9, r6, #16, #8\n\t"
+#endif
+ "eor r8, r8, r11, ror #24\n\t"
+ "lsr r11, r5, #24\n\t"
+ "eor r8, r8, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r7, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r7, #8, #8\n\t"
+#endif
+ "eor r8, r8, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r4, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r4\n\t"
+#endif
+#else
+ "ubfx r2, r4, #0, #8\n\t"
+#endif
+ "ldr r9, [%[te], r9, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r10, r7, #8\n\t"
+ "lsr r10, r10, #24\n\t"
+#else
+ "uxtb r10, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r10, r7, #16, #8\n\t"
+#endif
+ "eor r9, r9, r11, ror #24\n\t"
+ "lsr r11, r6, #24\n\t"
+ "eor r9, r9, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r4, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r4, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r4, #8, #8\n\t"
+#endif
+ "eor r9, r9, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r5, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r5\n\t"
+#endif
+#else
+ "ubfx r2, r5, #0, #8\n\t"
+#endif
+ "ldr r10, [%[te], r10, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r6, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r6\n\t"
+#endif
+#else
+ "ubfx r6, r6, #0, #8\n\t"
+#endif
+ "eor r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r11, r4, #8\n\t"
+ "lsr r11, r11, #24\n\t"
+#else
+ "uxtb r11, r4, ror #16\n\t"
+#endif
+#else
+ "ubfx r11, r4, #16, #8\n\t"
+#endif
+ "eor r10, r10, lr, ror #8\n\t"
+ "lsr lr, r7, #24\n\t"
+ "eor r10, r10, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r5, #16\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r5, ror #8\n\t"
+#endif
+#else
+ "ubfx r2, r5, #8, #8\n\t"
+#endif
+ "ldr r6, [%[te], r6, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+ "eor lr, lr, r6, ror #24\n\t"
+ "ldm %[ks]!, {r4, r5, r6, r7}\n\t"
+ "eor r11, r11, lr, ror #24\n\t"
+ "eor r11, r11, r2, ror #8\n\t"
+ /* XOR in Key Schedule */
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r9, #8\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r9, ror #16\n\t"
+#endif
+#else
+ "ubfx r4, r9, #16, #8\n\t"
+#endif
+ "lsr r7, r8, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r10, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r10, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r11, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r11\n\t"
+#endif
+#else
+ "ubfx r2, r11, #0, #8\n\t"
+#endif
+ "ldr r4, [%[te], r4, lsl #2]\n\t"
+ "ldr r7, [%[te], r7, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r10, #8\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r10, ror #16\n\t"
+#endif
+#else
+ "ubfx r5, r10, #16, #8\n\t"
+#endif
+ "eor r4, r4, r7, ror #24\n\t"
+ "lsr r7, r9, #24\n\t"
+ "eor r4, r4, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r11, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r11, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r11, #8, #8\n\t"
+#endif
+ "eor r4, r4, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r8, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r8\n\t"
+#endif
+#else
+ "ubfx r2, r8, #0, #8\n\t"
+#endif
+ "ldr r5, [%[te], r5, lsl #2]\n\t"
+ "ldr r7, [%[te], r7, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r11, #8\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r11, ror #16\n\t"
+#endif
+#else
+ "ubfx r6, r11, #16, #8\n\t"
+#endif
+ "eor r5, r5, r7, ror #24\n\t"
+ "lsr r7, r10, #24\n\t"
+ "eor r5, r5, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r8, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r8, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r8, #8, #8\n\t"
+#endif
+ "eor r5, r5, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r9, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r9\n\t"
+#endif
+#else
+ "ubfx r2, r9, #0, #8\n\t"
+#endif
+ "ldr r6, [%[te], r6, lsl #2]\n\t"
+ "ldr r7, [%[te], r7, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r10, r10, #24\n\t"
+ "lsr r10, r10, #24\n\t"
+#else
+ "uxtb r10, r10\n\t"
+#endif
+#else
+ "ubfx r10, r10, #0, #8\n\t"
+#endif
+ "eor r6, r6, r7, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r8, #8\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r8, ror #16\n\t"
+#endif
+#else
+ "ubfx r7, r8, #16, #8\n\t"
+#endif
+ "eor r6, r6, lr, ror #8\n\t"
+ "lsr lr, r11, #24\n\t"
+ "eor r6, r6, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r9, #16\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r9, ror #8\n\t"
+#endif
+#else
+ "ubfx r2, r9, #8, #8\n\t"
+#endif
+ "ldr r10, [%[te], r10, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r7, [%[te], r7, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+ "eor lr, lr, r10, ror #24\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ "eor r7, r7, lr, ror #24\n\t"
+ "eor r7, r7, r2, ror #8\n\t"
+ /* XOR in Key Schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "subs %[nr], %[nr], #1\n\t"
+ "bne L_AES_encrypt_block_nr_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r5, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r5, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r5, #16, #8\n\t"
+#endif
+ "lsr r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r6, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r6, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r7, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r7\n\t"
+#endif
+#else
+ "ubfx r2, r7, #0, #8\n\t"
+#endif
+ "ldr r8, [%[te], r8, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r9, r6, #8\n\t"
+ "lsr r9, r9, #24\n\t"
+#else
+ "uxtb r9, r6, ror #16\n\t"
+#endif
+#else
+ "ubfx r9, r6, #16, #8\n\t"
+#endif
+ "eor r8, r8, r11, ror #24\n\t"
+ "lsr r11, r5, #24\n\t"
+ "eor r8, r8, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r7, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r7, #8, #8\n\t"
+#endif
+ "eor r8, r8, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r4, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r4\n\t"
+#endif
+#else
+ "ubfx r2, r4, #0, #8\n\t"
+#endif
+ "ldr r9, [%[te], r9, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r10, r7, #8\n\t"
+ "lsr r10, r10, #24\n\t"
+#else
+ "uxtb r10, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r10, r7, #16, #8\n\t"
+#endif
+ "eor r9, r9, r11, ror #24\n\t"
+ "lsr r11, r6, #24\n\t"
+ "eor r9, r9, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r4, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r4, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r4, #8, #8\n\t"
+#endif
+ "eor r9, r9, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r5, #24\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r5\n\t"
+#endif
+#else
+ "ubfx r2, r5, #0, #8\n\t"
+#endif
+ "ldr r10, [%[te], r10, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r6, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r6\n\t"
+#endif
+#else
+ "ubfx r6, r6, #0, #8\n\t"
+#endif
+ "eor r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r11, r4, #8\n\t"
+ "lsr r11, r11, #24\n\t"
+#else
+ "uxtb r11, r4, ror #16\n\t"
+#endif
+#else
+ "ubfx r11, r4, #16, #8\n\t"
+#endif
+ "eor r10, r10, lr, ror #8\n\t"
+ "lsr lr, r7, #24\n\t"
+ "eor r10, r10, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r5, #16\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r5, ror #8\n\t"
+#endif
+#else
+ "ubfx r2, r5, #8, #8\n\t"
+#endif
+ "ldr r6, [%[te], r6, lsl #2]\n\t"
+ "ldr lr, [%[te], lr, lsl #2]\n\t"
+ "ldr r11, [%[te], r11, lsl #2]\n\t"
+ "ldr r2, [%[te], r2, lsl #2]\n\t"
+ "eor lr, lr, r6, ror #24\n\t"
+ "ldm %[ks]!, {r4, r5, r6, r7}\n\t"
+ "eor r11, r11, lr, ror #24\n\t"
+ "eor r11, r11, r2, ror #8\n\t"
+ /* XOR in Key Schedule */
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r11, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r11\n\t"
+#endif
+#else
+ "ubfx r4, r11, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r10, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r10, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r9, #8\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r9, ror #16\n\t"
+#endif
+#else
+ "ubfx lr, r9, #16, #8\n\t"
+#endif
+ "lsr r2, r8, #24\n\t"
+ "ldrb r4, [%[te], r4, lsl #2]\n\t"
+ "ldrb r7, [%[te], r7, lsl #2]\n\t"
+ "ldrb lr, [%[te], lr, lsl #2]\n\t"
+ "ldrb r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r8, #24\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r8\n\t"
+#endif
+#else
+ "ubfx r5, r8, #0, #8\n\t"
+#endif
+ "eor r4, r4, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r11, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r11, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r11, #8, #8\n\t"
+#endif
+ "eor r4, r4, lr, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r10, #8\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r10, ror #16\n\t"
+#endif
+#else
+ "ubfx lr, r10, #16, #8\n\t"
+#endif
+ "eor r4, r4, r2, lsl #24\n\t"
+ "lsr r2, r9, #24\n\t"
+ "ldrb r5, [%[te], r5, lsl #2]\n\t"
+ "ldrb r7, [%[te], r7, lsl #2]\n\t"
+ "ldrb lr, [%[te], lr, lsl #2]\n\t"
+ "ldrb r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r9, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r9\n\t"
+#endif
+#else
+ "ubfx r6, r9, #0, #8\n\t"
+#endif
+ "eor r5, r5, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r8, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r8, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r8, #8, #8\n\t"
+#endif
+ "eor r5, r5, lr, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r11, #8\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r11, ror #16\n\t"
+#endif
+#else
+ "ubfx lr, r11, #16, #8\n\t"
+#endif
+ "eor r5, r5, r2, lsl #24\n\t"
+ "lsr r2, r10, #24\n\t"
+ "ldrb r6, [%[te], r6, lsl #2]\n\t"
+ "ldrb r7, [%[te], r7, lsl #2]\n\t"
+ "ldrb lr, [%[te], lr, lsl #2]\n\t"
+ "ldrb r2, [%[te], r2, lsl #2]\n\t"
+ "lsr r11, r11, #24\n\t"
+ "eor r6, r6, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r10, #24\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r10\n\t"
+#endif
+#else
+ "ubfx r7, r10, #0, #8\n\t"
+#endif
+ "eor r6, r6, lr, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r9, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r9, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r9, #8, #8\n\t"
+#endif
+ "eor r6, r6, r2, lsl #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r2, r8, #8\n\t"
+ "lsr r2, r2, #24\n\t"
+#else
+ "uxtb r2, r8, ror #16\n\t"
+#endif
+#else
+ "ubfx r2, r8, #16, #8\n\t"
+#endif
+ "ldrb r11, [%[te], r11, lsl #2]\n\t"
+ "ldrb r7, [%[te], r7, lsl #2]\n\t"
+ "ldrb lr, [%[te], lr, lsl #2]\n\t"
+ "ldrb r2, [%[te], r2, lsl #2]\n\t"
+ "eor lr, lr, r11, lsl #16\n\t"
+ "ldm %[ks], {r8, r9, r10, r11}\n\t"
+ "eor r7, r7, lr, lsl #8\n\t"
+ "eor r7, r7, r2, lsl #16\n\t"
+ /* XOR in Key Schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ : [te] "+r" (te), [nr] "+r" (nr), [len] "+r" (len), [ks] "+r" (ks)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_ARM32_te_ecb = L_AES_ARM32_te_data;
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr);
+void AES_ECB_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+{
+ register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+ register unsigned long len asm ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+ register int nr asm ("r4") = (int)nr_p;
+ register uint32_t* L_AES_ARM32_te_ecb_c asm ("r5") = (uint32_t*)L_AES_ARM32_te_ecb;
+
+ __asm__ __volatile__ (
+ "mov lr, %[in]\n\t"
+ "mov r0, %[L_AES_ARM32_te_ecb]\n\t"
+ "mov r12, r4\n\t"
+ "push {%[ks]}\n\t"
+ "cmp r12, #10\n\t"
+ "beq L_AES_ECB_encrypt_start_block_128_%=\n\t"
+ "cmp r12, #12\n\t"
+ "beq L_AES_ECB_encrypt_start_block_192_%=\n\t"
+ "\n"
+ "L_AES_ECB_encrypt_loop_block_256_%=: \n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "push {r1, %[len], lr}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_ECB_encrypt_loop_block_256_%=\n\t"
+ "b L_AES_ECB_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_ECB_encrypt_start_block_192_%=: \n\t"
+ "\n"
+ "L_AES_ECB_encrypt_loop_block_192_%=: \n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "push {r1, %[len], lr}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_ECB_encrypt_loop_block_192_%=\n\t"
+ "b L_AES_ECB_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_ECB_encrypt_start_block_128_%=: \n\t"
+ "\n"
+ "L_AES_ECB_encrypt_loop_block_128_%=: \n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "push {r1, %[len], lr}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_ECB_encrypt_loop_block_128_%=\n\t"
+ "\n"
+ "L_AES_ECB_encrypt_end_%=: \n\t"
+ "pop {%[ks]}\n\t"
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [L_AES_ARM32_te_ecb] "+r" (L_AES_ARM32_te_ecb_c)
+ :
+ : "memory", "r12", "lr", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+static const uint32_t* L_AES_ARM32_te_cbc = L_AES_ARM32_te_data;
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+void AES_CBC_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+{
+ register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+ register unsigned long len asm ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+ register int nr asm ("r4") = (int)nr_p;
+ register unsigned char* iv asm ("r5") = (unsigned char*)iv_p;
+ register uint32_t* L_AES_ARM32_te_cbc_c asm ("r6") = (uint32_t*)L_AES_ARM32_te_cbc;
+
+ __asm__ __volatile__ (
+ "mov r8, r4\n\t"
+ "mov r9, r5\n\t"
+ "mov lr, %[in]\n\t"
+ "mov r0, %[L_AES_ARM32_te_cbc]\n\t"
+ "ldm r9, {r4, r5, r6, r7}\n\t"
+ "push {%[ks], r9}\n\t"
+ "cmp r8, #10\n\t"
+ "beq L_AES_CBC_encrypt_start_block_128_%=\n\t"
+ "cmp r8, #12\n\t"
+ "beq L_AES_CBC_encrypt_start_block_192_%=\n\t"
+ "\n"
+ "L_AES_CBC_encrypt_loop_block_256_%=: \n\t"
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "push {r1, %[len], lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CBC_encrypt_loop_block_256_%=\n\t"
+ "b L_AES_CBC_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CBC_encrypt_start_block_192_%=: \n\t"
+ "\n"
+ "L_AES_CBC_encrypt_loop_block_192_%=: \n\t"
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "push {r1, %[len], lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CBC_encrypt_loop_block_192_%=\n\t"
+ "b L_AES_CBC_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CBC_encrypt_start_block_128_%=: \n\t"
+ "\n"
+ "L_AES_CBC_encrypt_loop_block_128_%=: \n\t"
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "push {r1, %[len], lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CBC_encrypt_loop_block_128_%=\n\t"
+ "\n"
+ "L_AES_CBC_encrypt_end_%=: \n\t"
+ "pop {%[ks], r9}\n\t"
+ "stm r9, {r4, r5, r6, r7}\n\t"
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv), [L_AES_ARM32_te_cbc] "+r" (L_AES_ARM32_te_cbc_c)
+ :
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AES_CBC */
+#ifdef WOLFSSL_AES_COUNTER
+static const uint32_t* L_AES_ARM32_te_ctr = L_AES_ARM32_te_data;
+void AES_CTR_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+{
+ register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+ register unsigned long len asm ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+ register int nr asm ("r4") = (int)nr_p;
+ register unsigned char* ctr asm ("r5") = (unsigned char*)ctr_p;
+ register uint32_t* L_AES_ARM32_te_ctr_c asm ("r6") = (uint32_t*)L_AES_ARM32_te_ctr;
+
+ __asm__ __volatile__ (
+ "mov r12, r4\n\t"
+ "mov r8, r5\n\t"
+ "mov lr, %[in]\n\t"
+ "mov r0, %[L_AES_ARM32_te_ctr]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r10, r4, r4, ror #16\n\t"
+ "eor r11, r5, r5, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r4, r4, r10, lsr #8\n\t"
+ "eor r5, r5, r11, lsr #8\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm r8, {r4, r5, r6, r7}\n\t"
+ "push {%[ks], r8}\n\t"
+ "cmp r12, #10\n\t"
+ "beq L_AES_CTR_encrypt_start_block_128_%=\n\t"
+ "cmp r12, #12\n\t"
+ "beq L_AES_CTR_encrypt_start_block_192_%=\n\t"
+ "\n"
+ "L_AES_CTR_encrypt_loop_block_256_%=: \n\t"
+ "push {r1, %[len], lr}\n\t"
+ "ldr lr, [sp, #16]\n\t"
+ "adds r11, r7, #1\n\t"
+ "adcs r10, r6, #0\n\t"
+ "adcs r9, r5, #0\n\t"
+ "adc r8, r4, #0\n\t"
+ "stm lr, {r8, r9, r10, r11}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "ldr r8, [sp, #4]\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CTR_encrypt_loop_block_256_%=\n\t"
+ "b L_AES_CTR_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CTR_encrypt_start_block_192_%=: \n\t"
+ "\n"
+ "L_AES_CTR_encrypt_loop_block_192_%=: \n\t"
+ "push {r1, %[len], lr}\n\t"
+ "ldr lr, [sp, #16]\n\t"
+ "adds r11, r7, #1\n\t"
+ "adcs r10, r6, #0\n\t"
+ "adcs r9, r5, #0\n\t"
+ "adc r8, r4, #0\n\t"
+ "stm lr, {r8, r9, r10, r11}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "ldr r8, [sp, #4]\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CTR_encrypt_loop_block_192_%=\n\t"
+ "b L_AES_CTR_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CTR_encrypt_start_block_128_%=: \n\t"
+ "\n"
+ "L_AES_CTR_encrypt_loop_block_128_%=: \n\t"
+ "push {r1, %[len], lr}\n\t"
+ "ldr lr, [sp, #16]\n\t"
+ "adds r11, r7, #1\n\t"
+ "adcs r10, r6, #0\n\t"
+ "adcs r9, r5, #0\n\t"
+ "adc r8, r4, #0\n\t"
+ "stm lr, {r8, r9, r10, r11}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "ldr r8, [sp, #4]\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CTR_encrypt_loop_block_128_%=\n\t"
+ "\n"
+ "L_AES_CTR_encrypt_end_%=: \n\t"
+ "pop {%[ks], r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r10, r4, r4, ror #16\n\t"
+ "eor r11, r5, r5, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r4, r4, r10, lsr #8\n\t"
+ "eor r5, r5, r11, lsr #8\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm r8, {r4, r5, r6, r7}\n\t"
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr), [L_AES_ARM32_te_ctr] "+r" (L_AES_ARM32_te_ctr_c)
+ :
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
+void AES_decrypt_block(const uint32_t* td, int nr, const uint8_t* td4);
+void AES_decrypt_block(const uint32_t* td_p, int nr_p, const uint8_t* td4_p)
+{
+ register const uint32_t* td asm ("r0") = (const uint32_t*)td_p;
+ register int nr asm ("r1") = (int)nr_p;
+ register const uint8_t* td4 asm ("r2") = (const uint8_t*)td4_p;
+
+ __asm__ __volatile__ (
+ "\n"
+ "L_AES_decrypt_block_nr_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r7, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r7, #16, #8\n\t"
+#endif
+ "lsr r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r6, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r6, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r5, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r5\n\t"
+#endif
+#else
+ "ubfx lr, r5, #0, #8\n\t"
+#endif
+ "ldr r8, [%[td], r8, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r9, r4, #8\n\t"
+ "lsr r9, r9, #24\n\t"
+#else
+ "uxtb r9, r4, ror #16\n\t"
+#endif
+#else
+ "ubfx r9, r4, #16, #8\n\t"
+#endif
+ "eor r8, r8, r11, ror #24\n\t"
+ "lsr r11, r5, #24\n\t"
+ "eor r8, r8, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r7, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r7, #8, #8\n\t"
+#endif
+ "eor r8, r8, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r6, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r6\n\t"
+#endif
+#else
+ "ubfx lr, r6, #0, #8\n\t"
+#endif
+ "ldr r9, [%[td], r9, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r10, r5, #8\n\t"
+ "lsr r10, r10, #24\n\t"
+#else
+ "uxtb r10, r5, ror #16\n\t"
+#endif
+#else
+ "ubfx r10, r5, #16, #8\n\t"
+#endif
+ "eor r9, r9, r11, ror #24\n\t"
+ "lsr r11, r6, #24\n\t"
+ "eor r9, r9, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r4, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r4, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r4, #8, #8\n\t"
+#endif
+ "eor r9, r9, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r7, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r7\n\t"
+#endif
+#else
+ "ubfx lr, r7, #0, #8\n\t"
+#endif
+ "ldr r10, [%[td], r10, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r4, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r4\n\t"
+#endif
+#else
+ "ubfx r4, r4, #0, #8\n\t"
+#endif
+ "eor r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r11, r6, #8\n\t"
+ "lsr r11, r11, #24\n\t"
+#else
+ "uxtb r11, r6, ror #16\n\t"
+#endif
+#else
+ "ubfx r11, r6, #16, #8\n\t"
+#endif
+ "eor r10, r10, r12, ror #8\n\t"
+ "lsr r12, r7, #24\n\t"
+ "eor r10, r10, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r5, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r5, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r5, #8, #8\n\t"
+#endif
+ "ldr r4, [%[td], r4, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+ "eor r12, r12, r4, ror #24\n\t"
+ "ldm r3!, {r4, r5, r6, r7}\n\t"
+ "eor r11, r11, lr, ror #8\n\t"
+ "eor r11, r11, r12, ror #24\n\t"
+ /* XOR in Key Schedule */
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r11, #8\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r11, ror #16\n\t"
+#endif
+#else
+ "ubfx r4, r11, #16, #8\n\t"
+#endif
+ "lsr r7, r8, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r10, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r10, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r9, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r9\n\t"
+#endif
+#else
+ "ubfx lr, r9, #0, #8\n\t"
+#endif
+ "ldr r4, [%[td], r4, lsl #2]\n\t"
+ "ldr r7, [%[td], r7, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r8, #8\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r8, ror #16\n\t"
+#endif
+#else
+ "ubfx r5, r8, #16, #8\n\t"
+#endif
+ "eor r4, r4, r7, ror #24\n\t"
+ "lsr r7, r9, #24\n\t"
+ "eor r4, r4, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r11, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r11, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r11, #8, #8\n\t"
+#endif
+ "eor r4, r4, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r10, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r10\n\t"
+#endif
+#else
+ "ubfx lr, r10, #0, #8\n\t"
+#endif
+ "ldr r5, [%[td], r5, lsl #2]\n\t"
+ "ldr r7, [%[td], r7, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r9, #8\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r9, ror #16\n\t"
+#endif
+#else
+ "ubfx r6, r9, #16, #8\n\t"
+#endif
+ "eor r5, r5, r7, ror #24\n\t"
+ "lsr r7, r10, #24\n\t"
+ "eor r5, r5, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r8, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r8, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r8, #8, #8\n\t"
+#endif
+ "eor r5, r5, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r11, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r11\n\t"
+#endif
+#else
+ "ubfx lr, r11, #0, #8\n\t"
+#endif
+ "ldr r6, [%[td], r6, lsl #2]\n\t"
+ "ldr r7, [%[td], r7, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r8, #24\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r8\n\t"
+#endif
+#else
+ "ubfx r8, r8, #0, #8\n\t"
+#endif
+ "eor r6, r6, r7, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r10, #8\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r10, ror #16\n\t"
+#endif
+#else
+ "ubfx r7, r10, #16, #8\n\t"
+#endif
+ "eor r6, r6, r12, ror #8\n\t"
+ "lsr r12, r11, #24\n\t"
+ "eor r6, r6, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r9, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r9, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r9, #8, #8\n\t"
+#endif
+ "ldr r8, [%[td], r8, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr r7, [%[td], r7, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+ "eor r12, r12, r8, ror #24\n\t"
+ "ldm r3!, {r8, r9, r10, r11}\n\t"
+ "eor r7, r7, lr, ror #8\n\t"
+ "eor r7, r7, r12, ror #24\n\t"
+ /* XOR in Key Schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "subs %[nr], %[nr], #1\n\t"
+ "bne L_AES_decrypt_block_nr_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r8, r7, #8\n\t"
+ "lsr r8, r8, #24\n\t"
+#else
+ "uxtb r8, r7, ror #16\n\t"
+#endif
+#else
+ "ubfx r8, r7, #16, #8\n\t"
+#endif
+ "lsr r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r6, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r6, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r5, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r5\n\t"
+#endif
+#else
+ "ubfx lr, r5, #0, #8\n\t"
+#endif
+ "ldr r8, [%[td], r8, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r9, r4, #8\n\t"
+ "lsr r9, r9, #24\n\t"
+#else
+ "uxtb r9, r4, ror #16\n\t"
+#endif
+#else
+ "ubfx r9, r4, #16, #8\n\t"
+#endif
+ "eor r8, r8, r11, ror #24\n\t"
+ "lsr r11, r5, #24\n\t"
+ "eor r8, r8, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r7, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r7, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r7, #8, #8\n\t"
+#endif
+ "eor r8, r8, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r6, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r6\n\t"
+#endif
+#else
+ "ubfx lr, r6, #0, #8\n\t"
+#endif
+ "ldr r9, [%[td], r9, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r10, r5, #8\n\t"
+ "lsr r10, r10, #24\n\t"
+#else
+ "uxtb r10, r5, ror #16\n\t"
+#endif
+#else
+ "ubfx r10, r5, #16, #8\n\t"
+#endif
+ "eor r9, r9, r11, ror #24\n\t"
+ "lsr r11, r6, #24\n\t"
+ "eor r9, r9, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r4, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r4, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r4, #8, #8\n\t"
+#endif
+ "eor r9, r9, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r7, #24\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r7\n\t"
+#endif
+#else
+ "ubfx lr, r7, #0, #8\n\t"
+#endif
+ "ldr r10, [%[td], r10, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r4, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r4\n\t"
+#endif
+#else
+ "ubfx r4, r4, #0, #8\n\t"
+#endif
+ "eor r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r11, r6, #8\n\t"
+ "lsr r11, r11, #24\n\t"
+#else
+ "uxtb r11, r6, ror #16\n\t"
+#endif
+#else
+ "ubfx r11, r6, #16, #8\n\t"
+#endif
+ "eor r10, r10, r12, ror #8\n\t"
+ "lsr r12, r7, #24\n\t"
+ "eor r10, r10, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r5, #16\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r5, ror #8\n\t"
+#endif
+#else
+ "ubfx lr, r5, #8, #8\n\t"
+#endif
+ "ldr r4, [%[td], r4, lsl #2]\n\t"
+ "ldr r12, [%[td], r12, lsl #2]\n\t"
+ "ldr r11, [%[td], r11, lsl #2]\n\t"
+ "ldr lr, [%[td], lr, lsl #2]\n\t"
+ "eor r12, r12, r4, ror #24\n\t"
+ "ldm r3!, {r4, r5, r6, r7}\n\t"
+ "eor r11, r11, lr, ror #8\n\t"
+ "eor r11, r11, r12, ror #24\n\t"
+ /* XOR in Key Schedule */
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r4, r9, #24\n\t"
+ "lsr r4, r4, #24\n\t"
+#else
+ "uxtb r4, r9\n\t"
+#endif
+#else
+ "ubfx r4, r9, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r10, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r10, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r11, #8\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r11, ror #16\n\t"
+#endif
+#else
+ "ubfx r12, r11, #16, #8\n\t"
+#endif
+ "lsr lr, r8, #24\n\t"
+ "ldrb r4, [%[td4], r4]\n\t"
+ "ldrb r7, [%[td4], r7]\n\t"
+ "ldrb r12, [%[td4], r12]\n\t"
+ "ldrb lr, [%[td4], lr]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r5, r10, #24\n\t"
+ "lsr r5, r5, #24\n\t"
+#else
+ "uxtb r5, r10\n\t"
+#endif
+#else
+ "ubfx r5, r10, #0, #8\n\t"
+#endif
+ "eor r4, r4, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r11, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r11, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r11, #8, #8\n\t"
+#endif
+ "eor r4, r4, r12, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r8, #8\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r8, ror #16\n\t"
+#endif
+#else
+ "ubfx r12, r8, #16, #8\n\t"
+#endif
+ "eor r4, r4, lr, lsl #24\n\t"
+ "lsr lr, r9, #24\n\t"
+ "ldrb r7, [%[td4], r7]\n\t"
+ "ldrb lr, [%[td4], lr]\n\t"
+ "ldrb r5, [%[td4], r5]\n\t"
+ "ldrb r12, [%[td4], r12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r6, r11, #24\n\t"
+ "lsr r6, r6, #24\n\t"
+#else
+ "uxtb r6, r11\n\t"
+#endif
+#else
+ "ubfx r6, r11, #0, #8\n\t"
+#endif
+ "eor r5, r5, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r8, #16\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r8, ror #8\n\t"
+#endif
+#else
+ "ubfx r7, r8, #8, #8\n\t"
+#endif
+ "eor r5, r5, r12, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r9, #8\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r9, ror #16\n\t"
+#endif
+#else
+ "ubfx r12, r9, #16, #8\n\t"
+#endif
+ "eor r5, r5, lr, lsl #24\n\t"
+ "lsr lr, r10, #24\n\t"
+ "ldrb r7, [%[td4], r7]\n\t"
+ "ldrb lr, [%[td4], lr]\n\t"
+ "ldrb r6, [%[td4], r6]\n\t"
+ "ldrb r12, [%[td4], r12]\n\t"
+ "lsr r11, r11, #24\n\t"
+ "eor r6, r6, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r7, r8, #24\n\t"
+ "lsr r7, r7, #24\n\t"
+#else
+ "uxtb r7, r8\n\t"
+#endif
+#else
+ "ubfx r7, r8, #0, #8\n\t"
+#endif
+ "eor r6, r6, r12, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl r12, r9, #16\n\t"
+ "lsr r12, r12, #24\n\t"
+#else
+ "uxtb r12, r9, ror #8\n\t"
+#endif
+#else
+ "ubfx r12, r9, #8, #8\n\t"
+#endif
+ "eor r6, r6, lr, lsl #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl lr, r10, #8\n\t"
+ "lsr lr, lr, #24\n\t"
+#else
+ "uxtb lr, r10, ror #16\n\t"
+#endif
+#else
+ "ubfx lr, r10, #16, #8\n\t"
+#endif
+ "ldrb r11, [%[td4], r11]\n\t"
+ "ldrb r12, [%[td4], r12]\n\t"
+ "ldrb r7, [%[td4], r7]\n\t"
+ "ldrb lr, [%[td4], lr]\n\t"
+ "eor r12, r12, r11, lsl #16\n\t"
+ "ldm r3, {r8, r9, r10, r11}\n\t"
+ "eor r7, r7, r12, lsl #8\n\t"
+ "eor r7, r7, lr, lsl #16\n\t"
+ /* XOR in Key Schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ : [td] "+r" (td), [nr] "+r" (nr), [td4] "+r" (td4)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+static const uint32_t* L_AES_ARM32_td_ecb = L_AES_ARM32_td_data;
+static const unsigned char L_AES_ARM32_td4[] = {
+ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
+ 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+ 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
+ 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+ 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
+ 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+ 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
+ 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+ 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
+ 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+ 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+ 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+ 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
+ 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+ 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
+ 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+ 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
+ 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+ 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
+ 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+ 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
+ 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+ 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
+ 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+ 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
+ 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+ 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
+ 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+ 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
+ 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
+ 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d,
+};
+
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr);
+void AES_ECB_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+{
+ register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+ register unsigned long len asm ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+ register int nr asm ("r4") = (int)nr_p;
+ register uint32_t* L_AES_ARM32_td_ecb_c asm ("r5") = (uint32_t*)L_AES_ARM32_td_ecb;
+ register unsigned char* L_AES_ARM32_td4_c asm ("r6") = (unsigned char*)&L_AES_ARM32_td4;
+
+ __asm__ __volatile__ (
+ "mov r8, r4\n\t"
+ "mov lr, %[in]\n\t"
+ "mov r0, %[L_AES_ARM32_td_ecb]\n\t"
+ "mov r12, %[len]\n\t"
+ "mov r2, %[L_AES_ARM32_td4]\n\t"
+ "cmp r8, #10\n\t"
+ "beq L_AES_ECB_decrypt_start_block_128_%=\n\t"
+ "cmp r8, #12\n\t"
+ "beq L_AES_ECB_decrypt_start_block_192_%=\n\t"
+ "\n"
+ "L_AES_ECB_decrypt_loop_block_256_%=: \n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "push {r1, %[ks], r12, lr}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_decrypt_block\n\t"
+ "pop {r1, %[ks], r12, lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_ECB_decrypt_loop_block_256_%=\n\t"
+ "b L_AES_ECB_decrypt_end_%=\n\t"
+ "\n"
+ "L_AES_ECB_decrypt_start_block_192_%=: \n\t"
+ "\n"
+ "L_AES_ECB_decrypt_loop_block_192_%=: \n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "push {r1, %[ks], r12, lr}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_decrypt_block\n\t"
+ "pop {r1, %[ks], r12, lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_ECB_decrypt_loop_block_192_%=\n\t"
+ "b L_AES_ECB_decrypt_end_%=\n\t"
+ "\n"
+ "L_AES_ECB_decrypt_start_block_128_%=: \n\t"
+ "\n"
+ "L_AES_ECB_decrypt_loop_block_128_%=: \n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "push {r1, %[ks], r12, lr}\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_decrypt_block\n\t"
+ "pop {r1, %[ks], r12, lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_ECB_decrypt_loop_block_128_%=\n\t"
+ "\n"
+ "L_AES_ECB_decrypt_end_%=: \n\t"
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [L_AES_ARM32_td_ecb] "+r" (L_AES_ARM32_td_ecb_c), [L_AES_ARM32_td4] "+r" (L_AES_ARM32_td4_c)
+ :
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+void AES_CBC_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+{
+ register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+ register unsigned long len asm ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+ register int nr asm ("r4") = (int)nr_p;
+ register unsigned char* iv asm ("r5") = (unsigned char*)iv_p;
+ register uint32_t* L_AES_ARM32_td_ecb_c asm ("r6") = (uint32_t*)L_AES_ARM32_td_ecb;
+ register unsigned char* L_AES_ARM32_td4_c asm ("r7") = (unsigned char*)&L_AES_ARM32_td4;
+
+ __asm__ __volatile__ (
+ "mov r8, r4\n\t"
+ "mov r4, r5\n\t"
+ "mov lr, %[in]\n\t"
+ "mov r0, %[L_AES_ARM32_td_ecb]\n\t"
+ "mov r12, %[len]\n\t"
+ "mov r2, %[L_AES_ARM32_td4]\n\t"
+ "push {%[ks]-r4}\n\t"
+ "cmp r8, #10\n\t"
+ "beq L_AES_CBC_decrypt_loop_block_128_%=\n\t"
+ "cmp r8, #12\n\t"
+ "beq L_AES_CBC_decrypt_loop_block_192_%=\n\t"
+ "\n"
+ "L_AES_CBC_decrypt_loop_block_256_%=: \n\t"
+ "push {r1, r12, lr}\n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [lr, #16]\n\t"
+ "str r5, [lr, #20]\n\t"
+#else
+ "strd r4, r5, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [lr, #24]\n\t"
+ "str r7, [lr, #28]\n\t"
+#else
+ "strd r6, r7, [lr, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_decrypt_block\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm lr, {r8, r9, r10, r11}\n\t"
+ "pop {r1, r12, lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "beq L_AES_CBC_decrypt_end_odd_%=\n\t"
+ "push {r1, r12, lr}\n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [lr]\n\t"
+ "str r5, [lr, #4]\n\t"
+#else
+ "strd r4, r5, [lr]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [lr, #8]\n\t"
+ "str r7, [lr, #12]\n\t"
+#else
+ "strd r6, r7, [lr, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_decrypt_block\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r8, [lr, #16]\n\t"
+ "ldr r9, [lr, #20]\n\t"
+#else
+ "ldrd r8, r9, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r10, [lr, #24]\n\t"
+ "ldr r11, [lr, #28]\n\t"
+#else
+ "ldrd r10, r11, [lr, #24]\n\t"
+#endif
+ "pop {r1, r12, lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CBC_decrypt_loop_block_256_%=\n\t"
+ "b L_AES_CBC_decrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CBC_decrypt_loop_block_192_%=: \n\t"
+ "push {r1, r12, lr}\n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [lr, #16]\n\t"
+ "str r5, [lr, #20]\n\t"
+#else
+ "strd r4, r5, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [lr, #24]\n\t"
+ "str r7, [lr, #28]\n\t"
+#else
+ "strd r6, r7, [lr, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_decrypt_block\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm lr, {r8, r9, r10, r11}\n\t"
+ "pop {r1, r12, lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "beq L_AES_CBC_decrypt_end_odd_%=\n\t"
+ "push {r1, r12, lr}\n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [lr]\n\t"
+ "str r5, [lr, #4]\n\t"
+#else
+ "strd r4, r5, [lr]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [lr, #8]\n\t"
+ "str r7, [lr, #12]\n\t"
+#else
+ "strd r6, r7, [lr, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_decrypt_block\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r8, [lr, #16]\n\t"
+ "ldr r9, [lr, #20]\n\t"
+#else
+ "ldrd r8, r9, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r10, [lr, #24]\n\t"
+ "ldr r11, [lr, #28]\n\t"
+#else
+ "ldrd r10, r11, [lr, #24]\n\t"
+#endif
+ "pop {r1, r12, lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CBC_decrypt_loop_block_192_%=\n\t"
+ "b L_AES_CBC_decrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CBC_decrypt_loop_block_128_%=: \n\t"
+ "push {r1, r12, lr}\n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [lr, #16]\n\t"
+ "str r5, [lr, #20]\n\t"
+#else
+ "strd r4, r5, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [lr, #24]\n\t"
+ "str r7, [lr, #28]\n\t"
+#else
+ "strd r6, r7, [lr, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_decrypt_block\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm lr, {r8, r9, r10, r11}\n\t"
+ "pop {r1, r12, lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "beq L_AES_CBC_decrypt_end_odd_%=\n\t"
+ "push {r1, r12, lr}\n\t"
+ "ldr r4, [lr]\n\t"
+ "ldr r5, [lr, #4]\n\t"
+ "ldr r6, [lr, #8]\n\t"
+ "ldr r7, [lr, #12]\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [lr]\n\t"
+ "str r5, [lr, #4]\n\t"
+#else
+ "strd r4, r5, [lr]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [lr, #8]\n\t"
+ "str r7, [lr, #12]\n\t"
+#else
+ "strd r6, r7, [lr, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_decrypt_block\n\t"
+ "ldr lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r8, [lr, #16]\n\t"
+ "ldr r9, [lr, #20]\n\t"
+#else
+ "ldrd r8, r9, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r10, [lr, #24]\n\t"
+ "ldr r11, [lr, #28]\n\t"
+#else
+ "ldrd r10, r11, [lr, #24]\n\t"
+#endif
+ "pop {r1, r12, lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "subs r12, r12, #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_CBC_decrypt_loop_block_128_%=\n\t"
+ "b L_AES_CBC_decrypt_end_%=\n\t"
+ "\n"
+ "L_AES_CBC_decrypt_end_odd_%=: \n\t"
+ "ldr r4, [sp, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r8, [r4, #16]\n\t"
+ "ldr r9, [r4, #20]\n\t"
+#else
+ "ldrd r8, r9, [r4, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r10, [r4, #24]\n\t"
+ "ldr r11, [r4, #28]\n\t"
+#else
+ "ldrd r10, r11, [r4, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [r4]\n\t"
+ "str r9, [r4, #4]\n\t"
+#else
+ "strd r8, r9, [r4]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r10, [r4, #8]\n\t"
+ "str r11, [r4, #12]\n\t"
+#else
+ "strd r10, r11, [r4, #8]\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_decrypt_end_%=: \n\t"
+ "pop {%[ks]-r4}\n\t"
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv), [L_AES_ARM32_td_ecb] "+r" (L_AES_ARM32_td_ecb_c), [L_AES_ARM32_td4] "+r" (L_AES_ARM32_td4_c)
+ :
+ : "memory", "r12", "lr", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AES_CBC */
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER || HAVE_AES_CBC */
+#endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AESGCM
+static const uint32_t L_GCM_gmult_len_r[] = {
+ 0x00000000, 0x1c200000, 0x38400000, 0x24600000,
+ 0x70800000, 0x6ca00000, 0x48c00000, 0x54e00000,
+ 0xe1000000, 0xfd200000, 0xd9400000, 0xc5600000,
+ 0x91800000, 0x8da00000, 0xa9c00000, 0xb5e00000,
+};
+
+void GCM_gmult_len(unsigned char* x, const unsigned char** m, const unsigned char* data, unsigned long len);
+void GCM_gmult_len(unsigned char* x_p, const unsigned char** m_p, const unsigned char* data_p, unsigned long len_p)
+{
+ register unsigned char* x asm ("r0") = (unsigned char*)x_p;
+ register const unsigned char** m asm ("r1") = (const unsigned char**)m_p;
+ register const unsigned char* data asm ("r2") = (const unsigned char*)data_p;
+ register unsigned long len asm ("r3") = (unsigned long)len_p;
+ register uint32_t* L_GCM_gmult_len_r_c asm ("r4") = (uint32_t*)&L_GCM_gmult_len_r;
+
+ __asm__ __volatile__ (
+ "mov lr, %[L_GCM_gmult_len_r]\n\t"
+ "\n"
+ "L_GCM_gmult_len_start_block_%=: \n\t"
+ "push {r3}\n\t"
+ "ldr r12, [r0, #12]\n\t"
+ "ldr %[len], [r2, #12]\n\t"
+ "eor r12, r12, %[len]\n\t"
+ "lsr %[len], r12, #24\n\t"
+ "and %[len], %[len], #15\n\t"
+ "add %[len], %[m], %[len], lsl #4\n\t"
+ "ldm %[len], {r8, r9, r10, r11}\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #28\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #16\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #20\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #8\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #12\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "and r4, r12, #15\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "ldr r12, [r0, #8]\n\t"
+ "ldr %[len], [r2, #8]\n\t"
+ "eor r12, r12, %[len]\n\t"
+ "lsr %[len], r12, #24\n\t"
+ "and %[len], %[len], #15\n\t"
+ "add %[len], %[m], %[len], lsl #4\n\t"
+ "ldm %[len], {r4, r5, r6, r7}\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #28\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #16\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #20\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #8\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #12\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "and r4, r12, #15\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "ldr r12, [r0, #4]\n\t"
+ "ldr %[len], [r2, #4]\n\t"
+ "eor r12, r12, %[len]\n\t"
+ "lsr %[len], r12, #24\n\t"
+ "and %[len], %[len], #15\n\t"
+ "add %[len], %[m], %[len], lsl #4\n\t"
+ "ldm %[len], {r4, r5, r6, r7}\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #28\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #16\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #20\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #8\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #12\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "and r4, r12, #15\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "ldr r12, [r0]\n\t"
+ "ldr %[len], [r2]\n\t"
+ "eor r12, r12, %[len]\n\t"
+ "lsr %[len], r12, #24\n\t"
+ "and %[len], %[len], #15\n\t"
+ "add %[len], %[m], %[len], lsl #4\n\t"
+ "ldm %[len], {r4, r5, r6, r7}\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #28\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #16\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #20\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #8\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #12\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "and r4, r12, #15\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+ "lsr r6, r10, #4\n\t"
+ "and %[len], r11, #15\n\t"
+ "lsr r11, r11, #4\n\t"
+ "lsr r4, r12, #4\n\t"
+ "eor r11, r11, r10, lsl #28\n\t"
+ "and r4, r4, #15\n\t"
+ "ldr %[len], [lr, r3, lsl #2]\n\t"
+ "add r4, %[m], r4, lsl #4\n\t"
+ "eor r10, r6, r9, lsl #28\n\t"
+ "lsr r9, r9, #4\n\t"
+ "ldm r4, {r4, r5, r6, r7}\n\t"
+ "eor r9, r9, r8, lsl #28\n\t"
+ "eor r8, %[len], r8, lsr #4\n\t"
+ "eor r8, r8, r4\n\t"
+ "eor r9, r9, r5\n\t"
+ "eor r10, r10, r6\n\t"
+ "eor r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ /* REV r8, r8 */
+ "eor %[len], r8, r8, ror #16\n\t"
+ "bic %[len], %[len], #0xff0000\n\t"
+ "ror r8, r8, #8\n\t"
+ "eor r8, r8, %[len], lsr #8\n\t"
+ /* REV r9, r9 */
+ "eor %[len], r9, r9, ror #16\n\t"
+ "bic %[len], %[len], #0xff0000\n\t"
+ "ror r9, r9, #8\n\t"
+ "eor r9, r9, %[len], lsr #8\n\t"
+ /* REV r10, r10 */
+ "eor %[len], r10, r10, ror #16\n\t"
+ "bic %[len], %[len], #0xff0000\n\t"
+ "ror r10, r10, #8\n\t"
+ "eor r10, r10, %[len], lsr #8\n\t"
+ /* REV r11, r11 */
+ "eor %[len], r11, r11, ror #16\n\t"
+ "bic %[len], %[len], #0xff0000\n\t"
+ "ror r11, r11, #8\n\t"
+ "eor r11, r11, %[len], lsr #8\n\t"
+#else
+ "rev r8, r8\n\t"
+ "rev r9, r9\n\t"
+ "rev r10, r10\n\t"
+ "rev r11, r11\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm %[x], {r8, r9, r10, r11}\n\t"
+ "pop {r3}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add %[data], %[data], #16\n\t"
+ "bne L_GCM_gmult_len_start_block_%=\n\t"
+ : [x] "+r" (x), [m] "+r" (m), [data] "+r" (data), [len] "+r" (len), [L_GCM_gmult_len_r] "+r" (L_GCM_gmult_len_r_c)
+ :
+ : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+static const uint32_t* L_AES_ARM32_te_gcm = L_AES_ARM32_te_data;
+void AES_GCM_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+{
+ register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+ register unsigned long len asm ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+ register int nr asm ("r4") = (int)nr_p;
+ register unsigned char* ctr asm ("r5") = (unsigned char*)ctr_p;
+ register uint32_t* L_AES_ARM32_te_gcm_c asm ("r6") = (uint32_t*)L_AES_ARM32_te_gcm;
+
+ __asm__ __volatile__ (
+ "mov r12, r4\n\t"
+ "mov r8, r5\n\t"
+ "mov lr, %[in]\n\t"
+ "mov r0, %[L_AES_ARM32_te_gcm]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r10, r4, r4, ror #16\n\t"
+ "eor r11, r5, r5, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r4, r4, r10, lsr #8\n\t"
+ "eor r5, r5, r11, lsr #8\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm r8, {r4, r5, r6, r7}\n\t"
+ "push {%[ks], r8}\n\t"
+ "cmp r12, #10\n\t"
+ "beq L_AES_GCM_encrypt_start_block_128_%=\n\t"
+ "cmp r12, #12\n\t"
+ "beq L_AES_GCM_encrypt_start_block_192_%=\n\t"
+ "\n"
+ "L_AES_GCM_encrypt_loop_block_256_%=: \n\t"
+ "push {r1, %[len], lr}\n\t"
+ "ldr lr, [sp, #16]\n\t"
+ "add r7, r7, #1\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ "str r7, [lr, #12]\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #6\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "ldr r8, [sp, #4]\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_GCM_encrypt_loop_block_256_%=\n\t"
+ "b L_AES_GCM_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_GCM_encrypt_start_block_192_%=: \n\t"
+ "\n"
+ "L_AES_GCM_encrypt_loop_block_192_%=: \n\t"
+ "push {r1, %[len], lr}\n\t"
+ "ldr lr, [sp, #16]\n\t"
+ "add r7, r7, #1\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ "str r7, [lr, #12]\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #5\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "ldr r8, [sp, #4]\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_GCM_encrypt_loop_block_192_%=\n\t"
+ "b L_AES_GCM_encrypt_end_%=\n\t"
+ "\n"
+ "L_AES_GCM_encrypt_start_block_128_%=: \n\t"
+ "\n"
+ "L_AES_GCM_encrypt_loop_block_128_%=: \n\t"
+ "push {r1, %[len], lr}\n\t"
+ "ldr lr, [sp, #16]\n\t"
+ "add r7, r7, #1\n\t"
+ "ldm %[ks]!, {r8, r9, r10, r11}\n\t"
+ "str r7, [lr, #12]\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "mov r1, #4\n\t"
+ "bl AES_encrypt_block\n\t"
+ "pop {r1, %[len], lr}\n\t"
+ "ldr %[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "ldr r8, [lr]\n\t"
+ "ldr r9, [lr, #4]\n\t"
+ "ldr r10, [lr, #8]\n\t"
+ "ldr r11, [lr, #12]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r9\n\t"
+ "eor r6, r6, r10\n\t"
+ "eor r7, r7, r11\n\t"
+ "ldr r8, [sp, #4]\n\t"
+ "str r4, [%[out]]\n\t"
+ "str r5, [%[out], #4]\n\t"
+ "str r6, [%[out], #8]\n\t"
+ "str r7, [%[out], #12]\n\t"
+ "ldm r8, {r4, r5, r6, r7}\n\t"
+ "subs %[len], %[len], #16\n\t"
+ "add lr, lr, #16\n\t"
+ "add %[out], %[out], #16\n\t"
+ "bne L_AES_GCM_encrypt_loop_block_128_%=\n\t"
+ "\n"
+ "L_AES_GCM_encrypt_end_%=: \n\t"
+ "pop {%[ks], r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "eor r10, r4, r4, ror #16\n\t"
+ "eor r11, r5, r5, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "eor r4, r4, r10, lsr #8\n\t"
+ "eor r5, r5, r11, lsr #8\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#else
+ "rev r4, r4\n\t"
+ "rev r5, r5\n\t"
+ "rev r6, r6\n\t"
+ "rev r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ "stm r8, {r4, r5, r6, r7}\n\t"
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr), [L_AES_ARM32_te_gcm] "+r" (L_AES_ARM32_te_gcm_c)
+ :
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AESGCM */
+#endif /* !NO_AES */
+#endif /* !__aarch64__ && !__thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S
index 24072bd6..52cdcf41 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S
@@ -30,8 +30,10 @@
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
-#ifdef HAVE_CURVE25519
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
.text
.align 4
@@ -42,6 +44,318 @@ fe_init:
.size fe_init,.-fe_init
.text
.align 4
+ .globl fe_add_sub_op
+ .type fe_add_sub_op, %function
+fe_add_sub_op:
+ push {lr}
+ # Add-Sub
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r4, [r2]
+ ldr r5, [r2, #4]
+#else
+ ldrd r4, r5, [r2]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r6, [r3]
+ ldr r7, [r3, #4]
+#else
+ ldrd r6, r7, [r3]
+#endif
+ # Add
+ adds r8, r4, r6
+ mov r12, #0
+ adcs r9, r5, r7
+ adc r12, r12, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [r0]
+ str r9, [r0, #4]
+#else
+ strd r8, r9, [r0]
+#endif
+ # Sub
+ subs r10, r4, r6
+ sbcs r11, r5, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r10, [r1]
+ str r11, [r1, #4]
+#else
+ strd r10, r11, [r1]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r4, [r2, #8]
+ ldr r5, [r2, #12]
+#else
+ ldrd r4, r5, [r2, #8]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r6, [r3, #8]
+ ldr r7, [r3, #12]
+#else
+ ldrd r6, r7, [r3, #8]
+#endif
+ # Sub
+ sbcs r10, r4, r6
+ mov lr, #0
+ sbcs r11, r5, r7
+ adc lr, lr, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r10, [r1, #8]
+ str r11, [r1, #12]
+#else
+ strd r10, r11, [r1, #8]
+#endif
+ # Add
+ subs r12, r12, #1
+ adcs r8, r4, r6
+ adcs r9, r5, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [r0, #8]
+ str r9, [r0, #12]
+#else
+ strd r8, r9, [r0, #8]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r4, [r2, #16]
+ ldr r5, [r2, #20]
+#else
+ ldrd r4, r5, [r2, #16]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r6, [r3, #16]
+ ldr r7, [r3, #20]
+#else
+ ldrd r6, r7, [r3, #16]
+#endif
+ # Add
+ adcs r8, r4, r6
+ mov r12, #0
+ adcs r9, r5, r7
+ adc r12, r12, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [r0, #16]
+ str r9, [r0, #20]
+#else
+ strd r8, r9, [r0, #16]
+#endif
+ # Sub
+ subs lr, lr, #1
+ sbcs r10, r4, r6
+ sbcs r11, r5, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r10, [r1, #16]
+ str r11, [r1, #20]
+#else
+ strd r10, r11, [r1, #16]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r4, [r2, #24]
+ ldr r5, [r2, #28]
+#else
+ ldrd r4, r5, [r2, #24]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r6, [r3, #24]
+ ldr r7, [r3, #28]
+#else
+ ldrd r6, r7, [r3, #24]
+#endif
+ # Sub
+ sbcs r10, r4, r6
+ sbcs r11, r5, r7
+ sbc lr, lr, lr
+ # Add
+ subs r12, r12, #1
+ adcs r8, r4, r6
+ mov r12, #0
+ adcs r9, r5, r7
+ adc r12, r12, #0
+ # Multiply -modulus by overflow
+ lsl r3, r12, #1
+ mov r12, #19
+ orr r3, r3, r9, lsr #31
+ mul r12, r3, r12
+ # Add -x*modulus (if overflow)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r4, [r0]
+ ldr r5, [r0, #4]
+#else
+ ldrd r4, r5, [r0]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r6, [r0, #8]
+ ldr r7, [r0, #12]
+#else
+ ldrd r6, r7, [r0, #8]
+#endif
+ adds r4, r4, r12
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [r0]
+ str r5, [r0, #4]
+#else
+ strd r4, r5, [r0]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [r0, #8]
+ str r7, [r0, #12]
+#else
+ strd r6, r7, [r0, #8]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ ldr r4, [r0, #16]
+ ldr r5, [r0, #20]
+#else
+ ldrd r4, r5, [r0, #16]
+#endif
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [r0, #16]
+ str r5, [r0, #20]
+#else
+ strd r4, r5, [r0, #16]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0x80000000
+#else
+ bfc r9, #31, #1
+#endif
+ adcs r8, r8, #0
+ adc r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [r0, #24]
+ str r9, [r0, #28]
+#else
+ strd r8, r9, [r0, #24]
+#endif
+ # Multiply -modulus by underflow
+ lsl r3, lr, #1
+ mvn lr, #18
+ orr r3, r3, r11, lsr #31
+ mul lr, r3, lr
+ # Sub -x*modulus (if overflow)
+ ldm r1, {r4, r5, r6, r7, r8, r9}
+ subs r4, r4, lr
+ sbcs r5, r5, #0
+ sbcs r6, r6, #0
+ sbcs r7, r7, #0
+ sbcs r8, r8, #0
+ sbcs r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0x80000000
+#else
+ bfc r11, #31, #1
+#endif
+ sbcs r10, r10, #0
+ sbc r11, r11, #0
+ stm r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ # Done Add-Sub
+ pop {pc}
+ .size fe_add_sub_op,.-fe_add_sub_op
+ .text
+ .align 4
+ .globl fe_sub_op
+ .type fe_sub_op, %function
+fe_sub_op:
+ push {lr}
+ # Sub
+ ldm r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+ ldm r1!, {r2, r3, r4, r5}
+ subs r6, r2, r6
+ sbcs r7, r3, r7
+ sbcs r8, r4, r8
+ sbcs r9, r5, r9
+ ldm r1!, {r2, r3, r4, r5}
+ sbcs r10, r2, r10
+ sbcs r11, r3, r11
+ sbcs r12, r4, r12
+ sbcs lr, r5, lr
+ sbc r3, r3, r3
+ mvn r2, #18
+ lsl r3, r3, #1
+ orr r3, r3, lr, lsr #31
+ mul r2, r3, r2
+ subs r6, r6, r2
+ sbcs r7, r7, #0
+ sbcs r8, r8, #0
+ sbcs r9, r9, #0
+ sbcs r10, r10, #0
+ sbcs r11, r11, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic lr, lr, #0x80000000
+#else
+ bfc lr, #31, #1
+#endif
+ sbcs r12, r12, #0
+ sbc lr, lr, #0
+ stm r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+ # Done Sub
+ pop {pc}
+ .size fe_sub_op,.-fe_sub_op
+ .text
+ .align 4
+ .globl fe_sub
+ .type fe_sub, %function
+fe_sub:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ bl fe_sub_op
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size fe_sub,.-fe_sub
+ .text
+ .align 4
+ .globl fe_add_op
+ .type fe_add_op, %function
+fe_add_op:
+ push {lr}
+ # Add
+ ldm r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+ ldm r1!, {r2, r3, r4, r5}
+ adds r6, r2, r6
+ adcs r7, r3, r7
+ adcs r8, r4, r8
+ adcs r9, r5, r9
+ ldm r1!, {r2, r3, r4, r5}
+ adcs r10, r2, r10
+ adcs r11, r3, r11
+ adcs r12, r4, r12
+ mov r3, #0
+ adcs lr, r5, lr
+ adc r3, r3, #0
+ mov r2, #19
+ lsl r3, r3, #1
+ orr r3, r3, lr, lsr #31
+ mul r2, r3, r2
+ adds r6, r6, r2
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adcs r9, r9, #0
+ adcs r10, r10, #0
+ adcs r11, r11, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic lr, lr, #0x80000000
+#else
+ bfc lr, #31, #1
+#endif
+ adcs r12, r12, #0
+ adc lr, lr, #0
+ stm r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+ # Done Add
+ pop {pc}
+ .size fe_add_op,.-fe_add_op
+ .text
+ .align 4
+ .globl fe_add
+ .type fe_add, %function
+fe_add:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ bl fe_add_op
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size fe_add,.-fe_add
+#ifdef HAVE_ED25519
+ .text
+ .align 4
.globl fe_frombytes
.type fe_frombytes, %function
fe_frombytes:
@@ -54,31 +368,19 @@ fe_frombytes:
ldr r7, [r1, #20]
ldr r8, [r1, #24]
ldr r9, [r1, #28]
- and r9, r9, #0x7fffffff
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0]
- str r3, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0x80000000
#else
- strd r2, r3, [r0]
+ bfc r9, #31, #1
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ str r2, [r0]
+ str r3, [r0, #4]
str r4, [r0, #8]
str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [r0, #16]
str r7, [r0, #20]
-#else
- strd r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r8, [r0, #24]
str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_frombytes,.-fe_frombytes
.text
@@ -87,30 +389,7 @@ fe_frombytes:
.type fe_tobytes, %function
fe_tobytes:
push {r4, r5, r6, r7, r8, r9, lr}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r1]
- ldr r3, [r1, #4]
-#else
- ldrd r2, r3, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #16]
- ldr r7, [r1, #20]
-#else
- ldrd r6, r7, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #24]
- ldr r9, [r1, #28]
-#else
- ldrd r8, r9, [r1, #24]
-#endif
+ ldm r1, {r2, r3, r4, r5, r6, r7, r8, r9}
adds r12, r2, #19
adcs r12, r3, #0
adcs r12, r4, #0
@@ -129,31 +408,19 @@ fe_tobytes:
adcs r7, r7, #0
adcs r8, r8, #0
adc r9, r9, #0
- and r9, r9, #0x7fffffff
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0]
- str r3, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0x80000000
#else
- strd r2, r3, [r0]
+ bfc r9, #31, #1
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ str r2, [r0]
+ str r3, [r0, #4]
str r4, [r0, #8]
str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r6, [r0, #16]
str r7, [r0, #20]
-#else
- strd r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
str r8, [r0, #24]
str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_tobytes,.-fe_tobytes
.text
@@ -161,69 +428,36 @@ fe_tobytes:
.globl fe_1
.type fe_1, %function
fe_1:
+ push {r4, r5, r6, r7, r8, r9, lr}
# Set one
mov r2, #1
mov r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0]
- str r3, [r0, #4]
-#else
- strd r2, r3, [r0]
-#endif
- mov r2, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #8]
- str r3, [r0, #12]
-#else
- strd r2, r3, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #16]
- str r3, [r0, #20]
-#else
- strd r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #24]
- str r3, [r0, #28]
-#else
- strd r2, r3, [r0, #24]
-#endif
- bx lr
+ mov r4, #0
+ mov r5, #0
+ mov r6, #0
+ mov r7, #0
+ mov r8, #0
+ mov r9, #0
+ stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_1,.-fe_1
.text
.align 4
.globl fe_0
.type fe_0, %function
fe_0:
+ push {r4, r5, r6, r7, r8, r9, lr}
# Set zero
mov r2, #0
mov r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0]
- str r3, [r0, #4]
-#else
- strd r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #8]
- str r3, [r0, #12]
-#else
- strd r2, r3, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #16]
- str r3, [r0, #20]
-#else
- strd r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #24]
- str r3, [r0, #28]
-#else
- strd r2, r3, [r0, #24]
-#endif
- bx lr
+ mov r4, #0
+ mov r5, #0
+ mov r6, #0
+ mov r7, #0
+ mov r8, #0
+ mov r9, #0
+ stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ pop {r4, r5, r6, r7, r8, r9, pc}
.size fe_0,.-fe_0
.text
.align 4
@@ -232,49 +466,49 @@ fe_0:
fe_copy:
push {r4, r5, lr}
# Copy
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r2, [r1]
ldr r3, [r1, #4]
#else
ldrd r2, r3, [r1]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r1, #8]
ldr r5, [r1, #12]
#else
ldrd r4, r5, [r1, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r2, [r0]
str r3, [r0, #4]
#else
strd r2, r3, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r2, [r1, #16]
ldr r3, [r1, #20]
#else
ldrd r2, r3, [r1, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r1, #24]
ldr r5, [r1, #28]
#else
ldrd r4, r5, [r1, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r2, [r0, #16]
str r3, [r0, #20]
#else
strd r2, r3, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -284,329 +518,25 @@ fe_copy:
.size fe_copy,.-fe_copy
.text
.align 4
- .globl fe_sub
- .type fe_sub, %function
-fe_sub:
- push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_sub,.-fe_sub
- .text
- .align 4
- .globl fe_add
- .type fe_add, %function
-fe_add:
- push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_add,.-fe_add
- .text
- .align 4
.globl fe_neg
.type fe_neg, %function
fe_neg:
push {r4, r5, lr}
- mov lr, #-1
- mov r12, #-19
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r1]
- ldr r3, [r1, #4]
-#else
- ldrd r2, r3, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
+ mvn lr, #0
+ mvn r12, #18
+ ldm r1!, {r2, r3, r4, r5}
subs r2, r12, r2
sbcs r3, lr, r3
sbcs r4, lr, r4
sbcs r5, lr, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0]
- str r3, [r0, #4]
-#else
- strd r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- mov r12, #0x7fffff
- lsl r12, r12, #8
- add r12, r12, #0xff
-#else
- mov r12, #0x7fffffff
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r1, #16]
- ldr r3, [r1, #20]
-#else
- ldrd r2, r3, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #24]
- ldr r5, [r1, #28]
-#else
- ldrd r4, r5, [r1, #24]
-#endif
+ stm r0!, {r2, r3, r4, r5}
+ mvn r12, #0x80000000
+ ldm r1!, {r2, r3, r4, r5}
sbcs r2, lr, r2
sbcs r3, lr, r3
sbcs r4, lr, r4
sbc r5, r12, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0, #16]
- str r3, [r0, #20]
-#else
- strd r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #24]
- str r5, [r0, #28]
-#else
- strd r4, r5, [r0, #24]
-#endif
+ stm r0!, {r2, r3, r4, r5}
pop {r4, r5, pc}
.size fe_neg,.-fe_neg
.text
@@ -615,30 +545,7 @@ fe_neg:
.type fe_isnonzero, %function
fe_isnonzero:
push {r4, r5, r6, r7, r8, r9, lr}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r0]
- ldr r3, [r0, #4]
-#else
- ldrd r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r0, #24]
- ldr r9, [r0, #28]
-#else
- ldrd r8, r9, [r0, #24]
-#endif
+ ldm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
adds r1, r2, #19
adcs r1, r3, #0
adcs r1, r4, #0
@@ -657,7 +564,11 @@ fe_isnonzero:
adcs r7, r7, #0
adcs r8, r8, #0
adc r9, r9, #0
- and r9, r9, #0x7fffffff
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0x80000000
+#else
+ bfc r9, #31, #1
+#endif
orr r2, r2, r3
orr r4, r4, r5
orr r6, r6, r7
@@ -673,52 +584,42 @@ fe_isnonzero:
.type fe_isnegative, %function
fe_isnegative:
push {r4, r5, lr}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r0]
- ldr r3, [r0, #4]
-#else
- ldrd r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
+ ldm r0!, {r2, r3, r4, r5}
adds r1, r2, #19
adcs r1, r3, #0
adcs r1, r4, #0
adcs r1, r5, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r0, #16]
- ldr r3, [r0, #20]
-#else
- ldrd r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #24]
- ldr r5, [r0, #28]
-#else
- ldrd r4, r5, [r0, #24]
-#endif
+ ldm r0, {r2, r3, r4, r5}
adcs r1, r2, #0
adcs r1, r3, #0
adcs r1, r4, #0
- ldr r2, [r0]
+ ldr r2, [r0, #-16]
adc r1, r5, #0
and r0, r2, #1
lsr r1, r1, #31
eor r0, r0, r1
pop {r4, r5, pc}
.size fe_isnegative,.-fe_isnegative
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
.text
.align 4
.globl fe_cmov_table
.type fe_cmov_table, %function
fe_cmov_table:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r2, #24
+ asr r2, r2, #24
+#else
sxtb r2, r2
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ lsl r3, r2, #24
+ asr r3, r2, #31
+#else
sbfx r3, r2, #7, #1
+#endif
eor r12, r2, r3
sub r12, r12, r3
mov r4, #1
@@ -727,7 +628,7 @@ fe_cmov_table:
mov r7, #0
mov r8, #0
mov r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -737,7 +638,7 @@ fe_cmov_table:
ror r3, r3, #31
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -749,7 +650,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -761,7 +662,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -774,7 +675,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -784,7 +685,7 @@ fe_cmov_table:
ror r3, r3, #30
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -796,7 +697,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -808,7 +709,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -821,7 +722,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -831,7 +732,7 @@ fe_cmov_table:
ror r3, r3, #29
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -843,7 +744,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -855,7 +756,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -868,7 +769,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -878,7 +779,7 @@ fe_cmov_table:
ror r3, r3, #28
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -890,7 +791,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -902,7 +803,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -915,7 +816,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -925,7 +826,7 @@ fe_cmov_table:
ror r3, r3, #27
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -937,7 +838,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -949,7 +850,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -962,7 +863,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -972,7 +873,7 @@ fe_cmov_table:
ror r3, r3, #26
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -984,7 +885,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -996,7 +897,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -1009,7 +910,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1019,7 +920,7 @@ fe_cmov_table:
ror r3, r3, #25
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -1031,7 +932,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -1043,7 +944,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -1056,7 +957,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1066,7 +967,7 @@ fe_cmov_table:
ror r3, r3, #24
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1]
ldr r11, [r1, #4]
#else
@@ -1078,7 +979,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #32]
ldr r11, [r1, #36]
#else
@@ -1090,7 +991,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #64]
ldr r11, [r1, #68]
#else
@@ -1103,8 +1004,8 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
sub r1, r1, #0x2a0
- mov r10, #-19
- mov r11, #-1
+ mvn r10, #18
+ mvn r11, #0
subs r10, r10, r8
sbcs r11, r11, r9
sbc lr, lr, lr
@@ -1123,25 +1024,30 @@ fe_cmov_table:
eor r11, r11, r9
and r11, r11, r12
eor r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #32]
str r7, [r0, #36]
#else
strd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #64]
str r9, [r0, #68]
#else
strd r8, r9, [r0, #64]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ lsl r3, r2, #24
+ asr r3, r2, #31
+#else
sbfx r3, r2, #7, #1
+#endif
eor r12, r2, r3
sub r12, r12, r3
mov r4, #0
@@ -1150,7 +1056,7 @@ fe_cmov_table:
mov r7, #0
mov r8, #0
mov r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1160,7 +1066,7 @@ fe_cmov_table:
ror r3, r3, #31
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1172,7 +1078,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1184,7 +1090,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1197,7 +1103,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1207,7 +1113,7 @@ fe_cmov_table:
ror r3, r3, #30
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1219,7 +1125,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1231,7 +1137,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1244,7 +1150,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1254,7 +1160,7 @@ fe_cmov_table:
ror r3, r3, #29
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1266,7 +1172,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1278,7 +1184,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1291,7 +1197,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1301,7 +1207,7 @@ fe_cmov_table:
ror r3, r3, #28
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1313,7 +1219,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1325,7 +1231,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1338,7 +1244,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1348,7 +1254,7 @@ fe_cmov_table:
ror r3, r3, #27
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1360,7 +1266,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1372,7 +1278,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1385,7 +1291,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1395,7 +1301,7 @@ fe_cmov_table:
ror r3, r3, #26
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1407,7 +1313,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1419,7 +1325,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1432,7 +1338,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1442,7 +1348,7 @@ fe_cmov_table:
ror r3, r3, #25
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1454,7 +1360,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1466,7 +1372,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1479,7 +1385,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1489,7 +1395,7 @@ fe_cmov_table:
ror r3, r3, #24
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #8]
ldr r11, [r1, #12]
#else
@@ -1501,7 +1407,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #40]
ldr r11, [r1, #44]
#else
@@ -1513,7 +1419,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #72]
ldr r11, [r1, #76]
#else
@@ -1526,8 +1432,8 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
sub r1, r1, #0x2a0
- mov r10, #-1
- mov r11, #-1
+ mvn r10, #0
+ mvn r11, #0
rsbs lr, lr, #0
sbcs r10, r10, r8
sbcs r11, r11, r9
@@ -1547,25 +1453,30 @@ fe_cmov_table:
eor r11, r11, r9
and r11, r11, r12
eor r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #40]
str r7, [r0, #44]
#else
strd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #72]
str r9, [r0, #76]
#else
strd r8, r9, [r0, #72]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ lsl r3, r2, #24
+ asr r3, r2, #31
+#else
sbfx r3, r2, #7, #1
+#endif
eor r12, r2, r3
sub r12, r12, r3
mov r4, #0
@@ -1574,7 +1485,7 @@ fe_cmov_table:
mov r7, #0
mov r8, #0
mov r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1584,7 +1495,7 @@ fe_cmov_table:
ror r3, r3, #31
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1596,7 +1507,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1608,7 +1519,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1621,7 +1532,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1631,7 +1542,7 @@ fe_cmov_table:
ror r3, r3, #30
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1643,7 +1554,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1655,7 +1566,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1668,7 +1579,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1678,7 +1589,7 @@ fe_cmov_table:
ror r3, r3, #29
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1690,7 +1601,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1702,7 +1613,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1715,7 +1626,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1725,7 +1636,7 @@ fe_cmov_table:
ror r3, r3, #28
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1737,7 +1648,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1749,7 +1660,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1762,7 +1673,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1772,7 +1683,7 @@ fe_cmov_table:
ror r3, r3, #27
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1784,7 +1695,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1796,7 +1707,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1809,7 +1720,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1819,7 +1730,7 @@ fe_cmov_table:
ror r3, r3, #26
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1831,7 +1742,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1843,7 +1754,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1856,7 +1767,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1866,7 +1777,7 @@ fe_cmov_table:
ror r3, r3, #25
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1878,7 +1789,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1890,7 +1801,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1903,7 +1814,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -1913,7 +1824,7 @@ fe_cmov_table:
ror r3, r3, #24
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #16]
ldr r11, [r1, #20]
#else
@@ -1925,7 +1836,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #48]
ldr r11, [r1, #52]
#else
@@ -1937,7 +1848,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #80]
ldr r11, [r1, #84]
#else
@@ -1950,8 +1861,8 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
sub r1, r1, #0x2a0
- mov r10, #-1
- mov r11, #-1
+ mvn r10, #0
+ mvn r11, #0
rsbs lr, lr, #0
sbcs r10, r10, r8
sbcs r11, r11, r9
@@ -1971,25 +1882,30 @@ fe_cmov_table:
eor r11, r11, r9
and r11, r11, r12
eor r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #48]
str r7, [r0, #52]
#else
strd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #80]
str r9, [r0, #84]
#else
strd r8, r9, [r0, #80]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ lsl r3, r2, #24
+ asr r3, r2, #31
+#else
sbfx r3, r2, #7, #1
+#endif
eor r12, r2, r3
sub r12, r12, r3
mov r4, #0
@@ -1998,7 +1914,7 @@ fe_cmov_table:
mov r7, #0
mov r8, #0
mov r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2008,7 +1924,7 @@ fe_cmov_table:
ror r3, r3, #31
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2020,7 +1936,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2032,7 +1948,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2045,7 +1961,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2055,7 +1971,7 @@ fe_cmov_table:
ror r3, r3, #30
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2067,7 +1983,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2079,7 +1995,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2092,7 +2008,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2102,7 +2018,7 @@ fe_cmov_table:
ror r3, r3, #29
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2114,7 +2030,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2126,7 +2042,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2139,7 +2055,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2149,7 +2065,7 @@ fe_cmov_table:
ror r3, r3, #28
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2161,7 +2077,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2173,7 +2089,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2186,7 +2102,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2196,7 +2112,7 @@ fe_cmov_table:
ror r3, r3, #27
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2208,7 +2124,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2220,7 +2136,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2233,7 +2149,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2243,7 +2159,7 @@ fe_cmov_table:
ror r3, r3, #26
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2255,7 +2171,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2267,7 +2183,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2280,7 +2196,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2290,7 +2206,7 @@ fe_cmov_table:
ror r3, r3, #25
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2302,7 +2218,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2314,7 +2230,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2327,7 +2243,7 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
add r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
mov r3, #0x800000
lsl r3, r3, #8
add r3, r3, #0x0
@@ -2337,7 +2253,7 @@ fe_cmov_table:
ror r3, r3, #24
ror r3, r3, r12
asr r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
#else
@@ -2349,7 +2265,7 @@ fe_cmov_table:
and r11, r11, r3
eor r4, r4, r10
eor r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
#else
@@ -2361,7 +2277,7 @@ fe_cmov_table:
and r11, r11, r3
eor r6, r6, r10
eor r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
#else
@@ -2374,14 +2290,8 @@ fe_cmov_table:
eor r8, r8, r10
eor r9, r9, r11
sub r1, r1, #0x2a0
- mov r10, #-1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- mov r11, #0x7fffff
- lsl r11, r11, #8
- add r11, r11, #0xff
-#else
- mov r11, #0x7fffffff
-#endif
+ mvn r10, #0
+ mvn r11, #0x80000000
rsbs lr, lr, #0
sbcs r10, r10, r8
sbc r11, r11, r9
@@ -2400,19 +2310,19 @@ fe_cmov_table:
eor r11, r11, r9
and r11, r11, r12
eor r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
strd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #56]
str r7, [r0, #60]
#else
strd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #88]
str r9, [r0, #92]
#else
@@ -2420,1036 +2330,1071 @@ fe_cmov_table:
#endif
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size fe_cmov_table,.-fe_cmov_table
+#else
.text
.align 4
- .globl fe_mul
- .type fe_mul, %function
-fe_mul:
+ .globl fe_cmov_table
+ .type fe_cmov_table, %function
+fe_cmov_table:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #0x40
- # Multiply
- ldr r7, [r1]
- ldr r8, [r1, #4]
- ldr r9, [r2]
- ldr lr, [r2, #4]
- # A[0] * B[0] = 0
- umull r4, r5, r7, r9
- str r4, [sp]
- # A[0] * B[1] = 1
- umull r3, r6, r7, lr
- adds r5, r5, r3
- adc r6, r6, #0
- # A[1] * B[0] = 1
- umull r3, r12, r8, r9
- adds r5, r5, r3
- mov r4, #0
- adcs r6, r6, r12
- adc r4, r4, #0
- str r5, [sp, #4]
- # A[2] * B[0] = 2
- ldr r10, [r1, #8]
- umull r3, r12, r10, r9
- adds r6, r6, r3
- adc r4, r4, r12
- # A[1] * B[1] = 2
- umull r3, r12, r8, lr
- adds r6, r6, r3
- mov r5, #0
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[0] * B[2] = 2
- ldr r11, [r2, #8]
- umull r3, r12, r7, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- str r6, [sp, #8]
- # A[0] * B[3] = 3
- ldr r11, [r2, #12]
- umull r3, r12, r7, r11
- adds r4, r4, r3
- mov r6, #0
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[1] * B[2] = 3
- ldr r11, [r2, #8]
- umull r3, r12, r8, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[2] * B[1] = 3
- umull r3, r12, r10, lr
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[3] * B[0] = 3
- ldr r10, [r1, #12]
- umull r3, r12, r10, r9
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- str r4, [sp, #12]
- # A[4] * B[0] = 4
- ldr r10, [r1, #16]
- umull r3, r12, r10, r9
- adds r5, r5, r3
- mov r4, #0
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[3] * B[1] = 4
- ldr r10, [r1, #12]
- umull r3, r12, r10, lr
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[2] * B[2] = 4
- ldr r10, [r1, #8]
- umull r3, r12, r10, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[1] * B[3] = 4
- ldr r11, [r2, #12]
- umull r3, r12, r8, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[0] * B[4] = 4
- ldr r11, [r2, #16]
- umull r3, r12, r7, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- str r5, [sp, #16]
- # A[0] * B[5] = 5
- ldr r11, [r2, #20]
- umull r3, r12, r7, r11
- adds r6, r6, r3
- mov r5, #0
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[1] * B[4] = 5
- ldr r11, [r2, #16]
- umull r3, r12, r8, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[2] * B[3] = 5
- ldr r11, [r2, #12]
- umull r3, r12, r10, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[3] * B[2] = 5
- ldr r10, [r1, #12]
- ldr r11, [r2, #8]
- umull r3, r12, r10, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[4] * B[1] = 5
- ldr r10, [r1, #16]
- umull r3, r12, r10, lr
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[5] * B[0] = 5
- ldr r10, [r1, #20]
- umull r3, r12, r10, r9
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- str r6, [sp, #20]
- # A[6] * B[0] = 6
- ldr r10, [r1, #24]
- umull r3, r12, r10, r9
- adds r4, r4, r3
- mov r6, #0
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[5] * B[1] = 6
- ldr r10, [r1, #20]
- umull r3, r12, r10, lr
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[4] * B[2] = 6
- ldr r10, [r1, #16]
- umull r3, r12, r10, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[3] * B[3] = 6
- ldr r10, [r1, #12]
- ldr r11, [r2, #12]
- umull r3, r12, r10, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[2] * B[4] = 6
- ldr r10, [r1, #8]
- ldr r11, [r2, #16]
- umull r3, r12, r10, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[1] * B[5] = 6
- ldr r11, [r2, #20]
- umull r3, r12, r8, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[0] * B[6] = 6
- ldr r11, [r2, #24]
- umull r3, r12, r7, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- str r4, [sp, #24]
- # A[0] * B[7] = 7
- ldr r11, [r2, #28]
- umull r3, r12, r7, r11
- adds r5, r5, r3
- mov r4, #0
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[1] * B[6] = 7
- ldr r11, [r2, #24]
- umull r3, r12, r8, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[2] * B[5] = 7
- ldr r11, [r2, #20]
- umull r3, r12, r10, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[3] * B[4] = 7
- ldr r10, [r1, #12]
- ldr r11, [r2, #16]
- umull r3, r12, r10, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[4] * B[3] = 7
- ldr r10, [r1, #16]
- ldr r11, [r2, #12]
- umull r3, r12, r10, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[5] * B[2] = 7
- ldr r10, [r1, #20]
- ldr r11, [r2, #8]
- umull r3, r12, r10, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[6] * B[1] = 7
- ldr r10, [r1, #24]
- umull r3, r12, r10, lr
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[7] * B[0] = 7
- ldr r10, [r1, #28]
- umull r3, r12, r10, r9
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- str r5, [sp, #28]
- ldr r7, [r1, #24]
- ldr r9, [r2, #24]
- # A[7] * B[1] = 8
- umull r3, r12, r10, lr
- adds r6, r6, r3
- mov r5, #0
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[6] * B[2] = 8
- umull r3, r12, r7, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[5] * B[3] = 8
- ldr r10, [r1, #20]
- ldr r11, [r2, #12]
- umull r3, r12, r10, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[4] * B[4] = 8
- ldr r10, [r1, #16]
- ldr r11, [r2, #16]
- umull r3, r12, r10, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[3] * B[5] = 8
- ldr r10, [r1, #12]
- ldr r11, [r2, #20]
- umull r3, r12, r10, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[2] * B[6] = 8
- ldr r10, [r1, #8]
- umull r3, r12, r10, r9
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[1] * B[7] = 8
- ldr r11, [r2, #28]
- umull r3, r12, r8, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- str r6, [sp, #32]
- ldr r8, [r1, #28]
- mov lr, r11
- # A[2] * B[7] = 9
- umull r3, r12, r10, lr
- adds r4, r4, r3
- mov r6, #0
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[3] * B[6] = 9
- ldr r10, [r1, #12]
- umull r3, r12, r10, r9
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[4] * B[5] = 9
- ldr r10, [r1, #16]
- ldr r11, [r2, #20]
- umull r3, r12, r10, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[5] * B[4] = 9
- ldr r10, [r1, #20]
- ldr r11, [r2, #16]
- umull r3, r12, r10, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[6] * B[3] = 9
- ldr r11, [r2, #12]
- umull r3, r12, r7, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[7] * B[2] = 9
- ldr r11, [r2, #8]
- umull r3, r12, r8, r11
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- str r4, [sp, #36]
- # A[7] * B[3] = 10
- ldr r11, [r2, #12]
- umull r3, r12, r8, r11
- adds r5, r5, r3
- mov r4, #0
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[6] * B[4] = 10
- ldr r11, [r2, #16]
- umull r3, r12, r7, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[5] * B[5] = 10
- ldr r11, [r2, #20]
- umull r3, r12, r10, r11
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[4] * B[6] = 10
- ldr r10, [r1, #16]
- umull r3, r12, r10, r9
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[3] * B[7] = 10
- ldr r10, [r1, #12]
- umull r3, r12, r10, lr
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- str r5, [sp, #40]
- # A[4] * B[7] = 11
- ldr r10, [r1, #16]
- umull r3, r12, r10, lr
- adds r6, r6, r3
- mov r5, #0
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[5] * B[6] = 11
- ldr r10, [r1, #20]
- umull r3, r12, r10, r9
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[6] * B[5] = 11
- umull r3, r12, r7, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- # A[7] * B[4] = 11
- ldr r11, [r2, #16]
- umull r3, r12, r8, r11
- adds r6, r6, r3
- adcs r4, r4, r12
- adc r5, r5, #0
- str r6, [sp, #44]
- # A[7] * B[5] = 12
- ldr r11, [r2, #20]
- umull r3, r12, r8, r11
- adds r4, r4, r3
- mov r6, #0
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[6] * B[6] = 12
- umull r3, r12, r7, r9
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- # A[5] * B[7] = 12
- umull r3, r12, r10, lr
- adds r4, r4, r3
- adcs r5, r5, r12
- adc r6, r6, #0
- str r4, [sp, #48]
- # A[6] * B[7] = 13
- umull r3, r12, r7, lr
- adds r5, r5, r3
- mov r4, #0
- adcs r6, r6, r12
- adc r4, r4, #0
- # A[7] * B[6] = 13
- umull r3, r12, r8, r9
- adds r5, r5, r3
- adcs r6, r6, r12
- adc r4, r4, #0
- str r5, [sp, #52]
- # A[7] * B[7] = 14
- umull r3, r12, r8, lr
- adds r6, r6, r3
- adc r4, r4, r12
- str r6, [sp, #56]
- str r4, [sp, #60]
- # Reduce
- # Load bottom half
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp]
- ldr r5, [sp, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ lsl r2, r2, #24
+ asr r2, r2, #24
#else
- ldrd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #8]
- ldr r7, [sp, #12]
-#else
- ldrd r6, r7, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #16]
- ldr r9, [sp, #20]
-#else
- ldrd r8, r9, [sp, #16]
+ sxtb r2, r2
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #24]
- ldr r11, [sp, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ lsl r3, r2, #24
+ asr r3, r2, #31
#else
- ldrd r10, r11, [sp, #24]
+ sbfx r3, r2, #7, #1
#endif
- lsr r3, r11, #31
- and r11, r11, #0x7fffffff
- mov lr, #19
- ldr r1, [sp, #32]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- adds r4, r4, r3
- mov r2, #0
- adcs r5, r5, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #36]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- add r12, r12, r2
- adds r5, r5, r3
- mov r2, #0
- adcs r6, r6, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #40]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- add r12, r12, r2
- adds r6, r6, r3
- mov r2, #0
- adcs r7, r7, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #44]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- add r12, r12, r2
- adds r7, r7, r3
- mov r2, #0
- adcs r8, r8, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #48]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- add r12, r12, r2
- adds r8, r8, r3
- mov r2, #0
- adcs r9, r9, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #52]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- add r12, r12, r2
- adds r9, r9, r3
- mov r2, #0
- adcs r10, r10, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #56]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- add r12, r12, r2
- adds r10, r10, r3
- mov r2, #0
- adcs r11, r11, r12
- adc r2, r2, #0
- lsr r3, r1, #31
- ldr r1, [sp, #60]
- orr r3, r3, r1, lsl #1
- umull r3, r12, lr, r3
- adds r11, r11, r3
- adc r3, r12, r2
- # Overflow
- lsl r3, r3, #1
- orr r3, r3, r11, lsr #31
- mul r3, r3, lr
- and r11, r11, #0x7fffffff
- adds r4, r4, r3
- adcs r5, r5, #0
- adcs r6, r6, #0
- adcs r7, r7, #0
- adcs r8, r8, #0
- adcs r9, r9, #0
- adcs r10, r10, #0
- adc r11, r11, #0
- # Reduce if top bit set
- asr r3, r11, #31
- and r3, r3, lr
- and r11, r11, #0x7fffffff
- adds r4, r4, r3
- adcs r5, r5, #0
+ eor r2, r2, r3
+ sub r2, r2, r3
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ sub lr, r2, #1
+#else
+ clz lr, r2
+ lsl lr, lr, #26
+#endif /* defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6) */
+ asr lr, lr, #31
+ mvn lr, lr
+ add r2, r2, lr
+ mov r12, #0x60
+ mul r2, r2, r12
+ add r1, r1, r2
+ ldm r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+ and r4, r4, lr
+ and r5, r5, lr
+ and r6, r6, lr
+ and r7, r7, lr
+ and r8, r8, lr
+ and r9, r9, lr
+ and r10, r10, lr
+ and r11, r11, lr
+ mvn r12, lr
+ sub r4, r4, r12
+ mov r12, #32
+ and r12, r12, r3
+ add r0, r0, r12
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ sub r0, r0, r12
+ ldm r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+ and r4, r4, lr
+ and r5, r5, lr
+ and r6, r6, lr
+ and r7, r7, lr
+ and r8, r8, lr
+ and r9, r9, lr
+ and r10, r10, lr
+ and r11, r11, lr
+ mvn r12, lr
+ sub r4, r4, r12
+ mov r12, #32
+ bic r12, r12, r3
+ add r0, r0, r12
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ sub r0, r0, r12
+ add r0, r0, #0x40
+ ldm r1!, {r4, r5, r6, r7}
+ mvn r12, #18
+ subs r8, r12, r4
+ sbcs r9, r3, r5
+ sbcs r10, r3, r6
+ sbcs r11, r3, r7
+ bic r4, r4, r3
+ bic r5, r5, r3
+ bic r6, r6, r3
+ bic r7, r7, r3
+ and r8, r8, r3
+ and r9, r9, r3
+ and r10, r10, r3
+ and r11, r11, r3
+ orr r4, r4, r8
+ orr r5, r5, r9
+ orr r6, r6, r10
+ orr r7, r7, r11
+ and r4, r4, lr
+ and r5, r5, lr
+ and r6, r6, lr
+ and r7, r7, lr
+ stm r0!, {r4, r5, r6, r7}
+ ldm r1!, {r4, r5, r6, r7}
+ mvn r12, #0x80000000
+ sbcs r8, r3, r4
+ sbcs r9, r3, r5
+ sbcs r10, r3, r6
+ sbc r11, r12, r7
+ bic r4, r4, r3
+ bic r5, r5, r3
+ bic r6, r6, r3
+ bic r7, r7, r3
+ and r8, r8, r3
+ and r9, r9, r3
+ and r10, r10, r3
+ and r11, r11, r3
+ orr r4, r4, r8
+ orr r5, r5, r9
+ orr r6, r6, r10
+ orr r7, r7, r11
+ and r4, r4, lr
+ and r5, r5, lr
+ and r6, r6, lr
+ and r7, r7, lr
+ stm r0!, {r4, r5, r6, r7}
+ sub r1, r1, r2
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size fe_cmov_table,.-fe_cmov_table
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ .text
+ .align 4
+ .globl fe_mul_op
+ .type fe_mul_op, %function
+fe_mul_op:
+ push {lr}
+ sub sp, sp, #40
+ str r0, [sp, #36]
+ mov r0, #0
+ ldr r12, [r1]
+ # A[0] * B[0]
+ ldr lr, [r2]
+ umull r3, r4, r12, lr
+ # A[0] * B[2]
+ ldr lr, [r2, #8]
+ umull r5, r6, r12, lr
+ # A[0] * B[4]
+ ldr lr, [r2, #16]
+ umull r7, r8, r12, lr
+ # A[0] * B[6]
+ ldr lr, [r2, #24]
+ umull r9, r10, r12, lr
+ str r3, [sp]
+ # A[0] * B[1]
+ ldr lr, [r2, #4]
+ mov r11, r0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[0] * B[3]
+ ldr lr, [r2, #12]
adcs r6, r6, #0
- adcs r7, r7, #0
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[0] * B[5]
+ ldr lr, [r2, #20]
adcs r8, r8, #0
- adcs r9, r9, #0
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[0] * B[7]
+ ldr lr, [r2, #28]
adcs r10, r10, #0
+ adc r3, r0, #0
+ umlal r10, r3, r12, lr
+ # A[1] * B[0]
+ ldr r12, [r1, #4]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r4, r11, r12, lr
+ str r4, [sp, #4]
+ adds r5, r5, r11
+ # A[1] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[1] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[1] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[1] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[1] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[1] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[1] * B[7]
+ ldr lr, [r2, #28]
+ adc r4, r0, #0
+ umlal r3, r4, r12, lr
+ # A[2] * B[0]
+ ldr r12, [r1, #8]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r5, r11, r12, lr
+ str r5, [sp, #8]
+ adds r6, r6, r11
+ # A[2] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[2] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[2] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[2] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[2] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[2] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[2] * B[7]
+ ldr lr, [r2, #28]
+ adc r5, r0, #0
+ umlal r4, r5, r12, lr
+ # A[3] * B[0]
+ ldr r12, [r1, #12]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r6, r11, r12, lr
+ str r6, [sp, #12]
+ adds r7, r7, r11
+ # A[3] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[3] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[3] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[3] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[3] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[3] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[3] * B[7]
+ ldr lr, [r2, #28]
+ adc r6, r0, #0
+ umlal r5, r6, r12, lr
+ # A[4] * B[0]
+ ldr r12, [r1, #16]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r7, r11, r12, lr
+ str r7, [sp, #16]
+ adds r8, r8, r11
+ # A[4] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[4] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[4] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[4] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[4] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[4] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[4] * B[7]
+ ldr lr, [r2, #28]
+ adc r7, r0, #0
+ umlal r6, r7, r12, lr
+ # A[5] * B[0]
+ ldr r12, [r1, #20]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r8, r11, r12, lr
+ str r8, [sp, #20]
+ adds r9, r9, r11
+ # A[5] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[5] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[5] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[5] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[5] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[5] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[5] * B[7]
+ ldr lr, [r2, #28]
+ adc r8, r0, #0
+ umlal r7, r8, r12, lr
+ # A[6] * B[0]
+ ldr r12, [r1, #24]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r9, r11, r12, lr
+ str r9, [sp, #24]
+ adds r10, r10, r11
+ # A[6] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[6] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[6] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[6] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[6] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[6] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[6] * B[7]
+ ldr lr, [r2, #28]
+ adc r9, r0, #0
+ umlal r8, r9, r12, lr
+ # A[7] * B[0]
+ ldr r12, [r1, #28]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r10, r11, r12, lr
+ str r10, [sp, #28]
+ adds r3, r3, r11
+ # A[7] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[7] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[7] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[7] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[7] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[7] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[7] * B[7]
+ ldr lr, [r2, #28]
+ adc r10, r0, #0
+ umlal r9, r10, r12, lr
+ # Reduce
+ ldr r2, [sp, #28]
+ mov lr, sp
+ mov r12, #38
+ umull r10, r11, r12, r10
+ adds r10, r10, r2
adc r11, r11, #0
+ mov r12, #19
+ lsl r11, r11, #1
+ orr r11, r11, r10, LSR #31
+ mul r11, r12, r11
+ ldm lr!, {r1, r2}
+ mov r12, #38
+ adds r1, r1, r11
+ adc r11, r0, #0
+ umlal r1, r11, r3, r12
+ adds r2, r2, r11
+ adc r11, r0, #0
+ umlal r2, r11, r4, r12
+ ldm lr!, {r3, r4}
+ adds r3, r3, r11
+ adc r11, r0, #0
+ umlal r3, r11, r5, r12
+ adds r4, r4, r11
+ adc r11, r0, #0
+ umlal r4, r11, r6, r12
+ ldm lr!, {r5, r6}
+ adds r5, r5, r11
+ adc r11, r0, #0
+ umlal r5, r11, r7, r12
+ adds r6, r6, r11
+ adc r11, r0, #0
+ umlal r6, r11, r8, r12
+ ldm lr!, {r7, r8}
+ adds r7, r7, r11
+ adc r11, r0, #0
+ umlal r7, r11, r9, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r10, r10, #0x80000000
+#else
+ bfc r10, #31, #1
+#endif
+ adds r8, r10, r11
# Store
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
+ ldr r0, [sp, #36]
+ stm r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+ add sp, sp, #40
+ pop {pc}
+ .size fe_mul_op,.-fe_mul_op
#else
- strd r10, r11, [r0, #24]
-#endif
- add sp, sp, #0x40
- pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_mul,.-fe_mul
.text
.align 4
- .globl fe_sq
- .type fe_sq, %function
-fe_sq:
- push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #0x40
- # Square
- ldr r7, [r1]
- ldr r8, [r1, #4]
- ldr r9, [r1, #8]
- ldr r10, [r1, #12]
- ldr r12, [r1, #16]
- # A[0] * A[0] = 0
- umull r4, r5, r7, r7
- str r4, [sp]
- # A[0] * A[1] = 1
- umull r2, r3, r7, r8
- mov r6, #0
- adds r5, r5, r2
- adc r6, r6, r3
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #4]
- # A[1] * A[1] = 2
- umull r2, r3, r8, r8
- adds r6, r6, r2
- adc r4, r4, r3
- # A[0] * A[2] = 2
- umull r2, r3, r7, r9
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #8]
- # A[0] * A[3] = 3
- umull r2, r3, r7, r10
- adds r4, r4, r2
- adc r5, r5, r3
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[1] * A[2] = 3
- umull r2, r3, r8, r9
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #12]
- # A[2] * A[2] = 4
- umull r2, r3, r9, r9
- adds r5, r5, r2
+ .globl fe_mul_op
+ .type fe_mul_op, %function
+fe_mul_op:
+ push {lr}
+ sub sp, sp, #44
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r0, [sp, #36]
+ str r1, [sp, #40]
+#else
+ strd r0, r1, [sp, #36]
+#endif
+ mov lr, r2
+ ldm r1, {r0, r1, r2, r3}
+ ldm lr!, {r4, r5, r6}
+ umull r10, r11, r0, r4
+ umull r12, r7, r1, r4
+ umaal r11, r12, r0, r5
+ umull r8, r9, r2, r4
+ umaal r12, r8, r1, r5
+ umaal r12, r7, r0, r6
+ umaal r8, r9, r3, r4
+ stm sp, {r10, r11, r12}
+ umaal r7, r8, r2, r5
+ ldm lr!, {r4}
+ umull r10, r11, r1, r6
+ umaal r8, r9, r2, r6
+ umaal r7, r10, r0, r4
+ umaal r8, r11, r3, r5
+ str r7, [sp, #12]
+ umaal r8, r10, r1, r4
+ umaal r9, r11, r3, r6
+ umaal r9, r10, r2, r4
+ umaal r10, r11, r3, r4
+ ldm lr, {r4, r5, r6, r7}
+ mov r12, #0
+ umlal r8, r12, r0, r4
+ umaal r9, r12, r1, r4
+ umaal r10, r12, r2, r4
+ umaal r11, r12, r3, r4
mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[1] * A[3] = 4
- umull r2, r3, r8, r10
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[0] * A[4] = 4
- umull r2, r3, r7, r12
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #16]
- # A[0] * A[5] = 5
- ldr r11, [r1, #20]
- umull r2, r3, r7, r11
- adds r6, r6, r2
+ umlal r9, r4, r0, r5
+ umaal r10, r4, r1, r5
+ umaal r11, r4, r2, r5
+ umaal r12, r4, r3, r5
mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[1] * A[4] = 5
- umull r2, r3, r8, r12
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[2] * A[3] = 5
- umull r2, r3, r9, r10
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #20]
- # A[3] * A[3] = 6
- umull r2, r3, r10, r10
- adds r4, r4, r2
+ umlal r10, r5, r0, r6
+ umaal r11, r5, r1, r6
+ umaal r12, r5, r2, r6
+ umaal r4, r5, r3, r6
mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[2] * A[4] = 6
- umull r2, r3, r9, r12
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[1] * A[5] = 6
- umull r2, r3, r8, r11
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[0] * A[6] = 6
- ldr r11, [r1, #24]
- umull r2, r3, r7, r11
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #24]
- # A[0] * A[7] = 7
- ldr r11, [r1, #28]
- umull r2, r3, r7, r11
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[1] * A[6] = 7
- ldr r11, [r1, #24]
- umull r2, r3, r8, r11
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[2] * A[5] = 7
- ldr r11, [r1, #20]
- umull r2, r3, r9, r11
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[3] * A[4] = 7
- umull r2, r3, r10, r12
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #28]
- # A[4] * A[4] = 8
- umull r2, r3, r12, r12
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[3] * A[5] = 8
- umull r2, r3, r10, r11
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[2] * A[6] = 8
- ldr r11, [r1, #24]
- umull r2, r3, r9, r11
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[1] * A[7] = 8
- ldr r11, [r1, #28]
- umull r2, r3, r8, r11
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
+ umlal r11, r6, r0, r7
+ ldr r0, [sp, #40]
+ umaal r12, r6, r1, r7
+ add r0, r0, #16
+ umaal r4, r6, r2, r7
+ sub lr, lr, #16
+ umaal r5, r6, r3, r7
+ ldm r0, {r0, r1, r2, r3}
str r6, [sp, #32]
- ldr r7, [r1, #20]
- # A[2] * A[7] = 9
- umull r2, r3, r9, r11
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[3] * A[6] = 9
- ldr r11, [r1, #24]
- umull r2, r3, r10, r11
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[4] * A[5] = 9
- umull r2, r3, r12, r7
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #36]
- mov r8, r11
- # A[5] * A[5] = 10
- umull r2, r3, r7, r7
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[4] * A[6] = 10
- umull r2, r3, r12, r8
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[3] * A[7] = 10
- ldr r11, [r1, #28]
- umull r2, r3, r10, r11
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #40]
- mov r9, r11
- # A[4] * A[7] = 11
- umull r2, r3, r12, r9
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[5] * A[6] = 11
- umull r2, r3, r7, r8
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #44]
- # A[6] * A[6] = 12
- umull r2, r3, r8, r8
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[5] * A[7] = 12
- umull r2, r3, r7, r9
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #48]
- # A[6] * A[7] = 13
- umull r2, r3, r8, r9
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #52]
- # A[7] * A[7] = 14
- umull r2, r3, r9, r9
- adds r6, r6, r2
- adc r4, r4, r3
- str r6, [sp, #56]
- str r4, [sp, #60]
+ ldm lr!, {r6}
+ mov r7, #0
+ umlal r8, r7, r0, r6
+ umaal r9, r7, r1, r6
+ str r8, [sp, #16]
+ umaal r10, r7, r2, r6
+ umaal r11, r7, r3, r6
+ ldm lr!, {r6}
+ mov r8, #0
+ umlal r9, r8, r0, r6
+ umaal r10, r8, r1, r6
+ str r9, [sp, #20]
+ umaal r11, r8, r2, r6
+ umaal r12, r8, r3, r6
+ ldm lr!, {r6}
+ mov r9, #0
+ umlal r10, r9, r0, r6
+ umaal r11, r9, r1, r6
+ str r10, [sp, #24]
+ umaal r12, r9, r2, r6
+ umaal r4, r9, r3, r6
+ ldm lr!, {r6}
+ mov r10, #0
+ umlal r11, r10, r0, r6
+ umaal r12, r10, r1, r6
+ str r11, [sp, #28]
+ umaal r4, r10, r2, r6
+ umaal r5, r10, r3, r6
+ ldm lr!, {r11}
+ umaal r12, r7, r0, r11
+ umaal r4, r7, r1, r11
+ ldr r6, [sp, #32]
+ umaal r5, r7, r2, r11
+ umaal r6, r7, r3, r11
+ ldm lr!, {r11}
+ umaal r4, r8, r0, r11
+ umaal r5, r8, r1, r11
+ umaal r6, r8, r2, r11
+ umaal r7, r8, r3, r11
+ ldm lr, {r11, lr}
+ umaal r5, r9, r0, r11
+ umaal r6, r10, r0, lr
+ umaal r6, r9, r1, r11
+ umaal r7, r10, r1, lr
+ umaal r7, r9, r2, r11
+ umaal r8, r10, r2, lr
+ umaal r8, r9, r3, r11
+ umaal r9, r10, r3, lr
# Reduce
- # Load bottom half
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp]
- ldr r5, [sp, #4]
-#else
- ldrd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #8]
- ldr r7, [sp, #12]
-#else
- ldrd r6, r7, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #16]
- ldr r9, [sp, #20]
-#else
- ldrd r8, r9, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #24]
- ldr r11, [sp, #28]
-#else
- ldrd r10, r11, [sp, #24]
-#endif
- lsr r2, r11, #31
- and r11, r11, #0x7fffffff
- mov r12, #19
- ldr r1, [sp, #32]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- adds r4, r4, r2
- mov lr, #0
- adcs r5, r5, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #36]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r5, r5, r2
- mov lr, #0
- adcs r6, r6, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #40]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r6, r6, r2
- mov lr, #0
- adcs r7, r7, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #44]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r7, r7, r2
- mov lr, #0
- adcs r8, r8, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #48]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r8, r8, r2
- mov lr, #0
- adcs r9, r9, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #52]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r9, r9, r2
- mov lr, #0
- adcs r10, r10, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #56]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r10, r10, r2
- mov lr, #0
- adcs r11, r11, r3
- adc lr, lr, #0
- lsr r2, r1, #31
- ldr r1, [sp, #60]
- orr r2, r2, r1, lsl #1
- umull r2, r3, r12, r2
- adds r11, r11, r2
- adc r2, r3, lr
- # Overflow
- lsl r2, r2, #1
- orr r2, r2, r11, lsr #31
- mul r2, r2, r12
- and r11, r11, #0x7fffffff
- adds r4, r4, r2
+ ldr r0, [sp, #28]
+ mov lr, #37
+ umaal r10, r0, r10, lr
+ mov lr, #19
+ lsl r0, r0, #1
+ orr r0, r0, r10, lsr #31
+ mul r11, r0, lr
+ pop {r0, r1, r2}
+ mov lr, #38
+ umaal r0, r11, r12, lr
+ umaal r1, r11, r4, lr
+ umaal r2, r11, r5, lr
+ pop {r3, r4, r5}
+ umaal r3, r11, r6, lr
+ umaal r4, r11, r7, lr
+ umaal r5, r11, r8, lr
+ pop {r6}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r10, r10, #0x80000000
+#else
+ bfc r10, #31, #1
+#endif
+ umaal r6, r11, r9, lr
+ add r7, r10, r11
+ ldr lr, [sp, #8]
+ # Store
+ stm lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+ add sp, sp, #16
+ pop {pc}
+ .size fe_mul_op,.-fe_mul_op
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ .text
+ .align 4
+ .globl fe_mul
+ .type fe_mul, %function
+fe_mul:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ bl fe_mul_op
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size fe_mul,.-fe_mul
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ .text
+ .align 4
+ .globl fe_sq_op
+ .type fe_sq_op, %function
+fe_sq_op:
+ push {lr}
+ sub sp, sp, #0x44
+ str r0, [sp, #64]
+ # Square
+ mov r0, #0
+ ldr r12, [r1]
+ # A[0] * A[1]
+ ldr lr, [r1, #4]
+ umull r4, r5, r12, lr
+ # A[0] * A[3]
+ ldr lr, [r1, #12]
+ umull r6, r7, r12, lr
+ # A[0] * A[5]
+ ldr lr, [r1, #20]
+ umull r8, r9, r12, lr
+ # A[0] * A[7]
+ ldr lr, [r1, #28]
+ umull r10, r3, r12, lr
+ # A[0] * A[2]
+ ldr lr, [r1, #8]
+ mov r11, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[0] * A[4]
+ ldr lr, [r1, #16]
+ adcs r7, r7, #0
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[0] * A[6]
+ ldr lr, [r1, #24]
+ adcs r9, r9, #0
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ adcs r3, r3, #0
+ str r4, [sp, #4]
+ str r5, [sp, #8]
+ # A[1] * A[2]
+ ldr r12, [r1, #4]
+ ldr lr, [r1, #8]
+ mov r11, #0
+ umlal r6, r11, r12, lr
+ str r6, [sp, #12]
+ adds r7, r7, r11
+ # A[1] * A[3]
+ ldr lr, [r1, #12]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ str r7, [sp, #16]
+ adds r8, r8, r11
+ # A[1] * A[4]
+ ldr lr, [r1, #16]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[1] * A[5]
+ ldr lr, [r1, #20]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[1] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[1] * A[7]
+ ldr lr, [r1, #28]
+ adc r4, r0, #0
+ umlal r3, r4, r12, lr
+ # A[2] * A[3]
+ ldr r12, [r1, #8]
+ ldr lr, [r1, #12]
+ mov r11, #0
+ umlal r8, r11, r12, lr
+ str r8, [sp, #20]
+ adds r9, r9, r11
+ # A[2] * A[4]
+ ldr lr, [r1, #16]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ str r9, [sp, #24]
+ adds r10, r10, r11
+ # A[2] * A[5]
+ ldr lr, [r1, #20]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[2] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[2] * A[7]
+ ldr lr, [r1, #28]
+ adc r5, r0, #0
+ umlal r4, r5, r12, lr
+ # A[3] * A[4]
+ ldr r12, [r1, #12]
+ ldr lr, [r1, #16]
+ mov r11, #0
+ umlal r10, r11, r12, lr
+ str r10, [sp, #28]
+ adds r3, r3, r11
+ # A[3] * A[5]
+ ldr lr, [r1, #20]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[3] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[3] * A[7]
+ ldr lr, [r1, #28]
+ adc r6, r0, #0
+ umlal r5, r6, r12, lr
+ # A[4] * A[5]
+ ldr r12, [r1, #16]
+ ldr lr, [r1, #20]
+ mov r11, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[4] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[4] * A[7]
+ ldr lr, [r1, #28]
+ adc r7, r0, #0
+ umlal r6, r7, r12, lr
+ # A[5] * A[6]
+ ldr r12, [r1, #20]
+ ldr lr, [r1, #24]
+ mov r11, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[5] * A[7]
+ ldr lr, [r1, #28]
+ adc r8, r0, #0
+ umlal r7, r8, r12, lr
+ # A[6] * A[7]
+ ldr r12, [r1, #24]
+ ldr lr, [r1, #28]
+ mov r9, #0
+ umlal r8, r9, r12, lr
+ add lr, sp, #32
+ stm lr, {r3, r4, r5, r6, r7, r8, r9}
+ add lr, sp, #4
+ ldm lr, {r4, r5, r6, r7, r8, r9, r10}
+ adds r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adcs r10, r10, r10
+ stm lr!, {r4, r5, r6, r7, r8, r9, r10}
+ ldm lr, {r3, r4, r5, r6, r7, r8, r9}
+ adcs r3, r3, r3
+ adcs r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adc r10, r0, #0
+ stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ add lr, sp, #4
+ ldm lr, {r4, r5, r6, r7, r8, r9, r10}
+ mov lr, sp
+ # A[0] * A[0]
+ ldr r12, [r1]
+ umull r3, r11, r12, r12
+ adds r4, r4, r11
+ # A[1] * A[1]
+ ldr r12, [r1, #4]
adcs r5, r5, #0
- adcs r6, r6, #0
+ adc r11, r0, #0
+ umlal r5, r11, r12, r12
+ adds r6, r6, r11
+ # A[2] * A[2]
+ ldr r12, [r1, #8]
adcs r7, r7, #0
- adcs r8, r8, #0
+ adc r11, r0, #0
+ umlal r7, r11, r12, r12
+ adds r8, r8, r11
+ # A[3] * A[3]
+ ldr r12, [r1, #12]
adcs r9, r9, #0
- adcs r10, r10, #0
- adc r11, r11, #0
- # Reduce if top bit set
- asr r2, r11, #31
- and r2, r2, r12
- and r11, r11, #0x7fffffff
- adds r4, r4, r2
+ adc r11, r0, #0
+ umlal r9, r11, r12, r12
+ adds r10, r10, r11
+ stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+ ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ # A[4] * A[4]
+ ldr r12, [r1, #16]
+ adcs r3, r3, #0
+ adc r11, r0, #0
+ umlal r3, r11, r12, r12
+ adds r4, r4, r11
+ # A[5] * A[5]
+ ldr r12, [r1, #20]
adcs r5, r5, #0
- adcs r6, r6, #0
+ adc r11, r0, #0
+ umlal r5, r11, r12, r12
+ adds r6, r6, r11
+ # A[6] * A[6]
+ ldr r12, [r1, #24]
adcs r7, r7, #0
- adcs r8, r8, #0
+ adc r11, r0, #0
+ umlal r7, r11, r12, r12
+ adds r8, r8, r11
+ # A[7] * A[7]
+ ldr r12, [r1, #28]
adcs r9, r9, #0
- adcs r10, r10, #0
+ adc r10, r10, #0
+ umlal r9, r10, r12, r12
+ # Reduce
+ ldr r2, [sp, #28]
+ mov lr, sp
+ mov r12, #38
+ umull r10, r11, r12, r10
+ adds r10, r10, r2
adc r11, r11, #0
+ mov r12, #19
+ lsl r11, r11, #1
+ orr r11, r11, r10, LSR #31
+ mul r11, r12, r11
+ ldm lr!, {r1, r2}
+ mov r12, #38
+ adds r1, r1, r11
+ adc r11, r0, #0
+ umlal r1, r11, r3, r12
+ adds r2, r2, r11
+ adc r11, r0, #0
+ umlal r2, r11, r4, r12
+ ldm lr!, {r3, r4}
+ adds r3, r3, r11
+ adc r11, r0, #0
+ umlal r3, r11, r5, r12
+ adds r4, r4, r11
+ adc r11, r0, #0
+ umlal r4, r11, r6, r12
+ ldm lr!, {r5, r6}
+ adds r5, r5, r11
+ adc r11, r0, #0
+ umlal r5, r11, r7, r12
+ adds r6, r6, r11
+ adc r11, r0, #0
+ umlal r6, r11, r8, r12
+ ldm lr!, {r7, r8}
+ adds r7, r7, r11
+ adc r11, r0, #0
+ umlal r7, r11, r9, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r10, r10, #0x80000000
+#else
+ bfc r10, #31, #1
+#endif
+ adds r8, r10, r11
# Store
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
+ ldr r0, [sp, #64]
+ stm r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+ add sp, sp, #0x44
+ pop {pc}
+ .size fe_sq_op,.-fe_sq_op
#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
+ .text
+ .align 4
+ .globl fe_sq_op
+ .type fe_sq_op, %function
+fe_sq_op:
+ push {lr}
+ sub sp, sp, #32
+ str r0, [sp, #28]
+ ldm r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+ # Square
+ umull r9, r10, r0, r0
+ umull r11, r12, r0, r1
+ adds r11, r11, r11
+ mov lr, #0
+ umaal r10, r11, lr, lr
+ stm sp, {r9, r10}
+ mov r8, lr
+ umaal r8, r12, r0, r2
+ adcs r8, r8, r8
+ umaal r8, r11, r1, r1
+ umull r9, r10, r0, r3
+ umaal r9, r12, r1, r2
+ adcs r9, r9, r9
+ umaal r9, r11, lr, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [sp, #8]
+ str r9, [sp, #12]
#else
- strd r10, r11, [r0, #24]
+ strd r8, r9, [sp, #8]
#endif
- add sp, sp, #0x40
+ mov r9, lr
+ umaal r9, r10, r0, r4
+ umaal r9, r12, r1, r3
+ adcs r9, r9, r9
+ umaal r9, r11, r2, r2
+ str r9, [sp, #16]
+ umull r9, r8, r0, r5
+ umaal r9, r12, r1, r4
+ umaal r9, r10, r2, r3
+ adcs r9, r9, r9
+ umaal r9, r11, lr, lr
+ str r9, [sp, #20]
+ mov r9, lr
+ umaal r9, r8, r0, r6
+ umaal r9, r12, r1, r5
+ umaal r9, r10, r2, r4
+ adcs r9, r9, r9
+ umaal r9, r11, r3, r3
+ str r9, [sp, #24]
+ umull r0, r9, r0, r7
+ umaal r0, r8, r1, r6
+ umaal r0, r12, r2, r5
+ umaal r0, r10, r3, r4
+ adcs r0, r0, r0
+ umaal r0, r11, lr, lr
+ # R[7] = r0
+ umaal r9, r8, r1, r7
+ umaal r9, r10, r2, r6
+ umaal r12, r9, r3, r5
+ adcs r12, r12, r12
+ umaal r12, r11, r4, r4
+ # R[8] = r12
+ umaal r9, r8, r2, r7
+ umaal r10, r9, r3, r6
+ mov r2, lr
+ umaal r10, r2, r4, r5
+ adcs r10, r10, r10
+ umaal r11, r10, lr, lr
+ # R[9] = r11
+ umaal r2, r8, r3, r7
+ umaal r2, r9, r4, r6
+ adcs r3, r2, r2
+ umaal r10, r3, r5, r5
+ # R[10] = r10
+ mov r1, lr
+ umaal r1, r8, r4, r7
+ umaal r1, r9, r5, r6
+ adcs r4, r1, r1
+ umaal r3, r4, lr, lr
+ # R[11] = r3
+ umaal r8, r9, r5, r7
+ adcs r8, r8, r8
+ umaal r4, r8, r6, r6
+ # R[12] = r4
+ mov r5, lr
+ umaal r5, r9, r6, r7
+ adcs r5, r5, r5
+ umaal r8, r5, lr, lr
+ # R[13] = r8
+ adcs r9, r9, r9
+ umaal r9, r5, r7, r7
+ adcs r7, r5, lr
+ # R[14] = r9
+ # R[15] = r7
+ # Reduce
+ mov r6, #37
+ umaal r7, r0, r7, r6
+ mov r6, #19
+ lsl r0, r0, #1
+ orr r0, r0, r7, lsr #31
+ mul lr, r0, r6
+ pop {r0, r1}
+ mov r6, #38
+ umaal r0, lr, r12, r6
+ umaal r1, lr, r11, r6
+ mov r12, r3
+ mov r11, r4
+ pop {r2, r3, r4}
+ umaal r2, lr, r10, r6
+ umaal r3, lr, r12, r6
+ umaal r4, lr, r11, r6
+ mov r12, r6
+ pop {r5, r6}
+ umaal r5, lr, r8, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r7, r7, #0x80000000
+#else
+ bfc r7, #31, #1
+#endif
+ umaal r6, lr, r9, r12
+ add r7, r7, lr
+ pop {lr}
+ # Store
+ stm lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+ pop {pc}
+ .size fe_sq_op,.-fe_sq_op
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+ .text
+ .align 4
+ .globl fe_sq
+ .type fe_sq, %function
+fe_sq:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ bl fe_sq_op
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size fe_sq,.-fe_sq
+#ifdef HAVE_CURVE25519
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
.text
.align 4
.globl fe_mul121666
@@ -3457,719 +3402,121 @@ fe_sq:
fe_mul121666:
push {r4, r5, r6, r7, r8, r9, r10, lr}
# Multiply by 121666
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r2, [r1]
- ldr r3, [r1, #4]
+ ldm r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #1
+ lsl r10, r10, #8
+ orr r10, r10, #0xdb
+ lsl r10, r10, #8
+ orr r10, r10, #0x42
#else
- ldrd r2, r3, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xdb
+ lsl r10, r10, #8
+ add r10, r10, #0x42
#else
- ldrd r4, r5, [r1, #8]
+ mov r10, #0xdb42
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #16]
- ldr r7, [r1, #20]
-#else
- ldrd r6, r7, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #24]
- ldr r9, [r1, #28]
-#else
- ldrd r8, r9, [r1, #24]
+ movt r10, #1
#endif
- movw lr, #0xdb42
- movt lr, #1
- umull r2, r10, r2, lr
- umull r3, r12, r3, lr
- adds r3, r3, r10
- adc r10, r12, #0
- umull r4, r12, r4, lr
- adds r4, r4, r10
- adc r10, r12, #0
- umull r5, r12, r5, lr
- adds r5, r5, r10
- adc r10, r12, #0
- umull r6, r12, r6, lr
- adds r6, r6, r10
- adc r10, r12, #0
- umull r7, r12, r7, lr
- adds r7, r7, r10
- adc r10, r12, #0
- umull r8, r12, r8, lr
- adds r8, r8, r10
- adc r10, r12, #0
- umull r9, r12, r9, lr
- adds r9, r9, r10
- adc r10, r12, #0
- mov lr, #19
- lsl r10, r10, #1
- orr r10, r10, r9, lsr #31
- mul r10, r10, lr
- and r9, r9, #0x7fffffff
- adds r2, r2, r10
+ umull r2, r12, r10, r2
+ umull r3, lr, r10, r3
+ adds r3, r3, r12
+ adc lr, lr, #0
+ umull r4, r12, r10, r4
+ adds r4, r4, lr
+ adc r12, r12, #0
+ umull r5, lr, r10, r5
+ adds r5, r5, r12
+ adc lr, lr, #0
+ umull r6, r12, r10, r6
+ adds r6, r6, lr
+ adc r12, r12, #0
+ umull r7, lr, r10, r7
+ adds r7, r7, r12
+ adc lr, lr, #0
+ umull r8, r12, r10, r8
+ adds r8, r8, lr
+ adc r12, r12, #0
+ umull r9, lr, r10, r9
+ adds r9, r9, r12
+ mov r10, #19
+ adc lr, lr, #0
+ lsl lr, lr, #1
+ orr lr, lr, r9, LSR #31
+ mul lr, r10, lr
+ adds r2, r2, lr
adcs r3, r3, #0
adcs r4, r4, #0
adcs r5, r5, #0
adcs r6, r6, #0
adcs r7, r7, #0
- adcs r8, r8, #0
- adc r9, r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r2, [r0]
- str r3, [r0, #4]
-#else
- strd r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #16]
- str r7, [r0, #20]
-#else
- strd r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0x80000000
#else
- strd r8, r9, [r0, #24]
+ bfc r9, #31, #1
#endif
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
pop {r4, r5, r6, r7, r8, r9, r10, pc}
.size fe_mul121666,.-fe_mul121666
+#else
.text
.align 4
- .globl fe_sq2
- .type fe_sq2, %function
-fe_sq2:
- push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #0x40
- # Square * 2
- ldr r7, [r1]
- ldr r8, [r1, #4]
- ldr r9, [r1, #8]
- ldr r10, [r1, #12]
- ldr r12, [r1, #16]
- # A[0] * A[0] = 0
- umull r4, r5, r7, r7
- str r4, [sp]
- # A[0] * A[1] = 1
- umull r2, r3, r7, r8
- mov r6, #0
- adds r5, r5, r2
- adc r6, r6, r3
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #4]
- # A[1] * A[1] = 2
- umull r2, r3, r8, r8
- adds r6, r6, r2
- adc r4, r4, r3
- # A[0] * A[2] = 2
- umull r2, r3, r7, r9
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #8]
- # A[0] * A[3] = 3
- umull r2, r3, r7, r10
- adds r4, r4, r2
- adc r5, r5, r3
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[1] * A[2] = 3
- umull r2, r3, r8, r9
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #12]
- # A[2] * A[2] = 4
- umull r2, r3, r9, r9
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[1] * A[3] = 4
- umull r2, r3, r8, r10
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[0] * A[4] = 4
- umull r2, r3, r7, r12
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #16]
- # A[0] * A[5] = 5
- ldr r11, [r1, #20]
- umull r2, r3, r7, r11
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[1] * A[4] = 5
- umull r2, r3, r8, r12
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[2] * A[3] = 5
- umull r2, r3, r9, r10
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #20]
- # A[3] * A[3] = 6
- umull r2, r3, r10, r10
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[2] * A[4] = 6
- umull r2, r3, r9, r12
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[1] * A[5] = 6
- umull r2, r3, r8, r11
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[0] * A[6] = 6
- ldr r11, [r1, #24]
- umull r2, r3, r7, r11
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #24]
- # A[0] * A[7] = 7
- ldr r11, [r1, #28]
- umull r2, r3, r7, r11
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[1] * A[6] = 7
- ldr r11, [r1, #24]
- umull r2, r3, r8, r11
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[2] * A[5] = 7
- ldr r11, [r1, #20]
- umull r2, r3, r9, r11
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[3] * A[4] = 7
- umull r2, r3, r10, r12
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #28]
- # A[4] * A[4] = 8
- umull r2, r3, r12, r12
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[3] * A[5] = 8
- umull r2, r3, r10, r11
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[2] * A[6] = 8
- ldr r11, [r1, #24]
- umull r2, r3, r9, r11
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[1] * A[7] = 8
- ldr r11, [r1, #28]
- umull r2, r3, r8, r11
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #32]
- ldr r7, [r1, #20]
- # A[2] * A[7] = 9
- umull r2, r3, r9, r11
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[3] * A[6] = 9
- ldr r11, [r1, #24]
- umull r2, r3, r10, r11
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[4] * A[5] = 9
- umull r2, r3, r12, r7
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #36]
- mov r8, r11
- # A[5] * A[5] = 10
- umull r2, r3, r7, r7
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[4] * A[6] = 10
- umull r2, r3, r12, r8
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- # A[3] * A[7] = 10
- ldr r11, [r1, #28]
- umull r2, r3, r10, r11
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #40]
- mov r9, r11
- # A[4] * A[7] = 11
- umull r2, r3, r12, r9
- adds r6, r6, r2
- mov r5, #0
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- # A[5] * A[6] = 11
- umull r2, r3, r7, r8
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- adds r6, r6, r2
- adcs r4, r4, r3
- adc r5, r5, #0
- str r6, [sp, #44]
- # A[6] * A[6] = 12
- umull r2, r3, r8, r8
- adds r4, r4, r2
- mov r6, #0
- adcs r5, r5, r3
- adc r6, r6, #0
- # A[5] * A[7] = 12
- umull r2, r3, r7, r9
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- adds r4, r4, r2
- adcs r5, r5, r3
- adc r6, r6, #0
- str r4, [sp, #48]
- # A[6] * A[7] = 13
- umull r2, r3, r8, r9
- adds r5, r5, r2
- mov r4, #0
- adcs r6, r6, r3
- adc r4, r4, #0
- adds r5, r5, r2
- adcs r6, r6, r3
- adc r4, r4, #0
- str r5, [sp, #52]
- # A[7] * A[7] = 14
- umull r2, r3, r9, r9
- adds r6, r6, r2
- adc r4, r4, r3
- str r6, [sp, #56]
- str r4, [sp, #60]
- # Double and Reduce
- # Load bottom half
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp]
- ldr r5, [sp, #4]
-#else
- ldrd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #8]
- ldr r7, [sp, #12]
+ .globl fe_mul121666
+ .type fe_mul121666, %function
+fe_mul121666:
+ push {r4, r5, r6, r7, r8, r9, r10, lr}
+ # Multiply by 121666
+ ldm r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #1
+ lsl lr, lr, #8
+ orr lr, lr, #0xdb
+ lsl lr, lr, #8
+ orr lr, lr, #0x42
#else
- ldrd r6, r7, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #16]
- ldr r9, [sp, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #0xdb
+ lsl lr, lr, #8
+ add lr, lr, #0x42
#else
- ldrd r8, r9, [sp, #16]
+ mov lr, #0xdb42
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #24]
- ldr r11, [sp, #28]
-#else
- ldrd r10, r11, [sp, #24]
+ movt lr, #1
#endif
- lsr r2, r11, #30
- lsl r11, r11, #1
- orr r11, r11, r10, lsr #31
+ umull r2, r10, lr, r2
+ sub r12, lr, #1
+ umaal r3, r10, r12, r3
+ umaal r4, r10, r12, r4
+ umaal r5, r10, r12, r5
+ umaal r6, r10, r12, r6
+ umaal r7, r10, r12, r7
+ umaal r8, r10, r12, r8
+ mov lr, #19
+ umaal r9, r10, r12, r9
lsl r10, r10, #1
orr r10, r10, r9, lsr #31
- lsl r9, r9, #1
- orr r9, r9, r8, lsr #31
- lsl r8, r8, #1
- orr r8, r8, r7, lsr #31
- lsl r7, r7, #1
- orr r7, r7, r6, lsr #31
- lsl r6, r6, #1
- orr r6, r6, r5, lsr #31
- lsl r5, r5, #1
- orr r5, r5, r4, lsr #31
- lsl r4, r4, #1
- and r11, r11, #0x7fffffff
- mov r12, #19
- ldr r1, [sp, #32]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- adds r4, r4, r2
- mov lr, #0
- adcs r5, r5, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #36]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r5, r5, r2
- mov lr, #0
- adcs r6, r6, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #40]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r6, r6, r2
- mov lr, #0
- adcs r7, r7, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #44]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r7, r7, r2
- mov lr, #0
- adcs r8, r8, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #48]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r8, r8, r2
- mov lr, #0
- adcs r9, r9, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #52]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r9, r9, r2
- mov lr, #0
- adcs r10, r10, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #56]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- add r3, r3, lr
- adds r10, r10, r2
- mov lr, #0
- adcs r11, r11, r3
- adc lr, lr, #0
- lsr r2, r1, #30
- ldr r1, [sp, #60]
- orr r2, r2, r1, lsl #2
- umull r2, r3, r12, r2
- adds r11, r11, r2
- adc r2, r3, lr
- # Overflow
- lsl r2, r2, #1
- orr r2, r2, r11, lsr #31
- mul r2, r2, r12
- and r11, r11, #0x7fffffff
- adds r4, r4, r2
- adcs r5, r5, #0
- adcs r6, r6, #0
- adcs r7, r7, #0
- adcs r8, r8, #0
- adcs r9, r9, #0
- adcs r10, r10, #0
- adc r11, r11, #0
- # Reduce if top bit set
- asr r2, r11, #31
- and r2, r2, r12
- and r11, r11, #0x7fffffff
- adds r4, r4, r2
+ mul r10, lr, r10
+ adds r2, r2, r10
+ adcs r3, r3, #0
+ adcs r4, r4, #0
adcs r5, r5, #0
adcs r6, r6, #0
adcs r7, r7, #0
- adcs r8, r8, #0
- adcs r9, r9, #0
- adcs r10, r10, #0
- adc r11, r11, #0
- # Store
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0x80000000
#else
- strd r8, r9, [r0, #16]
+ bfc r9, #31, #1
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- add sp, sp, #0x40
- pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_sq2,.-fe_sq2
- .text
- .align 4
- .globl fe_invert
- .type fe_invert, %function
-fe_invert:
- push {r4, lr}
- sub sp, sp, #0x88
- # Invert
- str r0, [sp, #128]
- str r1, [sp, #132]
- mov r0, sp
- ldr r1, [sp, #132]
- bl fe_sq
- add r0, sp, #32
- mov r1, sp
- bl fe_sq
- add r0, sp, #32
- add r1, sp, #32
- bl fe_sq
- add r0, sp, #32
- ldr r1, [sp, #132]
- add r2, sp, #32
- bl fe_mul
- mov r0, sp
- mov r1, sp
- add r2, sp, #32
- bl fe_mul
- add r0, sp, #0x40
- mov r1, sp
- bl fe_sq
- add r0, sp, #32
- add r1, sp, #32
- add r2, sp, #0x40
- bl fe_mul
- add r0, sp, #0x40
- add r1, sp, #32
- bl fe_sq
- mov r4, #4
-L_fe_invert1:
- add r0, sp, #0x40
- add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert1
- add r0, sp, #32
- add r1, sp, #0x40
- add r2, sp, #32
- bl fe_mul
- add r0, sp, #0x40
- add r1, sp, #32
- bl fe_sq
- mov r4, #9
-L_fe_invert2:
- add r0, sp, #0x40
- add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert2
- add r0, sp, #0x40
- add r1, sp, #0x40
- add r2, sp, #32
- bl fe_mul
- add r0, sp, #0x60
- add r1, sp, #0x40
- bl fe_sq
- mov r4, #19
-L_fe_invert3:
- add r0, sp, #0x60
- add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert3
- add r0, sp, #0x40
- add r1, sp, #0x60
- add r2, sp, #0x40
- bl fe_mul
- mov r4, #10
-L_fe_invert4:
- add r0, sp, #0x40
- add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert4
- add r0, sp, #32
- add r1, sp, #0x40
- add r2, sp, #32
- bl fe_mul
- add r0, sp, #0x40
- add r1, sp, #32
- bl fe_sq
- mov r4, #49
-L_fe_invert5:
- add r0, sp, #0x40
- add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert5
- add r0, sp, #0x40
- add r1, sp, #0x40
- add r2, sp, #32
- bl fe_mul
- add r0, sp, #0x60
- add r1, sp, #0x40
- bl fe_sq
- mov r4, #0x63
-L_fe_invert6:
- add r0, sp, #0x60
- add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert6
- add r0, sp, #0x40
- add r1, sp, #0x60
- add r2, sp, #0x40
- bl fe_mul
- mov r4, #50
-L_fe_invert7:
- add r0, sp, #0x40
- add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert7
- add r0, sp, #32
- add r1, sp, #0x40
- add r2, sp, #32
- bl fe_mul
- mov r4, #5
-L_fe_invert8:
- add r0, sp, #32
- add r1, sp, #32
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_fe_invert8
- ldr r0, [sp, #128]
- add r1, sp, #32
- mov r2, sp
- bl fe_mul
- ldr r1, [sp, #132]
- ldr r0, [sp, #128]
- add sp, sp, #0x88
- pop {r4, pc}
- .size fe_invert,.-fe_invert
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ pop {r4, r5, r6, r7, r8, r9, r10, pc}
+ .size fe_mul121666,.-fe_mul121666
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifndef WC_NO_CACHE_RESISTANT
.text
.align 4
.globl curve25519
@@ -4182,138 +3529,24 @@ curve25519:
str r2, [sp, #168]
mov r1, #0
str r1, [sp, #172]
- # Set one
- mov r10, #1
- mov r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0]
- str r11, [r0, #4]
-#else
- strd r10, r11, [r0]
-#endif
- mov r10, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #16]
- str r11, [r0, #20]
-#else
- strd r10, r11, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- # Set zero
+ mov r4, #1
+ mov r5, #0
+ mov r6, #0
+ mov r7, #0
+ mov r8, #0
+ mov r9, #0
mov r10, #0
mov r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp]
- str r11, [sp, #4]
-#else
- strd r10, r11, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #8]
- str r11, [sp, #12]
-#else
- strd r10, r11, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #16]
- str r11, [sp, #20]
-#else
- strd r10, r11, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #24]
- str r11, [sp, #28]
-#else
- strd r10, r11, [sp, #24]
-#endif
- # Set one
- mov r10, #1
- mov r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #32]
- str r11, [sp, #36]
-#else
- strd r10, r11, [sp, #32]
-#endif
- mov r10, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #40]
- str r11, [sp, #44]
-#else
- strd r10, r11, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #48]
- str r11, [sp, #52]
-#else
- strd r10, r11, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #56]
- str r11, [sp, #60]
-#else
- strd r10, r11, [sp, #56]
-#endif
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ add r3, sp, #32
+ stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ mov r4, #0
+ mov r3, sp
+ stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ add r3, sp, #0x40
# Copy
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
-#else
- ldrd r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r2, #8]
- ldr r7, [r2, #12]
-#else
- ldrd r6, r7, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #64]
- str r5, [sp, #68]
-#else
- strd r4, r5, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #72]
- str r7, [sp, #76]
-#else
- strd r6, r7, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
-#else
- ldrd r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r2, #24]
- ldr r7, [r2, #28]
-#else
- ldrd r6, r7, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #80]
- str r5, [sp, #84]
-#else
- strd r4, r5, [sp, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #88]
- str r7, [sp, #92]
-#else
- strd r6, r7, [sp, #88]
-#endif
+ ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+ stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
mov r1, #30
str r1, [sp, #180]
mov r2, #28
@@ -4331,19 +3564,11 @@ L_curve25519_bits:
str r1, [sp, #172]
ldr r0, [sp, #160]
# Conditional Swap
- neg r1, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #64]
- ldr r7, [sp, #68]
-#else
- ldrd r6, r7, [sp, #64]
-#endif
+ rsb r1, r1, #0
+ mov r3, r0
+ add r12, sp, #0x40
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4352,30 +3577,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #64]
- str r7, [sp, #68]
-#else
- strd r6, r7, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #72]
- ldr r7, [sp, #76]
-#else
- ldrd r6, r7, [sp, #72]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4384,30 +3589,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #72]
- str r7, [sp, #76]
-#else
- strd r6, r7, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #80]
- ldr r7, [sp, #84]
-#else
- ldrd r6, r7, [sp, #80]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4416,30 +3601,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #80]
- str r7, [sp, #84]
-#else
- strd r6, r7, [sp, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #24]
- ldr r5, [r0, #28]
-#else
- ldrd r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #88]
- ldr r7, [sp, #92]
-#else
- ldrd r6, r7, [sp, #88]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4448,33 +3613,15 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #24]
- str r5, [r0, #28]
-#else
- strd r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #88]
- str r7, [sp, #92]
-#else
- strd r6, r7, [sp, #88]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
ldr r1, [sp, #172]
# Conditional Swap
- neg r1, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp]
- ldr r5, [sp, #4]
-#else
- ldrd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #32]
- ldr r7, [sp, #36]
-#else
- ldrd r6, r7, [sp, #32]
-#endif
+ rsb r1, r1, #0
+ mov r3, sp
+ add r12, sp, #32
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4483,30 +3630,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp]
- str r5, [sp, #4]
-#else
- strd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #32]
- str r7, [sp, #36]
-#else
- strd r6, r7, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #8]
- ldr r5, [sp, #12]
-#else
- ldrd r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #40]
- ldr r7, [sp, #44]
-#else
- ldrd r6, r7, [sp, #40]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4515,30 +3642,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #8]
- str r5, [sp, #12]
-#else
- strd r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #40]
- str r7, [sp, #44]
-#else
- strd r6, r7, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #16]
- ldr r5, [sp, #20]
-#else
- ldrd r4, r5, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #48]
- ldr r7, [sp, #52]
-#else
- ldrd r6, r7, [sp, #48]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4547,30 +3654,10 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #16]
- str r5, [sp, #20]
-#else
- strd r4, r5, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #48]
- str r7, [sp, #52]
-#else
- strd r6, r7, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #24]
- ldr r5, [sp, #28]
-#else
- ldrd r4, r5, [sp, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #56]
- ldr r7, [sp, #60]
-#else
- ldrd r6, r7, [sp, #56]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
+ ldm r3, {r4, r5}
+ ldm r12, {r6, r7}
eor r8, r4, r6
eor r9, r5, r7
and r8, r8, r1
@@ -4579,1093 +3666,68 @@ L_curve25519_bits:
eor r5, r5, r9
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #24]
- str r5, [sp, #28]
-#else
- strd r4, r5, [sp, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #56]
- str r7, [sp, #60]
-#else
- strd r6, r7, [sp, #56]
-#endif
+ stm r3!, {r4, r5}
+ stm r12!, {r6, r7}
ldr r1, [sp, #184]
str r1, [sp, #172]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp]
- ldr r7, [sp, #4]
-#else
- ldrd r6, r7, [sp]
-#endif
- adds r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
- # Sub
- subs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #128]
- str r11, [sp, #132]
-#else
- strd r10, r11, [sp, #128]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #8]
- ldr r7, [sp, #12]
-#else
- ldrd r6, r7, [sp, #8]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #136]
- str r11, [sp, #140]
-#else
- strd r10, r11, [sp, #136]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #16]
- ldr r7, [sp, #20]
-#else
- ldrd r6, r7, [sp, #16]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #144]
- str r11, [sp, #148]
-#else
- strd r10, r11, [sp, #144]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #24]
- ldr r5, [r0, #28]
-#else
- ldrd r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #24]
- ldr r7, [sp, #28]
-#else
- ldrd r6, r7, [sp, #24]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r3, #-19
- asr r2, r9, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
- subs r4, r4, r3
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
- sbcs r4, r4, r2
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
- sbcs r4, r4, r2
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
-#endif
- sbcs r8, r8, r2
- sbc r9, r9, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
- mov r3, #-19
- asr r2, r11, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #128]
- ldr r5, [sp, #132]
-#else
- ldrd r4, r5, [sp, #128]
-#endif
- adds r4, r4, r3
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #128]
- str r5, [sp, #132]
-#else
- strd r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #136]
- ldr r5, [sp, #140]
-#else
- ldrd r4, r5, [sp, #136]
-#endif
- adcs r4, r4, r2
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #136]
- str r5, [sp, #140]
-#else
- strd r4, r5, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #144]
- ldr r5, [sp, #148]
-#else
- ldrd r4, r5, [sp, #144]
-#endif
- adcs r4, r4, r2
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #144]
- str r5, [sp, #148]
-#else
- strd r4, r5, [sp, #144]
-#endif
- adcs r10, r10, r2
- adc r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #152]
- str r11, [sp, #156]
-#else
- strd r10, r11, [sp, #152]
-#endif
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #64]
- ldr r5, [sp, #68]
-#else
- ldrd r4, r5, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #32]
- ldr r7, [sp, #36]
-#else
- ldrd r6, r7, [sp, #32]
-#endif
- adds r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp]
- str r9, [sp, #4]
-#else
- strd r8, r9, [sp]
-#endif
- # Sub
- subs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #96]
- str r11, [sp, #100]
-#else
- strd r10, r11, [sp, #96]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #72]
- ldr r5, [sp, #76]
-#else
- ldrd r4, r5, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #40]
- ldr r7, [sp, #44]
-#else
- ldrd r6, r7, [sp, #40]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #8]
- str r9, [sp, #12]
-#else
- strd r8, r9, [sp, #8]
-#endif
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #104]
- str r11, [sp, #108]
-#else
- strd r10, r11, [sp, #104]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #80]
- ldr r5, [sp, #84]
-#else
- ldrd r4, r5, [sp, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #48]
- ldr r7, [sp, #52]
-#else
- ldrd r6, r7, [sp, #48]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #16]
- str r9, [sp, #20]
-#else
- strd r8, r9, [sp, #16]
-#endif
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #112]
- str r11, [sp, #116]
-#else
- strd r10, r11, [sp, #112]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #88]
- ldr r5, [sp, #92]
-#else
- ldrd r4, r5, [sp, #88]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #56]
- ldr r7, [sp, #60]
-#else
- ldrd r6, r7, [sp, #56]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r3, #-19
- asr r2, r9, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp]
- ldr r5, [sp, #4]
-#else
- ldrd r4, r5, [sp]
-#endif
- subs r4, r4, r3
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp]
- str r5, [sp, #4]
-#else
- strd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #8]
- ldr r5, [sp, #12]
-#else
- ldrd r4, r5, [sp, #8]
-#endif
- sbcs r4, r4, r2
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #8]
- str r5, [sp, #12]
-#else
- strd r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #16]
- ldr r5, [sp, #20]
-#else
- ldrd r4, r5, [sp, #16]
-#endif
- sbcs r4, r4, r2
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #16]
- str r5, [sp, #20]
-#else
- strd r4, r5, [sp, #16]
-#endif
- sbcs r8, r8, r2
- sbc r9, r9, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #24]
- str r9, [sp, #28]
-#else
- strd r8, r9, [sp, #24]
-#endif
- mov r3, #-19
- asr r2, r11, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #96]
- ldr r5, [sp, #100]
-#else
- ldrd r4, r5, [sp, #96]
-#endif
- adds r4, r4, r3
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #96]
- str r5, [sp, #100]
-#else
- strd r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #104]
- ldr r5, [sp, #108]
-#else
- ldrd r4, r5, [sp, #104]
-#endif
- adcs r4, r4, r2
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #104]
- str r5, [sp, #108]
-#else
- strd r4, r5, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #112]
- ldr r5, [sp, #116]
-#else
- ldrd r4, r5, [sp, #112]
-#endif
- adcs r4, r4, r2
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #112]
- str r5, [sp, #116]
-#else
- strd r4, r5, [sp, #112]
-#endif
- adcs r10, r10, r2
- adc r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #120]
- str r11, [sp, #124]
-#else
- strd r10, r11, [sp, #120]
-#endif
+ mov r3, sp
+ ldr r2, [sp, #160]
+ add r1, sp, #0x80
+ ldr r0, [sp, #160]
+ bl fe_add_sub_op
+ add r3, sp, #32
+ add r2, sp, #0x40
+ add r1, sp, #0x60
+ mov r0, sp
+ bl fe_add_sub_op
ldr r2, [sp, #160]
add r1, sp, #0x60
add r0, sp, #32
- bl fe_mul
+ bl fe_mul_op
add r2, sp, #0x80
- add r1, sp, #0
- add r0, sp, #0
- bl fe_mul
+ mov r1, sp
+ mov r0, sp
+ bl fe_mul_op
add r1, sp, #0x80
- add r0, sp, #0x60
- bl fe_sq
- ldr r1, [sp, #160]
add r0, sp, #0x80
- bl fe_sq
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #32]
- ldr r5, [sp, #36]
-#else
- ldrd r4, r5, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp]
- ldr r7, [sp, #4]
-#else
- ldrd r6, r7, [sp]
-#endif
- adds r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #64]
- str r9, [sp, #68]
-#else
- strd r8, r9, [sp, #64]
-#endif
- # Sub
- subs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp]
- str r11, [sp, #4]
-#else
- strd r10, r11, [sp]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #40]
- ldr r5, [sp, #44]
-#else
- ldrd r4, r5, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #8]
- ldr r7, [sp, #12]
-#else
- ldrd r6, r7, [sp, #8]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #72]
- str r9, [sp, #76]
-#else
- strd r8, r9, [sp, #72]
-#endif
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #8]
- str r11, [sp, #12]
-#else
- strd r10, r11, [sp, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #48]
- ldr r5, [sp, #52]
-#else
- ldrd r4, r5, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #16]
- ldr r7, [sp, #20]
-#else
- ldrd r6, r7, [sp, #16]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- mov r3, #0
- adcs r9, r5, r7
- adc r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #80]
- str r9, [sp, #84]
-#else
- strd r8, r9, [sp, #80]
-#endif
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- mov r12, #0
- sbcs r11, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #16]
- str r11, [sp, #20]
-#else
- strd r10, r11, [sp, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #56]
- ldr r5, [sp, #60]
-#else
- ldrd r4, r5, [sp, #56]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #24]
- ldr r7, [sp, #28]
-#else
- ldrd r6, r7, [sp, #24]
-#endif
- adds r3, r3, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds r12, r12, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r3, #-19
- asr r2, r9, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #64]
- ldr r5, [sp, #68]
-#else
- ldrd r4, r5, [sp, #64]
-#endif
- subs r4, r4, r3
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #64]
- str r5, [sp, #68]
-#else
- strd r4, r5, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #72]
- ldr r5, [sp, #76]
-#else
- ldrd r4, r5, [sp, #72]
-#endif
- sbcs r4, r4, r2
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #72]
- str r5, [sp, #76]
-#else
- strd r4, r5, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #80]
- ldr r5, [sp, #84]
-#else
- ldrd r4, r5, [sp, #80]
-#endif
- sbcs r4, r4, r2
- sbcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #80]
- str r5, [sp, #84]
-#else
- strd r4, r5, [sp, #80]
-#endif
- sbcs r8, r8, r2
- sbc r9, r9, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #88]
- str r9, [sp, #92]
-#else
- strd r8, r9, [sp, #88]
-#endif
- mov r3, #-19
- asr r2, r11, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp]
- ldr r5, [sp, #4]
-#else
- ldrd r4, r5, [sp]
-#endif
- adds r4, r4, r3
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp]
- str r5, [sp, #4]
-#else
- strd r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #8]
- ldr r5, [sp, #12]
-#else
- ldrd r4, r5, [sp, #8]
-#endif
- adcs r4, r4, r2
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #8]
- str r5, [sp, #12]
-#else
- strd r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #16]
- ldr r5, [sp, #20]
-#else
- ldrd r4, r5, [sp, #16]
-#endif
- adcs r4, r4, r2
- adcs r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #16]
- str r5, [sp, #20]
-#else
- strd r4, r5, [sp, #16]
-#endif
- adcs r10, r10, r2
- adc r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #24]
- str r11, [sp, #28]
-#else
- strd r10, r11, [sp, #24]
-#endif
- add r2, sp, #0x60
- add r1, sp, #0x80
+ bl fe_sq_op
+ ldr r1, [sp, #160]
+ add r0, sp, #0x60
+ bl fe_sq_op
+ mov r3, sp
+ add r2, sp, #32
+ mov r1, sp
+ add r0, sp, #0x40
+ bl fe_add_sub_op
+ add r2, sp, #0x80
+ add r1, sp, #0x60
ldr r0, [sp, #160]
- bl fe_mul
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #128]
- ldr r5, [sp, #132]
-#else
- ldrd r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #136]
- ldr r7, [sp, #140]
-#else
- ldrd r6, r7, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #96]
- ldr r9, [sp, #100]
-#else
- ldrd r8, r9, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #104]
- ldr r11, [sp, #108]
-#else
- ldrd r10, r11, [sp, #104]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #128]
- str r9, [sp, #132]
-#else
- strd r8, r9, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #136]
- str r11, [sp, #140]
-#else
- strd r10, r11, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #144]
- ldr r5, [sp, #148]
-#else
- ldrd r4, r5, [sp, #144]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #152]
- ldr r7, [sp, #156]
-#else
- ldrd r6, r7, [sp, #152]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #112]
- ldr r9, [sp, #116]
-#else
- ldrd r8, r9, [sp, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #120]
- ldr r11, [sp, #124]
-#else
- ldrd r10, r11, [sp, #120]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r3, #-19
- asr r2, r11, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #128]
- ldr r5, [sp, #132]
-#else
- ldrd r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #136]
- ldr r7, [sp, #140]
-#else
- ldrd r6, r7, [sp, #136]
-#endif
- adds r4, r4, r3
- adcs r5, r5, r2
- adcs r6, r6, r2
- adcs r7, r7, r2
- adcs r8, r8, r2
- adcs r9, r9, r2
- adcs r10, r10, r2
- adc r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #128]
- str r5, [sp, #132]
-#else
- strd r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #136]
- str r7, [sp, #140]
-#else
- strd r6, r7, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #144]
- str r9, [sp, #148]
-#else
- strd r8, r9, [sp, #144]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #152]
- str r11, [sp, #156]
-#else
- strd r10, r11, [sp, #152]
-#endif
- add r1, sp, #0
- add r0, sp, #0
- bl fe_sq
- # Multiply by 121666
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #128]
- ldr r5, [sp, #132]
-#else
- ldrd r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #136]
- ldr r7, [sp, #140]
-#else
- ldrd r6, r7, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #144]
- ldr r9, [sp, #148]
-#else
- ldrd r8, r9, [sp, #144]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #152]
- ldr r11, [sp, #156]
-#else
- ldrd r10, r11, [sp, #152]
-#endif
- movw r12, #0xdb42
- movt r12, #1
- umull r4, r2, r4, r12
- umull r5, r3, r5, r12
- adds r5, r5, r2
- adc r2, r3, #0
- umull r6, r3, r6, r12
- adds r6, r6, r2
- adc r2, r3, #0
- umull r7, r3, r7, r12
- adds r7, r7, r2
- adc r2, r3, #0
- umull r8, r3, r8, r12
- adds r8, r8, r2
- adc r2, r3, #0
- umull r9, r3, r9, r12
- adds r9, r9, r2
- adc r2, r3, #0
- umull r10, r3, r10, r12
- adds r10, r10, r2
- adc r2, r3, #0
- umull r11, r3, r11, r12
- adds r11, r11, r2
- adc r2, r3, #0
- mov r12, #19
- lsl r2, r2, #1
- orr r2, r2, r11, lsr #31
- mul r2, r2, r12
- and r11, r11, #0x7fffffff
- adds r4, r4, r2
- adcs r5, r5, #0
- adcs r6, r6, #0
- adcs r7, r7, #0
- adcs r8, r8, #0
- adcs r9, r9, #0
- adcs r10, r10, #0
- adc r11, r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #32]
- str r5, [sp, #36]
-#else
- strd r4, r5, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #40]
- str r7, [sp, #44]
-#else
- strd r6, r7, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #48]
- str r9, [sp, #52]
-#else
- strd r8, r9, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #56]
- str r11, [sp, #60]
-#else
- strd r10, r11, [sp, #56]
-#endif
+ bl fe_mul_op
+ add r2, sp, #0x80
+ add r1, sp, #0x60
+ add r0, sp, #0x60
+ bl fe_sub_op
+ mov r1, sp
+ mov r0, sp
+ bl fe_sq_op
+ add r1, sp, #0x60
+ add r0, sp, #32
+ bl fe_mul121666
add r1, sp, #0x40
add r0, sp, #0x40
- bl fe_sq
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #96]
- ldr r5, [sp, #100]
-#else
- ldrd r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #104]
- ldr r7, [sp, #108]
-#else
- ldrd r6, r7, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #32]
- ldr r9, [sp, #36]
-#else
- ldrd r8, r9, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #40]
- ldr r11, [sp, #44]
-#else
- ldrd r10, r11, [sp, #40]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #96]
- str r9, [sp, #100]
-#else
- strd r8, r9, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #104]
- str r11, [sp, #108]
-#else
- strd r10, r11, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #112]
- ldr r5, [sp, #116]
-#else
- ldrd r4, r5, [sp, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #120]
- ldr r7, [sp, #124]
-#else
- ldrd r6, r7, [sp, #120]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [sp, #48]
- ldr r9, [sp, #52]
-#else
- ldrd r8, r9, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [sp, #56]
- ldr r11, [sp, #60]
-#else
- ldrd r10, r11, [sp, #56]
-#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r3, #-19
- asr r2, r11, #31
- # Mask the modulus
- and r3, r2, r3
- and r12, r2, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [sp, #96]
- ldr r5, [sp, #100]
-#else
- ldrd r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [sp, #104]
- ldr r7, [sp, #108]
-#else
- ldrd r6, r7, [sp, #104]
-#endif
- subs r4, r4, r3
- sbcs r5, r5, r2
- sbcs r6, r6, r2
- sbcs r7, r7, r2
- sbcs r8, r8, r2
- sbcs r9, r9, r2
- sbcs r10, r10, r2
- sbc r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [sp, #96]
- str r5, [sp, #100]
-#else
- strd r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [sp, #104]
- str r7, [sp, #108]
-#else
- strd r6, r7, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [sp, #112]
- str r9, [sp, #116]
-#else
- strd r8, r9, [sp, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [sp, #120]
- str r11, [sp, #124]
-#else
- strd r10, r11, [sp, #120]
-#endif
- add r2, sp, #0
+ bl fe_sq_op
+ add r2, sp, #32
+ add r1, sp, #0x80
+ add r0, sp, #0x80
+ bl fe_add_op
+ mov r2, sp
ldr r1, [sp, #168]
add r0, sp, #32
- bl fe_mul
- add r2, sp, #0x60
- add r1, sp, #0x80
- add r0, sp, #0
- bl fe_mul
+ bl fe_mul_op
+ add r2, sp, #0x80
+ add r1, sp, #0x60
+ mov r0, sp
+ bl fe_mul_op
ldr r2, [sp, #176]
ldr r1, [sp, #180]
subs r1, r1, #1
@@ -5677,1524 +3739,1570 @@ L_curve25519_bits:
str r2, [sp, #176]
bge L_curve25519_words
# Invert
- add r0, sp, #32
add r1, sp, #0
- bl fe_sq
- add r0, sp, #0x40
+ add r0, sp, #32
+ bl fe_sq_op
add r1, sp, #32
- bl fe_sq
add r0, sp, #0x40
+ bl fe_sq_op
add r1, sp, #0x40
- bl fe_sq
add r0, sp, #0x40
+ bl fe_sq_op
+ add r2, sp, #0x40
add r1, sp, #0
+ add r0, sp, #0x40
+ bl fe_mul_op
add r2, sp, #0x40
- bl fe_mul
+ add r1, sp, #32
add r0, sp, #32
+ bl fe_mul_op
add r1, sp, #32
- add r2, sp, #0x40
- bl fe_mul
add r0, sp, #0x60
- add r1, sp, #32
- bl fe_sq
+ bl fe_sq_op
+ add r2, sp, #0x60
+ add r1, sp, #0x40
add r0, sp, #0x40
+ bl fe_mul_op
add r1, sp, #0x40
- add r2, sp, #0x60
- bl fe_mul
add r0, sp, #0x60
- add r1, sp, #0x40
- bl fe_sq
- mov r4, #4
+ bl fe_sq_op
+ mov r12, #4
L_curve25519_inv_1:
- add r0, sp, #0x60
add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_curve25519_inv_1
+ add r2, sp, #0x40
+ add r1, sp, #0x60
add r0, sp, #0x40
+ bl fe_mul_op
+ add r1, sp, #0x40
+ add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #9
+L_curve25519_inv_2:
add r1, sp, #0x60
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_2
add r2, sp, #0x40
- bl fe_mul
+ add r1, sp, #0x60
add r0, sp, #0x60
- add r1, sp, #0x40
- bl fe_sq
- mov r4, #9
-L_curve25519_inv_2:
+ bl fe_mul_op
+ add r1, sp, #0x60
+ add r0, sp, #0x80
+ bl fe_sq_op
+ mov r12, #19
+L_curve25519_inv_3:
+ add r1, sp, #0x80
+ add r0, sp, #0x80
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_3
+ add r2, sp, #0x60
+ add r1, sp, #0x80
add r0, sp, #0x60
+ bl fe_mul_op
+ mov r12, #10
+L_curve25519_inv_4:
add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_curve25519_inv_2
add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_4
+ add r2, sp, #0x40
+ add r1, sp, #0x60
+ add r0, sp, #0x40
+ bl fe_mul_op
+ add r1, sp, #0x40
+ add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #49
+L_curve25519_inv_5:
add r1, sp, #0x60
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_5
add r2, sp, #0x40
- bl fe_mul
+ add r1, sp, #0x60
+ add r0, sp, #0x60
+ bl fe_mul_op
+ add r1, sp, #0x60
add r0, sp, #0x80
+ bl fe_sq_op
+ mov r12, #0x63
+L_curve25519_inv_6:
+ add r1, sp, #0x80
+ add r0, sp, #0x80
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_6
+ add r2, sp, #0x60
+ add r1, sp, #0x80
+ add r0, sp, #0x60
+ bl fe_mul_op
+ mov r12, #50
+L_curve25519_inv_7:
add r1, sp, #0x60
- bl fe_sq
- mov r4, #19
-L_curve25519_inv_3:
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_7
+ add r2, sp, #0x40
+ add r1, sp, #0x60
+ add r0, sp, #0x40
+ bl fe_mul_op
+ mov r12, #5
+L_curve25519_inv_8:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_8
+ add r2, sp, #32
+ add r1, sp, #0x40
+ add r0, sp, #0
+ bl fe_mul_op
+ mov r2, sp
+ ldr r1, [sp, #160]
+ ldr r0, [sp, #160]
+ bl fe_mul_op
+ mov r0, #0
+ add sp, sp, #0xbc
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size curve25519,.-curve25519
+#else
+ .text
+ .align 4
+ .globl curve25519
+ .type curve25519, %function
+curve25519:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #0xc0
+ str r0, [sp, #176]
+ str r1, [sp, #160]
+ str r2, [sp, #172]
+ add r5, sp, #0x40
+ add r4, sp, #32
+ str sp, [sp, #184]
+ str r5, [sp, #180]
+ str r4, [sp, #188]
+ mov r1, #0
+ str r1, [sp, #164]
+ mov r4, #1
+ mov r5, #0
+ mov r6, #0
+ mov r7, #0
+ mov r8, #0
+ mov r9, #0
+ mov r10, #0
+ mov r11, #0
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ add r3, sp, #32
+ stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ mov r4, #0
+ mov r3, sp
+ stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ add r3, sp, #0x40
+ # Copy
+ ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+ stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ mov r2, #0xfe
+L_curve25519_bits:
+ str r2, [sp, #168]
+ ldr r1, [sp, #160]
+ and r4, r2, #31
+ lsr r2, r2, #5
+ ldr r2, [r1, r2, lsl #2]
+ rsb r4, r4, #31
+ lsl r2, r2, r4
+ ldr r1, [sp, #164]
+ eor r1, r1, r2
+ asr r1, r1, #31
+ str r2, [sp, #164]
+ # Conditional Swap
+ add r11, sp, #0xb0
+ ldm r11, {r4, r5, r6, r7}
+ eor r8, r4, r5
+ eor r9, r6, r7
+ and r8, r8, r1
+ and r9, r9, r1
+ eor r4, r4, r8
+ eor r5, r5, r8
+ eor r6, r6, r9
+ eor r7, r7, r9
+ stm r11, {r4, r5, r6, r7}
+ # Ladder step
+ ldr r3, [sp, #184]
+ ldr r2, [sp, #176]
+ add r1, sp, #0x80
+ ldr r0, [sp, #176]
+ bl fe_add_sub_op
+ ldr r3, [sp, #188]
+ ldr r2, [sp, #180]
+ add r1, sp, #0x60
+ ldr r0, [sp, #184]
+ bl fe_add_sub_op
+ ldr r2, [sp, #176]
+ add r1, sp, #0x60
+ ldr r0, [sp, #188]
+ bl fe_mul_op
+ add r2, sp, #0x80
+ ldr r1, [sp, #184]
+ ldr r0, [sp, #184]
+ bl fe_mul_op
+ add r1, sp, #0x80
+ add r0, sp, #0x60
+ bl fe_sq_op
+ ldr r1, [sp, #176]
add r0, sp, #0x80
+ bl fe_sq_op
+ ldr r3, [sp, #184]
+ ldr r2, [sp, #188]
+ ldr r1, [sp, #184]
+ ldr r0, [sp, #180]
+ bl fe_add_sub_op
+ add r2, sp, #0x60
add r1, sp, #0x80
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_curve25519_inv_3
+ ldr r0, [sp, #176]
+ bl fe_mul_op
+ add r2, sp, #0x60
+ add r1, sp, #0x80
+ add r0, sp, #0x80
+ bl fe_sub_op
+ ldr r1, [sp, #184]
+ ldr r0, [sp, #184]
+ bl fe_sq_op
+ add r1, sp, #0x80
+ ldr r0, [sp, #188]
+ bl fe_mul121666
+ ldr r1, [sp, #180]
+ ldr r0, [sp, #180]
+ bl fe_sq_op
+ ldr r2, [sp, #188]
+ add r1, sp, #0x60
add r0, sp, #0x60
+ bl fe_add_op
+ ldr r2, [sp, #184]
+ ldr r1, [sp, #172]
+ ldr r0, [sp, #188]
+ bl fe_mul_op
+ add r2, sp, #0x60
add r1, sp, #0x80
+ ldr r0, [sp, #184]
+ bl fe_mul_op
+ ldr r2, [sp, #168]
+ subs r2, r2, #1
+ bge L_curve25519_bits
+ ldr r1, [sp, #184]
+ # Copy
+ ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ stm sp, {r4, r5, r6, r7, r8, r9, r10, r11}
+ # Invert
+ add r1, sp, #0
+ add r0, sp, #32
+ bl fe_sq_op
+ add r1, sp, #32
+ add r0, sp, #0x40
+ bl fe_sq_op
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ bl fe_sq_op
+ add r2, sp, #0x40
+ add r1, sp, #0
+ add r0, sp, #0x40
+ bl fe_mul_op
+ add r2, sp, #0x40
+ add r1, sp, #32
+ add r0, sp, #32
+ bl fe_mul_op
+ add r1, sp, #32
+ add r0, sp, #0x60
+ bl fe_sq_op
add r2, sp, #0x60
- bl fe_mul
- mov r4, #10
-L_curve25519_inv_4:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ bl fe_mul_op
+ add r1, sp, #0x40
add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #4
+L_curve25519_inv_1:
+ add r1, sp, #0x60
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_1
+ add r2, sp, #0x40
add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
- bne L_curve25519_inv_4
add r0, sp, #0x40
+ bl fe_mul_op
+ add r1, sp, #0x40
+ add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #9
+L_curve25519_inv_2:
add r1, sp, #0x60
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_2
add r2, sp, #0x40
- bl fe_mul
+ add r1, sp, #0x60
+ add r0, sp, #0x60
+ bl fe_mul_op
+ add r1, sp, #0x60
+ add r0, sp, #0x80
+ bl fe_sq_op
+ mov r12, #19
+L_curve25519_inv_3:
+ add r1, sp, #0x80
+ add r0, sp, #0x80
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_3
+ add r2, sp, #0x60
+ add r1, sp, #0x80
+ add r0, sp, #0x60
+ bl fe_mul_op
+ mov r12, #10
+L_curve25519_inv_4:
+ add r1, sp, #0x60
add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_curve25519_inv_4
+ add r2, sp, #0x40
+ add r1, sp, #0x60
+ add r0, sp, #0x40
+ bl fe_mul_op
add r1, sp, #0x40
- bl fe_sq
- mov r4, #49
-L_curve25519_inv_5:
add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #49
+L_curve25519_inv_5:
add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_curve25519_inv_5
+ add r2, sp, #0x40
+ add r1, sp, #0x60
add r0, sp, #0x60
+ bl fe_mul_op
add r1, sp, #0x60
- add r2, sp, #0x40
- bl fe_mul
add r0, sp, #0x80
- add r1, sp, #0x60
- bl fe_sq
- mov r4, #0x63
+ bl fe_sq_op
+ mov r12, #0x63
L_curve25519_inv_6:
- add r0, sp, #0x80
add r1, sp, #0x80
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x80
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_curve25519_inv_6
- add r0, sp, #0x60
- add r1, sp, #0x80
add r2, sp, #0x60
- bl fe_mul
- mov r4, #50
-L_curve25519_inv_7:
+ add r1, sp, #0x80
add r0, sp, #0x60
+ bl fe_mul_op
+ mov r12, #50
+L_curve25519_inv_7:
add r1, sp, #0x60
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_curve25519_inv_7
- add r0, sp, #0x40
- add r1, sp, #0x60
add r2, sp, #0x40
- bl fe_mul
- mov r4, #5
-L_curve25519_inv_8:
+ add r1, sp, #0x60
add r0, sp, #0x40
+ bl fe_mul_op
+ mov r12, #5
+L_curve25519_inv_8:
add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_curve25519_inv_8
- add r0, sp, #0
- add r1, sp, #0x40
add r2, sp, #32
- bl fe_mul
- add r2, sp, #0
- ldr r1, [sp, #160]
- ldr r0, [sp, #160]
- bl fe_mul
+ add r1, sp, #0x40
+ add r0, sp, #0
+ bl fe_mul_op
+ ldr r2, [sp, #184]
+ ldr r1, [sp, #176]
+ ldr r0, [sp, #176]
+ bl fe_mul_op
+ # Ensure result is less than modulus
+ ldr r0, [sp, #176]
+ ldm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ mov r2, #19
+ and r2, r2, r11, asr #31
+ adds r4, r4, r2
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adcs r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0x80000000
+#else
+ bfc r11, #31, #1
+#endif
+ adcs r10, r10, #0
+ adc r11, r11, #0
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
mov r0, #0
- add sp, sp, #0xbc
+ add sp, sp, #0xc0
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size curve25519,.-curve25519
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+ .text
+ .align 4
+ .globl fe_invert
+ .type fe_invert, %function
+fe_invert:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #0x88
+ # Invert
+ str r0, [sp, #128]
+ str r1, [sp, #132]
+ ldr r1, [sp, #132]
+ mov r0, sp
+ bl fe_sq_op
+ mov r1, sp
+ add r0, sp, #32
+ bl fe_sq_op
+ add r1, sp, #32
+ add r0, sp, #32
+ bl fe_sq_op
+ add r2, sp, #32
+ ldr r1, [sp, #132]
+ add r0, sp, #32
+ bl fe_mul_op
+ add r2, sp, #32
+ mov r1, sp
+ mov r0, sp
+ bl fe_mul_op
+ mov r1, sp
+ add r0, sp, #0x40
+ bl fe_sq_op
+ add r2, sp, #0x40
+ add r1, sp, #32
+ add r0, sp, #32
+ bl fe_mul_op
+ add r1, sp, #32
+ add r0, sp, #0x40
+ bl fe_sq_op
+ mov r12, #4
+L_fe_invert1:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert1
+ add r2, sp, #32
+ add r1, sp, #0x40
+ add r0, sp, #32
+ bl fe_mul_op
+ add r1, sp, #32
+ add r0, sp, #0x40
+ bl fe_sq_op
+ mov r12, #9
+L_fe_invert2:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert2
+ add r2, sp, #32
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ bl fe_mul_op
+ add r1, sp, #0x40
+ add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #19
+L_fe_invert3:
+ add r1, sp, #0x60
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert3
+ add r2, sp, #0x40
+ add r1, sp, #0x60
+ add r0, sp, #0x40
+ bl fe_mul_op
+ mov r12, #10
+L_fe_invert4:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert4
+ add r2, sp, #32
+ add r1, sp, #0x40
+ add r0, sp, #32
+ bl fe_mul_op
+ add r1, sp, #32
+ add r0, sp, #0x40
+ bl fe_sq_op
+ mov r12, #49
+L_fe_invert5:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert5
+ add r2, sp, #32
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ bl fe_mul_op
+ add r1, sp, #0x40
+ add r0, sp, #0x60
+ bl fe_sq_op
+ mov r12, #0x63
+L_fe_invert6:
+ add r1, sp, #0x60
+ add r0, sp, #0x60
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert6
+ add r2, sp, #0x40
+ add r1, sp, #0x60
+ add r0, sp, #0x40
+ bl fe_mul_op
+ mov r12, #50
+L_fe_invert7:
+ add r1, sp, #0x40
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert7
+ add r2, sp, #32
+ add r1, sp, #0x40
+ add r0, sp, #32
+ bl fe_mul_op
+ mov r12, #5
+L_fe_invert8:
+ add r1, sp, #32
+ add r0, sp, #32
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
+ bne L_fe_invert8
+ mov r2, sp
+ add r1, sp, #32
+ ldr r0, [sp, #128]
+ bl fe_mul_op
+ ldr r1, [sp, #132]
+ ldr r0, [sp, #128]
+ add sp, sp, #0x88
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size fe_invert,.-fe_invert
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ .text
+ .align 4
+ .globl fe_sq2
+ .type fe_sq2, %function
+fe_sq2:
+ push {lr}
+ sub sp, sp, #0x44
+ str r0, [sp, #64]
+ # Square * 2
+ mov r0, #0
+ ldr r12, [r1]
+ # A[0] * A[1]
+ ldr lr, [r1, #4]
+ umull r4, r5, r12, lr
+ # A[0] * A[3]
+ ldr lr, [r1, #12]
+ umull r6, r7, r12, lr
+ # A[0] * A[5]
+ ldr lr, [r1, #20]
+ umull r8, r9, r12, lr
+ # A[0] * A[7]
+ ldr lr, [r1, #28]
+ umull r10, r3, r12, lr
+ # A[0] * A[2]
+ ldr lr, [r1, #8]
+ mov r11, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[0] * A[4]
+ ldr lr, [r1, #16]
+ adcs r7, r7, #0
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[0] * A[6]
+ ldr lr, [r1, #24]
+ adcs r9, r9, #0
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ adcs r3, r3, #0
+ str r4, [sp, #4]
+ str r5, [sp, #8]
+ # A[1] * A[2]
+ ldr r12, [r1, #4]
+ ldr lr, [r1, #8]
+ mov r11, #0
+ umlal r6, r11, r12, lr
+ str r6, [sp, #12]
+ adds r7, r7, r11
+ # A[1] * A[3]
+ ldr lr, [r1, #12]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ str r7, [sp, #16]
+ adds r8, r8, r11
+ # A[1] * A[4]
+ ldr lr, [r1, #16]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[1] * A[5]
+ ldr lr, [r1, #20]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[1] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[1] * A[7]
+ ldr lr, [r1, #28]
+ adc r4, r0, #0
+ umlal r3, r4, r12, lr
+ # A[2] * A[3]
+ ldr r12, [r1, #8]
+ ldr lr, [r1, #12]
+ mov r11, #0
+ umlal r8, r11, r12, lr
+ str r8, [sp, #20]
+ adds r9, r9, r11
+ # A[2] * A[4]
+ ldr lr, [r1, #16]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ str r9, [sp, #24]
+ adds r10, r10, r11
+ # A[2] * A[5]
+ ldr lr, [r1, #20]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[2] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[2] * A[7]
+ ldr lr, [r1, #28]
+ adc r5, r0, #0
+ umlal r4, r5, r12, lr
+ # A[3] * A[4]
+ ldr r12, [r1, #12]
+ ldr lr, [r1, #16]
+ mov r11, #0
+ umlal r10, r11, r12, lr
+ str r10, [sp, #28]
+ adds r3, r3, r11
+ # A[3] * A[5]
+ ldr lr, [r1, #20]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[3] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[3] * A[7]
+ ldr lr, [r1, #28]
+ adc r6, r0, #0
+ umlal r5, r6, r12, lr
+ # A[4] * A[5]
+ ldr r12, [r1, #16]
+ ldr lr, [r1, #20]
+ mov r11, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[4] * A[6]
+ ldr lr, [r1, #24]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[4] * A[7]
+ ldr lr, [r1, #28]
+ adc r7, r0, #0
+ umlal r6, r7, r12, lr
+ # A[5] * A[6]
+ ldr r12, [r1, #20]
+ ldr lr, [r1, #24]
+ mov r11, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[5] * A[7]
+ ldr lr, [r1, #28]
+ adc r8, r0, #0
+ umlal r7, r8, r12, lr
+ # A[6] * A[7]
+ ldr r12, [r1, #24]
+ ldr lr, [r1, #28]
+ mov r9, #0
+ umlal r8, r9, r12, lr
+ add lr, sp, #32
+ stm lr, {r3, r4, r5, r6, r7, r8, r9}
+ add lr, sp, #4
+ ldm lr, {r4, r5, r6, r7, r8, r9, r10}
+ adds r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adcs r10, r10, r10
+ stm lr!, {r4, r5, r6, r7, r8, r9, r10}
+ ldm lr, {r3, r4, r5, r6, r7, r8, r9}
+ adcs r3, r3, r3
+ adcs r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adc r10, r0, #0
+ stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ add lr, sp, #4
+ ldm lr, {r4, r5, r6, r7, r8, r9, r10}
+ mov lr, sp
+ # A[0] * A[0]
+ ldr r12, [r1]
+ umull r3, r11, r12, r12
+ adds r4, r4, r11
+ # A[1] * A[1]
+ ldr r12, [r1, #4]
+ adcs r5, r5, #0
+ adc r11, r0, #0
+ umlal r5, r11, r12, r12
+ adds r6, r6, r11
+ # A[2] * A[2]
+ ldr r12, [r1, #8]
+ adcs r7, r7, #0
+ adc r11, r0, #0
+ umlal r7, r11, r12, r12
+ adds r8, r8, r11
+ # A[3] * A[3]
+ ldr r12, [r1, #12]
+ adcs r9, r9, #0
+ adc r11, r0, #0
+ umlal r9, r11, r12, r12
+ adds r10, r10, r11
+ stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+ ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ # A[4] * A[4]
+ ldr r12, [r1, #16]
+ adcs r3, r3, #0
+ adc r11, r0, #0
+ umlal r3, r11, r12, r12
+ adds r4, r4, r11
+ # A[5] * A[5]
+ ldr r12, [r1, #20]
+ adcs r5, r5, #0
+ adc r11, r0, #0
+ umlal r5, r11, r12, r12
+ adds r6, r6, r11
+ # A[6] * A[6]
+ ldr r12, [r1, #24]
+ adcs r7, r7, #0
+ adc r11, r0, #0
+ umlal r7, r11, r12, r12
+ adds r8, r8, r11
+ # A[7] * A[7]
+ ldr r12, [r1, #28]
+ adcs r9, r9, #0
+ adc r10, r10, #0
+ umlal r9, r10, r12, r12
+ # Reduce
+ ldr r2, [sp, #28]
+ mov lr, sp
+ mov r12, #38
+ umull r10, r11, r12, r10
+ adds r10, r10, r2
+ adc r11, r11, #0
+ mov r12, #19
+ lsl r11, r11, #1
+ orr r11, r11, r10, LSR #31
+ mul r11, r12, r11
+ ldm lr!, {r1, r2}
+ mov r12, #38
+ adds r1, r1, r11
+ adc r11, r0, #0
+ umlal r1, r11, r3, r12
+ adds r2, r2, r11
+ adc r11, r0, #0
+ umlal r2, r11, r4, r12
+ ldm lr!, {r3, r4}
+ adds r3, r3, r11
+ adc r11, r0, #0
+ umlal r3, r11, r5, r12
+ adds r4, r4, r11
+ adc r11, r0, #0
+ umlal r4, r11, r6, r12
+ ldm lr!, {r5, r6}
+ adds r5, r5, r11
+ adc r11, r0, #0
+ umlal r5, r11, r7, r12
+ adds r6, r6, r11
+ adc r11, r0, #0
+ umlal r6, r11, r8, r12
+ ldm lr!, {r7, r8}
+ adds r7, r7, r11
+ adc r11, r0, #0
+ umlal r7, r11, r9, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r10, r10, #0x80000000
+#else
+ bfc r10, #31, #1
+#endif
+ adds r8, r10, r11
+ # Reduce if top bit set
+ mov r12, #19
+ and r11, r12, r8, ASR #31
+ adds r1, r1, r11
+ adcs r2, r2, #0
+ adcs r3, r3, #0
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r8, r8, #0x80000000
+#else
+ bfc r8, #31, #1
+#endif
+ adcs r7, r7, #0
+ adc r8, r8, #0
+ # Double
+ adds r1, r1, r1
+ adcs r2, r2, r2
+ adcs r3, r3, r3
+ adcs r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adc r8, r8, r8
+ # Reduce if top bit set
+ mov r12, #19
+ and r11, r12, r8, ASR #31
+ adds r1, r1, r11
+ adcs r2, r2, #0
+ adcs r3, r3, #0
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r8, r8, #0x80000000
+#else
+ bfc r8, #31, #1
+#endif
+ adcs r7, r7, #0
+ adc r8, r8, #0
+ # Store
+ ldr r0, [sp, #64]
+ stm r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+ add sp, sp, #0x44
+ pop {pc}
+ .size fe_sq2,.-fe_sq2
+#else
+ .text
+ .align 4
+ .globl fe_sq2
+ .type fe_sq2, %function
+fe_sq2:
+ push {lr}
+ sub sp, sp, #36
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r0, [sp, #28]
+ str r1, [sp, #32]
+#else
+ strd r0, r1, [sp, #28]
+#endif
+ ldm r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+ # Square * 2
+ umull r9, r10, r0, r0
+ umull r11, r12, r0, r1
+ adds r11, r11, r11
+ mov lr, #0
+ umaal r10, r11, lr, lr
+ stm sp, {r9, r10}
+ mov r8, lr
+ umaal r8, r12, r0, r2
+ adcs r8, r8, r8
+ umaal r8, r11, r1, r1
+ umull r9, r10, r0, r3
+ umaal r9, r12, r1, r2
+ adcs r9, r9, r9
+ umaal r9, r11, lr, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r8, [sp, #8]
+ str r9, [sp, #12]
+#else
+ strd r8, r9, [sp, #8]
+#endif
+ mov r9, lr
+ umaal r9, r10, r0, r4
+ umaal r9, r12, r1, r3
+ adcs r9, r9, r9
+ umaal r9, r11, r2, r2
+ str r9, [sp, #16]
+ umull r9, r8, r0, r5
+ umaal r9, r12, r1, r4
+ umaal r9, r10, r2, r3
+ adcs r9, r9, r9
+ umaal r9, r11, lr, lr
+ str r9, [sp, #20]
+ mov r9, lr
+ umaal r9, r8, r0, r6
+ umaal r9, r12, r1, r5
+ umaal r9, r10, r2, r4
+ adcs r9, r9, r9
+ umaal r9, r11, r3, r3
+ str r9, [sp, #24]
+ umull r0, r9, r0, r7
+ umaal r0, r8, r1, r6
+ umaal r0, r12, r2, r5
+ umaal r0, r10, r3, r4
+ adcs r0, r0, r0
+ umaal r0, r11, lr, lr
+ # R[7] = r0
+ umaal r9, r8, r1, r7
+ umaal r9, r10, r2, r6
+ umaal r12, r9, r3, r5
+ adcs r12, r12, r12
+ umaal r12, r11, r4, r4
+ # R[8] = r12
+ umaal r9, r8, r2, r7
+ umaal r10, r9, r3, r6
+ mov r2, lr
+ umaal r10, r2, r4, r5
+ adcs r10, r10, r10
+ umaal r11, r10, lr, lr
+ # R[9] = r11
+ umaal r2, r8, r3, r7
+ umaal r2, r9, r4, r6
+ adcs r3, r2, r2
+ umaal r10, r3, r5, r5
+ # R[10] = r10
+ mov r1, lr
+ umaal r1, r8, r4, r7
+ umaal r1, r9, r5, r6
+ adcs r4, r1, r1
+ umaal r3, r4, lr, lr
+ # R[11] = r3
+ umaal r8, r9, r5, r7
+ adcs r8, r8, r8
+ umaal r4, r8, r6, r6
+ # R[12] = r4
+ mov r5, lr
+ umaal r5, r9, r6, r7
+ adcs r5, r5, r5
+ umaal r8, r5, lr, lr
+ # R[13] = r8
+ adcs r9, r9, r9
+ umaal r9, r5, r7, r7
+ adcs r7, r5, lr
+ # R[14] = r9
+ # R[15] = r7
+ # Reduce
+ mov r6, #37
+ umaal r7, r0, r7, r6
+ mov r6, #19
+ lsl r0, r0, #1
+ orr r0, r0, r7, lsr #31
+ mul lr, r0, r6
+ pop {r0, r1}
+ mov r6, #38
+ umaal r0, lr, r12, r6
+ umaal r1, lr, r11, r6
+ mov r12, r3
+ mov r11, r4
+ pop {r2, r3, r4}
+ umaal r2, lr, r10, r6
+ umaal r3, lr, r12, r6
+ umaal r4, lr, r11, r6
+ mov r12, r6
+ pop {r5, r6}
+ umaal r5, lr, r8, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r7, r7, #0x80000000
+#else
+ bfc r7, #31, #1
+#endif
+ umaal r6, lr, r9, r12
+ add r7, r7, lr
+ # Reduce if top bit set
+ mov r11, #19
+ and r12, r11, r7, ASR #31
+ adds r0, r0, r12
+ adcs r1, r1, #0
+ adcs r2, r2, #0
+ adcs r3, r3, #0
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r7, r7, #0x80000000
+#else
+ bfc r7, #31, #1
+#endif
+ adcs r6, r6, #0
+ adc r7, r7, #0
+ # Double
+ adds r0, r0, r0
+ adcs r1, r1, r1
+ adcs r2, r2, r2
+ adcs r3, r3, r3
+ adcs r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adc r7, r7, r7
+ # Reduce if top bit set
+ mov r11, #19
+ and r12, r11, r7, ASR #31
+ adds r0, r0, r12
+ adcs r1, r1, #0
+ adcs r2, r2, #0
+ adcs r3, r3, #0
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r7, r7, #0x80000000
+#else
+ bfc r7, #31, #1
+#endif
+ adcs r6, r6, #0
+ adc r7, r7, #0
+ pop {r12, lr}
+ # Store
+ stm r12, {r0, r1, r2, r3, r4, r5, r6, r7}
+ mov r0, r12
+ mov r1, lr
+ pop {pc}
+ .size fe_sq2,.-fe_sq2
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
.text
.align 4
.globl fe_pow22523
.type fe_pow22523, %function
fe_pow22523:
- push {r4, lr}
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
sub sp, sp, #0x68
# pow22523
str r0, [sp, #96]
str r1, [sp, #100]
- mov r0, sp
ldr r1, [sp, #100]
- bl fe_sq
- add r0, sp, #32
+ mov r0, sp
+ bl fe_sq_op
mov r1, sp
- bl fe_sq
add r0, sp, #32
+ bl fe_sq_op
add r1, sp, #32
- bl fe_sq
add r0, sp, #32
+ bl fe_sq_op
+ add r2, sp, #32
ldr r1, [sp, #100]
+ add r0, sp, #32
+ bl fe_mul_op
add r2, sp, #32
- bl fe_mul
- mov r0, sp
mov r1, sp
- add r2, sp, #32
- bl fe_mul
mov r0, sp
+ bl fe_mul_op
mov r1, sp
- bl fe_sq
mov r0, sp
- add r1, sp, #32
+ bl fe_sq_op
mov r2, sp
- bl fe_mul
- add r0, sp, #32
+ add r1, sp, #32
+ mov r0, sp
+ bl fe_mul_op
mov r1, sp
- bl fe_sq
- mov r4, #4
-L_fe_pow22523_1:
add r0, sp, #32
+ bl fe_sq_op
+ mov r12, #4
+L_fe_pow22523_1:
add r1, sp, #32
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #32
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_1
- mov r0, sp
- add r1, sp, #32
mov r2, sp
- bl fe_mul
- add r0, sp, #32
+ add r1, sp, #32
+ mov r0, sp
+ bl fe_mul_op
mov r1, sp
- bl fe_sq
- mov r4, #9
-L_fe_pow22523_2:
add r0, sp, #32
+ bl fe_sq_op
+ mov r12, #9
+L_fe_pow22523_2:
add r1, sp, #32
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #32
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_2
+ mov r2, sp
+ add r1, sp, #32
add r0, sp, #32
+ bl fe_mul_op
add r1, sp, #32
- mov r2, sp
- bl fe_mul
add r0, sp, #0x40
- add r1, sp, #32
- bl fe_sq
- mov r4, #19
+ bl fe_sq_op
+ mov r12, #19
L_fe_pow22523_3:
- add r0, sp, #0x40
add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_3
- add r0, sp, #32
- add r1, sp, #0x40
add r2, sp, #32
- bl fe_mul
- mov r4, #10
-L_fe_pow22523_4:
+ add r1, sp, #0x40
add r0, sp, #32
+ bl fe_mul_op
+ mov r12, #10
+L_fe_pow22523_4:
add r1, sp, #32
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #32
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_4
- mov r0, sp
- add r1, sp, #32
mov r2, sp
- bl fe_mul
- add r0, sp, #32
+ add r1, sp, #32
+ mov r0, sp
+ bl fe_mul_op
mov r1, sp
- bl fe_sq
- mov r4, #49
-L_fe_pow22523_5:
add r0, sp, #32
+ bl fe_sq_op
+ mov r12, #49
+L_fe_pow22523_5:
add r1, sp, #32
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #32
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_5
+ mov r2, sp
+ add r1, sp, #32
add r0, sp, #32
+ bl fe_mul_op
add r1, sp, #32
- mov r2, sp
- bl fe_mul
add r0, sp, #0x40
- add r1, sp, #32
- bl fe_sq
- mov r4, #0x63
+ bl fe_sq_op
+ mov r12, #0x63
L_fe_pow22523_6:
- add r0, sp, #0x40
add r1, sp, #0x40
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #0x40
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_6
- add r0, sp, #32
- add r1, sp, #0x40
add r2, sp, #32
- bl fe_mul
- mov r4, #50
-L_fe_pow22523_7:
+ add r1, sp, #0x40
add r0, sp, #32
+ bl fe_mul_op
+ mov r12, #50
+L_fe_pow22523_7:
add r1, sp, #32
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ add r0, sp, #32
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_7
- mov r0, sp
- add r1, sp, #32
mov r2, sp
- bl fe_mul
- mov r4, #2
-L_fe_pow22523_8:
+ add r1, sp, #32
mov r0, sp
+ bl fe_mul_op
+ mov r12, #2
+L_fe_pow22523_8:
mov r1, sp
- bl fe_sq
- sub r4, r4, #1
- cmp r4, #0
+ mov r0, sp
+ push {r12}
+ bl fe_sq_op
+ pop {r12}
+ subs r12, r12, #1
bne L_fe_pow22523_8
- ldr r0, [sp, #96]
- mov r1, sp
ldr r2, [sp, #100]
- bl fe_mul
+ mov r1, sp
+ ldr r0, [sp, #96]
+ bl fe_mul_op
ldr r1, [sp, #100]
ldr r0, [sp, #96]
add sp, sp, #0x68
- pop {r4, pc}
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
.size fe_pow22523,.-fe_pow22523
.text
.align 4
- .globl fe_ge_to_p2
- .type fe_ge_to_p2, %function
-fe_ge_to_p2:
- push {lr}
- sub sp, sp, #16
+ .globl ge_p1p1_to_p2
+ .type ge_p1p1_to_p2, %function
+ge_p1p1_to_p2:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #8
str r0, [sp]
str r1, [sp, #4]
- str r2, [sp, #8]
- str r3, [sp, #12]
- ldr r2, [sp, #28]
- ldr r1, [sp, #12]
+ add r2, r1, #0x60
+ bl fe_mul_op
ldr r0, [sp]
- bl fe_mul
- ldr r2, [sp, #24]
- ldr r1, [sp, #20]
- ldr r0, [sp, #4]
- bl fe_mul
- ldr r2, [sp, #28]
- ldr r1, [sp, #24]
- ldr r0, [sp, #8]
- bl fe_mul
- add sp, sp, #16
- pop {pc}
- .size fe_ge_to_p2,.-fe_ge_to_p2
+ ldr r1, [sp, #4]
+ add r2, r1, #0x40
+ add r1, r1, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r1, [sp, #4]
+ add r2, r1, #0x60
+ add r1, r1, #0x40
+ add r0, r0, #0x40
+ bl fe_mul_op
+ add sp, sp, #8
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size ge_p1p1_to_p2,.-ge_p1p1_to_p2
.text
.align 4
- .globl fe_ge_to_p3
- .type fe_ge_to_p3, %function
-fe_ge_to_p3:
- push {lr}
- sub sp, sp, #16
+ .globl ge_p1p1_to_p3
+ .type ge_p1p1_to_p3, %function
+ge_p1p1_to_p3:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #8
str r0, [sp]
str r1, [sp, #4]
- str r2, [sp, #8]
- str r3, [sp, #12]
- ldr r2, [sp, #32]
- ldr r1, [sp, #20]
+ add r2, r1, #0x60
+ bl fe_mul_op
ldr r0, [sp]
- bl fe_mul
- ldr r2, [sp, #28]
- ldr r1, [sp, #24]
- ldr r0, [sp, #4]
- bl fe_mul
- ldr r2, [sp, #32]
- ldr r1, [sp, #28]
- ldr r0, [sp, #8]
- bl fe_mul
- ldr r2, [sp, #24]
- ldr r1, [sp, #20]
- ldr r0, [sp, #12]
- bl fe_mul
- add sp, sp, #16
- pop {pc}
- .size fe_ge_to_p3,.-fe_ge_to_p3
+ ldr r1, [sp, #4]
+ add r2, r1, #0x40
+ add r1, r1, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r1, [sp, #4]
+ add r2, r1, #0x60
+ add r1, r1, #0x40
+ add r0, r0, #0x40
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r1, [sp, #4]
+ add r2, r1, #32
+ add r0, r0, #0x60
+ bl fe_mul_op
+ add sp, sp, #8
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size ge_p1p1_to_p3,.-ge_p1p1_to_p3
.text
.align 4
- .globl fe_ge_dbl
- .type fe_ge_dbl, %function
-fe_ge_dbl:
+ .globl ge_p2_dbl
+ .type ge_p2_dbl, %function
+ge_p2_dbl:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #16
+ sub sp, sp, #8
str r0, [sp]
str r1, [sp, #4]
- str r2, [sp, #8]
- str r3, [sp, #12]
- ldr r1, [sp, #52]
+ bl fe_sq_op
ldr r0, [sp]
- bl fe_sq
- ldr r1, [sp, #56]
- ldr r0, [sp, #8]
- bl fe_sq
- ldr r0, [sp, #4]
- ldr r1, [sp, #52]
- ldr r2, [sp, #56]
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
ldr r1, [sp, #4]
- ldr r0, [sp, #12]
- bl fe_sq
- ldr r0, [sp, #4]
+ add r1, r1, #32
+ add r0, r0, #0x40
+ bl fe_sq_op
+ ldr r0, [sp]
+ ldr r1, [sp, #4]
+ add r2, r1, #32
+ add r0, r0, #32
+ bl fe_add_op
+ mov r1, r0
+ add r0, r0, #0x40
+ bl fe_sq_op
+ ldr r0, [sp]
+ mov r3, r0
+ add r2, r0, #0x40
+ add r1, r0, #0x40
+ add r0, r0, #32
+ bl fe_add_sub_op
+ mov r2, r0
+ add r1, r0, #0x40
+ sub r0, r0, #32
+ bl fe_sub_op
+ ldr r1, [sp, #4]
+ add r1, r1, #0x40
+ add r0, r0, #0x60
+ bl fe_sq2
+ sub r2, r0, #32
+ mov r1, r0
+ bl fe_sub_op
+ add sp, sp, #8
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size ge_p2_dbl,.-ge_p2_dbl
+ .text
+ .align 4
+ .globl ge_madd
+ .type ge_madd, %function
+ge_madd:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #12
+ str r0, [sp]
+ str r1, [sp, #4]
+ str r2, [sp, #8]
+ mov r2, r1
+ add r1, r1, #32
+ bl fe_add_op
+ ldr r1, [sp, #4]
+ mov r2, r1
+ add r1, r1, #32
+ add r0, r0, #32
+ bl fe_sub_op
+ ldr r2, [sp, #8]
+ sub r1, r0, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r2, [sp, #8]
+ add r2, r2, #32
+ add r1, r0, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
ldr r1, [sp, #8]
- ldr r2, [sp]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r2]
- ldr r7, [r2, #4]
-#else
- ldrd r6, r7, [r2]
-#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
- # Sub
- subs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r2, #8]
- ldr r7, [r2, #12]
-#else
- ldrd r6, r7, [r2, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r2, #16]
- ldr r7, [r2, #20]
-#else
- ldrd r6, r7, [r2, #16]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
+ ldr r2, [sp, #4]
+ add r2, r2, #0x60
+ add r1, r1, #0x40
+ add r0, r0, #0x60
+ bl fe_mul_op
+ ldr r0, [sp]
+ add r3, r0, #32
+ add r2, r0, #0x40
+ mov r1, r0
+ add r0, r0, #32
+ bl fe_add_sub_op
+ ldr r1, [sp, #4]
+ add r1, r1, #0x40
+ add r0, r0, #32
+ # Double
+ ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ adds r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adcs r10, r10, r10
mov lr, #0
- sbcs r11, r5, r7
+ adcs r11, r11, r11
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #24]
- ldr r5, [r1, #28]
-#else
- ldrd r4, r5, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r2, #24]
- ldr r7, [r2, #28]
-#else
- ldrd r6, r7, [r2, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
-#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
+ mov r12, #19
+ lsl lr, lr, #1
+ orr lr, lr, r11, lsr #31
+ mul r12, lr, r12
adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
-#else
- strd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
-#else
- strd r4, r5, [r1, #16]
-#endif
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adcs r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0x80000000
#else
- strd r10, r11, [r1, #24]
+ bfc r11, #31, #1
#endif
+ adcs r10, r10, #0
+ adc r11, r11, #0
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ # Done Double
+ add r3, r0, #32
+ add r1, r0, #32
+ bl fe_add_sub_op
+ add sp, sp, #12
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size ge_madd,.-ge_madd
+ .text
+ .align 4
+ .globl ge_msub
+ .type ge_msub, %function
+ge_msub:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #12
+ str r0, [sp]
+ str r1, [sp, #4]
+ str r2, [sp, #8]
+ mov r2, r1
+ add r1, r1, #32
+ bl fe_add_op
+ ldr r1, [sp, #4]
+ mov r2, r1
+ add r1, r1, #32
+ add r0, r0, #32
+ bl fe_sub_op
+ ldr r2, [sp, #8]
+ add r2, r2, #32
+ sub r1, r0, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r2, [sp, #8]
+ add r1, r0, #32
+ add r0, r0, #32
+ bl fe_mul_op
ldr r0, [sp]
- ldr r1, [sp, #12]
- ldr r2, [sp, #4]
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r1, [sp, #60]
- ldr r0, [sp, #12]
- bl fe_sq2
- ldr r0, [sp, #12]
ldr r1, [sp, #8]
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1]
- ldr r9, [r1, #4]
-#else
- ldrd r8, r9, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #8]
- ldr r11, [r1, #12]
-#else
- ldrd r10, r11, [r1, #8]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
-#else
- ldrd r6, r7, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #16]
- ldr r9, [r1, #20]
-#else
- ldrd r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #24]
- ldr r11, [r1, #28]
-#else
- ldrd r10, r11, [r1, #24]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
+ ldr r2, [sp, #4]
+ add r2, r2, #0x60
+ add r1, r1, #0x40
+ add r0, r0, #0x60
+ bl fe_mul_op
+ ldr r0, [sp]
+ add r3, r0, #32
+ add r2, r0, #0x40
+ mov r1, r0
+ add r0, r0, #32
+ bl fe_add_sub_op
+ ldr r1, [sp, #4]
+ add r1, r1, #0x40
+ add r0, r0, #32
+ # Double
+ ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ adds r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adcs r10, r10, r10
+ mov lr, #0
+ adcs r11, r11, r11
+ adc lr, lr, #0
+ mov r12, #19
+ lsl lr, lr, #1
+ orr lr, lr, r11, lsr #31
+ mul r12, lr, r12
adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adcs r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0x80000000
#else
- strd r10, r11, [r0, #24]
+ bfc r11, #31, #1
#endif
- add sp, sp, #16
+ adcs r10, r10, #0
+ adc r11, r11, #0
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ # Done Double
+ add r3, r0, #32
+ mov r1, r0
+ add r0, r0, #32
+ bl fe_add_sub_op
+ add sp, sp, #12
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_ge_dbl,.-fe_ge_dbl
+ .size ge_msub,.-ge_msub
.text
.align 4
- .globl fe_ge_madd
- .type fe_ge_madd, %function
-fe_ge_madd:
+ .globl ge_add
+ .type ge_add, %function
+ge_add:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #32
+ sub sp, sp, #44
str r0, [sp]
str r1, [sp, #4]
str r2, [sp, #8]
- str r3, [sp, #12]
+ mov r3, r1
+ add r2, r1, #32
+ add r1, r0, #32
+ bl fe_add_sub_op
+ ldr r2, [sp, #8]
+ mov r1, r0
+ add r0, r0, #0x40
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r2, [sp, #8]
+ add r2, r2, #32
+ add r1, r0, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r1, [sp, #8]
+ ldr r2, [sp, #4]
+ add r2, r2, #0x60
+ add r1, r1, #0x60
+ add r0, r0, #0x60
+ bl fe_mul_op
ldr r0, [sp]
- ldr r1, [sp, #72]
- ldr r2, [sp, #68]
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #4]
- ldr r1, [sp, #72]
- ldr r2, [sp, #68]
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r2, [sp, #88]
- ldr r1, [sp]
- ldr r0, [sp, #8]
- bl fe_mul
- ldr r2, [sp, #92]
ldr r1, [sp, #4]
- ldr r0, [sp, #4]
- bl fe_mul
- ldr r2, [sp, #80]
- ldr r1, [sp, #84]
- ldr r0, [sp, #12]
- bl fe_mul
- ldr r0, [sp, #4]
- ldr r1, [sp]
ldr r2, [sp, #8]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
-#else
- ldrd r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0]
- ldr r7, [r0, #4]
-#else
- ldrd r6, r7, [r0]
-#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
- # Sub
- subs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #8]
- ldr r5, [r2, #12]
-#else
- ldrd r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
-#else
- ldrd r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #24]
- ldr r5, [r2, #28]
-#else
- ldrd r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
-#else
- ldrd r6, r7, [r0, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
-#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
-#else
- strd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
-#else
- strd r4, r5, [r1, #16]
-#endif
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
-#else
- strd r10, r11, [r1, #24]
-#endif
- ldr r0, [sp, #8]
- ldr r1, [sp, #76]
+ add r2, r2, #0x40
+ add r1, r1, #0x40
+ bl fe_mul_op
+ ldr r1, [sp]
+ add r0, sp, #12
# Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #16]
- ldr r9, [r1, #20]
-#else
- ldrd r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #24]
- ldr r11, [r1, #28]
-#else
- ldrd r10, r11, [r1, #24]
-#endif
+ ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}
adds r4, r4, r4
adcs r5, r5, r5
adcs r6, r6, r6
@@ -7202,2782 +5310,3471 @@ fe_ge_madd:
adcs r8, r8, r8
adcs r9, r9, r9
adcs r10, r10, r10
- adc r11, r11, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1]
- ldr r7, [r1, #4]
-#else
- ldrd r6, r7, [r1]
-#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
- # Sub
- subs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
+ adcs r11, r11, r11
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #16]
- ldr r7, [r1, #20]
-#else
- ldrd r6, r7, [r1, #16]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #24]
- ldr r5, [r0, #28]
-#else
- ldrd r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
-#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
+ mov r12, #19
+ lsl lr, lr, #1
+ orr lr, lr, r11, lsr #31
+ mul r12, lr, r12
adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
-#else
- strd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
-#else
- strd r4, r5, [r1, #16]
-#endif
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adcs r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0x80000000
#else
- strd r10, r11, [r1, #24]
+ bfc r11, #31, #1
#endif
- add sp, sp, #32
+ adcs r10, r10, #0
+ adc r11, r11, #0
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ # Done Double
+ add r3, r1, #32
+ add r2, r1, #0x40
+ add r0, r1, #32
+ bl fe_add_sub_op
+ add r3, r0, #0x40
+ add r2, sp, #12
+ add r1, r0, #0x40
+ add r0, r0, #32
+ bl fe_add_sub_op
+ add sp, sp, #44
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_ge_madd,.-fe_ge_madd
+ .size ge_add,.-ge_add
.text
.align 4
- .globl fe_ge_msub
- .type fe_ge_msub, %function
-fe_ge_msub:
+ .globl ge_sub
+ .type ge_sub, %function
+ge_sub:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #32
+ sub sp, sp, #44
str r0, [sp]
str r1, [sp, #4]
str r2, [sp, #8]
- str r3, [sp, #12]
+ mov r3, r1
+ add r2, r1, #32
+ add r1, r0, #32
+ bl fe_add_sub_op
+ ldr r2, [sp, #8]
+ add r2, r2, #32
+ mov r1, r0
+ add r0, r0, #0x40
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r2, [sp, #8]
+ add r1, r0, #32
+ add r0, r0, #32
+ bl fe_mul_op
+ ldr r0, [sp]
+ ldr r1, [sp, #8]
+ ldr r2, [sp, #4]
+ add r2, r2, #0x60
+ add r1, r1, #0x60
+ add r0, r0, #0x60
+ bl fe_mul_op
ldr r0, [sp]
- ldr r1, [sp, #72]
- ldr r2, [sp, #68]
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #4]
- ldr r1, [sp, #72]
- ldr r2, [sp, #68]
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r2, [sp, #92]
- ldr r1, [sp]
- ldr r0, [sp, #8]
- bl fe_mul
- ldr r2, [sp, #88]
ldr r1, [sp, #4]
- ldr r0, [sp, #4]
- bl fe_mul
- ldr r2, [sp, #80]
- ldr r1, [sp, #84]
- ldr r0, [sp, #12]
- bl fe_mul
- ldr r0, [sp, #4]
- ldr r1, [sp]
ldr r2, [sp, #8]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
-#else
- ldrd r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0]
- ldr r7, [r0, #4]
-#else
- ldrd r6, r7, [r0]
-#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
- # Sub
- subs r10, r4, r6
+ add r2, r2, #0x40
+ add r1, r1, #0x40
+ bl fe_mul_op
+ ldr r1, [sp]
+ add r0, sp, #12
+ # Double
+ ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ adds r4, r4, r4
+ adcs r5, r5, r5
+ adcs r6, r6, r6
+ adcs r7, r7, r7
+ adcs r8, r8, r8
+ adcs r9, r9, r9
+ adcs r10, r10, r10
mov lr, #0
- sbcs r11, r5, r7
+ adcs r11, r11, r11
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
+ mov r12, #19
+ lsl lr, lr, #1
+ orr lr, lr, r11, lsr #31
+ mul r12, lr, r12
+ adds r4, r4, r12
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adcs r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0x80000000
#else
- strd r10, r11, [r1]
+ bfc r11, #31, #1
#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #8]
- ldr r5, [r2, #12]
+ adcs r10, r10, #0
+ adc r11, r11, #0
+ stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ # Done Double
+ add r3, r1, #32
+ add r2, r1, #0x40
+ add r0, r1, #32
+ bl fe_add_sub_op
+ add r3, r0, #0x40
+ add r2, sp, #12
+ add r1, r0, #32
+ add r0, r0, #0x40
+ bl fe_add_sub_op
+ add sp, sp, #44
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size ge_sub,.-ge_sub
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ .text
+ .align 4
+ .globl sc_reduce
+ .type sc_reduce, %function
+sc_reduce:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #56
+ str r0, [sp, #52]
+ # Load bits 252-511
+ add r0, r0, #28
+ ldm r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+ lsr lr, r9, #24
+ lsl r9, r9, #4
+ orr r9, r9, r8, LSR #28
+ lsl r8, r8, #4
+ orr r8, r8, r7, LSR #28
+ lsl r7, r7, #4
+ orr r7, r7, r6, LSR #28
+ lsl r6, r6, #4
+ orr r6, r6, r5, LSR #28
+ lsl r5, r5, #4
+ orr r5, r5, r4, LSR #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, LSR #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, LSR #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ sub r0, r0, #28
+ # Add order times bits 504..511
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xa3
+ lsl r10, r10, #8
+ orr r10, r10, #10
+ lsl r10, r10, #8
+ orr r10, r10, #44
+ lsl r10, r10, #8
+ orr r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x2c
+ lsl r10, r10, #8
+ add r10, r10, #0x13
+#else
+ mov r10, #0x2c13
+#endif
+ movt r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xa7
+ lsl r11, r11, #8
+ orr r11, r11, #0xed
+ lsl r11, r11, #8
+ orr r11, r11, #0x9c
+ lsl r11, r11, #8
+ orr r11, r11, #0xe5
#else
- ldrd r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x9c
+ lsl r11, r11, #8
+ add r11, r11, #0xe5
#else
- ldrd r6, r7, [r0, #8]
+ mov r11, #0x9ce5
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
+ movt r11, #0xa7ed
#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
+ mov r1, #0
+ umlal r2, r1, r10, lr
+ adds r3, r3, r1
+ mov r1, #0
+ adc r1, r1, #0
+ umlal r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5d
+ lsl r10, r10, #8
+ orr r10, r10, #8
+ lsl r10, r10, #8
+ orr r10, r10, #0x63
+ lsl r10, r10, #8
+ orr r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x63
+ lsl r10, r10, #8
+ add r10, r10, #0x29
+#else
+ mov r10, #0x6329
+#endif
+ movt r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xeb
+ lsl r11, r11, #8
+ orr r11, r11, #33
+ lsl r11, r11, #8
+ orr r11, r11, #6
+ lsl r11, r11, #8
+ orr r11, r11, #33
#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x6
+ lsl r11, r11, #8
+ add r11, r11, #0x21
#else
- ldrd r4, r5, [r2, #16]
+ mov r11, #0x621
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
+ movt r11, #0xeb21
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
+ adds r4, r4, r1
+ mov r1, #0
+ adc r1, r1, #0
+ umlal r4, r1, r10, lr
+ adds r5, r5, r1
+ mov r1, #0
+ adc r1, r1, #0
+ umlal r5, r1, r11, lr
+ adds r6, r6, r1
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ subs r6, r6, lr
+ sbcs r7, r7, #0
+ sbcs r8, r8, #0
+ sbc r9, r9, #0
+ # Sub product of top 8 words and order
+ mov r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
+#else
+ mov r1, #0x2c13
+#endif
+ movt r1, #0xa30a
#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
+ ldm r0!, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #24]
- ldr r5, [r2, #28]
-#else
- ldrd r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0xf0000000
#else
- ldrd r6, r7, [r0, #24]
+ bfc r11, #28, #4
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r0, r0, #16
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+ # Subtract at 4 * 32
+ ldm r12, {r10, r11}
+ subs r10, r10, r2
+ sbcs r11, r11, r3
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r4
+ sbcs r11, r11, r5
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r6
+ sbcs r11, r11, r7
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r8
+ sbc r11, r11, r9
+ stm r12!, {r10, r11}
+ sub r12, r12, #36
+ asr lr, r11, #25
+ # Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa00000
+ lsl r1, r1, #8
+ add r1, r1, #0x0
+#else
+ mov r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0x4b
+ lsl r2, r2, #8
+ orr r2, r2, #0x9e
+ lsl r2, r2, #8
+ orr r2, r2, #0xba
+ lsl r2, r2, #8
+ orr r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0xba
+ lsl r2, r2, #8
+ add r2, r2, #0x7d
+#else
+ mov r2, #0xba7d
+#endif
+ movt r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0xcb
+ lsl r3, r3, #8
+ orr r3, r3, #2
+ lsl r3, r3, #8
+ orr r3, r3, #0x4c
+ lsl r3, r3, #8
+ orr r3, r3, #0x63
#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0x4c
+ lsl r3, r3, #8
+ add r3, r3, #0x63
#else
- ldrd r4, r5, [r0, #16]
+ mov r3, #0x4c63
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
+ movt r3, #0xcb02
#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xd4
+ lsl r4, r4, #8
+ orr r4, r4, #0x5e
+ lsl r4, r4, #8
+ orr r4, r4, #0xf3
+ lsl r4, r4, #8
+ orr r4, r4, #0x9a
#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xf3
+ lsl r4, r4, #8
+ add r4, r4, #0x9a
#else
- ldrd r4, r5, [r1]
+ mov r4, #0xf39a
#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
+ movt r4, #0xd45e
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #2
+ lsl r5, r5, #8
+ orr r5, r5, #0x9b
+ lsl r5, r5, #8
+ orr r5, r5, #0xdf
+ lsl r5, r5, #8
+ orr r5, r5, #59
#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #0xdf
+ lsl r5, r5, #8
+ add r5, r5, #0x3b
#else
- strd r4, r5, [r1, #8]
+ mov r5, #0xdf3b
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
+ movt r5, #0x29b
#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r9, #0x20000
+ lsl r9, r9, #8
+ add r9, r9, #0x0
#else
- strd r4, r5, [r1, #16]
+ mov r9, #0x2000000
#endif
+ and r1, r1, lr
+ and r2, r2, lr
+ and r3, r3, lr
+ and r4, r4, lr
+ and r5, r5, lr
+ and r9, r9, lr
+ ldm r12, {r10, r11}
+ adds r10, r10, r1
+ adcs r11, r11, r2
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
-#else
- strd r10, r11, [r1, #24]
-#endif
- ldr r0, [sp, #8]
- ldr r1, [sp, #76]
- # Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #16]
- ldr r9, [r1, #20]
-#else
- ldrd r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #24]
- ldr r11, [r1, #28]
-#else
- ldrd r10, r11, [r1, #24]
-#endif
- adds r4, r4, r4
- adcs r5, r5, r5
- adcs r6, r6, r6
- adcs r7, r7, r7
- adcs r8, r8, r8
- adcs r9, r9, r9
- adcs r10, r10, r10
- adc r11, r11, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
+ adcs r11, r11, r4
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, r5
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, #0
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10}
+ adcs r10, r10, #0
+ stm r12!, {r10}
+ sub r0, r0, #16
+ mov r12, sp
+ # Load bits 252-376
+ add r12, r12, #28
+ ldm r12, {r1, r2, r3, r4, r5}
+ lsl r5, r5, #4
+ orr r5, r5, r4, lsr #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, lsr #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, lsr #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r5, r5, #0xe0000000
+#else
+ bfc r5, #29, #3
+#endif
+ sub r12, r12, #28
+ # Sub product of top 4 words and order
+ mov r0, sp
+ # * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #12]
- ldr r1, [sp, #8]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
#else
- ldrd r4, r5, [r1]
+ mov r1, #0x2c13
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0]
- ldr r7, [r0, #4]
-#else
- ldrd r6, r7, [r0]
+ movt r1, #0xa30a
#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
- # Sub
- subs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, lr, r2, r1
+ adds r7, r7, lr
+ mov lr, #0
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
+ umlal r7, lr, r3, r1
+ adds r8, r8, lr
mov lr, #0
- sbcs r11, r5, r7
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
+ umlal r8, lr, r4, r1
+ adds r9, r9, lr
mov lr, #0
- sbcs r11, r5, r7
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #24]
- ldr r5, [r1, #28]
-#else
- ldrd r4, r5, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
-#else
- ldrd r6, r7, [r0, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
+ umlal r9, lr, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
+ mov r10, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r10, r2, r1
+ adds r7, r7, r10
+ mov r10, #0
+ adc r10, r10, #0
+ umlal r7, r10, r3, r1
+ adds r8, r8, r10
+ mov r10, #0
+ adc r10, r10, #0
+ umlal r8, r10, r4, r1
+ adds r9, r9, r10
+ mov r10, #0
+ adc r10, r10, #0
+ umlal r9, r10, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
+ mov r11, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r11, r2, r1
+ adds r7, r7, r11
+ mov r11, #0
+ adc r11, r11, #0
+ umlal r7, r11, r3, r1
+ adds r8, r8, r11
+ mov r11, #0
+ adc r11, r11, #0
+ umlal r8, r11, r4, r1
+ adds r9, r9, r11
+ mov r11, #0
+ adc r11, r11, #0
+ umlal r9, r11, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
+ mov r12, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r12, r2, r1
+ adds r7, r7, r12
+ mov r12, #0
+ adc r12, r12, #0
+ umlal r7, r12, r3, r1
+ adds r8, r8, r12
+ mov r12, #0
+ adc r12, r12, #0
+ umlal r8, r12, r4, r1
+ adds r9, r9, r12
+ mov r12, #0
+ adc r12, r12, #0
+ umlal r9, r12, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # Add overflows at 4 * 32
+ ldm r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ adds r6, r6, lr
+ adcs r7, r7, r10
+ adcs r8, r8, r11
+ adc r9, r9, r12
+ # Subtract top at 4 * 32
+ subs r6, r6, r2
+ sbcs r7, r7, r3
+ sbcs r8, r8, r4
+ sbcs r9, r9, r5
+ sbc r1, r1, r1
+ sub r0, r0, #16
+ ldm r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5c
+ lsl r10, r10, #8
+ orr r10, r10, #0xf5
+ lsl r10, r10, #8
+ orr r10, r10, #0xd3
+ lsl r10, r10, #8
+ orr r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xd3
+ lsl r10, r10, #8
+ add r10, r10, #0xed
+#else
+ mov r10, #0xd3ed
+#endif
+ movt r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x58
+ lsl r11, r11, #8
+ orr r11, r11, #18
+ lsl r11, r11, #8
+ orr r11, r11, #0x63
+ lsl r11, r11, #8
+ orr r11, r11, #26
#else
- ldrd r4, r5, [r0, #16]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x63
+ lsl r11, r11, #8
+ add r11, r11, #0x1a
#else
- strd r4, r5, [r0, #16]
+ mov r11, #0x631a
#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
+ movt r11, #0x5812
#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0xa2
+ lsl r12, r12, #8
+ orr r12, r12, #0xf7
+ lsl r12, r12, #8
+ orr r12, r12, #0x9c
+ lsl r12, r12, #8
+ orr r12, r12, #0xd6
#else
- ldrd r4, r5, [r1]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0x9c
+ lsl r12, r12, #8
+ add r12, r12, #0xd6
#else
- strd r4, r5, [r1]
+ mov r12, #0x9cd6
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
+ movt r12, #0xa2f7
#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #20
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
+ lsl lr, lr, #8
+ orr lr, lr, #0xf9
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
#else
- strd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #0xf9
+ lsl lr, lr, #8
+ add lr, lr, #0xde
#else
- ldrd r4, r5, [r1, #16]
+ mov lr, #0xf9de
#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
-#else
- strd r4, r5, [r1, #16]
+ movt lr, #0x14de
#endif
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
+ and r10, r10, r1
+ and r11, r11, r1
+ and r12, r12, r1
+ and lr, lr, r1
+ adds r2, r2, r10
+ adcs r3, r3, r11
+ adcs r4, r4, r12
+ adcs r5, r5, lr
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ and r1, r1, #0x10000000
+ adcs r8, r8, #0
+ adc r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
#else
- strd r10, r11, [r1, #24]
+ bfc r9, #28, #4
#endif
- add sp, sp, #32
+ # Store result
+ ldr r0, [sp, #52]
+ stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ add sp, sp, #56
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_ge_msub,.-fe_ge_msub
+ .size sc_reduce,.-sc_reduce
+#else
.text
.align 4
- .globl fe_ge_add
- .type fe_ge_add, %function
-fe_ge_add:
+ .globl sc_reduce
+ .type sc_reduce, %function
+sc_reduce:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #0x60
- str r0, [sp]
- str r1, [sp, #4]
- str r2, [sp, #8]
- str r3, [sp, #12]
- ldr r0, [sp]
- ldr r1, [sp, #136]
- ldr r2, [sp, #132]
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+ sub sp, sp, #56
+ str r0, [sp, #52]
+ # Load bits 252-511
+ add r0, r0, #28
+ ldm r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+ lsr lr, r9, #24
+ lsl r9, r9, #4
+ orr r9, r9, r8, LSR #28
+ lsl r8, r8, #4
+ orr r8, r8, r7, LSR #28
+ lsl r7, r7, #4
+ orr r7, r7, r6, LSR #28
+ lsl r6, r6, #4
+ orr r6, r6, r5, LSR #28
+ lsl r5, r5, #4
+ orr r5, r5, r4, LSR #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, LSR #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, LSR #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ sub r0, r0, #28
+ # Add order times bits 504..511
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xa3
+ lsl r10, r10, #8
+ orr r10, r10, #10
+ lsl r10, r10, #8
+ orr r10, r10, #44
+ lsl r10, r10, #8
+ orr r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x2c
+ lsl r10, r10, #8
+ add r10, r10, #0x13
+#else
+ mov r10, #0x2c13
+#endif
+ movt r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xa7
+ lsl r11, r11, #8
+ orr r11, r11, #0xed
+ lsl r11, r11, #8
+ orr r11, r11, #0x9c
+ lsl r11, r11, #8
+ orr r11, r11, #0xe5
#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x9c
+ lsl r11, r11, #8
+ add r11, r11, #0xe5
#else
- ldrd r6, r7, [r1, #8]
+ mov r11, #0x9ce5
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
+ movt r11, #0xa7ed
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
+ mov r1, #0
+ umlal r2, r1, r10, lr
+ umaal r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5d
+ lsl r10, r10, #8
+ orr r10, r10, #8
+ lsl r10, r10, #8
+ orr r10, r10, #0x63
+ lsl r10, r10, #8
+ orr r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x63
+ lsl r10, r10, #8
+ add r10, r10, #0x29
+#else
+ mov r10, #0x6329
+#endif
+ movt r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xeb
+ lsl r11, r11, #8
+ orr r11, r11, #33
+ lsl r11, r11, #8
+ orr r11, r11, #6
+ lsl r11, r11, #8
+ orr r11, r11, #33
#else
- ldrd r10, r11, [r2, #8]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x6
+ lsl r11, r11, #8
+ add r11, r11, #0x21
#else
- strd r8, r9, [r0]
+ mov r11, #0x621
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
+ movt r11, #0xeb21
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
+ umaal r4, r1, r10, lr
+ umaal r5, r1, r11, lr
+ adds r6, r6, r1
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ subs r6, r6, lr
+ sbcs r7, r7, #0
+ sbcs r8, r8, #0
+ sbc r9, r9, #0
+ # Sub product of top 8 words and order
+ mov r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
+#else
+ mov r1, #0x2c13
+#endif
+ movt r1, #0xa30a
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
+ mov lr, #0
+ ldm r0!, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ umaal r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0xf0000000
+#else
+ bfc r11, #28, #4
+#endif
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r0, r0, #16
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r8, r1
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r8, r1
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r8, r1
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+ # Subtract at 4 * 32
+ ldm r12, {r10, r11}
+ subs r10, r10, r2
+ sbcs r11, r11, r3
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r4
+ sbcs r11, r11, r5
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r6
+ sbcs r11, r11, r7
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r8
+ sbc r11, r11, r9
+ stm r12!, {r10, r11}
+ sub r12, r12, #36
+ asr lr, r11, #25
+ # Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa00000
+ lsl r1, r1, #8
+ add r1, r1, #0x0
+#else
+ mov r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0x4b
+ lsl r2, r2, #8
+ orr r2, r2, #0x9e
+ lsl r2, r2, #8
+ orr r2, r2, #0xba
+ lsl r2, r2, #8
+ orr r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0xba
+ lsl r2, r2, #8
+ add r2, r2, #0x7d
+#else
+ mov r2, #0xba7d
+#endif
+ movt r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0xcb
+ lsl r3, r3, #8
+ orr r3, r3, #2
+ lsl r3, r3, #8
+ orr r3, r3, #0x4c
+ lsl r3, r3, #8
+ orr r3, r3, #0x63
#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0x4c
+ lsl r3, r3, #8
+ add r3, r3, #0x63
#else
- ldrd r6, r7, [r0, #8]
+ mov r3, #0x4c63
#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
+ movt r3, #0xcb02
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xd4
+ lsl r4, r4, #8
+ orr r4, r4, #0x5e
+ lsl r4, r4, #8
+ orr r4, r4, #0xf3
+ lsl r4, r4, #8
+ orr r4, r4, #0x9a
#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xf3
+ lsl r4, r4, #8
+ add r4, r4, #0x9a
#else
- strd r8, r9, [r0, #16]
+ mov r4, #0xf39a
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
+ movt r4, #0xd45e
#endif
- ldr r0, [sp, #4]
- ldr r1, [sp, #136]
- ldr r2, [sp, #132]
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #2
+ lsl r5, r5, #8
+ orr r5, r5, #0x9b
+ lsl r5, r5, #8
+ orr r5, r5, #0xdf
+ lsl r5, r5, #8
+ orr r5, r5, #59
#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #0xdf
+ lsl r5, r5, #8
+ add r5, r5, #0x3b
#else
- ldrd r6, r7, [r1, #8]
+ mov r5, #0xdf3b
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
+ movt r5, #0x29b
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r9, #0x20000
+ lsl r9, r9, #8
+ add r9, r9, #0x0
#else
- ldrd r10, r11, [r2, #8]
+ mov r9, #0x2000000
#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
+ and r1, r1, lr
+ and r2, r2, lr
+ and r3, r3, lr
+ and r4, r4, lr
+ and r5, r5, lr
+ and r9, r9, lr
+ ldm r12, {r10, r11}
+ adds r10, r10, r1
+ adcs r11, r11, r2
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, r3
+ adcs r11, r11, r4
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, r5
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, #0
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10}
+ adcs r10, r10, #0
+ stm r12!, {r10}
+ sub r0, r0, #16
+ mov r12, sp
+ # Load bits 252-376
+ add r12, r12, #28
+ ldm r12, {r1, r2, r3, r4, r5}
+ lsl r5, r5, #4
+ orr r5, r5, r4, lsr #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, lsr #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, lsr #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r5, r5, #0xe0000000
+#else
+ bfc r5, #29, #3
+#endif
+ sub r12, r12, #28
+ # Sub product of top 4 words and order
+ mov r0, sp
+ # * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
#else
- strd r10, r11, [r0, #8]
+ mov r1, #0x2c13
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
+ movt r1, #0xa30a
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
+ mov lr, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, lr, r2, r1
+ umaal r7, lr, r3, r1
+ umaal r8, lr, r4, r1
+ umaal r9, lr, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
+ mov r10, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r10, r2, r1
+ umaal r7, r10, r3, r1
+ umaal r8, r10, r4, r1
+ umaal r9, r10, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
+ mov r11, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r11, r2, r1
+ umaal r7, r11, r3, r1
+ umaal r8, r11, r4, r1
+ umaal r9, r11, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
+ mov r12, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r12, r2, r1
+ umaal r7, r12, r3, r1
+ umaal r8, r12, r4, r1
+ umaal r9, r12, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # Add overflows at 4 * 32
+ ldm r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ adds r6, r6, lr
+ adcs r7, r7, r10
+ adcs r8, r8, r11
+ adc r9, r9, r12
+ # Subtract top at 4 * 32
+ subs r6, r6, r2
+ sbcs r7, r7, r3
+ sbcs r8, r8, r4
+ sbcs r9, r9, r5
+ sbc r1, r1, r1
+ sub r0, r0, #16
+ ldm r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5c
+ lsl r10, r10, #8
+ orr r10, r10, #0xf5
+ lsl r10, r10, #8
+ orr r10, r10, #0xd3
+ lsl r10, r10, #8
+ orr r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xd3
+ lsl r10, r10, #8
+ add r10, r10, #0xed
+#else
+ mov r10, #0xd3ed
+#endif
+ movt r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x58
+ lsl r11, r11, #8
+ orr r11, r11, #18
+ lsl r11, r11, #8
+ orr r11, r11, #0x63
+ lsl r11, r11, #8
+ orr r11, r11, #26
#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x63
+ lsl r11, r11, #8
+ add r11, r11, #0x1a
#else
- ldrd r6, r7, [r0, #8]
+ mov r11, #0x631a
#endif
- adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
+ movt r11, #0x5812
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0xa2
+ lsl r12, r12, #8
+ orr r12, r12, #0xf7
+ lsl r12, r12, #8
+ orr r12, r12, #0x9c
+ lsl r12, r12, #8
+ orr r12, r12, #0xd6
#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0x9c
+ lsl r12, r12, #8
+ add r12, r12, #0xd6
#else
- strd r8, r9, [r0, #16]
+ mov r12, #0x9cd6
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
+ movt r12, #0xa2f7
#endif
- ldr r2, [sp, #156]
- ldr r1, [sp]
- ldr r0, [sp, #8]
- bl fe_mul
- ldr r2, [sp, #160]
- ldr r1, [sp, #4]
- ldr r0, [sp, #4]
- bl fe_mul
- ldr r2, [sp, #144]
- ldr r1, [sp, #152]
- ldr r0, [sp, #12]
- bl fe_mul
- ldr r2, [sp, #148]
- ldr r1, [sp, #140]
- ldr r0, [sp]
- bl fe_mul
- add r0, sp, #16
- ldr r1, [sp]
- # Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #20
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
+ lsl lr, lr, #8
+ orr lr, lr, #0xf9
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #0xf9
+ lsl lr, lr, #8
+ add lr, lr, #0xde
#else
- ldrd r6, r7, [r1, #8]
+ mov lr, #0xf9de
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #16]
- ldr r9, [r1, #20]
-#else
- ldrd r8, r9, [r1, #16]
+ movt lr, #0x14de
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #24]
- ldr r11, [r1, #28]
+ and r10, r10, r1
+ and r11, r11, r1
+ and r12, r12, r1
+ and lr, lr, r1
+ adds r2, r2, r10
+ adcs r3, r3, r11
+ adcs r4, r4, r12
+ adcs r5, r5, lr
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ and r1, r1, #0x10000000
+ adcs r8, r8, #0
+ adc r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
#else
- ldrd r10, r11, [r1, #24]
+ bfc r9, #28, #4
#endif
- adds r4, r4, r4
- adcs r5, r5, r5
- adcs r6, r6, r6
- adcs r7, r7, r7
- adcs r8, r8, r8
- adcs r9, r9, r9
- adcs r10, r10, r10
- adc r11, r11, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
+ # Store result
+ ldr r0, [sp, #52]
+ stm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ add sp, sp, #56
+ pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ .size sc_reduce,.-sc_reduce
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifdef HAVE_ED25519_SIGN
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ .text
+ .align 4
+ .globl sc_muladd
+ .type sc_muladd, %function
+sc_muladd:
+ push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ sub sp, sp, #0x50
+ add lr, sp, #0x44
+ stm lr, {r0, r1, r3}
+ mov r0, #0
+ ldr r12, [r1]
+ # A[0] * B[0]
+ ldr lr, [r2]
+ umull r3, r4, r12, lr
+ # A[0] * B[2]
+ ldr lr, [r2, #8]
+ umull r5, r6, r12, lr
+ # A[0] * B[4]
+ ldr lr, [r2, #16]
+ umull r7, r8, r12, lr
+ # A[0] * B[6]
+ ldr lr, [r2, #24]
+ umull r9, r10, r12, lr
+ str r3, [sp]
+ # A[0] * B[1]
+ ldr lr, [r2, #4]
+ mov r11, r0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[0] * B[3]
+ ldr lr, [r2, #12]
+ adcs r6, r6, #0
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[0] * B[5]
+ ldr lr, [r2, #20]
+ adcs r8, r8, #0
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[0] * B[7]
+ ldr lr, [r2, #28]
+ adcs r10, r10, #0
+ adc r3, r0, #0
+ umlal r10, r3, r12, lr
+ # A[1] * B[0]
+ ldr r12, [r1, #4]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r4, r11, r12, lr
+ str r4, [sp, #4]
+ adds r5, r5, r11
+ # A[1] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[1] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[1] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[1] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[1] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[1] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[1] * B[7]
+ ldr lr, [r2, #28]
+ adc r4, r0, #0
+ umlal r3, r4, r12, lr
+ # A[2] * B[0]
+ ldr r12, [r1, #8]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r5, r11, r12, lr
+ str r5, [sp, #8]
+ adds r6, r6, r11
+ # A[2] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[2] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[2] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[2] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[2] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[2] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[2] * B[7]
+ ldr lr, [r2, #28]
+ adc r5, r0, #0
+ umlal r4, r5, r12, lr
+ # A[3] * B[0]
+ ldr r12, [r1, #12]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r6, r11, r12, lr
+ str r6, [sp, #12]
+ adds r7, r7, r11
+ # A[3] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[3] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[3] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[3] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[3] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[3] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[3] * B[7]
+ ldr lr, [r2, #28]
+ adc r6, r0, #0
+ umlal r5, r6, r12, lr
+ # A[4] * B[0]
+ ldr r12, [r1, #16]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r7, r11, r12, lr
+ str r7, [sp, #16]
+ adds r8, r8, r11
+ # A[4] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[4] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[4] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[4] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[4] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[4] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[4] * B[7]
+ ldr lr, [r2, #28]
+ adc r7, r0, #0
+ umlal r6, r7, r12, lr
+ # A[5] * B[0]
+ ldr r12, [r1, #20]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r8, r11, r12, lr
+ str r8, [sp, #20]
+ adds r9, r9, r11
+ # A[5] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r9, r11, r12, lr
+ adds r10, r10, r11
+ # A[5] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[5] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[5] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[5] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[5] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[5] * B[7]
+ ldr lr, [r2, #28]
+ adc r8, r0, #0
+ umlal r7, r8, r12, lr
+ # A[6] * B[0]
+ ldr r12, [r1, #24]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r9, r11, r12, lr
+ str r9, [sp, #24]
+ adds r10, r10, r11
+ # A[6] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r10, r11, r12, lr
+ adds r3, r3, r11
+ # A[6] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[6] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[6] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[6] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[6] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[6] * B[7]
+ ldr lr, [r2, #28]
+ adc r9, r0, #0
+ umlal r8, r9, r12, lr
+ # A[7] * B[0]
+ ldr r12, [r1, #28]
+ ldr lr, [r2]
+ mov r11, #0
+ umlal r10, r11, r12, lr
+ str r10, [sp, #28]
+ adds r3, r3, r11
+ # A[7] * B[1]
+ ldr lr, [r2, #4]
+ adc r11, r0, #0
+ umlal r3, r11, r12, lr
+ adds r4, r4, r11
+ # A[7] * B[2]
+ ldr lr, [r2, #8]
+ adc r11, r0, #0
+ umlal r4, r11, r12, lr
+ adds r5, r5, r11
+ # A[7] * B[3]
+ ldr lr, [r2, #12]
+ adc r11, r0, #0
+ umlal r5, r11, r12, lr
+ adds r6, r6, r11
+ # A[7] * B[4]
+ ldr lr, [r2, #16]
+ adc r11, r0, #0
+ umlal r6, r11, r12, lr
+ adds r7, r7, r11
+ # A[7] * B[5]
+ ldr lr, [r2, #20]
+ adc r11, r0, #0
+ umlal r7, r11, r12, lr
+ adds r8, r8, r11
+ # A[7] * B[6]
+ ldr lr, [r2, #24]
+ adc r11, r0, #0
+ umlal r8, r11, r12, lr
+ adds r9, r9, r11
+ # A[7] * B[7]
+ ldr lr, [r2, #28]
+ adc r10, r0, #0
+ umlal r9, r10, r12, lr
+ add lr, sp, #32
+ stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ mov r0, sp
+ # Add c to a * b
+ ldr lr, [sp, #76]
+ ldm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ldm lr!, {r1, r10, r11, r12}
+ adds r2, r2, r1
+ adcs r3, r3, r10
+ adcs r4, r4, r11
+ adcs r5, r5, r12
+ ldm lr!, {r1, r10, r11, r12}
+ adcs r6, r6, r1
+ adcs r7, r7, r10
+ adcs r8, r8, r11
+ adcs r9, r9, r12
+ mov r1, r9
+ stm r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ldm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ adcs r2, r2, #0
+ adcs r3, r3, #0
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ sub r0, r0, #32
+ # Get 252..503 and 504..507
+ lsr lr, r9, #24
+ lsl r9, r9, #4
+ orr r9, r9, r8, LSR #28
+ lsl r8, r8, #4
+ orr r8, r8, r7, LSR #28
+ lsl r7, r7, #4
+ orr r7, r7, r6, LSR #28
+ lsl r6, r6, #4
+ orr r6, r6, r5, LSR #28
+ lsl r5, r5, #4
+ orr r5, r5, r4, LSR #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, LSR #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, LSR #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ # Add order times bits 504..507
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xa3
+ lsl r10, r10, #8
+ orr r10, r10, #10
+ lsl r10, r10, #8
+ orr r10, r10, #44
+ lsl r10, r10, #8
+ orr r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x2c
+ lsl r10, r10, #8
+ add r10, r10, #0x13
+#else
+ mov r10, #0x2c13
+#endif
+ movt r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xa7
+ lsl r11, r11, #8
+ orr r11, r11, #0xed
+ lsl r11, r11, #8
+ orr r11, r11, #0x9c
+ lsl r11, r11, #8
+ orr r11, r11, #0xe5
#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x9c
+ lsl r11, r11, #8
+ add r11, r11, #0xe5
#else
- strd r6, r7, [r0, #8]
+ mov r11, #0x9ce5
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
+ movt r11, #0xa7ed
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
+ mov r1, #0
+ umlal r2, r1, r10, lr
+ adds r3, r3, r1
+ mov r1, #0
+ adc r1, r1, #0
+ umlal r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5d
+ lsl r10, r10, #8
+ orr r10, r10, #8
+ lsl r10, r10, #8
+ orr r10, r10, #0x63
+ lsl r10, r10, #8
+ orr r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x63
+ lsl r10, r10, #8
+ add r10, r10, #0x29
+#else
+ mov r10, #0x6329
+#endif
+ movt r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xeb
+ lsl r11, r11, #8
+ orr r11, r11, #33
+ lsl r11, r11, #8
+ orr r11, r11, #6
+ lsl r11, r11, #8
+ orr r11, r11, #33
#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #4]
- ldr r1, [sp]
- ldr r2, [sp, #8]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x6
+ lsl r11, r11, #8
+ add r11, r11, #0x21
#else
- ldrd r4, r5, [r2]
+ mov r11, #0x621
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0]
- ldr r7, [r0, #4]
-#else
- ldrd r6, r7, [r0]
+ movt r11, #0xeb21
#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
+ adds r4, r4, r1
+ mov r1, #0
+ adc r1, r1, #0
+ umlal r4, r1, r10, lr
+ adds r5, r5, r1
+ mov r1, #0
+ adc r1, r1, #0
+ umlal r5, r1, r11, lr
+ adds r6, r6, r1
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ subs r6, r6, lr
+ sbcs r7, r7, #0
+ sbcs r8, r8, #0
+ sbc r9, r9, #0
+ # Sub product of top 8 words and order
+ mov r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
+#else
+ mov r1, #0x2c13
+#endif
+ movt r1, #0xa30a
#endif
- # Sub
- subs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
+ ldm r0!, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #8]
- ldr r5, [r2, #12]
-#else
- ldrd r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ adds r10, r10, lr
mov lr, #0
- sbcs r11, r5, r7
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
-#else
- ldrd r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
mov lr, #0
- sbcs r11, r5, r7
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #24]
- ldr r5, [r2, #28]
-#else
- ldrd r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0xf0000000
#else
- ldrd r6, r7, [r0, #24]
+ bfc r11, #28, #4
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r0, r0, #16
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r4, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r6, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adds r10, r10, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r10, lr, r8, r1
+ adds r11, r11, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+ # Subtract at 4 * 32
+ ldm r12, {r10, r11}
+ subs r10, r10, r2
+ sbcs r11, r11, r3
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r4
+ sbcs r11, r11, r5
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r6
+ sbcs r11, r11, r7
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r8
+ sbc r11, r11, r9
+ stm r12!, {r10, r11}
+ sub r12, r12, #36
+ asr lr, r11, #25
+ # Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa00000
+ lsl r1, r1, #8
+ add r1, r1, #0x0
+#else
+ mov r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0x4b
+ lsl r2, r2, #8
+ orr r2, r2, #0x9e
+ lsl r2, r2, #8
+ orr r2, r2, #0xba
+ lsl r2, r2, #8
+ orr r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0xba
+ lsl r2, r2, #8
+ add r2, r2, #0x7d
+#else
+ mov r2, #0xba7d
+#endif
+ movt r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0xcb
+ lsl r3, r3, #8
+ orr r3, r3, #2
+ lsl r3, r3, #8
+ orr r3, r3, #0x4c
+ lsl r3, r3, #8
+ orr r3, r3, #0x63
#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0x4c
+ lsl r3, r3, #8
+ add r3, r3, #0x63
#else
- ldrd r4, r5, [r0, #16]
+ mov r3, #0x4c63
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
+ movt r3, #0xcb02
#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xd4
+ lsl r4, r4, #8
+ orr r4, r4, #0x5e
+ lsl r4, r4, #8
+ orr r4, r4, #0xf3
+ lsl r4, r4, #8
+ orr r4, r4, #0x9a
#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xf3
+ lsl r4, r4, #8
+ add r4, r4, #0x9a
#else
- ldrd r4, r5, [r1]
+ mov r4, #0xf39a
#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
+ movt r4, #0xd45e
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #2
+ lsl r5, r5, #8
+ orr r5, r5, #0x9b
+ lsl r5, r5, #8
+ orr r5, r5, #0xdf
+ lsl r5, r5, #8
+ orr r5, r5, #59
#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #0xdf
+ lsl r5, r5, #8
+ add r5, r5, #0x3b
#else
- strd r4, r5, [r1, #8]
+ mov r5, #0xdf3b
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
+ movt r5, #0x29b
#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r9, #0x20000
+ lsl r9, r9, #8
+ add r9, r9, #0x0
#else
- strd r4, r5, [r1, #16]
+ mov r9, #0x2000000
#endif
+ and r1, r1, lr
+ and r2, r2, lr
+ and r3, r3, lr
+ and r4, r4, lr
+ and r5, r5, lr
+ and r9, r9, lr
+ ldm r12, {r10, r11}
+ adds r10, r10, r1
+ adcs r11, r11, r2
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
-#else
- strd r10, r11, [r1, #24]
-#endif
- ldr r0, [sp, #8]
- ldr r1, [sp, #12]
- add r2, sp, #16
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
+ adcs r11, r11, r4
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, r5
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, #0
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10}
+ adcs r10, r10, #0
+ stm r12!, {r10}
+ sub r0, r0, #16
+ mov r12, sp
+ # Load bits 252-376
+ add r12, r12, #28
+ ldm r12, {r1, r2, r3, r4, r5}
+ lsl r5, r5, #4
+ orr r5, r5, r4, lsr #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, lsr #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, lsr #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r5, r5, #0xe0000000
+#else
+ bfc r5, #29, #3
+#endif
+ sub r12, r12, #28
+ # Sub product of top 4 words and order
+ mov r0, sp
+ # * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
#else
- ldrd r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1]
- ldr r7, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
#else
- ldrd r6, r7, [r1]
+ mov r1, #0x2c13
#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
+ movt r1, #0xa30a
#endif
- # Sub
- subs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, lr, r2, r1
+ adds r7, r7, lr
+ mov lr, #0
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #8]
- ldr r5, [r2, #12]
-#else
- ldrd r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
+ umlal r7, lr, r3, r1
+ adds r8, r8, lr
mov lr, #0
- sbcs r11, r5, r7
adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
+ umlal r8, lr, r4, r1
+ adds r9, r9, lr
+ mov lr, #0
+ adc lr, lr, #0
+ umlal r9, lr, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
-#else
- ldrd r4, r5, [r2, #16]
+ mov r10, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r10, r2, r1
+ adds r7, r7, r10
+ mov r10, #0
+ adc r10, r10, #0
+ umlal r7, r10, r3, r1
+ adds r8, r8, r10
+ mov r10, #0
+ adc r10, r10, #0
+ umlal r8, r10, r4, r1
+ adds r9, r9, r10
+ mov r10, #0
+ adc r10, r10, #0
+ umlal r9, r10, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #16]
- ldr r7, [r1, #20]
-#else
- ldrd r6, r7, [r1, #16]
+ mov r11, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r11, r2, r1
+ adds r7, r7, r11
+ mov r11, #0
+ adc r11, r11, #0
+ umlal r7, r11, r3, r1
+ adds r8, r8, r11
+ mov r11, #0
+ adc r11, r11, #0
+ umlal r8, r11, r4, r1
+ adds r9, r9, r11
+ mov r11, #0
+ adc r11, r11, #0
+ umlal r9, r11, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
mov r12, #0
- adcs r9, r5, r7
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r12, r2, r1
+ adds r7, r7, r12
+ mov r12, #0
adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
+ umlal r7, r12, r3, r1
+ adds r8, r8, r12
+ mov r12, #0
+ adc r12, r12, #0
+ umlal r8, r12, r4, r1
+ adds r9, r9, r12
+ mov r12, #0
+ adc r12, r12, #0
+ umlal r9, r12, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # Add overflows at 4 * 32
+ ldm r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ adds r6, r6, lr
+ adcs r7, r7, r10
+ adcs r8, r8, r11
+ adc r9, r9, r12
+ # Subtract top at 4 * 32
+ subs r6, r6, r2
+ sbcs r7, r7, r3
+ sbcs r8, r8, r4
+ sbcs r9, r9, r5
+ sbc r1, r1, r1
+ sub r0, r0, #16
+ ldm r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5c
+ lsl r10, r10, #8
+ orr r10, r10, #0xf5
+ lsl r10, r10, #8
+ orr r10, r10, #0xd3
+ lsl r10, r10, #8
+ orr r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xd3
+ lsl r10, r10, #8
+ add r10, r10, #0xed
+#else
+ mov r10, #0xd3ed
+#endif
+ movt r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x58
+ lsl r11, r11, #8
+ orr r11, r11, #18
+ lsl r11, r11, #8
+ orr r11, r11, #0x63
+ lsl r11, r11, #8
+ orr r11, r11, #26
#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x63
+ lsl r11, r11, #8
+ add r11, r11, #0x1a
#else
- strd r10, r11, [r1, #16]
+ mov r11, #0x631a
#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #24]
- ldr r5, [r2, #28]
-#else
- ldrd r4, r5, [r2, #24]
+ movt r11, #0x5812
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0xa2
+ lsl r12, r12, #8
+ orr r12, r12, #0xf7
+ lsl r12, r12, #8
+ orr r12, r12, #0x9c
+ lsl r12, r12, #8
+ orr r12, r12, #0xd6
#else
- ldrd r6, r7, [r1, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0x9c
+ lsl r12, r12, #8
+ add r12, r12, #0xd6
#else
- ldrd r4, r5, [r0]
+ mov r12, #0x9cd6
#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
+ movt r12, #0xa2f7
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #20
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
+ lsl lr, lr, #8
+ orr lr, lr, #0xf9
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
#else
- ldrd r4, r5, [r0, #8]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #0xf9
+ lsl lr, lr, #8
+ add lr, lr, #0xde
#else
- strd r4, r5, [r0, #8]
+ mov lr, #0xf9de
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
+ movt lr, #0x14de
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
+ and r10, r10, r1
+ and r11, r11, r1
+ and r12, r12, r1
+ and lr, lr, r1
+ adds r2, r2, r10
+ adcs r3, r3, r11
+ adcs r4, r4, r12
+ adcs r5, r5, lr
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ and r1, r1, #0x10000000
+ adcs r8, r8, #0
+ adc r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
#else
- strd r4, r5, [r0, #16]
+ bfc r9, #28, #4
#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ ldr r0, [sp, #68]
+ # Store result
+ str r2, [r0]
+ str r3, [r0, #4]
+ str r4, [r0, #8]
+ str r5, [r0, #12]
+ str r6, [r0, #16]
+ str r7, [r0, #20]
str r8, [r0, #24]
str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
-#else
- strd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
-#else
- strd r4, r5, [r1, #16]
-#endif
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
-#else
- strd r10, r11, [r1, #24]
-#endif
- add sp, sp, #0x60
+ add sp, sp, #0x50
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_ge_add,.-fe_ge_add
+ .size sc_muladd,.-sc_muladd
+#else
.text
.align 4
- .globl fe_ge_sub
- .type fe_ge_sub, %function
-fe_ge_sub:
+ .globl sc_muladd
+ .type sc_muladd, %function
+sc_muladd:
push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
- sub sp, sp, #0x60
- str r0, [sp]
- str r1, [sp, #4]
- str r2, [sp, #8]
- str r3, [sp, #12]
- ldr r0, [sp]
- ldr r1, [sp, #136]
- ldr r2, [sp, #132]
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- adds r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- adcs r8, r4, r8
- adcs r9, r5, r9
- adcs r10, r6, r10
- adc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #4]
- ldr r1, [sp, #136]
- ldr r2, [sp, #132]
- # Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2]
- ldr r9, [r2, #4]
-#else
- ldrd r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #8]
- ldr r11, [r2, #12]
-#else
- ldrd r10, r11, [r2, #8]
-#endif
- subs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbcs r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #8]
- str r11, [r0, #12]
-#else
- strd r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #24]
- ldr r7, [r1, #28]
-#else
- ldrd r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r2, #16]
- ldr r9, [r2, #20]
-#else
- ldrd r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r2, #24]
- ldr r11, [r2, #28]
-#else
- ldrd r10, r11, [r2, #24]
-#endif
- sbcs r8, r4, r8
- sbcs r9, r5, r9
- sbcs r10, r6, r10
- sbc r11, r7, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
- adcs r6, r6, r3
- adcs r7, r7, r3
- adcs r8, r8, r3
- adcs r9, r9, r3
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
-#else
- strd r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
-#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r2, [sp, #160]
- ldr r1, [sp]
- ldr r0, [sp, #8]
- bl fe_mul
- ldr r2, [sp, #156]
- ldr r1, [sp, #4]
- ldr r0, [sp, #4]
- bl fe_mul
- ldr r2, [sp, #144]
- ldr r1, [sp, #152]
- ldr r0, [sp, #12]
- bl fe_mul
- ldr r2, [sp, #148]
- ldr r1, [sp, #140]
- ldr r0, [sp]
- bl fe_mul
- add r0, sp, #16
- ldr r1, [sp]
- # Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r1, #8]
- ldr r7, [r1, #12]
-#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #16]
- ldr r9, [r1, #20]
-#else
- ldrd r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #24]
- ldr r11, [r1, #28]
-#else
- ldrd r10, r11, [r1, #24]
-#endif
- adds r4, r4, r4
- adcs r5, r5, r5
- adcs r6, r6, r6
- adcs r7, r7, r7
- adcs r8, r8, r8
- adcs r9, r9, r9
- adcs r10, r10, r10
- adc r11, r11, r11
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
- subs r4, r4, r12
- sbcs r5, r5, r3
- sbcs r6, r6, r3
- sbcs r7, r7, r3
- sbcs r8, r8, r3
- sbcs r9, r9, r3
- sbcs r10, r10, r3
- sbc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
+ sub sp, sp, #0x50
+ add lr, sp, #0x44
+ stm lr, {r0, r1, r3}
+ mov lr, r2
+ ldm r1, {r0, r1, r2, r3}
+ ldm lr!, {r4, r5, r6}
+ umull r10, r11, r0, r4
+ umull r12, r7, r1, r4
+ umaal r11, r12, r0, r5
+ umull r8, r9, r2, r4
+ umaal r12, r8, r1, r5
+ umaal r12, r7, r0, r6
+ umaal r8, r9, r3, r4
+ stm sp, {r10, r11, r12}
+ umaal r7, r8, r2, r5
+ ldm lr!, {r4}
+ umull r10, r11, r1, r6
+ umaal r8, r9, r2, r6
+ umaal r7, r10, r0, r4
+ umaal r8, r11, r3, r5
+ str r7, [sp, #12]
+ umaal r8, r10, r1, r4
+ umaal r9, r11, r3, r6
+ umaal r9, r10, r2, r4
+ umaal r10, r11, r3, r4
+ ldm lr, {r4, r5, r6, r7}
+ mov r12, #0
+ umlal r8, r12, r0, r4
+ umaal r9, r12, r1, r4
+ umaal r10, r12, r2, r4
+ umaal r11, r12, r3, r4
+ mov r4, #0
+ umlal r9, r4, r0, r5
+ umaal r10, r4, r1, r5
+ umaal r11, r4, r2, r5
+ umaal r12, r4, r3, r5
+ mov r5, #0
+ umlal r10, r5, r0, r6
+ umaal r11, r5, r1, r6
+ umaal r12, r5, r2, r6
+ umaal r4, r5, r3, r6
+ mov r6, #0
+ umlal r11, r6, r0, r7
+ ldr r0, [sp, #72]
+ umaal r12, r6, r1, r7
+ add r0, r0, #16
+ umaal r4, r6, r2, r7
+ sub lr, lr, #16
+ umaal r5, r6, r3, r7
+ ldm r0, {r0, r1, r2, r3}
+ str r6, [sp, #64]
+ ldm lr!, {r6}
+ mov r7, #0
+ umlal r8, r7, r0, r6
+ umaal r9, r7, r1, r6
+ str r8, [sp, #16]
+ umaal r10, r7, r2, r6
+ umaal r11, r7, r3, r6
+ ldm lr!, {r6}
+ mov r8, #0
+ umlal r9, r8, r0, r6
+ umaal r10, r8, r1, r6
+ str r9, [sp, #20]
+ umaal r11, r8, r2, r6
+ umaal r12, r8, r3, r6
+ ldm lr!, {r6}
+ mov r9, #0
+ umlal r10, r9, r0, r6
+ umaal r11, r9, r1, r6
+ str r10, [sp, #24]
+ umaal r12, r9, r2, r6
+ umaal r4, r9, r3, r6
+ ldm lr!, {r6}
+ mov r10, #0
+ umlal r11, r10, r0, r6
+ umaal r12, r10, r1, r6
+ str r11, [sp, #28]
+ umaal r4, r10, r2, r6
+ umaal r5, r10, r3, r6
+ ldm lr!, {r11}
+ umaal r12, r7, r0, r11
+ umaal r4, r7, r1, r11
+ ldr r6, [sp, #64]
+ umaal r5, r7, r2, r11
+ umaal r6, r7, r3, r11
+ ldm lr!, {r11}
+ umaal r4, r8, r0, r11
+ umaal r5, r8, r1, r11
+ umaal r6, r8, r2, r11
+ umaal r7, r8, r3, r11
+ ldm lr, {r11, lr}
+ umaal r5, r9, r0, r11
+ umaal r6, r10, r0, lr
+ umaal r6, r9, r1, r11
+ umaal r7, r10, r1, lr
+ umaal r7, r9, r2, r11
+ umaal r8, r10, r2, lr
+ umaal r8, r9, r3, r11
+ umaal r9, r10, r3, lr
+ mov r3, r12
+ add lr, sp, #32
+ stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ mov r0, sp
+ # Add c to a * b
+ ldr lr, [sp, #76]
+ ldm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ldm lr!, {r1, r10, r11, r12}
+ adds r2, r2, r1
+ adcs r3, r3, r10
+ adcs r4, r4, r11
+ adcs r5, r5, r12
+ ldm lr!, {r1, r10, r11, r12}
+ adcs r6, r6, r1
+ adcs r7, r7, r10
+ adcs r8, r8, r11
+ adcs r9, r9, r12
+ mov r1, r9
+ stm r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ldm r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ adcs r2, r2, #0
+ adcs r3, r3, #0
+ adcs r4, r4, #0
+ adcs r5, r5, #0
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ sub r0, r0, #32
+ # Get 252..503 and 504..507
+ lsr lr, r9, #24
+ lsl r9, r9, #4
+ orr r9, r9, r8, LSR #28
+ lsl r8, r8, #4
+ orr r8, r8, r7, LSR #28
+ lsl r7, r7, #4
+ orr r7, r7, r6, LSR #28
+ lsl r6, r6, #4
+ orr r6, r6, r5, LSR #28
+ lsl r5, r5, #4
+ orr r5, r5, r4, LSR #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, LSR #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, LSR #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ # Add order times bits 504..507
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xa3
+ lsl r10, r10, #8
+ orr r10, r10, #10
+ lsl r10, r10, #8
+ orr r10, r10, #44
+ lsl r10, r10, #8
+ orr r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x2c
+ lsl r10, r10, #8
+ add r10, r10, #0x13
+#else
+ mov r10, #0x2c13
+#endif
+ movt r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xa7
+ lsl r11, r11, #8
+ orr r11, r11, #0xed
+ lsl r11, r11, #8
+ orr r11, r11, #0x9c
+ lsl r11, r11, #8
+ orr r11, r11, #0xe5
#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r6, [r0, #8]
- str r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x9c
+ lsl r11, r11, #8
+ add r11, r11, #0xe5
#else
- strd r6, r7, [r0, #8]
+ mov r11, #0x9ce5
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
+ movt r11, #0xa7ed
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r0, #24]
- str r11, [r0, #28]
+ mov r1, #0
+ umlal r2, r1, r10, lr
+ umaal r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5d
+ lsl r10, r10, #8
+ orr r10, r10, #8
+ lsl r10, r10, #8
+ orr r10, r10, #0x63
+ lsl r10, r10, #8
+ orr r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x63
+ lsl r10, r10, #8
+ add r10, r10, #0x29
+#else
+ mov r10, #0x6329
+#endif
+ movt r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0xeb
+ lsl r11, r11, #8
+ orr r11, r11, #33
+ lsl r11, r11, #8
+ orr r11, r11, #6
+ lsl r11, r11, #8
+ orr r11, r11, #33
#else
- strd r10, r11, [r0, #24]
-#endif
- ldr r0, [sp, #4]
- ldr r1, [sp]
- ldr r2, [sp, #8]
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x6
+ lsl r11, r11, #8
+ add r11, r11, #0x21
#else
- ldrd r4, r5, [r2]
+ mov r11, #0x621
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0]
- ldr r7, [r0, #4]
-#else
- ldrd r6, r7, [r0]
+ movt r11, #0xeb21
#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
+ umaal r4, r1, r10, lr
+ umaal r5, r1, r11, lr
+ adds r6, r6, r1
+ adcs r7, r7, #0
+ adcs r8, r8, #0
+ adc r9, r9, #0
+ subs r6, r6, lr
+ sbcs r7, r7, #0
+ sbcs r8, r8, #0
+ sbc r9, r9, #0
+ # Sub product of top 8 words and order
+ mov r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
+#else
+ mov r1, #0x2c13
+#endif
+ movt r1, #0xa30a
#endif
- # Sub
- subs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #8]
- ldr r5, [r2, #12]
-#else
- ldrd r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
+ ldm r0!, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r0!, {r10, r11}
+ umaal r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r11, r11, #0xf0000000
+#else
+ bfc r11, #28, #4
+#endif
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r0, r0, #16
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
-#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
-#else
- ldrd r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r8, r1
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
-#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
-#else
- strd r10, r11, [r1, #16]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #24]
- ldr r5, [r2, #28]
-#else
- ldrd r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
-#else
- ldrd r6, r7, [r0, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
-#else
- ldrd r4, r5, [r0]
-#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
-#else
- ldrd r4, r5, [r0, #8]
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r8, r1
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #8]
- str r5, [r0, #12]
+ mov lr, #0
+ ldm r12, {r10, r11}
+ umlal r10, lr, r2, r1
+ umaal r11, lr, r3, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r4, r1
+ umaal r11, lr, r5, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r6, r1
+ umaal r11, lr, r7, r1
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ umaal r10, lr, r8, r1
+ umaal r11, lr, r9, r1
+ stm r12!, {r10, r11, lr}
+ sub r12, r12, #32
+ # Subtract at 4 * 32
+ ldm r12, {r10, r11}
+ subs r10, r10, r2
+ sbcs r11, r11, r3
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r4
+ sbcs r11, r11, r5
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r6
+ sbcs r11, r11, r7
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ sbcs r10, r10, r8
+ sbc r11, r11, r9
+ stm r12!, {r10, r11}
+ sub r12, r12, #36
+ asr lr, r11, #25
+ # Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa00000
+ lsl r1, r1, #8
+ add r1, r1, #0x0
+#else
+ mov r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0x4b
+ lsl r2, r2, #8
+ orr r2, r2, #0x9e
+ lsl r2, r2, #8
+ orr r2, r2, #0xba
+ lsl r2, r2, #8
+ orr r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r2, #0xba
+ lsl r2, r2, #8
+ add r2, r2, #0x7d
+#else
+ mov r2, #0xba7d
+#endif
+ movt r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0xcb
+ lsl r3, r3, #8
+ orr r3, r3, #2
+ lsl r3, r3, #8
+ orr r3, r3, #0x4c
+ lsl r3, r3, #8
+ orr r3, r3, #0x63
#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r3, #0x4c
+ lsl r3, r3, #8
+ add r3, r3, #0x63
#else
- ldrd r4, r5, [r0, #16]
+ mov r3, #0x4c63
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
+ movt r3, #0xcb02
#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #24]
- str r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xd4
+ lsl r4, r4, #8
+ orr r4, r4, #0x5e
+ lsl r4, r4, #8
+ orr r4, r4, #0xf3
+ lsl r4, r4, #8
+ orr r4, r4, #0x9a
#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r4, #0xf3
+ lsl r4, r4, #8
+ add r4, r4, #0x9a
#else
- ldrd r4, r5, [r1]
+ mov r4, #0xf39a
#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
+ movt r4, #0xd45e
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #2
+ lsl r5, r5, #8
+ orr r5, r5, #0x9b
+ lsl r5, r5, #8
+ orr r5, r5, #0xdf
+ lsl r5, r5, #8
+ orr r5, r5, #59
#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r5, #0xdf
+ lsl r5, r5, #8
+ add r5, r5, #0x3b
#else
- strd r4, r5, [r1, #8]
+ mov r5, #0xdf3b
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
+ movt r5, #0x29b
#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r9, #0x20000
+ lsl r9, r9, #8
+ add r9, r9, #0x0
#else
- strd r4, r5, [r1, #16]
+ mov r9, #0x2000000
#endif
+ and r1, r1, lr
+ and r2, r2, lr
+ and r3, r3, lr
+ and r4, r4, lr
+ and r5, r5, lr
+ and r9, r9, lr
+ ldm r12, {r10, r11}
+ adds r10, r10, r1
+ adcs r11, r11, r2
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
-#else
- strd r10, r11, [r1, #24]
-#endif
- ldr r0, [sp, #12]
- ldr r1, [sp, #8]
- add r2, sp, #16
- # Add-Sub
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2]
- ldr r5, [r2, #4]
+ adcs r11, r11, r4
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, r5
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10, r11}
+ adcs r10, r10, #0
+ adcs r11, r11, #0
+ stm r12!, {r10, r11}
+ ldm r12, {r10}
+ adcs r10, r10, #0
+ stm r12!, {r10}
+ sub r0, r0, #16
+ mov r12, sp
+ # Load bits 252-376
+ add r12, r12, #28
+ ldm r12, {r1, r2, r3, r4, r5}
+ lsl r5, r5, #4
+ orr r5, r5, r4, lsr #28
+ lsl r4, r4, #4
+ orr r4, r4, r3, lsr #28
+ lsl r3, r3, #4
+ orr r3, r3, r2, lsr #28
+ lsl r2, r2, #4
+ orr r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r5, r5, #0xe0000000
+#else
+ bfc r5, #29, #3
+#endif
+ sub r12, r12, #28
+ # Sub product of top 4 words and order
+ mov r0, sp
+ # * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa3
+ lsl r1, r1, #8
+ orr r1, r1, #10
+ lsl r1, r1, #8
+ orr r1, r1, #44
+ lsl r1, r1, #8
+ orr r1, r1, #19
#else
- ldrd r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0]
- ldr r7, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x2c
+ lsl r1, r1, #8
+ add r1, r1, #0x13
#else
- ldrd r6, r7, [r0]
+ mov r1, #0x2c13
#endif
- adds r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0]
- str r9, [r0, #4]
-#else
- strd r8, r9, [r0]
+ movt r1, #0xa30a
#endif
- # Sub
- subs r10, r4, r6
mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1]
- str r11, [r1, #4]
-#else
- strd r10, r11, [r1]
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, lr, r2, r1
+ umaal r7, lr, r3, r1
+ umaal r8, lr, r4, r1
+ umaal r9, lr, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xa7
+ lsl r1, r1, #8
+ orr r1, r1, #0xed
+ lsl r1, r1, #8
+ orr r1, r1, #0x9c
+ lsl r1, r1, #8
+ orr r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x9c
+ lsl r1, r1, #8
+ add r1, r1, #0xe5
+#else
+ mov r1, #0x9ce5
+#endif
+ movt r1, #0xa7ed
#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #8]
- ldr r5, [r2, #12]
-#else
- ldrd r4, r5, [r2, #8]
+ mov r10, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r10, r2, r1
+ umaal r7, r10, r3, r1
+ umaal r8, r10, r4, r1
+ umaal r9, r10, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x5d
+ lsl r1, r1, #8
+ orr r1, r1, #8
+ lsl r1, r1, #8
+ orr r1, r1, #0x63
+ lsl r1, r1, #8
+ orr r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x63
+ lsl r1, r1, #8
+ add r1, r1, #0x29
+#else
+ mov r1, #0x6329
+#endif
+ movt r1, #0x5d08
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #8]
- ldr r7, [r0, #12]
-#else
- ldrd r6, r7, [r0, #8]
+ mov r11, #0
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r11, r2, r1
+ umaal r7, r11, r3, r1
+ umaal r8, r11, r4, r1
+ umaal r9, r11, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0xeb
+ lsl r1, r1, #8
+ orr r1, r1, #33
+ lsl r1, r1, #8
+ orr r1, r1, #6
+ lsl r1, r1, #8
+ orr r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r1, #0x6
+ lsl r1, r1, #8
+ add r1, r1, #0x21
+#else
+ mov r1, #0x621
+#endif
+ movt r1, #0xeb21
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #8]
- str r9, [r0, #12]
-#else
- strd r8, r9, [r0, #8]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #8]
- str r11, [r1, #12]
+ ldm r0, {r6, r7, r8, r9}
+ umlal r6, r12, r2, r1
+ umaal r7, r12, r3, r1
+ umaal r8, r12, r4, r1
+ umaal r9, r12, r5, r1
+ stm r0, {r6, r7, r8, r9}
+ add r0, r0, #4
+ # Add overflows at 4 * 32
+ ldm r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
+#else
+ bfc r9, #28, #4
+#endif
+ adds r6, r6, lr
+ adcs r7, r7, r10
+ adcs r8, r8, r11
+ adc r9, r9, r12
+ # Subtract top at 4 * 32
+ subs r6, r6, r2
+ sbcs r7, r7, r3
+ sbcs r8, r8, r4
+ sbcs r9, r9, r5
+ sbc r1, r1, r1
+ sub r0, r0, #16
+ ldm r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0x5c
+ lsl r10, r10, #8
+ orr r10, r10, #0xf5
+ lsl r10, r10, #8
+ orr r10, r10, #0xd3
+ lsl r10, r10, #8
+ orr r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r10, #0xd3
+ lsl r10, r10, #8
+ add r10, r10, #0xed
+#else
+ mov r10, #0xd3ed
+#endif
+ movt r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x58
+ lsl r11, r11, #8
+ orr r11, r11, #18
+ lsl r11, r11, #8
+ orr r11, r11, #0x63
+ lsl r11, r11, #8
+ orr r11, r11, #26
#else
- strd r10, r11, [r1, #8]
-#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #16]
- ldr r5, [r2, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r11, #0x63
+ lsl r11, r11, #8
+ add r11, r11, #0x1a
#else
- ldrd r4, r5, [r2, #16]
+ mov r11, #0x631a
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #16]
- ldr r7, [r0, #20]
-#else
- ldrd r6, r7, [r0, #16]
+ movt r11, #0x5812
#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- mov r12, #0
- adcs r9, r5, r7
- adc r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r8, [r0, #16]
- str r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0xa2
+ lsl r12, r12, #8
+ orr r12, r12, #0xf7
+ lsl r12, r12, #8
+ orr r12, r12, #0x9c
+ lsl r12, r12, #8
+ orr r12, r12, #0xd6
#else
- strd r8, r9, [r0, #16]
-#endif
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- mov lr, #0
- sbcs r11, r5, r7
- adc lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #16]
- str r11, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov r12, #0x9c
+ lsl r12, r12, #8
+ add r12, r12, #0xd6
#else
- strd r10, r11, [r1, #16]
+ mov r12, #0x9cd6
#endif
- # Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r2, #24]
- ldr r5, [r2, #28]
-#else
- ldrd r4, r5, [r2, #24]
+ movt r12, #0xa2f7
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r6, [r0, #24]
- ldr r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #20
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
+ lsl lr, lr, #8
+ orr lr, lr, #0xf9
+ lsl lr, lr, #8
+ orr lr, lr, #0xde
#else
- ldrd r6, r7, [r0, #24]
-#endif
- adds r12, r12, #-1
- adcs r8, r4, r6
- adc r9, r5, r7
- # Sub
- adds lr, lr, #-1
- sbcs r10, r4, r6
- sbc r11, r5, r7
- mov r12, #-19
- asr r3, r9, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0]
- ldr r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ mov lr, #0xf9
+ lsl lr, lr, #8
+ add lr, lr, #0xde
#else
- ldrd r4, r5, [r0]
+ mov lr, #0xf9de
#endif
- subs r4, r4, r12
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0]
- str r5, [r0, #4]
-#else
- strd r4, r5, [r0]
+ movt lr, #0x14de
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #8]
- ldr r5, [r0, #12]
+ and r10, r10, r1
+ and r11, r11, r1
+ and r12, r12, r1
+ and lr, lr, r1
+ adds r2, r2, r10
+ adcs r3, r3, r11
+ adcs r4, r4, r12
+ adcs r5, r5, lr
+ adcs r6, r6, #0
+ adcs r7, r7, #0
+ and r1, r1, #0x10000000
+ adcs r8, r8, #0
+ adc r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ bic r9, r9, #0xf0000000
#else
- ldrd r4, r5, [r0, #8]
+ bfc r9, #28, #4
#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ ldr r0, [sp, #68]
+ # Store result
+ str r2, [r0]
+ str r3, [r0, #4]
str r4, [r0, #8]
str r5, [r0, #12]
-#else
- strd r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r0, #16]
- ldr r5, [r0, #20]
-#else
- ldrd r4, r5, [r0, #16]
-#endif
- sbcs r4, r4, r3
- sbcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r0, #16]
- str r5, [r0, #20]
-#else
- strd r4, r5, [r0, #16]
-#endif
- sbcs r8, r8, r3
- sbc r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ str r6, [r0, #16]
+ str r7, [r0, #20]
str r8, [r0, #24]
str r9, [r0, #28]
-#else
- strd r8, r9, [r0, #24]
-#endif
- mov r12, #-19
- asr r3, r11, #31
- # Mask the modulus
- and r12, r3, r12
- and lr, r3, #0x7fffffff
- # Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1]
- ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
- adds r4, r4, r12
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1]
- str r5, [r1, #4]
-#else
- strd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #8]
- ldr r5, [r1, #12]
-#else
- ldrd r4, r5, [r1, #8]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #8]
- str r5, [r1, #12]
-#else
- strd r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r4, [r1, #16]
- ldr r5, [r1, #20]
-#else
- ldrd r4, r5, [r1, #16]
-#endif
- adcs r4, r4, r3
- adcs r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r4, [r1, #16]
- str r5, [r1, #20]
-#else
- strd r4, r5, [r1, #16]
-#endif
- adcs r10, r10, r3
- adc r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- str r10, [r1, #24]
- str r11, [r1, #28]
-#else
- strd r10, r11, [r1, #24]
-#endif
- add sp, sp, #0x60
+ add sp, sp, #0x50
pop {r4, r5, r6, r7, r8, r9, r10, r11, pc}
- .size fe_ge_sub,.-fe_ge_sub
+ .size sc_muladd,.-sc_muladd
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
-#endif /* HAVE_CURVE25519 */
-#endif /* !__aarch64__ */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && !__thumb__ */
#endif /* WOLFSSL_ARMASM */
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
index 4862f759..8981d4f0 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
@@ -28,33 +28,382 @@
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
#include <stdint.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
+/* Based on work by: Emil Lenngren
+ * https://github.com/pornin/X25519-Cortex-M4
+ */
+
#include <wolfssl/wolfcrypt/fe_operations.h>
+#define CURVED25519_ASM
+#include <wolfssl/wolfcrypt/ge_operations.h>
-#ifdef HAVE_CURVE25519
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
void fe_init()
{
-
__asm__ __volatile__ (
"\n\t"
- :
:
- : "memory"
+ :
+ : "memory", "cc"
);
}
+void fe_add_sub_op(void);
+void fe_add_sub_op()
+{
+ __asm__ __volatile__ (
+ /* Add-Sub */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [r2]\n\t"
+ "ldr r5, [r2, #4]\n\t"
+#else
+ "ldrd r4, r5, [r2]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [r3]\n\t"
+ "ldr r7, [r3, #4]\n\t"
+#else
+ "ldrd r6, r7, [r3]\n\t"
+#endif
+ /* Add */
+ "adds r8, r4, r6\n\t"
+ "mov r12, #0\n\t"
+ "adcs r9, r5, r7\n\t"
+ "adc r12, r12, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [r0]\n\t"
+ "str r9, [r0, #4]\n\t"
+#else
+ "strd r8, r9, [r0]\n\t"
+#endif
+ /* Sub */
+ "subs r10, r4, r6\n\t"
+ "sbcs r11, r5, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r10, [r1]\n\t"
+ "str r11, [r1, #4]\n\t"
+#else
+ "strd r10, r11, [r1]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [r2, #8]\n\t"
+ "ldr r5, [r2, #12]\n\t"
+#else
+ "ldrd r4, r5, [r2, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [r3, #8]\n\t"
+ "ldr r7, [r3, #12]\n\t"
+#else
+ "ldrd r6, r7, [r3, #8]\n\t"
+#endif
+ /* Sub */
+ "sbcs r10, r4, r6\n\t"
+ "mov lr, #0\n\t"
+ "sbcs r11, r5, r7\n\t"
+ "adc lr, lr, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r10, [r1, #8]\n\t"
+ "str r11, [r1, #12]\n\t"
+#else
+ "strd r10, r11, [r1, #8]\n\t"
+#endif
+ /* Add */
+ "subs r12, r12, #1\n\t"
+ "adcs r8, r4, r6\n\t"
+ "adcs r9, r5, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [r0, #8]\n\t"
+ "str r9, [r0, #12]\n\t"
+#else
+ "strd r8, r9, [r0, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [r2, #16]\n\t"
+ "ldr r5, [r2, #20]\n\t"
+#else
+ "ldrd r4, r5, [r2, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [r3, #16]\n\t"
+ "ldr r7, [r3, #20]\n\t"
+#else
+ "ldrd r6, r7, [r3, #16]\n\t"
+#endif
+ /* Add */
+ "adcs r8, r4, r6\n\t"
+ "mov r12, #0\n\t"
+ "adcs r9, r5, r7\n\t"
+ "adc r12, r12, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [r0, #16]\n\t"
+ "str r9, [r0, #20]\n\t"
+#else
+ "strd r8, r9, [r0, #16]\n\t"
+#endif
+ /* Sub */
+ "subs lr, lr, #1\n\t"
+ "sbcs r10, r4, r6\n\t"
+ "sbcs r11, r5, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r10, [r1, #16]\n\t"
+ "str r11, [r1, #20]\n\t"
+#else
+ "strd r10, r11, [r1, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [r2, #24]\n\t"
+ "ldr r5, [r2, #28]\n\t"
+#else
+ "ldrd r4, r5, [r2, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [r3, #24]\n\t"
+ "ldr r7, [r3, #28]\n\t"
+#else
+ "ldrd r6, r7, [r3, #24]\n\t"
+#endif
+ /* Sub */
+ "sbcs r10, r4, r6\n\t"
+ "sbcs r11, r5, r7\n\t"
+ "sbc lr, lr, lr\n\t"
+ /* Add */
+ "subs r12, r12, #1\n\t"
+ "adcs r8, r4, r6\n\t"
+ "mov r12, #0\n\t"
+ "adcs r9, r5, r7\n\t"
+ "adc r12, r12, #0\n\t"
+ /* Multiply -modulus by overflow */
+ "lsl r3, r12, #1\n\t"
+ "mov r12, #19\n\t"
+ "orr r3, r3, r9, lsr #31\n\t"
+ "mul r12, r3, r12\n\t"
+ /* Add -x*modulus (if overflow) */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [r0]\n\t"
+ "ldr r5, [r0, #4]\n\t"
+#else
+ "ldrd r4, r5, [r0]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r6, [r0, #8]\n\t"
+ "ldr r7, [r0, #12]\n\t"
+#else
+ "ldrd r6, r7, [r0, #8]\n\t"
+#endif
+ "adds r4, r4, r12\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [r0]\n\t"
+ "str r5, [r0, #4]\n\t"
+#else
+ "strd r4, r5, [r0]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [r0, #8]\n\t"
+ "str r7, [r0, #12]\n\t"
+#else
+ "strd r6, r7, [r0, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "ldr r4, [r0, #16]\n\t"
+ "ldr r5, [r0, #20]\n\t"
+#else
+ "ldrd r4, r5, [r0, #16]\n\t"
+#endif
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [r0, #16]\n\t"
+ "str r5, [r0, #20]\n\t"
+#else
+ "strd r4, r5, [r0, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0x80000000\n\t"
+#else
+ "bfc r9, #31, #1\n\t"
+#endif
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [r0, #24]\n\t"
+ "str r9, [r0, #28]\n\t"
+#else
+ "strd r8, r9, [r0, #24]\n\t"
+#endif
+ /* Multiply -modulus by underflow */
+ "lsl r3, lr, #1\n\t"
+ "mvn lr, #18\n\t"
+ "orr r3, r3, r11, lsr #31\n\t"
+ "mul lr, r3, lr\n\t"
+ /* Sub -x*modulus (if overflow) */
+ "ldm r1, {r4, r5, r6, r7, r8, r9}\n\t"
+ "subs r4, r4, lr\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbcs r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0x80000000\n\t"
+#else
+ "bfc r11, #31, #1\n\t"
+#endif
+ "sbcs r10, r10, #0\n\t"
+ "sbc r11, r11, #0\n\t"
+ "stm r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Add-Sub */
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+void fe_sub_op(void);
+void fe_sub_op()
+{
+ __asm__ __volatile__ (
+ /* Sub */
+ "ldm r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ "ldm r1!, {r2, r3, r4, r5}\n\t"
+ "subs r6, r2, r6\n\t"
+ "sbcs r7, r3, r7\n\t"
+ "sbcs r8, r4, r8\n\t"
+ "sbcs r9, r5, r9\n\t"
+ "ldm r1!, {r2, r3, r4, r5}\n\t"
+ "sbcs r10, r2, r10\n\t"
+ "sbcs r11, r3, r11\n\t"
+ "sbcs r12, r4, r12\n\t"
+ "sbcs lr, r5, lr\n\t"
+ "sbc r3, r3, r3\n\t"
+ "mvn r2, #18\n\t"
+ "lsl r3, r3, #1\n\t"
+ "orr r3, r3, lr, lsr #31\n\t"
+ "mul r2, r3, r2\n\t"
+ "subs r6, r6, r2\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbcs r9, r9, #0\n\t"
+ "sbcs r10, r10, #0\n\t"
+ "sbcs r11, r11, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic lr, lr, #0x80000000\n\t"
+#else
+ "bfc lr, #31, #1\n\t"
+#endif
+ "sbcs r12, r12, #0\n\t"
+ "sbc lr, lr, #0\n\t"
+ "stm r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ /* Done Sub */
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+void fe_sub(fe r_p, const fe a_p, const fe b_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+ register const sword32* b asm ("r2") = (const sword32*)b_p;
+
+ __asm__ __volatile__ (
+ "bl fe_sub_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+void fe_add_op(void);
+void fe_add_op()
+{
+ __asm__ __volatile__ (
+ /* Add */
+ "ldm r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ "ldm r1!, {r2, r3, r4, r5}\n\t"
+ "adds r6, r2, r6\n\t"
+ "adcs r7, r3, r7\n\t"
+ "adcs r8, r4, r8\n\t"
+ "adcs r9, r5, r9\n\t"
+ "ldm r1!, {r2, r3, r4, r5}\n\t"
+ "adcs r10, r2, r10\n\t"
+ "adcs r11, r3, r11\n\t"
+ "adcs r12, r4, r12\n\t"
+ "mov r3, #0\n\t"
+ "adcs lr, r5, lr\n\t"
+ "adc r3, r3, #0\n\t"
+ "mov r2, #19\n\t"
+ "lsl r3, r3, #1\n\t"
+ "orr r3, r3, lr, lsr #31\n\t"
+ "mul r2, r3, r2\n\t"
+ "adds r6, r6, r2\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic lr, lr, #0x80000000\n\t"
+#else
+ "bfc lr, #31, #1\n\t"
+#endif
+ "adcs r12, r12, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ /* Done Add */
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+void fe_add(fe r_p, const fe a_p, const fe b_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+ register const sword32* b asm ("r2") = (const sword32*)b_p;
+
+ __asm__ __volatile__ (
+ "bl fe_add_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifdef HAVE_ED25519
void fe_frombytes(fe out_p, const unsigned char* in_p)
{
- register fe out asm ("r0") = out_p;
- register const unsigned char* in asm ("r1") = in_p;
+ register sword32* out asm ("r0") = (sword32*)out_p;
+ register const unsigned char* in asm ("r1") = (const unsigned char*)in_p;
__asm__ __volatile__ (
"ldr r2, [%[in]]\n\t"
@@ -65,67 +414,32 @@ void fe_frombytes(fe out_p, const unsigned char* in_p)
"ldr r7, [%[in], #20]\n\t"
"ldr r8, [%[in], #24]\n\t"
"ldr r9, [%[in], #28]\n\t"
- "and r9, r9, #0x7fffffff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[out]]\n\t"
- "str r3, [%[out], #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0x80000000\n\t"
#else
- "strd r2, r3, [%[out]]\n\t"
+ "bfc r9, #31, #1\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ "str r2, [%[out]]\n\t"
+ "str r3, [%[out], #4]\n\t"
"str r4, [%[out], #8]\n\t"
"str r5, [%[out], #12]\n\t"
-#else
- "strd r4, r5, [%[out], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [%[out], #16]\n\t"
"str r7, [%[out], #20]\n\t"
-#else
- "strd r6, r7, [%[out], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r8, [%[out], #24]\n\t"
"str r9, [%[out], #28]\n\t"
-#else
- "strd r8, r9, [%[out], #24]\n\t"
-#endif
: [out] "+r" (out), [in] "+r" (in)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
void fe_tobytes(unsigned char* out_p, const fe n_p)
{
- register unsigned char* out asm ("r0") = out_p;
- register const fe n asm ("r1") = n_p;
+ register unsigned char* out asm ("r0") = (unsigned char*)out_p;
+ register const sword32* n asm ("r1") = (const sword32*)n_p;
__asm__ __volatile__ (
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[n]]\n\t"
- "ldr r3, [%[n], #4]\n\t"
-#else
- "ldrd r2, r3, [%[n]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[n], #8]\n\t"
- "ldr r5, [%[n], #12]\n\t"
-#else
- "ldrd r4, r5, [%[n], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[n], #16]\n\t"
- "ldr r7, [%[n], #20]\n\t"
-#else
- "ldrd r6, r7, [%[n], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[n], #24]\n\t"
- "ldr r9, [%[n], #28]\n\t"
-#else
- "ldrd r8, r9, [%[n], #24]\n\t"
-#endif
+ "ldm %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
"adds r12, r2, #19\n\t"
"adcs r12, r3, #0\n\t"
"adcs r12, r4, #0\n\t"
@@ -144,164 +458,117 @@ void fe_tobytes(unsigned char* out_p, const fe n_p)
"adcs r7, r7, #0\n\t"
"adcs r8, r8, #0\n\t"
"adc r9, r9, #0\n\t"
- "and r9, r9, #0x7fffffff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[out]]\n\t"
- "str r3, [%[out], #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0x80000000\n\t"
#else
- "strd r2, r3, [%[out]]\n\t"
+ "bfc r9, #31, #1\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ "str r2, [%[out]]\n\t"
+ "str r3, [%[out], #4]\n\t"
"str r4, [%[out], #8]\n\t"
"str r5, [%[out], #12]\n\t"
-#else
- "strd r4, r5, [%[out], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r6, [%[out], #16]\n\t"
"str r7, [%[out], #20]\n\t"
-#else
- "strd r6, r7, [%[out], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"str r8, [%[out], #24]\n\t"
"str r9, [%[out], #28]\n\t"
-#else
- "strd r8, r9, [%[out], #24]\n\t"
-#endif
: [out] "+r" (out), [n] "+r" (n)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "cc"
);
}
void fe_1(fe n_p)
{
- register fe n asm ("r0") = n_p;
+ register sword32* n asm ("r0") = (sword32*)n_p;
__asm__ __volatile__ (
/* Set one */
"mov r2, #1\n\t"
"mov r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n]]\n\t"
- "str r3, [%[n], #4]\n\t"
-#else
- "strd r2, r3, [%[n]]\n\t"
-#endif
- "mov r2, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n], #8]\n\t"
- "str r3, [%[n], #12]\n\t"
-#else
- "strd r2, r3, [%[n], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n], #16]\n\t"
- "str r3, [%[n], #20]\n\t"
-#else
- "strd r2, r3, [%[n], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n], #24]\n\t"
- "str r3, [%[n], #28]\n\t"
-#else
- "strd r2, r3, [%[n], #24]\n\t"
-#endif
+ "mov r4, #0\n\t"
+ "mov r5, #0\n\t"
+ "mov r6, #0\n\t"
+ "mov r7, #0\n\t"
+ "mov r8, #0\n\t"
+ "mov r9, #0\n\t"
+ "stm %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
: [n] "+r" (n)
:
- : "memory", "r2", "r3"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
void fe_0(fe n_p)
{
- register fe n asm ("r0") = n_p;
+ register sword32* n asm ("r0") = (sword32*)n_p;
__asm__ __volatile__ (
/* Set zero */
"mov r2, #0\n\t"
"mov r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n]]\n\t"
- "str r3, [%[n], #4]\n\t"
-#else
- "strd r2, r3, [%[n]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n], #8]\n\t"
- "str r3, [%[n], #12]\n\t"
-#else
- "strd r2, r3, [%[n], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n], #16]\n\t"
- "str r3, [%[n], #20]\n\t"
-#else
- "strd r2, r3, [%[n], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[n], #24]\n\t"
- "str r3, [%[n], #28]\n\t"
-#else
- "strd r2, r3, [%[n], #24]\n\t"
-#endif
+ "mov r4, #0\n\t"
+ "mov r5, #0\n\t"
+ "mov r6, #0\n\t"
+ "mov r7, #0\n\t"
+ "mov r8, #0\n\t"
+ "mov r9, #0\n\t"
+ "stm %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
: [n] "+r" (n)
:
- : "memory", "r2", "r3"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
void fe_copy(fe r_p, const fe a_p)
{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
__asm__ __volatile__ (
/* Copy */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r2, [%[a]]\n\t"
"ldr r3, [%[a], #4]\n\t"
#else
"ldrd r2, r3, [%[a]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a], #8]\n\t"
"ldr r5, [%[a], #12]\n\t"
#else
"ldrd r4, r5, [%[a], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r2, [%[r]]\n\t"
"str r3, [%[r], #4]\n\t"
#else
"strd r2, r3, [%[r]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r], #8]\n\t"
"str r5, [%[r], #12]\n\t"
#else
"strd r4, r5, [%[r], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r2, [%[a], #16]\n\t"
"ldr r3, [%[a], #20]\n\t"
#else
"ldrd r2, r3, [%[a], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a], #24]\n\t"
"ldr r5, [%[a], #28]\n\t"
#else
"ldrd r4, r5, [%[a], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r2, [%[r], #16]\n\t"
"str r3, [%[r], #20]\n\t"
#else
"strd r2, r3, [%[r], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r], #24]\n\t"
"str r5, [%[r], #28]\n\t"
#else
@@ -309,380 +576,43 @@ void fe_copy(fe r_p, const fe a_p)
#endif
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5"
- );
-}
-
-void fe_sub(fe r_p, const fe a_p, const fe b_p)
-{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
- register const fe b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[a], #4]\n\t"
-#else
- "ldrd r4, r5, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #8]\n\t"
- "ldr r7, [%[a], #12]\n\t"
-#else
- "ldrd r6, r7, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[b]]\n\t"
- "ldr r9, [%[b], #4]\n\t"
-#else
- "ldrd r8, r9, [%[b]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [%[b], #8]\n\t"
- "ldr r11, [%[b], #12]\n\t"
-#else
- "ldrd r10, r11, [%[b], #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r]]\n\t"
- "str r9, [%[r], #4]\n\t"
-#else
- "strd r8, r9, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #8]\n\t"
- "str r11, [%[r], #12]\n\t"
-#else
- "strd r10, r11, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #20]\n\t"
-#else
- "ldrd r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #24]\n\t"
- "ldr r7, [%[a], #28]\n\t"
-#else
- "ldrd r6, r7, [%[a], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[b], #16]\n\t"
- "ldr r9, [%[b], #20]\n\t"
-#else
- "ldrd r8, r9, [%[b], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [%[b], #24]\n\t"
- "ldr r11, [%[b], #28]\n\t"
-#else
- "ldrd r10, r11, [%[b], #24]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr r3, r11, #31\n\t"
- /* Mask the modulus */
- "and r12, r3, r12\n\t"
- "and lr, r3, #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r]]\n\t"
- "ldr r5, [%[r], #4]\n\t"
-#else
- "ldrd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[r], #8]\n\t"
- "ldr r7, [%[r], #12]\n\t"
-#else
- "ldrd r6, r7, [%[r], #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, r3\n\t"
- "adcs r6, r6, r3\n\t"
- "adcs r7, r7, r3\n\t"
- "adcs r8, r8, r3\n\t"
- "adcs r9, r9, r3\n\t"
- "adcs r10, r10, r3\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
-#else
- "strd r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
-#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
-#else
- "strd r10, r11, [%[r], #24]\n\t"
-#endif
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
- );
-}
-
-void fe_add(fe r_p, const fe a_p, const fe b_p)
-{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
- register const fe b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[a], #4]\n\t"
-#else
- "ldrd r4, r5, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #8]\n\t"
- "ldr r7, [%[a], #12]\n\t"
-#else
- "ldrd r6, r7, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[b]]\n\t"
- "ldr r9, [%[b], #4]\n\t"
-#else
- "ldrd r8, r9, [%[b]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [%[b], #8]\n\t"
- "ldr r11, [%[b], #12]\n\t"
-#else
- "ldrd r10, r11, [%[b], #8]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r]]\n\t"
- "str r9, [%[r], #4]\n\t"
-#else
- "strd r8, r9, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #8]\n\t"
- "str r11, [%[r], #12]\n\t"
-#else
- "strd r10, r11, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #20]\n\t"
-#else
- "ldrd r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #24]\n\t"
- "ldr r7, [%[a], #28]\n\t"
-#else
- "ldrd r6, r7, [%[a], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[b], #16]\n\t"
- "ldr r9, [%[b], #20]\n\t"
-#else
- "ldrd r8, r9, [%[b], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [%[b], #24]\n\t"
- "ldr r11, [%[b], #28]\n\t"
-#else
- "ldrd r10, r11, [%[b], #24]\n\t"
-#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr r3, r11, #31\n\t"
- /* Mask the modulus */
- "and r12, r3, r12\n\t"
- "and lr, r3, #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r]]\n\t"
- "ldr r5, [%[r], #4]\n\t"
-#else
- "ldrd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[r], #8]\n\t"
- "ldr r7, [%[r], #12]\n\t"
-#else
- "ldrd r6, r7, [%[r], #8]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, r3\n\t"
- "sbcs r6, r6, r3\n\t"
- "sbcs r7, r7, r3\n\t"
- "sbcs r8, r8, r3\n\t"
- "sbcs r9, r9, r3\n\t"
- "sbcs r10, r10, r3\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
-#else
- "strd r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
-#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
-#else
- "strd r10, r11, [%[r], #24]\n\t"
-#endif
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
}
void fe_neg(fe r_p, const fe a_p)
{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
__asm__ __volatile__ (
- "mov lr, #-1\n\t"
- "mov r12, #-19\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
-#else
- "ldrd r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #12]\n\t"
-#else
- "ldrd r4, r5, [%[a], #8]\n\t"
-#endif
+ "mvn lr, #0\n\t"
+ "mvn r12, #18\n\t"
+ "ldm %[a]!, {r2, r3, r4, r5}\n\t"
"subs r2, r12, r2\n\t"
"sbcs r3, lr, r3\n\t"
"sbcs r4, lr, r4\n\t"
"sbcs r5, lr, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[r]]\n\t"
- "str r3, [%[r], #4]\n\t"
-#else
- "strd r2, r3, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
-#else
- "strd r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "mov r12, #0x7fffff\n\t"
- "lsl r12, r12, #8\n\t"
- "add r12, r12, #0xff\n\t"
-#else
- "mov r12, #0x7fffffff\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[a], #16]\n\t"
- "ldr r3, [%[a], #20]\n\t"
-#else
- "ldrd r2, r3, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #24]\n\t"
- "ldr r5, [%[a], #28]\n\t"
-#else
- "ldrd r4, r5, [%[a], #24]\n\t"
-#endif
+ "stm %[r]!, {r2, r3, r4, r5}\n\t"
+ "mvn r12, #0x80000000\n\t"
+ "ldm %[a]!, {r2, r3, r4, r5}\n\t"
"sbcs r2, lr, r2\n\t"
"sbcs r3, lr, r3\n\t"
"sbcs r4, lr, r4\n\t"
"sbc r5, r12, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[r], #16]\n\t"
- "str r3, [%[r], #20]\n\t"
-#else
- "strd r2, r3, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #24]\n\t"
- "str r5, [%[r], #28]\n\t"
-#else
- "strd r4, r5, [%[r], #24]\n\t"
-#endif
+ "stm %[r]!, {r2, r3, r4, r5}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r12", "lr", "cc"
);
}
int fe_isnonzero(const fe a_p)
{
- register const fe a asm ("r0") = a_p;
+ register const sword32* a asm ("r0") = (const sword32*)a_p;
__asm__ __volatile__ (
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
-#else
- "ldrd r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #12]\n\t"
-#else
- "ldrd r4, r5, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #16]\n\t"
- "ldr r7, [%[a], #20]\n\t"
-#else
- "ldrd r6, r7, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[a], #24]\n\t"
- "ldr r9, [%[a], #28]\n\t"
-#else
- "ldrd r8, r9, [%[a], #24]\n\t"
-#endif
+ "ldm %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
"adds r1, r2, #19\n\t"
"adcs r1, r3, #0\n\t"
"adcs r1, r4, #0\n\t"
@@ -701,7 +631,11 @@ int fe_isnonzero(const fe a_p)
"adcs r7, r7, #0\n\t"
"adcs r8, r8, #0\n\t"
"adc r9, r9, #0\n\t"
- "and r9, r9, #0x7fffffff\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0x80000000\n\t"
+#else
+ "bfc r9, #31, #1\n\t"
+#endif
"orr r2, r2, r3\n\t"
"orr r4, r4, r5\n\t"
"orr r6, r6, r7\n\t"
@@ -711,68 +645,58 @@ int fe_isnonzero(const fe a_p)
"orr %[a], r2, r4\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "cc"
);
return (uint32_t)(size_t)a;
}
int fe_isnegative(const fe a_p)
{
- register const fe a asm ("r0") = a_p;
+ register const sword32* a asm ("r0") = (const sword32*)a_p;
__asm__ __volatile__ (
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
-#else
- "ldrd r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #12]\n\t"
-#else
- "ldrd r4, r5, [%[a], #8]\n\t"
-#endif
+ "ldm %[a]!, {r2, r3, r4, r5}\n\t"
"adds r1, r2, #19\n\t"
"adcs r1, r3, #0\n\t"
"adcs r1, r4, #0\n\t"
"adcs r1, r5, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[a], #16]\n\t"
- "ldr r3, [%[a], #20]\n\t"
-#else
- "ldrd r2, r3, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #24]\n\t"
- "ldr r5, [%[a], #28]\n\t"
-#else
- "ldrd r4, r5, [%[a], #24]\n\t"
-#endif
+ "ldm %[a], {r2, r3, r4, r5}\n\t"
"adcs r1, r2, #0\n\t"
"adcs r1, r3, #0\n\t"
"adcs r1, r4, #0\n\t"
- "ldr r2, [%[a]]\n\t"
+ "ldr r2, [%[a], #-16]\n\t"
"adc r1, r5, #0\n\t"
"and %[a], r2, #1\n\t"
"lsr r1, r1, #31\n\t"
"eor %[a], %[a], r1\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4", "r5"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
{
- register fe* r asm ("r0") = r_p;
- register fe* base asm ("r1") = base_p;
- register signed char b asm ("r2") = b_p;
+ register fe* r asm ("r0") = (fe*)r_p;
+ register fe* base asm ("r1") = (fe*)base_p;
+ register signed char b asm ("r2") = (signed char)b_p;
__asm__ __volatile__ (
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl %[b], %[b], #24\n\t"
+ "asr %[b], %[b], #24\n\t"
+#else
"sxtb %[b], %[b]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "lsl r3, %[b], #24\n\t"
+ "asr r3, %[b], #31\n\t"
+#else
"sbfx r3, %[b], #7, #1\n\t"
+#endif
"eor r12, %[b], r3\n\t"
"sub r12, r12, r3\n\t"
"mov r4, #1\n\t"
@@ -781,7 +705,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -791,7 +715,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #31\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -803,7 +727,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -815,7 +739,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -828,7 +752,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -838,7 +762,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #30\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -850,7 +774,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -862,7 +786,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -875,7 +799,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -885,7 +809,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #29\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -897,7 +821,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -909,7 +833,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -922,7 +846,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -932,7 +856,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #28\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -944,7 +868,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -956,7 +880,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -969,7 +893,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -979,7 +903,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #27\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -991,7 +915,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -1003,7 +927,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -1016,7 +940,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1026,7 +950,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #26\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -1038,7 +962,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -1050,7 +974,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -1063,7 +987,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1073,7 +997,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #25\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -1085,7 +1009,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -1097,7 +1021,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -1110,7 +1034,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1120,7 +1044,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #24\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base]]\n\t"
"ldr r11, [%[base], #4]\n\t"
#else
@@ -1132,7 +1056,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #32]\n\t"
"ldr r11, [%[base], #36]\n\t"
#else
@@ -1144,7 +1068,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #64]\n\t"
"ldr r11, [%[base], #68]\n\t"
#else
@@ -1157,8 +1081,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"sub %[base], %[base], #0x2a0\n\t"
- "mov r10, #-19\n\t"
- "mov r11, #-1\n\t"
+ "mvn r10, #18\n\t"
+ "mvn r11, #0\n\t"
"subs r10, r10, r8\n\t"
"sbcs r11, r11, r9\n\t"
"sbc lr, lr, lr\n\t"
@@ -1177,25 +1101,30 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r11, r11, r9\n\t"
"and r11, r11, r12\n\t"
"eor r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r]]\n\t"
"str r5, [%[r], #4]\n\t"
#else
"strd r4, r5, [%[r]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[r], #32]\n\t"
"str r7, [%[r], #36]\n\t"
#else
"strd r6, r7, [%[r], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #64]\n\t"
"str r9, [%[r], #68]\n\t"
#else
"strd r8, r9, [%[r], #64]\n\t"
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "lsl r3, %[b], #24\n\t"
+ "asr r3, %[b], #31\n\t"
+#else
"sbfx r3, %[b], #7, #1\n\t"
+#endif
"eor r12, %[b], r3\n\t"
"sub r12, r12, r3\n\t"
"mov r4, #0\n\t"
@@ -1204,7 +1133,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1214,7 +1143,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #31\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1226,7 +1155,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1238,7 +1167,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1251,7 +1180,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1261,7 +1190,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #30\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1273,7 +1202,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1285,7 +1214,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1298,7 +1227,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1308,7 +1237,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #29\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1320,7 +1249,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1332,7 +1261,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1345,7 +1274,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1355,7 +1284,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #28\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1367,7 +1296,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1379,7 +1308,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1392,7 +1321,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1402,7 +1331,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #27\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1414,7 +1343,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1426,7 +1355,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1439,7 +1368,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1449,7 +1378,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #26\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1461,7 +1390,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1473,7 +1402,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1486,7 +1415,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1496,7 +1425,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #25\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1508,7 +1437,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1520,7 +1449,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1533,7 +1462,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1543,7 +1472,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #24\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #8]\n\t"
"ldr r11, [%[base], #12]\n\t"
#else
@@ -1555,7 +1484,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #40]\n\t"
"ldr r11, [%[base], #44]\n\t"
#else
@@ -1567,7 +1496,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #72]\n\t"
"ldr r11, [%[base], #76]\n\t"
#else
@@ -1580,8 +1509,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"sub %[base], %[base], #0x2a0\n\t"
- "mov r10, #-1\n\t"
- "mov r11, #-1\n\t"
+ "mvn r10, #0\n\t"
+ "mvn r11, #0\n\t"
"rsbs lr, lr, #0\n\t"
"sbcs r10, r10, r8\n\t"
"sbcs r11, r11, r9\n\t"
@@ -1601,25 +1530,30 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r11, r11, r9\n\t"
"and r11, r11, r12\n\t"
"eor r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r], #8]\n\t"
"str r5, [%[r], #12]\n\t"
#else
"strd r4, r5, [%[r], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[r], #40]\n\t"
"str r7, [%[r], #44]\n\t"
#else
"strd r6, r7, [%[r], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #72]\n\t"
"str r9, [%[r], #76]\n\t"
#else
"strd r8, r9, [%[r], #72]\n\t"
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "lsl r3, %[b], #24\n\t"
+ "asr r3, %[b], #31\n\t"
+#else
"sbfx r3, %[b], #7, #1\n\t"
+#endif
"eor r12, %[b], r3\n\t"
"sub r12, r12, r3\n\t"
"mov r4, #0\n\t"
@@ -1628,7 +1562,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1638,7 +1572,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #31\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1650,7 +1584,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1662,7 +1596,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1675,7 +1609,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1685,7 +1619,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #30\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1697,7 +1631,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1709,7 +1643,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1722,7 +1656,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1732,7 +1666,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #29\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1744,7 +1678,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1756,7 +1690,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1769,7 +1703,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1779,7 +1713,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #28\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1791,7 +1725,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1803,7 +1737,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1816,7 +1750,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1826,7 +1760,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #27\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1838,7 +1772,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1850,7 +1784,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1863,7 +1797,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1873,7 +1807,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #26\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1885,7 +1819,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1897,7 +1831,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1910,7 +1844,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1920,7 +1854,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #25\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1932,7 +1866,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1944,7 +1878,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -1957,7 +1891,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -1967,7 +1901,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #24\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #16]\n\t"
"ldr r11, [%[base], #20]\n\t"
#else
@@ -1979,7 +1913,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #48]\n\t"
"ldr r11, [%[base], #52]\n\t"
#else
@@ -1991,7 +1925,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #80]\n\t"
"ldr r11, [%[base], #84]\n\t"
#else
@@ -2004,8 +1938,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"sub %[base], %[base], #0x2a0\n\t"
- "mov r10, #-1\n\t"
- "mov r11, #-1\n\t"
+ "mvn r10, #0\n\t"
+ "mvn r11, #0\n\t"
"rsbs lr, lr, #0\n\t"
"sbcs r10, r10, r8\n\t"
"sbcs r11, r11, r9\n\t"
@@ -2025,25 +1959,30 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r11, r11, r9\n\t"
"and r11, r11, r12\n\t"
"eor r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r], #16]\n\t"
"str r5, [%[r], #20]\n\t"
#else
"strd r4, r5, [%[r], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[r], #48]\n\t"
"str r7, [%[r], #52]\n\t"
#else
"strd r6, r7, [%[r], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #80]\n\t"
"str r9, [%[r], #84]\n\t"
#else
"strd r8, r9, [%[r], #80]\n\t"
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "lsl r3, %[b], #24\n\t"
+ "asr r3, %[b], #31\n\t"
+#else
"sbfx r3, %[b], #7, #1\n\t"
+#endif
"eor r12, %[b], r3\n\t"
"sub r12, r12, r3\n\t"
"mov r4, #0\n\t"
@@ -2052,7 +1991,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"mov r7, #0\n\t"
"mov r8, #0\n\t"
"mov r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2062,7 +2001,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #31\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2074,7 +2013,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2086,7 +2025,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2099,7 +2038,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2109,7 +2048,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #30\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2121,7 +2060,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2133,7 +2072,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2146,7 +2085,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2156,7 +2095,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #29\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2168,7 +2107,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2180,7 +2119,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2193,7 +2132,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2203,7 +2142,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #28\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2215,7 +2154,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2227,7 +2166,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2240,7 +2179,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2250,7 +2189,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #27\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2262,7 +2201,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2274,7 +2213,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2287,7 +2226,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2297,7 +2236,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #26\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2309,7 +2248,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2321,7 +2260,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2334,7 +2273,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2344,7 +2283,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #25\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2356,7 +2295,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2368,7 +2307,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2381,7 +2320,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"add %[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x800000\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0x0\n\t"
@@ -2391,7 +2330,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"ror r3, r3, #24\n\t"
"ror r3, r3, r12\n\t"
"asr r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #24]\n\t"
"ldr r11, [%[base], #28]\n\t"
#else
@@ -2403,7 +2342,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r4, r4, r10\n\t"
"eor r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #56]\n\t"
"ldr r11, [%[base], #60]\n\t"
#else
@@ -2415,7 +2354,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"and r11, r11, r3\n\t"
"eor r6, r6, r10\n\t"
"eor r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[base], #88]\n\t"
"ldr r11, [%[base], #92]\n\t"
#else
@@ -2428,14 +2367,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r8, r8, r10\n\t"
"eor r9, r9, r11\n\t"
"sub %[base], %[base], #0x2a0\n\t"
- "mov r10, #-1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "mov r11, #0x7fffff\n\t"
- "lsl r11, r11, #8\n\t"
- "add r11, r11, #0xff\n\t"
-#else
- "mov r11, #0x7fffffff\n\t"
-#endif
+ "mvn r10, #0\n\t"
+ "mvn r11, #0x80000000\n\t"
"rsbs lr, lr, #0\n\t"
"sbcs r10, r10, r8\n\t"
"sbc r11, r11, r9\n\t"
@@ -2454,19 +2387,19 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
"eor r11, r11, r9\n\t"
"and r11, r11, r12\n\t"
"eor r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r], #24]\n\t"
"str r5, [%[r], #28]\n\t"
#else
"strd r4, r5, [%[r], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[r], #56]\n\t"
"str r7, [%[r], #60]\n\t"
#else
"strd r6, r7, [%[r], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #88]\n\t"
"str r9, [%[r], #92]\n\t"
#else
@@ -2474,1794 +2407,1232 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
#endif
: [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r3", "r10", "r11", "r12", "lr"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r3", "r10", "r11", "r12", "lr", "cc"
);
}
-void fe_mul(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
- register const fe b asm ("r2") = b_p;
+ register fe* r asm ("r0") = (fe*)r_p;
+ register fe* base asm ("r1") = (fe*)base_p;
+ register signed char b asm ("r2") = (signed char)b_p;
__asm__ __volatile__ (
- "sub sp, sp, #0x40\n\t"
- /* Multiply */
- "ldr r7, [%[a]]\n\t"
- "ldr r8, [%[a], #4]\n\t"
- "ldr r9, [%[b]]\n\t"
- "ldr lr, [%[b], #4]\n\t"
- /* A[0] * B[0] = 0 */
- "umull r4, r5, r7, r9\n\t"
- "str r4, [sp]\n\t"
- /* A[0] * B[1] = 1 */
- "umull r3, r6, r7, lr\n\t"
- "adds r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * B[0] = 1 */
- "umull r3, r12, r8, r9\n\t"
- "adds r5, r5, r3\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #4]\n\t"
- /* A[2] * B[0] = 2 */
- "ldr r10, [%[a], #8]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r6, r6, r3\n\t"
- "adc r4, r4, r12\n\t"
- /* A[1] * B[1] = 2 */
- "umull r3, r12, r8, lr\n\t"
- "adds r6, r6, r3\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[0] * B[2] = 2 */
- "ldr r11, [%[b], #8]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #8]\n\t"
- /* A[0] * B[3] = 3 */
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r4, r4, r3\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * B[2] = 3 */
- "ldr r11, [%[b], #8]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[2] * B[1] = 3 */
- "umull r3, r12, r10, lr\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[3] * B[0] = 3 */
- "ldr r10, [%[a], #12]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #12]\n\t"
- /* A[4] * B[0] = 4 */
- "ldr r10, [%[a], #16]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r5, r5, r3\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[1] = 4 */
- "ldr r10, [%[a], #12]\n\t"
- "umull r3, r12, r10, lr\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * B[2] = 4 */
- "ldr r10, [%[a], #8]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * B[3] = 4 */
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[0] * B[4] = 4 */
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #16]\n\t"
- /* A[0] * B[5] = 5 */
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r6, r6, r3\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[1] * B[4] = 5 */
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * B[3] = 5 */
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * B[2] = 5 */
- "ldr r10, [%[a], #12]\n\t"
- "ldr r11, [%[b], #8]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[4] * B[1] = 5 */
- "ldr r10, [%[a], #16]\n\t"
- "umull r3, r12, r10, lr\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[0] = 5 */
- "ldr r10, [%[a], #20]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #20]\n\t"
- /* A[6] * B[0] = 6 */
- "ldr r10, [%[a], #24]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r4, r4, r3\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[5] * B[1] = 6 */
- "ldr r10, [%[a], #20]\n\t"
- "umull r3, r12, r10, lr\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[4] * B[2] = 6 */
- "ldr r10, [%[a], #16]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[3] * B[3] = 6 */
- "ldr r10, [%[a], #12]\n\t"
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[2] * B[4] = 6 */
- "ldr r10, [%[a], #8]\n\t"
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * B[5] = 6 */
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[0] * B[6] = 6 */
- "ldr r11, [%[b], #24]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #24]\n\t"
- /* A[0] * B[7] = 7 */
- "ldr r11, [%[b], #28]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r5, r5, r3\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * B[6] = 7 */
- "ldr r11, [%[b], #24]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * B[5] = 7 */
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[4] = 7 */
- "ldr r10, [%[a], #12]\n\t"
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * B[3] = 7 */
- "ldr r10, [%[a], #16]\n\t"
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[5] * B[2] = 7 */
- "ldr r10, [%[a], #20]\n\t"
- "ldr r11, [%[b], #8]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[6] * B[1] = 7 */
- "ldr r10, [%[a], #24]\n\t"
- "umull r3, r12, r10, lr\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[7] * B[0] = 7 */
- "ldr r10, [%[a], #28]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #28]\n\t"
- "ldr r7, [%[a], #24]\n\t"
- "ldr r9, [%[b], #24]\n\t"
- /* A[7] * B[1] = 8 */
- "umull r3, r12, r10, lr\n\t"
- "adds r6, r6, r3\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * B[2] = 8 */
- "umull r3, r12, r7, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[3] = 8 */
- "ldr r10, [%[a], #20]\n\t"
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[4] * B[4] = 8 */
- "ldr r10, [%[a], #16]\n\t"
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * B[5] = 8 */
- "ldr r10, [%[a], #12]\n\t"
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * B[6] = 8 */
- "ldr r10, [%[a], #8]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[1] * B[7] = 8 */
- "ldr r11, [%[b], #28]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #32]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "mov lr, r11\n\t"
- /* A[2] * B[7] = 9 */
- "umull r3, r12, r10, lr\n\t"
- "adds r4, r4, r3\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[3] * B[6] = 9 */
- "ldr r10, [%[a], #12]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[4] * B[5] = 9 */
- "ldr r10, [%[a], #16]\n\t"
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[5] * B[4] = 9 */
- "ldr r10, [%[a], #20]\n\t"
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[6] * B[3] = 9 */
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[7] * B[2] = 9 */
- "ldr r11, [%[b], #8]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #36]\n\t"
- /* A[7] * B[3] = 10 */
- "ldr r11, [%[b], #12]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r5, r5, r3\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[6] * B[4] = 10 */
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r7, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[5] * B[5] = 10 */
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r10, r11\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * B[6] = 10 */
- "ldr r10, [%[a], #16]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[7] = 10 */
- "ldr r10, [%[a], #12]\n\t"
- "umull r3, r12, r10, lr\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #40]\n\t"
- /* A[4] * B[7] = 11 */
- "ldr r10, [%[a], #16]\n\t"
- "umull r3, r12, r10, lr\n\t"
- "adds r6, r6, r3\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[6] = 11 */
- "ldr r10, [%[a], #20]\n\t"
- "umull r3, r12, r10, r9\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * B[5] = 11 */
- "umull r3, r12, r7, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- /* A[7] * B[4] = 11 */
- "ldr r11, [%[b], #16]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r6, r6, r3\n\t"
- "adcs r4, r4, r12\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #44]\n\t"
- /* A[7] * B[5] = 12 */
- "ldr r11, [%[b], #20]\n\t"
- "umull r3, r12, r8, r11\n\t"
- "adds r4, r4, r3\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[6] * B[6] = 12 */
- "umull r3, r12, r7, r9\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- /* A[5] * B[7] = 12 */
- "umull r3, r12, r10, lr\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r12\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #48]\n\t"
- /* A[6] * B[7] = 13 */
- "umull r3, r12, r7, lr\n\t"
- "adds r5, r5, r3\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- /* A[7] * B[6] = 13 */
- "umull r3, r12, r8, r9\n\t"
- "adds r5, r5, r3\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #52]\n\t"
- /* A[7] * B[7] = 14 */
- "umull r3, r12, r8, lr\n\t"
- "adds r6, r6, r3\n\t"
- "adc r4, r4, r12\n\t"
- "str r6, [sp, #56]\n\t"
- "str r4, [sp, #60]\n\t"
- /* Reduce */
- /* Load bottom half */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "lsl %[b], %[b], #24\n\t"
+ "asr %[b], %[b], #24\n\t"
#else
- "ldrd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
-#else
- "ldrd r6, r7, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
-#else
- "ldrd r8, r9, [sp, #16]\n\t"
+ "sxtb %[b], %[b]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #24]\n\t"
- "ldr r11, [sp, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "lsl r3, %[b], #24\n\t"
+ "asr r3, %[b], #31\n\t"
#else
- "ldrd r10, r11, [sp, #24]\n\t"
+ "sbfx r3, %[b], #7, #1\n\t"
#endif
- "lsr r3, r11, #31\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "mov lr, #19\n\t"
- "ldr %[a], [sp, #32]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "adds r4, r4, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r5, r5, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #36]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "add r12, r12, %[b]\n\t"
- "adds r5, r5, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #40]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "add r12, r12, %[b]\n\t"
- "adds r6, r6, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r7, r7, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #44]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "add r12, r12, %[b]\n\t"
- "adds r7, r7, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r8, r8, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #48]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "add r12, r12, %[b]\n\t"
- "adds r8, r8, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r9, r9, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #52]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "add r12, r12, %[b]\n\t"
- "adds r9, r9, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r10, r10, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #56]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "add r12, r12, %[b]\n\t"
- "adds r10, r10, r3\n\t"
- "mov %[b], #0\n\t"
- "adcs r11, r11, r12\n\t"
- "adc %[b], %[b], #0\n\t"
- "lsr r3, %[a], #31\n\t"
- "ldr %[a], [sp, #60]\n\t"
- "orr r3, r3, %[a], lsl #1\n\t"
- "umull r3, r12, lr, r3\n\t"
- "adds r11, r11, r3\n\t"
- "adc r3, r12, %[b]\n\t"
- /* Overflow */
- "lsl r3, r3, #1\n\t"
- "orr r3, r3, r11, lsr #31\n\t"
- "mul r3, r3, lr\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
- "adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adcs r9, r9, #0\n\t"
- "adcs r10, r10, #0\n\t"
- "adc r11, r11, #0\n\t"
- /* Reduce if top bit set */
- "asr r3, r11, #31\n\t"
- "and r3, r3, lr\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, #0\n\t"
+ "eor %[b], %[b], r3\n\t"
+ "sub %[b], %[b], r3\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+ "sub lr, %[b], #1\n\t"
+#else
+ "clz lr, %[b]\n\t"
+ "lsl lr, lr, #26\n\t"
+#endif /* defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6) */
+ "asr lr, lr, #31\n\t"
+ "mvn lr, lr\n\t"
+ "add %[b], %[b], lr\n\t"
+ "mov r12, #0x60\n\t"
+ "mul %[b], %[b], r12\n\t"
+ "add %[base], %[base], %[b]\n\t"
+ "ldm %[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r6, r6, lr\n\t"
+ "and r7, r7, lr\n\t"
+ "and r8, r8, lr\n\t"
+ "and r9, r9, lr\n\t"
+ "and r10, r10, lr\n\t"
+ "and r11, r11, lr\n\t"
+ "mvn r12, lr\n\t"
+ "sub r4, r4, r12\n\t"
+ "mov r12, #32\n\t"
+ "and r12, r12, r3\n\t"
+ "add %[r], %[r], r12\n\t"
+ "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "sub %[r], %[r], r12\n\t"
+ "ldm %[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r6, r6, lr\n\t"
+ "and r7, r7, lr\n\t"
+ "and r8, r8, lr\n\t"
+ "and r9, r9, lr\n\t"
+ "and r10, r10, lr\n\t"
+ "and r11, r11, lr\n\t"
+ "mvn r12, lr\n\t"
+ "sub r4, r4, r12\n\t"
+ "mov r12, #32\n\t"
+ "bic r12, r12, r3\n\t"
+ "add %[r], %[r], r12\n\t"
+ "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "sub %[r], %[r], r12\n\t"
+ "add %[r], %[r], #0x40\n\t"
+ "ldm %[base]!, {r4, r5, r6, r7}\n\t"
+ "mvn r12, #18\n\t"
+ "subs r8, r12, r4\n\t"
+ "sbcs r9, r3, r5\n\t"
+ "sbcs r10, r3, r6\n\t"
+ "sbcs r11, r3, r7\n\t"
+ "bic r4, r4, r3\n\t"
+ "bic r5, r5, r3\n\t"
+ "bic r6, r6, r3\n\t"
+ "bic r7, r7, r3\n\t"
+ "and r8, r8, r3\n\t"
+ "and r9, r9, r3\n\t"
+ "and r10, r10, r3\n\t"
+ "and r11, r11, r3\n\t"
+ "orr r4, r4, r8\n\t"
+ "orr r5, r5, r9\n\t"
+ "orr r6, r6, r10\n\t"
+ "orr r7, r7, r11\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r6, r6, lr\n\t"
+ "and r7, r7, lr\n\t"
+ "stm %[r]!, {r4, r5, r6, r7}\n\t"
+ "ldm %[base]!, {r4, r5, r6, r7}\n\t"
+ "mvn r12, #0x80000000\n\t"
+ "sbcs r8, r3, r4\n\t"
+ "sbcs r9, r3, r5\n\t"
+ "sbcs r10, r3, r6\n\t"
+ "sbc r11, r12, r7\n\t"
+ "bic r4, r4, r3\n\t"
+ "bic r5, r5, r3\n\t"
+ "bic r6, r6, r3\n\t"
+ "bic r7, r7, r3\n\t"
+ "and r8, r8, r3\n\t"
+ "and r9, r9, r3\n\t"
+ "and r10, r10, r3\n\t"
+ "and r11, r11, r3\n\t"
+ "orr r4, r4, r8\n\t"
+ "orr r5, r5, r9\n\t"
+ "orr r6, r6, r10\n\t"
+ "orr r7, r7, r11\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r6, r6, lr\n\t"
+ "and r7, r7, lr\n\t"
+ "stm %[r]!, {r4, r5, r6, r7}\n\t"
+ "sub %[base], %[base], %[b]\n\t"
+ : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void fe_mul_op(void);
+void fe_mul_op()
+{
+ __asm__ __volatile__ (
+ "sub sp, sp, #40\n\t"
+ "str r0, [sp, #36]\n\t"
+ "mov r0, #0\n\t"
+ "ldr r12, [r1]\n\t"
+ /* A[0] * B[0] */
+ "ldr lr, [r2]\n\t"
+ "umull r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "umull r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "umull r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "umull r9, r10, r12, lr\n\t"
+ "str r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "mov r11, r0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
"adcs r6, r6, #0\n\t"
- "adcs r7, r7, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
"adcs r8, r8, #0\n\t"
- "adcs r9, r9, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
"adcs r10, r10, #0\n\t"
+ "adc r3, r0, #0\n\t"
+ "umlal r10, r3, r12, lr\n\t"
+ /* A[1] * B[0] */
+ "ldr r12, [r1, #4]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "str r4, [sp, #4]\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r4, r0, #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "ldr r12, [r1, #8]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "str r5, [sp, #8]\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r5, r0, #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "ldr r12, [r1, #12]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r6, r0, #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "ldr r12, [r1, #16]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r7, r0, #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "ldr r12, [r1, #20]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r8, r0, #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "ldr r12, [r1, #24]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r9, r0, #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "ldr r12, [r1, #28]\n\t"
+ "ldr lr, [r2]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "ldr lr, [r2, #4]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "ldr lr, [r2, #8]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "ldr lr, [r2, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "ldr lr, [r2, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "ldr lr, [r2, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "ldr lr, [r2, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "ldr lr, [r2, #28]\n\t"
+ "adc r10, r0, #0\n\t"
+ "umlal r9, r10, r12, lr\n\t"
+ /* Reduce */
+ "ldr r2, [sp, #28]\n\t"
+ "mov lr, sp\n\t"
+ "mov r12, #38\n\t"
+ "umull r10, r11, r12, r10\n\t"
+ "adds r10, r10, r2\n\t"
"adc r11, r11, #0\n\t"
+ "mov r12, #19\n\t"
+ "lsl r11, r11, #1\n\t"
+ "orr r11, r11, r10, LSR #31\n\t"
+ "mul r11, r12, r11\n\t"
+ "ldm lr!, {r1, r2}\n\t"
+ "mov r12, #38\n\t"
+ "adds r1, r1, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r1, r11, r3, r12\n\t"
+ "adds r2, r2, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r2, r11, r4, r12\n\t"
+ "ldm lr!, {r3, r4}\n\t"
+ "adds r3, r3, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r5, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r6, r12\n\t"
+ "ldm lr!, {r5, r6}\n\t"
+ "adds r5, r5, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r7, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r8, r12\n\t"
+ "ldm lr!, {r7, r8}\n\t"
+ "adds r7, r7, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r9, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r10, r10, #0x80000000\n\t"
+#else
+ "bfc r10, #31, #1\n\t"
+#endif
+ "adds r8, r10, r11\n\t"
/* Store */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
-#else
- "strd r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
-#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
-#else
- "strd r10, r11, [%[r], #24]\n\t"
-#endif
- "add sp, sp, #0x40\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "ldr r0, [sp, #36]\n\t"
+ "stm r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #40\n\t"
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ :
+ : "memory", "lr", "cc"
);
}
-void fe_sq(fe r_p, const fe a_p)
+#else
+void fe_mul_op(void);
+void fe_mul_op()
{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
-
__asm__ __volatile__ (
- "sub sp, sp, #0x40\n\t"
- /* Square */
- "ldr r7, [%[a]]\n\t"
- "ldr r8, [%[a], #4]\n\t"
- "ldr r9, [%[a], #8]\n\t"
- "ldr r10, [%[a], #12]\n\t"
- "ldr r12, [%[a], #16]\n\t"
- /* A[0] * A[0] = 0 */
- "umull r4, r5, r7, r7\n\t"
- "str r4, [sp]\n\t"
- /* A[0] * A[1] = 1 */
- "umull r2, r3, r7, r8\n\t"
- "mov r6, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adc r6, r6, r3\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #4]\n\t"
- /* A[1] * A[1] = 2 */
- "umull r2, r3, r8, r8\n\t"
- "adds r6, r6, r2\n\t"
- "adc r4, r4, r3\n\t"
- /* A[0] * A[2] = 2 */
- "umull r2, r3, r7, r9\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #8]\n\t"
- /* A[0] * A[3] = 3 */
- "umull r2, r3, r7, r10\n\t"
- "adds r4, r4, r2\n\t"
- "adc r5, r5, r3\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * A[2] = 3 */
- "umull r2, r3, r8, r9\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #12]\n\t"
- /* A[2] * A[2] = 4 */
- "umull r2, r3, r9, r9\n\t"
- "adds r5, r5, r2\n\t"
+ "sub sp, sp, #44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r0, [sp, #36]\n\t"
+ "str r1, [sp, #40]\n\t"
+#else
+ "strd r0, r1, [sp, #36]\n\t"
+#endif
+ "mov lr, r2\n\t"
+ "ldm r1, {r0, r1, r2, r3}\n\t"
+ "ldm lr!, {r4, r5, r6}\n\t"
+ "umull r10, r11, r0, r4\n\t"
+ "umull r12, r7, r1, r4\n\t"
+ "umaal r11, r12, r0, r5\n\t"
+ "umull r8, r9, r2, r4\n\t"
+ "umaal r12, r8, r1, r5\n\t"
+ "umaal r12, r7, r0, r6\n\t"
+ "umaal r8, r9, r3, r4\n\t"
+ "stm sp, {r10, r11, r12}\n\t"
+ "umaal r7, r8, r2, r5\n\t"
+ "ldm lr!, {r4}\n\t"
+ "umull r10, r11, r1, r6\n\t"
+ "umaal r8, r9, r2, r6\n\t"
+ "umaal r7, r10, r0, r4\n\t"
+ "umaal r8, r11, r3, r5\n\t"
+ "str r7, [sp, #12]\n\t"
+ "umaal r8, r10, r1, r4\n\t"
+ "umaal r9, r11, r3, r6\n\t"
+ "umaal r9, r10, r2, r4\n\t"
+ "umaal r10, r11, r3, r4\n\t"
+ "ldm lr, {r4, r5, r6, r7}\n\t"
+ "mov r12, #0\n\t"
+ "umlal r8, r12, r0, r4\n\t"
+ "umaal r9, r12, r1, r4\n\t"
+ "umaal r10, r12, r2, r4\n\t"
+ "umaal r11, r12, r3, r4\n\t"
"mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * A[3] = 4 */
- "umull r2, r3, r8, r10\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[0] * A[4] = 4 */
- "umull r2, r3, r7, r12\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #16]\n\t"
- /* A[0] * A[5] = 5 */
- "ldr r11, [%[a], #20]\n\t"
- "umull r2, r3, r7, r11\n\t"
- "adds r6, r6, r2\n\t"
+ "umlal r9, r4, r0, r5\n\t"
+ "umaal r10, r4, r1, r5\n\t"
+ "umaal r11, r4, r2, r5\n\t"
+ "umaal r12, r4, r3, r5\n\t"
"mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[1] * A[4] = 5 */
- "umull r2, r3, r8, r12\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * A[3] = 5 */
- "umull r2, r3, r9, r10\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #20]\n\t"
- /* A[3] * A[3] = 6 */
- "umull r2, r3, r10, r10\n\t"
- "adds r4, r4, r2\n\t"
+ "umlal r10, r5, r0, r6\n\t"
+ "umaal r11, r5, r1, r6\n\t"
+ "umaal r12, r5, r2, r6\n\t"
+ "umaal r4, r5, r3, r6\n\t"
"mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[2] * A[4] = 6 */
- "umull r2, r3, r9, r12\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * A[5] = 6 */
- "umull r2, r3, r8, r11\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[0] * A[6] = 6 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r7, r11\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #24]\n\t"
- /* A[0] * A[7] = 7 */
- "ldr r11, [%[a], #28]\n\t"
- "umull r2, r3, r7, r11\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * A[6] = 7 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r8, r11\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * A[5] = 7 */
- "ldr r11, [%[a], #20]\n\t"
- "umull r2, r3, r9, r11\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * A[4] = 7 */
- "umull r2, r3, r10, r12\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #28]\n\t"
- /* A[4] * A[4] = 8 */
- "umull r2, r3, r12, r12\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * A[5] = 8 */
- "umull r2, r3, r10, r11\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * A[6] = 8 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r9, r11\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[1] * A[7] = 8 */
- "ldr r11, [%[a], #28]\n\t"
- "umull r2, r3, r8, r11\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r11, r6, r0, r7\n\t"
+ "ldr r0, [sp, #40]\n\t"
+ "umaal r12, r6, r1, r7\n\t"
+ "add r0, r0, #16\n\t"
+ "umaal r4, r6, r2, r7\n\t"
+ "sub lr, lr, #16\n\t"
+ "umaal r5, r6, r3, r7\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
"str r6, [sp, #32]\n\t"
- "ldr r7, [%[a], #20]\n\t"
- /* A[2] * A[7] = 9 */
- "umull r2, r3, r9, r11\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[3] * A[6] = 9 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r10, r11\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[4] * A[5] = 9 */
- "umull r2, r3, r12, r7\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #36]\n\t"
- "mov r8, r11\n\t"
- /* A[5] * A[5] = 10 */
- "umull r2, r3, r7, r7\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * A[6] = 10 */
- "umull r2, r3, r12, r8\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * A[7] = 10 */
- "ldr r11, [%[a], #28]\n\t"
- "umull r2, r3, r10, r11\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #40]\n\t"
- "mov r9, r11\n\t"
- /* A[4] * A[7] = 11 */
- "umull r2, r3, r12, r9\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * A[6] = 11 */
- "umull r2, r3, r7, r8\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #44]\n\t"
- /* A[6] * A[6] = 12 */
- "umull r2, r3, r8, r8\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[5] * A[7] = 12 */
- "umull r2, r3, r7, r9\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #48]\n\t"
- /* A[6] * A[7] = 13 */
- "umull r2, r3, r8, r9\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #52]\n\t"
- /* A[7] * A[7] = 14 */
- "umull r2, r3, r9, r9\n\t"
- "adds r6, r6, r2\n\t"
- "adc r4, r4, r3\n\t"
- "str r6, [sp, #56]\n\t"
- "str r4, [sp, #60]\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r7, #0\n\t"
+ "umlal r8, r7, r0, r6\n\t"
+ "umaal r9, r7, r1, r6\n\t"
+ "str r8, [sp, #16]\n\t"
+ "umaal r10, r7, r2, r6\n\t"
+ "umaal r11, r7, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r8, #0\n\t"
+ "umlal r9, r8, r0, r6\n\t"
+ "umaal r10, r8, r1, r6\n\t"
+ "str r9, [sp, #20]\n\t"
+ "umaal r11, r8, r2, r6\n\t"
+ "umaal r12, r8, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r9, #0\n\t"
+ "umlal r10, r9, r0, r6\n\t"
+ "umaal r11, r9, r1, r6\n\t"
+ "str r10, [sp, #24]\n\t"
+ "umaal r12, r9, r2, r6\n\t"
+ "umaal r4, r9, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r10, #0\n\t"
+ "umlal r11, r10, r0, r6\n\t"
+ "umaal r12, r10, r1, r6\n\t"
+ "str r11, [sp, #28]\n\t"
+ "umaal r4, r10, r2, r6\n\t"
+ "umaal r5, r10, r3, r6\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r12, r7, r0, r11\n\t"
+ "umaal r4, r7, r1, r11\n\t"
+ "ldr r6, [sp, #32]\n\t"
+ "umaal r5, r7, r2, r11\n\t"
+ "umaal r6, r7, r3, r11\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r4, r8, r0, r11\n\t"
+ "umaal r5, r8, r1, r11\n\t"
+ "umaal r6, r8, r2, r11\n\t"
+ "umaal r7, r8, r3, r11\n\t"
+ "ldm lr, {r11, lr}\n\t"
+ "umaal r5, r9, r0, r11\n\t"
+ "umaal r6, r10, r0, lr\n\t"
+ "umaal r6, r9, r1, r11\n\t"
+ "umaal r7, r10, r1, lr\n\t"
+ "umaal r7, r9, r2, r11\n\t"
+ "umaal r8, r10, r2, lr\n\t"
+ "umaal r8, r9, r3, r11\n\t"
+ "umaal r9, r10, r3, lr\n\t"
/* Reduce */
- /* Load bottom half */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
-#else
- "ldrd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
-#else
- "ldrd r6, r7, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
-#else
- "ldrd r8, r9, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #24]\n\t"
- "ldr r11, [sp, #28]\n\t"
-#else
- "ldrd r10, r11, [sp, #24]\n\t"
-#endif
- "lsr r2, r11, #31\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "mov r12, #19\n\t"
- "ldr %[a], [sp, #32]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "adds r4, r4, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #36]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r5, r5, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #40]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r6, r6, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r7, r7, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #44]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r7, r7, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r8, r8, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #48]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r8, r8, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r9, r9, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #52]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r9, r9, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r10, r10, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #56]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r10, r10, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r11, r11, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #31\n\t"
- "ldr %[a], [sp, #60]\n\t"
- "orr r2, r2, %[a], lsl #1\n\t"
- "umull r2, r3, r12, r2\n\t"
- "adds r11, r11, r2\n\t"
- "adc r2, r3, lr\n\t"
- /* Overflow */
- "lsl r2, r2, #1\n\t"
- "orr r2, r2, r11, lsr #31\n\t"
- "mul r2, r2, r12\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, r2\n\t"
+ "ldr r0, [sp, #28]\n\t"
+ "mov lr, #37\n\t"
+ "umaal r10, r0, r10, lr\n\t"
+ "mov lr, #19\n\t"
+ "lsl r0, r0, #1\n\t"
+ "orr r0, r0, r10, lsr #31\n\t"
+ "mul r11, r0, lr\n\t"
+ "pop {r0-r2}\n\t"
+ "mov lr, #38\n\t"
+ "umaal r0, r11, r12, lr\n\t"
+ "umaal r1, r11, r4, lr\n\t"
+ "umaal r2, r11, r5, lr\n\t"
+ "pop {r3-r5}\n\t"
+ "umaal r3, r11, r6, lr\n\t"
+ "umaal r4, r11, r7, lr\n\t"
+ "umaal r5, r11, r8, lr\n\t"
+ "pop {r6}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r10, r10, #0x80000000\n\t"
+#else
+ "bfc r10, #31, #1\n\t"
+#endif
+ "umaal r6, r11, r9, lr\n\t"
+ "add r7, r10, r11\n\t"
+ "ldr lr, [sp, #8]\n\t"
+ /* Store */
+ "stm lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "add sp, sp, #16\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+void fe_mul(fe r_p, const fe a_p, const fe b_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+ register const sword32* b asm ("r2") = (const sword32*)b_p;
+
+ __asm__ __volatile__ (
+ "bl fe_mul_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void fe_sq_op(void);
+void fe_sq_op()
+{
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str r0, [sp, #64]\n\t"
+ /* Square */
+ "mov r0, #0\n\t"
+ "ldr r12, [r1]\n\t"
+ /* A[0] * A[1] */
+ "ldr lr, [r1, #4]\n\t"
+ "umull r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "ldr lr, [r1, #12]\n\t"
+ "umull r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "umull r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "umull r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "ldr lr, [r1, #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "ldr lr, [r1, #16]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ "adcs r3, r3, #0\n\t"
+ "str r4, [sp, #4]\n\t"
+ "str r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "ldr r12, [r1, #4]\n\t"
+ "ldr lr, [r1, #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "ldr lr, [r1, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "ldr lr, [r1, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r4, r0, #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "ldr r12, [r1, #8]\n\t"
+ "ldr lr, [r1, #12]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "ldr lr, [r1, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r5, r0, #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "ldr r12, [r1, #12]\n\t"
+ "ldr lr, [r1, #16]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r6, r0, #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "ldr r12, [r1, #16]\n\t"
+ "ldr lr, [r1, #20]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r7, r0, #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "ldr r12, [r1, #20]\n\t"
+ "ldr lr, [r1, #24]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r8, r0, #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "ldr r12, [r1, #24]\n\t"
+ "ldr lr, [r1, #28]\n\t"
+ "mov r9, #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "adds r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adcs r10, r10, r10\n\t"
+ "stm lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adc r10, r0, #0\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov lr, sp\n\t"
+ /* A[0] * A[0] */
+ "ldr r12, [r1]\n\t"
+ "umull r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "ldr r12, [r1, #4]\n\t"
"adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "ldr r12, [r1, #8]\n\t"
"adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "ldr r12, [r1, #12]\n\t"
"adcs r9, r9, #0\n\t"
- "adcs r10, r10, #0\n\t"
- "adc r11, r11, #0\n\t"
- /* Reduce if top bit set */
- "asr r2, r11, #31\n\t"
- "and r2, r2, r12\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, r2\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, r12\n\t"
+ "adds r10, r10, r11\n\t"
+ "stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "ldr r12, [r1, #16]\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "ldr r12, [r1, #20]\n\t"
"adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "ldr r12, [r1, #24]\n\t"
"adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "ldr r12, [r1, #28]\n\t"
"adcs r9, r9, #0\n\t"
- "adcs r10, r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r12, r12\n\t"
+ /* Reduce */
+ "ldr r2, [sp, #28]\n\t"
+ "mov lr, sp\n\t"
+ "mov r12, #38\n\t"
+ "umull r10, r11, r12, r10\n\t"
+ "adds r10, r10, r2\n\t"
"adc r11, r11, #0\n\t"
+ "mov r12, #19\n\t"
+ "lsl r11, r11, #1\n\t"
+ "orr r11, r11, r10, LSR #31\n\t"
+ "mul r11, r12, r11\n\t"
+ "ldm lr!, {r1, r2}\n\t"
+ "mov r12, #38\n\t"
+ "adds r1, r1, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r1, r11, r3, r12\n\t"
+ "adds r2, r2, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r2, r11, r4, r12\n\t"
+ "ldm lr!, {r3, r4}\n\t"
+ "adds r3, r3, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r5, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r6, r12\n\t"
+ "ldm lr!, {r5, r6}\n\t"
+ "adds r5, r5, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r7, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r8, r12\n\t"
+ "ldm lr!, {r7, r8}\n\t"
+ "adds r7, r7, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r9, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r10, r10, #0x80000000\n\t"
+#else
+ "bfc r10, #31, #1\n\t"
+#endif
+ "adds r8, r10, r11\n\t"
/* Store */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
-#else
- "strd r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
+ "ldr r0, [sp, #64]\n\t"
+ "stm r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x44\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
+void fe_sq_op(void);
+void fe_sq_op()
+{
+ __asm__ __volatile__ (
+ "sub sp, sp, #32\n\t"
+ "str r0, [sp, #28]\n\t"
+ "ldm r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ /* Square */
+ "umull r9, r10, r0, r0\n\t"
+ "umull r11, r12, r0, r1\n\t"
+ "adds r11, r11, r11\n\t"
+ "mov lr, #0\n\t"
+ "umaal r10, r11, lr, lr\n\t"
+ "stm sp, {r9, r10}\n\t"
+ "mov r8, lr\n\t"
+ "umaal r8, r12, r0, r2\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r8, r11, r1, r1\n\t"
+ "umull r9, r10, r0, r3\n\t"
+ "umaal r9, r12, r1, r2\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [sp, #8]\n\t"
+ "str r9, [sp, #12]\n\t"
#else
- "strd r10, r11, [%[r], #24]\n\t"
+ "strd r8, r9, [sp, #8]\n\t"
#endif
- "add sp, sp, #0x40\n\t"
+ "mov r9, lr\n\t"
+ "umaal r9, r10, r0, r4\n\t"
+ "umaal r9, r12, r1, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r2, r2\n\t"
+ "str r9, [sp, #16]\n\t"
+ "umull r9, r8, r0, r5\n\t"
+ "umaal r9, r12, r1, r4\n\t"
+ "umaal r9, r10, r2, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+ "str r9, [sp, #20]\n\t"
+ "mov r9, lr\n\t"
+ "umaal r9, r8, r0, r6\n\t"
+ "umaal r9, r12, r1, r5\n\t"
+ "umaal r9, r10, r2, r4\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r3, r3\n\t"
+ "str r9, [sp, #24]\n\t"
+ "umull r0, r9, r0, r7\n\t"
+ "umaal r0, r8, r1, r6\n\t"
+ "umaal r0, r12, r2, r5\n\t"
+ "umaal r0, r10, r3, r4\n\t"
+ "adcs r0, r0, r0\n\t"
+ "umaal r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "umaal r9, r8, r1, r7\n\t"
+ "umaal r9, r10, r2, r6\n\t"
+ "umaal r12, r9, r3, r5\n\t"
+ "adcs r12, r12, r12\n\t"
+ "umaal r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "umaal r9, r8, r2, r7\n\t"
+ "umaal r10, r9, r3, r6\n\t"
+ "mov r2, lr\n\t"
+ "umaal r10, r2, r4, r5\n\t"
+ "adcs r10, r10, r10\n\t"
+ "umaal r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "umaal r2, r8, r3, r7\n\t"
+ "umaal r2, r9, r4, r6\n\t"
+ "adcs r3, r2, r2\n\t"
+ "umaal r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "mov r1, lr\n\t"
+ "umaal r1, r8, r4, r7\n\t"
+ "umaal r1, r9, r5, r6\n\t"
+ "adcs r4, r1, r1\n\t"
+ "umaal r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "umaal r8, r9, r5, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "mov r5, lr\n\t"
+ "umaal r5, r9, r6, r7\n\t"
+ "adcs r5, r5, r5\n\t"
+ "umaal r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r5, r7, r7\n\t"
+ "adcs r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ /* Reduce */
+ "mov r6, #37\n\t"
+ "umaal r7, r0, r7, r6\n\t"
+ "mov r6, #19\n\t"
+ "lsl r0, r0, #1\n\t"
+ "orr r0, r0, r7, lsr #31\n\t"
+ "mul lr, r0, r6\n\t"
+ "pop {r0-r1}\n\t"
+ "mov r6, #38\n\t"
+ "umaal r0, lr, r12, r6\n\t"
+ "umaal r1, lr, r11, r6\n\t"
+ "mov r12, r3\n\t"
+ "mov r11, r4\n\t"
+ "pop {r2-r4}\n\t"
+ "umaal r2, lr, r10, r6\n\t"
+ "umaal r3, lr, r12, r6\n\t"
+ "umaal r4, lr, r11, r6\n\t"
+ "mov r12, r6\n\t"
+ "pop {r5-r6}\n\t"
+ "umaal r5, lr, r8, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r7, r7, #0x80000000\n\t"
+#else
+ "bfc r7, #31, #1\n\t"
+#endif
+ "umaal r6, lr, r9, r12\n\t"
+ "add r7, r7, lr\n\t"
+ "pop {lr}\n\t"
+ /* Store */
+ "stm lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+void fe_sq(fe r_p, const fe a_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+ __asm__ __volatile__ (
+ "bl fe_sq_op\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "r11", "cc"
);
}
+#ifdef HAVE_CURVE25519
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
void fe_mul121666(fe r_p, fe a_p)
{
- register fe r asm ("r0") = r_p;
- register fe a asm ("r1") = a_p;
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register sword32* a asm ("r1") = (sword32*)a_p;
__asm__ __volatile__ (
/* Multiply by 121666 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
-#else
- "ldrd r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #12]\n\t"
+ "ldm %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #1\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xdb\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0x42\n\t"
#else
- "ldrd r4, r5, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #16]\n\t"
- "ldr r7, [%[a], #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xdb\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x42\n\t"
#else
- "ldrd r6, r7, [%[a], #16]\n\t"
+ "mov r10, #0xdb42\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[a], #24]\n\t"
- "ldr r9, [%[a], #28]\n\t"
-#else
- "ldrd r8, r9, [%[a], #24]\n\t"
+ "movt r10, #1\n\t"
#endif
- "movw lr, #0xdb42\n\t"
- "movt lr, #1\n\t"
- "umull r2, r10, r2, lr\n\t"
- "umull r3, r12, r3, lr\n\t"
- "adds r3, r3, r10\n\t"
- "adc r10, r12, #0\n\t"
- "umull r4, r12, r4, lr\n\t"
- "adds r4, r4, r10\n\t"
- "adc r10, r12, #0\n\t"
- "umull r5, r12, r5, lr\n\t"
- "adds r5, r5, r10\n\t"
- "adc r10, r12, #0\n\t"
- "umull r6, r12, r6, lr\n\t"
- "adds r6, r6, r10\n\t"
- "adc r10, r12, #0\n\t"
- "umull r7, r12, r7, lr\n\t"
- "adds r7, r7, r10\n\t"
- "adc r10, r12, #0\n\t"
- "umull r8, r12, r8, lr\n\t"
- "adds r8, r8, r10\n\t"
- "adc r10, r12, #0\n\t"
- "umull r9, r12, r9, lr\n\t"
- "adds r9, r9, r10\n\t"
- "adc r10, r12, #0\n\t"
- "mov lr, #19\n\t"
- "lsl r10, r10, #1\n\t"
- "orr r10, r10, r9, lsr #31\n\t"
- "mul r10, r10, lr\n\t"
- "and r9, r9, #0x7fffffff\n\t"
- "adds r2, r2, r10\n\t"
+ "umull r2, r12, r10, r2\n\t"
+ "umull r3, lr, r10, r3\n\t"
+ "adds r3, r3, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "umull r4, r12, r10, r4\n\t"
+ "adds r4, r4, lr\n\t"
+ "adc r12, r12, #0\n\t"
+ "umull r5, lr, r10, r5\n\t"
+ "adds r5, r5, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "umull r6, r12, r10, r6\n\t"
+ "adds r6, r6, lr\n\t"
+ "adc r12, r12, #0\n\t"
+ "umull r7, lr, r10, r7\n\t"
+ "adds r7, r7, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "umull r8, r12, r10, r8\n\t"
+ "adds r8, r8, lr\n\t"
+ "adc r12, r12, #0\n\t"
+ "umull r9, lr, r10, r9\n\t"
+ "adds r9, r9, r12\n\t"
+ "mov r10, #19\n\t"
+ "adc lr, lr, #0\n\t"
+ "lsl lr, lr, #1\n\t"
+ "orr lr, lr, r9, LSR #31\n\t"
+ "mul lr, r10, lr\n\t"
+ "adds r2, r2, lr\n\t"
"adcs r3, r3, #0\n\t"
"adcs r4, r4, #0\n\t"
"adcs r5, r5, #0\n\t"
"adcs r6, r6, #0\n\t"
"adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adc r9, r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r2, [%[r]]\n\t"
- "str r3, [%[r], #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0x80000000\n\t"
#else
- "strd r2, r3, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
-#else
- "strd r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [%[r], #16]\n\t"
- "str r7, [%[r], #20]\n\t"
-#else
- "strd r6, r7, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #24]\n\t"
- "str r9, [%[r], #28]\n\t"
-#else
- "strd r8, r9, [%[r], #24]\n\t"
+ "bfc r9, #31, #1\n\t"
#endif
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "stm %[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
);
}
-void fe_sq2(fe r_p, const fe a_p)
+#else
+void fe_mul121666(fe r_p, fe a_p)
{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register sword32* a asm ("r1") = (sword32*)a_p;
__asm__ __volatile__ (
- "sub sp, sp, #0x40\n\t"
- /* Square * 2 */
- "ldr r7, [%[a]]\n\t"
- "ldr r8, [%[a], #4]\n\t"
- "ldr r9, [%[a], #8]\n\t"
- "ldr r10, [%[a], #12]\n\t"
- "ldr r12, [%[a], #16]\n\t"
- /* A[0] * A[0] = 0 */
- "umull r4, r5, r7, r7\n\t"
- "str r4, [sp]\n\t"
- /* A[0] * A[1] = 1 */
- "umull r2, r3, r7, r8\n\t"
- "mov r6, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adc r6, r6, r3\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #4]\n\t"
- /* A[1] * A[1] = 2 */
- "umull r2, r3, r8, r8\n\t"
- "adds r6, r6, r2\n\t"
- "adc r4, r4, r3\n\t"
- /* A[0] * A[2] = 2 */
- "umull r2, r3, r7, r9\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #8]\n\t"
- /* A[0] * A[3] = 3 */
- "umull r2, r3, r7, r10\n\t"
- "adds r4, r4, r2\n\t"
- "adc r5, r5, r3\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * A[2] = 3 */
- "umull r2, r3, r8, r9\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #12]\n\t"
- /* A[2] * A[2] = 4 */
- "umull r2, r3, r9, r9\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * A[3] = 4 */
- "umull r2, r3, r8, r10\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[0] * A[4] = 4 */
- "umull r2, r3, r7, r12\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #16]\n\t"
- /* A[0] * A[5] = 5 */
- "ldr r11, [%[a], #20]\n\t"
- "umull r2, r3, r7, r11\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[1] * A[4] = 5 */
- "umull r2, r3, r8, r12\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * A[3] = 5 */
- "umull r2, r3, r9, r10\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #20]\n\t"
- /* A[3] * A[3] = 6 */
- "umull r2, r3, r10, r10\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[2] * A[4] = 6 */
- "umull r2, r3, r9, r12\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[1] * A[5] = 6 */
- "umull r2, r3, r8, r11\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[0] * A[6] = 6 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r7, r11\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #24]\n\t"
- /* A[0] * A[7] = 7 */
- "ldr r11, [%[a], #28]\n\t"
- "umull r2, r3, r7, r11\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * A[6] = 7 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r8, r11\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * A[5] = 7 */
- "ldr r11, [%[a], #20]\n\t"
- "umull r2, r3, r9, r11\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * A[4] = 7 */
- "umull r2, r3, r10, r12\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #28]\n\t"
- /* A[4] * A[4] = 8 */
- "umull r2, r3, r12, r12\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * A[5] = 8 */
- "umull r2, r3, r10, r11\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * A[6] = 8 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r9, r11\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[1] * A[7] = 8 */
- "ldr r11, [%[a], #28]\n\t"
- "umull r2, r3, r8, r11\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #32]\n\t"
- "ldr r7, [%[a], #20]\n\t"
- /* A[2] * A[7] = 9 */
- "umull r2, r3, r9, r11\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[3] * A[6] = 9 */
- "ldr r11, [%[a], #24]\n\t"
- "umull r2, r3, r10, r11\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[4] * A[5] = 9 */
- "umull r2, r3, r12, r7\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #36]\n\t"
- "mov r8, r11\n\t"
- /* A[5] * A[5] = 10 */
- "umull r2, r3, r7, r7\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * A[6] = 10 */
- "umull r2, r3, r12, r8\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * A[7] = 10 */
- "ldr r11, [%[a], #28]\n\t"
- "umull r2, r3, r10, r11\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #40]\n\t"
- "mov r9, r11\n\t"
- /* A[4] * A[7] = 11 */
- "umull r2, r3, r12, r9\n\t"
- "adds r6, r6, r2\n\t"
- "mov r5, #0\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * A[6] = 11 */
- "umull r2, r3, r7, r8\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "adds r6, r6, r2\n\t"
- "adcs r4, r4, r3\n\t"
- "adc r5, r5, #0\n\t"
- "str r6, [sp, #44]\n\t"
- /* A[6] * A[6] = 12 */
- "umull r2, r3, r8, r8\n\t"
- "adds r4, r4, r2\n\t"
- "mov r6, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- /* A[5] * A[7] = 12 */
- "umull r2, r3, r7, r9\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, r3\n\t"
- "adc r6, r6, #0\n\t"
- "str r4, [sp, #48]\n\t"
- /* A[6] * A[7] = 13 */
- "umull r2, r3, r8, r9\n\t"
- "adds r5, r5, r2\n\t"
- "mov r4, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r2\n\t"
- "adcs r6, r6, r3\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [sp, #52]\n\t"
- /* A[7] * A[7] = 14 */
- "umull r2, r3, r9, r9\n\t"
- "adds r6, r6, r2\n\t"
- "adc r4, r4, r3\n\t"
- "str r6, [sp, #56]\n\t"
- "str r4, [sp, #60]\n\t"
- /* Double and Reduce */
- /* Load bottom half */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
-#else
- "ldrd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
+ /* Multiply by 121666 */
+ "ldm %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #1\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xdb\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0x42\n\t"
#else
- "ldrd r6, r7, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #0xdb\n\t"
+ "lsl lr, lr, #8\n\t"
+ "add lr, lr, #0x42\n\t"
#else
- "ldrd r8, r9, [sp, #16]\n\t"
+ "mov lr, #0xdb42\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #24]\n\t"
- "ldr r11, [sp, #28]\n\t"
-#else
- "ldrd r10, r11, [sp, #24]\n\t"
+ "movt lr, #1\n\t"
#endif
- "lsr r2, r11, #30\n\t"
- "lsl r11, r11, #1\n\t"
- "orr r11, r11, r10, lsr #31\n\t"
+ "umull r2, r10, lr, r2\n\t"
+ "sub r12, lr, #1\n\t"
+ "umaal r3, r10, r12, r3\n\t"
+ "umaal r4, r10, r12, r4\n\t"
+ "umaal r5, r10, r12, r5\n\t"
+ "umaal r6, r10, r12, r6\n\t"
+ "umaal r7, r10, r12, r7\n\t"
+ "umaal r8, r10, r12, r8\n\t"
+ "mov lr, #19\n\t"
+ "umaal r9, r10, r12, r9\n\t"
"lsl r10, r10, #1\n\t"
"orr r10, r10, r9, lsr #31\n\t"
- "lsl r9, r9, #1\n\t"
- "orr r9, r9, r8, lsr #31\n\t"
- "lsl r8, r8, #1\n\t"
- "orr r8, r8, r7, lsr #31\n\t"
- "lsl r7, r7, #1\n\t"
- "orr r7, r7, r6, lsr #31\n\t"
- "lsl r6, r6, #1\n\t"
- "orr r6, r6, r5, lsr #31\n\t"
- "lsl r5, r5, #1\n\t"
- "orr r5, r5, r4, lsr #31\n\t"
- "lsl r4, r4, #1\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "mov r12, #19\n\t"
- "ldr %[a], [sp, #32]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "adds r4, r4, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r5, r5, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #36]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r5, r5, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r6, r6, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #40]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r6, r6, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r7, r7, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #44]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r7, r7, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r8, r8, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #48]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r8, r8, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r9, r9, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #52]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r9, r9, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r10, r10, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #56]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "add r3, r3, lr\n\t"
- "adds r10, r10, r2\n\t"
- "mov lr, #0\n\t"
- "adcs r11, r11, r3\n\t"
- "adc lr, lr, #0\n\t"
- "lsr r2, %[a], #30\n\t"
- "ldr %[a], [sp, #60]\n\t"
- "orr r2, r2, %[a], lsl #2\n\t"
- "umull r2, r3, r12, r2\n\t"
- "adds r11, r11, r2\n\t"
- "adc r2, r3, lr\n\t"
- /* Overflow */
- "lsl r2, r2, #1\n\t"
- "orr r2, r2, r11, lsr #31\n\t"
- "mul r2, r2, r12\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, r2\n\t"
- "adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
- "adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adcs r9, r9, #0\n\t"
- "adcs r10, r10, #0\n\t"
- "adc r11, r11, #0\n\t"
- /* Reduce if top bit set */
- "asr r2, r11, #31\n\t"
- "and r2, r2, r12\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, r2\n\t"
+ "mul r10, lr, r10\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
"adcs r5, r5, #0\n\t"
"adcs r6, r6, #0\n\t"
"adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adcs r9, r9, #0\n\t"
- "adcs r10, r10, #0\n\t"
- "adc r11, r11, #0\n\t"
- /* Store */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0x80000000\n\t"
#else
- "strd r6, r7, [%[r], #8]\n\t"
+ "bfc r9, #31, #1\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
-#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
-#else
- "strd r10, r11, [%[r], #24]\n\t"
-#endif
- "add sp, sp, #0x40\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- :
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
- );
-}
-
-void fe_invert(fe r_p, const fe a_p)
-{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
-
- __asm__ __volatile__ (
- "sub sp, sp, #0x88\n\t"
- /* Invert */
- "str %[r], [sp, #128]\n\t"
- "str %[a], [sp, #132]\n\t"
- "mov r0, sp\n\t"
- "ldr r1, [sp, #132]\n\t"
- "bl fe_sq\n\t"
- "add r0, sp, #32\n\t"
- "mov r1, sp\n\t"
- "bl fe_sq\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "add r0, sp, #32\n\t"
- "ldr r1, [sp, #132]\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "mov r0, sp\n\t"
- "mov r1, sp\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #0x40\n\t"
- "mov r1, sp\n\t"
- "bl fe_sq\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #32\n\t"
- "add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "mov r4, #4\n\t"
- "\n"
- "L_fe_invert1_%=: \n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert1_%=\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #0x40\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "mov r4, #9\n\t"
- "\n"
- "L_fe_invert2_%=: \n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert2_%=\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #0x60\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "mov r4, #19\n\t"
- "\n"
- "L_fe_invert3_%=: \n\t"
- "add r0, sp, #0x60\n\t"
- "add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert3_%=\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x60\n\t"
- "add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
- "mov r4, #10\n\t"
- "\n"
- "L_fe_invert4_%=: \n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert4_%=\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #0x40\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "mov r4, #49\n\t"
- "\n"
- "L_fe_invert5_%=: \n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert5_%=\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #0x60\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "mov r4, #0x63\n\t"
- "\n"
- "L_fe_invert6_%=: \n\t"
- "add r0, sp, #0x60\n\t"
- "add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert6_%=\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x60\n\t"
- "add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
- "mov r4, #50\n\t"
- "\n"
- "L_fe_invert7_%=: \n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert7_%=\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #0x40\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "mov r4, #5\n\t"
- "\n"
- "L_fe_invert8_%=: \n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_fe_invert8_%=\n\t"
- "ldr r0, [sp, #128]\n\t"
- "add r1, sp, #32\n\t"
- "mov r2, sp\n\t"
- "bl fe_mul\n\t"
- "ldr %[a], [sp, #132]\n\t"
- "ldr %[r], [sp, #128]\n\t"
- "add sp, sp, #0x88\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "stm %[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "lr", "r4"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
);
}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifndef WC_NO_CACHE_RESISTANT
int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
{
- register byte* r asm ("r0") = r_p;
- register const byte* n asm ("r1") = n_p;
- register const byte* a asm ("r2") = a_p;
+ register byte* r asm ("r0") = (byte*)r_p;
+ register const byte* n asm ("r1") = (const byte*)n_p;
+ register const byte* a asm ("r2") = (const byte*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0xbc\n\t"
@@ -4270,138 +3641,24 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"str %[a], [sp, #168]\n\t"
"mov %[n], #0\n\t"
"str %[n], [sp, #172]\n\t"
- /* Set one */
- "mov r10, #1\n\t"
- "mov r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r]]\n\t"
- "str r11, [%[r], #4]\n\t"
-#else
- "strd r10, r11, [%[r]]\n\t"
-#endif
- "mov r10, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #8]\n\t"
- "str r11, [%[r], #12]\n\t"
-#else
- "strd r10, r11, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #16]\n\t"
- "str r11, [%[r], #20]\n\t"
-#else
- "strd r10, r11, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
-#else
- "strd r10, r11, [%[r], #24]\n\t"
-#endif
- /* Set zero */
+ "mov r4, #1\n\t"
+ "mov r5, #0\n\t"
+ "mov r6, #0\n\t"
+ "mov r7, #0\n\t"
+ "mov r8, #0\n\t"
+ "mov r9, #0\n\t"
"mov r10, #0\n\t"
"mov r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp]\n\t"
- "str r11, [sp, #4]\n\t"
-#else
- "strd r10, r11, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #8]\n\t"
- "str r11, [sp, #12]\n\t"
-#else
- "strd r10, r11, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #16]\n\t"
- "str r11, [sp, #20]\n\t"
-#else
- "strd r10, r11, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #24]\n\t"
- "str r11, [sp, #28]\n\t"
-#else
- "strd r10, r11, [sp, #24]\n\t"
-#endif
- /* Set one */
- "mov r10, #1\n\t"
- "mov r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #32]\n\t"
- "str r11, [sp, #36]\n\t"
-#else
- "strd r10, r11, [sp, #32]\n\t"
-#endif
- "mov r10, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #40]\n\t"
- "str r11, [sp, #44]\n\t"
-#else
- "strd r10, r11, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #48]\n\t"
- "str r11, [sp, #52]\n\t"
-#else
- "strd r10, r11, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #56]\n\t"
- "str r11, [sp, #60]\n\t"
-#else
- "strd r10, r11, [sp, #56]\n\t"
-#endif
+ "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "add r3, sp, #32\n\t"
+ "stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "mov r4, #0\n\t"
+ "mov r3, sp\n\t"
+ "stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "add r3, sp, #0x40\n\t"
/* Copy */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[a], #4]\n\t"
-#else
- "ldrd r4, r5, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #8]\n\t"
- "ldr r7, [%[a], #12]\n\t"
-#else
- "ldrd r6, r7, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #64]\n\t"
- "str r5, [sp, #68]\n\t"
-#else
- "strd r4, r5, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #72]\n\t"
- "str r7, [sp, #76]\n\t"
-#else
- "strd r6, r7, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #20]\n\t"
-#else
- "ldrd r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [%[a], #24]\n\t"
- "ldr r7, [%[a], #28]\n\t"
-#else
- "ldrd r6, r7, [%[a], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #80]\n\t"
- "str r5, [sp, #84]\n\t"
-#else
- "strd r4, r5, [sp, #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #88]\n\t"
- "str r7, [sp, #92]\n\t"
-#else
- "strd r6, r7, [sp, #88]\n\t"
-#endif
+ "ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"mov %[n], #30\n\t"
"str %[n], [sp, #180]\n\t"
"mov %[a], #28\n\t"
@@ -4421,19 +3678,11 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"str %[n], [sp, #172]\n\t"
"ldr %[r], [sp, #160]\n\t"
/* Conditional Swap */
- "neg %[n], %[n]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r]]\n\t"
- "ldr r5, [%[r], #4]\n\t"
-#else
- "ldrd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #64]\n\t"
- "ldr r7, [sp, #68]\n\t"
-#else
- "ldrd r6, r7, [sp, #64]\n\t"
-#endif
+ "rsb %[n], %[n], #0\n\t"
+ "mov r3, r0\n\t"
+ "add r12, sp, #0x40\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4442,30 +3691,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #64]\n\t"
- "str r7, [sp, #68]\n\t"
-#else
- "strd r6, r7, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #8]\n\t"
- "ldr r5, [%[r], #12]\n\t"
-#else
- "ldrd r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #72]\n\t"
- "ldr r7, [sp, #76]\n\t"
-#else
- "ldrd r6, r7, [sp, #72]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4474,30 +3703,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
-#else
- "strd r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #72]\n\t"
- "str r7, [sp, #76]\n\t"
-#else
- "strd r6, r7, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #16]\n\t"
- "ldr r5, [%[r], #20]\n\t"
-#else
- "ldrd r4, r5, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #80]\n\t"
- "ldr r7, [sp, #84]\n\t"
-#else
- "ldrd r6, r7, [sp, #80]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4506,30 +3715,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #16]\n\t"
- "str r5, [%[r], #20]\n\t"
-#else
- "strd r4, r5, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #80]\n\t"
- "str r7, [sp, #84]\n\t"
-#else
- "strd r6, r7, [sp, #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #24]\n\t"
- "ldr r5, [%[r], #28]\n\t"
-#else
- "ldrd r4, r5, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #88]\n\t"
- "ldr r7, [sp, #92]\n\t"
-#else
- "ldrd r6, r7, [sp, #88]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4538,33 +3727,15 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #24]\n\t"
- "str r5, [%[r], #28]\n\t"
-#else
- "strd r4, r5, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #88]\n\t"
- "str r7, [sp, #92]\n\t"
-#else
- "strd r6, r7, [sp, #88]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
"ldr %[n], [sp, #172]\n\t"
/* Conditional Swap */
- "neg %[n], %[n]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
-#else
- "ldrd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #32]\n\t"
- "ldr r7, [sp, #36]\n\t"
-#else
- "ldrd r6, r7, [sp, #32]\n\t"
-#endif
+ "rsb %[n], %[n], #0\n\t"
+ "mov r3, sp\n\t"
+ "add r12, sp, #32\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4573,30 +3744,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp]\n\t"
- "str r5, [sp, #4]\n\t"
-#else
- "strd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #32]\n\t"
- "str r7, [sp, #36]\n\t"
-#else
- "strd r6, r7, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #8]\n\t"
- "ldr r5, [sp, #12]\n\t"
-#else
- "ldrd r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #40]\n\t"
- "ldr r7, [sp, #44]\n\t"
-#else
- "ldrd r6, r7, [sp, #40]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4605,30 +3756,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #8]\n\t"
- "str r5, [sp, #12]\n\t"
-#else
- "strd r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #40]\n\t"
- "str r7, [sp, #44]\n\t"
-#else
- "strd r6, r7, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #16]\n\t"
- "ldr r5, [sp, #20]\n\t"
-#else
- "ldrd r4, r5, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #48]\n\t"
- "ldr r7, [sp, #52]\n\t"
-#else
- "ldrd r6, r7, [sp, #48]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4637,30 +3768,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #16]\n\t"
- "str r5, [sp, #20]\n\t"
-#else
- "strd r4, r5, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #48]\n\t"
- "str r7, [sp, #52]\n\t"
-#else
- "strd r6, r7, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #24]\n\t"
- "ldr r5, [sp, #28]\n\t"
-#else
- "ldrd r4, r5, [sp, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #56]\n\t"
- "ldr r7, [sp, #60]\n\t"
-#else
- "ldrd r6, r7, [sp, #56]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
+ "ldm r3, {r4, r5}\n\t"
+ "ldm r12, {r6, r7}\n\t"
"eor r8, r4, r6\n\t"
"eor r9, r5, r7\n\t"
"and r8, r8, %[n]\n\t"
@@ -4669,1093 +3780,68 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"eor r5, r5, r9\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #24]\n\t"
- "str r5, [sp, #28]\n\t"
-#else
- "strd r4, r5, [sp, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #56]\n\t"
- "str r7, [sp, #60]\n\t"
-#else
- "strd r6, r7, [sp, #56]\n\t"
-#endif
+ "stm r3!, {r4, r5}\n\t"
+ "stm r12!, {r6, r7}\n\t"
"ldr %[n], [sp, #184]\n\t"
"str %[n], [sp, #172]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r]]\n\t"
- "ldr r5, [%[r], #4]\n\t"
-#else
- "ldrd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp]\n\t"
- "ldr r7, [sp, #4]\n\t"
-#else
- "ldrd r6, r7, [sp]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r]]\n\t"
- "str r9, [%[r], #4]\n\t"
-#else
- "strd r8, r9, [%[r]]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #128]\n\t"
- "str r11, [sp, #132]\n\t"
-#else
- "strd r10, r11, [sp, #128]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #8]\n\t"
- "ldr r5, [%[r], #12]\n\t"
-#else
- "ldrd r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
-#else
- "ldrd r6, r7, [sp, #8]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #8]\n\t"
- "str r9, [%[r], #12]\n\t"
-#else
- "strd r8, r9, [%[r], #8]\n\t"
-#endif
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #136]\n\t"
- "str r11, [sp, #140]\n\t"
-#else
- "strd r10, r11, [sp, #136]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #16]\n\t"
- "ldr r5, [%[r], #20]\n\t"
-#else
- "ldrd r4, r5, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #16]\n\t"
- "ldr r7, [sp, #20]\n\t"
-#else
- "ldrd r6, r7, [sp, #16]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
-#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #144]\n\t"
- "str r11, [sp, #148]\n\t"
-#else
- "strd r10, r11, [sp, #144]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #24]\n\t"
- "ldr r5, [%[r], #28]\n\t"
-#else
- "ldrd r4, r5, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #24]\n\t"
- "ldr r7, [sp, #28]\n\t"
-#else
- "ldrd r6, r7, [sp, #24]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r3, #-19\n\t"
- "asr %[a], r9, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r]]\n\t"
- "ldr r5, [%[r], #4]\n\t"
-#else
- "ldrd r4, r5, [%[r]]\n\t"
-#endif
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r]]\n\t"
- "str r5, [%[r], #4]\n\t"
-#else
- "strd r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #8]\n\t"
- "ldr r5, [%[r], #12]\n\t"
-#else
- "ldrd r4, r5, [%[r], #8]\n\t"
-#endif
- "sbcs r4, r4, %[a]\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
-#else
- "strd r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [%[r], #16]\n\t"
- "ldr r5, [%[r], #20]\n\t"
-#else
- "ldrd r4, r5, [%[r], #16]\n\t"
-#endif
- "sbcs r4, r4, %[a]\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [%[r], #16]\n\t"
- "str r5, [%[r], #20]\n\t"
-#else
- "strd r4, r5, [%[r], #16]\n\t"
-#endif
- "sbcs r8, r8, %[a]\n\t"
- "sbc r9, r9, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #24]\n\t"
- "str r9, [%[r], #28]\n\t"
-#else
- "strd r8, r9, [%[r], #24]\n\t"
-#endif
- "mov r3, #-19\n\t"
- "asr %[a], r11, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #128]\n\t"
- "ldr r5, [sp, #132]\n\t"
-#else
- "ldrd r4, r5, [sp, #128]\n\t"
-#endif
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #128]\n\t"
- "str r5, [sp, #132]\n\t"
-#else
- "strd r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #136]\n\t"
- "ldr r5, [sp, #140]\n\t"
-#else
- "ldrd r4, r5, [sp, #136]\n\t"
-#endif
- "adcs r4, r4, %[a]\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #136]\n\t"
- "str r5, [sp, #140]\n\t"
-#else
- "strd r4, r5, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #144]\n\t"
- "ldr r5, [sp, #148]\n\t"
-#else
- "ldrd r4, r5, [sp, #144]\n\t"
-#endif
- "adcs r4, r4, %[a]\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #144]\n\t"
- "str r5, [sp, #148]\n\t"
-#else
- "strd r4, r5, [sp, #144]\n\t"
-#endif
- "adcs r10, r10, %[a]\n\t"
- "adc r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #152]\n\t"
- "str r11, [sp, #156]\n\t"
-#else
- "strd r10, r11, [sp, #152]\n\t"
-#endif
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #64]\n\t"
- "ldr r5, [sp, #68]\n\t"
-#else
- "ldrd r4, r5, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #32]\n\t"
- "ldr r7, [sp, #36]\n\t"
-#else
- "ldrd r6, r7, [sp, #32]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp]\n\t"
- "str r9, [sp, #4]\n\t"
-#else
- "strd r8, r9, [sp]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #96]\n\t"
- "str r11, [sp, #100]\n\t"
-#else
- "strd r10, r11, [sp, #96]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #72]\n\t"
- "ldr r5, [sp, #76]\n\t"
-#else
- "ldrd r4, r5, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #40]\n\t"
- "ldr r7, [sp, #44]\n\t"
-#else
- "ldrd r6, r7, [sp, #40]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #8]\n\t"
- "str r9, [sp, #12]\n\t"
-#else
- "strd r8, r9, [sp, #8]\n\t"
-#endif
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #104]\n\t"
- "str r11, [sp, #108]\n\t"
-#else
- "strd r10, r11, [sp, #104]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #80]\n\t"
- "ldr r5, [sp, #84]\n\t"
-#else
- "ldrd r4, r5, [sp, #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #48]\n\t"
- "ldr r7, [sp, #52]\n\t"
-#else
- "ldrd r6, r7, [sp, #48]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #16]\n\t"
- "str r9, [sp, #20]\n\t"
-#else
- "strd r8, r9, [sp, #16]\n\t"
-#endif
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #112]\n\t"
- "str r11, [sp, #116]\n\t"
-#else
- "strd r10, r11, [sp, #112]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #88]\n\t"
- "ldr r5, [sp, #92]\n\t"
-#else
- "ldrd r4, r5, [sp, #88]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #56]\n\t"
- "ldr r7, [sp, #60]\n\t"
-#else
- "ldrd r6, r7, [sp, #56]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r3, #-19\n\t"
- "asr %[a], r9, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
-#else
- "ldrd r4, r5, [sp]\n\t"
-#endif
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp]\n\t"
- "str r5, [sp, #4]\n\t"
-#else
- "strd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #8]\n\t"
- "ldr r5, [sp, #12]\n\t"
-#else
- "ldrd r4, r5, [sp, #8]\n\t"
-#endif
- "sbcs r4, r4, %[a]\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #8]\n\t"
- "str r5, [sp, #12]\n\t"
-#else
- "strd r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #16]\n\t"
- "ldr r5, [sp, #20]\n\t"
-#else
- "ldrd r4, r5, [sp, #16]\n\t"
-#endif
- "sbcs r4, r4, %[a]\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #16]\n\t"
- "str r5, [sp, #20]\n\t"
-#else
- "strd r4, r5, [sp, #16]\n\t"
-#endif
- "sbcs r8, r8, %[a]\n\t"
- "sbc r9, r9, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #24]\n\t"
- "str r9, [sp, #28]\n\t"
-#else
- "strd r8, r9, [sp, #24]\n\t"
-#endif
- "mov r3, #-19\n\t"
- "asr %[a], r11, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #96]\n\t"
- "ldr r5, [sp, #100]\n\t"
-#else
- "ldrd r4, r5, [sp, #96]\n\t"
-#endif
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #96]\n\t"
- "str r5, [sp, #100]\n\t"
-#else
- "strd r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #104]\n\t"
- "ldr r5, [sp, #108]\n\t"
-#else
- "ldrd r4, r5, [sp, #104]\n\t"
-#endif
- "adcs r4, r4, %[a]\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #104]\n\t"
- "str r5, [sp, #108]\n\t"
-#else
- "strd r4, r5, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #112]\n\t"
- "ldr r5, [sp, #116]\n\t"
-#else
- "ldrd r4, r5, [sp, #112]\n\t"
-#endif
- "adcs r4, r4, %[a]\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #112]\n\t"
- "str r5, [sp, #116]\n\t"
-#else
- "strd r4, r5, [sp, #112]\n\t"
-#endif
- "adcs r10, r10, %[a]\n\t"
- "adc r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #120]\n\t"
- "str r11, [sp, #124]\n\t"
-#else
- "strd r10, r11, [sp, #120]\n\t"
-#endif
+ "mov r3, sp\n\t"
+ "ldr r2, [sp, #160]\n\t"
+ "add r1, sp, #0x80\n\t"
+ "ldr r0, [sp, #160]\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add r3, sp, #32\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_add_sub_op\n\t"
"ldr r2, [sp, #160]\n\t"
"add r1, sp, #0x60\n\t"
"add r0, sp, #32\n\t"
- "bl fe_mul\n\t"
+ "bl fe_mul_op\n\t"
"add r2, sp, #0x80\n\t"
- "add r1, sp, #0\n\t"
- "add r0, sp, #0\n\t"
- "bl fe_mul\n\t"
+ "mov r1, sp\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #0x80\n\t"
- "add r0, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "ldr r1, [sp, #160]\n\t"
"add r0, sp, #0x80\n\t"
- "bl fe_sq\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #32]\n\t"
- "ldr r5, [sp, #36]\n\t"
-#else
- "ldrd r4, r5, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp]\n\t"
- "ldr r7, [sp, #4]\n\t"
-#else
- "ldrd r6, r7, [sp]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #64]\n\t"
- "str r9, [sp, #68]\n\t"
-#else
- "strd r8, r9, [sp, #64]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp]\n\t"
- "str r11, [sp, #4]\n\t"
-#else
- "strd r10, r11, [sp]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #40]\n\t"
- "ldr r5, [sp, #44]\n\t"
-#else
- "ldrd r4, r5, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
-#else
- "ldrd r6, r7, [sp, #8]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #72]\n\t"
- "str r9, [sp, #76]\n\t"
-#else
- "strd r8, r9, [sp, #72]\n\t"
-#endif
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #8]\n\t"
- "str r11, [sp, #12]\n\t"
-#else
- "strd r10, r11, [sp, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #48]\n\t"
- "ldr r5, [sp, #52]\n\t"
-#else
- "ldrd r4, r5, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #16]\n\t"
- "ldr r7, [sp, #20]\n\t"
-#else
- "ldrd r6, r7, [sp, #16]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r3, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #80]\n\t"
- "str r9, [sp, #84]\n\t"
-#else
- "strd r8, r9, [sp, #80]\n\t"
-#endif
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov r12, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #16]\n\t"
- "str r11, [sp, #20]\n\t"
-#else
- "strd r10, r11, [sp, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #56]\n\t"
- "ldr r5, [sp, #60]\n\t"
-#else
- "ldrd r4, r5, [sp, #56]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #24]\n\t"
- "ldr r7, [sp, #28]\n\t"
-#else
- "ldrd r6, r7, [sp, #24]\n\t"
-#endif
- "adds r3, r3, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds r12, r12, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r3, #-19\n\t"
- "asr %[a], r9, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #64]\n\t"
- "ldr r5, [sp, #68]\n\t"
-#else
- "ldrd r4, r5, [sp, #64]\n\t"
-#endif
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #64]\n\t"
- "str r5, [sp, #68]\n\t"
-#else
- "strd r4, r5, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #72]\n\t"
- "ldr r5, [sp, #76]\n\t"
-#else
- "ldrd r4, r5, [sp, #72]\n\t"
-#endif
- "sbcs r4, r4, %[a]\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #72]\n\t"
- "str r5, [sp, #76]\n\t"
-#else
- "strd r4, r5, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #80]\n\t"
- "ldr r5, [sp, #84]\n\t"
-#else
- "ldrd r4, r5, [sp, #80]\n\t"
-#endif
- "sbcs r4, r4, %[a]\n\t"
- "sbcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #80]\n\t"
- "str r5, [sp, #84]\n\t"
-#else
- "strd r4, r5, [sp, #80]\n\t"
-#endif
- "sbcs r8, r8, %[a]\n\t"
- "sbc r9, r9, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #88]\n\t"
- "str r9, [sp, #92]\n\t"
-#else
- "strd r8, r9, [sp, #88]\n\t"
-#endif
- "mov r3, #-19\n\t"
- "asr %[a], r11, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
-#else
- "ldrd r4, r5, [sp]\n\t"
-#endif
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp]\n\t"
- "str r5, [sp, #4]\n\t"
-#else
- "strd r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #8]\n\t"
- "ldr r5, [sp, #12]\n\t"
-#else
- "ldrd r4, r5, [sp, #8]\n\t"
-#endif
- "adcs r4, r4, %[a]\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #8]\n\t"
- "str r5, [sp, #12]\n\t"
-#else
- "strd r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #16]\n\t"
- "ldr r5, [sp, #20]\n\t"
-#else
- "ldrd r4, r5, [sp, #16]\n\t"
-#endif
- "adcs r4, r4, %[a]\n\t"
- "adcs r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #16]\n\t"
- "str r5, [sp, #20]\n\t"
-#else
- "strd r4, r5, [sp, #16]\n\t"
-#endif
- "adcs r10, r10, %[a]\n\t"
- "adc r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #24]\n\t"
- "str r11, [sp, #28]\n\t"
-#else
- "strd r10, r11, [sp, #24]\n\t"
-#endif
- "add r2, sp, #0x60\n\t"
- "add r1, sp, #0x80\n\t"
+ "bl fe_sq_op\n\t"
+ "ldr r1, [sp, #160]\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r3, sp\n\t"
+ "add r2, sp, #32\n\t"
+ "mov r1, sp\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add r2, sp, #0x80\n\t"
+ "add r1, sp, #0x60\n\t"
"ldr r0, [sp, #160]\n\t"
- "bl fe_mul\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #128]\n\t"
- "ldr r5, [sp, #132]\n\t"
-#else
- "ldrd r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #136]\n\t"
- "ldr r7, [sp, #140]\n\t"
-#else
- "ldrd r6, r7, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #96]\n\t"
- "ldr r9, [sp, #100]\n\t"
-#else
- "ldrd r8, r9, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #104]\n\t"
- "ldr r11, [sp, #108]\n\t"
-#else
- "ldrd r10, r11, [sp, #104]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #128]\n\t"
- "str r9, [sp, #132]\n\t"
-#else
- "strd r8, r9, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #136]\n\t"
- "str r11, [sp, #140]\n\t"
-#else
- "strd r10, r11, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #144]\n\t"
- "ldr r5, [sp, #148]\n\t"
-#else
- "ldrd r4, r5, [sp, #144]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #152]\n\t"
- "ldr r7, [sp, #156]\n\t"
-#else
- "ldrd r6, r7, [sp, #152]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #112]\n\t"
- "ldr r9, [sp, #116]\n\t"
-#else
- "ldrd r8, r9, [sp, #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #120]\n\t"
- "ldr r11, [sp, #124]\n\t"
-#else
- "ldrd r10, r11, [sp, #120]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r3, #-19\n\t"
- "asr %[a], r11, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #128]\n\t"
- "ldr r5, [sp, #132]\n\t"
-#else
- "ldrd r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #136]\n\t"
- "ldr r7, [sp, #140]\n\t"
-#else
- "ldrd r6, r7, [sp, #136]\n\t"
-#endif
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, %[a]\n\t"
- "adcs r6, r6, %[a]\n\t"
- "adcs r7, r7, %[a]\n\t"
- "adcs r8, r8, %[a]\n\t"
- "adcs r9, r9, %[a]\n\t"
- "adcs r10, r10, %[a]\n\t"
- "adc r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #128]\n\t"
- "str r5, [sp, #132]\n\t"
-#else
- "strd r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #136]\n\t"
- "str r7, [sp, #140]\n\t"
-#else
- "strd r6, r7, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #144]\n\t"
- "str r9, [sp, #148]\n\t"
-#else
- "strd r8, r9, [sp, #144]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #152]\n\t"
- "str r11, [sp, #156]\n\t"
-#else
- "strd r10, r11, [sp, #152]\n\t"
-#endif
- "add r1, sp, #0\n\t"
- "add r0, sp, #0\n\t"
- "bl fe_sq\n\t"
- /* Multiply by 121666 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #128]\n\t"
- "ldr r5, [sp, #132]\n\t"
-#else
- "ldrd r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #136]\n\t"
- "ldr r7, [sp, #140]\n\t"
-#else
- "ldrd r6, r7, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #144]\n\t"
- "ldr r9, [sp, #148]\n\t"
-#else
- "ldrd r8, r9, [sp, #144]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #152]\n\t"
- "ldr r11, [sp, #156]\n\t"
-#else
- "ldrd r10, r11, [sp, #152]\n\t"
-#endif
- "movw r12, #0xdb42\n\t"
- "movt r12, #1\n\t"
- "umull r4, %[a], r4, r12\n\t"
- "umull r5, r3, r5, r12\n\t"
- "adds r5, r5, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "umull r6, r3, r6, r12\n\t"
- "adds r6, r6, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "umull r7, r3, r7, r12\n\t"
- "adds r7, r7, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "umull r8, r3, r8, r12\n\t"
- "adds r8, r8, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "umull r9, r3, r9, r12\n\t"
- "adds r9, r9, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "umull r10, r3, r10, r12\n\t"
- "adds r10, r10, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "umull r11, r3, r11, r12\n\t"
- "adds r11, r11, %[a]\n\t"
- "adc %[a], r3, #0\n\t"
- "mov r12, #19\n\t"
- "lsl %[a], %[a], #1\n\t"
- "orr %[a], %[a], r11, lsr #31\n\t"
- "mul %[a], %[a], r12\n\t"
- "and r11, r11, #0x7fffffff\n\t"
- "adds r4, r4, %[a]\n\t"
- "adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
- "adcs r7, r7, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adcs r9, r9, #0\n\t"
- "adcs r10, r10, #0\n\t"
- "adc r11, r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #32]\n\t"
- "str r5, [sp, #36]\n\t"
-#else
- "strd r4, r5, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #40]\n\t"
- "str r7, [sp, #44]\n\t"
-#else
- "strd r6, r7, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #48]\n\t"
- "str r9, [sp, #52]\n\t"
-#else
- "strd r8, r9, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #56]\n\t"
- "str r11, [sp, #60]\n\t"
-#else
- "strd r10, r11, [sp, #56]\n\t"
-#endif
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #0x80\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sub_op\n\t"
+ "mov r1, sp\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_sq_op\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul121666\n\t"
"add r1, sp, #0x40\n\t"
"add r0, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #96]\n\t"
- "ldr r5, [sp, #100]\n\t"
-#else
- "ldrd r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #104]\n\t"
- "ldr r7, [sp, #108]\n\t"
-#else
- "ldrd r6, r7, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #32]\n\t"
- "ldr r9, [sp, #36]\n\t"
-#else
- "ldrd r8, r9, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #40]\n\t"
- "ldr r11, [sp, #44]\n\t"
-#else
- "ldrd r10, r11, [sp, #40]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #96]\n\t"
- "str r9, [sp, #100]\n\t"
-#else
- "strd r8, r9, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #104]\n\t"
- "str r11, [sp, #108]\n\t"
-#else
- "strd r10, r11, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #112]\n\t"
- "ldr r5, [sp, #116]\n\t"
-#else
- "ldrd r4, r5, [sp, #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #120]\n\t"
- "ldr r7, [sp, #124]\n\t"
-#else
- "ldrd r6, r7, [sp, #120]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [sp, #48]\n\t"
- "ldr r9, [sp, #52]\n\t"
-#else
- "ldrd r8, r9, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [sp, #56]\n\t"
- "ldr r11, [sp, #60]\n\t"
-#else
- "ldrd r10, r11, [sp, #56]\n\t"
-#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r3, #-19\n\t"
- "asr %[a], r11, #31\n\t"
- /* Mask the modulus */
- "and r3, %[a], r3\n\t"
- "and r12, %[a], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [sp, #96]\n\t"
- "ldr r5, [sp, #100]\n\t"
-#else
- "ldrd r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [sp, #104]\n\t"
- "ldr r7, [sp, #108]\n\t"
-#else
- "ldrd r6, r7, [sp, #104]\n\t"
-#endif
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, %[a]\n\t"
- "sbcs r6, r6, %[a]\n\t"
- "sbcs r7, r7, %[a]\n\t"
- "sbcs r8, r8, %[a]\n\t"
- "sbcs r9, r9, %[a]\n\t"
- "sbcs r10, r10, %[a]\n\t"
- "sbc r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [sp, #96]\n\t"
- "str r5, [sp, #100]\n\t"
-#else
- "strd r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [sp, #104]\n\t"
- "str r7, [sp, #108]\n\t"
-#else
- "strd r6, r7, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [sp, #112]\n\t"
- "str r9, [sp, #116]\n\t"
-#else
- "strd r8, r9, [sp, #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [sp, #120]\n\t"
- "str r11, [sp, #124]\n\t"
-#else
- "strd r10, r11, [sp, #120]\n\t"
-#endif
- "add r2, sp, #0\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x80\n\t"
+ "bl fe_add_op\n\t"
+ "mov r2, sp\n\t"
"ldr r1, [sp, #168]\n\t"
"add r0, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r2, sp, #0x60\n\t"
- "add r1, sp, #0x80\n\t"
- "add r0, sp, #0\n\t"
- "bl fe_mul\n\t"
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #0x80\n\t"
+ "add r1, sp, #0x60\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
"ldr %[a], [sp, #176]\n\t"
"ldr %[n], [sp, #180]\n\t"
"subs %[n], %[n], #1\n\t"
@@ -5767,1596 +3853,1571 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
"str %[a], [sp, #176]\n\t"
"bge L_curve25519_words_%=\n\t"
/* Invert */
- "add r0, sp, #32\n\t"
"add r1, sp, #0\n\t"
- "bl fe_sq\n\t"
- "add r0, sp, #0x40\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
"add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
"add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
"add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #0x40\n\t"
"add r1, sp, #0\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
"add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
+ "add r1, sp, #32\n\t"
"add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #32\n\t"
- "add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
"add r0, sp, #0x60\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #0x60\n\t"
+ "add r1, sp, #0x40\n\t"
"add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #0x40\n\t"
- "add r2, sp, #0x60\n\t"
- "bl fe_mul\n\t"
"add r0, sp, #0x60\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "mov r4, #4\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #4\n\t"
"\n"
"L_curve25519_inv_1_%=: \n\t"
- "add r0, sp, #0x60\n\t"
"add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_curve25519_inv_1_%=\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #9\n\t"
+ "\n"
+ "L_curve25519_inv_2_%=: \n\t"
"add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_2_%=\n\t"
"add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x60\n\t"
- "add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "mov r4, #9\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x80\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #19\n\t"
"\n"
- "L_curve25519_inv_2_%=: \n\t"
+ "L_curve25519_inv_3_%=: \n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x80\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_3_%=\n\t"
+ "add r2, sp, #0x60\n\t"
+ "add r1, sp, #0x80\n\t"
"add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #10\n\t"
+ "\n"
+ "L_curve25519_inv_4_%=: \n\t"
"add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_curve25519_inv_2_%=\n\t"
"add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_4_%=\n\t"
+ "add r2, sp, #0x40\n\t"
"add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #49\n\t"
+ "\n"
+ "L_curve25519_inv_5_%=: \n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_5_%=\n\t"
"add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x80\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #0x63\n\t"
+ "\n"
+ "L_curve25519_inv_6_%=: \n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x80\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_6_%=\n\t"
+ "add r2, sp, #0x60\n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #50\n\t"
+ "\n"
+ "L_curve25519_inv_7_%=: \n\t"
"add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "mov r4, #19\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_7_%=\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #5\n\t"
"\n"
- "L_curve25519_inv_3_%=: \n\t"
+ "L_curve25519_inv_8_%=: \n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_8_%=\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r2, sp\n\t"
+ "ldr r1, [sp, #160]\n\t"
+ "ldr r0, [sp, #160]\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r0, #0\n\t"
+ "add sp, sp, #0xbc\n\t"
+ : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
+{
+ register byte* r asm ("r0") = (byte*)r_p;
+ register const byte* n asm ("r1") = (const byte*)n_p;
+ register const byte* a asm ("r2") = (const byte*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0xc0\n\t"
+ "str %[r], [sp, #176]\n\t"
+ "str %[n], [sp, #160]\n\t"
+ "str %[a], [sp, #172]\n\t"
+ "add r5, sp, #0x40\n\t"
+ "add r4, sp, #32\n\t"
+ "str sp, [sp, #184]\n\t"
+ "str r5, [sp, #180]\n\t"
+ "str r4, [sp, #188]\n\t"
+ "mov %[n], #0\n\t"
+ "str %[n], [sp, #164]\n\t"
+ "mov r4, #1\n\t"
+ "mov r5, #0\n\t"
+ "mov r6, #0\n\t"
+ "mov r7, #0\n\t"
+ "mov r8, #0\n\t"
+ "mov r9, #0\n\t"
+ "mov r10, #0\n\t"
+ "mov r11, #0\n\t"
+ "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "add r3, sp, #32\n\t"
+ "stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "mov r4, #0\n\t"
+ "mov r3, sp\n\t"
+ "stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "add r3, sp, #0x40\n\t"
+ /* Copy */
+ "ldm r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "mov %[a], #0xfe\n\t"
+ "\n"
+ "L_curve25519_bits_%=: \n\t"
+ "str %[a], [sp, #168]\n\t"
+ "ldr %[n], [sp, #160]\n\t"
+ "and r4, %[a], #31\n\t"
+ "lsr %[a], %[a], #5\n\t"
+ "ldr %[a], [%[n], r2, lsl #2]\n\t"
+ "rsb r4, r4, #31\n\t"
+ "lsl %[a], %[a], r4\n\t"
+ "ldr %[n], [sp, #164]\n\t"
+ "eor %[n], %[n], %[a]\n\t"
+ "asr %[n], %[n], #31\n\t"
+ "str %[a], [sp, #164]\n\t"
+ /* Conditional Swap */
+ "add r11, sp, #0xb0\n\t"
+ "ldm r11, {r4, r5, r6, r7}\n\t"
+ "eor r8, r4, r5\n\t"
+ "eor r9, r6, r7\n\t"
+ "and r8, r8, %[n]\n\t"
+ "and r9, r9, %[n]\n\t"
+ "eor r4, r4, r8\n\t"
+ "eor r5, r5, r8\n\t"
+ "eor r6, r6, r9\n\t"
+ "eor r7, r7, r9\n\t"
+ "stm r11, {r4, r5, r6, r7}\n\t"
+ /* Ladder step */
+ "ldr r3, [sp, #184]\n\t"
+ "ldr r2, [sp, #176]\n\t"
+ "add r1, sp, #0x80\n\t"
+ "ldr r0, [sp, #176]\n\t"
+ "bl fe_add_sub_op\n\t"
+ "ldr r3, [sp, #188]\n\t"
+ "ldr r2, [sp, #180]\n\t"
+ "add r1, sp, #0x60\n\t"
+ "ldr r0, [sp, #184]\n\t"
+ "bl fe_add_sub_op\n\t"
+ "ldr r2, [sp, #176]\n\t"
+ "add r1, sp, #0x60\n\t"
+ "ldr r0, [sp, #188]\n\t"
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #0x80\n\t"
+ "ldr r1, [sp, #184]\n\t"
+ "ldr r0, [sp, #184]\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "ldr r1, [sp, #176]\n\t"
"add r0, sp, #0x80\n\t"
+ "bl fe_sq_op\n\t"
+ "ldr r3, [sp, #184]\n\t"
+ "ldr r2, [sp, #188]\n\t"
+ "ldr r1, [sp, #184]\n\t"
+ "ldr r0, [sp, #180]\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add r2, sp, #0x60\n\t"
"add r1, sp, #0x80\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_curve25519_inv_3_%=\n\t"
+ "ldr r0, [sp, #176]\n\t"
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #0x60\n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x80\n\t"
+ "bl fe_sub_op\n\t"
+ "ldr r1, [sp, #184]\n\t"
+ "ldr r0, [sp, #184]\n\t"
+ "bl fe_sq_op\n\t"
+ "add r1, sp, #0x80\n\t"
+ "ldr r0, [sp, #188]\n\t"
+ "bl fe_mul121666\n\t"
+ "ldr r1, [sp, #180]\n\t"
+ "ldr r0, [sp, #180]\n\t"
+ "bl fe_sq_op\n\t"
+ "ldr r2, [sp, #188]\n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x60\n\t"
+ "bl fe_add_op\n\t"
+ "ldr r2, [sp, #184]\n\t"
+ "ldr r1, [sp, #172]\n\t"
+ "ldr r0, [sp, #188]\n\t"
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #0x60\n\t"
"add r1, sp, #0x80\n\t"
+ "ldr r0, [sp, #184]\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr %[a], [sp, #168]\n\t"
+ "subs %[a], %[a], #1\n\t"
+ "bge L_curve25519_bits_%=\n\t"
+ "ldr %[n], [sp, #184]\n\t"
+ /* Copy */
+ "ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm sp, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Invert */
+ "add r1, sp, #0\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
"add r2, sp, #0x60\n\t"
- "bl fe_mul\n\t"
- "mov r4, #10\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #4\n\t"
"\n"
- "L_curve25519_inv_4_%=: \n\t"
+ "L_curve25519_inv_1_%=: \n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_1_%=\n\t"
+ "add r2, sp, #0x40\n\t"
"add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
- "bne L_curve25519_inv_4_%=\n\t"
"add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #9\n\t"
+ "\n"
+ "L_curve25519_inv_2_%=: \n\t"
"add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_2_%=\n\t"
"add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x80\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #19\n\t"
+ "\n"
+ "L_curve25519_inv_3_%=: \n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x80\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_3_%=\n\t"
+ "add r2, sp, #0x60\n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #10\n\t"
+ "\n"
+ "L_curve25519_inv_4_%=: \n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_curve25519_inv_4_%=\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "mov r4, #49\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #49\n\t"
"\n"
"L_curve25519_inv_5_%=: \n\t"
- "add r0, sp, #0x60\n\t"
"add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_curve25519_inv_5_%=\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
"add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #0x60\n\t"
- "add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
"add r0, sp, #0x80\n\t"
- "add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "mov r4, #0x63\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #0x63\n\t"
"\n"
"L_curve25519_inv_6_%=: \n\t"
- "add r0, sp, #0x80\n\t"
"add r1, sp, #0x80\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x80\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_curve25519_inv_6_%=\n\t"
- "add r0, sp, #0x60\n\t"
- "add r1, sp, #0x80\n\t"
"add r2, sp, #0x60\n\t"
- "bl fe_mul\n\t"
- "mov r4, #50\n\t"
+ "add r1, sp, #0x80\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #50\n\t"
"\n"
"L_curve25519_inv_7_%=: \n\t"
- "add r0, sp, #0x60\n\t"
"add r1, sp, #0x60\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_curve25519_inv_7_%=\n\t"
- "add r0, sp, #0x40\n\t"
- "add r1, sp, #0x60\n\t"
"add r2, sp, #0x40\n\t"
- "bl fe_mul\n\t"
- "mov r4, #5\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #5\n\t"
"\n"
"L_curve25519_inv_8_%=: \n\t"
- "add r0, sp, #0x40\n\t"
"add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_curve25519_inv_8_%=\n\t"
- "add r0, sp, #0\n\t"
- "add r1, sp, #0x40\n\t"
"add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "add r2, sp, #0\n\t"
- "ldr r1, [sp, #160]\n\t"
- "ldr r0, [sp, #160]\n\t"
- "bl fe_mul\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r2, [sp, #184]\n\t"
+ "ldr r1, [sp, #176]\n\t"
+ "ldr r0, [sp, #176]\n\t"
+ "bl fe_mul_op\n\t"
+ /* Ensure result is less than modulus */
+ "ldr %[r], [sp, #176]\n\t"
+ "ldm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "mov %[a], #19\n\t"
+ "and %[a], %[a], r11, asr #31\n\t"
+ "adds r4, r4, %[a]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0x80000000\n\t"
+#else
+ "bfc r11, #31, #1\n\t"
+#endif
+ "adcs r10, r10, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"mov r0, #0\n\t"
- "add sp, sp, #0xbc\n\t"
+ "add sp, sp, #0xc0\n\t"
: [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)r;
}
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+void fe_invert(fe r_p, const fe a_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x88\n\t"
+ /* Invert */
+ "str %[r], [sp, #128]\n\t"
+ "str %[a], [sp, #132]\n\t"
+ "ldr r1, [sp, #132]\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r1, sp\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #32\n\t"
+ "ldr r1, [sp, #132]\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "add r2, sp, #32\n\t"
+ "mov r1, sp\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r1, sp\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #4\n\t"
+ "\n"
+ "L_fe_invert1_%=: \n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert1_%=\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #9\n\t"
+ "\n"
+ "L_fe_invert2_%=: \n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert2_%=\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #19\n\t"
+ "\n"
+ "L_fe_invert3_%=: \n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert3_%=\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #10\n\t"
+ "\n"
+ "L_fe_invert4_%=: \n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert4_%=\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #49\n\t"
+ "\n"
+ "L_fe_invert5_%=: \n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert5_%=\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x60\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #0x63\n\t"
+ "\n"
+ "L_fe_invert6_%=: \n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x60\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert6_%=\n\t"
+ "add r2, sp, #0x40\n\t"
+ "add r1, sp, #0x60\n\t"
+ "add r0, sp, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #50\n\t"
+ "\n"
+ "L_fe_invert7_%=: \n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert7_%=\n\t"
+ "add r2, sp, #32\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #5\n\t"
+ "\n"
+ "L_fe_invert8_%=: \n\t"
+ "add r1, sp, #32\n\t"
+ "add r0, sp, #32\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
+ "bne L_fe_invert8_%=\n\t"
+ "mov r2, sp\n\t"
+ "add r1, sp, #32\n\t"
+ "ldr r0, [sp, #128]\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr %[a], [sp, #132]\n\t"
+ "ldr %[r], [sp, #128]\n\t"
+ "add sp, sp, #0x88\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void fe_sq2(fe r_p, const fe a_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str r0, [sp, #64]\n\t"
+ /* Square * 2 */
+ "mov r0, #0\n\t"
+ "ldr r12, [r1]\n\t"
+ /* A[0] * A[1] */
+ "ldr lr, [r1, #4]\n\t"
+ "umull r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "ldr lr, [r1, #12]\n\t"
+ "umull r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "umull r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "umull r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "ldr lr, [r1, #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "ldr lr, [r1, #16]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ "adcs r3, r3, #0\n\t"
+ "str r4, [sp, #4]\n\t"
+ "str r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "ldr r12, [r1, #4]\n\t"
+ "ldr lr, [r1, #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "ldr lr, [r1, #12]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "ldr lr, [r1, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r4, r0, #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "ldr r12, [r1, #8]\n\t"
+ "ldr lr, [r1, #12]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "ldr lr, [r1, #16]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r5, r0, #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "ldr r12, [r1, #12]\n\t"
+ "ldr lr, [r1, #16]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "ldr lr, [r1, #20]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r6, r0, #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "ldr r12, [r1, #16]\n\t"
+ "ldr lr, [r1, #20]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "ldr lr, [r1, #24]\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r7, r0, #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "ldr r12, [r1, #20]\n\t"
+ "ldr lr, [r1, #24]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "ldr lr, [r1, #28]\n\t"
+ "adc r8, r0, #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "ldr r12, [r1, #24]\n\t"
+ "ldr lr, [r1, #28]\n\t"
+ "mov r9, #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "adds r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adcs r10, r10, r10\n\t"
+ "stm lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adc r10, r0, #0\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov lr, sp\n\t"
+ /* A[0] * A[0] */
+ "ldr r12, [r1]\n\t"
+ "umull r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "ldr r12, [r1, #4]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "ldr r12, [r1, #8]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "ldr r12, [r1, #12]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r9, r11, r12, r12\n\t"
+ "adds r10, r10, r11\n\t"
+ "stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "ldr r12, [r1, #16]\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "ldr r12, [r1, #20]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "ldr r12, [r1, #24]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "ldr r12, [r1, #28]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r12, r12\n\t"
+ /* Reduce */
+ "ldr r2, [sp, #28]\n\t"
+ "mov lr, sp\n\t"
+ "mov r12, #38\n\t"
+ "umull r10, r11, r12, r10\n\t"
+ "adds r10, r10, r2\n\t"
+ "adc r11, r11, #0\n\t"
+ "mov r12, #19\n\t"
+ "lsl r11, r11, #1\n\t"
+ "orr r11, r11, r10, LSR #31\n\t"
+ "mul r11, r12, r11\n\t"
+ "ldm lr!, {r1, r2}\n\t"
+ "mov r12, #38\n\t"
+ "adds r1, r1, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r1, r11, r3, r12\n\t"
+ "adds r2, r2, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r2, r11, r4, r12\n\t"
+ "ldm lr!, {r3, r4}\n\t"
+ "adds r3, r3, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r3, r11, r5, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r4, r11, r6, r12\n\t"
+ "ldm lr!, {r5, r6}\n\t"
+ "adds r5, r5, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r5, r11, r7, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r6, r11, r8, r12\n\t"
+ "ldm lr!, {r7, r8}\n\t"
+ "adds r7, r7, r11\n\t"
+ "adc r11, r0, #0\n\t"
+ "umlal r7, r11, r9, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r10, r10, #0x80000000\n\t"
+#else
+ "bfc r10, #31, #1\n\t"
+#endif
+ "adds r8, r10, r11\n\t"
+ /* Reduce if top bit set */
+ "mov r12, #19\n\t"
+ "and r11, r12, r8, ASR #31\n\t"
+ "adds r1, r1, r11\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r8, r8, #0x80000000\n\t"
+#else
+ "bfc r8, #31, #1\n\t"
+#endif
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ /* Double */
+ "adds r1, r1, r1\n\t"
+ "adcs r2, r2, r2\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adc r8, r8, r8\n\t"
+ /* Reduce if top bit set */
+ "mov r12, #19\n\t"
+ "and r11, r12, r8, ASR #31\n\t"
+ "adds r1, r1, r11\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r8, r8, #0x80000000\n\t"
+#else
+ "bfc r8, #31, #1\n\t"
+#endif
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ /* Store */
+ "ldr r0, [sp, #64]\n\t"
+ "stm r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#else
+void fe_sq2(fe r_p, const fe a_p)
+{
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #36\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r0, [sp, #28]\n\t"
+ "str r1, [sp, #32]\n\t"
+#else
+ "strd r0, r1, [sp, #28]\n\t"
+#endif
+ "ldm r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ /* Square * 2 */
+ "umull r9, r10, r0, r0\n\t"
+ "umull r11, r12, r0, r1\n\t"
+ "adds r11, r11, r11\n\t"
+ "mov lr, #0\n\t"
+ "umaal r10, r11, lr, lr\n\t"
+ "stm sp, {r9, r10}\n\t"
+ "mov r8, lr\n\t"
+ "umaal r8, r12, r0, r2\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r8, r11, r1, r1\n\t"
+ "umull r9, r10, r0, r3\n\t"
+ "umaal r9, r12, r1, r2\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [sp, #8]\n\t"
+ "str r9, [sp, #12]\n\t"
+#else
+ "strd r8, r9, [sp, #8]\n\t"
+#endif
+ "mov r9, lr\n\t"
+ "umaal r9, r10, r0, r4\n\t"
+ "umaal r9, r12, r1, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r2, r2\n\t"
+ "str r9, [sp, #16]\n\t"
+ "umull r9, r8, r0, r5\n\t"
+ "umaal r9, r12, r1, r4\n\t"
+ "umaal r9, r10, r2, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+ "str r9, [sp, #20]\n\t"
+ "mov r9, lr\n\t"
+ "umaal r9, r8, r0, r6\n\t"
+ "umaal r9, r12, r1, r5\n\t"
+ "umaal r9, r10, r2, r4\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r3, r3\n\t"
+ "str r9, [sp, #24]\n\t"
+ "umull r0, r9, r0, r7\n\t"
+ "umaal r0, r8, r1, r6\n\t"
+ "umaal r0, r12, r2, r5\n\t"
+ "umaal r0, r10, r3, r4\n\t"
+ "adcs r0, r0, r0\n\t"
+ "umaal r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "umaal r9, r8, r1, r7\n\t"
+ "umaal r9, r10, r2, r6\n\t"
+ "umaal r12, r9, r3, r5\n\t"
+ "adcs r12, r12, r12\n\t"
+ "umaal r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "umaal r9, r8, r2, r7\n\t"
+ "umaal r10, r9, r3, r6\n\t"
+ "mov r2, lr\n\t"
+ "umaal r10, r2, r4, r5\n\t"
+ "adcs r10, r10, r10\n\t"
+ "umaal r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "umaal r2, r8, r3, r7\n\t"
+ "umaal r2, r9, r4, r6\n\t"
+ "adcs r3, r2, r2\n\t"
+ "umaal r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "mov r1, lr\n\t"
+ "umaal r1, r8, r4, r7\n\t"
+ "umaal r1, r9, r5, r6\n\t"
+ "adcs r4, r1, r1\n\t"
+ "umaal r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "umaal r8, r9, r5, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "mov r5, lr\n\t"
+ "umaal r5, r9, r6, r7\n\t"
+ "adcs r5, r5, r5\n\t"
+ "umaal r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r5, r7, r7\n\t"
+ "adcs r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ /* Reduce */
+ "mov r6, #37\n\t"
+ "umaal r7, r0, r7, r6\n\t"
+ "mov r6, #19\n\t"
+ "lsl r0, r0, #1\n\t"
+ "orr r0, r0, r7, lsr #31\n\t"
+ "mul lr, r0, r6\n\t"
+ "pop {r0-r1}\n\t"
+ "mov r6, #38\n\t"
+ "umaal r0, lr, r12, r6\n\t"
+ "umaal r1, lr, r11, r6\n\t"
+ "mov r12, r3\n\t"
+ "mov r11, r4\n\t"
+ "pop {r2-r4}\n\t"
+ "umaal r2, lr, r10, r6\n\t"
+ "umaal r3, lr, r12, r6\n\t"
+ "umaal r4, lr, r11, r6\n\t"
+ "mov r12, r6\n\t"
+ "pop {r5-r6}\n\t"
+ "umaal r5, lr, r8, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r7, r7, #0x80000000\n\t"
+#else
+ "bfc r7, #31, #1\n\t"
+#endif
+ "umaal r6, lr, r9, r12\n\t"
+ "add r7, r7, lr\n\t"
+ /* Reduce if top bit set */
+ "mov r11, #19\n\t"
+ "and r12, r11, r7, ASR #31\n\t"
+ "adds r0, r0, r12\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r7, r7, #0x80000000\n\t"
+#else
+ "bfc r7, #31, #1\n\t"
+#endif
+ "adcs r6, r6, #0\n\t"
+ "adc r7, r7, #0\n\t"
+ /* Double */
+ "adds r0, r0, r0\n\t"
+ "adcs r1, r1, r1\n\t"
+ "adcs r2, r2, r2\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adc r7, r7, r7\n\t"
+ /* Reduce if top bit set */
+ "mov r11, #19\n\t"
+ "and r12, r11, r7, ASR #31\n\t"
+ "adds r0, r0, r12\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r7, r7, #0x80000000\n\t"
+#else
+ "bfc r7, #31, #1\n\t"
+#endif
+ "adcs r6, r6, #0\n\t"
+ "adc r7, r7, #0\n\t"
+ "pop {r12, lr}\n\t"
+ /* Store */
+ "stm r12, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "mov r0, r12\n\t"
+ "mov r1, lr\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
void fe_pow22523(fe r_p, const fe a_p)
{
- register fe r asm ("r0") = r_p;
- register const fe a asm ("r1") = a_p;
+ register sword32* r asm ("r0") = (sword32*)r_p;
+ register const sword32* a asm ("r1") = (const sword32*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x68\n\t"
/* pow22523 */
"str %[r], [sp, #96]\n\t"
"str %[a], [sp, #100]\n\t"
- "mov r0, sp\n\t"
"ldr r1, [sp, #100]\n\t"
- "bl fe_sq\n\t"
- "add r0, sp, #32\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_sq_op\n\t"
"mov r1, sp\n\t"
- "bl fe_sq\n\t"
"add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
"add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "add r2, sp, #32\n\t"
"ldr r1, [sp, #100]\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
"add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "mov r0, sp\n\t"
"mov r1, sp\n\t"
- "add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
"mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
"mov r1, sp\n\t"
- "bl fe_sq\n\t"
"mov r0, sp\n\t"
- "add r1, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
"mov r2, sp\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #32\n\t"
+ "add r1, sp, #32\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
"mov r1, sp\n\t"
- "bl fe_sq\n\t"
- "mov r4, #4\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #4\n\t"
"\n"
"L_fe_pow22523_1_%=: \n\t"
- "add r0, sp, #32\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #32\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_1_%=\n\t"
- "mov r0, sp\n\t"
- "add r1, sp, #32\n\t"
"mov r2, sp\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #32\n\t"
+ "add r1, sp, #32\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
"mov r1, sp\n\t"
- "bl fe_sq\n\t"
- "mov r4, #9\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #9\n\t"
"\n"
"L_fe_pow22523_2_%=: \n\t"
- "add r0, sp, #32\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #32\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_2_%=\n\t"
+ "mov r2, sp\n\t"
+ "add r1, sp, #32\n\t"
"add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #32\n\t"
- "mov r2, sp\n\t"
- "bl fe_mul\n\t"
"add r0, sp, #0x40\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "mov r4, #19\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #19\n\t"
"\n"
"L_fe_pow22523_3_%=: \n\t"
- "add r0, sp, #0x40\n\t"
"add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_3_%=\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #0x40\n\t"
"add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "mov r4, #10\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #10\n\t"
"\n"
"L_fe_pow22523_4_%=: \n\t"
- "add r0, sp, #32\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #32\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_4_%=\n\t"
- "mov r0, sp\n\t"
- "add r1, sp, #32\n\t"
"mov r2, sp\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #32\n\t"
+ "add r1, sp, #32\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
"mov r1, sp\n\t"
- "bl fe_sq\n\t"
- "mov r4, #49\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #49\n\t"
"\n"
"L_fe_pow22523_5_%=: \n\t"
- "add r0, sp, #32\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #32\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_5_%=\n\t"
+ "mov r2, sp\n\t"
+ "add r1, sp, #32\n\t"
"add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
"add r1, sp, #32\n\t"
- "mov r2, sp\n\t"
- "bl fe_mul\n\t"
"add r0, sp, #0x40\n\t"
- "add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "mov r4, #0x63\n\t"
+ "bl fe_sq_op\n\t"
+ "mov r12, #0x63\n\t"
"\n"
"L_fe_pow22523_6_%=: \n\t"
- "add r0, sp, #0x40\n\t"
"add r1, sp, #0x40\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #0x40\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_6_%=\n\t"
- "add r0, sp, #32\n\t"
- "add r1, sp, #0x40\n\t"
"add r2, sp, #32\n\t"
- "bl fe_mul\n\t"
- "mov r4, #50\n\t"
+ "add r1, sp, #0x40\n\t"
+ "add r0, sp, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #50\n\t"
"\n"
"L_fe_pow22523_7_%=: \n\t"
- "add r0, sp, #32\n\t"
"add r1, sp, #32\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "add r0, sp, #32\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_7_%=\n\t"
- "mov r0, sp\n\t"
- "add r1, sp, #32\n\t"
"mov r2, sp\n\t"
- "bl fe_mul\n\t"
- "mov r4, #2\n\t"
+ "add r1, sp, #32\n\t"
+ "mov r0, sp\n\t"
+ "bl fe_mul_op\n\t"
+ "mov r12, #2\n\t"
"\n"
"L_fe_pow22523_8_%=: \n\t"
- "mov r0, sp\n\t"
"mov r1, sp\n\t"
- "bl fe_sq\n\t"
- "sub r4, r4, #1\n\t"
- "cmp r4, #0\n\t"
+ "mov r0, sp\n\t"
+ "push {r12}\n\t"
+ "bl fe_sq_op\n\t"
+ "pop {r12}\n\t"
+ "subs r12, r12, #1\n\t"
"bne L_fe_pow22523_8_%=\n\t"
- "ldr r0, [sp, #96]\n\t"
- "mov r1, sp\n\t"
"ldr r2, [sp, #100]\n\t"
- "bl fe_mul\n\t"
+ "mov r1, sp\n\t"
+ "ldr r0, [sp, #96]\n\t"
+ "bl fe_mul_op\n\t"
"ldr %[a], [sp, #100]\n\t"
"ldr %[r], [sp, #96]\n\t"
"add sp, sp, #0x68\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "lr", "r4"
+ : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
}
-void fe_ge_to_p2(fe rx_p, fe ry_p, fe rz_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p)
+void ge_p1p1_to_p2(ge_p2 * r_p, const ge_p1p1 * p_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register const fe px asm ("r3") = px_p;
- register const fe py asm ("r4") = py_p;
- register const fe pz asm ("r5") = pz_p;
- register const fe pt asm ("r6") = pt_p;
+ register ge_p2 * r asm ("r0") = (ge_p2 *)r_p;
+ register const ge_p1p1 * p asm ("r1") = (const ge_p1p1 *)p_p;
__asm__ __volatile__ (
- "sub sp, sp, #16\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[px], [sp, #12]\n\t"
- "ldr r2, [sp, #28]\n\t"
- "ldr r1, [sp, #12]\n\t"
+ "sub sp, sp, #8\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "add r2, r1, #0x60\n\t"
+ "bl fe_mul_op\n\t"
"ldr r0, [sp]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #24]\n\t"
- "ldr r1, [sp, #20]\n\t"
- "ldr r0, [sp, #4]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #28]\n\t"
- "ldr r1, [sp, #24]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_mul\n\t"
- "add sp, sp, #16\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [px] "+r" (px)
+ "ldr r1, [sp, #4]\n\t"
+ "add r2, r1, #0x40\n\t"
+ "add r1, r1, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r2, r1, #0x60\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "add sp, sp, #8\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
:
- : "memory", "lr"
+ : "memory", "lr", "r2", "r3", "r12", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
- (void)py_p;
- (void)pz_p;
- (void)pt_p;
}
-void fe_ge_to_p3(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p)
+void ge_p1p1_to_p3(ge_p3 * r_p, const ge_p1p1 * p_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register fe rt asm ("r3") = rt_p;
- register const fe px asm ("r4") = px_p;
- register const fe py asm ("r5") = py_p;
- register const fe pz asm ("r6") = pz_p;
- register const fe pt asm ("r7") = pt_p;
+ register ge_p3 * r asm ("r0") = (ge_p3 *)r_p;
+ register const ge_p1p1 * p asm ("r1") = (const ge_p1p1 *)p_p;
__asm__ __volatile__ (
- "sub sp, sp, #16\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[rt], [sp, #12]\n\t"
- "ldr r2, [sp, #32]\n\t"
- "ldr r1, [sp, #20]\n\t"
+ "sub sp, sp, #8\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "add r2, r1, #0x60\n\t"
+ "bl fe_mul_op\n\t"
"ldr r0, [sp]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #28]\n\t"
- "ldr r1, [sp, #24]\n\t"
- "ldr r0, [sp, #4]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #32]\n\t"
- "ldr r1, [sp, #28]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #24]\n\t"
- "ldr r1, [sp, #20]\n\t"
- "ldr r0, [sp, #12]\n\t"
- "bl fe_mul\n\t"
- "add sp, sp, #16\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+ "ldr r1, [sp, #4]\n\t"
+ "add r2, r1, #0x40\n\t"
+ "add r1, r1, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r2, r1, #0x60\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r2, r1, #32\n\t"
+ "add r0, r0, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "add sp, sp, #8\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
:
- : "memory", "lr"
+ : "memory", "lr", "r2", "r3", "r12", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
- (void)px_p;
- (void)py_p;
- (void)pz_p;
- (void)pt_p;
}
-void fe_ge_dbl(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p)
+void ge_p2_dbl(ge_p1p1 * r_p, const ge_p2 * p_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register fe rt asm ("r3") = rt_p;
- register const fe px asm ("r4") = px_p;
- register const fe py asm ("r5") = py_p;
- register const fe pz asm ("r6") = pz_p;
+ register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p2 * p asm ("r1") = (const ge_p2 *)p_p;
__asm__ __volatile__ (
- "sub sp, sp, #16\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[rt], [sp, #12]\n\t"
- "ldr r1, [sp, #52]\n\t"
+ "sub sp, sp, #8\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "bl fe_sq_op\n\t"
"ldr r0, [sp]\n\t"
- "bl fe_sq\n\t"
- "ldr r1, [sp, #56]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_sq\n\t"
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp, #52]\n\t"
- "ldr r2, [sp, #56]\n\t"
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
"ldr r1, [sp, #4]\n\t"
- "ldr r0, [sp, #12]\n\t"
- "bl fe_sq\n\t"
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp, #8]\n\t"
- "ldr r2, [sp]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r2]\n\t"
- "ldr r7, [r2, #4]\n\t"
-#else
- "ldrd r6, r7, [r2]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r2, #8]\n\t"
- "ldr r7, [r2, #12]\n\t"
-#else
- "ldrd r6, r7, [r2, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r2, #16]\n\t"
- "ldr r7, [r2, #20]\n\t"
-#else
- "ldrd r6, r7, [r2, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #24]\n\t"
- "ldr r5, [r1, #28]\n\t"
-#else
- "ldrd r4, r5, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r2, #24]\n\t"
- "ldr r7, [r2, #28]\n\t"
-#else
- "ldrd r6, r7, [r2, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
-#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
-#else
- "strd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
-#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
-#else
- "strd r10, r11, [r1, #24]\n\t"
-#endif
+ "add r1, r1, #32\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_sq_op\n\t"
"ldr r0, [sp]\n\t"
- "ldr r1, [sp, #12]\n\t"
- "ldr r2, [sp, #4]\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
- "adcs r6, r6, %[rt]\n\t"
- "adcs r7, r7, %[rt]\n\t"
- "adcs r8, r8, %[rt]\n\t"
- "adcs r9, r9, %[rt]\n\t"
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r1, [sp, #60]\n\t"
- "ldr r0, [sp, #12]\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r2, r1, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_add_op\n\t"
+ "mov r1, r0\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_sq_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "mov r3, r0\n\t"
+ "add r2, r0, #0x40\n\t"
+ "add r1, r0, #0x40\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "mov r2, r0\n\t"
+ "add r1, r0, #0x40\n\t"
+ "sub r0, r0, #32\n\t"
+ "bl fe_sub_op\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #0x60\n\t"
"bl fe_sq2\n\t"
- "ldr r0, [sp, #12]\n\t"
- "ldr r1, [sp, #8]\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r1]\n\t"
- "ldr r9, [r1, #4]\n\t"
-#else
- "ldrd r8, r9, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r1, #8]\n\t"
- "ldr r11, [r1, #12]\n\t"
-#else
- "ldrd r10, r11, [r1, #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
-#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r1, #16]\n\t"
- "ldr r9, [r1, #20]\n\t"
-#else
- "ldrd r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r1, #24]\n\t"
- "ldr r11, [r1, #28]\n\t"
-#else
- "ldrd r10, r11, [r1, #24]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
- "adcs r6, r6, %[rt]\n\t"
- "adcs r7, r7, %[rt]\n\t"
- "adcs r8, r8, %[rt]\n\t"
- "adcs r9, r9, %[rt]\n\t"
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "add sp, sp, #16\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+ "sub r2, r0, #32\n\t"
+ "mov r1, r0\n\t"
+ "bl fe_sub_op\n\t"
+ "add sp, sp, #8\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
- (void)px_p;
- (void)py_p;
- (void)pz_p;
}
-void fe_ge_madd(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qxy2d_p, const fe qyplusx_p, const fe qyminusx_p)
+void ge_madd(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register fe rt asm ("r3") = rt_p;
- register const fe px asm ("r4") = px_p;
- register const fe py asm ("r5") = py_p;
- register const fe pz asm ("r6") = pz_p;
- register const fe pt asm ("r7") = pt_p;
- register const fe qxy2d asm ("r8") = qxy2d_p;
- register const fe qyplusx asm ("r9") = qyplusx_p;
- register const fe qyminusx asm ("r10") = qyminusx_p;
+ register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+ register const ge_precomp * q asm ("r2") = (const ge_precomp *)q_p;
__asm__ __volatile__ (
- "sub sp, sp, #32\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[rt], [sp, #12]\n\t"
- "ldr r0, [sp]\n\t"
- "ldr r1, [sp, #72]\n\t"
- "ldr r2, [sp, #68]\n\t"
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp, #72]\n\t"
- "ldr r2, [sp, #68]\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
- "adcs r6, r6, %[rt]\n\t"
- "adcs r7, r7, %[rt]\n\t"
- "adcs r8, r8, %[rt]\n\t"
- "adcs r9, r9, %[rt]\n\t"
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r2, [sp, #88]\n\t"
- "ldr r1, [sp]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #92]\n\t"
+ "sub sp, sp, #12\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "str %[q], [sp, #8]\n\t"
+ "mov r2, r1\n\t"
+ "add r1, r1, #32\n\t"
+ "bl fe_add_op\n\t"
"ldr r1, [sp, #4]\n\t"
- "ldr r0, [sp, #4]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #80]\n\t"
- "ldr r1, [sp, #84]\n\t"
- "ldr r0, [sp, #12]\n\t"
- "bl fe_mul\n\t"
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp]\n\t"
+ "mov r2, r1\n\t"
+ "add r1, r1, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_sub_op\n\t"
"ldr r2, [sp, #8]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2]\n\t"
- "ldr r5, [r2, #4]\n\t"
-#else
- "ldrd r4, r5, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0]\n\t"
- "ldr r7, [r0, #4]\n\t"
-#else
- "ldrd r6, r7, [r0]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #8]\n\t"
- "ldr r5, [r2, #12]\n\t"
-#else
- "ldrd r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #16]\n\t"
- "ldr r5, [r2, #20]\n\t"
-#else
- "ldrd r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #16]\n\t"
- "ldr r7, [r0, #20]\n\t"
-#else
- "ldrd r6, r7, [r0, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
+ "sub r1, r0, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r2, r2, #32\n\t"
+ "add r1, r0, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #8]\n\t"
+ "ldr r2, [sp, #4]\n\t"
+ "add r2, r2, #0x60\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "add r3, r0, #32\n\t"
+ "add r2, r0, #0x40\n\t"
+ "mov r1, r0\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #32\n\t"
+ /* Double */
+ "ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "adds r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adcs r10, r10, r10\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
+ "adcs r11, r11, r11\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #24]\n\t"
- "ldr r5, [r2, #28]\n\t"
-#else
- "ldrd r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
-#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
-#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
+ "mov r12, #19\n\t"
+ "lsl lr, lr, #1\n\t"
+ "orr lr, lr, r11, lsr #31\n\t"
+ "mul r12, lr, r12\n\t"
"adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
-#else
- "strd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
-#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0x80000000\n\t"
#else
- "strd r10, r11, [r1, #24]\n\t"
+ "bfc r11, #31, #1\n\t"
#endif
- "ldr r0, [sp, #8]\n\t"
- "ldr r1, [sp, #76]\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "add r3, r0, #32\n\t"
+ "add r1, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add sp, sp, #12\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+void ge_msub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
+{
+ register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+ register const ge_precomp * q asm ("r2") = (const ge_precomp *)q_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #12\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "str %[q], [sp, #8]\n\t"
+ "mov r2, r1\n\t"
+ "add r1, r1, #32\n\t"
+ "bl fe_add_op\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "mov r2, r1\n\t"
+ "add r1, r1, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_sub_op\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r2, r2, #32\n\t"
+ "sub r1, r0, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r1, r0, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #8]\n\t"
+ "ldr r2, [sp, #4]\n\t"
+ "add r2, r2, #0x60\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #0x60\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "add r3, r0, #32\n\t"
+ "add r2, r0, #0x40\n\t"
+ "mov r1, r0\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "add r1, r1, #0x40\n\t"
+ "add r0, r0, #32\n\t"
/* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r1, #16]\n\t"
- "ldr r9, [r1, #20]\n\t"
-#else
- "ldrd r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r1, #24]\n\t"
- "ldr r11, [r1, #28]\n\t"
-#else
- "ldrd r10, r11, [r1, #24]\n\t"
-#endif
+ "ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"adds r4, r4, r4\n\t"
"adcs r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
@@ -7364,845 +5425,81 @@ void fe_ge_madd(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p
"adcs r8, r8, r8\n\t"
"adcs r9, r9, r9\n\t"
"adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r0, [sp, #8]\n\t"
- "ldr r1, [sp, #12]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1]\n\t"
- "ldr r7, [r1, #4]\n\t"
-#else
- "ldrd r6, r7, [r1]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
+ "adcs r11, r11, r11\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #16]\n\t"
- "ldr r7, [r1, #20]\n\t"
-#else
- "ldrd r6, r7, [r1, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #24]\n\t"
- "ldr r5, [r0, #28]\n\t"
-#else
- "ldrd r4, r5, [r0, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
-#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
+ "mov r12, #19\n\t"
+ "lsl lr, lr, #1\n\t"
+ "orr lr, lr, r11, lsr #31\n\t"
+ "mul r12, lr, r12\n\t"
"adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
-#else
- "strd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
-#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0x80000000\n\t"
#else
- "strd r10, r11, [r1, #24]\n\t"
+ "bfc r11, #31, #1\n\t"
#endif
- "add sp, sp, #32\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+ "adcs r10, r10, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "add r3, r0, #32\n\t"
+ "mov r1, r0\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add sp, sp, #12\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
- (void)px_p;
- (void)py_p;
- (void)pz_p;
- (void)pt_p;
- (void)qxy2d_p;
- (void)qyplusx_p;
- (void)qyminusx_p;
}
-void fe_ge_msub(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qxy2d_p, const fe qyplusx_p, const fe qyminusx_p)
+void ge_add(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register fe rt asm ("r3") = rt_p;
- register const fe px asm ("r4") = px_p;
- register const fe py asm ("r5") = py_p;
- register const fe pz asm ("r6") = pz_p;
- register const fe pt asm ("r7") = pt_p;
- register const fe qxy2d asm ("r8") = qxy2d_p;
- register const fe qyplusx asm ("r9") = qyplusx_p;
- register const fe qyminusx asm ("r10") = qyminusx_p;
+ register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+ register const ge_cached* q asm ("r2") = (const ge_cached*)q_p;
__asm__ __volatile__ (
- "sub sp, sp, #32\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[rt], [sp, #12]\n\t"
+ "sub sp, sp, #44\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "str %[q], [sp, #8]\n\t"
+ "mov r3, r1\n\t"
+ "add r2, r1, #32\n\t"
+ "add r1, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "mov r1, r0\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r2, r2, #32\n\t"
+ "add r1, r0, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #8]\n\t"
+ "ldr r2, [sp, #4]\n\t"
+ "add r2, r2, #0x60\n\t"
+ "add r1, r1, #0x60\n\t"
+ "add r0, r0, #0x60\n\t"
+ "bl fe_mul_op\n\t"
"ldr r0, [sp]\n\t"
- "ldr r1, [sp, #72]\n\t"
- "ldr r2, [sp, #68]\n\t"
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp, #72]\n\t"
- "ldr r2, [sp, #68]\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
- "adcs r6, r6, %[rt]\n\t"
- "adcs r7, r7, %[rt]\n\t"
- "adcs r8, r8, %[rt]\n\t"
- "adcs r9, r9, %[rt]\n\t"
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r2, [sp, #92]\n\t"
- "ldr r1, [sp]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #88]\n\t"
"ldr r1, [sp, #4]\n\t"
- "ldr r0, [sp, #4]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #80]\n\t"
- "ldr r1, [sp, #84]\n\t"
- "ldr r0, [sp, #12]\n\t"
- "bl fe_mul\n\t"
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp]\n\t"
"ldr r2, [sp, #8]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2]\n\t"
- "ldr r5, [r2, #4]\n\t"
-#else
- "ldrd r4, r5, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0]\n\t"
- "ldr r7, [r0, #4]\n\t"
-#else
- "ldrd r6, r7, [r0]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #8]\n\t"
- "ldr r5, [r2, #12]\n\t"
-#else
- "ldrd r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #16]\n\t"
- "ldr r5, [r2, #20]\n\t"
-#else
- "ldrd r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #16]\n\t"
- "ldr r7, [r0, #20]\n\t"
-#else
- "ldrd r6, r7, [r0, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #24]\n\t"
- "ldr r5, [r2, #28]\n\t"
-#else
- "ldrd r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
-#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
-#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
-#else
- "strd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
-#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
-#else
- "strd r10, r11, [r1, #24]\n\t"
-#endif
- "ldr r0, [sp, #8]\n\t"
- "ldr r1, [sp, #76]\n\t"
+ "add r2, r2, #0x40\n\t"
+ "add r1, r1, #0x40\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r1, [sp]\n\t"
+ "add r0, sp, #12\n\t"
/* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r1, #16]\n\t"
- "ldr r9, [r1, #20]\n\t"
-#else
- "ldrd r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r1, #24]\n\t"
- "ldr r11, [r1, #28]\n\t"
-#else
- "ldrd r10, r11, [r1, #24]\n\t"
-#endif
+ "ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"adds r4, r4, r4\n\t"
"adcs r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
@@ -8210,608 +5507,86 @@ void fe_ge_msub(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p
"adcs r8, r8, r8\n\t"
"adcs r9, r9, r9\n\t"
"adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r0, [sp, #12]\n\t"
- "ldr r1, [sp, #8]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0]\n\t"
- "ldr r7, [r0, #4]\n\t"
-#else
- "ldrd r6, r7, [r0]\n\t"
-#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
+ "adcs r11, r11, r11\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #16]\n\t"
- "ldr r7, [r0, #20]\n\t"
-#else
- "ldrd r6, r7, [r0, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #24]\n\t"
- "ldr r5, [r1, #28]\n\t"
-#else
- "ldrd r4, r5, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
-#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
-#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
+ "mov r12, #19\n\t"
+ "lsl lr, lr, #1\n\t"
+ "orr lr, lr, r11, lsr #31\n\t"
+ "mul r12, lr, r12\n\t"
"adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
-#else
- "strd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
-#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0x80000000\n\t"
#else
- "strd r10, r11, [r1, #24]\n\t"
+ "bfc r11, #31, #1\n\t"
#endif
- "add sp, sp, #32\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+ "adcs r10, r10, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "add r3, r1, #32\n\t"
+ "add r2, r1, #0x40\n\t"
+ "add r0, r1, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add r3, r0, #0x40\n\t"
+ "add r2, sp, #12\n\t"
+ "add r1, r0, #0x40\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add sp, sp, #44\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
- (void)px_p;
- (void)py_p;
- (void)pz_p;
- (void)pt_p;
- (void)qxy2d_p;
- (void)qyplusx_p;
- (void)qyminusx_p;
}
-void fe_ge_add(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qz_p, const fe qt2d_p, const fe qyplusx_p, const fe qyminusx_p)
+void ge_sub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register fe rt asm ("r3") = rt_p;
- register const fe px asm ("r4") = px_p;
- register const fe py asm ("r5") = py_p;
- register const fe pz asm ("r6") = pz_p;
- register const fe pt asm ("r7") = pt_p;
- register const fe qz asm ("r8") = qz_p;
- register const fe qt2d asm ("r9") = qt2d_p;
- register const fe qyplusx asm ("r10") = qyplusx_p;
- register const fe qyminusx asm ("r11") = qyminusx_p;
+ register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+ register const ge_cached* q asm ("r2") = (const ge_cached*)q_p;
__asm__ __volatile__ (
- "sub sp, sp, #0x60\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[rt], [sp, #12]\n\t"
+ "sub sp, sp, #44\n\t"
+ "str %[r], [sp]\n\t"
+ "str %[p], [sp, #4]\n\t"
+ "str %[q], [sp, #8]\n\t"
+ "mov r3, r1\n\t"
+ "add r2, r1, #32\n\t"
+ "add r1, r0, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r2, r2, #32\n\t"
+ "mov r1, r0\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_mul_op\n\t"
"ldr r0, [sp]\n\t"
- "ldr r1, [sp, #136]\n\t"
- "ldr r2, [sp, #132]\n\t"
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp, #136]\n\t"
- "ldr r2, [sp, #132]\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
-#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
-#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
- "adcs r6, r6, %[rt]\n\t"
- "adcs r7, r7, %[rt]\n\t"
- "adcs r8, r8, %[rt]\n\t"
- "adcs r9, r9, %[rt]\n\t"
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r2, [sp, #156]\n\t"
- "ldr r1, [sp]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #160]\n\t"
- "ldr r1, [sp, #4]\n\t"
- "ldr r0, [sp, #4]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #144]\n\t"
- "ldr r1, [sp, #152]\n\t"
- "ldr r0, [sp, #12]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #148]\n\t"
- "ldr r1, [sp, #140]\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r1, r0, #32\n\t"
+ "add r0, r0, #32\n\t"
+ "bl fe_mul_op\n\t"
+ "ldr r0, [sp]\n\t"
+ "ldr r1, [sp, #8]\n\t"
+ "ldr r2, [sp, #4]\n\t"
+ "add r2, r2, #0x60\n\t"
+ "add r1, r1, #0x60\n\t"
+ "add r0, r0, #0x60\n\t"
+ "bl fe_mul_op\n\t"
"ldr r0, [sp]\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #16\n\t"
+ "ldr r1, [sp, #4]\n\t"
+ "ldr r2, [sp, #8]\n\t"
+ "add r2, r2, #0x40\n\t"
+ "add r1, r1, #0x40\n\t"
+ "bl fe_mul_op\n\t"
"ldr r1, [sp]\n\t"
+ "add r0, sp, #12\n\t"
/* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r1, #16]\n\t"
- "ldr r9, [r1, #20]\n\t"
-#else
- "ldrd r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r1, #24]\n\t"
- "ldr r11, [r1, #28]\n\t"
-#else
- "ldrd r10, r11, [r1, #24]\n\t"
-#endif
+ "ldm r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"adds r4, r4, r4\n\t"
"adcs r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
@@ -8819,1398 +5594,3410 @@ void fe_ge_add(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p,
"adcs r8, r8, r8\n\t"
"adcs r9, r9, r9\n\t"
"adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
+ "mov lr, #0\n\t"
+ "adcs r11, r11, r11\n\t"
+ "adc lr, lr, #0\n\t"
+ "mov r12, #19\n\t"
+ "lsl lr, lr, #1\n\t"
+ "orr lr, lr, r11, lsr #31\n\t"
+ "mul r12, lr, r12\n\t"
+ "adds r4, r4, r12\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0x80000000\n\t"
#else
- "strd r6, r7, [r0, #8]\n\t"
+ "bfc r11, #31, #1\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "stm r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "add r3, r1, #32\n\t"
+ "add r2, r1, #0x40\n\t"
+ "add r0, r1, #32\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add r3, r0, #0x40\n\t"
+ "add r2, sp, #12\n\t"
+ "add r1, r0, #32\n\t"
+ "add r0, r0, #0x40\n\t"
+ "bl fe_add_sub_op\n\t"
+ "add sp, sp, #44\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void sc_reduce(byte* s_p)
+{
+ register byte* s asm ("r0") = (byte*)s_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #56\n\t"
+ "str %[s], [sp, #52]\n\t"
+ /* Load bits 252-511 */
+ "add %[s], %[s], #28\n\t"
+ "ldm %[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "lsr lr, r9, #24\n\t"
+ "lsl r9, r9, #4\n\t"
+ "orr r9, r9, r8, LSR #28\n\t"
+ "lsl r8, r8, #4\n\t"
+ "orr r8, r8, r7, LSR #28\n\t"
+ "lsl r7, r7, #4\n\t"
+ "orr r7, r7, r6, LSR #28\n\t"
+ "lsl r6, r6, #4\n\t"
+ "orr r6, r6, r5, LSR #28\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, LSR #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, r3, LSR #28\n\t"
+ "lsl r3, r3, #4\n\t"
+ "orr r3, r3, r2, LSR #28\n\t"
+ "lsl r2, r2, #4\n\t"
+ "orr r2, r2, r1, LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "sub %[s], %[s], #28\n\t"
+ /* Add order times bits 504..511 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xa3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #10\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #44\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x2c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x13\n\t"
+#else
+ "mov r10, #0x2c13\n\t"
+#endif
+ "movt r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xa7\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xed\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xe5\n\t"
#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0xe5\n\t"
+#else
+ "mov r11, #0x9ce5\n\t"
+#endif
+ "movt r11, #0xa7ed\n\t"
+#endif
+ "mov r1, #0\n\t"
+ "umlal r2, r1, r10, lr\n\t"
+ "adds r3, r3, r1\n\t"
+ "mov r1, #0\n\t"
+ "adc r1, r1, #0\n\t"
+ "umlal r3, r1, r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5d\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #8\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x29\n\t"
+#else
+ "mov r10, #0x6329\n\t"
+#endif
+ "movt r10, #0x5d08\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xeb\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
#else
- "strd r10, r11, [r0, #24]\n\t"
-#endif
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp]\n\t"
- "ldr r2, [sp, #8]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2]\n\t"
- "ldr r5, [r2, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x21\n\t"
#else
- "ldrd r4, r5, [r2]\n\t"
+ "mov r11, #0x621\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0]\n\t"
- "ldr r7, [r0, #4]\n\t"
-#else
- "ldrd r6, r7, [r0]\n\t"
+ "movt r11, #0xeb21\n\t"
#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
+ "adds r4, r4, r1\n\t"
+ "mov r1, #0\n\t"
+ "adc r1, r1, #0\n\t"
+ "umlal r4, r1, r10, lr\n\t"
+ "adds r5, r5, r1\n\t"
+ "mov r1, #0\n\t"
+ "adc r1, r1, #0\n\t"
+ "umlal r5, r1, r11, lr\n\t"
+ "adds r6, r6, r1\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "subs r6, r6, lr\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc r9, r9, #0\n\t"
+ /* Sub product of top 8 words and order */
+ "mov r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa3\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #10\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #44\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x2c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x13\n\t"
+#else
+ "mov r1, #0x2c13\n\t"
+#endif
+ "movt r1, #0xa30a\n\t"
#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #8]\n\t"
- "ldr r5, [r2, #12]\n\t"
-#else
- "ldrd r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
+ "umlal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #16]\n\t"
- "ldr r5, [r2, #20]\n\t"
-#else
- "ldrd r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #16]\n\t"
- "ldr r7, [r0, #20]\n\t"
-#else
- "ldrd r6, r7, [r0, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
+ "umlal r10, lr, r4, r1\n\t"
+ "adds r11, r11, lr\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #24]\n\t"
- "ldr r5, [r2, #28]\n\t"
-#else
- "ldrd r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
-#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
+ "umlal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0xf0000000\n\t"
#else
- "ldrd r4, r5, [r0, #8]\n\t"
+ "bfc r11, #28, #4\n\t"
#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa7\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xed\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0xe5\n\t"
+#else
+ "mov r1, #0x9ce5\n\t"
+#endif
+ "movt r1, #0xa7ed\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x5d\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #8\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x29\n\t"
+#else
+ "mov r1, #0x6329\n\t"
+#endif
+ "movt r1, #0x5d08\n\t"
#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xeb\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x21\n\t"
+#else
+ "mov r1, #0x621\n\t"
+#endif
+ "movt r1, #0xeb21\n\t"
#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, r1\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+ /* Subtract at 4 * 32 */
+ "ldm r12, {r10, r11}\n\t"
+ "subs r10, r10, r2\n\t"
+ "sbcs r11, r11, r3\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r4\n\t"
+ "sbcs r11, r11, r5\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r6\n\t"
+ "sbcs r11, r11, r7\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r8\n\t"
+ "sbc r11, r11, r9\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "sub r12, r12, #36\n\t"
+ "asr lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa00000\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x0\n\t"
+#else
+ "mov r1, #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r2, #0x4b\n\t"
+ "lsl r2, r2, #8\n\t"
+ "orr r2, r2, #0x9e\n\t"
+ "lsl r2, r2, #8\n\t"
+ "orr r2, r2, #0xba\n\t"
+ "lsl r2, r2, #8\n\t"
+ "orr r2, r2, #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r2, #0xba\n\t"
+ "lsl r2, r2, #8\n\t"
+ "add r2, r2, #0x7d\n\t"
+#else
+ "mov r2, #0xba7d\n\t"
+#endif
+ "movt r2, #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r3, #0xcb\n\t"
+ "lsl r3, r3, #8\n\t"
+ "orr r3, r3, #2\n\t"
+ "lsl r3, r3, #8\n\t"
+ "orr r3, r3, #0x4c\n\t"
+ "lsl r3, r3, #8\n\t"
+ "orr r3, r3, #0x63\n\t"
#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r3, #0x4c\n\t"
+ "lsl r3, r3, #8\n\t"
+ "add r3, r3, #0x63\n\t"
#else
- "ldrd r4, r5, [r1]\n\t"
+ "mov r3, #0x4c63\n\t"
#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
-#else
- "strd r4, r5, [r1]\n\t"
+ "movt r3, #0xcb02\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xd4\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x5e\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x9a\n\t"
#else
- "ldrd r4, r5, [r1, #8]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "add r4, r4, #0x9a\n\t"
#else
- "strd r4, r5, [r1, #8]\n\t"
+ "mov r4, #0xf39a\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
-#else
- "ldrd r4, r5, [r1, #16]\n\t"
+ "movt r4, #0xd45e\n\t"
#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #2\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0x9b\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #59\n\t"
#else
- "strd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "add r5, r5, #0x3b\n\t"
#else
- "strd r10, r11, [r1, #24]\n\t"
+ "mov r5, #0xdf3b\n\t"
#endif
- "ldr r0, [sp, #8]\n\t"
- "ldr r1, [sp, #12]\n\t"
- "add r2, sp, #16\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2]\n\t"
- "ldr r5, [r2, #4]\n\t"
-#else
- "ldrd r4, r5, [r2]\n\t"
+ "movt r5, #0x29b\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1]\n\t"
- "ldr r7, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r9, #0x20000\n\t"
+ "lsl r9, r9, #8\n\t"
+ "add r9, r9, #0x0\n\t"
#else
- "ldrd r6, r7, [r1]\n\t"
+ "mov r9, #0x2000000\n\t"
#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
+ "and r1, r1, lr\n\t"
+ "and r2, r2, lr\n\t"
+ "and r3, r3, lr\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r9, r9, lr\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, r1\n\t"
+ "adcs r11, r11, r2\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, r3\n\t"
+ "adcs r11, r11, r4\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, r5\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "stm r12!, {r10}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "mov r12, sp\n\t"
+ /* Load bits 252-376 */
+ "add r12, r12, #28\n\t"
+ "ldm r12, {r1, r2, r3, r4, r5}\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, lsr #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, r3, lsr #28\n\t"
+ "lsl r3, r3, #4\n\t"
+ "orr r3, r3, r2, lsr #28\n\t"
+ "lsl r2, r2, #4\n\t"
+ "orr r2, r2, r1, lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r5, r5, #0xe0000000\n\t"
+#else
+ "bfc r5, #29, #3\n\t"
+#endif
+ "sub r12, r12, #28\n\t"
+ /* Sub product of top 4 words and order */
+ "mov %[s], sp\n\t"
+ /* * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa3\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #10\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #44\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x2c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x13\n\t"
+#else
+ "mov r1, #0x2c13\n\t"
+#endif
+ "movt r1, #0xa30a\n\t"
#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, lr, r2, r1\n\t"
+ "adds r7, r7, lr\n\t"
+ "mov lr, #0\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #8]\n\t"
- "ldr r5, [r2, #12]\n\t"
-#else
- "ldrd r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
-#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
+ "umlal r7, lr, r3, r1\n\t"
+ "adds r8, r8, lr\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #16]\n\t"
- "ldr r5, [r2, #20]\n\t"
-#else
- "ldrd r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #16]\n\t"
- "ldr r7, [r1, #20]\n\t"
-#else
- "ldrd r6, r7, [r1, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
+ "umlal r8, lr, r4, r1\n\t"
+ "adds r9, r9, lr\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
+ "umlal r9, lr, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa7\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xed\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0xe5\n\t"
+#else
+ "mov r1, #0x9ce5\n\t"
+#endif
+ "movt r1, #0xa7ed\n\t"
#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #24]\n\t"
- "ldr r5, [r2, #28]\n\t"
-#else
- "ldrd r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
+ "mov r10, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r10, r2, r1\n\t"
+ "adds r7, r7, r10\n\t"
+ "mov r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r7, r10, r3, r1\n\t"
+ "adds r8, r8, r10\n\t"
+ "mov r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r8, r10, r4, r1\n\t"
+ "adds r9, r9, r10\n\t"
+ "mov r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x5d\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #8\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x29\n\t"
+#else
+ "mov r1, #0x6329\n\t"
+#endif
+ "movt r1, #0x5d08\n\t"
#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
+ "mov r11, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r11, r2, r1\n\t"
+ "adds r7, r7, r11\n\t"
+ "mov r11, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "umlal r7, r11, r3, r1\n\t"
+ "adds r8, r8, r11\n\t"
+ "mov r11, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "umlal r8, r11, r4, r1\n\t"
+ "adds r9, r9, r11\n\t"
+ "mov r11, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "umlal r9, r11, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xeb\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x21\n\t"
+#else
+ "mov r1, #0x621\n\t"
+#endif
+ "movt r1, #0xeb21\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
+ "mov r12, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r12, r2, r1\n\t"
+ "adds r7, r7, r12\n\t"
+ "mov r12, #0\n\t"
+ "adc r12, r12, #0\n\t"
+ "umlal r7, r12, r3, r1\n\t"
+ "adds r8, r8, r12\n\t"
+ "mov r12, #0\n\t"
+ "adc r12, r12, #0\n\t"
+ "umlal r8, r12, r4, r1\n\t"
+ "adds r9, r9, r12\n\t"
+ "mov r12, #0\n\t"
+ "adc r12, r12, #0\n\t"
+ "umlal r9, r12, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* Add overflows at 4 * 32 */
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "adds r6, r6, lr\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adcs r8, r8, r11\n\t"
+ "adc r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "subs r6, r6, r2\n\t"
+ "sbcs r7, r7, r3\n\t"
+ "sbcs r8, r8, r4\n\t"
+ "sbcs r9, r9, r5\n\t"
+ "sbc r1, r1, r1\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "ldm %[s], {r2, r3, r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xf5\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0xed\n\t"
+#else
+ "mov r10, #0xd3ed\n\t"
+#endif
+ "movt r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x58\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #18\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #26\n\t"
#else
- "ldrd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x1a\n\t"
#else
- "strd r4, r5, [r0, #16]\n\t"
+ "mov r11, #0x631a\n\t"
#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
-#else
- "strd r8, r9, [r0, #24]\n\t"
+ "movt r11, #0x5812\n\t"
#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0xa2\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xf7\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xd6\n\t"
#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "add r12, r12, #0xd6\n\t"
#else
- "strd r4, r5, [r1]\n\t"
+ "mov r12, #0x9cd6\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
+ "movt r12, #0xa2f7\n\t"
#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #20\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "add lr, lr, #0xde\n\t"
#else
- "ldrd r4, r5, [r1, #16]\n\t"
+ "mov lr, #0xf9de\n\t"
#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
+ "movt lr, #0x14de\n\t"
#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
+ "and r10, r10, r1\n\t"
+ "and r11, r11, r1\n\t"
+ "and r12, r12, r1\n\t"
+ "and lr, lr, r1\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adcs r5, r5, lr\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "and r1, r1, #0x10000000\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
#else
- "strd r10, r11, [r1, #24]\n\t"
+ "bfc r9, #28, #4\n\t"
#endif
- "add sp, sp, #0x60\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+ /* Store result */
+ "ldr %[s], [sp, #52]\n\t"
+ "stm %[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add sp, sp, #56\n\t"
+ : [s] "+r" (s)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
- (void)px_p;
- (void)py_p;
- (void)pz_p;
- (void)pt_p;
- (void)qz_p;
- (void)qt2d_p;
- (void)qyplusx_p;
- (void)qyminusx_p;
}
-void fe_ge_sub(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qz_p, const fe qt2d_p, const fe qyplusx_p, const fe qyminusx_p)
+#else
+void sc_reduce(byte* s_p)
{
- register fe rx asm ("r0") = rx_p;
- register fe ry asm ("r1") = ry_p;
- register fe rz asm ("r2") = rz_p;
- register fe rt asm ("r3") = rt_p;
- register const fe px asm ("r4") = px_p;
- register const fe py asm ("r5") = py_p;
- register const fe pz asm ("r6") = pz_p;
- register const fe pt asm ("r7") = pt_p;
- register const fe qz asm ("r8") = qz_p;
- register const fe qt2d asm ("r9") = qt2d_p;
- register const fe qyplusx asm ("r10") = qyplusx_p;
- register const fe qyminusx asm ("r11") = qyminusx_p;
+ register byte* s asm ("r0") = (byte*)s_p;
__asm__ __volatile__ (
- "sub sp, sp, #0x60\n\t"
- "str %[rx], [sp]\n\t"
- "str %[ry], [sp, #4]\n\t"
- "str %[rz], [sp, #8]\n\t"
- "str %[rt], [sp, #12]\n\t"
- "ldr r0, [sp]\n\t"
- "ldr r1, [sp, #136]\n\t"
- "ldr r2, [sp, #132]\n\t"
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
+ "sub sp, sp, #56\n\t"
+ "str %[s], [sp, #52]\n\t"
+ /* Load bits 252-511 */
+ "add %[s], %[s], #28\n\t"
+ "ldm %[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "lsr lr, r9, #24\n\t"
+ "lsl r9, r9, #4\n\t"
+ "orr r9, r9, r8, LSR #28\n\t"
+ "lsl r8, r8, #4\n\t"
+ "orr r8, r8, r7, LSR #28\n\t"
+ "lsl r7, r7, #4\n\t"
+ "orr r7, r7, r6, LSR #28\n\t"
+ "lsl r6, r6, #4\n\t"
+ "orr r6, r6, r5, LSR #28\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, LSR #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, r3, LSR #28\n\t"
+ "lsl r3, r3, #4\n\t"
+ "orr r3, r3, r2, LSR #28\n\t"
+ "lsl r2, r2, #4\n\t"
+ "orr r2, r2, r1, LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "sub %[s], %[s], #28\n\t"
+ /* Add order times bits 504..511 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xa3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #10\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #44\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x2c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x13\n\t"
+#else
+ "mov r10, #0x2c13\n\t"
+#endif
+ "movt r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xa7\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xed\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xe5\n\t"
#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0xe5\n\t"
#else
- "ldrd r6, r7, [r1, #8]\n\t"
+ "mov r11, #0x9ce5\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
+ "movt r11, #0xa7ed\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
+ "mov r1, #0\n\t"
+ "umlal r2, r1, r10, lr\n\t"
+ "umaal r3, r1, r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5d\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #8\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #41\n\t"
#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "adds r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x29\n\t"
#else
- "strd r8, r9, [r0]\n\t"
+ "mov r10, #0x6329\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
+ "movt r10, #0x5d08\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xeb\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x21\n\t"
#else
- "ldrd r6, r7, [r1, #24]\n\t"
+ "mov r11, #0x621\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
+ "movt r11, #0xeb21\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
+ "umaal r4, r1, r10, lr\n\t"
+ "umaal r5, r1, r11, lr\n\t"
+ "adds r6, r6, r1\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "subs r6, r6, lr\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc r9, r9, #0\n\t"
+ /* Sub product of top 8 words and order */
+ "mov r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa3\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #10\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #44\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x2c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x13\n\t"
+#else
+ "mov r1, #0x2c13\n\t"
+#endif
+ "movt r1, #0xa30a\n\t"
#endif
- "adcs r8, r4, r8\n\t"
- "adcs r9, r5, r9\n\t"
- "adcs r10, r6, r10\n\t"
- "adc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
+ "mov lr, #0\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "umaal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umaal r10, lr, r4, r1\n\t"
+ "umaal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umaal r10, lr, r6, r1\n\t"
+ "umaal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umaal r10, lr, r8, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0xf0000000\n\t"
+#else
+ "bfc r11, #28, #4\n\t"
+#endif
+ "umaal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa7\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xed\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0xe5\n\t"
+#else
+ "mov r1, #0x9ce5\n\t"
+#endif
+ "movt r1, #0xa7ed\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "umaal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r4, r1\n\t"
+ "umaal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r6, r1\n\t"
+ "umaal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r8, r1\n\t"
+ "umaal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x5d\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #8\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x29\n\t"
+#else
+ "mov r1, #0x6329\n\t"
+#endif
+ "movt r1, #0x5d08\n\t"
#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "umaal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r4, r1\n\t"
+ "umaal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r6, r1\n\t"
+ "umaal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r8, r1\n\t"
+ "umaal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xeb\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x21\n\t"
+#else
+ "mov r1, #0x621\n\t"
+#endif
+ "movt r1, #0xeb21\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, r2, r1\n\t"
+ "umaal r11, lr, r3, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r4, r1\n\t"
+ "umaal r11, lr, r5, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r6, r1\n\t"
+ "umaal r11, lr, r7, r1\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r8, r1\n\t"
+ "umaal r11, lr, r9, r1\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+ /* Subtract at 4 * 32 */
+ "ldm r12, {r10, r11}\n\t"
+ "subs r10, r10, r2\n\t"
+ "sbcs r11, r11, r3\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r4\n\t"
+ "sbcs r11, r11, r5\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r6\n\t"
+ "sbcs r11, r11, r7\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r8\n\t"
+ "sbc r11, r11, r9\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "sub r12, r12, #36\n\t"
+ "asr lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa00000\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x0\n\t"
+#else
+ "mov r1, #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r2, #0x4b\n\t"
+ "lsl r2, r2, #8\n\t"
+ "orr r2, r2, #0x9e\n\t"
+ "lsl r2, r2, #8\n\t"
+ "orr r2, r2, #0xba\n\t"
+ "lsl r2, r2, #8\n\t"
+ "orr r2, r2, #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r2, #0xba\n\t"
+ "lsl r2, r2, #8\n\t"
+ "add r2, r2, #0x7d\n\t"
+#else
+ "mov r2, #0xba7d\n\t"
+#endif
+ "movt r2, #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r3, #0xcb\n\t"
+ "lsl r3, r3, #8\n\t"
+ "orr r3, r3, #2\n\t"
+ "lsl r3, r3, #8\n\t"
+ "orr r3, r3, #0x4c\n\t"
+ "lsl r3, r3, #8\n\t"
+ "orr r3, r3, #0x63\n\t"
#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r3, #0x4c\n\t"
+ "lsl r3, r3, #8\n\t"
+ "add r3, r3, #0x63\n\t"
#else
- "strd r8, r9, [r0, #16]\n\t"
+ "mov r3, #0x4c63\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
-#else
- "strd r10, r11, [r0, #24]\n\t"
+ "movt r3, #0xcb02\n\t"
#endif
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp, #136]\n\t"
- "ldr r2, [sp, #132]\n\t"
- /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xd4\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x5e\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x9a\n\t"
#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "add r4, r4, #0x9a\n\t"
#else
- "ldrd r6, r7, [r1, #8]\n\t"
+ "mov r4, #0xf39a\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2]\n\t"
- "ldr r9, [r2, #4]\n\t"
-#else
- "ldrd r8, r9, [r2]\n\t"
+ "movt r4, #0xd45e\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #8]\n\t"
- "ldr r11, [r2, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #2\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0x9b\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #59\n\t"
#else
- "ldrd r10, r11, [r2, #8]\n\t"
-#endif
- "subs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbcs r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "add r5, r5, #0x3b\n\t"
#else
- "strd r8, r9, [r0]\n\t"
+ "mov r5, #0xdf3b\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #8]\n\t"
- "str r11, [r0, #12]\n\t"
-#else
- "strd r10, r11, [r0, #8]\n\t"
+ "movt r5, #0x29b\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r9, #0x20000\n\t"
+ "lsl r9, r9, #8\n\t"
+ "add r9, r9, #0x0\n\t"
#else
- "ldrd r4, r5, [r1, #16]\n\t"
+ "mov r9, #0x2000000\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #24]\n\t"
- "ldr r7, [r1, #28]\n\t"
-#else
- "ldrd r6, r7, [r1, #24]\n\t"
+ "and r1, r1, lr\n\t"
+ "and r2, r2, lr\n\t"
+ "and r3, r3, lr\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r9, r9, lr\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, r1\n\t"
+ "adcs r11, r11, r2\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, r3\n\t"
+ "adcs r11, r11, r4\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, r5\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "stm r12!, {r10}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "mov r12, sp\n\t"
+ /* Load bits 252-376 */
+ "add r12, r12, #28\n\t"
+ "ldm r12, {r1, r2, r3, r4, r5}\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, lsr #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, r3, lsr #28\n\t"
+ "lsl r3, r3, #4\n\t"
+ "orr r3, r3, r2, lsr #28\n\t"
+ "lsl r2, r2, #4\n\t"
+ "orr r2, r2, r1, lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r5, r5, #0xe0000000\n\t"
+#else
+ "bfc r5, #29, #3\n\t"
+#endif
+ "sub r12, r12, #28\n\t"
+ /* Sub product of top 4 words and order */
+ "mov %[s], sp\n\t"
+ /* * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa3\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #10\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #44\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x2c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x13\n\t"
+#else
+ "mov r1, #0x2c13\n\t"
+#endif
+ "movt r1, #0xa30a\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r2, #16]\n\t"
- "ldr r9, [r2, #20]\n\t"
-#else
- "ldrd r8, r9, [r2, #16]\n\t"
+ "mov lr, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, lr, r2, r1\n\t"
+ "umaal r7, lr, r3, r1\n\t"
+ "umaal r8, lr, r4, r1\n\t"
+ "umaal r9, lr, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xa7\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xed\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x9c\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0xe5\n\t"
+#else
+ "mov r1, #0x9ce5\n\t"
+#endif
+ "movt r1, #0xa7ed\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r2, #24]\n\t"
- "ldr r11, [r2, #28]\n\t"
-#else
- "ldrd r10, r11, [r2, #24]\n\t"
+ "mov r10, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r10, r2, r1\n\t"
+ "umaal r7, r10, r3, r1\n\t"
+ "umaal r8, r10, r4, r1\n\t"
+ "umaal r9, r10, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x5d\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #8\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x63\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x29\n\t"
+#else
+ "mov r1, #0x6329\n\t"
+#endif
+ "movt r1, #0x5d08\n\t"
#endif
- "sbcs r8, r4, r8\n\t"
- "sbcs r9, r5, r9\n\t"
- "sbcs r10, r6, r10\n\t"
- "sbc r11, r7, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
+ "mov r11, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r11, r2, r1\n\t"
+ "umaal r7, r11, r3, r1\n\t"
+ "umaal r8, r11, r4, r1\n\t"
+ "umaal r9, r11, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0xeb\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "orr r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r1, #0x6\n\t"
+ "lsl r1, r1, #8\n\t"
+ "add r1, r1, #0x21\n\t"
+#else
+ "mov r1, #0x621\n\t"
+#endif
+ "movt r1, #0xeb21\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
+ "mov r12, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r12, r2, r1\n\t"
+ "umaal r7, r12, r3, r1\n\t"
+ "umaal r8, r12, r4, r1\n\t"
+ "umaal r9, r12, r5, r1\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* Add overflows at 4 * 32 */
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "adds r6, r6, lr\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adcs r8, r8, r11\n\t"
+ "adc r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "subs r6, r6, r2\n\t"
+ "sbcs r7, r7, r3\n\t"
+ "sbcs r8, r8, r4\n\t"
+ "sbcs r9, r9, r5\n\t"
+ "sbc r1, r1, r1\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "ldm %[s], {r2, r3, r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xf5\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0xed\n\t"
+#else
+ "mov r10, #0xd3ed\n\t"
+#endif
+ "movt r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x58\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #18\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #26\n\t"
#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
- "adcs r6, r6, %[rt]\n\t"
- "adcs r7, r7, %[rt]\n\t"
- "adcs r8, r8, %[rt]\n\t"
- "adcs r9, r9, %[rt]\n\t"
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x1a\n\t"
#else
- "strd r4, r5, [r0]\n\t"
+ "mov r11, #0x631a\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
-#else
- "strd r6, r7, [r0, #8]\n\t"
+ "movt r11, #0x5812\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0xa2\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xf7\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xd6\n\t"
#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "add r12, r12, #0xd6\n\t"
#else
- "strd r10, r11, [r0, #24]\n\t"
+ "mov r12, #0x9cd6\n\t"
#endif
- "ldr r2, [sp, #160]\n\t"
- "ldr r1, [sp]\n\t"
- "ldr r0, [sp, #8]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #156]\n\t"
- "ldr r1, [sp, #4]\n\t"
- "ldr r0, [sp, #4]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #144]\n\t"
- "ldr r1, [sp, #152]\n\t"
- "ldr r0, [sp, #12]\n\t"
- "bl fe_mul\n\t"
- "ldr r2, [sp, #148]\n\t"
- "ldr r1, [sp, #140]\n\t"
- "ldr r0, [sp]\n\t"
- "bl fe_mul\n\t"
- "add r0, sp, #16\n\t"
- "ldr r1, [sp]\n\t"
- /* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
+ "movt r12, #0xa2f7\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r1, #8]\n\t"
- "ldr r7, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #20\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
#else
- "ldrd r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [r1, #16]\n\t"
- "ldr r9, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "add lr, lr, #0xde\n\t"
#else
- "ldrd r8, r9, [r1, #16]\n\t"
+ "mov lr, #0xf9de\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [r1, #24]\n\t"
- "ldr r11, [r1, #28]\n\t"
-#else
- "ldrd r10, r11, [r1, #24]\n\t"
+ "movt lr, #0x14de\n\t"
#endif
- "adds r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
- "sbcs r6, r6, %[rt]\n\t"
- "sbcs r7, r7, %[rt]\n\t"
- "sbcs r8, r8, %[rt]\n\t"
- "sbcs r9, r9, %[rt]\n\t"
- "sbcs r10, r10, %[rt]\n\t"
- "sbc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
+ "and r10, r10, r1\n\t"
+ "and r11, r11, r1\n\t"
+ "and r12, r12, r1\n\t"
+ "and lr, lr, r1\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adcs r5, r5, lr\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "and r1, r1, #0x10000000\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
#else
- "strd r4, r5, [r0]\n\t"
+ "bfc r9, #28, #4\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r6, [r0, #8]\n\t"
- "str r7, [r0, #12]\n\t"
+ /* Store result */
+ "ldr %[s], [sp, #52]\n\t"
+ "stm %[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add sp, sp, #56\n\t"
+ : [s] "+r" (s)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifdef HAVE_ED25519_SIGN
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+{
+ register byte* s asm ("r0") = (byte*)s_p;
+ register const byte* a asm ("r1") = (const byte*)a_p;
+ register const byte* b asm ("r2") = (const byte*)b_p;
+ register const byte* c asm ("r3") = (const byte*)c_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x50\n\t"
+ "add lr, sp, #0x44\n\t"
+ "stm lr, {%[s], %[a], %[c]}\n\t"
+ "mov %[s], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * B[0] */
+ "ldr lr, [%[b]]\n\t"
+ "umull %[c], r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "umull r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "umull r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "umull r9, r10, r12, lr\n\t"
+ "str %[c], [sp]\n\t"
+ /* A[0] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "mov r11, %[s]\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adc %[c], %[s], #0\n\t"
+ "umlal r10, %[c], r12, lr\n\t"
+ /* A[1] * B[0] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "str r4, [sp, #4]\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[1] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r4, %[s], #0\n\t"
+ "umlal %[c], r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "str r5, [sp, #8]\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[2] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal %[c], r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r5, %[s], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[3] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal %[c], r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r6, %[s], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[4] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal %[c], r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r7, %[s], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[5] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal %[c], r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r8, %[s], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[6] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal %[c], r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r9, %[s], #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "ldr r12, [%[a], #28]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds %[c], %[c], r11\n\t"
+ /* A[7] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal %[c], r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[s], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r10, %[s], #0\n\t"
+ "umlal r9, r10, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov %[s], sp\n\t"
+ /* Add c to a * b */
+ "ldr lr, [sp, #76]\n\t"
+ "ldm %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "ldm lr!, {%[a], r10, r11, r12}\n\t"
+ "adds %[b], %[b], %[a]\n\t"
+ "adcs %[c], %[c], r10\n\t"
+ "adcs r4, r4, r11\n\t"
+ "adcs r5, r5, r12\n\t"
+ "ldm lr!, {%[a], r10, r11, r12}\n\t"
+ "adcs r6, r6, %[a]\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adcs r8, r8, r11\n\t"
+ "adcs r9, r9, r12\n\t"
+ "mov %[a], r9\n\t"
+ "stm %[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "ldm %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs %[b], %[b], #0\n\t"
+ "adcs %[c], %[c], #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "sub %[s], %[s], #32\n\t"
+ /* Get 252..503 and 504..507 */
+ "lsr lr, r9, #24\n\t"
+ "lsl r9, r9, #4\n\t"
+ "orr r9, r9, r8, LSR #28\n\t"
+ "lsl r8, r8, #4\n\t"
+ "orr r8, r8, r7, LSR #28\n\t"
+ "lsl r7, r7, #4\n\t"
+ "orr r7, r7, r6, LSR #28\n\t"
+ "lsl r6, r6, #4\n\t"
+ "orr r6, r6, r5, LSR #28\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, LSR #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, %[c], LSR #28\n\t"
+ "lsl %[c], %[c], #4\n\t"
+ "orr %[c], %[c], %[b], LSR #28\n\t"
+ "lsl %[b], %[b], #4\n\t"
+ "orr %[b], %[b], %[a], LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ /* Add order times bits 504..507 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xa3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #10\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #44\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x2c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x13\n\t"
+#else
+ "mov r10, #0x2c13\n\t"
+#endif
+ "movt r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xa7\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xed\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xe5\n\t"
#else
- "strd r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0xe5\n\t"
+#else
+ "mov r11, #0x9ce5\n\t"
+#endif
+ "movt r11, #0xa7ed\n\t"
+#endif
+ "mov %[a], #0\n\t"
+ "umlal %[b], %[a], r10, lr\n\t"
+ "adds %[c], %[c], %[a]\n\t"
+ "mov %[a], #0\n\t"
+ "adc %[a], %[a], #0\n\t"
+ "umlal %[c], %[a], r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5d\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #8\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x29\n\t"
+#else
+ "mov r10, #0x6329\n\t"
+#endif
+ "movt r10, #0x5d08\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xeb\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r0, #24]\n\t"
- "str r11, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x21\n\t"
#else
- "strd r10, r11, [r0, #24]\n\t"
+ "mov r11, #0x621\n\t"
#endif
- "ldr r0, [sp, #4]\n\t"
- "ldr r1, [sp]\n\t"
- "ldr r2, [sp, #8]\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2]\n\t"
- "ldr r5, [r2, #4]\n\t"
-#else
- "ldrd r4, r5, [r2]\n\t"
+ "movt r11, #0xeb21\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0]\n\t"
- "ldr r7, [r0, #4]\n\t"
-#else
- "ldrd r6, r7, [r0]\n\t"
+ "adds r4, r4, %[a]\n\t"
+ "mov %[a], #0\n\t"
+ "adc %[a], %[a], #0\n\t"
+ "umlal r4, %[a], r10, lr\n\t"
+ "adds r5, r5, %[a]\n\t"
+ "mov %[a], #0\n\t"
+ "adc %[a], %[a], #0\n\t"
+ "umlal r5, %[a], r11, lr\n\t"
+ "adds r6, r6, %[a]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "subs r6, r6, lr\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc r9, r9, #0\n\t"
+ /* Sub product of top 8 words and order */
+ "mov r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa3\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #10\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #44\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x2c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x13\n\t"
+#else
+ "mov %[a], #0x2c13\n\t"
+#endif
+ "movt %[a], #0xa30a\n\t"
#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
+ "mov lr, #0\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0xf0000000\n\t"
#else
- "strd r8, r9, [r0]\n\t"
+ "bfc r11, #28, #4\n\t"
#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
+ "adds r11, r11, lr\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
+ "umlal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa7\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xed\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0xe5\n\t"
+#else
+ "mov %[a], #0x9ce5\n\t"
+#endif
+ "movt %[a], #0xa7ed\n\t"
#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #8]\n\t"
- "ldr r5, [r2, #12]\n\t"
-#else
- "ldrd r4, r5, [r2, #8]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x5d\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #8\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x29\n\t"
+#else
+ "mov %[a], #0x6329\n\t"
+#endif
+ "movt %[a], #0x5d08\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xeb\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x21\n\t"
+#else
+ "mov %[a], #0x621\n\t"
+#endif
+ "movt %[a], #0xeb21\n\t"
#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r4, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r6, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r10, lr, r8, %[a]\n\t"
+ "adds r11, r11, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+ /* Subtract at 4 * 32 */
+ "ldm r12, {r10, r11}\n\t"
+ "subs r10, r10, %[b]\n\t"
+ "sbcs r11, r11, %[c]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r4\n\t"
+ "sbcs r11, r11, r5\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r6\n\t"
+ "sbcs r11, r11, r7\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r8\n\t"
+ "sbc r11, r11, r9\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "sub r12, r12, #36\n\t"
+ "asr lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa00000\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x0\n\t"
+#else
+ "mov %[a], #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[b], #0x4b\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "orr %[b], %[b], #0x9e\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "orr %[b], %[b], #0xba\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "orr %[b], %[b], #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[b], #0xba\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "add %[b], %[b], #0x7d\n\t"
+#else
+ "mov %[b], #0xba7d\n\t"
+#endif
+ "movt %[b], #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[c], #0xcb\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "orr %[c], %[c], #2\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "orr %[c], %[c], #0x4c\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "orr %[c], %[c], #0x63\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[c], #0x4c\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "add %[c], %[c], #0x63\n\t"
+#else
+ "mov %[c], #0x4c63\n\t"
+#endif
+ "movt %[c], #0xcb02\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xd4\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x5e\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x9a\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "add r4, r4, #0x9a\n\t"
+#else
+ "mov r4, #0xf39a\n\t"
+#endif
+ "movt r4, #0xd45e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #2\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0x9b\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #59\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "add r5, r5, #0x3b\n\t"
+#else
+ "mov r5, #0xdf3b\n\t"
+#endif
+ "movt r5, #0x29b\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r9, #0x20000\n\t"
+ "lsl r9, r9, #8\n\t"
+ "add r9, r9, #0x0\n\t"
+#else
+ "mov r9, #0x2000000\n\t"
+#endif
+ "and %[a], %[a], lr\n\t"
+ "and %[b], %[b], lr\n\t"
+ "and %[c], %[c], lr\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r9, r9, lr\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, %[a]\n\t"
+ "adcs r11, r11, %[b]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, %[c]\n\t"
+ "adcs r11, r11, r4\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, r5\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "stm r12!, {r10}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "mov r12, sp\n\t"
+ /* Load bits 252-376 */
+ "add r12, r12, #28\n\t"
+ "ldm r12, {%[a], %[b], %[c], r4, r5}\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, lsr #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, %[c], lsr #28\n\t"
+ "lsl %[c], %[c], #4\n\t"
+ "orr %[c], %[c], %[b], lsr #28\n\t"
+ "lsl %[b], %[b], #4\n\t"
+ "orr %[b], %[b], %[a], lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r5, r5, #0xe0000000\n\t"
+#else
+ "bfc r5, #29, #3\n\t"
+#endif
+ "sub r12, r12, #28\n\t"
+ /* Sub product of top 4 words and order */
+ "mov %[s], sp\n\t"
+ /* * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa3\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #10\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #44\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x2c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x13\n\t"
+#else
+ "mov %[a], #0x2c13\n\t"
+#endif
+ "movt %[a], #0xa30a\n\t"
#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, lr, %[b], %[a]\n\t"
+ "adds r7, r7, lr\n\t"
+ "mov lr, #0\n\t"
"adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
+ "umlal r7, lr, %[c], %[a]\n\t"
+ "adds r8, r8, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r8, lr, r4, %[a]\n\t"
+ "adds r9, r9, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "umlal r9, lr, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa7\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xed\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0xe5\n\t"
+#else
+ "mov %[a], #0x9ce5\n\t"
+#endif
+ "movt %[a], #0xa7ed\n\t"
#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #16]\n\t"
- "ldr r5, [r2, #20]\n\t"
-#else
- "ldrd r4, r5, [r2, #16]\n\t"
+ "mov r10, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r10, %[b], %[a]\n\t"
+ "adds r7, r7, r10\n\t"
+ "mov r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r7, r10, %[c], %[a]\n\t"
+ "adds r8, r8, r10\n\t"
+ "mov r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r8, r10, r4, %[a]\n\t"
+ "adds r9, r9, r10\n\t"
+ "mov r10, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x5d\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #8\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x29\n\t"
+#else
+ "mov %[a], #0x6329\n\t"
+#endif
+ "movt %[a], #0x5d08\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #16]\n\t"
- "ldr r7, [r0, #20]\n\t"
-#else
- "ldrd r6, r7, [r0, #16]\n\t"
+ "mov r11, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r11, %[b], %[a]\n\t"
+ "adds r7, r7, r11\n\t"
+ "mov r11, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "umlal r7, r11, %[c], %[a]\n\t"
+ "adds r8, r8, r11\n\t"
+ "mov r11, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "umlal r8, r11, r4, %[a]\n\t"
+ "adds r9, r9, r11\n\t"
+ "mov r11, #0\n\t"
+ "adc r11, r11, #0\n\t"
+ "umlal r9, r11, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xeb\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x21\n\t"
+#else
+ "mov %[a], #0x621\n\t"
+#endif
+ "movt %[a], #0xeb21\n\t"
#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
"mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r12, %[b], %[a]\n\t"
+ "adds r7, r7, r12\n\t"
+ "mov r12, #0\n\t"
"adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
+ "umlal r7, r12, %[c], %[a]\n\t"
+ "adds r8, r8, r12\n\t"
+ "mov r12, #0\n\t"
+ "adc r12, r12, #0\n\t"
+ "umlal r8, r12, r4, %[a]\n\t"
+ "adds r9, r9, r12\n\t"
+ "mov r12, #0\n\t"
+ "adc r12, r12, #0\n\t"
+ "umlal r9, r12, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* Add overflows at 4 * 32 */
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "adds r6, r6, lr\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adcs r8, r8, r11\n\t"
+ "adc r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "subs r6, r6, %[b]\n\t"
+ "sbcs r7, r7, %[c]\n\t"
+ "sbcs r8, r8, r4\n\t"
+ "sbcs r9, r9, r5\n\t"
+ "sbc %[a], %[a], %[a]\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "ldm %[s], {%[b], %[c], r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xf5\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0xed\n\t"
+#else
+ "mov r10, #0xd3ed\n\t"
+#endif
+ "movt r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x58\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #18\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #26\n\t"
#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x1a\n\t"
#else
- "strd r10, r11, [r1, #16]\n\t"
+ "mov r11, #0x631a\n\t"
#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #24]\n\t"
- "ldr r5, [r2, #28]\n\t"
-#else
- "ldrd r4, r5, [r2, #24]\n\t"
+ "movt r11, #0x5812\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0xa2\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xf7\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xd6\n\t"
#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "add r12, r12, #0xd6\n\t"
#else
- "ldrd r4, r5, [r0]\n\t"
+ "mov r12, #0x9cd6\n\t"
#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
+ "movt r12, #0xa2f7\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #20\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
#else
- "ldrd r4, r5, [r0, #8]\n\t"
-#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "add lr, lr, #0xde\n\t"
#else
- "strd r4, r5, [r0, #8]\n\t"
+ "mov lr, #0xf9de\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
+ "movt lr, #0x14de\n\t"
#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
-#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
+ "and r10, r10, %[a]\n\t"
+ "and r11, r11, %[a]\n\t"
+ "and r12, r12, %[a]\n\t"
+ "and lr, lr, %[a]\n\t"
+ "adds %[b], %[b], r10\n\t"
+ "adcs %[c], %[c], r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adcs r5, r5, lr\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "and %[a], %[a], #0x10000000\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "ldr %[s], [sp, #68]\n\t"
+ /* Store result */
+ "str %[b], [%[s]]\n\t"
+ "str %[c], [%[s], #4]\n\t"
+ "str r4, [%[s], #8]\n\t"
+ "str r5, [%[s], #12]\n\t"
+ "str r6, [%[s], #16]\n\t"
+ "str r7, [%[s], #20]\n\t"
+ "str r8, [%[s], #24]\n\t"
+ "str r9, [%[s], #28]\n\t"
+ "add sp, sp, #0x50\n\t"
+ : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
#else
- "strd r8, r9, [r0, #24]\n\t"
-#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+{
+ register byte* s asm ("r0") = (byte*)s_p;
+ register const byte* a asm ("r1") = (const byte*)a_p;
+ register const byte* b asm ("r2") = (const byte*)b_p;
+ register const byte* c asm ("r3") = (const byte*)c_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x50\n\t"
+ "add lr, sp, #0x44\n\t"
+ "stm lr, {%[s], %[a], %[c]}\n\t"
+ "mov lr, %[b]\n\t"
+ "ldm %[a], {%[s], %[a], %[b], %[c]}\n\t"
+ "ldm lr!, {r4, r5, r6}\n\t"
+ "umull r10, r11, %[s], r4\n\t"
+ "umull r12, r7, %[a], r4\n\t"
+ "umaal r11, r12, %[s], r5\n\t"
+ "umull r8, r9, %[b], r4\n\t"
+ "umaal r12, r8, %[a], r5\n\t"
+ "umaal r12, r7, %[s], r6\n\t"
+ "umaal r8, r9, %[c], r4\n\t"
+ "stm sp, {r10, r11, r12}\n\t"
+ "umaal r7, r8, %[b], r5\n\t"
+ "ldm lr!, {r4}\n\t"
+ "umull r10, r11, %[a], r6\n\t"
+ "umaal r8, r9, %[b], r6\n\t"
+ "umaal r7, r10, %[s], r4\n\t"
+ "umaal r8, r11, %[c], r5\n\t"
+ "str r7, [sp, #12]\n\t"
+ "umaal r8, r10, %[a], r4\n\t"
+ "umaal r9, r11, %[c], r6\n\t"
+ "umaal r9, r10, %[b], r4\n\t"
+ "umaal r10, r11, %[c], r4\n\t"
+ "ldm lr, {r4, r5, r6, r7}\n\t"
+ "mov r12, #0\n\t"
+ "umlal r8, r12, %[s], r4\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r10, r12, %[b], r4\n\t"
+ "umaal r11, r12, %[c], r4\n\t"
+ "mov r4, #0\n\t"
+ "umlal r9, r4, %[s], r5\n\t"
+ "umaal r10, r4, %[a], r5\n\t"
+ "umaal r11, r4, %[b], r5\n\t"
+ "umaal r12, r4, %[c], r5\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, %[s], r6\n\t"
+ "umaal r11, r5, %[a], r6\n\t"
+ "umaal r12, r5, %[b], r6\n\t"
+ "umaal r4, r5, %[c], r6\n\t"
+ "mov r6, #0\n\t"
+ "umlal r11, r6, %[s], r7\n\t"
+ "ldr %[s], [sp, #72]\n\t"
+ "umaal r12, r6, %[a], r7\n\t"
+ "add %[s], %[s], #16\n\t"
+ "umaal r4, r6, %[b], r7\n\t"
+ "sub lr, lr, #16\n\t"
+ "umaal r5, r6, %[c], r7\n\t"
+ "ldm %[s], {%[s], %[a], %[b], %[c]}\n\t"
+ "str r6, [sp, #64]\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r7, #0\n\t"
+ "umlal r8, r7, %[s], r6\n\t"
+ "umaal r9, r7, %[a], r6\n\t"
+ "str r8, [sp, #16]\n\t"
+ "umaal r10, r7, %[b], r6\n\t"
+ "umaal r11, r7, %[c], r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r8, #0\n\t"
+ "umlal r9, r8, %[s], r6\n\t"
+ "umaal r10, r8, %[a], r6\n\t"
+ "str r9, [sp, #20]\n\t"
+ "umaal r11, r8, %[b], r6\n\t"
+ "umaal r12, r8, %[c], r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r9, #0\n\t"
+ "umlal r10, r9, %[s], r6\n\t"
+ "umaal r11, r9, %[a], r6\n\t"
+ "str r10, [sp, #24]\n\t"
+ "umaal r12, r9, %[b], r6\n\t"
+ "umaal r4, r9, %[c], r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r10, #0\n\t"
+ "umlal r11, r10, %[s], r6\n\t"
+ "umaal r12, r10, %[a], r6\n\t"
+ "str r11, [sp, #28]\n\t"
+ "umaal r4, r10, %[b], r6\n\t"
+ "umaal r5, r10, %[c], r6\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r12, r7, %[s], r11\n\t"
+ "umaal r4, r7, %[a], r11\n\t"
+ "ldr r6, [sp, #64]\n\t"
+ "umaal r5, r7, %[b], r11\n\t"
+ "umaal r6, r7, %[c], r11\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r4, r8, %[s], r11\n\t"
+ "umaal r5, r8, %[a], r11\n\t"
+ "umaal r6, r8, %[b], r11\n\t"
+ "umaal r7, r8, %[c], r11\n\t"
+ "ldm lr, {r11, lr}\n\t"
+ "umaal r5, r9, %[s], r11\n\t"
+ "umaal r6, r10, %[s], lr\n\t"
+ "umaal r6, r9, %[a], r11\n\t"
+ "umaal r7, r10, %[a], lr\n\t"
+ "umaal r7, r9, %[b], r11\n\t"
+ "umaal r8, r10, %[b], lr\n\t"
+ "umaal r8, r9, %[c], r11\n\t"
+ "umaal r9, r10, %[c], lr\n\t"
+ "mov %[c], r12\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov %[s], sp\n\t"
+ /* Add c to a * b */
+ "ldr lr, [sp, #76]\n\t"
+ "ldm %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "ldm lr!, {%[a], r10, r11, r12}\n\t"
+ "adds %[b], %[b], %[a]\n\t"
+ "adcs %[c], %[c], r10\n\t"
+ "adcs r4, r4, r11\n\t"
+ "adcs r5, r5, r12\n\t"
+ "ldm lr!, {%[a], r10, r11, r12}\n\t"
+ "adcs r6, r6, %[a]\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adcs r8, r8, r11\n\t"
+ "adcs r9, r9, r12\n\t"
+ "mov %[a], r9\n\t"
+ "stm %[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "ldm %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs %[b], %[b], #0\n\t"
+ "adcs %[c], %[c], #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "sub %[s], %[s], #32\n\t"
+ /* Get 252..503 and 504..507 */
+ "lsr lr, r9, #24\n\t"
+ "lsl r9, r9, #4\n\t"
+ "orr r9, r9, r8, LSR #28\n\t"
+ "lsl r8, r8, #4\n\t"
+ "orr r8, r8, r7, LSR #28\n\t"
+ "lsl r7, r7, #4\n\t"
+ "orr r7, r7, r6, LSR #28\n\t"
+ "lsl r6, r6, #4\n\t"
+ "orr r6, r6, r5, LSR #28\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, LSR #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, %[c], LSR #28\n\t"
+ "lsl %[c], %[c], #4\n\t"
+ "orr %[c], %[c], %[b], LSR #28\n\t"
+ "lsl %[b], %[b], #4\n\t"
+ "orr %[b], %[b], %[a], LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ /* Add order times bits 504..507 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xa3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #10\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #44\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x2c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x13\n\t"
+#else
+ "mov r10, #0x2c13\n\t"
+#endif
+ "movt r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xa7\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xed\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0xe5\n\t"
#else
- "ldrd r4, r5, [r1]\n\t"
-#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x9c\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0xe5\n\t"
#else
- "strd r4, r5, [r1]\n\t"
+ "mov r11, #0x9ce5\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
-#else
- "ldrd r4, r5, [r1, #8]\n\t"
+ "movt r11, #0xa7ed\n\t"
#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
+ "mov %[a], #0\n\t"
+ "umlal %[b], %[a], r10, lr\n\t"
+ "umaal %[c], %[a], r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5d\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #8\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #41\n\t"
#else
- "strd r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x63\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0x29\n\t"
#else
- "ldrd r4, r5, [r1, #16]\n\t"
+ "mov r10, #0x6329\n\t"
#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
-#else
- "strd r4, r5, [r1, #16]\n\t"
+ "movt r10, #0x5d08\n\t"
#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0xeb\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #33\n\t"
#else
- "strd r10, r11, [r1, #24]\n\t"
-#endif
- "ldr r0, [sp, #12]\n\t"
- "ldr r1, [sp, #8]\n\t"
- "add r2, sp, #16\n\t"
- /* Add-Sub */
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2]\n\t"
- "ldr r5, [r2, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x6\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x21\n\t"
#else
- "ldrd r4, r5, [r2]\n\t"
+ "mov r11, #0x621\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0]\n\t"
- "ldr r7, [r0, #4]\n\t"
-#else
- "ldrd r6, r7, [r0]\n\t"
+ "movt r11, #0xeb21\n\t"
#endif
- "adds r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0]\n\t"
- "str r9, [r0, #4]\n\t"
-#else
- "strd r8, r9, [r0]\n\t"
+ "umaal r4, %[a], r10, lr\n\t"
+ "umaal r5, %[a], r11, lr\n\t"
+ "adds r6, r6, %[a]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, #0\n\t"
+ "subs r6, r6, lr\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc r9, r9, #0\n\t"
+ /* Sub product of top 8 words and order */
+ "mov r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa3\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #10\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #44\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x2c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x13\n\t"
+#else
+ "mov %[a], #0x2c13\n\t"
+#endif
+ "movt %[a], #0xa30a\n\t"
#endif
- /* Sub */
- "subs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1]\n\t"
- "str r11, [r1, #4]\n\t"
-#else
- "strd r10, r11, [r1]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #8]\n\t"
- "ldr r5, [r2, #12]\n\t"
-#else
- "ldrd r4, r5, [r2, #8]\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "umaal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umaal r10, lr, r4, %[a]\n\t"
+ "umaal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umaal r10, lr, r6, %[a]\n\t"
+ "umaal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm %[s]!, {r10, r11}\n\t"
+ "umaal r10, lr, r8, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r11, r11, #0xf0000000\n\t"
+#else
+ "bfc r11, #28, #4\n\t"
+#endif
+ "umaal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa7\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xed\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0xe5\n\t"
+#else
+ "mov %[a], #0x9ce5\n\t"
+#endif
+ "movt %[a], #0xa7ed\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #8]\n\t"
- "ldr r7, [r0, #12]\n\t"
-#else
- "ldrd r6, r7, [r0, #8]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #8]\n\t"
- "str r9, [r0, #12]\n\t"
-#else
- "strd r8, r9, [r0, #8]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #8]\n\t"
- "str r11, [r1, #12]\n\t"
-#else
- "strd r10, r11, [r1, #8]\n\t"
-#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #16]\n\t"
- "ldr r5, [r2, #20]\n\t"
-#else
- "ldrd r4, r5, [r2, #16]\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "umaal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r4, %[a]\n\t"
+ "umaal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r6, %[a]\n\t"
+ "umaal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r8, %[a]\n\t"
+ "umaal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x5d\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #8\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x29\n\t"
+#else
+ "mov %[a], #0x6329\n\t"
+#endif
+ "movt %[a], #0x5d08\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #16]\n\t"
- "ldr r7, [r0, #20]\n\t"
-#else
- "ldrd r6, r7, [r0, #16]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "mov r12, #0\n\t"
- "adcs r9, r5, r7\n\t"
- "adc r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #16]\n\t"
- "str r9, [r0, #20]\n\t"
-#else
- "strd r8, r9, [r0, #16]\n\t"
-#endif
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
"mov lr, #0\n\t"
- "sbcs r11, r5, r7\n\t"
- "adc lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #16]\n\t"
- "str r11, [r1, #20]\n\t"
-#else
- "strd r10, r11, [r1, #16]\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "umaal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r4, %[a]\n\t"
+ "umaal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r6, %[a]\n\t"
+ "umaal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r8, %[a]\n\t"
+ "umaal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xeb\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x21\n\t"
+#else
+ "mov %[a], #0x621\n\t"
+#endif
+ "movt %[a], #0xeb21\n\t"
#endif
- /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r2, #24]\n\t"
- "ldr r5, [r2, #28]\n\t"
-#else
- "ldrd r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r6, [r0, #24]\n\t"
- "ldr r7, [r0, #28]\n\t"
-#else
- "ldrd r6, r7, [r0, #24]\n\t"
-#endif
- "adds r12, r12, #-1\n\t"
- "adcs r8, r4, r6\n\t"
- "adc r9, r5, r7\n\t"
- /* Sub */
- "adds lr, lr, #-1\n\t"
- "sbcs r10, r4, r6\n\t"
- "sbc r11, r5, r7\n\t"
- "mov r12, #-19\n\t"
- "asr %[rt], r9, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0]\n\t"
- "ldr r5, [r0, #4]\n\t"
-#else
- "ldrd r4, r5, [r0]\n\t"
-#endif
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0]\n\t"
- "str r5, [r0, #4]\n\t"
-#else
- "strd r4, r5, [r0]\n\t"
+ "mov lr, #0\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umlal r10, lr, %[b], %[a]\n\t"
+ "umaal r11, lr, %[c], %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r4, %[a]\n\t"
+ "umaal r11, lr, r5, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r6, %[a]\n\t"
+ "umaal r11, lr, r7, %[a]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "umaal r10, lr, r8, %[a]\n\t"
+ "umaal r11, lr, r9, %[a]\n\t"
+ "stm r12!, {r10, r11, lr}\n\t"
+ "sub r12, r12, #32\n\t"
+ /* Subtract at 4 * 32 */
+ "ldm r12, {r10, r11}\n\t"
+ "subs r10, r10, %[b]\n\t"
+ "sbcs r11, r11, %[c]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r4\n\t"
+ "sbcs r11, r11, r5\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r6\n\t"
+ "sbcs r11, r11, r7\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "sbcs r10, r10, r8\n\t"
+ "sbc r11, r11, r9\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "sub r12, r12, #36\n\t"
+ "asr lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa00000\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x0\n\t"
+#else
+ "mov %[a], #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[b], #0x4b\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "orr %[b], %[b], #0x9e\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "orr %[b], %[b], #0xba\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "orr %[b], %[b], #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[b], #0xba\n\t"
+ "lsl %[b], %[b], #8\n\t"
+ "add %[b], %[b], #0x7d\n\t"
+#else
+ "mov %[b], #0xba7d\n\t"
+#endif
+ "movt %[b], #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[c], #0xcb\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "orr %[c], %[c], #2\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "orr %[c], %[c], #0x4c\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "orr %[c], %[c], #0x63\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[c], #0x4c\n\t"
+ "lsl %[c], %[c], #8\n\t"
+ "add %[c], %[c], #0x63\n\t"
+#else
+ "mov %[c], #0x4c63\n\t"
+#endif
+ "movt %[c], #0xcb02\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xd4\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x5e\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "orr r4, r4, #0x9a\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r4, #0xf3\n\t"
+ "lsl r4, r4, #8\n\t"
+ "add r4, r4, #0x9a\n\t"
+#else
+ "mov r4, #0xf39a\n\t"
+#endif
+ "movt r4, #0xd45e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #2\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0x9b\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "orr r5, r5, #59\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r5, #0xdf\n\t"
+ "lsl r5, r5, #8\n\t"
+ "add r5, r5, #0x3b\n\t"
+#else
+ "mov r5, #0xdf3b\n\t"
+#endif
+ "movt r5, #0x29b\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r9, #0x20000\n\t"
+ "lsl r9, r9, #8\n\t"
+ "add r9, r9, #0x0\n\t"
+#else
+ "mov r9, #0x2000000\n\t"
+#endif
+ "and %[a], %[a], lr\n\t"
+ "and %[b], %[b], lr\n\t"
+ "and %[c], %[c], lr\n\t"
+ "and r4, r4, lr\n\t"
+ "and r5, r5, lr\n\t"
+ "and r9, r9, lr\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adds r10, r10, %[a]\n\t"
+ "adcs r11, r11, %[b]\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, %[c]\n\t"
+ "adcs r11, r11, r4\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, r5\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10, r11}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, #0\n\t"
+ "stm r12!, {r10, r11}\n\t"
+ "ldm r12, {r10}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "stm r12!, {r10}\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "mov r12, sp\n\t"
+ /* Load bits 252-376 */
+ "add r12, r12, #28\n\t"
+ "ldm r12, {%[a], %[b], %[c], r4, r5}\n\t"
+ "lsl r5, r5, #4\n\t"
+ "orr r5, r5, r4, lsr #28\n\t"
+ "lsl r4, r4, #4\n\t"
+ "orr r4, r4, %[c], lsr #28\n\t"
+ "lsl %[c], %[c], #4\n\t"
+ "orr %[c], %[c], %[b], lsr #28\n\t"
+ "lsl %[b], %[b], #4\n\t"
+ "orr %[b], %[b], %[a], lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r5, r5, #0xe0000000\n\t"
+#else
+ "bfc r5, #29, #3\n\t"
+#endif
+ "sub r12, r12, #28\n\t"
+ /* Sub product of top 4 words and order */
+ "mov %[s], sp\n\t"
+ /* * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa3\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #10\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #44\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x2c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x13\n\t"
+#else
+ "mov %[a], #0x2c13\n\t"
+#endif
+ "movt %[a], #0xa30a\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #8]\n\t"
- "ldr r5, [r0, #12]\n\t"
-#else
- "ldrd r4, r5, [r0, #8]\n\t"
+ "mov lr, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, lr, %[b], %[a]\n\t"
+ "umaal r7, lr, %[c], %[a]\n\t"
+ "umaal r8, lr, r4, %[a]\n\t"
+ "umaal r9, lr, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xa7\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xed\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x9c\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0xe5\n\t"
+#else
+ "mov %[a], #0x9ce5\n\t"
+#endif
+ "movt %[a], #0xa7ed\n\t"
#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #8]\n\t"
- "str r5, [r0, #12]\n\t"
-#else
- "strd r4, r5, [r0, #8]\n\t"
+ "mov r10, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r10, %[b], %[a]\n\t"
+ "umaal r7, r10, %[c], %[a]\n\t"
+ "umaal r8, r10, r4, %[a]\n\t"
+ "umaal r9, r10, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x5d\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #8\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x63\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x29\n\t"
+#else
+ "mov %[a], #0x6329\n\t"
+#endif
+ "movt %[a], #0x5d08\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r0, #16]\n\t"
- "ldr r5, [r0, #20]\n\t"
-#else
- "ldrd r4, r5, [r0, #16]\n\t"
+ "mov r11, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r11, %[b], %[a]\n\t"
+ "umaal r7, r11, %[c], %[a]\n\t"
+ "umaal r8, r11, r4, %[a]\n\t"
+ "umaal r9, r11, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0xeb\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "orr %[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov %[a], #0x6\n\t"
+ "lsl %[a], %[a], #8\n\t"
+ "add %[a], %[a], #0x21\n\t"
+#else
+ "mov %[a], #0x621\n\t"
+#endif
+ "movt %[a], #0xeb21\n\t"
#endif
- "sbcs r4, r4, %[rt]\n\t"
- "sbcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r0, #16]\n\t"
- "str r5, [r0, #20]\n\t"
+ "mov r12, #0\n\t"
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+ "umlal r6, r12, %[b], %[a]\n\t"
+ "umaal r7, r12, %[c], %[a]\n\t"
+ "umaal r8, r12, r4, %[a]\n\t"
+ "umaal r9, r12, r5, %[a]\n\t"
+ "stm %[s], {r6, r7, r8, r9}\n\t"
+ "add %[s], %[s], #4\n\t"
+ /* Add overflows at 4 * 32 */
+ "ldm %[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "adds r6, r6, lr\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adcs r8, r8, r11\n\t"
+ "adc r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "subs r6, r6, %[b]\n\t"
+ "sbcs r7, r7, %[c]\n\t"
+ "sbcs r8, r8, r4\n\t"
+ "sbcs r9, r9, r5\n\t"
+ "sbc %[a], %[a], %[a]\n\t"
+ "sub %[s], %[s], #16\n\t"
+ "ldm %[s], {%[b], %[c], r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x5c\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xf5\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "orr r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0xd3\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0xed\n\t"
+#else
+ "mov r10, #0xd3ed\n\t"
+#endif
+ "movt r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x58\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #18\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "orr r11, r11, #26\n\t"
#else
- "strd r4, r5, [r0, #16]\n\t"
-#endif
- "sbcs r8, r8, %[rt]\n\t"
- "sbc r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [r0, #24]\n\t"
- "str r9, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r11, #0x63\n\t"
+ "lsl r11, r11, #8\n\t"
+ "add r11, r11, #0x1a\n\t"
#else
- "strd r8, r9, [r0, #24]\n\t"
+ "mov r11, #0x631a\n\t"
#endif
- "mov r12, #-19\n\t"
- "asr %[rt], r11, #31\n\t"
- /* Mask the modulus */
- "and r12, %[rt], r12\n\t"
- "and lr, %[rt], #0x7fffffff\n\t"
- /* Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1]\n\t"
- "ldr r5, [r1, #4]\n\t"
-#else
- "ldrd r4, r5, [r1]\n\t"
+ "movt r11, #0x5812\n\t"
#endif
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1]\n\t"
- "str r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0xa2\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xf7\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "orr r12, r12, #0xd6\n\t"
#else
- "strd r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #8]\n\t"
- "ldr r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r12, #0x9c\n\t"
+ "lsl r12, r12, #8\n\t"
+ "add r12, r12, #0xd6\n\t"
#else
- "ldrd r4, r5, [r1, #8]\n\t"
+ "mov r12, #0x9cd6\n\t"
#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #8]\n\t"
- "str r5, [r1, #12]\n\t"
-#else
- "strd r4, r5, [r1, #8]\n\t"
+ "movt r12, #0xa2f7\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r4, [r1, #16]\n\t"
- "ldr r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #20\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "orr lr, lr, #0xde\n\t"
#else
- "ldrd r4, r5, [r1, #16]\n\t"
-#endif
- "adcs r4, r4, %[rt]\n\t"
- "adcs r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r4, [r1, #16]\n\t"
- "str r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov lr, #0xf9\n\t"
+ "lsl lr, lr, #8\n\t"
+ "add lr, lr, #0xde\n\t"
#else
- "strd r4, r5, [r1, #16]\n\t"
+ "mov lr, #0xf9de\n\t"
#endif
- "adcs r10, r10, %[rt]\n\t"
- "adc r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [r1, #24]\n\t"
- "str r11, [r1, #28]\n\t"
-#else
- "strd r10, r11, [r1, #24]\n\t"
+ "movt lr, #0x14de\n\t"
#endif
- "add sp, sp, #0x60\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+ "and r10, r10, %[a]\n\t"
+ "and r11, r11, %[a]\n\t"
+ "and r12, r12, %[a]\n\t"
+ "and lr, lr, %[a]\n\t"
+ "adds %[b], %[b], r10\n\t"
+ "adcs %[c], %[c], r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adcs r5, r5, lr\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adcs r7, r7, #0\n\t"
+ "and %[a], %[a], #0x10000000\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r9, r9, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "bic r9, r9, #0xf0000000\n\t"
+#else
+ "bfc r9, #28, #4\n\t"
+#endif
+ "ldr %[s], [sp, #68]\n\t"
+ /* Store result */
+ "str %[b], [%[s]]\n\t"
+ "str %[c], [%[s], #4]\n\t"
+ "str r4, [%[s], #8]\n\t"
+ "str r5, [%[s], #12]\n\t"
+ "str r6, [%[s], #16]\n\t"
+ "str r7, [%[s], #20]\n\t"
+ "str r8, [%[s], #24]\n\t"
+ "str r9, [%[s], #28]\n\t"
+ "add sp, sp, #0x50\n\t"
+ : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
- (void)px_p;
- (void)py_p;
- (void)pz_p;
- (void)pt_p;
- (void)qz_p;
- (void)qt2d_p;
- (void)qyplusx_p;
- (void)qyminusx_p;
}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
-#endif /* HAVE_CURVE25519 */
-#endif /* !__aarch64__ */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && !__thumb__ */
#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
index ed3364d4..65b47577 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
@@ -30,7 +30,8 @@
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
#ifndef NO_SHA256
#ifdef WOLFSSL_ARMASM_NO_NEON
.text
@@ -111,49 +112,49 @@ Transform_Sha256_Len:
sub sp, sp, #0xc0
adr r3, L_SHA256_transform_len_k
# Copy digest to add in at end
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
ldrd r8, r9, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r0, #24]
ldr r11, [r0, #28]
#else
ldrd r10, r11, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #64]
str r5, [sp, #68]
#else
strd r4, r5, [sp, #64]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #72]
str r7, [sp, #76]
#else
strd r6, r7, [sp, #72]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [sp, #80]
str r9, [sp, #84]
#else
strd r8, r9, [sp, #80]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r10, [sp, #88]
str r11, [sp, #92]
#else
@@ -162,30 +163,144 @@ Transform_Sha256_Len:
# Start of loop processing a block
L_SHA256_transform_len_begin:
# Load, Reverse and Store W - 64 bytes
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
ldr r4, [r1]
ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [r1, #8]
ldr r7, [r1, #12]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [sp]
+ str r5, [sp, #4]
#else
- ldrd r6, r7, [r1, #8]
+ strd r4, r5, [sp]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r8, [r1, #16]
- ldr r9, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [sp, #8]
+ str r7, [sp, #12]
#else
- ldrd r8, r9, [r1, #16]
+ strd r6, r7, [sp, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- ldr r10, [r1, #24]
- ldr r11, [r1, #28]
+ ldr r4, [r1, #16]
+ ldr r5, [r1, #20]
+ ldr r6, [r1, #24]
+ ldr r7, [r1, #28]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [sp, #16]
+ str r5, [sp, #20]
#else
- ldrd r10, r11, [r1, #24]
+ strd r4, r5, [sp, #16]
#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [sp, #24]
+ str r7, [sp, #28]
+#else
+ strd r6, r7, [sp, #24]
+#endif
+ ldr r4, [r1, #32]
+ ldr r5, [r1, #36]
+ ldr r6, [r1, #40]
+ ldr r7, [r1, #44]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [sp, #32]
+ str r5, [sp, #36]
+#else
+ strd r4, r5, [sp, #32]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [sp, #40]
+ str r7, [sp, #44]
+#else
+ strd r6, r7, [sp, #40]
+#endif
+ ldr r4, [r1, #48]
+ ldr r5, [r1, #52]
+ ldr r6, [r1, #56]
+ ldr r7, [r1, #60]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r4, [sp, #48]
+ str r5, [sp, #52]
+#else
+ strd r4, r5, [sp, #48]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ str r6, [sp, #56]
+ str r7, [sp, #60]
+#else
+ strd r6, r7, [sp, #56]
+#endif
+#else
+ ldr r4, [r1]
+ ldr r5, [r1, #4]
+ ldr r6, [r1, #8]
+ ldr r7, [r1, #12]
+ ldr r8, [r1, #16]
+ ldr r9, [r1, #20]
+ ldr r10, [r1, #24]
+ ldr r11, [r1, #28]
rev r4, r4
rev r5, r5
rev r6, r6
@@ -194,54 +309,38 @@ L_SHA256_transform_len_begin:
rev r9, r9
rev r10, r10
rev r11, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp]
str r5, [sp, #4]
#else
strd r4, r5, [sp]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #8]
str r7, [sp, #12]
#else
strd r6, r7, [sp, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [sp, #16]
str r9, [sp, #20]
#else
strd r8, r9, [sp, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r10, [sp, #24]
str r11, [sp, #28]
#else
strd r10, r11, [sp, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r1, #32]
ldr r5, [r1, #36]
-#else
- ldrd r4, r5, [r1, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [r1, #40]
ldr r7, [r1, #44]
-#else
- ldrd r6, r7, [r1, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r8, [r1, #48]
ldr r9, [r1, #52]
-#else
- ldrd r8, r9, [r1, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
-#else
- ldrd r10, r11, [r1, #56]
-#endif
rev r4, r4
rev r5, r5
rev r6, r6
@@ -250,30 +349,31 @@ L_SHA256_transform_len_begin:
rev r9, r9
rev r10, r10
rev r11, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #32]
str r5, [sp, #36]
#else
strd r4, r5, [sp, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #40]
str r7, [sp, #44]
#else
strd r6, r7, [sp, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [sp, #48]
str r9, [sp, #52]
#else
strd r8, r9, [sp, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r10, [sp, #56]
str r11, [sp, #60]
#else
strd r10, r11, [sp, #56]
#endif
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
ldr r11, [r0, #4]
ldr r4, [r0, #8]
eor r11, r11, r4
@@ -1548,25 +1648,25 @@ L_SHA256_transform_len_start:
str r8, [r0, #16]
str r9, [r0]
# Add in digest from start
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #64]
ldr r9, [sp, #68]
#else
ldrd r8, r9, [sp, #64]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [sp, #72]
ldr r11, [sp, #76]
#else
@@ -1576,49 +1676,49 @@ L_SHA256_transform_len_start:
add r5, r5, r9
add r6, r6, r10
add r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #8]
str r7, [r0, #12]
#else
strd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #64]
str r5, [sp, #68]
#else
strd r4, r5, [sp, #64]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #72]
str r7, [sp, #76]
#else
strd r6, r7, [sp, #72]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #80]
ldr r9, [sp, #84]
#else
ldrd r8, r9, [sp, #80]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [sp, #88]
ldr r11, [sp, #92]
#else
@@ -1628,25 +1728,25 @@ L_SHA256_transform_len_start:
add r5, r5, r9
add r6, r6, r10
add r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #24]
str r7, [r0, #28]
#else
strd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #80]
str r5, [sp, #84]
#else
strd r4, r5, [sp, #80]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #88]
str r7, [sp, #92]
#else
@@ -1739,7 +1839,7 @@ Transform_Sha256_Len:
push {r4, r5, r6, r7, r8, r9, r10, lr}
vpush {d8-d11}
sub sp, sp, #24
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r0, [sp]
str r1, [sp, #4]
#else
@@ -1748,25 +1848,25 @@ Transform_Sha256_Len:
str r2, [sp, #8]
adr r12, L_SHA256_transform_neon_len_k
# Load digest into registers
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r2, [r0]
ldr r3, [r0, #4]
#else
ldrd r2, r3, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -1797,7 +1897,7 @@ L_SHA256_transform_neon_len_begin:
# Start of 16 rounds
L_SHA256_transform_neon_len_start:
# Round 0
- vmov r10, d0[0]
+ vmov.32 r10, d0[0]
ror r0, r6, #6
eor r1, r7, r8
eor r0, r0, r6, ror #11
@@ -1820,7 +1920,7 @@ L_SHA256_transform_neon_len_start:
add r9, r9, r0
add r9, r9, r1
# Round 1
- vmov r10, d0[1]
+ vmov.32 r10, d0[1]
# Calc new W[0]-W[1]
vext.8 d10, d0, d1, #4
ror r0, r5, #6
@@ -1863,7 +1963,7 @@ L_SHA256_transform_neon_len_start:
add r8, r8, r0
add r8, r8, r1
# Round 2
- vmov r10, d1[0]
+ vmov.32 r10, d1[0]
ror r0, r4, #6
eor r1, r5, r6
eor r0, r0, r4, ror #11
@@ -1886,7 +1986,7 @@ L_SHA256_transform_neon_len_start:
add r7, r7, r0
add r7, r7, r1
# Round 3
- vmov r10, d1[1]
+ vmov.32 r10, d1[1]
# Calc new W[2]-W[3]
vext.8 d10, d1, d2, #4
ror r0, r3, #6
@@ -1929,7 +2029,7 @@ L_SHA256_transform_neon_len_start:
add r6, r6, r0
add r6, r6, r1
# Round 4
- vmov r10, d2[0]
+ vmov.32 r10, d2[0]
ror r0, r2, #6
eor r1, r3, r4
eor r0, r0, r2, ror #11
@@ -1952,7 +2052,7 @@ L_SHA256_transform_neon_len_start:
add r5, r5, r0
add r5, r5, r1
# Round 5
- vmov r10, d2[1]
+ vmov.32 r10, d2[1]
# Calc new W[4]-W[5]
vext.8 d10, d2, d3, #4
ror r0, r9, #6
@@ -1995,7 +2095,7 @@ L_SHA256_transform_neon_len_start:
add r4, r4, r0
add r4, r4, r1
# Round 6
- vmov r10, d3[0]
+ vmov.32 r10, d3[0]
ror r0, r8, #6
eor r1, r9, r2
eor r0, r0, r8, ror #11
@@ -2018,7 +2118,7 @@ L_SHA256_transform_neon_len_start:
add r3, r3, r0
add r3, r3, r1
# Round 7
- vmov r10, d3[1]
+ vmov.32 r10, d3[1]
# Calc new W[6]-W[7]
vext.8 d10, d3, d4, #4
ror r0, r7, #6
@@ -2061,7 +2161,7 @@ L_SHA256_transform_neon_len_start:
add r2, r2, r0
add r2, r2, r1
# Round 8
- vmov r10, d4[0]
+ vmov.32 r10, d4[0]
ror r0, r6, #6
eor r1, r7, r8
eor r0, r0, r6, ror #11
@@ -2084,7 +2184,7 @@ L_SHA256_transform_neon_len_start:
add r9, r9, r0
add r9, r9, r1
# Round 9
- vmov r10, d4[1]
+ vmov.32 r10, d4[1]
# Calc new W[8]-W[9]
vext.8 d10, d4, d5, #4
ror r0, r5, #6
@@ -2127,7 +2227,7 @@ L_SHA256_transform_neon_len_start:
add r8, r8, r0
add r8, r8, r1
# Round 10
- vmov r10, d5[0]
+ vmov.32 r10, d5[0]
ror r0, r4, #6
eor r1, r5, r6
eor r0, r0, r4, ror #11
@@ -2150,7 +2250,7 @@ L_SHA256_transform_neon_len_start:
add r7, r7, r0
add r7, r7, r1
# Round 11
- vmov r10, d5[1]
+ vmov.32 r10, d5[1]
# Calc new W[10]-W[11]
vext.8 d10, d5, d6, #4
ror r0, r3, #6
@@ -2193,7 +2293,7 @@ L_SHA256_transform_neon_len_start:
add r6, r6, r0
add r6, r6, r1
# Round 12
- vmov r10, d6[0]
+ vmov.32 r10, d6[0]
ror r0, r2, #6
eor r1, r3, r4
eor r0, r0, r2, ror #11
@@ -2216,7 +2316,7 @@ L_SHA256_transform_neon_len_start:
add r5, r5, r0
add r5, r5, r1
# Round 13
- vmov r10, d6[1]
+ vmov.32 r10, d6[1]
# Calc new W[12]-W[13]
vext.8 d10, d6, d7, #4
ror r0, r9, #6
@@ -2259,7 +2359,7 @@ L_SHA256_transform_neon_len_start:
add r4, r4, r0
add r4, r4, r1
# Round 14
- vmov r10, d7[0]
+ vmov.32 r10, d7[0]
ror r0, r8, #6
eor r1, r9, r2
eor r0, r0, r8, ror #11
@@ -2282,7 +2382,7 @@ L_SHA256_transform_neon_len_start:
add r3, r3, r0
add r3, r3, r1
# Round 15
- vmov r10, d7[1]
+ vmov.32 r10, d7[1]
# Calc new W[14]-W[15]
vext.8 d10, d7, d0, #4
ror r0, r7, #6
@@ -2328,7 +2428,7 @@ L_SHA256_transform_neon_len_start:
subs lr, lr, #1
bne L_SHA256_transform_neon_len_start
# Round 0
- vmov r10, d0[0]
+ vmov.32 r10, d0[0]
ror r0, r6, #6
eor r1, r7, r8
eor r0, r0, r6, ror #11
@@ -2351,7 +2451,7 @@ L_SHA256_transform_neon_len_start:
add r9, r9, r0
add r9, r9, r1
# Round 1
- vmov r10, d0[1]
+ vmov.32 r10, d0[1]
ror r0, r5, #6
eor r1, r6, r7
eor r0, r0, r5, ror #11
@@ -2374,7 +2474,7 @@ L_SHA256_transform_neon_len_start:
add r8, r8, r0
add r8, r8, r1
# Round 2
- vmov r10, d1[0]
+ vmov.32 r10, d1[0]
ror r0, r4, #6
eor r1, r5, r6
eor r0, r0, r4, ror #11
@@ -2397,7 +2497,7 @@ L_SHA256_transform_neon_len_start:
add r7, r7, r0
add r7, r7, r1
# Round 3
- vmov r10, d1[1]
+ vmov.32 r10, d1[1]
ror r0, r3, #6
eor r1, r4, r5
eor r0, r0, r3, ror #11
@@ -2420,7 +2520,7 @@ L_SHA256_transform_neon_len_start:
add r6, r6, r0
add r6, r6, r1
# Round 4
- vmov r10, d2[0]
+ vmov.32 r10, d2[0]
ror r0, r2, #6
eor r1, r3, r4
eor r0, r0, r2, ror #11
@@ -2443,7 +2543,7 @@ L_SHA256_transform_neon_len_start:
add r5, r5, r0
add r5, r5, r1
# Round 5
- vmov r10, d2[1]
+ vmov.32 r10, d2[1]
ror r0, r9, #6
eor r1, r2, r3
eor r0, r0, r9, ror #11
@@ -2466,7 +2566,7 @@ L_SHA256_transform_neon_len_start:
add r4, r4, r0
add r4, r4, r1
# Round 6
- vmov r10, d3[0]
+ vmov.32 r10, d3[0]
ror r0, r8, #6
eor r1, r9, r2
eor r0, r0, r8, ror #11
@@ -2489,7 +2589,7 @@ L_SHA256_transform_neon_len_start:
add r3, r3, r0
add r3, r3, r1
# Round 7
- vmov r10, d3[1]
+ vmov.32 r10, d3[1]
ror r0, r7, #6
eor r1, r8, r9
eor r0, r0, r7, ror #11
@@ -2512,7 +2612,7 @@ L_SHA256_transform_neon_len_start:
add r2, r2, r0
add r2, r2, r1
# Round 8
- vmov r10, d4[0]
+ vmov.32 r10, d4[0]
ror r0, r6, #6
eor r1, r7, r8
eor r0, r0, r6, ror #11
@@ -2535,7 +2635,7 @@ L_SHA256_transform_neon_len_start:
add r9, r9, r0
add r9, r9, r1
# Round 9
- vmov r10, d4[1]
+ vmov.32 r10, d4[1]
ror r0, r5, #6
eor r1, r6, r7
eor r0, r0, r5, ror #11
@@ -2558,7 +2658,7 @@ L_SHA256_transform_neon_len_start:
add r8, r8, r0
add r8, r8, r1
# Round 10
- vmov r10, d5[0]
+ vmov.32 r10, d5[0]
ror r0, r4, #6
eor r1, r5, r6
eor r0, r0, r4, ror #11
@@ -2581,7 +2681,7 @@ L_SHA256_transform_neon_len_start:
add r7, r7, r0
add r7, r7, r1
# Round 11
- vmov r10, d5[1]
+ vmov.32 r10, d5[1]
ror r0, r3, #6
eor r1, r4, r5
eor r0, r0, r3, ror #11
@@ -2604,7 +2704,7 @@ L_SHA256_transform_neon_len_start:
add r6, r6, r0
add r6, r6, r1
# Round 12
- vmov r10, d6[0]
+ vmov.32 r10, d6[0]
ror r0, r2, #6
eor r1, r3, r4
eor r0, r0, r2, ror #11
@@ -2627,7 +2727,7 @@ L_SHA256_transform_neon_len_start:
add r5, r5, r0
add r5, r5, r1
# Round 13
- vmov r10, d6[1]
+ vmov.32 r10, d6[1]
ror r0, r9, #6
eor r1, r2, r3
eor r0, r0, r9, ror #11
@@ -2650,7 +2750,7 @@ L_SHA256_transform_neon_len_start:
add r4, r4, r0
add r4, r4, r1
# Round 14
- vmov r10, d7[0]
+ vmov.32 r10, d7[0]
ror r0, r8, #6
eor r1, r9, r2
eor r0, r0, r8, ror #11
@@ -2673,7 +2773,7 @@ L_SHA256_transform_neon_len_start:
add r3, r3, r0
add r3, r3, r1
# Round 15
- vmov r10, d7[1]
+ vmov.32 r10, d7[1]
ror r0, r7, #6
eor r1, r8, r9
eor r0, r0, r7, ror #11
@@ -2697,7 +2797,7 @@ L_SHA256_transform_neon_len_start:
add r2, r2, r1
ldr r10, [sp]
# Add in digest from start
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r0, [r10]
ldr r1, [r10, #4]
#else
@@ -2705,13 +2805,13 @@ L_SHA256_transform_neon_len_start:
#endif
add r2, r2, r0
add r3, r3, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r2, [r10]
str r3, [r10, #4]
#else
strd r2, r3, [r10]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r0, [r10, #8]
ldr r1, [r10, #12]
#else
@@ -2719,13 +2819,13 @@ L_SHA256_transform_neon_len_start:
#endif
add r4, r4, r0
add r5, r5, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r10, #8]
str r5, [r10, #12]
#else
strd r4, r5, [r10, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r0, [r10, #16]
ldr r1, [r10, #20]
#else
@@ -2733,13 +2833,13 @@ L_SHA256_transform_neon_len_start:
#endif
add r6, r6, r0
add r7, r7, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r10, #16]
str r7, [r10, #20]
#else
strd r6, r7, [r10, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r0, [r10, #24]
ldr r1, [r10, #28]
#else
@@ -2747,7 +2847,7 @@ L_SHA256_transform_neon_len_start:
#endif
add r8, r8, r0
add r9, r9, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r10, #24]
str r9, [r10, #28]
#else
@@ -2765,9 +2865,10 @@ L_SHA256_transform_neon_len_start:
.size Transform_Sha256_Len,.-Transform_Sha256_Len
#endif /* WOLFSSL_ARMASM_NO_NEON */
#endif /* !NO_SHA256 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
#endif /* WOLFSSL_ARMASM */
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
index d81d5bba..3a5e200e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
@@ -28,139 +28,106 @@
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
#include <stdint.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
#ifdef WOLFSSL_ARMASM_NO_NEON
static const uint32_t L_SHA256_transform_len_k[] = {
- 0x428a2f98,
- 0x71374491,
- 0xb5c0fbcf,
- 0xe9b5dba5,
- 0x3956c25b,
- 0x59f111f1,
- 0x923f82a4,
- 0xab1c5ed5,
- 0xd807aa98,
- 0x12835b01,
- 0x243185be,
- 0x550c7dc3,
- 0x72be5d74,
- 0x80deb1fe,
- 0x9bdc06a7,
- 0xc19bf174,
- 0xe49b69c1,
- 0xefbe4786,
- 0xfc19dc6,
- 0x240ca1cc,
- 0x2de92c6f,
- 0x4a7484aa,
- 0x5cb0a9dc,
- 0x76f988da,
- 0x983e5152,
- 0xa831c66d,
- 0xb00327c8,
- 0xbf597fc7,
- 0xc6e00bf3,
- 0xd5a79147,
- 0x6ca6351,
- 0x14292967,
- 0x27b70a85,
- 0x2e1b2138,
- 0x4d2c6dfc,
- 0x53380d13,
- 0x650a7354,
- 0x766a0abb,
- 0x81c2c92e,
- 0x92722c85,
- 0xa2bfe8a1,
- 0xa81a664b,
- 0xc24b8b70,
- 0xc76c51a3,
- 0xd192e819,
- 0xd6990624,
- 0xf40e3585,
- 0x106aa070,
- 0x19a4c116,
- 0x1e376c08,
- 0x2748774c,
- 0x34b0bcb5,
- 0x391c0cb3,
- 0x4ed8aa4a,
- 0x5b9cca4f,
- 0x682e6ff3,
- 0x748f82ee,
- 0x78a5636f,
- 0x84c87814,
- 0x8cc70208,
- 0x90befffa,
- 0xa4506ceb,
- 0xbef9a3f7,
- 0xc67178f2,
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
};
-void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p);
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len);
void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
{
- register wc_Sha256* sha256 asm ("r0") = sha256_p;
- register const byte* data asm ("r1") = data_p;
- register word32 len asm ("r2") = len_p;
+ register wc_Sha256* sha256 asm ("r0") = (wc_Sha256*)sha256_p;
+ register const byte* data asm ("r1") = (const byte*)data_p;
+ register word32 len asm ("r2") = (word32)len_p;
+ register uint32_t* L_SHA256_transform_len_k_c asm ("r3") = (uint32_t*)&L_SHA256_transform_len_k;
__asm__ __volatile__ (
"sub sp, sp, #0xc0\n\t"
- "mov r3, %[L_SHA256_transform_len_k]\n\t"
/* Copy digest to add in at end */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha256]]\n\t"
"ldr r5, [%[sha256], #4]\n\t"
#else
"ldrd r4, r5, [%[sha256]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha256], #8]\n\t"
"ldr r7, [%[sha256], #12]\n\t"
#else
"ldrd r6, r7, [%[sha256], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha256], #16]\n\t"
"ldr r9, [%[sha256], #20]\n\t"
#else
"ldrd r8, r9, [%[sha256], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[sha256], #24]\n\t"
"ldr r11, [%[sha256], #28]\n\t"
#else
"ldrd r10, r11, [%[sha256], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #64]\n\t"
"str r5, [sp, #68]\n\t"
#else
"strd r4, r5, [sp, #64]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #72]\n\t"
"str r7, [sp, #76]\n\t"
#else
"strd r6, r7, [sp, #72]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [sp, #80]\n\t"
"str r9, [sp, #84]\n\t"
#else
"strd r8, r9, [sp, #80]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [sp, #88]\n\t"
"str r11, [sp, #92]\n\t"
#else
@@ -170,30 +137,144 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"\n"
"L_SHA256_transform_len_begin_%=: \n\t"
/* Load, Reverse and Store W - 64 bytes */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
"ldr r4, [%[data]]\n\t"
"ldr r5, [%[data], #4]\n\t"
-#else
- "ldrd r4, r5, [%[data]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [%[data], #8]\n\t"
"ldr r7, [%[data], #12]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [sp]\n\t"
+ "str r5, [sp, #4]\n\t"
#else
- "ldrd r6, r7, [%[data], #8]\n\t"
+ "strd r4, r5, [sp]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r8, [%[data], #16]\n\t"
- "ldr r9, [%[data], #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [sp, #8]\n\t"
+ "str r7, [sp, #12]\n\t"
#else
- "ldrd r8, r9, [%[data], #16]\n\t"
+ "strd r6, r7, [sp, #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "ldr r10, [%[data], #24]\n\t"
- "ldr r11, [%[data], #28]\n\t"
+ "ldr r4, [%[data], #16]\n\t"
+ "ldr r5, [%[data], #20]\n\t"
+ "ldr r6, [%[data], #24]\n\t"
+ "ldr r7, [%[data], #28]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [sp, #16]\n\t"
+ "str r5, [sp, #20]\n\t"
+#else
+ "strd r4, r5, [sp, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [sp, #24]\n\t"
+ "str r7, [sp, #28]\n\t"
+#else
+ "strd r6, r7, [sp, #24]\n\t"
+#endif
+ "ldr r4, [%[data], #32]\n\t"
+ "ldr r5, [%[data], #36]\n\t"
+ "ldr r6, [%[data], #40]\n\t"
+ "ldr r7, [%[data], #44]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [sp, #32]\n\t"
+ "str r5, [sp, #36]\n\t"
+#else
+ "strd r4, r5, [sp, #32]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [sp, #40]\n\t"
+ "str r7, [sp, #44]\n\t"
+#else
+ "strd r6, r7, [sp, #40]\n\t"
+#endif
+ "ldr r4, [%[data], #48]\n\t"
+ "ldr r5, [%[data], #52]\n\t"
+ "ldr r6, [%[data], #56]\n\t"
+ "ldr r7, [%[data], #60]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r4, [sp, #48]\n\t"
+ "str r5, [sp, #52]\n\t"
+#else
+ "strd r4, r5, [sp, #48]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r6, [sp, #56]\n\t"
+ "str r7, [sp, #60]\n\t"
#else
- "ldrd r10, r11, [%[data], #24]\n\t"
+ "strd r6, r7, [sp, #56]\n\t"
#endif
+#else
+ "ldr r4, [%[data]]\n\t"
+ "ldr r5, [%[data], #4]\n\t"
+ "ldr r6, [%[data], #8]\n\t"
+ "ldr r7, [%[data], #12]\n\t"
+ "ldr r8, [%[data], #16]\n\t"
+ "ldr r9, [%[data], #20]\n\t"
+ "ldr r10, [%[data], #24]\n\t"
+ "ldr r11, [%[data], #28]\n\t"
"rev r4, r4\n\t"
"rev r5, r5\n\t"
"rev r6, r6\n\t"
@@ -202,54 +283,38 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"rev r9, r9\n\t"
"rev r10, r10\n\t"
"rev r11, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp]\n\t"
"str r5, [sp, #4]\n\t"
#else
"strd r4, r5, [sp]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #8]\n\t"
"str r7, [sp, #12]\n\t"
#else
"strd r6, r7, [sp, #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [sp, #16]\n\t"
"str r9, [sp, #20]\n\t"
#else
"strd r8, r9, [sp, #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [sp, #24]\n\t"
"str r11, [sp, #28]\n\t"
#else
"strd r10, r11, [sp, #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[data], #32]\n\t"
"ldr r5, [%[data], #36]\n\t"
-#else
- "ldrd r4, r5, [%[data], #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [%[data], #40]\n\t"
"ldr r7, [%[data], #44]\n\t"
-#else
- "ldrd r6, r7, [%[data], #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r8, [%[data], #48]\n\t"
"ldr r9, [%[data], #52]\n\t"
-#else
- "ldrd r8, r9, [%[data], #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r10, [%[data], #56]\n\t"
"ldr r11, [%[data], #60]\n\t"
-#else
- "ldrd r10, r11, [%[data], #56]\n\t"
-#endif
"rev r4, r4\n\t"
"rev r5, r5\n\t"
"rev r6, r6\n\t"
@@ -258,30 +323,31 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"rev r9, r9\n\t"
"rev r10, r10\n\t"
"rev r11, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #32]\n\t"
"str r5, [sp, #36]\n\t"
#else
"strd r4, r5, [sp, #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #40]\n\t"
"str r7, [sp, #44]\n\t"
#else
"strd r6, r7, [sp, #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [sp, #48]\n\t"
"str r9, [sp, #52]\n\t"
#else
"strd r8, r9, [sp, #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [sp, #56]\n\t"
"str r11, [sp, #60]\n\t"
#else
"strd r10, r11, [sp, #56]\n\t"
#endif
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
"ldr r11, [%[sha256], #4]\n\t"
"ldr r4, [%[sha256], #8]\n\t"
"eor r11, r11, r4\n\t"
@@ -1557,25 +1623,25 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"str r8, [%[sha256], #16]\n\t"
"str r9, [%[sha256]]\n\t"
/* Add in digest from start */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha256]]\n\t"
"ldr r5, [%[sha256], #4]\n\t"
#else
"ldrd r4, r5, [%[sha256]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha256], #8]\n\t"
"ldr r7, [%[sha256], #12]\n\t"
#else
"ldrd r6, r7, [%[sha256], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #64]\n\t"
"ldr r9, [sp, #68]\n\t"
#else
"ldrd r8, r9, [sp, #64]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [sp, #72]\n\t"
"ldr r11, [sp, #76]\n\t"
#else
@@ -1585,49 +1651,49 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r5, r5, r9\n\t"
"add r6, r6, r10\n\t"
"add r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha256]]\n\t"
"str r5, [%[sha256], #4]\n\t"
#else
"strd r4, r5, [%[sha256]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha256], #8]\n\t"
"str r7, [%[sha256], #12]\n\t"
#else
"strd r6, r7, [%[sha256], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #64]\n\t"
"str r5, [sp, #68]\n\t"
#else
"strd r4, r5, [sp, #64]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #72]\n\t"
"str r7, [sp, #76]\n\t"
#else
"strd r6, r7, [sp, #72]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha256], #16]\n\t"
"ldr r5, [%[sha256], #20]\n\t"
#else
"ldrd r4, r5, [%[sha256], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha256], #24]\n\t"
"ldr r7, [%[sha256], #28]\n\t"
#else
"ldrd r6, r7, [%[sha256], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #80]\n\t"
"ldr r9, [sp, #84]\n\t"
#else
"ldrd r8, r9, [sp, #80]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [sp, #88]\n\t"
"ldr r11, [sp, #92]\n\t"
#else
@@ -1637,25 +1703,25 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r5, r5, r9\n\t"
"add r6, r6, r10\n\t"
"add r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha256], #16]\n\t"
"str r5, [%[sha256], #20]\n\t"
#else
"strd r4, r5, [%[sha256], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha256], #24]\n\t"
"str r7, [%[sha256], #28]\n\t"
#else
"strd r6, r7, [%[sha256], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #80]\n\t"
"str r5, [sp, #84]\n\t"
#else
"strd r4, r5, [sp, #80]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #88]\n\t"
"str r7, [sp, #92]\n\t"
#else
@@ -1666,9 +1732,9 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add %[data], %[data], #0x40\n\t"
"bne L_SHA256_transform_len_begin_%=\n\t"
"add sp, sp, #0xc0\n\t"
- : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len)
- : [L_SHA256_transform_len_k] "r" (L_SHA256_transform_len_k)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len), [L_SHA256_transform_len_k] "+r" (L_SHA256_transform_len_k_c)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -1677,82 +1743,35 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
#ifndef WOLFSSL_ARMASM_NO_NEON
static const uint32_t L_SHA256_transform_neon_len_k[] = {
- 0x428a2f98,
- 0x71374491,
- 0xb5c0fbcf,
- 0xe9b5dba5,
- 0x3956c25b,
- 0x59f111f1,
- 0x923f82a4,
- 0xab1c5ed5,
- 0xd807aa98,
- 0x12835b01,
- 0x243185be,
- 0x550c7dc3,
- 0x72be5d74,
- 0x80deb1fe,
- 0x9bdc06a7,
- 0xc19bf174,
- 0xe49b69c1,
- 0xefbe4786,
- 0xfc19dc6,
- 0x240ca1cc,
- 0x2de92c6f,
- 0x4a7484aa,
- 0x5cb0a9dc,
- 0x76f988da,
- 0x983e5152,
- 0xa831c66d,
- 0xb00327c8,
- 0xbf597fc7,
- 0xc6e00bf3,
- 0xd5a79147,
- 0x6ca6351,
- 0x14292967,
- 0x27b70a85,
- 0x2e1b2138,
- 0x4d2c6dfc,
- 0x53380d13,
- 0x650a7354,
- 0x766a0abb,
- 0x81c2c92e,
- 0x92722c85,
- 0xa2bfe8a1,
- 0xa81a664b,
- 0xc24b8b70,
- 0xc76c51a3,
- 0xd192e819,
- 0xd6990624,
- 0xf40e3585,
- 0x106aa070,
- 0x19a4c116,
- 0x1e376c08,
- 0x2748774c,
- 0x34b0bcb5,
- 0x391c0cb3,
- 0x4ed8aa4a,
- 0x5b9cca4f,
- 0x682e6ff3,
- 0x748f82ee,
- 0x78a5636f,
- 0x84c87814,
- 0x8cc70208,
- 0x90befffa,
- 0xa4506ceb,
- 0xbef9a3f7,
- 0xc67178f2,
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
};
-void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p);
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len);
void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
{
- register wc_Sha256* sha256 asm ("r0") = sha256_p;
- register const byte* data asm ("r1") = data_p;
- register word32 len asm ("r2") = len_p;
+ register wc_Sha256* sha256 asm ("r0") = (wc_Sha256*)sha256_p;
+ register const byte* data asm ("r1") = (const byte*)data_p;
+ register word32 len asm ("r2") = (word32)len_p;
+ register uint32_t* L_SHA256_transform_neon_len_k_c asm ("r3") = (uint32_t*)&L_SHA256_transform_neon_len_k;
__asm__ __volatile__ (
"sub sp, sp, #24\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str %[sha256], [sp]\n\t"
"str %[data], [sp, #4]\n\t"
#else
@@ -1761,25 +1780,25 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"str %[len], [sp, #8]\n\t"
"mov r12, %[L_SHA256_transform_neon_len_k]\n\t"
/* Load digest into registers */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr %[len], [%[sha256]]\n\t"
"ldr r3, [%[sha256], #4]\n\t"
#else
"ldrd %[len], r3, [%[sha256]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha256], #8]\n\t"
"ldr r5, [%[sha256], #12]\n\t"
#else
"ldrd r4, r5, [%[sha256], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha256], #16]\n\t"
"ldr r7, [%[sha256], #20]\n\t"
#else
"ldrd r6, r7, [%[sha256], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha256], #24]\n\t"
"ldr r9, [%[sha256], #28]\n\t"
#else
@@ -1812,7 +1831,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"\n"
"L_SHA256_transform_neon_len_start_%=: \n\t"
/* Round 0 */
- "vmov r10, d0[0]\n\t"
+ "vmov.32 r10, d0[0]\n\t"
"ror %[sha256], r6, #6\n\t"
"eor %[data], r7, r8\n\t"
"eor %[sha256], %[sha256], r6, ror #11\n\t"
@@ -1835,7 +1854,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r9, r9, %[sha256]\n\t"
"add r9, r9, %[data]\n\t"
/* Round 1 */
- "vmov r10, d0[1]\n\t"
+ "vmov.32 r10, d0[1]\n\t"
/* Calc new W[0]-W[1] */
"vext.8 d10, d0, d1, #4\n\t"
"ror %[sha256], r5, #6\n\t"
@@ -1878,7 +1897,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r8, r8, %[sha256]\n\t"
"add r8, r8, %[data]\n\t"
/* Round 2 */
- "vmov r10, d1[0]\n\t"
+ "vmov.32 r10, d1[0]\n\t"
"ror %[sha256], r4, #6\n\t"
"eor %[data], r5, r6\n\t"
"eor %[sha256], %[sha256], r4, ror #11\n\t"
@@ -1901,7 +1920,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r7, r7, %[sha256]\n\t"
"add r7, r7, %[data]\n\t"
/* Round 3 */
- "vmov r10, d1[1]\n\t"
+ "vmov.32 r10, d1[1]\n\t"
/* Calc new W[2]-W[3] */
"vext.8 d10, d1, d2, #4\n\t"
"ror %[sha256], r3, #6\n\t"
@@ -1944,7 +1963,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r6, r6, %[sha256]\n\t"
"add r6, r6, %[data]\n\t"
/* Round 4 */
- "vmov r10, d2[0]\n\t"
+ "vmov.32 r10, d2[0]\n\t"
"ror %[sha256], %[len], #6\n\t"
"eor %[data], r3, r4\n\t"
"eor %[sha256], %[sha256], %[len], ror #11\n\t"
@@ -1967,7 +1986,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r5, r5, %[sha256]\n\t"
"add r5, r5, %[data]\n\t"
/* Round 5 */
- "vmov r10, d2[1]\n\t"
+ "vmov.32 r10, d2[1]\n\t"
/* Calc new W[4]-W[5] */
"vext.8 d10, d2, d3, #4\n\t"
"ror %[sha256], r9, #6\n\t"
@@ -2010,7 +2029,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r4, r4, %[sha256]\n\t"
"add r4, r4, %[data]\n\t"
/* Round 6 */
- "vmov r10, d3[0]\n\t"
+ "vmov.32 r10, d3[0]\n\t"
"ror %[sha256], r8, #6\n\t"
"eor %[data], r9, %[len]\n\t"
"eor %[sha256], %[sha256], r8, ror #11\n\t"
@@ -2033,7 +2052,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r3, r3, %[sha256]\n\t"
"add r3, r3, %[data]\n\t"
/* Round 7 */
- "vmov r10, d3[1]\n\t"
+ "vmov.32 r10, d3[1]\n\t"
/* Calc new W[6]-W[7] */
"vext.8 d10, d3, d4, #4\n\t"
"ror %[sha256], r7, #6\n\t"
@@ -2076,7 +2095,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add %[len], %[len], %[sha256]\n\t"
"add %[len], %[len], %[data]\n\t"
/* Round 8 */
- "vmov r10, d4[0]\n\t"
+ "vmov.32 r10, d4[0]\n\t"
"ror %[sha256], r6, #6\n\t"
"eor %[data], r7, r8\n\t"
"eor %[sha256], %[sha256], r6, ror #11\n\t"
@@ -2099,7 +2118,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r9, r9, %[sha256]\n\t"
"add r9, r9, %[data]\n\t"
/* Round 9 */
- "vmov r10, d4[1]\n\t"
+ "vmov.32 r10, d4[1]\n\t"
/* Calc new W[8]-W[9] */
"vext.8 d10, d4, d5, #4\n\t"
"ror %[sha256], r5, #6\n\t"
@@ -2142,7 +2161,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r8, r8, %[sha256]\n\t"
"add r8, r8, %[data]\n\t"
/* Round 10 */
- "vmov r10, d5[0]\n\t"
+ "vmov.32 r10, d5[0]\n\t"
"ror %[sha256], r4, #6\n\t"
"eor %[data], r5, r6\n\t"
"eor %[sha256], %[sha256], r4, ror #11\n\t"
@@ -2165,7 +2184,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r7, r7, %[sha256]\n\t"
"add r7, r7, %[data]\n\t"
/* Round 11 */
- "vmov r10, d5[1]\n\t"
+ "vmov.32 r10, d5[1]\n\t"
/* Calc new W[10]-W[11] */
"vext.8 d10, d5, d6, #4\n\t"
"ror %[sha256], r3, #6\n\t"
@@ -2208,7 +2227,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r6, r6, %[sha256]\n\t"
"add r6, r6, %[data]\n\t"
/* Round 12 */
- "vmov r10, d6[0]\n\t"
+ "vmov.32 r10, d6[0]\n\t"
"ror %[sha256], %[len], #6\n\t"
"eor %[data], r3, r4\n\t"
"eor %[sha256], %[sha256], %[len], ror #11\n\t"
@@ -2231,7 +2250,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r5, r5, %[sha256]\n\t"
"add r5, r5, %[data]\n\t"
/* Round 13 */
- "vmov r10, d6[1]\n\t"
+ "vmov.32 r10, d6[1]\n\t"
/* Calc new W[12]-W[13] */
"vext.8 d10, d6, d7, #4\n\t"
"ror %[sha256], r9, #6\n\t"
@@ -2274,7 +2293,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r4, r4, %[sha256]\n\t"
"add r4, r4, %[data]\n\t"
/* Round 14 */
- "vmov r10, d7[0]\n\t"
+ "vmov.32 r10, d7[0]\n\t"
"ror %[sha256], r8, #6\n\t"
"eor %[data], r9, %[len]\n\t"
"eor %[sha256], %[sha256], r8, ror #11\n\t"
@@ -2297,7 +2316,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r3, r3, %[sha256]\n\t"
"add r3, r3, %[data]\n\t"
/* Round 15 */
- "vmov r10, d7[1]\n\t"
+ "vmov.32 r10, d7[1]\n\t"
/* Calc new W[14]-W[15] */
"vext.8 d10, d7, d0, #4\n\t"
"ror %[sha256], r7, #6\n\t"
@@ -2343,7 +2362,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"subs lr, lr, #1\n\t"
"bne L_SHA256_transform_neon_len_start_%=\n\t"
/* Round 0 */
- "vmov r10, d0[0]\n\t"
+ "vmov.32 r10, d0[0]\n\t"
"ror %[sha256], r6, #6\n\t"
"eor %[data], r7, r8\n\t"
"eor %[sha256], %[sha256], r6, ror #11\n\t"
@@ -2366,7 +2385,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r9, r9, %[sha256]\n\t"
"add r9, r9, %[data]\n\t"
/* Round 1 */
- "vmov r10, d0[1]\n\t"
+ "vmov.32 r10, d0[1]\n\t"
"ror %[sha256], r5, #6\n\t"
"eor %[data], r6, r7\n\t"
"eor %[sha256], %[sha256], r5, ror #11\n\t"
@@ -2389,7 +2408,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r8, r8, %[sha256]\n\t"
"add r8, r8, %[data]\n\t"
/* Round 2 */
- "vmov r10, d1[0]\n\t"
+ "vmov.32 r10, d1[0]\n\t"
"ror %[sha256], r4, #6\n\t"
"eor %[data], r5, r6\n\t"
"eor %[sha256], %[sha256], r4, ror #11\n\t"
@@ -2412,7 +2431,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r7, r7, %[sha256]\n\t"
"add r7, r7, %[data]\n\t"
/* Round 3 */
- "vmov r10, d1[1]\n\t"
+ "vmov.32 r10, d1[1]\n\t"
"ror %[sha256], r3, #6\n\t"
"eor %[data], r4, r5\n\t"
"eor %[sha256], %[sha256], r3, ror #11\n\t"
@@ -2435,7 +2454,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r6, r6, %[sha256]\n\t"
"add r6, r6, %[data]\n\t"
/* Round 4 */
- "vmov r10, d2[0]\n\t"
+ "vmov.32 r10, d2[0]\n\t"
"ror %[sha256], %[len], #6\n\t"
"eor %[data], r3, r4\n\t"
"eor %[sha256], %[sha256], %[len], ror #11\n\t"
@@ -2458,7 +2477,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r5, r5, %[sha256]\n\t"
"add r5, r5, %[data]\n\t"
/* Round 5 */
- "vmov r10, d2[1]\n\t"
+ "vmov.32 r10, d2[1]\n\t"
"ror %[sha256], r9, #6\n\t"
"eor %[data], %[len], r3\n\t"
"eor %[sha256], %[sha256], r9, ror #11\n\t"
@@ -2481,7 +2500,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r4, r4, %[sha256]\n\t"
"add r4, r4, %[data]\n\t"
/* Round 6 */
- "vmov r10, d3[0]\n\t"
+ "vmov.32 r10, d3[0]\n\t"
"ror %[sha256], r8, #6\n\t"
"eor %[data], r9, %[len]\n\t"
"eor %[sha256], %[sha256], r8, ror #11\n\t"
@@ -2504,7 +2523,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r3, r3, %[sha256]\n\t"
"add r3, r3, %[data]\n\t"
/* Round 7 */
- "vmov r10, d3[1]\n\t"
+ "vmov.32 r10, d3[1]\n\t"
"ror %[sha256], r7, #6\n\t"
"eor %[data], r8, r9\n\t"
"eor %[sha256], %[sha256], r7, ror #11\n\t"
@@ -2527,7 +2546,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add %[len], %[len], %[sha256]\n\t"
"add %[len], %[len], %[data]\n\t"
/* Round 8 */
- "vmov r10, d4[0]\n\t"
+ "vmov.32 r10, d4[0]\n\t"
"ror %[sha256], r6, #6\n\t"
"eor %[data], r7, r8\n\t"
"eor %[sha256], %[sha256], r6, ror #11\n\t"
@@ -2550,7 +2569,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r9, r9, %[sha256]\n\t"
"add r9, r9, %[data]\n\t"
/* Round 9 */
- "vmov r10, d4[1]\n\t"
+ "vmov.32 r10, d4[1]\n\t"
"ror %[sha256], r5, #6\n\t"
"eor %[data], r6, r7\n\t"
"eor %[sha256], %[sha256], r5, ror #11\n\t"
@@ -2573,7 +2592,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r8, r8, %[sha256]\n\t"
"add r8, r8, %[data]\n\t"
/* Round 10 */
- "vmov r10, d5[0]\n\t"
+ "vmov.32 r10, d5[0]\n\t"
"ror %[sha256], r4, #6\n\t"
"eor %[data], r5, r6\n\t"
"eor %[sha256], %[sha256], r4, ror #11\n\t"
@@ -2596,7 +2615,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r7, r7, %[sha256]\n\t"
"add r7, r7, %[data]\n\t"
/* Round 11 */
- "vmov r10, d5[1]\n\t"
+ "vmov.32 r10, d5[1]\n\t"
"ror %[sha256], r3, #6\n\t"
"eor %[data], r4, r5\n\t"
"eor %[sha256], %[sha256], r3, ror #11\n\t"
@@ -2619,7 +2638,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r6, r6, %[sha256]\n\t"
"add r6, r6, %[data]\n\t"
/* Round 12 */
- "vmov r10, d6[0]\n\t"
+ "vmov.32 r10, d6[0]\n\t"
"ror %[sha256], %[len], #6\n\t"
"eor %[data], r3, r4\n\t"
"eor %[sha256], %[sha256], %[len], ror #11\n\t"
@@ -2642,7 +2661,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r5, r5, %[sha256]\n\t"
"add r5, r5, %[data]\n\t"
/* Round 13 */
- "vmov r10, d6[1]\n\t"
+ "vmov.32 r10, d6[1]\n\t"
"ror %[sha256], r9, #6\n\t"
"eor %[data], %[len], r3\n\t"
"eor %[sha256], %[sha256], r9, ror #11\n\t"
@@ -2665,7 +2684,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r4, r4, %[sha256]\n\t"
"add r4, r4, %[data]\n\t"
/* Round 14 */
- "vmov r10, d7[0]\n\t"
+ "vmov.32 r10, d7[0]\n\t"
"ror %[sha256], r8, #6\n\t"
"eor %[data], r9, %[len]\n\t"
"eor %[sha256], %[sha256], r8, ror #11\n\t"
@@ -2688,7 +2707,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add r3, r3, %[sha256]\n\t"
"add r3, r3, %[data]\n\t"
/* Round 15 */
- "vmov r10, d7[1]\n\t"
+ "vmov.32 r10, d7[1]\n\t"
"ror %[sha256], r7, #6\n\t"
"eor %[data], r8, r9\n\t"
"eor %[sha256], %[sha256], r7, ror #11\n\t"
@@ -2712,7 +2731,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"add %[len], %[len], %[data]\n\t"
"ldr r10, [sp]\n\t"
/* Add in digest from start */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr %[sha256], [r10]\n\t"
"ldr %[data], [r10, #4]\n\t"
#else
@@ -2720,13 +2739,13 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
#endif
"add %[len], %[len], %[sha256]\n\t"
"add r3, r3, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str %[len], [r10]\n\t"
"str r3, [r10, #4]\n\t"
#else
"strd %[len], r3, [r10]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr %[sha256], [r10, #8]\n\t"
"ldr %[data], [r10, #12]\n\t"
#else
@@ -2734,13 +2753,13 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
#endif
"add r4, r4, %[sha256]\n\t"
"add r5, r5, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [r10, #8]\n\t"
"str r5, [r10, #12]\n\t"
#else
"strd r4, r5, [r10, #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr %[sha256], [r10, #16]\n\t"
"ldr %[data], [r10, #20]\n\t"
#else
@@ -2748,13 +2767,13 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
#endif
"add r6, r6, %[sha256]\n\t"
"add r7, r7, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [r10, #16]\n\t"
"str r7, [r10, #20]\n\t"
#else
"strd r6, r7, [r10, #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr %[sha256], [r10, #24]\n\t"
"ldr %[data], [r10, #28]\n\t"
#else
@@ -2762,7 +2781,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
#endif
"add r8, r8, %[sha256]\n\t"
"add r9, r9, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [r10, #24]\n\t"
"str r9, [r10, #28]\n\t"
#else
@@ -2775,13 +2794,17 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
"str r10, [sp, #8]\n\t"
"bne L_SHA256_transform_neon_len_begin_%=\n\t"
"add sp, sp, #24\n\t"
- : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len)
- : [L_SHA256_transform_neon_len_k] "r" (L_SHA256_transform_neon_len_k)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11"
+ : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len), [L_SHA256_transform_neon_len_k] "+r" (L_SHA256_transform_neon_len_k_c)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11", "cc"
);
}
#endif /* WOLFSSL_ARMASM_NO_NEON */
#endif /* !NO_SHA256 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
index 5627688a..f06ae928 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
@@ -30,7 +30,8 @@
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_ARMASM_NO_NEON
.text
@@ -207,97 +208,97 @@ Transform_Sha512_Len:
sub sp, sp, #0xc0
adr r3, L_SHA512_transform_len_k
# Copy digest to add in at end
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
ldrd r8, r9, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r0, #24]
ldr r11, [r0, #28]
#else
ldrd r10, r11, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #128]
str r5, [sp, #132]
#else
strd r4, r5, [sp, #128]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #136]
str r7, [sp, #140]
#else
strd r6, r7, [sp, #136]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [sp, #144]
str r9, [sp, #148]
#else
strd r8, r9, [sp, #144]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r10, [sp, #152]
str r11, [sp, #156]
#else
strd r10, r11, [sp, #152]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
ldrd r8, r9, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r0, #56]
ldr r11, [r0, #60]
#else
ldrd r10, r11, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #160]
str r5, [sp, #164]
#else
strd r4, r5, [sp, #160]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #168]
str r7, [sp, #172]
#else
strd r6, r7, [sp, #168]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [sp, #176]
str r9, [sp, #180]
#else
strd r8, r9, [sp, #176]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r10, [sp, #184]
str r11, [sp, #188]
#else
@@ -305,31 +306,209 @@ Transform_Sha512_Len:
#endif
# Start of loop processing a block
L_SHA512_transform_len_begin:
- # Load, Reverse and Store W
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ # Load, Reverse and Store W - 64 bytes
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
ldr r4, [r1]
ldr r5, [r1, #4]
-#else
- ldrd r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [r1, #8]
ldr r7, [r1, #12]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp]
+ str r4, [sp, #4]
+ str r7, [sp, #8]
+ str r6, [sp, #12]
+ ldr r4, [r1, #16]
+ ldr r5, [r1, #20]
+ ldr r6, [r1, #24]
+ ldr r7, [r1, #28]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #16]
+ str r4, [sp, #20]
+ str r7, [sp, #24]
+ str r6, [sp, #28]
+ ldr r4, [r1, #32]
+ ldr r5, [r1, #36]
+ ldr r6, [r1, #40]
+ ldr r7, [r1, #44]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #32]
+ str r4, [sp, #36]
+ str r7, [sp, #40]
+ str r6, [sp, #44]
+ ldr r4, [r1, #48]
+ ldr r5, [r1, #52]
+ ldr r6, [r1, #56]
+ ldr r7, [r1, #60]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #48]
+ str r4, [sp, #52]
+ str r7, [sp, #56]
+ str r6, [sp, #60]
+ ldr r4, [r1, #64]
+ ldr r5, [r1, #68]
+ ldr r6, [r1, #72]
+ ldr r7, [r1, #76]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #64]
+ str r4, [sp, #68]
+ str r7, [sp, #72]
+ str r6, [sp, #76]
+ ldr r4, [r1, #80]
+ ldr r5, [r1, #84]
+ ldr r6, [r1, #88]
+ ldr r7, [r1, #92]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #80]
+ str r4, [sp, #84]
+ str r7, [sp, #88]
+ str r6, [sp, #92]
+ ldr r4, [r1, #96]
+ ldr r5, [r1, #100]
+ ldr r6, [r1, #104]
+ ldr r7, [r1, #108]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #96]
+ str r4, [sp, #100]
+ str r7, [sp, #104]
+ str r6, [sp, #108]
+ ldr r4, [r1, #112]
+ ldr r5, [r1, #116]
+ ldr r6, [r1, #120]
+ ldr r7, [r1, #124]
+ eor r8, r4, r4, ror #16
+ eor r9, r5, r5, ror #16
+ eor r10, r6, r6, ror #16
+ eor r11, r7, r7, ror #16
+ bic r8, r8, #0xff0000
+ bic r9, r9, #0xff0000
+ bic r10, r10, #0xff0000
+ bic r11, r11, #0xff0000
+ ror r4, r4, #8
+ ror r5, r5, #8
+ ror r6, r6, #8
+ ror r7, r7, #8
+ eor r4, r4, r8, lsr #8
+ eor r5, r5, r9, lsr #8
+ eor r6, r6, r10, lsr #8
+ eor r7, r7, r11, lsr #8
+ str r5, [sp, #112]
+ str r4, [sp, #116]
+ str r7, [sp, #120]
+ str r6, [sp, #124]
#else
- ldrd r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ ldr r4, [r1]
+ ldr r5, [r1, #4]
+ ldr r6, [r1, #8]
+ ldr r7, [r1, #12]
ldr r8, [r1, #16]
ldr r9, [r1, #20]
-#else
- ldrd r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r10, [r1, #24]
ldr r11, [r1, #28]
-#else
- ldrd r10, r11, [r1, #24]
-#endif
rev r4, r4
rev r5, r5
rev r6, r6
@@ -346,30 +525,14 @@ L_SHA512_transform_len_begin:
str r8, [sp, #20]
str r11, [sp, #24]
str r10, [sp, #28]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r1, #32]
ldr r5, [r1, #36]
-#else
- ldrd r4, r5, [r1, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [r1, #40]
ldr r7, [r1, #44]
-#else
- ldrd r6, r7, [r1, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r8, [r1, #48]
ldr r9, [r1, #52]
-#else
- ldrd r8, r9, [r1, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r10, [r1, #56]
ldr r11, [r1, #60]
-#else
- ldrd r10, r11, [r1, #56]
-#endif
rev r4, r4
rev r5, r5
rev r6, r6
@@ -386,30 +549,14 @@ L_SHA512_transform_len_begin:
str r8, [sp, #52]
str r11, [sp, #56]
str r10, [sp, #60]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r1, #64]
ldr r5, [r1, #68]
-#else
- ldrd r4, r5, [r1, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [r1, #72]
ldr r7, [r1, #76]
-#else
- ldrd r6, r7, [r1, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r8, [r1, #80]
ldr r9, [r1, #84]
-#else
- ldrd r8, r9, [r1, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r10, [r1, #88]
ldr r11, [r1, #92]
-#else
- ldrd r10, r11, [r1, #88]
-#endif
rev r4, r4
rev r5, r5
rev r6, r6
@@ -426,30 +573,14 @@ L_SHA512_transform_len_begin:
str r8, [sp, #84]
str r11, [sp, #88]
str r10, [sp, #92]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r4, [r1, #96]
ldr r5, [r1, #100]
-#else
- ldrd r4, r5, [r1, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r6, [r1, #104]
ldr r7, [r1, #108]
-#else
- ldrd r6, r7, [r1, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r8, [r1, #112]
ldr r9, [r1, #116]
-#else
- ldrd r8, r9, [r1, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
ldr r10, [r1, #120]
ldr r11, [r1, #124]
-#else
- ldrd r10, r11, [r1, #120]
-#endif
rev r4, r4
rev r5, r5
rev r6, r6
@@ -466,14 +597,15 @@ L_SHA512_transform_len_begin:
str r8, [sp, #116]
str r11, [sp, #120]
str r10, [sp, #124]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
# Pre-calc: b ^ c
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [r0, #8]
ldr r11, [r0, #12]
#else
ldrd r10, r11, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -485,7 +617,7 @@ L_SHA512_transform_len_begin:
# Start of 16 rounds
L_SHA512_transform_len_start:
# Round 0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -505,7 +637,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -515,25 +647,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
strd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -545,13 +677,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp]
ldr r9, [sp, #4]
#else
@@ -559,7 +691,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3]
ldr r7, [r3, #4]
#else
@@ -567,7 +699,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -575,7 +707,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -583,13 +715,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #24]
str r9, [r0, #28]
#else
@@ -609,7 +741,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -619,19 +751,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
ldrd r8, r9, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -643,7 +775,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
@@ -651,7 +783,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #56]
str r7, [r0, #60]
#else
@@ -660,7 +792,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[0]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #112]
ldr r5, [sp, #116]
#else
@@ -681,13 +813,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp]
ldr r5, [sp, #4]
#else
ldrd r4, r5, [sp]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #72]
ldr r9, [sp, #76]
#else
@@ -697,13 +829,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp]
str r5, [sp, #4]
#else
strd r4, r5, [sp]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #8]
ldr r5, [sp, #12]
#else
@@ -724,7 +856,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp]
ldr r5, [sp, #4]
#else
@@ -732,14 +864,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp]
str r5, [sp, #4]
#else
strd r4, r5, [sp]
#endif
# Round 1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -759,7 +891,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -769,25 +901,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
strd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -799,13 +931,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #8]
ldr r9, [sp, #12]
#else
@@ -813,7 +945,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #8]
ldr r7, [r3, #12]
#else
@@ -821,7 +953,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -829,7 +961,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -837,13 +969,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #16]
str r9, [r0, #20]
#else
@@ -863,7 +995,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -873,19 +1005,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
ldrd r8, r9, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -897,7 +1029,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
@@ -905,7 +1037,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #48]
str r7, [r0, #52]
#else
@@ -914,7 +1046,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[1]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #120]
ldr r5, [sp, #124]
#else
@@ -935,13 +1067,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #8]
ldr r5, [sp, #12]
#else
ldrd r4, r5, [sp, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #80]
ldr r9, [sp, #84]
#else
@@ -951,13 +1083,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #8]
str r5, [sp, #12]
#else
strd r4, r5, [sp, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #16]
ldr r5, [sp, #20]
#else
@@ -978,7 +1110,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #8]
ldr r5, [sp, #12]
#else
@@ -986,14 +1118,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #8]
str r5, [sp, #12]
#else
strd r4, r5, [sp, #8]
#endif
# Round 2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -1013,7 +1145,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -1023,25 +1155,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
strd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -1053,13 +1185,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #16]
ldr r9, [sp, #20]
#else
@@ -1067,7 +1199,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #16]
ldr r7, [r3, #20]
#else
@@ -1075,7 +1207,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -1083,7 +1215,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -1091,13 +1223,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #8]
str r9, [r0, #12]
#else
@@ -1117,7 +1249,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -1127,19 +1259,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
ldrd r8, r9, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -1151,7 +1283,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
@@ -1159,7 +1291,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #40]
str r7, [r0, #44]
#else
@@ -1168,7 +1300,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[2]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp]
ldr r5, [sp, #4]
#else
@@ -1189,13 +1321,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #16]
ldr r5, [sp, #20]
#else
ldrd r4, r5, [sp, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #88]
ldr r9, [sp, #92]
#else
@@ -1205,13 +1337,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #16]
str r5, [sp, #20]
#else
strd r4, r5, [sp, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #24]
ldr r5, [sp, #28]
#else
@@ -1232,7 +1364,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #16]
ldr r5, [sp, #20]
#else
@@ -1240,14 +1372,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #16]
str r5, [sp, #20]
#else
strd r4, r5, [sp, #16]
#endif
# Round 3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -1267,7 +1399,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -1277,25 +1409,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
strd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -1307,13 +1439,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #24]
ldr r9, [sp, #28]
#else
@@ -1321,7 +1453,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #24]
ldr r7, [r3, #28]
#else
@@ -1329,7 +1461,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -1337,7 +1469,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -1345,13 +1477,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0]
str r9, [r0, #4]
#else
@@ -1371,7 +1503,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -1381,19 +1513,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
ldrd r8, r9, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -1405,7 +1537,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
@@ -1413,7 +1545,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #32]
str r7, [r0, #36]
#else
@@ -1422,7 +1554,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[3]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #8]
ldr r5, [sp, #12]
#else
@@ -1443,13 +1575,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #24]
ldr r5, [sp, #28]
#else
ldrd r4, r5, [sp, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #96]
ldr r9, [sp, #100]
#else
@@ -1459,13 +1591,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #24]
str r5, [sp, #28]
#else
strd r4, r5, [sp, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #32]
ldr r5, [sp, #36]
#else
@@ -1486,7 +1618,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #24]
ldr r5, [sp, #28]
#else
@@ -1494,14 +1626,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #24]
str r5, [sp, #28]
#else
strd r4, r5, [sp, #24]
#endif
# Round 4
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -1521,7 +1653,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -1531,25 +1663,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
strd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -1561,13 +1693,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #32]
ldr r9, [sp, #36]
#else
@@ -1575,7 +1707,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #32]
ldr r7, [r3, #36]
#else
@@ -1583,7 +1715,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -1591,7 +1723,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -1599,13 +1731,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #56]
str r9, [r0, #60]
#else
@@ -1625,7 +1757,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -1635,19 +1767,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
ldrd r8, r9, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -1659,7 +1791,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
@@ -1667,7 +1799,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #24]
str r7, [r0, #28]
#else
@@ -1676,7 +1808,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[4]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #16]
ldr r5, [sp, #20]
#else
@@ -1697,13 +1829,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #32]
ldr r5, [sp, #36]
#else
ldrd r4, r5, [sp, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #104]
ldr r9, [sp, #108]
#else
@@ -1713,13 +1845,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #32]
str r5, [sp, #36]
#else
strd r4, r5, [sp, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #40]
ldr r5, [sp, #44]
#else
@@ -1740,7 +1872,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #32]
ldr r5, [sp, #36]
#else
@@ -1748,14 +1880,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #32]
str r5, [sp, #36]
#else
strd r4, r5, [sp, #32]
#endif
# Round 5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -1775,7 +1907,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -1785,25 +1917,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -1815,13 +1947,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #40]
ldr r9, [sp, #44]
#else
@@ -1829,7 +1961,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #40]
ldr r7, [r3, #44]
#else
@@ -1837,7 +1969,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -1845,7 +1977,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -1853,13 +1985,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #48]
str r9, [r0, #52]
#else
@@ -1879,7 +2011,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -1889,19 +2021,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
ldrd r8, r9, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -1913,7 +2045,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
@@ -1921,7 +2053,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #16]
str r7, [r0, #20]
#else
@@ -1930,7 +2062,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[5]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #24]
ldr r5, [sp, #28]
#else
@@ -1951,13 +2083,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #40]
ldr r5, [sp, #44]
#else
ldrd r4, r5, [sp, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #112]
ldr r9, [sp, #116]
#else
@@ -1967,13 +2099,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #40]
str r5, [sp, #44]
#else
strd r4, r5, [sp, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #48]
ldr r5, [sp, #52]
#else
@@ -1994,7 +2126,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #40]
ldr r5, [sp, #44]
#else
@@ -2002,14 +2134,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #40]
str r5, [sp, #44]
#else
strd r4, r5, [sp, #40]
#endif
# Round 6
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -2029,7 +2161,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -2039,25 +2171,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -2069,13 +2201,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #48]
ldr r9, [sp, #52]
#else
@@ -2083,7 +2215,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #48]
ldr r7, [r3, #52]
#else
@@ -2091,7 +2223,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -2099,7 +2231,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -2107,13 +2239,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #40]
str r9, [r0, #44]
#else
@@ -2133,7 +2265,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -2143,19 +2275,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
ldrd r8, r9, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -2167,7 +2299,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
@@ -2175,7 +2307,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #8]
str r7, [r0, #12]
#else
@@ -2184,7 +2316,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[6]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #32]
ldr r5, [sp, #36]
#else
@@ -2205,13 +2337,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #48]
ldr r5, [sp, #52]
#else
ldrd r4, r5, [sp, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #120]
ldr r9, [sp, #124]
#else
@@ -2221,13 +2353,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #48]
str r5, [sp, #52]
#else
strd r4, r5, [sp, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #56]
ldr r5, [sp, #60]
#else
@@ -2248,7 +2380,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #48]
ldr r5, [sp, #52]
#else
@@ -2256,14 +2388,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #48]
str r5, [sp, #52]
#else
strd r4, r5, [sp, #48]
#endif
# Round 7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -2283,7 +2415,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -2293,25 +2425,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -2323,13 +2455,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #56]
ldr r9, [sp, #60]
#else
@@ -2337,7 +2469,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #56]
ldr r7, [r3, #60]
#else
@@ -2345,7 +2477,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -2353,7 +2485,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -2361,13 +2493,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #32]
str r9, [r0, #36]
#else
@@ -2387,7 +2519,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -2397,19 +2529,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
ldrd r8, r9, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -2421,7 +2553,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
@@ -2429,7 +2561,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0]
str r7, [r0, #4]
#else
@@ -2438,7 +2570,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[7]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #40]
ldr r5, [sp, #44]
#else
@@ -2459,13 +2591,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #56]
ldr r5, [sp, #60]
#else
ldrd r4, r5, [sp, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp]
ldr r9, [sp, #4]
#else
@@ -2475,13 +2607,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #56]
str r5, [sp, #60]
#else
strd r4, r5, [sp, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #64]
ldr r5, [sp, #68]
#else
@@ -2502,7 +2634,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #56]
ldr r5, [sp, #60]
#else
@@ -2510,14 +2642,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #56]
str r5, [sp, #60]
#else
strd r4, r5, [sp, #56]
#endif
# Round 8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -2537,7 +2669,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -2547,25 +2679,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
strd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -2577,13 +2709,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #64]
ldr r9, [sp, #68]
#else
@@ -2591,7 +2723,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #64]
ldr r7, [r3, #68]
#else
@@ -2599,7 +2731,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -2607,7 +2739,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -2615,13 +2747,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #24]
str r9, [r0, #28]
#else
@@ -2641,7 +2773,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -2651,19 +2783,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
ldrd r8, r9, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -2675,7 +2807,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
@@ -2683,7 +2815,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #56]
str r7, [r0, #60]
#else
@@ -2692,7 +2824,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[8]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #48]
ldr r5, [sp, #52]
#else
@@ -2713,13 +2845,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #64]
ldr r5, [sp, #68]
#else
ldrd r4, r5, [sp, #64]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #8]
ldr r9, [sp, #12]
#else
@@ -2729,13 +2861,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #64]
str r5, [sp, #68]
#else
strd r4, r5, [sp, #64]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #72]
ldr r5, [sp, #76]
#else
@@ -2756,7 +2888,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #64]
ldr r5, [sp, #68]
#else
@@ -2764,14 +2896,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #64]
str r5, [sp, #68]
#else
strd r4, r5, [sp, #64]
#endif
# Round 9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -2791,7 +2923,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -2801,25 +2933,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
strd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -2831,13 +2963,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #72]
ldr r9, [sp, #76]
#else
@@ -2845,7 +2977,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #72]
ldr r7, [r3, #76]
#else
@@ -2853,7 +2985,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -2861,7 +2993,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -2869,13 +3001,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #16]
str r9, [r0, #20]
#else
@@ -2895,7 +3027,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -2905,19 +3037,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
ldrd r8, r9, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -2929,7 +3061,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
@@ -2937,7 +3069,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #48]
str r7, [r0, #52]
#else
@@ -2946,7 +3078,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[9]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #56]
ldr r5, [sp, #60]
#else
@@ -2967,13 +3099,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #72]
ldr r5, [sp, #76]
#else
ldrd r4, r5, [sp, #72]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #16]
ldr r9, [sp, #20]
#else
@@ -2983,13 +3115,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #72]
str r5, [sp, #76]
#else
strd r4, r5, [sp, #72]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #80]
ldr r5, [sp, #84]
#else
@@ -3010,7 +3142,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #72]
ldr r5, [sp, #76]
#else
@@ -3018,14 +3150,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #72]
str r5, [sp, #76]
#else
strd r4, r5, [sp, #72]
#endif
# Round 10
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -3045,7 +3177,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -3055,25 +3187,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
strd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -3085,13 +3217,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #80]
ldr r9, [sp, #84]
#else
@@ -3099,7 +3231,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #80]
ldr r7, [r3, #84]
#else
@@ -3107,7 +3239,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -3115,7 +3247,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -3123,13 +3255,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #8]
str r9, [r0, #12]
#else
@@ -3149,7 +3281,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -3159,19 +3291,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
ldrd r8, r9, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -3183,7 +3315,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
@@ -3191,7 +3323,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #40]
str r7, [r0, #44]
#else
@@ -3200,7 +3332,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[10]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #64]
ldr r5, [sp, #68]
#else
@@ -3221,13 +3353,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #80]
ldr r5, [sp, #84]
#else
ldrd r4, r5, [sp, #80]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #24]
ldr r9, [sp, #28]
#else
@@ -3237,13 +3369,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #80]
str r5, [sp, #84]
#else
strd r4, r5, [sp, #80]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #88]
ldr r5, [sp, #92]
#else
@@ -3264,7 +3396,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #80]
ldr r5, [sp, #84]
#else
@@ -3272,14 +3404,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #80]
str r5, [sp, #84]
#else
strd r4, r5, [sp, #80]
#endif
# Round 11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -3299,7 +3431,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -3309,25 +3441,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
strd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -3339,13 +3471,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #88]
ldr r9, [sp, #92]
#else
@@ -3353,7 +3485,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #88]
ldr r7, [r3, #92]
#else
@@ -3361,7 +3493,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -3369,7 +3501,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -3377,13 +3509,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0]
str r9, [r0, #4]
#else
@@ -3403,7 +3535,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -3413,19 +3545,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
ldrd r8, r9, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -3437,7 +3569,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
@@ -3445,7 +3577,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #32]
str r7, [r0, #36]
#else
@@ -3454,7 +3586,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[11]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #72]
ldr r5, [sp, #76]
#else
@@ -3475,13 +3607,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #88]
ldr r5, [sp, #92]
#else
ldrd r4, r5, [sp, #88]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #32]
ldr r9, [sp, #36]
#else
@@ -3491,13 +3623,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #88]
str r5, [sp, #92]
#else
strd r4, r5, [sp, #88]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #96]
ldr r5, [sp, #100]
#else
@@ -3518,7 +3650,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #88]
ldr r5, [sp, #92]
#else
@@ -3526,14 +3658,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #88]
str r5, [sp, #92]
#else
strd r4, r5, [sp, #88]
#endif
# Round 12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -3553,7 +3685,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -3563,25 +3695,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
strd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -3593,13 +3725,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #96]
ldr r9, [sp, #100]
#else
@@ -3607,7 +3739,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #96]
ldr r7, [r3, #100]
#else
@@ -3615,7 +3747,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -3623,7 +3755,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -3631,13 +3763,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #56]
str r9, [r0, #60]
#else
@@ -3657,7 +3789,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -3667,19 +3799,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
ldrd r8, r9, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -3691,7 +3823,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
@@ -3699,7 +3831,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #24]
str r7, [r0, #28]
#else
@@ -3708,7 +3840,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[12]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #80]
ldr r5, [sp, #84]
#else
@@ -3729,13 +3861,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #96]
ldr r5, [sp, #100]
#else
ldrd r4, r5, [sp, #96]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #40]
ldr r9, [sp, #44]
#else
@@ -3745,13 +3877,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #96]
str r5, [sp, #100]
#else
strd r4, r5, [sp, #96]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #104]
ldr r5, [sp, #108]
#else
@@ -3772,7 +3904,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #96]
ldr r5, [sp, #100]
#else
@@ -3780,14 +3912,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #96]
str r5, [sp, #100]
#else
strd r4, r5, [sp, #96]
#endif
# Round 13
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -3807,7 +3939,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -3817,25 +3949,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -3847,13 +3979,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #104]
ldr r9, [sp, #108]
#else
@@ -3861,7 +3993,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #104]
ldr r7, [r3, #108]
#else
@@ -3869,7 +4001,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -3877,7 +4009,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -3885,13 +4017,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #48]
str r9, [r0, #52]
#else
@@ -3911,7 +4043,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -3921,19 +4053,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
ldrd r8, r9, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -3945,7 +4077,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
@@ -3953,7 +4085,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #16]
str r7, [r0, #20]
#else
@@ -3962,7 +4094,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[13]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #88]
ldr r5, [sp, #92]
#else
@@ -3983,13 +4115,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #104]
ldr r5, [sp, #108]
#else
ldrd r4, r5, [sp, #104]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #48]
ldr r9, [sp, #52]
#else
@@ -3999,13 +4131,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #104]
str r5, [sp, #108]
#else
strd r4, r5, [sp, #104]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #112]
ldr r5, [sp, #116]
#else
@@ -4026,7 +4158,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #104]
ldr r5, [sp, #108]
#else
@@ -4034,14 +4166,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #104]
str r5, [sp, #108]
#else
strd r4, r5, [sp, #104]
#endif
# Round 14
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -4061,7 +4193,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -4071,25 +4203,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -4101,13 +4233,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #112]
ldr r9, [sp, #116]
#else
@@ -4115,7 +4247,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #112]
ldr r7, [r3, #116]
#else
@@ -4123,7 +4255,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -4131,7 +4263,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -4139,13 +4271,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #40]
str r9, [r0, #44]
#else
@@ -4165,7 +4297,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -4175,19 +4307,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
ldrd r8, r9, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -4199,7 +4331,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
@@ -4207,7 +4339,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #8]
str r7, [r0, #12]
#else
@@ -4216,7 +4348,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[14]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #96]
ldr r5, [sp, #100]
#else
@@ -4237,13 +4369,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #112]
ldr r5, [sp, #116]
#else
ldrd r4, r5, [sp, #112]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #56]
ldr r9, [sp, #60]
#else
@@ -4253,13 +4385,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #112]
str r5, [sp, #116]
#else
strd r4, r5, [sp, #112]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #120]
ldr r5, [sp, #124]
#else
@@ -4280,7 +4412,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #112]
ldr r5, [sp, #116]
#else
@@ -4288,14 +4420,14 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #112]
str r5, [sp, #116]
#else
strd r4, r5, [sp, #112]
#endif
# Round 15
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -4315,7 +4447,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -4325,25 +4457,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -4355,13 +4487,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #120]
ldr r9, [sp, #124]
#else
@@ -4369,7 +4501,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #120]
ldr r7, [r3, #124]
#else
@@ -4377,7 +4509,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -4385,7 +4517,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -4393,13 +4525,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #32]
str r9, [r0, #36]
#else
@@ -4419,7 +4551,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -4429,19 +4561,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
ldrd r8, r9, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -4453,7 +4585,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
@@ -4461,7 +4593,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0]
str r7, [r0, #4]
#else
@@ -4470,7 +4602,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Calc new W[15]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #104]
ldr r5, [sp, #108]
#else
@@ -4491,13 +4623,13 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #26
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #120]
ldr r5, [sp, #124]
#else
ldrd r4, r5, [sp, #120]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #64]
ldr r9, [sp, #68]
#else
@@ -4507,13 +4639,13 @@ L_SHA512_transform_len_start:
adc r5, r5, r7
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #120]
str r5, [sp, #124]
#else
strd r4, r5, [sp, #120]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp]
ldr r5, [sp, #4]
#else
@@ -4534,7 +4666,7 @@ L_SHA512_transform_len_start:
orr r8, r8, r5, lsl #25
eor r7, r7, r9
eor r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [sp, #120]
ldr r5, [sp, #124]
#else
@@ -4542,7 +4674,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #120]
str r5, [sp, #124]
#else
@@ -4552,7 +4684,7 @@ L_SHA512_transform_len_start:
subs r12, r12, #1
bne L_SHA512_transform_len_start
# Round 0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -4572,7 +4704,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -4582,25 +4714,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
strd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -4612,13 +4744,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp]
ldr r9, [sp, #4]
#else
@@ -4626,7 +4758,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3]
ldr r7, [r3, #4]
#else
@@ -4634,7 +4766,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -4642,7 +4774,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -4650,13 +4782,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #24]
str r9, [r0, #28]
#else
@@ -4676,7 +4808,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -4686,19 +4818,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
ldrd r8, r9, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -4710,7 +4842,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
@@ -4718,7 +4850,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #56]
str r7, [r0, #60]
#else
@@ -4727,7 +4859,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -4747,7 +4879,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -4757,25 +4889,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
strd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -4787,13 +4919,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #8]
ldr r9, [sp, #12]
#else
@@ -4801,7 +4933,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #8]
ldr r7, [r3, #12]
#else
@@ -4809,7 +4941,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -4817,7 +4949,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -4825,13 +4957,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #16]
str r9, [r0, #20]
#else
@@ -4851,7 +4983,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -4861,19 +4993,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
ldrd r8, r9, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -4885,7 +5017,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
@@ -4893,7 +5025,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #48]
str r7, [r0, #52]
#else
@@ -4902,7 +5034,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -4922,7 +5054,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -4932,25 +5064,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
strd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -4962,13 +5094,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #16]
ldr r9, [sp, #20]
#else
@@ -4976,7 +5108,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #16]
ldr r7, [r3, #20]
#else
@@ -4984,7 +5116,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -4992,7 +5124,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -5000,13 +5132,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #8]
str r9, [r0, #12]
#else
@@ -5026,7 +5158,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -5036,19 +5168,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
ldrd r8, r9, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -5060,7 +5192,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
@@ -5068,7 +5200,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #40]
str r7, [r0, #44]
#else
@@ -5077,7 +5209,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -5097,7 +5229,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -5107,25 +5239,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
strd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -5137,13 +5269,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #24]
ldr r9, [sp, #28]
#else
@@ -5151,7 +5283,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #24]
ldr r7, [r3, #28]
#else
@@ -5159,7 +5291,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -5167,7 +5299,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -5175,13 +5307,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0]
str r9, [r0, #4]
#else
@@ -5201,7 +5333,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -5211,19 +5343,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
ldrd r8, r9, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -5235,7 +5367,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
@@ -5243,7 +5375,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #32]
str r7, [r0, #36]
#else
@@ -5252,7 +5384,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 4
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -5272,7 +5404,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -5282,25 +5414,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
strd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -5312,13 +5444,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #32]
ldr r9, [sp, #36]
#else
@@ -5326,7 +5458,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #32]
ldr r7, [r3, #36]
#else
@@ -5334,7 +5466,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -5342,7 +5474,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -5350,13 +5482,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #56]
str r9, [r0, #60]
#else
@@ -5376,7 +5508,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -5386,19 +5518,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
ldrd r8, r9, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -5410,7 +5542,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
@@ -5418,7 +5550,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #24]
str r7, [r0, #28]
#else
@@ -5427,7 +5559,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -5447,7 +5579,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -5457,25 +5589,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -5487,13 +5619,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #40]
ldr r9, [sp, #44]
#else
@@ -5501,7 +5633,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #40]
ldr r7, [r3, #44]
#else
@@ -5509,7 +5641,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -5517,7 +5649,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -5525,13 +5657,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #48]
str r9, [r0, #52]
#else
@@ -5551,7 +5683,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -5561,19 +5693,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
ldrd r8, r9, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -5585,7 +5717,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
@@ -5593,7 +5725,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #16]
str r7, [r0, #20]
#else
@@ -5602,7 +5734,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 6
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -5622,7 +5754,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -5632,25 +5764,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -5662,13 +5794,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #48]
ldr r9, [sp, #52]
#else
@@ -5676,7 +5808,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #48]
ldr r7, [r3, #52]
#else
@@ -5684,7 +5816,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -5692,7 +5824,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -5700,13 +5832,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #40]
str r9, [r0, #44]
#else
@@ -5726,7 +5858,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -5736,19 +5868,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
ldrd r8, r9, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -5760,7 +5892,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
@@ -5768,7 +5900,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #8]
str r7, [r0, #12]
#else
@@ -5777,7 +5909,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -5797,7 +5929,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -5807,25 +5939,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -5837,13 +5969,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #56]
ldr r9, [sp, #60]
#else
@@ -5851,7 +5983,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #56]
ldr r7, [r3, #60]
#else
@@ -5859,7 +5991,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -5867,7 +5999,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -5875,13 +6007,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #32]
str r9, [r0, #36]
#else
@@ -5901,7 +6033,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -5911,19 +6043,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
ldrd r8, r9, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -5935,7 +6067,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
@@ -5943,7 +6075,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0]
str r7, [r0, #4]
#else
@@ -5952,7 +6084,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -5972,7 +6104,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -5982,25 +6114,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
strd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -6012,13 +6144,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #64]
ldr r9, [sp, #68]
#else
@@ -6026,7 +6158,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #64]
ldr r7, [r3, #68]
#else
@@ -6034,7 +6166,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -6042,7 +6174,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -6050,13 +6182,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #24]
str r9, [r0, #28]
#else
@@ -6076,7 +6208,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -6086,19 +6218,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
ldrd r8, r9, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #56]
str r5, [r0, #60]
#else
@@ -6110,7 +6242,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
@@ -6118,7 +6250,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #56]
str r7, [r0, #60]
#else
@@ -6127,7 +6259,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -6147,7 +6279,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -6157,25 +6289,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
strd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -6187,13 +6319,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #72]
ldr r9, [sp, #76]
#else
@@ -6201,7 +6333,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #72]
ldr r7, [r3, #76]
#else
@@ -6209,7 +6341,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -6217,7 +6349,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -6225,13 +6357,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #16]
str r9, [r0, #20]
#else
@@ -6251,7 +6383,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -6261,19 +6393,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
ldrd r8, r9, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
@@ -6285,7 +6417,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
@@ -6293,7 +6425,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #48]
str r7, [r0, #52]
#else
@@ -6302,7 +6434,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 10
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -6322,7 +6454,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -6332,25 +6464,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
strd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -6362,13 +6494,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #80]
ldr r9, [sp, #84]
#else
@@ -6376,7 +6508,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #80]
ldr r7, [r3, #84]
#else
@@ -6384,7 +6516,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -6392,7 +6524,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -6400,13 +6532,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #8]
str r9, [r0, #12]
#else
@@ -6426,7 +6558,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -6436,19 +6568,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
ldrd r8, r9, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #40]
str r5, [r0, #44]
#else
@@ -6460,7 +6592,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
@@ -6468,7 +6600,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #40]
str r7, [r0, #44]
#else
@@ -6477,7 +6609,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -6497,7 +6629,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -6507,25 +6639,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
strd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
@@ -6537,13 +6669,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #88]
ldr r9, [sp, #92]
#else
@@ -6551,7 +6683,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #88]
ldr r7, [r3, #92]
#else
@@ -6559,7 +6691,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -6567,7 +6699,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -6575,13 +6707,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0]
str r9, [r0, #4]
#else
@@ -6601,7 +6733,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
@@ -6611,19 +6743,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
ldrd r8, r9, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
@@ -6635,7 +6767,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
@@ -6643,7 +6775,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #32]
str r7, [r0, #36]
#else
@@ -6652,7 +6784,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -6672,7 +6804,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -6682,25 +6814,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
strd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
@@ -6712,13 +6844,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #96]
ldr r9, [sp, #100]
#else
@@ -6726,7 +6858,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #96]
ldr r7, [r3, #100]
#else
@@ -6734,7 +6866,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -6742,7 +6874,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -6750,13 +6882,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #56]
str r9, [r0, #60]
#else
@@ -6776,7 +6908,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
@@ -6786,19 +6918,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
ldrd r8, r9, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #24]
str r5, [r0, #28]
#else
@@ -6810,7 +6942,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
@@ -6818,7 +6950,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #24]
str r7, [r0, #28]
#else
@@ -6827,7 +6959,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 13
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
@@ -6847,7 +6979,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -6857,25 +6989,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #56]
ldr r5, [r0, #60]
#else
ldrd r4, r5, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
ldrd r6, r7, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
@@ -6887,13 +7019,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #104]
ldr r9, [sp, #108]
#else
@@ -6901,7 +7033,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #104]
ldr r7, [r3, #108]
#else
@@ -6909,7 +7041,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #48]
ldr r9, [r0, #52]
#else
@@ -6917,7 +7049,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -6925,13 +7057,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #24]
ldr r5, [r0, #28]
#else
ldrd r4, r5, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #48]
str r9, [r0, #52]
#else
@@ -6951,7 +7083,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
@@ -6961,19 +7093,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #24]
ldr r9, [r0, #28]
#else
ldrd r8, r9, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #32]
ldr r7, [r0, #36]
#else
ldrd r6, r7, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
@@ -6985,7 +7117,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
@@ -6993,7 +7125,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #16]
str r7, [r0, #20]
#else
@@ -7002,7 +7134,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 14
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
@@ -7022,7 +7154,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -7032,25 +7164,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
strd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0]
ldr r9, [r0, #4]
#else
@@ -7062,13 +7194,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #112]
ldr r9, [sp, #116]
#else
@@ -7076,7 +7208,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #112]
ldr r7, [r3, #116]
#else
@@ -7084,7 +7216,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #40]
ldr r9, [r0, #44]
#else
@@ -7092,7 +7224,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -7100,13 +7232,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #40]
str r9, [r0, #44]
#else
@@ -7126,7 +7258,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
@@ -7136,19 +7268,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #16]
ldr r9, [r0, #20]
#else
ldrd r8, r9, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #8]
str r5, [r0, #12]
#else
@@ -7160,7 +7292,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
@@ -7168,7 +7300,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #8]
str r7, [r0, #12]
#else
@@ -7177,7 +7309,7 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Round 15
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
@@ -7197,7 +7329,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #23
orr r9, r9, r4, lsr #9
orr r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -7207,25 +7339,25 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #40]
ldr r5, [r0, #44]
#else
ldrd r4, r5, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #48]
ldr r7, [r0, #52]
#else
ldrd r6, r7, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #56]
ldr r9, [r0, #60]
#else
@@ -7237,13 +7369,13 @@ L_SHA512_transform_len_start:
and r7, r7, r5
eor r6, r6, r8
eor r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #120]
ldr r9, [sp, #124]
#else
@@ -7251,7 +7383,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r3, #120]
ldr r7, [r3, #124]
#else
@@ -7259,7 +7391,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r8
adc r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #32]
ldr r9, [r0, #36]
#else
@@ -7267,7 +7399,7 @@ L_SHA512_transform_len_start:
#endif
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -7275,13 +7407,13 @@ L_SHA512_transform_len_start:
#endif
adds r8, r8, r4
adc r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #8]
ldr r5, [r0, #12]
#else
ldrd r4, r5, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r8, [r0, #32]
str r9, [r0, #36]
#else
@@ -7301,7 +7433,7 @@ L_SHA512_transform_len_start:
lsls r9, r5, #25
orr r9, r9, r4, lsr #7
orr r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
@@ -7311,19 +7443,19 @@ L_SHA512_transform_len_start:
eor r7, r7, r9
adds r4, r4, r6
adc r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [r0, #8]
ldr r9, [r0, #12]
#else
ldrd r8, r9, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #16]
ldr r7, [r0, #20]
#else
ldrd r6, r7, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
@@ -7335,7 +7467,7 @@ L_SHA512_transform_len_start:
and r11, r11, r9
eor r10, r10, r6
eor r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0]
ldr r7, [r0, #4]
#else
@@ -7343,7 +7475,7 @@ L_SHA512_transform_len_start:
#endif
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0]
str r7, [r0, #4]
#else
@@ -7352,25 +7484,25 @@ L_SHA512_transform_len_start:
mov r10, r8
mov r11, r9
# Add in digest from start
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0]
ldr r5, [r0, #4]
#else
ldrd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #8]
ldr r7, [r0, #12]
#else
ldrd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #128]
ldr r9, [sp, #132]
#else
ldrd r8, r9, [sp, #128]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [sp, #136]
ldr r11, [sp, #140]
#else
@@ -7380,49 +7512,49 @@ L_SHA512_transform_len_start:
adc r5, r5, r9
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0]
str r5, [r0, #4]
#else
strd r4, r5, [r0]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #8]
str r7, [r0, #12]
#else
strd r6, r7, [r0, #8]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #128]
str r5, [sp, #132]
#else
strd r4, r5, [sp, #128]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #136]
str r7, [sp, #140]
#else
strd r6, r7, [sp, #136]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #16]
ldr r5, [r0, #20]
#else
ldrd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #24]
ldr r7, [r0, #28]
#else
ldrd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #144]
ldr r9, [sp, #148]
#else
ldrd r8, r9, [sp, #144]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [sp, #152]
ldr r11, [sp, #156]
#else
@@ -7432,49 +7564,49 @@ L_SHA512_transform_len_start:
adc r5, r5, r9
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #16]
str r5, [r0, #20]
#else
strd r4, r5, [r0, #16]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #24]
str r7, [r0, #28]
#else
strd r6, r7, [r0, #24]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #144]
str r5, [sp, #148]
#else
strd r4, r5, [sp, #144]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #152]
str r7, [sp, #156]
#else
strd r6, r7, [sp, #152]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #32]
ldr r5, [r0, #36]
#else
ldrd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #40]
ldr r7, [r0, #44]
#else
ldrd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #160]
ldr r9, [sp, #164]
#else
ldrd r8, r9, [sp, #160]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [sp, #168]
ldr r11, [sp, #172]
#else
@@ -7484,49 +7616,49 @@ L_SHA512_transform_len_start:
adc r5, r5, r9
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #32]
str r5, [r0, #36]
#else
strd r4, r5, [r0, #32]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #40]
str r7, [r0, #44]
#else
strd r6, r7, [r0, #40]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #160]
str r5, [sp, #164]
#else
strd r4, r5, [sp, #160]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #168]
str r7, [sp, #172]
#else
strd r6, r7, [sp, #168]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r4, [r0, #48]
ldr r5, [r0, #52]
#else
ldrd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r6, [r0, #56]
ldr r7, [r0, #60]
#else
ldrd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r8, [sp, #176]
ldr r9, [sp, #180]
#else
ldrd r8, r9, [sp, #176]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
ldr r10, [sp, #184]
ldr r11, [sp, #188]
#else
@@ -7536,25 +7668,25 @@ L_SHA512_transform_len_start:
adc r5, r5, r9
adds r6, r6, r10
adc r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [r0, #48]
str r5, [r0, #52]
#else
strd r4, r5, [r0, #48]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [r0, #56]
str r7, [r0, #60]
#else
strd r6, r7, [r0, #56]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r4, [sp, #176]
str r5, [sp, #180]
#else
strd r4, r5, [sp, #176]
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
str r6, [sp, #184]
str r7, [sp, #188]
#else
@@ -7742,6 +7874,7 @@ L_SHA512_transform_neon_len_k:
.type Transform_Sha512_Len, %function
Transform_Sha512_Len:
vpush {d8-d15}
+ adr r3, L_SHA512_transform_neon_len_k
# Load digest into working vars
vldm.64 r0, {d0-d7}
# Start of loop processing a block
@@ -7778,7 +7911,6 @@ L_SHA512_transform_neon_len_begin:
vrev64.8 d30, d30
vrev64.8 d31, d31
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
- adr r3, L_SHA512_transform_neon_len_k
mov r12, #4
# Start of 16 rounds
L_SHA512_transform_neon_len_start:
@@ -9227,15 +9359,17 @@ L_SHA512_transform_neon_len_start:
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
vstm.64 r0, {d0-d7}
subs r2, r2, #0x80
+ sub r3, r3, #0x280
bne L_SHA512_transform_neon_len_begin
vpop {d8-d15}
bx lr
.size Transform_Sha512_Len,.-Transform_Sha512_Len
#endif /* !WOLFSSL_ARMASM_NO_NEON */
#endif /* WOLFSSL_SHA512 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
#endif /* WOLFSSL_ARMASM */
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
index 06f2bf4d..32c54d10 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
@@ -28,203 +28,178 @@
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
#include <stdint.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
#ifdef WOLFSSL_ARMASM_NO_NEON
static const uint64_t L_SHA512_transform_len_k[] = {
- 0x428a2f98d728ae22UL,
- 0x7137449123ef65cdUL,
- 0xb5c0fbcfec4d3b2fUL,
- 0xe9b5dba58189dbbcUL,
- 0x3956c25bf348b538UL,
- 0x59f111f1b605d019UL,
- 0x923f82a4af194f9bUL,
- 0xab1c5ed5da6d8118UL,
- 0xd807aa98a3030242UL,
- 0x12835b0145706fbeUL,
- 0x243185be4ee4b28cUL,
- 0x550c7dc3d5ffb4e2UL,
- 0x72be5d74f27b896fUL,
- 0x80deb1fe3b1696b1UL,
- 0x9bdc06a725c71235UL,
- 0xc19bf174cf692694UL,
- 0xe49b69c19ef14ad2UL,
- 0xefbe4786384f25e3UL,
- 0xfc19dc68b8cd5b5UL,
- 0x240ca1cc77ac9c65UL,
- 0x2de92c6f592b0275UL,
- 0x4a7484aa6ea6e483UL,
- 0x5cb0a9dcbd41fbd4UL,
- 0x76f988da831153b5UL,
- 0x983e5152ee66dfabUL,
- 0xa831c66d2db43210UL,
- 0xb00327c898fb213fUL,
- 0xbf597fc7beef0ee4UL,
- 0xc6e00bf33da88fc2UL,
- 0xd5a79147930aa725UL,
- 0x6ca6351e003826fUL,
- 0x142929670a0e6e70UL,
- 0x27b70a8546d22ffcUL,
- 0x2e1b21385c26c926UL,
- 0x4d2c6dfc5ac42aedUL,
- 0x53380d139d95b3dfUL,
- 0x650a73548baf63deUL,
- 0x766a0abb3c77b2a8UL,
- 0x81c2c92e47edaee6UL,
- 0x92722c851482353bUL,
- 0xa2bfe8a14cf10364UL,
- 0xa81a664bbc423001UL,
- 0xc24b8b70d0f89791UL,
- 0xc76c51a30654be30UL,
- 0xd192e819d6ef5218UL,
- 0xd69906245565a910UL,
- 0xf40e35855771202aUL,
- 0x106aa07032bbd1b8UL,
- 0x19a4c116b8d2d0c8UL,
- 0x1e376c085141ab53UL,
- 0x2748774cdf8eeb99UL,
- 0x34b0bcb5e19b48a8UL,
- 0x391c0cb3c5c95a63UL,
- 0x4ed8aa4ae3418acbUL,
- 0x5b9cca4f7763e373UL,
- 0x682e6ff3d6b2b8a3UL,
- 0x748f82ee5defb2fcUL,
- 0x78a5636f43172f60UL,
- 0x84c87814a1f0ab72UL,
- 0x8cc702081a6439ecUL,
- 0x90befffa23631e28UL,
- 0xa4506cebde82bde9UL,
- 0xbef9a3f7b2c67915UL,
- 0xc67178f2e372532bUL,
- 0xca273eceea26619cUL,
- 0xd186b8c721c0c207UL,
- 0xeada7dd6cde0eb1eUL,
- 0xf57d4f7fee6ed178UL,
- 0x6f067aa72176fbaUL,
- 0xa637dc5a2c898a6UL,
- 0x113f9804bef90daeUL,
- 0x1b710b35131c471bUL,
- 0x28db77f523047d84UL,
- 0x32caab7b40c72493UL,
- 0x3c9ebe0a15c9bebcUL,
- 0x431d67c49c100d4cUL,
- 0x4cc5d4becb3e42b6UL,
- 0x597f299cfc657e2aUL,
- 0x5fcb6fab3ad6faecUL,
- 0x6c44198c4a475817UL,
+ 0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+ 0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+ 0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+ 0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+ 0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+ 0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+ 0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+ 0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+ 0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+ 0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+ 0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+ 0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+ 0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+ 0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+ 0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+ 0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+ 0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+ 0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+ 0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+ 0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+ 0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+ 0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+ 0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+ 0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+ 0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+ 0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+ 0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+ 0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+ 0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+ 0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+ 0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+ 0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+ 0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+ 0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+ 0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+ 0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+ 0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+ 0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+ 0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+ 0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL,
};
-void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p);
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len);
void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
{
- register wc_Sha512* sha512 asm ("r0") = sha512_p;
- register const byte* data asm ("r1") = data_p;
- register word32 len asm ("r2") = len_p;
+ register wc_Sha512* sha512 asm ("r0") = (wc_Sha512*)sha512_p;
+ register const byte* data asm ("r1") = (const byte*)data_p;
+ register word32 len asm ("r2") = (word32)len_p;
+ register uint64_t* L_SHA512_transform_len_k_c asm ("r3") = (uint64_t*)&L_SHA512_transform_len_k;
__asm__ __volatile__ (
"sub sp, sp, #0xc0\n\t"
- "mov r3, %[L_SHA512_transform_len_k]\n\t"
/* Copy digest to add in at end */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
"ldrd r8, r9, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[sha512], #24]\n\t"
"ldr r11, [%[sha512], #28]\n\t"
#else
"ldrd r10, r11, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #128]\n\t"
"str r5, [sp, #132]\n\t"
#else
"strd r4, r5, [sp, #128]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #136]\n\t"
"str r7, [sp, #140]\n\t"
#else
"strd r6, r7, [sp, #136]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [sp, #144]\n\t"
"str r9, [sp, #148]\n\t"
#else
"strd r8, r9, [sp, #144]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [sp, #152]\n\t"
"str r11, [sp, #156]\n\t"
#else
"strd r10, r11, [sp, #152]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
"ldrd r8, r9, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[sha512], #56]\n\t"
"ldr r11, [%[sha512], #60]\n\t"
#else
"ldrd r10, r11, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #160]\n\t"
"str r5, [sp, #164]\n\t"
#else
"strd r4, r5, [sp, #160]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #168]\n\t"
"str r7, [sp, #172]\n\t"
#else
"strd r6, r7, [sp, #168]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [sp, #176]\n\t"
"str r9, [sp, #180]\n\t"
#else
"strd r8, r9, [sp, #176]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [sp, #184]\n\t"
"str r11, [sp, #188]\n\t"
#else
@@ -233,31 +208,209 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
/* Start of loop processing a block */
"\n"
"L_SHA512_transform_len_begin_%=: \n\t"
- /* Load, Reverse and Store W */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ /* Load, Reverse and Store W - 64 bytes */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
"ldr r4, [%[data]]\n\t"
"ldr r5, [%[data], #4]\n\t"
-#else
- "ldrd r4, r5, [%[data]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [%[data], #8]\n\t"
"ldr r7, [%[data], #12]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp]\n\t"
+ "str r4, [sp, #4]\n\t"
+ "str r7, [sp, #8]\n\t"
+ "str r6, [sp, #12]\n\t"
+ "ldr r4, [%[data], #16]\n\t"
+ "ldr r5, [%[data], #20]\n\t"
+ "ldr r6, [%[data], #24]\n\t"
+ "ldr r7, [%[data], #28]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #16]\n\t"
+ "str r4, [sp, #20]\n\t"
+ "str r7, [sp, #24]\n\t"
+ "str r6, [sp, #28]\n\t"
+ "ldr r4, [%[data], #32]\n\t"
+ "ldr r5, [%[data], #36]\n\t"
+ "ldr r6, [%[data], #40]\n\t"
+ "ldr r7, [%[data], #44]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #32]\n\t"
+ "str r4, [sp, #36]\n\t"
+ "str r7, [sp, #40]\n\t"
+ "str r6, [sp, #44]\n\t"
+ "ldr r4, [%[data], #48]\n\t"
+ "ldr r5, [%[data], #52]\n\t"
+ "ldr r6, [%[data], #56]\n\t"
+ "ldr r7, [%[data], #60]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #48]\n\t"
+ "str r4, [sp, #52]\n\t"
+ "str r7, [sp, #56]\n\t"
+ "str r6, [sp, #60]\n\t"
+ "ldr r4, [%[data], #64]\n\t"
+ "ldr r5, [%[data], #68]\n\t"
+ "ldr r6, [%[data], #72]\n\t"
+ "ldr r7, [%[data], #76]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #64]\n\t"
+ "str r4, [sp, #68]\n\t"
+ "str r7, [sp, #72]\n\t"
+ "str r6, [sp, #76]\n\t"
+ "ldr r4, [%[data], #80]\n\t"
+ "ldr r5, [%[data], #84]\n\t"
+ "ldr r6, [%[data], #88]\n\t"
+ "ldr r7, [%[data], #92]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #80]\n\t"
+ "str r4, [sp, #84]\n\t"
+ "str r7, [sp, #88]\n\t"
+ "str r6, [sp, #92]\n\t"
+ "ldr r4, [%[data], #96]\n\t"
+ "ldr r5, [%[data], #100]\n\t"
+ "ldr r6, [%[data], #104]\n\t"
+ "ldr r7, [%[data], #108]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #96]\n\t"
+ "str r4, [sp, #100]\n\t"
+ "str r7, [sp, #104]\n\t"
+ "str r6, [sp, #108]\n\t"
+ "ldr r4, [%[data], #112]\n\t"
+ "ldr r5, [%[data], #116]\n\t"
+ "ldr r6, [%[data], #120]\n\t"
+ "ldr r7, [%[data], #124]\n\t"
+ "eor r8, r4, r4, ror #16\n\t"
+ "eor r9, r5, r5, ror #16\n\t"
+ "eor r10, r6, r6, ror #16\n\t"
+ "eor r11, r7, r7, ror #16\n\t"
+ "bic r8, r8, #0xff0000\n\t"
+ "bic r9, r9, #0xff0000\n\t"
+ "bic r10, r10, #0xff0000\n\t"
+ "bic r11, r11, #0xff0000\n\t"
+ "ror r4, r4, #8\n\t"
+ "ror r5, r5, #8\n\t"
+ "ror r6, r6, #8\n\t"
+ "ror r7, r7, #8\n\t"
+ "eor r4, r4, r8, lsr #8\n\t"
+ "eor r5, r5, r9, lsr #8\n\t"
+ "eor r6, r6, r10, lsr #8\n\t"
+ "eor r7, r7, r11, lsr #8\n\t"
+ "str r5, [sp, #112]\n\t"
+ "str r4, [sp, #116]\n\t"
+ "str r7, [sp, #120]\n\t"
+ "str r6, [sp, #124]\n\t"
#else
- "ldrd r6, r7, [%[data], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ "ldr r4, [%[data]]\n\t"
+ "ldr r5, [%[data], #4]\n\t"
+ "ldr r6, [%[data], #8]\n\t"
+ "ldr r7, [%[data], #12]\n\t"
"ldr r8, [%[data], #16]\n\t"
"ldr r9, [%[data], #20]\n\t"
-#else
- "ldrd r8, r9, [%[data], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r10, [%[data], #24]\n\t"
"ldr r11, [%[data], #28]\n\t"
-#else
- "ldrd r10, r11, [%[data], #24]\n\t"
-#endif
"rev r4, r4\n\t"
"rev r5, r5\n\t"
"rev r6, r6\n\t"
@@ -274,30 +427,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"str r8, [sp, #20]\n\t"
"str r11, [sp, #24]\n\t"
"str r10, [sp, #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[data], #32]\n\t"
"ldr r5, [%[data], #36]\n\t"
-#else
- "ldrd r4, r5, [%[data], #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [%[data], #40]\n\t"
"ldr r7, [%[data], #44]\n\t"
-#else
- "ldrd r6, r7, [%[data], #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r8, [%[data], #48]\n\t"
"ldr r9, [%[data], #52]\n\t"
-#else
- "ldrd r8, r9, [%[data], #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r10, [%[data], #56]\n\t"
"ldr r11, [%[data], #60]\n\t"
-#else
- "ldrd r10, r11, [%[data], #56]\n\t"
-#endif
"rev r4, r4\n\t"
"rev r5, r5\n\t"
"rev r6, r6\n\t"
@@ -314,30 +451,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"str r8, [sp, #52]\n\t"
"str r11, [sp, #56]\n\t"
"str r10, [sp, #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[data], #64]\n\t"
"ldr r5, [%[data], #68]\n\t"
-#else
- "ldrd r4, r5, [%[data], #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [%[data], #72]\n\t"
"ldr r7, [%[data], #76]\n\t"
-#else
- "ldrd r6, r7, [%[data], #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r8, [%[data], #80]\n\t"
"ldr r9, [%[data], #84]\n\t"
-#else
- "ldrd r8, r9, [%[data], #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r10, [%[data], #88]\n\t"
"ldr r11, [%[data], #92]\n\t"
-#else
- "ldrd r10, r11, [%[data], #88]\n\t"
-#endif
"rev r4, r4\n\t"
"rev r5, r5\n\t"
"rev r6, r6\n\t"
@@ -354,30 +475,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"str r8, [sp, #84]\n\t"
"str r11, [sp, #88]\n\t"
"str r10, [sp, #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r4, [%[data], #96]\n\t"
"ldr r5, [%[data], #100]\n\t"
-#else
- "ldrd r4, r5, [%[data], #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r6, [%[data], #104]\n\t"
"ldr r7, [%[data], #108]\n\t"
-#else
- "ldrd r6, r7, [%[data], #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r8, [%[data], #112]\n\t"
"ldr r9, [%[data], #116]\n\t"
-#else
- "ldrd r8, r9, [%[data], #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
"ldr r10, [%[data], #120]\n\t"
"ldr r11, [%[data], #124]\n\t"
-#else
- "ldrd r10, r11, [%[data], #120]\n\t"
-#endif
"rev r4, r4\n\t"
"rev r5, r5\n\t"
"rev r6, r6\n\t"
@@ -394,14 +499,15 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"str r8, [sp, #116]\n\t"
"str r11, [sp, #120]\n\t"
"str r10, [sp, #124]\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
/* Pre-calc: b ^ c */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [%[sha512], #8]\n\t"
"ldr r11, [%[sha512], #12]\n\t"
#else
"ldrd r10, r11, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -414,7 +520,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"\n"
"L_SHA512_transform_len_start_%=: \n\t"
/* Round 0 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -434,7 +540,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -444,25 +550,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
"strd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -474,13 +580,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp]\n\t"
"ldr r9, [sp, #4]\n\t"
#else
@@ -488,7 +594,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3]\n\t"
"ldr r7, [r3, #4]\n\t"
#else
@@ -496,7 +602,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -504,7 +610,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -512,13 +618,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #24]\n\t"
"str r9, [%[sha512], #28]\n\t"
#else
@@ -538,7 +644,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -548,19 +654,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
"ldrd r8, r9, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -572,7 +678,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
@@ -580,7 +686,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #56]\n\t"
"str r7, [%[sha512], #60]\n\t"
#else
@@ -589,7 +695,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[0] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #112]\n\t"
"ldr r5, [sp, #116]\n\t"
#else
@@ -610,13 +716,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp]\n\t"
"ldr r5, [sp, #4]\n\t"
#else
"ldrd r4, r5, [sp]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #72]\n\t"
"ldr r9, [sp, #76]\n\t"
#else
@@ -626,13 +732,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp]\n\t"
"str r5, [sp, #4]\n\t"
#else
"strd r4, r5, [sp]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #8]\n\t"
"ldr r5, [sp, #12]\n\t"
#else
@@ -653,7 +759,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp]\n\t"
"ldr r5, [sp, #4]\n\t"
#else
@@ -661,14 +767,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp]\n\t"
"str r5, [sp, #4]\n\t"
#else
"strd r4, r5, [sp]\n\t"
#endif
/* Round 1 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -688,7 +794,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -698,25 +804,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
"strd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -728,13 +834,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #8]\n\t"
"ldr r9, [sp, #12]\n\t"
#else
@@ -742,7 +848,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #8]\n\t"
"ldr r7, [r3, #12]\n\t"
#else
@@ -750,7 +856,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -758,7 +864,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -766,13 +872,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #16]\n\t"
"str r9, [%[sha512], #20]\n\t"
#else
@@ -792,7 +898,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -802,19 +908,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
"ldrd r8, r9, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -826,7 +932,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
@@ -834,7 +940,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #48]\n\t"
"str r7, [%[sha512], #52]\n\t"
#else
@@ -843,7 +949,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[1] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #120]\n\t"
"ldr r5, [sp, #124]\n\t"
#else
@@ -864,13 +970,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #8]\n\t"
"ldr r5, [sp, #12]\n\t"
#else
"ldrd r4, r5, [sp, #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #80]\n\t"
"ldr r9, [sp, #84]\n\t"
#else
@@ -880,13 +986,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #8]\n\t"
"str r5, [sp, #12]\n\t"
#else
"strd r4, r5, [sp, #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #16]\n\t"
"ldr r5, [sp, #20]\n\t"
#else
@@ -907,7 +1013,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #8]\n\t"
"ldr r5, [sp, #12]\n\t"
#else
@@ -915,14 +1021,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #8]\n\t"
"str r5, [sp, #12]\n\t"
#else
"strd r4, r5, [sp, #8]\n\t"
#endif
/* Round 2 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -942,7 +1048,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -952,25 +1058,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
"strd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -982,13 +1088,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #16]\n\t"
"ldr r9, [sp, #20]\n\t"
#else
@@ -996,7 +1102,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #16]\n\t"
"ldr r7, [r3, #20]\n\t"
#else
@@ -1004,7 +1110,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -1012,7 +1118,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -1020,13 +1126,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #8]\n\t"
"str r9, [%[sha512], #12]\n\t"
#else
@@ -1046,7 +1152,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -1056,19 +1162,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
"ldrd r8, r9, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -1080,7 +1186,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
@@ -1088,7 +1194,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #40]\n\t"
"str r7, [%[sha512], #44]\n\t"
#else
@@ -1097,7 +1203,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[2] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp]\n\t"
"ldr r5, [sp, #4]\n\t"
#else
@@ -1118,13 +1224,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #16]\n\t"
"ldr r5, [sp, #20]\n\t"
#else
"ldrd r4, r5, [sp, #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #88]\n\t"
"ldr r9, [sp, #92]\n\t"
#else
@@ -1134,13 +1240,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #16]\n\t"
"str r5, [sp, #20]\n\t"
#else
"strd r4, r5, [sp, #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #24]\n\t"
"ldr r5, [sp, #28]\n\t"
#else
@@ -1161,7 +1267,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #16]\n\t"
"ldr r5, [sp, #20]\n\t"
#else
@@ -1169,14 +1275,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #16]\n\t"
"str r5, [sp, #20]\n\t"
#else
"strd r4, r5, [sp, #16]\n\t"
#endif
/* Round 3 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -1196,7 +1302,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -1206,25 +1312,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
"strd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -1236,13 +1342,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #24]\n\t"
"ldr r9, [sp, #28]\n\t"
#else
@@ -1250,7 +1356,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #24]\n\t"
"ldr r7, [r3, #28]\n\t"
#else
@@ -1258,7 +1364,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -1266,7 +1372,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -1274,13 +1380,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512]]\n\t"
"str r9, [%[sha512], #4]\n\t"
#else
@@ -1300,7 +1406,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -1310,19 +1416,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
"ldrd r8, r9, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -1334,7 +1440,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
@@ -1342,7 +1448,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #32]\n\t"
"str r7, [%[sha512], #36]\n\t"
#else
@@ -1351,7 +1457,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[3] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #8]\n\t"
"ldr r5, [sp, #12]\n\t"
#else
@@ -1372,13 +1478,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #24]\n\t"
"ldr r5, [sp, #28]\n\t"
#else
"ldrd r4, r5, [sp, #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #96]\n\t"
"ldr r9, [sp, #100]\n\t"
#else
@@ -1388,13 +1494,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #24]\n\t"
"str r5, [sp, #28]\n\t"
#else
"strd r4, r5, [sp, #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #32]\n\t"
"ldr r5, [sp, #36]\n\t"
#else
@@ -1415,7 +1521,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #24]\n\t"
"ldr r5, [sp, #28]\n\t"
#else
@@ -1423,14 +1529,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #24]\n\t"
"str r5, [sp, #28]\n\t"
#else
"strd r4, r5, [sp, #24]\n\t"
#endif
/* Round 4 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -1450,7 +1556,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -1460,25 +1566,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
"strd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -1490,13 +1596,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #32]\n\t"
"ldr r9, [sp, #36]\n\t"
#else
@@ -1504,7 +1610,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #32]\n\t"
"ldr r7, [r3, #36]\n\t"
#else
@@ -1512,7 +1618,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -1520,7 +1626,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -1528,13 +1634,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #56]\n\t"
"str r9, [%[sha512], #60]\n\t"
#else
@@ -1554,7 +1660,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -1564,19 +1670,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
"ldrd r8, r9, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -1588,7 +1694,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
@@ -1596,7 +1702,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #24]\n\t"
"str r7, [%[sha512], #28]\n\t"
#else
@@ -1605,7 +1711,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[4] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #16]\n\t"
"ldr r5, [sp, #20]\n\t"
#else
@@ -1626,13 +1732,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #32]\n\t"
"ldr r5, [sp, #36]\n\t"
#else
"ldrd r4, r5, [sp, #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #104]\n\t"
"ldr r9, [sp, #108]\n\t"
#else
@@ -1642,13 +1748,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #32]\n\t"
"str r5, [sp, #36]\n\t"
#else
"strd r4, r5, [sp, #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #40]\n\t"
"ldr r5, [sp, #44]\n\t"
#else
@@ -1669,7 +1775,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #32]\n\t"
"ldr r5, [sp, #36]\n\t"
#else
@@ -1677,14 +1783,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #32]\n\t"
"str r5, [sp, #36]\n\t"
#else
"strd r4, r5, [sp, #32]\n\t"
#endif
/* Round 5 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -1704,7 +1810,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -1714,25 +1820,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
"strd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -1744,13 +1850,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #40]\n\t"
"ldr r9, [sp, #44]\n\t"
#else
@@ -1758,7 +1864,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #40]\n\t"
"ldr r7, [r3, #44]\n\t"
#else
@@ -1766,7 +1872,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -1774,7 +1880,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -1782,13 +1888,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #48]\n\t"
"str r9, [%[sha512], #52]\n\t"
#else
@@ -1808,7 +1914,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -1818,19 +1924,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
"ldrd r8, r9, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -1842,7 +1948,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
@@ -1850,7 +1956,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #16]\n\t"
"str r7, [%[sha512], #20]\n\t"
#else
@@ -1859,7 +1965,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[5] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #24]\n\t"
"ldr r5, [sp, #28]\n\t"
#else
@@ -1880,13 +1986,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #40]\n\t"
"ldr r5, [sp, #44]\n\t"
#else
"ldrd r4, r5, [sp, #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #112]\n\t"
"ldr r9, [sp, #116]\n\t"
#else
@@ -1896,13 +2002,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #40]\n\t"
"str r5, [sp, #44]\n\t"
#else
"strd r4, r5, [sp, #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #48]\n\t"
"ldr r5, [sp, #52]\n\t"
#else
@@ -1923,7 +2029,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #40]\n\t"
"ldr r5, [sp, #44]\n\t"
#else
@@ -1931,14 +2037,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #40]\n\t"
"str r5, [sp, #44]\n\t"
#else
"strd r4, r5, [sp, #40]\n\t"
#endif
/* Round 6 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -1958,7 +2064,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -1968,25 +2074,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
"strd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -1998,13 +2104,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #48]\n\t"
"ldr r9, [sp, #52]\n\t"
#else
@@ -2012,7 +2118,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #48]\n\t"
"ldr r7, [r3, #52]\n\t"
#else
@@ -2020,7 +2126,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -2028,7 +2134,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -2036,13 +2142,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #40]\n\t"
"str r9, [%[sha512], #44]\n\t"
#else
@@ -2062,7 +2168,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -2072,19 +2178,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
"ldrd r8, r9, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -2096,7 +2202,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
@@ -2104,7 +2210,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #8]\n\t"
"str r7, [%[sha512], #12]\n\t"
#else
@@ -2113,7 +2219,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[6] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #32]\n\t"
"ldr r5, [sp, #36]\n\t"
#else
@@ -2134,13 +2240,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #48]\n\t"
"ldr r5, [sp, #52]\n\t"
#else
"ldrd r4, r5, [sp, #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #120]\n\t"
"ldr r9, [sp, #124]\n\t"
#else
@@ -2150,13 +2256,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #48]\n\t"
"str r5, [sp, #52]\n\t"
#else
"strd r4, r5, [sp, #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #56]\n\t"
"ldr r5, [sp, #60]\n\t"
#else
@@ -2177,7 +2283,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #48]\n\t"
"ldr r5, [sp, #52]\n\t"
#else
@@ -2185,14 +2291,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #48]\n\t"
"str r5, [sp, #52]\n\t"
#else
"strd r4, r5, [sp, #48]\n\t"
#endif
/* Round 7 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -2212,7 +2318,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -2222,25 +2328,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
"strd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -2252,13 +2358,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #56]\n\t"
"ldr r9, [sp, #60]\n\t"
#else
@@ -2266,7 +2372,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #56]\n\t"
"ldr r7, [r3, #60]\n\t"
#else
@@ -2274,7 +2380,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -2282,7 +2388,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -2290,13 +2396,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #32]\n\t"
"str r9, [%[sha512], #36]\n\t"
#else
@@ -2316,7 +2422,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -2326,19 +2432,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
"ldrd r8, r9, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -2350,7 +2456,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
@@ -2358,7 +2464,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512]]\n\t"
"str r7, [%[sha512], #4]\n\t"
#else
@@ -2367,7 +2473,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #40]\n\t"
"ldr r5, [sp, #44]\n\t"
#else
@@ -2388,13 +2494,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #56]\n\t"
"ldr r5, [sp, #60]\n\t"
#else
"ldrd r4, r5, [sp, #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp]\n\t"
"ldr r9, [sp, #4]\n\t"
#else
@@ -2404,13 +2510,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #56]\n\t"
"str r5, [sp, #60]\n\t"
#else
"strd r4, r5, [sp, #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #64]\n\t"
"ldr r5, [sp, #68]\n\t"
#else
@@ -2431,7 +2537,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #56]\n\t"
"ldr r5, [sp, #60]\n\t"
#else
@@ -2439,14 +2545,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #56]\n\t"
"str r5, [sp, #60]\n\t"
#else
"strd r4, r5, [sp, #56]\n\t"
#endif
/* Round 8 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -2466,7 +2572,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -2476,25 +2582,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
"strd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -2506,13 +2612,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #64]\n\t"
"ldr r9, [sp, #68]\n\t"
#else
@@ -2520,7 +2626,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #64]\n\t"
"ldr r7, [r3, #68]\n\t"
#else
@@ -2528,7 +2634,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -2536,7 +2642,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -2544,13 +2650,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #24]\n\t"
"str r9, [%[sha512], #28]\n\t"
#else
@@ -2570,7 +2676,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -2580,19 +2686,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
"ldrd r8, r9, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -2604,7 +2710,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
@@ -2612,7 +2718,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #56]\n\t"
"str r7, [%[sha512], #60]\n\t"
#else
@@ -2621,7 +2727,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[8] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #48]\n\t"
"ldr r5, [sp, #52]\n\t"
#else
@@ -2642,13 +2748,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #64]\n\t"
"ldr r5, [sp, #68]\n\t"
#else
"ldrd r4, r5, [sp, #64]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #8]\n\t"
"ldr r9, [sp, #12]\n\t"
#else
@@ -2658,13 +2764,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #64]\n\t"
"str r5, [sp, #68]\n\t"
#else
"strd r4, r5, [sp, #64]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #72]\n\t"
"ldr r5, [sp, #76]\n\t"
#else
@@ -2685,7 +2791,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #64]\n\t"
"ldr r5, [sp, #68]\n\t"
#else
@@ -2693,14 +2799,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #64]\n\t"
"str r5, [sp, #68]\n\t"
#else
"strd r4, r5, [sp, #64]\n\t"
#endif
/* Round 9 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -2720,7 +2826,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -2730,25 +2836,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
"strd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -2760,13 +2866,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #72]\n\t"
"ldr r9, [sp, #76]\n\t"
#else
@@ -2774,7 +2880,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #72]\n\t"
"ldr r7, [r3, #76]\n\t"
#else
@@ -2782,7 +2888,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -2790,7 +2896,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -2798,13 +2904,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #16]\n\t"
"str r9, [%[sha512], #20]\n\t"
#else
@@ -2824,7 +2930,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -2834,19 +2940,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
"ldrd r8, r9, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -2858,7 +2964,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
@@ -2866,7 +2972,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #48]\n\t"
"str r7, [%[sha512], #52]\n\t"
#else
@@ -2875,7 +2981,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[9] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #56]\n\t"
"ldr r5, [sp, #60]\n\t"
#else
@@ -2896,13 +3002,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #72]\n\t"
"ldr r5, [sp, #76]\n\t"
#else
"ldrd r4, r5, [sp, #72]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #16]\n\t"
"ldr r9, [sp, #20]\n\t"
#else
@@ -2912,13 +3018,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #72]\n\t"
"str r5, [sp, #76]\n\t"
#else
"strd r4, r5, [sp, #72]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #80]\n\t"
"ldr r5, [sp, #84]\n\t"
#else
@@ -2939,7 +3045,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #72]\n\t"
"ldr r5, [sp, #76]\n\t"
#else
@@ -2947,14 +3053,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #72]\n\t"
"str r5, [sp, #76]\n\t"
#else
"strd r4, r5, [sp, #72]\n\t"
#endif
/* Round 10 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -2974,7 +3080,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -2984,25 +3090,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
"strd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -3014,13 +3120,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #80]\n\t"
"ldr r9, [sp, #84]\n\t"
#else
@@ -3028,7 +3134,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #80]\n\t"
"ldr r7, [r3, #84]\n\t"
#else
@@ -3036,7 +3142,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -3044,7 +3150,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -3052,13 +3158,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #8]\n\t"
"str r9, [%[sha512], #12]\n\t"
#else
@@ -3078,7 +3184,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -3088,19 +3194,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
"ldrd r8, r9, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -3112,7 +3218,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
@@ -3120,7 +3226,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #40]\n\t"
"str r7, [%[sha512], #44]\n\t"
#else
@@ -3129,7 +3235,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[10] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #64]\n\t"
"ldr r5, [sp, #68]\n\t"
#else
@@ -3150,13 +3256,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #80]\n\t"
"ldr r5, [sp, #84]\n\t"
#else
"ldrd r4, r5, [sp, #80]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #24]\n\t"
"ldr r9, [sp, #28]\n\t"
#else
@@ -3166,13 +3272,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #80]\n\t"
"str r5, [sp, #84]\n\t"
#else
"strd r4, r5, [sp, #80]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #88]\n\t"
"ldr r5, [sp, #92]\n\t"
#else
@@ -3193,7 +3299,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #80]\n\t"
"ldr r5, [sp, #84]\n\t"
#else
@@ -3201,14 +3307,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #80]\n\t"
"str r5, [sp, #84]\n\t"
#else
"strd r4, r5, [sp, #80]\n\t"
#endif
/* Round 11 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -3228,7 +3334,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -3238,25 +3344,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
"strd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -3268,13 +3374,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #88]\n\t"
"ldr r9, [sp, #92]\n\t"
#else
@@ -3282,7 +3388,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #88]\n\t"
"ldr r7, [r3, #92]\n\t"
#else
@@ -3290,7 +3396,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -3298,7 +3404,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -3306,13 +3412,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512]]\n\t"
"str r9, [%[sha512], #4]\n\t"
#else
@@ -3332,7 +3438,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -3342,19 +3448,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
"ldrd r8, r9, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -3366,7 +3472,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
@@ -3374,7 +3480,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #32]\n\t"
"str r7, [%[sha512], #36]\n\t"
#else
@@ -3383,7 +3489,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #72]\n\t"
"ldr r5, [sp, #76]\n\t"
#else
@@ -3404,13 +3510,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #88]\n\t"
"ldr r5, [sp, #92]\n\t"
#else
"ldrd r4, r5, [sp, #88]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #32]\n\t"
"ldr r9, [sp, #36]\n\t"
#else
@@ -3420,13 +3526,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #88]\n\t"
"str r5, [sp, #92]\n\t"
#else
"strd r4, r5, [sp, #88]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #96]\n\t"
"ldr r5, [sp, #100]\n\t"
#else
@@ -3447,7 +3553,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #88]\n\t"
"ldr r5, [sp, #92]\n\t"
#else
@@ -3455,14 +3561,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #88]\n\t"
"str r5, [sp, #92]\n\t"
#else
"strd r4, r5, [sp, #88]\n\t"
#endif
/* Round 12 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -3482,7 +3588,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -3492,25 +3598,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
"strd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -3522,13 +3628,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #96]\n\t"
"ldr r9, [sp, #100]\n\t"
#else
@@ -3536,7 +3642,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #96]\n\t"
"ldr r7, [r3, #100]\n\t"
#else
@@ -3544,7 +3650,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -3552,7 +3658,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -3560,13 +3666,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #56]\n\t"
"str r9, [%[sha512], #60]\n\t"
#else
@@ -3586,7 +3692,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -3596,19 +3702,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
"ldrd r8, r9, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -3620,7 +3726,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
@@ -3628,7 +3734,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #24]\n\t"
"str r7, [%[sha512], #28]\n\t"
#else
@@ -3637,7 +3743,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[12] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #80]\n\t"
"ldr r5, [sp, #84]\n\t"
#else
@@ -3658,13 +3764,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #96]\n\t"
"ldr r5, [sp, #100]\n\t"
#else
"ldrd r4, r5, [sp, #96]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #40]\n\t"
"ldr r9, [sp, #44]\n\t"
#else
@@ -3674,13 +3780,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #96]\n\t"
"str r5, [sp, #100]\n\t"
#else
"strd r4, r5, [sp, #96]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #104]\n\t"
"ldr r5, [sp, #108]\n\t"
#else
@@ -3701,7 +3807,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #96]\n\t"
"ldr r5, [sp, #100]\n\t"
#else
@@ -3709,14 +3815,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #96]\n\t"
"str r5, [sp, #100]\n\t"
#else
"strd r4, r5, [sp, #96]\n\t"
#endif
/* Round 13 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -3736,7 +3842,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -3746,25 +3852,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
"strd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -3776,13 +3882,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #104]\n\t"
"ldr r9, [sp, #108]\n\t"
#else
@@ -3790,7 +3896,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #104]\n\t"
"ldr r7, [r3, #108]\n\t"
#else
@@ -3798,7 +3904,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -3806,7 +3912,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -3814,13 +3920,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #48]\n\t"
"str r9, [%[sha512], #52]\n\t"
#else
@@ -3840,7 +3946,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -3850,19 +3956,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
"ldrd r8, r9, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -3874,7 +3980,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
@@ -3882,7 +3988,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #16]\n\t"
"str r7, [%[sha512], #20]\n\t"
#else
@@ -3891,7 +3997,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[13] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #88]\n\t"
"ldr r5, [sp, #92]\n\t"
#else
@@ -3912,13 +4018,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #104]\n\t"
"ldr r5, [sp, #108]\n\t"
#else
"ldrd r4, r5, [sp, #104]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #48]\n\t"
"ldr r9, [sp, #52]\n\t"
#else
@@ -3928,13 +4034,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #104]\n\t"
"str r5, [sp, #108]\n\t"
#else
"strd r4, r5, [sp, #104]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #112]\n\t"
"ldr r5, [sp, #116]\n\t"
#else
@@ -3955,7 +4061,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #104]\n\t"
"ldr r5, [sp, #108]\n\t"
#else
@@ -3963,14 +4069,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #104]\n\t"
"str r5, [sp, #108]\n\t"
#else
"strd r4, r5, [sp, #104]\n\t"
#endif
/* Round 14 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -3990,7 +4096,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -4000,25 +4106,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
"strd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -4030,13 +4136,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #112]\n\t"
"ldr r9, [sp, #116]\n\t"
#else
@@ -4044,7 +4150,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #112]\n\t"
"ldr r7, [r3, #116]\n\t"
#else
@@ -4052,7 +4158,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -4060,7 +4166,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -4068,13 +4174,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #40]\n\t"
"str r9, [%[sha512], #44]\n\t"
#else
@@ -4094,7 +4200,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -4104,19 +4210,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
"ldrd r8, r9, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -4128,7 +4234,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
@@ -4136,7 +4242,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #8]\n\t"
"str r7, [%[sha512], #12]\n\t"
#else
@@ -4145,7 +4251,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[14] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #96]\n\t"
"ldr r5, [sp, #100]\n\t"
#else
@@ -4166,13 +4272,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #112]\n\t"
"ldr r5, [sp, #116]\n\t"
#else
"ldrd r4, r5, [sp, #112]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #56]\n\t"
"ldr r9, [sp, #60]\n\t"
#else
@@ -4182,13 +4288,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #112]\n\t"
"str r5, [sp, #116]\n\t"
#else
"strd r4, r5, [sp, #112]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #120]\n\t"
"ldr r5, [sp, #124]\n\t"
#else
@@ -4209,7 +4315,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #112]\n\t"
"ldr r5, [sp, #116]\n\t"
#else
@@ -4217,14 +4323,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #112]\n\t"
"str r5, [sp, #116]\n\t"
#else
"strd r4, r5, [sp, #112]\n\t"
#endif
/* Round 15 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -4244,7 +4350,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -4254,25 +4360,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
"strd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -4284,13 +4390,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #120]\n\t"
"ldr r9, [sp, #124]\n\t"
#else
@@ -4298,7 +4404,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #120]\n\t"
"ldr r7, [r3, #124]\n\t"
#else
@@ -4306,7 +4412,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -4314,7 +4420,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -4322,13 +4428,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #32]\n\t"
"str r9, [%[sha512], #36]\n\t"
#else
@@ -4348,7 +4454,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -4358,19 +4464,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
"ldrd r8, r9, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -4382,7 +4488,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
@@ -4390,7 +4496,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512]]\n\t"
"str r7, [%[sha512], #4]\n\t"
#else
@@ -4399,7 +4505,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Calc new W[15] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #104]\n\t"
"ldr r5, [sp, #108]\n\t"
#else
@@ -4420,13 +4526,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #26\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #120]\n\t"
"ldr r5, [sp, #124]\n\t"
#else
"ldrd r4, r5, [sp, #120]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #64]\n\t"
"ldr r9, [sp, #68]\n\t"
#else
@@ -4436,13 +4542,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r7\n\t"
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #120]\n\t"
"str r5, [sp, #124]\n\t"
#else
"strd r4, r5, [sp, #120]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp]\n\t"
"ldr r5, [sp, #4]\n\t"
#else
@@ -4463,7 +4569,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"orr r8, r8, r5, lsl #25\n\t"
"eor r7, r7, r9\n\t"
"eor r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [sp, #120]\n\t"
"ldr r5, [sp, #124]\n\t"
#else
@@ -4471,7 +4577,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #120]\n\t"
"str r5, [sp, #124]\n\t"
#else
@@ -4481,7 +4587,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"subs r12, r12, #1\n\t"
"bne L_SHA512_transform_len_start_%=\n\t"
/* Round 0 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -4501,7 +4607,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -4511,25 +4617,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
"strd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -4541,13 +4647,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp]\n\t"
"ldr r9, [sp, #4]\n\t"
#else
@@ -4555,7 +4661,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3]\n\t"
"ldr r7, [r3, #4]\n\t"
#else
@@ -4563,7 +4669,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -4571,7 +4677,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -4579,13 +4685,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #24]\n\t"
"str r9, [%[sha512], #28]\n\t"
#else
@@ -4605,7 +4711,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -4615,19 +4721,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
"ldrd r8, r9, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -4639,7 +4745,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
@@ -4647,7 +4753,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #56]\n\t"
"str r7, [%[sha512], #60]\n\t"
#else
@@ -4656,7 +4762,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 1 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -4676,7 +4782,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -4686,25 +4792,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
"strd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -4716,13 +4822,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #8]\n\t"
"ldr r9, [sp, #12]\n\t"
#else
@@ -4730,7 +4836,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #8]\n\t"
"ldr r7, [r3, #12]\n\t"
#else
@@ -4738,7 +4844,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -4746,7 +4852,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -4754,13 +4860,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #16]\n\t"
"str r9, [%[sha512], #20]\n\t"
#else
@@ -4780,7 +4886,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -4790,19 +4896,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
"ldrd r8, r9, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -4814,7 +4920,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
@@ -4822,7 +4928,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #48]\n\t"
"str r7, [%[sha512], #52]\n\t"
#else
@@ -4831,7 +4937,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 2 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -4851,7 +4957,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -4861,25 +4967,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
"strd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -4891,13 +4997,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #16]\n\t"
"ldr r9, [sp, #20]\n\t"
#else
@@ -4905,7 +5011,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #16]\n\t"
"ldr r7, [r3, #20]\n\t"
#else
@@ -4913,7 +5019,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -4921,7 +5027,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -4929,13 +5035,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #8]\n\t"
"str r9, [%[sha512], #12]\n\t"
#else
@@ -4955,7 +5061,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -4965,19 +5071,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
"ldrd r8, r9, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -4989,7 +5095,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
@@ -4997,7 +5103,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #40]\n\t"
"str r7, [%[sha512], #44]\n\t"
#else
@@ -5006,7 +5112,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 3 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -5026,7 +5132,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -5036,25 +5142,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
"strd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -5066,13 +5172,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #24]\n\t"
"ldr r9, [sp, #28]\n\t"
#else
@@ -5080,7 +5186,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #24]\n\t"
"ldr r7, [r3, #28]\n\t"
#else
@@ -5088,7 +5194,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -5096,7 +5202,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -5104,13 +5210,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512]]\n\t"
"str r9, [%[sha512], #4]\n\t"
#else
@@ -5130,7 +5236,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -5140,19 +5246,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
"ldrd r8, r9, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -5164,7 +5270,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
@@ -5172,7 +5278,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #32]\n\t"
"str r7, [%[sha512], #36]\n\t"
#else
@@ -5181,7 +5287,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 4 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -5201,7 +5307,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -5211,25 +5317,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
"strd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -5241,13 +5347,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #32]\n\t"
"ldr r9, [sp, #36]\n\t"
#else
@@ -5255,7 +5361,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #32]\n\t"
"ldr r7, [r3, #36]\n\t"
#else
@@ -5263,7 +5369,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -5271,7 +5377,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -5279,13 +5385,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #56]\n\t"
"str r9, [%[sha512], #60]\n\t"
#else
@@ -5305,7 +5411,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -5315,19 +5421,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
"ldrd r8, r9, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -5339,7 +5445,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
@@ -5347,7 +5453,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #24]\n\t"
"str r7, [%[sha512], #28]\n\t"
#else
@@ -5356,7 +5462,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 5 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -5376,7 +5482,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -5386,25 +5492,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
"strd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -5416,13 +5522,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #40]\n\t"
"ldr r9, [sp, #44]\n\t"
#else
@@ -5430,7 +5536,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #40]\n\t"
"ldr r7, [r3, #44]\n\t"
#else
@@ -5438,7 +5544,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -5446,7 +5552,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -5454,13 +5560,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #48]\n\t"
"str r9, [%[sha512], #52]\n\t"
#else
@@ -5480,7 +5586,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -5490,19 +5596,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
"ldrd r8, r9, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -5514,7 +5620,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
@@ -5522,7 +5628,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #16]\n\t"
"str r7, [%[sha512], #20]\n\t"
#else
@@ -5531,7 +5637,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 6 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -5551,7 +5657,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -5561,25 +5667,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
"strd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -5591,13 +5697,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #48]\n\t"
"ldr r9, [sp, #52]\n\t"
#else
@@ -5605,7 +5711,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #48]\n\t"
"ldr r7, [r3, #52]\n\t"
#else
@@ -5613,7 +5719,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -5621,7 +5727,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -5629,13 +5735,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #40]\n\t"
"str r9, [%[sha512], #44]\n\t"
#else
@@ -5655,7 +5761,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -5665,19 +5771,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
"ldrd r8, r9, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -5689,7 +5795,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
@@ -5697,7 +5803,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #8]\n\t"
"str r7, [%[sha512], #12]\n\t"
#else
@@ -5706,7 +5812,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 7 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -5726,7 +5832,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -5736,25 +5842,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
"strd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -5766,13 +5872,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #56]\n\t"
"ldr r9, [sp, #60]\n\t"
#else
@@ -5780,7 +5886,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #56]\n\t"
"ldr r7, [r3, #60]\n\t"
#else
@@ -5788,7 +5894,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -5796,7 +5902,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -5804,13 +5910,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #32]\n\t"
"str r9, [%[sha512], #36]\n\t"
#else
@@ -5830,7 +5936,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -5840,19 +5946,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
"ldrd r8, r9, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -5864,7 +5970,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
@@ -5872,7 +5978,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512]]\n\t"
"str r7, [%[sha512], #4]\n\t"
#else
@@ -5881,7 +5987,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 8 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -5901,7 +6007,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -5911,25 +6017,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
"strd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -5941,13 +6047,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #64]\n\t"
"ldr r9, [sp, #68]\n\t"
#else
@@ -5955,7 +6061,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #64]\n\t"
"ldr r7, [r3, #68]\n\t"
#else
@@ -5963,7 +6069,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -5971,7 +6077,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -5979,13 +6085,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #24]\n\t"
"str r9, [%[sha512], #28]\n\t"
#else
@@ -6005,7 +6111,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -6015,19 +6121,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
"ldrd r8, r9, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #56]\n\t"
"str r5, [%[sha512], #60]\n\t"
#else
@@ -6039,7 +6145,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
@@ -6047,7 +6153,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #56]\n\t"
"str r7, [%[sha512], #60]\n\t"
#else
@@ -6056,7 +6162,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 9 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -6076,7 +6182,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -6086,25 +6192,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
"strd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -6116,13 +6222,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #72]\n\t"
"ldr r9, [sp, #76]\n\t"
#else
@@ -6130,7 +6236,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #72]\n\t"
"ldr r7, [r3, #76]\n\t"
#else
@@ -6138,7 +6244,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -6146,7 +6252,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -6154,13 +6260,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #16]\n\t"
"str r9, [%[sha512], #20]\n\t"
#else
@@ -6180,7 +6286,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -6190,19 +6296,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
"ldrd r8, r9, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
@@ -6214,7 +6320,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
@@ -6222,7 +6328,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #48]\n\t"
"str r7, [%[sha512], #52]\n\t"
#else
@@ -6231,7 +6337,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 10 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -6251,7 +6357,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -6261,25 +6367,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
"strd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -6291,13 +6397,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #80]\n\t"
"ldr r9, [sp, #84]\n\t"
#else
@@ -6305,7 +6411,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #80]\n\t"
"ldr r7, [r3, #84]\n\t"
#else
@@ -6313,7 +6419,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -6321,7 +6427,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -6329,13 +6435,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #8]\n\t"
"str r9, [%[sha512], #12]\n\t"
#else
@@ -6355,7 +6461,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -6365,19 +6471,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
"ldrd r8, r9, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #40]\n\t"
"str r5, [%[sha512], #44]\n\t"
#else
@@ -6389,7 +6495,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
@@ -6397,7 +6503,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #40]\n\t"
"str r7, [%[sha512], #44]\n\t"
#else
@@ -6406,7 +6512,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 11 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -6426,7 +6532,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -6436,25 +6542,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
"strd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
@@ -6466,13 +6572,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #88]\n\t"
"ldr r9, [sp, #92]\n\t"
#else
@@ -6480,7 +6586,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #88]\n\t"
"ldr r7, [r3, #92]\n\t"
#else
@@ -6488,7 +6594,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -6496,7 +6602,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -6504,13 +6610,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512]]\n\t"
"str r9, [%[sha512], #4]\n\t"
#else
@@ -6530,7 +6636,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
@@ -6540,19 +6646,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
"ldrd r8, r9, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
@@ -6564,7 +6670,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
@@ -6572,7 +6678,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #32]\n\t"
"str r7, [%[sha512], #36]\n\t"
#else
@@ -6581,7 +6687,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 12 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -6601,7 +6707,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -6611,25 +6717,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
"strd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
@@ -6641,13 +6747,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #96]\n\t"
"ldr r9, [sp, #100]\n\t"
#else
@@ -6655,7 +6761,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #96]\n\t"
"ldr r7, [r3, #100]\n\t"
#else
@@ -6663,7 +6769,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -6671,7 +6777,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -6679,13 +6785,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #56]\n\t"
"str r9, [%[sha512], #60]\n\t"
#else
@@ -6705,7 +6811,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
@@ -6715,19 +6821,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
"ldrd r8, r9, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #24]\n\t"
"str r5, [%[sha512], #28]\n\t"
#else
@@ -6739,7 +6845,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
@@ -6747,7 +6853,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #24]\n\t"
"str r7, [%[sha512], #28]\n\t"
#else
@@ -6756,7 +6862,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 13 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
@@ -6776,7 +6882,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -6786,25 +6892,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
"strd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #56]\n\t"
"ldr r5, [%[sha512], #60]\n\t"
#else
"ldrd r4, r5, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
"ldrd r6, r7, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
@@ -6816,13 +6922,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #104]\n\t"
"ldr r9, [sp, #108]\n\t"
#else
@@ -6830,7 +6936,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #104]\n\t"
"ldr r7, [r3, #108]\n\t"
#else
@@ -6838,7 +6944,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #48]\n\t"
"ldr r9, [%[sha512], #52]\n\t"
#else
@@ -6846,7 +6952,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -6854,13 +6960,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #24]\n\t"
"ldr r5, [%[sha512], #28]\n\t"
#else
"ldrd r4, r5, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #48]\n\t"
"str r9, [%[sha512], #52]\n\t"
#else
@@ -6880,7 +6986,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
@@ -6890,19 +6996,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #24]\n\t"
"ldr r9, [%[sha512], #28]\n\t"
#else
"ldrd r8, r9, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #32]\n\t"
"ldr r7, [%[sha512], #36]\n\t"
#else
"ldrd r6, r7, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
@@ -6914,7 +7020,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
@@ -6922,7 +7028,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #16]\n\t"
"str r7, [%[sha512], #20]\n\t"
#else
@@ -6931,7 +7037,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 14 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
@@ -6951,7 +7057,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -6961,25 +7067,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
"strd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512]]\n\t"
"ldr r9, [%[sha512], #4]\n\t"
#else
@@ -6991,13 +7097,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #112]\n\t"
"ldr r9, [sp, #116]\n\t"
#else
@@ -7005,7 +7111,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #112]\n\t"
"ldr r7, [r3, #116]\n\t"
#else
@@ -7013,7 +7119,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #40]\n\t"
"ldr r9, [%[sha512], #44]\n\t"
#else
@@ -7021,7 +7127,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -7029,13 +7135,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #40]\n\t"
"str r9, [%[sha512], #44]\n\t"
#else
@@ -7055,7 +7161,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
@@ -7065,19 +7171,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #16]\n\t"
"ldr r9, [%[sha512], #20]\n\t"
#else
"ldrd r8, r9, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #8]\n\t"
"str r5, [%[sha512], #12]\n\t"
#else
@@ -7089,7 +7195,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
@@ -7097,7 +7203,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #8]\n\t"
"str r7, [%[sha512], #12]\n\t"
#else
@@ -7106,7 +7212,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Round 15 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
@@ -7126,7 +7232,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #23\n\t"
"orr r9, r9, r4, lsr #9\n\t"
"orr r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -7136,25 +7242,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
"strd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #40]\n\t"
"ldr r5, [%[sha512], #44]\n\t"
#else
"ldrd r4, r5, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #48]\n\t"
"ldr r7, [%[sha512], #52]\n\t"
#else
"ldrd r6, r7, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #56]\n\t"
"ldr r9, [%[sha512], #60]\n\t"
#else
@@ -7166,13 +7272,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r7, r7, r5\n\t"
"eor r6, r6, r8\n\t"
"eor r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #120]\n\t"
"ldr r9, [sp, #124]\n\t"
#else
@@ -7180,7 +7286,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [r3, #120]\n\t"
"ldr r7, [r3, #124]\n\t"
#else
@@ -7188,7 +7294,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r8\n\t"
"adc r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #32]\n\t"
"ldr r9, [%[sha512], #36]\n\t"
#else
@@ -7196,7 +7302,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -7204,13 +7310,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r8, r8, r4\n\t"
"adc r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #8]\n\t"
"ldr r5, [%[sha512], #12]\n\t"
#else
"ldrd r4, r5, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[sha512], #32]\n\t"
"str r9, [%[sha512], #36]\n\t"
#else
@@ -7230,7 +7336,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"lsls r9, r5, #25\n\t"
"orr r9, r9, r4, lsr #7\n\t"
"orr r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
@@ -7240,19 +7346,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"eor r7, r7, r9\n\t"
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[sha512], #8]\n\t"
"ldr r9, [%[sha512], #12]\n\t"
#else
"ldrd r8, r9, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #16]\n\t"
"ldr r7, [%[sha512], #20]\n\t"
#else
"ldrd r6, r7, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
@@ -7264,7 +7370,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"and r11, r11, r9\n\t"
"eor r10, r10, r6\n\t"
"eor r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512]]\n\t"
"ldr r7, [%[sha512], #4]\n\t"
#else
@@ -7272,7 +7378,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512]]\n\t"
"str r7, [%[sha512], #4]\n\t"
#else
@@ -7281,25 +7387,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"mov r10, r8\n\t"
"mov r11, r9\n\t"
/* Add in digest from start */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512]]\n\t"
"ldr r5, [%[sha512], #4]\n\t"
#else
"ldrd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #8]\n\t"
"ldr r7, [%[sha512], #12]\n\t"
#else
"ldrd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #128]\n\t"
"ldr r9, [sp, #132]\n\t"
#else
"ldrd r8, r9, [sp, #128]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [sp, #136]\n\t"
"ldr r11, [sp, #140]\n\t"
#else
@@ -7309,49 +7415,49 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r9\n\t"
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512]]\n\t"
"str r5, [%[sha512], #4]\n\t"
#else
"strd r4, r5, [%[sha512]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #8]\n\t"
"str r7, [%[sha512], #12]\n\t"
#else
"strd r6, r7, [%[sha512], #8]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #128]\n\t"
"str r5, [sp, #132]\n\t"
#else
"strd r4, r5, [sp, #128]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #136]\n\t"
"str r7, [sp, #140]\n\t"
#else
"strd r6, r7, [sp, #136]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #16]\n\t"
"ldr r5, [%[sha512], #20]\n\t"
#else
"ldrd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #24]\n\t"
"ldr r7, [%[sha512], #28]\n\t"
#else
"ldrd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #144]\n\t"
"ldr r9, [sp, #148]\n\t"
#else
"ldrd r8, r9, [sp, #144]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [sp, #152]\n\t"
"ldr r11, [sp, #156]\n\t"
#else
@@ -7361,49 +7467,49 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r9\n\t"
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #16]\n\t"
"str r5, [%[sha512], #20]\n\t"
#else
"strd r4, r5, [%[sha512], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #24]\n\t"
"str r7, [%[sha512], #28]\n\t"
#else
"strd r6, r7, [%[sha512], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #144]\n\t"
"str r5, [sp, #148]\n\t"
#else
"strd r4, r5, [sp, #144]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #152]\n\t"
"str r7, [sp, #156]\n\t"
#else
"strd r6, r7, [sp, #152]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #32]\n\t"
"ldr r5, [%[sha512], #36]\n\t"
#else
"ldrd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #40]\n\t"
"ldr r7, [%[sha512], #44]\n\t"
#else
"ldrd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #160]\n\t"
"ldr r9, [sp, #164]\n\t"
#else
"ldrd r8, r9, [sp, #160]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [sp, #168]\n\t"
"ldr r11, [sp, #172]\n\t"
#else
@@ -7413,49 +7519,49 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r9\n\t"
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #32]\n\t"
"str r5, [%[sha512], #36]\n\t"
#else
"strd r4, r5, [%[sha512], #32]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #40]\n\t"
"str r7, [%[sha512], #44]\n\t"
#else
"strd r6, r7, [%[sha512], #40]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #160]\n\t"
"str r5, [sp, #164]\n\t"
#else
"strd r4, r5, [sp, #160]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #168]\n\t"
"str r7, [sp, #172]\n\t"
#else
"strd r6, r7, [sp, #168]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[sha512], #48]\n\t"
"ldr r5, [%[sha512], #52]\n\t"
#else
"ldrd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[sha512], #56]\n\t"
"ldr r7, [%[sha512], #60]\n\t"
#else
"ldrd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [sp, #176]\n\t"
"ldr r9, [sp, #180]\n\t"
#else
"ldrd r8, r9, [sp, #176]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r10, [sp, #184]\n\t"
"ldr r11, [sp, #188]\n\t"
#else
@@ -7465,25 +7571,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"adc r5, r5, r9\n\t"
"adds r6, r6, r10\n\t"
"adc r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[sha512], #48]\n\t"
"str r5, [%[sha512], #52]\n\t"
#else
"strd r4, r5, [%[sha512], #48]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[sha512], #56]\n\t"
"str r7, [%[sha512], #60]\n\t"
#else
"strd r6, r7, [%[sha512], #56]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [sp, #176]\n\t"
"str r5, [sp, #180]\n\t"
#else
"strd r4, r5, [sp, #176]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [sp, #184]\n\t"
"str r7, [sp, #188]\n\t"
#else
@@ -7495,9 +7601,9 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"bne L_SHA512_transform_len_begin_%=\n\t"
"eor r0, r0, r0\n\t"
"add sp, sp, #0xc0\n\t"
- : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
- : [L_SHA512_transform_len_k] "r" (L_SHA512_transform_len_k)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len), [L_SHA512_transform_len_k] "+r" (L_SHA512_transform_len_k_c)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -7506,94 +7612,55 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#ifndef WOLFSSL_ARMASM_NO_NEON
static const uint64_t L_SHA512_transform_neon_len_k[] = {
- 0x428a2f98d728ae22UL,
- 0x7137449123ef65cdUL,
- 0xb5c0fbcfec4d3b2fUL,
- 0xe9b5dba58189dbbcUL,
- 0x3956c25bf348b538UL,
- 0x59f111f1b605d019UL,
- 0x923f82a4af194f9bUL,
- 0xab1c5ed5da6d8118UL,
- 0xd807aa98a3030242UL,
- 0x12835b0145706fbeUL,
- 0x243185be4ee4b28cUL,
- 0x550c7dc3d5ffb4e2UL,
- 0x72be5d74f27b896fUL,
- 0x80deb1fe3b1696b1UL,
- 0x9bdc06a725c71235UL,
- 0xc19bf174cf692694UL,
- 0xe49b69c19ef14ad2UL,
- 0xefbe4786384f25e3UL,
- 0xfc19dc68b8cd5b5UL,
- 0x240ca1cc77ac9c65UL,
- 0x2de92c6f592b0275UL,
- 0x4a7484aa6ea6e483UL,
- 0x5cb0a9dcbd41fbd4UL,
- 0x76f988da831153b5UL,
- 0x983e5152ee66dfabUL,
- 0xa831c66d2db43210UL,
- 0xb00327c898fb213fUL,
- 0xbf597fc7beef0ee4UL,
- 0xc6e00bf33da88fc2UL,
- 0xd5a79147930aa725UL,
- 0x6ca6351e003826fUL,
- 0x142929670a0e6e70UL,
- 0x27b70a8546d22ffcUL,
- 0x2e1b21385c26c926UL,
- 0x4d2c6dfc5ac42aedUL,
- 0x53380d139d95b3dfUL,
- 0x650a73548baf63deUL,
- 0x766a0abb3c77b2a8UL,
- 0x81c2c92e47edaee6UL,
- 0x92722c851482353bUL,
- 0xa2bfe8a14cf10364UL,
- 0xa81a664bbc423001UL,
- 0xc24b8b70d0f89791UL,
- 0xc76c51a30654be30UL,
- 0xd192e819d6ef5218UL,
- 0xd69906245565a910UL,
- 0xf40e35855771202aUL,
- 0x106aa07032bbd1b8UL,
- 0x19a4c116b8d2d0c8UL,
- 0x1e376c085141ab53UL,
- 0x2748774cdf8eeb99UL,
- 0x34b0bcb5e19b48a8UL,
- 0x391c0cb3c5c95a63UL,
- 0x4ed8aa4ae3418acbUL,
- 0x5b9cca4f7763e373UL,
- 0x682e6ff3d6b2b8a3UL,
- 0x748f82ee5defb2fcUL,
- 0x78a5636f43172f60UL,
- 0x84c87814a1f0ab72UL,
- 0x8cc702081a6439ecUL,
- 0x90befffa23631e28UL,
- 0xa4506cebde82bde9UL,
- 0xbef9a3f7b2c67915UL,
- 0xc67178f2e372532bUL,
- 0xca273eceea26619cUL,
- 0xd186b8c721c0c207UL,
- 0xeada7dd6cde0eb1eUL,
- 0xf57d4f7fee6ed178UL,
- 0x6f067aa72176fbaUL,
- 0xa637dc5a2c898a6UL,
- 0x113f9804bef90daeUL,
- 0x1b710b35131c471bUL,
- 0x28db77f523047d84UL,
- 0x32caab7b40c72493UL,
- 0x3c9ebe0a15c9bebcUL,
- 0x431d67c49c100d4cUL,
- 0x4cc5d4becb3e42b6UL,
- 0x597f299cfc657e2aUL,
- 0x5fcb6fab3ad6faecUL,
- 0x6c44198c4a475817UL,
+ 0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+ 0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+ 0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+ 0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+ 0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+ 0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+ 0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+ 0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+ 0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+ 0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+ 0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+ 0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+ 0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+ 0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+ 0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+ 0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+ 0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+ 0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+ 0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+ 0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+ 0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+ 0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+ 0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+ 0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+ 0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+ 0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+ 0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+ 0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+ 0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+ 0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+ 0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+ 0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+ 0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+ 0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+ 0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+ 0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+ 0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+ 0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+ 0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+ 0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL,
};
-void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p);
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len);
void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
{
- register wc_Sha512* sha512 asm ("r0") = sha512_p;
- register const byte* data asm ("r1") = data_p;
- register word32 len asm ("r2") = len_p;
+ register wc_Sha512* sha512 asm ("r0") = (wc_Sha512*)sha512_p;
+ register const byte* data asm ("r1") = (const byte*)data_p;
+ register word32 len asm ("r2") = (word32)len_p;
+ register uint64_t* L_SHA512_transform_neon_len_k_c asm ("r3") = (uint64_t*)&L_SHA512_transform_neon_len_k;
__asm__ __volatile__ (
/* Load digest into working vars */
@@ -7633,13 +7700,12 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vrev64.8 d30, d30\n\t"
"vrev64.8 d31, d31\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
- "mov r3, %[L_SHA512_transform_neon_len_k]\n\t"
"mov r12, #4\n\t"
/* Start of 16 rounds */
"\n"
"L_SHA512_transform_neon_len_start_%=: \n\t"
/* Round 0 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d4, #50\n\t"
"vsri.u64 d8, d4, #14\n\t"
"vshl.u64 d9, d0, #36\n\t"
@@ -7668,7 +7734,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d3, d7\n\t"
"vadd.i64 d7, d10\n\t"
/* Round 1 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d3, #50\n\t"
"vsri.u64 d8, d3, #14\n\t"
"vshl.u64 d9, d7, #36\n\t"
@@ -7759,7 +7825,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d17, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 2 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d2, #50\n\t"
"vsri.u64 d8, d2, #14\n\t"
"vshl.u64 d9, d6, #36\n\t"
@@ -7788,7 +7854,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d1, d5\n\t"
"vadd.i64 d5, d10\n\t"
/* Round 3 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d1, #50\n\t"
"vsri.u64 d8, d1, #14\n\t"
"vshl.u64 d9, d5, #36\n\t"
@@ -7879,7 +7945,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d19, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 4 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d0, #50\n\t"
"vsri.u64 d8, d0, #14\n\t"
"vshl.u64 d9, d4, #36\n\t"
@@ -7908,7 +7974,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d7, d3\n\t"
"vadd.i64 d3, d10\n\t"
/* Round 5 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d7, #50\n\t"
"vsri.u64 d8, d7, #14\n\t"
"vshl.u64 d9, d3, #36\n\t"
@@ -7999,7 +8065,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d21, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 6 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d6, #50\n\t"
"vsri.u64 d8, d6, #14\n\t"
"vshl.u64 d9, d2, #36\n\t"
@@ -8028,7 +8094,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d5, d1\n\t"
"vadd.i64 d1, d10\n\t"
/* Round 7 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d5, #50\n\t"
"vsri.u64 d8, d5, #14\n\t"
"vshl.u64 d9, d1, #36\n\t"
@@ -8119,7 +8185,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d23, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 8 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d4, #50\n\t"
"vsri.u64 d8, d4, #14\n\t"
"vshl.u64 d9, d0, #36\n\t"
@@ -8148,7 +8214,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d3, d7\n\t"
"vadd.i64 d7, d10\n\t"
/* Round 9 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d3, #50\n\t"
"vsri.u64 d8, d3, #14\n\t"
"vshl.u64 d9, d7, #36\n\t"
@@ -8239,7 +8305,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d25, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 10 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d2, #50\n\t"
"vsri.u64 d8, d2, #14\n\t"
"vshl.u64 d9, d6, #36\n\t"
@@ -8268,7 +8334,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d1, d5\n\t"
"vadd.i64 d5, d10\n\t"
/* Round 11 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d1, #50\n\t"
"vsri.u64 d8, d1, #14\n\t"
"vshl.u64 d9, d5, #36\n\t"
@@ -8359,7 +8425,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d27, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 12 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d0, #50\n\t"
"vsri.u64 d8, d0, #14\n\t"
"vshl.u64 d9, d4, #36\n\t"
@@ -8388,7 +8454,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d7, d3\n\t"
"vadd.i64 d3, d10\n\t"
/* Round 13 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d7, #50\n\t"
"vsri.u64 d8, d7, #14\n\t"
"vshl.u64 d9, d3, #36\n\t"
@@ -8479,7 +8545,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d29, d11\n\t"
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
/* Round 14 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d6, #50\n\t"
"vsri.u64 d8, d6, #14\n\t"
"vshl.u64 d9, d2, #36\n\t"
@@ -8508,7 +8574,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d5, d1\n\t"
"vadd.i64 d1, d10\n\t"
/* Round 15 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d5, #50\n\t"
"vsri.u64 d8, d5, #14\n\t"
"vshl.u64 d9, d1, #36\n\t"
@@ -8601,7 +8667,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"subs r12, r12, #1\n\t"
"bne L_SHA512_transform_neon_len_start_%=\n\t"
/* Round 0 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d4, #50\n\t"
"vsri.u64 d8, d4, #14\n\t"
"vshl.u64 d9, d0, #36\n\t"
@@ -8630,7 +8696,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d3, d7\n\t"
"vadd.i64 d7, d10\n\t"
/* Round 1 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d3, #50\n\t"
"vsri.u64 d8, d3, #14\n\t"
"vshl.u64 d9, d7, #36\n\t"
@@ -8659,7 +8725,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d2, d6\n\t"
"vadd.i64 d6, d10\n\t"
/* Round 2 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d2, #50\n\t"
"vsri.u64 d8, d2, #14\n\t"
"vshl.u64 d9, d6, #36\n\t"
@@ -8688,7 +8754,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d1, d5\n\t"
"vadd.i64 d5, d10\n\t"
/* Round 3 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d1, #50\n\t"
"vsri.u64 d8, d1, #14\n\t"
"vshl.u64 d9, d5, #36\n\t"
@@ -8717,7 +8783,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d0, d4\n\t"
"vadd.i64 d4, d10\n\t"
/* Round 4 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d0, #50\n\t"
"vsri.u64 d8, d0, #14\n\t"
"vshl.u64 d9, d4, #36\n\t"
@@ -8746,7 +8812,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d7, d3\n\t"
"vadd.i64 d3, d10\n\t"
/* Round 5 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d7, #50\n\t"
"vsri.u64 d8, d7, #14\n\t"
"vshl.u64 d9, d3, #36\n\t"
@@ -8775,7 +8841,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d6, d2\n\t"
"vadd.i64 d2, d10\n\t"
/* Round 6 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d6, #50\n\t"
"vsri.u64 d8, d6, #14\n\t"
"vshl.u64 d9, d2, #36\n\t"
@@ -8804,7 +8870,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d5, d1\n\t"
"vadd.i64 d1, d10\n\t"
/* Round 7 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d5, #50\n\t"
"vsri.u64 d8, d5, #14\n\t"
"vshl.u64 d9, d1, #36\n\t"
@@ -8833,7 +8899,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d4, d0\n\t"
"vadd.i64 d0, d10\n\t"
/* Round 8 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d4, #50\n\t"
"vsri.u64 d8, d4, #14\n\t"
"vshl.u64 d9, d0, #36\n\t"
@@ -8862,7 +8928,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d3, d7\n\t"
"vadd.i64 d7, d10\n\t"
/* Round 9 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d3, #50\n\t"
"vsri.u64 d8, d3, #14\n\t"
"vshl.u64 d9, d7, #36\n\t"
@@ -8891,7 +8957,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d2, d6\n\t"
"vadd.i64 d6, d10\n\t"
/* Round 10 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d2, #50\n\t"
"vsri.u64 d8, d2, #14\n\t"
"vshl.u64 d9, d6, #36\n\t"
@@ -8920,7 +8986,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d1, d5\n\t"
"vadd.i64 d5, d10\n\t"
/* Round 11 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d1, #50\n\t"
"vsri.u64 d8, d1, #14\n\t"
"vshl.u64 d9, d5, #36\n\t"
@@ -8949,7 +9015,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d0, d4\n\t"
"vadd.i64 d4, d10\n\t"
/* Round 12 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d0, #50\n\t"
"vsri.u64 d8, d0, #14\n\t"
"vshl.u64 d9, d4, #36\n\t"
@@ -8978,7 +9044,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d7, d3\n\t"
"vadd.i64 d3, d10\n\t"
/* Round 13 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d7, #50\n\t"
"vsri.u64 d8, d7, #14\n\t"
"vshl.u64 d9, d3, #36\n\t"
@@ -9007,7 +9073,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d6, d2\n\t"
"vadd.i64 d2, d10\n\t"
/* Round 14 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d6, #50\n\t"
"vsri.u64 d8, d6, #14\n\t"
"vshl.u64 d9, d2, #36\n\t"
@@ -9036,7 +9102,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
"vadd.i64 d5, d1\n\t"
"vadd.i64 d1, d10\n\t"
/* Round 15 */
- "vld1.64 {d12}, [r3]!\n\t"
+ "vld1.64 {d12}, [r3:64]!\n\t"
"vshl.u64 d8, d5, #50\n\t"
"vsri.u64 d8, d5, #14\n\t"
"vshl.u64 d9, d1, #36\n\t"
@@ -9083,14 +9149,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
#endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
"vstm.64 %[sha512], {d0-d7}\n\t"
"subs %[len], %[len], #0x80\n\t"
+ "sub r3, r3, #0x280\n\t"
"bne L_SHA512_transform_neon_len_begin_%=\n\t"
- : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
- : [L_SHA512_transform_neon_len_k] "r" (L_SHA512_transform_neon_len_k)
- : "memory", "r3", "r12", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11", "d12", "d13", "d14", "d15", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15"
+ : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len), [L_SHA512_transform_neon_len_k] "+r" (L_SHA512_transform_neon_len_k_c)
+ :
+ : "memory", "r12", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11", "d12", "d13", "d14", "d15", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15", "cc"
);
}
#endif /* !WOLFSSL_ARMASM_NO_NEON */
#endif /* WOLFSSL_SHA512 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c
index 20691a76..455d30bb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c
@@ -21,7 +21,7 @@
/*
- * There are two versions one for 64 (Aarch64) and one for 32 bit (Aarch32).
+ * There are two versions one for 64 (Aarch64) and one for 32 bit (Aarch32).
* If changing one check the other.
*/
@@ -31,6 +31,7 @@
#endif
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
#if !defined(NO_AES) && defined(WOLFSSL_ARMASM)
@@ -41,7 +42,6 @@
#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
#include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
@@ -116,6 +116,7 @@ static const byte rcon[] = {
#ifdef HAVE_AESGCM
+#if !defined(__aarch64__) || defined(WOLFSSL_AESGCM_STREAM)
static WC_INLINE void IncrementGcmCounter(byte* inOutCtr)
{
int i;
@@ -144,6 +145,7 @@ static WC_INLINE void FlattenSzInBits(byte* buf, word32 sz)
buf[6] = (sz >> 8) & 0xff;
buf[7] = sz & 0xff;
}
+#endif
#endif /* HAVE_AESGCM */
@@ -1452,6 +1454,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return 0;
}
+int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir)
+{
+ (void)dir;
+ return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+}
+
#endif /* WOLFSSL_AES_COUNTER */
#ifdef HAVE_AESGCM
@@ -1460,1109 +1469,5714 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
* Based from GCM implementation in wolfcrypt/src/aes.c
*/
+/* START script replace AES-GCM Aarch64 with hardware crypto. */
+
/* PMULL and RBIT only with AArch64 */
/* Use ARM hardware for polynomial multiply */
-static void GMULT(byte* X, byte* Y)
+void GMULT(byte* X, byte* Y)
{
__asm__ volatile (
- "LD1 {v0.16b}, [%[inX]] \n"
- "LD1 {v1.16b}, [%[inY]] \n" /* v1 already reflected from set key */
+ "LD1 {v0.16b}, [%[X]] \n"
+ "LD1 {v1.16b}, [%[Y]] \n" /* v1 already reflected from set key */
+ "MOVI v2.16b, #0x87 \n"
"RBIT v0.16b, v0.16b \n"
+ "USHR v2.2d, v2.2d, #56 \n"
+
+ "PMULL v3.1q, v0.1d, v1.1d \n"
+ "PMULL2 v4.1q, v0.2d, v1.2d \n"
+ "EXT v5.16b, v1.16b, v1.16b, #8 \n"
+ "PMULL v6.1q, v0.1d, v5.1d \n"
+ "PMULL2 v5.1q, v0.2d, v5.2d \n"
+ "EOR v5.16b, v5.16b, v6.16b \n"
+ "EXT v6.16b, v3.16b, v4.16b, #8 \n"
+ "EOR v6.16b, v6.16b, v5.16b \n"
+ "# Reduce \n"
+ "PMULL2 v5.1q, v4.2d, v2.2d \n"
+ "EOR v6.16b, v6.16b, v5.16b \n"
+ "PMULL2 v5.1q, v6.2d, v2.2d \n"
+ "MOV v3.D[1], v6.D[0] \n"
+ "EOR v0.16b, v3.16b, v5.16b \n"
-
- /* Algorithm 1 from Intel GCM white paper.
- "Carry-Less Multiplication and Its Usage for Computing the GCM Mode"
- */
- "PMULL v3.1q, v0.1d, v1.1d \n" /* a0 * b0 = C */
- "PMULL2 v4.1q, v0.2d, v1.2d \n" /* a1 * b1 = D */
- "EXT v5.16b, v1.16b, v1.16b, #8 \n" /* b0b1 -> b1b0 */
- "PMULL v6.1q, v0.1d, v5.1d \n" /* a0 * b1 = E */
- "PMULL2 v5.1q, v0.2d, v5.2d \n" /* a1 * b0 = F */
-
- "#Set a register to all 0s using EOR \n"
- "EOR v7.16b, v7.16b, v7.16b \n"
- "EOR v5.16b, v5.16b, v6.16b \n" /* F ^ E */
- "EXT v6.16b, v7.16b, v5.16b, #8 \n" /* get (F^E)[0] */
- "EOR v3.16b, v3.16b, v6.16b \n" /* low 128 bits in v3 */
- "EXT v6.16b, v5.16b, v7.16b, #8 \n" /* get (F^E)[1] */
- "EOR v4.16b, v4.16b, v6.16b \n" /* high 128 bits in v4 */
-
-
- /* Based from White Paper "Implementing GCM on ARMv8"
- by Conrado P.L. Gouvea and Julio Lopez
- reduction on 256bit value using Algorithm 5 */
- "MOVI v8.16b, #0x87 \n"
- "USHR v8.2d, v8.2d, #56 \n"
- /* v8 is now 0x00000000000000870000000000000087 reflected 0xe1....*/
- "PMULL2 v5.1q, v4.2d, v8.2d \n"
- "EXT v6.16b, v5.16b, v7.16b, #8 \n" /* v7 is all 0's */
- "EOR v4.16b, v4.16b, v6.16b \n"
- "EXT v6.16b, v7.16b, v5.16b, #8 \n"
- "EOR v3.16b, v3.16b, v6.16b \n"
- "PMULL v5.1q, v4.1d, v8.1d \n"
- "EOR v4.16b, v3.16b, v5.16b \n"
-
- "RBIT v4.16b, v4.16b \n"
- "STR q4, [%[out]] \n"
- : [out] "=r" (X), "=r" (Y)
- : [inX] "0" (X), [inY] "1" (Y)
- : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8"
+ "RBIT v0.16b, v0.16b \n"
+ "STR q0, [%[X]] \n"
+ :
+ : [X] "r" (X), [Y] "r" (Y)
+ : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5", "v6"
);
}
-
-void GHASH(Aes* aes, const byte* a, word32 aSz,
- const byte* c, word32 cSz, byte* s, word32 sSz)
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
+ word32 cSz, byte* s, word32 sSz)
{
- byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
- word32 blocks, partial;
- byte* h = aes->H;
-
- XMEMSET(x, 0, AES_BLOCK_SIZE);
-
- /* Hash in A, the Additional Authentication Data */
- if (aSz != 0 && a != NULL) {
- blocks = aSz / AES_BLOCK_SIZE;
- partial = aSz % AES_BLOCK_SIZE;
- /* do as many blocks as possible */
- while (blocks--) {
- xorbuf(x, a, AES_BLOCK_SIZE);
- GMULT(x, h);
- a += AES_BLOCK_SIZE;
- }
- if (partial != 0) {
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, a, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, h);
- }
- }
-
- /* Hash in C, the Ciphertext */
- if (cSz != 0 && c != NULL) {
- blocks = cSz / AES_BLOCK_SIZE;
- partial = cSz % AES_BLOCK_SIZE;
- while (blocks--) {
- xorbuf(x, c, AES_BLOCK_SIZE);
- GMULT(x, h);
- c += AES_BLOCK_SIZE;
- }
- if (partial != 0) {
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, c, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, h);
- }
- }
- /* Hash in the lengths of A and C in bits */
- FlattenSzInBits(&scratch[0], aSz);
- FlattenSzInBits(&scratch[8], cSz);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
+ __asm__ __volatile__ (
+ "LD1 {v3.16b}, %[h] \n"
+ "MOVI v7.16b, #0x87 \n"
+ "EOR v0.16b, v0.16b, v0.16b \n"
+ "USHR v7.2d, v7.2d, #56 \n"
+
+ "# AAD \n"
+ "CBZ %w[aSz], 20f \n"
+ "MOV w12, %w[aSz] \n"
+
+ "CMP x12, #64 \n"
+ "BLT 15f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v11.1q, v3.2d, v3.2d \n"
+ "PMULL v10.1q, v3.1d, v3.1d \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v11.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v4.16b, v10.16b, v11.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v10.1q, v4.1d, v3.1d \n"
+ "PMULL2 v11.1q, v4.2d, v3.2d \n"
+ "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+ "PMULL v13.1q, v4.1d, v12.1d \n"
+ "PMULL2 v12.1q, v4.2d, v12.2d \n"
+ "EOR v12.16b, v12.16b, v13.16b \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "# Reduce \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v12.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v5.16b, v10.16b, v12.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v11.1q, v4.2d, v4.2d \n"
+ "PMULL v10.1q, v4.1d, v4.1d \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v11.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v6.16b, v10.16b, v11.16b \n"
+ "14: \n"
+ "LD1 {v10.2d-v13.2d}, [%[a]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v10.16b, v10.16b \n"
+ "RBIT v11.16b, v11.16b \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "EOR v10.16b, v10.16b, v0.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v0.1q, v13.1d, v3.1d \n"
+ "PMULL2 v1.1q, v13.2d, v3.2d \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v2.1q, v13.1d, v3.1d \n"
+ "PMULL2 v9.1q, v13.2d, v3.2d \n"
+ "EOR v2.16b, v2.16b, v9.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v8.1q, v12.1d, v4.1d \n"
+ "PMULL2 v9.1q, v12.2d, v4.2d \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "EOR v1.16b, v1.16b, v9.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v9.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v2.16b, v2.16b, v12.16b, v9.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v9.16b \n"
+ "EOR v2.16b, v2.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v8.1q, v11.1d, v5.1d \n"
+ "PMULL2 v9.1q, v11.2d, v5.2d \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "EOR v1.16b, v1.16b, v9.16b \n"
+ "EXT v11.16b, v11.16b, v11.16b, #8 \n"
+ "PMULL v9.1q, v11.1d, v5.1d \n"
+ "PMULL2 v11.1q, v11.2d, v5.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v2.16b, v2.16b, v11.16b, v9.16b \n"
+#else
+ "EOR v11.16b, v11.16b, v9.16b \n"
+ "EOR v2.16b, v2.16b, v11.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v8.1q, v10.1d, v6.1d \n"
+ "PMULL2 v9.1q, v10.2d, v6.2d \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "EOR v1.16b, v1.16b, v9.16b \n"
+ "EXT v10.16b, v10.16b, v10.16b, #8 \n"
+ "PMULL v9.1q, v10.1d, v6.1d \n"
+ "PMULL2 v10.1q, v10.2d, v6.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v2.16b, v2.16b, v10.16b, v9.16b \n"
+#else
+ "EOR v10.16b, v10.16b, v9.16b \n"
+ "EOR v2.16b, v2.16b, v10.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v9.16b, v0.16b, v1.16b, #8 \n"
+ "PMULL2 v8.1q, v1.2d, v7.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v9.16b, v9.16b, v2.16b, v8.16b \n"
+#else
+ "EOR v9.16b, v9.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v9.16b, v9.16b, v8.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v8.1q, v9.2d, v7.2d \n"
+ "MOV v0.D[1], v9.D[0] \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 14b \n"
+ "CBZ x12, 20f \n"
+ "15: \n"
+ "CMP x12, #16 \n"
+ "BLT 12f \n"
+ "11: \n"
+ "LD1 {v14.2d}, [%[a]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v14.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v14.16b \n"
+ "PMULL v10.1q, v0.1d, v3.1d \n"
+ "PMULL2 v11.1q, v0.2d, v3.2d \n"
+ "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+ "PMULL v13.1q, v0.1d, v12.1d \n"
+ "PMULL2 v12.1q, v0.2d, v12.2d \n"
+ "EOR v12.16b, v12.16b, v13.16b \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "# Reduce \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v12.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v0.16b, v10.16b, v12.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 11b \n"
+ "CBZ x12, 120f \n"
+ "12: \n"
+ "# Partial AAD \n"
+ "EOR v14.16b, v14.16b, v14.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v14.2d}, [%[scratch]] \n"
+ "13: \n"
+ "LDRB w13, [%[a]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 13b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v14.2d}, [%[scratch]] \n"
+ "RBIT v14.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v14.16b \n"
+ "PMULL v10.1q, v0.1d, v3.1d \n"
+ "PMULL2 v11.1q, v0.2d, v3.2d \n"
+ "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+ "PMULL v13.1q, v0.1d, v12.1d \n"
+ "PMULL2 v12.1q, v0.2d, v12.2d \n"
+ "EOR v12.16b, v12.16b, v13.16b \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "# Reduce \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v12.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v0.16b, v10.16b, v12.16b \n"
+
+ "20: \n"
+ "# Cipher Text \n"
+ "CBZ %w[cSz], 120f \n"
+ "MOV w12, %w[cSz] \n"
+
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v11.1q, v3.2d, v3.2d \n"
+ "PMULL v10.1q, v3.1d, v3.1d \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v11.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v4.16b, v10.16b, v11.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v10.1q, v4.1d, v3.1d \n"
+ "PMULL2 v11.1q, v4.2d, v3.2d \n"
+ "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+ "PMULL v13.1q, v4.1d, v12.1d \n"
+ "PMULL2 v12.1q, v4.2d, v12.2d \n"
+ "EOR v12.16b, v12.16b, v13.16b \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "# Reduce \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v12.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v5.16b, v10.16b, v12.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v11.1q, v4.2d, v4.2d \n"
+ "PMULL v10.1q, v4.1d, v4.1d \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v11.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v6.16b, v10.16b, v11.16b \n"
+ "114: \n"
+ "LD1 {v10.2d-v13.2d}, [%[c]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v10.16b, v10.16b \n"
+ "RBIT v11.16b, v11.16b \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "EOR v10.16b, v10.16b, v0.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v0.1q, v13.1d, v3.1d \n"
+ "PMULL2 v1.1q, v13.2d, v3.2d \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v2.1q, v13.1d, v3.1d \n"
+ "PMULL2 v9.1q, v13.2d, v3.2d \n"
+ "EOR v2.16b, v2.16b, v9.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v8.1q, v12.1d, v4.1d \n"
+ "PMULL2 v9.1q, v12.2d, v4.2d \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "EOR v1.16b, v1.16b, v9.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v9.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v2.16b, v2.16b, v12.16b, v9.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v9.16b \n"
+ "EOR v2.16b, v2.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v8.1q, v11.1d, v5.1d \n"
+ "PMULL2 v9.1q, v11.2d, v5.2d \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "EOR v1.16b, v1.16b, v9.16b \n"
+ "EXT v11.16b, v11.16b, v11.16b, #8 \n"
+ "PMULL v9.1q, v11.1d, v5.1d \n"
+ "PMULL2 v11.1q, v11.2d, v5.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v2.16b, v2.16b, v11.16b, v9.16b \n"
+#else
+ "EOR v11.16b, v11.16b, v9.16b \n"
+ "EOR v2.16b, v2.16b, v11.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v8.1q, v10.1d, v6.1d \n"
+ "PMULL2 v9.1q, v10.2d, v6.2d \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "EOR v1.16b, v1.16b, v9.16b \n"
+ "EXT v10.16b, v10.16b, v10.16b, #8 \n"
+ "PMULL v9.1q, v10.1d, v6.1d \n"
+ "PMULL2 v10.1q, v10.2d, v6.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v2.16b, v2.16b, v10.16b, v9.16b \n"
+#else
+ "EOR v10.16b, v10.16b, v9.16b \n"
+ "EOR v2.16b, v2.16b, v10.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v9.16b, v0.16b, v1.16b, #8 \n"
+ "PMULL2 v8.1q, v1.2d, v7.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v9.16b, v9.16b, v2.16b, v8.16b \n"
+#else
+ "EOR v9.16b, v9.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v9.16b, v9.16b, v8.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v8.1q, v9.2d, v7.2d \n"
+ "MOV v0.D[1], v9.D[0] \n"
+ "EOR v0.16b, v0.16b, v8.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v14.2d}, [%[c]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v14.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v14.16b \n"
+ "PMULL v10.1q, v0.1d, v3.1d \n"
+ "PMULL2 v11.1q, v0.2d, v3.2d \n"
+ "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+ "PMULL v13.1q, v0.1d, v12.1d \n"
+ "PMULL2 v12.1q, v0.2d, v12.2d \n"
+ "EOR v12.16b, v12.16b, v13.16b \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "# Reduce \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v12.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v0.16b, v10.16b, v12.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial cipher text \n"
+ "EOR v14.16b, v14.16b, v14.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v14.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[c]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v14.2d}, [%[scratch]] \n"
+ "RBIT v14.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v14.16b \n"
+ "PMULL v10.1q, v0.1d, v3.1d \n"
+ "PMULL2 v11.1q, v0.2d, v3.2d \n"
+ "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+ "PMULL v13.1q, v0.1d, v12.1d \n"
+ "PMULL2 v12.1q, v0.2d, v12.2d \n"
+ "EOR v12.16b, v12.16b, v13.16b \n"
+ "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "# Reduce \n"
+ "PMULL2 v12.1q, v11.2d, v7.2d \n"
+ "EOR v13.16b, v13.16b, v12.16b \n"
+ "PMULL2 v12.1q, v13.2d, v7.2d \n"
+ "MOV v10.D[1], v13.D[0] \n"
+ "EOR v0.16b, v10.16b, v12.16b \n"
+ "120: \n"
+ "RBIT v0.16b, v0.16b \n"
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[cSz], %x[cSz], #3 \n"
+ "MOV v10.D[0], %x[aSz] \n"
+ "MOV v10.D[1], %x[cSz] \n"
+ "REV64 v10.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v10.16b \n"
+ "ST1 {v0.16b}, [%[scratch]] \n"
+ : [cSz] "+r" (cSz), [c] "+r" (c), [aSz] "+r" (aSz), [a] "+r" (a)
+ : [scratch] "r" (scratch), [h] "m" (gcm->H)
+ : "cc", "memory", "w12", "w13", "x14",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14"
+ );
- /* Copy the result (minus last GMULT) into s. */
- XMEMCPY(s, x, sSz);
+ XMEMCPY(s, scratch, sSz);
}
-
#ifdef WOLFSSL_AES_128
/* internal function : see wc_AesGcmEncrypt */
static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
+ const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
{
- word32 blocks;
- word32 partial;
byte counter[AES_BLOCK_SIZE];
- byte initialCounter[AES_BLOCK_SIZE];
- byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
-
/* Noticed different optimization levels treated head of array different.
- Some cases was stack pointer plus offset others was a regester containing
- address. To make uniform for passing in to inline assembly code am using
- pointers to the head of each local array.
+ * Some cases was stack pointer plus offset others was a register containing
+ * address. To make uniform for passing in to inline assembly code am using
+ * pointers to the head of each local array.
*/
byte* ctr = counter;
- byte* iCtr = initialCounter;
- byte* xPt = x;
- byte* sPt = scratch;
- byte* keyPt; /* pointer to handle pointer advencment */
+ byte* keyPt = (byte*)aes->key;
- XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
+ XMEMSET(counter, 0, AES_BLOCK_SIZE);
if (ivSz == GCM_NONCE_MID_SZ) {
- XMEMCPY(initialCounter, iv, ivSz);
- initialCounter[AES_BLOCK_SIZE - 1] = 1;
+ XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+ counter[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
- GMULT(initialCounter, aes->H);
- }
- XMEMCPY(counter, initialCounter, AES_BLOCK_SIZE);
-
-
- /* Hash in the Additional Authentication Data */
- XMEMSET(x, 0, AES_BLOCK_SIZE);
- if (authInSz != 0 && authIn != NULL) {
- blocks = authInSz / AES_BLOCK_SIZE;
- partial = authInSz % AES_BLOCK_SIZE;
- /* do as many blocks as possible */
- while (blocks--) {
- xorbuf(x, authIn, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- authIn += AES_BLOCK_SIZE;
- }
- if (partial != 0) {
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, authIn, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- }
- }
-
- /* do as many blocks as possible */
- blocks = sz / AES_BLOCK_SIZE;
- partial = sz % AES_BLOCK_SIZE;
- if (blocks > 0) {
- keyPt = (byte*)aes->key;
- __asm__ __volatile__ (
- "MOV w11, %w[blocks] \n"
- "LD1 {v13.2d}, [%[ctr]] \n"
-
- "#Create vector with the value 1 \n"
- "MOVI v14.16b, #1 \n"
- "USHR v14.2d, v14.2d, #56 \n"
- "EOR v22.16b, v22.16b, v22.16b \n"
- "EXT v14.16b, v14.16b, v22.16b, #8\n"
-
-
- /***************************************************
- Get first out block for GHASH using AES encrypt
- ***************************************************/
- "REV64 v13.16b, v13.16b \n" /* network order */
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "REV64 v13.16b, v13.16b \n" /* revert from network order */
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "MOV v0.16b, v13.16b \n"
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v16.2d}, %[inY] \n"
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "SUB w11, w11, #1 \n"
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "MOVI v23.16b, #0x87 \n"
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v17.2d}, [%[inX]] \n" /* account for additional data */
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "USHR v23.2d, v23.2d, #56 \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v12.2d}, [%[input]], #16 \n"
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "EOR v0.16b, v0.16b, v11.16b \n"
-
- "EOR v0.16b, v0.16b, v12.16b \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
- "MOV v15.16b, v0.16b \n"
-
- "CBZ w11, 1f \n" /* only one block jump to final GHASH */
-
- "LD1 {v12.2d}, [%[input]], #16 \n"
-
- /***************************************************
- Interweave GHASH and encrypt if more then 1 block
- ***************************************************/
- "2: \n"
- "REV64 v13.16b, v13.16b \n" /* network order */
- "EOR v15.16b, v17.16b, v15.16b \n"
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
- "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "REV64 v13.16b, v13.16b \n" /* revert from network order */
- "PMULL v18.1q, v15.1d, v16.1d \n" /* a0 * b0 = C */
- "MOV v0.16b, v13.16b \n"
- "PMULL2 v19.1q, v15.2d, v16.2d \n" /* a1 * b1 = D */
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "PMULL v21.1q, v15.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v15.2d, v20.2d \n" /* a1 * b0 = F */
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "SUB w11, w11, #1 \n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "PMULL2 v20.1q, v19.2d, v23.2d \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n"
- "AESE v0.16b, v10.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "EOR v0.16b, v0.16b, v11.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
-
- "EOR v0.16b, v0.16b, v12.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "MOV v15.16b, v0.16b \n"
- "RBIT v17.16b, v19.16b \n"
-
- "CBZ w11, 1f \n"
- "LD1 {v12.2d}, [%[input]], #16 \n"
- "B 2b \n"
-
- /***************************************************
- GHASH on last block
- ***************************************************/
- "1: \n"
- "EOR v15.16b, v17.16b, v15.16b \n"
- "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block */
-
- "#store current AES counter value \n"
- "ST1 {v13.2d}, [%[ctrOut]] \n"
- "PMULL v18.1q, v15.1d, v16.1d \n" /* a0 * b0 = C */
- "PMULL2 v19.1q, v15.2d, v16.2d \n" /* a1 * b1 = D */
- "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
- "PMULL v21.1q, v15.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v15.2d, v20.2d \n" /* a1 * b0 = F */
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
-
- "#Reduce product from multiplication \n"
- "PMULL2 v20.1q, v19.2d, v23.2d \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
- "EOR v19.16b, v19.16b, v21.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "RBIT v17.16b, v19.16b \n"
- "STR q17, [%[xOut]] \n" /* GHASH x value for partial blocks */
-
- :[out] "=r" (out), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (in)
- ,[xOut] "=r" (xPt),"=m" (aes->H)
- :"0" (out), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
- [input] "3" (in)
- ,[inX] "4" (xPt), [inY] "m" (aes->H)
- : "cc", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
- ,"v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24"
- );
- }
-
- /* take care of partial block sizes leftover */
- if (partial != 0) {
- IncrementGcmCounter(counter);
- wc_AesEncrypt(aes, counter, scratch);
- xorbuf(scratch, in, partial);
- XMEMCPY(out, scratch, partial);
-
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, out, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
}
- /* Hash in the lengths of A and C in bits */
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- FlattenSzInBits(&scratch[0], authInSz);
- FlattenSzInBits(&scratch[8], sz);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- XMEMCPY(scratch, x, AES_BLOCK_SIZE);
-
- keyPt = (byte*)aes->key;
__asm__ __volatile__ (
+ "LD1 {v16.16b}, %[h] \n"
+ "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+ "MOVI v23.16b, #0x87 \n"
+ "EOR v17.16b, v17.16b, v17.16b \n"
+ "USHR v23.2d, v23.2d, #56 \n"
+ "CBZ %w[aSz], 120f \n"
- "LD1 {v16.16b}, [%[tag]] \n"
- "LD1 {v17.16b}, %[h] \n"
- "RBIT v16.16b, v16.16b \n"
+ "MOV w12, %w[aSz] \n"
+ "# GHASH AAD \n"
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "114: \n"
+ "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v30.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+ "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v15.2d}, [%[aad]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial AAD \n"
+ "EOR v15.16b, v15.16b, v15.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[aad]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "120: \n"
+
+ "# Encrypt plaintext and GHASH ciphertext \n"
+ "LDR w12, [%[ctr], #12] \n"
+ "MOV w11, %w[sz] \n"
+ "REV w12, w12 \n"
+ "CMP w11, #64 \n"
+ "BLT 80f \n"
+ "CMP %w[aSz], #64 \n"
+ "BGE 82f \n"
+
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "82: \n"
+ "# Should we do 8 blocks at a time? \n"
+ "CMP w11, #512 \n"
+ "BLT 80f \n"
+
+ "# Calculate H^[5-8] - GMULT partials \n"
+ "# Multiply H and H^4 => H^5 \n"
+ "PMULL v18.1q, v26.1d, v16.1d \n"
+ "PMULL2 v19.1q, v26.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v26.1d, v20.1d \n"
+ "PMULL2 v20.1q, v26.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v9.16b, v18.16b, v20.16b \n"
+ "# Square H^3 - H^6 \n"
+ "PMULL2 v19.1q, v25.2d, v25.2d \n"
+ "PMULL v18.1q, v25.1d, v25.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v10.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^6 => H^7 \n"
+ "PMULL v18.1q, v10.1d, v16.1d \n"
+ "PMULL2 v19.1q, v10.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v10.1d, v20.1d \n"
+ "PMULL2 v20.1q, v10.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v11.16b, v18.16b, v20.16b \n"
+ "# Square H^4 => H^8 \n"
+ "PMULL2 v19.1q, v26.2d, v26.2d \n"
+ "PMULL v18.1q, v26.1d, v26.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v4.16b, v18.16b, v19.16b \n"
+
+ "# First encrypt - no GHASH \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v12.16b, v12.16b, v5.16b \n"
+ "EOR v13.16b, v13.16b, v6.16b \n"
+ "EOR v14.16b, v14.16b, v7.16b \n"
+ "EOR v15.16b, v15.16b, v8.16b \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+ "81: \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w15, w15 \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "REV w13, w13 \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "REV w15, w15 \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "REV w13, w13 \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v9.1d \n"
+ "PMULL2 v3.1q, v15.2d, v9.2d \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "PMULL v3.1q, v15.1d, v9.1d \n"
+ "PMULL2 v15.1q, v15.2d, v9.2d \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v10.1d \n"
+ "PMULL2 v3.1q, v14.2d, v10.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v3.1q, v14.1d, v10.1d \n"
+ "PMULL2 v14.1q, v14.2d, v10.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v11.1d \n"
+ "PMULL2 v3.1q, v13.2d, v11.2d \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL v3.1q, v13.1d, v11.1d \n"
+ "PMULL2 v13.1q, v13.2d, v11.2d \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v4.1d \n"
+ "PMULL2 v3.1q, v12.2d, v4.2d \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v3.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v12.16b, v12.16b, v5.16b \n"
+ "EOR v13.16b, v13.16b, v6.16b \n"
+ "EOR v14.16b, v14.16b, v7.16b \n"
+ "EOR v15.16b, v15.16b, v8.16b \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+ "CMP w11, #128 \n"
+ "BGE 81b \n"
+
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v9.1d \n"
+ "PMULL2 v3.1q, v15.2d, v9.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "PMULL v3.1q, v15.1d, v9.1d \n"
+ "PMULL2 v15.1q, v15.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v10.1d \n"
+ "PMULL2 v3.1q, v14.2d, v10.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "PMULL v3.1q, v14.1d, v10.1d \n"
+ "PMULL2 v14.1q, v14.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v11.1d \n"
+ "PMULL2 v3.1q, v13.2d, v11.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v3.1q, v13.1d, v11.1d \n"
+ "PMULL2 v13.1q, v13.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v4.1d \n"
+ "PMULL2 v3.1q, v12.2d, v4.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v3.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+
+ "80: \n"
+ "LD1 {v22.2d}, [%[ctr]] \n"
"LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
- "PMULL v18.1q, v16.1d, v17.1d \n" /* a0 * b0 = C */
- "PMULL2 v19.1q, v16.2d, v17.2d \n" /* a1 * b1 = D */
"LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "EXT v20.16b, v17.16b, v17.16b, #8 \n" /* b0b1 -> b1b0 */
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
- "PMULL v21.1q, v16.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v16.2d, v20.2d \n" /* a1 * b0 = F */
- "LD1 {v0.2d}, [%[ctr]] \n"
+ "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+ "# Can we do 4 blocks at a time? \n"
+ "CMP w11, #64 \n"
+ "BLT 10f \n"
+
+ "# First encrypt - no GHASH \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "EOR v27.16b, v27.16b, v11.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "EOR v28.16b, v28.16b, v11.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "EOR v29.16b, v29.16b, v11.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "EOR v30.16b, v30.16b, v11.16b \n"
+
+ "# XOR in input \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BLT 12f \n"
+
+ "11: \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "REV w15, w15 \n"
+ "RBIT v19.16b, v19.16b \n"
+ "REV w14, w14 \n"
+ "RBIT v20.16b, v20.16b \n"
+ "REV w13, w13 \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "EOR v27.16b, v27.16b, v11.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "EOR v28.16b, v28.16b, v11.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "EOR v29.16b, v29.16b, v11.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "EOR v30.16b, v30.16b, v11.16b \n"
+
+ "# XOR in input \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BGE 11b \n"
+
+ "12: \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
- "#Set a register to all 0s using EOR \n"
- "EOR v22.16b, v22.16b, v22.16b \n"
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "AESE v0.16b, v1.16b \n"
+ "10: \n"
+ "CBZ w11, 30f \n"
+ "CMP w11, #16 \n"
+ "BLT 20f \n"
+ "# Encrypt first block for GHASH \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "AESE v0.16b, v2.16b \n"
+ "AESE v0.16b, v2.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "AESE v0.16b, v3.16b \n"
+ "AESE v0.16b, v3.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
- "MOVI v23.16b, #0x87 \n"
- "AESE v0.16b, v4.16b \n"
+ "AESE v0.16b, v4.16b \n"
"AESMC v0.16b, v0.16b \n"
- "USHR v23.2d, v23.2d, #56 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[out]], #16 \n"
+
+ "# When only one full block to encrypt go straight to GHASH \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+
+ "# Interweave GHASH and encrypt if more then 1 block \n"
+ "2: \n"
+ "RBIT v15.16b, v15.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
"PMULL2 v20.1q, v19.2d, v23.2d \n"
- "AESE v0.16b, v5.16b \n"
+ "AESE v0.16b, v7.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n"
- "AESE v0.16b, v6.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n"
- "AESE v0.16b, v7.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v9.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "AESE v0.16b, v8.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[out]], #16 \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+ "B 2b \n"
+
+ "# GHASH on last block \n"
+ "1: \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "20: \n"
+ "CBZ w11, 30f \n"
+ "EOR v31.16b, v31.16b, v31.16b \n"
+ "MOV x15, x11 \n"
+ "ST1 {v31.2d}, [%[scratch]] \n"
+ "23: \n"
+ "LDRB w14, [%[input]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 23b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+ "LD1 {v31.2d}, [%[scratch]] \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
- "AESE v0.16b, v9.16b \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v9.16b \n"
"AESMC v0.16b, v0.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
"AESE v0.16b, v10.16b \n"
- "RBIT v19.16b, v19.16b \n"
- "EOR v0.16b, v0.16b, v11.16b \n"
- "EOR v19.16b, v19.16b, v0.16b \n"
- "STR q19, [%[out]] \n"
-
- :[out] "=r" (sPt), "=r" (keyPt), "=r" (iCtr)
- :[tag] "0" (sPt), [Key] "1" (keyPt),
- [ctr] "2" (iCtr) , [h] "m" (aes->H)
- : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14",
- "v15", "v16", "v17","v18", "v19", "v20","v21","v22","v23","v24"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "MOV x15, x11 \n"
+ "24: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[out]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 24b \n"
+ "MOV x15, #16 \n"
+ "EOR w14, w14, w14 \n"
+ "SUB x15, x15, x11 \n"
+ "25: \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 25b \n"
+ "SUB %[scratch], %[scratch], #16 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "30: \n"
+ "# store current counter value at the end \n"
+ "REV w13, w12 \n"
+ "MOV v22.S[3], w13 \n"
+ "LD1 {v0.2d}, [%[ctr]] \n"
+ "ST1 {v22.2d}, [%[ctr]] \n"
+
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[sz], %x[sz], #3 \n"
+ "MOV v15.d[0], %x[aSz] \n"
+ "MOV v15.d[1], %x[sz] \n"
+ "REV64 v15.16b, v15.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "RBIT v17.16b, v17.16b \n"
+ "EOR v0.16b, v0.16b, v17.16b \n \n"
+ "CMP %w[tagSz], #16 \n"
+ "BNE 40f \n"
+ "ST1 {v0.2d}, [%[tag]] \n"
+ "B 41f \n"
+ "40: \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV x15, %x[tagSz] \n"
+ "44: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[tag]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 44b \n"
+ "SUB %[scratch], %[scratch], %x[tagSz] \n"
+ "41: \n"
+
+ : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+ [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn)
+ : [ctr] "r" (ctr), [scratch] "r" (scratch),
+ [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+ : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+ "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
);
- if (authTagSz > AES_BLOCK_SIZE) {
- XMEMCPY(authTag, scratch, AES_BLOCK_SIZE);
- }
- else {
- /* authTagSz can be smaller than AES_BLOCK_SIZE */
- XMEMCPY(authTag, scratch, authTagSz);
- }
return 0;
}
#endif /* WOLFSSL_AES_128 */
-
#ifdef WOLFSSL_AES_192
/* internal function : see wc_AesGcmEncrypt */
static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
+ const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
{
- word32 blocks;
- word32 partial;
byte counter[AES_BLOCK_SIZE];
- byte initialCounter[AES_BLOCK_SIZE];
- byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
-
/* Noticed different optimization levels treated head of array different.
- Some cases was stack pointer plus offset others was a regester containing
- address. To make uniform for passing in to inline assembly code am using
- pointers to the head of each local array.
+ * Some cases was stack pointer plus offset others was a register containing
+ * address. To make uniform for passing in to inline assembly code am using
+ * pointers to the head of each local array.
*/
byte* ctr = counter;
- byte* iCtr = initialCounter;
- byte* xPt = x;
- byte* sPt = scratch;
- byte* keyPt; /* pointer to handle pointer advencment */
+ byte* keyPt = (byte*)aes->key;
- XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
+ XMEMSET(counter, 0, AES_BLOCK_SIZE);
if (ivSz == GCM_NONCE_MID_SZ) {
- XMEMCPY(initialCounter, iv, ivSz);
- initialCounter[AES_BLOCK_SIZE - 1] = 1;
+ XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+ counter[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
- GMULT(initialCounter, aes->H);
- }
- XMEMCPY(counter, initialCounter, AES_BLOCK_SIZE);
-
-
- /* Hash in the Additional Authentication Data */
- XMEMSET(x, 0, AES_BLOCK_SIZE);
- if (authInSz != 0 && authIn != NULL) {
- blocks = authInSz / AES_BLOCK_SIZE;
- partial = authInSz % AES_BLOCK_SIZE;
- /* do as many blocks as possible */
- while (blocks--) {
- xorbuf(x, authIn, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- authIn += AES_BLOCK_SIZE;
- }
- if (partial != 0) {
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, authIn, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- }
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
}
- /* do as many blocks as possible */
- blocks = sz / AES_BLOCK_SIZE;
- partial = sz % AES_BLOCK_SIZE;
- if (blocks > 0) {
- keyPt = (byte*)aes->key;
- __asm__ __volatile__ (
- "MOV w11, %w[blocks] \n"
- "LD1 {v13.2d}, [%[ctr]] \n"
-
- "#Create vector with the value 1 \n"
- "MOVI v14.16b, #1 \n"
- "USHR v14.2d, v14.2d, #56 \n"
- "EOR v22.16b, v22.16b, v22.16b \n"
- "EXT v14.16b, v14.16b, v22.16b, #8\n"
-
-
- /***************************************************
- Get first out block for GHASH using AES encrypt
- ***************************************************/
- "REV64 v13.16b, v13.16b \n" /* network order */
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "REV64 v13.16b, v13.16b \n" /* revert from network order */
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "MOV v0.16b, v13.16b \n"
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v16.2d}, %[inY] \n"
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "SUB w11, w11, #1 \n"
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
- "LD1 {v30.2d-v31.2d}, [%[Key]], #32\n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "MOVI v23.16b, #0x87 \n"
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v17.2d}, [%[inX]] \n" /* account for additional data */
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "USHR v23.2d, v23.2d, #56 \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v12.2d}, [%[input]], #16 \n"
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v30.16b \n"
- "EOR v0.16b, v0.16b, v31.16b \n"
-
- "EOR v0.16b, v0.16b, v12.16b \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
- "MOV v15.16b, v0.16b \n"
-
- "CBZ w11, 1f \n" /* only one block jump to final GHASH */
- "LD1 {v12.2d}, [%[input]], #16 \n"
-
- /***************************************************
- Interweave GHASH and encrypt if more then 1 block
- ***************************************************/
- "2: \n"
- "REV64 v13.16b, v13.16b \n" /* network order */
- "EOR v15.16b, v17.16b, v15.16b \n"
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
- "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "REV64 v13.16b, v13.16b \n" /* revert from network order */
- "PMULL v18.1q, v15.1d, v16.1d \n" /* a0 * b0 = C */
- "MOV v0.16b, v13.16b \n"
- "PMULL2 v19.1q, v15.2d, v16.2d \n" /* a1 * b1 = D */
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "PMULL v21.1q, v15.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v15.2d, v20.2d \n" /* a1 * b0 = F */
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "SUB w11, w11, #1 \n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "PMULL2 v20.1q, v19.2d, v23.2d \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n"
- "AESE v0.16b, v30.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "EOR v0.16b, v0.16b, v31.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
-
- "EOR v0.16b, v0.16b, v12.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "MOV v15.16b, v0.16b \n"
- "RBIT v17.16b, v19.16b \n"
-
- "CBZ w11, 1f \n"
- "LD1 {v12.2d}, [%[input]], #16 \n"
- "B 2b \n"
-
- /***************************************************
- GHASH on last block
- ***************************************************/
- "1: \n"
- "EOR v15.16b, v17.16b, v15.16b \n"
- "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block */
-
- "#store current AES counter value \n"
- "ST1 {v13.2d}, [%[ctrOut]] \n"
- "PMULL v18.1q, v15.1d, v16.1d \n" /* a0 * b0 = C */
- "PMULL2 v19.1q, v15.2d, v16.2d \n" /* a1 * b1 = D */
- "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
- "PMULL v21.1q, v15.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v15.2d, v20.2d \n" /* a1 * b0 = F */
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
-
- "#Reduce product from multiplication \n"
- "PMULL2 v20.1q, v19.2d, v23.2d \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
- "EOR v19.16b, v19.16b, v21.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "RBIT v17.16b, v19.16b \n"
- "STR q17, [%[xOut]] \n" /* GHASH x value for partial blocks */
-
- :[out] "=r" (out), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (in)
- ,[xOut] "=r" (xPt),"=m" (aes->H)
- :"0" (out), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
- [input] "3" (in)
- ,[inX] "4" (xPt), [inY] "m" (aes->H)
- : "cc", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
- ,"v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
- "v24","v25","v26","v27","v28","v29","v30","v31"
- );
- }
+ __asm__ __volatile__ (
+ "LD1 {v16.16b}, %[h] \n"
+ "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+ "MOVI v23.16b, #0x87 \n"
+ "EOR v17.16b, v17.16b, v17.16b \n"
+ "USHR v23.2d, v23.2d, #56 \n"
+ "CBZ %w[aSz], 120f \n"
- /* take care of partial block sizes leftover */
- if (partial != 0) {
- IncrementGcmCounter(counter);
- wc_AesEncrypt(aes, counter, scratch);
- xorbuf(scratch, in, partial);
- XMEMCPY(out, scratch, partial);
+ "MOV w12, %w[aSz] \n"
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, out, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- }
+ "# GHASH AAD \n"
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "114: \n"
+ "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v30.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+ "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v15.2d}, [%[aad]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial AAD \n"
+ "EOR v15.16b, v15.16b, v15.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[aad]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "120: \n"
+
+ "# Encrypt plaintext and GHASH ciphertext \n"
+ "LDR w12, [%[ctr], #12] \n"
+ "MOV w11, %w[sz] \n"
+ "REV w12, w12 \n"
+ "CMP w11, #64 \n"
+ "BLT 80f \n"
+ "CMP %w[aSz], #64 \n"
+ "BGE 82f \n"
+
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "82: \n"
+ "# Should we do 8 blocks at a time? \n"
+ "CMP w11, #512 \n"
+ "BLT 80f \n"
+
+ "# Calculate H^[5-8] - GMULT partials \n"
+ "# Multiply H and H^4 => H^5 \n"
+ "PMULL v18.1q, v26.1d, v16.1d \n"
+ "PMULL2 v19.1q, v26.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v26.1d, v20.1d \n"
+ "PMULL2 v20.1q, v26.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v9.16b, v18.16b, v20.16b \n"
+ "# Square H^3 - H^6 \n"
+ "PMULL2 v19.1q, v25.2d, v25.2d \n"
+ "PMULL v18.1q, v25.1d, v25.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v10.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^6 => H^7 \n"
+ "PMULL v18.1q, v10.1d, v16.1d \n"
+ "PMULL2 v19.1q, v10.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v10.1d, v20.1d \n"
+ "PMULL2 v20.1q, v10.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v11.16b, v18.16b, v20.16b \n"
+ "# Square H^4 => H^8 \n"
+ "PMULL2 v19.1q, v26.2d, v26.2d \n"
+ "PMULL v18.1q, v26.1d, v26.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v4.16b, v18.16b, v19.16b \n"
+
+ "# First encrypt - no GHASH \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v12.16b, v12.16b, v5.16b \n"
+ "EOR v13.16b, v13.16b, v6.16b \n"
+ "EOR v14.16b, v14.16b, v7.16b \n"
+ "EOR v15.16b, v15.16b, v8.16b \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+ "81: \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w15, w15 \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "REV w13, w13 \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "REV w15, w15 \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "REV w13, w13 \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v9.1d \n"
+ "PMULL2 v3.1q, v15.2d, v9.2d \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "PMULL v3.1q, v15.1d, v9.1d \n"
+ "PMULL2 v15.1q, v15.2d, v9.2d \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v10.1d \n"
+ "PMULL2 v3.1q, v14.2d, v10.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v3.1q, v14.1d, v10.1d \n"
+ "PMULL2 v14.1q, v14.2d, v10.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v11.1d \n"
+ "PMULL2 v3.1q, v13.2d, v11.2d \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL v3.1q, v13.1d, v11.1d \n"
+ "PMULL2 v13.1q, v13.2d, v11.2d \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v4.1d \n"
+ "PMULL2 v3.1q, v12.2d, v4.2d \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v3.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v12.16b, v12.16b, v5.16b \n"
+ "EOR v13.16b, v13.16b, v6.16b \n"
+ "EOR v14.16b, v14.16b, v7.16b \n"
+ "EOR v15.16b, v15.16b, v8.16b \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+ "CMP w11, #128 \n"
+ "BGE 81b \n"
+
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v9.1d \n"
+ "PMULL2 v3.1q, v15.2d, v9.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "PMULL v3.1q, v15.1d, v9.1d \n"
+ "PMULL2 v15.1q, v15.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v10.1d \n"
+ "PMULL2 v3.1q, v14.2d, v10.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "PMULL v3.1q, v14.1d, v10.1d \n"
+ "PMULL2 v14.1q, v14.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v11.1d \n"
+ "PMULL2 v3.1q, v13.2d, v11.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v3.1q, v13.1d, v11.1d \n"
+ "PMULL2 v13.1q, v13.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v4.1d \n"
+ "PMULL2 v3.1q, v12.2d, v4.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v3.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+
+ "80: \n"
+ "LD1 {v22.2d}, [%[ctr]] \n"
+ "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+ "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+ "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+ "# Can we do 4 blocks at a time? \n"
+ "CMP w11, #64 \n"
+ "BLT 10f \n"
+
+ "# First encrypt - no GHASH \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v12.16b \n"
+ "EOR v27.16b, v27.16b, v13.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "EOR v28.16b, v28.16b, v13.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "EOR v29.16b, v29.16b, v13.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "EOR v30.16b, v30.16b, v13.16b \n"
+
+ "# XOR in input \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BLT 12f \n"
+
+ "11: \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "REV w15, w15 \n"
+ "RBIT v19.16b, v19.16b \n"
+ "REV w14, w14 \n"
+ "RBIT v20.16b, v20.16b \n"
+ "REV w13, w13 \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v12.16b \n"
+ "EOR v27.16b, v27.16b, v13.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "EOR v28.16b, v28.16b, v13.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "EOR v29.16b, v29.16b, v13.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "EOR v30.16b, v30.16b, v13.16b \n"
+
+ "# XOR in input \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BGE 11b \n"
+
+ "12: \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
- /* Hash in the lengths of A and C in bits */
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- FlattenSzInBits(&scratch[0], authInSz);
- FlattenSzInBits(&scratch[8], sz);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- XMEMCPY(scratch, x, AES_BLOCK_SIZE);
+ "10: \n"
+ "CBZ w11, 30f \n"
+ "CMP w11, #16 \n"
+ "BLT 20f \n"
+ "# Encrypt first block for GHASH \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[out]], #16 \n"
- keyPt = (byte*)aes->key;
- __asm__ __volatile__ (
+ "# When only one full block to encrypt go straight to GHASH \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
- "LD1 {v16.16b}, [%[tag]] \n"
- "LD1 {v17.16b}, %[h] \n"
- "RBIT v16.16b, v16.16b \n"
+ "LD1 {v31.2d}, [%[input]], #16 \n"
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
- "PMULL v18.1q, v16.1d, v17.1d \n" /* a0 * b0 = C */
- "PMULL2 v19.1q, v16.2d, v17.2d \n" /* a1 * b1 = D */
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "EXT v20.16b, v17.16b, v17.16b, #8 \n" /* b0b1 -> b1b0 */
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
- "LD1 {v30.2d-v31.2d}, [%[Key]], #32\n"
- "PMULL v21.1q, v16.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v16.2d, v20.2d \n" /* a1 * b0 = F */
- "LD1 {v0.2d}, [%[ctr]] \n"
-
- "#Set a register to all 0s using EOR \n"
- "EOR v22.16b, v22.16b, v22.16b \n"
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "AESE v0.16b, v1.16b \n"
+ "# Interweave GHASH and encrypt if more then 1 block \n"
+ "2: \n"
+ "RBIT v15.16b, v15.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "AESE v0.16b, v2.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "AESE v0.16b, v3.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
- "MOVI v23.16b, #0x87 \n"
- "AESE v0.16b, v4.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
"AESMC v0.16b, v0.16b \n"
- "USHR v23.2d, v23.2d, #56 \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
"PMULL2 v20.1q, v19.2d, v23.2d \n"
- "AESE v0.16b, v5.16b \n"
+ "AESE v0.16b, v7.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n"
- "AESE v0.16b, v6.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n"
- "AESE v0.16b, v7.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v9.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "AESE v0.16b, v8.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
- "AESE v0.16b, v9.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v11.16b \n"
"AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[out]], #16 \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+ "B 2b \n"
+
+ "# GHASH on last block \n"
+ "1: \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "20: \n"
+ "CBZ w11, 30f \n"
+ "EOR v31.16b, v31.16b, v31.16b \n"
+ "MOV x15, x11 \n"
+ "ST1 {v31.2d}, [%[scratch]] \n"
+ "23: \n"
+ "LDRB w14, [%[input]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 23b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+ "LD1 {v31.2d}, [%[scratch]] \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
"AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
+ "AESE v0.16b, v2.16b \n"
"AESMC v0.16b, v0.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "AESE v0.16b, v30.16b \n"
- "RBIT v19.16b, v19.16b \n"
- "EOR v0.16b, v0.16b, v31.16b \n"
- "EOR v19.16b, v19.16b, v0.16b \n"
- "STR q19, [%[out]] \n"
-
- :[out] "=r" (sPt), "=r" (keyPt), "=r" (iCtr)
- :[tag] "0" (sPt), [Key] "1" (keyPt),
- [ctr] "2" (iCtr) , [h] "m" (aes->H)
- : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14",
- "v15", "v16", "v17","v18", "v19", "v20","v21","v22","v23","v24"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "MOV x15, x11 \n"
+ "24: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[out]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 24b \n"
+ "MOV x15, #16 \n"
+ "EOR w14, w14, w14 \n"
+ "SUB x15, x15, x11 \n"
+ "25: \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 25b \n"
+ "SUB %[scratch], %[scratch], #16 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "30: \n"
+ "# store current counter value at the end \n"
+ "REV w13, w12 \n"
+ "MOV v22.S[3], w13 \n"
+ "LD1 {v0.2d}, [%[ctr]] \n"
+ "ST1 {v22.2d}, [%[ctr]] \n"
+
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[sz], %x[sz], #3 \n"
+ "MOV v15.d[0], %x[aSz] \n"
+ "MOV v15.d[1], %x[sz] \n"
+ "REV64 v15.16b, v15.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "RBIT v17.16b, v17.16b \n"
+ "EOR v0.16b, v0.16b, v17.16b \n \n"
+ "CMP %w[tagSz], #16 \n"
+ "BNE 40f \n"
+ "ST1 {v0.2d}, [%[tag]] \n"
+ "B 41f \n"
+ "40: \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV x15, %x[tagSz] \n"
+ "44: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[tag]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 44b \n"
+ "SUB %[scratch], %[scratch], %x[tagSz] \n"
+ "41: \n"
+
+ : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+ [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn)
+ : [ctr] "r" (ctr), [scratch] "r" (scratch),
+ [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+ : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+ "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
);
- if (authTagSz > AES_BLOCK_SIZE) {
- XMEMCPY(authTag, scratch, AES_BLOCK_SIZE);
- }
- else {
- /* authTagSz can be smaller than AES_BLOCK_SIZE */
- XMEMCPY(authTag, scratch, authTagSz);
- }
-
return 0;
}
#endif /* WOLFSSL_AES_192 */
-
#ifdef WOLFSSL_AES_256
/* internal function : see wc_AesGcmEncrypt */
static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
+ const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
{
- word32 blocks;
- word32 partial;
byte counter[AES_BLOCK_SIZE];
- byte initialCounter[AES_BLOCK_SIZE];
- byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
-
/* Noticed different optimization levels treated head of array different.
- Some cases was stack pointer plus offset others was a regester containing
- address. To make uniform for passing in to inline assembly code am using
- pointers to the head of each local array.
+ * Some cases was stack pointer plus offset others was a register containing
+ * address. To make uniform for passing in to inline assembly code am using
+ * pointers to the head of each local array.
*/
byte* ctr = counter;
- byte* iCtr = initialCounter;
- byte* xPt = x;
- byte* sPt = scratch;
- byte* keyPt; /* pointer to handle pointer advencment */
+ byte* keyPt = (byte*)aes->key;
- XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
+ XMEMSET(counter, 0, AES_BLOCK_SIZE);
if (ivSz == GCM_NONCE_MID_SZ) {
- XMEMCPY(initialCounter, iv, ivSz);
- initialCounter[AES_BLOCK_SIZE - 1] = 1;
+ XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+ counter[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
- GMULT(initialCounter, aes->H);
- }
- XMEMCPY(counter, initialCounter, AES_BLOCK_SIZE);
-
-
- /* Hash in the Additional Authentication Data */
- XMEMSET(x, 0, AES_BLOCK_SIZE);
- if (authInSz != 0 && authIn != NULL) {
- blocks = authInSz / AES_BLOCK_SIZE;
- partial = authInSz % AES_BLOCK_SIZE;
- /* do as many blocks as possible */
- while (blocks--) {
- xorbuf(x, authIn, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- authIn += AES_BLOCK_SIZE;
- }
- if (partial != 0) {
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, authIn, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- }
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
}
- /* do as many blocks as possible */
- blocks = sz / AES_BLOCK_SIZE;
- partial = sz % AES_BLOCK_SIZE;
- if (blocks > 0) {
- keyPt = (byte*)aes->key;
- __asm__ __volatile__ (
- "MOV w11, %w[blocks] \n"
- "LD1 {v13.2d}, [%[ctr]] \n"
-
- "#Create vector with the value 1 \n"
- "MOVI v14.16b, #1 \n"
- "USHR v14.2d, v14.2d, #56 \n"
- "EOR v22.16b, v22.16b, v22.16b \n"
- "EXT v14.16b, v14.16b, v22.16b, #8\n"
-
-
- /***************************************************
- Get first out block for GHASH using AES encrypt
- ***************************************************/
- "REV64 v13.16b, v13.16b \n" /* network order */
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "REV64 v13.16b, v13.16b \n" /* revert from network order */
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "MOV v0.16b, v13.16b \n"
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v16.2d}, %[inY] \n"
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "SUB w11, w11, #1 \n"
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
- "LD1 {v28.2d-v31.2d}, [%[Key]], #64\n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "MOVI v23.16b, #0x87 \n"
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v17.2d}, [%[inX]] \n" /* account for additional data */
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "USHR v23.2d, v23.2d, #56 \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "LD1 {v12.2d}, [%[input]], #16 \n"
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v28.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v29.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v30.16b \n"
- "EOR v0.16b, v0.16b, v31.16b \n"
-
- "EOR v0.16b, v0.16b, v12.16b \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
- "MOV v15.16b, v0.16b \n"
-
- "CBZ w11, 1f \n" /* only one block jump to final GHASH */
- "LD1 {v12.2d}, [%[input]], #16 \n"
-
- /***************************************************
- Interweave GHASH and encrypt if more then 1 block
- ***************************************************/
- "2: \n"
- "REV64 v13.16b, v13.16b \n" /* network order */
- "EOR v15.16b, v17.16b, v15.16b \n"
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
- "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
- "EXT v13.16b, v13.16b, v13.16b, #8 \n"
- "REV64 v13.16b, v13.16b \n" /* revert from network order */
- "PMULL v18.1q, v15.1d, v16.1d \n" /* a0 * b0 = C */
- "MOV v0.16b, v13.16b \n"
- "PMULL2 v19.1q, v15.2d, v16.2d \n" /* a1 * b1 = D */
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "PMULL v21.1q, v15.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v15.2d, v20.2d \n" /* a1 * b0 = F */
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "SUB w11, w11, #1 \n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "PMULL2 v20.1q, v19.2d, v23.2d \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v28.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v29.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n"
- "AESE v0.16b, v30.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "EOR v0.16b, v0.16b, v31.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
-
- "EOR v0.16b, v0.16b, v12.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "MOV v15.16b, v0.16b \n"
- "RBIT v17.16b, v19.16b \n"
-
- "CBZ w11, 1f \n"
- "LD1 {v12.2d}, [%[input]], #16 \n"
- "B 2b \n"
-
- /***************************************************
- GHASH on last block
- ***************************************************/
- "1: \n"
- "EOR v15.16b, v17.16b, v15.16b \n"
- "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block */
-
- "#store current AES counter value \n"
- "ST1 {v13.2d}, [%[ctrOut]] \n"
- "PMULL v18.1q, v15.1d, v16.1d \n" /* a0 * b0 = C */
- "PMULL2 v19.1q, v15.2d, v16.2d \n" /* a1 * b1 = D */
- "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
- "PMULL v21.1q, v15.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v15.2d, v20.2d \n" /* a1 * b0 = F */
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
-
- "#Reduce product from multiplication \n"
- "PMULL2 v20.1q, v19.2d, v23.2d \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
- "EOR v19.16b, v19.16b, v21.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "RBIT v17.16b, v19.16b \n"
- "STR q17, [%[xOut]] \n" /* GHASH x value for partial blocks */
-
- :[out] "=r" (out), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (in)
- ,[xOut] "=r" (xPt),"=m" (aes->H)
- :"0" (out), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
- [input] "3" (in)
- ,[inX] "4" (xPt), [inY] "m" (aes->H)
- : "cc", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
- ,"v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24"
- );
- }
+ __asm__ __volatile__ (
+ "LD1 {v16.16b}, %[h] \n"
+ "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+ "MOVI v23.16b, #0x87 \n"
+ "EOR v17.16b, v17.16b, v17.16b \n"
+ "USHR v23.2d, v23.2d, #56 \n"
+ "CBZ %w[aSz], 120f \n"
- /* take care of partial block sizes leftover */
- if (partial != 0) {
- IncrementGcmCounter(counter);
- wc_AesEncrypt(aes, counter, scratch);
- xorbuf(scratch, in, partial);
- XMEMCPY(out, scratch, partial);
+ "MOV w12, %w[aSz] \n"
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- XMEMCPY(scratch, out, partial);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- GMULT(x, aes->H);
- }
+ "# GHASH AAD \n"
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "114: \n"
+ "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v30.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+ "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v15.2d}, [%[aad]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial AAD \n"
+ "EOR v15.16b, v15.16b, v15.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[aad]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "120: \n"
+
+ "# Encrypt plaintext and GHASH ciphertext \n"
+ "LDR w12, [%[ctr], #12] \n"
+ "MOV w11, %w[sz] \n"
+ "REV w12, w12 \n"
+ "CMP w11, #64 \n"
+ "BLT 80f \n"
+ "CMP %w[aSz], #64 \n"
+ "BGE 82f \n"
+
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "82: \n"
+ "# Should we do 8 blocks at a time? \n"
+ "CMP w11, #512 \n"
+ "BLT 80f \n"
+
+ "# Calculate H^[5-8] - GMULT partials \n"
+ "# Multiply H and H^4 => H^5 \n"
+ "PMULL v18.1q, v26.1d, v16.1d \n"
+ "PMULL2 v19.1q, v26.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v26.1d, v20.1d \n"
+ "PMULL2 v20.1q, v26.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v9.16b, v18.16b, v20.16b \n"
+ "# Square H^3 - H^6 \n"
+ "PMULL2 v19.1q, v25.2d, v25.2d \n"
+ "PMULL v18.1q, v25.1d, v25.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v10.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^6 => H^7 \n"
+ "PMULL v18.1q, v10.1d, v16.1d \n"
+ "PMULL2 v19.1q, v10.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v10.1d, v20.1d \n"
+ "PMULL2 v20.1q, v10.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v11.16b, v18.16b, v20.16b \n"
+ "# Square H^4 => H^8 \n"
+ "PMULL2 v19.1q, v26.2d, v26.2d \n"
+ "PMULL v18.1q, v26.1d, v26.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v4.16b, v18.16b, v19.16b \n"
+
+ "# First encrypt - no GHASH \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #192] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #208] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v12.16b, v12.16b, v5.16b \n"
+ "EOR v13.16b, v13.16b, v6.16b \n"
+ "EOR v14.16b, v14.16b, v7.16b \n"
+ "EOR v15.16b, v15.16b, v8.16b \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+ "81: \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w15, w15 \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "REV w13, w13 \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "REV w15, w15 \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "REV w13, w13 \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v9.1d \n"
+ "PMULL2 v3.1q, v15.2d, v9.2d \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "PMULL v3.1q, v15.1d, v9.1d \n"
+ "PMULL2 v15.1q, v15.2d, v9.2d \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v10.1d \n"
+ "PMULL2 v3.1q, v14.2d, v10.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v3.1q, v14.1d, v10.1d \n"
+ "PMULL2 v14.1q, v14.2d, v10.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v11.1d \n"
+ "PMULL2 v3.1q, v13.2d, v11.2d \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL v3.1q, v13.1d, v11.1d \n"
+ "PMULL2 v13.1q, v13.2d, v11.2d \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v4.1d \n"
+ "PMULL2 v3.1q, v12.2d, v4.2d \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v3.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #192] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #208] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v12.16b, v12.16b, v5.16b \n"
+ "EOR v13.16b, v13.16b, v6.16b \n"
+ "EOR v14.16b, v14.16b, v7.16b \n"
+ "EOR v15.16b, v15.16b, v8.16b \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+ "CMP w11, #128 \n"
+ "BGE 81b \n"
+
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v9.1d \n"
+ "PMULL2 v3.1q, v15.2d, v9.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "PMULL v3.1q, v15.1d, v9.1d \n"
+ "PMULL2 v15.1q, v15.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v10.1d \n"
+ "PMULL2 v3.1q, v14.2d, v10.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "PMULL v3.1q, v14.1d, v10.1d \n"
+ "PMULL2 v14.1q, v14.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v11.1d \n"
+ "PMULL2 v3.1q, v13.2d, v11.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v3.1q, v13.1d, v11.1d \n"
+ "PMULL2 v13.1q, v13.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v4.1d \n"
+ "PMULL2 v3.1q, v12.2d, v4.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v3.1q, v12.1d, v4.1d \n"
+ "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+
+ "80: \n"
+ "LD1 {v22.2d}, [%[ctr]] \n"
+ "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+ "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+ "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+ "# Can we do 4 blocks at a time? \n"
+ "CMP w11, #64 \n"
+ "BLT 10f \n"
+
+ "# First encrypt - no GHASH \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v12.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+ "AESE v27.16b, v13.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v13.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v13.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v13.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v14.16b \n"
+ "EOR v27.16b, v27.16b, v15.16b \n"
+ "AESE v28.16b, v14.16b \n"
+ "EOR v28.16b, v28.16b, v15.16b \n"
+ "AESE v29.16b, v14.16b \n"
+ "EOR v29.16b, v29.16b, v15.16b \n"
+ "AESE v30.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+
+ "# XOR in input \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BLT 12f \n"
+
+ "11: \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "REV w15, w15 \n"
+ "RBIT v19.16b, v19.16b \n"
+ "REV w14, w14 \n"
+ "RBIT v20.16b, v20.16b \n"
+ "REV w13, w13 \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v12.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+ "AESE v27.16b, v13.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v13.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v13.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v13.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v14.16b \n"
+ "EOR v27.16b, v27.16b, v15.16b \n"
+ "AESE v28.16b, v14.16b \n"
+ "EOR v28.16b, v28.16b, v15.16b \n"
+ "AESE v29.16b, v14.16b \n"
+ "EOR v29.16b, v29.16b, v15.16b \n"
+ "AESE v30.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+
+ "# XOR in input \n"
+ "EOR v18.16b, v18.16b, v27.16b \n"
+ "EOR v19.16b, v19.16b, v28.16b \n"
+ "EOR v20.16b, v20.16b, v29.16b \n"
+ "EOR v21.16b, v21.16b, v30.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BGE 11b \n"
+
+ "12: \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
- /* Hash in the lengths of A and C in bits */
- XMEMSET(scratch, 0, AES_BLOCK_SIZE);
- FlattenSzInBits(&scratch[0], authInSz);
- FlattenSzInBits(&scratch[8], sz);
- xorbuf(x, scratch, AES_BLOCK_SIZE);
- XMEMCPY(scratch, x, AES_BLOCK_SIZE);
+ "10: \n"
+ "SUB %[Key], %[Key], #32 \n"
+ "CBZ w11, 30f \n"
+ "CMP w11, #16 \n"
+ "BLT 20f \n"
+ "# Encrypt first block for GHASH \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+ "SUB %[Key], %[Key], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[out]], #16 \n"
- keyPt = (byte*)aes->key;
- __asm__ __volatile__ (
+ "# When only one full block to encrypt go straight to GHASH \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
- "LD1 {v16.16b}, [%[tag]] \n"
- "LD1 {v17.16b}, %[h] \n"
- "RBIT v16.16b, v16.16b \n"
+ "LD1 {v31.2d}, [%[input]], #16 \n"
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
- "PMULL v18.1q, v16.1d, v17.1d \n" /* a0 * b0 = C */
- "PMULL2 v19.1q, v16.2d, v17.2d \n" /* a1 * b1 = D */
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "EXT v20.16b, v17.16b, v17.16b, #8 \n" /* b0b1 -> b1b0 */
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
- "LD1 {v28.2d-v31.2d}, [%[Key]], #64\n"
- "PMULL v21.1q, v16.1d, v20.1d \n" /* a0 * b1 = E */
- "PMULL2 v20.1q, v16.2d, v20.2d \n" /* a1 * b0 = F */
- "LD1 {v0.2d}, [%[ctr]] \n"
-
- "#Set a register to all 0s using EOR \n"
- "EOR v22.16b, v22.16b, v22.16b \n"
- "EOR v20.16b, v20.16b, v21.16b \n" /* F ^ E */
- "AESE v0.16b, v1.16b \n"
+ "# Interweave GHASH and encrypt if more then 1 block \n"
+ "2: \n"
+ "RBIT v15.16b, v15.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
- "AESE v0.16b, v2.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n" /* low 128 bits in v3 */
- "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
- "AESE v0.16b, v3.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n" /* high 128 bits in v4 */
- "MOVI v23.16b, #0x87 \n"
- "AESE v0.16b, v4.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
"AESMC v0.16b, v0.16b \n"
- "USHR v23.2d, v23.2d, #56 \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
"PMULL2 v20.1q, v19.2d, v23.2d \n"
- "AESE v0.16b, v5.16b \n"
+ "AESE v0.16b, v7.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v20.16b, v22.16b, #8 \n"
- "AESE v0.16b, v6.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v19.16b, v19.16b, v21.16b \n"
- "AESE v0.16b, v7.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v9.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EXT v21.16b, v22.16b, v20.16b, #8 \n"
- "AESE v0.16b, v8.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
"AESMC v0.16b, v0.16b \n"
- "EOR v18.16b, v18.16b, v21.16b \n"
- "AESE v0.16b, v9.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v11.16b \n"
"AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+ "AESE v0.16b, v12.16b \n"
"AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+ "SUB %[Key], %[Key], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[out]], #16 \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "LD1 {v31.2d}, [%[input]], #16 \n"
+ "B 2b \n"
+
+ "# GHASH on last block \n"
+ "1: \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "20: \n"
+ "CBZ w11, 30f \n"
+ "EOR v31.16b, v31.16b, v31.16b \n"
+ "MOV x15, x11 \n"
+ "ST1 {v31.2d}, [%[scratch]] \n"
+ "23: \n"
+ "LDRB w14, [%[input]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 23b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+ "LD1 {v31.2d}, [%[scratch]] \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
"AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v28.16b \n"
+ "AESE v0.16b, v2.16b \n"
"AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v29.16b \n"
+ "AESE v0.16b, v3.16b \n"
"AESMC v0.16b, v0.16b \n"
- "PMULL v20.1q, v19.1d, v23.1d \n"
- "EOR v19.16b, v18.16b, v20.16b \n"
- "AESE v0.16b, v30.16b \n"
- "RBIT v19.16b, v19.16b \n"
- "EOR v0.16b, v0.16b, v31.16b \n"
- "EOR v19.16b, v19.16b, v0.16b \n"
- "STR q19, [%[out]] \n"
-
- :[out] "=r" (sPt), "=r" (keyPt), "=r" (iCtr)
- :[tag] "0" (sPt), [Key] "1" (keyPt),
- [ctr] "2" (iCtr) , [h] "m" (aes->H)
- : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14",
- "v15", "v16", "v17","v18", "v19", "v20","v21","v22","v23",
- "v24","v25","v26","v27","v28","v29","v30","v31"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+ "SUB %[Key], %[Key], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v15.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "MOV x15, x11 \n"
+ "24: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[out]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 24b \n"
+ "MOV x15, #16 \n"
+ "EOR w14, w14, w14 \n"
+ "SUB x15, x15, x11 \n"
+ "25: \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 25b \n"
+ "SUB %[scratch], %[scratch], #16 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "30: \n"
+ "# store current counter value at the end \n"
+ "REV w13, w12 \n"
+ "MOV v22.S[3], w13 \n"
+ "LD1 {v0.2d}, [%[ctr]] \n"
+ "ST1 {v22.2d}, [%[ctr]] \n"
+
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[sz], %x[sz], #3 \n"
+ "MOV v15.d[0], %x[aSz] \n"
+ "MOV v15.d[1], %x[sz] \n"
+ "REV64 v15.16b, v15.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+ "SUB %[Key], %[Key], #32 \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "RBIT v17.16b, v17.16b \n"
+ "EOR v0.16b, v0.16b, v17.16b \n \n"
+ "CMP %w[tagSz], #16 \n"
+ "BNE 40f \n"
+ "ST1 {v0.2d}, [%[tag]] \n"
+ "B 41f \n"
+ "40: \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV x15, %x[tagSz] \n"
+ "44: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[tag]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 44b \n"
+ "SUB %[scratch], %[scratch], %x[tagSz] \n"
+ "41: \n"
+
+ : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+ [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn)
+ : [ctr] "r" (ctr), [scratch] "r" (scratch),
+ [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+ : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+ "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
);
- if (authTagSz > AES_BLOCK_SIZE) {
- XMEMCPY(authTag, scratch, AES_BLOCK_SIZE);
- }
- else {
- /* authTagSz can be smaller than AES_BLOCK_SIZE */
- XMEMCPY(authTag, scratch, authTagSz);
- }
-
return 0;
}
#endif /* WOLFSSL_AES_256 */
-
/* aarch64 with PMULL and PMULL2
* Encrypt and tag data using AES with GCM mode.
* aes: Aes structure having already been set with set key function
@@ -2585,20 +7199,17 @@ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
* Algorithm 5
*/
int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
+ const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
{
/* sanity checks */
- if (aes == NULL || (iv == NULL && ivSz > 0) ||
- (authTag == NULL) ||
- (authIn == NULL && authInSz > 0) ||
- (ivSz == 0)) {
+ if ((aes == NULL) || (iv == NULL && ivSz > 0) || (authTag == NULL) ||
+ ((authIn == NULL) && (authInSz > 0)) || (ivSz == 0)) {
WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
return BAD_FUNC_ARG;
}
- if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || authTagSz > AES_BLOCK_SIZE) {
+ if ((authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) || (authTagSz > AES_BLOCK_SIZE)) {
WOLFSSL_MSG("GcmEncrypt authTagSz error");
return BAD_FUNC_ARG;
}
@@ -2625,8 +7236,5315 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
}
}
-
#ifdef HAVE_AES_DECRYPT
+#ifdef WOLFSSL_AES_128
+/* internal function : see wc_AesGcmDecrypt */
+static int Aes128GcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+ const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
+{
+ byte counter[AES_BLOCK_SIZE];
+ byte scratch[AES_BLOCK_SIZE];
+ byte *ctr = counter;
+ byte* keyPt = (byte*)aes->key;
+ int ret = 0;
+
+ XMEMSET(counter, 0, AES_BLOCK_SIZE);
+ if (ivSz == GCM_NONCE_MID_SZ) {
+ XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+ counter[AES_BLOCK_SIZE - 1] = 1;
+ }
+ else {
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
+ }
+
+ __asm__ __volatile__ (
+ "LD1 {v16.16b}, %[h] \n"
+ "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+ "MOVI v23.16b, #0x87 \n"
+ "EOR v17.16b, v17.16b, v17.16b \n"
+ "USHR v23.2d, v23.2d, #56 \n"
+ "CBZ %w[aSz], 120f \n"
+
+ "MOV w12, %w[aSz] \n"
+
+ "# GHASH AAD \n"
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "114: \n"
+ "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v30.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+ "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v15.2d}, [%[aad]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial AAD \n"
+ "EOR v15.16b, v15.16b, v15.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[aad]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "120: \n"
+
+ "# Decrypt ciphertext and GHASH ciphertext \n"
+ "LDR w12, [%[ctr], #12] \n"
+ "MOV w11, %w[sz] \n"
+ "REV w12, w12 \n"
+ "CMP w11, #64 \n"
+ "BLT 80f \n"
+ "CMP %w[aSz], #64 \n"
+ "BGE 82f \n"
+
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "82: \n"
+ "# Should we do 8 blocks at a time? \n"
+ "CMP w11, #512 \n"
+ "BLT 80f \n"
+
+ "# Calculate H^[5-8] - GMULT partials \n"
+ "# Multiply H and H^4 => H^5 \n"
+ "PMULL v18.1q, v26.1d, v16.1d \n"
+ "PMULL2 v19.1q, v26.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v26.1d, v20.1d \n"
+ "PMULL2 v20.1q, v26.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v4.16b, v18.16b, v20.16b \n"
+ "# Square H^3 - H^6 \n"
+ "PMULL2 v19.1q, v25.2d, v25.2d \n"
+ "PMULL v18.1q, v25.1d, v25.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v9.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^6 => H^7 \n"
+ "PMULL v18.1q, v9.1d, v16.1d \n"
+ "PMULL2 v19.1q, v9.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v9.1d, v20.1d \n"
+ "PMULL2 v20.1q, v9.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v10.16b, v18.16b, v20.16b \n"
+ "# Square H^4 => H^8 \n"
+ "PMULL2 v19.1q, v26.2d, v26.2d \n"
+ "PMULL v18.1q, v26.1d, v26.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v11.16b, v18.16b, v19.16b \n"
+
+ "# First decrypt - no GHASH \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v5.16b, v5.16b, v12.16b \n"
+ "EOR v6.16b, v6.16b, v13.16b \n"
+ "EOR v7.16b, v7.16b, v14.16b \n"
+ "EOR v8.16b, v8.16b, v15.16b \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+ "81: \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w15, w15 \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "REV w13, w13 \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "REV w15, w15 \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "REV w13, w13 \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v4.1d \n"
+ "PMULL2 v3.1q, v15.2d, v4.2d \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "PMULL v3.1q, v15.1d, v4.1d \n"
+ "PMULL2 v15.1q, v15.2d, v4.2d \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v9.1d \n"
+ "PMULL2 v3.1q, v14.2d, v9.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v3.1q, v14.1d, v9.1d \n"
+ "PMULL2 v14.1q, v14.2d, v9.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v10.1d \n"
+ "PMULL2 v3.1q, v13.2d, v10.2d \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL v3.1q, v13.1d, v10.1d \n"
+ "PMULL2 v13.1q, v13.2d, v10.2d \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v11.1d \n"
+ "PMULL2 v3.1q, v12.2d, v11.2d \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v3.1q, v12.1d, v11.1d \n"
+ "PMULL2 v12.1q, v12.2d, v11.2d \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v5.16b, v5.16b, v12.16b \n"
+ "EOR v6.16b, v6.16b, v13.16b \n"
+ "EOR v7.16b, v7.16b, v14.16b \n"
+ "EOR v8.16b, v8.16b, v15.16b \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+ "CMP w11, #128 \n"
+ "BGE 81b \n"
+
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v4.1d \n"
+ "PMULL2 v3.1q, v15.2d, v4.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "PMULL v3.1q, v15.1d, v4.1d \n"
+ "PMULL2 v15.1q, v15.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v9.1d \n"
+ "PMULL2 v3.1q, v14.2d, v9.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "PMULL v3.1q, v14.1d, v9.1d \n"
+ "PMULL2 v14.1q, v14.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v10.1d \n"
+ "PMULL2 v3.1q, v13.2d, v10.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v3.1q, v13.1d, v10.1d \n"
+ "PMULL2 v13.1q, v13.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v11.1d \n"
+ "PMULL2 v3.1q, v12.2d, v11.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v3.1q, v12.1d, v11.1d \n"
+ "PMULL2 v12.1q, v12.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+
+ "80: \n"
+ "LD1 {v22.2d}, [%[ctr]] \n"
+ "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+ "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+ "# Can we do 4 blocks at a time? \n"
+ "CMP w11, #64 \n"
+ "BLT 10f \n"
+
+ "# First decrypt - no GHASH \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "EOR v27.16b, v27.16b, v11.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "EOR v28.16b, v28.16b, v11.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "EOR v29.16b, v29.16b, v11.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "EOR v30.16b, v30.16b, v11.16b \n"
+
+ "# XOR in input \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BLT 12f \n"
+
+ "11: \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "REV w15, w15 \n"
+ "RBIT v19.16b, v19.16b \n"
+ "REV w14, w14 \n"
+ "RBIT v20.16b, v20.16b \n"
+ "REV w13, w13 \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "EOR v27.16b, v27.16b, v11.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "EOR v28.16b, v28.16b, v11.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "EOR v29.16b, v29.16b, v11.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "EOR v30.16b, v30.16b, v11.16b \n"
+
+ "# XOR in input \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BGE 11b \n"
+
+ "12: \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+
+ "10: \n"
+ "CBZ w11, 30f \n"
+ "CMP w11, #16 \n"
+ "BLT 20f \n"
+ "# Decrypt first block for GHASH \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v28.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "EOR v0.16b, v0.16b, v28.16b \n \n"
+ "ST1 {v0.2d}, [%[out]], #16 \n"
+
+ "# When only one full block to decrypt go straight to GHASH \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "# Interweave GHASH and decrypt if more then 1 block \n"
+ "2: \n"
+ "RBIT v28.16b, v28.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "LD1 {v28.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "EOR v0.16b, v0.16b, v28.16b \n \n"
+ "ST1 {v0.2d}, [%[out]], #16 \n"
+ "CMP w11, #16 \n"
+ "BGE 2b \n"
+
+ "# GHASH on last block \n"
+ "1: \n"
+ "RBIT v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "20: \n"
+ "CBZ w11, 30f \n"
+ "EOR v31.16b, v31.16b, v31.16b \n"
+ "MOV x15, x11 \n"
+ "ST1 {v31.2d}, [%[scratch]] \n"
+ "23: \n"
+ "LDRB w14, [%[input]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 23b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+ "LD1 {v31.2d}, [%[scratch]] \n"
+ "RBIT v31.16b, v31.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v31.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "RBIT v31.16b, v31.16b \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "EOR v0.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV x15, x11 \n"
+ "24: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[out]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 24b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+
+ "30: \n"
+ "# store current counter value at the end \n"
+ "REV w13, w12 \n"
+ "MOV v22.S[3], w13 \n"
+ "LD1 {v0.16b}, [%[ctr]] \n"
+ "ST1 {v22.16b}, [%[ctr]] \n"
+
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[sz], %x[sz], #3 \n"
+ "MOV v28.d[0], %x[aSz] \n"
+ "MOV v28.d[1], %x[sz] \n"
+ "REV64 v28.16b, v28.16b \n"
+ "RBIT v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "EOR v0.16b, v0.16b, v11.16b \n \n"
+ "RBIT v17.16b, v17.16b \n"
+ "EOR v0.16b, v0.16b, v17.16b \n \n"
+ "CMP %w[tagSz], #16 \n"
+ "BNE 40f \n"
+ "LD1 {v1.2d}, [%[tag]] \n"
+ "B 41f \n"
+ "40: \n"
+ "EOR v1.16b, v1.16b, v1.16b \n"
+ "MOV x15, %x[tagSz] \n"
+ "ST1 {v1.2d}, [%[scratch]] \n"
+ "43: \n"
+ "LDRB w14, [%[tag]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 43b \n"
+ "SUB %[scratch], %[scratch], %x[tagSz] \n"
+ "LD1 {v1.2d}, [%[scratch]] \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV w14, #16 \n"
+ "SUB w14, w14, %w[tagSz] \n"
+ "ADD %[scratch], %[scratch], %x[tagSz] \n"
+ "44: \n"
+ "STRB wzr, [%[scratch]], #1 \n"
+ "SUB w14, w14, #1 \n"
+ "CBNZ w14, 44b \n"
+ "SUB %[scratch], %[scratch], #16 \n"
+ "LD1 {v0.2d}, [%[scratch]] \n"
+ "41: \n"
+ "EOR v0.16b, v0.16b, v1.16b \n"
+ "MOV v1.D[0], v0.D[1] \n"
+ "EOR v0.8b, v0.8b, v1.8b \n"
+ "MOV %x[ret], v0.D[0] \n"
+ "CMP %x[ret], #0 \n"
+ "MOV w11, #-180 \n"
+ "CSETM %w[ret], ne \n"
+ "AND %w[ret], %w[ret], w11 \n"
+
+ : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+ [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn),
+ [ret] "+r" (ret)
+ : [ctr] "r" (ctr), [scratch] "r" (scratch),
+ [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+ : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+ "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+ );
+
+ return ret;
+}
+#endif /* WOLFSSL_AES_128 */
+#ifdef WOLFSSL_AES_192
+/* internal function : see wc_AesGcmDecrypt */
+static int Aes192GcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+ const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
+{
+ byte counter[AES_BLOCK_SIZE];
+ byte scratch[AES_BLOCK_SIZE];
+ byte *ctr = counter;
+ byte* keyPt = (byte*)aes->key;
+ int ret = 0;
+
+ XMEMSET(counter, 0, AES_BLOCK_SIZE);
+ if (ivSz == GCM_NONCE_MID_SZ) {
+ XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+ counter[AES_BLOCK_SIZE - 1] = 1;
+ }
+ else {
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
+ }
+
+ __asm__ __volatile__ (
+ "LD1 {v16.16b}, %[h] \n"
+ "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+ "MOVI v23.16b, #0x87 \n"
+ "EOR v17.16b, v17.16b, v17.16b \n"
+ "USHR v23.2d, v23.2d, #56 \n"
+ "CBZ %w[aSz], 120f \n"
+
+ "MOV w12, %w[aSz] \n"
+
+ "# GHASH AAD \n"
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "114: \n"
+ "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v30.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+ "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v15.2d}, [%[aad]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial AAD \n"
+ "EOR v15.16b, v15.16b, v15.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[aad]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "120: \n"
+
+ "# Decrypt ciphertext and GHASH ciphertext \n"
+ "LDR w12, [%[ctr], #12] \n"
+ "MOV w11, %w[sz] \n"
+ "REV w12, w12 \n"
+ "CMP w11, #64 \n"
+ "BLT 80f \n"
+ "CMP %w[aSz], #64 \n"
+ "BGE 82f \n"
+
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "82: \n"
+ "# Should we do 8 blocks at a time? \n"
+ "CMP w11, #512 \n"
+ "BLT 80f \n"
+
+ "# Calculate H^[5-8] - GMULT partials \n"
+ "# Multiply H and H^4 => H^5 \n"
+ "PMULL v18.1q, v26.1d, v16.1d \n"
+ "PMULL2 v19.1q, v26.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v26.1d, v20.1d \n"
+ "PMULL2 v20.1q, v26.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v4.16b, v18.16b, v20.16b \n"
+ "# Square H^3 - H^6 \n"
+ "PMULL2 v19.1q, v25.2d, v25.2d \n"
+ "PMULL v18.1q, v25.1d, v25.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v9.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^6 => H^7 \n"
+ "PMULL v18.1q, v9.1d, v16.1d \n"
+ "PMULL2 v19.1q, v9.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v9.1d, v20.1d \n"
+ "PMULL2 v20.1q, v9.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v10.16b, v18.16b, v20.16b \n"
+ "# Square H^4 => H^8 \n"
+ "PMULL2 v19.1q, v26.2d, v26.2d \n"
+ "PMULL v18.1q, v26.1d, v26.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v11.16b, v18.16b, v19.16b \n"
+
+ "# First decrypt - no GHASH \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v5.16b, v5.16b, v12.16b \n"
+ "EOR v6.16b, v6.16b, v13.16b \n"
+ "EOR v7.16b, v7.16b, v14.16b \n"
+ "EOR v8.16b, v8.16b, v15.16b \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+ "81: \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w15, w15 \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "REV w13, w13 \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "REV w15, w15 \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "REV w13, w13 \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v4.1d \n"
+ "PMULL2 v3.1q, v15.2d, v4.2d \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "PMULL v3.1q, v15.1d, v4.1d \n"
+ "PMULL2 v15.1q, v15.2d, v4.2d \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v9.1d \n"
+ "PMULL2 v3.1q, v14.2d, v9.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v3.1q, v14.1d, v9.1d \n"
+ "PMULL2 v14.1q, v14.2d, v9.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v10.1d \n"
+ "PMULL2 v3.1q, v13.2d, v10.2d \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL v3.1q, v13.1d, v10.1d \n"
+ "PMULL2 v13.1q, v13.2d, v10.2d \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v11.1d \n"
+ "PMULL2 v3.1q, v12.2d, v11.2d \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v3.1q, v12.1d, v11.1d \n"
+ "PMULL2 v12.1q, v12.2d, v11.2d \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v5.16b, v5.16b, v12.16b \n"
+ "EOR v6.16b, v6.16b, v13.16b \n"
+ "EOR v7.16b, v7.16b, v14.16b \n"
+ "EOR v8.16b, v8.16b, v15.16b \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+ "CMP w11, #128 \n"
+ "BGE 81b \n"
+
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v4.1d \n"
+ "PMULL2 v3.1q, v15.2d, v4.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "PMULL v3.1q, v15.1d, v4.1d \n"
+ "PMULL2 v15.1q, v15.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v9.1d \n"
+ "PMULL2 v3.1q, v14.2d, v9.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "PMULL v3.1q, v14.1d, v9.1d \n"
+ "PMULL2 v14.1q, v14.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v10.1d \n"
+ "PMULL2 v3.1q, v13.2d, v10.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v3.1q, v13.1d, v10.1d \n"
+ "PMULL2 v13.1q, v13.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v11.1d \n"
+ "PMULL2 v3.1q, v12.2d, v11.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v3.1q, v12.1d, v11.1d \n"
+ "PMULL2 v12.1q, v12.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+
+ "80: \n"
+ "LD1 {v22.2d}, [%[ctr]] \n"
+ "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+ "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+ "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+ "# Can we do 4 blocks at a time? \n"
+ "CMP w11, #64 \n"
+ "BLT 10f \n"
+
+ "# First decrypt - no GHASH \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v12.16b \n"
+ "EOR v27.16b, v27.16b, v13.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "EOR v28.16b, v28.16b, v13.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "EOR v29.16b, v29.16b, v13.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "EOR v30.16b, v30.16b, v13.16b \n"
+
+ "# XOR in input \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BLT 12f \n"
+
+ "11: \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "REV w15, w15 \n"
+ "RBIT v19.16b, v19.16b \n"
+ "REV w14, w14 \n"
+ "RBIT v20.16b, v20.16b \n"
+ "REV w13, w13 \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v12.16b \n"
+ "EOR v27.16b, v27.16b, v13.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "EOR v28.16b, v28.16b, v13.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "EOR v29.16b, v29.16b, v13.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "EOR v30.16b, v30.16b, v13.16b \n"
+
+ "# XOR in input \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BGE 11b \n"
+
+ "12: \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+
+ "10: \n"
+ "CBZ w11, 30f \n"
+ "CMP w11, #16 \n"
+ "BLT 20f \n"
+ "# Decrypt first block for GHASH \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v28.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v0.16b, v0.16b, v28.16b \n \n"
+ "ST1 {v0.2d}, [%[out]], #16 \n"
+
+ "# When only one full block to decrypt go straight to GHASH \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "# Interweave GHASH and decrypt if more then 1 block \n"
+ "2: \n"
+ "RBIT v28.16b, v28.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "LD1 {v28.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v0.16b, v0.16b, v28.16b \n \n"
+ "ST1 {v0.2d}, [%[out]], #16 \n"
+ "CMP w11, #16 \n"
+ "BGE 2b \n"
+
+ "# GHASH on last block \n"
+ "1: \n"
+ "RBIT v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "20: \n"
+ "CBZ w11, 30f \n"
+ "EOR v31.16b, v31.16b, v31.16b \n"
+ "MOV x15, x11 \n"
+ "ST1 {v31.2d}, [%[scratch]] \n"
+ "23: \n"
+ "LDRB w14, [%[input]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 23b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+ "LD1 {v31.2d}, [%[scratch]] \n"
+ "RBIT v31.16b, v31.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v31.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "RBIT v31.16b, v31.16b \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "EOR v0.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV x15, x11 \n"
+ "24: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[out]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 24b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+
+ "30: \n"
+ "# store current counter value at the end \n"
+ "REV w13, w12 \n"
+ "MOV v22.S[3], w13 \n"
+ "LD1 {v0.16b}, [%[ctr]] \n"
+ "ST1 {v22.16b}, [%[ctr]] \n"
+
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[sz], %x[sz], #3 \n"
+ "MOV v28.d[0], %x[aSz] \n"
+ "MOV v28.d[1], %x[sz] \n"
+ "REV64 v28.16b, v28.16b \n"
+ "RBIT v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "EOR v0.16b, v0.16b, v13.16b \n \n"
+ "RBIT v17.16b, v17.16b \n"
+ "EOR v0.16b, v0.16b, v17.16b \n \n"
+ "CMP %w[tagSz], #16 \n"
+ "BNE 40f \n"
+ "LD1 {v1.2d}, [%[tag]] \n"
+ "B 41f \n"
+ "40: \n"
+ "EOR v1.16b, v1.16b, v1.16b \n"
+ "MOV x15, %x[tagSz] \n"
+ "ST1 {v1.2d}, [%[scratch]] \n"
+ "43: \n"
+ "LDRB w14, [%[tag]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 43b \n"
+ "SUB %[scratch], %[scratch], %x[tagSz] \n"
+ "LD1 {v1.2d}, [%[scratch]] \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV w14, #16 \n"
+ "SUB w14, w14, %w[tagSz] \n"
+ "ADD %[scratch], %[scratch], %x[tagSz] \n"
+ "44: \n"
+ "STRB wzr, [%[scratch]], #1 \n"
+ "SUB w14, w14, #1 \n"
+ "CBNZ w14, 44b \n"
+ "SUB %[scratch], %[scratch], #16 \n"
+ "LD1 {v0.2d}, [%[scratch]] \n"
+ "41: \n"
+ "EOR v0.16b, v0.16b, v1.16b \n"
+ "MOV v1.D[0], v0.D[1] \n"
+ "EOR v0.8b, v0.8b, v1.8b \n"
+ "MOV %x[ret], v0.D[0] \n"
+ "CMP %x[ret], #0 \n"
+ "MOV w11, #-180 \n"
+ "CSETM %w[ret], ne \n"
+ "AND %w[ret], %w[ret], w11 \n"
+
+ : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+ [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn),
+ [ret] "+r" (ret)
+ : [ctr] "r" (ctr), [scratch] "r" (scratch),
+ [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+ : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+ "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+ );
+
+ return ret;
+}
+#endif /* WOLFSSL_AES_192 */
+#ifdef WOLFSSL_AES_256
+/* internal function : see wc_AesGcmDecrypt */
+static int Aes256GcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+ const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
+{
+ byte counter[AES_BLOCK_SIZE];
+ byte scratch[AES_BLOCK_SIZE];
+ byte *ctr = counter;
+ byte* keyPt = (byte*)aes->key;
+ int ret = 0;
+
+ XMEMSET(counter, 0, AES_BLOCK_SIZE);
+ if (ivSz == GCM_NONCE_MID_SZ) {
+ XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+ counter[AES_BLOCK_SIZE - 1] = 1;
+ }
+ else {
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
+ }
+
+ __asm__ __volatile__ (
+ "LD1 {v16.16b}, %[h] \n"
+ "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+ "MOVI v23.16b, #0x87 \n"
+ "EOR v17.16b, v17.16b, v17.16b \n"
+ "USHR v23.2d, v23.2d, #56 \n"
+ "CBZ %w[aSz], 120f \n"
+
+ "MOV w12, %w[aSz] \n"
+
+ "# GHASH AAD \n"
+ "CMP x12, #64 \n"
+ "BLT 115f \n"
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "114: \n"
+ "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+ "SUB x12, x12, #64 \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v30.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+ "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "CMP x12, #64 \n"
+ "BGE 114b \n"
+ "CBZ x12, 120f \n"
+ "115: \n"
+ "CMP x12, #16 \n"
+ "BLT 112f \n"
+ "111: \n"
+ "LD1 {v15.2d}, [%[aad]], #16 \n"
+ "SUB x12, x12, #16 \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "CMP x12, #16 \n"
+ "BGE 111b \n"
+ "CBZ x12, 120f \n"
+ "112: \n"
+ "# Partial AAD \n"
+ "EOR v15.16b, v15.16b, v15.16b \n"
+ "MOV x14, x12 \n"
+ "ST1 {v15.2d}, [%[scratch]] \n"
+ "113: \n"
+ "LDRB w13, [%[aad]], #1 \n"
+ "STRB w13, [%[scratch]], #1 \n"
+ "SUB x14, x14, #1 \n"
+ "CBNZ x14, 113b \n"
+ "SUB %[scratch], %[scratch], x12 \n"
+ "LD1 {v15.2d}, [%[scratch]] \n"
+ "RBIT v15.16b, v15.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "120: \n"
+
+ "# Decrypt ciphertext and GHASH ciphertext \n"
+ "LDR w12, [%[ctr], #12] \n"
+ "MOV w11, %w[sz] \n"
+ "REV w12, w12 \n"
+ "CMP w11, #64 \n"
+ "BLT 80f \n"
+ "CMP %w[aSz], #64 \n"
+ "BGE 82f \n"
+
+ "# Calculate H^[1-4] - GMULT partials \n"
+ "# Square H => H^2 \n"
+ "PMULL2 v19.1q, v16.2d, v16.2d \n"
+ "PMULL v18.1q, v16.1d, v16.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v24.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^2 => H^3 \n"
+ "PMULL v18.1q, v24.1d, v16.1d \n"
+ "PMULL2 v19.1q, v24.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v24.1d, v20.1d \n"
+ "PMULL2 v20.1q, v24.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v25.16b, v18.16b, v20.16b \n"
+ "# Square H^2 => H^4 \n"
+ "PMULL2 v19.1q, v24.2d, v24.2d \n"
+ "PMULL v18.1q, v24.1d, v24.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v26.16b, v18.16b, v19.16b \n"
+ "82: \n"
+ "# Should we do 8 blocks at a time? \n"
+ "CMP w11, #512 \n"
+ "BLT 80f \n"
+
+ "# Calculate H^[5-8] - GMULT partials \n"
+ "# Multiply H and H^4 => H^5 \n"
+ "PMULL v18.1q, v26.1d, v16.1d \n"
+ "PMULL2 v19.1q, v26.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v26.1d, v20.1d \n"
+ "PMULL2 v20.1q, v26.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v4.16b, v18.16b, v20.16b \n"
+ "# Square H^3 - H^6 \n"
+ "PMULL2 v19.1q, v25.2d, v25.2d \n"
+ "PMULL v18.1q, v25.1d, v25.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v9.16b, v18.16b, v19.16b \n"
+ "# Multiply H and H^6 => H^7 \n"
+ "PMULL v18.1q, v9.1d, v16.1d \n"
+ "PMULL2 v19.1q, v9.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v9.1d, v20.1d \n"
+ "PMULL2 v20.1q, v9.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v10.16b, v18.16b, v20.16b \n"
+ "# Square H^4 => H^8 \n"
+ "PMULL2 v19.1q, v26.2d, v26.2d \n"
+ "PMULL v18.1q, v26.1d, v26.1d \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v19.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v11.16b, v18.16b, v19.16b \n"
+
+ "# First decrypt - no GHASH \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #192] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #208] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v5.16b, v5.16b, v12.16b \n"
+ "EOR v6.16b, v6.16b, v13.16b \n"
+ "EOR v7.16b, v7.16b, v14.16b \n"
+ "EOR v8.16b, v8.16b, v15.16b \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+ "81: \n"
+ "LDR q1, [%[Key]] \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "LD1 {v5.2d}, [%[ctr]] \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v6.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v7.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v8.16b, v5.16b \n"
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w15, w15 \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "REV w13, w13 \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "REV w16, w12 \n"
+ "MOV v5.S[3], w15 \n"
+ "MOV v6.S[3], w14 \n"
+ "MOV v7.S[3], w13 \n"
+ "MOV v8.S[3], w16 \n"
+ "# Calculate next 4 counters (+5-8) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v5.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v5.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v5.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v5.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "REV w15, w15 \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "REV w14, w14 \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "REV w13, w13 \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 8 counters \n"
+ "LDR q22, [%[Key], #16] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "LDR q1, [%[Key], #32] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v4.1d \n"
+ "PMULL2 v3.1q, v15.2d, v4.2d \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "LDR q22, [%[Key], #48] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "PMULL v3.1q, v15.1d, v4.1d \n"
+ "PMULL2 v15.1q, v15.2d, v4.2d \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v9.1d \n"
+ "PMULL2 v3.1q, v14.2d, v9.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v3.1q, v14.1d, v9.1d \n"
+ "PMULL2 v14.1q, v14.2d, v9.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v10.1d \n"
+ "PMULL2 v3.1q, v13.2d, v10.2d \n"
+ "LDR q1, [%[Key], #64] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL v3.1q, v13.1d, v10.1d \n"
+ "PMULL2 v13.1q, v13.2d, v10.2d \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v11.1d \n"
+ "PMULL2 v3.1q, v12.2d, v11.2d \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v3.1q, v12.1d, v11.1d \n"
+ "PMULL2 v12.1q, v12.2d, v11.2d \n"
+ "LDR q22, [%[Key], #80] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #128 \n"
+ "LDR q1, [%[Key], #96] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #112] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #128] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #144] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #160] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q22, [%[Key], #176] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LDR q1, [%[Key], #192] \n"
+ "AESE v5.16b, v22.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+ "LDP q22, q31, [%[Key], #208] \n"
+ "AESE v5.16b, v1.16b \n"
+ "AESMC v5.16b, v5.16b \n"
+ "AESE v6.16b, v1.16b \n"
+ "AESMC v6.16b, v6.16b \n"
+ "AESE v7.16b, v1.16b \n"
+ "AESMC v7.16b, v7.16b \n"
+ "AESE v8.16b, v1.16b \n"
+ "AESMC v8.16b, v8.16b \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v5.16b, v22.16b \n"
+ "EOR v5.16b, v5.16b, v31.16b \n"
+ "AESE v6.16b, v22.16b \n"
+ "EOR v6.16b, v6.16b, v31.16b \n"
+ "AESE v7.16b, v22.16b \n"
+ "EOR v7.16b, v7.16b, v31.16b \n"
+ "AESE v8.16b, v22.16b \n"
+ "EOR v8.16b, v8.16b, v31.16b \n"
+ "AESE v27.16b, v22.16b \n"
+ "EOR v27.16b, v27.16b, v31.16b \n"
+ "AESE v28.16b, v22.16b \n"
+ "EOR v28.16b, v28.16b, v31.16b \n"
+ "AESE v29.16b, v22.16b \n"
+ "EOR v29.16b, v29.16b, v31.16b \n"
+ "AESE v30.16b, v22.16b \n"
+ "EOR v30.16b, v30.16b, v31.16b \n"
+
+ "# XOR in input \n"
+ "EOR v5.16b, v5.16b, v12.16b \n"
+ "EOR v6.16b, v6.16b, v13.16b \n"
+ "EOR v7.16b, v7.16b, v14.16b \n"
+ "EOR v8.16b, v8.16b, v15.16b \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+ "CMP w11, #128 \n"
+ "BGE 81b \n"
+
+ "# GHASH - 8 blocks \n"
+ "RBIT v12.16b, v12.16b \n"
+ "RBIT v13.16b, v13.16b \n"
+ "RBIT v14.16b, v14.16b \n"
+ "RBIT v15.16b, v15.16b \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v12.16b, v12.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v3.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v3.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v2.1q, v20.1d, v24.1d \n"
+ "PMULL2 v3.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v3.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v2.1q, v19.1d, v25.1d \n"
+ "PMULL2 v3.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v3.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v2.1q, v18.1d, v26.1d \n"
+ "PMULL2 v3.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v3.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^5 \n"
+ "PMULL v2.1q, v15.1d, v4.1d \n"
+ "PMULL2 v3.1q, v15.2d, v4.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+ "PMULL v3.1q, v15.1d, v4.1d \n"
+ "PMULL2 v15.1q, v15.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^6 \n"
+ "PMULL v2.1q, v14.1d, v9.1d \n"
+ "PMULL2 v3.1q, v14.2d, v9.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+ "PMULL v3.1q, v14.1d, v9.1d \n"
+ "PMULL2 v14.1q, v14.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+ "EOR v14.16b, v14.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^7 \n"
+ "PMULL v2.1q, v13.1d, v10.1d \n"
+ "PMULL2 v3.1q, v13.2d, v10.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+ "PMULL v3.1q, v13.1d, v10.1d \n"
+ "PMULL2 v13.1q, v13.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+ "EOR v13.16b, v13.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^8 \n"
+ "PMULL v2.1q, v12.1d, v11.1d \n"
+ "PMULL2 v3.1q, v12.2d, v11.2d \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+ "EOR v0.16b, v0.16b, v3.16b \n"
+ "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+ "PMULL v3.1q, v12.1d, v11.1d \n"
+ "PMULL2 v12.1q, v12.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+ "EOR v12.16b, v12.16b, v3.16b \n"
+ "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+ "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v2.1q, v3.2d, v23.2d \n"
+ "MOV v17.D[1], v3.D[0] \n"
+ "EOR v17.16b, v17.16b, v2.16b \n"
+
+ "80: \n"
+ "LD1 {v22.2d}, [%[ctr]] \n"
+ "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+ "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+ "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+ "LD1 {v14.2d-v15.2d}, [%[Key]] \n"
+ "# Can we do 4 blocks at a time? \n"
+ "CMP w11, #64 \n"
+ "BLT 10f \n"
+
+ "# First decrypt - no GHASH \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "REV w15, w15 \n"
+ "REV w14, w14 \n"
+ "REV w13, w13 \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v12.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+ "AESE v27.16b, v13.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v13.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v13.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v13.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v14.16b \n"
+ "EOR v27.16b, v27.16b, v15.16b \n"
+ "AESE v28.16b, v14.16b \n"
+ "EOR v28.16b, v28.16b, v15.16b \n"
+ "AESE v29.16b, v14.16b \n"
+ "EOR v29.16b, v29.16b, v15.16b \n"
+ "AESE v30.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+
+ "# XOR in input \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BLT 12f \n"
+
+ "11: \n"
+ "# Calculate next 4 counters (+1-4) \n"
+ "ADD w15, w12, #1 \n"
+ "MOV v27.16b, v22.16b \n"
+ "ADD w14, w12, #2 \n"
+ "MOV v28.16b, v22.16b \n"
+ "ADD w13, w12, #3 \n"
+ "MOV v29.16b, v22.16b \n"
+ "ADD w12, w12, #4 \n"
+ "MOV v30.16b, v22.16b \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "REV w15, w15 \n"
+ "RBIT v19.16b, v19.16b \n"
+ "REV w14, w14 \n"
+ "RBIT v20.16b, v20.16b \n"
+ "REV w13, w13 \n"
+ "RBIT v21.16b, v21.16b \n"
+ "REV w16, w12 \n"
+ "MOV v27.S[3], w15 \n"
+ "MOV v28.S[3], w14 \n"
+ "MOV v29.S[3], w13 \n"
+ "MOV v30.S[3], w16 \n"
+
+ "# Encrypt 4 counters \n"
+ "AESE v27.16b, v1.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "AESE v28.16b, v1.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "AESE v29.16b, v1.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "AESE v30.16b, v1.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "AESE v27.16b, v2.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "AESE v28.16b, v2.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "AESE v29.16b, v2.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v30.16b, v2.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "AESE v27.16b, v3.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+ "AESE v28.16b, v3.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v29.16b, v3.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "AESE v30.16b, v3.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v27.16b, v4.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "AESE v28.16b, v4.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+ "AESE v29.16b, v4.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v4.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "AESE v27.16b, v5.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "AESE v28.16b, v5.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "AESE v29.16b, v5.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+ "AESE v30.16b, v5.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "SUB w11, w11, #64 \n"
+ "AESE v27.16b, v6.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "AESE v28.16b, v6.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+ "AESE v29.16b, v6.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v30.16b, v6.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "AESE v27.16b, v7.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "AESE v28.16b, v7.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "AESE v29.16b, v7.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v7.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v8.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v8.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v8.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v8.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v9.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v9.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v9.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v9.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v10.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v10.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v10.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v10.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v11.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v11.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v11.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v11.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "# Load plaintext \n"
+ "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+ "AESE v27.16b, v12.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v12.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v12.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v12.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+ "AESE v27.16b, v13.16b \n"
+ "AESMC v27.16b, v27.16b \n"
+ "AESE v28.16b, v13.16b \n"
+ "AESMC v28.16b, v28.16b \n"
+ "AESE v29.16b, v13.16b \n"
+ "AESMC v29.16b, v29.16b \n"
+ "AESE v30.16b, v13.16b \n"
+ "AESMC v30.16b, v30.16b \n"
+ "AESE v27.16b, v14.16b \n"
+ "EOR v27.16b, v27.16b, v15.16b \n"
+ "AESE v28.16b, v14.16b \n"
+ "EOR v28.16b, v28.16b, v15.16b \n"
+ "AESE v29.16b, v14.16b \n"
+ "EOR v29.16b, v29.16b, v15.16b \n"
+ "AESE v30.16b, v14.16b \n"
+ "EOR v30.16b, v30.16b, v15.16b \n"
+
+ "# XOR in input \n"
+ "EOR v27.16b, v27.16b, v18.16b \n"
+ "EOR v28.16b, v28.16b, v19.16b \n"
+ "EOR v29.16b, v29.16b, v20.16b \n"
+ "EOR v30.16b, v30.16b, v21.16b \n"
+ "# Store cipher text \n"
+ "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+ "CMP w11, #64 \n"
+ "BGE 11b \n"
+
+ "12: \n"
+ "# GHASH - 4 blocks \n"
+ "RBIT v18.16b, v18.16b \n"
+ "RBIT v19.16b, v19.16b \n"
+ "RBIT v20.16b, v20.16b \n"
+ "RBIT v21.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v17.16b \n"
+ "# x[0-2] = C * H^1 \n"
+ "PMULL v17.1q, v21.1d, v16.1d \n"
+ "PMULL2 v0.1q, v21.2d, v16.2d \n"
+ "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+ "PMULL v31.1q, v21.1d, v16.1d \n"
+ "PMULL2 v15.1q, v21.2d, v16.2d \n"
+ "EOR v31.16b, v31.16b, v15.16b \n"
+ "# x[0-2] += C * H^2 \n"
+ "PMULL v14.1q, v20.1d, v24.1d \n"
+ "PMULL2 v15.1q, v20.2d, v24.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+ "PMULL v15.1q, v20.1d, v24.1d \n"
+ "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+ "EOR v20.16b, v20.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^3 \n"
+ "PMULL v14.1q, v19.1d, v25.1d \n"
+ "PMULL2 v15.1q, v19.2d, v25.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+ "PMULL v15.1q, v19.1d, v25.1d \n"
+ "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+ "EOR v19.16b, v19.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# x[0-2] += C * H^4 \n"
+ "PMULL v14.1q, v18.1d, v26.1d \n"
+ "PMULL2 v15.1q, v18.2d, v26.2d \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n"
+ "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+ "PMULL v15.1q, v18.1d, v26.1d \n"
+ "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "# Reduce X = x[0-2] \n"
+ "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+ "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+ "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+ "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+ "PMULL2 v14.1q, v15.2d, v23.2d \n"
+ "MOV v17.D[1], v15.D[0] \n"
+ "EOR v17.16b, v17.16b, v14.16b \n"
+ "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+
+ "10: \n"
+ "CBZ w11, 30f \n"
+ "CMP w11, #16 \n"
+ "BLT 20f \n"
+ "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+ "# Decrypt first block for GHASH \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "LD1 {v28.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n \n"
+ "EOR v0.16b, v0.16b, v28.16b \n \n"
+ "ST1 {v0.2d}, [%[out]], #16 \n"
+
+ "# When only one full block to decrypt go straight to GHASH \n"
+ "CMP w11, 16 \n"
+ "BLT 1f \n"
+
+ "# Interweave GHASH and decrypt if more then 1 block \n"
+ "2: \n"
+ "RBIT v28.16b, v28.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "SUB w11, w11, #16 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "LD1 {v28.2d}, [%[input]], #16 \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n \n"
+ "EOR v0.16b, v0.16b, v28.16b \n \n"
+ "ST1 {v0.2d}, [%[out]], #16 \n"
+ "CMP w11, #16 \n"
+ "BGE 2b \n"
+
+ "# GHASH on last block \n"
+ "1: \n"
+ "RBIT v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+
+ "20: \n"
+ "CBZ w11, 30f \n"
+ "EOR v31.16b, v31.16b, v31.16b \n"
+ "MOV x15, x11 \n"
+ "ST1 {v31.2d}, [%[scratch]] \n"
+ "23: \n"
+ "LDRB w14, [%[input]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 23b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+ "LD1 {v31.2d}, [%[scratch]] \n"
+ "RBIT v31.16b, v31.16b \n"
+ "ADD w12, w12, #1 \n"
+ "MOV v0.16b, v22.16b \n"
+ "REV w13, w12 \n"
+ "MOV v0.S[3], w13 \n"
+ "EOR v17.16b, v17.16b, v31.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "RBIT v31.16b, v31.16b \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n \n"
+ "EOR v0.16b, v0.16b, v31.16b \n \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV x15, x11 \n"
+ "24: \n"
+ "LDRB w14, [%[scratch]], #1 \n"
+ "STRB w14, [%[out]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 24b \n"
+ "SUB %[scratch], %[scratch], x11 \n"
+
+ "30: \n"
+ "# store current counter value at the end \n"
+ "REV w13, w12 \n"
+ "MOV v22.S[3], w13 \n"
+ "LD1 {v0.16b}, [%[ctr]] \n"
+ "ST1 {v22.16b}, [%[ctr]] \n"
+
+ "LSL %x[aSz], %x[aSz], #3 \n"
+ "LSL %x[sz], %x[sz], #3 \n"
+ "MOV v28.d[0], %x[aSz] \n"
+ "MOV v28.d[1], %x[sz] \n"
+ "REV64 v28.16b, v28.16b \n"
+ "RBIT v28.16b, v28.16b \n"
+ "EOR v17.16b, v17.16b, v28.16b \n"
+ "PMULL v18.1q, v17.1d, v16.1d \n"
+ "PMULL2 v19.1q, v17.2d, v16.2d \n"
+ "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+ "AESE v0.16b, v1.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL v21.1q, v17.1d, v20.1d \n"
+ "PMULL2 v20.1q, v17.2d, v20.2d \n"
+ "AESE v0.16b, v2.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v20.16b, v20.16b, v21.16b \n"
+ "AESE v0.16b, v3.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+ "AESE v0.16b, v4.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v5.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "# Reduce \n"
+ "PMULL2 v20.1q, v19.2d, v23.2d \n"
+ "AESE v0.16b, v6.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v21.16b, v21.16b, v20.16b \n"
+ "AESE v0.16b, v7.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "PMULL2 v20.1q, v21.2d, v23.2d \n"
+ "AESE v0.16b, v8.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "MOV v18.D[1], v21.D[0] \n"
+ "AESE v0.16b, v9.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "EOR v17.16b, v18.16b, v20.16b \n"
+ "AESE v0.16b, v10.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v11.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v12.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v13.16b \n"
+ "AESMC v0.16b, v0.16b \n"
+ "AESE v0.16b, v14.16b \n"
+ "EOR v0.16b, v0.16b, v15.16b \n \n"
+ "RBIT v17.16b, v17.16b \n"
+ "EOR v0.16b, v0.16b, v17.16b \n \n"
+ "CMP %w[tagSz], #16 \n"
+ "BNE 40f \n"
+ "LD1 {v1.2d}, [%[tag]] \n"
+ "B 41f \n"
+ "40: \n"
+ "EOR v1.16b, v1.16b, v1.16b \n"
+ "MOV x15, %x[tagSz] \n"
+ "ST1 {v1.2d}, [%[scratch]] \n"
+ "43: \n"
+ "LDRB w14, [%[tag]], #1 \n"
+ "STRB w14, [%[scratch]], #1 \n"
+ "SUB x15, x15, #1 \n"
+ "CBNZ x15, 43b \n"
+ "SUB %[scratch], %[scratch], %x[tagSz] \n"
+ "LD1 {v1.2d}, [%[scratch]] \n"
+ "ST1 {v0.2d}, [%[scratch]] \n"
+ "MOV w14, #16 \n"
+ "SUB w14, w14, %w[tagSz] \n"
+ "ADD %[scratch], %[scratch], %x[tagSz] \n"
+ "44: \n"
+ "STRB wzr, [%[scratch]], #1 \n"
+ "SUB w14, w14, #1 \n"
+ "CBNZ w14, 44b \n"
+ "SUB %[scratch], %[scratch], #16 \n"
+ "LD1 {v0.2d}, [%[scratch]] \n"
+ "41: \n"
+ "EOR v0.16b, v0.16b, v1.16b \n"
+ "MOV v1.D[0], v0.D[1] \n"
+ "EOR v0.8b, v0.8b, v1.8b \n"
+ "MOV %x[ret], v0.D[0] \n"
+ "CMP %x[ret], #0 \n"
+ "MOV w11, #-180 \n"
+ "CSETM %w[ret], ne \n"
+ "AND %w[ret], %w[ret], w11 \n"
+
+ : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+ [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn),
+ [ret] "+r" (ret)
+ : [ctr] "r" (ctr), [scratch] "r" (scratch),
+ [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+ : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+ "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+ );
+
+ return ret;
+}
+#endif /* WOLFSSL_AES_256 */
/*
* Check tag and decrypt data using AES with GCM mode.
* aes: Aes structure having already been set with set key function
@@ -2640,295 +12558,44 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
* authIn: additional data buffer
* authInSz: size of additional data buffer
*/
-int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- const byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz)
+int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+ const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz)
{
- word32 blocks = sz / AES_BLOCK_SIZE;
- word32 partial = sz % AES_BLOCK_SIZE;
- const byte* c = in;
- byte* p = out;
- byte counter[AES_BLOCK_SIZE];
- byte initialCounter[AES_BLOCK_SIZE];
- byte *ctr ;
- byte scratch[AES_BLOCK_SIZE];
-
- ctr = counter ;
-
/* sanity checks */
- if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
- authTag == NULL || authTagSz > AES_BLOCK_SIZE || authTagSz == 0 ||
- ivSz == 0) {
+ if ((aes == NULL) || (iv == NULL) || (authTag == NULL) ||
+ (authTagSz > AES_BLOCK_SIZE) || (authTagSz == 0) || (ivSz == 0) ||
+ ((sz != 0) && ((in == NULL) || (out == NULL)))) {
WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
return BAD_FUNC_ARG;
}
- XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
- if (ivSz == GCM_NONCE_MID_SZ) {
- XMEMCPY(initialCounter, iv, ivSz);
- initialCounter[AES_BLOCK_SIZE - 1] = 1;
- }
- else {
- GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
- GMULT(initialCounter, aes->H);
- }
- XMEMCPY(ctr, initialCounter, AES_BLOCK_SIZE);
-
- /* Calculate the authTag again using the received auth data and the
- * cipher text. */
- {
- byte Tprime[AES_BLOCK_SIZE];
- byte EKY0[AES_BLOCK_SIZE];
-
- GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
- GMULT(Tprime, aes->H);
- wc_AesEncrypt(aes, ctr, EKY0);
- xorbuf(Tprime, EKY0, sizeof(Tprime));
-
- if (ConstantCompare(authTag, Tprime, authTagSz) != 0) {
- return AES_GCM_AUTH_E;
- }
- }
-
- /* do as many blocks as possible */
- if (blocks > 0) {
- /* pointer needed because it is incremented when read, causing
- * an issue with call to encrypt/decrypt leftovers */
- byte* keyPt = (byte*)aes->key;
- switch(aes->rounds) {
+ switch (aes->rounds) {
#ifdef WOLFSSL_AES_128
- case 10: /* AES 128 BLOCK */
- __asm__ __volatile__ (
- "MOV w11, %w[blocks] \n"
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-
- "#Create vector with the value 1 \n"
- "MOVI v14.16b, #1 \n"
- "USHR v14.2d, v14.2d, #56 \n"
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "EOR v13.16b, v13.16b, v13.16b \n"
- "EXT v14.16b, v14.16b, v13.16b, #8 \n"
-
- "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
- "LD1 {v12.2d}, [%[ctr]] \n"
- "LD1 {v13.2d}, [%[input]], #16 \n"
-
- "1: \n"
- "REV64 v12.16b, v12.16b \n" /* network order */
- "EXT v12.16b, v12.16b, v12.16b, #8 \n"
- "ADD v12.4s, v12.4s, v14.4s \n" /* add 1 to counter */
- "EXT v12.16b, v12.16b, v12.16b, #8 \n"
- "REV64 v12.16b, v12.16b \n" /* revert from network order */
- "MOV v0.16b, v12.16b \n"
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "SUB w11, w11, #1 \n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "EOR v0.16b, v0.16b, v11.16b \n"
-
- "EOR v0.16b, v0.16b, v13.16b \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
-
- "CBZ w11, 2f \n"
- "LD1 {v13.2d}, [%[input]], #16 \n"
- "B 1b \n"
-
- "2: \n"
- "#store current counter value at the end \n"
- "ST1 {v12.16b}, [%[ctrOut]] \n"
-
- :[out] "=r" (p), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (c)
- :"0" (p), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
- [input] "3" (c)
- : "cc", "memory", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
- );
- break;
+ case 10:
+ return Aes128GcmDecrypt(aes, out, in, sz, iv, ivSz,
+ authTag, authTagSz, authIn, authInSz);
#endif
#ifdef WOLFSSL_AES_192
- case 12: /* AES 192 BLOCK */
- __asm__ __volatile__ (
- "MOV w11, %w[blocks] \n"
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-
- "#Create vector with the value 1 \n"
- "MOVI v16.16b, #1 \n"
- "USHR v16.2d, v16.2d, #56 \n"
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "EOR v14.16b, v14.16b, v14.16b \n"
- "EXT v16.16b, v16.16b, v14.16b, #8 \n"
-
- "LD1 {v9.2d-v12.2d}, [%[Key]], #64 \n"
- "LD1 {v13.2d}, [%[Key]], #16 \n"
- "LD1 {v14.2d}, [%[ctr]] \n"
- "LD1 {v15.2d}, [%[input]], #16 \n"
-
- "1: \n"
- "REV64 v14.16b, v14.16b \n" /* network order */
- "EXT v14.16b, v14.16b, v14.16b, #8 \n"
- "ADD v14.4s, v14.4s, v16.4s \n" /* add 1 to counter */
- "EXT v14.16b, v14.16b, v14.16b, #8 \n"
- "REV64 v14.16b, v14.16b \n" /* revert from network order */
- "MOV v0.16b, v14.16b \n"
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "SUB w11, w11, #1 \n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v12.16b \n"
- "EOR v0.16b, v0.16b, v13.16b \n"
-
- "EOR v0.16b, v0.16b, v15.16b \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
-
- "CBZ w11, 2f \n"
- "LD1 {v15.2d}, [%[input]], #16 \n"
- "B 1b \n"
-
- "2: \n"
- "#store current counter value at the end \n"
- "ST1 {v14.2d}, [%[ctrOut]] \n"
-
- :[out] "=r" (p), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (c)
- :"0" (p), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
- [input] "3" (c)
- : "cc", "memory", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
- "v16"
- );
- break;
-#endif /* WOLFSSL_AES_192 */
+ case 12:
+ return Aes192GcmDecrypt(aes, out, in, sz, iv, ivSz,
+ authTag, authTagSz, authIn, authInSz);
+#endif
#ifdef WOLFSSL_AES_256
- case 14: /* AES 256 BLOCK */
- __asm__ __volatile__ (
- "MOV w11, %w[blocks] \n"
- "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-
- "#Create vector with the value 1 \n"
- "MOVI v18.16b, #1 \n"
- "USHR v18.2d, v18.2d, #56 \n"
- "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
- "EOR v19.16b, v19.16b, v19.16b \n"
- "EXT v18.16b, v18.16b, v19.16b, #8 \n"
-
- "LD1 {v9.2d-v12.2d}, [%[Key]], #64 \n"
- "LD1 {v13.2d-v15.2d}, [%[Key]], #48 \n"
- "LD1 {v17.2d}, [%[ctr]] \n"
- "LD1 {v16.2d}, [%[input]], #16 \n"
-
- "1: \n"
- "REV64 v17.16b, v17.16b \n" /* network order */
- "EXT v17.16b, v17.16b, v17.16b, #8 \n"
- "ADD v17.4s, v17.4s, v18.4s \n" /* add 1 to counter */
- "EXT v17.16b, v17.16b, v17.16b, #8 \n"
- "REV64 v17.16b, v17.16b \n" /* revert from network order */
- "MOV v0.16b, v17.16b \n"
- "AESE v0.16b, v1.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v2.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v3.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v4.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "SUB w11, w11, #1 \n"
- "AESE v0.16b, v5.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v6.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v7.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v8.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v9.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v10.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v11.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v12.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v13.16b \n"
- "AESMC v0.16b, v0.16b \n"
- "AESE v0.16b, v14.16b \n"
- "EOR v0.16b, v0.16b, v15.16b \n"
-
- "EOR v0.16b, v0.16b, v16.16b \n"
- "ST1 {v0.2d}, [%[out]], #16 \n"
-
- "CBZ w11, 2f \n"
- "LD1 {v16.2d}, [%[input]], #16 \n"
- "B 1b \n"
-
- "2: \n"
- "#store current counter value at the end \n"
- "ST1 {v17.2d}, [%[ctrOut]] \n"
-
- :[out] "=r" (p), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (c)
- :"0" (p), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
- [input] "3" (c)
- : "cc", "memory", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
- "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
- "v16", "v17", "v18", "v19"
- );
- break;
-#endif /* WOLFSSL_AES_256 */
+ case 14:
+ return Aes256GcmDecrypt(aes, out, in, sz, iv, ivSz,
+ authTag, authTagSz, authIn, authInSz);
+#endif
default:
- WOLFSSL_MSG("Bad AES-GCM round value");
+ WOLFSSL_MSG("AES-GCM invalid round number");
return BAD_FUNC_ARG;
- }
- }
- if (partial != 0) {
- IncrementGcmCounter(ctr);
- wc_AesEncrypt(aes, ctr, scratch);
-
- /* check if pointer is null after main AES-GCM blocks
- * helps static analysis */
- if (p == NULL || c == NULL) {
- return BAD_STATE_E;
- }
- xorbuf(scratch, c, partial);
- XMEMCPY(p, scratch, partial);
}
- return 0;
}
#endif /* HAVE_AES_DECRYPT */
+
+/* END script replace AES-GCM Aarch64 with hardware crypto. */
+
#endif /* HAVE_AESGCM */
@@ -4207,6 +13874,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
return 0;
}
+int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir)
+{
+ (void)dir;
+ return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+}
+
#endif /* WOLFSSL_AES_COUNTER */
#ifdef HAVE_AESGCM
@@ -4215,7 +13889,7 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
* on ARMv8". Shifting left to account for bit reflection is based on
* "Carry-Less Multiplication and Its Usage for Computing the GCM mode"
*/
-static void GMULT(byte* X, byte* Y)
+void GMULT(byte* X, byte* Y)
{
__asm__ __volatile__ (
"VLD1.32 {q0}, [%[x]] \n"
@@ -4274,13 +13948,13 @@ static void GMULT(byte* X, byte* Y)
}
-void GHASH(Aes* aes, const byte* a, word32 aSz,
- const byte* c, word32 cSz, byte* s, word32 sSz)
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
+ byte* s, word32 sSz)
{
byte x[AES_BLOCK_SIZE];
byte scratch[AES_BLOCK_SIZE];
word32 blocks, partial;
- byte* h = aes->H;
+ byte* h = gcm->H;
XMEMSET(x, 0, AES_BLOCK_SIZE);
@@ -4377,7 +14051,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
initialCounter[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
}
XMEMCPY(ctr, initialCounter, AES_BLOCK_SIZE);
@@ -4398,7 +14072,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
}
- GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+ GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
wc_AesEncrypt(aes, initialCounter, scratch);
if (authTagSz > AES_BLOCK_SIZE) {
xorbuf(authTag, scratch, AES_BLOCK_SIZE);
@@ -4454,7 +14128,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
initialCounter[AES_BLOCK_SIZE - 1] = 1;
}
else {
- GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
}
XMEMCPY(ctr, initialCounter, AES_BLOCK_SIZE);
@@ -4464,7 +14138,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
byte Tprime[AES_BLOCK_SIZE];
byte EKY0[AES_BLOCK_SIZE];
- GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
+ GHASH(&aes->gcm, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
wc_AesEncrypt(aes, ctr, EKY0);
xorbuf(Tprime, EKY0, sizeof(Tprime));
@@ -4523,7 +14197,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
#define GHASH_ONE_BLOCK(aes, block) \
do { \
xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE); \
- GMULT(AES_TAG(aes), aes->H); \
+ GMULT(AES_TAG(aes), aes->gcm.H); \
} \
while (0)
@@ -4638,7 +14312,7 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
sz = cSz;
}
XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
- /* Update count of unsed encrypted counter. */
+ /* Update count of unused encrypted counter. */
aes->cOver += sz;
if (aes->cOver == AES_BLOCK_SIZE) {
/* We have filled up the block and can process. */
@@ -4682,7 +14356,7 @@ static void GHASH_FINAL(Aes* aes, byte* s, word32 sSz)
if (aes->cOver > 0) {
/* Cipher text block incomplete. */
- over = aes->cOver;
+ over = aes->cOver;
}
if (over > 0) {
/* Zeroize the unused part of the block. */
@@ -4716,13 +14390,13 @@ static void AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz)
else {
/* Counter is GHASH of IV. */
#ifdef OPENSSL_EXTRA
- word32 aadTemp = aes->aadLen;
- aes->aadLen = 0;
+ word32 aadTemp = aes->gcm.aadLen;
+ aes->gcm.aadLen = 0;
#endif
- GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
- GMULT(counter, aes->H);
+ GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+ GMULT(counter, aes->gcm.H);
#ifdef OPENSSL_EXTRA
- aes->aadLen = aadTemp;
+ aes->gcm.aadLen = aadTemp;
#endif
}
@@ -4811,7 +14485,7 @@ static void AesGcmFinal_C(Aes* aes, byte* authTag, word32 authTagSz)
xorbuf(authTag, AES_INITCTR(aes), authTagSz);
#ifdef OPENSSL_EXTRA
/* store AAD size for next call */
- aes->aadLen = aes->aSz;
+ aes->gcm.aadLen = aes->aSz;
#endif
/* Zeroize last block to protect sensitive data. */
ForceZero(AES_LASTBLOCK(aes), AES_BLOCK_SIZE);
@@ -4838,8 +14512,7 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
/* Check validity of parameters. */
if ((aes == NULL) || ((len > 0) && (key == NULL)) ||
- ((ivSz == 0) && (iv != NULL)) ||
- ((ivSz > 0) && (iv == NULL))) {
+ ((ivSz == 0) && (iv != NULL)) || ((ivSz > 0) && (iv == NULL))) {
ret = BAD_FUNC_ARG;
}
@@ -4860,14 +14533,14 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
}
if (ret == 0) {
- /* Setup with IV if needed. */
- if (iv != NULL) {
- /* Cache the IV in AES GCM object. */
- XMEMCPY((byte*)aes->reg, iv, ivSz);
+ /* Set the IV passed in if it is smaller than a block. */
+ if ((iv != NULL) && (ivSz <= AES_BLOCK_SIZE)) {
+ XMEMMOVE((byte*)aes->reg, iv, ivSz);
aes->nonceSz = ivSz;
}
- else if (aes->nonceSz != 0) {
- /* Copy out the cached copy. */
+ /* No IV passed in, check for cached IV. */
+ if ((iv == NULL) && (aes->nonceSz != 0)) {
+ /* Use the cached copy. */
iv = (byte*)aes->reg;
ivSz = aes->nonceSz;
}
@@ -4972,7 +14645,7 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
if (ret == 0) {
/* Encrypt the plaintext. */
AesGcmCryptUpdate_C(aes, out, in, sz);
- /* Update the authenication tag with any authentication data and the
+ /* Update the authentication tag with any authentication data and the
* new cipher text. */
GHASH_UPDATE(aes, authIn, authInSz, out, sz);
}
@@ -5081,7 +14754,7 @@ int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
if (ret == 0) {
/* Decrypt with AAD and/or cipher text. */
- /* Update the authenication tag with any authentication data and
+ /* Update the authentication tag with any authentication data and
* cipher text. */
GHASH_UPDATE(aes, authIn, authInSz, in, sz);
/* Decrypt the cipher text. */
@@ -5401,10 +15074,10 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
aes->gcmKeySet = 1;
#endif
- wc_AesEncrypt(aes, iv, aes->H);
+ wc_AesEncrypt(aes, iv, aes->gcm.H);
#if defined(__aarch64__)
{
- word32* pt = (word32*)aes->H;
+ word32* pt = (word32*)aes->gcm.H;
__asm__ volatile (
"LD1 {v0.16b}, [%[h]] \n"
"RBIT v0.16b, v0.16b \n"
@@ -5416,7 +15089,7 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
}
#else
{
- word32* pt = (word32*)aes->H;
+ word32* pt = (word32*)aes->gcm.H;
__asm__ volatile (
"VLD1.32 {q0}, [%[h]] \n"
"VREV64.8 q0, q0 \n"
@@ -5459,10 +15132,1346 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
#endif /* HAVE_AES_DECRYPT */
#endif /* WOLFSSL_AES_DIRECT */
+#ifdef WOLFSSL_AES_XTS
+
+#ifdef __aarch64__
+
+#define AES_ENCRYPT_UPDATE_TWEAK(label) \
+ "AESE v0.16b, v1.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AND x11, x19, x10, ASR #63\n" \
+ "AESE v0.16b, v2.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v3.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "EXTR x10, x10, x9, #63 \n" \
+ "AESE v0.16b, v4.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "AESE v0.16b, v5.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "EOR x9, x11, x9, LSL #1 \n" \
+ "AESE v0.16b, v6.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v7.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v8.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "AESE v0.16b, v9.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESE v0.16b, v10.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v11.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESE v0.16b, v12.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v13.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ #label ": \n" \
+ "AESE v0.16b, v14.16b \n" \
+ "EOR v0.16b, v0.16b, v15.16b \n"
+
+#define AES_ENCRYPT(label) \
+ "AESE v0.16b, v1.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v2.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v3.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v4.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "AESE v0.16b, v5.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v6.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v7.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v8.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "AESE v0.16b, v9.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESE v0.16b, v10.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v11.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESE v0.16b, v12.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ "AESE v0.16b, v13.16b \n" \
+ "AESMC v0.16b, v0.16b \n" \
+ \
+ #label ": \n" \
+ "AESE v0.16b, v14.16b \n" \
+ "EOR v0.16b, v0.16b, v15.16b \n"
+
+#define AES_DECRYPT_UPDATE_TWEAK(label) \
+ "AESD v0.16b, v1.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AND x11, x19, x10, ASR #63\n" \
+ "AESD v0.16b, v2.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v3.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "EXTR x10, x10, x9, #63 \n" \
+ "AESD v0.16b, v4.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "AESD v0.16b, v5.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "EOR x9, x11, x9, LSL #1 \n" \
+ "AESD v0.16b, v6.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v7.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v8.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "AESD v0.16b, v9.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESD v0.16b, v10.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v11.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESD v0.16b, v12.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v13.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ #label ": \n" \
+ "AESD v0.16b, v14.16b \n" \
+ "EOR v0.16b, v0.16b, v15.16b \n"
+
+#define AES_DECRYPT(label) \
+ "AESD v0.16b, v1.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v2.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v3.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v4.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "AESD v0.16b, v5.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v6.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v7.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v8.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "AESD v0.16b, v9.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESD v0.16b, v10.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v11.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ "SUBS WZR, %w[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESD v0.16b, v12.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ "AESD v0.16b, v13.16b \n" \
+ "AESIMC v0.16b, v0.16b \n" \
+ \
+ #label ": \n" \
+ "AESD v0.16b, v14.16b \n" \
+ "EOR v0.16b, v0.16b, v15.16b \n"
+
+/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
+ *
+ * xaes AES keys to use for block encrypt/decrypt
+ * out output buffer to hold cipher text
+ * in input plain text buffer to encrypt
+ * sz size of both out and in buffers
+ * i value to use for tweak
+ * iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ * adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+ const byte* i, word32 iSz)
+{
+ int ret = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ byte tmp[AES_BLOCK_SIZE];
+
+ if (xaes == NULL || out == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (iSz < AES_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (blocks == 0) {
+ WOLFSSL_MSG("Plain text input too small for encryption");
+ return BAD_FUNC_ARG;
+ }
+
+ __asm__ __volatile__ (
+ "MOV x19, 0x87 \n"
+
+ "# Load tweak calculation key\n"
+ "LD1 {v0.16b}, [%[i]] \n"
+ "MOV x10, %[key2] \n"
+ "LD1 {v1.2d-v4.2d}, [x10], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [x10], #64 \n"
+ "LD1 {v9.2d-v12.2d}, [x10], #64 \n"
+ "LD1 {v13.2d-v15.2d}, [x10] \n"
+
+ "# Put last 2 blocks of keys based on rounds into v14, v15\n"
+ "SUBS WZR, %w[rounds], #14 \n"
+ "BEQ 40f \n"
+ "SUBS WZR, %w[rounds], #12 \n"
+ "MOV v14.16b, v12.16b \n"
+ "MOV v15.16b, v13.16b \n"
+ "BEQ 40f \n"
+ "MOV v14.16b, v10.16b \n"
+ "MOV v15.16b, v11.16b \n"
+ "40: \n"
+
+ AES_ENCRYPT(10)
+
+ "MOV x9, v0.d[0] \n"
+ "MOV x10, v0.d[1] \n"
+ "MOV v20.16b, v0.16b \n"
+
+ "# Load encryption key\n"
+ "MOV x11, %[key] \n"
+ "LD1 {v1.2d-v4.2d}, [x11], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [x11], #64 \n"
+ "LD1 {v9.2d-v12.2d}, [x11], #64 \n"
+ "LD1 {v13.2d-v15.2d}, [x11] \n"
+
+ "# Put last 2 blocks of keys based on rounds into v14, v15\n"
+ "SUBS WZR, %w[rounds], #14 \n"
+ "BEQ 41f \n"
+ "SUBS WZR, %w[rounds], #10 \n"
+ "MOV v14.16b, v10.16b \n"
+ "MOV v15.16b, v11.16b \n"
+ "BEQ 41f \n"
+ "MOV v14.16b, v12.16b \n"
+ "MOV v15.16b, v13.16b \n"
+ "41: \n"
+
+ "SUBS WZR, %w[blocks], #4 \n"
+ "BLT 1f \n"
+
+ "AND %w[sz], %w[sz], 0x3f \n"
+
+ "AND x17, x19, x10, ASR #63\n"
+ "EXTR x12, x10, x9, #63 \n"
+ "EOR x11, x17, x9, LSL #1 \n"
+
+ "AND x17, x19, x12, ASR #63\n"
+ "EXTR x14, x12, x11, #63 \n"
+ "EOR x13, x17, x11, LSL #1 \n"
+
+ "AND x17, x19, x14, ASR #63\n"
+ "EXTR x16, x14, x13, #63 \n"
+ "EOR x15, x17, x13, LSL #1 \n"
+
+ "SUB %w[blocks], %w[blocks], #4 \n"
+
+ "#Four blocks at a time\n"
+ "20:\n"
+
+ "LD1 {v16.16b-v19.16b}, [%[in]], #64 \n"
+
+ "MOV v21.d[0], x11 \n"
+ "MOV v21.d[1], x12 \n"
+ "MOV v22.d[0], x13 \n"
+ "MOV v22.d[1], x14 \n"
+ "MOV v23.d[0], x15 \n"
+ "MOV v23.d[1], x16 \n"
+
+ "EOR v16.16b, v16.16b, v20.16b \n"
+ "EOR v17.16b, v17.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v22.16b \n"
+ "EOR v19.16b, v19.16b, v23.16b \n"
+
+ "AESE v16.16b, v1.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AND x17, x19, x16, ASR #63\n"
+ "AESE v17.16b, v1.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v1.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "EXTR x10, x16, x15, #63 \n"
+ "AESE v19.16b, v1.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v2.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "EOR x9, x17, x15, LSL #1 \n"
+ "AESE v17.16b, v2.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v2.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AND x17, x19, x10, ASR #63\n"
+ "AESE v19.16b, v2.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v3.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "EXTR x12, x10, x9, #63 \n"
+ "AESE v17.16b, v3.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v3.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "EOR x11, x17, x9, LSL #1 \n"
+ "AESE v19.16b, v3.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v4.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AND x17, x19, x12, ASR #63\n"
+ "AESE v17.16b, v4.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v4.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "EXTR x14, x12, x11, #63 \n"
+ "AESE v19.16b, v4.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+
+ "AESE v16.16b, v5.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "EOR x13, x17, x11, LSL #1 \n"
+ "AESE v17.16b, v5.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v5.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AND x17, x19, x14, ASR #63\n"
+ "AESE v19.16b, v5.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v6.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "EXTR x16, x14, x13, #63 \n"
+ "AESE v17.16b, v6.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v6.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "EOR x15, x17, x13, LSL #1 \n"
+ "AESE v19.16b, v6.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v7.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v7.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v7.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v7.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v8.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v8.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v8.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v8.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+
+ "AESE v16.16b, v9.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v9.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v9.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v9.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+
+ "SUBS WZR, %w[rounds], #10 \n"
+ "BEQ 21f \n"
+ "AESE v16.16b, v10.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v10.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v10.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v10.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v11.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v11.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v11.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v11.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+
+ "SUBS WZR, %w[rounds], #12 \n"
+ "BEQ 21f \n"
+ "AESE v16.16b, v12.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v12.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v12.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v12.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+ "AESE v16.16b, v13.16b \n"
+ "AESMC v16.16b, v16.16b \n"
+ "AESE v17.16b, v13.16b \n"
+ "AESMC v17.16b, v17.16b \n"
+ "AESE v18.16b, v13.16b \n"
+ "AESMC v18.16b, v18.16b \n"
+ "AESE v19.16b, v13.16b \n"
+ "AESMC v19.16b, v19.16b \n"
+
+ "21: \n"
+ "AESE v16.16b, v14.16b \n"
+ "EOR v16.16b, v16.16b, v15.16b \n"
+ "AESE v17.16b, v14.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "AESE v18.16b, v14.16b \n"
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "AESE v19.16b, v14.16b \n"
+ "EOR v19.16b, v19.16b, v15.16b \n"
+
+ "EOR v16.16b, v16.16b, v20.16b \n"
+ "EOR v17.16b, v17.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v22.16b \n"
+ "EOR v19.16b, v19.16b, v23.16b \n"
+ "MOV v20.d[0], x9 \n"
+ "MOV v20.d[1], x10 \n"
+
+ "ST1 {v16.16b-v19.16b}, [%[out]], #64 \n"
+
+ "SUBS %w[blocks], %w[blocks], #4 \n"
+ "BGE 20b \n"
+ "ADD %w[blocks], %w[blocks], #4 \n"
+
+ "CBZ %w[sz], 3f \n"
+
+ "CBZ %w[blocks], 30f \n"
+
+ "1: \n"
+ "LD1 {v0.16b}, [%[in]], #16 \n"
+
+ "MOV x9, v20.d[0] \n"
+ "MOV x10, v20.d[1] \n"
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ AES_ENCRYPT_UPDATE_TWEAK(2)
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ "ST1 {v0.16b}, [%[out]], #16 \n"
+
+ "MOV v20.d[0], x9 \n"
+ "MOV v20.d[1], x10 \n"
+
+ "SUBS %w[blocks], %w[blocks], #1 \n"
+ "SUB %w[sz], %w[sz], #16 \n"
+ "BGT 1b \n"
+
+ "CBZ %w[sz], 3f \n"
+
+ "30: \n"
+ "#Partial block \n"
+ "SUB %[out], %[out], #16 \n"
+ "LD1 {v0.16b}, [%[out]], #16 \n"
+ "ST1 {v0.16b}, [%[tmp]] \n"
+
+ "MOV w12, %w[sz] \n"
+ "4: \n"
+ "LDRB w13, [%[tmp]] \n"
+ "LDRB w14, [%[in]], #1 \n"
+ "STRB w13, [%[out]], #1 \n"
+ "STRB w14, [%[tmp]], #1 \n"
+ "SUBS w12, w12, #1 \n"
+ "BGT 4b \n"
+
+ "SUB %[out], %[out], %x[sz] \n"
+ "SUB %[tmp], %[tmp], %x[sz] \n"
+ "SUB %[out], %[out], #16 \n"
+
+ "LD1 {v0.16b}, [%[tmp]] \n"
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ AES_ENCRYPT(5)
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ "STR q0, [%[out]] \n"
+
+ "3: \n"
+
+ : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+ [sz] "+r" (sz)
+ : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+ [key2] "r" (xaes->tweak.key), [i] "r" (i),
+ [tmp] "r" (tmp)
+ : "cc", "memory",
+ "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16",
+ "x17", "x19",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23"
+ );
+
+ return ret;
+}
+
+/* Same process as encryption but Aes key is AES_DECRYPTION type.
+ *
+ * xaes AES keys to use for block encrypt/decrypt
+ * out output buffer to hold plain text
+ * in input cipher text buffer to decrypt
+ * sz size of both out and in buffers
+ * i value to use for tweak
+ * iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ * adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+ const byte* i, word32 iSz)
+{
+ int ret = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ byte tmp[AES_BLOCK_SIZE];
+ byte stl = (sz % AES_BLOCK_SIZE);
+
+ if (xaes == NULL || out == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (iSz < AES_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (blocks == 0) {
+ WOLFSSL_MSG("Plain text input too small for encryption");
+ return BAD_FUNC_ARG;
+ }
+
+ /* if Stealing then break out of loop one block early to handle special
+ * case */
+ blocks -= (stl > 0);
+
+ __asm__ __volatile__ (
+ "MOV x19, 0x87 \n"
+
+ "LD1 {v0.16b}, [%[i]] \n"
+ "MOV x10, %[key2] \n"
+ "LD1 {v1.2d-v4.2d}, [x10], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [x10], #64 \n"
+ "LD1 {v9.2d-v12.2d}, [x10], #64 \n"
+ "LD1 {v13.2d-v15.2d}, [x10] \n"
+
+ "SUBS WZR, %w[rounds], #14 \n"
+ "BEQ 40f \n"
+ "SUBS WZR, %w[rounds], #12 \n"
+ "MOV v14.16b, v12.16b \n"
+ "MOV v15.16b, v13.16b \n"
+ "BEQ 40f \n"
+ "MOV v14.16b, v10.16b \n"
+ "MOV v15.16b, v11.16b \n"
+ "40: \n"
+
+ AES_ENCRYPT(10)
+
+ "MOV x9, v0.d[0] \n"
+ "MOV x10, v0.d[1] \n"
+ "MOV v20.16b, v0.16b \n"
+
+ "MOV x11, %[key] \n"
+ "LD1 {v1.2d-v4.2d}, [x11], #64 \n"
+ "LD1 {v5.2d-v8.2d}, [x11], #64 \n"
+ "LD1 {v9.2d-v12.2d}, [x11], #64 \n"
+ "LD1 {v13.2d-v15.2d}, [x11] \n"
+
+ "SUBS WZR, %w[rounds], #14 \n"
+ "BEQ 41f \n"
+ "SUBS WZR, %w[rounds], #12 \n"
+ "MOV v14.16b, v12.16b \n"
+ "MOV v15.16b, v13.16b \n"
+ "BEQ 41f \n"
+ "MOV v14.16b, v10.16b \n"
+ "MOV v15.16b, v11.16b \n"
+ "41: \n"
+
+ "CBZ %w[blocks], 3f \n"
+
+ "SUBS WZR, %w[blocks], #4 \n"
+ "BLT 1f \n"
+
+ "AND x17, x19, x10, ASR #63\n"
+ "EXTR x12, x10, x9, #63 \n"
+ "EOR x11, x17, x9, LSL #1 \n"
+
+ "AND x17, x19, x12, ASR #63\n"
+ "EXTR x14, x12, x11, #63 \n"
+ "EOR x13, x17, x11, LSL #1 \n"
+
+ "AND x17, x19, x14, ASR #63\n"
+ "EXTR x16, x14, x13, #63 \n"
+ "EOR x15, x17, x13, LSL #1 \n"
+
+ "SUB %w[blocks], %w[blocks], #4 \n"
+
+ "#Four blocks at a time\n"
+ "20:\n"
+
+ "LD1 {v16.16b-v19.16b}, [%[in]], #64 \n"
+
+ "MOV v21.d[0], x11 \n"
+ "MOV v21.d[1], x12 \n"
+ "MOV v22.d[0], x13 \n"
+ "MOV v22.d[1], x14 \n"
+ "MOV v23.d[0], x15 \n"
+ "MOV v23.d[1], x16 \n"
+
+ "EOR v16.16b, v16.16b, v20.16b \n"
+ "EOR v17.16b, v17.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v22.16b \n"
+ "EOR v19.16b, v19.16b, v23.16b \n"
+
+ "AESD v16.16b, v1.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AND x17, x19, x16, ASR #63\n"
+ "AESD v17.16b, v1.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v1.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "EXTR x10, x16, x15, #63 \n"
+ "AESD v19.16b, v1.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v2.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "EOR x9, x17, x15, LSL #1 \n"
+ "AESD v17.16b, v2.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v2.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AND x17, x19, x10, ASR #63\n"
+ "AESD v19.16b, v2.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v3.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "EXTR x12, x10, x9, #63 \n"
+ "AESD v17.16b, v3.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v3.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "EOR x11, x17, x9, LSL #1 \n"
+ "AESD v19.16b, v3.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v4.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AND x17, x19, x12, ASR #63\n"
+ "AESD v17.16b, v4.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v4.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "EXTR x14, x12, x11, #63 \n"
+ "AESD v19.16b, v4.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+
+ "AESD v16.16b, v5.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "EOR x13, x17, x11, LSL #1 \n"
+ "AESD v17.16b, v5.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v5.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AND x17, x19, x14, ASR #63\n"
+ "AESD v19.16b, v5.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v6.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "EXTR x16, x14, x13, #63 \n"
+ "AESD v17.16b, v6.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v6.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "EOR x15, x17, x13, LSL #1 \n"
+ "AESD v19.16b, v6.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v7.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v7.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v7.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v7.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v8.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v8.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v8.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v8.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+
+ "AESD v16.16b, v9.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v9.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v9.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v9.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+
+ "SUBS WZR, %w[rounds], #10 \n"
+ "BEQ 21f \n"
+ "AESD v16.16b, v10.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v10.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v10.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v10.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v11.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v11.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v11.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v11.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+
+ "SUBS WZR, %w[rounds], #12 \n"
+ "BEQ 21f \n"
+ "AESD v16.16b, v12.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v12.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v12.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v12.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+ "AESD v16.16b, v13.16b \n"
+ "AESIMC v16.16b, v16.16b \n"
+ "AESD v17.16b, v13.16b \n"
+ "AESIMC v17.16b, v17.16b \n"
+ "AESD v18.16b, v13.16b \n"
+ "AESIMC v18.16b, v18.16b \n"
+ "AESD v19.16b, v13.16b \n"
+ "AESIMC v19.16b, v19.16b \n"
+
+ "21: \n"
+ "AESD v16.16b, v14.16b \n"
+ "EOR v16.16b, v16.16b, v15.16b \n"
+ "AESD v17.16b, v14.16b \n"
+ "EOR v17.16b, v17.16b, v15.16b \n"
+ "AESD v18.16b, v14.16b \n"
+ "EOR v18.16b, v18.16b, v15.16b \n"
+ "AESD v19.16b, v14.16b \n"
+ "EOR v19.16b, v19.16b, v15.16b \n"
+
+ "EOR v16.16b, v16.16b, v20.16b \n"
+ "EOR v17.16b, v17.16b, v21.16b \n"
+ "EOR v18.16b, v18.16b, v22.16b \n"
+ "EOR v19.16b, v19.16b, v23.16b \n"
+ "MOV v20.d[0], x9 \n"
+ "MOV v20.d[1], x10 \n"
+
+ "ST1 {v16.16b-v19.16b}, [%[out]], #64 \n"
+
+ "SUBS %w[blocks], %w[blocks], #4 \n"
+ "SUB %w[sz], %w[sz], #64 \n"
+ "BGE 20b \n"
+ "ADD %w[blocks], %w[blocks], #4 \n"
+
+ "CBZ %w[sz], 4f \n"
+
+ "CBZ %w[blocks], 3f \n"
+
+ "1: \n"
+ "LD1 {v0.16b}, [%[in]], #16 \n"
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ AES_DECRYPT_UPDATE_TWEAK(2)
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ "ST1 {v0.16b}, [%[out]], #16 \n"
+
+ "MOV v20.d[0], x9 \n"
+ "MOV v20.d[1], x10 \n"
+
+ "SUBS %w[blocks], %w[blocks], #1 \n"
+ "SUB %w[sz], %w[sz], #16 \n"
+ "BGT 1b \n"
+
+ "CBZ %w[sz], 4f \n"
+
+ "3: \n"
+
+ "AND x11, x19, x10, ASR #63\n"
+ "EXTR x10, x10, x9, #63 \n"
+ "EOR x9, x11, x9, LSL #1 \n"
+ "MOV v21.d[0], x9 \n"
+ "MOV v21.d[1], x10 \n"
+
+ "LD1 {v0.16b}, [%[in]], #16 \n"
+
+ "EOR v0.16b, v0.16b, v21.16b \n"
+
+ AES_DECRYPT(5)
+
+ "EOR v0.16b, v0.16b, v21.16b \n"
+
+ "SUB %w[sz], %w[sz], #16 \n"
+
+ "ST1 {v0.16b}, [%[tmp]] \n"
+ "ADD %[out], %[out], #16 \n"
+ "MOV w12, %w[sz] \n"
+ "6: \n"
+ "LDRB w13, [%[tmp]] \n"
+ "LDRB w14, [%[in]], #1 \n"
+ "STRB w13, [%[out]], #1 \n"
+ "STRB w14, [%[tmp]], #1 \n"
+ "SUBS w12, w12, #1 \n"
+ "BGT 6b \n"
+ "SUB %[out], %[out], %x[sz] \n"
+ "SUB %[tmp], %[tmp], %x[sz] \n"
+ "SUB %[out], %[out], #16 \n"
+
+ "LD1 {v0.16b}, [%[tmp]] \n"
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ AES_DECRYPT(7)
+
+ "EOR v0.16b, v0.16b, v20.16b \n"
+
+ "ST1 {v0.16b}, [%[out]] \n"
+
+ "4: \n"
+
+ : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+ [sz] "+r" (sz)
+ : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+ [key2] "r" (xaes->tweak.key), [i] "r" (i),
+ [tmp] "r" (tmp)
+ : "cc", "memory",
+ "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16",
+ "x17", "x19",
+ "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+ "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+ "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23"
+ );
+
+ return ret;
+}
+#else
+
+#define AES_ENCRYPT_UPDATE_TWEAK(label) \
+ "AESE.8 q0, q1 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AND %[i], r14, r12, ASR #31 \n" \
+ "AESE.8 q0, q2 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "LSL r12, r12, #1 \n" \
+ "AESE.8 q0, q3 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "ORR r12, r12, r11, LSR #31 \n" \
+ "AESE.8 q0, q4 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "LSL r11, r11, #1 \n" \
+ \
+ "AESE.8 q0, q5 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "ORR r11, r11, r10, LSR #31 \n" \
+ "AESE.8 q0, q6 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "LSL r10, r10, #1 \n" \
+ "AESE.8 q0, q7 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "ORR r10, r10, r9, LSR #31 \n" \
+ "AESE.8 q0, q8 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "EOR r9, %[i], r9, LSL #1 \n" \
+ \
+ "AESE.8 q0, q9 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESE.8 q0, q10 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q11 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESE.8 q0, q10 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q11 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ #label ": \n" \
+ "AESE.8 q0, q10 \n" \
+ "VEOR q0, q0, q11 \n"
+
+#define AES_ENCRYPT(label) \
+ "AESE.8 q0, q1 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q2 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q3 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q4 \n" \
+ "AESMC.8 q0, q0 \n" \
+ \
+ "AESE.8 q0, q5 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q6 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q7 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q8 \n" \
+ "AESMC.8 q0, q0 \n" \
+ \
+ "AESE.8 q0, q9 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESE.8 q0, q10 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q11 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESE.8 q0, q10 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "AESE.8 q0, q11 \n" \
+ "AESMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ #label ": \n" \
+ "AESE.8 q0, q10 \n" \
+ "VEOR q0, q0, q11 \n"
+
+#define AES_DECRYPT_UPDATE_TWEAK(label) \
+ "AESD.8 q0, q1 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AND %[i], r14, r12, ASR #31 \n" \
+ "AESD.8 q0, q2 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "LSL r12, r12, #1 \n" \
+ "AESD.8 q0, q3 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "ORR r12, r12, r11, LSR #31 \n" \
+ "AESD.8 q0, q4 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "LSL r11, r11, #1 \n" \
+ \
+ "AESD.8 q0, q5 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "ORR r11, r11, r10, LSR #31 \n" \
+ "AESD.8 q0, q6 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "LSL r10, r10, #1 \n" \
+ "AESD.8 q0, q7 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "ORR r10, r10, r9, LSR #31 \n" \
+ "AESD.8 q0, q8 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "EOR r9, %[i], r9, LSL #1 \n" \
+ \
+ "AESD.8 q0, q9 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESD.8 q0, q10 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q11 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESD.8 q0, q10 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q11 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ #label ": \n" \
+ "AESD.8 q0, q10 \n" \
+ "VEOR q0, q0, q11 \n"
+
+#define AES_DECRYPT(label) \
+ "AESD.8 q0, q1 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q2 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q3 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q4 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ \
+ "AESD.8 q0, q5 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q6 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q7 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q8 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ \
+ "AESD.8 q0, q9 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #10 \n" \
+ "BLE " #label "f \n" \
+ "AESD.8 q0, q10 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q11 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ "CMP %[rounds], #12 \n" \
+ "BLE " #label "f \n" \
+ "AESD.8 q0, q10 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "AESD.8 q0, q11 \n" \
+ "AESIMC.8 q0, q0 \n" \
+ "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n" \
+ \
+ #label ": \n" \
+ "AESD.8 q0, q10 \n" \
+ "VEOR q0, q0, q11 \n"
+
+/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
+ *
+ * xaes AES keys to use for block encrypt/decrypt
+ * out output buffer to hold cipher text
+ * in input plain text buffer to encrypt
+ * sz size of both out and in buffers
+ * i value to use for tweak
+ * iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ * adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+ const byte* i, word32 iSz)
+{
+ int ret = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ byte tmp[AES_BLOCK_SIZE];
+ word32* key2 = xaes->tweak.key;
+
+ if (xaes == NULL || out == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (iSz < AES_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (blocks == 0) {
+ WOLFSSL_MSG("Plain text input too small for encryption");
+ return BAD_FUNC_ARG;
+ }
+
+ __asm__ __volatile__ (
+ "MOV r14, #0x87 \n"
+
+ "# Load tweak calculation key\n"
+ "VLD1.32 {q0}, [%[i]] \n"
+ "VLD1.32 {d2, d3, d4, d5}, [%[key2]]! \n"
+ "VLD1.32 {d6, d7, d8, d9}, [%[key2]]! \n"
+ "VLD1.32 {d10, d11, d12, d13}, [%[key2]]! \n"
+ "VLD1.32 {d14, d15, d16, d17}, [%[key2]]! \n"
+ "VLD1.32 {d18, d19}, [%[key2]]! \n"
+
+ AES_ENCRYPT(10)
+
+ "VMOV.32 r9, d0[0] \n"
+ "VMOV.32 r10, d0[1] \n"
+ "VMOV.32 r11, d1[0] \n"
+ "VMOV.32 r12, d1[1] \n"
+ "VMOV q14, q0 \n"
+
+ "# Load encryption key\n"
+ "MOV %[key2], %[key] \n"
+ "VLD1.32 {d2, d3, d4, d5}, [%[key2]]! \n"
+ "VLD1.32 {d6, d7, d8, d9}, [%[key2]]! \n"
+ "VLD1.32 {d10, d11, d12, d13}, [%[key2]]! \n"
+ "VLD1.32 {d14, d15, d16, d17}, [%[key2]]! \n"
+ "VLD1.32 {d18, d19}, [%[key2]]! \n"
+
+ "1: \n"
+ "VLD1.32 {q0}, [%[in]]! \n"
+ "ADD %[key2], %[key], #144 \n"
+
+ "VMOV.32 r9, d28[0] \n"
+ "VMOV.32 r10, d28[1] \n"
+ "VMOV.32 r11, d29[0] \n"
+ "VMOV.32 r12, d29[1] \n"
+
+ "VEOR q0, q0, q14 \n"
+
+ AES_ENCRYPT_UPDATE_TWEAK(2)
+
+ "VEOR q0, q0, q14 \n"
+
+ "VST1.32 {q0}, [%[out]]! \n"
+
+ "VMOV.32 d28[0], r9 \n"
+ "VMOV.32 d28[1], r10 \n"
+ "VMOV.32 d29[0], r11 \n"
+ "VMOV.32 d29[1], r12 \n"
+
+ "SUBS %[blocks], %[blocks], #1 \n"
+ "SUB %[sz], %[sz], #16 \n"
+ "BGT 1b \n"
+
+ "CMP %[sz], #0 \n"
+ "BEQ 3f \n"
+
+ "30: \n"
+ "#Partial block \n"
+ "SUB %[out], %[out], #16 \n"
+ "VLD1.32 {q0}, [%[out]]! \n"
+ "VST1.32 {q0}, [%[tmp]] \n"
+
+ "MOV r9, %[sz] \n"
+ "4: \n"
+ "LDRB r10, [%[tmp]] \n"
+ "LDRB r11, [%[in]], #1 \n"
+ "STRB r10, [%[out]], #1 \n"
+ "STRB r11, [%[tmp]], #1 \n"
+ "SUBS r9, r9, #1 \n"
+ "BGT 4b \n"
+
+ "SUB %[out], %[out], %[sz] \n"
+ "SUB %[tmp], %[tmp], %[sz] \n"
+ "SUB %[out], %[out], #16 \n"
+
+ "VLD1.32 {q0}, [%[tmp]] \n"
+ "ADD %[key2], %[key], #144 \n"
+
+ "VEOR q0, q0, q14 \n"
+
+ AES_ENCRYPT(5)
+
+ "VEOR q0, q0, q14 \n"
+
+ "VST1.32 {q0}, [%[out]] \n"
+
+ "3: \n"
+
+ : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+ [sz] "+r" (sz), [i] "+r" (i), [key2] "+r" (key2)
+ : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+ [tmp] "r" (tmp)
+ : "cc", "memory",
+ "r9", "r10", "r11", "r12", "r14",
+ "q0", "q1", "q2", "q3", "q4", "q5", "q6", "q7",
+ "q8", "q9", "q10", "q11", "q14"
+ );
+
+ return ret;
+}
+
+/* Same process as encryption but Aes key is AES_DECRYPTION type.
+ *
+ * xaes AES keys to use for block encrypt/decrypt
+ * out output buffer to hold plain text
+ * in input cipher text buffer to decrypt
+ * sz size of both out and in buffers
+ * i value to use for tweak
+ * iSz size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ * adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+ const byte* i, word32 iSz)
+{
+ int ret = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ byte tmp[AES_BLOCK_SIZE];
+ byte stl = (sz % AES_BLOCK_SIZE);
+ word32* key2 = xaes->tweak.key;
+
+ if (xaes == NULL || out == NULL || in == NULL) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (iSz < AES_BLOCK_SIZE) {
+ return BAD_FUNC_ARG;
+ }
+
+ if (blocks == 0) {
+ WOLFSSL_MSG("Plain text input too small for encryption");
+ return BAD_FUNC_ARG;
+ }
+
+ /* if Stealing then break out of loop one block early to handle special
+ * case */
+ blocks -= (stl > 0);
+
+ __asm__ __volatile__ (
+ "MOV r14, #0x87 \n"
+
+ "VLD1.32 {q0}, [%[i]] \n"
+ "VLD1.32 {d2, d3, d4, d5}, [%[key2]]! \n"
+ "VLD1.32 {d6, d7, d8, d9}, [%[key2]]! \n"
+ "VLD1.32 {d10, d11, d12, d13}, [%[key2]]! \n"
+ "VLD1.32 {d14, d15, d16, d17}, [%[key2]]! \n"
+ "VLD1.32 {d18, d19}, [%[key2]]! \n"
+
+ AES_ENCRYPT(10)
+
+ "VMOV.32 r9, d0[0] \n"
+ "VMOV.32 r10, d0[1] \n"
+ "VMOV.32 r11, d1[0] \n"
+ "VMOV.32 r12, d1[1] \n"
+ "VMOV q14, q0 \n"
+
+ "# Load decryption key\n"
+ "MOV %[key2], %[key] \n"
+ "VLD1.32 {d2, d3, d4, d5}, [%[key2]]! \n"
+ "VLD1.32 {d6, d7, d8, d9}, [%[key2]]! \n"
+ "VLD1.32 {d10, d11, d12, d13}, [%[key2]]! \n"
+ "VLD1.32 {d14, d15, d16, d17}, [%[key2]]! \n"
+ "VLD1.32 {d18, d19}, [%[key2]]! \n"
+
+ "CMP %[blocks], #0 \n"
+ "BEQ 3f \n"
+
+ "1: \n"
+ "VLD1.32 {q0}, [%[in]]! \n"
+ "ADD %[key2], %[key], #144 \n"
+
+ "VEOR q0, q0, q14 \n"
+
+ AES_DECRYPT_UPDATE_TWEAK(2)
+
+ "VEOR q0, q0, q14 \n"
+
+ "VST1.32 {q0}, [%[out]]! \n"
+
+ "VMOV.32 d28[0], r9 \n"
+ "VMOV.32 d28[1], r10 \n"
+ "VMOV.32 d29[0], r11 \n"
+ "VMOV.32 d29[1], r12 \n"
+
+ "SUBS %[blocks], %[blocks], #1 \n"
+ "SUB %[sz], %[sz], #16 \n"
+ "BGT 1b \n"
+
+ "CMP %[sz], #0 \n"
+ "BEQ 4f \n"
+
+ "3: \n"
+
+ "AND %[i], r14, r12, ASR #31 \n"
+ "LSL r12, r12, #1 \n"
+ "ORR r12, r12, r11, LSR #31 \n"
+ "LSL r11, r11, #1 \n"
+ "ORR r11, r11, r10, LSR #31 \n"
+ "LSL r10, r10, #1 \n"
+ "ORR r10, r10, r9, LSR #31 \n"\
+ "EOR r9, %[i], r9, LSL #1 \n"
+ "VMOV.32 d30[0], r9 \n"
+ "VMOV.32 d30[1], r10 \n"
+ "VMOV.32 d31[0], r11 \n"
+ "VMOV.32 d31[1], r12 \n"
+
+ "VLD1.32 {q0}, [%[in]]! \n"
+ "ADD %[key2], %[key], #144 \n"
+
+ "VEOR q0, q0, q15 \n"
+
+ AES_DECRYPT(5)
+
+ "VEOR q0, q0, q15 \n"
+
+ "SUB %[sz], %[sz], #16 \n"
+
+ "VST1.32 {q0}, [%[tmp]] \n"
+ "ADD %[out], %[out], #16 \n"
+ "MOV r9, %[sz] \n"
+ "6: \n"
+ "LDRB r10, [%[tmp]] \n"
+ "LDRB r11, [%[in]], #1 \n"
+ "STRB r10, [%[out]], #1 \n"
+ "STRB r11, [%[tmp]], #1 \n"
+ "SUBS r9, r9, #1 \n"
+ "BGT 6b \n"
+ "SUB %[out], %[out], %[sz] \n"
+ "SUB %[tmp], %[tmp], %[sz] \n"
+ "SUB %[out], %[out], #16 \n"
+
+ "VLD1.32 {q0}, [%[tmp]] \n"
+ "ADD %[key2], %[key], #144 \n"
+
+ "VEOR q0, q0, q14 \n"
+
+ AES_DECRYPT(7)
+
+ "VEOR q0, q0, q14 \n"
+
+ "VST1.32 {q0}, [%[out]] \n"
+
+ "4: \n"
+
+ : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+ [sz] "+r" (sz), [i] "+r" (i), [key2] "+r" (key2)
+ : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+ [tmp] "r" (tmp)
+ : "cc", "memory",
+ "r9", "r10", "r11", "r12", "r14",
+ "q0", "q1", "q2", "q3", "q4", "q5", "q6", "q7",
+ "q8", "q9", "q10", "q11", "q14", "q15"
+ );
+
+ return ret;
+}
+
+#endif /* __aach64__ */
+#endif /* WOLFSSL_AES_XTS */
+
#else /* !WOLFSSL_ARMASM_NO_HW_CRYPTO */
#include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/aes.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
@@ -5618,6 +16627,13 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
if (sz == 0) {
return 0;
}
+ if (sz % AES_BLOCK_SIZE) {
+#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
+ return BAD_LENGTH_E;
+#else
+ return BAD_FUNC_ARG;
+#endif
+ }
AES_CBC_encrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds,
(unsigned char*)aes->reg);
@@ -5640,6 +16656,13 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
if (sz == 0) {
return 0;
}
+ if (sz % AES_BLOCK_SIZE) {
+#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
+ return BAD_LENGTH_E;
+#else
+ return BAD_FUNC_ARG;
+#endif
+ }
AES_CBC_decrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds,
(unsigned char*)aes->reg);
@@ -5701,6 +16724,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
return 0;
}
+
+int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir)
+{
+ (void)dir;
+ return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+}
#endif /* WOLFSSL_AES_COUNTER */
#ifdef HAVE_AESCCM
@@ -5962,15 +16992,15 @@ static WC_INLINE void RIGHTSHIFTX(byte* x)
x[0] ^= borrow;
}
-static void GenerateM0(Aes* aes)
+void GenerateM0(Gcm* gcm)
{
int i;
- byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+ byte (*m)[AES_BLOCK_SIZE] = gcm->M0;
/* 0 times -> 0x0 */
XMEMSET(m[0x0], 0, AES_BLOCK_SIZE);
/* 1 times -> 0x8 */
- XMEMCPY(m[0x8], aes->H, AES_BLOCK_SIZE);
+ XMEMCPY(m[0x8], gcm->H, AES_BLOCK_SIZE);
/* 2 times -> 0x4 */
XMEMCPY(m[0x4], m[0x8], AES_BLOCK_SIZE);
RIGHTSHIFTX(m[0x4]);
@@ -6010,7 +17040,7 @@ static void GenerateM0(Aes* aes)
xorbuf (m[0xf], m[0x7], AES_BLOCK_SIZE);
for (i = 0; i < 16; i++) {
- word32* m32 = (word32*)aes->M0[i];
+ word32* m32 = (word32*)gcm->M0[i];
m32[0] = ByteReverseWord32(m32[0]);
m32[1] = ByteReverseWord32(m32[1]);
m32[2] = ByteReverseWord32(m32[2]);
@@ -6033,11 +17063,11 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
XMEMSET(iv, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
-
+
if (ret == 0) {
- AES_ECB_encrypt(iv, aes->H, AES_BLOCK_SIZE,
+ AES_ECB_encrypt(iv, aes->gcm.H, AES_BLOCK_SIZE,
(const unsigned char*)aes->key, aes->rounds);
- GenerateM0(aes);
+ GenerateM0(&aes->gcm);
}
return ret;
@@ -6089,13 +17119,13 @@ static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c,
blocks = aSz / AES_BLOCK_SIZE;
partial = aSz % AES_BLOCK_SIZE;
if (blocks > 0) {
- GCM_gmult_len(x, aes->M0, a, blocks * AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, a, blocks * AES_BLOCK_SIZE);
a += blocks * AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, a, partial);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
}
}
@@ -6104,20 +17134,20 @@ static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c,
blocks = cSz / AES_BLOCK_SIZE;
partial = cSz % AES_BLOCK_SIZE;
if (blocks > 0) {
- GCM_gmult_len(x, aes->M0, c, blocks * AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, c, blocks * AES_BLOCK_SIZE);
c += blocks * AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, c, partial);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
}
}
/* Hash in the lengths of A and C in bits */
FlattenSzInBits(&scratch[0], aSz);
FlattenSzInBits(&scratch[8], cSz);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
/* Copy the result into s. */
XMEMCPY(s, x, sSz);
@@ -6168,13 +17198,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
blocks = authInSz / AES_BLOCK_SIZE;
partial = authInSz % AES_BLOCK_SIZE;
if (blocks > 0) {
- GCM_gmult_len(x, aes->M0, authIn, blocks * AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, authIn, blocks * AES_BLOCK_SIZE);
authIn += blocks * AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, authIn, partial);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
}
}
@@ -6184,7 +17214,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
if (blocks > 0) {
AES_GCM_encrypt(in, out, blocks * AES_BLOCK_SIZE,
(const unsigned char*)aes->key, aes->rounds, counter);
- GCM_gmult_len(x, aes->M0, out, blocks * AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, out, blocks * AES_BLOCK_SIZE);
in += blocks * AES_BLOCK_SIZE;
out += blocks * AES_BLOCK_SIZE;
}
@@ -6197,14 +17227,14 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, out, partial);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
}
/* Hash in the lengths of A and C in bits */
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
FlattenSzInBits(&scratch[0], authInSz);
FlattenSzInBits(&scratch[8], sz);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
if (authTagSz > AES_BLOCK_SIZE) {
XMEMCPY(authTag, x, AES_BLOCK_SIZE);
}
@@ -6256,13 +17286,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
blocks = authInSz / AES_BLOCK_SIZE;
partial = authInSz % AES_BLOCK_SIZE;
if (blocks > 0) {
- GCM_gmult_len(x, aes->M0, authIn, blocks * AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, authIn, blocks * AES_BLOCK_SIZE);
authIn += blocks * AES_BLOCK_SIZE;
}
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, authIn, partial);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
}
}
@@ -6270,7 +17300,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
partial = sz % AES_BLOCK_SIZE;
/* do as many blocks as possible */
if (blocks > 0) {
- GCM_gmult_len(x, aes->M0, in, blocks * AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, in, blocks * AES_BLOCK_SIZE);
AES_GCM_encrypt(in, out, blocks * AES_BLOCK_SIZE,
(const unsigned char*)aes->key, aes->rounds, counter);
@@ -6280,7 +17310,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
if (partial != 0) {
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
XMEMCPY(scratch, in, partial);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
AES_GCM_encrypt(in, scratch, AES_BLOCK_SIZE,
(const unsigned char*)aes->key, aes->rounds, counter);
@@ -6290,7 +17320,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
XMEMSET(scratch, 0, AES_BLOCK_SIZE);
FlattenSzInBits(&scratch[0], authInSz);
FlattenSzInBits(&scratch[8], sz);
- GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+ GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
AES_ECB_encrypt(initialCounter, scratch, AES_BLOCK_SIZE,
(const unsigned char*)aes->key, aes->rounds);
xorbuf(x, scratch, authTagSz);
@@ -6303,5 +17333,6 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
return 0;
}
#endif /* HAVE_AESGCM */
+
#endif /* !WOLFSSL_ARMASM_NO_HW_CRYPTO */
#endif /* !NO_AES && WOLFSSL_ARMASM */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c
index 13afe2c9..94e64504 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c
@@ -29,7 +29,7 @@
#include <wolfssl/wolfcrypt/settings.h>
-#ifdef WOLFSSL_ARMASM
+#if defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_ARMASM_NO_NEON)
#ifdef HAVE_CHACHA
#include <wolfssl/wolfcrypt/chacha.h>
@@ -2896,4 +2896,4 @@ int wc_Chacha_Process(ChaCha* ctx, byte* output, const byte* input,
}
#endif /* HAVE_CHACHA */
-#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM && !WOLFSSL_ARMASM_NO_NEON */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S
index dafa2f75..3f04ce87 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S
@@ -30,7 +30,9 @@
*/
#ifdef WOLFSSL_ARMASM
#ifdef __aarch64__
-#ifdef HAVE_CURVE25519
+#ifndef WOLFSSL_ARMASM_INLINE
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
#ifndef __APPLE__
.text
.globl fe_init
@@ -47,6 +49,7 @@ _fe_init:
#ifndef __APPLE__
.size fe_init,.-fe_init
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
.globl fe_frombytes
@@ -180,16 +183,17 @@ _fe_sub:
sbcs x4, x4, x8
sbcs x5, x5, x9
sbcs x6, x6, x10
- mov x12, #-19
csetm x11, cc
+ mov x12, #-19
# Mask the modulus
- and x12, x11, x12
- and x13, x11, #0x7fffffffffffffff
+ extr x11, x11, x6, #63
+ mul x12, x11, x12
# Add modulus (if underflow)
- adds x3, x3, x12
- adcs x4, x4, x11
- adcs x5, x5, x11
- adc x6, x6, x13
+ subs x3, x3, x12
+ sbcs x4, x4, xzr
+ and x6, x6, #0x7fffffffffffffff
+ sbcs x5, x5, xzr
+ sbc x6, x6, xzr
stp x3, x4, [x0]
stp x5, x6, [x0, #16]
ret
@@ -216,17 +220,18 @@ _fe_add:
adds x3, x3, x7
adcs x4, x4, x8
adcs x5, x5, x9
- adc x6, x6, x10
- mov x12, #-19
- asr x11, x6, #63
+ adcs x6, x6, x10
+ cset x11, cs
+ mov x12, #19
# Mask the modulus
- and x12, x11, x12
- and x13, x11, #0x7fffffffffffffff
+ extr x11, x11, x6, #63
+ mul x12, x11, x12
# Sub modulus (if overflow)
- subs x3, x3, x12
- sbcs x4, x4, x11
- sbcs x5, x5, x11
- sbc x6, x6, x13
+ adds x3, x3, x12
+ adcs x4, x4, xzr
+ and x6, x6, #0x7fffffffffffffff
+ adcs x5, x5, xzr
+ adc x6, x6, xzr
stp x3, x4, [x0]
stp x5, x6, [x0, #16]
ret
@@ -553,6 +558,7 @@ _fe_cmov_table:
#ifndef __APPLE__
.size fe_cmov_table,.-fe_cmov_table
#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
#ifndef __APPLE__
.text
.globl fe_mul
@@ -576,136 +582,122 @@ _fe_mul:
ldp x16, x17, [x1, #16]
ldp x19, x20, [x2]
ldp x21, x22, [x2, #16]
- # A[0] * B[0]
- mul x6, x14, x19
+ # A[0] * B[0]
umulh x7, x14, x19
- # A[0] * B[1]
- mul x3, x14, x20
- umulh x8, x14, x20
- adds x7, x7, x3
- adc x8, x8, xzr
- # A[1] * B[0]
+ mul x6, x14, x19
+ # A[2] * B[0]
+ umulh x9, x16, x19
+ mul x8, x16, x19
+ # A[1] * B[0]
mul x3, x15, x19
+ adds x7, x7, x3
umulh x4, x15, x19
+ adcs x8, x8, x4
+ # A[1] * B[3]
+ umulh x11, x15, x22
+ adc x9, x9, xzr
+ mul x10, x15, x22
+ # A[0] * B[1]
+ mul x3, x14, x20
adds x7, x7, x3
+ umulh x4, x14, x20
adcs x8, x8, x4
- adc x9, xzr, xzr
- # A[0] * B[2]
- mul x3, x14, x21
- umulh x4, x14, x21
- adds x8, x8, x3
- adc x9, x9, x4
- # A[1] * B[1]
- mul x3, x15, x20
- umulh x4, x15, x20
- adds x8, x8, x3
- adcs x9, x9, x4
- adc x10, xzr, xzr
- # A[2] * B[0]
- mul x3, x16, x19
- umulh x4, x16, x19
- adds x8, x8, x3
- adcs x9, x9, x4
- adc x10, x10, xzr
- # A[0] * B[3]
- mul x3, x14, x22
- umulh x4, x14, x22
- adds x9, x9, x3
- adcs x10, x10, x4
- adc x11, xzr, xzr
- # A[1] * B[2]
- mul x3, x15, x21
- umulh x4, x15, x21
- adds x9, x9, x3
- adcs x10, x10, x4
- adc x11, x11, xzr
- # A[2] * B[1]
+ # A[2] * B[1]
mul x3, x16, x20
+ adcs x9, x9, x3
umulh x4, x16, x20
- adds x9, x9, x3
adcs x10, x10, x4
adc x11, x11, xzr
- # A[3] * B[0]
- mul x3, x17, x19
- umulh x4, x17, x19
+ # A[1] * B[2]
+ mul x3, x15, x21
adds x9, x9, x3
+ umulh x4, x15, x21
adcs x10, x10, x4
- adc x11, x11, xzr
- # A[1] * B[3]
- mul x3, x15, x22
- umulh x4, x15, x22
- adds x10, x10, x3
- adcs x11, x11, x4
+ adcs x11, x11, xzr
adc x12, xzr, xzr
- # A[2] * B[2]
- mul x3, x16, x21
- umulh x4, x16, x21
- adds x10, x10, x3
- adcs x11, x11, x4
+ # A[0] * B[2]
+ mul x3, x14, x21
+ adds x8, x8, x3
+ umulh x4, x14, x21
+ adcs x9, x9, x4
+ adcs x10, x10, xzr
+ adcs x11, x11, xzr
adc x12, x12, xzr
- # A[3] * B[1]
+ # A[1] * B[1]
+ mul x3, x15, x20
+ adds x8, x8, x3
+ umulh x4, x15, x20
+ adcs x9, x9, x4
+ # A[3] * B[1]
mul x3, x17, x20
+ adcs x10, x10, x3
umulh x4, x17, x20
- adds x10, x10, x3
adcs x11, x11, x4
adc x12, x12, xzr
- # A[2] * B[3]
+ # A[2] * B[2]
+ mul x3, x16, x21
+ adds x10, x10, x3
+ umulh x4, x16, x21
+ adcs x11, x11, x4
+ # A[3] * B[3]
+ mul x3, x17, x22
+ adcs x12, x12, x3
+ umulh x13, x17, x22
+ adc x13, x13, xzr
+ # A[0] * B[3]
+ mul x3, x14, x22
+ adds x9, x9, x3
+ umulh x4, x14, x22
+ adcs x10, x10, x4
+ # A[2] * B[3]
mul x3, x16, x22
+ adcs x11, x11, x3
umulh x4, x16, x22
- adds x11, x11, x3
adcs x12, x12, x4
- adc x13, xzr, xzr
- # A[3] * B[2]
+ adc x13, x13, xzr
+ # A[3] * B[0]
+ mul x3, x17, x19
+ adds x9, x9, x3
+ umulh x4, x17, x19
+ adcs x10, x10, x4
+ # A[3] * B[2]
mul x3, x17, x21
+ adcs x11, x11, x3
umulh x4, x17, x21
- adds x11, x11, x3
adcs x12, x12, x4
adc x13, x13, xzr
- # A[3] * B[3]
- mul x3, x17, x22
- umulh x4, x17, x22
- adds x12, x12, x3
- adc x13, x13, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x13, x13, x12, #63
- extr x12, x12, x11, #63
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- and x9, x9, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x3, #38
+ mul x4, x3, x13
+ adds x9, x9, x4
+ umulh x5, x3, x13
+ adc x5, x5, xzr
mov x3, #19
+ extr x5, x5, x9, #63
+ mul x5, x5, x3
+ and x9, x9, #0x7fffffffffffffff
+ mov x3, #38
mul x4, x3, x10
- umulh x10, x3, x10
adds x6, x6, x4
+ umulh x10, x3, x10
mul x4, x3, x11
- umulh x11, x3, x11
adcs x7, x7, x4
+ umulh x11, x3, x11
mul x4, x3, x12
- umulh x12, x3, x12
adcs x8, x8, x4
- mul x4, x3, x13
- umulh x5, x3, x13
- adcs x9, x9, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x7, x7, x10
- adcs x8, x8, x11
- adcs x9, x9, x12
- adc x5, x5, xzr
- # Overflow
- extr x5, x5, x9, #63
- mul x5, x5, x3
- and x9, x9, #0x7fffffffffffffff
- adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
+ umulh x12, x3, x12
adc x9, x9, xzr
- # Reduce if top bit set
- and x5, x3, x9, asr 63
- and x9, x9, #0x7fffffffffffffff
+ # Add high product results in
adds x6, x6, x5
+ adcs x7, x7, x10
+ adcs x8, x8, x11
+ adc x9, x9, x12
+ # Reduce if top bit set
+ mov x3, #19
+ and x4, x3, x9, asr 63
+ adds x6, x6, x4
adcs x7, x7, xzr
+ and x9, x9, #0x7fffffffffffffff
adcs x8, x8, xzr
adc x9, x9, xzr
# Store
@@ -736,33 +728,30 @@ _fe_sq:
ldp x13, x14, [x1]
ldp x15, x16, [x1, #16]
# A[0] * A[1]
- mul x6, x13, x14
umulh x7, x13, x14
+ mul x6, x13, x14
+ # A[0] * A[3]
+ umulh x9, x13, x16
+ mul x8, x13, x16
# A[0] * A[2]
mul x2, x13, x15
- umulh x8, x13, x15
adds x7, x7, x2
- adc x8, x8, xzr
- # A[0] * A[3]
- mul x2, x13, x16
- umulh x9, x13, x16
- adds x8, x8, x2
- adc x9, x9, xzr
+ umulh x3, x13, x15
+ adcs x8, x8, x3
+ # A[1] * A[3]
+ mul x2, x14, x16
+ adcs x9, x9, x2
+ umulh x10, x14, x16
+ adc x10, x10, xzr
# A[1] * A[2]
mul x2, x14, x15
- umulh x3, x14, x15
adds x8, x8, x2
+ umulh x3, x14, x15
adcs x9, x9, x3
- adc x10, xzr, xzr
- # A[1] * A[3]
- mul x2, x14, x16
- umulh x3, x14, x16
- adds x9, x9, x2
- adc x10, x10, x3
# A[2] * A[3]
mul x2, x15, x16
+ adcs x10, x10, x2
umulh x11, x15, x16
- adds x10, x10, x2
adc x11, x11, xzr
# Double
adds x6, x6, x6
@@ -773,66 +762,56 @@ _fe_sq:
adcs x11, x11, x11
adc x12, xzr, xzr
# A[0] * A[0]
+ umulh x3, x13, x13
mul x5, x13, x13
- umulh x4, x13, x13
# A[1] * A[1]
mul x2, x14, x14
+ adds x6, x6, x3
umulh x3, x14, x14
- adds x6, x6, x4
adcs x7, x7, x2
- adc x4, x3, xzr
# A[2] * A[2]
mul x2, x15, x15
+ adcs x8, x8, x3
umulh x3, x15, x15
- adds x8, x8, x4
adcs x9, x9, x2
- adc x4, x3, xzr
# A[3] * A[3]
mul x2, x16, x16
+ adcs x10, x10, x3
umulh x3, x16, x16
- adds x10, x10, x4
adcs x11, x11, x2
adc x12, x12, x3
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x12, x12, x11, #63
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- and x8, x8, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x2, #38
+ mul x3, x2, x12
+ adds x8, x8, x3
+ umulh x4, x2, x12
+ adc x4, x4, xzr
mov x2, #19
+ extr x4, x4, x8, #63
+ mul x4, x4, x2
+ and x8, x8, #0x7fffffffffffffff
+ mov x2, #38
mul x3, x2, x9
- umulh x9, x2, x9
adds x5, x5, x3
+ umulh x9, x2, x9
mul x3, x2, x10
- umulh x10, x2, x10
adcs x6, x6, x3
+ umulh x10, x2, x10
mul x3, x2, x11
- umulh x11, x2, x11
adcs x7, x7, x3
- mul x3, x2, x12
- umulh x4, x2, x12
- adcs x8, x8, x3
- adc x4, x4, xzr
- # Add remaining product results in
- adds x6, x6, x9
- adcs x7, x7, x10
- adcs x8, x8, x11
- adc x4, x4, xzr
- # Overflow
- extr x4, x4, x8, #63
- mul x4, x4, x2
- and x8, x8, #0x7fffffffffffffff
- adds x5, x5, x4
- adcs x6, x6, xzr
- adcs x7, x7, xzr
+ umulh x11, x2, x11
adc x8, x8, xzr
- # Reduce if top bit set
- and x4, x2, x8, asr 63
- and x8, x8, #0x7fffffffffffffff
+ # Add high product results in
adds x5, x5, x4
+ adcs x6, x6, x9
+ adcs x7, x7, x10
+ adc x8, x8, x11
+ # Reduce if top bit set
+ mov x2, #19
+ and x3, x2, x8, asr 63
+ adds x5, x5, x3
adcs x6, x6, xzr
+ and x8, x8, #0x7fffffffffffffff
adcs x7, x7, xzr
adc x8, x8, xzr
# Store
@@ -856,6 +835,7 @@ _fe_invert:
#endif /* __APPLE__ */
stp x29, x30, [sp, #-176]!
add x29, sp, #0
+ str x17, [x29, #160]
str x20, [x29, #168]
# Invert
str x0, [x29, #144]
@@ -920,61 +900,197 @@ _fe_invert:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x50
-#ifndef NDEBUG
- add x1, x29, #48
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x20, #3
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 5 times
+ mov x20, #5
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_invert1:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert1
- add x0, x29, #48
+ bne L_fe_invert1
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
#ifndef NDEBUG
- add x1, x29, #0x50
+ add x0, x29, #48
#endif /* !NDEBUG */
+ add x1, x29, #0x50
add x2, x29, #48
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x50
- add x1, x29, #48
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x20, #8
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 10 times
+ mov x20, #10
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_invert2:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert2
-#ifndef NDEBUG
+ bne L_fe_invert2
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
add x0, x29, #0x50
-#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #0x50
#endif /* !NDEBUG */
@@ -984,84 +1100,295 @@ L_fe_invert2:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x70
-#ifndef NDEBUG
- add x1, x29, #0x50
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x20, #18
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 20 times
+ mov x20, #20
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_fe_invert3:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert3
- add x0, x29, #0x50
+ bne L_fe_invert3
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
#ifndef NDEBUG
- add x1, x29, #0x70
+ add x0, x29, #0x50
#endif /* !NDEBUG */
+ add x1, x29, #0x70
add x2, x29, #0x50
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x20, #9
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 10 times
+ mov x20, #10
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_fe_invert4:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert4
+ bne L_fe_invert4
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
add x0, x29, #48
-#ifndef NDEBUG
add x1, x29, #0x50
-#endif /* !NDEBUG */
add x2, x29, #48
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x50
- add x1, x29, #48
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x20, #48
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 50 times
+ mov x20, #50
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_invert5:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert5
-#ifndef NDEBUG
+ bne L_fe_invert5
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
add x0, x29, #0x50
-#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #0x50
#endif /* !NDEBUG */
@@ -1071,84 +1398,303 @@ L_fe_invert5:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x70
-#ifndef NDEBUG
- add x1, x29, #0x50
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x20, #0x62
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 100 times
+ mov x20, #0x64
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_fe_invert6:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert6
- add x0, x29, #0x50
+ bne L_fe_invert6
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
#ifndef NDEBUG
- add x1, x29, #0x70
+ add x0, x29, #0x50
#endif /* !NDEBUG */
+ add x1, x29, #0x70
add x2, x29, #0x50
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x20, #49
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 50 times
+ mov x20, #50
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_fe_invert7:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert7
+ bne L_fe_invert7
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
add x0, x29, #48
-#ifndef NDEBUG
add x1, x29, #0x50
-#endif /* !NDEBUG */
add x2, x29, #48
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x20, #4
-#ifndef NDEBUG
- add x0, x29, #48
-#endif /* !NDEBUG */
- add x1, x29, #48
+ # Loop: 5 times
+ mov x20, #5
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_invert8:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x20, x20, #1
- bcs L_fe_invert8
+ bne L_fe_invert8
+ # Store
+ stp x6, x7, [x29, #48]
+ stp x8, x9, [x29, #64]
ldr x0, [x29, #144]
-#ifndef NDEBUG
add x1, x29, #48
-#endif /* !NDEBUG */
add x2, x29, #16
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
+ ldr x17, [x29, #160]
ldr x20, [x29, #168]
ldp x29, x30, [sp], #0xb0
ret
@@ -1179,422 +1725,364 @@ _curve25519:
mov x23, xzr
str x0, [x29, #176]
str x2, [x29, #184]
- # Copy
ldp x6, x7, [x2]
ldp x8, x9, [x2, #16]
- stp x6, x7, [x29, #80]
- stp x8, x9, [x29, #96]
- # Set one
- mov x2, #1
- stp x2, xzr, [x0]
- stp xzr, xzr, [x0, #16]
+ mov x10, #1
+ mov x11, xzr
+ mov x12, xzr
+ mov x13, xzr
+ stp x10, x11, [x0]
+ stp x12, x13, [x0, #16]
# Set zero
stp xzr, xzr, [x29, #16]
stp xzr, xzr, [x29, #32]
- # Set one
- mov x2, #1
- stp x2, xzr, [x29, #48]
- stp xzr, xzr, [x29, #64]
- mov x25, #62
- mov x24, #24
-L_curve25519_words:
+ mov x24, #0xfe
L_curve25519_bits:
- ldr x2, [x1, x24]
- lsr x2, x2, x25
- and x2, x2, #1
- eor x23, x23, x2
+ lsr x3, x24, #6
+ and x4, x24, #63
+ ldr x5, [x1, x3, LSL 3]
+ lsr x5, x5, x4
+ eor x23, x23, x5
+ # Conditional Swap
+ subs xzr, xzr, x23, lsl 63
+ ldp x25, x26, [x29, #16]
+ ldp x27, x28, [x29, #32]
+ csel x19, x25, x10, ne
+ csel x25, x10, x25, ne
+ csel x20, x26, x11, ne
+ csel x26, x11, x26, ne
+ csel x21, x27, x12, ne
+ csel x27, x12, x27, ne
+ csel x22, x28, x13, ne
+ csel x28, x13, x28, ne
# Conditional Swap
- cmp x23, #1
+ subs xzr, xzr, x23, lsl 63
ldp x10, x11, [x0]
ldp x12, x13, [x0, #16]
- ldp x6, x7, [x29, #80]
- ldp x8, x9, [x29, #96]
- csel x14, x10, x6, eq
- csel x10, x6, x10, eq
- csel x15, x11, x7, eq
- csel x11, x7, x11, eq
- csel x16, x12, x8, eq
- csel x12, x8, x12, eq
- csel x17, x13, x9, eq
- csel x13, x9, x13, eq
- # Conditional Swap
- cmp x23, #1
- ldp x19, x20, [x29, #16]
- ldp x21, x22, [x29, #32]
- ldp x6, x7, [x29, #48]
- ldp x8, x9, [x29, #64]
- csel x5, x19, x6, eq
- csel x19, x6, x19, eq
- csel x26, x20, x7, eq
- csel x20, x7, x20, eq
- csel x27, x21, x8, eq
- csel x21, x8, x21, eq
- csel x28, x22, x9, eq
- csel x22, x9, x22, eq
- mov x23, x2
+ csel x14, x10, x6, ne
+ csel x10, x6, x10, ne
+ csel x15, x11, x7, ne
+ csel x11, x7, x11, ne
+ csel x16, x12, x8, ne
+ csel x12, x8, x12, ne
+ csel x17, x13, x9, ne
+ csel x13, x9, x13, ne
+ mov x23, x5
# Add
- adds x6, x10, x19
- adcs x7, x11, x20
- adcs x8, x12, x21
- adc x9, x13, x22
- mov x3, #-19
- asr x2, x9, #63
- # Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ adds x6, x10, x25
+ adcs x7, x11, x26
+ adcs x8, x12, x27
+ adcs x9, x13, x28
+ cset x5, cs
+ mov x3, #19
+ extr x5, x5, x9, #63
+ mul x3, x5, x3
# Sub modulus (if overflow)
- subs x6, x6, x3
- sbcs x7, x7, x2
- sbcs x8, x8, x2
- sbc x9, x9, x4
+ adds x6, x6, x3
+ adcs x7, x7, xzr
+ and x9, x9, #0x7fffffffffffffff
+ adcs x8, x8, xzr
+ adc x9, x9, xzr
# Sub
- subs x19, x10, x19
- sbcs x20, x11, x20
- sbcs x21, x12, x21
- sbcs x22, x13, x22
+ subs x25, x10, x25
+ sbcs x26, x11, x26
+ sbcs x27, x12, x27
+ sbcs x28, x13, x28
+ csetm x5, cc
mov x3, #-19
- csetm x2, cc
- # Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ extr x5, x5, x28, #63
+ mul x3, x5, x3
# Add modulus (if underflow)
- adds x19, x19, x3
- adcs x20, x20, x2
- adcs x21, x21, x2
- adc x22, x22, x4
- stp x19, x20, [x29, #144]
- stp x21, x22, [x29, #160]
+ subs x25, x25, x3
+ sbcs x26, x26, xzr
+ and x28, x28, #0x7fffffffffffffff
+ sbcs x27, x27, xzr
+ sbc x28, x28, xzr
+ stp x25, x26, [x29, #80]
+ stp x27, x28, [x29, #96]
# Add
- adds x10, x14, x5
- adcs x11, x15, x26
- adcs x12, x16, x27
- adc x13, x17, x28
- mov x3, #-19
- asr x2, x13, #63
- # Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ adds x10, x14, x19
+ adcs x11, x15, x20
+ adcs x12, x16, x21
+ adcs x13, x17, x22
+ cset x5, cs
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x3, x5, x3
# Sub modulus (if overflow)
- subs x10, x10, x3
- sbcs x11, x11, x2
- sbcs x12, x12, x2
- sbc x13, x13, x4
+ adds x10, x10, x3
+ adcs x11, x11, xzr
+ and x13, x13, #0x7fffffffffffffff
+ adcs x12, x12, xzr
+ adc x13, x13, xzr
# Sub
- subs x14, x14, x5
- sbcs x15, x15, x26
- sbcs x16, x16, x27
- sbcs x17, x17, x28
+ subs x14, x14, x19
+ sbcs x15, x15, x20
+ sbcs x16, x16, x21
+ sbcs x17, x17, x22
+ csetm x5, cc
mov x3, #-19
- csetm x2, cc
- # Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ extr x5, x5, x17, #63
+ mul x3, x5, x3
# Add modulus (if underflow)
- adds x14, x14, x3
- adcs x15, x15, x2
- adcs x16, x16, x2
- adc x17, x17, x4
+ subs x14, x14, x3
+ sbcs x15, x15, xzr
+ and x17, x17, #0x7fffffffffffffff
+ sbcs x16, x16, xzr
+ sbc x17, x17, xzr
# Multiply
- # A[0] * B[0]
- mul x19, x14, x6
+ # A[0] * B[0]
umulh x20, x14, x6
- # A[0] * B[1]
- mul x3, x14, x7
- umulh x21, x14, x7
- adds x20, x20, x3
- adc x21, x21, xzr
- # A[1] * B[0]
+ mul x19, x14, x6
+ # A[2] * B[0]
+ umulh x22, x16, x6
+ mul x21, x16, x6
+ # A[1] * B[0]
mul x3, x15, x6
+ adds x20, x20, x3
umulh x4, x15, x6
+ adcs x21, x21, x4
+ # A[1] * B[3]
+ umulh x26, x15, x9
+ adc x22, x22, xzr
+ mul x25, x15, x9
+ # A[0] * B[1]
+ mul x3, x14, x7
adds x20, x20, x3
+ umulh x4, x14, x7
adcs x21, x21, x4
- adc x22, xzr, xzr
- # A[0] * B[2]
- mul x3, x14, x8
- umulh x4, x14, x8
- adds x21, x21, x3
- adc x22, x22, x4
- # A[1] * B[1]
- mul x3, x15, x7
- umulh x4, x15, x7
- adds x21, x21, x3
- adcs x22, x22, x4
- adc x2, xzr, xzr
- # A[2] * B[0]
- mul x3, x16, x6
- umulh x4, x16, x6
- adds x21, x21, x3
- adcs x22, x22, x4
- adc x2, x2, xzr
- # A[0] * B[3]
- mul x3, x14, x9
- umulh x4, x14, x9
- adds x22, x22, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * B[2]
- mul x3, x15, x8
- umulh x4, x15, x8
- adds x22, x22, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[2] * B[1]
+ # A[2] * B[1]
mul x3, x16, x7
+ adcs x22, x22, x3
umulh x4, x16, x7
- adds x22, x22, x3
- adcs x2, x2, x4
+ adcs x25, x25, x4
adc x26, x26, xzr
- # A[3] * B[0]
- mul x3, x17, x6
- umulh x4, x17, x6
+ # A[1] * B[2]
+ mul x3, x15, x8
adds x22, x22, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[1] * B[3]
- mul x3, x15, x9
- umulh x4, x15, x9
- adds x2, x2, x3
- adcs x26, x26, x4
+ umulh x4, x15, x8
+ adcs x25, x25, x4
+ adcs x26, x26, xzr
adc x27, xzr, xzr
- # A[2] * B[2]
- mul x3, x16, x8
- umulh x4, x16, x8
- adds x2, x2, x3
- adcs x26, x26, x4
+ # A[0] * B[2]
+ mul x3, x14, x8
+ adds x21, x21, x3
+ umulh x4, x14, x8
+ adcs x22, x22, x4
+ adcs x25, x25, xzr
+ adcs x26, x26, xzr
adc x27, x27, xzr
- # A[3] * B[1]
+ # A[1] * B[1]
+ mul x3, x15, x7
+ adds x21, x21, x3
+ umulh x4, x15, x7
+ adcs x22, x22, x4
+ # A[3] * B[1]
mul x3, x17, x7
+ adcs x25, x25, x3
umulh x4, x17, x7
- adds x2, x2, x3
adcs x26, x26, x4
adc x27, x27, xzr
- # A[2] * B[3]
+ # A[2] * B[2]
+ mul x3, x16, x8
+ adds x25, x25, x3
+ umulh x4, x16, x8
+ adcs x26, x26, x4
+ # A[3] * B[3]
+ mul x3, x17, x9
+ adcs x27, x27, x3
+ umulh x28, x17, x9
+ adc x28, x28, xzr
+ # A[0] * B[3]
+ mul x3, x14, x9
+ adds x22, x22, x3
+ umulh x4, x14, x9
+ adcs x25, x25, x4
+ # A[2] * B[3]
mul x3, x16, x9
+ adcs x26, x26, x3
umulh x4, x16, x9
- adds x26, x26, x3
adcs x27, x27, x4
- adc x28, xzr, xzr
- # A[3] * B[2]
+ adc x28, x28, xzr
+ # A[3] * B[0]
+ mul x3, x17, x6
+ adds x22, x22, x3
+ umulh x4, x17, x6
+ adcs x25, x25, x4
+ # A[3] * B[2]
mul x3, x17, x8
+ adcs x26, x26, x3
umulh x4, x17, x8
- adds x26, x26, x3
adcs x27, x27, x4
adc x28, x28, xzr
- # A[3] * B[3]
- mul x3, x17, x9
- umulh x4, x17, x9
- adds x27, x27, x3
- adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x22, #63
- and x22, x22, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x19, x19, x4
- mul x4, x3, x26
- umulh x26, x3, x26
- adcs x20, x20, x4
- mul x4, x3, x27
- umulh x27, x3, x27
- adcs x21, x21, x4
+ mov x3, #38
mul x4, x3, x28
+ adds x22, x22, x4
umulh x5, x3, x28
- adcs x22, x22, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x20, x20, x2
- adcs x21, x21, x26
- adcs x22, x22, x27
adc x5, x5, xzr
- # Overflow
+ mov x3, #19
extr x5, x5, x22, #63
mul x5, x5, x3
and x22, x22, #0x7fffffffffffffff
- adds x19, x19, x5
- adcs x20, x20, xzr
- adcs x21, x21, xzr
+ mov x3, #38
+ mul x4, x3, x25
+ adds x19, x19, x4
+ umulh x25, x3, x25
+ mul x4, x3, x26
+ adcs x20, x20, x4
+ umulh x26, x3, x26
+ mul x4, x3, x27
+ adcs x21, x21, x4
+ umulh x27, x3, x27
adc x22, x22, xzr
- # Reduce if top bit set
- and x5, x3, x22, asr 63
- and x22, x22, #0x7fffffffffffffff
+ # Add high product results in
adds x19, x19, x5
- adcs x20, x20, xzr
- adcs x21, x21, xzr
- adc x22, x22, xzr
+ adcs x20, x20, x25
+ adcs x21, x21, x26
+ adc x22, x22, x27
# Store
- stp x19, x20, [x29, #112]
- stp x21, x22, [x29, #128]
+ stp x19, x20, [x29, #48]
+ stp x21, x22, [x29, #64]
# Multiply
- ldp x2, x26, [x29, #144]
- ldp x27, x28, [x29, #160]
- # A[0] * B[0]
- mul x19, x10, x2
- umulh x20, x10, x2
- # A[0] * B[1]
- mul x3, x10, x26
- umulh x21, x10, x26
+ ldp x25, x26, [x29, #80]
+ ldp x27, x28, [x29, #96]
+ # A[0] * B[0]
+ umulh x20, x10, x25
+ mul x19, x10, x25
+ # A[2] * B[0]
+ umulh x22, x12, x25
+ mul x21, x12, x25
+ # A[1] * B[0]
+ mul x3, x11, x25
adds x20, x20, x3
- adc x21, x21, xzr
- # A[1] * B[0]
- mul x3, x11, x2
- umulh x4, x11, x2
+ umulh x4, x11, x25
+ adcs x21, x21, x4
+ # A[1] * B[3]
+ umulh x15, x11, x28
+ adc x22, x22, xzr
+ mul x14, x11, x28
+ # A[0] * B[1]
+ mul x3, x10, x26
adds x20, x20, x3
+ umulh x4, x10, x26
adcs x21, x21, x4
- adc x22, xzr, xzr
- # A[0] * B[2]
- mul x3, x10, x27
- umulh x4, x10, x27
- adds x21, x21, x3
- adc x22, x22, x4
- # A[1] * B[1]
- mul x3, x11, x26
- umulh x4, x11, x26
- adds x21, x21, x3
- adcs x22, x22, x4
- adc x14, xzr, xzr
- # A[2] * B[0]
- mul x3, x12, x2
- umulh x4, x12, x2
- adds x21, x21, x3
- adcs x22, x22, x4
- adc x14, x14, xzr
- # A[0] * B[3]
- mul x3, x10, x28
- umulh x4, x10, x28
- adds x22, x22, x3
- adcs x14, x14, x4
- adc x15, xzr, xzr
- # A[1] * B[2]
- mul x3, x11, x27
- umulh x4, x11, x27
- adds x22, x22, x3
- adcs x14, x14, x4
- adc x15, x15, xzr
- # A[2] * B[1]
+ # A[2] * B[1]
mul x3, x12, x26
+ adcs x22, x22, x3
umulh x4, x12, x26
- adds x22, x22, x3
adcs x14, x14, x4
adc x15, x15, xzr
- # A[3] * B[0]
- mul x3, x13, x2
- umulh x4, x13, x2
+ # A[1] * B[2]
+ mul x3, x11, x27
adds x22, x22, x3
+ umulh x4, x11, x27
adcs x14, x14, x4
- adc x15, x15, xzr
- # A[1] * B[3]
- mul x3, x11, x28
- umulh x4, x11, x28
- adds x14, x14, x3
- adcs x15, x15, x4
+ adcs x15, x15, xzr
adc x16, xzr, xzr
- # A[2] * B[2]
- mul x3, x12, x27
- umulh x4, x12, x27
- adds x14, x14, x3
- adcs x15, x15, x4
+ # A[0] * B[2]
+ mul x3, x10, x27
+ adds x21, x21, x3
+ umulh x4, x10, x27
+ adcs x22, x22, x4
+ adcs x14, x14, xzr
+ adcs x15, x15, xzr
adc x16, x16, xzr
- # A[3] * B[1]
+ # A[1] * B[1]
+ mul x3, x11, x26
+ adds x21, x21, x3
+ umulh x4, x11, x26
+ adcs x22, x22, x4
+ # A[3] * B[1]
mul x3, x13, x26
+ adcs x14, x14, x3
umulh x4, x13, x26
- adds x14, x14, x3
adcs x15, x15, x4
adc x16, x16, xzr
- # A[2] * B[3]
+ # A[2] * B[2]
+ mul x3, x12, x27
+ adds x14, x14, x3
+ umulh x4, x12, x27
+ adcs x15, x15, x4
+ # A[3] * B[3]
+ mul x3, x13, x28
+ adcs x16, x16, x3
+ umulh x17, x13, x28
+ adc x17, x17, xzr
+ # A[0] * B[3]
+ mul x3, x10, x28
+ adds x22, x22, x3
+ umulh x4, x10, x28
+ adcs x14, x14, x4
+ # A[2] * B[3]
mul x3, x12, x28
+ adcs x15, x15, x3
umulh x4, x12, x28
- adds x15, x15, x3
adcs x16, x16, x4
- adc x17, xzr, xzr
- # A[3] * B[2]
+ adc x17, x17, xzr
+ # A[3] * B[0]
+ mul x3, x13, x25
+ adds x22, x22, x3
+ umulh x4, x13, x25
+ adcs x14, x14, x4
+ # A[3] * B[2]
mul x3, x13, x27
+ adcs x15, x15, x3
umulh x4, x13, x27
- adds x15, x15, x3
adcs x16, x16, x4
adc x17, x17, xzr
- # A[3] * B[3]
- mul x3, x13, x28
- umulh x4, x13, x28
- adds x16, x16, x3
- adc x17, x17, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x17, x17, x16, #63
- extr x16, x16, x15, #63
- extr x15, x15, x14, #63
- extr x14, x14, x22, #63
- and x22, x22, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x3, #38
+ mul x4, x3, x17
+ adds x22, x22, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
mov x3, #19
+ extr x5, x5, x22, #63
+ mul x5, x5, x3
+ and x22, x22, #0x7fffffffffffffff
+ mov x3, #38
mul x4, x3, x14
- umulh x14, x3, x14
adds x19, x19, x4
+ umulh x14, x3, x14
mul x4, x3, x15
- umulh x15, x3, x15
adcs x20, x20, x4
+ umulh x15, x3, x15
mul x4, x3, x16
- umulh x16, x3, x16
adcs x21, x21, x4
- mul x4, x3, x17
- umulh x5, x3, x17
- adcs x22, x22, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x20, x20, x14
- adcs x21, x21, x15
- adcs x22, x22, x16
- adc x5, x5, xzr
- # Overflow
- extr x5, x5, x22, #63
- mul x5, x5, x3
- and x22, x22, #0x7fffffffffffffff
- adds x19, x19, x5
- adcs x20, x20, xzr
- adcs x21, x21, xzr
+ umulh x16, x3, x16
adc x22, x22, xzr
- # Reduce if top bit set
- and x5, x3, x22, asr 63
- and x22, x22, #0x7fffffffffffffff
+ # Add high product results in
adds x19, x19, x5
- adcs x20, x20, xzr
- adcs x21, x21, xzr
- adc x22, x22, xzr
- # Store
+ adcs x20, x20, x14
+ adcs x21, x21, x15
+ adc x22, x22, x16
# Square
# A[0] * A[1]
- mul x11, x2, x26
- umulh x12, x2, x26
+ umulh x12, x25, x26
+ mul x11, x25, x26
+ # A[0] * A[3]
+ umulh x14, x25, x28
+ mul x13, x25, x28
# A[0] * A[2]
- mul x3, x2, x27
- umulh x13, x2, x27
+ mul x3, x25, x27
adds x12, x12, x3
- adc x13, x13, xzr
- # A[0] * A[3]
- mul x3, x2, x28
- umulh x14, x2, x28
- adds x13, x13, x3
- adc x14, x14, xzr
+ umulh x4, x25, x27
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x26, x28
+ adcs x14, x14, x3
+ umulh x15, x26, x28
+ adc x15, x15, xzr
# A[1] * A[2]
mul x3, x26, x27
- umulh x4, x26, x27
adds x13, x13, x3
+ umulh x4, x26, x27
adcs x14, x14, x4
- adc x15, xzr, xzr
- # A[1] * A[3]
- mul x3, x26, x28
- umulh x4, x26, x28
- adds x14, x14, x3
- adc x15, x15, x4
# A[2] * A[3]
mul x3, x27, x28
+ adcs x15, x15, x3
umulh x16, x27, x28
- adds x15, x15, x3
adc x16, x16, xzr
# Double
adds x11, x11, x11
@@ -1605,304 +2093,241 @@ L_curve25519_bits:
adcs x16, x16, x16
adc x17, xzr, xzr
# A[0] * A[0]
- mul x10, x2, x2
- umulh x5, x2, x2
+ umulh x4, x25, x25
+ mul x10, x25, x25
# A[1] * A[1]
mul x3, x26, x26
+ adds x11, x11, x4
umulh x4, x26, x26
- adds x11, x11, x5
adcs x12, x12, x3
- adc x5, x4, xzr
# A[2] * A[2]
mul x3, x27, x27
+ adcs x13, x13, x4
umulh x4, x27, x27
- adds x13, x13, x5
adcs x14, x14, x3
- adc x5, x4, xzr
# A[3] * A[3]
mul x3, x28, x28
+ adcs x15, x15, x4
umulh x4, x28, x28
- adds x15, x15, x5
adcs x16, x16, x3
adc x17, x17, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x17, x17, x16, #63
- extr x16, x16, x15, #63
- extr x15, x15, x14, #63
- extr x14, x14, x13, #63
- and x13, x13, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
mul x4, x3, x14
- umulh x14, x3, x14
adds x10, x10, x4
+ umulh x14, x3, x14
mul x4, x3, x15
- umulh x15, x3, x15
adcs x11, x11, x4
+ umulh x15, x3, x15
mul x4, x3, x16
- umulh x16, x3, x16
adcs x12, x12, x4
- mul x4, x3, x17
- umulh x5, x3, x17
- adcs x13, x13, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x11, x11, x14
- adcs x12, x12, x15
- adcs x13, x13, x16
- adc x5, x5, xzr
- # Overflow
- extr x5, x5, x13, #63
- mul x5, x5, x3
- and x13, x13, #0x7fffffffffffffff
- adds x10, x10, x5
- adcs x11, x11, xzr
- adcs x12, x12, xzr
+ umulh x16, x3, x16
adc x13, x13, xzr
- # Reduce if top bit set
- and x5, x3, x13, asr 63
- and x13, x13, #0x7fffffffffffffff
+ # Add high product results in
adds x10, x10, x5
- adcs x11, x11, xzr
- adcs x12, x12, xzr
- adc x13, x13, xzr
- # Store
+ adcs x11, x11, x14
+ adcs x12, x12, x15
+ adc x13, x13, x16
# Square
# A[0] * A[1]
- mul x15, x6, x7
umulh x16, x6, x7
+ mul x15, x6, x7
+ # A[0] * A[3]
+ umulh x25, x6, x9
+ mul x17, x6, x9
# A[0] * A[2]
mul x3, x6, x8
- umulh x17, x6, x8
adds x16, x16, x3
- adc x17, x17, xzr
- # A[0] * A[3]
- mul x3, x6, x9
- umulh x2, x6, x9
- adds x17, x17, x3
- adc x2, x2, xzr
+ umulh x4, x6, x8
+ adcs x17, x17, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x25, x25, x3
+ umulh x26, x7, x9
+ adc x26, x26, xzr
# A[1] * A[2]
mul x3, x7, x8
- umulh x4, x7, x8
adds x17, x17, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * A[3]
- mul x3, x7, x9
- umulh x4, x7, x9
- adds x2, x2, x3
- adc x26, x26, x4
+ umulh x4, x7, x8
+ adcs x25, x25, x4
# A[2] * A[3]
mul x3, x8, x9
+ adcs x26, x26, x3
umulh x27, x8, x9
- adds x26, x26, x3
adc x27, x27, xzr
# Double
adds x15, x15, x15
adcs x16, x16, x16
adcs x17, x17, x17
- adcs x2, x2, x2
+ adcs x25, x25, x25
adcs x26, x26, x26
adcs x27, x27, x27
adc x28, xzr, xzr
# A[0] * A[0]
+ umulh x4, x6, x6
mul x14, x6, x6
- umulh x5, x6, x6
# A[1] * A[1]
mul x3, x7, x7
+ adds x15, x15, x4
umulh x4, x7, x7
- adds x15, x15, x5
adcs x16, x16, x3
- adc x5, x4, xzr
# A[2] * A[2]
mul x3, x8, x8
+ adcs x17, x17, x4
umulh x4, x8, x8
- adds x17, x17, x5
- adcs x2, x2, x3
- adc x5, x4, xzr
+ adcs x25, x25, x3
# A[3] * A[3]
mul x3, x9, x9
+ adcs x26, x26, x4
umulh x4, x9, x9
- adds x26, x26, x5
adcs x27, x27, x3
adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x17, #63
- and x17, x17, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x14, x14, x4
- mul x4, x3, x26
- umulh x26, x3, x26
- adcs x15, x15, x4
- mul x4, x3, x27
- umulh x27, x3, x27
- adcs x16, x16, x4
+ mov x3, #38
mul x4, x3, x28
+ adds x17, x17, x4
umulh x5, x3, x28
- adcs x17, x17, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x15, x15, x2
- adcs x16, x16, x26
- adcs x17, x17, x27
adc x5, x5, xzr
- # Overflow
+ mov x3, #19
extr x5, x5, x17, #63
mul x5, x5, x3
and x17, x17, #0x7fffffffffffffff
- adds x14, x14, x5
- adcs x15, x15, xzr
- adcs x16, x16, xzr
+ mov x3, #38
+ mul x4, x3, x25
+ adds x14, x14, x4
+ umulh x25, x3, x25
+ mul x4, x3, x26
+ adcs x15, x15, x4
+ umulh x26, x3, x26
+ mul x4, x3, x27
+ adcs x16, x16, x4
+ umulh x27, x3, x27
adc x17, x17, xzr
- # Reduce if top bit set
- and x5, x3, x17, asr 63
- and x17, x17, #0x7fffffffffffffff
+ # Add high product results in
adds x14, x14, x5
- adcs x15, x15, xzr
- adcs x16, x16, xzr
- adc x17, x17, xzr
- # Store
+ adcs x15, x15, x25
+ adcs x16, x16, x26
+ adc x17, x17, x27
# Multiply
- # A[0] * B[0]
- mul x6, x14, x10
+ # A[0] * B[0]
umulh x7, x14, x10
- # A[0] * B[1]
- mul x3, x14, x11
- umulh x8, x14, x11
- adds x7, x7, x3
- adc x8, x8, xzr
- # A[1] * B[0]
+ mul x6, x14, x10
+ # A[2] * B[0]
+ umulh x9, x16, x10
+ mul x8, x16, x10
+ # A[1] * B[0]
mul x3, x15, x10
+ adds x7, x7, x3
umulh x4, x15, x10
+ adcs x8, x8, x4
+ # A[1] * B[3]
+ umulh x26, x15, x13
+ adc x9, x9, xzr
+ mul x25, x15, x13
+ # A[0] * B[1]
+ mul x3, x14, x11
adds x7, x7, x3
+ umulh x4, x14, x11
adcs x8, x8, x4
- adc x9, xzr, xzr
- # A[0] * B[2]
- mul x3, x14, x12
- umulh x4, x14, x12
- adds x8, x8, x3
- adc x9, x9, x4
- # A[1] * B[1]
- mul x3, x15, x11
- umulh x4, x15, x11
- adds x8, x8, x3
- adcs x9, x9, x4
- adc x2, xzr, xzr
- # A[2] * B[0]
- mul x3, x16, x10
- umulh x4, x16, x10
- adds x8, x8, x3
- adcs x9, x9, x4
- adc x2, x2, xzr
- # A[0] * B[3]
- mul x3, x14, x13
- umulh x4, x14, x13
- adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * B[2]
- mul x3, x15, x12
- umulh x4, x15, x12
- adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[2] * B[1]
+ # A[2] * B[1]
mul x3, x16, x11
+ adcs x9, x9, x3
umulh x4, x16, x11
- adds x9, x9, x3
- adcs x2, x2, x4
+ adcs x25, x25, x4
adc x26, x26, xzr
- # A[3] * B[0]
- mul x3, x17, x10
- umulh x4, x17, x10
+ # A[1] * B[2]
+ mul x3, x15, x12
adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[1] * B[3]
- mul x3, x15, x13
- umulh x4, x15, x13
- adds x2, x2, x3
- adcs x26, x26, x4
+ umulh x4, x15, x12
+ adcs x25, x25, x4
+ adcs x26, x26, xzr
adc x27, xzr, xzr
- # A[2] * B[2]
- mul x3, x16, x12
- umulh x4, x16, x12
- adds x2, x2, x3
- adcs x26, x26, x4
+ # A[0] * B[2]
+ mul x3, x14, x12
+ adds x8, x8, x3
+ umulh x4, x14, x12
+ adcs x9, x9, x4
+ adcs x25, x25, xzr
+ adcs x26, x26, xzr
adc x27, x27, xzr
- # A[3] * B[1]
+ # A[1] * B[1]
+ mul x3, x15, x11
+ adds x8, x8, x3
+ umulh x4, x15, x11
+ adcs x9, x9, x4
+ # A[3] * B[1]
mul x3, x17, x11
+ adcs x25, x25, x3
umulh x4, x17, x11
- adds x2, x2, x3
adcs x26, x26, x4
adc x27, x27, xzr
- # A[2] * B[3]
+ # A[2] * B[2]
+ mul x3, x16, x12
+ adds x25, x25, x3
+ umulh x4, x16, x12
+ adcs x26, x26, x4
+ # A[3] * B[3]
+ mul x3, x17, x13
+ adcs x27, x27, x3
+ umulh x28, x17, x13
+ adc x28, x28, xzr
+ # A[0] * B[3]
+ mul x3, x14, x13
+ adds x9, x9, x3
+ umulh x4, x14, x13
+ adcs x25, x25, x4
+ # A[2] * B[3]
mul x3, x16, x13
+ adcs x26, x26, x3
umulh x4, x16, x13
- adds x26, x26, x3
adcs x27, x27, x4
- adc x28, xzr, xzr
- # A[3] * B[2]
+ adc x28, x28, xzr
+ # A[3] * B[0]
+ mul x3, x17, x10
+ adds x9, x9, x3
+ umulh x4, x17, x10
+ adcs x25, x25, x4
+ # A[3] * B[2]
mul x3, x17, x12
+ adcs x26, x26, x3
umulh x4, x17, x12
- adds x26, x26, x3
adcs x27, x27, x4
adc x28, x28, xzr
- # A[3] * B[3]
- mul x3, x17, x13
- umulh x4, x17, x13
- adds x27, x27, x3
- adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x9, #63
- and x9, x9, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x6, x6, x4
- mul x4, x3, x26
- umulh x26, x3, x26
- adcs x7, x7, x4
- mul x4, x3, x27
- umulh x27, x3, x27
- adcs x8, x8, x4
+ mov x3, #38
mul x4, x3, x28
+ adds x9, x9, x4
umulh x5, x3, x28
- adcs x9, x9, x4
adc x5, x5, xzr
- # Add remaining product results in
- adds x7, x7, x2
- adcs x8, x8, x26
- adcs x9, x9, x27
- adc x5, x5, xzr
- # Overflow
+ mov x3, #19
extr x5, x5, x9, #63
mul x5, x5, x3
and x9, x9, #0x7fffffffffffffff
- adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
+ mov x3, #38
+ mul x4, x3, x25
+ adds x6, x6, x4
+ umulh x25, x3, x25
+ mul x4, x3, x26
+ adcs x7, x7, x4
+ umulh x26, x3, x26
+ mul x4, x3, x27
+ adcs x8, x8, x4
+ umulh x27, x3, x27
adc x9, x9, xzr
- # Reduce if top bit set
- and x5, x3, x9, asr 63
- and x9, x9, #0x7fffffffffffffff
+ # Add high product results in
adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
- adc x9, x9, xzr
+ adcs x7, x7, x25
+ adcs x8, x8, x26
+ adc x9, x9, x27
# Store
stp x6, x7, [x0]
stp x8, x9, [x0, #16]
@@ -1911,576 +2336,479 @@ L_curve25519_bits:
sbcs x15, x15, x11
sbcs x16, x16, x12
sbcs x17, x17, x13
+ csetm x5, cc
mov x3, #-19
- csetm x2, cc
# Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ extr x5, x5, x17, #63
+ mul x3, x5, x3
# Add modulus (if underflow)
- adds x14, x14, x3
- adcs x15, x15, x2
- adcs x16, x16, x2
- adc x17, x17, x4
+ subs x14, x14, x3
+ sbcs x15, x15, xzr
+ and x17, x17, #0x7fffffffffffffff
+ sbcs x16, x16, xzr
+ sbc x17, x17, xzr
# Multiply by 121666
mov x5, #0xdb42
movk x5, #1, lsl 16
mul x6, x14, x5
umulh x7, x14, x5
mul x3, x15, x5
- umulh x4, x15, x5
+ umulh x8, x15, x5
adds x7, x7, x3
- adc x8, xzr, x4
+ adc x8, x8, xzr
mul x3, x16, x5
- umulh x4, x16, x5
+ umulh x9, x16, x5
adds x8, x8, x3
- adc x9, xzr, x4
+ adc x9, x9, xzr
mul x3, x17, x5
umulh x4, x17, x5
adds x9, x9, x3
- adc x4, xzr, x4
+ adc x4, x4, xzr
mov x5, #19
extr x4, x4, x9, #63
mul x4, x4, x5
- and x9, x9, #0x7fffffffffffffff
adds x6, x6, x4
adcs x7, x7, xzr
+ and x9, x9, #0x7fffffffffffffff
adcs x8, x8, xzr
adc x9, x9, xzr
# Add
adds x10, x10, x6
adcs x11, x11, x7
adcs x12, x12, x8
- adc x13, x13, x9
- mov x3, #-19
- asr x2, x13, #63
+ adcs x13, x13, x9
+ cset x5, cs
+ mov x3, #19
# Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ extr x5, x5, x13, #63
+ mul x3, x5, x3
# Sub modulus (if overflow)
- subs x10, x10, x3
- sbcs x11, x11, x2
- sbcs x12, x12, x2
- sbc x13, x13, x4
+ adds x10, x10, x3
+ adcs x11, x11, xzr
+ and x13, x13, #0x7fffffffffffffff
+ adcs x12, x12, xzr
+ adc x13, x13, xzr
# Multiply
- # A[0] * B[0]
- mul x6, x14, x10
+ # A[0] * B[0]
umulh x7, x14, x10
- # A[0] * B[1]
- mul x3, x14, x11
- umulh x8, x14, x11
- adds x7, x7, x3
- adc x8, x8, xzr
- # A[1] * B[0]
+ mul x6, x14, x10
+ # A[2] * B[0]
+ umulh x9, x16, x10
+ mul x8, x16, x10
+ # A[1] * B[0]
mul x3, x15, x10
+ adds x7, x7, x3
umulh x4, x15, x10
+ adcs x8, x8, x4
+ # A[1] * B[3]
+ umulh x26, x15, x13
+ adc x9, x9, xzr
+ mul x25, x15, x13
+ # A[0] * B[1]
+ mul x3, x14, x11
adds x7, x7, x3
+ umulh x4, x14, x11
adcs x8, x8, x4
- adc x9, xzr, xzr
- # A[0] * B[2]
- mul x3, x14, x12
- umulh x4, x14, x12
- adds x8, x8, x3
- adc x9, x9, x4
- # A[1] * B[1]
- mul x3, x15, x11
- umulh x4, x15, x11
- adds x8, x8, x3
- adcs x9, x9, x4
- adc x2, xzr, xzr
- # A[2] * B[0]
- mul x3, x16, x10
- umulh x4, x16, x10
- adds x8, x8, x3
- adcs x9, x9, x4
- adc x2, x2, xzr
- # A[0] * B[3]
- mul x3, x14, x13
- umulh x4, x14, x13
- adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * B[2]
- mul x3, x15, x12
- umulh x4, x15, x12
- adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[2] * B[1]
+ # A[2] * B[1]
mul x3, x16, x11
+ adcs x9, x9, x3
umulh x4, x16, x11
- adds x9, x9, x3
- adcs x2, x2, x4
+ adcs x25, x25, x4
adc x26, x26, xzr
- # A[3] * B[0]
- mul x3, x17, x10
- umulh x4, x17, x10
+ # A[1] * B[2]
+ mul x3, x15, x12
adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[1] * B[3]
- mul x3, x15, x13
- umulh x4, x15, x13
- adds x2, x2, x3
- adcs x26, x26, x4
+ umulh x4, x15, x12
+ adcs x25, x25, x4
+ adcs x26, x26, xzr
adc x27, xzr, xzr
- # A[2] * B[2]
- mul x3, x16, x12
- umulh x4, x16, x12
- adds x2, x2, x3
- adcs x26, x26, x4
+ # A[0] * B[2]
+ mul x3, x14, x12
+ adds x8, x8, x3
+ umulh x4, x14, x12
+ adcs x9, x9, x4
+ adcs x25, x25, xzr
+ adcs x26, x26, xzr
adc x27, x27, xzr
- # A[3] * B[1]
+ # A[1] * B[1]
+ mul x3, x15, x11
+ adds x8, x8, x3
+ umulh x4, x15, x11
+ adcs x9, x9, x4
+ # A[3] * B[1]
mul x3, x17, x11
+ adcs x25, x25, x3
umulh x4, x17, x11
- adds x2, x2, x3
adcs x26, x26, x4
adc x27, x27, xzr
- # A[2] * B[3]
+ # A[2] * B[2]
+ mul x3, x16, x12
+ adds x25, x25, x3
+ umulh x4, x16, x12
+ adcs x26, x26, x4
+ # A[3] * B[3]
+ mul x3, x17, x13
+ adcs x27, x27, x3
+ umulh x28, x17, x13
+ adc x28, x28, xzr
+ # A[0] * B[3]
+ mul x3, x14, x13
+ adds x9, x9, x3
+ umulh x4, x14, x13
+ adcs x25, x25, x4
+ # A[2] * B[3]
mul x3, x16, x13
+ adcs x26, x26, x3
umulh x4, x16, x13
- adds x26, x26, x3
adcs x27, x27, x4
- adc x28, xzr, xzr
- # A[3] * B[2]
+ adc x28, x28, xzr
+ # A[3] * B[0]
+ mul x3, x17, x10
+ adds x9, x9, x3
+ umulh x4, x17, x10
+ adcs x25, x25, x4
+ # A[3] * B[2]
mul x3, x17, x12
+ adcs x26, x26, x3
umulh x4, x17, x12
- adds x26, x26, x3
adcs x27, x27, x4
adc x28, x28, xzr
- # A[3] * B[3]
- mul x3, x17, x13
- umulh x4, x17, x13
- adds x27, x27, x3
- adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x9, #63
- and x9, x9, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x6, x6, x4
- mul x4, x3, x26
- umulh x26, x3, x26
- adcs x7, x7, x4
- mul x4, x3, x27
- umulh x27, x3, x27
- adcs x8, x8, x4
+ mov x3, #38
mul x4, x3, x28
+ adds x9, x9, x4
umulh x5, x3, x28
- adcs x9, x9, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x7, x7, x2
- adcs x8, x8, x26
- adcs x9, x9, x27
adc x5, x5, xzr
- # Overflow
+ mov x3, #19
extr x5, x5, x9, #63
mul x5, x5, x3
and x9, x9, #0x7fffffffffffffff
- adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
+ mov x3, #38
+ mul x4, x3, x25
+ adds x6, x6, x4
+ umulh x25, x3, x25
+ mul x4, x3, x26
+ adcs x7, x7, x4
+ umulh x26, x3, x26
+ mul x4, x3, x27
+ adcs x8, x8, x4
+ umulh x27, x3, x27
adc x9, x9, xzr
- # Reduce if top bit set
- and x5, x3, x9, asr 63
- and x9, x9, #0x7fffffffffffffff
+ # Add high product results in
adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
- adc x9, x9, xzr
+ adcs x7, x7, x25
+ adcs x8, x8, x26
+ adc x9, x9, x27
# Store
stp x6, x7, [x29, #16]
stp x8, x9, [x29, #32]
# Add
- ldp x6, x7, [x29, #112]
- ldp x8, x9, [x29, #128]
- adds x10, x6, x19
- adcs x11, x7, x20
- adcs x12, x8, x21
- adc x13, x9, x22
- mov x3, #-19
- asr x2, x13, #63
- # Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ ldp x25, x26, [x29, #48]
+ ldp x27, x28, [x29, #64]
+ adds x10, x25, x19
+ adcs x11, x26, x20
+ adcs x12, x27, x21
+ adcs x13, x28, x22
+ cset x5, cs
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x3, x5, x3
# Sub modulus (if overflow)
- subs x10, x10, x3
- sbcs x11, x11, x2
- sbcs x12, x12, x2
- sbc x13, x13, x4
+ adds x10, x10, x3
+ adcs x11, x11, xzr
+ and x13, x13, #0x7fffffffffffffff
+ adcs x12, x12, xzr
+ adc x13, x13, xzr
# Sub
- subs x19, x6, x19
- sbcs x20, x7, x20
- sbcs x21, x8, x21
- sbcs x22, x9, x22
+ subs x19, x25, x19
+ sbcs x20, x26, x20
+ sbcs x21, x27, x21
+ sbcs x22, x28, x22
+ csetm x5, cc
mov x3, #-19
- csetm x2, cc
- # Mask the modulus
- and x3, x2, x3
- and x4, x2, #0x7fffffffffffffff
+ extr x5, x5, x22, #63
+ mul x3, x5, x3
# Add modulus (if underflow)
- adds x19, x19, x3
- adcs x20, x20, x2
- adcs x21, x21, x2
- adc x22, x22, x4
+ subs x19, x19, x3
+ sbcs x20, x20, xzr
+ and x22, x22, #0x7fffffffffffffff
+ sbcs x21, x21, xzr
+ sbc x22, x22, xzr
# Square
# A[0] * A[1]
- mul x7, x10, x11
umulh x8, x10, x11
+ mul x7, x10, x11
+ # A[0] * A[3]
+ umulh x25, x10, x13
+ mul x9, x10, x13
# A[0] * A[2]
mul x3, x10, x12
- umulh x9, x10, x12
adds x8, x8, x3
- adc x9, x9, xzr
- # A[0] * A[3]
- mul x3, x10, x13
- umulh x2, x10, x13
- adds x9, x9, x3
- adc x2, x2, xzr
+ umulh x4, x10, x12
+ adcs x9, x9, x4
+ # A[1] * A[3]
+ mul x3, x11, x13
+ adcs x25, x25, x3
+ umulh x26, x11, x13
+ adc x26, x26, xzr
# A[1] * A[2]
mul x3, x11, x12
- umulh x4, x11, x12
adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * A[3]
- mul x3, x11, x13
- umulh x4, x11, x13
- adds x2, x2, x3
- adc x26, x26, x4
+ umulh x4, x11, x12
+ adcs x25, x25, x4
# A[2] * A[3]
mul x3, x12, x13
+ adcs x26, x26, x3
umulh x27, x12, x13
- adds x26, x26, x3
adc x27, x27, xzr
# Double
adds x7, x7, x7
adcs x8, x8, x8
adcs x9, x9, x9
- adcs x2, x2, x2
+ adcs x25, x25, x25
adcs x26, x26, x26
adcs x27, x27, x27
adc x28, xzr, xzr
# A[0] * A[0]
+ umulh x4, x10, x10
mul x6, x10, x10
- umulh x5, x10, x10
# A[1] * A[1]
mul x3, x11, x11
+ adds x7, x7, x4
umulh x4, x11, x11
- adds x7, x7, x5
adcs x8, x8, x3
- adc x5, x4, xzr
# A[2] * A[2]
mul x3, x12, x12
+ adcs x9, x9, x4
umulh x4, x12, x12
- adds x9, x9, x5
- adcs x2, x2, x3
- adc x5, x4, xzr
+ adcs x25, x25, x3
# A[3] * A[3]
mul x3, x13, x13
+ adcs x26, x26, x4
umulh x4, x13, x13
- adds x26, x26, x5
adcs x27, x27, x3
adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x9, #63
- and x9, x9, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x6, x6, x4
- mul x4, x3, x26
- umulh x26, x3, x26
- adcs x7, x7, x4
- mul x4, x3, x27
- umulh x27, x3, x27
- adcs x8, x8, x4
+ mov x3, #38
mul x4, x3, x28
+ adds x9, x9, x4
umulh x5, x3, x28
- adcs x9, x9, x4
adc x5, x5, xzr
- # Add remaining product results in
- adds x7, x7, x2
- adcs x8, x8, x26
- adcs x9, x9, x27
- adc x5, x5, xzr
- # Overflow
+ mov x3, #19
extr x5, x5, x9, #63
mul x5, x5, x3
and x9, x9, #0x7fffffffffffffff
- adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
+ mov x3, #38
+ mul x4, x3, x25
+ adds x6, x6, x4
+ umulh x25, x3, x25
+ mul x4, x3, x26
+ adcs x7, x7, x4
+ umulh x26, x3, x26
+ mul x4, x3, x27
+ adcs x8, x8, x4
+ umulh x27, x3, x27
adc x9, x9, xzr
- # Reduce if top bit set
- and x5, x3, x9, asr 63
- and x9, x9, #0x7fffffffffffffff
+ # Add high product results in
adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
- adc x9, x9, xzr
- # Store
- stp x6, x7, [x29, #80]
- stp x8, x9, [x29, #96]
+ adcs x7, x7, x25
+ adcs x8, x8, x26
+ adc x9, x9, x27
# Square
# A[0] * A[1]
- mul x7, x19, x20
- umulh x8, x19, x20
+ umulh x16, x19, x20
+ mul x15, x19, x20
+ # A[0] * A[3]
+ umulh x25, x19, x22
+ mul x17, x19, x22
# A[0] * A[2]
mul x3, x19, x21
- umulh x9, x19, x21
- adds x8, x8, x3
- adc x9, x9, xzr
- # A[0] * A[3]
- mul x3, x19, x22
- umulh x2, x19, x22
- adds x9, x9, x3
- adc x2, x2, xzr
+ adds x16, x16, x3
+ umulh x4, x19, x21
+ adcs x17, x17, x4
+ # A[1] * A[3]
+ mul x3, x20, x22
+ adcs x25, x25, x3
+ umulh x26, x20, x22
+ adc x26, x26, xzr
# A[1] * A[2]
mul x3, x20, x21
+ adds x17, x17, x3
umulh x4, x20, x21
- adds x9, x9, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * A[3]
- mul x3, x20, x22
- umulh x4, x20, x22
- adds x2, x2, x3
- adc x26, x26, x4
+ adcs x25, x25, x4
# A[2] * A[3]
mul x3, x21, x22
+ adcs x26, x26, x3
umulh x27, x21, x22
- adds x26, x26, x3
adc x27, x27, xzr
# Double
- adds x7, x7, x7
- adcs x8, x8, x8
- adcs x9, x9, x9
- adcs x2, x2, x2
+ adds x15, x15, x15
+ adcs x16, x16, x16
+ adcs x17, x17, x17
+ adcs x25, x25, x25
adcs x26, x26, x26
adcs x27, x27, x27
adc x28, xzr, xzr
# A[0] * A[0]
- mul x6, x19, x19
- umulh x5, x19, x19
+ umulh x4, x19, x19
+ mul x14, x19, x19
# A[1] * A[1]
mul x3, x20, x20
+ adds x15, x15, x4
umulh x4, x20, x20
- adds x7, x7, x5
- adcs x8, x8, x3
- adc x5, x4, xzr
+ adcs x16, x16, x3
# A[2] * A[2]
mul x3, x21, x21
+ adcs x17, x17, x4
umulh x4, x21, x21
- adds x9, x9, x5
- adcs x2, x2, x3
- adc x5, x4, xzr
+ adcs x25, x25, x3
# A[3] * A[3]
mul x3, x22, x22
+ adcs x26, x26, x4
umulh x4, x22, x22
- adds x26, x26, x5
adcs x27, x27, x3
adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x9, #63
- and x9, x9, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x3, #38
+ mul x4, x3, x28
+ adds x17, x17, x4
+ umulh x5, x3, x28
+ adc x5, x5, xzr
mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x6, x6, x4
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x25
+ adds x14, x14, x4
+ umulh x25, x3, x25
mul x4, x3, x26
+ adcs x15, x15, x4
umulh x26, x3, x26
- adcs x7, x7, x4
mul x4, x3, x27
+ adcs x16, x16, x4
umulh x27, x3, x27
- adcs x8, x8, x4
- mul x4, x3, x28
- umulh x5, x3, x28
- adcs x9, x9, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x7, x7, x2
- adcs x8, x8, x26
- adcs x9, x9, x27
- adc x5, x5, xzr
- # Overflow
- extr x5, x5, x9, #63
- mul x5, x5, x3
- and x9, x9, #0x7fffffffffffffff
- adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
- adc x9, x9, xzr
- # Reduce if top bit set
- and x5, x3, x9, asr 63
- and x9, x9, #0x7fffffffffffffff
- adds x6, x6, x5
- adcs x7, x7, xzr
- adcs x8, x8, xzr
- adc x9, x9, xzr
- # Store
- ldr x2, [x29, #184]
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x25
+ adcs x16, x16, x26
+ adc x17, x17, x27
# Multiply
- ldp x14, x15, [x2]
- ldp x16, x17, [x2, #16]
- # A[0] * B[0]
- mul x10, x14, x6
- umulh x11, x14, x6
- # A[0] * B[1]
- mul x3, x14, x7
- umulh x12, x14, x7
+ ldp x19, x20, [x2]
+ ldp x21, x22, [x2, #16]
+ # A[0] * B[0]
+ umulh x11, x19, x14
+ mul x10, x19, x14
+ # A[2] * B[0]
+ umulh x13, x21, x14
+ mul x12, x21, x14
+ # A[1] * B[0]
+ mul x3, x20, x14
adds x11, x11, x3
- adc x12, x12, xzr
- # A[1] * B[0]
- mul x3, x15, x6
- umulh x4, x15, x6
+ umulh x4, x20, x14
+ adcs x12, x12, x4
+ # A[1] * B[3]
+ umulh x26, x20, x17
+ adc x13, x13, xzr
+ mul x25, x20, x17
+ # A[0] * B[1]
+ mul x3, x19, x15
adds x11, x11, x3
+ umulh x4, x19, x15
adcs x12, x12, x4
- adc x13, xzr, xzr
- # A[0] * B[2]
- mul x3, x14, x8
- umulh x4, x14, x8
- adds x12, x12, x3
- adc x13, x13, x4
- # A[1] * B[1]
- mul x3, x15, x7
- umulh x4, x15, x7
+ # A[2] * B[1]
+ mul x3, x21, x15
+ adcs x13, x13, x3
+ umulh x4, x21, x15
+ adcs x25, x25, x4
+ adc x26, x26, xzr
+ # A[1] * B[2]
+ mul x3, x20, x16
+ adds x13, x13, x3
+ umulh x4, x20, x16
+ adcs x25, x25, x4
+ adcs x26, x26, xzr
+ adc x27, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x19, x16
adds x12, x12, x3
+ umulh x4, x19, x16
adcs x13, x13, x4
- adc x2, xzr, xzr
- # A[2] * B[0]
- mul x3, x16, x6
- umulh x4, x16, x6
+ adcs x25, x25, xzr
+ adcs x26, x26, xzr
+ adc x27, x27, xzr
+ # A[1] * B[1]
+ mul x3, x20, x15
adds x12, x12, x3
+ umulh x4, x20, x15
adcs x13, x13, x4
- adc x2, x2, xzr
- # A[0] * B[3]
- mul x3, x14, x9
- umulh x4, x14, x9
- adds x13, x13, x3
- adcs x2, x2, x4
- adc x26, xzr, xzr
- # A[1] * B[2]
- mul x3, x15, x8
- umulh x4, x15, x8
- adds x13, x13, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[2] * B[1]
- mul x3, x16, x7
- umulh x4, x16, x7
- adds x13, x13, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[3] * B[0]
- mul x3, x17, x6
- umulh x4, x17, x6
- adds x13, x13, x3
- adcs x2, x2, x4
- adc x26, x26, xzr
- # A[1] * B[3]
- mul x3, x15, x9
- umulh x4, x15, x9
- adds x2, x2, x3
- adcs x26, x26, x4
- adc x27, xzr, xzr
- # A[2] * B[2]
- mul x3, x16, x8
- umulh x4, x16, x8
- adds x2, x2, x3
+ # A[3] * B[1]
+ mul x3, x22, x15
+ adcs x25, x25, x3
+ umulh x4, x22, x15
adcs x26, x26, x4
adc x27, x27, xzr
- # A[3] * B[1]
- mul x3, x17, x7
- umulh x4, x17, x7
- adds x2, x2, x3
+ # A[2] * B[2]
+ mul x3, x21, x16
+ adds x25, x25, x3
+ umulh x4, x21, x16
adcs x26, x26, x4
- adc x27, x27, xzr
- # A[2] * B[3]
- mul x3, x16, x9
- umulh x4, x16, x9
- adds x26, x26, x3
+ # A[3] * B[3]
+ mul x3, x22, x17
+ adcs x27, x27, x3
+ umulh x28, x22, x17
+ adc x28, x28, xzr
+ # A[0] * B[3]
+ mul x3, x19, x17
+ adds x13, x13, x3
+ umulh x4, x19, x17
+ adcs x25, x25, x4
+ # A[2] * B[3]
+ mul x3, x21, x17
+ adcs x26, x26, x3
+ umulh x4, x21, x17
adcs x27, x27, x4
- adc x28, xzr, xzr
- # A[3] * B[2]
- mul x3, x17, x8
- umulh x4, x17, x8
- adds x26, x26, x3
+ adc x28, x28, xzr
+ # A[3] * B[0]
+ mul x3, x22, x14
+ adds x13, x13, x3
+ umulh x4, x22, x14
+ adcs x25, x25, x4
+ # A[3] * B[2]
+ mul x3, x22, x16
+ adcs x26, x26, x3
+ umulh x4, x22, x16
adcs x27, x27, x4
adc x28, x28, xzr
- # A[3] * B[3]
- mul x3, x17, x9
- umulh x4, x17, x9
- adds x27, x27, x3
- adc x28, x28, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x28, x28, x27, #63
- extr x27, x27, x26, #63
- extr x26, x26, x2, #63
- extr x2, x2, x13, #63
- and x13, x13, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x3, #19
- mul x4, x3, x2
- umulh x2, x3, x2
- adds x10, x10, x4
- mul x4, x3, x26
- umulh x26, x3, x26
- adcs x11, x11, x4
- mul x4, x3, x27
- umulh x27, x3, x27
- adcs x12, x12, x4
+ mov x3, #38
mul x4, x3, x28
+ adds x13, x13, x4
umulh x5, x3, x28
- adcs x13, x13, x4
adc x5, x5, xzr
- # Add remaining product results in
- adds x11, x11, x2
- adcs x12, x12, x26
- adcs x13, x13, x27
- adc x5, x5, xzr
- # Overflow
+ mov x3, #19
extr x5, x5, x13, #63
mul x5, x5, x3
and x13, x13, #0x7fffffffffffffff
- adds x10, x10, x5
- adcs x11, x11, xzr
- adcs x12, x12, xzr
+ mov x3, #38
+ mul x4, x3, x25
+ adds x10, x10, x4
+ umulh x25, x3, x25
+ mul x4, x3, x26
+ adcs x11, x11, x4
+ umulh x26, x3, x26
+ mul x4, x3, x27
+ adcs x12, x12, x4
+ umulh x27, x3, x27
adc x13, x13, xzr
- # Reduce if top bit set
- and x5, x3, x13, asr 63
- and x13, x13, #0x7fffffffffffffff
+ # Add high product results in
adds x10, x10, x5
- adcs x11, x11, xzr
- adcs x12, x12, xzr
- adc x13, x13, xzr
- # Store
- stp x10, x11, [x29, #48]
- stp x12, x13, [x29, #64]
- sub x25, x25, #1
- cmp x25, #0
+ adcs x11, x11, x25
+ adcs x12, x12, x26
+ adc x13, x13, x27
+ subs x24, x24, #1
bge L_curve25519_bits
- mov x25, #63
- sub x24, x24, #8
- cmp x24, #0
- bge L_curve25519_words
# Invert
add x0, x29, #48
add x1, x29, #16
@@ -2540,61 +2868,197 @@ L_curve25519_bits:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x70
-#ifndef NDEBUG
- add x1, x29, #0x50
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x24, #3
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 5 times
+ mov x24, #5
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_curve25519_inv_1:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_1
- add x0, x29, #0x50
+ bne L_curve25519_inv_1
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
#ifndef NDEBUG
- add x1, x29, #0x70
+ add x0, x29, #0x50
#endif /* !NDEBUG */
+ add x1, x29, #0x70
add x2, x29, #0x50
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x70
- add x1, x29, #0x50
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x24, #8
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 10 times
+ mov x24, #10
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_curve25519_inv_2:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_2
-#ifndef NDEBUG
+ bne L_curve25519_inv_2
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
add x0, x29, #0x70
-#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #0x70
#endif /* !NDEBUG */
@@ -2604,84 +3068,295 @@ L_curve25519_inv_2:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x90
-#ifndef NDEBUG
- add x1, x29, #0x70
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x24, #18
-#ifndef NDEBUG
- add x0, x29, #0x90
-#endif /* !NDEBUG */
- add x1, x29, #0x90
+ # Loop: 20 times
+ mov x24, #20
+ ldp x6, x7, [x29, #112]
+ ldp x8, x9, [x29, #128]
L_curve25519_inv_3:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_3
- add x0, x29, #0x70
+ bne L_curve25519_inv_3
+ # Store
+ stp x6, x7, [x29, #144]
+ stp x8, x9, [x29, #160]
#ifndef NDEBUG
- add x1, x29, #0x90
+ add x0, x29, #0x70
#endif /* !NDEBUG */
+ add x1, x29, #0x90
add x2, x29, #0x70
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x24, #9
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 10 times
+ mov x24, #10
+ ldp x6, x7, [x29, #112]
+ ldp x8, x9, [x29, #128]
L_curve25519_inv_4:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_4
+ bne L_curve25519_inv_4
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
add x0, x29, #0x50
-#ifndef NDEBUG
add x1, x29, #0x70
-#endif /* !NDEBUG */
add x2, x29, #0x50
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x70
- add x1, x29, #0x50
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x24, #48
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 50 times
+ mov x24, #50
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_curve25519_inv_5:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_5
-#ifndef NDEBUG
+ bne L_curve25519_inv_5
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
add x0, x29, #0x70
-#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #0x70
#endif /* !NDEBUG */
@@ -2691,78 +3366,296 @@ L_curve25519_inv_5:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x90
-#ifndef NDEBUG
- add x1, x29, #0x70
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x24, #0x62
-#ifndef NDEBUG
- add x0, x29, #0x90
-#endif /* !NDEBUG */
- add x1, x29, #0x90
+ # Loop: 100 times
+ mov x24, #0x64
+ ldp x6, x7, [x29, #112]
+ ldp x8, x9, [x29, #128]
L_curve25519_inv_6:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_6
- add x0, x29, #0x70
+ bne L_curve25519_inv_6
+ # Store
+ stp x6, x7, [x29, #144]
+ stp x8, x9, [x29, #160]
#ifndef NDEBUG
- add x1, x29, #0x90
+ add x0, x29, #0x70
#endif /* !NDEBUG */
+ add x1, x29, #0x90
add x2, x29, #0x70
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x24, #49
-#ifndef NDEBUG
- add x0, x29, #0x70
-#endif /* !NDEBUG */
- add x1, x29, #0x70
+ # Loop: 50 times
+ mov x24, #50
+ ldp x6, x7, [x29, #112]
+ ldp x8, x9, [x29, #128]
L_curve25519_inv_7:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_7
+ bne L_curve25519_inv_7
+ # Store
+ stp x6, x7, [x29, #112]
+ stp x8, x9, [x29, #128]
add x0, x29, #0x50
-#ifndef NDEBUG
add x1, x29, #0x70
-#endif /* !NDEBUG */
add x2, x29, #0x50
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x24, #4
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 5 times
+ mov x24, #5
+ ldp x6, x7, [x29, #80]
+ ldp x8, x9, [x29, #96]
L_curve25519_inv_8:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x24, x24, #1
- bcs L_curve25519_inv_8
+ bne L_curve25519_inv_8
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
add x0, x29, #16
-#ifndef NDEBUG
add x1, x29, #0x50
-#endif /* !NDEBUG */
add x2, x29, #48
#ifndef __APPLE__
bl fe_mul
@@ -2775,136 +3668,122 @@ L_curve25519_inv_8:
ldp x8, x9, [x0, #16]
ldp x10, x11, [x29, #16]
ldp x12, x13, [x29, #32]
- # A[0] * B[0]
- mul x14, x6, x10
+ # A[0] * B[0]
umulh x15, x6, x10
- # A[0] * B[1]
- mul x3, x6, x11
- umulh x16, x6, x11
- adds x15, x15, x3
- adc x16, x16, xzr
- # A[1] * B[0]
+ mul x14, x6, x10
+ # A[2] * B[0]
+ umulh x17, x8, x10
+ mul x16, x8, x10
+ # A[1] * B[0]
mul x3, x7, x10
+ adds x15, x15, x3
umulh x4, x7, x10
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x7, x13
+ adc x17, x17, xzr
+ mul x19, x7, x13
+ # A[0] * B[1]
+ mul x3, x6, x11
adds x15, x15, x3
+ umulh x4, x6, x11
adcs x16, x16, x4
- adc x17, xzr, xzr
- # A[0] * B[2]
- mul x3, x6, x12
- umulh x4, x6, x12
- adds x16, x16, x3
- adc x17, x17, x4
- # A[1] * B[1]
- mul x3, x7, x11
- umulh x4, x7, x11
- adds x16, x16, x3
- adcs x17, x17, x4
- adc x19, xzr, xzr
- # A[2] * B[0]
- mul x3, x8, x10
- umulh x4, x8, x10
- adds x16, x16, x3
- adcs x17, x17, x4
- adc x19, x19, xzr
- # A[0] * B[3]
- mul x3, x6, x13
- umulh x4, x6, x13
- adds x17, x17, x3
- adcs x19, x19, x4
- adc x20, xzr, xzr
- # A[1] * B[2]
- mul x3, x7, x12
- umulh x4, x7, x12
- adds x17, x17, x3
- adcs x19, x19, x4
- adc x20, x20, xzr
- # A[2] * B[1]
+ # A[2] * B[1]
mul x3, x8, x11
+ adcs x17, x17, x3
umulh x4, x8, x11
- adds x17, x17, x3
adcs x19, x19, x4
adc x20, x20, xzr
- # A[3] * B[0]
- mul x3, x9, x10
- umulh x4, x9, x10
+ # A[1] * B[2]
+ mul x3, x7, x12
adds x17, x17, x3
+ umulh x4, x7, x12
adcs x19, x19, x4
- adc x20, x20, xzr
- # A[1] * B[3]
- mul x3, x7, x13
- umulh x4, x7, x13
- adds x19, x19, x3
- adcs x20, x20, x4
+ adcs x20, x20, xzr
adc x21, xzr, xzr
- # A[2] * B[2]
- mul x3, x8, x12
- umulh x4, x8, x12
- adds x19, x19, x3
- adcs x20, x20, x4
+ # A[0] * B[2]
+ mul x3, x6, x12
+ adds x16, x16, x3
+ umulh x4, x6, x12
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
adc x21, x21, xzr
- # A[3] * B[1]
+ # A[1] * B[1]
+ mul x3, x7, x11
+ adds x16, x16, x3
+ umulh x4, x7, x11
+ adcs x17, x17, x4
+ # A[3] * B[1]
mul x3, x9, x11
+ adcs x19, x19, x3
umulh x4, x9, x11
- adds x19, x19, x3
adcs x20, x20, x4
adc x21, x21, xzr
- # A[2] * B[3]
+ # A[2] * B[2]
+ mul x3, x8, x12
+ adds x19, x19, x3
+ umulh x4, x8, x12
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x9, x13
+ adcs x21, x21, x3
+ umulh x22, x9, x13
+ adc x22, x22, xzr
+ # A[0] * B[3]
+ mul x3, x6, x13
+ adds x17, x17, x3
+ umulh x4, x6, x13
+ adcs x19, x19, x4
+ # A[2] * B[3]
mul x3, x8, x13
+ adcs x20, x20, x3
umulh x4, x8, x13
- adds x20, x20, x3
adcs x21, x21, x4
- adc x22, xzr, xzr
- # A[3] * B[2]
+ adc x22, x22, xzr
+ # A[3] * B[0]
+ mul x3, x9, x10
+ adds x17, x17, x3
+ umulh x4, x9, x10
+ adcs x19, x19, x4
+ # A[3] * B[2]
mul x3, x9, x12
+ adcs x20, x20, x3
umulh x4, x9, x12
- adds x20, x20, x3
adcs x21, x21, x4
adc x22, x22, xzr
- # A[3] * B[3]
- mul x3, x9, x13
- umulh x4, x9, x13
- adds x21, x21, x3
- adc x22, x22, x4
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x22, x22, x21, #63
- extr x21, x21, x20, #63
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- and x17, x17, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
mul x4, x3, x19
- umulh x19, x3, x19
adds x14, x14, x4
+ umulh x19, x3, x19
mul x4, x3, x20
- umulh x20, x3, x20
adcs x15, x15, x4
+ umulh x20, x3, x20
mul x4, x3, x21
- umulh x21, x3, x21
adcs x16, x16, x4
- mul x4, x3, x22
- umulh x5, x3, x22
- adcs x17, x17, x4
- adc x5, x5, xzr
- # Add remaining product results in
- adds x15, x15, x19
- adcs x16, x16, x20
- adcs x17, x17, x21
- adc x5, x5, xzr
- # Overflow
- extr x5, x5, x17, #63
- mul x5, x5, x3
- and x17, x17, #0x7fffffffffffffff
- adds x14, x14, x5
- adcs x15, x15, xzr
- adcs x16, x16, xzr
+ umulh x21, x3, x21
adc x17, x17, xzr
- # Reduce if top bit set
- and x5, x3, x17, asr 63
- and x17, x17, #0x7fffffffffffffff
+ # Add high product results in
adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
+ # Reduce if top bit set
+ mov x3, #19
+ and x4, x3, x17, asr 63
+ adds x14, x14, x4
adcs x15, x15, xzr
+ and x17, x17, #0x7fffffffffffffff
adcs x16, x16, xzr
adc x17, x17, xzr
adds x4, x14, x3
@@ -2934,6 +3813,7 @@ L_curve25519_inv_8:
#ifndef __APPLE__
.size curve25519,.-curve25519
#endif /* __APPLE__ */
+#ifdef HAVE_ED25519
#ifndef __APPLE__
.text
.globl fe_pow22523
@@ -2948,6 +3828,7 @@ _fe_pow22523:
#endif /* __APPLE__ */
stp x29, x30, [sp, #-144]!
add x29, sp, #0
+ str x17, [x29, #128]
str x23, [x29, #136]
# pow22523
str x0, [x29, #112]
@@ -3016,27 +3897,99 @@ _fe_pow22523:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #48
- add x1, x29, #16
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x23, #3
-#ifndef NDEBUG
- add x0, x29, #48
-#endif /* !NDEBUG */
- add x1, x29, #48
+ # Loop: 5 times
+ mov x23, #5
+ ldp x6, x7, [x29, #16]
+ ldp x8, x9, [x29, #32]
L_fe_pow22523_1:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_1
+ bne L_fe_pow22523_1
+ # Store
+ stp x6, x7, [x29, #48]
+ stp x8, x9, [x29, #64]
+#ifndef NDEBUG
add x0, x29, #16
+#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #48
#endif /* !NDEBUG */
@@ -3046,29 +3999,97 @@ L_fe_pow22523_1:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #48
- add x1, x29, #16
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x23, #8
-#ifndef NDEBUG
- add x0, x29, #48
-#endif /* !NDEBUG */
- add x1, x29, #48
+ # Loop: 10 times
+ mov x23, #10
+ ldp x6, x7, [x29, #16]
+ ldp x8, x9, [x29, #32]
L_fe_pow22523_2:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_2
-#ifndef NDEBUG
+ bne L_fe_pow22523_2
+ # Store
+ stp x6, x7, [x29, #48]
+ stp x8, x9, [x29, #64]
add x0, x29, #48
-#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #48
#endif /* !NDEBUG */
@@ -3078,84 +4099,295 @@ L_fe_pow22523_2:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x50
-#ifndef NDEBUG
- add x1, x29, #48
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x23, #18
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 20 times
+ mov x23, #20
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_pow22523_3:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_3
- add x0, x29, #48
+ bne L_fe_pow22523_3
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
#ifndef NDEBUG
- add x1, x29, #0x50
+ add x0, x29, #48
#endif /* !NDEBUG */
+ add x1, x29, #0x50
add x2, x29, #48
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x23, #9
-#ifndef NDEBUG
- add x0, x29, #48
-#endif /* !NDEBUG */
- add x1, x29, #48
+ # Loop: 10 times
+ mov x23, #10
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_pow22523_4:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_4
+ bne L_fe_pow22523_4
+ # Store
+ stp x6, x7, [x29, #48]
+ stp x8, x9, [x29, #64]
add x0, x29, #16
-#ifndef NDEBUG
add x1, x29, #48
-#endif /* !NDEBUG */
add x2, x29, #16
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #48
- add x1, x29, #16
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x23, #48
-#ifndef NDEBUG
- add x0, x29, #48
-#endif /* !NDEBUG */
- add x1, x29, #48
+ # Loop: 50 times
+ mov x23, #50
+ ldp x6, x7, [x29, #16]
+ ldp x8, x9, [x29, #32]
L_fe_pow22523_5:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_5
-#ifndef NDEBUG
+ bne L_fe_pow22523_5
+ # Store
+ stp x6, x7, [x29, #48]
+ stp x8, x9, [x29, #64]
add x0, x29, #48
-#endif /* !NDEBUG */
#ifndef NDEBUG
add x1, x29, #48
#endif /* !NDEBUG */
@@ -3165,74 +4397,218 @@ L_fe_pow22523_5:
#else
bl _fe_mul
#endif /* __APPLE__ */
- add x0, x29, #0x50
-#ifndef NDEBUG
- add x1, x29, #48
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
- mov x23, #0x62
-#ifndef NDEBUG
- add x0, x29, #0x50
-#endif /* !NDEBUG */
- add x1, x29, #0x50
+ # Loop: 100 times
+ mov x23, #0x64
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_pow22523_6:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_6
- add x0, x29, #48
+ bne L_fe_pow22523_6
+ # Store
+ stp x6, x7, [x29, #80]
+ stp x8, x9, [x29, #96]
#ifndef NDEBUG
- add x1, x29, #0x50
+ add x0, x29, #48
#endif /* !NDEBUG */
+ add x1, x29, #0x50
add x2, x29, #48
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x23, #49
-#ifndef NDEBUG
- add x0, x29, #48
-#endif /* !NDEBUG */
- add x1, x29, #48
+ # Loop: 50 times
+ mov x23, #50
+ ldp x6, x7, [x29, #48]
+ ldp x8, x9, [x29, #64]
L_fe_pow22523_7:
-#ifndef __APPLE__
- bl fe_sq
-#else
- bl _fe_sq
-#endif /* __APPLE__ */
+ # Square
+ # A[0] * A[1]
+ umulh x12, x6, x7
+ mul x11, x6, x7
+ # A[0] * A[3]
+ umulh x14, x6, x9
+ mul x13, x6, x9
+ # A[0] * A[2]
+ mul x3, x6, x8
+ adds x12, x12, x3
+ umulh x4, x6, x8
+ adcs x13, x13, x4
+ # A[1] * A[3]
+ mul x3, x7, x9
+ adcs x14, x14, x3
+ umulh x15, x7, x9
+ adc x15, x15, xzr
+ # A[1] * A[2]
+ mul x3, x7, x8
+ adds x13, x13, x3
+ umulh x4, x7, x8
+ adcs x14, x14, x4
+ # A[2] * A[3]
+ mul x3, x8, x9
+ adcs x15, x15, x3
+ umulh x16, x8, x9
+ adc x16, x16, xzr
+ # Double
+ adds x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adcs x15, x15, x15
+ adcs x16, x16, x16
+ adc x17, xzr, xzr
+ # A[0] * A[0]
+ umulh x4, x6, x6
+ mul x10, x6, x6
+ # A[1] * A[1]
+ mul x3, x7, x7
+ adds x11, x11, x4
+ umulh x4, x7, x7
+ adcs x12, x12, x3
+ # A[2] * A[2]
+ mul x3, x8, x8
+ adcs x13, x13, x4
+ umulh x4, x8, x8
+ adcs x14, x14, x3
+ # A[3] * A[3]
+ mul x3, x9, x9
+ adcs x15, x15, x4
+ umulh x4, x9, x9
+ adcs x16, x16, x3
+ adc x17, x17, x4
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x17
+ adds x13, x13, x4
+ umulh x5, x3, x17
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x13, #63
+ mul x5, x5, x3
+ and x13, x13, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x14
+ adds x10, x10, x4
+ umulh x14, x3, x14
+ mul x4, x3, x15
+ adcs x11, x11, x4
+ umulh x15, x3, x15
+ mul x4, x3, x16
+ adcs x12, x12, x4
+ umulh x16, x3, x16
+ adc x13, x13, xzr
+ # Add high product results in
+ adds x6, x10, x5
+ adcs x7, x11, x14
+ adcs x8, x12, x15
+ adc x9, x13, x16
subs x23, x23, #1
- bcs L_fe_pow22523_7
+ bne L_fe_pow22523_7
+ # Store
+ stp x6, x7, [x29, #48]
+ stp x8, x9, [x29, #64]
add x0, x29, #16
-#ifndef NDEBUG
add x1, x29, #48
-#endif /* !NDEBUG */
add x2, x29, #16
#ifndef __APPLE__
bl fe_mul
#else
bl _fe_mul
#endif /* __APPLE__ */
- mov x23, #1
#ifndef NDEBUG
add x0, x29, #16
#endif /* !NDEBUG */
add x1, x29, #16
-L_fe_pow22523_8:
#ifndef __APPLE__
bl fe_sq
#else
bl _fe_sq
#endif /* __APPLE__ */
- subs x23, x23, #1
- bcs L_fe_pow22523_8
+#ifndef __APPLE__
+ bl fe_sq
+#else
+ bl _fe_sq
+#endif /* __APPLE__ */
ldr x0, [x29, #112]
#ifndef NDEBUG
add x1, x29, #16
@@ -3243,6 +4619,7 @@ L_fe_pow22523_8:
#else
bl _fe_mul
#endif /* __APPLE__ */
+ ldr x17, [x29, #128]
ldr x23, [x29, #136]
ldp x29, x30, [sp], #0x90
ret
@@ -3251,1510 +4628,1278 @@ L_fe_pow22523_8:
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_to_p2
-.type fe_ge_to_p2,@function
+.globl ge_p1p1_to_p2
+.type ge_p1p1_to_p2,@function
.align 2
-fe_ge_to_p2:
+ge_p1p1_to_p2:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p2
+.globl _ge_p1p1_to_p2
.p2align 2
-_fe_ge_to_p2:
+_ge_p1p1_to_p2:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-112]!
+ stp x29, x30, [sp, #-80]!
add x29, sp, #0
- str x17, [x29, #72]
- str x19, [x29, #80]
- stp x20, x21, [x29, #88]
- str x22, [x29, #104]
- str x1, [x29, #16]
- str x2, [x29, #24]
- str x3, [x29, #32]
- str x4, [x29, #40]
- str x5, [x29, #48]
- str x6, [x29, #56]
- ldr x1, [x29, #32]
- ldr x2, [x29, #56]
+ str x17, [x29, #40]
+ str x19, [x29, #48]
+ stp x20, x21, [x29, #56]
+ str x22, [x29, #72]
+ str x0, [x29, #16]
+ str x1, [x29, #24]
+ mov x2, x1
+ add x1, x1, #0x60
# Multiply
- ldp x11, x12, [x1]
- ldp x13, x14, [x1, #16]
- ldp x15, x16, [x2]
- ldp x17, x19, [x2, #16]
- # A[0] * B[0]
- mul x3, x11, x15
- umulh x4, x11, x15
- # A[0] * B[1]
- mul x20, x11, x16
- umulh x5, x11, x16
- adds x4, x4, x20
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x20, x12, x15
- umulh x21, x12, x15
- adds x4, x4, x20
- adcs x5, x5, x21
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x20, x11, x17
- umulh x21, x11, x17
- adds x5, x5, x20
- adc x6, x6, x21
- # A[1] * B[1]
- mul x20, x12, x16
- umulh x21, x12, x16
- adds x5, x5, x20
- adcs x6, x6, x21
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x20, x13, x15
- umulh x21, x13, x15
- adds x5, x5, x20
- adcs x6, x6, x21
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x20, x11, x19
- umulh x21, x11, x19
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x20, x12, x17
- umulh x21, x12, x17
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x20, x13, x16
- umulh x21, x13, x16
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x20, x14, x15
- umulh x21, x14, x15
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x20, x12, x19
- umulh x21, x12, x19
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x20, x13, x17
- umulh x21, x13, x17
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x20, x14, x16
- umulh x21, x14, x16
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x20, x13, x19
- umulh x21, x13, x19
- adds x8, x8, x20
- adcs x9, x9, x21
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x20, x14, x17
- umulh x21, x14, x17
- adds x8, x8, x20
- adcs x9, x9, x21
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x20, x14, x19
- umulh x21, x14, x19
- adds x9, x9, x20
- adc x10, x10, x21
- # Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x20, #19
- mul x21, x20, x7
- umulh x7, x20, x7
- adds x3, x3, x21
- mul x21, x20, x8
- umulh x8, x20, x8
- adcs x4, x4, x21
- mul x21, x20, x9
- umulh x9, x20, x9
- adcs x5, x5, x21
- mul x21, x20, x10
- umulh x22, x20, x10
- adcs x6, x6, x21
+ ldp x10, x11, [x1]
+ ldp x12, x13, [x1, #16]
+ ldp x6, x7, [x2]
+ ldp x8, x9, [x2, #16]
+ # A[0] * B[0]
+ umulh x15, x10, x6
+ mul x14, x10, x6
+ # A[2] * B[0]
+ umulh x17, x12, x6
+ mul x16, x12, x6
+ # A[1] * B[0]
+ mul x3, x11, x6
+ adds x15, x15, x3
+ umulh x4, x11, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x11, x9
+ adc x17, x17, xzr
+ mul x19, x11, x9
+ # A[0] * B[1]
+ mul x3, x10, x7
+ adds x15, x15, x3
+ umulh x4, x10, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x12, x7
+ adcs x17, x17, x3
+ umulh x4, x12, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x11, x8
+ adds x17, x17, x3
+ umulh x4, x11, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x10, x8
+ adds x16, x16, x3
+ umulh x4, x10, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x11, x7
+ adds x16, x16, x3
+ umulh x4, x11, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x13, x7
+ adcs x19, x19, x3
+ umulh x4, x13, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x12, x8
+ adds x19, x19, x3
+ umulh x4, x12, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x13, x9
+ adcs x21, x21, x3
+ umulh x22, x13, x9
adc x22, x22, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
+ # A[0] * B[3]
+ mul x3, x10, x9
+ adds x17, x17, x3
+ umulh x4, x10, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x12, x9
+ adcs x20, x20, x3
+ umulh x4, x12, x9
+ adcs x21, x21, x4
adc x22, x22, xzr
- # Overflow
- extr x22, x22, x6, #63
- mul x22, x22, x20
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x22
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x22, x20, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x22
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ # A[3] * B[0]
+ mul x3, x13, x6
+ adds x17, x17, x3
+ umulh x4, x13, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x13, x8
+ adcs x20, x20, x3
+ umulh x4, x13, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x0, [x29, #16]
- ldr x1, [x29, #40]
- ldr x2, [x29, #48]
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ sub x2, x1, #32
+ add x0, x0, #0x40
# Multiply
- ldp x11, x12, [x1]
- ldp x13, x14, [x1, #16]
- ldp x15, x16, [x2]
- ldp x17, x19, [x2, #16]
- # A[0] * B[0]
- mul x3, x11, x15
- umulh x4, x11, x15
- # A[0] * B[1]
- mul x20, x11, x16
- umulh x5, x11, x16
- adds x4, x4, x20
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x20, x12, x15
- umulh x21, x12, x15
- adds x4, x4, x20
- adcs x5, x5, x21
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x20, x11, x17
- umulh x21, x11, x17
- adds x5, x5, x20
- adc x6, x6, x21
- # A[1] * B[1]
- mul x20, x12, x16
- umulh x21, x12, x16
- adds x5, x5, x20
- adcs x6, x6, x21
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x20, x13, x15
- umulh x21, x13, x15
- adds x5, x5, x20
- adcs x6, x6, x21
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x20, x11, x19
- umulh x21, x11, x19
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x20, x12, x17
- umulh x21, x12, x17
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x20, x13, x16
- umulh x21, x13, x16
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x20, x14, x15
- umulh x21, x14, x15
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x20, x12, x19
- umulh x21, x12, x19
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x20, x13, x17
- umulh x21, x13, x17
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x20, x14, x16
- umulh x21, x14, x16
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x20, x13, x19
- umulh x21, x13, x19
- adds x8, x8, x20
- adcs x9, x9, x21
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x20, x14, x17
- umulh x21, x14, x17
- adds x8, x8, x20
- adcs x9, x9, x21
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x20, x14, x19
- umulh x21, x14, x19
- adds x9, x9, x20
- adc x10, x10, x21
- # Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x20, #19
- mul x21, x20, x7
- umulh x7, x20, x7
- adds x3, x3, x21
- mul x21, x20, x8
- umulh x8, x20, x8
- adcs x4, x4, x21
- mul x21, x20, x9
- umulh x9, x20, x9
- adcs x5, x5, x21
- mul x21, x20, x10
- umulh x22, x20, x10
- adcs x6, x6, x21
+ ldp x6, x7, [x2]
+ ldp x8, x9, [x2, #16]
+ # A[0] * B[0]
+ umulh x15, x10, x6
+ mul x14, x10, x6
+ # A[2] * B[0]
+ umulh x17, x12, x6
+ mul x16, x12, x6
+ # A[1] * B[0]
+ mul x3, x11, x6
+ adds x15, x15, x3
+ umulh x4, x11, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x11, x9
+ adc x17, x17, xzr
+ mul x19, x11, x9
+ # A[0] * B[1]
+ mul x3, x10, x7
+ adds x15, x15, x3
+ umulh x4, x10, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x12, x7
+ adcs x17, x17, x3
+ umulh x4, x12, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x11, x8
+ adds x17, x17, x3
+ umulh x4, x11, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x10, x8
+ adds x16, x16, x3
+ umulh x4, x10, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x11, x7
+ adds x16, x16, x3
+ umulh x4, x11, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x13, x7
+ adcs x19, x19, x3
+ umulh x4, x13, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x12, x8
+ adds x19, x19, x3
+ umulh x4, x12, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x13, x9
+ adcs x21, x21, x3
+ umulh x22, x13, x9
adc x22, x22, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
+ # A[0] * B[3]
+ mul x3, x10, x9
+ adds x17, x17, x3
+ umulh x4, x10, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x12, x9
+ adcs x20, x20, x3
+ umulh x4, x12, x9
+ adcs x21, x21, x4
adc x22, x22, xzr
- # Overflow
- extr x22, x22, x6, #63
- mul x22, x22, x20
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x22
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x22, x20, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x22
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ # A[3] * B[0]
+ mul x3, x13, x6
+ adds x17, x17, x3
+ umulh x4, x13, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x13, x8
+ adcs x20, x20, x3
+ umulh x4, x13, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x0, [x29, #24]
- ldr x2, [x29, #56]
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ sub x1, x1, #0x40
+ sub x0, x0, #32
# Multiply
- ldp x11, x12, [x2]
- ldp x13, x14, [x2, #16]
- # A[0] * B[0]
- mul x3, x15, x11
- umulh x4, x15, x11
- # A[0] * B[1]
- mul x20, x15, x12
- umulh x5, x15, x12
- adds x4, x4, x20
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x20, x16, x11
- umulh x21, x16, x11
- adds x4, x4, x20
- adcs x5, x5, x21
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x20, x15, x13
- umulh x21, x15, x13
- adds x5, x5, x20
- adc x6, x6, x21
- # A[1] * B[1]
- mul x20, x16, x12
- umulh x21, x16, x12
- adds x5, x5, x20
- adcs x6, x6, x21
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x20, x17, x11
- umulh x21, x17, x11
- adds x5, x5, x20
- adcs x6, x6, x21
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x20, x15, x14
- umulh x21, x15, x14
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x20, x16, x13
- umulh x21, x16, x13
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x20, x17, x12
- umulh x21, x17, x12
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x20, x19, x11
- umulh x21, x19, x11
- adds x6, x6, x20
- adcs x7, x7, x21
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x20, x16, x14
- umulh x21, x16, x14
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x20, x17, x13
- umulh x21, x17, x13
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x20, x19, x12
- umulh x21, x19, x12
- adds x7, x7, x20
- adcs x8, x8, x21
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x20, x17, x14
- umulh x21, x17, x14
- adds x8, x8, x20
- adcs x9, x9, x21
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x20, x19, x13
- umulh x21, x19, x13
- adds x8, x8, x20
- adcs x9, x9, x21
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x20, x19, x14
- umulh x21, x19, x14
- adds x9, x9, x20
- adc x10, x10, x21
- # Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x20, #19
- mul x21, x20, x7
- umulh x7, x20, x7
- adds x3, x3, x21
- mul x21, x20, x8
- umulh x8, x20, x8
- adcs x4, x4, x21
- mul x21, x20, x9
- umulh x9, x20, x9
- adcs x5, x5, x21
- mul x21, x20, x10
- umulh x22, x20, x10
- adcs x6, x6, x21
+ ldp x10, x11, [x1]
+ ldp x12, x13, [x1, #16]
+ # A[0] * B[0]
+ umulh x15, x10, x6
+ mul x14, x10, x6
+ # A[2] * B[0]
+ umulh x17, x12, x6
+ mul x16, x12, x6
+ # A[1] * B[0]
+ mul x3, x11, x6
+ adds x15, x15, x3
+ umulh x4, x11, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x11, x9
+ adc x17, x17, xzr
+ mul x19, x11, x9
+ # A[0] * B[1]
+ mul x3, x10, x7
+ adds x15, x15, x3
+ umulh x4, x10, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x12, x7
+ adcs x17, x17, x3
+ umulh x4, x12, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x11, x8
+ adds x17, x17, x3
+ umulh x4, x11, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x10, x8
+ adds x16, x16, x3
+ umulh x4, x10, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x11, x7
+ adds x16, x16, x3
+ umulh x4, x11, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x13, x7
+ adcs x19, x19, x3
+ umulh x4, x13, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x12, x8
+ adds x19, x19, x3
+ umulh x4, x12, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x13, x9
+ adcs x21, x21, x3
+ umulh x22, x13, x9
adc x22, x22, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
+ # A[0] * B[3]
+ mul x3, x10, x9
+ adds x17, x17, x3
+ umulh x4, x10, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x12, x9
+ adcs x20, x20, x3
+ umulh x4, x12, x9
+ adcs x21, x21, x4
adc x22, x22, xzr
- # Overflow
- extr x22, x22, x6, #63
- mul x22, x22, x20
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x22
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x22, x20, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x22
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ # A[3] * B[0]
+ mul x3, x13, x6
+ adds x17, x17, x3
+ umulh x4, x13, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x13, x8
+ adcs x20, x20, x3
+ umulh x4, x13, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # Reduce
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x17, [x29, #72]
- ldr x19, [x29, #80]
- ldp x20, x21, [x29, #88]
- ldr x22, [x29, #104]
- ldp x29, x30, [sp], #0x70
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ ldr x17, [x29, #40]
+ ldr x19, [x29, #48]
+ ldp x20, x21, [x29, #56]
+ ldr x22, [x29, #72]
+ ldp x29, x30, [sp], #0x50
ret
#ifndef __APPLE__
- .size fe_ge_to_p2,.-fe_ge_to_p2
+ .size ge_p1p1_to_p2,.-ge_p1p1_to_p2
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_to_p3
-.type fe_ge_to_p3,@function
+.globl ge_p1p1_to_p3
+.type ge_p1p1_to_p3,@function
.align 2
-fe_ge_to_p3:
+ge_p1p1_to_p3:
#else
.section __TEXT,__text
-.globl _fe_ge_to_p3
+.globl _ge_p1p1_to_p3
.p2align 2
-_fe_ge_to_p3:
+_ge_p1p1_to_p3:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-160]!
+ stp x29, x30, [sp, #-112]!
add x29, sp, #0
- str x17, [x29, #88]
- str x19, [x29, #96]
- stp x20, x21, [x29, #104]
- stp x22, x23, [x29, #120]
- stp x24, x25, [x29, #136]
- str x26, [x29, #152]
- str x1, [x29, #16]
- str x2, [x29, #24]
- str x3, [x29, #32]
- str x4, [x29, #40]
- str x5, [x29, #48]
- str x6, [x29, #56]
- str x7, [x29, #64]
- ldr x1, [x29, #40]
- ldr x2, [x29, #64]
+ str x17, [x29, #40]
+ str x19, [x29, #48]
+ stp x20, x21, [x29, #56]
+ stp x22, x23, [x29, #72]
+ stp x24, x25, [x29, #88]
+ str x26, [x29, #104]
+ str x0, [x29, #16]
+ str x1, [x29, #24]
+ mov x2, x1
+ add x1, x1, #0x60
# Multiply
- ldp x11, x12, [x1]
- ldp x13, x14, [x1, #16]
- ldp x15, x16, [x2]
- ldp x17, x19, [x2, #16]
- # A[0] * B[0]
- mul x3, x11, x15
- umulh x4, x11, x15
- # A[0] * B[1]
- mul x24, x11, x16
- umulh x5, x11, x16
- adds x4, x4, x24
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x24, x12, x15
- umulh x25, x12, x15
- adds x4, x4, x24
- adcs x5, x5, x25
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x24, x11, x17
- umulh x25, x11, x17
- adds x5, x5, x24
- adc x6, x6, x25
- # A[1] * B[1]
- mul x24, x12, x16
- umulh x25, x12, x16
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x24, x13, x15
- umulh x25, x13, x15
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x24, x11, x19
- umulh x25, x11, x19
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x24, x12, x17
- umulh x25, x12, x17
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x24, x13, x16
- umulh x25, x13, x16
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x24, x14, x15
- umulh x25, x14, x15
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x24, x12, x19
- umulh x25, x12, x19
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x24, x13, x17
- umulh x25, x13, x17
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x24, x14, x16
- umulh x25, x14, x16
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x24, x13, x19
- umulh x25, x13, x19
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x24, x14, x17
- umulh x25, x14, x17
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x24, x14, x19
- umulh x25, x14, x19
- adds x9, x9, x24
- adc x10, x10, x25
+ ldp x10, x11, [x1]
+ ldp x12, x13, [x1, #16]
+ ldp x6, x7, [x2]
+ ldp x8, x9, [x2, #16]
+ # A[0] * B[0]
+ umulh x15, x10, x6
+ mul x14, x10, x6
+ # A[2] * B[0]
+ umulh x17, x12, x6
+ mul x16, x12, x6
+ # A[1] * B[0]
+ mul x3, x11, x6
+ adds x15, x15, x3
+ umulh x4, x11, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x11, x9
+ adc x17, x17, xzr
+ mul x19, x11, x9
+ # A[0] * B[1]
+ mul x3, x10, x7
+ adds x15, x15, x3
+ umulh x4, x10, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x12, x7
+ adcs x17, x17, x3
+ umulh x4, x12, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x11, x8
+ adds x17, x17, x3
+ umulh x4, x11, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x10, x8
+ adds x16, x16, x3
+ umulh x4, x10, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x11, x7
+ adds x16, x16, x3
+ umulh x4, x11, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x13, x7
+ adcs x19, x19, x3
+ umulh x4, x13, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x12, x8
+ adds x19, x19, x3
+ umulh x4, x12, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x13, x9
+ adcs x21, x21, x3
+ umulh x22, x13, x9
+ adc x22, x22, xzr
+ # A[0] * B[3]
+ mul x3, x10, x9
+ adds x17, x17, x3
+ umulh x4, x10, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x12, x9
+ adcs x20, x20, x3
+ umulh x4, x12, x9
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # A[3] * B[0]
+ mul x3, x13, x6
+ adds x17, x17, x3
+ umulh x4, x13, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x13, x8
+ adcs x20, x20, x3
+ umulh x4, x13, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x24, #19
- mul x25, x24, x7
- umulh x7, x24, x7
- adds x3, x3, x25
- mul x25, x24, x8
- umulh x8, x24, x8
- adcs x4, x4, x25
- mul x25, x24, x9
- umulh x9, x24, x9
- adcs x5, x5, x25
- mul x25, x24, x10
- umulh x26, x24, x10
- adcs x6, x6, x25
- adc x26, x26, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
- adc x26, x26, xzr
- # Overflow
- extr x26, x26, x6, #63
- mul x26, x26, x24
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x26, x24, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x0, [x29, #32]
- ldr x2, [x29, #48]
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ sub x1, x1, #0x40
+ add x0, x0, #0x60
# Multiply
- ldp x20, x21, [x2]
- ldp x22, x23, [x2, #16]
- # A[0] * B[0]
- mul x3, x11, x20
- umulh x4, x11, x20
- # A[0] * B[1]
- mul x24, x11, x21
- umulh x5, x11, x21
- adds x4, x4, x24
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x24, x12, x20
- umulh x25, x12, x20
- adds x4, x4, x24
- adcs x5, x5, x25
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x24, x11, x22
- umulh x25, x11, x22
- adds x5, x5, x24
- adc x6, x6, x25
- # A[1] * B[1]
- mul x24, x12, x21
- umulh x25, x12, x21
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x24, x13, x20
- umulh x25, x13, x20
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x24, x11, x23
- umulh x25, x11, x23
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x24, x12, x22
- umulh x25, x12, x22
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x24, x13, x21
- umulh x25, x13, x21
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x24, x14, x20
- umulh x25, x14, x20
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x24, x12, x23
- umulh x25, x12, x23
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x24, x13, x22
- umulh x25, x13, x22
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x24, x14, x21
- umulh x25, x14, x21
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x24, x13, x23
- umulh x25, x13, x23
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x24, x14, x22
- umulh x25, x14, x22
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x24, x14, x23
- umulh x25, x14, x23
- adds x9, x9, x24
- adc x10, x10, x25
+ ldp x23, x24, [x1]
+ ldp x25, x26, [x1, #16]
+ # A[0] * B[0]
+ umulh x15, x23, x6
+ mul x14, x23, x6
+ # A[2] * B[0]
+ umulh x17, x25, x6
+ mul x16, x25, x6
+ # A[1] * B[0]
+ mul x3, x24, x6
+ adds x15, x15, x3
+ umulh x4, x24, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x24, x9
+ adc x17, x17, xzr
+ mul x19, x24, x9
+ # A[0] * B[1]
+ mul x3, x23, x7
+ adds x15, x15, x3
+ umulh x4, x23, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x25, x7
+ adcs x17, x17, x3
+ umulh x4, x25, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x24, x8
+ adds x17, x17, x3
+ umulh x4, x24, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x23, x8
+ adds x16, x16, x3
+ umulh x4, x23, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x24, x7
+ adds x16, x16, x3
+ umulh x4, x24, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x26, x7
+ adcs x19, x19, x3
+ umulh x4, x26, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x25, x8
+ adds x19, x19, x3
+ umulh x4, x25, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x26, x9
+ adcs x21, x21, x3
+ umulh x22, x26, x9
+ adc x22, x22, xzr
+ # A[0] * B[3]
+ mul x3, x23, x9
+ adds x17, x17, x3
+ umulh x4, x23, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x25, x9
+ adcs x20, x20, x3
+ umulh x4, x25, x9
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # A[3] * B[0]
+ mul x3, x26, x6
+ adds x17, x17, x3
+ umulh x4, x26, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x26, x8
+ adcs x20, x20, x3
+ umulh x4, x26, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x24, #19
- mul x25, x24, x7
- umulh x7, x24, x7
- adds x3, x3, x25
- mul x25, x24, x8
- umulh x8, x24, x8
- adcs x4, x4, x25
- mul x25, x24, x9
- umulh x9, x24, x9
- adcs x5, x5, x25
- mul x25, x24, x10
- umulh x26, x24, x10
- adcs x6, x6, x25
- adc x26, x26, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
- adc x26, x26, xzr
- # Overflow
- extr x26, x26, x6, #63
- mul x26, x26, x24
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x26, x24, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x0, [x29, #16]
- ldr x2, [x29, #56]
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ add x2, x1, #32
+ sub x0, x0, #0x40
# Multiply
- ldp x11, x12, [x2]
- ldp x13, x14, [x2, #16]
- # A[0] * B[0]
- mul x3, x20, x11
- umulh x4, x20, x11
- # A[0] * B[1]
- mul x24, x20, x12
- umulh x5, x20, x12
- adds x4, x4, x24
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x24, x21, x11
- umulh x25, x21, x11
- adds x4, x4, x24
- adcs x5, x5, x25
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x24, x20, x13
- umulh x25, x20, x13
- adds x5, x5, x24
- adc x6, x6, x25
- # A[1] * B[1]
- mul x24, x21, x12
- umulh x25, x21, x12
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x24, x22, x11
- umulh x25, x22, x11
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x24, x20, x14
- umulh x25, x20, x14
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x24, x21, x13
- umulh x25, x21, x13
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x24, x22, x12
- umulh x25, x22, x12
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x24, x23, x11
- umulh x25, x23, x11
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x24, x21, x14
- umulh x25, x21, x14
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x24, x22, x13
- umulh x25, x22, x13
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x24, x23, x12
- umulh x25, x23, x12
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x24, x22, x14
- umulh x25, x22, x14
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x24, x23, x13
- umulh x25, x23, x13
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x24, x23, x14
- umulh x25, x23, x14
- adds x9, x9, x24
- adc x10, x10, x25
+ ldp x6, x7, [x2]
+ ldp x8, x9, [x2, #16]
+ # A[0] * B[0]
+ umulh x15, x23, x6
+ mul x14, x23, x6
+ # A[2] * B[0]
+ umulh x17, x25, x6
+ mul x16, x25, x6
+ # A[1] * B[0]
+ mul x3, x24, x6
+ adds x15, x15, x3
+ umulh x4, x24, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x24, x9
+ adc x17, x17, xzr
+ mul x19, x24, x9
+ # A[0] * B[1]
+ mul x3, x23, x7
+ adds x15, x15, x3
+ umulh x4, x23, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x25, x7
+ adcs x17, x17, x3
+ umulh x4, x25, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x24, x8
+ adds x17, x17, x3
+ umulh x4, x24, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x23, x8
+ adds x16, x16, x3
+ umulh x4, x23, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x24, x7
+ adds x16, x16, x3
+ umulh x4, x24, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x26, x7
+ adcs x19, x19, x3
+ umulh x4, x26, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x25, x8
+ adds x19, x19, x3
+ umulh x4, x25, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x26, x9
+ adcs x21, x21, x3
+ umulh x22, x26, x9
+ adc x22, x22, xzr
+ # A[0] * B[3]
+ mul x3, x23, x9
+ adds x17, x17, x3
+ umulh x4, x23, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x25, x9
+ adcs x20, x20, x3
+ umulh x4, x25, x9
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # A[3] * B[0]
+ mul x3, x26, x6
+ adds x17, x17, x3
+ umulh x4, x26, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x26, x8
+ adcs x20, x20, x3
+ umulh x4, x26, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x24, #19
- mul x25, x24, x7
- umulh x7, x24, x7
- adds x3, x3, x25
- mul x25, x24, x8
- umulh x8, x24, x8
- adcs x4, x4, x25
- mul x25, x24, x9
- umulh x9, x24, x9
- adcs x5, x5, x25
- mul x25, x24, x10
- umulh x26, x24, x10
- adcs x6, x6, x25
- adc x26, x26, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
- adc x26, x26, xzr
- # Overflow
- extr x26, x26, x6, #63
- mul x26, x26, x24
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x26, x24, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x0, [x29, #24]
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ add x1, x1, #0x40
+ add x0, x0, #32
# Multiply
- # A[0] * B[0]
- mul x3, x11, x15
- umulh x4, x11, x15
- # A[0] * B[1]
- mul x24, x11, x16
- umulh x5, x11, x16
- adds x4, x4, x24
- adc x5, x5, xzr
- # A[1] * B[0]
- mul x24, x12, x15
- umulh x25, x12, x15
- adds x4, x4, x24
- adcs x5, x5, x25
- adc x6, xzr, xzr
- # A[0] * B[2]
- mul x24, x11, x17
- umulh x25, x11, x17
- adds x5, x5, x24
- adc x6, x6, x25
- # A[1] * B[1]
- mul x24, x12, x16
- umulh x25, x12, x16
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, xzr, xzr
- # A[2] * B[0]
- mul x24, x13, x15
- umulh x25, x13, x15
- adds x5, x5, x24
- adcs x6, x6, x25
- adc x7, x7, xzr
- # A[0] * B[3]
- mul x24, x11, x19
- umulh x25, x11, x19
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, xzr, xzr
- # A[1] * B[2]
- mul x24, x12, x17
- umulh x25, x12, x17
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[2] * B[1]
- mul x24, x13, x16
- umulh x25, x13, x16
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[3] * B[0]
- mul x24, x14, x15
- umulh x25, x14, x15
- adds x6, x6, x24
- adcs x7, x7, x25
- adc x8, x8, xzr
- # A[1] * B[3]
- mul x24, x12, x19
- umulh x25, x12, x19
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, xzr, xzr
- # A[2] * B[2]
- mul x24, x13, x17
- umulh x25, x13, x17
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[3] * B[1]
- mul x24, x14, x16
- umulh x25, x14, x16
- adds x7, x7, x24
- adcs x8, x8, x25
- adc x9, x9, xzr
- # A[2] * B[3]
- mul x24, x13, x19
- umulh x25, x13, x19
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, xzr, xzr
- # A[3] * B[2]
- mul x24, x14, x17
- umulh x25, x14, x17
- adds x8, x8, x24
- adcs x9, x9, x25
- adc x10, x10, xzr
- # A[3] * B[3]
- mul x24, x14, x19
- umulh x25, x14, x19
- adds x9, x9, x24
- adc x10, x10, x25
+ # A[0] * B[0]
+ umulh x15, x10, x6
+ mul x14, x10, x6
+ # A[2] * B[0]
+ umulh x17, x12, x6
+ mul x16, x12, x6
+ # A[1] * B[0]
+ mul x3, x11, x6
+ adds x15, x15, x3
+ umulh x4, x11, x6
+ adcs x16, x16, x4
+ # A[1] * B[3]
+ umulh x20, x11, x9
+ adc x17, x17, xzr
+ mul x19, x11, x9
+ # A[0] * B[1]
+ mul x3, x10, x7
+ adds x15, x15, x3
+ umulh x4, x10, x7
+ adcs x16, x16, x4
+ # A[2] * B[1]
+ mul x3, x12, x7
+ adcs x17, x17, x3
+ umulh x4, x12, x7
+ adcs x19, x19, x4
+ adc x20, x20, xzr
+ # A[1] * B[2]
+ mul x3, x11, x8
+ adds x17, x17, x3
+ umulh x4, x11, x8
+ adcs x19, x19, x4
+ adcs x20, x20, xzr
+ adc x21, xzr, xzr
+ # A[0] * B[2]
+ mul x3, x10, x8
+ adds x16, x16, x3
+ umulh x4, x10, x8
+ adcs x17, x17, x4
+ adcs x19, x19, xzr
+ adcs x20, x20, xzr
+ adc x21, x21, xzr
+ # A[1] * B[1]
+ mul x3, x11, x7
+ adds x16, x16, x3
+ umulh x4, x11, x7
+ adcs x17, x17, x4
+ # A[3] * B[1]
+ mul x3, x13, x7
+ adcs x19, x19, x3
+ umulh x4, x13, x7
+ adcs x20, x20, x4
+ adc x21, x21, xzr
+ # A[2] * B[2]
+ mul x3, x12, x8
+ adds x19, x19, x3
+ umulh x4, x12, x8
+ adcs x20, x20, x4
+ # A[3] * B[3]
+ mul x3, x13, x9
+ adcs x21, x21, x3
+ umulh x22, x13, x9
+ adc x22, x22, xzr
+ # A[0] * B[3]
+ mul x3, x10, x9
+ adds x17, x17, x3
+ umulh x4, x10, x9
+ adcs x19, x19, x4
+ # A[2] * B[3]
+ mul x3, x12, x9
+ adcs x20, x20, x3
+ umulh x4, x12, x9
+ adcs x21, x21, x4
+ adc x22, x22, xzr
+ # A[3] * B[0]
+ mul x3, x13, x6
+ adds x17, x17, x3
+ umulh x4, x13, x6
+ adcs x19, x19, x4
+ # A[3] * B[2]
+ mul x3, x13, x8
+ adcs x20, x20, x3
+ umulh x4, x13, x8
+ adcs x21, x21, x4
+ adc x22, x22, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- extr x7, x7, x6, #63
- and x6, x6, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x24, #19
- mul x25, x24, x7
- umulh x7, x24, x7
- adds x3, x3, x25
- mul x25, x24, x8
- umulh x8, x24, x8
- adcs x4, x4, x25
- mul x25, x24, x9
- umulh x9, x24, x9
- adcs x5, x5, x25
- mul x25, x24, x10
- umulh x26, x24, x10
- adcs x6, x6, x25
- adc x26, x26, xzr
- # Add remaining product results in
- adds x4, x4, x7
- adcs x5, x5, x8
- adcs x6, x6, x9
- adc x26, x26, xzr
- # Overflow
- extr x26, x26, x6, #63
- mul x26, x26, x24
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
- # Reduce if top bit set
- and x26, x24, x6, asr 63
- and x6, x6, #0x7fffffffffffffff
- adds x3, x3, x26
- adcs x4, x4, xzr
- adcs x5, x5, xzr
- adc x6, x6, xzr
+ mov x3, #38
+ mul x4, x3, x22
+ adds x17, x17, x4
+ umulh x5, x3, x22
+ adc x5, x5, xzr
+ mov x3, #19
+ extr x5, x5, x17, #63
+ mul x5, x5, x3
+ and x17, x17, #0x7fffffffffffffff
+ mov x3, #38
+ mul x4, x3, x19
+ adds x14, x14, x4
+ umulh x19, x3, x19
+ mul x4, x3, x20
+ adcs x15, x15, x4
+ umulh x20, x3, x20
+ mul x4, x3, x21
+ adcs x16, x16, x4
+ umulh x21, x3, x21
+ adc x17, x17, xzr
+ # Add high product results in
+ adds x14, x14, x5
+ adcs x15, x15, x19
+ adcs x16, x16, x20
+ adc x17, x17, x21
# Store
- stp x3, x4, [x0]
- stp x5, x6, [x0, #16]
- ldr x17, [x29, #88]
- ldr x19, [x29, #96]
- ldp x20, x21, [x29, #104]
- ldp x22, x23, [x29, #120]
- ldp x24, x25, [x29, #136]
- ldr x26, [x29, #152]
- ldp x29, x30, [sp], #0xa0
+ stp x14, x15, [x0]
+ stp x16, x17, [x0, #16]
+ ldr x17, [x29, #40]
+ ldr x19, [x29, #48]
+ ldp x20, x21, [x29, #56]
+ ldp x22, x23, [x29, #72]
+ ldp x24, x25, [x29, #88]
+ ldr x26, [x29, #104]
+ ldp x29, x30, [sp], #0x70
ret
#ifndef __APPLE__
- .size fe_ge_to_p3,.-fe_ge_to_p3
+ .size ge_p1p1_to_p3,.-ge_p1p1_to_p3
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_dbl
-.type fe_ge_dbl,@function
+.globl ge_p2_dbl
+.type ge_p2_dbl,@function
.align 2
-fe_ge_dbl:
+ge_p2_dbl:
#else
.section __TEXT,__text
-.globl _fe_ge_dbl
+.globl _ge_p2_dbl
.p2align 2
-_fe_ge_dbl:
+_ge_p2_dbl:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-176]!
+ stp x29, x30, [sp, #-128]!
add x29, sp, #0
- str x17, [x29, #88]
- str x19, [x29, #96]
- stp x20, x21, [x29, #104]
- stp x22, x23, [x29, #120]
- stp x24, x25, [x29, #136]
- stp x26, x27, [x29, #152]
- str x28, [x29, #168]
+ str x17, [x29, #40]
+ str x19, [x29, #48]
+ stp x20, x21, [x29, #56]
+ stp x22, x23, [x29, #72]
+ stp x24, x25, [x29, #88]
+ stp x26, x27, [x29, #104]
+ str x28, [x29, #120]
str x0, [x29, #16]
str x1, [x29, #24]
- str x2, [x29, #32]
- str x3, [x29, #40]
- str x4, [x29, #48]
- str x5, [x29, #56]
- str x6, [x29, #64]
- ldr x1, [x29, #48]
+ add x0, x0, #0x40
# Square
- ldp x12, x13, [x1]
- ldp x14, x15, [x1, #16]
+ ldp x4, x5, [x1]
+ ldp x6, x7, [x1, #16]
# A[0] * A[1]
- mul x5, x12, x13
- umulh x6, x12, x13
- # A[0] * A[2]
- mul x25, x12, x14
- umulh x7, x12, x14
- adds x6, x6, x25
- adc x7, x7, xzr
+ umulh x10, x4, x5
+ mul x9, x4, x5
# A[0] * A[3]
- mul x25, x12, x15
- umulh x8, x12, x15
- adds x7, x7, x25
- adc x8, x8, xzr
- # A[1] * A[2]
- mul x25, x13, x14
- umulh x26, x13, x14
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, xzr, xzr
+ umulh x12, x4, x7
+ mul x11, x4, x7
+ # A[0] * A[2]
+ mul x25, x4, x6
+ adds x10, x10, x25
+ umulh x26, x4, x6
+ adcs x11, x11, x26
# A[1] * A[3]
- mul x25, x13, x15
- umulh x26, x13, x15
- adds x8, x8, x25
- adc x9, x9, x26
+ mul x25, x5, x7
+ adcs x12, x12, x25
+ umulh x13, x5, x7
+ adc x13, x13, xzr
+ # A[1] * A[2]
+ mul x25, x5, x6
+ adds x11, x11, x25
+ umulh x26, x5, x6
+ adcs x12, x12, x26
# A[2] * A[3]
- mul x25, x14, x15
- umulh x10, x14, x15
- adds x9, x9, x25
- adc x10, x10, xzr
+ mul x25, x6, x7
+ adcs x13, x13, x25
+ umulh x14, x6, x7
+ adc x14, x14, xzr
# Double
- adds x5, x5, x5
- adcs x6, x6, x6
- adcs x7, x7, x7
- adcs x8, x8, x8
- adcs x9, x9, x9
+ adds x9, x9, x9
adcs x10, x10, x10
- adc x11, xzr, xzr
+ adcs x11, x11, x11
+ adcs x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adc x15, xzr, xzr
# A[0] * A[0]
- mul x4, x12, x12
- umulh x27, x12, x12
+ umulh x26, x4, x4
+ mul x8, x4, x4
# A[1] * A[1]
- mul x25, x13, x13
- umulh x26, x13, x13
- adds x5, x5, x27
- adcs x6, x6, x25
- adc x27, x26, xzr
+ mul x25, x5, x5
+ adds x9, x9, x26
+ umulh x26, x5, x5
+ adcs x10, x10, x25
# A[2] * A[2]
- mul x25, x14, x14
- umulh x26, x14, x14
- adds x7, x7, x27
- adcs x8, x8, x25
- adc x27, x26, xzr
+ mul x25, x6, x6
+ adcs x11, x11, x26
+ umulh x26, x6, x6
+ adcs x12, x12, x25
# A[3] * A[3]
- mul x25, x15, x15
- umulh x26, x15, x15
- adds x9, x9, x27
- adcs x10, x10, x25
- adc x11, x11, x26
+ mul x25, x7, x7
+ adcs x13, x13, x26
+ umulh x26, x7, x7
+ adcs x14, x14, x25
+ adc x15, x15, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x8
- umulh x8, x25, x8
- adds x4, x4, x26
- mul x26, x25, x9
- umulh x9, x25, x9
- adcs x5, x5, x26
- mul x26, x25, x10
- umulh x10, x25, x10
- adcs x6, x6, x26
- mul x26, x25, x11
- umulh x27, x25, x11
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x8
- adcs x6, x6, x9
- adcs x7, x7, x10
+ mov x25, #38
+ mul x26, x25, x15
+ adds x11, x11, x26
+ umulh x27, x25, x15
adc x27, x27, xzr
- # Overflow
- extr x27, x27, x7, #63
+ mov x25, #19
+ extr x27, x27, x11, #63
mul x27, x27, x25
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
+ and x11, x11, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x12
+ adds x8, x8, x26
+ umulh x12, x25, x12
+ mul x26, x25, x13
+ adcs x9, x9, x26
+ umulh x13, x25, x13
+ mul x26, x25, x14
+ adcs x10, x10, x26
+ umulh x14, x25, x14
+ adc x11, x11, xzr
+ # Add high product results in
+ adds x8, x8, x27
+ adcs x9, x9, x12
+ adcs x10, x10, x13
+ adc x11, x11, x14
# Store
- stp x4, x5, [x0]
- stp x6, x7, [x0, #16]
- ldr x0, [x29, #32]
- ldr x1, [x29, #56]
+ stp x8, x9, [x0]
+ stp x10, x11, [x0, #16]
+ add x2, x1, #32
+ sub x0, x0, #32
# Square
- ldp x21, x22, [x1]
- ldp x23, x24, [x1, #16]
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
# A[0] * A[1]
- mul x9, x21, x22
- umulh x10, x21, x22
- # A[0] * A[2]
- mul x25, x21, x23
- umulh x11, x21, x23
- adds x10, x10, x25
- adc x11, x11, xzr
+ umulh x23, x16, x17
+ mul x22, x16, x17
# A[0] * A[3]
- mul x25, x21, x24
- umulh x16, x21, x24
- adds x11, x11, x25
- adc x16, x16, xzr
- # A[1] * A[2]
- mul x25, x22, x23
- umulh x26, x22, x23
- adds x11, x11, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
+ umulh x4, x16, x20
+ mul x24, x16, x20
+ # A[0] * A[2]
+ mul x25, x16, x19
+ adds x23, x23, x25
+ umulh x26, x16, x19
+ adcs x24, x24, x26
# A[1] * A[3]
- mul x25, x22, x24
- umulh x26, x22, x24
- adds x16, x16, x25
- adc x17, x17, x26
+ mul x25, x17, x20
+ adcs x4, x4, x25
+ umulh x5, x17, x20
+ adc x5, x5, xzr
+ # A[1] * A[2]
+ mul x25, x17, x19
+ adds x24, x24, x25
+ umulh x26, x17, x19
+ adcs x4, x4, x26
# A[2] * A[3]
- mul x25, x23, x24
- umulh x19, x23, x24
- adds x17, x17, x25
- adc x19, x19, xzr
+ mul x25, x19, x20
+ adcs x5, x5, x25
+ umulh x6, x19, x20
+ adc x6, x6, xzr
# Double
- adds x9, x9, x9
- adcs x10, x10, x10
- adcs x11, x11, x11
- adcs x16, x16, x16
- adcs x17, x17, x17
- adcs x19, x19, x19
- adc x20, xzr, xzr
+ adds x22, x22, x22
+ adcs x23, x23, x23
+ adcs x24, x24, x24
+ adcs x4, x4, x4
+ adcs x5, x5, x5
+ adcs x6, x6, x6
+ adc x7, xzr, xzr
# A[0] * A[0]
- mul x8, x21, x21
- umulh x27, x21, x21
+ umulh x26, x16, x16
+ mul x21, x16, x16
# A[1] * A[1]
- mul x25, x22, x22
- umulh x26, x22, x22
- adds x9, x9, x27
- adcs x10, x10, x25
- adc x27, x26, xzr
+ mul x25, x17, x17
+ adds x22, x22, x26
+ umulh x26, x17, x17
+ adcs x23, x23, x25
# A[2] * A[2]
- mul x25, x23, x23
- umulh x26, x23, x23
- adds x11, x11, x27
- adcs x16, x16, x25
- adc x27, x26, xzr
+ mul x25, x19, x19
+ adcs x24, x24, x26
+ umulh x26, x19, x19
+ adcs x4, x4, x25
# A[3] * A[3]
- mul x25, x24, x24
- umulh x26, x24, x24
- adds x17, x17, x27
- adcs x19, x19, x25
- adc x20, x20, x26
+ mul x25, x20, x20
+ adcs x5, x5, x26
+ umulh x26, x20, x20
+ adcs x6, x6, x25
+ adc x7, x7, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x11, #63
- and x11, x11, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x8, x8, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x9, x9, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x10, x10, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x11, x11, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x9, x9, x16
- adcs x10, x10, x17
- adcs x11, x11, x19
+ mov x25, #38
+ mul x26, x25, x7
+ adds x24, x24, x26
+ umulh x27, x25, x7
adc x27, x27, xzr
- # Overflow
- extr x27, x27, x11, #63
+ mov x25, #19
+ extr x27, x27, x24, #63
mul x27, x27, x25
- and x11, x11, #0x7fffffffffffffff
- adds x8, x8, x27
- adcs x9, x9, xzr
- adcs x10, x10, xzr
- adc x11, x11, xzr
- # Reduce if top bit set
- and x27, x25, x11, asr 63
- and x11, x11, #0x7fffffffffffffff
- adds x8, x8, x27
- adcs x9, x9, xzr
- adcs x10, x10, xzr
- adc x11, x11, xzr
- # Store
- stp x8, x9, [x0]
- stp x10, x11, [x0, #16]
- ldr x0, [x29, #24]
+ and x24, x24, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x4
+ adds x21, x21, x26
+ umulh x4, x25, x4
+ mul x26, x25, x5
+ adcs x22, x22, x26
+ umulh x5, x25, x5
+ mul x26, x25, x6
+ adcs x23, x23, x26
+ umulh x6, x25, x6
+ adc x24, x24, xzr
+ # Add high product results in
+ adds x21, x21, x27
+ adcs x22, x22, x4
+ adcs x23, x23, x5
+ adc x24, x24, x6
+ add x3, x0, #32
+ mov x2, x0
+ add x1, x0, #32
# Add
- adds x12, x12, x21
- adcs x13, x13, x22
- adcs x14, x14, x23
- adc x15, x15, x24
+ adds x4, x21, x8
+ adcs x5, x22, x9
+ adcs x6, x23, x10
+ adcs x7, x24, x11
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x7, #63
+ mul x25, x28, x25
+ # Sub modulus (if overflow)
+ adds x4, x4, x25
+ adcs x5, x5, xzr
+ and x7, x7, #0x7fffffffffffffff
+ adcs x6, x6, xzr
+ adc x7, x7, xzr
+ # Sub
+ subs x12, x21, x8
+ sbcs x13, x22, x9
+ sbcs x14, x23, x10
+ sbcs x15, x24, x11
+ csetm x28, cc
mov x25, #-19
- asr x28, x15, #63
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
+ # Add modulus (if underflow)
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
+ stp x4, x5, [x0]
+ stp x6, x7, [x0, #16]
+ stp x12, x13, [x1]
+ stp x14, x15, [x1, #16]
+ ldr x1, [x29, #24]
+ add x2, x1, #32
+ sub x0, x0, #32
+ # Add
+ ldp x8, x9, [x1]
+ ldp x10, x11, [x1, #16]
+ adds x8, x8, x16
+ adcs x9, x9, x17
+ adcs x10, x10, x19
+ adcs x11, x11, x20
+ cset x28, cs
+ mov x25, #19
# Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x12, x12, x25
- sbcs x13, x13, x28
- sbcs x14, x14, x28
- sbc x15, x15, x26
- ldr x0, [x29, #40]
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
+ mov x1, x0
# Square
# A[0] * A[1]
- mul x17, x12, x13
- umulh x19, x12, x13
- # A[0] * A[2]
- mul x25, x12, x14
- umulh x20, x12, x14
- adds x19, x19, x25
- adc x20, x20, xzr
+ umulh x23, x8, x9
+ mul x22, x8, x9
# A[0] * A[3]
- mul x25, x12, x15
- umulh x21, x12, x15
- adds x20, x20, x25
- adc x21, x21, xzr
- # A[1] * A[2]
- mul x25, x13, x14
- umulh x26, x13, x14
- adds x20, x20, x25
- adcs x21, x21, x26
- adc x22, xzr, xzr
+ umulh x4, x8, x11
+ mul x24, x8, x11
+ # A[0] * A[2]
+ mul x25, x8, x10
+ adds x23, x23, x25
+ umulh x26, x8, x10
+ adcs x24, x24, x26
# A[1] * A[3]
- mul x25, x13, x15
- umulh x26, x13, x15
- adds x21, x21, x25
- adc x22, x22, x26
+ mul x25, x9, x11
+ adcs x4, x4, x25
+ umulh x5, x9, x11
+ adc x5, x5, xzr
+ # A[1] * A[2]
+ mul x25, x9, x10
+ adds x24, x24, x25
+ umulh x26, x9, x10
+ adcs x4, x4, x26
# A[2] * A[3]
- mul x25, x14, x15
- umulh x23, x14, x15
- adds x22, x22, x25
- adc x23, x23, xzr
+ mul x25, x10, x11
+ adcs x5, x5, x25
+ umulh x6, x10, x11
+ adc x6, x6, xzr
# Double
- adds x17, x17, x17
- adcs x19, x19, x19
- adcs x20, x20, x20
- adcs x21, x21, x21
- adcs x22, x22, x22
+ adds x22, x22, x22
adcs x23, x23, x23
- adc x24, xzr, xzr
+ adcs x24, x24, x24
+ adcs x4, x4, x4
+ adcs x5, x5, x5
+ adcs x6, x6, x6
+ adc x7, xzr, xzr
# A[0] * A[0]
- mul x16, x12, x12
- umulh x27, x12, x12
+ umulh x26, x8, x8
+ mul x21, x8, x8
# A[1] * A[1]
- mul x25, x13, x13
- umulh x26, x13, x13
- adds x17, x17, x27
- adcs x19, x19, x25
- adc x27, x26, xzr
+ mul x25, x9, x9
+ adds x22, x22, x26
+ umulh x26, x9, x9
+ adcs x23, x23, x25
# A[2] * A[2]
- mul x25, x14, x14
- umulh x26, x14, x14
- adds x20, x20, x27
- adcs x21, x21, x25
- adc x27, x26, xzr
+ mul x25, x10, x10
+ adcs x24, x24, x26
+ umulh x26, x10, x10
+ adcs x4, x4, x25
# A[3] * A[3]
- mul x25, x15, x15
- umulh x26, x15, x15
- adds x22, x22, x27
- adcs x23, x23, x25
- adc x24, x24, x26
+ mul x25, x11, x11
+ adcs x5, x5, x26
+ umulh x26, x11, x11
+ adcs x6, x6, x25
+ adc x7, x7, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x24, x24, x23, #63
- extr x23, x23, x22, #63
- extr x22, x22, x21, #63
- extr x21, x21, x20, #63
- and x20, x20, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x21
- umulh x21, x25, x21
- adds x16, x16, x26
- mul x26, x25, x22
- umulh x22, x25, x22
- adcs x17, x17, x26
- mul x26, x25, x23
- umulh x23, x25, x23
- adcs x19, x19, x26
- mul x26, x25, x24
- umulh x27, x25, x24
- adcs x20, x20, x26
+ mov x25, #38
+ mul x26, x25, x7
+ adds x24, x24, x26
+ umulh x27, x25, x7
adc x27, x27, xzr
- # Add remaining product results in
- adds x17, x17, x21
- adcs x19, x19, x22
- adcs x20, x20, x23
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x20, #63
+ mov x25, #19
+ extr x27, x27, x24, #63
mul x27, x27, x25
- and x20, x20, #0x7fffffffffffffff
- adds x16, x16, x27
- adcs x17, x17, xzr
- adcs x19, x19, xzr
- adc x20, x20, xzr
- # Reduce if top bit set
- and x27, x25, x20, asr 63
- and x20, x20, #0x7fffffffffffffff
- adds x16, x16, x27
- adcs x17, x17, xzr
- adcs x19, x19, xzr
- adc x20, x20, xzr
- # Store
- stp x16, x17, [x0]
- stp x19, x20, [x0, #16]
- ldr x0, [x29, #24]
- ldr x1, [x29, #32]
- # Add
- adds x12, x8, x4
- adcs x13, x9, x5
- adcs x14, x10, x6
- adc x15, x11, x7
- mov x25, #-19
- asr x28, x15, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
- # Sub modulus (if overflow)
- subs x12, x12, x25
- sbcs x13, x13, x28
- sbcs x14, x14, x28
- sbc x15, x15, x26
+ and x24, x24, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x4
+ adds x21, x21, x26
+ umulh x4, x25, x4
+ mul x26, x25, x5
+ adcs x22, x22, x26
+ umulh x5, x25, x5
+ mul x26, x25, x6
+ adcs x23, x23, x26
+ umulh x6, x25, x6
+ adc x24, x24, xzr
+ # Add high product results in
+ adds x21, x21, x27
+ adcs x22, x22, x4
+ adcs x23, x23, x5
+ adc x24, x24, x6
+ add x2, x0, #32
# Sub
- subs x21, x8, x4
- sbcs x22, x9, x5
- sbcs x23, x10, x6
- sbcs x24, x11, x7
- mov x25, #-19
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ subs x21, x21, x8
+ sbcs x22, x22, x9
+ sbcs x23, x23, x10
+ sbcs x24, x24, x11
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
- # Add modulus (if underflow)
- adds x21, x21, x25
- adcs x22, x22, x28
- adcs x23, x23, x28
- adc x24, x24, x26
- stp x12, x13, [x0]
- stp x14, x15, [x0, #16]
- stp x21, x22, [x1]
- stp x23, x24, [x1, #16]
- ldr x0, [x29, #16]
- # Sub
- subs x16, x16, x12
- sbcs x17, x17, x13
- sbcs x19, x19, x14
- sbcs x20, x20, x15
mov x25, #-19
- csetm x28, cc
# Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ extr x28, x28, x24, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
- stp x16, x17, [x0]
- stp x19, x20, [x0, #16]
- ldr x0, [x29, #40]
- ldr x1, [x29, #64]
+ subs x21, x21, x25
+ sbcs x22, x22, xzr
+ and x24, x24, #0x7fffffffffffffff
+ sbcs x23, x23, xzr
+ sbc x24, x24, xzr
+ stp x21, x22, [x0]
+ stp x23, x24, [x0, #16]
+ ldr x2, [x29, #24]
+ add x2, x2, #0x40
+ add x0, x0, #0x60
# Square * 2
- ldp x12, x13, [x1]
- ldp x14, x15, [x1, #16]
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
# A[0] * A[1]
- mul x5, x12, x13
- umulh x6, x12, x13
+ umulh x6, x16, x17
+ mul x5, x16, x17
+ # A[0] * A[3]
+ umulh x8, x16, x20
+ mul x7, x16, x20
# A[0] * A[2]
- mul x25, x12, x14
- umulh x7, x12, x14
+ mul x25, x16, x19
adds x6, x6, x25
- adc x7, x7, xzr
- # A[0] * A[3]
- mul x25, x12, x15
- umulh x8, x12, x15
- adds x7, x7, x25
- adc x8, x8, xzr
+ umulh x26, x16, x19
+ adcs x7, x7, x26
+ # A[1] * A[3]
+ mul x25, x17, x20
+ adcs x8, x8, x25
+ umulh x9, x17, x20
+ adc x9, x9, xzr
# A[1] * A[2]
- mul x25, x13, x14
- umulh x26, x13, x14
+ mul x25, x17, x19
adds x7, x7, x25
+ umulh x26, x17, x19
adcs x8, x8, x26
- adc x9, xzr, xzr
- # A[1] * A[3]
- mul x25, x13, x15
- umulh x26, x13, x15
- adds x8, x8, x25
- adc x9, x9, x26
# A[2] * A[3]
- mul x25, x14, x15
- umulh x10, x14, x15
- adds x9, x9, x25
+ mul x25, x19, x20
+ adcs x9, x9, x25
+ umulh x10, x19, x20
adc x10, x10, xzr
# Double
adds x5, x5, x5
@@ -4765,653 +5910,551 @@ _fe_ge_dbl:
adcs x10, x10, x10
adc x11, xzr, xzr
# A[0] * A[0]
- mul x4, x12, x12
- umulh x28, x12, x12
+ umulh x26, x16, x16
+ mul x4, x16, x16
# A[1] * A[1]
- mul x25, x13, x13
- umulh x26, x13, x13
- adds x5, x5, x28
+ mul x25, x17, x17
+ adds x5, x5, x26
+ umulh x26, x17, x17
adcs x6, x6, x25
- adc x28, x26, xzr
# A[2] * A[2]
- mul x25, x14, x14
- umulh x26, x14, x14
- adds x7, x7, x28
+ mul x25, x19, x19
+ adcs x7, x7, x26
+ umulh x26, x19, x19
adcs x8, x8, x25
- adc x28, x26, xzr
# A[3] * A[3]
- mul x25, x15, x15
- umulh x26, x15, x15
- adds x9, x9, x28
+ mul x25, x20, x20
+ adcs x9, x9, x26
+ umulh x26, x20, x20
adcs x10, x10, x25
adc x11, x11, x26
- # Double and Reduce
- mov x25, #0x169
- # Move top half into t4-t7 and remove top bit from t3
- lsr x28, x11, #61
- extr x11, x11, x10, #62
- extr x10, x10, x9, #62
- extr x9, x9, x8, #62
- extr x8, x8, x7, #62
- extr x7, x7, x6, #63
- extr x6, x6, x5, #63
- extr x5, x5, x4, #63
- lsl x4, x4, #1
- and x7, x7, #0x7fffffffffffffff
- # Two left, only one right
- and x11, x11, #0x7fffffffffffffff
- # Multiply top bits by 19*19
- mul x28, x28, x25
- # Multiply top half by 19
+ # Reduce
+ mov x25, #38
+ mul x26, x25, x11
+ adds x7, x7, x26
+ umulh x27, x25, x11
+ adc x27, x27, xzr
mov x25, #19
+ extr x27, x27, x7, #63
+ mul x27, x27, x25
+ and x7, x7, #0x7fffffffffffffff
+ mov x25, #38
mul x26, x25, x8
- umulh x8, x25, x8
adds x4, x4, x26
+ umulh x8, x25, x8
mul x26, x25, x9
- umulh x9, x25, x9
adcs x5, x5, x26
+ umulh x9, x25, x9
mul x26, x25, x10
- umulh x10, x25, x10
adcs x6, x6, x26
- mul x26, x25, x11
- umulh x27, x25, x11
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x4, x4, x28
+ umulh x10, x25, x10
+ adc x7, x7, xzr
+ # Add high product results in
+ adds x4, x4, x27
adcs x5, x5, x8
adcs x6, x6, x9
- adcs x7, x7, x10
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x7, #63
- mul x27, x27, x25
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
+ adc x7, x7, x10
+ mov x25, #19
+ lsr x26, x7, #62
+ extr x7, x7, x6, #63
+ extr x6, x6, x5, #63
+ extr x5, x5, x4, #63
+ lsl x4, x4, #1
+ mul x26, x26, x25
+ adds x4, x4, x26
adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
adcs x6, x6, xzr
adc x7, x7, xzr
# Store
- ldr x0, [x29, #40]
+ sub x1, x0, #32
# Sub
- subs x4, x4, x21
- sbcs x5, x5, x22
- sbcs x6, x6, x23
- sbcs x7, x7, x24
- mov x25, #-19
+ subs x4, x4, x12
+ sbcs x5, x5, x13
+ sbcs x6, x6, x14
+ sbcs x7, x7, x15
csetm x28, cc
+ mov x25, #-19
# Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ extr x28, x28, x7, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x4, x4, x25
- adcs x5, x5, x28
- adcs x6, x6, x28
- adc x7, x7, x26
+ subs x4, x4, x25
+ sbcs x5, x5, xzr
+ and x7, x7, #0x7fffffffffffffff
+ sbcs x6, x6, xzr
+ sbc x7, x7, xzr
stp x4, x5, [x0]
stp x6, x7, [x0, #16]
- ldr x17, [x29, #88]
- ldr x19, [x29, #96]
- ldp x20, x21, [x29, #104]
- ldp x22, x23, [x29, #120]
- ldp x24, x25, [x29, #136]
- ldp x26, x27, [x29, #152]
- ldr x28, [x29, #168]
- ldp x29, x30, [sp], #0xb0
+ ldr x17, [x29, #40]
+ ldr x19, [x29, #48]
+ ldp x20, x21, [x29, #56]
+ ldp x22, x23, [x29, #72]
+ ldp x24, x25, [x29, #88]
+ ldp x26, x27, [x29, #104]
+ ldr x28, [x29, #120]
+ ldp x29, x30, [sp], #0x80
ret
#ifndef __APPLE__
- .size fe_ge_dbl,.-fe_ge_dbl
+ .size ge_p2_dbl,.-ge_p2_dbl
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_madd
-.type fe_ge_madd,@function
+.globl ge_madd
+.type ge_madd,@function
.align 2
-fe_ge_madd:
+ge_madd:
#else
.section __TEXT,__text
-.globl _fe_ge_madd
+.globl _ge_madd
.p2align 2
-_fe_ge_madd:
+_ge_madd:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-176]!
+ stp x29, x30, [sp, #-144]!
add x29, sp, #0
- str x17, [x29, #88]
- str x19, [x29, #96]
- stp x20, x21, [x29, #104]
- stp x22, x23, [x29, #120]
- stp x24, x25, [x29, #136]
- stp x26, x27, [x29, #152]
- str x28, [x29, #168]
+ str x17, [x29, #56]
+ str x19, [x29, #64]
+ stp x20, x21, [x29, #72]
+ stp x22, x23, [x29, #88]
+ stp x24, x25, [x29, #104]
+ stp x26, x27, [x29, #120]
+ str x28, [x29, #136]
str x0, [x29, #16]
str x1, [x29, #24]
str x2, [x29, #32]
- str x3, [x29, #40]
- str x4, [x29, #48]
- str x5, [x29, #56]
- str x6, [x29, #64]
- str x7, [x29, #72]
- ldr x2, [x29, #56]
- ldr x3, [x29, #48]
+ mov x3, x1
+ add x2, x1, #32
+ add x1, x0, #32
# Add
- ldp x12, x13, [x2]
- ldp x14, x15, [x2, #16]
- ldp x16, x17, [x3]
- ldp x19, x20, [x3, #16]
- adds x4, x12, x16
- adcs x5, x13, x17
- adcs x6, x14, x19
- adc x7, x15, x20
- mov x25, #-19
- asr x28, x7, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ ldp x4, x5, [x3]
+ ldp x6, x7, [x3, #16]
+ adds x16, x8, x4
+ adcs x17, x9, x5
+ adcs x19, x10, x6
+ adcs x20, x11, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x20, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x4, x4, x25
- sbcs x5, x5, x28
- sbcs x6, x6, x28
- sbc x7, x7, x26
+ adds x16, x16, x25
+ adcs x17, x17, xzr
+ and x20, x20, #0x7fffffffffffffff
+ adcs x19, x19, xzr
+ adc x20, x20, xzr
# Sub
- subs x8, x12, x16
- sbcs x9, x13, x17
- sbcs x10, x14, x19
- sbcs x11, x15, x20
- mov x25, #-19
+ subs x12, x8, x4
+ sbcs x13, x9, x5
+ sbcs x14, x10, x6
+ sbcs x15, x11, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x8, x8, x25
- adcs x9, x9, x28
- adcs x10, x10, x28
- adc x11, x11, x26
- ldr x0, [x29, #32]
- ldr x2, [x29, #184]
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
+ ldr x2, [x29, #32]
+ mov x1, x0
# Multiply
- ldp x21, x22, [x2]
- ldp x23, x24, [x2, #16]
- # A[0] * B[0]
- mul x12, x4, x21
- umulh x13, x4, x21
- # A[0] * B[1]
- mul x25, x4, x22
- umulh x14, x4, x22
- adds x13, x13, x25
- adc x14, x14, xzr
- # A[1] * B[0]
- mul x25, x5, x21
- umulh x26, x5, x21
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, xzr, xzr
- # A[0] * B[2]
- mul x25, x4, x23
- umulh x26, x4, x23
- adds x14, x14, x25
- adc x15, x15, x26
- # A[1] * B[1]
- mul x25, x5, x22
- umulh x26, x5, x22
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x6, x21
- umulh x26, x6, x21
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x4, x24
- umulh x26, x4, x24
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x5, x23
- umulh x26, x5, x23
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x6, x22
- umulh x26, x6, x22
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x7, x21
- umulh x26, x7, x21
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x5, x24
- umulh x26, x5, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x6, x23
- umulh x26, x6, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x7, x22
- umulh x26, x7, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x6, x24
- umulh x26, x6, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x7, x23
- umulh x26, x7, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x7, x24
- umulh x26, x7, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ # A[0] * B[0]
+ umulh x22, x16, x8
+ mul x21, x16, x8
+ # A[2] * B[0]
+ umulh x24, x19, x8
+ mul x23, x19, x8
+ # A[1] * B[0]
+ mul x25, x17, x8
+ adds x22, x22, x25
+ umulh x26, x17, x8
+ adcs x23, x23, x26
+ # A[1] * B[3]
+ umulh x5, x17, x11
+ adc x24, x24, xzr
+ mul x4, x17, x11
+ # A[0] * B[1]
+ mul x25, x16, x9
+ adds x22, x22, x25
+ umulh x26, x16, x9
+ adcs x23, x23, x26
+ # A[2] * B[1]
+ mul x25, x19, x9
+ adcs x24, x24, x25
+ umulh x26, x19, x9
+ adcs x4, x4, x26
+ adc x5, x5, xzr
+ # A[1] * B[2]
+ mul x25, x17, x10
+ adds x24, x24, x25
+ umulh x26, x17, x10
+ adcs x4, x4, x26
+ adcs x5, x5, xzr
+ adc x6, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x16, x10
+ adds x23, x23, x25
+ umulh x26, x16, x10
+ adcs x24, x24, x26
+ adcs x4, x4, xzr
+ adcs x5, x5, xzr
+ adc x6, x6, xzr
+ # A[1] * B[1]
+ mul x25, x17, x9
+ adds x23, x23, x25
+ umulh x26, x17, x9
+ adcs x24, x24, x26
+ # A[3] * B[1]
+ mul x25, x20, x9
+ adcs x4, x4, x25
+ umulh x26, x20, x9
+ adcs x5, x5, x26
+ adc x6, x6, xzr
+ # A[2] * B[2]
+ mul x25, x19, x10
+ adds x4, x4, x25
+ umulh x26, x19, x10
+ adcs x5, x5, x26
+ # A[3] * B[3]
+ mul x25, x20, x11
+ adcs x6, x6, x25
+ umulh x7, x20, x11
+ adc x7, x7, xzr
+ # A[0] * B[3]
+ mul x25, x16, x11
+ adds x24, x24, x25
+ umulh x26, x16, x11
+ adcs x4, x4, x26
+ # A[2] * B[3]
+ mul x25, x19, x11
+ adcs x5, x5, x25
+ umulh x26, x19, x11
+ adcs x6, x6, x26
+ adc x7, x7, xzr
+ # A[3] * B[0]
+ mul x25, x20, x8
+ adds x24, x24, x25
+ umulh x26, x20, x8
+ adcs x4, x4, x26
+ # A[3] * B[2]
+ mul x25, x20, x10
+ adcs x5, x5, x25
+ umulh x26, x20, x10
+ adcs x6, x6, x26
+ adc x7, x7, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x15, #63
- and x15, x15, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x12, x12, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x13, x13, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x14, x14, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x15, x15, x26
+ mov x25, #38
+ mul x26, x25, x7
+ adds x24, x24, x26
+ umulh x27, x25, x7
adc x27, x27, xzr
- # Add remaining product results in
- adds x13, x13, x16
- adcs x14, x14, x17
- adcs x15, x15, x19
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x15, #63
+ mov x25, #19
+ extr x27, x27, x24, #63
mul x27, x27, x25
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
- # Reduce if top bit set
- and x27, x25, x15, asr 63
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
- # Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #192]
+ and x24, x24, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x4
+ adds x21, x21, x26
+ umulh x4, x25, x4
+ mul x26, x25, x5
+ adcs x22, x22, x26
+ umulh x5, x25, x5
+ mul x26, x25, x6
+ adcs x23, x23, x26
+ umulh x6, x25, x6
+ adc x24, x24, xzr
+ # Add high product results in
+ adds x21, x21, x27
+ adcs x22, x22, x4
+ adcs x23, x23, x5
+ adc x24, x24, x6
+ add x2, x2, #32
+ add x1, x0, #32
+ add x0, x0, #32
# Multiply
- ldp x21, x22, [x1]
- ldp x23, x24, [x1, #16]
- # A[0] * B[0]
- mul x4, x8, x21
- umulh x5, x8, x21
- # A[0] * B[1]
- mul x25, x8, x22
- umulh x6, x8, x22
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
+ # A[0] * B[0]
+ umulh x5, x12, x16
+ mul x4, x12, x16
+ # A[2] * B[0]
+ umulh x7, x14, x16
+ mul x6, x14, x16
+ # A[1] * B[0]
+ mul x25, x13, x16
adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x9, x21
- umulh x26, x9, x21
+ umulh x26, x13, x16
+ adcs x6, x6, x26
+ # A[1] * B[3]
+ umulh x9, x13, x20
+ adc x7, x7, xzr
+ mul x8, x13, x20
+ # A[0] * B[1]
+ mul x25, x12, x17
adds x5, x5, x25
+ umulh x26, x12, x17
adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x8, x23
- umulh x26, x8, x23
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x9, x22
- umulh x26, x9, x22
+ # A[2] * B[1]
+ mul x25, x14, x17
+ adcs x7, x7, x25
+ umulh x26, x14, x17
+ adcs x8, x8, x26
+ adc x9, x9, xzr
+ # A[1] * B[2]
+ mul x25, x13, x19
+ adds x7, x7, x25
+ umulh x26, x13, x19
+ adcs x8, x8, x26
+ adcs x9, x9, xzr
+ adc x10, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x12, x19
adds x6, x6, x25
+ umulh x26, x12, x19
adcs x7, x7, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x10, x21
- umulh x26, x10, x21
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x13, x17
adds x6, x6, x25
+ umulh x26, x13, x17
adcs x7, x7, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x8, x24
- umulh x26, x8, x24
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x9, x23
- umulh x26, x9, x23
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x10, x22
- umulh x26, x10, x22
+ # A[3] * B[1]
+ mul x25, x15, x17
+ adcs x8, x8, x25
+ umulh x26, x15, x17
+ adcs x9, x9, x26
+ adc x10, x10, xzr
+ # A[2] * B[2]
+ mul x25, x14, x19
+ adds x8, x8, x25
+ umulh x26, x14, x19
+ adcs x9, x9, x26
+ # A[3] * B[3]
+ mul x25, x15, x20
+ adcs x10, x10, x25
+ umulh x11, x15, x20
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x12, x20
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x11, x21
- umulh x26, x11, x21
+ umulh x26, x12, x20
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x14, x20
+ adcs x9, x9, x25
+ umulh x26, x14, x20
+ adcs x10, x10, x26
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x15, x16
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x9, x24
- umulh x26, x9, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x10, x23
- umulh x26, x10, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x11, x22
- umulh x26, x11, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x10, x24
- umulh x26, x10, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x11, x23
- umulh x26, x11, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x11, x24
- umulh x26, x11, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ umulh x26, x15, x16
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x15, x19
+ adcs x9, x9, x25
+ umulh x26, x15, x19
+ adcs x10, x10, x26
+ adc x11, x11, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x4, x4, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x5, x5, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x6, x6, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x16
- adcs x6, x6, x17
- adcs x7, x7, x19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x7, x7, x26
+ umulh x27, x25, x11
adc x27, x27, xzr
- # Overflow
+ mov x25, #19
extr x27, x27, x7, #63
mul x27, x27, x25
and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
+ mov x25, #38
+ mul x26, x25, x8
+ adds x4, x4, x26
+ umulh x8, x25, x8
+ mul x26, x25, x9
+ adcs x5, x5, x26
+ umulh x9, x25, x9
+ mul x26, x25, x10
+ adcs x6, x6, x26
+ umulh x10, x25, x10
adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
+ # Add high product results in
adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #16]
+ adcs x5, x5, x8
+ adcs x6, x6, x9
+ adc x7, x7, x10
+ mov x3, x0
+ sub x2, x0, #32
+ sub x1, x0, #32
# Add
- adds x8, x12, x4
- adcs x9, x13, x5
- adcs x10, x14, x6
- adc x11, x15, x7
- mov x25, #-19
- asr x28, x11, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ adds x8, x21, x4
+ adcs x9, x22, x5
+ adcs x10, x23, x6
+ adcs x11, x24, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x8, x8, x25
- sbcs x9, x9, x28
- sbcs x10, x10, x28
- sbc x11, x11, x26
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
# Sub
- subs x16, x12, x4
- sbcs x17, x13, x5
- sbcs x19, x14, x6
- sbcs x20, x15, x7
- mov x25, #-19
+ subs x12, x21, x4
+ sbcs x13, x22, x5
+ sbcs x14, x23, x6
+ sbcs x15, x24, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
stp x8, x9, [x0]
stp x10, x11, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x0, [x29, #40]
- ldr x1, [x29, #176]
- ldr x3, [x29, #72]
+ stp x12, x13, [x1]
+ stp x14, x15, [x1, #16]
+ ldr x1, [x29, #24]
+ ldr x2, [x29, #32]
+ add x2, x2, #0x40
+ add x1, x1, #0x60
+ add x0, x0, #0x40
# Multiply
- ldp x16, x17, [x1]
- ldp x19, x20, [x1, #16]
- ldp x21, x22, [x3]
- ldp x23, x24, [x3, #16]
- # A[0] * B[0]
- mul x4, x16, x21
- umulh x5, x16, x21
- # A[0] * B[1]
- mul x25, x16, x22
- umulh x6, x16, x22
- adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x17, x21
- umulh x26, x17, x21
- adds x5, x5, x25
- adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x16, x23
- umulh x26, x16, x23
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x17, x22
- umulh x26, x17, x22
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, xzr, xzr
- # A[2] * B[0]
- mul x25, x19, x21
- umulh x26, x19, x21
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, x8, xzr
- # A[0] * B[3]
- mul x25, x16, x24
- umulh x26, x16, x24
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, xzr, xzr
- # A[1] * B[2]
- mul x25, x17, x23
- umulh x26, x17, x23
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, x9, xzr
- # A[2] * B[1]
- mul x25, x19, x22
- umulh x26, x19, x22
- adds x7, x7, x25
+ ldp x21, x22, [x1]
+ ldp x23, x24, [x1, #16]
+ ldp x4, x5, [x2]
+ ldp x6, x7, [x2, #16]
+ # A[0] * B[0]
+ umulh x17, x21, x4
+ mul x16, x21, x4
+ # A[2] * B[0]
+ umulh x20, x23, x4
+ mul x19, x23, x4
+ # A[1] * B[0]
+ mul x25, x22, x4
+ adds x17, x17, x25
+ umulh x26, x22, x4
+ adcs x19, x19, x26
+ # A[1] * B[3]
+ umulh x9, x22, x7
+ adc x20, x20, xzr
+ mul x8, x22, x7
+ # A[0] * B[1]
+ mul x25, x21, x5
+ adds x17, x17, x25
+ umulh x26, x21, x5
+ adcs x19, x19, x26
+ # A[2] * B[1]
+ mul x25, x23, x5
+ adcs x20, x20, x25
+ umulh x26, x23, x5
adcs x8, x8, x26
adc x9, x9, xzr
- # A[3] * B[0]
- mul x25, x20, x21
- umulh x26, x20, x21
- adds x7, x7, x25
+ # A[1] * B[2]
+ mul x25, x22, x6
+ adds x20, x20, x25
+ umulh x26, x22, x6
adcs x8, x8, x26
- adc x9, x9, xzr
- # A[1] * B[3]
- mul x25, x17, x24
- umulh x26, x17, x24
- adds x8, x8, x25
- adcs x9, x9, x26
+ adcs x9, x9, xzr
adc x10, xzr, xzr
- # A[2] * B[2]
- mul x25, x19, x23
- umulh x26, x19, x23
- adds x8, x8, x25
+ # A[0] * B[2]
+ mul x25, x21, x6
+ adds x19, x19, x25
+ umulh x26, x21, x6
+ adcs x20, x20, x26
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x22, x5
+ adds x19, x19, x25
+ umulh x26, x22, x5
+ adcs x20, x20, x26
+ # A[3] * B[1]
+ mul x25, x24, x5
+ adcs x8, x8, x25
+ umulh x26, x24, x5
adcs x9, x9, x26
adc x10, x10, xzr
- # A[3] * B[1]
- mul x25, x20, x22
- umulh x26, x20, x22
+ # A[2] * B[2]
+ mul x25, x23, x6
adds x8, x8, x25
+ umulh x26, x23, x6
adcs x9, x9, x26
- adc x10, x10, xzr
- # A[2] * B[3]
- mul x25, x19, x24
- umulh x26, x19, x24
- adds x9, x9, x25
+ # A[3] * B[3]
+ mul x25, x24, x7
+ adcs x10, x10, x25
+ umulh x11, x24, x7
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x21, x7
+ adds x20, x20, x25
+ umulh x26, x21, x7
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x23, x7
+ adcs x9, x9, x25
+ umulh x26, x23, x7
adcs x10, x10, x26
- adc x11, xzr, xzr
- # A[3] * B[2]
- mul x25, x20, x23
- umulh x26, x20, x23
- adds x9, x9, x25
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x24, x4
+ adds x20, x20, x25
+ umulh x26, x24, x4
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x24, x6
+ adcs x9, x9, x25
+ umulh x26, x24, x6
adcs x10, x10, x26
adc x11, x11, xzr
- # A[3] * B[3]
- mul x25, x20, x24
- umulh x26, x20, x24
- adds x10, x10, x25
- adc x11, x11, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x20, x20, x26
+ umulh x27, x25, x11
+ adc x27, x27, xzr
mov x25, #19
+ extr x27, x27, x20, #63
+ mul x27, x27, x25
+ and x20, x20, #0x7fffffffffffffff
+ mov x25, #38
mul x26, x25, x8
+ adds x16, x16, x26
umulh x8, x25, x8
- adds x4, x4, x26
mul x26, x25, x9
+ adcs x17, x17, x26
umulh x9, x25, x9
- adcs x5, x5, x26
mul x26, x25, x10
+ adcs x19, x19, x26
umulh x10, x25, x10
- adcs x6, x6, x26
- mul x26, x25, x11
- umulh x27, x25, x11
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x8
- adcs x6, x6, x9
- adcs x7, x7, x10
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x7, #63
- mul x27, x27, x25
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Store
- ldr x0, [x29, #32]
- ldr x1, [x29, #64]
+ adc x20, x20, xzr
+ # Add high product results in
+ adds x16, x16, x27
+ adcs x17, x17, x8
+ adcs x19, x19, x9
+ adc x20, x20, x10
+ sub x1, x1, #32
# Double
- ldp x8, x9, [x1]
- ldp x10, x11, [x1, #16]
- adds x8, x8, x8
- adcs x9, x9, x9
- adcs x10, x10, x10
- adc x11, x11, x11
- mov x25, #-19
- asr x28, x11, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
- # Sub modulus (if overflow)
- subs x8, x8, x25
- sbcs x9, x9, x28
- sbcs x10, x10, x28
- sbc x11, x11, x26
- ldr x1, [x29, #40]
- # Add
- adds x12, x8, x4
- adcs x13, x9, x5
- adcs x14, x10, x6
- adc x15, x11, x7
+ ldp x12, x13, [x1]
+ ldp x14, x15, [x1, #16]
+ adds x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adc x15, x15, x15
mov x25, #-19
asr x28, x15, #63
# Mask the modulus
@@ -5422,580 +6465,514 @@ _fe_ge_madd:
sbcs x13, x13, x28
sbcs x14, x14, x28
sbc x15, x15, x26
+ mov x3, x0
+ sub x2, x0, #32
+ mov x1, x0
+ sub x0, x0, #32
+ # Add
+ adds x8, x12, x16
+ adcs x9, x13, x17
+ adcs x10, x14, x19
+ adcs x11, x15, x20
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
+ # Sub modulus (if overflow)
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
# Sub
- subs x16, x8, x4
- sbcs x17, x9, x5
- sbcs x19, x10, x6
- sbcs x20, x11, x7
- mov x25, #-19
+ subs x4, x12, x16
+ sbcs x5, x13, x17
+ sbcs x6, x14, x19
+ sbcs x7, x15, x20
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x7, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
- stp x12, x13, [x0]
- stp x14, x15, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x17, [x29, #88]
- ldr x19, [x29, #96]
- ldp x20, x21, [x29, #104]
- ldp x22, x23, [x29, #120]
- ldp x24, x25, [x29, #136]
- ldp x26, x27, [x29, #152]
- ldr x28, [x29, #168]
- ldp x29, x30, [sp], #0xb0
+ subs x4, x4, x25
+ sbcs x5, x5, xzr
+ and x7, x7, #0x7fffffffffffffff
+ sbcs x6, x6, xzr
+ sbc x7, x7, xzr
+ stp x8, x9, [x0]
+ stp x10, x11, [x0, #16]
+ stp x4, x5, [x1]
+ stp x6, x7, [x1, #16]
+ ldr x17, [x29, #56]
+ ldr x19, [x29, #64]
+ ldp x20, x21, [x29, #72]
+ ldp x22, x23, [x29, #88]
+ ldp x24, x25, [x29, #104]
+ ldp x26, x27, [x29, #120]
+ ldr x28, [x29, #136]
+ ldp x29, x30, [sp], #0x90
ret
#ifndef __APPLE__
- .size fe_ge_madd,.-fe_ge_madd
+ .size ge_madd,.-ge_madd
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_msub
-.type fe_ge_msub,@function
+.globl ge_msub
+.type ge_msub,@function
.align 2
-fe_ge_msub:
+ge_msub:
#else
.section __TEXT,__text
-.globl _fe_ge_msub
+.globl _ge_msub
.p2align 2
-_fe_ge_msub:
+_ge_msub:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-176]!
+ stp x29, x30, [sp, #-144]!
add x29, sp, #0
- str x17, [x29, #88]
- str x19, [x29, #96]
- stp x20, x21, [x29, #104]
- stp x22, x23, [x29, #120]
- stp x24, x25, [x29, #136]
- stp x26, x27, [x29, #152]
- str x28, [x29, #168]
+ str x17, [x29, #56]
+ str x19, [x29, #64]
+ stp x20, x21, [x29, #72]
+ stp x22, x23, [x29, #88]
+ stp x24, x25, [x29, #104]
+ stp x26, x27, [x29, #120]
+ str x28, [x29, #136]
str x0, [x29, #16]
str x1, [x29, #24]
str x2, [x29, #32]
- str x3, [x29, #40]
- str x4, [x29, #48]
- str x5, [x29, #56]
- str x6, [x29, #64]
- str x7, [x29, #72]
- ldr x2, [x29, #56]
- ldr x3, [x29, #48]
+ mov x3, x1
+ add x2, x1, #32
+ add x1, x0, #32
# Add
- ldp x12, x13, [x2]
- ldp x14, x15, [x2, #16]
- ldp x16, x17, [x3]
- ldp x19, x20, [x3, #16]
- adds x4, x12, x16
- adcs x5, x13, x17
- adcs x6, x14, x19
- adc x7, x15, x20
- mov x25, #-19
- asr x28, x7, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ ldp x4, x5, [x3]
+ ldp x6, x7, [x3, #16]
+ adds x16, x8, x4
+ adcs x17, x9, x5
+ adcs x19, x10, x6
+ adcs x20, x11, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x20, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x4, x4, x25
- sbcs x5, x5, x28
- sbcs x6, x6, x28
- sbc x7, x7, x26
+ adds x16, x16, x25
+ adcs x17, x17, xzr
+ and x20, x20, #0x7fffffffffffffff
+ adcs x19, x19, xzr
+ adc x20, x20, xzr
# Sub
- subs x8, x12, x16
- sbcs x9, x13, x17
- sbcs x10, x14, x19
- sbcs x11, x15, x20
- mov x25, #-19
+ subs x12, x8, x4
+ sbcs x13, x9, x5
+ sbcs x14, x10, x6
+ sbcs x15, x11, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x8, x8, x25
- adcs x9, x9, x28
- adcs x10, x10, x28
- adc x11, x11, x26
- ldr x0, [x29, #32]
- ldr x2, [x29, #192]
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
+ ldr x2, [x29, #32]
+ add x2, x2, #32
+ mov x1, x0
# Multiply
- ldp x21, x22, [x2]
- ldp x23, x24, [x2, #16]
- # A[0] * B[0]
- mul x12, x4, x21
- umulh x13, x4, x21
- # A[0] * B[1]
- mul x25, x4, x22
- umulh x14, x4, x22
- adds x13, x13, x25
- adc x14, x14, xzr
- # A[1] * B[0]
- mul x25, x5, x21
- umulh x26, x5, x21
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, xzr, xzr
- # A[0] * B[2]
- mul x25, x4, x23
- umulh x26, x4, x23
- adds x14, x14, x25
- adc x15, x15, x26
- # A[1] * B[1]
- mul x25, x5, x22
- umulh x26, x5, x22
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x6, x21
- umulh x26, x6, x21
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x4, x24
- umulh x26, x4, x24
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x5, x23
- umulh x26, x5, x23
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x6, x22
- umulh x26, x6, x22
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x7, x21
- umulh x26, x7, x21
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x5, x24
- umulh x26, x5, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x6, x23
- umulh x26, x6, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x7, x22
- umulh x26, x7, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x6, x24
- umulh x26, x6, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x7, x23
- umulh x26, x7, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x7, x24
- umulh x26, x7, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ # A[0] * B[0]
+ umulh x22, x16, x8
+ mul x21, x16, x8
+ # A[2] * B[0]
+ umulh x24, x19, x8
+ mul x23, x19, x8
+ # A[1] * B[0]
+ mul x25, x17, x8
+ adds x22, x22, x25
+ umulh x26, x17, x8
+ adcs x23, x23, x26
+ # A[1] * B[3]
+ umulh x5, x17, x11
+ adc x24, x24, xzr
+ mul x4, x17, x11
+ # A[0] * B[1]
+ mul x25, x16, x9
+ adds x22, x22, x25
+ umulh x26, x16, x9
+ adcs x23, x23, x26
+ # A[2] * B[1]
+ mul x25, x19, x9
+ adcs x24, x24, x25
+ umulh x26, x19, x9
+ adcs x4, x4, x26
+ adc x5, x5, xzr
+ # A[1] * B[2]
+ mul x25, x17, x10
+ adds x24, x24, x25
+ umulh x26, x17, x10
+ adcs x4, x4, x26
+ adcs x5, x5, xzr
+ adc x6, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x16, x10
+ adds x23, x23, x25
+ umulh x26, x16, x10
+ adcs x24, x24, x26
+ adcs x4, x4, xzr
+ adcs x5, x5, xzr
+ adc x6, x6, xzr
+ # A[1] * B[1]
+ mul x25, x17, x9
+ adds x23, x23, x25
+ umulh x26, x17, x9
+ adcs x24, x24, x26
+ # A[3] * B[1]
+ mul x25, x20, x9
+ adcs x4, x4, x25
+ umulh x26, x20, x9
+ adcs x5, x5, x26
+ adc x6, x6, xzr
+ # A[2] * B[2]
+ mul x25, x19, x10
+ adds x4, x4, x25
+ umulh x26, x19, x10
+ adcs x5, x5, x26
+ # A[3] * B[3]
+ mul x25, x20, x11
+ adcs x6, x6, x25
+ umulh x7, x20, x11
+ adc x7, x7, xzr
+ # A[0] * B[3]
+ mul x25, x16, x11
+ adds x24, x24, x25
+ umulh x26, x16, x11
+ adcs x4, x4, x26
+ # A[2] * B[3]
+ mul x25, x19, x11
+ adcs x5, x5, x25
+ umulh x26, x19, x11
+ adcs x6, x6, x26
+ adc x7, x7, xzr
+ # A[3] * B[0]
+ mul x25, x20, x8
+ adds x24, x24, x25
+ umulh x26, x20, x8
+ adcs x4, x4, x26
+ # A[3] * B[2]
+ mul x25, x20, x10
+ adcs x5, x5, x25
+ umulh x26, x20, x10
+ adcs x6, x6, x26
+ adc x7, x7, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x15, #63
- and x15, x15, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x12, x12, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x13, x13, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x14, x14, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x15, x15, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x13, x13, x16
- adcs x14, x14, x17
- adcs x15, x15, x19
+ mov x25, #38
+ mul x26, x25, x7
+ adds x24, x24, x26
+ umulh x27, x25, x7
adc x27, x27, xzr
- # Overflow
- extr x27, x27, x15, #63
+ mov x25, #19
+ extr x27, x27, x24, #63
mul x27, x27, x25
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
- # Reduce if top bit set
- and x27, x25, x15, asr 63
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
- # Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #184]
+ and x24, x24, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x4
+ adds x21, x21, x26
+ umulh x4, x25, x4
+ mul x26, x25, x5
+ adcs x22, x22, x26
+ umulh x5, x25, x5
+ mul x26, x25, x6
+ adcs x23, x23, x26
+ umulh x6, x25, x6
+ adc x24, x24, xzr
+ # Add high product results in
+ adds x21, x21, x27
+ adcs x22, x22, x4
+ adcs x23, x23, x5
+ adc x24, x24, x6
+ sub x2, x2, #32
+ add x1, x0, #32
+ add x0, x0, #32
# Multiply
- ldp x21, x22, [x1]
- ldp x23, x24, [x1, #16]
- # A[0] * B[0]
- mul x4, x8, x21
- umulh x5, x8, x21
- # A[0] * B[1]
- mul x25, x8, x22
- umulh x6, x8, x22
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
+ # A[0] * B[0]
+ umulh x5, x12, x16
+ mul x4, x12, x16
+ # A[2] * B[0]
+ umulh x7, x14, x16
+ mul x6, x14, x16
+ # A[1] * B[0]
+ mul x25, x13, x16
adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x9, x21
- umulh x26, x9, x21
+ umulh x26, x13, x16
+ adcs x6, x6, x26
+ # A[1] * B[3]
+ umulh x9, x13, x20
+ adc x7, x7, xzr
+ mul x8, x13, x20
+ # A[0] * B[1]
+ mul x25, x12, x17
adds x5, x5, x25
+ umulh x26, x12, x17
adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x8, x23
- umulh x26, x8, x23
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x9, x22
- umulh x26, x9, x22
+ # A[2] * B[1]
+ mul x25, x14, x17
+ adcs x7, x7, x25
+ umulh x26, x14, x17
+ adcs x8, x8, x26
+ adc x9, x9, xzr
+ # A[1] * B[2]
+ mul x25, x13, x19
+ adds x7, x7, x25
+ umulh x26, x13, x19
+ adcs x8, x8, x26
+ adcs x9, x9, xzr
+ adc x10, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x12, x19
adds x6, x6, x25
+ umulh x26, x12, x19
adcs x7, x7, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x10, x21
- umulh x26, x10, x21
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x13, x17
adds x6, x6, x25
+ umulh x26, x13, x17
adcs x7, x7, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x8, x24
- umulh x26, x8, x24
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x9, x23
- umulh x26, x9, x23
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x10, x22
- umulh x26, x10, x22
+ # A[3] * B[1]
+ mul x25, x15, x17
+ adcs x8, x8, x25
+ umulh x26, x15, x17
+ adcs x9, x9, x26
+ adc x10, x10, xzr
+ # A[2] * B[2]
+ mul x25, x14, x19
+ adds x8, x8, x25
+ umulh x26, x14, x19
+ adcs x9, x9, x26
+ # A[3] * B[3]
+ mul x25, x15, x20
+ adcs x10, x10, x25
+ umulh x11, x15, x20
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x12, x20
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x11, x21
- umulh x26, x11, x21
+ umulh x26, x12, x20
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x14, x20
+ adcs x9, x9, x25
+ umulh x26, x14, x20
+ adcs x10, x10, x26
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x15, x16
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x9, x24
- umulh x26, x9, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x10, x23
- umulh x26, x10, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x11, x22
- umulh x26, x11, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x10, x24
- umulh x26, x10, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x11, x23
- umulh x26, x11, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x11, x24
- umulh x26, x11, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ umulh x26, x15, x16
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x15, x19
+ adcs x9, x9, x25
+ umulh x26, x15, x19
+ adcs x10, x10, x26
+ adc x11, x11, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x4, x4, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x5, x5, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x6, x6, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x16
- adcs x6, x6, x17
- adcs x7, x7, x19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x7, x7, x26
+ umulh x27, x25, x11
adc x27, x27, xzr
- # Overflow
+ mov x25, #19
extr x27, x27, x7, #63
mul x27, x27, x25
and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
+ mov x25, #38
+ mul x26, x25, x8
+ adds x4, x4, x26
+ umulh x8, x25, x8
+ mul x26, x25, x9
+ adcs x5, x5, x26
+ umulh x9, x25, x9
+ mul x26, x25, x10
+ adcs x6, x6, x26
+ umulh x10, x25, x10
adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
+ # Add high product results in
adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #16]
+ adcs x5, x5, x8
+ adcs x6, x6, x9
+ adc x7, x7, x10
+ mov x3, x0
+ sub x2, x0, #32
+ sub x1, x0, #32
# Add
- adds x8, x12, x4
- adcs x9, x13, x5
- adcs x10, x14, x6
- adc x11, x15, x7
- mov x25, #-19
- asr x28, x11, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ adds x8, x21, x4
+ adcs x9, x22, x5
+ adcs x10, x23, x6
+ adcs x11, x24, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x8, x8, x25
- sbcs x9, x9, x28
- sbcs x10, x10, x28
- sbc x11, x11, x26
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
# Sub
- subs x16, x12, x4
- sbcs x17, x13, x5
- sbcs x19, x14, x6
- sbcs x20, x15, x7
- mov x25, #-19
+ subs x12, x21, x4
+ sbcs x13, x22, x5
+ sbcs x14, x23, x6
+ sbcs x15, x24, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
stp x8, x9, [x0]
stp x10, x11, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x0, [x29, #40]
- ldr x1, [x29, #176]
- ldr x3, [x29, #72]
+ stp x12, x13, [x1]
+ stp x14, x15, [x1, #16]
+ ldr x1, [x29, #24]
+ ldr x2, [x29, #32]
+ add x2, x2, #0x40
+ add x1, x1, #0x60
+ add x0, x0, #0x40
# Multiply
- ldp x16, x17, [x1]
- ldp x19, x20, [x1, #16]
- ldp x21, x22, [x3]
- ldp x23, x24, [x3, #16]
- # A[0] * B[0]
- mul x4, x16, x21
- umulh x5, x16, x21
- # A[0] * B[1]
- mul x25, x16, x22
- umulh x6, x16, x22
- adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x17, x21
- umulh x26, x17, x21
- adds x5, x5, x25
- adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x16, x23
- umulh x26, x16, x23
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x17, x22
- umulh x26, x17, x22
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, xzr, xzr
- # A[2] * B[0]
- mul x25, x19, x21
- umulh x26, x19, x21
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, x8, xzr
- # A[0] * B[3]
- mul x25, x16, x24
- umulh x26, x16, x24
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, xzr, xzr
- # A[1] * B[2]
- mul x25, x17, x23
- umulh x26, x17, x23
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, x9, xzr
- # A[2] * B[1]
- mul x25, x19, x22
- umulh x26, x19, x22
- adds x7, x7, x25
+ ldp x21, x22, [x1]
+ ldp x23, x24, [x1, #16]
+ ldp x4, x5, [x2]
+ ldp x6, x7, [x2, #16]
+ # A[0] * B[0]
+ umulh x17, x21, x4
+ mul x16, x21, x4
+ # A[2] * B[0]
+ umulh x20, x23, x4
+ mul x19, x23, x4
+ # A[1] * B[0]
+ mul x25, x22, x4
+ adds x17, x17, x25
+ umulh x26, x22, x4
+ adcs x19, x19, x26
+ # A[1] * B[3]
+ umulh x9, x22, x7
+ adc x20, x20, xzr
+ mul x8, x22, x7
+ # A[0] * B[1]
+ mul x25, x21, x5
+ adds x17, x17, x25
+ umulh x26, x21, x5
+ adcs x19, x19, x26
+ # A[2] * B[1]
+ mul x25, x23, x5
+ adcs x20, x20, x25
+ umulh x26, x23, x5
adcs x8, x8, x26
adc x9, x9, xzr
- # A[3] * B[0]
- mul x25, x20, x21
- umulh x26, x20, x21
- adds x7, x7, x25
+ # A[1] * B[2]
+ mul x25, x22, x6
+ adds x20, x20, x25
+ umulh x26, x22, x6
adcs x8, x8, x26
- adc x9, x9, xzr
- # A[1] * B[3]
- mul x25, x17, x24
- umulh x26, x17, x24
- adds x8, x8, x25
- adcs x9, x9, x26
+ adcs x9, x9, xzr
adc x10, xzr, xzr
- # A[2] * B[2]
- mul x25, x19, x23
- umulh x26, x19, x23
- adds x8, x8, x25
+ # A[0] * B[2]
+ mul x25, x21, x6
+ adds x19, x19, x25
+ umulh x26, x21, x6
+ adcs x20, x20, x26
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x22, x5
+ adds x19, x19, x25
+ umulh x26, x22, x5
+ adcs x20, x20, x26
+ # A[3] * B[1]
+ mul x25, x24, x5
+ adcs x8, x8, x25
+ umulh x26, x24, x5
adcs x9, x9, x26
adc x10, x10, xzr
- # A[3] * B[1]
- mul x25, x20, x22
- umulh x26, x20, x22
+ # A[2] * B[2]
+ mul x25, x23, x6
adds x8, x8, x25
+ umulh x26, x23, x6
adcs x9, x9, x26
- adc x10, x10, xzr
- # A[2] * B[3]
- mul x25, x19, x24
- umulh x26, x19, x24
- adds x9, x9, x25
+ # A[3] * B[3]
+ mul x25, x24, x7
+ adcs x10, x10, x25
+ umulh x11, x24, x7
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x21, x7
+ adds x20, x20, x25
+ umulh x26, x21, x7
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x23, x7
+ adcs x9, x9, x25
+ umulh x26, x23, x7
adcs x10, x10, x26
- adc x11, xzr, xzr
- # A[3] * B[2]
- mul x25, x20, x23
- umulh x26, x20, x23
- adds x9, x9, x25
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x24, x4
+ adds x20, x20, x25
+ umulh x26, x24, x4
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x24, x6
+ adcs x9, x9, x25
+ umulh x26, x24, x6
adcs x10, x10, x26
adc x11, x11, xzr
- # A[3] * B[3]
- mul x25, x20, x24
- umulh x26, x20, x24
- adds x10, x10, x25
- adc x11, x11, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x20, x20, x26
+ umulh x27, x25, x11
+ adc x27, x27, xzr
mov x25, #19
+ extr x27, x27, x20, #63
+ mul x27, x27, x25
+ and x20, x20, #0x7fffffffffffffff
+ mov x25, #38
mul x26, x25, x8
+ adds x16, x16, x26
umulh x8, x25, x8
- adds x4, x4, x26
mul x26, x25, x9
+ adcs x17, x17, x26
umulh x9, x25, x9
- adcs x5, x5, x26
mul x26, x25, x10
+ adcs x19, x19, x26
umulh x10, x25, x10
- adcs x6, x6, x26
- mul x26, x25, x11
- umulh x27, x25, x11
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x8
- adcs x6, x6, x9
- adcs x7, x7, x10
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x7, #63
- mul x27, x27, x25
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Store
- ldr x0, [x29, #32]
- ldr x1, [x29, #64]
+ adc x20, x20, xzr
+ # Add high product results in
+ adds x16, x16, x27
+ adcs x17, x17, x8
+ adcs x19, x19, x9
+ adc x20, x20, x10
+ sub x1, x1, #32
# Double
- ldp x8, x9, [x1]
- ldp x10, x11, [x1, #16]
- adds x8, x8, x8
- adcs x9, x9, x9
- adcs x10, x10, x10
- adc x11, x11, x11
- mov x25, #-19
- asr x28, x11, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
- # Sub modulus (if overflow)
- subs x8, x8, x25
- sbcs x9, x9, x28
- sbcs x10, x10, x28
- sbc x11, x11, x26
- ldr x1, [x29, #40]
- # Add
- adds x12, x8, x4
- adcs x13, x9, x5
- adcs x14, x10, x6
- adc x15, x11, x7
+ ldp x12, x13, [x1]
+ ldp x14, x15, [x1, #16]
+ adds x12, x12, x12
+ adcs x13, x13, x13
+ adcs x14, x14, x14
+ adc x15, x15, x15
mov x25, #-19
asr x28, x15, #63
# Mask the modulus
@@ -6006,1487 +6983,1865 @@ _fe_ge_msub:
sbcs x13, x13, x28
sbcs x14, x14, x28
sbc x15, x15, x26
+ mov x3, x0
+ sub x2, x0, #32
+ sub x1, x0, #32
+ # Add
+ adds x8, x12, x16
+ adcs x9, x13, x17
+ adcs x10, x14, x19
+ adcs x11, x15, x20
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
+ # Sub modulus (if overflow)
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
# Sub
- subs x16, x8, x4
- sbcs x17, x9, x5
- sbcs x19, x10, x6
- sbcs x20, x11, x7
- mov x25, #-19
+ subs x4, x12, x16
+ sbcs x5, x13, x17
+ sbcs x6, x14, x19
+ sbcs x7, x15, x20
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x7, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
- stp x12, x13, [x1]
- stp x14, x15, [x1, #16]
- stp x16, x17, [x0]
- stp x19, x20, [x0, #16]
- ldr x17, [x29, #88]
- ldr x19, [x29, #96]
- ldp x20, x21, [x29, #104]
- ldp x22, x23, [x29, #120]
- ldp x24, x25, [x29, #136]
- ldp x26, x27, [x29, #152]
- ldr x28, [x29, #168]
- ldp x29, x30, [sp], #0xb0
+ subs x4, x4, x25
+ sbcs x5, x5, xzr
+ and x7, x7, #0x7fffffffffffffff
+ sbcs x6, x6, xzr
+ sbc x7, x7, xzr
+ stp x8, x9, [x0]
+ stp x10, x11, [x0, #16]
+ stp x4, x5, [x1]
+ stp x6, x7, [x1, #16]
+ ldr x17, [x29, #56]
+ ldr x19, [x29, #64]
+ ldp x20, x21, [x29, #72]
+ ldp x22, x23, [x29, #88]
+ ldp x24, x25, [x29, #104]
+ ldp x26, x27, [x29, #120]
+ ldr x28, [x29, #136]
+ ldp x29, x30, [sp], #0x90
ret
#ifndef __APPLE__
- .size fe_ge_msub,.-fe_ge_msub
+ .size ge_msub,.-ge_msub
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_add
-.type fe_ge_add,@function
+.globl ge_add
+.type ge_add,@function
.align 2
-fe_ge_add:
+ge_add:
#else
.section __TEXT,__text
-.globl _fe_ge_add
+.globl _ge_add
.p2align 2
-_fe_ge_add:
+_ge_add:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-176]!
+ stp x29, x30, [sp, #-144]!
add x29, sp, #0
- str x17, [x29, #88]
- str x19, [x29, #96]
- stp x20, x21, [x29, #104]
- stp x22, x23, [x29, #120]
- stp x24, x25, [x29, #136]
- stp x26, x27, [x29, #152]
- str x28, [x29, #168]
+ str x17, [x29, #56]
+ str x19, [x29, #64]
+ stp x20, x21, [x29, #72]
+ stp x22, x23, [x29, #88]
+ stp x24, x25, [x29, #104]
+ stp x26, x27, [x29, #120]
+ str x28, [x29, #136]
str x0, [x29, #16]
str x1, [x29, #24]
str x2, [x29, #32]
- str x3, [x29, #40]
- str x4, [x29, #48]
- str x5, [x29, #56]
- str x6, [x29, #64]
- str x7, [x29, #72]
- ldr x2, [x29, #56]
- ldr x3, [x29, #48]
+ mov x3, x1
+ add x2, x1, #32
+ add x1, x0, #32
# Add
- ldp x12, x13, [x2]
- ldp x14, x15, [x2, #16]
- ldp x16, x17, [x3]
- ldp x19, x20, [x3, #16]
- adds x4, x12, x16
- adcs x5, x13, x17
- adcs x6, x14, x19
- adc x7, x15, x20
- mov x25, #-19
- asr x28, x7, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ ldp x4, x5, [x3]
+ ldp x6, x7, [x3, #16]
+ adds x16, x8, x4
+ adcs x17, x9, x5
+ adcs x19, x10, x6
+ adcs x20, x11, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x20, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x4, x4, x25
- sbcs x5, x5, x28
- sbcs x6, x6, x28
- sbc x7, x7, x26
+ adds x16, x16, x25
+ adcs x17, x17, xzr
+ and x20, x20, #0x7fffffffffffffff
+ adcs x19, x19, xzr
+ adc x20, x20, xzr
# Sub
- subs x8, x12, x16
- sbcs x9, x13, x17
- sbcs x10, x14, x19
- sbcs x11, x15, x20
- mov x25, #-19
+ subs x12, x8, x4
+ sbcs x13, x9, x5
+ sbcs x14, x10, x6
+ sbcs x15, x11, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x8, x8, x25
- adcs x9, x9, x28
- adcs x10, x10, x28
- adc x11, x11, x26
- ldr x0, [x29, #32]
- ldr x2, [x29, #192]
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
+ ldr x2, [x29, #32]
+ mov x1, x0
# Multiply
- ldp x21, x22, [x2]
- ldp x23, x24, [x2, #16]
- # A[0] * B[0]
- mul x12, x4, x21
- umulh x13, x4, x21
- # A[0] * B[1]
- mul x25, x4, x22
- umulh x14, x4, x22
- adds x13, x13, x25
- adc x14, x14, xzr
- # A[1] * B[0]
- mul x25, x5, x21
- umulh x26, x5, x21
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, xzr, xzr
- # A[0] * B[2]
- mul x25, x4, x23
- umulh x26, x4, x23
- adds x14, x14, x25
- adc x15, x15, x26
- # A[1] * B[1]
- mul x25, x5, x22
- umulh x26, x5, x22
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x6, x21
- umulh x26, x6, x21
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x4, x24
- umulh x26, x4, x24
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x5, x23
- umulh x26, x5, x23
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x6, x22
- umulh x26, x6, x22
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x7, x21
- umulh x26, x7, x21
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x5, x24
- umulh x26, x5, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x6, x23
- umulh x26, x6, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x7, x22
- umulh x26, x7, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x6, x24
- umulh x26, x6, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x7, x23
- umulh x26, x7, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x7, x24
- umulh x26, x7, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ # A[0] * B[0]
+ umulh x22, x16, x8
+ mul x21, x16, x8
+ # A[2] * B[0]
+ umulh x24, x19, x8
+ mul x23, x19, x8
+ # A[1] * B[0]
+ mul x25, x17, x8
+ adds x22, x22, x25
+ umulh x26, x17, x8
+ adcs x23, x23, x26
+ # A[1] * B[3]
+ umulh x5, x17, x11
+ adc x24, x24, xzr
+ mul x4, x17, x11
+ # A[0] * B[1]
+ mul x25, x16, x9
+ adds x22, x22, x25
+ umulh x26, x16, x9
+ adcs x23, x23, x26
+ # A[2] * B[1]
+ mul x25, x19, x9
+ adcs x24, x24, x25
+ umulh x26, x19, x9
+ adcs x4, x4, x26
+ adc x5, x5, xzr
+ # A[1] * B[2]
+ mul x25, x17, x10
+ adds x24, x24, x25
+ umulh x26, x17, x10
+ adcs x4, x4, x26
+ adcs x5, x5, xzr
+ adc x6, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x16, x10
+ adds x23, x23, x25
+ umulh x26, x16, x10
+ adcs x24, x24, x26
+ adcs x4, x4, xzr
+ adcs x5, x5, xzr
+ adc x6, x6, xzr
+ # A[1] * B[1]
+ mul x25, x17, x9
+ adds x23, x23, x25
+ umulh x26, x17, x9
+ adcs x24, x24, x26
+ # A[3] * B[1]
+ mul x25, x20, x9
+ adcs x4, x4, x25
+ umulh x26, x20, x9
+ adcs x5, x5, x26
+ adc x6, x6, xzr
+ # A[2] * B[2]
+ mul x25, x19, x10
+ adds x4, x4, x25
+ umulh x26, x19, x10
+ adcs x5, x5, x26
+ # A[3] * B[3]
+ mul x25, x20, x11
+ adcs x6, x6, x25
+ umulh x7, x20, x11
+ adc x7, x7, xzr
+ # A[0] * B[3]
+ mul x25, x16, x11
+ adds x24, x24, x25
+ umulh x26, x16, x11
+ adcs x4, x4, x26
+ # A[2] * B[3]
+ mul x25, x19, x11
+ adcs x5, x5, x25
+ umulh x26, x19, x11
+ adcs x6, x6, x26
+ adc x7, x7, xzr
+ # A[3] * B[0]
+ mul x25, x20, x8
+ adds x24, x24, x25
+ umulh x26, x20, x8
+ adcs x4, x4, x26
+ # A[3] * B[2]
+ mul x25, x20, x10
+ adcs x5, x5, x25
+ umulh x26, x20, x10
+ adcs x6, x6, x26
+ adc x7, x7, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x15, #63
- and x15, x15, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x12, x12, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x13, x13, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x14, x14, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x15, x15, x26
+ mov x25, #38
+ mul x26, x25, x7
+ adds x24, x24, x26
+ umulh x27, x25, x7
adc x27, x27, xzr
- # Add remaining product results in
- adds x13, x13, x16
- adcs x14, x14, x17
- adcs x15, x15, x19
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x15, #63
+ mov x25, #19
+ extr x27, x27, x24, #63
mul x27, x27, x25
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
- # Reduce if top bit set
- and x27, x25, x15, asr 63
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
+ and x24, x24, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x4
+ adds x21, x21, x26
+ umulh x4, x25, x4
+ mul x26, x25, x5
+ adcs x22, x22, x26
+ umulh x5, x25, x5
+ mul x26, x25, x6
+ adcs x23, x23, x26
+ umulh x6, x25, x6
+ adc x24, x24, xzr
+ # Add high product results in
+ adds x21, x21, x27
+ adcs x22, x22, x4
+ adcs x23, x23, x5
+ adc x24, x24, x6
# Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #200]
+ stp x21, x22, [x0]
+ stp x23, x24, [x0, #16]
+ add x2, x2, #32
+ add x1, x0, #32
+ add x0, x0, #32
# Multiply
- ldp x21, x22, [x1]
- ldp x23, x24, [x1, #16]
- # A[0] * B[0]
- mul x4, x8, x21
- umulh x5, x8, x21
- # A[0] * B[1]
- mul x25, x8, x22
- umulh x6, x8, x22
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
+ # A[0] * B[0]
+ umulh x5, x12, x16
+ mul x4, x12, x16
+ # A[2] * B[0]
+ umulh x7, x14, x16
+ mul x6, x14, x16
+ # A[1] * B[0]
+ mul x25, x13, x16
adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x9, x21
- umulh x26, x9, x21
+ umulh x26, x13, x16
+ adcs x6, x6, x26
+ # A[1] * B[3]
+ umulh x9, x13, x20
+ adc x7, x7, xzr
+ mul x8, x13, x20
+ # A[0] * B[1]
+ mul x25, x12, x17
adds x5, x5, x25
+ umulh x26, x12, x17
adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x8, x23
- umulh x26, x8, x23
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x9, x22
- umulh x26, x9, x22
+ # A[2] * B[1]
+ mul x25, x14, x17
+ adcs x7, x7, x25
+ umulh x26, x14, x17
+ adcs x8, x8, x26
+ adc x9, x9, xzr
+ # A[1] * B[2]
+ mul x25, x13, x19
+ adds x7, x7, x25
+ umulh x26, x13, x19
+ adcs x8, x8, x26
+ adcs x9, x9, xzr
+ adc x10, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x12, x19
adds x6, x6, x25
+ umulh x26, x12, x19
adcs x7, x7, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x10, x21
- umulh x26, x10, x21
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x13, x17
adds x6, x6, x25
+ umulh x26, x13, x17
adcs x7, x7, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x8, x24
- umulh x26, x8, x24
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x9, x23
- umulh x26, x9, x23
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x10, x22
- umulh x26, x10, x22
+ # A[3] * B[1]
+ mul x25, x15, x17
+ adcs x8, x8, x25
+ umulh x26, x15, x17
+ adcs x9, x9, x26
+ adc x10, x10, xzr
+ # A[2] * B[2]
+ mul x25, x14, x19
+ adds x8, x8, x25
+ umulh x26, x14, x19
+ adcs x9, x9, x26
+ # A[3] * B[3]
+ mul x25, x15, x20
+ adcs x10, x10, x25
+ umulh x11, x15, x20
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x12, x20
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x11, x21
- umulh x26, x11, x21
+ umulh x26, x12, x20
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x14, x20
+ adcs x9, x9, x25
+ umulh x26, x14, x20
+ adcs x10, x10, x26
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x15, x16
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x9, x24
- umulh x26, x9, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x10, x23
- umulh x26, x10, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x11, x22
- umulh x26, x11, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x10, x24
- umulh x26, x10, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x11, x23
- umulh x26, x11, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x11, x24
- umulh x26, x11, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ umulh x26, x15, x16
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x15, x19
+ adcs x9, x9, x25
+ umulh x26, x15, x19
+ adcs x10, x10, x26
+ adc x11, x11, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x4, x4, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x5, x5, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x6, x6, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x16
- adcs x6, x6, x17
- adcs x7, x7, x19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x7, x7, x26
+ umulh x27, x25, x11
adc x27, x27, xzr
- # Overflow
+ mov x25, #19
extr x27, x27, x7, #63
mul x27, x27, x25
and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
+ mov x25, #38
+ mul x26, x25, x8
+ adds x4, x4, x26
+ umulh x8, x25, x8
+ mul x26, x25, x9
+ adcs x5, x5, x26
+ umulh x9, x25, x9
+ mul x26, x25, x10
+ adcs x6, x6, x26
+ umulh x10, x25, x10
adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
+ # Add high product results in
adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
+ adcs x5, x5, x8
+ adcs x6, x6, x9
+ adc x7, x7, x10
# Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #16]
+ stp x4, x5, [x0]
+ stp x6, x7, [x0, #16]
+ mov x3, x0
+ sub x2, x0, #32
+ sub x1, x0, #32
# Add
- adds x8, x12, x4
- adcs x9, x13, x5
- adcs x10, x14, x6
- adc x11, x15, x7
- mov x25, #-19
- asr x28, x11, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ adds x8, x21, x4
+ adcs x9, x22, x5
+ adcs x10, x23, x6
+ adcs x11, x24, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x8, x8, x25
- sbcs x9, x9, x28
- sbcs x10, x10, x28
- sbc x11, x11, x26
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
# Sub
- subs x16, x12, x4
- sbcs x17, x13, x5
- sbcs x19, x14, x6
- sbcs x20, x15, x7
- mov x25, #-19
+ subs x12, x21, x4
+ sbcs x13, x22, x5
+ sbcs x14, x23, x6
+ sbcs x15, x24, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
stp x8, x9, [x0]
stp x10, x11, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x0, [x29, #48]
- ldr x1, [x29, #64]
- ldr x2, [x29, #176]
+ stp x12, x13, [x1]
+ stp x14, x15, [x1, #16]
+ ldr x1, [x29, #24]
+ ldr x2, [x29, #32]
+ add x2, x2, #0x60
+ add x1, x1, #0x60
+ add x0, x0, #0x40
# Multiply
- ldp x12, x13, [x1]
- ldp x14, x15, [x1, #16]
- ldp x16, x17, [x2]
- ldp x19, x20, [x2, #16]
- # A[0] * B[0]
- mul x4, x12, x16
- umulh x5, x12, x16
- # A[0] * B[1]
- mul x25, x12, x17
- umulh x6, x12, x17
- adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x13, x16
- umulh x26, x13, x16
- adds x5, x5, x25
- adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x12, x19
- umulh x26, x12, x19
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x13, x17
- umulh x26, x13, x17
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, xzr, xzr
- # A[2] * B[0]
- mul x25, x14, x16
- umulh x26, x14, x16
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, x8, xzr
- # A[0] * B[3]
- mul x25, x12, x20
- umulh x26, x12, x20
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, xzr, xzr
- # A[1] * B[2]
- mul x25, x13, x19
- umulh x26, x13, x19
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, x9, xzr
- # A[2] * B[1]
- mul x25, x14, x17
- umulh x26, x14, x17
- adds x7, x7, x25
+ ldp x21, x22, [x1]
+ ldp x23, x24, [x1, #16]
+ ldp x4, x5, [x2]
+ ldp x6, x7, [x2, #16]
+ # A[0] * B[0]
+ umulh x17, x21, x4
+ mul x16, x21, x4
+ # A[2] * B[0]
+ umulh x20, x23, x4
+ mul x19, x23, x4
+ # A[1] * B[0]
+ mul x25, x22, x4
+ adds x17, x17, x25
+ umulh x26, x22, x4
+ adcs x19, x19, x26
+ # A[1] * B[3]
+ umulh x9, x22, x7
+ adc x20, x20, xzr
+ mul x8, x22, x7
+ # A[0] * B[1]
+ mul x25, x21, x5
+ adds x17, x17, x25
+ umulh x26, x21, x5
+ adcs x19, x19, x26
+ # A[2] * B[1]
+ mul x25, x23, x5
+ adcs x20, x20, x25
+ umulh x26, x23, x5
adcs x8, x8, x26
adc x9, x9, xzr
- # A[3] * B[0]
- mul x25, x15, x16
- umulh x26, x15, x16
- adds x7, x7, x25
+ # A[1] * B[2]
+ mul x25, x22, x6
+ adds x20, x20, x25
+ umulh x26, x22, x6
adcs x8, x8, x26
- adc x9, x9, xzr
- # A[1] * B[3]
- mul x25, x13, x20
- umulh x26, x13, x20
- adds x8, x8, x25
- adcs x9, x9, x26
+ adcs x9, x9, xzr
adc x10, xzr, xzr
- # A[2] * B[2]
- mul x25, x14, x19
- umulh x26, x14, x19
- adds x8, x8, x25
+ # A[0] * B[2]
+ mul x25, x21, x6
+ adds x19, x19, x25
+ umulh x26, x21, x6
+ adcs x20, x20, x26
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x22, x5
+ adds x19, x19, x25
+ umulh x26, x22, x5
+ adcs x20, x20, x26
+ # A[3] * B[1]
+ mul x25, x24, x5
+ adcs x8, x8, x25
+ umulh x26, x24, x5
adcs x9, x9, x26
adc x10, x10, xzr
- # A[3] * B[1]
- mul x25, x15, x17
- umulh x26, x15, x17
+ # A[2] * B[2]
+ mul x25, x23, x6
adds x8, x8, x25
+ umulh x26, x23, x6
adcs x9, x9, x26
- adc x10, x10, xzr
- # A[2] * B[3]
- mul x25, x14, x20
- umulh x26, x14, x20
- adds x9, x9, x25
+ # A[3] * B[3]
+ mul x25, x24, x7
+ adcs x10, x10, x25
+ umulh x11, x24, x7
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x21, x7
+ adds x20, x20, x25
+ umulh x26, x21, x7
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x23, x7
+ adcs x9, x9, x25
+ umulh x26, x23, x7
adcs x10, x10, x26
- adc x11, xzr, xzr
- # A[3] * B[2]
- mul x25, x15, x19
- umulh x26, x15, x19
- adds x9, x9, x25
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x24, x4
+ adds x20, x20, x25
+ umulh x26, x24, x4
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x24, x6
+ adcs x9, x9, x25
+ umulh x26, x24, x6
adcs x10, x10, x26
adc x11, x11, xzr
- # A[3] * B[3]
- mul x25, x15, x20
- umulh x26, x15, x20
- adds x10, x10, x25
- adc x11, x11, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x20, x20, x26
+ umulh x27, x25, x11
+ adc x27, x27, xzr
mov x25, #19
+ extr x27, x27, x20, #63
+ mul x27, x27, x25
+ and x20, x20, #0x7fffffffffffffff
+ mov x25, #38
mul x26, x25, x8
+ adds x16, x16, x26
umulh x8, x25, x8
- adds x4, x4, x26
mul x26, x25, x9
+ adcs x17, x17, x26
umulh x9, x25, x9
- adcs x5, x5, x26
mul x26, x25, x10
+ adcs x19, x19, x26
umulh x10, x25, x10
- adcs x6, x6, x26
- mul x26, x25, x11
- umulh x27, x25, x11
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x8
- adcs x6, x6, x9
- adcs x7, x7, x10
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x7, #63
- mul x27, x27, x25
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
+ adc x20, x20, xzr
+ # Add high product results in
+ adds x16, x16, x27
+ adcs x17, x17, x8
+ adcs x19, x19, x9
+ adc x20, x20, x10
# Store
- ldr x0, [x29, #48]
- # Double
- adds x4, x4, x4
- adcs x5, x5, x5
- adcs x6, x6, x6
- adc x7, x7, x7
- mov x25, #-19
- asr x28, x7, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
- # Sub modulus (if overflow)
- subs x4, x4, x25
- sbcs x5, x5, x28
- sbcs x6, x6, x28
- sbc x7, x7, x26
- ldr x0, [x29, #40]
- ldr x1, [x29, #184]
- ldr x2, [x29, #72]
+ stp x16, x17, [x0]
+ stp x19, x20, [x0, #16]
+ sub x3, x2, #32
+ sub x2, x1, #32
+ sub x1, x0, #32
# Multiply
- ldp x16, x17, [x1]
- ldp x19, x20, [x1, #16]
- ldp x21, x22, [x2]
- ldp x23, x24, [x2, #16]
- # A[0] * B[0]
- mul x8, x16, x21
- umulh x9, x16, x21
- # A[0] * B[1]
- mul x25, x16, x22
- umulh x10, x16, x22
+ ldp x4, x5, [x2]
+ ldp x6, x7, [x2, #16]
+ ldp x12, x13, [x3]
+ ldp x14, x15, [x3, #16]
+ # A[0] * B[0]
+ umulh x9, x4, x12
+ mul x8, x4, x12
+ # A[2] * B[0]
+ umulh x11, x6, x12
+ mul x10, x6, x12
+ # A[1] * B[0]
+ mul x25, x5, x12
adds x9, x9, x25
- adc x10, x10, xzr
- # A[1] * B[0]
- mul x25, x17, x21
- umulh x26, x17, x21
+ umulh x26, x5, x12
+ adcs x10, x10, x26
+ # A[1] * B[3]
+ umulh x17, x5, x15
+ adc x11, x11, xzr
+ mul x16, x5, x15
+ # A[0] * B[1]
+ mul x25, x4, x13
adds x9, x9, x25
+ umulh x26, x4, x13
adcs x10, x10, x26
- adc x11, xzr, xzr
- # A[0] * B[2]
- mul x25, x16, x23
- umulh x26, x16, x23
- adds x10, x10, x25
- adc x11, x11, x26
- # A[1] * B[1]
- mul x25, x17, x22
- umulh x26, x17, x22
+ # A[2] * B[1]
+ mul x25, x6, x13
+ adcs x11, x11, x25
+ umulh x26, x6, x13
+ adcs x16, x16, x26
+ adc x17, x17, xzr
+ # A[1] * B[2]
+ mul x25, x5, x14
+ adds x11, x11, x25
+ umulh x26, x5, x14
+ adcs x16, x16, x26
+ adcs x17, x17, xzr
+ adc x19, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x4, x14
adds x10, x10, x25
+ umulh x26, x4, x14
adcs x11, x11, x26
- adc x12, xzr, xzr
- # A[2] * B[0]
- mul x25, x19, x21
- umulh x26, x19, x21
+ adcs x16, x16, xzr
+ adcs x17, x17, xzr
+ adc x19, x19, xzr
+ # A[1] * B[1]
+ mul x25, x5, x13
adds x10, x10, x25
+ umulh x26, x5, x13
adcs x11, x11, x26
- adc x12, x12, xzr
- # A[0] * B[3]
- mul x25, x16, x24
- umulh x26, x16, x24
- adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, xzr, xzr
- # A[1] * B[2]
- mul x25, x17, x23
- umulh x26, x17, x23
- adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, x13, xzr
- # A[2] * B[1]
- mul x25, x19, x22
- umulh x26, x19, x22
+ # A[3] * B[1]
+ mul x25, x7, x13
+ adcs x16, x16, x25
+ umulh x26, x7, x13
+ adcs x17, x17, x26
+ adc x19, x19, xzr
+ # A[2] * B[2]
+ mul x25, x6, x14
+ adds x16, x16, x25
+ umulh x26, x6, x14
+ adcs x17, x17, x26
+ # A[3] * B[3]
+ mul x25, x7, x15
+ adcs x19, x19, x25
+ umulh x20, x7, x15
+ adc x20, x20, xzr
+ # A[0] * B[3]
+ mul x25, x4, x15
adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, x13, xzr
- # A[3] * B[0]
- mul x25, x20, x21
- umulh x26, x20, x21
+ umulh x26, x4, x15
+ adcs x16, x16, x26
+ # A[2] * B[3]
+ mul x25, x6, x15
+ adcs x17, x17, x25
+ umulh x26, x6, x15
+ adcs x19, x19, x26
+ adc x20, x20, xzr
+ # A[3] * B[0]
+ mul x25, x7, x12
adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, x13, xzr
- # A[1] * B[3]
- mul x25, x17, x24
- umulh x26, x17, x24
- adds x12, x12, x25
- adcs x13, x13, x26
- adc x14, xzr, xzr
- # A[2] * B[2]
- mul x25, x19, x23
- umulh x26, x19, x23
- adds x12, x12, x25
- adcs x13, x13, x26
- adc x14, x14, xzr
- # A[3] * B[1]
- mul x25, x20, x22
- umulh x26, x20, x22
- adds x12, x12, x25
- adcs x13, x13, x26
- adc x14, x14, xzr
- # A[2] * B[3]
- mul x25, x19, x24
- umulh x26, x19, x24
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, xzr, xzr
- # A[3] * B[2]
- mul x25, x20, x23
- umulh x26, x20, x23
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, x15, xzr
- # A[3] * B[3]
- mul x25, x20, x24
- umulh x26, x20, x24
- adds x14, x14, x25
- adc x15, x15, x26
+ umulh x26, x7, x12
+ adcs x16, x16, x26
+ # A[3] * B[2]
+ mul x25, x7, x14
+ adcs x17, x17, x25
+ umulh x26, x7, x14
+ adcs x19, x19, x26
+ adc x20, x20, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x15, x15, x14, #63
- extr x14, x14, x13, #63
- extr x13, x13, x12, #63
- extr x12, x12, x11, #63
- and x11, x11, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x12
- umulh x12, x25, x12
- adds x8, x8, x26
- mul x26, x25, x13
- umulh x13, x25, x13
- adcs x9, x9, x26
- mul x26, x25, x14
- umulh x14, x25, x14
- adcs x10, x10, x26
- mul x26, x25, x15
- umulh x27, x25, x15
- adcs x11, x11, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x9, x9, x12
- adcs x10, x10, x13
- adcs x11, x11, x14
+ mov x25, #38
+ mul x26, x25, x20
+ adds x11, x11, x26
+ umulh x27, x25, x20
adc x27, x27, xzr
- # Overflow
+ mov x25, #19
extr x27, x27, x11, #63
mul x27, x27, x25
and x11, x11, #0x7fffffffffffffff
- adds x8, x8, x27
- adcs x9, x9, xzr
- adcs x10, x10, xzr
+ mov x25, #38
+ mul x26, x25, x16
+ adds x8, x8, x26
+ umulh x16, x25, x16
+ mul x26, x25, x17
+ adcs x9, x9, x26
+ umulh x17, x25, x17
+ mul x26, x25, x19
+ adcs x10, x10, x26
+ umulh x19, x25, x19
adc x11, x11, xzr
- # Reduce if top bit set
- and x27, x25, x11, asr 63
- and x11, x11, #0x7fffffffffffffff
+ # Add high product results in
adds x8, x8, x27
- adcs x9, x9, xzr
- adcs x10, x10, xzr
- adc x11, x11, xzr
- # Store
- ldr x0, [x29, #32]
- ldr x1, [x29, #40]
- # Add
- adds x12, x4, x8
- adcs x13, x5, x9
- adcs x14, x6, x10
- adc x15, x7, x11
+ adcs x9, x9, x16
+ adcs x10, x10, x17
+ adc x11, x11, x19
+ # Double
+ adds x8, x8, x8
+ adcs x9, x9, x9
+ adcs x10, x10, x10
+ adc x11, x11, x11
mov x25, #-19
- asr x28, x15, #63
+ asr x28, x11, #63
# Mask the modulus
and x25, x28, x25
and x26, x28, #0x7fffffffffffffff
# Sub modulus (if overflow)
- subs x12, x12, x25
- sbcs x13, x13, x28
- sbcs x14, x14, x28
- sbc x15, x15, x26
+ subs x8, x8, x25
+ sbcs x9, x9, x28
+ sbcs x10, x10, x28
+ sbc x11, x11, x26
+ mov x3, x0
+ sub x2, x0, #32
+ mov x1, x0
+ sub x0, x0, #32
+ # Add
+ ldp x4, x5, [x3]
+ ldp x6, x7, [x3, #16]
+ adds x21, x8, x4
+ adcs x22, x9, x5
+ adcs x23, x10, x6
+ adcs x24, x11, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x24, #63
+ mul x25, x28, x25
+ # Sub modulus (if overflow)
+ adds x21, x21, x25
+ adcs x22, x22, xzr
+ and x24, x24, #0x7fffffffffffffff
+ adcs x23, x23, xzr
+ adc x24, x24, xzr
# Sub
- subs x16, x4, x8
- sbcs x17, x5, x9
- sbcs x19, x6, x10
- sbcs x20, x7, x11
- mov x25, #-19
+ subs x12, x8, x4
+ sbcs x13, x9, x5
+ sbcs x14, x10, x6
+ sbcs x15, x11, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
- stp x12, x13, [x0]
- stp x14, x15, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x17, [x29, #88]
- ldr x19, [x29, #96]
- ldp x20, x21, [x29, #104]
- ldp x22, x23, [x29, #120]
- ldp x24, x25, [x29, #136]
- ldp x26, x27, [x29, #152]
- ldr x28, [x29, #168]
- ldp x29, x30, [sp], #0xb0
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
+ stp x21, x22, [x0]
+ stp x23, x24, [x0, #16]
+ stp x12, x13, [x1]
+ stp x14, x15, [x1, #16]
+ ldr x17, [x29, #56]
+ ldr x19, [x29, #64]
+ ldp x20, x21, [x29, #72]
+ ldp x22, x23, [x29, #88]
+ ldp x24, x25, [x29, #104]
+ ldp x26, x27, [x29, #120]
+ ldr x28, [x29, #136]
+ ldp x29, x30, [sp], #0x90
ret
#ifndef __APPLE__
- .size fe_ge_add,.-fe_ge_add
+ .size ge_add,.-ge_add
#endif /* __APPLE__ */
#ifndef __APPLE__
.text
-.globl fe_ge_sub
-.type fe_ge_sub,@function
+.globl ge_sub
+.type ge_sub,@function
.align 2
-fe_ge_sub:
+ge_sub:
#else
.section __TEXT,__text
-.globl _fe_ge_sub
+.globl _ge_sub
.p2align 2
-_fe_ge_sub:
+_ge_sub:
#endif /* __APPLE__ */
- stp x29, x30, [sp, #-176]!
+ stp x29, x30, [sp, #-144]!
add x29, sp, #0
- str x17, [x29, #88]
- str x19, [x29, #96]
- stp x20, x21, [x29, #104]
- stp x22, x23, [x29, #120]
- stp x24, x25, [x29, #136]
- stp x26, x27, [x29, #152]
- str x28, [x29, #168]
+ str x17, [x29, #56]
+ str x19, [x29, #64]
+ stp x20, x21, [x29, #72]
+ stp x22, x23, [x29, #88]
+ stp x24, x25, [x29, #104]
+ stp x26, x27, [x29, #120]
+ str x28, [x29, #136]
str x0, [x29, #16]
str x1, [x29, #24]
str x2, [x29, #32]
- str x3, [x29, #40]
- str x4, [x29, #48]
- str x5, [x29, #56]
- str x6, [x29, #64]
- str x7, [x29, #72]
- ldr x2, [x29, #56]
- ldr x3, [x29, #48]
+ mov x3, x1
+ add x2, x1, #32
+ add x1, x0, #32
# Add
- ldp x12, x13, [x2]
- ldp x14, x15, [x2, #16]
- ldp x16, x17, [x3]
- ldp x19, x20, [x3, #16]
- adds x4, x12, x16
- adcs x5, x13, x17
- adcs x6, x14, x19
- adc x7, x15, x20
- mov x25, #-19
- asr x28, x7, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ ldp x4, x5, [x3]
+ ldp x6, x7, [x3, #16]
+ adds x16, x8, x4
+ adcs x17, x9, x5
+ adcs x19, x10, x6
+ adcs x20, x11, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x20, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x4, x4, x25
- sbcs x5, x5, x28
- sbcs x6, x6, x28
- sbc x7, x7, x26
+ adds x16, x16, x25
+ adcs x17, x17, xzr
+ and x20, x20, #0x7fffffffffffffff
+ adcs x19, x19, xzr
+ adc x20, x20, xzr
# Sub
- subs x8, x12, x16
- sbcs x9, x13, x17
- sbcs x10, x14, x19
- sbcs x11, x15, x20
- mov x25, #-19
+ subs x12, x8, x4
+ sbcs x13, x9, x5
+ sbcs x14, x10, x6
+ sbcs x15, x11, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x8, x8, x25
- adcs x9, x9, x28
- adcs x10, x10, x28
- adc x11, x11, x26
- ldr x0, [x29, #32]
- ldr x2, [x29, #200]
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
+ ldr x2, [x29, #32]
+ add x2, x2, #32
+ mov x1, x0
# Multiply
- ldp x21, x22, [x2]
- ldp x23, x24, [x2, #16]
- # A[0] * B[0]
- mul x12, x4, x21
- umulh x13, x4, x21
- # A[0] * B[1]
- mul x25, x4, x22
- umulh x14, x4, x22
- adds x13, x13, x25
- adc x14, x14, xzr
- # A[1] * B[0]
- mul x25, x5, x21
- umulh x26, x5, x21
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, xzr, xzr
- # A[0] * B[2]
- mul x25, x4, x23
- umulh x26, x4, x23
- adds x14, x14, x25
- adc x15, x15, x26
- # A[1] * B[1]
- mul x25, x5, x22
- umulh x26, x5, x22
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x6, x21
- umulh x26, x6, x21
- adds x14, x14, x25
- adcs x15, x15, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x4, x24
- umulh x26, x4, x24
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x5, x23
- umulh x26, x5, x23
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x6, x22
- umulh x26, x6, x22
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x7, x21
- umulh x26, x7, x21
- adds x15, x15, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x5, x24
- umulh x26, x5, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x6, x23
- umulh x26, x6, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x7, x22
- umulh x26, x7, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x6, x24
- umulh x26, x6, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x7, x23
- umulh x26, x7, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x7, x24
- umulh x26, x7, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ ldp x8, x9, [x2]
+ ldp x10, x11, [x2, #16]
+ # A[0] * B[0]
+ umulh x22, x16, x8
+ mul x21, x16, x8
+ # A[2] * B[0]
+ umulh x24, x19, x8
+ mul x23, x19, x8
+ # A[1] * B[0]
+ mul x25, x17, x8
+ adds x22, x22, x25
+ umulh x26, x17, x8
+ adcs x23, x23, x26
+ # A[1] * B[3]
+ umulh x5, x17, x11
+ adc x24, x24, xzr
+ mul x4, x17, x11
+ # A[0] * B[1]
+ mul x25, x16, x9
+ adds x22, x22, x25
+ umulh x26, x16, x9
+ adcs x23, x23, x26
+ # A[2] * B[1]
+ mul x25, x19, x9
+ adcs x24, x24, x25
+ umulh x26, x19, x9
+ adcs x4, x4, x26
+ adc x5, x5, xzr
+ # A[1] * B[2]
+ mul x25, x17, x10
+ adds x24, x24, x25
+ umulh x26, x17, x10
+ adcs x4, x4, x26
+ adcs x5, x5, xzr
+ adc x6, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x16, x10
+ adds x23, x23, x25
+ umulh x26, x16, x10
+ adcs x24, x24, x26
+ adcs x4, x4, xzr
+ adcs x5, x5, xzr
+ adc x6, x6, xzr
+ # A[1] * B[1]
+ mul x25, x17, x9
+ adds x23, x23, x25
+ umulh x26, x17, x9
+ adcs x24, x24, x26
+ # A[3] * B[1]
+ mul x25, x20, x9
+ adcs x4, x4, x25
+ umulh x26, x20, x9
+ adcs x5, x5, x26
+ adc x6, x6, xzr
+ # A[2] * B[2]
+ mul x25, x19, x10
+ adds x4, x4, x25
+ umulh x26, x19, x10
+ adcs x5, x5, x26
+ # A[3] * B[3]
+ mul x25, x20, x11
+ adcs x6, x6, x25
+ umulh x7, x20, x11
+ adc x7, x7, xzr
+ # A[0] * B[3]
+ mul x25, x16, x11
+ adds x24, x24, x25
+ umulh x26, x16, x11
+ adcs x4, x4, x26
+ # A[2] * B[3]
+ mul x25, x19, x11
+ adcs x5, x5, x25
+ umulh x26, x19, x11
+ adcs x6, x6, x26
+ adc x7, x7, xzr
+ # A[3] * B[0]
+ mul x25, x20, x8
+ adds x24, x24, x25
+ umulh x26, x20, x8
+ adcs x4, x4, x26
+ # A[3] * B[2]
+ mul x25, x20, x10
+ adcs x5, x5, x25
+ umulh x26, x20, x10
+ adcs x6, x6, x26
+ adc x7, x7, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x15, #63
- and x15, x15, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x12, x12, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x13, x13, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x14, x14, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x15, x15, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x13, x13, x16
- adcs x14, x14, x17
- adcs x15, x15, x19
+ mov x25, #38
+ mul x26, x25, x7
+ adds x24, x24, x26
+ umulh x27, x25, x7
adc x27, x27, xzr
- # Overflow
- extr x27, x27, x15, #63
+ mov x25, #19
+ extr x27, x27, x24, #63
mul x27, x27, x25
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
+ and x24, x24, #0x7fffffffffffffff
+ mov x25, #38
+ mul x26, x25, x4
+ adds x21, x21, x26
+ umulh x4, x25, x4
+ mul x26, x25, x5
+ adcs x22, x22, x26
+ umulh x5, x25, x5
+ mul x26, x25, x6
+ adcs x23, x23, x26
+ umulh x6, x25, x6
+ adc x24, x24, xzr
+ # Add high product results in
+ adds x21, x21, x27
+ adcs x22, x22, x4
+ adcs x23, x23, x5
+ adc x24, x24, x6
# Reduce if top bit set
- and x27, x25, x15, asr 63
- and x15, x15, #0x7fffffffffffffff
- adds x12, x12, x27
- adcs x13, x13, xzr
- adcs x14, x14, xzr
- adc x15, x15, xzr
+ mov x25, #19
+ and x26, x25, x24, asr 63
+ adds x21, x21, x26
+ adcs x22, x22, xzr
+ and x24, x24, #0x7fffffffffffffff
+ adcs x23, x23, xzr
+ adc x24, x24, xzr
# Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #192]
+ stp x21, x22, [x0]
+ stp x23, x24, [x0, #16]
+ sub x2, x2, #32
+ add x1, x0, #32
+ add x0, x0, #32
# Multiply
- ldp x21, x22, [x1]
- ldp x23, x24, [x1, #16]
- # A[0] * B[0]
- mul x4, x8, x21
- umulh x5, x8, x21
- # A[0] * B[1]
- mul x25, x8, x22
- umulh x6, x8, x22
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
+ # A[0] * B[0]
+ umulh x5, x12, x16
+ mul x4, x12, x16
+ # A[2] * B[0]
+ umulh x7, x14, x16
+ mul x6, x14, x16
+ # A[1] * B[0]
+ mul x25, x13, x16
adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x9, x21
- umulh x26, x9, x21
+ umulh x26, x13, x16
+ adcs x6, x6, x26
+ # A[1] * B[3]
+ umulh x9, x13, x20
+ adc x7, x7, xzr
+ mul x8, x13, x20
+ # A[0] * B[1]
+ mul x25, x12, x17
adds x5, x5, x25
+ umulh x26, x12, x17
adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x8, x23
- umulh x26, x8, x23
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x9, x22
- umulh x26, x9, x22
+ # A[2] * B[1]
+ mul x25, x14, x17
+ adcs x7, x7, x25
+ umulh x26, x14, x17
+ adcs x8, x8, x26
+ adc x9, x9, xzr
+ # A[1] * B[2]
+ mul x25, x13, x19
+ adds x7, x7, x25
+ umulh x26, x13, x19
+ adcs x8, x8, x26
+ adcs x9, x9, xzr
+ adc x10, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x12, x19
adds x6, x6, x25
+ umulh x26, x12, x19
adcs x7, x7, x26
- adc x16, xzr, xzr
- # A[2] * B[0]
- mul x25, x10, x21
- umulh x26, x10, x21
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x13, x17
adds x6, x6, x25
+ umulh x26, x13, x17
adcs x7, x7, x26
- adc x16, x16, xzr
- # A[0] * B[3]
- mul x25, x8, x24
- umulh x26, x8, x24
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, xzr, xzr
- # A[1] * B[2]
- mul x25, x9, x23
- umulh x26, x9, x23
- adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[2] * B[1]
- mul x25, x10, x22
- umulh x26, x10, x22
+ # A[3] * B[1]
+ mul x25, x15, x17
+ adcs x8, x8, x25
+ umulh x26, x15, x17
+ adcs x9, x9, x26
+ adc x10, x10, xzr
+ # A[2] * B[2]
+ mul x25, x14, x19
+ adds x8, x8, x25
+ umulh x26, x14, x19
+ adcs x9, x9, x26
+ # A[3] * B[3]
+ mul x25, x15, x20
+ adcs x10, x10, x25
+ umulh x11, x15, x20
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x12, x20
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[3] * B[0]
- mul x25, x11, x21
- umulh x26, x11, x21
+ umulh x26, x12, x20
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x14, x20
+ adcs x9, x9, x25
+ umulh x26, x14, x20
+ adcs x10, x10, x26
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x15, x16
adds x7, x7, x25
- adcs x16, x16, x26
- adc x17, x17, xzr
- # A[1] * B[3]
- mul x25, x9, x24
- umulh x26, x9, x24
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, xzr, xzr
- # A[2] * B[2]
- mul x25, x10, x23
- umulh x26, x10, x23
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[3] * B[1]
- mul x25, x11, x22
- umulh x26, x11, x22
- adds x16, x16, x25
- adcs x17, x17, x26
- adc x19, x19, xzr
- # A[2] * B[3]
- mul x25, x10, x24
- umulh x26, x10, x24
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, xzr, xzr
- # A[3] * B[2]
- mul x25, x11, x23
- umulh x26, x11, x23
- adds x17, x17, x25
- adcs x19, x19, x26
- adc x20, x20, xzr
- # A[3] * B[3]
- mul x25, x11, x24
- umulh x26, x11, x24
- adds x19, x19, x25
- adc x20, x20, x26
+ umulh x26, x15, x16
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x15, x19
+ adcs x9, x9, x25
+ umulh x26, x15, x19
+ adcs x10, x10, x26
+ adc x11, x11, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x20, x20, x19, #63
- extr x19, x19, x17, #63
- extr x17, x17, x16, #63
- extr x16, x16, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x16
- umulh x16, x25, x16
- adds x4, x4, x26
- mul x26, x25, x17
- umulh x17, x25, x17
- adcs x5, x5, x26
- mul x26, x25, x19
- umulh x19, x25, x19
- adcs x6, x6, x26
- mul x26, x25, x20
- umulh x27, x25, x20
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x16
- adcs x6, x6, x17
- adcs x7, x7, x19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x7, x7, x26
+ umulh x27, x25, x11
adc x27, x27, xzr
- # Overflow
+ mov x25, #19
extr x27, x27, x7, #63
mul x27, x27, x25
and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
+ mov x25, #38
+ mul x26, x25, x8
+ adds x4, x4, x26
+ umulh x8, x25, x8
+ mul x26, x25, x9
+ adcs x5, x5, x26
+ umulh x9, x25, x9
+ mul x26, x25, x10
+ adcs x6, x6, x26
+ umulh x10, x25, x10
adc x7, x7, xzr
- # Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
+ # Add high product results in
adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
+ adcs x5, x5, x8
+ adcs x6, x6, x9
+ adc x7, x7, x10
# Store
- ldr x0, [x29, #24]
- ldr x1, [x29, #16]
+ stp x4, x5, [x0]
+ stp x6, x7, [x0, #16]
+ mov x3, x0
+ sub x2, x0, #32
+ sub x1, x0, #32
# Add
- adds x8, x12, x4
- adcs x9, x13, x5
- adcs x10, x14, x6
- adc x11, x15, x7
- mov x25, #-19
- asr x28, x11, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ adds x8, x21, x4
+ adcs x9, x22, x5
+ adcs x10, x23, x6
+ adcs x11, x24, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x11, #63
+ mul x25, x28, x25
# Sub modulus (if overflow)
- subs x8, x8, x25
- sbcs x9, x9, x28
- sbcs x10, x10, x28
- sbc x11, x11, x26
+ adds x8, x8, x25
+ adcs x9, x9, xzr
+ and x11, x11, #0x7fffffffffffffff
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
# Sub
- subs x16, x12, x4
- sbcs x17, x13, x5
- sbcs x19, x14, x6
- sbcs x20, x15, x7
- mov x25, #-19
+ subs x12, x21, x4
+ sbcs x13, x22, x5
+ sbcs x14, x23, x6
+ sbcs x15, x24, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
+ subs x12, x12, x25
+ sbcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ sbcs x14, x14, xzr
+ sbc x15, x15, xzr
stp x8, x9, [x0]
stp x10, x11, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x0, [x29, #48]
- ldr x1, [x29, #64]
- ldr x2, [x29, #176]
+ stp x12, x13, [x1]
+ stp x14, x15, [x1, #16]
+ ldr x1, [x29, #24]
+ ldr x2, [x29, #32]
+ add x2, x2, #0x60
+ add x1, x1, #0x60
+ add x0, x0, #0x40
# Multiply
- ldp x12, x13, [x1]
- ldp x14, x15, [x1, #16]
- ldp x16, x17, [x2]
- ldp x19, x20, [x2, #16]
- # A[0] * B[0]
- mul x4, x12, x16
- umulh x5, x12, x16
- # A[0] * B[1]
- mul x25, x12, x17
- umulh x6, x12, x17
- adds x5, x5, x25
- adc x6, x6, xzr
- # A[1] * B[0]
- mul x25, x13, x16
- umulh x26, x13, x16
- adds x5, x5, x25
- adcs x6, x6, x26
- adc x7, xzr, xzr
- # A[0] * B[2]
- mul x25, x12, x19
- umulh x26, x12, x19
- adds x6, x6, x25
- adc x7, x7, x26
- # A[1] * B[1]
- mul x25, x13, x17
- umulh x26, x13, x17
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, xzr, xzr
- # A[2] * B[0]
- mul x25, x14, x16
- umulh x26, x14, x16
- adds x6, x6, x25
- adcs x7, x7, x26
- adc x8, x8, xzr
- # A[0] * B[3]
- mul x25, x12, x20
- umulh x26, x12, x20
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, xzr, xzr
- # A[1] * B[2]
- mul x25, x13, x19
- umulh x26, x13, x19
- adds x7, x7, x25
- adcs x8, x8, x26
- adc x9, x9, xzr
- # A[2] * B[1]
- mul x25, x14, x17
- umulh x26, x14, x17
- adds x7, x7, x25
+ ldp x21, x22, [x1]
+ ldp x23, x24, [x1, #16]
+ ldp x4, x5, [x2]
+ ldp x6, x7, [x2, #16]
+ # A[0] * B[0]
+ umulh x17, x21, x4
+ mul x16, x21, x4
+ # A[2] * B[0]
+ umulh x20, x23, x4
+ mul x19, x23, x4
+ # A[1] * B[0]
+ mul x25, x22, x4
+ adds x17, x17, x25
+ umulh x26, x22, x4
+ adcs x19, x19, x26
+ # A[1] * B[3]
+ umulh x9, x22, x7
+ adc x20, x20, xzr
+ mul x8, x22, x7
+ # A[0] * B[1]
+ mul x25, x21, x5
+ adds x17, x17, x25
+ umulh x26, x21, x5
+ adcs x19, x19, x26
+ # A[2] * B[1]
+ mul x25, x23, x5
+ adcs x20, x20, x25
+ umulh x26, x23, x5
adcs x8, x8, x26
adc x9, x9, xzr
- # A[3] * B[0]
- mul x25, x15, x16
- umulh x26, x15, x16
- adds x7, x7, x25
+ # A[1] * B[2]
+ mul x25, x22, x6
+ adds x20, x20, x25
+ umulh x26, x22, x6
adcs x8, x8, x26
- adc x9, x9, xzr
- # A[1] * B[3]
- mul x25, x13, x20
- umulh x26, x13, x20
- adds x8, x8, x25
- adcs x9, x9, x26
+ adcs x9, x9, xzr
adc x10, xzr, xzr
- # A[2] * B[2]
- mul x25, x14, x19
- umulh x26, x14, x19
- adds x8, x8, x25
+ # A[0] * B[2]
+ mul x25, x21, x6
+ adds x19, x19, x25
+ umulh x26, x21, x6
+ adcs x20, x20, x26
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x25, x22, x5
+ adds x19, x19, x25
+ umulh x26, x22, x5
+ adcs x20, x20, x26
+ # A[3] * B[1]
+ mul x25, x24, x5
+ adcs x8, x8, x25
+ umulh x26, x24, x5
adcs x9, x9, x26
adc x10, x10, xzr
- # A[3] * B[1]
- mul x25, x15, x17
- umulh x26, x15, x17
+ # A[2] * B[2]
+ mul x25, x23, x6
adds x8, x8, x25
+ umulh x26, x23, x6
adcs x9, x9, x26
- adc x10, x10, xzr
- # A[2] * B[3]
- mul x25, x14, x20
- umulh x26, x14, x20
- adds x9, x9, x25
+ # A[3] * B[3]
+ mul x25, x24, x7
+ adcs x10, x10, x25
+ umulh x11, x24, x7
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x25, x21, x7
+ adds x20, x20, x25
+ umulh x26, x21, x7
+ adcs x8, x8, x26
+ # A[2] * B[3]
+ mul x25, x23, x7
+ adcs x9, x9, x25
+ umulh x26, x23, x7
adcs x10, x10, x26
- adc x11, xzr, xzr
- # A[3] * B[2]
- mul x25, x15, x19
- umulh x26, x15, x19
- adds x9, x9, x25
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x25, x24, x4
+ adds x20, x20, x25
+ umulh x26, x24, x4
+ adcs x8, x8, x26
+ # A[3] * B[2]
+ mul x25, x24, x6
+ adcs x9, x9, x25
+ umulh x26, x24, x6
adcs x10, x10, x26
adc x11, x11, xzr
- # A[3] * B[3]
- mul x25, x15, x20
- umulh x26, x15, x20
- adds x10, x10, x25
- adc x11, x11, x26
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x11, x11, x10, #63
- extr x10, x10, x9, #63
- extr x9, x9, x8, #63
- extr x8, x8, x7, #63
- and x7, x7, #0x7fffffffffffffff
- # Multiply top half by 19
+ mov x25, #38
+ mul x26, x25, x11
+ adds x20, x20, x26
+ umulh x27, x25, x11
+ adc x27, x27, xzr
mov x25, #19
+ extr x27, x27, x20, #63
+ mul x27, x27, x25
+ and x20, x20, #0x7fffffffffffffff
+ mov x25, #38
mul x26, x25, x8
+ adds x16, x16, x26
umulh x8, x25, x8
- adds x4, x4, x26
mul x26, x25, x9
+ adcs x17, x17, x26
umulh x9, x25, x9
- adcs x5, x5, x26
mul x26, x25, x10
+ adcs x19, x19, x26
umulh x10, x25, x10
- adcs x6, x6, x26
- mul x26, x25, x11
- umulh x27, x25, x11
- adcs x7, x7, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x5, x5, x8
- adcs x6, x6, x9
- adcs x7, x7, x10
- adc x27, x27, xzr
- # Overflow
- extr x27, x27, x7, #63
- mul x27, x27, x25
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
+ adc x20, x20, xzr
+ # Add high product results in
+ adds x16, x16, x27
+ adcs x17, x17, x8
+ adcs x19, x19, x9
+ adc x20, x20, x10
# Reduce if top bit set
- and x27, x25, x7, asr 63
- and x7, x7, #0x7fffffffffffffff
- adds x4, x4, x27
- adcs x5, x5, xzr
- adcs x6, x6, xzr
- adc x7, x7, xzr
+ mov x25, #19
+ and x26, x25, x20, asr 63
+ adds x16, x16, x26
+ adcs x17, x17, xzr
+ and x20, x20, #0x7fffffffffffffff
+ adcs x19, x19, xzr
+ adc x20, x20, xzr
# Store
- ldr x0, [x29, #48]
- # Double
- adds x4, x4, x4
- adcs x5, x5, x5
- adcs x6, x6, x6
- adc x7, x7, x7
- mov x25, #-19
- asr x28, x7, #63
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
- # Sub modulus (if overflow)
- subs x4, x4, x25
- sbcs x5, x5, x28
- sbcs x6, x6, x28
- sbc x7, x7, x26
- ldr x0, [x29, #40]
- ldr x1, [x29, #184]
- ldr x2, [x29, #72]
+ stp x16, x17, [x0]
+ stp x19, x20, [x0, #16]
+ sub x3, x2, #32
+ sub x2, x1, #32
+ sub x1, x0, #32
# Multiply
- ldp x16, x17, [x1]
- ldp x19, x20, [x1, #16]
- ldp x21, x22, [x2]
- ldp x23, x24, [x2, #16]
- # A[0] * B[0]
- mul x8, x16, x21
- umulh x9, x16, x21
- # A[0] * B[1]
- mul x25, x16, x22
- umulh x10, x16, x22
+ ldp x4, x5, [x2]
+ ldp x6, x7, [x2, #16]
+ ldp x12, x13, [x3]
+ ldp x14, x15, [x3, #16]
+ # A[0] * B[0]
+ umulh x9, x4, x12
+ mul x8, x4, x12
+ # A[2] * B[0]
+ umulh x11, x6, x12
+ mul x10, x6, x12
+ # A[1] * B[0]
+ mul x25, x5, x12
adds x9, x9, x25
- adc x10, x10, xzr
- # A[1] * B[0]
- mul x25, x17, x21
- umulh x26, x17, x21
+ umulh x26, x5, x12
+ adcs x10, x10, x26
+ # A[1] * B[3]
+ umulh x17, x5, x15
+ adc x11, x11, xzr
+ mul x16, x5, x15
+ # A[0] * B[1]
+ mul x25, x4, x13
adds x9, x9, x25
+ umulh x26, x4, x13
adcs x10, x10, x26
- adc x11, xzr, xzr
- # A[0] * B[2]
- mul x25, x16, x23
- umulh x26, x16, x23
- adds x10, x10, x25
- adc x11, x11, x26
- # A[1] * B[1]
- mul x25, x17, x22
- umulh x26, x17, x22
+ # A[2] * B[1]
+ mul x25, x6, x13
+ adcs x11, x11, x25
+ umulh x26, x6, x13
+ adcs x16, x16, x26
+ adc x17, x17, xzr
+ # A[1] * B[2]
+ mul x25, x5, x14
+ adds x11, x11, x25
+ umulh x26, x5, x14
+ adcs x16, x16, x26
+ adcs x17, x17, xzr
+ adc x19, xzr, xzr
+ # A[0] * B[2]
+ mul x25, x4, x14
adds x10, x10, x25
+ umulh x26, x4, x14
adcs x11, x11, x26
- adc x12, xzr, xzr
- # A[2] * B[0]
- mul x25, x19, x21
- umulh x26, x19, x21
+ adcs x16, x16, xzr
+ adcs x17, x17, xzr
+ adc x19, x19, xzr
+ # A[1] * B[1]
+ mul x25, x5, x13
adds x10, x10, x25
+ umulh x26, x5, x13
adcs x11, x11, x26
- adc x12, x12, xzr
- # A[0] * B[3]
- mul x25, x16, x24
- umulh x26, x16, x24
- adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, xzr, xzr
- # A[1] * B[2]
- mul x25, x17, x23
- umulh x26, x17, x23
- adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, x13, xzr
- # A[2] * B[1]
- mul x25, x19, x22
- umulh x26, x19, x22
+ # A[3] * B[1]
+ mul x25, x7, x13
+ adcs x16, x16, x25
+ umulh x26, x7, x13
+ adcs x17, x17, x26
+ adc x19, x19, xzr
+ # A[2] * B[2]
+ mul x25, x6, x14
+ adds x16, x16, x25
+ umulh x26, x6, x14
+ adcs x17, x17, x26
+ # A[3] * B[3]
+ mul x25, x7, x15
+ adcs x19, x19, x25
+ umulh x20, x7, x15
+ adc x20, x20, xzr
+ # A[0] * B[3]
+ mul x25, x4, x15
adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, x13, xzr
- # A[3] * B[0]
- mul x25, x20, x21
- umulh x26, x20, x21
+ umulh x26, x4, x15
+ adcs x16, x16, x26
+ # A[2] * B[3]
+ mul x25, x6, x15
+ adcs x17, x17, x25
+ umulh x26, x6, x15
+ adcs x19, x19, x26
+ adc x20, x20, xzr
+ # A[3] * B[0]
+ mul x25, x7, x12
adds x11, x11, x25
- adcs x12, x12, x26
- adc x13, x13, xzr
- # A[1] * B[3]
- mul x25, x17, x24
- umulh x26, x17, x24
- adds x12, x12, x25
- adcs x13, x13, x26
- adc x14, xzr, xzr
- # A[2] * B[2]
- mul x25, x19, x23
- umulh x26, x19, x23
- adds x12, x12, x25
- adcs x13, x13, x26
- adc x14, x14, xzr
- # A[3] * B[1]
- mul x25, x20, x22
- umulh x26, x20, x22
- adds x12, x12, x25
- adcs x13, x13, x26
- adc x14, x14, xzr
- # A[2] * B[3]
- mul x25, x19, x24
- umulh x26, x19, x24
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, xzr, xzr
- # A[3] * B[2]
- mul x25, x20, x23
- umulh x26, x20, x23
- adds x13, x13, x25
- adcs x14, x14, x26
- adc x15, x15, xzr
- # A[3] * B[3]
- mul x25, x20, x24
- umulh x26, x20, x24
- adds x14, x14, x25
- adc x15, x15, x26
+ umulh x26, x7, x12
+ adcs x16, x16, x26
+ # A[3] * B[2]
+ mul x25, x7, x14
+ adcs x17, x17, x25
+ umulh x26, x7, x14
+ adcs x19, x19, x26
+ adc x20, x20, xzr
# Reduce
- # Move top half into t4-t7 and remove top bit from t3
- extr x15, x15, x14, #63
- extr x14, x14, x13, #63
- extr x13, x13, x12, #63
- extr x12, x12, x11, #63
- and x11, x11, #0x7fffffffffffffff
- # Multiply top half by 19
- mov x25, #19
- mul x26, x25, x12
- umulh x12, x25, x12
- adds x8, x8, x26
- mul x26, x25, x13
- umulh x13, x25, x13
- adcs x9, x9, x26
- mul x26, x25, x14
- umulh x14, x25, x14
- adcs x10, x10, x26
- mul x26, x25, x15
- umulh x27, x25, x15
- adcs x11, x11, x26
- adc x27, x27, xzr
- # Add remaining product results in
- adds x9, x9, x12
- adcs x10, x10, x13
- adcs x11, x11, x14
+ mov x25, #38
+ mul x26, x25, x20
+ adds x11, x11, x26
+ umulh x27, x25, x20
adc x27, x27, xzr
- # Overflow
+ mov x25, #19
extr x27, x27, x11, #63
mul x27, x27, x25
and x11, x11, #0x7fffffffffffffff
- adds x8, x8, x27
- adcs x9, x9, xzr
- adcs x10, x10, xzr
+ mov x25, #38
+ mul x26, x25, x16
+ adds x8, x8, x26
+ umulh x16, x25, x16
+ mul x26, x25, x17
+ adcs x9, x9, x26
+ umulh x17, x25, x17
+ mul x26, x25, x19
+ adcs x10, x10, x26
+ umulh x19, x25, x19
adc x11, x11, xzr
- # Reduce if top bit set
- and x27, x25, x11, asr 63
- and x11, x11, #0x7fffffffffffffff
+ # Add high product results in
adds x8, x8, x27
- adcs x9, x9, xzr
- adcs x10, x10, xzr
- adc x11, x11, xzr
- # Store
- ldr x0, [x29, #40]
- ldr x1, [x29, #32]
- # Add
- adds x12, x4, x8
- adcs x13, x5, x9
- adcs x14, x6, x10
- adc x15, x7, x11
+ adcs x9, x9, x16
+ adcs x10, x10, x17
+ adc x11, x11, x19
+ # Double
+ adds x8, x8, x8
+ adcs x9, x9, x9
+ adcs x10, x10, x10
+ adc x11, x11, x11
mov x25, #-19
- asr x28, x15, #63
+ asr x28, x11, #63
# Mask the modulus
and x25, x28, x25
and x26, x28, #0x7fffffffffffffff
# Sub modulus (if overflow)
- subs x12, x12, x25
- sbcs x13, x13, x28
- sbcs x14, x14, x28
- sbc x15, x15, x26
+ subs x8, x8, x25
+ sbcs x9, x9, x28
+ sbcs x10, x10, x28
+ sbc x11, x11, x26
+ mov x3, x0
+ sub x2, x0, #32
+ # Add
+ ldp x4, x5, [x3]
+ ldp x6, x7, [x3, #16]
+ adds x12, x8, x4
+ adcs x13, x9, x5
+ adcs x14, x10, x6
+ adcs x15, x11, x7
+ cset x28, cs
+ mov x25, #19
+ extr x28, x28, x15, #63
+ mul x25, x28, x25
+ # Sub modulus (if overflow)
+ adds x12, x12, x25
+ adcs x13, x13, xzr
+ and x15, x15, #0x7fffffffffffffff
+ adcs x14, x14, xzr
+ adc x15, x15, xzr
# Sub
- subs x16, x4, x8
- sbcs x17, x5, x9
- sbcs x19, x6, x10
- sbcs x20, x7, x11
- mov x25, #-19
+ subs x21, x8, x4
+ sbcs x22, x9, x5
+ sbcs x23, x10, x6
+ sbcs x24, x11, x7
csetm x28, cc
- # Mask the modulus
- and x25, x28, x25
- and x26, x28, #0x7fffffffffffffff
+ mov x25, #-19
+ extr x28, x28, x24, #63
+ mul x25, x28, x25
# Add modulus (if underflow)
- adds x16, x16, x25
- adcs x17, x17, x28
- adcs x19, x19, x28
- adc x20, x20, x26
+ subs x21, x21, x25
+ sbcs x22, x22, xzr
+ and x24, x24, #0x7fffffffffffffff
+ sbcs x23, x23, xzr
+ sbc x24, x24, xzr
stp x12, x13, [x0]
stp x14, x15, [x0, #16]
- stp x16, x17, [x1]
- stp x19, x20, [x1, #16]
- ldr x17, [x29, #88]
- ldr x19, [x29, #96]
- ldp x20, x21, [x29, #104]
- ldp x22, x23, [x29, #120]
- ldp x24, x25, [x29, #136]
- ldp x26, x27, [x29, #152]
- ldr x28, [x29, #168]
- ldp x29, x30, [sp], #0xb0
+ stp x21, x22, [x1]
+ stp x23, x24, [x1, #16]
+ ldr x17, [x29, #56]
+ ldr x19, [x29, #64]
+ ldp x20, x21, [x29, #72]
+ ldp x22, x23, [x29, #88]
+ ldp x24, x25, [x29, #104]
+ ldp x26, x27, [x29, #120]
+ ldr x28, [x29, #136]
+ ldp x29, x30, [sp], #0x90
+ ret
+#ifndef __APPLE__
+ .size ge_sub,.-ge_sub
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl sc_reduce
+.type sc_reduce,@function
+.align 2
+sc_reduce:
+#else
+.section __TEXT,__text
+.globl _sc_reduce
+.p2align 2
+_sc_reduce:
+#endif /* __APPLE__ */
+ stp x29, x30, [sp, #-64]!
+ add x29, sp, #0
+ str x17, [x29, #16]
+ str x19, [x29, #24]
+ stp x20, x21, [x29, #32]
+ stp x22, x23, [x29, #48]
+ ldp x2, x3, [x0]
+ ldp x4, x5, [x0, #16]
+ ldp x6, x7, [x0, #32]
+ ldp x8, x9, [x0, #48]
+ lsr x23, x9, #56
+ lsl x9, x9, #4
+ orr x9, x9, x8, lsr 60
+ lsl x8, x8, #4
+ orr x8, x8, x7, lsr 60
+ lsl x7, x7, #4
+ orr x7, x7, x6, lsr 60
+ lsl x6, x6, #4
+ mov x1, #15
+ orr x6, x6, x5, lsr 60
+ bic x5, x5, x1, lsl 60
+ bic x9, x9, x1, lsl 60
+ # Add order times bits 504..511
+ mov x11, #0x2c13
+ movk x11, #0xa30a, lsl 16
+ movk x11, #0x9ce5, lsl 32
+ movk x11, #0xa7ed, lsl 48
+ mov x13, #0x6329
+ movk x13, #0x5d08, lsl 16
+ movk x13, #0x621, lsl 32
+ movk x13, #0xeb21, lsl 48
+ mul x10, x23, x11
+ umulh x11, x23, x11
+ mul x12, x23, x13
+ umulh x13, x23, x13
+ adds x6, x6, x10
+ adcs x7, x7, x11
+ adcs x8, x8, xzr
+ adc x9, x9, xzr
+ adds x7, x7, x12
+ adcs x8, x8, x13
+ adc x9, x9, xzr
+ subs x8, x8, x23
+ sbc x9, x9, xzr
+ # Sub product of top 4 words and order
+ mov x1, #0x2c13
+ movk x1, #0xa30a, lsl 16
+ movk x1, #0x9ce5, lsl 32
+ movk x1, #0xa7ed, lsl 48
+ mul x10, x6, x1
+ umulh x11, x6, x1
+ mul x12, x7, x1
+ umulh x13, x7, x1
+ mul x14, x8, x1
+ umulh x15, x8, x1
+ mul x16, x9, x1
+ umulh x17, x9, x1
+ adds x2, x2, x10
+ adcs x3, x3, x11
+ adcs x4, x4, x14
+ adcs x5, x5, x15
+ adc x19, xzr, xzr
+ adds x3, x3, x12
+ adcs x4, x4, x13
+ adcs x5, x5, x16
+ adc x19, x19, x17
+ mov x1, #0x6329
+ movk x1, #0x5d08, lsl 16
+ movk x1, #0x621, lsl 32
+ movk x1, #0xeb21, lsl 48
+ mul x10, x6, x1
+ umulh x11, x6, x1
+ mul x12, x7, x1
+ umulh x13, x7, x1
+ mul x14, x8, x1
+ umulh x15, x8, x1
+ mul x16, x9, x1
+ umulh x17, x9, x1
+ adds x3, x3, x10
+ adcs x4, x4, x11
+ adcs x5, x5, x14
+ adcs x19, x19, x15
+ adc x20, xzr, xzr
+ adds x4, x4, x12
+ adcs x5, x5, x13
+ adcs x19, x19, x16
+ adc x20, x20, x17
+ subs x4, x4, x6
+ sbcs x5, x5, x7
+ sbcs x6, x19, x8
+ sbc x7, x20, x9
+ asr x23, x7, #57
+ # Conditionally subtract order starting at bit 125
+ mov x10, xzr
+ mov x13, xzr
+ mov x11, #0xba7d
+ movk x11, #0x4b9e, lsl 16
+ movk x11, #0x4c63, lsl 32
+ movk x11, #0xcb02, lsl 48
+ mov x12, #0xf39a
+ movk x12, #0xd45e, lsl 16
+ movk x12, #0xdf3b, lsl 32
+ movk x12, #0x29b, lsl 48
+ movk x10, #0xa000, lsl 48
+ movk x13, #0x200, lsl 48
+ and x10, x10, x23
+ and x11, x11, x23
+ and x12, x12, x23
+ and x13, x13, x23
+ adds x3, x3, x10
+ adcs x4, x4, x11
+ adcs x5, x5, x12
+ adcs x6, x6, xzr
+ adc x7, x7, x13
+ # Move bits 252-376 to own registers
+ lsl x7, x7, #4
+ orr x7, x7, x6, lsr 60
+ lsl x6, x6, #4
+ mov x23, #15
+ orr x6, x6, x5, lsr 60
+ bic x5, x5, x23, lsl 60
+ # Sub product of top 2 words and order
+ # * -5812631a5cf5d3ed
+ mov x1, #0x2c13
+ movk x1, #0xa30a, lsl 16
+ movk x1, #0x9ce5, lsl 32
+ movk x1, #0xa7ed, lsl 48
+ mul x10, x6, x1
+ umulh x11, x6, x1
+ mul x12, x7, x1
+ umulh x13, x7, x1
+ adds x2, x2, x10
+ adcs x3, x3, x11
+ adc x19, xzr, xzr
+ adds x3, x3, x12
+ adc x19, x19, x13
+ # * -14def9dea2f79cd7
+ mov x1, #0x6329
+ movk x1, #0x5d08, lsl 16
+ movk x1, #0x621, lsl 32
+ movk x1, #0xeb21, lsl 48
+ mul x10, x6, x1
+ umulh x11, x6, x1
+ mul x12, x7, x1
+ umulh x13, x7, x1
+ adds x3, x3, x10
+ adcs x4, x4, x11
+ adc x20, xzr, xzr
+ adds x4, x4, x12
+ adc x20, x20, x13
+ # Add overflows at 2 * 64
+ mov x1, #15
+ bic x5, x5, x1, lsl 60
+ adds x4, x4, x19
+ adc x5, x5, x20
+ # Subtract top at 2 * 64
+ subs x4, x4, x6
+ sbcs x5, x5, x7
+ sbc x1, x1, x1
+ # Conditional sub order
+ mov x10, #0xd3ed
+ movk x10, #0x5cf5, lsl 16
+ movk x10, #0x631a, lsl 32
+ movk x10, #0x5812, lsl 48
+ mov x11, #0x9cd6
+ movk x11, #0xa2f7, lsl 16
+ movk x11, #0xf9de, lsl 32
+ movk x11, #0x14de, lsl 48
+ and x10, x10, x1
+ and x11, x11, x1
+ adds x2, x2, x10
+ adcs x3, x3, x11
+ and x1, x1, #0x1000000000000000
+ adcs x4, x4, xzr
+ mov x23, #15
+ adc x5, x5, x1
+ bic x5, x5, x23, lsl 60
+ # Store result
+ stp x2, x3, [x0]
+ stp x4, x5, [x0, #16]
+ ldr x17, [x29, #16]
+ ldr x19, [x29, #24]
+ ldp x20, x21, [x29, #32]
+ ldp x22, x23, [x29, #48]
+ ldp x29, x30, [sp], #0x40
+ ret
+#ifndef __APPLE__
+ .size sc_reduce,.-sc_reduce
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl sc_muladd
+.type sc_muladd,@function
+.align 2
+sc_muladd:
+#else
+.section __TEXT,__text
+.globl _sc_muladd
+.p2align 2
+_sc_muladd:
+#endif /* __APPLE__ */
+ stp x29, x30, [sp, #-96]!
+ add x29, sp, #0
+ str x17, [x29, #24]
+ str x19, [x29, #32]
+ stp x20, x21, [x29, #40]
+ stp x22, x23, [x29, #56]
+ stp x24, x25, [x29, #72]
+ str x26, [x29, #88]
+ # Multiply
+ ldp x12, x13, [x1]
+ ldp x14, x15, [x1, #16]
+ ldp x16, x17, [x2]
+ ldp x19, x20, [x2, #16]
+ # A[0] * B[0]
+ umulh x5, x12, x16
+ mul x4, x12, x16
+ # A[2] * B[0]
+ umulh x7, x14, x16
+ mul x6, x14, x16
+ # A[1] * B[0]
+ mul x21, x13, x16
+ adds x5, x5, x21
+ umulh x22, x13, x16
+ adcs x6, x6, x22
+ # A[1] * B[3]
+ umulh x9, x13, x20
+ adc x7, x7, xzr
+ mul x8, x13, x20
+ # A[0] * B[1]
+ mul x21, x12, x17
+ adds x5, x5, x21
+ umulh x22, x12, x17
+ adcs x6, x6, x22
+ # A[2] * B[1]
+ mul x21, x14, x17
+ adcs x7, x7, x21
+ umulh x22, x14, x17
+ adcs x8, x8, x22
+ adc x9, x9, xzr
+ # A[1] * B[2]
+ mul x21, x13, x19
+ adds x7, x7, x21
+ umulh x22, x13, x19
+ adcs x8, x8, x22
+ adcs x9, x9, xzr
+ adc x10, xzr, xzr
+ # A[0] * B[2]
+ mul x21, x12, x19
+ adds x6, x6, x21
+ umulh x22, x12, x19
+ adcs x7, x7, x22
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adc x10, x10, xzr
+ # A[1] * B[1]
+ mul x21, x13, x17
+ adds x6, x6, x21
+ umulh x22, x13, x17
+ adcs x7, x7, x22
+ # A[3] * B[1]
+ mul x21, x15, x17
+ adcs x8, x8, x21
+ umulh x22, x15, x17
+ adcs x9, x9, x22
+ adc x10, x10, xzr
+ # A[2] * B[2]
+ mul x21, x14, x19
+ adds x8, x8, x21
+ umulh x22, x14, x19
+ adcs x9, x9, x22
+ # A[3] * B[3]
+ mul x21, x15, x20
+ adcs x10, x10, x21
+ umulh x11, x15, x20
+ adc x11, x11, xzr
+ # A[0] * B[3]
+ mul x21, x12, x20
+ adds x7, x7, x21
+ umulh x22, x12, x20
+ adcs x8, x8, x22
+ # A[2] * B[3]
+ mul x21, x14, x20
+ adcs x9, x9, x21
+ umulh x22, x14, x20
+ adcs x10, x10, x22
+ adc x11, x11, xzr
+ # A[3] * B[0]
+ mul x21, x15, x16
+ adds x7, x7, x21
+ umulh x22, x15, x16
+ adcs x8, x8, x22
+ # A[3] * B[2]
+ mul x21, x15, x19
+ adcs x9, x9, x21
+ umulh x22, x15, x19
+ adcs x10, x10, x22
+ adc x11, x11, xzr
+ # Add c to a * b
+ ldp x12, x13, [x3]
+ ldp x14, x15, [x3, #16]
+ adds x4, x4, x12
+ adcs x5, x5, x13
+ adcs x6, x6, x14
+ adcs x7, x7, x15
+ adcs x8, x8, xzr
+ adcs x9, x9, xzr
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
+ lsr x25, x11, #56
+ lsl x11, x11, #4
+ orr x11, x11, x10, lsr 60
+ lsl x10, x10, #4
+ orr x10, x10, x9, lsr 60
+ lsl x9, x9, #4
+ orr x9, x9, x8, lsr 60
+ lsl x8, x8, #4
+ mov x26, #15
+ orr x8, x8, x7, lsr 60
+ bic x7, x7, x26, lsl 60
+ bic x11, x11, x26, lsl 60
+ # Add order times bits 504..507
+ mov x22, #0x2c13
+ movk x22, #0xa30a, lsl 16
+ movk x22, #0x9ce5, lsl 32
+ movk x22, #0xa7ed, lsl 48
+ mov x24, #0x6329
+ movk x24, #0x5d08, lsl 16
+ movk x24, #0x621, lsl 32
+ movk x24, #0xeb21, lsl 48
+ mul x21, x25, x22
+ umulh x22, x25, x22
+ mul x23, x25, x24
+ umulh x24, x25, x24
+ adds x8, x8, x21
+ adcs x9, x9, x22
+ adcs x10, x10, xzr
+ adc x11, x11, xzr
+ adds x9, x9, x23
+ adcs x10, x10, x24
+ adc x11, x11, xzr
+ subs x10, x10, x25
+ sbc x11, x11, xzr
+ # Sub product of top 4 words and order
+ mov x26, #0x2c13
+ movk x26, #0xa30a, lsl 16
+ movk x26, #0x9ce5, lsl 32
+ movk x26, #0xa7ed, lsl 48
+ mul x16, x8, x26
+ umulh x17, x8, x26
+ mul x19, x9, x26
+ umulh x20, x9, x26
+ mul x21, x10, x26
+ umulh x22, x10, x26
+ mul x23, x11, x26
+ umulh x24, x11, x26
+ adds x4, x4, x16
+ adcs x5, x5, x17
+ adcs x6, x6, x21
+ adcs x7, x7, x22
+ adc x12, xzr, xzr
+ adds x5, x5, x19
+ adcs x6, x6, x20
+ adcs x7, x7, x23
+ adc x12, x12, x24
+ mov x26, #0x6329
+ movk x26, #0x5d08, lsl 16
+ movk x26, #0x621, lsl 32
+ movk x26, #0xeb21, lsl 48
+ mul x16, x8, x26
+ umulh x17, x8, x26
+ mul x19, x9, x26
+ umulh x20, x9, x26
+ mul x21, x10, x26
+ umulh x22, x10, x26
+ mul x23, x11, x26
+ umulh x24, x11, x26
+ adds x5, x5, x16
+ adcs x6, x6, x17
+ adcs x7, x7, x21
+ adcs x12, x12, x22
+ adc x13, xzr, xzr
+ adds x6, x6, x19
+ adcs x7, x7, x20
+ adcs x12, x12, x23
+ adc x13, x13, x24
+ subs x6, x6, x8
+ sbcs x7, x7, x9
+ sbcs x8, x12, x10
+ sbc x9, x13, x11
+ asr x25, x9, #57
+ # Conditionally subtract order starting at bit 125
+ mov x16, xzr
+ mov x20, xzr
+ mov x17, #0xba7d
+ movk x17, #0x4b9e, lsl 16
+ movk x17, #0x4c63, lsl 32
+ movk x17, #0xcb02, lsl 48
+ mov x19, #0xf39a
+ movk x19, #0xd45e, lsl 16
+ movk x19, #0xdf3b, lsl 32
+ movk x19, #0x29b, lsl 48
+ movk x16, #0xa000, lsl 48
+ movk x20, #0x200, lsl 48
+ and x16, x16, x25
+ and x17, x17, x25
+ and x19, x19, x25
+ and x20, x20, x25
+ adds x5, x5, x16
+ adcs x6, x6, x17
+ adcs x7, x7, x19
+ adcs x8, x8, xzr
+ adc x9, x9, x20
+ # Move bits 252-376 to own registers
+ lsl x9, x9, #4
+ orr x9, x9, x8, lsr 60
+ lsl x8, x8, #4
+ mov x25, #15
+ orr x8, x8, x7, lsr 60
+ bic x7, x7, x25, lsl 60
+ # Sub product of top 2 words and order
+ # * -5812631a5cf5d3ed
+ mov x26, #0x2c13
+ movk x26, #0xa30a, lsl 16
+ movk x26, #0x9ce5, lsl 32
+ movk x26, #0xa7ed, lsl 48
+ mul x16, x8, x26
+ umulh x17, x8, x26
+ mul x19, x9, x26
+ umulh x20, x9, x26
+ adds x4, x4, x16
+ adcs x5, x5, x17
+ adc x12, xzr, xzr
+ adds x5, x5, x19
+ adc x12, x12, x20
+ # * -14def9dea2f79cd7
+ mov x26, #0x6329
+ movk x26, #0x5d08, lsl 16
+ movk x26, #0x621, lsl 32
+ movk x26, #0xeb21, lsl 48
+ mul x16, x8, x26
+ umulh x17, x8, x26
+ mul x19, x9, x26
+ umulh x20, x9, x26
+ adds x5, x5, x16
+ adcs x6, x6, x17
+ adc x13, xzr, xzr
+ adds x6, x6, x19
+ adc x13, x13, x20
+ # Add overflows at 2 * 64
+ mov x26, #15
+ bic x7, x7, x26, lsl 60
+ adds x6, x6, x12
+ adc x7, x7, x13
+ # Subtract top at 2 * 64
+ subs x6, x6, x8
+ sbcs x7, x7, x9
+ sbc x26, x26, x26
+ # Conditional sub order
+ mov x16, #0xd3ed
+ movk x16, #0x5cf5, lsl 16
+ movk x16, #0x631a, lsl 32
+ movk x16, #0x5812, lsl 48
+ mov x17, #0x9cd6
+ movk x17, #0xa2f7, lsl 16
+ movk x17, #0xf9de, lsl 32
+ movk x17, #0x14de, lsl 48
+ and x16, x16, x26
+ and x17, x17, x26
+ adds x4, x4, x16
+ adcs x5, x5, x17
+ and x26, x26, #0x1000000000000000
+ adcs x6, x6, xzr
+ mov x25, #15
+ adc x7, x7, x26
+ bic x7, x7, x25, lsl 60
+ # Store result
+ stp x4, x5, [x0]
+ stp x6, x7, [x0, #16]
+ ldr x17, [x29, #24]
+ ldr x19, [x29, #32]
+ ldp x20, x21, [x29, #40]
+ ldp x22, x23, [x29, #56]
+ ldp x24, x25, [x29, #72]
+ ldr x26, [x29, #88]
+ ldp x29, x30, [sp], #0x60
ret
#ifndef __APPLE__
- .size fe_ge_sub,.-fe_ge_sub
+ .size sc_muladd,.-sc_muladd
#endif /* __APPLE__ */
-#endif /* HAVE_CURVE25519 */
+#endif /* HAVE_ED25519 */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
#endif /* __aarch64__ */
#endif /* WOLFSSL_ARMASM */
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c
index 3484b07b..c9a98222 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c
@@ -23,6 +23,7 @@
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
/* Generated using (from wolfssl):
* cd ../scripts
@@ -30,19 +31,26 @@
*/
#ifdef WOLFSSL_ARMASM
#ifdef __aarch64__
-#ifdef HAVE_CURVE25519
+#ifdef WOLFSSL_ARMASM_INLINE
+#include <wolfssl/wolfcrypt/fe_operations.h>
+#define CURVED25519_ASM
+#include <wolfssl/wolfcrypt/ge_operations.h>
+
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
#include <wolfssl/wolfcrypt/fe_operations.h>
void fe_init()
{
__asm__ __volatile__ (
"\n\t"
- :
:
- : "memory"
+ :
+ : "memory", "cc"
);
}
+#ifdef HAVE_ED25519
void fe_frombytes(fe out, const unsigned char* in)
{
__asm__ __volatile__ (
@@ -53,7 +61,7 @@ void fe_frombytes(fe out, const unsigned char* in)
"stp x4, x5, [%x[out], #16]\n\t"
: [out] "+r" (out), [in] "+r" (in)
:
- : "memory", "x2", "x3", "x4", "x5", "x6"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
);
}
@@ -77,7 +85,7 @@ void fe_tobytes(unsigned char* out, const fe n)
"stp x4, x5, [%x[out], #16]\n\t"
: [out] "+r" (out), [n] "+r" (n)
:
- : "memory", "x2", "x3", "x4", "x5", "x6", "x7"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "cc"
);
}
@@ -90,7 +98,7 @@ void fe_1(fe n)
"stp xzr, xzr, [%x[n], #16]\n\t"
: [n] "+r" (n)
:
- : "memory", "x1"
+ : "memory", "x1", "cc"
);
}
@@ -102,7 +110,7 @@ void fe_0(fe n)
"stp xzr, xzr, [%x[n], #16]\n\t"
: [n] "+r" (n)
:
- : "memory"
+ : "memory", "cc"
);
}
@@ -116,7 +124,7 @@ void fe_copy(fe r, const fe a)
"stp x4, x5, [%x[r], #16]\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "x2", "x3", "x4", "x5"
+ : "memory", "x2", "x3", "x4", "x5", "cc"
);
}
@@ -132,21 +140,22 @@ void fe_sub(fe r, const fe a, const fe b)
"sbcs x4, x4, x8\n\t"
"sbcs x5, x5, x9\n\t"
"sbcs x6, x6, x10\n\t"
- "mov x12, #-19\n\t"
"csetm x11, cc\n\t"
+ "mov x12, #-19\n\t"
/* Mask the modulus */
- "and x12, x11, x12\n\t"
- "and x13, x11, #0x7fffffffffffffff\n\t"
+ "extr x11, x11, x6, #63\n\t"
+ "mul x12, x11, x12\n\t"
/* Add modulus (if underflow) */
- "adds x3, x3, x12\n\t"
- "adcs x4, x4, x11\n\t"
- "adcs x5, x5, x11\n\t"
- "adc x6, x6, x13\n\t"
+ "subs x3, x3, x12\n\t"
+ "sbcs x4, x4, xzr\n\t"
+ "and x6, x6, #0x7fffffffffffffff\n\t"
+ "sbcs x5, x5, xzr\n\t"
+ "sbc x6, x6, xzr\n\t"
"stp x3, x4, [%x[r]]\n\t"
"stp x5, x6, [%x[r], #16]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
);
}
@@ -161,22 +170,23 @@ void fe_add(fe r, const fe a, const fe b)
"adds x3, x3, x7\n\t"
"adcs x4, x4, x8\n\t"
"adcs x5, x5, x9\n\t"
- "adc x6, x6, x10\n\t"
- "mov x12, #-19\n\t"
- "asr x11, x6, #63\n\t"
+ "adcs x6, x6, x10\n\t"
+ "cset x11, cs\n\t"
+ "mov x12, #19\n\t"
/* Mask the modulus */
- "and x12, x11, x12\n\t"
- "and x13, x11, #0x7fffffffffffffff\n\t"
+ "extr x11, x11, x6, #63\n\t"
+ "mul x12, x11, x12\n\t"
/* Sub modulus (if overflow) */
- "subs x3, x3, x12\n\t"
- "sbcs x4, x4, x11\n\t"
- "sbcs x5, x5, x11\n\t"
- "sbc x6, x6, x13\n\t"
+ "adds x3, x3, x12\n\t"
+ "adcs x4, x4, xzr\n\t"
+ "and x6, x6, #0x7fffffffffffffff\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, x6, xzr\n\t"
"stp x3, x4, [%x[r]]\n\t"
"stp x5, x6, [%x[r], #16]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
);
}
@@ -197,7 +207,7 @@ void fe_neg(fe r, const fe a)
"stp x8, x9, [%x[r], #16]\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
);
}
@@ -222,7 +232,7 @@ int fe_isnonzero(const fe a)
"orr %x[a], %x[a], x3\n\t"
: [a] "+r" (a)
:
- : "memory", "x1", "x2", "x3", "x4", "x5", "x6"
+ : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -241,7 +251,7 @@ int fe_isnegative(const fe a)
"eor %x[a], %x[a], x5, lsr 63\n\t"
: [a] "+r" (a)
:
- : "memory", "x1", "x2", "x3", "x4", "x5", "x6"
+ : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -456,10 +466,11 @@ void fe_cmov_table(fe* r, fe* base, signed char b)
"ldp x29, x30, [sp], #32\n\t"
: [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
:
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
);
}
+#endif /* HAVE_ED25519 */
void fe_mul(fe r, const fe a, const fe b)
{
__asm__ __volatile__ (
@@ -468,136 +479,122 @@ void fe_mul(fe r, const fe a, const fe b)
"ldp x16, x17, [%x[a], #16]\n\t"
"ldp x19, x20, [%x[b]]\n\t"
"ldp x21, x22, [%x[b], #16]\n\t"
- /* A[0] * B[0] */
- "mul x6, x14, x19\n\t"
+ /* A[0] * B[0] */
"umulh x7, x14, x19\n\t"
- /* A[0] * B[1] */
- "mul x3, x14, x20\n\t"
- "umulh x8, x14, x20\n\t"
- "adds x7, x7, x3\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[0] */
+ "mul x6, x14, x19\n\t"
+ /* A[2] * B[0] */
+ "umulh x9, x16, x19\n\t"
+ "mul x8, x16, x19\n\t"
+ /* A[1] * B[0] */
"mul x3, x15, x19\n\t"
+ "adds x7, x7, x3\n\t"
"umulh x4, x15, x19\n\t"
+ "adcs x8, x8, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x11, x15, x22\n\t"
+ "adc x9, x9, xzr\n\t"
+ "mul x10, x15, x22\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x14, x20\n\t"
"adds x7, x7, x3\n\t"
+ "umulh x4, x14, x20\n\t"
"adcs x8, x8, x4\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x14, x21\n\t"
- "umulh x4, x14, x21\n\t"
- "adds x8, x8, x3\n\t"
- "adc x9, x9, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x15, x20\n\t"
- "umulh x4, x15, x20\n\t"
- "adds x8, x8, x3\n\t"
- "adcs x9, x9, x4\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x16, x19\n\t"
- "umulh x4, x16, x19\n\t"
- "adds x8, x8, x3\n\t"
- "adcs x9, x9, x4\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x14, x22\n\t"
- "umulh x4, x14, x22\n\t"
- "adds x9, x9, x3\n\t"
- "adcs x10, x10, x4\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x15, x21\n\t"
- "umulh x4, x15, x21\n\t"
- "adds x9, x9, x3\n\t"
- "adcs x10, x10, x4\n\t"
- "adc x11, x11, xzr\n\t"
- /* A[2] * B[1] */
+ /* A[2] * B[1] */
"mul x3, x16, x20\n\t"
+ "adcs x9, x9, x3\n\t"
"umulh x4, x16, x20\n\t"
- "adds x9, x9, x3\n\t"
"adcs x10, x10, x4\n\t"
"adc x11, x11, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x17, x19\n\t"
- "umulh x4, x17, x19\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x15, x21\n\t"
"adds x9, x9, x3\n\t"
+ "umulh x4, x15, x21\n\t"
"adcs x10, x10, x4\n\t"
- "adc x11, x11, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x15, x22\n\t"
- "umulh x4, x15, x22\n\t"
- "adds x10, x10, x3\n\t"
- "adcs x11, x11, x4\n\t"
+ "adcs x11, x11, xzr\n\t"
"adc x12, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x16, x21\n\t"
- "umulh x4, x16, x21\n\t"
- "adds x10, x10, x3\n\t"
- "adcs x11, x11, x4\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x14, x21\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x21\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adcs x11, x11, xzr\n\t"
"adc x12, x12, xzr\n\t"
- /* A[3] * B[1] */
+ /* A[1] * B[1] */
+ "mul x3, x15, x20\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x15, x20\n\t"
+ "adcs x9, x9, x4\n\t"
+ /* A[3] * B[1] */
"mul x3, x17, x20\n\t"
+ "adcs x10, x10, x3\n\t"
"umulh x4, x17, x20\n\t"
- "adds x10, x10, x3\n\t"
"adcs x11, x11, x4\n\t"
"adc x12, x12, xzr\n\t"
- /* A[2] * B[3] */
+ /* A[2] * B[2] */
+ "mul x3, x16, x21\n\t"
+ "adds x10, x10, x3\n\t"
+ "umulh x4, x16, x21\n\t"
+ "adcs x11, x11, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x17, x22\n\t"
+ "adcs x12, x12, x3\n\t"
+ "umulh x13, x17, x22\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x14, x22\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x14, x22\n\t"
+ "adcs x10, x10, x4\n\t"
+ /* A[2] * B[3] */
"mul x3, x16, x22\n\t"
+ "adcs x11, x11, x3\n\t"
"umulh x4, x16, x22\n\t"
- "adds x11, x11, x3\n\t"
"adcs x12, x12, x4\n\t"
- "adc x13, xzr, xzr\n\t"
- /* A[3] * B[2] */
+ "adc x13, x13, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x17, x19\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x17, x19\n\t"
+ "adcs x10, x10, x4\n\t"
+ /* A[3] * B[2] */
"mul x3, x17, x21\n\t"
+ "adcs x11, x11, x3\n\t"
"umulh x4, x17, x21\n\t"
- "adds x11, x11, x3\n\t"
"adcs x12, x12, x4\n\t"
"adc x13, x13, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x17, x22\n\t"
- "umulh x4, x17, x22\n\t"
- "adds x12, x12, x3\n\t"
- "adc x13, x13, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x13, x13, x12, #63\n\t"
- "extr x12, x12, x11, #63\n\t"
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x13\n\t"
+ "adds x9, x9, x4\n\t"
+ "umulh x5, x3, x13\n\t"
+ "adc x5, x5, xzr\n\t"
"mov x3, #19\n\t"
+ "extr x5, x5, x9, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x9, x9, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x10\n\t"
- "umulh x10, x3, x10\n\t"
"adds x6, x6, x4\n\t"
+ "umulh x10, x3, x10\n\t"
"mul x4, x3, x11\n\t"
- "umulh x11, x3, x11\n\t"
"adcs x7, x7, x4\n\t"
+ "umulh x11, x3, x11\n\t"
"mul x4, x3, x12\n\t"
- "umulh x12, x3, x12\n\t"
"adcs x8, x8, x4\n\t"
- "mul x4, x3, x13\n\t"
- "umulh x5, x3, x13\n\t"
- "adcs x9, x9, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x7, x7, x10\n\t"
- "adcs x8, x8, x11\n\t"
- "adcs x9, x9, x12\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
- "extr x5, x5, x9, #63\n\t"
- "mul x5, x5, x3\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- "adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
+ "umulh x12, x3, x12\n\t"
"adc x9, x9, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x9, asr 63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x6, x6, x5\n\t"
+ "adcs x7, x7, x10\n\t"
+ "adcs x8, x8, x11\n\t"
+ "adc x9, x9, x12\n\t"
+ /* Reduce if top bit set */
+ "mov x3, #19\n\t"
+ "and x4, x3, x9, asr 63\n\t"
+ "adds x6, x6, x4\n\t"
"adcs x7, x7, xzr\n\t"
+ "and x9, x9, #0x7fffffffffffffff\n\t"
"adcs x8, x8, xzr\n\t"
"adc x9, x9, xzr\n\t"
/* Store */
@@ -605,7 +602,7 @@ void fe_mul(fe r, const fe a, const fe b)
"stp x8, x9, [%x[r], #16]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
);
}
@@ -616,33 +613,30 @@ void fe_sq(fe r, const fe a)
"ldp x13, x14, [%x[a]]\n\t"
"ldp x15, x16, [%x[a], #16]\n\t"
/* A[0] * A[1] */
- "mul x6, x13, x14\n\t"
"umulh x7, x13, x14\n\t"
+ "mul x6, x13, x14\n\t"
+ /* A[0] * A[3] */
+ "umulh x9, x13, x16\n\t"
+ "mul x8, x13, x16\n\t"
/* A[0] * A[2] */
"mul x2, x13, x15\n\t"
- "umulh x8, x13, x15\n\t"
"adds x7, x7, x2\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[0] * A[3] */
- "mul x2, x13, x16\n\t"
- "umulh x9, x13, x16\n\t"
- "adds x8, x8, x2\n\t"
- "adc x9, x9, xzr\n\t"
+ "umulh x3, x13, x15\n\t"
+ "adcs x8, x8, x3\n\t"
+ /* A[1] * A[3] */
+ "mul x2, x14, x16\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x10, x14, x16\n\t"
+ "adc x10, x10, xzr\n\t"
/* A[1] * A[2] */
"mul x2, x14, x15\n\t"
- "umulh x3, x14, x15\n\t"
"adds x8, x8, x2\n\t"
+ "umulh x3, x14, x15\n\t"
"adcs x9, x9, x3\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[1] * A[3] */
- "mul x2, x14, x16\n\t"
- "umulh x3, x14, x16\n\t"
- "adds x9, x9, x2\n\t"
- "adc x10, x10, x3\n\t"
/* A[2] * A[3] */
"mul x2, x15, x16\n\t"
+ "adcs x10, x10, x2\n\t"
"umulh x11, x15, x16\n\t"
- "adds x10, x10, x2\n\t"
"adc x11, x11, xzr\n\t"
/* Double */
"adds x6, x6, x6\n\t"
@@ -653,66 +647,56 @@ void fe_sq(fe r, const fe a)
"adcs x11, x11, x11\n\t"
"adc x12, xzr, xzr\n\t"
/* A[0] * A[0] */
+ "umulh x3, x13, x13\n\t"
"mul x5, x13, x13\n\t"
- "umulh x4, x13, x13\n\t"
/* A[1] * A[1] */
"mul x2, x14, x14\n\t"
+ "adds x6, x6, x3\n\t"
"umulh x3, x14, x14\n\t"
- "adds x6, x6, x4\n\t"
"adcs x7, x7, x2\n\t"
- "adc x4, x3, xzr\n\t"
/* A[2] * A[2] */
"mul x2, x15, x15\n\t"
+ "adcs x8, x8, x3\n\t"
"umulh x3, x15, x15\n\t"
- "adds x8, x8, x4\n\t"
"adcs x9, x9, x2\n\t"
- "adc x4, x3, xzr\n\t"
/* A[3] * A[3] */
"mul x2, x16, x16\n\t"
+ "adcs x10, x10, x3\n\t"
"umulh x3, x16, x16\n\t"
- "adds x10, x10, x4\n\t"
"adcs x11, x11, x2\n\t"
"adc x12, x12, x3\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x12, x12, x11, #63\n\t"
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "and x8, x8, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x2, #38\n\t"
+ "mul x3, x2, x12\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x2, x12\n\t"
+ "adc x4, x4, xzr\n\t"
"mov x2, #19\n\t"
+ "extr x4, x4, x8, #63\n\t"
+ "mul x4, x4, x2\n\t"
+ "and x8, x8, #0x7fffffffffffffff\n\t"
+ "mov x2, #38\n\t"
"mul x3, x2, x9\n\t"
- "umulh x9, x2, x9\n\t"
"adds x5, x5, x3\n\t"
+ "umulh x9, x2, x9\n\t"
"mul x3, x2, x10\n\t"
- "umulh x10, x2, x10\n\t"
"adcs x6, x6, x3\n\t"
+ "umulh x10, x2, x10\n\t"
"mul x3, x2, x11\n\t"
- "umulh x11, x2, x11\n\t"
"adcs x7, x7, x3\n\t"
- "mul x3, x2, x12\n\t"
- "umulh x4, x2, x12\n\t"
- "adcs x8, x8, x3\n\t"
- "adc x4, x4, xzr\n\t"
- /* Add remaining product results in */
- "adds x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
- "adcs x8, x8, x11\n\t"
- "adc x4, x4, xzr\n\t"
- /* Overflow */
- "extr x4, x4, x8, #63\n\t"
- "mul x4, x4, x2\n\t"
- "and x8, x8, #0x7fffffffffffffff\n\t"
- "adds x5, x5, x4\n\t"
- "adcs x6, x6, xzr\n\t"
- "adcs x7, x7, xzr\n\t"
+ "umulh x11, x2, x11\n\t"
"adc x8, x8, xzr\n\t"
- /* Reduce if top bit set */
- "and x4, x2, x8, asr 63\n\t"
- "and x8, x8, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x5, x5, x4\n\t"
+ "adcs x6, x6, x9\n\t"
+ "adcs x7, x7, x10\n\t"
+ "adc x8, x8, x11\n\t"
+ /* Reduce if top bit set */
+ "mov x2, #19\n\t"
+ "and x3, x2, x8, asr 63\n\t"
+ "adds x5, x5, x3\n\t"
"adcs x6, x6, xzr\n\t"
+ "and x8, x8, #0x7fffffffffffffff\n\t"
"adcs x7, x7, xzr\n\t"
"adc x8, x8, xzr\n\t"
/* Store */
@@ -720,7 +704,7 @@ void fe_sq(fe r, const fe a)
"stp x7, x8, [%x[r], #16]\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "cc"
);
}
@@ -792,63 +776,199 @@ void fe_invert(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x50\n\t"
-#ifndef NDEBUG
- "add x1, x29, #48\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x20, #3\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 5 times */
+ "mov x20, #5\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_invert1_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert1_%=\n\t"
- "add x0, x29, #48\n\t"
+ "bne L_fe_invert1_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x50\n\t"
+ "add x0, x29, #48\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x50\n\t"
"add x2, x29, #48\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x50\n\t"
- "add x1, x29, #48\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x20, #8\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 10 times */
+ "mov x20, #10\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_invert2_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert2_%=\n\t"
-#ifndef NDEBUG
+ "bne L_fe_invert2_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
"add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #0x50\n\t"
#endif /* !NDEBUG */
@@ -858,87 +978,298 @@ void fe_invert(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x70\n\t"
-#ifndef NDEBUG
- "add x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x20, #18\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 20 times */
+ "mov x20, #20\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_fe_invert3_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert3_%=\n\t"
- "add x0, x29, #0x50\n\t"
+ "bne L_fe_invert3_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x70\n\t"
+ "add x0, x29, #0x50\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x70\n\t"
"add x2, x29, #0x50\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x20, #9\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 10 times */
+ "mov x20, #10\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_fe_invert4_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert4_%=\n\t"
+ "bne L_fe_invert4_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
"add x0, x29, #48\n\t"
-#ifndef NDEBUG
"add x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #48\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x50\n\t"
- "add x1, x29, #48\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x20, #48\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 50 times */
+ "mov x20, #50\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_invert5_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert5_%=\n\t"
-#ifndef NDEBUG
+ "bne L_fe_invert5_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
"add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #0x50\n\t"
#endif /* !NDEBUG */
@@ -948,81 +1279,299 @@ void fe_invert(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x70\n\t"
-#ifndef NDEBUG
- "add x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x20, #0x62\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 100 times */
+ "mov x20, #0x64\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_fe_invert6_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert6_%=\n\t"
- "add x0, x29, #0x50\n\t"
+ "bne L_fe_invert6_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x70\n\t"
+ "add x0, x29, #0x50\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x70\n\t"
"add x2, x29, #0x50\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x20, #49\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 50 times */
+ "mov x20, #50\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_fe_invert7_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert7_%=\n\t"
+ "bne L_fe_invert7_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
"add x0, x29, #48\n\t"
-#ifndef NDEBUG
"add x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #48\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x20, #4\n\t"
-#ifndef NDEBUG
- "add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #48\n\t"
+ /* Loop: 5 times */
+ "mov x20, #5\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_invert8_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x20, x20, #1\n\t"
- "bcs L_fe_invert8_%=\n\t"
+ "bne L_fe_invert8_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #48]\n\t"
+ "stp x8, x9, [x29, #64]\n\t"
"ldr x0, [x29, #144]\n\t"
-#ifndef NDEBUG
"add x1, x29, #48\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #16\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
@@ -1032,7 +1581,7 @@ void fe_invert(fe r, const fe a)
"ldp x29, x30, [sp], #0xa0\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "x2", "x20"
+ : "memory", "x2", "x20", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
);
}
@@ -1044,424 +1593,365 @@ int curve25519(byte* r, const byte* n, const byte* a)
"mov x23, xzr\n\t"
"str %x[r], [x29, #176]\n\t"
"str %x[a], [x29, #184]\n\t"
- /* Copy */
"ldp x6, x7, [%x[a]]\n\t"
"ldp x8, x9, [%x[a], #16]\n\t"
- "stp x6, x7, [x29, #80]\n\t"
- "stp x8, x9, [x29, #96]\n\t"
- /* Set one */
- "mov %x[a], #1\n\t"
- "stp %x[a], xzr, [%x[r]]\n\t"
- "stp xzr, xzr, [%x[r], #16]\n\t"
+ "mov x10, #1\n\t"
+ "mov x11, xzr\n\t"
+ "mov x12, xzr\n\t"
+ "mov x13, xzr\n\t"
+ "stp x10, x11, [%x[r]]\n\t"
+ "stp x12, x13, [%x[r], #16]\n\t"
/* Set zero */
"stp xzr, xzr, [x29, #16]\n\t"
"stp xzr, xzr, [x29, #32]\n\t"
- /* Set one */
- "mov %x[a], #1\n\t"
- "stp %x[a], xzr, [x29, #48]\n\t"
- "stp xzr, xzr, [x29, #64]\n\t"
- "mov x25, #62\n\t"
- "mov x24, #24\n\t"
- "\n"
- "L_curve25519_words_%=: \n\t"
+ "mov x24, #0xfe\n\t"
"\n"
"L_curve25519_bits_%=: \n\t"
- "ldr %x[a], [%x[n], x24]\n\t"
- "lsr %x[a], %x[a], x25\n\t"
- "and %x[a], %x[a], #1\n\t"
- "eor x23, x23, %x[a]\n\t"
+ "lsr x3, x24, #6\n\t"
+ "and x4, x24, #63\n\t"
+ "ldr x5, [%x[n], x3, LSL 3]\n\t"
+ "lsr x5, x5, x4\n\t"
+ "eor x23, x23, x5\n\t"
+ /* Conditional Swap */
+ "subs xzr, xzr, x23, lsl 63\n\t"
+ "ldp x25, x26, [x29, #16]\n\t"
+ "ldp x27, x28, [x29, #32]\n\t"
+ "csel x19, x25, x10, ne\n\t"
+ "csel x25, x10, x25, ne\n\t"
+ "csel x20, x26, x11, ne\n\t"
+ "csel x26, x11, x26, ne\n\t"
+ "csel x21, x27, x12, ne\n\t"
+ "csel x27, x12, x27, ne\n\t"
+ "csel x22, x28, x13, ne\n\t"
+ "csel x28, x13, x28, ne\n\t"
/* Conditional Swap */
- "cmp x23, #1\n\t"
+ "subs xzr, xzr, x23, lsl 63\n\t"
"ldp x10, x11, [%x[r]]\n\t"
"ldp x12, x13, [%x[r], #16]\n\t"
- "ldp x6, x7, [x29, #80]\n\t"
- "ldp x8, x9, [x29, #96]\n\t"
- "csel x14, x10, x6, eq\n\t"
- "csel x10, x6, x10, eq\n\t"
- "csel x15, x11, x7, eq\n\t"
- "csel x11, x7, x11, eq\n\t"
- "csel x16, x12, x8, eq\n\t"
- "csel x12, x8, x12, eq\n\t"
- "csel x17, x13, x9, eq\n\t"
- "csel x13, x9, x13, eq\n\t"
- /* Conditional Swap */
- "cmp x23, #1\n\t"
- "ldp x19, x20, [x29, #16]\n\t"
- "ldp x21, x22, [x29, #32]\n\t"
- "ldp x6, x7, [x29, #48]\n\t"
- "ldp x8, x9, [x29, #64]\n\t"
- "csel x5, x19, x6, eq\n\t"
- "csel x19, x6, x19, eq\n\t"
- "csel x26, x20, x7, eq\n\t"
- "csel x20, x7, x20, eq\n\t"
- "csel x27, x21, x8, eq\n\t"
- "csel x21, x8, x21, eq\n\t"
- "csel x28, x22, x9, eq\n\t"
- "csel x22, x9, x22, eq\n\t"
- "mov x23, %x[a]\n\t"
+ "csel x14, x10, x6, ne\n\t"
+ "csel x10, x6, x10, ne\n\t"
+ "csel x15, x11, x7, ne\n\t"
+ "csel x11, x7, x11, ne\n\t"
+ "csel x16, x12, x8, ne\n\t"
+ "csel x12, x8, x12, ne\n\t"
+ "csel x17, x13, x9, ne\n\t"
+ "csel x13, x9, x13, ne\n\t"
+ "mov x23, x5\n\t"
/* Add */
- "adds x6, x10, x19\n\t"
- "adcs x7, x11, x20\n\t"
- "adcs x8, x12, x21\n\t"
- "adc x9, x13, x22\n\t"
- "mov x3, #-19\n\t"
- "asr %x[a], x9, #63\n\t"
- /* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "adds x6, x10, x25\n\t"
+ "adcs x7, x11, x26\n\t"
+ "adcs x8, x12, x27\n\t"
+ "adcs x9, x13, x28\n\t"
+ "cset x5, cs\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x9, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Sub modulus (if overflow) */
- "subs x6, x6, x3\n\t"
- "sbcs x7, x7, %x[a]\n\t"
- "sbcs x8, x8, %x[a]\n\t"
- "sbc x9, x9, x4\n\t"
+ "adds x6, x6, x3\n\t"
+ "adcs x7, x7, xzr\n\t"
+ "and x9, x9, #0x7fffffffffffffff\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adc x9, x9, xzr\n\t"
/* Sub */
- "subs x19, x10, x19\n\t"
- "sbcs x20, x11, x20\n\t"
- "sbcs x21, x12, x21\n\t"
- "sbcs x22, x13, x22\n\t"
+ "subs x25, x10, x25\n\t"
+ "sbcs x26, x11, x26\n\t"
+ "sbcs x27, x12, x27\n\t"
+ "sbcs x28, x13, x28\n\t"
+ "csetm x5, cc\n\t"
"mov x3, #-19\n\t"
- "csetm %x[a], cc\n\t"
- /* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "extr x5, x5, x28, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Add modulus (if underflow) */
- "adds x19, x19, x3\n\t"
- "adcs x20, x20, %x[a]\n\t"
- "adcs x21, x21, %x[a]\n\t"
- "adc x22, x22, x4\n\t"
- "stp x19, x20, [x29, #144]\n\t"
- "stp x21, x22, [x29, #160]\n\t"
+ "subs x25, x25, x3\n\t"
+ "sbcs x26, x26, xzr\n\t"
+ "and x28, x28, #0x7fffffffffffffff\n\t"
+ "sbcs x27, x27, xzr\n\t"
+ "sbc x28, x28, xzr\n\t"
+ "stp x25, x26, [x29, #80]\n\t"
+ "stp x27, x28, [x29, #96]\n\t"
/* Add */
- "adds x10, x14, x5\n\t"
- "adcs x11, x15, x26\n\t"
- "adcs x12, x16, x27\n\t"
- "adc x13, x17, x28\n\t"
- "mov x3, #-19\n\t"
- "asr %x[a], x13, #63\n\t"
- /* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "adds x10, x14, x19\n\t"
+ "adcs x11, x15, x20\n\t"
+ "adcs x12, x16, x21\n\t"
+ "adcs x13, x17, x22\n\t"
+ "cset x5, cs\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Sub modulus (if overflow) */
- "subs x10, x10, x3\n\t"
- "sbcs x11, x11, %x[a]\n\t"
- "sbcs x12, x12, %x[a]\n\t"
- "sbc x13, x13, x4\n\t"
+ "adds x10, x10, x3\n\t"
+ "adcs x11, x11, xzr\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "adcs x12, x12, xzr\n\t"
+ "adc x13, x13, xzr\n\t"
/* Sub */
- "subs x14, x14, x5\n\t"
- "sbcs x15, x15, x26\n\t"
- "sbcs x16, x16, x27\n\t"
- "sbcs x17, x17, x28\n\t"
+ "subs x14, x14, x19\n\t"
+ "sbcs x15, x15, x20\n\t"
+ "sbcs x16, x16, x21\n\t"
+ "sbcs x17, x17, x22\n\t"
+ "csetm x5, cc\n\t"
"mov x3, #-19\n\t"
- "csetm %x[a], cc\n\t"
- /* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Add modulus (if underflow) */
- "adds x14, x14, x3\n\t"
- "adcs x15, x15, %x[a]\n\t"
- "adcs x16, x16, %x[a]\n\t"
- "adc x17, x17, x4\n\t"
+ "subs x14, x14, x3\n\t"
+ "sbcs x15, x15, xzr\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "sbcs x16, x16, xzr\n\t"
+ "sbc x17, x17, xzr\n\t"
/* Multiply */
- /* A[0] * B[0] */
- "mul x19, x14, x6\n\t"
+ /* A[0] * B[0] */
"umulh x20, x14, x6\n\t"
- /* A[0] * B[1] */
- "mul x3, x14, x7\n\t"
- "umulh x21, x14, x7\n\t"
- "adds x20, x20, x3\n\t"
- "adc x21, x21, xzr\n\t"
- /* A[1] * B[0] */
+ "mul x19, x14, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x22, x16, x6\n\t"
+ "mul x21, x16, x6\n\t"
+ /* A[1] * B[0] */
"mul x3, x15, x6\n\t"
+ "adds x20, x20, x3\n\t"
"umulh x4, x15, x6\n\t"
+ "adcs x21, x21, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x26, x15, x9\n\t"
+ "adc x22, x22, xzr\n\t"
+ "mul x25, x15, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x14, x7\n\t"
"adds x20, x20, x3\n\t"
+ "umulh x4, x14, x7\n\t"
"adcs x21, x21, x4\n\t"
- "adc x22, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x14, x8\n\t"
- "umulh x4, x14, x8\n\t"
- "adds x21, x21, x3\n\t"
- "adc x22, x22, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x15, x7\n\t"
- "umulh x4, x15, x7\n\t"
- "adds x21, x21, x3\n\t"
- "adcs x22, x22, x4\n\t"
- "adc %x[a], xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x16, x6\n\t"
- "umulh x4, x16, x6\n\t"
- "adds x21, x21, x3\n\t"
- "adcs x22, x22, x4\n\t"
- "adc %x[a], %x[a], xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x14, x9\n\t"
- "umulh x4, x14, x9\n\t"
- "adds x22, x22, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x15, x8\n\t"
- "umulh x4, x15, x8\n\t"
- "adds x22, x22, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[2] * B[1] */
+ /* A[2] * B[1] */
"mul x3, x16, x7\n\t"
+ "adcs x22, x22, x3\n\t"
"umulh x4, x16, x7\n\t"
- "adds x22, x22, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
+ "adcs x25, x25, x4\n\t"
"adc x26, x26, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x17, x6\n\t"
- "umulh x4, x17, x6\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x15, x8\n\t"
"adds x22, x22, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x15, x9\n\t"
- "umulh x4, x15, x9\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
+ "umulh x4, x15, x8\n\t"
+ "adcs x25, x25, x4\n\t"
+ "adcs x26, x26, xzr\n\t"
"adc x27, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x16, x8\n\t"
- "umulh x4, x16, x8\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x14, x8\n\t"
+ "adds x21, x21, x3\n\t"
+ "umulh x4, x14, x8\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x25, x25, xzr\n\t"
+ "adcs x26, x26, xzr\n\t"
"adc x27, x27, xzr\n\t"
- /* A[3] * B[1] */
+ /* A[1] * B[1] */
+ "mul x3, x15, x7\n\t"
+ "adds x21, x21, x3\n\t"
+ "umulh x4, x15, x7\n\t"
+ "adcs x22, x22, x4\n\t"
+ /* A[3] * B[1] */
"mul x3, x17, x7\n\t"
+ "adcs x25, x25, x3\n\t"
"umulh x4, x17, x7\n\t"
- "adds %x[a], %x[a], x3\n\t"
"adcs x26, x26, x4\n\t"
"adc x27, x27, xzr\n\t"
- /* A[2] * B[3] */
+ /* A[2] * B[2] */
+ "mul x3, x16, x8\n\t"
+ "adds x25, x25, x3\n\t"
+ "umulh x4, x16, x8\n\t"
+ "adcs x26, x26, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x17, x9\n\t"
+ "adcs x27, x27, x3\n\t"
+ "umulh x28, x17, x9\n\t"
+ "adc x28, x28, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x14, x9\n\t"
+ "adds x22, x22, x3\n\t"
+ "umulh x4, x14, x9\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[2] * B[3] */
"mul x3, x16, x9\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x4, x16, x9\n\t"
- "adds x26, x26, x3\n\t"
"adcs x27, x27, x4\n\t"
- "adc x28, xzr, xzr\n\t"
- /* A[3] * B[2] */
+ "adc x28, x28, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x17, x6\n\t"
+ "adds x22, x22, x3\n\t"
+ "umulh x4, x17, x6\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[3] * B[2] */
"mul x3, x17, x8\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x4, x17, x8\n\t"
- "adds x26, x26, x3\n\t"
"adcs x27, x27, x4\n\t"
"adc x28, x28, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x17, x9\n\t"
- "umulh x4, x17, x9\n\t"
- "adds x27, x27, x3\n\t"
- "adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x22, #63\n\t"
- "and x22, x22, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x19, x19, x4\n\t"
- "mul x4, x3, x26\n\t"
- "umulh x26, x3, x26\n\t"
- "adcs x20, x20, x4\n\t"
- "mul x4, x3, x27\n\t"
- "umulh x27, x3, x27\n\t"
- "adcs x21, x21, x4\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x28\n\t"
+ "adds x22, x22, x4\n\t"
"umulh x5, x3, x28\n\t"
- "adcs x22, x22, x4\n\t"
"adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x20, x20, %x[a]\n\t"
- "adcs x21, x21, x26\n\t"
- "adcs x22, x22, x27\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
+ "mov x3, #19\n\t"
"extr x5, x5, x22, #63\n\t"
"mul x5, x5, x3\n\t"
"and x22, x22, #0x7fffffffffffffff\n\t"
- "adds x19, x19, x5\n\t"
- "adcs x20, x20, xzr\n\t"
- "adcs x21, x21, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x19, x19, x4\n\t"
+ "umulh x25, x3, x25\n\t"
+ "mul x4, x3, x26\n\t"
+ "adcs x20, x20, x4\n\t"
+ "umulh x26, x3, x26\n\t"
+ "mul x4, x3, x27\n\t"
+ "adcs x21, x21, x4\n\t"
+ "umulh x27, x3, x27\n\t"
"adc x22, x22, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x22, asr 63\n\t"
- "and x22, x22, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x19, x19, x5\n\t"
- "adcs x20, x20, xzr\n\t"
- "adcs x21, x21, xzr\n\t"
- "adc x22, x22, xzr\n\t"
+ "adcs x20, x20, x25\n\t"
+ "adcs x21, x21, x26\n\t"
+ "adc x22, x22, x27\n\t"
/* Store */
- "stp x19, x20, [x29, #112]\n\t"
- "stp x21, x22, [x29, #128]\n\t"
+ "stp x19, x20, [x29, #48]\n\t"
+ "stp x21, x22, [x29, #64]\n\t"
/* Multiply */
- "ldp %x[a], x26, [x29, #144]\n\t"
- "ldp x27, x28, [x29, #160]\n\t"
- /* A[0] * B[0] */
- "mul x19, x10, %x[a]\n\t"
- "umulh x20, x10, %x[a]\n\t"
- /* A[0] * B[1] */
- "mul x3, x10, x26\n\t"
- "umulh x21, x10, x26\n\t"
+ "ldp x25, x26, [x29, #80]\n\t"
+ "ldp x27, x28, [x29, #96]\n\t"
+ /* A[0] * B[0] */
+ "umulh x20, x10, x25\n\t"
+ "mul x19, x10, x25\n\t"
+ /* A[2] * B[0] */
+ "umulh x22, x12, x25\n\t"
+ "mul x21, x12, x25\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x11, x25\n\t"
"adds x20, x20, x3\n\t"
- "adc x21, x21, xzr\n\t"
- /* A[1] * B[0] */
- "mul x3, x11, %x[a]\n\t"
- "umulh x4, x11, %x[a]\n\t"
+ "umulh x4, x11, x25\n\t"
+ "adcs x21, x21, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x15, x11, x28\n\t"
+ "adc x22, x22, xzr\n\t"
+ "mul x14, x11, x28\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x10, x26\n\t"
"adds x20, x20, x3\n\t"
+ "umulh x4, x10, x26\n\t"
"adcs x21, x21, x4\n\t"
- "adc x22, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x10, x27\n\t"
- "umulh x4, x10, x27\n\t"
- "adds x21, x21, x3\n\t"
- "adc x22, x22, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x11, x26\n\t"
- "umulh x4, x11, x26\n\t"
- "adds x21, x21, x3\n\t"
- "adcs x22, x22, x4\n\t"
- "adc x14, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x12, %x[a]\n\t"
- "umulh x4, x12, %x[a]\n\t"
- "adds x21, x21, x3\n\t"
- "adcs x22, x22, x4\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x10, x28\n\t"
- "umulh x4, x10, x28\n\t"
- "adds x22, x22, x3\n\t"
- "adcs x14, x14, x4\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x11, x27\n\t"
- "umulh x4, x11, x27\n\t"
- "adds x22, x22, x3\n\t"
- "adcs x14, x14, x4\n\t"
- "adc x15, x15, xzr\n\t"
- /* A[2] * B[1] */
+ /* A[2] * B[1] */
"mul x3, x12, x26\n\t"
+ "adcs x22, x22, x3\n\t"
"umulh x4, x12, x26\n\t"
- "adds x22, x22, x3\n\t"
"adcs x14, x14, x4\n\t"
"adc x15, x15, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x13, %x[a]\n\t"
- "umulh x4, x13, %x[a]\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x11, x27\n\t"
"adds x22, x22, x3\n\t"
+ "umulh x4, x11, x27\n\t"
"adcs x14, x14, x4\n\t"
- "adc x15, x15, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x11, x28\n\t"
- "umulh x4, x11, x28\n\t"
- "adds x14, x14, x3\n\t"
- "adcs x15, x15, x4\n\t"
+ "adcs x15, x15, xzr\n\t"
"adc x16, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x12, x27\n\t"
- "umulh x4, x12, x27\n\t"
- "adds x14, x14, x3\n\t"
- "adcs x15, x15, x4\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x10, x27\n\t"
+ "adds x21, x21, x3\n\t"
+ "umulh x4, x10, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x14, x14, xzr\n\t"
+ "adcs x15, x15, xzr\n\t"
"adc x16, x16, xzr\n\t"
- /* A[3] * B[1] */
+ /* A[1] * B[1] */
+ "mul x3, x11, x26\n\t"
+ "adds x21, x21, x3\n\t"
+ "umulh x4, x11, x26\n\t"
+ "adcs x22, x22, x4\n\t"
+ /* A[3] * B[1] */
"mul x3, x13, x26\n\t"
+ "adcs x14, x14, x3\n\t"
"umulh x4, x13, x26\n\t"
- "adds x14, x14, x3\n\t"
"adcs x15, x15, x4\n\t"
"adc x16, x16, xzr\n\t"
- /* A[2] * B[3] */
+ /* A[2] * B[2] */
+ "mul x3, x12, x27\n\t"
+ "adds x14, x14, x3\n\t"
+ "umulh x4, x12, x27\n\t"
+ "adcs x15, x15, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x13, x28\n\t"
+ "adcs x16, x16, x3\n\t"
+ "umulh x17, x13, x28\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x10, x28\n\t"
+ "adds x22, x22, x3\n\t"
+ "umulh x4, x10, x28\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * B[3] */
"mul x3, x12, x28\n\t"
+ "adcs x15, x15, x3\n\t"
"umulh x4, x12, x28\n\t"
- "adds x15, x15, x3\n\t"
"adcs x16, x16, x4\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[3] * B[2] */
+ "adc x17, x17, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x13, x25\n\t"
+ "adds x22, x22, x3\n\t"
+ "umulh x4, x13, x25\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[3] * B[2] */
"mul x3, x13, x27\n\t"
+ "adcs x15, x15, x3\n\t"
"umulh x4, x13, x27\n\t"
- "adds x15, x15, x3\n\t"
"adcs x16, x16, x4\n\t"
"adc x17, x17, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x13, x28\n\t"
- "umulh x4, x13, x28\n\t"
- "adds x16, x16, x3\n\t"
- "adc x17, x17, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x15, #63\n\t"
- "extr x15, x15, x14, #63\n\t"
- "extr x14, x14, x22, #63\n\t"
- "and x22, x22, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x22, x22, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
"mov x3, #19\n\t"
+ "extr x5, x5, x22, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x22, x22, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x14\n\t"
- "umulh x14, x3, x14\n\t"
"adds x19, x19, x4\n\t"
+ "umulh x14, x3, x14\n\t"
"mul x4, x3, x15\n\t"
- "umulh x15, x3, x15\n\t"
"adcs x20, x20, x4\n\t"
+ "umulh x15, x3, x15\n\t"
"mul x4, x3, x16\n\t"
- "umulh x16, x3, x16\n\t"
"adcs x21, x21, x4\n\t"
- "mul x4, x3, x17\n\t"
- "umulh x5, x3, x17\n\t"
- "adcs x22, x22, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x20, x20, x14\n\t"
- "adcs x21, x21, x15\n\t"
- "adcs x22, x22, x16\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
- "extr x5, x5, x22, #63\n\t"
- "mul x5, x5, x3\n\t"
- "and x22, x22, #0x7fffffffffffffff\n\t"
- "adds x19, x19, x5\n\t"
- "adcs x20, x20, xzr\n\t"
- "adcs x21, x21, xzr\n\t"
+ "umulh x16, x3, x16\n\t"
"adc x22, x22, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x22, asr 63\n\t"
- "and x22, x22, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x19, x19, x5\n\t"
- "adcs x20, x20, xzr\n\t"
- "adcs x21, x21, xzr\n\t"
- "adc x22, x22, xzr\n\t"
- /* Store */
+ "adcs x20, x20, x14\n\t"
+ "adcs x21, x21, x15\n\t"
+ "adc x22, x22, x16\n\t"
/* Square */
/* A[0] * A[1] */
- "mul x11, %x[a], x26\n\t"
- "umulh x12, %x[a], x26\n\t"
+ "umulh x12, x25, x26\n\t"
+ "mul x11, x25, x26\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x25, x28\n\t"
+ "mul x13, x25, x28\n\t"
/* A[0] * A[2] */
- "mul x3, %x[a], x27\n\t"
- "umulh x13, %x[a], x27\n\t"
+ "mul x3, x25, x27\n\t"
"adds x12, x12, x3\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[0] * A[3] */
- "mul x3, %x[a], x28\n\t"
- "umulh x14, %x[a], x28\n\t"
- "adds x13, x13, x3\n\t"
- "adc x14, x14, xzr\n\t"
+ "umulh x4, x25, x27\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x26, x28\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x26, x28\n\t"
+ "adc x15, x15, xzr\n\t"
/* A[1] * A[2] */
"mul x3, x26, x27\n\t"
- "umulh x4, x26, x27\n\t"
"adds x13, x13, x3\n\t"
+ "umulh x4, x26, x27\n\t"
"adcs x14, x14, x4\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[1] * A[3] */
- "mul x3, x26, x28\n\t"
- "umulh x4, x26, x28\n\t"
- "adds x14, x14, x3\n\t"
- "adc x15, x15, x4\n\t"
/* A[2] * A[3] */
"mul x3, x27, x28\n\t"
+ "adcs x15, x15, x3\n\t"
"umulh x16, x27, x28\n\t"
- "adds x15, x15, x3\n\t"
"adc x16, x16, xzr\n\t"
/* Double */
"adds x11, x11, x11\n\t"
@@ -1472,304 +1962,241 @@ int curve25519(byte* r, const byte* n, const byte* a)
"adcs x16, x16, x16\n\t"
"adc x17, xzr, xzr\n\t"
/* A[0] * A[0] */
- "mul x10, %x[a], %x[a]\n\t"
- "umulh x5, %x[a], %x[a]\n\t"
+ "umulh x4, x25, x25\n\t"
+ "mul x10, x25, x25\n\t"
/* A[1] * A[1] */
"mul x3, x26, x26\n\t"
+ "adds x11, x11, x4\n\t"
"umulh x4, x26, x26\n\t"
- "adds x11, x11, x5\n\t"
"adcs x12, x12, x3\n\t"
- "adc x5, x4, xzr\n\t"
/* A[2] * A[2] */
"mul x3, x27, x27\n\t"
+ "adcs x13, x13, x4\n\t"
"umulh x4, x27, x27\n\t"
- "adds x13, x13, x5\n\t"
"adcs x14, x14, x3\n\t"
- "adc x5, x4, xzr\n\t"
/* A[3] * A[3] */
"mul x3, x28, x28\n\t"
+ "adcs x15, x15, x4\n\t"
"umulh x4, x28, x28\n\t"
- "adds x15, x15, x5\n\t"
"adcs x16, x16, x3\n\t"
"adc x17, x17, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x15, #63\n\t"
- "extr x15, x15, x14, #63\n\t"
- "extr x14, x14, x13, #63\n\t"
- "and x13, x13, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
"mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x14\n\t"
- "umulh x14, x3, x14\n\t"
"adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
"mul x4, x3, x15\n\t"
- "umulh x15, x3, x15\n\t"
"adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
"mul x4, x3, x16\n\t"
- "umulh x16, x3, x16\n\t"
"adcs x12, x12, x4\n\t"
- "mul x4, x3, x17\n\t"
- "umulh x5, x3, x17\n\t"
- "adcs x13, x13, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x11, x11, x14\n\t"
- "adcs x12, x12, x15\n\t"
- "adcs x13, x13, x16\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
- "extr x5, x5, x13, #63\n\t"
- "mul x5, x5, x3\n\t"
- "and x13, x13, #0x7fffffffffffffff\n\t"
- "adds x10, x10, x5\n\t"
- "adcs x11, x11, xzr\n\t"
- "adcs x12, x12, xzr\n\t"
+ "umulh x16, x3, x16\n\t"
"adc x13, x13, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x13, asr 63\n\t"
- "and x13, x13, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x10, x10, x5\n\t"
- "adcs x11, x11, xzr\n\t"
- "adcs x12, x12, xzr\n\t"
- "adc x13, x13, xzr\n\t"
- /* Store */
+ "adcs x11, x11, x14\n\t"
+ "adcs x12, x12, x15\n\t"
+ "adc x13, x13, x16\n\t"
/* Square */
/* A[0] * A[1] */
- "mul x15, x6, x7\n\t"
"umulh x16, x6, x7\n\t"
+ "mul x15, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x25, x6, x9\n\t"
+ "mul x17, x6, x9\n\t"
/* A[0] * A[2] */
"mul x3, x6, x8\n\t"
- "umulh x17, x6, x8\n\t"
"adds x16, x16, x3\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[0] * A[3] */
- "mul x3, x6, x9\n\t"
- "umulh %x[a], x6, x9\n\t"
- "adds x17, x17, x3\n\t"
- "adc %x[a], %x[a], xzr\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x25, x25, x3\n\t"
+ "umulh x26, x7, x9\n\t"
+ "adc x26, x26, xzr\n\t"
/* A[1] * A[2] */
"mul x3, x7, x8\n\t"
- "umulh x4, x7, x8\n\t"
"adds x17, x17, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * A[3] */
- "mul x3, x7, x9\n\t"
- "umulh x4, x7, x9\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adc x26, x26, x4\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x25, x25, x4\n\t"
/* A[2] * A[3] */
"mul x3, x8, x9\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x27, x8, x9\n\t"
- "adds x26, x26, x3\n\t"
"adc x27, x27, xzr\n\t"
/* Double */
"adds x15, x15, x15\n\t"
"adcs x16, x16, x16\n\t"
"adcs x17, x17, x17\n\t"
- "adcs %x[a], %x[a], %x[a]\n\t"
+ "adcs x25, x25, x25\n\t"
"adcs x26, x26, x26\n\t"
"adcs x27, x27, x27\n\t"
"adc x28, xzr, xzr\n\t"
/* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
"mul x14, x6, x6\n\t"
- "umulh x5, x6, x6\n\t"
/* A[1] * A[1] */
"mul x3, x7, x7\n\t"
+ "adds x15, x15, x4\n\t"
"umulh x4, x7, x7\n\t"
- "adds x15, x15, x5\n\t"
"adcs x16, x16, x3\n\t"
- "adc x5, x4, xzr\n\t"
/* A[2] * A[2] */
"mul x3, x8, x8\n\t"
+ "adcs x17, x17, x4\n\t"
"umulh x4, x8, x8\n\t"
- "adds x17, x17, x5\n\t"
- "adcs %x[a], %x[a], x3\n\t"
- "adc x5, x4, xzr\n\t"
+ "adcs x25, x25, x3\n\t"
/* A[3] * A[3] */
"mul x3, x9, x9\n\t"
+ "adcs x26, x26, x4\n\t"
"umulh x4, x9, x9\n\t"
- "adds x26, x26, x5\n\t"
"adcs x27, x27, x3\n\t"
"adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x17, #63\n\t"
- "and x17, x17, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x14, x14, x4\n\t"
- "mul x4, x3, x26\n\t"
- "umulh x26, x3, x26\n\t"
- "adcs x15, x15, x4\n\t"
- "mul x4, x3, x27\n\t"
- "umulh x27, x3, x27\n\t"
- "adcs x16, x16, x4\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x28\n\t"
+ "adds x17, x17, x4\n\t"
"umulh x5, x3, x28\n\t"
- "adcs x17, x17, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x15, x15, %x[a]\n\t"
- "adcs x16, x16, x26\n\t"
- "adcs x17, x17, x27\n\t"
"adc x5, x5, xzr\n\t"
- /* Overflow */
+ "mov x3, #19\n\t"
"extr x5, x5, x17, #63\n\t"
"mul x5, x5, x3\n\t"
"and x17, x17, #0x7fffffffffffffff\n\t"
- "adds x14, x14, x5\n\t"
- "adcs x15, x15, xzr\n\t"
- "adcs x16, x16, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x25, x3, x25\n\t"
+ "mul x4, x3, x26\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x26, x3, x26\n\t"
+ "mul x4, x3, x27\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x27, x3, x27\n\t"
"adc x17, x17, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x17, asr 63\n\t"
- "and x17, x17, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x14, x14, x5\n\t"
- "adcs x15, x15, xzr\n\t"
- "adcs x16, x16, xzr\n\t"
- "adc x17, x17, xzr\n\t"
- /* Store */
+ "adcs x15, x15, x25\n\t"
+ "adcs x16, x16, x26\n\t"
+ "adc x17, x17, x27\n\t"
/* Multiply */
- /* A[0] * B[0] */
- "mul x6, x14, x10\n\t"
+ /* A[0] * B[0] */
"umulh x7, x14, x10\n\t"
- /* A[0] * B[1] */
- "mul x3, x14, x11\n\t"
- "umulh x8, x14, x11\n\t"
- "adds x7, x7, x3\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[0] */
+ "mul x6, x14, x10\n\t"
+ /* A[2] * B[0] */
+ "umulh x9, x16, x10\n\t"
+ "mul x8, x16, x10\n\t"
+ /* A[1] * B[0] */
"mul x3, x15, x10\n\t"
+ "adds x7, x7, x3\n\t"
"umulh x4, x15, x10\n\t"
+ "adcs x8, x8, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x26, x15, x13\n\t"
+ "adc x9, x9, xzr\n\t"
+ "mul x25, x15, x13\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x14, x11\n\t"
"adds x7, x7, x3\n\t"
+ "umulh x4, x14, x11\n\t"
"adcs x8, x8, x4\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x14, x12\n\t"
- "umulh x4, x14, x12\n\t"
- "adds x8, x8, x3\n\t"
- "adc x9, x9, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x15, x11\n\t"
- "umulh x4, x15, x11\n\t"
- "adds x8, x8, x3\n\t"
- "adcs x9, x9, x4\n\t"
- "adc %x[a], xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x16, x10\n\t"
- "umulh x4, x16, x10\n\t"
- "adds x8, x8, x3\n\t"
- "adcs x9, x9, x4\n\t"
- "adc %x[a], %x[a], xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x14, x13\n\t"
- "umulh x4, x14, x13\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x15, x12\n\t"
- "umulh x4, x15, x12\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[2] * B[1] */
+ /* A[2] * B[1] */
"mul x3, x16, x11\n\t"
+ "adcs x9, x9, x3\n\t"
"umulh x4, x16, x11\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
+ "adcs x25, x25, x4\n\t"
"adc x26, x26, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x17, x10\n\t"
- "umulh x4, x17, x10\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x15, x12\n\t"
"adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x15, x13\n\t"
- "umulh x4, x15, x13\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
+ "umulh x4, x15, x12\n\t"
+ "adcs x25, x25, x4\n\t"
+ "adcs x26, x26, xzr\n\t"
"adc x27, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x16, x12\n\t"
- "umulh x4, x16, x12\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x14, x12\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x12\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x25, x25, xzr\n\t"
+ "adcs x26, x26, xzr\n\t"
"adc x27, x27, xzr\n\t"
- /* A[3] * B[1] */
+ /* A[1] * B[1] */
+ "mul x3, x15, x11\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x15, x11\n\t"
+ "adcs x9, x9, x4\n\t"
+ /* A[3] * B[1] */
"mul x3, x17, x11\n\t"
+ "adcs x25, x25, x3\n\t"
"umulh x4, x17, x11\n\t"
- "adds %x[a], %x[a], x3\n\t"
"adcs x26, x26, x4\n\t"
"adc x27, x27, xzr\n\t"
- /* A[2] * B[3] */
+ /* A[2] * B[2] */
+ "mul x3, x16, x12\n\t"
+ "adds x25, x25, x3\n\t"
+ "umulh x4, x16, x12\n\t"
+ "adcs x26, x26, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x17, x13\n\t"
+ "adcs x27, x27, x3\n\t"
+ "umulh x28, x17, x13\n\t"
+ "adc x28, x28, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x14, x13\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x14, x13\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[2] * B[3] */
"mul x3, x16, x13\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x4, x16, x13\n\t"
- "adds x26, x26, x3\n\t"
"adcs x27, x27, x4\n\t"
- "adc x28, xzr, xzr\n\t"
- /* A[3] * B[2] */
+ "adc x28, x28, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x17, x10\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x17, x10\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[3] * B[2] */
"mul x3, x17, x12\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x4, x17, x12\n\t"
- "adds x26, x26, x3\n\t"
"adcs x27, x27, x4\n\t"
"adc x28, x28, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x17, x13\n\t"
- "umulh x4, x17, x13\n\t"
- "adds x27, x27, x3\n\t"
- "adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x9, #63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x6, x6, x4\n\t"
- "mul x4, x3, x26\n\t"
- "umulh x26, x3, x26\n\t"
- "adcs x7, x7, x4\n\t"
- "mul x4, x3, x27\n\t"
- "umulh x27, x3, x27\n\t"
- "adcs x8, x8, x4\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x28\n\t"
+ "adds x9, x9, x4\n\t"
"umulh x5, x3, x28\n\t"
- "adcs x9, x9, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x7, x7, %x[a]\n\t"
- "adcs x8, x8, x26\n\t"
- "adcs x9, x9, x27\n\t"
"adc x5, x5, xzr\n\t"
- /* Overflow */
+ "mov x3, #19\n\t"
"extr x5, x5, x9, #63\n\t"
"mul x5, x5, x3\n\t"
"and x9, x9, #0x7fffffffffffffff\n\t"
- "adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x6, x6, x4\n\t"
+ "umulh x25, x3, x25\n\t"
+ "mul x4, x3, x26\n\t"
+ "adcs x7, x7, x4\n\t"
+ "umulh x26, x3, x26\n\t"
+ "mul x4, x3, x27\n\t"
+ "adcs x8, x8, x4\n\t"
+ "umulh x27, x3, x27\n\t"
"adc x9, x9, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x9, asr 63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
- "adc x9, x9, xzr\n\t"
+ "adcs x7, x7, x25\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, x27\n\t"
/* Store */
"stp x6, x7, [%x[r]]\n\t"
"stp x8, x9, [%x[r], #16]\n\t"
@@ -1778,576 +2205,479 @@ int curve25519(byte* r, const byte* n, const byte* a)
"sbcs x15, x15, x11\n\t"
"sbcs x16, x16, x12\n\t"
"sbcs x17, x17, x13\n\t"
+ "csetm x5, cc\n\t"
"mov x3, #-19\n\t"
- "csetm %x[a], cc\n\t"
/* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Add modulus (if underflow) */
- "adds x14, x14, x3\n\t"
- "adcs x15, x15, %x[a]\n\t"
- "adcs x16, x16, %x[a]\n\t"
- "adc x17, x17, x4\n\t"
+ "subs x14, x14, x3\n\t"
+ "sbcs x15, x15, xzr\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "sbcs x16, x16, xzr\n\t"
+ "sbc x17, x17, xzr\n\t"
/* Multiply by 121666 */
"mov x5, #0xdb42\n\t"
"movk x5, #1, lsl 16\n\t"
"mul x6, x14, x5\n\t"
"umulh x7, x14, x5\n\t"
"mul x3, x15, x5\n\t"
- "umulh x4, x15, x5\n\t"
+ "umulh x8, x15, x5\n\t"
"adds x7, x7, x3\n\t"
- "adc x8, xzr, x4\n\t"
+ "adc x8, x8, xzr\n\t"
"mul x3, x16, x5\n\t"
- "umulh x4, x16, x5\n\t"
+ "umulh x9, x16, x5\n\t"
"adds x8, x8, x3\n\t"
- "adc x9, xzr, x4\n\t"
+ "adc x9, x9, xzr\n\t"
"mul x3, x17, x5\n\t"
"umulh x4, x17, x5\n\t"
"adds x9, x9, x3\n\t"
- "adc x4, xzr, x4\n\t"
+ "adc x4, x4, xzr\n\t"
"mov x5, #19\n\t"
"extr x4, x4, x9, #63\n\t"
"mul x4, x4, x5\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
"adds x6, x6, x4\n\t"
"adcs x7, x7, xzr\n\t"
+ "and x9, x9, #0x7fffffffffffffff\n\t"
"adcs x8, x8, xzr\n\t"
"adc x9, x9, xzr\n\t"
/* Add */
"adds x10, x10, x6\n\t"
"adcs x11, x11, x7\n\t"
"adcs x12, x12, x8\n\t"
- "adc x13, x13, x9\n\t"
- "mov x3, #-19\n\t"
- "asr %x[a], x13, #63\n\t"
+ "adcs x13, x13, x9\n\t"
+ "cset x5, cs\n\t"
+ "mov x3, #19\n\t"
/* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Sub modulus (if overflow) */
- "subs x10, x10, x3\n\t"
- "sbcs x11, x11, %x[a]\n\t"
- "sbcs x12, x12, %x[a]\n\t"
- "sbc x13, x13, x4\n\t"
+ "adds x10, x10, x3\n\t"
+ "adcs x11, x11, xzr\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "adcs x12, x12, xzr\n\t"
+ "adc x13, x13, xzr\n\t"
/* Multiply */
- /* A[0] * B[0] */
- "mul x6, x14, x10\n\t"
+ /* A[0] * B[0] */
"umulh x7, x14, x10\n\t"
- /* A[0] * B[1] */
- "mul x3, x14, x11\n\t"
- "umulh x8, x14, x11\n\t"
- "adds x7, x7, x3\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[0] */
+ "mul x6, x14, x10\n\t"
+ /* A[2] * B[0] */
+ "umulh x9, x16, x10\n\t"
+ "mul x8, x16, x10\n\t"
+ /* A[1] * B[0] */
"mul x3, x15, x10\n\t"
+ "adds x7, x7, x3\n\t"
"umulh x4, x15, x10\n\t"
+ "adcs x8, x8, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x26, x15, x13\n\t"
+ "adc x9, x9, xzr\n\t"
+ "mul x25, x15, x13\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x14, x11\n\t"
"adds x7, x7, x3\n\t"
+ "umulh x4, x14, x11\n\t"
"adcs x8, x8, x4\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x14, x12\n\t"
- "umulh x4, x14, x12\n\t"
- "adds x8, x8, x3\n\t"
- "adc x9, x9, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x15, x11\n\t"
- "umulh x4, x15, x11\n\t"
- "adds x8, x8, x3\n\t"
- "adcs x9, x9, x4\n\t"
- "adc %x[a], xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x16, x10\n\t"
- "umulh x4, x16, x10\n\t"
- "adds x8, x8, x3\n\t"
- "adcs x9, x9, x4\n\t"
- "adc %x[a], %x[a], xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x14, x13\n\t"
- "umulh x4, x14, x13\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x15, x12\n\t"
- "umulh x4, x15, x12\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[2] * B[1] */
+ /* A[2] * B[1] */
"mul x3, x16, x11\n\t"
+ "adcs x9, x9, x3\n\t"
"umulh x4, x16, x11\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
+ "adcs x25, x25, x4\n\t"
"adc x26, x26, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x17, x10\n\t"
- "umulh x4, x17, x10\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x15, x12\n\t"
"adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x15, x13\n\t"
- "umulh x4, x15, x13\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
+ "umulh x4, x15, x12\n\t"
+ "adcs x25, x25, x4\n\t"
+ "adcs x26, x26, xzr\n\t"
"adc x27, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x16, x12\n\t"
- "umulh x4, x16, x12\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x14, x12\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x12\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x25, x25, xzr\n\t"
+ "adcs x26, x26, xzr\n\t"
"adc x27, x27, xzr\n\t"
- /* A[3] * B[1] */
+ /* A[1] * B[1] */
+ "mul x3, x15, x11\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x15, x11\n\t"
+ "adcs x9, x9, x4\n\t"
+ /* A[3] * B[1] */
"mul x3, x17, x11\n\t"
+ "adcs x25, x25, x3\n\t"
"umulh x4, x17, x11\n\t"
- "adds %x[a], %x[a], x3\n\t"
"adcs x26, x26, x4\n\t"
"adc x27, x27, xzr\n\t"
- /* A[2] * B[3] */
+ /* A[2] * B[2] */
+ "mul x3, x16, x12\n\t"
+ "adds x25, x25, x3\n\t"
+ "umulh x4, x16, x12\n\t"
+ "adcs x26, x26, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x17, x13\n\t"
+ "adcs x27, x27, x3\n\t"
+ "umulh x28, x17, x13\n\t"
+ "adc x28, x28, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x14, x13\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x14, x13\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[2] * B[3] */
"mul x3, x16, x13\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x4, x16, x13\n\t"
- "adds x26, x26, x3\n\t"
"adcs x27, x27, x4\n\t"
- "adc x28, xzr, xzr\n\t"
- /* A[3] * B[2] */
+ "adc x28, x28, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x17, x10\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x17, x10\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[3] * B[2] */
"mul x3, x17, x12\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x4, x17, x12\n\t"
- "adds x26, x26, x3\n\t"
"adcs x27, x27, x4\n\t"
"adc x28, x28, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x17, x13\n\t"
- "umulh x4, x17, x13\n\t"
- "adds x27, x27, x3\n\t"
- "adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x9, #63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x6, x6, x4\n\t"
- "mul x4, x3, x26\n\t"
- "umulh x26, x3, x26\n\t"
- "adcs x7, x7, x4\n\t"
- "mul x4, x3, x27\n\t"
- "umulh x27, x3, x27\n\t"
- "adcs x8, x8, x4\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x28\n\t"
+ "adds x9, x9, x4\n\t"
"umulh x5, x3, x28\n\t"
- "adcs x9, x9, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x7, x7, %x[a]\n\t"
- "adcs x8, x8, x26\n\t"
- "adcs x9, x9, x27\n\t"
"adc x5, x5, xzr\n\t"
- /* Overflow */
+ "mov x3, #19\n\t"
"extr x5, x5, x9, #63\n\t"
"mul x5, x5, x3\n\t"
"and x9, x9, #0x7fffffffffffffff\n\t"
- "adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x6, x6, x4\n\t"
+ "umulh x25, x3, x25\n\t"
+ "mul x4, x3, x26\n\t"
+ "adcs x7, x7, x4\n\t"
+ "umulh x26, x3, x26\n\t"
+ "mul x4, x3, x27\n\t"
+ "adcs x8, x8, x4\n\t"
+ "umulh x27, x3, x27\n\t"
"adc x9, x9, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x9, asr 63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
- "adc x9, x9, xzr\n\t"
+ "adcs x7, x7, x25\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, x27\n\t"
/* Store */
"stp x6, x7, [x29, #16]\n\t"
"stp x8, x9, [x29, #32]\n\t"
/* Add */
- "ldp x6, x7, [x29, #112]\n\t"
- "ldp x8, x9, [x29, #128]\n\t"
- "adds x10, x6, x19\n\t"
- "adcs x11, x7, x20\n\t"
- "adcs x12, x8, x21\n\t"
- "adc x13, x9, x22\n\t"
- "mov x3, #-19\n\t"
- "asr %x[a], x13, #63\n\t"
- /* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "ldp x25, x26, [x29, #48]\n\t"
+ "ldp x27, x28, [x29, #64]\n\t"
+ "adds x10, x25, x19\n\t"
+ "adcs x11, x26, x20\n\t"
+ "adcs x12, x27, x21\n\t"
+ "adcs x13, x28, x22\n\t"
+ "cset x5, cs\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Sub modulus (if overflow) */
- "subs x10, x10, x3\n\t"
- "sbcs x11, x11, %x[a]\n\t"
- "sbcs x12, x12, %x[a]\n\t"
- "sbc x13, x13, x4\n\t"
+ "adds x10, x10, x3\n\t"
+ "adcs x11, x11, xzr\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "adcs x12, x12, xzr\n\t"
+ "adc x13, x13, xzr\n\t"
/* Sub */
- "subs x19, x6, x19\n\t"
- "sbcs x20, x7, x20\n\t"
- "sbcs x21, x8, x21\n\t"
- "sbcs x22, x9, x22\n\t"
+ "subs x19, x25, x19\n\t"
+ "sbcs x20, x26, x20\n\t"
+ "sbcs x21, x27, x21\n\t"
+ "sbcs x22, x28, x22\n\t"
+ "csetm x5, cc\n\t"
"mov x3, #-19\n\t"
- "csetm %x[a], cc\n\t"
- /* Mask the modulus */
- "and x3, %x[a], x3\n\t"
- "and x4, %x[a], #0x7fffffffffffffff\n\t"
+ "extr x5, x5, x22, #63\n\t"
+ "mul x3, x5, x3\n\t"
/* Add modulus (if underflow) */
- "adds x19, x19, x3\n\t"
- "adcs x20, x20, %x[a]\n\t"
- "adcs x21, x21, %x[a]\n\t"
- "adc x22, x22, x4\n\t"
+ "subs x19, x19, x3\n\t"
+ "sbcs x20, x20, xzr\n\t"
+ "and x22, x22, #0x7fffffffffffffff\n\t"
+ "sbcs x21, x21, xzr\n\t"
+ "sbc x22, x22, xzr\n\t"
/* Square */
/* A[0] * A[1] */
- "mul x7, x10, x11\n\t"
"umulh x8, x10, x11\n\t"
+ "mul x7, x10, x11\n\t"
+ /* A[0] * A[3] */
+ "umulh x25, x10, x13\n\t"
+ "mul x9, x10, x13\n\t"
/* A[0] * A[2] */
"mul x3, x10, x12\n\t"
- "umulh x9, x10, x12\n\t"
"adds x8, x8, x3\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[0] * A[3] */
- "mul x3, x10, x13\n\t"
- "umulh %x[a], x10, x13\n\t"
- "adds x9, x9, x3\n\t"
- "adc %x[a], %x[a], xzr\n\t"
+ "umulh x4, x10, x12\n\t"
+ "adcs x9, x9, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x11, x13\n\t"
+ "adcs x25, x25, x3\n\t"
+ "umulh x26, x11, x13\n\t"
+ "adc x26, x26, xzr\n\t"
/* A[1] * A[2] */
"mul x3, x11, x12\n\t"
- "umulh x4, x11, x12\n\t"
"adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * A[3] */
- "mul x3, x11, x13\n\t"
- "umulh x4, x11, x13\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adc x26, x26, x4\n\t"
+ "umulh x4, x11, x12\n\t"
+ "adcs x25, x25, x4\n\t"
/* A[2] * A[3] */
"mul x3, x12, x13\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x27, x12, x13\n\t"
- "adds x26, x26, x3\n\t"
"adc x27, x27, xzr\n\t"
/* Double */
"adds x7, x7, x7\n\t"
"adcs x8, x8, x8\n\t"
"adcs x9, x9, x9\n\t"
- "adcs %x[a], %x[a], %x[a]\n\t"
+ "adcs x25, x25, x25\n\t"
"adcs x26, x26, x26\n\t"
"adcs x27, x27, x27\n\t"
"adc x28, xzr, xzr\n\t"
/* A[0] * A[0] */
+ "umulh x4, x10, x10\n\t"
"mul x6, x10, x10\n\t"
- "umulh x5, x10, x10\n\t"
/* A[1] * A[1] */
"mul x3, x11, x11\n\t"
+ "adds x7, x7, x4\n\t"
"umulh x4, x11, x11\n\t"
- "adds x7, x7, x5\n\t"
"adcs x8, x8, x3\n\t"
- "adc x5, x4, xzr\n\t"
/* A[2] * A[2] */
"mul x3, x12, x12\n\t"
+ "adcs x9, x9, x4\n\t"
"umulh x4, x12, x12\n\t"
- "adds x9, x9, x5\n\t"
- "adcs %x[a], %x[a], x3\n\t"
- "adc x5, x4, xzr\n\t"
+ "adcs x25, x25, x3\n\t"
/* A[3] * A[3] */
"mul x3, x13, x13\n\t"
+ "adcs x26, x26, x4\n\t"
"umulh x4, x13, x13\n\t"
- "adds x26, x26, x5\n\t"
"adcs x27, x27, x3\n\t"
"adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x9, #63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x6, x6, x4\n\t"
- "mul x4, x3, x26\n\t"
- "umulh x26, x3, x26\n\t"
- "adcs x7, x7, x4\n\t"
- "mul x4, x3, x27\n\t"
- "umulh x27, x3, x27\n\t"
- "adcs x8, x8, x4\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x28\n\t"
+ "adds x9, x9, x4\n\t"
"umulh x5, x3, x28\n\t"
- "adcs x9, x9, x4\n\t"
"adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x7, x7, %x[a]\n\t"
- "adcs x8, x8, x26\n\t"
- "adcs x9, x9, x27\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
+ "mov x3, #19\n\t"
"extr x5, x5, x9, #63\n\t"
"mul x5, x5, x3\n\t"
"and x9, x9, #0x7fffffffffffffff\n\t"
- "adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x6, x6, x4\n\t"
+ "umulh x25, x3, x25\n\t"
+ "mul x4, x3, x26\n\t"
+ "adcs x7, x7, x4\n\t"
+ "umulh x26, x3, x26\n\t"
+ "mul x4, x3, x27\n\t"
+ "adcs x8, x8, x4\n\t"
+ "umulh x27, x3, x27\n\t"
"adc x9, x9, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x9, asr 63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
- "adc x9, x9, xzr\n\t"
- /* Store */
- "stp x6, x7, [x29, #80]\n\t"
- "stp x8, x9, [x29, #96]\n\t"
+ "adcs x7, x7, x25\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, x27\n\t"
/* Square */
/* A[0] * A[1] */
- "mul x7, x19, x20\n\t"
- "umulh x8, x19, x20\n\t"
+ "umulh x16, x19, x20\n\t"
+ "mul x15, x19, x20\n\t"
+ /* A[0] * A[3] */
+ "umulh x25, x19, x22\n\t"
+ "mul x17, x19, x22\n\t"
/* A[0] * A[2] */
"mul x3, x19, x21\n\t"
- "umulh x9, x19, x21\n\t"
- "adds x8, x8, x3\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[0] * A[3] */
- "mul x3, x19, x22\n\t"
- "umulh %x[a], x19, x22\n\t"
- "adds x9, x9, x3\n\t"
- "adc %x[a], %x[a], xzr\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x19, x21\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x20, x22\n\t"
+ "adcs x25, x25, x3\n\t"
+ "umulh x26, x20, x22\n\t"
+ "adc x26, x26, xzr\n\t"
/* A[1] * A[2] */
"mul x3, x20, x21\n\t"
+ "adds x17, x17, x3\n\t"
"umulh x4, x20, x21\n\t"
- "adds x9, x9, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * A[3] */
- "mul x3, x20, x22\n\t"
- "umulh x4, x20, x22\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adc x26, x26, x4\n\t"
+ "adcs x25, x25, x4\n\t"
/* A[2] * A[3] */
"mul x3, x21, x22\n\t"
+ "adcs x26, x26, x3\n\t"
"umulh x27, x21, x22\n\t"
- "adds x26, x26, x3\n\t"
"adc x27, x27, xzr\n\t"
/* Double */
- "adds x7, x7, x7\n\t"
- "adcs x8, x8, x8\n\t"
- "adcs x9, x9, x9\n\t"
- "adcs %x[a], %x[a], %x[a]\n\t"
+ "adds x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adcs x17, x17, x17\n\t"
+ "adcs x25, x25, x25\n\t"
"adcs x26, x26, x26\n\t"
"adcs x27, x27, x27\n\t"
"adc x28, xzr, xzr\n\t"
/* A[0] * A[0] */
- "mul x6, x19, x19\n\t"
- "umulh x5, x19, x19\n\t"
+ "umulh x4, x19, x19\n\t"
+ "mul x14, x19, x19\n\t"
/* A[1] * A[1] */
"mul x3, x20, x20\n\t"
+ "adds x15, x15, x4\n\t"
"umulh x4, x20, x20\n\t"
- "adds x7, x7, x5\n\t"
- "adcs x8, x8, x3\n\t"
- "adc x5, x4, xzr\n\t"
+ "adcs x16, x16, x3\n\t"
/* A[2] * A[2] */
"mul x3, x21, x21\n\t"
+ "adcs x17, x17, x4\n\t"
"umulh x4, x21, x21\n\t"
- "adds x9, x9, x5\n\t"
- "adcs %x[a], %x[a], x3\n\t"
- "adc x5, x4, xzr\n\t"
+ "adcs x25, x25, x3\n\t"
/* A[3] * A[3] */
"mul x3, x22, x22\n\t"
+ "adcs x26, x26, x4\n\t"
"umulh x4, x22, x22\n\t"
- "adds x26, x26, x5\n\t"
"adcs x27, x27, x3\n\t"
"adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x9, #63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x28\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x28\n\t"
+ "adc x5, x5, xzr\n\t"
"mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x6, x6, x4\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x25, x3, x25\n\t"
"mul x4, x3, x26\n\t"
+ "adcs x15, x15, x4\n\t"
"umulh x26, x3, x26\n\t"
- "adcs x7, x7, x4\n\t"
"mul x4, x3, x27\n\t"
+ "adcs x16, x16, x4\n\t"
"umulh x27, x3, x27\n\t"
- "adcs x8, x8, x4\n\t"
- "mul x4, x3, x28\n\t"
- "umulh x5, x3, x28\n\t"
- "adcs x9, x9, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x7, x7, %x[a]\n\t"
- "adcs x8, x8, x26\n\t"
- "adcs x9, x9, x27\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
- "extr x5, x5, x9, #63\n\t"
- "mul x5, x5, x3\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- "adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
- "adc x9, x9, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x9, asr 63\n\t"
- "and x9, x9, #0x7fffffffffffffff\n\t"
- "adds x6, x6, x5\n\t"
- "adcs x7, x7, xzr\n\t"
- "adcs x8, x8, xzr\n\t"
- "adc x9, x9, xzr\n\t"
- /* Store */
- "ldr %x[a], [x29, #184]\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x25\n\t"
+ "adcs x16, x16, x26\n\t"
+ "adc x17, x17, x27\n\t"
/* Multiply */
- "ldp x14, x15, [%x[a]]\n\t"
- "ldp x16, x17, [%x[a], #16]\n\t"
- /* A[0] * B[0] */
- "mul x10, x14, x6\n\t"
- "umulh x11, x14, x6\n\t"
- /* A[0] * B[1] */
- "mul x3, x14, x7\n\t"
- "umulh x12, x14, x7\n\t"
+ "ldp x19, x20, [%x[a]]\n\t"
+ "ldp x21, x22, [%x[a], #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x11, x19, x14\n\t"
+ "mul x10, x19, x14\n\t"
+ /* A[2] * B[0] */
+ "umulh x13, x21, x14\n\t"
+ "mul x12, x21, x14\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x20, x14\n\t"
"adds x11, x11, x3\n\t"
- "adc x12, x12, xzr\n\t"
- /* A[1] * B[0] */
- "mul x3, x15, x6\n\t"
- "umulh x4, x15, x6\n\t"
+ "umulh x4, x20, x14\n\t"
+ "adcs x12, x12, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x26, x20, x17\n\t"
+ "adc x13, x13, xzr\n\t"
+ "mul x25, x20, x17\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x19, x15\n\t"
"adds x11, x11, x3\n\t"
+ "umulh x4, x19, x15\n\t"
"adcs x12, x12, x4\n\t"
- "adc x13, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x14, x8\n\t"
- "umulh x4, x14, x8\n\t"
- "adds x12, x12, x3\n\t"
- "adc x13, x13, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x15, x7\n\t"
- "umulh x4, x15, x7\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x21, x15\n\t"
+ "adcs x13, x13, x3\n\t"
+ "umulh x4, x21, x15\n\t"
+ "adcs x25, x25, x4\n\t"
+ "adc x26, x26, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x20, x16\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x20, x16\n\t"
+ "adcs x25, x25, x4\n\t"
+ "adcs x26, x26, xzr\n\t"
+ "adc x27, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x19, x16\n\t"
"adds x12, x12, x3\n\t"
+ "umulh x4, x19, x16\n\t"
"adcs x13, x13, x4\n\t"
- "adc %x[a], xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x16, x6\n\t"
- "umulh x4, x16, x6\n\t"
+ "adcs x25, x25, xzr\n\t"
+ "adcs x26, x26, xzr\n\t"
+ "adc x27, x27, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x20, x15\n\t"
"adds x12, x12, x3\n\t"
+ "umulh x4, x20, x15\n\t"
"adcs x13, x13, x4\n\t"
- "adc %x[a], %x[a], xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x14, x9\n\t"
- "umulh x4, x14, x9\n\t"
- "adds x13, x13, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x15, x8\n\t"
- "umulh x4, x15, x8\n\t"
- "adds x13, x13, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[2] * B[1] */
- "mul x3, x16, x7\n\t"
- "umulh x4, x16, x7\n\t"
- "adds x13, x13, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x17, x6\n\t"
- "umulh x4, x17, x6\n\t"
- "adds x13, x13, x3\n\t"
- "adcs %x[a], %x[a], x4\n\t"
- "adc x26, x26, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x15, x9\n\t"
- "umulh x4, x15, x9\n\t"
- "adds %x[a], %x[a], x3\n\t"
- "adcs x26, x26, x4\n\t"
- "adc x27, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x16, x8\n\t"
- "umulh x4, x16, x8\n\t"
- "adds %x[a], %x[a], x3\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x22, x15\n\t"
+ "adcs x25, x25, x3\n\t"
+ "umulh x4, x22, x15\n\t"
"adcs x26, x26, x4\n\t"
"adc x27, x27, xzr\n\t"
- /* A[3] * B[1] */
- "mul x3, x17, x7\n\t"
- "umulh x4, x17, x7\n\t"
- "adds %x[a], %x[a], x3\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x21, x16\n\t"
+ "adds x25, x25, x3\n\t"
+ "umulh x4, x21, x16\n\t"
"adcs x26, x26, x4\n\t"
- "adc x27, x27, xzr\n\t"
- /* A[2] * B[3] */
- "mul x3, x16, x9\n\t"
- "umulh x4, x16, x9\n\t"
- "adds x26, x26, x3\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x22, x17\n\t"
+ "adcs x27, x27, x3\n\t"
+ "umulh x28, x22, x17\n\t"
+ "adc x28, x28, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x19, x17\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x19, x17\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x21, x17\n\t"
+ "adcs x26, x26, x3\n\t"
+ "umulh x4, x21, x17\n\t"
"adcs x27, x27, x4\n\t"
- "adc x28, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x3, x17, x8\n\t"
- "umulh x4, x17, x8\n\t"
- "adds x26, x26, x3\n\t"
+ "adc x28, x28, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x22, x14\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x22, x14\n\t"
+ "adcs x25, x25, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x22, x16\n\t"
+ "adcs x26, x26, x3\n\t"
+ "umulh x4, x22, x16\n\t"
"adcs x27, x27, x4\n\t"
"adc x28, x28, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x17, x9\n\t"
- "umulh x4, x17, x9\n\t"
- "adds x27, x27, x3\n\t"
- "adc x28, x28, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x28, x28, x27, #63\n\t"
- "extr x27, x27, x26, #63\n\t"
- "extr x26, x26, %x[a], #63\n\t"
- "extr %x[a], %x[a], x13, #63\n\t"
- "and x13, x13, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x3, #19\n\t"
- "mul x4, x3, %x[a]\n\t"
- "umulh %x[a], x3, %x[a]\n\t"
- "adds x10, x10, x4\n\t"
- "mul x4, x3, x26\n\t"
- "umulh x26, x3, x26\n\t"
- "adcs x11, x11, x4\n\t"
- "mul x4, x3, x27\n\t"
- "umulh x27, x3, x27\n\t"
- "adcs x12, x12, x4\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x28\n\t"
+ "adds x13, x13, x4\n\t"
"umulh x5, x3, x28\n\t"
- "adcs x13, x13, x4\n\t"
"adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x11, x11, %x[a]\n\t"
- "adcs x12, x12, x26\n\t"
- "adcs x13, x13, x27\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
+ "mov x3, #19\n\t"
"extr x5, x5, x13, #63\n\t"
"mul x5, x5, x3\n\t"
"and x13, x13, #0x7fffffffffffffff\n\t"
- "adds x10, x10, x5\n\t"
- "adcs x11, x11, xzr\n\t"
- "adcs x12, x12, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x25\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x25, x3, x25\n\t"
+ "mul x4, x3, x26\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x26, x3, x26\n\t"
+ "mul x4, x3, x27\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x27, x3, x27\n\t"
"adc x13, x13, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x13, asr 63\n\t"
- "and x13, x13, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x10, x10, x5\n\t"
- "adcs x11, x11, xzr\n\t"
- "adcs x12, x12, xzr\n\t"
- "adc x13, x13, xzr\n\t"
- /* Store */
- "stp x10, x11, [x29, #48]\n\t"
- "stp x12, x13, [x29, #64]\n\t"
- "sub x25, x25, #1\n\t"
- "cmp x25, #0\n\t"
+ "adcs x11, x11, x25\n\t"
+ "adcs x12, x12, x26\n\t"
+ "adc x13, x13, x27\n\t"
+ "subs x24, x24, #1\n\t"
"bge L_curve25519_bits_%=\n\t"
- "mov x25, #63\n\t"
- "sub x24, x24, #8\n\t"
- "cmp x24, #0\n\t"
- "bge L_curve25519_words_%=\n\t"
/* Invert */
"add x0, x29, #48\n\t"
"add x1, x29, #16\n\t"
@@ -2407,63 +2737,199 @@ int curve25519(byte* r, const byte* n, const byte* a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x70\n\t"
-#ifndef NDEBUG
- "add x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x24, #3\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 5 times */
+ "mov x24, #5\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_curve25519_inv_1_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_1_%=\n\t"
- "add x0, x29, #0x50\n\t"
+ "bne L_curve25519_inv_1_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x70\n\t"
+ "add x0, x29, #0x50\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x70\n\t"
"add x2, x29, #0x50\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x70\n\t"
- "add x1, x29, #0x50\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x24, #8\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 10 times */
+ "mov x24, #10\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_curve25519_inv_2_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_2_%=\n\t"
-#ifndef NDEBUG
+ "bne L_curve25519_inv_2_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
"add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #0x70\n\t"
#endif /* !NDEBUG */
@@ -2473,87 +2939,298 @@ int curve25519(byte* r, const byte* n, const byte* a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x90\n\t"
-#ifndef NDEBUG
- "add x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x24, #18\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x90\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x90\n\t"
+ /* Loop: 20 times */
+ "mov x24, #20\n\t"
+ "ldp x6, x7, [x29, #112]\n\t"
+ "ldp x8, x9, [x29, #128]\n\t"
"\n"
"L_curve25519_inv_3_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_3_%=\n\t"
- "add x0, x29, #0x70\n\t"
+ "bne L_curve25519_inv_3_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #144]\n\t"
+ "stp x8, x9, [x29, #160]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x90\n\t"
+ "add x0, x29, #0x70\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x90\n\t"
"add x2, x29, #0x70\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x24, #9\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 10 times */
+ "mov x24, #10\n\t"
+ "ldp x6, x7, [x29, #112]\n\t"
+ "ldp x8, x9, [x29, #128]\n\t"
"\n"
"L_curve25519_inv_4_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_4_%=\n\t"
+ "bne L_curve25519_inv_4_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
"add x0, x29, #0x50\n\t"
-#ifndef NDEBUG
"add x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #0x50\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x70\n\t"
- "add x1, x29, #0x50\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x24, #48\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 50 times */
+ "mov x24, #50\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_curve25519_inv_5_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_5_%=\n\t"
-#ifndef NDEBUG
+ "bne L_curve25519_inv_5_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
"add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #0x70\n\t"
#endif /* !NDEBUG */
@@ -2563,81 +3240,299 @@ int curve25519(byte* r, const byte* n, const byte* a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x90\n\t"
-#ifndef NDEBUG
- "add x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x24, #0x62\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x90\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x90\n\t"
+ /* Loop: 100 times */
+ "mov x24, #0x64\n\t"
+ "ldp x6, x7, [x29, #112]\n\t"
+ "ldp x8, x9, [x29, #128]\n\t"
"\n"
"L_curve25519_inv_6_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_6_%=\n\t"
- "add x0, x29, #0x70\n\t"
+ "bne L_curve25519_inv_6_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #144]\n\t"
+ "stp x8, x9, [x29, #160]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x90\n\t"
+ "add x0, x29, #0x70\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x90\n\t"
"add x2, x29, #0x70\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x24, #49\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x70\n\t"
+ /* Loop: 50 times */
+ "mov x24, #50\n\t"
+ "ldp x6, x7, [x29, #112]\n\t"
+ "ldp x8, x9, [x29, #128]\n\t"
"\n"
"L_curve25519_inv_7_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_7_%=\n\t"
+ "bne L_curve25519_inv_7_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #112]\n\t"
+ "stp x8, x9, [x29, #128]\n\t"
"add x0, x29, #0x50\n\t"
-#ifndef NDEBUG
"add x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #0x50\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x24, #4\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 5 times */
+ "mov x24, #5\n\t"
+ "ldp x6, x7, [x29, #80]\n\t"
+ "ldp x8, x9, [x29, #96]\n\t"
"\n"
"L_curve25519_inv_8_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x24, x24, #1\n\t"
- "bcs L_curve25519_inv_8_%=\n\t"
+ "bne L_curve25519_inv_8_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
"add x0, x29, #16\n\t"
-#ifndef NDEBUG
"add x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #48\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
@@ -2650,136 +3545,122 @@ int curve25519(byte* r, const byte* n, const byte* a)
"ldp x8, x9, [%x[r], #16]\n\t"
"ldp x10, x11, [x29, #16]\n\t"
"ldp x12, x13, [x29, #32]\n\t"
- /* A[0] * B[0] */
- "mul x14, x6, x10\n\t"
+ /* A[0] * B[0] */
"umulh x15, x6, x10\n\t"
- /* A[0] * B[1] */
- "mul x3, x6, x11\n\t"
- "umulh x16, x6, x11\n\t"
- "adds x15, x15, x3\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[1] * B[0] */
+ "mul x14, x6, x10\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x8, x10\n\t"
+ "mul x16, x8, x10\n\t"
+ /* A[1] * B[0] */
"mul x3, x7, x10\n\t"
+ "adds x15, x15, x3\n\t"
"umulh x4, x7, x10\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x7, x13\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x7, x13\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x6, x11\n\t"
"adds x15, x15, x3\n\t"
+ "umulh x4, x6, x11\n\t"
"adcs x16, x16, x4\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x3, x6, x12\n\t"
- "umulh x4, x6, x12\n\t"
- "adds x16, x16, x3\n\t"
- "adc x17, x17, x4\n\t"
- /* A[1] * B[1] */
- "mul x3, x7, x11\n\t"
- "umulh x4, x7, x11\n\t"
- "adds x16, x16, x3\n\t"
- "adcs x17, x17, x4\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x3, x8, x10\n\t"
- "umulh x4, x8, x10\n\t"
- "adds x16, x16, x3\n\t"
- "adcs x17, x17, x4\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[0] * B[3] */
- "mul x3, x6, x13\n\t"
- "umulh x4, x6, x13\n\t"
- "adds x17, x17, x3\n\t"
- "adcs x19, x19, x4\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x3, x7, x12\n\t"
- "umulh x4, x7, x12\n\t"
- "adds x17, x17, x3\n\t"
- "adcs x19, x19, x4\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[2] * B[1] */
+ /* A[2] * B[1] */
"mul x3, x8, x11\n\t"
+ "adcs x17, x17, x3\n\t"
"umulh x4, x8, x11\n\t"
- "adds x17, x17, x3\n\t"
"adcs x19, x19, x4\n\t"
"adc x20, x20, xzr\n\t"
- /* A[3] * B[0] */
- "mul x3, x9, x10\n\t"
- "umulh x4, x9, x10\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x7, x12\n\t"
"adds x17, x17, x3\n\t"
+ "umulh x4, x7, x12\n\t"
"adcs x19, x19, x4\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[1] * B[3] */
- "mul x3, x7, x13\n\t"
- "umulh x4, x7, x13\n\t"
- "adds x19, x19, x3\n\t"
- "adcs x20, x20, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
"adc x21, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x3, x8, x12\n\t"
- "umulh x4, x8, x12\n\t"
- "adds x19, x19, x3\n\t"
- "adcs x20, x20, x4\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x6, x12\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x6, x12\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
"adc x21, x21, xzr\n\t"
- /* A[3] * B[1] */
+ /* A[1] * B[1] */
+ "mul x3, x7, x11\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x7, x11\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
"mul x3, x9, x11\n\t"
+ "adcs x19, x19, x3\n\t"
"umulh x4, x9, x11\n\t"
- "adds x19, x19, x3\n\t"
"adcs x20, x20, x4\n\t"
"adc x21, x21, xzr\n\t"
- /* A[2] * B[3] */
+ /* A[2] * B[2] */
+ "mul x3, x8, x12\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x8, x12\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x9, x13\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x9, x13\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x6, x13\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x6, x13\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
"mul x3, x8, x13\n\t"
+ "adcs x20, x20, x3\n\t"
"umulh x4, x8, x13\n\t"
- "adds x20, x20, x3\n\t"
"adcs x21, x21, x4\n\t"
- "adc x22, xzr, xzr\n\t"
- /* A[3] * B[2] */
+ "adc x22, x22, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x9, x10\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x9, x10\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
"mul x3, x9, x12\n\t"
+ "adcs x20, x20, x3\n\t"
"umulh x4, x9, x12\n\t"
- "adds x20, x20, x3\n\t"
"adcs x21, x21, x4\n\t"
"adc x22, x22, xzr\n\t"
- /* A[3] * B[3] */
- "mul x3, x9, x13\n\t"
- "umulh x4, x9, x13\n\t"
- "adds x21, x21, x3\n\t"
- "adc x22, x22, x4\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x22, x22, x21, #63\n\t"
- "extr x21, x21, x20, #63\n\t"
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "and x17, x17, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
"mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
"mul x4, x3, x19\n\t"
- "umulh x19, x3, x19\n\t"
"adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
"mul x4, x3, x20\n\t"
- "umulh x20, x3, x20\n\t"
"adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
"mul x4, x3, x21\n\t"
- "umulh x21, x3, x21\n\t"
"adcs x16, x16, x4\n\t"
- "mul x4, x3, x22\n\t"
- "umulh x5, x3, x22\n\t"
- "adcs x17, x17, x4\n\t"
- "adc x5, x5, xzr\n\t"
- /* Add remaining product results in */
- "adds x15, x15, x19\n\t"
- "adcs x16, x16, x20\n\t"
- "adcs x17, x17, x21\n\t"
- "adc x5, x5, xzr\n\t"
- /* Overflow */
- "extr x5, x5, x17, #63\n\t"
- "mul x5, x5, x3\n\t"
- "and x17, x17, #0x7fffffffffffffff\n\t"
- "adds x14, x14, x5\n\t"
- "adcs x15, x15, xzr\n\t"
- "adcs x16, x16, xzr\n\t"
+ "umulh x21, x3, x21\n\t"
"adc x17, x17, xzr\n\t"
- /* Reduce if top bit set */
- "and x5, x3, x17, asr 63\n\t"
- "and x17, x17, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
+ /* Reduce if top bit set */
+ "mov x3, #19\n\t"
+ "and x4, x3, x17, asr 63\n\t"
+ "adds x14, x14, x4\n\t"
"adcs x15, x15, xzr\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
"adcs x16, x16, xzr\n\t"
"adc x17, x17, xzr\n\t"
"adds x4, x14, x3\n\t"
@@ -2800,11 +3681,12 @@ int curve25519(byte* r, const byte* n, const byte* a)
"ldp x29, x30, [sp], #0xc0\n\t"
: [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
:
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
);
return (uint32_t)(size_t)r;
}
+#ifdef HAVE_ED25519
void fe_pow22523(fe r, const fe a)
{
__asm__ __volatile__ (
@@ -2877,28 +3759,100 @@ void fe_pow22523(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #48\n\t"
- "add x1, x29, #16\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x23, #3\n\t"
-#ifndef NDEBUG
- "add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #48\n\t"
+ /* Loop: 5 times */
+ "mov x23, #5\n\t"
+ "ldp x6, x7, [x29, #16]\n\t"
+ "ldp x8, x9, [x29, #32]\n\t"
"\n"
"L_fe_pow22523_1_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_1_%=\n\t"
+ "bne L_fe_pow22523_1_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #48]\n\t"
+ "stp x8, x9, [x29, #64]\n\t"
+#ifndef NDEBUG
"add x0, x29, #16\n\t"
+#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #48\n\t"
#endif /* !NDEBUG */
@@ -2908,30 +3862,98 @@ void fe_pow22523(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #48\n\t"
- "add x1, x29, #16\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x23, #8\n\t"
-#ifndef NDEBUG
- "add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #48\n\t"
+ /* Loop: 10 times */
+ "mov x23, #10\n\t"
+ "ldp x6, x7, [x29, #16]\n\t"
+ "ldp x8, x9, [x29, #32]\n\t"
"\n"
"L_fe_pow22523_2_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_2_%=\n\t"
-#ifndef NDEBUG
+ "bne L_fe_pow22523_2_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #48]\n\t"
+ "stp x8, x9, [x29, #64]\n\t"
"add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #48\n\t"
#endif /* !NDEBUG */
@@ -2941,87 +3963,298 @@ void fe_pow22523(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x50\n\t"
-#ifndef NDEBUG
- "add x1, x29, #48\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x23, #18\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 20 times */
+ "mov x23, #20\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_pow22523_3_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_3_%=\n\t"
- "add x0, x29, #48\n\t"
+ "bne L_fe_pow22523_3_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x50\n\t"
+ "add x0, x29, #48\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x50\n\t"
"add x2, x29, #48\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x23, #9\n\t"
-#ifndef NDEBUG
- "add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #48\n\t"
+ /* Loop: 10 times */
+ "mov x23, #10\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_pow22523_4_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_4_%=\n\t"
+ "bne L_fe_pow22523_4_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #48]\n\t"
+ "stp x8, x9, [x29, #64]\n\t"
"add x0, x29, #16\n\t"
-#ifndef NDEBUG
"add x1, x29, #48\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #16\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #48\n\t"
- "add x1, x29, #16\n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x23, #48\n\t"
-#ifndef NDEBUG
- "add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #48\n\t"
+ /* Loop: 50 times */
+ "mov x23, #50\n\t"
+ "ldp x6, x7, [x29, #16]\n\t"
+ "ldp x8, x9, [x29, #32]\n\t"
"\n"
"L_fe_pow22523_5_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_5_%=\n\t"
-#ifndef NDEBUG
+ "bne L_fe_pow22523_5_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #48]\n\t"
+ "stp x8, x9, [x29, #64]\n\t"
"add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
#ifndef NDEBUG
"add x1, x29, #48\n\t"
#endif /* !NDEBUG */
@@ -3031,77 +4264,220 @@ void fe_pow22523(fe r, const fe a)
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "add x0, x29, #0x50\n\t"
-#ifndef NDEBUG
- "add x1, x29, #48\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
- "mov x23, #0x62\n\t"
-#ifndef NDEBUG
- "add x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #0x50\n\t"
+ /* Loop: 100 times */
+ "mov x23, #0x64\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_pow22523_6_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_6_%=\n\t"
- "add x0, x29, #48\n\t"
+ "bne L_fe_pow22523_6_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #80]\n\t"
+ "stp x8, x9, [x29, #96]\n\t"
#ifndef NDEBUG
- "add x1, x29, #0x50\n\t"
+ "add x0, x29, #48\n\t"
#endif /* !NDEBUG */
+ "add x1, x29, #0x50\n\t"
"add x2, x29, #48\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x23, #49\n\t"
-#ifndef NDEBUG
- "add x0, x29, #48\n\t"
-#endif /* !NDEBUG */
- "add x1, x29, #48\n\t"
+ /* Loop: 50 times */
+ "mov x23, #50\n\t"
+ "ldp x6, x7, [x29, #48]\n\t"
+ "ldp x8, x9, [x29, #64]\n\t"
"\n"
"L_fe_pow22523_7_%=: \n\t"
-#ifndef __APPLE__
- "bl fe_sq\n\t"
-#else
- "bl _fe_sq\n\t"
-#endif /* __APPLE__ */
+ /* Square */
+ /* A[0] * A[1] */
+ "umulh x12, x6, x7\n\t"
+ "mul x11, x6, x7\n\t"
+ /* A[0] * A[3] */
+ "umulh x14, x6, x9\n\t"
+ "mul x13, x6, x9\n\t"
+ /* A[0] * A[2] */
+ "mul x3, x6, x8\n\t"
+ "adds x12, x12, x3\n\t"
+ "umulh x4, x6, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ /* A[1] * A[3] */
+ "mul x3, x7, x9\n\t"
+ "adcs x14, x14, x3\n\t"
+ "umulh x15, x7, x9\n\t"
+ "adc x15, x15, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x3, x7, x8\n\t"
+ "adds x13, x13, x3\n\t"
+ "umulh x4, x7, x8\n\t"
+ "adcs x14, x14, x4\n\t"
+ /* A[2] * A[3] */
+ "mul x3, x8, x9\n\t"
+ "adcs x15, x15, x3\n\t"
+ "umulh x16, x8, x9\n\t"
+ "adc x16, x16, xzr\n\t"
+ /* Double */
+ "adds x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adcs x15, x15, x15\n\t"
+ "adcs x16, x16, x16\n\t"
+ "adc x17, xzr, xzr\n\t"
+ /* A[0] * A[0] */
+ "umulh x4, x6, x6\n\t"
+ "mul x10, x6, x6\n\t"
+ /* A[1] * A[1] */
+ "mul x3, x7, x7\n\t"
+ "adds x11, x11, x4\n\t"
+ "umulh x4, x7, x7\n\t"
+ "adcs x12, x12, x3\n\t"
+ /* A[2] * A[2] */
+ "mul x3, x8, x8\n\t"
+ "adcs x13, x13, x4\n\t"
+ "umulh x4, x8, x8\n\t"
+ "adcs x14, x14, x3\n\t"
+ /* A[3] * A[3] */
+ "mul x3, x9, x9\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x4, x9, x9\n\t"
+ "adcs x16, x16, x3\n\t"
+ "adc x17, x17, x4\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x17\n\t"
+ "adds x13, x13, x4\n\t"
+ "umulh x5, x3, x17\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x13, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x13, x13, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x14\n\t"
+ "adds x10, x10, x4\n\t"
+ "umulh x14, x3, x14\n\t"
+ "mul x4, x3, x15\n\t"
+ "adcs x11, x11, x4\n\t"
+ "umulh x15, x3, x15\n\t"
+ "mul x4, x3, x16\n\t"
+ "adcs x12, x12, x4\n\t"
+ "umulh x16, x3, x16\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* Add high product results in */
+ "adds x6, x10, x5\n\t"
+ "adcs x7, x11, x14\n\t"
+ "adcs x8, x12, x15\n\t"
+ "adc x9, x13, x16\n\t"
"subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_7_%=\n\t"
+ "bne L_fe_pow22523_7_%=\n\t"
+ /* Store */
+ "stp x6, x7, [x29, #48]\n\t"
+ "stp x8, x9, [x29, #64]\n\t"
"add x0, x29, #16\n\t"
-#ifndef NDEBUG
"add x1, x29, #48\n\t"
-#endif /* !NDEBUG */
"add x2, x29, #16\n\t"
#ifndef __APPLE__
"bl fe_mul\n\t"
#else
"bl _fe_mul\n\t"
#endif /* __APPLE__ */
- "mov x23, #1\n\t"
#ifndef NDEBUG
"add x0, x29, #16\n\t"
#endif /* !NDEBUG */
"add x1, x29, #16\n\t"
- "\n"
- "L_fe_pow22523_8_%=: \n\t"
#ifndef __APPLE__
"bl fe_sq\n\t"
#else
"bl _fe_sq\n\t"
#endif /* __APPLE__ */
- "subs x23, x23, #1\n\t"
- "bcs L_fe_pow22523_8_%=\n\t"
+#ifndef __APPLE__
+ "bl fe_sq\n\t"
+#else
+ "bl _fe_sq\n\t"
+#endif /* __APPLE__ */
"ldr x0, [x29, #112]\n\t"
#ifndef NDEBUG
"add x1, x29, #16\n\t"
@@ -3115,1466 +4491,1234 @@ void fe_pow22523(fe r, const fe a)
"ldp x29, x30, [sp], #0x80\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "x2", "x23"
+ : "memory", "x2", "x23", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
);
}
-void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py, const fe pz, const fe pt)
+void ge_p1p1_to_p2(ge_p2* r, const ge_p1p1* p)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-64]!\n\t"
+ "stp x29, x30, [sp, #-32]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[ry], [x29, #16]\n\t"
- "str %x[rz], [x29, #24]\n\t"
- "str %x[px], [x29, #32]\n\t"
- "str %x[py], [x29, #40]\n\t"
- "str %x[pz], [x29, #48]\n\t"
- "str %x[pt], [x29, #56]\n\t"
- "ldr x1, [x29, #32]\n\t"
- "ldr x2, [x29, #56]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "mov x2, x1\n\t"
+ "add x1, x1, #0x60\n\t"
/* Multiply */
- "ldp x11, x12, [x1]\n\t"
- "ldp x13, x14, [x1, #16]\n\t"
- "ldp x15, x16, [x2]\n\t"
- "ldp x17, x19, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x3, x11, x15\n\t"
- "umulh x4, x11, x15\n\t"
- /* A[0] * B[1] */
- "mul x20, x11, x16\n\t"
- "umulh x5, x11, x16\n\t"
- "adds x4, x4, x20\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x20, x12, x15\n\t"
- "umulh x21, x12, x15\n\t"
- "adds x4, x4, x20\n\t"
- "adcs x5, x5, x21\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x20, x11, x17\n\t"
- "umulh x21, x11, x17\n\t"
- "adds x5, x5, x20\n\t"
- "adc x6, x6, x21\n\t"
- /* A[1] * B[1] */
- "mul x20, x12, x16\n\t"
- "umulh x21, x12, x16\n\t"
- "adds x5, x5, x20\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x20, x13, x15\n\t"
- "umulh x21, x13, x15\n\t"
- "adds x5, x5, x20\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x20, x11, x19\n\t"
- "umulh x21, x11, x19\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x20, x12, x17\n\t"
- "umulh x21, x12, x17\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x20, x13, x16\n\t"
- "umulh x21, x13, x16\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x20, x14, x15\n\t"
- "umulh x21, x14, x15\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x20, x12, x19\n\t"
- "umulh x21, x12, x19\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x20, x13, x17\n\t"
- "umulh x21, x13, x17\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x20, x14, x16\n\t"
- "umulh x21, x14, x16\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x20, x13, x19\n\t"
- "umulh x21, x13, x19\n\t"
- "adds x8, x8, x20\n\t"
- "adcs x9, x9, x21\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x20, x14, x17\n\t"
- "umulh x21, x14, x17\n\t"
- "adds x8, x8, x20\n\t"
- "adcs x9, x9, x21\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x20, x14, x19\n\t"
- "umulh x21, x14, x19\n\t"
- "adds x9, x9, x20\n\t"
- "adc x10, x10, x21\n\t"
- /* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x20, #19\n\t"
- "mul x21, x20, x7\n\t"
- "umulh x7, x20, x7\n\t"
- "adds x3, x3, x21\n\t"
- "mul x21, x20, x8\n\t"
- "umulh x8, x20, x8\n\t"
- "adcs x4, x4, x21\n\t"
- "mul x21, x20, x9\n\t"
- "umulh x9, x20, x9\n\t"
- "adcs x5, x5, x21\n\t"
- "mul x21, x20, x10\n\t"
- "umulh x22, x20, x10\n\t"
- "adcs x6, x6, x21\n\t"
+ "ldp x10, x11, [x1]\n\t"
+ "ldp x12, x13, [x1, #16]\n\t"
+ "ldp x6, x7, [x2]\n\t"
+ "ldp x8, x9, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x10, x6\n\t"
+ "mul x14, x10, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x12, x6\n\t"
+ "mul x16, x12, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x11, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x11, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x11, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x11, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x10, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x10, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x12, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x12, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x11, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x11, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x10, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x10, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x11, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x11, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x13, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x13, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x12, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x12, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x13, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x13, x9\n\t"
"adc x22, x22, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x10, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x10, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x12, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x12, x9\n\t"
+ "adcs x21, x21, x4\n\t"
"adc x22, x22, xzr\n\t"
- /* Overflow */
- "extr x22, x22, x6, #63\n\t"
- "mul x22, x22, x20\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x22\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x22, x20, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x22\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x13, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x13, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x13, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x13, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldr x0, [x29, #16]\n\t"
- "ldr x1, [x29, #40]\n\t"
- "ldr x2, [x29, #48]\n\t"
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "sub x2, x1, #32\n\t"
+ "add x0, x0, #0x40\n\t"
/* Multiply */
- "ldp x11, x12, [x1]\n\t"
- "ldp x13, x14, [x1, #16]\n\t"
- "ldp x15, x16, [x2]\n\t"
- "ldp x17, x19, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x3, x11, x15\n\t"
- "umulh x4, x11, x15\n\t"
- /* A[0] * B[1] */
- "mul x20, x11, x16\n\t"
- "umulh x5, x11, x16\n\t"
- "adds x4, x4, x20\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x20, x12, x15\n\t"
- "umulh x21, x12, x15\n\t"
- "adds x4, x4, x20\n\t"
- "adcs x5, x5, x21\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x20, x11, x17\n\t"
- "umulh x21, x11, x17\n\t"
- "adds x5, x5, x20\n\t"
- "adc x6, x6, x21\n\t"
- /* A[1] * B[1] */
- "mul x20, x12, x16\n\t"
- "umulh x21, x12, x16\n\t"
- "adds x5, x5, x20\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x20, x13, x15\n\t"
- "umulh x21, x13, x15\n\t"
- "adds x5, x5, x20\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x20, x11, x19\n\t"
- "umulh x21, x11, x19\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x20, x12, x17\n\t"
- "umulh x21, x12, x17\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x20, x13, x16\n\t"
- "umulh x21, x13, x16\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x20, x14, x15\n\t"
- "umulh x21, x14, x15\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x20, x12, x19\n\t"
- "umulh x21, x12, x19\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x20, x13, x17\n\t"
- "umulh x21, x13, x17\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x20, x14, x16\n\t"
- "umulh x21, x14, x16\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x20, x13, x19\n\t"
- "umulh x21, x13, x19\n\t"
- "adds x8, x8, x20\n\t"
- "adcs x9, x9, x21\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x20, x14, x17\n\t"
- "umulh x21, x14, x17\n\t"
- "adds x8, x8, x20\n\t"
- "adcs x9, x9, x21\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x20, x14, x19\n\t"
- "umulh x21, x14, x19\n\t"
- "adds x9, x9, x20\n\t"
- "adc x10, x10, x21\n\t"
- /* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x20, #19\n\t"
- "mul x21, x20, x7\n\t"
- "umulh x7, x20, x7\n\t"
- "adds x3, x3, x21\n\t"
- "mul x21, x20, x8\n\t"
- "umulh x8, x20, x8\n\t"
- "adcs x4, x4, x21\n\t"
- "mul x21, x20, x9\n\t"
- "umulh x9, x20, x9\n\t"
- "adcs x5, x5, x21\n\t"
- "mul x21, x20, x10\n\t"
- "umulh x22, x20, x10\n\t"
- "adcs x6, x6, x21\n\t"
+ "ldp x6, x7, [x2]\n\t"
+ "ldp x8, x9, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x10, x6\n\t"
+ "mul x14, x10, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x12, x6\n\t"
+ "mul x16, x12, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x11, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x11, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x11, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x11, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x10, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x10, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x12, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x12, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x11, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x11, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x10, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x10, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x11, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x11, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x13, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x13, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x12, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x12, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x13, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x13, x9\n\t"
"adc x22, x22, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x10, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x10, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x12, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x12, x9\n\t"
+ "adcs x21, x21, x4\n\t"
"adc x22, x22, xzr\n\t"
- /* Overflow */
- "extr x22, x22, x6, #63\n\t"
- "mul x22, x22, x20\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x22\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x22, x20, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x22\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x13, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x13, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x13, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x13, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldr x0, [x29, #24]\n\t"
- "ldr x2, [x29, #56]\n\t"
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "sub x1, x1, #0x40\n\t"
+ "sub x0, x0, #32\n\t"
/* Multiply */
- "ldp x11, x12, [x2]\n\t"
- "ldp x13, x14, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x3, x15, x11\n\t"
- "umulh x4, x15, x11\n\t"
- /* A[0] * B[1] */
- "mul x20, x15, x12\n\t"
- "umulh x5, x15, x12\n\t"
- "adds x4, x4, x20\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x20, x16, x11\n\t"
- "umulh x21, x16, x11\n\t"
- "adds x4, x4, x20\n\t"
- "adcs x5, x5, x21\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x20, x15, x13\n\t"
- "umulh x21, x15, x13\n\t"
- "adds x5, x5, x20\n\t"
- "adc x6, x6, x21\n\t"
- /* A[1] * B[1] */
- "mul x20, x16, x12\n\t"
- "umulh x21, x16, x12\n\t"
- "adds x5, x5, x20\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x20, x17, x11\n\t"
- "umulh x21, x17, x11\n\t"
- "adds x5, x5, x20\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x20, x15, x14\n\t"
- "umulh x21, x15, x14\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x20, x16, x13\n\t"
- "umulh x21, x16, x13\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x20, x17, x12\n\t"
- "umulh x21, x17, x12\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x20, x19, x11\n\t"
- "umulh x21, x19, x11\n\t"
- "adds x6, x6, x20\n\t"
- "adcs x7, x7, x21\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x20, x16, x14\n\t"
- "umulh x21, x16, x14\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x20, x17, x13\n\t"
- "umulh x21, x17, x13\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x20, x19, x12\n\t"
- "umulh x21, x19, x12\n\t"
- "adds x7, x7, x20\n\t"
- "adcs x8, x8, x21\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x20, x17, x14\n\t"
- "umulh x21, x17, x14\n\t"
- "adds x8, x8, x20\n\t"
- "adcs x9, x9, x21\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x20, x19, x13\n\t"
- "umulh x21, x19, x13\n\t"
- "adds x8, x8, x20\n\t"
- "adcs x9, x9, x21\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x20, x19, x14\n\t"
- "umulh x21, x19, x14\n\t"
- "adds x9, x9, x20\n\t"
- "adc x10, x10, x21\n\t"
- /* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x20, #19\n\t"
- "mul x21, x20, x7\n\t"
- "umulh x7, x20, x7\n\t"
- "adds x3, x3, x21\n\t"
- "mul x21, x20, x8\n\t"
- "umulh x8, x20, x8\n\t"
- "adcs x4, x4, x21\n\t"
- "mul x21, x20, x9\n\t"
- "umulh x9, x20, x9\n\t"
- "adcs x5, x5, x21\n\t"
- "mul x21, x20, x10\n\t"
- "umulh x22, x20, x10\n\t"
- "adcs x6, x6, x21\n\t"
+ "ldp x10, x11, [x1]\n\t"
+ "ldp x12, x13, [x1, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x10, x6\n\t"
+ "mul x14, x10, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x12, x6\n\t"
+ "mul x16, x12, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x11, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x11, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x11, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x11, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x10, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x10, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x12, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x12, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x11, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x11, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x10, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x10, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x11, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x11, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x13, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x13, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x12, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x12, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x13, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x13, x9\n\t"
"adc x22, x22, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x10, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x10, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x12, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x12, x9\n\t"
+ "adcs x21, x21, x4\n\t"
"adc x22, x22, xzr\n\t"
- /* Overflow */
- "extr x22, x22, x6, #63\n\t"
- "mul x22, x22, x20\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x22\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x22, x20, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x22\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x13, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x13, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x13, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x13, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* Reduce */
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldp x29, x30, [sp], #0x40\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt)
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "ldp x29, x30, [sp], #32\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
:
- : "memory", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
);
}
-void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt)
+void ge_p1p1_to_p3(ge_p3* r, const ge_p1p1* p)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-96]!\n\t"
+ "stp x29, x30, [sp, #-32]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[ry], [x29, #16]\n\t"
- "str %x[rz], [x29, #24]\n\t"
- "str %x[rt], [x29, #32]\n\t"
- "str %x[px], [x29, #40]\n\t"
- "str %x[py], [x29, #48]\n\t"
- "str %x[pz], [x29, #56]\n\t"
- "str %x[pt], [x29, #64]\n\t"
- "ldr x1, [x29, #40]\n\t"
- "ldr x2, [x29, #64]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "mov x2, x1\n\t"
+ "add x1, x1, #0x60\n\t"
/* Multiply */
- "ldp x11, x12, [x1]\n\t"
- "ldp x13, x14, [x1, #16]\n\t"
- "ldp x15, x16, [x2]\n\t"
- "ldp x17, x19, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x3, x11, x15\n\t"
- "umulh x4, x11, x15\n\t"
- /* A[0] * B[1] */
- "mul x24, x11, x16\n\t"
- "umulh x5, x11, x16\n\t"
- "adds x4, x4, x24\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x24, x12, x15\n\t"
- "umulh x25, x12, x15\n\t"
- "adds x4, x4, x24\n\t"
- "adcs x5, x5, x25\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x24, x11, x17\n\t"
- "umulh x25, x11, x17\n\t"
- "adds x5, x5, x24\n\t"
- "adc x6, x6, x25\n\t"
- /* A[1] * B[1] */
- "mul x24, x12, x16\n\t"
- "umulh x25, x12, x16\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x24, x13, x15\n\t"
- "umulh x25, x13, x15\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x24, x11, x19\n\t"
- "umulh x25, x11, x19\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x24, x12, x17\n\t"
- "umulh x25, x12, x17\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x24, x13, x16\n\t"
- "umulh x25, x13, x16\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x24, x14, x15\n\t"
- "umulh x25, x14, x15\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x24, x12, x19\n\t"
- "umulh x25, x12, x19\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x24, x13, x17\n\t"
- "umulh x25, x13, x17\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x24, x14, x16\n\t"
- "umulh x25, x14, x16\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x24, x13, x19\n\t"
- "umulh x25, x13, x19\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x24, x14, x17\n\t"
- "umulh x25, x14, x17\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x24, x14, x19\n\t"
- "umulh x25, x14, x19\n\t"
- "adds x9, x9, x24\n\t"
- "adc x10, x10, x25\n\t"
+ "ldp x10, x11, [x1]\n\t"
+ "ldp x12, x13, [x1, #16]\n\t"
+ "ldp x6, x7, [x2]\n\t"
+ "ldp x8, x9, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x10, x6\n\t"
+ "mul x14, x10, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x12, x6\n\t"
+ "mul x16, x12, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x11, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x11, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x11, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x11, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x10, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x10, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x12, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x12, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x11, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x11, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x10, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x10, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x11, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x11, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x13, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x13, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x12, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x12, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x13, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x13, x9\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x10, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x10, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x12, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x12, x9\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x13, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x13, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x13, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x13, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x24, #19\n\t"
- "mul x25, x24, x7\n\t"
- "umulh x7, x24, x7\n\t"
- "adds x3, x3, x25\n\t"
- "mul x25, x24, x8\n\t"
- "umulh x8, x24, x8\n\t"
- "adcs x4, x4, x25\n\t"
- "mul x25, x24, x9\n\t"
- "umulh x9, x24, x9\n\t"
- "adcs x5, x5, x25\n\t"
- "mul x25, x24, x10\n\t"
- "umulh x26, x24, x10\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x26, x26, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adc x26, x26, xzr\n\t"
- /* Overflow */
- "extr x26, x26, x6, #63\n\t"
- "mul x26, x26, x24\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x26, x24, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldr x0, [x29, #32]\n\t"
- "ldr x2, [x29, #48]\n\t"
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "sub x1, x1, #0x40\n\t"
+ "add x0, x0, #0x60\n\t"
/* Multiply */
- "ldp x20, x21, [x2]\n\t"
- "ldp x22, x23, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x3, x11, x20\n\t"
- "umulh x4, x11, x20\n\t"
- /* A[0] * B[1] */
- "mul x24, x11, x21\n\t"
- "umulh x5, x11, x21\n\t"
- "adds x4, x4, x24\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x24, x12, x20\n\t"
- "umulh x25, x12, x20\n\t"
- "adds x4, x4, x24\n\t"
- "adcs x5, x5, x25\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x24, x11, x22\n\t"
- "umulh x25, x11, x22\n\t"
- "adds x5, x5, x24\n\t"
- "adc x6, x6, x25\n\t"
- /* A[1] * B[1] */
- "mul x24, x12, x21\n\t"
- "umulh x25, x12, x21\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x24, x13, x20\n\t"
- "umulh x25, x13, x20\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x24, x11, x23\n\t"
- "umulh x25, x11, x23\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x24, x12, x22\n\t"
- "umulh x25, x12, x22\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x24, x13, x21\n\t"
- "umulh x25, x13, x21\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x24, x14, x20\n\t"
- "umulh x25, x14, x20\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x24, x12, x23\n\t"
- "umulh x25, x12, x23\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x24, x13, x22\n\t"
- "umulh x25, x13, x22\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x24, x14, x21\n\t"
- "umulh x25, x14, x21\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x24, x13, x23\n\t"
- "umulh x25, x13, x23\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x24, x14, x22\n\t"
- "umulh x25, x14, x22\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x24, x14, x23\n\t"
- "umulh x25, x14, x23\n\t"
- "adds x9, x9, x24\n\t"
- "adc x10, x10, x25\n\t"
+ "ldp x23, x24, [x1]\n\t"
+ "ldp x25, x26, [x1, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x23, x6\n\t"
+ "mul x14, x23, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x25, x6\n\t"
+ "mul x16, x25, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x24, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x24, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x24, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x24, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x23, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x23, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x25, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x25, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x24, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x24, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x23, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x23, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x24, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x24, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x26, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x26, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x25, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x25, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x26, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x26, x9\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x23, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x23, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x25, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x25, x9\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x26, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x26, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x26, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x26, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x24, #19\n\t"
- "mul x25, x24, x7\n\t"
- "umulh x7, x24, x7\n\t"
- "adds x3, x3, x25\n\t"
- "mul x25, x24, x8\n\t"
- "umulh x8, x24, x8\n\t"
- "adcs x4, x4, x25\n\t"
- "mul x25, x24, x9\n\t"
- "umulh x9, x24, x9\n\t"
- "adcs x5, x5, x25\n\t"
- "mul x25, x24, x10\n\t"
- "umulh x26, x24, x10\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x26, x26, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adc x26, x26, xzr\n\t"
- /* Overflow */
- "extr x26, x26, x6, #63\n\t"
- "mul x26, x26, x24\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x26, x24, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldr x0, [x29, #16]\n\t"
- "ldr x2, [x29, #56]\n\t"
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "add x2, x1, #32\n\t"
+ "sub x0, x0, #0x40\n\t"
/* Multiply */
- "ldp x11, x12, [x2]\n\t"
- "ldp x13, x14, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x3, x20, x11\n\t"
- "umulh x4, x20, x11\n\t"
- /* A[0] * B[1] */
- "mul x24, x20, x12\n\t"
- "umulh x5, x20, x12\n\t"
- "adds x4, x4, x24\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x24, x21, x11\n\t"
- "umulh x25, x21, x11\n\t"
- "adds x4, x4, x24\n\t"
- "adcs x5, x5, x25\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x24, x20, x13\n\t"
- "umulh x25, x20, x13\n\t"
- "adds x5, x5, x24\n\t"
- "adc x6, x6, x25\n\t"
- /* A[1] * B[1] */
- "mul x24, x21, x12\n\t"
- "umulh x25, x21, x12\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x24, x22, x11\n\t"
- "umulh x25, x22, x11\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x24, x20, x14\n\t"
- "umulh x25, x20, x14\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x24, x21, x13\n\t"
- "umulh x25, x21, x13\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x24, x22, x12\n\t"
- "umulh x25, x22, x12\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x24, x23, x11\n\t"
- "umulh x25, x23, x11\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x24, x21, x14\n\t"
- "umulh x25, x21, x14\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x24, x22, x13\n\t"
- "umulh x25, x22, x13\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x24, x23, x12\n\t"
- "umulh x25, x23, x12\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x24, x22, x14\n\t"
- "umulh x25, x22, x14\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x24, x23, x13\n\t"
- "umulh x25, x23, x13\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x24, x23, x14\n\t"
- "umulh x25, x23, x14\n\t"
- "adds x9, x9, x24\n\t"
- "adc x10, x10, x25\n\t"
+ "ldp x6, x7, [x2]\n\t"
+ "ldp x8, x9, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x23, x6\n\t"
+ "mul x14, x23, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x25, x6\n\t"
+ "mul x16, x25, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x24, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x24, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x24, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x24, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x23, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x23, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x25, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x25, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x24, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x24, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x23, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x23, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x24, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x24, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x26, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x26, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x25, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x25, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x26, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x26, x9\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x23, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x23, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x25, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x25, x9\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x26, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x26, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x26, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x26, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x24, #19\n\t"
- "mul x25, x24, x7\n\t"
- "umulh x7, x24, x7\n\t"
- "adds x3, x3, x25\n\t"
- "mul x25, x24, x8\n\t"
- "umulh x8, x24, x8\n\t"
- "adcs x4, x4, x25\n\t"
- "mul x25, x24, x9\n\t"
- "umulh x9, x24, x9\n\t"
- "adcs x5, x5, x25\n\t"
- "mul x25, x24, x10\n\t"
- "umulh x26, x24, x10\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x26, x26, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adc x26, x26, xzr\n\t"
- /* Overflow */
- "extr x26, x26, x6, #63\n\t"
- "mul x26, x26, x24\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x26, x24, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldr x0, [x29, #24]\n\t"
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "add x1, x1, #0x40\n\t"
+ "add x0, x0, #32\n\t"
/* Multiply */
- /* A[0] * B[0] */
- "mul x3, x11, x15\n\t"
- "umulh x4, x11, x15\n\t"
- /* A[0] * B[1] */
- "mul x24, x11, x16\n\t"
- "umulh x5, x11, x16\n\t"
- "adds x4, x4, x24\n\t"
- "adc x5, x5, xzr\n\t"
- /* A[1] * B[0] */
- "mul x24, x12, x15\n\t"
- "umulh x25, x12, x15\n\t"
- "adds x4, x4, x24\n\t"
- "adcs x5, x5, x25\n\t"
- "adc x6, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x24, x11, x17\n\t"
- "umulh x25, x11, x17\n\t"
- "adds x5, x5, x24\n\t"
- "adc x6, x6, x25\n\t"
- /* A[1] * B[1] */
- "mul x24, x12, x16\n\t"
- "umulh x25, x12, x16\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x24, x13, x15\n\t"
- "umulh x25, x13, x15\n\t"
- "adds x5, x5, x24\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * B[3] */
- "mul x24, x11, x19\n\t"
- "umulh x25, x11, x19\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x24, x12, x17\n\t"
- "umulh x25, x12, x17\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[2] * B[1] */
- "mul x24, x13, x16\n\t"
- "umulh x25, x13, x16\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[3] * B[0] */
- "mul x24, x14, x15\n\t"
- "umulh x25, x14, x15\n\t"
- "adds x6, x6, x24\n\t"
- "adcs x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * B[3] */
- "mul x24, x12, x19\n\t"
- "umulh x25, x12, x19\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x24, x13, x17\n\t"
- "umulh x25, x13, x17\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[3] * B[1] */
- "mul x24, x14, x16\n\t"
- "umulh x25, x14, x16\n\t"
- "adds x7, x7, x24\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[3] */
- "mul x24, x13, x19\n\t"
- "umulh x25, x13, x19\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x24, x14, x17\n\t"
- "umulh x25, x14, x17\n\t"
- "adds x8, x8, x24\n\t"
- "adcs x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[3] * B[3] */
- "mul x24, x14, x19\n\t"
- "umulh x25, x14, x19\n\t"
- "adds x9, x9, x24\n\t"
- "adc x10, x10, x25\n\t"
+ /* A[0] * B[0] */
+ "umulh x15, x10, x6\n\t"
+ "mul x14, x10, x6\n\t"
+ /* A[2] * B[0] */
+ "umulh x17, x12, x6\n\t"
+ "mul x16, x12, x6\n\t"
+ /* A[1] * B[0] */
+ "mul x3, x11, x6\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x11, x6\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[1] * B[3] */
+ "umulh x20, x11, x9\n\t"
+ "adc x17, x17, xzr\n\t"
+ "mul x19, x11, x9\n\t"
+ /* A[0] * B[1] */
+ "mul x3, x10, x7\n\t"
+ "adds x15, x15, x3\n\t"
+ "umulh x4, x10, x7\n\t"
+ "adcs x16, x16, x4\n\t"
+ /* A[2] * B[1] */
+ "mul x3, x12, x7\n\t"
+ "adcs x17, x17, x3\n\t"
+ "umulh x4, x12, x7\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x3, x11, x8\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x11, x8\n\t"
+ "adcs x19, x19, x4\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x3, x10, x8\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x10, x8\n\t"
+ "adcs x17, x17, x4\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adcs x20, x20, xzr\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x3, x11, x7\n\t"
+ "adds x16, x16, x3\n\t"
+ "umulh x4, x11, x7\n\t"
+ "adcs x17, x17, x4\n\t"
+ /* A[3] * B[1] */
+ "mul x3, x13, x7\n\t"
+ "adcs x19, x19, x3\n\t"
+ "umulh x4, x13, x7\n\t"
+ "adcs x20, x20, x4\n\t"
+ "adc x21, x21, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x3, x12, x8\n\t"
+ "adds x19, x19, x3\n\t"
+ "umulh x4, x12, x8\n\t"
+ "adcs x20, x20, x4\n\t"
+ /* A[3] * B[3] */
+ "mul x3, x13, x9\n\t"
+ "adcs x21, x21, x3\n\t"
+ "umulh x22, x13, x9\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x3, x10, x9\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x10, x9\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[2] * B[3] */
+ "mul x3, x12, x9\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x12, x9\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x3, x13, x6\n\t"
+ "adds x17, x17, x3\n\t"
+ "umulh x4, x13, x6\n\t"
+ "adcs x19, x19, x4\n\t"
+ /* A[3] * B[2] */
+ "mul x3, x13, x8\n\t"
+ "adcs x20, x20, x3\n\t"
+ "umulh x4, x13, x8\n\t"
+ "adcs x21, x21, x4\n\t"
+ "adc x22, x22, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "extr x7, x7, x6, #63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x24, #19\n\t"
- "mul x25, x24, x7\n\t"
- "umulh x7, x24, x7\n\t"
- "adds x3, x3, x25\n\t"
- "mul x25, x24, x8\n\t"
- "umulh x8, x24, x8\n\t"
- "adcs x4, x4, x25\n\t"
- "mul x25, x24, x9\n\t"
- "umulh x9, x24, x9\n\t"
- "adcs x5, x5, x25\n\t"
- "mul x25, x24, x10\n\t"
- "umulh x26, x24, x10\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x26, x26, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x7\n\t"
- "adcs x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adc x26, x26, xzr\n\t"
- /* Overflow */
- "extr x26, x26, x6, #63\n\t"
- "mul x26, x26, x24\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
- /* Reduce if top bit set */
- "and x26, x24, x6, asr 63\n\t"
- "and x6, x6, #0x7fffffffffffffff\n\t"
- "adds x3, x3, x26\n\t"
- "adcs x4, x4, xzr\n\t"
- "adcs x5, x5, xzr\n\t"
- "adc x6, x6, xzr\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x22\n\t"
+ "adds x17, x17, x4\n\t"
+ "umulh x5, x3, x22\n\t"
+ "adc x5, x5, xzr\n\t"
+ "mov x3, #19\n\t"
+ "extr x5, x5, x17, #63\n\t"
+ "mul x5, x5, x3\n\t"
+ "and x17, x17, #0x7fffffffffffffff\n\t"
+ "mov x3, #38\n\t"
+ "mul x4, x3, x19\n\t"
+ "adds x14, x14, x4\n\t"
+ "umulh x19, x3, x19\n\t"
+ "mul x4, x3, x20\n\t"
+ "adcs x15, x15, x4\n\t"
+ "umulh x20, x3, x20\n\t"
+ "mul x4, x3, x21\n\t"
+ "adcs x16, x16, x4\n\t"
+ "umulh x21, x3, x21\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* Add high product results in */
+ "adds x14, x14, x5\n\t"
+ "adcs x15, x15, x19\n\t"
+ "adcs x16, x16, x20\n\t"
+ "adc x17, x17, x21\n\t"
/* Store */
- "stp x3, x4, [x0]\n\t"
- "stp x5, x6, [x0, #16]\n\t"
- "ldp x29, x30, [sp], #0x60\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt)
+ "stp x14, x15, [x0]\n\t"
+ "stp x16, x17, [x0, #16]\n\t"
+ "ldp x29, x30, [sp], #32\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
:
- : "memory", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
);
}
-void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz)
+void ge_p2_dbl(ge_p1p1* r, const ge_p2* p)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-80]!\n\t"
+ "stp x29, x30, [sp, #-32]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[rx], [x29, #16]\n\t"
- "str %x[ry], [x29, #24]\n\t"
- "str %x[rz], [x29, #32]\n\t"
- "str %x[rt], [x29, #40]\n\t"
- "str %x[px], [x29, #48]\n\t"
- "str %x[py], [x29, #56]\n\t"
- "str %x[pz], [x29, #64]\n\t"
- "ldr x1, [x29, #48]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "add x0, x0, #0x40\n\t"
/* Square */
- "ldp x12, x13, [x1]\n\t"
- "ldp x14, x15, [x1, #16]\n\t"
+ "ldp x4, x5, [x1]\n\t"
+ "ldp x6, x7, [x1, #16]\n\t"
/* A[0] * A[1] */
- "mul x5, x12, x13\n\t"
- "umulh x6, x12, x13\n\t"
- /* A[0] * A[2] */
- "mul x25, x12, x14\n\t"
- "umulh x7, x12, x14\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, xzr\n\t"
+ "umulh x10, x4, x5\n\t"
+ "mul x9, x4, x5\n\t"
/* A[0] * A[3] */
- "mul x25, x12, x15\n\t"
- "umulh x8, x12, x15\n\t"
- "adds x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[1] * A[2] */
- "mul x25, x13, x14\n\t"
- "umulh x26, x13, x14\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, xzr, xzr\n\t"
+ "umulh x12, x4, x7\n\t"
+ "mul x11, x4, x7\n\t"
+ /* A[0] * A[2] */
+ "mul x25, x4, x6\n\t"
+ "adds x10, x10, x25\n\t"
+ "umulh x26, x4, x6\n\t"
+ "adcs x11, x11, x26\n\t"
/* A[1] * A[3] */
- "mul x25, x13, x15\n\t"
- "umulh x26, x13, x15\n\t"
- "adds x8, x8, x25\n\t"
- "adc x9, x9, x26\n\t"
+ "mul x25, x5, x7\n\t"
+ "adcs x12, x12, x25\n\t"
+ "umulh x13, x5, x7\n\t"
+ "adc x13, x13, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x25, x5, x6\n\t"
+ "adds x11, x11, x25\n\t"
+ "umulh x26, x5, x6\n\t"
+ "adcs x12, x12, x26\n\t"
/* A[2] * A[3] */
- "mul x25, x14, x15\n\t"
- "umulh x10, x14, x15\n\t"
- "adds x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
+ "mul x25, x6, x7\n\t"
+ "adcs x13, x13, x25\n\t"
+ "umulh x14, x6, x7\n\t"
+ "adc x14, x14, xzr\n\t"
/* Double */
- "adds x5, x5, x5\n\t"
- "adcs x6, x6, x6\n\t"
- "adcs x7, x7, x7\n\t"
- "adcs x8, x8, x8\n\t"
- "adcs x9, x9, x9\n\t"
+ "adds x9, x9, x9\n\t"
"adcs x10, x10, x10\n\t"
- "adc x11, xzr, xzr\n\t"
+ "adcs x11, x11, x11\n\t"
+ "adcs x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adc x15, xzr, xzr\n\t"
/* A[0] * A[0] */
- "mul x4, x12, x12\n\t"
- "umulh x27, x12, x12\n\t"
+ "umulh x26, x4, x4\n\t"
+ "mul x8, x4, x4\n\t"
/* A[1] * A[1] */
- "mul x25, x13, x13\n\t"
- "umulh x26, x13, x13\n\t"
- "adds x5, x5, x27\n\t"
- "adcs x6, x6, x25\n\t"
- "adc x27, x26, xzr\n\t"
+ "mul x25, x5, x5\n\t"
+ "adds x9, x9, x26\n\t"
+ "umulh x26, x5, x5\n\t"
+ "adcs x10, x10, x25\n\t"
/* A[2] * A[2] */
- "mul x25, x14, x14\n\t"
- "umulh x26, x14, x14\n\t"
- "adds x7, x7, x27\n\t"
- "adcs x8, x8, x25\n\t"
- "adc x27, x26, xzr\n\t"
+ "mul x25, x6, x6\n\t"
+ "adcs x11, x11, x26\n\t"
+ "umulh x26, x6, x6\n\t"
+ "adcs x12, x12, x25\n\t"
/* A[3] * A[3] */
- "mul x25, x15, x15\n\t"
- "umulh x26, x15, x15\n\t"
- "adds x9, x9, x27\n\t"
- "adcs x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
+ "mul x25, x7, x7\n\t"
+ "adcs x13, x13, x26\n\t"
+ "umulh x26, x7, x7\n\t"
+ "adcs x14, x14, x25\n\t"
+ "adc x15, x15, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x8\n\t"
- "umulh x8, x25, x8\n\t"
- "adds x4, x4, x26\n\t"
- "mul x26, x25, x9\n\t"
- "umulh x9, x25, x9\n\t"
- "adcs x5, x5, x26\n\t"
- "mul x26, x25, x10\n\t"
- "umulh x10, x25, x10\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x11\n\t"
- "umulh x27, x25, x11\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x15\n\t"
+ "adds x11, x11, x26\n\t"
+ "umulh x27, x25, x15\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x7, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x11, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x12\n\t"
+ "adds x8, x8, x26\n\t"
+ "umulh x12, x25, x12\n\t"
+ "mul x26, x25, x13\n\t"
+ "adcs x9, x9, x26\n\t"
+ "umulh x13, x25, x13\n\t"
+ "mul x26, x25, x14\n\t"
+ "adcs x10, x10, x26\n\t"
+ "umulh x14, x25, x14\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* Add high product results in */
+ "adds x8, x8, x27\n\t"
+ "adcs x9, x9, x12\n\t"
+ "adcs x10, x10, x13\n\t"
+ "adc x11, x11, x14\n\t"
/* Store */
- "stp x4, x5, [x0]\n\t"
- "stp x6, x7, [x0, #16]\n\t"
- "ldr x0, [x29, #32]\n\t"
- "ldr x1, [x29, #56]\n\t"
+ "stp x8, x9, [x0]\n\t"
+ "stp x10, x11, [x0, #16]\n\t"
+ "add x2, x1, #32\n\t"
+ "sub x0, x0, #32\n\t"
/* Square */
- "ldp x21, x22, [x1]\n\t"
- "ldp x23, x24, [x1, #16]\n\t"
+ "ldp x16, x17, [x2]\n\t"
+ "ldp x19, x20, [x2, #16]\n\t"
/* A[0] * A[1] */
- "mul x9, x21, x22\n\t"
- "umulh x10, x21, x22\n\t"
- /* A[0] * A[2] */
- "mul x25, x21, x23\n\t"
- "umulh x11, x21, x23\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, xzr\n\t"
+ "umulh x23, x16, x17\n\t"
+ "mul x22, x16, x17\n\t"
/* A[0] * A[3] */
- "mul x25, x21, x24\n\t"
- "umulh x16, x21, x24\n\t"
- "adds x11, x11, x25\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[1] * A[2] */
- "mul x25, x22, x23\n\t"
- "umulh x26, x22, x23\n\t"
- "adds x11, x11, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
+ "umulh x4, x16, x20\n\t"
+ "mul x24, x16, x20\n\t"
+ /* A[0] * A[2] */
+ "mul x25, x16, x19\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x16, x19\n\t"
+ "adcs x24, x24, x26\n\t"
/* A[1] * A[3] */
- "mul x25, x22, x24\n\t"
- "umulh x26, x22, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adc x17, x17, x26\n\t"
+ "mul x25, x17, x20\n\t"
+ "adcs x4, x4, x25\n\t"
+ "umulh x5, x17, x20\n\t"
+ "adc x5, x5, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x25, x17, x19\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x17, x19\n\t"
+ "adcs x4, x4, x26\n\t"
/* A[2] * A[3] */
- "mul x25, x23, x24\n\t"
- "umulh x19, x23, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adc x19, x19, xzr\n\t"
+ "mul x25, x19, x20\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x6, x19, x20\n\t"
+ "adc x6, x6, xzr\n\t"
/* Double */
- "adds x9, x9, x9\n\t"
- "adcs x10, x10, x10\n\t"
- "adcs x11, x11, x11\n\t"
- "adcs x16, x16, x16\n\t"
- "adcs x17, x17, x17\n\t"
- "adcs x19, x19, x19\n\t"
- "adc x20, xzr, xzr\n\t"
+ "adds x22, x22, x22\n\t"
+ "adcs x23, x23, x23\n\t"
+ "adcs x24, x24, x24\n\t"
+ "adcs x4, x4, x4\n\t"
+ "adcs x5, x5, x5\n\t"
+ "adcs x6, x6, x6\n\t"
+ "adc x7, xzr, xzr\n\t"
/* A[0] * A[0] */
- "mul x8, x21, x21\n\t"
- "umulh x27, x21, x21\n\t"
+ "umulh x26, x16, x16\n\t"
+ "mul x21, x16, x16\n\t"
/* A[1] * A[1] */
- "mul x25, x22, x22\n\t"
- "umulh x26, x22, x22\n\t"
- "adds x9, x9, x27\n\t"
- "adcs x10, x10, x25\n\t"
- "adc x27, x26, xzr\n\t"
+ "mul x25, x17, x17\n\t"
+ "adds x22, x22, x26\n\t"
+ "umulh x26, x17, x17\n\t"
+ "adcs x23, x23, x25\n\t"
/* A[2] * A[2] */
- "mul x25, x23, x23\n\t"
- "umulh x26, x23, x23\n\t"
- "adds x11, x11, x27\n\t"
- "adcs x16, x16, x25\n\t"
- "adc x27, x26, xzr\n\t"
+ "mul x25, x19, x19\n\t"
+ "adcs x24, x24, x26\n\t"
+ "umulh x26, x19, x19\n\t"
+ "adcs x4, x4, x25\n\t"
/* A[3] * A[3] */
- "mul x25, x24, x24\n\t"
- "umulh x26, x24, x24\n\t"
- "adds x17, x17, x27\n\t"
- "adcs x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "mul x25, x20, x20\n\t"
+ "adcs x5, x5, x26\n\t"
+ "umulh x26, x20, x20\n\t"
+ "adcs x6, x6, x25\n\t"
+ "adc x7, x7, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x11, #63\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x8, x8, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x9, x9, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x10, x10, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x11, x11, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x9, x9, x16\n\t"
- "adcs x10, x10, x17\n\t"
- "adcs x11, x11, x19\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x7\n\t"
+ "adds x24, x24, x26\n\t"
+ "umulh x27, x25, x7\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x11, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x24, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
- "adds x8, x8, x27\n\t"
- "adcs x9, x9, xzr\n\t"
- "adcs x10, x10, xzr\n\t"
- "adc x11, x11, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x11, asr 63\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
- "adds x8, x8, x27\n\t"
- "adcs x9, x9, xzr\n\t"
- "adcs x10, x10, xzr\n\t"
- "adc x11, x11, xzr\n\t"
- /* Store */
- "stp x8, x9, [x0]\n\t"
- "stp x10, x11, [x0, #16]\n\t"
- "ldr x0, [x29, #24]\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x4\n\t"
+ "adds x21, x21, x26\n\t"
+ "umulh x4, x25, x4\n\t"
+ "mul x26, x25, x5\n\t"
+ "adcs x22, x22, x26\n\t"
+ "umulh x5, x25, x5\n\t"
+ "mul x26, x25, x6\n\t"
+ "adcs x23, x23, x26\n\t"
+ "umulh x6, x25, x6\n\t"
+ "adc x24, x24, xzr\n\t"
+ /* Add high product results in */
+ "adds x21, x21, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x23, x23, x5\n\t"
+ "adc x24, x24, x6\n\t"
+ "add x3, x0, #32\n\t"
+ "mov x2, x0\n\t"
+ "add x1, x0, #32\n\t"
/* Add */
- "adds x12, x12, x21\n\t"
- "adcs x13, x13, x22\n\t"
- "adcs x14, x14, x23\n\t"
- "adc x15, x15, x24\n\t"
+ "adds x4, x21, x8\n\t"
+ "adcs x5, x22, x9\n\t"
+ "adcs x6, x23, x10\n\t"
+ "adcs x7, x24, x11\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x7, #63\n\t"
+ "mul x25, x28, x25\n\t"
+ /* Sub modulus (if overflow) */
+ "adds x4, x4, x25\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "and x7, x7, #0x7fffffffffffffff\n\t"
+ "adcs x6, x6, xzr\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* Sub */
+ "subs x12, x21, x8\n\t"
+ "sbcs x13, x22, x9\n\t"
+ "sbcs x14, x23, x10\n\t"
+ "sbcs x15, x24, x11\n\t"
+ "csetm x28, cc\n\t"
"mov x25, #-19\n\t"
- "asr x28, x15, #63\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
+ /* Add modulus (if underflow) */
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
+ "stp x4, x5, [x0]\n\t"
+ "stp x6, x7, [x0, #16]\n\t"
+ "stp x12, x13, [x1]\n\t"
+ "stp x14, x15, [x1, #16]\n\t"
+ "ldr x1, [x29, #24]\n\t"
+ "add x2, x1, #32\n\t"
+ "sub x0, x0, #32\n\t"
+ /* Add */
+ "ldp x8, x9, [x1]\n\t"
+ "ldp x10, x11, [x1, #16]\n\t"
+ "adds x8, x8, x16\n\t"
+ "adcs x9, x9, x17\n\t"
+ "adcs x10, x10, x19\n\t"
+ "adcs x11, x11, x20\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
/* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x12, x12, x25\n\t"
- "sbcs x13, x13, x28\n\t"
- "sbcs x14, x14, x28\n\t"
- "sbc x15, x15, x26\n\t"
- "ldr x0, [x29, #40]\n\t"
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
+ "mov x1, x0\n\t"
/* Square */
/* A[0] * A[1] */
- "mul x17, x12, x13\n\t"
- "umulh x19, x12, x13\n\t"
- /* A[0] * A[2] */
- "mul x25, x12, x14\n\t"
- "umulh x20, x12, x14\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, xzr\n\t"
+ "umulh x23, x8, x9\n\t"
+ "mul x22, x8, x9\n\t"
/* A[0] * A[3] */
- "mul x25, x12, x15\n\t"
- "umulh x21, x12, x15\n\t"
- "adds x20, x20, x25\n\t"
- "adc x21, x21, xzr\n\t"
- /* A[1] * A[2] */
- "mul x25, x13, x14\n\t"
- "umulh x26, x13, x14\n\t"
- "adds x20, x20, x25\n\t"
- "adcs x21, x21, x26\n\t"
- "adc x22, xzr, xzr\n\t"
+ "umulh x4, x8, x11\n\t"
+ "mul x24, x8, x11\n\t"
+ /* A[0] * A[2] */
+ "mul x25, x8, x10\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x8, x10\n\t"
+ "adcs x24, x24, x26\n\t"
/* A[1] * A[3] */
- "mul x25, x13, x15\n\t"
- "umulh x26, x13, x15\n\t"
- "adds x21, x21, x25\n\t"
- "adc x22, x22, x26\n\t"
+ "mul x25, x9, x11\n\t"
+ "adcs x4, x4, x25\n\t"
+ "umulh x5, x9, x11\n\t"
+ "adc x5, x5, xzr\n\t"
+ /* A[1] * A[2] */
+ "mul x25, x9, x10\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x9, x10\n\t"
+ "adcs x4, x4, x26\n\t"
/* A[2] * A[3] */
- "mul x25, x14, x15\n\t"
- "umulh x23, x14, x15\n\t"
- "adds x22, x22, x25\n\t"
- "adc x23, x23, xzr\n\t"
+ "mul x25, x10, x11\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x6, x10, x11\n\t"
+ "adc x6, x6, xzr\n\t"
/* Double */
- "adds x17, x17, x17\n\t"
- "adcs x19, x19, x19\n\t"
- "adcs x20, x20, x20\n\t"
- "adcs x21, x21, x21\n\t"
- "adcs x22, x22, x22\n\t"
+ "adds x22, x22, x22\n\t"
"adcs x23, x23, x23\n\t"
- "adc x24, xzr, xzr\n\t"
+ "adcs x24, x24, x24\n\t"
+ "adcs x4, x4, x4\n\t"
+ "adcs x5, x5, x5\n\t"
+ "adcs x6, x6, x6\n\t"
+ "adc x7, xzr, xzr\n\t"
/* A[0] * A[0] */
- "mul x16, x12, x12\n\t"
- "umulh x27, x12, x12\n\t"
+ "umulh x26, x8, x8\n\t"
+ "mul x21, x8, x8\n\t"
/* A[1] * A[1] */
- "mul x25, x13, x13\n\t"
- "umulh x26, x13, x13\n\t"
- "adds x17, x17, x27\n\t"
- "adcs x19, x19, x25\n\t"
- "adc x27, x26, xzr\n\t"
+ "mul x25, x9, x9\n\t"
+ "adds x22, x22, x26\n\t"
+ "umulh x26, x9, x9\n\t"
+ "adcs x23, x23, x25\n\t"
/* A[2] * A[2] */
- "mul x25, x14, x14\n\t"
- "umulh x26, x14, x14\n\t"
- "adds x20, x20, x27\n\t"
- "adcs x21, x21, x25\n\t"
- "adc x27, x26, xzr\n\t"
+ "mul x25, x10, x10\n\t"
+ "adcs x24, x24, x26\n\t"
+ "umulh x26, x10, x10\n\t"
+ "adcs x4, x4, x25\n\t"
/* A[3] * A[3] */
- "mul x25, x15, x15\n\t"
- "umulh x26, x15, x15\n\t"
- "adds x22, x22, x27\n\t"
- "adcs x23, x23, x25\n\t"
- "adc x24, x24, x26\n\t"
+ "mul x25, x11, x11\n\t"
+ "adcs x5, x5, x26\n\t"
+ "umulh x26, x11, x11\n\t"
+ "adcs x6, x6, x25\n\t"
+ "adc x7, x7, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x24, x24, x23, #63\n\t"
- "extr x23, x23, x22, #63\n\t"
- "extr x22, x22, x21, #63\n\t"
- "extr x21, x21, x20, #63\n\t"
- "and x20, x20, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x21\n\t"
- "umulh x21, x25, x21\n\t"
- "adds x16, x16, x26\n\t"
- "mul x26, x25, x22\n\t"
- "umulh x22, x25, x22\n\t"
- "adcs x17, x17, x26\n\t"
- "mul x26, x25, x23\n\t"
- "umulh x23, x25, x23\n\t"
- "adcs x19, x19, x26\n\t"
- "mul x26, x25, x24\n\t"
- "umulh x27, x25, x24\n\t"
- "adcs x20, x20, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x17, x17, x21\n\t"
- "adcs x19, x19, x22\n\t"
- "adcs x20, x20, x23\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x7\n\t"
+ "adds x24, x24, x26\n\t"
+ "umulh x27, x25, x7\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x20, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x24, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x20, x20, #0x7fffffffffffffff\n\t"
- "adds x16, x16, x27\n\t"
- "adcs x17, x17, xzr\n\t"
- "adcs x19, x19, xzr\n\t"
- "adc x20, x20, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x20, asr 63\n\t"
- "and x20, x20, #0x7fffffffffffffff\n\t"
- "adds x16, x16, x27\n\t"
- "adcs x17, x17, xzr\n\t"
- "adcs x19, x19, xzr\n\t"
- "adc x20, x20, xzr\n\t"
- /* Store */
- "stp x16, x17, [x0]\n\t"
- "stp x19, x20, [x0, #16]\n\t"
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [x29, #32]\n\t"
- /* Add */
- "adds x12, x8, x4\n\t"
- "adcs x13, x9, x5\n\t"
- "adcs x14, x10, x6\n\t"
- "adc x15, x11, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x15, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs x12, x12, x25\n\t"
- "sbcs x13, x13, x28\n\t"
- "sbcs x14, x14, x28\n\t"
- "sbc x15, x15, x26\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x4\n\t"
+ "adds x21, x21, x26\n\t"
+ "umulh x4, x25, x4\n\t"
+ "mul x26, x25, x5\n\t"
+ "adcs x22, x22, x26\n\t"
+ "umulh x5, x25, x5\n\t"
+ "mul x26, x25, x6\n\t"
+ "adcs x23, x23, x26\n\t"
+ "umulh x6, x25, x6\n\t"
+ "adc x24, x24, xzr\n\t"
+ /* Add high product results in */
+ "adds x21, x21, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x23, x23, x5\n\t"
+ "adc x24, x24, x6\n\t"
+ "add x2, x0, #32\n\t"
/* Sub */
- "subs x21, x8, x4\n\t"
- "sbcs x22, x9, x5\n\t"
- "sbcs x23, x10, x6\n\t"
- "sbcs x24, x11, x7\n\t"
- "mov x25, #-19\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ "subs x21, x21, x8\n\t"
+ "sbcs x22, x22, x9\n\t"
+ "sbcs x23, x23, x10\n\t"
+ "sbcs x24, x24, x11\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
- /* Add modulus (if underflow) */
- "adds x21, x21, x25\n\t"
- "adcs x22, x22, x28\n\t"
- "adcs x23, x23, x28\n\t"
- "adc x24, x24, x26\n\t"
- "stp x12, x13, [x0]\n\t"
- "stp x14, x15, [x0, #16]\n\t"
- "stp x21, x22, [x1]\n\t"
- "stp x23, x24, [x1, #16]\n\t"
- "ldr x0, [x29, #16]\n\t"
- /* Sub */
- "subs x16, x16, x12\n\t"
- "sbcs x17, x17, x13\n\t"
- "sbcs x19, x19, x14\n\t"
- "sbcs x20, x20, x15\n\t"
"mov x25, #-19\n\t"
- "csetm x28, cc\n\t"
/* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "extr x28, x28, x24, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
- "stp x16, x17, [x0]\n\t"
- "stp x19, x20, [x0, #16]\n\t"
- "ldr x0, [x29, #40]\n\t"
- "ldr x1, [x29, #64]\n\t"
+ "subs x21, x21, x25\n\t"
+ "sbcs x22, x22, xzr\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "sbcs x23, x23, xzr\n\t"
+ "sbc x24, x24, xzr\n\t"
+ "stp x21, x22, [x0]\n\t"
+ "stp x23, x24, [x0, #16]\n\t"
+ "ldr x2, [x29, #24]\n\t"
+ "add x2, x2, #0x40\n\t"
+ "add x0, x0, #0x60\n\t"
/* Square * 2 */
- "ldp x12, x13, [x1]\n\t"
- "ldp x14, x15, [x1, #16]\n\t"
+ "ldp x16, x17, [x2]\n\t"
+ "ldp x19, x20, [x2, #16]\n\t"
/* A[0] * A[1] */
- "mul x5, x12, x13\n\t"
- "umulh x6, x12, x13\n\t"
+ "umulh x6, x16, x17\n\t"
+ "mul x5, x16, x17\n\t"
+ /* A[0] * A[3] */
+ "umulh x8, x16, x20\n\t"
+ "mul x7, x16, x20\n\t"
/* A[0] * A[2] */
- "mul x25, x12, x14\n\t"
- "umulh x7, x12, x14\n\t"
+ "mul x25, x16, x19\n\t"
"adds x6, x6, x25\n\t"
- "adc x7, x7, xzr\n\t"
- /* A[0] * A[3] */
- "mul x25, x12, x15\n\t"
- "umulh x8, x12, x15\n\t"
- "adds x7, x7, x25\n\t"
- "adc x8, x8, xzr\n\t"
+ "umulh x26, x16, x19\n\t"
+ "adcs x7, x7, x26\n\t"
+ /* A[1] * A[3] */
+ "mul x25, x17, x20\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x9, x17, x20\n\t"
+ "adc x9, x9, xzr\n\t"
/* A[1] * A[2] */
- "mul x25, x13, x14\n\t"
- "umulh x26, x13, x14\n\t"
+ "mul x25, x17, x19\n\t"
"adds x7, x7, x25\n\t"
+ "umulh x26, x17, x19\n\t"
"adcs x8, x8, x26\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[1] * A[3] */
- "mul x25, x13, x15\n\t"
- "umulh x26, x13, x15\n\t"
- "adds x8, x8, x25\n\t"
- "adc x9, x9, x26\n\t"
/* A[2] * A[3] */
- "mul x25, x14, x15\n\t"
- "umulh x10, x14, x15\n\t"
- "adds x9, x9, x25\n\t"
+ "mul x25, x19, x20\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x10, x19, x20\n\t"
"adc x10, x10, xzr\n\t"
/* Double */
"adds x5, x5, x5\n\t"
@@ -4585,635 +5729,530 @@ void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz
"adcs x10, x10, x10\n\t"
"adc x11, xzr, xzr\n\t"
/* A[0] * A[0] */
- "mul x4, x12, x12\n\t"
- "umulh x28, x12, x12\n\t"
+ "umulh x26, x16, x16\n\t"
+ "mul x4, x16, x16\n\t"
/* A[1] * A[1] */
- "mul x25, x13, x13\n\t"
- "umulh x26, x13, x13\n\t"
- "adds x5, x5, x28\n\t"
+ "mul x25, x17, x17\n\t"
+ "adds x5, x5, x26\n\t"
+ "umulh x26, x17, x17\n\t"
"adcs x6, x6, x25\n\t"
- "adc x28, x26, xzr\n\t"
/* A[2] * A[2] */
- "mul x25, x14, x14\n\t"
- "umulh x26, x14, x14\n\t"
- "adds x7, x7, x28\n\t"
+ "mul x25, x19, x19\n\t"
+ "adcs x7, x7, x26\n\t"
+ "umulh x26, x19, x19\n\t"
"adcs x8, x8, x25\n\t"
- "adc x28, x26, xzr\n\t"
/* A[3] * A[3] */
- "mul x25, x15, x15\n\t"
- "umulh x26, x15, x15\n\t"
- "adds x9, x9, x28\n\t"
+ "mul x25, x20, x20\n\t"
+ "adcs x9, x9, x26\n\t"
+ "umulh x26, x20, x20\n\t"
"adcs x10, x10, x25\n\t"
"adc x11, x11, x26\n\t"
- /* Double and Reduce */
- "mov x25, #0x169\n\t"
- /* Move top half into t4-t7 and remove top bit from t3 */
- "lsr x28, x11, #61\n\t"
- "extr x11, x11, x10, #62\n\t"
- "extr x10, x10, x9, #62\n\t"
- "extr x9, x9, x8, #62\n\t"
- "extr x8, x8, x7, #62\n\t"
- "extr x7, x7, x6, #63\n\t"
- "extr x6, x6, x5, #63\n\t"
- "extr x5, x5, x4, #63\n\t"
- "lsl x4, x4, #1\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Two left, only one right */
- "and x11, x11, #0x7fffffffffffffff\n\t"
- /* Multiply top bits by 19*19 */
- "mul x28, x28, x25\n\t"
- /* Multiply top half by 19 */
+ /* Reduce */
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x7, x7, x26\n\t"
+ "umulh x27, x25, x11\n\t"
+ "adc x27, x27, xzr\n\t"
"mov x25, #19\n\t"
+ "extr x27, x27, x7, #63\n\t"
+ "mul x27, x27, x25\n\t"
+ "and x7, x7, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
"mul x26, x25, x8\n\t"
- "umulh x8, x25, x8\n\t"
"adds x4, x4, x26\n\t"
+ "umulh x8, x25, x8\n\t"
"mul x26, x25, x9\n\t"
- "umulh x9, x25, x9\n\t"
"adcs x5, x5, x26\n\t"
+ "umulh x9, x25, x9\n\t"
"mul x26, x25, x10\n\t"
- "umulh x10, x25, x10\n\t"
"adcs x6, x6, x26\n\t"
- "mul x26, x25, x11\n\t"
- "umulh x27, x25, x11\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x4, x4, x28\n\t"
+ "umulh x10, x25, x10\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* Add high product results in */
+ "adds x4, x4, x27\n\t"
"adcs x5, x5, x8\n\t"
"adcs x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x7, #63\n\t"
- "mul x27, x27, x25\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
+ "adc x7, x7, x10\n\t"
+ "mov x25, #19\n\t"
+ "lsr x26, x7, #62\n\t"
+ "extr x7, x7, x6, #63\n\t"
+ "extr x6, x6, x5, #63\n\t"
+ "extr x5, x5, x4, #63\n\t"
+ "lsl x4, x4, #1\n\t"
+ "mul x26, x26, x25\n\t"
+ "adds x4, x4, x26\n\t"
"adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
"and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
"adcs x6, x6, xzr\n\t"
"adc x7, x7, xzr\n\t"
/* Store */
- "ldr x0, [x29, #40]\n\t"
+ "sub x1, x0, #32\n\t"
/* Sub */
- "subs x4, x4, x21\n\t"
- "sbcs x5, x5, x22\n\t"
- "sbcs x6, x6, x23\n\t"
- "sbcs x7, x7, x24\n\t"
- "mov x25, #-19\n\t"
+ "subs x4, x4, x12\n\t"
+ "sbcs x5, x5, x13\n\t"
+ "sbcs x6, x6, x14\n\t"
+ "sbcs x7, x7, x15\n\t"
"csetm x28, cc\n\t"
+ "mov x25, #-19\n\t"
/* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "extr x28, x28, x7, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x4, x4, x25\n\t"
- "adcs x5, x5, x28\n\t"
- "adcs x6, x6, x28\n\t"
- "adc x7, x7, x26\n\t"
+ "subs x4, x4, x25\n\t"
+ "sbcs x5, x5, xzr\n\t"
+ "and x7, x7, #0x7fffffffffffffff\n\t"
+ "sbcs x6, x6, xzr\n\t"
+ "sbc x7, x7, xzr\n\t"
"stp x4, x5, [x0]\n\t"
"stp x6, x7, [x0, #16]\n\t"
- "ldp x29, x30, [sp], #0x50\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz)
+ "ldp x29, x30, [sp], #32\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
:
- : "memory", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
);
}
-void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qxy2d, const fe qyplusx, const fe qyminusx)
+void ge_madd(ge_p1p1* r, const ge_p3* p, const ge_precomp* q)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-112]!\n\t"
+ "stp x29, x30, [sp, #-48]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[qyminusx], [sp, #104]\n\t"
- "str %x[qyplusx], [sp, #96]\n\t"
- "str %x[qxy2d], [sp, #88]\n\t"
- "str %x[rx], [x29, #16]\n\t"
- "str %x[ry], [x29, #24]\n\t"
- "str %x[rz], [x29, #32]\n\t"
- "str %x[rt], [x29, #40]\n\t"
- "str %x[px], [x29, #48]\n\t"
- "str %x[py], [x29, #56]\n\t"
- "str %x[pz], [x29, #64]\n\t"
- "str %x[pt], [x29, #72]\n\t"
- "ldr x2, [x29, #56]\n\t"
- "ldr x3, [x29, #48]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "str %x[q], [x29, #32]\n\t"
+ "mov x3, x1\n\t"
+ "add x2, x1, #32\n\t"
+ "add x1, x0, #32\n\t"
/* Add */
- "ldp x12, x13, [x2]\n\t"
- "ldp x14, x15, [x2, #16]\n\t"
- "ldp x16, x17, [x3]\n\t"
- "ldp x19, x20, [x3, #16]\n\t"
- "adds x4, x12, x16\n\t"
- "adcs x5, x13, x17\n\t"
- "adcs x6, x14, x19\n\t"
- "adc x7, x15, x20\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x7, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ "ldp x4, x5, [x3]\n\t"
+ "ldp x6, x7, [x3, #16]\n\t"
+ "adds x16, x8, x4\n\t"
+ "adcs x17, x9, x5\n\t"
+ "adcs x19, x10, x6\n\t"
+ "adcs x20, x11, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x20, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x4, x4, x25\n\t"
- "sbcs x5, x5, x28\n\t"
- "sbcs x6, x6, x28\n\t"
- "sbc x7, x7, x26\n\t"
+ "adds x16, x16, x25\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
/* Sub */
- "subs x8, x12, x16\n\t"
- "sbcs x9, x13, x17\n\t"
- "sbcs x10, x14, x19\n\t"
- "sbcs x11, x15, x20\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x8, x4\n\t"
+ "sbcs x13, x9, x5\n\t"
+ "sbcs x14, x10, x6\n\t"
+ "sbcs x15, x11, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x28\n\t"
- "adcs x10, x10, x28\n\t"
- "adc x11, x11, x26\n\t"
- "ldr x0, [x29, #32]\n\t"
- "ldr x2, [sp, #96]\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "mov x1, x0\n\t"
/* Multiply */
- "ldp x21, x22, [x2]\n\t"
- "ldp x23, x24, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x12, x4, x21\n\t"
- "umulh x13, x4, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x4, x22\n\t"
- "umulh x14, x4, x22\n\t"
- "adds x13, x13, x25\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x5, x21\n\t"
- "umulh x26, x5, x21\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x4, x23\n\t"
- "umulh x26, x4, x23\n\t"
- "adds x14, x14, x25\n\t"
- "adc x15, x15, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x5, x22\n\t"
- "umulh x26, x5, x22\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x6, x21\n\t"
- "umulh x26, x6, x21\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x4, x24\n\t"
- "umulh x26, x4, x24\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x5, x23\n\t"
- "umulh x26, x5, x23\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x6, x22\n\t"
- "umulh x26, x6, x22\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x7, x21\n\t"
- "umulh x26, x7, x21\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x5, x24\n\t"
- "umulh x26, x5, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x6, x23\n\t"
- "umulh x26, x6, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x7, x22\n\t"
- "umulh x26, x7, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x6, x24\n\t"
- "umulh x26, x6, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x7, x23\n\t"
- "umulh x26, x7, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x7, x24\n\t"
- "umulh x26, x7, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x22, x16, x8\n\t"
+ "mul x21, x16, x8\n\t"
+ /* A[2] * B[0] */
+ "umulh x24, x19, x8\n\t"
+ "mul x23, x19, x8\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x17, x8\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x17, x8\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x5, x17, x11\n\t"
+ "adc x24, x24, xzr\n\t"
+ "mul x4, x17, x11\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x16, x9\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x16, x9\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x19, x9\n\t"
+ "adcs x24, x24, x25\n\t"
+ "umulh x26, x19, x9\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adc x5, x5, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x17, x10\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x17, x10\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x16, x10\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x16, x10\n\t"
+ "adcs x24, x24, x26\n\t"
+ "adcs x4, x4, xzr\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x17, x9\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x17, x9\n\t"
+ "adcs x24, x24, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x20, x9\n\t"
+ "adcs x4, x4, x25\n\t"
+ "umulh x26, x20, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x19, x10\n\t"
+ "adds x4, x4, x25\n\t"
+ "umulh x26, x19, x10\n\t"
+ "adcs x5, x5, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x20, x11\n\t"
+ "adcs x6, x6, x25\n\t"
+ "umulh x7, x20, x11\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x16, x11\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x16, x11\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x19, x11\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x19, x11\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x20, x8\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x20, x8\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x20, x10\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x20, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x15, #63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x12, x12, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x13, x13, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x14, x14, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x15, x15, x26\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x7\n\t"
+ "adds x24, x24, x26\n\t"
+ "umulh x27, x25, x7\n\t"
"adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x13, x13, x16\n\t"
- "adcs x14, x14, x17\n\t"
- "adcs x15, x15, x19\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x15, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x24, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x15, asr 63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [sp, #104]\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x4\n\t"
+ "adds x21, x21, x26\n\t"
+ "umulh x4, x25, x4\n\t"
+ "mul x26, x25, x5\n\t"
+ "adcs x22, x22, x26\n\t"
+ "umulh x5, x25, x5\n\t"
+ "mul x26, x25, x6\n\t"
+ "adcs x23, x23, x26\n\t"
+ "umulh x6, x25, x6\n\t"
+ "adc x24, x24, xzr\n\t"
+ /* Add high product results in */
+ "adds x21, x21, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x23, x23, x5\n\t"
+ "adc x24, x24, x6\n\t"
+ "add x2, x2, #32\n\t"
+ "add x1, x0, #32\n\t"
+ "add x0, x0, #32\n\t"
/* Multiply */
- "ldp x21, x22, [x1]\n\t"
- "ldp x23, x24, [x1, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x8, x21\n\t"
- "umulh x5, x8, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x8, x22\n\t"
- "umulh x6, x8, x22\n\t"
+ "ldp x16, x17, [x2]\n\t"
+ "ldp x19, x20, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x5, x12, x16\n\t"
+ "mul x4, x12, x16\n\t"
+ /* A[2] * B[0] */
+ "umulh x7, x14, x16\n\t"
+ "mul x6, x14, x16\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x13, x16\n\t"
"adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x9, x21\n\t"
- "umulh x26, x9, x21\n\t"
+ "umulh x26, x13, x16\n\t"
+ "adcs x6, x6, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x13, x20\n\t"
+ "adc x7, x7, xzr\n\t"
+ "mul x8, x13, x20\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x12, x17\n\t"
"adds x5, x5, x25\n\t"
+ "umulh x26, x12, x17\n\t"
"adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x8, x23\n\t"
- "umulh x26, x8, x23\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x9, x22\n\t"
- "umulh x26, x9, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x14, x17\n\t"
+ "adcs x7, x7, x25\n\t"
+ "umulh x26, x14, x17\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x13, x19\n\t"
+ "adds x7, x7, x25\n\t"
+ "umulh x26, x13, x19\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x12, x19\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x12, x19\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x10, x21\n\t"
- "umulh x26, x10, x21\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x13, x17\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x13, x17\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x8, x24\n\t"
- "umulh x26, x8, x24\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x9, x23\n\t"
- "umulh x26, x9, x23\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x10, x22\n\t"
- "umulh x26, x10, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x15, x17\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x15, x17\n\t"
+ "adcs x9, x9, x26\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x14, x19\n\t"
+ "adds x8, x8, x25\n\t"
+ "umulh x26, x14, x19\n\t"
+ "adcs x9, x9, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x15, x20\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x15, x20\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x12, x20\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x11, x21\n\t"
- "umulh x26, x11, x21\n\t"
+ "umulh x26, x12, x20\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x14, x20\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x14, x20\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x15, x16\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x9, x24\n\t"
- "umulh x26, x9, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x10, x23\n\t"
- "umulh x26, x10, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x11, x22\n\t"
- "umulh x26, x11, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x10, x24\n\t"
- "umulh x26, x10, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x11, x23\n\t"
- "umulh x26, x11, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x11, x24\n\t"
- "umulh x26, x11, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "umulh x26, x15, x16\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x15, x19\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x15, x19\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x4, x4, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x5, x5, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x16\n\t"
- "adcs x6, x6, x17\n\t"
- "adcs x7, x7, x19\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x7, x7, x26\n\t"
+ "umulh x27, x25, x11\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
+ "mov x25, #19\n\t"
"extr x27, x27, x7, #63\n\t"
"mul x27, x27, x25\n\t"
"and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x8\n\t"
+ "adds x4, x4, x26\n\t"
+ "umulh x8, x25, x8\n\t"
+ "mul x26, x25, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "umulh x9, x25, x9\n\t"
+ "mul x26, x25, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "umulh x10, x25, x10\n\t"
"adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [x29, #16]\n\t"
+ "adcs x5, x5, x8\n\t"
+ "adcs x6, x6, x9\n\t"
+ "adc x7, x7, x10\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "sub x1, x0, #32\n\t"
/* Add */
- "adds x8, x12, x4\n\t"
- "adcs x9, x13, x5\n\t"
- "adcs x10, x14, x6\n\t"
- "adc x11, x15, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x11, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "adds x8, x21, x4\n\t"
+ "adcs x9, x22, x5\n\t"
+ "adcs x10, x23, x6\n\t"
+ "adcs x11, x24, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x8, x8, x25\n\t"
- "sbcs x9, x9, x28\n\t"
- "sbcs x10, x10, x28\n\t"
- "sbc x11, x11, x26\n\t"
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
/* Sub */
- "subs x16, x12, x4\n\t"
- "sbcs x17, x13, x5\n\t"
- "sbcs x19, x14, x6\n\t"
- "sbcs x20, x15, x7\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x21, x4\n\t"
+ "sbcs x13, x22, x5\n\t"
+ "sbcs x14, x23, x6\n\t"
+ "sbcs x15, x24, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
"stp x8, x9, [x0]\n\t"
"stp x10, x11, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldr x0, [x29, #40]\n\t"
- "ldr x1, [sp, #88]\n\t"
- "ldr x3, [x29, #72]\n\t"
+ "stp x12, x13, [x1]\n\t"
+ "stp x14, x15, [x1, #16]\n\t"
+ "ldr x1, [x29, #24]\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "add x2, x2, #0x40\n\t"
+ "add x1, x1, #0x60\n\t"
+ "add x0, x0, #0x40\n\t"
/* Multiply */
- "ldp x16, x17, [x1]\n\t"
- "ldp x19, x20, [x1, #16]\n\t"
- "ldp x21, x22, [x3]\n\t"
- "ldp x23, x24, [x3, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x16, x21\n\t"
- "umulh x5, x16, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x16, x22\n\t"
- "umulh x6, x16, x22\n\t"
- "adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x17, x21\n\t"
- "umulh x26, x17, x21\n\t"
- "adds x5, x5, x25\n\t"
- "adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x16, x23\n\t"
- "umulh x26, x16, x23\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x17, x22\n\t"
- "umulh x26, x17, x22\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x19, x21\n\t"
- "umulh x26, x19, x21\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x16, x24\n\t"
- "umulh x26, x16, x24\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x17, x23\n\t"
- "umulh x26, x17, x23\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x19, x22\n\t"
- "umulh x26, x19, x22\n\t"
- "adds x7, x7, x25\n\t"
+ "ldp x21, x22, [x1]\n\t"
+ "ldp x23, x24, [x1, #16]\n\t"
+ "ldp x4, x5, [x2]\n\t"
+ "ldp x6, x7, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x17, x21, x4\n\t"
+ "mul x16, x21, x4\n\t"
+ /* A[2] * B[0] */
+ "umulh x20, x23, x4\n\t"
+ "mul x19, x23, x4\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x22, x4\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x22, x4\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x22, x7\n\t"
+ "adc x20, x20, xzr\n\t"
+ "mul x8, x22, x7\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x21, x5\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x21, x5\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x23, x5\n\t"
+ "adcs x20, x20, x25\n\t"
+ "umulh x26, x23, x5\n\t"
"adcs x8, x8, x26\n\t"
"adc x9, x9, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x20, x21\n\t"
- "umulh x26, x20, x21\n\t"
- "adds x7, x7, x25\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x22, x6\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x22, x6\n\t"
"adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x17, x24\n\t"
- "umulh x26, x17, x24\n\t"
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
"adc x10, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x19, x23\n\t"
- "umulh x26, x19, x23\n\t"
- "adds x8, x8, x25\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x21, x6\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x21, x6\n\t"
+ "adcs x20, x20, x26\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x22, x5\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x22, x5\n\t"
+ "adcs x20, x20, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x24, x5\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x24, x5\n\t"
"adcs x9, x9, x26\n\t"
"adc x10, x10, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x20, x22\n\t"
- "umulh x26, x20, x22\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x23, x6\n\t"
"adds x8, x8, x25\n\t"
+ "umulh x26, x23, x6\n\t"
"adcs x9, x9, x26\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x19, x24\n\t"
- "umulh x26, x19, x24\n\t"
- "adds x9, x9, x25\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x24, x7\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x24, x7\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x21, x7\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x21, x7\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x23, x7\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x23, x7\n\t"
"adcs x10, x10, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x20, x23\n\t"
- "umulh x26, x20, x23\n\t"
- "adds x9, x9, x25\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x24, x4\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x24, x4\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x24, x6\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x24, x6\n\t"
"adcs x10, x10, x26\n\t"
"adc x11, x11, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x20, x24\n\t"
- "umulh x26, x20, x24\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x20, x20, x26\n\t"
+ "umulh x27, x25, x11\n\t"
+ "adc x27, x27, xzr\n\t"
"mov x25, #19\n\t"
+ "extr x27, x27, x20, #63\n\t"
+ "mul x27, x27, x25\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
"mul x26, x25, x8\n\t"
+ "adds x16, x16, x26\n\t"
"umulh x8, x25, x8\n\t"
- "adds x4, x4, x26\n\t"
"mul x26, x25, x9\n\t"
+ "adcs x17, x17, x26\n\t"
"umulh x9, x25, x9\n\t"
- "adcs x5, x5, x26\n\t"
"mul x26, x25, x10\n\t"
+ "adcs x19, x19, x26\n\t"
"umulh x10, x25, x10\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x11\n\t"
- "umulh x27, x25, x11\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x7, #63\n\t"
- "mul x27, x27, x25\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #32]\n\t"
- "ldr x1, [x29, #64]\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* Add high product results in */
+ "adds x16, x16, x27\n\t"
+ "adcs x17, x17, x8\n\t"
+ "adcs x19, x19, x9\n\t"
+ "adc x20, x20, x10\n\t"
+ "sub x1, x1, #32\n\t"
/* Double */
- "ldp x8, x9, [x1]\n\t"
- "ldp x10, x11, [x1, #16]\n\t"
- "adds x8, x8, x8\n\t"
- "adcs x9, x9, x9\n\t"
- "adcs x10, x10, x10\n\t"
- "adc x11, x11, x11\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x11, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs x8, x8, x25\n\t"
- "sbcs x9, x9, x28\n\t"
- "sbcs x10, x10, x28\n\t"
- "sbc x11, x11, x26\n\t"
- "ldr x1, [x29, #40]\n\t"
- /* Add */
- "adds x12, x8, x4\n\t"
- "adcs x13, x9, x5\n\t"
- "adcs x14, x10, x6\n\t"
- "adc x15, x11, x7\n\t"
+ "ldp x12, x13, [x1]\n\t"
+ "ldp x14, x15, [x1, #16]\n\t"
+ "adds x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adc x15, x15, x15\n\t"
"mov x25, #-19\n\t"
"asr x28, x15, #63\n\t"
/* Mask the modulus */
@@ -5224,562 +6263,493 @@ void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe p
"sbcs x13, x13, x28\n\t"
"sbcs x14, x14, x28\n\t"
"sbc x15, x15, x26\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "mov x1, x0\n\t"
+ "sub x0, x0, #32\n\t"
+ /* Add */
+ "adds x8, x12, x16\n\t"
+ "adcs x9, x13, x17\n\t"
+ "adcs x10, x14, x19\n\t"
+ "adcs x11, x15, x20\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
+ /* Sub modulus (if overflow) */
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
/* Sub */
- "subs x16, x8, x4\n\t"
- "sbcs x17, x9, x5\n\t"
- "sbcs x19, x10, x6\n\t"
- "sbcs x20, x11, x7\n\t"
- "mov x25, #-19\n\t"
+ "subs x4, x12, x16\n\t"
+ "sbcs x5, x13, x17\n\t"
+ "sbcs x6, x14, x19\n\t"
+ "sbcs x7, x15, x20\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x7, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
- "stp x12, x13, [x0]\n\t"
- "stp x14, x15, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldp x29, x30, [sp], #0x70\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qxy2d] "+r" (qxy2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+ "subs x4, x4, x25\n\t"
+ "sbcs x5, x5, xzr\n\t"
+ "and x7, x7, #0x7fffffffffffffff\n\t"
+ "sbcs x6, x6, xzr\n\t"
+ "sbc x7, x7, xzr\n\t"
+ "stp x8, x9, [x0]\n\t"
+ "stp x10, x11, [x0, #16]\n\t"
+ "stp x4, x5, [x1]\n\t"
+ "stp x6, x7, [x1, #16]\n\t"
+ "ldp x29, x30, [sp], #48\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
:
- : "memory", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
);
}
-void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qxy2d, const fe qyplusx, const fe qyminusx)
+void ge_msub(ge_p1p1* r, const ge_p3* p, const ge_precomp* q)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-112]!\n\t"
+ "stp x29, x30, [sp, #-48]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[qyminusx], [sp, #104]\n\t"
- "str %x[qyplusx], [sp, #96]\n\t"
- "str %x[qxy2d], [sp, #88]\n\t"
- "str %x[rx], [x29, #16]\n\t"
- "str %x[ry], [x29, #24]\n\t"
- "str %x[rz], [x29, #32]\n\t"
- "str %x[rt], [x29, #40]\n\t"
- "str %x[px], [x29, #48]\n\t"
- "str %x[py], [x29, #56]\n\t"
- "str %x[pz], [x29, #64]\n\t"
- "str %x[pt], [x29, #72]\n\t"
- "ldr x2, [x29, #56]\n\t"
- "ldr x3, [x29, #48]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "str %x[q], [x29, #32]\n\t"
+ "mov x3, x1\n\t"
+ "add x2, x1, #32\n\t"
+ "add x1, x0, #32\n\t"
/* Add */
- "ldp x12, x13, [x2]\n\t"
- "ldp x14, x15, [x2, #16]\n\t"
- "ldp x16, x17, [x3]\n\t"
- "ldp x19, x20, [x3, #16]\n\t"
- "adds x4, x12, x16\n\t"
- "adcs x5, x13, x17\n\t"
- "adcs x6, x14, x19\n\t"
- "adc x7, x15, x20\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x7, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ "ldp x4, x5, [x3]\n\t"
+ "ldp x6, x7, [x3, #16]\n\t"
+ "adds x16, x8, x4\n\t"
+ "adcs x17, x9, x5\n\t"
+ "adcs x19, x10, x6\n\t"
+ "adcs x20, x11, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x20, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x4, x4, x25\n\t"
- "sbcs x5, x5, x28\n\t"
- "sbcs x6, x6, x28\n\t"
- "sbc x7, x7, x26\n\t"
+ "adds x16, x16, x25\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
/* Sub */
- "subs x8, x12, x16\n\t"
- "sbcs x9, x13, x17\n\t"
- "sbcs x10, x14, x19\n\t"
- "sbcs x11, x15, x20\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x8, x4\n\t"
+ "sbcs x13, x9, x5\n\t"
+ "sbcs x14, x10, x6\n\t"
+ "sbcs x15, x11, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x28\n\t"
- "adcs x10, x10, x28\n\t"
- "adc x11, x11, x26\n\t"
- "ldr x0, [x29, #32]\n\t"
- "ldr x2, [sp, #104]\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "add x2, x2, #32\n\t"
+ "mov x1, x0\n\t"
/* Multiply */
- "ldp x21, x22, [x2]\n\t"
- "ldp x23, x24, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x12, x4, x21\n\t"
- "umulh x13, x4, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x4, x22\n\t"
- "umulh x14, x4, x22\n\t"
- "adds x13, x13, x25\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x5, x21\n\t"
- "umulh x26, x5, x21\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x4, x23\n\t"
- "umulh x26, x4, x23\n\t"
- "adds x14, x14, x25\n\t"
- "adc x15, x15, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x5, x22\n\t"
- "umulh x26, x5, x22\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x6, x21\n\t"
- "umulh x26, x6, x21\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x4, x24\n\t"
- "umulh x26, x4, x24\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x5, x23\n\t"
- "umulh x26, x5, x23\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x6, x22\n\t"
- "umulh x26, x6, x22\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x7, x21\n\t"
- "umulh x26, x7, x21\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x5, x24\n\t"
- "umulh x26, x5, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x6, x23\n\t"
- "umulh x26, x6, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x7, x22\n\t"
- "umulh x26, x7, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x6, x24\n\t"
- "umulh x26, x6, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x7, x23\n\t"
- "umulh x26, x7, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x7, x24\n\t"
- "umulh x26, x7, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x22, x16, x8\n\t"
+ "mul x21, x16, x8\n\t"
+ /* A[2] * B[0] */
+ "umulh x24, x19, x8\n\t"
+ "mul x23, x19, x8\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x17, x8\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x17, x8\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x5, x17, x11\n\t"
+ "adc x24, x24, xzr\n\t"
+ "mul x4, x17, x11\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x16, x9\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x16, x9\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x19, x9\n\t"
+ "adcs x24, x24, x25\n\t"
+ "umulh x26, x19, x9\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adc x5, x5, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x17, x10\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x17, x10\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x16, x10\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x16, x10\n\t"
+ "adcs x24, x24, x26\n\t"
+ "adcs x4, x4, xzr\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x17, x9\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x17, x9\n\t"
+ "adcs x24, x24, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x20, x9\n\t"
+ "adcs x4, x4, x25\n\t"
+ "umulh x26, x20, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x19, x10\n\t"
+ "adds x4, x4, x25\n\t"
+ "umulh x26, x19, x10\n\t"
+ "adcs x5, x5, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x20, x11\n\t"
+ "adcs x6, x6, x25\n\t"
+ "umulh x7, x20, x11\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x16, x11\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x16, x11\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x19, x11\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x19, x11\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x20, x8\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x20, x8\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x20, x10\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x20, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x15, #63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x12, x12, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x13, x13, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x14, x14, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x15, x15, x26\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x7\n\t"
+ "adds x24, x24, x26\n\t"
+ "umulh x27, x25, x7\n\t"
"adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x13, x13, x16\n\t"
- "adcs x14, x14, x17\n\t"
- "adcs x15, x15, x19\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x15, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x24, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x15, asr 63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [sp, #96]\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x4\n\t"
+ "adds x21, x21, x26\n\t"
+ "umulh x4, x25, x4\n\t"
+ "mul x26, x25, x5\n\t"
+ "adcs x22, x22, x26\n\t"
+ "umulh x5, x25, x5\n\t"
+ "mul x26, x25, x6\n\t"
+ "adcs x23, x23, x26\n\t"
+ "umulh x6, x25, x6\n\t"
+ "adc x24, x24, xzr\n\t"
+ /* Add high product results in */
+ "adds x21, x21, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x23, x23, x5\n\t"
+ "adc x24, x24, x6\n\t"
+ "sub x2, x2, #32\n\t"
+ "add x1, x0, #32\n\t"
+ "add x0, x0, #32\n\t"
/* Multiply */
- "ldp x21, x22, [x1]\n\t"
- "ldp x23, x24, [x1, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x8, x21\n\t"
- "umulh x5, x8, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x8, x22\n\t"
- "umulh x6, x8, x22\n\t"
+ "ldp x16, x17, [x2]\n\t"
+ "ldp x19, x20, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x5, x12, x16\n\t"
+ "mul x4, x12, x16\n\t"
+ /* A[2] * B[0] */
+ "umulh x7, x14, x16\n\t"
+ "mul x6, x14, x16\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x13, x16\n\t"
"adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x9, x21\n\t"
- "umulh x26, x9, x21\n\t"
+ "umulh x26, x13, x16\n\t"
+ "adcs x6, x6, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x13, x20\n\t"
+ "adc x7, x7, xzr\n\t"
+ "mul x8, x13, x20\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x12, x17\n\t"
"adds x5, x5, x25\n\t"
+ "umulh x26, x12, x17\n\t"
"adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x8, x23\n\t"
- "umulh x26, x8, x23\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x9, x22\n\t"
- "umulh x26, x9, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x14, x17\n\t"
+ "adcs x7, x7, x25\n\t"
+ "umulh x26, x14, x17\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x13, x19\n\t"
+ "adds x7, x7, x25\n\t"
+ "umulh x26, x13, x19\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x12, x19\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x12, x19\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x10, x21\n\t"
- "umulh x26, x10, x21\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x13, x17\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x13, x17\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x8, x24\n\t"
- "umulh x26, x8, x24\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x9, x23\n\t"
- "umulh x26, x9, x23\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x10, x22\n\t"
- "umulh x26, x10, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x15, x17\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x15, x17\n\t"
+ "adcs x9, x9, x26\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x14, x19\n\t"
+ "adds x8, x8, x25\n\t"
+ "umulh x26, x14, x19\n\t"
+ "adcs x9, x9, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x15, x20\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x15, x20\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x12, x20\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x11, x21\n\t"
- "umulh x26, x11, x21\n\t"
+ "umulh x26, x12, x20\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x14, x20\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x14, x20\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x15, x16\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x9, x24\n\t"
- "umulh x26, x9, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x10, x23\n\t"
- "umulh x26, x10, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x11, x22\n\t"
- "umulh x26, x11, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x10, x24\n\t"
- "umulh x26, x10, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x11, x23\n\t"
- "umulh x26, x11, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x11, x24\n\t"
- "umulh x26, x11, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "umulh x26, x15, x16\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x15, x19\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x15, x19\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x4, x4, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x5, x5, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x16\n\t"
- "adcs x6, x6, x17\n\t"
- "adcs x7, x7, x19\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x7, x7, x26\n\t"
+ "umulh x27, x25, x11\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
+ "mov x25, #19\n\t"
"extr x27, x27, x7, #63\n\t"
"mul x27, x27, x25\n\t"
"and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x8\n\t"
+ "adds x4, x4, x26\n\t"
+ "umulh x8, x25, x8\n\t"
+ "mul x26, x25, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "umulh x9, x25, x9\n\t"
+ "mul x26, x25, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "umulh x10, x25, x10\n\t"
"adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [x29, #16]\n\t"
+ "adcs x5, x5, x8\n\t"
+ "adcs x6, x6, x9\n\t"
+ "adc x7, x7, x10\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "sub x1, x0, #32\n\t"
/* Add */
- "adds x8, x12, x4\n\t"
- "adcs x9, x13, x5\n\t"
- "adcs x10, x14, x6\n\t"
- "adc x11, x15, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x11, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "adds x8, x21, x4\n\t"
+ "adcs x9, x22, x5\n\t"
+ "adcs x10, x23, x6\n\t"
+ "adcs x11, x24, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x8, x8, x25\n\t"
- "sbcs x9, x9, x28\n\t"
- "sbcs x10, x10, x28\n\t"
- "sbc x11, x11, x26\n\t"
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
/* Sub */
- "subs x16, x12, x4\n\t"
- "sbcs x17, x13, x5\n\t"
- "sbcs x19, x14, x6\n\t"
- "sbcs x20, x15, x7\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x21, x4\n\t"
+ "sbcs x13, x22, x5\n\t"
+ "sbcs x14, x23, x6\n\t"
+ "sbcs x15, x24, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
"stp x8, x9, [x0]\n\t"
"stp x10, x11, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldr x0, [x29, #40]\n\t"
- "ldr x1, [sp, #88]\n\t"
- "ldr x3, [x29, #72]\n\t"
+ "stp x12, x13, [x1]\n\t"
+ "stp x14, x15, [x1, #16]\n\t"
+ "ldr x1, [x29, #24]\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "add x2, x2, #0x40\n\t"
+ "add x1, x1, #0x60\n\t"
+ "add x0, x0, #0x40\n\t"
/* Multiply */
- "ldp x16, x17, [x1]\n\t"
- "ldp x19, x20, [x1, #16]\n\t"
- "ldp x21, x22, [x3]\n\t"
- "ldp x23, x24, [x3, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x16, x21\n\t"
- "umulh x5, x16, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x16, x22\n\t"
- "umulh x6, x16, x22\n\t"
- "adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x17, x21\n\t"
- "umulh x26, x17, x21\n\t"
- "adds x5, x5, x25\n\t"
- "adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x16, x23\n\t"
- "umulh x26, x16, x23\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x17, x22\n\t"
- "umulh x26, x17, x22\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x19, x21\n\t"
- "umulh x26, x19, x21\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x16, x24\n\t"
- "umulh x26, x16, x24\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x17, x23\n\t"
- "umulh x26, x17, x23\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x19, x22\n\t"
- "umulh x26, x19, x22\n\t"
- "adds x7, x7, x25\n\t"
+ "ldp x21, x22, [x1]\n\t"
+ "ldp x23, x24, [x1, #16]\n\t"
+ "ldp x4, x5, [x2]\n\t"
+ "ldp x6, x7, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x17, x21, x4\n\t"
+ "mul x16, x21, x4\n\t"
+ /* A[2] * B[0] */
+ "umulh x20, x23, x4\n\t"
+ "mul x19, x23, x4\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x22, x4\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x22, x4\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x22, x7\n\t"
+ "adc x20, x20, xzr\n\t"
+ "mul x8, x22, x7\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x21, x5\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x21, x5\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x23, x5\n\t"
+ "adcs x20, x20, x25\n\t"
+ "umulh x26, x23, x5\n\t"
"adcs x8, x8, x26\n\t"
"adc x9, x9, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x20, x21\n\t"
- "umulh x26, x20, x21\n\t"
- "adds x7, x7, x25\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x22, x6\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x22, x6\n\t"
"adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x17, x24\n\t"
- "umulh x26, x17, x24\n\t"
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
"adc x10, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x19, x23\n\t"
- "umulh x26, x19, x23\n\t"
- "adds x8, x8, x25\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x21, x6\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x21, x6\n\t"
+ "adcs x20, x20, x26\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x22, x5\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x22, x5\n\t"
+ "adcs x20, x20, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x24, x5\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x24, x5\n\t"
"adcs x9, x9, x26\n\t"
"adc x10, x10, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x20, x22\n\t"
- "umulh x26, x20, x22\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x23, x6\n\t"
"adds x8, x8, x25\n\t"
+ "umulh x26, x23, x6\n\t"
"adcs x9, x9, x26\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x19, x24\n\t"
- "umulh x26, x19, x24\n\t"
- "adds x9, x9, x25\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x24, x7\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x24, x7\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x21, x7\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x21, x7\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x23, x7\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x23, x7\n\t"
"adcs x10, x10, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x20, x23\n\t"
- "umulh x26, x20, x23\n\t"
- "adds x9, x9, x25\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x24, x4\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x24, x4\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x24, x6\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x24, x6\n\t"
"adcs x10, x10, x26\n\t"
"adc x11, x11, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x20, x24\n\t"
- "umulh x26, x20, x24\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x20, x20, x26\n\t"
+ "umulh x27, x25, x11\n\t"
+ "adc x27, x27, xzr\n\t"
"mov x25, #19\n\t"
+ "extr x27, x27, x20, #63\n\t"
+ "mul x27, x27, x25\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
"mul x26, x25, x8\n\t"
+ "adds x16, x16, x26\n\t"
"umulh x8, x25, x8\n\t"
- "adds x4, x4, x26\n\t"
"mul x26, x25, x9\n\t"
+ "adcs x17, x17, x26\n\t"
"umulh x9, x25, x9\n\t"
- "adcs x5, x5, x26\n\t"
"mul x26, x25, x10\n\t"
+ "adcs x19, x19, x26\n\t"
"umulh x10, x25, x10\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x11\n\t"
- "umulh x27, x25, x11\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x7, #63\n\t"
- "mul x27, x27, x25\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #32]\n\t"
- "ldr x1, [x29, #64]\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* Add high product results in */
+ "adds x16, x16, x27\n\t"
+ "adcs x17, x17, x8\n\t"
+ "adcs x19, x19, x9\n\t"
+ "adc x20, x20, x10\n\t"
+ "sub x1, x1, #32\n\t"
/* Double */
- "ldp x8, x9, [x1]\n\t"
- "ldp x10, x11, [x1, #16]\n\t"
- "adds x8, x8, x8\n\t"
- "adcs x9, x9, x9\n\t"
- "adcs x10, x10, x10\n\t"
- "adc x11, x11, x11\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x11, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs x8, x8, x25\n\t"
- "sbcs x9, x9, x28\n\t"
- "sbcs x10, x10, x28\n\t"
- "sbc x11, x11, x26\n\t"
- "ldr x1, [x29, #40]\n\t"
- /* Add */
- "adds x12, x8, x4\n\t"
- "adcs x13, x9, x5\n\t"
- "adcs x14, x10, x6\n\t"
- "adc x15, x11, x7\n\t"
+ "ldp x12, x13, [x1]\n\t"
+ "ldp x14, x15, [x1, #16]\n\t"
+ "adds x12, x12, x12\n\t"
+ "adcs x13, x13, x13\n\t"
+ "adcs x14, x14, x14\n\t"
+ "adc x15, x15, x15\n\t"
"mov x25, #-19\n\t"
"asr x28, x15, #63\n\t"
/* Mask the modulus */
@@ -5790,1444 +6760,1774 @@ void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe p
"sbcs x13, x13, x28\n\t"
"sbcs x14, x14, x28\n\t"
"sbc x15, x15, x26\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "sub x1, x0, #32\n\t"
+ /* Add */
+ "adds x8, x12, x16\n\t"
+ "adcs x9, x13, x17\n\t"
+ "adcs x10, x14, x19\n\t"
+ "adcs x11, x15, x20\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
+ /* Sub modulus (if overflow) */
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
/* Sub */
- "subs x16, x8, x4\n\t"
- "sbcs x17, x9, x5\n\t"
- "sbcs x19, x10, x6\n\t"
- "sbcs x20, x11, x7\n\t"
- "mov x25, #-19\n\t"
+ "subs x4, x12, x16\n\t"
+ "sbcs x5, x13, x17\n\t"
+ "sbcs x6, x14, x19\n\t"
+ "sbcs x7, x15, x20\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x7, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
- "stp x12, x13, [x1]\n\t"
- "stp x14, x15, [x1, #16]\n\t"
- "stp x16, x17, [x0]\n\t"
- "stp x19, x20, [x0, #16]\n\t"
- "ldp x29, x30, [sp], #0x70\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qxy2d] "+r" (qxy2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+ "subs x4, x4, x25\n\t"
+ "sbcs x5, x5, xzr\n\t"
+ "and x7, x7, #0x7fffffffffffffff\n\t"
+ "sbcs x6, x6, xzr\n\t"
+ "sbc x7, x7, xzr\n\t"
+ "stp x8, x9, [x0]\n\t"
+ "stp x10, x11, [x0, #16]\n\t"
+ "stp x4, x5, [x1]\n\t"
+ "stp x6, x7, [x1, #16]\n\t"
+ "ldp x29, x30, [sp], #48\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
:
- : "memory", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
);
}
-void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qz, const fe qt2d, const fe qyplusx, const fe qyminusx)
+void ge_add(ge_p1p1* r, const ge_p3* p, const ge_cached* q)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-128]!\n\t"
+ "stp x29, x30, [sp, #-48]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[qyminusx], [sp, #120]\n\t"
- "str %x[qyplusx], [sp, #112]\n\t"
- "str %x[qt2d], [sp, #104]\n\t"
- "str %x[qz], [sp, #96]\n\t"
- "str %x[rx], [x29, #16]\n\t"
- "str %x[ry], [x29, #24]\n\t"
- "str %x[rz], [x29, #32]\n\t"
- "str %x[rt], [x29, #40]\n\t"
- "str %x[px], [x29, #48]\n\t"
- "str %x[py], [x29, #56]\n\t"
- "str %x[pz], [x29, #64]\n\t"
- "str %x[pt], [x29, #72]\n\t"
- "ldr x2, [x29, #56]\n\t"
- "ldr x3, [x29, #48]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "str %x[q], [x29, #32]\n\t"
+ "mov x3, x1\n\t"
+ "add x2, x1, #32\n\t"
+ "add x1, x0, #32\n\t"
/* Add */
- "ldp x12, x13, [x2]\n\t"
- "ldp x14, x15, [x2, #16]\n\t"
- "ldp x16, x17, [x3]\n\t"
- "ldp x19, x20, [x3, #16]\n\t"
- "adds x4, x12, x16\n\t"
- "adcs x5, x13, x17\n\t"
- "adcs x6, x14, x19\n\t"
- "adc x7, x15, x20\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x7, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ "ldp x4, x5, [x3]\n\t"
+ "ldp x6, x7, [x3, #16]\n\t"
+ "adds x16, x8, x4\n\t"
+ "adcs x17, x9, x5\n\t"
+ "adcs x19, x10, x6\n\t"
+ "adcs x20, x11, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x20, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x4, x4, x25\n\t"
- "sbcs x5, x5, x28\n\t"
- "sbcs x6, x6, x28\n\t"
- "sbc x7, x7, x26\n\t"
+ "adds x16, x16, x25\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
/* Sub */
- "subs x8, x12, x16\n\t"
- "sbcs x9, x13, x17\n\t"
- "sbcs x10, x14, x19\n\t"
- "sbcs x11, x15, x20\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x8, x4\n\t"
+ "sbcs x13, x9, x5\n\t"
+ "sbcs x14, x10, x6\n\t"
+ "sbcs x15, x11, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x28\n\t"
- "adcs x10, x10, x28\n\t"
- "adc x11, x11, x26\n\t"
- "ldr x0, [x29, #32]\n\t"
- "ldr x2, [sp, #112]\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "mov x1, x0\n\t"
/* Multiply */
- "ldp x21, x22, [x2]\n\t"
- "ldp x23, x24, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x12, x4, x21\n\t"
- "umulh x13, x4, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x4, x22\n\t"
- "umulh x14, x4, x22\n\t"
- "adds x13, x13, x25\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x5, x21\n\t"
- "umulh x26, x5, x21\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x4, x23\n\t"
- "umulh x26, x4, x23\n\t"
- "adds x14, x14, x25\n\t"
- "adc x15, x15, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x5, x22\n\t"
- "umulh x26, x5, x22\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x6, x21\n\t"
- "umulh x26, x6, x21\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x4, x24\n\t"
- "umulh x26, x4, x24\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x5, x23\n\t"
- "umulh x26, x5, x23\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x6, x22\n\t"
- "umulh x26, x6, x22\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x7, x21\n\t"
- "umulh x26, x7, x21\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x5, x24\n\t"
- "umulh x26, x5, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x6, x23\n\t"
- "umulh x26, x6, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x7, x22\n\t"
- "umulh x26, x7, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x6, x24\n\t"
- "umulh x26, x6, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x7, x23\n\t"
- "umulh x26, x7, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x7, x24\n\t"
- "umulh x26, x7, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x22, x16, x8\n\t"
+ "mul x21, x16, x8\n\t"
+ /* A[2] * B[0] */
+ "umulh x24, x19, x8\n\t"
+ "mul x23, x19, x8\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x17, x8\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x17, x8\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x5, x17, x11\n\t"
+ "adc x24, x24, xzr\n\t"
+ "mul x4, x17, x11\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x16, x9\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x16, x9\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x19, x9\n\t"
+ "adcs x24, x24, x25\n\t"
+ "umulh x26, x19, x9\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adc x5, x5, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x17, x10\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x17, x10\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x16, x10\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x16, x10\n\t"
+ "adcs x24, x24, x26\n\t"
+ "adcs x4, x4, xzr\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x17, x9\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x17, x9\n\t"
+ "adcs x24, x24, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x20, x9\n\t"
+ "adcs x4, x4, x25\n\t"
+ "umulh x26, x20, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x19, x10\n\t"
+ "adds x4, x4, x25\n\t"
+ "umulh x26, x19, x10\n\t"
+ "adcs x5, x5, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x20, x11\n\t"
+ "adcs x6, x6, x25\n\t"
+ "umulh x7, x20, x11\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x16, x11\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x16, x11\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x19, x11\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x19, x11\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x20, x8\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x20, x8\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x20, x10\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x20, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x15, #63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x12, x12, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x13, x13, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x14, x14, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x15, x15, x26\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x7\n\t"
+ "adds x24, x24, x26\n\t"
+ "umulh x27, x25, x7\n\t"
"adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x13, x13, x16\n\t"
- "adcs x14, x14, x17\n\t"
- "adcs x15, x15, x19\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x15, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x24, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x15, asr 63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x4\n\t"
+ "adds x21, x21, x26\n\t"
+ "umulh x4, x25, x4\n\t"
+ "mul x26, x25, x5\n\t"
+ "adcs x22, x22, x26\n\t"
+ "umulh x5, x25, x5\n\t"
+ "mul x26, x25, x6\n\t"
+ "adcs x23, x23, x26\n\t"
+ "umulh x6, x25, x6\n\t"
+ "adc x24, x24, xzr\n\t"
+ /* Add high product results in */
+ "adds x21, x21, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x23, x23, x5\n\t"
+ "adc x24, x24, x6\n\t"
/* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [sp, #120]\n\t"
+ "stp x21, x22, [x0]\n\t"
+ "stp x23, x24, [x0, #16]\n\t"
+ "add x2, x2, #32\n\t"
+ "add x1, x0, #32\n\t"
+ "add x0, x0, #32\n\t"
/* Multiply */
- "ldp x21, x22, [x1]\n\t"
- "ldp x23, x24, [x1, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x8, x21\n\t"
- "umulh x5, x8, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x8, x22\n\t"
- "umulh x6, x8, x22\n\t"
+ "ldp x16, x17, [x2]\n\t"
+ "ldp x19, x20, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x5, x12, x16\n\t"
+ "mul x4, x12, x16\n\t"
+ /* A[2] * B[0] */
+ "umulh x7, x14, x16\n\t"
+ "mul x6, x14, x16\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x13, x16\n\t"
"adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x9, x21\n\t"
- "umulh x26, x9, x21\n\t"
+ "umulh x26, x13, x16\n\t"
+ "adcs x6, x6, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x13, x20\n\t"
+ "adc x7, x7, xzr\n\t"
+ "mul x8, x13, x20\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x12, x17\n\t"
"adds x5, x5, x25\n\t"
+ "umulh x26, x12, x17\n\t"
"adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x8, x23\n\t"
- "umulh x26, x8, x23\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x9, x22\n\t"
- "umulh x26, x9, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x14, x17\n\t"
+ "adcs x7, x7, x25\n\t"
+ "umulh x26, x14, x17\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x13, x19\n\t"
+ "adds x7, x7, x25\n\t"
+ "umulh x26, x13, x19\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x12, x19\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x12, x19\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x10, x21\n\t"
- "umulh x26, x10, x21\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x13, x17\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x13, x17\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x8, x24\n\t"
- "umulh x26, x8, x24\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x9, x23\n\t"
- "umulh x26, x9, x23\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x10, x22\n\t"
- "umulh x26, x10, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x15, x17\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x15, x17\n\t"
+ "adcs x9, x9, x26\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x14, x19\n\t"
+ "adds x8, x8, x25\n\t"
+ "umulh x26, x14, x19\n\t"
+ "adcs x9, x9, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x15, x20\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x15, x20\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x12, x20\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x11, x21\n\t"
- "umulh x26, x11, x21\n\t"
+ "umulh x26, x12, x20\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x14, x20\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x14, x20\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x15, x16\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x9, x24\n\t"
- "umulh x26, x9, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x10, x23\n\t"
- "umulh x26, x10, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x11, x22\n\t"
- "umulh x26, x11, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x10, x24\n\t"
- "umulh x26, x10, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x11, x23\n\t"
- "umulh x26, x11, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x11, x24\n\t"
- "umulh x26, x11, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "umulh x26, x15, x16\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x15, x19\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x15, x19\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x4, x4, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x5, x5, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x16\n\t"
- "adcs x6, x6, x17\n\t"
- "adcs x7, x7, x19\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x7, x7, x26\n\t"
+ "umulh x27, x25, x11\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
+ "mov x25, #19\n\t"
"extr x27, x27, x7, #63\n\t"
"mul x27, x27, x25\n\t"
"and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x8\n\t"
+ "adds x4, x4, x26\n\t"
+ "umulh x8, x25, x8\n\t"
+ "mul x26, x25, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "umulh x9, x25, x9\n\t"
+ "mul x26, x25, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "umulh x10, x25, x10\n\t"
"adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
+ "adcs x5, x5, x8\n\t"
+ "adcs x6, x6, x9\n\t"
+ "adc x7, x7, x10\n\t"
/* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [x29, #16]\n\t"
+ "stp x4, x5, [x0]\n\t"
+ "stp x6, x7, [x0, #16]\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "sub x1, x0, #32\n\t"
/* Add */
- "adds x8, x12, x4\n\t"
- "adcs x9, x13, x5\n\t"
- "adcs x10, x14, x6\n\t"
- "adc x11, x15, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x11, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "adds x8, x21, x4\n\t"
+ "adcs x9, x22, x5\n\t"
+ "adcs x10, x23, x6\n\t"
+ "adcs x11, x24, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x8, x8, x25\n\t"
- "sbcs x9, x9, x28\n\t"
- "sbcs x10, x10, x28\n\t"
- "sbc x11, x11, x26\n\t"
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
/* Sub */
- "subs x16, x12, x4\n\t"
- "sbcs x17, x13, x5\n\t"
- "sbcs x19, x14, x6\n\t"
- "sbcs x20, x15, x7\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x21, x4\n\t"
+ "sbcs x13, x22, x5\n\t"
+ "sbcs x14, x23, x6\n\t"
+ "sbcs x15, x24, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
"stp x8, x9, [x0]\n\t"
"stp x10, x11, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldr x0, [x29, #48]\n\t"
- "ldr x1, [x29, #64]\n\t"
- "ldr x2, [sp, #96]\n\t"
+ "stp x12, x13, [x1]\n\t"
+ "stp x14, x15, [x1, #16]\n\t"
+ "ldr x1, [x29, #24]\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "add x2, x2, #0x60\n\t"
+ "add x1, x1, #0x60\n\t"
+ "add x0, x0, #0x40\n\t"
/* Multiply */
- "ldp x12, x13, [x1]\n\t"
- "ldp x14, x15, [x1, #16]\n\t"
- "ldp x16, x17, [x2]\n\t"
- "ldp x19, x20, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x12, x16\n\t"
- "umulh x5, x12, x16\n\t"
- /* A[0] * B[1] */
- "mul x25, x12, x17\n\t"
- "umulh x6, x12, x17\n\t"
- "adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x13, x16\n\t"
- "umulh x26, x13, x16\n\t"
- "adds x5, x5, x25\n\t"
- "adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x12, x19\n\t"
- "umulh x26, x12, x19\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x13, x17\n\t"
- "umulh x26, x13, x17\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x14, x16\n\t"
- "umulh x26, x14, x16\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x12, x20\n\t"
- "umulh x26, x12, x20\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x13, x19\n\t"
- "umulh x26, x13, x19\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x14, x17\n\t"
- "umulh x26, x14, x17\n\t"
- "adds x7, x7, x25\n\t"
+ "ldp x21, x22, [x1]\n\t"
+ "ldp x23, x24, [x1, #16]\n\t"
+ "ldp x4, x5, [x2]\n\t"
+ "ldp x6, x7, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x17, x21, x4\n\t"
+ "mul x16, x21, x4\n\t"
+ /* A[2] * B[0] */
+ "umulh x20, x23, x4\n\t"
+ "mul x19, x23, x4\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x22, x4\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x22, x4\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x22, x7\n\t"
+ "adc x20, x20, xzr\n\t"
+ "mul x8, x22, x7\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x21, x5\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x21, x5\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x23, x5\n\t"
+ "adcs x20, x20, x25\n\t"
+ "umulh x26, x23, x5\n\t"
"adcs x8, x8, x26\n\t"
"adc x9, x9, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x15, x16\n\t"
- "umulh x26, x15, x16\n\t"
- "adds x7, x7, x25\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x22, x6\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x22, x6\n\t"
"adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x13, x20\n\t"
- "umulh x26, x13, x20\n\t"
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
"adc x10, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x14, x19\n\t"
- "umulh x26, x14, x19\n\t"
- "adds x8, x8, x25\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x21, x6\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x21, x6\n\t"
+ "adcs x20, x20, x26\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x22, x5\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x22, x5\n\t"
+ "adcs x20, x20, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x24, x5\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x24, x5\n\t"
"adcs x9, x9, x26\n\t"
"adc x10, x10, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x15, x17\n\t"
- "umulh x26, x15, x17\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x23, x6\n\t"
"adds x8, x8, x25\n\t"
+ "umulh x26, x23, x6\n\t"
"adcs x9, x9, x26\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x14, x20\n\t"
- "umulh x26, x14, x20\n\t"
- "adds x9, x9, x25\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x24, x7\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x24, x7\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x21, x7\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x21, x7\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x23, x7\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x23, x7\n\t"
"adcs x10, x10, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x15, x19\n\t"
- "umulh x26, x15, x19\n\t"
- "adds x9, x9, x25\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x24, x4\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x24, x4\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x24, x6\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x24, x6\n\t"
"adcs x10, x10, x26\n\t"
"adc x11, x11, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x15, x20\n\t"
- "umulh x26, x15, x20\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x20, x20, x26\n\t"
+ "umulh x27, x25, x11\n\t"
+ "adc x27, x27, xzr\n\t"
"mov x25, #19\n\t"
+ "extr x27, x27, x20, #63\n\t"
+ "mul x27, x27, x25\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
"mul x26, x25, x8\n\t"
+ "adds x16, x16, x26\n\t"
"umulh x8, x25, x8\n\t"
- "adds x4, x4, x26\n\t"
"mul x26, x25, x9\n\t"
+ "adcs x17, x17, x26\n\t"
"umulh x9, x25, x9\n\t"
- "adcs x5, x5, x26\n\t"
"mul x26, x25, x10\n\t"
+ "adcs x19, x19, x26\n\t"
"umulh x10, x25, x10\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x11\n\t"
- "umulh x27, x25, x11\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x7, #63\n\t"
- "mul x27, x27, x25\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* Add high product results in */
+ "adds x16, x16, x27\n\t"
+ "adcs x17, x17, x8\n\t"
+ "adcs x19, x19, x9\n\t"
+ "adc x20, x20, x10\n\t"
/* Store */
- "ldr x0, [x29, #48]\n\t"
- /* Double */
- "adds x4, x4, x4\n\t"
- "adcs x5, x5, x5\n\t"
- "adcs x6, x6, x6\n\t"
- "adc x7, x7, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x7, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs x4, x4, x25\n\t"
- "sbcs x5, x5, x28\n\t"
- "sbcs x6, x6, x28\n\t"
- "sbc x7, x7, x26\n\t"
- "ldr x0, [x29, #40]\n\t"
- "ldr x1, [sp, #104]\n\t"
- "ldr x2, [x29, #72]\n\t"
+ "stp x16, x17, [x0]\n\t"
+ "stp x19, x20, [x0, #16]\n\t"
+ "sub x3, x2, #32\n\t"
+ "sub x2, x1, #32\n\t"
+ "sub x1, x0, #32\n\t"
/* Multiply */
- "ldp x16, x17, [x1]\n\t"
- "ldp x19, x20, [x1, #16]\n\t"
- "ldp x21, x22, [x2]\n\t"
- "ldp x23, x24, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x8, x16, x21\n\t"
- "umulh x9, x16, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x16, x22\n\t"
- "umulh x10, x16, x22\n\t"
+ "ldp x4, x5, [x2]\n\t"
+ "ldp x6, x7, [x2, #16]\n\t"
+ "ldp x12, x13, [x3]\n\t"
+ "ldp x14, x15, [x3, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x9, x4, x12\n\t"
+ "mul x8, x4, x12\n\t"
+ /* A[2] * B[0] */
+ "umulh x11, x6, x12\n\t"
+ "mul x10, x6, x12\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x5, x12\n\t"
"adds x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x17, x21\n\t"
- "umulh x26, x17, x21\n\t"
+ "umulh x26, x5, x12\n\t"
+ "adcs x10, x10, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x17, x5, x15\n\t"
+ "adc x11, x11, xzr\n\t"
+ "mul x16, x5, x15\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x4, x13\n\t"
"adds x9, x9, x25\n\t"
+ "umulh x26, x4, x13\n\t"
"adcs x10, x10, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x16, x23\n\t"
- "umulh x26, x16, x23\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x17, x22\n\t"
- "umulh x26, x17, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x6, x13\n\t"
+ "adcs x11, x11, x25\n\t"
+ "umulh x26, x6, x13\n\t"
+ "adcs x16, x16, x26\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x5, x14\n\t"
+ "adds x11, x11, x25\n\t"
+ "umulh x26, x5, x14\n\t"
+ "adcs x16, x16, x26\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "adc x19, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x4, x14\n\t"
"adds x10, x10, x25\n\t"
+ "umulh x26, x4, x14\n\t"
"adcs x11, x11, x26\n\t"
- "adc x12, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x19, x21\n\t"
- "umulh x26, x19, x21\n\t"
+ "adcs x16, x16, xzr\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "adc x19, x19, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x5, x13\n\t"
"adds x10, x10, x25\n\t"
+ "umulh x26, x5, x13\n\t"
"adcs x11, x11, x26\n\t"
- "adc x12, x12, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x16, x24\n\t"
- "umulh x26, x16, x24\n\t"
- "adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x17, x23\n\t"
- "umulh x26, x17, x23\n\t"
- "adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x19, x22\n\t"
- "umulh x26, x19, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x7, x13\n\t"
+ "adcs x16, x16, x25\n\t"
+ "umulh x26, x7, x13\n\t"
+ "adcs x17, x17, x26\n\t"
+ "adc x19, x19, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x6, x14\n\t"
+ "adds x16, x16, x25\n\t"
+ "umulh x26, x6, x14\n\t"
+ "adcs x17, x17, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x7, x15\n\t"
+ "adcs x19, x19, x25\n\t"
+ "umulh x20, x7, x15\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x4, x15\n\t"
"adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x20, x21\n\t"
- "umulh x26, x20, x21\n\t"
+ "umulh x26, x4, x15\n\t"
+ "adcs x16, x16, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x6, x15\n\t"
+ "adcs x17, x17, x25\n\t"
+ "umulh x26, x6, x15\n\t"
+ "adcs x19, x19, x26\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x7, x12\n\t"
"adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x17, x24\n\t"
- "umulh x26, x17, x24\n\t"
- "adds x12, x12, x25\n\t"
- "adcs x13, x13, x26\n\t"
- "adc x14, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x19, x23\n\t"
- "umulh x26, x19, x23\n\t"
- "adds x12, x12, x25\n\t"
- "adcs x13, x13, x26\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x20, x22\n\t"
- "umulh x26, x20, x22\n\t"
- "adds x12, x12, x25\n\t"
- "adcs x13, x13, x26\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x19, x24\n\t"
- "umulh x26, x19, x24\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x20, x23\n\t"
- "umulh x26, x20, x23\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, x15, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x20, x24\n\t"
- "umulh x26, x20, x24\n\t"
- "adds x14, x14, x25\n\t"
- "adc x15, x15, x26\n\t"
+ "umulh x26, x7, x12\n\t"
+ "adcs x16, x16, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x7, x14\n\t"
+ "adcs x17, x17, x25\n\t"
+ "umulh x26, x7, x14\n\t"
+ "adcs x19, x19, x26\n\t"
+ "adc x20, x20, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x15, x15, x14, #63\n\t"
- "extr x14, x14, x13, #63\n\t"
- "extr x13, x13, x12, #63\n\t"
- "extr x12, x12, x11, #63\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x12\n\t"
- "umulh x12, x25, x12\n\t"
- "adds x8, x8, x26\n\t"
- "mul x26, x25, x13\n\t"
- "umulh x13, x25, x13\n\t"
- "adcs x9, x9, x26\n\t"
- "mul x26, x25, x14\n\t"
- "umulh x14, x25, x14\n\t"
- "adcs x10, x10, x26\n\t"
- "mul x26, x25, x15\n\t"
- "umulh x27, x25, x15\n\t"
- "adcs x11, x11, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x9, x9, x12\n\t"
- "adcs x10, x10, x13\n\t"
- "adcs x11, x11, x14\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x20\n\t"
+ "adds x11, x11, x26\n\t"
+ "umulh x27, x25, x20\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
+ "mov x25, #19\n\t"
"extr x27, x27, x11, #63\n\t"
"mul x27, x27, x25\n\t"
"and x11, x11, #0x7fffffffffffffff\n\t"
- "adds x8, x8, x27\n\t"
- "adcs x9, x9, xzr\n\t"
- "adcs x10, x10, xzr\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x16\n\t"
+ "adds x8, x8, x26\n\t"
+ "umulh x16, x25, x16\n\t"
+ "mul x26, x25, x17\n\t"
+ "adcs x9, x9, x26\n\t"
+ "umulh x17, x25, x17\n\t"
+ "mul x26, x25, x19\n\t"
+ "adcs x10, x10, x26\n\t"
+ "umulh x19, x25, x19\n\t"
"adc x11, x11, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x11, asr 63\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x8, x8, x27\n\t"
- "adcs x9, x9, xzr\n\t"
- "adcs x10, x10, xzr\n\t"
- "adc x11, x11, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #32]\n\t"
- "ldr x1, [x29, #40]\n\t"
- /* Add */
- "adds x12, x4, x8\n\t"
- "adcs x13, x5, x9\n\t"
- "adcs x14, x6, x10\n\t"
- "adc x15, x7, x11\n\t"
+ "adcs x9, x9, x16\n\t"
+ "adcs x10, x10, x17\n\t"
+ "adc x11, x11, x19\n\t"
+ /* Double */
+ "adds x8, x8, x8\n\t"
+ "adcs x9, x9, x9\n\t"
+ "adcs x10, x10, x10\n\t"
+ "adc x11, x11, x11\n\t"
"mov x25, #-19\n\t"
- "asr x28, x15, #63\n\t"
+ "asr x28, x11, #63\n\t"
/* Mask the modulus */
"and x25, x28, x25\n\t"
"and x26, x28, #0x7fffffffffffffff\n\t"
/* Sub modulus (if overflow) */
- "subs x12, x12, x25\n\t"
- "sbcs x13, x13, x28\n\t"
- "sbcs x14, x14, x28\n\t"
- "sbc x15, x15, x26\n\t"
+ "subs x8, x8, x25\n\t"
+ "sbcs x9, x9, x28\n\t"
+ "sbcs x10, x10, x28\n\t"
+ "sbc x11, x11, x26\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "mov x1, x0\n\t"
+ "sub x0, x0, #32\n\t"
+ /* Add */
+ "ldp x4, x5, [x3]\n\t"
+ "ldp x6, x7, [x3, #16]\n\t"
+ "adds x21, x8, x4\n\t"
+ "adcs x22, x9, x5\n\t"
+ "adcs x23, x10, x6\n\t"
+ "adcs x24, x11, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x24, #63\n\t"
+ "mul x25, x28, x25\n\t"
+ /* Sub modulus (if overflow) */
+ "adds x21, x21, x25\n\t"
+ "adcs x22, x22, xzr\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "adcs x23, x23, xzr\n\t"
+ "adc x24, x24, xzr\n\t"
/* Sub */
- "subs x16, x4, x8\n\t"
- "sbcs x17, x5, x9\n\t"
- "sbcs x19, x6, x10\n\t"
- "sbcs x20, x7, x11\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x8, x4\n\t"
+ "sbcs x13, x9, x5\n\t"
+ "sbcs x14, x10, x6\n\t"
+ "sbcs x15, x11, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
- "stp x12, x13, [x0]\n\t"
- "stp x14, x15, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldp x29, x30, [sp], #0x80\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qz] "+r" (qz), [qt2d] "+r" (qt2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
+ "stp x21, x22, [x0]\n\t"
+ "stp x23, x24, [x0, #16]\n\t"
+ "stp x12, x13, [x1]\n\t"
+ "stp x14, x15, [x1, #16]\n\t"
+ "ldp x29, x30, [sp], #48\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
:
- : "memory", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
);
}
-void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qz, const fe qt2d, const fe qyplusx, const fe qyminusx)
+void ge_sub(ge_p1p1* r, const ge_p3* p, const ge_cached* q)
{
__asm__ __volatile__ (
- "stp x29, x30, [sp, #-128]!\n\t"
+ "stp x29, x30, [sp, #-48]!\n\t"
"add x29, sp, #0\n\t"
- "str %x[qyminusx], [sp, #120]\n\t"
- "str %x[qyplusx], [sp, #112]\n\t"
- "str %x[qt2d], [sp, #104]\n\t"
- "str %x[qz], [sp, #96]\n\t"
- "str %x[rx], [x29, #16]\n\t"
- "str %x[ry], [x29, #24]\n\t"
- "str %x[rz], [x29, #32]\n\t"
- "str %x[rt], [x29, #40]\n\t"
- "str %x[px], [x29, #48]\n\t"
- "str %x[py], [x29, #56]\n\t"
- "str %x[pz], [x29, #64]\n\t"
- "str %x[pt], [x29, #72]\n\t"
- "ldr x2, [x29, #56]\n\t"
- "ldr x3, [x29, #48]\n\t"
+ "str %x[r], [x29, #16]\n\t"
+ "str %x[p], [x29, #24]\n\t"
+ "str %x[q], [x29, #32]\n\t"
+ "mov x3, x1\n\t"
+ "add x2, x1, #32\n\t"
+ "add x1, x0, #32\n\t"
/* Add */
- "ldp x12, x13, [x2]\n\t"
- "ldp x14, x15, [x2, #16]\n\t"
- "ldp x16, x17, [x3]\n\t"
- "ldp x19, x20, [x3, #16]\n\t"
- "adds x4, x12, x16\n\t"
- "adcs x5, x13, x17\n\t"
- "adcs x6, x14, x19\n\t"
- "adc x7, x15, x20\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x7, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ "ldp x4, x5, [x3]\n\t"
+ "ldp x6, x7, [x3, #16]\n\t"
+ "adds x16, x8, x4\n\t"
+ "adcs x17, x9, x5\n\t"
+ "adcs x19, x10, x6\n\t"
+ "adcs x20, x11, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x20, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x4, x4, x25\n\t"
- "sbcs x5, x5, x28\n\t"
- "sbcs x6, x6, x28\n\t"
- "sbc x7, x7, x26\n\t"
+ "adds x16, x16, x25\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
/* Sub */
- "subs x8, x12, x16\n\t"
- "sbcs x9, x13, x17\n\t"
- "sbcs x10, x14, x19\n\t"
- "sbcs x11, x15, x20\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x8, x4\n\t"
+ "sbcs x13, x9, x5\n\t"
+ "sbcs x14, x10, x6\n\t"
+ "sbcs x15, x11, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x28\n\t"
- "adcs x10, x10, x28\n\t"
- "adc x11, x11, x26\n\t"
- "ldr x0, [x29, #32]\n\t"
- "ldr x2, [sp, #120]\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "add x2, x2, #32\n\t"
+ "mov x1, x0\n\t"
/* Multiply */
- "ldp x21, x22, [x2]\n\t"
- "ldp x23, x24, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x12, x4, x21\n\t"
- "umulh x13, x4, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x4, x22\n\t"
- "umulh x14, x4, x22\n\t"
- "adds x13, x13, x25\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x5, x21\n\t"
- "umulh x26, x5, x21\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x4, x23\n\t"
- "umulh x26, x4, x23\n\t"
- "adds x14, x14, x25\n\t"
- "adc x15, x15, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x5, x22\n\t"
- "umulh x26, x5, x22\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x6, x21\n\t"
- "umulh x26, x6, x21\n\t"
- "adds x14, x14, x25\n\t"
- "adcs x15, x15, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x4, x24\n\t"
- "umulh x26, x4, x24\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x5, x23\n\t"
- "umulh x26, x5, x23\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x6, x22\n\t"
- "umulh x26, x6, x22\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x7, x21\n\t"
- "umulh x26, x7, x21\n\t"
- "adds x15, x15, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x5, x24\n\t"
- "umulh x26, x5, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x6, x23\n\t"
- "umulh x26, x6, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x7, x22\n\t"
- "umulh x26, x7, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x6, x24\n\t"
- "umulh x26, x6, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x7, x23\n\t"
- "umulh x26, x7, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x7, x24\n\t"
- "umulh x26, x7, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "ldp x8, x9, [x2]\n\t"
+ "ldp x10, x11, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x22, x16, x8\n\t"
+ "mul x21, x16, x8\n\t"
+ /* A[2] * B[0] */
+ "umulh x24, x19, x8\n\t"
+ "mul x23, x19, x8\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x17, x8\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x17, x8\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x5, x17, x11\n\t"
+ "adc x24, x24, xzr\n\t"
+ "mul x4, x17, x11\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x16, x9\n\t"
+ "adds x22, x22, x25\n\t"
+ "umulh x26, x16, x9\n\t"
+ "adcs x23, x23, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x19, x9\n\t"
+ "adcs x24, x24, x25\n\t"
+ "umulh x26, x19, x9\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adc x5, x5, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x17, x10\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x17, x10\n\t"
+ "adcs x4, x4, x26\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x16, x10\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x16, x10\n\t"
+ "adcs x24, x24, x26\n\t"
+ "adcs x4, x4, xzr\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x17, x9\n\t"
+ "adds x23, x23, x25\n\t"
+ "umulh x26, x17, x9\n\t"
+ "adcs x24, x24, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x20, x9\n\t"
+ "adcs x4, x4, x25\n\t"
+ "umulh x26, x20, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "adc x6, x6, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x19, x10\n\t"
+ "adds x4, x4, x25\n\t"
+ "umulh x26, x19, x10\n\t"
+ "adcs x5, x5, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x20, x11\n\t"
+ "adcs x6, x6, x25\n\t"
+ "umulh x7, x20, x11\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x16, x11\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x16, x11\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x19, x11\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x19, x11\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x20, x8\n\t"
+ "adds x24, x24, x25\n\t"
+ "umulh x26, x20, x8\n\t"
+ "adcs x4, x4, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x20, x10\n\t"
+ "adcs x5, x5, x25\n\t"
+ "umulh x26, x20, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "adc x7, x7, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x15, #63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x12, x12, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x13, x13, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x14, x14, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x15, x15, x26\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x7\n\t"
+ "adds x24, x24, x26\n\t"
+ "umulh x27, x25, x7\n\t"
"adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x13, x13, x16\n\t"
- "adcs x14, x14, x17\n\t"
- "adcs x15, x15, x19\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x15, #63\n\t"
+ "mov x25, #19\n\t"
+ "extr x27, x27, x24, #63\n\t"
"mul x27, x27, x25\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x4\n\t"
+ "adds x21, x21, x26\n\t"
+ "umulh x4, x25, x4\n\t"
+ "mul x26, x25, x5\n\t"
+ "adcs x22, x22, x26\n\t"
+ "umulh x5, x25, x5\n\t"
+ "mul x26, x25, x6\n\t"
+ "adcs x23, x23, x26\n\t"
+ "umulh x6, x25, x6\n\t"
+ "adc x24, x24, xzr\n\t"
+ /* Add high product results in */
+ "adds x21, x21, x27\n\t"
+ "adcs x22, x22, x4\n\t"
+ "adcs x23, x23, x5\n\t"
+ "adc x24, x24, x6\n\t"
/* Reduce if top bit set */
- "and x27, x25, x15, asr 63\n\t"
- "and x15, x15, #0x7fffffffffffffff\n\t"
- "adds x12, x12, x27\n\t"
- "adcs x13, x13, xzr\n\t"
- "adcs x14, x14, xzr\n\t"
- "adc x15, x15, xzr\n\t"
+ "mov x25, #19\n\t"
+ "and x26, x25, x24, asr 63\n\t"
+ "adds x21, x21, x26\n\t"
+ "adcs x22, x22, xzr\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "adcs x23, x23, xzr\n\t"
+ "adc x24, x24, xzr\n\t"
/* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [sp, #112]\n\t"
+ "stp x21, x22, [x0]\n\t"
+ "stp x23, x24, [x0, #16]\n\t"
+ "sub x2, x2, #32\n\t"
+ "add x1, x0, #32\n\t"
+ "add x0, x0, #32\n\t"
/* Multiply */
- "ldp x21, x22, [x1]\n\t"
- "ldp x23, x24, [x1, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x8, x21\n\t"
- "umulh x5, x8, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x8, x22\n\t"
- "umulh x6, x8, x22\n\t"
+ "ldp x16, x17, [x2]\n\t"
+ "ldp x19, x20, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x5, x12, x16\n\t"
+ "mul x4, x12, x16\n\t"
+ /* A[2] * B[0] */
+ "umulh x7, x14, x16\n\t"
+ "mul x6, x14, x16\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x13, x16\n\t"
"adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x9, x21\n\t"
- "umulh x26, x9, x21\n\t"
+ "umulh x26, x13, x16\n\t"
+ "adcs x6, x6, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x13, x20\n\t"
+ "adc x7, x7, xzr\n\t"
+ "mul x8, x13, x20\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x12, x17\n\t"
"adds x5, x5, x25\n\t"
+ "umulh x26, x12, x17\n\t"
"adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x8, x23\n\t"
- "umulh x26, x8, x23\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x9, x22\n\t"
- "umulh x26, x9, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x14, x17\n\t"
+ "adcs x7, x7, x25\n\t"
+ "umulh x26, x14, x17\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adc x9, x9, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x13, x19\n\t"
+ "adds x7, x7, x25\n\t"
+ "umulh x26, x13, x19\n\t"
+ "adcs x8, x8, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x12, x19\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x12, x19\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x10, x21\n\t"
- "umulh x26, x10, x21\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x13, x17\n\t"
"adds x6, x6, x25\n\t"
+ "umulh x26, x13, x17\n\t"
"adcs x7, x7, x26\n\t"
- "adc x16, x16, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x8, x24\n\t"
- "umulh x26, x8, x24\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x9, x23\n\t"
- "umulh x26, x9, x23\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x10, x22\n\t"
- "umulh x26, x10, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x15, x17\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x15, x17\n\t"
+ "adcs x9, x9, x26\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x14, x19\n\t"
+ "adds x8, x8, x25\n\t"
+ "umulh x26, x14, x19\n\t"
+ "adcs x9, x9, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x15, x20\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x15, x20\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x12, x20\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x11, x21\n\t"
- "umulh x26, x11, x21\n\t"
+ "umulh x26, x12, x20\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x14, x20\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x14, x20\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x15, x16\n\t"
"adds x7, x7, x25\n\t"
- "adcs x16, x16, x26\n\t"
- "adc x17, x17, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x9, x24\n\t"
- "umulh x26, x9, x24\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x10, x23\n\t"
- "umulh x26, x10, x23\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x11, x22\n\t"
- "umulh x26, x11, x22\n\t"
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x26\n\t"
- "adc x19, x19, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x10, x24\n\t"
- "umulh x26, x10, x24\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x11, x23\n\t"
- "umulh x26, x11, x23\n\t"
- "adds x17, x17, x25\n\t"
- "adcs x19, x19, x26\n\t"
- "adc x20, x20, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x11, x24\n\t"
- "umulh x26, x11, x24\n\t"
- "adds x19, x19, x25\n\t"
- "adc x20, x20, x26\n\t"
+ "umulh x26, x15, x16\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x15, x19\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x15, x19\n\t"
+ "adcs x10, x10, x26\n\t"
+ "adc x11, x11, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x20, x20, x19, #63\n\t"
- "extr x19, x19, x17, #63\n\t"
- "extr x17, x17, x16, #63\n\t"
- "extr x16, x16, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x16\n\t"
- "umulh x16, x25, x16\n\t"
- "adds x4, x4, x26\n\t"
- "mul x26, x25, x17\n\t"
- "umulh x17, x25, x17\n\t"
- "adcs x5, x5, x26\n\t"
- "mul x26, x25, x19\n\t"
- "umulh x19, x25, x19\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x20\n\t"
- "umulh x27, x25, x20\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x16\n\t"
- "adcs x6, x6, x17\n\t"
- "adcs x7, x7, x19\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x7, x7, x26\n\t"
+ "umulh x27, x25, x11\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
+ "mov x25, #19\n\t"
"extr x27, x27, x7, #63\n\t"
"mul x27, x27, x25\n\t"
"and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x8\n\t"
+ "adds x4, x4, x26\n\t"
+ "umulh x8, x25, x8\n\t"
+ "mul x26, x25, x9\n\t"
+ "adcs x5, x5, x26\n\t"
+ "umulh x9, x25, x9\n\t"
+ "mul x26, x25, x10\n\t"
+ "adcs x6, x6, x26\n\t"
+ "umulh x10, x25, x10\n\t"
"adc x7, x7, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
+ "adcs x5, x5, x8\n\t"
+ "adcs x6, x6, x9\n\t"
+ "adc x7, x7, x10\n\t"
/* Store */
- "ldr x0, [x29, #24]\n\t"
- "ldr x1, [x29, #16]\n\t"
+ "stp x4, x5, [x0]\n\t"
+ "stp x6, x7, [x0, #16]\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ "sub x1, x0, #32\n\t"
/* Add */
- "adds x8, x12, x4\n\t"
- "adcs x9, x13, x5\n\t"
- "adcs x10, x14, x6\n\t"
- "adc x11, x15, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x11, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "adds x8, x21, x4\n\t"
+ "adcs x9, x22, x5\n\t"
+ "adcs x10, x23, x6\n\t"
+ "adcs x11, x24, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x11, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Sub modulus (if overflow) */
- "subs x8, x8, x25\n\t"
- "sbcs x9, x9, x28\n\t"
- "sbcs x10, x10, x28\n\t"
- "sbc x11, x11, x26\n\t"
+ "adds x8, x8, x25\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "and x11, x11, #0x7fffffffffffffff\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
/* Sub */
- "subs x16, x12, x4\n\t"
- "sbcs x17, x13, x5\n\t"
- "sbcs x19, x14, x6\n\t"
- "sbcs x20, x15, x7\n\t"
- "mov x25, #-19\n\t"
+ "subs x12, x21, x4\n\t"
+ "sbcs x13, x22, x5\n\t"
+ "sbcs x14, x23, x6\n\t"
+ "sbcs x15, x24, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
+ "subs x12, x12, x25\n\t"
+ "sbcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "sbcs x14, x14, xzr\n\t"
+ "sbc x15, x15, xzr\n\t"
"stp x8, x9, [x0]\n\t"
"stp x10, x11, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldr x0, [x29, #48]\n\t"
- "ldr x1, [x29, #64]\n\t"
- "ldr x2, [sp, #96]\n\t"
+ "stp x12, x13, [x1]\n\t"
+ "stp x14, x15, [x1, #16]\n\t"
+ "ldr x1, [x29, #24]\n\t"
+ "ldr x2, [x29, #32]\n\t"
+ "add x2, x2, #0x60\n\t"
+ "add x1, x1, #0x60\n\t"
+ "add x0, x0, #0x40\n\t"
/* Multiply */
- "ldp x12, x13, [x1]\n\t"
- "ldp x14, x15, [x1, #16]\n\t"
- "ldp x16, x17, [x2]\n\t"
- "ldp x19, x20, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x4, x12, x16\n\t"
- "umulh x5, x12, x16\n\t"
- /* A[0] * B[1] */
- "mul x25, x12, x17\n\t"
- "umulh x6, x12, x17\n\t"
- "adds x5, x5, x25\n\t"
- "adc x6, x6, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x13, x16\n\t"
- "umulh x26, x13, x16\n\t"
- "adds x5, x5, x25\n\t"
- "adcs x6, x6, x26\n\t"
- "adc x7, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x12, x19\n\t"
- "umulh x26, x12, x19\n\t"
- "adds x6, x6, x25\n\t"
- "adc x7, x7, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x13, x17\n\t"
- "umulh x26, x13, x17\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x14, x16\n\t"
- "umulh x26, x14, x16\n\t"
- "adds x6, x6, x25\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x8, x8, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x12, x20\n\t"
- "umulh x26, x12, x20\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x13, x19\n\t"
- "umulh x26, x13, x19\n\t"
- "adds x7, x7, x25\n\t"
- "adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x14, x17\n\t"
- "umulh x26, x14, x17\n\t"
- "adds x7, x7, x25\n\t"
+ "ldp x21, x22, [x1]\n\t"
+ "ldp x23, x24, [x1, #16]\n\t"
+ "ldp x4, x5, [x2]\n\t"
+ "ldp x6, x7, [x2, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x17, x21, x4\n\t"
+ "mul x16, x21, x4\n\t"
+ /* A[2] * B[0] */
+ "umulh x20, x23, x4\n\t"
+ "mul x19, x23, x4\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x22, x4\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x22, x4\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x22, x7\n\t"
+ "adc x20, x20, xzr\n\t"
+ "mul x8, x22, x7\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x21, x5\n\t"
+ "adds x17, x17, x25\n\t"
+ "umulh x26, x21, x5\n\t"
+ "adcs x19, x19, x26\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x23, x5\n\t"
+ "adcs x20, x20, x25\n\t"
+ "umulh x26, x23, x5\n\t"
"adcs x8, x8, x26\n\t"
"adc x9, x9, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x15, x16\n\t"
- "umulh x26, x15, x16\n\t"
- "adds x7, x7, x25\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x22, x6\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x22, x6\n\t"
"adcs x8, x8, x26\n\t"
- "adc x9, x9, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x13, x20\n\t"
- "umulh x26, x13, x20\n\t"
- "adds x8, x8, x25\n\t"
- "adcs x9, x9, x26\n\t"
+ "adcs x9, x9, xzr\n\t"
"adc x10, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x14, x19\n\t"
- "umulh x26, x14, x19\n\t"
- "adds x8, x8, x25\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x21, x6\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x21, x6\n\t"
+ "adcs x20, x20, x26\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x22, x5\n\t"
+ "adds x19, x19, x25\n\t"
+ "umulh x26, x22, x5\n\t"
+ "adcs x20, x20, x26\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x24, x5\n\t"
+ "adcs x8, x8, x25\n\t"
+ "umulh x26, x24, x5\n\t"
"adcs x9, x9, x26\n\t"
"adc x10, x10, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x15, x17\n\t"
- "umulh x26, x15, x17\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x23, x6\n\t"
"adds x8, x8, x25\n\t"
+ "umulh x26, x23, x6\n\t"
"adcs x9, x9, x26\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x14, x20\n\t"
- "umulh x26, x14, x20\n\t"
- "adds x9, x9, x25\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x24, x7\n\t"
+ "adcs x10, x10, x25\n\t"
+ "umulh x11, x24, x7\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x21, x7\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x21, x7\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x23, x7\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x23, x7\n\t"
"adcs x10, x10, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x15, x19\n\t"
- "umulh x26, x15, x19\n\t"
- "adds x9, x9, x25\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x24, x4\n\t"
+ "adds x20, x20, x25\n\t"
+ "umulh x26, x24, x4\n\t"
+ "adcs x8, x8, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x24, x6\n\t"
+ "adcs x9, x9, x25\n\t"
+ "umulh x26, x24, x6\n\t"
"adcs x10, x10, x26\n\t"
"adc x11, x11, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x15, x20\n\t"
- "umulh x26, x15, x20\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x11, x11, x10, #63\n\t"
- "extr x10, x10, x9, #63\n\t"
- "extr x9, x9, x8, #63\n\t"
- "extr x8, x8, x7, #63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
+ "mov x25, #38\n\t"
+ "mul x26, x25, x11\n\t"
+ "adds x20, x20, x26\n\t"
+ "umulh x27, x25, x11\n\t"
+ "adc x27, x27, xzr\n\t"
"mov x25, #19\n\t"
+ "extr x27, x27, x20, #63\n\t"
+ "mul x27, x27, x25\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "mov x25, #38\n\t"
"mul x26, x25, x8\n\t"
+ "adds x16, x16, x26\n\t"
"umulh x8, x25, x8\n\t"
- "adds x4, x4, x26\n\t"
"mul x26, x25, x9\n\t"
+ "adcs x17, x17, x26\n\t"
"umulh x9, x25, x9\n\t"
- "adcs x5, x5, x26\n\t"
"mul x26, x25, x10\n\t"
+ "adcs x19, x19, x26\n\t"
"umulh x10, x25, x10\n\t"
- "adcs x6, x6, x26\n\t"
- "mul x26, x25, x11\n\t"
- "umulh x27, x25, x11\n\t"
- "adcs x7, x7, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x5, x5, x8\n\t"
- "adcs x6, x6, x9\n\t"
- "adcs x7, x7, x10\n\t"
- "adc x27, x27, xzr\n\t"
- /* Overflow */
- "extr x27, x27, x7, #63\n\t"
- "mul x27, x27, x25\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* Add high product results in */
+ "adds x16, x16, x27\n\t"
+ "adcs x17, x17, x8\n\t"
+ "adcs x19, x19, x9\n\t"
+ "adc x20, x20, x10\n\t"
/* Reduce if top bit set */
- "and x27, x25, x7, asr 63\n\t"
- "and x7, x7, #0x7fffffffffffffff\n\t"
- "adds x4, x4, x27\n\t"
- "adcs x5, x5, xzr\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, xzr\n\t"
+ "mov x25, #19\n\t"
+ "and x26, x25, x20, asr 63\n\t"
+ "adds x16, x16, x26\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "and x20, x20, #0x7fffffffffffffff\n\t"
+ "adcs x19, x19, xzr\n\t"
+ "adc x20, x20, xzr\n\t"
/* Store */
- "ldr x0, [x29, #48]\n\t"
- /* Double */
- "adds x4, x4, x4\n\t"
- "adcs x5, x5, x5\n\t"
- "adcs x6, x6, x6\n\t"
- "adc x7, x7, x7\n\t"
- "mov x25, #-19\n\t"
- "asr x28, x7, #63\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
- /* Sub modulus (if overflow) */
- "subs x4, x4, x25\n\t"
- "sbcs x5, x5, x28\n\t"
- "sbcs x6, x6, x28\n\t"
- "sbc x7, x7, x26\n\t"
- "ldr x0, [x29, #40]\n\t"
- "ldr x1, [sp, #104]\n\t"
- "ldr x2, [x29, #72]\n\t"
+ "stp x16, x17, [x0]\n\t"
+ "stp x19, x20, [x0, #16]\n\t"
+ "sub x3, x2, #32\n\t"
+ "sub x2, x1, #32\n\t"
+ "sub x1, x0, #32\n\t"
/* Multiply */
- "ldp x16, x17, [x1]\n\t"
- "ldp x19, x20, [x1, #16]\n\t"
- "ldp x21, x22, [x2]\n\t"
- "ldp x23, x24, [x2, #16]\n\t"
- /* A[0] * B[0] */
- "mul x8, x16, x21\n\t"
- "umulh x9, x16, x21\n\t"
- /* A[0] * B[1] */
- "mul x25, x16, x22\n\t"
- "umulh x10, x16, x22\n\t"
+ "ldp x4, x5, [x2]\n\t"
+ "ldp x6, x7, [x2, #16]\n\t"
+ "ldp x12, x13, [x3]\n\t"
+ "ldp x14, x15, [x3, #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x9, x4, x12\n\t"
+ "mul x8, x4, x12\n\t"
+ /* A[2] * B[0] */
+ "umulh x11, x6, x12\n\t"
+ "mul x10, x6, x12\n\t"
+ /* A[1] * B[0] */
+ "mul x25, x5, x12\n\t"
"adds x9, x9, x25\n\t"
- "adc x10, x10, xzr\n\t"
- /* A[1] * B[0] */
- "mul x25, x17, x21\n\t"
- "umulh x26, x17, x21\n\t"
+ "umulh x26, x5, x12\n\t"
+ "adcs x10, x10, x26\n\t"
+ /* A[1] * B[3] */
+ "umulh x17, x5, x15\n\t"
+ "adc x11, x11, xzr\n\t"
+ "mul x16, x5, x15\n\t"
+ /* A[0] * B[1] */
+ "mul x25, x4, x13\n\t"
"adds x9, x9, x25\n\t"
+ "umulh x26, x4, x13\n\t"
"adcs x10, x10, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- /* A[0] * B[2] */
- "mul x25, x16, x23\n\t"
- "umulh x26, x16, x23\n\t"
- "adds x10, x10, x25\n\t"
- "adc x11, x11, x26\n\t"
- /* A[1] * B[1] */
- "mul x25, x17, x22\n\t"
- "umulh x26, x17, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x25, x6, x13\n\t"
+ "adcs x11, x11, x25\n\t"
+ "umulh x26, x6, x13\n\t"
+ "adcs x16, x16, x26\n\t"
+ "adc x17, x17, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x25, x5, x14\n\t"
+ "adds x11, x11, x25\n\t"
+ "umulh x26, x5, x14\n\t"
+ "adcs x16, x16, x26\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "adc x19, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x25, x4, x14\n\t"
"adds x10, x10, x25\n\t"
+ "umulh x26, x4, x14\n\t"
"adcs x11, x11, x26\n\t"
- "adc x12, xzr, xzr\n\t"
- /* A[2] * B[0] */
- "mul x25, x19, x21\n\t"
- "umulh x26, x19, x21\n\t"
+ "adcs x16, x16, xzr\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "adc x19, x19, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x25, x5, x13\n\t"
"adds x10, x10, x25\n\t"
+ "umulh x26, x5, x13\n\t"
"adcs x11, x11, x26\n\t"
- "adc x12, x12, xzr\n\t"
- /* A[0] * B[3] */
- "mul x25, x16, x24\n\t"
- "umulh x26, x16, x24\n\t"
- "adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, xzr, xzr\n\t"
- /* A[1] * B[2] */
- "mul x25, x17, x23\n\t"
- "umulh x26, x17, x23\n\t"
- "adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[2] * B[1] */
- "mul x25, x19, x22\n\t"
- "umulh x26, x19, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x25, x7, x13\n\t"
+ "adcs x16, x16, x25\n\t"
+ "umulh x26, x7, x13\n\t"
+ "adcs x17, x17, x26\n\t"
+ "adc x19, x19, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x25, x6, x14\n\t"
+ "adds x16, x16, x25\n\t"
+ "umulh x26, x6, x14\n\t"
+ "adcs x17, x17, x26\n\t"
+ /* A[3] * B[3] */
+ "mul x25, x7, x15\n\t"
+ "adcs x19, x19, x25\n\t"
+ "umulh x20, x7, x15\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x25, x4, x15\n\t"
"adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[3] * B[0] */
- "mul x25, x20, x21\n\t"
- "umulh x26, x20, x21\n\t"
+ "umulh x26, x4, x15\n\t"
+ "adcs x16, x16, x26\n\t"
+ /* A[2] * B[3] */
+ "mul x25, x6, x15\n\t"
+ "adcs x17, x17, x25\n\t"
+ "umulh x26, x6, x15\n\t"
+ "adcs x19, x19, x26\n\t"
+ "adc x20, x20, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x25, x7, x12\n\t"
"adds x11, x11, x25\n\t"
- "adcs x12, x12, x26\n\t"
- "adc x13, x13, xzr\n\t"
- /* A[1] * B[3] */
- "mul x25, x17, x24\n\t"
- "umulh x26, x17, x24\n\t"
- "adds x12, x12, x25\n\t"
- "adcs x13, x13, x26\n\t"
- "adc x14, xzr, xzr\n\t"
- /* A[2] * B[2] */
- "mul x25, x19, x23\n\t"
- "umulh x26, x19, x23\n\t"
- "adds x12, x12, x25\n\t"
- "adcs x13, x13, x26\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[3] * B[1] */
- "mul x25, x20, x22\n\t"
- "umulh x26, x20, x22\n\t"
- "adds x12, x12, x25\n\t"
- "adcs x13, x13, x26\n\t"
- "adc x14, x14, xzr\n\t"
- /* A[2] * B[3] */
- "mul x25, x19, x24\n\t"
- "umulh x26, x19, x24\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, xzr, xzr\n\t"
- /* A[3] * B[2] */
- "mul x25, x20, x23\n\t"
- "umulh x26, x20, x23\n\t"
- "adds x13, x13, x25\n\t"
- "adcs x14, x14, x26\n\t"
- "adc x15, x15, xzr\n\t"
- /* A[3] * B[3] */
- "mul x25, x20, x24\n\t"
- "umulh x26, x20, x24\n\t"
- "adds x14, x14, x25\n\t"
- "adc x15, x15, x26\n\t"
+ "umulh x26, x7, x12\n\t"
+ "adcs x16, x16, x26\n\t"
+ /* A[3] * B[2] */
+ "mul x25, x7, x14\n\t"
+ "adcs x17, x17, x25\n\t"
+ "umulh x26, x7, x14\n\t"
+ "adcs x19, x19, x26\n\t"
+ "adc x20, x20, xzr\n\t"
/* Reduce */
- /* Move top half into t4-t7 and remove top bit from t3 */
- "extr x15, x15, x14, #63\n\t"
- "extr x14, x14, x13, #63\n\t"
- "extr x13, x13, x12, #63\n\t"
- "extr x12, x12, x11, #63\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
- /* Multiply top half by 19 */
- "mov x25, #19\n\t"
- "mul x26, x25, x12\n\t"
- "umulh x12, x25, x12\n\t"
- "adds x8, x8, x26\n\t"
- "mul x26, x25, x13\n\t"
- "umulh x13, x25, x13\n\t"
- "adcs x9, x9, x26\n\t"
- "mul x26, x25, x14\n\t"
- "umulh x14, x25, x14\n\t"
- "adcs x10, x10, x26\n\t"
- "mul x26, x25, x15\n\t"
- "umulh x27, x25, x15\n\t"
- "adcs x11, x11, x26\n\t"
- "adc x27, x27, xzr\n\t"
- /* Add remaining product results in */
- "adds x9, x9, x12\n\t"
- "adcs x10, x10, x13\n\t"
- "adcs x11, x11, x14\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x20\n\t"
+ "adds x11, x11, x26\n\t"
+ "umulh x27, x25, x20\n\t"
"adc x27, x27, xzr\n\t"
- /* Overflow */
+ "mov x25, #19\n\t"
"extr x27, x27, x11, #63\n\t"
"mul x27, x27, x25\n\t"
"and x11, x11, #0x7fffffffffffffff\n\t"
- "adds x8, x8, x27\n\t"
- "adcs x9, x9, xzr\n\t"
- "adcs x10, x10, xzr\n\t"
+ "mov x25, #38\n\t"
+ "mul x26, x25, x16\n\t"
+ "adds x8, x8, x26\n\t"
+ "umulh x16, x25, x16\n\t"
+ "mul x26, x25, x17\n\t"
+ "adcs x9, x9, x26\n\t"
+ "umulh x17, x25, x17\n\t"
+ "mul x26, x25, x19\n\t"
+ "adcs x10, x10, x26\n\t"
+ "umulh x19, x25, x19\n\t"
"adc x11, x11, xzr\n\t"
- /* Reduce if top bit set */
- "and x27, x25, x11, asr 63\n\t"
- "and x11, x11, #0x7fffffffffffffff\n\t"
+ /* Add high product results in */
"adds x8, x8, x27\n\t"
- "adcs x9, x9, xzr\n\t"
- "adcs x10, x10, xzr\n\t"
- "adc x11, x11, xzr\n\t"
- /* Store */
- "ldr x0, [x29, #40]\n\t"
- "ldr x1, [x29, #32]\n\t"
- /* Add */
- "adds x12, x4, x8\n\t"
- "adcs x13, x5, x9\n\t"
- "adcs x14, x6, x10\n\t"
- "adc x15, x7, x11\n\t"
+ "adcs x9, x9, x16\n\t"
+ "adcs x10, x10, x17\n\t"
+ "adc x11, x11, x19\n\t"
+ /* Double */
+ "adds x8, x8, x8\n\t"
+ "adcs x9, x9, x9\n\t"
+ "adcs x10, x10, x10\n\t"
+ "adc x11, x11, x11\n\t"
"mov x25, #-19\n\t"
- "asr x28, x15, #63\n\t"
+ "asr x28, x11, #63\n\t"
/* Mask the modulus */
"and x25, x28, x25\n\t"
"and x26, x28, #0x7fffffffffffffff\n\t"
/* Sub modulus (if overflow) */
- "subs x12, x12, x25\n\t"
- "sbcs x13, x13, x28\n\t"
- "sbcs x14, x14, x28\n\t"
- "sbc x15, x15, x26\n\t"
+ "subs x8, x8, x25\n\t"
+ "sbcs x9, x9, x28\n\t"
+ "sbcs x10, x10, x28\n\t"
+ "sbc x11, x11, x26\n\t"
+ "mov x3, x0\n\t"
+ "sub x2, x0, #32\n\t"
+ /* Add */
+ "ldp x4, x5, [x3]\n\t"
+ "ldp x6, x7, [x3, #16]\n\t"
+ "adds x12, x8, x4\n\t"
+ "adcs x13, x9, x5\n\t"
+ "adcs x14, x10, x6\n\t"
+ "adcs x15, x11, x7\n\t"
+ "cset x28, cs\n\t"
+ "mov x25, #19\n\t"
+ "extr x28, x28, x15, #63\n\t"
+ "mul x25, x28, x25\n\t"
+ /* Sub modulus (if overflow) */
+ "adds x12, x12, x25\n\t"
+ "adcs x13, x13, xzr\n\t"
+ "and x15, x15, #0x7fffffffffffffff\n\t"
+ "adcs x14, x14, xzr\n\t"
+ "adc x15, x15, xzr\n\t"
/* Sub */
- "subs x16, x4, x8\n\t"
- "sbcs x17, x5, x9\n\t"
- "sbcs x19, x6, x10\n\t"
- "sbcs x20, x7, x11\n\t"
- "mov x25, #-19\n\t"
+ "subs x21, x8, x4\n\t"
+ "sbcs x22, x9, x5\n\t"
+ "sbcs x23, x10, x6\n\t"
+ "sbcs x24, x11, x7\n\t"
"csetm x28, cc\n\t"
- /* Mask the modulus */
- "and x25, x28, x25\n\t"
- "and x26, x28, #0x7fffffffffffffff\n\t"
+ "mov x25, #-19\n\t"
+ "extr x28, x28, x24, #63\n\t"
+ "mul x25, x28, x25\n\t"
/* Add modulus (if underflow) */
- "adds x16, x16, x25\n\t"
- "adcs x17, x17, x28\n\t"
- "adcs x19, x19, x28\n\t"
- "adc x20, x20, x26\n\t"
+ "subs x21, x21, x25\n\t"
+ "sbcs x22, x22, xzr\n\t"
+ "and x24, x24, #0x7fffffffffffffff\n\t"
+ "sbcs x23, x23, xzr\n\t"
+ "sbc x24, x24, xzr\n\t"
"stp x12, x13, [x0]\n\t"
"stp x14, x15, [x0, #16]\n\t"
- "stp x16, x17, [x1]\n\t"
- "stp x19, x20, [x1, #16]\n\t"
- "ldp x29, x30, [sp], #0x80\n\t"
- : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qz] "+r" (qz), [qt2d] "+r" (qt2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+ "stp x21, x22, [x1]\n\t"
+ "stp x23, x24, [x1, #16]\n\t"
+ "ldp x29, x30, [sp], #48\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
+ );
+}
+
+void sc_reduce(byte* s)
+{
+ __asm__ __volatile__ (
+ "ldp x2, x3, [%x[s]]\n\t"
+ "ldp x4, x5, [%x[s], #16]\n\t"
+ "ldp x6, x7, [%x[s], #32]\n\t"
+ "ldp x8, x9, [%x[s], #48]\n\t"
+ "lsr x23, x9, #56\n\t"
+ "lsl x9, x9, #4\n\t"
+ "orr x9, x9, x8, lsr 60\n\t"
+ "lsl x8, x8, #4\n\t"
+ "orr x8, x8, x7, lsr 60\n\t"
+ "lsl x7, x7, #4\n\t"
+ "orr x7, x7, x6, lsr 60\n\t"
+ "lsl x6, x6, #4\n\t"
+ "mov x1, #15\n\t"
+ "orr x6, x6, x5, lsr 60\n\t"
+ "bic x5, x5, x1, lsl 60\n\t"
+ "bic x9, x9, x1, lsl 60\n\t"
+ /* Add order times bits 504..511 */
+ "mov x11, #0x2c13\n\t"
+ "movk x11, #0xa30a, lsl 16\n\t"
+ "movk x11, #0x9ce5, lsl 32\n\t"
+ "movk x11, #0xa7ed, lsl 48\n\t"
+ "mov x13, #0x6329\n\t"
+ "movk x13, #0x5d08, lsl 16\n\t"
+ "movk x13, #0x621, lsl 32\n\t"
+ "movk x13, #0xeb21, lsl 48\n\t"
+ "mul x10, x23, x11\n\t"
+ "umulh x11, x23, x11\n\t"
+ "mul x12, x23, x13\n\t"
+ "umulh x13, x23, x13\n\t"
+ "adds x6, x6, x10\n\t"
+ "adcs x7, x7, x11\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adc x9, x9, xzr\n\t"
+ "adds x7, x7, x12\n\t"
+ "adcs x8, x8, x13\n\t"
+ "adc x9, x9, xzr\n\t"
+ "subs x8, x8, x23\n\t"
+ "sbc x9, x9, xzr\n\t"
+ /* Sub product of top 4 words and order */
+ "mov x1, #0x2c13\n\t"
+ "movk x1, #0xa30a, lsl 16\n\t"
+ "movk x1, #0x9ce5, lsl 32\n\t"
+ "movk x1, #0xa7ed, lsl 48\n\t"
+ "mul x10, x6, x1\n\t"
+ "umulh x11, x6, x1\n\t"
+ "mul x12, x7, x1\n\t"
+ "umulh x13, x7, x1\n\t"
+ "mul x14, x8, x1\n\t"
+ "umulh x15, x8, x1\n\t"
+ "mul x16, x9, x1\n\t"
+ "umulh x17, x9, x1\n\t"
+ "adds x2, x2, x10\n\t"
+ "adcs x3, x3, x11\n\t"
+ "adcs x4, x4, x14\n\t"
+ "adcs x5, x5, x15\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "adds x3, x3, x12\n\t"
+ "adcs x4, x4, x13\n\t"
+ "adcs x5, x5, x16\n\t"
+ "adc x19, x19, x17\n\t"
+ "mov x1, #0x6329\n\t"
+ "movk x1, #0x5d08, lsl 16\n\t"
+ "movk x1, #0x621, lsl 32\n\t"
+ "movk x1, #0xeb21, lsl 48\n\t"
+ "mul x10, x6, x1\n\t"
+ "umulh x11, x6, x1\n\t"
+ "mul x12, x7, x1\n\t"
+ "umulh x13, x7, x1\n\t"
+ "mul x14, x8, x1\n\t"
+ "umulh x15, x8, x1\n\t"
+ "mul x16, x9, x1\n\t"
+ "umulh x17, x9, x1\n\t"
+ "adds x3, x3, x10\n\t"
+ "adcs x4, x4, x11\n\t"
+ "adcs x5, x5, x14\n\t"
+ "adcs x19, x19, x15\n\t"
+ "adc x20, xzr, xzr\n\t"
+ "adds x4, x4, x12\n\t"
+ "adcs x5, x5, x13\n\t"
+ "adcs x19, x19, x16\n\t"
+ "adc x20, x20, x17\n\t"
+ "subs x4, x4, x6\n\t"
+ "sbcs x5, x5, x7\n\t"
+ "sbcs x6, x19, x8\n\t"
+ "sbc x7, x20, x9\n\t"
+ "asr x23, x7, #57\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+ "mov x10, xzr\n\t"
+ "mov x13, xzr\n\t"
+ "mov x11, #0xba7d\n\t"
+ "movk x11, #0x4b9e, lsl 16\n\t"
+ "movk x11, #0x4c63, lsl 32\n\t"
+ "movk x11, #0xcb02, lsl 48\n\t"
+ "mov x12, #0xf39a\n\t"
+ "movk x12, #0xd45e, lsl 16\n\t"
+ "movk x12, #0xdf3b, lsl 32\n\t"
+ "movk x12, #0x29b, lsl 48\n\t"
+ "movk x10, #0xa000, lsl 48\n\t"
+ "movk x13, #0x200, lsl 48\n\t"
+ "and x10, x10, x23\n\t"
+ "and x11, x11, x23\n\t"
+ "and x12, x12, x23\n\t"
+ "and x13, x13, x23\n\t"
+ "adds x3, x3, x10\n\t"
+ "adcs x4, x4, x11\n\t"
+ "adcs x5, x5, x12\n\t"
+ "adcs x6, x6, xzr\n\t"
+ "adc x7, x7, x13\n\t"
+ /* Move bits 252-376 to own registers */
+ "lsl x7, x7, #4\n\t"
+ "orr x7, x7, x6, lsr 60\n\t"
+ "lsl x6, x6, #4\n\t"
+ "mov x23, #15\n\t"
+ "orr x6, x6, x5, lsr 60\n\t"
+ "bic x5, x5, x23, lsl 60\n\t"
+ /* Sub product of top 2 words and order */
+ /* * -5812631a5cf5d3ed */
+ "mov x1, #0x2c13\n\t"
+ "movk x1, #0xa30a, lsl 16\n\t"
+ "movk x1, #0x9ce5, lsl 32\n\t"
+ "movk x1, #0xa7ed, lsl 48\n\t"
+ "mul x10, x6, x1\n\t"
+ "umulh x11, x6, x1\n\t"
+ "mul x12, x7, x1\n\t"
+ "umulh x13, x7, x1\n\t"
+ "adds x2, x2, x10\n\t"
+ "adcs x3, x3, x11\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "adds x3, x3, x12\n\t"
+ "adc x19, x19, x13\n\t"
+ /* * -14def9dea2f79cd7 */
+ "mov x1, #0x6329\n\t"
+ "movk x1, #0x5d08, lsl 16\n\t"
+ "movk x1, #0x621, lsl 32\n\t"
+ "movk x1, #0xeb21, lsl 48\n\t"
+ "mul x10, x6, x1\n\t"
+ "umulh x11, x6, x1\n\t"
+ "mul x12, x7, x1\n\t"
+ "umulh x13, x7, x1\n\t"
+ "adds x3, x3, x10\n\t"
+ "adcs x4, x4, x11\n\t"
+ "adc x20, xzr, xzr\n\t"
+ "adds x4, x4, x12\n\t"
+ "adc x20, x20, x13\n\t"
+ /* Add overflows at 2 * 64 */
+ "mov x1, #15\n\t"
+ "bic x5, x5, x1, lsl 60\n\t"
+ "adds x4, x4, x19\n\t"
+ "adc x5, x5, x20\n\t"
+ /* Subtract top at 2 * 64 */
+ "subs x4, x4, x6\n\t"
+ "sbcs x5, x5, x7\n\t"
+ "sbc x1, x1, x1\n\t"
+ /* Conditional sub order */
+ "mov x10, #0xd3ed\n\t"
+ "movk x10, #0x5cf5, lsl 16\n\t"
+ "movk x10, #0x631a, lsl 32\n\t"
+ "movk x10, #0x5812, lsl 48\n\t"
+ "mov x11, #0x9cd6\n\t"
+ "movk x11, #0xa2f7, lsl 16\n\t"
+ "movk x11, #0xf9de, lsl 32\n\t"
+ "movk x11, #0x14de, lsl 48\n\t"
+ "and x10, x10, x1\n\t"
+ "and x11, x11, x1\n\t"
+ "adds x2, x2, x10\n\t"
+ "adcs x3, x3, x11\n\t"
+ "and x1, x1, #0x1000000000000000\n\t"
+ "adcs x4, x4, xzr\n\t"
+ "mov x23, #15\n\t"
+ "adc x5, x5, x1\n\t"
+ "bic x5, x5, x23, lsl 60\n\t"
+ /* Store result */
+ "stp x2, x3, [%x[s]]\n\t"
+ "stp x4, x5, [%x[s], #16]\n\t"
+ : [s] "+r" (s)
+ :
+ : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "cc"
+ );
+}
+
+void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
+{
+ __asm__ __volatile__ (
+ /* Multiply */
+ "ldp x12, x13, [%x[a]]\n\t"
+ "ldp x14, x15, [%x[a], #16]\n\t"
+ "ldp x16, x17, [%x[b]]\n\t"
+ "ldp x19, x20, [%x[b], #16]\n\t"
+ /* A[0] * B[0] */
+ "umulh x5, x12, x16\n\t"
+ "mul x4, x12, x16\n\t"
+ /* A[2] * B[0] */
+ "umulh x7, x14, x16\n\t"
+ "mul x6, x14, x16\n\t"
+ /* A[1] * B[0] */
+ "mul x21, x13, x16\n\t"
+ "adds x5, x5, x21\n\t"
+ "umulh x22, x13, x16\n\t"
+ "adcs x6, x6, x22\n\t"
+ /* A[1] * B[3] */
+ "umulh x9, x13, x20\n\t"
+ "adc x7, x7, xzr\n\t"
+ "mul x8, x13, x20\n\t"
+ /* A[0] * B[1] */
+ "mul x21, x12, x17\n\t"
+ "adds x5, x5, x21\n\t"
+ "umulh x22, x12, x17\n\t"
+ "adcs x6, x6, x22\n\t"
+ /* A[2] * B[1] */
+ "mul x21, x14, x17\n\t"
+ "adcs x7, x7, x21\n\t"
+ "umulh x22, x14, x17\n\t"
+ "adcs x8, x8, x22\n\t"
+ "adc x9, x9, xzr\n\t"
+ /* A[1] * B[2] */
+ "mul x21, x13, x19\n\t"
+ "adds x7, x7, x21\n\t"
+ "umulh x22, x13, x19\n\t"
+ "adcs x8, x8, x22\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, xzr, xzr\n\t"
+ /* A[0] * B[2] */
+ "mul x21, x12, x19\n\t"
+ "adds x6, x6, x21\n\t"
+ "umulh x22, x12, x19\n\t"
+ "adcs x7, x7, x22\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[1] * B[1] */
+ "mul x21, x13, x17\n\t"
+ "adds x6, x6, x21\n\t"
+ "umulh x22, x13, x17\n\t"
+ "adcs x7, x7, x22\n\t"
+ /* A[3] * B[1] */
+ "mul x21, x15, x17\n\t"
+ "adcs x8, x8, x21\n\t"
+ "umulh x22, x15, x17\n\t"
+ "adcs x9, x9, x22\n\t"
+ "adc x10, x10, xzr\n\t"
+ /* A[2] * B[2] */
+ "mul x21, x14, x19\n\t"
+ "adds x8, x8, x21\n\t"
+ "umulh x22, x14, x19\n\t"
+ "adcs x9, x9, x22\n\t"
+ /* A[3] * B[3] */
+ "mul x21, x15, x20\n\t"
+ "adcs x10, x10, x21\n\t"
+ "umulh x11, x15, x20\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[0] * B[3] */
+ "mul x21, x12, x20\n\t"
+ "adds x7, x7, x21\n\t"
+ "umulh x22, x12, x20\n\t"
+ "adcs x8, x8, x22\n\t"
+ /* A[2] * B[3] */
+ "mul x21, x14, x20\n\t"
+ "adcs x9, x9, x21\n\t"
+ "umulh x22, x14, x20\n\t"
+ "adcs x10, x10, x22\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* A[3] * B[0] */
+ "mul x21, x15, x16\n\t"
+ "adds x7, x7, x21\n\t"
+ "umulh x22, x15, x16\n\t"
+ "adcs x8, x8, x22\n\t"
+ /* A[3] * B[2] */
+ "mul x21, x15, x19\n\t"
+ "adcs x9, x9, x21\n\t"
+ "umulh x22, x15, x19\n\t"
+ "adcs x10, x10, x22\n\t"
+ "adc x11, x11, xzr\n\t"
+ /* Add c to a * b */
+ "ldp x12, x13, [%x[c]]\n\t"
+ "ldp x14, x15, [%x[c], #16]\n\t"
+ "adds x4, x4, x12\n\t"
+ "adcs x5, x5, x13\n\t"
+ "adcs x6, x6, x14\n\t"
+ "adcs x7, x7, x15\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
+ "lsr x25, x11, #56\n\t"
+ "lsl x11, x11, #4\n\t"
+ "orr x11, x11, x10, lsr 60\n\t"
+ "lsl x10, x10, #4\n\t"
+ "orr x10, x10, x9, lsr 60\n\t"
+ "lsl x9, x9, #4\n\t"
+ "orr x9, x9, x8, lsr 60\n\t"
+ "lsl x8, x8, #4\n\t"
+ "mov x26, #15\n\t"
+ "orr x8, x8, x7, lsr 60\n\t"
+ "bic x7, x7, x26, lsl 60\n\t"
+ "bic x11, x11, x26, lsl 60\n\t"
+ /* Add order times bits 504..507 */
+ "mov x22, #0x2c13\n\t"
+ "movk x22, #0xa30a, lsl 16\n\t"
+ "movk x22, #0x9ce5, lsl 32\n\t"
+ "movk x22, #0xa7ed, lsl 48\n\t"
+ "mov x24, #0x6329\n\t"
+ "movk x24, #0x5d08, lsl 16\n\t"
+ "movk x24, #0x621, lsl 32\n\t"
+ "movk x24, #0xeb21, lsl 48\n\t"
+ "mul x21, x25, x22\n\t"
+ "umulh x22, x25, x22\n\t"
+ "mul x23, x25, x24\n\t"
+ "umulh x24, x25, x24\n\t"
+ "adds x8, x8, x21\n\t"
+ "adcs x9, x9, x22\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, x11, xzr\n\t"
+ "adds x9, x9, x23\n\t"
+ "adcs x10, x10, x24\n\t"
+ "adc x11, x11, xzr\n\t"
+ "subs x10, x10, x25\n\t"
+ "sbc x11, x11, xzr\n\t"
+ /* Sub product of top 4 words and order */
+ "mov x26, #0x2c13\n\t"
+ "movk x26, #0xa30a, lsl 16\n\t"
+ "movk x26, #0x9ce5, lsl 32\n\t"
+ "movk x26, #0xa7ed, lsl 48\n\t"
+ "mul x16, x8, x26\n\t"
+ "umulh x17, x8, x26\n\t"
+ "mul x19, x9, x26\n\t"
+ "umulh x20, x9, x26\n\t"
+ "mul x21, x10, x26\n\t"
+ "umulh x22, x10, x26\n\t"
+ "mul x23, x11, x26\n\t"
+ "umulh x24, x11, x26\n\t"
+ "adds x4, x4, x16\n\t"
+ "adcs x5, x5, x17\n\t"
+ "adcs x6, x6, x21\n\t"
+ "adcs x7, x7, x22\n\t"
+ "adc x12, xzr, xzr\n\t"
+ "adds x5, x5, x19\n\t"
+ "adcs x6, x6, x20\n\t"
+ "adcs x7, x7, x23\n\t"
+ "adc x12, x12, x24\n\t"
+ "mov x26, #0x6329\n\t"
+ "movk x26, #0x5d08, lsl 16\n\t"
+ "movk x26, #0x621, lsl 32\n\t"
+ "movk x26, #0xeb21, lsl 48\n\t"
+ "mul x16, x8, x26\n\t"
+ "umulh x17, x8, x26\n\t"
+ "mul x19, x9, x26\n\t"
+ "umulh x20, x9, x26\n\t"
+ "mul x21, x10, x26\n\t"
+ "umulh x22, x10, x26\n\t"
+ "mul x23, x11, x26\n\t"
+ "umulh x24, x11, x26\n\t"
+ "adds x5, x5, x16\n\t"
+ "adcs x6, x6, x17\n\t"
+ "adcs x7, x7, x21\n\t"
+ "adcs x12, x12, x22\n\t"
+ "adc x13, xzr, xzr\n\t"
+ "adds x6, x6, x19\n\t"
+ "adcs x7, x7, x20\n\t"
+ "adcs x12, x12, x23\n\t"
+ "adc x13, x13, x24\n\t"
+ "subs x6, x6, x8\n\t"
+ "sbcs x7, x7, x9\n\t"
+ "sbcs x8, x12, x10\n\t"
+ "sbc x9, x13, x11\n\t"
+ "asr x25, x9, #57\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+ "mov x16, xzr\n\t"
+ "mov x20, xzr\n\t"
+ "mov x17, #0xba7d\n\t"
+ "movk x17, #0x4b9e, lsl 16\n\t"
+ "movk x17, #0x4c63, lsl 32\n\t"
+ "movk x17, #0xcb02, lsl 48\n\t"
+ "mov x19, #0xf39a\n\t"
+ "movk x19, #0xd45e, lsl 16\n\t"
+ "movk x19, #0xdf3b, lsl 32\n\t"
+ "movk x19, #0x29b, lsl 48\n\t"
+ "movk x16, #0xa000, lsl 48\n\t"
+ "movk x20, #0x200, lsl 48\n\t"
+ "and x16, x16, x25\n\t"
+ "and x17, x17, x25\n\t"
+ "and x19, x19, x25\n\t"
+ "and x20, x20, x25\n\t"
+ "adds x5, x5, x16\n\t"
+ "adcs x6, x6, x17\n\t"
+ "adcs x7, x7, x19\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adc x9, x9, x20\n\t"
+ /* Move bits 252-376 to own registers */
+ "lsl x9, x9, #4\n\t"
+ "orr x9, x9, x8, lsr 60\n\t"
+ "lsl x8, x8, #4\n\t"
+ "mov x25, #15\n\t"
+ "orr x8, x8, x7, lsr 60\n\t"
+ "bic x7, x7, x25, lsl 60\n\t"
+ /* Sub product of top 2 words and order */
+ /* * -5812631a5cf5d3ed */
+ "mov x26, #0x2c13\n\t"
+ "movk x26, #0xa30a, lsl 16\n\t"
+ "movk x26, #0x9ce5, lsl 32\n\t"
+ "movk x26, #0xa7ed, lsl 48\n\t"
+ "mul x16, x8, x26\n\t"
+ "umulh x17, x8, x26\n\t"
+ "mul x19, x9, x26\n\t"
+ "umulh x20, x9, x26\n\t"
+ "adds x4, x4, x16\n\t"
+ "adcs x5, x5, x17\n\t"
+ "adc x12, xzr, xzr\n\t"
+ "adds x5, x5, x19\n\t"
+ "adc x12, x12, x20\n\t"
+ /* * -14def9dea2f79cd7 */
+ "mov x26, #0x6329\n\t"
+ "movk x26, #0x5d08, lsl 16\n\t"
+ "movk x26, #0x621, lsl 32\n\t"
+ "movk x26, #0xeb21, lsl 48\n\t"
+ "mul x16, x8, x26\n\t"
+ "umulh x17, x8, x26\n\t"
+ "mul x19, x9, x26\n\t"
+ "umulh x20, x9, x26\n\t"
+ "adds x5, x5, x16\n\t"
+ "adcs x6, x6, x17\n\t"
+ "adc x13, xzr, xzr\n\t"
+ "adds x6, x6, x19\n\t"
+ "adc x13, x13, x20\n\t"
+ /* Add overflows at 2 * 64 */
+ "mov x26, #15\n\t"
+ "bic x7, x7, x26, lsl 60\n\t"
+ "adds x6, x6, x12\n\t"
+ "adc x7, x7, x13\n\t"
+ /* Subtract top at 2 * 64 */
+ "subs x6, x6, x8\n\t"
+ "sbcs x7, x7, x9\n\t"
+ "sbc x26, x26, x26\n\t"
+ /* Conditional sub order */
+ "mov x16, #0xd3ed\n\t"
+ "movk x16, #0x5cf5, lsl 16\n\t"
+ "movk x16, #0x631a, lsl 32\n\t"
+ "movk x16, #0x5812, lsl 48\n\t"
+ "mov x17, #0x9cd6\n\t"
+ "movk x17, #0xa2f7, lsl 16\n\t"
+ "movk x17, #0xf9de, lsl 32\n\t"
+ "movk x17, #0x14de, lsl 48\n\t"
+ "and x16, x16, x26\n\t"
+ "and x17, x17, x26\n\t"
+ "adds x4, x4, x16\n\t"
+ "adcs x5, x5, x17\n\t"
+ "and x26, x26, #0x1000000000000000\n\t"
+ "adcs x6, x6, xzr\n\t"
+ "mov x25, #15\n\t"
+ "adc x7, x7, x26\n\t"
+ "bic x7, x7, x25, lsl 60\n\t"
+ /* Store result */
+ "stp x4, x5, [%x[s]]\n\t"
+ "stp x6, x7, [%x[s], #16]\n\t"
+ : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
:
- : "memory", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+ : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
);
}
-#endif /* HAVE_CURVE25519 */
+#endif /* HAVE_ED25519 */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
#endif /* __aarch64__ */
#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c
index beea8d01..55860d86 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c
@@ -44,6 +44,13 @@
#include <wolfcrypt/src/misc.c>
#endif
+#if defined(FREESCALE_MMCAU_SHA)
+ #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+ #include "cau_api.h"
+ #else
+ #include "fsl_mmcau.h"
+ #endif
+#endif
#ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
static const ALIGN32 word32 K[64] = {
@@ -72,6 +79,17 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG;
}
+#ifdef FREESCALE_MMCAU_SHA
+ ret = wolfSSL_CryptHwMutexLock();
+ if (ret == 0) {
+ #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+ cau_sha256_initialize_output(sha256->digest);
+ #else
+ MMCAU_SHA256_InitializeOutput((uint32_t*)sha256->digest);
+ #endif
+ wolfSSL_CryptHwMutexUnLock();
+ }
+#else
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
@@ -80,11 +98,16 @@ static int InitSha256(wc_Sha256* sha256)
sha256->digest[5] = 0x9B05688CL;
sha256->digest[6] = 0x1F83D9ABL;
sha256->digest[7] = 0x5BE0CD19L;
+#endif
sha256->buffLen = 0;
sha256->loLen = 0;
sha256->hiLen = 0;
+#ifdef WOLFSSL_HASH_FLAGS
+ sha256->flags = 0;
+#endif
+
return ret;
}
@@ -1313,12 +1336,60 @@ static WC_INLINE int Sha256Final(wc_Sha256* sha256, byte* hash)
#endif /* __aarch64__ */
-#else
+#else /* WOLFSSL_ARMASM_NO_HW_CRYPTO */
+
+#if defined(FREESCALE_MMCAU_SHA)
+
+ #ifndef WC_HASH_DATA_ALIGNMENT
+ /* these hardware API's require 4 byte (word32) alignment */
+ #define WC_HASH_DATA_ALIGNMENT 4
+ #endif
+
+ static int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
+ word32 len)
+ {
+ int ret = wolfSSL_CryptHwMutexLock();
+ if (ret == 0) {
+ #if defined(WC_HASH_DATA_ALIGNMENT) && WC_HASH_DATA_ALIGNMENT > 0
+ if ((wc_ptr_t)data % WC_HASH_DATA_ALIGNMENT) {
+ /* data pointer is NOT aligned,
+ * so copy and perform one block at a time */
+ byte* local = (byte*)sha256->buffer;
+ while (len >= WC_SHA256_BLOCK_SIZE) {
+ XMEMCPY(local, data, WC_SHA256_BLOCK_SIZE);
+ #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+ cau_sha256_hash_n(local, 1, sha256->digest);
+ #else
+ MMCAU_SHA256_HashN(local, 1, (uint32_t*)sha256->digest);
+ #endif
+ data += WC_SHA256_BLOCK_SIZE;
+ len -= WC_SHA256_BLOCK_SIZE;
+ }
+ }
+ else
+ #endif
+ {
+ #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+ cau_sha256_hash_n((byte*)data, len/WC_SHA256_BLOCK_SIZE,
+ sha256->digest);
+ #else
+ MMCAU_SHA256_HashN((byte*)data, len/WC_SHA256_BLOCK_SIZE,
+ (uint32_t*)sha256->digest);
+ #endif
+ }
+ wolfSSL_CryptHwMutexUnLock();
+ }
+ return ret;
+ }
+
+#else /* */
extern void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
word32 len);
-/* ARMv8 hardware acceleration Aarch32 */
+#endif
+
+/* ARMv8 hardware acceleration Aarch32 and Thumb2 */
static WC_INLINE int Sha256Update(wc_Sha256* sha256, const byte* data, word32 len)
{
int ret = 0;
@@ -1425,6 +1496,9 @@ int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
return BAD_FUNC_ARG;
sha256->heap = heap;
+#ifdef WOLF_CRYPTO_CB
+ sha256->devId = devId;
+#endif
(void)devId;
return InitSha256(sha256);
@@ -1575,6 +1649,9 @@ int wc_Sha256Transform(wc_Sha256* sha256, const unsigned char* data)
sha224->loLen = 0;
sha224->hiLen = 0;
+ #ifdef WOLFSSL_HASH_FLAGS
+ sha224->flags = 0;
+ #endif
return ret;
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S
index b4c5d769..209ee0cf 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S
@@ -30,6 +30,7 @@
*/
#ifdef WOLFSSL_ARMASM
#ifdef __aarch64__
+#ifndef WOLFSSL_ARMASM_INLINE
#ifdef WOLFSSL_SHA3
#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
#ifndef __APPLE__
@@ -213,3 +214,4 @@ L_sha3_crypto_begin:
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
index 54423e44..1f2d0408 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
@@ -23,6 +23,7 @@
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
/* Generated using (from wolfssl):
* cd ../scripts
@@ -30,6 +31,7 @@
*/
#ifdef WOLFSSL_ARMASM
#ifdef __aarch64__
+#ifdef WOLFSSL_ARMASM_INLINE
#include <wolfssl/wolfcrypt/sha3.h>
#ifdef WOLFSSL_SHA3
@@ -175,7 +177,7 @@ void BlockSha3(unsigned long* state)
"st1 {v24.1d}, [%x[state]]\n\t"
: [state] "+r" (state)
: [L_SHA3_transform_crypto_r] "S" (L_SHA3_transform_crypto_r)
- : "memory", "x1", "x2", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+ : "memory", "x1", "x2", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31", "cc"
);
}
@@ -183,3 +185,4 @@ void BlockSha3(unsigned long* state)
#endif /* WOLFSSL_SHA3 */
#endif /* __aarch64__ */
#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S
index 8bdd0641..3ff01580 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S
@@ -30,6 +30,7 @@
*/
#ifdef WOLFSSL_ARMASM
#ifdef __aarch64__
+#ifndef WOLFSSL_ARMASM_INLINE
#ifdef WOLFSSL_SHA512
#ifndef WOLFSSL_ARMASM_CRYPTO_SHA512
#ifndef __APPLE__
@@ -1217,7 +1218,7 @@ _Transform_Sha512_Len_crypto:
adrp x4, L_SHA512_transform_crypto_len_k@PAGE
add x4, x4, :lo12:L_SHA512_transform_crypto_len_k@PAGEOFF
#endif /* __APPLE__ */
- # Load first 16 64-bit words of K permantly
+ # Load first 16 64-bit words of K permanently
ld1 {v8.2d, v9.2d, v10.2d, v11.2d}, [x4], #0x40
ld1 {v12.2d, v13.2d, v14.2d, v15.2d}, [x4], #0x40
# Load digest into working vars
@@ -1739,3 +1740,4 @@ L_sha512_len_crypto_begin:
#if defined(__linux__) && defined(__ELF__)
.section .note.GNU-stack,"",%progbits
#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
index 62f6696e..027dc8a1 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
@@ -23,6 +23,7 @@
#include <config.h>
#endif /* HAVE_CONFIG_H */
#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
/* Generated using (from wolfssl):
* cd ../scripts
@@ -30,6 +31,7 @@
*/
#ifdef WOLFSSL_ARMASM
#ifdef __aarch64__
+#ifdef WOLFSSL_ARMASM_INLINE
#include <wolfssl/wolfcrypt/sha512.h>
#ifdef WOLFSSL_SHA512
@@ -1047,7 +1049,7 @@ void Transform_Sha512_Len_neon(wc_Sha512* sha512, const byte* data, word32 len)
"stp x10, x11, [%x[sha512], #48]\n\t"
: [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
: [L_SHA512_transform_neon_len_k] "S" (L_SHA512_transform_neon_len_k), [L_SHA512_transform_neon_len_ror8] "S" (L_SHA512_transform_neon_len_ror8)
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "cc"
);
}
@@ -1149,7 +1151,7 @@ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data, word32 len
"adrp x4, %[L_SHA512_transform_crypto_len_k]@PAGE\n\t"
"add x4, x4, %[L_SHA512_transform_crypto_len_k]@PAGEOFF\n\t"
#endif /* __APPLE__ */
- /* Load first 16 64-bit words of K permantly */
+ /* Load first 16 64-bit words of K permanently */
"ld1 {v8.2d, v9.2d, v10.2d, v11.2d}, [x4], #0x40\n\t"
"ld1 {v12.2d, v13.2d, v14.2d, v15.2d}, [x4], #0x40\n\t"
/* Load digest into working vars */
@@ -1657,7 +1659,7 @@ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data, word32 len
"st1 {v24.2d, v25.2d, v26.2d, v27.2d}, [%x[sha512]]\n\t"
: [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
: [L_SHA512_transform_crypto_len_k] "S" (L_SHA512_transform_crypto_len_k)
- : "memory", "x3", "x4", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+ : "memory", "x3", "x4", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31", "cc"
);
}
@@ -1665,3 +1667,4 @@ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data, word32 len
#endif /* WOLFSSL_SHA512 */
#endif /* __aarch64__ */
#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c
index 4a0a5784..45806249 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c
@@ -146,23 +146,6 @@ static int InitSha512_256(wc_Sha512* sha512)
#ifdef WOLFSSL_SHA512
-#ifdef WOLFSSL_ARMASM
-#ifdef __aarch64__
-#ifndef WOLFSSL_ARMASM_CRYPTO_SHA512
- extern void Transform_Sha512_Len_neon(wc_Sha512* sha512, const byte* data,
- word32 len);
- #define Transform_Sha512_Len Transform_Sha512_Len_neon
-#else
- extern void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data,
- word32 len);
- #define Transform_Sha512_Len Transform_Sha512_Len_crypto
-#endif
-#else
-extern void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
- word32 len);
-#endif
-#endif
-
static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId,
enum wc_HashType type)
{
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S
new file mode 100644
index 00000000..0badf8f9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S
@@ -0,0 +1,3360 @@
+/* thumb2-aes-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./aes/aes.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+ .thumb
+ .syntax unified
+#ifndef NO_AES
+#ifdef HAVE_AES_DECRYPT
+ .text
+ .type L_AES_Thumb2_td_data, %object
+ .size L_AES_Thumb2_td_data, 1024
+ .align 4
+L_AES_Thumb2_td_data:
+ .word 0x5051f4a7
+ .word 0x537e4165
+ .word 0xc31a17a4
+ .word 0x963a275e
+ .word 0xcb3bab6b
+ .word 0xf11f9d45
+ .word 0xabacfa58
+ .word 0x934be303
+ .word 0x552030fa
+ .word 0xf6ad766d
+ .word 0x9188cc76
+ .word 0x25f5024c
+ .word 0xfc4fe5d7
+ .word 0xd7c52acb
+ .word 0x80263544
+ .word 0x8fb562a3
+ .word 0x49deb15a
+ .word 0x6725ba1b
+ .word 0x9845ea0e
+ .word 0xe15dfec0
+ .word 0x2c32f75
+ .word 0x12814cf0
+ .word 0xa38d4697
+ .word 0xc66bd3f9
+ .word 0xe7038f5f
+ .word 0x9515929c
+ .word 0xebbf6d7a
+ .word 0xda955259
+ .word 0x2dd4be83
+ .word 0xd3587421
+ .word 0x2949e069
+ .word 0x448ec9c8
+ .word 0x6a75c289
+ .word 0x78f48e79
+ .word 0x6b99583e
+ .word 0xdd27b971
+ .word 0xb6bee14f
+ .word 0x17f088ad
+ .word 0x66c920ac
+ .word 0xb47dce3a
+ .word 0x1863df4a
+ .word 0x82e51a31
+ .word 0x60975133
+ .word 0x4562537f
+ .word 0xe0b16477
+ .word 0x84bb6bae
+ .word 0x1cfe81a0
+ .word 0x94f9082b
+ .word 0x58704868
+ .word 0x198f45fd
+ .word 0x8794de6c
+ .word 0xb7527bf8
+ .word 0x23ab73d3
+ .word 0xe2724b02
+ .word 0x57e31f8f
+ .word 0x2a6655ab
+ .word 0x7b2eb28
+ .word 0x32fb5c2
+ .word 0x9a86c57b
+ .word 0xa5d33708
+ .word 0xf2302887
+ .word 0xb223bfa5
+ .word 0xba02036a
+ .word 0x5ced1682
+ .word 0x2b8acf1c
+ .word 0x92a779b4
+ .word 0xf0f307f2
+ .word 0xa14e69e2
+ .word 0xcd65daf4
+ .word 0xd50605be
+ .word 0x1fd13462
+ .word 0x8ac4a6fe
+ .word 0x9d342e53
+ .word 0xa0a2f355
+ .word 0x32058ae1
+ .word 0x75a4f6eb
+ .word 0x390b83ec
+ .word 0xaa4060ef
+ .word 0x65e719f
+ .word 0x51bd6e10
+ .word 0xf93e218a
+ .word 0x3d96dd06
+ .word 0xaedd3e05
+ .word 0x464de6bd
+ .word 0xb591548d
+ .word 0x571c45d
+ .word 0x6f0406d4
+ .word 0xff605015
+ .word 0x241998fb
+ .word 0x97d6bde9
+ .word 0xcc894043
+ .word 0x7767d99e
+ .word 0xbdb0e842
+ .word 0x8807898b
+ .word 0x38e7195b
+ .word 0xdb79c8ee
+ .word 0x47a17c0a
+ .word 0xe97c420f
+ .word 0xc9f8841e
+ .word 0x0
+ .word 0x83098086
+ .word 0x48322bed
+ .word 0xac1e1170
+ .word 0x4e6c5a72
+ .word 0xfbfd0eff
+ .word 0x560f8538
+ .word 0x1e3daed5
+ .word 0x27362d39
+ .word 0x640a0fd9
+ .word 0x21685ca6
+ .word 0xd19b5b54
+ .word 0x3a24362e
+ .word 0xb10c0a67
+ .word 0xf9357e7
+ .word 0xd2b4ee96
+ .word 0x9e1b9b91
+ .word 0x4f80c0c5
+ .word 0xa261dc20
+ .word 0x695a774b
+ .word 0x161c121a
+ .word 0xae293ba
+ .word 0xe5c0a02a
+ .word 0x433c22e0
+ .word 0x1d121b17
+ .word 0xb0e090d
+ .word 0xadf28bc7
+ .word 0xb92db6a8
+ .word 0xc8141ea9
+ .word 0x8557f119
+ .word 0x4caf7507
+ .word 0xbbee99dd
+ .word 0xfda37f60
+ .word 0x9ff70126
+ .word 0xbc5c72f5
+ .word 0xc544663b
+ .word 0x345bfb7e
+ .word 0x768b4329
+ .word 0xdccb23c6
+ .word 0x68b6edfc
+ .word 0x63b8e4f1
+ .word 0xcad731dc
+ .word 0x10426385
+ .word 0x40139722
+ .word 0x2084c611
+ .word 0x7d854a24
+ .word 0xf8d2bb3d
+ .word 0x11aef932
+ .word 0x6dc729a1
+ .word 0x4b1d9e2f
+ .word 0xf3dcb230
+ .word 0xec0d8652
+ .word 0xd077c1e3
+ .word 0x6c2bb316
+ .word 0x99a970b9
+ .word 0xfa119448
+ .word 0x2247e964
+ .word 0xc4a8fc8c
+ .word 0x1aa0f03f
+ .word 0xd8567d2c
+ .word 0xef223390
+ .word 0xc787494e
+ .word 0xc1d938d1
+ .word 0xfe8ccaa2
+ .word 0x3698d40b
+ .word 0xcfa6f581
+ .word 0x28a57ade
+ .word 0x26dab78e
+ .word 0xa43fadbf
+ .word 0xe42c3a9d
+ .word 0xd507892
+ .word 0x9b6a5fcc
+ .word 0x62547e46
+ .word 0xc2f68d13
+ .word 0xe890d8b8
+ .word 0x5e2e39f7
+ .word 0xf582c3af
+ .word 0xbe9f5d80
+ .word 0x7c69d093
+ .word 0xa96fd52d
+ .word 0xb3cf2512
+ .word 0x3bc8ac99
+ .word 0xa710187d
+ .word 0x6ee89c63
+ .word 0x7bdb3bbb
+ .word 0x9cd2678
+ .word 0xf46e5918
+ .word 0x1ec9ab7
+ .word 0xa8834f9a
+ .word 0x65e6956e
+ .word 0x7eaaffe6
+ .word 0x821bccf
+ .word 0xe6ef15e8
+ .word 0xd9bae79b
+ .word 0xce4a6f36
+ .word 0xd4ea9f09
+ .word 0xd629b07c
+ .word 0xaf31a4b2
+ .word 0x312a3f23
+ .word 0x30c6a594
+ .word 0xc035a266
+ .word 0x37744ebc
+ .word 0xa6fc82ca
+ .word 0xb0e090d0
+ .word 0x1533a7d8
+ .word 0x4af10498
+ .word 0xf741ecda
+ .word 0xe7fcd50
+ .word 0x2f1791f6
+ .word 0x8d764dd6
+ .word 0x4d43efb0
+ .word 0x54ccaa4d
+ .word 0xdfe49604
+ .word 0xe39ed1b5
+ .word 0x1b4c6a88
+ .word 0xb8c12c1f
+ .word 0x7f466551
+ .word 0x49d5eea
+ .word 0x5d018c35
+ .word 0x73fa8774
+ .word 0x2efb0b41
+ .word 0x5ab3671d
+ .word 0x5292dbd2
+ .word 0x33e91056
+ .word 0x136dd647
+ .word 0x8c9ad761
+ .word 0x7a37a10c
+ .word 0x8e59f814
+ .word 0x89eb133c
+ .word 0xeecea927
+ .word 0x35b761c9
+ .word 0xede11ce5
+ .word 0x3c7a47b1
+ .word 0x599cd2df
+ .word 0x3f55f273
+ .word 0x791814ce
+ .word 0xbf73c737
+ .word 0xea53f7cd
+ .word 0x5b5ffdaa
+ .word 0x14df3d6f
+ .word 0x867844db
+ .word 0x81caaff3
+ .word 0x3eb968c4
+ .word 0x2c382434
+ .word 0x5fc2a340
+ .word 0x72161dc3
+ .word 0xcbce225
+ .word 0x8b283c49
+ .word 0x41ff0d95
+ .word 0x7139a801
+ .word 0xde080cb3
+ .word 0x9cd8b4e4
+ .word 0x906456c1
+ .word 0x617bcb84
+ .word 0x70d532b6
+ .word 0x74486c5c
+ .word 0x42d0b857
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .type L_AES_Thumb2_te_data, %object
+ .size L_AES_Thumb2_te_data, 1024
+ .align 4
+L_AES_Thumb2_te_data:
+ .word 0xa5c66363
+ .word 0x84f87c7c
+ .word 0x99ee7777
+ .word 0x8df67b7b
+ .word 0xdfff2f2
+ .word 0xbdd66b6b
+ .word 0xb1de6f6f
+ .word 0x5491c5c5
+ .word 0x50603030
+ .word 0x3020101
+ .word 0xa9ce6767
+ .word 0x7d562b2b
+ .word 0x19e7fefe
+ .word 0x62b5d7d7
+ .word 0xe64dabab
+ .word 0x9aec7676
+ .word 0x458fcaca
+ .word 0x9d1f8282
+ .word 0x4089c9c9
+ .word 0x87fa7d7d
+ .word 0x15effafa
+ .word 0xebb25959
+ .word 0xc98e4747
+ .word 0xbfbf0f0
+ .word 0xec41adad
+ .word 0x67b3d4d4
+ .word 0xfd5fa2a2
+ .word 0xea45afaf
+ .word 0xbf239c9c
+ .word 0xf753a4a4
+ .word 0x96e47272
+ .word 0x5b9bc0c0
+ .word 0xc275b7b7
+ .word 0x1ce1fdfd
+ .word 0xae3d9393
+ .word 0x6a4c2626
+ .word 0x5a6c3636
+ .word 0x417e3f3f
+ .word 0x2f5f7f7
+ .word 0x4f83cccc
+ .word 0x5c683434
+ .word 0xf451a5a5
+ .word 0x34d1e5e5
+ .word 0x8f9f1f1
+ .word 0x93e27171
+ .word 0x73abd8d8
+ .word 0x53623131
+ .word 0x3f2a1515
+ .word 0xc080404
+ .word 0x5295c7c7
+ .word 0x65462323
+ .word 0x5e9dc3c3
+ .word 0x28301818
+ .word 0xa1379696
+ .word 0xf0a0505
+ .word 0xb52f9a9a
+ .word 0x90e0707
+ .word 0x36241212
+ .word 0x9b1b8080
+ .word 0x3ddfe2e2
+ .word 0x26cdebeb
+ .word 0x694e2727
+ .word 0xcd7fb2b2
+ .word 0x9fea7575
+ .word 0x1b120909
+ .word 0x9e1d8383
+ .word 0x74582c2c
+ .word 0x2e341a1a
+ .word 0x2d361b1b
+ .word 0xb2dc6e6e
+ .word 0xeeb45a5a
+ .word 0xfb5ba0a0
+ .word 0xf6a45252
+ .word 0x4d763b3b
+ .word 0x61b7d6d6
+ .word 0xce7db3b3
+ .word 0x7b522929
+ .word 0x3edde3e3
+ .word 0x715e2f2f
+ .word 0x97138484
+ .word 0xf5a65353
+ .word 0x68b9d1d1
+ .word 0x0
+ .word 0x2cc1eded
+ .word 0x60402020
+ .word 0x1fe3fcfc
+ .word 0xc879b1b1
+ .word 0xedb65b5b
+ .word 0xbed46a6a
+ .word 0x468dcbcb
+ .word 0xd967bebe
+ .word 0x4b723939
+ .word 0xde944a4a
+ .word 0xd4984c4c
+ .word 0xe8b05858
+ .word 0x4a85cfcf
+ .word 0x6bbbd0d0
+ .word 0x2ac5efef
+ .word 0xe54faaaa
+ .word 0x16edfbfb
+ .word 0xc5864343
+ .word 0xd79a4d4d
+ .word 0x55663333
+ .word 0x94118585
+ .word 0xcf8a4545
+ .word 0x10e9f9f9
+ .word 0x6040202
+ .word 0x81fe7f7f
+ .word 0xf0a05050
+ .word 0x44783c3c
+ .word 0xba259f9f
+ .word 0xe34ba8a8
+ .word 0xf3a25151
+ .word 0xfe5da3a3
+ .word 0xc0804040
+ .word 0x8a058f8f
+ .word 0xad3f9292
+ .word 0xbc219d9d
+ .word 0x48703838
+ .word 0x4f1f5f5
+ .word 0xdf63bcbc
+ .word 0xc177b6b6
+ .word 0x75afdada
+ .word 0x63422121
+ .word 0x30201010
+ .word 0x1ae5ffff
+ .word 0xefdf3f3
+ .word 0x6dbfd2d2
+ .word 0x4c81cdcd
+ .word 0x14180c0c
+ .word 0x35261313
+ .word 0x2fc3ecec
+ .word 0xe1be5f5f
+ .word 0xa2359797
+ .word 0xcc884444
+ .word 0x392e1717
+ .word 0x5793c4c4
+ .word 0xf255a7a7
+ .word 0x82fc7e7e
+ .word 0x477a3d3d
+ .word 0xacc86464
+ .word 0xe7ba5d5d
+ .word 0x2b321919
+ .word 0x95e67373
+ .word 0xa0c06060
+ .word 0x98198181
+ .word 0xd19e4f4f
+ .word 0x7fa3dcdc
+ .word 0x66442222
+ .word 0x7e542a2a
+ .word 0xab3b9090
+ .word 0x830b8888
+ .word 0xca8c4646
+ .word 0x29c7eeee
+ .word 0xd36bb8b8
+ .word 0x3c281414
+ .word 0x79a7dede
+ .word 0xe2bc5e5e
+ .word 0x1d160b0b
+ .word 0x76addbdb
+ .word 0x3bdbe0e0
+ .word 0x56643232
+ .word 0x4e743a3a
+ .word 0x1e140a0a
+ .word 0xdb924949
+ .word 0xa0c0606
+ .word 0x6c482424
+ .word 0xe4b85c5c
+ .word 0x5d9fc2c2
+ .word 0x6ebdd3d3
+ .word 0xef43acac
+ .word 0xa6c46262
+ .word 0xa8399191
+ .word 0xa4319595
+ .word 0x37d3e4e4
+ .word 0x8bf27979
+ .word 0x32d5e7e7
+ .word 0x438bc8c8
+ .word 0x596e3737
+ .word 0xb7da6d6d
+ .word 0x8c018d8d
+ .word 0x64b1d5d5
+ .word 0xd29c4e4e
+ .word 0xe049a9a9
+ .word 0xb4d86c6c
+ .word 0xfaac5656
+ .word 0x7f3f4f4
+ .word 0x25cfeaea
+ .word 0xafca6565
+ .word 0x8ef47a7a
+ .word 0xe947aeae
+ .word 0x18100808
+ .word 0xd56fbaba
+ .word 0x88f07878
+ .word 0x6f4a2525
+ .word 0x725c2e2e
+ .word 0x24381c1c
+ .word 0xf157a6a6
+ .word 0xc773b4b4
+ .word 0x5197c6c6
+ .word 0x23cbe8e8
+ .word 0x7ca1dddd
+ .word 0x9ce87474
+ .word 0x213e1f1f
+ .word 0xdd964b4b
+ .word 0xdc61bdbd
+ .word 0x860d8b8b
+ .word 0x850f8a8a
+ .word 0x90e07070
+ .word 0x427c3e3e
+ .word 0xc471b5b5
+ .word 0xaacc6666
+ .word 0xd8904848
+ .word 0x5060303
+ .word 0x1f7f6f6
+ .word 0x121c0e0e
+ .word 0xa3c26161
+ .word 0x5f6a3535
+ .word 0xf9ae5757
+ .word 0xd069b9b9
+ .word 0x91178686
+ .word 0x5899c1c1
+ .word 0x273a1d1d
+ .word 0xb9279e9e
+ .word 0x38d9e1e1
+ .word 0x13ebf8f8
+ .word 0xb32b9898
+ .word 0x33221111
+ .word 0xbbd26969
+ .word 0x70a9d9d9
+ .word 0x89078e8e
+ .word 0xa7339494
+ .word 0xb62d9b9b
+ .word 0x223c1e1e
+ .word 0x92158787
+ .word 0x20c9e9e9
+ .word 0x4987cece
+ .word 0xffaa5555
+ .word 0x78502828
+ .word 0x7aa5dfdf
+ .word 0x8f038c8c
+ .word 0xf859a1a1
+ .word 0x80098989
+ .word 0x171a0d0d
+ .word 0xda65bfbf
+ .word 0x31d7e6e6
+ .word 0xc6844242
+ .word 0xb8d06868
+ .word 0xc3824141
+ .word 0xb0299999
+ .word 0x775a2d2d
+ .word 0x111e0f0f
+ .word 0xcb7bb0b0
+ .word 0xfca85454
+ .word 0xd66dbbbb
+ .word 0x3a2c1616
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+ .text
+ .type L_AES_Thumb2_td, %object
+ .size L_AES_Thumb2_td, 12
+ .align 4
+L_AES_Thumb2_td:
+ .word L_AES_Thumb2_td_data
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .type L_AES_Thumb2_te, %object
+ .size L_AES_Thumb2_te, 12
+ .align 4
+L_AES_Thumb2_te:
+ .word L_AES_Thumb2_te_data
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+ .text
+ .align 4
+ .globl AES_invert_key
+ .type AES_invert_key, %function
+AES_invert_key:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ LDR r12, L_AES_Thumb2_te
+ LDR lr, L_AES_Thumb2_td
+ ADD r10, r0, r1, LSL #4
+ MOV r11, r1
+L_AES_invert_key_loop:
+ LDM r0, {r2, r3, r4, r5}
+ LDM r10, {r6, r7, r8, r9}
+ STM r10, {r2, r3, r4, r5}
+ STM r0!, {r6, r7, r8, r9}
+ SUBS r11, r11, #0x2
+ SUB r10, r10, #0x10
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_AES_invert_key_loop
+#else
+ BNE.N L_AES_invert_key_loop
+#endif
+ SUB r0, r0, r1, LSL #3
+ ADD r0, r0, #0x10
+ SUB r11, r1, #0x1
+L_AES_invert_key_mix_loop:
+ LDM r0, {r2, r3, r4, r5}
+ UBFX r6, r2, #0, #8
+ UBFX r7, r2, #8, #8
+ UBFX r8, r2, #16, #8
+ LSR r9, r2, #24
+ LDRB r6, [r12, r6, LSL #2]
+ LDRB r7, [r12, r7, LSL #2]
+ LDRB r8, [r12, r8, LSL #2]
+ LDRB r9, [r12, r9, LSL #2]
+ LDR r6, [lr, r6, LSL #2]
+ LDR r7, [lr, r7, LSL #2]
+ LDR r8, [lr, r8, LSL #2]
+ LDR r9, [lr, r9, LSL #2]
+ EOR r8, r8, r6, ROR #16
+ EOR r8, r8, r7, ROR #8
+ EOR r8, r8, r9, ROR #24
+ STR r8, [r0], #4
+ UBFX r6, r3, #0, #8
+ UBFX r7, r3, #8, #8
+ UBFX r8, r3, #16, #8
+ LSR r9, r3, #24
+ LDRB r6, [r12, r6, LSL #2]
+ LDRB r7, [r12, r7, LSL #2]
+ LDRB r8, [r12, r8, LSL #2]
+ LDRB r9, [r12, r9, LSL #2]
+ LDR r6, [lr, r6, LSL #2]
+ LDR r7, [lr, r7, LSL #2]
+ LDR r8, [lr, r8, LSL #2]
+ LDR r9, [lr, r9, LSL #2]
+ EOR r8, r8, r6, ROR #16
+ EOR r8, r8, r7, ROR #8
+ EOR r8, r8, r9, ROR #24
+ STR r8, [r0], #4
+ UBFX r6, r4, #0, #8
+ UBFX r7, r4, #8, #8
+ UBFX r8, r4, #16, #8
+ LSR r9, r4, #24
+ LDRB r6, [r12, r6, LSL #2]
+ LDRB r7, [r12, r7, LSL #2]
+ LDRB r8, [r12, r8, LSL #2]
+ LDRB r9, [r12, r9, LSL #2]
+ LDR r6, [lr, r6, LSL #2]
+ LDR r7, [lr, r7, LSL #2]
+ LDR r8, [lr, r8, LSL #2]
+ LDR r9, [lr, r9, LSL #2]
+ EOR r8, r8, r6, ROR #16
+ EOR r8, r8, r7, ROR #8
+ EOR r8, r8, r9, ROR #24
+ STR r8, [r0], #4
+ UBFX r6, r5, #0, #8
+ UBFX r7, r5, #8, #8
+ UBFX r8, r5, #16, #8
+ LSR r9, r5, #24
+ LDRB r6, [r12, r6, LSL #2]
+ LDRB r7, [r12, r7, LSL #2]
+ LDRB r8, [r12, r8, LSL #2]
+ LDRB r9, [r12, r9, LSL #2]
+ LDR r6, [lr, r6, LSL #2]
+ LDR r7, [lr, r7, LSL #2]
+ LDR r8, [lr, r8, LSL #2]
+ LDR r9, [lr, r9, LSL #2]
+ EOR r8, r8, r6, ROR #16
+ EOR r8, r8, r7, ROR #8
+ EOR r8, r8, r9, ROR #24
+ STR r8, [r0], #4
+ SUBS r11, r11, #0x1
+#ifdef __GNUC__
+ BNE L_AES_invert_key_mix_loop
+#else
+ BNE.W L_AES_invert_key_mix_loop
+#endif
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 165 */
+ .size AES_invert_key,.-AES_invert_key
+#endif /* HAVE_AES_DECRYPT */
+ .text
+ .type L_AES_Thumb2_rcon, %object
+ .size L_AES_Thumb2_rcon, 40
+ .align 4
+L_AES_Thumb2_rcon:
+ .word 0x1000000
+ .word 0x2000000
+ .word 0x4000000
+ .word 0x8000000
+ .word 0x10000000
+ .word 0x20000000
+ .word 0x40000000
+ .word 0x80000000
+ .word 0x1b000000
+ .word 0x36000000
+ .text
+ .align 4
+ .globl AES_set_encrypt_key
+ .type AES_set_encrypt_key, %function
+AES_set_encrypt_key:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, lr}
+ LDR r10, L_AES_Thumb2_te
+ ADR lr, L_AES_Thumb2_rcon
+ CMP r1, #0x80
+#ifdef __GNUC__
+ BEQ L_AES_set_encrypt_key_start_128
+#else
+ BEQ.W L_AES_set_encrypt_key_start_128
+#endif
+ CMP r1, #0xc0
+#ifdef __GNUC__
+ BEQ L_AES_set_encrypt_key_start_192
+#else
+ BEQ.W L_AES_set_encrypt_key_start_192
+#endif
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r2!, {r4, r5, r6, r7}
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r2, {r4, r5, r6, r7}
+ SUB r2, r2, #0x10
+ MOV r12, #0x6
+L_AES_set_encrypt_key_loop_256:
+ UBFX r4, r7, #0, #8
+ UBFX r5, r7, #8, #8
+ UBFX r6, r7, #16, #8
+ LSR r7, r7, #24
+ LDRB r4, [r10, r4, LSL #2]
+ LDRB r5, [r10, r5, LSL #2]
+ LDRB r6, [r10, r6, LSL #2]
+ LDRB r7, [r10, r7, LSL #2]
+ EOR r3, r7, r4, LSL #8
+ EOR r3, r3, r5, LSL #16
+ EOR r3, r3, r6, LSL #24
+ LDM r2!, {r4, r5, r6, r7}
+ EOR r4, r4, r3
+ LDM lr!, {r3}
+ EOR r4, r4, r3
+ EOR r5, r5, r4
+ EOR r6, r6, r5
+ EOR r7, r7, r6
+ ADD r2, r2, #0x10
+ STM r2, {r4, r5, r6, r7}
+ SUB r2, r2, #0x10
+ MOV r3, r7
+ UBFX r4, r3, #8, #8
+ UBFX r5, r3, #16, #8
+ LSR r6, r3, #24
+ UBFX r3, r3, #0, #8
+ LDRB r4, [r10, r4, LSL #2]
+ LDRB r6, [r10, r6, LSL #2]
+ LDRB r5, [r10, r5, LSL #2]
+ LDRB r3, [r10, r3, LSL #2]
+ EOR r3, r3, r4, LSL #8
+ EOR r3, r3, r5, LSL #16
+ EOR r3, r3, r6, LSL #24
+ LDM r2!, {r4, r5, r6, r7}
+ EOR r4, r4, r3
+ EOR r5, r5, r4
+ EOR r6, r6, r5
+ EOR r7, r7, r6
+ ADD r2, r2, #0x10
+ STM r2, {r4, r5, r6, r7}
+ SUB r2, r2, #0x10
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_AES_set_encrypt_key_loop_256
+#else
+ BNE.N L_AES_set_encrypt_key_loop_256
+#endif
+ UBFX r4, r7, #0, #8
+ UBFX r5, r7, #8, #8
+ UBFX r6, r7, #16, #8
+ LSR r7, r7, #24
+ LDRB r4, [r10, r4, LSL #2]
+ LDRB r5, [r10, r5, LSL #2]
+ LDRB r6, [r10, r6, LSL #2]
+ LDRB r7, [r10, r7, LSL #2]
+ EOR r3, r7, r4, LSL #8
+ EOR r3, r3, r5, LSL #16
+ EOR r3, r3, r6, LSL #24
+ LDM r2!, {r4, r5, r6, r7}
+ EOR r4, r4, r3
+ LDM lr!, {r3}
+ EOR r4, r4, r3
+ EOR r5, r5, r4
+ EOR r6, r6, r5
+ EOR r7, r7, r6
+ ADD r2, r2, #0x10
+ STM r2, {r4, r5, r6, r7}
+ SUB r2, r2, #0x10
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_set_encrypt_key_end
+#else
+ B.N L_AES_set_encrypt_key_end
+#endif
+L_AES_set_encrypt_key_start_192:
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ STM r2, {r4, r5, r6, r7}
+ STRD r8, r9, [r2, #16]
+ MOV r7, r9
+ MOV r12, #0x7
+L_AES_set_encrypt_key_loop_192:
+ UBFX r4, r9, #0, #8
+ UBFX r5, r9, #8, #8
+ UBFX r6, r9, #16, #8
+ LSR r9, r9, #24
+ LDRB r4, [r10, r4, LSL #2]
+ LDRB r5, [r10, r5, LSL #2]
+ LDRB r6, [r10, r6, LSL #2]
+ LDRB r9, [r10, r9, LSL #2]
+ EOR r3, r9, r4, LSL #8
+ EOR r3, r3, r5, LSL #16
+ EOR r3, r3, r6, LSL #24
+ LDM r2!, {r4, r5, r6, r7, r8, r9}
+ EOR r4, r4, r3
+ LDM lr!, {r3}
+ EOR r4, r4, r3
+ EOR r5, r5, r4
+ EOR r6, r6, r5
+ EOR r7, r7, r6
+ EOR r8, r8, r7
+ EOR r9, r9, r8
+ STM r2, {r4, r5, r6, r7, r8, r9}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_AES_set_encrypt_key_loop_192
+#else
+ BNE.N L_AES_set_encrypt_key_loop_192
+#endif
+ UBFX r4, r9, #0, #8
+ UBFX r5, r9, #8, #8
+ UBFX r6, r9, #16, #8
+ LSR r9, r9, #24
+ LDRB r4, [r10, r4, LSL #2]
+ LDRB r5, [r10, r5, LSL #2]
+ LDRB r6, [r10, r6, LSL #2]
+ LDRB r9, [r10, r9, LSL #2]
+ EOR r3, r9, r4, LSL #8
+ EOR r3, r3, r5, LSL #16
+ EOR r3, r3, r6, LSL #24
+ LDM r2!, {r4, r5, r6, r7, r8, r9}
+ EOR r4, r4, r3
+ LDM lr!, {r3}
+ EOR r4, r4, r3
+ EOR r5, r5, r4
+ EOR r6, r6, r5
+ EOR r7, r7, r6
+ STM r2, {r4, r5, r6, r7}
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_set_encrypt_key_end
+#else
+ B.N L_AES_set_encrypt_key_end
+#endif
+L_AES_set_encrypt_key_start_128:
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r2, {r4, r5, r6, r7}
+ MOV r12, #0xa
+L_AES_set_encrypt_key_loop_128:
+ UBFX r4, r7, #0, #8
+ UBFX r5, r7, #8, #8
+ UBFX r6, r7, #16, #8
+ LSR r7, r7, #24
+ LDRB r4, [r10, r4, LSL #2]
+ LDRB r5, [r10, r5, LSL #2]
+ LDRB r6, [r10, r6, LSL #2]
+ LDRB r7, [r10, r7, LSL #2]
+ EOR r3, r7, r4, LSL #8
+ EOR r3, r3, r5, LSL #16
+ EOR r3, r3, r6, LSL #24
+ LDM r2!, {r4, r5, r6, r7}
+ EOR r4, r4, r3
+ LDM lr!, {r3}
+ EOR r4, r4, r3
+ EOR r5, r5, r4
+ EOR r6, r6, r5
+ EOR r7, r7, r6
+ STM r2, {r4, r5, r6, r7}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_AES_set_encrypt_key_loop_128
+#else
+ BNE.N L_AES_set_encrypt_key_loop_128
+#endif
+L_AES_set_encrypt_key_end:
+ POP {r4, r5, r6, r7, r8, r9, r10, pc}
+ /* Cycle Count = 331 */
+ .size AES_set_encrypt_key,.-AES_set_encrypt_key
+ .text
+ .align 4
+ .globl AES_encrypt_block
+ .type AES_encrypt_block, %function
+AES_encrypt_block:
+ PUSH {lr}
+L_AES_encrypt_block_nr:
+ UBFX r8, r5, #16, #8
+ LSR r11, r4, #24
+ UBFX lr, r6, #8, #8
+ UBFX r2, r7, #0, #8
+ LDR r8, [r0, r8, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r9, r6, #16, #8
+ EOR r8, r8, r11, ROR #24
+ LSR r11, r5, #24
+ EOR r8, r8, lr, ROR #8
+ UBFX lr, r7, #8, #8
+ EOR r8, r8, r2, ROR #16
+ UBFX r2, r4, #0, #8
+ LDR r9, [r0, r9, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r10, r7, #16, #8
+ EOR r9, r9, r11, ROR #24
+ LSR r11, r6, #24
+ EOR r9, r9, lr, ROR #8
+ UBFX lr, r4, #8, #8
+ EOR r9, r9, r2, ROR #16
+ UBFX r2, r5, #0, #8
+ LDR r10, [r0, r10, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r6, r6, #0, #8
+ EOR r10, r10, r11, ROR #24
+ UBFX r11, r4, #16, #8
+ EOR r10, r10, lr, ROR #8
+ LSR lr, r7, #24
+ EOR r10, r10, r2, ROR #16
+ UBFX r2, r5, #8, #8
+ LDR r6, [r0, r6, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ EOR lr, lr, r6, ROR #24
+ LDM r3!, {r4, r5, r6, r7}
+ EOR r11, r11, lr, ROR #24
+ EOR r11, r11, r2, ROR #8
+ /* XOR in Key Schedule */
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ UBFX r4, r9, #16, #8
+ LSR r7, r8, #24
+ UBFX lr, r10, #8, #8
+ UBFX r2, r11, #0, #8
+ LDR r4, [r0, r4, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r5, r10, #16, #8
+ EOR r4, r4, r7, ROR #24
+ LSR r7, r9, #24
+ EOR r4, r4, lr, ROR #8
+ UBFX lr, r11, #8, #8
+ EOR r4, r4, r2, ROR #16
+ UBFX r2, r8, #0, #8
+ LDR r5, [r0, r5, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r6, r11, #16, #8
+ EOR r5, r5, r7, ROR #24
+ LSR r7, r10, #24
+ EOR r5, r5, lr, ROR #8
+ UBFX lr, r8, #8, #8
+ EOR r5, r5, r2, ROR #16
+ UBFX r2, r9, #0, #8
+ LDR r6, [r0, r6, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r10, r10, #0, #8
+ EOR r6, r6, r7, ROR #24
+ UBFX r7, r8, #16, #8
+ EOR r6, r6, lr, ROR #8
+ LSR lr, r11, #24
+ EOR r6, r6, r2, ROR #16
+ UBFX r2, r9, #8, #8
+ LDR r10, [r0, r10, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ EOR lr, lr, r10, ROR #24
+ LDM r3!, {r8, r9, r10, r11}
+ EOR r7, r7, lr, ROR #24
+ EOR r7, r7, r2, ROR #8
+ /* XOR in Key Schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ SUBS r1, r1, #0x1
+#ifdef __GNUC__
+ BNE L_AES_encrypt_block_nr
+#else
+ BNE.W L_AES_encrypt_block_nr
+#endif
+ UBFX r8, r5, #16, #8
+ LSR r11, r4, #24
+ UBFX lr, r6, #8, #8
+ UBFX r2, r7, #0, #8
+ LDR r8, [r0, r8, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r9, r6, #16, #8
+ EOR r8, r8, r11, ROR #24
+ LSR r11, r5, #24
+ EOR r8, r8, lr, ROR #8
+ UBFX lr, r7, #8, #8
+ EOR r8, r8, r2, ROR #16
+ UBFX r2, r4, #0, #8
+ LDR r9, [r0, r9, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r10, r7, #16, #8
+ EOR r9, r9, r11, ROR #24
+ LSR r11, r6, #24
+ EOR r9, r9, lr, ROR #8
+ UBFX lr, r4, #8, #8
+ EOR r9, r9, r2, ROR #16
+ UBFX r2, r5, #0, #8
+ LDR r10, [r0, r10, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ UBFX r6, r6, #0, #8
+ EOR r10, r10, r11, ROR #24
+ UBFX r11, r4, #16, #8
+ EOR r10, r10, lr, ROR #8
+ LSR lr, r7, #24
+ EOR r10, r10, r2, ROR #16
+ UBFX r2, r5, #8, #8
+ LDR r6, [r0, r6, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r2, [r0, r2, LSL #2]
+ EOR lr, lr, r6, ROR #24
+ LDM r3!, {r4, r5, r6, r7}
+ EOR r11, r11, lr, ROR #24
+ EOR r11, r11, r2, ROR #8
+ /* XOR in Key Schedule */
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ UBFX r4, r11, #0, #8
+ UBFX r7, r10, #8, #8
+ UBFX lr, r9, #16, #8
+ LSR r2, r8, #24
+ LDRB r4, [r0, r4, LSL #2]
+ LDRB r7, [r0, r7, LSL #2]
+ LDRB lr, [r0, lr, LSL #2]
+ LDRB r2, [r0, r2, LSL #2]
+ UBFX r5, r8, #0, #8
+ EOR r4, r4, r7, LSL #8
+ UBFX r7, r11, #8, #8
+ EOR r4, r4, lr, LSL #16
+ UBFX lr, r10, #16, #8
+ EOR r4, r4, r2, LSL #24
+ LSR r2, r9, #24
+ LDRB r5, [r0, r5, LSL #2]
+ LDRB r7, [r0, r7, LSL #2]
+ LDRB lr, [r0, lr, LSL #2]
+ LDRB r2, [r0, r2, LSL #2]
+ UBFX r6, r9, #0, #8
+ EOR r5, r5, r7, LSL #8
+ UBFX r7, r8, #8, #8
+ EOR r5, r5, lr, LSL #16
+ UBFX lr, r11, #16, #8
+ EOR r5, r5, r2, LSL #24
+ LSR r2, r10, #24
+ LDRB r6, [r0, r6, LSL #2]
+ LDRB r7, [r0, r7, LSL #2]
+ LDRB lr, [r0, lr, LSL #2]
+ LDRB r2, [r0, r2, LSL #2]
+ LSR r11, r11, #24
+ EOR r6, r6, r7, LSL #8
+ UBFX r7, r10, #0, #8
+ EOR r6, r6, lr, LSL #16
+ UBFX lr, r9, #8, #8
+ EOR r6, r6, r2, LSL #24
+ UBFX r2, r8, #16, #8
+ LDRB r11, [r0, r11, LSL #2]
+ LDRB r7, [r0, r7, LSL #2]
+ LDRB lr, [r0, lr, LSL #2]
+ LDRB r2, [r0, r2, LSL #2]
+ EOR lr, lr, r11, LSL #16
+ LDM r3, {r8, r9, r10, r11}
+ EOR r7, r7, lr, LSL #8
+ EOR r7, r7, r2, LSL #16
+ /* XOR in Key Schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ POP {pc}
+ /* Cycle Count = 285 */
+ .size AES_encrypt_block,.-AES_encrypt_block
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .type L_AES_Thumb2_te_ecb, %object
+ .size L_AES_Thumb2_te_ecb, 12
+ .align 4
+L_AES_Thumb2_te_ecb:
+ .word L_AES_Thumb2_te_data
+#endif /* HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .align 4
+ .globl AES_ECB_encrypt
+ .type AES_ECB_encrypt, %function
+AES_ECB_encrypt:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ MOV lr, r0
+ LDR r0, L_AES_Thumb2_te_ecb
+ LDR r12, [sp, #36]
+ PUSH {r3}
+ CMP r12, #0xa
+#ifdef __GNUC__
+ BEQ L_AES_ECB_encrypt_start_block_128
+#else
+ BEQ.W L_AES_ECB_encrypt_start_block_128
+#endif
+ CMP r12, #0xc
+#ifdef __GNUC__
+ BEQ L_AES_ECB_encrypt_start_block_192
+#else
+ BEQ.W L_AES_ECB_encrypt_start_block_192
+#endif
+L_AES_ECB_encrypt_loop_block_256:
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ PUSH {r1, r2, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_ECB_encrypt_loop_block_256
+#else
+ BNE.W L_AES_ECB_encrypt_loop_block_256
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_ECB_encrypt_end
+#else
+ B.N L_AES_ECB_encrypt_end
+#endif
+L_AES_ECB_encrypt_start_block_192:
+L_AES_ECB_encrypt_loop_block_192:
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ PUSH {r1, r2, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_ECB_encrypt_loop_block_192
+#else
+ BNE.W L_AES_ECB_encrypt_loop_block_192
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_ECB_encrypt_end
+#else
+ B.N L_AES_ECB_encrypt_end
+#endif
+L_AES_ECB_encrypt_start_block_128:
+L_AES_ECB_encrypt_loop_block_128:
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ PUSH {r1, r2, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_ECB_encrypt_loop_block_128
+#else
+ BNE.W L_AES_ECB_encrypt_loop_block_128
+#endif
+L_AES_ECB_encrypt_end:
+ POP {r3}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 212 */
+ .size AES_ECB_encrypt,.-AES_ECB_encrypt
+#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+ .text
+ .align 4
+ .globl AES_CBC_encrypt
+ .type AES_CBC_encrypt, %function
+AES_CBC_encrypt:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ LDR r8, [sp, #36]
+ LDR r9, [sp, #40]
+ MOV lr, r0
+ LDR r0, L_AES_Thumb2_te_ecb
+ LDM r9, {r4, r5, r6, r7}
+ PUSH {r3, r9}
+ CMP r8, #0xa
+#ifdef __GNUC__
+ BEQ L_AES_CBC_encrypt_start_block_128
+#else
+ BEQ.W L_AES_CBC_encrypt_start_block_128
+#endif
+ CMP r8, #0xc
+#ifdef __GNUC__
+ BEQ L_AES_CBC_encrypt_start_block_192
+#else
+ BEQ.W L_AES_CBC_encrypt_start_block_192
+#endif
+L_AES_CBC_encrypt_loop_block_256:
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ PUSH {r1, r2, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CBC_encrypt_loop_block_256
+#else
+ BNE.W L_AES_CBC_encrypt_loop_block_256
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_CBC_encrypt_end
+#else
+ B.N L_AES_CBC_encrypt_end
+#endif
+L_AES_CBC_encrypt_start_block_192:
+L_AES_CBC_encrypt_loop_block_192:
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ PUSH {r1, r2, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CBC_encrypt_loop_block_192
+#else
+ BNE.W L_AES_CBC_encrypt_loop_block_192
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_CBC_encrypt_end
+#else
+ B.N L_AES_CBC_encrypt_end
+#endif
+L_AES_CBC_encrypt_start_block_128:
+L_AES_CBC_encrypt_loop_block_128:
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ PUSH {r1, r2, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CBC_encrypt_loop_block_128
+#else
+ BNE.W L_AES_CBC_encrypt_loop_block_128
+#endif
+L_AES_CBC_encrypt_end:
+ POP {r3, r9}
+ STM r9, {r4, r5, r6, r7}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 238 */
+ .size AES_CBC_encrypt,.-AES_CBC_encrypt
+#endif /* HAVE_AES_CBC */
+#ifdef WOLFSSL_AES_COUNTER
+ .text
+ .align 4
+ .globl AES_CTR_encrypt
+ .type AES_CTR_encrypt, %function
+AES_CTR_encrypt:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ LDR r12, [sp, #36]
+ LDR r8, [sp, #40]
+ MOV lr, r0
+ LDR r0, L_AES_Thumb2_te_ecb
+ LDM r8, {r4, r5, r6, r7}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r8, {r4, r5, r6, r7}
+ PUSH {r3, r8}
+ CMP r12, #0xa
+#ifdef __GNUC__
+ BEQ L_AES_CTR_encrypt_start_block_128
+#else
+ BEQ.W L_AES_CTR_encrypt_start_block_128
+#endif
+ CMP r12, #0xc
+#ifdef __GNUC__
+ BEQ L_AES_CTR_encrypt_start_block_192
+#else
+ BEQ.W L_AES_CTR_encrypt_start_block_192
+#endif
+L_AES_CTR_encrypt_loop_block_256:
+ PUSH {r1, r2, lr}
+ LDR lr, [sp, #16]
+ ADDS r11, r7, #0x1
+ ADCS r10, r6, #0x0
+ ADCS r9, r5, #0x0
+ ADC r8, r4, #0x0
+ STM lr, {r8, r9, r10, r11}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDR r8, [sp, #4]
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ LDM r8, {r4, r5, r6, r7}
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CTR_encrypt_loop_block_256
+#else
+ BNE.W L_AES_CTR_encrypt_loop_block_256
+#endif
+#ifdef __GNUC__
+ B L_AES_CTR_encrypt_end
+#else
+ B.W L_AES_CTR_encrypt_end
+#endif
+L_AES_CTR_encrypt_start_block_192:
+L_AES_CTR_encrypt_loop_block_192:
+ PUSH {r1, r2, lr}
+ LDR lr, [sp, #16]
+ ADDS r11, r7, #0x1
+ ADCS r10, r6, #0x0
+ ADCS r9, r5, #0x0
+ ADC r8, r4, #0x0
+ STM lr, {r8, r9, r10, r11}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDR r8, [sp, #4]
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ LDM r8, {r4, r5, r6, r7}
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CTR_encrypt_loop_block_192
+#else
+ BNE.W L_AES_CTR_encrypt_loop_block_192
+#endif
+#ifdef __GNUC__
+ B L_AES_CTR_encrypt_end
+#else
+ B.W L_AES_CTR_encrypt_end
+#endif
+L_AES_CTR_encrypt_start_block_128:
+L_AES_CTR_encrypt_loop_block_128:
+ PUSH {r1, r2, lr}
+ LDR lr, [sp, #16]
+ ADDS r11, r7, #0x1
+ ADCS r10, r6, #0x0
+ ADCS r9, r5, #0x0
+ ADC r8, r4, #0x0
+ STM lr, {r8, r9, r10, r11}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDR r8, [sp, #4]
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ LDM r8, {r4, r5, r6, r7}
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CTR_encrypt_loop_block_128
+#else
+ BNE.W L_AES_CTR_encrypt_loop_block_128
+#endif
+L_AES_CTR_encrypt_end:
+ POP {r3, r8}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r8, {r4, r5, r6, r7}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 293 */
+ .size AES_CTR_encrypt,.-AES_CTR_encrypt
+#endif /* WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
+ .text
+ .align 4
+ .globl AES_decrypt_block
+ .type AES_decrypt_block, %function
+AES_decrypt_block:
+ PUSH {lr}
+L_AES_decrypt_block_nr:
+ UBFX r8, r7, #16, #8
+ LSR r11, r4, #24
+ UBFX r12, r6, #8, #8
+ UBFX lr, r5, #0, #8
+ LDR r8, [r0, r8, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r9, r4, #16, #8
+ EOR r8, r8, r11, ROR #24
+ LSR r11, r5, #24
+ EOR r8, r8, r12, ROR #8
+ UBFX r12, r7, #8, #8
+ EOR r8, r8, lr, ROR #16
+ UBFX lr, r6, #0, #8
+ LDR r9, [r0, r9, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r10, r5, #16, #8
+ EOR r9, r9, r11, ROR #24
+ LSR r11, r6, #24
+ EOR r9, r9, r12, ROR #8
+ UBFX r12, r4, #8, #8
+ EOR r9, r9, lr, ROR #16
+ UBFX lr, r7, #0, #8
+ LDR r10, [r0, r10, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r4, r4, #0, #8
+ EOR r10, r10, r11, ROR #24
+ UBFX r11, r6, #16, #8
+ EOR r10, r10, r12, ROR #8
+ LSR r12, r7, #24
+ EOR r10, r10, lr, ROR #16
+ UBFX lr, r5, #8, #8
+ LDR r4, [r0, r4, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ EOR r12, r12, r4, ROR #24
+ LDM r3!, {r4, r5, r6, r7}
+ EOR r11, r11, lr, ROR #8
+ EOR r11, r11, r12, ROR #24
+ /* XOR in Key Schedule */
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ UBFX r4, r11, #16, #8
+ LSR r7, r8, #24
+ UBFX r12, r10, #8, #8
+ UBFX lr, r9, #0, #8
+ LDR r4, [r0, r4, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r5, r8, #16, #8
+ EOR r4, r4, r7, ROR #24
+ LSR r7, r9, #24
+ EOR r4, r4, r12, ROR #8
+ UBFX r12, r11, #8, #8
+ EOR r4, r4, lr, ROR #16
+ UBFX lr, r10, #0, #8
+ LDR r5, [r0, r5, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r6, r9, #16, #8
+ EOR r5, r5, r7, ROR #24
+ LSR r7, r10, #24
+ EOR r5, r5, r12, ROR #8
+ UBFX r12, r8, #8, #8
+ EOR r5, r5, lr, ROR #16
+ UBFX lr, r11, #0, #8
+ LDR r6, [r0, r6, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r8, r8, #0, #8
+ EOR r6, r6, r7, ROR #24
+ UBFX r7, r10, #16, #8
+ EOR r6, r6, r12, ROR #8
+ LSR r12, r11, #24
+ EOR r6, r6, lr, ROR #16
+ UBFX lr, r9, #8, #8
+ LDR r8, [r0, r8, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR r7, [r0, r7, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ EOR r12, r12, r8, ROR #24
+ LDM r3!, {r8, r9, r10, r11}
+ EOR r7, r7, lr, ROR #8
+ EOR r7, r7, r12, ROR #24
+ /* XOR in Key Schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ SUBS r1, r1, #0x1
+#ifdef __GNUC__
+ BNE L_AES_decrypt_block_nr
+#else
+ BNE.W L_AES_decrypt_block_nr
+#endif
+ UBFX r8, r7, #16, #8
+ LSR r11, r4, #24
+ UBFX r12, r6, #8, #8
+ UBFX lr, r5, #0, #8
+ LDR r8, [r0, r8, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r9, r4, #16, #8
+ EOR r8, r8, r11, ROR #24
+ LSR r11, r5, #24
+ EOR r8, r8, r12, ROR #8
+ UBFX r12, r7, #8, #8
+ EOR r8, r8, lr, ROR #16
+ UBFX lr, r6, #0, #8
+ LDR r9, [r0, r9, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r10, r5, #16, #8
+ EOR r9, r9, r11, ROR #24
+ LSR r11, r6, #24
+ EOR r9, r9, r12, ROR #8
+ UBFX r12, r4, #8, #8
+ EOR r9, r9, lr, ROR #16
+ UBFX lr, r7, #0, #8
+ LDR r10, [r0, r10, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ UBFX r4, r4, #0, #8
+ EOR r10, r10, r11, ROR #24
+ UBFX r11, r6, #16, #8
+ EOR r10, r10, r12, ROR #8
+ LSR r12, r7, #24
+ EOR r10, r10, lr, ROR #16
+ UBFX lr, r5, #8, #8
+ LDR r4, [r0, r4, LSL #2]
+ LDR r12, [r0, r12, LSL #2]
+ LDR r11, [r0, r11, LSL #2]
+ LDR lr, [r0, lr, LSL #2]
+ EOR r12, r12, r4, ROR #24
+ LDM r3!, {r4, r5, r6, r7}
+ EOR r11, r11, lr, ROR #8
+ EOR r11, r11, r12, ROR #24
+ /* XOR in Key Schedule */
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ UBFX r4, r9, #0, #8
+ UBFX r7, r10, #8, #8
+ UBFX r12, r11, #16, #8
+ LSR lr, r8, #24
+ LDRB r4, [r2, r4]
+ LDRB r7, [r2, r7]
+ LDRB r12, [r2, r12]
+ LDRB lr, [r2, lr]
+ UBFX r5, r10, #0, #8
+ EOR r4, r4, r7, LSL #8
+ UBFX r7, r11, #8, #8
+ EOR r4, r4, r12, LSL #16
+ UBFX r12, r8, #16, #8
+ EOR r4, r4, lr, LSL #24
+ LSR lr, r9, #24
+ LDRB r7, [r2, r7]
+ LDRB lr, [r2, lr]
+ LDRB r5, [r2, r5]
+ LDRB r12, [r2, r12]
+ UBFX r6, r11, #0, #8
+ EOR r5, r5, r7, LSL #8
+ UBFX r7, r8, #8, #8
+ EOR r5, r5, r12, LSL #16
+ UBFX r12, r9, #16, #8
+ EOR r5, r5, lr, LSL #24
+ LSR lr, r10, #24
+ LDRB r7, [r2, r7]
+ LDRB lr, [r2, lr]
+ LDRB r6, [r2, r6]
+ LDRB r12, [r2, r12]
+ LSR r11, r11, #24
+ EOR r6, r6, r7, LSL #8
+ UBFX r7, r8, #0, #8
+ EOR r6, r6, r12, LSL #16
+ UBFX r12, r9, #8, #8
+ EOR r6, r6, lr, LSL #24
+ UBFX lr, r10, #16, #8
+ LDRB r11, [r2, r11]
+ LDRB r12, [r2, r12]
+ LDRB r7, [r2, r7]
+ LDRB lr, [r2, lr]
+ EOR r12, r12, r11, LSL #16
+ LDM r3, {r8, r9, r10, r11}
+ EOR r7, r7, r12, LSL #8
+ EOR r7, r7, lr, LSL #16
+ /* XOR in Key Schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ POP {pc}
+ /* Cycle Count = 285 */
+ .size AES_decrypt_block,.-AES_decrypt_block
+ .text
+ .type L_AES_Thumb2_td_ecb, %object
+ .size L_AES_Thumb2_td_ecb, 12
+ .align 4
+L_AES_Thumb2_td_ecb:
+ .word L_AES_Thumb2_td_data
+ .text
+ .type L_AES_Thumb2_td4, %object
+ .size L_AES_Thumb2_td4, 256
+ .align 4
+L_AES_Thumb2_td4:
+ .byte 0x52
+ .byte 0x9
+ .byte 0x6a
+ .byte 0xd5
+ .byte 0x30
+ .byte 0x36
+ .byte 0xa5
+ .byte 0x38
+ .byte 0xbf
+ .byte 0x40
+ .byte 0xa3
+ .byte 0x9e
+ .byte 0x81
+ .byte 0xf3
+ .byte 0xd7
+ .byte 0xfb
+ .byte 0x7c
+ .byte 0xe3
+ .byte 0x39
+ .byte 0x82
+ .byte 0x9b
+ .byte 0x2f
+ .byte 0xff
+ .byte 0x87
+ .byte 0x34
+ .byte 0x8e
+ .byte 0x43
+ .byte 0x44
+ .byte 0xc4
+ .byte 0xde
+ .byte 0xe9
+ .byte 0xcb
+ .byte 0x54
+ .byte 0x7b
+ .byte 0x94
+ .byte 0x32
+ .byte 0xa6
+ .byte 0xc2
+ .byte 0x23
+ .byte 0x3d
+ .byte 0xee
+ .byte 0x4c
+ .byte 0x95
+ .byte 0xb
+ .byte 0x42
+ .byte 0xfa
+ .byte 0xc3
+ .byte 0x4e
+ .byte 0x8
+ .byte 0x2e
+ .byte 0xa1
+ .byte 0x66
+ .byte 0x28
+ .byte 0xd9
+ .byte 0x24
+ .byte 0xb2
+ .byte 0x76
+ .byte 0x5b
+ .byte 0xa2
+ .byte 0x49
+ .byte 0x6d
+ .byte 0x8b
+ .byte 0xd1
+ .byte 0x25
+ .byte 0x72
+ .byte 0xf8
+ .byte 0xf6
+ .byte 0x64
+ .byte 0x86
+ .byte 0x68
+ .byte 0x98
+ .byte 0x16
+ .byte 0xd4
+ .byte 0xa4
+ .byte 0x5c
+ .byte 0xcc
+ .byte 0x5d
+ .byte 0x65
+ .byte 0xb6
+ .byte 0x92
+ .byte 0x6c
+ .byte 0x70
+ .byte 0x48
+ .byte 0x50
+ .byte 0xfd
+ .byte 0xed
+ .byte 0xb9
+ .byte 0xda
+ .byte 0x5e
+ .byte 0x15
+ .byte 0x46
+ .byte 0x57
+ .byte 0xa7
+ .byte 0x8d
+ .byte 0x9d
+ .byte 0x84
+ .byte 0x90
+ .byte 0xd8
+ .byte 0xab
+ .byte 0x0
+ .byte 0x8c
+ .byte 0xbc
+ .byte 0xd3
+ .byte 0xa
+ .byte 0xf7
+ .byte 0xe4
+ .byte 0x58
+ .byte 0x5
+ .byte 0xb8
+ .byte 0xb3
+ .byte 0x45
+ .byte 0x6
+ .byte 0xd0
+ .byte 0x2c
+ .byte 0x1e
+ .byte 0x8f
+ .byte 0xca
+ .byte 0x3f
+ .byte 0xf
+ .byte 0x2
+ .byte 0xc1
+ .byte 0xaf
+ .byte 0xbd
+ .byte 0x3
+ .byte 0x1
+ .byte 0x13
+ .byte 0x8a
+ .byte 0x6b
+ .byte 0x3a
+ .byte 0x91
+ .byte 0x11
+ .byte 0x41
+ .byte 0x4f
+ .byte 0x67
+ .byte 0xdc
+ .byte 0xea
+ .byte 0x97
+ .byte 0xf2
+ .byte 0xcf
+ .byte 0xce
+ .byte 0xf0
+ .byte 0xb4
+ .byte 0xe6
+ .byte 0x73
+ .byte 0x96
+ .byte 0xac
+ .byte 0x74
+ .byte 0x22
+ .byte 0xe7
+ .byte 0xad
+ .byte 0x35
+ .byte 0x85
+ .byte 0xe2
+ .byte 0xf9
+ .byte 0x37
+ .byte 0xe8
+ .byte 0x1c
+ .byte 0x75
+ .byte 0xdf
+ .byte 0x6e
+ .byte 0x47
+ .byte 0xf1
+ .byte 0x1a
+ .byte 0x71
+ .byte 0x1d
+ .byte 0x29
+ .byte 0xc5
+ .byte 0x89
+ .byte 0x6f
+ .byte 0xb7
+ .byte 0x62
+ .byte 0xe
+ .byte 0xaa
+ .byte 0x18
+ .byte 0xbe
+ .byte 0x1b
+ .byte 0xfc
+ .byte 0x56
+ .byte 0x3e
+ .byte 0x4b
+ .byte 0xc6
+ .byte 0xd2
+ .byte 0x79
+ .byte 0x20
+ .byte 0x9a
+ .byte 0xdb
+ .byte 0xc0
+ .byte 0xfe
+ .byte 0x78
+ .byte 0xcd
+ .byte 0x5a
+ .byte 0xf4
+ .byte 0x1f
+ .byte 0xdd
+ .byte 0xa8
+ .byte 0x33
+ .byte 0x88
+ .byte 0x7
+ .byte 0xc7
+ .byte 0x31
+ .byte 0xb1
+ .byte 0x12
+ .byte 0x10
+ .byte 0x59
+ .byte 0x27
+ .byte 0x80
+ .byte 0xec
+ .byte 0x5f
+ .byte 0x60
+ .byte 0x51
+ .byte 0x7f
+ .byte 0xa9
+ .byte 0x19
+ .byte 0xb5
+ .byte 0x4a
+ .byte 0xd
+ .byte 0x2d
+ .byte 0xe5
+ .byte 0x7a
+ .byte 0x9f
+ .byte 0x93
+ .byte 0xc9
+ .byte 0x9c
+ .byte 0xef
+ .byte 0xa0
+ .byte 0xe0
+ .byte 0x3b
+ .byte 0x4d
+ .byte 0xae
+ .byte 0x2a
+ .byte 0xf5
+ .byte 0xb0
+ .byte 0xc8
+ .byte 0xeb
+ .byte 0xbb
+ .byte 0x3c
+ .byte 0x83
+ .byte 0x53
+ .byte 0x99
+ .byte 0x61
+ .byte 0x17
+ .byte 0x2b
+ .byte 0x4
+ .byte 0x7e
+ .byte 0xba
+ .byte 0x77
+ .byte 0xd6
+ .byte 0x26
+ .byte 0xe1
+ .byte 0x69
+ .byte 0x14
+ .byte 0x63
+ .byte 0x55
+ .byte 0x21
+ .byte 0xc
+ .byte 0x7d
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+ .text
+ .align 4
+ .globl AES_ECB_decrypt
+ .type AES_ECB_decrypt, %function
+AES_ECB_decrypt:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ LDR r8, [sp, #36]
+ MOV lr, r0
+ LDR r0, L_AES_Thumb2_td_ecb
+ MOV r12, r2
+ ADR r2, L_AES_Thumb2_td4
+ CMP r8, #0xa
+#ifdef __GNUC__
+ BEQ L_AES_ECB_decrypt_start_block_128
+#else
+ BEQ.W L_AES_ECB_decrypt_start_block_128
+#endif
+ CMP r8, #0xc
+#ifdef __GNUC__
+ BEQ L_AES_ECB_decrypt_start_block_192
+#else
+ BEQ.W L_AES_ECB_decrypt_start_block_192
+#endif
+L_AES_ECB_decrypt_loop_block_256:
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ PUSH {r1, r3, r12, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_decrypt_block
+ POP {r1, r3, r12, lr}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_ECB_decrypt_loop_block_256
+#else
+ BNE.W L_AES_ECB_decrypt_loop_block_256
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_ECB_decrypt_end
+#else
+ B.N L_AES_ECB_decrypt_end
+#endif
+L_AES_ECB_decrypt_start_block_192:
+L_AES_ECB_decrypt_loop_block_192:
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ PUSH {r1, r3, r12, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_decrypt_block
+ POP {r1, r3, r12, lr}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_ECB_decrypt_loop_block_192
+#else
+ BNE.W L_AES_ECB_decrypt_loop_block_192
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_ECB_decrypt_end
+#else
+ B.N L_AES_ECB_decrypt_end
+#endif
+L_AES_ECB_decrypt_start_block_128:
+L_AES_ECB_decrypt_loop_block_128:
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ PUSH {r1, r3, r12, lr}
+ LDM r3!, {r8, r9, r10, r11}
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_decrypt_block
+ POP {r1, r3, r12, lr}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_ECB_decrypt_loop_block_128
+#else
+ BNE.W L_AES_ECB_decrypt_loop_block_128
+#endif
+L_AES_ECB_decrypt_end:
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 210 */
+ .size AES_ECB_decrypt,.-AES_ECB_decrypt
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+ .text
+ .align 4
+ .globl AES_CBC_decrypt
+ .type AES_CBC_decrypt, %function
+AES_CBC_decrypt:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ LDR r8, [sp, #36]
+ LDR r4, [sp, #40]
+ MOV lr, r0
+ LDR r0, L_AES_Thumb2_td_ecb
+ MOV r12, r2
+ ADR r2, L_AES_Thumb2_td4
+ PUSH {r3, r4}
+ CMP r8, #0xa
+#ifdef __GNUC__
+ BEQ L_AES_CBC_decrypt_loop_block_128
+#else
+ BEQ.W L_AES_CBC_decrypt_loop_block_128
+#endif
+ CMP r8, #0xc
+#ifdef __GNUC__
+ BEQ L_AES_CBC_decrypt_loop_block_192
+#else
+ BEQ.W L_AES_CBC_decrypt_loop_block_192
+#endif
+L_AES_CBC_decrypt_loop_block_256:
+ PUSH {r1, r12, lr}
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ LDR lr, [sp, #16]
+ STRD r4, r5, [lr, #16]
+ STRD r6, r7, [lr, #24]
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_decrypt_block
+ LDR lr, [sp, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDM lr, {r8, r9, r10, r11}
+ POP {r1, r12, lr}
+ LDR r3, [sp]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BEQ L_AES_CBC_decrypt_end_odd
+#else
+ BEQ.W L_AES_CBC_decrypt_end_odd
+#endif
+ PUSH {r1, r12, lr}
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ LDR lr, [sp, #16]
+ STRD r4, r5, [lr]
+ STRD r6, r7, [lr, #8]
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_decrypt_block
+ LDR lr, [sp, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDRD r8, r9, [lr, #16]
+ LDRD r10, r11, [lr, #24]
+ POP {r1, r12, lr}
+ LDR r3, [sp]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CBC_decrypt_loop_block_256
+#else
+ BNE.W L_AES_CBC_decrypt_loop_block_256
+#endif
+#ifdef __GNUC__
+ B L_AES_CBC_decrypt_end
+#else
+ B.W L_AES_CBC_decrypt_end
+#endif
+L_AES_CBC_decrypt_loop_block_192:
+ PUSH {r1, r12, lr}
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ LDR lr, [sp, #16]
+ STRD r4, r5, [lr, #16]
+ STRD r6, r7, [lr, #24]
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_decrypt_block
+ LDR lr, [sp, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDM lr, {r8, r9, r10, r11}
+ POP {r1, r12, lr}
+ LDR r3, [sp]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BEQ L_AES_CBC_decrypt_end_odd
+#else
+ BEQ.W L_AES_CBC_decrypt_end_odd
+#endif
+ PUSH {r1, r12, lr}
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ LDR lr, [sp, #16]
+ STRD r4, r5, [lr]
+ STRD r6, r7, [lr, #8]
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_decrypt_block
+ LDR lr, [sp, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDRD r8, r9, [lr, #16]
+ LDRD r10, r11, [lr, #24]
+ POP {r1, r12, lr}
+ LDR r3, [sp]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CBC_decrypt_loop_block_192
+#else
+ BNE.W L_AES_CBC_decrypt_loop_block_192
+#endif
+#ifdef __GNUC__
+ B L_AES_CBC_decrypt_end
+#else
+ B.W L_AES_CBC_decrypt_end
+#endif
+L_AES_CBC_decrypt_loop_block_128:
+ PUSH {r1, r12, lr}
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ LDR lr, [sp, #16]
+ STRD r4, r5, [lr, #16]
+ STRD r6, r7, [lr, #24]
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_decrypt_block
+ LDR lr, [sp, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDM lr, {r8, r9, r10, r11}
+ POP {r1, r12, lr}
+ LDR r3, [sp]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BEQ L_AES_CBC_decrypt_end_odd
+#else
+ BEQ.W L_AES_CBC_decrypt_end_odd
+#endif
+ PUSH {r1, r12, lr}
+ LDR r4, [lr]
+ LDR r5, [lr, #4]
+ LDR r6, [lr, #8]
+ LDR r7, [lr, #12]
+ LDR lr, [sp, #16]
+ STRD r4, r5, [lr]
+ STRD r6, r7, [lr, #8]
+ LDM r3!, {r8, r9, r10, r11}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_decrypt_block
+ LDR lr, [sp, #16]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDRD r8, r9, [lr, #16]
+ LDRD r10, r11, [lr, #24]
+ POP {r1, r12, lr}
+ LDR r3, [sp]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ SUBS r12, r12, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_CBC_decrypt_loop_block_128
+#else
+ BNE.W L_AES_CBC_decrypt_loop_block_128
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ B L_AES_CBC_decrypt_end
+#else
+ B.N L_AES_CBC_decrypt_end
+#endif
+L_AES_CBC_decrypt_end_odd:
+ LDR r4, [sp, #4]
+ LDRD r8, r9, [r4, #16]
+ LDRD r10, r11, [r4, #24]
+ STRD r8, r9, [r4]
+ STRD r10, r11, [r4, #8]
+L_AES_CBC_decrypt_end:
+ POP {r3, r4}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 518 */
+ .size AES_CBC_decrypt,.-AES_CBC_decrypt
+#endif /* HAVE_AES_CBC */
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER || HAVE_AES_CBC */
+#endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AESGCM
+ .text
+ .type L_GCM_gmult_len_r, %object
+ .size L_GCM_gmult_len_r, 64
+ .align 4
+L_GCM_gmult_len_r:
+ .word 0x0
+ .word 0x1c200000
+ .word 0x38400000
+ .word 0x24600000
+ .word 0x70800000
+ .word 0x6ca00000
+ .word 0x48c00000
+ .word 0x54e00000
+ .word 0xe1000000
+ .word 0xfd200000
+ .word 0xd9400000
+ .word 0xc5600000
+ .word 0x91800000
+ .word 0x8da00000
+ .word 0xa9c00000
+ .word 0xb5e00000
+ .text
+ .align 4
+ .globl GCM_gmult_len
+ .type GCM_gmult_len, %function
+GCM_gmult_len:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ ADR lr, L_GCM_gmult_len_r
+L_GCM_gmult_len_start_block:
+ PUSH {r3}
+ LDR r12, [r0, #12]
+ LDR r3, [r2, #12]
+ EOR r12, r12, r3
+ LSR r3, r12, #24
+ AND r3, r3, #0xf
+ ADD r3, r1, r3, LSL #4
+ LDM r3, {r8, r9, r10, r11}
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #28
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #16
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #20
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #8
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #12
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ AND r4, r12, #0xf
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #4
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ LDR r12, [r0, #8]
+ LDR r3, [r2, #8]
+ EOR r12, r12, r3
+ LSR r3, r12, #24
+ AND r3, r3, #0xf
+ ADD r3, r1, r3, LSL #4
+ LDM r3, {r4, r5, r6, r7}
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #28
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #16
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #20
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #8
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #12
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ AND r4, r12, #0xf
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #4
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ LDR r12, [r0, #4]
+ LDR r3, [r2, #4]
+ EOR r12, r12, r3
+ LSR r3, r12, #24
+ AND r3, r3, #0xf
+ ADD r3, r1, r3, LSL #4
+ LDM r3, {r4, r5, r6, r7}
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #28
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #16
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #20
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #8
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #12
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ AND r4, r12, #0xf
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #4
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ LDR r12, [r0]
+ LDR r3, [r2]
+ EOR r12, r12, r3
+ LSR r3, r12, #24
+ AND r3, r3, #0xf
+ ADD r3, r1, r3, LSL #4
+ LDM r3, {r4, r5, r6, r7}
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #28
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #16
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #20
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #8
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #12
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ AND r4, r12, #0xf
+ EOR r11, r11, r10, LSL #28
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LSR r6, r10, #4
+ AND r3, r11, #0xf
+ LSR r11, r11, #4
+ LSR r4, r12, #4
+ EOR r11, r11, r10, LSL #28
+ AND r4, r4, #0xf
+ LDR r3, [lr, r3, LSL #2]
+ ADD r4, r1, r4, LSL #4
+ EOR r10, r6, r9, LSL #28
+ LSR r9, r9, #4
+ LDM r4, {r4, r5, r6, r7}
+ EOR r9, r9, r8, LSL #28
+ EOR r8, r3, r8, LSR #4
+ EOR r8, r8, r4
+ EOR r9, r9, r5
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STM r0, {r8, r9, r10, r11}
+ POP {r3}
+ SUBS r3, r3, #0x10
+ ADD r2, r2, #0x10
+#ifdef __GNUC__
+ BNE L_GCM_gmult_len_start_block
+#else
+ BNE.W L_GCM_gmult_len_start_block
+#endif
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 742 */
+ .size GCM_gmult_len,.-GCM_gmult_len
+ .text
+ .type L_AES_Thumb2_te_gcm, %object
+ .size L_AES_Thumb2_te_gcm, 12
+ .align 4
+L_AES_Thumb2_te_gcm:
+ .word L_AES_Thumb2_te_data
+ .text
+ .align 4
+ .globl AES_GCM_encrypt
+ .type AES_GCM_encrypt, %function
+AES_GCM_encrypt:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ LDR r12, [sp, #36]
+ LDR r8, [sp, #40]
+ MOV lr, r0
+ LDR r0, L_AES_Thumb2_te_gcm
+ LDM r8, {r4, r5, r6, r7}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r8, {r4, r5, r6, r7}
+ PUSH {r3, r8}
+ CMP r12, #0xa
+#ifdef __GNUC__
+ BEQ L_AES_GCM_encrypt_start_block_128
+#else
+ BEQ.W L_AES_GCM_encrypt_start_block_128
+#endif
+ CMP r12, #0xc
+#ifdef __GNUC__
+ BEQ L_AES_GCM_encrypt_start_block_192
+#else
+ BEQ.W L_AES_GCM_encrypt_start_block_192
+#endif
+L_AES_GCM_encrypt_loop_block_256:
+ PUSH {r1, r2, lr}
+ LDR lr, [sp, #16]
+ ADD r7, r7, #0x1
+ LDM r3!, {r8, r9, r10, r11}
+ STR r7, [lr, #12]
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x6
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDR r8, [sp, #4]
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ LDM r8, {r4, r5, r6, r7}
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_GCM_encrypt_loop_block_256
+#else
+ BNE.W L_AES_GCM_encrypt_loop_block_256
+#endif
+#ifdef __GNUC__
+ B L_AES_GCM_encrypt_end
+#else
+ B.W L_AES_GCM_encrypt_end
+#endif
+L_AES_GCM_encrypt_start_block_192:
+L_AES_GCM_encrypt_loop_block_192:
+ PUSH {r1, r2, lr}
+ LDR lr, [sp, #16]
+ ADD r7, r7, #0x1
+ LDM r3!, {r8, r9, r10, r11}
+ STR r7, [lr, #12]
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x5
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDR r8, [sp, #4]
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ LDM r8, {r4, r5, r6, r7}
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_GCM_encrypt_loop_block_192
+#else
+ BNE.W L_AES_GCM_encrypt_loop_block_192
+#endif
+#ifdef __GNUC__
+ B L_AES_GCM_encrypt_end
+#else
+ B.W L_AES_GCM_encrypt_end
+#endif
+L_AES_GCM_encrypt_start_block_128:
+L_AES_GCM_encrypt_loop_block_128:
+ PUSH {r1, r2, lr}
+ LDR lr, [sp, #16]
+ ADD r7, r7, #0x1
+ LDM r3!, {r8, r9, r10, r11}
+ STR r7, [lr, #12]
+ /* Round: 0 - XOR in key schedule */
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ MOV r1, #0x4
+ BL AES_encrypt_block
+ POP {r1, r2, lr}
+ LDR r3, [sp]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ LDR r8, [lr]
+ LDR r9, [lr, #4]
+ LDR r10, [lr, #8]
+ LDR r11, [lr, #12]
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDR r8, [sp, #4]
+ STR r4, [r1]
+ STR r5, [r1, #4]
+ STR r6, [r1, #8]
+ STR r7, [r1, #12]
+ LDM r8, {r4, r5, r6, r7}
+ SUBS r2, r2, #0x10
+ ADD lr, lr, #0x10
+ ADD r1, r1, #0x10
+#ifdef __GNUC__
+ BNE L_AES_GCM_encrypt_loop_block_128
+#else
+ BNE.W L_AES_GCM_encrypt_loop_block_128
+#endif
+L_AES_GCM_encrypt_end:
+ POP {r3, r8}
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ STM r8, {r4, r5, r6, r7}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 275 */
+ .size AES_GCM_encrypt,.-AES_GCM_encrypt
+#endif /* HAVE_AESGCM */
+#endif /* !NO_AES */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
new file mode 100644
index 00000000..54531316
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
@@ -0,0 +1,3014 @@
+/* thumb2-aes-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./aes/aes.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
+#ifndef NO_AES
+#include <wolfssl/wolfcrypt/aes.h>
+
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t L_AES_Thumb2_td_data[] = {
+ 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e,
+ 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303,
+ 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
+ 0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3,
+ 0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0,
+ 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
+ 0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259,
+ 0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8,
+ 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
+ 0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a,
+ 0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f,
+ 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
+ 0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8,
+ 0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab,
+ 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
+ 0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682,
+ 0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2,
+ 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
+ 0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb,
+ 0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10,
+ 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
+ 0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015,
+ 0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e,
+ 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
+ 0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000,
+ 0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72,
+ 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
+ 0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e,
+ 0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91,
+ 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
+ 0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17,
+ 0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9,
+ 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
+ 0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e,
+ 0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1,
+ 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
+ 0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1,
+ 0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3,
+ 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
+ 0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390,
+ 0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b,
+ 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
+ 0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46,
+ 0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af,
+ 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
+ 0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb,
+ 0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a,
+ 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
+ 0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c,
+ 0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266,
+ 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
+ 0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6,
+ 0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604,
+ 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
+ 0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41,
+ 0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647,
+ 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
+ 0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1,
+ 0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737,
+ 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
+ 0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340,
+ 0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95,
+ 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
+ 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857,
+};
+
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t L_AES_Thumb2_te_data[] = {
+ 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b,
+ 0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5,
+ 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
+ 0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676,
+ 0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d,
+ 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
+ 0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf,
+ 0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0,
+ 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
+ 0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc,
+ 0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1,
+ 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
+ 0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3,
+ 0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a,
+ 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
+ 0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575,
+ 0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a,
+ 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
+ 0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3,
+ 0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484,
+ 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
+ 0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b,
+ 0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939,
+ 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
+ 0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb,
+ 0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585,
+ 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
+ 0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8,
+ 0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f,
+ 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
+ 0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121,
+ 0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2,
+ 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
+ 0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717,
+ 0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d,
+ 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
+ 0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc,
+ 0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888,
+ 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
+ 0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb,
+ 0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a,
+ 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
+ 0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262,
+ 0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979,
+ 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
+ 0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9,
+ 0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea,
+ 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
+ 0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e,
+ 0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6,
+ 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
+ 0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a,
+ 0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666,
+ 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
+ 0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9,
+ 0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e,
+ 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
+ 0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494,
+ 0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9,
+ 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
+ 0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d,
+ 0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868,
+ 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
+ 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616,
+};
+
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t* L_AES_Thumb2_td = L_AES_Thumb2_td_data;
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_Thumb2_te = L_AES_Thumb2_te_data;
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+void AES_invert_key(unsigned char* ks, word32 rounds);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_invert_key(unsigned char* ks_p, word32 rounds_p)
+#else
+void AES_invert_key(unsigned char* ks, word32 rounds)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register unsigned char* ks __asm__ ("r0") = (unsigned char*)ks_p;
+ register word32 rounds __asm__ ("r1") = (word32)rounds_p;
+ register uint32_t* L_AES_Thumb2_te_c __asm__ ("r2") = (uint32_t*)L_AES_Thumb2_te;
+ register uint32_t* L_AES_Thumb2_td_c __asm__ ("r3") = (uint32_t*)L_AES_Thumb2_td;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r12, %[L_AES_Thumb2_te]\n\t"
+ "MOV lr, %[L_AES_Thumb2_td]\n\t"
+ "ADD r10, %[ks], %[rounds], LSL #4\n\t"
+ "MOV r11, %[rounds]\n\t"
+ "\n"
+ "L_AES_invert_key_loop:\n\t"
+ "LDM %[ks], {r2, r3, r4, r5}\n\t"
+ "LDM r10, {r6, r7, r8, r9}\n\t"
+ "STM r10, {r2, r3, r4, r5}\n\t"
+ "STM %[ks]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r11, r11, #0x2\n\t"
+ "SUB r10, r10, #0x10\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_AES_invert_key_loop\n\t"
+#else
+ "BNE.N L_AES_invert_key_loop\n\t"
+#endif
+ "SUB %[ks], %[ks], %[rounds], LSL #3\n\t"
+ "ADD %[ks], %[ks], #0x10\n\t"
+ "SUB r11, %[rounds], #0x1\n\t"
+ "\n"
+ "L_AES_invert_key_mix_loop:\n\t"
+ "LDM %[ks], {r2, r3, r4, r5}\n\t"
+ "UBFX r6, r2, #0, #8\n\t"
+ "UBFX r7, r2, #8, #8\n\t"
+ "UBFX r8, r2, #16, #8\n\t"
+ "LSR r9, r2, #24\n\t"
+ "LDRB r6, [r12, r6, LSL #2]\n\t"
+ "LDRB r7, [r12, r7, LSL #2]\n\t"
+ "LDRB r8, [r12, r8, LSL #2]\n\t"
+ "LDRB r9, [r12, r9, LSL #2]\n\t"
+ "LDR r6, [lr, r6, LSL #2]\n\t"
+ "LDR r7, [lr, r7, LSL #2]\n\t"
+ "LDR r8, [lr, r8, LSL #2]\n\t"
+ "LDR r9, [lr, r9, LSL #2]\n\t"
+ "EOR r8, r8, r6, ROR #16\n\t"
+ "EOR r8, r8, r7, ROR #8\n\t"
+ "EOR r8, r8, r9, ROR #24\n\t"
+ "STR r8, [%[ks]], #4\n\t"
+ "UBFX r6, r3, #0, #8\n\t"
+ "UBFX r7, r3, #8, #8\n\t"
+ "UBFX r8, r3, #16, #8\n\t"
+ "LSR r9, r3, #24\n\t"
+ "LDRB r6, [r12, r6, LSL #2]\n\t"
+ "LDRB r7, [r12, r7, LSL #2]\n\t"
+ "LDRB r8, [r12, r8, LSL #2]\n\t"
+ "LDRB r9, [r12, r9, LSL #2]\n\t"
+ "LDR r6, [lr, r6, LSL #2]\n\t"
+ "LDR r7, [lr, r7, LSL #2]\n\t"
+ "LDR r8, [lr, r8, LSL #2]\n\t"
+ "LDR r9, [lr, r9, LSL #2]\n\t"
+ "EOR r8, r8, r6, ROR #16\n\t"
+ "EOR r8, r8, r7, ROR #8\n\t"
+ "EOR r8, r8, r9, ROR #24\n\t"
+ "STR r8, [%[ks]], #4\n\t"
+ "UBFX r6, r4, #0, #8\n\t"
+ "UBFX r7, r4, #8, #8\n\t"
+ "UBFX r8, r4, #16, #8\n\t"
+ "LSR r9, r4, #24\n\t"
+ "LDRB r6, [r12, r6, LSL #2]\n\t"
+ "LDRB r7, [r12, r7, LSL #2]\n\t"
+ "LDRB r8, [r12, r8, LSL #2]\n\t"
+ "LDRB r9, [r12, r9, LSL #2]\n\t"
+ "LDR r6, [lr, r6, LSL #2]\n\t"
+ "LDR r7, [lr, r7, LSL #2]\n\t"
+ "LDR r8, [lr, r8, LSL #2]\n\t"
+ "LDR r9, [lr, r9, LSL #2]\n\t"
+ "EOR r8, r8, r6, ROR #16\n\t"
+ "EOR r8, r8, r7, ROR #8\n\t"
+ "EOR r8, r8, r9, ROR #24\n\t"
+ "STR r8, [%[ks]], #4\n\t"
+ "UBFX r6, r5, #0, #8\n\t"
+ "UBFX r7, r5, #8, #8\n\t"
+ "UBFX r8, r5, #16, #8\n\t"
+ "LSR r9, r5, #24\n\t"
+ "LDRB r6, [r12, r6, LSL #2]\n\t"
+ "LDRB r7, [r12, r7, LSL #2]\n\t"
+ "LDRB r8, [r12, r8, LSL #2]\n\t"
+ "LDRB r9, [r12, r9, LSL #2]\n\t"
+ "LDR r6, [lr, r6, LSL #2]\n\t"
+ "LDR r7, [lr, r7, LSL #2]\n\t"
+ "LDR r8, [lr, r8, LSL #2]\n\t"
+ "LDR r9, [lr, r9, LSL #2]\n\t"
+ "EOR r8, r8, r6, ROR #16\n\t"
+ "EOR r8, r8, r7, ROR #8\n\t"
+ "EOR r8, r8, r9, ROR #24\n\t"
+ "STR r8, [%[ks]], #4\n\t"
+ "SUBS r11, r11, #0x1\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_invert_key_mix_loop\n\t"
+#else
+ "BNE.W L_AES_invert_key_mix_loop\n\t"
+#endif
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [ks] "+r" (ks), [rounds] "+r" (rounds),
+ [L_AES_Thumb2_te] "+r" (L_AES_Thumb2_te_c), [L_AES_Thumb2_td] "+r" (L_AES_Thumb2_td_c)
+ :
+#else
+ : [ks] "+r" (ks), [rounds] "+r" (rounds)
+ : [L_AES_Thumb2_te] "r" (L_AES_Thumb2_te), [L_AES_Thumb2_td] "r" (L_AES_Thumb2_td)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AES_DECRYPT */
+static const uint32_t L_AES_Thumb2_rcon[] = {
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000,
+ 0x10000000, 0x20000000, 0x40000000, 0x80000000,
+ 0x1b000000, 0x36000000
+};
+
+void AES_set_encrypt_key(const unsigned char* key, word32 len,
+ unsigned char* ks);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_set_encrypt_key(const unsigned char* key_p, word32 len_p, unsigned char* ks_p)
+#else
+void AES_set_encrypt_key(const unsigned char* key, word32 len, unsigned char* ks)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* key __asm__ ("r0") = (const unsigned char*)key_p;
+ register word32 len __asm__ ("r1") = (word32)len_p;
+ register unsigned char* ks __asm__ ("r2") = (unsigned char*)ks_p;
+ register uint32_t* L_AES_Thumb2_te_c __asm__ ("r3") = (uint32_t*)L_AES_Thumb2_te;
+ register uint32_t* L_AES_Thumb2_rcon_c __asm__ ("r4") = (uint32_t*)&L_AES_Thumb2_rcon;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r10, %[L_AES_Thumb2_te]\n\t"
+ "MOV lr, %[L_AES_Thumb2_rcon]\n\t"
+ "CMP %[len], #0x80\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_set_encrypt_key_start_128\n\t"
+#else
+ "BEQ.W L_AES_set_encrypt_key_start_128\n\t"
+#endif
+ "CMP %[len], #0xc0\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_set_encrypt_key_start_192\n\t"
+#else
+ "BEQ.W L_AES_set_encrypt_key_start_192\n\t"
+#endif
+ "LDRD r4, r5, [%[key]]\n\t"
+ "LDRD r6, r7, [%[key], #8]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "LDRD r4, r5, [%[key], #16]\n\t"
+ "LDRD r6, r7, [%[key], #24]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "SUB %[ks], %[ks], #0x10\n\t"
+ "MOV r12, #0x6\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_loop_256:\n\t"
+ "UBFX r4, r7, #0, #8\n\t"
+ "UBFX r5, r7, #8, #8\n\t"
+ "UBFX r6, r7, #16, #8\n\t"
+ "LSR r7, r7, #24\n\t"
+ "LDRB r4, [r10, r4, LSL #2]\n\t"
+ "LDRB r5, [r10, r5, LSL #2]\n\t"
+ "LDRB r6, [r10, r6, LSL #2]\n\t"
+ "LDRB r7, [r10, r7, LSL #2]\n\t"
+ "EOR r3, r7, r4, LSL #8\n\t"
+ "EOR r3, r3, r5, LSL #16\n\t"
+ "EOR r3, r3, r6, LSL #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "LDM lr!, {r3}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r5, r5, r4\n\t"
+ "EOR r6, r6, r5\n\t"
+ "EOR r7, r7, r6\n\t"
+ "ADD %[ks], %[ks], #0x10\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "SUB %[ks], %[ks], #0x10\n\t"
+ "MOV r3, r7\n\t"
+ "UBFX r4, r3, #8, #8\n\t"
+ "UBFX r5, r3, #16, #8\n\t"
+ "LSR r6, r3, #24\n\t"
+ "UBFX r3, r3, #0, #8\n\t"
+ "LDRB r4, [r10, r4, LSL #2]\n\t"
+ "LDRB r6, [r10, r6, LSL #2]\n\t"
+ "LDRB r5, [r10, r5, LSL #2]\n\t"
+ "LDRB r3, [r10, r3, LSL #2]\n\t"
+ "EOR r3, r3, r4, LSL #8\n\t"
+ "EOR r3, r3, r5, LSL #16\n\t"
+ "EOR r3, r3, r6, LSL #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r5, r5, r4\n\t"
+ "EOR r6, r6, r5\n\t"
+ "EOR r7, r7, r6\n\t"
+ "ADD %[ks], %[ks], #0x10\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "SUB %[ks], %[ks], #0x10\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_AES_set_encrypt_key_loop_256\n\t"
+#else
+ "BNE.N L_AES_set_encrypt_key_loop_256\n\t"
+#endif
+ "UBFX r4, r7, #0, #8\n\t"
+ "UBFX r5, r7, #8, #8\n\t"
+ "UBFX r6, r7, #16, #8\n\t"
+ "LSR r7, r7, #24\n\t"
+ "LDRB r4, [r10, r4, LSL #2]\n\t"
+ "LDRB r5, [r10, r5, LSL #2]\n\t"
+ "LDRB r6, [r10, r6, LSL #2]\n\t"
+ "LDRB r7, [r10, r7, LSL #2]\n\t"
+ "EOR r3, r7, r4, LSL #8\n\t"
+ "EOR r3, r3, r5, LSL #16\n\t"
+ "EOR r3, r3, r6, LSL #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "LDM lr!, {r3}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r5, r5, r4\n\t"
+ "EOR r6, r6, r5\n\t"
+ "EOR r7, r7, r6\n\t"
+ "ADD %[ks], %[ks], #0x10\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "SUB %[ks], %[ks], #0x10\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_set_encrypt_key_end\n\t"
+#else
+ "B.N L_AES_set_encrypt_key_end\n\t"
+#endif
+ "\n"
+ "L_AES_set_encrypt_key_start_192:\n\t"
+ "LDRD r4, r5, [%[key]]\n\t"
+ "LDRD r6, r7, [%[key], #8]\n\t"
+ "LDRD r8, r9, [%[key], #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "STRD r8, r9, [%[ks], #16]\n\t"
+ "MOV r7, r9\n\t"
+ "MOV r12, #0x7\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_loop_192:\n\t"
+ "UBFX r4, r9, #0, #8\n\t"
+ "UBFX r5, r9, #8, #8\n\t"
+ "UBFX r6, r9, #16, #8\n\t"
+ "LSR r9, r9, #24\n\t"
+ "LDRB r4, [r10, r4, LSL #2]\n\t"
+ "LDRB r5, [r10, r5, LSL #2]\n\t"
+ "LDRB r6, [r10, r6, LSL #2]\n\t"
+ "LDRB r9, [r10, r9, LSL #2]\n\t"
+ "EOR r3, r9, r4, LSL #8\n\t"
+ "EOR r3, r3, r5, LSL #16\n\t"
+ "EOR r3, r3, r6, LSL #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7, r8, r9}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "LDM lr!, {r3}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r5, r5, r4\n\t"
+ "EOR r6, r6, r5\n\t"
+ "EOR r7, r7, r6\n\t"
+ "EOR r8, r8, r7\n\t"
+ "EOR r9, r9, r8\n\t"
+ "STM %[ks], {r4, r5, r6, r7, r8, r9}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_AES_set_encrypt_key_loop_192\n\t"
+#else
+ "BNE.N L_AES_set_encrypt_key_loop_192\n\t"
+#endif
+ "UBFX r4, r9, #0, #8\n\t"
+ "UBFX r5, r9, #8, #8\n\t"
+ "UBFX r6, r9, #16, #8\n\t"
+ "LSR r9, r9, #24\n\t"
+ "LDRB r4, [r10, r4, LSL #2]\n\t"
+ "LDRB r5, [r10, r5, LSL #2]\n\t"
+ "LDRB r6, [r10, r6, LSL #2]\n\t"
+ "LDRB r9, [r10, r9, LSL #2]\n\t"
+ "EOR r3, r9, r4, LSL #8\n\t"
+ "EOR r3, r3, r5, LSL #16\n\t"
+ "EOR r3, r3, r6, LSL #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7, r8, r9}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "LDM lr!, {r3}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r5, r5, r4\n\t"
+ "EOR r6, r6, r5\n\t"
+ "EOR r7, r7, r6\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_set_encrypt_key_end\n\t"
+#else
+ "B.N L_AES_set_encrypt_key_end\n\t"
+#endif
+ "\n"
+ "L_AES_set_encrypt_key_start_128:\n\t"
+ "LDRD r4, r5, [%[key]]\n\t"
+ "LDRD r6, r7, [%[key], #8]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "MOV r12, #0xa\n\t"
+ "\n"
+ "L_AES_set_encrypt_key_loop_128:\n\t"
+ "UBFX r4, r7, #0, #8\n\t"
+ "UBFX r5, r7, #8, #8\n\t"
+ "UBFX r6, r7, #16, #8\n\t"
+ "LSR r7, r7, #24\n\t"
+ "LDRB r4, [r10, r4, LSL #2]\n\t"
+ "LDRB r5, [r10, r5, LSL #2]\n\t"
+ "LDRB r6, [r10, r6, LSL #2]\n\t"
+ "LDRB r7, [r10, r7, LSL #2]\n\t"
+ "EOR r3, r7, r4, LSL #8\n\t"
+ "EOR r3, r3, r5, LSL #16\n\t"
+ "EOR r3, r3, r6, LSL #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "LDM lr!, {r3}\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r5, r5, r4\n\t"
+ "EOR r6, r6, r5\n\t"
+ "EOR r7, r7, r6\n\t"
+ "STM %[ks], {r4, r5, r6, r7}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_AES_set_encrypt_key_loop_128\n\t"
+#else
+ "BNE.N L_AES_set_encrypt_key_loop_128\n\t"
+#endif
+ "\n"
+ "L_AES_set_encrypt_key_end:\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [key] "+r" (key), [len] "+r" (len), [ks] "+r" (ks),
+ [L_AES_Thumb2_te] "+r" (L_AES_Thumb2_te_c), [L_AES_Thumb2_rcon] "+r" (L_AES_Thumb2_rcon_c)
+ :
+#else
+ : [key] "+r" (key), [len] "+r" (len), [ks] "+r" (ks)
+ : [L_AES_Thumb2_te] "r" (L_AES_Thumb2_te), [L_AES_Thumb2_rcon] "r" (L_AES_Thumb2_rcon)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+}
+
+void AES_encrypt_block(const uint32_t* te, int nr, int len, const uint32_t* ks);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_encrypt_block(const uint32_t* te_p, int nr_p, int len_p, const uint32_t* ks_p)
+#else
+void AES_encrypt_block(const uint32_t* te, int nr, int len, const uint32_t* ks)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const uint32_t* te __asm__ ("r0") = (const uint32_t*)te_p;
+ register int nr __asm__ ("r1") = (int)nr_p;
+ register int len __asm__ ("r2") = (int)len_p;
+ register const uint32_t* ks __asm__ ("r3") = (const uint32_t*)ks_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "\n"
+ "L_AES_encrypt_block_nr:\n\t"
+ "UBFX r8, r5, #16, #8\n\t"
+ "LSR r11, r4, #24\n\t"
+ "UBFX lr, r6, #8, #8\n\t"
+ "UBFX r2, r7, #0, #8\n\t"
+ "LDR r8, [%[te], r8, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r9, r6, #16, #8\n\t"
+ "EOR r8, r8, r11, ROR #24\n\t"
+ "LSR r11, r5, #24\n\t"
+ "EOR r8, r8, lr, ROR #8\n\t"
+ "UBFX lr, r7, #8, #8\n\t"
+ "EOR r8, r8, r2, ROR #16\n\t"
+ "UBFX r2, r4, #0, #8\n\t"
+ "LDR r9, [%[te], r9, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r10, r7, #16, #8\n\t"
+ "EOR r9, r9, r11, ROR #24\n\t"
+ "LSR r11, r6, #24\n\t"
+ "EOR r9, r9, lr, ROR #8\n\t"
+ "UBFX lr, r4, #8, #8\n\t"
+ "EOR r9, r9, r2, ROR #16\n\t"
+ "UBFX r2, r5, #0, #8\n\t"
+ "LDR r10, [%[te], r10, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r6, r6, #0, #8\n\t"
+ "EOR r10, r10, r11, ROR #24\n\t"
+ "UBFX r11, r4, #16, #8\n\t"
+ "EOR r10, r10, lr, ROR #8\n\t"
+ "LSR lr, r7, #24\n\t"
+ "EOR r10, r10, r2, ROR #16\n\t"
+ "UBFX r2, r5, #8, #8\n\t"
+ "LDR r6, [%[te], r6, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "EOR lr, lr, r6, ROR #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "EOR r11, r11, lr, ROR #24\n\t"
+ "EOR r11, r11, r2, ROR #8\n\t"
+ /* XOR in Key Schedule */
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "UBFX r4, r9, #16, #8\n\t"
+ "LSR r7, r8, #24\n\t"
+ "UBFX lr, r10, #8, #8\n\t"
+ "UBFX r2, r11, #0, #8\n\t"
+ "LDR r4, [%[te], r4, LSL #2]\n\t"
+ "LDR r7, [%[te], r7, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r5, r10, #16, #8\n\t"
+ "EOR r4, r4, r7, ROR #24\n\t"
+ "LSR r7, r9, #24\n\t"
+ "EOR r4, r4, lr, ROR #8\n\t"
+ "UBFX lr, r11, #8, #8\n\t"
+ "EOR r4, r4, r2, ROR #16\n\t"
+ "UBFX r2, r8, #0, #8\n\t"
+ "LDR r5, [%[te], r5, LSL #2]\n\t"
+ "LDR r7, [%[te], r7, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r6, r11, #16, #8\n\t"
+ "EOR r5, r5, r7, ROR #24\n\t"
+ "LSR r7, r10, #24\n\t"
+ "EOR r5, r5, lr, ROR #8\n\t"
+ "UBFX lr, r8, #8, #8\n\t"
+ "EOR r5, r5, r2, ROR #16\n\t"
+ "UBFX r2, r9, #0, #8\n\t"
+ "LDR r6, [%[te], r6, LSL #2]\n\t"
+ "LDR r7, [%[te], r7, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r10, r10, #0, #8\n\t"
+ "EOR r6, r6, r7, ROR #24\n\t"
+ "UBFX r7, r8, #16, #8\n\t"
+ "EOR r6, r6, lr, ROR #8\n\t"
+ "LSR lr, r11, #24\n\t"
+ "EOR r6, r6, r2, ROR #16\n\t"
+ "UBFX r2, r9, #8, #8\n\t"
+ "LDR r10, [%[te], r10, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r7, [%[te], r7, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "EOR lr, lr, r10, ROR #24\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "EOR r7, r7, lr, ROR #24\n\t"
+ "EOR r7, r7, r2, ROR #8\n\t"
+ /* XOR in Key Schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "SUBS %[nr], %[nr], #0x1\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_encrypt_block_nr\n\t"
+#else
+ "BNE.W L_AES_encrypt_block_nr\n\t"
+#endif
+ "UBFX r8, r5, #16, #8\n\t"
+ "LSR r11, r4, #24\n\t"
+ "UBFX lr, r6, #8, #8\n\t"
+ "UBFX r2, r7, #0, #8\n\t"
+ "LDR r8, [%[te], r8, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r9, r6, #16, #8\n\t"
+ "EOR r8, r8, r11, ROR #24\n\t"
+ "LSR r11, r5, #24\n\t"
+ "EOR r8, r8, lr, ROR #8\n\t"
+ "UBFX lr, r7, #8, #8\n\t"
+ "EOR r8, r8, r2, ROR #16\n\t"
+ "UBFX r2, r4, #0, #8\n\t"
+ "LDR r9, [%[te], r9, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r10, r7, #16, #8\n\t"
+ "EOR r9, r9, r11, ROR #24\n\t"
+ "LSR r11, r6, #24\n\t"
+ "EOR r9, r9, lr, ROR #8\n\t"
+ "UBFX lr, r4, #8, #8\n\t"
+ "EOR r9, r9, r2, ROR #16\n\t"
+ "UBFX r2, r5, #0, #8\n\t"
+ "LDR r10, [%[te], r10, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r6, r6, #0, #8\n\t"
+ "EOR r10, r10, r11, ROR #24\n\t"
+ "UBFX r11, r4, #16, #8\n\t"
+ "EOR r10, r10, lr, ROR #8\n\t"
+ "LSR lr, r7, #24\n\t"
+ "EOR r10, r10, r2, ROR #16\n\t"
+ "UBFX r2, r5, #8, #8\n\t"
+ "LDR r6, [%[te], r6, LSL #2]\n\t"
+ "LDR lr, [%[te], lr, LSL #2]\n\t"
+ "LDR r11, [%[te], r11, LSL #2]\n\t"
+ "LDR r2, [%[te], r2, LSL #2]\n\t"
+ "EOR lr, lr, r6, ROR #24\n\t"
+ "LDM %[ks]!, {r4, r5, r6, r7}\n\t"
+ "EOR r11, r11, lr, ROR #24\n\t"
+ "EOR r11, r11, r2, ROR #8\n\t"
+ /* XOR in Key Schedule */
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "UBFX r4, r11, #0, #8\n\t"
+ "UBFX r7, r10, #8, #8\n\t"
+ "UBFX lr, r9, #16, #8\n\t"
+ "LSR r2, r8, #24\n\t"
+ "LDRB r4, [%[te], r4, LSL #2]\n\t"
+ "LDRB r7, [%[te], r7, LSL #2]\n\t"
+ "LDRB lr, [%[te], lr, LSL #2]\n\t"
+ "LDRB r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r5, r8, #0, #8\n\t"
+ "EOR r4, r4, r7, LSL #8\n\t"
+ "UBFX r7, r11, #8, #8\n\t"
+ "EOR r4, r4, lr, LSL #16\n\t"
+ "UBFX lr, r10, #16, #8\n\t"
+ "EOR r4, r4, r2, LSL #24\n\t"
+ "LSR r2, r9, #24\n\t"
+ "LDRB r5, [%[te], r5, LSL #2]\n\t"
+ "LDRB r7, [%[te], r7, LSL #2]\n\t"
+ "LDRB lr, [%[te], lr, LSL #2]\n\t"
+ "LDRB r2, [%[te], r2, LSL #2]\n\t"
+ "UBFX r6, r9, #0, #8\n\t"
+ "EOR r5, r5, r7, LSL #8\n\t"
+ "UBFX r7, r8, #8, #8\n\t"
+ "EOR r5, r5, lr, LSL #16\n\t"
+ "UBFX lr, r11, #16, #8\n\t"
+ "EOR r5, r5, r2, LSL #24\n\t"
+ "LSR r2, r10, #24\n\t"
+ "LDRB r6, [%[te], r6, LSL #2]\n\t"
+ "LDRB r7, [%[te], r7, LSL #2]\n\t"
+ "LDRB lr, [%[te], lr, LSL #2]\n\t"
+ "LDRB r2, [%[te], r2, LSL #2]\n\t"
+ "LSR r11, r11, #24\n\t"
+ "EOR r6, r6, r7, LSL #8\n\t"
+ "UBFX r7, r10, #0, #8\n\t"
+ "EOR r6, r6, lr, LSL #16\n\t"
+ "UBFX lr, r9, #8, #8\n\t"
+ "EOR r6, r6, r2, LSL #24\n\t"
+ "UBFX r2, r8, #16, #8\n\t"
+ "LDRB r11, [%[te], r11, LSL #2]\n\t"
+ "LDRB r7, [%[te], r7, LSL #2]\n\t"
+ "LDRB lr, [%[te], lr, LSL #2]\n\t"
+ "LDRB r2, [%[te], r2, LSL #2]\n\t"
+ "EOR lr, lr, r11, LSL #16\n\t"
+ "LDM %[ks], {r8, r9, r10, r11}\n\t"
+ "EOR r7, r7, lr, LSL #8\n\t"
+ "EOR r7, r7, r2, LSL #16\n\t"
+ /* XOR in Key Schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ : [te] "+r" (te), [nr] "+r" (nr), [len] "+r" (len), [ks] "+r" (ks)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_Thumb2_te_ecb = L_AES_Thumb2_te_data;
+#endif /* HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
+ unsigned long len, const unsigned char* ks, int nr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_ECB_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+#else
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+ register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+ register int nr __asm__ ("r4") = (int)nr_p;
+ register uint32_t* L_AES_Thumb2_te_ecb_c __asm__ ("r5") = (uint32_t*)L_AES_Thumb2_te_ecb;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV lr, %[in]\n\t"
+ "MOV r0, %[L_AES_Thumb2_te_ecb]\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r12, r4\n\t"
+#else
+ "LDR r12, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ "PUSH {%[ks]}\n\t"
+ "CMP r12, #0xa\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_ECB_encrypt_start_block_128\n\t"
+#else
+ "BEQ.W L_AES_ECB_encrypt_start_block_128\n\t"
+#endif
+ "CMP r12, #0xc\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_ECB_encrypt_start_block_192\n\t"
+#else
+ "BEQ.W L_AES_ECB_encrypt_start_block_192\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_encrypt_loop_block_256:\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_ECB_encrypt_loop_block_256\n\t"
+#else
+ "BNE.W L_AES_ECB_encrypt_loop_block_256\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_ECB_encrypt_end\n\t"
+#else
+ "B.N L_AES_ECB_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_encrypt_start_block_192:\n\t"
+ "\n"
+ "L_AES_ECB_encrypt_loop_block_192:\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_ECB_encrypt_loop_block_192\n\t"
+#else
+ "BNE.W L_AES_ECB_encrypt_loop_block_192\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_ECB_encrypt_end\n\t"
+#else
+ "B.N L_AES_ECB_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_encrypt_start_block_128:\n\t"
+ "\n"
+ "L_AES_ECB_encrypt_loop_block_128:\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_ECB_encrypt_loop_block_128\n\t"
+#else
+ "BNE.W L_AES_ECB_encrypt_loop_block_128\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_encrypt_end:\n\t"
+ "POP {%[ks]}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr),
+ [L_AES_Thumb2_te_ecb] "+r" (L_AES_Thumb2_te_ecb_c)
+ :
+#else
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr)
+ : [L_AES_Thumb2_te_ecb] "r" (L_AES_Thumb2_te_ecb)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
+ unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_CBC_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+#else
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+ register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+ register int nr __asm__ ("r4") = (int)nr_p;
+ register unsigned char* iv __asm__ ("r5") = (unsigned char*)iv_p;
+ register uint32_t* L_AES_Thumb2_te_ecb_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_te_ecb;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r8, r4\n\t"
+#else
+ "LDR r8, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r9, r5\n\t"
+#else
+ "LDR r9, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[in]\n\t"
+ "MOV r0, %[L_AES_Thumb2_te_ecb]\n\t"
+ "LDM r9, {r4, r5, r6, r7}\n\t"
+ "PUSH {%[ks], r9}\n\t"
+ "CMP r8, #0xa\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_encrypt_start_block_128\n\t"
+#else
+ "BEQ.W L_AES_CBC_encrypt_start_block_128\n\t"
+#endif
+ "CMP r8, #0xc\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_encrypt_start_block_192\n\t"
+#else
+ "BEQ.W L_AES_CBC_encrypt_start_block_192\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_encrypt_loop_block_256:\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CBC_encrypt_loop_block_256\n\t"
+#else
+ "BNE.W L_AES_CBC_encrypt_loop_block_256\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_CBC_encrypt_end\n\t"
+#else
+ "B.N L_AES_CBC_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_encrypt_start_block_192:\n\t"
+ "\n"
+ "L_AES_CBC_encrypt_loop_block_192:\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CBC_encrypt_loop_block_192\n\t"
+#else
+ "BNE.W L_AES_CBC_encrypt_loop_block_192\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_CBC_encrypt_end\n\t"
+#else
+ "B.N L_AES_CBC_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_encrypt_start_block_128:\n\t"
+ "\n"
+ "L_AES_CBC_encrypt_loop_block_128:\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CBC_encrypt_loop_block_128\n\t"
+#else
+ "BNE.W L_AES_CBC_encrypt_loop_block_128\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_encrypt_end:\n\t"
+ "POP {%[ks], r9}\n\t"
+ "STM r9, {r4, r5, r6, r7}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv),
+ [L_AES_Thumb2_te_ecb] "+r" (L_AES_Thumb2_te_ecb_c)
+ :
+#else
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv)
+ : [L_AES_Thumb2_te_ecb] "r" (L_AES_Thumb2_te_ecb)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AES_CBC */
+#ifdef WOLFSSL_AES_COUNTER
+void AES_CTR_encrypt(const unsigned char* in, unsigned char* out,
+ unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+#else
+void AES_CTR_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+ register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+ register int nr __asm__ ("r4") = (int)nr_p;
+ register unsigned char* ctr __asm__ ("r5") = (unsigned char*)ctr_p;
+ register uint32_t* L_AES_Thumb2_te_ecb_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_te_ecb;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r12, r4\n\t"
+#else
+ "LDR r12, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r8, r5\n\t"
+#else
+ "LDR r8, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[in]\n\t"
+ "MOV r0, %[L_AES_Thumb2_te_ecb]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM r8, {r4, r5, r6, r7}\n\t"
+ "PUSH {%[ks], r8}\n\t"
+ "CMP r12, #0xa\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CTR_encrypt_start_block_128\n\t"
+#else
+ "BEQ.W L_AES_CTR_encrypt_start_block_128\n\t"
+#endif
+ "CMP r12, #0xc\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CTR_encrypt_start_block_192\n\t"
+#else
+ "BEQ.W L_AES_CTR_encrypt_start_block_192\n\t"
+#endif
+ "\n"
+ "L_AES_CTR_encrypt_loop_block_256:\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "ADDS r11, r7, #0x1\n\t"
+ "ADCS r10, r6, #0x0\n\t"
+ "ADCS r9, r5, #0x0\n\t"
+ "ADC r8, r4, #0x0\n\t"
+ "STM lr, {r8, r9, r10, r11}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CTR_encrypt_loop_block_256\n\t"
+#else
+ "BNE.W L_AES_CTR_encrypt_loop_block_256\n\t"
+#endif
+#ifdef __GNUC__
+ "B L_AES_CTR_encrypt_end\n\t"
+#else
+ "B.W L_AES_CTR_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CTR_encrypt_start_block_192:\n\t"
+ "\n"
+ "L_AES_CTR_encrypt_loop_block_192:\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "ADDS r11, r7, #0x1\n\t"
+ "ADCS r10, r6, #0x0\n\t"
+ "ADCS r9, r5, #0x0\n\t"
+ "ADC r8, r4, #0x0\n\t"
+ "STM lr, {r8, r9, r10, r11}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CTR_encrypt_loop_block_192\n\t"
+#else
+ "BNE.W L_AES_CTR_encrypt_loop_block_192\n\t"
+#endif
+#ifdef __GNUC__
+ "B L_AES_CTR_encrypt_end\n\t"
+#else
+ "B.W L_AES_CTR_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CTR_encrypt_start_block_128:\n\t"
+ "\n"
+ "L_AES_CTR_encrypt_loop_block_128:\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "ADDS r11, r7, #0x1\n\t"
+ "ADCS r10, r6, #0x0\n\t"
+ "ADCS r9, r5, #0x0\n\t"
+ "ADC r8, r4, #0x0\n\t"
+ "STM lr, {r8, r9, r10, r11}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CTR_encrypt_loop_block_128\n\t"
+#else
+ "BNE.W L_AES_CTR_encrypt_loop_block_128\n\t"
+#endif
+ "\n"
+ "L_AES_CTR_encrypt_end:\n\t"
+ "POP {%[ks], r8}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM r8, {r4, r5, r6, r7}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr),
+ [L_AES_Thumb2_te_ecb] "+r" (L_AES_Thumb2_te_ecb_c)
+ :
+#else
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr)
+ : [L_AES_Thumb2_te_ecb] "r" (L_AES_Thumb2_te_ecb)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
+void AES_decrypt_block(const uint32_t* td, int nr, const uint8_t* td4);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_decrypt_block(const uint32_t* td_p, int nr_p, const uint8_t* td4_p)
+#else
+void AES_decrypt_block(const uint32_t* td, int nr, const uint8_t* td4)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const uint32_t* td __asm__ ("r0") = (const uint32_t*)td_p;
+ register int nr __asm__ ("r1") = (int)nr_p;
+ register const uint8_t* td4 __asm__ ("r2") = (const uint8_t*)td4_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "\n"
+ "L_AES_decrypt_block_nr:\n\t"
+ "UBFX r8, r7, #16, #8\n\t"
+ "LSR r11, r4, #24\n\t"
+ "UBFX r12, r6, #8, #8\n\t"
+ "UBFX lr, r5, #0, #8\n\t"
+ "LDR r8, [%[td], r8, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r9, r4, #16, #8\n\t"
+ "EOR r8, r8, r11, ROR #24\n\t"
+ "LSR r11, r5, #24\n\t"
+ "EOR r8, r8, r12, ROR #8\n\t"
+ "UBFX r12, r7, #8, #8\n\t"
+ "EOR r8, r8, lr, ROR #16\n\t"
+ "UBFX lr, r6, #0, #8\n\t"
+ "LDR r9, [%[td], r9, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r10, r5, #16, #8\n\t"
+ "EOR r9, r9, r11, ROR #24\n\t"
+ "LSR r11, r6, #24\n\t"
+ "EOR r9, r9, r12, ROR #8\n\t"
+ "UBFX r12, r4, #8, #8\n\t"
+ "EOR r9, r9, lr, ROR #16\n\t"
+ "UBFX lr, r7, #0, #8\n\t"
+ "LDR r10, [%[td], r10, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r4, r4, #0, #8\n\t"
+ "EOR r10, r10, r11, ROR #24\n\t"
+ "UBFX r11, r6, #16, #8\n\t"
+ "EOR r10, r10, r12, ROR #8\n\t"
+ "LSR r12, r7, #24\n\t"
+ "EOR r10, r10, lr, ROR #16\n\t"
+ "UBFX lr, r5, #8, #8\n\t"
+ "LDR r4, [%[td], r4, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "EOR r12, r12, r4, ROR #24\n\t"
+ "LDM r3!, {r4, r5, r6, r7}\n\t"
+ "EOR r11, r11, lr, ROR #8\n\t"
+ "EOR r11, r11, r12, ROR #24\n\t"
+ /* XOR in Key Schedule */
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "UBFX r4, r11, #16, #8\n\t"
+ "LSR r7, r8, #24\n\t"
+ "UBFX r12, r10, #8, #8\n\t"
+ "UBFX lr, r9, #0, #8\n\t"
+ "LDR r4, [%[td], r4, LSL #2]\n\t"
+ "LDR r7, [%[td], r7, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r5, r8, #16, #8\n\t"
+ "EOR r4, r4, r7, ROR #24\n\t"
+ "LSR r7, r9, #24\n\t"
+ "EOR r4, r4, r12, ROR #8\n\t"
+ "UBFX r12, r11, #8, #8\n\t"
+ "EOR r4, r4, lr, ROR #16\n\t"
+ "UBFX lr, r10, #0, #8\n\t"
+ "LDR r5, [%[td], r5, LSL #2]\n\t"
+ "LDR r7, [%[td], r7, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r6, r9, #16, #8\n\t"
+ "EOR r5, r5, r7, ROR #24\n\t"
+ "LSR r7, r10, #24\n\t"
+ "EOR r5, r5, r12, ROR #8\n\t"
+ "UBFX r12, r8, #8, #8\n\t"
+ "EOR r5, r5, lr, ROR #16\n\t"
+ "UBFX lr, r11, #0, #8\n\t"
+ "LDR r6, [%[td], r6, LSL #2]\n\t"
+ "LDR r7, [%[td], r7, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r8, r8, #0, #8\n\t"
+ "EOR r6, r6, r7, ROR #24\n\t"
+ "UBFX r7, r10, #16, #8\n\t"
+ "EOR r6, r6, r12, ROR #8\n\t"
+ "LSR r12, r11, #24\n\t"
+ "EOR r6, r6, lr, ROR #16\n\t"
+ "UBFX lr, r9, #8, #8\n\t"
+ "LDR r8, [%[td], r8, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR r7, [%[td], r7, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "EOR r12, r12, r8, ROR #24\n\t"
+ "LDM r3!, {r8, r9, r10, r11}\n\t"
+ "EOR r7, r7, lr, ROR #8\n\t"
+ "EOR r7, r7, r12, ROR #24\n\t"
+ /* XOR in Key Schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "SUBS %[nr], %[nr], #0x1\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_decrypt_block_nr\n\t"
+#else
+ "BNE.W L_AES_decrypt_block_nr\n\t"
+#endif
+ "UBFX r8, r7, #16, #8\n\t"
+ "LSR r11, r4, #24\n\t"
+ "UBFX r12, r6, #8, #8\n\t"
+ "UBFX lr, r5, #0, #8\n\t"
+ "LDR r8, [%[td], r8, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r9, r4, #16, #8\n\t"
+ "EOR r8, r8, r11, ROR #24\n\t"
+ "LSR r11, r5, #24\n\t"
+ "EOR r8, r8, r12, ROR #8\n\t"
+ "UBFX r12, r7, #8, #8\n\t"
+ "EOR r8, r8, lr, ROR #16\n\t"
+ "UBFX lr, r6, #0, #8\n\t"
+ "LDR r9, [%[td], r9, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r10, r5, #16, #8\n\t"
+ "EOR r9, r9, r11, ROR #24\n\t"
+ "LSR r11, r6, #24\n\t"
+ "EOR r9, r9, r12, ROR #8\n\t"
+ "UBFX r12, r4, #8, #8\n\t"
+ "EOR r9, r9, lr, ROR #16\n\t"
+ "UBFX lr, r7, #0, #8\n\t"
+ "LDR r10, [%[td], r10, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "UBFX r4, r4, #0, #8\n\t"
+ "EOR r10, r10, r11, ROR #24\n\t"
+ "UBFX r11, r6, #16, #8\n\t"
+ "EOR r10, r10, r12, ROR #8\n\t"
+ "LSR r12, r7, #24\n\t"
+ "EOR r10, r10, lr, ROR #16\n\t"
+ "UBFX lr, r5, #8, #8\n\t"
+ "LDR r4, [%[td], r4, LSL #2]\n\t"
+ "LDR r12, [%[td], r12, LSL #2]\n\t"
+ "LDR r11, [%[td], r11, LSL #2]\n\t"
+ "LDR lr, [%[td], lr, LSL #2]\n\t"
+ "EOR r12, r12, r4, ROR #24\n\t"
+ "LDM r3!, {r4, r5, r6, r7}\n\t"
+ "EOR r11, r11, lr, ROR #8\n\t"
+ "EOR r11, r11, r12, ROR #24\n\t"
+ /* XOR in Key Schedule */
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "UBFX r4, r9, #0, #8\n\t"
+ "UBFX r7, r10, #8, #8\n\t"
+ "UBFX r12, r11, #16, #8\n\t"
+ "LSR lr, r8, #24\n\t"
+ "LDRB r4, [%[td4], r4]\n\t"
+ "LDRB r7, [%[td4], r7]\n\t"
+ "LDRB r12, [%[td4], r12]\n\t"
+ "LDRB lr, [%[td4], lr]\n\t"
+ "UBFX r5, r10, #0, #8\n\t"
+ "EOR r4, r4, r7, LSL #8\n\t"
+ "UBFX r7, r11, #8, #8\n\t"
+ "EOR r4, r4, r12, LSL #16\n\t"
+ "UBFX r12, r8, #16, #8\n\t"
+ "EOR r4, r4, lr, LSL #24\n\t"
+ "LSR lr, r9, #24\n\t"
+ "LDRB r7, [%[td4], r7]\n\t"
+ "LDRB lr, [%[td4], lr]\n\t"
+ "LDRB r5, [%[td4], r5]\n\t"
+ "LDRB r12, [%[td4], r12]\n\t"
+ "UBFX r6, r11, #0, #8\n\t"
+ "EOR r5, r5, r7, LSL #8\n\t"
+ "UBFX r7, r8, #8, #8\n\t"
+ "EOR r5, r5, r12, LSL #16\n\t"
+ "UBFX r12, r9, #16, #8\n\t"
+ "EOR r5, r5, lr, LSL #24\n\t"
+ "LSR lr, r10, #24\n\t"
+ "LDRB r7, [%[td4], r7]\n\t"
+ "LDRB lr, [%[td4], lr]\n\t"
+ "LDRB r6, [%[td4], r6]\n\t"
+ "LDRB r12, [%[td4], r12]\n\t"
+ "LSR r11, r11, #24\n\t"
+ "EOR r6, r6, r7, LSL #8\n\t"
+ "UBFX r7, r8, #0, #8\n\t"
+ "EOR r6, r6, r12, LSL #16\n\t"
+ "UBFX r12, r9, #8, #8\n\t"
+ "EOR r6, r6, lr, LSL #24\n\t"
+ "UBFX lr, r10, #16, #8\n\t"
+ "LDRB r11, [%[td4], r11]\n\t"
+ "LDRB r12, [%[td4], r12]\n\t"
+ "LDRB r7, [%[td4], r7]\n\t"
+ "LDRB lr, [%[td4], lr]\n\t"
+ "EOR r12, r12, r11, LSL #16\n\t"
+ "LDM r3, {r8, r9, r10, r11}\n\t"
+ "EOR r7, r7, r12, LSL #8\n\t"
+ "EOR r7, r7, lr, LSL #16\n\t"
+ /* XOR in Key Schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ : [td] "+r" (td), [nr] "+r" (nr), [td4] "+r" (td4)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+static const uint32_t* L_AES_Thumb2_td_ecb = L_AES_Thumb2_td_data;
+static const unsigned char L_AES_Thumb2_td4[] = {
+ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
+ 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+ 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
+ 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+ 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
+ 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+ 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
+ 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+ 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
+ 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+ 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+ 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+ 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
+ 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+ 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
+ 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+ 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
+ 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+ 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
+ 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+ 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
+ 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+ 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
+ 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+ 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
+ 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+ 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
+ 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+ 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
+ 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
+ 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d,
+};
+
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
+ unsigned long len, const unsigned char* ks, int nr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_ECB_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+#else
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+ register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+ register int nr __asm__ ("r4") = (int)nr_p;
+ register uint32_t* L_AES_Thumb2_td_ecb_c __asm__ ("r5") = (uint32_t*)L_AES_Thumb2_td_ecb;
+ register unsigned char* L_AES_Thumb2_td4_c __asm__ ("r6") = (unsigned char*)&L_AES_Thumb2_td4;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r8, r4\n\t"
+#else
+ "LDR r8, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[in]\n\t"
+ "MOV r0, %[L_AES_Thumb2_td_ecb]\n\t"
+ "MOV r12, %[len]\n\t"
+ "MOV r2, %[L_AES_Thumb2_td4]\n\t"
+ "CMP r8, #0xa\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_ECB_decrypt_start_block_128\n\t"
+#else
+ "BEQ.W L_AES_ECB_decrypt_start_block_128\n\t"
+#endif
+ "CMP r8, #0xc\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_ECB_decrypt_start_block_192\n\t"
+#else
+ "BEQ.W L_AES_ECB_decrypt_start_block_192\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_decrypt_loop_block_256:\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "PUSH {r1, %[ks], r12, lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_decrypt_block\n\t"
+ "POP {r1, %[ks], r12, lr}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_ECB_decrypt_loop_block_256\n\t"
+#else
+ "BNE.W L_AES_ECB_decrypt_loop_block_256\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_ECB_decrypt_end\n\t"
+#else
+ "B.N L_AES_ECB_decrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_decrypt_start_block_192:\n\t"
+ "\n"
+ "L_AES_ECB_decrypt_loop_block_192:\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "PUSH {r1, %[ks], r12, lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_decrypt_block\n\t"
+ "POP {r1, %[ks], r12, lr}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_ECB_decrypt_loop_block_192\n\t"
+#else
+ "BNE.W L_AES_ECB_decrypt_loop_block_192\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_ECB_decrypt_end\n\t"
+#else
+ "B.N L_AES_ECB_decrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_decrypt_start_block_128:\n\t"
+ "\n"
+ "L_AES_ECB_decrypt_loop_block_128:\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "PUSH {r1, %[ks], r12, lr}\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_decrypt_block\n\t"
+ "POP {r1, %[ks], r12, lr}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_ECB_decrypt_loop_block_128\n\t"
+#else
+ "BNE.W L_AES_ECB_decrypt_loop_block_128\n\t"
+#endif
+ "\n"
+ "L_AES_ECB_decrypt_end:\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr),
+ [L_AES_Thumb2_td_ecb] "+r" (L_AES_Thumb2_td_ecb_c), [L_AES_Thumb2_td4] "+r" (L_AES_Thumb2_td4_c)
+ :
+#else
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr)
+ : [L_AES_Thumb2_td_ecb] "r" (L_AES_Thumb2_td_ecb), [L_AES_Thumb2_td4] "r" (L_AES_Thumb2_td4)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out,
+ unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_CBC_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+#else
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+ register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+ register int nr __asm__ ("r4") = (int)nr_p;
+ register unsigned char* iv __asm__ ("r5") = (unsigned char*)iv_p;
+ register uint32_t* L_AES_Thumb2_td_ecb_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_td_ecb;
+ register unsigned char* L_AES_Thumb2_td4_c __asm__ ("r7") = (unsigned char*)&L_AES_Thumb2_td4;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r8, r4\n\t"
+#else
+ "LDR r8, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r4, r5\n\t"
+#else
+ "LDR r4, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[in]\n\t"
+ "MOV r0, %[L_AES_Thumb2_td_ecb]\n\t"
+ "MOV r12, %[len]\n\t"
+ "MOV r2, %[L_AES_Thumb2_td4]\n\t"
+ "PUSH {%[ks], r4}\n\t"
+ "CMP r8, #0xa\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_decrypt_loop_block_128\n\t"
+#else
+ "BEQ.W L_AES_CBC_decrypt_loop_block_128\n\t"
+#endif
+ "CMP r8, #0xc\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_decrypt_loop_block_192\n\t"
+#else
+ "BEQ.W L_AES_CBC_decrypt_loop_block_192\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_decrypt_loop_block_256:\n\t"
+ "PUSH {r1, r12, lr}\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "STRD r4, r5, [lr, #16]\n\t"
+ "STRD r6, r7, [lr, #24]\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_decrypt_block\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDM lr, {r8, r9, r10, r11}\n\t"
+ "POP {r1, r12, lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_decrypt_end_odd\n\t"
+#else
+ "BEQ.W L_AES_CBC_decrypt_end_odd\n\t"
+#endif
+ "PUSH {r1, r12, lr}\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "STRD r4, r5, [lr]\n\t"
+ "STRD r6, r7, [lr, #8]\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_decrypt_block\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDRD r8, r9, [lr, #16]\n\t"
+ "LDRD r10, r11, [lr, #24]\n\t"
+ "POP {r1, r12, lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CBC_decrypt_loop_block_256\n\t"
+#else
+ "BNE.W L_AES_CBC_decrypt_loop_block_256\n\t"
+#endif
+#ifdef __GNUC__
+ "B L_AES_CBC_decrypt_end\n\t"
+#else
+ "B.W L_AES_CBC_decrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_decrypt_loop_block_192:\n\t"
+ "PUSH {r1, r12, lr}\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "STRD r4, r5, [lr, #16]\n\t"
+ "STRD r6, r7, [lr, #24]\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_decrypt_block\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDM lr, {r8, r9, r10, r11}\n\t"
+ "POP {r1, r12, lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_decrypt_end_odd\n\t"
+#else
+ "BEQ.W L_AES_CBC_decrypt_end_odd\n\t"
+#endif
+ "PUSH {r1, r12, lr}\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "STRD r4, r5, [lr]\n\t"
+ "STRD r6, r7, [lr, #8]\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_decrypt_block\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDRD r8, r9, [lr, #16]\n\t"
+ "LDRD r10, r11, [lr, #24]\n\t"
+ "POP {r1, r12, lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CBC_decrypt_loop_block_192\n\t"
+#else
+ "BNE.W L_AES_CBC_decrypt_loop_block_192\n\t"
+#endif
+#ifdef __GNUC__
+ "B L_AES_CBC_decrypt_end\n\t"
+#else
+ "B.W L_AES_CBC_decrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_decrypt_loop_block_128:\n\t"
+ "PUSH {r1, r12, lr}\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "STRD r4, r5, [lr, #16]\n\t"
+ "STRD r6, r7, [lr, #24]\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_decrypt_block\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDM lr, {r8, r9, r10, r11}\n\t"
+ "POP {r1, r12, lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_CBC_decrypt_end_odd\n\t"
+#else
+ "BEQ.W L_AES_CBC_decrypt_end_odd\n\t"
+#endif
+ "PUSH {r1, r12, lr}\n\t"
+ "LDR r4, [lr]\n\t"
+ "LDR r5, [lr, #4]\n\t"
+ "LDR r6, [lr, #8]\n\t"
+ "LDR r7, [lr, #12]\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "STRD r4, r5, [lr]\n\t"
+ "STRD r6, r7, [lr, #8]\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_decrypt_block\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDRD r8, r9, [lr, #16]\n\t"
+ "LDRD r10, r11, [lr, #24]\n\t"
+ "POP {r1, r12, lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "SUBS r12, r12, #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_CBC_decrypt_loop_block_128\n\t"
+#else
+ "BNE.W L_AES_CBC_decrypt_loop_block_128\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_AES_CBC_decrypt_end\n\t"
+#else
+ "B.N L_AES_CBC_decrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_CBC_decrypt_end_odd:\n\t"
+ "LDR r4, [sp, #4]\n\t"
+ "LDRD r8, r9, [r4, #16]\n\t"
+ "LDRD r10, r11, [r4, #24]\n\t"
+ "STRD r8, r9, [r4]\n\t"
+ "STRD r10, r11, [r4, #8]\n\t"
+ "\n"
+ "L_AES_CBC_decrypt_end:\n\t"
+ "POP {%[ks], r4}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv),
+ [L_AES_Thumb2_td_ecb] "+r" (L_AES_Thumb2_td_ecb_c), [L_AES_Thumb2_td4] "+r" (L_AES_Thumb2_td4_c)
+ :
+#else
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv)
+ : [L_AES_Thumb2_td_ecb] "r" (L_AES_Thumb2_td_ecb), [L_AES_Thumb2_td4] "r" (L_AES_Thumb2_td4)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AES_CBC */
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER || HAVE_AES_CBC */
+#endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AESGCM
+static const uint32_t L_GCM_gmult_len_r[] = {
+ 0x00000000, 0x1c200000, 0x38400000, 0x24600000,
+ 0x70800000, 0x6ca00000, 0x48c00000, 0x54e00000,
+ 0xe1000000, 0xfd200000, 0xd9400000, 0xc5600000,
+ 0x91800000, 0x8da00000, 0xa9c00000, 0xb5e00000,
+};
+
+void GCM_gmult_len(unsigned char* x, const unsigned char** m,
+ const unsigned char* data, unsigned long len);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void GCM_gmult_len(unsigned char* x_p, const unsigned char** m_p, const unsigned char* data_p, unsigned long len_p)
+#else
+void GCM_gmult_len(unsigned char* x, const unsigned char** m, const unsigned char* data, unsigned long len)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register unsigned char* x __asm__ ("r0") = (unsigned char*)x_p;
+ register const unsigned char** m __asm__ ("r1") = (const unsigned char**)m_p;
+ register const unsigned char* data __asm__ ("r2") = (const unsigned char*)data_p;
+ register unsigned long len __asm__ ("r3") = (unsigned long)len_p;
+ register uint32_t* L_GCM_gmult_len_r_c __asm__ ("r4") = (uint32_t*)&L_GCM_gmult_len_r;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV lr, %[L_GCM_gmult_len_r]\n\t"
+ "\n"
+ "L_GCM_gmult_len_start_block:\n\t"
+ "PUSH {r3}\n\t"
+ "LDR r12, [r0, #12]\n\t"
+ "LDR %[len], [r2, #12]\n\t"
+ "EOR r12, r12, %[len]\n\t"
+ "LSR %[len], r12, #24\n\t"
+ "AND %[len], %[len], #0xf\n\t"
+ "ADD %[len], %[m], %[len], LSL #4\n\t"
+ "LDM %[len], {r8, r9, r10, r11}\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #28\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #16\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #20\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #8\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #12\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "AND r4, r12, #0xf\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "LDR r12, [r0, #8]\n\t"
+ "LDR %[len], [r2, #8]\n\t"
+ "EOR r12, r12, %[len]\n\t"
+ "LSR %[len], r12, #24\n\t"
+ "AND %[len], %[len], #0xf\n\t"
+ "ADD %[len], %[m], %[len], LSL #4\n\t"
+ "LDM %[len], {r4, r5, r6, r7}\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #28\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #16\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #20\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #8\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #12\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "AND r4, r12, #0xf\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "LDR r12, [r0, #4]\n\t"
+ "LDR %[len], [r2, #4]\n\t"
+ "EOR r12, r12, %[len]\n\t"
+ "LSR %[len], r12, #24\n\t"
+ "AND %[len], %[len], #0xf\n\t"
+ "ADD %[len], %[m], %[len], LSL #4\n\t"
+ "LDM %[len], {r4, r5, r6, r7}\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #28\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #16\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #20\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #8\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #12\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "AND r4, r12, #0xf\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "LDR r12, [r0]\n\t"
+ "LDR %[len], [r2]\n\t"
+ "EOR r12, r12, %[len]\n\t"
+ "LSR %[len], r12, #24\n\t"
+ "AND %[len], %[len], #0xf\n\t"
+ "ADD %[len], %[m], %[len], LSL #4\n\t"
+ "LDM %[len], {r4, r5, r6, r7}\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #28\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #16\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #20\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #8\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #12\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "AND r4, r12, #0xf\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LSR r6, r10, #4\n\t"
+ "AND %[len], r11, #0xf\n\t"
+ "LSR r11, r11, #4\n\t"
+ "LSR r4, r12, #4\n\t"
+ "EOR r11, r11, r10, LSL #28\n\t"
+ "AND r4, r4, #0xf\n\t"
+ "LDR %[len], [lr, r3, LSL #2]\n\t"
+ "ADD r4, %[m], r4, LSL #4\n\t"
+ "EOR r10, r6, r9, LSL #28\n\t"
+ "LSR r9, r9, #4\n\t"
+ "LDM r4, {r4, r5, r6, r7}\n\t"
+ "EOR r9, r9, r8, LSL #28\n\t"
+ "EOR r8, %[len], r8, LSR #4\n\t"
+ "EOR r8, r8, r4\n\t"
+ "EOR r9, r9, r5\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STM %[x], {r8, r9, r10, r11}\n\t"
+ "POP {r3}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD %[data], %[data], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_GCM_gmult_len_start_block\n\t"
+#else
+ "BNE.W L_GCM_gmult_len_start_block\n\t"
+#endif
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [x] "+r" (x), [m] "+r" (m), [data] "+r" (data), [len] "+r" (len),
+ [L_GCM_gmult_len_r] "+r" (L_GCM_gmult_len_r_c)
+ :
+#else
+ : [x] "+r" (x), [m] "+r" (m), [data] "+r" (data), [len] "+r" (len)
+ : [L_GCM_gmult_len_r] "r" (L_GCM_gmult_len_r)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+static const uint32_t* L_AES_Thumb2_te_gcm = L_AES_Thumb2_te_data;
+void AES_GCM_encrypt(const unsigned char* in, unsigned char* out,
+ unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+#else
+void AES_GCM_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+ register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+ register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+ register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+ register int nr __asm__ ("r4") = (int)nr_p;
+ register unsigned char* ctr __asm__ ("r5") = (unsigned char*)ctr_p;
+ register uint32_t* L_AES_Thumb2_te_gcm_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_te_gcm;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r12, r4\n\t"
+#else
+ "LDR r12, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "MOV r8, r5\n\t"
+#else
+ "LDR r8, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[in]\n\t"
+ "MOV r0, %[L_AES_Thumb2_te_gcm]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM r8, {r4, r5, r6, r7}\n\t"
+ "PUSH {%[ks], r8}\n\t"
+ "CMP r12, #0xa\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_GCM_encrypt_start_block_128\n\t"
+#else
+ "BEQ.W L_AES_GCM_encrypt_start_block_128\n\t"
+#endif
+ "CMP r12, #0xc\n\t"
+#ifdef __GNUC__
+ "BEQ L_AES_GCM_encrypt_start_block_192\n\t"
+#else
+ "BEQ.W L_AES_GCM_encrypt_start_block_192\n\t"
+#endif
+ "\n"
+ "L_AES_GCM_encrypt_loop_block_256:\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "ADD r7, r7, #0x1\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "STR r7, [lr, #12]\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x6\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_GCM_encrypt_loop_block_256\n\t"
+#else
+ "BNE.W L_AES_GCM_encrypt_loop_block_256\n\t"
+#endif
+#ifdef __GNUC__
+ "B L_AES_GCM_encrypt_end\n\t"
+#else
+ "B.W L_AES_GCM_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_GCM_encrypt_start_block_192:\n\t"
+ "\n"
+ "L_AES_GCM_encrypt_loop_block_192:\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "ADD r7, r7, #0x1\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "STR r7, [lr, #12]\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x5\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_GCM_encrypt_loop_block_192\n\t"
+#else
+ "BNE.W L_AES_GCM_encrypt_loop_block_192\n\t"
+#endif
+#ifdef __GNUC__
+ "B L_AES_GCM_encrypt_end\n\t"
+#else
+ "B.W L_AES_GCM_encrypt_end\n\t"
+#endif
+ "\n"
+ "L_AES_GCM_encrypt_start_block_128:\n\t"
+ "\n"
+ "L_AES_GCM_encrypt_loop_block_128:\n\t"
+ "PUSH {r1, %[len], lr}\n\t"
+ "LDR lr, [sp, #16]\n\t"
+ "ADD r7, r7, #0x1\n\t"
+ "LDM %[ks]!, {r8, r9, r10, r11}\n\t"
+ "STR r7, [lr, #12]\n\t"
+ /* Round: 0 - XOR in key schedule */
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "MOV r1, #0x4\n\t"
+ "BL AES_encrypt_block\n\t"
+ "POP {r1, %[len], lr}\n\t"
+ "LDR %[ks], [sp]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "LDR r8, [lr]\n\t"
+ "LDR r9, [lr, #4]\n\t"
+ "LDR r10, [lr, #8]\n\t"
+ "LDR r11, [lr, #12]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "STR r4, [%[out]]\n\t"
+ "STR r5, [%[out], #4]\n\t"
+ "STR r6, [%[out], #8]\n\t"
+ "STR r7, [%[out], #12]\n\t"
+ "LDM r8, {r4, r5, r6, r7}\n\t"
+ "SUBS %[len], %[len], #0x10\n\t"
+ "ADD lr, lr, #0x10\n\t"
+ "ADD %[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+ "BNE L_AES_GCM_encrypt_loop_block_128\n\t"
+#else
+ "BNE.W L_AES_GCM_encrypt_loop_block_128\n\t"
+#endif
+ "\n"
+ "L_AES_GCM_encrypt_end:\n\t"
+ "POP {%[ks], r8}\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "STM r8, {r4, r5, r6, r7}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr),
+ [L_AES_Thumb2_te_gcm] "+r" (L_AES_Thumb2_te_gcm_c)
+ :
+#else
+ : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr)
+ : [L_AES_Thumb2_te_gcm] "r" (L_AES_Thumb2_te_gcm)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#endif /* HAVE_AESGCM */
+#endif /* !NO_AES */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S
new file mode 100644
index 00000000..e6b5dcf5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S
@@ -0,0 +1,6485 @@
+/* thumb2-curve25519
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./x25519/x25519.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+ .thumb
+ .syntax unified
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
+
+ .text
+ .align 4
+ .globl fe_init
+ .type fe_init, %function
+fe_init:
+ BX lr
+ /* Cycle Count = 4 */
+ .size fe_init,.-fe_init
+ .text
+ .align 4
+ .globl fe_add_sub_op
+ .type fe_add_sub_op, %function
+fe_add_sub_op:
+ PUSH {lr}
+ /* Add-Sub */
+ LDRD r4, r5, [r2]
+ LDRD r6, r7, [r3]
+ /* Add */
+ ADDS r8, r4, r6
+ MOV r12, #0x0
+ ADCS r9, r5, r7
+ ADC r12, r12, #0x0
+ STRD r8, r9, [r0]
+ /* Sub */
+ SUBS r10, r4, r6
+ SBCS r11, r5, r7
+ STRD r10, r11, [r1]
+ LDRD r4, r5, [r2, #8]
+ LDRD r6, r7, [r3, #8]
+ /* Sub */
+ SBCS r10, r4, r6
+ MOV lr, #0x0
+ SBCS r11, r5, r7
+ ADC lr, lr, #0x0
+ STRD r10, r11, [r1, #8]
+ /* Add */
+ SUBS r12, r12, #0x1
+ ADCS r8, r4, r6
+ ADCS r9, r5, r7
+ STRD r8, r9, [r0, #8]
+ LDRD r4, r5, [r2, #16]
+ LDRD r6, r7, [r3, #16]
+ /* Add */
+ ADCS r8, r4, r6
+ MOV r12, #0x0
+ ADCS r9, r5, r7
+ ADC r12, r12, #0x0
+ STRD r8, r9, [r0, #16]
+ /* Sub */
+ SUBS lr, lr, #0x1
+ SBCS r10, r4, r6
+ SBCS r11, r5, r7
+ STRD r10, r11, [r1, #16]
+ LDRD r4, r5, [r2, #24]
+ LDRD r6, r7, [r3, #24]
+ /* Sub */
+ SBCS r10, r4, r6
+ SBC r11, r5, r7
+ /* Add */
+ SUBS r12, r12, #0x1
+ ADCS r8, r4, r6
+ MOV r12, #0x0
+ ADCS r9, r5, r7
+ ADC r12, r12, #0x0
+ /* Multiply -modulus by overflow */
+ LSL r3, r12, #1
+ MOV r12, #0x13
+ ORR r3, r3, r9, LSR #31
+ MUL r12, r3, r12
+ /* Add -x*modulus (if overflow) */
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ ADDS r4, r4, r12
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ STRD r4, r5, [r0]
+ STRD r6, r7, [r0, #8]
+ LDRD r4, r5, [r0, #16]
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ STRD r4, r5, [r0, #16]
+ BFC r9, #31, #1
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ STRD r8, r9, [r0, #24]
+ /* Add -modulus on underflow */
+ MOV lr, #0x13
+ AND lr, lr, r11, ASR #31
+ LDM r1, {r4, r5, r6, r7, r8, r9}
+ SUBS r4, r4, lr
+ SBCS r5, r5, #0x0
+ SBCS r6, r6, #0x0
+ SBCS r7, r7, #0x0
+ SBCS r8, r8, #0x0
+ SBCS r9, r9, #0x0
+ BFC r11, #31, #1
+ SBCS r10, r10, #0x0
+ SBC r11, r11, #0x0
+ STM r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ /* Done Add-Sub */
+ POP {pc}
+ /* Cycle Count = 134 */
+ .size fe_add_sub_op,.-fe_add_sub_op
+ .text
+ .align 4
+ .globl fe_sub_op
+ .type fe_sub_op, %function
+fe_sub_op:
+ PUSH {lr}
+ /* Sub */
+ LDM r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+ LDM r1!, {r2, r3, r4, r5}
+ SUBS r6, r2, r6
+ SBCS r7, r3, r7
+ SBCS r8, r4, r8
+ SBCS r9, r5, r9
+ LDM r1!, {r2, r3, r4, r5}
+ SBCS r10, r2, r10
+ SBCS r11, r3, r11
+ SBCS r12, r4, r12
+ SBC lr, r5, lr
+ MOV r2, #0x13
+ AND r2, r2, lr, ASR #31
+ SUBS r6, r6, r2
+ SBCS r7, r7, #0x0
+ SBCS r8, r8, #0x0
+ SBCS r9, r9, #0x0
+ SBCS r10, r10, #0x0
+ SBCS r11, r11, #0x0
+ BFC lr, #31, #1
+ SBCS r12, r12, #0x0
+ SBC lr, lr, #0x0
+ STM r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+ /* Done Sub */
+ POP {pc}
+ /* Cycle Count = 51 */
+ .size fe_sub_op,.-fe_sub_op
+ .text
+ .align 4
+ .globl fe_sub
+ .type fe_sub, %function
+fe_sub:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ BL fe_sub_op
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 24 */
+ .size fe_sub,.-fe_sub
+ .text
+ .align 4
+ .globl fe_add_op
+ .type fe_add_op, %function
+fe_add_op:
+ PUSH {lr}
+ /* Add */
+ LDM r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+ LDM r1!, {r2, r3, r4, r5}
+ ADDS r6, r2, r6
+ ADCS r7, r3, r7
+ ADCS r8, r4, r8
+ ADCS r9, r5, r9
+ LDM r1!, {r2, r3, r4, r5}
+ ADCS r10, r2, r10
+ ADCS r11, r3, r11
+ ADCS r12, r4, r12
+ ADC lr, r5, lr
+ MOV r2, #0x13
+ AND r2, r2, lr, ASR #31
+ ADDS r6, r6, r2
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADCS r9, r9, #0x0
+ ADCS r10, r10, #0x0
+ ADCS r11, r11, #0x0
+ BFC lr, #31, #1
+ ADCS r12, r12, #0x0
+ ADC lr, lr, #0x0
+ STM r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+ /* Done Add */
+ POP {pc}
+ /* Cycle Count = 51 */
+ .size fe_add_op,.-fe_add_op
+ .text
+ .align 4
+ .globl fe_add
+ .type fe_add, %function
+fe_add:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ BL fe_add_op
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 24 */
+ .size fe_add,.-fe_add
+#ifdef HAVE_ED25519
+ .text
+ .align 4
+ .globl fe_frombytes
+ .type fe_frombytes, %function
+fe_frombytes:
+ PUSH {r4, r5, r6, r7, r8, r9, lr}
+ LDR r2, [r1]
+ LDR r3, [r1, #4]
+ LDR r4, [r1, #8]
+ LDR r5, [r1, #12]
+ LDR r6, [r1, #16]
+ LDR r7, [r1, #20]
+ LDR r8, [r1, #24]
+ LDR r9, [r1, #28]
+ BFC r9, #31, #1
+ STR r2, [r0]
+ STR r3, [r0, #4]
+ STR r4, [r0, #8]
+ STR r5, [r0, #12]
+ STR r6, [r0, #16]
+ STR r7, [r0, #20]
+ STR r8, [r0, #24]
+ STR r9, [r0, #28]
+ POP {r4, r5, r6, r7, r8, r9, pc}
+ /* Cycle Count = 49 */
+ .size fe_frombytes,.-fe_frombytes
+ .text
+ .align 4
+ .globl fe_tobytes
+ .type fe_tobytes, %function
+fe_tobytes:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, lr}
+ LDM r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ADDS r10, r2, #0x13
+ ADCS r10, r3, #0x0
+ ADCS r10, r4, #0x0
+ ADCS r10, r5, #0x0
+ ADCS r10, r6, #0x0
+ ADCS r10, r7, #0x0
+ ADCS r10, r8, #0x0
+ ADC r10, r9, #0x0
+ ASR r10, r10, #31
+ AND r10, r10, #0x13
+ ADDS r2, r2, r10
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ BFC r9, #31, #1
+ STR r2, [r0]
+ STR r3, [r0, #4]
+ STR r4, [r0, #8]
+ STR r5, [r0, #12]
+ STR r6, [r0, #16]
+ STR r7, [r0, #20]
+ STR r8, [r0, #24]
+ STR r9, [r0, #28]
+ POP {r4, r5, r6, r7, r8, r9, r10, pc}
+ /* Cycle Count = 62 */
+ .size fe_tobytes,.-fe_tobytes
+ .text
+ .align 4
+ .globl fe_1
+ .type fe_1, %function
+fe_1:
+ PUSH {r4, r5, r6, r7, r8, r9, lr}
+ /* Set one */
+ MOV r2, #0x1
+ MOV r3, #0x0
+ MOV r4, #0x0
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ STM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ POP {r4, r5, r6, r7, r8, r9, pc}
+ /* Cycle Count = 33 */
+ .size fe_1,.-fe_1
+ .text
+ .align 4
+ .globl fe_0
+ .type fe_0, %function
+fe_0:
+ PUSH {r4, r5, r6, r7, r8, r9, lr}
+ /* Set zero */
+ MOV r2, #0x0
+ MOV r3, #0x0
+ MOV r4, #0x0
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ STM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ POP {r4, r5, r6, r7, r8, r9, pc}
+ /* Cycle Count = 33 */
+ .size fe_0,.-fe_0
+ .text
+ .align 4
+ .globl fe_copy
+ .type fe_copy, %function
+fe_copy:
+ PUSH {r4, r5, lr}
+ /* Copy */
+ LDRD r2, r3, [r1]
+ LDRD r4, r5, [r1, #8]
+ STRD r2, r3, [r0]
+ STRD r4, r5, [r0, #8]
+ LDRD r2, r3, [r1, #16]
+ LDRD r4, r5, [r1, #24]
+ STRD r2, r3, [r0, #16]
+ STRD r4, r5, [r0, #24]
+ POP {r4, r5, pc}
+ /* Cycle Count = 32 */
+ .size fe_copy,.-fe_copy
+ .text
+ .align 4
+ .globl fe_neg
+ .type fe_neg, %function
+fe_neg:
+ PUSH {r4, r5, r6, r7, lr}
+ MVN r7, #0x0
+ MVN r6, #0x12
+ LDM r1!, {r2, r3, r4, r5}
+ SUBS r2, r6, r2
+ SBCS r3, r7, r3
+ SBCS r4, r7, r4
+ SBCS r5, r7, r5
+ STM r0!, {r2, r3, r4, r5}
+ MVN r6, #0x80000000
+ LDM r1!, {r2, r3, r4, r5}
+ SBCS r2, r7, r2
+ SBCS r3, r7, r3
+ SBCS r4, r7, r4
+ SBC r5, r6, r5
+ STM r0!, {r2, r3, r4, r5}
+ POP {r4, r5, r6, r7, pc}
+ /* Cycle Count = 43 */
+ .size fe_neg,.-fe_neg
+ .text
+ .align 4
+ .globl fe_isnonzero
+ .type fe_isnonzero, %function
+fe_isnonzero:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, lr}
+ LDM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ADDS r1, r2, #0x13
+ ADCS r1, r3, #0x0
+ ADCS r1, r4, #0x0
+ ADCS r1, r5, #0x0
+ ADCS r1, r6, #0x0
+ ADCS r1, r7, #0x0
+ ADCS r1, r8, #0x0
+ ADC r1, r9, #0x0
+ ASR r1, r1, #31
+ AND r1, r1, #0x13
+ ADDS r2, r2, r1
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ BFC r9, #31, #1
+ ORR r2, r2, r3
+ ORR r4, r4, r5
+ ORR r6, r6, r7
+ ORR r8, r8, r9
+ ORR r4, r4, r6
+ ORR r2, r2, r8
+ ORR r0, r2, r4
+ POP {r4, r5, r6, r7, r8, r9, r10, pc}
+ /* Cycle Count = 53 */
+ .size fe_isnonzero,.-fe_isnonzero
+ .text
+ .align 4
+ .globl fe_isnegative
+ .type fe_isnegative, %function
+fe_isnegative:
+ PUSH {r4, r5, lr}
+ LDM r0!, {r2, r3, r4, r5}
+ ADDS r1, r2, #0x13
+ ADCS r1, r3, #0x0
+ ADCS r1, r4, #0x0
+ ADCS r1, r5, #0x0
+ LDM r0, {r2, r3, r4, r5}
+ ADCS r1, r2, #0x0
+ ADCS r1, r3, #0x0
+ ADCS r1, r4, #0x0
+ LDR r2, [r0, #-16]
+ ADC r1, r5, #0x0
+ AND r0, r2, #0x1
+ LSR r1, r1, #31
+ EOR r0, r0, r1
+ POP {r4, r5, pc}
+ /* Cycle Count = 31 */
+ .size fe_isnegative,.-fe_isnegative
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
+ .text
+ .align 4
+ .globl fe_cmov_table
+ .type fe_cmov_table, %function
+fe_cmov_table:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SXTB r2, r2
+ SBFX r3, r2, #7, #1
+ EOR r12, r2, r3
+ SUB r12, r12, r3
+ MOV r4, #0x1
+ MOV r5, #0x0
+ MOV r6, #0x1
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ MOV r3, #0x80000000
+ ROR r3, r3, #31
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #30
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #29
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #28
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #27
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #26
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #25
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #24
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #32]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #64]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ SUB r1, r1, #0x2a0
+ MVN r10, #0x12
+ MVN r11, #0x0
+ SUBS r10, r10, r8
+ SBCS r11, r11, r9
+ SBC lr, lr, lr
+ ASR r12, r2, #31
+ EOR r3, r4, r6
+ AND r3, r3, r12
+ EOR r4, r4, r3
+ EOR r6, r6, r3
+ EOR r3, r5, r7
+ AND r3, r3, r12
+ EOR r5, r5, r3
+ EOR r7, r7, r3
+ EOR r10, r10, r8
+ AND r10, r10, r12
+ EOR r8, r8, r10
+ EOR r11, r11, r9
+ AND r11, r11, r12
+ EOR r9, r9, r11
+ STRD r4, r5, [r0]
+ STRD r6, r7, [r0, #32]
+ STRD r8, r9, [r0, #64]
+ SBFX r3, r2, #7, #1
+ EOR r12, r2, r3
+ SUB r12, r12, r3
+ MOV r4, #0x0
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ MOV r3, #0x80000000
+ ROR r3, r3, #31
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #30
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #29
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #28
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #27
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #26
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #25
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #24
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #8]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #40]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #72]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ SUB r1, r1, #0x2a0
+ MVN r10, #0x0
+ MVN r11, #0x0
+ RSBS lr, lr, #0x0
+ SBCS r10, r10, r8
+ SBCS r11, r11, r9
+ SBC lr, lr, lr
+ ASR r12, r2, #31
+ EOR r3, r4, r6
+ AND r3, r3, r12
+ EOR r4, r4, r3
+ EOR r6, r6, r3
+ EOR r3, r5, r7
+ AND r3, r3, r12
+ EOR r5, r5, r3
+ EOR r7, r7, r3
+ EOR r10, r10, r8
+ AND r10, r10, r12
+ EOR r8, r8, r10
+ EOR r11, r11, r9
+ AND r11, r11, r12
+ EOR r9, r9, r11
+ STRD r4, r5, [r0, #8]
+ STRD r6, r7, [r0, #40]
+ STRD r8, r9, [r0, #72]
+ SBFX r3, r2, #7, #1
+ EOR r12, r2, r3
+ SUB r12, r12, r3
+ MOV r4, #0x0
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ MOV r3, #0x80000000
+ ROR r3, r3, #31
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #30
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #29
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #28
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #27
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #26
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #25
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #24
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #48]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #80]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ SUB r1, r1, #0x2a0
+ MVN r10, #0x0
+ MVN r11, #0x0
+ RSBS lr, lr, #0x0
+ SBCS r10, r10, r8
+ SBCS r11, r11, r9
+ SBC lr, lr, lr
+ ASR r12, r2, #31
+ EOR r3, r4, r6
+ AND r3, r3, r12
+ EOR r4, r4, r3
+ EOR r6, r6, r3
+ EOR r3, r5, r7
+ AND r3, r3, r12
+ EOR r5, r5, r3
+ EOR r7, r7, r3
+ EOR r10, r10, r8
+ AND r10, r10, r12
+ EOR r8, r8, r10
+ EOR r11, r11, r9
+ AND r11, r11, r12
+ EOR r9, r9, r11
+ STRD r4, r5, [r0, #16]
+ STRD r6, r7, [r0, #48]
+ STRD r8, r9, [r0, #80]
+ SBFX r3, r2, #7, #1
+ EOR r12, r2, r3
+ SUB r12, r12, r3
+ MOV r4, #0x0
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ MOV r3, #0x80000000
+ ROR r3, r3, #31
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #30
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #29
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #28
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #27
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #26
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #25
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ ADD r1, r1, #0x60
+ MOV r3, #0x80000000
+ ROR r3, r3, #24
+ ROR r3, r3, r12
+ ASR r3, r3, #31
+ LDRD r10, r11, [r1, #24]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r4, r4, r10
+ EOR r5, r5, r11
+ LDRD r10, r11, [r1, #56]
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r6, r6, r10
+ EOR r7, r7, r11
+ LDRD r10, r11, [r1, #88]
+ EOR r10, r10, r8
+ EOR r11, r11, r9
+ AND r10, r10, r3
+ AND r11, r11, r3
+ EOR r8, r8, r10
+ EOR r9, r9, r11
+ SUB r1, r1, #0x2a0
+ MVN r10, #0x0
+ MVN r11, #0x80000000
+ RSBS lr, lr, #0x0
+ SBCS r10, r10, r8
+ SBC r11, r11, r9
+ ASR r12, r2, #31
+ EOR r3, r4, r6
+ AND r3, r3, r12
+ EOR r4, r4, r3
+ EOR r6, r6, r3
+ EOR r3, r5, r7
+ AND r3, r3, r12
+ EOR r5, r5, r3
+ EOR r7, r7, r3
+ EOR r10, r10, r8
+ AND r10, r10, r12
+ EOR r8, r8, r10
+ EOR r11, r11, r9
+ AND r11, r11, r12
+ EOR r9, r9, r11
+ STRD r4, r5, [r0, #24]
+ STRD r6, r7, [r0, #56]
+ STRD r8, r9, [r0, #88]
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 1195 */
+ .size fe_cmov_table,.-fe_cmov_table
+#else
+ .text
+ .align 4
+ .globl fe_cmov_table
+ .type fe_cmov_table, %function
+fe_cmov_table:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SXTB r2, r2
+ SBFX r3, r2, #7, #1
+ EOR r2, r2, r3
+ SUB r2, r2, r3
+ CLZ lr, r2
+ LSL lr, lr, #26
+ ASR lr, lr, #31
+ MVN lr, lr
+ ADD r2, r2, lr
+ MOV r12, #0x60
+ MUL r2, r2, r12
+ ADD r1, r1, r2
+ LDM r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r6, r6, lr
+ AND r7, r7, lr
+ AND r8, r8, lr
+ AND r9, r9, lr
+ AND r10, r10, lr
+ AND r11, r11, lr
+ MVN r12, lr
+ SUB r4, r4, r12
+ MOV r12, #0x20
+ AND r12, r12, r3
+ ADD r0, r0, r12
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ SUB r0, r0, r12
+ LDM r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r6, r6, lr
+ AND r7, r7, lr
+ AND r8, r8, lr
+ AND r9, r9, lr
+ AND r10, r10, lr
+ AND r11, r11, lr
+ MVN r12, lr
+ SUB r4, r4, r12
+ MOV r12, #0x20
+ BIC r12, r12, r3
+ ADD r0, r0, r12
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ SUB r0, r0, r12
+ ADD r0, r0, #0x40
+ LDM r1!, {r4, r5, r6, r7}
+ MVN r12, #0x12
+ SUBS r8, r12, r4
+ SBCS r9, r3, r5
+ SBCS r10, r3, r6
+ SBCS r11, r3, r7
+ BIC r4, r4, r3
+ BIC r5, r5, r3
+ BIC r6, r6, r3
+ BIC r7, r7, r3
+ AND r8, r8, r3
+ AND r9, r9, r3
+ AND r10, r10, r3
+ AND r11, r11, r3
+ ORR r4, r4, r8
+ ORR r5, r5, r9
+ ORR r6, r6, r10
+ ORR r7, r7, r11
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r6, r6, lr
+ AND r7, r7, lr
+ STM r0!, {r4, r5, r6, r7}
+ LDM r1!, {r4, r5, r6, r7}
+ MVN r12, #0x80000000
+ SBCS r8, r3, r4
+ SBCS r9, r3, r5
+ SBCS r10, r3, r6
+ SBC r11, r12, r7
+ BIC r4, r4, r3
+ BIC r5, r5, r3
+ BIC r6, r6, r3
+ BIC r7, r7, r3
+ AND r8, r8, r3
+ AND r9, r9, r3
+ AND r10, r10, r3
+ AND r11, r11, r3
+ ORR r4, r4, r8
+ ORR r5, r5, r9
+ ORR r6, r6, r10
+ ORR r7, r7, r11
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r6, r6, lr
+ AND r7, r7, lr
+ STM r0!, {r4, r5, r6, r7}
+ SUB r1, r1, r2
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 160 */
+ .size fe_cmov_table,.-fe_cmov_table
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#ifdef WOLFSSL_SP_NO_UMAAL
+ .text
+ .align 4
+ .globl fe_mul_op
+ .type fe_mul_op, %function
+fe_mul_op:
+ PUSH {lr}
+ SUB sp, sp, #0x28
+ STR r0, [sp, #36]
+ MOV r0, #0x0
+ LDR r12, [r1]
+ /* A[0] * B[0] */
+ LDR lr, [r2]
+ UMULL r3, r4, r12, lr
+ /* A[0] * B[2] */
+ LDR lr, [r2, #8]
+ UMULL r5, r6, r12, lr
+ /* A[0] * B[4] */
+ LDR lr, [r2, #16]
+ UMULL r7, r8, r12, lr
+ /* A[0] * B[6] */
+ LDR lr, [r2, #24]
+ UMULL r9, r10, r12, lr
+ STR r3, [sp]
+ /* A[0] * B[1] */
+ LDR lr, [r2, #4]
+ MOV r11, r0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[0] * B[3] */
+ LDR lr, [r2, #12]
+ ADCS r6, r6, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[0] * B[5] */
+ LDR lr, [r2, #20]
+ ADCS r8, r8, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[0] * B[7] */
+ LDR lr, [r2, #28]
+ ADCS r10, r10, #0x0
+ ADC r3, r0, #0x0
+ UMLAL r10, r3, r12, lr
+ /* A[1] * B[0] */
+ LDR r12, [r1, #4]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r4, r11, r12, lr
+ STR r4, [sp, #4]
+ ADDS r5, r5, r11
+ /* A[1] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[1] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[1] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[1] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[1] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[1] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[1] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r4, r0, #0x0
+ UMLAL r3, r4, r12, lr
+ /* A[2] * B[0] */
+ LDR r12, [r1, #8]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r5, r11, r12, lr
+ STR r5, [sp, #8]
+ ADDS r6, r6, r11
+ /* A[2] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[2] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[2] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[2] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[2] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[2] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[2] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r5, r0, #0x0
+ UMLAL r4, r5, r12, lr
+ /* A[3] * B[0] */
+ LDR r12, [r1, #12]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r6, r11, r12, lr
+ STR r6, [sp, #12]
+ ADDS r7, r7, r11
+ /* A[3] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[3] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[3] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[3] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[3] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[3] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[3] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r6, r0, #0x0
+ UMLAL r5, r6, r12, lr
+ /* A[4] * B[0] */
+ LDR r12, [r1, #16]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r7, r11, r12, lr
+ STR r7, [sp, #16]
+ ADDS r8, r8, r11
+ /* A[4] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[4] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[4] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[4] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[4] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[4] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[4] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r7, r0, #0x0
+ UMLAL r6, r7, r12, lr
+ /* A[5] * B[0] */
+ LDR r12, [r1, #20]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r8, r11, r12, lr
+ STR r8, [sp, #20]
+ ADDS r9, r9, r11
+ /* A[5] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[5] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[5] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[5] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[5] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[5] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[5] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r8, r0, #0x0
+ UMLAL r7, r8, r12, lr
+ /* A[6] * B[0] */
+ LDR r12, [r1, #24]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r9, r11, r12, lr
+ STR r9, [sp, #24]
+ ADDS r10, r10, r11
+ /* A[6] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[6] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[6] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[6] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[6] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[6] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[6] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r9, r0, #0x0
+ UMLAL r8, r9, r12, lr
+ /* A[7] * B[0] */
+ LDR r12, [r1, #28]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r10, r11, r12, lr
+ STR r10, [sp, #28]
+ ADDS r3, r3, r11
+ /* A[7] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[7] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[7] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[7] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[7] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[7] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[7] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r10, r0, #0x0
+ UMLAL r9, r10, r12, lr
+ /* Reduce */
+ LDR r2, [sp, #28]
+ MOV lr, sp
+ MOV r12, #0x26
+ UMULL r10, r11, r10, r12
+ ADDS r10, r10, r2
+ ADC r11, r11, #0x0
+ MOV r12, #0x13
+ LSL r11, r11, #1
+ ORR r11, r11, r10, LSR #31
+ MUL r11, r11, r12
+ LDM lr!, {r1, r2}
+ MOV r12, #0x26
+ ADDS r1, r1, r11
+ ADC r11, r0, #0x0
+ UMLAL r1, r11, r3, r12
+ ADDS r2, r2, r11
+ ADC r11, r0, #0x0
+ UMLAL r2, r11, r4, r12
+ LDM lr!, {r3, r4}
+ ADDS r3, r3, r11
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r5, r12
+ ADDS r4, r4, r11
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r6, r12
+ LDM lr!, {r5, r6}
+ ADDS r5, r5, r11
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r7, r12
+ ADDS r6, r6, r11
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r8, r12
+ LDM lr!, {r7, r8}
+ ADDS r7, r7, r11
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r9, r12
+ BFC r10, #31, #1
+ ADDS r8, r10, r11
+ /* Store */
+ LDR r0, [sp, #36]
+ STM r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+ ADD sp, sp, #0x28
+ POP {pc}
+ /* Cycle Count = 406 */
+ .size fe_mul_op,.-fe_mul_op
+#else
+ .text
+ .align 4
+ .globl fe_mul_op
+ .type fe_mul_op, %function
+fe_mul_op:
+ PUSH {lr}
+ SUB sp, sp, #0x2c
+ STRD r0, r1, [sp, #36]
+ MOV lr, r2
+ LDM r1, {r0, r1, r2, r3}
+ LDM lr!, {r4, r5, r6}
+ UMULL r10, r11, r0, r4
+ UMULL r12, r7, r1, r4
+ UMAAL r11, r12, r0, r5
+ UMULL r8, r9, r2, r4
+ UMAAL r12, r8, r1, r5
+ UMAAL r12, r7, r0, r6
+ UMAAL r8, r9, r3, r4
+ STM sp, {r10, r11, r12}
+ UMAAL r7, r8, r2, r5
+ LDM lr!, {r4}
+ UMULL r10, r11, r1, r6
+ UMAAL r8, r9, r2, r6
+ UMAAL r7, r10, r0, r4
+ UMAAL r8, r11, r3, r5
+ STR r7, [sp, #12]
+ UMAAL r8, r10, r1, r4
+ UMAAL r9, r11, r3, r6
+ UMAAL r9, r10, r2, r4
+ UMAAL r10, r11, r3, r4
+ LDM lr, {r4, r5, r6, r7}
+ MOV r12, #0x0
+ UMLAL r8, r12, r0, r4
+ UMAAL r9, r12, r1, r4
+ UMAAL r10, r12, r2, r4
+ UMAAL r11, r12, r3, r4
+ MOV r4, #0x0
+ UMLAL r9, r4, r0, r5
+ UMAAL r10, r4, r1, r5
+ UMAAL r11, r4, r2, r5
+ UMAAL r12, r4, r3, r5
+ MOV r5, #0x0
+ UMLAL r10, r5, r0, r6
+ UMAAL r11, r5, r1, r6
+ UMAAL r12, r5, r2, r6
+ UMAAL r4, r5, r3, r6
+ MOV r6, #0x0
+ UMLAL r11, r6, r0, r7
+ LDR r0, [sp, #40]
+ UMAAL r12, r6, r1, r7
+ ADD r0, r0, #0x10
+ UMAAL r4, r6, r2, r7
+ SUB lr, lr, #0x10
+ UMAAL r5, r6, r3, r7
+ LDM r0, {r0, r1, r2, r3}
+ STR r6, [sp, #32]
+ LDM lr!, {r6}
+ MOV r7, #0x0
+ UMLAL r8, r7, r0, r6
+ UMAAL r9, r7, r1, r6
+ STR r8, [sp, #16]
+ UMAAL r10, r7, r2, r6
+ UMAAL r11, r7, r3, r6
+ LDM lr!, {r6}
+ MOV r8, #0x0
+ UMLAL r9, r8, r0, r6
+ UMAAL r10, r8, r1, r6
+ STR r9, [sp, #20]
+ UMAAL r11, r8, r2, r6
+ UMAAL r12, r8, r3, r6
+ LDM lr!, {r6}
+ MOV r9, #0x0
+ UMLAL r10, r9, r0, r6
+ UMAAL r11, r9, r1, r6
+ STR r10, [sp, #24]
+ UMAAL r12, r9, r2, r6
+ UMAAL r4, r9, r3, r6
+ LDM lr!, {r6}
+ MOV r10, #0x0
+ UMLAL r11, r10, r0, r6
+ UMAAL r12, r10, r1, r6
+ STR r11, [sp, #28]
+ UMAAL r4, r10, r2, r6
+ UMAAL r5, r10, r3, r6
+ LDM lr!, {r11}
+ UMAAL r12, r7, r0, r11
+ UMAAL r4, r7, r1, r11
+ LDR r6, [sp, #32]
+ UMAAL r5, r7, r2, r11
+ UMAAL r6, r7, r3, r11
+ LDM lr!, {r11}
+ UMAAL r4, r8, r0, r11
+ UMAAL r5, r8, r1, r11
+ UMAAL r6, r8, r2, r11
+ UMAAL r7, r8, r3, r11
+ LDM lr, {r11, lr}
+ UMAAL r5, r9, r0, r11
+ UMAAL r6, r10, r0, lr
+ UMAAL r6, r9, r1, r11
+ UMAAL r7, r10, r1, lr
+ UMAAL r7, r9, r2, r11
+ UMAAL r8, r10, r2, lr
+ UMAAL r8, r9, r3, r11
+ UMAAL r9, r10, r3, lr
+ /* Reduce */
+ LDR r0, [sp, #28]
+ MOV lr, #0x25
+ UMAAL r10, r0, r10, lr
+ MOV lr, #0x13
+ LSL r0, r0, #1
+ ORR r0, r0, r10, LSR #31
+ MUL r11, r0, lr
+ POP {r0, r1, r2}
+ MOV lr, #0x26
+ UMAAL r0, r11, r12, lr
+ UMAAL r1, r11, r4, lr
+ UMAAL r2, r11, r5, lr
+ POP {r3, r4, r5}
+ UMAAL r3, r11, r6, lr
+ UMAAL r4, r11, r7, lr
+ UMAAL r5, r11, r8, lr
+ POP {r6}
+ BFC r10, #31, #1
+ UMAAL r6, r11, r9, lr
+ ADD r7, r10, r11
+ LDR lr, [sp, #8]
+ /* Store */
+ STM lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+ ADD sp, sp, #0x10
+ POP {pc}
+ /* Cycle Count = 239 */
+ .size fe_mul_op,.-fe_mul_op
+#endif /* WOLFSSL_SP_NO_UMAAL */
+ .text
+ .align 4
+ .globl fe_mul
+ .type fe_mul, %function
+fe_mul:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ BL fe_mul_op
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 24 */
+ .size fe_mul,.-fe_mul
+#ifdef WOLFSSL_SP_NO_UMAAL
+ .text
+ .align 4
+ .globl fe_sq_op
+ .type fe_sq_op, %function
+fe_sq_op:
+ PUSH {lr}
+ SUB sp, sp, #0x44
+ STR r0, [sp, #64]
+ /* Square */
+ MOV r0, #0x0
+ LDR r12, [r1]
+ /* A[0] * A[1] */
+ LDR lr, [r1, #4]
+ UMULL r4, r5, r12, lr
+ /* A[0] * A[3] */
+ LDR lr, [r1, #12]
+ UMULL r6, r7, r12, lr
+ /* A[0] * A[5] */
+ LDR lr, [r1, #20]
+ UMULL r8, r9, r12, lr
+ /* A[0] * A[7] */
+ LDR lr, [r1, #28]
+ UMULL r10, r3, r12, lr
+ /* A[0] * A[2] */
+ LDR lr, [r1, #8]
+ MOV r11, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[0] * A[4] */
+ LDR lr, [r1, #16]
+ ADCS r7, r7, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[0] * A[6] */
+ LDR lr, [r1, #24]
+ ADCS r9, r9, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ ADCS r3, r3, #0x0
+ STR r4, [sp, #4]
+ STR r5, [sp, #8]
+ /* A[1] * A[2] */
+ LDR r12, [r1, #4]
+ LDR lr, [r1, #8]
+ MOV r11, #0x0
+ UMLAL r6, r11, r12, lr
+ STR r6, [sp, #12]
+ ADDS r7, r7, r11
+ /* A[1] * A[3] */
+ LDR lr, [r1, #12]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ STR r7, [sp, #16]
+ ADDS r8, r8, r11
+ /* A[1] * A[4] */
+ LDR lr, [r1, #16]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[1] * A[5] */
+ LDR lr, [r1, #20]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[1] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[1] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r4, r0, #0x0
+ UMLAL r3, r4, r12, lr
+ /* A[2] * A[3] */
+ LDR r12, [r1, #8]
+ LDR lr, [r1, #12]
+ MOV r11, #0x0
+ UMLAL r8, r11, r12, lr
+ STR r8, [sp, #20]
+ ADDS r9, r9, r11
+ /* A[2] * A[4] */
+ LDR lr, [r1, #16]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ STR r9, [sp, #24]
+ ADDS r10, r10, r11
+ /* A[2] * A[5] */
+ LDR lr, [r1, #20]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[2] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[2] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r5, r0, #0x0
+ UMLAL r4, r5, r12, lr
+ /* A[3] * A[4] */
+ LDR r12, [r1, #12]
+ LDR lr, [r1, #16]
+ MOV r11, #0x0
+ UMLAL r10, r11, r12, lr
+ STR r10, [sp, #28]
+ ADDS r3, r3, r11
+ /* A[3] * A[5] */
+ LDR lr, [r1, #20]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[3] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[3] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r6, r0, #0x0
+ UMLAL r5, r6, r12, lr
+ /* A[4] * A[5] */
+ LDR r12, [r1, #16]
+ LDR lr, [r1, #20]
+ MOV r11, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[4] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[4] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r7, r0, #0x0
+ UMLAL r6, r7, r12, lr
+ /* A[5] * A[6] */
+ LDR r12, [r1, #20]
+ LDR lr, [r1, #24]
+ MOV r11, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[5] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r8, r0, #0x0
+ UMLAL r7, r8, r12, lr
+ /* A[6] * A[7] */
+ LDR r12, [r1, #24]
+ LDR lr, [r1, #28]
+ MOV r9, #0x0
+ UMLAL r8, r9, r12, lr
+ ADD lr, sp, #0x20
+ STM lr, {r3, r4, r5, r6, r7, r8, r9}
+ ADD lr, sp, #0x4
+ LDM lr, {r4, r5, r6, r7, r8, r9, r10}
+ ADDS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADCS r10, r10, r10
+ STM lr!, {r4, r5, r6, r7, r8, r9, r10}
+ LDM lr, {r3, r4, r5, r6, r7, r8, r9}
+ ADCS r3, r3, r3
+ ADCS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADC r10, r0, #0x0
+ STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ ADD lr, sp, #0x4
+ LDM lr, {r4, r5, r6, r7, r8, r9, r10}
+ MOV lr, sp
+ /* A[0] * A[0] */
+ LDR r12, [r1]
+ UMULL r3, r11, r12, r12
+ ADDS r4, r4, r11
+ /* A[1] * A[1] */
+ LDR r12, [r1, #4]
+ ADCS r5, r5, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, r12
+ ADDS r6, r6, r11
+ /* A[2] * A[2] */
+ LDR r12, [r1, #8]
+ ADCS r7, r7, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, r12
+ ADDS r8, r8, r11
+ /* A[3] * A[3] */
+ LDR r12, [r1, #12]
+ ADCS r9, r9, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, r12
+ ADDS r10, r10, r11
+ STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+ LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ /* A[4] * A[4] */
+ LDR r12, [r1, #16]
+ ADCS r3, r3, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, r12
+ ADDS r4, r4, r11
+ /* A[5] * A[5] */
+ LDR r12, [r1, #20]
+ ADCS r5, r5, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, r12
+ ADDS r6, r6, r11
+ /* A[6] * A[6] */
+ LDR r12, [r1, #24]
+ ADCS r7, r7, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, r12
+ ADDS r8, r8, r11
+ /* A[7] * A[7] */
+ LDR r12, [r1, #28]
+ ADCS r9, r9, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r9, r10, r12, r12
+ /* Reduce */
+ LDR r2, [sp, #28]
+ MOV lr, sp
+ MOV r12, #0x26
+ UMULL r10, r11, r10, r12
+ ADDS r10, r10, r2
+ ADC r11, r11, #0x0
+ MOV r12, #0x13
+ LSL r11, r11, #1
+ ORR r11, r11, r10, LSR #31
+ MUL r11, r11, r12
+ LDM lr!, {r1, r2}
+ MOV r12, #0x26
+ ADDS r1, r1, r11
+ ADC r11, r0, #0x0
+ UMLAL r1, r11, r3, r12
+ ADDS r2, r2, r11
+ ADC r11, r0, #0x0
+ UMLAL r2, r11, r4, r12
+ LDM lr!, {r3, r4}
+ ADDS r3, r3, r11
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r5, r12
+ ADDS r4, r4, r11
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r6, r12
+ LDM lr!, {r5, r6}
+ ADDS r5, r5, r11
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r7, r12
+ ADDS r6, r6, r11
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r8, r12
+ LDM lr!, {r7, r8}
+ ADDS r7, r7, r11
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r9, r12
+ BFC r10, #31, #1
+ ADDS r8, r10, r11
+ /* Store */
+ LDR r0, [sp, #64]
+ STM r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+ ADD sp, sp, #0x44
+ POP {pc}
+ /* Cycle Count = 355 */
+ .size fe_sq_op,.-fe_sq_op
+#else
+ .text
+ .align 4
+ .globl fe_sq_op
+ .type fe_sq_op, %function
+fe_sq_op:
+ PUSH {lr}
+ SUB sp, sp, #0x20
+ STR r0, [sp, #28]
+ LDM r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+ /* Square */
+ UMULL r9, r10, r0, r0
+ UMULL r11, r12, r0, r1
+ ADDS r11, r11, r11
+ MOV lr, #0x0
+ UMAAL r10, r11, lr, lr
+ STM sp, {r9, r10}
+ MOV r8, lr
+ UMAAL r8, r12, r0, r2
+ ADCS r8, r8, r8
+ UMAAL r8, r11, r1, r1
+ UMULL r9, r10, r0, r3
+ UMAAL r9, r12, r1, r2
+ ADCS r9, r9, r9
+ UMAAL r9, r11, lr, lr
+ STRD r8, r9, [sp, #8]
+ MOV r9, lr
+ UMAAL r9, r10, r0, r4
+ UMAAL r9, r12, r1, r3
+ ADCS r9, r9, r9
+ UMAAL r9, r11, r2, r2
+ STR r9, [sp, #16]
+ UMULL r9, r8, r0, r5
+ UMAAL r9, r12, r1, r4
+ UMAAL r9, r10, r2, r3
+ ADCS r9, r9, r9
+ UMAAL r9, r11, lr, lr
+ STR r9, [sp, #20]
+ MOV r9, lr
+ UMAAL r9, r8, r0, r6
+ UMAAL r9, r12, r1, r5
+ UMAAL r9, r10, r2, r4
+ ADCS r9, r9, r9
+ UMAAL r9, r11, r3, r3
+ STR r9, [sp, #24]
+ UMULL r0, r9, r0, r7
+ UMAAL r0, r8, r1, r6
+ UMAAL r0, r12, r2, r5
+ UMAAL r0, r10, r3, r4
+ ADCS r0, r0, r0
+ UMAAL r0, r11, lr, lr
+ /* R[7] = r0 */
+ UMAAL r9, r8, r1, r7
+ UMAAL r9, r10, r2, r6
+ UMAAL r12, r9, r3, r5
+ ADCS r12, r12, r12
+ UMAAL r12, r11, r4, r4
+ /* R[8] = r12 */
+ UMAAL r9, r8, r2, r7
+ UMAAL r10, r9, r3, r6
+ MOV r2, lr
+ UMAAL r10, r2, r4, r5
+ ADCS r10, r10, r10
+ UMAAL r11, r10, lr, lr
+ /* R[9] = r11 */
+ UMAAL r2, r8, r3, r7
+ UMAAL r2, r9, r4, r6
+ ADCS r3, r2, r2
+ UMAAL r10, r3, r5, r5
+ /* R[10] = r10 */
+ MOV r1, lr
+ UMAAL r1, r8, r4, r7
+ UMAAL r1, r9, r5, r6
+ ADCS r4, r1, r1
+ UMAAL r3, r4, lr, lr
+ /* R[11] = r3 */
+ UMAAL r8, r9, r5, r7
+ ADCS r8, r8, r8
+ UMAAL r4, r8, r6, r6
+ /* R[12] = r4 */
+ MOV r5, lr
+ UMAAL r5, r9, r6, r7
+ ADCS r5, r5, r5
+ UMAAL r8, r5, lr, lr
+ /* R[13] = r8 */
+ ADCS r9, r9, r9
+ UMAAL r9, r5, r7, r7
+ ADCS r7, r5, lr
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ /* Reduce */
+ MOV r6, #0x25
+ UMAAL r7, r0, r7, r6
+ MOV r6, #0x13
+ LSL r0, r0, #1
+ ORR r0, r0, r7, LSR #31
+ MUL lr, r0, r6
+ POP {r0, r1}
+ MOV r6, #0x26
+ UMAAL r0, lr, r12, r6
+ UMAAL r1, lr, r11, r6
+ MOV r12, r3
+ MOV r11, r4
+ POP {r2, r3, r4}
+ UMAAL r2, lr, r10, r6
+ UMAAL r3, lr, r12, r6
+ UMAAL r4, lr, r11, r6
+ MOV r12, r6
+ POP {r5, r6}
+ UMAAL r5, lr, r8, r12
+ BFC r7, #31, #1
+ UMAAL r6, lr, r9, r12
+ ADD r7, r7, lr
+ POP {lr}
+ /* Store */
+ STM lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+ POP {pc}
+ /* Cycle Count = 179 */
+ .size fe_sq_op,.-fe_sq_op
+#endif /* WOLFSSL_SP_NO_UMAAL */
+ .text
+ .align 4
+ .globl fe_sq
+ .type fe_sq, %function
+fe_sq:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ BL fe_sq_op
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 24 */
+ .size fe_sq,.-fe_sq
+#ifdef HAVE_CURVE25519
+#ifdef WOLFSSL_SP_NO_UMAAL
+ .text
+ .align 4
+ .globl fe_mul121666
+ .type fe_mul121666, %function
+fe_mul121666:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ /* Multiply by 121666 */
+ LDM r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+ MOV r12, #0xdb42
+ MOVT r12, #0x1
+ UMULL r2, r10, r2, r12
+ UMULL r3, r11, r3, r12
+ ADDS r3, r3, r10
+ ADC r11, r11, #0x0
+ UMULL r4, r10, r4, r12
+ ADDS r4, r4, r11
+ ADC r10, r10, #0x0
+ UMULL r5, r11, r5, r12
+ ADDS r5, r5, r10
+ ADC r11, r11, #0x0
+ UMULL r6, r10, r6, r12
+ ADDS r6, r6, r11
+ ADC r10, r10, #0x0
+ UMULL r7, r11, r7, r12
+ ADDS r7, r7, r10
+ ADC r11, r11, #0x0
+ UMULL r8, r10, r8, r12
+ ADDS r8, r8, r11
+ ADC r10, r10, #0x0
+ UMULL r9, r11, r9, r12
+ ADDS r9, r9, r10
+ MOV r12, #0x13
+ ADC r11, r11, #0x0
+ LSL r11, r11, #1
+ ORR r11, r11, r9, LSR #31
+ MUL r11, r11, r12
+ ADDS r2, r2, r11
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ BFC r9, #31, #1
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ STM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 75 */
+ .size fe_mul121666,.-fe_mul121666
+#else
+ .text
+ .align 4
+ .globl fe_mul121666
+ .type fe_mul121666, %function
+fe_mul121666:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ /* Multiply by 121666 */
+ LDM r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+ MOV r11, #0xdb42
+ MOVT r11, #0x1
+ UMULL r2, r12, r2, r11
+ SUB r10, r11, #0x1
+ UMAAL r3, r12, r3, r10
+ UMAAL r4, r12, r4, r10
+ UMAAL r5, r12, r5, r10
+ UMAAL r6, r12, r6, r10
+ UMAAL r7, r12, r7, r10
+ UMAAL r8, r12, r8, r10
+ MOV r11, #0x13
+ UMAAL r9, r12, r9, r10
+ LSL r12, r12, #1
+ ORR r12, r12, r9, LSR #31
+ MUL r12, r12, r11
+ ADDS r2, r2, r12
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ BFC r9, #31, #1
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ STM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 69 */
+ .size fe_mul121666,.-fe_mul121666
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WC_NO_CACHE_RESISTANT
+ .text
+ .align 4
+ .globl curve25519
+ .type curve25519, %function
+curve25519:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0xbc
+ STR r0, [sp, #160]
+ STR r1, [sp, #164]
+ STR r2, [sp, #168]
+ MOV r1, #0x0
+ STR r1, [sp, #172]
+ MOV r4, #0x1
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ MOV r10, #0x0
+ MOV r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADD r3, sp, #0x20
+ STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ MOV r4, #0x0
+ MOV r3, sp
+ STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADD r3, sp, #0x40
+ /* Copy */
+ LDM r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+ STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ MOV r1, #0x1e
+ STR r1, [sp, #180]
+ MOV r2, #0x1c
+ STR r2, [sp, #176]
+L_curve25519_words:
+L_curve25519_bits:
+ LDR r1, [sp, #164]
+ LDR r2, [r1, r2]
+ LDR r1, [sp, #180]
+ LSR r2, r2, r1
+ AND r2, r2, #0x1
+ STR r2, [sp, #184]
+ LDR r1, [sp, #172]
+ EOR r1, r1, r2
+ STR r1, [sp, #172]
+ LDR r0, [sp, #160]
+ /* Conditional Swap */
+ RSB r1, r1, #0x0
+ MOV r3, r0
+ ADD r12, sp, #0x40
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDR r1, [sp, #172]
+ /* Conditional Swap */
+ RSB r1, r1, #0x0
+ MOV r3, sp
+ ADD r12, sp, #0x20
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDM r3, {r4, r5}
+ LDM r12, {r6, r7}
+ EOR r8, r4, r6
+ EOR r9, r5, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r9
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ STM r3!, {r4, r5}
+ STM r12!, {r6, r7}
+ LDR r1, [sp, #184]
+ STR r1, [sp, #172]
+ MOV r3, sp
+ LDR r2, [sp, #160]
+ ADD r1, sp, #0x80
+ LDR r0, [sp, #160]
+ BL fe_add_sub_op
+ ADD r3, sp, #0x20
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ MOV r0, sp
+ BL fe_add_sub_op
+ LDR r2, [sp, #160]
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r2, sp, #0x80
+ MOV r1, sp
+ MOV r0, sp
+ BL fe_mul_op
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ BL fe_sq_op
+ LDR r1, [sp, #160]
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r3, sp
+ ADD r2, sp, #0x20
+ MOV r1, sp
+ ADD r0, sp, #0x40
+ BL fe_add_sub_op
+ ADD r2, sp, #0x80
+ ADD r1, sp, #0x60
+ LDR r0, [sp, #160]
+ BL fe_mul_op
+ ADD r2, sp, #0x80
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ BL fe_sub_op
+ MOV r1, sp
+ MOV r0, sp
+ BL fe_sq_op
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x20
+ BL fe_mul121666
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ BL fe_add_op
+ MOV r2, sp
+ LDR r1, [sp, #168]
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r2, sp, #0x80
+ ADD r1, sp, #0x60
+ MOV r0, sp
+ BL fe_mul_op
+ LDR r2, [sp, #176]
+ LDR r1, [sp, #180]
+ SUBS r1, r1, #0x1
+ STR r1, [sp, #180]
+#ifdef __GNUC__
+ BGE L_curve25519_bits
+#else
+ BGE.W L_curve25519_bits
+#endif
+ MOV r1, #0x1f
+ STR r1, [sp, #180]
+ SUBS r2, r2, #0x4
+ STR r2, [sp, #176]
+#ifdef __GNUC__
+ BGE L_curve25519_words
+#else
+ BGE.W L_curve25519_words
+#endif
+ /* Invert */
+ ADD r1, sp, #0x0
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x0
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x4
+L_curve25519_inv_1:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_1
+#else
+ BNE.N L_curve25519_inv_1
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x9
+L_curve25519_inv_2:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_2
+#else
+ BNE.N L_curve25519_inv_2
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x80
+ BL fe_sq_op
+ MOV r12, #0x13
+L_curve25519_inv_3:
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_3
+#else
+ BNE.N L_curve25519_inv_3
+#endif
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ MOV r12, #0xa
+L_curve25519_inv_4:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_4
+#else
+ BNE.N L_curve25519_inv_4
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x31
+L_curve25519_inv_5:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_5
+#else
+ BNE.N L_curve25519_inv_5
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x80
+ BL fe_sq_op
+ MOV r12, #0x63
+L_curve25519_inv_6:
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_6
+#else
+ BNE.N L_curve25519_inv_6
+#endif
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ MOV r12, #0x32
+L_curve25519_inv_7:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_7
+#else
+ BNE.N L_curve25519_inv_7
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ MOV r12, #0x5
+L_curve25519_inv_8:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_8
+#else
+ BNE.N L_curve25519_inv_8
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x0
+ BL fe_mul_op
+ MOV r2, sp
+ LDR r1, [sp, #160]
+ LDR r0, [sp, #160]
+ BL fe_mul_op
+ MOV r0, #0x0
+ ADD sp, sp, #0xbc
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 682 */
+ .size curve25519,.-curve25519
+#else
+ .text
+ .align 4
+ .globl curve25519
+ .type curve25519, %function
+curve25519:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0xc0
+ STR r0, [sp, #176]
+ STR r1, [sp, #160]
+ STR r2, [sp, #172]
+ ADD r5, sp, #0x40
+ ADD r4, sp, #0x20
+ STR sp, [sp, #184]
+ STR r5, [sp, #180]
+ STR r4, [sp, #188]
+ MOV r1, #0x0
+ STR r1, [sp, #164]
+ MOV r4, #0x1
+ MOV r5, #0x0
+ MOV r6, #0x0
+ MOV r7, #0x0
+ MOV r8, #0x0
+ MOV r9, #0x0
+ MOV r10, #0x0
+ MOV r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADD r3, sp, #0x20
+ STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ MOV r4, #0x0
+ MOV r3, sp
+ STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADD r3, sp, #0x40
+ /* Copy */
+ LDM r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+ STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+ MOV r2, #0xfe
+L_curve25519_bits:
+ STR r2, [sp, #168]
+ LDR r1, [sp, #160]
+ AND r4, r2, #0x1f
+ LSR r2, r2, #5
+ LDR r2, [r1, r2, LSL #2]
+ RSB r4, r4, #0x1f
+ LSL r2, r2, r4
+ LDR r1, [sp, #164]
+ EOR r1, r1, r2
+ ASR r1, r1, #31
+ STR r2, [sp, #164]
+ /* Conditional Swap */
+ ADD r11, sp, #0xb0
+ LDM r11, {r4, r5, r6, r7}
+ EOR r8, r4, r5
+ EOR r9, r6, r7
+ AND r8, r8, r1
+ AND r9, r9, r1
+ EOR r4, r4, r8
+ EOR r5, r5, r8
+ EOR r6, r6, r9
+ EOR r7, r7, r9
+ STM r11, {r4, r5, r6, r7}
+ /* Ladder step */
+ LDR r3, [sp, #184]
+ LDR r2, [sp, #176]
+ ADD r1, sp, #0x80
+ LDR r0, [sp, #176]
+ BL fe_add_sub_op
+ LDR r3, [sp, #188]
+ LDR r2, [sp, #180]
+ ADD r1, sp, #0x60
+ LDR r0, [sp, #184]
+ BL fe_add_sub_op
+ LDR r2, [sp, #176]
+ ADD r1, sp, #0x60
+ LDR r0, [sp, #188]
+ BL fe_mul_op
+ ADD r2, sp, #0x80
+ LDR r1, [sp, #184]
+ LDR r0, [sp, #184]
+ BL fe_mul_op
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ LDR r1, [sp, #176]
+ ADD r0, sp, #0x80
+ BL fe_sq_op
+ LDR r3, [sp, #184]
+ LDR r2, [sp, #188]
+ LDR r1, [sp, #184]
+ LDR r0, [sp, #180]
+ BL fe_add_sub_op
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ LDR r0, [sp, #176]
+ BL fe_mul_op
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ BL fe_sub_op
+ LDR r1, [sp, #184]
+ LDR r0, [sp, #184]
+ BL fe_sq_op
+ ADD r1, sp, #0x80
+ LDR r0, [sp, #188]
+ BL fe_mul121666
+ LDR r1, [sp, #180]
+ LDR r0, [sp, #180]
+ BL fe_sq_op
+ LDR r2, [sp, #188]
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ BL fe_add_op
+ LDR r2, [sp, #184]
+ LDR r1, [sp, #172]
+ LDR r0, [sp, #188]
+ BL fe_mul_op
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ LDR r0, [sp, #184]
+ BL fe_mul_op
+ LDR r2, [sp, #168]
+ SUBS r2, r2, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BGE L_curve25519_bits
+#else
+ BGE.N L_curve25519_bits
+#endif
+ /* Cycle Count: 171 */
+ LDR r1, [sp, #184]
+ /* Copy */
+ LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ STM sp, {r4, r5, r6, r7, r8, r9, r10, r11}
+ /* Invert */
+ ADD r1, sp, #0x0
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x0
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x4
+L_curve25519_inv_1:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_1
+#else
+ BNE.N L_curve25519_inv_1
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x9
+L_curve25519_inv_2:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_2
+#else
+ BNE.N L_curve25519_inv_2
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x80
+ BL fe_sq_op
+ MOV r12, #0x13
+L_curve25519_inv_3:
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_3
+#else
+ BNE.N L_curve25519_inv_3
+#endif
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ MOV r12, #0xa
+L_curve25519_inv_4:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_4
+#else
+ BNE.N L_curve25519_inv_4
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x31
+L_curve25519_inv_5:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_5
+#else
+ BNE.N L_curve25519_inv_5
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x80
+ BL fe_sq_op
+ MOV r12, #0x63
+L_curve25519_inv_6:
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x80
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_6
+#else
+ BNE.N L_curve25519_inv_6
+#endif
+ ADD r2, sp, #0x60
+ ADD r1, sp, #0x80
+ ADD r0, sp, #0x60
+ BL fe_mul_op
+ MOV r12, #0x32
+L_curve25519_inv_7:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_7
+#else
+ BNE.N L_curve25519_inv_7
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ MOV r12, #0x5
+L_curve25519_inv_8:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_curve25519_inv_8
+#else
+ BNE.N L_curve25519_inv_8
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x0
+ BL fe_mul_op
+ LDR r2, [sp, #184]
+ LDR r1, [sp, #176]
+ LDR r0, [sp, #176]
+ BL fe_mul_op
+ /* Ensure result is less than modulus */
+ LDR r0, [sp, #176]
+ LDM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ MOV r2, #0x13
+ AND r2, r2, r11, ASR #31
+ ADDS r4, r4, r2
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADCS r9, r9, #0x0
+ BFC r11, #31, #1
+ ADCS r10, r10, #0x0
+ ADC r11, r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ MOV r0, #0x0
+ ADD sp, sp, #0xc0
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 589 */
+ .size curve25519,.-curve25519
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+ .text
+ .align 4
+ .globl fe_invert
+ .type fe_invert, %function
+fe_invert:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x88
+ /* Invert */
+ STR r0, [sp, #128]
+ STR r1, [sp, #132]
+ LDR r1, [sp, #132]
+ MOV r0, sp
+ BL fe_sq_op
+ MOV r1, sp
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ ADD r2, sp, #0x20
+ LDR r1, [sp, #132]
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r2, sp, #0x20
+ MOV r1, sp
+ MOV r0, sp
+ BL fe_mul_op
+ MOV r1, sp
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ MOV r12, #0x4
+L_fe_invert1:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert1
+#else
+ BNE.N L_fe_invert1
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ MOV r12, #0x9
+L_fe_invert2:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert2
+#else
+ BNE.N L_fe_invert2
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x13
+L_fe_invert3:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert3
+#else
+ BNE.N L_fe_invert3
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ MOV r12, #0xa
+L_fe_invert4:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert4
+#else
+ BNE.N L_fe_invert4
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ MOV r12, #0x31
+L_fe_invert5:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert5
+#else
+ BNE.N L_fe_invert5
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x60
+ BL fe_sq_op
+ MOV r12, #0x63
+L_fe_invert6:
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x60
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert6
+#else
+ BNE.N L_fe_invert6
+#endif
+ ADD r2, sp, #0x40
+ ADD r1, sp, #0x60
+ ADD r0, sp, #0x40
+ BL fe_mul_op
+ MOV r12, #0x32
+L_fe_invert7:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert7
+#else
+ BNE.N L_fe_invert7
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ MOV r12, #0x5
+L_fe_invert8:
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_invert8
+#else
+ BNE.N L_fe_invert8
+#endif
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ LDR r0, [sp, #128]
+ BL fe_mul_op
+ LDR r1, [sp, #132]
+ LDR r0, [sp, #128]
+ ADD sp, sp, #0x88
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 292 */
+ .size fe_invert,.-fe_invert
+#ifdef WOLFSSL_SP_NO_UMAAL
+ .text
+ .align 4
+ .globl fe_sq2
+ .type fe_sq2, %function
+fe_sq2:
+ PUSH {lr}
+ SUB sp, sp, #0x44
+ STR r0, [sp, #64]
+ /* Square * 2 */
+ MOV r0, #0x0
+ LDR r12, [r1]
+ /* A[0] * A[1] */
+ LDR lr, [r1, #4]
+ UMULL r4, r5, r12, lr
+ /* A[0] * A[3] */
+ LDR lr, [r1, #12]
+ UMULL r6, r7, r12, lr
+ /* A[0] * A[5] */
+ LDR lr, [r1, #20]
+ UMULL r8, r9, r12, lr
+ /* A[0] * A[7] */
+ LDR lr, [r1, #28]
+ UMULL r10, r3, r12, lr
+ /* A[0] * A[2] */
+ LDR lr, [r1, #8]
+ MOV r11, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[0] * A[4] */
+ LDR lr, [r1, #16]
+ ADCS r7, r7, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[0] * A[6] */
+ LDR lr, [r1, #24]
+ ADCS r9, r9, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ ADCS r3, r3, #0x0
+ STR r4, [sp, #4]
+ STR r5, [sp, #8]
+ /* A[1] * A[2] */
+ LDR r12, [r1, #4]
+ LDR lr, [r1, #8]
+ MOV r11, #0x0
+ UMLAL r6, r11, r12, lr
+ STR r6, [sp, #12]
+ ADDS r7, r7, r11
+ /* A[1] * A[3] */
+ LDR lr, [r1, #12]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ STR r7, [sp, #16]
+ ADDS r8, r8, r11
+ /* A[1] * A[4] */
+ LDR lr, [r1, #16]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[1] * A[5] */
+ LDR lr, [r1, #20]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[1] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[1] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r4, r0, #0x0
+ UMLAL r3, r4, r12, lr
+ /* A[2] * A[3] */
+ LDR r12, [r1, #8]
+ LDR lr, [r1, #12]
+ MOV r11, #0x0
+ UMLAL r8, r11, r12, lr
+ STR r8, [sp, #20]
+ ADDS r9, r9, r11
+ /* A[2] * A[4] */
+ LDR lr, [r1, #16]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ STR r9, [sp, #24]
+ ADDS r10, r10, r11
+ /* A[2] * A[5] */
+ LDR lr, [r1, #20]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[2] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[2] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r5, r0, #0x0
+ UMLAL r4, r5, r12, lr
+ /* A[3] * A[4] */
+ LDR r12, [r1, #12]
+ LDR lr, [r1, #16]
+ MOV r11, #0x0
+ UMLAL r10, r11, r12, lr
+ STR r10, [sp, #28]
+ ADDS r3, r3, r11
+ /* A[3] * A[5] */
+ LDR lr, [r1, #20]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[3] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[3] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r6, r0, #0x0
+ UMLAL r5, r6, r12, lr
+ /* A[4] * A[5] */
+ LDR r12, [r1, #16]
+ LDR lr, [r1, #20]
+ MOV r11, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[4] * A[6] */
+ LDR lr, [r1, #24]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[4] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r7, r0, #0x0
+ UMLAL r6, r7, r12, lr
+ /* A[5] * A[6] */
+ LDR r12, [r1, #20]
+ LDR lr, [r1, #24]
+ MOV r11, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[5] * A[7] */
+ LDR lr, [r1, #28]
+ ADC r8, r0, #0x0
+ UMLAL r7, r8, r12, lr
+ /* A[6] * A[7] */
+ LDR r12, [r1, #24]
+ LDR lr, [r1, #28]
+ MOV r9, #0x0
+ UMLAL r8, r9, r12, lr
+ ADD lr, sp, #0x20
+ STM lr, {r3, r4, r5, r6, r7, r8, r9}
+ ADD lr, sp, #0x4
+ LDM lr, {r4, r5, r6, r7, r8, r9, r10}
+ ADDS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADCS r10, r10, r10
+ STM lr!, {r4, r5, r6, r7, r8, r9, r10}
+ LDM lr, {r3, r4, r5, r6, r7, r8, r9}
+ ADCS r3, r3, r3
+ ADCS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADC r10, r0, #0x0
+ STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ ADD lr, sp, #0x4
+ LDM lr, {r4, r5, r6, r7, r8, r9, r10}
+ MOV lr, sp
+ /* A[0] * A[0] */
+ LDR r12, [r1]
+ UMULL r3, r11, r12, r12
+ ADDS r4, r4, r11
+ /* A[1] * A[1] */
+ LDR r12, [r1, #4]
+ ADCS r5, r5, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, r12
+ ADDS r6, r6, r11
+ /* A[2] * A[2] */
+ LDR r12, [r1, #8]
+ ADCS r7, r7, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, r12
+ ADDS r8, r8, r11
+ /* A[3] * A[3] */
+ LDR r12, [r1, #12]
+ ADCS r9, r9, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, r12
+ ADDS r10, r10, r11
+ STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+ LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ /* A[4] * A[4] */
+ LDR r12, [r1, #16]
+ ADCS r3, r3, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, r12
+ ADDS r4, r4, r11
+ /* A[5] * A[5] */
+ LDR r12, [r1, #20]
+ ADCS r5, r5, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, r12
+ ADDS r6, r6, r11
+ /* A[6] * A[6] */
+ LDR r12, [r1, #24]
+ ADCS r7, r7, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, r12
+ ADDS r8, r8, r11
+ /* A[7] * A[7] */
+ LDR r12, [r1, #28]
+ ADCS r9, r9, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r9, r10, r12, r12
+ /* Reduce */
+ LDR r2, [sp, #28]
+ MOV lr, sp
+ MOV r12, #0x26
+ UMULL r10, r11, r10, r12
+ ADDS r10, r10, r2
+ ADC r11, r11, #0x0
+ MOV r12, #0x13
+ LSL r11, r11, #1
+ ORR r11, r11, r10, LSR #31
+ MUL r11, r11, r12
+ LDM lr!, {r1, r2}
+ MOV r12, #0x26
+ ADDS r1, r1, r11
+ ADC r11, r0, #0x0
+ UMLAL r1, r11, r3, r12
+ ADDS r2, r2, r11
+ ADC r11, r0, #0x0
+ UMLAL r2, r11, r4, r12
+ LDM lr!, {r3, r4}
+ ADDS r3, r3, r11
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r5, r12
+ ADDS r4, r4, r11
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r6, r12
+ LDM lr!, {r5, r6}
+ ADDS r5, r5, r11
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r7, r12
+ ADDS r6, r6, r11
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r8, r12
+ LDM lr!, {r7, r8}
+ ADDS r7, r7, r11
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r9, r12
+ BFC r10, #31, #1
+ ADDS r8, r10, r11
+ /* Reduce if top bit set */
+ MOV r12, #0x13
+ AND r11, r12, r8, ASR #31
+ ADDS r1, r1, r11
+ ADCS r2, r2, #0x0
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ BFC r8, #31, #1
+ ADCS r7, r7, #0x0
+ ADC r8, r8, #0x0
+ /* Double */
+ ADDS r1, r1, r1
+ ADCS r2, r2, r2
+ ADCS r3, r3, r3
+ ADCS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADC r8, r8, r8
+ /* Reduce if top bit set */
+ MOV r12, #0x13
+ AND r11, r12, r8, ASR #31
+ ADDS r1, r1, r11
+ ADCS r2, r2, #0x0
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ BFC r8, #31, #1
+ ADCS r7, r7, #0x0
+ ADC r8, r8, #0x0
+ /* Store */
+ LDR r0, [sp, #64]
+ STM r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+ ADD sp, sp, #0x44
+ POP {pc}
+ /* Cycle Count = 385 */
+ .size fe_sq2,.-fe_sq2
+#else
+ .text
+ .align 4
+ .globl fe_sq2
+ .type fe_sq2, %function
+fe_sq2:
+ PUSH {lr}
+ SUB sp, sp, #0x24
+ STRD r0, r1, [sp, #28]
+ LDM r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+ /* Square * 2 */
+ UMULL r9, r10, r0, r0
+ UMULL r11, r12, r0, r1
+ ADDS r11, r11, r11
+ MOV lr, #0x0
+ UMAAL r10, r11, lr, lr
+ STM sp, {r9, r10}
+ MOV r8, lr
+ UMAAL r8, r12, r0, r2
+ ADCS r8, r8, r8
+ UMAAL r8, r11, r1, r1
+ UMULL r9, r10, r0, r3
+ UMAAL r9, r12, r1, r2
+ ADCS r9, r9, r9
+ UMAAL r9, r11, lr, lr
+ STRD r8, r9, [sp, #8]
+ MOV r9, lr
+ UMAAL r9, r10, r0, r4
+ UMAAL r9, r12, r1, r3
+ ADCS r9, r9, r9
+ UMAAL r9, r11, r2, r2
+ STR r9, [sp, #16]
+ UMULL r9, r8, r0, r5
+ UMAAL r9, r12, r1, r4
+ UMAAL r9, r10, r2, r3
+ ADCS r9, r9, r9
+ UMAAL r9, r11, lr, lr
+ STR r9, [sp, #20]
+ MOV r9, lr
+ UMAAL r9, r8, r0, r6
+ UMAAL r9, r12, r1, r5
+ UMAAL r9, r10, r2, r4
+ ADCS r9, r9, r9
+ UMAAL r9, r11, r3, r3
+ STR r9, [sp, #24]
+ UMULL r0, r9, r0, r7
+ UMAAL r0, r8, r1, r6
+ UMAAL r0, r12, r2, r5
+ UMAAL r0, r10, r3, r4
+ ADCS r0, r0, r0
+ UMAAL r0, r11, lr, lr
+ /* R[7] = r0 */
+ UMAAL r9, r8, r1, r7
+ UMAAL r9, r10, r2, r6
+ UMAAL r12, r9, r3, r5
+ ADCS r12, r12, r12
+ UMAAL r12, r11, r4, r4
+ /* R[8] = r12 */
+ UMAAL r9, r8, r2, r7
+ UMAAL r10, r9, r3, r6
+ MOV r2, lr
+ UMAAL r10, r2, r4, r5
+ ADCS r10, r10, r10
+ UMAAL r11, r10, lr, lr
+ /* R[9] = r11 */
+ UMAAL r2, r8, r3, r7
+ UMAAL r2, r9, r4, r6
+ ADCS r3, r2, r2
+ UMAAL r10, r3, r5, r5
+ /* R[10] = r10 */
+ MOV r1, lr
+ UMAAL r1, r8, r4, r7
+ UMAAL r1, r9, r5, r6
+ ADCS r4, r1, r1
+ UMAAL r3, r4, lr, lr
+ /* R[11] = r3 */
+ UMAAL r8, r9, r5, r7
+ ADCS r8, r8, r8
+ UMAAL r4, r8, r6, r6
+ /* R[12] = r4 */
+ MOV r5, lr
+ UMAAL r5, r9, r6, r7
+ ADCS r5, r5, r5
+ UMAAL r8, r5, lr, lr
+ /* R[13] = r8 */
+ ADCS r9, r9, r9
+ UMAAL r9, r5, r7, r7
+ ADCS r7, r5, lr
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ /* Reduce */
+ MOV r6, #0x25
+ UMAAL r7, r0, r7, r6
+ MOV r6, #0x13
+ LSL r0, r0, #1
+ ORR r0, r0, r7, LSR #31
+ MUL lr, r0, r6
+ POP {r0, r1}
+ MOV r6, #0x26
+ UMAAL r0, lr, r12, r6
+ UMAAL r1, lr, r11, r6
+ MOV r12, r3
+ MOV r11, r4
+ POP {r2, r3, r4}
+ UMAAL r2, lr, r10, r6
+ UMAAL r3, lr, r12, r6
+ UMAAL r4, lr, r11, r6
+ MOV r12, r6
+ POP {r5, r6}
+ UMAAL r5, lr, r8, r12
+ BFC r7, #31, #1
+ UMAAL r6, lr, r9, r12
+ ADD r7, r7, lr
+ /* Reduce if top bit set */
+ MOV r11, #0x13
+ AND r12, r11, r7, ASR #31
+ ADDS r0, r0, r12
+ ADCS r1, r1, #0x0
+ ADCS r2, r2, #0x0
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ BFC r7, #31, #1
+ ADCS r6, r6, #0x0
+ ADC r7, r7, #0x0
+ /* Double */
+ ADDS r0, r0, r0
+ ADCS r1, r1, r1
+ ADCS r2, r2, r2
+ ADCS r3, r3, r3
+ ADCS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADC r7, r7, r7
+ /* Reduce if top bit set */
+ MOV r11, #0x13
+ AND r12, r11, r7, ASR #31
+ ADDS r0, r0, r12
+ ADCS r1, r1, #0x0
+ ADCS r2, r2, #0x0
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ BFC r7, #31, #1
+ ADCS r6, r6, #0x0
+ ADC r7, r7, #0x0
+ POP {r12, lr}
+ /* Store */
+ STM r12, {r0, r1, r2, r3, r4, r5, r6, r7}
+ MOV r0, r12
+ MOV r1, lr
+ POP {pc}
+ /* Cycle Count = 213 */
+ .size fe_sq2,.-fe_sq2
+#endif /* WOLFSSL_SP_NO_UMAAL */
+ .text
+ .align 4
+ .globl fe_pow22523
+ .type fe_pow22523, %function
+fe_pow22523:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x68
+ /* pow22523 */
+ STR r0, [sp, #96]
+ STR r1, [sp, #100]
+ LDR r1, [sp, #100]
+ MOV r0, sp
+ BL fe_sq_op
+ MOV r1, sp
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ ADD r2, sp, #0x20
+ LDR r1, [sp, #100]
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r2, sp, #0x20
+ MOV r1, sp
+ MOV r0, sp
+ BL fe_mul_op
+ MOV r1, sp
+ MOV r0, sp
+ BL fe_sq_op
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ MOV r0, sp
+ BL fe_mul_op
+ MOV r1, sp
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ MOV r12, #0x4
+L_fe_pow22523_1:
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_1
+#else
+ BNE.N L_fe_pow22523_1
+#endif
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ MOV r0, sp
+ BL fe_mul_op
+ MOV r1, sp
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ MOV r12, #0x9
+L_fe_pow22523_2:
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_2
+#else
+ BNE.N L_fe_pow22523_2
+#endif
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ MOV r12, #0x13
+L_fe_pow22523_3:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_3
+#else
+ BNE.N L_fe_pow22523_3
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ MOV r12, #0xa
+L_fe_pow22523_4:
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_4
+#else
+ BNE.N L_fe_pow22523_4
+#endif
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ MOV r0, sp
+ BL fe_mul_op
+ MOV r1, sp
+ ADD r0, sp, #0x20
+ BL fe_sq_op
+ MOV r12, #0x31
+L_fe_pow22523_5:
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_5
+#else
+ BNE.N L_fe_pow22523_5
+#endif
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x40
+ BL fe_sq_op
+ MOV r12, #0x63
+L_fe_pow22523_6:
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x40
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_6
+#else
+ BNE.N L_fe_pow22523_6
+#endif
+ ADD r2, sp, #0x20
+ ADD r1, sp, #0x40
+ ADD r0, sp, #0x20
+ BL fe_mul_op
+ MOV r12, #0x32
+L_fe_pow22523_7:
+ ADD r1, sp, #0x20
+ ADD r0, sp, #0x20
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_7
+#else
+ BNE.N L_fe_pow22523_7
+#endif
+ MOV r2, sp
+ ADD r1, sp, #0x20
+ MOV r0, sp
+ BL fe_mul_op
+ MOV r12, #0x2
+L_fe_pow22523_8:
+ MOV r1, sp
+ MOV r0, sp
+ PUSH {r12}
+ BL fe_sq_op
+ POP {r12}
+ SUBS r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ BNE L_fe_pow22523_8
+#else
+ BNE.N L_fe_pow22523_8
+#endif
+ LDR r2, [sp, #100]
+ MOV r1, sp
+ LDR r0, [sp, #96]
+ BL fe_mul_op
+ LDR r1, [sp, #100]
+ LDR r0, [sp, #96]
+ ADD sp, sp, #0x68
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 293 */
+ .size fe_pow22523,.-fe_pow22523
+ .text
+ .align 4
+ .globl ge_p1p1_to_p2
+ .type ge_p1p1_to_p2, %function
+ge_p1p1_to_p2:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x8
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ ADD r2, r1, #0x60
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r2, r1, #0x40
+ ADD r1, r1, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r2, r1, #0x60
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x40
+ BL fe_mul_op
+ ADD sp, sp, #0x8
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 53 */
+ .size ge_p1p1_to_p2,.-ge_p1p1_to_p2
+ .text
+ .align 4
+ .globl ge_p1p1_to_p3
+ .type ge_p1p1_to_p3, %function
+ge_p1p1_to_p3:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x8
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ ADD r2, r1, #0x60
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r2, r1, #0x40
+ ADD r1, r1, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r2, r1, #0x60
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x40
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r2, r1, #0x20
+ ADD r0, r0, #0x60
+ BL fe_mul_op
+ ADD sp, sp, #0x8
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 63 */
+ .size ge_p1p1_to_p3,.-ge_p1p1_to_p3
+ .text
+ .align 4
+ .globl ge_p2_dbl
+ .type ge_p2_dbl, %function
+ge_p2_dbl:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x8
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ BL fe_sq_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r1, r1, #0x20
+ ADD r0, r0, #0x40
+ BL fe_sq_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ ADD r2, r1, #0x20
+ ADD r0, r0, #0x20
+ BL fe_add_op
+ MOV r1, r0
+ ADD r0, r0, #0x40
+ BL fe_sq_op
+ LDR r0, [sp]
+ MOV r3, r0
+ ADD r2, r0, #0x40
+ ADD r1, r0, #0x40
+ ADD r0, r0, #0x20
+ BL fe_add_sub_op
+ MOV r2, r0
+ ADD r1, r0, #0x40
+ SUB r0, r0, #0x20
+ BL fe_sub_op
+ LDR r1, [sp, #4]
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x60
+ BL fe_sq2
+ SUB r2, r0, #0x20
+ MOV r1, r0
+ BL fe_sub_op
+ ADD sp, sp, #0x8
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 87 */
+ .size ge_p2_dbl,.-ge_p2_dbl
+ .text
+ .align 4
+ .globl ge_madd
+ .type ge_madd, %function
+ge_madd:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0xc
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ STR r2, [sp, #8]
+ MOV r2, r1
+ ADD r1, r1, #0x20
+ BL fe_add_op
+ LDR r1, [sp, #4]
+ MOV r2, r1
+ ADD r1, r1, #0x20
+ ADD r0, r0, #0x20
+ BL fe_sub_op
+ LDR r2, [sp, #8]
+ SUB r1, r0, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r2, [sp, #8]
+ ADD r2, r2, #0x20
+ ADD r1, r0, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #8]
+ LDR r2, [sp, #4]
+ ADD r2, r2, #0x60
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x60
+ BL fe_mul_op
+ LDR r0, [sp]
+ ADD r3, r0, #0x20
+ ADD r2, r0, #0x40
+ MOV r1, r0
+ ADD r0, r0, #0x20
+ BL fe_add_sub_op
+ LDR r1, [sp, #4]
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x20
+ /* Double */
+ LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADDS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADCS r10, r10, r10
+ MOV lr, #0x0
+ ADCS r11, r11, r11
+ ADC lr, lr, #0x0
+ MOV r12, #0x13
+ LSL lr, lr, #1
+ ORR lr, lr, r11, LSR #31
+ MUL r12, lr, r12
+ ADDS r4, r4, r12
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADCS r9, r9, #0x0
+ BFC r11, #31, #1
+ ADCS r10, r10, #0x0
+ ADC r11, r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ /* Done Double */
+ ADD r3, r0, #0x20
+ ADD r1, r0, #0x20
+ BL fe_add_sub_op
+ ADD sp, sp, #0xc
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 136 */
+ .size ge_madd,.-ge_madd
+ .text
+ .align 4
+ .globl ge_msub
+ .type ge_msub, %function
+ge_msub:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0xc
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ STR r2, [sp, #8]
+ MOV r2, r1
+ ADD r1, r1, #0x20
+ BL fe_add_op
+ LDR r1, [sp, #4]
+ MOV r2, r1
+ ADD r1, r1, #0x20
+ ADD r0, r0, #0x20
+ BL fe_sub_op
+ LDR r2, [sp, #8]
+ ADD r2, r2, #0x20
+ SUB r1, r0, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r2, [sp, #8]
+ ADD r1, r0, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #8]
+ LDR r2, [sp, #4]
+ ADD r2, r2, #0x60
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x60
+ BL fe_mul_op
+ LDR r0, [sp]
+ ADD r3, r0, #0x20
+ ADD r2, r0, #0x40
+ MOV r1, r0
+ ADD r0, r0, #0x20
+ BL fe_add_sub_op
+ LDR r1, [sp, #4]
+ ADD r1, r1, #0x40
+ ADD r0, r0, #0x20
+ /* Double */
+ LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADDS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADCS r10, r10, r10
+ MOV lr, #0x0
+ ADCS r11, r11, r11
+ ADC lr, lr, #0x0
+ MOV r12, #0x13
+ LSL lr, lr, #1
+ ORR lr, lr, r11, LSR #31
+ MUL r12, lr, r12
+ ADDS r4, r4, r12
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADCS r9, r9, #0x0
+ BFC r11, #31, #1
+ ADCS r10, r10, #0x0
+ ADC r11, r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ /* Done Double */
+ ADD r3, r0, #0x20
+ MOV r1, r0
+ ADD r0, r0, #0x20
+ BL fe_add_sub_op
+ ADD sp, sp, #0xc
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 137 */
+ .size ge_msub,.-ge_msub
+ .text
+ .align 4
+ .globl ge_add
+ .type ge_add, %function
+ge_add:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x2c
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ STR r2, [sp, #8]
+ MOV r3, r1
+ ADD r2, r1, #0x20
+ ADD r1, r0, #0x20
+ BL fe_add_sub_op
+ LDR r2, [sp, #8]
+ MOV r1, r0
+ ADD r0, r0, #0x40
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r2, [sp, #8]
+ ADD r2, r2, #0x20
+ ADD r1, r0, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #8]
+ LDR r2, [sp, #4]
+ ADD r2, r2, #0x60
+ ADD r1, r1, #0x60
+ ADD r0, r0, #0x60
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ LDR r2, [sp, #8]
+ ADD r2, r2, #0x40
+ ADD r1, r1, #0x40
+ BL fe_mul_op
+ LDR r1, [sp]
+ ADD r0, sp, #0xc
+ /* Double */
+ LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADDS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADCS r10, r10, r10
+ MOV lr, #0x0
+ ADCS r11, r11, r11
+ ADC lr, lr, #0x0
+ MOV r12, #0x13
+ LSL lr, lr, #1
+ ORR lr, lr, r11, LSR #31
+ MUL r12, lr, r12
+ ADDS r4, r4, r12
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADCS r9, r9, #0x0
+ BFC r11, #31, #1
+ ADCS r10, r10, #0x0
+ ADC r11, r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ /* Done Double */
+ ADD r3, r1, #0x20
+ ADD r2, r1, #0x40
+ ADD r0, r1, #0x20
+ BL fe_add_sub_op
+ ADD r3, r0, #0x40
+ ADD r2, sp, #0xc
+ ADD r1, r0, #0x40
+ ADD r0, r0, #0x20
+ BL fe_add_sub_op
+ ADD sp, sp, #0x2c
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 138 */
+ .size ge_add,.-ge_add
+ .text
+ .align 4
+ .globl ge_sub
+ .type ge_sub, %function
+ge_sub:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x2c
+ STR r0, [sp]
+ STR r1, [sp, #4]
+ STR r2, [sp, #8]
+ MOV r3, r1
+ ADD r2, r1, #0x20
+ ADD r1, r0, #0x20
+ BL fe_add_sub_op
+ LDR r2, [sp, #8]
+ ADD r2, r2, #0x20
+ MOV r1, r0
+ ADD r0, r0, #0x40
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r2, [sp, #8]
+ ADD r1, r0, #0x20
+ ADD r0, r0, #0x20
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #8]
+ LDR r2, [sp, #4]
+ ADD r2, r2, #0x60
+ ADD r1, r1, #0x60
+ ADD r0, r0, #0x60
+ BL fe_mul_op
+ LDR r0, [sp]
+ LDR r1, [sp, #4]
+ LDR r2, [sp, #8]
+ ADD r2, r2, #0x40
+ ADD r1, r1, #0x40
+ BL fe_mul_op
+ LDR r1, [sp]
+ ADD r0, sp, #0xc
+ /* Double */
+ LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+ ADDS r4, r4, r4
+ ADCS r5, r5, r5
+ ADCS r6, r6, r6
+ ADCS r7, r7, r7
+ ADCS r8, r8, r8
+ ADCS r9, r9, r9
+ ADCS r10, r10, r10
+ MOV lr, #0x0
+ ADCS r11, r11, r11
+ ADC lr, lr, #0x0
+ MOV r12, #0x13
+ LSL lr, lr, #1
+ ORR lr, lr, r11, LSR #31
+ MUL r12, lr, r12
+ ADDS r4, r4, r12
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADCS r9, r9, #0x0
+ BFC r11, #31, #1
+ ADCS r10, r10, #0x0
+ ADC r11, r11, #0x0
+ STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+ /* Done Double */
+ ADD r3, r1, #0x20
+ ADD r2, r1, #0x40
+ ADD r0, r1, #0x20
+ BL fe_add_sub_op
+ ADD r3, r0, #0x40
+ ADD r2, sp, #0xc
+ ADD r1, r0, #0x20
+ ADD r0, r0, #0x40
+ BL fe_add_sub_op
+ ADD sp, sp, #0x2c
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 138 */
+ .size ge_sub,.-ge_sub
+#ifdef WOLFSSL_SP_NO_UMAAL
+ .text
+ .align 4
+ .globl sc_reduce
+ .type sc_reduce, %function
+sc_reduce:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x38
+ STR r0, [sp, #52]
+ /* Load bits 252-511 */
+ ADD r0, r0, #0x1c
+ LDM r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+ LSR lr, r9, #24
+ LSL r9, r9, #4
+ ORR r9, r9, r8, LSR #28
+ LSL r8, r8, #4
+ ORR r8, r8, r7, LSR #28
+ LSL r7, r7, #4
+ ORR r7, r7, r6, LSR #28
+ LSL r6, r6, #4
+ ORR r6, r6, r5, LSR #28
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r9, #28, #4
+ SUB r0, r0, #0x1c
+ /* Add order times bits 504..511 */
+ MOV r10, #0x2c13
+ MOVT r10, #0xa30a
+ MOV r11, #0x9ce5
+ MOVT r11, #0xa7ed
+ MOV r1, #0x0
+ UMLAL r2, r1, r10, lr
+ ADDS r3, r3, r1
+ MOV r1, #0x0
+ ADC r1, r1, #0x0
+ UMLAL r3, r1, r11, lr
+ MOV r10, #0x6329
+ MOVT r10, #0x5d08
+ MOV r11, #0x621
+ MOVT r11, #0xeb21
+ ADDS r4, r4, r1
+ MOV r1, #0x0
+ ADC r1, r1, #0x0
+ UMLAL r4, r1, r10, lr
+ ADDS r5, r5, r1
+ MOV r1, #0x0
+ ADC r1, r1, #0x0
+ UMLAL r5, r1, r11, lr
+ ADDS r6, r6, r1
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ SUBS r6, r6, lr
+ SBCS r7, r7, #0x0
+ SBCS r8, r8, #0x0
+ SBC r9, r9, #0x0
+ /* Sub product of top 8 words and order */
+ MOV r12, sp
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0!, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ BFC r11, #28, #4
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r0, r0, #0x10
+ SUB r12, r12, #0x20
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ /* Subtract at 4 * 32 */
+ LDM r12, {r10, r11}
+ SUBS r10, r10, r2
+ SBCS r11, r11, r3
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r4
+ SBCS r11, r11, r5
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r6
+ SBCS r11, r11, r7
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r8
+ SBC r11, r11, r9
+ STM r12!, {r10, r11}
+ SUB r12, r12, #0x24
+ ASR lr, r11, #25
+ /* Conditionally subtract order starting at bit 125 */
+ MOV r1, #0xa0000000
+ MOV r2, #0xba7d
+ MOVT r2, #0x4b9e
+ MOV r3, #0x4c63
+ MOVT r3, #0xcb02
+ MOV r4, #0xf39a
+ MOVT r4, #0xd45e
+ MOV r5, #0xdf3b
+ MOVT r5, #0x29b
+ MOV r9, #0x2000000
+ AND r1, r1, lr
+ AND r2, r2, lr
+ AND r3, r3, lr
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r9, r9, lr
+ LDM r12, {r10, r11}
+ ADDS r10, r10, r1
+ ADCS r11, r11, r2
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r3
+ ADCS r11, r11, r4
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r5
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, #0x0
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10}
+ ADCS r10, r10, #0x0
+ STM r12!, {r10}
+ SUB r0, r0, #0x10
+ MOV r12, sp
+ /* Load bits 252-376 */
+ ADD r12, r12, #0x1c
+ LDM r12, {r1, r2, r3, r4, r5}
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r5, #29, #3
+ SUB r12, r12, #0x1c
+ /* Sub product of top 4 words and order */
+ MOV r0, sp
+ /* * -5cf5d3ed */
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, lr, r2, r1
+ ADDS r7, r7, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r7, lr, r3, r1
+ ADDS r8, r8, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r8, lr, r4, r1
+ ADDS r9, r9, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r9, lr, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -5812631b */
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV r10, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r10, r2, r1
+ ADDS r7, r7, r10
+ MOV r10, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r7, r10, r3, r1
+ ADDS r8, r8, r10
+ MOV r10, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r8, r10, r4, r1
+ ADDS r9, r9, r10
+ MOV r10, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r9, r10, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -a2f79cd7 */
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV r11, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r11, r2, r1
+ ADDS r7, r7, r11
+ MOV r11, #0x0
+ ADC r11, r11, #0x0
+ UMLAL r7, r11, r3, r1
+ ADDS r8, r8, r11
+ MOV r11, #0x0
+ ADC r11, r11, #0x0
+ UMLAL r8, r11, r4, r1
+ ADDS r9, r9, r11
+ MOV r11, #0x0
+ ADC r11, r11, #0x0
+ UMLAL r9, r11, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -14def9df */
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV r12, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r12, r2, r1
+ ADDS r7, r7, r12
+ MOV r12, #0x0
+ ADC r12, r12, #0x0
+ UMLAL r7, r12, r3, r1
+ ADDS r8, r8, r12
+ MOV r12, #0x0
+ ADC r12, r12, #0x0
+ UMLAL r8, r12, r4, r1
+ ADDS r9, r9, r12
+ MOV r12, #0x0
+ ADC r12, r12, #0x0
+ UMLAL r9, r12, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* Add overflows at 4 * 32 */
+ LDM r0, {r6, r7, r8, r9}
+ BFC r9, #28, #4
+ ADDS r6, r6, lr
+ ADCS r7, r7, r10
+ ADCS r8, r8, r11
+ ADC r9, r9, r12
+ /* Subtract top at 4 * 32 */
+ SUBS r6, r6, r2
+ SBCS r7, r7, r3
+ SBCS r8, r8, r4
+ SBCS r9, r9, r5
+ SBC r1, r1, r1
+ SUB r0, r0, #0x10
+ LDM r0, {r2, r3, r4, r5}
+ MOV r10, #0xd3ed
+ MOVT r10, #0x5cf5
+ MOV r11, #0x631a
+ MOVT r11, #0x5812
+ MOV r12, #0x9cd6
+ MOVT r12, #0xa2f7
+ MOV lr, #0xf9de
+ MOVT lr, #0x14de
+ AND r10, r10, r1
+ AND r11, r11, r1
+ AND r12, r12, r1
+ AND lr, lr, r1
+ ADDS r2, r2, r10
+ ADCS r3, r3, r11
+ ADCS r4, r4, r12
+ ADCS r5, r5, lr
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ AND r1, r1, #0x10000000
+ ADCS r8, r8, #0x0
+ ADC r9, r9, r1
+ BFC r9, #28, #4
+ /* Store result */
+ LDR r0, [sp, #52]
+ STM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ADD sp, sp, #0x38
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 588 */
+ .size sc_reduce,.-sc_reduce
+#else
+ .text
+ .align 4
+ .globl sc_reduce
+ .type sc_reduce, %function
+sc_reduce:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x38
+ STR r0, [sp, #52]
+ /* Load bits 252-511 */
+ ADD r0, r0, #0x1c
+ LDM r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+ LSR lr, r9, #24
+ LSL r9, r9, #4
+ ORR r9, r9, r8, LSR #28
+ LSL r8, r8, #4
+ ORR r8, r8, r7, LSR #28
+ LSL r7, r7, #4
+ ORR r7, r7, r6, LSR #28
+ LSL r6, r6, #4
+ ORR r6, r6, r5, LSR #28
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r9, #28, #4
+ SUB r0, r0, #0x1c
+ /* Add order times bits 504..511 */
+ MOV r10, #0x2c13
+ MOVT r10, #0xa30a
+ MOV r11, #0x9ce5
+ MOVT r11, #0xa7ed
+ MOV r1, #0x0
+ UMLAL r2, r1, r10, lr
+ UMAAL r3, r1, r11, lr
+ MOV r10, #0x6329
+ MOVT r10, #0x5d08
+ MOV r11, #0x621
+ MOVT r11, #0xeb21
+ UMAAL r4, r1, r10, lr
+ UMAAL r5, r1, r11, lr
+ ADDS r6, r6, r1
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ SUBS r6, r6, lr
+ SBCS r7, r7, #0x0
+ SBCS r8, r8, #0x0
+ SBC r9, r9, #0x0
+ /* Sub product of top 8 words and order */
+ MOV r12, sp
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0!, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ BFC r11, #28, #4
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r0, r0, #0x10
+ SUB r12, r12, #0x20
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ /* Subtract at 4 * 32 */
+ LDM r12, {r10, r11}
+ SUBS r10, r10, r2
+ SBCS r11, r11, r3
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r4
+ SBCS r11, r11, r5
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r6
+ SBCS r11, r11, r7
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r8
+ SBC r11, r11, r9
+ STM r12!, {r10, r11}
+ SUB r12, r12, #0x24
+ ASR lr, r11, #25
+ /* Conditionally subtract order starting at bit 125 */
+ MOV r1, #0xa0000000
+ MOV r2, #0xba7d
+ MOVT r2, #0x4b9e
+ MOV r3, #0x4c63
+ MOVT r3, #0xcb02
+ MOV r4, #0xf39a
+ MOVT r4, #0xd45e
+ MOV r5, #0xdf3b
+ MOVT r5, #0x29b
+ MOV r9, #0x2000000
+ AND r1, r1, lr
+ AND r2, r2, lr
+ AND r3, r3, lr
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r9, r9, lr
+ LDM r12, {r10, r11}
+ ADDS r10, r10, r1
+ ADCS r11, r11, r2
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r3
+ ADCS r11, r11, r4
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r5
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, #0x0
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10}
+ ADCS r10, r10, #0x0
+ STM r12!, {r10}
+ SUB r0, r0, #0x10
+ MOV r12, sp
+ /* Load bits 252-376 */
+ ADD r12, r12, #0x1c
+ LDM r12, {r1, r2, r3, r4, r5}
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r5, #29, #3
+ SUB r12, r12, #0x1c
+ /* Sub product of top 4 words and order */
+ MOV r0, sp
+ /* * -5cf5d3ed */
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, lr, r2, r1
+ UMAAL r7, lr, r3, r1
+ UMAAL r8, lr, r4, r1
+ UMAAL r9, lr, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -5812631b */
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV r10, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r10, r2, r1
+ UMAAL r7, r10, r3, r1
+ UMAAL r8, r10, r4, r1
+ UMAAL r9, r10, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -a2f79cd7 */
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV r11, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r11, r2, r1
+ UMAAL r7, r11, r3, r1
+ UMAAL r8, r11, r4, r1
+ UMAAL r9, r11, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -14def9df */
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV r12, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r12, r2, r1
+ UMAAL r7, r12, r3, r1
+ UMAAL r8, r12, r4, r1
+ UMAAL r9, r12, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* Add overflows at 4 * 32 */
+ LDM r0, {r6, r7, r8, r9}
+ BFC r9, #28, #4
+ ADDS r6, r6, lr
+ ADCS r7, r7, r10
+ ADCS r8, r8, r11
+ ADC r9, r9, r12
+ /* Subtract top at 4 * 32 */
+ SUBS r6, r6, r2
+ SBCS r7, r7, r3
+ SBCS r8, r8, r4
+ SBCS r9, r9, r5
+ SBC r1, r1, r1
+ SUB r0, r0, #0x10
+ LDM r0, {r2, r3, r4, r5}
+ MOV r10, #0xd3ed
+ MOVT r10, #0x5cf5
+ MOV r11, #0x631a
+ MOVT r11, #0x5812
+ MOV r12, #0x9cd6
+ MOVT r12, #0xa2f7
+ MOV lr, #0xf9de
+ MOVT lr, #0x14de
+ AND r10, r10, r1
+ AND r11, r11, r1
+ AND r12, r12, r1
+ AND lr, lr, r1
+ ADDS r2, r2, r10
+ ADCS r3, r3, r11
+ ADCS r4, r4, r12
+ ADCS r5, r5, lr
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ AND r1, r1, #0x10000000
+ ADCS r8, r8, #0x0
+ ADC r9, r9, r1
+ BFC r9, #28, #4
+ /* Store result */
+ LDR r0, [sp, #52]
+ STM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ADD sp, sp, #0x38
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 502 */
+ .size sc_reduce,.-sc_reduce
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifdef HAVE_ED25519_SIGN
+#ifdef WOLFSSL_SP_NO_UMAAL
+ .text
+ .align 4
+ .globl sc_muladd
+ .type sc_muladd, %function
+sc_muladd:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x50
+ ADD lr, sp, #0x44
+ STM lr, {r0, r1, r3}
+ MOV r0, #0x0
+ LDR r12, [r1]
+ /* A[0] * B[0] */
+ LDR lr, [r2]
+ UMULL r3, r4, r12, lr
+ /* A[0] * B[2] */
+ LDR lr, [r2, #8]
+ UMULL r5, r6, r12, lr
+ /* A[0] * B[4] */
+ LDR lr, [r2, #16]
+ UMULL r7, r8, r12, lr
+ /* A[0] * B[6] */
+ LDR lr, [r2, #24]
+ UMULL r9, r10, r12, lr
+ STR r3, [sp]
+ /* A[0] * B[1] */
+ LDR lr, [r2, #4]
+ MOV r11, r0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[0] * B[3] */
+ LDR lr, [r2, #12]
+ ADCS r6, r6, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[0] * B[5] */
+ LDR lr, [r2, #20]
+ ADCS r8, r8, #0x0
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[0] * B[7] */
+ LDR lr, [r2, #28]
+ ADCS r10, r10, #0x0
+ ADC r3, r0, #0x0
+ UMLAL r10, r3, r12, lr
+ /* A[1] * B[0] */
+ LDR r12, [r1, #4]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r4, r11, r12, lr
+ STR r4, [sp, #4]
+ ADDS r5, r5, r11
+ /* A[1] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[1] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[1] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[1] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[1] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[1] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[1] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r4, r0, #0x0
+ UMLAL r3, r4, r12, lr
+ /* A[2] * B[0] */
+ LDR r12, [r1, #8]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r5, r11, r12, lr
+ STR r5, [sp, #8]
+ ADDS r6, r6, r11
+ /* A[2] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[2] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[2] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[2] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[2] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[2] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[2] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r5, r0, #0x0
+ UMLAL r4, r5, r12, lr
+ /* A[3] * B[0] */
+ LDR r12, [r1, #12]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r6, r11, r12, lr
+ STR r6, [sp, #12]
+ ADDS r7, r7, r11
+ /* A[3] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[3] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[3] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[3] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[3] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[3] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[3] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r6, r0, #0x0
+ UMLAL r5, r6, r12, lr
+ /* A[4] * B[0] */
+ LDR r12, [r1, #16]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r7, r11, r12, lr
+ STR r7, [sp, #16]
+ ADDS r8, r8, r11
+ /* A[4] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[4] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[4] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[4] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[4] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[4] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[4] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r7, r0, #0x0
+ UMLAL r6, r7, r12, lr
+ /* A[5] * B[0] */
+ LDR r12, [r1, #20]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r8, r11, r12, lr
+ STR r8, [sp, #20]
+ ADDS r9, r9, r11
+ /* A[5] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r9, r11, r12, lr
+ ADDS r10, r10, r11
+ /* A[5] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[5] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[5] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[5] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[5] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[5] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r8, r0, #0x0
+ UMLAL r7, r8, r12, lr
+ /* A[6] * B[0] */
+ LDR r12, [r1, #24]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r9, r11, r12, lr
+ STR r9, [sp, #24]
+ ADDS r10, r10, r11
+ /* A[6] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r10, r11, r12, lr
+ ADDS r3, r3, r11
+ /* A[6] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[6] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[6] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[6] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[6] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[6] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r9, r0, #0x0
+ UMLAL r8, r9, r12, lr
+ /* A[7] * B[0] */
+ LDR r12, [r1, #28]
+ LDR lr, [r2]
+ MOV r11, #0x0
+ UMLAL r10, r11, r12, lr
+ STR r10, [sp, #28]
+ ADDS r3, r3, r11
+ /* A[7] * B[1] */
+ LDR lr, [r2, #4]
+ ADC r11, r0, #0x0
+ UMLAL r3, r11, r12, lr
+ ADDS r4, r4, r11
+ /* A[7] * B[2] */
+ LDR lr, [r2, #8]
+ ADC r11, r0, #0x0
+ UMLAL r4, r11, r12, lr
+ ADDS r5, r5, r11
+ /* A[7] * B[3] */
+ LDR lr, [r2, #12]
+ ADC r11, r0, #0x0
+ UMLAL r5, r11, r12, lr
+ ADDS r6, r6, r11
+ /* A[7] * B[4] */
+ LDR lr, [r2, #16]
+ ADC r11, r0, #0x0
+ UMLAL r6, r11, r12, lr
+ ADDS r7, r7, r11
+ /* A[7] * B[5] */
+ LDR lr, [r2, #20]
+ ADC r11, r0, #0x0
+ UMLAL r7, r11, r12, lr
+ ADDS r8, r8, r11
+ /* A[7] * B[6] */
+ LDR lr, [r2, #24]
+ ADC r11, r0, #0x0
+ UMLAL r8, r11, r12, lr
+ ADDS r9, r9, r11
+ /* A[7] * B[7] */
+ LDR lr, [r2, #28]
+ ADC r10, r0, #0x0
+ UMLAL r9, r10, r12, lr
+ ADD lr, sp, #0x20
+ STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ MOV r0, sp
+ /* Add c to a * b */
+ LDR lr, [sp, #76]
+ LDM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ LDM lr!, {r1, r10, r11, r12}
+ ADDS r2, r2, r1
+ ADCS r3, r3, r10
+ ADCS r4, r4, r11
+ ADCS r5, r5, r12
+ LDM lr!, {r1, r10, r11, r12}
+ ADCS r6, r6, r1
+ ADCS r7, r7, r10
+ ADCS r8, r8, r11
+ ADCS r9, r9, r12
+ MOV r1, r9
+ STM r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+ LDM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ADCS r2, r2, #0x0
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ SUB r0, r0, #0x20
+ /* Get 252..503 and 504..507 */
+ LSR lr, r9, #24
+ LSL r9, r9, #4
+ ORR r9, r9, r8, LSR #28
+ LSL r8, r8, #4
+ ORR r8, r8, r7, LSR #28
+ LSL r7, r7, #4
+ ORR r7, r7, r6, LSR #28
+ LSL r6, r6, #4
+ ORR r6, r6, r5, LSR #28
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r9, #28, #4
+ /* Add order times bits 504..507 */
+ MOV r10, #0x2c13
+ MOVT r10, #0xa30a
+ MOV r11, #0x9ce5
+ MOVT r11, #0xa7ed
+ MOV r1, #0x0
+ UMLAL r2, r1, r10, lr
+ ADDS r3, r3, r1
+ MOV r1, #0x0
+ ADC r1, r1, #0x0
+ UMLAL r3, r1, r11, lr
+ MOV r10, #0x6329
+ MOVT r10, #0x5d08
+ MOV r11, #0x621
+ MOVT r11, #0xeb21
+ ADDS r4, r4, r1
+ MOV r1, #0x0
+ ADC r1, r1, #0x0
+ UMLAL r4, r1, r10, lr
+ ADDS r5, r5, r1
+ MOV r1, #0x0
+ ADC r1, r1, #0x0
+ UMLAL r5, r1, r11, lr
+ ADDS r6, r6, r1
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ SUBS r6, r6, lr
+ SBCS r7, r7, #0x0
+ SBCS r8, r8, #0x0
+ SBC r9, r9, #0x0
+ /* Sub product of top 8 words and order */
+ MOV r12, sp
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0!, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ BFC r11, #28, #4
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r0, r0, #0x10
+ SUB r12, r12, #0x20
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r4, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r6, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADDS r10, r10, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r10, lr, r8, r1
+ ADDS r11, r11, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ /* Subtract at 4 * 32 */
+ LDM r12, {r10, r11}
+ SUBS r10, r10, r2
+ SBCS r11, r11, r3
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r4
+ SBCS r11, r11, r5
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r6
+ SBCS r11, r11, r7
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r8
+ SBC r11, r11, r9
+ STM r12!, {r10, r11}
+ SUB r12, r12, #0x24
+ ASR lr, r11, #25
+ /* Conditionally subtract order starting at bit 125 */
+ MOV r1, #0xa0000000
+ MOV r2, #0xba7d
+ MOVT r2, #0x4b9e
+ MOV r3, #0x4c63
+ MOVT r3, #0xcb02
+ MOV r4, #0xf39a
+ MOVT r4, #0xd45e
+ MOV r5, #0xdf3b
+ MOVT r5, #0x29b
+ MOV r9, #0x2000000
+ AND r1, r1, lr
+ AND r2, r2, lr
+ AND r3, r3, lr
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r9, r9, lr
+ LDM r12, {r10, r11}
+ ADDS r10, r10, r1
+ ADCS r11, r11, r2
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r3
+ ADCS r11, r11, r4
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r5
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, #0x0
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10}
+ ADCS r10, r10, #0x0
+ STM r12!, {r10}
+ SUB r0, r0, #0x10
+ MOV r12, sp
+ /* Load bits 252-376 */
+ ADD r12, r12, #0x1c
+ LDM r12, {r1, r2, r3, r4, r5}
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r5, #29, #3
+ SUB r12, r12, #0x1c
+ /* Sub product of top 4 words and order */
+ MOV r0, sp
+ /* * -5cf5d3ed */
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, lr, r2, r1
+ ADDS r7, r7, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r7, lr, r3, r1
+ ADDS r8, r8, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r8, lr, r4, r1
+ ADDS r9, r9, lr
+ MOV lr, #0x0
+ ADC lr, lr, #0x0
+ UMLAL r9, lr, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -5812631b */
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV r10, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r10, r2, r1
+ ADDS r7, r7, r10
+ MOV r10, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r7, r10, r3, r1
+ ADDS r8, r8, r10
+ MOV r10, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r8, r10, r4, r1
+ ADDS r9, r9, r10
+ MOV r10, #0x0
+ ADC r10, r10, #0x0
+ UMLAL r9, r10, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -a2f79cd7 */
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV r11, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r11, r2, r1
+ ADDS r7, r7, r11
+ MOV r11, #0x0
+ ADC r11, r11, #0x0
+ UMLAL r7, r11, r3, r1
+ ADDS r8, r8, r11
+ MOV r11, #0x0
+ ADC r11, r11, #0x0
+ UMLAL r8, r11, r4, r1
+ ADDS r9, r9, r11
+ MOV r11, #0x0
+ ADC r11, r11, #0x0
+ UMLAL r9, r11, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -14def9df */
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV r12, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r12, r2, r1
+ ADDS r7, r7, r12
+ MOV r12, #0x0
+ ADC r12, r12, #0x0
+ UMLAL r7, r12, r3, r1
+ ADDS r8, r8, r12
+ MOV r12, #0x0
+ ADC r12, r12, #0x0
+ UMLAL r8, r12, r4, r1
+ ADDS r9, r9, r12
+ MOV r12, #0x0
+ ADC r12, r12, #0x0
+ UMLAL r9, r12, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* Add overflows at 4 * 32 */
+ LDM r0, {r6, r7, r8, r9}
+ BFC r9, #28, #4
+ ADDS r6, r6, lr
+ ADCS r7, r7, r10
+ ADCS r8, r8, r11
+ ADC r9, r9, r12
+ /* Subtract top at 4 * 32 */
+ SUBS r6, r6, r2
+ SBCS r7, r7, r3
+ SBCS r8, r8, r4
+ SBCS r9, r9, r5
+ SBC r1, r1, r1
+ SUB r0, r0, #0x10
+ LDM r0, {r2, r3, r4, r5}
+ MOV r10, #0xd3ed
+ MOVT r10, #0x5cf5
+ MOV r11, #0x631a
+ MOVT r11, #0x5812
+ MOV r12, #0x9cd6
+ MOVT r12, #0xa2f7
+ MOV lr, #0xf9de
+ MOVT lr, #0x14de
+ AND r10, r10, r1
+ AND r11, r11, r1
+ AND r12, r12, r1
+ AND lr, lr, r1
+ ADDS r2, r2, r10
+ ADCS r3, r3, r11
+ ADCS r4, r4, r12
+ ADCS r5, r5, lr
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ AND r1, r1, #0x10000000
+ ADCS r8, r8, #0x0
+ ADC r9, r9, r1
+ BFC r9, #28, #4
+ LDR r0, [sp, #68]
+ /* Store result */
+ STR r2, [r0]
+ STR r3, [r0, #4]
+ STR r4, [r0, #8]
+ STR r5, [r0, #12]
+ STR r6, [r0, #16]
+ STR r7, [r0, #20]
+ STR r8, [r0, #24]
+ STR r9, [r0, #28]
+ ADD sp, sp, #0x50
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 994 */
+ .size sc_muladd,.-sc_muladd
+#else
+ .text
+ .align 4
+ .globl sc_muladd
+ .type sc_muladd, %function
+sc_muladd:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0x50
+ ADD lr, sp, #0x44
+ STM lr, {r0, r1, r3}
+ MOV lr, r2
+ LDM r1, {r0, r1, r2, r3}
+ LDM lr!, {r4, r5, r6}
+ UMULL r10, r11, r0, r4
+ UMULL r12, r7, r1, r4
+ UMAAL r11, r12, r0, r5
+ UMULL r8, r9, r2, r4
+ UMAAL r12, r8, r1, r5
+ UMAAL r12, r7, r0, r6
+ UMAAL r8, r9, r3, r4
+ STM sp, {r10, r11, r12}
+ UMAAL r7, r8, r2, r5
+ LDM lr!, {r4}
+ UMULL r10, r11, r1, r6
+ UMAAL r8, r9, r2, r6
+ UMAAL r7, r10, r0, r4
+ UMAAL r8, r11, r3, r5
+ STR r7, [sp, #12]
+ UMAAL r8, r10, r1, r4
+ UMAAL r9, r11, r3, r6
+ UMAAL r9, r10, r2, r4
+ UMAAL r10, r11, r3, r4
+ LDM lr, {r4, r5, r6, r7}
+ MOV r12, #0x0
+ UMLAL r8, r12, r0, r4
+ UMAAL r9, r12, r1, r4
+ UMAAL r10, r12, r2, r4
+ UMAAL r11, r12, r3, r4
+ MOV r4, #0x0
+ UMLAL r9, r4, r0, r5
+ UMAAL r10, r4, r1, r5
+ UMAAL r11, r4, r2, r5
+ UMAAL r12, r4, r3, r5
+ MOV r5, #0x0
+ UMLAL r10, r5, r0, r6
+ UMAAL r11, r5, r1, r6
+ UMAAL r12, r5, r2, r6
+ UMAAL r4, r5, r3, r6
+ MOV r6, #0x0
+ UMLAL r11, r6, r0, r7
+ LDR r0, [sp, #72]
+ UMAAL r12, r6, r1, r7
+ ADD r0, r0, #0x10
+ UMAAL r4, r6, r2, r7
+ SUB lr, lr, #0x10
+ UMAAL r5, r6, r3, r7
+ LDM r0, {r0, r1, r2, r3}
+ STR r6, [sp, #64]
+ LDM lr!, {r6}
+ MOV r7, #0x0
+ UMLAL r8, r7, r0, r6
+ UMAAL r9, r7, r1, r6
+ STR r8, [sp, #16]
+ UMAAL r10, r7, r2, r6
+ UMAAL r11, r7, r3, r6
+ LDM lr!, {r6}
+ MOV r8, #0x0
+ UMLAL r9, r8, r0, r6
+ UMAAL r10, r8, r1, r6
+ STR r9, [sp, #20]
+ UMAAL r11, r8, r2, r6
+ UMAAL r12, r8, r3, r6
+ LDM lr!, {r6}
+ MOV r9, #0x0
+ UMLAL r10, r9, r0, r6
+ UMAAL r11, r9, r1, r6
+ STR r10, [sp, #24]
+ UMAAL r12, r9, r2, r6
+ UMAAL r4, r9, r3, r6
+ LDM lr!, {r6}
+ MOV r10, #0x0
+ UMLAL r11, r10, r0, r6
+ UMAAL r12, r10, r1, r6
+ STR r11, [sp, #28]
+ UMAAL r4, r10, r2, r6
+ UMAAL r5, r10, r3, r6
+ LDM lr!, {r11}
+ UMAAL r12, r7, r0, r11
+ UMAAL r4, r7, r1, r11
+ LDR r6, [sp, #64]
+ UMAAL r5, r7, r2, r11
+ UMAAL r6, r7, r3, r11
+ LDM lr!, {r11}
+ UMAAL r4, r8, r0, r11
+ UMAAL r5, r8, r1, r11
+ UMAAL r6, r8, r2, r11
+ UMAAL r7, r8, r3, r11
+ LDM lr, {r11, lr}
+ UMAAL r5, r9, r0, r11
+ UMAAL r6, r10, r0, lr
+ UMAAL r6, r9, r1, r11
+ UMAAL r7, r10, r1, lr
+ UMAAL r7, r9, r2, r11
+ UMAAL r8, r10, r2, lr
+ UMAAL r8, r9, r3, r11
+ UMAAL r9, r10, r3, lr
+ MOV r3, r12
+ ADD lr, sp, #0x20
+ STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+ MOV r0, sp
+ /* Add c to a * b */
+ LDR lr, [sp, #76]
+ LDM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ LDM lr!, {r1, r10, r11, r12}
+ ADDS r2, r2, r1
+ ADCS r3, r3, r10
+ ADCS r4, r4, r11
+ ADCS r5, r5, r12
+ LDM lr!, {r1, r10, r11, r12}
+ ADCS r6, r6, r1
+ ADCS r7, r7, r10
+ ADCS r8, r8, r11
+ ADCS r9, r9, r12
+ MOV r1, r9
+ STM r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+ LDM r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+ ADCS r2, r2, #0x0
+ ADCS r3, r3, #0x0
+ ADCS r4, r4, #0x0
+ ADCS r5, r5, #0x0
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ SUB r0, r0, #0x20
+ /* Get 252..503 and 504..507 */
+ LSR lr, r9, #24
+ LSL r9, r9, #4
+ ORR r9, r9, r8, LSR #28
+ LSL r8, r8, #4
+ ORR r8, r8, r7, LSR #28
+ LSL r7, r7, #4
+ ORR r7, r7, r6, LSR #28
+ LSL r6, r6, #4
+ ORR r6, r6, r5, LSR #28
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r9, #28, #4
+ /* Add order times bits 504..507 */
+ MOV r10, #0x2c13
+ MOVT r10, #0xa30a
+ MOV r11, #0x9ce5
+ MOVT r11, #0xa7ed
+ MOV r1, #0x0
+ UMLAL r2, r1, r10, lr
+ UMAAL r3, r1, r11, lr
+ MOV r10, #0x6329
+ MOVT r10, #0x5d08
+ MOV r11, #0x621
+ MOVT r11, #0xeb21
+ UMAAL r4, r1, r10, lr
+ UMAAL r5, r1, r11, lr
+ ADDS r6, r6, r1
+ ADCS r7, r7, #0x0
+ ADCS r8, r8, #0x0
+ ADC r9, r9, #0x0
+ SUBS r6, r6, lr
+ SBCS r7, r7, #0x0
+ SBCS r8, r8, #0x0
+ SBC r9, r9, #0x0
+ /* Sub product of top 8 words and order */
+ MOV r12, sp
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0!, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r0!, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ BFC r11, #28, #4
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r0, r0, #0x10
+ SUB r12, r12, #0x20
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV lr, #0x0
+ LDM r12, {r10, r11}
+ UMLAL r10, lr, r2, r1
+ UMAAL r11, lr, r3, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r4, r1
+ UMAAL r11, lr, r5, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r6, r1
+ UMAAL r11, lr, r7, r1
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ UMAAL r10, lr, r8, r1
+ UMAAL r11, lr, r9, r1
+ STM r12!, {r10, r11, lr}
+ SUB r12, r12, #0x20
+ /* Subtract at 4 * 32 */
+ LDM r12, {r10, r11}
+ SUBS r10, r10, r2
+ SBCS r11, r11, r3
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r4
+ SBCS r11, r11, r5
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r6
+ SBCS r11, r11, r7
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ SBCS r10, r10, r8
+ SBC r11, r11, r9
+ STM r12!, {r10, r11}
+ SUB r12, r12, #0x24
+ ASR lr, r11, #25
+ /* Conditionally subtract order starting at bit 125 */
+ MOV r1, #0xa0000000
+ MOV r2, #0xba7d
+ MOVT r2, #0x4b9e
+ MOV r3, #0x4c63
+ MOVT r3, #0xcb02
+ MOV r4, #0xf39a
+ MOVT r4, #0xd45e
+ MOV r5, #0xdf3b
+ MOVT r5, #0x29b
+ MOV r9, #0x2000000
+ AND r1, r1, lr
+ AND r2, r2, lr
+ AND r3, r3, lr
+ AND r4, r4, lr
+ AND r5, r5, lr
+ AND r9, r9, lr
+ LDM r12, {r10, r11}
+ ADDS r10, r10, r1
+ ADCS r11, r11, r2
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r3
+ ADCS r11, r11, r4
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, r5
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10, r11}
+ ADCS r10, r10, #0x0
+ ADCS r11, r11, #0x0
+ STM r12!, {r10, r11}
+ LDM r12, {r10}
+ ADCS r10, r10, #0x0
+ STM r12!, {r10}
+ SUB r0, r0, #0x10
+ MOV r12, sp
+ /* Load bits 252-376 */
+ ADD r12, r12, #0x1c
+ LDM r12, {r1, r2, r3, r4, r5}
+ LSL r5, r5, #4
+ ORR r5, r5, r4, LSR #28
+ LSL r4, r4, #4
+ ORR r4, r4, r3, LSR #28
+ LSL r3, r3, #4
+ ORR r3, r3, r2, LSR #28
+ LSL r2, r2, #4
+ ORR r2, r2, r1, LSR #28
+ BFC r5, #29, #3
+ SUB r12, r12, #0x1c
+ /* Sub product of top 4 words and order */
+ MOV r0, sp
+ /* * -5cf5d3ed */
+ MOV r1, #0x2c13
+ MOVT r1, #0xa30a
+ MOV lr, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, lr, r2, r1
+ UMAAL r7, lr, r3, r1
+ UMAAL r8, lr, r4, r1
+ UMAAL r9, lr, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -5812631b */
+ MOV r1, #0x9ce5
+ MOVT r1, #0xa7ed
+ MOV r10, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r10, r2, r1
+ UMAAL r7, r10, r3, r1
+ UMAAL r8, r10, r4, r1
+ UMAAL r9, r10, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -a2f79cd7 */
+ MOV r1, #0x6329
+ MOVT r1, #0x5d08
+ MOV r11, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r11, r2, r1
+ UMAAL r7, r11, r3, r1
+ UMAAL r8, r11, r4, r1
+ UMAAL r9, r11, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* * -14def9df */
+ MOV r1, #0x621
+ MOVT r1, #0xeb21
+ MOV r12, #0x0
+ LDM r0, {r6, r7, r8, r9}
+ UMLAL r6, r12, r2, r1
+ UMAAL r7, r12, r3, r1
+ UMAAL r8, r12, r4, r1
+ UMAAL r9, r12, r5, r1
+ STM r0, {r6, r7, r8, r9}
+ ADD r0, r0, #0x4
+ /* Add overflows at 4 * 32 */
+ LDM r0, {r6, r7, r8, r9}
+ BFC r9, #28, #4
+ ADDS r6, r6, lr
+ ADCS r7, r7, r10
+ ADCS r8, r8, r11
+ ADC r9, r9, r12
+ /* Subtract top at 4 * 32 */
+ SUBS r6, r6, r2
+ SBCS r7, r7, r3
+ SBCS r8, r8, r4
+ SBCS r9, r9, r5
+ SBC r1, r1, r1
+ SUB r0, r0, #0x10
+ LDM r0, {r2, r3, r4, r5}
+ MOV r10, #0xd3ed
+ MOVT r10, #0x5cf5
+ MOV r11, #0x631a
+ MOVT r11, #0x5812
+ MOV r12, #0x9cd6
+ MOVT r12, #0xa2f7
+ MOV lr, #0xf9de
+ MOVT lr, #0x14de
+ AND r10, r10, r1
+ AND r11, r11, r1
+ AND r12, r12, r1
+ AND lr, lr, r1
+ ADDS r2, r2, r10
+ ADCS r3, r3, r11
+ ADCS r4, r4, r12
+ ADCS r5, r5, lr
+ ADCS r6, r6, #0x0
+ ADCS r7, r7, #0x0
+ AND r1, r1, #0x10000000
+ ADCS r8, r8, #0x0
+ ADC r9, r9, r1
+ BFC r9, #28, #4
+ LDR r0, [sp, #68]
+ /* Store result */
+ STR r2, [r0]
+ STR r3, [r0, #4]
+ STR r4, [r0, #8]
+ STR r5, [r0, #12]
+ STR r6, [r0, #16]
+ STR r7, [r0, #20]
+ STR r8, [r0, #24]
+ STR r9, [r0, #28]
+ ADD sp, sp, #0x50
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 752 */
+ .size sc_muladd,.-sc_muladd
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c
new file mode 100644
index 00000000..0457266c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c
@@ -0,0 +1,6910 @@
+/* thumb2-curve25519
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./x25519/x25519.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.c
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
+/* Based on work by: Emil Lenngren
+ * https://github.com/pornin/X25519-Cortex-M4
+ */
+
+#include <wolfssl/wolfcrypt/fe_operations.h>
+#define CURVED25519_ASM
+#include <wolfssl/wolfcrypt/ge_operations.h>
+
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_init()
+#else
+void fe_init()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ "\n\t"
+ :
+ :
+ : "memory", "cc"
+ );
+}
+
+void fe_add_sub_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_add_sub_op()
+#else
+void fe_add_sub_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ /* Add-Sub */
+ "LDRD r4, r5, [r2]\n\t"
+ "LDRD r6, r7, [r3]\n\t"
+ /* Add */
+ "ADDS r8, r4, r6\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADCS r9, r5, r7\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "STRD r8, r9, [r0]\n\t"
+ /* Sub */
+ "SUBS r10, r4, r6\n\t"
+ "SBCS r11, r5, r7\n\t"
+ "STRD r10, r11, [r1]\n\t"
+ "LDRD r4, r5, [r2, #8]\n\t"
+ "LDRD r6, r7, [r3, #8]\n\t"
+ /* Sub */
+ "SBCS r10, r4, r6\n\t"
+ "MOV lr, #0x0\n\t"
+ "SBCS r11, r5, r7\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STRD r10, r11, [r1, #8]\n\t"
+ /* Add */
+ "SUBS r12, r12, #0x1\n\t"
+ "ADCS r8, r4, r6\n\t"
+ "ADCS r9, r5, r7\n\t"
+ "STRD r8, r9, [r0, #8]\n\t"
+ "LDRD r4, r5, [r2, #16]\n\t"
+ "LDRD r6, r7, [r3, #16]\n\t"
+ /* Add */
+ "ADCS r8, r4, r6\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADCS r9, r5, r7\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "STRD r8, r9, [r0, #16]\n\t"
+ /* Sub */
+ "SUBS lr, lr, #0x1\n\t"
+ "SBCS r10, r4, r6\n\t"
+ "SBCS r11, r5, r7\n\t"
+ "STRD r10, r11, [r1, #16]\n\t"
+ "LDRD r4, r5, [r2, #24]\n\t"
+ "LDRD r6, r7, [r3, #24]\n\t"
+ /* Sub */
+ "SBCS r10, r4, r6\n\t"
+ "SBC r11, r5, r7\n\t"
+ /* Add */
+ "SUBS r12, r12, #0x1\n\t"
+ "ADCS r8, r4, r6\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADCS r9, r5, r7\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ /* Multiply -modulus by overflow */
+ "LSL r3, r12, #1\n\t"
+ "MOV r12, #0x13\n\t"
+ "ORR r3, r3, r9, LSR #31\n\t"
+ "MUL r12, r3, r12\n\t"
+ /* Add -x*modulus (if overflow) */
+ "LDRD r4, r5, [r0]\n\t"
+ "LDRD r6, r7, [r0, #8]\n\t"
+ "ADDS r4, r4, r12\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "STRD r4, r5, [r0]\n\t"
+ "STRD r6, r7, [r0, #8]\n\t"
+ "LDRD r4, r5, [r0, #16]\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "STRD r4, r5, [r0, #16]\n\t"
+ "BFC r9, #31, #1\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "STRD r8, r9, [r0, #24]\n\t"
+ /* Add -modulus on underflow */
+ "MOV lr, #0x13\n\t"
+ "AND lr, lr, r11, ASR #31\n\t"
+ "LDM r1, {r4, r5, r6, r7, r8, r9}\n\t"
+ "SUBS r4, r4, lr\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "BFC r11, #31, #1\n\t"
+ "SBCS r10, r10, #0x0\n\t"
+ "SBC r11, r11, #0x0\n\t"
+ "STM r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Add-Sub */
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+void fe_sub_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sub_op()
+#else
+void fe_sub_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ /* Sub */
+ "LDM r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ "LDM r1!, {r2, r3, r4, r5}\n\t"
+ "SUBS r6, r2, r6\n\t"
+ "SBCS r7, r3, r7\n\t"
+ "SBCS r8, r4, r8\n\t"
+ "SBCS r9, r5, r9\n\t"
+ "LDM r1!, {r2, r3, r4, r5}\n\t"
+ "SBCS r10, r2, r10\n\t"
+ "SBCS r11, r3, r11\n\t"
+ "SBCS r12, r4, r12\n\t"
+ "SBC lr, r5, lr\n\t"
+ "MOV r2, #0x13\n\t"
+ "AND r2, r2, lr, ASR #31\n\t"
+ "SUBS r6, r6, r2\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, #0x0\n\t"
+ "SBCS r11, r11, #0x0\n\t"
+ "BFC lr, #31, #1\n\t"
+ "SBCS r12, r12, #0x0\n\t"
+ "SBC lr, lr, #0x0\n\t"
+ "STM r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ /* Done Sub */
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sub(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_sub(fe r, const fe a, const fe b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+ register const sword32* b __asm__ ("r2") = (const sword32*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "BL fe_sub_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+void fe_add_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_add_op()
+#else
+void fe_add_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ /* Add */
+ "LDM r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ "LDM r1!, {r2, r3, r4, r5}\n\t"
+ "ADDS r6, r2, r6\n\t"
+ "ADCS r7, r3, r7\n\t"
+ "ADCS r8, r4, r8\n\t"
+ "ADCS r9, r5, r9\n\t"
+ "LDM r1!, {r2, r3, r4, r5}\n\t"
+ "ADCS r10, r2, r10\n\t"
+ "ADCS r11, r3, r11\n\t"
+ "ADCS r12, r4, r12\n\t"
+ "ADC lr, r5, lr\n\t"
+ "MOV r2, #0x13\n\t"
+ "AND r2, r2, lr, ASR #31\n\t"
+ "ADDS r6, r6, r2\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "BFC lr, #31, #1\n\t"
+ "ADCS r12, r12, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STM r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+ /* Done Add */
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_add(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_add(fe r, const fe a, const fe b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+ register const sword32* b __asm__ ("r2") = (const sword32*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "BL fe_add_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifdef HAVE_ED25519
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_frombytes(fe out_p, const unsigned char* in_p)
+#else
+void fe_frombytes(fe out, const unsigned char* in)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* out __asm__ ("r0") = (sword32*)out_p;
+ register const unsigned char* in __asm__ ("r1") = (const unsigned char*)in_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDR r2, [%[in]]\n\t"
+ "LDR r3, [%[in], #4]\n\t"
+ "LDR r4, [%[in], #8]\n\t"
+ "LDR r5, [%[in], #12]\n\t"
+ "LDR r6, [%[in], #16]\n\t"
+ "LDR r7, [%[in], #20]\n\t"
+ "LDR r8, [%[in], #24]\n\t"
+ "LDR r9, [%[in], #28]\n\t"
+ "BFC r9, #31, #1\n\t"
+ "STR r2, [%[out]]\n\t"
+ "STR r3, [%[out], #4]\n\t"
+ "STR r4, [%[out], #8]\n\t"
+ "STR r5, [%[out], #12]\n\t"
+ "STR r6, [%[out], #16]\n\t"
+ "STR r7, [%[out], #20]\n\t"
+ "STR r8, [%[out], #24]\n\t"
+ "STR r9, [%[out], #28]\n\t"
+ : [out] "+r" (out), [in] "+r" (in)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_tobytes(unsigned char* out_p, const fe n_p)
+#else
+void fe_tobytes(unsigned char* out, const fe n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register unsigned char* out __asm__ ("r0") = (unsigned char*)out_p;
+ register const sword32* n __asm__ ("r1") = (const sword32*)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDM %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADDS r10, r2, #0x13\n\t"
+ "ADCS r10, r3, #0x0\n\t"
+ "ADCS r10, r4, #0x0\n\t"
+ "ADCS r10, r5, #0x0\n\t"
+ "ADCS r10, r6, #0x0\n\t"
+ "ADCS r10, r7, #0x0\n\t"
+ "ADCS r10, r8, #0x0\n\t"
+ "ADC r10, r9, #0x0\n\t"
+ "ASR r10, r10, #31\n\t"
+ "AND r10, r10, #0x13\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "BFC r9, #31, #1\n\t"
+ "STR r2, [%[out]]\n\t"
+ "STR r3, [%[out], #4]\n\t"
+ "STR r4, [%[out], #8]\n\t"
+ "STR r5, [%[out], #12]\n\t"
+ "STR r6, [%[out], #16]\n\t"
+ "STR r7, [%[out], #20]\n\t"
+ "STR r8, [%[out], #24]\n\t"
+ "STR r9, [%[out], #28]\n\t"
+ : [out] "+r" (out), [n] "+r" (n)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_1(fe n_p)
+#else
+void fe_1(fe n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* n __asm__ ("r0") = (sword32*)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* Set one */
+ "MOV r2, #0x1\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "STM %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ : [n] "+r" (n)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_0(fe n_p)
+#else
+void fe_0(fe n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* n __asm__ ("r0") = (sword32*)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* Set zero */
+ "MOV r2, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "STM %[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ : [n] "+r" (n)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_copy(fe r_p, const fe a_p)
+#else
+void fe_copy(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* Copy */
+ "LDRD r2, r3, [%[a]]\n\t"
+ "LDRD r4, r5, [%[a], #8]\n\t"
+ "STRD r2, r3, [%[r]]\n\t"
+ "STRD r4, r5, [%[r], #8]\n\t"
+ "LDRD r2, r3, [%[a], #16]\n\t"
+ "LDRD r4, r5, [%[a], #24]\n\t"
+ "STRD r2, r3, [%[r], #16]\n\t"
+ "STRD r4, r5, [%[r], #24]\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_neg(fe r_p, const fe a_p)
+#else
+void fe_neg(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MVN r7, #0x0\n\t"
+ "MVN r6, #0x12\n\t"
+ "LDM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SUBS r2, r6, r2\n\t"
+ "SBCS r3, r7, r3\n\t"
+ "SBCS r4, r7, r4\n\t"
+ "SBCS r5, r7, r5\n\t"
+ "STM %[r]!, {r2, r3, r4, r5}\n\t"
+ "MVN r6, #0x80000000\n\t"
+ "LDM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBCS r2, r7, r2\n\t"
+ "SBCS r3, r7, r3\n\t"
+ "SBCS r4, r7, r4\n\t"
+ "SBC r5, r6, r5\n\t"
+ "STM %[r]!, {r2, r3, r4, r5}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int fe_isnonzero(const fe a_p)
+#else
+int fe_isnonzero(const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sword32* a __asm__ ("r0") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDM %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADDS r1, r2, #0x13\n\t"
+ "ADCS r1, r3, #0x0\n\t"
+ "ADCS r1, r4, #0x0\n\t"
+ "ADCS r1, r5, #0x0\n\t"
+ "ADCS r1, r6, #0x0\n\t"
+ "ADCS r1, r7, #0x0\n\t"
+ "ADCS r1, r8, #0x0\n\t"
+ "ADC r1, r9, #0x0\n\t"
+ "ASR r1, r1, #31\n\t"
+ "AND r1, r1, #0x13\n\t"
+ "ADDS r2, r2, r1\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "BFC r9, #31, #1\n\t"
+ "ORR r2, r2, r3\n\t"
+ "ORR r4, r4, r5\n\t"
+ "ORR r6, r6, r7\n\t"
+ "ORR r8, r8, r9\n\t"
+ "ORR r4, r4, r6\n\t"
+ "ORR r2, r2, r8\n\t"
+ "ORR %[a], r2, r4\n\t"
+ : [a] "+r" (a)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)a;
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int fe_isnegative(const fe a_p)
+#else
+int fe_isnegative(const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sword32* a __asm__ ("r0") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDM %[a]!, {r2, r3, r4, r5}\n\t"
+ "ADDS r1, r2, #0x13\n\t"
+ "ADCS r1, r3, #0x0\n\t"
+ "ADCS r1, r4, #0x0\n\t"
+ "ADCS r1, r5, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "ADCS r1, r2, #0x0\n\t"
+ "ADCS r1, r3, #0x0\n\t"
+ "ADCS r1, r4, #0x0\n\t"
+ "LDR r2, [%[a], #-16]\n\t"
+ "ADC r1, r5, #0x0\n\t"
+ "AND %[a], r2, #0x1\n\t"
+ "LSR r1, r1, #31\n\t"
+ "EOR %[a], %[a], r1\n\t"
+ : [a] "+r" (a)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
+ );
+ return (uint32_t)(size_t)a;
+}
+
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
+#else
+void fe_cmov_table(fe* r, fe* base, signed char b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register fe* r __asm__ ("r0") = (fe*)r_p;
+ register fe* base __asm__ ("r1") = (fe*)base_p;
+ register signed char b __asm__ ("r2") = (signed char)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SXTB %[b], %[b]\n\t"
+ "SBFX r3, %[b], #7, #1\n\t"
+ "EOR r12, %[b], r3\n\t"
+ "SUB r12, r12, r3\n\t"
+ "MOV r4, #0x1\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #31\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #30\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #29\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #28\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #27\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #26\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #25\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #24\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base]]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #32]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #64]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "SUB %[base], %[base], #0x2a0\n\t"
+ "MVN r10, #0x12\n\t"
+ "MVN r11, #0x0\n\t"
+ "SUBS r10, r10, r8\n\t"
+ "SBCS r11, r11, r9\n\t"
+ "SBC lr, lr, lr\n\t"
+ "ASR r12, %[b], #31\n\t"
+ "EOR r3, r4, r6\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r6, r6, r3\n\t"
+ "EOR r3, r5, r7\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r5, r5, r3\n\t"
+ "EOR r7, r7, r3\n\t"
+ "EOR r10, r10, r8\n\t"
+ "AND r10, r10, r12\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r11, r11, r12\n\t"
+ "EOR r9, r9, r11\n\t"
+ "STRD r4, r5, [%[r]]\n\t"
+ "STRD r6, r7, [%[r], #32]\n\t"
+ "STRD r8, r9, [%[r], #64]\n\t"
+ "SBFX r3, %[b], #7, #1\n\t"
+ "EOR r12, %[b], r3\n\t"
+ "SUB r12, r12, r3\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #31\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #30\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #29\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #28\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #27\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #26\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #25\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #24\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #8]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #40]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #72]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "SUB %[base], %[base], #0x2a0\n\t"
+ "MVN r10, #0x0\n\t"
+ "MVN r11, #0x0\n\t"
+ "RSBS lr, lr, #0x0\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBCS r11, r11, r9\n\t"
+ "SBC lr, lr, lr\n\t"
+ "ASR r12, %[b], #31\n\t"
+ "EOR r3, r4, r6\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r6, r6, r3\n\t"
+ "EOR r3, r5, r7\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r5, r5, r3\n\t"
+ "EOR r7, r7, r3\n\t"
+ "EOR r10, r10, r8\n\t"
+ "AND r10, r10, r12\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r11, r11, r12\n\t"
+ "EOR r9, r9, r11\n\t"
+ "STRD r4, r5, [%[r], #8]\n\t"
+ "STRD r6, r7, [%[r], #40]\n\t"
+ "STRD r8, r9, [%[r], #72]\n\t"
+ "SBFX r3, %[b], #7, #1\n\t"
+ "EOR r12, %[b], r3\n\t"
+ "SUB r12, r12, r3\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #31\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #30\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #29\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #28\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #27\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #26\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #25\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #24\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #48]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #80]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "SUB %[base], %[base], #0x2a0\n\t"
+ "MVN r10, #0x0\n\t"
+ "MVN r11, #0x0\n\t"
+ "RSBS lr, lr, #0x0\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBCS r11, r11, r9\n\t"
+ "SBC lr, lr, lr\n\t"
+ "ASR r12, %[b], #31\n\t"
+ "EOR r3, r4, r6\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r6, r6, r3\n\t"
+ "EOR r3, r5, r7\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r5, r5, r3\n\t"
+ "EOR r7, r7, r3\n\t"
+ "EOR r10, r10, r8\n\t"
+ "AND r10, r10, r12\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r11, r11, r12\n\t"
+ "EOR r9, r9, r11\n\t"
+ "STRD r4, r5, [%[r], #16]\n\t"
+ "STRD r6, r7, [%[r], #48]\n\t"
+ "STRD r8, r9, [%[r], #80]\n\t"
+ "SBFX r3, %[b], #7, #1\n\t"
+ "EOR r12, %[b], r3\n\t"
+ "SUB r12, r12, r3\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #31\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #30\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #29\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #28\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #27\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #26\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #25\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "ADD %[base], %[base], #0x60\n\t"
+ "MOV r3, #0x80000000\n\t"
+ "ROR r3, r3, #24\n\t"
+ "ROR r3, r3, r12\n\t"
+ "ASR r3, r3, #31\n\t"
+ "LDRD r10, r11, [%[base], #24]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r4, r4, r10\n\t"
+ "EOR r5, r5, r11\n\t"
+ "LDRD r10, r11, [%[base], #56]\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r6, r6, r10\n\t"
+ "EOR r7, r7, r11\n\t"
+ "LDRD r10, r11, [%[base], #88]\n\t"
+ "EOR r10, r10, r8\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r9, r9, r11\n\t"
+ "SUB %[base], %[base], #0x2a0\n\t"
+ "MVN r10, #0x0\n\t"
+ "MVN r11, #0x80000000\n\t"
+ "RSBS lr, lr, #0x0\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBC r11, r11, r9\n\t"
+ "ASR r12, %[b], #31\n\t"
+ "EOR r3, r4, r6\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r4, r4, r3\n\t"
+ "EOR r6, r6, r3\n\t"
+ "EOR r3, r5, r7\n\t"
+ "AND r3, r3, r12\n\t"
+ "EOR r5, r5, r3\n\t"
+ "EOR r7, r7, r3\n\t"
+ "EOR r10, r10, r8\n\t"
+ "AND r10, r10, r12\n\t"
+ "EOR r8, r8, r10\n\t"
+ "EOR r11, r11, r9\n\t"
+ "AND r11, r11, r12\n\t"
+ "EOR r9, r9, r11\n\t"
+ "STRD r4, r5, [%[r], #24]\n\t"
+ "STRD r6, r7, [%[r], #56]\n\t"
+ "STRD r8, r9, [%[r], #88]\n\t"
+ : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r3", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
+#else
+void fe_cmov_table(fe* r, fe* base, signed char b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register fe* r __asm__ ("r0") = (fe*)r_p;
+ register fe* base __asm__ ("r1") = (fe*)base_p;
+ register signed char b __asm__ ("r2") = (signed char)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SXTB %[b], %[b]\n\t"
+ "SBFX r3, %[b], #7, #1\n\t"
+ "EOR %[b], %[b], r3\n\t"
+ "SUB %[b], %[b], r3\n\t"
+ "CLZ lr, %[b]\n\t"
+ "LSL lr, lr, #26\n\t"
+ "ASR lr, lr, #31\n\t"
+ "MVN lr, lr\n\t"
+ "ADD %[b], %[b], lr\n\t"
+ "MOV r12, #0x60\n\t"
+ "MUL %[b], %[b], r12\n\t"
+ "ADD %[base], %[base], %[b]\n\t"
+ "LDM %[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r6, r6, lr\n\t"
+ "AND r7, r7, lr\n\t"
+ "AND r8, r8, lr\n\t"
+ "AND r9, r9, lr\n\t"
+ "AND r10, r10, lr\n\t"
+ "AND r11, r11, lr\n\t"
+ "MVN r12, lr\n\t"
+ "SUB r4, r4, r12\n\t"
+ "MOV r12, #0x20\n\t"
+ "AND r12, r12, r3\n\t"
+ "ADD %[r], %[r], r12\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUB %[r], %[r], r12\n\t"
+ "LDM %[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r6, r6, lr\n\t"
+ "AND r7, r7, lr\n\t"
+ "AND r8, r8, lr\n\t"
+ "AND r9, r9, lr\n\t"
+ "AND r10, r10, lr\n\t"
+ "AND r11, r11, lr\n\t"
+ "MVN r12, lr\n\t"
+ "SUB r4, r4, r12\n\t"
+ "MOV r12, #0x20\n\t"
+ "BIC r12, r12, r3\n\t"
+ "ADD %[r], %[r], r12\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUB %[r], %[r], r12\n\t"
+ "ADD %[r], %[r], #0x40\n\t"
+ "LDM %[base]!, {r4, r5, r6, r7}\n\t"
+ "MVN r12, #0x12\n\t"
+ "SUBS r8, r12, r4\n\t"
+ "SBCS r9, r3, r5\n\t"
+ "SBCS r10, r3, r6\n\t"
+ "SBCS r11, r3, r7\n\t"
+ "BIC r4, r4, r3\n\t"
+ "BIC r5, r5, r3\n\t"
+ "BIC r6, r6, r3\n\t"
+ "BIC r7, r7, r3\n\t"
+ "AND r8, r8, r3\n\t"
+ "AND r9, r9, r3\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "ORR r4, r4, r8\n\t"
+ "ORR r5, r5, r9\n\t"
+ "ORR r6, r6, r10\n\t"
+ "ORR r7, r7, r11\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r6, r6, lr\n\t"
+ "AND r7, r7, lr\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[base]!, {r4, r5, r6, r7}\n\t"
+ "MVN r12, #0x80000000\n\t"
+ "SBCS r8, r3, r4\n\t"
+ "SBCS r9, r3, r5\n\t"
+ "SBCS r10, r3, r6\n\t"
+ "SBC r11, r12, r7\n\t"
+ "BIC r4, r4, r3\n\t"
+ "BIC r5, r5, r3\n\t"
+ "BIC r6, r6, r3\n\t"
+ "BIC r7, r7, r3\n\t"
+ "AND r8, r8, r3\n\t"
+ "AND r9, r9, r3\n\t"
+ "AND r10, r10, r3\n\t"
+ "AND r11, r11, r3\n\t"
+ "ORR r4, r4, r8\n\t"
+ "ORR r5, r5, r9\n\t"
+ "ORR r6, r6, r10\n\t"
+ "ORR r7, r7, r11\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r6, r6, lr\n\t"
+ "AND r7, r7, lr\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "SUB %[base], %[base], %[b]\n\t"
+ : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#ifdef WOLFSSL_SP_NO_UMAAL
+void fe_mul_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul_op()
+#else
+void fe_mul_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x28\n\t"
+ "STR r0, [sp, #36]\n\t"
+ "MOV r0, #0x0\n\t"
+ "LDR r12, [r1]\n\t"
+ /* A[0] * B[0] */
+ "LDR lr, [r2]\n\t"
+ "UMULL r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "UMULL r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "UMULL r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "UMULL r9, r10, r12, lr\n\t"
+ "STR r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "MOV r11, r0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r3, r0, #0x0\n\t"
+ "UMLAL r10, r3, r12, lr\n\t"
+ /* A[1] * B[0] */
+ "LDR r12, [r1, #4]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[1] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r4, r0, #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "LDR r12, [r1, #8]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "STR r5, [sp, #8]\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[2] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r5, r0, #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "LDR r12, [r1, #12]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r6, r0, #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "LDR r12, [r1, #16]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r7, r0, #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "LDR r12, [r1, #20]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r8, r0, #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "LDR r12, [r1, #24]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r9, r0, #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "LDR r12, [r1, #28]\n\t"
+ "LDR lr, [r2]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "LDR lr, [r2, #4]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "LDR lr, [r2, #8]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "LDR lr, [r2, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "LDR lr, [r2, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "LDR lr, [r2, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "LDR lr, [r2, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "LDR lr, [r2, #28]\n\t"
+ "ADC r10, r0, #0x0\n\t"
+ "UMLAL r9, r10, r12, lr\n\t"
+ /* Reduce */
+ "LDR r2, [sp, #28]\n\t"
+ "MOV lr, sp\n\t"
+ "MOV r12, #0x26\n\t"
+ "UMULL r10, r11, r10, r12\n\t"
+ "ADDS r10, r10, r2\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL r11, r11, #1\n\t"
+ "ORR r11, r11, r10, LSR #31\n\t"
+ "MUL r11, r11, r12\n\t"
+ "LDM lr!, {r1, r2}\n\t"
+ "MOV r12, #0x26\n\t"
+ "ADDS r1, r1, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r1, r11, r3, r12\n\t"
+ "ADDS r2, r2, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r2, r11, r4, r12\n\t"
+ "LDM lr!, {r3, r4}\n\t"
+ "ADDS r3, r3, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r5, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r6, r12\n\t"
+ "LDM lr!, {r5, r6}\n\t"
+ "ADDS r5, r5, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r7, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r8, r12\n\t"
+ "LDM lr!, {r7, r8}\n\t"
+ "ADDS r7, r7, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r9, r12\n\t"
+ "BFC r10, #31, #1\n\t"
+ "ADDS r8, r10, r11\n\t"
+ /* Store */
+ "LDR r0, [sp, #36]\n\t"
+ "STM r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x28\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#else
+void fe_mul_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul_op()
+#else
+void fe_mul_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x2c\n\t"
+ "STRD r0, r1, [sp, #36]\n\t"
+ "MOV lr, r2\n\t"
+ "LDM r1, {r0, r1, r2, r3}\n\t"
+ "LDM lr!, {r4, r5, r6}\n\t"
+ "UMULL r10, r11, r0, r4\n\t"
+ "UMULL r12, r7, r1, r4\n\t"
+ "UMAAL r11, r12, r0, r5\n\t"
+ "UMULL r8, r9, r2, r4\n\t"
+ "UMAAL r12, r8, r1, r5\n\t"
+ "UMAAL r12, r7, r0, r6\n\t"
+ "UMAAL r8, r9, r3, r4\n\t"
+ "STM sp, {r10, r11, r12}\n\t"
+ "UMAAL r7, r8, r2, r5\n\t"
+ "LDM lr!, {r4}\n\t"
+ "UMULL r10, r11, r1, r6\n\t"
+ "UMAAL r8, r9, r2, r6\n\t"
+ "UMAAL r7, r10, r0, r4\n\t"
+ "UMAAL r8, r11, r3, r5\n\t"
+ "STR r7, [sp, #12]\n\t"
+ "UMAAL r8, r10, r1, r4\n\t"
+ "UMAAL r9, r11, r3, r6\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "UMAAL r10, r11, r3, r4\n\t"
+ "LDM lr, {r4, r5, r6, r7}\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMLAL r8, r12, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r10, r12, r2, r4\n\t"
+ "UMAAL r11, r12, r3, r4\n\t"
+ "MOV r4, #0x0\n\t"
+ "UMLAL r9, r4, r0, r5\n\t"
+ "UMAAL r10, r4, r1, r5\n\t"
+ "UMAAL r11, r4, r2, r5\n\t"
+ "UMAAL r12, r4, r3, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r0, r6\n\t"
+ "UMAAL r11, r5, r1, r6\n\t"
+ "UMAAL r12, r5, r2, r6\n\t"
+ "UMAAL r4, r5, r3, r6\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r11, r6, r0, r7\n\t"
+ "LDR r0, [sp, #40]\n\t"
+ "UMAAL r12, r6, r1, r7\n\t"
+ "ADD r0, r0, #0x10\n\t"
+ "UMAAL r4, r6, r2, r7\n\t"
+ "SUB lr, lr, #0x10\n\t"
+ "UMAAL r5, r6, r3, r7\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "STR r6, [sp, #32]\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r8, r7, r0, r6\n\t"
+ "UMAAL r9, r7, r1, r6\n\t"
+ "STR r8, [sp, #16]\n\t"
+ "UMAAL r10, r7, r2, r6\n\t"
+ "UMAAL r11, r7, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r8, #0x0\n\t"
+ "UMLAL r9, r8, r0, r6\n\t"
+ "UMAAL r10, r8, r1, r6\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "UMAAL r11, r8, r2, r6\n\t"
+ "UMAAL r12, r8, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r10, r9, r0, r6\n\t"
+ "UMAAL r11, r9, r1, r6\n\t"
+ "STR r10, [sp, #24]\n\t"
+ "UMAAL r12, r9, r2, r6\n\t"
+ "UMAAL r4, r9, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r10, #0x0\n\t"
+ "UMLAL r11, r10, r0, r6\n\t"
+ "UMAAL r12, r10, r1, r6\n\t"
+ "STR r11, [sp, #28]\n\t"
+ "UMAAL r4, r10, r2, r6\n\t"
+ "UMAAL r5, r10, r3, r6\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r12, r7, r0, r11\n\t"
+ "UMAAL r4, r7, r1, r11\n\t"
+ "LDR r6, [sp, #32]\n\t"
+ "UMAAL r5, r7, r2, r11\n\t"
+ "UMAAL r6, r7, r3, r11\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r4, r8, r0, r11\n\t"
+ "UMAAL r5, r8, r1, r11\n\t"
+ "UMAAL r6, r8, r2, r11\n\t"
+ "UMAAL r7, r8, r3, r11\n\t"
+ "LDM lr, {r11, lr}\n\t"
+ "UMAAL r5, r9, r0, r11\n\t"
+ "UMAAL r6, r10, r0, lr\n\t"
+ "UMAAL r6, r9, r1, r11\n\t"
+ "UMAAL r7, r10, r1, lr\n\t"
+ "UMAAL r7, r9, r2, r11\n\t"
+ "UMAAL r8, r10, r2, lr\n\t"
+ "UMAAL r8, r9, r3, r11\n\t"
+ "UMAAL r9, r10, r3, lr\n\t"
+ /* Reduce */
+ "LDR r0, [sp, #28]\n\t"
+ "MOV lr, #0x25\n\t"
+ "UMAAL r10, r0, r10, lr\n\t"
+ "MOV lr, #0x13\n\t"
+ "LSL r0, r0, #1\n\t"
+ "ORR r0, r0, r10, LSR #31\n\t"
+ "MUL r11, r0, lr\n\t"
+ "POP {r0, r1, r2}\n\t"
+ "MOV lr, #0x26\n\t"
+ "UMAAL r0, r11, r12, lr\n\t"
+ "UMAAL r1, r11, r4, lr\n\t"
+ "UMAAL r2, r11, r5, lr\n\t"
+ "POP {r3, r4, r5}\n\t"
+ "UMAAL r3, r11, r6, lr\n\t"
+ "UMAAL r4, r11, r7, lr\n\t"
+ "UMAAL r5, r11, r8, lr\n\t"
+ "POP {r6}\n\t"
+ "BFC r10, #31, #1\n\t"
+ "UMAAL r6, r11, r9, lr\n\t"
+ "ADD r7, r10, r11\n\t"
+ "LDR lr, [sp, #8]\n\t"
+ /* Store */
+ "STM lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "ADD sp, sp, #0x10\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_mul(fe r, const fe a, const fe b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+ register const sword32* b __asm__ ("r2") = (const sword32*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "BL fe_mul_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifdef WOLFSSL_SP_NO_UMAAL
+void fe_sq_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq_op()
+#else
+void fe_sq_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x44\n\t"
+ "STR r0, [sp, #64]\n\t"
+ /* Square */
+ "MOV r0, #0x0\n\t"
+ "LDR r12, [r1]\n\t"
+ /* A[0] * A[1] */
+ "LDR lr, [r1, #4]\n\t"
+ "UMULL r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "LDR lr, [r1, #12]\n\t"
+ "UMULL r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "UMULL r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "UMULL r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "LDR lr, [r1, #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "LDR lr, [r1, #16]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "LDR r12, [r1, #4]\n\t"
+ "LDR lr, [r1, #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "LDR lr, [r1, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "LDR lr, [r1, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r4, r0, #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "LDR r12, [r1, #8]\n\t"
+ "LDR lr, [r1, #12]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "LDR lr, [r1, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r5, r0, #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "LDR r12, [r1, #12]\n\t"
+ "LDR lr, [r1, #16]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r6, r0, #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "LDR r12, [r1, #16]\n\t"
+ "LDR lr, [r1, #20]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r7, r0, #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "LDR r12, [r1, #20]\n\t"
+ "LDR lr, [r1, #24]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r8, r0, #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "LDR r12, [r1, #24]\n\t"
+ "LDR lr, [r1, #28]\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "STM lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADC r10, r0, #0x0\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV lr, sp\n\t"
+ /* A[0] * A[0] */
+ "LDR r12, [r1]\n\t"
+ "UMULL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "LDR r12, [r1, #4]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "LDR r12, [r1, #8]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "LDR r12, [r1, #12]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, r12\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "LDR r12, [r1, #16]\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "LDR r12, [r1, #20]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "LDR r12, [r1, #24]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "LDR r12, [r1, #28]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r12, r12\n\t"
+ /* Reduce */
+ "LDR r2, [sp, #28]\n\t"
+ "MOV lr, sp\n\t"
+ "MOV r12, #0x26\n\t"
+ "UMULL r10, r11, r10, r12\n\t"
+ "ADDS r10, r10, r2\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL r11, r11, #1\n\t"
+ "ORR r11, r11, r10, LSR #31\n\t"
+ "MUL r11, r11, r12\n\t"
+ "LDM lr!, {r1, r2}\n\t"
+ "MOV r12, #0x26\n\t"
+ "ADDS r1, r1, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r1, r11, r3, r12\n\t"
+ "ADDS r2, r2, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r2, r11, r4, r12\n\t"
+ "LDM lr!, {r3, r4}\n\t"
+ "ADDS r3, r3, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r5, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r6, r12\n\t"
+ "LDM lr!, {r5, r6}\n\t"
+ "ADDS r5, r5, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r7, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r8, r12\n\t"
+ "LDM lr!, {r7, r8}\n\t"
+ "ADDS r7, r7, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r9, r12\n\t"
+ "BFC r10, #31, #1\n\t"
+ "ADDS r8, r10, r11\n\t"
+ /* Store */
+ "LDR r0, [sp, #64]\n\t"
+ "STM r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#else
+void fe_sq_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq_op()
+#else
+void fe_sq_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x20\n\t"
+ "STR r0, [sp, #28]\n\t"
+ "LDM r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ /* Square */
+ "UMULL r9, r10, r0, r0\n\t"
+ "UMULL r11, r12, r0, r1\n\t"
+ "ADDS r11, r11, r11\n\t"
+ "MOV lr, #0x0\n\t"
+ "UMAAL r10, r11, lr, lr\n\t"
+ "STM sp, {r9, r10}\n\t"
+ "MOV r8, lr\n\t"
+ "UMAAL r8, r12, r0, r2\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r8, r11, r1, r1\n\t"
+ "UMULL r9, r10, r0, r3\n\t"
+ "UMAAL r9, r12, r1, r2\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STRD r8, r9, [sp, #8]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r10, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r2, r2\n\t"
+ "STR r9, [sp, #16]\n\t"
+ "UMULL r9, r8, r0, r5\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r9, r10, r2, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r8, r0, r6\n\t"
+ "UMAAL r9, r12, r1, r5\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r3, r3\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "UMULL r0, r9, r0, r7\n\t"
+ "UMAAL r0, r8, r1, r6\n\t"
+ "UMAAL r0, r12, r2, r5\n\t"
+ "UMAAL r0, r10, r3, r4\n\t"
+ "ADCS r0, r0, r0\n\t"
+ "UMAAL r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "UMAAL r9, r8, r1, r7\n\t"
+ "UMAAL r9, r10, r2, r6\n\t"
+ "UMAAL r12, r9, r3, r5\n\t"
+ "ADCS r12, r12, r12\n\t"
+ "UMAAL r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "UMAAL r9, r8, r2, r7\n\t"
+ "UMAAL r10, r9, r3, r6\n\t"
+ "MOV r2, lr\n\t"
+ "UMAAL r10, r2, r4, r5\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "UMAAL r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "UMAAL r2, r8, r3, r7\n\t"
+ "UMAAL r2, r9, r4, r6\n\t"
+ "ADCS r3, r2, r2\n\t"
+ "UMAAL r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "MOV r1, lr\n\t"
+ "UMAAL r1, r8, r4, r7\n\t"
+ "UMAAL r1, r9, r5, r6\n\t"
+ "ADCS r4, r1, r1\n\t"
+ "UMAAL r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "UMAAL r8, r9, r5, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "MOV r5, lr\n\t"
+ "UMAAL r5, r9, r6, r7\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "UMAAL r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r5, r7, r7\n\t"
+ "ADCS r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ /* Reduce */
+ "MOV r6, #0x25\n\t"
+ "UMAAL r7, r0, r7, r6\n\t"
+ "MOV r6, #0x13\n\t"
+ "LSL r0, r0, #1\n\t"
+ "ORR r0, r0, r7, LSR #31\n\t"
+ "MUL lr, r0, r6\n\t"
+ "POP {r0, r1}\n\t"
+ "MOV r6, #0x26\n\t"
+ "UMAAL r0, lr, r12, r6\n\t"
+ "UMAAL r1, lr, r11, r6\n\t"
+ "MOV r12, r3\n\t"
+ "MOV r11, r4\n\t"
+ "POP {r2, r3, r4}\n\t"
+ "UMAAL r2, lr, r10, r6\n\t"
+ "UMAAL r3, lr, r12, r6\n\t"
+ "UMAAL r4, lr, r11, r6\n\t"
+ "MOV r12, r6\n\t"
+ "POP {r5, r6}\n\t"
+ "UMAAL r5, lr, r8, r12\n\t"
+ "BFC r7, #31, #1\n\t"
+ "UMAAL r6, lr, r9, r12\n\t"
+ "ADD r7, r7, lr\n\t"
+ "POP {lr}\n\t"
+ /* Store */
+ "STM lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ :
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq(fe r_p, const fe a_p)
+#else
+void fe_sq(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "BL fe_sq_op\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifdef HAVE_CURVE25519
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul121666(fe r_p, fe a_p)
+#else
+void fe_mul121666(fe r, fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register sword32* a __asm__ ("r1") = (sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* Multiply by 121666 */
+ "LDM %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "MOV r12, #0xdb42\n\t"
+ "MOVT r12, #0x1\n\t"
+ "UMULL r2, r10, r2, r12\n\t"
+ "UMULL r3, r11, r3, r12\n\t"
+ "ADDS r3, r3, r10\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMULL r4, r10, r4, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMULL r5, r11, r5, r12\n\t"
+ "ADDS r5, r5, r10\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMULL r6, r10, r6, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMULL r7, r11, r7, r12\n\t"
+ "ADDS r7, r7, r10\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMULL r8, r10, r8, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMULL r9, r11, r9, r12\n\t"
+ "ADDS r9, r9, r10\n\t"
+ "MOV r12, #0x13\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "LSL r11, r11, #1\n\t"
+ "ORR r11, r11, r9, LSR #31\n\t"
+ "MUL r11, r11, r12\n\t"
+ "ADDS r2, r2, r11\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "BFC r9, #31, #1\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "STM %[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul121666(fe r_p, fe a_p)
+#else
+void fe_mul121666(fe r, fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register sword32* a __asm__ ("r1") = (sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* Multiply by 121666 */
+ "LDM %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "MOV r11, #0xdb42\n\t"
+ "MOVT r11, #0x1\n\t"
+ "UMULL r2, r12, r2, r11\n\t"
+ "SUB r10, r11, #0x1\n\t"
+ "UMAAL r3, r12, r3, r10\n\t"
+ "UMAAL r4, r12, r4, r10\n\t"
+ "UMAAL r5, r12, r5, r10\n\t"
+ "UMAAL r6, r12, r6, r10\n\t"
+ "UMAAL r7, r12, r7, r10\n\t"
+ "UMAAL r8, r12, r8, r10\n\t"
+ "MOV r11, #0x13\n\t"
+ "UMAAL r9, r12, r9, r10\n\t"
+ "LSL r12, r12, #1\n\t"
+ "ORR r12, r12, r9, LSR #31\n\t"
+ "MUL r12, r12, r11\n\t"
+ "ADDS r2, r2, r12\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "BFC r9, #31, #1\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "STM %[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WC_NO_CACHE_RESISTANT
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
+#else
+int curve25519(byte* r, const byte* n, const byte* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register byte* r __asm__ ("r0") = (byte*)r_p;
+ register const byte* n __asm__ ("r1") = (const byte*)n_p;
+ register const byte* a __asm__ ("r2") = (const byte*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0xbc\n\t"
+ "STR %[r], [sp, #160]\n\t"
+ "STR %[n], [sp, #164]\n\t"
+ "STR %[a], [sp, #168]\n\t"
+ "MOV %[n], #0x0\n\t"
+ "STR %[n], [sp, #172]\n\t"
+ "MOV r4, #0x1\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "MOV r10, #0x0\n\t"
+ "MOV r11, #0x0\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADD r3, sp, #0x20\n\t"
+ "STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r3, sp\n\t"
+ "STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADD r3, sp, #0x40\n\t"
+ /* Copy */
+ "LDM r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "MOV %[n], #0x1e\n\t"
+ "STR %[n], [sp, #180]\n\t"
+ "MOV %[a], #0x1c\n\t"
+ "STR %[a], [sp, #176]\n\t"
+ "\n"
+ "L_curve25519_words:\n\t"
+ "\n"
+ "L_curve25519_bits:\n\t"
+ "LDR %[n], [sp, #164]\n\t"
+ "LDR %[a], [%[n], r2]\n\t"
+ "LDR %[n], [sp, #180]\n\t"
+ "LSR %[a], %[a], %[n]\n\t"
+ "AND %[a], %[a], #0x1\n\t"
+ "STR %[a], [sp, #184]\n\t"
+ "LDR %[n], [sp, #172]\n\t"
+ "EOR %[n], %[n], %[a]\n\t"
+ "STR %[n], [sp, #172]\n\t"
+ "LDR %[r], [sp, #160]\n\t"
+ /* Conditional Swap */
+ "RSB %[n], %[n], #0x0\n\t"
+ "MOV r3, r0\n\t"
+ "ADD r12, sp, #0x40\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDR %[n], [sp, #172]\n\t"
+ /* Conditional Swap */
+ "RSB %[n], %[n], #0x0\n\t"
+ "MOV r3, sp\n\t"
+ "ADD r12, sp, #0x20\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDM r3, {r4, r5}\n\t"
+ "LDM r12, {r6, r7}\n\t"
+ "EOR r8, r4, r6\n\t"
+ "EOR r9, r5, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r3!, {r4, r5}\n\t"
+ "STM r12!, {r6, r7}\n\t"
+ "LDR %[n], [sp, #184]\n\t"
+ "STR %[n], [sp, #172]\n\t"
+ "MOV r3, sp\n\t"
+ "LDR r2, [sp, #160]\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "LDR r0, [sp, #160]\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD r3, sp, #0x20\n\t"
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r2, [sp, #160]\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x80\n\t"
+ "MOV r1, sp\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r1, [sp, #160]\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r3, sp\n\t"
+ "ADD r2, sp, #0x20\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD r2, sp, #0x80\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "LDR r0, [sp, #160]\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x80\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sub_op\n\t"
+ "MOV r1, sp\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul121666\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_add_op\n\t"
+ "MOV r2, sp\n\t"
+ "LDR r1, [sp, #168]\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x80\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR %[a], [sp, #176]\n\t"
+ "LDR %[n], [sp, #180]\n\t"
+ "SUBS %[n], %[n], #0x1\n\t"
+ "STR %[n], [sp, #180]\n\t"
+#ifdef __GNUC__
+ "BGE L_curve25519_bits\n\t"
+#else
+ "BGE.W L_curve25519_bits\n\t"
+#endif
+ "MOV %[n], #0x1f\n\t"
+ "STR %[n], [sp, #180]\n\t"
+ "SUBS %[a], %[a], #0x4\n\t"
+ "STR %[a], [sp, #176]\n\t"
+#ifdef __GNUC__
+ "BGE L_curve25519_words\n\t"
+#else
+ "BGE.W L_curve25519_words\n\t"
+#endif
+ /* Invert */
+ "ADD r1, sp, #0x0\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x0\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x4\n\t"
+ "\n"
+ "L_curve25519_inv_1:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_1\n\t"
+#else
+ "BNE.N L_curve25519_inv_1\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x9\n\t"
+ "\n"
+ "L_curve25519_inv_2:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_2\n\t"
+#else
+ "BNE.N L_curve25519_inv_2\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x13\n\t"
+ "\n"
+ "L_curve25519_inv_3:\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_3\n\t"
+#else
+ "BNE.N L_curve25519_inv_3\n\t"
+#endif
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0xa\n\t"
+ "\n"
+ "L_curve25519_inv_4:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_4\n\t"
+#else
+ "BNE.N L_curve25519_inv_4\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x31\n\t"
+ "\n"
+ "L_curve25519_inv_5:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_5\n\t"
+#else
+ "BNE.N L_curve25519_inv_5\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x63\n\t"
+ "\n"
+ "L_curve25519_inv_6:\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_6\n\t"
+#else
+ "BNE.N L_curve25519_inv_6\n\t"
+#endif
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x32\n\t"
+ "\n"
+ "L_curve25519_inv_7:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_7\n\t"
+#else
+ "BNE.N L_curve25519_inv_7\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x5\n\t"
+ "\n"
+ "L_curve25519_inv_8:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_8\n\t"
+#else
+ "BNE.N L_curve25519_inv_8\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x0\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r2, sp\n\t"
+ "LDR r1, [sp, #160]\n\t"
+ "LDR r0, [sp, #160]\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r0, #0x0\n\t"
+ "ADD sp, sp, #0xbc\n\t"
+ : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
+#else
+int curve25519(byte* r, const byte* n, const byte* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register byte* r __asm__ ("r0") = (byte*)r_p;
+ register const byte* n __asm__ ("r1") = (const byte*)n_p;
+ register const byte* a __asm__ ("r2") = (const byte*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0xc0\n\t"
+ "STR %[r], [sp, #176]\n\t"
+ "STR %[n], [sp, #160]\n\t"
+ "STR %[a], [sp, #172]\n\t"
+ "ADD r5, sp, #0x40\n\t"
+ "ADD r4, sp, #0x20\n\t"
+ "STR sp, [sp, #184]\n\t"
+ "STR r5, [sp, #180]\n\t"
+ "STR r4, [sp, #188]\n\t"
+ "MOV %[n], #0x0\n\t"
+ "STR %[n], [sp, #164]\n\t"
+ "MOV r4, #0x1\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r6, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r9, #0x0\n\t"
+ "MOV r10, #0x0\n\t"
+ "MOV r11, #0x0\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADD r3, sp, #0x20\n\t"
+ "STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r3, sp\n\t"
+ "STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADD r3, sp, #0x40\n\t"
+ /* Copy */
+ "LDM r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "MOV %[a], #0xfe\n\t"
+ "\n"
+ "L_curve25519_bits:\n\t"
+ "STR %[a], [sp, #168]\n\t"
+ "LDR %[n], [sp, #160]\n\t"
+ "AND r4, %[a], #0x1f\n\t"
+ "LSR %[a], %[a], #5\n\t"
+ "LDR %[a], [%[n], r2, LSL #2]\n\t"
+ "RSB r4, r4, #0x1f\n\t"
+ "LSL %[a], %[a], r4\n\t"
+ "LDR %[n], [sp, #164]\n\t"
+ "EOR %[n], %[n], %[a]\n\t"
+ "ASR %[n], %[n], #31\n\t"
+ "STR %[a], [sp, #164]\n\t"
+ /* Conditional Swap */
+ "ADD r11, sp, #0xb0\n\t"
+ "LDM r11, {r4, r5, r6, r7}\n\t"
+ "EOR r8, r4, r5\n\t"
+ "EOR r9, r6, r7\n\t"
+ "AND r8, r8, %[n]\n\t"
+ "AND r9, r9, %[n]\n\t"
+ "EOR r4, r4, r8\n\t"
+ "EOR r5, r5, r8\n\t"
+ "EOR r6, r6, r9\n\t"
+ "EOR r7, r7, r9\n\t"
+ "STM r11, {r4, r5, r6, r7}\n\t"
+ /* Ladder step */
+ "LDR r3, [sp, #184]\n\t"
+ "LDR r2, [sp, #176]\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "LDR r0, [sp, #176]\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r3, [sp, #188]\n\t"
+ "LDR r2, [sp, #180]\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "LDR r0, [sp, #184]\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r2, [sp, #176]\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "LDR r0, [sp, #188]\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x80\n\t"
+ "LDR r1, [sp, #184]\n\t"
+ "LDR r0, [sp, #184]\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r1, [sp, #176]\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r3, [sp, #184]\n\t"
+ "LDR r2, [sp, #188]\n\t"
+ "LDR r1, [sp, #184]\n\t"
+ "LDR r0, [sp, #180]\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "LDR r0, [sp, #176]\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sub_op\n\t"
+ "LDR r1, [sp, #184]\n\t"
+ "LDR r0, [sp, #184]\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "LDR r0, [sp, #188]\n\t"
+ "BL fe_mul121666\n\t"
+ "LDR r1, [sp, #180]\n\t"
+ "LDR r0, [sp, #180]\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r2, [sp, #188]\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_add_op\n\t"
+ "LDR r2, [sp, #184]\n\t"
+ "LDR r1, [sp, #172]\n\t"
+ "LDR r0, [sp, #188]\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "LDR r0, [sp, #184]\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR %[a], [sp, #168]\n\t"
+ "SUBS %[a], %[a], #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGE L_curve25519_bits\n\t"
+#else
+ "BGE.N L_curve25519_bits\n\t"
+#endif
+ /* Cycle Count: 171 */
+ "LDR %[n], [sp, #184]\n\t"
+ /* Copy */
+ "LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM sp, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Invert */
+ "ADD r1, sp, #0x0\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x0\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x4\n\t"
+ "\n"
+ "L_curve25519_inv_1:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_1\n\t"
+#else
+ "BNE.N L_curve25519_inv_1\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x9\n\t"
+ "\n"
+ "L_curve25519_inv_2:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_2\n\t"
+#else
+ "BNE.N L_curve25519_inv_2\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x13\n\t"
+ "\n"
+ "L_curve25519_inv_3:\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_3\n\t"
+#else
+ "BNE.N L_curve25519_inv_3\n\t"
+#endif
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0xa\n\t"
+ "\n"
+ "L_curve25519_inv_4:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_4\n\t"
+#else
+ "BNE.N L_curve25519_inv_4\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x31\n\t"
+ "\n"
+ "L_curve25519_inv_5:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_5\n\t"
+#else
+ "BNE.N L_curve25519_inv_5\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x63\n\t"
+ "\n"
+ "L_curve25519_inv_6:\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x80\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_6\n\t"
+#else
+ "BNE.N L_curve25519_inv_6\n\t"
+#endif
+ "ADD r2, sp, #0x60\n\t"
+ "ADD r1, sp, #0x80\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x32\n\t"
+ "\n"
+ "L_curve25519_inv_7:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_7\n\t"
+#else
+ "BNE.N L_curve25519_inv_7\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x5\n\t"
+ "\n"
+ "L_curve25519_inv_8:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_curve25519_inv_8\n\t"
+#else
+ "BNE.N L_curve25519_inv_8\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x0\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r2, [sp, #184]\n\t"
+ "LDR r1, [sp, #176]\n\t"
+ "LDR r0, [sp, #176]\n\t"
+ "BL fe_mul_op\n\t"
+ /* Ensure result is less than modulus */
+ "LDR %[r], [sp, #176]\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "MOV %[a], #0x13\n\t"
+ "AND %[a], %[a], r11, ASR #31\n\t"
+ "ADDS r4, r4, %[a]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "BFC r11, #31, #1\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "MOV r0, #0x0\n\t"
+ "ADD sp, sp, #0xc0\n\t"
+ : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_invert(fe r_p, const fe a_p)
+#else
+void fe_invert(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x88\n\t"
+ /* Invert */
+ "STR %[r], [sp, #128]\n\t"
+ "STR %[a], [sp, #132]\n\t"
+ "LDR r1, [sp, #132]\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x20\n\t"
+ "LDR r1, [sp, #132]\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x20\n\t"
+ "MOV r1, sp\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x4\n\t"
+ "\n"
+ "L_fe_invert1:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert1\n\t"
+#else
+ "BNE.N L_fe_invert1\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x9\n\t"
+ "\n"
+ "L_fe_invert2:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert2\n\t"
+#else
+ "BNE.N L_fe_invert2\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x13\n\t"
+ "\n"
+ "L_fe_invert3:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert3\n\t"
+#else
+ "BNE.N L_fe_invert3\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0xa\n\t"
+ "\n"
+ "L_fe_invert4:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert4\n\t"
+#else
+ "BNE.N L_fe_invert4\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x31\n\t"
+ "\n"
+ "L_fe_invert5:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert5\n\t"
+#else
+ "BNE.N L_fe_invert5\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x63\n\t"
+ "\n"
+ "L_fe_invert6:\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x60\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert6\n\t"
+#else
+ "BNE.N L_fe_invert6\n\t"
+#endif
+ "ADD r2, sp, #0x40\n\t"
+ "ADD r1, sp, #0x60\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x32\n\t"
+ "\n"
+ "L_fe_invert7:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert7\n\t"
+#else
+ "BNE.N L_fe_invert7\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x5\n\t"
+ "\n"
+ "L_fe_invert8:\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_invert8\n\t"
+#else
+ "BNE.N L_fe_invert8\n\t"
+#endif
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "LDR r0, [sp, #128]\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR %[a], [sp, #132]\n\t"
+ "LDR %[r], [sp, #128]\n\t"
+ "ADD sp, sp, #0x88\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq2(fe r_p, const fe a_p)
+#else
+void fe_sq2(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x44\n\t"
+ "STR r0, [sp, #64]\n\t"
+ /* Square * 2 */
+ "MOV r0, #0x0\n\t"
+ "LDR r12, [r1]\n\t"
+ /* A[0] * A[1] */
+ "LDR lr, [r1, #4]\n\t"
+ "UMULL r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "LDR lr, [r1, #12]\n\t"
+ "UMULL r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "UMULL r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "UMULL r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "LDR lr, [r1, #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "LDR lr, [r1, #16]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "LDR r12, [r1, #4]\n\t"
+ "LDR lr, [r1, #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "LDR lr, [r1, #12]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "LDR lr, [r1, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r4, r0, #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "LDR r12, [r1, #8]\n\t"
+ "LDR lr, [r1, #12]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "LDR lr, [r1, #16]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r5, r0, #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "LDR r12, [r1, #12]\n\t"
+ "LDR lr, [r1, #16]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "LDR lr, [r1, #20]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r6, r0, #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "LDR r12, [r1, #16]\n\t"
+ "LDR lr, [r1, #20]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "LDR lr, [r1, #24]\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r7, r0, #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "LDR r12, [r1, #20]\n\t"
+ "LDR lr, [r1, #24]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "LDR lr, [r1, #28]\n\t"
+ "ADC r8, r0, #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "LDR r12, [r1, #24]\n\t"
+ "LDR lr, [r1, #28]\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "STM lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADC r10, r0, #0x0\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV lr, sp\n\t"
+ /* A[0] * A[0] */
+ "LDR r12, [r1]\n\t"
+ "UMULL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "LDR r12, [r1, #4]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "LDR r12, [r1, #8]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "LDR r12, [r1, #12]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r9, r11, r12, r12\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "LDR r12, [r1, #16]\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "LDR r12, [r1, #20]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "LDR r12, [r1, #24]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "LDR r12, [r1, #28]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r12, r12\n\t"
+ /* Reduce */
+ "LDR r2, [sp, #28]\n\t"
+ "MOV lr, sp\n\t"
+ "MOV r12, #0x26\n\t"
+ "UMULL r10, r11, r10, r12\n\t"
+ "ADDS r10, r10, r2\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL r11, r11, #1\n\t"
+ "ORR r11, r11, r10, LSR #31\n\t"
+ "MUL r11, r11, r12\n\t"
+ "LDM lr!, {r1, r2}\n\t"
+ "MOV r12, #0x26\n\t"
+ "ADDS r1, r1, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r1, r11, r3, r12\n\t"
+ "ADDS r2, r2, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r2, r11, r4, r12\n\t"
+ "LDM lr!, {r3, r4}\n\t"
+ "ADDS r3, r3, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r3, r11, r5, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r4, r11, r6, r12\n\t"
+ "LDM lr!, {r5, r6}\n\t"
+ "ADDS r5, r5, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r5, r11, r7, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r6, r11, r8, r12\n\t"
+ "LDM lr!, {r7, r8}\n\t"
+ "ADDS r7, r7, r11\n\t"
+ "ADC r11, r0, #0x0\n\t"
+ "UMLAL r7, r11, r9, r12\n\t"
+ "BFC r10, #31, #1\n\t"
+ "ADDS r8, r10, r11\n\t"
+ /* Reduce if top bit set */
+ "MOV r12, #0x13\n\t"
+ "AND r11, r12, r8, ASR #31\n\t"
+ "ADDS r1, r1, r11\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "BFC r8, #31, #1\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ /* Double */
+ "ADDS r1, r1, r1\n\t"
+ "ADCS r2, r2, r2\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADC r8, r8, r8\n\t"
+ /* Reduce if top bit set */
+ "MOV r12, #0x13\n\t"
+ "AND r11, r12, r8, ASR #31\n\t"
+ "ADDS r1, r1, r11\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "BFC r8, #31, #1\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ /* Store */
+ "LDR r0, [sp, #64]\n\t"
+ "STM r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq2(fe r_p, const fe a_p)
+#else
+void fe_sq2(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x24\n\t"
+ "STRD r0, r1, [sp, #28]\n\t"
+ "LDM r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ /* Square * 2 */
+ "UMULL r9, r10, r0, r0\n\t"
+ "UMULL r11, r12, r0, r1\n\t"
+ "ADDS r11, r11, r11\n\t"
+ "MOV lr, #0x0\n\t"
+ "UMAAL r10, r11, lr, lr\n\t"
+ "STM sp, {r9, r10}\n\t"
+ "MOV r8, lr\n\t"
+ "UMAAL r8, r12, r0, r2\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r8, r11, r1, r1\n\t"
+ "UMULL r9, r10, r0, r3\n\t"
+ "UMAAL r9, r12, r1, r2\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STRD r8, r9, [sp, #8]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r10, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r2, r2\n\t"
+ "STR r9, [sp, #16]\n\t"
+ "UMULL r9, r8, r0, r5\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r9, r10, r2, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r8, r0, r6\n\t"
+ "UMAAL r9, r12, r1, r5\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r3, r3\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "UMULL r0, r9, r0, r7\n\t"
+ "UMAAL r0, r8, r1, r6\n\t"
+ "UMAAL r0, r12, r2, r5\n\t"
+ "UMAAL r0, r10, r3, r4\n\t"
+ "ADCS r0, r0, r0\n\t"
+ "UMAAL r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "UMAAL r9, r8, r1, r7\n\t"
+ "UMAAL r9, r10, r2, r6\n\t"
+ "UMAAL r12, r9, r3, r5\n\t"
+ "ADCS r12, r12, r12\n\t"
+ "UMAAL r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "UMAAL r9, r8, r2, r7\n\t"
+ "UMAAL r10, r9, r3, r6\n\t"
+ "MOV r2, lr\n\t"
+ "UMAAL r10, r2, r4, r5\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "UMAAL r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "UMAAL r2, r8, r3, r7\n\t"
+ "UMAAL r2, r9, r4, r6\n\t"
+ "ADCS r3, r2, r2\n\t"
+ "UMAAL r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "MOV r1, lr\n\t"
+ "UMAAL r1, r8, r4, r7\n\t"
+ "UMAAL r1, r9, r5, r6\n\t"
+ "ADCS r4, r1, r1\n\t"
+ "UMAAL r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "UMAAL r8, r9, r5, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "MOV r5, lr\n\t"
+ "UMAAL r5, r9, r6, r7\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "UMAAL r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r5, r7, r7\n\t"
+ "ADCS r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ /* Reduce */
+ "MOV r6, #0x25\n\t"
+ "UMAAL r7, r0, r7, r6\n\t"
+ "MOV r6, #0x13\n\t"
+ "LSL r0, r0, #1\n\t"
+ "ORR r0, r0, r7, LSR #31\n\t"
+ "MUL lr, r0, r6\n\t"
+ "POP {r0, r1}\n\t"
+ "MOV r6, #0x26\n\t"
+ "UMAAL r0, lr, r12, r6\n\t"
+ "UMAAL r1, lr, r11, r6\n\t"
+ "MOV r12, r3\n\t"
+ "MOV r11, r4\n\t"
+ "POP {r2, r3, r4}\n\t"
+ "UMAAL r2, lr, r10, r6\n\t"
+ "UMAAL r3, lr, r12, r6\n\t"
+ "UMAAL r4, lr, r11, r6\n\t"
+ "MOV r12, r6\n\t"
+ "POP {r5, r6}\n\t"
+ "UMAAL r5, lr, r8, r12\n\t"
+ "BFC r7, #31, #1\n\t"
+ "UMAAL r6, lr, r9, r12\n\t"
+ "ADD r7, r7, lr\n\t"
+ /* Reduce if top bit set */
+ "MOV r11, #0x13\n\t"
+ "AND r12, r11, r7, ASR #31\n\t"
+ "ADDS r0, r0, r12\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "BFC r7, #31, #1\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* Double */
+ "ADDS r0, r0, r0\n\t"
+ "ADCS r1, r1, r1\n\t"
+ "ADCS r2, r2, r2\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ /* Reduce if top bit set */
+ "MOV r11, #0x13\n\t"
+ "AND r12, r11, r7, ASR #31\n\t"
+ "ADDS r0, r0, r12\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "BFC r7, #31, #1\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "POP {r12, lr}\n\t"
+ /* Store */
+ "STM r12, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "MOV r0, r12\n\t"
+ "MOV r1, lr\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_pow22523(fe r_p, const fe a_p)
+#else
+void fe_pow22523(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sword32* r __asm__ ("r0") = (sword32*)r_p;
+ register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x68\n\t"
+ /* pow22523 */
+ "STR %[r], [sp, #96]\n\t"
+ "STR %[a], [sp, #100]\n\t"
+ "LDR r1, [sp, #100]\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "ADD r2, sp, #0x20\n\t"
+ "LDR r1, [sp, #100]\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r2, sp, #0x20\n\t"
+ "MOV r1, sp\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r1, sp\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x4\n\t"
+ "\n"
+ "L_fe_pow22523_1:\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_1\n\t"
+#else
+ "BNE.N L_fe_pow22523_1\n\t"
+#endif
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x9\n\t"
+ "\n"
+ "L_fe_pow22523_2:\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_2\n\t"
+#else
+ "BNE.N L_fe_pow22523_2\n\t"
+#endif
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x13\n\t"
+ "\n"
+ "L_fe_pow22523_3:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_3\n\t"
+#else
+ "BNE.N L_fe_pow22523_3\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0xa\n\t"
+ "\n"
+ "L_fe_pow22523_4:\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_4\n\t"
+#else
+ "BNE.N L_fe_pow22523_4\n\t"
+#endif
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r1, sp\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x31\n\t"
+ "\n"
+ "L_fe_pow22523_5:\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_5\n\t"
+#else
+ "BNE.N L_fe_pow22523_5\n\t"
+#endif
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "MOV r12, #0x63\n\t"
+ "\n"
+ "L_fe_pow22523_6:\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x40\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_6\n\t"
+#else
+ "BNE.N L_fe_pow22523_6\n\t"
+#endif
+ "ADD r2, sp, #0x20\n\t"
+ "ADD r1, sp, #0x40\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x32\n\t"
+ "\n"
+ "L_fe_pow22523_7:\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "ADD r0, sp, #0x20\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_7\n\t"
+#else
+ "BNE.N L_fe_pow22523_7\n\t"
+#endif
+ "MOV r2, sp\n\t"
+ "ADD r1, sp, #0x20\n\t"
+ "MOV r0, sp\n\t"
+ "BL fe_mul_op\n\t"
+ "MOV r12, #0x2\n\t"
+ "\n"
+ "L_fe_pow22523_8:\n\t"
+ "MOV r1, sp\n\t"
+ "MOV r0, sp\n\t"
+ "PUSH {r12}\n\t"
+ "BL fe_sq_op\n\t"
+ "POP {r12}\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_fe_pow22523_8\n\t"
+#else
+ "BNE.N L_fe_pow22523_8\n\t"
+#endif
+ "LDR r2, [sp, #100]\n\t"
+ "MOV r1, sp\n\t"
+ "LDR r0, [sp, #96]\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR %[a], [sp, #100]\n\t"
+ "LDR %[r], [sp, #96]\n\t"
+ "ADD sp, sp, #0x68\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_p1p1_to_p2(ge_p2 * r_p, const ge_p1p1 * p_p)
+#else
+void ge_p1p1_to_p2(ge_p2 * r, const ge_p1p1 * p)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p2 * r __asm__ ("r0") = (ge_p2 *)r_p;
+ register const ge_p1p1 * p __asm__ ("r1") = (const ge_p1p1 *)p_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x8\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "ADD r2, r1, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r2, r1, #0x40\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r2, r1, #0x60\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD sp, sp, #0x8\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
+ :
+ : "memory", "lr", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_p1p1_to_p3(ge_p3 * r_p, const ge_p1p1 * p_p)
+#else
+void ge_p1p1_to_p3(ge_p3 * r, const ge_p1p1 * p)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p3 * r __asm__ ("r0") = (ge_p3 *)r_p;
+ register const ge_p1p1 * p __asm__ ("r1") = (const ge_p1p1 *)p_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x8\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "ADD r2, r1, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r2, r1, #0x40\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r2, r1, #0x60\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r2, r1, #0x20\n\t"
+ "ADD r0, r0, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "ADD sp, sp, #0x8\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
+ :
+ : "memory", "lr", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_p2_dbl(ge_p1p1 * r_p, const ge_p2 * p_p)
+#else
+void ge_p2_dbl(ge_p1p1 * r, const ge_p2 * p)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p2 * p __asm__ ("r1") = (const ge_p2 *)p_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x8\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r2, r1, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_add_op\n\t"
+ "MOV r1, r0\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_sq_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "MOV r3, r0\n\t"
+ "ADD r2, r0, #0x40\n\t"
+ "ADD r1, r0, #0x40\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "MOV r2, r0\n\t"
+ "ADD r1, r0, #0x40\n\t"
+ "SUB r0, r0, #0x20\n\t"
+ "BL fe_sub_op\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x60\n\t"
+ "BL fe_sq2\n\t"
+ "SUB r2, r0, #0x20\n\t"
+ "MOV r1, r0\n\t"
+ "BL fe_sub_op\n\t"
+ "ADD sp, sp, #0x8\n\t"
+ : [r] "+r" (r), [p] "+r" (p)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_madd(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
+#else
+void ge_madd(ge_p1p1 * r, const ge_p3 * p, const ge_precomp * q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+ register const ge_precomp * q __asm__ ("r2") = (const ge_precomp *)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0xc\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "STR %[q], [sp, #8]\n\t"
+ "MOV r2, r1\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "BL fe_add_op\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "MOV r2, r1\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_sub_op\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "SUB r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r2, r2, #0x20\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #8]\n\t"
+ "LDR r2, [sp, #4]\n\t"
+ "ADD r2, r2, #0x60\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "ADD r3, r0, #0x20\n\t"
+ "ADD r2, r0, #0x40\n\t"
+ "MOV r1, r0\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ /* Double */
+ "LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL lr, lr, #1\n\t"
+ "ORR lr, lr, r11, LSR #31\n\t"
+ "MUL r12, lr, r12\n\t"
+ "ADDS r4, r4, r12\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "BFC r11, #31, #1\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "ADD r3, r0, #0x20\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD sp, sp, #0xc\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_msub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
+#else
+void ge_msub(ge_p1p1 * r, const ge_p3 * p, const ge_precomp * q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+ register const ge_precomp * q __asm__ ("r2") = (const ge_precomp *)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0xc\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "STR %[q], [sp, #8]\n\t"
+ "MOV r2, r1\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "BL fe_add_op\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "MOV r2, r1\n\t"
+ "ADD r1, r1, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_sub_op\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r2, r2, #0x20\n\t"
+ "SUB r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #8]\n\t"
+ "LDR r2, [sp, #4]\n\t"
+ "ADD r2, r2, #0x60\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "ADD r3, r0, #0x20\n\t"
+ "ADD r2, r0, #0x40\n\t"
+ "MOV r1, r0\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ /* Double */
+ "LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL lr, lr, #1\n\t"
+ "ORR lr, lr, r11, LSR #31\n\t"
+ "MUL r12, lr, r12\n\t"
+ "ADDS r4, r4, r12\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "BFC r11, #31, #1\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "ADD r3, r0, #0x20\n\t"
+ "MOV r1, r0\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD sp, sp, #0xc\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_add(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
+#else
+void ge_add(ge_p1p1 * r, const ge_p3 * p, const ge_cached* q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+ register const ge_cached* q __asm__ ("r2") = (const ge_cached*)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x2c\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "STR %[q], [sp, #8]\n\t"
+ "MOV r3, r1\n\t"
+ "ADD r2, r1, #0x20\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "MOV r1, r0\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r2, r2, #0x20\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #8]\n\t"
+ "LDR r2, [sp, #4]\n\t"
+ "ADD r2, r2, #0x60\n\t"
+ "ADD r1, r1, #0x60\n\t"
+ "ADD r0, r0, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r2, r2, #0x40\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r1, [sp]\n\t"
+ "ADD r0, sp, #0xc\n\t"
+ /* Double */
+ "LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL lr, lr, #1\n\t"
+ "ORR lr, lr, r11, LSR #31\n\t"
+ "MUL r12, lr, r12\n\t"
+ "ADDS r4, r4, r12\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "BFC r11, #31, #1\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "ADD r3, r1, #0x20\n\t"
+ "ADD r2, r1, #0x40\n\t"
+ "ADD r0, r1, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD r3, r0, #0x40\n\t"
+ "ADD r2, sp, #0xc\n\t"
+ "ADD r1, r0, #0x40\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD sp, sp, #0x2c\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_sub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
+#else
+void ge_sub(ge_p1p1 * r, const ge_p3 * p, const ge_cached* q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+ register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+ register const ge_cached* q __asm__ ("r2") = (const ge_cached*)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x2c\n\t"
+ "STR %[r], [sp]\n\t"
+ "STR %[p], [sp, #4]\n\t"
+ "STR %[q], [sp, #8]\n\t"
+ "MOV r3, r1\n\t"
+ "ADD r2, r1, #0x20\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r2, r2, #0x20\n\t"
+ "MOV r1, r0\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x20\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #8]\n\t"
+ "LDR r2, [sp, #4]\n\t"
+ "ADD r2, r2, #0x60\n\t"
+ "ADD r1, r1, #0x60\n\t"
+ "ADD r0, r0, #0x60\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r0, [sp]\n\t"
+ "LDR r1, [sp, #4]\n\t"
+ "LDR r2, [sp, #8]\n\t"
+ "ADD r2, r2, #0x40\n\t"
+ "ADD r1, r1, #0x40\n\t"
+ "BL fe_mul_op\n\t"
+ "LDR r1, [sp]\n\t"
+ "ADD r0, sp, #0xc\n\t"
+ /* Double */
+ "LDM r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "MOV r12, #0x13\n\t"
+ "LSL lr, lr, #1\n\t"
+ "ORR lr, lr, r11, LSR #31\n\t"
+ "MUL r12, lr, r12\n\t"
+ "ADDS r4, r4, r12\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "BFC r11, #31, #1\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "STM r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ /* Done Double */
+ "ADD r3, r1, #0x20\n\t"
+ "ADD r2, r1, #0x40\n\t"
+ "ADD r0, r1, #0x20\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD r3, r0, #0x40\n\t"
+ "ADD r2, sp, #0xc\n\t"
+ "ADD r1, r0, #0x20\n\t"
+ "ADD r0, r0, #0x40\n\t"
+ "BL fe_add_sub_op\n\t"
+ "ADD sp, sp, #0x2c\n\t"
+ : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_reduce(byte* s_p)
+#else
+void sc_reduce(byte* s)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register byte* s __asm__ ("r0") = (byte*)s_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x38\n\t"
+ "STR %[s], [sp, #52]\n\t"
+ /* Load bits 252-511 */
+ "ADD %[s], %[s], #0x1c\n\t"
+ "LDM %[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "LSR lr, r9, #24\n\t"
+ "LSL r9, r9, #4\n\t"
+ "ORR r9, r9, r8, LSR #28\n\t"
+ "LSL r8, r8, #4\n\t"
+ "ORR r8, r8, r7, LSR #28\n\t"
+ "LSL r7, r7, #4\n\t"
+ "ORR r7, r7, r6, LSR #28\n\t"
+ "LSL r6, r6, #4\n\t"
+ "ORR r6, r6, r5, LSR #28\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, r3, LSR #28\n\t"
+ "LSL r3, r3, #4\n\t"
+ "ORR r3, r3, r2, LSR #28\n\t"
+ "LSL r2, r2, #4\n\t"
+ "ORR r2, r2, r1, LSR #28\n\t"
+ "BFC r9, #28, #4\n\t"
+ "SUB %[s], %[s], #0x1c\n\t"
+ /* Add order times bits 504..511 */
+ "MOV r10, #0x2c13\n\t"
+ "MOVT r10, #0xa30a\n\t"
+ "MOV r11, #0x9ce5\n\t"
+ "MOVT r11, #0xa7ed\n\t"
+ "MOV r1, #0x0\n\t"
+ "UMLAL r2, r1, r10, lr\n\t"
+ "ADDS r3, r3, r1\n\t"
+ "MOV r1, #0x0\n\t"
+ "ADC r1, r1, #0x0\n\t"
+ "UMLAL r3, r1, r11, lr\n\t"
+ "MOV r10, #0x6329\n\t"
+ "MOVT r10, #0x5d08\n\t"
+ "MOV r11, #0x621\n\t"
+ "MOVT r11, #0xeb21\n\t"
+ "ADDS r4, r4, r1\n\t"
+ "MOV r1, #0x0\n\t"
+ "ADC r1, r1, #0x0\n\t"
+ "UMLAL r4, r1, r10, lr\n\t"
+ "ADDS r5, r5, r1\n\t"
+ "MOV r1, #0x0\n\t"
+ "ADC r1, r1, #0x0\n\t"
+ "UMLAL r5, r1, r11, lr\n\t"
+ "ADDS r6, r6, r1\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "SUBS r6, r6, lr\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC r9, r9, #0x0\n\t"
+ /* Sub product of top 8 words and order */
+ "MOV r12, sp\n\t"
+ "MOV r1, #0x2c13\n\t"
+ "MOVT r1, #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, r1\n\t"
+ "BFC r11, #28, #4\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV r1, #0x9ce5\n\t"
+ "MOVT r1, #0xa7ed\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV r1, #0x6329\n\t"
+ "MOVT r1, #0x5d08\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV r1, #0x621\n\t"
+ "MOVT r1, #0xeb21\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, r1\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ /* Subtract at 4 * 32 */
+ "LDM r12, {r10, r11}\n\t"
+ "SUBS r10, r10, r2\n\t"
+ "SBCS r11, r11, r3\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r4\n\t"
+ "SBCS r11, r11, r5\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBC r11, r11, r9\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "SUB r12, r12, #0x24\n\t"
+ "ASR lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+ "MOV r1, #0xa0000000\n\t"
+ "MOV r2, #0xba7d\n\t"
+ "MOVT r2, #0x4b9e\n\t"
+ "MOV r3, #0x4c63\n\t"
+ "MOVT r3, #0xcb02\n\t"
+ "MOV r4, #0xf39a\n\t"
+ "MOVT r4, #0xd45e\n\t"
+ "MOV r5, #0xdf3b\n\t"
+ "MOVT r5, #0x29b\n\t"
+ "MOV r9, #0x2000000\n\t"
+ "AND r1, r1, lr\n\t"
+ "AND r2, r2, lr\n\t"
+ "AND r3, r3, lr\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r9, r9, lr\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, r1\n\t"
+ "ADCS r11, r11, r2\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, r3\n\t"
+ "ADCS r11, r11, r4\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, r5\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "STM r12!, {r10}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "MOV r12, sp\n\t"
+ /* Load bits 252-376 */
+ "ADD r12, r12, #0x1c\n\t"
+ "LDM r12, {r1, r2, r3, r4, r5}\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, r3, LSR #28\n\t"
+ "LSL r3, r3, #4\n\t"
+ "ORR r3, r3, r2, LSR #28\n\t"
+ "LSL r2, r2, #4\n\t"
+ "ORR r2, r2, r1, LSR #28\n\t"
+ "BFC r5, #29, #3\n\t"
+ "SUB r12, r12, #0x1c\n\t"
+ /* Sub product of top 4 words and order */
+ "MOV %[s], sp\n\t"
+ /* * -5cf5d3ed */
+ "MOV r1, #0x2c13\n\t"
+ "MOVT r1, #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, lr, r2, r1\n\t"
+ "ADDS r7, r7, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r7, lr, r3, r1\n\t"
+ "ADDS r8, r8, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r8, lr, r4, r1\n\t"
+ "ADDS r9, r9, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r9, lr, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -5812631b */
+ "MOV r1, #0x9ce5\n\t"
+ "MOVT r1, #0xa7ed\n\t"
+ "MOV r10, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r10, r2, r1\n\t"
+ "ADDS r7, r7, r10\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r7, r10, r3, r1\n\t"
+ "ADDS r8, r8, r10\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r8, r10, r4, r1\n\t"
+ "ADDS r9, r9, r10\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -a2f79cd7 */
+ "MOV r1, #0x6329\n\t"
+ "MOVT r1, #0x5d08\n\t"
+ "MOV r11, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r11, r2, r1\n\t"
+ "ADDS r7, r7, r11\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMLAL r7, r11, r3, r1\n\t"
+ "ADDS r8, r8, r11\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMLAL r8, r11, r4, r1\n\t"
+ "ADDS r9, r9, r11\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMLAL r9, r11, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -14def9df */
+ "MOV r1, #0x621\n\t"
+ "MOVT r1, #0xeb21\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r12, r2, r1\n\t"
+ "ADDS r7, r7, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "UMLAL r7, r12, r3, r1\n\t"
+ "ADDS r8, r8, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "UMLAL r8, r12, r4, r1\n\t"
+ "ADDS r9, r9, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "UMLAL r9, r12, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* Add overflows at 4 * 32 */
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "BFC r9, #28, #4\n\t"
+ "ADDS r6, r6, lr\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADCS r8, r8, r11\n\t"
+ "ADC r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "SUBS r6, r6, r2\n\t"
+ "SBCS r7, r7, r3\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBC r1, r1, r1\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "LDM %[s], {r2, r3, r4, r5}\n\t"
+ "MOV r10, #0xd3ed\n\t"
+ "MOVT r10, #0x5cf5\n\t"
+ "MOV r11, #0x631a\n\t"
+ "MOVT r11, #0x5812\n\t"
+ "MOV r12, #0x9cd6\n\t"
+ "MOVT r12, #0xa2f7\n\t"
+ "MOV lr, #0xf9de\n\t"
+ "MOVT lr, #0x14de\n\t"
+ "AND r10, r10, r1\n\t"
+ "AND r11, r11, r1\n\t"
+ "AND r12, r12, r1\n\t"
+ "AND lr, lr, r1\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADCS r5, r5, lr\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "AND r1, r1, #0x10000000\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, r1\n\t"
+ "BFC r9, #28, #4\n\t"
+ /* Store result */
+ "LDR %[s], [sp, #52]\n\t"
+ "STM %[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD sp, sp, #0x38\n\t"
+ : [s] "+r" (s)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_reduce(byte* s_p)
+#else
+void sc_reduce(byte* s)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register byte* s __asm__ ("r0") = (byte*)s_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x38\n\t"
+ "STR %[s], [sp, #52]\n\t"
+ /* Load bits 252-511 */
+ "ADD %[s], %[s], #0x1c\n\t"
+ "LDM %[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "LSR lr, r9, #24\n\t"
+ "LSL r9, r9, #4\n\t"
+ "ORR r9, r9, r8, LSR #28\n\t"
+ "LSL r8, r8, #4\n\t"
+ "ORR r8, r8, r7, LSR #28\n\t"
+ "LSL r7, r7, #4\n\t"
+ "ORR r7, r7, r6, LSR #28\n\t"
+ "LSL r6, r6, #4\n\t"
+ "ORR r6, r6, r5, LSR #28\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, r3, LSR #28\n\t"
+ "LSL r3, r3, #4\n\t"
+ "ORR r3, r3, r2, LSR #28\n\t"
+ "LSL r2, r2, #4\n\t"
+ "ORR r2, r2, r1, LSR #28\n\t"
+ "BFC r9, #28, #4\n\t"
+ "SUB %[s], %[s], #0x1c\n\t"
+ /* Add order times bits 504..511 */
+ "MOV r10, #0x2c13\n\t"
+ "MOVT r10, #0xa30a\n\t"
+ "MOV r11, #0x9ce5\n\t"
+ "MOVT r11, #0xa7ed\n\t"
+ "MOV r1, #0x0\n\t"
+ "UMLAL r2, r1, r10, lr\n\t"
+ "UMAAL r3, r1, r11, lr\n\t"
+ "MOV r10, #0x6329\n\t"
+ "MOVT r10, #0x5d08\n\t"
+ "MOV r11, #0x621\n\t"
+ "MOVT r11, #0xeb21\n\t"
+ "UMAAL r4, r1, r10, lr\n\t"
+ "UMAAL r5, r1, r11, lr\n\t"
+ "ADDS r6, r6, r1\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "SUBS r6, r6, lr\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC r9, r9, #0x0\n\t"
+ /* Sub product of top 8 words and order */
+ "MOV r12, sp\n\t"
+ "MOV r1, #0x2c13\n\t"
+ "MOVT r1, #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "UMAAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, r1\n\t"
+ "UMAAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, r1\n\t"
+ "UMAAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, r1\n\t"
+ "BFC r11, #28, #4\n\t"
+ "UMAAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV r1, #0x9ce5\n\t"
+ "MOVT r1, #0xa7ed\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "UMAAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, r1\n\t"
+ "UMAAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, r1\n\t"
+ "UMAAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, r1\n\t"
+ "UMAAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV r1, #0x6329\n\t"
+ "MOVT r1, #0x5d08\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "UMAAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, r1\n\t"
+ "UMAAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, r1\n\t"
+ "UMAAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, r1\n\t"
+ "UMAAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV r1, #0x621\n\t"
+ "MOVT r1, #0xeb21\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, r2, r1\n\t"
+ "UMAAL r11, lr, r3, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, r1\n\t"
+ "UMAAL r11, lr, r5, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, r1\n\t"
+ "UMAAL r11, lr, r7, r1\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, r1\n\t"
+ "UMAAL r11, lr, r9, r1\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ /* Subtract at 4 * 32 */
+ "LDM r12, {r10, r11}\n\t"
+ "SUBS r10, r10, r2\n\t"
+ "SBCS r11, r11, r3\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r4\n\t"
+ "SBCS r11, r11, r5\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBC r11, r11, r9\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "SUB r12, r12, #0x24\n\t"
+ "ASR lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+ "MOV r1, #0xa0000000\n\t"
+ "MOV r2, #0xba7d\n\t"
+ "MOVT r2, #0x4b9e\n\t"
+ "MOV r3, #0x4c63\n\t"
+ "MOVT r3, #0xcb02\n\t"
+ "MOV r4, #0xf39a\n\t"
+ "MOVT r4, #0xd45e\n\t"
+ "MOV r5, #0xdf3b\n\t"
+ "MOVT r5, #0x29b\n\t"
+ "MOV r9, #0x2000000\n\t"
+ "AND r1, r1, lr\n\t"
+ "AND r2, r2, lr\n\t"
+ "AND r3, r3, lr\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r9, r9, lr\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, r1\n\t"
+ "ADCS r11, r11, r2\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, r3\n\t"
+ "ADCS r11, r11, r4\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, r5\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "STM r12!, {r10}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "MOV r12, sp\n\t"
+ /* Load bits 252-376 */
+ "ADD r12, r12, #0x1c\n\t"
+ "LDM r12, {r1, r2, r3, r4, r5}\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, r3, LSR #28\n\t"
+ "LSL r3, r3, #4\n\t"
+ "ORR r3, r3, r2, LSR #28\n\t"
+ "LSL r2, r2, #4\n\t"
+ "ORR r2, r2, r1, LSR #28\n\t"
+ "BFC r5, #29, #3\n\t"
+ "SUB r12, r12, #0x1c\n\t"
+ /* Sub product of top 4 words and order */
+ "MOV %[s], sp\n\t"
+ /* * -5cf5d3ed */
+ "MOV r1, #0x2c13\n\t"
+ "MOVT r1, #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, lr, r2, r1\n\t"
+ "UMAAL r7, lr, r3, r1\n\t"
+ "UMAAL r8, lr, r4, r1\n\t"
+ "UMAAL r9, lr, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -5812631b */
+ "MOV r1, #0x9ce5\n\t"
+ "MOVT r1, #0xa7ed\n\t"
+ "MOV r10, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r10, r2, r1\n\t"
+ "UMAAL r7, r10, r3, r1\n\t"
+ "UMAAL r8, r10, r4, r1\n\t"
+ "UMAAL r9, r10, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -a2f79cd7 */
+ "MOV r1, #0x6329\n\t"
+ "MOVT r1, #0x5d08\n\t"
+ "MOV r11, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r11, r2, r1\n\t"
+ "UMAAL r7, r11, r3, r1\n\t"
+ "UMAAL r8, r11, r4, r1\n\t"
+ "UMAAL r9, r11, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -14def9df */
+ "MOV r1, #0x621\n\t"
+ "MOVT r1, #0xeb21\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r12, r2, r1\n\t"
+ "UMAAL r7, r12, r3, r1\n\t"
+ "UMAAL r8, r12, r4, r1\n\t"
+ "UMAAL r9, r12, r5, r1\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* Add overflows at 4 * 32 */
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "BFC r9, #28, #4\n\t"
+ "ADDS r6, r6, lr\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADCS r8, r8, r11\n\t"
+ "ADC r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "SUBS r6, r6, r2\n\t"
+ "SBCS r7, r7, r3\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBC r1, r1, r1\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "LDM %[s], {r2, r3, r4, r5}\n\t"
+ "MOV r10, #0xd3ed\n\t"
+ "MOVT r10, #0x5cf5\n\t"
+ "MOV r11, #0x631a\n\t"
+ "MOVT r11, #0x5812\n\t"
+ "MOV r12, #0x9cd6\n\t"
+ "MOVT r12, #0xa2f7\n\t"
+ "MOV lr, #0xf9de\n\t"
+ "MOVT lr, #0x14de\n\t"
+ "AND r10, r10, r1\n\t"
+ "AND r11, r11, r1\n\t"
+ "AND r12, r12, r1\n\t"
+ "AND lr, lr, r1\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADCS r5, r5, lr\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "AND r1, r1, #0x10000000\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, r1\n\t"
+ "BFC r9, #28, #4\n\t"
+ /* Store result */
+ "LDR %[s], [sp, #52]\n\t"
+ "STM %[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD sp, sp, #0x38\n\t"
+ : [s] "+r" (s)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifdef HAVE_ED25519_SIGN
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+#else
+void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register byte* s __asm__ ("r0") = (byte*)s_p;
+ register const byte* a __asm__ ("r1") = (const byte*)a_p;
+ register const byte* b __asm__ ("r2") = (const byte*)b_p;
+ register const byte* c __asm__ ("r3") = (const byte*)c_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x50\n\t"
+ "ADD lr, sp, #0x44\n\t"
+ "STM lr, {%[s], %[a], %[c]}\n\t"
+ "MOV %[s], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
+ /* A[0] * B[0] */
+ "LDR lr, [%[b]]\n\t"
+ "UMULL %[c], r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "UMULL r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "UMULL r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "UMULL r9, r10, r12, lr\n\t"
+ "STR %[c], [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "MOV r11, %[s]\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC %[c], %[s], #0x0\n\t"
+ "UMLAL r10, %[c], r12, lr\n\t"
+ /* A[1] * B[0] */
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[1] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r4, %[s], #0x0\n\t"
+ "UMLAL %[c], r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "STR r5, [sp, #8]\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[2] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL %[c], r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r5, %[s], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[3] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL %[c], r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r6, %[s], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[4] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL %[c], r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r7, %[s], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[5] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL %[c], r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r8, %[s], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[6] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL %[c], r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r9, %[s], #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "LDR r12, [%[a], #28]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS %[c], %[c], r11\n\t"
+ /* A[7] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL %[c], r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[s], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r10, %[s], #0x0\n\t"
+ "UMLAL r9, r10, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV %[s], sp\n\t"
+ /* Add c to a * b */
+ "LDR lr, [sp, #76]\n\t"
+ "LDM %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "LDM lr!, {%[a], r10, r11, r12}\n\t"
+ "ADDS %[b], %[b], %[a]\n\t"
+ "ADCS %[c], %[c], r10\n\t"
+ "ADCS r4, r4, r11\n\t"
+ "ADCS r5, r5, r12\n\t"
+ "LDM lr!, {%[a], r10, r11, r12}\n\t"
+ "ADCS r6, r6, %[a]\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADCS r8, r8, r11\n\t"
+ "ADCS r9, r9, r12\n\t"
+ "MOV %[a], r9\n\t"
+ "STM %[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "LDM %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS %[b], %[b], #0x0\n\t"
+ "ADCS %[c], %[c], #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "SUB %[s], %[s], #0x20\n\t"
+ /* Get 252..503 and 504..507 */
+ "LSR lr, r9, #24\n\t"
+ "LSL r9, r9, #4\n\t"
+ "ORR r9, r9, r8, LSR #28\n\t"
+ "LSL r8, r8, #4\n\t"
+ "ORR r8, r8, r7, LSR #28\n\t"
+ "LSL r7, r7, #4\n\t"
+ "ORR r7, r7, r6, LSR #28\n\t"
+ "LSL r6, r6, #4\n\t"
+ "ORR r6, r6, r5, LSR #28\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, %[c], LSR #28\n\t"
+ "LSL %[c], %[c], #4\n\t"
+ "ORR %[c], %[c], %[b], LSR #28\n\t"
+ "LSL %[b], %[b], #4\n\t"
+ "ORR %[b], %[b], %[a], LSR #28\n\t"
+ "BFC r9, #28, #4\n\t"
+ /* Add order times bits 504..507 */
+ "MOV r10, #0x2c13\n\t"
+ "MOVT r10, #0xa30a\n\t"
+ "MOV r11, #0x9ce5\n\t"
+ "MOVT r11, #0xa7ed\n\t"
+ "MOV %[a], #0x0\n\t"
+ "UMLAL %[b], %[a], r10, lr\n\t"
+ "ADDS %[c], %[c], %[a]\n\t"
+ "MOV %[a], #0x0\n\t"
+ "ADC %[a], %[a], #0x0\n\t"
+ "UMLAL %[c], %[a], r11, lr\n\t"
+ "MOV r10, #0x6329\n\t"
+ "MOVT r10, #0x5d08\n\t"
+ "MOV r11, #0x621\n\t"
+ "MOVT r11, #0xeb21\n\t"
+ "ADDS r4, r4, %[a]\n\t"
+ "MOV %[a], #0x0\n\t"
+ "ADC %[a], %[a], #0x0\n\t"
+ "UMLAL r4, %[a], r10, lr\n\t"
+ "ADDS r5, r5, %[a]\n\t"
+ "MOV %[a], #0x0\n\t"
+ "ADC %[a], %[a], #0x0\n\t"
+ "UMLAL r5, %[a], r11, lr\n\t"
+ "ADDS r6, r6, %[a]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "SUBS r6, r6, lr\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC r9, r9, #0x0\n\t"
+ /* Sub product of top 8 words and order */
+ "MOV r12, sp\n\t"
+ "MOV %[a], #0x2c13\n\t"
+ "MOVT %[a], #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, %[a]\n\t"
+ "BFC r11, #28, #4\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV %[a], #0x9ce5\n\t"
+ "MOVT %[a], #0xa7ed\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV %[a], #0x6329\n\t"
+ "MOVT %[a], #0x5d08\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV %[a], #0x621\n\t"
+ "MOVT %[a], #0xeb21\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r4, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r6, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r10, lr, r8, %[a]\n\t"
+ "ADDS r11, r11, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ /* Subtract at 4 * 32 */
+ "LDM r12, {r10, r11}\n\t"
+ "SUBS r10, r10, %[b]\n\t"
+ "SBCS r11, r11, %[c]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r4\n\t"
+ "SBCS r11, r11, r5\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBC r11, r11, r9\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "SUB r12, r12, #0x24\n\t"
+ "ASR lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+ "MOV %[a], #0xa0000000\n\t"
+ "MOV %[b], #0xba7d\n\t"
+ "MOVT %[b], #0x4b9e\n\t"
+ "MOV %[c], #0x4c63\n\t"
+ "MOVT %[c], #0xcb02\n\t"
+ "MOV r4, #0xf39a\n\t"
+ "MOVT r4, #0xd45e\n\t"
+ "MOV r5, #0xdf3b\n\t"
+ "MOVT r5, #0x29b\n\t"
+ "MOV r9, #0x2000000\n\t"
+ "AND %[a], %[a], lr\n\t"
+ "AND %[b], %[b], lr\n\t"
+ "AND %[c], %[c], lr\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r9, r9, lr\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, %[a]\n\t"
+ "ADCS r11, r11, %[b]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, %[c]\n\t"
+ "ADCS r11, r11, r4\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, r5\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "STM r12!, {r10}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "MOV r12, sp\n\t"
+ /* Load bits 252-376 */
+ "ADD r12, r12, #0x1c\n\t"
+ "LDM r12, {%[a], %[b], %[c], r4, r5}\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, %[c], LSR #28\n\t"
+ "LSL %[c], %[c], #4\n\t"
+ "ORR %[c], %[c], %[b], LSR #28\n\t"
+ "LSL %[b], %[b], #4\n\t"
+ "ORR %[b], %[b], %[a], LSR #28\n\t"
+ "BFC r5, #29, #3\n\t"
+ "SUB r12, r12, #0x1c\n\t"
+ /* Sub product of top 4 words and order */
+ "MOV %[s], sp\n\t"
+ /* * -5cf5d3ed */
+ "MOV %[a], #0x2c13\n\t"
+ "MOVT %[a], #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, lr, %[b], %[a]\n\t"
+ "ADDS r7, r7, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r7, lr, %[c], %[a]\n\t"
+ "ADDS r8, r8, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r8, lr, r4, %[a]\n\t"
+ "ADDS r9, r9, lr\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "UMLAL r9, lr, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -5812631b */
+ "MOV %[a], #0x9ce5\n\t"
+ "MOVT %[a], #0xa7ed\n\t"
+ "MOV r10, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r10, %[b], %[a]\n\t"
+ "ADDS r7, r7, r10\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r7, r10, %[c], %[a]\n\t"
+ "ADDS r8, r8, r10\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r8, r10, r4, %[a]\n\t"
+ "ADDS r9, r9, r10\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -a2f79cd7 */
+ "MOV %[a], #0x6329\n\t"
+ "MOVT %[a], #0x5d08\n\t"
+ "MOV r11, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r11, %[b], %[a]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMLAL r7, r11, %[c], %[a]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMLAL r8, r11, r4, %[a]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "UMLAL r9, r11, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -14def9df */
+ "MOV %[a], #0x621\n\t"
+ "MOVT %[a], #0xeb21\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r12, %[b], %[a]\n\t"
+ "ADDS r7, r7, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "UMLAL r7, r12, %[c], %[a]\n\t"
+ "ADDS r8, r8, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "UMLAL r8, r12, r4, %[a]\n\t"
+ "ADDS r9, r9, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "UMLAL r9, r12, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* Add overflows at 4 * 32 */
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "BFC r9, #28, #4\n\t"
+ "ADDS r6, r6, lr\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADCS r8, r8, r11\n\t"
+ "ADC r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "SUBS r6, r6, %[b]\n\t"
+ "SBCS r7, r7, %[c]\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBC %[a], %[a], %[a]\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "LDM %[s], {%[b], %[c], r4, r5}\n\t"
+ "MOV r10, #0xd3ed\n\t"
+ "MOVT r10, #0x5cf5\n\t"
+ "MOV r11, #0x631a\n\t"
+ "MOVT r11, #0x5812\n\t"
+ "MOV r12, #0x9cd6\n\t"
+ "MOVT r12, #0xa2f7\n\t"
+ "MOV lr, #0xf9de\n\t"
+ "MOVT lr, #0x14de\n\t"
+ "AND r10, r10, %[a]\n\t"
+ "AND r11, r11, %[a]\n\t"
+ "AND r12, r12, %[a]\n\t"
+ "AND lr, lr, %[a]\n\t"
+ "ADDS %[b], %[b], r10\n\t"
+ "ADCS %[c], %[c], r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADCS r5, r5, lr\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "AND %[a], %[a], #0x10000000\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, %[a]\n\t"
+ "BFC r9, #28, #4\n\t"
+ "LDR %[s], [sp, #68]\n\t"
+ /* Store result */
+ "STR %[b], [%[s]]\n\t"
+ "STR %[c], [%[s], #4]\n\t"
+ "STR r4, [%[s], #8]\n\t"
+ "STR r5, [%[s], #12]\n\t"
+ "STR r6, [%[s], #16]\n\t"
+ "STR r7, [%[s], #20]\n\t"
+ "STR r8, [%[s], #24]\n\t"
+ "STR r9, [%[s], #28]\n\t"
+ "ADD sp, sp, #0x50\n\t"
+ : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+#else
+void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register byte* s __asm__ ("r0") = (byte*)s_p;
+ register const byte* a __asm__ ("r1") = (const byte*)a_p;
+ register const byte* b __asm__ ("r2") = (const byte*)b_p;
+ register const byte* c __asm__ ("r3") = (const byte*)c_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x50\n\t"
+ "ADD lr, sp, #0x44\n\t"
+ "STM lr, {%[s], %[a], %[c]}\n\t"
+ "MOV lr, %[b]\n\t"
+ "LDM %[a], {%[s], %[a], %[b], %[c]}\n\t"
+ "LDM lr!, {r4, r5, r6}\n\t"
+ "UMULL r10, r11, %[s], r4\n\t"
+ "UMULL r12, r7, %[a], r4\n\t"
+ "UMAAL r11, r12, %[s], r5\n\t"
+ "UMULL r8, r9, %[b], r4\n\t"
+ "UMAAL r12, r8, %[a], r5\n\t"
+ "UMAAL r12, r7, %[s], r6\n\t"
+ "UMAAL r8, r9, %[c], r4\n\t"
+ "STM sp, {r10, r11, r12}\n\t"
+ "UMAAL r7, r8, %[b], r5\n\t"
+ "LDM lr!, {r4}\n\t"
+ "UMULL r10, r11, %[a], r6\n\t"
+ "UMAAL r8, r9, %[b], r6\n\t"
+ "UMAAL r7, r10, %[s], r4\n\t"
+ "UMAAL r8, r11, %[c], r5\n\t"
+ "STR r7, [sp, #12]\n\t"
+ "UMAAL r8, r10, %[a], r4\n\t"
+ "UMAAL r9, r11, %[c], r6\n\t"
+ "UMAAL r9, r10, %[b], r4\n\t"
+ "UMAAL r10, r11, %[c], r4\n\t"
+ "LDM lr, {r4, r5, r6, r7}\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMLAL r8, r12, %[s], r4\n\t"
+ "UMAAL r9, r12, %[a], r4\n\t"
+ "UMAAL r10, r12, %[b], r4\n\t"
+ "UMAAL r11, r12, %[c], r4\n\t"
+ "MOV r4, #0x0\n\t"
+ "UMLAL r9, r4, %[s], r5\n\t"
+ "UMAAL r10, r4, %[a], r5\n\t"
+ "UMAAL r11, r4, %[b], r5\n\t"
+ "UMAAL r12, r4, %[c], r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, %[s], r6\n\t"
+ "UMAAL r11, r5, %[a], r6\n\t"
+ "UMAAL r12, r5, %[b], r6\n\t"
+ "UMAAL r4, r5, %[c], r6\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r11, r6, %[s], r7\n\t"
+ "LDR %[s], [sp, #72]\n\t"
+ "UMAAL r12, r6, %[a], r7\n\t"
+ "ADD %[s], %[s], #0x10\n\t"
+ "UMAAL r4, r6, %[b], r7\n\t"
+ "SUB lr, lr, #0x10\n\t"
+ "UMAAL r5, r6, %[c], r7\n\t"
+ "LDM %[s], {%[s], %[a], %[b], %[c]}\n\t"
+ "STR r6, [sp, #64]\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r8, r7, %[s], r6\n\t"
+ "UMAAL r9, r7, %[a], r6\n\t"
+ "STR r8, [sp, #16]\n\t"
+ "UMAAL r10, r7, %[b], r6\n\t"
+ "UMAAL r11, r7, %[c], r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r8, #0x0\n\t"
+ "UMLAL r9, r8, %[s], r6\n\t"
+ "UMAAL r10, r8, %[a], r6\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "UMAAL r11, r8, %[b], r6\n\t"
+ "UMAAL r12, r8, %[c], r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r10, r9, %[s], r6\n\t"
+ "UMAAL r11, r9, %[a], r6\n\t"
+ "STR r10, [sp, #24]\n\t"
+ "UMAAL r12, r9, %[b], r6\n\t"
+ "UMAAL r4, r9, %[c], r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r10, #0x0\n\t"
+ "UMLAL r11, r10, %[s], r6\n\t"
+ "UMAAL r12, r10, %[a], r6\n\t"
+ "STR r11, [sp, #28]\n\t"
+ "UMAAL r4, r10, %[b], r6\n\t"
+ "UMAAL r5, r10, %[c], r6\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r12, r7, %[s], r11\n\t"
+ "UMAAL r4, r7, %[a], r11\n\t"
+ "LDR r6, [sp, #64]\n\t"
+ "UMAAL r5, r7, %[b], r11\n\t"
+ "UMAAL r6, r7, %[c], r11\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r4, r8, %[s], r11\n\t"
+ "UMAAL r5, r8, %[a], r11\n\t"
+ "UMAAL r6, r8, %[b], r11\n\t"
+ "UMAAL r7, r8, %[c], r11\n\t"
+ "LDM lr, {r11, lr}\n\t"
+ "UMAAL r5, r9, %[s], r11\n\t"
+ "UMAAL r6, r10, %[s], lr\n\t"
+ "UMAAL r6, r9, %[a], r11\n\t"
+ "UMAAL r7, r10, %[a], lr\n\t"
+ "UMAAL r7, r9, %[b], r11\n\t"
+ "UMAAL r8, r10, %[b], lr\n\t"
+ "UMAAL r8, r9, %[c], r11\n\t"
+ "UMAAL r9, r10, %[c], lr\n\t"
+ "MOV %[c], r12\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV %[s], sp\n\t"
+ /* Add c to a * b */
+ "LDR lr, [sp, #76]\n\t"
+ "LDM %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "LDM lr!, {%[a], r10, r11, r12}\n\t"
+ "ADDS %[b], %[b], %[a]\n\t"
+ "ADCS %[c], %[c], r10\n\t"
+ "ADCS r4, r4, r11\n\t"
+ "ADCS r5, r5, r12\n\t"
+ "LDM lr!, {%[a], r10, r11, r12}\n\t"
+ "ADCS r6, r6, %[a]\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADCS r8, r8, r11\n\t"
+ "ADCS r9, r9, r12\n\t"
+ "MOV %[a], r9\n\t"
+ "STM %[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "LDM %[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS %[b], %[b], #0x0\n\t"
+ "ADCS %[c], %[c], #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "SUB %[s], %[s], #0x20\n\t"
+ /* Get 252..503 and 504..507 */
+ "LSR lr, r9, #24\n\t"
+ "LSL r9, r9, #4\n\t"
+ "ORR r9, r9, r8, LSR #28\n\t"
+ "LSL r8, r8, #4\n\t"
+ "ORR r8, r8, r7, LSR #28\n\t"
+ "LSL r7, r7, #4\n\t"
+ "ORR r7, r7, r6, LSR #28\n\t"
+ "LSL r6, r6, #4\n\t"
+ "ORR r6, r6, r5, LSR #28\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, %[c], LSR #28\n\t"
+ "LSL %[c], %[c], #4\n\t"
+ "ORR %[c], %[c], %[b], LSR #28\n\t"
+ "LSL %[b], %[b], #4\n\t"
+ "ORR %[b], %[b], %[a], LSR #28\n\t"
+ "BFC r9, #28, #4\n\t"
+ /* Add order times bits 504..507 */
+ "MOV r10, #0x2c13\n\t"
+ "MOVT r10, #0xa30a\n\t"
+ "MOV r11, #0x9ce5\n\t"
+ "MOVT r11, #0xa7ed\n\t"
+ "MOV %[a], #0x0\n\t"
+ "UMLAL %[b], %[a], r10, lr\n\t"
+ "UMAAL %[c], %[a], r11, lr\n\t"
+ "MOV r10, #0x6329\n\t"
+ "MOVT r10, #0x5d08\n\t"
+ "MOV r11, #0x621\n\t"
+ "MOVT r11, #0xeb21\n\t"
+ "UMAAL r4, %[a], r10, lr\n\t"
+ "UMAAL r5, %[a], r11, lr\n\t"
+ "ADDS r6, r6, %[a]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
+ "SUBS r6, r6, lr\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC r9, r9, #0x0\n\t"
+ /* Sub product of top 8 words and order */
+ "MOV r12, sp\n\t"
+ "MOV %[a], #0x2c13\n\t"
+ "MOVT %[a], #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "UMAAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, %[a]\n\t"
+ "UMAAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, %[a]\n\t"
+ "UMAAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM %[s]!, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, %[a]\n\t"
+ "BFC r11, #28, #4\n\t"
+ "UMAAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV %[a], #0x9ce5\n\t"
+ "MOVT %[a], #0xa7ed\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "UMAAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, %[a]\n\t"
+ "UMAAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, %[a]\n\t"
+ "UMAAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, %[a]\n\t"
+ "UMAAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV %[a], #0x6329\n\t"
+ "MOVT %[a], #0x5d08\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "UMAAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, %[a]\n\t"
+ "UMAAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, %[a]\n\t"
+ "UMAAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, %[a]\n\t"
+ "UMAAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ "MOV %[a], #0x621\n\t"
+ "MOVT %[a], #0xeb21\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMLAL r10, lr, %[b], %[a]\n\t"
+ "UMAAL r11, lr, %[c], %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r4, %[a]\n\t"
+ "UMAAL r11, lr, r5, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r6, %[a]\n\t"
+ "UMAAL r11, lr, r7, %[a]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "UMAAL r10, lr, r8, %[a]\n\t"
+ "UMAAL r11, lr, r9, %[a]\n\t"
+ "STM r12!, {r10, r11, lr}\n\t"
+ "SUB r12, r12, #0x20\n\t"
+ /* Subtract at 4 * 32 */
+ "LDM r12, {r10, r11}\n\t"
+ "SUBS r10, r10, %[b]\n\t"
+ "SBCS r11, r11, %[c]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r4\n\t"
+ "SBCS r11, r11, r5\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "SBCS r10, r10, r8\n\t"
+ "SBC r11, r11, r9\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "SUB r12, r12, #0x24\n\t"
+ "ASR lr, r11, #25\n\t"
+ /* Conditionally subtract order starting at bit 125 */
+ "MOV %[a], #0xa0000000\n\t"
+ "MOV %[b], #0xba7d\n\t"
+ "MOVT %[b], #0x4b9e\n\t"
+ "MOV %[c], #0x4c63\n\t"
+ "MOVT %[c], #0xcb02\n\t"
+ "MOV r4, #0xf39a\n\t"
+ "MOVT r4, #0xd45e\n\t"
+ "MOV r5, #0xdf3b\n\t"
+ "MOVT r5, #0x29b\n\t"
+ "MOV r9, #0x2000000\n\t"
+ "AND %[a], %[a], lr\n\t"
+ "AND %[b], %[b], lr\n\t"
+ "AND %[c], %[c], lr\n\t"
+ "AND r4, r4, lr\n\t"
+ "AND r5, r5, lr\n\t"
+ "AND r9, r9, lr\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADDS r10, r10, %[a]\n\t"
+ "ADCS r11, r11, %[b]\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, %[c]\n\t"
+ "ADCS r11, r11, r4\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, r5\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10, r11}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM r12!, {r10, r11}\n\t"
+ "LDM r12, {r10}\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "STM r12!, {r10}\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "MOV r12, sp\n\t"
+ /* Load bits 252-376 */
+ "ADD r12, r12, #0x1c\n\t"
+ "LDM r12, {%[a], %[b], %[c], r4, r5}\n\t"
+ "LSL r5, r5, #4\n\t"
+ "ORR r5, r5, r4, LSR #28\n\t"
+ "LSL r4, r4, #4\n\t"
+ "ORR r4, r4, %[c], LSR #28\n\t"
+ "LSL %[c], %[c], #4\n\t"
+ "ORR %[c], %[c], %[b], LSR #28\n\t"
+ "LSL %[b], %[b], #4\n\t"
+ "ORR %[b], %[b], %[a], LSR #28\n\t"
+ "BFC r5, #29, #3\n\t"
+ "SUB r12, r12, #0x1c\n\t"
+ /* Sub product of top 4 words and order */
+ "MOV %[s], sp\n\t"
+ /* * -5cf5d3ed */
+ "MOV %[a], #0x2c13\n\t"
+ "MOVT %[a], #0xa30a\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, lr, %[b], %[a]\n\t"
+ "UMAAL r7, lr, %[c], %[a]\n\t"
+ "UMAAL r8, lr, r4, %[a]\n\t"
+ "UMAAL r9, lr, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -5812631b */
+ "MOV %[a], #0x9ce5\n\t"
+ "MOVT %[a], #0xa7ed\n\t"
+ "MOV r10, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r10, %[b], %[a]\n\t"
+ "UMAAL r7, r10, %[c], %[a]\n\t"
+ "UMAAL r8, r10, r4, %[a]\n\t"
+ "UMAAL r9, r10, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -a2f79cd7 */
+ "MOV %[a], #0x6329\n\t"
+ "MOVT %[a], #0x5d08\n\t"
+ "MOV r11, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r11, %[b], %[a]\n\t"
+ "UMAAL r7, r11, %[c], %[a]\n\t"
+ "UMAAL r8, r11, r4, %[a]\n\t"
+ "UMAAL r9, r11, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* * -14def9df */
+ "MOV %[a], #0x621\n\t"
+ "MOVT %[a], #0xeb21\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "UMLAL r6, r12, %[b], %[a]\n\t"
+ "UMAAL r7, r12, %[c], %[a]\n\t"
+ "UMAAL r8, r12, r4, %[a]\n\t"
+ "UMAAL r9, r12, r5, %[a]\n\t"
+ "STM %[s], {r6, r7, r8, r9}\n\t"
+ "ADD %[s], %[s], #0x4\n\t"
+ /* Add overflows at 4 * 32 */
+ "LDM %[s], {r6, r7, r8, r9}\n\t"
+ "BFC r9, #28, #4\n\t"
+ "ADDS r6, r6, lr\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADCS r8, r8, r11\n\t"
+ "ADC r9, r9, r12\n\t"
+ /* Subtract top at 4 * 32 */
+ "SUBS r6, r6, %[b]\n\t"
+ "SBCS r7, r7, %[c]\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBC %[a], %[a], %[a]\n\t"
+ "SUB %[s], %[s], #0x10\n\t"
+ "LDM %[s], {%[b], %[c], r4, r5}\n\t"
+ "MOV r10, #0xd3ed\n\t"
+ "MOVT r10, #0x5cf5\n\t"
+ "MOV r11, #0x631a\n\t"
+ "MOVT r11, #0x5812\n\t"
+ "MOV r12, #0x9cd6\n\t"
+ "MOVT r12, #0xa2f7\n\t"
+ "MOV lr, #0xf9de\n\t"
+ "MOVT lr, #0x14de\n\t"
+ "AND r10, r10, %[a]\n\t"
+ "AND r11, r11, %[a]\n\t"
+ "AND r12, r12, %[a]\n\t"
+ "AND lr, lr, %[a]\n\t"
+ "ADDS %[b], %[b], r10\n\t"
+ "ADCS %[c], %[c], r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADCS r5, r5, lr\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "AND %[a], %[a], #0x10000000\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r9, r9, %[a]\n\t"
+ "BFC r9, #28, #4\n\t"
+ "LDR %[s], [sp, #68]\n\t"
+ /* Store result */
+ "STR %[b], [%[s]]\n\t"
+ "STR %[c], [%[s], #4]\n\t"
+ "STR r4, [%[s], #8]\n\t"
+ "STR r5, [%[s], #12]\n\t"
+ "STR r6, [%[s], #16]\n\t"
+ "STR r7, [%[s], #20]\n\t"
+ "STR r8, [%[s], #24]\n\t"
+ "STR r9, [%[s], #28]\n\t"
+ "ADD sp, sp, #0x50\n\t"
+ : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S
new file mode 100644
index 00000000..30d8dc76
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S
@@ -0,0 +1,1490 @@
+/* thumb2-sha256-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./sha2/sha256.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+ .thumb
+ .syntax unified
+#ifndef NO_SHA256
+#ifdef WOLFSSL_ARMASM_NO_NEON
+ .text
+ .type L_SHA256_transform_len_k, %object
+ .size L_SHA256_transform_len_k, 256
+ .align 4
+L_SHA256_transform_len_k:
+ .word 0x428a2f98
+ .word 0x71374491
+ .word 0xb5c0fbcf
+ .word 0xe9b5dba5
+ .word 0x3956c25b
+ .word 0x59f111f1
+ .word 0x923f82a4
+ .word 0xab1c5ed5
+ .word 0xd807aa98
+ .word 0x12835b01
+ .word 0x243185be
+ .word 0x550c7dc3
+ .word 0x72be5d74
+ .word 0x80deb1fe
+ .word 0x9bdc06a7
+ .word 0xc19bf174
+ .word 0xe49b69c1
+ .word 0xefbe4786
+ .word 0xfc19dc6
+ .word 0x240ca1cc
+ .word 0x2de92c6f
+ .word 0x4a7484aa
+ .word 0x5cb0a9dc
+ .word 0x76f988da
+ .word 0x983e5152
+ .word 0xa831c66d
+ .word 0xb00327c8
+ .word 0xbf597fc7
+ .word 0xc6e00bf3
+ .word 0xd5a79147
+ .word 0x6ca6351
+ .word 0x14292967
+ .word 0x27b70a85
+ .word 0x2e1b2138
+ .word 0x4d2c6dfc
+ .word 0x53380d13
+ .word 0x650a7354
+ .word 0x766a0abb
+ .word 0x81c2c92e
+ .word 0x92722c85
+ .word 0xa2bfe8a1
+ .word 0xa81a664b
+ .word 0xc24b8b70
+ .word 0xc76c51a3
+ .word 0xd192e819
+ .word 0xd6990624
+ .word 0xf40e3585
+ .word 0x106aa070
+ .word 0x19a4c116
+ .word 0x1e376c08
+ .word 0x2748774c
+ .word 0x34b0bcb5
+ .word 0x391c0cb3
+ .word 0x4ed8aa4a
+ .word 0x5b9cca4f
+ .word 0x682e6ff3
+ .word 0x748f82ee
+ .word 0x78a5636f
+ .word 0x84c87814
+ .word 0x8cc70208
+ .word 0x90befffa
+ .word 0xa4506ceb
+ .word 0xbef9a3f7
+ .word 0xc67178f2
+ .text
+ .align 4
+ .globl Transform_Sha256_Len
+ .type Transform_Sha256_Len, %function
+Transform_Sha256_Len:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0xc0
+ ADR r3, L_SHA256_transform_len_k
+ /* Copy digest to add in at end */
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ LDRD r10, r11, [r0, #24]
+ STRD r4, r5, [sp, #64]
+ STRD r6, r7, [sp, #72]
+ STRD r8, r9, [sp, #80]
+ STRD r10, r11, [sp, #88]
+ /* Start of loop processing a block */
+L_SHA256_transform_len_begin:
+ /* Load, Reverse and Store W - 64 bytes */
+ LDR r4, [r1]
+ LDR r5, [r1, #4]
+ LDR r6, [r1, #8]
+ LDR r7, [r1, #12]
+ LDR r8, [r1, #16]
+ LDR r9, [r1, #20]
+ LDR r10, [r1, #24]
+ LDR r11, [r1, #28]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STRD r4, r5, [sp]
+ STRD r6, r7, [sp, #8]
+ STRD r8, r9, [sp, #16]
+ STRD r10, r11, [sp, #24]
+ LDR r4, [r1, #32]
+ LDR r5, [r1, #36]
+ LDR r6, [r1, #40]
+ LDR r7, [r1, #44]
+ LDR r8, [r1, #48]
+ LDR r9, [r1, #52]
+ LDR r10, [r1, #56]
+ LDR r11, [r1, #60]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STRD r4, r5, [sp, #32]
+ STRD r6, r7, [sp, #40]
+ STRD r8, r9, [sp, #48]
+ STRD r10, r11, [sp, #56]
+ LDR r11, [r0, #4]
+ LDR r4, [r0, #8]
+ EOR r11, r11, r4
+ MOV r12, #0x3
+ /* Start of 16 rounds */
+L_SHA256_transform_len_start:
+ /* Round 0 */
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r9, [r0, #28]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp]
+ LDR r6, [r3]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r8, [r0, #12]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #12]
+ STR r9, [r0, #28]
+ /* Calc new W[0] */
+ LDR r6, [sp, #56]
+ LDR r7, [sp, #36]
+ LDR r8, [sp, #4]
+ LDR r9, [sp]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp]
+ /* Round 1 */
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r9, [r0, #24]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #4]
+ LDR r6, [r3, #4]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r8, [r0, #8]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #8]
+ STR r9, [r0, #24]
+ /* Calc new W[1] */
+ LDR r6, [sp, #60]
+ LDR r7, [sp, #40]
+ LDR r8, [sp, #8]
+ LDR r9, [sp, #4]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #4]
+ /* Round 2 */
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r9, [r0, #20]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #8]
+ LDR r6, [r3, #8]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r8, [r0, #4]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #4]
+ STR r9, [r0, #20]
+ /* Calc new W[2] */
+ LDR r6, [sp]
+ LDR r7, [sp, #44]
+ LDR r8, [sp, #12]
+ LDR r9, [sp, #8]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #8]
+ /* Round 3 */
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r9, [r0, #16]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #12]
+ LDR r6, [r3, #12]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r8, [r0]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0]
+ STR r9, [r0, #16]
+ /* Calc new W[3] */
+ LDR r6, [sp, #4]
+ LDR r7, [sp, #48]
+ LDR r8, [sp, #16]
+ LDR r9, [sp, #12]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #12]
+ /* Round 4 */
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r9, [r0, #12]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #16]
+ LDR r6, [r3, #16]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r8, [r0, #28]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #28]
+ STR r9, [r0, #12]
+ /* Calc new W[4] */
+ LDR r6, [sp, #8]
+ LDR r7, [sp, #52]
+ LDR r8, [sp, #20]
+ LDR r9, [sp, #16]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #16]
+ /* Round 5 */
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r9, [r0, #8]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #20]
+ LDR r6, [r3, #20]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r8, [r0, #24]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #24]
+ STR r9, [r0, #8]
+ /* Calc new W[5] */
+ LDR r6, [sp, #12]
+ LDR r7, [sp, #56]
+ LDR r8, [sp, #24]
+ LDR r9, [sp, #20]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #20]
+ /* Round 6 */
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r9, [r0, #4]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #24]
+ LDR r6, [r3, #24]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r8, [r0, #20]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #20]
+ STR r9, [r0, #4]
+ /* Calc new W[6] */
+ LDR r6, [sp, #16]
+ LDR r7, [sp, #60]
+ LDR r8, [sp, #28]
+ LDR r9, [sp, #24]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #24]
+ /* Round 7 */
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r9, [r0]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #28]
+ LDR r6, [r3, #28]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r8, [r0, #16]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #16]
+ STR r9, [r0]
+ /* Calc new W[7] */
+ LDR r6, [sp, #20]
+ LDR r7, [sp]
+ LDR r8, [sp, #32]
+ LDR r9, [sp, #28]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #28]
+ /* Round 8 */
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r9, [r0, #28]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #32]
+ LDR r6, [r3, #32]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r8, [r0, #12]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #12]
+ STR r9, [r0, #28]
+ /* Calc new W[8] */
+ LDR r6, [sp, #24]
+ LDR r7, [sp, #4]
+ LDR r8, [sp, #36]
+ LDR r9, [sp, #32]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #32]
+ /* Round 9 */
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r9, [r0, #24]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #36]
+ LDR r6, [r3, #36]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r8, [r0, #8]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #8]
+ STR r9, [r0, #24]
+ /* Calc new W[9] */
+ LDR r6, [sp, #28]
+ LDR r7, [sp, #8]
+ LDR r8, [sp, #40]
+ LDR r9, [sp, #36]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #36]
+ /* Round 10 */
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r9, [r0, #20]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #40]
+ LDR r6, [r3, #40]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r8, [r0, #4]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #4]
+ STR r9, [r0, #20]
+ /* Calc new W[10] */
+ LDR r6, [sp, #32]
+ LDR r7, [sp, #12]
+ LDR r8, [sp, #44]
+ LDR r9, [sp, #40]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #40]
+ /* Round 11 */
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r9, [r0, #16]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #44]
+ LDR r6, [r3, #44]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r8, [r0]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0]
+ STR r9, [r0, #16]
+ /* Calc new W[11] */
+ LDR r6, [sp, #36]
+ LDR r7, [sp, #16]
+ LDR r8, [sp, #48]
+ LDR r9, [sp, #44]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #44]
+ /* Round 12 */
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r9, [r0, #12]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #48]
+ LDR r6, [r3, #48]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r8, [r0, #28]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #28]
+ STR r9, [r0, #12]
+ /* Calc new W[12] */
+ LDR r6, [sp, #40]
+ LDR r7, [sp, #20]
+ LDR r8, [sp, #52]
+ LDR r9, [sp, #48]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #48]
+ /* Round 13 */
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r9, [r0, #8]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #52]
+ LDR r6, [r3, #52]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r8, [r0, #24]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #24]
+ STR r9, [r0, #8]
+ /* Calc new W[13] */
+ LDR r6, [sp, #44]
+ LDR r7, [sp, #24]
+ LDR r8, [sp, #56]
+ LDR r9, [sp, #52]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #52]
+ /* Round 14 */
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r9, [r0, #4]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #56]
+ LDR r6, [r3, #56]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r8, [r0, #20]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #20]
+ STR r9, [r0, #4]
+ /* Calc new W[14] */
+ LDR r6, [sp, #48]
+ LDR r7, [sp, #28]
+ LDR r8, [sp, #60]
+ LDR r9, [sp, #56]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #56]
+ /* Round 15 */
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r9, [r0]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #60]
+ LDR r6, [r3, #60]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r8, [r0, #16]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #16]
+ STR r9, [r0]
+ /* Calc new W[15] */
+ LDR r6, [sp, #52]
+ LDR r7, [sp, #32]
+ LDR r8, [sp]
+ LDR r9, [sp, #60]
+ ROR r4, r6, #17
+ ROR r5, r8, #7
+ EOR r4, r4, r6, ROR #19
+ EOR r5, r5, r8, ROR #18
+ EOR r4, r4, r6, LSR #10
+ EOR r5, r5, r8, LSR #3
+ ADD r9, r9, r7
+ ADD r4, r4, r5
+ ADD r9, r9, r4
+ STR r9, [sp, #60]
+ ADD r3, r3, #0x40
+ SUBS r12, r12, #0x1
+#ifdef __GNUC__
+ BNE L_SHA256_transform_len_start
+#else
+ BNE.W L_SHA256_transform_len_start
+#endif
+ /* Round 0 */
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r9, [r0, #28]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp]
+ LDR r6, [r3]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r8, [r0, #12]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #12]
+ STR r9, [r0, #28]
+ /* Round 1 */
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r9, [r0, #24]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #4]
+ LDR r6, [r3, #4]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r8, [r0, #8]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #8]
+ STR r9, [r0, #24]
+ /* Round 2 */
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r9, [r0, #20]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #8]
+ LDR r6, [r3, #8]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r8, [r0, #4]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #4]
+ STR r9, [r0, #20]
+ /* Round 3 */
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r9, [r0, #16]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #12]
+ LDR r6, [r3, #12]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r8, [r0]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0]
+ STR r9, [r0, #16]
+ /* Round 4 */
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r9, [r0, #12]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #16]
+ LDR r6, [r3, #16]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r8, [r0, #28]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #28]
+ STR r9, [r0, #12]
+ /* Round 5 */
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r9, [r0, #8]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #20]
+ LDR r6, [r3, #20]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r8, [r0, #24]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #24]
+ STR r9, [r0, #8]
+ /* Round 6 */
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r9, [r0, #4]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #24]
+ LDR r6, [r3, #24]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r8, [r0, #20]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #20]
+ STR r9, [r0, #4]
+ /* Round 7 */
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r9, [r0]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #28]
+ LDR r6, [r3, #28]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r8, [r0, #16]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #16]
+ STR r9, [r0]
+ /* Round 8 */
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r9, [r0, #28]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #32]
+ LDR r6, [r3, #32]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r8, [r0, #12]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #12]
+ STR r9, [r0, #28]
+ /* Round 9 */
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r9, [r0, #24]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #36]
+ LDR r6, [r3, #36]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r8, [r0, #8]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #8]
+ STR r9, [r0, #24]
+ /* Round 10 */
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r9, [r0, #20]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #40]
+ LDR r6, [r3, #40]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r8, [r0, #4]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #4]
+ STR r9, [r0, #20]
+ /* Round 11 */
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r9, [r0, #16]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #44]
+ LDR r6, [r3, #44]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r8, [r0]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0]
+ STR r9, [r0, #16]
+ /* Round 12 */
+ LDR r5, [r0]
+ LDR r6, [r0, #4]
+ LDR r7, [r0, #8]
+ LDR r9, [r0, #12]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #48]
+ LDR r6, [r3, #48]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #16]
+ LDR r6, [r0, #20]
+ LDR r7, [r0, #24]
+ LDR r8, [r0, #28]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #28]
+ STR r9, [r0, #12]
+ /* Round 13 */
+ LDR r5, [r0, #28]
+ LDR r6, [r0]
+ LDR r7, [r0, #4]
+ LDR r9, [r0, #8]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #52]
+ LDR r6, [r3, #52]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #12]
+ LDR r6, [r0, #16]
+ LDR r7, [r0, #20]
+ LDR r8, [r0, #24]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #24]
+ STR r9, [r0, #8]
+ /* Round 14 */
+ LDR r5, [r0, #24]
+ LDR r6, [r0, #28]
+ LDR r7, [r0]
+ LDR r9, [r0, #4]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #56]
+ LDR r6, [r3, #56]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #8]
+ LDR r6, [r0, #12]
+ LDR r7, [r0, #16]
+ LDR r8, [r0, #20]
+ ROR r4, r5, #2
+ EOR r10, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r11, r11, r10
+ EOR r4, r4, r5, ROR #22
+ EOR r11, r11, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r11
+ STR r8, [r0, #20]
+ STR r9, [r0, #4]
+ /* Round 15 */
+ LDR r5, [r0, #20]
+ LDR r6, [r0, #24]
+ LDR r7, [r0, #28]
+ LDR r9, [r0]
+ ROR r4, r5, #6
+ EOR r6, r6, r7
+ EOR r4, r4, r5, ROR #11
+ AND r6, r6, r5
+ EOR r4, r4, r5, ROR #25
+ EOR r6, r6, r7
+ ADD r9, r9, r4
+ ADD r9, r9, r6
+ LDR r5, [sp, #60]
+ LDR r6, [r3, #60]
+ ADD r9, r9, r5
+ ADD r9, r9, r6
+ LDR r5, [r0, #4]
+ LDR r6, [r0, #8]
+ LDR r7, [r0, #12]
+ LDR r8, [r0, #16]
+ ROR r4, r5, #2
+ EOR r11, r5, r6
+ EOR r4, r4, r5, ROR #13
+ AND r10, r10, r11
+ EOR r4, r4, r5, ROR #22
+ EOR r10, r10, r6
+ ADD r8, r8, r9
+ ADD r9, r9, r4
+ ADD r9, r9, r10
+ STR r8, [r0, #16]
+ STR r9, [r0]
+ /* Add in digest from start */
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [sp, #64]
+ LDRD r10, r11, [sp, #72]
+ ADD r4, r4, r8
+ ADD r5, r5, r9
+ ADD r6, r6, r10
+ ADD r7, r7, r11
+ STRD r4, r5, [r0]
+ STRD r6, r7, [r0, #8]
+ STRD r4, r5, [sp, #64]
+ STRD r6, r7, [sp, #72]
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ LDRD r8, r9, [sp, #80]
+ LDRD r10, r11, [sp, #88]
+ ADD r4, r4, r8
+ ADD r5, r5, r9
+ ADD r6, r6, r10
+ ADD r7, r7, r11
+ STRD r4, r5, [r0, #16]
+ STRD r6, r7, [r0, #24]
+ STRD r4, r5, [sp, #80]
+ STRD r6, r7, [sp, #88]
+ SUBS r2, r2, #0x40
+ SUB r3, r3, #0xc0
+ ADD r1, r1, #0x40
+#ifdef __GNUC__
+ BNE L_SHA256_transform_len_begin
+#else
+ BNE.W L_SHA256_transform_len_begin
+#endif
+ ADD sp, sp, #0xc0
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 1874 */
+ .size Transform_Sha256_Len,.-Transform_Sha256_Len
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* !NO_SHA256 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
new file mode 100644
index 00000000..4654dd21
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
@@ -0,0 +1,1477 @@
+/* thumb2-sha256-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./sha2/sha256.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
+#ifndef NO_SHA256
+#include <wolfssl/wolfcrypt/sha256.h>
+
+#ifdef WOLFSSL_ARMASM_NO_NEON
+static const uint32_t L_SHA256_transform_len_k[] = {
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
+};
+
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
+#else
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register wc_Sha256* sha256 __asm__ ("r0") = (wc_Sha256*)sha256_p;
+ register const byte* data __asm__ ("r1") = (const byte*)data_p;
+ register word32 len __asm__ ("r2") = (word32)len_p;
+ register uint32_t* L_SHA256_transform_len_k_c __asm__ ("r3") = (uint32_t*)&L_SHA256_transform_len_k;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0xc0\n\t"
+ "MOV r3, %[L_SHA256_transform_len_k]\n\t"
+ /* Copy digest to add in at end */
+ "LDRD r4, r5, [%[sha256]]\n\t"
+ "LDRD r6, r7, [%[sha256], #8]\n\t"
+ "LDRD r8, r9, [%[sha256], #16]\n\t"
+ "LDRD r10, r11, [%[sha256], #24]\n\t"
+ "STRD r4, r5, [sp, #64]\n\t"
+ "STRD r6, r7, [sp, #72]\n\t"
+ "STRD r8, r9, [sp, #80]\n\t"
+ "STRD r10, r11, [sp, #88]\n\t"
+ /* Start of loop processing a block */
+ "\n"
+ "L_SHA256_transform_len_begin:\n\t"
+ /* Load, Reverse and Store W - 64 bytes */
+ "LDR r4, [%[data]]\n\t"
+ "LDR r5, [%[data], #4]\n\t"
+ "LDR r6, [%[data], #8]\n\t"
+ "LDR r7, [%[data], #12]\n\t"
+ "LDR r8, [%[data], #16]\n\t"
+ "LDR r9, [%[data], #20]\n\t"
+ "LDR r10, [%[data], #24]\n\t"
+ "LDR r11, [%[data], #28]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STRD r4, r5, [sp]\n\t"
+ "STRD r6, r7, [sp, #8]\n\t"
+ "STRD r8, r9, [sp, #16]\n\t"
+ "STRD r10, r11, [sp, #24]\n\t"
+ "LDR r4, [%[data], #32]\n\t"
+ "LDR r5, [%[data], #36]\n\t"
+ "LDR r6, [%[data], #40]\n\t"
+ "LDR r7, [%[data], #44]\n\t"
+ "LDR r8, [%[data], #48]\n\t"
+ "LDR r9, [%[data], #52]\n\t"
+ "LDR r10, [%[data], #56]\n\t"
+ "LDR r11, [%[data], #60]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STRD r4, r5, [sp, #32]\n\t"
+ "STRD r6, r7, [sp, #40]\n\t"
+ "STRD r8, r9, [sp, #48]\n\t"
+ "STRD r10, r11, [sp, #56]\n\t"
+ "LDR r11, [%[sha256], #4]\n\t"
+ "LDR r4, [%[sha256], #8]\n\t"
+ "EOR r11, r11, r4\n\t"
+ "MOV r12, #0x3\n\t"
+ /* Start of 16 rounds */
+ "\n"
+ "L_SHA256_transform_len_start:\n\t"
+ /* Round 0 */
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r9, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp]\n\t"
+ "LDR r6, [r3]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r8, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #12]\n\t"
+ "STR r9, [%[sha256], #28]\n\t"
+ /* Calc new W[0] */
+ "LDR r6, [sp, #56]\n\t"
+ "LDR r7, [sp, #36]\n\t"
+ "LDR r8, [sp, #4]\n\t"
+ "LDR r9, [sp]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp]\n\t"
+ /* Round 1 */
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r9, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #4]\n\t"
+ "LDR r6, [r3, #4]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r8, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #8]\n\t"
+ "STR r9, [%[sha256], #24]\n\t"
+ /* Calc new W[1] */
+ "LDR r6, [sp, #60]\n\t"
+ "LDR r7, [sp, #40]\n\t"
+ "LDR r8, [sp, #8]\n\t"
+ "LDR r9, [sp, #4]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #4]\n\t"
+ /* Round 2 */
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r9, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #8]\n\t"
+ "LDR r6, [r3, #8]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r8, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #4]\n\t"
+ "STR r9, [%[sha256], #20]\n\t"
+ /* Calc new W[2] */
+ "LDR r6, [sp]\n\t"
+ "LDR r7, [sp, #44]\n\t"
+ "LDR r8, [sp, #12]\n\t"
+ "LDR r9, [sp, #8]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #8]\n\t"
+ /* Round 3 */
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r9, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #12]\n\t"
+ "LDR r6, [r3, #12]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r8, [%[sha256]]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256]]\n\t"
+ "STR r9, [%[sha256], #16]\n\t"
+ /* Calc new W[3] */
+ "LDR r6, [sp, #4]\n\t"
+ "LDR r7, [sp, #48]\n\t"
+ "LDR r8, [sp, #16]\n\t"
+ "LDR r9, [sp, #12]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #12]\n\t"
+ /* Round 4 */
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r9, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #16]\n\t"
+ "LDR r6, [r3, #16]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r8, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #28]\n\t"
+ "STR r9, [%[sha256], #12]\n\t"
+ /* Calc new W[4] */
+ "LDR r6, [sp, #8]\n\t"
+ "LDR r7, [sp, #52]\n\t"
+ "LDR r8, [sp, #20]\n\t"
+ "LDR r9, [sp, #16]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #16]\n\t"
+ /* Round 5 */
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r9, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #20]\n\t"
+ "LDR r6, [r3, #20]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r8, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #24]\n\t"
+ "STR r9, [%[sha256], #8]\n\t"
+ /* Calc new W[5] */
+ "LDR r6, [sp, #12]\n\t"
+ "LDR r7, [sp, #56]\n\t"
+ "LDR r8, [sp, #24]\n\t"
+ "LDR r9, [sp, #20]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #20]\n\t"
+ /* Round 6 */
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r9, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #24]\n\t"
+ "LDR r6, [r3, #24]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r8, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #20]\n\t"
+ "STR r9, [%[sha256], #4]\n\t"
+ /* Calc new W[6] */
+ "LDR r6, [sp, #16]\n\t"
+ "LDR r7, [sp, #60]\n\t"
+ "LDR r8, [sp, #28]\n\t"
+ "LDR r9, [sp, #24]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #24]\n\t"
+ /* Round 7 */
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r9, [%[sha256]]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #28]\n\t"
+ "LDR r6, [r3, #28]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r8, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #16]\n\t"
+ "STR r9, [%[sha256]]\n\t"
+ /* Calc new W[7] */
+ "LDR r6, [sp, #20]\n\t"
+ "LDR r7, [sp]\n\t"
+ "LDR r8, [sp, #32]\n\t"
+ "LDR r9, [sp, #28]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #28]\n\t"
+ /* Round 8 */
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r9, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #32]\n\t"
+ "LDR r6, [r3, #32]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r8, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #12]\n\t"
+ "STR r9, [%[sha256], #28]\n\t"
+ /* Calc new W[8] */
+ "LDR r6, [sp, #24]\n\t"
+ "LDR r7, [sp, #4]\n\t"
+ "LDR r8, [sp, #36]\n\t"
+ "LDR r9, [sp, #32]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #32]\n\t"
+ /* Round 9 */
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r9, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #36]\n\t"
+ "LDR r6, [r3, #36]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r8, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #8]\n\t"
+ "STR r9, [%[sha256], #24]\n\t"
+ /* Calc new W[9] */
+ "LDR r6, [sp, #28]\n\t"
+ "LDR r7, [sp, #8]\n\t"
+ "LDR r8, [sp, #40]\n\t"
+ "LDR r9, [sp, #36]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #36]\n\t"
+ /* Round 10 */
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r9, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #40]\n\t"
+ "LDR r6, [r3, #40]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r8, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #4]\n\t"
+ "STR r9, [%[sha256], #20]\n\t"
+ /* Calc new W[10] */
+ "LDR r6, [sp, #32]\n\t"
+ "LDR r7, [sp, #12]\n\t"
+ "LDR r8, [sp, #44]\n\t"
+ "LDR r9, [sp, #40]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #40]\n\t"
+ /* Round 11 */
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r9, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #44]\n\t"
+ "LDR r6, [r3, #44]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r8, [%[sha256]]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256]]\n\t"
+ "STR r9, [%[sha256], #16]\n\t"
+ /* Calc new W[11] */
+ "LDR r6, [sp, #36]\n\t"
+ "LDR r7, [sp, #16]\n\t"
+ "LDR r8, [sp, #48]\n\t"
+ "LDR r9, [sp, #44]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #44]\n\t"
+ /* Round 12 */
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r9, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #48]\n\t"
+ "LDR r6, [r3, #48]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r8, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #28]\n\t"
+ "STR r9, [%[sha256], #12]\n\t"
+ /* Calc new W[12] */
+ "LDR r6, [sp, #40]\n\t"
+ "LDR r7, [sp, #20]\n\t"
+ "LDR r8, [sp, #52]\n\t"
+ "LDR r9, [sp, #48]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #48]\n\t"
+ /* Round 13 */
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r9, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #52]\n\t"
+ "LDR r6, [r3, #52]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r8, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #24]\n\t"
+ "STR r9, [%[sha256], #8]\n\t"
+ /* Calc new W[13] */
+ "LDR r6, [sp, #44]\n\t"
+ "LDR r7, [sp, #24]\n\t"
+ "LDR r8, [sp, #56]\n\t"
+ "LDR r9, [sp, #52]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #52]\n\t"
+ /* Round 14 */
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r9, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #56]\n\t"
+ "LDR r6, [r3, #56]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r8, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #20]\n\t"
+ "STR r9, [%[sha256], #4]\n\t"
+ /* Calc new W[14] */
+ "LDR r6, [sp, #48]\n\t"
+ "LDR r7, [sp, #28]\n\t"
+ "LDR r8, [sp, #60]\n\t"
+ "LDR r9, [sp, #56]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #56]\n\t"
+ /* Round 15 */
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r9, [%[sha256]]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #60]\n\t"
+ "LDR r6, [r3, #60]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r8, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #16]\n\t"
+ "STR r9, [%[sha256]]\n\t"
+ /* Calc new W[15] */
+ "LDR r6, [sp, #52]\n\t"
+ "LDR r7, [sp, #32]\n\t"
+ "LDR r8, [sp]\n\t"
+ "LDR r9, [sp, #60]\n\t"
+ "ROR r4, r6, #17\n\t"
+ "ROR r5, r8, #7\n\t"
+ "EOR r4, r4, r6, ROR #19\n\t"
+ "EOR r5, r5, r8, ROR #18\n\t"
+ "EOR r4, r4, r6, LSR #10\n\t"
+ "EOR r5, r5, r8, LSR #3\n\t"
+ "ADD r9, r9, r7\n\t"
+ "ADD r4, r4, r5\n\t"
+ "ADD r9, r9, r4\n\t"
+ "STR r9, [sp, #60]\n\t"
+ "ADD r3, r3, #0x40\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#ifdef __GNUC__
+ "BNE L_SHA256_transform_len_start\n\t"
+#else
+ "BNE.W L_SHA256_transform_len_start\n\t"
+#endif
+ /* Round 0 */
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r9, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp]\n\t"
+ "LDR r6, [r3]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r8, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #12]\n\t"
+ "STR r9, [%[sha256], #28]\n\t"
+ /* Round 1 */
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r9, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #4]\n\t"
+ "LDR r6, [r3, #4]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r8, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #8]\n\t"
+ "STR r9, [%[sha256], #24]\n\t"
+ /* Round 2 */
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r9, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #8]\n\t"
+ "LDR r6, [r3, #8]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r8, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #4]\n\t"
+ "STR r9, [%[sha256], #20]\n\t"
+ /* Round 3 */
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r9, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #12]\n\t"
+ "LDR r6, [r3, #12]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r8, [%[sha256]]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256]]\n\t"
+ "STR r9, [%[sha256], #16]\n\t"
+ /* Round 4 */
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r9, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #16]\n\t"
+ "LDR r6, [r3, #16]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r8, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #28]\n\t"
+ "STR r9, [%[sha256], #12]\n\t"
+ /* Round 5 */
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r9, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #20]\n\t"
+ "LDR r6, [r3, #20]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r8, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #24]\n\t"
+ "STR r9, [%[sha256], #8]\n\t"
+ /* Round 6 */
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r9, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #24]\n\t"
+ "LDR r6, [r3, #24]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r8, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #20]\n\t"
+ "STR r9, [%[sha256], #4]\n\t"
+ /* Round 7 */
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r9, [%[sha256]]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #28]\n\t"
+ "LDR r6, [r3, #28]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r8, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #16]\n\t"
+ "STR r9, [%[sha256]]\n\t"
+ /* Round 8 */
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r9, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #32]\n\t"
+ "LDR r6, [r3, #32]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r8, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #12]\n\t"
+ "STR r9, [%[sha256], #28]\n\t"
+ /* Round 9 */
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r9, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #36]\n\t"
+ "LDR r6, [r3, #36]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r8, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #8]\n\t"
+ "STR r9, [%[sha256], #24]\n\t"
+ /* Round 10 */
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r9, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #40]\n\t"
+ "LDR r6, [r3, #40]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r8, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #4]\n\t"
+ "STR r9, [%[sha256], #20]\n\t"
+ /* Round 11 */
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r9, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #44]\n\t"
+ "LDR r6, [r3, #44]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r8, [%[sha256]]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256]]\n\t"
+ "STR r9, [%[sha256], #16]\n\t"
+ /* Round 12 */
+ "LDR r5, [%[sha256]]\n\t"
+ "LDR r6, [%[sha256], #4]\n\t"
+ "LDR r7, [%[sha256], #8]\n\t"
+ "LDR r9, [%[sha256], #12]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #48]\n\t"
+ "LDR r6, [r3, #48]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #16]\n\t"
+ "LDR r6, [%[sha256], #20]\n\t"
+ "LDR r7, [%[sha256], #24]\n\t"
+ "LDR r8, [%[sha256], #28]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #28]\n\t"
+ "STR r9, [%[sha256], #12]\n\t"
+ /* Round 13 */
+ "LDR r5, [%[sha256], #28]\n\t"
+ "LDR r6, [%[sha256]]\n\t"
+ "LDR r7, [%[sha256], #4]\n\t"
+ "LDR r9, [%[sha256], #8]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #52]\n\t"
+ "LDR r6, [r3, #52]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #12]\n\t"
+ "LDR r6, [%[sha256], #16]\n\t"
+ "LDR r7, [%[sha256], #20]\n\t"
+ "LDR r8, [%[sha256], #24]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #24]\n\t"
+ "STR r9, [%[sha256], #8]\n\t"
+ /* Round 14 */
+ "LDR r5, [%[sha256], #24]\n\t"
+ "LDR r6, [%[sha256], #28]\n\t"
+ "LDR r7, [%[sha256]]\n\t"
+ "LDR r9, [%[sha256], #4]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #56]\n\t"
+ "LDR r6, [r3, #56]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #8]\n\t"
+ "LDR r6, [%[sha256], #12]\n\t"
+ "LDR r7, [%[sha256], #16]\n\t"
+ "LDR r8, [%[sha256], #20]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r10, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r11, r11, r10\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r11, r11, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r11\n\t"
+ "STR r8, [%[sha256], #20]\n\t"
+ "STR r9, [%[sha256], #4]\n\t"
+ /* Round 15 */
+ "LDR r5, [%[sha256], #20]\n\t"
+ "LDR r6, [%[sha256], #24]\n\t"
+ "LDR r7, [%[sha256], #28]\n\t"
+ "LDR r9, [%[sha256]]\n\t"
+ "ROR r4, r5, #6\n\t"
+ "EOR r6, r6, r7\n\t"
+ "EOR r4, r4, r5, ROR #11\n\t"
+ "AND r6, r6, r5\n\t"
+ "EOR r4, r4, r5, ROR #25\n\t"
+ "EOR r6, r6, r7\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [sp, #60]\n\t"
+ "LDR r6, [r3, #60]\n\t"
+ "ADD r9, r9, r5\n\t"
+ "ADD r9, r9, r6\n\t"
+ "LDR r5, [%[sha256], #4]\n\t"
+ "LDR r6, [%[sha256], #8]\n\t"
+ "LDR r7, [%[sha256], #12]\n\t"
+ "LDR r8, [%[sha256], #16]\n\t"
+ "ROR r4, r5, #2\n\t"
+ "EOR r11, r5, r6\n\t"
+ "EOR r4, r4, r5, ROR #13\n\t"
+ "AND r10, r10, r11\n\t"
+ "EOR r4, r4, r5, ROR #22\n\t"
+ "EOR r10, r10, r6\n\t"
+ "ADD r8, r8, r9\n\t"
+ "ADD r9, r9, r4\n\t"
+ "ADD r9, r9, r10\n\t"
+ "STR r8, [%[sha256], #16]\n\t"
+ "STR r9, [%[sha256]]\n\t"
+ /* Add in digest from start */
+ "LDRD r4, r5, [%[sha256]]\n\t"
+ "LDRD r6, r7, [%[sha256], #8]\n\t"
+ "LDRD r8, r9, [sp, #64]\n\t"
+ "LDRD r10, r11, [sp, #72]\n\t"
+ "ADD r4, r4, r8\n\t"
+ "ADD r5, r5, r9\n\t"
+ "ADD r6, r6, r10\n\t"
+ "ADD r7, r7, r11\n\t"
+ "STRD r4, r5, [%[sha256]]\n\t"
+ "STRD r6, r7, [%[sha256], #8]\n\t"
+ "STRD r4, r5, [sp, #64]\n\t"
+ "STRD r6, r7, [sp, #72]\n\t"
+ "LDRD r4, r5, [%[sha256], #16]\n\t"
+ "LDRD r6, r7, [%[sha256], #24]\n\t"
+ "LDRD r8, r9, [sp, #80]\n\t"
+ "LDRD r10, r11, [sp, #88]\n\t"
+ "ADD r4, r4, r8\n\t"
+ "ADD r5, r5, r9\n\t"
+ "ADD r6, r6, r10\n\t"
+ "ADD r7, r7, r11\n\t"
+ "STRD r4, r5, [%[sha256], #16]\n\t"
+ "STRD r6, r7, [%[sha256], #24]\n\t"
+ "STRD r4, r5, [sp, #80]\n\t"
+ "STRD r6, r7, [sp, #88]\n\t"
+ "SUBS %[len], %[len], #0x40\n\t"
+ "SUB r3, r3, #0xc0\n\t"
+ "ADD %[data], %[data], #0x40\n\t"
+#ifdef __GNUC__
+ "BNE L_SHA256_transform_len_begin\n\t"
+#else
+ "BNE.W L_SHA256_transform_len_begin\n\t"
+#endif
+ "ADD sp, sp, #0xc0\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len),
+ [L_SHA256_transform_len_k] "+r" (L_SHA256_transform_len_k_c)
+ :
+#else
+ : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len)
+ : [L_SHA256_transform_len_k] "r" (L_SHA256_transform_len_k)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+}
+
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* !NO_SHA256 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S
new file mode 100644
index 00000000..6031b924
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S
@@ -0,0 +1,3677 @@
+/* thumb2-sha512-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./sha2/sha512.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+ .thumb
+ .syntax unified
+#ifdef WOLFSSL_SHA512
+#ifdef WOLFSSL_ARMASM_NO_NEON
+ .text
+ .type L_SHA512_transform_len_k, %object
+ .size L_SHA512_transform_len_k, 640
+ .align 4
+L_SHA512_transform_len_k:
+ .word 0xd728ae22
+ .word 0x428a2f98
+ .word 0x23ef65cd
+ .word 0x71374491
+ .word 0xec4d3b2f
+ .word 0xb5c0fbcf
+ .word 0x8189dbbc
+ .word 0xe9b5dba5
+ .word 0xf348b538
+ .word 0x3956c25b
+ .word 0xb605d019
+ .word 0x59f111f1
+ .word 0xaf194f9b
+ .word 0x923f82a4
+ .word 0xda6d8118
+ .word 0xab1c5ed5
+ .word 0xa3030242
+ .word 0xd807aa98
+ .word 0x45706fbe
+ .word 0x12835b01
+ .word 0x4ee4b28c
+ .word 0x243185be
+ .word 0xd5ffb4e2
+ .word 0x550c7dc3
+ .word 0xf27b896f
+ .word 0x72be5d74
+ .word 0x3b1696b1
+ .word 0x80deb1fe
+ .word 0x25c71235
+ .word 0x9bdc06a7
+ .word 0xcf692694
+ .word 0xc19bf174
+ .word 0x9ef14ad2
+ .word 0xe49b69c1
+ .word 0x384f25e3
+ .word 0xefbe4786
+ .word 0x8b8cd5b5
+ .word 0xfc19dc6
+ .word 0x77ac9c65
+ .word 0x240ca1cc
+ .word 0x592b0275
+ .word 0x2de92c6f
+ .word 0x6ea6e483
+ .word 0x4a7484aa
+ .word 0xbd41fbd4
+ .word 0x5cb0a9dc
+ .word 0x831153b5
+ .word 0x76f988da
+ .word 0xee66dfab
+ .word 0x983e5152
+ .word 0x2db43210
+ .word 0xa831c66d
+ .word 0x98fb213f
+ .word 0xb00327c8
+ .word 0xbeef0ee4
+ .word 0xbf597fc7
+ .word 0x3da88fc2
+ .word 0xc6e00bf3
+ .word 0x930aa725
+ .word 0xd5a79147
+ .word 0xe003826f
+ .word 0x6ca6351
+ .word 0xa0e6e70
+ .word 0x14292967
+ .word 0x46d22ffc
+ .word 0x27b70a85
+ .word 0x5c26c926
+ .word 0x2e1b2138
+ .word 0x5ac42aed
+ .word 0x4d2c6dfc
+ .word 0x9d95b3df
+ .word 0x53380d13
+ .word 0x8baf63de
+ .word 0x650a7354
+ .word 0x3c77b2a8
+ .word 0x766a0abb
+ .word 0x47edaee6
+ .word 0x81c2c92e
+ .word 0x1482353b
+ .word 0x92722c85
+ .word 0x4cf10364
+ .word 0xa2bfe8a1
+ .word 0xbc423001
+ .word 0xa81a664b
+ .word 0xd0f89791
+ .word 0xc24b8b70
+ .word 0x654be30
+ .word 0xc76c51a3
+ .word 0xd6ef5218
+ .word 0xd192e819
+ .word 0x5565a910
+ .word 0xd6990624
+ .word 0x5771202a
+ .word 0xf40e3585
+ .word 0x32bbd1b8
+ .word 0x106aa070
+ .word 0xb8d2d0c8
+ .word 0x19a4c116
+ .word 0x5141ab53
+ .word 0x1e376c08
+ .word 0xdf8eeb99
+ .word 0x2748774c
+ .word 0xe19b48a8
+ .word 0x34b0bcb5
+ .word 0xc5c95a63
+ .word 0x391c0cb3
+ .word 0xe3418acb
+ .word 0x4ed8aa4a
+ .word 0x7763e373
+ .word 0x5b9cca4f
+ .word 0xd6b2b8a3
+ .word 0x682e6ff3
+ .word 0x5defb2fc
+ .word 0x748f82ee
+ .word 0x43172f60
+ .word 0x78a5636f
+ .word 0xa1f0ab72
+ .word 0x84c87814
+ .word 0x1a6439ec
+ .word 0x8cc70208
+ .word 0x23631e28
+ .word 0x90befffa
+ .word 0xde82bde9
+ .word 0xa4506ceb
+ .word 0xb2c67915
+ .word 0xbef9a3f7
+ .word 0xe372532b
+ .word 0xc67178f2
+ .word 0xea26619c
+ .word 0xca273ece
+ .word 0x21c0c207
+ .word 0xd186b8c7
+ .word 0xcde0eb1e
+ .word 0xeada7dd6
+ .word 0xee6ed178
+ .word 0xf57d4f7f
+ .word 0x72176fba
+ .word 0x6f067aa
+ .word 0xa2c898a6
+ .word 0xa637dc5
+ .word 0xbef90dae
+ .word 0x113f9804
+ .word 0x131c471b
+ .word 0x1b710b35
+ .word 0x23047d84
+ .word 0x28db77f5
+ .word 0x40c72493
+ .word 0x32caab7b
+ .word 0x15c9bebc
+ .word 0x3c9ebe0a
+ .word 0x9c100d4c
+ .word 0x431d67c4
+ .word 0xcb3e42b6
+ .word 0x4cc5d4be
+ .word 0xfc657e2a
+ .word 0x597f299c
+ .word 0x3ad6faec
+ .word 0x5fcb6fab
+ .word 0x4a475817
+ .word 0x6c44198c
+ .text
+ .align 4
+ .globl Transform_Sha512_Len
+ .type Transform_Sha512_Len, %function
+Transform_Sha512_Len:
+ PUSH {r4, r5, r6, r7, r8, r9, r10, r11, lr}
+ SUB sp, sp, #0xc0
+ ADR r3, L_SHA512_transform_len_k
+ /* Copy digest to add in at end */
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ LDRD r10, r11, [r0, #24]
+ STRD r4, r5, [sp, #128]
+ STRD r6, r7, [sp, #136]
+ STRD r8, r9, [sp, #144]
+ STRD r10, r11, [sp, #152]
+ LDRD r4, r5, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ LDRD r8, r9, [r0, #48]
+ LDRD r10, r11, [r0, #56]
+ STRD r4, r5, [sp, #160]
+ STRD r6, r7, [sp, #168]
+ STRD r8, r9, [sp, #176]
+ STRD r10, r11, [sp, #184]
+ /* Start of loop processing a block */
+L_SHA512_transform_len_begin:
+ /* Load, Reverse and Store W */
+ LDR r4, [r1]
+ LDR r5, [r1, #4]
+ LDR r6, [r1, #8]
+ LDR r7, [r1, #12]
+ LDR r8, [r1, #16]
+ LDR r9, [r1, #20]
+ LDR r10, [r1, #24]
+ LDR r11, [r1, #28]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STR r5, [sp]
+ STR r4, [sp, #4]
+ STR r7, [sp, #8]
+ STR r6, [sp, #12]
+ STR r9, [sp, #16]
+ STR r8, [sp, #20]
+ STR r11, [sp, #24]
+ STR r10, [sp, #28]
+ LDR r4, [r1, #32]
+ LDR r5, [r1, #36]
+ LDR r6, [r1, #40]
+ LDR r7, [r1, #44]
+ LDR r8, [r1, #48]
+ LDR r9, [r1, #52]
+ LDR r10, [r1, #56]
+ LDR r11, [r1, #60]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STR r5, [sp, #32]
+ STR r4, [sp, #36]
+ STR r7, [sp, #40]
+ STR r6, [sp, #44]
+ STR r9, [sp, #48]
+ STR r8, [sp, #52]
+ STR r11, [sp, #56]
+ STR r10, [sp, #60]
+ LDR r4, [r1, #64]
+ LDR r5, [r1, #68]
+ LDR r6, [r1, #72]
+ LDR r7, [r1, #76]
+ LDR r8, [r1, #80]
+ LDR r9, [r1, #84]
+ LDR r10, [r1, #88]
+ LDR r11, [r1, #92]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STR r5, [sp, #64]
+ STR r4, [sp, #68]
+ STR r7, [sp, #72]
+ STR r6, [sp, #76]
+ STR r9, [sp, #80]
+ STR r8, [sp, #84]
+ STR r11, [sp, #88]
+ STR r10, [sp, #92]
+ LDR r4, [r1, #96]
+ LDR r5, [r1, #100]
+ LDR r6, [r1, #104]
+ LDR r7, [r1, #108]
+ LDR r8, [r1, #112]
+ LDR r9, [r1, #116]
+ LDR r10, [r1, #120]
+ LDR r11, [r1, #124]
+ REV r4, r4
+ REV r5, r5
+ REV r6, r6
+ REV r7, r7
+ REV r8, r8
+ REV r9, r9
+ REV r10, r10
+ REV r11, r11
+ STR r5, [sp, #96]
+ STR r4, [sp, #100]
+ STR r7, [sp, #104]
+ STR r6, [sp, #108]
+ STR r9, [sp, #112]
+ STR r8, [sp, #116]
+ STR r11, [sp, #120]
+ STR r10, [sp, #124]
+ /* Pre-calc: b ^ c */
+ LDRD r10, r11, [r0, #8]
+ LDRD r4, r5, [r0, #16]
+ EOR r10, r10, r4
+ EOR r11, r11, r5
+ MOV r12, #0x4
+ /* Start of 16 rounds */
+L_SHA512_transform_len_start:
+ /* Round 0 */
+ LDRD r4, r5, [r0, #32]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ LDRD r4, r5, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ LDRD r8, r9, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #56]
+ LDRD r8, r9, [sp]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0]
+ STRD r8, r9, [r0, #24]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0]
+ LDRD r6, r7, [r0, #8]
+ STRD r4, r5, [r0, #56]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #56]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #56]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[0] */
+ LDRD r4, r5, [sp, #112]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp]
+ LDRD r8, r9, [sp, #72]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp]
+ LDRD r4, r5, [sp, #8]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp]
+ /* Round 1 */
+ LDRD r4, r5, [r0, #24]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ LDRD r4, r5, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ LDRD r8, r9, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #48]
+ LDRD r8, r9, [sp, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #8]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #56]
+ STRD r8, r9, [r0, #16]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #56]
+ LDRD r6, r7, [r0]
+ STRD r4, r5, [r0, #48]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #48]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #48]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[1] */
+ LDRD r4, r5, [sp, #120]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #8]
+ LDRD r8, r9, [sp, #80]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #8]
+ LDRD r4, r5, [sp, #16]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #8]
+ /* Round 2 */
+ LDRD r4, r5, [r0, #16]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ LDRD r8, r9, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #40]
+ LDRD r8, r9, [sp, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #16]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #48]
+ STRD r8, r9, [r0, #8]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ STRD r4, r5, [r0, #40]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #40]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #40]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[2] */
+ LDRD r4, r5, [sp]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #16]
+ LDRD r8, r9, [sp, #88]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #16]
+ LDRD r4, r5, [sp, #24]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #16]
+ /* Round 3 */
+ LDRD r4, r5, [r0, #8]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ LDRD r4, r5, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ LDRD r8, r9, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #32]
+ LDRD r8, r9, [sp, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #24]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #40]
+ STRD r8, r9, [r0]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ STRD r4, r5, [r0, #32]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #32]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #32]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[3] */
+ LDRD r4, r5, [sp, #8]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #24]
+ LDRD r8, r9, [sp, #96]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #24]
+ LDRD r4, r5, [sp, #32]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #24]
+ /* Round 4 */
+ LDRD r4, r5, [r0]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #24]
+ LDRD r8, r9, [sp, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #32]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #32]
+ STRD r8, r9, [r0, #56]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ STRD r4, r5, [r0, #24]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #24]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #24]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[4] */
+ LDRD r4, r5, [sp, #16]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #32]
+ LDRD r8, r9, [sp, #104]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #32]
+ LDRD r4, r5, [sp, #40]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #32]
+ /* Round 5 */
+ LDRD r4, r5, [r0, #56]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ LDRD r4, r5, [r0, #56]
+ LDRD r6, r7, [r0]
+ LDRD r8, r9, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #16]
+ LDRD r8, r9, [sp, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #40]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #24]
+ STRD r8, r9, [r0, #48]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ STRD r4, r5, [r0, #16]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #16]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #16]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[5] */
+ LDRD r4, r5, [sp, #24]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #40]
+ LDRD r8, r9, [sp, #112]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #40]
+ LDRD r4, r5, [sp, #48]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #40]
+ /* Round 6 */
+ LDRD r4, r5, [r0, #48]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ LDRD r4, r5, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ LDRD r8, r9, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #8]
+ LDRD r8, r9, [sp, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #48]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #16]
+ STRD r8, r9, [r0, #40]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ STRD r4, r5, [r0, #8]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #8]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #8]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[6] */
+ LDRD r4, r5, [sp, #32]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #48]
+ LDRD r8, r9, [sp, #120]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #48]
+ LDRD r4, r5, [sp, #56]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #48]
+ /* Round 7 */
+ LDRD r4, r5, [r0, #40]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ LDRD r4, r5, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ LDRD r8, r9, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0]
+ LDRD r8, r9, [sp, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #56]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #8]
+ STRD r8, r9, [r0, #32]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ STRD r4, r5, [r0]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[7] */
+ LDRD r4, r5, [sp, #40]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #56]
+ LDRD r8, r9, [sp]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #56]
+ LDRD r4, r5, [sp, #64]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #56]
+ /* Round 8 */
+ LDRD r4, r5, [r0, #32]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ LDRD r4, r5, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ LDRD r8, r9, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #56]
+ LDRD r8, r9, [sp, #64]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #64]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0]
+ STRD r8, r9, [r0, #24]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0]
+ LDRD r6, r7, [r0, #8]
+ STRD r4, r5, [r0, #56]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #56]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #56]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[8] */
+ LDRD r4, r5, [sp, #48]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #64]
+ LDRD r8, r9, [sp, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #64]
+ LDRD r4, r5, [sp, #72]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #64]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #64]
+ /* Round 9 */
+ LDRD r4, r5, [r0, #24]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ LDRD r4, r5, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ LDRD r8, r9, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #48]
+ LDRD r8, r9, [sp, #72]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #72]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #56]
+ STRD r8, r9, [r0, #16]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #56]
+ LDRD r6, r7, [r0]
+ STRD r4, r5, [r0, #48]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #48]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #48]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[9] */
+ LDRD r4, r5, [sp, #56]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #72]
+ LDRD r8, r9, [sp, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #72]
+ LDRD r4, r5, [sp, #80]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #72]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #72]
+ /* Round 10 */
+ LDRD r4, r5, [r0, #16]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ LDRD r8, r9, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #40]
+ LDRD r8, r9, [sp, #80]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #80]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #48]
+ STRD r8, r9, [r0, #8]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ STRD r4, r5, [r0, #40]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #40]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #40]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[10] */
+ LDRD r4, r5, [sp, #64]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #80]
+ LDRD r8, r9, [sp, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #80]
+ LDRD r4, r5, [sp, #88]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #80]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #80]
+ /* Round 11 */
+ LDRD r4, r5, [r0, #8]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ LDRD r4, r5, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ LDRD r8, r9, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #32]
+ LDRD r8, r9, [sp, #88]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #88]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #40]
+ STRD r8, r9, [r0]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ STRD r4, r5, [r0, #32]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #32]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #32]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[11] */
+ LDRD r4, r5, [sp, #72]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #88]
+ LDRD r8, r9, [sp, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #88]
+ LDRD r4, r5, [sp, #96]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #88]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #88]
+ /* Round 12 */
+ LDRD r4, r5, [r0]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #24]
+ LDRD r8, r9, [sp, #96]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #96]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #32]
+ STRD r8, r9, [r0, #56]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ STRD r4, r5, [r0, #24]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #24]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #24]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[12] */
+ LDRD r4, r5, [sp, #80]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #96]
+ LDRD r8, r9, [sp, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #96]
+ LDRD r4, r5, [sp, #104]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #96]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #96]
+ /* Round 13 */
+ LDRD r4, r5, [r0, #56]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ LDRD r4, r5, [r0, #56]
+ LDRD r6, r7, [r0]
+ LDRD r8, r9, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #16]
+ LDRD r8, r9, [sp, #104]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #104]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #24]
+ STRD r8, r9, [r0, #48]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ STRD r4, r5, [r0, #16]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #16]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #16]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[13] */
+ LDRD r4, r5, [sp, #88]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #104]
+ LDRD r8, r9, [sp, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #104]
+ LDRD r4, r5, [sp, #112]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #104]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #104]
+ /* Round 14 */
+ LDRD r4, r5, [r0, #48]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ LDRD r4, r5, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ LDRD r8, r9, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #8]
+ LDRD r8, r9, [sp, #112]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #112]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #16]
+ STRD r8, r9, [r0, #40]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ STRD r4, r5, [r0, #8]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #8]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #8]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[14] */
+ LDRD r4, r5, [sp, #96]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #112]
+ LDRD r8, r9, [sp, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #112]
+ LDRD r4, r5, [sp, #120]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #112]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #112]
+ /* Round 15 */
+ LDRD r4, r5, [r0, #40]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ LDRD r4, r5, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ LDRD r8, r9, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0]
+ LDRD r8, r9, [sp, #120]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #120]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #8]
+ STRD r8, r9, [r0, #32]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ STRD r4, r5, [r0]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0]
+ MOV r10, r8
+ MOV r11, r9
+ /* Calc new W[15] */
+ LDRD r4, r5, [sp, #104]
+ LSRS r6, r4, #19
+ LSRS r7, r5, #19
+ ORR r7, r7, r4, LSL #13
+ ORR r6, r6, r5, LSL #13
+ LSLS r8, r4, #3
+ LSLS r9, r5, #3
+ ORR r9, r9, r4, LSR #29
+ ORR r8, r8, r5, LSR #29
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #6
+ LSRS r9, r5, #6
+ ORR r8, r8, r5, LSL #26
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #120]
+ LDRD r8, r9, [sp, #64]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ STRD r4, r5, [sp, #120]
+ LDRD r4, r5, [sp]
+ LSRS r6, r4, #1
+ LSRS r7, r5, #1
+ ORR r7, r7, r4, LSL #31
+ ORR r6, r6, r5, LSL #31
+ LSRS r8, r4, #8
+ LSRS r9, r5, #8
+ ORR r9, r9, r4, LSL #24
+ ORR r8, r8, r5, LSL #24
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LSRS r8, r4, #7
+ LSRS r9, r5, #7
+ ORR r8, r8, r5, LSL #25
+ EOR r7, r7, r9
+ EOR r6, r6, r8
+ LDRD r4, r5, [sp, #120]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [sp, #120]
+ ADD r3, r3, #0x80
+ SUBS r12, r12, #0x1
+#ifdef __GNUC__
+ BNE L_SHA512_transform_len_start
+#else
+ BNE.W L_SHA512_transform_len_start
+#endif
+ /* Round 0 */
+ LDRD r4, r5, [r0, #32]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ LDRD r4, r5, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ LDRD r8, r9, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #56]
+ LDRD r8, r9, [sp]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0]
+ STRD r8, r9, [r0, #24]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0]
+ LDRD r6, r7, [r0, #8]
+ STRD r4, r5, [r0, #56]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #56]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #56]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 1 */
+ LDRD r4, r5, [r0, #24]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ LDRD r4, r5, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ LDRD r8, r9, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #48]
+ LDRD r8, r9, [sp, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #8]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #56]
+ STRD r8, r9, [r0, #16]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #56]
+ LDRD r6, r7, [r0]
+ STRD r4, r5, [r0, #48]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #48]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #48]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 2 */
+ LDRD r4, r5, [r0, #16]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ LDRD r8, r9, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #40]
+ LDRD r8, r9, [sp, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #16]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #48]
+ STRD r8, r9, [r0, #8]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ STRD r4, r5, [r0, #40]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #40]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #40]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 3 */
+ LDRD r4, r5, [r0, #8]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ LDRD r4, r5, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ LDRD r8, r9, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #32]
+ LDRD r8, r9, [sp, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #24]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #40]
+ STRD r8, r9, [r0]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ STRD r4, r5, [r0, #32]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #32]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #32]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 4 */
+ LDRD r4, r5, [r0]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #24]
+ LDRD r8, r9, [sp, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #32]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #32]
+ STRD r8, r9, [r0, #56]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ STRD r4, r5, [r0, #24]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #24]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #24]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 5 */
+ LDRD r4, r5, [r0, #56]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ LDRD r4, r5, [r0, #56]
+ LDRD r6, r7, [r0]
+ LDRD r8, r9, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #16]
+ LDRD r8, r9, [sp, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #40]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #24]
+ STRD r8, r9, [r0, #48]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ STRD r4, r5, [r0, #16]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #16]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #16]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 6 */
+ LDRD r4, r5, [r0, #48]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ LDRD r4, r5, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ LDRD r8, r9, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #8]
+ LDRD r8, r9, [sp, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #48]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #16]
+ STRD r8, r9, [r0, #40]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ STRD r4, r5, [r0, #8]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #8]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #8]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 7 */
+ LDRD r4, r5, [r0, #40]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ LDRD r4, r5, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ LDRD r8, r9, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0]
+ LDRD r8, r9, [sp, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #56]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #8]
+ STRD r8, r9, [r0, #32]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ STRD r4, r5, [r0]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 8 */
+ LDRD r4, r5, [r0, #32]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ LDRD r4, r5, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ LDRD r8, r9, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #56]
+ LDRD r8, r9, [sp, #64]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #64]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #24]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #56]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0]
+ STRD r8, r9, [r0, #24]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0]
+ LDRD r6, r7, [r0, #8]
+ STRD r4, r5, [r0, #56]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #56]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #56]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 9 */
+ LDRD r4, r5, [r0, #24]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ LDRD r4, r5, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ LDRD r8, r9, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #48]
+ LDRD r8, r9, [sp, #72]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #72]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #16]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #48]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #56]
+ STRD r8, r9, [r0, #16]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #48]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #56]
+ LDRD r6, r7, [r0]
+ STRD r4, r5, [r0, #48]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #48]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #48]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 10 */
+ LDRD r4, r5, [r0, #16]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ LDRD r8, r9, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #40]
+ LDRD r8, r9, [sp, #80]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #80]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #8]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #40]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #48]
+ STRD r8, r9, [r0, #8]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #40]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ STRD r4, r5, [r0, #40]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #40]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #40]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 11 */
+ LDRD r4, r5, [r0, #8]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ LDRD r4, r5, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ LDRD r8, r9, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #32]
+ LDRD r8, r9, [sp, #88]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #88]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #32]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #40]
+ STRD r8, r9, [r0]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #32]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ STRD r4, r5, [r0, #32]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #32]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #32]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 12 */
+ LDRD r4, r5, [r0]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #24]
+ LDRD r8, r9, [sp, #96]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #96]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #56]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #24]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #32]
+ STRD r8, r9, [r0, #56]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #24]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ STRD r4, r5, [r0, #24]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #24]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #24]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 13 */
+ LDRD r4, r5, [r0, #56]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ LDRD r4, r5, [r0, #56]
+ LDRD r6, r7, [r0]
+ LDRD r8, r9, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #16]
+ LDRD r8, r9, [sp, #104]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #104]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #48]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #16]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #24]
+ STRD r8, r9, [r0, #48]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #16]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #24]
+ LDRD r6, r7, [r0, #32]
+ STRD r4, r5, [r0, #16]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #16]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #16]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 14 */
+ LDRD r4, r5, [r0, #48]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ LDRD r4, r5, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ LDRD r8, r9, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0, #8]
+ LDRD r8, r9, [sp, #112]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #112]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #40]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0, #8]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #16]
+ STRD r8, r9, [r0, #40]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0, #8]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ STRD r4, r5, [r0, #8]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0, #8]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0, #8]
+ MOV r10, r8
+ MOV r11, r9
+ /* Round 15 */
+ LDRD r4, r5, [r0, #40]
+ LSRS r6, r4, #14
+ LSRS r7, r5, #14
+ ORR r7, r7, r4, LSL #18
+ ORR r6, r6, r5, LSL #18
+ LSRS r8, r4, #18
+ LSRS r9, r5, #18
+ ORR r9, r9, r4, LSL #14
+ ORR r8, r8, r5, LSL #14
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #23
+ LSLS r9, r5, #23
+ ORR r9, r9, r4, LSR #9
+ ORR r8, r8, r5, LSR #9
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ LDRD r4, r5, [r0, #40]
+ LDRD r6, r7, [r0, #48]
+ LDRD r8, r9, [r0, #56]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ AND r6, r6, r4
+ AND r7, r7, r5
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LDRD r4, r5, [r0]
+ LDRD r8, r9, [sp, #120]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r6, r7, [r3, #120]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ LDRD r8, r9, [r0, #32]
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ STRD r4, r5, [r0]
+ ADDS r8, r8, r4
+ ADC r9, r9, r5
+ LDRD r4, r5, [r0, #8]
+ STRD r8, r9, [r0, #32]
+ LSRS r6, r4, #28
+ LSRS r7, r5, #28
+ ORR r7, r7, r4, LSL #4
+ ORR r6, r6, r5, LSL #4
+ LSLS r8, r4, #30
+ LSLS r9, r5, #30
+ ORR r9, r9, r4, LSR #2
+ ORR r8, r8, r5, LSR #2
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ LSLS r8, r4, #25
+ LSLS r9, r5, #25
+ ORR r9, r9, r4, LSR #7
+ ORR r8, r8, r5, LSR #7
+ LDRD r4, r5, [r0]
+ EOR r6, r6, r8
+ EOR r7, r7, r9
+ ADDS r4, r4, r6
+ ADC r5, r5, r7
+ LDRD r8, r9, [r0, #8]
+ LDRD r6, r7, [r0, #16]
+ STRD r4, r5, [r0]
+ EOR r8, r8, r6
+ EOR r9, r9, r7
+ AND r10, r10, r8
+ AND r11, r11, r9
+ EOR r10, r10, r6
+ EOR r11, r11, r7
+ LDRD r6, r7, [r0]
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r6, r7, [r0]
+ MOV r10, r8
+ MOV r11, r9
+ /* Add in digest from start */
+ LDRD r4, r5, [r0]
+ LDRD r6, r7, [r0, #8]
+ LDRD r8, r9, [sp, #128]
+ LDRD r10, r11, [sp, #136]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r4, r5, [r0]
+ STRD r6, r7, [r0, #8]
+ STRD r4, r5, [sp, #128]
+ STRD r6, r7, [sp, #136]
+ LDRD r4, r5, [r0, #16]
+ LDRD r6, r7, [r0, #24]
+ LDRD r8, r9, [sp, #144]
+ LDRD r10, r11, [sp, #152]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r4, r5, [r0, #16]
+ STRD r6, r7, [r0, #24]
+ STRD r4, r5, [sp, #144]
+ STRD r6, r7, [sp, #152]
+ LDRD r4, r5, [r0, #32]
+ LDRD r6, r7, [r0, #40]
+ LDRD r8, r9, [sp, #160]
+ LDRD r10, r11, [sp, #168]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r4, r5, [r0, #32]
+ STRD r6, r7, [r0, #40]
+ STRD r4, r5, [sp, #160]
+ STRD r6, r7, [sp, #168]
+ LDRD r4, r5, [r0, #48]
+ LDRD r6, r7, [r0, #56]
+ LDRD r8, r9, [sp, #176]
+ LDRD r10, r11, [sp, #184]
+ ADDS r4, r4, r8
+ ADC r5, r5, r9
+ ADDS r6, r6, r10
+ ADC r7, r7, r11
+ STRD r4, r5, [r0, #48]
+ STRD r6, r7, [r0, #56]
+ STRD r4, r5, [sp, #176]
+ STRD r6, r7, [sp, #184]
+ SUBS r2, r2, #0x80
+ SUB r3, r3, #0x200
+ ADD r1, r1, #0x80
+#ifdef __GNUC__
+ BNE L_SHA512_transform_len_begin
+#else
+ BNE.W L_SHA512_transform_len_begin
+#endif
+ EOR r0, r0, r0
+ ADD sp, sp, #0xc0
+ POP {r4, r5, r6, r7, r8, r9, r10, r11, pc}
+ /* Cycle Count = 5021 */
+ .size Transform_Sha512_Len,.-Transform_Sha512_Len
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* WOLFSSL_SHA512 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
new file mode 100644
index 00000000..d7fbd83e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
@@ -0,0 +1,3592 @@
+/* thumb2-sha512-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ * cd ../scripts
+ * ruby ./sha2/sha512.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif /* __KEIL__ */
+#ifdef WOLFSSL_SHA512
+#include <wolfssl/wolfcrypt/sha512.h>
+
+#ifdef WOLFSSL_ARMASM_NO_NEON
+static const uint64_t L_SHA512_transform_len_k[] = {
+ 0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+ 0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+ 0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+ 0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+ 0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+ 0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+ 0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+ 0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+ 0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+ 0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+ 0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+ 0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+ 0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+ 0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+ 0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+ 0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+ 0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+ 0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+ 0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+ 0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+ 0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+ 0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+ 0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+ 0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+ 0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+ 0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+ 0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+ 0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+ 0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+ 0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+ 0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+ 0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+ 0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+ 0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+ 0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+ 0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+ 0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+ 0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+ 0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+ 0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL,
+};
+
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
+#else
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register wc_Sha512* sha512 __asm__ ("r0") = (wc_Sha512*)sha512_p;
+ register const byte* data __asm__ ("r1") = (const byte*)data_p;
+ register word32 len __asm__ ("r2") = (word32)len_p;
+ register uint64_t* L_SHA512_transform_len_k_c __asm__ ("r3") = (uint64_t*)&L_SHA512_transform_len_k;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0xc0\n\t"
+ "MOV r3, %[L_SHA512_transform_len_k]\n\t"
+ /* Copy digest to add in at end */
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "LDRD r10, r11, [%[sha512], #24]\n\t"
+ "STRD r4, r5, [sp, #128]\n\t"
+ "STRD r6, r7, [sp, #136]\n\t"
+ "STRD r8, r9, [sp, #144]\n\t"
+ "STRD r10, r11, [sp, #152]\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "LDRD r10, r11, [%[sha512], #56]\n\t"
+ "STRD r4, r5, [sp, #160]\n\t"
+ "STRD r6, r7, [sp, #168]\n\t"
+ "STRD r8, r9, [sp, #176]\n\t"
+ "STRD r10, r11, [sp, #184]\n\t"
+ /* Start of loop processing a block */
+ "\n"
+ "L_SHA512_transform_len_begin:\n\t"
+ /* Load, Reverse and Store W */
+ "LDR r4, [%[data]]\n\t"
+ "LDR r5, [%[data], #4]\n\t"
+ "LDR r6, [%[data], #8]\n\t"
+ "LDR r7, [%[data], #12]\n\t"
+ "LDR r8, [%[data], #16]\n\t"
+ "LDR r9, [%[data], #20]\n\t"
+ "LDR r10, [%[data], #24]\n\t"
+ "LDR r11, [%[data], #28]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STR r5, [sp]\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "STR r7, [sp, #8]\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "STR r9, [sp, #16]\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "STR r11, [sp, #24]\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "LDR r4, [%[data], #32]\n\t"
+ "LDR r5, [%[data], #36]\n\t"
+ "LDR r6, [%[data], #40]\n\t"
+ "LDR r7, [%[data], #44]\n\t"
+ "LDR r8, [%[data], #48]\n\t"
+ "LDR r9, [%[data], #52]\n\t"
+ "LDR r10, [%[data], #56]\n\t"
+ "LDR r11, [%[data], #60]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STR r5, [sp, #32]\n\t"
+ "STR r4, [sp, #36]\n\t"
+ "STR r7, [sp, #40]\n\t"
+ "STR r6, [sp, #44]\n\t"
+ "STR r9, [sp, #48]\n\t"
+ "STR r8, [sp, #52]\n\t"
+ "STR r11, [sp, #56]\n\t"
+ "STR r10, [sp, #60]\n\t"
+ "LDR r4, [%[data], #64]\n\t"
+ "LDR r5, [%[data], #68]\n\t"
+ "LDR r6, [%[data], #72]\n\t"
+ "LDR r7, [%[data], #76]\n\t"
+ "LDR r8, [%[data], #80]\n\t"
+ "LDR r9, [%[data], #84]\n\t"
+ "LDR r10, [%[data], #88]\n\t"
+ "LDR r11, [%[data], #92]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STR r5, [sp, #64]\n\t"
+ "STR r4, [sp, #68]\n\t"
+ "STR r7, [sp, #72]\n\t"
+ "STR r6, [sp, #76]\n\t"
+ "STR r9, [sp, #80]\n\t"
+ "STR r8, [sp, #84]\n\t"
+ "STR r11, [sp, #88]\n\t"
+ "STR r10, [sp, #92]\n\t"
+ "LDR r4, [%[data], #96]\n\t"
+ "LDR r5, [%[data], #100]\n\t"
+ "LDR r6, [%[data], #104]\n\t"
+ "LDR r7, [%[data], #108]\n\t"
+ "LDR r8, [%[data], #112]\n\t"
+ "LDR r9, [%[data], #116]\n\t"
+ "LDR r10, [%[data], #120]\n\t"
+ "LDR r11, [%[data], #124]\n\t"
+ "REV r4, r4\n\t"
+ "REV r5, r5\n\t"
+ "REV r6, r6\n\t"
+ "REV r7, r7\n\t"
+ "REV r8, r8\n\t"
+ "REV r9, r9\n\t"
+ "REV r10, r10\n\t"
+ "REV r11, r11\n\t"
+ "STR r5, [sp, #96]\n\t"
+ "STR r4, [sp, #100]\n\t"
+ "STR r7, [sp, #104]\n\t"
+ "STR r6, [sp, #108]\n\t"
+ "STR r9, [sp, #112]\n\t"
+ "STR r8, [sp, #116]\n\t"
+ "STR r11, [sp, #120]\n\t"
+ "STR r10, [sp, #124]\n\t"
+ /* Pre-calc: b ^ c */
+ "LDRD r10, r11, [%[sha512], #8]\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r10, r10, r4\n\t"
+ "EOR r11, r11, r5\n\t"
+ "MOV r12, #0x4\n\t"
+ /* Start of 16 rounds */
+ "\n"
+ "L_SHA512_transform_len_start:\n\t"
+ /* Round 0 */
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [sp]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "STRD r8, r9, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #56]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[0] */
+ "LDRD r4, r5, [sp, #112]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp]\n\t"
+ "LDRD r8, r9, [sp, #72]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp]\n\t"
+ "LDRD r4, r5, [sp, #8]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp]\n\t"
+ /* Round 1 */
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [sp, #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #8]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "STRD r8, r9, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #48]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[1] */
+ "LDRD r4, r5, [sp, #120]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #8]\n\t"
+ "LDRD r8, r9, [sp, #80]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #8]\n\t"
+ "LDRD r4, r5, [sp, #16]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #8]\n\t"
+ /* Round 2 */
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [sp, #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #16]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "STRD r8, r9, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #40]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[2] */
+ "LDRD r4, r5, [sp]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #16]\n\t"
+ "LDRD r8, r9, [sp, #88]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #16]\n\t"
+ "LDRD r4, r5, [sp, #24]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #16]\n\t"
+ /* Round 3 */
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [sp, #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #24]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "STRD r8, r9, [%[sha512]]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #32]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[3] */
+ "LDRD r4, r5, [sp, #8]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #24]\n\t"
+ "LDRD r8, r9, [sp, #96]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #24]\n\t"
+ "LDRD r4, r5, [sp, #32]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #24]\n\t"
+ /* Round 4 */
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [sp, #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #32]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "STRD r8, r9, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #24]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[4] */
+ "LDRD r4, r5, [sp, #16]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #32]\n\t"
+ "LDRD r8, r9, [sp, #104]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #32]\n\t"
+ "LDRD r4, r5, [sp, #40]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #32]\n\t"
+ /* Round 5 */
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [sp, #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #40]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "STRD r8, r9, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #16]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[5] */
+ "LDRD r4, r5, [sp, #24]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #40]\n\t"
+ "LDRD r8, r9, [sp, #112]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #40]\n\t"
+ "LDRD r4, r5, [sp, #48]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #40]\n\t"
+ /* Round 6 */
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [sp, #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #48]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "STRD r8, r9, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #8]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[6] */
+ "LDRD r4, r5, [sp, #32]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #48]\n\t"
+ "LDRD r8, r9, [sp, #120]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #48]\n\t"
+ "LDRD r4, r5, [sp, #56]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #48]\n\t"
+ /* Round 7 */
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r8, r9, [sp, #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #56]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "STRD r8, r9, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512]]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[7] */
+ "LDRD r4, r5, [sp, #40]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #56]\n\t"
+ "LDRD r8, r9, [sp]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #56]\n\t"
+ "LDRD r4, r5, [sp, #64]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #56]\n\t"
+ /* Round 8 */
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [sp, #64]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #64]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "STRD r8, r9, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #56]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[8] */
+ "LDRD r4, r5, [sp, #48]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #64]\n\t"
+ "LDRD r8, r9, [sp, #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #64]\n\t"
+ "LDRD r4, r5, [sp, #72]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #64]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #64]\n\t"
+ /* Round 9 */
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [sp, #72]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #72]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "STRD r8, r9, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #48]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[9] */
+ "LDRD r4, r5, [sp, #56]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #72]\n\t"
+ "LDRD r8, r9, [sp, #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #72]\n\t"
+ "LDRD r4, r5, [sp, #80]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #72]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #72]\n\t"
+ /* Round 10 */
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [sp, #80]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #80]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "STRD r8, r9, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #40]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[10] */
+ "LDRD r4, r5, [sp, #64]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #80]\n\t"
+ "LDRD r8, r9, [sp, #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #80]\n\t"
+ "LDRD r4, r5, [sp, #88]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #80]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #80]\n\t"
+ /* Round 11 */
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [sp, #88]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #88]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "STRD r8, r9, [%[sha512]]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #32]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[11] */
+ "LDRD r4, r5, [sp, #72]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #88]\n\t"
+ "LDRD r8, r9, [sp, #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #88]\n\t"
+ "LDRD r4, r5, [sp, #96]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #88]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #88]\n\t"
+ /* Round 12 */
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [sp, #96]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #96]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "STRD r8, r9, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #24]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[12] */
+ "LDRD r4, r5, [sp, #80]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #96]\n\t"
+ "LDRD r8, r9, [sp, #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #96]\n\t"
+ "LDRD r4, r5, [sp, #104]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #96]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #96]\n\t"
+ /* Round 13 */
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [sp, #104]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #104]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "STRD r8, r9, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #16]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[13] */
+ "LDRD r4, r5, [sp, #88]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #104]\n\t"
+ "LDRD r8, r9, [sp, #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #104]\n\t"
+ "LDRD r4, r5, [sp, #112]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #104]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #104]\n\t"
+ /* Round 14 */
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [sp, #112]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #112]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "STRD r8, r9, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #8]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[14] */
+ "LDRD r4, r5, [sp, #96]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #112]\n\t"
+ "LDRD r8, r9, [sp, #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #112]\n\t"
+ "LDRD r4, r5, [sp, #120]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #112]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #112]\n\t"
+ /* Round 15 */
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r8, r9, [sp, #120]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #120]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "STRD r8, r9, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512]]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Calc new W[15] */
+ "LDRD r4, r5, [sp, #104]\n\t"
+ "LSRS r6, r4, #19\n\t"
+ "LSRS r7, r5, #19\n\t"
+ "ORR r7, r7, r4, LSL #13\n\t"
+ "ORR r6, r6, r5, LSL #13\n\t"
+ "LSLS r8, r4, #3\n\t"
+ "LSLS r9, r5, #3\n\t"
+ "ORR r9, r9, r4, LSR #29\n\t"
+ "ORR r8, r8, r5, LSR #29\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #6\n\t"
+ "LSRS r9, r5, #6\n\t"
+ "ORR r8, r8, r5, LSL #26\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #120]\n\t"
+ "LDRD r8, r9, [sp, #64]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "STRD r4, r5, [sp, #120]\n\t"
+ "LDRD r4, r5, [sp]\n\t"
+ "LSRS r6, r4, #1\n\t"
+ "LSRS r7, r5, #1\n\t"
+ "ORR r7, r7, r4, LSL #31\n\t"
+ "ORR r6, r6, r5, LSL #31\n\t"
+ "LSRS r8, r4, #8\n\t"
+ "LSRS r9, r5, #8\n\t"
+ "ORR r9, r9, r4, LSL #24\n\t"
+ "ORR r8, r8, r5, LSL #24\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LSRS r8, r4, #7\n\t"
+ "LSRS r9, r5, #7\n\t"
+ "ORR r8, r8, r5, LSL #25\n\t"
+ "EOR r7, r7, r9\n\t"
+ "EOR r6, r6, r8\n\t"
+ "LDRD r4, r5, [sp, #120]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [sp, #120]\n\t"
+ "ADD r3, r3, #0x80\n\t"
+ "SUBS r12, r12, #0x1\n\t"
+#ifdef __GNUC__
+ "BNE L_SHA512_transform_len_start\n\t"
+#else
+ "BNE.W L_SHA512_transform_len_start\n\t"
+#endif
+ /* Round 0 */
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [sp]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "STRD r8, r9, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #56]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 1 */
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [sp, #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #8]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "STRD r8, r9, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #48]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 2 */
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [sp, #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #16]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "STRD r8, r9, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #40]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 3 */
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [sp, #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #24]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "STRD r8, r9, [%[sha512]]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #32]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 4 */
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [sp, #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #32]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "STRD r8, r9, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #24]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 5 */
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [sp, #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #40]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "STRD r8, r9, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #16]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 6 */
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [sp, #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #48]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "STRD r8, r9, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #8]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 7 */
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r8, r9, [sp, #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #56]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "STRD r8, r9, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512]]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 8 */
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [sp, #64]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #64]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "STRD r8, r9, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "STRD r4, r5, [%[sha512], #56]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #56]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 9 */
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [sp, #72]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #72]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "STRD r8, r9, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #48]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 10 */
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [sp, #80]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #80]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "STRD r8, r9, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "STRD r4, r5, [%[sha512], #40]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #40]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 11 */
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r8, r9, [sp, #88]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #88]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "STRD r8, r9, [%[sha512]]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #32]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 12 */
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [sp, #96]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #96]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "STRD r8, r9, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "STRD r4, r5, [%[sha512], #24]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #24]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 13 */
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r4, r5, [%[sha512], #56]\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r8, r9, [sp, #104]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #104]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #48]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #24]\n\t"
+ "STRD r8, r9, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #24]\n\t"
+ "LDRD r6, r7, [%[sha512], #32]\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #16]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 14 */
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [sp, #112]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #112]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #40]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "STRD r8, r9, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "STRD r4, r5, [%[sha512], #8]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512], #8]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Round 15 */
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LSRS r6, r4, #14\n\t"
+ "LSRS r7, r5, #14\n\t"
+ "ORR r7, r7, r4, LSL #18\n\t"
+ "ORR r6, r6, r5, LSL #18\n\t"
+ "LSRS r8, r4, #18\n\t"
+ "LSRS r9, r5, #18\n\t"
+ "ORR r9, r9, r4, LSL #14\n\t"
+ "ORR r8, r8, r5, LSL #14\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #23\n\t"
+ "LSLS r9, r5, #23\n\t"
+ "ORR r9, r9, r4, LSR #9\n\t"
+ "ORR r8, r8, r5, LSR #9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r4, r5, [%[sha512], #40]\n\t"
+ "LDRD r6, r7, [%[sha512], #48]\n\t"
+ "LDRD r8, r9, [%[sha512], #56]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "AND r6, r6, r4\n\t"
+ "AND r7, r7, r5\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r8, r9, [sp, #120]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r6, r7, [r3, #120]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "LDRD r8, r9, [%[sha512], #32]\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADC r9, r9, r5\n\t"
+ "LDRD r4, r5, [%[sha512], #8]\n\t"
+ "STRD r8, r9, [%[sha512], #32]\n\t"
+ "LSRS r6, r4, #28\n\t"
+ "LSRS r7, r5, #28\n\t"
+ "ORR r7, r7, r4, LSL #4\n\t"
+ "ORR r6, r6, r5, LSL #4\n\t"
+ "LSLS r8, r4, #30\n\t"
+ "LSLS r9, r5, #30\n\t"
+ "ORR r9, r9, r4, LSR #2\n\t"
+ "ORR r8, r8, r5, LSR #2\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "LSLS r8, r4, #25\n\t"
+ "LSLS r9, r5, #25\n\t"
+ "ORR r9, r9, r4, LSR #7\n\t"
+ "ORR r8, r8, r5, LSR #7\n\t"
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "EOR r6, r6, r8\n\t"
+ "EOR r7, r7, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADC r5, r5, r7\n\t"
+ "LDRD r8, r9, [%[sha512], #8]\n\t"
+ "LDRD r6, r7, [%[sha512], #16]\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "EOR r8, r8, r6\n\t"
+ "EOR r9, r9, r7\n\t"
+ "AND r10, r10, r8\n\t"
+ "AND r11, r11, r9\n\t"
+ "EOR r10, r10, r6\n\t"
+ "EOR r11, r11, r7\n\t"
+ "LDRD r6, r7, [%[sha512]]\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r6, r7, [%[sha512]]\n\t"
+ "MOV r10, r8\n\t"
+ "MOV r11, r9\n\t"
+ /* Add in digest from start */
+ "LDRD r4, r5, [%[sha512]]\n\t"
+ "LDRD r6, r7, [%[sha512], #8]\n\t"
+ "LDRD r8, r9, [sp, #128]\n\t"
+ "LDRD r10, r11, [sp, #136]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r4, r5, [%[sha512]]\n\t"
+ "STRD r6, r7, [%[sha512], #8]\n\t"
+ "STRD r4, r5, [sp, #128]\n\t"
+ "STRD r6, r7, [sp, #136]\n\t"
+ "LDRD r4, r5, [%[sha512], #16]\n\t"
+ "LDRD r6, r7, [%[sha512], #24]\n\t"
+ "LDRD r8, r9, [sp, #144]\n\t"
+ "LDRD r10, r11, [sp, #152]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r4, r5, [%[sha512], #16]\n\t"
+ "STRD r6, r7, [%[sha512], #24]\n\t"
+ "STRD r4, r5, [sp, #144]\n\t"
+ "STRD r6, r7, [sp, #152]\n\t"
+ "LDRD r4, r5, [%[sha512], #32]\n\t"
+ "LDRD r6, r7, [%[sha512], #40]\n\t"
+ "LDRD r8, r9, [sp, #160]\n\t"
+ "LDRD r10, r11, [sp, #168]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r4, r5, [%[sha512], #32]\n\t"
+ "STRD r6, r7, [%[sha512], #40]\n\t"
+ "STRD r4, r5, [sp, #160]\n\t"
+ "STRD r6, r7, [sp, #168]\n\t"
+ "LDRD r4, r5, [%[sha512], #48]\n\t"
+ "LDRD r6, r7, [%[sha512], #56]\n\t"
+ "LDRD r8, r9, [sp, #176]\n\t"
+ "LDRD r10, r11, [sp, #184]\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADC r5, r5, r9\n\t"
+ "ADDS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STRD r4, r5, [%[sha512], #48]\n\t"
+ "STRD r6, r7, [%[sha512], #56]\n\t"
+ "STRD r4, r5, [sp, #176]\n\t"
+ "STRD r6, r7, [sp, #184]\n\t"
+ "SUBS %[len], %[len], #0x80\n\t"
+ "SUB r3, r3, #0x200\n\t"
+ "ADD %[data], %[data], #0x80\n\t"
+#ifdef __GNUC__
+ "BNE L_SHA512_transform_len_begin\n\t"
+#else
+ "BNE.W L_SHA512_transform_len_begin\n\t"
+#endif
+ "EOR r0, r0, r0\n\t"
+ "ADD sp, sp, #0xc0\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len),
+ [L_SHA512_transform_len_k] "+r" (L_SHA512_transform_len_k_c)
+ :
+#else
+ : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
+ : [L_SHA512_transform_len_k] "r" (L_SHA512_transform_len_k)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+}
+
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* WOLFSSL_SHA512 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c
index 56516237..4698d7a5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c
@@ -1840,7 +1840,7 @@ void caamDescInit(DESCSTRUCT* desc, int type, unsigned int args[4],
static int SetupJobRing(struct JobRing* r)
{
- /* get enviornment specific addresses to use for job rings */
+ /* get environment specific addresses to use for job rings */
CAAM_SET_JOBRING_ADDR(&r->BaseAddr, &r->JobIn, &r->VirtualIn);
/* register the in/out and sizes of job ring */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c
index 32d77317..d6e94e8d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c
@@ -27,7 +27,7 @@
* wolfssl/wolfcrypt/- path includes other than
* wolfssl/wolfcrypt/port/caam/caam_* should be avoided!! */
#undef WC_NO_HARDEN
-#define WC_NO_HARDEN /* silence warning, it is irrelavent here */
+#define WC_NO_HARDEN /* silence warning, it is irrelevant here */
#include <wolfssl/wolfcrypt/settings.h>
#if defined(__QNX__) || defined(__QNXNTO__)
@@ -55,7 +55,7 @@ static void* localMemory = NULL;
static unsigned int localPhy = 0;
sem_t localMemSem;
-/* Can be overriden, variable for how large of a local buffer to have.
+/* Can be overridden, variable for how large of a local buffer to have.
* This allows for large performance gains when avoiding mapping new memory
* for each operation. */
#ifndef WOLFSSL_CAAM_QNX_MEMORY
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
index f6bb2705..c84b0807 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
@@ -352,7 +352,7 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
buf[idx].Length = keySz;
}
buf[idx].TheAddress = (CAAM_ADDRESS)pk;
- args[0] = key->blackKey; /* potentail black key, not in sm */
+ args[0] = key->blackKey; /* potential black key, not in sm */
}
idx++;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
index 4a880189..848d6825 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
@@ -838,7 +838,7 @@ int SynchronousSendRequest(int type, unsigned int args[4], CAAM_BUFFER *buf,
buf[1].Length, (byte*)buf[2].TheAddress,
buf[2].Length, (byte*)buf[0].TheAddress,
buf[0].Length, CAAM_ENCAP_BLOB,
- (args[0] = 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
+ (args[0] == 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
!= kStatus_Success) {
ret = WC_HW_E;
}
@@ -849,7 +849,7 @@ int SynchronousSendRequest(int type, unsigned int args[4], CAAM_BUFFER *buf,
(byte*)buf[2].TheAddress, buf[2].Length,
(byte*)buf[0].TheAddress, buf[0].Length,
CAAM_DECAP_BLOB,
- (args[0] = 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
+ (args[0] == 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
!= kStatus_Success) {
ret = WC_HW_E;
}
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c
index 0b66fd89..8326f308 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c
@@ -1228,7 +1228,7 @@ word32 wc_SECO_WrapKey(word32 keyId, byte* in, word32 inSz, byte* iv,
}
-/* trasnlates the HSM error to wolfSSL error and does debug print out */
+/* Translates the HSM error to wolfSSL error and does debug print out */
int wc_TranslateHSMError(int current, hsm_err_t err)
{
int ret = -1;
@@ -1323,7 +1323,7 @@ int wc_TranslateHSMError(int current, hsm_err_t err)
break;
default:
- WOLFSSL_MSG("SECO HSM: unkown error value found");
+ WOLFSSL_MSG("SECO HSM: unknown error value found");
}
if (current != 0) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c
index 7c9e679f..4a68b337 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c
@@ -23,7 +23,7 @@
#include <config.h>
#endif
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifdef HAVE_INTEL_QA_SYNC
@@ -227,7 +227,7 @@ static int IntelQaGetCyInstanceCount(void);
#ifdef QAT_DEBUG
#define QLOG(...) do { printf(__VA_ARGS__); } while (0)
#else
- #define QLOG(...)
+ #define QLOG(...) WC_DO_NOTHING
#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c
index b563c05a..bf87340a 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c
@@ -97,7 +97,7 @@
iov.iov_len = sz;
ret = (int)kcapi_cipher_stream_update(aes->handle, &iov, 1);
if (ret < 0) {
- WOLFSSL_MSG("CbcEncrypt error updateing through KCAPI");
+ WOLFSSL_MSG("CbcEncrypt error updating through KCAPI");
}
}
if (ret >= 0) {
@@ -155,7 +155,7 @@
iov.iov_len = sz;
ret = (int)kcapi_cipher_stream_update(aes->handle, &iov, 1);
if (ret < 0) {
- WOLFSSL_MSG("CbcDecrypt error updateing through KCAPI");
+ WOLFSSL_MSG("CbcDecrypt error updating through KCAPI");
}
}
if (ret >= 0) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c
index 0b1bf4e1..cceaf252 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c
@@ -47,68 +47,6 @@ void KcapiDh_Free(DhKey* key)
static int KcapiDh_SetParams(DhKey* key)
{
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- int ret = 0;
- unsigned char* pkcs3 = NULL;
- word32 len = 0, idx = 0, len2;
-
- len = MAX_SEQ_SZ; /* Sequence */
- len += ASN_TAG_SZ + MAX_LENGTH_SZ; /* Integer */
- len += mp_leading_bit(&key->p) ? 1 : 0;
- len += mp_unsigned_bin_size(&key->p);
- len += ASN_TAG_SZ + MAX_LENGTH_SZ; /* Integer */
- len += mp_leading_bit(&key->g) ? 1 : 0;
- len += mp_unsigned_bin_size(&key->g);
-
- pkcs3 = (unsigned char*)XMALLOC(len, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (pkcs3 == NULL) {
- ret = MEMORY_E;
- }
-
- if (ret == 0) {
- idx = len;
- len2 = mp_unsigned_bin_size(&key->g);
- idx -= len2;
- ret = mp_to_unsigned_bin(&key->g, pkcs3 + idx);
- }
- if (ret >= 0) {
- if (mp_leading_bit(&key->g)) {
- pkcs3[--idx] = 0x00;
- len2++;
- }
- idx -= SetLength(len2, NULL);
- SetLength(len2, pkcs3 + idx);
- pkcs3[--idx] = ASN_INTEGER;
-
- len2 = mp_unsigned_bin_size(&key->p);
- idx -= len2;
- ret = mp_to_unsigned_bin(&key->p, pkcs3 + idx);
- }
- if (ret >= 0) {
- if (mp_leading_bit(&key->p)) {
- pkcs3[--idx] = 0x00;
- len2++;
- }
- idx -= SetLength(len2, NULL);
- SetLength(len2, pkcs3 + idx);
- pkcs3[--idx] = ASN_INTEGER;
-
- len2 = len - idx;
- idx -= SetSequence(len2, NULL);
- SetSequence(len2, pkcs3 + idx);
-
- ret = kcapi_kpp_dh_setparam_pkcs3(key->handle, pkcs3 + idx, len - idx);
- if (ret != 0) {
- WOLFSSL_MSG("KcapiDh_SetParams: Failed to set");
- }
- }
-
- if (pkcs3 != NULL) {
- XFREE(pkcs3, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- return ret;
-#else
int ret;
unsigned char* pkcs3 = NULL;
word32 len;
@@ -136,7 +74,6 @@ static int KcapiDh_SetParams(DhKey* key)
XFREE(pkcs3, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
return ret;
-#endif
}
int KcapiDh_MakeKey(DhKey* key, byte* pub, word32* pubSz)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c
index 72265d7b..f4a3b43c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c
@@ -113,7 +113,7 @@ static int KcapiHashUpdate(wolfssl_KCAPI_Hash* hash, const byte* in, word32 sz)
hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (pt == NULL) {
ret = MEMORY_E;
- }
+ }
else {
hash->msg = pt;
}
@@ -318,36 +318,6 @@ int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst)
static const char WC_NAME_SHA256[] = "sha256";
-/* create KCAPI handle for SHA256 operation */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int InitSha256(wc_Sha256* sha)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashInit(&sha->kcapi, NULL, INVALID_DEVID, WC_NAME_SHA256);
-}
-
-
-int Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashUpdate(&sha->kcapi, in, sz);
-}
-
-
-int Sha256Final(wc_Sha256* sha, byte* hash)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashFinal(&sha->kcapi, hash, WC_SHA256_DIGEST_SIZE,
- WC_NAME_SHA256);
-}
-#else
int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devid)
{
if (sha == NULL) {
@@ -374,8 +344,6 @@ int wc_Sha256Final(wc_Sha256* sha, byte* hash)
return KcapiHashFinal(&sha->kcapi, hash, WC_SHA256_DIGEST_SIZE,
WC_NAME_SHA256);
}
-#endif
-
int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
{
@@ -400,37 +368,6 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
static const char WC_NAME_SHA384[] = "sha384";
-
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* create KCAPI handle for SHA384 operation */
-int InitSha384(wc_Sha384* sha)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashInit(&sha->kcapi, NULL, INVALID_DEVID, WC_NAME_SHA384);
-}
-
-
-int Sha384Update(wc_Sha384* sha, const byte* in, word32 sz)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashUpdate(&sha->kcapi, in, sz);
-}
-
-
-int Sha384Final(wc_Sha384* sha, byte* hash)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashFinal(&sha->kcapi, hash, WC_SHA384_DIGEST_SIZE,
- WC_NAME_SHA384);
-}
-#else
/* create KCAPI handle for SHA384 operation */
int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devid)
{
@@ -458,7 +395,6 @@ int wc_Sha384Final(wc_Sha384* sha, byte* hash)
return KcapiHashFinal(&sha->kcapi, hash, WC_SHA384_DIGEST_SIZE,
WC_NAME_SHA384);
}
-#endif
int wc_Sha384GetHash(wc_Sha384* sha, byte* hash)
{
@@ -483,36 +419,6 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
static const char WC_NAME_SHA512[] = "sha512";
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* create KCAPI handle for SHA512 operation */
-int InitSha512(wc_Sha512* sha)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashInit(&sha->kcapi, NULL, INVALID_DEVID, WC_NAME_SHA512);
-}
-
-
-int Sha512Update(wc_Sha512* sha, const byte* in, word32 sz)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashUpdate(&sha->kcapi, in, sz);
-}
-
-
-int Sha512Final(wc_Sha512* sha, byte* hash)
-{
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return KcapiHashFinal(&sha->kcapi, hash, WC_SHA512_DIGEST_SIZE,
- WC_NAME_SHA512);
-}
-#else
/* create KCAPI handle for SHA512 operation */
int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devid)
{
@@ -540,7 +446,6 @@ int wc_Sha512Final(wc_Sha512* sha, byte* hash)
return KcapiHashFinal(&sha->kcapi, hash, WC_SHA512_DIGEST_SIZE,
WC_NAME_SHA512);
}
-#endif
int wc_Sha512GetHash(wc_Sha512* sha, byte* hash)
{
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c
index a233d999..0a5d4675 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c
@@ -52,12 +52,7 @@ static const char WC_NAME_HMAC_SHA384[] = "hmac(sha384)";
static const char WC_NAME_HMAC_SHA512[] = "hmac(sha512)";
#endif
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacInit(Hmac* hmac, void* heap, int devId)
-#else
int wc_HmacInit(Hmac* hmac, void* heap, int devId)
-#endif
{
int ret = 0;
@@ -76,12 +71,7 @@ int wc_HmacInit(Hmac* hmac, void* heap, int devId)
return ret;
}
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-void HmacFree(Hmac* hmac)
-#else
void wc_HmacFree(Hmac* hmac)
-#endif
{
if (hmac != NULL) {
if (hmac->handle != NULL) {
@@ -91,12 +81,7 @@ void wc_HmacFree(Hmac* hmac)
}
}
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
-#else
int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
-#endif
{
int ret = 0;
const char* ciphername = NULL;
@@ -197,12 +182,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
return ret;
}
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
-#else
int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
-#endif
{
int ret = 0;
@@ -244,12 +224,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
return ret;
}
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacFinal(Hmac* hmac, byte* hash)
-#else
int wc_HmacFinal(Hmac* hmac, byte* hash)
-#endif
{
int ret = 0;
int len = 0;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c
index 602c50b8..cafca14e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c
@@ -45,164 +45,6 @@ void KcapiRsa_Free(RsaKey* key)
}
}
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* Set the DER/BER encoding of the ASN.1 INTEGER header.
- *
- * len Length of data to encode.
- * firstByte First byte of data, most significant byte of integer, to encode.
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
-static int SetASNInt(int len, byte firstByte, byte* output)
-{
- word32 idx = 0;
-
- if (output)
- output[idx] = ASN_INTEGER;
- idx++;
- if (firstByte & 0x80)
- len++;
- idx += SetLength(len, output ? output + idx : NULL);
- if (firstByte & 0x80) {
- if (output)
- output[idx] = 0x00;
- idx++;
- }
-
- return idx;
-}
-
-static int SetASNIntMP(mp_int* n, int maxSz, byte* output)
-{
- int idx = 0;
- int leadingBit;
- int length;
- int err;
-
- leadingBit = mp_leading_bit(n);
- length = mp_unsigned_bin_size(n);
- idx = SetASNInt(length, leadingBit ? 0x80 : 0x00, output);
- if (maxSz >= 0 && (idx + length) > maxSz)
- return BUFFER_E;
-
- if (output) {
- err = mp_to_unsigned_bin(n, output + idx);
- if (err != MP_OKAY)
- return MP_TO_E;
- }
- idx += length;
-
- return idx;
-}
-
-static mp_int* GetRsaInt(RsaKey* key, int idx)
-{
- if (idx == 0)
- return &key->n;
- if (idx == 1)
- return &key->e;
- if (idx == 2)
- return &key->d;
- if (idx == 3)
- return &key->p;
- if (idx == 4)
- return &key->q;
- if (idx == 5)
- return &key->dP;
- if (idx == 6)
- return &key->dQ;
- if (idx == 7)
- return &key->u;
-
- return NULL;
-}
-
-/* Release Tmp RSA resources */
-static WC_INLINE void FreeTmpRsas(byte** tmps, void* heap)
-{
- int i;
-
- (void)heap;
-
- for (i = 0; i < RSA_INTS; i++)
- XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
-}
-
-
-/* Convert RsaKey key to DER format, write to output (inLen), return bytes
- written */
-static int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
-{
- word32 seqSz, verSz, rawLen, intTotalLen = 0;
- word32 sizes[RSA_INTS];
- int i, j, outLen, ret = 0;
-
- byte seq[MAX_SEQ_SZ];
- byte ver[MAX_VERSION_SZ];
- byte* tmps[RSA_INTS];
-
- if (!key || !output)
- return BAD_FUNC_ARG;
-
- if (key->type != RSA_PRIVATE)
- return BAD_FUNC_ARG;
-
- for (i = 0; i < RSA_INTS; i++)
- tmps[i] = NULL;
-
- /* write all big ints from key to DER tmps */
- for (i = 0; i < RSA_INTS; i++) {
- int mpSz;
- mp_int* keyInt = GetRsaInt(key, i);
-
- rawLen = mp_unsigned_bin_size(keyInt) + 1;
- tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
- DYNAMIC_TYPE_RSA);
- if (tmps[i] == NULL) {
- ret = MEMORY_E;
- break;
- }
-
- mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, tmps[i]);
- if (mpSz < 0) {
- ret = mpSz;
- break;
- }
- intTotalLen += (sizes[i] = mpSz);
- }
-
- if (ret != 0) {
- FreeTmpRsas(tmps, key->heap);
- return ret;
- }
-
- /* make headers */
- verSz = SetMyVersion(0, ver, FALSE);
- seqSz = SetSequence(verSz + intTotalLen, seq);
-
- outLen = seqSz + verSz + intTotalLen;
- if (outLen > (int)inLen) {
- FreeTmpRsas(tmps, key->heap);
- return BAD_FUNC_ARG;
- }
-
- /* write to output */
- XMEMCPY(output, seq, seqSz);
- j = seqSz;
- XMEMCPY(output + j, ver, verSz);
- j += verSz;
-
- for (i = 0; i < RSA_INTS; i++) {
- XMEMCPY(output + j, tmps[i], sizes[i]);
- j += sizes[i];
- }
- FreeTmpRsas(tmps, key->heap);
-
- return outLen;
-}
-#endif
-
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
static int KcapiRsa_SetPrivKey(RsaKey* key)
{
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c
index a4736bf0..c0375fc5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c
@@ -23,7 +23,7 @@
#include <config.h>
#endif
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#if defined(WOLFSSL_MAXQ1065) || defined(WOLFSSL_MAXQ108X)
@@ -52,7 +52,7 @@
#ifdef MAXQ_DEBUG
void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen);
#else
-#define dbg_dumphex(identifier, pdata, plen)
+#define dbg_dumphex(identifier, pdata, plen) WC_DO_NOTHING
#endif /* MAXQ_DEBUG */
#if defined(USE_WINDOWS_API)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md
index 054f1ea1..5d5434bf 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md
@@ -163,7 +163,7 @@ To enable SCP03 authentication, wolfSSL was using the following defines:
```
Default ENC, MAC, and DEK keys for SCP03 should be set by defining the
-following values. Thes are the default keys wolfSSL used for the SE50C2
+following values. These are the default keys wolfSSL used for the SE50C2
variant (OEF OID: A201). The variant can be seen by running the
`se05x_GetInfo` sample application.
@@ -382,7 +382,7 @@ set to the number of bytes written into “outâ€.
wolfSSL will not auto-delete generated keys associated with wolfCrypt
structures (ex: `RsaKey`, `ecc_key`, etc) when the respective key free function
is called (ex: `wc_ecc_free()`, `wc_FreeRsaKey()`). This is done by design in
-case the application wants to re-use that key that has been generated and
+case the application wants to reuse that key that has been generated and
stored in the SE050.
Credentials can be deleted from the SE050 storage by calling the wolfSSL helper
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c
index e433ae6f..f78f1d69 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c
@@ -47,9 +47,9 @@
#define dcp_lock() wolfSSL_CryptHwMutexLock()
#define dcp_unlock() wolfSSL_CryptHwMutexUnLock()
#else
-#define dcp_lock_init() do{}while(0)
-#define dcp_lock() do{}while(0)
-#define dcp_unlock() do{}while(0)
+#define dcp_lock_init() WC_DO_NOTHING
+#define dcp_lock() WC_DO_NOTHING
+#define dcp_unlock() WC_DO_NOTHING
#endif
#if DCP_USE_OTP_KEY
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c
index 55f0c680..6a7452cb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c
@@ -58,7 +58,7 @@ static int psa_ecc_get_curve_info_from_curve_id(int ecc_curve,
* psa_ecc_export_to_wc_key() - export psa @key_id into ecc_key @key
* @key: already initialized ecc_key to export the key into [out]
* @key_id: key to export [in]
- * @key_size: size fo the key [in]
+ * @key_size: size of the key [in]
* @curve_id: wc id of the curve [in]
*
* returns 0 on success
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md
index d6d0f782..aa1a97d2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md
@@ -15,11 +15,15 @@ To enable support define the following:
#define WOLFSSL_SILABS_SE_ACCEL
```
+## Simplicity Studio Example
+
+For the Silicon Labs Simplicity Studio example see [/IDE/SimplicityStudio/README.md](/IDE/SimplicityStudio/README.md).
+
## Caveats
:warning: **Be sure to update the SE firmware** Testing and results were done using SE firmware `1.2.6`
-Update was preformed under Simplicity Studio directory:
+Update was performed under Simplicity Studio directory:
`./developer/adapter_packs/commander/commander flash ./offline/efr32/firmware/series2config1/se_firmware_package/s2c1_se_fw_upgrade_app_1v2p6.hex`
* AES GCM tags length >= 16 bytes
@@ -33,8 +37,7 @@ Update was preformed under Simplicity Studio directory:
The SE manager supports multi-threading for FreeRTOS and Micrium
([ref](https://docs.silabs.com/gecko-platform/latest/service/api/group-sl-se-manager#autotoc-md152)).
-If a different OS is used with multi-threading, additional mutex
-protection may be necessary.
+If a different OS is used with multi-threading, additional mutex protection may be necessary.
## Benchmarks
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c
index dcd6b256..6dbb2858 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c
@@ -31,6 +31,12 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
+#include "sl_se_manager_internal_keys.h"
+
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+static sl_se_key_descriptor_t private_device_key =
+ SL_SE_APPLICATION_ATTESTATION_KEY;
+#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
@@ -40,11 +46,17 @@
#define SILABS_UNSUPPORTED_KEY_TYPE 0xFFFFFFFF
-static sl_se_key_type_t silabs_map_key_type (ecc_curve_id curve_id)
+/* For older Gecko SDK's with spelling error */
+#ifndef SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY
+#define SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY \
+ SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY
+#endif
+
+static sl_se_key_type_t silabs_map_key_type(ecc_curve_id curve_id)
{
sl_se_key_type_t res = SILABS_UNSUPPORTED_KEY_TYPE;
- switch(curve_id) {
+ switch (curve_id) {
case ECC_SECP192R1:
res = SL_SE_KEY_TYPE_ECC_P192;
break;
@@ -84,28 +96,41 @@ static sl_se_key_type_t silabs_map_key_type (ecc_curve_id curve_id)
return res;
}
-int silabs_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, ecc_key* key)
+int silabs_ecc_sign_hash(const byte* in, word32 inlen, byte* out,
+ word32 *outlen, ecc_key* key)
{
- sl_status_t sl_stat = sl_se_init_command_context(&(key->cmd_ctx));
+ sl_status_t sl_stat;
+ sl_se_key_descriptor_t* slkey = &key->key;
word32 siglen = *outlen;
- sl_stat = sl_se_validate_key(&(key->key));
-
- if (key->dp->size * 2 <= (int)siglen) {
+ if ((int)siglen >= key->dp->size * 2) {
siglen = key->dp->size * 2;
}
- sl_stat = sl_se_ecc_sign(
- &(key->cmd_ctx),
- &(key->key),
- 0,
- 1,
- in,
- inlen,
- out,
- siglen
- );
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+ /* if signing and not private key provided then use vault key */
+ if (key->type != ECC_PRIVATEKEY ||
+ mp_unsigned_bin_size(wc_ecc_key_get_priv(key)) == 0) {
+ slkey = &private_device_key;
+ }
+#endif
+ sl_stat = sl_se_init_command_context(&key->cmd_ctx);
+ if (sl_stat == SL_STATUS_OK) {
+ sl_stat = sl_se_validate_key(slkey);
+ }
+ if (sl_stat == SL_STATUS_OK) {
+ sl_stat = sl_se_ecc_sign(
+ &key->cmd_ctx,
+ slkey,
+ 0,
+ 1,
+ in,
+ inlen,
+ out,
+ siglen
+ );
+ }
return (sl_stat == SL_STATUS_OK) ? 0 : WC_HW_E;
}
@@ -115,18 +140,18 @@ int silabs_ecc_verify_hash(const byte* sig, word32 siglen,
const byte* hash, word32 hashlen,
int* stat, ecc_key* key)
{
- sl_status_t sl_stat = sl_se_init_command_context(&(key->cmd_ctx));
-
- sl_stat = sl_se_ecc_verify(
- &(key->cmd_ctx),
- &(key->key),
- 0,
- 1,
- hash,
- hashlen,
- sig,
- siglen);
-
+ sl_status_t sl_stat = sl_se_init_command_context(&key->cmd_ctx);
+ if (sl_stat == SL_STATUS_OK) {
+ sl_stat = sl_se_ecc_verify(
+ &key->cmd_ctx,
+ &key->key,
+ 0,
+ 1,
+ hash,
+ hashlen,
+ sig,
+ siglen);
+ }
if (sl_stat == SL_STATUS_OK) {
*stat = 1;
} else if (sl_stat == SL_STATUS_INVALID_SIGNATURE) {
@@ -134,7 +159,6 @@ int silabs_ecc_verify_hash(const byte* sig, word32 siglen,
} else {
return WC_HW_E;
}
-
return 0;
}
#endif
@@ -144,161 +168,86 @@ int silabs_ecc_make_key(ecc_key* key, int keysize)
sl_status_t sl_stat;
key->key.type = silabs_map_key_type(key->dp->id);
- if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
+ if (key->key.type == SILABS_UNSUPPORTED_KEY_TYPE)
return WC_HW_E;
key->key.size = keysize;
key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
- key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY
- | SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY
- | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
-
- sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
- key->key.storage.location.buffer.pointer = key->key_raw;
+ key->key.flags = (SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY |
+ SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY |
+ SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY);
- sl_stat = sl_se_generate_key(&(key->cmd_ctx),
- &(key->key));
-
- key->type = ECC_PRIVATEKEY;
-
- /* copy key to mp components */
- mp_read_unsigned_bin (key->pubkey.x,
- key->key.storage.location.buffer.pointer,
- keysize);
- mp_read_unsigned_bin (key->pubkey.y,
- key->key.storage.location.buffer.pointer + keysize,
- keysize);
- mp_read_unsigned_bin (wc_ecc_key_get_priv(key),
- key->key.storage.location.buffer.pointer + 2 * keysize,
- keysize);
+ sl_stat = sl_se_get_storage_size(&key->key,
+ &key->key.storage.location.buffer.size);
+ if (sl_stat == SL_STATUS_OK) {
+ key->key.storage.location.buffer.pointer = key->key_raw;
+ sl_stat = sl_se_generate_key(&key->cmd_ctx,
+ &key->key);
+ }
+ if (sl_stat == SL_STATUS_OK) {
+ key->type = ECC_PRIVATEKEY;
+
+ /* copy key to mp components */
+ mp_read_unsigned_bin(key->pubkey.x,
+ key->key.storage.location.buffer.pointer, keysize);
+ mp_read_unsigned_bin(key->pubkey.y,
+ key->key.storage.location.buffer.pointer + keysize, keysize);
+ mp_read_unsigned_bin(wc_ecc_key_get_priv(key),
+ key->key.storage.location.buffer.pointer + (2 * keysize), keysize);
+ }
return (sl_stat == SL_STATUS_OK) ? 0 : WC_HW_E;
}
-int silabs_ecc_import(ecc_key* key, word32 keysize)
+int silabs_ecc_import(ecc_key* key, word32 keysize, int pub, int priv)
{
sl_status_t sl_stat;
int err = MP_OKAY;
- word32 used = keysize;
+ word32 used;
key->key.type = silabs_map_key_type(key->dp->id);
- if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
+ if (key->key.type == SILABS_UNSUPPORTED_KEY_TYPE || keysize == 0)
return WC_HW_E;
key->key.size = keysize;
key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
- key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY
- | SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY
- | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
+ key->key.flags = (
+ (pub ? SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY : 0) |
+ (priv ? SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY : 0) |
+ SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY);
- sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
+ sl_stat = sl_se_get_storage_size(&key->key,
+ &key->key.storage.location.buffer.size);
key->key.storage.location.buffer.pointer = key->key_raw;
if (sl_stat != SL_STATUS_OK)
return WC_HW_E;
- key->type = ECC_PRIVATEKEY;
+ if (priv && pub)
+ key->type = ECC_PRIVATEKEY;
+ else if (priv)
+ key->type = ECC_PRIVATEKEY_ONLY;
+ else
+ key->type = ECC_PUBLICKEY;
/* copy key from mp components */
- if (err == MP_OKAY)
- err = wc_export_int(key->pubkey.x, key->key.storage.location.buffer.pointer,
- &used, keysize,
- WC_TYPE_UNSIGNED_BIN);
- if (err == MP_OKAY)
- err = wc_export_int(key->pubkey.y, key->key.storage.location.buffer.pointer + keysize,
- &used, keysize,
- WC_TYPE_UNSIGNED_BIN);
- if (err == MP_OKAY)
- err = wc_export_int(wc_ecc_key_get_priv(key),
- key->key.storage.location.buffer.pointer + 2 * keysize, &used,
- keysize, WC_TYPE_UNSIGNED_BIN);
-
- return err;
-}
-
-int silabs_ecc_import_private(ecc_key* key, word32 keysize)
-{
- sl_status_t sl_stat;
- int ret = 0;
- word32 keySz = keysize;
- key->key.type = silabs_map_key_type(key->dp->id);
- if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
- return WC_HW_E;
-
- key->key.size = key->dp->size;
- key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
- key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY
- | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
-
- sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
- key->key.storage.location.buffer.pointer = key->key_raw;
- if (sl_stat != SL_STATUS_OK)
- return WC_HW_E;
-
- ret = wc_export_int(wc_ecc_key_get_priv(key),
- key->key.storage.location.buffer.pointer, &keySz, keySz,
- WC_TYPE_UNSIGNED_BIN);
-
- if (keySz != keysize)
- ret = WC_HW_E;
-
- return ret;
-}
-
-int silabs_ecc_sig_to_rs(ecc_key* key, word32 keySz)
-{
- sl_status_t sl_stat;
- int err = MP_OKAY;
-
- key->key.type = silabs_map_key_type(key->dp->id);
- if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
- return WC_HW_E;
-
- key->key.size = keySz;
- key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
- key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY
- | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
-
- sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
- key->key.storage.location.buffer.pointer = key->key_raw;
- if (sl_stat != SL_STATUS_OK)
- return WC_HW_E;
-
- if (err == MP_OKAY) {
- keySz = key->dp->size;
+ if (err == MP_OKAY && pub) {
+ used = keysize;
err = wc_export_int(key->pubkey.x,
- key->key.storage.location.buffer.pointer,
- &keySz, keySz, WC_TYPE_UNSIGNED_BIN);
- if (err == MP_OKAY)
- err = wc_export_int(key->pubkey.y,
- key->key.storage.location.buffer.pointer + keySz,
- &keySz, keySz, WC_TYPE_UNSIGNED_BIN);
+ key->key.storage.location.buffer.pointer,
+ &used, keysize, WC_TYPE_UNSIGNED_BIN);
}
-
- return err;
-}
-
-int silabs_ecc_import_private_raw(ecc_key* key, word32 keySz, const char* d, int encType)
-{
- sl_status_t sl_stat;
- int err = MP_OKAY;
- key->type = ECC_PRIVATEKEY;
- key->key.flags |= SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY;
-
- sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
- if (sl_stat != SL_STATUS_OK)
- return WC_HW_E;
-
- if (encType == WC_TYPE_HEX_STR)
- err = mp_read_radix(wc_ecc_key_get_priv(key), d, MP_RADIX_HEX);
- else
- err = mp_read_unsigned_bin(wc_ecc_key_get_priv(key), (const byte*)d,
- key->dp->size);
- if (err == MP_OKAY) {
+ if (err == MP_OKAY && pub) {
+ used = keysize;
+ err = wc_export_int(key->pubkey.y,
+ key->key.storage.location.buffer.pointer + keysize,
+ &used, keysize, WC_TYPE_UNSIGNED_BIN);
+ }
+ if (err == MP_OKAY && priv) {
+ used = keysize;
err = wc_export_int(wc_ecc_key_get_priv(key),
- key->key.storage.location.buffer.pointer + (2 * keySz), &keySz,
- keySz, WC_TYPE_UNSIGNED_BIN);
+ key->key.storage.location.buffer.pointer + (keysize * 2),
+ &used, keysize, WC_TYPE_UNSIGNED_BIN);
}
-
return err;
}
@@ -337,7 +286,7 @@ int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
sl_stat = sl_se_ecdh_compute_shared_secret(
&cmd,
- &(private_key->key),
+ &private_key->key,
&pub_key,
&key_out);
@@ -349,4 +298,68 @@ int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
return (sl_stat == SL_STATUS_OK) ? 0 : WC_HW_E;
}
+int silabs_ecc_export_public(ecc_key* key, sl_se_key_descriptor_t* seKey)
+{
+ int ret;
+ sl_status_t sl_stat;
+ sl_se_command_context_t cmd;
+
+ if (key == NULL || seKey == NULL)
+ return BAD_FUNC_ARG;
+
+ if (seKey->type == SL_SE_KEY_TYPE_ECC_P192)
+ ret = wc_ecc_set_curve(key, 24, ECC_SECP192R1);
+ else if (seKey->type == SL_SE_KEY_TYPE_ECC_P256)
+ ret = wc_ecc_set_curve(key, 32, ECC_SECP256R1);
+#ifdef SL_SE_KEY_TYPE_ECC_P384
+ else if (seKey->type == SL_SE_KEY_TYPE_ECC_P384)
+ ret = wc_ecc_set_curve(key, 48, ECC_SECP384R1);
+#endif
+#ifdef SL_SE_KEY_TYPE_ECC_P521
+ else if (seKey->type == SL_SE_KEY_TYPE_ECC_P521)
+ ret = wc_ecc_set_curve(key, 66, ECC_SECP521R1);
+#endif
+ else
+ ret = ECC_CURVE_OID_E;
+ if (ret != 0)
+ return ret;
+
+ key->type = ECC_PUBLICKEY;
+ key->key.type = seKey->type;
+ key->key.size = key->dp->size;
+ key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
+ key->key.flags = (SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY |
+ SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY);
+
+ sl_stat = sl_se_get_storage_size(&key->key,
+ &key->key.storage.location.buffer.size);
+ key->key.storage.location.buffer.pointer = key->key_raw;
+ if (sl_stat == SL_STATUS_OK) {
+ sl_stat = sl_se_export_public_key(&cmd, seKey, &key->key);
+ }
+ if (sl_stat != SL_STATUS_OK) {
+ ret = WC_HW_E;
+ }
+ if (ret == 0) {
+ /* export public x and y */
+ ret = mp_read_unsigned_bin(key->pubkey.x,
+ key->key.storage.location.buffer.pointer,
+ key->key.size);
+ }
+ if (ret == 0) {
+ ret = mp_read_unsigned_bin(key->pubkey.y,
+ key->key.storage.location.buffer.pointer + key->key.size,
+ key->key.size);
+ }
+
+ return ret;
+}
+
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+int silabs_ecc_load_vault(ecc_key* key)
+{
+ return silabs_ecc_export_public(key, &private_device_key);
+}
+#endif
+
#endif /* WOLFSSL_SILABS_SE_ACCEL */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c
index 5e29f55c..f0bb1110 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c
@@ -1,4 +1,4 @@
-/* silabs_se_hash.c
+/* silabs_hash.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -35,58 +35,52 @@
#include <wolfssl/wolfcrypt/port/silabs/silabs_hash.h>
-int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type)
+static sl_se_hash_type_t wc_silabs_gethashtype(enum wc_HashType type)
{
- int ret = 0;
- sl_status_t rr;
-
- /* set sizes and state */
- XMEMSET(sha, 0, sizeof(wc_silabs_sha_t));
-
- /* set init state */
- switch(type) {
+ /* set init state */
+ switch (type) {
case WC_HASH_TYPE_SHA:
- rr = sl_se_hash_starts(&sha->hash_ctx,
- &sha->cmd_ctx,
- SL_SE_HASH_SHA1,
- &sha->hash_type_ctx);
+ return SL_SE_HASH_SHA1;
break;
case WC_HASH_TYPE_SHA224:
- rr = sl_se_hash_starts(&sha->hash_ctx,
- &sha->cmd_ctx,
- SL_SE_HASH_SHA224,
- &sha->hash_type_ctx);
+ return SL_SE_HASH_SHA224;
break;
case WC_HASH_TYPE_SHA256:
- rr = sl_se_hash_starts(&sha->hash_ctx,
- &sha->cmd_ctx,
- SL_SE_HASH_SHA256,
- &sha->hash_type_ctx);
- break;
-
+ return SL_SE_HASH_SHA256;
#ifdef WOLFSSL_SILABS_SHA384
case WC_HASH_TYPE_SHA384:
- rr = sl_se_hash_starts(&sha->hash_ctx,
- &sha->cmd_ctx,
- SL_SE_HASH_SHA384,
- &sha->hash_type_ctx);
- break;
+ return SL_SE_HASH_SHA384;
#endif
-
#ifdef WOLFSSL_SILABS_SHA512
case WC_HASH_TYPE_SHA512:
- rr = sl_se_hash_starts(&sha->hash_ctx,
- &sha->cmd_ctx,
- SL_SE_HASH_SHA512,
- &sha->hash_type_ctx);
- break;
+ return SL_SE_HASH_SHA512;
#endif
-
default:
- ret = BAD_FUNC_ARG;
break;
}
+ return SL_SE_HASH_NONE;
+}
+
+int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type)
+{
+ int ret = 0;
+ sl_status_t rr;
+ sl_se_hash_type_t ht = wc_silabs_gethashtype(type);
+
+ if (ht == SL_SE_HASH_NONE) {
+ return NOT_COMPILED_IN;
+ }
+
+ /* set sizes and state */
+ XMEMSET(sha, 0, sizeof(wc_silabs_sha_t));
+ /* set init state */
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+ rr = sl_se_hash_starts(&sha->hash_ctx, &sha->cmd_ctx, ht,
+ &sha->hash_type_ctx);
+#else
+ rr = sl_se_hash_multipart_starts(&sha->hash_type_ctx, &sha->cmd_ctx, ht);
+#endif
if (rr != SL_STATUS_OK) {
ret = WC_HW_E;
}
@@ -94,32 +88,43 @@ int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type)
return ret;
}
-int wc_silabs_se_hash_update (wc_silabs_sha_t* sha, const byte* data, word32 len)
+int wc_silabs_se_hash_update(wc_silabs_sha_t* sha, const byte* data,
+ word32 len)
{
int ret = 0;
+ sl_status_t status;
- sl_status_t status = sl_se_hash_update(&sha->hash_ctx, data, len);
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+ status = sl_se_hash_update(&sha->hash_ctx, data, len);
+#else
+ status = sl_se_hash_multipart_update(&sha->hash_type_ctx, &sha->cmd_ctx,
+ data, len);
+#endif
if (status != SL_STATUS_OK) {
- ret = BUFFER_E;
+ ret = WC_HW_E;
}
-
return ret;
}
-int wc_silabs_se_hash_final (wc_silabs_sha_t* sha, byte* hash)
+int wc_silabs_se_hash_final(wc_silabs_sha_t* sha, byte* hash, word32 len)
{
int ret = 0;
+ sl_status_t status;
- sl_status_t status = sl_se_hash_finish(&sha->hash_ctx, hash, sha->hash_ctx.size);
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+ status = sl_se_hash_finish(&sha->hash_ctx, hash, len);
+#else
+ status = sl_se_hash_multipart_finish(&sha->hash_type_ctx, &sha->cmd_ctx,
+ hash, len);
+#endif
if (status != SL_STATUS_OK) {
- ret = BUFFER_E;
+ ret = WC_HW_E;
}
-
return ret;
}
-int wc_HashUpdate_ex (wc_silabs_sha_t* sha, const byte* data, word32 len)
+static int wc_HashUpdate_ex(wc_silabs_sha_t* sha, const byte* data, word32 len)
{
int ret = 0;
@@ -130,13 +135,12 @@ int wc_HashUpdate_ex (wc_silabs_sha_t* sha, const byte* data, word32 len)
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
ret = wc_silabs_se_hash_update(sha, data, len);
-
wolfSSL_CryptHwMutexUnLock();
}
return ret;
}
-int wc_HashFinal_ex(wc_silabs_sha_t* sha, byte* hash)
+static int wc_HashFinal_ex(wc_silabs_sha_t* sha, byte* hash, word32 len)
{
int ret = 0;
@@ -146,7 +150,7 @@ int wc_HashFinal_ex(wc_silabs_sha_t* sha, byte* hash)
ret = wolfSSL_CryptHwMutexLock();
if (ret == 0) {
- ret = wc_silabs_se_hash_final(sha, hash);
+ ret = wc_silabs_se_hash_final(sha, hash, len);
wolfSSL_CryptHwMutexUnLock();
}
@@ -164,17 +168,17 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
(void)devId;
(void)heap;
- return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA);
+ return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA);
}
int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
{
- return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+ return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
}
int wc_ShaFinal(wc_Sha* sha, byte* hash)
{
- int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+ int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA_DIGEST_SIZE);
(void)wc_InitSha(sha); /* reset state */
@@ -193,18 +197,18 @@ int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
(void)devId;
(void)heap;
- return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA256);
+ return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA256);
}
int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len)
{
- return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+ return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
}
int wc_Sha256Final(wc_Sha256* sha, byte* hash)
{
- int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+ int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA256_DIGEST_SIZE);
(void)wc_InitSha256(sha); /* reset state */
@@ -212,7 +216,7 @@ int wc_Sha256Final(wc_Sha256* sha, byte* hash)
}
#endif /* ! NO_SHA256 */
-#ifndef NO_SHA224
+#ifdef WOLFSSL_SHA224
int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
{
if (sha == NULL) {
@@ -222,24 +226,24 @@ int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
(void)devId;
(void)heap;
- return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA224);
+ return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA224);
}
int wc_Sha224Update(wc_Sha224* sha, const byte* data, word32 len)
{
- return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+ return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
}
int wc_Sha224Final(wc_Sha224* sha, byte* hash)
{
- int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+ int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA224_DIGEST_SIZE);
(void)wc_InitSha224(sha); /* reset state */
return ret;
}
-#endif /* ! NO_SHA224 */
+#endif /* WOLFSSL_SHA224 */
#ifdef WOLFSSL_SILABS_SHA384
int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
@@ -251,18 +255,18 @@ int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
(void)devId;
(void)heap;
- return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA384);
+ return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA384);
}
int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len)
{
- return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+ return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
}
int wc_Sha384Final(wc_Sha384* sha, byte* hash)
{
- int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+ int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA384_DIGEST_SIZE);
(void)wc_InitSha384(sha); /* reset state */
@@ -280,18 +284,18 @@ int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId)
(void)devId;
(void)heap;
- return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA512);
+ return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA512);
}
int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len)
{
- return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+ return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
}
int wc_Sha512Final(wc_Sha512* sha, byte* hash)
{
- int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+ int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA512_DIGEST_SIZE);
(void)wc_InitSha512(sha); /* reset state */
@@ -299,4 +303,4 @@ int wc_Sha512Final(wc_Sha512* sha, byte* hash)
}
#endif /* WOLFSSL_SILABS_SHA512 */
-#endif /* defined(WOLFSSL_SILABS_SE_ACCEL) */
+#endif /* WOLFSSL_SILABS_SE_ACCEL */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c
index 34e732ae..04d6c475 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c
@@ -43,11 +43,42 @@
#include <wolfssl/wolfcrypt/aes.h>
#endif
+#ifdef WOLFSSL_STM32_PKA
+#include <stdint.h>
+
+#if defined(WOLFSSL_STM32L5)
+#include <stm32l5xx_hal_conf.h>
+#include <stm32l5xx_hal_pka.h>
+#elif defined(WOLFSSL_STM32U5)
+#include <stm32u5xx_hal_conf.h>
+#include <stm32u5xx_hal_pka.h>
+#elif defined(WOLFSSL_STM32WB)
+#include <stm32wbxx_hal_conf.h>
+#include <stm32wbxx_hal_pka.h>
+#elif defined(WOLFSSL_STM32WL)
+#include <stm32wlxx_hal_conf.h>
+#include <stm32wlxx_hal_pka.h>
+#else
+#error Please add the hal_pk.h include
+#endif
+extern PKA_HandleTypeDef hpka;
+
+#if !defined(WOLFSSL_STM32_PKA_V2) && defined(PKA_ECC_SCALAR_MUL_IN_B_COEFF)
+/* PKA hardware like in U5 added coefB and primeOrder */
+#define WOLFSSL_STM32_PKA_V2
+#endif
+
+#ifdef HAVE_ECC
+#include <wolfssl/wolfcrypt/ecc.h>
+
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
+#endif /* HAVE_ECC */
+#endif /* WOLFSSL_STM32_PKA */
+
#ifdef STM32_HASH
@@ -394,6 +425,10 @@ int wc_Stm32_Aes_Init(Aes* aes, CRYP_HandleTypeDef* hcryp)
{
int ret;
word32 keySize;
+#ifdef STM32_HW_CLOCK_AUTO
+ /* enable the peripheral clock */
+ __HAL_RCC_CRYP_CLK_ENABLE();
+#endif
ret = wc_AesGetKeySize(aes, &keySize);
if (ret != 0)
@@ -428,6 +463,13 @@ int wc_Stm32_Aes_Init(Aes* aes, CRYP_HandleTypeDef* hcryp)
return 0;
}
+void wc_Stm32_Aes_Cleanup(void)
+{
+#ifdef STM32_HW_CLOCK_AUTO
+ /* disable the peripheral clock */
+ __HAL_RCC_CRYP_CLK_DISABLE();
+#endif
+}
#else /* Standard Peripheral Library */
int wc_Stm32_Aes_Init(Aes* aes, CRYP_InitTypeDef* cryptInit,
@@ -486,35 +528,18 @@ int wc_Stm32_Aes_Init(Aes* aes, CRYP_InitTypeDef* cryptInit,
return 0;
}
+
+void wc_Stm32_Aes_Cleanup(void)
+{
+}
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* !NO_AES */
#endif /* STM32_CRYPTO */
#ifdef WOLFSSL_STM32_PKA
-#include <stdint.h>
-
-#if defined(WOLFSSL_STM32L5)
-#include <stm32l5xx_hal_conf.h>
-#include <stm32l5xx_hal_pka.h>
-#elif defined(WOLFSSL_STM32U5)
-#include <stm32u5xx_hal_conf.h>
-#include <stm32u5xx_hal_pka.h>
-#elif defined(WOLFSSL_STM32WB)
-#include <stm32wbxx_hal_conf.h>
-#include <stm32wbxx_hal_pka.h>
-#else
-#error Please add the hal_pk.h include
-#endif
-extern PKA_HandleTypeDef hpka;
-
-#if !defined(WOLFSSL_STM32_PKA_V2) && defined(PKA_ECC_SCALAR_MUL_IN_B_COEFF)
-/* PKA hardware like in U5 added coefB and primeOrder */
-#define WOLFSSL_STM32_PKA_V2
-#endif
/* Reverse array in memory (in place) */
#ifdef HAVE_ECC
-#include <wolfssl/wolfcrypt/ecc.h>
/* convert from mp_int to STM32 PKA HAL integer, as array of bytes of size sz.
* if mp_int has less bytes than sz, add zero bytes at most significant byte
@@ -525,11 +550,9 @@ extern PKA_HandleTypeDef hpka;
*/
static int stm32_get_from_mp_int(uint8_t *dst, const mp_int *a, int sz)
{
- int res;
- int szbin;
- int offset;
+ int res, szbin, offset;
- if (a == NULL || dst == NULL || sz < 0)
+ if (dst == NULL || a == NULL || sz < 0)
return BAD_FUNC_ARG;
/* check how many bytes are in the mp_int */
@@ -553,272 +576,93 @@ static int stm32_get_from_mp_int(uint8_t *dst, const mp_int *a, int sz)
return res;
}
-/* ECC specs in lsbyte at lowest address format for direct use by
- * STM32_PKA PKHA driver functions */
-#if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
-#define ECC192
-#endif
-#if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
-#define ECC224
-#endif
-#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
-#define ECC256
-#endif
-#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
-#define ECC384
-#endif
+static int stm32_getabs_from_mp_int(uint8_t *dst, const mp_int *a, int sz,
+ uint32_t* abs_sign)
+{
+ int res;
+ mp_int x;
-/* STM32 PKA supports up to 640bit numbers */
-#define STM32_MAX_ECC_SIZE (80)
+ if (dst == NULL || a == NULL || sz < 0 || abs_sign == NULL)
+ return BAD_FUNC_ARG;
+ res = mp_init(&x);
+ if (res == MP_OKAY) {
+ /* make abs(x) and capture sign */
+ #if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
+ ((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+ defined(WOLFSSL_SP_INT_NEGATIVE))
+ *abs_sign = x.sign;
+ #else
+ *abs_sign = 1; /* default to negative */
+ #endif
+ res = mp_abs(a, &x);
+ if (res == MP_OKAY)
+ res = stm32_get_from_mp_int(dst, &x, sz);
+ mp_clear(&x);
+ }
+ return res;
+}
-/* P-192 */
-#ifdef ECC192
-#define ECC192_KEYSIZE (24)
-static const uint8_t stm32_ecc192_prime[ECC192_KEYSIZE] = {
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-static const uint32_t stm32_ecc192_coef_sign = 1U;
-static const uint8_t stm32_ecc192_coef[ECC192_KEYSIZE] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc192_coefB[ECC192_KEYSIZE] = {
- 0x64, 0x21, 0x05, 0x19, 0xe5, 0x9c, 0x80, 0xe7,
- 0x0f, 0xa7, 0xe9, 0xab, 0x72, 0x24, 0x30, 0x49,
- 0xfe, 0xb8, 0xde, 0xec, 0xc1, 0x46, 0xb9, 0xb1
-};
-static const uint8_t stm32_ecc192_pointX[ECC192_KEYSIZE] = {
- 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6,
- 0x7C, 0xBF, 0x20, 0xEB, 0x43, 0xA1, 0x88, 0x00,
- 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12
-};
-static const uint8_t stm32_ecc192_pointY[ECC192_KEYSIZE] = {
- 0x07, 0x19, 0x2B, 0x95, 0xFF, 0xC8, 0xDA, 0x78,
- 0x63, 0x10, 0x11, 0xED, 0x6B, 0x24, 0xCD, 0xD5,
- 0x73, 0xF9, 0x77, 0xA1, 0x1E, 0x79, 0x48, 0x11
-};
-static const uint8_t stm32_ecc192_order[ECC192_KEYSIZE] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0x99, 0xDE, 0xF8, 0x36,
- 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31
-};
-#endif /* ECC192 */
-
-/* P-224 */
-#ifdef ECC224
-#define ECC224_KEYSIZE (28)
-static const uint8_t stm32_ecc224_prime[ECC224_KEYSIZE] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x01
-};
-static const uint32_t stm32_ecc224_coef_sign = 1U;
-static const uint8_t stm32_ecc224_coef[ECC224_KEYSIZE] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc224_coefB[ECC224_KEYSIZE] = {
- 0xb4, 0x05, 0x0a, 0x85, 0x0c, 0x04, 0xb3, 0xab,
- 0xf5, 0x41, 0x32, 0x56, 0x50, 0x44, 0xb0, 0xb7,
- 0xd7, 0xbf, 0xd8, 0xba, 0x27, 0x0b, 0x39, 0x43,
- 0x23, 0x55, 0xff, 0xb4
-};
-static const uint8_t stm32_ecc224_pointX[ECC224_KEYSIZE] = {
- 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F,
- 0x32, 0x13, 0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3,
- 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
- 0x11, 0x5C, 0x1D, 0x21
-};
-static const uint8_t stm32_ecc224_pointY[ECC224_KEYSIZE] = {
- 0xBD, 0x37, 0x63, 0x88, 0xB5, 0xF7, 0x23, 0xFB,
- 0x4C, 0x22, 0xDF, 0xE6, 0xCD, 0x43, 0x75, 0xA0,
- 0x5A, 0x07, 0x47, 0x64, 0x44, 0xD5, 0x81, 0x99,
- 0x85, 0x00, 0x7E, 0x34
-};
-static const uint8_t stm32_ecc224_order[ECC224_KEYSIZE] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x16, 0xA2,
- 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
- 0x5C, 0x5C, 0x2A, 0x3D
-};
-#endif /* ECC224 */
-
-/* P-256 */
-#ifdef ECC256
-#define ECC256_KEYSIZE (32)
-static const uint8_t stm32_ecc256_prime[ECC256_KEYSIZE] = {
- 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-static const uint32_t stm32_ecc256_coef_sign = 1U;
-static const uint8_t stm32_ecc256_coef[ECC256_KEYSIZE] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc256_coefB[ECC256_KEYSIZE] = {
- 0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
- 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
- 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
- 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
-};
-static const uint8_t stm32_ecc256_pointX[ECC256_KEYSIZE] = {
- 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
- 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
- 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
- 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96
-};
-static const uint8_t stm32_ecc256_pointY[ECC256_KEYSIZE] = {
- 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
- 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
- 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
- 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
-};
-static const uint8_t stm32_ecc256_order[ECC256_KEYSIZE] = {
- 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84,
- 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
-};
-#endif /* ECC256 */
-
-/* P-384 */
-#ifdef ECC384
-#define ECC384_KEYSIZE (48)
-static const uint8_t stm32_ecc384_prime[ECC384_KEYSIZE] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
- 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const uint32_t stm32_ecc384_coef_sign = 1U;
-static const uint8_t stm32_ecc384_coef[ECC384_KEYSIZE] = {
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc384_coefB[ECC384_KEYSIZE] = {
- 0xb3, 0x31, 0x2f, 0xa7, 0xe2, 0x3e, 0xe7, 0xe4,
- 0x98, 0x8e, 0x05, 0x6b, 0xe3, 0xf8, 0x2d, 0x19,
- 0x18, 0x1d, 0x9c, 0x6e, 0xfe, 0x81, 0x41, 0x12,
- 0x03, 0x14, 0x08, 0x8f, 0x50, 0x13, 0x87, 0x5a,
- 0xc6, 0x56, 0x39, 0x8d, 0x8a, 0x2e, 0xd1, 0x9d,
- 0x2a, 0x85, 0xc8, 0xed, 0xd3, 0xec, 0x2a, 0xef
-};
-static const uint8_t stm32_ecc384_pointX[ECC384_KEYSIZE] = {
- 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37,
- 0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74,
- 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
- 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38,
- 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C,
- 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
-};
-static const uint8_t stm32_ecc384_pointY[ECC384_KEYSIZE] = {
- 0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F,
- 0x5D, 0x9E, 0x98, 0xBF, 0x92, 0x92, 0xDC, 0x29,
- 0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C,
- 0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0,
- 0x0A, 0x60, 0xB1, 0xCE, 0x1D, 0x7E, 0x81, 0x9D,
- 0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F,
-};
-static const uint8_t stm32_ecc384_order[ECC384_KEYSIZE] = {
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
- 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF,
- 0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A,
- 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
-};
-#endif /* ECC384 */
-
-static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
- const uint8_t **coefB, const uint32_t **coef_sign,
- const uint8_t **GenPointX, const uint8_t **GenPointY, const uint8_t **order,
- int size)
+/* convert hex string to unsigned char */
+static int stm32_getabs_from_hexstr(const char* hex, uint8_t* dst, int sz,
+ uint32_t *abs_sign)
{
- switch (size) {
-#ifdef ECC256
- case 32:
- if (prime) *prime = stm32_ecc256_prime;
- if (coef) *coef = stm32_ecc256_coef;
- if (coefB) *coefB = stm32_ecc256_coefB;
- if (GenPointX) *GenPointX = stm32_ecc256_pointX;
- if (GenPointY) *GenPointY = stm32_ecc256_pointY;
- if (coef_sign) *coef_sign = &stm32_ecc256_coef_sign;
- if (order) *order = stm32_ecc256_order;
- break;
-#endif
-#ifdef ECC224
- case 28:
- if (prime) *prime = stm32_ecc224_prime;
- if (coef) *coef = stm32_ecc224_coef;
- if (coefB) *coefB = stm32_ecc224_coefB;
- if (GenPointX) *GenPointX = stm32_ecc224_pointX;
- if (GenPointY) *GenPointY = stm32_ecc224_pointY;
- if (coef_sign) *coef_sign = &stm32_ecc224_coef_sign;
- if (order) *order = stm32_ecc224_order;
- break;
-#endif
-#ifdef ECC192
- case 24:
- if (prime) *prime = stm32_ecc192_prime;
- if (coef) *coef = stm32_ecc192_coef;
- if (coefB) *coefB = stm32_ecc192_coefB;
- if (GenPointX) *GenPointX = stm32_ecc192_pointX;
- if (GenPointY) *GenPointY = stm32_ecc192_pointY;
- if (coef_sign) *coef_sign = &stm32_ecc192_coef_sign;
- if (order) *order = stm32_ecc192_order;
- break;
-#endif
-#ifdef ECC384
- case 48:
- if (prime) *prime = stm32_ecc384_prime;
- if (coef) *coef = stm32_ecc384_coef;
- if (coefB) *coefB = stm32_ecc384_coefB;
- if (GenPointX) *GenPointX = stm32_ecc384_pointX;
- if (GenPointY) *GenPointY = stm32_ecc384_pointY;
- if (coef_sign) *coef_sign = &stm32_ecc384_coef_sign;
- if (order) *order = stm32_ecc384_order;
- break;
-#endif
- default:
- return NOT_COMPILED_IN;
+ int res;
+ mp_int x;
+
+ if (hex == NULL || dst == NULL || sz < 0)
+ return BAD_FUNC_ARG;
+
+ res = mp_init(&x);
+ if (res == MP_OKAY) {
+ res = mp_read_radix(&x, hex, MP_RADIX_HEX);
+ /* optionally make abs(x) and capture sign */
+ if (res == MP_OKAY && abs_sign != NULL) {
+ #if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
+ ((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+ defined(WOLFSSL_SP_INT_NEGATIVE))
+ *abs_sign = x.sign;
+ #else
+ *abs_sign = 1; /* default to negative */
+ #endif
+ res = mp_abs(&x, &x);
+ }
+ if (res == MP_OKAY)
+ res = stm32_get_from_mp_int(dst, &x, sz);
+ mp_clear(&x);
}
- return 0;
+ return res;
+}
+static int stm32_get_from_hexstr(const char* hex, uint8_t* dst, int sz)
+{
+ return stm32_getabs_from_hexstr(hex, dst, sz, NULL);
}
+/* STM32 PKA supports up to 640-bit numbers */
+#define STM32_MAX_ECC_SIZE (80)
+
+
/**
Perform a point multiplication (timing resistant)
k The scalar to multiply by
G The base point
R [out] Destination for kG
+ a ECC curve parameter a
modulus The modulus of the field the ECC curve is in
+ order curve order
+ rng Random Generator struct (not used)
map Boolean whether to map back to affine or not
- (1==map, 0 == leave in projective)
+ (1==map, 0 == leave in projective)
return MP_OKAY on success
*/
-int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
- mp_int *modulus, int map, void* heap)
+
+int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
+ mp_int* modulus, mp_int* o, WC_RNG* rng, int map,
+ void* heap)
{
PKA_ECCMulInTypeDef pka_mul;
PKA_ECCMulOutTypeDef pka_mul_res;
- uint8_t size;
int szModulus;
int szkbin;
int status;
@@ -828,8 +672,15 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
uint8_t kbin[STM32_MAX_ECC_SIZE];
uint8_t PtXbin[STM32_MAX_ECC_SIZE];
uint8_t PtYbin[STM32_MAX_ECC_SIZE];
- const uint8_t *prime, *coef, *coefB, *gen_x, *gen_y, *order;
- const uint32_t *coef_sign;
+ uint8_t prime[STM32_MAX_ECC_SIZE];
+ uint8_t coefA[STM32_MAX_ECC_SIZE];
+#ifdef WOLFSSL_STM32_PKA_V2
+ uint8_t coefB[STM32_MAX_ECC_SIZE];
+ uint8_t order[STM32_MAX_ECC_SIZE];
+#endif
+ uint32_t coefA_sign = 1;
+
+ (void)rng;
XMEMSET(&pka_mul, 0x00, sizeof(PKA_ECCMulInTypeDef));
XMEMSET(&pka_mul_res, 0x00, sizeof(PKA_ECCMulOutTypeDef));
@@ -848,20 +699,22 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
res = stm32_get_from_mp_int(Gxbin, G->x, szModulus);
if (res == MP_OKAY)
res = stm32_get_from_mp_int(Gybin, G->y, szModulus);
-
+ if (res == MP_OKAY)
+ res = stm32_get_from_mp_int(prime, modulus, szModulus);
+ if (res == MP_OKAY)
+ res = stm32_getabs_from_mp_int(coefA, a, szModulus, &coefA_sign);
+#ifdef WOLFSSL_STM32_PKA_V2
+ XMEMSET(order, 0, sizeof(order));
+ XMEMSET(coefB, 0, sizeof(coefB));
+ if (res == MP_OKAY && o != NULL)
+ res = stm32_get_from_mp_int(order, o, szModulus);
+#endif
if (res != MP_OKAY)
return res;
- size = (uint8_t)szModulus;
- /* find STM32_PKA friendly parameters for the selected curve */
- if (0 != stm32_get_ecc_specs(&prime, &coef, &coefB, &coef_sign,
- &gen_x, &gen_y, &order, size)) {
- return ECC_BAD_ARG_E;
- }
-
pka_mul.modulusSize = szModulus;
- pka_mul.coefSign = *coef_sign;
- pka_mul.coefA = coef;
+ pka_mul.coefSign = coefA_sign;
+ pka_mul.coefA = coefA;
pka_mul.modulus = prime;
pka_mul.pointX = Gxbin;
pka_mul.pointY = Gybin;
@@ -870,9 +723,6 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
#ifdef WOLFSSL_STM32_PKA_V2
pka_mul.coefB = coefB;
pka_mul.primeOrder = order;
-#else
- (void)order;
- (void)coefB;
#endif
status = HAL_PKA_ECCMul(&hpka, &pka_mul, HAL_MAX_DELAY);
@@ -883,9 +733,9 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
pka_mul_res.ptX = Gxbin;
pka_mul_res.ptY = Gybin;
HAL_PKA_ECCMul_GetResult(&hpka, &pka_mul_res);
- res = mp_read_unsigned_bin(R->x, Gxbin, size);
+ res = mp_read_unsigned_bin(R->x, Gxbin, szModulus);
if (res == MP_OKAY) {
- res = mp_read_unsigned_bin(R->y, Gybin, size);
+ res = mp_read_unsigned_bin(R->y, Gybin, szModulus);
#if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
@@ -901,18 +751,14 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
HAL_PKA_RAMReset(&hpka);
(void)heap;
- (void)a; /* uses computed (absolute value, |a| < p) */
return res;
}
-int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
- mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
- void* heap)
+int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
+ mp_int *modulus, int map, void* heap)
{
- (void)order;
- (void)rng;
- return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, heap);
+ return wc_ecc_mulmod_ex2(k, G, R, a, modulus, NULL, NULL, map, heap);
}
int ecc_map_ex(ecc_point* P, mp_int* modulus, mp_digit mp, int ct)
@@ -929,8 +775,7 @@ int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* res, ecc_key* key)
{
PKA_ECDSAVerifInTypeDef pka_ecc;
- uint8_t size;
- int szModulus;
+ int size;
int szrbin;
int status;
uint8_t Rbin[STM32_MAX_ECC_SIZE];
@@ -939,47 +784,59 @@ int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
uint8_t Qybin[STM32_MAX_ECC_SIZE];
uint8_t Hashbin[STM32_MAX_ECC_SIZE];
uint8_t privKeybin[STM32_MAX_ECC_SIZE];
- const uint8_t *prime, *coef, *gen_x, *gen_y, *order;
- const uint32_t *coef_sign;
+ uint8_t prime[STM32_MAX_ECC_SIZE];
+ uint8_t coefA[STM32_MAX_ECC_SIZE];
+ uint8_t gen_x[STM32_MAX_ECC_SIZE];
+ uint8_t gen_y[STM32_MAX_ECC_SIZE];
+ uint8_t order[STM32_MAX_ECC_SIZE];
+ uint32_t coefA_sign = 1;
+
XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSAVerifInTypeDef));
- if (r == NULL || s == NULL || hash == NULL || res == NULL || key == NULL) {
+ if (r == NULL || s == NULL || hash == NULL || res == NULL || key == NULL ||
+ key->dp == NULL) {
return ECC_BAD_ARG_E;
}
*res = 0;
- szModulus = mp_unsigned_bin_size(key->pubkey.x);
szrbin = mp_unsigned_bin_size(r);
+ size = wc_ecc_size(key);
status = stm32_get_from_mp_int(Rbin, r, szrbin);
if (status == MP_OKAY)
status = stm32_get_from_mp_int(Sbin, s, szrbin);
if (status == MP_OKAY)
- status = stm32_get_from_mp_int(Qxbin, key->pubkey.x, szModulus);
+ status = stm32_get_from_mp_int(Qxbin, key->pubkey.x, size);
if (status == MP_OKAY)
- status = stm32_get_from_mp_int(Qybin, key->pubkey.y, szModulus);
+ status = stm32_get_from_mp_int(Qybin, key->pubkey.y, size);
if (status == MP_OKAY)
status = stm32_get_from_mp_int(privKeybin, wc_ecc_key_get_priv(key),
- szModulus);
+ size);
if (status != MP_OKAY)
return status;
- size = (uint8_t)szModulus;
+
/* find parameters for the selected curve */
- if (0 != stm32_get_ecc_specs(&prime, &coef, NULL, &coef_sign,
- &gen_x, &gen_y, &order, size)) {
- return ECC_BAD_ARG_E;
- }
+ status = stm32_get_from_hexstr(key->dp->prime, prime, size);
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->order, order, size);
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->Gx, gen_x, size);
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->Gy, gen_y, size);
+ if (status == MP_OKAY)
+ status = stm32_getabs_from_hexstr(key->dp->Af, coefA, size, &coefA_sign);
+ if (status != MP_OKAY)
+ return status;
pka_ecc.primeOrderSize = size;
pka_ecc.modulusSize = size;
- pka_ecc.coefSign = *coef_sign;
- pka_ecc.coef = coef;
+ pka_ecc.coefSign = coefA_sign;
+ pka_ecc.coef = coefA;
pka_ecc.modulus = prime;
pka_ecc.basePointX = gen_x;
pka_ecc.basePointY = gen_y;
pka_ecc.primeOrder = order;
-
pka_ecc.pPubKeyCurvePtX = Qxbin;
pka_ecc.pPubKeyCurvePtY = Qybin;
pka_ecc.RSign = Rbin;
@@ -1025,46 +882,67 @@ int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, WC_RNG* rng,
uint8_t Rbin[STM32_MAX_ECC_SIZE];
uint8_t Sbin[STM32_MAX_ECC_SIZE];
uint8_t Hashbin[STM32_MAX_ECC_SIZE];
- const uint8_t *prime, *coef, *coefB, *gen_x, *gen_y, *order;
- const uint32_t *coef_sign;
+ uint8_t prime[STM32_MAX_ECC_SIZE];
+ uint8_t coefA[STM32_MAX_ECC_SIZE];
+#ifdef WOLFSSL_STM32_PKA_V2
+ uint8_t coefB[STM32_MAX_ECC_SIZE];
+#endif
+ uint8_t gen_x[STM32_MAX_ECC_SIZE];
+ uint8_t gen_y[STM32_MAX_ECC_SIZE];
+ uint8_t order[STM32_MAX_ECC_SIZE];
+ uint32_t coefA_sign = 1;
+
XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSASignInTypeDef));
XMEMSET(&pka_ecc_out, 0x00, sizeof(PKA_ECDSASignOutTypeDef));
- if (r == NULL || s == NULL || hash == NULL || key == NULL) {
+ if (r == NULL || s == NULL || hash == NULL || key == NULL ||
+ key->dp == NULL) {
return ECC_BAD_ARG_E;
}
- mp_init(&gen_k);
- mp_init(&order_mp);
-
size = wc_ecc_size(key);
- status = stm32_get_from_mp_int(Keybin, wc_ecc_key_get_priv(key), size);
+ /* find parameters for the selected curve */
+ status = stm32_get_from_hexstr(key->dp->prime, prime, size);
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->order, order, size);
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->Gx, gen_x, size);
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->Gy, gen_y, size);
+ if (status == MP_OKAY)
+ status = stm32_getabs_from_hexstr(key->dp->Af, coefA, size, &coefA_sign);
+#ifdef WOLFSSL_STM32_PKA_V2
+ if (status == MP_OKAY)
+ status = stm32_get_from_hexstr(key->dp->Bf, coefB, size);
+#endif
if (status != MP_OKAY)
return status;
- /* find parameters for the selected curve */
- if (0 != stm32_get_ecc_specs(&prime, &coef, &coefB, &coef_sign,
- &gen_x, &gen_y, &order, size)) {
- return ECC_BAD_ARG_E;
- }
-
+ /* generate random part of "k" */
+ mp_init(&gen_k);
+ mp_init(&order_mp);
status = mp_read_unsigned_bin(&order_mp, order, size);
if (status == MP_OKAY)
status = wc_ecc_gen_k(rng, size, &gen_k, &order_mp);
if (status == MP_OKAY)
status = stm32_get_from_mp_int(Intbin, &gen_k, size);
+ mp_clear(&gen_k);
+ mp_clear(&order_mp);
+ if (status != MP_OKAY)
+ return status;
+
+ /* get private part of "k" */
+ status = stm32_get_from_mp_int(Keybin, wc_ecc_key_get_priv(key), size);
if (status != MP_OKAY)
return status;
pka_ecc.primeOrderSize = size;
pka_ecc.modulusSize = size;
- pka_ecc.coefSign = *coef_sign;
- pka_ecc.coef = coef;
+ pka_ecc.coefSign = coefA_sign;
+ pka_ecc.coef = coefA;
#ifdef WOLFSSL_STM32_PKA_V2
pka_ecc.coefB = coefB;
-#else
- (void)coefB;
#endif
pka_ecc.modulus = prime;
pka_ecc.basePointX = gen_x;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c
index 4625496d..ebe07273 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c
@@ -19,11 +19,12 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/port/st/stsafe.h>
#include <wolfssl/wolfcrypt/logging.h>
#ifndef STSAFE_INTERFACE_PRINTF
-#define STSAFE_INTERFACE_PRINTF(...)
+#define STSAFE_INTERFACE_PRINTF(...) WC_DO_NOTHING
#endif
#ifdef WOLFSSL_STSAFEA100
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c
index 3367a02f..aabcbd37 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c
@@ -151,7 +151,7 @@ static WC_INLINE int setup(Aes* aes,
byte *aad_buf = NULL;
int err;
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)aes->keyInit,
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)aes->keyInit,
sizeof(aes->keyInit));
if (XSecure_AesWriteKey(&(aes->xSec.cinst), aes->kup, aes->xKeySize,
@@ -164,7 +164,7 @@ static WC_INLINE int setup(Aes* aes,
XMEMCPY(iv_, iv, AEAD_NONCE_SZ);
piv = iv_;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)piv, AEAD_NONCE_SZ);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)piv, AEAD_NONCE_SZ);
if (init(&(aes->xSec.cinst), aes->kup, aes->xKeySize, XIL_CAST_U64(piv))) {
WOLFSSL_XIL_MSG("Failed to init");
@@ -195,7 +195,7 @@ static WC_INLINE int setup(Aes* aes,
XMEMCPY((void* )aad, authIn, authInSz);
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)aad, authInSz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)aad, authInSz);
if (XSecure_AesUpdateAad(&(aes->xSec.cinst), XIL_CAST_U64(authIn),
authInSz)) {
@@ -221,7 +221,7 @@ static WC_INLINE int handle_aad( Aes* aes,
byte initalCounter[AES_BLOCK_SIZE] = { 0 };
XMEMCPY(initalCounter, iv, AEAD_NONCE_SZ);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
- GHASH(aes, authIn, authInSz, data, sz, authTag, AES_GCM_AUTH_SZ);
+ GHASH(&aes->gcm, authIn, authInSz, data, sz, authTag, AES_GCM_AUTH_SZ);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret == 0)
xorbuf(authTag, scratch, AES_GCM_AUTH_SZ);
@@ -277,7 +277,7 @@ int wc_AesGcmEncrypt( Aes* aes, byte* out,
if (NEEDS_ALIGNMENT(out, XIL_AESGCM_ALIGN)) {
if (in != in_aligned) {
- /* In case `in` has been copied already, re-use that buffer
+ /* In case `in` has been copied already, reuse that buffer
* and also write to it instead of allocating another one.
*/
out_aligned = in_aligned;
@@ -296,9 +296,9 @@ int wc_AesGcmEncrypt( Aes* aes, byte* out,
out_aligned = out;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)in_aligned, sz);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)tag, sizeof(tag));
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)in_aligned, sz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)tag, sizeof(tag));
if (XSecure_AesEncryptUpdate(&(aes->xSec.cinst), XIL_CAST_U64(in_aligned),
XIL_CAST_U64(out_aligned), sz, TRUE)) {
@@ -313,8 +313,8 @@ int wc_AesGcmEncrypt( Aes* aes, byte* out,
ret = WC_HW_E;
ForceZero(authTag, authTagSz);
} else {
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)tag, sizeof(tag));
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)tag, sizeof(tag));
if (aes->aadStyle == SW_AAD) {
ret = handle_aad(aes, out_aligned, sz, iv, authTag, authIn,
@@ -392,7 +392,7 @@ int wc_AesGcmDecrypt( Aes* aes, byte* out,
if (NEEDS_ALIGNMENT(out, XIL_AESGCM_ALIGN)) {
if (in != in_aligned) {
- /* In case `in` has been copied already, re-use that buffer
+ /* In case `in` has been copied already, reuse that buffer
* and also write to it instead of allocating another one.
*/
out_aligned = in_aligned;
@@ -411,8 +411,8 @@ int wc_AesGcmDecrypt( Aes* aes, byte* out,
out_aligned = out;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)in_aligned, sz);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)in_aligned, sz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
if (aes->aadStyle == HW_ENGINE_AAD) {
/* Use the originally provided tag */
@@ -441,14 +441,14 @@ int wc_AesGcmDecrypt( Aes* aes, byte* out,
goto error_out;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)tag, AES_GCM_AUTH_SZ);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)tag, AES_GCM_AUTH_SZ);
if (XSecure_AesDecryptFinal(&(aes->xSec.cinst), XIL_CAST_U64(tag))) {
WOLFSSL_XIL_MSG("DecryptFinal failed");
ret = WC_HW_E;
} else {
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)buf, sizeof(buf));
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)buf, sizeof(buf));
if (aes->aadStyle == SW_AAD) {
if (ConstantCompare(authTag, real_tag, authTagSz) != 0) {
@@ -558,7 +558,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out,
XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
XMEMCPY(initalCounter, iv, ivSz);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
- GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+ GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret < 0)
return ret;
@@ -597,7 +597,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
XMEMCPY(initalCounter, iv, ivSz);
initalCounter[AES_BLOCK_SIZE - 1] = 1;
tag = buf;
- GHASH(aes, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
+ GHASH(&aes->gcm, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret < 0)
return ret;
@@ -614,7 +614,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out,
/* account for additional data */
if (authIn != NULL && authInSz > 0) {
- GHASH(aes, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
+ GHASH(&aes->gcm, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
if (ret < 0)
return ret;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c
index 459e8d6d..0d440916 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c
@@ -74,7 +74,7 @@ int wc_Sha3_384_Update(wc_Sha3* sha, const byte* data, word32 len)
if (sha == NULL || (data == NULL && len > 0)) {
return BAD_FUNC_ARG;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)data, len);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)data, len);
XSecure_Sha3Update(&(sha->xSec.cinst), XIL_CAST_U64(data), len);
return 0;
@@ -91,7 +91,7 @@ int wc_Sha3_384_Final(wc_Sha3* sha, byte* out)
if (sha == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out, WC_SHA3_384_DIGEST_SIZE);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, WC_SHA3_384_DIGEST_SIZE);
XSecure_Sha3Finish(&(sha->xSec.cinst), XIL_CAST_U64(out));
return wc_InitSha3_384(sha, NULL, INVALID_DEVID);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c b/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c
index e75f5df3..8be0c64e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c
@@ -559,6 +559,10 @@ int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
#endif /* HAVE_PKCS12 */
#ifdef HAVE_SCRYPT
+#ifdef NO_HMAC
+ #error scrypt requires HMAC
+#endif
+
/* Rotate the 32-bit value a by b bits to the left.
*
* a 32-bit value.
@@ -681,7 +685,7 @@ static void scryptROMix(byte* x, byte* v, byte* y, int r, word32 n)
word32 i;
word32 j;
word32 k;
- word32 bSz = 128 * r;
+ word32 bSz = (word32)(128 * r);
#ifdef WORD64_AVAILABLE
word64* x64 = (word64*)x;
word64* v64 = (word64*)v;
@@ -703,7 +707,7 @@ static void scryptROMix(byte* x, byte* v, byte* y, int r, word32 n)
{
#ifdef LITTLE_ENDIAN_ORDER
#ifdef WORD64_AVAILABLE
- j = *(word64*)(x + (2*r - 1) * 64) & (n-1);
+ j = (word32)(*(word64*)(x + (2*r - 1) * 64) & (n-1));
#else
j = *(word32*)(x + (2*r - 1) * 64) & (n-1);
#endif
@@ -764,43 +768,45 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen,
* the comparison is greater than parallel's type. It wouldn't promote
* both sides to word64. What follows is just arithmetic simplification.
*/
- if ((word32)parallel > (SCRYPT_WORD32_MAX / (4 * blockSize)))
+ if (parallel > (int)((SCRYPT_WORD32_MAX / 4) / (word32)blockSize))
return BAD_FUNC_ARG;
- bSz = 128 * blockSize;
- if ((word32)parallel > (SCRYPT_WORD32_MAX / bSz))
+ bSz = 128 * (word32)blockSize;
+ if (parallel > (int)(SCRYPT_WORD32_MAX / bSz))
return BAD_FUNC_ARG;
- blocksSz = bSz * parallel;
- blocks = (byte*)XMALLOC(blocksSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ blocksSz = bSz * (word32)parallel;
+ blocks = (byte*)XMALLOC((size_t)blocksSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (blocks == NULL) {
ret = MEMORY_E;
goto end;
}
/* Temporary for scryptROMix. */
- v = (byte*)XMALLOC((1 << cost) * bSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ v = (byte*)XMALLOC((size_t)((1 << cost) * bSz), NULL,
+ DYNAMIC_TYPE_TMP_BUFFER);
if (v == NULL) {
ret = MEMORY_E;
goto end;
}
/* Temporary for scryptBlockMix. */
- y = (byte*)XMALLOC(blockSize * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ y = (byte*)XMALLOC((size_t)(blockSize * 128), NULL,
+ DYNAMIC_TYPE_TMP_BUFFER);
if (y == NULL) {
ret = MEMORY_E;
goto end;
}
/* Step 1. */
- ret = wc_PBKDF2(blocks, passwd, passLen, salt, saltLen, 1, blocksSz,
+ ret = wc_PBKDF2(blocks, passwd, passLen, salt, saltLen, 1, (int)blocksSz,
WC_SHA256);
if (ret != 0)
goto end;
/* Step 2. */
for (i = 0; i < parallel; i++)
- scryptROMix(blocks + i * bSz, v, y, blockSize, 1 << cost);
+ scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize, 1 << cost);
/* Step 3. */
- ret = wc_PBKDF2(output, passwd, passLen, blocks, blocksSz, 1, dkLen,
+ ret = wc_PBKDF2(output, passwd, passLen, blocks, (int)blocksSz, 1, dkLen,
WC_SHA256);
end:
if (blocks != NULL)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
index c54e8ce5..cc47fab2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
@@ -63,58 +63,6 @@ This library contains implementation for the random number generator.
#endif
-/* If building for old FIPS. */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
-{
- return GenerateSeed(os, seed, sz);
-}
-
-int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId)
-{
- (void)heap;
- (void)devId;
- return InitRng_fips(rng);
-}
-
-WOLFSSL_ABI
-int wc_InitRng(WC_RNG* rng)
-{
- return InitRng_fips(rng);
-}
-
-
-int wc_RNG_GenerateBlock(WC_RNG* rng, byte* b, word32 sz)
-{
- return RNG_GenerateBlock_fips(rng, b, sz);
-}
-
-
-int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
-{
- return RNG_GenerateByte(rng, b);
-}
-
-#ifdef HAVE_HASHDRBG
-
- int wc_FreeRng(WC_RNG* rng)
- {
- return FreeRng_fips(rng);
- }
-
- int wc_RNG_HealthTest(int reseed, const byte* seedA, word32 seedASz,
- const byte* seedB, word32 seedBSz,
- byte* output, word32 outputSz)
- {
- return RNG_HealthTest_fips(reseed, seedA, seedASz,
- seedB, seedBSz, output, outputSz);
- }
-#endif /* HAVE_HASHDRBG */
-
-#else /* else build without fips, or for new fips */
-
#ifndef WC_NO_RNG /* if not FIPS and RNG is disabled then do not compile */
#include <wolfssl/wolfcrypt/sha256.h>
@@ -874,8 +822,18 @@ static WC_INLINE word64 Entropy_TimeHiRes(void)
return now.tv_nsec;
}
-#elif !defined(SINGLE_THREADED) && defined(_POSIX_THREADS) && \
- !defined(__MINGW32__)
+#elif defined(_WIN32) /* USE_WINDOWS_API */
+/* Get the high resolution time counter.
+ *
+ * @return 64-bit timer
+ */
+static WC_INLINE word64 Entropy_TimeHiRes(void)
+{
+ LARGE_INTEGER count;
+ QueryPerformanceCounter(&count);
+ return (word64)(count.QuadPart);
+}
+#elif defined(WOLFSSL_THREAD_NO_JOIN)
/* Start and stop thread that counts as a proxy for time counter. */
#define ENTROPY_MEMUSE_THREADED
@@ -890,8 +848,6 @@ typedef struct ENTROPY_THREAD_DATA {
/* Track whether entropy thread has been started already. */
static int entropy_thread_started = 0;
-/* Cache thread id for joining on exit. */
-static THREAD_TYPE entropy_thread_id = 0;
/* Data for thread to update/observer. */
static volatile ENTROPY_THREAD_DATA entropy_thread_data = { 0, 0 };
@@ -910,13 +866,10 @@ static WC_INLINE word64 Entropy_TimeHiRes(void)
* @param [in,out] args Entropy data including: counter and stop flag.
* @return NULL always.
*/
-static THREAD_RETURN WOLFSSL_THREAD Entropy_IncCounter(void* args)
+static THREAD_RETURN WOLFSSL_THREAD_NO_JOIN Entropy_IncCounter(void* args)
{
(void)args;
- /* Thread resources to be disposed of. */
- pthread_detach(pthread_self());
-
/* Keep going until caller tells us to stop and exit. */
while (!entropy_thread_data.stop) {
/* Increment counter acting as high resolution timer. */
@@ -927,7 +880,7 @@ static THREAD_RETURN WOLFSSL_THREAD Entropy_IncCounter(void* args)
fprintf(stderr, "EXITING ENTROPY COUNTER THREAD\n");
#endif
/* Exit from thread. */
- pthread_exit(NULL);
+ WOLFSSL_RETURN_FROM_THREAD(0);
}
/* Start a thread that increments counter if not one already.
@@ -954,8 +907,8 @@ static int Entropy_StartThread(void)
fprintf(stderr, "STARTING ENTROPY COUNTER THREAD\n");
#endif
/* Create a thread that increments the counter in the data. */
- ret = pthread_create(&entropy_thread_id, NULL, Entropy_IncCounter,
- NULL);
+ /* Thread resources to be disposed of. */
+ ret = wolfSSL_NewThreadNoJoin(Entropy_IncCounter, NULL);
if (ret == 0) {
/* Wait for the counter to increase indicating thread started. */
while (entropy_thread_data.counter == start_counter) {
@@ -983,6 +936,7 @@ static void Entropy_StopThread(void)
entropy_thread_started = 0;
}
}
+ /* end if defined(HAVE_PTHREAD) */
#else
@@ -1284,7 +1238,7 @@ static int Entropy_HealthTest_Proportion(byte noise)
}
else {
/* Get first value in queue - value to test. */
- byte val = prop_samples[prop_first];
+ byte val = (byte)prop_samples[prop_first];
/* Store new sample in queue. */
prop_samples[prop_last] = noise;
/* Update first index now that we have removed in from the queue. */
@@ -1912,9 +1866,13 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
if (ret == DRBG_SUCCESS)
ret = Hash_DRBG_Generate((DRBG_internal *)rng->drbg, output, sz);
- ForceZero(newSeed, sizeof(newSeed));
#ifdef WOLFSSL_SMALL_STACK
+ if (newSeed != NULL) {
+ ForceZero(newSeed, SEED_SZ + SEED_BLOCK_SZ);
+ }
XFREE(newSeed, rng->heap, DYNAMIC_TYPE_SEED);
+ #else
+ ForceZero(newSeed, sizeof(newSeed));
#endif
}
else {
@@ -2627,6 +2585,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#elif defined(HAVE_RTP_SYS) || defined(EBSNET)
#include "rtprand.h" /* rtp_rand () */
+
+#if (defined(HAVE_RTP_SYS) || (defined(RTPLATFORM) && (RTPLATFORM != 0)))
#include "rtptime.h" /* rtp_get_system_msec() */
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
@@ -2640,6 +2600,19 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
+#else
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+ word32 i;
+ KS_SEED(ks_get_ticks());
+
+ for (i = 0; i < sz; i++ ) {
+ output[i] = KS_RANDOM() % 256;
+ }
+
+ return 0;
+}
+#endif /* defined(HAVE_RTP_SYS) || (defined(RTPLATFORM) && (RTPLATFORM != 0)) */
#elif (defined(WOLFSSL_ATMEL) || defined(WOLFSSL_ATECC_RNG)) && \
!defined(WOLFSSL_PIC32MZ_RNG)
@@ -2935,7 +2908,22 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
- #elif defined(WOLFSSL_STM32F427_RNG) || defined(WOLFSSL_STM32_RNG_NOLIB)
+ #elif defined(WOLFSSL_STM32F427_RNG) || defined(WOLFSSL_STM32_RNG_NOLIB) \
+ || defined(STM32_NUTTX_RNG)
+
+ #ifdef STM32_NUTTX_RNG
+ #include "hardware/stm32_rng.h"
+ /* Set CONFIG_STM32U5_RNG in NuttX to enable the RCC */
+ #define WC_RNG_CR *((volatile uint32_t*)(STM32_RNG_CR))
+ #define WC_RNG_SR *((volatile uint32_t*)(STM32_RNG_SR))
+ #define WC_RNG_DR *((volatile uint32_t*)(STM32_RNG_DR))
+ #else
+ /* Comes from "stm32xxxx_hal.h" */
+ #define WC_RNG_CR RNG->CR
+ #define WC_RNG_SR RNG->SR
+ #define WC_RNG_DR RNG->DR
+ #endif
+
/* Generate a RNG seed using the hardware RNG on the STM32F427
* directly, following steps outlined in STM32F4 Reference
@@ -2951,29 +2939,31 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return ret;
}
+ #ifndef STM32_NUTTX_RNG
/* enable RNG peripheral clock */
RCC->AHB2ENR |= RCC_AHB2ENR_RNGEN;
+ #endif
/* enable RNG interrupt, set IE bit in RNG->CR register */
- RNG->CR |= RNG_CR_IE;
+ WC_RNG_CR |= RNG_CR_IE;
/* enable RNG, set RNGEN bit in RNG->CR. Activates RNG,
* RNG_LFSR, and error detector */
- RNG->CR |= RNG_CR_RNGEN;
+ WC_RNG_CR |= RNG_CR_RNGEN;
/* verify no errors, make sure SEIS and CEIS bits are 0
* in RNG->SR register */
- if (RNG->SR & (RNG_SR_SECS | RNG_SR_CECS)) {
+ if (WC_RNG_SR & (RNG_SR_SECS | RNG_SR_CECS)) {
wolfSSL_CryptHwMutexUnLock();
return RNG_FAILURE_E;
}
for (i = 0; i < sz; i++) {
/* wait until RNG number is ready */
- while ((RNG->SR & RNG_SR_DRDY) == 0) { }
+ while ((WC_RNG_SR & RNG_SR_DRDY) == 0) { }
/* get value */
- output[i] = RNG->DR;
+ output[i] = WC_RNG_DR;
}
wolfSSL_CryptHwMutexUnLock();
@@ -3400,11 +3390,12 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#elif defined(WOLFSSL_ESPIDF)
/* Espressif */
- #if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+ #if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
/* Espressif ESP32 */
#include <esp_system.h>
- #if defined(CONFIG_IDF_TARGET_ESP32S3)
+ #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
#include <esp_random.h>
#endif
@@ -3446,7 +3437,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
- #endif /* end WOLFSSL_ESPWROOM32 */
+ #endif /* end WOLFSSL_ESP32 */
#elif defined(WOLFSSL_LINUXKM)
#include <linux/random.h>
@@ -3459,61 +3450,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
-#elif defined(WOLFSSL_RENESAS_TSIP)
-#if defined(WOLFSSL_RENESA_TSIP_IAREWRX)
- #include "r_bsp/mcu/all/r_rx_compiler.h"
-#endif
- #include "r_bsp/platform.h"
- #include "r_tsip_rx_if.h"
-
- int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
- {
- int ret = 0;
- word32 buffer[4];
-
- while (sz > 0) {
- word32 len = sizeof(buffer);
-
- if (sz < len) {
- len = sz;
- }
- /* return 4 words random number*/
- ret = R_TSIP_GenerateRandomNumber((uint32_t*)buffer);
- if(ret == TSIP_SUCCESS) {
- XMEMCPY(output, &buffer, len);
- output += len;
- sz -= len;
- } else
- return ret;
- }
- return ret;
- }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- #include "r_sce.h"
-
- int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
- {
- int ret = 0;
- word32 buffer[4];
-
- while (sz > 0) {
- word32 len = sizeof(buffer);
-
- if (sz < len) {
- len = sz;
- }
- /* return 4 words random number*/
- ret = R_SCE_RandomNumberGenerate(buffer);
- if(ret == FSP_SUCCESS) {
- XMEMCPY(output, &buffer, len);
- output += len;
- sz -= len;
- } else
- return ret;
- }
- return ret;
- }
#elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_TRNG)
#include "hal_data.h"
@@ -3571,23 +3507,16 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
* extern int myRngFunc(byte* output, word32 sz);
*/
-#elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) || \
- defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_MDK_ARM) || \
- defined(WOLFSSL_uITRON4) || defined(WOLFSSL_uTKERNEL2) || \
- defined(WOLFSSL_LPC43xx) || defined(NO_STM32_RNG) || \
- defined(MBED) || defined(WOLFSSL_EMBOS) || \
- defined(WOLFSSL_GENSEED_FORTEST) || defined(WOLFSSL_CHIBIOS) || \
- defined(WOLFSSL_CONTIKI) || defined(WOLFSSL_AZSPHERE)
-
- /* these platforms do not have a default random seed and
- you'll need to implement your own wc_GenerateSeed or define via
- CUSTOM_RAND_GENERATE_BLOCK */
-
- #define USE_TEST_GENSEED
-
#elif defined(WOLFSSL_ZEPHYR)
+ #include <version.h>
+
+ #if KERNEL_VERSION_NUMBER >= 0x30500
+ #include <zephyr/random/random.h>
+ #else
#include <zephyr/random/rand32.h>
+ #endif
+
#ifndef _POSIX_C_SOURCE
#include <zephyr/posix/time.h>
#else
@@ -3688,6 +3617,20 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return ret;
}
+#elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) || \
+ defined(WOLFSSL_IAR_ARM) || defined(WOLFSSL_MDK_ARM) || \
+ defined(WOLFSSL_uITRON4) || defined(WOLFSSL_uTKERNEL2) || \
+ defined(WOLFSSL_LPC43xx) || defined(NO_STM32_RNG) || \
+ defined(MBED) || defined(WOLFSSL_EMBOS) || \
+ defined(WOLFSSL_GENSEED_FORTEST) || defined(WOLFSSL_CHIBIOS) || \
+ defined(WOLFSSL_CONTIKI) || defined(WOLFSSL_AZSPHERE)
+
+ /* these platforms do not have a default random seed and
+ you'll need to implement your own wc_GenerateSeed or define via
+ CUSTOM_RAND_GENERATE_BLOCK */
+
+ #define USE_TEST_GENSEED
+
#elif defined(NO_DEV_RANDOM)
#error "you need to write an os specific wc_GenerateSeed() here"
@@ -3833,4 +3776,3 @@ int wc_hwrng_generate_block(byte *output, word32 sz)
#endif
#endif /* WC_NO_RNG */
-#endif /* HAVE_FIPS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c
index 03c624fc..514ffb23 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c
@@ -88,134 +88,6 @@ RSA Key Size Configuration:
*/
-/* If building for old FIPS. */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-int wc_InitRsaKey(RsaKey* key, void* ptr)
-{
- if (key == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return InitRsaKey_fips(key, ptr);
-}
-
-
-int wc_InitRsaKey_ex(RsaKey* key, void* ptr, int devId)
-{
- (void)devId;
- if (key == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitRsaKey_fips(key, ptr);
-}
-
-
-int wc_FreeRsaKey(RsaKey* key)
-{
- return FreeRsaKey_fips(key);
-}
-
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key, WC_RNG* rng)
-{
- if (in == NULL || out == NULL || key == NULL || rng == NULL) {
- return BAD_FUNC_ARG;
- }
- return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
-}
-#endif
-
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
- RsaKey* key)
-{
- if (in == NULL || out == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- return RsaPrivateDecryptInline_fips(in, inLen, out, key);
-}
-
-
-int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key)
-{
- if (in == NULL || out == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
-}
-
-
-int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key, WC_RNG* rng)
-{
- if (in == NULL || out == NULL || key == NULL || inLen == 0) {
- return BAD_FUNC_ARG;
- }
- return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
-}
-#endif
-
-
-int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
-{
- if (in == NULL || out == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- return RsaSSL_VerifyInline_fips(in, inLen, out, key);
-}
-
-
-int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
- word32 outLen, RsaKey* key)
-{
- if (in == NULL || out == NULL || key == NULL || inLen == 0) {
- return BAD_FUNC_ARG;
- }
- return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
-}
-
-
-int wc_RsaEncryptSize(const RsaKey* key)
-{
- if (key == NULL) {
- return BAD_FUNC_ARG;
- }
- return RsaEncryptSize_fips((RsaKey*)key);
-}
-
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
- word32* bSz)
-{
-
- /* not specified as fips so not needing _fips */
- return RsaFlattenPublicKey(key, a, aSz, b, bSz);
-}
-#endif
-
-
-#ifdef WOLFSSL_KEY_GEN
- int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
- {
- return MakeRsaKey(key, size, e, rng);
- }
-#endif
-
-
-/* these are functions in asn and are routed to wolfssl/wolfcrypt/asn.c
-* wc_RsaPrivateKeyDecode
-* wc_RsaPublicKeyDecode
-*/
-
-#else /* else build without fips, or for new fips */
-
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/logging.h>
#ifdef WOLF_CRYPTO_CB
@@ -363,6 +235,14 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
key->handle = NULL;
#endif
+
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ key->ctx.wrapped_pri1024_key = NULL;
+ key->ctx.wrapped_pub1024_key = NULL;
+ key->ctx.wrapped_pri2048_key = NULL;
+ key->ctx.wrapped_pub2048_key = NULL;
+ key->ctx.keySz = 0;
+#endif
return ret;
}
@@ -717,6 +597,10 @@ int wc_FreeRsaKey(RsaKey* key)
wc_MemZero_Check(key, sizeof(RsaKey));
#endif
+#if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ wc_fspsm_RsaKeyFree(key);
+#endif
+
return ret;
}
@@ -1850,7 +1734,9 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
if ((ret = RsaMGF(mgf, pkcsBlock + maskLen, (word32)hLen, tmp, (word32)maskLen,
heap)) != 0) {
+ #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+ #endif
return ret;
}
@@ -1864,7 +1750,9 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
}
}
if (tmp[i] != (pkcsBlock[i] ^ 0x01)) {
+ #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+ #endif
WOLFSSL_MSG("RsaUnPad_PSS: Padding Error Match");
return PSS_SALTLEN_RECOVER_E;
}
@@ -1875,13 +1763,17 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
{
for (i = 0; i < maskLen - 1 - saltLen; i++) {
if (tmp[i] != pkcsBlock[i]) {
+ #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+ #endif
WOLFSSL_MSG("RsaUnPad_PSS: Padding Error Match");
return PSS_SALTLEN_E;
}
}
if (tmp[i] != (pkcsBlock[i] ^ 0x01)) {
+ #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+ #endif
WOLFSSL_MSG("RsaUnPad_PSS: Padding Error End");
return PSS_SALTLEN_E;
}
@@ -2085,6 +1977,9 @@ int wc_hash2mgf(enum wc_HashType hType)
case WC_HASH_TYPE_SHA3_512:
case WC_HASH_TYPE_BLAKE2B:
case WC_HASH_TYPE_BLAKE2S:
+#ifdef WOLFSSL_SM3
+ case WC_HASH_TYPE_SM3:
+#endif
#ifdef WOLFSSL_SHAKE128
case WC_HASH_TYPE_SHAKE128:
#endif
@@ -2123,6 +2018,7 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
if (ret == 0) {
switch(type) {
+#if !defined(WOLFSSL_RSA_PUBLIC_ONLY)
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
ret = fp_exptmod_nb(&key->nb->exptmod, &key->nb->tmp, &key->d,
@@ -2132,7 +2028,7 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
if (ret != MP_OKAY)
ret = MP_EXPTMOD_E;
break;
-
+#endif
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
ret = fp_exptmod_nb(&key->nb->exptmod, &key->nb->tmp, &key->e,
@@ -2245,7 +2141,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
XIL_CAST_U64(out)) != XST_SUCCESS) {
ret = BAD_STATE_E;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out, inLen);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, inLen);
#else
if (XSecure_RsaPrivateDecrypt(&rsa, (u8*)in, inLen, out) !=
XST_SUCCESS) {
@@ -2273,7 +2169,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
WOLFSSL_MSG("RSA public operation failed");
ret = BAD_STATE_E;
}
- WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out, inLen);
+ WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, inLen);
#elif defined(WOLFSSL_XILINX_CRYPTO_OLD)
if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) {
ret = BAD_STATE_E;
@@ -2599,6 +2495,7 @@ static int RsaFunctionPrivate(mp_int* tmp, RsaKey* key, WC_RNG* rng)
{
int ret = 0;
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
+ mp_digit mp = 0;
DECL_MP_INT_SIZE_DYN(rnd, mp_bitsused(&key->n), RSA_MAX_SIZE);
DECL_MP_INT_SIZE_DYN(rndi, mp_bitsused(&key->n), RSA_MAX_SIZE);
#endif /* WC_RSA_BLINDING && !WC_NO_RNG */
@@ -2731,9 +2628,31 @@ static int RsaFunctionPrivate(mp_int* tmp, RsaKey* key, WC_RNG* rng)
#endif /* RSA_LOW_MEM */
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
- /* unblind */
- if (ret == 0 && mp_mulmod(tmp, rndi, &key->n, tmp) != MP_OKAY)
+ /* Multiply result (tmp) by blinding invertor (rndi).
+ * Use Montgomery form to make operation more constant time.
+ */
+ if ((ret == 0) && (mp_montgomery_setup(&key->n, &mp) != MP_OKAY)) {
+ ret = MP_MULMOD_E;
+ }
+ if ((ret == 0) && (mp_montgomery_calc_normalization(rnd, &key->n) !=
+ MP_OKAY)) {
+ ret = MP_MULMOD_E;
+ }
+ /* Convert blinding invert to Montgomery form. */
+ if ((ret == 0) && (mp_mul(rndi, rnd, rndi) != MP_OKAY)) {
+ ret = MP_MULMOD_E;
+ }
+ if ((ret == 0) && (mp_mod(rndi, &key->n, rndi) != MP_OKAY)) {
+ ret = MP_MULMOD_E;
+ }
+ /* Multiply result by blinding invert. */
+ if ((ret == 0) && (mp_mul(tmp, rndi, tmp) != MP_OKAY)) {
ret = MP_MULMOD_E;
+ }
+ /* Reduce result. */
+ if ((ret == 0) && (mp_montgomery_reduce_ct(tmp, &key->n, mp) != MP_OKAY)) {
+ ret = MP_MULMOD_E;
+ }
mp_forcezero(rndi);
mp_forcezero(rnd);
@@ -2797,7 +2716,7 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
}
if (ret == 0) {
- if (mp_to_unsigned_bin_len(tmp, out, (int)*outLen) != MP_OKAY)
+ if (mp_to_unsigned_bin_len_ct(tmp, out, (int)*outLen) != MP_OKAY)
ret = MP_TO_E;
}
#else
@@ -2891,7 +2810,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
}
#endif /* WOLFSSL_ASYNC_CRYPT_SW */
- switch(type) {
+ switch (type) {
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
@@ -2913,7 +2832,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
&key->u.raw,
out, outLen);
#endif
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #else
ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
#endif
break;
@@ -2931,7 +2850,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
ret = IntelQaRsaPublic(&key->asyncDev, in, inLen,
&key->e.raw, &key->n.raw,
out, outLen);
- #else /* WOLFSSL_ASYNC_CRYPT_SW */
+ #else
ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
#endif
break;
@@ -3276,7 +3195,7 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
- /* Always check for ciphertext of 0 or 1. (Should't for OAEP decrypt.) */
+ /* Always check for ciphertext of 0 or 1. (Shouldn't for OAEP decrypt.) */
return wc_RsaFunction_ex(in, inLen, out, outLen, type, key, rng, 1);
}
@@ -3387,8 +3306,10 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
pad_value, pad_type, hash, mgf, label,
labelSz, sz);
}
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- /* SCE needs warpped key which is passed via
+ #elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
+ (!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
+ /* SCE needs wrapped key which is passed via
* user ctx object of crypt-call back.
*/
#ifdef WOLF_CRYPTO_CB
@@ -3546,7 +3467,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
}
return ret;
}
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+ #elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
+ (!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
#ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Rsa(in, inLen, out,
@@ -3620,8 +3543,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
mgf, label, labelSz, saltLen,
mp_count_bits(&key->n), key->heap);
#endif
- if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen)
+ if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen) {
ret = RSA_BUFFER_E;
+ }
else if (ret >= 0 && pad != NULL) {
/* only copy output if not inline */
if (outPtr == NULL) {
@@ -3647,8 +3571,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
XMEMCPY(out, pad, (size_t)ret);
}
}
- else
+ else {
*outPtr = pad;
+ }
#if !defined(WOLFSSL_RSA_VERIFY_ONLY)
ret = ctMaskSelInt(ctMaskLTE(ret, (int)outLen), ret, RSA_BUFFER_E);
@@ -4351,9 +4276,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
}
#endif
-#endif /* HAVE_FIPS */
-
-
#ifndef WOLFSSL_RSA_VERIFY_ONLY
static int RsaGetValue(mp_int* in, byte* out, word32* outSz)
{
@@ -4451,7 +4373,7 @@ static int wc_CompareDiffPQ(mp_int* p, mp_int* q, int size, int* valid)
#ifdef WOLFSSL_CHECK_MEM_ZERO
if (ret == 0)
- mp_memzero_add("Comare PQ d", d);
+ mp_memzero_add("Compare PQ d", d);
#endif
#if !defined(WOLFSSL_SP_MATH) && (!defined(WOLFSSL_SP_MATH_ALL) || \
@@ -4857,7 +4779,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
#elif defined(HAVE_INTEL_QA)
err = IntelQaRsaKeyGen(&key->asyncDev, key, size, e, rng);
goto out;
- #else
+ #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_RSA_MAKE)) {
WC_ASYNC_SW* sw = &key->asyncDev.sw;
sw->rsaMake.rng = rng;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c
index ea625d84..2629365f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c
@@ -293,7 +293,7 @@ static int sakke_load_base_point(SakkeKey* key)
err = mp_read_radix(params->base->y, key->ecc.dp->Gy, MP_RADIX_HEX);
}
if (err == 0) {
- /* Affine co-ordinates have a Z of 1 in Jacobian. */
+ /* Affine coordinates have a Z of 1 in Jacobian. */
err = mp_set(params->base->z, 1);
}
if (err == 0) {
@@ -312,7 +312,7 @@ static int sakke_load_base_point(SakkeKey* key)
* @param [in] key SAKKE key.
* @param [in] n MP integer that is the scalar.
* @param [out] res ECC point to hold the result.
- * @param [in] map Map the result to affine co-ordinates.
+ * @param [in] map Map the result to affine coordinates.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
@@ -338,7 +338,7 @@ static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
* @param [in] n MP integer that is the scalar.
* @param [in] a ECC point to add.
* @param [out] res ECC point to hold the result.
- * @param [in] map Map the result to affine co-ordinates.
+ * @param [in] map Map the result to affine coordinates.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
@@ -363,7 +363,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n,
* @param [in] key SAKKE key.
* @param [in] n MP integer that is the scalar.
* @param [out] res ECC point to hold the result.
- * @param [in] map Map the result to affine co-ordinates.
+ * @param [in] map Map the result to affine coordinates.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
@@ -386,7 +386,7 @@ static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
* @param [in] a ECC point to add. Point ordinates must be in Montgomery
* form.
* @param [out] res ECC point to hold the result.
- * @param [in] map Map the result to affine co-ordinates.
+ * @param [in] map Map the result to affine coordinates.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
@@ -408,7 +408,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n, ecc_point* a,
&params->prime, mp);
}
if ((err == 0) && map) {
- /* Map result back to affine co-ordinates. */
+ /* Map result back to affine coordinates. */
err = ecc_map(res, &params->prime, mp);
}
@@ -425,7 +425,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n, ecc_point* a,
* @param [in] p ECC point to multiply.
* @param [in] table Precomputation table for p. May be NULL.
* @param [out] res ECC point to hold the result.
- * @param [in] map Map the result to affine co-ordinates.
+ * @param [in] map Map the result to affine coordinates.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
@@ -457,7 +457,7 @@ static int sakke_mulmod_point(SakkeKey* key, const mp_int* n,
* @param [in] p ECC point to multiply.
* @param [in] table Precomputation table for p. May be NULL.
* @param [out] res ECC point to hold the result.
- * @param [in] map Map the result to affine co-ordinates.
+ * @param [in] map Map the result to affine coordinates.
* @return 0 on success.
* @return MEMORY_E when dynamic memory allocation fails.
*/
@@ -1004,7 +1004,7 @@ int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz, ecc_point* rsk)
/**
* Encode the SAKKE Receiver Secret Key (RSK) as DER encoded public ECC key.
*
- * Encode the RSK to send to ther receiving client.
+ * Encode the RSK to send to the receiving client.
*
* X and y ordinate of RSK point concatenated. Each number is zero padded to
* key size.
@@ -6794,7 +6794,7 @@ int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv, word16* ssvSz)
}
}
if (err == 0) {
- /* Return length only if an ouput buffer is NULL. */
+ /* Return length only if an output buffer is NULL. */
if (ssv == NULL) {
*ssvSz = (word16) (n / 8);
err = LENGTH_ONLY_E;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c
index 4c560cc4..4a5f3e18 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c
@@ -58,73 +58,52 @@
#include <wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h>
#endif
-#undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+/* Assume no hash HW available until supporting HW found. */
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
/* define a single keyword for simplicity & readability
*
* by default the HW acceleration is on for ESP32-WROOM32
* but individual components can be turned off.
*/
- #define WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
/* Although we have hardware acceleration,
** we may need to fall back to software */
#define USE_SHA_SOFTWARE_IMPL
- static const char* TAG = "wc_sha";
+
#elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
/* The ESP32C3 is different; HW crypto here. Not yet implemented.
** We'll be using software for RISC-V at this time */
- static const char* TAG = "wc_sha-c3";
#else
- #undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#endif
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
- int wc_InitSha(wc_Sha* sha)
- {
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha_fips(sha);
- }
- int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
- {
- (void)heap;
- (void)devId;
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha_fips(sha);
- }
-
- int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
- {
- if (sha == NULL || (data == NULL && len > 0)) {
- return BAD_FUNC_ARG;
- }
- return ShaUpdate_fips(sha, data, len);
- }
-
- int wc_ShaFinal(wc_Sha* sha, byte* out)
- {
- if (sha == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
- return ShaFinal_fips(sha,out);
- }
- void wc_ShaFree(wc_Sha* sha)
- {
- (void)sha;
- /* Not supported in FIPS */
- }
-
-#else /* else build without fips, or for FIPS v2 */
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ /* define a single keyword for simplicity & readability
+ *
+ * by default the HW acceleration is on for ESP32-WROOM32
+ * but individual components can be turned off.
+ */
+ #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+ #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
+ /* Although we have hardware acceleration,
+ ** we may need to fall back to software */
+ #define USE_SHA_SOFTWARE_IMPL
+ static const char* TAG = "wc_sha";
+#elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
+ /* The ESP32C3 is different; HW crypto here. Not yet implemented.
+ ** We'll be using software for RISC-V at this time */
+ static const char* TAG = "wc_sha-c3";
+#else
+ #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#endif
#if defined(WOLFSSL_TI_HASH)
/* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
@@ -321,7 +300,7 @@
!defined(WOLFSSL_QNX_CAAM)
/* wolfcrypt/src/port/caam/caam_sha.c */
-#elif defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW) || \
+#elif defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) || \
defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
/* This function initializes SHA.
@@ -347,11 +326,17 @@
return ret;
}
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
/* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+
+ /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#elif defined(WOLFSSL_IMXRT_DCP)
#include <wolfssl/wolfcrypt/port/nxp/dcp_port.h>
/* implemented in wolfcrypt/src/port/nxp/dcp_port.c */
@@ -550,9 +535,9 @@ static WC_INLINE void AddLength(wc_Sha* sha, word32 len)
/*
-** wolfCrypt InitSha256 external wrapper.
+** wolfCrypt InitSha external wrapper.
**
-** we'll assume this is ALWAYS for a new, uninitialized sha256
+** we'll assume this is ALWAYS for a new, uninitialized sha
*/
int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
{
@@ -567,7 +552,7 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
sha->devCtx = NULL;
#endif
-#ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
if (sha->ctx.mode != ESP32_SHA_INIT) {
/* it may be interesting to see old values during debugging */
ESP_LOGV(TAG, "Set ctx mode from prior value: %d", sha->ctx.mode);
@@ -586,7 +571,7 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
sha->heap, devId);
#else
(void)devId;
-# endif /* WOLFSSL_ASYNC_CRYPT */
+#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_IMXRT1170_CAAM
ret = wc_CAAM_HashInit(&sha->hndl, &sha->ctx, WC_HASH_TYPE_SHA);
#endif
@@ -647,21 +632,43 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
len -= blocksLen;
if (sha->buffLen == WC_SHA_BLOCK_SIZE) {
- #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
- ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
- #endif
-
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT) {
- ESP_LOGV(TAG, "wc_ShaUpdate try hardware");
+ #if defined(WOLFSSL_DEBUG_MUTEX)
+ {
+ ESP_LOGI(TAG, "wc_ShaUpdate try hardware");
+ }
+ #endif
esp_sha_try_hw_lock(&sha->ctx);
}
+ #endif
+
+ #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) \
+ && defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ if (esp_sha_need_byte_reversal(&sha->ctx))
+ #endif
+ {
+ ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+ }
+ #endif
+
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_SW) {
- ESP_LOGI(TAG, "wc_ShaUpdate process software");
+ #if defined(WOLFSSL_DEBUG_MUTEX)
+ {
+ ESP_LOGI(TAG, "wc_ShaUpdate process software");
+ }
+ #endif
ret = XTRANSFORM(sha, (const byte*)local);
}
else {
- ESP_LOGV(TAG, "wc_ShaUpdate process hardware");
+ #if defined(WOLFSSL_DEBUG_MUTEX)
+ {
+ ESP_LOGI(TAG, "wc_ShaUpdate process hardware");
+ }
+ #endif
esp_sha_process(sha, (const byte*)local);
}
#elif defined (WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
@@ -708,14 +715,24 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
data += WC_SHA_BLOCK_SIZE;
len -= WC_SHA_BLOCK_SIZE;
- #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
- ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
- #endif
-
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_INIT){
esp_sha_try_hw_lock(&sha->ctx);
}
+ #endif
+
+ #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ if (esp_sha_need_byte_reversal(&sha->ctx))
+ #endif
+ {
+ ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
+ }
+ #endif
+
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_SW){
ret = XTRANSFORM(sha, (const byte*)local32);
}
@@ -748,7 +765,14 @@ int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
}
#ifdef LITTLE_ENDIAN_ORDER
- ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ if (esp_sha_need_byte_reversal(&sha->ctx))
+ #endif
+ {
+ ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
+ }
XMEMCPY(hash, (byte *)&digest[0], WC_SHA_DIGEST_SIZE);
#else
XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
@@ -802,16 +826,25 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
XMEMSET(&local[sha->buffLen], 0, WC_SHA_BLOCK_SIZE - sha->buffLen);
sha->buffLen += WC_SHA_BLOCK_SIZE - sha->buffLen;
- #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
- ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
- #endif
-
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
/* For a fresh sha.ctx, try to use hardware acceleration */
if (sha->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha->ctx);
}
+ #endif
+ #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ if (esp_sha_need_byte_reversal(&sha->ctx))
+ #endif
+ {
+ ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+ }
+ #endif
+
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
/* if HW was busy, we may need to fall back to SW. */
if (sha->ctx.mode == ESP32_SHA_SW) {
ret = XTRANSFORM(sha, (const byte*)local);
@@ -831,12 +864,25 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
}
sha->buffLen = 0;
- } /* (sha->buffLen > WC_SHA_PAD_SIZE) */
+ } /* (sha->buffLen > WC_SHA_PAD_SIZE) */
XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen);
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+ if (sha->ctx.mode == ESP32_SHA_INIT) {
+ esp_sha_try_hw_lock(&sha->ctx);
+ }
+#endif
+
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
- ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ if (esp_sha_need_byte_reversal(&sha->ctx))
+ #endif
+ { /* reminder local also points to sha->buffer */
+ ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+ }
#endif
/* store lengths */
@@ -855,10 +901,28 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
2 * sizeof(word32));
#endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- if (sha->ctx.mode == ESP32_SHA_INIT) {
- esp_sha_try_hw_lock(&sha->ctx);
+
+#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+if (sha->ctx.mode == ESP32_SHA_HW) {
+ #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+ {
+ ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
}
+ #endif
+ ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */
+ &sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in */
+ 2 * sizeof(word32) /* byte count to reverse */
+ );
+ #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+ {
+ ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
+ }
+ #endif
+} /* end if (sha->ctx.mode == ESP32_SHA_HW) */
+#endif
+
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
if (sha->ctx.mode == ESP32_SHA_SW) {
ret = XTRANSFORM(sha, (const byte*)local);
}
@@ -874,13 +938,22 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
#endif
#ifdef LITTLE_ENDIAN_ORDER
- ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ if (esp_sha_need_byte_reversal(&sha->ctx))
+ #endif
+ {
+ ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
+ }
#endif
XMEMCPY(hash, (byte *)&sha->digest[0], WC_SHA_DIGEST_SIZE);
+ /* we'll always reset state upon exit and return the error code from above,
+ * which may cause fall back to SW if HW is busy. we do not return result
+ * of initSha here */
(void)InitSha(sha); /* reset state */
-
return ret;
}
@@ -917,6 +990,10 @@ void wc_ShaFree(wc_Sha* sha)
if (sha == NULL)
return;
+#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ esp_sha_release_unfinished_lock(&sha->ctx);
+#endif
+
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
wolfAsync_DevCtxFree(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -927,8 +1004,9 @@ void wc_ShaFree(wc_Sha* sha)
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
se050_hash_free(&sha->se050Ctx);
#endif
-#if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
- !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
+ !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) || \
defined(WOLFSSL_RENESAS_RX64_HASH)
if (sha->msg != NULL) {
XFREE(sha->msg, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -942,12 +1020,14 @@ void wc_ShaFree(wc_Sha* sha)
#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
#endif /* !WOLFSSL_TI_HASH */
-#endif /* !HAVE_FIPS ... */
#if !defined(WOLFSSL_TI_HASH) && !defined(WOLFSSL_IMXRT_DCP)
-#if !defined(WOLFSSL_RENESAS_TSIP_CRYPT) || \
- defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#if ((!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) || \
+ defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
+ (!defined(WOLFSSL_RENESAS_RSIP) || \
+ defined(NO_WOLFSSL_RENESAS_FSPSM_HASH))
#if !defined(WOLFSSL_RENESAS_RX64_HASH)
#if !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)
@@ -995,9 +1075,9 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
XMEMCPY(dst, src, sizeof(wc_Sha));
-#ifdef WOLFSSL_SILABS_SE_ACCEL
- dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
- dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
+ dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+ dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
@@ -1012,7 +1092,7 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
ret = se050_hash_copy(&src->se050Ctx, &dst->se050Ctx);
#endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
esp_sha_ctx_copy(src, dst);
#endif
@@ -1023,7 +1103,8 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
}
#endif /* WOLFSSL_RENESAS_RX64_HASH */
#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
-#endif /* !defined(WOLFSSL_RENESAS_TSIP_CRYPT) ||
+#endif /* !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) ||
defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) */
#endif /* !defined(WOLFSSL_TI_HASH) && !defined(WOLFSSL_IMXRT_DCP) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c
index ffdd4019..50e5b1cc 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c
@@ -63,7 +63,8 @@ on the specific device platform.
#endif
-#if !defined(NO_SHA256) && !defined(WOLFSSL_ARMASM)
+#if !defined(NO_SHA256) && (!defined(WOLFSSL_ARMASM) && \
+ !defined(WOLFSSL_ARMASM_NO_NEON))
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
@@ -90,17 +91,17 @@ on the specific device platform.
/* determine if we are using Espressif SHA hardware acceleration */
-#undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
/* define a single keyword for simplicity & readability
*
* by default the HW acceleration is on for ESP32-WROOM32
* but individual components can be turned off.
*/
- #define WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#else
- #undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#endif
#ifdef WOLFSSL_ESPIDF
@@ -108,58 +109,11 @@ on the specific device platform.
**
** Beware of possible conflict in test.c (that one now named TEST_TAG)
*/
- static const char* TAG = "wc_sha256";
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+ static const char* TAG = "wc_sha256";
+ #endif
#endif
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
- int wc_InitSha256(wc_Sha256* sha)
- {
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha256_fips(sha);
- }
- int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
- {
- (void)heap;
- (void)devId;
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha256_fips(sha);
- }
- int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len)
- {
- if (sha == NULL || (data == NULL && len > 0)) {
- return BAD_FUNC_ARG;
- }
-
- if (data == NULL && len == 0) {
- /* valid, but do nothing */
- return 0;
- }
-
- return Sha256Update_fips(sha, data, len);
- }
- int wc_Sha256Final(wc_Sha256* sha, byte* out)
- {
- if (sha == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
- return Sha256Final_fips(sha, out);
- }
- void wc_Sha256Free(wc_Sha256* sha)
- {
- (void)sha;
- /* Not supported in FIPS */
- }
-
-#else /* else build without fips, or for FIPS v2 */
-
-
#if defined(WOLFSSL_TI_HASH)
/* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
#elif defined(WOLFSSL_CRYPTOCELL)
@@ -218,13 +172,15 @@ on the specific device platform.
(!defined(WOLFSSL_IMX6_CAAM) || defined(NO_IMX6_CAAM_HASH) || \
defined(WOLFSSL_QNX_CAAM)) && \
!defined(WOLFSSL_AFALG_HASH) && !defined(WOLFSSL_DEVCRYPTO_HASH) && \
- (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)) && \
- (!defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
+ (!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_HASH)) && \
+ ((!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) || \
+ defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
!defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
!defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH) && \
((!defined(WOLFSSL_RENESAS_SCEPROTECT) && \
- !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) \
- || defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) && \
+ !defined(WOLFSSL_RENESAS_RSIP)) \
+ || defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) && \
(!defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)) && \
!defined(WOLFSSL_RENESAS_RX64_HASH)
@@ -266,6 +222,10 @@ static int InitSha256(wc_Sha256* sha256)
XMEMSET(&sha256->maxq_ctx, 0, sizeof(sha256->maxq_ctx));
#endif
+#ifdef HAVE_ARIA
+ sha256->hSession = NULL;
+#endif
+
return ret;
}
#endif
@@ -735,12 +695,14 @@ static int InitSha256(wc_Sha256* sha256)
return ret;
}
-#elif defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#elif defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
/* HW may fail since there's only one, so we still need SW */
#define NEED_SOFT_SHA256
/*
+ ** An Espressif-specific InitSha256()
+ **
** soft SHA needs initialization digest, but HW does not.
*/
static int InitSha256(wc_Sha256* sha256)
@@ -751,6 +713,8 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG;
}
+ /* We may or may not need initial digest for HW.
+ * Always needed for SW-only. */
sha256->digest[0] = 0x6A09E667L;
sha256->digest[1] = 0xBB67AE85L;
sha256->digest[2] = 0x3C6EF372L;
@@ -764,13 +728,14 @@ static int InitSha256(wc_Sha256* sha256)
sha256->loLen = 0;
sha256->hiLen = 0;
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
ret = esp_sha_init(&(sha256->ctx), WC_HASH_TYPE_SHA256);
-
+#endif
return ret;
}
/*
- ** wolfCrypt InitSha256 external wrapper.
+ ** An Espressif-specific wolfCrypt InitSha256 external wrapper.
**
** we'll assume this is ALWAYS for a new, uninitialized sha256
*/
@@ -781,28 +746,30 @@ static int InitSha256(wc_Sha256* sha256)
return BAD_FUNC_ARG;
}
- #ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
/* We know this is a fresh, uninitialized item, so set to INIT */
if (sha256->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Set ctx mode from prior value: "
"%d", sha256->ctx.mode);
}
sha256->ctx.mode = ESP32_SHA_INIT;
+#endif
#endif
return InitSha256(sha256);
}
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
/* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
- !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_RSIP)) \
+ && !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
- /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
+ /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
#elif defined(WOLFSSL_PSOC6_CRYPTO)
@@ -973,6 +940,7 @@ static int InitSha256(wc_Sha256* sha256)
}
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE)
+ ForceZero(W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
@@ -1090,33 +1058,61 @@ static int InitSha256(wc_Sha256* sha256)
len -= blocksLen;
if (sha256->buffLen == WC_SHA256_BLOCK_SIZE) {
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (sha256->ctx.mode == ESP32_SHA_INIT) {
+ ESP_LOGV(TAG, "Sha256Update try hardware");
+ esp_sha_try_hw_lock(&sha256->ctx);
+ }
+ #endif
+
+
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
#if defined(WOLFSSL_X86_64_BUILD) && \
defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (esp_sha_need_byte_reversal(&sha256->ctx))
+ #endif
{
ByteReverseWords(sha256->buffer, sha256->buffer,
WC_SHA256_BLOCK_SIZE);
}
#endif
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- if (sha256->ctx.mode == ESP32_SHA_INIT) {
- ESP_LOGV(TAG, "Sha256Update try hardware");
- esp_sha_try_hw_lock(&sha256->ctx);
- }
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_SW) {
- ESP_LOGV(TAG, "Sha256Update process software");
+ #if defined(WOLFSSL_DEBUG_MUTEX)
+ {
+ ESP_LOGI(TAG, "Sha256Update process software");
+ }
+ #endif
+ #ifdef WOLFSSL_HW_METRICS
+ {
+ /* Track of # SW during transforms during active HW */
+ esp_sw_sha256_count_add();
+ }
+ #endif /* WOLFSSL_HW_METRICS */
ret = XTRANSFORM(sha256, (const byte*)local);
}
else {
- ESP_LOGV(TAG, "Sha256Update process hardware");
+ #if defined(WOLFSSL_DEBUG_MUTEX)
+ {
+ ESP_LOGI(TAG, "Sha256Update process hardware");
+ }
+ #endif
esp_sha256_process(sha256, (const byte*)local);
}
#else
+ /* Always SW */
ret = XTRANSFORM(sha256, (const byte*)local);
#endif
@@ -1174,8 +1170,22 @@ static int InitSha256(wc_Sha256* sha256)
data += WC_SHA256_BLOCK_SIZE;
len -= WC_SHA256_BLOCK_SIZE;
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined( NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (sha256->ctx.mode == ESP32_SHA_INIT){
+ ESP_LOGV(TAG, "Sha256Update try hardware loop");
+ esp_sha_try_hw_lock(&sha256->ctx);
+ }
+ #endif
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (esp_sha_need_byte_reversal(&sha256->ctx))
+ #endif
#if defined(WOLFSSL_X86_64_BUILD) && \
defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
@@ -1186,11 +1196,8 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- if (sha256->ctx.mode == ESP32_SHA_INIT){
- ESP_LOGV(TAG, "Sha256Update try hardware loop");
- esp_sha_try_hw_lock(&sha256->ctx);
- }
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_SW) {
ESP_LOGV(TAG, "Sha256Update process software loop");
ret = XTRANSFORM(sha256, (const byte*)local32);
@@ -1282,7 +1289,21 @@ static int InitSha256(wc_Sha256* sha256)
WC_SHA256_BLOCK_SIZE - sha256->buffLen);
sha256->buffLen += WC_SHA256_BLOCK_SIZE - sha256->buffLen;
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (sha256->ctx.mode == ESP32_SHA_INIT) {
+ esp_sha_try_hw_lock(&sha256->ctx);
+ }
+ #endif
+
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (esp_sha_need_byte_reversal(&sha256->ctx))
+ #endif
#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
@@ -1293,7 +1314,8 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
@@ -1314,13 +1336,27 @@ static int InitSha256(wc_Sha256* sha256)
XMEMSET(&local[sha256->buffLen], 0,
WC_SHA256_PAD_SIZE - sha256->buffLen);
- /* put lengths in bits */
+ /* put 64 bit length in separate 32 bit parts */
sha256->hiLen = (sha256->loLen >> (8 * sizeof(sha256->loLen) - 3)) +
(sha256->hiLen << 3);
sha256->loLen = sha256->loLen << 3;
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (sha256->ctx.mode == ESP32_SHA_INIT) {
+ esp_sha_try_hw_lock(&sha256->ctx);
+ }
+ #endif
+
/* store lengths */
#if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (esp_sha_need_byte_reversal(&sha256->ctx))
+ #endif
#if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
@@ -1330,11 +1366,33 @@ static int InitSha256(wc_Sha256* sha256)
WC_SHA256_BLOCK_SIZE);
}
#endif
- /* ! length ordering dependent on digest endian type ! */
+ /* ! 64-bit length ordering dependent on digest endian type ! */
XMEMCPY(&local[WC_SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32));
XMEMCPY(&local[WC_SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
sizeof(word32));
+ /* Only the ESP32-C3 with HW enabled may need pad size byte order reversal
+ * depending on HW or SW mode */
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (sha256->ctx.mode == ESP32_SHA_HW) {
+ #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+ ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
+ #endif
+ ByteReverseWords(
+ &sha256->buffer[WC_SHA256_PAD_SIZE / sizeof(word32)], /* out */
+ &sha256->buffer[WC_SHA256_PAD_SIZE / sizeof(word32)], /* in */
+ 2 * sizeof(word32) /* byte count to reverse */
+ );
+ #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+ ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
+ #endif
+ } /* end if (sha256->ctx.mode == ESP32_SHA_HW) */
+ #endif
+
#if defined(FREESCALE_MMCAU_SHA) || \
(defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)))
@@ -1351,10 +1409,13 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha256->ctx);
}
+ /* depending on architecture and ctx.mode value
+ * we may or may not need default digest */
if (sha256->ctx.mode == ESP32_SHA_SW) {
ret = XTRANSFORM(sha256, (const byte*)local);
}
@@ -1381,8 +1442,18 @@ static int InitSha256(wc_Sha256* sha256)
}
#ifdef LITTLE_ENDIAN_ORDER
- ByteReverseWords((word32*)digest, (word32*)sha256->digest,
- WC_SHA256_DIGEST_SIZE);
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (esp_sha_need_byte_reversal(&sha256->ctx))
+ #endif
+ {
+ ByteReverseWords((word32*)digest,
+ (word32*)sha256->digest,
+ WC_SHA256_DIGEST_SIZE);
+ }
XMEMCPY(hash, digest, WC_SHA256_DIGEST_SIZE);
#else
XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
@@ -1426,7 +1497,16 @@ static int InitSha256(wc_Sha256* sha256)
}
#if defined(LITTLE_ENDIAN_ORDER)
- ByteReverseWords(sha256->digest, sha256->digest, WC_SHA256_DIGEST_SIZE);
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ if (esp_sha_need_byte_reversal(&sha256->ctx))
+ #endif
+ {
+ ByteReverseWords(sha256->digest, sha256->digest,
+ WC_SHA256_DIGEST_SIZE);
+ }
#endif
XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
@@ -1554,6 +1634,11 @@ static int InitSha256(wc_Sha256* sha256)
/* implemented in wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+
+ /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#else
#define NEED_SOFT_SHA224
@@ -1594,9 +1679,11 @@ static int InitSha256(wc_Sha256* sha256)
sha224->used = 0;
#endif
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- /* not to be confused with HAS512_224 */
- sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+ /* not to be confused with SHAS512_224 */
+ ret = esp_sha_init(&(sha224->ctx), WC_HASH_TYPE_SHA224);
#endif
return ret;
@@ -1617,14 +1704,19 @@ static int InitSha256(wc_Sha256* sha256)
sha224->W = NULL;
#endif
- #ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224)
/* We know this is a fresh, uninitialized item, so set to INIT */
if (sha224->ctx.mode != ESP32_SHA_SW) {
ESP_LOGV(TAG, "Set sha224 ctx mode init to ESP32_SHA_SW. "
"Prior value: %d", sha224->ctx.mode);
}
/* no sha224 HW support is available, set to SW */
- sha224->ctx.mode = ESP32_SHA_SW;
+ sha224->ctx.mode = ESP32_SHA_SW;
+ #else
+ /* We know this is a fresh, uninitialized item, so set to INIT */
+ sha224->ctx.mode = ESP32_SHA_INIT;
+ #endif
#endif
ret = InitSha224(sha224);
@@ -1642,7 +1734,9 @@ static int InitSha256(wc_Sha256* sha256)
ret = wc_CAAM_HashInit(&sha224->hndl, &sha224->ctx, WC_HASH_TYPE_SHA224);
#endif
- #ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
if (sha224->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV("SHA224", "Set ctx mode from prior value: "
"%d", sha224->ctx.mode);
@@ -1670,7 +1764,9 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif /* WOLFSSL_ASYNC_CRYPT */
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ (defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
#endif
@@ -1696,8 +1792,11 @@ static int InitSha256(wc_Sha256* sha256)
}
#endif /* WOLFSSL_ASYNC_CRYPT */
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+
+ /* nothing enabled here for C3 success */
#endif
ret = Sha256Final((wc_Sha256*)sha224);
@@ -1705,7 +1804,18 @@ static int InitSha256(wc_Sha256* sha256)
return ret;
#if defined(LITTLE_ENDIAN_ORDER)
- ByteReverseWords(sha224->digest, sha224->digest, WC_SHA224_DIGEST_SIZE);
+ #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+ defined(WOLFSSL_ESP32_CRYPT) && \
+ (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+ if (esp_sha_need_byte_reversal(&sha224->ctx))
+ #endif
+ {
+ ByteReverseWords(sha224->digest,
+ sha224->digest,
+ WC_SHA224_DIGEST_SIZE);
+ }
#endif
XMEMCPY(hash, sha224->digest, WC_SHA224_DIGEST_SIZE);
@@ -1732,10 +1842,11 @@ static int InitSha256(wc_Sha256* sha256)
return;
#ifdef WOLFSSL_SMALL_STACK_CACHE
- if (sha224->W != NULL) {
- XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
- sha224->W = NULL;
- }
+ if (sha224->W != NULL) {
+ ForceZero(sha224->W, sizeof(word32) * WC_SHA224_BLOCK_SIZE);
+ XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
+ sha224->W = NULL;
+ }
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224)
@@ -1749,14 +1860,16 @@ static int InitSha256(wc_Sha256* sha256)
KcapiHashFree(&sha224->kcapi);
#endif
#if defined(WOLFSSL_RENESAS_RX64_HASH)
- if (sha224->msg != NULL) {
- XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER);
- sha224->msg = NULL;
- }
+ if (sha224->msg != NULL) {
+ ForceZero(sha224->msg, sha224->len);
+ XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER);
+ sha224->msg = NULL;
+ }
#endif
+ ForceZero(sha224, sizeof(*sha224));
}
-#endif /* WOLFSSL_SHA224 */
-#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
+#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
+#endif /* WOLFSSL_SHA224 */
int wc_InitSha256(wc_Sha256* sha256)
@@ -1777,8 +1890,15 @@ void wc_Sha256Free(wc_Sha256* sha256)
if (sha256 == NULL)
return;
+#if defined(WOLFSSL_ESP32) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+ esp_sha_release_unfinished_lock(&sha256->ctx);
+#endif
+
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha256->W != NULL) {
+ ForceZero(sha256->W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
XFREE(sha256->W, NULL, DYNAMIC_TYPE_DIGEST);
sha256->W = NULL;
}
@@ -1805,15 +1925,16 @@ void wc_Sha256Free(wc_Sha256* sha256)
#endif /* WOLFSSL_DEVCRYPTO */
#if (defined(WOLFSSL_AFALG_HASH) && defined(WOLFSSL_AFALG_HASH_KEEP)) || \
(defined(WOLFSSL_DEVCRYPTO_HASH) && defined(WOLFSSL_DEVCRYPTO_HASH_KEEP)) || \
- (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+ ((defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
- ((defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
- !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) || \
+ (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) || \
defined(WOLFSSL_RENESAS_RX64_HASH) || \
defined(WOLFSSL_HASH_KEEP)
if (sha256->msg != NULL) {
+ ForceZero(sha256->msg, sha256->len);
XFREE(sha256->msg, sha256->heap, DYNAMIC_TYPE_TMP_BUFFER);
sha256->msg = NULL;
}
@@ -1831,8 +1952,17 @@ void wc_Sha256Free(wc_Sha256* sha256)
wc_MAXQ10XX_Sha256Free(sha256);
#endif
+#ifdef HAVE_ARIA
+ if (sha256->hSession != NULL) {
+ MC_CloseSession(sha256->hSession);
+ sha256->hSession = NULL;
+ }
+#endif
+
/* Espressif embedded hardware acceleration specific: */
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
if (sha256->ctx.lockDepth > 0) {
/* probably due to unclean shutdown, error, or other problem.
*
@@ -1848,7 +1978,8 @@ void wc_Sha256Free(wc_Sha256* sha256)
ESP_LOGV(TAG, "Hardware unlock not needed in wc_Sha256Free.");
}
#endif
-}
+ ForceZero(sha256, sizeof(*sha256));
+} /* wc_Sha256Free */
#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
#ifdef WOLFSSL_HASH_KEEP
@@ -1872,11 +2003,12 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
#endif /* WOLFSSL_HASH_KEEP */
#endif /* !WOLFSSL_TI_HASH */
-#endif /* HAVE_FIPS */
#ifndef WOLFSSL_TI_HASH
-#if !defined(WOLFSSL_RENESAS_RX64_HASH)
+#if !defined(WOLFSSL_RENESAS_RX64_HASH) && \
+ (!defined(WOLFSSL_RENESAS_RSIP) || \
+ defined(NO_WOLFSSL_RENESAS_FSPSM_HASH))
#ifdef WOLFSSL_SHA224
#if defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_NO_KCAPI_SHA224)
@@ -1933,17 +2065,22 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
dst->W = NULL;
#endif
- #ifdef WOLFSSL_SILABS_SE_ACCEL
- dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
- dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+ #if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
+ dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+ dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224)
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
#endif
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- ret = esp_sha224_ctx_copy(src, dst);
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+ /* regardless of any other settings, there's no SHA-224 HW on ESP32 */
+ #ifndef CONFIG_IDF_TARGET_ESP32
+ ret = esp_sha224_ctx_copy(src, dst);
+ #endif
#endif
#ifdef WOLFSSL_HASH_FLAGS
@@ -1991,16 +2128,16 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
#elif defined(WOLFSSL_DEVCRYPTO_HASH)
/* implemented in wolfcrypt/src/port/devcrypto/devcrypt_hash.c */
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
/* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
- !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_RSIP))\
+ && !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
- /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
+ /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
#elif defined(WOLFSSL_PSOC6_CRYPTO)
/* implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */
@@ -2068,9 +2205,9 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
dst->W = NULL;
#endif
-#ifdef WOLFSSL_SILABS_SE_ACCEL
- dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
- dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
+ dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+ dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
@@ -2081,10 +2218,18 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
#endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
esp_sha256_ctx_copy(src, dst);
#endif
+#ifdef HAVE_ARIA
+ dst->hSession = NULL;
+ if((src->hSession != NULL) && (MC_CopySession(src->hSession, &(dst->hSession)) != MC_OK)) {
+ return MEMORY_E;
+ }
+#endif
+
#ifdef WOLFSSL_HASH_FLAGS
dst->flags |= WC_HASH_FLAG_ISCOPY;
#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S
index 3adac1e7..6d1c8ea7 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S
@@ -1,5 +1,5 @@
-/* sha256_asm
- *
+/* sha256_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c
index 2baea765..096566d2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c
@@ -1399,6 +1399,7 @@ int wc_Shake256_Update(wc_Shake* shake, const byte* data, word32 len)
*
* shake wc_Shake object holding state.
* hash Buffer to hold the hash result. Must be at least 64 bytes.
+ * hashLen Size of hash in bytes.
* returns 0 on success.
*/
int wc_Shake256_Final(wc_Shake* shake, byte* hash, word32 hashLen)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S
index 99c90d65..07a0b140 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S
@@ -1,5 +1,5 @@
-/* sha3_asm
- *
+/* sha3_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c
index 3d17a09b..c6968162 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c
@@ -26,21 +26,23 @@
#include <wolfssl/wolfcrypt/settings.h>
-#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PSOC6_CRYPTO)
+#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
+ (!defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_ARMASM_NO_NEON)) && \
+ !defined(WOLFSSL_PSOC6_CRYPTO)
/* determine if we are using Espressif SHA hardware acceleration */
-#undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
- /* define a single keyword for simplicity & readability
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+ #include "sdkconfig.h"
+ /* Define a single keyword for simplicity & readability.
*
- * by default the HW acceleration is on for ESP32-WROOM32
- * but individual components can be turned off.
+ * By default the HW acceleration is on for ESP32 Chipsets,
+ * but individual components can be turned off. See user_settings.h
*/
- #define WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
static const char* TAG = "wc_sha_512";
#else
- #undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+ #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
#endif
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
@@ -71,92 +73,6 @@
#define USE_SLOW_SHA512
#endif
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
- #ifdef WOLFSSL_SHA512
-
- int wc_InitSha512(wc_Sha512* sha)
- {
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return InitSha512_fips(sha);
- }
- int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId)
- {
- (void)heap;
- (void)devId;
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha512_fips(sha);
- }
- int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len)
- {
- if (sha == NULL || (data == NULL && len > 0)) {
- return BAD_FUNC_ARG;
- }
-
- return Sha512Update_fips(sha, data, len);
- }
- int wc_Sha512Final(wc_Sha512* sha, byte* out)
- {
- if (sha == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
-
- return Sha512Final_fips(sha, out);
- }
- void wc_Sha512Free(wc_Sha512* sha)
- {
- (void)sha;
- /* Not supported in FIPS */
- }
- #endif
-
- #if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
- int wc_InitSha384(wc_Sha384* sha)
- {
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha384_fips(sha);
- }
- int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
- {
- (void)heap;
- (void)devId;
- if (sha == NULL) {
- return BAD_FUNC_ARG;
- }
- return InitSha384_fips(sha);
- }
- int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len)
- {
- if (sha == NULL || (data == NULL && len > 0)) {
- return BAD_FUNC_ARG;
- }
- return Sha384Update_fips(sha, data, len);
- }
- int wc_Sha384Final(wc_Sha384* sha, byte* out)
- {
- if (sha == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
- return Sha384Final_fips(sha, out);
- }
- void wc_Sha384Free(wc_Sha384* sha)
- {
- (void)sha;
- /* Not supported in FIPS */
- }
- #endif /* WOLFSSL_SHA384 || HAVE_AESGCM */
-
-#else /* else build without fips, or for FIPS v2 */
-
#include <wolfssl/wolfcrypt/logging.h>
#ifdef NO_INLINE
@@ -220,6 +136,10 @@
#elif defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
int wc_InitSha512(wc_Sha512* sha512)
{
@@ -294,7 +214,8 @@ static int InitSha512(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed. */
@@ -334,7 +255,8 @@ static int InitSha512_224(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed.
**
@@ -376,7 +298,8 @@ static int InitSha512_256(wc_Sha512* sha512)
sha512->loLen = 0;
sha512->hiLen = 0;
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed.
**
@@ -616,7 +539,8 @@ static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId,
int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
{
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
if (sha512->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Set ctx mode from prior value: "
"%d", sha512->ctx.mode);
@@ -632,7 +556,8 @@ int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
{
-#ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* No SHA512/224 HW support is available, set to SW. */
sha512->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
#endif
@@ -644,7 +569,8 @@ int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
{
-#ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
/* No SHA512/256 HW support is available on ESP32, set to SW. */
sha512->ctx.mode = ESP32_SHA_SW;
#endif
@@ -835,15 +761,17 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
{
- #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer, sha512->buffer,
WC_SHA512_BLOCK_SIZE);
#endif
}
#endif
- #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
@@ -908,13 +836,15 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
data += WC_SHA512_BLOCK_SIZE;
len -= WC_SHA512_BLOCK_SIZE;
- #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer, sha512->buffer,
WC_SHA512_BLOCK_SIZE);
#endif
- #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
@@ -980,6 +910,9 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
@@ -1014,15 +947,17 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
#endif
{
- #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer,sha512->buffer,
WC_SHA512_BLOCK_SIZE);
#endif
}
#endif /* LITTLE_ENDIAN_ORDER */
- #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+ #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
if (sha512->ctx.mode == ESP32_SHA_INIT) {
esp_sha_try_hw_lock(&sha512->ctx);
}
@@ -1056,15 +991,17 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
#endif
- #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ByteReverseWords64(sha512->buffer, sha512->buffer, WC_SHA512_PAD_SIZE);
#endif
#endif
/* ! length ordering dependent on digest endian type ! */
-#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
#endif
@@ -1077,8 +1014,9 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE);
#endif
-#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
- defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if !defined(WOLFSSL_ESP32_CRYPT) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+ defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
ret = Transform_Sha512(sha512);
#else
if(sha512->ctx.mode == ESP32_SHA_INIT) {
@@ -1105,6 +1043,7 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
ByteReverseWords64(sha512->digest, sha512->digest, WC_SHA512_DIGEST_SIZE);
#endif
+
return 0;
}
@@ -1116,6 +1055,10 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#else
static int Sha512FinalRaw(wc_Sha512* sha512, byte* hash, size_t digestSz)
@@ -1208,8 +1151,15 @@ void wc_Sha512Free(wc_Sha512* sha512)
if (sha512 == NULL)
return;
+#if defined(WOLFSSL_ESP32) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
+ esp_sha_release_unfinished_lock(&sha512->ctx);
+#endif
+
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha512->W != NULL) {
+ ForceZero(sha512->W, sizeof(word64) * 16);
XFREE(sha512->W, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
sha512->W = NULL;
}
@@ -1221,6 +1171,7 @@ void wc_Sha512Free(wc_Sha512* sha512)
#if defined(WOLFSSL_HASH_KEEP)
if (sha512->msg != NULL) {
+ ForceZero(sha512->msg, sha512->len);
XFREE(sha512->msg, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
sha512->msg = NULL;
}
@@ -1229,6 +1180,8 @@ void wc_Sha512Free(wc_Sha512* sha512)
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512);
#endif /* WOLFSSL_ASYNC_CRYPT */
+
+ ForceZero(sha512, sizeof(*sha512));
}
#if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) \
&& !defined(WOLFSSL_KCAPI_HASH)
@@ -1281,6 +1234,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
XMEMCPY(sha->buffer, buffer, WC_SHA512_BLOCK_SIZE);
#ifdef WOLFSSL_SMALL_STACK
+ ForceZero(buffer, WC_SHA512_BLOCK_SIZE);
XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
@@ -1333,6 +1287,10 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
#elif defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#else
static int InitSha384(wc_Sha384* sha384)
@@ -1354,7 +1312,8 @@ static int InitSha384(wc_Sha384* sha384)
sha384->loLen = 0;
sha384->hiLen = 0;
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
/* HW needs to be carefully initialized, taking into account soft copy.
** If already in use; copy may revert to SW as needed. */
esp_sha_init(&(sha384->ctx), WC_HASH_TYPE_SHA384);
@@ -1364,6 +1323,10 @@ static int InitSha384(wc_Sha384* sha384)
sha384->flags = 0;
#endif
+#ifdef HAVE_ARIA
+ sha384->hSession = NULL;
+#endif
+
#ifdef WOLFSSL_HASH_KEEP
sha384->msg = NULL;
sha384->len = 0;
@@ -1476,7 +1439,8 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
sha384->devId = devId;
sha384->devCtx = NULL;
#endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
if (sha384->ctx.mode != ESP32_SHA_INIT) {
ESP_LOGV(TAG, "Set ctx mode from prior value: "
"%d", sha384->ctx.mode);
@@ -1524,8 +1488,14 @@ void wc_Sha384Free(wc_Sha384* sha384)
if (sha384 == NULL)
return;
+#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
+ esp_sha_release_unfinished_lock(&sha384->ctx);
+#endif
+
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha384->W != NULL) {
+ ForceZero(sha384->W, sizeof(word64) * 16);
XFREE(sha384->W, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER);
sha384->W = NULL;
}
@@ -1537,6 +1507,7 @@ void wc_Sha384Free(wc_Sha384* sha384)
#if defined(WOLFSSL_HASH_KEEP)
if (sha384->msg != NULL) {
+ ForceZero(sha384->msg, sha384->len);
XFREE(sha384->msg, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER);
sha384->msg = NULL;
}
@@ -1549,17 +1520,28 @@ void wc_Sha384Free(wc_Sha384* sha384)
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
wolfAsync_DevCtxFree(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384);
#endif /* WOLFSSL_ASYNC_CRYPT */
+
+#ifdef HAVE_ARIA
+ if (sha384->hSession != NULL) {
+ MC_CloseSession(sha384->hSession);
+ sha384->hSession = NULL;
+ }
+#endif
+
+ ForceZero(sha384, sizeof(*sha384));
}
#endif /* WOLFSSL_SHA384 */
-#endif /* HAVE_FIPS */
-
#ifdef WOLFSSL_SHA512
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#else
static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash,
@@ -1616,19 +1598,34 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
dst->W = NULL;
#endif
-#ifdef WOLFSSL_SILABS_SHA512
- dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
- dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) && \
+ defined(WOLFSSL_SILABS_SHA512)
+ dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+ dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
#endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+ if (ret == 0) {
+ ret = esp_sha512_ctx_copy(src, dst);
+ }
+ #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ ESP_LOGV(TAG, "No SHA-512 HW on the ESP32-C3");
+ #elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
if (ret == 0) {
ret = esp_sha512_ctx_copy(src, dst);
}
+ #else
+ ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
+ CONFIG_IDF_TARGET);
+ #endif
+
#endif
#ifdef WOLFSSL_HASH_FLAGS
@@ -1682,6 +1679,10 @@ int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
@@ -1706,6 +1707,9 @@ void wc_Sha512_224Free(wc_Sha512* sha)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
#else
int wc_Sha512_224GetHash(wc_Sha512* sha512, byte* hash)
@@ -1754,6 +1758,10 @@ int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
}
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
#elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#else
@@ -1776,6 +1784,9 @@ void wc_Sha512_256Free(wc_Sha512* sha)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
#else
int wc_Sha512_256GetHash(wc_Sha512* sha512, byte* hash)
@@ -1815,7 +1826,9 @@ int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data)
#if defined(WOLFSSL_KCAPI_HASH)
/* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ /* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
#else
int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)
@@ -1867,17 +1880,36 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
dst->W = NULL;
#endif
-#ifdef WOLFSSL_SILABS_SHA384
- dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
- dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) && \
+ defined(WOLFSSL_SILABS_SHA384)
+ dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+ dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
#endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
- esp_sha384_ctx_copy(src, dst);
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+ esp_sha384_ctx_copy(src, dst);
+ #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ ESP_LOGV(TAG, "No SHA-384 HW on the ESP32-C3");
+ #elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
+ defined(CONFIG_IDF_TARGET_ESP32S3)
+ esp_sha384_ctx_copy(src, dst);
+ #else
+ ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
+ CONFIG_IDF_TARGET);
+ #endif
+#endif
+
+#ifdef HAVE_ARIA
+ dst->hSession = NULL;
+ if((src->hSession != NULL) && (MC_CopySession(src->hSession, &(dst->hSession)) != MC_OK)) {
+ return MEMORY_E;
+ }
#endif
#ifdef WOLFSSL_HASH_FLAGS
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S
index 83f60047..47789e83 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S
@@ -1,5 +1,5 @@
-/* sha512_asm
- *
+/* sha512_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c b/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c
index f9c71926..efcbd887 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c
@@ -525,17 +525,12 @@ int wc_SignatureGenerate_ex(
#endif
}
if (ret == 0) {
- /* Generate signature using hash */
- ret = wc_SignatureGenerateHash(hash_type, sig_type,
- hash_data, hash_enc_len, sig, sig_len, key, key_len, rng);
+ /* Generate signature using hash (also handles verify) */
+ ret = wc_SignatureGenerateHash_ex(hash_type, sig_type, hash_data,
+ hash_enc_len, sig, sig_len, key, key_len, rng, verify);
}
}
- if (ret == 0 && verify) {
- ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data,
- hash_enc_len, sig, *sig_len, key, key_len);
- }
-
#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN)
XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c
index e91848a9..0fc27218 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c
@@ -315,7 +315,7 @@ static WC_INLINE void SipHashOut(SipHash* sipHash, byte* out)
*
* @param [in, out] sipHash SipHash object.
* @param [out] out Buffer to place MAC into.
- * @param [in] outSz Size of ouput MAC. 8 or 16 only.
+ * @param [in] outSz Size of output MAC. 8 or 16 only.
* @return BAD_FUNC_ARG when sipHash or out is NULL.
* @return BAD_FUNC_ARG when outSz is not the same as initialized value.
* @return 0 on success.
@@ -393,7 +393,7 @@ int wc_SipHashFinal(SipHash* sipHash, unsigned char* out, unsigned char outSz)
* @param [in] in Input message.
* @param [in] inSz Size of input message.
* @param [out] out Buffer to place MAC into.
- * @param [in] outSz Size of ouput MAC. 8 or 16 only.
+ * @param [in] outSz Size of output MAC. 8 or 16 only.
* @return BAD_FUNC_ARG when key or out is NULL.
* @return BAD_FUNC_ARG when in is NULL and inSz is not zero.
* @return BAD_FUNC_ARG when outSz is neither 8 nor 16.
@@ -622,7 +622,7 @@ int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
* @param [in] in Input message.
* @param [in] inSz Size of input message.
* @param [out] out Buffer to place MAC into.
- * @param [in] outSz Size of ouput MAC. 8 or 16 only.
+ * @param [in] outSz Size of output MAC. 8 or 16 only.
* @return BAD_FUNC_ARG when key or out is NULL.
* @return BAD_FUNC_ARG when in is NULL and inSz is not zero.
* @return BAD_FUNC_ARG when outSz is not 8 nor 16.
@@ -851,7 +851,7 @@ int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
* @param [in] in Input message.
* @param [in] inSz Size of input message.
* @param [out] out Buffer to place MAC into.
- * @param [in] outSz Size of ouput MAC. 8 or 16 only.
+ * @param [in] outSz Size of output MAC. 8 or 16 only.
* @return BAD_FUNC_ARG when key or out is NULL.
* @return BAD_FUNC_ARG when in is NULL and inSz is not zero.
* @return BAD_FUNC_ARG when outSz is not 8 nor 16.
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/misc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sm2.c
index d31462fe..829d5e5b 100644
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/misc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm2.c
@@ -1,4 +1,4 @@
-/* misc.c
+/* sm2.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,11 +19,15 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
-#ifdef NO_INLINE
- #include <wolfssl/wolfcrypt/misc.h>
-#else
- /* for inline includes */
- #define WOLFSSL_MISC_INCLUDED
- #include <wolfcrypt/src/misc.c>
#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c
new file mode 100644
index 00000000..1339037b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c
@@ -0,0 +1,33 @@
+/* sm3.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM3
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S
new file mode 100644
index 00000000..2c368f1f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S
@@ -0,0 +1,33 @@
+/* sm3_asm.S
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM3
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c
new file mode 100644
index 00000000..1e4f3176
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c
@@ -0,0 +1,33 @@
+/* sm4.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM4
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c
index a1b68dc8..2014da43 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c
@@ -52,6 +52,16 @@
#include <wolfssl/wolfcrypt/sp.h>
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif
+
#ifdef WOLFSSL_SP_ARM32_ASM
#define SP_PRINT_NUM(var, name, total, words, bits) \
do { \
@@ -118,14 +128,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -230,6 +240,7 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a)
#define sp_2048_norm_64(a)
#ifndef WOLFSSL_SP_SMALL
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
@@ -238,17 +249,15 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a)
*/
static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #32\n\t"
- "mov r10, #0\n\t"
/* A[0] * B[0] */
"ldr r11, [%[a]]\n\t"
"ldr r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r3, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -271,14 +280,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adc r4, r4, r7\n\t"
"mov r5, #0\n\t"
-#else
- "umull r3, r4, r11, r12\n\t"
- "mov r5, #0\n\t"
-#endif
"str r3, [sp]\n\t"
/* A[0] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -308,16 +312,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * B[0] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -346,16 +342,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -385,17 +374,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * B[1] */
"ldr r11, [%[a], #4]\n\t"
"ldr r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -424,16 +405,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[0] * B[2] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -462,16 +436,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -501,16 +468,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[1] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -539,15 +498,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[2] * B[1] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -576,16 +528,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[3] * B[0] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -614,16 +559,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -653,16 +591,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[3] * B[1] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -691,16 +621,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[2] * B[2] */
"ldr r11, [%[a], #8]\n\t"
"ldr r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -729,16 +652,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * B[3] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -767,16 +683,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[0] * B[4] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -805,16 +714,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -844,17 +746,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * B[4] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -883,15 +777,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[2] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -920,15 +807,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[3] * B[2] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -957,16 +837,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[4] * B[1] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -995,16 +868,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[5] * B[0] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1033,16 +899,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1072,17 +931,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[5] * B[1] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1111,15 +962,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[4] * B[2] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1148,16 +992,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[3] * B[3] */
"ldr r11, [%[a], #12]\n\t"
"ldr r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1186,16 +1023,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[2] * B[4] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1224,16 +1054,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[1] * B[5] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1262,16 +1085,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[0] * B[6] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1300,16 +1116,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1339,17 +1148,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * B[6] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1378,16 +1179,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[2] * B[5] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1416,15 +1210,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[3] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1453,15 +1240,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[4] * B[3] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1490,16 +1270,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[5] * B[2] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1528,16 +1301,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[6] * B[1] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1566,16 +1332,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[7] * B[0] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1604,16 +1363,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #28]\n\t"
/* A[7] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1643,17 +1395,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[6] * B[2] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1682,15 +1426,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[5] * B[3] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1719,16 +1456,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[4] * B[4] */
"ldr r11, [%[a], #16]\n\t"
"ldr r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1757,16 +1487,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[3] * B[5] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1795,16 +1518,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[2] * B[6] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1833,16 +1549,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * B[7] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1871,16 +1580,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [%[r], #32]\n\t"
/* A[2] * B[7] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1910,17 +1612,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[3] * B[6] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1949,15 +1643,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[4] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -1986,15 +1673,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[5] * B[4] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2023,16 +1703,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[6] * B[3] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2061,16 +1734,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[7] * B[2] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2099,16 +1765,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [%[r], #36]\n\t"
/* A[7] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2138,16 +1797,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[6] * B[4] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2176,16 +1827,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[5] * B[5] */
"ldr r11, [%[a], #20]\n\t"
"ldr r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2214,16 +1858,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[4] * B[6] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2252,16 +1889,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[3] * B[7] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2290,16 +1920,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [%[r], #40]\n\t"
/* A[4] * B[7] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2329,16 +1952,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[5] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2367,15 +1982,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[6] * B[5] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2404,16 +2012,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[7] * B[4] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2442,15 +2043,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [%[r], #44]\n\t"
/* A[7] * B[5] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2480,17 +2074,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[6] * B[6] */
"ldr r11, [%[a], #24]\n\t"
"ldr r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2519,16 +2105,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[5] * B[7] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2557,15 +2136,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [%[r], #48]\n\t"
/* A[6] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2595,16 +2167,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[7] * B[6] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2633,15 +2197,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [%[r], #52]\n\t"
/* A[7] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -2666,11 +2223,6 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
"adc r3, r3, r7\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r7\n\t"
-#endif
"str r5, [%[r], #56]\n\t"
"str r3, [%[r], #60]\n\t"
"ldm sp!, {r3, r4, r5, r6}\n\t"
@@ -2679,10 +2231,495 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
+ );
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #36\n\t"
+ "str %[r], [sp, #32]\n\t"
+ "mov %[r], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * B[0] */
+ "ldr lr, [%[b]]\n\t"
+ "umull r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "umull r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "umull r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "umull r9, r10, r12, lr\n\t"
+ "str r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "mov r11, %[r]\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adc r3, %[r], #0\n\t"
+ "umlal r10, r3, r12, lr\n\t"
+ /* A[1] * B[0] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "str r4, [sp, #4]\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r4, %[r], #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "str r5, [sp, #8]\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r5, %[r], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r6, %[r], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r7, %[r], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r8, %[r], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r9, %[r], #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "ldr r12, [%[a], #28]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r10, %[r], #0\n\t"
+ "umlal r9, r10, r12, lr\n\t"
+ "ldr %[r], [sp, #32]\n\t"
+ "add %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "sub %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add sp, sp, #36\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
+#else
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str %[r], [sp, #36]\n\t"
+ "str %[a], [sp, #40]\n\t"
+#else
+ "strd %[r], %[a], [sp, #36]\n\t"
+#endif
+ "mov lr, %[b]\n\t"
+ "ldm %[a], {%[r], %[a], %[b], r3}\n\t"
+ "ldm lr!, {r4, r5, r6}\n\t"
+ "umull r10, r11, %[r], r4\n\t"
+ "umull r12, r7, %[a], r4\n\t"
+ "umaal r11, r12, %[r], r5\n\t"
+ "umull r8, r9, %[b], r4\n\t"
+ "umaal r12, r8, %[a], r5\n\t"
+ "umaal r12, r7, %[r], r6\n\t"
+ "umaal r8, r9, r3, r4\n\t"
+ "stm sp, {r10, r11, r12}\n\t"
+ "umaal r7, r8, %[b], r5\n\t"
+ "ldm lr!, {r4}\n\t"
+ "umull r10, r11, %[a], r6\n\t"
+ "umaal r8, r9, %[b], r6\n\t"
+ "umaal r7, r10, %[r], r4\n\t"
+ "umaal r8, r11, r3, r5\n\t"
+ "str r7, [sp, #12]\n\t"
+ "umaal r8, r10, %[a], r4\n\t"
+ "umaal r9, r11, r3, r6\n\t"
+ "umaal r9, r10, %[b], r4\n\t"
+ "umaal r10, r11, r3, r4\n\t"
+ "ldm lr, {r4, r5, r6, r7}\n\t"
+ "mov r12, #0\n\t"
+ "umlal r8, r12, %[r], r4\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r10, r12, %[b], r4\n\t"
+ "umaal r11, r12, r3, r4\n\t"
+ "mov r4, #0\n\t"
+ "umlal r9, r4, %[r], r5\n\t"
+ "umaal r10, r4, %[a], r5\n\t"
+ "umaal r11, r4, %[b], r5\n\t"
+ "umaal r12, r4, r3, r5\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, %[r], r6\n\t"
+ "umaal r11, r5, %[a], r6\n\t"
+ "umaal r12, r5, %[b], r6\n\t"
+ "umaal r4, r5, r3, r6\n\t"
+ "mov r6, #0\n\t"
+ "umlal r11, r6, %[r], r7\n\t"
+ "ldr %[r], [sp, #40]\n\t"
+ "umaal r12, r6, %[a], r7\n\t"
+ "add %[r], %[r], #16\n\t"
+ "umaal r4, r6, %[b], r7\n\t"
+ "sub lr, lr, #16\n\t"
+ "umaal r5, r6, r3, r7\n\t"
+ "ldm %[r], {%[r], %[a], %[b], r3}\n\t"
+ "str r6, [sp, #32]\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r7, #0\n\t"
+ "umlal r8, r7, %[r], r6\n\t"
+ "umaal r9, r7, %[a], r6\n\t"
+ "str r8, [sp, #16]\n\t"
+ "umaal r10, r7, %[b], r6\n\t"
+ "umaal r11, r7, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r8, #0\n\t"
+ "umlal r9, r8, %[r], r6\n\t"
+ "umaal r10, r8, %[a], r6\n\t"
+ "str r9, [sp, #20]\n\t"
+ "umaal r11, r8, %[b], r6\n\t"
+ "umaal r12, r8, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r9, #0\n\t"
+ "umlal r10, r9, %[r], r6\n\t"
+ "umaal r11, r9, %[a], r6\n\t"
+ "str r10, [sp, #24]\n\t"
+ "umaal r12, r9, %[b], r6\n\t"
+ "umaal r4, r9, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r10, #0\n\t"
+ "umlal r11, r10, %[r], r6\n\t"
+ "umaal r12, r10, %[a], r6\n\t"
+ "str r11, [sp, #28]\n\t"
+ "umaal r4, r10, %[b], r6\n\t"
+ "umaal r5, r10, r3, r6\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r12, r7, %[r], r11\n\t"
+ "umaal r4, r7, %[a], r11\n\t"
+ "ldr r6, [sp, #32]\n\t"
+ "umaal r5, r7, %[b], r11\n\t"
+ "umaal r6, r7, r3, r11\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r4, r8, %[r], r11\n\t"
+ "umaal r5, r8, %[a], r11\n\t"
+ "umaal r6, r8, %[b], r11\n\t"
+ "umaal r7, r8, r3, r11\n\t"
+ "ldm lr, {r11, lr}\n\t"
+ "umaal r5, r9, %[r], r11\n\t"
+ "umaal r6, r10, %[r], lr\n\t"
+ "umaal r6, r9, %[a], r11\n\t"
+ "umaal r7, r10, %[a], lr\n\t"
+ "umaal r7, r9, %[b], r11\n\t"
+ "umaal r8, r10, %[b], lr\n\t"
+ "umaal r8, r9, r3, r11\n\t"
+ "umaal r9, r10, r3, lr\n\t"
+ "mov r3, r12\n\t"
+ "ldr lr, [sp, #36]\n\t"
+ "add lr, lr, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "sub lr, lr, #32\n\t"
+ "ldm sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add sp, sp, #44\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+ );
+}
+
+#endif
/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
@@ -2691,12 +2728,11 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
*/
static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -2711,10 +2747,11 @@ static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -2726,8 +2763,8 @@ static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
*/
static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -2761,7 +2798,7 @@ static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -2774,12 +2811,11 @@ static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_2048_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -2808,10 +2844,11 @@ static sp_digit sp_2048_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -2888,8 +2925,8 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -2951,7 +2988,7 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -2964,12 +3001,11 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -3026,10 +3062,11 @@ static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -3110,8 +3147,8 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -3229,7 +3266,7 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -3242,12 +3279,11 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -3360,10 +3396,11 @@ static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -3437,6 +3474,7 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
(void)sp_2048_add_32(r + 96, r + 96, a1);
}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
@@ -3444,14 +3482,13 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
*/
static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #32\n\t"
/* A[0] * A[0] */
"ldr r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r9, r10, #16\n\t"
"lsl r2, r10, #16\n\t"
"lsr r2, r2, #16\n\t"
@@ -3462,15 +3499,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r2, r2, #17\n\t"
"adds r8, r8, r2\n\t"
"adc r3, r3, r9\n\t"
-#else
- "umull r8, r3, r10, r10\n\t"
-#endif
"mov r4, #0\n\t"
"str r8, [sp]\n\t"
/* A[0] * A[1] */
"ldr r10, [%[a], #4]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3511,22 +3544,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [sp, #4]\n\t"
/* A[0] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3567,20 +3588,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * A[1] */
"ldr r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3600,17 +3609,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #8]\n\t"
/* A[0] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3651,21 +3653,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3705,20 +3695,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r2, [sp, #12]\n\t"
/* A[0] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3759,21 +3739,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[1] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3813,18 +3781,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[2] * A[2] */
"ldr r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3844,17 +3802,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [sp, #16]\n\t"
/* A[0] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3876,15 +3827,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r3, #0\n\t"
"mov r7, #0\n\t"
/* A[1] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3913,16 +3860,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[2] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3951,12 +3891,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
@@ -3967,7 +3901,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -3989,15 +3922,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r4, #0\n\t"
"mov r7, #0\n\t"
/* A[1] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4026,16 +3955,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[2] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4064,15 +3986,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[3] * A[3] */
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4095,15 +4010,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adc r7, r7, r7\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"adds r2, r2, r5\n\t"
"adcs r3, r3, r6\n\t"
"adc r4, r4, r7\n\t"
@@ -4111,7 +4017,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4133,15 +4038,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r2, #0\n\t"
"mov r7, #0\n\t"
/* A[1] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4170,16 +4071,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[2] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4208,16 +4102,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[3] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4246,12 +4133,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
@@ -4262,7 +4143,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4284,15 +4164,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r3, #0\n\t"
"mov r7, #0\n\t"
/* A[2] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4321,16 +4197,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[3] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4359,15 +4228,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[4] * A[4] */
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4390,15 +4252,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adc r7, r7, r7\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"adds r4, r4, r5\n\t"
"adcs r2, r2, r6\n\t"
"adc r3, r3, r7\n\t"
@@ -4406,7 +4259,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4428,15 +4280,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r4, #0\n\t"
"mov r7, #0\n\t"
/* A[3] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4465,16 +4313,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[4] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4503,12 +4344,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
@@ -4519,7 +4354,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4560,21 +4394,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[4] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4614,18 +4436,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[5] * A[5] */
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4645,17 +4457,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [%[r], #40]\n\t"
/* A[4] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4696,21 +4501,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[5] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4750,20 +4543,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [%[r], #44]\n\t"
/* A[5] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4804,20 +4587,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[6] * A[6] */
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4837,17 +4608,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r2, [%[r], #48]\n\t"
/* A[6] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4888,21 +4652,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [%[r], #52]\n\t"
/* A[7] * A[7] */
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -4920,11 +4672,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #17\n\t"
"adds r4, r4, r8\n\t"
"adc r2, r2, r9\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r4, r4, r8\n\t"
- "adc r2, r2, r9\n\t"
-#endif
"str r4, [%[r], #56]\n\t"
"str r2, [%[r], #60]\n\t"
"ldm sp!, {r2, r3, r4, r8}\n\t"
@@ -4933,10 +4680,370 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"stm %[r]!, {r2, r3, r4, r8}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
+ );
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Square a and put result in r. (r = a * a)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ */
+static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str %[r], [sp, #64]\n\t"
+ "mov %[r], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * A[1] */
+ "ldr lr, [%[a], #4]\n\t"
+ "umull r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "ldr lr, [%[a], #12]\n\t"
+ "umull r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "umull r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "umull r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ "adcs r3, r3, #0\n\t"
+ "str r4, [sp, #4]\n\t"
+ "str r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "ldr lr, [%[a], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r4, %[r], #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[a], #12]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r5, %[r], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[a], #16]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r6, %[r], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[a], #20]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r7, %[r], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[a], #24]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r8, %[r], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[a], #28]\n\t"
+ "mov r9, #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "adds r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adcs r10, r10, r10\n\t"
+ "stm lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adc r10, %[r], #0\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov lr, sp\n\t"
+ /* A[0] * A[0] */
+ "ldr r12, [%[a]]\n\t"
+ "umull r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "ldr r12, [%[a], #4]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "ldr r12, [%[a], #8]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "ldr r12, [%[a], #12]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, r12\n\t"
+ "adds r10, r10, r11\n\t"
+ "stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "ldr r12, [%[a], #16]\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "ldr r12, [%[a], #20]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "ldr r12, [%[a], #24]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "ldr r12, [%[a], #28]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r12, r12\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "add %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "sub %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
+#else
+/* Square a and put result in r. (r = a * a)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ */
+static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #32\n\t"
+ "str %[r], [sp, #28]\n\t"
+ "ldm %[a], {%[r], %[a], r2, r3, r4, r5, r6, r7}\n\t"
+ "umull r9, r10, %[r], %[r]\n\t"
+ "umull r11, r12, %[r], %[a]\n\t"
+ "adds r11, r11, r11\n\t"
+ "mov lr, #0\n\t"
+ "umaal r10, r11, lr, lr\n\t"
+ "stm sp, {r9, r10}\n\t"
+ "mov r8, lr\n\t"
+ "umaal r8, r12, %[r], r2\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r8, r11, %[a], %[a]\n\t"
+ "umull r9, r10, %[r], r3\n\t"
+ "umaal r9, r12, %[a], r2\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [sp, #8]\n\t"
+ "str r9, [sp, #12]\n\t"
+#else
+ "strd r8, r9, [sp, #8]\n\t"
+#endif
+ "mov r9, lr\n\t"
+ "umaal r9, r10, %[r], r4\n\t"
+ "umaal r9, r12, %[a], r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r2, r2\n\t"
+ "str r9, [sp, #16]\n\t"
+ "umull r9, r8, %[r], r5\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r9, r10, r2, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+ "str r9, [sp, #20]\n\t"
+ "mov r9, lr\n\t"
+ "umaal r9, r8, %[r], r6\n\t"
+ "umaal r9, r12, %[a], r5\n\t"
+ "umaal r9, r10, r2, r4\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r3, r3\n\t"
+ "str r9, [sp, #24]\n\t"
+ "umull %[r], r9, %[r], r7\n\t"
+ "umaal %[r], r8, %[a], r6\n\t"
+ "umaal %[r], r12, r2, r5\n\t"
+ "umaal %[r], r10, r3, r4\n\t"
+ "adcs %[r], %[r], %[r]\n\t"
+ "umaal %[r], r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "umaal r9, r8, %[a], r7\n\t"
+ "umaal r9, r10, r2, r6\n\t"
+ "umaal r12, r9, r3, r5\n\t"
+ "adcs r12, r12, r12\n\t"
+ "umaal r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "umaal r9, r8, r2, r7\n\t"
+ "umaal r10, r9, r3, r6\n\t"
+ "mov r2, lr\n\t"
+ "umaal r10, r2, r4, r5\n\t"
+ "adcs r10, r10, r10\n\t"
+ "umaal r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "umaal r2, r8, r3, r7\n\t"
+ "umaal r2, r9, r4, r6\n\t"
+ "adcs r3, r2, r2\n\t"
+ "umaal r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "mov %[a], lr\n\t"
+ "umaal %[a], r8, r4, r7\n\t"
+ "umaal %[a], r9, r5, r6\n\t"
+ "adcs r4, %[a], %[a]\n\t"
+ "umaal r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "umaal r8, r9, r5, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "mov r5, lr\n\t"
+ "umaal r5, r9, r6, r7\n\t"
+ "adcs r5, r5, r5\n\t"
+ "umaal r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r5, r7, r7\n\t"
+ "adcs r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ "ldr lr, [sp, #28]\n\t"
+ "add lr, lr, #28\n\t"
+ "stm lr!, {%[r], r12}\n\t"
+ "stm lr!, {r11}\n\t"
+ "stm lr!, {r10}\n\t"
+ "stm lr!, {r3, r4, r8, r9}\n\t"
+ "stm lr!, {r7}\n\t"
+ "sub lr, lr, #0x40\n\t"
+ "ldm sp, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+ "stm lr, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+ "add sp, sp, #32\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif
/* Sub b from a into r. (r = a - b)
*
* r A single precision integer.
@@ -4945,9 +5052,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
*/
static sp_digit sp_2048_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -4967,7 +5074,7 @@ static sp_digit sp_2048_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -5016,9 +5123,9 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_2048_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -5052,7 +5159,7 @@ static sp_digit sp_2048_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -5101,9 +5208,9 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_2048_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -5165,7 +5272,7 @@ static sp_digit sp_2048_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -5216,9 +5323,9 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -5240,7 +5347,7 @@ static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -5254,16 +5361,15 @@ static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0x100\n\t"
"\n"
"L_sp_2048_sub_in_pkace_64_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -5271,13 +5377,13 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_2048_sub_in_pkace_64_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -5292,16 +5398,19 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x200\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_2048_mul_64_outer_%=: \n\t"
"subs r3, r5, #0xfc\n\t"
@@ -5312,7 +5421,44 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"L_sp_2048_mul_64_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -5349,10 +5495,46 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0x100\n\t"
- "beq L_sp_2048_mul_64_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_2048_mul_64_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_2048_mul_64_inner_done_%=\n\t"
+ "blt L_sp_2048_mul_64_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_2048_mul_64_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -5360,18 +5542,50 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x1f8\n\t"
+ "cmp r5, #0x1f4\n\t"
"ble L_sp_2048_mul_64_outer_%=\n\t"
+ "ldr lr, [%[a], #252]\n\t"
+ "ldr r11, [%[b], #252]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_2048_mul_64_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_2048_mul_64_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -5382,29 +5596,28 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x200\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_2048_sqr_64_outer_%=: \n\t"
"subs r3, r5, #0xfc\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_2048_sqr_64_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_2048_sqr_64_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -5453,11 +5666,13 @@ static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_2048_sqr_64_op_done_%=\n\t"
- "\n"
- "L_sp_2048_sqr_64_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_2048_sqr_64_inner_done_%=\n\t"
+ "blt L_sp_2048_sqr_64_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -5484,34 +5699,50 @@ static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_2048_sqr_64_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0x100\n\t"
- "beq L_sp_2048_sqr_64_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_2048_sqr_64_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_2048_sqr_64_inner_%=\n\t"
- "\n"
"L_sp_2048_sqr_64_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x1f8\n\t"
+ "cmp r5, #0x1f4\n\t"
"ble L_sp_2048_sqr_64_outer_%=\n\t"
+ "ldr lr, [%[a], #252]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_2048_sqr_64_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_2048_sqr_64_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -5543,9 +5774,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
*/
static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -5567,7 +5798,7 @@ static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -5581,16 +5812,15 @@ static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0x80\n\t"
"\n"
"L_sp_2048_sub_in_pkace_32_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -5598,13 +5828,13 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_2048_sub_in_pkace_32_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -5619,16 +5849,19 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x100\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_2048_mul_32_outer_%=: \n\t"
"subs r3, r5, #0x7c\n\t"
@@ -5639,7 +5872,44 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"L_sp_2048_mul_32_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -5676,10 +5946,46 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0x80\n\t"
- "beq L_sp_2048_mul_32_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_2048_mul_32_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_2048_mul_32_inner_done_%=\n\t"
+ "blt L_sp_2048_mul_32_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_2048_mul_32_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -5687,18 +5993,50 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0xf8\n\t"
+ "cmp r5, #0xf4\n\t"
"ble L_sp_2048_mul_32_outer_%=\n\t"
+ "ldr lr, [%[a], #124]\n\t"
+ "ldr r11, [%[b], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_2048_mul_32_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_2048_mul_32_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -5709,29 +6047,28 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x100\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_2048_sqr_32_outer_%=: \n\t"
"subs r3, r5, #0x7c\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_2048_sqr_32_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_2048_sqr_32_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -5780,11 +6117,13 @@ static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_2048_sqr_32_op_done_%=\n\t"
- "\n"
- "L_sp_2048_sqr_32_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_2048_sqr_32_inner_done_%=\n\t"
+ "blt L_sp_2048_sqr_32_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -5811,41 +6150,57 @@ static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_2048_sqr_32_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0x80\n\t"
- "beq L_sp_2048_sqr_32_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_2048_sqr_32_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_2048_sqr_32_inner_%=\n\t"
- "\n"
"L_sp_2048_sqr_32_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0xf8\n\t"
+ "cmp r5, #0xf4\n\t"
"ble L_sp_2048_sqr_32_outer_%=\n\t"
+ "ldr lr, [%[a], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_2048_sqr_32_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_2048_sqr_32_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -5874,15 +6229,14 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
*/
static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -5915,7 +6269,7 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_2048_mul_d_64_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -5960,7 +6314,7 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #256]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -5973,15 +6327,14 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -6006,2491 +6359,1995 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[17] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[18] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[19] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[20] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[21] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[22] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[23] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[24] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[25] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[26] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[27] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[28] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[29] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[30] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[31] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[32] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[33] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[34] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[35] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[36] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[37] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[38] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[39] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[40] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[41] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[42] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[43] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[44] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[45] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[46] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[47] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[48] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[49] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[50] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[51] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[52] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[53] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[54] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[55] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[56] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[57] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[58] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[59] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[60] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[61] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[62] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[63] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -8516,15 +8373,13 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r3, r3, r6\n\t"
"adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adc r4, r4, r7\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
"str r4, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -8555,10 +8410,10 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
*/
static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -8579,7 +8434,7 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -8595,10 +8450,10 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -8717,12 +8572,13 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 2048 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -8731,12 +8587,12 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -8749,10 +8605,9 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -8776,14 +8631,8 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -8807,18 +8656,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -8842,17 +8685,11 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -8876,18 +8713,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -8911,18 +8742,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -8946,18 +8771,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -8981,18 +8800,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9016,18 +8829,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9051,18 +8858,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9086,18 +8887,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9121,18 +8916,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9156,18 +8945,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9191,18 +8974,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9226,18 +9003,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9261,18 +9032,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9296,18 +9061,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
"ldr r7, [%[m], #64]\n\t"
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9331,18 +9090,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+17] += m[17] * mu */
"ldr r7, [%[m], #68]\n\t"
"ldr r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9366,18 +9119,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #68]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+18] += m[18] * mu */
"ldr r7, [%[m], #72]\n\t"
"ldr r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9401,18 +9148,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #72]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+19] += m[19] * mu */
"ldr r7, [%[m], #76]\n\t"
"ldr r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9436,18 +9177,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #76]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+20] += m[20] * mu */
"ldr r7, [%[m], #80]\n\t"
"ldr r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9471,18 +9206,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #80]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+21] += m[21] * mu */
"ldr r7, [%[m], #84]\n\t"
"ldr r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9506,18 +9235,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #84]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+22] += m[22] * mu */
"ldr r7, [%[m], #88]\n\t"
"ldr r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9541,18 +9264,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #88]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+23] += m[23] * mu */
"ldr r7, [%[m], #92]\n\t"
"ldr r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9576,18 +9293,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #92]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+24] += m[24] * mu */
"ldr r7, [%[m], #96]\n\t"
"ldr r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9611,18 +9322,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #96]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+25] += m[25] * mu */
"ldr r7, [%[m], #100]\n\t"
"ldr r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9646,18 +9351,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #100]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+26] += m[26] * mu */
"ldr r7, [%[m], #104]\n\t"
"ldr r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9681,18 +9380,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #104]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+27] += m[27] * mu */
"ldr r7, [%[m], #108]\n\t"
"ldr r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9716,18 +9409,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #108]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+28] += m[28] * mu */
"ldr r7, [%[m], #112]\n\t"
"ldr r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9751,18 +9438,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #112]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+29] += m[29] * mu */
"ldr r7, [%[m], #116]\n\t"
"ldr r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -9786,18 +9467,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #116]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+30] += m[30] * mu */
"ldr r7, [%[m], #120]\n\t"
"ldr r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -9821,22 +9496,16 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #120]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+31] += m[31] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #124]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #124]\n\t"
+#else
+ "ldr r7, [%[m], #124]\n\t"
#endif
"ldr r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -9867,13 +9536,301 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #124]\n\t"
+ "ldr r10, [%[a], #128]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #128]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0x80\n\t"
+ "blt L_sp_2048_mont_reduce_32_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r7, [%[m], #68]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r7, [%[m], #72]\n\t"
+ "ldr r10, [%[a], #72]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #72]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r7, [%[m], #76]\n\t"
+ "ldr r10, [%[a], #76]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #76]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r7, [%[m], #80]\n\t"
+ "ldr r10, [%[a], #80]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #80]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r7, [%[m], #84]\n\t"
+ "ldr r10, [%[a], #84]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #84]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r7, [%[m], #88]\n\t"
+ "ldr r10, [%[a], #88]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #88]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r7, [%[m], #92]\n\t"
+ "ldr r10, [%[a], #92]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #92]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r7, [%[m], #96]\n\t"
+ "ldr r10, [%[a], #96]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #96]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r7, [%[m], #100]\n\t"
+ "ldr r10, [%[a], #100]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #100]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r7, [%[m], #104]\n\t"
+ "ldr r10, [%[a], #104]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #104]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r7, [%[m], #108]\n\t"
+ "ldr r10, [%[a], #108]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #108]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r7, [%[m], #112]\n\t"
+ "ldr r10, [%[a], #112]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #112]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r7, [%[m], #116]\n\t"
+ "ldr r10, [%[a], #116]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #116]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r7, [%[m], #120]\n\t"
+ "ldr r10, [%[a], #120]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #120]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r7, [%[m], #124]\n\t"
+ "ldr r10, [%[a], #124]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #124]\n\t"
"ldr r10, [%[a], #128]\n\t"
@@ -9885,16 +9842,223 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"add %[a], %[a], #4\n\t"
"cmp r9, #0x80\n\t"
"blt L_sp_2048_mont_reduce_32_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r10, [%[m], #68]\n\t"
+ "ldr r9, [%[a], #68]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r10, [%[m], #72]\n\t"
+ "ldr r9, [%[a], #72]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r10, [%[m], #76]\n\t"
+ "ldr r9, [%[a], #76]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r10, [%[m], #80]\n\t"
+ "ldr r9, [%[a], #80]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r10, [%[m], #84]\n\t"
+ "ldr r9, [%[a], #84]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r10, [%[m], #88]\n\t"
+ "ldr r9, [%[a], #88]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r10, [%[m], #92]\n\t"
+ "ldr r9, [%[a], #92]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r10, [%[m], #96]\n\t"
+ "ldr r9, [%[a], #96]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r10, [%[m], #100]\n\t"
+ "ldr r9, [%[a], #100]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r10, [%[m], #104]\n\t"
+ "ldr r9, [%[a], #104]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r10, [%[m], #108]\n\t"
+ "ldr r9, [%[a], #108]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r10, [%[m], #112]\n\t"
+ "ldr r9, [%[a], #112]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r10, [%[m], #116]\n\t"
+ "ldr r9, [%[a], #116]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r10, [%[m], #120]\n\t"
+ "ldr r9, [%[a], #120]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r10, [%[m], #124]\n\t"
+ "ldr r9, [%[a], #124]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #128]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #124]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #128]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0x80\n\t"
+ "blt L_sp_2048_mont_reduce_32_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
}
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -9902,7 +10066,7 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -9916,7 +10080,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -9934,15 +10098,14 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
*/
static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -9975,7 +10138,7 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_2048_mul_d_32_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -10020,7 +10183,7 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #128]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -10033,15 +10196,14 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -10066,1211 +10228,971 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[17] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[18] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[19] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[20] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[21] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[22] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[23] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[24] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[25] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[26] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[27] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[28] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[29] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[30] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[31] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -11296,15 +11218,13 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
"str r5, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -11321,9 +11241,9 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -11363,7 +11283,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -11380,9 +11300,9 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -11412,7 +11332,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_2048_word_32_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -11440,7 +11360,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -11468,7 +11388,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -11501,7 +11421,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -11516,8 +11436,8 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -11900,7 +11820,7 @@ static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -11914,8 +11834,8 @@ static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -11955,7 +11875,8 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_dig
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_2048_div_32(a, m, NULL, r);
}
@@ -12312,10 +12233,10 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
*/
static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -12336,7 +12257,7 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -12352,10 +12273,10 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -12586,12 +12507,13 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 2048 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -12600,12 +12522,12 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -12618,10 +12540,9 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -12645,14 +12566,8 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -12676,18 +12591,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -12711,17 +12620,11 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -12745,18 +12648,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -12780,18 +12677,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -12815,18 +12706,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -12850,18 +12735,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -12885,18 +12764,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -12920,18 +12793,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -12955,18 +12822,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -12990,18 +12851,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13025,18 +12880,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13060,18 +12909,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13095,18 +12938,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13130,18 +12967,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13165,18 +12996,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
"ldr r7, [%[m], #64]\n\t"
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13200,18 +13025,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+17] += m[17] * mu */
"ldr r7, [%[m], #68]\n\t"
"ldr r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13235,18 +13054,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #68]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+18] += m[18] * mu */
"ldr r7, [%[m], #72]\n\t"
"ldr r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13270,18 +13083,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #72]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+19] += m[19] * mu */
"ldr r7, [%[m], #76]\n\t"
"ldr r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13305,18 +13112,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #76]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+20] += m[20] * mu */
"ldr r7, [%[m], #80]\n\t"
"ldr r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13340,18 +13141,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #80]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+21] += m[21] * mu */
"ldr r7, [%[m], #84]\n\t"
"ldr r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13375,18 +13170,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #84]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+22] += m[22] * mu */
"ldr r7, [%[m], #88]\n\t"
"ldr r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13410,18 +13199,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #88]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+23] += m[23] * mu */
"ldr r7, [%[m], #92]\n\t"
"ldr r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13445,18 +13228,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #92]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+24] += m[24] * mu */
"ldr r7, [%[m], #96]\n\t"
"ldr r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13480,18 +13257,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #96]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+25] += m[25] * mu */
"ldr r7, [%[m], #100]\n\t"
"ldr r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13515,18 +13286,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #100]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+26] += m[26] * mu */
"ldr r7, [%[m], #104]\n\t"
"ldr r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13550,18 +13315,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #104]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+27] += m[27] * mu */
"ldr r7, [%[m], #108]\n\t"
"ldr r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13585,18 +13344,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #108]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+28] += m[28] * mu */
"ldr r7, [%[m], #112]\n\t"
"ldr r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13620,18 +13373,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #112]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+29] += m[29] * mu */
"ldr r7, [%[m], #116]\n\t"
"ldr r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13655,18 +13402,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #116]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+30] += m[30] * mu */
"ldr r7, [%[m], #120]\n\t"
"ldr r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13690,18 +13431,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #120]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+31] += m[31] * mu */
"ldr r7, [%[m], #124]\n\t"
"ldr r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13725,18 +13460,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #124]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+32] += m[32] * mu */
"ldr r7, [%[m], #128]\n\t"
"ldr r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13760,18 +13489,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #128]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+33] += m[33] * mu */
"ldr r7, [%[m], #132]\n\t"
"ldr r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13795,18 +13518,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #132]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+34] += m[34] * mu */
"ldr r7, [%[m], #136]\n\t"
"ldr r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13830,18 +13547,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #136]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+35] += m[35] * mu */
"ldr r7, [%[m], #140]\n\t"
"ldr r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13865,18 +13576,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #140]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+36] += m[36] * mu */
"ldr r7, [%[m], #144]\n\t"
"ldr r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13900,18 +13605,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #144]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+37] += m[37] * mu */
"ldr r7, [%[m], #148]\n\t"
"ldr r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -13935,18 +13634,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #148]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+38] += m[38] * mu */
"ldr r7, [%[m], #152]\n\t"
"ldr r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -13970,18 +13663,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #152]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+39] += m[39] * mu */
"ldr r7, [%[m], #156]\n\t"
"ldr r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14005,18 +13692,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #156]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+40] += m[40] * mu */
"ldr r7, [%[m], #160]\n\t"
"ldr r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14040,18 +13721,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #160]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+41] += m[41] * mu */
"ldr r7, [%[m], #164]\n\t"
"ldr r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14075,18 +13750,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #164]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+42] += m[42] * mu */
"ldr r7, [%[m], #168]\n\t"
"ldr r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14110,18 +13779,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #168]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+43] += m[43] * mu */
"ldr r7, [%[m], #172]\n\t"
"ldr r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14145,18 +13808,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #172]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+44] += m[44] * mu */
"ldr r7, [%[m], #176]\n\t"
"ldr r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14180,18 +13837,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #176]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+45] += m[45] * mu */
"ldr r7, [%[m], #180]\n\t"
"ldr r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14215,18 +13866,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #180]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+46] += m[46] * mu */
"ldr r7, [%[m], #184]\n\t"
"ldr r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14250,18 +13895,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #184]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+47] += m[47] * mu */
"ldr r7, [%[m], #188]\n\t"
"ldr r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14285,18 +13924,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #188]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+48] += m[48] * mu */
"ldr r7, [%[m], #192]\n\t"
"ldr r10, [%[a], #192]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14320,18 +13953,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #192]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+49] += m[49] * mu */
"ldr r7, [%[m], #196]\n\t"
"ldr r10, [%[a], #196]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14355,18 +13982,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #196]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+50] += m[50] * mu */
"ldr r7, [%[m], #200]\n\t"
"ldr r10, [%[a], #200]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14390,18 +14011,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #200]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+51] += m[51] * mu */
"ldr r7, [%[m], #204]\n\t"
"ldr r10, [%[a], #204]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14425,18 +14040,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #204]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+52] += m[52] * mu */
"ldr r7, [%[m], #208]\n\t"
"ldr r10, [%[a], #208]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14460,18 +14069,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #208]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+53] += m[53] * mu */
"ldr r7, [%[m], #212]\n\t"
"ldr r10, [%[a], #212]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14495,18 +14098,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #212]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+54] += m[54] * mu */
"ldr r7, [%[m], #216]\n\t"
"ldr r10, [%[a], #216]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14530,18 +14127,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #216]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+55] += m[55] * mu */
"ldr r7, [%[m], #220]\n\t"
"ldr r10, [%[a], #220]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14565,18 +14156,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #220]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+56] += m[56] * mu */
"ldr r7, [%[m], #224]\n\t"
"ldr r10, [%[a], #224]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14600,18 +14185,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #224]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+57] += m[57] * mu */
"ldr r7, [%[m], #228]\n\t"
"ldr r10, [%[a], #228]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14635,18 +14214,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #228]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+58] += m[58] * mu */
"ldr r7, [%[m], #232]\n\t"
"ldr r10, [%[a], #232]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14670,18 +14243,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #232]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+59] += m[59] * mu */
"ldr r7, [%[m], #236]\n\t"
"ldr r10, [%[a], #236]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14705,18 +14272,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #236]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+60] += m[60] * mu */
"ldr r7, [%[m], #240]\n\t"
"ldr r10, [%[a], #240]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14740,18 +14301,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #240]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+61] += m[61] * mu */
"ldr r7, [%[m], #244]\n\t"
"ldr r10, [%[a], #244]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -14775,18 +14330,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #244]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+62] += m[62] * mu */
"ldr r7, [%[m], #248]\n\t"
"ldr r10, [%[a], #248]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -14810,22 +14359,16 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #248]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+63] += m[63] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #252]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #252]\n\t"
+#else
+ "ldr r7, [%[m], #252]\n\t"
#endif
"ldr r10, [%[a], #252]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -14856,13 +14399,557 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #252]\n\t"
+ "ldr r10, [%[a], #256]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #256]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0x100\n\t"
+ "blt L_sp_2048_mont_reduce_64_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r7, [%[m], #68]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r7, [%[m], #72]\n\t"
+ "ldr r10, [%[a], #72]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #72]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r7, [%[m], #76]\n\t"
+ "ldr r10, [%[a], #76]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #76]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r7, [%[m], #80]\n\t"
+ "ldr r10, [%[a], #80]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #80]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r7, [%[m], #84]\n\t"
+ "ldr r10, [%[a], #84]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #84]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r7, [%[m], #88]\n\t"
+ "ldr r10, [%[a], #88]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #88]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r7, [%[m], #92]\n\t"
+ "ldr r10, [%[a], #92]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #92]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r7, [%[m], #96]\n\t"
+ "ldr r10, [%[a], #96]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #96]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r7, [%[m], #100]\n\t"
+ "ldr r10, [%[a], #100]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #100]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r7, [%[m], #104]\n\t"
+ "ldr r10, [%[a], #104]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #104]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r7, [%[m], #108]\n\t"
+ "ldr r10, [%[a], #108]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #108]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r7, [%[m], #112]\n\t"
+ "ldr r10, [%[a], #112]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #112]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r7, [%[m], #116]\n\t"
+ "ldr r10, [%[a], #116]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #116]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r7, [%[m], #120]\n\t"
+ "ldr r10, [%[a], #120]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #120]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r7, [%[m], #124]\n\t"
+ "ldr r10, [%[a], #124]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #124]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r7, [%[m], #128]\n\t"
+ "ldr r10, [%[a], #128]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #128]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r7, [%[m], #132]\n\t"
+ "ldr r10, [%[a], #132]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #132]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r7, [%[m], #136]\n\t"
+ "ldr r10, [%[a], #136]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #136]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r7, [%[m], #140]\n\t"
+ "ldr r10, [%[a], #140]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #140]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r7, [%[m], #144]\n\t"
+ "ldr r10, [%[a], #144]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #144]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r7, [%[m], #148]\n\t"
+ "ldr r10, [%[a], #148]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #148]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r7, [%[m], #152]\n\t"
+ "ldr r10, [%[a], #152]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #152]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r7, [%[m], #156]\n\t"
+ "ldr r10, [%[a], #156]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #156]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r7, [%[m], #160]\n\t"
+ "ldr r10, [%[a], #160]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #160]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r7, [%[m], #164]\n\t"
+ "ldr r10, [%[a], #164]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #164]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r7, [%[m], #168]\n\t"
+ "ldr r10, [%[a], #168]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #168]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r7, [%[m], #172]\n\t"
+ "ldr r10, [%[a], #172]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #172]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r7, [%[m], #176]\n\t"
+ "ldr r10, [%[a], #176]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #176]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r7, [%[m], #180]\n\t"
+ "ldr r10, [%[a], #180]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #180]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r7, [%[m], #184]\n\t"
+ "ldr r10, [%[a], #184]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #184]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r7, [%[m], #188]\n\t"
+ "ldr r10, [%[a], #188]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #188]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+48] += m[48] * mu */
+ "ldr r7, [%[m], #192]\n\t"
+ "ldr r10, [%[a], #192]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #192]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+49] += m[49] * mu */
+ "ldr r7, [%[m], #196]\n\t"
+ "ldr r10, [%[a], #196]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #196]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+50] += m[50] * mu */
+ "ldr r7, [%[m], #200]\n\t"
+ "ldr r10, [%[a], #200]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #200]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+51] += m[51] * mu */
+ "ldr r7, [%[m], #204]\n\t"
+ "ldr r10, [%[a], #204]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #204]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+52] += m[52] * mu */
+ "ldr r7, [%[m], #208]\n\t"
+ "ldr r10, [%[a], #208]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #208]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+53] += m[53] * mu */
+ "ldr r7, [%[m], #212]\n\t"
+ "ldr r10, [%[a], #212]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #212]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+54] += m[54] * mu */
+ "ldr r7, [%[m], #216]\n\t"
+ "ldr r10, [%[a], #216]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #216]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+55] += m[55] * mu */
+ "ldr r7, [%[m], #220]\n\t"
+ "ldr r10, [%[a], #220]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #220]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+56] += m[56] * mu */
+ "ldr r7, [%[m], #224]\n\t"
+ "ldr r10, [%[a], #224]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #224]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+57] += m[57] * mu */
+ "ldr r7, [%[m], #228]\n\t"
+ "ldr r10, [%[a], #228]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #228]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+58] += m[58] * mu */
+ "ldr r7, [%[m], #232]\n\t"
+ "ldr r10, [%[a], #232]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #232]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+59] += m[59] * mu */
+ "ldr r7, [%[m], #236]\n\t"
+ "ldr r10, [%[a], #236]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #236]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+60] += m[60] * mu */
+ "ldr r7, [%[m], #240]\n\t"
+ "ldr r10, [%[a], #240]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #240]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+61] += m[61] * mu */
+ "ldr r7, [%[m], #244]\n\t"
+ "ldr r10, [%[a], #244]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #244]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+62] += m[62] * mu */
+ "ldr r7, [%[m], #248]\n\t"
+ "ldr r10, [%[a], #248]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #248]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+63] += m[63] * mu */
+ "ldr r7, [%[m], #252]\n\t"
+ "ldr r10, [%[a], #252]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #252]\n\t"
"ldr r10, [%[a], #256]\n\t"
@@ -14874,16 +14961,383 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
"add %[a], %[a], #4\n\t"
"cmp r9, #0x100\n\t"
"blt L_sp_2048_mont_reduce_64_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
}
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r10, [%[m], #68]\n\t"
+ "ldr r9, [%[a], #68]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r10, [%[m], #72]\n\t"
+ "ldr r9, [%[a], #72]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r10, [%[m], #76]\n\t"
+ "ldr r9, [%[a], #76]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r10, [%[m], #80]\n\t"
+ "ldr r9, [%[a], #80]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r10, [%[m], #84]\n\t"
+ "ldr r9, [%[a], #84]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r10, [%[m], #88]\n\t"
+ "ldr r9, [%[a], #88]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r10, [%[m], #92]\n\t"
+ "ldr r9, [%[a], #92]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r10, [%[m], #96]\n\t"
+ "ldr r9, [%[a], #96]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r10, [%[m], #100]\n\t"
+ "ldr r9, [%[a], #100]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r10, [%[m], #104]\n\t"
+ "ldr r9, [%[a], #104]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r10, [%[m], #108]\n\t"
+ "ldr r9, [%[a], #108]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r10, [%[m], #112]\n\t"
+ "ldr r9, [%[a], #112]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r10, [%[m], #116]\n\t"
+ "ldr r9, [%[a], #116]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r10, [%[m], #120]\n\t"
+ "ldr r9, [%[a], #120]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r10, [%[m], #124]\n\t"
+ "ldr r9, [%[a], #124]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r10, [%[m], #128]\n\t"
+ "ldr r9, [%[a], #128]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r10, [%[m], #132]\n\t"
+ "ldr r9, [%[a], #132]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r10, [%[m], #136]\n\t"
+ "ldr r9, [%[a], #136]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r10, [%[m], #140]\n\t"
+ "ldr r9, [%[a], #140]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r10, [%[m], #144]\n\t"
+ "ldr r9, [%[a], #144]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r10, [%[m], #148]\n\t"
+ "ldr r9, [%[a], #148]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r10, [%[m], #152]\n\t"
+ "ldr r9, [%[a], #152]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r10, [%[m], #156]\n\t"
+ "ldr r9, [%[a], #156]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r10, [%[m], #160]\n\t"
+ "ldr r9, [%[a], #160]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r10, [%[m], #164]\n\t"
+ "ldr r9, [%[a], #164]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r10, [%[m], #168]\n\t"
+ "ldr r9, [%[a], #168]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r10, [%[m], #172]\n\t"
+ "ldr r9, [%[a], #172]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r10, [%[m], #176]\n\t"
+ "ldr r9, [%[a], #176]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r10, [%[m], #180]\n\t"
+ "ldr r9, [%[a], #180]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r10, [%[m], #184]\n\t"
+ "ldr r9, [%[a], #184]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r10, [%[m], #188]\n\t"
+ "ldr r9, [%[a], #188]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #188]\n\t"
+ /* a[i+48] += m[48] * mu */
+ "ldr r10, [%[m], #192]\n\t"
+ "ldr r9, [%[a], #192]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #192]\n\t"
+ /* a[i+49] += m[49] * mu */
+ "ldr r10, [%[m], #196]\n\t"
+ "ldr r9, [%[a], #196]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #196]\n\t"
+ /* a[i+50] += m[50] * mu */
+ "ldr r10, [%[m], #200]\n\t"
+ "ldr r9, [%[a], #200]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #200]\n\t"
+ /* a[i+51] += m[51] * mu */
+ "ldr r10, [%[m], #204]\n\t"
+ "ldr r9, [%[a], #204]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #204]\n\t"
+ /* a[i+52] += m[52] * mu */
+ "ldr r10, [%[m], #208]\n\t"
+ "ldr r9, [%[a], #208]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #208]\n\t"
+ /* a[i+53] += m[53] * mu */
+ "ldr r10, [%[m], #212]\n\t"
+ "ldr r9, [%[a], #212]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #212]\n\t"
+ /* a[i+54] += m[54] * mu */
+ "ldr r10, [%[m], #216]\n\t"
+ "ldr r9, [%[a], #216]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #216]\n\t"
+ /* a[i+55] += m[55] * mu */
+ "ldr r10, [%[m], #220]\n\t"
+ "ldr r9, [%[a], #220]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #220]\n\t"
+ /* a[i+56] += m[56] * mu */
+ "ldr r10, [%[m], #224]\n\t"
+ "ldr r9, [%[a], #224]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #224]\n\t"
+ /* a[i+57] += m[57] * mu */
+ "ldr r10, [%[m], #228]\n\t"
+ "ldr r9, [%[a], #228]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #228]\n\t"
+ /* a[i+58] += m[58] * mu */
+ "ldr r10, [%[m], #232]\n\t"
+ "ldr r9, [%[a], #232]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #232]\n\t"
+ /* a[i+59] += m[59] * mu */
+ "ldr r10, [%[m], #236]\n\t"
+ "ldr r9, [%[a], #236]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #236]\n\t"
+ /* a[i+60] += m[60] * mu */
+ "ldr r10, [%[m], #240]\n\t"
+ "ldr r9, [%[a], #240]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #240]\n\t"
+ /* a[i+61] += m[61] * mu */
+ "ldr r10, [%[m], #244]\n\t"
+ "ldr r9, [%[a], #244]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #244]\n\t"
+ /* a[i+62] += m[62] * mu */
+ "ldr r10, [%[m], #248]\n\t"
+ "ldr r9, [%[a], #248]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #248]\n\t"
+ /* a[i+63] += m[63] * mu */
+ "ldr r10, [%[m], #252]\n\t"
+ "ldr r9, [%[a], #252]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #256]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #252]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #256]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0x100\n\t"
+ "blt L_sp_2048_mont_reduce_64_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -14891,7 +15345,7 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14905,7 +15359,7 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -14923,9 +15377,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
@@ -14946,7 +15400,7 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -14960,9 +15414,9 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -15080,7 +15534,7 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -15098,9 +15552,9 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -15140,7 +15594,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -15157,9 +15611,9 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -15189,7 +15643,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_2048_word_64_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -15217,7 +15671,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -15245,7 +15699,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -15278,7 +15732,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -15293,8 +15747,8 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -15350,7 +15804,8 @@ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, s
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_2048_div_64_cond(a, m, NULL, r);
}
@@ -15396,8 +15851,8 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
*/
static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -16132,7 +16587,7 @@ static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -16146,8 +16601,8 @@ static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -16187,7 +16642,8 @@ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_dig
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_2048_div_64(a, m, NULL, r);
}
@@ -16667,10 +17123,10 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
*/
static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -16691,7 +17147,7 @@ static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -16707,10 +17163,10 @@ static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r8, #0\n\t"
@@ -16829,7 +17285,7 @@ static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
"adc %[r], r8, r8\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -17151,9 +17607,9 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
#ifdef HAVE_FFDHE_2048
static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register byte n asm ("r2") = n_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register byte n asm ("r2") = (byte)n_p;
__asm__ __volatile__ (
"rsb r12, %[n], #31\n\t"
@@ -17543,7 +17999,7 @@ static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p)
"str r6, [%[r], #4]\n\t"
: [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : "memory", "r4", "r5", "r6", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
);
}
@@ -17845,14 +18301,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -17965,17 +18421,16 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a)
*/
static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #48\n\t"
- "mov r10, #0\n\t"
/* A[0] * B[0] */
"ldr r11, [%[a]]\n\t"
"ldr r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r3, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18005,7 +18460,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp]\n\t"
/* A[0] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18044,7 +18499,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[1] * B[0] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18082,7 +18537,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18122,7 +18577,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[1] */
"ldr r11, [%[a], #4]\n\t"
"ldr r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18160,7 +18615,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[2] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18198,7 +18653,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18237,7 +18692,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[1] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18274,7 +18729,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[2] * B[1] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18312,7 +18767,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[0] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18350,7 +18805,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18389,7 +18844,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[3] * B[1] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18427,7 +18882,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[2] */
"ldr r11, [%[a], #8]\n\t"
"ldr r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18465,7 +18920,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[3] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18503,7 +18958,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[4] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18541,7 +18996,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18581,7 +19036,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[4] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18618,7 +19073,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[2] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18655,7 +19110,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[3] * B[2] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18693,7 +19148,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[1] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18731,7 +19186,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[0] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18769,7 +19224,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18809,7 +19264,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[1] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18846,7 +19301,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[4] * B[2] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18884,7 +19339,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[3] */
"ldr r11, [%[a], #12]\n\t"
"ldr r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18922,7 +19377,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[4] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18960,7 +19415,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[5] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -18998,7 +19453,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[6] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19036,7 +19491,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19076,7 +19531,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[6] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19114,7 +19569,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[5] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19151,7 +19606,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[3] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19188,7 +19643,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[4] * B[3] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19226,7 +19681,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[2] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19264,7 +19719,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[1] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19302,7 +19757,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[0] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19340,7 +19795,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #28]\n\t"
/* A[8] * B[0] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19380,7 +19835,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[1] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19418,7 +19873,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[2] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19455,7 +19910,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[5] * B[3] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19493,7 +19948,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[4] */
"ldr r11, [%[a], #16]\n\t"
"ldr r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19531,7 +19986,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[5] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19569,7 +20024,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[6] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19607,7 +20062,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[7] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19645,7 +20100,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[8] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19683,7 +20138,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #32]\n\t"
/* A[0] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19723,7 +20178,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[8] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19761,7 +20216,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[7] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19799,7 +20254,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[6] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19836,7 +20291,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[4] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19873,7 +20328,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[5] * B[4] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19911,7 +20366,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[3] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19949,7 +20404,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[2] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -19987,7 +20442,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[1] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20025,7 +20480,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[0] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20063,7 +20518,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #36]\n\t"
/* A[10] * B[0] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20103,7 +20558,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[1] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20141,7 +20596,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[2] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20179,7 +20634,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[3] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20216,7 +20671,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[6] * B[4] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20254,7 +20709,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[5] */
"ldr r11, [%[a], #20]\n\t"
"ldr r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20292,7 +20747,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[6] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20330,7 +20785,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[7] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20368,7 +20823,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[8] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20406,7 +20861,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[9] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20444,7 +20899,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[10] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20482,7 +20937,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #40]\n\t"
/* A[0] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20522,7 +20977,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[10] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20560,7 +21015,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[9] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20598,7 +21053,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[8] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20636,7 +21091,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[7] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20673,7 +21128,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[5] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20710,7 +21165,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[6] * B[5] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20748,7 +21203,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[4] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20786,7 +21241,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[3] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20824,7 +21279,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[2] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20862,7 +21317,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[1] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20900,7 +21355,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[0] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20938,7 +21393,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #44]\n\t"
/* A[11] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -20978,7 +21433,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[2] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21016,7 +21471,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[3] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21054,7 +21509,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[4] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21091,7 +21546,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[7] * B[5] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21129,7 +21584,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[6] */
"ldr r11, [%[a], #24]\n\t"
"ldr r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21167,7 +21622,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[7] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21205,7 +21660,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[8] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21243,7 +21698,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[9] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21281,7 +21736,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[10] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21319,7 +21774,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[11] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21357,7 +21812,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [%[r], #48]\n\t"
/* A[2] * B[11] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21397,7 +21852,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[10] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21435,7 +21890,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[9] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21473,7 +21928,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[8] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21510,7 +21965,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[6] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21547,7 +22002,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[7] * B[6] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21585,7 +22040,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[5] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21623,7 +22078,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[4] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21661,7 +22116,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[3] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21699,7 +22154,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[2] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21737,7 +22192,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [%[r], #52]\n\t"
/* A[11] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21777,7 +22232,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[4] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21815,7 +22270,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[5] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21852,7 +22307,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[8] * B[6] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21890,7 +22345,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[7] */
"ldr r11, [%[a], #28]\n\t"
"ldr r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21928,7 +22383,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[8] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -21966,7 +22421,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[9] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22004,7 +22459,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[10] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22042,7 +22497,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[11] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22080,7 +22535,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [%[r], #56]\n\t"
/* A[4] * B[11] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22120,7 +22575,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[10] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22158,7 +22613,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[9] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22195,7 +22650,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[7] * B[8] */
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22232,7 +22687,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[8] * B[7] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22270,7 +22725,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[6] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22308,7 +22763,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[5] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22346,7 +22801,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[4] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22384,7 +22839,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [%[r], #60]\n\t"
/* A[11] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22424,7 +22879,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[6] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22461,7 +22916,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[9] * B[7] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22499,7 +22954,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[8] */
"ldr r11, [%[a], #32]\n\t"
"ldr r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22537,7 +22992,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[9] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22575,7 +23030,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[10] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22613,7 +23068,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[11] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22651,7 +23106,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [%[r], #64]\n\t"
/* A[6] * B[11] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22691,7 +23146,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[10] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22728,7 +23183,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[8] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22765,7 +23220,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[9] * B[8] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22803,7 +23258,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[7] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22841,7 +23296,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[6] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22879,7 +23334,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [%[r], #68]\n\t"
/* A[11] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22918,7 +23373,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[10] * B[8] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22956,7 +23411,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[9] */
"ldr r11, [%[a], #36]\n\t"
"ldr r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -22994,7 +23449,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[10] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23032,7 +23487,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[11] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23070,7 +23525,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [%[r], #72]\n\t"
/* A[8] * B[11] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23109,7 +23564,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[9] * B[10] */
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23146,7 +23601,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[10] * B[9] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23184,7 +23639,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[8] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23221,7 +23676,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"str r4, [%[r], #76]\n\t"
/* A[11] * B[9] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23261,7 +23716,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[10] */
"ldr r11, [%[a], #40]\n\t"
"ldr r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23299,7 +23754,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[11] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23336,7 +23791,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"str r5, [%[r], #80]\n\t"
/* A[10] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23375,7 +23830,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[11] * B[10] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23412,7 +23867,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"str r3, [%[r], #84]\n\t"
/* A[11] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -23438,9 +23893,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, r8, r9\n\t"
#endif
"str r4, [%[r], #88]\n\t"
"str r5, [%[r], #92]\n\t"
@@ -23452,7 +23905,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
@@ -23464,12 +23917,11 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -23491,10 +23943,11 @@ static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -23506,8 +23959,8 @@ static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -23555,7 +24008,7 @@ static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -23568,12 +24021,11 @@ static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_3072_add_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -23616,10 +24068,11 @@ static sp_digit sp_3072_add_24(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -23700,8 +24153,8 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -23791,7 +24244,7 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -23804,12 +24257,11 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -23894,10 +24346,11 @@ static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -23978,8 +24431,8 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -24153,7 +24606,7 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -24166,12 +24619,11 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -24340,10 +24792,11 @@ static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -24424,14 +24877,14 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
*/
static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #48\n\t"
/* A[0] * A[0] */
"ldr r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsr r9, r10, #16\n\t"
"lsl r2, r10, #16\n\t"
"lsr r2, r2, #16\n\t"
@@ -24450,7 +24903,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[1] */
"ldr r10, [%[a], #4]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24506,7 +24959,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24560,7 +25013,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[1] * A[1] */
"ldr r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24590,7 +25043,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24645,7 +25098,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24698,7 +25151,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24753,7 +25206,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24804,7 +25257,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[2] * A[2] */
"ldr r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24834,7 +25287,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24864,7 +25317,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24902,7 +25355,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24947,7 +25400,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -24977,7 +25430,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25015,7 +25468,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25052,7 +25505,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[3] * A[3] */
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25091,7 +25544,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25121,7 +25574,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25159,7 +25612,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25197,7 +25650,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25242,7 +25695,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25272,7 +25725,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25310,7 +25763,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25348,7 +25801,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25385,7 +25838,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[4] * A[4] */
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25424,7 +25877,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25454,7 +25907,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25492,7 +25945,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25530,7 +25983,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25568,7 +26021,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25613,7 +26066,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25643,7 +26096,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25681,7 +26134,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25719,7 +26172,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25757,7 +26210,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25794,7 +26247,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[5] * A[5] */
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25833,7 +26286,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25863,7 +26316,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25901,7 +26354,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25939,7 +26392,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -25977,7 +26430,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26015,7 +26468,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26060,7 +26513,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26090,7 +26543,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26128,7 +26581,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26166,7 +26619,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26204,7 +26657,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26241,7 +26694,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[6] * A[6] */
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26280,7 +26733,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26310,7 +26763,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26348,7 +26801,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26386,7 +26839,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26424,7 +26877,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26469,7 +26922,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26499,7 +26952,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26537,7 +26990,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26575,7 +27028,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26612,7 +27065,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[7] * A[7] */
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26651,7 +27104,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26681,7 +27134,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26719,7 +27172,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26757,7 +27210,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26802,7 +27255,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26832,7 +27285,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26870,7 +27323,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26907,7 +27360,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[8] * A[8] */
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26946,7 +27399,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -26976,7 +27429,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27014,7 +27467,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27059,7 +27512,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27114,7 +27567,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27165,7 +27618,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[9] * A[9] */
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27195,7 +27648,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27250,7 +27703,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27303,7 +27756,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27357,7 +27810,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[10] * A[10] */
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27387,7 +27840,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27442,7 +27895,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
"str r2, [%[r], #84]\n\t"
/* A[11] * A[11] */
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -27475,7 +27928,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
"stm %[r]!, {r2, r3, r4, r8}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
}
@@ -27487,9 +27940,9 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
*/
static sp_digit sp_3072_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -27516,7 +27969,7 @@ static sp_digit sp_3072_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -27565,9 +28018,9 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_3072_sub_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -27615,7 +28068,7 @@ static sp_digit sp_3072_sub_24(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -27664,9 +28117,9 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_3072_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -27756,7 +28209,7 @@ static sp_digit sp_3072_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -27807,9 +28260,9 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -27831,7 +28284,7 @@ static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -27845,16 +28298,15 @@ static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0x180\n\t"
"\n"
"L_sp_3072_sub_in_pkace_96_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -27862,13 +28314,13 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_3072_sub_in_pkace_96_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -27883,16 +28335,19 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x300\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_3072_mul_96_outer_%=: \n\t"
"subs r3, r5, #0x17c\n\t"
@@ -27903,7 +28358,44 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"L_sp_3072_mul_96_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -27940,10 +28432,46 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0x180\n\t"
- "beq L_sp_3072_mul_96_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_3072_mul_96_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_3072_mul_96_inner_done_%=\n\t"
+ "blt L_sp_3072_mul_96_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_3072_mul_96_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -27951,18 +28479,50 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x2f8\n\t"
+ "cmp r5, #0x2f4\n\t"
"ble L_sp_3072_mul_96_outer_%=\n\t"
+ "ldr lr, [%[a], #380]\n\t"
+ "ldr r11, [%[b], #380]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_3072_mul_96_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_3072_mul_96_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -27973,29 +28533,28 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x300\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_3072_sqr_96_outer_%=: \n\t"
"subs r3, r5, #0x17c\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_3072_sqr_96_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_3072_sqr_96_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -28044,11 +28603,13 @@ static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_3072_sqr_96_op_done_%=\n\t"
- "\n"
- "L_sp_3072_sqr_96_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_3072_sqr_96_inner_done_%=\n\t"
+ "blt L_sp_3072_sqr_96_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -28075,34 +28636,50 @@ static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_3072_sqr_96_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0x180\n\t"
- "beq L_sp_3072_sqr_96_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_3072_sqr_96_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_3072_sqr_96_inner_%=\n\t"
- "\n"
"L_sp_3072_sqr_96_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x2f8\n\t"
+ "cmp r5, #0x2f4\n\t"
"ble L_sp_3072_sqr_96_outer_%=\n\t"
+ "ldr lr, [%[a], #380]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_3072_sqr_96_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_3072_sqr_96_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -28134,9 +28711,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
*/
static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -28158,7 +28735,7 @@ static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -28172,16 +28749,15 @@ static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0xc0\n\t"
"\n"
"L_sp_3072_sub_in_pkace_48_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -28189,13 +28765,13 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_3072_sub_in_pkace_48_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -28210,16 +28786,19 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x180\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_3072_mul_48_outer_%=: \n\t"
"subs r3, r5, #0xbc\n\t"
@@ -28230,7 +28809,44 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"L_sp_3072_mul_48_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -28267,10 +28883,46 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0xc0\n\t"
- "beq L_sp_3072_mul_48_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_3072_mul_48_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_3072_mul_48_inner_done_%=\n\t"
+ "blt L_sp_3072_mul_48_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_3072_mul_48_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -28278,18 +28930,50 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x178\n\t"
+ "cmp r5, #0x174\n\t"
"ble L_sp_3072_mul_48_outer_%=\n\t"
+ "ldr lr, [%[a], #188]\n\t"
+ "ldr r11, [%[b], #188]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_3072_mul_48_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_3072_mul_48_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -28300,29 +28984,28 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x180\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_3072_sqr_48_outer_%=: \n\t"
"subs r3, r5, #0xbc\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_3072_sqr_48_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_3072_sqr_48_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -28371,11 +29054,13 @@ static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_3072_sqr_48_op_done_%=\n\t"
- "\n"
- "L_sp_3072_sqr_48_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_3072_sqr_48_inner_done_%=\n\t"
+ "blt L_sp_3072_sqr_48_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -28402,41 +29087,57 @@ static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_3072_sqr_48_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0xc0\n\t"
- "beq L_sp_3072_sqr_48_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_3072_sqr_48_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_3072_sqr_48_inner_%=\n\t"
- "\n"
"L_sp_3072_sqr_48_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x178\n\t"
+ "cmp r5, #0x174\n\t"
"ble L_sp_3072_sqr_48_outer_%=\n\t"
+ "ldr lr, [%[a], #188]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_3072_sqr_48_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_3072_sqr_48_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -28465,15 +29166,14 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
*/
static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -28506,7 +29206,7 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_3072_mul_d_96_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -28551,7 +29251,7 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #384]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -28564,15 +29264,14 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -28597,3771 +29296,3019 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[17] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[18] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[19] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[20] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[21] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[22] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[23] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[24] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[25] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[26] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[27] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[28] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[29] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[30] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[31] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[32] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[33] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[34] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[35] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[36] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[37] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[38] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[39] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[40] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[41] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[42] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[43] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[44] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[45] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[46] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[47] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[48] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[49] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[50] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[51] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[52] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[53] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[54] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[55] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[56] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[57] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[58] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[59] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[60] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[61] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[62] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[63] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[64] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[65] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[66] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[67] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[68] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[69] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[70] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[71] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[72] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[73] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[74] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[75] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[76] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[77] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[78] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[79] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[80] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[81] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[82] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[83] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[84] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[85] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[86] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[87] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[88] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[89] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[90] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[91] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[92] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[93] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[94] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[95] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -32387,15 +32334,13 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r5, r5, r6\n\t"
"adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r7\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
"str r3, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -32426,10 +32371,10 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
*/
static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -32450,7 +32395,7 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -32466,10 +32411,10 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -32644,12 +32589,13 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 3072 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -32658,12 +32604,12 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -32676,10 +32622,9 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -32703,14 +32648,8 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -32734,18 +32673,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -32769,17 +32702,11 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -32803,18 +32730,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -32838,18 +32759,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -32873,18 +32788,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -32908,18 +32817,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -32943,18 +32846,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -32978,18 +32875,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33013,18 +32904,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33048,18 +32933,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33083,18 +32962,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33118,18 +32991,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33153,18 +33020,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33188,18 +33049,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33223,18 +33078,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
"ldr r7, [%[m], #64]\n\t"
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33258,18 +33107,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+17] += m[17] * mu */
"ldr r7, [%[m], #68]\n\t"
"ldr r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33293,18 +33136,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #68]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+18] += m[18] * mu */
"ldr r7, [%[m], #72]\n\t"
"ldr r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33328,18 +33165,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #72]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+19] += m[19] * mu */
"ldr r7, [%[m], #76]\n\t"
"ldr r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33363,18 +33194,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #76]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+20] += m[20] * mu */
"ldr r7, [%[m], #80]\n\t"
"ldr r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33398,18 +33223,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #80]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+21] += m[21] * mu */
"ldr r7, [%[m], #84]\n\t"
"ldr r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33433,18 +33252,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #84]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+22] += m[22] * mu */
"ldr r7, [%[m], #88]\n\t"
"ldr r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33468,18 +33281,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #88]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+23] += m[23] * mu */
"ldr r7, [%[m], #92]\n\t"
"ldr r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33503,18 +33310,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #92]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+24] += m[24] * mu */
"ldr r7, [%[m], #96]\n\t"
"ldr r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33538,18 +33339,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #96]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+25] += m[25] * mu */
"ldr r7, [%[m], #100]\n\t"
"ldr r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33573,18 +33368,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #100]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+26] += m[26] * mu */
"ldr r7, [%[m], #104]\n\t"
"ldr r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33608,18 +33397,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #104]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+27] += m[27] * mu */
"ldr r7, [%[m], #108]\n\t"
"ldr r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33643,18 +33426,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #108]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+28] += m[28] * mu */
"ldr r7, [%[m], #112]\n\t"
"ldr r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33678,18 +33455,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #112]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+29] += m[29] * mu */
"ldr r7, [%[m], #116]\n\t"
"ldr r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33713,18 +33484,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #116]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+30] += m[30] * mu */
"ldr r7, [%[m], #120]\n\t"
"ldr r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33748,18 +33513,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #120]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+31] += m[31] * mu */
"ldr r7, [%[m], #124]\n\t"
"ldr r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33783,18 +33542,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #124]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+32] += m[32] * mu */
"ldr r7, [%[m], #128]\n\t"
"ldr r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33818,18 +33571,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #128]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+33] += m[33] * mu */
"ldr r7, [%[m], #132]\n\t"
"ldr r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33853,18 +33600,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #132]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+34] += m[34] * mu */
"ldr r7, [%[m], #136]\n\t"
"ldr r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33888,18 +33629,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #136]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+35] += m[35] * mu */
"ldr r7, [%[m], #140]\n\t"
"ldr r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33923,18 +33658,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #140]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+36] += m[36] * mu */
"ldr r7, [%[m], #144]\n\t"
"ldr r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -33958,18 +33687,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #144]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+37] += m[37] * mu */
"ldr r7, [%[m], #148]\n\t"
"ldr r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -33993,18 +33716,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #148]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+38] += m[38] * mu */
"ldr r7, [%[m], #152]\n\t"
"ldr r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -34028,18 +33745,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #152]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+39] += m[39] * mu */
"ldr r7, [%[m], #156]\n\t"
"ldr r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -34063,18 +33774,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #156]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+40] += m[40] * mu */
"ldr r7, [%[m], #160]\n\t"
"ldr r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -34098,18 +33803,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #160]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+41] += m[41] * mu */
"ldr r7, [%[m], #164]\n\t"
"ldr r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -34133,18 +33832,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #164]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+42] += m[42] * mu */
"ldr r7, [%[m], #168]\n\t"
"ldr r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -34168,18 +33861,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #168]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+43] += m[43] * mu */
"ldr r7, [%[m], #172]\n\t"
"ldr r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -34203,18 +33890,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #172]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+44] += m[44] * mu */
"ldr r7, [%[m], #176]\n\t"
"ldr r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -34238,18 +33919,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #176]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+45] += m[45] * mu */
"ldr r7, [%[m], #180]\n\t"
"ldr r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -34273,18 +33948,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #180]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+46] += m[46] * mu */
"ldr r7, [%[m], #184]\n\t"
"ldr r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -34308,22 +33977,16 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #184]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+47] += m[47] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #188]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #188]\n\t"
+#else
+ "ldr r7, [%[m], #188]\n\t"
#endif
"ldr r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -34354,13 +34017,429 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #188]\n\t"
+ "ldr r10, [%[a], #192]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #192]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0xc0\n\t"
+ "blt L_sp_3072_mont_reduce_48_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r7, [%[m], #68]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r7, [%[m], #72]\n\t"
+ "ldr r10, [%[a], #72]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #72]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r7, [%[m], #76]\n\t"
+ "ldr r10, [%[a], #76]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #76]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r7, [%[m], #80]\n\t"
+ "ldr r10, [%[a], #80]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #80]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r7, [%[m], #84]\n\t"
+ "ldr r10, [%[a], #84]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #84]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r7, [%[m], #88]\n\t"
+ "ldr r10, [%[a], #88]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #88]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r7, [%[m], #92]\n\t"
+ "ldr r10, [%[a], #92]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #92]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r7, [%[m], #96]\n\t"
+ "ldr r10, [%[a], #96]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #96]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r7, [%[m], #100]\n\t"
+ "ldr r10, [%[a], #100]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #100]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r7, [%[m], #104]\n\t"
+ "ldr r10, [%[a], #104]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #104]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r7, [%[m], #108]\n\t"
+ "ldr r10, [%[a], #108]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #108]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r7, [%[m], #112]\n\t"
+ "ldr r10, [%[a], #112]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #112]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r7, [%[m], #116]\n\t"
+ "ldr r10, [%[a], #116]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #116]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r7, [%[m], #120]\n\t"
+ "ldr r10, [%[a], #120]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #120]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r7, [%[m], #124]\n\t"
+ "ldr r10, [%[a], #124]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #124]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r7, [%[m], #128]\n\t"
+ "ldr r10, [%[a], #128]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #128]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r7, [%[m], #132]\n\t"
+ "ldr r10, [%[a], #132]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #132]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r7, [%[m], #136]\n\t"
+ "ldr r10, [%[a], #136]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #136]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r7, [%[m], #140]\n\t"
+ "ldr r10, [%[a], #140]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #140]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r7, [%[m], #144]\n\t"
+ "ldr r10, [%[a], #144]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #144]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r7, [%[m], #148]\n\t"
+ "ldr r10, [%[a], #148]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #148]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r7, [%[m], #152]\n\t"
+ "ldr r10, [%[a], #152]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #152]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r7, [%[m], #156]\n\t"
+ "ldr r10, [%[a], #156]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #156]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r7, [%[m], #160]\n\t"
+ "ldr r10, [%[a], #160]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #160]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r7, [%[m], #164]\n\t"
+ "ldr r10, [%[a], #164]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #164]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r7, [%[m], #168]\n\t"
+ "ldr r10, [%[a], #168]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #168]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r7, [%[m], #172]\n\t"
+ "ldr r10, [%[a], #172]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #172]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r7, [%[m], #176]\n\t"
+ "ldr r10, [%[a], #176]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #176]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r7, [%[m], #180]\n\t"
+ "ldr r10, [%[a], #180]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #180]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r7, [%[m], #184]\n\t"
+ "ldr r10, [%[a], #184]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #184]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r7, [%[m], #188]\n\t"
+ "ldr r10, [%[a], #188]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #188]\n\t"
"ldr r10, [%[a], #192]\n\t"
@@ -34372,16 +34451,303 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
"add %[a], %[a], #4\n\t"
"cmp r9, #0xc0\n\t"
"blt L_sp_3072_mont_reduce_48_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r10, [%[m], #68]\n\t"
+ "ldr r9, [%[a], #68]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r10, [%[m], #72]\n\t"
+ "ldr r9, [%[a], #72]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r10, [%[m], #76]\n\t"
+ "ldr r9, [%[a], #76]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r10, [%[m], #80]\n\t"
+ "ldr r9, [%[a], #80]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r10, [%[m], #84]\n\t"
+ "ldr r9, [%[a], #84]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r10, [%[m], #88]\n\t"
+ "ldr r9, [%[a], #88]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r10, [%[m], #92]\n\t"
+ "ldr r9, [%[a], #92]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r10, [%[m], #96]\n\t"
+ "ldr r9, [%[a], #96]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r10, [%[m], #100]\n\t"
+ "ldr r9, [%[a], #100]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r10, [%[m], #104]\n\t"
+ "ldr r9, [%[a], #104]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r10, [%[m], #108]\n\t"
+ "ldr r9, [%[a], #108]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r10, [%[m], #112]\n\t"
+ "ldr r9, [%[a], #112]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r10, [%[m], #116]\n\t"
+ "ldr r9, [%[a], #116]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r10, [%[m], #120]\n\t"
+ "ldr r9, [%[a], #120]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r10, [%[m], #124]\n\t"
+ "ldr r9, [%[a], #124]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r10, [%[m], #128]\n\t"
+ "ldr r9, [%[a], #128]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r10, [%[m], #132]\n\t"
+ "ldr r9, [%[a], #132]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r10, [%[m], #136]\n\t"
+ "ldr r9, [%[a], #136]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r10, [%[m], #140]\n\t"
+ "ldr r9, [%[a], #140]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r10, [%[m], #144]\n\t"
+ "ldr r9, [%[a], #144]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r10, [%[m], #148]\n\t"
+ "ldr r9, [%[a], #148]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r10, [%[m], #152]\n\t"
+ "ldr r9, [%[a], #152]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r10, [%[m], #156]\n\t"
+ "ldr r9, [%[a], #156]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r10, [%[m], #160]\n\t"
+ "ldr r9, [%[a], #160]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r10, [%[m], #164]\n\t"
+ "ldr r9, [%[a], #164]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r10, [%[m], #168]\n\t"
+ "ldr r9, [%[a], #168]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r10, [%[m], #172]\n\t"
+ "ldr r9, [%[a], #172]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r10, [%[m], #176]\n\t"
+ "ldr r9, [%[a], #176]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r10, [%[m], #180]\n\t"
+ "ldr r9, [%[a], #180]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r10, [%[m], #184]\n\t"
+ "ldr r9, [%[a], #184]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r10, [%[m], #188]\n\t"
+ "ldr r9, [%[a], #188]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #192]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #188]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #192]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0xc0\n\t"
+ "blt L_sp_3072_mont_reduce_48_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
}
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -34389,7 +34755,7 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -34403,7 +34769,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -34421,15 +34787,14 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
*/
static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -34462,7 +34827,7 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_3072_mul_d_48_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -34507,7 +34872,7 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #192]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -34520,15 +34885,14 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -34553,1851 +34917,1483 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[17] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[18] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[19] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[20] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[21] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[22] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[23] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[24] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[25] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[26] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[27] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[28] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[29] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[30] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[31] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[32] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[33] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[34] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[35] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[36] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[37] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[38] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[39] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[40] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[41] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[42] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[43] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[44] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[45] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[46] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[47] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -36423,15 +36419,13 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r5, r5, r6\n\t"
"adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r7\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
"str r3, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -36448,9 +36442,9 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -36490,7 +36484,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -36507,9 +36501,9 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -36539,7 +36533,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_3072_word_48_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -36567,7 +36561,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -36595,7 +36589,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -36628,7 +36622,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -36643,8 +36637,8 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -37203,7 +37197,7 @@ static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -37217,8 +37211,8 @@ static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[96], t2[49];
sp_digit div, r1;
@@ -37258,7 +37252,8 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_dig
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_3072_div_48(a, m, NULL, r);
}
@@ -37615,10 +37610,10 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
*/
static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -37639,7 +37634,7 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -37655,10 +37650,10 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -38001,12 +37996,13 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 3072 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -38015,12 +38011,12 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -38033,10 +38029,9 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -38060,14 +38055,8 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -38091,18 +38080,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -38126,17 +38109,11 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38160,18 +38137,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38195,18 +38166,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38230,18 +38195,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38265,18 +38224,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38300,18 +38253,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38335,18 +38282,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38370,18 +38311,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38405,18 +38340,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38440,18 +38369,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38475,18 +38398,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38510,18 +38427,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38545,18 +38456,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38580,18 +38485,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
"ldr r7, [%[m], #64]\n\t"
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38615,18 +38514,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+17] += m[17] * mu */
"ldr r7, [%[m], #68]\n\t"
"ldr r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38650,18 +38543,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #68]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+18] += m[18] * mu */
"ldr r7, [%[m], #72]\n\t"
"ldr r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38685,18 +38572,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #72]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+19] += m[19] * mu */
"ldr r7, [%[m], #76]\n\t"
"ldr r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38720,18 +38601,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #76]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+20] += m[20] * mu */
"ldr r7, [%[m], #80]\n\t"
"ldr r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38755,18 +38630,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #80]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+21] += m[21] * mu */
"ldr r7, [%[m], #84]\n\t"
"ldr r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38790,18 +38659,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #84]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+22] += m[22] * mu */
"ldr r7, [%[m], #88]\n\t"
"ldr r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38825,18 +38688,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #88]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+23] += m[23] * mu */
"ldr r7, [%[m], #92]\n\t"
"ldr r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38860,18 +38717,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #92]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+24] += m[24] * mu */
"ldr r7, [%[m], #96]\n\t"
"ldr r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38895,18 +38746,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #96]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+25] += m[25] * mu */
"ldr r7, [%[m], #100]\n\t"
"ldr r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -38930,18 +38775,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #100]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+26] += m[26] * mu */
"ldr r7, [%[m], #104]\n\t"
"ldr r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -38965,18 +38804,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #104]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+27] += m[27] * mu */
"ldr r7, [%[m], #108]\n\t"
"ldr r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39000,18 +38833,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #108]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+28] += m[28] * mu */
"ldr r7, [%[m], #112]\n\t"
"ldr r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39035,18 +38862,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #112]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+29] += m[29] * mu */
"ldr r7, [%[m], #116]\n\t"
"ldr r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39070,18 +38891,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #116]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+30] += m[30] * mu */
"ldr r7, [%[m], #120]\n\t"
"ldr r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39105,18 +38920,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #120]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+31] += m[31] * mu */
"ldr r7, [%[m], #124]\n\t"
"ldr r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39140,18 +38949,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #124]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+32] += m[32] * mu */
"ldr r7, [%[m], #128]\n\t"
"ldr r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39175,18 +38978,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #128]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+33] += m[33] * mu */
"ldr r7, [%[m], #132]\n\t"
"ldr r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39210,18 +39007,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #132]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+34] += m[34] * mu */
"ldr r7, [%[m], #136]\n\t"
"ldr r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39245,18 +39036,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #136]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+35] += m[35] * mu */
"ldr r7, [%[m], #140]\n\t"
"ldr r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39280,18 +39065,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #140]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+36] += m[36] * mu */
"ldr r7, [%[m], #144]\n\t"
"ldr r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39315,18 +39094,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #144]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+37] += m[37] * mu */
"ldr r7, [%[m], #148]\n\t"
"ldr r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39350,18 +39123,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #148]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+38] += m[38] * mu */
"ldr r7, [%[m], #152]\n\t"
"ldr r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39385,18 +39152,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #152]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+39] += m[39] * mu */
"ldr r7, [%[m], #156]\n\t"
"ldr r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39420,18 +39181,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #156]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+40] += m[40] * mu */
"ldr r7, [%[m], #160]\n\t"
"ldr r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39455,18 +39210,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #160]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+41] += m[41] * mu */
"ldr r7, [%[m], #164]\n\t"
"ldr r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39490,18 +39239,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #164]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+42] += m[42] * mu */
"ldr r7, [%[m], #168]\n\t"
"ldr r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39525,18 +39268,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #168]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+43] += m[43] * mu */
"ldr r7, [%[m], #172]\n\t"
"ldr r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39560,18 +39297,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #172]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+44] += m[44] * mu */
"ldr r7, [%[m], #176]\n\t"
"ldr r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39595,18 +39326,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #176]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+45] += m[45] * mu */
"ldr r7, [%[m], #180]\n\t"
"ldr r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39630,18 +39355,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #180]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+46] += m[46] * mu */
"ldr r7, [%[m], #184]\n\t"
"ldr r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39665,18 +39384,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #184]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+47] += m[47] * mu */
"ldr r7, [%[m], #188]\n\t"
"ldr r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39700,18 +39413,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #188]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+48] += m[48] * mu */
"ldr r7, [%[m], #192]\n\t"
"ldr r10, [%[a], #192]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39735,18 +39442,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #192]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+49] += m[49] * mu */
"ldr r7, [%[m], #196]\n\t"
"ldr r10, [%[a], #196]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39770,18 +39471,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #196]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+50] += m[50] * mu */
"ldr r7, [%[m], #200]\n\t"
"ldr r10, [%[a], #200]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39805,18 +39500,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #200]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+51] += m[51] * mu */
"ldr r7, [%[m], #204]\n\t"
"ldr r10, [%[a], #204]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39840,18 +39529,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #204]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+52] += m[52] * mu */
"ldr r7, [%[m], #208]\n\t"
"ldr r10, [%[a], #208]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39875,18 +39558,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #208]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+53] += m[53] * mu */
"ldr r7, [%[m], #212]\n\t"
"ldr r10, [%[a], #212]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39910,18 +39587,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #212]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+54] += m[54] * mu */
"ldr r7, [%[m], #216]\n\t"
"ldr r10, [%[a], #216]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -39945,18 +39616,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #216]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+55] += m[55] * mu */
"ldr r7, [%[m], #220]\n\t"
"ldr r10, [%[a], #220]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -39980,18 +39645,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #220]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+56] += m[56] * mu */
"ldr r7, [%[m], #224]\n\t"
"ldr r10, [%[a], #224]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40015,18 +39674,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #224]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+57] += m[57] * mu */
"ldr r7, [%[m], #228]\n\t"
"ldr r10, [%[a], #228]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40050,18 +39703,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #228]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+58] += m[58] * mu */
"ldr r7, [%[m], #232]\n\t"
"ldr r10, [%[a], #232]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40085,18 +39732,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #232]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+59] += m[59] * mu */
"ldr r7, [%[m], #236]\n\t"
"ldr r10, [%[a], #236]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40120,18 +39761,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #236]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+60] += m[60] * mu */
"ldr r7, [%[m], #240]\n\t"
"ldr r10, [%[a], #240]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40155,18 +39790,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #240]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+61] += m[61] * mu */
"ldr r7, [%[m], #244]\n\t"
"ldr r10, [%[a], #244]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40190,18 +39819,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #244]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+62] += m[62] * mu */
"ldr r7, [%[m], #248]\n\t"
"ldr r10, [%[a], #248]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40225,18 +39848,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #248]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+63] += m[63] * mu */
"ldr r7, [%[m], #252]\n\t"
"ldr r10, [%[a], #252]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40260,18 +39877,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #252]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+64] += m[64] * mu */
"ldr r7, [%[m], #256]\n\t"
"ldr r10, [%[a], #256]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40295,18 +39906,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #256]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+65] += m[65] * mu */
"ldr r7, [%[m], #260]\n\t"
"ldr r10, [%[a], #260]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40330,18 +39935,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #260]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+66] += m[66] * mu */
"ldr r7, [%[m], #264]\n\t"
"ldr r10, [%[a], #264]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40365,18 +39964,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #264]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+67] += m[67] * mu */
"ldr r7, [%[m], #268]\n\t"
"ldr r10, [%[a], #268]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40400,18 +39993,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #268]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+68] += m[68] * mu */
"ldr r7, [%[m], #272]\n\t"
"ldr r10, [%[a], #272]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40435,18 +40022,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #272]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+69] += m[69] * mu */
"ldr r7, [%[m], #276]\n\t"
"ldr r10, [%[a], #276]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40470,18 +40051,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #276]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+70] += m[70] * mu */
"ldr r7, [%[m], #280]\n\t"
"ldr r10, [%[a], #280]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40505,18 +40080,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #280]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+71] += m[71] * mu */
"ldr r7, [%[m], #284]\n\t"
"ldr r10, [%[a], #284]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40540,18 +40109,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #284]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+72] += m[72] * mu */
"ldr r7, [%[m], #288]\n\t"
"ldr r10, [%[a], #288]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40575,18 +40138,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #288]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+73] += m[73] * mu */
"ldr r7, [%[m], #292]\n\t"
"ldr r10, [%[a], #292]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40610,18 +40167,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #292]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+74] += m[74] * mu */
"ldr r7, [%[m], #296]\n\t"
"ldr r10, [%[a], #296]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40645,18 +40196,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #296]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+75] += m[75] * mu */
"ldr r7, [%[m], #300]\n\t"
"ldr r10, [%[a], #300]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40680,18 +40225,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #300]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+76] += m[76] * mu */
"ldr r7, [%[m], #304]\n\t"
"ldr r10, [%[a], #304]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40715,18 +40254,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #304]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+77] += m[77] * mu */
"ldr r7, [%[m], #308]\n\t"
"ldr r10, [%[a], #308]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40750,18 +40283,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #308]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+78] += m[78] * mu */
"ldr r7, [%[m], #312]\n\t"
"ldr r10, [%[a], #312]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40785,18 +40312,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #312]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+79] += m[79] * mu */
"ldr r7, [%[m], #316]\n\t"
"ldr r10, [%[a], #316]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40820,18 +40341,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #316]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+80] += m[80] * mu */
"ldr r7, [%[m], #320]\n\t"
"ldr r10, [%[a], #320]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40855,18 +40370,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #320]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+81] += m[81] * mu */
"ldr r7, [%[m], #324]\n\t"
"ldr r10, [%[a], #324]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40890,18 +40399,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #324]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+82] += m[82] * mu */
"ldr r7, [%[m], #328]\n\t"
"ldr r10, [%[a], #328]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40925,18 +40428,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #328]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+83] += m[83] * mu */
"ldr r7, [%[m], #332]\n\t"
"ldr r10, [%[a], #332]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -40960,18 +40457,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #332]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+84] += m[84] * mu */
"ldr r7, [%[m], #336]\n\t"
"ldr r10, [%[a], #336]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -40995,18 +40486,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #336]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+85] += m[85] * mu */
"ldr r7, [%[m], #340]\n\t"
"ldr r10, [%[a], #340]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -41030,18 +40515,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #340]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+86] += m[86] * mu */
"ldr r7, [%[m], #344]\n\t"
"ldr r10, [%[a], #344]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -41065,18 +40544,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #344]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+87] += m[87] * mu */
"ldr r7, [%[m], #348]\n\t"
"ldr r10, [%[a], #348]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -41100,18 +40573,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #348]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+88] += m[88] * mu */
"ldr r7, [%[m], #352]\n\t"
"ldr r10, [%[a], #352]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -41135,18 +40602,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #352]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+89] += m[89] * mu */
"ldr r7, [%[m], #356]\n\t"
"ldr r10, [%[a], #356]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -41170,18 +40631,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #356]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+90] += m[90] * mu */
"ldr r7, [%[m], #360]\n\t"
"ldr r10, [%[a], #360]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -41205,18 +40660,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #360]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+91] += m[91] * mu */
"ldr r7, [%[m], #364]\n\t"
"ldr r10, [%[a], #364]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -41240,18 +40689,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #364]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+92] += m[92] * mu */
"ldr r7, [%[m], #368]\n\t"
"ldr r10, [%[a], #368]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -41275,18 +40718,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #368]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+93] += m[93] * mu */
"ldr r7, [%[m], #372]\n\t"
"ldr r10, [%[a], #372]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -41310,18 +40747,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #372]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+94] += m[94] * mu */
"ldr r7, [%[m], #376]\n\t"
"ldr r10, [%[a], #376]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -41345,22 +40776,16 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #376]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+95] += m[95] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #380]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #380]\n\t"
+#else
+ "ldr r7, [%[m], #380]\n\t"
#endif
"ldr r10, [%[a], #380]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -41391,13 +40816,813 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #380]\n\t"
+ "ldr r10, [%[a], #384]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #384]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0x180\n\t"
+ "blt L_sp_3072_mont_reduce_96_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r7, [%[m], #68]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r7, [%[m], #72]\n\t"
+ "ldr r10, [%[a], #72]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #72]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r7, [%[m], #76]\n\t"
+ "ldr r10, [%[a], #76]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #76]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r7, [%[m], #80]\n\t"
+ "ldr r10, [%[a], #80]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #80]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r7, [%[m], #84]\n\t"
+ "ldr r10, [%[a], #84]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #84]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r7, [%[m], #88]\n\t"
+ "ldr r10, [%[a], #88]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #88]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r7, [%[m], #92]\n\t"
+ "ldr r10, [%[a], #92]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #92]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r7, [%[m], #96]\n\t"
+ "ldr r10, [%[a], #96]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #96]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r7, [%[m], #100]\n\t"
+ "ldr r10, [%[a], #100]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #100]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r7, [%[m], #104]\n\t"
+ "ldr r10, [%[a], #104]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #104]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r7, [%[m], #108]\n\t"
+ "ldr r10, [%[a], #108]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #108]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r7, [%[m], #112]\n\t"
+ "ldr r10, [%[a], #112]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #112]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r7, [%[m], #116]\n\t"
+ "ldr r10, [%[a], #116]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #116]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r7, [%[m], #120]\n\t"
+ "ldr r10, [%[a], #120]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #120]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r7, [%[m], #124]\n\t"
+ "ldr r10, [%[a], #124]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #124]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r7, [%[m], #128]\n\t"
+ "ldr r10, [%[a], #128]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #128]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r7, [%[m], #132]\n\t"
+ "ldr r10, [%[a], #132]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #132]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r7, [%[m], #136]\n\t"
+ "ldr r10, [%[a], #136]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #136]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r7, [%[m], #140]\n\t"
+ "ldr r10, [%[a], #140]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #140]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r7, [%[m], #144]\n\t"
+ "ldr r10, [%[a], #144]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #144]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r7, [%[m], #148]\n\t"
+ "ldr r10, [%[a], #148]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #148]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r7, [%[m], #152]\n\t"
+ "ldr r10, [%[a], #152]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #152]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r7, [%[m], #156]\n\t"
+ "ldr r10, [%[a], #156]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #156]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r7, [%[m], #160]\n\t"
+ "ldr r10, [%[a], #160]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #160]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r7, [%[m], #164]\n\t"
+ "ldr r10, [%[a], #164]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #164]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r7, [%[m], #168]\n\t"
+ "ldr r10, [%[a], #168]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #168]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r7, [%[m], #172]\n\t"
+ "ldr r10, [%[a], #172]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #172]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r7, [%[m], #176]\n\t"
+ "ldr r10, [%[a], #176]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #176]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r7, [%[m], #180]\n\t"
+ "ldr r10, [%[a], #180]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #180]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r7, [%[m], #184]\n\t"
+ "ldr r10, [%[a], #184]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #184]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r7, [%[m], #188]\n\t"
+ "ldr r10, [%[a], #188]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #188]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+48] += m[48] * mu */
+ "ldr r7, [%[m], #192]\n\t"
+ "ldr r10, [%[a], #192]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #192]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+49] += m[49] * mu */
+ "ldr r7, [%[m], #196]\n\t"
+ "ldr r10, [%[a], #196]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #196]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+50] += m[50] * mu */
+ "ldr r7, [%[m], #200]\n\t"
+ "ldr r10, [%[a], #200]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #200]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+51] += m[51] * mu */
+ "ldr r7, [%[m], #204]\n\t"
+ "ldr r10, [%[a], #204]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #204]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+52] += m[52] * mu */
+ "ldr r7, [%[m], #208]\n\t"
+ "ldr r10, [%[a], #208]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #208]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+53] += m[53] * mu */
+ "ldr r7, [%[m], #212]\n\t"
+ "ldr r10, [%[a], #212]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #212]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+54] += m[54] * mu */
+ "ldr r7, [%[m], #216]\n\t"
+ "ldr r10, [%[a], #216]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #216]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+55] += m[55] * mu */
+ "ldr r7, [%[m], #220]\n\t"
+ "ldr r10, [%[a], #220]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #220]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+56] += m[56] * mu */
+ "ldr r7, [%[m], #224]\n\t"
+ "ldr r10, [%[a], #224]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #224]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+57] += m[57] * mu */
+ "ldr r7, [%[m], #228]\n\t"
+ "ldr r10, [%[a], #228]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #228]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+58] += m[58] * mu */
+ "ldr r7, [%[m], #232]\n\t"
+ "ldr r10, [%[a], #232]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #232]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+59] += m[59] * mu */
+ "ldr r7, [%[m], #236]\n\t"
+ "ldr r10, [%[a], #236]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #236]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+60] += m[60] * mu */
+ "ldr r7, [%[m], #240]\n\t"
+ "ldr r10, [%[a], #240]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #240]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+61] += m[61] * mu */
+ "ldr r7, [%[m], #244]\n\t"
+ "ldr r10, [%[a], #244]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #244]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+62] += m[62] * mu */
+ "ldr r7, [%[m], #248]\n\t"
+ "ldr r10, [%[a], #248]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #248]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+63] += m[63] * mu */
+ "ldr r7, [%[m], #252]\n\t"
+ "ldr r10, [%[a], #252]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #252]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+64] += m[64] * mu */
+ "ldr r7, [%[m], #256]\n\t"
+ "ldr r10, [%[a], #256]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #256]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+65] += m[65] * mu */
+ "ldr r7, [%[m], #260]\n\t"
+ "ldr r10, [%[a], #260]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #260]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+66] += m[66] * mu */
+ "ldr r7, [%[m], #264]\n\t"
+ "ldr r10, [%[a], #264]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #264]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+67] += m[67] * mu */
+ "ldr r7, [%[m], #268]\n\t"
+ "ldr r10, [%[a], #268]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #268]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+68] += m[68] * mu */
+ "ldr r7, [%[m], #272]\n\t"
+ "ldr r10, [%[a], #272]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #272]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+69] += m[69] * mu */
+ "ldr r7, [%[m], #276]\n\t"
+ "ldr r10, [%[a], #276]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #276]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+70] += m[70] * mu */
+ "ldr r7, [%[m], #280]\n\t"
+ "ldr r10, [%[a], #280]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #280]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+71] += m[71] * mu */
+ "ldr r7, [%[m], #284]\n\t"
+ "ldr r10, [%[a], #284]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #284]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+72] += m[72] * mu */
+ "ldr r7, [%[m], #288]\n\t"
+ "ldr r10, [%[a], #288]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #288]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+73] += m[73] * mu */
+ "ldr r7, [%[m], #292]\n\t"
+ "ldr r10, [%[a], #292]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #292]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+74] += m[74] * mu */
+ "ldr r7, [%[m], #296]\n\t"
+ "ldr r10, [%[a], #296]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #296]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+75] += m[75] * mu */
+ "ldr r7, [%[m], #300]\n\t"
+ "ldr r10, [%[a], #300]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #300]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+76] += m[76] * mu */
+ "ldr r7, [%[m], #304]\n\t"
+ "ldr r10, [%[a], #304]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #304]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+77] += m[77] * mu */
+ "ldr r7, [%[m], #308]\n\t"
+ "ldr r10, [%[a], #308]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #308]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+78] += m[78] * mu */
+ "ldr r7, [%[m], #312]\n\t"
+ "ldr r10, [%[a], #312]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #312]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+79] += m[79] * mu */
+ "ldr r7, [%[m], #316]\n\t"
+ "ldr r10, [%[a], #316]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #316]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+80] += m[80] * mu */
+ "ldr r7, [%[m], #320]\n\t"
+ "ldr r10, [%[a], #320]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #320]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+81] += m[81] * mu */
+ "ldr r7, [%[m], #324]\n\t"
+ "ldr r10, [%[a], #324]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #324]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+82] += m[82] * mu */
+ "ldr r7, [%[m], #328]\n\t"
+ "ldr r10, [%[a], #328]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #328]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+83] += m[83] * mu */
+ "ldr r7, [%[m], #332]\n\t"
+ "ldr r10, [%[a], #332]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #332]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+84] += m[84] * mu */
+ "ldr r7, [%[m], #336]\n\t"
+ "ldr r10, [%[a], #336]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #336]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+85] += m[85] * mu */
+ "ldr r7, [%[m], #340]\n\t"
+ "ldr r10, [%[a], #340]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #340]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+86] += m[86] * mu */
+ "ldr r7, [%[m], #344]\n\t"
+ "ldr r10, [%[a], #344]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #344]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+87] += m[87] * mu */
+ "ldr r7, [%[m], #348]\n\t"
+ "ldr r10, [%[a], #348]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #348]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+88] += m[88] * mu */
+ "ldr r7, [%[m], #352]\n\t"
+ "ldr r10, [%[a], #352]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #352]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+89] += m[89] * mu */
+ "ldr r7, [%[m], #356]\n\t"
+ "ldr r10, [%[a], #356]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #356]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+90] += m[90] * mu */
+ "ldr r7, [%[m], #360]\n\t"
+ "ldr r10, [%[a], #360]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #360]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+91] += m[91] * mu */
+ "ldr r7, [%[m], #364]\n\t"
+ "ldr r10, [%[a], #364]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #364]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+92] += m[92] * mu */
+ "ldr r7, [%[m], #368]\n\t"
+ "ldr r10, [%[a], #368]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #368]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+93] += m[93] * mu */
+ "ldr r7, [%[m], #372]\n\t"
+ "ldr r10, [%[a], #372]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #372]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+94] += m[94] * mu */
+ "ldr r7, [%[m], #376]\n\t"
+ "ldr r10, [%[a], #376]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #376]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+95] += m[95] * mu */
+ "ldr r7, [%[m], #380]\n\t"
+ "ldr r10, [%[a], #380]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #380]\n\t"
"ldr r10, [%[a], #384]\n\t"
@@ -41409,16 +41634,543 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
"add %[a], %[a], #4\n\t"
"cmp r9, #0x180\n\t"
"blt L_sp_3072_mont_reduce_96_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
}
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r10, [%[m], #68]\n\t"
+ "ldr r9, [%[a], #68]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r10, [%[m], #72]\n\t"
+ "ldr r9, [%[a], #72]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r10, [%[m], #76]\n\t"
+ "ldr r9, [%[a], #76]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r10, [%[m], #80]\n\t"
+ "ldr r9, [%[a], #80]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r10, [%[m], #84]\n\t"
+ "ldr r9, [%[a], #84]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r10, [%[m], #88]\n\t"
+ "ldr r9, [%[a], #88]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r10, [%[m], #92]\n\t"
+ "ldr r9, [%[a], #92]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r10, [%[m], #96]\n\t"
+ "ldr r9, [%[a], #96]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r10, [%[m], #100]\n\t"
+ "ldr r9, [%[a], #100]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r10, [%[m], #104]\n\t"
+ "ldr r9, [%[a], #104]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r10, [%[m], #108]\n\t"
+ "ldr r9, [%[a], #108]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r10, [%[m], #112]\n\t"
+ "ldr r9, [%[a], #112]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r10, [%[m], #116]\n\t"
+ "ldr r9, [%[a], #116]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r10, [%[m], #120]\n\t"
+ "ldr r9, [%[a], #120]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r10, [%[m], #124]\n\t"
+ "ldr r9, [%[a], #124]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r10, [%[m], #128]\n\t"
+ "ldr r9, [%[a], #128]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r10, [%[m], #132]\n\t"
+ "ldr r9, [%[a], #132]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r10, [%[m], #136]\n\t"
+ "ldr r9, [%[a], #136]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r10, [%[m], #140]\n\t"
+ "ldr r9, [%[a], #140]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r10, [%[m], #144]\n\t"
+ "ldr r9, [%[a], #144]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r10, [%[m], #148]\n\t"
+ "ldr r9, [%[a], #148]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r10, [%[m], #152]\n\t"
+ "ldr r9, [%[a], #152]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r10, [%[m], #156]\n\t"
+ "ldr r9, [%[a], #156]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r10, [%[m], #160]\n\t"
+ "ldr r9, [%[a], #160]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r10, [%[m], #164]\n\t"
+ "ldr r9, [%[a], #164]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r10, [%[m], #168]\n\t"
+ "ldr r9, [%[a], #168]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r10, [%[m], #172]\n\t"
+ "ldr r9, [%[a], #172]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r10, [%[m], #176]\n\t"
+ "ldr r9, [%[a], #176]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r10, [%[m], #180]\n\t"
+ "ldr r9, [%[a], #180]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r10, [%[m], #184]\n\t"
+ "ldr r9, [%[a], #184]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r10, [%[m], #188]\n\t"
+ "ldr r9, [%[a], #188]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #188]\n\t"
+ /* a[i+48] += m[48] * mu */
+ "ldr r10, [%[m], #192]\n\t"
+ "ldr r9, [%[a], #192]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #192]\n\t"
+ /* a[i+49] += m[49] * mu */
+ "ldr r10, [%[m], #196]\n\t"
+ "ldr r9, [%[a], #196]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #196]\n\t"
+ /* a[i+50] += m[50] * mu */
+ "ldr r10, [%[m], #200]\n\t"
+ "ldr r9, [%[a], #200]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #200]\n\t"
+ /* a[i+51] += m[51] * mu */
+ "ldr r10, [%[m], #204]\n\t"
+ "ldr r9, [%[a], #204]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #204]\n\t"
+ /* a[i+52] += m[52] * mu */
+ "ldr r10, [%[m], #208]\n\t"
+ "ldr r9, [%[a], #208]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #208]\n\t"
+ /* a[i+53] += m[53] * mu */
+ "ldr r10, [%[m], #212]\n\t"
+ "ldr r9, [%[a], #212]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #212]\n\t"
+ /* a[i+54] += m[54] * mu */
+ "ldr r10, [%[m], #216]\n\t"
+ "ldr r9, [%[a], #216]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #216]\n\t"
+ /* a[i+55] += m[55] * mu */
+ "ldr r10, [%[m], #220]\n\t"
+ "ldr r9, [%[a], #220]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #220]\n\t"
+ /* a[i+56] += m[56] * mu */
+ "ldr r10, [%[m], #224]\n\t"
+ "ldr r9, [%[a], #224]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #224]\n\t"
+ /* a[i+57] += m[57] * mu */
+ "ldr r10, [%[m], #228]\n\t"
+ "ldr r9, [%[a], #228]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #228]\n\t"
+ /* a[i+58] += m[58] * mu */
+ "ldr r10, [%[m], #232]\n\t"
+ "ldr r9, [%[a], #232]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #232]\n\t"
+ /* a[i+59] += m[59] * mu */
+ "ldr r10, [%[m], #236]\n\t"
+ "ldr r9, [%[a], #236]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #236]\n\t"
+ /* a[i+60] += m[60] * mu */
+ "ldr r10, [%[m], #240]\n\t"
+ "ldr r9, [%[a], #240]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #240]\n\t"
+ /* a[i+61] += m[61] * mu */
+ "ldr r10, [%[m], #244]\n\t"
+ "ldr r9, [%[a], #244]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #244]\n\t"
+ /* a[i+62] += m[62] * mu */
+ "ldr r10, [%[m], #248]\n\t"
+ "ldr r9, [%[a], #248]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #248]\n\t"
+ /* a[i+63] += m[63] * mu */
+ "ldr r10, [%[m], #252]\n\t"
+ "ldr r9, [%[a], #252]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #252]\n\t"
+ /* a[i+64] += m[64] * mu */
+ "ldr r10, [%[m], #256]\n\t"
+ "ldr r9, [%[a], #256]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #256]\n\t"
+ /* a[i+65] += m[65] * mu */
+ "ldr r10, [%[m], #260]\n\t"
+ "ldr r9, [%[a], #260]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #260]\n\t"
+ /* a[i+66] += m[66] * mu */
+ "ldr r10, [%[m], #264]\n\t"
+ "ldr r9, [%[a], #264]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #264]\n\t"
+ /* a[i+67] += m[67] * mu */
+ "ldr r10, [%[m], #268]\n\t"
+ "ldr r9, [%[a], #268]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #268]\n\t"
+ /* a[i+68] += m[68] * mu */
+ "ldr r10, [%[m], #272]\n\t"
+ "ldr r9, [%[a], #272]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #272]\n\t"
+ /* a[i+69] += m[69] * mu */
+ "ldr r10, [%[m], #276]\n\t"
+ "ldr r9, [%[a], #276]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #276]\n\t"
+ /* a[i+70] += m[70] * mu */
+ "ldr r10, [%[m], #280]\n\t"
+ "ldr r9, [%[a], #280]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #280]\n\t"
+ /* a[i+71] += m[71] * mu */
+ "ldr r10, [%[m], #284]\n\t"
+ "ldr r9, [%[a], #284]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #284]\n\t"
+ /* a[i+72] += m[72] * mu */
+ "ldr r10, [%[m], #288]\n\t"
+ "ldr r9, [%[a], #288]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #288]\n\t"
+ /* a[i+73] += m[73] * mu */
+ "ldr r10, [%[m], #292]\n\t"
+ "ldr r9, [%[a], #292]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #292]\n\t"
+ /* a[i+74] += m[74] * mu */
+ "ldr r10, [%[m], #296]\n\t"
+ "ldr r9, [%[a], #296]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #296]\n\t"
+ /* a[i+75] += m[75] * mu */
+ "ldr r10, [%[m], #300]\n\t"
+ "ldr r9, [%[a], #300]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #300]\n\t"
+ /* a[i+76] += m[76] * mu */
+ "ldr r10, [%[m], #304]\n\t"
+ "ldr r9, [%[a], #304]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #304]\n\t"
+ /* a[i+77] += m[77] * mu */
+ "ldr r10, [%[m], #308]\n\t"
+ "ldr r9, [%[a], #308]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #308]\n\t"
+ /* a[i+78] += m[78] * mu */
+ "ldr r10, [%[m], #312]\n\t"
+ "ldr r9, [%[a], #312]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #312]\n\t"
+ /* a[i+79] += m[79] * mu */
+ "ldr r10, [%[m], #316]\n\t"
+ "ldr r9, [%[a], #316]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #316]\n\t"
+ /* a[i+80] += m[80] * mu */
+ "ldr r10, [%[m], #320]\n\t"
+ "ldr r9, [%[a], #320]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #320]\n\t"
+ /* a[i+81] += m[81] * mu */
+ "ldr r10, [%[m], #324]\n\t"
+ "ldr r9, [%[a], #324]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #324]\n\t"
+ /* a[i+82] += m[82] * mu */
+ "ldr r10, [%[m], #328]\n\t"
+ "ldr r9, [%[a], #328]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #328]\n\t"
+ /* a[i+83] += m[83] * mu */
+ "ldr r10, [%[m], #332]\n\t"
+ "ldr r9, [%[a], #332]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #332]\n\t"
+ /* a[i+84] += m[84] * mu */
+ "ldr r10, [%[m], #336]\n\t"
+ "ldr r9, [%[a], #336]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #336]\n\t"
+ /* a[i+85] += m[85] * mu */
+ "ldr r10, [%[m], #340]\n\t"
+ "ldr r9, [%[a], #340]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #340]\n\t"
+ /* a[i+86] += m[86] * mu */
+ "ldr r10, [%[m], #344]\n\t"
+ "ldr r9, [%[a], #344]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #344]\n\t"
+ /* a[i+87] += m[87] * mu */
+ "ldr r10, [%[m], #348]\n\t"
+ "ldr r9, [%[a], #348]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #348]\n\t"
+ /* a[i+88] += m[88] * mu */
+ "ldr r10, [%[m], #352]\n\t"
+ "ldr r9, [%[a], #352]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #352]\n\t"
+ /* a[i+89] += m[89] * mu */
+ "ldr r10, [%[m], #356]\n\t"
+ "ldr r9, [%[a], #356]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #356]\n\t"
+ /* a[i+90] += m[90] * mu */
+ "ldr r10, [%[m], #360]\n\t"
+ "ldr r9, [%[a], #360]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #360]\n\t"
+ /* a[i+91] += m[91] * mu */
+ "ldr r10, [%[m], #364]\n\t"
+ "ldr r9, [%[a], #364]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #364]\n\t"
+ /* a[i+92] += m[92] * mu */
+ "ldr r10, [%[m], #368]\n\t"
+ "ldr r9, [%[a], #368]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #368]\n\t"
+ /* a[i+93] += m[93] * mu */
+ "ldr r10, [%[m], #372]\n\t"
+ "ldr r9, [%[a], #372]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #372]\n\t"
+ /* a[i+94] += m[94] * mu */
+ "ldr r10, [%[m], #376]\n\t"
+ "ldr r9, [%[a], #376]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #376]\n\t"
+ /* a[i+95] += m[95] * mu */
+ "ldr r10, [%[m], #380]\n\t"
+ "ldr r9, [%[a], #380]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #384]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #380]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #384]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0x180\n\t"
+ "blt L_sp_3072_mont_reduce_96_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
+
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -41426,7 +42178,7 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -41440,7 +42192,7 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -41458,9 +42210,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
@@ -41481,7 +42233,7 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -41495,9 +42247,9 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -41671,7 +42423,7 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -41689,9 +42441,9 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -41731,7 +42483,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -41748,9 +42500,9 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -41780,7 +42532,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_3072_word_96_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -41808,7 +42560,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -41836,7 +42588,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -41869,7 +42621,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -41884,8 +42636,8 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[192], t2[97];
sp_digit div, r1;
@@ -41941,7 +42693,8 @@ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, s
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_3072_div_96_cond(a, m, NULL, r);
}
@@ -41987,8 +42740,8 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
*/
static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -41996,7 +42749,7 @@ static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
"mov r5, #0\n\t"
"mov r3, #-1\n\t"
#ifdef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r4, #0x1\n\t"
"lsl r4, r4, #8\n\t"
"add r4, r4, #0x7c\n\t"
@@ -43081,7 +43834,7 @@ static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -43095,8 +43848,8 @@ static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[192], t2[97];
sp_digit div, r1;
@@ -43136,7 +43889,8 @@ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_dig
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_3072_div_96(a, m, NULL, r);
}
@@ -43616,10 +44370,10 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
*/
static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -43640,7 +44394,7 @@ static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -43656,10 +44410,10 @@ static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r8, #0\n\t"
@@ -43834,7 +44588,7 @@ static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp
"adc %[r], r8, r8\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -44156,9 +44910,9 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
#ifdef HAVE_FFDHE_3072
static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register byte n asm ("r2") = n_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register byte n asm ("r2") = (byte)n_p;
__asm__ __volatile__ (
"rsb r12, %[n], #31\n\t"
@@ -44740,7 +45494,7 @@ static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p)
"str r4, [%[r], #4]\n\t"
: [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : "memory", "r4", "r5", "r6", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
);
}
@@ -45042,14 +45796,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -45161,8 +45915,8 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a)
*/
static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -45392,7 +46146,7 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -45405,12 +46159,11 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -45635,10 +46388,11 @@ static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -45728,9 +46482,9 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
*/
static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -45752,7 +46506,7 @@ static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -45766,16 +46520,15 @@ static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0x200\n\t"
"\n"
"L_sp_4096_sub_in_pkace_128_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -45783,13 +46536,13 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_4096_sub_in_pkace_128_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -45804,16 +46557,19 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x400\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_4096_mul_128_outer_%=: \n\t"
"subs r3, r5, #0x1fc\n\t"
@@ -45824,7 +46580,44 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
"L_sp_4096_mul_128_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -45861,10 +46654,46 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0x200\n\t"
- "beq L_sp_4096_mul_128_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_4096_mul_128_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_4096_mul_128_inner_done_%=\n\t"
+ "blt L_sp_4096_mul_128_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_4096_mul_128_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -45872,18 +46701,50 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x3f8\n\t"
+ "cmp r5, #0x3f4\n\t"
"ble L_sp_4096_mul_128_outer_%=\n\t"
+ "ldr lr, [%[a], #508]\n\t"
+ "ldr r11, [%[b], #508]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_4096_mul_128_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_4096_mul_128_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -45894,29 +46755,28 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
*/
static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x400\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_4096_sqr_128_outer_%=: \n\t"
"subs r3, r5, #0x1fc\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_4096_sqr_128_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_4096_sqr_128_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -45965,11 +46825,13 @@ static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_4096_sqr_128_op_done_%=\n\t"
- "\n"
- "L_sp_4096_sqr_128_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_4096_sqr_128_inner_done_%=\n\t"
+ "blt L_sp_4096_sqr_128_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -45996,39 +46858,55 @@ static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_4096_sqr_128_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0x200\n\t"
- "beq L_sp_4096_sqr_128_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_4096_sqr_128_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_4096_sqr_128_inner_%=\n\t"
- "\n"
"L_sp_4096_sqr_128_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x3f8\n\t"
+ "cmp r5, #0x3f4\n\t"
"ble L_sp_4096_sqr_128_outer_%=\n\t"
+ "ldr lr, [%[a], #508]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_4096_sqr_128_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_4096_sqr_128_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -46057,15 +46935,14 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
*/
static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -46098,7 +46975,7 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_4096_mul_d_128_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -46143,7 +47020,7 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #512]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -46156,15 +47033,14 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -46189,5051 +47065,4043 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[17] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[18] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[19] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[20] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[21] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[22] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[23] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[24] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[25] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[26] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[27] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[28] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[29] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[30] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[31] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[32] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[33] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[34] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[35] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[36] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[37] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[38] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[39] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[40] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[41] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[42] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[43] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[44] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[45] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[46] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[47] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[48] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[49] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[50] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[51] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[52] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[53] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[54] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[55] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[56] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[57] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[58] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[59] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[60] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[61] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[62] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[63] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[64] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[65] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[66] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[67] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[68] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[69] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[70] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[71] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[72] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[73] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[74] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[75] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[76] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[77] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[78] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[79] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[80] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[81] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[82] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[83] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[84] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[85] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[86] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[87] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[88] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[89] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[90] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[91] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[92] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[93] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[94] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[95] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[96] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[97] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[98] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[99] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[100] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[101] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[102] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[103] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[104] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[105] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[106] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[107] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[108] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[109] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[110] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[111] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[112] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[113] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[114] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[115] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[116] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[117] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[118] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[119] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[120] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[121] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[122] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[123] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[124] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[125] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[126] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[127] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -51259,15 +51127,13 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
"str r5, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -51299,10 +51165,10 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
*/
static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -51323,7 +51189,7 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -51339,10 +51205,10 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
*/
static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -51797,12 +51663,13 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 4096 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -51811,12 +51678,12 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
*/
static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -51829,10 +51696,9 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -51856,14 +51722,8 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -51887,18 +51747,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -51922,17 +51776,11 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -51956,18 +51804,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -51991,18 +51833,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52026,18 +51862,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52061,18 +51891,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52096,18 +51920,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52131,18 +51949,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52166,18 +51978,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52201,18 +52007,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52236,18 +52036,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52271,18 +52065,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52306,18 +52094,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52341,18 +52123,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52376,18 +52152,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
"ldr r7, [%[m], #64]\n\t"
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52411,18 +52181,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+17] += m[17] * mu */
"ldr r7, [%[m], #68]\n\t"
"ldr r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52446,18 +52210,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #68]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+18] += m[18] * mu */
"ldr r7, [%[m], #72]\n\t"
"ldr r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52481,18 +52239,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #72]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+19] += m[19] * mu */
"ldr r7, [%[m], #76]\n\t"
"ldr r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52516,18 +52268,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #76]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+20] += m[20] * mu */
"ldr r7, [%[m], #80]\n\t"
"ldr r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52551,18 +52297,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #80]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+21] += m[21] * mu */
"ldr r7, [%[m], #84]\n\t"
"ldr r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52586,18 +52326,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #84]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+22] += m[22] * mu */
"ldr r7, [%[m], #88]\n\t"
"ldr r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52621,18 +52355,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #88]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+23] += m[23] * mu */
"ldr r7, [%[m], #92]\n\t"
"ldr r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52656,18 +52384,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #92]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+24] += m[24] * mu */
"ldr r7, [%[m], #96]\n\t"
"ldr r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52691,18 +52413,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #96]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+25] += m[25] * mu */
"ldr r7, [%[m], #100]\n\t"
"ldr r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52726,18 +52442,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #100]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+26] += m[26] * mu */
"ldr r7, [%[m], #104]\n\t"
"ldr r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52761,18 +52471,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #104]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+27] += m[27] * mu */
"ldr r7, [%[m], #108]\n\t"
"ldr r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52796,18 +52500,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #108]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+28] += m[28] * mu */
"ldr r7, [%[m], #112]\n\t"
"ldr r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52831,18 +52529,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #112]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+29] += m[29] * mu */
"ldr r7, [%[m], #116]\n\t"
"ldr r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52866,18 +52558,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #116]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+30] += m[30] * mu */
"ldr r7, [%[m], #120]\n\t"
"ldr r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52901,18 +52587,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #120]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+31] += m[31] * mu */
"ldr r7, [%[m], #124]\n\t"
"ldr r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -52936,18 +52616,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #124]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+32] += m[32] * mu */
"ldr r7, [%[m], #128]\n\t"
"ldr r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -52971,18 +52645,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #128]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+33] += m[33] * mu */
"ldr r7, [%[m], #132]\n\t"
"ldr r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53006,18 +52674,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #132]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+34] += m[34] * mu */
"ldr r7, [%[m], #136]\n\t"
"ldr r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53041,18 +52703,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #136]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+35] += m[35] * mu */
"ldr r7, [%[m], #140]\n\t"
"ldr r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53076,18 +52732,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #140]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+36] += m[36] * mu */
"ldr r7, [%[m], #144]\n\t"
"ldr r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53111,18 +52761,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #144]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+37] += m[37] * mu */
"ldr r7, [%[m], #148]\n\t"
"ldr r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53146,18 +52790,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #148]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+38] += m[38] * mu */
"ldr r7, [%[m], #152]\n\t"
"ldr r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53181,18 +52819,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #152]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+39] += m[39] * mu */
"ldr r7, [%[m], #156]\n\t"
"ldr r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53216,18 +52848,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #156]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+40] += m[40] * mu */
"ldr r7, [%[m], #160]\n\t"
"ldr r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53251,18 +52877,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #160]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+41] += m[41] * mu */
"ldr r7, [%[m], #164]\n\t"
"ldr r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53286,18 +52906,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #164]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+42] += m[42] * mu */
"ldr r7, [%[m], #168]\n\t"
"ldr r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53321,18 +52935,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #168]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+43] += m[43] * mu */
"ldr r7, [%[m], #172]\n\t"
"ldr r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53356,18 +52964,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #172]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+44] += m[44] * mu */
"ldr r7, [%[m], #176]\n\t"
"ldr r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53391,18 +52993,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #176]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+45] += m[45] * mu */
"ldr r7, [%[m], #180]\n\t"
"ldr r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53426,18 +53022,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #180]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+46] += m[46] * mu */
"ldr r7, [%[m], #184]\n\t"
"ldr r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53461,18 +53051,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #184]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+47] += m[47] * mu */
"ldr r7, [%[m], #188]\n\t"
"ldr r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53496,18 +53080,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #188]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+48] += m[48] * mu */
"ldr r7, [%[m], #192]\n\t"
"ldr r10, [%[a], #192]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53531,18 +53109,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #192]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+49] += m[49] * mu */
"ldr r7, [%[m], #196]\n\t"
"ldr r10, [%[a], #196]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53566,18 +53138,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #196]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+50] += m[50] * mu */
"ldr r7, [%[m], #200]\n\t"
"ldr r10, [%[a], #200]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53601,18 +53167,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #200]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+51] += m[51] * mu */
"ldr r7, [%[m], #204]\n\t"
"ldr r10, [%[a], #204]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53636,18 +53196,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #204]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+52] += m[52] * mu */
"ldr r7, [%[m], #208]\n\t"
"ldr r10, [%[a], #208]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53671,18 +53225,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #208]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+53] += m[53] * mu */
"ldr r7, [%[m], #212]\n\t"
"ldr r10, [%[a], #212]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53706,18 +53254,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #212]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+54] += m[54] * mu */
"ldr r7, [%[m], #216]\n\t"
"ldr r10, [%[a], #216]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53741,18 +53283,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #216]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+55] += m[55] * mu */
"ldr r7, [%[m], #220]\n\t"
"ldr r10, [%[a], #220]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53776,18 +53312,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #220]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+56] += m[56] * mu */
"ldr r7, [%[m], #224]\n\t"
"ldr r10, [%[a], #224]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53811,18 +53341,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #224]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+57] += m[57] * mu */
"ldr r7, [%[m], #228]\n\t"
"ldr r10, [%[a], #228]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53846,18 +53370,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #228]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+58] += m[58] * mu */
"ldr r7, [%[m], #232]\n\t"
"ldr r10, [%[a], #232]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53881,18 +53399,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #232]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+59] += m[59] * mu */
"ldr r7, [%[m], #236]\n\t"
"ldr r10, [%[a], #236]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53916,18 +53428,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #236]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+60] += m[60] * mu */
"ldr r7, [%[m], #240]\n\t"
"ldr r10, [%[a], #240]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -53951,18 +53457,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #240]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+61] += m[61] * mu */
"ldr r7, [%[m], #244]\n\t"
"ldr r10, [%[a], #244]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -53986,18 +53486,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #244]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+62] += m[62] * mu */
"ldr r7, [%[m], #248]\n\t"
"ldr r10, [%[a], #248]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54021,18 +53515,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #248]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+63] += m[63] * mu */
"ldr r7, [%[m], #252]\n\t"
"ldr r10, [%[a], #252]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54056,18 +53544,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #252]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+64] += m[64] * mu */
"ldr r7, [%[m], #256]\n\t"
"ldr r10, [%[a], #256]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54091,18 +53573,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #256]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+65] += m[65] * mu */
"ldr r7, [%[m], #260]\n\t"
"ldr r10, [%[a], #260]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54126,18 +53602,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #260]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+66] += m[66] * mu */
"ldr r7, [%[m], #264]\n\t"
"ldr r10, [%[a], #264]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54161,18 +53631,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #264]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+67] += m[67] * mu */
"ldr r7, [%[m], #268]\n\t"
"ldr r10, [%[a], #268]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54196,18 +53660,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #268]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+68] += m[68] * mu */
"ldr r7, [%[m], #272]\n\t"
"ldr r10, [%[a], #272]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54231,18 +53689,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #272]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+69] += m[69] * mu */
"ldr r7, [%[m], #276]\n\t"
"ldr r10, [%[a], #276]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54266,18 +53718,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #276]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+70] += m[70] * mu */
"ldr r7, [%[m], #280]\n\t"
"ldr r10, [%[a], #280]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54301,18 +53747,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #280]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+71] += m[71] * mu */
"ldr r7, [%[m], #284]\n\t"
"ldr r10, [%[a], #284]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54336,18 +53776,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #284]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+72] += m[72] * mu */
"ldr r7, [%[m], #288]\n\t"
"ldr r10, [%[a], #288]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54371,18 +53805,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #288]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+73] += m[73] * mu */
"ldr r7, [%[m], #292]\n\t"
"ldr r10, [%[a], #292]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54406,18 +53834,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #292]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+74] += m[74] * mu */
"ldr r7, [%[m], #296]\n\t"
"ldr r10, [%[a], #296]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54441,18 +53863,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #296]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+75] += m[75] * mu */
"ldr r7, [%[m], #300]\n\t"
"ldr r10, [%[a], #300]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54476,18 +53892,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #300]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+76] += m[76] * mu */
"ldr r7, [%[m], #304]\n\t"
"ldr r10, [%[a], #304]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54511,18 +53921,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #304]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+77] += m[77] * mu */
"ldr r7, [%[m], #308]\n\t"
"ldr r10, [%[a], #308]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54546,18 +53950,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #308]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+78] += m[78] * mu */
"ldr r7, [%[m], #312]\n\t"
"ldr r10, [%[a], #312]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54581,18 +53979,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #312]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+79] += m[79] * mu */
"ldr r7, [%[m], #316]\n\t"
"ldr r10, [%[a], #316]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54616,18 +54008,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #316]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+80] += m[80] * mu */
"ldr r7, [%[m], #320]\n\t"
"ldr r10, [%[a], #320]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54651,18 +54037,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #320]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+81] += m[81] * mu */
"ldr r7, [%[m], #324]\n\t"
"ldr r10, [%[a], #324]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54686,18 +54066,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #324]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+82] += m[82] * mu */
"ldr r7, [%[m], #328]\n\t"
"ldr r10, [%[a], #328]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54721,18 +54095,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #328]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+83] += m[83] * mu */
"ldr r7, [%[m], #332]\n\t"
"ldr r10, [%[a], #332]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54756,18 +54124,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #332]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+84] += m[84] * mu */
"ldr r7, [%[m], #336]\n\t"
"ldr r10, [%[a], #336]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54791,18 +54153,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #336]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+85] += m[85] * mu */
"ldr r7, [%[m], #340]\n\t"
"ldr r10, [%[a], #340]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54826,18 +54182,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #340]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+86] += m[86] * mu */
"ldr r7, [%[m], #344]\n\t"
"ldr r10, [%[a], #344]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54861,18 +54211,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #344]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+87] += m[87] * mu */
"ldr r7, [%[m], #348]\n\t"
"ldr r10, [%[a], #348]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54896,18 +54240,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #348]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+88] += m[88] * mu */
"ldr r7, [%[m], #352]\n\t"
"ldr r10, [%[a], #352]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -54931,18 +54269,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #352]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+89] += m[89] * mu */
"ldr r7, [%[m], #356]\n\t"
"ldr r10, [%[a], #356]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -54966,18 +54298,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #356]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+90] += m[90] * mu */
"ldr r7, [%[m], #360]\n\t"
"ldr r10, [%[a], #360]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55001,18 +54327,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #360]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+91] += m[91] * mu */
"ldr r7, [%[m], #364]\n\t"
"ldr r10, [%[a], #364]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55036,18 +54356,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #364]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+92] += m[92] * mu */
"ldr r7, [%[m], #368]\n\t"
"ldr r10, [%[a], #368]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55071,18 +54385,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #368]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+93] += m[93] * mu */
"ldr r7, [%[m], #372]\n\t"
"ldr r10, [%[a], #372]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55106,18 +54414,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #372]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+94] += m[94] * mu */
"ldr r7, [%[m], #376]\n\t"
"ldr r10, [%[a], #376]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55141,18 +54443,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #376]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+95] += m[95] * mu */
"ldr r7, [%[m], #380]\n\t"
"ldr r10, [%[a], #380]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55176,18 +54472,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #380]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+96] += m[96] * mu */
"ldr r7, [%[m], #384]\n\t"
"ldr r10, [%[a], #384]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55211,18 +54501,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #384]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+97] += m[97] * mu */
"ldr r7, [%[m], #388]\n\t"
"ldr r10, [%[a], #388]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55246,18 +54530,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #388]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+98] += m[98] * mu */
"ldr r7, [%[m], #392]\n\t"
"ldr r10, [%[a], #392]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55281,18 +54559,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #392]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+99] += m[99] * mu */
"ldr r7, [%[m], #396]\n\t"
"ldr r10, [%[a], #396]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55316,18 +54588,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #396]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+100] += m[100] * mu */
"ldr r7, [%[m], #400]\n\t"
"ldr r10, [%[a], #400]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55351,18 +54617,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #400]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+101] += m[101] * mu */
"ldr r7, [%[m], #404]\n\t"
"ldr r10, [%[a], #404]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55386,18 +54646,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #404]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+102] += m[102] * mu */
"ldr r7, [%[m], #408]\n\t"
"ldr r10, [%[a], #408]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55421,18 +54675,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #408]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+103] += m[103] * mu */
"ldr r7, [%[m], #412]\n\t"
"ldr r10, [%[a], #412]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55456,18 +54704,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #412]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+104] += m[104] * mu */
"ldr r7, [%[m], #416]\n\t"
"ldr r10, [%[a], #416]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55491,18 +54733,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #416]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+105] += m[105] * mu */
"ldr r7, [%[m], #420]\n\t"
"ldr r10, [%[a], #420]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55526,18 +54762,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #420]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+106] += m[106] * mu */
"ldr r7, [%[m], #424]\n\t"
"ldr r10, [%[a], #424]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55561,18 +54791,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #424]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+107] += m[107] * mu */
"ldr r7, [%[m], #428]\n\t"
"ldr r10, [%[a], #428]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55596,18 +54820,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #428]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+108] += m[108] * mu */
"ldr r7, [%[m], #432]\n\t"
"ldr r10, [%[a], #432]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55631,18 +54849,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #432]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+109] += m[109] * mu */
"ldr r7, [%[m], #436]\n\t"
"ldr r10, [%[a], #436]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55666,18 +54878,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #436]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+110] += m[110] * mu */
"ldr r7, [%[m], #440]\n\t"
"ldr r10, [%[a], #440]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55701,18 +54907,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #440]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+111] += m[111] * mu */
"ldr r7, [%[m], #444]\n\t"
"ldr r10, [%[a], #444]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55736,18 +54936,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #444]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+112] += m[112] * mu */
"ldr r7, [%[m], #448]\n\t"
"ldr r10, [%[a], #448]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55771,18 +54965,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #448]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+113] += m[113] * mu */
"ldr r7, [%[m], #452]\n\t"
"ldr r10, [%[a], #452]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55806,18 +54994,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #452]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+114] += m[114] * mu */
"ldr r7, [%[m], #456]\n\t"
"ldr r10, [%[a], #456]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55841,18 +55023,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #456]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+115] += m[115] * mu */
"ldr r7, [%[m], #460]\n\t"
"ldr r10, [%[a], #460]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55876,18 +55052,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #460]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+116] += m[116] * mu */
"ldr r7, [%[m], #464]\n\t"
"ldr r10, [%[a], #464]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55911,18 +55081,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #464]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+117] += m[117] * mu */
"ldr r7, [%[m], #468]\n\t"
"ldr r10, [%[a], #468]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -55946,18 +55110,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #468]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+118] += m[118] * mu */
"ldr r7, [%[m], #472]\n\t"
"ldr r10, [%[a], #472]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -55981,18 +55139,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #472]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+119] += m[119] * mu */
"ldr r7, [%[m], #476]\n\t"
"ldr r10, [%[a], #476]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -56016,18 +55168,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #476]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+120] += m[120] * mu */
"ldr r7, [%[m], #480]\n\t"
"ldr r10, [%[a], #480]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -56051,18 +55197,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #480]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+121] += m[121] * mu */
"ldr r7, [%[m], #484]\n\t"
"ldr r10, [%[a], #484]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -56086,18 +55226,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #484]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+122] += m[122] * mu */
"ldr r7, [%[m], #488]\n\t"
"ldr r10, [%[a], #488]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -56121,18 +55255,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #488]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+123] += m[123] * mu */
"ldr r7, [%[m], #492]\n\t"
"ldr r10, [%[a], #492]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -56156,18 +55284,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #492]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+124] += m[124] * mu */
"ldr r7, [%[m], #496]\n\t"
"ldr r10, [%[a], #496]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -56191,18 +55313,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #496]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+125] += m[125] * mu */
"ldr r7, [%[m], #500]\n\t"
"ldr r10, [%[a], #500]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -56226,18 +55342,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #500]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+126] += m[126] * mu */
"ldr r7, [%[m], #504]\n\t"
"ldr r10, [%[a], #504]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -56261,22 +55371,16 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #504]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+127] += m[127] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #508]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #508]\n\t"
+#else
+ "ldr r7, [%[m], #508]\n\t"
#endif
"ldr r10, [%[a], #508]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -56307,13 +55411,1069 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #508]\n\t"
+ "ldr r10, [%[a], #512]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #512]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0x200\n\t"
+ "blt L_sp_4096_mont_reduce_128_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r7, [%[m], #68]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r7, [%[m], #72]\n\t"
+ "ldr r10, [%[a], #72]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #72]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r7, [%[m], #76]\n\t"
+ "ldr r10, [%[a], #76]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #76]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r7, [%[m], #80]\n\t"
+ "ldr r10, [%[a], #80]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #80]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r7, [%[m], #84]\n\t"
+ "ldr r10, [%[a], #84]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #84]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r7, [%[m], #88]\n\t"
+ "ldr r10, [%[a], #88]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #88]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r7, [%[m], #92]\n\t"
+ "ldr r10, [%[a], #92]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #92]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r7, [%[m], #96]\n\t"
+ "ldr r10, [%[a], #96]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #96]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r7, [%[m], #100]\n\t"
+ "ldr r10, [%[a], #100]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #100]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r7, [%[m], #104]\n\t"
+ "ldr r10, [%[a], #104]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #104]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r7, [%[m], #108]\n\t"
+ "ldr r10, [%[a], #108]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #108]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r7, [%[m], #112]\n\t"
+ "ldr r10, [%[a], #112]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #112]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r7, [%[m], #116]\n\t"
+ "ldr r10, [%[a], #116]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #116]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r7, [%[m], #120]\n\t"
+ "ldr r10, [%[a], #120]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #120]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r7, [%[m], #124]\n\t"
+ "ldr r10, [%[a], #124]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #124]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r7, [%[m], #128]\n\t"
+ "ldr r10, [%[a], #128]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #128]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r7, [%[m], #132]\n\t"
+ "ldr r10, [%[a], #132]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #132]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r7, [%[m], #136]\n\t"
+ "ldr r10, [%[a], #136]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #136]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r7, [%[m], #140]\n\t"
+ "ldr r10, [%[a], #140]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #140]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r7, [%[m], #144]\n\t"
+ "ldr r10, [%[a], #144]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #144]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r7, [%[m], #148]\n\t"
+ "ldr r10, [%[a], #148]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #148]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r7, [%[m], #152]\n\t"
+ "ldr r10, [%[a], #152]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #152]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r7, [%[m], #156]\n\t"
+ "ldr r10, [%[a], #156]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #156]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r7, [%[m], #160]\n\t"
+ "ldr r10, [%[a], #160]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #160]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r7, [%[m], #164]\n\t"
+ "ldr r10, [%[a], #164]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #164]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r7, [%[m], #168]\n\t"
+ "ldr r10, [%[a], #168]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #168]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r7, [%[m], #172]\n\t"
+ "ldr r10, [%[a], #172]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #172]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r7, [%[m], #176]\n\t"
+ "ldr r10, [%[a], #176]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #176]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r7, [%[m], #180]\n\t"
+ "ldr r10, [%[a], #180]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #180]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r7, [%[m], #184]\n\t"
+ "ldr r10, [%[a], #184]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #184]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r7, [%[m], #188]\n\t"
+ "ldr r10, [%[a], #188]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #188]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+48] += m[48] * mu */
+ "ldr r7, [%[m], #192]\n\t"
+ "ldr r10, [%[a], #192]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #192]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+49] += m[49] * mu */
+ "ldr r7, [%[m], #196]\n\t"
+ "ldr r10, [%[a], #196]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #196]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+50] += m[50] * mu */
+ "ldr r7, [%[m], #200]\n\t"
+ "ldr r10, [%[a], #200]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #200]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+51] += m[51] * mu */
+ "ldr r7, [%[m], #204]\n\t"
+ "ldr r10, [%[a], #204]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #204]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+52] += m[52] * mu */
+ "ldr r7, [%[m], #208]\n\t"
+ "ldr r10, [%[a], #208]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #208]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+53] += m[53] * mu */
+ "ldr r7, [%[m], #212]\n\t"
+ "ldr r10, [%[a], #212]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #212]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+54] += m[54] * mu */
+ "ldr r7, [%[m], #216]\n\t"
+ "ldr r10, [%[a], #216]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #216]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+55] += m[55] * mu */
+ "ldr r7, [%[m], #220]\n\t"
+ "ldr r10, [%[a], #220]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #220]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+56] += m[56] * mu */
+ "ldr r7, [%[m], #224]\n\t"
+ "ldr r10, [%[a], #224]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #224]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+57] += m[57] * mu */
+ "ldr r7, [%[m], #228]\n\t"
+ "ldr r10, [%[a], #228]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #228]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+58] += m[58] * mu */
+ "ldr r7, [%[m], #232]\n\t"
+ "ldr r10, [%[a], #232]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #232]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+59] += m[59] * mu */
+ "ldr r7, [%[m], #236]\n\t"
+ "ldr r10, [%[a], #236]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #236]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+60] += m[60] * mu */
+ "ldr r7, [%[m], #240]\n\t"
+ "ldr r10, [%[a], #240]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #240]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+61] += m[61] * mu */
+ "ldr r7, [%[m], #244]\n\t"
+ "ldr r10, [%[a], #244]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #244]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+62] += m[62] * mu */
+ "ldr r7, [%[m], #248]\n\t"
+ "ldr r10, [%[a], #248]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #248]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+63] += m[63] * mu */
+ "ldr r7, [%[m], #252]\n\t"
+ "ldr r10, [%[a], #252]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #252]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+64] += m[64] * mu */
+ "ldr r7, [%[m], #256]\n\t"
+ "ldr r10, [%[a], #256]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #256]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+65] += m[65] * mu */
+ "ldr r7, [%[m], #260]\n\t"
+ "ldr r10, [%[a], #260]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #260]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+66] += m[66] * mu */
+ "ldr r7, [%[m], #264]\n\t"
+ "ldr r10, [%[a], #264]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #264]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+67] += m[67] * mu */
+ "ldr r7, [%[m], #268]\n\t"
+ "ldr r10, [%[a], #268]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #268]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+68] += m[68] * mu */
+ "ldr r7, [%[m], #272]\n\t"
+ "ldr r10, [%[a], #272]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #272]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+69] += m[69] * mu */
+ "ldr r7, [%[m], #276]\n\t"
+ "ldr r10, [%[a], #276]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #276]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+70] += m[70] * mu */
+ "ldr r7, [%[m], #280]\n\t"
+ "ldr r10, [%[a], #280]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #280]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+71] += m[71] * mu */
+ "ldr r7, [%[m], #284]\n\t"
+ "ldr r10, [%[a], #284]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #284]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+72] += m[72] * mu */
+ "ldr r7, [%[m], #288]\n\t"
+ "ldr r10, [%[a], #288]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #288]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+73] += m[73] * mu */
+ "ldr r7, [%[m], #292]\n\t"
+ "ldr r10, [%[a], #292]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #292]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+74] += m[74] * mu */
+ "ldr r7, [%[m], #296]\n\t"
+ "ldr r10, [%[a], #296]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #296]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+75] += m[75] * mu */
+ "ldr r7, [%[m], #300]\n\t"
+ "ldr r10, [%[a], #300]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #300]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+76] += m[76] * mu */
+ "ldr r7, [%[m], #304]\n\t"
+ "ldr r10, [%[a], #304]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #304]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+77] += m[77] * mu */
+ "ldr r7, [%[m], #308]\n\t"
+ "ldr r10, [%[a], #308]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #308]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+78] += m[78] * mu */
+ "ldr r7, [%[m], #312]\n\t"
+ "ldr r10, [%[a], #312]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #312]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+79] += m[79] * mu */
+ "ldr r7, [%[m], #316]\n\t"
+ "ldr r10, [%[a], #316]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #316]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+80] += m[80] * mu */
+ "ldr r7, [%[m], #320]\n\t"
+ "ldr r10, [%[a], #320]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #320]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+81] += m[81] * mu */
+ "ldr r7, [%[m], #324]\n\t"
+ "ldr r10, [%[a], #324]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #324]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+82] += m[82] * mu */
+ "ldr r7, [%[m], #328]\n\t"
+ "ldr r10, [%[a], #328]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #328]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+83] += m[83] * mu */
+ "ldr r7, [%[m], #332]\n\t"
+ "ldr r10, [%[a], #332]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #332]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+84] += m[84] * mu */
+ "ldr r7, [%[m], #336]\n\t"
+ "ldr r10, [%[a], #336]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #336]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+85] += m[85] * mu */
+ "ldr r7, [%[m], #340]\n\t"
+ "ldr r10, [%[a], #340]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #340]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+86] += m[86] * mu */
+ "ldr r7, [%[m], #344]\n\t"
+ "ldr r10, [%[a], #344]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #344]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+87] += m[87] * mu */
+ "ldr r7, [%[m], #348]\n\t"
+ "ldr r10, [%[a], #348]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #348]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+88] += m[88] * mu */
+ "ldr r7, [%[m], #352]\n\t"
+ "ldr r10, [%[a], #352]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #352]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+89] += m[89] * mu */
+ "ldr r7, [%[m], #356]\n\t"
+ "ldr r10, [%[a], #356]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #356]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+90] += m[90] * mu */
+ "ldr r7, [%[m], #360]\n\t"
+ "ldr r10, [%[a], #360]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #360]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+91] += m[91] * mu */
+ "ldr r7, [%[m], #364]\n\t"
+ "ldr r10, [%[a], #364]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #364]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+92] += m[92] * mu */
+ "ldr r7, [%[m], #368]\n\t"
+ "ldr r10, [%[a], #368]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #368]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+93] += m[93] * mu */
+ "ldr r7, [%[m], #372]\n\t"
+ "ldr r10, [%[a], #372]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #372]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+94] += m[94] * mu */
+ "ldr r7, [%[m], #376]\n\t"
+ "ldr r10, [%[a], #376]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #376]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+95] += m[95] * mu */
+ "ldr r7, [%[m], #380]\n\t"
+ "ldr r10, [%[a], #380]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #380]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+96] += m[96] * mu */
+ "ldr r7, [%[m], #384]\n\t"
+ "ldr r10, [%[a], #384]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #384]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+97] += m[97] * mu */
+ "ldr r7, [%[m], #388]\n\t"
+ "ldr r10, [%[a], #388]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #388]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+98] += m[98] * mu */
+ "ldr r7, [%[m], #392]\n\t"
+ "ldr r10, [%[a], #392]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #392]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+99] += m[99] * mu */
+ "ldr r7, [%[m], #396]\n\t"
+ "ldr r10, [%[a], #396]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #396]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+100] += m[100] * mu */
+ "ldr r7, [%[m], #400]\n\t"
+ "ldr r10, [%[a], #400]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #400]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+101] += m[101] * mu */
+ "ldr r7, [%[m], #404]\n\t"
+ "ldr r10, [%[a], #404]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #404]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+102] += m[102] * mu */
+ "ldr r7, [%[m], #408]\n\t"
+ "ldr r10, [%[a], #408]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #408]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+103] += m[103] * mu */
+ "ldr r7, [%[m], #412]\n\t"
+ "ldr r10, [%[a], #412]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #412]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+104] += m[104] * mu */
+ "ldr r7, [%[m], #416]\n\t"
+ "ldr r10, [%[a], #416]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #416]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+105] += m[105] * mu */
+ "ldr r7, [%[m], #420]\n\t"
+ "ldr r10, [%[a], #420]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #420]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+106] += m[106] * mu */
+ "ldr r7, [%[m], #424]\n\t"
+ "ldr r10, [%[a], #424]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #424]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+107] += m[107] * mu */
+ "ldr r7, [%[m], #428]\n\t"
+ "ldr r10, [%[a], #428]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #428]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+108] += m[108] * mu */
+ "ldr r7, [%[m], #432]\n\t"
+ "ldr r10, [%[a], #432]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #432]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+109] += m[109] * mu */
+ "ldr r7, [%[m], #436]\n\t"
+ "ldr r10, [%[a], #436]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #436]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+110] += m[110] * mu */
+ "ldr r7, [%[m], #440]\n\t"
+ "ldr r10, [%[a], #440]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #440]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+111] += m[111] * mu */
+ "ldr r7, [%[m], #444]\n\t"
+ "ldr r10, [%[a], #444]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #444]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+112] += m[112] * mu */
+ "ldr r7, [%[m], #448]\n\t"
+ "ldr r10, [%[a], #448]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #448]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+113] += m[113] * mu */
+ "ldr r7, [%[m], #452]\n\t"
+ "ldr r10, [%[a], #452]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #452]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+114] += m[114] * mu */
+ "ldr r7, [%[m], #456]\n\t"
+ "ldr r10, [%[a], #456]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #456]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+115] += m[115] * mu */
+ "ldr r7, [%[m], #460]\n\t"
+ "ldr r10, [%[a], #460]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #460]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+116] += m[116] * mu */
+ "ldr r7, [%[m], #464]\n\t"
+ "ldr r10, [%[a], #464]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #464]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+117] += m[117] * mu */
+ "ldr r7, [%[m], #468]\n\t"
+ "ldr r10, [%[a], #468]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #468]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+118] += m[118] * mu */
+ "ldr r7, [%[m], #472]\n\t"
+ "ldr r10, [%[a], #472]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #472]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+119] += m[119] * mu */
+ "ldr r7, [%[m], #476]\n\t"
+ "ldr r10, [%[a], #476]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #476]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+120] += m[120] * mu */
+ "ldr r7, [%[m], #480]\n\t"
+ "ldr r10, [%[a], #480]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #480]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+121] += m[121] * mu */
+ "ldr r7, [%[m], #484]\n\t"
+ "ldr r10, [%[a], #484]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #484]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+122] += m[122] * mu */
+ "ldr r7, [%[m], #488]\n\t"
+ "ldr r10, [%[a], #488]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #488]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+123] += m[123] * mu */
+ "ldr r7, [%[m], #492]\n\t"
+ "ldr r10, [%[a], #492]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #492]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+124] += m[124] * mu */
+ "ldr r7, [%[m], #496]\n\t"
+ "ldr r10, [%[a], #496]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #496]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+125] += m[125] * mu */
+ "ldr r7, [%[m], #500]\n\t"
+ "ldr r10, [%[a], #500]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #500]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+126] += m[126] * mu */
+ "ldr r7, [%[m], #504]\n\t"
+ "ldr r10, [%[a], #504]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #504]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+127] += m[127] * mu */
+ "ldr r7, [%[m], #508]\n\t"
+ "ldr r10, [%[a], #508]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #508]\n\t"
"ldr r10, [%[a], #512]\n\t"
@@ -56325,16 +56485,703 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
"add %[a], %[a], #4\n\t"
"cmp r9, #0x200\n\t"
"blt L_sp_4096_mont_reduce_128_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
}
+#else
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r10, [%[m], #68]\n\t"
+ "ldr r9, [%[a], #68]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r10, [%[m], #72]\n\t"
+ "ldr r9, [%[a], #72]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r10, [%[m], #76]\n\t"
+ "ldr r9, [%[a], #76]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r10, [%[m], #80]\n\t"
+ "ldr r9, [%[a], #80]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r10, [%[m], #84]\n\t"
+ "ldr r9, [%[a], #84]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r10, [%[m], #88]\n\t"
+ "ldr r9, [%[a], #88]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r10, [%[m], #92]\n\t"
+ "ldr r9, [%[a], #92]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r10, [%[m], #96]\n\t"
+ "ldr r9, [%[a], #96]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r10, [%[m], #100]\n\t"
+ "ldr r9, [%[a], #100]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r10, [%[m], #104]\n\t"
+ "ldr r9, [%[a], #104]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r10, [%[m], #108]\n\t"
+ "ldr r9, [%[a], #108]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r10, [%[m], #112]\n\t"
+ "ldr r9, [%[a], #112]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r10, [%[m], #116]\n\t"
+ "ldr r9, [%[a], #116]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r10, [%[m], #120]\n\t"
+ "ldr r9, [%[a], #120]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r10, [%[m], #124]\n\t"
+ "ldr r9, [%[a], #124]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "ldr r10, [%[m], #128]\n\t"
+ "ldr r9, [%[a], #128]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "ldr r10, [%[m], #132]\n\t"
+ "ldr r9, [%[a], #132]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "ldr r10, [%[m], #136]\n\t"
+ "ldr r9, [%[a], #136]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "ldr r10, [%[m], #140]\n\t"
+ "ldr r9, [%[a], #140]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "ldr r10, [%[m], #144]\n\t"
+ "ldr r9, [%[a], #144]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "ldr r10, [%[m], #148]\n\t"
+ "ldr r9, [%[a], #148]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "ldr r10, [%[m], #152]\n\t"
+ "ldr r9, [%[a], #152]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "ldr r10, [%[m], #156]\n\t"
+ "ldr r9, [%[a], #156]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "ldr r10, [%[m], #160]\n\t"
+ "ldr r9, [%[a], #160]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "ldr r10, [%[m], #164]\n\t"
+ "ldr r9, [%[a], #164]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "ldr r10, [%[m], #168]\n\t"
+ "ldr r9, [%[a], #168]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "ldr r10, [%[m], #172]\n\t"
+ "ldr r9, [%[a], #172]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "ldr r10, [%[m], #176]\n\t"
+ "ldr r9, [%[a], #176]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "ldr r10, [%[m], #180]\n\t"
+ "ldr r9, [%[a], #180]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "ldr r10, [%[m], #184]\n\t"
+ "ldr r9, [%[a], #184]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "ldr r10, [%[m], #188]\n\t"
+ "ldr r9, [%[a], #188]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #188]\n\t"
+ /* a[i+48] += m[48] * mu */
+ "ldr r10, [%[m], #192]\n\t"
+ "ldr r9, [%[a], #192]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #192]\n\t"
+ /* a[i+49] += m[49] * mu */
+ "ldr r10, [%[m], #196]\n\t"
+ "ldr r9, [%[a], #196]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #196]\n\t"
+ /* a[i+50] += m[50] * mu */
+ "ldr r10, [%[m], #200]\n\t"
+ "ldr r9, [%[a], #200]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #200]\n\t"
+ /* a[i+51] += m[51] * mu */
+ "ldr r10, [%[m], #204]\n\t"
+ "ldr r9, [%[a], #204]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #204]\n\t"
+ /* a[i+52] += m[52] * mu */
+ "ldr r10, [%[m], #208]\n\t"
+ "ldr r9, [%[a], #208]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #208]\n\t"
+ /* a[i+53] += m[53] * mu */
+ "ldr r10, [%[m], #212]\n\t"
+ "ldr r9, [%[a], #212]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #212]\n\t"
+ /* a[i+54] += m[54] * mu */
+ "ldr r10, [%[m], #216]\n\t"
+ "ldr r9, [%[a], #216]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #216]\n\t"
+ /* a[i+55] += m[55] * mu */
+ "ldr r10, [%[m], #220]\n\t"
+ "ldr r9, [%[a], #220]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #220]\n\t"
+ /* a[i+56] += m[56] * mu */
+ "ldr r10, [%[m], #224]\n\t"
+ "ldr r9, [%[a], #224]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #224]\n\t"
+ /* a[i+57] += m[57] * mu */
+ "ldr r10, [%[m], #228]\n\t"
+ "ldr r9, [%[a], #228]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #228]\n\t"
+ /* a[i+58] += m[58] * mu */
+ "ldr r10, [%[m], #232]\n\t"
+ "ldr r9, [%[a], #232]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #232]\n\t"
+ /* a[i+59] += m[59] * mu */
+ "ldr r10, [%[m], #236]\n\t"
+ "ldr r9, [%[a], #236]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #236]\n\t"
+ /* a[i+60] += m[60] * mu */
+ "ldr r10, [%[m], #240]\n\t"
+ "ldr r9, [%[a], #240]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #240]\n\t"
+ /* a[i+61] += m[61] * mu */
+ "ldr r10, [%[m], #244]\n\t"
+ "ldr r9, [%[a], #244]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #244]\n\t"
+ /* a[i+62] += m[62] * mu */
+ "ldr r10, [%[m], #248]\n\t"
+ "ldr r9, [%[a], #248]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #248]\n\t"
+ /* a[i+63] += m[63] * mu */
+ "ldr r10, [%[m], #252]\n\t"
+ "ldr r9, [%[a], #252]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #252]\n\t"
+ /* a[i+64] += m[64] * mu */
+ "ldr r10, [%[m], #256]\n\t"
+ "ldr r9, [%[a], #256]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #256]\n\t"
+ /* a[i+65] += m[65] * mu */
+ "ldr r10, [%[m], #260]\n\t"
+ "ldr r9, [%[a], #260]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #260]\n\t"
+ /* a[i+66] += m[66] * mu */
+ "ldr r10, [%[m], #264]\n\t"
+ "ldr r9, [%[a], #264]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #264]\n\t"
+ /* a[i+67] += m[67] * mu */
+ "ldr r10, [%[m], #268]\n\t"
+ "ldr r9, [%[a], #268]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #268]\n\t"
+ /* a[i+68] += m[68] * mu */
+ "ldr r10, [%[m], #272]\n\t"
+ "ldr r9, [%[a], #272]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #272]\n\t"
+ /* a[i+69] += m[69] * mu */
+ "ldr r10, [%[m], #276]\n\t"
+ "ldr r9, [%[a], #276]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #276]\n\t"
+ /* a[i+70] += m[70] * mu */
+ "ldr r10, [%[m], #280]\n\t"
+ "ldr r9, [%[a], #280]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #280]\n\t"
+ /* a[i+71] += m[71] * mu */
+ "ldr r10, [%[m], #284]\n\t"
+ "ldr r9, [%[a], #284]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #284]\n\t"
+ /* a[i+72] += m[72] * mu */
+ "ldr r10, [%[m], #288]\n\t"
+ "ldr r9, [%[a], #288]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #288]\n\t"
+ /* a[i+73] += m[73] * mu */
+ "ldr r10, [%[m], #292]\n\t"
+ "ldr r9, [%[a], #292]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #292]\n\t"
+ /* a[i+74] += m[74] * mu */
+ "ldr r10, [%[m], #296]\n\t"
+ "ldr r9, [%[a], #296]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #296]\n\t"
+ /* a[i+75] += m[75] * mu */
+ "ldr r10, [%[m], #300]\n\t"
+ "ldr r9, [%[a], #300]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #300]\n\t"
+ /* a[i+76] += m[76] * mu */
+ "ldr r10, [%[m], #304]\n\t"
+ "ldr r9, [%[a], #304]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #304]\n\t"
+ /* a[i+77] += m[77] * mu */
+ "ldr r10, [%[m], #308]\n\t"
+ "ldr r9, [%[a], #308]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #308]\n\t"
+ /* a[i+78] += m[78] * mu */
+ "ldr r10, [%[m], #312]\n\t"
+ "ldr r9, [%[a], #312]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #312]\n\t"
+ /* a[i+79] += m[79] * mu */
+ "ldr r10, [%[m], #316]\n\t"
+ "ldr r9, [%[a], #316]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #316]\n\t"
+ /* a[i+80] += m[80] * mu */
+ "ldr r10, [%[m], #320]\n\t"
+ "ldr r9, [%[a], #320]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #320]\n\t"
+ /* a[i+81] += m[81] * mu */
+ "ldr r10, [%[m], #324]\n\t"
+ "ldr r9, [%[a], #324]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #324]\n\t"
+ /* a[i+82] += m[82] * mu */
+ "ldr r10, [%[m], #328]\n\t"
+ "ldr r9, [%[a], #328]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #328]\n\t"
+ /* a[i+83] += m[83] * mu */
+ "ldr r10, [%[m], #332]\n\t"
+ "ldr r9, [%[a], #332]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #332]\n\t"
+ /* a[i+84] += m[84] * mu */
+ "ldr r10, [%[m], #336]\n\t"
+ "ldr r9, [%[a], #336]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #336]\n\t"
+ /* a[i+85] += m[85] * mu */
+ "ldr r10, [%[m], #340]\n\t"
+ "ldr r9, [%[a], #340]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #340]\n\t"
+ /* a[i+86] += m[86] * mu */
+ "ldr r10, [%[m], #344]\n\t"
+ "ldr r9, [%[a], #344]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #344]\n\t"
+ /* a[i+87] += m[87] * mu */
+ "ldr r10, [%[m], #348]\n\t"
+ "ldr r9, [%[a], #348]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #348]\n\t"
+ /* a[i+88] += m[88] * mu */
+ "ldr r10, [%[m], #352]\n\t"
+ "ldr r9, [%[a], #352]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #352]\n\t"
+ /* a[i+89] += m[89] * mu */
+ "ldr r10, [%[m], #356]\n\t"
+ "ldr r9, [%[a], #356]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #356]\n\t"
+ /* a[i+90] += m[90] * mu */
+ "ldr r10, [%[m], #360]\n\t"
+ "ldr r9, [%[a], #360]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #360]\n\t"
+ /* a[i+91] += m[91] * mu */
+ "ldr r10, [%[m], #364]\n\t"
+ "ldr r9, [%[a], #364]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #364]\n\t"
+ /* a[i+92] += m[92] * mu */
+ "ldr r10, [%[m], #368]\n\t"
+ "ldr r9, [%[a], #368]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #368]\n\t"
+ /* a[i+93] += m[93] * mu */
+ "ldr r10, [%[m], #372]\n\t"
+ "ldr r9, [%[a], #372]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #372]\n\t"
+ /* a[i+94] += m[94] * mu */
+ "ldr r10, [%[m], #376]\n\t"
+ "ldr r9, [%[a], #376]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #376]\n\t"
+ /* a[i+95] += m[95] * mu */
+ "ldr r10, [%[m], #380]\n\t"
+ "ldr r9, [%[a], #380]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #380]\n\t"
+ /* a[i+96] += m[96] * mu */
+ "ldr r10, [%[m], #384]\n\t"
+ "ldr r9, [%[a], #384]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #384]\n\t"
+ /* a[i+97] += m[97] * mu */
+ "ldr r10, [%[m], #388]\n\t"
+ "ldr r9, [%[a], #388]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #388]\n\t"
+ /* a[i+98] += m[98] * mu */
+ "ldr r10, [%[m], #392]\n\t"
+ "ldr r9, [%[a], #392]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #392]\n\t"
+ /* a[i+99] += m[99] * mu */
+ "ldr r10, [%[m], #396]\n\t"
+ "ldr r9, [%[a], #396]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #396]\n\t"
+ /* a[i+100] += m[100] * mu */
+ "ldr r10, [%[m], #400]\n\t"
+ "ldr r9, [%[a], #400]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #400]\n\t"
+ /* a[i+101] += m[101] * mu */
+ "ldr r10, [%[m], #404]\n\t"
+ "ldr r9, [%[a], #404]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #404]\n\t"
+ /* a[i+102] += m[102] * mu */
+ "ldr r10, [%[m], #408]\n\t"
+ "ldr r9, [%[a], #408]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #408]\n\t"
+ /* a[i+103] += m[103] * mu */
+ "ldr r10, [%[m], #412]\n\t"
+ "ldr r9, [%[a], #412]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #412]\n\t"
+ /* a[i+104] += m[104] * mu */
+ "ldr r10, [%[m], #416]\n\t"
+ "ldr r9, [%[a], #416]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #416]\n\t"
+ /* a[i+105] += m[105] * mu */
+ "ldr r10, [%[m], #420]\n\t"
+ "ldr r9, [%[a], #420]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #420]\n\t"
+ /* a[i+106] += m[106] * mu */
+ "ldr r10, [%[m], #424]\n\t"
+ "ldr r9, [%[a], #424]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #424]\n\t"
+ /* a[i+107] += m[107] * mu */
+ "ldr r10, [%[m], #428]\n\t"
+ "ldr r9, [%[a], #428]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #428]\n\t"
+ /* a[i+108] += m[108] * mu */
+ "ldr r10, [%[m], #432]\n\t"
+ "ldr r9, [%[a], #432]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #432]\n\t"
+ /* a[i+109] += m[109] * mu */
+ "ldr r10, [%[m], #436]\n\t"
+ "ldr r9, [%[a], #436]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #436]\n\t"
+ /* a[i+110] += m[110] * mu */
+ "ldr r10, [%[m], #440]\n\t"
+ "ldr r9, [%[a], #440]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #440]\n\t"
+ /* a[i+111] += m[111] * mu */
+ "ldr r10, [%[m], #444]\n\t"
+ "ldr r9, [%[a], #444]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #444]\n\t"
+ /* a[i+112] += m[112] * mu */
+ "ldr r10, [%[m], #448]\n\t"
+ "ldr r9, [%[a], #448]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #448]\n\t"
+ /* a[i+113] += m[113] * mu */
+ "ldr r10, [%[m], #452]\n\t"
+ "ldr r9, [%[a], #452]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #452]\n\t"
+ /* a[i+114] += m[114] * mu */
+ "ldr r10, [%[m], #456]\n\t"
+ "ldr r9, [%[a], #456]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #456]\n\t"
+ /* a[i+115] += m[115] * mu */
+ "ldr r10, [%[m], #460]\n\t"
+ "ldr r9, [%[a], #460]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #460]\n\t"
+ /* a[i+116] += m[116] * mu */
+ "ldr r10, [%[m], #464]\n\t"
+ "ldr r9, [%[a], #464]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #464]\n\t"
+ /* a[i+117] += m[117] * mu */
+ "ldr r10, [%[m], #468]\n\t"
+ "ldr r9, [%[a], #468]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #468]\n\t"
+ /* a[i+118] += m[118] * mu */
+ "ldr r10, [%[m], #472]\n\t"
+ "ldr r9, [%[a], #472]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #472]\n\t"
+ /* a[i+119] += m[119] * mu */
+ "ldr r10, [%[m], #476]\n\t"
+ "ldr r9, [%[a], #476]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #476]\n\t"
+ /* a[i+120] += m[120] * mu */
+ "ldr r10, [%[m], #480]\n\t"
+ "ldr r9, [%[a], #480]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #480]\n\t"
+ /* a[i+121] += m[121] * mu */
+ "ldr r10, [%[m], #484]\n\t"
+ "ldr r9, [%[a], #484]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #484]\n\t"
+ /* a[i+122] += m[122] * mu */
+ "ldr r10, [%[m], #488]\n\t"
+ "ldr r9, [%[a], #488]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #488]\n\t"
+ /* a[i+123] += m[123] * mu */
+ "ldr r10, [%[m], #492]\n\t"
+ "ldr r9, [%[a], #492]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #492]\n\t"
+ /* a[i+124] += m[124] * mu */
+ "ldr r10, [%[m], #496]\n\t"
+ "ldr r9, [%[a], #496]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #496]\n\t"
+ /* a[i+125] += m[125] * mu */
+ "ldr r10, [%[m], #500]\n\t"
+ "ldr r9, [%[a], #500]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #500]\n\t"
+ /* a[i+126] += m[126] * mu */
+ "ldr r10, [%[m], #504]\n\t"
+ "ldr r9, [%[a], #504]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #504]\n\t"
+ /* a[i+127] += m[127] * mu */
+ "ldr r10, [%[m], #508]\n\t"
+ "ldr r9, [%[a], #508]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #512]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #508]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #512]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0x200\n\t"
+ "blt L_sp_4096_mont_reduce_128_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -56342,7 +57189,7 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -56356,7 +57203,7 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -56374,9 +57221,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
@@ -56397,7 +57244,7 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -56411,9 +57258,9 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -56643,7 +57490,7 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -56661,9 +57508,9 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -56703,7 +57550,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -56720,9 +57567,9 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -56752,7 +57599,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_4096_word_128_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -56780,7 +57627,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -56808,7 +57655,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -56841,7 +57688,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -56856,8 +57703,8 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[256], t2[129];
sp_digit div, r1;
@@ -56913,7 +57760,8 @@ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_4096_div_128_cond(a, m, NULL, r);
}
@@ -56959,8 +57807,8 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
*/
static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -56968,7 +57816,7 @@ static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
"mov r5, #0\n\t"
"mov r3, #-1\n\t"
#ifdef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r4, #0x1\n\t"
"lsl r4, r4, #8\n\t"
"add r4, r4, #0xfc\n\t"
@@ -58405,7 +59253,7 @@ static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -58419,8 +59267,8 @@ static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[256], t2[129];
sp_digit div, r1;
@@ -58460,7 +59308,8 @@ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_di
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_4096_div_128(a, m, NULL, r);
}
@@ -58940,10 +59789,10 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
*/
static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -58964,7 +59813,7 @@ static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -58980,10 +59829,10 @@ static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r8, #0\n\t"
@@ -59214,7 +60063,7 @@ static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp
"adc %[r], r8, r8\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -59536,9 +60385,9 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
#ifdef HAVE_FFDHE_4096
static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register byte n asm ("r2") = n_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register byte n asm ("r2") = (byte)n_p;
__asm__ __volatile__ (
"rsb r12, %[n], #31\n\t"
@@ -60312,7 +61161,7 @@ static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p)
"str r5, [%[r], #4]\n\t"
: [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : "memory", "r4", "r5", "r6", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
);
}
@@ -60607,16 +61456,19 @@ static const sp_digit p256_b[8] = {
*/
static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x40\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_256_mul_8_outer_%=: \n\t"
"subs r3, r5, #28\n\t"
@@ -60627,7 +61479,44 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"L_sp_256_mul_8_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -60664,10 +61553,46 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #32\n\t"
- "beq L_sp_256_mul_8_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_256_mul_8_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_256_mul_8_inner_done_%=\n\t"
+ "blt L_sp_256_mul_8_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_256_mul_8_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -60675,22 +61600,55 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #56\n\t"
+ "cmp r5, #52\n\t"
"ble L_sp_256_mul_8_outer_%=\n\t"
+ "ldr lr, [%[a], #28]\n\t"
+ "ldr r11, [%[b], #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_256_mul_8_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_256_mul_8_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
@@ -60699,17 +61657,15 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
*/
static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #32\n\t"
- "mov r10, #0\n\t"
/* A[0] * B[0] */
"ldr r11, [%[a]]\n\t"
"ldr r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r3, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60732,14 +61688,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adc r4, r4, r7\n\t"
"mov r5, #0\n\t"
-#else
- "umull r3, r4, r11, r12\n\t"
- "mov r5, #0\n\t"
-#endif
"str r3, [sp]\n\t"
/* A[0] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60769,16 +61720,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * B[0] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60807,16 +61750,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60846,17 +61782,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * B[1] */
"ldr r11, [%[a], #4]\n\t"
"ldr r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60885,16 +61813,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[0] * B[2] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60923,16 +61844,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -60962,16 +61876,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[1] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61000,15 +61906,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[2] * B[1] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61037,16 +61936,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[3] * B[0] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61075,16 +61967,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61114,16 +61999,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[3] * B[1] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61152,16 +62029,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[2] * B[2] */
"ldr r11, [%[a], #8]\n\t"
"ldr r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61190,16 +62060,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * B[3] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61228,16 +62091,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[0] * B[4] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61266,16 +62122,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61305,17 +62154,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * B[4] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61344,15 +62185,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[2] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61381,15 +62215,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[3] * B[2] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61418,16 +62245,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[4] * B[1] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61456,16 +62276,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[5] * B[0] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61494,16 +62307,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61533,17 +62339,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[5] * B[1] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61572,15 +62370,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[4] * B[2] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61609,16 +62400,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[3] * B[3] */
"ldr r11, [%[a], #12]\n\t"
"ldr r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61647,16 +62431,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[2] * B[4] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61685,16 +62462,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[1] * B[5] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61723,16 +62493,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[0] * B[6] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61761,16 +62524,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61800,17 +62556,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * B[6] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61839,16 +62587,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[2] * B[5] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61877,15 +62618,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[3] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61914,15 +62648,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[4] * B[3] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61951,16 +62678,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[5] * B[2] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -61989,16 +62709,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[6] * B[1] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62027,16 +62740,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[7] * B[0] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62065,16 +62771,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #28]\n\t"
/* A[7] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62104,17 +62803,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[6] * B[2] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62143,15 +62834,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[5] * B[3] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62180,16 +62864,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[4] * B[4] */
"ldr r11, [%[a], #16]\n\t"
"ldr r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62218,16 +62895,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[3] * B[5] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62256,16 +62926,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[2] * B[6] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62294,16 +62957,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * B[7] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62332,16 +62988,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [%[r], #32]\n\t"
/* A[2] * B[7] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62371,17 +63020,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[3] * B[6] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62410,15 +63051,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[4] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62447,15 +63081,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[5] * B[4] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62484,16 +63111,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[6] * B[3] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62522,16 +63142,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[7] * B[2] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62560,16 +63173,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [%[r], #36]\n\t"
/* A[7] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62599,16 +63205,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[6] * B[4] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62637,16 +63235,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[5] * B[5] */
"ldr r11, [%[a], #20]\n\t"
"ldr r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62675,16 +63266,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[4] * B[6] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62713,16 +63297,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[3] * B[7] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62751,16 +63328,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [%[r], #40]\n\t"
/* A[4] * B[7] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62790,16 +63360,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[5] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62828,15 +63390,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[6] * B[5] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62865,16 +63420,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[7] * B[4] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62903,15 +63451,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r5, r5, r6\n\t"
"adcs r3, r3, r7\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r5, [%[r], #44]\n\t"
/* A[7] * B[5] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62941,17 +63482,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[6] * B[6] */
"ldr r11, [%[a], #24]\n\t"
"ldr r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -62980,16 +63513,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r11, r12\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
/* A[5] * B[7] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -63018,15 +63544,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r3, r3, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r5, r5, #0\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
-#endif
"str r3, [%[r], #48]\n\t"
/* A[6] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -63056,16 +63575,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r11, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[7] * B[6] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -63094,15 +63605,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r12\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [%[r], #52]\n\t"
/* A[7] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -63127,11 +63631,6 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
"adc r3, r3, r7\n\t"
-#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r7\n\t"
-#endif
"str r5, [%[r], #56]\n\t"
"str r3, [%[r], #60]\n\t"
"ldm sp!, {r3, r4, r5, r6}\n\t"
@@ -63140,10 +63639,495 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #36\n\t"
+ "str %[r], [sp, #32]\n\t"
+ "mov %[r], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * B[0] */
+ "ldr lr, [%[b]]\n\t"
+ "umull r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "umull r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "umull r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "umull r9, r10, r12, lr\n\t"
+ "str r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "mov r11, %[r]\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adc r3, %[r], #0\n\t"
+ "umlal r10, r3, r12, lr\n\t"
+ /* A[1] * B[0] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "str r4, [sp, #4]\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r4, %[r], #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "str r5, [sp, #8]\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r5, %[r], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r6, %[r], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r7, %[r], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r8, %[r], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r9, %[r], #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "ldr r12, [%[a], #28]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r10, %[r], #0\n\t"
+ "umlal r9, r10, r12, lr\n\t"
+ "ldr %[r], [sp, #32]\n\t"
+ "add %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "sub %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add sp, sp, #36\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#else
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str %[r], [sp, #36]\n\t"
+ "str %[a], [sp, #40]\n\t"
+#else
+ "strd %[r], %[a], [sp, #36]\n\t"
+#endif
+ "mov lr, %[b]\n\t"
+ "ldm %[a], {%[r], %[a], %[b], r3}\n\t"
+ "ldm lr!, {r4, r5, r6}\n\t"
+ "umull r10, r11, %[r], r4\n\t"
+ "umull r12, r7, %[a], r4\n\t"
+ "umaal r11, r12, %[r], r5\n\t"
+ "umull r8, r9, %[b], r4\n\t"
+ "umaal r12, r8, %[a], r5\n\t"
+ "umaal r12, r7, %[r], r6\n\t"
+ "umaal r8, r9, r3, r4\n\t"
+ "stm sp, {r10, r11, r12}\n\t"
+ "umaal r7, r8, %[b], r5\n\t"
+ "ldm lr!, {r4}\n\t"
+ "umull r10, r11, %[a], r6\n\t"
+ "umaal r8, r9, %[b], r6\n\t"
+ "umaal r7, r10, %[r], r4\n\t"
+ "umaal r8, r11, r3, r5\n\t"
+ "str r7, [sp, #12]\n\t"
+ "umaal r8, r10, %[a], r4\n\t"
+ "umaal r9, r11, r3, r6\n\t"
+ "umaal r9, r10, %[b], r4\n\t"
+ "umaal r10, r11, r3, r4\n\t"
+ "ldm lr, {r4, r5, r6, r7}\n\t"
+ "mov r12, #0\n\t"
+ "umlal r8, r12, %[r], r4\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r10, r12, %[b], r4\n\t"
+ "umaal r11, r12, r3, r4\n\t"
+ "mov r4, #0\n\t"
+ "umlal r9, r4, %[r], r5\n\t"
+ "umaal r10, r4, %[a], r5\n\t"
+ "umaal r11, r4, %[b], r5\n\t"
+ "umaal r12, r4, r3, r5\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, %[r], r6\n\t"
+ "umaal r11, r5, %[a], r6\n\t"
+ "umaal r12, r5, %[b], r6\n\t"
+ "umaal r4, r5, r3, r6\n\t"
+ "mov r6, #0\n\t"
+ "umlal r11, r6, %[r], r7\n\t"
+ "ldr %[r], [sp, #40]\n\t"
+ "umaal r12, r6, %[a], r7\n\t"
+ "add %[r], %[r], #16\n\t"
+ "umaal r4, r6, %[b], r7\n\t"
+ "sub lr, lr, #16\n\t"
+ "umaal r5, r6, r3, r7\n\t"
+ "ldm %[r], {%[r], %[a], %[b], r3}\n\t"
+ "str r6, [sp, #32]\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r7, #0\n\t"
+ "umlal r8, r7, %[r], r6\n\t"
+ "umaal r9, r7, %[a], r6\n\t"
+ "str r8, [sp, #16]\n\t"
+ "umaal r10, r7, %[b], r6\n\t"
+ "umaal r11, r7, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r8, #0\n\t"
+ "umlal r9, r8, %[r], r6\n\t"
+ "umaal r10, r8, %[a], r6\n\t"
+ "str r9, [sp, #20]\n\t"
+ "umaal r11, r8, %[b], r6\n\t"
+ "umaal r12, r8, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r9, #0\n\t"
+ "umlal r10, r9, %[r], r6\n\t"
+ "umaal r11, r9, %[a], r6\n\t"
+ "str r10, [sp, #24]\n\t"
+ "umaal r12, r9, %[b], r6\n\t"
+ "umaal r4, r9, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r10, #0\n\t"
+ "umlal r11, r10, %[r], r6\n\t"
+ "umaal r12, r10, %[a], r6\n\t"
+ "str r11, [sp, #28]\n\t"
+ "umaal r4, r10, %[b], r6\n\t"
+ "umaal r5, r10, r3, r6\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r12, r7, %[r], r11\n\t"
+ "umaal r4, r7, %[a], r11\n\t"
+ "ldr r6, [sp, #32]\n\t"
+ "umaal r5, r7, %[b], r11\n\t"
+ "umaal r6, r7, r3, r11\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r4, r8, %[r], r11\n\t"
+ "umaal r5, r8, %[a], r11\n\t"
+ "umaal r6, r8, %[b], r11\n\t"
+ "umaal r7, r8, r3, r11\n\t"
+ "ldm lr, {r11, lr}\n\t"
+ "umaal r5, r9, %[r], r11\n\t"
+ "umaal r6, r10, %[r], lr\n\t"
+ "umaal r6, r9, %[a], r11\n\t"
+ "umaal r7, r10, %[a], lr\n\t"
+ "umaal r7, r9, %[b], r11\n\t"
+ "umaal r8, r10, %[b], lr\n\t"
+ "umaal r8, r9, r3, r11\n\t"
+ "umaal r9, r10, r3, lr\n\t"
+ "mov r3, r12\n\t"
+ "ldr lr, [sp, #36]\n\t"
+ "add lr, lr, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "sub lr, lr, #32\n\t"
+ "ldm sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add sp, sp, #44\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+ );
+}
+
+#endif
#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
/* Square a and put result in r. (r = a * a)
@@ -63153,29 +64137,28 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
*/
static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x40\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_256_sqr_8_outer_%=: \n\t"
"subs r3, r5, #28\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_256_sqr_8_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_256_sqr_8_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -63224,11 +64207,13 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_256_sqr_8_op_done_%=\n\t"
- "\n"
- "L_sp_256_sqr_8_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_256_sqr_8_inner_done_%=\n\t"
+ "blt L_sp_256_sqr_8_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -63255,38 +64240,55 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_256_sqr_8_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #32\n\t"
- "beq L_sp_256_sqr_8_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_256_sqr_8_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_256_sqr_8_inner_%=\n\t"
- "\n"
"L_sp_256_sqr_8_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #56\n\t"
+ "cmp r5, #52\n\t"
"ble L_sp_256_sqr_8_outer_%=\n\t"
+ "ldr lr, [%[a], #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_256_sqr_8_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_256_sqr_8_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
@@ -63294,14 +64296,13 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
*/
static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #32\n\t"
/* A[0] * A[0] */
"ldr r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r9, r10, #16\n\t"
"lsl r2, r10, #16\n\t"
"lsr r2, r2, #16\n\t"
@@ -63312,15 +64313,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r2, r2, #17\n\t"
"adds r8, r8, r2\n\t"
"adc r3, r3, r9\n\t"
-#else
- "umull r8, r3, r10, r10\n\t"
-#endif
"mov r4, #0\n\t"
"str r8, [sp]\n\t"
/* A[0] * A[1] */
"ldr r10, [%[a], #4]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63361,22 +64358,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [sp, #4]\n\t"
/* A[0] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63417,20 +64402,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[1] * A[1] */
"ldr r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63450,17 +64423,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [sp, #8]\n\t"
/* A[0] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63501,21 +64467,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[1] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63555,20 +64509,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r2, [sp, #12]\n\t"
/* A[0] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63609,21 +64553,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[1] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63663,18 +64595,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[2] * A[2] */
"ldr r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63694,17 +64616,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [sp, #16]\n\t"
/* A[0] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63726,15 +64641,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r3, #0\n\t"
"mov r7, #0\n\t"
/* A[1] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63763,16 +64674,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[2] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63801,12 +64705,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
@@ -63817,7 +64715,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63839,15 +64736,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r4, #0\n\t"
"mov r7, #0\n\t"
/* A[1] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63876,16 +64769,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[2] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63914,15 +64800,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[3] * A[3] */
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63945,15 +64824,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adc r7, r7, r7\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"adds r2, r2, r5\n\t"
"adcs r3, r3, r6\n\t"
"adc r4, r4, r7\n\t"
@@ -63961,7 +64831,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -63983,15 +64852,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r2, #0\n\t"
"mov r7, #0\n\t"
/* A[1] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64020,16 +64885,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[2] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64058,16 +64916,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[3] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64096,12 +64947,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
@@ -64112,7 +64957,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64134,15 +64978,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r3, #0\n\t"
"mov r7, #0\n\t"
/* A[2] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64171,16 +65011,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[3] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64209,15 +65042,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[4] * A[4] */
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64240,15 +65066,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adc r7, r7, r7\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"adds r4, r4, r5\n\t"
"adcs r2, r2, r6\n\t"
"adc r3, r3, r7\n\t"
@@ -64256,7 +65073,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64278,15 +65094,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #16\n\t"
"adds r5, r5, r8\n\t"
"adc r6, r6, r9\n\t"
-#else
- "umull r5, r6, r10, r12\n\t"
-#endif
"mov r4, #0\n\t"
"mov r7, #0\n\t"
/* A[3] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64315,16 +65127,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
/* A[4] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64353,12 +65158,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r5, r5, r8\n\t"
"adcs r6, r6, r9\n\t"
"adc r7, r7, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r5, r5, r8\n\t"
- "adcs r6, r6, r9\n\t"
- "adc r7, r7, #0\n\t"
-#endif
"adds r5, r5, r5\n\t"
"adcs r6, r6, r6\n\t"
"adc r7, r7, r7\n\t"
@@ -64369,7 +65168,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64410,21 +65208,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[4] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64464,18 +65250,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
/* A[5] * A[5] */
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64495,17 +65271,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [%[r], #40]\n\t"
/* A[4] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64546,21 +65315,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
-#endif
/* A[5] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64600,20 +65357,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r4, r4, r8\n\t"
"adcs r2, r2, r9\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r2, r2, r9\n\t"
- "adc r3, r3, #0\n\t"
-#endif
"str r4, [%[r], #44]\n\t"
/* A[5] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64654,20 +65401,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
-#endif
/* A[6] * A[6] */
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64687,17 +65422,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r2, r2, r8\n\t"
"adcs r3, r3, r9\n\t"
"adc r4, r4, #0\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adc r4, r4, #0\n\t"
-#endif
"str r2, [%[r], #48]\n\t"
/* A[6] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64738,21 +65466,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"adds r3, r3, r8\n\t"
"adcs r4, r4, r9\n\t"
"adc r2, r2, #0\n\t"
-#else
- "umull r8, r9, r10, r12\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "mov r2, #0\n\t"
- "adc r2, r2, #0\n\t"
-#endif
"str r3, [%[r], #52]\n\t"
/* A[7] * A[7] */
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -64770,11 +65486,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"lsl r8, r8, #17\n\t"
"adds r4, r4, r8\n\t"
"adc r2, r2, r9\n\t"
-#else
- "umull r8, r9, r10, r10\n\t"
- "adds r4, r4, r8\n\t"
- "adc r2, r2, r9\n\t"
-#endif
"str r4, [%[r], #56]\n\t"
"str r2, [%[r], #60]\n\t"
"ldm sp!, {r2, r3, r4, r8}\n\t"
@@ -64783,10 +65494,370 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
"stm %[r]!, {r2, r3, r4, r8}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
+ );
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Square a and put result in r. (r = a * a)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ */
+static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str %[r], [sp, #64]\n\t"
+ "mov %[r], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * A[1] */
+ "ldr lr, [%[a], #4]\n\t"
+ "umull r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "ldr lr, [%[a], #12]\n\t"
+ "umull r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "umull r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "umull r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ "adcs r3, r3, #0\n\t"
+ "str r4, [sp, #4]\n\t"
+ "str r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "ldr lr, [%[a], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r4, %[r], #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[a], #12]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r5, %[r], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[a], #16]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r6, %[r], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[a], #20]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r7, %[r], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[a], #24]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r8, %[r], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[a], #28]\n\t"
+ "mov r9, #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "adds r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adcs r10, r10, r10\n\t"
+ "stm lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adc r10, %[r], #0\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov lr, sp\n\t"
+ /* A[0] * A[0] */
+ "ldr r12, [%[a]]\n\t"
+ "umull r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "ldr r12, [%[a], #4]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "ldr r12, [%[a], #8]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "ldr r12, [%[a], #12]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, r12\n\t"
+ "adds r10, r10, r11\n\t"
+ "stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "ldr r12, [%[a], #16]\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "ldr r12, [%[a], #20]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "ldr r12, [%[a], #24]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "ldr r12, [%[a], #28]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r12, r12\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "add %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "sub %[r], %[r], #32\n\t"
+ "stm %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
+#else
+/* Square a and put result in r. (r = a * a)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ */
+static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #32\n\t"
+ "str %[r], [sp, #28]\n\t"
+ "ldm %[a], {%[r], %[a], r2, r3, r4, r5, r6, r7}\n\t"
+ "umull r9, r10, %[r], %[r]\n\t"
+ "umull r11, r12, %[r], %[a]\n\t"
+ "adds r11, r11, r11\n\t"
+ "mov lr, #0\n\t"
+ "umaal r10, r11, lr, lr\n\t"
+ "stm sp, {r9, r10}\n\t"
+ "mov r8, lr\n\t"
+ "umaal r8, r12, %[r], r2\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r8, r11, %[a], %[a]\n\t"
+ "umull r9, r10, %[r], r3\n\t"
+ "umaal r9, r12, %[a], r2\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [sp, #8]\n\t"
+ "str r9, [sp, #12]\n\t"
+#else
+ "strd r8, r9, [sp, #8]\n\t"
+#endif
+ "mov r9, lr\n\t"
+ "umaal r9, r10, %[r], r4\n\t"
+ "umaal r9, r12, %[a], r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r2, r2\n\t"
+ "str r9, [sp, #16]\n\t"
+ "umull r9, r8, %[r], r5\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r9, r10, r2, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+ "str r9, [sp, #20]\n\t"
+ "mov r9, lr\n\t"
+ "umaal r9, r8, %[r], r6\n\t"
+ "umaal r9, r12, %[a], r5\n\t"
+ "umaal r9, r10, r2, r4\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r3, r3\n\t"
+ "str r9, [sp, #24]\n\t"
+ "umull %[r], r9, %[r], r7\n\t"
+ "umaal %[r], r8, %[a], r6\n\t"
+ "umaal %[r], r12, r2, r5\n\t"
+ "umaal %[r], r10, r3, r4\n\t"
+ "adcs %[r], %[r], %[r]\n\t"
+ "umaal %[r], r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "umaal r9, r8, %[a], r7\n\t"
+ "umaal r9, r10, r2, r6\n\t"
+ "umaal r12, r9, r3, r5\n\t"
+ "adcs r12, r12, r12\n\t"
+ "umaal r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "umaal r9, r8, r2, r7\n\t"
+ "umaal r10, r9, r3, r6\n\t"
+ "mov r2, lr\n\t"
+ "umaal r10, r2, r4, r5\n\t"
+ "adcs r10, r10, r10\n\t"
+ "umaal r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "umaal r2, r8, r3, r7\n\t"
+ "umaal r2, r9, r4, r6\n\t"
+ "adcs r3, r2, r2\n\t"
+ "umaal r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "mov %[a], lr\n\t"
+ "umaal %[a], r8, r4, r7\n\t"
+ "umaal %[a], r9, r5, r6\n\t"
+ "adcs r4, %[a], %[a]\n\t"
+ "umaal r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "umaal r8, r9, r5, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "mov r5, lr\n\t"
+ "umaal r5, r9, r6, r7\n\t"
+ "adcs r5, r5, r5\n\t"
+ "umaal r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r5, r7, r7\n\t"
+ "adcs r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ "ldr lr, [sp, #28]\n\t"
+ "add lr, lr, #28\n\t"
+ "stm lr!, {%[r], r12}\n\t"
+ "stm lr!, {r11}\n\t"
+ "stm lr!, {r10}\n\t"
+ "stm lr!, {r3, r4, r8, r9}\n\t"
+ "stm lr!, {r7}\n\t"
+ "sub lr, lr, #0x40\n\t"
+ "ldm sp, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+ "stm lr, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+ "add sp, sp, #32\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#endif
#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
/* Add b to a into r. (r = a + b)
@@ -64797,9 +65868,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
*/
static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -64821,7 +65892,7 @@ static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -64835,12 +65906,11 @@ static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
*/
static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -64855,84 +65925,11 @@ static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "mov r12, #0\n\t"
- "add lr, %[a], #32\n\t"
- "\n"
- "L_sp_256_sub_8_word_%=: \n\t"
- "rsbs r12, r12, #0\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc r12, r3, r3\n\t"
- "cmp %[a], lr\n\t"
- "bne L_sp_256_sub_8_word_%=\n\t"
- "mov %[r], r12\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "subs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc %[r], r6, r6\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -64946,8 +65943,8 @@ static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
*/
static int sp_256_mod_mul_norm_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #24\n\t"
@@ -65168,7 +66165,7 @@ static int sp_256_mod_mul_norm_8(sp_digit* r_p, const sp_digit* a_p, const sp_di
"add sp, sp, #24\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
);
(void)m_p;
return (uint32_t)(size_t)r;
@@ -65184,14 +66181,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -65369,6 +66366,7 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
return err;
}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -65376,13 +66374,13 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x44\n\t"
@@ -65390,7 +66388,6 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
/* A[0] * B[0] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r8, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65412,13 +66409,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r8, r8, r3\n\t"
"adc r9, r9, r4\n\t"
-#else
- "umull r8, r9, r6, r7\n\t"
-#endif
"str r8, [sp]\n\t"
/* A[0] * B[1] */
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65444,15 +66437,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r9, r9, r3\n\t"
"adc r10, r10, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adc r10, r4, #0\n\t"
-#endif
/* A[1] * B[0] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65481,16 +66468,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, #0\n\t"
-#endif
"str r9, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65515,15 +66495,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r10, r10, r3\n\t"
"adc lr, lr, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adc lr, r4, lr\n\t"
-#endif
/* A[1] * B[1] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65552,16 +66526,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, #0\n\t"
-#endif
/* A[0] * B[2] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65590,16 +66557,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
"str r10, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65628,16 +66588,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, #0\n\t"
-#endif
/* A[1] * B[2] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65666,16 +66619,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[2] * B[1] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65704,16 +66650,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[3] * B[0] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65742,16 +66681,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
"str lr, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65780,16 +66712,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
-#endif
/* A[3] * B[1] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65818,16 +66743,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[2] * B[2] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65856,16 +66774,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[1] * B[3] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65894,16 +66805,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[0] * B[4] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65932,16 +66836,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
"str r8, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -65970,16 +66867,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, #0\n\t"
-#endif
/* A[1] * B[4] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66008,16 +66898,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[2] * B[3] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66046,16 +66929,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[3] * B[2] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66084,16 +66960,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[4] * B[1] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66122,16 +66991,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[5] * B[0] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66160,16 +67022,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
"str r9, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66198,16 +67053,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, #0\n\t"
-#endif
/* A[5] * B[1] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66236,16 +67084,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[4] * B[2] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66274,16 +67115,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[3] * B[3] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66312,16 +67146,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[2] * B[4] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66350,16 +67177,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[1] * B[5] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66388,16 +67208,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[0] * B[6] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66426,16 +67239,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
"str r10, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66464,16 +67270,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, #0\n\t"
-#endif
/* A[1] * B[6] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66502,16 +67301,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[2] * B[5] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66540,16 +67332,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[3] * B[4] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66578,16 +67363,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[4] * B[3] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66616,16 +67394,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[5] * B[2] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66654,16 +67425,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[6] * B[1] */
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66692,16 +67456,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[7] * B[0] */
"ldr r6, [%[a], #28]\n\t"
"ldr r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66730,16 +67487,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
"str lr, [sp, #28]\n\t"
/* A[7] * B[1] */
"ldr r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66768,16 +67518,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
-#endif
/* A[6] * B[2] */
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66806,16 +67549,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[5] * B[3] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66844,16 +67580,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[4] * B[4] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66882,16 +67611,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[3] * B[5] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66920,16 +67642,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[2] * B[6] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66958,16 +67673,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[1] * B[7] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -66996,16 +67704,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
"str r8, [sp, #32]\n\t"
/* A[2] * B[7] */
"ldr r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67034,16 +67735,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, #0\n\t"
-#endif
/* A[3] * B[6] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67072,16 +67766,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[4] * B[5] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67110,16 +67797,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[5] * B[4] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67148,16 +67828,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[6] * B[3] */
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67186,16 +67859,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[7] * B[2] */
"ldr r6, [%[a], #28]\n\t"
"ldr r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67224,16 +67890,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
"str r9, [sp, #36]\n\t"
/* A[7] * B[3] */
"ldr r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67262,16 +67921,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, #0\n\t"
-#endif
/* A[6] * B[4] */
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67300,16 +67952,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[5] * B[5] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67338,16 +67983,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[4] * B[6] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67376,16 +68014,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[3] * B[7] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67414,16 +68045,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
"str r10, [sp, #40]\n\t"
/* A[4] * B[7] */
"ldr r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67452,16 +68076,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, #0\n\t"
-#endif
/* A[5] * B[6] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67490,16 +68107,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[6] * B[5] */
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67528,16 +68138,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[7] * B[4] */
"ldr r6, [%[a], #28]\n\t"
"ldr r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67566,16 +68169,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
"str lr, [sp, #44]\n\t"
/* A[7] * B[5] */
"ldr r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67604,16 +68200,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
-#endif
/* A[6] * B[6] */
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67642,16 +68231,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[5] * B[7] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67680,15 +68262,8 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[6] * B[7] */
"ldr r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67717,16 +68292,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, #0\n\t"
-#endif
/* A[7] * B[6] */
"ldr r6, [%[a], #28]\n\t"
"ldr r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67755,15 +68323,8 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[7] * B[7] */
"ldr r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67788,194 +68349,896 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r10, r10, r3\n\t"
"adc lr, lr, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adc lr, r4, lr\n\t"
-#endif
"str r8, [sp, #48]\n\t"
"str r9, [sp, #52]\n\t"
"str r10, [sp, #56]\n\t"
"str lr, [sp, #60]\n\t"
+ "str %[r], [sp, #64]\n\t"
/* Start Reduction */
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
- "ldr r10, [sp, #24]\n\t"
- "ldr lr, [sp, #28]\n\t"
- /* mu = a[0..7] + a[0..4] << 96 + (a[0..1] * 2) << 192 */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
/* - a[0] << 224 */
- /* + (a[0..1] * 2) << (6 * 32) */
- "adds r10, r10, r4\n\t"
- "adc lr, lr, r5\n\t"
- "adds r10, r10, r4\n\t"
- "adc lr, lr, r5\n\t"
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
/* - a[0] << (7 * 32) */
- "sub lr, lr, r4\n\t"
- /* + a[0..4] << (3 * 32) */
- "mov %[a], r7\n\t"
- "mov r12, r8\n\t"
- "adds r7, r7, r4\n\t"
- "adcs r8, r8, r5\n\t"
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
"adcs r9, r9, r6\n\t"
- "adcs r10, r10, %[a]\n\t"
- "adc lr, lr, r12\n\t"
- "str r7, [sp, #12]\n\t"
- "str r8, [sp, #16]\n\t"
- "str r9, [sp, #20]\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
/* a += mu * m */
/* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
- /* a[6] += t[0] + t[3] */
- /* a[7] += t[1] + t[4] */
- "ldr %[a], [sp, #24]\n\t"
- "ldr %[b], [sp, #28]\n\t"
- "adds %[a], %[a], r4\n\t"
- "adcs %[b], %[b], r5\n\t"
- "mov r12, #0\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r7\n\t"
- "adcs %[b], %[b], r8\n\t"
- "adc r12, r12, #0\n\t"
- "str r10, [sp, #24]\n\t"
- "str lr, [sp, #28]\n\t"
- "str %[b], [sp, #64]\n\t"
- /* a[8] += t[0] + t[2] + t[5] */
- /* a[9] += t[1] + t[3] + t[6] */
- /* a[10] += t[2] + t[4] + t[7] */
- "ldr %[a], [sp, #32]\n\t"
- "ldr %[b], [sp, #36]\n\t"
- "ldr r3, [sp, #40]\n\t"
- "adds %[a], %[a], r12\n\t"
- "adcs %[b], %[b], #0\n\t"
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
"adcs r3, r3, #0\n\t"
- "mov r12, #0\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r4\n\t"
- "adcs %[b], %[b], r5\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
"adcs r3, r3, r6\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r6\n\t"
- "adcs %[b], %[b], r7\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
"adcs r3, r3, r8\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r9\n\t"
- "adcs %[b], %[b], r10\n\t"
- "adcs r3, r3, lr\n\t"
- "adc r12, r12, #0\n\t"
- "str %[a], [sp, #32]\n\t"
- "str %[b], [sp, #36]\n\t"
- "str r3, [sp, #40]\n\t"
- /* a[11] += t[3] + t[5] */
- /* a[12] += t[4] + t[6] */
- /* a[13] += t[5] + t[7] */
- /* a[14] += t[6] */
- /* a[15] += t[7] */
- "ldr %[a], [sp, #44]\n\t"
- "ldr %[b], [sp, #48]\n\t"
- "ldr r3, [sp, #52]\n\t"
- "ldr r4, [sp, #56]\n\t"
- "ldr r5, [sp, #60]\n\t"
- "adds %[a], %[a], r12\n\t"
- "adcs %[b], %[b], #0\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
"adcs r3, r3, #0\n\t"
"adcs r4, r4, #0\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r12, #0\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r7\n\t"
- "adcs %[b], %[b], r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adcs r5, r5, lr\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r9\n\t"
- "adcs %[b], %[b], r10\n\t"
- "adcs r3, r3, lr\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
+ "adcs r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
"adcs r4, r4, #0\n\t"
- "adcs r5, r5, #0\n\t"
- "adc r12, r12, #0\n\t"
- "str %[a], [sp, #44]\n\t"
- "str %[b], [sp, #48]\n\t"
- "str r3, [sp, #52]\n\t"
- "str r4, [sp, #56]\n\t"
- "str r5, [sp, #60]\n\t"
- "ldr %[a], [sp, #64]\n\t"
- "ldr %[b], [sp, #32]\n\t"
- "ldr r3, [sp, #36]\n\t"
- "ldr r4, [sp, #40]\n\t"
- "ldr r8, [sp]\n\t"
- "ldr r9, [sp, #4]\n\t"
- "ldr r10, [sp, #8]\n\t"
- "ldr lr, [sp, #12]\n\t"
- "subs %[a], %[a], r8\n\t"
- "sbcs %[b], %[b], r9\n\t"
- "sbcs r3, r3, r10\n\t"
- "sbcs r4, r4, lr\n\t"
- "str %[b], [sp, #32]\n\t"
- "str r3, [sp, #36]\n\t"
- "str r4, [sp, #40]\n\t"
- "ldr %[a], [sp, #44]\n\t"
- "ldr %[b], [sp, #48]\n\t"
- "ldr r3, [sp, #52]\n\t"
- "ldr r4, [sp, #56]\n\t"
- "ldr r5, [sp, #60]\n\t"
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
- "ldr r10, [sp, #24]\n\t"
- "ldr lr, [sp, #28]\n\t"
- "sbcs %[a], %[a], r8\n\t"
- "sbcs %[b], %[b], r9\n\t"
- "sbcs r3, r3, r10\n\t"
- "sbcs r4, r4, lr\n\t"
- "sbc r5, r5, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
+ "sbcs r7, r7, r12\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc lr, lr, #0\n\t"
/* mask m and sub from result if overflow */
- "rsb r12, r12, #0\n\t"
- "and lr, r12, #1\n\t"
- "ldr r6, [sp, #32]\n\t"
- "ldr r7, [sp, #36]\n\t"
- "ldr r8, [sp, #40]\n\t"
- "subs r6, r6, r12\n\t"
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "stm %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r12", "cc"
+ );
+ (void)m_p;
+ (void)mp_p;
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Multiply two Montgomery form numbers mod the modulus (prime).
+ * (r = a * b mod m)
+ *
+ * r Result of multiplication.
+ * a First number to multiply in Montgomery form.
+ * b Second number to multiply in Montgomery form.
+ * m Modulus (prime).
+ * mp Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str %[r], [sp, #64]\n\t"
+ "mov %[r], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * B[0] */
+ "ldr lr, [%[b]]\n\t"
+ "umull r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "umull r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "umull r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "umull r9, r10, r12, lr\n\t"
+ "str r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "mov r11, %[r]\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adcs r6, r6, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adc r3, %[r], #0\n\t"
+ "umlal r10, r3, r12, lr\n\t"
+ /* A[1] * B[0] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "str r4, [sp, #4]\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r4, %[r], #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "str r5, [sp, #8]\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r5, %[r], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r6, %[r], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r7, %[r], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r8, %[r], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r9, %[r], #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "ldr r12, [%[a], #28]\n\t"
+ "ldr lr, [%[b]]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "ldr lr, [%[b], #4]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "ldr lr, [%[b], #8]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "ldr lr, [%[b], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "ldr lr, [%[b], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "ldr lr, [%[b], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "ldr lr, [%[b], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "ldr lr, [%[b], #28]\n\t"
+ "adc r10, %[r], #0\n\t"
+ "umlal r9, r10, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* Start Reduction */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
+ "adcs r9, r9, r6\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
+ "adcs r3, r3, r6\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
+ "adcs r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
"sbcs r7, r7, r12\n\t"
- "sbcs r8, r8, r12\n\t"
- "sbcs %[a], %[a], #0\n\t"
- "sbcs %[b], %[b], #0\n\t"
- "sbcs r3, r3, #0\n\t"
- "sbcs r4, r4, lr\n\t"
- "sbc r5, r5, r12\n\t"
- "stm %[r]!, {r6, r7, r8}\n\t"
- "stm %[r]!, {%[a], %[b], r3, r4, r5}\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc lr, lr, #0\n\t"
+ /* mask m and sub from result if overflow */
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "stm %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
"add sp, sp, #0x44\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ (void)m_p;
(void)mp_p;
+}
+
+#else
+/* Multiply two Montgomery form numbers mod the modulus (prime).
+ * (r = a * b mod m)
+ *
+ * r Result of multiplication.
+ * a First number to multiply in Montgomery form.
+ * b Second number to multiply in Montgomery form.
+ * m Modulus (prime).
+ * mp Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x4c\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str %[r], [sp, #68]\n\t"
+ "str %[a], [sp, #72]\n\t"
+#else
+ "strd %[r], %[a], [sp, #68]\n\t"
+#endif
+ "mov lr, %[b]\n\t"
+ "ldm %[a], {%[r], %[a], %[b], r3}\n\t"
+ "ldm lr!, {r4, r5, r6}\n\t"
+ "umull r10, r11, %[r], r4\n\t"
+ "umull r12, r7, %[a], r4\n\t"
+ "umaal r11, r12, %[r], r5\n\t"
+ "umull r8, r9, %[b], r4\n\t"
+ "umaal r12, r8, %[a], r5\n\t"
+ "umaal r12, r7, %[r], r6\n\t"
+ "umaal r8, r9, r3, r4\n\t"
+ "stm sp, {r10, r11, r12}\n\t"
+ "umaal r7, r8, %[b], r5\n\t"
+ "ldm lr!, {r4}\n\t"
+ "umull r10, r11, %[a], r6\n\t"
+ "umaal r8, r9, %[b], r6\n\t"
+ "umaal r7, r10, %[r], r4\n\t"
+ "umaal r8, r11, r3, r5\n\t"
+ "str r7, [sp, #12]\n\t"
+ "umaal r8, r10, %[a], r4\n\t"
+ "umaal r9, r11, r3, r6\n\t"
+ "umaal r9, r10, %[b], r4\n\t"
+ "umaal r10, r11, r3, r4\n\t"
+ "ldm lr, {r4, r5, r6, r7}\n\t"
+ "mov r12, #0\n\t"
+ "umlal r8, r12, %[r], r4\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r10, r12, %[b], r4\n\t"
+ "umaal r11, r12, r3, r4\n\t"
+ "mov r4, #0\n\t"
+ "umlal r9, r4, %[r], r5\n\t"
+ "umaal r10, r4, %[a], r5\n\t"
+ "umaal r11, r4, %[b], r5\n\t"
+ "umaal r12, r4, r3, r5\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, %[r], r6\n\t"
+ "umaal r11, r5, %[a], r6\n\t"
+ "umaal r12, r5, %[b], r6\n\t"
+ "umaal r4, r5, r3, r6\n\t"
+ "mov r6, #0\n\t"
+ "umlal r11, r6, %[r], r7\n\t"
+ "ldr %[r], [sp, #72]\n\t"
+ "umaal r12, r6, %[a], r7\n\t"
+ "add %[r], %[r], #16\n\t"
+ "umaal r4, r6, %[b], r7\n\t"
+ "sub lr, lr, #16\n\t"
+ "umaal r5, r6, r3, r7\n\t"
+ "ldm %[r], {%[r], %[a], %[b], r3}\n\t"
+ "str r6, [sp, #64]\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r7, #0\n\t"
+ "umlal r8, r7, %[r], r6\n\t"
+ "umaal r9, r7, %[a], r6\n\t"
+ "str r8, [sp, #16]\n\t"
+ "umaal r10, r7, %[b], r6\n\t"
+ "umaal r11, r7, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r8, #0\n\t"
+ "umlal r9, r8, %[r], r6\n\t"
+ "umaal r10, r8, %[a], r6\n\t"
+ "str r9, [sp, #20]\n\t"
+ "umaal r11, r8, %[b], r6\n\t"
+ "umaal r12, r8, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r9, #0\n\t"
+ "umlal r10, r9, %[r], r6\n\t"
+ "umaal r11, r9, %[a], r6\n\t"
+ "str r10, [sp, #24]\n\t"
+ "umaal r12, r9, %[b], r6\n\t"
+ "umaal r4, r9, r3, r6\n\t"
+ "ldm lr!, {r6}\n\t"
+ "mov r10, #0\n\t"
+ "umlal r11, r10, %[r], r6\n\t"
+ "umaal r12, r10, %[a], r6\n\t"
+ "str r11, [sp, #28]\n\t"
+ "umaal r4, r10, %[b], r6\n\t"
+ "umaal r5, r10, r3, r6\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r12, r7, %[r], r11\n\t"
+ "umaal r4, r7, %[a], r11\n\t"
+ "ldr r6, [sp, #64]\n\t"
+ "umaal r5, r7, %[b], r11\n\t"
+ "umaal r6, r7, r3, r11\n\t"
+ "ldm lr!, {r11}\n\t"
+ "umaal r4, r8, %[r], r11\n\t"
+ "umaal r5, r8, %[a], r11\n\t"
+ "umaal r6, r8, %[b], r11\n\t"
+ "umaal r7, r8, r3, r11\n\t"
+ "ldm lr, {r11, lr}\n\t"
+ "umaal r5, r9, %[r], r11\n\t"
+ "umaal r6, r10, %[r], lr\n\t"
+ "umaal r6, r9, %[a], r11\n\t"
+ "umaal r7, r10, %[a], lr\n\t"
+ "umaal r7, r9, %[b], r11\n\t"
+ "umaal r8, r10, %[b], lr\n\t"
+ "umaal r8, r9, r3, r11\n\t"
+ "umaal r9, r10, r3, lr\n\t"
+ "mov r3, r12\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* Start Reduction */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
+ "adcs r9, r9, r6\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
+ "adcs r3, r3, r6\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
+ "adcs r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
+ "sbcs r7, r7, r12\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc lr, lr, #0\n\t"
+ /* mask m and sub from result if overflow */
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[r], [sp, #68]\n\t"
+ "stm %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x4c\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+ );
(void)m_p;
(void)mp_p;
}
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
*
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x44\n\t"
+ "sub sp, sp, #0x44\n\t"
"mov r5, #0\n\t"
/* A[0] * A[1] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r9, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -67997,13 +69260,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r9, r9, r3\n\t"
"adc r10, r10, r4\n\t"
-#else
- "umull r9, r10, r6, r7\n\t"
-#endif
"str r9, [sp, #4]\n\t"
/* A[0] * A[2] */
"ldr r7, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68029,15 +69288,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r10, r10, r3\n\t"
"adc lr, lr, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adc lr, r4, #0\n\t"
-#endif
"str r10, [sp, #8]\n\t"
/* A[0] * A[3] */
"ldr r7, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68063,15 +69316,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds lr, lr, r3\n\t"
"adc r8, r8, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adc r8, r4, #0\n\t"
-#endif
/* A[1] * A[2] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68100,16 +69347,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, #0\n\t"
-#endif
"str lr, [sp, #12]\n\t"
/* A[1] * A[3] */
"ldr r7, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68134,15 +69374,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r8, r8, r3\n\t"
"adc r9, r9, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adc r9, r4, r9\n\t"
-#endif
/* A[0] * A[4] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68171,16 +69405,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
-#endif
"str r8, [sp, #16]\n\t"
/* A[0] * A[5] */
"ldr r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68205,15 +69432,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r9, r9, r3\n\t"
"adc r10, r10, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adc r10, r4, r10\n\t"
-#endif
/* A[1] * A[4] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68242,16 +69463,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, #0\n\t"
-#endif
/* A[2] * A[3] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68280,16 +69494,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
"str r9, [sp, #20]\n\t"
/* A[2] * A[4] */
"ldr r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68318,16 +69525,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, #0\n\t"
-#endif
/* A[1] * A[5] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68356,16 +69556,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
/* A[0] * A[6] */
"ldr r6, [%[a]]\n\t"
"ldr r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68394,16 +69587,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
"str r10, [sp, #24]\n\t"
/* A[0] * A[7] */
"ldr r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68432,16 +69618,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, #0\n\t"
-#endif
/* A[1] * A[6] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68470,16 +69649,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[2] * A[5] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68508,16 +69680,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
/* A[3] * A[4] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68546,16 +69711,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
"str lr, [sp, #28]\n\t"
/* A[3] * A[5] */
"ldr r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68584,16 +69742,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
-#endif
/* A[2] * A[6] */
"ldr r6, [%[a], #8]\n\t"
"ldr r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68622,16 +69773,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
/* A[1] * A[7] */
"ldr r6, [%[a], #4]\n\t"
"ldr r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68660,16 +69804,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
-#endif
"str r8, [sp, #32]\n\t"
/* A[2] * A[7] */
"ldr r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68698,16 +69835,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, #0\n\t"
-#endif
/* A[3] * A[6] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68736,16 +69866,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
/* A[4] * A[5] */
"ldr r6, [%[a], #16]\n\t"
"ldr r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68774,16 +69897,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r9, r9, r3\n\t"
"adcs r10, r10, r4\n\t"
"adc lr, lr, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r4, r10\n\t"
- "adc lr, r5, lr\n\t"
-#endif
"str r9, [sp, #36]\n\t"
/* A[4] * A[6] */
"ldr r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68812,16 +69928,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, #0\n\t"
-#endif
/* A[3] * A[7] */
"ldr r6, [%[a], #12]\n\t"
"ldr r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68850,16 +69959,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r10, r10, r3\n\t"
"adcs lr, lr, r4\n\t"
"adc r8, r8, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r10, r10, r3\n\t"
- "adcs lr, r4, lr\n\t"
- "adc r8, r5, r8\n\t"
-#endif
"str r10, [sp, #40]\n\t"
/* A[4] * A[7] */
"ldr r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68888,16 +69990,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, #0\n\t"
-#endif
/* A[5] * A[6] */
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68926,16 +70021,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds lr, lr, r3\n\t"
"adcs r8, r8, r4\n\t"
"adc r9, r9, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds lr, lr, r3\n\t"
- "adcs r8, r4, r8\n\t"
- "adc r9, r5, r9\n\t"
-#endif
"str lr, [sp, #44]\n\t"
/* A[5] * A[7] */
"ldr r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68964,16 +70052,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"adds r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
"adc r10, r10, #0\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r8, r8, r3\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
-#endif
"str r8, [sp, #48]\n\t"
/* A[6] * A[7] */
"ldr r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r3, r6, #16\n\t"
"lsl r4, r7, #16\n\t"
"lsr r3, r3, #16\n\t"
@@ -68998,11 +70079,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r3, r3, #16\n\t"
"adds r9, r9, r3\n\t"
"adc r10, r10, r4\n\t"
-#else
- "umull r3, r4, r6, r7\n\t"
- "adds r9, r9, r3\n\t"
- "adc r10, r4, r10\n\t"
-#endif
"str r9, [sp, #52]\n\t"
"str r10, [sp, #56]\n\t"
/* Double */
@@ -69055,7 +70131,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"ldr r12, [sp, #12]\n\t"
/* A[0] * A[0] */
"ldr r6, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69066,12 +70141,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adds r8, r8, r6\n\t"
"adc r9, r9, r7\n\t"
-#else
- "umull r8, r9, r6, r6\n\t"
-#endif
/* A[1] * A[1] */
"ldr r6, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69082,9 +70153,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adds r10, r10, r6\n\t"
"adc lr, lr, r7\n\t"
-#else
- "umull r10, lr, r6, r6\n\t"
-#endif
"adds r9, r9, r4\n\t"
"adcs r10, r10, r5\n\t"
"adcs lr, lr, r12\n\t"
@@ -69098,7 +70166,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"ldr r12, [sp, #28]\n\t"
/* A[2] * A[2] */
"ldr r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69109,12 +70176,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adcs r8, r8, r6\n\t"
"adc r9, r9, r7\n\t"
-#else
- "umull r8, r9, r6, r6\n\t"
-#endif
/* A[3] * A[3] */
"ldr r6, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69125,10 +70188,7 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adds r10, r10, r6\n\t"
"adc lr, lr, r7\n\t"
-#else
- "umull r10, lr, r6, r6\n\t"
-#endif
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"adcs r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
#else
@@ -69147,7 +70207,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"ldr r12, [sp, #44]\n\t"
/* A[4] * A[4] */
"ldr r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69158,12 +70217,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adcs r8, r8, r6\n\t"
"adc r9, r9, r7\n\t"
-#else
- "umull r8, r9, r6, r6\n\t"
-#endif
/* A[5] * A[5] */
"ldr r6, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69174,10 +70229,7 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adds r10, r10, r6\n\t"
"adc lr, lr, r7\n\t"
-#else
- "umull r10, lr, r6, r6\n\t"
-#endif
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"adcs r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
#else
@@ -69196,7 +70248,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"ldr r12, [sp, #60]\n\t"
/* A[6] * A[6] */
"ldr r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69207,12 +70258,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adcs r8, r8, r6\n\t"
"adc r9, r9, r7\n\t"
-#else
- "umull r8, r9, r6, r6\n\t"
-#endif
/* A[7] * A[7] */
"ldr r6, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -69223,10 +70270,7 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"lsl r6, r6, #17\n\t"
"adds r10, r10, r6\n\t"
"adc lr, lr, r7\n\t"
-#else
- "umull r10, lr, r6, r6\n\t"
-#endif
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"adcs r8, r8, r3\n\t"
"adcs r9, r9, r4\n\t"
#else
@@ -69239,165 +70283,746 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
"str r9, [sp, #52]\n\t"
"str r10, [sp, #56]\n\t"
"str lr, [sp, #60]\n\t"
+ "str %[r], [sp, #64]\n\t"
/* Start Reduction */
- "ldr r4, [sp]\n\t"
- "ldr r5, [sp, #4]\n\t"
- "ldr r6, [sp, #8]\n\t"
- "ldr r7, [sp, #12]\n\t"
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
- "ldr r10, [sp, #24]\n\t"
- "ldr lr, [sp, #28]\n\t"
- /* mu = a[0..7] + a[0..4] << 96 + (a[0..1] * 2) << 192 */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
/* - a[0] << 224 */
- /* + (a[0..1] * 2) << (6 * 32) */
- "adds r10, r10, r4\n\t"
- "adc lr, lr, r5\n\t"
- "adds r10, r10, r4\n\t"
- "adc lr, lr, r5\n\t"
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
/* - a[0] << (7 * 32) */
- "sub lr, lr, r4\n\t"
- /* + a[0..4] << (3 * 32) */
- "mov %[a], r7\n\t"
- "mov r12, r8\n\t"
- "adds r7, r7, r4\n\t"
- "adcs r8, r8, r5\n\t"
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
"adcs r9, r9, r6\n\t"
- "adcs r10, r10, %[a]\n\t"
- "adc lr, lr, r12\n\t"
- "str r7, [sp, #12]\n\t"
- "str r8, [sp, #16]\n\t"
- "str r9, [sp, #20]\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
/* a += mu * m */
/* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
- /* a[6] += t[0] + t[3] */
- /* a[7] += t[1] + t[4] */
- "ldr %[a], [sp, #24]\n\t"
- "ldr r2, [sp, #28]\n\t"
- "adds %[a], %[a], r4\n\t"
- "adcs r2, r2, r5\n\t"
- "mov r12, #0\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r7\n\t"
- "adcs r2, r2, r8\n\t"
- "adc r12, r12, #0\n\t"
- "str r10, [sp, #24]\n\t"
- "str lr, [sp, #28]\n\t"
- "str r2, [sp, #64]\n\t"
- /* a[8] += t[0] + t[2] + t[5] */
- /* a[9] += t[1] + t[3] + t[6] */
- /* a[10] += t[2] + t[4] + t[7] */
- "ldr %[a], [sp, #32]\n\t"
- "ldr r2, [sp, #36]\n\t"
- "ldr r3, [sp, #40]\n\t"
- "adds %[a], %[a], r12\n\t"
- "adcs r2, r2, #0\n\t"
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
"adcs r3, r3, #0\n\t"
- "mov r12, #0\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r4\n\t"
- "adcs r2, r2, r5\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
"adcs r3, r3, r6\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r6\n\t"
- "adcs r2, r2, r7\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
"adcs r3, r3, r8\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r9\n\t"
- "adcs r2, r2, r10\n\t"
- "adcs r3, r3, lr\n\t"
- "adc r12, r12, #0\n\t"
- "str %[a], [sp, #32]\n\t"
- "str r2, [sp, #36]\n\t"
- "str r3, [sp, #40]\n\t"
- /* a[11] += t[3] + t[5] */
- /* a[12] += t[4] + t[6] */
- /* a[13] += t[5] + t[7] */
- /* a[14] += t[6] */
- /* a[15] += t[7] */
- "ldr %[a], [sp, #44]\n\t"
- "ldr r2, [sp, #48]\n\t"
- "ldr r3, [sp, #52]\n\t"
- "ldr r4, [sp, #56]\n\t"
- "ldr r5, [sp, #60]\n\t"
- "adds %[a], %[a], r12\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
"adcs r2, r2, #0\n\t"
"adcs r3, r3, #0\n\t"
"adcs r4, r4, #0\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r12, #0\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r7\n\t"
- "adcs r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adcs r5, r5, lr\n\t"
- "adc r12, r12, #0\n\t"
- "adds %[a], %[a], r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
"adcs r2, r2, r10\n\t"
- "adcs r3, r3, lr\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
"adcs r4, r4, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
+ "sbcs r7, r7, r12\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc lr, lr, #0\n\t"
+ /* mask m and sub from result if overflow */
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "stm %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r12", "r8", "r9", "r10", "lr", "cc"
+ );
+ (void)m_p;
+ (void)mp_p;
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
+ *
+ * r Result of squaring.
+ * a Number to square in Montgomery form.
+ * m Modulus (prime).
+ * mp Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str %[r], [sp, #64]\n\t"
+ "mov %[r], #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ /* A[0] * A[1] */
+ "ldr lr, [%[a], #4]\n\t"
+ "umull r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "ldr lr, [%[a], #12]\n\t"
+ "umull r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "umull r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "umull r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ "adcs r3, r3, #0\n\t"
+ "str r4, [sp, #4]\n\t"
+ "str r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "ldr r12, [%[a], #4]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "str r6, [sp, #12]\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "ldr lr, [%[a], #12]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, lr\n\t"
+ "str r7, [sp, #16]\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r4, %[r], #0\n\t"
+ "umlal r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "ldr r12, [%[a], #8]\n\t"
+ "ldr lr, [%[a], #12]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r8, r11, r12, lr\n\t"
+ "str r8, [sp, #20]\n\t"
+ "adds r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "ldr lr, [%[a], #16]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, lr\n\t"
+ "str r9, [sp, #24]\n\t"
+ "adds r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r5, %[r], #0\n\t"
+ "umlal r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "ldr r12, [%[a], #12]\n\t"
+ "ldr lr, [%[a], #16]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r10, r11, r12, lr\n\t"
+ "str r10, [sp, #28]\n\t"
+ "adds r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "ldr lr, [%[a], #20]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, lr\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r6, %[r], #0\n\t"
+ "umlal r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "ldr r12, [%[a], #16]\n\t"
+ "ldr lr, [%[a], #20]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r4, r11, r12, lr\n\t"
+ "adds r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "ldr lr, [%[a], #24]\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, lr\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r7, %[r], #0\n\t"
+ "umlal r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "ldr r12, [%[a], #20]\n\t"
+ "ldr lr, [%[a], #24]\n\t"
+ "mov r11, #0\n\t"
+ "umlal r6, r11, r12, lr\n\t"
+ "adds r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "ldr lr, [%[a], #28]\n\t"
+ "adc r8, %[r], #0\n\t"
+ "umlal r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "ldr r12, [%[a], #24]\n\t"
+ "ldr lr, [%[a], #28]\n\t"
+ "mov r9, #0\n\t"
+ "umlal r8, r9, r12, lr\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "adds r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adcs r10, r10, r10\n\t"
+ "stm lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "adcs r3, r3, r3\n\t"
+ "adcs r4, r4, r4\n\t"
+ "adcs r5, r5, r5\n\t"
+ "adcs r6, r6, r6\n\t"
+ "adcs r7, r7, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "adcs r9, r9, r9\n\t"
+ "adc r10, %[r], #0\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "add lr, sp, #4\n\t"
+ "ldm lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "mov lr, sp\n\t"
+ /* A[0] * A[0] */
+ "ldr r12, [%[a]]\n\t"
+ "umull r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "ldr r12, [%[a], #4]\n\t"
"adcs r5, r5, #0\n\t"
- "adc r12, r12, #0\n\t"
- "str %[a], [sp, #44]\n\t"
- "str r2, [sp, #48]\n\t"
- "str r3, [sp, #52]\n\t"
- "str r4, [sp, #56]\n\t"
- "str r5, [sp, #60]\n\t"
- "ldr %[a], [sp, #64]\n\t"
- "ldr r2, [sp, #32]\n\t"
- "ldr r3, [sp, #36]\n\t"
- "ldr r4, [sp, #40]\n\t"
- "ldr r8, [sp]\n\t"
- "ldr r9, [sp, #4]\n\t"
- "ldr r10, [sp, #8]\n\t"
- "ldr lr, [sp, #12]\n\t"
- "subs %[a], %[a], r8\n\t"
- "sbcs r2, r2, r9\n\t"
- "sbcs r3, r3, r10\n\t"
- "sbcs r4, r4, lr\n\t"
- "str r2, [sp, #32]\n\t"
- "str r3, [sp, #36]\n\t"
- "str r4, [sp, #40]\n\t"
- "ldr %[a], [sp, #44]\n\t"
- "ldr r2, [sp, #48]\n\t"
- "ldr r3, [sp, #52]\n\t"
- "ldr r4, [sp, #56]\n\t"
- "ldr r5, [sp, #60]\n\t"
- "ldr r8, [sp, #16]\n\t"
- "ldr r9, [sp, #20]\n\t"
- "ldr r10, [sp, #24]\n\t"
- "ldr lr, [sp, #28]\n\t"
- "sbcs %[a], %[a], r8\n\t"
- "sbcs r2, r2, r9\n\t"
- "sbcs r3, r3, r10\n\t"
- "sbcs r4, r4, lr\n\t"
- "sbc r5, r5, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "ldr r12, [%[a], #8]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "ldr r12, [%[a], #12]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r9, r11, r12, r12\n\t"
+ "adds r10, r10, r11\n\t"
+ "stm lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ldm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "ldr r12, [%[a], #16]\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r3, r11, r12, r12\n\t"
+ "adds r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "ldr r12, [%[a], #20]\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r5, r11, r12, r12\n\t"
+ "adds r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "ldr r12, [%[a], #24]\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r11, %[r], #0\n\t"
+ "umlal r7, r11, r12, r12\n\t"
+ "adds r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "ldr r12, [%[a], #28]\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adc r10, r10, #0\n\t"
+ "umlal r9, r10, r12, r12\n\t"
+ "add lr, sp, #32\n\t"
+ "stm lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* Start Reduction */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
+ "adcs r9, r9, r6\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
+ "adcs r3, r3, r6\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
+ "adcs r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
+ "sbcs r7, r7, r12\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc lr, lr, #0\n\t"
/* mask m and sub from result if overflow */
- "rsb r12, r12, #0\n\t"
- "and lr, r12, #1\n\t"
- "ldr r6, [sp, #32]\n\t"
- "ldr r7, [sp, #36]\n\t"
- "ldr r8, [sp, #40]\n\t"
- "subs r6, r6, r12\n\t"
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "stm %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ (void)m_p;
+ (void)mp_p;
+}
+
+#else
+/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
+ *
+ * r Result of squaring.
+ * a Number to square in Montgomery form.
+ * m Modulus (prime).
+ * mp Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str %[r], [sp, #64]\n\t"
+ "ldm %[a], {%[r], %[a], r2, r3, r4, r5, r6, r7}\n\t"
+ "umull r9, r10, %[r], %[r]\n\t"
+ "umull r11, r12, %[r], %[a]\n\t"
+ "adds r11, r11, r11\n\t"
+ "mov lr, #0\n\t"
+ "umaal r10, r11, lr, lr\n\t"
+ "stm sp, {r9, r10}\n\t"
+ "mov r8, lr\n\t"
+ "umaal r8, r12, %[r], r2\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r8, r11, %[a], %[a]\n\t"
+ "umull r9, r10, %[r], r3\n\t"
+ "umaal r9, r12, %[a], r2\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "str r8, [sp, #8]\n\t"
+ "str r9, [sp, #12]\n\t"
+#else
+ "strd r8, r9, [sp, #8]\n\t"
+#endif
+ "mov r9, lr\n\t"
+ "umaal r9, r10, %[r], r4\n\t"
+ "umaal r9, r12, %[a], r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r2, r2\n\t"
+ "str r9, [sp, #16]\n\t"
+ "umull r9, r8, %[r], r5\n\t"
+ "umaal r9, r12, %[a], r4\n\t"
+ "umaal r9, r10, r2, r3\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, lr, lr\n\t"
+ "str r9, [sp, #20]\n\t"
+ "mov r9, lr\n\t"
+ "umaal r9, r8, %[r], r6\n\t"
+ "umaal r9, r12, %[a], r5\n\t"
+ "umaal r9, r10, r2, r4\n\t"
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r11, r3, r3\n\t"
+ "str r9, [sp, #24]\n\t"
+ "umull %[r], r9, %[r], r7\n\t"
+ "umaal %[r], r8, %[a], r6\n\t"
+ "umaal %[r], r12, r2, r5\n\t"
+ "umaal %[r], r10, r3, r4\n\t"
+ "adcs %[r], %[r], %[r]\n\t"
+ "umaal %[r], r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "umaal r9, r8, %[a], r7\n\t"
+ "umaal r9, r10, r2, r6\n\t"
+ "umaal r12, r9, r3, r5\n\t"
+ "adcs r12, r12, r12\n\t"
+ "umaal r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "umaal r9, r8, r2, r7\n\t"
+ "umaal r10, r9, r3, r6\n\t"
+ "mov r2, lr\n\t"
+ "umaal r10, r2, r4, r5\n\t"
+ "adcs r10, r10, r10\n\t"
+ "umaal r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "umaal r2, r8, r3, r7\n\t"
+ "umaal r2, r9, r4, r6\n\t"
+ "adcs r3, r2, r2\n\t"
+ "umaal r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "mov %[a], lr\n\t"
+ "umaal %[a], r8, r4, r7\n\t"
+ "umaal %[a], r9, r5, r6\n\t"
+ "adcs r4, %[a], %[a]\n\t"
+ "umaal r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "umaal r8, r9, r5, r7\n\t"
+ "adcs r8, r8, r8\n\t"
+ "umaal r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "mov r5, lr\n\t"
+ "umaal r5, r9, r6, r7\n\t"
+ "adcs r5, r5, r5\n\t"
+ "umaal r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "adcs r9, r9, r9\n\t"
+ "umaal r9, r5, r7, r7\n\t"
+ "adcs r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ "mov lr, sp\n\t"
+ "add lr, lr, #28\n\t"
+ "stm lr!, {%[r], r12}\n\t"
+ "stm lr!, {r11}\n\t"
+ "stm lr!, {r10}\n\t"
+ "stm lr!, {r3, r4, r8, r9}\n\t"
+ "stm lr!, {r7}\n\t"
+ /* Start Reduction */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
+ "adcs r9, r9, r6\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
+ "adcs r3, r3, r6\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
+ "adcs r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
"sbcs r7, r7, r12\n\t"
- "sbcs r8, r8, r12\n\t"
- "sbcs %[a], %[a], #0\n\t"
- "sbcs r2, r2, #0\n\t"
- "sbcs r3, r3, #0\n\t"
- "sbcs r4, r4, lr\n\t"
- "sbc r5, r5, r12\n\t"
- "stm %[r]!, {r6, r7, r8}\n\t"
- "stm %[r]!, {%[a], r2, r3, r4, r5}\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbc lr, lr, #0\n\t"
+ /* mask m and sub from result if overflow */
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[r], [sp, #64]\n\t"
+ "stm %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
"add sp, sp, #0x44\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r12", "r8", "r9", "r10", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
(void)m_p;
(void)mp_p;
}
+#endif
#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
*
@@ -69405,10 +71030,10 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_8(r, a, m, mp);
for (; n > 1; n--) {
@@ -69503,8 +71128,8 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
*/
static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -69623,7 +71248,7 @@ static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -69645,10 +71270,10 @@ static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -69669,7 +71294,7 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -69685,10 +71310,10 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
*/
static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -69723,7 +71348,7 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -69732,6 +71357,7 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
#ifndef WOLFSSL_SP_SMALL
#define sp_256_mont_reduce_order_8 sp_256_mont_reduce_8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 256 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -69740,12 +71366,12 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
*/
static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -69758,10 +71384,9 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -69785,14 +71410,8 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -69816,18 +71435,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -69851,17 +71464,11 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -69885,18 +71492,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -69920,18 +71521,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -69955,18 +71550,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -69990,22 +71579,16 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #28]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #28]\n\t"
+#else
+ "ldr r7, [%[m], #28]\n\t"
#endif
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -70036,13 +71619,6 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r7, r3\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"ldr r10, [%[a], #32]\n\t"
@@ -70054,17 +71630,18 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
"add %[a], %[a], #4\n\t"
"cmp r9, #32\n\t"
"blt L_sp_256_mont_reduce_8_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
}
-#else
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
/* Reduce the number back to 256 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -70073,103 +71650,338 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
*/
static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
- "mov r1, #0\n\t"
- /* # i = 0 */
- "mov r8, #0\n\t"
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
"\n"
"L_sp_256_mont_reduce_8_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
"mov r4, #0\n\t"
- /* mu = a[i] * 1 (mp) = a[i] */
- "ldr r2, [%[a]]\n\t"
- /* a[i+0] += -1 * mu */
- "mov r5, r2\n\t"
- "str r4, [%[a]]\n\t"
- /* a[i+1] += -1 * mu */
- "ldr r6, [%[a], #4]\n\t"
- "mov r4, r2\n\t"
- "subs r5, r5, r2\n\t"
- "sbc r4, r4, #0\n\t"
- "adds r5, r5, r6\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
- "str r5, [%[a], #4]\n\t"
- /* a[i+2] += -1 * mu */
- "ldr r6, [%[a], #8]\n\t"
- "mov r5, r2\n\t"
- "subs r4, r4, r2\n\t"
- "sbc r5, r5, #0\n\t"
- "adds r4, r4, r6\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
- "str r4, [%[a], #8]\n\t"
- /* a[i+3] += 0 * mu */
- "ldr r6, [%[a], #12]\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
"mov r4, #0\n\t"
- "adds r5, r5, r6\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
- "str r5, [%[a], #12]\n\t"
- /* a[i+4] += 0 * mu */
- "ldr r6, [%[a], #16]\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
"mov r5, #0\n\t"
- "adds r4, r4, r6\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
- "str r4, [%[a], #16]\n\t"
- /* a[i+5] += 0 * mu */
- "ldr r6, [%[a], #20]\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
"mov r4, #0\n\t"
- "adds r5, r5, r6\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
- "str r5, [%[a], #20]\n\t"
- /* a[i+6] += 1 * mu */
- "ldr r6, [%[a], #24]\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
"mov r5, #0\n\t"
- "adds r4, r4, r2\n\t"
- "adc r5, r5, #0\n\t"
- "adds r4, r4, r6\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
- "str r4, [%[a], #24]\n\t"
- /* a[i+7] += -1 * mu */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r7, [%[a], #32]\n\t"
- "adds r4, r1, r2\n\t"
- "mov r1, #0\n\t"
- "adc r1, r1, r1\n\t"
- "subs r5, r5, r2\n\t"
- "sbcs r4, r4, #0\n\t"
- "sbc r1, r1, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r1, r1, #0\n\t"
- "str r5, [%[a], #28]\n\t"
- "str r4, [%[a], #32]\n\t"
+ "adcs r4, r7, r3\n\t"
+ "mov r3, #0\n\t"
+ "adc r3, r3, r3\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r3, r3, #0\n\t"
/* i += 1 */
- "add r8, r8, #4\n\t"
+ "add r9, r9, #4\n\t"
"add %[a], %[a], #4\n\t"
- "cmp r8, #32\n\t"
+ "cmp r9, #32\n\t"
"blt L_sp_256_mont_reduce_8_word_%=\n\t"
- "mov r2, r1\n\t"
- "sub r1, r1, #1\n\t"
- "mvn r1, r1\n\t"
- "ldm %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
- "sub %[a], %[a], #32\n\t"
- "subs r4, r4, r1\n\t"
- "sbcs r5, r5, r1\n\t"
- "sbcs r6, r6, r1\n\t"
- "sbcs r7, r7, #0\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_8_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #32]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #32]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #32\n\t"
+ "blt L_sp_256_mont_reduce_8_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#endif
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+
+ __asm__ __volatile__ (
+ "sub sp, sp, #0x44\n\t"
+ "str %[a], [sp, #64]\n\t"
+ "mov lr, sp\n\t"
+ "ldm %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "stm lr!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ldm %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "stm lr, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ /* Start Reduction */
+ "ldm sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "mov r3, r11\n\t"
+ "mov r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ "adds r11, r11, r5\n\t"
+ "adc r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "sub r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "mov r0, r8\n\t"
+ "mov r1, r9\n\t"
+ "mov r2, r10\n\t"
+ "adds r8, r8, r5\n\t"
+ "adcs r9, r9, r6\n\t"
+ "adcs r10, r10, r7\n\t"
+ "adcs r11, r11, r0\n\t"
+ "adc r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "adds r0, r0, r5\n\t"
+ "adcs r1, r1, r6\n\t"
+ "adcs r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r3, r3, r5\n\t"
+ "adcs r4, r4, r6\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] + carry */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "add r0, sp, #32\n\t"
+ "ldm r0, {r2, r3, r4}\n\t"
+ "adds r2, r2, lr\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r5\n\t"
+ "adcs r3, r3, r6\n\t"
+ "adcs r4, r4, r7\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r7\n\t"
+ "adcs r3, r3, r8\n\t"
+ "adcs r4, r4, r9\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "stm r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "ldm r0, {r0, r1, r2, r3, r4}\n\t"
+ "adds r0, r0, lr\n\t"
+ "adcs r1, r1, #0\n\t"
+ "adcs r2, r2, #0\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "mov lr, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r8\n\t"
+ "adcs r1, r1, r9\n\t"
+ "adcs r2, r2, r10\n\t"
+ "adcs r3, r3, r11\n\t"
+ "adcs r4, r4, r12\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r0, r0, r10\n\t"
+ "adcs r1, r1, r11\n\t"
+ "adcs r2, r2, r12\n\t"
+ "adcs r3, r3, #0\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adc lr, lr, #0\n\t"
+ "str r0, [sp, #44]\n\t"
+ "str r1, [sp, #48]\n\t"
+ "str r2, [sp, #52]\n\t"
+ "str r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "add r0, sp, #28\n\t"
+ "ldm r0, {r0, r1, r2, r3}\n\t"
+ "subs r0, r0, r5\n\t"
+ "sbcs r1, r1, r6\n\t"
+ "sbcs r2, r2, r7\n\t"
+ "sbcs r3, r3, r8\n\t"
+ "add r0, sp, #44\n\t"
+ "mov r8, r4\n\t"
+ "ldm r0, {r4, r5, r6, r7}\n\t"
+ "sbcs r4, r4, r9\n\t"
+ "sbcs r5, r5, r10\n\t"
+ "sbcs r6, r6, r11\n\t"
+ "sbcs r7, r7, r12\n\t"
"sbcs r8, r8, #0\n\t"
- "sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, r2\n\t"
- "sbc r11, r11, r1\n\t"
- "stm %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "sbc lr, lr, #0\n\t"
+ /* mask m and sub from result if overflow */
+ "rsb lr, lr, #0\n\t"
+ "subs r1, r1, lr\n\t"
+ "sbcs r2, r2, lr\n\t"
+ "sbcs r3, r3, lr\n\t"
+ "sbcs r4, r4, #0\n\t"
+ "sbcs r5, r5, #0\n\t"
+ "sbcs r6, r6, #0\n\t"
+ "sbcs r7, r7, lr, lsr #31\n\t"
+ "sbc r8, r8, lr\n\t"
+ "ldr %[a], [sp, #64]\n\t"
+ "stm %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "add sp, sp, #0x44\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
(void)m_p;
(void)mp_p;
}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 256 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -70178,12 +71990,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
*/
static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -70196,10 +72008,9 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -70223,14 +72034,8 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -70254,18 +72059,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -70289,17 +72088,11 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -70323,18 +72116,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -70358,18 +72145,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -70393,18 +72174,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -70428,22 +72203,16 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #28]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #28]\n\t"
+#else
+ "ldr r7, [%[m], #28]\n\t"
#endif
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -70474,13 +72243,109 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #32\n\t"
+ "blt L_sp_256_mont_reduce_order_8_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"ldr r10, [%[a], #32]\n\t"
@@ -70492,16 +72357,103 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
"add %[a], %[a], #4\n\t"
"cmp r9, #32\n\t"
"blt L_sp_256_mont_reduce_order_8_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
}
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #32]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #32]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #32\n\t"
+ "blt L_sp_256_mont_reduce_order_8_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#endif
#endif /* WOLFSSL_SP_SMALL */
/* Map the Montgomery form projective coordinate point to an affine point.
*
@@ -70552,41 +72504,49 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
*/
static void sp_256_mont_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r8, r9, r10, r11}\n\t"
- "ldm %[b]!, {r4, r5, r6, r7}\n\t"
- "adds r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r11, r11, r7\n\t"
- "stm %[r], {r8, r9, r10, r11}\n\t"
- "ldm %[a]!, {r8, r9, r10, r11}\n\t"
- "ldm %[b]!, {r4, r5, r6, r7}\n\t"
+ "mov lr, #0\n\t"
+ "ldm %[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "adds r5, r5, r3\n\t"
+ "adcs r6, r6, r4\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "adcs r7, r7, r3\n\t"
"adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r11, r11, r7\n\t"
- "adc r3, r12, #0\n\t"
- "sub r3, r12, r3\n\t"
- "and r12, r3, #1\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, r3\n\t"
- "sbcs r6, r6, r3\n\t"
- "sbcs r7, r7, #0\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "adcs r9, r9, r3\n\t"
+ "adcs r10, r10, r4\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "adcs r11, r11, r3\n\t"
+ "adcs r12, r12, r4\n\t"
+ "adc lr, lr, #0\n\t"
+ "rsb lr, lr, #0\n\t"
+ "subs r5, r5, lr\n\t"
+ "sbcs r6, r6, lr\n\t"
+ "sbcs r7, r7, lr\n\t"
"sbcs r8, r8, #0\n\t"
"sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, r12\n\t"
- "sbc r11, r11, r3\n\t"
- "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "sbcs r10, r10, #0\n\t"
+ "sbcs r11, r11, lr, lsr #31\n\t"
+ "sbcs r12, r12, lr\n\t"
+ "sbc %[b], %[b], %[b]\n\t"
+ "sub lr, lr, %[b]\n\t"
+ "subs r5, r5, lr\n\t"
+ "sbcs r6, r6, lr\n\t"
+ "sbcs r7, r7, lr\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbcs r9, r9, #0\n\t"
+ "sbcs r10, r10, #0\n\t"
+ "sbcs r11, r11, lr, lsr #31\n\t"
+ "sbc r12, r12, lr\n\t"
+ "stm %[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
(void)m_p;
}
@@ -70599,11 +72559,11 @@ static void sp_256_mont_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
*/
static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
- "mov r3, #0\n\t"
+ "mov r2, #0\n\t"
"ldm %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"adds r4, r4, r4\n\t"
"adcs r5, r5, r5\n\t"
@@ -70613,21 +72573,30 @@ static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"adcs r9, r9, r9\n\t"
"adcs r10, r10, r10\n\t"
"adcs r11, r11, r11\n\t"
- "adc r2, r3, #0\n\t"
- "sub r2, r3, r2\n\t"
- "and r3, r2, #1\n\t"
+ "adc r2, r2, #0\n\t"
+ "rsb r2, r2, #0\n\t"
+ "subs r4, r4, r2\n\t"
+ "sbcs r5, r5, r2\n\t"
+ "sbcs r6, r6, r2\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbcs r9, r9, #0\n\t"
+ "sbcs r10, r10, r2, lsr #31\n\t"
+ "sbcs r11, r11, r2\n\t"
+ "sbc %[a], %[a], %[a]\n\t"
+ "sub r2, r2, %[a]\n\t"
"subs r4, r4, r2\n\t"
"sbcs r5, r5, r2\n\t"
"sbcs r6, r6, r2\n\t"
"sbcs r7, r7, #0\n\t"
"sbcs r8, r8, #0\n\t"
"sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, r3\n\t"
+ "sbcs r10, r10, r2, lsr #31\n\t"
"sbc r11, r11, r2\n\t"
"stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "cc"
);
(void)m_p;
}
@@ -70640,11 +72609,11 @@ static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
*/
static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
- "mov r3, #0\n\t"
+ "mov r12, #0\n\t"
"ldm %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"adds r4, r4, r4\n\t"
"adcs r5, r5, r5\n\t"
@@ -70654,59 +72623,62 @@ static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"adcs r9, r9, r9\n\t"
"adcs r10, r10, r10\n\t"
"adcs r11, r11, r11\n\t"
- "adc r2, r3, #0\n\t"
- "sub r2, r3, r2\n\t"
- "and r3, r2, #1\n\t"
- "subs r4, r4, r2\n\t"
- "sbcs r5, r5, r2\n\t"
- "sbcs r6, r6, r2\n\t"
+ "adc r12, r12, #0\n\t"
+ "rsb r12, r12, #0\n\t"
+ "subs r4, r4, r12\n\t"
+ "sbcs r5, r5, r12\n\t"
+ "sbcs r6, r6, r12\n\t"
"sbcs r7, r7, #0\n\t"
"sbcs r8, r8, #0\n\t"
"sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, r3\n\t"
- "sbc r11, r11, r2\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
-#else
- "strd r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
-#else
- "strd r10, r11, [%[r], #24]\n\t"
-#endif
- "mov r3, #0\n\t"
- "ldm %[a]!, {r8, r9, r10, r11}\n\t"
- "adds r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r11, r11, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r11}\n\t"
- "ldm %[a]!, {r8, r9, r10, r11}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r11, r11, r7\n\t"
- "sub %[r], %[r], #16\n\t"
- "adc r2, r3, #0\n\t"
- "sub r2, r3, r2\n\t"
- "and r3, r2, #1\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "subs r4, r4, r2\n\t"
- "sbcs r5, r5, r2\n\t"
- "sbcs r6, r6, r2\n\t"
+ "sbcs r10, r10, r12, lsr #31\n\t"
+ "sbcs r11, r11, r12\n\t"
+ "sbc r2, r2, r2\n\t"
+ "sub r12, r12, r2\n\t"
+ "subs r4, r4, r12\n\t"
+ "sbcs r5, r5, r12\n\t"
+ "sbcs r6, r6, r12\n\t"
"sbcs r7, r7, #0\n\t"
"sbcs r8, r8, #0\n\t"
"sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, r3\n\t"
- "sbc r11, r11, r2\n\t"
+ "sbcs r10, r10, r12, lsr #31\n\t"
+ "sbc r11, r11, r12\n\t"
+ "ldm %[a]!, {r2, r3}\n\t"
+ "adds r4, r4, r2\n\t"
+ "adcs r5, r5, r3\n\t"
+ "ldm %[a]!, {r2, r3}\n\t"
+ "adcs r6, r6, r2\n\t"
+ "adcs r7, r7, r3\n\t"
+ "ldm %[a]!, {r2, r3}\n\t"
+ "adcs r8, r8, r2\n\t"
+ "adcs r9, r9, r3\n\t"
+ "ldm %[a]!, {r2, r3}\n\t"
+ "adcs r10, r10, r2\n\t"
+ "adcs r11, r11, r3\n\t"
+ "adc r12, r12, #0\n\t"
+ "rsb r12, r12, #0\n\t"
+ "subs r4, r4, r12\n\t"
+ "sbcs r5, r5, r12\n\t"
+ "sbcs r6, r6, r12\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbcs r9, r9, #0\n\t"
+ "sbcs r10, r10, r12, lsr #31\n\t"
+ "sbcs r11, r11, r12\n\t"
+ "sbc r2, r2, r2\n\t"
+ "sub r12, r12, r2\n\t"
+ "subs r4, r4, r12\n\t"
+ "sbcs r5, r5, r12\n\t"
+ "sbcs r6, r6, r12\n\t"
+ "sbcs r7, r7, #0\n\t"
+ "sbcs r8, r8, #0\n\t"
+ "sbcs r9, r9, #0\n\t"
+ "sbcs r10, r10, r12, lsr #31\n\t"
+ "sbc r11, r11, r12\n\t"
"stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "r12", "cc"
);
(void)m_p;
}
@@ -70720,86 +72692,90 @@ static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
*/
static void sp_256_mont_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r8, r9, r10, r11}\n\t"
- "ldm %[b]!, {r4, r5, r6, r7}\n\t"
- "subs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r11, r11, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r11}\n\t"
- "ldm %[a]!, {r8, r9, r10, r11}\n\t"
- "ldm %[b]!, {r4, r5, r6, r7}\n\t"
+ "mov lr, #0\n\t"
+ "ldm %[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "subs r5, r5, r3\n\t"
+ "sbcs r6, r6, r4\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "sbcs r7, r7, r3\n\t"
"sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r11, r11, r7\n\t"
- "sbc r3, r12, #0\n\t"
- "sub %[r], %[r], #16\n\t"
- "and r12, r3, #1\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adds r4, r4, r3\n\t"
- "adcs r5, r5, r3\n\t"
- "adcs r6, r6, r3\n\t"
- "adcs r7, r7, #0\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "sbcs r9, r9, r3\n\t"
+ "sbcs r10, r10, r4\n\t"
+ "ldm %[b]!, {r3, r4}\n\t"
+ "sbcs r11, r11, r3\n\t"
+ "sbcs r12, r12, r4\n\t"
+ "sbc lr, lr, #0\n\t"
+ "adds r5, r5, lr\n\t"
+ "adcs r6, r6, lr\n\t"
+ "adcs r7, r7, lr\n\t"
"adcs r8, r8, #0\n\t"
"adcs r9, r9, #0\n\t"
- "adcs r10, r10, r12\n\t"
- "adc r11, r11, r3\n\t"
- "stm %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, lr, lsr #31\n\t"
+ "adcs r12, r12, lr\n\t"
+ "adc lr, lr, #0\n\t"
+ "adds r5, r5, lr\n\t"
+ "adcs r6, r6, lr\n\t"
+ "adcs r7, r7, lr\n\t"
+ "adcs r8, r8, #0\n\t"
+ "adcs r9, r9, #0\n\t"
+ "adcs r10, r10, #0\n\t"
+ "adcs r11, r11, lr, lsr #31\n\t"
+ "adc r12, r12, lr\n\t"
+ "stm %[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
(void)m_p;
}
-#define sp_256_mont_sub_lower_8 sp_256_mont_sub_8
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
*
* r Result of division by 2.
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_256_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+static void sp_256_mont_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"ldm %[a], {r4, r5, r6, r7}\n\t"
"and r3, r4, #1\n\t"
- "sub r8, r10, r3\n\t"
- "and r9, r8, #1\n\t"
+ "rsb r8, r3, #0\n\t"
"adds r4, r4, r8\n\t"
"adcs r5, r5, r8\n\t"
"adcs r6, r6, r8\n\t"
- "adcs r7, r7, r10\n\t"
+ "adcs r7, r7, #0\n\t"
"stm %[r], {r4, r5, r6, r7}\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a], #16]\n\t"
"ldr r5, [%[a], #20]\n\t"
#else
"ldrd r4, r5, [%[a], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[a], #24]\n\t"
"ldr r7, [%[a], #28]\n\t"
#else
"ldrd r6, r7, [%[a], #24]\n\t"
#endif
- "adcs r4, r4, r10\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r9\n\t"
+ "adcs r4, r4, #0\n\t"
+ "adcs r5, r5, #0\n\t"
+ "adcs r6, r6, r8, lsr #31\n\t"
"adcs r7, r7, r8\n\t"
- "adc r3, r10, r10\n\t"
+ "mov r3, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r8, r4, #1\n\t"
"lsr r9, r5, #1\n\t"
"lsr r10, r6, #1\n\t"
@@ -70809,13 +72785,13 @@ static void sp_256_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_
"orr r10, r10, r7, lsl #31\n\t"
"orr r11, r11, r3, lsl #31\n\t"
"mov r3, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #16]\n\t"
"str r9, [%[r], #20]\n\t"
#else
"strd r8, r9, [%[r], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [%[r], #24]\n\t"
"str r11, [%[r], #28]\n\t"
#else
@@ -70833,7 +72809,7 @@ static void sp_256_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_
"stm %[r], {r8, r9, r10, r11}\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "cc"
);
}
@@ -70881,7 +72857,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_8(t2, t2, p256_mod);
+ sp_256_mont_div2_8(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
@@ -70891,7 +72867,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
/* X = X - Y */
sp_256_mont_sub_8(x, x, y, p256_mod);
/* Y = Y - X */
- sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+ sp_256_mont_sub_8(y, y, x, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -70914,7 +72890,8 @@ typedef struct sp_256_proj_point_dbl_8_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
@@ -70988,7 +72965,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_8(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -71013,7 +72990,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 16:
/* Y = Y - X */
- sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -71074,12 +73051,12 @@ static int sp_256_iszero_8(const sp_digit* a)
static void sp_256_proj_point_add_8(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*8;
- sp_digit* t3 = t + 4*8;
- sp_digit* t4 = t + 6*8;
- sp_digit* t5 = t + 8*8;
- sp_digit* t6 = t + 10*8;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*8;
+ sp_digit* t2 = t + 4*8;
+ sp_digit* t3 = t + 6*8;
+ sp_digit* t4 = t + 8*8;
+ sp_digit* t5 = t + 10*8;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
@@ -71101,17 +73078,9 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
sp_256_proj_point_dbl_8(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_8(t2, t2, t1, p256_mod);
@@ -71130,20 +73099,31 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
sp_256_mont_dbl_8(t3, y, p256_mod);
sp_256_mont_sub_8(x, x, t3, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+ sp_256_mont_sub_8(y, y, x, p256_mod);
sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(y, y, t5, p256_mod);
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -71189,12 +73169,12 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*8;
- ctx->t3 = t + 4*8;
- ctx->t4 = t + 6*8;
- ctx->t5 = t + 8*8;
- ctx->t6 = t + 10*8;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*8;
+ ctx->t2 = t + 4*8;
+ ctx->t3 = t + 6*8;
+ ctx->t4 = t + 8*8;
+ ctx->t5 = t + 10*8;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -71301,7 +73281,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -71314,22 +73294,28 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -71349,7 +73335,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
@@ -71601,8 +73587,6 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
}
#ifdef FP_ECC
-#define sp_256_mont_dbl_lower_8 sp_256_mont_dbl_8
-#define sp_256_mont_tpl_lower_8 sp_256_mont_tpl_8
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -71641,7 +73625,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+ sp_256_mont_tpl_8(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -71650,8 +73634,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_dbl_8(t2, b, p256_mod);
sp_256_mont_sub_8(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+ sp_256_mont_sub_8(t2, b, x, p256_mod);
+ sp_256_mont_dbl_8(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -71671,7 +73655,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+ sp_256_mont_tpl_8(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -71680,8 +73664,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_dbl_8(t2, b, p256_mod);
sp_256_mont_sub_8(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+ sp_256_mont_sub_8(t2, b, x, p256_mod);
+ sp_256_mont_dbl_8(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -71691,7 +73675,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_sub_8(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_8(y, y, p256_mod);
+ sp_256_mont_div2_8(y, y, p256_mod);
}
/* Convert the projective point to affine.
@@ -71737,12 +73721,12 @@ typedef struct sp_table_entry_256 {
static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*8;
- sp_digit* t3 = t + 4*8;
- sp_digit* t4 = t + 6*8;
- sp_digit* t5 = t + 8*8;
- sp_digit* t6 = t + 10*8;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*8;
+ sp_digit* t6 = t + 4*8;
+ sp_digit* t1 = t + 6*8;
+ sp_digit* t4 = t + 8*8;
+ sp_digit* t5 = t + 10*8;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -71758,13 +73742,9 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
sp_256_proj_point_dbl_8(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
@@ -71773,33 +73753,40 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_8(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_8(x, t1, t5, p256_mod);
- sp_256_mont_dbl_8(t1, t3, p256_mod);
- sp_256_mont_sub_8(x, x, t1, p256_mod);
+ sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_8(t2, t2, t1, p256_mod);
+ sp_256_mont_dbl_8(t5, t3, p256_mod);
+ sp_256_mont_sub_8(x, t2, t5, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_8(t3, t3, x, p256_mod);
+ sp_256_mont_sub_8(t3, t3, x, p256_mod);
sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_8(y, t3, t5, p256_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_8(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -71900,7 +73887,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_16_8(sp_point_256* r,
@@ -72095,7 +74082,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -72166,8 +74153,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -72320,7 +74307,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_256_8(sp_point_256* r,
@@ -72515,7 +74502,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -72586,8 +74573,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -72704,7 +74691,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -72715,7 +74702,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -74253,7 +76240,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -74275,7 +76262,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -74336,7 +76323,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
*/
static void sp_256_add_one_8(sp_digit* a_p)
{
- register sp_digit* a asm ("r0") = a_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
__asm__ __volatile__ (
"ldm %[a], {r1, r2, r3, r4}\n\t"
@@ -74353,7 +76340,7 @@ static void sp_256_add_one_8(sp_digit* a_p)
"stm %[a]!, {r1, r2, r3, r4}\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4"
+ : "memory", "r1", "r2", "r3", "r4", "cc"
);
}
@@ -74448,7 +76435,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -74456,7 +76443,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -74734,16 +76721,15 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
*/
static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #32\n\t"
"\n"
"L_sp_256_sub_in_pkace_8_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -74751,13 +76737,13 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_256_sub_in_pkace_8_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -74770,8 +76756,8 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -74791,7 +76777,7 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -74806,15 +76792,14 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -74847,7 +76832,7 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_256_mul_d_8_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -74892,7 +76877,7 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #32]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -74905,15 +76890,14 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -74938,251 +76922,203 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -75208,15 +77144,13 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
"str r5, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -75233,9 +77167,9 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -75275,7 +77209,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -75292,9 +77226,9 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -75324,7 +77258,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_256_word_8_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -75352,7 +77286,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -75380,7 +77314,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -75413,7 +77347,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -75454,8 +77388,8 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[16], t2[9];
sp_digit div, r1;
@@ -75495,7 +77429,8 @@ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_256_div_8(a, m, NULL, r);
}
@@ -75638,7 +77573,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
sp_256_mont_sqr_n_order_8(t2, t3, 4);
/* t = a^ff = t2 * t3 */
sp_256_mont_mul_order_8(t, t2, t3);
- /* t3= a^ff00 = t ^ 2 ^ 8 */
+ /* t2= a^ff00 = t ^ 2 ^ 8 */
sp_256_mont_sqr_n_order_8(t2, t, 8);
/* t = a^ffff = t2 * t */
sp_256_mont_mul_order_8(t, t2, t);
@@ -75655,7 +77590,11 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
/* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
sp_256_mont_mul_order_8(t2, t2, t);
/* t2= a^ffffffff00000000ffffffffffffffffbce6 */
- for (i=127; i>=112; i--) {
+ sp_256_mont_sqr_order_8(t2, t2);
+ sp_256_mont_mul_order_8(t2, t2, a);
+ sp_256_mont_sqr_n_order_8(t2, t2, 5);
+ sp_256_mont_mul_order_8(t2, t2, t3);
+ for (i=121; i>=112; i--) {
sp_256_mont_sqr_order_8(t2, t2);
if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
sp_256_mont_mul_order_8(t2, t2, a);
@@ -76060,21 +77999,94 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
#endif /* HAVE_ECC_SIGN */
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "mov r12, #0\n\t"
+ "add lr, %[a], #32\n\t"
+ "\n"
+ "L_sp_256_sub_8_word_%=: \n\t"
+ "rsbs r12, r12, #0\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "sbc r12, r3, r3\n\t"
+ "cmp %[a], lr\n\t"
+ "bne L_sp_256_sub_8_word_%=\n\t"
+ "mov %[r], r12\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "subs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "sbc %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
- "mov r11, #0\n\t"
"mov r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r2, [%[a], #16]\n\t"
"ldr r3, [%[a], #20]\n\t"
#else
"ldrd r2, r3, [%[a], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a], #24]\n\t"
"ldr r5, [%[a], #28]\n\t"
#else
@@ -76089,25 +78101,25 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
"orr r8, r8, r5, lsl #31\n\t"
"orr r9, r9, r12, lsl #31\n\t"
"mov r12, r2\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[r], #16]\n\t"
"str r7, [%[r], #20]\n\t"
#else
"strd r6, r7, [%[r], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #24]\n\t"
"str r9, [%[r], #28]\n\t"
#else
"strd r8, r9, [%[r], #24]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r2, [%[a]]\n\t"
"ldr r3, [%[a], #4]\n\t"
#else
"ldrd r2, r3, [%[a]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a], #8]\n\t"
"ldr r5, [%[a], #12]\n\t"
#else
@@ -76121,13 +78133,13 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
"orr r7, r7, r4, lsl #31\n\t"
"orr r8, r8, r5, lsl #31\n\t"
"orr r9, r9, r12, lsl #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r6, [%[r]]\n\t"
"str r7, [%[r], #4]\n\t"
#else
"strd r6, r7, [%[r]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #8]\n\t"
"str r9, [%[r], #12]\n\t"
#else
@@ -76135,7 +78147,7 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
#endif
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "r11"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
);
}
@@ -76147,13 +78159,13 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
*/
static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
- "ldr r4, [%[a]], #4\n\t"
+ "ldm %[a]!, {r4}\n\t"
"ands r3, r4, #1\n\t"
"beq L_sp_256_div2_mod_8_even_%=\n\t"
"ldm %[a]!, {r5, r6, r7}\n\t"
@@ -76173,13 +78185,13 @@ static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"b L_sp_256_div2_mod_8_div2_%=\n\t"
"\n"
"L_sp_256_div2_mod_8_even_%=: \n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a], #12]\n\t"
"ldr r5, [%[a], #16]\n\t"
#else
"ldrd r4, r5, [%[a], #12]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r6, [%[a], #20]\n\t"
"ldr r7, [%[a], #24]\n\t"
#else
@@ -76197,13 +78209,13 @@ static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"orr r10, r10, r7, lsl #31\n\t"
"orr r11, r11, r3, lsl #31\n\t"
"mov r3, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r8, [%[r], #16]\n\t"
"str r9, [%[r], #20]\n\t"
#else
"strd r8, r9, [%[r], #16]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r10, [%[r], #24]\n\t"
"str r11, [%[r], #28]\n\t"
#else
@@ -76221,49 +78233,50 @@ static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"stm %[r], {r8, r9, r10, r11}\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
static const unsigned char L_sp_256_num_bits_8_table[] = {
- 0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
- 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
- 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
- 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
+ 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
+ 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+ 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
};
static int sp_256_num_bits_8(const sp_digit* a_p)
{
- register const sp_digit* a asm ("r0") = a_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register unsigned char* L_sp_256_num_bits_8_table_c asm ("r1") = (unsigned char*)&L_sp_256_num_bits_8_table;
__asm__ __volatile__ (
"mov lr, %[L_sp_256_num_bits_8_table]\n\t"
@@ -76575,9 +78588,9 @@ static int sp_256_num_bits_8(const sp_digit* a_p)
"\n"
"L_sp_256_num_bits_8_9_%=: \n\t"
"mov %[a], r12\n\t"
- : [a] "+r" (a)
- : [L_sp_256_num_bits_8_table] "r" (L_sp_256_num_bits_8_table)
- : "memory", "r1", "r2", "r3", "r12", "lr"
+ : [a] "+r" (a), [L_sp_256_num_bits_8_table] "+r" (L_sp_256_num_bits_8_table_c)
+ :
+ : "memory", "r2", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -76585,13 +78598,13 @@ static int sp_256_num_bits_8(const sp_digit* a_p)
#else
static int sp_256_num_bits_8(const sp_digit* a_p)
{
- register const sp_digit* a asm ("r0") = a_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"ldr r1, [%[a], #28]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_256_num_bits_8_7_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -76666,12 +78679,12 @@ static int sp_256_num_bits_8(const sp_digit* a_p)
"mov %[a], r12\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r12", "lr"
+ : "memory", "r1", "r2", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
-#endif /* WOLFSSL_SP_ARM_ARCH && (WOLFSSL_SP_ARM_ARCH < 7) */
+#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
/* Non-constant time modular inversion.
*
* @param [out] r Resulting number.
@@ -76715,7 +78728,7 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_256_cmp_8(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
sp_256_sub_8(u, u, v);
o = sp_256_sub_8(b, b, d);
if (o != 0)
@@ -76792,7 +78805,7 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -77116,7 +79129,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -77144,19 +79157,21 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 8;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_8(t1, point->y);
(void)sp_256_mod_8(t1, t1, p256_mod);
sp_256_sqr_8(t2, point->x);
(void)sp_256_mod_8(t2, t2, p256_mod);
sp_256_mul_8(t2, t2, point->x);
(void)sp_256_mod_8(t2, t2, p256_mod);
- (void)sp_256_sub_8(t2, p256_mod, t2);
- sp_256_mont_add_8(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_8(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_8(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -77170,7 +79185,7 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -77764,16 +79779,19 @@ static const sp_digit p384_b[12] = {
*/
static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x60\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_384_mul_12_outer_%=: \n\t"
"subs r3, r5, #44\n\t"
@@ -77784,7 +79802,44 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"L_sp_384_mul_12_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -77821,10 +79876,46 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #48\n\t"
- "beq L_sp_384_mul_12_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_384_mul_12_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_384_mul_12_inner_done_%=\n\t"
+ "blt L_sp_384_mul_12_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_384_mul_12_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -77832,18 +79923,50 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x58\n\t"
+ "cmp r5, #0x54\n\t"
"ble L_sp_384_mul_12_outer_%=\n\t"
+ "ldr lr, [%[a], #44]\n\t"
+ "ldr r11, [%[b], #44]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_384_mul_12_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_384_mul_12_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -77856,17 +79979,16 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
*/
static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #48\n\t"
- "mov r10, #0\n\t"
/* A[0] * B[0] */
"ldr r11, [%[a]]\n\t"
"ldr r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r3, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -77896,7 +80018,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp]\n\t"
/* A[0] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -77935,7 +80057,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[1] * B[0] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -77973,7 +80095,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78013,7 +80135,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[1] */
"ldr r11, [%[a], #4]\n\t"
"ldr r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78051,7 +80173,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[2] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78089,7 +80211,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78128,7 +80250,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[1] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78165,7 +80287,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[2] * B[1] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78203,7 +80325,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[0] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78241,7 +80363,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78280,7 +80402,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[3] * B[1] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78318,7 +80440,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[2] */
"ldr r11, [%[a], #8]\n\t"
"ldr r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78356,7 +80478,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[3] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78394,7 +80516,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[4] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78432,7 +80554,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78472,7 +80594,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[4] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78509,7 +80631,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[2] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78546,7 +80668,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[3] * B[2] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78584,7 +80706,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[1] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78622,7 +80744,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[0] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78660,7 +80782,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78700,7 +80822,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[1] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78737,7 +80859,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[4] * B[2] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78775,7 +80897,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[3] */
"ldr r11, [%[a], #12]\n\t"
"ldr r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78813,7 +80935,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[4] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78851,7 +80973,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[5] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78889,7 +81011,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[6] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78927,7 +81049,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -78967,7 +81089,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[6] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79005,7 +81127,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[5] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79042,7 +81164,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[3] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79079,7 +81201,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[4] * B[3] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79117,7 +81239,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[2] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79155,7 +81277,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[1] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79193,7 +81315,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[0] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79231,7 +81353,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #28]\n\t"
/* A[8] * B[0] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79271,7 +81393,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[1] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79309,7 +81431,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[2] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79346,7 +81468,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[5] * B[3] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79384,7 +81506,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[4] */
"ldr r11, [%[a], #16]\n\t"
"ldr r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79422,7 +81544,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[5] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79460,7 +81582,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[6] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79498,7 +81620,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[7] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79536,7 +81658,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[8] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79574,7 +81696,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #32]\n\t"
/* A[0] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79614,7 +81736,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[8] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79652,7 +81774,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[7] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79690,7 +81812,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[6] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79727,7 +81849,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[4] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79764,7 +81886,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[5] * B[4] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79802,7 +81924,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[3] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79840,7 +81962,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[2] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79878,7 +82000,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[1] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79916,7 +82038,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[0] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79954,7 +82076,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #36]\n\t"
/* A[10] * B[0] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -79994,7 +82116,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[1] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80032,7 +82154,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[2] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80070,7 +82192,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[3] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80107,7 +82229,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[6] * B[4] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80145,7 +82267,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[5] */
"ldr r11, [%[a], #20]\n\t"
"ldr r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80183,7 +82305,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[6] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80221,7 +82343,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[7] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80259,7 +82381,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[8] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80297,7 +82419,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[9] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80335,7 +82457,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[10] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80373,7 +82495,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #40]\n\t"
/* A[0] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80413,7 +82535,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[10] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80451,7 +82573,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[9] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80489,7 +82611,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[8] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80527,7 +82649,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[7] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80564,7 +82686,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[5] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80601,7 +82723,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[6] * B[5] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80639,7 +82761,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[4] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80677,7 +82799,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[3] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80715,7 +82837,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[2] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80753,7 +82875,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[1] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80791,7 +82913,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[0] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80829,7 +82951,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #44]\n\t"
/* A[11] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80869,7 +82991,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[2] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80907,7 +83029,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[3] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80945,7 +83067,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[4] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -80982,7 +83104,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[7] * B[5] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81020,7 +83142,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[6] */
"ldr r11, [%[a], #24]\n\t"
"ldr r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81058,7 +83180,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[7] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81096,7 +83218,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[8] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81134,7 +83256,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[9] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81172,7 +83294,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[10] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81210,7 +83332,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[11] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81248,7 +83370,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #48]\n\t"
/* A[2] * B[11] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81288,7 +83410,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[10] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81326,7 +83448,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[9] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81364,7 +83486,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[8] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81401,7 +83523,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[6] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81438,7 +83560,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[7] * B[6] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81476,7 +83598,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[5] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81514,7 +83636,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[4] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81552,7 +83674,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[3] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81590,7 +83712,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[2] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81628,7 +83750,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [%[r], #52]\n\t"
/* A[11] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81668,7 +83790,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[4] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81706,7 +83828,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[5] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81743,7 +83865,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[8] * B[6] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81781,7 +83903,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[7] */
"ldr r11, [%[a], #28]\n\t"
"ldr r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81819,7 +83941,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[8] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81857,7 +83979,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[9] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81895,7 +84017,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[10] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81933,7 +84055,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[11] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -81971,7 +84093,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [%[r], #56]\n\t"
/* A[4] * B[11] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82011,7 +84133,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[10] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82049,7 +84171,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[9] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82086,7 +84208,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[7] * B[8] */
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82123,7 +84245,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[8] * B[7] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82161,7 +84283,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[6] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82199,7 +84321,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[5] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82237,7 +84359,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[4] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82275,7 +84397,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #60]\n\t"
/* A[11] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82315,7 +84437,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[6] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82352,7 +84474,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[9] * B[7] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82390,7 +84512,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[8] */
"ldr r11, [%[a], #32]\n\t"
"ldr r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82428,7 +84550,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[9] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82466,7 +84588,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[10] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82504,7 +84626,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[11] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82542,7 +84664,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [%[r], #64]\n\t"
/* A[6] * B[11] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82582,7 +84704,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[10] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82619,7 +84741,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[8] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82656,7 +84778,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[9] * B[8] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82694,7 +84816,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[7] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82732,7 +84854,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[6] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82770,7 +84892,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [%[r], #68]\n\t"
/* A[11] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82809,7 +84931,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[10] * B[8] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82847,7 +84969,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[9] */
"ldr r11, [%[a], #36]\n\t"
"ldr r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82885,7 +85007,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[10] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82923,7 +85045,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[11] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -82961,7 +85083,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #72]\n\t"
/* A[8] * B[11] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83000,7 +85122,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[9] * B[10] */
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83037,7 +85159,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[10] * B[9] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83075,7 +85197,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[8] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83112,7 +85234,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"str r4, [%[r], #76]\n\t"
/* A[11] * B[9] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83152,7 +85274,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[10] */
"ldr r11, [%[a], #40]\n\t"
"ldr r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83190,7 +85312,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[11] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83227,7 +85349,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"str r5, [%[r], #80]\n\t"
/* A[10] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83266,7 +85388,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[11] * B[10] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83303,7 +85425,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"str r3, [%[r], #84]\n\t"
/* A[11] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -83329,9 +85451,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, r8, r9\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, r8, r9\n\t"
#endif
"str r4, [%[r], #88]\n\t"
"str r5, [%[r], #92]\n\t"
@@ -83343,7 +85463,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
@@ -83356,29 +85476,28 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
*/
static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x60\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_384_sqr_12_outer_%=: \n\t"
"subs r3, r5, #44\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_384_sqr_12_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_384_sqr_12_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -83427,11 +85546,13 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_384_sqr_12_op_done_%=\n\t"
- "\n"
- "L_sp_384_sqr_12_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_384_sqr_12_inner_done_%=\n\t"
+ "blt L_sp_384_sqr_12_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -83458,34 +85579,50 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_384_sqr_12_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #48\n\t"
- "beq L_sp_384_sqr_12_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_384_sqr_12_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_384_sqr_12_inner_%=\n\t"
- "\n"
"L_sp_384_sqr_12_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x58\n\t"
+ "cmp r5, #0x54\n\t"
"ble L_sp_384_sqr_12_outer_%=\n\t"
+ "ldr lr, [%[a], #44]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_384_sqr_12_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_384_sqr_12_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -83497,14 +85634,14 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
*/
static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #48\n\t"
/* A[0] * A[0] */
"ldr r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsr r9, r10, #16\n\t"
"lsl r2, r10, #16\n\t"
"lsr r2, r2, #16\n\t"
@@ -83523,7 +85660,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[1] */
"ldr r10, [%[a], #4]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83579,7 +85716,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83633,7 +85770,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[1] * A[1] */
"ldr r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83663,7 +85800,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83718,7 +85855,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83771,7 +85908,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83826,7 +85963,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83877,7 +86014,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[2] * A[2] */
"ldr r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83907,7 +86044,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83937,7 +86074,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -83975,7 +86112,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84020,7 +86157,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84050,7 +86187,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84088,7 +86225,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84125,7 +86262,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[3] * A[3] */
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84164,7 +86301,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84194,7 +86331,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84232,7 +86369,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84270,7 +86407,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84315,7 +86452,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84345,7 +86482,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84383,7 +86520,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84421,7 +86558,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84458,7 +86595,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[4] * A[4] */
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84497,7 +86634,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84527,7 +86664,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84565,7 +86702,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84603,7 +86740,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84641,7 +86778,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84686,7 +86823,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84716,7 +86853,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84754,7 +86891,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84792,7 +86929,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84830,7 +86967,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84867,7 +87004,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[5] * A[5] */
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84906,7 +87043,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84936,7 +87073,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -84974,7 +87111,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85012,7 +87149,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85050,7 +87187,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85088,7 +87225,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85133,7 +87270,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85163,7 +87300,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85201,7 +87338,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85239,7 +87376,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85277,7 +87414,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85314,7 +87451,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[6] * A[6] */
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85353,7 +87490,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85383,7 +87520,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85421,7 +87558,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85459,7 +87596,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85497,7 +87634,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85542,7 +87679,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85572,7 +87709,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85610,7 +87747,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85648,7 +87785,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85685,7 +87822,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[7] * A[7] */
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85724,7 +87861,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85754,7 +87891,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85792,7 +87929,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85830,7 +87967,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85875,7 +88012,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85905,7 +88042,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85943,7 +88080,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -85980,7 +88117,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[8] * A[8] */
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86019,7 +88156,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86049,7 +88186,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86087,7 +88224,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86132,7 +88269,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86187,7 +88324,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86238,7 +88375,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[9] * A[9] */
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86268,7 +88405,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86323,7 +88460,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86376,7 +88513,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86430,7 +88567,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[10] * A[10] */
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86460,7 +88597,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86515,7 +88652,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
"str r2, [%[r], #84]\n\t"
/* A[11] * A[11] */
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -86548,7 +88685,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
"stm %[r]!, {r2, r3, r4, r8}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
}
@@ -86562,9 +88699,9 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
*/
static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -86586,7 +88723,7 @@ static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -86600,12 +88737,11 @@ static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit
*/
static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -86627,91 +88763,11 @@ static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "mov r12, #0\n\t"
- "add lr, %[a], #48\n\t"
- "\n"
- "L_sp_384_sub_12_word_%=: \n\t"
- "rsbs r12, r12, #0\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc r12, r3, r3\n\t"
- "cmp %[a], lr\n\t"
- "bne L_sp_384_sub_12_word_%=\n\t"
- "mov %[r], r12\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "subs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc %[r], r6, r6\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -86829,14 +88885,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -87025,10 +89081,10 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
*/
static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -87049,7 +89105,7 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -87065,10 +89121,10 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
*/
static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -87117,7 +89173,7 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -87125,6 +89181,7 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
#endif /* WOLFSSL_SP_SMALL */
#define sp_384_mont_reduce_order_12 sp_384_mont_reduce_12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 384 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -87133,12 +89190,12 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
*/
static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -87151,10 +89208,9 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -87178,14 +89234,8 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -87209,18 +89259,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -87244,17 +89288,11 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -87278,18 +89316,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -87313,18 +89345,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -87348,18 +89374,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -87383,18 +89403,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -87418,18 +89432,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -87453,18 +89461,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -87488,18 +89490,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -87523,22 +89519,16 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #44]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #44]\n\t"
+#else
+ "ldr r7, [%[m], #44]\n\t"
#endif
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -87569,13 +89559,141 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #48\n\t"
+ "blt L_sp_384_mont_reduce_12_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 384 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_384_mont_reduce_12_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"ldr r10, [%[a], #48]\n\t"
@@ -87587,16 +89705,123 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
"add %[a], %[a], #4\n\t"
"cmp r9, #48\n\t"
"blt L_sp_384_mont_reduce_12_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
}
+#else
+/* Reduce the number back to 384 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_384_mont_reduce_12_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #48]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #48]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #48\n\t"
+ "blt L_sp_384_mont_reduce_12_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
+}
+
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -87604,7 +89829,7 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -87618,7 +89843,7 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -87634,10 +89859,10 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_12(r, a, m, mp);
for (; n > 1; n--) {
@@ -87748,8 +89973,8 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
*/
static sp_int32 sp_384_cmp_12(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -87912,7 +90137,7 @@ static sp_int32 sp_384_cmp_12(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -87972,10 +90197,10 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
*/
static void sp_384_mont_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register const sp_digit* m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
sp_digit o;
@@ -87991,9 +90216,9 @@ static void sp_384_mont_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static void sp_384_mont_dbl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
sp_digit o;
@@ -88009,9 +90234,9 @@ static void sp_384_mont_dbl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
sp_digit o;
@@ -88022,6 +90247,87 @@ static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
}
#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "mov r12, #0\n\t"
+ "add lr, %[a], #48\n\t"
+ "\n"
+ "L_sp_384_sub_12_word_%=: \n\t"
+ "rsbs r12, r12, #0\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "sbc r12, r3, r3\n\t"
+ "cmp %[a], lr\n\t"
+ "bne L_sp_384_sub_12_word_%=\n\t"
+ "mov %[r], r12\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "subs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "sbc %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -88032,10 +90338,10 @@ static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -88056,7 +90362,7 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
"mov %[r], lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -88072,10 +90378,10 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
*/
static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r8, #0\n\t"
@@ -88124,7 +90430,7 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
"adc %[r], r8, r8\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -88139,10 +90445,10 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
*/
static void sp_384_mont_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register const sp_digit* m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
sp_digit o;
@@ -88150,14 +90456,13 @@ static void sp_384_mont_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
sp_384_cond_add_12(r, r, m, o);
}
-#define sp_384_mont_sub_lower_12 sp_384_mont_sub_12
#ifdef WOLFSSL_SP_SMALL
#else
#endif /* WOLFSSL_SP_SMALL */
static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3}\n\t"
@@ -88208,7 +90513,7 @@ static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
"str r4, [%[r], #44]\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4"
+ : "memory", "r2", "r3", "r4", "cc"
);
}
@@ -88218,7 +90523,7 @@ static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_384_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
{
sp_digit o;
@@ -88271,7 +90576,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_12(t2, t2, p384_mod);
+ sp_384_mont_div2_12(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -88281,7 +90586,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_12(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+ sp_384_mont_sub_12(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -88304,7 +90609,8 @@ typedef struct sp_384_proj_point_dbl_12_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
@@ -88378,7 +90684,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_12(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -88403,7 +90709,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -88466,12 +90772,12 @@ static int sp_384_iszero_12(const sp_digit* a)
static void sp_384_proj_point_add_12(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*12;
- sp_digit* t3 = t + 4*12;
- sp_digit* t4 = t + 6*12;
- sp_digit* t5 = t + 8*12;
- sp_digit* t6 = t + 10*12;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*12;
+ sp_digit* t2 = t + 4*12;
+ sp_digit* t3 = t + 6*12;
+ sp_digit* t4 = t + 8*12;
+ sp_digit* t5 = t + 10*12;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
@@ -88493,17 +90799,9 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
sp_384_proj_point_dbl_12(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_12(t2, t2, t1, p384_mod);
@@ -88522,20 +90820,31 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
sp_384_mont_dbl_12(t3, y, p384_mod);
sp_384_mont_sub_12(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+ sp_384_mont_sub_12(y, y, x, p384_mod);
sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(y, y, t5, p384_mod);
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -88581,12 +90890,12 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*12;
- ctx->t3 = t + 4*12;
- ctx->t4 = t + 6*12;
- ctx->t5 = t + 8*12;
- ctx->t6 = t + 10*12;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*12;
+ ctx->t2 = t + 4*12;
+ ctx->t3 = t + 6*12;
+ ctx->t4 = t + 8*12;
+ ctx->t5 = t + 10*12;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -88693,7 +91002,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -88706,22 +91015,28 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -88741,7 +91056,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
@@ -89017,8 +91332,6 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
}
#ifdef FP_ECC
-#define sp_384_mont_dbl_lower_12 sp_384_mont_dbl_12
-#define sp_384_mont_tpl_lower_12 sp_384_mont_tpl_12
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -89057,7 +91370,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+ sp_384_mont_tpl_12(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -89066,8 +91379,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_dbl_12(t2, b, p384_mod);
sp_384_mont_sub_12(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+ sp_384_mont_sub_12(t2, b, x, p384_mod);
+ sp_384_mont_dbl_12(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -89087,7 +91400,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+ sp_384_mont_tpl_12(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -89096,8 +91409,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_dbl_12(t2, b, p384_mod);
sp_384_mont_sub_12(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+ sp_384_mont_sub_12(t2, b, x, p384_mod);
+ sp_384_mont_dbl_12(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -89107,7 +91420,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_sub_12(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_12(y, y, p384_mod);
+ sp_384_mont_div2_12(y, y, p384_mod);
}
/* Convert the projective point to affine.
@@ -89153,12 +91466,12 @@ typedef struct sp_table_entry_384 {
static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*12;
- sp_digit* t3 = t + 4*12;
- sp_digit* t4 = t + 6*12;
- sp_digit* t5 = t + 8*12;
- sp_digit* t6 = t + 10*12;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*12;
+ sp_digit* t6 = t + 4*12;
+ sp_digit* t1 = t + 6*12;
+ sp_digit* t4 = t + 8*12;
+ sp_digit* t5 = t + 10*12;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -89174,13 +91487,9 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
sp_384_proj_point_dbl_12(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
@@ -89189,33 +91498,40 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_12(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_12(x, t1, t5, p384_mod);
- sp_384_mont_dbl_12(t1, t3, p384_mod);
- sp_384_mont_sub_12(x, x, t1, p384_mod);
+ sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_12(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_12(t5, t3, p384_mod);
+ sp_384_mont_sub_12(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_12(t3, t3, x, p384_mod);
+ sp_384_mont_sub_12(t3, t3, x, p384_mod);
sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_12(y, t3, t5, p384_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_12(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -89316,7 +91632,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_16_12(sp_point_384* r,
@@ -89527,7 +91843,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -89598,8 +91914,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -89752,7 +92068,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_256_12(sp_point_384* r,
@@ -89963,7 +92279,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -90034,8 +92350,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -90152,7 +92468,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -90163,7 +92479,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -91701,7 +94017,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -91723,7 +94039,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -91784,7 +94100,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
*/
static void sp_384_add_one_12(sp_digit* a_p)
{
- register sp_digit* a asm ("r0") = a_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
__asm__ __volatile__ (
"ldm %[a], {r1, r2, r3, r4}\n\t"
@@ -91807,7 +94123,7 @@ static void sp_384_add_one_12(sp_digit* a_p)
"stm %[a]!, {r1, r2, r3, r4}\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4"
+ : "memory", "r1", "r2", "r3", "r4", "cc"
);
}
@@ -91902,7 +94218,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -91910,7 +94226,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -92188,16 +94504,15 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
*/
static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #48\n\t"
"\n"
"L_sp_384_sub_in_pkace_12_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -92205,13 +94520,13 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_384_sub_in_pkace_12_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -92224,8 +94539,8 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -92252,7 +94567,7 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -92267,15 +94582,14 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -92308,7 +94622,7 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_384_mul_d_12_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -92353,7 +94667,7 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #48]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -92366,15 +94680,14 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -92399,411 +94712,331 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -92829,15 +95062,13 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r5, r5, r6\n\t"
"adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r7\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
"str r3, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -92854,9 +95085,9 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -92896,7 +95127,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -92913,9 +95144,9 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -92945,7 +95176,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_384_word_12_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -92973,7 +95204,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -93001,7 +95232,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -93034,7 +95265,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -93079,8 +95310,8 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[24], t2[13];
sp_digit div, r1;
@@ -93120,7 +95351,8 @@ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digi
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_384_div_12(a, m, NULL, r);
}
@@ -93664,12 +95896,12 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
*/
static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
__asm__ __volatile__ (
- "ldr r4, [%[a]], #4\n\t"
+ "ldm %[a]!, {r4}\n\t"
"ands r3, r4, #1\n\t"
"beq L_sp_384_div2_mod_12_even_%=\n\t"
"mov r12, #0\n\t"
@@ -93706,8 +95938,8 @@ static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4, r5, r6, r7}\n\t"
"\n"
"L_sp_384_div2_mod_12_div2_%=: \n\t"
- "sub %[r], #48\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ "sub %[r], %[r], #48\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[r]]\n\t"
"ldr r9, [%[r], #4]\n\t"
#else
@@ -93761,49 +95993,50 @@ static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"str r10, [%[r], #44]\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
static const unsigned char L_sp_384_num_bits_12_table[] = {
- 0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
- 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
- 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
- 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
+ 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
+ 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+ 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
};
static int sp_384_num_bits_12(const sp_digit* a_p)
{
- register const sp_digit* a asm ("r0") = a_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register unsigned char* L_sp_384_num_bits_12_table_c asm ("r1") = (unsigned char*)&L_sp_384_num_bits_12_table;
__asm__ __volatile__ (
"mov lr, %[L_sp_384_num_bits_12_table]\n\t"
@@ -93813,7 +96046,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_11_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x78\n\t"
@@ -93829,7 +96062,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_11_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x70\n\t"
@@ -93845,7 +96078,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_11_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x68\n\t"
@@ -93858,7 +96091,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"\n"
"L_sp_384_num_bits_12_11_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x60\n\t"
@@ -93876,7 +96109,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_10_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x58\n\t"
@@ -93892,7 +96125,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_10_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x50\n\t"
@@ -93908,7 +96141,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_10_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x48\n\t"
@@ -93921,7 +96154,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"\n"
"L_sp_384_num_bits_12_10_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x40\n\t"
@@ -93939,7 +96172,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_9_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x38\n\t"
@@ -93955,7 +96188,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_9_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x30\n\t"
@@ -93971,7 +96204,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_9_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x28\n\t"
@@ -93984,7 +96217,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"\n"
"L_sp_384_num_bits_12_9_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x20\n\t"
@@ -94002,7 +96235,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_8_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x18\n\t"
@@ -94018,7 +96251,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_8_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x10\n\t"
@@ -94034,7 +96267,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_384_num_bits_12_8_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x8\n\t"
@@ -94047,7 +96280,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"\n"
"L_sp_384_num_bits_12_8_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -94367,9 +96600,9 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"\n"
"L_sp_384_num_bits_12_13_%=: \n\t"
"mov %[a], r12\n\t"
- : [a] "+r" (a)
- : [L_sp_384_num_bits_12_table] "r" (L_sp_384_num_bits_12_table)
- : "memory", "r1", "r2", "r3", "r12", "lr"
+ : [a] "+r" (a), [L_sp_384_num_bits_12_table] "+r" (L_sp_384_num_bits_12_table_c)
+ :
+ : "memory", "r2", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -94377,13 +96610,13 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
#else
static int sp_384_num_bits_12(const sp_digit* a_p)
{
- register const sp_digit* a asm ("r0") = a_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"ldr r1, [%[a], #44]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_384_num_bits_12_11_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x80\n\t"
@@ -94398,7 +96631,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"ldr r1, [%[a], #40]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_384_num_bits_12_10_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x60\n\t"
@@ -94413,7 +96646,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"ldr r1, [%[a], #36]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_384_num_bits_12_9_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x40\n\t"
@@ -94428,7 +96661,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"ldr r1, [%[a], #32]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_384_num_bits_12_8_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x20\n\t"
@@ -94443,7 +96676,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"ldr r1, [%[a], #28]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_384_num_bits_12_7_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -94518,12 +96751,12 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
"mov %[a], r12\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r12", "lr"
+ : "memory", "r1", "r2", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
-#endif /* WOLFSSL_SP_ARM_ARCH && (WOLFSSL_SP_ARM_ARCH < 7) */
+#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
/* Non-constant time modular inversion.
*
* @param [out] r Resulting number.
@@ -94567,7 +96800,7 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_384_cmp_12(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
sp_384_sub_12(u, u, v);
o = sp_384_sub_12(b, b, d);
if (o != 0)
@@ -94648,7 +96881,7 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -94972,7 +97205,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -95000,19 +97233,21 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 12;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_12(t1, point->y);
(void)sp_384_mod_12(t1, t1, p384_mod);
sp_384_sqr_12(t2, point->x);
(void)sp_384_mod_12(t2, t2, p384_mod);
sp_384_mul_12(t2, t2, point->x);
(void)sp_384_mod_12(t2, t2, p384_mod);
- (void)sp_384_sub_12(t2, p384_mod, t2);
- sp_384_mont_add_12(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_12(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_12(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -95026,7 +97261,7 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -95662,16 +97897,19 @@ static const sp_digit p521_b[17] = {
*/
static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x88\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_521_mul_17_outer_%=: \n\t"
"subs r3, r5, #0x40\n\t"
@@ -95682,7 +97920,44 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"L_sp_521_mul_17_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -95719,10 +97994,46 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0x44\n\t"
- "beq L_sp_521_mul_17_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_521_mul_17_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_521_mul_17_inner_done_%=\n\t"
+ "blt L_sp_521_mul_17_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_521_mul_17_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -95730,21 +98041,53 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x80\n\t"
+ "cmp r5, #0x7c\n\t"
"ble L_sp_521_mul_17_outer_%=\n\t"
+ "ldr lr, [%[a], #64]\n\t"
+ "ldr r11, [%[b], #64]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"ldm sp!, {r6, r7}\n\t"
"stm %[r]!, {r6, r7}\n\t"
"sub r5, r5, #8\n\t"
"\n"
"L_sp_521_mul_17_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_521_mul_17_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -95757,17 +98100,16 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
*/
static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x44\n\t"
- "mov r10, #0\n\t"
/* A[0] * B[0] */
"ldr r11, [%[a]]\n\t"
"ldr r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r3, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -95797,7 +98139,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp]\n\t"
/* A[0] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -95836,7 +98178,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[1] * B[0] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -95874,7 +98216,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -95914,7 +98256,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[1] */
"ldr r11, [%[a], #4]\n\t"
"ldr r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -95952,7 +98294,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[2] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -95990,7 +98332,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96029,7 +98371,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[1] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96066,7 +98408,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[2] * B[1] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96104,7 +98446,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[0] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96142,7 +98484,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96181,7 +98523,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[3] * B[1] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96219,7 +98561,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[2] */
"ldr r11, [%[a], #8]\n\t"
"ldr r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96257,7 +98599,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[3] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96295,7 +98637,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[4] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96333,7 +98675,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96373,7 +98715,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[4] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96410,7 +98752,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[2] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96447,7 +98789,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[3] * B[2] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96485,7 +98827,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[1] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96523,7 +98865,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[0] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96561,7 +98903,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96601,7 +98943,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[1] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96638,7 +98980,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[4] * B[2] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96676,7 +99018,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[3] */
"ldr r11, [%[a], #12]\n\t"
"ldr r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96714,7 +99056,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[4] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96752,7 +99094,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[5] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96790,7 +99132,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[6] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96828,7 +99170,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96868,7 +99210,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[6] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96906,7 +99248,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[5] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96943,7 +99285,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[3] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -96980,7 +99322,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[4] * B[3] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97018,7 +99360,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[2] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97056,7 +99398,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[1] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97094,7 +99436,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[0] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97132,7 +99474,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #28]\n\t"
/* A[8] * B[0] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97172,7 +99514,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[1] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97210,7 +99552,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[2] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97247,7 +99589,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[5] * B[3] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97285,7 +99627,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[4] */
"ldr r11, [%[a], #16]\n\t"
"ldr r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97323,7 +99665,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[5] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97361,7 +99703,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[6] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97399,7 +99741,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[7] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97437,7 +99779,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[8] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97475,7 +99817,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #32]\n\t"
/* A[0] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97515,7 +99857,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[8] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97553,7 +99895,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[7] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97591,7 +99933,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[6] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97628,7 +99970,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[4] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97665,7 +100007,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[5] * B[4] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97703,7 +100045,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[3] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97741,7 +100083,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[2] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97779,7 +100121,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[1] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97817,7 +100159,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[0] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97855,7 +100197,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #36]\n\t"
/* A[10] * B[0] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97895,7 +100237,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[1] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97933,7 +100275,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[2] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -97971,7 +100313,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[3] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98008,7 +100350,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[6] * B[4] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98046,7 +100388,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[5] */
"ldr r11, [%[a], #20]\n\t"
"ldr r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98084,7 +100426,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[6] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98122,7 +100464,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[7] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98160,7 +100502,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[8] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98198,7 +100540,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[9] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98236,7 +100578,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[10] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98274,7 +100616,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #40]\n\t"
/* A[0] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98314,7 +100656,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[10] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98352,7 +100694,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[9] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98390,7 +100732,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[8] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98428,7 +100770,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[7] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98465,7 +100807,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[5] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98502,7 +100844,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[6] * B[5] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98540,7 +100882,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[4] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98578,7 +100920,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[3] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98616,7 +100958,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[2] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98654,7 +100996,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[1] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98692,7 +101034,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[0] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98730,7 +101072,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #44]\n\t"
/* A[12] * B[0] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98770,7 +101112,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[1] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98808,7 +101150,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[2] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98846,7 +101188,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[3] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98884,7 +101226,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[4] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98921,7 +101263,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[7] * B[5] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98959,7 +101301,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[6] */
"ldr r11, [%[a], #24]\n\t"
"ldr r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -98997,7 +101339,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[7] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99035,7 +101377,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[8] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99073,7 +101415,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[9] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99111,7 +101453,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[10] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99149,7 +101491,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[11] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99187,7 +101529,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[12] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99225,7 +101567,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #48]\n\t"
/* A[0] * B[13] */
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99265,7 +101607,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[12] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99303,7 +101645,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[11] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99341,7 +101683,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[10] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99379,7 +101721,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[9] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99417,7 +101759,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[8] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99454,7 +101796,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[6] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99491,7 +101833,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[7] * B[6] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99529,7 +101871,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[5] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99567,7 +101909,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[4] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99605,7 +101947,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[3] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99643,7 +101985,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[2] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99681,7 +102023,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[1] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99719,7 +102061,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[0] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99757,7 +102099,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #52]\n\t"
/* A[14] * B[0] */
"ldr r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99797,7 +102139,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[1] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99835,7 +102177,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[2] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99873,7 +102215,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[3] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99911,7 +102253,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[4] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99949,7 +102291,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[5] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -99986,7 +102328,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[8] * B[6] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100024,7 +102366,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[7] */
"ldr r11, [%[a], #28]\n\t"
"ldr r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100062,7 +102404,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[8] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100100,7 +102442,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[9] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100138,7 +102480,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[10] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100176,7 +102518,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[11] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100214,7 +102556,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[12] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100252,7 +102594,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[13] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100290,7 +102632,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[14] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100328,7 +102670,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [sp, #56]\n\t"
/* A[0] * B[15] */
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100368,7 +102710,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[14] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100406,7 +102748,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[13] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100444,7 +102786,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[12] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100482,7 +102824,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[11] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100520,7 +102862,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[10] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100558,7 +102900,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[9] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100595,7 +102937,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[7] * B[8] */
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100632,7 +102974,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[8] * B[7] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100670,7 +103012,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[6] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100708,7 +103050,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[5] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100746,7 +103088,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[4] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100784,7 +103126,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[3] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100822,7 +103164,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[2] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100860,7 +103202,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[1] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100898,7 +103240,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[0] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100936,7 +103278,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [sp, #60]\n\t"
/* A[16] * B[0] */
"ldr r8, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -100976,7 +103318,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[1] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101014,7 +103356,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[2] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101052,7 +103394,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[3] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101090,7 +103432,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[4] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101128,7 +103470,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[5] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101166,7 +103508,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[6] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101203,7 +103545,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[9] * B[7] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101241,7 +103583,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[8] */
"ldr r11, [%[a], #32]\n\t"
"ldr r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101279,7 +103621,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[9] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101317,7 +103659,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[10] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101355,7 +103697,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[11] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101393,7 +103735,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[12] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101431,7 +103773,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[13] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101469,7 +103811,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[14] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101507,7 +103849,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[1] * B[15] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101545,7 +103887,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[0] * B[16] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101583,7 +103925,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [sp, #64]\n\t"
/* A[1] * B[16] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101623,7 +103965,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[15] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101661,7 +104003,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[14] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101699,7 +104041,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[13] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101737,7 +104079,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[12] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101775,7 +104117,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[11] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101813,7 +104155,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[10] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101850,7 +104192,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[8] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101887,7 +104229,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[9] * B[8] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101925,7 +104267,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[7] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -101963,7 +104305,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[6] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102001,7 +104343,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[5] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102039,7 +104381,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[4] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102077,7 +104419,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[3] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102115,7 +104457,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[2] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102153,7 +104495,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[1] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102191,7 +104533,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [%[r], #68]\n\t"
/* A[16] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102231,7 +104573,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[3] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102269,7 +104611,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[4] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102307,7 +104649,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[5] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102345,7 +104687,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[6] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102383,7 +104725,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[7] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102420,7 +104762,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[10] * B[8] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102458,7 +104800,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[9] */
"ldr r11, [%[a], #36]\n\t"
"ldr r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102496,7 +104838,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[10] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102534,7 +104876,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[11] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102572,7 +104914,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[12] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102610,7 +104952,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[13] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102648,7 +104990,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[14] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102686,7 +105028,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[3] * B[15] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102724,7 +105066,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[2] * B[16] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102762,7 +105104,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #72]\n\t"
/* A[3] * B[16] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102802,7 +105144,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[15] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102840,7 +105182,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[14] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102878,7 +105220,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[13] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102916,7 +105258,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[12] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102954,7 +105296,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[11] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -102991,7 +105333,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[9] * B[10] */
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103028,7 +105370,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[10] * B[9] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103066,7 +105408,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[8] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103104,7 +105446,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[7] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103142,7 +105484,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[6] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103180,7 +105522,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[5] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103218,7 +105560,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[4] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103256,7 +105598,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[3] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103294,7 +105636,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [%[r], #76]\n\t"
/* A[16] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103334,7 +105676,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[5] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103372,7 +105714,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[6] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103410,7 +105752,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[7] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103448,7 +105790,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[8] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103485,7 +105827,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[11] * B[9] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103523,7 +105865,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[10] */
"ldr r11, [%[a], #40]\n\t"
"ldr r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103561,7 +105903,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[11] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103599,7 +105941,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[12] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103637,7 +105979,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[13] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103675,7 +106017,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[14] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103713,7 +106055,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[5] * B[15] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103751,7 +106093,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[4] * B[16] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103789,7 +106131,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [%[r], #80]\n\t"
/* A[5] * B[16] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103829,7 +106171,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[15] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103867,7 +106209,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[14] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103905,7 +106247,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[13] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103943,7 +106285,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[12] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -103980,7 +106322,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[10] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104017,7 +106359,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[11] * B[10] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104055,7 +106397,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[9] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104093,7 +106435,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[8] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104131,7 +106473,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[7] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104169,7 +106511,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[6] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104207,7 +106549,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[5] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104245,7 +106587,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #84]\n\t"
/* A[16] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104285,7 +106627,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[7] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104323,7 +106665,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[8] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104361,7 +106703,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[9] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104398,7 +106740,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[12] * B[10] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104436,7 +106778,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[11] */
"ldr r11, [%[a], #44]\n\t"
"ldr r12, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104474,7 +106816,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[12] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104512,7 +106854,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[13] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104550,7 +106892,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[14] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104588,7 +106930,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[7] * B[15] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104626,7 +106968,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[6] * B[16] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104664,7 +107006,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [%[r], #88]\n\t"
/* A[7] * B[16] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104704,7 +107046,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[15] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104742,7 +107084,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[14] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104780,7 +107122,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[13] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104817,7 +107159,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[11] * B[12] */
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104854,7 +107196,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[12] * B[11] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104892,7 +107234,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[10] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104930,7 +107272,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[9] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -104968,7 +107310,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[8] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105006,7 +107348,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[7] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105044,7 +107386,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [%[r], #92]\n\t"
/* A[16] * B[8] */
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105084,7 +107426,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[9] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105122,7 +107464,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[10] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105159,7 +107501,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[13] * B[11] */
"ldr r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105197,7 +107539,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[12] */
"ldr r11, [%[a], #48]\n\t"
"ldr r12, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105235,7 +107577,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[13] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105273,7 +107615,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[14] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105311,7 +107653,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[9] * B[15] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105349,7 +107691,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[8] * B[16] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105387,7 +107729,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #96]\n\t"
/* A[9] * B[16] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105427,7 +107769,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[15] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105465,7 +107807,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[14] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105502,7 +107844,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[12] * B[13] */
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105539,7 +107881,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[13] * B[12] */
"ldr r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105577,7 +107919,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[11] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105615,7 +107957,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[10] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105653,7 +107995,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[9] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105691,7 +108033,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [%[r], #100]\n\t"
/* A[16] * B[10] */
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105731,7 +108073,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[11] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105768,7 +108110,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[14] * B[12] */
"ldr r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105806,7 +108148,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[13] */
"ldr r11, [%[a], #52]\n\t"
"ldr r12, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105844,7 +108186,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[14] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105882,7 +108224,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[11] * B[15] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105920,7 +108262,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[10] * B[16] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105958,7 +108300,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r5, [%[r], #104]\n\t"
/* A[11] * B[16] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -105998,7 +108340,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[15] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106035,7 +108377,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[13] * B[14] */
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106072,7 +108414,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[14] * B[13] */
"ldr r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106110,7 +108452,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[12] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106148,7 +108490,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[11] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106186,7 +108528,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r3, [%[r], #108]\n\t"
/* A[16] * B[12] */
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106225,7 +108567,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[15] * B[13] */
"ldr r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106263,7 +108605,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[14] */
"ldr r11, [%[a], #56]\n\t"
"ldr r12, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106301,7 +108643,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[13] * B[15] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106339,7 +108681,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[12] * B[16] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106377,7 +108719,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"str r4, [%[r], #112]\n\t"
/* A[13] * B[16] */
"ldr r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106416,7 +108758,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[14] * B[15] */
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106453,7 +108795,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[15] * B[14] */
"ldr r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106491,7 +108833,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[16] * B[13] */
"ldr r8, [%[a], #64]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106528,7 +108870,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"str r5, [%[r], #116]\n\t"
/* A[16] * B[14] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106568,7 +108910,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[15] * B[15] */
"ldr r11, [%[a], #60]\n\t"
"ldr r12, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106606,7 +108948,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
/* A[14] * B[16] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106643,7 +108985,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"str r3, [%[r], #120]\n\t"
/* A[15] * B[16] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106682,7 +109024,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
/* A[16] * B[15] */
"ldr r8, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106719,7 +109061,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
#endif
"str r4, [%[r], #124]\n\t"
/* A[16] * B[16] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -106745,9 +109087,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"adds r5, r5, r6\n\t"
"adc r3, r3, r7\n\t"
#else
- "umull r6, r7, r8, r9\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r7\n\t"
+ "umlal r5, r3, r8, r9\n\t"
#endif
"str r5, [%[r], #128]\n\t"
"str r3, [%[r], #132]\n\t"
@@ -106763,7 +109103,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
"stm %[r]!, {r3}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
@@ -106776,29 +109116,28 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
*/
static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x88\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_521_sqr_17_outer_%=: \n\t"
"subs r3, r5, #0x40\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_521_sqr_17_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_521_sqr_17_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -106847,11 +109186,13 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_521_sqr_17_op_done_%=\n\t"
- "\n"
- "L_sp_521_sqr_17_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_521_sqr_17_inner_done_%=\n\t"
+ "blt L_sp_521_sqr_17_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -106878,37 +109219,53 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_521_sqr_17_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0x44\n\t"
- "beq L_sp_521_sqr_17_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_521_sqr_17_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_521_sqr_17_inner_%=\n\t"
- "\n"
"L_sp_521_sqr_17_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0x80\n\t"
+ "cmp r5, #0x7c\n\t"
"ble L_sp_521_sqr_17_outer_%=\n\t"
+ "ldr lr, [%[a], #64]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"ldm sp!, {r6, r7}\n\t"
"stm %[r]!, {r6, r7}\n\t"
"sub r5, r5, #8\n\t"
"\n"
"L_sp_521_sqr_17_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_521_sqr_17_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -106920,14 +109277,14 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
*/
static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x44\n\t"
/* A[0] * A[0] */
"ldr r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsr r9, r10, #16\n\t"
"lsl r2, r10, #16\n\t"
"lsr r2, r2, #16\n\t"
@@ -106946,7 +109303,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[1] */
"ldr r10, [%[a], #4]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107002,7 +109359,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107056,7 +109413,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[1] * A[1] */
"ldr r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107086,7 +109443,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107141,7 +109498,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107194,7 +109551,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107249,7 +109606,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107300,7 +109657,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[2] * A[2] */
"ldr r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107330,7 +109687,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107360,7 +109717,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107398,7 +109755,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107443,7 +109800,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107473,7 +109830,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107511,7 +109868,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107548,7 +109905,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[3] * A[3] */
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107587,7 +109944,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107617,7 +109974,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107655,7 +110012,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107693,7 +110050,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107738,7 +110095,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107768,7 +110125,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107806,7 +110163,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107844,7 +110201,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107881,7 +110238,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[4] * A[4] */
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107920,7 +110277,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107950,7 +110307,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -107988,7 +110345,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108026,7 +110383,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108064,7 +110421,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108109,7 +110466,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108139,7 +110496,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108177,7 +110534,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108215,7 +110572,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108253,7 +110610,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108290,7 +110647,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[5] * A[5] */
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108329,7 +110686,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108359,7 +110716,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108397,7 +110754,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108435,7 +110792,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108473,7 +110830,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108511,7 +110868,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108556,7 +110913,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108586,7 +110943,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108624,7 +110981,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108662,7 +111019,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108700,7 +111057,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108738,7 +111095,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108775,7 +111132,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[6] * A[6] */
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108814,7 +111171,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108844,7 +111201,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108882,7 +111239,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108920,7 +111277,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108958,7 +111315,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -108996,7 +111353,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109034,7 +111391,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109079,7 +111436,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109109,7 +111466,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109147,7 +111504,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109185,7 +111542,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109223,7 +111580,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109261,7 +111618,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109299,7 +111656,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109336,7 +111693,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[7] * A[7] */
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109375,7 +111732,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109405,7 +111762,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109443,7 +111800,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109481,7 +111838,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109519,7 +111876,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109557,7 +111914,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109595,7 +111952,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109633,7 +111990,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109678,7 +112035,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109708,7 +112065,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109746,7 +112103,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109784,7 +112141,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109822,7 +112179,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109860,7 +112217,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109898,7 +112255,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109936,7 +112293,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -109973,7 +112330,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[8] * A[8] */
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110012,7 +112369,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110042,7 +112399,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110080,7 +112437,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110118,7 +112475,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110156,7 +112513,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110194,7 +112551,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110232,7 +112589,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110270,7 +112627,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110315,7 +112672,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110345,7 +112702,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110383,7 +112740,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110421,7 +112778,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110459,7 +112816,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110497,7 +112854,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110535,7 +112892,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110572,7 +112929,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[9] * A[9] */
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110611,7 +112968,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110641,7 +112998,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110679,7 +113036,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110717,7 +113074,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110755,7 +113112,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110793,7 +113150,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110831,7 +113188,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110876,7 +113233,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110906,7 +113263,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110944,7 +113301,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -110982,7 +113339,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111020,7 +113377,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111058,7 +113415,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111095,7 +113452,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[10] * A[10] */
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111134,7 +113491,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111164,7 +113521,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111202,7 +113559,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111240,7 +113597,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111278,7 +113635,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111316,7 +113673,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111361,7 +113718,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111391,7 +113748,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111429,7 +113786,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111467,7 +113824,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111505,7 +113862,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111542,7 +113899,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[11] * A[11] */
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111581,7 +113938,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111611,7 +113968,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111649,7 +114006,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111687,7 +114044,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111725,7 +114082,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111770,7 +114127,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111800,7 +114157,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111838,7 +114195,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111876,7 +114233,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111913,7 +114270,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[12] * A[12] */
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111952,7 +114309,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -111982,7 +114339,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112020,7 +114377,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112058,7 +114415,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112103,7 +114460,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112133,7 +114490,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112171,7 +114528,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112208,7 +114565,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[13] * A[13] */
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112247,7 +114604,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112277,7 +114634,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112315,7 +114672,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[13] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112360,7 +114717,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112415,7 +114772,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[13] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112466,7 +114823,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[14] * A[14] */
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112496,7 +114853,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[13] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112551,7 +114908,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[14] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112604,7 +114961,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[14] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112658,7 +115015,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[15] * A[15] */
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112688,7 +115045,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
/* A[15] * A[16] */
"ldr r10, [%[a], #64]\n\t"
"ldr r12, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112743,7 +115100,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
"str r3, [%[r], #124]\n\t"
/* A[16] * A[16] */
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -112780,7 +115137,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
"stm %[r]!, {r2}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
}
@@ -112794,9 +115151,9 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
*/
static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -112824,7 +115181,7 @@ static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"adc %[r], r4, #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -112838,12 +115195,11 @@ static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit
*/
static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -112876,107 +115232,11 @@ static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit
"ldm %[b]!, {r7}\n\t"
"adcs r3, r3, r7\n\t"
"stm %[r]!, {r3}\n\t"
- "adc %[r], r12, r12\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "mov r12, #0\n\t"
- "add lr, %[a], #0x40\n\t"
- "\n"
- "L_sp_521_sub_17_word_%=: \n\t"
- "rsbs r12, r12, #0\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc r12, r3, r3\n\t"
- "cmp %[a], lr\n\t"
- "bne L_sp_521_sub_17_word_%=\n\t"
- "rsbs r12, r12, #0\n\t"
- "ldm %[a]!, {r3}\n\t"
- "ldm %[b]!, {r7}\n\t"
- "sbcs r3, r3, r7\n\t"
- "stm %[r]!, {r3}\n\t"
- "sbc %[r], r6, r6\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "subs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3}\n\t"
- "ldm %[b]!, {r7}\n\t"
- "sbcs r3, r3, r7\n\t"
- "stm %[r]!, {r3}\n\t"
- "sbc %[r], r6, r6\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -113010,14 +115270,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -113206,10 +115466,10 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
*/
static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -113230,7 +115490,7 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -113246,10 +115506,10 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
*/
static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -113317,7 +115577,7 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -113331,7 +115591,7 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
*/
static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x44\n\t"
@@ -113402,7 +115662,7 @@ static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p
/* 12-16 */
"ldm %[a], {r1, r2, r3, r4, r5}\n\t"
"ldm sp!, {r7, r8, r9, r10, r11}\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov lr, #0x1\n\t"
"lsl lr, lr, #8\n\t"
"add lr, lr, #0xff\n\t"
@@ -113445,12 +115705,13 @@ static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p
"stm %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
(void)m_p;
(void)mp_p;
}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 521 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -113459,12 +115720,12 @@ static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p
*/
static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -113478,7 +115739,7 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"mul r8, %[mp], r12\n\t"
"cmp r9, #0x40\n\t"
"bne L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r7, #0x1\n\t"
"lsl r7, r7, #8\n\t"
"add r7, r7, #0xff\n\t"
@@ -113489,10 +115750,9 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"\n"
"L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -113516,15 +115776,9 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"str r12, [%[a]]\n\t"
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -113548,18 +115802,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -113583,17 +115831,11 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -113617,18 +115859,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -113652,18 +115888,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -113687,18 +115917,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -113722,18 +115946,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -113757,18 +115975,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -113792,18 +116004,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -113827,18 +116033,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -113862,18 +116062,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -113897,18 +116091,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -113932,18 +116120,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -113967,18 +116149,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -114002,18 +116178,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -114037,22 +116207,16 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #64]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #64]\n\t"
+#else
+ "ldr r7, [%[m], #64]\n\t"
#endif
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -114083,13 +116247,264 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"adds r4, r4, r6\n\t"
"adcs r5, r5, r7\n\t"
"adc r3, r3, #0\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "adcs r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0x44\n\t"
+ "blt L_sp_521_mont_reduce_order_17_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "sub %[a], %[a], #4\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #4]\n\t"
+ "ldr r4, [%[a], #8]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #8]\n\t"
+ "ldr r5, [%[a], #12]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #12]\n\t"
+ "ldr r4, [%[a], #16]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #16]\n\t"
+ "ldr r5, [%[a], #20]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #20]\n\t"
+ "ldr r4, [%[a], #24]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #24]\n\t"
+ "ldr r5, [%[a], #28]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #28]\n\t"
+ "ldr r4, [%[a], #32]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #32]\n\t"
+ "ldr r5, [%[a], #36]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #36]\n\t"
+ "ldr r4, [%[a], #40]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #40]\n\t"
+ "ldr r5, [%[a], #44]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #44]\n\t"
+ "ldr r4, [%[a], #48]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #48]\n\t"
+ "ldr r5, [%[a], #52]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #52]\n\t"
+ "ldr r4, [%[a], #56]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #56]\n\t"
+ "ldr r5, [%[a], #60]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "orr r4, r4, r5, lsl #23\n\t"
+ "str r4, [%[a], #60]\n\t"
+ "ldr r4, [%[a], #64]\n\t"
+ "lsr r5, r5, #9\n\t"
+ "orr r5, r5, r4, lsl #23\n\t"
+ "str r5, [%[a], #64]\n\t"
+ "lsr r4, r4, #9\n\t"
+ "str r4, [%[a], #68]\n\t"
+ "lsr r3, r4, #9\n\t"
+ "add %[a], %[a], #4\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 521 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ "cmp r9, #0x40\n\t"
+ "bne L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r7, #0x1\n\t"
+ "lsl r7, r7, #8\n\t"
+ "add r7, r7, #0xff\n\t"
#else
+ "mov r7, #0x1ff\n\t"
+#endif
+ "and r8, r8, r7\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ "str r12, [%[a]]\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r4, r4, r6\n\t"
"adcs r5, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"ldr r10, [%[a], #68]\n\t"
@@ -114101,6 +116516,7 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"add %[a], %[a], #4\n\t"
"cmp r9, #0x44\n\t"
"blt L_sp_521_mont_reduce_order_17_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"sub %[a], %[a], #4\n\t"
@@ -114176,11 +116592,225 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 521 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ "cmp r12, #0x40\n\t"
+ "bne L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+ "mov r10, #0x1\n\t"
+ "lsl r10, r10, #8\n\t"
+ "add r10, r10, #0xff\n\t"
+#else
+ "mov r10, #0x1ff\n\t"
+#endif
+ "and r11, r11, r10\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ "str r4, [%[a]]\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #68]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #68]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0x44\n\t"
+ "blt L_sp_521_mont_reduce_order_17_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "sub %[a], %[a], #4\n\t"
+ "ldr r10, [%[a]]\n\t"
+ "ldr r3, [%[a], #4]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #4]\n\t"
+ "ldr r10, [%[a], #8]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #8]\n\t"
+ "ldr r3, [%[a], #12]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #16]\n\t"
+ "ldr r3, [%[a], #20]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #24]\n\t"
+ "ldr r3, [%[a], #28]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #32]\n\t"
+ "ldr r3, [%[a], #36]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #40]\n\t"
+ "ldr r3, [%[a], #44]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #48]\n\t"
+ "ldr r3, [%[a], #52]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #56]\n\t"
+ "ldr r3, [%[a], #60]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "orr r10, r10, r3, lsl #23\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "lsr r3, r3, #9\n\t"
+ "orr r3, r3, r10, lsl #23\n\t"
+ "str r3, [%[a], #64]\n\t"
+ "lsr r10, r10, #9\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "lsr lr, r10, #9\n\t"
+ "add %[a], %[a], #4\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
}
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -114188,7 +116818,7 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -114202,7 +116832,7 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -114218,10 +116848,10 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_17(r, a, m, mp);
for (; n > 1; n--) {
@@ -114329,8 +116959,8 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
*/
static sp_int32 sp_521_cmp_17(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -114548,7 +117178,7 @@ static sp_int32 sp_521_cmp_17(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -114608,9 +117238,9 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
*/
static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -114645,7 +117275,7 @@ static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"ldm %[a]!, {r8}\n\t"
"ldm %[b]!, {r4}\n\t"
"adcs r8, r8, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r12, #0x1\n\t"
"lsl r12, r12, #8\n\t"
"add r12, r12, #0xff\n\t"
@@ -114681,7 +117311,7 @@ static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
(void)m_p;
}
@@ -114694,8 +117324,8 @@ static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"mov r2, #0\n\t"
@@ -114721,7 +117351,7 @@ static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
"ldm %[a]!, {r4}\n\t"
"adcs r4, r4, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x1\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0xff\n\t"
@@ -114757,7 +117387,7 @@ static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
);
(void)m_p;
}
@@ -114770,8 +117400,8 @@ static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"mov r2, #0\n\t"
@@ -114831,7 +117461,7 @@ static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"ldm %[r], {r4}\n\t"
"ldm %[a]!, {r8}\n\t"
"adcs r4, r4, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r3, #0x1\n\t"
"lsl r3, r3, #8\n\t"
"add r3, r3, #0xff\n\t"
@@ -114853,7 +117483,7 @@ static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
);
(void)m_p;
}
@@ -114867,9 +117497,9 @@ static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -114904,7 +117534,7 @@ static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"ldm %[a]!, {r8}\n\t"
"ldm %[b]!, {r4}\n\t"
"sbcs r8, r8, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r12, #0x1\n\t"
"lsl r12, r12, #8\n\t"
"add r12, r12, #0xff\n\t"
@@ -114941,16 +117571,15 @@ static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
(void)m_p;
}
-#define sp_521_mont_sub_lower_17 sp_521_mont_sub_17
static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3}\n\t"
@@ -115021,7 +117650,7 @@ static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
"str r3, [%[r], #64]\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4"
+ : "memory", "r2", "r3", "r4", "cc"
);
}
@@ -115031,7 +117660,7 @@ static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_521_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
{
sp_digit o = a[0] & 1;
@@ -115085,7 +117714,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_17(t2, t2, p521_mod);
+ sp_521_mont_div2_17(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -115095,7 +117724,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_17(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+ sp_521_mont_sub_17(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -115118,7 +117747,8 @@ typedef struct sp_521_proj_point_dbl_17_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
@@ -115192,7 +117822,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_17(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -115217,7 +117847,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -115283,12 +117913,12 @@ static int sp_521_iszero_17(const sp_digit* a)
static void sp_521_proj_point_add_17(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*17;
- sp_digit* t3 = t + 4*17;
- sp_digit* t4 = t + 6*17;
- sp_digit* t5 = t + 8*17;
- sp_digit* t6 = t + 10*17;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*17;
+ sp_digit* t2 = t + 4*17;
+ sp_digit* t3 = t + 6*17;
+ sp_digit* t4 = t + 8*17;
+ sp_digit* t5 = t + 10*17;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
@@ -115310,17 +117940,9 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
sp_521_proj_point_dbl_17(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_17(t2, t2, t1, p521_mod);
@@ -115339,20 +117961,31 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
sp_521_mont_dbl_17(t3, y, p521_mod);
sp_521_mont_sub_17(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+ sp_521_mont_sub_17(y, y, x, p521_mod);
sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(y, y, t5, p521_mod);
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -115398,12 +118031,12 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*17;
- ctx->t3 = t + 4*17;
- ctx->t4 = t + 6*17;
- ctx->t5 = t + 8*17;
- ctx->t6 = t + 10*17;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*17;
+ ctx->t2 = t + 4*17;
+ ctx->t3 = t + 6*17;
+ ctx->t4 = t + 8*17;
+ ctx->t5 = t + 10*17;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -115510,7 +118143,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -115523,22 +118156,28 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -115558,7 +118197,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
@@ -115868,8 +118507,6 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
}
#ifdef FP_ECC
-#define sp_521_mont_dbl_lower_17 sp_521_mont_dbl_17
-#define sp_521_mont_tpl_lower_17 sp_521_mont_tpl_17
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -115908,7 +118545,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+ sp_521_mont_tpl_17(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -115917,8 +118554,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_dbl_17(t2, b, p521_mod);
sp_521_mont_sub_17(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+ sp_521_mont_sub_17(t2, b, x, p521_mod);
+ sp_521_mont_dbl_17(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -115938,7 +118575,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+ sp_521_mont_tpl_17(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -115947,8 +118584,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_dbl_17(t2, b, p521_mod);
sp_521_mont_sub_17(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+ sp_521_mont_sub_17(t2, b, x, p521_mod);
+ sp_521_mont_dbl_17(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -115958,7 +118595,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_sub_17(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_17(y, y, p521_mod);
+ sp_521_mont_div2_17(y, y, p521_mod);
}
/* Convert the projective point to affine.
@@ -116004,12 +118641,12 @@ typedef struct sp_table_entry_521 {
static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*17;
- sp_digit* t3 = t + 4*17;
- sp_digit* t4 = t + 6*17;
- sp_digit* t5 = t + 8*17;
- sp_digit* t6 = t + 10*17;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*17;
+ sp_digit* t6 = t + 4*17;
+ sp_digit* t1 = t + 6*17;
+ sp_digit* t4 = t + 8*17;
+ sp_digit* t5 = t + 10*17;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -116025,13 +118662,9 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
sp_521_proj_point_dbl_17(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
@@ -116040,33 +118673,40 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_17(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_17(x, t1, t5, p521_mod);
- sp_521_mont_dbl_17(t1, t3, p521_mod);
- sp_521_mont_sub_17(x, x, t1, p521_mod);
+ sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_17(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_17(t5, t3, p521_mod);
+ sp_521_mont_sub_17(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_17(t3, t3, x, p521_mod);
+ sp_521_mont_sub_17(t3, t3, x, p521_mod);
sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_17(y, t3, t5, p521_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_17(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -116167,7 +118807,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_16_17(sp_point_521* r,
@@ -116398,7 +119038,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -116469,8 +119109,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -116623,7 +119263,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_256_17(sp_point_521* r,
@@ -116854,7 +119494,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -116925,8 +119565,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -117043,7 +119683,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -117054,7 +119694,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -119136,7 +121776,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -119158,7 +121798,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -119219,7 +121859,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
*/
static void sp_521_add_one_17(sp_digit* a_p)
{
- register sp_digit* a asm ("r0") = a_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
__asm__ __volatile__ (
"ldm %[a], {r1, r2, r3, r4}\n\t"
@@ -119251,7 +121891,7 @@ static void sp_521_add_one_17(sp_digit* a_p)
"stm %[a]!, {r1}\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4"
+ : "memory", "r1", "r2", "r3", "r4", "cc"
);
}
@@ -119347,7 +121987,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -119355,7 +121995,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -119625,13 +122265,13 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register byte n asm ("r2") = n_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register byte n asm ("r2") = (byte)n_p;
__asm__ __volatile__ (
"rsb r12, %[n], #32\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, [%[a]]\n\t"
"ldr r5, [%[a], #4]\n\t"
#else
@@ -119716,7 +122356,7 @@ static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
"lsl r3, r5, r12\n\t"
"lsr r5, r5, %[n]\n\t"
"orr r4, r4, r3\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"str r4, [%[r], #60]\n\t"
"str r5, [%[r], #64]\n\t"
#else
@@ -119724,7 +122364,7 @@ static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
#endif
: [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : "memory", "r4", "r5", "r6", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
);
}
@@ -119734,9 +122374,9 @@ static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register byte n asm ("r2") = n_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register byte n asm ("r2") = (byte)n_p;
__asm__ __volatile__ (
"rsb r12, %[n], #31\n\t"
@@ -119844,15 +122484,15 @@ static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
"str r5, [%[r], #4]\n\t"
: [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : "memory", "r4", "r5", "r6", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
);
}
static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register byte n asm ("r2") = n_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register byte n asm ("r2") = (byte)n_p;
__asm__ __volatile__ (
"rsb r12, %[n], #31\n\t"
@@ -120062,7 +122702,7 @@ static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
"str r6, [%[r], #4]\n\t"
: [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : "memory", "r4", "r5", "r6", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
);
}
@@ -120074,16 +122714,15 @@ static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
*/
static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0x40\n\t"
"\n"
"L_sp_521_sub_in_pkace_17_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -120091,18 +122730,18 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_521_sub_in_pkace_17_word_%=\n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2}\n\t"
"ldm %[b]!, {r6}\n\t"
"sbcs r2, r2, r6\n\t"
"stm %[a]!, {r2}\n\t"
- "sbc %[a], r10, r10\n\t"
+ "sbc %[a], %[a], %[a]\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -120115,8 +122754,8 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -120154,7 +122793,7 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -120169,15 +122808,14 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
*/
static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -120210,7 +122848,7 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_521_mul_d_17_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -120255,7 +122893,7 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #68]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -120268,15 +122906,14 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -120301,611 +122938,491 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -120931,15 +123448,13 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
"str r5, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -120956,9 +123471,9 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -120998,7 +123513,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -121015,9 +123530,9 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -121047,7 +123562,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_521_word_17_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -121075,7 +123590,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -121103,7 +123618,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -121136,7 +123651,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -121182,8 +123697,8 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[35];
sp_digit t2[18];
@@ -121229,7 +123744,8 @@ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digi
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_521_div_17(a, m, NULL, r);
}
@@ -121788,6 +124304,103 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
#endif /* HAVE_ECC_SIGN */
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "mov r12, #0\n\t"
+ "add lr, %[a], #0x40\n\t"
+ "\n"
+ "L_sp_521_sub_17_word_%=: \n\t"
+ "rsbs r12, r12, #0\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "sbc r12, r3, r3\n\t"
+ "cmp %[a], lr\n\t"
+ "bne L_sp_521_sub_17_word_%=\n\t"
+ "rsbs r12, r12, #0\n\t"
+ "ldm %[a]!, {r3}\n\t"
+ "ldm %[b]!, {r7}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "sbc %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+ __asm__ __volatile__ (
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "subs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[b]!, {r7, r8, r9, r10}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "sbcs r4, r4, r8\n\t"
+ "sbcs r5, r5, r9\n\t"
+ "sbcs r6, r6, r10\n\t"
+ "stm %[r]!, {r3, r4, r5, r6}\n\t"
+ "ldm %[a]!, {r3}\n\t"
+ "ldm %[b]!, {r7}\n\t"
+ "sbcs r3, r3, r7\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "sbc %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
*
* r Result of division by 2.
@@ -121796,12 +124409,12 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
*/
static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
__asm__ __volatile__ (
- "ldr r4, [%[a]], #4\n\t"
+ "ldm %[a]!, {r4}\n\t"
"ands r3, r4, #1\n\t"
"beq L_sp_521_div2_mod_17_even_%=\n\t"
"mov r12, #0\n\t"
@@ -121853,8 +124466,8 @@ static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"stm %[r]!, {r4}\n\t"
"\n"
"L_sp_521_div2_mod_17_div2_%=: \n\t"
- "sub %[r], #0x44\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+ "sub %[r], %[r], #0x44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r8, [%[r]]\n\t"
"ldr r9, [%[r], #4]\n\t"
#else
@@ -121928,49 +124541,50 @@ static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"str r9, [%[r], #64]\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
static const unsigned char L_sp_521_num_bits_17_table[] = {
- 0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
- 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
- 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
- 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
- 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
+ 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
+ 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+ 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+ 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
};
static int sp_521_num_bits_17(const sp_digit* a_p)
{
- register const sp_digit* a asm ("r0") = a_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register unsigned char* L_sp_521_num_bits_17_table_c asm ("r1") = (unsigned char*)&L_sp_521_num_bits_17_table;
__asm__ __volatile__ (
"mov lr, %[L_sp_521_num_bits_17_table]\n\t"
@@ -121980,7 +124594,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_16_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x2\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x18\n\t"
@@ -121996,7 +124610,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_16_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x2\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x10\n\t"
@@ -122012,7 +124626,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_16_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x2\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x8\n\t"
@@ -122025,7 +124639,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_16_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x2\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -122043,7 +124657,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_15_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xf8\n\t"
@@ -122059,7 +124673,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_15_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xf0\n\t"
@@ -122075,7 +124689,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_15_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xe8\n\t"
@@ -122088,7 +124702,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_15_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xe0\n\t"
@@ -122106,7 +124720,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_14_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xd8\n\t"
@@ -122122,7 +124736,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_14_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xd0\n\t"
@@ -122138,7 +124752,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_14_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xc8\n\t"
@@ -122151,7 +124765,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_14_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xc0\n\t"
@@ -122169,7 +124783,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_13_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xb8\n\t"
@@ -122185,7 +124799,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_13_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xb0\n\t"
@@ -122201,7 +124815,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_13_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xa8\n\t"
@@ -122214,7 +124828,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_13_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xa0\n\t"
@@ -122232,7 +124846,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_12_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x98\n\t"
@@ -122248,7 +124862,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_12_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x90\n\t"
@@ -122264,7 +124878,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_12_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x88\n\t"
@@ -122277,7 +124891,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_12_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x80\n\t"
@@ -122295,7 +124909,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_11_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x78\n\t"
@@ -122311,7 +124925,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_11_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x70\n\t"
@@ -122327,7 +124941,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_11_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x68\n\t"
@@ -122340,7 +124954,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_11_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x60\n\t"
@@ -122358,7 +124972,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_10_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x58\n\t"
@@ -122374,7 +124988,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_10_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x50\n\t"
@@ -122390,7 +125004,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_10_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x48\n\t"
@@ -122403,7 +125017,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_10_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x40\n\t"
@@ -122421,7 +125035,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_9_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x38\n\t"
@@ -122437,7 +125051,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_9_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x30\n\t"
@@ -122453,7 +125067,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_9_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x28\n\t"
@@ -122466,7 +125080,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_9_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x20\n\t"
@@ -122484,7 +125098,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"lsr r3, r1, #24\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_8_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x18\n\t"
@@ -122500,7 +125114,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_8_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x10\n\t"
@@ -122516,7 +125130,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"and r3, r3, #0xff\n\t"
"cmp r3, #0\n\t"
"beq L_sp_521_num_bits_17_8_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x8\n\t"
@@ -122529,7 +125143,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_8_1_%=: \n\t"
"and r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -122849,9 +125463,9 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"\n"
"L_sp_521_num_bits_17_18_%=: \n\t"
"mov %[a], r12\n\t"
- : [a] "+r" (a)
- : [L_sp_521_num_bits_17_table] "r" (L_sp_521_num_bits_17_table)
- : "memory", "r1", "r2", "r3", "r12", "lr"
+ : [a] "+r" (a), [L_sp_521_num_bits_17_table] "+r" (L_sp_521_num_bits_17_table_c)
+ :
+ : "memory", "r2", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -122859,13 +125473,13 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
#else
static int sp_521_num_bits_17(const sp_digit* a_p)
{
- register const sp_digit* a asm ("r0") = a_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"ldr r1, [%[a], #64]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_16_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x2\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x20\n\t"
@@ -122880,7 +125494,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #60]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_15_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x2\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -122895,7 +125509,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #56]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_14_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xe0\n\t"
@@ -122910,7 +125524,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #52]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_13_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xc0\n\t"
@@ -122925,7 +125539,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #48]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_12_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0xa0\n\t"
@@ -122940,7 +125554,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #44]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_11_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x80\n\t"
@@ -122955,7 +125569,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #40]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_10_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x60\n\t"
@@ -122970,7 +125584,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #36]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_9_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x40\n\t"
@@ -122985,7 +125599,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #32]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_8_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x20\n\t"
@@ -123000,7 +125614,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"ldr r1, [%[a], #28]\n\t"
"cmp r1, #0\n\t"
"beq L_sp_521_num_bits_17_7_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"mov r2, #0x1\n\t"
"lsl r2, r2, #8\n\t"
"add r2, r2, #0x0\n\t"
@@ -123075,12 +125689,12 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
"mov %[a], r12\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r12", "lr"
+ : "memory", "r1", "r2", "r3", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
-#endif /* WOLFSSL_SP_ARM_ARCH && (WOLFSSL_SP_ARM_ARCH < 7) */
+#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
/* Non-constant time modular inversion.
*
* @param [out] r Resulting number.
@@ -123124,7 +125738,7 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_521_cmp_17(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
sp_521_sub_17(u, u, v);
o = sp_521_sub_17(b, b, d);
if (o != 0)
@@ -123210,7 +125824,7 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -123541,7 +126155,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -123569,19 +126183,21 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 17;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_17(t1, point->y);
(void)sp_521_mod_17(t1, t1, p521_mod);
sp_521_sqr_17(t2, point->x);
(void)sp_521_mod_17(t2, t2, p521_mod);
sp_521_mul_17(t2, t2, point->x);
(void)sp_521_mod_17(t2, t2, p521_mod);
- (void)sp_521_sub_17(t2, p521_mod, t2);
- sp_521_mont_add_17(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_17(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_17(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -123595,7 +126211,7 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -124102,17 +126718,16 @@ typedef struct sp_point_1024 {
*/
static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x40\n\t"
- "mov r10, #0\n\t"
/* A[0] * B[0] */
"ldr r11, [%[a]]\n\t"
"ldr r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r3, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124142,7 +126757,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp]\n\t"
/* A[0] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124181,7 +126796,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[1] * B[0] */
"ldr r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124219,7 +126834,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #4]\n\t"
/* A[2] * B[0] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124259,7 +126874,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[1] */
"ldr r11, [%[a], #4]\n\t"
"ldr r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124297,7 +126912,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[2] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124335,7 +126950,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #8]\n\t"
/* A[0] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124374,7 +126989,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[1] * B[2] */
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124411,7 +127026,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[2] * B[1] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124449,7 +127064,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[0] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124487,7 +127102,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #12]\n\t"
/* A[4] * B[0] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124526,7 +127141,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[3] * B[1] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124564,7 +127179,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[2] */
"ldr r11, [%[a], #8]\n\t"
"ldr r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124602,7 +127217,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[3] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124640,7 +127255,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[4] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124678,7 +127293,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #16]\n\t"
/* A[0] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124718,7 +127333,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[4] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124755,7 +127370,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[2] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124792,7 +127407,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[3] * B[2] */
"ldr r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124830,7 +127445,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[1] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124868,7 +127483,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[0] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124906,7 +127521,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #20]\n\t"
/* A[6] * B[0] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124946,7 +127561,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[1] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -124983,7 +127598,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[4] * B[2] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125021,7 +127636,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[3] */
"ldr r11, [%[a], #12]\n\t"
"ldr r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125059,7 +127674,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[4] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125097,7 +127712,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[5] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125135,7 +127750,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[6] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125173,7 +127788,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #24]\n\t"
/* A[0] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125213,7 +127828,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[6] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125251,7 +127866,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[5] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125288,7 +127903,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[3] * B[4] */
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125325,7 +127940,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[4] * B[3] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125363,7 +127978,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[2] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125401,7 +128016,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[1] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125439,7 +128054,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[0] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125477,7 +128092,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #28]\n\t"
/* A[8] * B[0] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125517,7 +128132,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[1] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125555,7 +128170,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[2] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125592,7 +128207,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[5] * B[3] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125630,7 +128245,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[4] */
"ldr r11, [%[a], #16]\n\t"
"ldr r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125668,7 +128283,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[5] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125706,7 +128321,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[6] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125744,7 +128359,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[7] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125782,7 +128397,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[8] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125820,7 +128435,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #32]\n\t"
/* A[0] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125860,7 +128475,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[8] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125898,7 +128513,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[7] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125936,7 +128551,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[6] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -125973,7 +128588,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[4] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126010,7 +128625,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[5] * B[4] */
"ldr r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126048,7 +128663,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[3] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126086,7 +128701,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[2] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126124,7 +128739,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[1] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126162,7 +128777,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[0] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126200,7 +128815,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #36]\n\t"
/* A[10] * B[0] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126240,7 +128855,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[1] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126278,7 +128893,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[2] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126316,7 +128931,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[3] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126353,7 +128968,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[6] * B[4] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126391,7 +129006,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[5] */
"ldr r11, [%[a], #20]\n\t"
"ldr r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126429,7 +129044,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[6] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126467,7 +129082,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[7] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126505,7 +129120,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[8] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126543,7 +129158,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[9] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126581,7 +129196,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[10] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126619,7 +129234,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #40]\n\t"
/* A[0] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126659,7 +129274,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[10] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126697,7 +129312,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[9] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126735,7 +129350,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[8] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126773,7 +129388,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[7] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126810,7 +129425,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[5] * B[6] */
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126847,7 +129462,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[6] * B[5] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126885,7 +129500,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[4] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126923,7 +129538,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[3] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126961,7 +129576,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[2] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -126999,7 +129614,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[1] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127037,7 +129652,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[0] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127075,7 +129690,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #44]\n\t"
/* A[12] * B[0] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127115,7 +129730,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[1] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127153,7 +129768,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[2] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127191,7 +129806,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[3] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127229,7 +129844,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[4] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127266,7 +129881,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[7] * B[5] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127304,7 +129919,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[6] */
"ldr r11, [%[a], #24]\n\t"
"ldr r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127342,7 +129957,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[7] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127380,7 +129995,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[8] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127418,7 +130033,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[9] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127456,7 +130071,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[10] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127494,7 +130109,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[11] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127532,7 +130147,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[12] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127570,7 +130185,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #48]\n\t"
/* A[0] * B[13] */
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127610,7 +130225,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[12] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127648,7 +130263,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[11] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127686,7 +130301,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[10] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127724,7 +130339,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[9] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127762,7 +130377,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[8] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127799,7 +130414,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[6] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127836,7 +130451,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[7] * B[6] */
"ldr r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127874,7 +130489,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[5] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127912,7 +130527,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[4] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127950,7 +130565,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[3] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -127988,7 +130603,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[2] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128026,7 +130641,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[1] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128064,7 +130679,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[0] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128102,7 +130717,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [sp, #52]\n\t"
/* A[14] * B[0] */
"ldr r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128142,7 +130757,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[1] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128180,7 +130795,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[2] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128218,7 +130833,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[3] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128256,7 +130871,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[4] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128294,7 +130909,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[5] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128331,7 +130946,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[8] * B[6] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128369,7 +130984,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[7] */
"ldr r11, [%[a], #28]\n\t"
"ldr r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128407,7 +131022,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[8] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128445,7 +131060,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[9] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128483,7 +131098,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[10] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128521,7 +131136,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[11] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128559,7 +131174,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[12] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128597,7 +131212,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[13] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128635,7 +131250,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[0] * B[14] */
"ldr r8, [%[a]]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128673,7 +131288,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [sp, #56]\n\t"
/* A[0] * B[15] */
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128713,7 +131328,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[14] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128751,7 +131366,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[13] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128789,7 +131404,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[12] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128827,7 +131442,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[11] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128865,7 +131480,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[10] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128903,7 +131518,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[9] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128940,7 +131555,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[7] * B[8] */
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -128977,7 +131592,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[8] * B[7] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129015,7 +131630,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[6] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129053,7 +131668,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[5] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129091,7 +131706,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[4] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129129,7 +131744,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[3] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129167,7 +131782,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[2] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129205,7 +131820,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[1] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129243,7 +131858,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[0] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129281,7 +131896,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [sp, #60]\n\t"
/* A[15] * B[1] */
"ldr r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129321,7 +131936,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[2] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129359,7 +131974,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[3] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129397,7 +132012,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[4] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129435,7 +132050,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[5] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129473,7 +132088,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[6] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129510,7 +132125,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[9] * B[7] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129548,7 +132163,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[8] */
"ldr r11, [%[a], #32]\n\t"
"ldr r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129586,7 +132201,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[9] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129624,7 +132239,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[10] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129662,7 +132277,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[11] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129700,7 +132315,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[12] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129738,7 +132353,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[13] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129776,7 +132391,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[2] * B[14] */
"ldr r8, [%[a], #8]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129814,7 +132429,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[1] * B[15] */
"ldr r8, [%[a], #4]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129852,7 +132467,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [%[r], #64]\n\t"
/* A[2] * B[15] */
"ldr r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129892,7 +132507,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[14] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129930,7 +132545,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[13] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -129968,7 +132583,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[12] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130006,7 +132621,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[11] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130044,7 +132659,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[10] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130081,7 +132696,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[8] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130118,7 +132733,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[9] * B[8] */
"ldr r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130156,7 +132771,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[7] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130194,7 +132809,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[6] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130232,7 +132847,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[5] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130270,7 +132885,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[4] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130308,7 +132923,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[3] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130346,7 +132961,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[2] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130384,7 +132999,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [%[r], #68]\n\t"
/* A[15] * B[3] */
"ldr r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130424,7 +133039,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[4] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130462,7 +133077,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[5] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130500,7 +133115,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[6] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130538,7 +133153,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[7] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130575,7 +133190,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[10] * B[8] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130613,7 +133228,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[9] */
"ldr r11, [%[a], #36]\n\t"
"ldr r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130651,7 +133266,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[10] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130689,7 +133304,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[11] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130727,7 +133342,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[12] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130765,7 +133380,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[13] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130803,7 +133418,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[4] * B[14] */
"ldr r8, [%[a], #16]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130841,7 +133456,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[3] * B[15] */
"ldr r8, [%[a], #12]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130879,7 +133494,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [%[r], #72]\n\t"
/* A[4] * B[15] */
"ldr r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130919,7 +133534,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[14] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130957,7 +133572,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[13] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -130995,7 +133610,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[12] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131033,7 +133648,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[11] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131070,7 +133685,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[9] * B[10] */
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131107,7 +133722,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[10] * B[9] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131145,7 +133760,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[8] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131183,7 +133798,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[7] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131221,7 +133836,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[6] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131259,7 +133874,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[5] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131297,7 +133912,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[4] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131335,7 +133950,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [%[r], #76]\n\t"
/* A[15] * B[5] */
"ldr r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131375,7 +133990,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[6] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131413,7 +134028,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[7] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131451,7 +134066,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[8] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131488,7 +134103,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[11] * B[9] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131526,7 +134141,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[10] */
"ldr r11, [%[a], #40]\n\t"
"ldr r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131564,7 +134179,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[11] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131602,7 +134217,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[12] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131640,7 +134255,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[13] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131678,7 +134293,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[6] * B[14] */
"ldr r8, [%[a], #24]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131716,7 +134331,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[5] * B[15] */
"ldr r8, [%[a], #20]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131754,7 +134369,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [%[r], #80]\n\t"
/* A[6] * B[15] */
"ldr r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131794,7 +134409,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[14] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131832,7 +134447,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[13] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131870,7 +134485,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[12] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131907,7 +134522,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[10] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131944,7 +134559,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[11] * B[10] */
"ldr r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -131982,7 +134597,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[9] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132020,7 +134635,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[8] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132058,7 +134673,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[7] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132096,7 +134711,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[6] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132134,7 +134749,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [%[r], #84]\n\t"
/* A[15] * B[7] */
"ldr r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132174,7 +134789,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[8] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132212,7 +134827,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[9] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132249,7 +134864,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[12] * B[10] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132287,7 +134902,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[11] */
"ldr r11, [%[a], #44]\n\t"
"ldr r12, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132325,7 +134940,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[12] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132363,7 +134978,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[13] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132401,7 +135016,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[8] * B[14] */
"ldr r8, [%[a], #32]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132439,7 +135054,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[7] * B[15] */
"ldr r8, [%[a], #28]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132477,7 +135092,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [%[r], #88]\n\t"
/* A[8] * B[15] */
"ldr r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132517,7 +135132,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[14] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132555,7 +135170,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[13] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132592,7 +135207,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[11] * B[12] */
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132629,7 +135244,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[12] * B[11] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132667,7 +135282,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[10] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132705,7 +135320,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[9] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132743,7 +135358,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[8] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132781,7 +135396,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [%[r], #92]\n\t"
/* A[15] * B[9] */
"ldr r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132821,7 +135436,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[10] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132858,7 +135473,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[13] * B[11] */
"ldr r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132896,7 +135511,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[12] */
"ldr r11, [%[a], #48]\n\t"
"ldr r12, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132934,7 +135549,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[13] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -132972,7 +135587,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[10] * B[14] */
"ldr r8, [%[a], #40]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133010,7 +135625,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[9] * B[15] */
"ldr r8, [%[a], #36]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133048,7 +135663,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r3, [%[r], #96]\n\t"
/* A[10] * B[15] */
"ldr r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133088,7 +135703,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[14] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133125,7 +135740,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[12] * B[13] */
"ldr r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133162,7 +135777,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[13] * B[12] */
"ldr r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133200,7 +135815,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[11] */
"ldr r8, [%[a], #56]\n\t"
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133238,7 +135853,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[10] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133276,7 +135891,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r4, [%[r], #100]\n\t"
/* A[15] * B[11] */
"ldr r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133315,7 +135930,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[14] * B[12] */
"ldr r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133353,7 +135968,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[13] */
"ldr r11, [%[a], #52]\n\t"
"ldr r12, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133391,7 +136006,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[12] * B[14] */
"ldr r8, [%[a], #48]\n\t"
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133429,7 +136044,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[11] * B[15] */
"ldr r8, [%[a], #44]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133467,7 +136082,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"str r5, [%[r], #104]\n\t"
/* A[12] * B[15] */
"ldr r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133506,7 +136121,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[13] * B[14] */
"ldr r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133543,7 +136158,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[14] * B[13] */
"ldr r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133581,7 +136196,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[15] * B[12] */
"ldr r8, [%[a], #60]\n\t"
"ldr r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133618,7 +136233,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"str r3, [%[r], #108]\n\t"
/* A[15] * B[13] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133658,7 +136273,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[14] * B[14] */
"ldr r11, [%[a], #56]\n\t"
"ldr r12, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133696,7 +136311,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
/* A[13] * B[15] */
"ldr r8, [%[a], #52]\n\t"
"ldr r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133733,7 +136348,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"str r4, [%[r], #112]\n\t"
/* A[14] * B[15] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r11, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133772,7 +136387,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
/* A[15] * B[14] */
"ldr r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r12, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133809,7 +136424,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"str r5, [%[r], #116]\n\t"
/* A[15] * B[15] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r9, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -133835,9 +136450,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"adds r3, r3, r6\n\t"
"adc r4, r4, r7\n\t"
#else
- "umull r6, r7, r8, r9\n\t"
- "adds r3, r3, r6\n\t"
- "adc r4, r4, r7\n\t"
+ "umlal r3, r4, r8, r9\n\t"
#endif
"str r3, [%[r], #120]\n\t"
"str r4, [%[r], #124]\n\t"
@@ -133851,7 +136464,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
@@ -133862,14 +136475,14 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x40\n\t"
/* A[0] * A[0] */
"ldr r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsr r9, r10, #16\n\t"
"lsl r2, r10, #16\n\t"
"lsr r2, r2, #16\n\t"
@@ -133888,7 +136501,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[1] */
"ldr r10, [%[a], #4]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -133944,7 +136557,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -133998,7 +136611,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[1] * A[1] */
"ldr r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134028,7 +136641,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134083,7 +136696,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[2] */
"ldr r10, [%[a], #8]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134136,7 +136749,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134191,7 +136804,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134242,7 +136855,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[2] * A[2] */
"ldr r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134272,7 +136885,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134302,7 +136915,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134340,7 +136953,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[3] */
"ldr r10, [%[a], #12]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134385,7 +136998,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134415,7 +137028,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134453,7 +137066,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134490,7 +137103,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[3] * A[3] */
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134529,7 +137142,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134559,7 +137172,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134597,7 +137210,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134635,7 +137248,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[4] */
"ldr r10, [%[a], #16]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134680,7 +137293,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134710,7 +137323,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134748,7 +137361,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134786,7 +137399,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134823,7 +137436,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[4] * A[4] */
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134862,7 +137475,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134892,7 +137505,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134930,7 +137543,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -134968,7 +137581,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135006,7 +137619,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[5] */
"ldr r10, [%[a], #20]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135051,7 +137664,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135081,7 +137694,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135119,7 +137732,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135157,7 +137770,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135195,7 +137808,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135232,7 +137845,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[5] * A[5] */
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135271,7 +137884,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135301,7 +137914,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135339,7 +137952,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135377,7 +137990,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135415,7 +138028,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135453,7 +138066,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[6] */
"ldr r10, [%[a], #24]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135498,7 +138111,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135528,7 +138141,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135566,7 +138179,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135604,7 +138217,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135642,7 +138255,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135680,7 +138293,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135717,7 +138330,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[6] * A[6] */
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135756,7 +138369,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135786,7 +138399,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135824,7 +138437,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135862,7 +138475,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135900,7 +138513,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135938,7 +138551,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -135976,7 +138589,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[7] */
"ldr r10, [%[a], #28]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136021,7 +138634,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136051,7 +138664,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136089,7 +138702,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136127,7 +138740,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136165,7 +138778,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136203,7 +138816,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136241,7 +138854,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136278,7 +138891,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[7] * A[7] */
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136317,7 +138930,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[0] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136347,7 +138960,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136385,7 +138998,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136423,7 +139036,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136461,7 +139074,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136499,7 +139112,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136537,7 +139150,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136575,7 +139188,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[8] */
"ldr r10, [%[a], #32]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136620,7 +139233,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[1] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136650,7 +139263,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136688,7 +139301,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136726,7 +139339,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136764,7 +139377,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136802,7 +139415,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136840,7 +139453,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136877,7 +139490,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[8] * A[8] */
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136916,7 +139529,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[2] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136946,7 +139559,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -136984,7 +139597,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137022,7 +139635,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137060,7 +139673,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137098,7 +139711,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137136,7 +139749,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[9] */
"ldr r10, [%[a], #36]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137181,7 +139794,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[3] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137211,7 +139824,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137249,7 +139862,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137287,7 +139900,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137325,7 +139938,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137363,7 +139976,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137400,7 +140013,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[9] * A[9] */
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137439,7 +140052,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[4] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137469,7 +140082,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137507,7 +140120,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137545,7 +140158,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137583,7 +140196,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137621,7 +140234,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[10] */
"ldr r10, [%[a], #40]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137666,7 +140279,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[5] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137696,7 +140309,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137734,7 +140347,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137772,7 +140385,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137810,7 +140423,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137847,7 +140460,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[10] * A[10] */
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137886,7 +140499,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[6] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137916,7 +140529,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137954,7 +140567,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -137992,7 +140605,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138030,7 +140643,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[11] */
"ldr r10, [%[a], #44]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138075,7 +140688,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[7] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138105,7 +140718,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138143,7 +140756,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138181,7 +140794,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138218,7 +140831,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[11] * A[11] */
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138257,7 +140870,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[8] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138287,7 +140900,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138325,7 +140938,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138363,7 +140976,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[12] */
"ldr r10, [%[a], #48]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138408,7 +141021,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[9] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138438,7 +141051,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138476,7 +141089,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138513,7 +141126,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[12] * A[12] */
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138552,7 +141165,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[10] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r5, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138582,7 +141195,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138620,7 +141233,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[13] */
"ldr r10, [%[a], #52]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138665,7 +141278,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[11] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138720,7 +141333,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138771,7 +141384,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[13] * A[13] */
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138801,7 +141414,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[12] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138856,7 +141469,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[13] * A[14] */
"ldr r10, [%[a], #56]\n\t"
"ldr r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138909,7 +141522,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[13] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138963,7 +141576,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
#endif
/* A[14] * A[14] */
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -138993,7 +141606,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
/* A[14] * A[15] */
"ldr r10, [%[a], #60]\n\t"
"ldr r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsl r9, r12, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -139048,7 +141661,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
"str r4, [%[r], #116]\n\t"
/* A[15] * A[15] */
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r8, r10, #16\n\t"
"lsr r9, r10, #16\n\t"
"lsr r8, r8, #16\n\t"
@@ -139083,7 +141696,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
"stm %[r]!, {r2, r3, r4, r8}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
}
@@ -139095,12 +141708,11 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
*/
static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -139129,10 +141741,11 @@ static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -139144,8 +141757,8 @@ static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3, r4, r5}\n\t"
@@ -139207,7 +141820,7 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
"sbc %[a], r9, r9\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -139220,12 +141833,11 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r12, #0\n\t"
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
"ldm %[b]!, {r7, r8, r9, r10}\n\t"
"adds r3, r3, r7\n\t"
@@ -139282,10 +141894,11 @@ static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"adcs r5, r5, r9\n\t"
"adcs r6, r6, r10\n\t"
"stm %[r]!, {r3, r4, r5, r6}\n\t"
- "adc %[r], r12, r12\n\t"
+ "mov %[r], #0\n\t"
+ "adc %[r], %[r], #0\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -139367,9 +141980,9 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
*/
static sp_digit sp_1024_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"ldm %[a]!, {r3, r4, r5, r6}\n\t"
@@ -139403,7 +142016,7 @@ static sp_digit sp_1024_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"sbc %[r], r6, r6\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -139453,16 +142066,19 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
*/
static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"sub sp, sp, #0x100\n\t"
- "mov r5, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "ldr r11, [%[b]]\n\t"
+ "umull r8, r6, lr, r11\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_1024_mul_32_outer_%=: \n\t"
"subs r3, r5, #0x7c\n\t"
@@ -139473,7 +142089,44 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"L_sp_1024_mul_32_inner_%=: \n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
+ "ldr lr, [%[a], r4]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -139510,10 +142163,46 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
#endif
"add r3, r3, #4\n\t"
"sub r4, r4, #4\n\t"
- "cmp r3, #0x80\n\t"
- "beq L_sp_1024_mul_32_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_1024_mul_32_inner_%=\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_1024_mul_32_inner_done_%=\n\t"
+ "blt L_sp_1024_mul_32_inner_%=\n\t"
+ "ldr lr, [%[a], r3]\n\t"
+ "ldr r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adcs r7, r7, #0\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#else
+ "umull r9, r10, lr, r11\n\t"
+ "adds r6, r6, r9\n\t"
+ "adcs r7, r7, r10\n\t"
+ "adc r8, r8, #0\n\t"
+#endif
"\n"
"L_sp_1024_mul_32_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
@@ -139521,18 +142210,50 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0xf8\n\t"
+ "cmp r5, #0xf4\n\t"
"ble L_sp_1024_mul_32_outer_%=\n\t"
+ "ldr lr, [%[a], #124]\n\t"
+ "ldr r11, [%[b], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "adds r6, r6, r10\n\t"
+ "adc r7, r7, #0\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r9, lr, #16\n\t"
+ "lsr r10, r11, #16\n\t"
+ "mul r10, r9, r10\n\t"
+ "add r7, r7, r10\n\t"
+ "lsl r10, r11, #16\n\t"
+ "lsr r10, r10, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #16\n\t"
+ "lsl r9, r9, #16\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umlal r6, r7, lr, r11\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_1024_mul_32_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_1024_mul_32_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -139543,29 +142264,28 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
*/
static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"sub sp, sp, #0x100\n\t"
- "mov r12, #0\n\t"
- "mov r6, #0\n\t"
+ "ldr lr, [%[a]]\n\t"
+ "umull r8, r6, lr, lr\n\t"
+ "str r8, [sp]\n\t"
"mov r7, #0\n\t"
"mov r8, #0\n\t"
- "mov r5, #0\n\t"
+ "mov r5, #4\n\t"
"\n"
"L_sp_1024_sqr_32_outer_%=: \n\t"
"subs r3, r5, #0x7c\n\t"
"it cc\n\t"
- "movcc r3, r12\n\t"
+ "movcc r3, #0\n\t"
"sub r4, r5, r3\n\t"
"\n"
"L_sp_1024_sqr_32_inner_%=: \n\t"
- "cmp r4, r3\n\t"
- "beq L_sp_1024_sqr_32_op_sqr_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
"ldr r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsl r10, r11, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -139614,11 +142334,13 @@ static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
"adcs r7, r7, r10\n\t"
"adc r8, r8, #0\n\t"
#endif
- "bal L_sp_1024_sqr_32_op_done_%=\n\t"
- "\n"
- "L_sp_1024_sqr_32_op_sqr_%=: \n\t"
+ "add r3, r3, #4\n\t"
+ "sub r4, r4, #4\n\t"
+ "cmp r3, r4\n\t"
+ "bgt L_sp_1024_sqr_32_inner_done_%=\n\t"
+ "blt L_sp_1024_sqr_32_inner_%=\n\t"
"ldr lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r9, lr, #16\n\t"
"lsr r10, lr, #16\n\t"
"lsr r9, r9, #16\n\t"
@@ -139645,34 +142367,50 @@ static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
"adc r8, r8, #0\n\t"
#endif
"\n"
- "L_sp_1024_sqr_32_op_done_%=: \n\t"
- "add r3, r3, #4\n\t"
- "sub r4, r4, #4\n\t"
- "cmp r3, #0x80\n\t"
- "beq L_sp_1024_sqr_32_inner_done_%=\n\t"
- "cmp r3, r4\n\t"
- "bgt L_sp_1024_sqr_32_inner_done_%=\n\t"
- "cmp r3, r5\n\t"
- "ble L_sp_1024_sqr_32_inner_%=\n\t"
- "\n"
"L_sp_1024_sqr_32_inner_done_%=: \n\t"
"str r6, [sp, r5]\n\t"
"mov r6, r7\n\t"
"mov r7, r8\n\t"
"mov r8, #0\n\t"
"add r5, r5, #4\n\t"
- "cmp r5, #0xf8\n\t"
+ "cmp r5, #0xf4\n\t"
"ble L_sp_1024_sqr_32_outer_%=\n\t"
+ "ldr lr, [%[a], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+ "lsl r9, lr, #16\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mov r11, r9\n\t"
+ "mul r9, r11, r9\n\t"
+ "mov r11, r10\n\t"
+ "mul r10, r11, r10\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+ "lsr r10, lr, #16\n\t"
+ "lsl r9, lr, #16\n\t"
+ "lsr r9, r9, #16\n\t"
+ "mul r9, r10, r9\n\t"
+ "lsr r10, r9, #15\n\t"
+ "lsl r9, r9, #17\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#else
+ "umull r9, r10, lr, lr\n\t"
+ "adds r6, r6, r9\n\t"
+ "adc r7, r7, r10\n\t"
+#endif
"str r6, [sp, r5]\n\t"
+ "add r5, r5, #4\n\t"
+ "str r7, [sp, r5]\n\t"
"\n"
"L_sp_1024_sqr_32_store_%=: \n\t"
- "ldm sp!, {r6, r7, r8, r9}\n\t"
- "stm %[r]!, {r6, r7, r8, r9}\n\t"
- "subs r5, r5, #16\n\t"
+ "ldm sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "stm %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "subs r5, r5, #32\n\t"
"bgt L_sp_1024_sqr_32_store_%=\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -139770,16 +142508,15 @@ static const sp_point_1024 p1024_base = {
*/
static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
"mov r12, #0\n\t"
"add lr, %[a], #0x80\n\t"
"\n"
"L_sp_1024_sub_in_pkace_32_word_%=: \n\t"
- "subs r12, r10, r12\n\t"
+ "rsbs r12, r12, #0\n\t"
"ldm %[a], {r2, r3, r4, r5}\n\t"
"ldm %[b]!, {r6, r7, r8, r9}\n\t"
"sbcs r2, r2, r6\n\t"
@@ -139787,13 +142524,13 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
"sbcs r4, r4, r8\n\t"
"sbcs r5, r5, r9\n\t"
"stm %[a]!, {r2, r3, r4, r5}\n\t"
- "sbc r12, r10, r10\n\t"
+ "sbc r12, r12, r12\n\t"
"cmp %[a], lr\n\t"
"bne L_sp_1024_sub_in_pkace_32_word_%=\n\t"
"mov %[a], r12\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -139810,10 +142547,10 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
*/
static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r6, #0\n\t"
@@ -139834,7 +142571,7 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], r12\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -139850,10 +142587,10 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -139972,7 +142709,7 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
"sbc %[r], lr, lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -139987,9 +142724,9 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r3, #0\n\t"
@@ -140011,7 +142748,7 @@ static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
"mov %[r], r3\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -140026,15 +142763,14 @@ static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
*/
static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
"ldr r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r5, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -140067,7 +142803,7 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"L_sp_1024_mul_d_32_word_%=: \n\t"
/* A[i] * B */
"ldr r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -140112,7 +142848,7 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"str r3, [%[r], #128]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -140125,15 +142861,14 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register sp_digit b asm ("r2") = b_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register sp_digit b asm ("r2") = (sp_digit)b_p;
__asm__ __volatile__ (
- "mov r10, #0\n\t"
/* A[0] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r3, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -140158,1211 +142893,971 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
#else
"umull r3, r4, %[b], r8\n\t"
#endif
+ "stm %[r]!, {r3}\n\t"
"mov r5, #0\n\t"
- "str r3, [%[r]], #4\n\t"
/* A[1] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[2] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[3] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[4] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[5] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[6] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[7] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[8] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[9] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[10] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[11] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[12] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[13] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[14] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[15] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[16] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[17] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[18] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[19] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[20] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[21] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[22] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[23] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[24] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[25] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[26] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[27] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[28] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r4, r4, r7\n\t"
- "adcs r5, r5, #0\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "add r5, r5, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "adc r3, r3, #0\n\t"
+ "adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r7\n\t"
- "mov r3, #0\n\t"
- "adc r3, r3, #0\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
+ "mov r3, #0\n\t"
/* A[29] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r5, r5, r7\n\t"
- "adcs r3, r3, #0\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "add r3, r3, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "adc r4, r4, #0\n\t"
+ "adc r3, r3, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r7\n\t"
- "mov r4, #0\n\t"
- "adc r4, r4, #0\n\t"
+ "umlal r5, r3, %[b], r8\n\t"
#endif
- "str r5, [%[r]], #4\n\t"
+ "stm %[r]!, {r5}\n\t"
+ "mov r4, #0\n\t"
/* A[30] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r7, r6, r7\n\t"
"adds r3, r3, r7\n\t"
- "adcs r4, r4, #0\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, #0\n\t"
"lsr r7, r8, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
"lsr r6, %[b], #16\n\t"
"lsr r7, r8, #16\n\t"
"mul r7, r6, r7\n\t"
- "adds r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "add r4, r4, r7\n\t"
"lsl r7, r8, #16\n\t"
"lsr r7, r7, #16\n\t"
"mul r6, r7, r6\n\t"
"lsr r7, r6, #16\n\t"
"lsl r6, r6, #16\n\t"
"adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "adc r5, r5, #0\n\t"
+ "adc r4, r4, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r7\n\t"
- "mov r5, #0\n\t"
- "adc r5, r5, #0\n\t"
+ "umlal r3, r4, %[b], r8\n\t"
#endif
- "str r3, [%[r]], #4\n\t"
+ "stm %[r]!, {r3}\n\t"
+ "mov r5, #0\n\t"
/* A[31] * B */
- "ldr r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+ "ldm %[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r6, %[b], #16\n\t"
"lsl r7, r8, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -141388,15 +143883,13 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
"adds r4, r4, r6\n\t"
"adc r5, r5, r7\n\t"
#else
- "umull r6, r7, %[b], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r7\n\t"
+ "umlal r4, r5, %[b], r8\n\t"
#endif
- "str r4, [%[r]], #4\n\t"
+ "stm %[r]!, {r4}\n\t"
"str r5, [%[r]]\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -141413,9 +143906,9 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
*/
static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr r6, %[div], #16\n\t"
@@ -141455,7 +143948,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"add %[d1], r4, r3\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -141472,9 +143965,9 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
*/
static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
{
- register sp_digit d1 asm ("r0") = d1_p;
- register sp_digit d0 asm ("r1") = d0_p;
- register sp_digit div asm ("r2") = div_p;
+ register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+ register sp_digit div asm ("r2") = (sp_digit)div_p;
__asm__ __volatile__ (
"lsr lr, %[div], #1\n\t"
@@ -141504,7 +143997,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"bpl L_div_1024_word_32_bit_%=\n\t"
"add r3, r3, r3\n\t"
"add r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -141532,7 +144025,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -141560,7 +144053,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"subs r7, %[d0], r4\n\t"
"sbc r8, %[d1], r5\n\t"
"add r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"lsl r7, r3, #16\n\t"
"lsl r4, %[div], #16\n\t"
"lsr r7, r7, #16\n\t"
@@ -141593,7 +144086,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
"sub %[d1], r3, r6\n\t"
: [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -141638,8 +144131,8 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
*/
static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
{
- register const sp_digit* a asm ("r0") = a_p;
- register const sp_digit* b asm ("r1") = b_p;
+ register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
__asm__ __volatile__ (
"mov r2, #-1\n\t"
@@ -142022,7 +144515,7 @@ static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
"mov %[a], r2\n\t"
: [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -142036,8 +144529,8 @@ static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -142077,7 +144570,8 @@ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_dig
* m A single precision number that is the modulus to reduce with.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
return sp_1024_div_32(a, m, NULL, r);
}
@@ -142170,14 +144664,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -142355,6 +144849,7 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
return err;
}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
/* Reduce the number back to 1024 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -142363,12 +144858,12 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
*/
static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
{
- register sp_digit* a asm ("r0") = a_p;
- register const sp_digit* m asm ("r1") = m_p;
- register sp_digit mp asm ("r2") = mp_p;
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
__asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
"ldr r11, [%[m]]\n\t"
#endif
/* i = 0 */
@@ -142381,10 +144876,9 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
/* mu = a[i] * mp */
"mul r8, %[mp], r12\n\t"
/* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m]]\n\t"
#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r7, r11, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r7\n\t"
@@ -142408,14 +144902,8 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r12, r12, r6\n\t"
"adc r5, r5, r7\n\t"
-#else
- "umull r6, r7, r8, r11\n\t"
- "adds r12, r12, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
/* a[i+1] += m[1] * mu */
"ldr r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r10\n\t"
@@ -142439,18 +144927,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r4, r4, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r4, r10, #0\n\t"
-#endif
"mov r12, lr\n\t"
"adds r12, r12, r5\n\t"
"adc r4, r4, #0\n\t"
/* a[i+2] += m[2] * mu */
"ldr r7, [%[m], #8]\n\t"
"ldr lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r10, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r10\n\t"
@@ -142474,17 +144956,11 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds lr, lr, r6\n\t"
"adc r5, r5, r10\n\t"
-#else
- "umull r6, r10, r8, r7\n\t"
- "adds lr, lr, r6\n\t"
- "adc r5, r10, #0\n\t"
-#endif
"adds lr, lr, r4\n\t"
"adc r5, r5, #0\n\t"
/* a[i+3] += m[3] * mu */
"ldr r7, [%[m], #12]\n\t"
"ldr r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142508,18 +144984,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #12]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+4] += m[4] * mu */
"ldr r7, [%[m], #16]\n\t"
"ldr r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142543,18 +145013,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #16]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+5] += m[5] * mu */
"ldr r7, [%[m], #20]\n\t"
"ldr r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142578,18 +145042,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #20]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+6] += m[6] * mu */
"ldr r7, [%[m], #24]\n\t"
"ldr r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142613,18 +145071,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #24]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+7] += m[7] * mu */
"ldr r7, [%[m], #28]\n\t"
"ldr r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142648,18 +145100,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #28]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+8] += m[8] * mu */
"ldr r7, [%[m], #32]\n\t"
"ldr r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142683,18 +145129,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #32]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+9] += m[9] * mu */
"ldr r7, [%[m], #36]\n\t"
"ldr r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142718,18 +145158,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #36]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+10] += m[10] * mu */
"ldr r7, [%[m], #40]\n\t"
"ldr r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142753,18 +145187,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #40]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+11] += m[11] * mu */
"ldr r7, [%[m], #44]\n\t"
"ldr r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142788,18 +145216,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #44]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+12] += m[12] * mu */
"ldr r7, [%[m], #48]\n\t"
"ldr r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142823,18 +145245,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #48]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+13] += m[13] * mu */
"ldr r7, [%[m], #52]\n\t"
"ldr r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142858,18 +145274,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #52]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+14] += m[14] * mu */
"ldr r7, [%[m], #56]\n\t"
"ldr r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142893,18 +145303,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #56]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+15] += m[15] * mu */
"ldr r7, [%[m], #60]\n\t"
"ldr r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142928,18 +145332,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #60]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+16] += m[16] * mu */
"ldr r7, [%[m], #64]\n\t"
"ldr r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -142963,18 +145361,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #64]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+17] += m[17] * mu */
"ldr r7, [%[m], #68]\n\t"
"ldr r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -142998,18 +145390,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #68]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+18] += m[18] * mu */
"ldr r7, [%[m], #72]\n\t"
"ldr r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143033,18 +145419,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #72]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+19] += m[19] * mu */
"ldr r7, [%[m], #76]\n\t"
"ldr r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -143068,18 +145448,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #76]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+20] += m[20] * mu */
"ldr r7, [%[m], #80]\n\t"
"ldr r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143103,18 +145477,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #80]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+21] += m[21] * mu */
"ldr r7, [%[m], #84]\n\t"
"ldr r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -143138,18 +145506,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #84]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+22] += m[22] * mu */
"ldr r7, [%[m], #88]\n\t"
"ldr r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143173,18 +145535,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #88]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+23] += m[23] * mu */
"ldr r7, [%[m], #92]\n\t"
"ldr r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -143208,18 +145564,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #92]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+24] += m[24] * mu */
"ldr r7, [%[m], #96]\n\t"
"ldr r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143243,18 +145593,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #96]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+25] += m[25] * mu */
"ldr r7, [%[m], #100]\n\t"
"ldr r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -143278,18 +145622,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #100]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+26] += m[26] * mu */
"ldr r7, [%[m], #104]\n\t"
"ldr r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143313,18 +145651,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #104]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+27] += m[27] * mu */
"ldr r7, [%[m], #108]\n\t"
"ldr r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -143348,18 +145680,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #108]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+28] += m[28] * mu */
"ldr r7, [%[m], #112]\n\t"
"ldr r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143383,18 +145709,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #112]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+29] += m[29] * mu */
"ldr r7, [%[m], #116]\n\t"
"ldr r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r4, r6, r11\n\t"
@@ -143418,18 +145738,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r4, r4, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r4, r7, #0\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #116]\n\t"
"adc r4, r4, #0\n\t"
/* a[i+30] += m[30] * mu */
"ldr r7, [%[m], #120]\n\t"
"ldr r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsr r11, r7, #16\n\t"
"lsr r6, r8, #16\n\t"
"mul r5, r6, r11\n\t"
@@ -143453,22 +145767,16 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"lsl r6, r6, #16\n\t"
"adds r10, r10, r6\n\t"
"adc r5, r5, r11\n\t"
-#else
- "umull r6, r7, r8, r7\n\t"
- "adds r10, r10, r6\n\t"
- "adc r5, r7, #0\n\t"
-#endif
"adds r10, r10, r4\n\t"
"str r10, [%[a], #120]\n\t"
"adc r5, r5, #0\n\t"
/* a[i+31] += m[31] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
- "ldr r7, [%[m], #124]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
"ldr r11, [%[m], #124]\n\t"
+#else
+ "ldr r7, [%[m], #124]\n\t"
#endif
"ldr r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
"lsl r6, r8, #16\n\t"
"lsl r7, r11, #16\n\t"
"lsr r6, r6, #16\n\t"
@@ -143499,13 +145807,306 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"adds r5, r5, r6\n\t"
"adcs r4, r4, r7\n\t"
"adc r3, r3, #0\n\t"
-#else
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #124]\n\t"
+ "ldr r10, [%[a], #128]\n\t"
+ "adcs r10, r10, r4\n\t"
+ "str r10, [%[a], #128]\n\t"
+ "adc r3, r3, #0\n\t"
+ /* i += 1 */
+ "add r9, r9, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r9, #0x80\n\t"
+ "blt L_sp_1024_mont_reduce_32_word_%=\n\t"
+ /* Loop Done */
+ "str r12, [%[a]]\n\t"
+ "str lr, [%[a], #4]\n\t"
+ "ldr r6, [%[m], #124]\n\t"
+ "subs r10, r6, r10\n\t"
+ "neg r3, r3\n\t"
+ "sbc r10, r10, r10\n\t"
+ "orr r3, r3, r10\n\t"
+ "mov %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_1024_cond_sub_32(a - 32, a, m, mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 1024 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ "ldr r11, [%[m]]\n\t"
+ /* i = 0 */
+ "mov r9, #0\n\t"
+ "mov r3, #0\n\t"
+ "ldr r12, [%[a]]\n\t"
+ "ldr lr, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_1024_mont_reduce_32_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r8, %[mp], r12\n\t"
+ /* a[i+0] += m[0] * mu */
+ "mov r5, #0\n\t"
+ "umlal r12, r5, r8, r11\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r7, [%[m], #4]\n\t"
+ "mov r4, #0\n\t"
+ "umlal lr, r4, r8, r7\n\t"
+ "mov r12, lr\n\t"
+ "adds r12, r12, r5\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r7, [%[m], #8]\n\t"
+ "ldr lr, [%[a], #8]\n\t"
+ "mov r5, #0\n\t"
+ "umlal lr, r5, r8, r7\n\t"
+ "adds lr, lr, r4\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r7, [%[m], #12]\n\t"
+ "ldr r10, [%[a], #12]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #12]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r7, [%[m], #16]\n\t"
+ "ldr r10, [%[a], #16]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #16]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r7, [%[m], #20]\n\t"
+ "ldr r10, [%[a], #20]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #20]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r7, [%[m], #24]\n\t"
+ "ldr r10, [%[a], #24]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #24]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r7, [%[m], #28]\n\t"
+ "ldr r10, [%[a], #28]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #28]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r7, [%[m], #32]\n\t"
+ "ldr r10, [%[a], #32]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #32]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r7, [%[m], #36]\n\t"
+ "ldr r10, [%[a], #36]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #36]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r7, [%[m], #40]\n\t"
+ "ldr r10, [%[a], #40]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #40]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r7, [%[m], #44]\n\t"
+ "ldr r10, [%[a], #44]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #44]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r7, [%[m], #48]\n\t"
+ "ldr r10, [%[a], #48]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #48]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r7, [%[m], #52]\n\t"
+ "ldr r10, [%[a], #52]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #52]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r7, [%[m], #56]\n\t"
+ "ldr r10, [%[a], #56]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #56]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r7, [%[m], #60]\n\t"
+ "ldr r10, [%[a], #60]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #60]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r7, [%[m], #64]\n\t"
+ "ldr r10, [%[a], #64]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #64]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r7, [%[m], #68]\n\t"
+ "ldr r10, [%[a], #68]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #68]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r7, [%[m], #72]\n\t"
+ "ldr r10, [%[a], #72]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #72]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r7, [%[m], #76]\n\t"
+ "ldr r10, [%[a], #76]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #76]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r7, [%[m], #80]\n\t"
+ "ldr r10, [%[a], #80]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #80]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r7, [%[m], #84]\n\t"
+ "ldr r10, [%[a], #84]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #84]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r7, [%[m], #88]\n\t"
+ "ldr r10, [%[a], #88]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #88]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r7, [%[m], #92]\n\t"
+ "ldr r10, [%[a], #92]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #92]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r7, [%[m], #96]\n\t"
+ "ldr r10, [%[a], #96]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #96]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r7, [%[m], #100]\n\t"
+ "ldr r10, [%[a], #100]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #100]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r7, [%[m], #104]\n\t"
+ "ldr r10, [%[a], #104]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #104]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r7, [%[m], #108]\n\t"
+ "ldr r10, [%[a], #108]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #108]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r7, [%[m], #112]\n\t"
+ "ldr r10, [%[a], #112]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #112]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r7, [%[m], #116]\n\t"
+ "ldr r10, [%[a], #116]\n\t"
+ "mov r4, #0\n\t"
+ "umlal r10, r4, r8, r7\n\t"
+ "adds r10, r10, r5\n\t"
+ "str r10, [%[a], #116]\n\t"
+ "adc r4, r4, #0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r7, [%[m], #120]\n\t"
+ "ldr r10, [%[a], #120]\n\t"
+ "mov r5, #0\n\t"
+ "umlal r10, r5, r8, r7\n\t"
+ "adds r10, r10, r4\n\t"
+ "str r10, [%[a], #120]\n\t"
+ "adc r5, r5, #0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r7, [%[m], #124]\n\t"
+ "ldr r10, [%[a], #124]\n\t"
"umull r6, r7, r8, r7\n\t"
"adds r5, r5, r6\n\t"
"adcs r4, r7, r3\n\t"
"mov r3, #0\n\t"
"adc r3, r3, r3\n\t"
-#endif
"adds r10, r10, r5\n\t"
"str r10, [%[a], #124]\n\t"
"ldr r10, [%[a], #128]\n\t"
@@ -143517,6 +146118,7 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"add %[a], %[a], #4\n\t"
"cmp r9, #0x80\n\t"
"blt L_sp_1024_mont_reduce_32_word_%=\n\t"
+ /* Loop Done */
"str r12, [%[a]]\n\t"
"str lr, [%[a], #4]\n\t"
"ldr r6, [%[m], #124]\n\t"
@@ -143527,11 +146129,222 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
"mov %[mp], r3\n\t"
: [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
sp_1024_cond_sub_32(a - 32, a, m, mp);
}
+#else
+/* Reduce the number back to 1024 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+ register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "mov r12, #0\n\t"
+ "mov lr, #0\n\t"
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[a], #4]\n\t"
+ "ldr r6, [%[a], #8]\n\t"
+ "ldr r7, [%[a], #12]\n\t"
+ "ldr r8, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_1024_mont_reduce_32_word_%=: \n\t"
+ /* mu = a[i] * mp */
+ "mul r11, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "ldr r10, [%[m]]\n\t"
+ "mov r3, #0\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+1] += m[1] * mu */
+ "ldr r10, [%[m], #4]\n\t"
+ "mov r4, r5\n\t"
+ "umaal r4, r3, r11, r10\n\t"
+ /* a[i+2] += m[2] * mu */
+ "ldr r10, [%[m], #8]\n\t"
+ "mov r5, r6\n\t"
+ "umaal r5, r3, r11, r10\n\t"
+ /* a[i+3] += m[3] * mu */
+ "ldr r10, [%[m], #12]\n\t"
+ "mov r6, r7\n\t"
+ "umaal r6, r3, r11, r10\n\t"
+ /* a[i+4] += m[4] * mu */
+ "ldr r10, [%[m], #16]\n\t"
+ "mov r7, r8\n\t"
+ "umaal r7, r3, r11, r10\n\t"
+ /* a[i+5] += m[5] * mu */
+ "ldr r10, [%[m], #20]\n\t"
+ "ldr r8, [%[a], #20]\n\t"
+ "umaal r8, r3, r11, r10\n\t"
+ /* a[i+6] += m[6] * mu */
+ "ldr r10, [%[m], #24]\n\t"
+ "ldr r9, [%[a], #24]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "ldr r10, [%[m], #28]\n\t"
+ "ldr r9, [%[a], #28]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "ldr r10, [%[m], #32]\n\t"
+ "ldr r9, [%[a], #32]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "ldr r10, [%[m], #36]\n\t"
+ "ldr r9, [%[a], #36]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "ldr r10, [%[m], #40]\n\t"
+ "ldr r9, [%[a], #40]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "ldr r10, [%[m], #44]\n\t"
+ "ldr r9, [%[a], #44]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "ldr r10, [%[m], #48]\n\t"
+ "ldr r9, [%[a], #48]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "ldr r10, [%[m], #52]\n\t"
+ "ldr r9, [%[a], #52]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "ldr r10, [%[m], #56]\n\t"
+ "ldr r9, [%[a], #56]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "ldr r10, [%[m], #60]\n\t"
+ "ldr r9, [%[a], #60]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "ldr r10, [%[m], #64]\n\t"
+ "ldr r9, [%[a], #64]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "ldr r10, [%[m], #68]\n\t"
+ "ldr r9, [%[a], #68]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "ldr r10, [%[m], #72]\n\t"
+ "ldr r9, [%[a], #72]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "ldr r10, [%[m], #76]\n\t"
+ "ldr r9, [%[a], #76]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "ldr r10, [%[m], #80]\n\t"
+ "ldr r9, [%[a], #80]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "ldr r10, [%[m], #84]\n\t"
+ "ldr r9, [%[a], #84]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "ldr r10, [%[m], #88]\n\t"
+ "ldr r9, [%[a], #88]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "ldr r10, [%[m], #92]\n\t"
+ "ldr r9, [%[a], #92]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "ldr r10, [%[m], #96]\n\t"
+ "ldr r9, [%[a], #96]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "ldr r10, [%[m], #100]\n\t"
+ "ldr r9, [%[a], #100]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "ldr r10, [%[m], #104]\n\t"
+ "ldr r9, [%[a], #104]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "ldr r10, [%[m], #108]\n\t"
+ "ldr r9, [%[a], #108]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "ldr r10, [%[m], #112]\n\t"
+ "ldr r9, [%[a], #112]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "ldr r10, [%[m], #116]\n\t"
+ "ldr r9, [%[a], #116]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "ldr r10, [%[m], #120]\n\t"
+ "ldr r9, [%[a], #120]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "str r9, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "ldr r10, [%[m], #124]\n\t"
+ "ldr r9, [%[a], #124]\n\t"
+ "umaal r9, r3, r11, r10\n\t"
+ "ldr r11, [%[a], #128]\n\t"
+ "mov r10, #0\n\t"
+ "umaal r3, r11, r10, r10\n\t"
+ "str r9, [%[a], #124]\n\t"
+ "adds r3, r3, lr\n\t"
+ "adc lr, r11, #0\n\t"
+ "str r3, [%[a], #128]\n\t"
+ /* i += 1 */
+ "add r12, r12, #4\n\t"
+ "add %[a], %[a], #4\n\t"
+ "cmp r12, #0x80\n\t"
+ "blt L_sp_1024_mont_reduce_32_word_%=\n\t"
+ /* Loop Done */
+ "str r4, [%[a]]\n\t"
+ "str r5, [%[a], #4]\n\t"
+ "str r6, [%[a], #8]\n\t"
+ "str r7, [%[a], #12]\n\t"
+ "str r8, [%[a], #16]\n\t"
+ "ldr r10, [%[m], #124]\n\t"
+ "subs r3, r10, r3\n\t"
+ "neg lr, lr\n\t"
+ "sbc r3, r3, r3\n\t"
+ "orr lr, lr, r3\n\t"
+ "mov %[mp], lr\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+ );
+ sp_1024_cond_sub_32(a - 32, a, m, mp);
+}
+
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -143539,7 +146352,7 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -143553,7 +146366,7 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -143678,10 +146491,10 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
*/
static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register const sp_digit* m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
@@ -143747,7 +146560,7 @@ static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"neg r12, r12\n\t"
"sbc r11, r11, r11\n\t"
"sub %[r], %[r], #0x80\n\t"
- "orr r12, r11\n\t"
+ "orr r12, r12, r11\n\t"
"ldm %[r], {r4, r5, r6, r7}\n\t"
"ldm %[m]!, {r8, r9, r10, r11}\n\t"
"and r8, r8, r12\n\t"
@@ -143838,7 +146651,7 @@ static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"stm %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -143850,9 +146663,9 @@ static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
@@ -143902,7 +146715,7 @@ static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"neg r12, r12\n\t"
"sbc r4, r4, r4\n\t"
"sub %[r], %[r], #0x80\n\t"
- "orr r12, r4\n\t"
+ "orr r12, r12, r4\n\t"
"ldm %[r], {r4, r5, r6, r7}\n\t"
"ldm %[m]!, {r8, r9, r10, r11}\n\t"
"and r8, r8, r12\n\t"
@@ -143993,7 +146806,7 @@ static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"stm %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12"
+ : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
);
}
@@ -144005,9 +146818,9 @@ static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* m asm ("r2") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
__asm__ __volatile__ (
"mov r12, #0\n\t"
@@ -144057,7 +146870,7 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"neg r12, r12\n\t"
"sbc r4, r4, r4\n\t"
"sub %[r], %[r], #0x80\n\t"
- "orr r12, r4\n\t"
+ "orr r12, r12, r4\n\t"
"ldm %[r], {r4, r5, r6, r7}\n\t"
"ldm %[m]!, {r8, r9, r10, r11}\n\t"
"and r8, r8, r12\n\t"
@@ -144212,7 +147025,7 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"neg r12, r12\n\t"
"sbc r7, r7, r7\n\t"
"sub %[r], %[r], #0x80\n\t"
- "orr r12, r7\n\t"
+ "orr r12, r12, r7\n\t"
"ldm %[r], {r4, r5, r6, r7}\n\t"
"ldm %[m]!, {r8, r9, r10, r11}\n\t"
"and r8, r8, r12\n\t"
@@ -144303,7 +147116,7 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"stm %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12"
+ : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
);
}
@@ -144316,10 +147129,10 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register const sp_digit* m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
__asm__ __volatile__ (
"ldm %[a]!, {r4, r5, r6, r7}\n\t"
@@ -144470,11 +147283,10 @@ static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
"stm %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
-#define sp_1024_mont_sub_lower_32 sp_1024_mont_sub_32
#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
@@ -144486,10 +147298,10 @@ static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
*/
static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov lr, #0\n\t"
@@ -144510,7 +147322,7 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
"mov %[r], lr\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -144526,10 +147338,10 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
*/
static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
- register sp_digit m asm ("r3") = m_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+ register sp_digit m asm ("r3") = (sp_digit)m_p;
__asm__ __volatile__ (
"mov r8, #0\n\t"
@@ -144648,7 +147460,7 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
"adc %[r], r8, r8\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -144656,8 +147468,8 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
#endif /* WOLFSSL_SP_SMALL */
static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
+ register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
__asm__ __volatile__ (
"ldm %[a], {r2, r3}\n\t"
@@ -144788,7 +147600,7 @@ static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
"str r3, [%[r], #124]\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4"
+ : "memory", "r2", "r3", "r4", "cc"
);
}
@@ -144798,7 +147610,7 @@ static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_1024_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
{
sp_digit o;
@@ -144851,7 +147663,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_32(t2, t2, p1024_mod);
+ sp_1024_mont_div2_32(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -144861,7 +147673,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_32(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+ sp_1024_mont_sub_32(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -144884,7 +147696,8 @@ typedef struct sp_1024_proj_point_dbl_32_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
@@ -144958,7 +147771,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_32(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -144983,7 +147796,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -145008,122 +147821,6 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_1024_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "mov r12, #0\n\t"
- "add lr, %[a], #0x80\n\t"
- "\n"
- "L_sp_1024_sub_32_word_%=: \n\t"
- "rsbs r12, r12, #0\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc r12, r3, r3\n\t"
- "cmp %[a], lr\n\t"
- "bne L_sp_1024_sub_32_word_%=\n\t"
- "mov %[r], r12\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_1024_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
- register sp_digit* r asm ("r0") = r_p;
- register const sp_digit* a asm ("r1") = a_p;
- register const sp_digit* b asm ("r2") = b_p;
-
- __asm__ __volatile__ (
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "subs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "ldm %[a]!, {r3, r4, r5, r6}\n\t"
- "ldm %[b]!, {r7, r8, r9, r10}\n\t"
- "sbcs r3, r3, r7\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "stm %[r]!, {r3, r4, r5, r6}\n\t"
- "sbc %[r], r6, r6\n\t"
- : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
/* Compare two numbers to determine if they are equal.
* Constant time implementation.
*
@@ -145171,12 +147868,12 @@ static int sp_1024_iszero_32(const sp_digit* a)
static void sp_1024_proj_point_add_32(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*32;
- sp_digit* t3 = t + 4*32;
- sp_digit* t4 = t + 6*32;
- sp_digit* t5 = t + 8*32;
- sp_digit* t6 = t + 10*32;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*32;
+ sp_digit* t2 = t + 4*32;
+ sp_digit* t3 = t + 6*32;
+ sp_digit* t4 = t + 8*32;
+ sp_digit* t5 = t + 10*32;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -145198,17 +147895,9 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
sp_1024_proj_point_dbl_32(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
@@ -145227,20 +147916,31 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
sp_1024_mont_dbl_32(t3, y, p1024_mod);
sp_1024_mont_sub_32(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+ sp_1024_mont_sub_32(y, y, x, p1024_mod);
sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(y, y, t5, p1024_mod);
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -145286,12 +147986,12 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*32;
- ctx->t3 = t + 4*32;
- ctx->t4 = t + 6*32;
- ctx->t5 = t + 8*32;
- ctx->t6 = t + 10*32;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*32;
+ ctx->t2 = t + 4*32;
+ ctx->t3 = t + 6*32;
+ ctx->t4 = t + 8*32;
+ ctx->t5 = t + 10*32;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -145398,7 +148098,7 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -145411,22 +148111,28 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -145586,8 +148292,6 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g,
}
#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-#define sp_1024_mont_dbl_lower_32 sp_1024_mont_dbl_32
-#define sp_1024_mont_tpl_lower_32 sp_1024_mont_tpl_32
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -145626,7 +148330,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+ sp_1024_mont_tpl_32(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -145635,8 +148339,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_dbl_32(t2, b, p1024_mod);
sp_1024_mont_sub_32(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+ sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_32(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -145656,7 +148360,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+ sp_1024_mont_tpl_32(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -145665,8 +148369,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_dbl_32(t2, b, p1024_mod);
sp_1024_mont_sub_32(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+ sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_32(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -145676,7 +148380,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_sub_32(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_32(y, y, p1024_mod);
+ sp_1024_mont_div2_32(y, y, p1024_mod);
}
/* Convert the projective point to affine.
@@ -145722,12 +148426,12 @@ typedef struct sp_table_entry_1024 {
static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*32;
- sp_digit* t3 = t + 4*32;
- sp_digit* t4 = t + 6*32;
- sp_digit* t5 = t + 8*32;
- sp_digit* t6 = t + 10*32;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*32;
+ sp_digit* t6 = t + 4*32;
+ sp_digit* t1 = t + 6*32;
+ sp_digit* t4 = t + 8*32;
+ sp_digit* t5 = t + 10*32;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -145743,13 +148447,9 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
sp_1024_proj_point_dbl_32(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
@@ -145758,33 +148458,40 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_32(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_32(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_32(t1, t3, p1024_mod);
- sp_1024_mont_sub_32(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_32(t5, t3, p1024_mod);
+ sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_32(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_32(y, t3, t5, p1024_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -146015,7 +148722,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -146086,8 +148793,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -146370,7 +149077,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -146441,8 +149148,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -150196,7 +152903,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -150218,7 +152925,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -150434,7 +153141,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -150460,7 +153167,7 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
sp_1024_mont_add_32(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -152481,7 +155188,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -152596,7 +155303,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_32(t1, ty, p1024_mod);
+ sp_1024_mont_div2_32(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -152616,7 +155323,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_32(t1, t1, p1024_mod);
+ sp_1024_mont_div2_32(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -153034,7 +155741,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_32(t1, ty, p1024_mod);
+ sp_1024_mont_div2_32(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -153072,7 +155779,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_32(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -153883,7 +156590,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
}
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -153912,19 +156619,21 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 32;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_32(t1, point->y);
(void)sp_1024_mod_32(t1, t1, p1024_mod);
sp_1024_sqr_32(t2, point->x);
(void)sp_1024_mod_32(t2, t2, p1024_mod);
sp_1024_mul_32(t2, t2, point->x);
(void)sp_1024_mod_32(t2, t2, p1024_mod);
- (void)sp_1024_sub_32(t2, p1024_mod, t2);
- sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_32(t1, p1024_mod);
sp_1024_cond_sub_32(t1, t1, p1024_mod, ~(n >> 31));
sp_1024_norm_32(t1);
@@ -153941,7 +156650,7 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c
index ff0beb58..ed66e6d1 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c
@@ -52,6 +52,16 @@
#include <wolfssl/wolfcrypt/sp.h>
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif
+
#ifdef WOLFSSL_SP_ARM64_ASM
#define SP_PRINT_NUM(var, name, total, words, bits) \
do { \
@@ -89,7 +99,7 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -193,14 +203,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -758,7 +768,7 @@ static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 32]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 48]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -906,7 +916,7 @@ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 96]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 112]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -1237,7 +1247,7 @@ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 224]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 240]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -2489,7 +2499,7 @@ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -2681,7 +2691,7 @@ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -2848,7 +2858,7 @@ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -3339,7 +3349,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m,
"umulh x8, x10, x9\n\t"
"adds x6, x6, x7\n\t"
"adcs x8, x8, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x27, x28, x6\n\t"
"ldr x28, [%[a], 128]\n\t"
"adcs x28, x28, x8\n\t"
@@ -3414,7 +3424,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3428,7 +3438,7 @@ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -3719,7 +3729,7 @@ static void sp_2048_mul_d_16(sp_digit* r, const sp_digit* a,
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -3967,8 +3977,8 @@ static sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[32], t2[17];
sp_digit div, r1;
@@ -4642,7 +4652,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
"ldp x8, x9, [%[a], 248]\n\t"
"adds x5, x5, x6\n\t"
"adcs x7, x7, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x8, x8, x5\n\t"
"str x8, [%[a], 248]\n\t"
"adcs x9, x9, x7\n\t"
@@ -4776,7 +4786,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4790,7 +4800,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -4939,7 +4949,7 @@ static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
#endif /* WOLFSSL_SP_SMALL */
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -5007,8 +5017,8 @@ static sp_digit div_2048_word_32_cond(sp_digit d1, sp_digit d0, sp_digit div)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -5230,7 +5240,7 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_dig
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -5574,8 +5584,8 @@ static sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -6982,7 +6992,7 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -7086,14 +7096,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -7475,7 +7485,7 @@ static sp_digit sp_3072_add_6(sp_digit* r, const sp_digit* a,
"adcs x4, x4, x8\n\t"
"str x3, [%[r], 32]\n\t"
"str x4, [%[r], 40]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -7601,7 +7611,7 @@ static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 64]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 80]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -7877,7 +7887,7 @@ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 160]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 176]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -8318,7 +8328,7 @@ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 352]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 368]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -11292,7 +11302,7 @@ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -11484,7 +11494,7 @@ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -11651,7 +11661,7 @@ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -12354,7 +12364,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m,
"ldp x8, x9, [%[a], 184]\n\t"
"adds x5, x5, x6\n\t"
"adcs x7, x7, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x8, x8, x5\n\t"
"str x8, [%[a], 184]\n\t"
"adcs x9, x9, x7\n\t"
@@ -12460,7 +12470,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -12474,7 +12484,7 @@ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -12862,7 +12872,7 @@ static void sp_3072_mul_d_24(sp_digit* r, const sp_digit* a,
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -13158,8 +13168,8 @@ static sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[48], t2[25];
sp_digit div, r1;
@@ -13977,7 +13987,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
"ldp x8, x9, [%[a], 376]\n\t"
"adds x5, x5, x6\n\t"
"adcs x7, x7, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x8, x8, x5\n\t"
"str x8, [%[a], 376]\n\t"
"adcs x9, x9, x7\n\t"
@@ -14167,7 +14177,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14181,7 +14191,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -14370,7 +14380,7 @@ static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
#endif /* WOLFSSL_SP_SMALL */
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -14438,8 +14448,8 @@ static sp_digit div_3072_word_48_cond(sp_digit d1, sp_digit d0, sp_digit div)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[96], t2[49];
sp_digit div, r1;
@@ -14717,7 +14727,7 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_dig
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -15157,8 +15167,8 @@ static sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[96], t2[49];
sp_digit div, r1;
@@ -16585,7 +16595,7 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -16689,14 +16699,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -17234,7 +17244,7 @@ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 480]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 496]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -17476,7 +17486,7 @@ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -17641,7 +17651,7 @@ static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -18840,7 +18850,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m,
"ldp x8, x9, [%[a], 504]\n\t"
"adds x5, x5, x6\n\t"
"adcs x7, x7, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x8, x8, x5\n\t"
"str x8, [%[a], 504]\n\t"
"adcs x9, x9, x7\n\t"
@@ -19086,7 +19096,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -19100,7 +19110,7 @@ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -19329,7 +19339,7 @@ static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a,
#endif /* WOLFSSL_SP_SMALL */
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -19397,8 +19407,8 @@ static sp_digit div_4096_word_64_cond(sp_digit d1, sp_digit d0, sp_digit div)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -19732,7 +19742,7 @@ static sp_digit sp_4096_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_dig
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -20268,8 +20278,8 @@ static sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -21862,114 +21872,104 @@ static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
* a A single precision integer.
* b A single precision integer.
*/
-static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
+SP_NOINLINE static void sp_256_mul_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
{
- sp_digit tmp[4];
-
__asm__ __volatile__ (
- "ldp x16, x17, [%[a], 0]\n\t"
- "ldp x21, x22, [%[b], 0]\n\t"
- "# A[0] * B[0]\n\t"
- "mul x8, x16, x21\n\t"
- "ldr x19, [%[a], 16]\n\t"
- "umulh x9, x16, x21\n\t"
- "ldr x23, [%[b], 16]\n\t"
- "# A[0] * B[1]\n\t"
- "mul x4, x16, x22\n\t"
- "ldr x20, [%[a], 24]\n\t"
- "umulh x5, x16, x22\n\t"
- "ldr x24, [%[b], 24]\n\t"
- "adds x9, x9, x4\n\t"
- "# A[1] * B[0]\n\t"
- "mul x4, x17, x21\n\t"
- "adc x10, xzr, x5\n\t"
- "umulh x5, x17, x21\n\t"
- "adds x9, x9, x4\n\t"
- "# A[0] * B[2]\n\t"
- "mul x4, x16, x23\n\t"
- "adcs x10, x10, x5\n\t"
- "umulh x5, x16, x23\n\t"
- "adc x11, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
- "# A[1] * B[1]\n\t"
- "mul x4, x17, x22\n\t"
- "adc x11, x11, x5\n\t"
- "umulh x5, x17, x22\n\t"
- "adds x10, x10, x4\n\t"
- "# A[2] * B[0]\n\t"
- "mul x4, x19, x21\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x19, x21\n\t"
- "adc x12, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
- "# A[0] * B[3]\n\t"
- "mul x4, x16, x24\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x16, x24\n\t"
- "adc x12, x12, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * B[2]\n\t"
- "mul x4, x17, x23\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x17, x23\n\t"
- "adc x13, xzr, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[2] * B[1]\n\t"
- "mul x4, x19, x22\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x19, x22\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[3] * B[0]\n\t"
- "mul x4, x20, x21\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x20, x21\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * B[3]\n\t"
- "mul x4, x17, x24\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x17, x24\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[2] * B[2]\n\t"
- "mul x4, x19, x23\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x19, x23\n\t"
- "adc x14, xzr, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[3] * B[1]\n\t"
- "mul x4, x20, x22\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x20, x22\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[2] * B[3]\n\t"
- "mul x4, x19, x24\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x19, x24\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x13, x13, x4\n\t"
- "# A[3] * B[2]\n\t"
- "mul x4, x20, x23\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x20, x23\n\t"
- "adc x15, xzr, xzr\n\t"
- "adds x13, x13, x4\n\t"
- "# A[3] * B[3]\n\t"
- "mul x4, x20, x24\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x20, x24\n\t"
- "adc x15, x15, xzr\n\t"
- "adds x14, x14, x4\n\t"
- "adc x15, x15, x5\n\t"
- "stp x8, x9, [%[r], 0]\n\t"
- "stp x10, x11, [%[r], 16]\n\t"
- "stp x12, x13, [%[r], 32]\n\t"
- "stp x14, x15, [%[r], 48]\n\t"
+ "ldp x13, x14, [%[a], 0]\n\t"
+ "ldp x15, x16, [%[a], 16]\n\t"
+ "ldp x17, x19, [%[b], 0]\n\t"
+ "ldp x20, x21, [%[b], 16]\n\t"
+ "# A[0] * B[0]\n\t"
+ "umulh x6, x13, x17\n\t"
+ "mul x5, x13, x17\n\t"
+ "# A[2] * B[0]\n\t"
+ "umulh x8, x15, x17\n\t"
+ "mul x7, x15, x17\n\t"
+ "# A[1] * B[0]\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x7, x7, x4\n\t"
+ "adc x8, x8, xzr\n\t"
+ "# A[0] * B[2]\n\t"
+ "mul x3, x13, x20\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x13, x20\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# A[1] * B[3]\n\t"
+ "mul x9, x14, x21\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "umulh x10, x14, x21\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# A[0] * B[1]\n\t"
+ "mul x3, x13, x19\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x13, x19\n\t"
+ "adcs x7, x7, x4\n\t"
+ "# A[2] * B[1]\n\t"
+ "mul x3, x15, x19\n\t"
+ "adcs x8, x8, x3\n\t"
+ "umulh x4, x15, x19\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# A[1] * B[2]\n\t"
+ "mul x3, x14, x20\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x20\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[1] * B[1]\n\t"
+ "mul x3, x14, x19\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x14, x19\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# A[3] * B[1]\n\t"
+ "mul x3, x16, x19\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x4, x16, x19\n\t"
+ "adcs x10, x10, x4\n\t"
+ "adc x11, x11, xzr\n\t"
+ "# A[2] * B[2]\n\t"
+ "mul x3, x15, x20\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x15, x20\n\t"
+ "adcs x10, x10, x4\n\t"
+ "# A[3] * B[3]\n\t"
+ "mul x3, x16, x21\n\t"
+ "adcs x11, x11, x3\n\t"
+ "umulh x12, x16, x21\n\t"
+ "adc x12, x12, xzr\n\t"
+ "# A[0] * B[3]\n\t"
+ "mul x3, x13, x21\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x13, x21\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# A[2] * B[3]\n\t"
+ "mul x3, x15, x21\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x15, x21\n\t"
+ "adcs x11, x11, x4\n\t"
+ "adc x12, x12, xzr\n\t"
+ "# A[3] * B[0]\n\t"
+ "mul x3, x16, x17\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# A[3] * B[2]\n\t"
+ "mul x3, x16, x20\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x16, x20\n\t"
+ "adcs x11, x11, x4\n\t"
+ "adc x12, x12, xzr\n\t"
+ "stp x5, x6, [%[r], 0]\n\t"
+ "stp x7, x8, [%[r], 16]\n\t"
+ "stp x9, x10, [%[r], 32]\n\t"
+ "stp x11, x12, [%[r], 48]\n\t"
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [tmp] "r" (tmp)
- : "memory", "x4", "x5", "x6", "x7", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+ : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
);
}
@@ -21979,75 +21979,71 @@ static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
* r A single precision integer.
* a A single precision integer.
*/
-static void sp_256_sqr_4(sp_digit* r, const sp_digit* a)
+SP_NOINLINE static void sp_256_sqr_4(sp_digit* r, const sp_digit* a)
{
__asm__ __volatile__ (
- "ldp x16, x17, [%[a], 0]\n\t"
- "# A[0] * A[1]\n\t"
- "mul x9, x16, x17\n\t"
- "ldr x19, [%[a], 16]\n\t"
- "umulh x10, x16, x17\n\t"
- "ldr x20, [%[a], 24]\n\t"
- "# A[0] * A[2]\n\t"
- "mul x4, x16, x19\n\t"
- "umulh x5, x16, x19\n\t"
- "adds x10, x10, x4\n\t"
- "# A[0] * A[3]\n\t"
- "mul x4, x16, x20\n\t"
- "adc x11, xzr, x5\n\t"
- "umulh x5, x16, x20\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * A[2]\n\t"
- "mul x4, x17, x19\n\t"
- "adc x12, xzr, x5\n\t"
- "umulh x5, x17, x19\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * A[3]\n\t"
- "mul x4, x17, x20\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x17, x20\n\t"
- "adc x13, xzr, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[2] * A[3]\n\t"
- "mul x4, x19, x20\n\t"
- "adc x13, x13, x5\n\t"
- "umulh x5, x19, x20\n\t"
- "adds x13, x13, x4\n\t"
- "adc x14, xzr, x5\n\t"
+ "ldp x12, x13, [%[a], 0]\n\t"
+ "ldp x14, x15, [%[a], 16]\n\t"
+ "# A[0] * A[1]\n\t"
+ "umulh x6, x12, x13\n\t"
+ "mul x5, x12, x13\n\t"
+ "# A[0] * A[3]\n\t"
+ "umulh x8, x12, x15\n\t"
+ "mul x7, x12, x15\n\t"
+ "# A[0] * A[2]\n\t"
+ "mul x2, x12, x14\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x12, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# A[1] * A[3]\n\t"
+ "mul x2, x13, x15\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x9, x13, x15\n\t"
+ "adc x9, x9, xzr\n\t"
+ "# A[1] * A[2]\n\t"
+ "mul x2, x13, x14\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x13, x14\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# A[2] * A[3]\n\t"
+ "mul x2, x14, x15\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x10, x14, x15\n\t"
+ "adc x10, x10, xzr\n\t"
"# Double\n\t"
- "adds x9, x9, x9\n\t"
+ "adds x5, x5, x5\n\t"
+ "adcs x6, x6, x6\n\t"
+ "adcs x7, x7, x7\n\t"
+ "adcs x8, x8, x8\n\t"
+ "adcs x9, x9, x9\n\t"
"adcs x10, x10, x10\n\t"
- "adcs x11, x11, x11\n\t"
- "adcs x12, x12, x12\n\t"
- "adcs x13, x13, x13\n\t"
- "# A[0] * A[0]\n\t"
- "mul x8, x16, x16\n\t"
- "adcs x14, x14, x14\n\t"
- "umulh x3, x16, x16\n\t"
- "cset x15, cs\n\t"
- "# A[1] * A[1]\n\t"
- "mul x4, x17, x17\n\t"
- "adds x9, x9, x3\n\t"
- "umulh x5, x17, x17\n\t"
- "adcs x10, x10, x4\n\t"
- "# A[2] * A[2]\n\t"
- "mul x6, x19, x19\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x7, x19, x19\n\t"
- "adcs x12, x12, x6\n\t"
- "# A[3] * A[3]\n\t"
- "mul x16, x20, x20\n\t"
- "adcs x13, x13, x7\n\t"
- "umulh x17, x20, x20\n\t"
- "adcs x14, x14, x16\n\t"
- "adc x15, x15, x17\n\t"
- "stp x8, x9, [%[r], 0]\n\t"
- "stp x10, x11, [%[r], 16]\n\t"
- "stp x12, x13, [%[r], 32]\n\t"
- "stp x14, x15, [%[r], 48]\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[0] * A[0]\n\t"
+ "umulh x3, x12, x12\n\t"
+ "mul x4, x12, x12\n\t"
+ "# A[1] * A[1]\n\t"
+ "mul x2, x13, x13\n\t"
+ "adds x5, x5, x3\n\t"
+ "umulh x3, x13, x13\n\t"
+ "adcs x6, x6, x2\n\t"
+ "# A[2] * A[2]\n\t"
+ "mul x2, x14, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "umulh x3, x14, x14\n\t"
+ "adcs x8, x8, x2\n\t"
+ "# A[3] * A[3]\n\t"
+ "mul x2, x15, x15\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x3, x15, x15\n\t"
+ "adcs x10, x10, x2\n\t"
+ "adc x11, x11, x3\n\t"
+ "stp x4, x5, [%[r], 0]\n\t"
+ "stp x6, x7, [%[r], 16]\n\t"
+ "stp x8, x9, [%[r], 32]\n\t"
+ "stp x10, x11, [%[r], 48]\n\t"
:
: [r] "r" (r), [a] "r" (a)
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "cc"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
);
}
@@ -22071,7 +22067,7 @@ static sp_digit sp_256_add_4(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 0]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 16]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -22198,14 +22194,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -22424,183 +22420,173 @@ static void sp_256_cond_copy_4(sp_digit* r, const sp_digit* a, sp_digit m)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m, sp_digit mp)
{
(void)m;
(void)mp;
__asm__ __volatile__ (
- "ldp x16, x17, [%[a], 0]\n\t"
- "ldp x21, x22, [%[b], 0]\n\t"
- "# A[0] * B[0]\n\t"
- "mul x8, x16, x21\n\t"
- "ldr x19, [%[a], 16]\n\t"
- "umulh x9, x16, x21\n\t"
- "ldr x23, [%[b], 16]\n\t"
- "# A[0] * B[1]\n\t"
- "mul x4, x16, x22\n\t"
- "ldr x20, [%[a], 24]\n\t"
- "umulh x5, x16, x22\n\t"
- "ldr x24, [%[b], 24]\n\t"
- "adds x9, x9, x4\n\t"
- "# A[1] * B[0]\n\t"
- "mul x4, x17, x21\n\t"
- "adc x10, xzr, x5\n\t"
- "umulh x5, x17, x21\n\t"
- "adds x9, x9, x4\n\t"
- "# A[0] * B[2]\n\t"
- "mul x4, x16, x23\n\t"
- "adcs x10, x10, x5\n\t"
- "umulh x5, x16, x23\n\t"
- "adc x11, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
- "# A[1] * B[1]\n\t"
- "mul x4, x17, x22\n\t"
- "adc x11, x11, x5\n\t"
- "umulh x5, x17, x22\n\t"
- "adds x10, x10, x4\n\t"
- "# A[2] * B[0]\n\t"
- "mul x4, x19, x21\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x19, x21\n\t"
- "adc x12, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
- "# A[0] * B[3]\n\t"
- "mul x4, x16, x24\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x16, x24\n\t"
- "adc x12, x12, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * B[2]\n\t"
- "mul x4, x17, x23\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x17, x23\n\t"
- "adc x13, xzr, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[2] * B[1]\n\t"
- "mul x4, x19, x22\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x19, x22\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[3] * B[0]\n\t"
- "mul x4, x20, x21\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x20, x21\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * B[3]\n\t"
- "mul x4, x17, x24\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x17, x24\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[2] * B[2]\n\t"
- "mul x4, x19, x23\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x19, x23\n\t"
- "adc x14, xzr, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[3] * B[1]\n\t"
- "mul x4, x20, x22\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x20, x22\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[2] * B[3]\n\t"
- "mul x4, x19, x24\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x19, x24\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x13, x13, x4\n\t"
- "# A[3] * B[2]\n\t"
- "mul x4, x20, x23\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x20, x23\n\t"
- "adc x15, xzr, xzr\n\t"
- "adds x13, x13, x4\n\t"
- "# A[3] * B[3]\n\t"
- "mul x4, x20, x24\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x20, x24\n\t"
- "adc x15, x15, xzr\n\t"
- "adds x14, x14, x4\n\t"
- "mov x4, x8\n\t"
- "adc x15, x15, x5\n\t"
+ "ldp x13, x14, [%[a], 0]\n\t"
+ "ldp x15, x16, [%[a], 16]\n\t"
+ "ldp x17, x19, [%[b], 0]\n\t"
+ "ldp x20, x21, [%[b], 16]\n\t"
+ "# A[0] * B[0]\n\t"
+ "umulh x6, x13, x17\n\t"
+ "mul x5, x13, x17\n\t"
+ "# A[2] * B[0]\n\t"
+ "umulh x8, x15, x17\n\t"
+ "mul x7, x15, x17\n\t"
+ "# A[1] * B[0]\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x7, x7, x4\n\t"
+ "adc x8, x8, xzr\n\t"
+ "# A[0] * B[2]\n\t"
+ "mul x3, x13, x20\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x13, x20\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# A[1] * B[3]\n\t"
+ "mul x9, x14, x21\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "umulh x10, x14, x21\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# A[0] * B[1]\n\t"
+ "mul x3, x13, x19\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x13, x19\n\t"
+ "adcs x7, x7, x4\n\t"
+ "# A[2] * B[1]\n\t"
+ "mul x3, x15, x19\n\t"
+ "adcs x8, x8, x3\n\t"
+ "umulh x4, x15, x19\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# A[1] * B[2]\n\t"
+ "mul x3, x14, x20\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x20\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[1] * B[1]\n\t"
+ "mul x3, x14, x19\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x14, x19\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# A[3] * B[1]\n\t"
+ "mul x3, x16, x19\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x4, x16, x19\n\t"
+ "adcs x10, x10, x4\n\t"
+ "adc x11, x11, xzr\n\t"
+ "# A[2] * B[2]\n\t"
+ "mul x3, x15, x20\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x15, x20\n\t"
+ "adcs x10, x10, x4\n\t"
+ "# A[3] * B[3]\n\t"
+ "mul x3, x16, x21\n\t"
+ "adcs x11, x11, x3\n\t"
+ "umulh x12, x16, x21\n\t"
+ "adc x12, x12, xzr\n\t"
+ "# A[0] * B[3]\n\t"
+ "mul x3, x13, x21\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x13, x21\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# A[2] * B[3]\n\t"
+ "mul x3, x15, x21\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x15, x21\n\t"
+ "adcs x11, x11, x4\n\t"
+ "adc x12, x12, xzr\n\t"
+ "# A[3] * B[0]\n\t"
+ "mul x3, x16, x17\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# A[3] * B[2]\n\t"
+ "mul x3, x16, x20\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x16, x20\n\t"
+ "adcs x11, x11, x4\n\t"
+ "mov x3, x5\n\t"
+ "adc x12, x12, xzr\n\t"
"# Start Reduction\n\t"
- "mov x5, x9\n\t"
- "mov x6, x10\n\t"
+ "mov x4, x6\n\t"
+ "mov x13, x7\n\t"
"# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
"# - a[0] << 32 << 192\n\t"
"# + (a[0] * 2) << 192\n\t"
"# a[0]-a[2] << 32\n\t"
- "extr x22, x10, x9, 32\n\t"
- "add x7, x11, x8\n\t"
- "extr x21, x9, x8, 32\n\t"
- "add x7, x7, x8\n\t"
+ "lsl x15, x5, #32\n\t"
+ "extr x17, x7, x6, 32\n\t"
+ "add x14, x8, x5\n\t"
+ "extr x16, x6, x5, 32\n\t"
+ "add x14, x14, x5\n\t"
"# + a[0]-a[2] << 32 << 64\n\t"
"# - a[0] << 32 << 192\n\t"
- "adds x5, x5, x8, lsl #32\n\t"
- "sub x7, x7, x8, lsl #32\n\t"
- "adcs x6, x6, x21\n\t"
- "adc x7, x7, x22\n\t"
+ "adds x4, x4, x15\n\t"
+ "sub x14, x14, x15\n\t"
+ "adcs x13, x13, x16\n\t"
+ "adc x14, x14, x17\n\t"
"# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
"# a += mu << 256\n\t"
- "adds x12, x12, x4\n\t"
- "adcs x13, x13, x5\n\t"
- "adcs x14, x14, x6\n\t"
- "adcs x15, x15, x7\n\t"
- "cset x8, cs\n\t"
+ "adds x9, x9, x3\n\t"
+ "adcs x10, x10, x4\n\t"
+ "adcs x11, x11, x13\n\t"
+ "adcs x12, x12, x14\n\t"
+ "adc x5, xzr, xzr\n\t"
"# a += mu << 192\n\t"
"# mu <<= 32\n\t"
"# a += (mu << 32) << 64\n\t"
- "adds x11, x11, x4\n\t"
- "adcs x12, x12, x5\n\t"
- "adcs x13, x13, x6\n\t"
- "lsr x16, x7, 32\n\t"
- "adcs x14, x14, x7\n\t"
- "extr x7, x7, x6, 32\n\t"
- "adcs x15, x15, xzr\n\t"
- "extr x6, x6, x5, 32\n\t"
- "adc x8, x8, xzr\n\t"
- "extr x5, x5, x4, 32\n\t"
- "lsl x4, x4, 32\n\t"
- "adds x9, x9, x4\n\t"
- "adcs x10, x10, x5\n\t"
- "adcs x11, x11, x6\n\t"
- "adcs x12, x12, x7\n\t"
- "adcs x13, x13, x16\n\t"
- "adcs x14, x14, xzr\n\t"
- "adcs x15, x15, xzr\n\t"
- "adc x8, x8, xzr\n\t"
+ "adds x8, x8, x3\n\t"
+ "extr x16, x14, x13, 32\n\t"
+ "adcs x9, x9, x4\n\t"
+ "extr x15, x13, x4, 32\n\t"
+ "adcs x10, x10, x13\n\t"
+ "extr x4, x4, x3, 32\n\t"
+ "adcs x11, x11, x14\n\t"
+ "lsl x3, x3, 32\n\t"
+ "adc x13, xzr, xzr\n\t"
+ "adds x6, x6, x3\n\t"
+ "lsr x17, x14, 32\n\t"
+ "adcs x7, x7, x4\n\t"
+ "adcs x8, x8, x15\n\t"
+ "adcs x9, x9, x16\n\t"
+ "adcs x10, x10, x17\n\t"
+ "adcs x11, x11, xzr\n\t"
+ "adcs x12, x12, x13\n\t"
+ "adc x5, x5, xzr\n\t"
"# a -= (mu << 32) << 192\n\t"
- "subs x11, x11, x4\n\t"
- "sbcs x12, x12, x5\n\t"
- "sbcs x13, x13, x6\n\t"
- "sbcs x14, x14, x7\n\t"
- "sbcs x15, x15, x16\n\t"
- "mov x19, 0xffffffff00000001\n\t"
- "sbc x8, x8, xzr\n\t"
- "neg x8, x8\n\t"
+ "subs x8, x8, x3\n\t"
+ "sbcs x9, x9, x4\n\t"
+ "sbcs x10, x10, x15\n\t"
+ "sbcs x11, x11, x16\n\t"
+ "sbcs x12, x12, x17\n\t"
+ "sbc x5, x5, xzr\n\t"
+ "neg x5, x5\n\t"
"# mask m and sub from result if overflow\n\t"
"# m[0] = -1 & mask = mask\n\t"
- "subs x12, x12, x8\n\t"
+ "subs x9, x9, x5\n\t"
"# m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
- "lsr x17, x8, 32\n\t"
- "sbcs x13, x13, x17\n\t"
- "and x19, x19, x8\n\t"
+ "lsr x16, x5, 32\n\t"
+ "sbcs x10, x10, x16\n\t"
+ "sub x17, xzr, x16\n\t"
"# m[2] = 0 & mask = 0\n\t"
- "sbcs x14, x14, xzr\n\t"
- "stp x12, x13, [%[r], 0]\n\t"
+ "sbcs x11, x11, xzr\n\t"
+ "stp x9, x10, [%[r], 0]\n\t"
"# m[3] = 0xffffffff00000001 & mask\n\t"
- "sbc x15, x15, x19\n\t"
- "stp x14, x15, [%[r], 16]\n\t"
- : [a] "+r" (a), [b] "+r" (b)
- : [r] "r" (r)
- : "memory", "x4", "x5", "x6", "x7", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
+ "sbc x12, x12, x17\n\t"
+ "stp x11, x12, [%[r], 16]\n\t"
+ :
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+ : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
);
}
@@ -22609,146 +22595,141 @@ SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, const
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m,
- sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* m, sp_digit mp)
{
(void)m;
(void)mp;
__asm__ __volatile__ (
- "ldp x16, x17, [%[a], 0]\n\t"
- "# A[0] * A[1]\n\t"
- "mul x9, x16, x17\n\t"
- "ldr x19, [%[a], 16]\n\t"
- "umulh x10, x16, x17\n\t"
- "ldr x20, [%[a], 24]\n\t"
- "# A[0] * A[2]\n\t"
- "mul x4, x16, x19\n\t"
- "umulh x5, x16, x19\n\t"
- "adds x10, x10, x4\n\t"
- "# A[0] * A[3]\n\t"
- "mul x4, x16, x20\n\t"
- "adc x11, xzr, x5\n\t"
- "umulh x5, x16, x20\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * A[2]\n\t"
- "mul x4, x17, x19\n\t"
- "adc x12, xzr, x5\n\t"
- "umulh x5, x17, x19\n\t"
- "adds x11, x11, x4\n\t"
- "# A[1] * A[3]\n\t"
- "mul x4, x17, x20\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x17, x20\n\t"
- "adc x13, xzr, xzr\n\t"
- "adds x12, x12, x4\n\t"
- "# A[2] * A[3]\n\t"
- "mul x4, x19, x20\n\t"
- "adc x13, x13, x5\n\t"
- "umulh x5, x19, x20\n\t"
- "adds x13, x13, x4\n\t"
- "adc x14, xzr, x5\n\t"
+ "ldp x12, x13, [%[a], 0]\n\t"
+ "ldp x14, x15, [%[a], 16]\n\t"
+ "# A[0] * A[1]\n\t"
+ "umulh x6, x12, x13\n\t"
+ "mul x5, x12, x13\n\t"
+ "# A[0] * A[3]\n\t"
+ "umulh x8, x12, x15\n\t"
+ "mul x7, x12, x15\n\t"
+ "# A[0] * A[2]\n\t"
+ "mul x2, x12, x14\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x12, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# A[1] * A[3]\n\t"
+ "mul x2, x13, x15\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x9, x13, x15\n\t"
+ "adc x9, x9, xzr\n\t"
+ "# A[1] * A[2]\n\t"
+ "mul x2, x13, x14\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x13, x14\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# A[2] * A[3]\n\t"
+ "mul x2, x14, x15\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x10, x14, x15\n\t"
+ "adc x10, x10, xzr\n\t"
"# Double\n\t"
- "adds x9, x9, x9\n\t"
+ "adds x5, x5, x5\n\t"
+ "adcs x6, x6, x6\n\t"
+ "adcs x7, x7, x7\n\t"
+ "adcs x8, x8, x8\n\t"
+ "adcs x9, x9, x9\n\t"
"adcs x10, x10, x10\n\t"
- "adcs x11, x11, x11\n\t"
- "adcs x12, x12, x12\n\t"
- "adcs x13, x13, x13\n\t"
- "# A[0] * A[0]\n\t"
- "mul x8, x16, x16\n\t"
- "adcs x14, x14, x14\n\t"
- "umulh x3, x16, x16\n\t"
- "cset x15, cs\n\t"
- "# A[1] * A[1]\n\t"
- "mul x4, x17, x17\n\t"
- "adds x9, x9, x3\n\t"
- "umulh x5, x17, x17\n\t"
- "adcs x10, x10, x4\n\t"
- "# A[2] * A[2]\n\t"
- "mul x6, x19, x19\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x7, x19, x19\n\t"
- "adcs x12, x12, x6\n\t"
- "# A[3] * A[3]\n\t"
- "mul x16, x20, x20\n\t"
- "adcs x13, x13, x7\n\t"
- "umulh x17, x20, x20\n\t"
- "adcs x14, x14, x16\n\t"
- "mov x3, x8\n\t"
- "adc x15, x15, x17\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[0] * A[0]\n\t"
+ "umulh x3, x12, x12\n\t"
+ "mul x4, x12, x12\n\t"
+ "# A[1] * A[1]\n\t"
+ "mul x2, x13, x13\n\t"
+ "adds x5, x5, x3\n\t"
+ "umulh x3, x13, x13\n\t"
+ "adcs x6, x6, x2\n\t"
+ "# A[2] * A[2]\n\t"
+ "mul x2, x14, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "umulh x3, x14, x14\n\t"
+ "adcs x8, x8, x2\n\t"
+ "# A[3] * A[3]\n\t"
+ "mul x2, x15, x15\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x3, x15, x15\n\t"
+ "adcs x10, x10, x2\n\t"
+ "mov x2, x4\n\t"
+ "adc x11, x11, x3\n\t"
"# Start Reduction\n\t"
- "mov x4, x9\n\t"
- "mov x5, x10\n\t"
+ "mov x3, x5\n\t"
+ "mov x12, x6\n\t"
"# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
"# - a[0] << 32 << 192\n\t"
"# + (a[0] * 2) << 192\n\t"
"# a[0]-a[2] << 32\n\t"
- "extr x21, x10, x9, 32\n\t"
- "add x6, x11, x8\n\t"
- "extr x20, x9, x8, 32\n\t"
- "add x6, x6, x8\n\t"
+ "lsl x14, x4, #32\n\t"
+ "extr x16, x6, x5, 32\n\t"
+ "add x13, x7, x4\n\t"
+ "extr x15, x5, x4, 32\n\t"
+ "add x13, x13, x4\n\t"
"# + a[0]-a[2] << 32 << 64\n\t"
"# - a[0] << 32 << 192\n\t"
- "adds x4, x4, x8, lsl #32\n\t"
- "sub x6, x6, x8, lsl #32\n\t"
- "adcs x5, x5, x20\n\t"
- "adc x6, x6, x21\n\t"
+ "adds x3, x3, x14\n\t"
+ "sub x13, x13, x14\n\t"
+ "adcs x12, x12, x15\n\t"
+ "adc x13, x13, x16\n\t"
"# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
"# a += mu << 256\n\t"
- "adds x12, x12, x3\n\t"
- "adcs x13, x13, x4\n\t"
- "adcs x14, x14, x5\n\t"
- "adcs x15, x15, x6\n\t"
- "cset x8, cs\n\t"
+ "adds x8, x8, x2\n\t"
+ "adcs x9, x9, x3\n\t"
+ "adcs x10, x10, x12\n\t"
+ "adcs x11, x11, x13\n\t"
+ "adc x4, xzr, xzr\n\t"
"# a += mu << 192\n\t"
"# mu <<= 32\n\t"
"# a += (mu << 32) << 64\n\t"
- "adds x11, x11, x3\n\t"
- "adcs x12, x12, x4\n\t"
- "adcs x13, x13, x5\n\t"
- "lsr x7, x6, 32\n\t"
- "adcs x14, x14, x6\n\t"
- "extr x6, x6, x5, 32\n\t"
- "adcs x15, x15, xzr\n\t"
- "extr x5, x5, x4, 32\n\t"
- "adc x8, x8, xzr\n\t"
- "extr x4, x4, x3, 32\n\t"
- "lsl x3, x3, 32\n\t"
- "adds x9, x9, x3\n\t"
- "adcs x10, x10, x4\n\t"
- "adcs x11, x11, x5\n\t"
- "adcs x12, x12, x6\n\t"
- "adcs x13, x13, x7\n\t"
- "adcs x14, x14, xzr\n\t"
- "adcs x15, x15, xzr\n\t"
- "adc x8, x8, xzr\n\t"
+ "adds x7, x7, x2\n\t"
+ "extr x15, x13, x12, 32\n\t"
+ "adcs x8, x8, x3\n\t"
+ "extr x14, x12, x3, 32\n\t"
+ "adcs x9, x9, x12\n\t"
+ "extr x3, x3, x2, 32\n\t"
+ "adcs x10, x10, x13\n\t"
+ "lsl x2, x2, 32\n\t"
+ "adc x12, xzr, xzr\n\t"
+ "adds x5, x5, x2\n\t"
+ "lsr x16, x13, 32\n\t"
+ "adcs x6, x6, x3\n\t"
+ "adcs x7, x7, x14\n\t"
+ "adcs x8, x8, x15\n\t"
+ "adcs x9, x9, x16\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adcs x11, x11, x12\n\t"
+ "adc x4, x4, xzr\n\t"
"# a -= (mu << 32) << 192\n\t"
- "subs x11, x11, x3\n\t"
- "sbcs x12, x12, x4\n\t"
- "sbcs x13, x13, x5\n\t"
- "sbcs x14, x14, x6\n\t"
- "sbcs x15, x15, x7\n\t"
- "mov x17, 0xffffffff00000001\n\t"
- "sbc x8, x8, xzr\n\t"
- "neg x8, x8\n\t"
+ "subs x7, x7, x2\n\t"
+ "sbcs x8, x8, x3\n\t"
+ "sbcs x9, x9, x14\n\t"
+ "sbcs x10, x10, x15\n\t"
+ "sbcs x11, x11, x16\n\t"
+ "sbc x4, x4, xzr\n\t"
+ "neg x4, x4\n\t"
"# mask m and sub from result if overflow\n\t"
"# m[0] = -1 & mask = mask\n\t"
- "subs x12, x12, x8\n\t"
+ "subs x8, x8, x4\n\t"
"# m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
- "lsr x16, x8, 32\n\t"
- "sbcs x13, x13, x16\n\t"
- "and x17, x17, x8\n\t"
+ "lsr x15, x4, 32\n\t"
+ "sbcs x9, x9, x15\n\t"
+ "sub x16, xzr, x15\n\t"
"# m[2] = 0 & mask = 0\n\t"
- "sbcs x14, x14, xzr\n\t"
- "stp x12, x13, [%[r], 0]\n\t"
+ "sbcs x10, x10, xzr\n\t"
+ "stp x8, x9, [%[r], 0]\n\t"
"# m[3] = 0xffffffff00000001 & mask\n\t"
- "sbc x15, x15, x17\n\t"
- "stp x14, x15, [%[r], 16]\n\t"
+ "sbc x11, x11, x16\n\t"
+ "stp x10, x11, [%[r], 16]\n\t"
:
: [r] "r" (r), [a] "r" (a)
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
);
}
@@ -22759,10 +22740,10 @@ SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_4(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_4(r, a, m, mp);
for (; n > 1; n--) {
@@ -22990,52 +22971,51 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
"# - a[0] << 32 << 192\n\t"
"# + (a[0] * 2) << 192\n\t"
"# a[0]-a[2] << 32\n\t"
- "extr x20, x12, x11, 32\n\t"
+ "lsl x7, x10, #32\n\t"
+ "extr x9, x12, x11, 32\n\t"
"add x6, x13, x10\n\t"
- "extr x19, x11, x10, 32\n\t"
+ "extr x8, x11, x10, 32\n\t"
"add x6, x6, x10\n\t"
"# + a[0]-a[2] << 32 << 64\n\t"
"# - a[0] << 32 << 192\n\t"
- "adds x4, x4, x10, lsl #32\n\t"
- "sub x6, x6, x10, lsl #32\n\t"
- "adcs x5, x5, x19\n\t"
- "adc x6, x6, x20\n\t"
+ "adds x4, x4, x7\n\t"
+ "sub x6, x6, x7\n\t"
+ "adcs x5, x5, x8\n\t"
+ "adc x6, x6, x9\n\t"
"# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
"# a += mu << 256\n\t"
"adds x14, x14, x3\n\t"
"adcs x15, x15, x4\n\t"
"adcs x16, x16, x5\n\t"
"adcs x17, x17, x6\n\t"
- "cset x10, cs\n\t"
+ "adc x10, xzr, xzr\n\t"
"# a += mu << 192\n\t"
"# mu <<= 32\n\t"
"# a += (mu << 32) << 64\n\t"
"adds x13, x13, x3\n\t"
+ "extr x8, x6, x5, 32\n\t"
"adcs x14, x14, x4\n\t"
+ "extr x7, x5, x4, 32\n\t"
"adcs x15, x15, x5\n\t"
- "lsr x7, x6, 32\n\t"
- "adcs x16, x16, x6\n\t"
- "extr x6, x6, x5, 32\n\t"
- "adcs x17, x17, xzr\n\t"
- "extr x5, x5, x4, 32\n\t"
- "adc x10, x10, xzr\n\t"
"extr x4, x4, x3, 32\n\t"
- "lsl x3, x3, 32\n\t"
+ "adcs x16, x16, x6\n\t"
+ "lsl x3, x3, 32\n\t"
+ "adc x5, xzr, xzr\n\t"
"adds x11, x11, x3\n\t"
+ "lsr x9, x6, 32\n\t"
"adcs x12, x12, x4\n\t"
- "adcs x13, x13, x5\n\t"
- "adcs x14, x14, x6\n\t"
- "adcs x15, x15, x7\n\t"
+ "adcs x13, x13, x7\n\t"
+ "adcs x14, x14, x8\n\t"
+ "adcs x15, x15, x9\n\t"
"adcs x16, x16, xzr\n\t"
- "adcs x17, x17, xzr\n\t"
+ "adcs x17, x17, x5\n\t"
"adc x10, x10, xzr\n\t"
"# a -= (mu << 32) << 192\n\t"
"subs x13, x13, x3\n\t"
"sbcs x14, x14, x4\n\t"
- "sbcs x15, x15, x5\n\t"
- "sbcs x16, x16, x6\n\t"
- "sbcs x17, x17, x7\n\t"
- "mov x9, 0xffffffff00000001\n\t"
+ "sbcs x15, x15, x7\n\t"
+ "sbcs x16, x16, x8\n\t"
+ "sbcs x17, x17, x9\n\t"
"sbc x10, x10, xzr\n\t"
"neg x10, x10\n\t"
"# mask m and sub from result if overflow\n\t"
@@ -23044,7 +23024,7 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
"# m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
"lsr x8, x10, 32\n\t"
"sbcs x15, x15, x8\n\t"
- "and x9, x9, x10\n\t"
+ "sub x9, xzr, x8\n\t"
"# m[2] = 0 & mask = 0\n\t"
"sbcs x16, x16, xzr\n\t"
"stp x14, x15, [%[a], 0]\n\t"
@@ -23056,162 +23036,6 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
: "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x19", "x20", "cc"
);
}
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a A single precision number to reduce in place.
- * m The single precision number representing the modulus.
- * mp The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_256_mont_reduce_order_4(sp_digit* a, const sp_digit* m,
- sp_digit mp)
-{
- __asm__ __volatile__ (
- "ldp x9, x10, [%[a], 0]\n\t"
- "ldp x11, x12, [%[a], 16]\n\t"
- "ldp x17, x19, [%[m], 0]\n\t"
- "ldp x20, x21, [%[m], 16]\n\t"
- "mov x8, xzr\n\t"
- "# mu = a[0] * mp\n\t"
- "mul x5, %[mp], x9\n\t"
- "ldr x13, [%[a], 32]\n\t"
- "# a[0+0] += m[0] * mu\n\t"
- "mul x3, x17, x5\n\t"
- "ldr x14, [%[a], 40]\n\t"
- "umulh x6, x17, x5\n\t"
- "ldr x15, [%[a], 48]\n\t"
- "adds x9, x9, x3\n\t"
- "ldr x16, [%[a], 56]\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[0+1] += m[1] * mu\n\t"
- "mul x3, x19, x5\n\t"
- "umulh x7, x19, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adc x7, x7, xzr\n\t"
- "adds x10, x10, x3\n\t"
- "adc x7, x7, xzr\n\t"
- "# a[0+2] += m[2] * mu\n\t"
- "mul x3, x20, x5\n\t"
- "umulh x6, x20, x5\n\t"
- "adds x3, x3, x7\n\t"
- "adc x6, x6, xzr\n\t"
- "adds x11, x11, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[0+3] += m[3] * mu\n\t"
- "mul x3, x21, x5\n\t"
- "umulh x4, x21, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adcs x4, x4, x8\n\t"
- "cset x8, cs\n\t"
- "adds x12, x12, x3\n\t"
- "adcs x13, x13, x4\n\t"
- "adc x8, x8, xzr\n\t"
- "# mu = a[1] * mp\n\t"
- "mul x5, %[mp], x10\n\t"
- "# a[1+0] += m[0] * mu\n\t"
- "mul x3, x17, x5\n\t"
- "umulh x6, x17, x5\n\t"
- "adds x10, x10, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[1+1] += m[1] * mu\n\t"
- "mul x3, x19, x5\n\t"
- "umulh x7, x19, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adc x7, x7, xzr\n\t"
- "adds x11, x11, x3\n\t"
- "adc x7, x7, xzr\n\t"
- "# a[1+2] += m[2] * mu\n\t"
- "mul x3, x20, x5\n\t"
- "umulh x6, x20, x5\n\t"
- "adds x3, x3, x7\n\t"
- "adc x6, x6, xzr\n\t"
- "adds x12, x12, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[1+3] += m[3] * mu\n\t"
- "mul x3, x21, x5\n\t"
- "umulh x4, x21, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adcs x4, x4, x8\n\t"
- "cset x8, cs\n\t"
- "adds x13, x13, x3\n\t"
- "adcs x14, x14, x4\n\t"
- "adc x8, x8, xzr\n\t"
- "# mu = a[2] * mp\n\t"
- "mul x5, %[mp], x11\n\t"
- "# a[2+0] += m[0] * mu\n\t"
- "mul x3, x17, x5\n\t"
- "umulh x6, x17, x5\n\t"
- "adds x11, x11, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[2+1] += m[1] * mu\n\t"
- "mul x3, x19, x5\n\t"
- "umulh x7, x19, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adc x7, x7, xzr\n\t"
- "adds x12, x12, x3\n\t"
- "adc x7, x7, xzr\n\t"
- "# a[2+2] += m[2] * mu\n\t"
- "mul x3, x20, x5\n\t"
- "umulh x6, x20, x5\n\t"
- "adds x3, x3, x7\n\t"
- "adc x6, x6, xzr\n\t"
- "adds x13, x13, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[2+3] += m[3] * mu\n\t"
- "mul x3, x21, x5\n\t"
- "umulh x4, x21, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adcs x4, x4, x8\n\t"
- "cset x8, cs\n\t"
- "adds x14, x14, x3\n\t"
- "adcs x15, x15, x4\n\t"
- "adc x8, x8, xzr\n\t"
- "# mu = a[3] * mp\n\t"
- "mul x5, %[mp], x12\n\t"
- "# a[3+0] += m[0] * mu\n\t"
- "mul x3, x17, x5\n\t"
- "umulh x6, x17, x5\n\t"
- "adds x12, x12, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[3+1] += m[1] * mu\n\t"
- "mul x3, x19, x5\n\t"
- "umulh x7, x19, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adc x7, x7, xzr\n\t"
- "adds x13, x13, x3\n\t"
- "adc x7, x7, xzr\n\t"
- "# a[3+2] += m[2] * mu\n\t"
- "mul x3, x20, x5\n\t"
- "umulh x6, x20, x5\n\t"
- "adds x3, x3, x7\n\t"
- "adc x6, x6, xzr\n\t"
- "adds x14, x14, x3\n\t"
- "adc x6, x6, xzr\n\t"
- "# a[3+3] += m[3] * mu\n\t"
- "mul x3, x21, x5\n\t"
- "umulh x4, x21, x5\n\t"
- "adds x3, x3, x6\n\t"
- "adcs x4, x4, x8\n\t"
- "cset x8, cs\n\t"
- "adds x15, x15, x3\n\t"
- "adcs x16, x16, x4\n\t"
- "adc x8, x8, xzr\n\t"
- "sub x3, xzr, x8\n\t"
- "and x17, x17, x3\n\t"
- "and x19, x19, x3\n\t"
- "and x20, x20, x3\n\t"
- "and x21, x21, x3\n\t"
- "subs x13, x13, x17\n\t"
- "sbcs x14, x14, x19\n\t"
- "sbcs x15, x15, x20\n\t"
- "stp x13, x14, [%[a], 0]\n\t"
- "sbc x16, x16, x21\n\t"
- "stp x15, x16, [%[a], 16]\n\t"
- :
- : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
- : "memory", "x3", "x4", "x5", "x8", "x6", "x7", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "cc"
- );
-}
-
/* Map the Montgomery form projective coordinate point to an affine point.
*
* r Resulting affine coordinate point.
@@ -23252,69 +23076,42 @@ static void sp_256_map_4(sp_point_256* r, const sp_point_256* p,
r->z[0] = 1;
}
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r Result of addition.
- * a First number to add in Montgomery form.
- * b Second number to add in Montgomery form.
- * m Modulus (prime).
- */
-static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
-{
- __asm__ __volatile__ (
- "ldp x4, x5, [%[a], 0]\n\t"
- "ldp x8, x9, [%[b], 0]\n\t"
- "adds x4, x4, x8\n\t"
- "ldp x6, x7, [%[a], 16]\n\t"
- "adcs x5, x5, x9\n\t"
- "ldp x10, x11, [%[b], 16]\n\t"
- "adcs x6, x6, x10\n\t"
- "adcs x7, x7, x11\n\t"
- "mov x13, 0xffffffff00000001\n\t"
- "csetm x14, cs\n\t"
- "subs x4, x4, x14\n\t"
- "lsr x12, x14, 32\n\t"
- "sbcs x5, x5, x12\n\t"
- "and x13, x13, x14\n\t"
- "sbcs x6, x6, xzr\n\t"
- "stp x4, x5, [%[r],0]\n\t"
- "sbc x7, x7, x13\n\t"
- "stp x6, x7, [%[r],16]\n\t"
- :
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
- );
-}
-
/* Double a Montgomery form number (r = a + a % m).
*
* r Result of doubling.
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
-static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x3, x4, [%[a]]\n\t"
"ldp x5, x6, [%[a],16]\n\t"
- "adds x3, x3, x3\n\t"
- "adcs x4, x4, x4\n\t"
- "adcs x5, x5, x5\n\t"
- "adcs x6, x6, x6\n\t"
- "mov x8, 0xffffffff00000001\n\t"
- "csetm x9, cs\n\t"
- "subs x3, x3, x9\n\t"
- "lsr x7, x9, 32\n\t"
- "sbcs x4, x4, x7\n\t"
- "and x8, x8, x9\n\t"
- "sbcs x5, x5, xzr\n\t"
- "stp x3, x4, [%[r],0]\n\t"
- "sbc x6, x6, x8\n\t"
- "stp x5, x6, [%[r],16]\n\t"
+ "lsl x9, x3, #1\n\t"
+ "extr x10, x4, x3, #63\n\t"
+ "extr x11, x5, x4, #63\n\t"
+ "asr x13, x6, #63\n\t"
+ "extr x12, x6, x5, #63\n\t"
+ "subs x9, x9, x13\n\t"
+ "lsr x7, x13, 32\n\t"
+ "sbcs x10, x10, x7\n\t"
+ "sub x8, xzr, x7\n\t"
+ "sbcs x11, x11, xzr\n\t"
+ "sbcs x12, x12, x8\n\t"
+ "sbc x8, xzr, xzr\n\t"
+ "sub x13, x13, x8\n\t"
+ "subs x9, x9, x13\n\t"
+ "lsr x7, x13, 32\n\t"
+ "sbcs x10, x10, x7\n\t"
+ "sub x8, xzr, x7\n\t"
+ "sbcs x11, x11, xzr\n\t"
+ "stp x9, x10, [%[r],0]\n\t"
+ "sbc x12, x12, x8\n\t"
+ "stp x11, x12, [%[r],16]\n\t"
:
: [r] "r" (r), [a] "r" (a)
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x13", "x9", "x10", "x11", "x12", "cc"
);
(void)m;
@@ -23326,41 +23123,50 @@ static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
-static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
- "ldp x10, x11, [%[a]]\n\t"
- "adds x3, x10, x10\n\t"
- "ldr x12, [%[a], 16]\n\t"
- "adcs x4, x11, x11\n\t"
- "ldr x13, [%[a], 24]\n\t"
- "adcs x5, x12, x12\n\t"
- "adcs x6, x13, x13\n\t"
- "mov x8, 0xffffffff00000001\n\t"
- "csetm x9, cs\n\t"
- "subs x3, x3, x9\n\t"
- "lsr x7, x9, 32\n\t"
+ "ldp x9, x10, [%[a]]\n\t"
+ "ldp x11, x12, [%[a], 16]\n\t"
+ "lsl x3, x9, #1\n\t"
+ "extr x4, x10, x9, #63\n\t"
+ "extr x5, x11, x10, #63\n\t"
+ "asr x13, x12, #63\n\t"
+ "extr x6, x12, x11, #63\n\t"
+ "subs x3, x3, x13\n\t"
+ "lsr x7, x13, 32\n\t"
"sbcs x4, x4, x7\n\t"
- "and x8, x8, x9\n\t"
+ "sub x8, xzr, x7\n\t"
"sbcs x5, x5, xzr\n\t"
- "sbc x6, x6, x8\n\t"
- "adds x3, x3, x10\n\t"
- "adcs x4, x4, x11\n\t"
- "adcs x5, x5, x12\n\t"
- "adcs x6, x6, x13\n\t"
- "mov x8, 0xffffffff00000001\n\t"
- "csetm x9, cs\n\t"
- "subs x3, x3, x9\n\t"
- "lsr x7, x9, 32\n\t"
+ "sbcs x6, x6, x8\n\t"
+ "neg x13, x13\n\t"
+ "sbc x13, x13, xzr\n\t"
+ "adds x3, x3, x9\n\t"
+ "adcs x4, x4, x10\n\t"
+ "adcs x5, x5, x11\n\t"
+ "adcs x6, x6, x12\n\t"
+ "adc x13, x13, xzr\n\t"
+ "neg x13, x13\n\t"
+ "subs x3, x3, x13, asr #1\n\t"
+ "lsr x7, x13, 32\n\t"
"sbcs x4, x4, x7\n\t"
- "and x8, x8, x9\n\t"
+ "sub x8, xzr, x7\n\t"
"sbcs x5, x5, xzr\n\t"
- "stp x3, x4, [%[r], 0]\n\t"
+ "sbcs x6, x6, x8\n\t"
+ "sbc x8, xzr, xzr\n\t"
+ "sub x13, x13, x8\n\t"
+ "subs x3, x3, x13\n\t"
+ "lsr x7, x13, 32\n\t"
+ "sbcs x4, x4, x7\n\t"
+ "sub x8, xzr, x7\n\t"
+ "sbcs x5, x5, xzr\n\t"
+ "stp x3, x4, [%[r],0]\n\t"
"sbc x6, x6, x8\n\t"
- "stp x5, x6, [%[r], 16]\n\t"
+ "stp x5, x6, [%[r],16]\n\t"
:
: [r] "r" (r), [a] "r" (a)
- : "memory", "x10", "x11", "x12", "x13", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
+ : "memory", "x9", "x10", "x11", "x12", "x3", "x4", "x5", "x6", "x7", "x8", "x13", "cc"
);
(void)m;
@@ -23373,66 +23179,213 @@ static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
+ "ldp x6, x7, [%[a], 16]\n\t"
"ldp x8, x9, [%[b], 0]\n\t"
+ "ldp x10, x11, [%[b], 16]\n\t"
"subs x4, x4, x8\n\t"
- "ldp x6, x7, [%[a], 16]\n\t"
"sbcs x5, x5, x9\n\t"
- "ldp x10, x11, [%[b], 16]\n\t"
"sbcs x6, x6, x10\n\t"
"sbcs x7, x7, x11\n\t"
- "mov x13, 0xffffffff00000001\n\t"
- "csetm x14, cc\n\t"
+ "sbc x14, xzr, xzr\n\t"
"adds x4, x4, x14\n\t"
"lsr x12, x14, 32\n\t"
"adcs x5, x5, x12\n\t"
- "and x13, x13, x14\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x6, x6, xzr\n\t"
+ "adcs x7, x7, x13\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x4, x4, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "adcs x5, x5, x12\n\t"
+ "sub x13, xzr, x12\n\t"
"adcs x6, x6, xzr\n\t"
"stp x4, x5, [%[r],0]\n\t"
"adc x7, x7, x13\n\t"
"stp x6, x7, [%[r],16]\n\t"
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
: "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
);
+
+ (void)m;
}
-#define sp_256_mont_sub_lower_4 sp_256_mont_sub_4
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
*
* r Result of division by 2.
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_256_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
- "ldp x3, x4, [%[a], 0]\n\t"
- "and x9, x3, 1\n\t"
- "ldp x5, x6, [%[a], 16]\n\t"
- "sub x10, xzr, x9\n\t"
- "lsr x7, x10, 32\n\t"
- "adds x3, x3, x10\n\t"
- "and x8, x10, 0xffffffff00000001\n\t"
- "adcs x4, x4, x7\n\t"
- "adcs x5, x5, xzr\n\t"
- "extr x3, x4, x3, 1\n\t"
- "adcs x6, x6, x8\n\t"
- "extr x4, x5, x4, 1\n\t"
- "cset x9, cs\n\t"
- "extr x5, x6, x5, 1\n\t"
- "extr x6, x9, x6, 1\n\t"
- "stp x3, x4, [%[r], 0]\n\t"
- "stp x5, x6, [%[r], 16]\n\t"
+ "ldp x3, x4, [%[a], 0]\n\t"
+ "ldp x5, x6, [%[a], 16]\n\t"
+ "sbfx x8, x3, 0, 1\n\t"
+ "adds x3, x3, x8\n\t"
+ "lsr x7, x8, 32\n\t"
+ "adcs x4, x4, x7\n\t"
+ "sub x8, xzr, x7\n\t"
+ "adcs x5, x5, xzr\n\t"
+ "extr x3, x4, x3, 1\n\t"
+ "adcs x6, x6, x8\n\t"
+ "extr x4, x5, x4, 1\n\t"
+ "adc x9, xzr, xzr\n\t"
+ "extr x5, x6, x5, 1\n\t"
+ "extr x6, x9, x6, 1\n\t"
+ "stp x3, x4, [%[r], 0]\n\t"
+ "stp x5, x6, [%[r], 16]\n\t"
:
: [r] "r" (r), [a] "r" (a), [m] "r" (m)
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x9", "x8", "cc"
+ );
+}
+
+/* Double number and subtract (r = (a - 2.b) % m).
+ *
+ * r Result of subtration.
+ * a Number to subtract from in Montgomery form.
+ * b Number to subtract with in Montgomery form.
+ * m Modulus (prime).
+ */
+SP_NOINLINE static void sp_256_mont_rsb_sub_dbl_4(sp_digit* r,
+ const sp_digit* a, sp_digit* b, const sp_digit* m)
+{
+ __asm__ __volatile__ (
+ "ldp x8, x9, [%[b]]\n\t"
+ "ldp x10, x11, [%[b],16]\n\t"
+ "lsl x15, x8, #1\n\t"
+ "extr x16, x9, x8, #63\n\t"
+ "extr x17, x10, x9, #63\n\t"
+ "asr x14, x11, #63\n\t"
+ "extr x19, x11, x10, #63\n\t"
+ "ldp x4, x5, [%[a]]\n\t"
+ "ldp x6, x7, [%[a],16]\n\t"
+ "subs x15, x15, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "sbcs x16, x16, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "sbcs x17, x17, xzr\n\t"
+ "sbcs x19, x19, x13\n\t"
+ "neg x14, x14\n\t"
+ "sbc x14, x14, xzr\n\t"
+ "subs x15, x4, x15\n\t"
+ "sbcs x16, x5, x16\n\t"
+ "sbcs x17, x6, x17\n\t"
+ "sbcs x19, x7, x19\n\t"
+ "sbc x14, xzr, x14\n\t"
+ "adds x15, x15, x14, asr #1\n\t"
+ "lsr x12, x14, 32\n\t"
+ "adcs x16, x16, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "adcs x19, x19, x13\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x15, x15, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "adcs x16, x16, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "stp x15, x16, [%[r],0]\n\t"
+ "adc x19, x19, x13\n\t"
+ "stp x17, x19, [%[r],16]\n\t"
+ "subs x15, x8, x15\n\t"
+ "sbcs x16, x9, x16\n\t"
+ "sbcs x17, x10, x17\n\t"
+ "sbcs x19, x11, x19\n\t"
+ "sbc x14, xzr, xzr\n\t"
+ "adds x15, x15, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "adcs x16, x16, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "adcs x19, x19, x13\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x15, x15, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "adcs x16, x16, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x17, x17, xzr\n\t"
+ "stp x15, x16, [%[b],0]\n\t"
+ "adc x19, x19, x13\n\t"
+ "stp x17, x19, [%[b],16]\n\t"
+ :
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+ : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "cc"
);
+ (void)m;
+}
+
+/* Subtract two Montgomery form numbers (r = a - b % m).
+ *
+ * ra Result of addition.
+ * rs Result of subtration.
+ * a Number to subtract from in Montgomery form.
+ * b Number to subtract with in Montgomery form.
+ * m Modulus (prime).
+ */
+SP_NOINLINE static void sp_256_mont_add_sub_4(sp_digit* ra,
+ sp_digit* rs, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+{
+ __asm__ __volatile__ (
+ "ldp x4, x5, [%[a], 0]\n\t"
+ "ldp x6, x7, [%[a], 16]\n\t"
+ "ldp x8, x9, [%[b], 0]\n\t"
+ "ldp x10, x11, [%[b], 16]\n\t"
+ "adds x14, x4, x8\n\t"
+ "adcs x15, x5, x9\n\t"
+ "adcs x16, x6, x10\n\t"
+ "adcs x17, x7, x11\n\t"
+ "csetm x19, cs\n\t"
+ "subs x14, x14, x19\n\t"
+ "lsr x12, x19, 32\n\t"
+ "sbcs x15, x15, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "sbcs x16, x16, xzr\n\t"
+ "sbcs x17, x17, x13\n\t"
+ "sbc x13, xzr, xzr\n\t"
+ "sub x19, x19, x13\n\t"
+ "subs x14, x14, x19\n\t"
+ "lsr x12, x19, 32\n\t"
+ "sbcs x15, x15, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "sbcs x16, x16, xzr\n\t"
+ "stp x14, x15, [%[ra],0]\n\t"
+ "sbc x17, x17, x13\n\t"
+ "stp x16, x17, [%[ra],16]\n\t"
+ "subs x4, x4, x8\n\t"
+ "sbcs x5, x5, x9\n\t"
+ "sbcs x6, x6, x10\n\t"
+ "sbcs x7, x7, x11\n\t"
+ "sbc x19, xzr, xzr\n\t"
+ "adds x4, x4, x19\n\t"
+ "lsr x12, x19, 32\n\t"
+ "adcs x5, x5, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x6, x6, xzr\n\t"
+ "adcs x7, x7, x13\n\t"
+ "adc x19, x19, xzr\n\t"
+ "adds x4, x4, x19\n\t"
+ "lsr x12, x19, 32\n\t"
+ "adcs x5, x5, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "adcs x6, x6, xzr\n\t"
+ "stp x4, x5, [%[rs],0]\n\t"
+ "adc x7, x7, x13\n\t"
+ "stp x6, x7, [%[rs],16]\n\t"
+ :
+ : [ra] "r" (ra), [rs] "r" (rs), [a] "r" (a), [b] "r" (b)
+ : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x19", "x14", "x15", "x16", "x17", "cc"
+ );
+
+ (void)m;
}
/* Double the Montgomery form projective point p.
@@ -23464,10 +23417,8 @@ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
sp_256_mont_mul_4(z, p->y, p->z, p256_mod, p256_mp_mod);
/* Z = 2Z */
sp_256_mont_dbl_4(z, z, p256_mod);
- /* T2 = X - T1 */
- sp_256_mont_sub_4(t2, p->x, t1, p256_mod);
- /* T1 = X + T1 */
- sp_256_mont_add_4(t1, p->x, t1, p256_mod);
+ /* T1/T2 = X +/- T1 */
+ sp_256_mont_add_sub_4(t1, t2, p->x, t1, p256_mod);
/* T2 = T1 * T2 */
sp_256_mont_mul_4(t2, t1, t2, p256_mod, p256_mp_mod);
/* T1 = 3T2 */
@@ -23479,17 +23430,14 @@ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_4(t2, t2, p256_mod);
+ sp_256_mont_div2_4(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_4(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
sp_256_mont_sqr_4(x, t1, p256_mod, p256_mp_mod);
- /* X = X - Y */
- sp_256_mont_sub_4(x, x, y, p256_mod);
- /* X = X - Y */
- sp_256_mont_sub_4(x, x, y, p256_mod);
+ /* X = X - 2*Y */
/* Y = Y - X */
- sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_4(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -23512,7 +23460,8 @@ typedef struct sp_256_proj_point_dbl_4_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_4_ctx* ctx = (sp_256_proj_point_dbl_4_ctx*)sp_ctx->data;
@@ -23550,13 +23499,11 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
ctx->state = 4;
break;
case 4:
- /* T2 = X - T1 */
- sp_256_mont_sub_4(ctx->t2, p->x, ctx->t1, p256_mod);
+ /* T1/T2 = X +/- T1 */
+ sp_256_mont_add_sub_4(ctx->t1, ctx->t2, p->x, ctx->t1, p256_mod);
ctx->state = 5;
break;
case 5:
- /* T1 = X + T1 */
- sp_256_mont_add_4(ctx->t1, p->x, ctx->t1, p256_mod);
ctx->state = 6;
break;
case 6:
@@ -23586,7 +23533,7 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_4(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_4(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -23600,18 +23547,15 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
ctx->state = 14;
break;
case 14:
- /* X = X - Y */
- sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
+ /* X = X - 2*Y */
+ /* Y = Y - X */
+ sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 15;
break;
case 15:
- /* X = X - Y */
- sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 16;
break;
case 16:
- /* Y = Y - X */
- sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -23636,101 +23580,6 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_256_mont_tpl_lower_4 sp_256_mont_tpl_4
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r Result of subtration.
- * a Number to subtract from in Montgomery form.
- * b Number to subtract with in Montgomery form.
- * m Modulus (prime).
- */
-static void sp_256_mont_sub_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
-{
- __asm__ __volatile__ (
- "ldp x8, x9, [%[b]]\n\t"
- "ldp x10, x11, [%[b],16]\n\t"
- "adds x8, x8, x8\n\t"
- "ldp x4, x5, [%[a]]\n\t"
- "adcs x9, x9, x9\n\t"
- "ldp x6, x7, [%[a],16]\n\t"
- "adcs x10, x10, x10\n\t"
- "adcs x11, x11, x11\n\t"
- "mov x13, 0xffffffff00000001\n\t"
- "csetm x14, cs\n\t"
- "subs x8, x8, x14\n\t"
- "lsr x12, x14, 32\n\t"
- "sbcs x9, x9, x12\n\t"
- "and x13, x13, x14\n\t"
- "sbcs x10, x10, xzr\n\t"
- "sbc x11, x11, x13\n\t"
- "subs x4, x4, x8\n\t"
- "sbcs x5, x5, x9\n\t"
- "sbcs x6, x6, x10\n\t"
- "sbcs x7, x7, x11\n\t"
- "mov x13, 0xffffffff00000001\n\t"
- "csetm x14, cc\n\t"
- "adds x4, x4, x14\n\t"
- "lsr x12, x14, 32\n\t"
- "adcs x5, x5, x12\n\t"
- "and x13, x13, x14\n\t"
- "adcs x6, x6, xzr\n\t"
- "stp x4, x5, [%[r],0]\n\t"
- "adc x7, x7, x13\n\t"
- "stp x6, x7, [%[r],16]\n\t"
- :
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
- );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r Result of subtration.
- * a Number to subtract from in Montgomery form.
- * b Number to subtract with in Montgomery form.
- * m Modulus (prime).
- */
-static void sp_256_mont_dbl_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
-{
- __asm__ __volatile__ (
- "ldp x4, x5, [%[a], 0]\n\t"
- "ldp x8, x9, [%[b], 0]\n\t"
- "subs x4, x4, x8\n\t"
- "ldp x6, x7, [%[a], 16]\n\t"
- "sbcs x5, x5, x9\n\t"
- "ldp x10, x11, [%[b], 16]\n\t"
- "sbcs x6, x6, x10\n\t"
- "sbcs x7, x7, x11\n\t"
- "mov x13, 0xffffffff00000001\n\t"
- "csetm x14, cc\n\t"
- "adds x4, x4, x14\n\t"
- "lsr x12, x14, 32\n\t"
- "adcs x5, x5, x12\n\t"
- "and x13, x13, x14\n\t"
- "adcs x6, x6, xzr\n\t"
- "adc x7, x7, x13\n\t"
- "adds x4, x4, x4\n\t"
- "adcs x5, x5, x5\n\t"
- "adcs x6, x6, x6\n\t"
- "adcs x7, x7, x7\n\t"
- "mov x13, 0xffffffff00000001\n\t"
- "csetm x14, cs\n\t"
- "subs x4, x4, x14\n\t"
- "lsr x12, x14, 32\n\t"
- "sbcs x5, x5, x12\n\t"
- "and x13, x13, x14\n\t"
- "sbcs x6, x6, xzr\n\t"
- "stp x4, x5, [%[r],0]\n\t"
- "sbc x7, x7, x13\n\t"
- "stp x6, x7, [%[r],16]\n\t"
- :
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
- );
-}
-
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -23768,15 +23617,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+ sp_256_mont_tpl_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
/* X = A^2 - 2B */
sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -23796,15 +23645,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+ sp_256_mont_tpl_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
/* X = A^2 - 2B */
sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -23814,7 +23663,7 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
sp_256_mont_sub_4(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_4(y, y, p256_mod);
+ sp_256_mont_div2_4(y, y, p256_mod);
}
/* Compare two numbers to determine if they are equal.
@@ -23852,12 +23701,12 @@ static int sp_256_iszero_4(const sp_digit* a)
static void sp_256_proj_point_add_4(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*4;
- sp_digit* t3 = t + 4*4;
- sp_digit* t4 = t + 6*4;
- sp_digit* t5 = t + 8*4;
- sp_digit* t6 = t + 10*4;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*4;
+ sp_digit* t2 = t + 4*4;
+ sp_digit* t3 = t + 6*4;
+ sp_digit* t4 = t + 8*4;
+ sp_digit* t5 = t + 10*4;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
@@ -23879,17 +23728,9 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
sp_256_proj_point_dbl_4(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_4(t2, t2, t1, p256_mod);
@@ -23905,22 +23746,75 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
sp_256_mont_sqr_4(x, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(x, x, t5, p256_mod);
sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, y, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
sp_256_mont_mul_4(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(y, y, t5, p256_mod);
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
- }
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
+{
+ __asm__ __volatile__ (
+ "ldrsw x10, [%[p], #192]\n\t"
+ "ldrsw x11, [%[q], #192]\n\t"
+ "ldp x12, x13, [%[x], #0]\n\t"
+ "ldp x14, x15, [%[x], #16]\n\t"
+ "ldp x16, x17, [%[y], #0]\n\t"
+ "ldp x19, x20, [%[y], #16]\n\t"
+ "ldp x21, x22, [%[z], #0]\n\t"
+ "ldp x23, x24, [%[z], #16]\n\t"
+ "bics xzr, x11, x10\n\t"
+ "ldp x25, x26, [%[p], #0]\n\t"
+ "ldp x27, x28, [%[p], #16]\n\t"
+ "csel x12, x12, x25, eq\n\t"
+ "csel x13, x13, x26, eq\n\t"
+ "csel x14, x14, x27, eq\n\t"
+ "csel x15, x15, x28, eq\n\t"
+ "ldp x25, x26, [%[p], #64]\n\t"
+ "ldp x27, x28, [%[p], #80]\n\t"
+ "csel x16, x16, x25, eq\n\t"
+ "csel x17, x17, x26, eq\n\t"
+ "csel x19, x19, x27, eq\n\t"
+ "csel x20, x20, x28, eq\n\t"
+ "ldp x25, x26, [%[p], #128]\n\t"
+ "ldp x27, x28, [%[p], #144]\n\t"
+ "csel x21, x21, x25, eq\n\t"
+ "csel x22, x22, x26, eq\n\t"
+ "csel x23, x23, x27, eq\n\t"
+ "csel x24, x24, x28, eq\n\t"
+ "bics xzr, x10, x11\n\t"
+ "and x10, x10, x11\n\t"
+ "ldp x25, x26, [%[q], #0]\n\t"
+ "ldp x27, x28, [%[q], #16]\n\t"
+ "csel x12, x12, x25, eq\n\t"
+ "csel x13, x13, x26, eq\n\t"
+ "csel x14, x14, x27, eq\n\t"
+ "csel x15, x15, x28, eq\n\t"
+ "ldp x25, x26, [%[q], #64]\n\t"
+ "ldp x27, x28, [%[q], #80]\n\t"
+ "csel x16, x16, x25, eq\n\t"
+ "csel x17, x17, x26, eq\n\t"
+ "csel x19, x19, x27, eq\n\t"
+ "csel x20, x20, x28, eq\n\t"
+ "ldp x25, x26, [%[q], #128]\n\t"
+ "ldp x27, x28, [%[q], #144]\n\t"
+ "csel x21, x21, x25, eq\n\t"
+ "csel x22, x22, x26, eq\n\t"
+ "csel x23, x23, x27, eq\n\t"
+ "csel x24, x24, x28, eq\n\t"
+ "orr x21, x21, x10\n\t"
+ "stp x12, x13, [%[r], #0]\n\t"
+ "stp x14, x15, [%[r], #16]\n\t"
+ "stp x16, x17, [%[r], #64]\n\t"
+ "stp x19, x20, [%[r], #80]\n\t"
+ "stp x21, x22, [%[r], #128]\n\t"
+ "stp x23, x24, [%[r], #144]\n\t"
+ "str w10, [%[r], #192]\n\t"
+ :
+ : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (x),
+ [y] "r" (y), [z] "r" (z)
+ : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
+ "cc"
+ );
+}
}
}
@@ -23966,12 +23860,12 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*4;
- ctx->t3 = t + 4*4;
- ctx->t4 = t + 6*4;
- ctx->t5 = t + 8*4;
- ctx->t6 = t + 10*4;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*4;
+ ctx->t2 = t + 4*4;
+ ctx->t3 = t + 6*4;
+ ctx->t4 = t + 8*4;
+ ctx->t5 = t + 10*4;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -24072,12 +23966,11 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
ctx->state = 20;
break;
case 20:
- sp_256_mont_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
+ /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
+ sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 21;
break;
case 21:
- /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -24090,22 +23983,71 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
- }
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
+{
+ __asm__ __volatile__ (
+ "ldrsw x10, [%[p], #192]\n\t"
+ "ldrsw x11, [%[q], #192]\n\t"
+ "ldp x12, x13, [%[x], #0]\n\t"
+ "ldp x14, x15, [%[x], #16]\n\t"
+ "ldp x16, x17, [%[y], #0]\n\t"
+ "ldp x19, x20, [%[y], #16]\n\t"
+ "ldp x21, x22, [%[z], #0]\n\t"
+ "ldp x23, x24, [%[z], #16]\n\t"
+ "bics xzr, x11, x10\n\t"
+ "ldp x25, x26, [%[p], #0]\n\t"
+ "ldp x27, x28, [%[p], #16]\n\t"
+ "csel x12, x12, x25, eq\n\t"
+ "csel x13, x13, x26, eq\n\t"
+ "csel x14, x14, x27, eq\n\t"
+ "csel x15, x15, x28, eq\n\t"
+ "ldp x25, x26, [%[p], #64]\n\t"
+ "ldp x27, x28, [%[p], #80]\n\t"
+ "csel x16, x16, x25, eq\n\t"
+ "csel x17, x17, x26, eq\n\t"
+ "csel x19, x19, x27, eq\n\t"
+ "csel x20, x20, x28, eq\n\t"
+ "ldp x25, x26, [%[p], #128]\n\t"
+ "ldp x27, x28, [%[p], #144]\n\t"
+ "csel x21, x21, x25, eq\n\t"
+ "csel x22, x22, x26, eq\n\t"
+ "csel x23, x23, x27, eq\n\t"
+ "csel x24, x24, x28, eq\n\t"
+ "bics xzr, x10, x11\n\t"
+ "and x10, x10, x11\n\t"
+ "ldp x25, x26, [%[q], #0]\n\t"
+ "ldp x27, x28, [%[q], #16]\n\t"
+ "csel x12, x12, x25, eq\n\t"
+ "csel x13, x13, x26, eq\n\t"
+ "csel x14, x14, x27, eq\n\t"
+ "csel x15, x15, x28, eq\n\t"
+ "ldp x25, x26, [%[q], #64]\n\t"
+ "ldp x27, x28, [%[q], #80]\n\t"
+ "csel x16, x16, x25, eq\n\t"
+ "csel x17, x17, x26, eq\n\t"
+ "csel x19, x19, x27, eq\n\t"
+ "csel x20, x20, x28, eq\n\t"
+ "ldp x25, x26, [%[q], #128]\n\t"
+ "ldp x27, x28, [%[q], #144]\n\t"
+ "csel x21, x21, x25, eq\n\t"
+ "csel x22, x22, x26, eq\n\t"
+ "csel x23, x23, x27, eq\n\t"
+ "csel x24, x24, x28, eq\n\t"
+ "orr x21, x21, x10\n\t"
+ "stp x12, x13, [%[r], #0]\n\t"
+ "stp x14, x15, [%[r], #16]\n\t"
+ "stp x16, x17, [%[r], #64]\n\t"
+ "stp x19, x20, [%[r], #80]\n\t"
+ "stp x21, x22, [%[r], #128]\n\t"
+ "stp x23, x24, [%[r], #144]\n\t"
+ "str w10, [%[r], #192]\n\t"
+ :
+ : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (ctx->x),
+ [y] "r" (ctx->y), [z] "r" (ctx->z)
+ : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
+ "cc"
+ );
+}
ctx->state = 25;
break;
}
@@ -24163,16 +24105,16 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+ sp_256_mont_tpl_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
x = r[j].x;
/* X = A^2 - 2B */
sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_4(r[j].z, z, y, p256_mod, p256_mp_mod);
z = r[j].z;
@@ -24186,7 +24128,7 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(y, y, t1, p256_mod);
/* Y = Y/2 */
- sp_256_div2_4(r[j].y, y, p256_mod);
+ sp_256_mont_div2_4(r[j].y, y, p256_mod);
r[j].infinity = 0;
}
}
@@ -24237,10 +24179,8 @@ static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
/* H = U2 - U1 */
sp_256_mont_sub_4(t2, t2, t1, p256_mod);
- /* RS = S2 + S1 */
- sp_256_mont_add_4(t6, t4, t3, p256_mod);
- /* R = S2 - S1 */
- sp_256_mont_sub_4(t4, t4, t3, p256_mod);
+ /* RS/R = S2 +/ S1 */
+ sp_256_mont_add_sub_4(t6, t4, t4, t3, p256_mod);
/* Z3 = H*Z1*Z2 */
/* ZS = H*Z1*Z2 */
sp_256_mont_mul_4(za, za, q->z, p256_mod, p256_mp_mod);
@@ -24260,8 +24200,8 @@ static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
sp_256_mont_sub_4(xs, xs, t1, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_256_mont_sub_lower_4(ys, ya, xs, p256_mod);
- sp_256_mont_sub_lower_4(ya, ya, xa, p256_mod);
+ sp_256_mont_sub_4(ys, ya, xs, p256_mod);
+ sp_256_mont_sub_4(ya, ya, xa, p256_mod);
sp_256_mont_mul_4(ya, ya, t4, p256_mod, p256_mp_mod);
sp_256_sub_4(t6, p256_mod, t6);
sp_256_mont_mul_4(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -24345,42 +24285,69 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
-static void sp_256_get_point_33_4(sp_point_256* r, const sp_point_256* table,
- int idx)
+SP_NOINLINE static void sp_256_get_point_33_4(sp_point_256* r,
+ const sp_point_256* table, int idx)
{
- int i;
- sp_digit mask;
-
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->z[0] = 0;
- r->z[1] = 0;
- r->z[2] = 0;
- r->z[3] = 0;
- for (i = 1; i < 33; i++) {
- mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->z[0] |= mask & table[i].z[0];
- r->z[1] |= mask & table[i].z[1];
- r->z[2] |= mask & table[i].z[2];
- r->z[3] |= mask & table[i].z[3];
- }
+ __asm__ __volatile__ (
+ "mov w30, #1\n\t"
+ "add %[table], %[table], #200\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x15, x16, [%[table], #0]\n\t"
+ "ldp x17, x19, [%[table], #16]\n\t"
+ "csel x3, xzr, x15, ne\n\t"
+ "csel x4, xzr, x16, ne\n\t"
+ "csel x5, xzr, x17, ne\n\t"
+ "csel x6, xzr, x19, ne\n\t"
+ "ldp x15, x16, [%[table], #64]\n\t"
+ "ldp x17, x19, [%[table], #80]\n\t"
+ "csel x7, xzr, x15, ne\n\t"
+ "csel x8, xzr, x16, ne\n\t"
+ "csel x9, xzr, x17, ne\n\t"
+ "csel x10, xzr, x19, ne\n\t"
+ "ldp x15, x16, [%[table], #128]\n\t"
+ "ldp x17, x19, [%[table], #144]\n\t"
+ "csel x11, xzr, x15, ne\n\t"
+ "csel x12, xzr, x16, ne\n\t"
+ "csel x13, xzr, x17, ne\n\t"
+ "csel x14, xzr, x19, ne\n\t"
+ "1:\n\t"
+ "add %[table], %[table], #200\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x15, x16, [%[table], #0]\n\t"
+ "ldp x17, x19, [%[table], #16]\n\t"
+ "csel x3, x3, x15, ne\n\t"
+ "csel x4, x4, x16, ne\n\t"
+ "csel x5, x5, x17, ne\n\t"
+ "csel x6, x6, x19, ne\n\t"
+ "ldp x15, x16, [%[table], #64]\n\t"
+ "ldp x17, x19, [%[table], #80]\n\t"
+ "csel x7, x7, x15, ne\n\t"
+ "csel x8, x8, x16, ne\n\t"
+ "csel x9, x9, x17, ne\n\t"
+ "csel x10, x10, x19, ne\n\t"
+ "ldp x15, x16, [%[table], #128]\n\t"
+ "ldp x17, x19, [%[table], #144]\n\t"
+ "csel x11, x11, x15, ne\n\t"
+ "csel x12, x12, x16, ne\n\t"
+ "csel x13, x13, x17, ne\n\t"
+ "csel x14, x14, x19, ne\n\t"
+ "cmp w30, #33\n\t"
+ "b.ne 1b\n\t"
+ "stp x3, x4, [%[r], #0]\n\t"
+ "stp x5, x6, [%[r], #16]\n\t"
+ "stp x7, x8, [%[r], #64]\n\t"
+ "stp x9, x10, [%[r], #80]\n\t"
+ "stp x11, x12, [%[r], #128]\n\t"
+ "stp x13, x14, [%[r], #144]\n\t"
+ : [table] "+r" (table)
+ : [r] "r" (r), [idx] "r" (idx)
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+ );
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -24423,7 +24390,7 @@ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
+ t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -24528,15 +24495,12 @@ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256*
return err;
}
-#ifndef WC_NO_CACHE_RESISTANT
/* A table entry for pre-computed points. */
typedef struct sp_table_entry_256 {
sp_digit x[4];
sp_digit y[4];
} sp_table_entry_256;
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
/* Add two Montgomery form projective points. The second point has a q value of
* one.
* Only the first point can be the same pointer as the result point.
@@ -24549,12 +24513,11 @@ typedef struct sp_table_entry_256 {
static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*4;
- sp_digit* t3 = t + 4*4;
- sp_digit* t4 = t + 6*4;
- sp_digit* t5 = t + 8*4;
- sp_digit* t6 = t + 10*4;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*4;
+ sp_digit* t6 = t + 4*4;
+ sp_digit* t1 = t + 6*4;
+ sp_digit* t4 = t + 8*4;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -24570,13 +24533,9 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
sp_256_proj_point_dbl_4(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_4(t2, t2, p->x, p256_mod);
@@ -24585,35 +24544,87 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_4(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_4(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_4(x, t1, t5, p256_mod);
- sp_256_mont_sub_dbl_4(x, x, t3, p256_mod);
+ sp_256_mont_sqr_4(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_4(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_4(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_4(t2, t2, t1, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, t2, t3, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_4(t3, t3, x, p256_mod);
sp_256_mont_mul_4(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_4(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_4(y, t3, t5, p256_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
- }
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
+ sp_256_mont_mul_4(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_4(y, t3, t1, p256_mod);
+{
+ __asm__ __volatile__ (
+ "ldrsw x10, [%[p], #192]\n\t"
+ "ldrsw x11, [%[q], #192]\n\t"
+ "ldp x12, x13, [%[x], #0]\n\t"
+ "ldp x14, x15, [%[x], #16]\n\t"
+ "ldp x16, x17, [%[y], #0]\n\t"
+ "ldp x19, x20, [%[y], #16]\n\t"
+ "ldp x21, x22, [%[z], #0]\n\t"
+ "ldp x23, x24, [%[z], #16]\n\t"
+ "bics xzr, x11, x10\n\t"
+ "ldp x25, x26, [%[p], #0]\n\t"
+ "ldp x27, x28, [%[p], #16]\n\t"
+ "csel x12, x12, x25, eq\n\t"
+ "csel x13, x13, x26, eq\n\t"
+ "csel x14, x14, x27, eq\n\t"
+ "csel x15, x15, x28, eq\n\t"
+ "ldp x25, x26, [%[p], #64]\n\t"
+ "ldp x27, x28, [%[p], #80]\n\t"
+ "csel x16, x16, x25, eq\n\t"
+ "csel x17, x17, x26, eq\n\t"
+ "csel x19, x19, x27, eq\n\t"
+ "csel x20, x20, x28, eq\n\t"
+ "ldp x25, x26, [%[p], #128]\n\t"
+ "ldp x27, x28, [%[p], #144]\n\t"
+ "csel x21, x21, x25, eq\n\t"
+ "csel x22, x22, x26, eq\n\t"
+ "csel x23, x23, x27, eq\n\t"
+ "csel x24, x24, x28, eq\n\t"
+ "bics xzr, x10, x11\n\t"
+ "and x10, x10, x11\n\t"
+ "ldp x25, x26, [%[q], #0]\n\t"
+ "ldp x27, x28, [%[q], #16]\n\t"
+ "csel x12, x12, x25, eq\n\t"
+ "csel x13, x13, x26, eq\n\t"
+ "csel x14, x14, x27, eq\n\t"
+ "csel x15, x15, x28, eq\n\t"
+ "ldp x25, x26, [%[q], #64]\n\t"
+ "ldp x27, x28, [%[q], #80]\n\t"
+ "csel x16, x16, x25, eq\n\t"
+ "csel x17, x17, x26, eq\n\t"
+ "csel x19, x19, x27, eq\n\t"
+ "csel x20, x20, x28, eq\n\t"
+ "ldp x25, x26, [%[q], #128]\n\t"
+ "ldp x27, x28, [%[q], #144]\n\t"
+ "csel x21, x21, x25, eq\n\t"
+ "csel x22, x22, x26, eq\n\t"
+ "csel x23, x23, x27, eq\n\t"
+ "csel x24, x24, x28, eq\n\t"
+ "orr x21, x21, x10\n\t"
+ "stp x12, x13, [%[r], #0]\n\t"
+ "stp x14, x15, [%[r], #16]\n\t"
+ "stp x16, x17, [%[r], #64]\n\t"
+ "stp x19, x20, [%[r], #80]\n\t"
+ "stp x21, x22, [%[r], #128]\n\t"
+ "stp x23, x24, [%[r], #144]\n\t"
+ "str w10, [%[r], #192]\n\t"
+ :
+ : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (x),
+ [y] "r" (y), [z] "r" (z)
+ : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
+ "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
+ "cc"
+ );
+}
}
}
+#ifndef WC_NO_CACHE_RESISTANT
+#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
+#endif /* FP_ECC | WOLFSSL_SP_SMALL */
#ifdef FP_ECC
/* Convert the projective point to affine.
* Ordinates are in Montgomery form.
@@ -24733,34 +24744,55 @@ static int sp_256_gen_stripe_table_4(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
-static void sp_256_get_entry_64_4(sp_point_256* r,
+SP_NOINLINE static void sp_256_get_entry_64_4(sp_point_256* r,
const sp_table_entry_256* table, int idx)
{
- int i;
- sp_digit mask;
-
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- for (i = 1; i < 64; i++) {
- mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- }
+ __asm__ __volatile__ (
+ "mov w30, #1\n\t"
+ "add %[table], %[table], #64\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x11, x12, [%[table], #0]\n\t"
+ "ldp x13, x14, [%[table], #16]\n\t"
+ "ldp x15, x16, [%[table], #32]\n\t"
+ "ldp x17, x19, [%[table], #48]\n\t"
+ "csel x3, xzr, x11, ne\n\t"
+ "csel x4, xzr, x12, ne\n\t"
+ "csel x5, xzr, x13, ne\n\t"
+ "csel x6, xzr, x14, ne\n\t"
+ "csel x7, xzr, x15, ne\n\t"
+ "csel x8, xzr, x16, ne\n\t"
+ "csel x9, xzr, x17, ne\n\t"
+ "csel x10, xzr, x19, ne\n\t"
+ "1:\n\t"
+ "add %[table], %[table], #64\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x11, x12, [%[table], #0]\n\t"
+ "ldp x13, x14, [%[table], #16]\n\t"
+ "ldp x15, x16, [%[table], #32]\n\t"
+ "ldp x17, x19, [%[table], #48]\n\t"
+ "csel x3, x3, x11, ne\n\t"
+ "csel x4, x4, x12, ne\n\t"
+ "csel x5, x5, x13, ne\n\t"
+ "csel x6, x6, x14, ne\n\t"
+ "csel x7, x7, x15, ne\n\t"
+ "csel x8, x8, x16, ne\n\t"
+ "csel x9, x9, x17, ne\n\t"
+ "csel x10, x10, x19, ne\n\t"
+ "cmp w30, #64\n\t"
+ "b.ne 1b\n\t"
+ "stp x3, x4, [%[r], #0]\n\t"
+ "stp x5, x6, [%[r], #16]\n\t"
+ "stp x7, x8, [%[r], #64]\n\t"
+ "stp x9, x10, [%[r], #80]\n\t"
+ : [table] "+r" (table)
+ : [r] "r" (r), [idx] "r" (idx)
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+ );
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -24788,7 +24820,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
sp_digit* t = NULL;
#else
sp_point_256 rt[2];
- sp_digit t[2 * 4 * 6];
+ sp_digit t[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
int i;
@@ -24809,7 +24841,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -24913,7 +24945,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -24984,8 +25016,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
@@ -24993,13 +25025,13 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
#ifdef WOLFSSL_SP_SMALL_STACK
sp_digit* tmp;
#else
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_cache_256_t* cache;
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
if (tmp == NULL) {
err = MEMORY_E;
}
@@ -25141,34 +25173,55 @@ static int sp_256_gen_stripe_table_4(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
-static void sp_256_get_entry_256_4(sp_point_256* r,
+SP_NOINLINE static void sp_256_get_entry_256_4(sp_point_256* r,
const sp_table_entry_256* table, int idx)
{
- int i;
- sp_digit mask;
-
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- for (i = 1; i < 256; i++) {
- mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- }
+ __asm__ __volatile__ (
+ "mov w30, #1\n\t"
+ "add %[table], %[table], #64\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x11, x12, [%[table], #0]\n\t"
+ "ldp x13, x14, [%[table], #16]\n\t"
+ "ldp x15, x16, [%[table], #32]\n\t"
+ "ldp x17, x19, [%[table], #48]\n\t"
+ "csel x3, xzr, x11, ne\n\t"
+ "csel x4, xzr, x12, ne\n\t"
+ "csel x5, xzr, x13, ne\n\t"
+ "csel x6, xzr, x14, ne\n\t"
+ "csel x7, xzr, x15, ne\n\t"
+ "csel x8, xzr, x16, ne\n\t"
+ "csel x9, xzr, x17, ne\n\t"
+ "csel x10, xzr, x19, ne\n\t"
+ "1:\n\t"
+ "add %[table], %[table], #64\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x11, x12, [%[table], #0]\n\t"
+ "ldp x13, x14, [%[table], #16]\n\t"
+ "ldp x15, x16, [%[table], #32]\n\t"
+ "ldp x17, x19, [%[table], #48]\n\t"
+ "csel x3, x3, x11, ne\n\t"
+ "csel x4, x4, x12, ne\n\t"
+ "csel x5, x5, x13, ne\n\t"
+ "csel x6, x6, x14, ne\n\t"
+ "csel x7, x7, x15, ne\n\t"
+ "csel x8, x8, x16, ne\n\t"
+ "csel x9, x9, x17, ne\n\t"
+ "csel x10, x10, x19, ne\n\t"
+ "cmp w30, #256\n\t"
+ "b.ne 1b\n\t"
+ "stp x3, x4, [%[r], #0]\n\t"
+ "stp x5, x6, [%[r], #16]\n\t"
+ "stp x7, x8, [%[r], #64]\n\t"
+ "stp x9, x10, [%[r], #80]\n\t"
+ : [table] "+r" (table)
+ : [r] "r" (r), [idx] "r" (idx)
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+ );
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -25196,7 +25249,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
sp_digit* t = NULL;
#else
sp_point_256 rt[2];
- sp_digit t[2 * 4 * 6];
+ sp_digit t[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
int i;
@@ -25217,7 +25270,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -25321,7 +25374,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -25392,8 +25445,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
@@ -25401,13 +25454,13 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
#ifdef WOLFSSL_SP_SMALL_STACK
sp_digit* tmp;
#else
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_cache_256_t* cache;
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
if (tmp == NULL) {
err = MEMORY_E;
}
@@ -25510,7 +25563,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -25521,7 +25574,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -27319,34 +27372,55 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v)
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
-static void sp_256_get_entry_65_4(sp_point_256* r,
+SP_NOINLINE static void sp_256_get_entry_65_4(sp_point_256* r,
const sp_table_entry_256* table, int idx)
{
- int i;
- sp_digit mask;
-
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- for (i = 1; i < 65; i++) {
- mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- }
+ __asm__ __volatile__ (
+ "mov w30, #1\n\t"
+ "add %[table], %[table], #64\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x11, x12, [%[table], #0]\n\t"
+ "ldp x13, x14, [%[table], #16]\n\t"
+ "ldp x15, x16, [%[table], #32]\n\t"
+ "ldp x17, x19, [%[table], #48]\n\t"
+ "csel x3, xzr, x11, ne\n\t"
+ "csel x4, xzr, x12, ne\n\t"
+ "csel x5, xzr, x13, ne\n\t"
+ "csel x6, xzr, x14, ne\n\t"
+ "csel x7, xzr, x15, ne\n\t"
+ "csel x8, xzr, x16, ne\n\t"
+ "csel x9, xzr, x17, ne\n\t"
+ "csel x10, xzr, x19, ne\n\t"
+ "1:\n\t"
+ "add %[table], %[table], #64\n\t"
+ "cmp %w[idx], w30\n\t"
+ "add w30, w30, #1\n\t"
+ "ldp x11, x12, [%[table], #0]\n\t"
+ "ldp x13, x14, [%[table], #16]\n\t"
+ "ldp x15, x16, [%[table], #32]\n\t"
+ "ldp x17, x19, [%[table], #48]\n\t"
+ "csel x3, x3, x11, ne\n\t"
+ "csel x4, x4, x12, ne\n\t"
+ "csel x5, x5, x13, ne\n\t"
+ "csel x6, x6, x14, ne\n\t"
+ "csel x7, x7, x15, ne\n\t"
+ "csel x8, x8, x16, ne\n\t"
+ "csel x9, x9, x17, ne\n\t"
+ "csel x10, x10, x19, ne\n\t"
+ "cmp w30, #65\n\t"
+ "b.ne 1b\n\t"
+ "stp x3, x4, [%[r], #0]\n\t"
+ "stp x5, x6, [%[r], #16]\n\t"
+ "stp x7, x8, [%[r], #64]\n\t"
+ "stp x9, x10, [%[r], #80]\n\t"
+ : [table] "+r" (table)
+ : [r] "r" (r), [idx] "r" (idx)
+ : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+ );
}
#endif /* !WC_NO_CACHE_RESISTANT */
static const sp_table_entry_256 p256_table[2405] = {
@@ -39328,7 +39402,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
sp_digit* tmp = NULL;
#else
sp_point_256 rt[2];
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
sp_digit* negy = NULL;
@@ -39347,7 +39421,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (tmp == NULL)
err = MEMORY_E;
@@ -39406,7 +39480,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
if (tmp != NULL)
#endif
{
- ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 6);
+ ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 5);
#ifdef WOLFSSL_SP_SMALL_STACK
XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
#endif
@@ -39493,7 +39567,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -39515,7 +39589,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -39611,7 +39685,7 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -39758,7 +39832,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -39766,7 +39840,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -40110,7 +40184,7 @@ static void sp_256_mul_d_4(sp_digit* r, const sp_digit* a,
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -40200,8 +40274,8 @@ static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[8], t2[5];
sp_digit div, r1;
@@ -40254,10 +40328,216 @@ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit
* a First operand of the multiplication.
* b Second operand of the multiplication.
*/
-static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
+SP_NOINLINE static void sp_256_mont_mul_order_4(sp_digit* r,
+ const sp_digit* a, const sp_digit* b)
{
- sp_256_mul_4(r, a, b);
- sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order);
+ __asm__ __volatile__ (
+ "ldp x13, x14, [%[a], 0]\n\t"
+ "ldp x15, x16, [%[a], 16]\n\t"
+ "ldp x17, x19, [%[b], 0]\n\t"
+ "ldp x20, x21, [%[b], 16]\n\t"
+ "# A[0] * B[0]\n\t"
+ "umulh x6, x13, x17\n\t"
+ "mul x5, x13, x17\n\t"
+ "# A[2] * B[0]\n\t"
+ "umulh x8, x15, x17\n\t"
+ "mul x7, x15, x17\n\t"
+ "# A[1] * B[0]\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x7, x7, x4\n\t"
+ "adc x8, x8, xzr\n\t"
+ "# A[0] * B[2]\n\t"
+ "mul x3, x13, x20\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x13, x20\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# A[1] * B[3]\n\t"
+ "mul x9, x14, x21\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "umulh x10, x14, x21\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# A[0] * B[1]\n\t"
+ "mul x3, x13, x19\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x13, x19\n\t"
+ "adcs x7, x7, x4\n\t"
+ "# A[2] * B[1]\n\t"
+ "mul x3, x15, x19\n\t"
+ "adcs x8, x8, x3\n\t"
+ "umulh x4, x15, x19\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# A[1] * B[2]\n\t"
+ "mul x3, x14, x20\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x20\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x10, x10, xzr\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[1] * B[1]\n\t"
+ "mul x3, x14, x19\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x14, x19\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# A[3] * B[1]\n\t"
+ "mul x3, x16, x19\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x4, x16, x19\n\t"
+ "adcs x10, x10, x4\n\t"
+ "adc x11, x11, xzr\n\t"
+ "# A[2] * B[2]\n\t"
+ "mul x3, x15, x20\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x15, x20\n\t"
+ "adcs x10, x10, x4\n\t"
+ "# A[3] * B[3]\n\t"
+ "mul x3, x16, x21\n\t"
+ "adcs x11, x11, x3\n\t"
+ "umulh x12, x16, x21\n\t"
+ "adc x12, x12, xzr\n\t"
+ "# A[0] * B[3]\n\t"
+ "mul x3, x13, x21\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x13, x21\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# A[2] * B[3]\n\t"
+ "mul x3, x15, x21\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x15, x21\n\t"
+ "adcs x11, x11, x4\n\t"
+ "adc x12, x12, xzr\n\t"
+ "# A[3] * B[0]\n\t"
+ "mul x3, x16, x17\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# A[3] * B[2]\n\t"
+ "mul x3, x16, x20\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x16, x20\n\t"
+ "adcs x11, x11, x4\n\t"
+ "adc x12, x12, xzr\n\t"
+ "ldp x13, x14, [%[m], 0]\n\t"
+ "mov x15, 0xffffffffffffffff\n\t"
+ "mov x16, 0xffffffff00000000\n\t"
+ "# mu = a[0] * mp\n\t"
+ "mul x17, %[mp], x5\n\t"
+ "# a[0+0] += m[0] * mu\n\t"
+ "mul x3, x13, x17\n\t"
+ "adds x5, x5, x3\n\t"
+ "umulh x4, x13, x17\n\t"
+ "adcs x6, x6, x4\n\t"
+ "# a[0+2] += m[2] * mu\n\t"
+ "mul x3, x15, x17\n\t"
+ "adcs x7, x7, x3\n\t"
+ "umulh x4, x15, x17\n\t"
+ "adcs x8, x8, x4\n\t"
+ "adcs x9, x9, xzr\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "# a[0+1] += m[1] * mu\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x7, x7, x4\n\t"
+ "# a[0+3] += m[3] * mu\n\t"
+ "mul x3, x16, x17\n\t"
+ "adcs x8, x8, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# mu = a[1] * mp\n\t"
+ "mul x17, %[mp], x6\n\t"
+ "adc x19, x19, xzr\n\t"
+ "# a[1+0] += m[0] * mu\n\t"
+ "mul x3, x13, x17\n\t"
+ "adds x6, x6, x3\n\t"
+ "umulh x4, x13, x17\n\t"
+ "adcs x7, x7, x4\n\t"
+ "# a[1+2] += m[2] * mu\n\t"
+ "mul x3, x15, x17\n\t"
+ "adcs x8, x8, x3\n\t"
+ "umulh x4, x15, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "adcs x10, x10, x19\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "# a[1+1] += m[1] * mu\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# a[1+3] += m[3] * mu\n\t"
+ "mul x3, x16, x17\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x10, x10, x4\n\t"
+ "# mu = a[2] * mp\n\t"
+ "mul x17, %[mp], x7\n\t"
+ "adc x19, x19, xzr\n\t"
+ "# a[2+0] += m[0] * mu\n\t"
+ "mul x3, x13, x17\n\t"
+ "adds x7, x7, x3\n\t"
+ "umulh x4, x13, x17\n\t"
+ "adcs x8, x8, x4\n\t"
+ "# a[2+2] += m[2] * mu\n\t"
+ "mul x3, x15, x17\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x4, x15, x17\n\t"
+ "adcs x10, x10, x4\n\t"
+ "adcs x11, x11, x19\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "# a[2+1] += m[1] * mu\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# a[2+3] += m[3] * mu\n\t"
+ "mul x3, x16, x17\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x11, x11, x4\n\t"
+ "# mu = a[3] * mp\n\t"
+ "mul x17, %[mp], x8\n\t"
+ "adc x19, x19, xzr\n\t"
+ "# a[3+0] += m[0] * mu\n\t"
+ "mul x3, x13, x17\n\t"
+ "adds x8, x8, x3\n\t"
+ "umulh x4, x13, x17\n\t"
+ "adcs x9, x9, x4\n\t"
+ "# a[3+2] += m[2] * mu\n\t"
+ "mul x3, x15, x17\n\t"
+ "adcs x10, x10, x3\n\t"
+ "umulh x4, x15, x17\n\t"
+ "adcs x11, x11, x4\n\t"
+ "adcs x12, x12, x19\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "# a[3+1] += m[1] * mu\n\t"
+ "mul x3, x14, x17\n\t"
+ "adds x9, x9, x3\n\t"
+ "umulh x4, x14, x17\n\t"
+ "adcs x10, x10, x4\n\t"
+ "# a[3+3] += m[3] * mu\n\t"
+ "mul x3, x16, x17\n\t"
+ "adcs x11, x11, x3\n\t"
+ "umulh x4, x16, x17\n\t"
+ "adcs x12, x12, x4\n\t"
+ "# x15 == -1\n\t"
+ "adcs x19, x19, x15\n\t"
+ "csel x13, x13, xzr, cs\n\t"
+ "csel x14, x14, xzr, cs\n\t"
+ "csel x15, x15, xzr, cs\n\t"
+ "csel x16, x16, xzr, cs\n\t"
+ "subs x9, x9, x13\n\t"
+ "sbcs x10, x10, x14\n\t"
+ "sbcs x11, x11, x15\n\t"
+ "stp x9, x10, [%[r], 0]\n\t"
+ "sbc x12, x12, x16\n\t"
+ "stp x11, x12, [%[r], 16]\n\t"
+ :
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (p256_order),
+ [mp] "r" (p256_mp_order)
+ : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
+ );
}
#if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
@@ -40267,11 +40547,6 @@ static const uint64_t p256_order_minus_2[4] = {
0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU,
0xffffffff00000000U
};
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[2] = {
- 0xf3b9cac2fc63254fU,0xbce6faada7179e84U
-};
#endif /* WOLFSSL_SP_SMALL */
/* Square number mod the order of P256 curve. (r = a * a mod order)
@@ -40279,10 +40554,184 @@ static const sp_int_digit p256_order_low[2] = {
* r Result of the squaring.
* a Number to square.
*/
-static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a)
+SP_NOINLINE static void sp_256_mont_sqr_order_4(sp_digit* r,
+ const sp_digit* a)
{
- sp_256_sqr_4(r, a);
- sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order);
+ __asm__ __volatile__ (
+ "ldp x12, x13, [%[a], 0]\n\t"
+ "ldp x14, x15, [%[a], 16]\n\t"
+ "# A[0] * A[1]\n\t"
+ "umulh x6, x12, x13\n\t"
+ "mul x5, x12, x13\n\t"
+ "# A[0] * A[3]\n\t"
+ "umulh x8, x12, x15\n\t"
+ "mul x7, x12, x15\n\t"
+ "# A[0] * A[2]\n\t"
+ "mul x2, x12, x14\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x12, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# A[1] * A[3]\n\t"
+ "mul x2, x13, x15\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x9, x13, x15\n\t"
+ "adc x9, x9, xzr\n\t"
+ "# A[1] * A[2]\n\t"
+ "mul x2, x13, x14\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x13, x14\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# A[2] * A[3]\n\t"
+ "mul x2, x14, x15\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x10, x14, x15\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# Double\n\t"
+ "adds x5, x5, x5\n\t"
+ "adcs x6, x6, x6\n\t"
+ "adcs x7, x7, x7\n\t"
+ "adcs x8, x8, x8\n\t"
+ "adcs x9, x9, x9\n\t"
+ "adcs x10, x10, x10\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[0] * A[0]\n\t"
+ "umulh x3, x12, x12\n\t"
+ "mul x4, x12, x12\n\t"
+ "# A[1] * A[1]\n\t"
+ "mul x2, x13, x13\n\t"
+ "adds x5, x5, x3\n\t"
+ "umulh x3, x13, x13\n\t"
+ "adcs x6, x6, x2\n\t"
+ "# A[2] * A[2]\n\t"
+ "mul x2, x14, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "umulh x3, x14, x14\n\t"
+ "adcs x8, x8, x2\n\t"
+ "# A[3] * A[3]\n\t"
+ "mul x2, x15, x15\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x3, x15, x15\n\t"
+ "adcs x10, x10, x2\n\t"
+ "adc x11, x11, x3\n\t"
+ "ldp x12, x13, [%[m], 0]\n\t"
+ "mov x14, 0xffffffffffffffff\n\t"
+ "mov x15, 0xffffffff00000000\n\t"
+ "# mu = a[0] * mp\n\t"
+ "mul x16, %[mp], x4\n\t"
+ "# a[0+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x4, x4, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x5, x5, x3\n\t"
+ "# a[0+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x6, x6, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x7, x7, x3\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[0+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x5, x5, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x6, x6, x3\n\t"
+ "# a[0+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x7, x7, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# mu = a[1] * mp\n\t"
+ "mul x16, %[mp], x5\n\t"
+ "adc x17, x17, xzr\n\t"
+ "# a[1+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x5, x5, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x6, x6, x3\n\t"
+ "# a[1+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x7, x7, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "adcs x9, x9, x17\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[1+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# a[1+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x9, x9, x3\n\t"
+ "# mu = a[2] * mp\n\t"
+ "mul x16, %[mp], x6\n\t"
+ "adc x17, x17, xzr\n\t"
+ "# a[2+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# a[2+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x9, x9, x3\n\t"
+ "adcs x10, x10, x17\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[2+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# a[2+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x10, x10, x3\n\t"
+ "# mu = a[3] * mp\n\t"
+ "mul x16, %[mp], x7\n\t"
+ "adc x17, x17, xzr\n\t"
+ "# a[3+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# a[3+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x10, x10, x3\n\t"
+ "adcs x11, x11, x17\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[3+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x8, x8, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x9, x9, x3\n\t"
+ "# a[3+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x10, x10, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x11, x11, x3\n\t"
+ "# x14 == -1\n\t"
+ "adcs x17, x17, x14\n\t"
+ "csel x12, x12, xzr, cs\n\t"
+ "csel x13, x13, xzr, cs\n\t"
+ "csel x14, x14, xzr, cs\n\t"
+ "csel x15, x15, xzr, cs\n\t"
+ "subs x8, x8, x12\n\t"
+ "sbcs x9, x9, x13\n\t"
+ "sbcs x10, x10, x14\n\t"
+ "stp x8, x9, [%[r], 0]\n\t"
+ "sbc x11, x11, x15\n\t"
+ "stp x10, x11, [%[r], 16]\n\t"
+ :
+ : [r] "r" (r), [a] "r" (a), [m] "r" (p256_order),
+ [mp] "r" (p256_mp_order)
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
+ );
}
#ifndef WOLFSSL_SP_SMALL
@@ -40292,14 +40741,188 @@ static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a)
* r Result of the squaring.
* a Number to square.
*/
-static void sp_256_mont_sqr_n_order_4(sp_digit* r, const sp_digit* a, int n)
+SP_NOINLINE static void sp_256_mont_sqr_n_order_4(sp_digit* r,
+ const sp_digit* a, int n)
{
- int i;
- sp_256_mont_sqr_order_4(r, a);
- for (i=1; i<n; i++) {
- sp_256_mont_sqr_order_4(r, r);
- }
+ __asm__ __volatile__ (
+ "ldp x12, x13, [%[a], 0]\n\t"
+ "ldp x14, x15, [%[a], 16]\n\t"
+ "1:\n\t"
+ "# A[0] * A[1]\n\t"
+ "umulh x6, x12, x13\n\t"
+ "mul x5, x12, x13\n\t"
+ "# A[0] * A[3]\n\t"
+ "umulh x8, x12, x15\n\t"
+ "mul x7, x12, x15\n\t"
+ "# A[0] * A[2]\n\t"
+ "mul x2, x12, x14\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x12, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# A[1] * A[3]\n\t"
+ "mul x2, x13, x15\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x9, x13, x15\n\t"
+ "adc x9, x9, xzr\n\t"
+ "# A[1] * A[2]\n\t"
+ "mul x2, x13, x14\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x13, x14\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# A[2] * A[3]\n\t"
+ "mul x2, x14, x15\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x10, x14, x15\n\t"
+ "adc x10, x10, xzr\n\t"
+ "# Double\n\t"
+ "adds x5, x5, x5\n\t"
+ "adcs x6, x6, x6\n\t"
+ "adcs x7, x7, x7\n\t"
+ "adcs x8, x8, x8\n\t"
+ "adcs x9, x9, x9\n\t"
+ "adcs x10, x10, x10\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "# A[0] * A[0]\n\t"
+ "umulh x3, x12, x12\n\t"
+ "mul x4, x12, x12\n\t"
+ "# A[1] * A[1]\n\t"
+ "mul x2, x13, x13\n\t"
+ "adds x5, x5, x3\n\t"
+ "umulh x3, x13, x13\n\t"
+ "adcs x6, x6, x2\n\t"
+ "# A[2] * A[2]\n\t"
+ "mul x2, x14, x14\n\t"
+ "adcs x7, x7, x3\n\t"
+ "umulh x3, x14, x14\n\t"
+ "adcs x8, x8, x2\n\t"
+ "# A[3] * A[3]\n\t"
+ "mul x2, x15, x15\n\t"
+ "adcs x9, x9, x3\n\t"
+ "umulh x3, x15, x15\n\t"
+ "adcs x10, x10, x2\n\t"
+ "adc x11, x11, x3\n\t"
+ "ldp x12, x13, [%[m], 0]\n\t"
+ "mov x14, 0xffffffffffffffff\n\t"
+ "mov x15, 0xffffffff00000000\n\t"
+ "# mu = a[0] * mp\n\t"
+ "mul x16, %[mp], x4\n\t"
+ "# a[0+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x4, x4, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x5, x5, x3\n\t"
+ "# a[0+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x6, x6, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x7, x7, x3\n\t"
+ "adcs x8, x8, xzr\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[0+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x5, x5, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x6, x6, x3\n\t"
+ "# a[0+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x7, x7, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# mu = a[1] * mp\n\t"
+ "mul x16, %[mp], x5\n\t"
+ "adc x17, x17, xzr\n\t"
+ "# a[1+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x5, x5, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x6, x6, x3\n\t"
+ "# a[1+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x7, x7, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "adcs x9, x9, x17\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[1+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# a[1+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x9, x9, x3\n\t"
+ "# mu = a[2] * mp\n\t"
+ "mul x16, %[mp], x6\n\t"
+ "adc x17, x17, xzr\n\t"
+ "# a[2+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x6, x6, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x7, x7, x3\n\t"
+ "# a[2+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x8, x8, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x9, x9, x3\n\t"
+ "adcs x10, x10, x17\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[2+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# a[2+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x10, x10, x3\n\t"
+ "# mu = a[3] * mp\n\t"
+ "mul x16, %[mp], x7\n\t"
+ "adc x17, x17, xzr\n\t"
+ "# a[3+0] += m[0] * mu\n\t"
+ "mul x2, x12, x16\n\t"
+ "adds x7, x7, x2\n\t"
+ "umulh x3, x12, x16\n\t"
+ "adcs x8, x8, x3\n\t"
+ "# a[3+2] += m[2] * mu\n\t"
+ "mul x2, x14, x16\n\t"
+ "adcs x9, x9, x2\n\t"
+ "umulh x3, x14, x16\n\t"
+ "adcs x10, x10, x3\n\t"
+ "adcs x11, x11, x17\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "# a[3+1] += m[1] * mu\n\t"
+ "mul x2, x13, x16\n\t"
+ "adds x8, x8, x2\n\t"
+ "umulh x3, x13, x16\n\t"
+ "adcs x9, x9, x3\n\t"
+ "# a[3+3] += m[3] * mu\n\t"
+ "mul x2, x15, x16\n\t"
+ "adcs x10, x10, x2\n\t"
+ "umulh x3, x15, x16\n\t"
+ "adcs x11, x11, x3\n\t"
+ "# x14 == -1\n\t"
+ "adcs x17, x17, x14\n\t"
+ "csel x12, x12, xzr, cs\n\t"
+ "csel x13, x13, xzr, cs\n\t"
+ "csel x14, x14, xzr, cs\n\t"
+ "csel x15, x15, xzr, cs\n\t"
+ "subs x12, x8, x12\n\t"
+ "sbcs x13, x9, x13\n\t"
+ "sbcs x14, x10, x14\n\t"
+ "sbc x15, x11, x15\n\t"
+ "subs %w[n], %w[n], #1\n\t"
+ "b.ne 1b\n\t"
+ "stp x12, x13, [%[r], 0]\n\t"
+ "stp x14, x15, [%[r], 16]\n\t"
+ : [n] "+r" (n)
+ : [r] "r" (r), [a] "r" (a), [m] "r" (p256_order),
+ [mp] "r" (p256_mp_order)
+ : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
+ );
}
#endif /* !WOLFSSL_SP_SMALL */
@@ -40370,77 +40993,109 @@ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a,
sp_digit* t = td;
sp_digit* t2 = td + 2 * 4;
sp_digit* t3 = td + 4 * 4;
- int i;
-
- /* t = a^2 */
- sp_256_mont_sqr_order_4(t, a);
- /* t = a^3 = t * a */
- sp_256_mont_mul_order_4(t, t, a);
- /* t2= a^c = t ^ 2 ^ 2 */
- sp_256_mont_sqr_n_order_4(t2, t, 2);
- /* t3= a^f = t2 * t */
- sp_256_mont_mul_order_4(t3, t2, t);
- /* t2= a^f0 = t3 ^ 2 ^ 4 */
- sp_256_mont_sqr_n_order_4(t2, t3, 4);
- /* t = a^ff = t2 * t3 */
- sp_256_mont_mul_order_4(t, t2, t3);
- /* t3= a^ff00 = t ^ 2 ^ 8 */
+ sp_digit* t5 = td + 6 * 4;
+ sp_digit* t7 = td + 8 * 4;
+ sp_digit* t15 = td + 10 * 4;
+
+ /* t2 = a^2 */
+ sp_256_mont_sqr_order_4(t2, a);
+ /* t3 = a^3 = t * a */
+ sp_256_mont_mul_order_4(t3, t2, a);
+ /* t5 = a^5 = t3 * t2 */
+ sp_256_mont_mul_order_4(t5, t3, t2);
+ /* t7 = a^6 = t3 ^ 2 */
+ sp_256_mont_sqr_order_4(t7, t3);
+ /* t7 = a^7 = t7 * a */
+ sp_256_mont_mul_order_4(t7, t7, a);
+ /* t2 = a^c = t3 ^ 2 */
+ sp_256_mont_sqr_order_4(t2, t7);
+ /* t15= a^f = t2 * t3 */
+ sp_256_mont_mul_order_4(t15, t2, a);
+ /* t2 = a^f0 = t15 ^ 2 ^ 4 */
+ sp_256_mont_sqr_n_order_4(t2, t15, 4);
+ /* t = a^ff = t2 * t15 */
+ sp_256_mont_mul_order_4(t, t2, t15);
+ /* t15= a^ff00 = t ^ 2 ^ 8 */
sp_256_mont_sqr_n_order_4(t2, t, 8);
- /* t = a^ffff = t2 * t */
+ /* t = a^ffff = t2 * t */
sp_256_mont_mul_order_4(t, t2, t);
- /* t2= a^ffff0000 = t ^ 2 ^ 16 */
+ /* t2 = a^ffff0000 = t ^ 2 ^ 16 */
sp_256_mont_sqr_n_order_4(t2, t, 16);
- /* t = a^ffffffff = t2 * t */
+ /* t = a^ffffffff = t2 * t */
sp_256_mont_mul_order_4(t, t2, t);
- /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64 */
+ /* t2 = a^ffffffff0000000000000000 = t ^ 2 ^ 64 */
sp_256_mont_sqr_n_order_4(t2, t, 64);
- /* t2= a^ffffffff00000000ffffffff = t2 * t */
+ /* t2 = a^ffffffff00000000ffffffff = t2 * t */
sp_256_mont_mul_order_4(t2, t2, t);
- /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32 */
+ /* t2 = a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32 */
sp_256_mont_sqr_n_order_4(t2, t2, 32);
- /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
+ /* t2 = a^ffffffff00000000ffffffffffffffff = t2 * t */
sp_256_mont_mul_order_4(t2, t2, t);
- /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
- for (i=127; i>=112; i--) {
- sp_256_mont_sqr_order_4(t2, t2);
- if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
- sp_256_mont_mul_order_4(t2, t2, a);
- }
- }
- /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
+
+ /* ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
+ sp_256_mont_sqr_order_4(t2, t2);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t15);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t7);
sp_256_mont_sqr_n_order_4(t2, t2, 4);
sp_256_mont_mul_order_4(t2, t2, t3);
- /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
- for (i=107; i>=64; i--) {
- sp_256_mont_sqr_order_4(t2, t2);
- if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
- sp_256_mont_mul_order_4(t2, t2, a);
- }
- }
- /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t15);
+ sp_256_mont_sqr_n_order_4(t2, t2, 3);
+ sp_256_mont_mul_order_4(t2, t2, t5);
sp_256_mont_sqr_n_order_4(t2, t2, 4);
+ sp_256_mont_mul_order_4(t2, t2, t5);
+ sp_256_mont_sqr_n_order_4(t2, t2, 3);
sp_256_mont_mul_order_4(t2, t2, t3);
- /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
- for (i=59; i>=32; i--) {
- sp_256_mont_sqr_order_4(t2, t2);
- if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
- sp_256_mont_mul_order_4(t2, t2, a);
- }
- }
- /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
- sp_256_mont_sqr_n_order_4(t2, t2, 4);
+ sp_256_mont_sqr_n_order_4(t2, t2, 3);
sp_256_mont_mul_order_4(t2, t2, t3);
- /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
- for (i=27; i>=0; i--) {
- sp_256_mont_sqr_order_4(t2, t2);
- if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
- sp_256_mont_mul_order_4(t2, t2, a);
- }
- }
- /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
+ sp_256_mont_sqr_n_order_4(t2, t2, 2);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t7);
+ sp_256_mont_sqr_n_order_4(t2, t2, 4);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t15);
+ sp_256_mont_sqr_n_order_4(t2, t2, 6);
+ sp_256_mont_mul_order_4(t2, t2, t15);
+ sp_256_mont_sqr_n_order_4(t2, t2, 2);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 6);
+ sp_256_mont_mul_order_4(t2, t2, t15);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t7);
sp_256_mont_sqr_n_order_4(t2, t2, 4);
- /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
- sp_256_mont_mul_order_4(r, t2, t3);
+ sp_256_mont_mul_order_4(t2, t2, t7);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t7);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t5);
+ sp_256_mont_sqr_n_order_4(t2, t2, 3);
+ sp_256_mont_mul_order_4(t2, t2, t3);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t15);
+ sp_256_mont_sqr_n_order_4(t2, t2, 2);
+ sp_256_mont_mul_order_4(t2, t2, t3);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t3);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t3);
+ sp_256_mont_sqr_n_order_4(t2, t2, 3);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 5);
+ sp_256_mont_mul_order_4(t2, t2, t5);
+ sp_256_mont_sqr_n_order_4(t2, t2, 2);
+ sp_256_mont_mul_order_4(t2, t2, a);
+ sp_256_mont_sqr_n_order_4(t2, t2, 6);
+ sp_256_mont_mul_order_4(r, t2, t15);
+ /* Multiplications: 31 */
#endif /* WOLFSSL_SP_SMALL */
}
@@ -40526,7 +41181,7 @@ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
sp_digit* e = NULL;
sp_point_256* point = NULL;
#else
- sp_digit e[7 * 2 * 4];
+ sp_digit e[10 * 2 * 4];
sp_point_256 point[1];
#endif
sp_digit* x = NULL;
@@ -40548,7 +41203,7 @@ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
err = MEMORY_E;
}
if (err == MP_OKAY) {
- e = (sp_digit*)XMALLOC(sizeof(sp_digit) * 7 * 2 * 4, heap,
+ e = (sp_digit*)XMALLOC(sizeof(sp_digit) * 10 * 2 * 4, heap,
DYNAMIC_TYPE_ECC);
if (e == NULL)
err = MEMORY_E;
@@ -40623,7 +41278,7 @@ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
if (e != NULL)
#endif
{
- ForceZero(e, sizeof(sp_digit) * 7 * 2 * 4);
+ ForceZero(e, sizeof(sp_digit) * 10 * 2 * 4);
#ifdef WOLFSSL_SP_SMALL_STACK
XFREE(e, heap, DYNAMIC_TYPE_ECC);
#endif
@@ -40652,7 +41307,7 @@ typedef struct sp_ecc_sign_256_ctx {
sp_digit x[2*4];
sp_digit k[2*4];
sp_digit r[2*4];
- sp_digit tmp[3 * 2*4];
+ sp_digit tmp[6 * 2*4];
sp_point_256 point;
sp_digit* s;
sp_digit* kInv;
@@ -40797,7 +41452,7 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 4U);
XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 4U);
XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 4U);
- XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 4U);
+ XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 6U * 2U * 4U);
}
return err;
@@ -41104,7 +41759,7 @@ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -41428,7 +42083,51 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Add two Montgomery form numbers (r = a + b % m).
+ *
+ * r Result of addition.
+ * a First number to add in Montgomery form.
+ * b Second number to add in Montgomery form.
+ * m Modulus (prime).
+ */
+SP_NOINLINE static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
+{
+ __asm__ __volatile__ (
+ "ldp x4, x5, [%[a], 0]\n\t"
+ "ldp x6, x7, [%[a], 16]\n\t"
+ "ldp x8, x9, [%[b], 0]\n\t"
+ "ldp x10, x11, [%[b], 16]\n\t"
+ "adds x4, x4, x8\n\t"
+ "adcs x5, x5, x9\n\t"
+ "adcs x6, x6, x10\n\t"
+ "adcs x7, x7, x11\n\t"
+ "csetm x14, cs\n\t"
+ "subs x4, x4, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "sbcs x5, x5, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "sbcs x6, x6, xzr\n\t"
+ "sbcs x7, x7, x13\n\t"
+ "sbc x13, xzr, xzr\n\t"
+ "sub x14, x14, x13\n\t"
+ "subs x4, x4, x14\n\t"
+ "lsr x12, x14, 32\n\t"
+ "sbcs x5, x5, x12\n\t"
+ "sub x13, xzr, x12\n\t"
+ "sbcs x6, x6, xzr\n\t"
+ "stp x4, x5, [%[r],0]\n\t"
+ "sbc x7, x7, x13\n\t"
+ "stp x6, x7, [%[r],16]\n\t"
+ :
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+ : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
+ );
+
+ (void)m;
+}
+
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -41456,19 +42155,21 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 4;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_4(t1, point->y);
(void)sp_256_mod_4(t1, t1, p256_mod);
sp_256_sqr_4(t2, point->x);
(void)sp_256_mod_4(t2, t2, p256_mod);
sp_256_mul_4(t2, t2, point->x);
(void)sp_256_mod_4(t2, t2, p256_mod);
- (void)sp_256_sub_4(t2, p256_mod, t2);
- sp_256_mont_add_4(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_4(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_4(t1, t1, point->x, p256_mod);
sp_256_mont_add_4(t1, t1, point->x, p256_mod);
sp_256_mont_add_4(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_4(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -41482,7 +42183,7 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -42443,87 +43144,87 @@ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a)
"ldp x19, x20, [%[a], 16]\n\t"
"ldp x21, x22, [%[a], 32]\n\t"
"# A[0] * A[1]\n\t"
- "mul x6, x16, x17\n\t"
- "umulh x7, x16, x17\n\t"
+ "mul x6, x16, x17\n\t"
+ "umulh x7, x16, x17\n\t"
"# A[0] * A[2]\n\t"
- "mul x4, x16, x19\n\t"
- "umulh x5, x16, x19\n\t"
- "adds x7, x7, x4\n\t"
+ "mul x4, x16, x19\n\t"
+ "umulh x5, x16, x19\n\t"
+ "adds x7, x7, x4\n\t"
"# A[0] * A[3]\n\t"
- "mul x4, x16, x20\n\t"
- "adc x8, xzr, x5\n\t"
- "umulh x5, x16, x20\n\t"
- "adds x8, x8, x4\n\t"
+ "mul x4, x16, x20\n\t"
+ "adc x8, xzr, x5\n\t"
+ "umulh x5, x16, x20\n\t"
+ "adds x8, x8, x4\n\t"
"# A[1] * A[2]\n\t"
- "mul x4, x17, x19\n\t"
- "adc x9, xzr, x5\n\t"
- "umulh x5, x17, x19\n\t"
- "adds x8, x8, x4\n\t"
+ "mul x4, x17, x19\n\t"
+ "adc x9, xzr, x5\n\t"
+ "umulh x5, x17, x19\n\t"
+ "adds x8, x8, x4\n\t"
"# A[0] * A[4]\n\t"
- "mul x4, x16, x21\n\t"
- "adcs x9, x9, x5\n\t"
- "umulh x5, x16, x21\n\t"
- "adc x10, xzr, xzr\n\t"
- "adds x9, x9, x4\n\t"
+ "mul x4, x16, x21\n\t"
+ "adcs x9, x9, x5\n\t"
+ "umulh x5, x16, x21\n\t"
+ "adc x10, xzr, xzr\n\t"
+ "adds x9, x9, x4\n\t"
"# A[1] * A[3]\n\t"
- "mul x4, x17, x20\n\t"
- "adc x10, x10, x5\n\t"
- "umulh x5, x17, x20\n\t"
- "adds x9, x9, x4\n\t"
+ "mul x4, x17, x20\n\t"
+ "adc x10, x10, x5\n\t"
+ "umulh x5, x17, x20\n\t"
+ "adds x9, x9, x4\n\t"
"# A[0] * A[5]\n\t"
- "mul x4, x16, x22\n\t"
- "adcs x10, x10, x5\n\t"
- "umulh x5, x16, x22\n\t"
- "adc x11, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
+ "mul x4, x16, x22\n\t"
+ "adcs x10, x10, x5\n\t"
+ "umulh x5, x16, x22\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "adds x10, x10, x4\n\t"
"# A[1] * A[4]\n\t"
- "mul x4, x17, x21\n\t"
- "adc x11, x11, x5\n\t"
- "umulh x5, x17, x21\n\t"
- "adds x10, x10, x4\n\t"
+ "mul x4, x17, x21\n\t"
+ "adc x11, x11, x5\n\t"
+ "umulh x5, x17, x21\n\t"
+ "adds x10, x10, x4\n\t"
"# A[2] * A[3]\n\t"
- "mul x4, x19, x20\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x19, x20\n\t"
- "adc x12, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
+ "mul x4, x19, x20\n\t"
+ "adcs x11, x11, x5\n\t"
+ "umulh x5, x19, x20\n\t"
+ "adc x12, xzr, xzr\n\t"
+ "adds x10, x10, x4\n\t"
"# A[1] * A[5]\n\t"
- "mul x4, x17, x22\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x17, x22\n\t"
- "adc x12, x12, xzr\n\t"
- "adds x11, x11, x4\n\t"
+ "mul x4, x17, x22\n\t"
+ "adcs x11, x11, x5\n\t"
+ "umulh x5, x17, x22\n\t"
+ "adc x12, x12, xzr\n\t"
+ "adds x11, x11, x4\n\t"
"# A[2] * A[4]\n\t"
- "mul x4, x19, x21\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x19, x21\n\t"
- "adc x13, xzr, xzr\n\t"
- "adds x11, x11, x4\n\t"
+ "mul x4, x19, x21\n\t"
+ "adcs x12, x12, x5\n\t"
+ "umulh x5, x19, x21\n\t"
+ "adc x13, xzr, xzr\n\t"
+ "adds x11, x11, x4\n\t"
"# A[2] * A[5]\n\t"
- "mul x4, x19, x22\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x19, x22\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x12, x12, x4\n\t"
+ "mul x4, x19, x22\n\t"
+ "adcs x12, x12, x5\n\t"
+ "umulh x5, x19, x22\n\t"
+ "adc x13, x13, xzr\n\t"
+ "adds x12, x12, x4\n\t"
"# A[3] * A[4]\n\t"
- "mul x4, x20, x21\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x20, x21\n\t"
- "adc x14, xzr, xzr\n\t"
- "adds x12, x12, x4\n\t"
+ "mul x4, x20, x21\n\t"
+ "adcs x13, x13, x5\n\t"
+ "umulh x5, x20, x21\n\t"
+ "adc x14, xzr, xzr\n\t"
+ "adds x12, x12, x4\n\t"
"# A[3] * A[5]\n\t"
- "mul x4, x20, x22\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x20, x22\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x13, x13, x4\n\t"
+ "mul x4, x20, x22\n\t"
+ "adcs x13, x13, x5\n\t"
+ "umulh x5, x20, x22\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x13, x13, x4\n\t"
"# A[4] * A[5]\n\t"
- "mul x4, x21, x22\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x21, x22\n\t"
- "adc x15, xzr, xzr\n\t"
- "adds x14, x14, x4\n\t"
- "adc x15, x15, x5\n\t"
+ "mul x4, x21, x22\n\t"
+ "adcs x14, x14, x5\n\t"
+ "umulh x5, x21, x22\n\t"
+ "adc x15, xzr, xzr\n\t"
+ "adds x14, x14, x4\n\t"
+ "adc x15, x15, x5\n\t"
"# Double\n\t"
"adds x6, x6, x6\n\t"
"adcs x7, x7, x7\n\t"
@@ -42535,34 +43236,34 @@ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a)
"adcs x13, x13, x13\n\t"
"adcs x14, x14, x14\n\t"
"# A[0] * A[0]\n\t"
- "mul x5, x16, x16\n\t"
+ "mul x5, x16, x16\n\t"
"adcs x15, x15, x15\n\t"
- "umulh x2, x16, x16\n\t"
+ "umulh x2, x16, x16\n\t"
"cset x16, cs\n\t"
"# A[1] * A[1]\n\t"
- "mul x3, x17, x17\n\t"
+ "mul x3, x17, x17\n\t"
"adds x6, x6, x2\n\t"
- "umulh x4, x17, x17\n\t"
+ "umulh x4, x17, x17\n\t"
"adcs x7, x7, x3\n\t"
"# A[2] * A[2]\n\t"
- "mul x2, x19, x19\n\t"
+ "mul x2, x19, x19\n\t"
"adcs x8, x8, x4\n\t"
- "umulh x3, x19, x19\n\t"
+ "umulh x3, x19, x19\n\t"
"adcs x9, x9, x2\n\t"
"# A[3] * A[3]\n\t"
- "mul x4, x20, x20\n\t"
+ "mul x4, x20, x20\n\t"
"adcs x10, x10, x3\n\t"
- "umulh x2, x20, x20\n\t"
+ "umulh x2, x20, x20\n\t"
"adcs x11, x11, x4\n\t"
"# A[4] * A[4]\n\t"
- "mul x3, x21, x21\n\t"
+ "mul x3, x21, x21\n\t"
"adcs x12, x12, x2\n\t"
- "umulh x4, x21, x21\n\t"
+ "umulh x4, x21, x21\n\t"
"adcs x13, x13, x3\n\t"
"# A[5] * A[5]\n\t"
- "mul x2, x22, x22\n\t"
+ "mul x2, x22, x22\n\t"
"adcs x14, x14, x4\n\t"
- "umulh x3, x22, x22\n\t"
+ "umulh x3, x22, x22\n\t"
"adcs x15, x15, x2\n\t"
"stp x5, x6, [%[r], 0]\n\t"
"adc x16, x16, x3\n\t"
@@ -42606,7 +43307,7 @@ static sp_digit sp_384_add_6(sp_digit* r, const sp_digit* a,
"adcs x4, x4, x8\n\t"
"str x3, [%[r], 32]\n\t"
"str x4, [%[r], 40]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -42773,14 +43474,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -43193,7 +43894,7 @@ SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit*
"umulh x8, x10, x9\n\t"
"adds x6, x6, x7\n\t"
"adcs x8, x8, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x16, x17, x6\n\t"
"ldr x17, [%[a], 48]\n\t"
"adcs x17, x17, x8\n\t"
@@ -43238,7 +43939,7 @@ SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit*
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -43252,7 +43953,7 @@ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -43268,10 +43969,10 @@ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_6(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_6(r, a, m, mp);
for (; n > 1; n--) {
@@ -43559,8 +44260,8 @@ static void sp_384_map_6(sp_point_384* r, const sp_point_384* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
sp_digit o;
@@ -43574,7 +44275,8 @@ static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
-static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_digit o;
@@ -43588,7 +44290,8 @@ static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
-static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_digit o;
@@ -43686,8 +44389,8 @@ static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
sp_digit o;
@@ -43695,7 +44398,6 @@ static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
sp_384_cond_add_6(r, r, m, o);
}
-#define sp_384_mont_sub_lower_6 sp_384_mont_sub_6
static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a)
{
__asm__ __volatile__ (
@@ -43723,7 +44425,8 @@ static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_384_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_digit o;
@@ -43776,7 +44479,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_6(t2, t2, p384_mod);
+ sp_384_mont_div2_6(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_6(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -43786,7 +44489,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_6(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+ sp_384_mont_sub_6(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_6(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -43809,7 +44512,8 @@ typedef struct sp_384_proj_point_dbl_6_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_6_ctx* ctx = (sp_384_proj_point_dbl_6_ctx*)sp_ctx->data;
@@ -43883,7 +44587,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_6(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_6(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -43908,7 +44612,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -43933,8 +44637,6 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_384_mont_dbl_lower_6 sp_384_mont_dbl_6
-#define sp_384_mont_tpl_lower_6 sp_384_mont_tpl_6
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -43973,7 +44675,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+ sp_384_mont_tpl_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -43982,8 +44684,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
sp_384_mont_dbl_6(t2, b, p384_mod);
sp_384_mont_sub_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+ sp_384_mont_sub_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -44003,7 +44705,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+ sp_384_mont_tpl_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -44012,8 +44714,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
sp_384_mont_dbl_6(t2, b, p384_mod);
sp_384_mont_sub_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+ sp_384_mont_sub_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -44023,7 +44725,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
sp_384_mont_sub_6(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_6(y, y, p384_mod);
+ sp_384_mont_div2_6(y, y, p384_mod);
}
/* Compare two numbers to determine if they are equal.
@@ -44061,12 +44763,12 @@ static int sp_384_iszero_6(const sp_digit* a)
static void sp_384_proj_point_add_6(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*6;
- sp_digit* t3 = t + 4*6;
- sp_digit* t4 = t + 6*6;
- sp_digit* t5 = t + 8*6;
- sp_digit* t6 = t + 10*6;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*6;
+ sp_digit* t2 = t + 4*6;
+ sp_digit* t3 = t + 6*6;
+ sp_digit* t4 = t + 8*6;
+ sp_digit* t5 = t + 10*6;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
@@ -44088,17 +44790,9 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
sp_384_proj_point_dbl_6(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_6(t2, t2, t1, p384_mod);
@@ -44117,20 +44811,31 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
sp_384_mont_dbl_6(t3, y, p384_mod);
sp_384_mont_sub_6(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+ sp_384_mont_sub_6(y, y, x, p384_mod);
sp_384_mont_mul_6(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(y, y, t5, p384_mod);
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -44176,12 +44881,12 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*6;
- ctx->t3 = t + 4*6;
- ctx->t4 = t + 6*6;
- ctx->t5 = t + 8*6;
- ctx->t6 = t + 10*6;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*6;
+ ctx->t2 = t + 4*6;
+ ctx->t3 = t + 6*6;
+ ctx->t4 = t + 8*6;
+ ctx->t5 = t + 10*6;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -44288,7 +44993,7 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -44301,22 +45006,28 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -44375,7 +45086,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+ sp_384_mont_tpl_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -44385,8 +45096,8 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
sp_384_mont_dbl_6(t2, b, p384_mod);
sp_384_mont_sub_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+ sp_384_mont_sub_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_6(r[j].z, z, y, p384_mod, p384_mp_mod);
z = r[j].z;
@@ -44400,7 +45111,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(y, y, t1, p384_mod);
/* Y = Y/2 */
- sp_384_div2_6(r[j].y, y, p384_mod);
+ sp_384_mont_div2_6(r[j].y, y, p384_mod);
r[j].infinity = 0;
}
}
@@ -44474,8 +45185,8 @@ static void sp_384_proj_point_add_sub_6(sp_point_384* ra,
sp_384_mont_sub_6(xs, xs, t1, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_384_mont_sub_lower_6(ys, ya, xs, p384_mod);
- sp_384_mont_sub_lower_6(ya, ya, xa, p384_mod);
+ sp_384_mont_sub_6(ys, ya, xs, p384_mod);
+ sp_384_mont_sub_6(ya, ya, xa, p384_mod);
sp_384_mont_mul_6(ya, ya, t4, p384_mod, p384_mp_mod);
sp_384_sub_6(t6, p384_mod, t6);
sp_384_mont_mul_6(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -44559,54 +45270,73 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
-static void sp_384_get_point_33_6(sp_point_384* r, const sp_point_384* table,
- int idx)
+SP_NOINLINE static void sp_384_get_point_33_6(sp_point_384* r,
+ const sp_point_384* table, int idx)
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
+ sp_digit z0 = 0;
+ sp_digit z1 = 0;
+ sp_digit z2 = 0;
+ sp_digit z3 = 0;
+ sp_digit z4 = 0;
+ sp_digit z5 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
- r->z[0] = 0;
- r->z[1] = 0;
- r->z[2] = 0;
- r->z[3] = 0;
- r->z[4] = 0;
- r->z[5] = 0;
for (i = 1; i < 33; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- r->z[0] |= mask & table[i].z[0];
- r->z[1] |= mask & table[i].z[1];
- r->z[2] |= mask & table[i].z[2];
- r->z[3] |= mask & table[i].z[3];
- r->z[4] |= mask & table[i].z[4];
- r->z[5] |= mask & table[i].z[5];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ z0 |= mask & table[i].z[0];
+ z1 |= mask & table[i].z[1];
+ z2 |= mask & table[i].z[2];
+ z3 |= mask & table[i].z[3];
+ z4 |= mask & table[i].z[4];
+ z5 |= mask & table[i].z[5];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
+ r->z[0] = z0;
+ r->z[1] = z1;
+ r->z[2] = z2;
+ r->z[3] = z3;
+ r->z[4] = z4;
+ r->z[5] = z5;
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -44649,7 +45379,7 @@ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
+ t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -44754,15 +45484,12 @@ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384*
return err;
}
-#ifndef WC_NO_CACHE_RESISTANT
/* A table entry for pre-computed points. */
typedef struct sp_table_entry_384 {
sp_digit x[6];
sp_digit y[6];
} sp_table_entry_384;
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
/* Add two Montgomery form projective points. The second point has a q value of
* one.
* Only the first point can be the same pointer as the result point.
@@ -44775,12 +45502,12 @@ typedef struct sp_table_entry_384 {
static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*6;
- sp_digit* t3 = t + 4*6;
- sp_digit* t4 = t + 6*6;
- sp_digit* t5 = t + 8*6;
- sp_digit* t6 = t + 10*6;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*6;
+ sp_digit* t6 = t + 4*6;
+ sp_digit* t1 = t + 6*6;
+ sp_digit* t4 = t + 8*6;
+ sp_digit* t5 = t + 10*6;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -44796,13 +45523,9 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
sp_384_proj_point_dbl_6(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_6(t2, t2, p->x, p384_mod);
@@ -44811,36 +45534,46 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_6(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_6(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_6(x, t1, t5, p384_mod);
- sp_384_mont_dbl_6(t1, t3, p384_mod);
- sp_384_mont_sub_6(x, x, t1, p384_mod);
+ sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_6(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_6(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_6(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_6(t5, t3, p384_mod);
+ sp_384_mont_sub_6(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_6(t3, t3, x, p384_mod);
+ sp_384_mont_sub_6(t3, t3, x, p384_mod);
sp_384_mont_mul_6(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_6(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_6(y, t3, t5, p384_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_384_mont_mul_6(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_6(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
+#ifndef WC_NO_CACHE_RESISTANT
+#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
+#endif /* FP_ECC | WOLFSSL_SP_SMALL */
#ifdef FP_ECC
/* Convert the projective point to affine.
* Ordinates are in Montgomery form.
@@ -44960,7 +45693,7 @@ static int sp_384_gen_stripe_table_6(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_64_6(sp_point_384* r,
@@ -44968,34 +45701,47 @@ static void sp_384_get_entry_64_6(sp_point_384* r,
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
for (i = 1; i < 64; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -45148,7 +45894,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -45219,8 +45965,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
@@ -45376,7 +46122,7 @@ static int sp_384_gen_stripe_table_6(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_256_6(sp_point_384* r,
@@ -45384,34 +46130,47 @@ static void sp_384_get_entry_256_6(sp_point_384* r,
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
for (i = 1; i < 256; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -45564,7 +46323,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -45635,8 +46394,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
@@ -45753,7 +46512,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -45764,7 +46523,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -47562,7 +48321,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v)
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_65_6(sp_point_384* r,
@@ -47570,34 +48329,47 @@ static void sp_384_get_entry_65_6(sp_point_384* r,
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
for (i = 1; i < 65; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
}
#endif /* !WC_NO_CACHE_RESISTANT */
static const sp_table_entry_384 p384_table[3575] = {
@@ -65558,7 +66330,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -65580,7 +66352,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -65680,7 +66452,7 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -65827,7 +66599,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -65835,7 +66607,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -66242,7 +67014,7 @@ static void sp_384_mul_d_6(sp_digit* r, const sp_digit* a,
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -66334,8 +67106,8 @@ static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[12], t2[7];
sp_digit div, r1;
@@ -67036,7 +67808,7 @@ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_384_cmp_6(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_384_cmp_6(u, v) >= 0))) {
sp_384_sub_6(u, u, v);
o = sp_384_sub_6(b, b, d);
if (o != 0)
@@ -67111,7 +67883,7 @@ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -67435,7 +68207,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -67463,19 +68235,21 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 6;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_6(t1, point->y);
(void)sp_384_mod_6(t1, t1, p384_mod);
sp_384_sqr_6(t2, point->x);
(void)sp_384_mod_6(t2, t2, p384_mod);
sp_384_mul_6(t2, t2, point->x);
(void)sp_384_mod_6(t2, t2, p384_mod);
- (void)sp_384_sub_6(t2, p384_mod, t2);
- sp_384_mont_add_6(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_6(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_6(t1, t1, point->x, p384_mod);
sp_384_mont_add_6(t1, t1, point->x, p384_mod);
sp_384_mont_add_6(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_6(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -67489,7 +68263,7 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -69156,7 +69930,7 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
"adds %[c], %[c], #-1\n\t"
@@ -69164,7 +69938,7 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
"ldr x7, [%[b]], #8\n\t"
"adcs x3, x3, x7\n\t"
"str x3, [%[r]], #8\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
@@ -69208,7 +69982,7 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
"ldr x7, [%[b], 64]\n\t"
"adcs x3, x3, x7\n\t"
"str x3, [%[r], 64]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -69828,7 +70602,7 @@ static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a,
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -70039,8 +70813,8 @@ static sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[19];
sp_digit t2[10];
@@ -70115,14 +70889,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -70365,7 +71139,7 @@ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, sp_digit m)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
const sp_digit* m, sp_digit mp)
@@ -70948,7 +71722,7 @@ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m,
sp_digit mp)
@@ -71385,10 +72159,10 @@ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_9(r, a, m, mp);
for (; n > 1; n--) {
@@ -71584,7 +72358,7 @@ SP_NOINLINE static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m,
"umulh x8, x11, x9\n\t"
"adds x5, x5, x7\n\t"
"adcs x8, x8, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x21, x22, x5\n\t"
"ldr x22, [%[a], 72]\n\t"
"adcs x22, x22, x8\n\t"
@@ -71687,8 +72461,8 @@ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -71727,9 +72501,11 @@ static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
"stp x10, x11, [%[r], 48]\n\t"
"str x12, [%[r], 64]\n\t"
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
: "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
);
+
+ (void)m;
}
/* Double a Montgomery form number (r = a + a % m).
@@ -71738,7 +72514,8 @@ static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
-static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -71772,9 +72549,11 @@ static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
"stp x10, x11, [%[r], 48]\n\t"
"str x12, [%[r], 64]\n\t"
:
- : [r] "r" (r), [a] "r" (a), [m] "r" (m)
+ : [r] "r" (r), [a] "r" (a)
: "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
);
+
+ (void)m;
}
/* Triple a Montgomery form number (r = a + a + a % m).
@@ -71783,7 +72562,8 @@ static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
-static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -71826,9 +72606,11 @@ static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
"stp x20, x21, [%[r], 48]\n\t"
"str x22, [%[r], 64]\n\t"
:
- : [r] "r" (r), [a] "r" (a), [m] "r" (m)
+ : [r] "r" (r), [a] "r" (a)
: "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
);
+
+ (void)m;
}
/* Subtract two Montgomery form numbers (r = a - b % m).
@@ -71838,8 +72620,8 @@ static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -71879,12 +72661,13 @@ static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
"stp x10, x11, [%[r], 48]\n\t"
"str x12, [%[r], 64]\n\t"
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
+ : [r] "r" (r), [a] "r" (a), [b] "r" (b)
: "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
);
+
+ (void)m;
}
-#define sp_521_mont_sub_lower_9 sp_521_mont_sub_9
#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
@@ -72019,7 +72802,8 @@ static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_521_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_digit o;
@@ -72072,7 +72856,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_9(t2, t2, p521_mod);
+ sp_521_mont_div2_9(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -72082,7 +72866,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_9(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+ sp_521_mont_sub_9(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -72105,7 +72889,8 @@ typedef struct sp_521_proj_point_dbl_9_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -72179,7 +72964,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_9(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -72204,7 +72989,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -72229,8 +73014,6 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_521_mont_dbl_lower_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_lower_9 sp_521_mont_tpl_9
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -72269,7 +73052,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -72278,8 +73061,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -72299,7 +73082,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -72308,8 +73091,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -72319,7 +73102,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_sub_9(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_9(y, y, p521_mod);
+ sp_521_mont_div2_9(y, y, p521_mod);
}
/* Compare two numbers to determine if they are equal.
@@ -72359,12 +73142,12 @@ static int sp_521_iszero_9(const sp_digit* a)
static void sp_521_proj_point_add_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*9;
+ sp_digit* t2 = t + 4*9;
+ sp_digit* t3 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -72386,17 +73169,9 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
sp_521_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_9(t2, t2, t1, p521_mod);
@@ -72415,20 +73190,31 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
sp_521_mont_dbl_9(t3, y, p521_mod);
sp_521_mont_sub_9(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+ sp_521_mont_sub_9(y, y, x, p521_mod);
sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(y, y, t5, p521_mod);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -72474,12 +73260,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*9;
- ctx->t3 = t + 4*9;
- ctx->t4 = t + 6*9;
- ctx->t5 = t + 8*9;
- ctx->t6 = t + 10*9;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*9;
+ ctx->t2 = t + 4*9;
+ ctx->t3 = t + 6*9;
+ ctx->t4 = t + 8*9;
+ ctx->t5 = t + 10*9;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -72586,7 +73372,7 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -72599,22 +73385,28 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -72673,7 +73465,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -72683,8 +73475,8 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
z = r[j].z;
@@ -72698,7 +73490,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(y, y, t1, p521_mod);
/* Y = Y/2 */
- sp_521_div2_9(r[j].y, y, p521_mod);
+ sp_521_mont_div2_9(r[j].y, y, p521_mod);
r[j].infinity = 0;
}
}
@@ -72772,8 +73564,8 @@ static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
sp_521_mont_sub_9(xs, xs, t1, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_521_mont_sub_lower_9(ys, ya, xs, p521_mod);
- sp_521_mont_sub_lower_9(ya, ya, xa, p521_mod);
+ sp_521_mont_sub_9(ys, ya, xs, p521_mod);
+ sp_521_mont_sub_9(ya, ya, xa, p521_mod);
sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
sp_521_sub_9(t6, p521_mod, t6);
sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -72857,72 +73649,100 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
-static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table,
- int idx)
+SP_NOINLINE static void sp_521_get_point_33_9(sp_point_521* r,
+ const sp_point_521* table, int idx)
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit x6 = 0;
+ sp_digit x7 = 0;
+ sp_digit x8 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
+ sp_digit y6 = 0;
+ sp_digit y7 = 0;
+ sp_digit y8 = 0;
+ sp_digit z0 = 0;
+ sp_digit z1 = 0;
+ sp_digit z2 = 0;
+ sp_digit z3 = 0;
+ sp_digit z4 = 0;
+ sp_digit z5 = 0;
+ sp_digit z6 = 0;
+ sp_digit z7 = 0;
+ sp_digit z8 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->x[6] = 0;
- r->x[7] = 0;
- r->x[8] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
- r->y[6] = 0;
- r->y[7] = 0;
- r->y[8] = 0;
- r->z[0] = 0;
- r->z[1] = 0;
- r->z[2] = 0;
- r->z[3] = 0;
- r->z[4] = 0;
- r->z[5] = 0;
- r->z[6] = 0;
- r->z[7] = 0;
- r->z[8] = 0;
for (i = 1; i < 33; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->x[6] |= mask & table[i].x[6];
- r->x[7] |= mask & table[i].x[7];
- r->x[8] |= mask & table[i].x[8];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- r->y[6] |= mask & table[i].y[6];
- r->y[7] |= mask & table[i].y[7];
- r->y[8] |= mask & table[i].y[8];
- r->z[0] |= mask & table[i].z[0];
- r->z[1] |= mask & table[i].z[1];
- r->z[2] |= mask & table[i].z[2];
- r->z[3] |= mask & table[i].z[3];
- r->z[4] |= mask & table[i].z[4];
- r->z[5] |= mask & table[i].z[5];
- r->z[6] |= mask & table[i].z[6];
- r->z[7] |= mask & table[i].z[7];
- r->z[8] |= mask & table[i].z[8];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ x6 |= mask & table[i].x[6];
+ x7 |= mask & table[i].x[7];
+ x8 |= mask & table[i].x[8];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ y6 |= mask & table[i].y[6];
+ y7 |= mask & table[i].y[7];
+ y8 |= mask & table[i].y[8];
+ z0 |= mask & table[i].z[0];
+ z1 |= mask & table[i].z[1];
+ z2 |= mask & table[i].z[2];
+ z3 |= mask & table[i].z[3];
+ z4 |= mask & table[i].z[4];
+ z5 |= mask & table[i].z[5];
+ z6 |= mask & table[i].z[6];
+ z7 |= mask & table[i].z[7];
+ z8 |= mask & table[i].z[8];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->x[6] = x6;
+ r->x[7] = x7;
+ r->x[8] = x8;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
+ r->y[6] = y6;
+ r->y[7] = y7;
+ r->y[8] = y8;
+ r->z[0] = z0;
+ r->z[1] = z1;
+ r->z[2] = z2;
+ r->z[3] = z3;
+ r->z[4] = z4;
+ r->z[5] = z5;
+ r->z[6] = z6;
+ r->z[7] = z7;
+ r->z[8] = z8;
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -72965,7 +73785,7 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
+ t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -73070,15 +73890,12 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
return err;
}
-#ifndef WC_NO_CACHE_RESISTANT
/* A table entry for pre-computed points. */
typedef struct sp_table_entry_521 {
sp_digit x[9];
sp_digit y[9];
} sp_table_entry_521;
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
/* Add two Montgomery form projective points. The second point has a q value of
* one.
* Only the first point can be the same pointer as the result point.
@@ -73091,12 +73908,12 @@ typedef struct sp_table_entry_521 {
static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*9;
+ sp_digit* t6 = t + 4*9;
+ sp_digit* t1 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -73112,13 +73929,9 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
sp_521_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
@@ -73127,36 +73940,46 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_9(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_9(x, t1, t5, p521_mod);
- sp_521_mont_dbl_9(t1, t3, p521_mod);
- sp_521_mont_sub_9(x, x, t1, p521_mod);
+ sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_9(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_9(t5, t3, p521_mod);
+ sp_521_mont_sub_9(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_9(t3, t3, x, p521_mod);
+ sp_521_mont_sub_9(t3, t3, x, p521_mod);
sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_9(y, t3, t5, p521_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_9(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
+#ifndef WC_NO_CACHE_RESISTANT
+#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
+#endif /* FP_ECC | WOLFSSL_SP_SMALL */
#ifdef FP_ECC
/* Convert the projective point to affine.
* Ordinates are in Montgomery form.
@@ -73276,7 +74099,7 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_64_9(sp_point_521* r,
@@ -73284,46 +74107,65 @@ static void sp_521_get_entry_64_9(sp_point_521* r,
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit x6 = 0;
+ sp_digit x7 = 0;
+ sp_digit x8 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
+ sp_digit y6 = 0;
+ sp_digit y7 = 0;
+ sp_digit y8 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->x[6] = 0;
- r->x[7] = 0;
- r->x[8] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
- r->y[6] = 0;
- r->y[7] = 0;
- r->y[8] = 0;
for (i = 1; i < 64; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->x[6] |= mask & table[i].x[6];
- r->x[7] |= mask & table[i].x[7];
- r->x[8] |= mask & table[i].x[8];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- r->y[6] |= mask & table[i].y[6];
- r->y[7] |= mask & table[i].y[7];
- r->y[8] |= mask & table[i].y[8];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ x6 |= mask & table[i].x[6];
+ x7 |= mask & table[i].x[7];
+ x8 |= mask & table[i].x[8];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ y6 |= mask & table[i].y[6];
+ y7 |= mask & table[i].y[7];
+ y8 |= mask & table[i].y[8];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->x[6] = x6;
+ r->x[7] = x7;
+ r->x[8] = x8;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
+ r->y[6] = y6;
+ r->y[7] = y7;
+ r->y[8] = y8;
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -73476,7 +74318,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -73547,8 +74389,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -73704,7 +74546,7 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_256_9(sp_point_521* r,
@@ -73712,46 +74554,65 @@ static void sp_521_get_entry_256_9(sp_point_521* r,
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit x6 = 0;
+ sp_digit x7 = 0;
+ sp_digit x8 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
+ sp_digit y6 = 0;
+ sp_digit y7 = 0;
+ sp_digit y8 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->x[6] = 0;
- r->x[7] = 0;
- r->x[8] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
- r->y[6] = 0;
- r->y[7] = 0;
- r->y[8] = 0;
for (i = 1; i < 256; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->x[6] |= mask & table[i].x[6];
- r->x[7] |= mask & table[i].x[7];
- r->x[8] |= mask & table[i].x[8];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- r->y[6] |= mask & table[i].y[6];
- r->y[7] |= mask & table[i].y[7];
- r->y[8] |= mask & table[i].y[8];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ x6 |= mask & table[i].x[6];
+ x7 |= mask & table[i].x[7];
+ x8 |= mask & table[i].x[8];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ y6 |= mask & table[i].y[6];
+ y7 |= mask & table[i].y[7];
+ y8 |= mask & table[i].y[8];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->x[6] = x6;
+ r->x[7] = x7;
+ r->x[8] = x8;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
+ r->y[6] = y6;
+ r->y[7] = y7;
+ r->y[8] = y8;
}
#endif /* !WC_NO_CACHE_RESISTANT */
/* Multiply the point by the scalar and return the result.
@@ -73904,7 +74765,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -73975,8 +74836,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -74093,7 +74954,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -74104,7 +74965,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -76538,7 +77399,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v)
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_65_9(sp_point_521* r,
@@ -76546,46 +77407,65 @@ static void sp_521_get_entry_65_9(sp_point_521* r,
{
int i;
sp_digit mask;
+ sp_digit x0 = 0;
+ sp_digit x1 = 0;
+ sp_digit x2 = 0;
+ sp_digit x3 = 0;
+ sp_digit x4 = 0;
+ sp_digit x5 = 0;
+ sp_digit x6 = 0;
+ sp_digit x7 = 0;
+ sp_digit x8 = 0;
+ sp_digit y0 = 0;
+ sp_digit y1 = 0;
+ sp_digit y2 = 0;
+ sp_digit y3 = 0;
+ sp_digit y4 = 0;
+ sp_digit y5 = 0;
+ sp_digit y6 = 0;
+ sp_digit y7 = 0;
+ sp_digit y8 = 0;
- r->x[0] = 0;
- r->x[1] = 0;
- r->x[2] = 0;
- r->x[3] = 0;
- r->x[4] = 0;
- r->x[5] = 0;
- r->x[6] = 0;
- r->x[7] = 0;
- r->x[8] = 0;
- r->y[0] = 0;
- r->y[1] = 0;
- r->y[2] = 0;
- r->y[3] = 0;
- r->y[4] = 0;
- r->y[5] = 0;
- r->y[6] = 0;
- r->y[7] = 0;
- r->y[8] = 0;
for (i = 1; i < 65; i++) {
mask = 0 - (i == idx);
- r->x[0] |= mask & table[i].x[0];
- r->x[1] |= mask & table[i].x[1];
- r->x[2] |= mask & table[i].x[2];
- r->x[3] |= mask & table[i].x[3];
- r->x[4] |= mask & table[i].x[4];
- r->x[5] |= mask & table[i].x[5];
- r->x[6] |= mask & table[i].x[6];
- r->x[7] |= mask & table[i].x[7];
- r->x[8] |= mask & table[i].x[8];
- r->y[0] |= mask & table[i].y[0];
- r->y[1] |= mask & table[i].y[1];
- r->y[2] |= mask & table[i].y[2];
- r->y[3] |= mask & table[i].y[3];
- r->y[4] |= mask & table[i].y[4];
- r->y[5] |= mask & table[i].y[5];
- r->y[6] |= mask & table[i].y[6];
- r->y[7] |= mask & table[i].y[7];
- r->y[8] |= mask & table[i].y[8];
- }
+ x0 |= mask & table[i].x[0];
+ x1 |= mask & table[i].x[1];
+ x2 |= mask & table[i].x[2];
+ x3 |= mask & table[i].x[3];
+ x4 |= mask & table[i].x[4];
+ x5 |= mask & table[i].x[5];
+ x6 |= mask & table[i].x[6];
+ x7 |= mask & table[i].x[7];
+ x8 |= mask & table[i].x[8];
+ y0 |= mask & table[i].y[0];
+ y1 |= mask & table[i].y[1];
+ y2 |= mask & table[i].y[2];
+ y3 |= mask & table[i].y[3];
+ y4 |= mask & table[i].y[4];
+ y5 |= mask & table[i].y[5];
+ y6 |= mask & table[i].y[6];
+ y7 |= mask & table[i].y[7];
+ y8 |= mask & table[i].y[8];
+ }
+
+ r->x[0] = x0;
+ r->x[1] = x1;
+ r->x[2] = x2;
+ r->x[3] = x3;
+ r->x[4] = x4;
+ r->x[5] = x5;
+ r->x[6] = x6;
+ r->x[7] = x7;
+ r->x[8] = x8;
+ r->y[0] = y0;
+ r->y[1] = y1;
+ r->y[2] = y2;
+ r->y[3] = y3;
+ r->y[4] = y4;
+ r->y[5] = y5;
+ r->y[6] = y6;
+ r->y[7] = y7;
+ r->y[8] = y8;
}
#endif /* !WC_NO_CACHE_RESISTANT */
static const sp_table_entry_521 p521_table[4875] = {
@@ -110606,7 +111486,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -110628,7 +111508,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -110736,7 +111616,7 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -110884,7 +111764,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -110892,7 +111772,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -111862,7 +112742,7 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_521_cmp_9(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_521_cmp_9(u, v) >= 0))) {
sp_521_sub_9(u, u, v);
o = sp_521_sub_9(b, b, d);
if (o != 0)
@@ -111940,7 +112820,7 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -112271,7 +113151,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -112299,19 +113179,21 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 9;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_9(t1, point->y);
(void)sp_521_mod_9(t1, t1, p521_mod);
sp_521_sqr_9(t2, point->x);
(void)sp_521_mod_9(t2, t2, p521_mod);
sp_521_mul_9(t2, t2, point->x);
(void)sp_521_mod_9(t2, t2, p521_mod);
- (void)sp_521_sub_9(t2, p521_mod, t2);
- sp_521_mont_add_9(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_9(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_9(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -112325,7 +113207,7 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -113256,165 +114138,165 @@ static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a)
"ldp x25, x26, [%[a], 32]\n\t"
"ldp x27, x28, [%[a], 48]\n\t"
"# A[0] * A[1]\n\t"
- "mul x6, x21, x22\n\t"
- "umulh x7, x21, x22\n\t"
+ "mul x6, x21, x22\n\t"
+ "umulh x7, x21, x22\n\t"
"# A[0] * A[2]\n\t"
- "mul x4, x21, x23\n\t"
- "umulh x5, x21, x23\n\t"
- "adds x7, x7, x4\n\t"
+ "mul x4, x21, x23\n\t"
+ "umulh x5, x21, x23\n\t"
+ "adds x7, x7, x4\n\t"
"# A[0] * A[3]\n\t"
- "mul x4, x21, x24\n\t"
- "adc x8, xzr, x5\n\t"
- "umulh x5, x21, x24\n\t"
- "adds x8, x8, x4\n\t"
+ "mul x4, x21, x24\n\t"
+ "adc x8, xzr, x5\n\t"
+ "umulh x5, x21, x24\n\t"
+ "adds x8, x8, x4\n\t"
"# A[1] * A[2]\n\t"
- "mul x4, x22, x23\n\t"
- "adc x9, xzr, x5\n\t"
- "umulh x5, x22, x23\n\t"
- "adds x8, x8, x4\n\t"
+ "mul x4, x22, x23\n\t"
+ "adc x9, xzr, x5\n\t"
+ "umulh x5, x22, x23\n\t"
+ "adds x8, x8, x4\n\t"
"# A[0] * A[4]\n\t"
- "mul x4, x21, x25\n\t"
- "adcs x9, x9, x5\n\t"
- "umulh x5, x21, x25\n\t"
- "adc x10, xzr, xzr\n\t"
- "adds x9, x9, x4\n\t"
+ "mul x4, x21, x25\n\t"
+ "adcs x9, x9, x5\n\t"
+ "umulh x5, x21, x25\n\t"
+ "adc x10, xzr, xzr\n\t"
+ "adds x9, x9, x4\n\t"
"# A[1] * A[3]\n\t"
- "mul x4, x22, x24\n\t"
- "adc x10, x10, x5\n\t"
- "umulh x5, x22, x24\n\t"
- "adds x9, x9, x4\n\t"
+ "mul x4, x22, x24\n\t"
+ "adc x10, x10, x5\n\t"
+ "umulh x5, x22, x24\n\t"
+ "adds x9, x9, x4\n\t"
"# A[0] * A[5]\n\t"
- "mul x4, x21, x26\n\t"
- "adcs x10, x10, x5\n\t"
- "umulh x5, x21, x26\n\t"
- "adc x11, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
+ "mul x4, x21, x26\n\t"
+ "adcs x10, x10, x5\n\t"
+ "umulh x5, x21, x26\n\t"
+ "adc x11, xzr, xzr\n\t"
+ "adds x10, x10, x4\n\t"
"# A[1] * A[4]\n\t"
- "mul x4, x22, x25\n\t"
- "adc x11, x11, x5\n\t"
- "umulh x5, x22, x25\n\t"
- "adds x10, x10, x4\n\t"
+ "mul x4, x22, x25\n\t"
+ "adc x11, x11, x5\n\t"
+ "umulh x5, x22, x25\n\t"
+ "adds x10, x10, x4\n\t"
"# A[2] * A[3]\n\t"
- "mul x4, x23, x24\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x23, x24\n\t"
- "adc x12, xzr, xzr\n\t"
- "adds x10, x10, x4\n\t"
+ "mul x4, x23, x24\n\t"
+ "adcs x11, x11, x5\n\t"
+ "umulh x5, x23, x24\n\t"
+ "adc x12, xzr, xzr\n\t"
+ "adds x10, x10, x4\n\t"
"# A[0] * A[6]\n\t"
- "mul x4, x21, x27\n\t"
- "adcs x11, x11, x5\n\t"
- "umulh x5, x21, x27\n\t"
- "adc x12, x12, xzr\n\t"
- "adds x11, x11, x4\n\t"
+ "mul x4, x21, x27\n\t"
+ "adcs x11, x11, x5\n\t"
+ "umulh x5, x21, x27\n\t"
+ "adc x12, x12, xzr\n\t"
+ "adds x11, x11, x4\n\t"
"# A[1] * A[5]\n\t"
- "mul x4, x22, x26\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x22, x26\n\t"
- "adc x13, xzr, xzr\n\t"
- "adds x11, x11, x4\n\t"
+ "mul x4, x22, x26\n\t"
+ "adcs x12, x12, x5\n\t"
+ "umulh x5, x22, x26\n\t"
+ "adc x13, xzr, xzr\n\t"
+ "adds x11, x11, x4\n\t"
"# A[2] * A[4]\n\t"
- "mul x4, x23, x25\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x23, x25\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x11, x11, x4\n\t"
+ "mul x4, x23, x25\n\t"
+ "adcs x12, x12, x5\n\t"
+ "umulh x5, x23, x25\n\t"
+ "adc x13, x13, xzr\n\t"
+ "adds x11, x11, x4\n\t"
"# A[0] * A[7]\n\t"
- "mul x4, x21, x28\n\t"
- "adcs x12, x12, x5\n\t"
- "umulh x5, x21, x28\n\t"
- "adc x13, x13, xzr\n\t"
- "adds x12, x12, x4\n\t"
+ "mul x4, x21, x28\n\t"
+ "adcs x12, x12, x5\n\t"
+ "umulh x5, x21, x28\n\t"
+ "adc x13, x13, xzr\n\t"
+ "adds x12, x12, x4\n\t"
"# A[1] * A[6]\n\t"
- "mul x4, x22, x27\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x22, x27\n\t"
- "adc x14, xzr, xzr\n\t"
- "adds x12, x12, x4\n\t"
+ "mul x4, x22, x27\n\t"
+ "adcs x13, x13, x5\n\t"
+ "umulh x5, x22, x27\n\t"
+ "adc x14, xzr, xzr\n\t"
+ "adds x12, x12, x4\n\t"
"# A[2] * A[5]\n\t"
- "mul x4, x23, x26\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x23, x26\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x12, x12, x4\n\t"
+ "mul x4, x23, x26\n\t"
+ "adcs x13, x13, x5\n\t"
+ "umulh x5, x23, x26\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x12, x12, x4\n\t"
"# A[3] * A[4]\n\t"
- "mul x4, x24, x25\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x24, x25\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x12, x12, x4\n\t"
+ "mul x4, x24, x25\n\t"
+ "adcs x13, x13, x5\n\t"
+ "umulh x5, x24, x25\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x12, x12, x4\n\t"
"# A[1] * A[7]\n\t"
- "mul x4, x22, x28\n\t"
- "adcs x13, x13, x5\n\t"
- "umulh x5, x22, x28\n\t"
- "adc x14, x14, xzr\n\t"
- "adds x13, x13, x4\n\t"
+ "mul x4, x22, x28\n\t"
+ "adcs x13, x13, x5\n\t"
+ "umulh x5, x22, x28\n\t"
+ "adc x14, x14, xzr\n\t"
+ "adds x13, x13, x4\n\t"
"# A[2] * A[6]\n\t"
- "mul x4, x23, x27\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x23, x27\n\t"
- "adc x15, xzr, xzr\n\t"
- "adds x13, x13, x4\n\t"
+ "mul x4, x23, x27\n\t"
+ "adcs x14, x14, x5\n\t"
+ "umulh x5, x23, x27\n\t"
+ "adc x15, xzr, xzr\n\t"
+ "adds x13, x13, x4\n\t"
"# A[3] * A[5]\n\t"
- "mul x4, x24, x26\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x24, x26\n\t"
- "adc x15, x15, xzr\n\t"
- "adds x13, x13, x4\n\t"
+ "mul x4, x24, x26\n\t"
+ "adcs x14, x14, x5\n\t"
+ "umulh x5, x24, x26\n\t"
+ "adc x15, x15, xzr\n\t"
+ "adds x13, x13, x4\n\t"
"# A[2] * A[7]\n\t"
- "mul x4, x23, x28\n\t"
- "adcs x14, x14, x5\n\t"
- "umulh x5, x23, x28\n\t"
- "adc x15, x15, xzr\n\t"
- "adds x14, x14, x4\n\t"
+ "mul x4, x23, x28\n\t"
+ "adcs x14, x14, x5\n\t"
+ "umulh x5, x23, x28\n\t"
+ "adc x15, x15, xzr\n\t"
+ "adds x14, x14, x4\n\t"
"# A[3] * A[6]\n\t"
- "mul x4, x24, x27\n\t"
- "adcs x15, x15, x5\n\t"
- "umulh x5, x24, x27\n\t"
- "adc x16, xzr, xzr\n\t"
- "adds x14, x14, x4\n\t"
+ "mul x4, x24, x27\n\t"
+ "adcs x15, x15, x5\n\t"
+ "umulh x5, x24, x27\n\t"
+ "adc x16, xzr, xzr\n\t"
+ "adds x14, x14, x4\n\t"
"# A[4] * A[5]\n\t"
- "mul x4, x25, x26\n\t"
- "adcs x15, x15, x5\n\t"
- "umulh x5, x25, x26\n\t"
- "adc x16, x16, xzr\n\t"
- "adds x14, x14, x4\n\t"
+ "mul x4, x25, x26\n\t"
+ "adcs x15, x15, x5\n\t"
+ "umulh x5, x25, x26\n\t"
+ "adc x16, x16, xzr\n\t"
+ "adds x14, x14, x4\n\t"
"# A[3] * A[7]\n\t"
- "mul x4, x24, x28\n\t"
- "adcs x15, x15, x5\n\t"
- "umulh x5, x24, x28\n\t"
- "adc x16, x16, xzr\n\t"
- "adds x15, x15, x4\n\t"
+ "mul x4, x24, x28\n\t"
+ "adcs x15, x15, x5\n\t"
+ "umulh x5, x24, x28\n\t"
+ "adc x16, x16, xzr\n\t"
+ "adds x15, x15, x4\n\t"
"# A[4] * A[6]\n\t"
- "mul x4, x25, x27\n\t"
- "adcs x16, x16, x5\n\t"
- "umulh x5, x25, x27\n\t"
- "adc x17, xzr, xzr\n\t"
- "adds x15, x15, x4\n\t"
+ "mul x4, x25, x27\n\t"
+ "adcs x16, x16, x5\n\t"
+ "umulh x5, x25, x27\n\t"
+ "adc x17, xzr, xzr\n\t"
+ "adds x15, x15, x4\n\t"
"# A[4] * A[7]\n\t"
- "mul x4, x25, x28\n\t"
- "adcs x16, x16, x5\n\t"
- "umulh x5, x25, x28\n\t"
- "adc x17, x17, xzr\n\t"
- "adds x16, x16, x4\n\t"
+ "mul x4, x25, x28\n\t"
+ "adcs x16, x16, x5\n\t"
+ "umulh x5, x25, x28\n\t"
+ "adc x17, x17, xzr\n\t"
+ "adds x16, x16, x4\n\t"
"# A[5] * A[6]\n\t"
- "mul x4, x26, x27\n\t"
- "adcs x17, x17, x5\n\t"
- "umulh x5, x26, x27\n\t"
- "adc x19, xzr, xzr\n\t"
- "adds x16, x16, x4\n\t"
+ "mul x4, x26, x27\n\t"
+ "adcs x17, x17, x5\n\t"
+ "umulh x5, x26, x27\n\t"
+ "adc x19, xzr, xzr\n\t"
+ "adds x16, x16, x4\n\t"
"# A[5] * A[7]\n\t"
- "mul x4, x26, x28\n\t"
- "adcs x17, x17, x5\n\t"
- "umulh x5, x26, x28\n\t"
- "adc x19, x19, xzr\n\t"
- "adds x17, x17, x4\n\t"
+ "mul x4, x26, x28\n\t"
+ "adcs x17, x17, x5\n\t"
+ "umulh x5, x26, x28\n\t"
+ "adc x19, x19, xzr\n\t"
+ "adds x17, x17, x4\n\t"
"# A[6] * A[7]\n\t"
- "mul x4, x27, x28\n\t"
- "adcs x19, x19, x5\n\t"
- "umulh x5, x27, x28\n\t"
- "adc x20, xzr, xzr\n\t"
- "adds x19, x19, x4\n\t"
- "adc x20, x20, x5\n\t"
+ "mul x4, x27, x28\n\t"
+ "adcs x19, x19, x5\n\t"
+ "umulh x5, x27, x28\n\t"
+ "adc x20, xzr, xzr\n\t"
+ "adds x19, x19, x4\n\t"
+ "adc x20, x20, x5\n\t"
"# Double\n\t"
"adds x6, x6, x6\n\t"
"adcs x7, x7, x7\n\t"
@@ -113430,44 +114312,44 @@ static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a)
"adcs x17, x17, x17\n\t"
"adcs x19, x19, x19\n\t"
"# A[0] * A[0]\n\t"
- "mul x5, x21, x21\n\t"
+ "mul x5, x21, x21\n\t"
"adcs x20, x20, x20\n\t"
- "umulh x2, x21, x21\n\t"
+ "umulh x2, x21, x21\n\t"
"cset x21, cs\n\t"
"# A[1] * A[1]\n\t"
- "mul x3, x22, x22\n\t"
+ "mul x3, x22, x22\n\t"
"adds x6, x6, x2\n\t"
- "umulh x4, x22, x22\n\t"
+ "umulh x4, x22, x22\n\t"
"adcs x7, x7, x3\n\t"
"# A[2] * A[2]\n\t"
- "mul x2, x23, x23\n\t"
+ "mul x2, x23, x23\n\t"
"adcs x8, x8, x4\n\t"
- "umulh x3, x23, x23\n\t"
+ "umulh x3, x23, x23\n\t"
"adcs x9, x9, x2\n\t"
"# A[3] * A[3]\n\t"
- "mul x4, x24, x24\n\t"
+ "mul x4, x24, x24\n\t"
"adcs x10, x10, x3\n\t"
- "umulh x2, x24, x24\n\t"
+ "umulh x2, x24, x24\n\t"
"adcs x11, x11, x4\n\t"
"# A[4] * A[4]\n\t"
- "mul x3, x25, x25\n\t"
+ "mul x3, x25, x25\n\t"
"adcs x12, x12, x2\n\t"
- "umulh x4, x25, x25\n\t"
+ "umulh x4, x25, x25\n\t"
"adcs x13, x13, x3\n\t"
"# A[5] * A[5]\n\t"
- "mul x2, x26, x26\n\t"
+ "mul x2, x26, x26\n\t"
"adcs x14, x14, x4\n\t"
- "umulh x3, x26, x26\n\t"
+ "umulh x3, x26, x26\n\t"
"adcs x15, x15, x2\n\t"
"# A[6] * A[6]\n\t"
- "mul x4, x27, x27\n\t"
+ "mul x4, x27, x27\n\t"
"adcs x16, x16, x3\n\t"
- "umulh x2, x27, x27\n\t"
+ "umulh x2, x27, x27\n\t"
"adcs x17, x17, x4\n\t"
"# A[7] * A[7]\n\t"
- "mul x3, x28, x28\n\t"
+ "mul x3, x28, x28\n\t"
"adcs x19, x19, x2\n\t"
- "umulh x4, x28, x28\n\t"
+ "umulh x4, x28, x28\n\t"
"adcs x20, x20, x3\n\t"
"stp x5, x6, [%[r], 0]\n\t"
"adc x21, x21, x4\n\t"
@@ -113514,7 +114396,7 @@ static sp_digit sp_1024_add_8(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 32]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 48]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -113662,7 +114544,7 @@ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r], 96]\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r], 112]\n\t"
- "cset %[r], cs\n\t"
+ "adc %[r], xzr, xzr\n\t"
: [r] "+r" (r)
: [a] "r" (a), [b] "r" (b)
: "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -114189,7 +115071,7 @@ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
"stp x3, x4, [%[r]], #16\n\t"
"adcs x6, x6, x10\n\t"
"stp x5, x6, [%[r]], #16\n\t"
- "cset %[c], cs\n\t"
+ "adc %[c], xzr, xzr\n\t"
"cmp %[a], x11\n\t"
"b.ne 1b\n\t"
: [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -114381,7 +115263,7 @@ static void sp_1024_mul_d_16(sp_digit* r, const sp_digit* a,
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
*
* d1 The high order half of the number to divide.
* d0 The low order half of the number to divide.
@@ -114629,8 +115511,8 @@ static sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[32], t2[17];
sp_digit div, r1;
@@ -114763,14 +115645,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -115177,7 +116059,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m,
"umulh x8, x10, x9\n\t"
"adds x6, x6, x7\n\t"
"adcs x8, x8, x3\n\t"
- "cset x3, cs\n\t"
+ "adc x3, xzr, xzr\n\t"
"adds x27, x28, x6\n\t"
"ldr x28, [%[a], 128]\n\t"
"adcs x28, x28, x8\n\t"
@@ -115255,7 +116137,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -115269,7 +116151,7 @@ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -115392,8 +116274,8 @@ static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -115493,7 +116375,8 @@ static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, const sp_digit*
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
-static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -115585,7 +116468,8 @@ static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, const sp_digit*
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
-static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -115747,8 +116631,8 @@ static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, const sp_digit*
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, const sp_digit* m)
{
__asm__ __volatile__ (
"ldp x4, x5, [%[a], 0]\n\t"
@@ -115838,7 +116722,6 @@ static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit*
);
}
-#define sp_1024_mont_sub_lower_16 sp_1024_mont_sub_16
#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
@@ -116017,7 +116900,8 @@ static void sp_1024_rshift1_16(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_1024_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_digit o;
@@ -116070,7 +116954,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_16(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_16(t2, t2, p1024_mod);
+ sp_1024_mont_div2_16(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_16(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -116080,7 +116964,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_16(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+ sp_1024_mont_sub_16(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_16(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -116103,7 +116987,8 @@ typedef struct sp_1024_proj_point_dbl_16_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_16_ctx* ctx = (sp_1024_proj_point_dbl_16_ctx*)sp_ctx->data;
@@ -116177,7 +117062,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_16(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_16(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -116202,7 +117087,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -116227,8 +117112,6 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_1024_mont_dbl_lower_16 sp_1024_mont_dbl_16
-#define sp_1024_mont_tpl_lower_16 sp_1024_mont_tpl_16
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -116267,7 +117150,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -116276,8 +117159,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
sp_1024_mont_dbl_16(t2, b, p1024_mod);
sp_1024_mont_sub_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -116297,7 +117180,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -116306,8 +117189,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
sp_1024_mont_dbl_16(t2, b, p1024_mod);
sp_1024_mont_sub_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -116317,107 +117200,9 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
sp_1024_mont_sub_16(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_16(y, y, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- sp_digit c = 0;
-
- __asm__ __volatile__ (
- "add x11, %[a], 128\n\t"
- "\n1:\n\t"
- "subs %[c], xzr, %[c]\n\t"
- "ldp x3, x4, [%[a]], #16\n\t"
- "ldp x5, x6, [%[a]], #16\n\t"
- "ldp x7, x8, [%[b]], #16\n\t"
- "sbcs x3, x3, x7\n\t"
- "ldp x9, x10, [%[b]], #16\n\t"
- "sbcs x4, x4, x8\n\t"
- "sbcs x5, x5, x9\n\t"
- "stp x3, x4, [%[r]], #16\n\t"
- "sbcs x6, x6, x10\n\t"
- "stp x5, x6, [%[r]], #16\n\t"
- "csetm %[c], cc\n\t"
- "cmp %[a], x11\n\t"
- "b.ne 1b\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
- );
-
- return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "ldp x3, x4, [%[a], 0]\n\t"
- "ldp x7, x8, [%[b], 0]\n\t"
- "subs x3, x3, x7\n\t"
- "ldp x5, x6, [%[a], 16]\n\t"
- "sbcs x4, x4, x8\n\t"
- "ldp x9, x10, [%[b], 16]\n\t"
- "sbcs x5, x5, x9\n\t"
- "stp x3, x4, [%[r], 0]\n\t"
- "sbcs x6, x6, x10\n\t"
- "stp x5, x6, [%[r], 16]\n\t"
- "ldp x3, x4, [%[a], 32]\n\t"
- "ldp x7, x8, [%[b], 32]\n\t"
- "sbcs x3, x3, x7\n\t"
- "ldp x5, x6, [%[a], 48]\n\t"
- "sbcs x4, x4, x8\n\t"
- "ldp x9, x10, [%[b], 48]\n\t"
- "sbcs x5, x5, x9\n\t"
- "stp x3, x4, [%[r], 32]\n\t"
- "sbcs x6, x6, x10\n\t"
- "stp x5, x6, [%[r], 48]\n\t"
- "ldp x3, x4, [%[a], 64]\n\t"
- "ldp x7, x8, [%[b], 64]\n\t"
- "sbcs x3, x3, x7\n\t"
- "ldp x5, x6, [%[a], 80]\n\t"
- "sbcs x4, x4, x8\n\t"
- "ldp x9, x10, [%[b], 80]\n\t"
- "sbcs x5, x5, x9\n\t"
- "stp x3, x4, [%[r], 64]\n\t"
- "sbcs x6, x6, x10\n\t"
- "stp x5, x6, [%[r], 80]\n\t"
- "ldp x3, x4, [%[a], 96]\n\t"
- "ldp x7, x8, [%[b], 96]\n\t"
- "sbcs x3, x3, x7\n\t"
- "ldp x5, x6, [%[a], 112]\n\t"
- "sbcs x4, x4, x8\n\t"
- "ldp x9, x10, [%[b], 112]\n\t"
- "sbcs x5, x5, x9\n\t"
- "stp x3, x4, [%[r], 96]\n\t"
- "sbcs x6, x6, x10\n\t"
- "stp x5, x6, [%[r], 112]\n\t"
- "csetm %[r], cc\n\t"
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
- );
-
- return (sp_digit)r;
+ sp_1024_mont_div2_16(y, y, p1024_mod);
}
-#endif /* WOLFSSL_SP_SMALL */
/* Compare two numbers to determine if they are equal.
* Constant time implementation.
*
@@ -116458,12 +117243,12 @@ static int sp_1024_iszero_16(const sp_digit* a)
static void sp_1024_proj_point_add_16(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*16;
- sp_digit* t3 = t + 4*16;
- sp_digit* t4 = t + 6*16;
- sp_digit* t5 = t + 8*16;
- sp_digit* t6 = t + 10*16;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*16;
+ sp_digit* t2 = t + 4*16;
+ sp_digit* t3 = t + 6*16;
+ sp_digit* t4 = t + 8*16;
+ sp_digit* t5 = t + 10*16;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -116485,17 +117270,9 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
sp_1024_proj_point_dbl_16(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
@@ -116514,20 +117291,31 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
sp_1024_mont_dbl_16(t3, y, p1024_mod);
sp_1024_mont_sub_16(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+ sp_1024_mont_sub_16(y, y, x, p1024_mod);
sp_1024_mont_mul_16(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(y, y, t5, p1024_mod);
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -116573,12 +117361,12 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*16;
- ctx->t3 = t + 4*16;
- ctx->t4 = t + 6*16;
- ctx->t5 = t + 8*16;
- ctx->t6 = t + 10*16;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*16;
+ ctx->t2 = t + 4*16;
+ ctx->t3 = t + 6*16;
+ ctx->t4 = t + 8*16;
+ ctx->t5 = t + 10*16;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -116685,7 +117473,7 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -116698,22 +117486,28 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -116772,7 +117566,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -116782,8 +117576,8 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
sp_1024_mont_dbl_16(t2, b, p1024_mod);
sp_1024_mont_sub_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
z = r[j].z;
@@ -116797,7 +117591,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(y, y, t1, p1024_mod);
/* Y = Y/2 */
- sp_1024_div2_16(r[j].y, y, p1024_mod);
+ sp_1024_mont_div2_16(r[j].y, y, p1024_mod);
r[j].infinity = 0;
}
}
@@ -116871,8 +117665,8 @@ static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra,
sp_1024_mont_sub_16(xs, xs, t1, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_1024_mont_sub_lower_16(ys, ya, xs, p1024_mod);
- sp_1024_mont_sub_lower_16(ya, ya, xa, p1024_mod);
+ sp_1024_mont_sub_16(ys, ya, xs, p1024_mod);
+ sp_1024_mont_sub_16(ya, ya, xa, p1024_mod);
sp_1024_mont_mul_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t6, p1024_mod, t6, p1024_mod);
sp_1024_mont_mul_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -117000,7 +117794,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_10
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
+ t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
(65+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -117129,12 +117923,12 @@ typedef struct sp_table_entry_1024 {
static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*16;
- sp_digit* t3 = t + 4*16;
- sp_digit* t4 = t + 6*16;
- sp_digit* t5 = t + 8*16;
- sp_digit* t6 = t + 10*16;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*16;
+ sp_digit* t6 = t + 4*16;
+ sp_digit* t1 = t + 6*16;
+ sp_digit* t4 = t + 8*16;
+ sp_digit* t5 = t + 10*16;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -117150,13 +117944,9 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
sp_1024_proj_point_dbl_16(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_16(t2, t2, p->x, p1024_mod);
@@ -117165,33 +117955,40 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_16(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_16(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_16(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_16(t1, t3, p1024_mod);
- sp_1024_mont_sub_16(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_16(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_16(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_16(t5, t3, p1024_mod);
+ sp_1024_mont_sub_16(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_16(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_16(t3, t3, x, p1024_mod);
sp_1024_mont_mul_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_16(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_16(y, t3, t5, p1024_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_1024_mont_mul_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_16(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -117443,7 +118240,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -117514,8 +118311,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
@@ -121031,7 +121828,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -121053,7 +121850,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -121269,7 +122066,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -121295,7 +122092,7 @@ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py,
sp_1024_mont_add_16(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -123060,7 +123857,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -123175,7 +123972,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_16(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_16(t1, ty, p1024_mod);
+ sp_1024_mont_div2_16(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -123195,7 +123992,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_16(t1, t1, p1024_mod);
+ sp_1024_mont_div2_16(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -123613,7 +124410,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_16(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_16(t1, ty, p1024_mod);
+ sp_1024_mont_div2_16(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -123651,7 +124448,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_16(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_16(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -124443,7 +125240,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
"subs x6, %[n], 8\n\t"
"mov x7, xzr\n\t"
"blt 2f\n\t"
- /* Put in mulitples of 8 bytes. */
+ /* Put in multiples of 8 bytes. */
"1:\n\t"
"ldr x8, [x4], -8\n\t"
"subs x6, x6, 8\n\t"
@@ -124537,7 +125334,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
);
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -124566,19 +125363,21 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 16;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_16(t1, point->y);
(void)sp_1024_mod_16(t1, t1, p1024_mod);
sp_1024_sqr_16(t2, point->x);
(void)sp_1024_mod_16(t2, t2, p1024_mod);
sp_1024_mul_16(t2, t2, point->x);
(void)sp_1024_mod_16(t2, t2, p1024_mod);
- (void)sp_1024_sub_16(t2, p1024_mod, t2);
- sp_1024_mont_add_16(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_16(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_16(t1, p1024_mod);
sp_1024_cond_sub_16(t1, t1, p1024_mod, ~(n >> 63));
sp_1024_norm_16(t1);
@@ -124595,7 +125394,7 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c
index 2861ef4c..c73f69ab 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c
@@ -52,6 +52,16 @@
#include <wolfssl/wolfcrypt/sp.h>
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif
+
#ifdef WOLFSSL_SP_ARM_THUMB_ASM
#define SP_PRINT_NUM(var, name, total, words, bits) \
do { \
@@ -118,14 +128,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -469,7 +479,7 @@ SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -9425,7 +9435,7 @@ SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
}
@@ -9516,7 +9526,7 @@ SP_NOINLINE static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -9604,7 +9614,7 @@ SP_NOINLINE static sp_digit sp_2048_add_word_8(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -9769,7 +9779,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -9928,7 +9938,7 @@ SP_NOINLINE static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -10143,7 +10153,7 @@ SP_NOINLINE static sp_digit sp_2048_add_word_16(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -10452,7 +10462,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -10747,7 +10757,7 @@ SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -11094,7 +11104,7 @@ SP_NOINLINE static sp_digit sp_2048_add_word_32(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -11691,7 +11701,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -12258,7 +12268,7 @@ SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -12750,7 +12760,7 @@ SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -19265,7 +19275,7 @@ SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
"stm %[r]!, {r2, r3, r4, r5}\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -19355,7 +19365,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -19548,7 +19558,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -19877,7 +19887,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -19993,7 +20003,7 @@ SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -20072,7 +20082,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -20327,7 +20337,7 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -20777,7 +20787,7 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -20869,7 +20879,7 @@ SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -20942,7 +20952,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -21187,7 +21197,7 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -21622,14 +21632,14 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -21836,7 +21846,7 @@ SP_NOINLINE static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -21913,11 +21923,12 @@ SP_NOINLINE static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
+#define sp_2048_mont_reduce_order_64 sp_2048_mont_reduce_64
/* Reduce the number back to 2048 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -22980,7 +22991,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -22991,7 +23002,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -23005,7 +23016,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -23196,7 +23207,7 @@ SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -23811,7 +23822,7 @@ SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -23920,7 +23931,7 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -23934,8 +23945,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -24386,11 +24397,12 @@ SP_NOINLINE static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
+#define sp_2048_mont_reduce_order_64 sp_2048_mont_reduce_64
/* Reduce the number back to 2048 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -26007,7 +26019,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -26018,7 +26030,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -26032,7 +26044,7 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -26110,7 +26122,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -26677,7 +26689,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -27294,7 +27306,7 @@ SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -27308,8 +27320,8 @@ SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -27507,7 +27519,7 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -27521,8 +27533,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -28096,7 +28108,7 @@ SP_NOINLINE static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -30002,7 +30014,7 @@ static void sp_2048_lshift_64(sp_digit* r, const sp_digit* a, byte n)
"str r5, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -30304,14 +30316,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -30655,7 +30667,7 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -50837,7 +50849,7 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
}
@@ -50962,7 +50974,7 @@ SP_NOINLINE static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -51082,7 +51094,7 @@ SP_NOINLINE static sp_digit sp_3072_add_word_12(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -51319,7 +51331,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -51546,7 +51558,7 @@ SP_NOINLINE static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -51829,7 +51841,7 @@ SP_NOINLINE static sp_digit sp_3072_add_word_24(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -52282,7 +52294,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -52713,7 +52725,7 @@ SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -53188,7 +53200,7 @@ SP_NOINLINE static sp_digit sp_3072_add_word_48(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -54073,7 +54085,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -54912,7 +54924,7 @@ SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -55404,7 +55416,7 @@ SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -70175,7 +70187,7 @@ SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
"stm %[r]!, {r2, r3, r4, r5}\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -70299,7 +70311,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -70560,7 +70572,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -71025,7 +71037,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -71141,7 +71153,7 @@ SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -71220,7 +71232,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -71485,7 +71497,7 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -71950,7 +71962,7 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -72042,7 +72054,7 @@ SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -72115,7 +72127,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -72365,7 +72377,7 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -72810,14 +72822,14 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -73024,7 +73036,7 @@ SP_NOINLINE static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -73101,11 +73113,12 @@ SP_NOINLINE static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
+#define sp_3072_mont_reduce_order_96 sp_3072_mont_reduce_96
/* Reduce the number back to 3072 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -74440,7 +74453,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -74451,7 +74464,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -74465,7 +74478,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -74656,7 +74669,7 @@ SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -75271,7 +75284,7 @@ SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -75380,7 +75393,7 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -75394,8 +75407,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[96], t2[49];
sp_digit div, r1;
@@ -75846,11 +75859,12 @@ SP_NOINLINE static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
+#define sp_3072_mont_reduce_order_96 sp_3072_mont_reduce_96
/* Reduce the number back to 3072 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -78021,7 +78035,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -78032,7 +78046,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -78046,7 +78060,7 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -78124,7 +78138,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -78963,7 +78977,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -79580,7 +79594,7 @@ SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -79594,8 +79608,8 @@ SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[192], t2[97];
sp_digit div, r1;
@@ -79798,7 +79812,7 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -79812,8 +79826,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[192], t2[97];
sp_digit div, r1;
@@ -80387,7 +80401,7 @@ SP_NOINLINE static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -83091,7 +83105,7 @@ static void sp_3072_lshift_96(sp_digit* r, const sp_digit* a, byte n)
"str r3, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -83393,14 +83407,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -84036,7 +84050,7 @@ SP_NOINLINE static sp_digit sp_4096_add_word_64(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -85209,7 +85223,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -86320,7 +86334,7 @@ SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -86473,7 +86487,7 @@ SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -86552,7 +86566,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -86817,7 +86831,7 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -87282,12 +87296,12 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -87494,7 +87508,7 @@ SP_NOINLINE static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -87577,11 +87591,12 @@ SP_NOINLINE static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
+#define sp_4096_mont_reduce_order_128 sp_4096_mont_reduce_128
/* Reduce the number back to 4096 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -90296,7 +90311,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -90307,7 +90322,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -90321,7 +90336,7 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -90399,7 +90414,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -91510,7 +91525,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -92127,7 +92142,7 @@ SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -92141,8 +92156,8 @@ SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[256], t2[129];
sp_digit div, r1;
@@ -92346,7 +92361,7 @@ SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -92360,8 +92375,8 @@ SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[256], t2[129];
sp_digit div, r1;
@@ -92940,7 +92955,7 @@ SP_NOINLINE static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -96432,7 +96447,7 @@ static void sp_4096_lshift_128(sp_digit* r, const sp_digit* a, byte n)
"str r4, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -96956,7 +96971,7 @@ SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -97381,7 +97396,7 @@ SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -97454,7 +97469,7 @@ SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -97546,167 +97561,7 @@ SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "movs r6, %[a]\n\t"
- "movs r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r6, r6, #32\n\t"
-#else
- "add r6, r6, #32\n\t"
-#endif
- "\n"
- "L_sp_256_sub_8_word_%=:\n\t"
- "movs r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r5, r5, r3\n\t"
-#else
- "sub r5, r5, r3\n\t"
-#endif
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r5\n\t"
-#elif defined(__clang__)
- "sbcs r4, r5\n\t"
-#else
- "sbc r4, r5\n\t"
-#endif
- "str r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r3\n\t"
-#elif defined(__clang__)
- "sbcs r3, r3\n\t"
-#else
- "sbc r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[a], %[a], #4\n\t"
-#else
- "add %[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[b], %[b], #4\n\t"
-#else
- "add %[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[r], %[r], #4\n\t"
-#else
- "add %[r], %[r], #4\n\t"
-#endif
- "cmp %[a], r6\n\t"
- "bne L_sp_256_sub_8_word_%=\n\t"
- "movs %[r], r3\n\t"
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r3, r3, r5\n\t"
-#else
- "sub r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs %[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
- "sbcs %[r], %[r]\n\t"
-#else
- "sbc %[r], %[r]\n\t"
-#endif
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -97805,14 +97660,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -97990,69 +97845,6 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
return err;
}
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r A single precision number representing condition subtract result.
- * a A single precision number to subtract from.
- * b A single precision number to subtract.
- * m Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
-{
- __asm__ __volatile__ (
- "movs r4, #0\n\t"
- "movs r5, #32\n\t"
- "mov r8, r5\n\t"
- "movs r7, #0\n\t"
- "\n"
- "L_sp_256_cond_sub_8_words_%=:\n\t"
- "ldr r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
- "ands r6, r6, %[m]\n\t"
-#elif defined(__clang__)
- "ands r6, %[m]\n\t"
-#else
- "and r6, %[m]\n\t"
-#endif
- "movs r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r5, r5, r4\n\t"
-#else
- "sub r5, r5, r4\n\t"
-#endif
- "ldr r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r5, r5, r6\n\t"
-#elif defined(__clang__)
- "sbcs r5, r6\n\t"
-#else
- "sbc r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r4\n\t"
-#elif defined(__clang__)
- "sbcs r4, r4\n\t"
-#else
- "sbc r4, r4\n\t"
-#endif
- "str r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r7, r7, #4\n\t"
-#else
- "add r7, r7, #4\n\t"
-#endif
- "cmp r7, r8\n\t"
- "blt L_sp_256_cond_sub_8_words_%=\n\t"
- "movs %[r], r4\n\t"
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
- :
- : "memory", "r4", "r5", "r6", "r7", "r8"
- );
- return (uint32_t)(size_t)r;
-}
-
/* Reduce the number back to 256 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -98369,7 +98161,7 @@ SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m,
"str r7, [%[a], #28]\n\t"
: [a] "+l" (a)
:
- : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -99027,7 +98819,7 @@ SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -99038,7 +98830,7 @@ SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -99052,7 +98844,7 @@ SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -99068,10 +98860,10 @@ SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_8(r, a, m, mp);
for (; n > 1; n--) {
@@ -99261,7 +99053,7 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -99272,6 +99064,69 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
*/
#define sp_256_norm_8(a)
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, sp_digit m)
+{
+ __asm__ __volatile__ (
+ "movs r4, #0\n\t"
+ "movs r5, #32\n\t"
+ "mov r8, r5\n\t"
+ "movs r7, #0\n\t"
+ "\n"
+ "L_sp_256_cond_sub_8_words_%=:\n\t"
+ "ldr r6, [%[b], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+ "ands r6, r6, %[m]\n\t"
+#elif defined(__clang__)
+ "ands r6, %[m]\n\t"
+#else
+ "and r6, %[m]\n\t"
+#endif
+ "movs r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r5, r5, r4\n\t"
+#else
+ "sub r5, r5, r4\n\t"
+#endif
+ "ldr r5, [%[a], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r5, r5, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r5, r6\n\t"
+#else
+ "sbc r5, r6\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r4\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r4\n\t"
+#else
+ "sbc r4, r4\n\t"
+#endif
+ "str r5, [%[r], r7]\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds r7, r7, #4\n\t"
+#else
+ "add r7, r7, #4\n\t"
+#endif
+ "cmp r7, r8\n\t"
+ "blt L_sp_256_cond_sub_8_words_%=\n\t"
+ "movs %[r], r4\n\t"
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
/* Map the Montgomery form projective coordinate point to an affine point.
*
* r Resulting affine coordinate point.
@@ -99494,7 +99349,7 @@ SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #28]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
}
@@ -99671,7 +99526,7 @@ SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #28]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
}
@@ -100004,7 +99859,7 @@ SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a,
"str r2, [%[r], #28]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -100183,18 +100038,17 @@ SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #28]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
}
-#define sp_256_mont_sub_lower_8 sp_256_mont_sub_8
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
*
* r Result of division by 2.
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_256_div2_8(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r, const sp_digit* a,
const sp_digit* m)
{
(void)m;
@@ -100457,7 +100311,7 @@ SP_NOINLINE static void sp_256_div2_8(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
);
}
@@ -100505,7 +100359,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_8(t2, t2, p256_mod);
+ sp_256_mont_div2_8(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
@@ -100515,7 +100369,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
/* X = X - Y */
sp_256_mont_sub_8(x, x, y, p256_mod);
/* Y = Y - X */
- sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+ sp_256_mont_sub_8(y, y, x, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -100538,7 +100392,8 @@ typedef struct sp_256_proj_point_dbl_8_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
@@ -100612,7 +100467,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_8(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -100637,7 +100492,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 16:
/* Y = Y - X */
- sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -100698,12 +100553,12 @@ static int sp_256_iszero_8(const sp_digit* a)
static void sp_256_proj_point_add_8(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*8;
- sp_digit* t3 = t + 4*8;
- sp_digit* t4 = t + 6*8;
- sp_digit* t5 = t + 8*8;
- sp_digit* t6 = t + 10*8;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*8;
+ sp_digit* t2 = t + 4*8;
+ sp_digit* t3 = t + 6*8;
+ sp_digit* t4 = t + 8*8;
+ sp_digit* t5 = t + 10*8;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
@@ -100725,17 +100580,9 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
sp_256_proj_point_dbl_8(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_8(t2, t2, t1, p256_mod);
@@ -100754,20 +100601,31 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
sp_256_mont_dbl_8(t3, y, p256_mod);
sp_256_mont_sub_8(x, x, t3, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+ sp_256_mont_sub_8(y, y, x, p256_mod);
sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(y, y, t5, p256_mod);
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -100813,12 +100671,12 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*8;
- ctx->t3 = t + 4*8;
- ctx->t4 = t + 6*8;
- ctx->t5 = t + 8*8;
- ctx->t6 = t + 10*8;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*8;
+ ctx->t2 = t + 4*8;
+ ctx->t3 = t + 6*8;
+ ctx->t4 = t + 8*8;
+ ctx->t5 = t + 10*8;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -100925,7 +100783,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -100938,22 +100796,28 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -100973,7 +100837,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
@@ -101225,8 +101089,6 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
}
#ifdef FP_ECC
-#define sp_256_mont_dbl_lower_8 sp_256_mont_dbl_8
-#define sp_256_mont_tpl_lower_8 sp_256_mont_tpl_8
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -101265,7 +101127,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+ sp_256_mont_tpl_8(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -101274,8 +101136,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_dbl_8(t2, b, p256_mod);
sp_256_mont_sub_8(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+ sp_256_mont_sub_8(t2, b, x, p256_mod);
+ sp_256_mont_dbl_8(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -101295,7 +101157,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+ sp_256_mont_tpl_8(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -101304,8 +101166,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_dbl_8(t2, b, p256_mod);
sp_256_mont_sub_8(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+ sp_256_mont_sub_8(t2, b, x, p256_mod);
+ sp_256_mont_dbl_8(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -101315,7 +101177,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_sub_8(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_8(y, y, p256_mod);
+ sp_256_mont_div2_8(y, y, p256_mod);
}
/* Convert the projective point to affine.
@@ -101361,12 +101223,12 @@ typedef struct sp_table_entry_256 {
static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*8;
- sp_digit* t3 = t + 4*8;
- sp_digit* t4 = t + 6*8;
- sp_digit* t5 = t + 8*8;
- sp_digit* t6 = t + 10*8;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*8;
+ sp_digit* t6 = t + 4*8;
+ sp_digit* t1 = t + 6*8;
+ sp_digit* t4 = t + 8*8;
+ sp_digit* t5 = t + 10*8;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -101382,13 +101244,9 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
sp_256_proj_point_dbl_8(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
@@ -101397,33 +101255,40 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_8(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_8(x, t1, t5, p256_mod);
- sp_256_mont_dbl_8(t1, t3, p256_mod);
- sp_256_mont_sub_8(x, x, t1, p256_mod);
+ sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_8(t2, t2, t1, p256_mod);
+ sp_256_mont_dbl_8(t5, t3, p256_mod);
+ sp_256_mont_sub_8(x, t2, t5, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_8(t3, t3, x, p256_mod);
+ sp_256_mont_sub_8(t3, t3, x, p256_mod);
sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_8(y, t3, t5, p256_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_8(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -101524,7 +101389,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_16_8(sp_point_256* r,
@@ -101719,7 +101584,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -101790,8 +101655,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -101944,7 +101809,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_256_8(sp_point_256* r,
@@ -102139,7 +102004,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -102210,8 +102075,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -102328,7 +102193,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -102339,7 +102204,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -103877,7 +103742,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -103899,7 +103764,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -104035,7 +103900,7 @@ SP_NOINLINE static void sp_256_add_one_8(sp_digit* a)
"str r1, [%[a], #28]\n\t"
: [a] "+l" (a)
:
- : "memory", "r1", "r2"
+ : "memory", "r1", "r2", "cc"
);
}
@@ -104130,7 +103995,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -104138,7 +104003,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -104475,7 +104340,7 @@ SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -104569,7 +104434,7 @@ SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -104757,7 +104622,7 @@ SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -105372,7 +105237,7 @@ SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -105412,8 +105277,8 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[16], t2[9];
sp_digit div, r1;
@@ -105598,7 +105463,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
sp_256_mont_sqr_n_order_8(t2, t3, 4);
/* t = a^ff = t2 * t3 */
sp_256_mont_mul_order_8(t, t2, t3);
- /* t3= a^ff00 = t ^ 2 ^ 8 */
+ /* t2= a^ff00 = t ^ 2 ^ 8 */
sp_256_mont_sqr_n_order_8(t2, t, 8);
/* t = a^ffff = t2 * t */
sp_256_mont_mul_order_8(t, t2, t);
@@ -105615,7 +105480,11 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
/* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
sp_256_mont_mul_order_8(t2, t2, t);
/* t2= a^ffffffff00000000ffffffffffffffffbce6 */
- for (i=127; i>=112; i--) {
+ sp_256_mont_sqr_order_8(t2, t2);
+ sp_256_mont_mul_order_8(t2, t2, a);
+ sp_256_mont_sqr_n_order_8(t2, t2, 5);
+ sp_256_mont_mul_order_8(t2, t2, t3);
+ for (i=121; i>=112; i--) {
sp_256_mont_sqr_order_8(t2, t2);
if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
sp_256_mont_mul_order_8(t2, t2, a);
@@ -106020,6 +105889,166 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
#endif /* HAVE_ECC_SIGN */
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
+{
+ __asm__ __volatile__ (
+ "movs r6, %[a]\n\t"
+ "movs r3, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds r6, r6, #32\n\t"
+#else
+ "add r6, r6, #32\n\t"
+#endif
+ "\n"
+ "L_sp_256_sub_8_word_%=:\n\t"
+ "movs r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r5, r5, r3\n\t"
+#else
+ "sub r5, r5, r3\n\t"
+#endif
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[b]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r5\n\t"
+#else
+ "sbc r4, r5\n\t"
+#endif
+ "str r4, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r3\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r3\n\t"
+#else
+ "sbc r3, r3\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[a], %[a], #4\n\t"
+#else
+ "add %[a], %[a], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[b], %[b], #4\n\t"
+#else
+ "add %[b], %[b], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[r], %[r], #4\n\t"
+#else
+ "add %[r], %[r], #4\n\t"
+#endif
+ "cmp %[a], r6\n\t"
+ "bne L_sp_256_sub_8_word_%=\n\t"
+ "movs %[r], r3\n\t"
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
+{
+ __asm__ __volatile__ (
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r3, r3, r5\n\t"
+#else
+ "sub r3, r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs %[r], %[r], %[r]\n\t"
+#elif defined(__clang__)
+ "sbcs %[r], %[r]\n\t"
+#else
+ "sbc %[r], %[r]\n\t"
+#endif
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
/* Right shift a by 1 bit into r. (r = a >> 1)
*
* r A single precision integer.
@@ -106170,7 +106199,7 @@ static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
"str r3, [%[r], #28]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
}
@@ -106441,7 +106470,7 @@ static void sp_256_div2_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
"str r6, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -107196,7 +107225,7 @@ static int sp_256_num_bits_8(sp_digit* a)
"movs %[a], r2\n\t"
: [a] "+l" (a), [table] "+l" (table)
:
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -107244,7 +107273,7 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_256_cmp_8(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
sp_256_sub_8(u, u, v);
o = sp_256_sub_8(b, b, d);
if (o != 0)
@@ -107321,7 +107350,7 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -107645,7 +107674,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -107673,19 +107702,21 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 8;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_8(t1, point->y);
(void)sp_256_mod_8(t1, t1, p256_mod);
sp_256_sqr_8(t2, point->x);
(void)sp_256_mod_8(t2, t2, p256_mod);
sp_256_mul_8(t2, t2, point->x);
(void)sp_256_mod_8(t2, t2, p256_mod);
- (void)sp_256_sub_8(t2, p256_mod, t2);
- sp_256_mont_add_8(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_8(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_8(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -107699,7 +107730,7 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -108522,7 +108553,7 @@ SP_NOINLINE static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -108947,7 +108978,7 @@ SP_NOINLINE static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -109020,7 +109051,7 @@ SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -109146,201 +109177,7 @@ SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "movs r6, %[a]\n\t"
- "movs r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r6, r6, #48\n\t"
-#else
- "add r6, r6, #48\n\t"
-#endif
- "\n"
- "L_sp_384_sub_12_word_%=:\n\t"
- "movs r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r5, r5, r3\n\t"
-#else
- "sub r5, r5, r3\n\t"
-#endif
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r5\n\t"
-#elif defined(__clang__)
- "sbcs r4, r5\n\t"
-#else
- "sbc r4, r5\n\t"
-#endif
- "str r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r3\n\t"
-#elif defined(__clang__)
- "sbcs r3, r3\n\t"
-#else
- "sbc r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[a], %[a], #4\n\t"
-#else
- "add %[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[b], %[b], #4\n\t"
-#else
- "add %[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[r], %[r], #4\n\t"
-#else
- "add %[r], %[r], #4\n\t"
-#endif
- "cmp %[a], r6\n\t"
- "bne L_sp_384_sub_12_word_%=\n\t"
- "movs %[r], r3\n\t"
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r3, r3, r5\n\t"
-#else
- "sub r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs %[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
- "sbcs %[r], %[r]\n\t"
-#else
- "sbc %[r], %[r]\n\t"
-#endif
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -109458,14 +109295,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -109701,7 +109538,7 @@ SP_NOINLINE static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -110430,7 +110267,7 @@ SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -110441,7 +110278,7 @@ SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -110455,7 +110292,7 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -110471,10 +110308,10 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_12(r, a, m, mp);
for (; n > 1; n--) {
@@ -110680,7 +110517,7 @@ SP_NOINLINE static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -110779,6 +110616,200 @@ SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a,
sp_384_cond_sub_12(r, r, m, 0 - o);
}
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
+{
+ __asm__ __volatile__ (
+ "movs r6, %[a]\n\t"
+ "movs r3, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds r6, r6, #48\n\t"
+#else
+ "add r6, r6, #48\n\t"
+#endif
+ "\n"
+ "L_sp_384_sub_12_word_%=:\n\t"
+ "movs r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r5, r5, r3\n\t"
+#else
+ "sub r5, r5, r3\n\t"
+#endif
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[b]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r5\n\t"
+#else
+ "sbc r4, r5\n\t"
+#endif
+ "str r4, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r3\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r3\n\t"
+#else
+ "sbc r3, r3\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[a], %[a], #4\n\t"
+#else
+ "add %[a], %[a], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[b], %[b], #4\n\t"
+#else
+ "add %[b], %[b], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[r], %[r], #4\n\t"
+#else
+ "add %[r], %[r], #4\n\t"
+#endif
+ "cmp %[a], r6\n\t"
+ "bne L_sp_384_sub_12_word_%=\n\t"
+ "movs %[r], r3\n\t"
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
+{
+ __asm__ __volatile__ (
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r3, r3, r5\n\t"
+#else
+ "sub r3, r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs %[r], %[r], %[r]\n\t"
+#elif defined(__clang__)
+ "sbcs %[r], %[r]\n\t"
+#else
+ "sbc %[r], %[r]\n\t"
+#endif
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -110843,7 +110874,7 @@ SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -110864,7 +110895,6 @@ SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a,
sp_384_cond_add_12(r, r, m, o);
}
-#define sp_384_mont_sub_lower_12 sp_384_mont_sub_12
/* Right shift a by 1 bit into r. (r = a >> 1)
*
* r A single precision integer.
@@ -111091,7 +111121,7 @@ static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
"str r4, [%[r], #44]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
}
@@ -111101,7 +111131,7 @@ static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_384_div2_12(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a,
const sp_digit* m)
{
sp_digit o;
@@ -111155,7 +111185,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_12(t2, t2, p384_mod);
+ sp_384_mont_div2_12(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -111165,7 +111195,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_12(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+ sp_384_mont_sub_12(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -111188,7 +111218,8 @@ typedef struct sp_384_proj_point_dbl_12_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
@@ -111262,7 +111293,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_12(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -111287,7 +111318,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -111350,12 +111381,12 @@ static int sp_384_iszero_12(const sp_digit* a)
static void sp_384_proj_point_add_12(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*12;
- sp_digit* t3 = t + 4*12;
- sp_digit* t4 = t + 6*12;
- sp_digit* t5 = t + 8*12;
- sp_digit* t6 = t + 10*12;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*12;
+ sp_digit* t2 = t + 4*12;
+ sp_digit* t3 = t + 6*12;
+ sp_digit* t4 = t + 8*12;
+ sp_digit* t5 = t + 10*12;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
@@ -111377,17 +111408,9 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
sp_384_proj_point_dbl_12(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_12(t2, t2, t1, p384_mod);
@@ -111406,20 +111429,31 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
sp_384_mont_dbl_12(t3, y, p384_mod);
sp_384_mont_sub_12(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+ sp_384_mont_sub_12(y, y, x, p384_mod);
sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(y, y, t5, p384_mod);
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -111465,12 +111499,12 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*12;
- ctx->t3 = t + 4*12;
- ctx->t4 = t + 6*12;
- ctx->t5 = t + 8*12;
- ctx->t6 = t + 10*12;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*12;
+ ctx->t2 = t + 4*12;
+ ctx->t3 = t + 6*12;
+ ctx->t4 = t + 8*12;
+ ctx->t5 = t + 10*12;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -111577,7 +111611,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -111590,22 +111624,28 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -111625,7 +111665,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
@@ -111901,8 +111941,6 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
}
#ifdef FP_ECC
-#define sp_384_mont_dbl_lower_12 sp_384_mont_dbl_12
-#define sp_384_mont_tpl_lower_12 sp_384_mont_tpl_12
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -111941,7 +111979,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+ sp_384_mont_tpl_12(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -111950,8 +111988,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_dbl_12(t2, b, p384_mod);
sp_384_mont_sub_12(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+ sp_384_mont_sub_12(t2, b, x, p384_mod);
+ sp_384_mont_dbl_12(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -111971,7 +112009,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+ sp_384_mont_tpl_12(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -111980,8 +112018,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_dbl_12(t2, b, p384_mod);
sp_384_mont_sub_12(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+ sp_384_mont_sub_12(t2, b, x, p384_mod);
+ sp_384_mont_dbl_12(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -111991,7 +112029,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_sub_12(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_12(y, y, p384_mod);
+ sp_384_mont_div2_12(y, y, p384_mod);
}
/* Convert the projective point to affine.
@@ -112037,12 +112075,12 @@ typedef struct sp_table_entry_384 {
static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*12;
- sp_digit* t3 = t + 4*12;
- sp_digit* t4 = t + 6*12;
- sp_digit* t5 = t + 8*12;
- sp_digit* t6 = t + 10*12;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*12;
+ sp_digit* t6 = t + 4*12;
+ sp_digit* t1 = t + 6*12;
+ sp_digit* t4 = t + 8*12;
+ sp_digit* t5 = t + 10*12;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -112058,13 +112096,9 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
sp_384_proj_point_dbl_12(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
@@ -112073,33 +112107,40 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_12(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_12(x, t1, t5, p384_mod);
- sp_384_mont_dbl_12(t1, t3, p384_mod);
- sp_384_mont_sub_12(x, x, t1, p384_mod);
+ sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_12(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_12(t5, t3, p384_mod);
+ sp_384_mont_sub_12(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_12(t3, t3, x, p384_mod);
+ sp_384_mont_sub_12(t3, t3, x, p384_mod);
sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_12(y, t3, t5, p384_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_12(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -112200,7 +112241,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_16_12(sp_point_384* r,
@@ -112411,7 +112452,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -112482,8 +112523,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -112636,7 +112677,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_256_12(sp_point_384* r,
@@ -112847,7 +112888,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -112918,8 +112959,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -113036,7 +113077,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -113047,7 +113088,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -114585,7 +114626,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -114607,7 +114648,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -114779,7 +114820,7 @@ SP_NOINLINE static void sp_384_add_one_12(sp_digit* a)
"str r1, [%[a], #44]\n\t"
: [a] "+l" (a)
:
- : "memory", "r1", "r2"
+ : "memory", "r1", "r2", "cc"
);
}
@@ -114874,7 +114915,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -114882,7 +114923,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -115219,7 +115260,7 @@ SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -115349,7 +115390,7 @@ SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -115537,7 +115578,7 @@ SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -116152,7 +116193,7 @@ SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -116196,8 +116237,8 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[24], t2[13];
sp_digit div, r1;
@@ -117177,7 +117218,7 @@ static void sp_384_div2_mod_12(sp_digit* r, const sp_digit* a,
"str r7, [%[r], #44]\n\t"
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -118376,7 +118417,7 @@ static int sp_384_num_bits_12(sp_digit* a)
"movs %[a], r2\n\t"
: [a] "+l" (a), [table] "+l" (table)
:
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -118424,7 +118465,7 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_384_cmp_12(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
sp_384_sub_12(u, u, v);
o = sp_384_sub_12(b, b, d);
if (o != 0)
@@ -118505,7 +118546,7 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -118829,7 +118870,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -118857,19 +118898,21 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 12;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_12(t1, point->y);
(void)sp_384_mod_12(t1, t1, p384_mod);
sp_384_sqr_12(t2, point->x);
(void)sp_384_mod_12(t2, t2, p384_mod);
sp_384_mul_12(t2, t2, point->x);
(void)sp_384_mod_12(t2, t2, p384_mod);
- (void)sp_384_sub_12(t2, p384_mod, t2);
- sp_384_mont_add_12(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_12(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_12(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -118883,7 +118926,7 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -119748,7 +119791,7 @@ SP_NOINLINE static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -120173,7 +120216,7 @@ SP_NOINLINE static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -120246,7 +120289,7 @@ SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -120416,245 +120459,7 @@ SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "movs r6, %[a]\n\t"
- "movs r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r6, r6, #0x44\n\t"
-#else
- "add r6, r6, #0x44\n\t"
-#endif
- "\n"
- "L_sp_521_sub_17_word_%=:\n\t"
- "movs r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r5, r5, r3\n\t"
-#else
- "sub r5, r5, r3\n\t"
-#endif
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r5\n\t"
-#elif defined(__clang__)
- "sbcs r4, r5\n\t"
-#else
- "sbc r4, r5\n\t"
-#endif
- "str r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r3\n\t"
-#elif defined(__clang__)
- "sbcs r3, r3\n\t"
-#else
- "sbc r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[a], %[a], #4\n\t"
-#else
- "add %[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[b], %[b], #4\n\t"
-#else
- "add %[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[r], %[r], #4\n\t"
-#else
- "add %[r], %[r], #4\n\t"
-#endif
- "cmp %[a], r6\n\t"
- "bne L_sp_521_sub_17_word_%=\n\t"
- "movs %[r], r3\n\t"
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r3, r3, r5\n\t"
-#else
- "sub r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r3, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
- "str r3, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs %[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
- "sbcs %[r], %[r]\n\t"
-#else
- "sbc %[r], %[r]\n\t"
-#endif
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -120688,14 +120493,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -120931,7 +120736,7 @@ SP_NOINLINE static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -121579,7 +121384,7 @@ SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m,
"add sp, sp, #0x44\n\t"
: [a] "+l" (a)
:
- : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
@@ -122746,7 +122551,7 @@ SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -122757,7 +122562,7 @@ SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -122771,7 +122576,7 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -122787,10 +122592,10 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_17(r, a, m, mp);
for (; n > 1; n--) {
@@ -122993,7 +122798,7 @@ SP_NOINLINE static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -123374,7 +123179,7 @@ SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7"
+ : "memory", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -123690,7 +123495,7 @@ SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -124168,77 +123973,8 @@ SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
- );
-}
-
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r A single precision number representing conditional add result.
- * a A single precision number to add with.
- * b A single precision number to add.
- * m Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
-{
- __asm__ __volatile__ (
- "movs r4, #0\n\t"
- "movs r5, #0x44\n\t"
- "mov r8, r5\n\t"
- "movs r7, #0\n\t"
- "\n"
- "L_sp_521_cond_add_17_words_%=:\n\t"
- "ldr r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
- "ands r6, r6, %[m]\n\t"
-#elif defined(__clang__)
- "ands r6, %[m]\n\t"
-#else
- "and r6, %[m]\n\t"
-#endif
- "movs r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r5, r5, #1\n\t"
-#else
- "sub r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r5, r5, r4\n\t"
-#else
- "add r5, r5, r4\n\t"
-#endif
- "ldr r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
- "adcs r5, r5, r6\n\t"
-#elif defined(__clang__)
- "adcs r5, r6\n\t"
-#else
- "adc r5, r6\n\t"
-#endif
- "movs r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
- "adcs r4, r4, r4\n\t"
-#elif defined(__clang__)
- "adcs r4, r4\n\t"
-#else
- "adc r4, r4\n\t"
-#endif
- "str r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r7, r7, #4\n\t"
-#else
- "add r7, r7, #4\n\t"
-#endif
- "cmp r7, r8\n\t"
- "blt L_sp_521_cond_add_17_words_%=\n\t"
- "movs %[r], r4\n\t"
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
- :
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
- return (uint32_t)(size_t)r;
}
/* Subtract two Montgomery form numbers (r = a - b % m).
@@ -124577,11 +124313,79 @@ SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7"
+ : "memory", "r4", "r5", "r6", "r7", "cc"
);
}
-#define sp_521_mont_sub_lower_17 sp_521_mont_sub_17
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r A single precision number representing conditional add result.
+ * a A single precision number to add with.
+ * b A single precision number to add.
+ * m Mask value to apply.
+ */
+SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a,
+ const sp_digit* b, sp_digit m)
+{
+ __asm__ __volatile__ (
+ "movs r4, #0\n\t"
+ "movs r5, #0x44\n\t"
+ "mov r8, r5\n\t"
+ "movs r7, #0\n\t"
+ "\n"
+ "L_sp_521_cond_add_17_words_%=:\n\t"
+ "ldr r6, [%[b], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+ "ands r6, r6, %[m]\n\t"
+#elif defined(__clang__)
+ "ands r6, %[m]\n\t"
+#else
+ "and r6, %[m]\n\t"
+#endif
+ "movs r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r5, r5, #1\n\t"
+#else
+ "sub r5, r5, #1\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds r5, r5, r4\n\t"
+#else
+ "add r5, r5, r4\n\t"
+#endif
+ "ldr r5, [%[a], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+ "adcs r5, r5, r6\n\t"
+#elif defined(__clang__)
+ "adcs r5, r6\n\t"
+#else
+ "adc r5, r6\n\t"
+#endif
+ "movs r4, #0\n\t"
+#ifdef WOLFSSL_KEIL
+ "adcs r4, r4, r4\n\t"
+#elif defined(__clang__)
+ "adcs r4, r4\n\t"
+#else
+ "adc r4, r4\n\t"
+#endif
+ "str r5, [%[r], r7]\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds r7, r7, #4\n\t"
+#else
+ "add r7, r7, #4\n\t"
+#endif
+ "cmp r7, r8\n\t"
+ "blt L_sp_521_cond_add_17_words_%=\n\t"
+ "movs %[r], r4\n\t"
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
/* Right shift a by 1 bit into r. (r = a >> 1)
*
* r A single precision integer.
@@ -124903,7 +124707,7 @@ static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
"str r3, [%[r], #64]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
}
@@ -124913,7 +124717,7 @@ static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_521_div2_17(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a,
const sp_digit* m)
{
sp_digit o;
@@ -124967,7 +124771,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_17(t2, t2, p521_mod);
+ sp_521_mont_div2_17(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -124977,7 +124781,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_17(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+ sp_521_mont_sub_17(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -125000,7 +124804,8 @@ typedef struct sp_521_proj_point_dbl_17_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
@@ -125074,7 +124879,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_17(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -125099,7 +124904,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -125165,12 +124970,12 @@ static int sp_521_iszero_17(const sp_digit* a)
static void sp_521_proj_point_add_17(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*17;
- sp_digit* t3 = t + 4*17;
- sp_digit* t4 = t + 6*17;
- sp_digit* t5 = t + 8*17;
- sp_digit* t6 = t + 10*17;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*17;
+ sp_digit* t2 = t + 4*17;
+ sp_digit* t3 = t + 6*17;
+ sp_digit* t4 = t + 8*17;
+ sp_digit* t5 = t + 10*17;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
@@ -125192,17 +124997,9 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
sp_521_proj_point_dbl_17(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_17(t2, t2, t1, p521_mod);
@@ -125221,20 +125018,31 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
sp_521_mont_dbl_17(t3, y, p521_mod);
sp_521_mont_sub_17(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+ sp_521_mont_sub_17(y, y, x, p521_mod);
sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(y, y, t5, p521_mod);
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -125280,12 +125088,12 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*17;
- ctx->t3 = t + 4*17;
- ctx->t4 = t + 6*17;
- ctx->t5 = t + 8*17;
- ctx->t6 = t + 10*17;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*17;
+ ctx->t2 = t + 4*17;
+ ctx->t3 = t + 6*17;
+ ctx->t4 = t + 8*17;
+ ctx->t5 = t + 10*17;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -125392,7 +125200,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -125405,22 +125213,28 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -125440,7 +125254,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
@@ -125750,8 +125564,6 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
}
#ifdef FP_ECC
-#define sp_521_mont_dbl_lower_17 sp_521_mont_dbl_17
-#define sp_521_mont_tpl_lower_17 sp_521_mont_tpl_17
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -125790,7 +125602,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+ sp_521_mont_tpl_17(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -125799,8 +125611,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_dbl_17(t2, b, p521_mod);
sp_521_mont_sub_17(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+ sp_521_mont_sub_17(t2, b, x, p521_mod);
+ sp_521_mont_dbl_17(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -125820,7 +125632,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+ sp_521_mont_tpl_17(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -125829,8 +125641,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_dbl_17(t2, b, p521_mod);
sp_521_mont_sub_17(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+ sp_521_mont_sub_17(t2, b, x, p521_mod);
+ sp_521_mont_dbl_17(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -125840,7 +125652,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_sub_17(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_17(y, y, p521_mod);
+ sp_521_mont_div2_17(y, y, p521_mod);
}
/* Convert the projective point to affine.
@@ -125886,12 +125698,12 @@ typedef struct sp_table_entry_521 {
static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*17;
- sp_digit* t3 = t + 4*17;
- sp_digit* t4 = t + 6*17;
- sp_digit* t5 = t + 8*17;
- sp_digit* t6 = t + 10*17;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*17;
+ sp_digit* t6 = t + 4*17;
+ sp_digit* t1 = t + 6*17;
+ sp_digit* t4 = t + 8*17;
+ sp_digit* t5 = t + 10*17;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -125907,13 +125719,9 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
sp_521_proj_point_dbl_17(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
@@ -125922,33 +125730,40 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_17(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_17(x, t1, t5, p521_mod);
- sp_521_mont_dbl_17(t1, t3, p521_mod);
- sp_521_mont_sub_17(x, x, t1, p521_mod);
+ sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_17(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_17(t5, t3, p521_mod);
+ sp_521_mont_sub_17(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_17(t3, t3, x, p521_mod);
+ sp_521_mont_sub_17(t3, t3, x, p521_mod);
sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_17(y, t3, t5, p521_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_17(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -126049,7 +125864,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_16_17(sp_point_521* r,
@@ -126280,7 +126095,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -126351,8 +126166,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -126505,7 +126320,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_256_17(sp_point_521* r,
@@ -126736,7 +126551,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -126807,8 +126622,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -126925,7 +126740,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -126936,7 +126751,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -129018,7 +128833,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -129040,7 +128855,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -129257,7 +129072,7 @@ SP_NOINLINE static void sp_521_add_one_17(sp_digit* a)
"str r1, [%[a], #64]\n\t"
: [a] "+l" (a)
:
- : "memory", "r1", "r2"
+ : "memory", "r1", "r2", "cc"
);
}
@@ -129353,7 +129168,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -129361,7 +129176,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -129977,7 +129792,7 @@ static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
"str r4, [%[r], #64]\n\t"
: [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -130404,7 +130219,7 @@ static void sp_521_lshift_17(sp_digit* r, const sp_digit* a, byte n)
"str r4, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -131265,7 +131080,7 @@ static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
"str r5, [%[r], #4]\n\t"
: [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -131336,7 +131151,7 @@ SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -131512,7 +131327,7 @@ SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -131700,7 +131515,7 @@ SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -132315,7 +132130,7 @@ SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -132360,8 +132175,8 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[35];
sp_digit t2[18];
@@ -132968,6 +132783,244 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
#endif /* HAVE_ECC_SIGN */
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
+{
+ __asm__ __volatile__ (
+ "movs r6, %[a]\n\t"
+ "movs r3, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds r6, r6, #0x44\n\t"
+#else
+ "add r6, r6, #0x44\n\t"
+#endif
+ "\n"
+ "L_sp_521_sub_17_word_%=:\n\t"
+ "movs r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r5, r5, r3\n\t"
+#else
+ "sub r5, r5, r3\n\t"
+#endif
+ "ldr r4, [%[a]]\n\t"
+ "ldr r5, [%[b]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r5\n\t"
+#else
+ "sbc r4, r5\n\t"
+#endif
+ "str r4, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r3\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r3\n\t"
+#else
+ "sbc r3, r3\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[a], %[a], #4\n\t"
+#else
+ "add %[a], %[a], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[b], %[b], #4\n\t"
+#else
+ "add %[b], %[b], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "adds %[r], %[r], #4\n\t"
+#else
+ "add %[r], %[r], #4\n\t"
+#endif
+ "cmp %[a], r6\n\t"
+ "bne L_sp_521_sub_17_word_%=\n\t"
+ "movs %[r], r3\n\t"
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
+ const sp_digit* b)
+{
+ __asm__ __volatile__ (
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+ "subs r3, r3, r5\n\t"
+#else
+ "sub r3, r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldm %[b]!, {r5, r6}\n\t"
+ "ldm %[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+ "sbcs r4, r4, r6\n\t"
+#elif defined(__clang__)
+ "sbcs r4, r6\n\t"
+#else
+ "sbc r4, r6\n\t"
+#endif
+ "stm %[r]!, {r3, r4}\n\t"
+ "ldr r5, [%[b]]\n\t"
+ "ldr r3, [%[a]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs r3, r3, r5\n\t"
+#elif defined(__clang__)
+ "sbcs r3, r5\n\t"
+#else
+ "sbc r3, r5\n\t"
+#endif
+ "str r3, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+ "sbcs %[r], %[r], %[r]\n\t"
+#elif defined(__clang__)
+ "sbcs %[r], %[r]\n\t"
+#else
+ "sbc %[r], %[r]\n\t"
+#endif
+ : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
*
* r Result of division by 2.
@@ -133525,7 +133578,7 @@ static void sp_521_div2_mod_17(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #64]\n\t"
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -135294,7 +135347,7 @@ static int sp_521_num_bits_17(sp_digit* a)
"movs %[a], r2\n\t"
: [a] "+l" (a), [table] "+l" (table)
:
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -135342,7 +135395,7 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_521_cmp_17(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
sp_521_sub_17(u, u, v);
o = sp_521_sub_17(b, b, d);
if (o != 0)
@@ -135428,7 +135481,7 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -135759,7 +135812,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -135787,19 +135840,21 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 17;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_17(t1, point->y);
(void)sp_521_mod_17(t1, t1, p521_mod);
sp_521_sqr_17(t2, point->x);
(void)sp_521_mod_17(t2, t2, p521_mod);
sp_521_mul_17(t2, t2, point->x);
(void)sp_521_mod_17(t2, t2, p521_mod);
- (void)sp_521_sub_17(t2, p521_mod, t2);
- sp_521_mont_add_17(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_17(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_17(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -135813,7 +135868,7 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -136551,7 +136606,7 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -172439,7 +172494,7 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
"stm %[r]!, {r3, r4, r5, r6}\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
}
@@ -172864,7 +172919,7 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -199219,7 +199274,7 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
"stm %[r]!, {r2, r3, r4, r5}\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -199378,7 +199433,7 @@ SP_NOINLINE static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -199530,7 +199585,7 @@ SP_NOINLINE static sp_digit sp_1024_add_word_16(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5"
+ : "memory", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -199839,7 +199894,7 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
#endif
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -200134,7 +200189,7 @@ SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -200359,7 +200414,7 @@ SP_NOINLINE static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
#endif
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -200638,7 +200693,7 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
"mov %[b], r10\n\t"
: [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
XMEMCPY(r, t, sizeof(t));
@@ -201073,7 +201128,7 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
"add sp, sp, r6\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -201230,7 +201285,7 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -201294,7 +201349,7 @@ SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -201368,7 +201423,7 @@ SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
"movs %[r], r3\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -201556,7 +201611,7 @@ SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
"str r3, [%[r]]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
}
@@ -202171,7 +202226,7 @@ SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
"movs %[d1], r3\n\t"
: [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
return (uint32_t)(size_t)d1;
}
@@ -202310,7 +202365,7 @@ SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
"movs %[a], r2\n\t"
: [a] "+l" (a), [b] "+l" (b)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
);
return (uint32_t)(size_t)a;
}
@@ -202324,8 +202379,8 @@ SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -202460,14 +202515,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -202645,6 +202700,7 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
return err;
}
+#define sp_1024_mont_reduce_order_32 sp_1024_mont_reduce_32
/* Reduce the number back to 1024 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
@@ -203727,7 +203783,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
#endif /* WOLFSSL_SP_LARGE_CODE */
: [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
:
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
@@ -203738,7 +203794,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -203752,7 +203808,7 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -204774,7 +204830,7 @@ SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #124]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7"
+ : "memory", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -205651,7 +205707,7 @@ SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #124]\n\t"
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -207421,7 +207477,7 @@ SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a,
"str r7, [%[r], #124]\n\t"
: [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
:
- : "memory", "r3", "r4", "r5", "r6", "r7"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
);
}
@@ -208855,11 +208911,10 @@ SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a,
"str r5, [%[r], #124]\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7"
+ : "memory", "r4", "r5", "r6", "r7", "cc"
);
}
-#define sp_1024_mont_sub_lower_32 sp_1024_mont_sub_32
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -208924,7 +208979,7 @@ SP_NOINLINE static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a,
"movs %[r], r4\n\t"
: [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
return (uint32_t)(size_t)r;
}
@@ -209535,7 +209590,7 @@ static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
"str r3, [%[r], #124]\n\t"
: [r] "+l" (r), [a] "+l" (a)
:
- : "memory", "r2", "r3", "r4", "r5"
+ : "memory", "r2", "r3", "r4", "r5", "cc"
);
}
@@ -209545,7 +209600,7 @@ static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_1024_div2_32(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a,
const sp_digit* m)
{
sp_digit o;
@@ -209599,7 +209654,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_32(t2, t2, p1024_mod);
+ sp_1024_mont_div2_32(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -209609,7 +209664,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_32(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+ sp_1024_mont_sub_32(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -209632,7 +209687,8 @@ typedef struct sp_1024_proj_point_dbl_32_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
@@ -209706,7 +209762,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_32(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -209731,7 +209787,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -209756,370 +209812,6 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "movs r6, %[a]\n\t"
- "movs r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds r6, r6, #0x80\n\t"
-#else
- "add r6, r6, #0x80\n\t"
-#endif
- "\n"
- "L_sp_1024_sub_32_word_%=:\n\t"
- "movs r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r5, r5, r3\n\t"
-#else
- "sub r5, r5, r3\n\t"
-#endif
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r5\n\t"
-#elif defined(__clang__)
- "sbcs r4, r5\n\t"
-#else
- "sbc r4, r5\n\t"
-#endif
- "str r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r3\n\t"
-#elif defined(__clang__)
- "sbcs r3, r3\n\t"
-#else
- "sbc r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[a], %[a], #4\n\t"
-#else
- "add %[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[b], %[b], #4\n\t"
-#else
- "add %[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "adds %[r], %[r], #4\n\t"
-#else
- "add %[r], %[r], #4\n\t"
-#endif
- "cmp %[a], r6\n\t"
- "bne L_sp_1024_sub_32_word_%=\n\t"
- "movs %[r], r3\n\t"
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- __asm__ __volatile__ (
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
- "subs r3, r3, r5\n\t"
-#else
- "sub r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "ldm %[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs r3, r3, r5\n\t"
-#elif defined(__clang__)
- "sbcs r3, r5\n\t"
-#else
- "sbc r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
- "sbcs r4, r4, r6\n\t"
-#elif defined(__clang__)
- "sbcs r4, r6\n\t"
-#else
- "sbc r4, r6\n\t"
-#endif
- "stm %[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
- "sbcs %[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
- "sbcs %[r], %[r]\n\t"
-#else
- "sbc %[r], %[r]\n\t"
-#endif
- : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
- :
- : "memory", "r3", "r4", "r5", "r6"
- );
- return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
/* Compare two numbers to determine if they are equal.
* Constant time implementation.
*
@@ -210167,12 +209859,12 @@ static int sp_1024_iszero_32(const sp_digit* a)
static void sp_1024_proj_point_add_32(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*32;
- sp_digit* t3 = t + 4*32;
- sp_digit* t4 = t + 6*32;
- sp_digit* t5 = t + 8*32;
- sp_digit* t6 = t + 10*32;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*32;
+ sp_digit* t2 = t + 4*32;
+ sp_digit* t3 = t + 6*32;
+ sp_digit* t4 = t + 8*32;
+ sp_digit* t5 = t + 10*32;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -210194,17 +209886,9 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
sp_1024_proj_point_dbl_32(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
@@ -210223,20 +209907,31 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
sp_1024_mont_dbl_32(t3, y, p1024_mod);
sp_1024_mont_sub_32(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+ sp_1024_mont_sub_32(y, y, x, p1024_mod);
sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(y, y, t5, p1024_mod);
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -210282,12 +209977,12 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*32;
- ctx->t3 = t + 4*32;
- ctx->t4 = t + 6*32;
- ctx->t5 = t + 8*32;
- ctx->t6 = t + 10*32;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*32;
+ ctx->t2 = t + 4*32;
+ ctx->t3 = t + 6*32;
+ ctx->t4 = t + 8*32;
+ ctx->t5 = t + 10*32;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -210394,7 +210089,7 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -210407,22 +210102,28 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -210582,8 +210283,6 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g,
}
#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-#define sp_1024_mont_dbl_lower_32 sp_1024_mont_dbl_32
-#define sp_1024_mont_tpl_lower_32 sp_1024_mont_tpl_32
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -210622,7 +210321,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+ sp_1024_mont_tpl_32(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -210631,8 +210330,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_dbl_32(t2, b, p1024_mod);
sp_1024_mont_sub_32(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+ sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_32(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -210652,7 +210351,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+ sp_1024_mont_tpl_32(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -210661,8 +210360,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_dbl_32(t2, b, p1024_mod);
sp_1024_mont_sub_32(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+ sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_32(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -210672,7 +210371,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_sub_32(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_32(y, y, p1024_mod);
+ sp_1024_mont_div2_32(y, y, p1024_mod);
}
/* Convert the projective point to affine.
@@ -210718,12 +210417,12 @@ typedef struct sp_table_entry_1024 {
static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*32;
- sp_digit* t3 = t + 4*32;
- sp_digit* t4 = t + 6*32;
- sp_digit* t5 = t + 8*32;
- sp_digit* t6 = t + 10*32;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*32;
+ sp_digit* t6 = t + 4*32;
+ sp_digit* t1 = t + 6*32;
+ sp_digit* t4 = t + 8*32;
+ sp_digit* t5 = t + 10*32;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -210739,13 +210438,9 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
sp_1024_proj_point_dbl_32(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
@@ -210754,33 +210449,40 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_32(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_32(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_32(t1, t3, p1024_mod);
- sp_1024_mont_sub_32(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_32(t5, t3, p1024_mod);
+ sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_32(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_32(y, t3, t5, p1024_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -211011,7 +210713,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -211082,8 +210784,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -211366,7 +211068,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -211437,8 +211139,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -215192,7 +214894,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -215214,7 +214916,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -215430,7 +215132,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -215456,7 +215158,7 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
sp_1024_mont_add_32(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -217477,7 +217179,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -217592,7 +217294,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_32(t1, ty, p1024_mod);
+ sp_1024_mont_div2_32(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -217612,7 +217314,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_32(t1, t1, p1024_mod);
+ sp_1024_mont_div2_32(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -218030,7 +217732,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_32(t1, ty, p1024_mod);
+ sp_1024_mont_div2_32(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -218068,7 +217770,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_32(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -218879,7 +218581,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
}
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -218908,19 +218610,21 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 32;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_32(t1, point->y);
(void)sp_1024_mod_32(t1, t1, p1024_mod);
sp_1024_sqr_32(t2, point->x);
(void)sp_1024_mod_32(t2, t2, p1024_mod);
sp_1024_mul_32(t2, t2, point->x);
(void)sp_1024_mod_32(t2, t2, p1024_mod);
- (void)sp_1024_sub_32(t2, p1024_mod, t2);
- sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_32(t1, p1024_mod);
sp_1024_cond_sub_32(t1, t1, p1024_mod, ~(n >> 31));
sp_1024_norm_32(t1);
@@ -218937,7 +218641,7 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c
index cd226658..468e0fcf 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c
@@ -56,6 +56,16 @@
#include <wolfssl/wolfcrypt/sp.h>
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif
+
#ifndef WOLFSSL_SP_ASM
#if SP_WORD_SIZE == 32
#define SP_PRINT_NUM(var, name, total, words, bits) \
@@ -78,11 +88,14 @@
#define SP_PRINT_INT(var, name) \
fprintf(stderr, name "=%d\n", var)
-#if (((!defined(WC_NO_CACHE_RESISTANT) && \
- (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
- (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
+#if ((defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && \
+ ((!defined(WC_NO_CACHE_RESISTANT) && \
+ (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
+ (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)) || (defined(WOLFSSL_SP_SMALL) && \
- defined(WOLFSSL_HAVE_SP_ECC))
+ defined(WOLFSSL_HAVE_SP_ECC) && (!defined(WOLFSSL_SP_NO_256) || \
+ defined(WOLFSSL_SP_384) || defined(WOLFSSL_SP_521) || \
+ defined(WOLFSSL_SP_1024)))
/* Mask for address to obfuscate which of the two address will be used. */
static const size_t addr_mask[2] = { 0, (size_t)-1 };
#endif
@@ -139,14 +152,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 29
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 28);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 28);
}
#elif DIGIT_BIT > 29
unsigned int i;
@@ -1389,7 +1402,7 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -1766,7 +1779,7 @@ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1780,7 +1793,7 @@ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -2795,7 +2808,7 @@ static void sp_2048_mont_reduce_72(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -2809,7 +2822,7 @@ SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_72(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -3531,7 +3544,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -3541,7 +3554,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 29) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 256U) {
@@ -3570,12 +3583,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_2048_from_bin(a, 72, in, inLen);
-#if DIGIT_BIT >= 29
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -3594,7 +3607,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
err = sp_2048_mod_72(a, a, m);
}
if (err == MP_OKAY) {
- for (i=28; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -3631,14 +3644,14 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 256U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 29) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 256U) {
@@ -3667,12 +3680,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
m = r + 72 * 2;
sp_2048_from_bin(a, 72, in, inLen);
-#if DIGIT_BIT >= 29
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -3702,7 +3715,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
err = sp_2048_mod_72(a, a, m);
if (err == MP_OKAY) {
- for (i=28; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -4900,14 +4913,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 29
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 28);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 28);
}
#elif DIGIT_BIT > 29
unsigned int i;
@@ -5169,7 +5182,7 @@ SP_NOINLINE static void sp_3072_sqr_106(sp_digit* r, const sp_digit* a)
r[0] = (sp_digit)(c >> 29);
}
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -5448,7 +5461,7 @@ SP_NOINLINE static void sp_3072_mul_53(sp_digit* r, const sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_53(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -5526,7 +5539,7 @@ SP_NOINLINE static void sp_3072_sqr_53(sp_digit* r, const sp_digit* a)
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_53(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -6351,7 +6364,7 @@ static void sp_3072_mont_reduce_106(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -6365,7 +6378,7 @@ SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_106(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -6989,7 +7002,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -6999,7 +7012,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 29) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -7028,12 +7041,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_3072_from_bin(a, 106, in, inLen);
-#if DIGIT_BIT >= 29
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -7052,7 +7065,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_106(a, a, m);
}
if (err == MP_OKAY) {
- for (i=28; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -7089,14 +7102,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 384U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 29) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -7125,12 +7138,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
m = r + 106 * 2;
sp_3072_from_bin(a, 106, in, inLen);
-#if DIGIT_BIT >= 29
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -7160,7 +7173,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_106(a, a, m);
if (err == MP_OKAY) {
- for (i=28; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -8205,14 +8218,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 28
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 27);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 27);
}
#elif DIGIT_BIT > 28
unsigned int i;
@@ -9220,7 +9233,7 @@ SP_NOINLINE static void sp_3072_sqr_112(sp_digit* r, const sp_digit* a)
}
#endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -9524,7 +9537,7 @@ static void sp_3072_mont_reduce_56(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -9538,7 +9551,7 @@ SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_56(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -10442,7 +10455,7 @@ static void sp_3072_mont_reduce_112(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -10456,7 +10469,7 @@ SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_112(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -11107,7 +11120,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -11117,7 +11130,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 28) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -11146,12 +11159,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_3072_from_bin(a, 112, in, inLen);
-#if DIGIT_BIT >= 28
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -11170,7 +11183,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_112(a, a, m);
}
if (err == MP_OKAY) {
- for (i=27; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -11207,14 +11220,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 384U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 28) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -11243,12 +11256,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
m = r + 112 * 2;
sp_3072_from_bin(a, 112, in, inLen);
-#if DIGIT_BIT >= 28
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -11278,7 +11291,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_112(a, a, m);
if (err == MP_OKAY) {
- for (i=27; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -12548,14 +12561,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 29
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 28);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 28);
}
#elif DIGIT_BIT > 29
unsigned int i;
@@ -12819,7 +12832,7 @@ SP_NOINLINE static void sp_4096_sqr_142(sp_digit* r, const sp_digit* a)
r[0] = (sp_digit)(c >> 29);
}
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -13105,7 +13118,7 @@ SP_NOINLINE static void sp_4096_mul_71(sp_digit* r, const sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_71(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -13183,7 +13196,7 @@ SP_NOINLINE static void sp_4096_sqr_71(sp_digit* r, const sp_digit* a)
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_71(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -14009,7 +14022,7 @@ static void sp_4096_mont_reduce_142(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14023,7 +14036,7 @@ SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_142(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -14647,7 +14660,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -14657,7 +14670,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 29) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -14686,12 +14699,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_4096_from_bin(a, 142, in, inLen);
-#if DIGIT_BIT >= 29
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -14710,7 +14723,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_142(a, a, m);
}
if (err == MP_OKAY) {
- for (i=28; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -14747,14 +14760,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 512U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 29) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -14783,12 +14796,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
m = r + 142 * 2;
sp_4096_from_bin(a, 142, in, inLen);
-#if DIGIT_BIT >= 29
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -14818,7 +14831,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_142(a, a, m);
if (err == MP_OKAY) {
- for (i=28; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -15721,14 +15734,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 26
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 25);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 25);
}
#elif DIGIT_BIT > 26
unsigned int i;
@@ -16745,7 +16758,7 @@ SP_NOINLINE static void sp_4096_sqr_162(sp_digit* r, const sp_digit* a)
}
#endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -17064,7 +17077,7 @@ static void sp_4096_mont_reduce_81(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -17078,7 +17091,7 @@ SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_81(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -17969,7 +17982,7 @@ static void sp_4096_mont_reduce_162(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -17983,7 +17996,7 @@ SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_162(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -18632,7 +18645,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -18642,7 +18655,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 26) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -18671,12 +18684,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_4096_from_bin(a, 162, in, inLen);
-#if DIGIT_BIT >= 26
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -18695,7 +18708,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_162(a, a, m);
}
if (err == MP_OKAY) {
- for (i=25; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -18732,14 +18745,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 512U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 26) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -18768,12 +18781,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
m = r + 162 * 2;
sp_4096_from_bin(a, 162, in, inLen);
-#if DIGIT_BIT >= 26
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -18803,7 +18816,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_162(a, a, m);
if (err == MP_OKAY) {
- for (i=25; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -20442,14 +20455,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 29
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 28);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 28);
}
#elif DIGIT_BIT > 29
unsigned int i;
@@ -20943,7 +20956,7 @@ static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -20957,7 +20970,7 @@ SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -20973,10 +20986,10 @@ SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_9(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_9(r, a, m, mp);
for (; n > 1; n--) {
@@ -21217,7 +21230,6 @@ static void sp_256_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
sp_256_norm_9(r);
}
-#define sp_256_mont_sub_lower_9 sp_256_mont_sub_9
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -21251,7 +21263,8 @@ SP_NOINLINE static void sp_256_rshift1_9(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_256_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_256_mont_div2_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_256_cond_add_9(r, a, m, 0 - (a[0] & 1));
sp_256_norm_9(r);
@@ -21302,7 +21315,7 @@ static void sp_256_proj_point_dbl_9(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_9(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_9(t2, t2, p256_mod);
+ sp_256_mont_div2_9(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_9(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
@@ -21312,7 +21325,7 @@ static void sp_256_proj_point_dbl_9(sp_point_256* r, const sp_point_256* p,
/* X = X - Y */
sp_256_mont_sub_9(x, x, y, p256_mod);
/* Y = Y - X */
- sp_256_mont_sub_lower_9(y, y, x, p256_mod);
+ sp_256_mont_sub_9(y, y, x, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_9(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -21335,7 +21348,8 @@ typedef struct sp_256_proj_point_dbl_9_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_9_ctx* ctx = (sp_256_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -21409,7 +21423,7 @@ static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_9(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_9(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -21434,7 +21448,7 @@ static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 16:
/* Y = Y - X */
- sp_256_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_9(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -21496,12 +21510,12 @@ static int sp_256_iszero_9(const sp_digit* a)
static void sp_256_proj_point_add_9(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*9;
+ sp_digit* t2 = t + 4*9;
+ sp_digit* t3 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_9(t1, q->z, p256_mod, p256_mp_mod);
@@ -21523,17 +21537,9 @@ static void sp_256_proj_point_add_9(sp_point_256* r,
sp_256_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_9(t2, t2, t1, p256_mod);
@@ -21552,20 +21558,31 @@ static void sp_256_proj_point_add_9(sp_point_256* r,
sp_256_mont_dbl_9(t3, y, p256_mod);
sp_256_mont_sub_9(x, x, t3, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_9(y, y, x, p256_mod);
+ sp_256_mont_sub_9(y, y, x, p256_mod);
sp_256_mont_mul_9(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_9(y, y, t5, p256_mod);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -21611,12 +21628,12 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*9;
- ctx->t3 = t + 4*9;
- ctx->t4 = t + 6*9;
- ctx->t5 = t + 8*9;
- ctx->t6 = t + 10*9;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*9;
+ ctx->t2 = t + 4*9;
+ ctx->t3 = t + 6*9;
+ ctx->t4 = t + 8*9;
+ ctx->t5 = t + 10*9;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -21723,7 +21740,7 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_9(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -21736,22 +21753,28 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -22172,8 +22195,6 @@ static void sp_256_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m)
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_256_mont_dbl_lower_9 sp_256_mont_dbl_9
-#define sp_256_mont_tpl_lower_9 sp_256_mont_tpl_9
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -22212,7 +22233,7 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_9(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_9(a, t1, p256_mod);
+ sp_256_mont_tpl_9(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
@@ -22221,8 +22242,8 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
sp_256_mont_dbl_9(t2, b, p256_mod);
sp_256_mont_sub_9(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_9(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_9(b, t2, p256_mod);
+ sp_256_mont_sub_9(t2, b, x, p256_mod);
+ sp_256_mont_dbl_9(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_9(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -22242,7 +22263,7 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_9(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_9(a, t1, p256_mod);
+ sp_256_mont_tpl_9(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
@@ -22251,8 +22272,8 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
sp_256_mont_dbl_9(t2, b, p256_mod);
sp_256_mont_sub_9(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_9(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_9(b, t2, p256_mod);
+ sp_256_mont_sub_9(t2, b, x, p256_mod);
+ sp_256_mont_dbl_9(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_9(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -22262,7 +22283,7 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
sp_256_mont_sub_9(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_9(y, y, p256_mod);
+ sp_256_mont_div2_9(y, y, p256_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -22308,7 +22329,7 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_9(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_9(a, t1, p256_mod);
+ sp_256_mont_tpl_9(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
@@ -22318,8 +22339,8 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
sp_256_mont_dbl_9(t2, b, p256_mod);
sp_256_mont_sub_9(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_9(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_9(b, t2, p256_mod);
+ sp_256_mont_sub_9(t2, b, x, p256_mod);
+ sp_256_mont_dbl_9(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_9(r[j].z, z, y, p256_mod, p256_mp_mod);
z = r[j].z;
@@ -22333,7 +22354,7 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
sp_256_mont_mul_9(y, b, a, p256_mod, p256_mp_mod);
sp_256_mont_sub_9(y, y, t1, p256_mod);
/* Y = Y/2 */
- sp_256_div2_9(r[j].y, y, p256_mod);
+ sp_256_mont_div2_9(r[j].y, y, p256_mod);
r[j].infinity = 0;
}
}
@@ -22407,8 +22428,8 @@ static void sp_256_proj_point_add_sub_9(sp_point_256* ra,
sp_256_mont_sub_9(xs, xs, t1, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_256_mont_sub_lower_9(ys, ya, xs, p256_mod);
- sp_256_mont_sub_lower_9(ya, ya, xa, p256_mod);
+ sp_256_mont_sub_9(ys, ya, xs, p256_mod);
+ sp_256_mont_sub_9(ya, ya, xa, p256_mod);
sp_256_mont_mul_9(ya, ya, t4, p256_mod, p256_mp_mod);
sp_256_sub_9(t6, p256_mod, t6);
sp_256_mont_mul_9(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -22492,7 +22513,7 @@ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_point_33_9(sp_point_256* r, const sp_point_256* table,
@@ -22600,7 +22621,7 @@ static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
+ t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -22719,12 +22740,12 @@ static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256*
static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*9;
+ sp_digit* t6 = t + 4*9;
+ sp_digit* t1 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -22740,13 +22761,9 @@ static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
sp_256_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_9(t2, t2, p->x, p256_mod);
@@ -22755,33 +22772,40 @@ static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_9(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_9(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_9(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_9(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_9(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_9(x, t1, t5, p256_mod);
- sp_256_mont_dbl_9(t1, t3, p256_mod);
- sp_256_mont_sub_9(x, x, t1, p256_mod);
+ sp_256_mont_sqr_9(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_9(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_9(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_9(t2, t2, t1, p256_mod);
+ sp_256_mont_dbl_9(t5, t3, p256_mod);
+ sp_256_mont_sub_9(x, t2, t5, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_9(t3, t3, x, p256_mod);
+ sp_256_mont_sub_9(t3, t3, x, p256_mod);
sp_256_mont_mul_9(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_9(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_9(y, t3, t5, p256_mod);
+ sp_256_mont_mul_9(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_9(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -22903,7 +22927,7 @@ static int sp_256_gen_stripe_table_9(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_256_9(sp_point_256* r,
@@ -23102,7 +23126,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -23173,8 +23197,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -23291,7 +23315,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -23302,7 +23326,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -24759,7 +24783,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -24781,7 +24805,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -24935,7 +24959,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -24943,7 +24967,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -25578,7 +25602,7 @@ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a,
sp_256_mont_sqr_n_order_9(t2, t3, 4);
/* t = a^ff = t2 * t3 */
sp_256_mont_mul_order_9(t, t2, t3);
- /* t3= a^ff00 = t ^ 2 ^ 8 */
+ /* t2= a^ff00 = t ^ 2 ^ 8 */
sp_256_mont_sqr_n_order_9(t2, t, 8);
/* t = a^ffff = t2 * t */
sp_256_mont_mul_order_9(t, t2, t);
@@ -25595,7 +25619,11 @@ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a,
/* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
sp_256_mont_mul_order_9(t2, t2, t);
/* t2= a^ffffffff00000000ffffffffffffffffbce6 */
- for (i=127; i>=112; i--) {
+ sp_256_mont_sqr_order_9(t2, t2);
+ sp_256_mont_mul_order_9(t2, t2, a);
+ sp_256_mont_sqr_n_order_9(t2, t2, 5);
+ sp_256_mont_mul_order_9(t2, t2, t3);
+ for (i=121; i>=112; i--) {
sp_256_mont_sqr_order_9(t2, t2);
if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
sp_256_mont_mul_order_9(t2, t2, a);
@@ -26094,8 +26122,8 @@ static int sp_256_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt &&
- sp_256_cmp_9(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) &&
+ (sp_256_cmp_9(u, v) >= 0))) {
sp_256_sub_9(u, u, v);
sp_256_norm_9(u);
@@ -26189,7 +26217,7 @@ static void sp_256_add_points_9(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -26513,7 +26541,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -26541,19 +26569,21 @@ static int sp_256_ecc_is_point_9(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 9;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_9(t1, point->y);
(void)sp_256_mod_9(t1, t1, p256_mod);
sp_256_sqr_9(t2, point->x);
(void)sp_256_mod_9(t2, t2, p256_mod);
sp_256_mul_9(t2, t2, point->x);
(void)sp_256_mod_9(t2, t2, p256_mod);
- (void)sp_256_sub_9(t2, p256_mod, t2);
- sp_256_mont_add_9(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_9(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_9(t1, t1, point->x, p256_mod);
sp_256_mont_add_9(t1, t1, point->x, p256_mod);
sp_256_mont_add_9(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_9(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -26567,7 +26597,7 @@ static int sp_256_ecc_is_point_9(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -27789,14 +27819,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 26
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 25);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 25);
}
#elif DIGIT_BIT > 26
unsigned int i;
@@ -28334,7 +28364,7 @@ static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -28348,7 +28378,7 @@ SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -28364,10 +28394,10 @@ SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_15(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_15(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_15(r, a, m, mp);
for (; n > 1; n--) {
@@ -28630,7 +28660,6 @@ static void sp_384_mont_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b
sp_384_norm_15(r);
}
-#define sp_384_mont_sub_lower_15 sp_384_mont_sub_15
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -28670,7 +28699,8 @@ SP_NOINLINE static void sp_384_rshift1_15(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_384_div2_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_15(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_384_cond_add_15(r, a, m, 0 - (a[0] & 1));
sp_384_norm_15(r);
@@ -28721,7 +28751,7 @@ static void sp_384_proj_point_dbl_15(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_15(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_15(t2, t2, p384_mod);
+ sp_384_mont_div2_15(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_15(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -28731,7 +28761,7 @@ static void sp_384_proj_point_dbl_15(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_15(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_15(y, y, x, p384_mod);
+ sp_384_mont_sub_15(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_15(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -28754,7 +28784,8 @@ typedef struct sp_384_proj_point_dbl_15_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_15_ctx* ctx = (sp_384_proj_point_dbl_15_ctx*)sp_ctx->data;
@@ -28828,7 +28859,7 @@ static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_15(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_15(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -28853,7 +28884,7 @@ static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_15(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_15(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -28917,12 +28948,12 @@ static int sp_384_iszero_15(const sp_digit* a)
static void sp_384_proj_point_add_15(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*15;
- sp_digit* t3 = t + 4*15;
- sp_digit* t4 = t + 6*15;
- sp_digit* t5 = t + 8*15;
- sp_digit* t6 = t + 10*15;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*15;
+ sp_digit* t2 = t + 4*15;
+ sp_digit* t3 = t + 6*15;
+ sp_digit* t4 = t + 8*15;
+ sp_digit* t5 = t + 10*15;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_15(t1, q->z, p384_mod, p384_mp_mod);
@@ -28944,17 +28975,9 @@ static void sp_384_proj_point_add_15(sp_point_384* r,
sp_384_proj_point_dbl_15(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_15(t2, t2, t1, p384_mod);
@@ -28973,20 +28996,31 @@ static void sp_384_proj_point_add_15(sp_point_384* r,
sp_384_mont_dbl_15(t3, y, p384_mod);
sp_384_mont_sub_15(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_15(y, y, x, p384_mod);
+ sp_384_mont_sub_15(y, y, x, p384_mod);
sp_384_mont_mul_15(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_15(y, y, t5, p384_mod);
- for (i = 0; i < 15; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 15; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 15; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 15; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 15; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 15; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -29032,12 +29066,12 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*15;
- ctx->t3 = t + 4*15;
- ctx->t4 = t + 6*15;
- ctx->t5 = t + 8*15;
- ctx->t6 = t + 10*15;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*15;
+ ctx->t2 = t + 4*15;
+ ctx->t3 = t + 6*15;
+ ctx->t4 = t + 8*15;
+ ctx->t5 = t + 10*15;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -29144,7 +29178,7 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_15(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_15(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -29157,22 +29191,28 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 15; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 15; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 15; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 15; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 15; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 15; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -29649,8 +29689,6 @@ static void sp_384_cond_copy_15(sp_digit* r, const sp_digit* a, const sp_digit m
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_384_mont_dbl_lower_15 sp_384_mont_dbl_15
-#define sp_384_mont_tpl_lower_15 sp_384_mont_tpl_15
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -29689,7 +29727,7 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_15(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_15(a, t1, p384_mod);
+ sp_384_mont_tpl_15(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
@@ -29698,8 +29736,8 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
sp_384_mont_dbl_15(t2, b, p384_mod);
sp_384_mont_sub_15(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_15(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_15(b, t2, p384_mod);
+ sp_384_mont_sub_15(t2, b, x, p384_mod);
+ sp_384_mont_dbl_15(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_15(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -29719,7 +29757,7 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_15(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_15(a, t1, p384_mod);
+ sp_384_mont_tpl_15(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
@@ -29728,8 +29766,8 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
sp_384_mont_dbl_15(t2, b, p384_mod);
sp_384_mont_sub_15(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_15(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_15(b, t2, p384_mod);
+ sp_384_mont_sub_15(t2, b, x, p384_mod);
+ sp_384_mont_dbl_15(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_15(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -29739,7 +29777,7 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
sp_384_mont_sub_15(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_15(y, y, p384_mod);
+ sp_384_mont_div2_15(y, y, p384_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -29785,7 +29823,7 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_15(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_15(a, t1, p384_mod);
+ sp_384_mont_tpl_15(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
@@ -29795,8 +29833,8 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
sp_384_mont_dbl_15(t2, b, p384_mod);
sp_384_mont_sub_15(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_15(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_15(b, t2, p384_mod);
+ sp_384_mont_sub_15(t2, b, x, p384_mod);
+ sp_384_mont_dbl_15(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_15(r[j].z, z, y, p384_mod, p384_mp_mod);
z = r[j].z;
@@ -29810,7 +29848,7 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
sp_384_mont_mul_15(y, b, a, p384_mod, p384_mp_mod);
sp_384_mont_sub_15(y, y, t1, p384_mod);
/* Y = Y/2 */
- sp_384_div2_15(r[j].y, y, p384_mod);
+ sp_384_mont_div2_15(r[j].y, y, p384_mod);
r[j].infinity = 0;
}
}
@@ -29884,8 +29922,8 @@ static void sp_384_proj_point_add_sub_15(sp_point_384* ra,
sp_384_mont_sub_15(xs, xs, t1, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_384_mont_sub_lower_15(ys, ya, xs, p384_mod);
- sp_384_mont_sub_lower_15(ya, ya, xa, p384_mod);
+ sp_384_mont_sub_15(ys, ya, xs, p384_mod);
+ sp_384_mont_sub_15(ya, ya, xa, p384_mod);
sp_384_mont_mul_15(ya, ya, t4, p384_mod, p384_mp_mod);
sp_384_sub_15(t6, p384_mod, t6);
sp_384_mont_mul_15(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -29969,7 +30007,7 @@ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_point_33_15(sp_point_384* r, const sp_point_384* table,
@@ -30113,7 +30151,7 @@ static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
+ t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -30232,12 +30270,12 @@ static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384*
static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*15;
- sp_digit* t3 = t + 4*15;
- sp_digit* t4 = t + 6*15;
- sp_digit* t5 = t + 8*15;
- sp_digit* t6 = t + 10*15;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*15;
+ sp_digit* t6 = t + 4*15;
+ sp_digit* t1 = t + 6*15;
+ sp_digit* t4 = t + 8*15;
+ sp_digit* t5 = t + 10*15;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -30253,13 +30291,9 @@ static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
sp_384_proj_point_dbl_15(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_15(t2, t2, p->x, p384_mod);
@@ -30268,33 +30302,40 @@ static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_15(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_15(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_15(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_15(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_15(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_15(x, t1, t5, p384_mod);
- sp_384_mont_dbl_15(t1, t3, p384_mod);
- sp_384_mont_sub_15(x, x, t1, p384_mod);
+ sp_384_mont_sqr_15(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_15(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_15(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_15(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_15(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_15(t5, t3, p384_mod);
+ sp_384_mont_sub_15(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_15(t3, t3, x, p384_mod);
+ sp_384_mont_sub_15(t3, t3, x, p384_mod);
sp_384_mont_mul_15(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_15(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_15(y, t3, t5, p384_mod);
+ sp_384_mont_mul_15(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_15(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 15; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 15; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 15; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 15; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 15; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 15; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -30416,7 +30457,7 @@ static int sp_384_gen_stripe_table_15(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_256_15(sp_point_384* r,
@@ -30639,7 +30680,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -30710,8 +30751,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_win_add_sub_15(r, g, k, map, ct, heap);
@@ -30828,7 +30869,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -30839,7 +30880,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -32808,7 +32849,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -32830,7 +32871,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -32984,7 +33025,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -32992,7 +33033,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -34156,8 +34197,8 @@ static int sp_384_mod_inv_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt &&
- sp_384_cmp_15(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) &&
+ (sp_384_cmp_15(u, v) >= 0))) {
sp_384_sub_15(u, u, v);
sp_384_norm_15(u);
@@ -34257,7 +34298,7 @@ static void sp_384_add_points_15(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -34581,7 +34622,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -34609,19 +34650,21 @@ static int sp_384_ecc_is_point_15(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 15;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_15(t1, point->y);
(void)sp_384_mod_15(t1, t1, p384_mod);
sp_384_sqr_15(t2, point->x);
(void)sp_384_mod_15(t2, t2, p384_mod);
sp_384_mul_15(t2, t2, point->x);
(void)sp_384_mod_15(t2, t2, p384_mod);
- (void)sp_384_sub_15(t2, p384_mod, t2);
- sp_384_mont_add_15(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_15(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_15(t1, t1, point->x, p384_mod);
sp_384_mont_add_15(t1, t1, point->x, p384_mod);
sp_384_mont_add_15(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_15(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -34635,7 +34678,7 @@ static int sp_384_ecc_is_point_15(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -35513,14 +35556,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 25
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 24);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 24);
}
#elif DIGIT_BIT > 25
unsigned int i;
@@ -35994,7 +36037,7 @@ static void sp_521_mont_reduce_order_21(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -36008,7 +36051,7 @@ SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -36024,10 +36067,10 @@ SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_21(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_21(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_21(r, a, m, mp);
for (; n > 1; n--) {
@@ -36289,7 +36332,6 @@ static void sp_521_mont_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b
sp_521_norm_21(r);
}
-#define sp_521_mont_sub_lower_21 sp_521_mont_sub_21
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -36335,7 +36377,8 @@ SP_NOINLINE static void sp_521_rshift1_21(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_521_div2_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_21(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_521_cond_add_21(r, a, m, 0 - (a[0] & 1));
sp_521_norm_21(r);
@@ -36386,7 +36429,7 @@ static void sp_521_proj_point_dbl_21(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_21(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_21(t2, t2, p521_mod);
+ sp_521_mont_div2_21(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_21(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -36396,7 +36439,7 @@ static void sp_521_proj_point_dbl_21(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_21(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_21(y, y, x, p521_mod);
+ sp_521_mont_sub_21(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_21(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -36419,7 +36462,8 @@ typedef struct sp_521_proj_point_dbl_21_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_21_ctx* ctx = (sp_521_proj_point_dbl_21_ctx*)sp_ctx->data;
@@ -36493,7 +36537,7 @@ static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_21(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_21(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -36518,7 +36562,7 @@ static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_21(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_21(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -36585,12 +36629,12 @@ static int sp_521_iszero_21(const sp_digit* a)
static void sp_521_proj_point_add_21(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*21;
- sp_digit* t3 = t + 4*21;
- sp_digit* t4 = t + 6*21;
- sp_digit* t5 = t + 8*21;
- sp_digit* t6 = t + 10*21;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*21;
+ sp_digit* t2 = t + 4*21;
+ sp_digit* t3 = t + 6*21;
+ sp_digit* t4 = t + 8*21;
+ sp_digit* t5 = t + 10*21;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_21(t1, q->z, p521_mod, p521_mp_mod);
@@ -36612,17 +36656,9 @@ static void sp_521_proj_point_add_21(sp_point_521* r,
sp_521_proj_point_dbl_21(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_21(t2, t2, t1, p521_mod);
@@ -36641,20 +36677,31 @@ static void sp_521_proj_point_add_21(sp_point_521* r,
sp_521_mont_dbl_21(t3, y, p521_mod);
sp_521_mont_sub_21(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_21(y, y, x, p521_mod);
+ sp_521_mont_sub_21(y, y, x, p521_mod);
sp_521_mont_mul_21(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_21(y, y, t5, p521_mod);
- for (i = 0; i < 21; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 21; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 21; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 21; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 21; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 21; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -36700,12 +36747,12 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*21;
- ctx->t3 = t + 4*21;
- ctx->t4 = t + 6*21;
- ctx->t5 = t + 8*21;
- ctx->t6 = t + 10*21;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*21;
+ ctx->t2 = t + 4*21;
+ ctx->t3 = t + 6*21;
+ ctx->t4 = t + 8*21;
+ ctx->t5 = t + 10*21;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -36812,7 +36859,7 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_21(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_21(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -36825,22 +36872,28 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 21; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 21; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 21; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 21; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 21; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 21; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -37179,8 +37232,6 @@ static void sp_521_cond_copy_21(sp_digit* r, const sp_digit* a, const sp_digit m
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_521_mont_dbl_lower_21 sp_521_mont_dbl_21
-#define sp_521_mont_tpl_lower_21 sp_521_mont_tpl_21
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -37219,7 +37270,7 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_21(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_21(a, t1, p521_mod);
+ sp_521_mont_tpl_21(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
@@ -37228,8 +37279,8 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
sp_521_mont_dbl_21(t2, b, p521_mod);
sp_521_mont_sub_21(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_21(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_21(b, t2, p521_mod);
+ sp_521_mont_sub_21(t2, b, x, p521_mod);
+ sp_521_mont_dbl_21(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_21(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -37249,7 +37300,7 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_21(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_21(a, t1, p521_mod);
+ sp_521_mont_tpl_21(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
@@ -37258,8 +37309,8 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
sp_521_mont_dbl_21(t2, b, p521_mod);
sp_521_mont_sub_21(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_21(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_21(b, t2, p521_mod);
+ sp_521_mont_sub_21(t2, b, x, p521_mod);
+ sp_521_mont_dbl_21(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_21(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -37269,7 +37320,7 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
sp_521_mont_sub_21(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_21(y, y, p521_mod);
+ sp_521_mont_div2_21(y, y, p521_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -37315,7 +37366,7 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_21(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_21(a, t1, p521_mod);
+ sp_521_mont_tpl_21(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
@@ -37325,8 +37376,8 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
sp_521_mont_dbl_21(t2, b, p521_mod);
sp_521_mont_sub_21(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_21(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_21(b, t2, p521_mod);
+ sp_521_mont_sub_21(t2, b, x, p521_mod);
+ sp_521_mont_dbl_21(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_21(r[j].z, z, y, p521_mod, p521_mp_mod);
z = r[j].z;
@@ -37340,7 +37391,7 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
sp_521_mont_mul_21(y, b, a, p521_mod, p521_mp_mod);
sp_521_mont_sub_21(y, y, t1, p521_mod);
/* Y = Y/2 */
- sp_521_div2_21(r[j].y, y, p521_mod);
+ sp_521_mont_div2_21(r[j].y, y, p521_mod);
r[j].infinity = 0;
}
}
@@ -37414,8 +37465,8 @@ static void sp_521_proj_point_add_sub_21(sp_point_521* ra,
sp_521_mont_sub_21(xs, xs, t1, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_521_mont_sub_lower_21(ys, ya, xs, p521_mod);
- sp_521_mont_sub_lower_21(ya, ya, xa, p521_mod);
+ sp_521_mont_sub_21(ys, ya, xs, p521_mod);
+ sp_521_mont_sub_21(ya, ya, xa, p521_mod);
sp_521_mont_mul_21(ya, ya, t4, p521_mod, p521_mp_mod);
sp_521_sub_21(t6, p521_mod, t6);
sp_521_mont_mul_21(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -37499,7 +37550,7 @@ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_point_33_21(sp_point_521* r, const sp_point_521* table,
@@ -37679,7 +37730,7 @@ static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
+ t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -37798,12 +37849,12 @@ static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521*
static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*21;
- sp_digit* t3 = t + 4*21;
- sp_digit* t4 = t + 6*21;
- sp_digit* t5 = t + 8*21;
- sp_digit* t6 = t + 10*21;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*21;
+ sp_digit* t6 = t + 4*21;
+ sp_digit* t1 = t + 6*21;
+ sp_digit* t4 = t + 8*21;
+ sp_digit* t5 = t + 10*21;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -37819,13 +37870,9 @@ static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
sp_521_proj_point_dbl_21(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_21(t2, t2, p->x, p521_mod);
@@ -37834,33 +37881,40 @@ static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_21(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_21(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_21(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_21(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_21(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_21(x, t1, t5, p521_mod);
- sp_521_mont_dbl_21(t1, t3, p521_mod);
- sp_521_mont_sub_21(x, x, t1, p521_mod);
+ sp_521_mont_sqr_21(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_21(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_21(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_21(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_21(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_21(t5, t3, p521_mod);
+ sp_521_mont_sub_21(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_21(t3, t3, x, p521_mod);
+ sp_521_mont_sub_21(t3, t3, x, p521_mod);
sp_521_mont_mul_21(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_21(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_21(y, t3, t5, p521_mod);
+ sp_521_mont_mul_21(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_21(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 21; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 21; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 21; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 21; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 21; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 21; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -37982,7 +38036,7 @@ static int sp_521_gen_stripe_table_21(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_256_21(sp_point_521* r,
@@ -38229,7 +38283,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -38300,8 +38354,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_win_add_sub_21(r, g, k, map, ct, heap);
@@ -38418,7 +38472,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -38429,7 +38483,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -40908,7 +40962,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -40930,7 +40984,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -41085,7 +41139,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -41093,7 +41147,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -42302,8 +42356,8 @@ static int sp_521_mod_inv_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt &&
- sp_521_cmp_21(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) &&
+ (sp_521_cmp_21(u, v) >= 0))) {
sp_521_sub_21(u, u, v);
sp_521_norm_21(u);
@@ -42409,7 +42463,7 @@ static void sp_521_add_points_21(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -42742,7 +42796,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -42770,19 +42824,21 @@ static int sp_521_ecc_is_point_21(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 21;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_21(t1, point->y);
(void)sp_521_mod_21(t1, t1, p521_mod);
sp_521_sqr_21(t2, point->x);
(void)sp_521_mod_21(t2, t2, p521_mod);
sp_521_mul_21(t2, t2, point->x);
(void)sp_521_mod_21(t2, t2, p521_mod);
- (void)sp_521_sub_21(t2, p521_mod, t2);
- sp_521_mont_add_21(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_21(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_21(t1, t1, point->x, p521_mod);
sp_521_mont_add_21(t1, t1, point->x, p521_mod);
sp_521_mont_add_21(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_21(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -42796,7 +42852,7 @@ static int sp_521_ecc_is_point_21(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -44421,14 +44477,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 25
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 24);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 24);
}
#elif DIGIT_BIT > 25
unsigned int i;
@@ -44860,7 +44916,7 @@ static void sp_1024_mont_reduce_42(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -44874,7 +44930,7 @@ SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_42(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -45055,7 +45111,6 @@ static void sp_1024_mont_sub_42(sp_digit* r, const sp_digit* a, const sp_digit*
sp_1024_norm_42(r);
}
-#define sp_1024_mont_sub_lower_42 sp_1024_mont_sub_42
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -45122,7 +45177,8 @@ SP_NOINLINE static void sp_1024_rshift1_42(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_1024_div2_42(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_42(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_1024_cond_add_42(r, a, m, 0 - (a[0] & 1));
sp_1024_norm_42(r);
@@ -45173,7 +45229,7 @@ static void sp_1024_proj_point_dbl_42(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_42(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_42(t2, t2, p1024_mod);
+ sp_1024_mont_div2_42(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_42(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -45183,7 +45239,7 @@ static void sp_1024_proj_point_dbl_42(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_42(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_42(y, y, x, p1024_mod);
+ sp_1024_mont_sub_42(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_42(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -45206,7 +45262,8 @@ typedef struct sp_1024_proj_point_dbl_42_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_42_ctx* ctx = (sp_1024_proj_point_dbl_42_ctx*)sp_ctx->data;
@@ -45280,7 +45337,7 @@ static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_42(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_42(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -45305,7 +45362,7 @@ static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_42(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -45382,12 +45439,12 @@ static int sp_1024_iszero_42(const sp_digit* a)
static void sp_1024_proj_point_add_42(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*42;
- sp_digit* t3 = t + 4*42;
- sp_digit* t4 = t + 6*42;
- sp_digit* t5 = t + 8*42;
- sp_digit* t6 = t + 10*42;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*42;
+ sp_digit* t2 = t + 4*42;
+ sp_digit* t3 = t + 6*42;
+ sp_digit* t4 = t + 8*42;
+ sp_digit* t5 = t + 10*42;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_42(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -45409,17 +45466,9 @@ static void sp_1024_proj_point_add_42(sp_point_1024* r,
sp_1024_proj_point_dbl_42(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
@@ -45438,20 +45487,31 @@ static void sp_1024_proj_point_add_42(sp_point_1024* r,
sp_1024_mont_dbl_42(t3, y, p1024_mod);
sp_1024_mont_sub_42(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_42(y, y, x, p1024_mod);
+ sp_1024_mont_sub_42(y, y, x, p1024_mod);
sp_1024_mont_mul_42(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_42(y, y, t5, p1024_mod);
- for (i = 0; i < 42; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 42; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 42; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 42; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 42; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 42; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -45497,12 +45557,12 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*42;
- ctx->t3 = t + 4*42;
- ctx->t4 = t + 6*42;
- ctx->t5 = t + 8*42;
- ctx->t6 = t + 10*42;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*42;
+ ctx->t2 = t + 4*42;
+ ctx->t3 = t + 6*42;
+ ctx->t4 = t + 8*42;
+ ctx->t5 = t + 10*42;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -45609,7 +45669,7 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_42(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -45622,22 +45682,28 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 42; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 42; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 42; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 42; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 42; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 42; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -46000,8 +46066,6 @@ static void sp_1024_cond_copy_42(sp_digit* r, const sp_digit* a, const sp_digit
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_1024_mont_dbl_lower_42 sp_1024_mont_dbl_42
-#define sp_1024_mont_tpl_lower_42 sp_1024_mont_tpl_42
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -46040,7 +46104,7 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_42(a, t1, p1024_mod);
+ sp_1024_mont_tpl_42(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -46049,8 +46113,8 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
sp_1024_mont_dbl_42(t2, b, p1024_mod);
sp_1024_mont_sub_42(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_42(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_42(b, t2, p1024_mod);
+ sp_1024_mont_sub_42(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_42(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_42(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -46070,7 +46134,7 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_42(a, t1, p1024_mod);
+ sp_1024_mont_tpl_42(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -46079,8 +46143,8 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
sp_1024_mont_dbl_42(t2, b, p1024_mod);
sp_1024_mont_sub_42(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_42(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_42(b, t2, p1024_mod);
+ sp_1024_mont_sub_42(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_42(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_42(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -46090,7 +46154,7 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
sp_1024_mont_sub_42(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_42(y, y, p1024_mod);
+ sp_1024_mont_div2_42(y, y, p1024_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -46136,7 +46200,7 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_42(a, t1, p1024_mod);
+ sp_1024_mont_tpl_42(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -46146,8 +46210,8 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
sp_1024_mont_dbl_42(t2, b, p1024_mod);
sp_1024_mont_sub_42(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_42(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_42(b, t2, p1024_mod);
+ sp_1024_mont_sub_42(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_42(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_42(r[j].z, z, y, p1024_mod, p1024_mp_mod);
z = r[j].z;
@@ -46161,7 +46225,7 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
sp_1024_mont_mul_42(y, b, a, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_42(y, y, t1, p1024_mod);
/* Y = Y/2 */
- sp_1024_div2_42(r[j].y, y, p1024_mod);
+ sp_1024_mont_div2_42(r[j].y, y, p1024_mod);
r[j].infinity = 0;
}
}
@@ -46235,8 +46299,8 @@ static void sp_1024_proj_point_add_sub_42(sp_point_1024* ra,
sp_1024_mont_sub_42(xs, xs, t1, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_1024_mont_sub_lower_42(ys, ya, xs, p1024_mod);
- sp_1024_mont_sub_lower_42(ya, ya, xa, p1024_mod);
+ sp_1024_mont_sub_42(ys, ya, xs, p1024_mod);
+ sp_1024_mont_sub_42(ya, ya, xa, p1024_mod);
sp_1024_mont_mul_42(ya, ya, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_42(t6, p1024_mod, t6, p1024_mod);
sp_1024_mont_mul_42(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -46364,7 +46428,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_10
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
+ t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
(65+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -46487,12 +46551,12 @@ static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_10
static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*42;
- sp_digit* t3 = t + 4*42;
- sp_digit* t4 = t + 6*42;
- sp_digit* t5 = t + 8*42;
- sp_digit* t6 = t + 10*42;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*42;
+ sp_digit* t6 = t + 4*42;
+ sp_digit* t1 = t + 6*42;
+ sp_digit* t4 = t + 8*42;
+ sp_digit* t5 = t + 10*42;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -46508,13 +46572,9 @@ static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
sp_1024_proj_point_dbl_42(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_42(t2, t2, p->x, p1024_mod);
@@ -46523,33 +46583,40 @@ static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_42(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_42(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_42(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_42(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_42(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_42(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_42(t1, t3, p1024_mod);
- sp_1024_mont_sub_42(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_42(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_42(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_42(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_42(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_42(t5, t3, p1024_mod);
+ sp_1024_mont_sub_42(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_42(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_42(t3, t3, x, p1024_mod);
sp_1024_mont_mul_42(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_42(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_42(y, t3, t5, p1024_mod);
+ sp_1024_mont_mul_42(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_42(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 42; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 42; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 42; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 42; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 42; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 42; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -46801,7 +46868,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -46872,8 +46939,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_win_add_sub_42(r, g, k, map, ct, heap);
@@ -50934,7 +51001,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -50956,7 +51023,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -51172,7 +51239,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -51198,7 +51265,7 @@ static void sp_1024_proj_mul_qx1_42(sp_digit* px, sp_digit* py,
sp_1024_mont_add_42(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -53219,7 +53286,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -53334,7 +53401,7 @@ static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_42(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_42(t1, ty, p1024_mod);
+ sp_1024_mont_div2_42(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -53354,7 +53421,7 @@ static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_42(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_42(t1, t1, p1024_mod);
+ sp_1024_mont_div2_42(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_42(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -53772,7 +53839,7 @@ static void sp_1024_accumulate_line_dbl_n_42(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_42(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_42(t1, ty, p1024_mod);
+ sp_1024_mont_div2_42(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -53810,7 +53877,7 @@ static void sp_1024_accumulate_line_dbl_n_42(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_42(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_42(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -54618,7 +54685,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
}
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -54647,19 +54714,21 @@ static int sp_1024_ecc_is_point_42(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 42;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_42(t1, point->y);
(void)sp_1024_mod_42(t1, t1, p1024_mod);
sp_1024_sqr_42(t2, point->x);
(void)sp_1024_mod_42(t2, t2, p1024_mod);
sp_1024_mul_42(t2, t2, point->x);
(void)sp_1024_mod_42(t2, t2, p1024_mod);
- (void)sp_1024_sub_42(t2, p1024_mod, t2);
- sp_1024_mont_add_42(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_42(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_42(t1, p1024_mod);
sp_1024_cond_sub_42(t1, t1, p1024_mod, ~(n >> 24));
sp_1024_norm_42(t1);
@@ -54676,7 +54745,7 @@ static int sp_1024_ecc_is_point_42(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c
index ebd668f2..a2b97d81 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c
@@ -56,6 +56,16 @@
#include <wolfssl/wolfcrypt/sp.h>
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif
+
#ifndef WOLFSSL_SP_ASM
#if SP_WORD_SIZE == 64
#define SP_PRINT_NUM(var, name, total, words, bits) \
@@ -78,11 +88,14 @@
#define SP_PRINT_INT(var, name) \
fprintf(stderr, name "=%d\n", var)
-#if (((!defined(WC_NO_CACHE_RESISTANT) && \
- (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
- (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
+#if ((defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && \
+ ((!defined(WC_NO_CACHE_RESISTANT) && \
+ (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
+ (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)) || (defined(WOLFSSL_SP_SMALL) && \
- defined(WOLFSSL_HAVE_SP_ECC))
+ defined(WOLFSSL_HAVE_SP_ECC) && (!defined(WOLFSSL_SP_NO_256) || \
+ defined(WOLFSSL_SP_384) || defined(WOLFSSL_SP_521) || \
+ defined(WOLFSSL_SP_1024)))
/* Mask for address to obfuscate which of the two address will be used. */
static const size_t addr_mask[2] = { 0, (size_t)-1 };
#endif
@@ -140,14 +153,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 61
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 60);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 60);
}
#elif DIGIT_BIT > 61
unsigned int i;
@@ -409,7 +422,7 @@ SP_NOINLINE static void sp_2048_sqr_34(sp_digit* r, const sp_digit* a)
r[0] = (sp_digit)(c >> 61);
}
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -675,7 +688,7 @@ SP_NOINLINE static void sp_2048_mul_17(sp_digit* r, const sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_17(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -753,7 +766,7 @@ SP_NOINLINE static void sp_2048_sqr_17(sp_digit* r, const sp_digit* a)
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_17(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -1564,7 +1577,7 @@ static void sp_2048_mont_reduce_34(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1578,7 +1591,7 @@ SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_34(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -2202,7 +2215,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -2212,7 +2225,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 61) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 256U) {
@@ -2241,12 +2254,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_2048_from_bin(a, 34, in, inLen);
-#if DIGIT_BIT >= 61
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -2265,7 +2278,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
err = sp_2048_mod_34(a, a, m);
}
if (err == MP_OKAY) {
- for (i=60; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -2302,14 +2315,14 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 256U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 61) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 256U) {
@@ -2338,12 +2351,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
m = r + 34 * 2;
sp_2048_from_bin(a, 34, in, inLen);
-#if DIGIT_BIT >= 61
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -2373,7 +2386,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
err = sp_2048_mod_34(a, a, m);
if (err == MP_OKAY) {
- for (i=60; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -3419,14 +3432,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 57
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 56);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 56);
}
#elif DIGIT_BIT > 57
unsigned int i;
@@ -4001,7 +4014,7 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
}
#endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -4250,7 +4263,7 @@ static void sp_2048_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4264,7 +4277,7 @@ SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_18(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -5138,7 +5151,7 @@ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -5152,7 +5165,7 @@ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -5802,7 +5815,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -5812,7 +5825,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 57) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 256U) {
@@ -5841,12 +5854,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_2048_from_bin(a, 36, in, inLen);
-#if DIGIT_BIT >= 57
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -5865,7 +5878,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
err = sp_2048_mod_36(a, a, m);
}
if (err == MP_OKAY) {
- for (i=56; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -5902,14 +5915,14 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 256U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 57) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 256U) {
@@ -5938,12 +5951,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
m = r + 36 * 2;
sp_2048_from_bin(a, 36, in, inLen);
-#if DIGIT_BIT >= 57
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -5973,7 +5986,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
err = sp_2048_mod_36(a, a, m);
if (err == MP_OKAY) {
- for (i=56; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -7092,14 +7105,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 60
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 59);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 59);
}
#elif DIGIT_BIT > 60
unsigned int i;
@@ -7322,7 +7335,7 @@ SP_NOINLINE static void sp_3072_sqr_52(sp_digit* r, const sp_digit* a)
r[0] = (sp_digit)(c >> 60);
}
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -7575,7 +7588,7 @@ SP_NOINLINE static void sp_3072_mul_26(sp_digit* r, const sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_26(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -7630,7 +7643,7 @@ SP_NOINLINE static void sp_3072_sqr_26(sp_digit* r, const sp_digit* a)
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_26(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -8447,7 +8460,7 @@ static void sp_3072_mont_reduce_52(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -8461,7 +8474,7 @@ SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_52(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -9085,7 +9098,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -9095,7 +9108,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 60) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -9124,12 +9137,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_3072_from_bin(a, 52, in, inLen);
-#if DIGIT_BIT >= 60
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -9148,7 +9161,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_52(a, a, m);
}
if (err == MP_OKAY) {
- for (i=59; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -9185,14 +9198,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 384U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 60) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -9221,12 +9234,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
m = r + 52 * 2;
sp_3072_from_bin(a, 52, in, inLen);
-#if DIGIT_BIT >= 60
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -9256,7 +9269,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_52(a, a, m);
if (err == MP_OKAY) {
- for (i=59; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -10302,14 +10315,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 57
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 56);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 56);
}
#elif DIGIT_BIT > 57
unsigned int i;
@@ -10967,7 +10980,7 @@ SP_NOINLINE static void sp_3072_sqr_54(sp_digit* r, const sp_digit* a)
}
#endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -11266,7 +11279,7 @@ static void sp_3072_mont_reduce_27(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -11280,7 +11293,7 @@ SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_27(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -12166,7 +12179,7 @@ static void sp_3072_mont_reduce_54(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -12180,7 +12193,7 @@ SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_54(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -12834,7 +12847,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -12844,7 +12857,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 57) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -12873,12 +12886,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_3072_from_bin(a, 54, in, inLen);
-#if DIGIT_BIT >= 57
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -12897,7 +12910,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_54(a, a, m);
}
if (err == MP_OKAY) {
- for (i=56; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -12934,14 +12947,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 384U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 57) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 384U) {
@@ -12970,12 +12983,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
m = r + 54 * 2;
sp_3072_from_bin(a, 54, in, inLen);
-#if DIGIT_BIT >= 57
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -13005,7 +13018,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
err = sp_3072_mod_54(a, a, m);
if (err == MP_OKAY) {
- for (i=56; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -14160,14 +14173,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 59
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 58);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 58);
}
#elif DIGIT_BIT > 59
unsigned int i;
@@ -14392,7 +14405,7 @@ SP_NOINLINE static void sp_4096_sqr_70(sp_digit* r, const sp_digit* a)
r[0] = (sp_digit)(c >> 59);
}
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -14649,7 +14662,7 @@ SP_NOINLINE static void sp_4096_mul_35(sp_digit* r, const sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_35(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14704,7 +14717,7 @@ SP_NOINLINE static void sp_4096_sqr_35(sp_digit* r, const sp_digit* a)
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_35(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -15516,7 +15529,7 @@ static void sp_4096_mont_reduce_70(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -15530,7 +15543,7 @@ SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_70(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -16154,7 +16167,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -16164,7 +16177,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 59) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -16193,12 +16206,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_4096_from_bin(a, 70, in, inLen);
-#if DIGIT_BIT >= 59
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -16217,7 +16230,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_70(a, a, m);
}
if (err == MP_OKAY) {
- for (i=58; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -16254,14 +16267,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 512U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 59) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -16290,12 +16303,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
m = r + 70 * 2;
sp_4096_from_bin(a, 70, in, inLen);
-#if DIGIT_BIT >= 59
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -16325,7 +16338,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_70(a, a, m);
if (err == MP_OKAY) {
- for (i=58; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -17229,14 +17242,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 53
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 52);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 52);
}
#elif DIGIT_BIT > 53
unsigned int i;
@@ -18058,7 +18071,7 @@ SP_NOINLINE static void sp_4096_sqr_78(sp_digit* r, const sp_digit* a)
}
#endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -18382,7 +18395,7 @@ static void sp_4096_mont_reduce_39(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -18396,7 +18409,7 @@ SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_39(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -19291,7 +19304,7 @@ static void sp_4096_mont_reduce_78(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -19305,7 +19318,7 @@ SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_78(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -19959,7 +19972,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* m = NULL;
sp_digit* r = NULL;
sp_digit* norm = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
sp_digit mp = 0;
int i;
int err = MP_OKAY;
@@ -19969,7 +19982,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 53) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -19998,12 +20011,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
norm = r;
sp_4096_from_bin(a, 78, in, inLen);
-#if DIGIT_BIT >= 53
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -20022,7 +20035,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_78(a, a, m);
}
if (err == MP_OKAY) {
- for (i=52; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -20059,14 +20072,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
sp_digit* a = NULL;
sp_digit* m = NULL;
sp_digit* r = NULL;
- sp_digit e[1] = {0};
+ sp_uint64 e[1] = {0};
int err = MP_OKAY;
if (*outLen < 512U) {
err = MP_TO_E;
}
if (err == MP_OKAY) {
- if (mp_count_bits(em) > 53) {
+ if (mp_count_bits(em) > 64) {
err = MP_READ_E;
}
else if (inLen > 512U) {
@@ -20095,12 +20108,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
m = r + 78 * 2;
sp_4096_from_bin(a, 78, in, inLen);
-#if DIGIT_BIT >= 53
- e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+ e[0] = (sp_uint64)em->dp[0];
#else
- e[0] = (sp_digit)em->dp[0];
+ e[0] = (sp_uint64)em->dp[0];
if (em->used > 1) {
- e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+ e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
}
#endif
if (e[0] == 0) {
@@ -20130,7 +20143,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
err = sp_4096_mod_78(a, a, m);
if (err == MP_OKAY) {
- for (i=52; i>=0; i--) {
+ for (i=63; i>=0; i--) {
if ((e[0] >> i) != 0) {
break;
}
@@ -21481,14 +21494,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 52
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 51);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 51);
}
#elif DIGIT_BIT > 52
unsigned int i;
@@ -21923,7 +21936,7 @@ static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -21937,7 +21950,7 @@ SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -21953,10 +21966,10 @@ SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_5(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_5(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_5(r, a, m, mp);
for (; n > 1; n--) {
@@ -22193,7 +22206,6 @@ static void sp_256_mont_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b,
sp_256_norm_5(r);
}
-#define sp_256_mont_sub_lower_5 sp_256_mont_sub_5
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -22223,7 +22235,8 @@ SP_NOINLINE static void sp_256_rshift1_5(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_256_div2_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_256_mont_div2_5(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_256_cond_add_5(r, a, m, 0 - (a[0] & 1));
sp_256_norm_5(r);
@@ -22274,7 +22287,7 @@ static void sp_256_proj_point_dbl_5(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_5(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_5(t2, t2, p256_mod);
+ sp_256_mont_div2_5(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_5(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
@@ -22284,7 +22297,7 @@ static void sp_256_proj_point_dbl_5(sp_point_256* r, const sp_point_256* p,
/* X = X - Y */
sp_256_mont_sub_5(x, x, y, p256_mod);
/* Y = Y - X */
- sp_256_mont_sub_lower_5(y, y, x, p256_mod);
+ sp_256_mont_sub_5(y, y, x, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_5(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -22307,7 +22320,8 @@ typedef struct sp_256_proj_point_dbl_5_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_5_ctx* ctx = (sp_256_proj_point_dbl_5_ctx*)sp_ctx->data;
@@ -22381,7 +22395,7 @@ static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_5(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_5(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -22406,7 +22420,7 @@ static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 16:
/* Y = Y - X */
- sp_256_mont_sub_lower_5(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_5(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -22466,12 +22480,12 @@ static int sp_256_iszero_5(const sp_digit* a)
static void sp_256_proj_point_add_5(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*5;
- sp_digit* t3 = t + 4*5;
- sp_digit* t4 = t + 6*5;
- sp_digit* t5 = t + 8*5;
- sp_digit* t6 = t + 10*5;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*5;
+ sp_digit* t2 = t + 4*5;
+ sp_digit* t3 = t + 6*5;
+ sp_digit* t4 = t + 8*5;
+ sp_digit* t5 = t + 10*5;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_5(t1, q->z, p256_mod, p256_mp_mod);
@@ -22493,17 +22507,9 @@ static void sp_256_proj_point_add_5(sp_point_256* r,
sp_256_proj_point_dbl_5(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_5(t2, t2, t1, p256_mod);
@@ -22522,20 +22528,31 @@ static void sp_256_proj_point_add_5(sp_point_256* r,
sp_256_mont_dbl_5(t3, y, p256_mod);
sp_256_mont_sub_5(x, x, t3, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_5(y, y, x, p256_mod);
+ sp_256_mont_sub_5(y, y, x, p256_mod);
sp_256_mont_mul_5(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_5(y, y, t5, p256_mod);
- for (i = 0; i < 5; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 5; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 5; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 5; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 5; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 5; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -22581,12 +22598,12 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*5;
- ctx->t3 = t + 4*5;
- ctx->t4 = t + 6*5;
- ctx->t5 = t + 8*5;
- ctx->t6 = t + 10*5;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*5;
+ ctx->t2 = t + 4*5;
+ ctx->t3 = t + 6*5;
+ ctx->t4 = t + 8*5;
+ ctx->t5 = t + 10*5;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -22693,7 +22710,7 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_5(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_5(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -22706,22 +22723,28 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 5; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 5; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 5; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 5; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 5; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 5; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -23119,8 +23142,6 @@ static void sp_256_cond_copy_5(sp_digit* r, const sp_digit* a, const sp_digit m)
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_256_mont_dbl_lower_5 sp_256_mont_dbl_5
-#define sp_256_mont_tpl_lower_5 sp_256_mont_tpl_5
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -23159,7 +23180,7 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_5(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_5(a, t1, p256_mod);
+ sp_256_mont_tpl_5(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
@@ -23168,8 +23189,8 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
sp_256_mont_dbl_5(t2, b, p256_mod);
sp_256_mont_sub_5(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_5(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_5(b, t2, p256_mod);
+ sp_256_mont_sub_5(t2, b, x, p256_mod);
+ sp_256_mont_dbl_5(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_5(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -23189,7 +23210,7 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_5(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_5(a, t1, p256_mod);
+ sp_256_mont_tpl_5(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
@@ -23198,8 +23219,8 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
sp_256_mont_dbl_5(t2, b, p256_mod);
sp_256_mont_sub_5(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_5(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_5(b, t2, p256_mod);
+ sp_256_mont_sub_5(t2, b, x, p256_mod);
+ sp_256_mont_dbl_5(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_5(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -23209,7 +23230,7 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
sp_256_mont_sub_5(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_5(y, y, p256_mod);
+ sp_256_mont_div2_5(y, y, p256_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -23255,7 +23276,7 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_5(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_5(a, t1, p256_mod);
+ sp_256_mont_tpl_5(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
@@ -23265,8 +23286,8 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
sp_256_mont_dbl_5(t2, b, p256_mod);
sp_256_mont_sub_5(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_5(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_5(b, t2, p256_mod);
+ sp_256_mont_sub_5(t2, b, x, p256_mod);
+ sp_256_mont_dbl_5(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_5(r[j].z, z, y, p256_mod, p256_mp_mod);
z = r[j].z;
@@ -23280,7 +23301,7 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
sp_256_mont_mul_5(y, b, a, p256_mod, p256_mp_mod);
sp_256_mont_sub_5(y, y, t1, p256_mod);
/* Y = Y/2 */
- sp_256_div2_5(r[j].y, y, p256_mod);
+ sp_256_mont_div2_5(r[j].y, y, p256_mod);
r[j].infinity = 0;
}
}
@@ -23354,8 +23375,8 @@ static void sp_256_proj_point_add_sub_5(sp_point_256* ra,
sp_256_mont_sub_5(xs, xs, t1, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_256_mont_sub_lower_5(ys, ya, xs, p256_mod);
- sp_256_mont_sub_lower_5(ya, ya, xa, p256_mod);
+ sp_256_mont_sub_5(ys, ya, xs, p256_mod);
+ sp_256_mont_sub_5(ya, ya, xa, p256_mod);
sp_256_mont_mul_5(ya, ya, t4, p256_mod, p256_mp_mod);
sp_256_sub_5(t6, p256_mod, t6);
sp_256_mont_mul_5(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -23439,7 +23460,7 @@ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_point_33_5(sp_point_256* r, const sp_point_256* table,
@@ -23523,7 +23544,7 @@ static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
+ t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -23642,12 +23663,12 @@ static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256*
static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*5;
- sp_digit* t3 = t + 4*5;
- sp_digit* t4 = t + 6*5;
- sp_digit* t5 = t + 8*5;
- sp_digit* t6 = t + 10*5;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*5;
+ sp_digit* t6 = t + 4*5;
+ sp_digit* t1 = t + 6*5;
+ sp_digit* t4 = t + 8*5;
+ sp_digit* t5 = t + 10*5;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -23663,13 +23684,9 @@ static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
sp_256_proj_point_dbl_5(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_5(t2, t2, p->x, p256_mod);
@@ -23678,33 +23695,40 @@ static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_5(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_5(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_5(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_5(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_5(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_5(x, t1, t5, p256_mod);
- sp_256_mont_dbl_5(t1, t3, p256_mod);
- sp_256_mont_sub_5(x, x, t1, p256_mod);
+ sp_256_mont_sqr_5(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_5(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_5(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_5(t2, t2, t1, p256_mod);
+ sp_256_mont_dbl_5(t5, t3, p256_mod);
+ sp_256_mont_sub_5(x, t2, t5, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_5(t3, t3, x, p256_mod);
+ sp_256_mont_sub_5(t3, t3, x, p256_mod);
sp_256_mont_mul_5(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_5(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_5(y, t3, t5, p256_mod);
+ sp_256_mont_mul_5(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_5(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 5; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 5; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 5; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 5; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 5; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 5; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -23826,7 +23850,7 @@ static int sp_256_gen_stripe_table_5(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_256_5(sp_point_256* r,
@@ -24009,7 +24033,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -24080,8 +24104,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_win_add_sub_5(r, g, k, map, ct, heap);
@@ -24198,7 +24222,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -24209,7 +24233,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -25666,7 +25690,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -25688,7 +25712,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -25842,7 +25866,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -25850,7 +25874,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -26471,7 +26495,7 @@ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a,
sp_256_mont_sqr_n_order_5(t2, t3, 4);
/* t = a^ff = t2 * t3 */
sp_256_mont_mul_order_5(t, t2, t3);
- /* t3= a^ff00 = t ^ 2 ^ 8 */
+ /* t2= a^ff00 = t ^ 2 ^ 8 */
sp_256_mont_sqr_n_order_5(t2, t, 8);
/* t = a^ffff = t2 * t */
sp_256_mont_mul_order_5(t, t2, t);
@@ -26488,7 +26512,11 @@ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a,
/* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
sp_256_mont_mul_order_5(t2, t2, t);
/* t2= a^ffffffff00000000ffffffffffffffffbce6 */
- for (i=127; i>=112; i--) {
+ sp_256_mont_sqr_order_5(t2, t2);
+ sp_256_mont_mul_order_5(t2, t2, a);
+ sp_256_mont_sqr_n_order_5(t2, t2, 5);
+ sp_256_mont_mul_order_5(t2, t2, t3);
+ for (i=121; i>=112; i--) {
sp_256_mont_sqr_order_5(t2, t2);
if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
sp_256_mont_mul_order_5(t2, t2, a);
@@ -26992,8 +27020,8 @@ static int sp_256_mod_inv_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt &&
- sp_256_cmp_5(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) &&
+ (sp_256_cmp_5(u, v) >= 0))) {
sp_256_sub_5(u, u, v);
sp_256_norm_5(u);
@@ -27083,7 +27111,7 @@ static void sp_256_add_points_5(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -27407,7 +27435,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -27435,19 +27463,21 @@ static int sp_256_ecc_is_point_5(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 5;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_5(t1, point->y);
(void)sp_256_mod_5(t1, t1, p256_mod);
sp_256_sqr_5(t2, point->x);
(void)sp_256_mod_5(t2, t2, p256_mod);
sp_256_mul_5(t2, t2, point->x);
(void)sp_256_mod_5(t2, t2, p256_mod);
- (void)sp_256_sub_5(t2, p256_mod, t2);
- sp_256_mont_add_5(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_5(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_5(t1, t1, point->x, p256_mod);
sp_256_mont_add_5(t1, t1, point->x, p256_mod);
sp_256_mont_add_5(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_5(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -27461,7 +27491,7 @@ static int sp_256_ecc_is_point_5(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -28347,14 +28377,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 55
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 54);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 54);
}
#elif DIGIT_BIT > 55
unsigned int i;
@@ -28810,7 +28840,7 @@ static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -28824,7 +28854,7 @@ SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -28840,10 +28870,10 @@ SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_7(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_7(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_7(r, a, m, mp);
for (; n > 1; n--) {
@@ -29098,7 +29128,6 @@ static void sp_384_mont_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b,
sp_384_norm_7(r);
}
-#define sp_384_mont_sub_lower_7 sp_384_mont_sub_7
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -29130,7 +29159,8 @@ SP_NOINLINE static void sp_384_rshift1_7(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_384_div2_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_7(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_384_cond_add_7(r, a, m, 0 - (a[0] & 1));
sp_384_norm_7(r);
@@ -29181,7 +29211,7 @@ static void sp_384_proj_point_dbl_7(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_7(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_7(t2, t2, p384_mod);
+ sp_384_mont_div2_7(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_7(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -29191,7 +29221,7 @@ static void sp_384_proj_point_dbl_7(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_7(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_7(y, y, x, p384_mod);
+ sp_384_mont_sub_7(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_7(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -29214,7 +29244,8 @@ typedef struct sp_384_proj_point_dbl_7_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_7_ctx* ctx = (sp_384_proj_point_dbl_7_ctx*)sp_ctx->data;
@@ -29288,7 +29319,7 @@ static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_7(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_7(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -29313,7 +29344,7 @@ static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_7(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_7(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -29374,12 +29405,12 @@ static int sp_384_iszero_7(const sp_digit* a)
static void sp_384_proj_point_add_7(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*7;
- sp_digit* t3 = t + 4*7;
- sp_digit* t4 = t + 6*7;
- sp_digit* t5 = t + 8*7;
- sp_digit* t6 = t + 10*7;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*7;
+ sp_digit* t2 = t + 4*7;
+ sp_digit* t3 = t + 6*7;
+ sp_digit* t4 = t + 8*7;
+ sp_digit* t5 = t + 10*7;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_7(t1, q->z, p384_mod, p384_mp_mod);
@@ -29401,17 +29432,9 @@ static void sp_384_proj_point_add_7(sp_point_384* r,
sp_384_proj_point_dbl_7(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_7(t2, t2, t1, p384_mod);
@@ -29430,20 +29453,31 @@ static void sp_384_proj_point_add_7(sp_point_384* r,
sp_384_mont_dbl_7(t3, y, p384_mod);
sp_384_mont_sub_7(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_7(y, y, x, p384_mod);
+ sp_384_mont_sub_7(y, y, x, p384_mod);
sp_384_mont_mul_7(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_7(y, y, t5, p384_mod);
- for (i = 0; i < 7; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 7; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 7; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 7; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 7; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 7; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -29489,12 +29523,12 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*7;
- ctx->t3 = t + 4*7;
- ctx->t4 = t + 6*7;
- ctx->t5 = t + 8*7;
- ctx->t6 = t + 10*7;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*7;
+ ctx->t2 = t + 4*7;
+ ctx->t3 = t + 6*7;
+ ctx->t4 = t + 8*7;
+ ctx->t5 = t + 10*7;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -29601,7 +29635,7 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_7(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_7(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -29614,22 +29648,28 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 7; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 7; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 7; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 7; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 7; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 7; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -30063,8 +30103,6 @@ static void sp_384_cond_copy_7(sp_digit* r, const sp_digit* a, const sp_digit m)
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_384_mont_dbl_lower_7 sp_384_mont_dbl_7
-#define sp_384_mont_tpl_lower_7 sp_384_mont_tpl_7
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -30103,7 +30141,7 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_7(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_7(a, t1, p384_mod);
+ sp_384_mont_tpl_7(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
@@ -30112,8 +30150,8 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
sp_384_mont_dbl_7(t2, b, p384_mod);
sp_384_mont_sub_7(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_7(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_7(b, t2, p384_mod);
+ sp_384_mont_sub_7(t2, b, x, p384_mod);
+ sp_384_mont_dbl_7(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_7(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -30133,7 +30171,7 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_7(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_7(a, t1, p384_mod);
+ sp_384_mont_tpl_7(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
@@ -30142,8 +30180,8 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
sp_384_mont_dbl_7(t2, b, p384_mod);
sp_384_mont_sub_7(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_7(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_7(b, t2, p384_mod);
+ sp_384_mont_sub_7(t2, b, x, p384_mod);
+ sp_384_mont_dbl_7(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_7(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -30153,7 +30191,7 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
sp_384_mont_sub_7(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_7(y, y, p384_mod);
+ sp_384_mont_div2_7(y, y, p384_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -30199,7 +30237,7 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_7(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_7(a, t1, p384_mod);
+ sp_384_mont_tpl_7(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
@@ -30209,8 +30247,8 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
sp_384_mont_dbl_7(t2, b, p384_mod);
sp_384_mont_sub_7(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_7(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_7(b, t2, p384_mod);
+ sp_384_mont_sub_7(t2, b, x, p384_mod);
+ sp_384_mont_dbl_7(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_7(r[j].z, z, y, p384_mod, p384_mp_mod);
z = r[j].z;
@@ -30224,7 +30262,7 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
sp_384_mont_mul_7(y, b, a, p384_mod, p384_mp_mod);
sp_384_mont_sub_7(y, y, t1, p384_mod);
/* Y = Y/2 */
- sp_384_div2_7(r[j].y, y, p384_mod);
+ sp_384_mont_div2_7(r[j].y, y, p384_mod);
r[j].infinity = 0;
}
}
@@ -30298,8 +30336,8 @@ static void sp_384_proj_point_add_sub_7(sp_point_384* ra,
sp_384_mont_sub_7(xs, xs, t1, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_384_mont_sub_lower_7(ys, ya, xs, p384_mod);
- sp_384_mont_sub_lower_7(ya, ya, xa, p384_mod);
+ sp_384_mont_sub_7(ys, ya, xs, p384_mod);
+ sp_384_mont_sub_7(ya, ya, xa, p384_mod);
sp_384_mont_mul_7(ya, ya, t4, p384_mod, p384_mp_mod);
sp_384_sub_7(t6, p384_mod, t6);
sp_384_mont_mul_7(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -30383,7 +30421,7 @@ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_point_33_7(sp_point_384* r, const sp_point_384* table,
@@ -30479,7 +30517,7 @@ static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
+ t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -30598,12 +30636,12 @@ static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384*
static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*7;
- sp_digit* t3 = t + 4*7;
- sp_digit* t4 = t + 6*7;
- sp_digit* t5 = t + 8*7;
- sp_digit* t6 = t + 10*7;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*7;
+ sp_digit* t6 = t + 4*7;
+ sp_digit* t1 = t + 6*7;
+ sp_digit* t4 = t + 8*7;
+ sp_digit* t5 = t + 10*7;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -30619,13 +30657,9 @@ static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
sp_384_proj_point_dbl_7(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_7(t2, t2, p->x, p384_mod);
@@ -30634,33 +30668,40 @@ static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_7(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_7(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_7(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_7(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_7(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_7(x, t1, t5, p384_mod);
- sp_384_mont_dbl_7(t1, t3, p384_mod);
- sp_384_mont_sub_7(x, x, t1, p384_mod);
+ sp_384_mont_sqr_7(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_7(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_7(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_7(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_7(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_7(t5, t3, p384_mod);
+ sp_384_mont_sub_7(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_7(t3, t3, x, p384_mod);
+ sp_384_mont_sub_7(t3, t3, x, p384_mod);
sp_384_mont_mul_7(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_7(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_7(y, t3, t5, p384_mod);
+ sp_384_mont_mul_7(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_7(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 7; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 7; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 7; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 7; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 7; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 7; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -30782,7 +30823,7 @@ static int sp_384_gen_stripe_table_7(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_256_7(sp_point_384* r,
@@ -30973,7 +31014,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -31044,8 +31085,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_win_add_sub_7(r, g, k, map, ct, heap);
@@ -31162,7 +31203,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -31173,7 +31214,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -33140,7 +33181,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -33162,7 +33203,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -33316,7 +33357,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -33324,7 +33365,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -34445,8 +34486,8 @@ static int sp_384_mod_inv_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt &&
- sp_384_cmp_7(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) &&
+ (sp_384_cmp_7(u, v) >= 0))) {
sp_384_sub_7(u, u, v);
sp_384_norm_7(u);
@@ -34538,7 +34579,7 @@ static void sp_384_add_points_7(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -34862,7 +34903,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -34890,19 +34931,21 @@ static int sp_384_ecc_is_point_7(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 7;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_7(t1, point->y);
(void)sp_384_mod_7(t1, t1, p384_mod);
sp_384_sqr_7(t2, point->x);
(void)sp_384_mod_7(t2, t2, p384_mod);
sp_384_mul_7(t2, t2, point->x);
(void)sp_384_mod_7(t2, t2, p384_mod);
- (void)sp_384_sub_7(t2, p384_mod, t2);
- sp_384_mont_add_7(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_7(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_7(t1, t1, point->x, p384_mod);
sp_384_mont_add_7(t1, t1, point->x, p384_mod);
sp_384_mont_add_7(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_7(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -34916,7 +34959,7 @@ static int sp_384_ecc_is_point_7(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -35910,14 +35953,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 58
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 57);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 57);
}
#elif DIGIT_BIT > 58
unsigned int i;
@@ -36335,7 +36378,7 @@ static void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -36349,7 +36392,7 @@ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -36365,10 +36408,10 @@ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_9(r, a, m, mp);
for (; n > 1; n--) {
@@ -36622,7 +36665,6 @@ static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
sp_521_norm_9(r);
}
-#define sp_521_mont_sub_lower_9 sp_521_mont_sub_9
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -36656,7 +36698,8 @@ SP_NOINLINE static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_521_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_521_cond_add_9(r, a, m, 0 - (a[0] & 1));
sp_521_norm_9(r);
@@ -36707,7 +36750,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_9(t2, t2, p521_mod);
+ sp_521_mont_div2_9(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -36717,7 +36760,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_9(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+ sp_521_mont_sub_9(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -36740,7 +36783,8 @@ typedef struct sp_521_proj_point_dbl_9_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -36814,7 +36858,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_9(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -36839,7 +36883,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -36901,12 +36945,12 @@ static int sp_521_iszero_9(const sp_digit* a)
static void sp_521_proj_point_add_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*9;
+ sp_digit* t2 = t + 4*9;
+ sp_digit* t3 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -36928,17 +36972,9 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
sp_521_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_9(t2, t2, t1, p521_mod);
@@ -36957,20 +36993,31 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
sp_521_mont_dbl_9(t3, y, p521_mod);
sp_521_mont_sub_9(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+ sp_521_mont_sub_9(y, y, x, p521_mod);
sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(y, y, t5, p521_mod);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -37016,12 +37063,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*9;
- ctx->t3 = t + 4*9;
- ctx->t4 = t + 6*9;
- ctx->t5 = t + 8*9;
- ctx->t6 = t + 10*9;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*9;
+ ctx->t2 = t + 4*9;
+ ctx->t3 = t + 6*9;
+ ctx->t4 = t + 8*9;
+ ctx->t5 = t + 10*9;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -37128,7 +37175,7 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -37141,22 +37188,28 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -37471,8 +37524,6 @@ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m)
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_521_mont_dbl_lower_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_lower_9 sp_521_mont_tpl_9
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -37511,7 +37562,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -37520,8 +37571,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -37541,7 +37592,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -37550,8 +37601,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -37561,7 +37612,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_sub_9(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_9(y, y, p521_mod);
+ sp_521_mont_div2_9(y, y, p521_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -37607,7 +37658,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -37617,8 +37668,8 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
z = r[j].z;
@@ -37632,7 +37683,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(y, y, t1, p521_mod);
/* Y = Y/2 */
- sp_521_div2_9(r[j].y, y, p521_mod);
+ sp_521_mont_div2_9(r[j].y, y, p521_mod);
r[j].infinity = 0;
}
}
@@ -37706,8 +37757,8 @@ static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
sp_521_mont_sub_9(xs, xs, t1, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_521_mont_sub_lower_9(ys, ya, xs, p521_mod);
- sp_521_mont_sub_lower_9(ya, ya, xa, p521_mod);
+ sp_521_mont_sub_9(ys, ya, xs, p521_mod);
+ sp_521_mont_sub_9(ya, ya, xa, p521_mod);
sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
sp_521_sub_9(t6, p521_mod, t6);
sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -37791,7 +37842,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table,
@@ -37899,7 +37950,7 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
+ t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -38018,12 +38069,12 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*9;
+ sp_digit* t6 = t + 4*9;
+ sp_digit* t1 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -38039,13 +38090,9 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
sp_521_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
@@ -38054,33 +38101,40 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_9(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_9(x, t1, t5, p521_mod);
- sp_521_mont_dbl_9(t1, t3, p521_mod);
- sp_521_mont_sub_9(x, x, t1, p521_mod);
+ sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_9(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_9(t5, t3, p521_mod);
+ sp_521_mont_sub_9(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_9(t3, t3, x, p521_mod);
+ sp_521_mont_sub_9(t3, t3, x, p521_mod);
sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_9(y, t3, t5, p521_mod);
+ sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_9(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -38202,7 +38256,7 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_256_9(sp_point_521* r,
@@ -38401,7 +38455,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -38472,8 +38526,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -38590,7 +38644,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -38601,7 +38655,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -40568,7 +40622,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -40590,7 +40644,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -40745,7 +40799,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -40753,7 +40807,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -41905,8 +41959,8 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt &&
- sp_521_cmp_9(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) &&
+ (sp_521_cmp_9(u, v) >= 0))) {
sp_521_sub_9(u, u, v);
sp_521_norm_9(u);
@@ -42000,7 +42054,7 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -42333,7 +42387,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -42361,19 +42415,21 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 9;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_9(t1, point->y);
(void)sp_521_mod_9(t1, t1, p521_mod);
sp_521_sqr_9(t2, point->x);
(void)sp_521_mod_9(t2, t2, p521_mod);
sp_521_mul_9(t2, t2, point->x);
(void)sp_521_mod_9(t2, t2, p521_mod);
- (void)sp_521_sub_9(t2, p521_mod, t2);
- sp_521_mont_add_9(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_9(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_9(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -42387,7 +42443,7 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -43886,14 +43942,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 57
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 56);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 56);
}
#elif DIGIT_BIT > 57
unsigned int i;
@@ -44297,7 +44353,7 @@ static void sp_1024_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -44311,7 +44367,7 @@ SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_18(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -44492,7 +44548,6 @@ static void sp_1024_mont_sub_18(sp_digit* r, const sp_digit* a, const sp_digit*
sp_1024_norm_18(r);
}
-#define sp_1024_mont_sub_lower_18 sp_1024_mont_sub_18
/* Shift number left one bit.
* Bottom bit is lost.
*
@@ -44535,7 +44590,8 @@ SP_NOINLINE static void sp_1024_rshift1_18(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-static void sp_1024_div2_18(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_18(sp_digit* r, const sp_digit* a,
+ const sp_digit* m)
{
sp_1024_cond_add_18(r, a, m, 0 - (a[0] & 1));
sp_1024_norm_18(r);
@@ -44586,7 +44642,7 @@ static void sp_1024_proj_point_dbl_18(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_18(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_18(t2, t2, p1024_mod);
+ sp_1024_mont_div2_18(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_18(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -44596,7 +44652,7 @@ static void sp_1024_proj_point_dbl_18(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_18(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_18(y, y, x, p1024_mod);
+ sp_1024_mont_sub_18(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_18(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -44619,7 +44675,8 @@ typedef struct sp_1024_proj_point_dbl_18_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_18_ctx* ctx = (sp_1024_proj_point_dbl_18_ctx*)sp_ctx->data;
@@ -44693,7 +44750,7 @@ static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_18(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_18(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -44718,7 +44775,7 @@ static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_18(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -44784,12 +44841,12 @@ static int sp_1024_iszero_18(const sp_digit* a)
static void sp_1024_proj_point_add_18(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*18;
- sp_digit* t3 = t + 4*18;
- sp_digit* t4 = t + 6*18;
- sp_digit* t5 = t + 8*18;
- sp_digit* t6 = t + 10*18;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*18;
+ sp_digit* t2 = t + 4*18;
+ sp_digit* t3 = t + 6*18;
+ sp_digit* t4 = t + 8*18;
+ sp_digit* t5 = t + 10*18;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_18(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -44811,17 +44868,9 @@ static void sp_1024_proj_point_add_18(sp_point_1024* r,
sp_1024_proj_point_dbl_18(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
@@ -44840,20 +44889,31 @@ static void sp_1024_proj_point_add_18(sp_point_1024* r,
sp_1024_mont_dbl_18(t3, y, p1024_mod);
sp_1024_mont_sub_18(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_18(y, y, x, p1024_mod);
+ sp_1024_mont_sub_18(y, y, x, p1024_mod);
sp_1024_mont_mul_18(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_18(y, y, t5, p1024_mod);
- for (i = 0; i < 18; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 18; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 18; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 18; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 18; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 18; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -44899,12 +44959,12 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*18;
- ctx->t3 = t + 4*18;
- ctx->t4 = t + 6*18;
- ctx->t5 = t + 8*18;
- ctx->t6 = t + 10*18;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*18;
+ ctx->t2 = t + 4*18;
+ ctx->t3 = t + 6*18;
+ ctx->t4 = t + 8*18;
+ ctx->t5 = t + 10*18;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -45011,7 +45071,7 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_18(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -45024,22 +45084,28 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- for (i = 0; i < 18; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 18; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 18; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ for (i = 0; i < 18; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 18; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 18; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -45354,8 +45420,6 @@ static void sp_1024_cond_copy_18(sp_digit* r, const sp_digit* a, const sp_digit
#endif /* WOLFSSL_SP_SMALL */
}
-#define sp_1024_mont_dbl_lower_18 sp_1024_mont_dbl_18
-#define sp_1024_mont_tpl_lower_18 sp_1024_mont_tpl_18
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -45394,7 +45458,7 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_18(a, t1, p1024_mod);
+ sp_1024_mont_tpl_18(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45403,8 +45467,8 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
sp_1024_mont_dbl_18(t2, b, p1024_mod);
sp_1024_mont_sub_18(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_18(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_18(b, t2, p1024_mod);
+ sp_1024_mont_sub_18(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_18(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_18(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -45424,7 +45488,7 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_18(a, t1, p1024_mod);
+ sp_1024_mont_tpl_18(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45433,8 +45497,8 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
sp_1024_mont_dbl_18(t2, b, p1024_mod);
sp_1024_mont_sub_18(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_18(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_18(b, t2, p1024_mod);
+ sp_1024_mont_sub_18(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_18(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_18(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -45444,7 +45508,7 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
sp_1024_mont_sub_18(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_18(y, y, p1024_mod);
+ sp_1024_mont_div2_18(y, y, p1024_mod);
}
/* Double the Montgomery form projective point p a number of times.
@@ -45490,7 +45554,7 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_18(a, t1, p1024_mod);
+ sp_1024_mont_tpl_18(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45500,8 +45564,8 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
sp_1024_mont_dbl_18(t2, b, p1024_mod);
sp_1024_mont_sub_18(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_18(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_18(b, t2, p1024_mod);
+ sp_1024_mont_sub_18(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_18(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_18(r[j].z, z, y, p1024_mod, p1024_mp_mod);
z = r[j].z;
@@ -45515,7 +45579,7 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
sp_1024_mont_mul_18(y, b, a, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_18(y, y, t1, p1024_mod);
/* Y = Y/2 */
- sp_1024_div2_18(r[j].y, y, p1024_mod);
+ sp_1024_mont_div2_18(r[j].y, y, p1024_mod);
r[j].infinity = 0;
}
}
@@ -45589,8 +45653,8 @@ static void sp_1024_proj_point_add_sub_18(sp_point_1024* ra,
sp_1024_mont_sub_18(xs, xs, t1, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_1024_mont_sub_lower_18(ys, ya, xs, p1024_mod);
- sp_1024_mont_sub_lower_18(ya, ya, xa, p1024_mod);
+ sp_1024_mont_sub_18(ys, ya, xs, p1024_mod);
+ sp_1024_mont_sub_18(ya, ya, xa, p1024_mod);
sp_1024_mont_mul_18(ya, ya, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_18(t6, p1024_mod, t6, p1024_mod);
sp_1024_mont_mul_18(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -45718,7 +45782,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_10
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
+ t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
(65+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -45841,12 +45905,12 @@ static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_10
static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*18;
- sp_digit* t3 = t + 4*18;
- sp_digit* t4 = t + 6*18;
- sp_digit* t5 = t + 8*18;
- sp_digit* t6 = t + 10*18;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*18;
+ sp_digit* t6 = t + 4*18;
+ sp_digit* t1 = t + 6*18;
+ sp_digit* t4 = t + 8*18;
+ sp_digit* t5 = t + 10*18;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -45862,13 +45926,9 @@ static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
sp_1024_proj_point_dbl_18(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_18(t2, t2, p->x, p1024_mod);
@@ -45877,33 +45937,40 @@ static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_18(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_18(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_18(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_18(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_18(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_18(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_18(t1, t3, p1024_mod);
- sp_1024_mont_sub_18(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_18(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_18(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_18(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_18(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_18(t5, t3, p1024_mod);
+ sp_1024_mont_sub_18(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_18(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_18(t3, t3, x, p1024_mod);
sp_1024_mont_mul_18(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_18(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_18(y, t3, t5, p1024_mod);
+ sp_1024_mont_mul_18(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_18(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 18; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 18; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 18; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ for (i = 0; i < 18; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 18; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 18; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -46155,7 +46222,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -46226,8 +46293,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_win_add_sub_18(r, g, k, map, ct, heap);
@@ -49774,7 +49841,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -49796,7 +49863,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -50012,7 +50079,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -50038,7 +50105,7 @@ static void sp_1024_proj_mul_qx1_18(sp_digit* px, sp_digit* py,
sp_1024_mont_add_18(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -51803,7 +51870,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -51918,7 +51985,7 @@ static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_18(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_18(t1, ty, p1024_mod);
+ sp_1024_mont_div2_18(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -51938,7 +52005,7 @@ static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_18(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_18(t1, t1, p1024_mod);
+ sp_1024_mont_div2_18(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_18(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -52356,7 +52423,7 @@ static void sp_1024_accumulate_line_dbl_n_18(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_18(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_18(t1, ty, p1024_mod);
+ sp_1024_mont_div2_18(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -52394,7 +52461,7 @@ static void sp_1024_accumulate_line_dbl_n_18(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_18(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_18(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -53202,7 +53269,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
}
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -53231,19 +53298,21 @@ static int sp_1024_ecc_is_point_18(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 18;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_18(t1, point->y);
(void)sp_1024_mod_18(t1, t1, p1024_mod);
sp_1024_sqr_18(t2, point->x);
(void)sp_1024_mod_18(t2, t2, p1024_mod);
sp_1024_mul_18(t2, t2, point->x);
(void)sp_1024_mod_18(t2, t2, p1024_mod);
- (void)sp_1024_sub_18(t2, p1024_mod, t2);
- sp_1024_mont_add_18(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_18(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_18(t1, p1024_mod);
sp_1024_cond_sub_18(t1, t1, p1024_mod, ~(n >> 56));
sp_1024_norm_18(t1);
@@ -53260,7 +53329,7 @@ static int sp_1024_ecc_is_point_18(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c
index 6f51ba05..3ab1accb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c
@@ -55,6 +55,7 @@
#ifdef __IAR_SYSTEMS_ICC__
#define __asm__ asm
#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
#endif /* __IAR_SYSTEMS_ICC__ */
#ifdef __KEIL__
#define __asm__ __asm
@@ -127,14 +128,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -239,616 +240,596 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a)
#define sp_2048_norm_64(a)
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[8];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
+ "SUB sp, sp, #0x24\n\t"
+ "STR %[r], [sp, #32]\n\t"
+ "MOV %[r], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
/* A[0] * B[0] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "mov r5, #0\n\t"
- "str r3, [%[tmp], #0]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "UMULL r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "UMULL r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "UMULL r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "UMULL r9, r10, r12, lr\n\t"
+ "STR r3, [sp]\n\t"
/* A[0] * B[1] */
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r8\n\t"
+ "LDR lr, [%[b], #4]\n\t"
+ "MOV r11, %[r]\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r3, %[r], #0x0\n\t"
+ "UMLAL r10, r3, r12, lr\n\t"
/* A[1] * B[0] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #4]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * B[2] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[1] * B[1] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * B[0] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[tmp], #8]\n\t"
- "mov r5, #0\n\t"
- /* A[0] * B[3] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[1] * B[2] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * B[1] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * B[0] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[tmp], #12]\n\t"
- "mov r3, #0\n\t"
- /* A[0] * B[4] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[1] * B[3] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[2] * B[2] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[3] * B[1] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[4] * B[0] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #16]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * B[5] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[1] * B[4] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * B[3] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[2] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * B[1] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[5] * B[0] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[tmp], #20]\n\t"
- "mov r5, #0\n\t"
- /* A[0] * B[6] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
/* A[1] * B[5] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * B[4] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * B[3] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[4] * B[2] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[1] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * B[0] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[tmp], #24]\n\t"
- "mov r3, #0\n\t"
- /* A[0] * B[7] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
/* A[1] * B[6] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[2] * B[5] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[3] * B[4] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[4] * B[3] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[5] * B[2] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[6] * B[1] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[7] * B[0] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #28]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[1] * B[7] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r4, %[r], #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "STR r5, [sp, #8]\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[2] * B[6] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[5] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * B[4] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[5] * B[3] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[6] * B[2] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[7] * B[1] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[r], #32]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[2] * B[7] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r5, %[r], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[3] * B[6] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[4] * B[5] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[4] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * B[3] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[7] * B[2] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[r], #36]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[3] * B[7] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r6, %[r], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[4] * B[6] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[5] * B[5] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[6] * B[4] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[7] * B[3] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[r], #40]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[4] * B[7] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r7, %[r], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[5] * B[6] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[6] * B[5] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[7] * B[4] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[r], #44]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[5] * B[7] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r8, %[r], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[6] * B[6] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[7] * B[5] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[r], #48]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[6] * B[7] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r9, %[r], #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "LDR r12, [%[a], #28]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[7] * B[6] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[r], #52]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
/* A[7] * B[7] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r8\n\t"
- "str r5, [%[r], #56]\n\t"
- "str r3, [%[r], #60]\n\t"
- /* Transfer tmp to r */
- "ldr r3, [%[tmp], #0]\n\t"
- "ldr r4, [%[tmp], #4]\n\t"
- "ldr r5, [%[tmp], #8]\n\t"
- "ldr r6, [%[tmp], #12]\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "ldr r3, [%[tmp], #16]\n\t"
- "ldr r4, [%[tmp], #20]\n\t"
- "ldr r5, [%[tmp], #24]\n\t"
- "ldr r6, [%[tmp], #28]\n\t"
- "str r3, [%[r], #16]\n\t"
- "str r4, [%[r], #20]\n\t"
- "str r5, [%[r], #24]\n\t"
- "str r6, [%[r], #28]\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r10, %[r], #0x0\n\t"
+ "UMLAL r9, r10, r12, lr\n\t"
+ "LDR %[r], [sp, #32]\n\t"
+ "ADD %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "SUB %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD sp, sp, #0x24\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [tmp] "r" (tmp)
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
-/* Add b to a into r. (r = a + b)
+#else
+/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "SUB sp, sp, #0x2c\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "STRD %[r], %[a], [sp, #36]\n\t"
+#else
+ "STR %[r], [sp, #36]\n\t"
+ "STR %[a], [sp, #40]\n\t"
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[b]\n\t"
+ "LDM %[a], {r0, r1, r2, r3}\n\t"
+ "LDM lr!, {r4, r5, r6}\n\t"
+ "UMULL r10, r11, r0, r4\n\t"
+ "UMULL r12, r7, r1, r4\n\t"
+ "UMAAL r11, r12, r0, r5\n\t"
+ "UMULL r8, r9, r2, r4\n\t"
+ "UMAAL r12, r8, r1, r5\n\t"
+ "UMAAL r12, r7, r0, r6\n\t"
+ "UMAAL r8, r9, r3, r4\n\t"
+ "STM sp, {r10, r11, r12}\n\t"
+ "UMAAL r7, r8, r2, r5\n\t"
+ "LDM lr!, {r4}\n\t"
+ "UMULL r10, r11, r1, r6\n\t"
+ "UMAAL r8, r9, r2, r6\n\t"
+ "UMAAL r7, r10, r0, r4\n\t"
+ "UMAAL r8, r11, r3, r5\n\t"
+ "STR r7, [sp, #12]\n\t"
+ "UMAAL r8, r10, r1, r4\n\t"
+ "UMAAL r9, r11, r3, r6\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "UMAAL r10, r11, r3, r4\n\t"
+ "LDM lr, {r4, r5, r6, r7}\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMLAL r8, r12, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r10, r12, r2, r4\n\t"
+ "UMAAL r11, r12, r3, r4\n\t"
+ "MOV r4, #0x0\n\t"
+ "UMLAL r9, r4, r0, r5\n\t"
+ "UMAAL r10, r4, r1, r5\n\t"
+ "UMAAL r11, r4, r2, r5\n\t"
+ "UMAAL r12, r4, r3, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r0, r6\n\t"
+ "UMAAL r11, r5, r1, r6\n\t"
+ "UMAAL r12, r5, r2, r6\n\t"
+ "UMAAL r4, r5, r3, r6\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r11, r6, r0, r7\n\t"
+ "LDR r0, [sp, #40]\n\t"
+ "UMAAL r12, r6, r1, r7\n\t"
+ "ADD r0, r0, #0x10\n\t"
+ "UMAAL r4, r6, r2, r7\n\t"
+ "SUB lr, lr, #0x10\n\t"
+ "UMAAL r5, r6, r3, r7\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "STR r6, [sp, #32]\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r8, r7, r0, r6\n\t"
+ "UMAAL r9, r7, r1, r6\n\t"
+ "STR r8, [sp, #16]\n\t"
+ "UMAAL r10, r7, r2, r6\n\t"
+ "UMAAL r11, r7, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r8, #0x0\n\t"
+ "UMLAL r9, r8, r0, r6\n\t"
+ "UMAAL r10, r8, r1, r6\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "UMAAL r11, r8, r2, r6\n\t"
+ "UMAAL r12, r8, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r10, r9, r0, r6\n\t"
+ "UMAAL r11, r9, r1, r6\n\t"
+ "STR r10, [sp, #24]\n\t"
+ "UMAAL r12, r9, r2, r6\n\t"
+ "UMAAL r4, r9, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r10, #0x0\n\t"
+ "UMLAL r11, r10, r0, r6\n\t"
+ "UMAAL r12, r10, r1, r6\n\t"
+ "STR r11, [sp, #28]\n\t"
+ "UMAAL r4, r10, r2, r6\n\t"
+ "UMAAL r5, r10, r3, r6\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r12, r7, r0, r11\n\t"
+ "UMAAL r4, r7, r1, r11\n\t"
+ "LDR r6, [sp, #32]\n\t"
+ "UMAAL r5, r7, r2, r11\n\t"
+ "UMAAL r6, r7, r3, r11\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r4, r8, r0, r11\n\t"
+ "UMAAL r5, r8, r1, r11\n\t"
+ "UMAAL r6, r8, r2, r11\n\t"
+ "UMAAL r7, r8, r3, r11\n\t"
+ "LDM lr, {r11, lr}\n\t"
+ "UMAAL r5, r9, r0, r11\n\t"
+ "UMAAL r6, r10, r0, lr\n\t"
+ "UMAAL r6, r9, r1, r11\n\t"
+ "UMAAL r7, r10, r1, lr\n\t"
+ "UMAAL r7, r9, r2, r11\n\t"
+ "UMAAL r8, r10, r2, lr\n\t"
+ "UMAAL r8, r9, r3, r11\n\t"
+ "UMAAL r9, r10, r3, lr\n\t"
+ "MOV r3, r12\n\t"
+ "LDR lr, [sp, #36]\n\t"
+ "ADD lr, lr, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "SUB lr, lr, #0x20\n\t"
+ "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD sp, sp, #0x2c\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
);
-
- return c;
}
-/* Sub b from a into r. (r = a - b)
+#endif /* WOLFSSL_SP_NO_UMAAL */
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+/* Sub b from a into a. (a -= b)
+ *
+ * a A single precision integer and result.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -857,60 +838,54 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -978,105 +953,85 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
(void)sp_2048_add_8(r + 24, r + 24, a1);
}
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -1085,100 +1040,82 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -1250,185 +1187,141 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
(void)sp_2048_add_16(r + 48, r + 48, a1);
}
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -1437,180 +1330,138 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -1682,396 +1533,412 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
(void)sp_2048_add_32(r + 96, r + 96, a1);
}
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[8];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- /* A[0] * A[0] */
- "ldr r6, [%[a], #0]\n\t"
- "umull r3, r4, r6, r6\n\t"
- "mov r5, #0\n\t"
- "str r3, [%[tmp], #0]\n\t"
- "mov r3, #0\n\t"
+ "SUB sp, sp, #0x44\n\t"
+ "STR %[r], [sp, #64]\n\t"
+ "MOV %[r], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
/* A[0] * A[1] */
- "ldr r8, [%[a], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #4]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * A[2] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * A[1] */
- "ldr r6, [%[a], #4]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[tmp], #8]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[a], #4]\n\t"
+ "UMULL r4, r5, r12, lr\n\t"
/* A[0] * A[3] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
- /* A[1] * A[2] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adc r5, r5, r11\n\t"
- "str r3, [%[tmp], #12]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "UMULL r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "UMULL r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "UMULL r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "LDR lr, [%[a], #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[0] * A[4] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[a], #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[1] * A[3] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[2] */
- "ldr r6, [%[a], #8]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adc r3, r3, r11\n\t"
- "str r4, [%[tmp], #16]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * A[5] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[1] * A[4] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[3] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r5, r5, r9\n\t"
- "adcs r3, r3, r10\n\t"
- "adc r4, r4, r11\n\t"
- "str r5, [%[tmp], #20]\n\t"
- "mov r5, #0\n\t"
- /* A[0] * A[6] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
/* A[1] * A[5] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[4] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[3] * A[3] */
- "ldr r6, [%[a], #12]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adc r5, r5, r11\n\t"
- "str r3, [%[tmp], #24]\n\t"
- "mov r3, #0\n\t"
- /* A[0] * A[7] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
/* A[1] * A[6] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[5] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[3] * A[4] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adc r3, r3, r11\n\t"
- "str r4, [%[tmp], #28]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[1] * A[7] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r4, %[r], #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "LDR lr, [%[a], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[2] * A[6] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[3] * A[5] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[4] * A[4] */
- "ldr r6, [%[a], #16]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r5, r5, r9\n\t"
- "adcs r3, r3, r10\n\t"
- "adc r4, r4, r11\n\t"
- "str r5, [%[r], #32]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[2] * A[7] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r5, %[r], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[3] * A[6] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[4] * A[5] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adc r5, r5, r11\n\t"
- "str r3, [%[r], #36]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[3] * A[7] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r6, %[r], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[a], #20]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[4] * A[6] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[5] * A[5] */
- "ldr r6, [%[a], #20]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adc r3, r3, r11\n\t"
- "str r4, [%[r], #40]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[4] * A[7] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r7, %[r], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
/* A[5] * A[6] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[r], #44]\n\t"
- "mov r5, #0\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[5] * A[7] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * A[6] */
- "ldr r6, [%[a], #24]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[r], #48]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r8, %[r], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
/* A[6] * A[7] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[r], #52]\n\t"
- "mov r4, #0\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "STM lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADC r10, %[r], #0x0\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV lr, sp\n\t"
+ /* A[0] * A[0] */
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "LDR r12, [%[a], #4]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "LDR r12, [%[a], #8]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "LDR r12, [%[a], #12]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, r12\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "LDR r12, [%[a], #16]\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "LDR r12, [%[a], #20]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "LDR r12, [%[a], #24]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[7] * A[7] */
- "ldr r6, [%[a], #28]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r8\n\t"
- "str r5, [%[r], #56]\n\t"
- "str r3, [%[r], #60]\n\t"
- /* Transfer tmp to r */
- "ldr r3, [%[tmp], #0]\n\t"
- "ldr r4, [%[tmp], #4]\n\t"
- "ldr r5, [%[tmp], #8]\n\t"
- "ldr r6, [%[tmp], #12]\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "ldr r3, [%[tmp], #16]\n\t"
- "ldr r4, [%[tmp], #20]\n\t"
- "ldr r5, [%[tmp], #24]\n\t"
- "ldr r6, [%[tmp], #28]\n\t"
- "str r3, [%[r], #16]\n\t"
- "str r4, [%[r], #20]\n\t"
- "str r5, [%[r], #24]\n\t"
- "str r6, [%[r], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r12, r12\n\t"
+ "LDR %[r], [sp, #64]\n\t"
+ "ADD %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "SUB %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#else
+/* Square a and put result in r. (r = a * a)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
+SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x20\n\t"
+ "STR %[r], [sp, #28]\n\t"
+ "LDM %[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "UMULL r9, r10, r0, r0\n\t"
+ "UMULL r11, r12, r0, r1\n\t"
+ "ADDS r11, r11, r11\n\t"
+ "MOV lr, #0x0\n\t"
+ "UMAAL r10, r11, lr, lr\n\t"
+ "STM sp, {r9, r10}\n\t"
+ "MOV r8, lr\n\t"
+ "UMAAL r8, r12, r0, r2\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r8, r11, r1, r1\n\t"
+ "UMULL r9, r10, r0, r3\n\t"
+ "UMAAL r9, r12, r1, r2\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STRD r8, r9, [sp, #8]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r10, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r2, r2\n\t"
+ "STR r9, [sp, #16]\n\t"
+ "UMULL r9, r8, r0, r5\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r9, r10, r2, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r8, r0, r6\n\t"
+ "UMAAL r9, r12, r1, r5\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r3, r3\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "UMULL r0, r9, r0, r7\n\t"
+ "UMAAL r0, r8, r1, r6\n\t"
+ "UMAAL r0, r12, r2, r5\n\t"
+ "UMAAL r0, r10, r3, r4\n\t"
+ "ADCS r0, r0, r0\n\t"
+ "UMAAL r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "UMAAL r9, r8, r1, r7\n\t"
+ "UMAAL r9, r10, r2, r6\n\t"
+ "UMAAL r12, r9, r3, r5\n\t"
+ "ADCS r12, r12, r12\n\t"
+ "UMAAL r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "UMAAL r9, r8, r2, r7\n\t"
+ "UMAAL r10, r9, r3, r6\n\t"
+ "MOV r2, lr\n\t"
+ "UMAAL r10, r2, r4, r5\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "UMAAL r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "UMAAL r2, r8, r3, r7\n\t"
+ "UMAAL r2, r9, r4, r6\n\t"
+ "ADCS r3, r2, r2\n\t"
+ "UMAAL r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "MOV r1, lr\n\t"
+ "UMAAL r1, r8, r4, r7\n\t"
+ "UMAAL r1, r9, r5, r6\n\t"
+ "ADCS r4, r1, r1\n\t"
+ "UMAAL r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "UMAAL r8, r9, r5, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "MOV r5, lr\n\t"
+ "UMAAL r5, r9, r6, r7\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "UMAAL r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r5, r7, r7\n\t"
+ "ADCS r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ "LDR lr, [sp, #28]\n\t"
+ "ADD lr, lr, #0x1c\n\t"
+ "STM lr!, {r0, r12}\n\t"
+ "STM lr!, {r11}\n\t"
+ "STM lr!, {r10}\n\t"
+ "STM lr!, {r3, r4, r8, r9}\n\t"
+ "STM lr!, {r7}\n\t"
+ "SUB lr, lr, #0x40\n\t"
+ "LDM sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+ "STM lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+ "ADD sp, sp, #0x20\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a), [tmp] "r" (tmp)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
}
+#endif /* WOLFSSL_SP_NO_UMAAL */
/* Sub b from a into r. (r = a - b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -2116,59 +1983,53 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -2213,99 +2074,81 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -2352,39 +2195,45 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #256\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x100\n\t"
+ "\n"
+ "L_sp_2048_add_64_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_2048_add_64_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_2048_add_64_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -2394,39 +2243,43 @@ SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #256\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x100\n\t"
+ "\n"
+ "L_sp_2048_sub_in_pkace_64_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_2048_sub_in_pkace_64_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_2048_sub_in_pkace_64_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -2437,86 +2290,99 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[64 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #252\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x200\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_2048_mul_64_outer:\n\t"
+ "SUBS r3, r5, #0xfc\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_2048_mul_64_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_2048_mul_64_inner_done\n\t"
+#else
+ "BGT.N L_sp_2048_mul_64_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BLT L_sp_2048_mul_64_inner\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BLT.N L_sp_2048_mul_64_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mul_64_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x1f4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLE L_sp_2048_mul_64_outer\n\t"
+#else
+ "BLE.N L_sp_2048_mul_64_outer\n\t"
+#endif
+ "LDR lr, [%[a], #252]\n\t"
+ "LDR r11, [%[b], #252]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_2048_mul_64_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BGT L_sp_2048_mul_64_store\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BGT.N L_sp_2048_mul_64_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -2524,129 +2390,91 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #2\n\t"
- "lsl r6, r6, #8\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #252\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
+ "SUB sp, sp, #0x200\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_2048_sqr_64_outer:\n\t"
+ "SUBS r3, r5, #0xfc\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_2048_sqr_64_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_2048_sqr_64_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
+ "BGT.N L_sp_2048_sqr_64_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
+ "BLT L_sp_2048_sqr_64_inner\n\t"
#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT.N L_sp_2048_sqr_64_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_2048_sqr_64_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x1f4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #1\n\t"
- "lsl r3, r3, #8\n\t"
- "add r3, r3, #252\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
+ "BLE L_sp_2048_sqr_64_outer\n\t"
+#else
+ "BLE.N L_sp_2048_sqr_64_outer\n\t"
+#endif
+ "LDR lr, [%[a], #252]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_2048_sqr_64_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
+ "BGT L_sp_2048_sqr_64_store\n\t"
#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #2\n\t"
- "lsl r6, r6, #8\n\t"
- "add sp, sp, r6\n\t"
+ "BGT.N L_sp_2048_sqr_64_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -2676,39 +2504,45 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #128\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x80\n\t"
+ "\n"
+ "L_sp_2048_add_32_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_2048_add_32_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_2048_add_32_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -2718,39 +2552,43 @@ SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #128\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x80\n\t"
+ "\n"
+ "L_sp_2048_sub_in_pkace_32_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_2048_sub_in_pkace_32_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_2048_sub_in_pkace_32_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -2761,83 +2599,99 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[32 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #128\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #124\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x100\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_2048_mul_32_outer:\n\t"
+ "SUBS r3, r5, #0x7c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_2048_mul_32_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_2048_mul_32_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BGT.N L_sp_2048_mul_32_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT L_sp_2048_mul_32_inner\n\t"
+#else
+ "BLT.N L_sp_2048_mul_32_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mul_32_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0xf4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BLE L_sp_2048_mul_32_outer\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BLE.N L_sp_2048_mul_32_outer\n\t"
+#endif
+ "LDR lr, [%[a], #124]\n\t"
+ "LDR r11, [%[b], #124]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_2048_mul_32_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_2048_mul_32_store\n\t"
+#else
+ "BGT.N L_sp_2048_mul_32_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -2845,131 +2699,98 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #124\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #128\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "SUB sp, sp, #0x100\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_2048_sqr_32_outer:\n\t"
+ "SUBS r3, r5, #0x7c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_2048_sqr_32_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_2048_sqr_32_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
+ "BGT.N L_sp_2048_sqr_32_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
+ "BLT L_sp_2048_sqr_32_inner\n\t"
#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT.N L_sp_2048_sqr_32_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_2048_sqr_32_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0xf4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #252\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
+ "BLE L_sp_2048_sqr_32_outer\n\t"
+#else
+ "BLE.N L_sp_2048_sqr_32_outer\n\t"
+#endif
+ "LDR lr, [%[a], #124]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_2048_sqr_32_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
+ "BGT L_sp_2048_sqr_32_store\n\t"
#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add sp, sp, r6\n\t"
+ "BGT.N L_sp_2048_sqr_32_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -2989,48 +2810,406 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
*rho = (sp_digit)0 - x;
}
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #256\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_2048_mul_d_64_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x100\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_2048_mul_d_64_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_2048_mul_d_64_word\n\t"
+#endif
+ "STR r3, [%[r], #256]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[17] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[18] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[19] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[20] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[21] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[22] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[23] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[24] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[25] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[26] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[27] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[28] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[29] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[30] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[31] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[32] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[33] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[34] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[35] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[36] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[37] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[38] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[39] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[40] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[41] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[42] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[43] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[44] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[45] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[46] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[47] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[48] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[49] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[50] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[51] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[52] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[53] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[54] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[55] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[56] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[57] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[58] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[59] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[60] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[61] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[62] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[63] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "STR r4, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
+#endif /* WOLFSSL_SP_SMALL */
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
/* r = 2^n mod m where n is the number of bits to reduce by.
* Given m must be 2048 bits, just need to subtract.
@@ -3046,6 +3225,7 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
sp_2048_sub_in_place_32(r, m);
}
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -3054,141 +3234,917 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #128\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_2048_cond_sub_32_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_2048_cond_sub_32_words\n\t"
+#else
+ "BLT.N L_sp_2048_cond_sub_32_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
+ return (uint32_t)(size_t)r;
+}
- return c;
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r9, [%[m], #68]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r9, [%[m], #72]\n\t"
+ "LDR r12, [%[a], #72]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #72]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r9, [%[m], #76]\n\t"
+ "LDR r12, [%[a], #76]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #76]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r9, [%[m], #80]\n\t"
+ "LDR r12, [%[a], #80]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #80]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r9, [%[m], #84]\n\t"
+ "LDR r12, [%[a], #84]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #84]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r9, [%[m], #88]\n\t"
+ "LDR r12, [%[a], #88]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #88]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r9, [%[m], #92]\n\t"
+ "LDR r12, [%[a], #92]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #92]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r9, [%[m], #96]\n\t"
+ "LDR r12, [%[a], #96]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #96]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r9, [%[m], #100]\n\t"
+ "LDR r12, [%[a], #100]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #100]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r9, [%[m], #104]\n\t"
+ "LDR r12, [%[a], #104]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #104]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r9, [%[m], #108]\n\t"
+ "LDR r12, [%[a], #108]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #108]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r9, [%[m], #112]\n\t"
+ "LDR r12, [%[a], #112]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #112]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r9, [%[m], #116]\n\t"
+ "LDR r12, [%[a], #116]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #116]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r9, [%[m], #120]\n\t"
+ "LDR r12, [%[a], #120]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #120]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r9, [%[m], #124]\n\t"
+ "LDR r12, [%[a], #124]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #124]\n\t"
+ "LDR r12, [%[a], #128]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #128]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x80\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_2048_mont_reduce_32_word\n\t"
+#else
+ "BLT.W L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
}
+#else
/* Reduce the number back to 2048 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #128\n\t"
- "\n1:\n\t"
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #120\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
/* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x80\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_2048_mont_reduce_32_mul\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_32_mul\n\t"
+#endif
+ "LDR r10, [%[a], #128]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #128]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
+ "BLT L_sp_2048_mont_reduce_32_word\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
+#else
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r12, [%[m], #68]\n\t"
+ "LDR r11, [%[a], #68]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r12, [%[m], #72]\n\t"
+ "LDR r11, [%[a], #72]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r12, [%[m], #76]\n\t"
+ "LDR r11, [%[a], #76]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r12, [%[m], #80]\n\t"
+ "LDR r11, [%[a], #80]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r12, [%[m], #84]\n\t"
+ "LDR r11, [%[a], #84]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r12, [%[m], #88]\n\t"
+ "LDR r11, [%[a], #88]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r12, [%[m], #92]\n\t"
+ "LDR r11, [%[a], #92]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r12, [%[m], #96]\n\t"
+ "LDR r11, [%[a], #96]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r12, [%[m], #100]\n\t"
+ "LDR r11, [%[a], #100]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r12, [%[m], #104]\n\t"
+ "LDR r11, [%[a], #104]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r12, [%[m], #108]\n\t"
+ "LDR r11, [%[a], #108]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r12, [%[m], #112]\n\t"
+ "LDR r11, [%[a], #112]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r12, [%[m], #116]\n\t"
+ "LDR r11, [%[a], #116]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #116]\n\t"
/* a[i+30] += m[30] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r12, [%[m], #120]\n\t"
+ "LDR r11, [%[a], #120]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #120]\n\t"
/* a[i+31] += m[31] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[31] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[31] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #120\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r12, [%[m], #124]\n\t"
+ "LDR r11, [%[a], #124]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #128]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #124]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #128]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x80\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_2048_mont_reduce_32_word\n\t"
+#else
+ "BLT.W L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
- sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - ca);
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_word:\n\t"
+ /* mu = a[i] * mp */
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_32_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+1] += m[j+1] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x80\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_2048_mont_reduce_32_mul\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_32_mul\n\t"
+#endif
+ "LDR r10, [%[a], #128]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #128]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x80\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_2048_mont_reduce_32_word\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
}
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -3196,7 +4152,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3210,7 +4166,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -3219,48 +4175,312 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
sp_2048_mont_reduce_32(r, m, mp);
}
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #128\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_2048_mul_d_32_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_2048_mul_d_32_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_2048_mul_d_32_word\n\t"
+#endif
+ "STR r3, [%[r], #128]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[17] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[18] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[19] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[20] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[21] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[22] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[23] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[24] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[25] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[26] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[27] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[28] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[29] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[30] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[31] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "STR r5, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)d1;
}
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -3270,49 +4490,69 @@ SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_2048_word_32_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_2048_word_32_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* Compare a with b in constant time.
*
* a A single precision integer.
@@ -3320,44 +4560,401 @@ SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #124\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x7c\n\t"
+ "\n"
+ "L_sp_2048_cmp_32_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_2048_cmp_32_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #124]\n\t"
+ "LDR r5, [%[b], #124]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "LDR r5, [%[b], #120]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "LDR r5, [%[b], #116]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "LDR r5, [%[b], #112]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "LDR r5, [%[b], #108]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "LDR r5, [%[b], #104]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "LDR r5, [%[b], #100]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "LDR r5, [%[b], #96]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "LDR r5, [%[b], #92]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "LDR r5, [%[b], #88]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "LDR r5, [%[b], #84]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "LDR r5, [%[b], #80]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "LDR r5, [%[b], #76]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "LDR r5, [%[b], #72]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "LDR r5, [%[b], #68]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Divide d in a and put remainder into r (m*d + r = a)
@@ -3369,8 +4966,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -3756,6 +5353,7 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
}
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -3764,142 +5362,1445 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #1\n\t"
- "lsl r5, r5, #8\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_2048_cond_sub_64_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x100\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_2048_cond_sub_64_words\n\t"
+#else
+ "BLT.N L_sp_2048_cond_sub_64_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
+ return (uint32_t)(size_t)r;
+}
- return c;
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r9, [%[m], #68]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r9, [%[m], #72]\n\t"
+ "LDR r12, [%[a], #72]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #72]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r9, [%[m], #76]\n\t"
+ "LDR r12, [%[a], #76]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #76]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r9, [%[m], #80]\n\t"
+ "LDR r12, [%[a], #80]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #80]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r9, [%[m], #84]\n\t"
+ "LDR r12, [%[a], #84]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #84]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r9, [%[m], #88]\n\t"
+ "LDR r12, [%[a], #88]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #88]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r9, [%[m], #92]\n\t"
+ "LDR r12, [%[a], #92]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #92]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r9, [%[m], #96]\n\t"
+ "LDR r12, [%[a], #96]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #96]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r9, [%[m], #100]\n\t"
+ "LDR r12, [%[a], #100]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #100]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r9, [%[m], #104]\n\t"
+ "LDR r12, [%[a], #104]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #104]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r9, [%[m], #108]\n\t"
+ "LDR r12, [%[a], #108]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #108]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r9, [%[m], #112]\n\t"
+ "LDR r12, [%[a], #112]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #112]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r9, [%[m], #116]\n\t"
+ "LDR r12, [%[a], #116]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #116]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r9, [%[m], #120]\n\t"
+ "LDR r12, [%[a], #120]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #120]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r9, [%[m], #124]\n\t"
+ "LDR r12, [%[a], #124]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #124]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r9, [%[m], #128]\n\t"
+ "LDR r12, [%[a], #128]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #128]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r9, [%[m], #132]\n\t"
+ "LDR r12, [%[a], #132]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #132]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r9, [%[m], #136]\n\t"
+ "LDR r12, [%[a], #136]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #136]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r9, [%[m], #140]\n\t"
+ "LDR r12, [%[a], #140]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #140]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r9, [%[m], #144]\n\t"
+ "LDR r12, [%[a], #144]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #144]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r9, [%[m], #148]\n\t"
+ "LDR r12, [%[a], #148]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #148]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r9, [%[m], #152]\n\t"
+ "LDR r12, [%[a], #152]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #152]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r9, [%[m], #156]\n\t"
+ "LDR r12, [%[a], #156]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #156]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r9, [%[m], #160]\n\t"
+ "LDR r12, [%[a], #160]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #160]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r9, [%[m], #164]\n\t"
+ "LDR r12, [%[a], #164]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #164]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r9, [%[m], #168]\n\t"
+ "LDR r12, [%[a], #168]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #168]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r9, [%[m], #172]\n\t"
+ "LDR r12, [%[a], #172]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #172]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r9, [%[m], #176]\n\t"
+ "LDR r12, [%[a], #176]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #176]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r9, [%[m], #180]\n\t"
+ "LDR r12, [%[a], #180]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #180]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r9, [%[m], #184]\n\t"
+ "LDR r12, [%[a], #184]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #184]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r9, [%[m], #188]\n\t"
+ "LDR r12, [%[a], #188]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #188]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+48] += m[48] * mu */
+ "LDR r9, [%[m], #192]\n\t"
+ "LDR r12, [%[a], #192]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #192]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+49] += m[49] * mu */
+ "LDR r9, [%[m], #196]\n\t"
+ "LDR r12, [%[a], #196]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #196]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+50] += m[50] * mu */
+ "LDR r9, [%[m], #200]\n\t"
+ "LDR r12, [%[a], #200]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #200]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+51] += m[51] * mu */
+ "LDR r9, [%[m], #204]\n\t"
+ "LDR r12, [%[a], #204]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #204]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+52] += m[52] * mu */
+ "LDR r9, [%[m], #208]\n\t"
+ "LDR r12, [%[a], #208]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #208]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+53] += m[53] * mu */
+ "LDR r9, [%[m], #212]\n\t"
+ "LDR r12, [%[a], #212]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #212]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+54] += m[54] * mu */
+ "LDR r9, [%[m], #216]\n\t"
+ "LDR r12, [%[a], #216]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #216]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+55] += m[55] * mu */
+ "LDR r9, [%[m], #220]\n\t"
+ "LDR r12, [%[a], #220]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #220]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+56] += m[56] * mu */
+ "LDR r9, [%[m], #224]\n\t"
+ "LDR r12, [%[a], #224]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #224]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+57] += m[57] * mu */
+ "LDR r9, [%[m], #228]\n\t"
+ "LDR r12, [%[a], #228]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #228]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+58] += m[58] * mu */
+ "LDR r9, [%[m], #232]\n\t"
+ "LDR r12, [%[a], #232]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #232]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+59] += m[59] * mu */
+ "LDR r9, [%[m], #236]\n\t"
+ "LDR r12, [%[a], #236]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #236]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+60] += m[60] * mu */
+ "LDR r9, [%[m], #240]\n\t"
+ "LDR r12, [%[a], #240]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #240]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+61] += m[61] * mu */
+ "LDR r9, [%[m], #244]\n\t"
+ "LDR r12, [%[a], #244]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #244]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+62] += m[62] * mu */
+ "LDR r9, [%[m], #248]\n\t"
+ "LDR r12, [%[a], #248]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #248]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+63] += m[63] * mu */
+ "LDR r9, [%[m], #252]\n\t"
+ "LDR r12, [%[a], #252]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #252]\n\t"
+ "LDR r12, [%[a], #256]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #256]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x100\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_2048_mont_reduce_64_word\n\t"
+#else
+ "BLT.W L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
}
+#else
/* Reduce the number back to 2048 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #256\n\t"
- "\n1:\n\t"
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #248\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
/* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x100\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_2048_mont_reduce_64_mul\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_64_mul\n\t"
+#endif
+ "LDR r10, [%[a], #256]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #256]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x100\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
+ "BLT L_sp_2048_mont_reduce_64_word\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r12, [%[m], #68]\n\t"
+ "LDR r11, [%[a], #68]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r12, [%[m], #72]\n\t"
+ "LDR r11, [%[a], #72]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r12, [%[m], #76]\n\t"
+ "LDR r11, [%[a], #76]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r12, [%[m], #80]\n\t"
+ "LDR r11, [%[a], #80]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r12, [%[m], #84]\n\t"
+ "LDR r11, [%[a], #84]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r12, [%[m], #88]\n\t"
+ "LDR r11, [%[a], #88]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r12, [%[m], #92]\n\t"
+ "LDR r11, [%[a], #92]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r12, [%[m], #96]\n\t"
+ "LDR r11, [%[a], #96]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r12, [%[m], #100]\n\t"
+ "LDR r11, [%[a], #100]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r12, [%[m], #104]\n\t"
+ "LDR r11, [%[a], #104]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r12, [%[m], #108]\n\t"
+ "LDR r11, [%[a], #108]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r12, [%[m], #112]\n\t"
+ "LDR r11, [%[a], #112]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r12, [%[m], #116]\n\t"
+ "LDR r11, [%[a], #116]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r12, [%[m], #120]\n\t"
+ "LDR r11, [%[a], #120]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r12, [%[m], #124]\n\t"
+ "LDR r11, [%[a], #124]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r12, [%[m], #128]\n\t"
+ "LDR r11, [%[a], #128]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r12, [%[m], #132]\n\t"
+ "LDR r11, [%[a], #132]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r12, [%[m], #136]\n\t"
+ "LDR r11, [%[a], #136]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r12, [%[m], #140]\n\t"
+ "LDR r11, [%[a], #140]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r12, [%[m], #144]\n\t"
+ "LDR r11, [%[a], #144]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r12, [%[m], #148]\n\t"
+ "LDR r11, [%[a], #148]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r12, [%[m], #152]\n\t"
+ "LDR r11, [%[a], #152]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r12, [%[m], #156]\n\t"
+ "LDR r11, [%[a], #156]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r12, [%[m], #160]\n\t"
+ "LDR r11, [%[a], #160]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r12, [%[m], #164]\n\t"
+ "LDR r11, [%[a], #164]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r12, [%[m], #168]\n\t"
+ "LDR r11, [%[a], #168]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r12, [%[m], #172]\n\t"
+ "LDR r11, [%[a], #172]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r12, [%[m], #176]\n\t"
+ "LDR r11, [%[a], #176]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r12, [%[m], #180]\n\t"
+ "LDR r11, [%[a], #180]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r12, [%[m], #184]\n\t"
+ "LDR r11, [%[a], #184]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r12, [%[m], #188]\n\t"
+ "LDR r11, [%[a], #188]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #188]\n\t"
+ /* a[i+48] += m[48] * mu */
+ "LDR r12, [%[m], #192]\n\t"
+ "LDR r11, [%[a], #192]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #192]\n\t"
+ /* a[i+49] += m[49] * mu */
+ "LDR r12, [%[m], #196]\n\t"
+ "LDR r11, [%[a], #196]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #196]\n\t"
+ /* a[i+50] += m[50] * mu */
+ "LDR r12, [%[m], #200]\n\t"
+ "LDR r11, [%[a], #200]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #200]\n\t"
+ /* a[i+51] += m[51] * mu */
+ "LDR r12, [%[m], #204]\n\t"
+ "LDR r11, [%[a], #204]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #204]\n\t"
+ /* a[i+52] += m[52] * mu */
+ "LDR r12, [%[m], #208]\n\t"
+ "LDR r11, [%[a], #208]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #208]\n\t"
+ /* a[i+53] += m[53] * mu */
+ "LDR r12, [%[m], #212]\n\t"
+ "LDR r11, [%[a], #212]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #212]\n\t"
+ /* a[i+54] += m[54] * mu */
+ "LDR r12, [%[m], #216]\n\t"
+ "LDR r11, [%[a], #216]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #216]\n\t"
+ /* a[i+55] += m[55] * mu */
+ "LDR r12, [%[m], #220]\n\t"
+ "LDR r11, [%[a], #220]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #220]\n\t"
+ /* a[i+56] += m[56] * mu */
+ "LDR r12, [%[m], #224]\n\t"
+ "LDR r11, [%[a], #224]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #224]\n\t"
+ /* a[i+57] += m[57] * mu */
+ "LDR r12, [%[m], #228]\n\t"
+ "LDR r11, [%[a], #228]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #228]\n\t"
+ /* a[i+58] += m[58] * mu */
+ "LDR r12, [%[m], #232]\n\t"
+ "LDR r11, [%[a], #232]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #232]\n\t"
+ /* a[i+59] += m[59] * mu */
+ "LDR r12, [%[m], #236]\n\t"
+ "LDR r11, [%[a], #236]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #236]\n\t"
+ /* a[i+60] += m[60] * mu */
+ "LDR r12, [%[m], #240]\n\t"
+ "LDR r11, [%[a], #240]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #240]\n\t"
+ /* a[i+61] += m[61] * mu */
+ "LDR r12, [%[m], #244]\n\t"
+ "LDR r11, [%[a], #244]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #244]\n\t"
/* a[i+62] += m[62] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r12, [%[m], #248]\n\t"
+ "LDR r11, [%[a], #248]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #248]\n\t"
/* a[i+63] += m[63] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[63] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[63] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #248\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r12, [%[m], #252]\n\t"
+ "LDR r11, [%[a], #252]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #256]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #252]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #256]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x100\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_2048_mont_reduce_64_word\n\t"
+#else
+ "BLT.W L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - ca);
+ __asm__ __volatile__ (
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_word:\n\t"
+ /* mu = a[i] * mp */
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_2048_mont_reduce_64_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+1] += m[j+1] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x100\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_2048_mont_reduce_64_mul\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_64_mul\n\t"
+#endif
+ "LDR r10, [%[a], #256]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #256]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x100\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_2048_mont_reduce_64_word\n\t"
+#else
+ "BLT.N L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
}
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -3907,7 +6808,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3921,7 +6822,7 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -3937,39 +6838,44 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r5, #1\n\t"
- "lsl r5, r5, #8\n\t"
- "add r6, r6, r5\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADD r12, %[a], #0x100\n\t"
+ "\n"
+ "L_sp_2048_sub_64_word:\n\t"
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC r11, r3, r3\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_2048_sub_64_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_2048_sub_64_word\n\t"
+#endif
+ "MOV %[r], r11\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#else
@@ -3979,182 +6885,206 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)d1;
+}
+
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -4164,49 +7094,69 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_2048_word_64_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_2048_word_64_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* Divide d in a and put remainder into r (m*d + r = a)
* m is not calculated as it is not needed at this time.
*
@@ -4216,8 +7166,8 @@ SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -4279,6 +7229,7 @@ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const s
}
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
+#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -4316,44 +7267,753 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #252\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0xfc\n\t"
+ "\n"
+ "L_sp_2048_cmp_64_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_2048_cmp_64_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #252]\n\t"
+ "LDR r5, [%[b], #252]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #248]\n\t"
+ "LDR r5, [%[b], #248]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #244]\n\t"
+ "LDR r5, [%[b], #244]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #240]\n\t"
+ "LDR r5, [%[b], #240]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #236]\n\t"
+ "LDR r5, [%[b], #236]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #232]\n\t"
+ "LDR r5, [%[b], #232]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #228]\n\t"
+ "LDR r5, [%[b], #228]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #224]\n\t"
+ "LDR r5, [%[b], #224]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #220]\n\t"
+ "LDR r5, [%[b], #220]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #216]\n\t"
+ "LDR r5, [%[b], #216]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #212]\n\t"
+ "LDR r5, [%[b], #212]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #208]\n\t"
+ "LDR r5, [%[b], #208]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #204]\n\t"
+ "LDR r5, [%[b], #204]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #200]\n\t"
+ "LDR r5, [%[b], #200]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #196]\n\t"
+ "LDR r5, [%[b], #196]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #192]\n\t"
+ "LDR r5, [%[b], #192]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #188]\n\t"
+ "LDR r5, [%[b], #188]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #184]\n\t"
+ "LDR r5, [%[b], #184]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #180]\n\t"
+ "LDR r5, [%[b], #180]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #176]\n\t"
+ "LDR r5, [%[b], #176]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #172]\n\t"
+ "LDR r5, [%[b], #172]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #168]\n\t"
+ "LDR r5, [%[b], #168]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #164]\n\t"
+ "LDR r5, [%[b], #164]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #160]\n\t"
+ "LDR r5, [%[b], #160]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #156]\n\t"
+ "LDR r5, [%[b], #156]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #152]\n\t"
+ "LDR r5, [%[b], #152]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #148]\n\t"
+ "LDR r5, [%[b], #148]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #144]\n\t"
+ "LDR r5, [%[b], #144]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #140]\n\t"
+ "LDR r5, [%[b], #140]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #136]\n\t"
+ "LDR r5, [%[b], #136]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #132]\n\t"
+ "LDR r5, [%[b], #132]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #128]\n\t"
+ "LDR r5, [%[b], #128]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #124]\n\t"
+ "LDR r5, [%[b], #124]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "LDR r5, [%[b], #120]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "LDR r5, [%[b], #116]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "LDR r5, [%[b], #112]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "LDR r5, [%[b], #108]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "LDR r5, [%[b], #104]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "LDR r5, [%[b], #100]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "LDR r5, [%[b], #96]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "LDR r5, [%[b], #92]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "LDR r5, [%[b], #88]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "LDR r5, [%[b], #84]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "LDR r5, [%[b], #80]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "LDR r5, [%[b], #76]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "LDR r5, [%[b], #72]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "LDR r5, [%[b], #68]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Divide d in a and put remainder into r (m*d + r = a)
@@ -4365,8 +8025,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[128], t2[65];
sp_digit div, r1;
@@ -4411,6 +8071,7 @@ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_dig
return sp_2048_div_64(a, m, NULL, r);
}
+#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(WOLFSSL_HAVE_SP_DH)
#ifdef WOLFSSL_SP_SMALL
@@ -4874,6 +8535,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
}
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -4882,39 +8544,192 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
* b A single precision number to add.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
- sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #128\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "adds r5, %[c], #-1\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "adcs r5, r5, r6\n\t"
- "mov %[c], #0\n\t"
- "adcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_2048_cond_add_32_words:\n\t"
+ "ADDS r5, r5, #0xffffffff\n\t"
+ "LDR r6, [%[a], r4]\n\t"
+ "LDR r7, [%[b], r4]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "ADCS r6, r6, r7\n\t"
+ "ADC r5, r8, r8\n\t"
+ "STR r6, [%[r], r4]\n\t"
+ "ADD r4, r4, #0x4\n\t"
+ "CMP r4, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_2048_cond_add_32_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_2048_cond_add_32_words\n\t"
+#endif
+ "MOV %[r], r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r A single precision number representing conditional add result.
+ * a A single precision number to add with.
+ * b A single precision number to add.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r10, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADDS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "ADC %[r], r10, r10\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
/* RSA private key operation.
*
* in Array of bytes representing the number to exponentiate, base.
@@ -5229,406 +9044,407 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
#ifdef WOLFSSL_HAVE_SP_DH
#ifdef HAVE_FFDHE_2048
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
static void sp_2048_lshift_64(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r6, #31\n\t"
- "sub r6, r6, %[n]\n\t"
- "add %[a], %[a], #192\n\t"
- "add %[r], %[r], #192\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "lsr r4, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r4, r4, r6\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r4, [%[a], #60]\n\t"
- "str r3, [%[r], #68]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #56]\n\t"
- "str r2, [%[r], #64]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #52]\n\t"
- "str r4, [%[r], #60]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #48]\n\t"
- "str r3, [%[r], #56]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #44]\n\t"
- "str r2, [%[r], #52]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "str r4, [%[r], #48]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #36]\n\t"
- "str r3, [%[r], #44]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #32]\n\t"
- "str r2, [%[r], #40]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "str r4, [%[r], #36]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #24]\n\t"
- "str r3, [%[r], #32]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #20]\n\t"
- "str r2, [%[r], #28]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "str r4, [%[r], #24]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "str r3, [%[r], #20]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "str r2, [%[r], #16]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "str r4, [%[r], #12]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #0]\n\t"
- "str r3, [%[r], #8]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "str r2, [%[r], #68]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "str r3, [%[r]]\n\t"
- "str r4, [%[r], #4]\n\t"
+ "RSB r7, %[n], #0x1f\n\t"
+ "LDR r5, [%[a], #252]\n\t"
+ "LSR r6, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r6, r6, r7\n\t"
+ "LDR r4, [%[a], #248]\n\t"
+ "STR r6, [%[r], #256]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #244]\n\t"
+ "STR r5, [%[r], #252]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #240]\n\t"
+ "STR r4, [%[r], #248]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #236]\n\t"
+ "STR r6, [%[r], #244]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #232]\n\t"
+ "STR r5, [%[r], #240]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #228]\n\t"
+ "STR r4, [%[r], #236]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #224]\n\t"
+ "STR r6, [%[r], #232]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #220]\n\t"
+ "STR r5, [%[r], #228]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #216]\n\t"
+ "STR r4, [%[r], #224]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #212]\n\t"
+ "STR r6, [%[r], #220]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #208]\n\t"
+ "STR r5, [%[r], #216]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #204]\n\t"
+ "STR r4, [%[r], #212]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #200]\n\t"
+ "STR r6, [%[r], #208]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #196]\n\t"
+ "STR r5, [%[r], #204]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #192]\n\t"
+ "STR r4, [%[r], #200]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #188]\n\t"
+ "STR r6, [%[r], #196]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #184]\n\t"
+ "STR r5, [%[r], #192]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #180]\n\t"
+ "STR r4, [%[r], #188]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #176]\n\t"
+ "STR r6, [%[r], #184]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #172]\n\t"
+ "STR r5, [%[r], #180]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #168]\n\t"
+ "STR r4, [%[r], #176]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #164]\n\t"
+ "STR r6, [%[r], #172]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #160]\n\t"
+ "STR r5, [%[r], #168]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #156]\n\t"
+ "STR r4, [%[r], #164]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #152]\n\t"
+ "STR r6, [%[r], #160]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #148]\n\t"
+ "STR r5, [%[r], #156]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #144]\n\t"
+ "STR r4, [%[r], #152]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #140]\n\t"
+ "STR r6, [%[r], #148]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #136]\n\t"
+ "STR r5, [%[r], #144]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #132]\n\t"
+ "STR r4, [%[r], #140]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #128]\n\t"
+ "STR r6, [%[r], #136]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #124]\n\t"
+ "STR r5, [%[r], #132]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #120]\n\t"
+ "STR r4, [%[r], #128]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "STR r6, [%[r], #124]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #112]\n\t"
+ "STR r5, [%[r], #120]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #108]\n\t"
+ "STR r4, [%[r], #116]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "STR r6, [%[r], #112]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #100]\n\t"
+ "STR r5, [%[r], #108]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #96]\n\t"
+ "STR r4, [%[r], #104]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "STR r6, [%[r], #100]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #88]\n\t"
+ "STR r5, [%[r], #96]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #84]\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "STR r6, [%[r], #88]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #76]\n\t"
+ "STR r5, [%[r], #84]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #72]\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "STR r6, [%[r], #76]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #64]\n\t"
+ "STR r5, [%[r], #72]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #60]\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "STR r6, [%[r], #64]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #52]\n\t"
+ "STR r5, [%[r], #60]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #48]\n\t"
+ "STR r4, [%[r], #56]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "STR r6, [%[r], #52]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #40]\n\t"
+ "STR r5, [%[r], #48]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #36]\n\t"
+ "STR r4, [%[r], #44]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "STR r6, [%[r], #40]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #28]\n\t"
+ "STR r5, [%[r], #36]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #24]\n\t"
+ "STR r4, [%[r], #32]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "STR r6, [%[r], #28]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #16]\n\t"
+ "STR r5, [%[r], #24]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #12]\n\t"
+ "STR r4, [%[r], #20]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "STR r6, [%[r], #16]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #4]\n\t"
+ "STR r5, [%[r], #12]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a]]\n\t"
+ "STR r4, [%[r], #8]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "STR r5, [%[r]]\n\t"
+ "STR r6, [%[r], #4]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : [r] "r" (r), [a] "r" (a), [n] "r" (n)
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
);
}
@@ -5930,14 +9746,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -6048,83 +9864,1025 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[12 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #48\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #44\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
-#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #88\n\t"
- "cmp r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "SUB sp, sp, #0x30\n\t"
+ /* A[0] * B[0] */
+ "LDR r11, [%[a]]\n\t"
+ "LDR r12, [%[b]]\n\t"
+ "UMULL r3, r4, r11, r12\n\t"
+ "MOV r5, #0x0\n\t"
+ "STR r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[0] */
+ "LDR r8, [%[a], #4]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ /* A[2] * B[0] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[1] */
+ "LDR r11, [%[a], #4]\n\t"
+ "LDR r12, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[2] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[0] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[2] */
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[1] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[0] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #12]\n\t"
+ /* A[4] * B[0] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[1] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[2] */
+ "LDR r11, [%[a], #8]\n\t"
+ "LDR r12, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[3] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[4] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #16]\n\t"
+ /* A[0] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[4] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[2] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[1] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[0] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #20]\n\t"
+ /* A[6] * B[0] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[1] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[2] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[3] */
+ "LDR r11, [%[a], #12]\n\t"
+ "LDR r12, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[4] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[5] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[0] * B[6] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #24]\n\t"
+ /* A[0] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[6] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[5] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[4] */
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[3] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[2] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[1] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[0] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* A[8] * B[0] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[1] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[2] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[3] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[4] */
+ "LDR r11, [%[a], #16]\n\t"
+ "LDR r12, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[5] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[6] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[7] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[8] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #32]\n\t"
+ /* A[0] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[8] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[7] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[6] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[4] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[3] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[2] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[1] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[0] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #36]\n\t"
+ /* A[10] * B[0] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[1] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[2] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[3] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[4] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[5] */
+ "LDR r11, [%[a], #20]\n\t"
+ "LDR r12, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[6] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[7] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[8] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[9] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[10] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #40]\n\t"
+ /* A[0] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[10] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[9] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[8] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[7] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[6] */
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[5] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[4] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[3] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[2] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[1] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[0] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #44]\n\t"
+ /* A[11] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[2] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[3] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[4] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[5] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[6] */
+ "LDR r11, [%[a], #24]\n\t"
+ "LDR r12, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[7] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[8] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[9] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[10] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[11] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #48]\n\t"
+ /* A[2] * B[11] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[10] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[9] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[8] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[6] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[5] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[4] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[3] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[2] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #52]\n\t"
+ /* A[11] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[4] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[5] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[6] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[7] */
+ "LDR r11, [%[a], #28]\n\t"
+ "LDR r12, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[8] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[9] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[10] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[11] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #56]\n\t"
+ /* A[4] * B[11] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[10] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[9] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[8] */
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[7] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[6] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[5] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[4] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #60]\n\t"
+ /* A[11] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[6] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[7] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[8] */
+ "LDR r11, [%[a], #32]\n\t"
+ "LDR r12, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[9] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[10] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[11] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #64]\n\t"
+ /* A[6] * B[11] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[10] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[8] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[7] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[6] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #68]\n\t"
+ /* A[11] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[8] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[9] */
+ "LDR r11, [%[a], #36]\n\t"
+ "LDR r12, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[10] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[11] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #72]\n\t"
+ /* A[8] * B[11] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[10] */
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[9] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[8] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #76]\n\t"
+ /* A[11] * B[9] */
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[10] */
+ "LDR r11, [%[a], #40]\n\t"
+ "LDR r12, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[11] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #80]\n\t"
+ /* A[10] * B[11] */
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[10] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #84]\n\t"
+ /* A[11] * B[11] */
+ "UMLAL r4, r5, r8, r9\n\t"
+ "STR r4, [%[r], #88]\n\t"
+ "STR r5, [%[r], #92]\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Add b to a into r. (r = a + b)
@@ -6133,131 +10891,114 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -6266,80 +11007,68 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -6411,145 +11140,113 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
(void)sp_3072_add_12(r + 36, r + 36, a1);
}
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -6558,140 +11255,110 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -6763,265 +11430,197 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
(void)sp_3072_add_24(r + 72, r + 72, a1);
}
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -7030,260 +11629,194 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -7360,122 +11893,698 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #96\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #44\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #48\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
-#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
-#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #88\n\t"
- "cmp r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #92\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
-#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #96\n\t"
- "add sp, sp, r6\n\t"
+ "SUB sp, sp, #0x30\n\t"
+ /* A[0] * A[0] */
+ "LDR r10, [%[a]]\n\t"
+ "UMULL r8, r3, r10, r10\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r8, [sp]\n\t"
+ /* A[0] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #4]\n\t"
+ /* A[0] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #8]\n\t"
+ /* A[0] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [sp, #12]\n\t"
+ /* A[0] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[1] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[2] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #16]\n\t"
+ /* A[0] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #20]\n\t"
+ /* A[0] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #24]\n\t"
+ /* A[0] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #28]\n\t"
+ /* A[0] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #32]\n\t"
+ /* A[0] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #36]\n\t"
+ /* A[0] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #40]\n\t"
+ /* A[0] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #44]\n\t"
+ /* A[1] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[2] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #48]\n\t"
+ /* A[2] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[3] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #52]\n\t"
+ /* A[3] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[4] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #56]\n\t"
+ /* A[4] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[5] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #60]\n\t"
+ /* A[5] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[6] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #64]\n\t"
+ /* A[6] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[7] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ /* A[7] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [%[r], #72]\n\t"
+ /* A[8] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[9] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [%[r], #76]\n\t"
+ /* A[9] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ /* A[10] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [%[r], #84]\n\t"
+ /* A[11] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "UMLAL r3, r4, r10, r10\n\t"
+ "STR r3, [%[r], #88]\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
}
@@ -7485,49 +12594,46 @@ SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -7572,79 +12678,67 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -7689,139 +12783,109 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -7868,39 +12932,45 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #384\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x180\n\t"
+ "\n"
+ "L_sp_3072_add_96_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_3072_add_96_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_3072_add_96_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -7910,39 +12980,43 @@ SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #384\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x180\n\t"
+ "\n"
+ "L_sp_3072_sub_in_pkace_96_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_3072_sub_in_pkace_96_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_3072_sub_in_pkace_96_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -7953,89 +13027,99 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[96 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #128\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #124\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x300\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_3072_mul_96_outer:\n\t"
+ "SUBS r3, r5, #0x17c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_3072_mul_96_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_3072_mul_96_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BGT.N L_sp_3072_mul_96_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #2\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT L_sp_3072_mul_96_inner\n\t"
+#else
+ "BLT.N L_sp_3072_mul_96_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mul_96_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x2f4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BLE L_sp_3072_mul_96_outer\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BLE.N L_sp_3072_mul_96_outer\n\t"
+#endif
+ "LDR lr, [%[a], #380]\n\t"
+ "LDR r11, [%[b], #380]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_3072_mul_96_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_3072_mul_96_store\n\t"
+#else
+ "BGT.N L_sp_3072_mul_96_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -8043,132 +13127,91 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #3\n\t"
- "lsl r6, r6, #8\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #124\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
+ "SUB sp, sp, #0x300\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_3072_sqr_96_outer:\n\t"
+ "SUBS r3, r5, #0x17c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_3072_sqr_96_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #128\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_3072_sqr_96_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
+ "BGT.N L_sp_3072_sqr_96_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
+ "BLT L_sp_3072_sqr_96_inner\n\t"
#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #2\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT.N L_sp_3072_sqr_96_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_3072_sqr_96_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x2f4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #2\n\t"
- "lsl r3, r3, #8\n\t"
- "add r3, r3, #252\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
+ "BLE L_sp_3072_sqr_96_outer\n\t"
+#else
+ "BLE.N L_sp_3072_sqr_96_outer\n\t"
+#endif
+ "LDR lr, [%[a], #380]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_3072_sqr_96_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
+ "BGT L_sp_3072_sqr_96_store\n\t"
#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #3\n\t"
- "lsl r6, r6, #8\n\t"
- "add sp, sp, r6\n\t"
+ "BGT.N L_sp_3072_sqr_96_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -8198,39 +13241,45 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #192\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0xc0\n\t"
+ "\n"
+ "L_sp_3072_add_48_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_3072_add_48_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_3072_add_48_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -8240,39 +13289,43 @@ SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #192\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0xc0\n\t"
+ "\n"
+ "L_sp_3072_sub_in_pkace_48_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_3072_sub_in_pkace_48_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_3072_sub_in_pkace_48_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -8283,85 +13336,99 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[48 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #192\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #188\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x180\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_3072_mul_48_outer:\n\t"
+ "SUBS r3, r5, #0xbc\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_3072_mul_48_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_3072_mul_48_inner_done\n\t"
+#else
+ "BGT.N L_sp_3072_mul_48_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BLT L_sp_3072_mul_48_inner\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BLT.N L_sp_3072_mul_48_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mul_48_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x174\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #120\n\t"
- "cmp r8, r6\n\t"
+ "BLE L_sp_3072_mul_48_outer\n\t"
+#else
+ "BLE.N L_sp_3072_mul_48_outer\n\t"
+#endif
+ "LDR lr, [%[a], #188]\n\t"
+ "LDR r11, [%[b], #188]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_3072_mul_48_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BGT L_sp_3072_mul_48_store\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BGT.N L_sp_3072_mul_48_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -8369,137 +13436,98 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #128\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #188\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #192\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "SUB sp, sp, #0x180\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_3072_sqr_48_outer:\n\t"
+ "SUBS r3, r5, #0xbc\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_3072_sqr_48_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_3072_sqr_48_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
+ "BGT.N L_sp_3072_sqr_48_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
+ "BLT L_sp_3072_sqr_48_inner\n\t"
#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #120\n\t"
- "cmp r8, r6\n\t"
+ "BLT.N L_sp_3072_sqr_48_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_3072_sqr_48_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x174\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #1\n\t"
- "lsl r3, r3, #8\n\t"
- "add r3, r3, #124\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
+ "BLE L_sp_3072_sqr_48_outer\n\t"
+#else
+ "BLE.N L_sp_3072_sqr_48_outer\n\t"
+#endif
+ "LDR lr, [%[a], #188]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_3072_sqr_48_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
-#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #128\n\t"
- "add sp, sp, r6\n\t"
+ "BGT L_sp_3072_sqr_48_store\n\t"
+#else
+ "BGT.N L_sp_3072_sqr_48_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -8519,48 +13547,566 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
*rho = (sp_digit)0 - x;
}
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #384\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_3072_mul_d_96_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x180\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_3072_mul_d_96_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_3072_mul_d_96_word\n\t"
+#endif
+ "STR r3, [%[r], #384]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[17] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[18] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[19] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[20] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[21] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[22] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[23] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[24] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[25] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[26] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[27] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[28] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[29] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[30] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[31] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[32] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[33] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[34] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[35] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[36] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[37] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[38] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[39] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[40] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[41] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[42] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[43] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[44] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[45] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[46] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[47] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[48] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[49] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[50] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[51] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[52] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[53] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[54] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[55] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[56] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[57] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[58] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[59] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[60] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[61] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[62] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[63] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[64] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[65] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[66] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[67] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[68] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[69] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[70] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[71] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[72] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[73] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[74] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[75] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[76] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[77] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[78] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[79] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[80] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[81] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[82] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[83] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[84] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[85] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[86] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[87] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[88] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[89] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[90] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[91] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[92] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[93] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[94] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[95] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "STR r3, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
+#endif /* WOLFSSL_SP_SMALL */
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
/* r = 2^n mod m where n is the number of bits to reduce by.
* Given m must be 3072 bits, just need to subtract.
@@ -8576,6 +14122,7 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
sp_3072_sub_in_place_48(r, m);
}
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -8584,141 +14131,1181 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #192\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_3072_cond_sub_48_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0xc0\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_3072_cond_sub_48_words\n\t"
+#else
+ "BLT.N L_sp_3072_cond_sub_48_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r9, [%[m], #68]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r9, [%[m], #72]\n\t"
+ "LDR r12, [%[a], #72]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #72]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r9, [%[m], #76]\n\t"
+ "LDR r12, [%[a], #76]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #76]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r9, [%[m], #80]\n\t"
+ "LDR r12, [%[a], #80]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #80]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r9, [%[m], #84]\n\t"
+ "LDR r12, [%[a], #84]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #84]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r9, [%[m], #88]\n\t"
+ "LDR r12, [%[a], #88]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #88]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r9, [%[m], #92]\n\t"
+ "LDR r12, [%[a], #92]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #92]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r9, [%[m], #96]\n\t"
+ "LDR r12, [%[a], #96]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #96]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r9, [%[m], #100]\n\t"
+ "LDR r12, [%[a], #100]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #100]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r9, [%[m], #104]\n\t"
+ "LDR r12, [%[a], #104]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #104]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r9, [%[m], #108]\n\t"
+ "LDR r12, [%[a], #108]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #108]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r9, [%[m], #112]\n\t"
+ "LDR r12, [%[a], #112]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #112]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r9, [%[m], #116]\n\t"
+ "LDR r12, [%[a], #116]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #116]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r9, [%[m], #120]\n\t"
+ "LDR r12, [%[a], #120]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #120]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r9, [%[m], #124]\n\t"
+ "LDR r12, [%[a], #124]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #124]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r9, [%[m], #128]\n\t"
+ "LDR r12, [%[a], #128]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #128]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r9, [%[m], #132]\n\t"
+ "LDR r12, [%[a], #132]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #132]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r9, [%[m], #136]\n\t"
+ "LDR r12, [%[a], #136]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #136]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r9, [%[m], #140]\n\t"
+ "LDR r12, [%[a], #140]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #140]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r9, [%[m], #144]\n\t"
+ "LDR r12, [%[a], #144]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #144]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r9, [%[m], #148]\n\t"
+ "LDR r12, [%[a], #148]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #148]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r9, [%[m], #152]\n\t"
+ "LDR r12, [%[a], #152]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #152]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r9, [%[m], #156]\n\t"
+ "LDR r12, [%[a], #156]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #156]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r9, [%[m], #160]\n\t"
+ "LDR r12, [%[a], #160]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #160]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r9, [%[m], #164]\n\t"
+ "LDR r12, [%[a], #164]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #164]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r9, [%[m], #168]\n\t"
+ "LDR r12, [%[a], #168]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #168]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r9, [%[m], #172]\n\t"
+ "LDR r12, [%[a], #172]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #172]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r9, [%[m], #176]\n\t"
+ "LDR r12, [%[a], #176]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #176]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r9, [%[m], #180]\n\t"
+ "LDR r12, [%[a], #180]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #180]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r9, [%[m], #184]\n\t"
+ "LDR r12, [%[a], #184]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #184]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r9, [%[m], #188]\n\t"
+ "LDR r12, [%[a], #188]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #188]\n\t"
+ "LDR r12, [%[a], #192]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #192]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0xc0\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_3072_mont_reduce_48_word\n\t"
+#else
+ "BLT.W L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
}
+#else
/* Reduce the number back to 3072 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #192\n\t"
- "\n1:\n\t"
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #184\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
/* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0xc0\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
+ "BLT L_sp_3072_mont_reduce_48_mul\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_48_mul\n\t"
+#endif
+ "LDR r10, [%[a], #192]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #192]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0xc0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_3072_mont_reduce_48_word\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r12, [%[m], #68]\n\t"
+ "LDR r11, [%[a], #68]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r12, [%[m], #72]\n\t"
+ "LDR r11, [%[a], #72]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r12, [%[m], #76]\n\t"
+ "LDR r11, [%[a], #76]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r12, [%[m], #80]\n\t"
+ "LDR r11, [%[a], #80]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r12, [%[m], #84]\n\t"
+ "LDR r11, [%[a], #84]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r12, [%[m], #88]\n\t"
+ "LDR r11, [%[a], #88]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r12, [%[m], #92]\n\t"
+ "LDR r11, [%[a], #92]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r12, [%[m], #96]\n\t"
+ "LDR r11, [%[a], #96]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r12, [%[m], #100]\n\t"
+ "LDR r11, [%[a], #100]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r12, [%[m], #104]\n\t"
+ "LDR r11, [%[a], #104]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r12, [%[m], #108]\n\t"
+ "LDR r11, [%[a], #108]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r12, [%[m], #112]\n\t"
+ "LDR r11, [%[a], #112]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r12, [%[m], #116]\n\t"
+ "LDR r11, [%[a], #116]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r12, [%[m], #120]\n\t"
+ "LDR r11, [%[a], #120]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r12, [%[m], #124]\n\t"
+ "LDR r11, [%[a], #124]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r12, [%[m], #128]\n\t"
+ "LDR r11, [%[a], #128]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r12, [%[m], #132]\n\t"
+ "LDR r11, [%[a], #132]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r12, [%[m], #136]\n\t"
+ "LDR r11, [%[a], #136]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r12, [%[m], #140]\n\t"
+ "LDR r11, [%[a], #140]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r12, [%[m], #144]\n\t"
+ "LDR r11, [%[a], #144]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r12, [%[m], #148]\n\t"
+ "LDR r11, [%[a], #148]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r12, [%[m], #152]\n\t"
+ "LDR r11, [%[a], #152]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r12, [%[m], #156]\n\t"
+ "LDR r11, [%[a], #156]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r12, [%[m], #160]\n\t"
+ "LDR r11, [%[a], #160]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r12, [%[m], #164]\n\t"
+ "LDR r11, [%[a], #164]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r12, [%[m], #168]\n\t"
+ "LDR r11, [%[a], #168]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r12, [%[m], #172]\n\t"
+ "LDR r11, [%[a], #172]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r12, [%[m], #176]\n\t"
+ "LDR r11, [%[a], #176]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r12, [%[m], #180]\n\t"
+ "LDR r11, [%[a], #180]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #180]\n\t"
/* a[i+46] += m[46] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r12, [%[m], #184]\n\t"
+ "LDR r11, [%[a], #184]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #184]\n\t"
/* a[i+47] += m[47] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[47] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[47] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #184\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r12, [%[m], #188]\n\t"
+ "LDR r11, [%[a], #188]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #192]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #188]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #192]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0xc0\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_3072_mont_reduce_48_word\n\t"
+#else
+ "BLT.W L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
- sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - ca);
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_word:\n\t"
+ /* mu = a[i] * mp */
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_48_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+1] += m[j+1] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0xc0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_3072_mont_reduce_48_mul\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_48_mul\n\t"
+#endif
+ "LDR r10, [%[a], #192]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #192]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0xc0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_3072_mont_reduce_48_word\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
}
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -8726,7 +15313,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -8740,7 +15327,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -8749,48 +15336,392 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
sp_3072_mont_reduce_48(r, m, mp);
}
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #192\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_3072_mul_d_48_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0xc0\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_3072_mul_d_48_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_3072_mul_d_48_word\n\t"
+#endif
+ "STR r3, [%[r], #192]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[17] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[18] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[19] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[20] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[21] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[22] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[23] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[24] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[25] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[26] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[27] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[28] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[29] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[30] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[31] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[32] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[33] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[34] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[35] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[36] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[37] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[38] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[39] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[40] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[41] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[42] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[43] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[44] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[45] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[46] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[47] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "STR r3, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)d1;
}
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -8800,49 +15731,69 @@ SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_3072_word_48_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_3072_word_48_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* Compare a with b in constant time.
*
* a A single precision integer.
@@ -8850,44 +15801,577 @@ SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #188\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0xbc\n\t"
+ "\n"
+ "L_sp_3072_cmp_48_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_3072_cmp_48_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #188]\n\t"
+ "LDR r5, [%[b], #188]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #184]\n\t"
+ "LDR r5, [%[b], #184]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #180]\n\t"
+ "LDR r5, [%[b], #180]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #176]\n\t"
+ "LDR r5, [%[b], #176]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #172]\n\t"
+ "LDR r5, [%[b], #172]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #168]\n\t"
+ "LDR r5, [%[b], #168]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #164]\n\t"
+ "LDR r5, [%[b], #164]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #160]\n\t"
+ "LDR r5, [%[b], #160]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #156]\n\t"
+ "LDR r5, [%[b], #156]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #152]\n\t"
+ "LDR r5, [%[b], #152]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #148]\n\t"
+ "LDR r5, [%[b], #148]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #144]\n\t"
+ "LDR r5, [%[b], #144]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #140]\n\t"
+ "LDR r5, [%[b], #140]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #136]\n\t"
+ "LDR r5, [%[b], #136]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #132]\n\t"
+ "LDR r5, [%[b], #132]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #128]\n\t"
+ "LDR r5, [%[b], #128]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #124]\n\t"
+ "LDR r5, [%[b], #124]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "LDR r5, [%[b], #120]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "LDR r5, [%[b], #116]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "LDR r5, [%[b], #112]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "LDR r5, [%[b], #108]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "LDR r5, [%[b], #104]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "LDR r5, [%[b], #100]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "LDR r5, [%[b], #96]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "LDR r5, [%[b], #92]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "LDR r5, [%[b], #88]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "LDR r5, [%[b], #84]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "LDR r5, [%[b], #80]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "LDR r5, [%[b], #76]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "LDR r5, [%[b], #72]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "LDR r5, [%[b], #68]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Divide d in a and put remainder into r (m*d + r = a)
@@ -8899,8 +16383,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[96], t2[49];
sp_digit div, r1;
@@ -9286,6 +16770,7 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
}
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -9294,143 +16779,1973 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #1\n\t"
- "lsl r5, r5, #8\n\t"
- "add r5, r5, #128\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_3072_cond_sub_96_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x180\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_3072_cond_sub_96_words\n\t"
+#else
+ "BLT.N L_sp_3072_cond_sub_96_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r9, [%[m], #68]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r9, [%[m], #72]\n\t"
+ "LDR r12, [%[a], #72]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #72]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r9, [%[m], #76]\n\t"
+ "LDR r12, [%[a], #76]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #76]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r9, [%[m], #80]\n\t"
+ "LDR r12, [%[a], #80]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #80]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r9, [%[m], #84]\n\t"
+ "LDR r12, [%[a], #84]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #84]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r9, [%[m], #88]\n\t"
+ "LDR r12, [%[a], #88]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #88]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r9, [%[m], #92]\n\t"
+ "LDR r12, [%[a], #92]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #92]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r9, [%[m], #96]\n\t"
+ "LDR r12, [%[a], #96]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #96]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r9, [%[m], #100]\n\t"
+ "LDR r12, [%[a], #100]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #100]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r9, [%[m], #104]\n\t"
+ "LDR r12, [%[a], #104]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #104]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r9, [%[m], #108]\n\t"
+ "LDR r12, [%[a], #108]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #108]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r9, [%[m], #112]\n\t"
+ "LDR r12, [%[a], #112]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #112]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r9, [%[m], #116]\n\t"
+ "LDR r12, [%[a], #116]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #116]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r9, [%[m], #120]\n\t"
+ "LDR r12, [%[a], #120]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #120]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r9, [%[m], #124]\n\t"
+ "LDR r12, [%[a], #124]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #124]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r9, [%[m], #128]\n\t"
+ "LDR r12, [%[a], #128]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #128]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r9, [%[m], #132]\n\t"
+ "LDR r12, [%[a], #132]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #132]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r9, [%[m], #136]\n\t"
+ "LDR r12, [%[a], #136]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #136]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r9, [%[m], #140]\n\t"
+ "LDR r12, [%[a], #140]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #140]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r9, [%[m], #144]\n\t"
+ "LDR r12, [%[a], #144]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #144]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r9, [%[m], #148]\n\t"
+ "LDR r12, [%[a], #148]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #148]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r9, [%[m], #152]\n\t"
+ "LDR r12, [%[a], #152]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #152]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r9, [%[m], #156]\n\t"
+ "LDR r12, [%[a], #156]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #156]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r9, [%[m], #160]\n\t"
+ "LDR r12, [%[a], #160]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #160]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r9, [%[m], #164]\n\t"
+ "LDR r12, [%[a], #164]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #164]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r9, [%[m], #168]\n\t"
+ "LDR r12, [%[a], #168]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #168]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r9, [%[m], #172]\n\t"
+ "LDR r12, [%[a], #172]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #172]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r9, [%[m], #176]\n\t"
+ "LDR r12, [%[a], #176]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #176]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r9, [%[m], #180]\n\t"
+ "LDR r12, [%[a], #180]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #180]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r9, [%[m], #184]\n\t"
+ "LDR r12, [%[a], #184]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #184]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r9, [%[m], #188]\n\t"
+ "LDR r12, [%[a], #188]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #188]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+48] += m[48] * mu */
+ "LDR r9, [%[m], #192]\n\t"
+ "LDR r12, [%[a], #192]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #192]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+49] += m[49] * mu */
+ "LDR r9, [%[m], #196]\n\t"
+ "LDR r12, [%[a], #196]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #196]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+50] += m[50] * mu */
+ "LDR r9, [%[m], #200]\n\t"
+ "LDR r12, [%[a], #200]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #200]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+51] += m[51] * mu */
+ "LDR r9, [%[m], #204]\n\t"
+ "LDR r12, [%[a], #204]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #204]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+52] += m[52] * mu */
+ "LDR r9, [%[m], #208]\n\t"
+ "LDR r12, [%[a], #208]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #208]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+53] += m[53] * mu */
+ "LDR r9, [%[m], #212]\n\t"
+ "LDR r12, [%[a], #212]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #212]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+54] += m[54] * mu */
+ "LDR r9, [%[m], #216]\n\t"
+ "LDR r12, [%[a], #216]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #216]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+55] += m[55] * mu */
+ "LDR r9, [%[m], #220]\n\t"
+ "LDR r12, [%[a], #220]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #220]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+56] += m[56] * mu */
+ "LDR r9, [%[m], #224]\n\t"
+ "LDR r12, [%[a], #224]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #224]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+57] += m[57] * mu */
+ "LDR r9, [%[m], #228]\n\t"
+ "LDR r12, [%[a], #228]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #228]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+58] += m[58] * mu */
+ "LDR r9, [%[m], #232]\n\t"
+ "LDR r12, [%[a], #232]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #232]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+59] += m[59] * mu */
+ "LDR r9, [%[m], #236]\n\t"
+ "LDR r12, [%[a], #236]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #236]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+60] += m[60] * mu */
+ "LDR r9, [%[m], #240]\n\t"
+ "LDR r12, [%[a], #240]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #240]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+61] += m[61] * mu */
+ "LDR r9, [%[m], #244]\n\t"
+ "LDR r12, [%[a], #244]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #244]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+62] += m[62] * mu */
+ "LDR r9, [%[m], #248]\n\t"
+ "LDR r12, [%[a], #248]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #248]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+63] += m[63] * mu */
+ "LDR r9, [%[m], #252]\n\t"
+ "LDR r12, [%[a], #252]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #252]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+64] += m[64] * mu */
+ "LDR r9, [%[m], #256]\n\t"
+ "LDR r12, [%[a], #256]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #256]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+65] += m[65] * mu */
+ "LDR r9, [%[m], #260]\n\t"
+ "LDR r12, [%[a], #260]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #260]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+66] += m[66] * mu */
+ "LDR r9, [%[m], #264]\n\t"
+ "LDR r12, [%[a], #264]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #264]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+67] += m[67] * mu */
+ "LDR r9, [%[m], #268]\n\t"
+ "LDR r12, [%[a], #268]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #268]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+68] += m[68] * mu */
+ "LDR r9, [%[m], #272]\n\t"
+ "LDR r12, [%[a], #272]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #272]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+69] += m[69] * mu */
+ "LDR r9, [%[m], #276]\n\t"
+ "LDR r12, [%[a], #276]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #276]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+70] += m[70] * mu */
+ "LDR r9, [%[m], #280]\n\t"
+ "LDR r12, [%[a], #280]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #280]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+71] += m[71] * mu */
+ "LDR r9, [%[m], #284]\n\t"
+ "LDR r12, [%[a], #284]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #284]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+72] += m[72] * mu */
+ "LDR r9, [%[m], #288]\n\t"
+ "LDR r12, [%[a], #288]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #288]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+73] += m[73] * mu */
+ "LDR r9, [%[m], #292]\n\t"
+ "LDR r12, [%[a], #292]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #292]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+74] += m[74] * mu */
+ "LDR r9, [%[m], #296]\n\t"
+ "LDR r12, [%[a], #296]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #296]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+75] += m[75] * mu */
+ "LDR r9, [%[m], #300]\n\t"
+ "LDR r12, [%[a], #300]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #300]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+76] += m[76] * mu */
+ "LDR r9, [%[m], #304]\n\t"
+ "LDR r12, [%[a], #304]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #304]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+77] += m[77] * mu */
+ "LDR r9, [%[m], #308]\n\t"
+ "LDR r12, [%[a], #308]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #308]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+78] += m[78] * mu */
+ "LDR r9, [%[m], #312]\n\t"
+ "LDR r12, [%[a], #312]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #312]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+79] += m[79] * mu */
+ "LDR r9, [%[m], #316]\n\t"
+ "LDR r12, [%[a], #316]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #316]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+80] += m[80] * mu */
+ "LDR r9, [%[m], #320]\n\t"
+ "LDR r12, [%[a], #320]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #320]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+81] += m[81] * mu */
+ "LDR r9, [%[m], #324]\n\t"
+ "LDR r12, [%[a], #324]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #324]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+82] += m[82] * mu */
+ "LDR r9, [%[m], #328]\n\t"
+ "LDR r12, [%[a], #328]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #328]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+83] += m[83] * mu */
+ "LDR r9, [%[m], #332]\n\t"
+ "LDR r12, [%[a], #332]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #332]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+84] += m[84] * mu */
+ "LDR r9, [%[m], #336]\n\t"
+ "LDR r12, [%[a], #336]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #336]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+85] += m[85] * mu */
+ "LDR r9, [%[m], #340]\n\t"
+ "LDR r12, [%[a], #340]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #340]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+86] += m[86] * mu */
+ "LDR r9, [%[m], #344]\n\t"
+ "LDR r12, [%[a], #344]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #344]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+87] += m[87] * mu */
+ "LDR r9, [%[m], #348]\n\t"
+ "LDR r12, [%[a], #348]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #348]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+88] += m[88] * mu */
+ "LDR r9, [%[m], #352]\n\t"
+ "LDR r12, [%[a], #352]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #352]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+89] += m[89] * mu */
+ "LDR r9, [%[m], #356]\n\t"
+ "LDR r12, [%[a], #356]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #356]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+90] += m[90] * mu */
+ "LDR r9, [%[m], #360]\n\t"
+ "LDR r12, [%[a], #360]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #360]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+91] += m[91] * mu */
+ "LDR r9, [%[m], #364]\n\t"
+ "LDR r12, [%[a], #364]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #364]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+92] += m[92] * mu */
+ "LDR r9, [%[m], #368]\n\t"
+ "LDR r12, [%[a], #368]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #368]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+93] += m[93] * mu */
+ "LDR r9, [%[m], #372]\n\t"
+ "LDR r12, [%[a], #372]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #372]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+94] += m[94] * mu */
+ "LDR r9, [%[m], #376]\n\t"
+ "LDR r12, [%[a], #376]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #376]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+95] += m[95] * mu */
+ "LDR r9, [%[m], #380]\n\t"
+ "LDR r12, [%[a], #380]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #380]\n\t"
+ "LDR r12, [%[a], #384]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #384]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x180\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_3072_mont_reduce_96_word\n\t"
+#else
+ "BLT.W L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
}
+#else
/* Reduce the number back to 3072 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #384\n\t"
- "\n1:\n\t"
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #376\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
/* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x180\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_3072_mont_reduce_96_mul\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_96_mul\n\t"
+#endif
+ "LDR r10, [%[a], #384]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #384]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x180\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
+ "BLT L_sp_3072_mont_reduce_96_word\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r12, [%[m], #68]\n\t"
+ "LDR r11, [%[a], #68]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r12, [%[m], #72]\n\t"
+ "LDR r11, [%[a], #72]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r12, [%[m], #76]\n\t"
+ "LDR r11, [%[a], #76]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r12, [%[m], #80]\n\t"
+ "LDR r11, [%[a], #80]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r12, [%[m], #84]\n\t"
+ "LDR r11, [%[a], #84]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r12, [%[m], #88]\n\t"
+ "LDR r11, [%[a], #88]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r12, [%[m], #92]\n\t"
+ "LDR r11, [%[a], #92]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r12, [%[m], #96]\n\t"
+ "LDR r11, [%[a], #96]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r12, [%[m], #100]\n\t"
+ "LDR r11, [%[a], #100]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r12, [%[m], #104]\n\t"
+ "LDR r11, [%[a], #104]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r12, [%[m], #108]\n\t"
+ "LDR r11, [%[a], #108]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r12, [%[m], #112]\n\t"
+ "LDR r11, [%[a], #112]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r12, [%[m], #116]\n\t"
+ "LDR r11, [%[a], #116]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r12, [%[m], #120]\n\t"
+ "LDR r11, [%[a], #120]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r12, [%[m], #124]\n\t"
+ "LDR r11, [%[a], #124]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r12, [%[m], #128]\n\t"
+ "LDR r11, [%[a], #128]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r12, [%[m], #132]\n\t"
+ "LDR r11, [%[a], #132]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r12, [%[m], #136]\n\t"
+ "LDR r11, [%[a], #136]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r12, [%[m], #140]\n\t"
+ "LDR r11, [%[a], #140]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r12, [%[m], #144]\n\t"
+ "LDR r11, [%[a], #144]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r12, [%[m], #148]\n\t"
+ "LDR r11, [%[a], #148]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r12, [%[m], #152]\n\t"
+ "LDR r11, [%[a], #152]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r12, [%[m], #156]\n\t"
+ "LDR r11, [%[a], #156]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r12, [%[m], #160]\n\t"
+ "LDR r11, [%[a], #160]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r12, [%[m], #164]\n\t"
+ "LDR r11, [%[a], #164]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r12, [%[m], #168]\n\t"
+ "LDR r11, [%[a], #168]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r12, [%[m], #172]\n\t"
+ "LDR r11, [%[a], #172]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r12, [%[m], #176]\n\t"
+ "LDR r11, [%[a], #176]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r12, [%[m], #180]\n\t"
+ "LDR r11, [%[a], #180]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r12, [%[m], #184]\n\t"
+ "LDR r11, [%[a], #184]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r12, [%[m], #188]\n\t"
+ "LDR r11, [%[a], #188]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #188]\n\t"
+ /* a[i+48] += m[48] * mu */
+ "LDR r12, [%[m], #192]\n\t"
+ "LDR r11, [%[a], #192]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #192]\n\t"
+ /* a[i+49] += m[49] * mu */
+ "LDR r12, [%[m], #196]\n\t"
+ "LDR r11, [%[a], #196]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #196]\n\t"
+ /* a[i+50] += m[50] * mu */
+ "LDR r12, [%[m], #200]\n\t"
+ "LDR r11, [%[a], #200]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #200]\n\t"
+ /* a[i+51] += m[51] * mu */
+ "LDR r12, [%[m], #204]\n\t"
+ "LDR r11, [%[a], #204]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #204]\n\t"
+ /* a[i+52] += m[52] * mu */
+ "LDR r12, [%[m], #208]\n\t"
+ "LDR r11, [%[a], #208]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #208]\n\t"
+ /* a[i+53] += m[53] * mu */
+ "LDR r12, [%[m], #212]\n\t"
+ "LDR r11, [%[a], #212]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #212]\n\t"
+ /* a[i+54] += m[54] * mu */
+ "LDR r12, [%[m], #216]\n\t"
+ "LDR r11, [%[a], #216]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #216]\n\t"
+ /* a[i+55] += m[55] * mu */
+ "LDR r12, [%[m], #220]\n\t"
+ "LDR r11, [%[a], #220]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #220]\n\t"
+ /* a[i+56] += m[56] * mu */
+ "LDR r12, [%[m], #224]\n\t"
+ "LDR r11, [%[a], #224]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #224]\n\t"
+ /* a[i+57] += m[57] * mu */
+ "LDR r12, [%[m], #228]\n\t"
+ "LDR r11, [%[a], #228]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #228]\n\t"
+ /* a[i+58] += m[58] * mu */
+ "LDR r12, [%[m], #232]\n\t"
+ "LDR r11, [%[a], #232]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #232]\n\t"
+ /* a[i+59] += m[59] * mu */
+ "LDR r12, [%[m], #236]\n\t"
+ "LDR r11, [%[a], #236]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #236]\n\t"
+ /* a[i+60] += m[60] * mu */
+ "LDR r12, [%[m], #240]\n\t"
+ "LDR r11, [%[a], #240]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #240]\n\t"
+ /* a[i+61] += m[61] * mu */
+ "LDR r12, [%[m], #244]\n\t"
+ "LDR r11, [%[a], #244]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #244]\n\t"
+ /* a[i+62] += m[62] * mu */
+ "LDR r12, [%[m], #248]\n\t"
+ "LDR r11, [%[a], #248]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #248]\n\t"
+ /* a[i+63] += m[63] * mu */
+ "LDR r12, [%[m], #252]\n\t"
+ "LDR r11, [%[a], #252]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #252]\n\t"
+ /* a[i+64] += m[64] * mu */
+ "LDR r12, [%[m], #256]\n\t"
+ "LDR r11, [%[a], #256]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #256]\n\t"
+ /* a[i+65] += m[65] * mu */
+ "LDR r12, [%[m], #260]\n\t"
+ "LDR r11, [%[a], #260]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #260]\n\t"
+ /* a[i+66] += m[66] * mu */
+ "LDR r12, [%[m], #264]\n\t"
+ "LDR r11, [%[a], #264]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #264]\n\t"
+ /* a[i+67] += m[67] * mu */
+ "LDR r12, [%[m], #268]\n\t"
+ "LDR r11, [%[a], #268]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #268]\n\t"
+ /* a[i+68] += m[68] * mu */
+ "LDR r12, [%[m], #272]\n\t"
+ "LDR r11, [%[a], #272]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #272]\n\t"
+ /* a[i+69] += m[69] * mu */
+ "LDR r12, [%[m], #276]\n\t"
+ "LDR r11, [%[a], #276]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #276]\n\t"
+ /* a[i+70] += m[70] * mu */
+ "LDR r12, [%[m], #280]\n\t"
+ "LDR r11, [%[a], #280]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #280]\n\t"
+ /* a[i+71] += m[71] * mu */
+ "LDR r12, [%[m], #284]\n\t"
+ "LDR r11, [%[a], #284]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #284]\n\t"
+ /* a[i+72] += m[72] * mu */
+ "LDR r12, [%[m], #288]\n\t"
+ "LDR r11, [%[a], #288]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #288]\n\t"
+ /* a[i+73] += m[73] * mu */
+ "LDR r12, [%[m], #292]\n\t"
+ "LDR r11, [%[a], #292]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #292]\n\t"
+ /* a[i+74] += m[74] * mu */
+ "LDR r12, [%[m], #296]\n\t"
+ "LDR r11, [%[a], #296]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #296]\n\t"
+ /* a[i+75] += m[75] * mu */
+ "LDR r12, [%[m], #300]\n\t"
+ "LDR r11, [%[a], #300]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #300]\n\t"
+ /* a[i+76] += m[76] * mu */
+ "LDR r12, [%[m], #304]\n\t"
+ "LDR r11, [%[a], #304]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #304]\n\t"
+ /* a[i+77] += m[77] * mu */
+ "LDR r12, [%[m], #308]\n\t"
+ "LDR r11, [%[a], #308]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #308]\n\t"
+ /* a[i+78] += m[78] * mu */
+ "LDR r12, [%[m], #312]\n\t"
+ "LDR r11, [%[a], #312]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #312]\n\t"
+ /* a[i+79] += m[79] * mu */
+ "LDR r12, [%[m], #316]\n\t"
+ "LDR r11, [%[a], #316]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #316]\n\t"
+ /* a[i+80] += m[80] * mu */
+ "LDR r12, [%[m], #320]\n\t"
+ "LDR r11, [%[a], #320]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #320]\n\t"
+ /* a[i+81] += m[81] * mu */
+ "LDR r12, [%[m], #324]\n\t"
+ "LDR r11, [%[a], #324]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #324]\n\t"
+ /* a[i+82] += m[82] * mu */
+ "LDR r12, [%[m], #328]\n\t"
+ "LDR r11, [%[a], #328]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #328]\n\t"
+ /* a[i+83] += m[83] * mu */
+ "LDR r12, [%[m], #332]\n\t"
+ "LDR r11, [%[a], #332]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #332]\n\t"
+ /* a[i+84] += m[84] * mu */
+ "LDR r12, [%[m], #336]\n\t"
+ "LDR r11, [%[a], #336]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #336]\n\t"
+ /* a[i+85] += m[85] * mu */
+ "LDR r12, [%[m], #340]\n\t"
+ "LDR r11, [%[a], #340]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #340]\n\t"
+ /* a[i+86] += m[86] * mu */
+ "LDR r12, [%[m], #344]\n\t"
+ "LDR r11, [%[a], #344]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #344]\n\t"
+ /* a[i+87] += m[87] * mu */
+ "LDR r12, [%[m], #348]\n\t"
+ "LDR r11, [%[a], #348]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #348]\n\t"
+ /* a[i+88] += m[88] * mu */
+ "LDR r12, [%[m], #352]\n\t"
+ "LDR r11, [%[a], #352]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #352]\n\t"
+ /* a[i+89] += m[89] * mu */
+ "LDR r12, [%[m], #356]\n\t"
+ "LDR r11, [%[a], #356]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #356]\n\t"
+ /* a[i+90] += m[90] * mu */
+ "LDR r12, [%[m], #360]\n\t"
+ "LDR r11, [%[a], #360]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #360]\n\t"
+ /* a[i+91] += m[91] * mu */
+ "LDR r12, [%[m], #364]\n\t"
+ "LDR r11, [%[a], #364]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #364]\n\t"
+ /* a[i+92] += m[92] * mu */
+ "LDR r12, [%[m], #368]\n\t"
+ "LDR r11, [%[a], #368]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #368]\n\t"
+ /* a[i+93] += m[93] * mu */
+ "LDR r12, [%[m], #372]\n\t"
+ "LDR r11, [%[a], #372]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #372]\n\t"
/* a[i+94] += m[94] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r12, [%[m], #376]\n\t"
+ "LDR r11, [%[a], #376]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #376]\n\t"
/* a[i+95] += m[95] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[95] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[95] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #376\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r12, [%[m], #380]\n\t"
+ "LDR r11, [%[a], #380]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #384]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #380]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #384]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x180\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_3072_mont_reduce_96_word\n\t"
+#else
+ "BLT.W L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
- sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - ca);
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_word:\n\t"
+ /* mu = a[i] * mp */
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_3072_mont_reduce_96_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+1] += m[j+1] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x180\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_3072_mont_reduce_96_mul\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_96_mul\n\t"
+#endif
+ "LDR r10, [%[a], #384]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #384]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x180\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_3072_mont_reduce_96_word\n\t"
+#else
+ "BLT.N L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
}
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -9438,7 +18753,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -9452,7 +18767,7 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -9468,40 +18783,44 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r5, #1\n\t"
- "lsl r5, r5, #8\n\t"
- "add r5, r5, #128\n\t"
- "add r6, r6, r5\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADD r12, %[a], #0x180\n\t"
+ "\n"
+ "L_sp_3072_sub_96_word:\n\t"
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC r11, r3, r3\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_3072_sub_96_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_3072_sub_96_word\n\t"
+#endif
+ "MOV %[r], r11\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#else
@@ -9511,262 +18830,262 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)d1;
+}
+
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -9776,49 +19095,69 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_3072_word_96_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_3072_word_96_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* Divide d in a and put remainder into r (m*d + r = a)
* m is not calculated as it is not needed at this time.
*
@@ -9828,8 +19167,8 @@ SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[192], t2[97];
sp_digit div, r1;
@@ -9891,6 +19230,7 @@ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const s
}
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
+#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -9928,46 +19268,1105 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #124\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x17c\n\t"
+ "\n"
+ "L_sp_3072_cmp_96_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_3072_cmp_96_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #380]\n\t"
+ "LDR r5, [%[b], #380]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #376]\n\t"
+ "LDR r5, [%[b], #376]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #372]\n\t"
+ "LDR r5, [%[b], #372]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #368]\n\t"
+ "LDR r5, [%[b], #368]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #364]\n\t"
+ "LDR r5, [%[b], #364]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #360]\n\t"
+ "LDR r5, [%[b], #360]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #356]\n\t"
+ "LDR r5, [%[b], #356]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #352]\n\t"
+ "LDR r5, [%[b], #352]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #348]\n\t"
+ "LDR r5, [%[b], #348]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #344]\n\t"
+ "LDR r5, [%[b], #344]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #340]\n\t"
+ "LDR r5, [%[b], #340]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #336]\n\t"
+ "LDR r5, [%[b], #336]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #332]\n\t"
+ "LDR r5, [%[b], #332]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #328]\n\t"
+ "LDR r5, [%[b], #328]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #324]\n\t"
+ "LDR r5, [%[b], #324]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #320]\n\t"
+ "LDR r5, [%[b], #320]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #316]\n\t"
+ "LDR r5, [%[b], #316]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #312]\n\t"
+ "LDR r5, [%[b], #312]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #308]\n\t"
+ "LDR r5, [%[b], #308]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #304]\n\t"
+ "LDR r5, [%[b], #304]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #300]\n\t"
+ "LDR r5, [%[b], #300]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #296]\n\t"
+ "LDR r5, [%[b], #296]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #292]\n\t"
+ "LDR r5, [%[b], #292]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #288]\n\t"
+ "LDR r5, [%[b], #288]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #284]\n\t"
+ "LDR r5, [%[b], #284]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #280]\n\t"
+ "LDR r5, [%[b], #280]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #276]\n\t"
+ "LDR r5, [%[b], #276]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #272]\n\t"
+ "LDR r5, [%[b], #272]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #268]\n\t"
+ "LDR r5, [%[b], #268]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #264]\n\t"
+ "LDR r5, [%[b], #264]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #260]\n\t"
+ "LDR r5, [%[b], #260]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #256]\n\t"
+ "LDR r5, [%[b], #256]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #252]\n\t"
+ "LDR r5, [%[b], #252]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #248]\n\t"
+ "LDR r5, [%[b], #248]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #244]\n\t"
+ "LDR r5, [%[b], #244]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #240]\n\t"
+ "LDR r5, [%[b], #240]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #236]\n\t"
+ "LDR r5, [%[b], #236]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #232]\n\t"
+ "LDR r5, [%[b], #232]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #228]\n\t"
+ "LDR r5, [%[b], #228]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #224]\n\t"
+ "LDR r5, [%[b], #224]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #220]\n\t"
+ "LDR r5, [%[b], #220]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #216]\n\t"
+ "LDR r5, [%[b], #216]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #212]\n\t"
+ "LDR r5, [%[b], #212]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #208]\n\t"
+ "LDR r5, [%[b], #208]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #204]\n\t"
+ "LDR r5, [%[b], #204]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #200]\n\t"
+ "LDR r5, [%[b], #200]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #196]\n\t"
+ "LDR r5, [%[b], #196]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #192]\n\t"
+ "LDR r5, [%[b], #192]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #188]\n\t"
+ "LDR r5, [%[b], #188]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #184]\n\t"
+ "LDR r5, [%[b], #184]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #180]\n\t"
+ "LDR r5, [%[b], #180]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #176]\n\t"
+ "LDR r5, [%[b], #176]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #172]\n\t"
+ "LDR r5, [%[b], #172]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #168]\n\t"
+ "LDR r5, [%[b], #168]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #164]\n\t"
+ "LDR r5, [%[b], #164]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #160]\n\t"
+ "LDR r5, [%[b], #160]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #156]\n\t"
+ "LDR r5, [%[b], #156]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #152]\n\t"
+ "LDR r5, [%[b], #152]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #148]\n\t"
+ "LDR r5, [%[b], #148]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #144]\n\t"
+ "LDR r5, [%[b], #144]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #140]\n\t"
+ "LDR r5, [%[b], #140]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #136]\n\t"
+ "LDR r5, [%[b], #136]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #132]\n\t"
+ "LDR r5, [%[b], #132]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #128]\n\t"
+ "LDR r5, [%[b], #128]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #124]\n\t"
+ "LDR r5, [%[b], #124]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "LDR r5, [%[b], #120]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "LDR r5, [%[b], #116]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "LDR r5, [%[b], #112]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "LDR r5, [%[b], #108]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "LDR r5, [%[b], #104]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "LDR r5, [%[b], #100]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "LDR r5, [%[b], #96]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "LDR r5, [%[b], #92]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "LDR r5, [%[b], #88]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "LDR r5, [%[b], #84]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "LDR r5, [%[b], #80]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "LDR r5, [%[b], #76]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "LDR r5, [%[b], #72]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "LDR r5, [%[b], #68]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Divide d in a and put remainder into r (m*d + r = a)
@@ -9979,8 +20378,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[192], t2[97];
sp_digit div, r1;
@@ -10025,6 +20424,7 @@ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_dig
return sp_3072_div_96(a, m, NULL, r);
}
+#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(WOLFSSL_HAVE_SP_DH)
#ifdef WOLFSSL_SP_SMALL
@@ -10488,6 +20888,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
}
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -10496,39 +20897,248 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
* b A single precision number to add.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b,
- sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #192\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "adds r5, %[c], #-1\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "adcs r5, r5, r6\n\t"
- "mov %[c], #0\n\t"
- "adcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_3072_cond_add_48_words:\n\t"
+ "ADDS r5, r5, #0xffffffff\n\t"
+ "LDR r6, [%[a], r4]\n\t"
+ "LDR r7, [%[b], r4]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "ADCS r6, r6, r7\n\t"
+ "ADC r5, r8, r8\n\t"
+ "STR r6, [%[r], r4]\n\t"
+ "ADD r4, r4, #0x4\n\t"
+ "CMP r4, #0xc0\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_3072_cond_add_48_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_3072_cond_add_48_words\n\t"
+#endif
+ "MOV %[r], r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r A single precision number representing conditional add result.
+ * a A single precision number to add with.
+ * b A single precision number to add.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r10, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADDS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "ADC %[r], r10, r10\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
/* RSA private key operation.
*
* in Array of bytes representing the number to exponentiate, base.
@@ -10843,602 +21453,599 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
#ifdef WOLFSSL_HAVE_SP_DH
#ifdef HAVE_FFDHE_3072
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
static void sp_3072_lshift_96(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r6, #31\n\t"
- "sub r6, r6, %[n]\n\t"
- "add %[a], %[a], #320\n\t"
- "add %[r], %[r], #320\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "lsr r4, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r4, r4, r6\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r4, [%[a], #60]\n\t"
- "str r3, [%[r], #68]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #56]\n\t"
- "str r2, [%[r], #64]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #52]\n\t"
- "str r4, [%[r], #60]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #48]\n\t"
- "str r3, [%[r], #56]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #44]\n\t"
- "str r2, [%[r], #52]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "str r4, [%[r], #48]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #36]\n\t"
- "str r3, [%[r], #44]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #32]\n\t"
- "str r2, [%[r], #40]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "str r4, [%[r], #36]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #24]\n\t"
- "str r3, [%[r], #32]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #20]\n\t"
- "str r2, [%[r], #28]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "str r4, [%[r], #24]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "str r3, [%[r], #20]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "str r2, [%[r], #16]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "str r4, [%[r], #12]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #0]\n\t"
- "str r3, [%[r], #8]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "str r2, [%[r], #68]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r4, [%[a], #60]\n\t"
- "str r3, [%[r], #68]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #56]\n\t"
- "str r2, [%[r], #64]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #52]\n\t"
- "str r4, [%[r], #60]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #48]\n\t"
- "str r3, [%[r], #56]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #44]\n\t"
- "str r2, [%[r], #52]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "str r4, [%[r], #48]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #36]\n\t"
- "str r3, [%[r], #44]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #32]\n\t"
- "str r2, [%[r], #40]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "str r4, [%[r], #36]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #24]\n\t"
- "str r3, [%[r], #32]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #20]\n\t"
- "str r2, [%[r], #28]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "str r4, [%[r], #24]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "str r3, [%[r], #20]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "str r2, [%[r], #16]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "str r4, [%[r], #12]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #0]\n\t"
- "str r3, [%[r], #8]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "str r4, [%[r]]\n\t"
- "str r2, [%[r], #4]\n\t"
+ "RSB r7, %[n], #0x1f\n\t"
+ "LDR r5, [%[a], #380]\n\t"
+ "LSR r6, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r6, r6, r7\n\t"
+ "LDR r4, [%[a], #376]\n\t"
+ "STR r6, [%[r], #384]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #372]\n\t"
+ "STR r5, [%[r], #380]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #368]\n\t"
+ "STR r4, [%[r], #376]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #364]\n\t"
+ "STR r6, [%[r], #372]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #360]\n\t"
+ "STR r5, [%[r], #368]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #356]\n\t"
+ "STR r4, [%[r], #364]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #352]\n\t"
+ "STR r6, [%[r], #360]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #348]\n\t"
+ "STR r5, [%[r], #356]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #344]\n\t"
+ "STR r4, [%[r], #352]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #340]\n\t"
+ "STR r6, [%[r], #348]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #336]\n\t"
+ "STR r5, [%[r], #344]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #332]\n\t"
+ "STR r4, [%[r], #340]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #328]\n\t"
+ "STR r6, [%[r], #336]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #324]\n\t"
+ "STR r5, [%[r], #332]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #320]\n\t"
+ "STR r4, [%[r], #328]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #316]\n\t"
+ "STR r6, [%[r], #324]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #312]\n\t"
+ "STR r5, [%[r], #320]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #308]\n\t"
+ "STR r4, [%[r], #316]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #304]\n\t"
+ "STR r6, [%[r], #312]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #300]\n\t"
+ "STR r5, [%[r], #308]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #296]\n\t"
+ "STR r4, [%[r], #304]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #292]\n\t"
+ "STR r6, [%[r], #300]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #288]\n\t"
+ "STR r5, [%[r], #296]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #284]\n\t"
+ "STR r4, [%[r], #292]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #280]\n\t"
+ "STR r6, [%[r], #288]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #276]\n\t"
+ "STR r5, [%[r], #284]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #272]\n\t"
+ "STR r4, [%[r], #280]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #268]\n\t"
+ "STR r6, [%[r], #276]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #264]\n\t"
+ "STR r5, [%[r], #272]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #260]\n\t"
+ "STR r4, [%[r], #268]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #256]\n\t"
+ "STR r6, [%[r], #264]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #252]\n\t"
+ "STR r5, [%[r], #260]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #248]\n\t"
+ "STR r4, [%[r], #256]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #244]\n\t"
+ "STR r6, [%[r], #252]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #240]\n\t"
+ "STR r5, [%[r], #248]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #236]\n\t"
+ "STR r4, [%[r], #244]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #232]\n\t"
+ "STR r6, [%[r], #240]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #228]\n\t"
+ "STR r5, [%[r], #236]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #224]\n\t"
+ "STR r4, [%[r], #232]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #220]\n\t"
+ "STR r6, [%[r], #228]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #216]\n\t"
+ "STR r5, [%[r], #224]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #212]\n\t"
+ "STR r4, [%[r], #220]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #208]\n\t"
+ "STR r6, [%[r], #216]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #204]\n\t"
+ "STR r5, [%[r], #212]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #200]\n\t"
+ "STR r4, [%[r], #208]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #196]\n\t"
+ "STR r6, [%[r], #204]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #192]\n\t"
+ "STR r5, [%[r], #200]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #188]\n\t"
+ "STR r4, [%[r], #196]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #184]\n\t"
+ "STR r6, [%[r], #192]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #180]\n\t"
+ "STR r5, [%[r], #188]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #176]\n\t"
+ "STR r4, [%[r], #184]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #172]\n\t"
+ "STR r6, [%[r], #180]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #168]\n\t"
+ "STR r5, [%[r], #176]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #164]\n\t"
+ "STR r4, [%[r], #172]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #160]\n\t"
+ "STR r6, [%[r], #168]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #156]\n\t"
+ "STR r5, [%[r], #164]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #152]\n\t"
+ "STR r4, [%[r], #160]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #148]\n\t"
+ "STR r6, [%[r], #156]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #144]\n\t"
+ "STR r5, [%[r], #152]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #140]\n\t"
+ "STR r4, [%[r], #148]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #136]\n\t"
+ "STR r6, [%[r], #144]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #132]\n\t"
+ "STR r5, [%[r], #140]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #128]\n\t"
+ "STR r4, [%[r], #136]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #124]\n\t"
+ "STR r6, [%[r], #132]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #120]\n\t"
+ "STR r5, [%[r], #128]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #116]\n\t"
+ "STR r4, [%[r], #124]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "STR r6, [%[r], #120]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #108]\n\t"
+ "STR r5, [%[r], #116]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #104]\n\t"
+ "STR r4, [%[r], #112]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "STR r6, [%[r], #108]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #96]\n\t"
+ "STR r5, [%[r], #104]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #92]\n\t"
+ "STR r4, [%[r], #100]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "STR r6, [%[r], #96]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #84]\n\t"
+ "STR r5, [%[r], #92]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #80]\n\t"
+ "STR r4, [%[r], #88]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "STR r6, [%[r], #84]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #72]\n\t"
+ "STR r5, [%[r], #80]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #68]\n\t"
+ "STR r4, [%[r], #76]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "STR r6, [%[r], #72]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #60]\n\t"
+ "STR r5, [%[r], #68]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #56]\n\t"
+ "STR r4, [%[r], #64]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "STR r6, [%[r], #60]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #48]\n\t"
+ "STR r5, [%[r], #56]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #44]\n\t"
+ "STR r4, [%[r], #52]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "STR r6, [%[r], #48]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #36]\n\t"
+ "STR r5, [%[r], #44]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #32]\n\t"
+ "STR r4, [%[r], #40]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "STR r6, [%[r], #36]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #24]\n\t"
+ "STR r5, [%[r], #32]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #20]\n\t"
+ "STR r4, [%[r], #28]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "STR r6, [%[r], #24]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #12]\n\t"
+ "STR r5, [%[r], #20]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "STR r4, [%[r], #16]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "STR r6, [%[r], #12]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "STR r5, [%[r], #8]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "STR r6, [%[r]]\n\t"
+ "STR r4, [%[r], #4]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : [r] "r" (r), [a] "r" (a), [n] "r" (n)
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
);
}
@@ -11740,14 +22347,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -11852,345 +22459,253 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a)
#define sp_4096_norm_128(a)
#ifndef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -12199,340 +22714,250 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Multiply a and b into r. (r = a * b)
@@ -12618,39 +23043,45 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #512\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x200\n\t"
+ "\n"
+ "L_sp_4096_add_128_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_4096_add_128_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_4096_add_128_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -12660,39 +23091,43 @@ SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #512\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x200\n\t"
+ "\n"
+ "L_sp_4096_sub_in_pkace_128_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_4096_sub_in_pkace_128_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_4096_sub_in_pkace_128_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -12703,88 +23138,99 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[128 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #2\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #252\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x400\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_4096_mul_128_outer:\n\t"
+ "SUBS r3, r5, #0x1fc\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_4096_mul_128_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_4096_mul_128_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BGT.N L_sp_4096_mul_128_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_4096_mul_128_inner\n\t"
+#else
+ "BLT.N L_sp_4096_mul_128_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_4096_mul_128_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x3f4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #3\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLE L_sp_4096_mul_128_outer\n\t"
+#else
+ "BLE.N L_sp_4096_mul_128_outer\n\t"
+#endif
+ "LDR lr, [%[a], #508]\n\t"
+ "LDR r11, [%[b], #508]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_4096_mul_128_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BGT L_sp_4096_mul_128_store\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BGT.N L_sp_4096_mul_128_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -12792,136 +23238,96 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #4\n\t"
- "lsl r6, r6, #8\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #252\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
+ "SUB sp, sp, #0x400\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_4096_sqr_128_outer:\n\t"
+ "SUBS r3, r5, #0x1fc\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_4096_sqr_128_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #2\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_4096_sqr_128_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
+ "BGT.N L_sp_4096_sqr_128_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
+ "BLT L_sp_4096_sqr_128_inner\n\t"
#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #3\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT.N L_sp_4096_sqr_128_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_4096_sqr_128_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x3f4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #3\n\t"
- "lsl r3, r3, #8\n\t"
- "add r3, r3, #252\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
+ "BLE L_sp_4096_sqr_128_outer\n\t"
+#else
+ "BLE.N L_sp_4096_sqr_128_outer\n\t"
+#endif
+ "LDR lr, [%[a], #508]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_4096_sqr_128_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
+ "BGT L_sp_4096_sqr_128_store\n\t"
#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #4\n\t"
- "lsl r6, r6, #8\n\t"
- "add sp, sp, r6\n\t"
+ "BGT.N L_sp_4096_sqr_128_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
#endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -12941,48 +23347,726 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
*rho = (sp_digit)0 - x;
}
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #512\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_4096_mul_d_128_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x200\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_4096_mul_d_128_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_4096_mul_d_128_word\n\t"
+#endif
+ "STR r3, [%[r], #512]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[17] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[18] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[19] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[20] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[21] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[22] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[23] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[24] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[25] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[26] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[27] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[28] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[29] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[30] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[31] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[32] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[33] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[34] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[35] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[36] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[37] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[38] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[39] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[40] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[41] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[42] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[43] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[44] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[45] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[46] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[47] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[48] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[49] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[50] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[51] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[52] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[53] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[54] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[55] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[56] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[57] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[58] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[59] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[60] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[61] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[62] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[63] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[64] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[65] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[66] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[67] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[68] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[69] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[70] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[71] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[72] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[73] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[74] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[75] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[76] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[77] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[78] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[79] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[80] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[81] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[82] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[83] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[84] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[85] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[86] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[87] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[88] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[89] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[90] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[91] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[92] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[93] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[94] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[95] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[96] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[97] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[98] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[99] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[100] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[101] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[102] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[103] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[104] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[105] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[106] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[107] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[108] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[109] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[110] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[111] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[112] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[113] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[114] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[115] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[116] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[117] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[118] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[119] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[120] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[121] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[122] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[123] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[124] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[125] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[126] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[127] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "STR r5, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
}
+#endif /* WOLFSSL_SP_SMALL */
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
/* r = 2^n mod m where n is the number of bits to reduce by.
* Given m must be 4096 bits, just need to subtract.
@@ -12999,6 +24083,7 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
}
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -13007,142 +24092,2501 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #2\n\t"
- "lsl r5, r5, #8\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_4096_cond_sub_128_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x200\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_4096_cond_sub_128_words\n\t"
+#else
+ "BLT.N L_sp_4096_cond_sub_128_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r9, [%[m], #68]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r9, [%[m], #72]\n\t"
+ "LDR r12, [%[a], #72]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #72]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r9, [%[m], #76]\n\t"
+ "LDR r12, [%[a], #76]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #76]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r9, [%[m], #80]\n\t"
+ "LDR r12, [%[a], #80]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #80]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r9, [%[m], #84]\n\t"
+ "LDR r12, [%[a], #84]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #84]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r9, [%[m], #88]\n\t"
+ "LDR r12, [%[a], #88]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #88]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r9, [%[m], #92]\n\t"
+ "LDR r12, [%[a], #92]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #92]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r9, [%[m], #96]\n\t"
+ "LDR r12, [%[a], #96]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #96]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r9, [%[m], #100]\n\t"
+ "LDR r12, [%[a], #100]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #100]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r9, [%[m], #104]\n\t"
+ "LDR r12, [%[a], #104]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #104]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r9, [%[m], #108]\n\t"
+ "LDR r12, [%[a], #108]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #108]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r9, [%[m], #112]\n\t"
+ "LDR r12, [%[a], #112]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #112]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r9, [%[m], #116]\n\t"
+ "LDR r12, [%[a], #116]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #116]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r9, [%[m], #120]\n\t"
+ "LDR r12, [%[a], #120]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #120]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r9, [%[m], #124]\n\t"
+ "LDR r12, [%[a], #124]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #124]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r9, [%[m], #128]\n\t"
+ "LDR r12, [%[a], #128]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #128]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r9, [%[m], #132]\n\t"
+ "LDR r12, [%[a], #132]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #132]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r9, [%[m], #136]\n\t"
+ "LDR r12, [%[a], #136]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #136]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r9, [%[m], #140]\n\t"
+ "LDR r12, [%[a], #140]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #140]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r9, [%[m], #144]\n\t"
+ "LDR r12, [%[a], #144]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #144]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r9, [%[m], #148]\n\t"
+ "LDR r12, [%[a], #148]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #148]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r9, [%[m], #152]\n\t"
+ "LDR r12, [%[a], #152]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #152]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r9, [%[m], #156]\n\t"
+ "LDR r12, [%[a], #156]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #156]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r9, [%[m], #160]\n\t"
+ "LDR r12, [%[a], #160]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #160]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r9, [%[m], #164]\n\t"
+ "LDR r12, [%[a], #164]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #164]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r9, [%[m], #168]\n\t"
+ "LDR r12, [%[a], #168]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #168]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r9, [%[m], #172]\n\t"
+ "LDR r12, [%[a], #172]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #172]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r9, [%[m], #176]\n\t"
+ "LDR r12, [%[a], #176]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #176]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r9, [%[m], #180]\n\t"
+ "LDR r12, [%[a], #180]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #180]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r9, [%[m], #184]\n\t"
+ "LDR r12, [%[a], #184]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #184]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r9, [%[m], #188]\n\t"
+ "LDR r12, [%[a], #188]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #188]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+48] += m[48] * mu */
+ "LDR r9, [%[m], #192]\n\t"
+ "LDR r12, [%[a], #192]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #192]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+49] += m[49] * mu */
+ "LDR r9, [%[m], #196]\n\t"
+ "LDR r12, [%[a], #196]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #196]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+50] += m[50] * mu */
+ "LDR r9, [%[m], #200]\n\t"
+ "LDR r12, [%[a], #200]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #200]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+51] += m[51] * mu */
+ "LDR r9, [%[m], #204]\n\t"
+ "LDR r12, [%[a], #204]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #204]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+52] += m[52] * mu */
+ "LDR r9, [%[m], #208]\n\t"
+ "LDR r12, [%[a], #208]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #208]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+53] += m[53] * mu */
+ "LDR r9, [%[m], #212]\n\t"
+ "LDR r12, [%[a], #212]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #212]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+54] += m[54] * mu */
+ "LDR r9, [%[m], #216]\n\t"
+ "LDR r12, [%[a], #216]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #216]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+55] += m[55] * mu */
+ "LDR r9, [%[m], #220]\n\t"
+ "LDR r12, [%[a], #220]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #220]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+56] += m[56] * mu */
+ "LDR r9, [%[m], #224]\n\t"
+ "LDR r12, [%[a], #224]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #224]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+57] += m[57] * mu */
+ "LDR r9, [%[m], #228]\n\t"
+ "LDR r12, [%[a], #228]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #228]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+58] += m[58] * mu */
+ "LDR r9, [%[m], #232]\n\t"
+ "LDR r12, [%[a], #232]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #232]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+59] += m[59] * mu */
+ "LDR r9, [%[m], #236]\n\t"
+ "LDR r12, [%[a], #236]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #236]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+60] += m[60] * mu */
+ "LDR r9, [%[m], #240]\n\t"
+ "LDR r12, [%[a], #240]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #240]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+61] += m[61] * mu */
+ "LDR r9, [%[m], #244]\n\t"
+ "LDR r12, [%[a], #244]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #244]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+62] += m[62] * mu */
+ "LDR r9, [%[m], #248]\n\t"
+ "LDR r12, [%[a], #248]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #248]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+63] += m[63] * mu */
+ "LDR r9, [%[m], #252]\n\t"
+ "LDR r12, [%[a], #252]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #252]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+64] += m[64] * mu */
+ "LDR r9, [%[m], #256]\n\t"
+ "LDR r12, [%[a], #256]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #256]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+65] += m[65] * mu */
+ "LDR r9, [%[m], #260]\n\t"
+ "LDR r12, [%[a], #260]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #260]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+66] += m[66] * mu */
+ "LDR r9, [%[m], #264]\n\t"
+ "LDR r12, [%[a], #264]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #264]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+67] += m[67] * mu */
+ "LDR r9, [%[m], #268]\n\t"
+ "LDR r12, [%[a], #268]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #268]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+68] += m[68] * mu */
+ "LDR r9, [%[m], #272]\n\t"
+ "LDR r12, [%[a], #272]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #272]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+69] += m[69] * mu */
+ "LDR r9, [%[m], #276]\n\t"
+ "LDR r12, [%[a], #276]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #276]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+70] += m[70] * mu */
+ "LDR r9, [%[m], #280]\n\t"
+ "LDR r12, [%[a], #280]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #280]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+71] += m[71] * mu */
+ "LDR r9, [%[m], #284]\n\t"
+ "LDR r12, [%[a], #284]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #284]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+72] += m[72] * mu */
+ "LDR r9, [%[m], #288]\n\t"
+ "LDR r12, [%[a], #288]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #288]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+73] += m[73] * mu */
+ "LDR r9, [%[m], #292]\n\t"
+ "LDR r12, [%[a], #292]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #292]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+74] += m[74] * mu */
+ "LDR r9, [%[m], #296]\n\t"
+ "LDR r12, [%[a], #296]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #296]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+75] += m[75] * mu */
+ "LDR r9, [%[m], #300]\n\t"
+ "LDR r12, [%[a], #300]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #300]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+76] += m[76] * mu */
+ "LDR r9, [%[m], #304]\n\t"
+ "LDR r12, [%[a], #304]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #304]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+77] += m[77] * mu */
+ "LDR r9, [%[m], #308]\n\t"
+ "LDR r12, [%[a], #308]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #308]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+78] += m[78] * mu */
+ "LDR r9, [%[m], #312]\n\t"
+ "LDR r12, [%[a], #312]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #312]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+79] += m[79] * mu */
+ "LDR r9, [%[m], #316]\n\t"
+ "LDR r12, [%[a], #316]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #316]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+80] += m[80] * mu */
+ "LDR r9, [%[m], #320]\n\t"
+ "LDR r12, [%[a], #320]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #320]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+81] += m[81] * mu */
+ "LDR r9, [%[m], #324]\n\t"
+ "LDR r12, [%[a], #324]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #324]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+82] += m[82] * mu */
+ "LDR r9, [%[m], #328]\n\t"
+ "LDR r12, [%[a], #328]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #328]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+83] += m[83] * mu */
+ "LDR r9, [%[m], #332]\n\t"
+ "LDR r12, [%[a], #332]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #332]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+84] += m[84] * mu */
+ "LDR r9, [%[m], #336]\n\t"
+ "LDR r12, [%[a], #336]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #336]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+85] += m[85] * mu */
+ "LDR r9, [%[m], #340]\n\t"
+ "LDR r12, [%[a], #340]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #340]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+86] += m[86] * mu */
+ "LDR r9, [%[m], #344]\n\t"
+ "LDR r12, [%[a], #344]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #344]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+87] += m[87] * mu */
+ "LDR r9, [%[m], #348]\n\t"
+ "LDR r12, [%[a], #348]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #348]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+88] += m[88] * mu */
+ "LDR r9, [%[m], #352]\n\t"
+ "LDR r12, [%[a], #352]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #352]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+89] += m[89] * mu */
+ "LDR r9, [%[m], #356]\n\t"
+ "LDR r12, [%[a], #356]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #356]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+90] += m[90] * mu */
+ "LDR r9, [%[m], #360]\n\t"
+ "LDR r12, [%[a], #360]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #360]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+91] += m[91] * mu */
+ "LDR r9, [%[m], #364]\n\t"
+ "LDR r12, [%[a], #364]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #364]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+92] += m[92] * mu */
+ "LDR r9, [%[m], #368]\n\t"
+ "LDR r12, [%[a], #368]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #368]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+93] += m[93] * mu */
+ "LDR r9, [%[m], #372]\n\t"
+ "LDR r12, [%[a], #372]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #372]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+94] += m[94] * mu */
+ "LDR r9, [%[m], #376]\n\t"
+ "LDR r12, [%[a], #376]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #376]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+95] += m[95] * mu */
+ "LDR r9, [%[m], #380]\n\t"
+ "LDR r12, [%[a], #380]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #380]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+96] += m[96] * mu */
+ "LDR r9, [%[m], #384]\n\t"
+ "LDR r12, [%[a], #384]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #384]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+97] += m[97] * mu */
+ "LDR r9, [%[m], #388]\n\t"
+ "LDR r12, [%[a], #388]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #388]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+98] += m[98] * mu */
+ "LDR r9, [%[m], #392]\n\t"
+ "LDR r12, [%[a], #392]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #392]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+99] += m[99] * mu */
+ "LDR r9, [%[m], #396]\n\t"
+ "LDR r12, [%[a], #396]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #396]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+100] += m[100] * mu */
+ "LDR r9, [%[m], #400]\n\t"
+ "LDR r12, [%[a], #400]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #400]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+101] += m[101] * mu */
+ "LDR r9, [%[m], #404]\n\t"
+ "LDR r12, [%[a], #404]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #404]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+102] += m[102] * mu */
+ "LDR r9, [%[m], #408]\n\t"
+ "LDR r12, [%[a], #408]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #408]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+103] += m[103] * mu */
+ "LDR r9, [%[m], #412]\n\t"
+ "LDR r12, [%[a], #412]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #412]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+104] += m[104] * mu */
+ "LDR r9, [%[m], #416]\n\t"
+ "LDR r12, [%[a], #416]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #416]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+105] += m[105] * mu */
+ "LDR r9, [%[m], #420]\n\t"
+ "LDR r12, [%[a], #420]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #420]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+106] += m[106] * mu */
+ "LDR r9, [%[m], #424]\n\t"
+ "LDR r12, [%[a], #424]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #424]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+107] += m[107] * mu */
+ "LDR r9, [%[m], #428]\n\t"
+ "LDR r12, [%[a], #428]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #428]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+108] += m[108] * mu */
+ "LDR r9, [%[m], #432]\n\t"
+ "LDR r12, [%[a], #432]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #432]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+109] += m[109] * mu */
+ "LDR r9, [%[m], #436]\n\t"
+ "LDR r12, [%[a], #436]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #436]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+110] += m[110] * mu */
+ "LDR r9, [%[m], #440]\n\t"
+ "LDR r12, [%[a], #440]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #440]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+111] += m[111] * mu */
+ "LDR r9, [%[m], #444]\n\t"
+ "LDR r12, [%[a], #444]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #444]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+112] += m[112] * mu */
+ "LDR r9, [%[m], #448]\n\t"
+ "LDR r12, [%[a], #448]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #448]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+113] += m[113] * mu */
+ "LDR r9, [%[m], #452]\n\t"
+ "LDR r12, [%[a], #452]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #452]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+114] += m[114] * mu */
+ "LDR r9, [%[m], #456]\n\t"
+ "LDR r12, [%[a], #456]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #456]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+115] += m[115] * mu */
+ "LDR r9, [%[m], #460]\n\t"
+ "LDR r12, [%[a], #460]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #460]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+116] += m[116] * mu */
+ "LDR r9, [%[m], #464]\n\t"
+ "LDR r12, [%[a], #464]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #464]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+117] += m[117] * mu */
+ "LDR r9, [%[m], #468]\n\t"
+ "LDR r12, [%[a], #468]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #468]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+118] += m[118] * mu */
+ "LDR r9, [%[m], #472]\n\t"
+ "LDR r12, [%[a], #472]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #472]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+119] += m[119] * mu */
+ "LDR r9, [%[m], #476]\n\t"
+ "LDR r12, [%[a], #476]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #476]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+120] += m[120] * mu */
+ "LDR r9, [%[m], #480]\n\t"
+ "LDR r12, [%[a], #480]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #480]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+121] += m[121] * mu */
+ "LDR r9, [%[m], #484]\n\t"
+ "LDR r12, [%[a], #484]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #484]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+122] += m[122] * mu */
+ "LDR r9, [%[m], #488]\n\t"
+ "LDR r12, [%[a], #488]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #488]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+123] += m[123] * mu */
+ "LDR r9, [%[m], #492]\n\t"
+ "LDR r12, [%[a], #492]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #492]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+124] += m[124] * mu */
+ "LDR r9, [%[m], #496]\n\t"
+ "LDR r12, [%[a], #496]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #496]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+125] += m[125] * mu */
+ "LDR r9, [%[m], #500]\n\t"
+ "LDR r12, [%[a], #500]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #500]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+126] += m[126] * mu */
+ "LDR r9, [%[m], #504]\n\t"
+ "LDR r12, [%[a], #504]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #504]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+127] += m[127] * mu */
+ "LDR r9, [%[m], #508]\n\t"
+ "LDR r12, [%[a], #508]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #508]\n\t"
+ "LDR r12, [%[a], #512]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #512]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x200\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_4096_mont_reduce_128_word\n\t"
+#else
+ "BLT.W L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
}
+#else
/* Reduce the number back to 4096 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #512\n\t"
- "\n1:\n\t"
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #504\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
/* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r8, r7\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ "ADC r4, r5, #0x0\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x200\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_4096_mont_reduce_128_mul\n\t"
+#else
+ "BLT.N L_sp_4096_mont_reduce_128_mul\n\t"
+#endif
+ "LDR r10, [%[a], #512]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #512]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x200\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
+ "BLT L_sp_4096_mont_reduce_128_word\n\t"
+#else
+ "BLT.N L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
+#else
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r12, [%[m], #68]\n\t"
+ "LDR r11, [%[a], #68]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r12, [%[m], #72]\n\t"
+ "LDR r11, [%[a], #72]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r12, [%[m], #76]\n\t"
+ "LDR r11, [%[a], #76]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r12, [%[m], #80]\n\t"
+ "LDR r11, [%[a], #80]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r12, [%[m], #84]\n\t"
+ "LDR r11, [%[a], #84]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r12, [%[m], #88]\n\t"
+ "LDR r11, [%[a], #88]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r12, [%[m], #92]\n\t"
+ "LDR r11, [%[a], #92]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r12, [%[m], #96]\n\t"
+ "LDR r11, [%[a], #96]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r12, [%[m], #100]\n\t"
+ "LDR r11, [%[a], #100]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r12, [%[m], #104]\n\t"
+ "LDR r11, [%[a], #104]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r12, [%[m], #108]\n\t"
+ "LDR r11, [%[a], #108]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r12, [%[m], #112]\n\t"
+ "LDR r11, [%[a], #112]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r12, [%[m], #116]\n\t"
+ "LDR r11, [%[a], #116]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r12, [%[m], #120]\n\t"
+ "LDR r11, [%[a], #120]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r12, [%[m], #124]\n\t"
+ "LDR r11, [%[a], #124]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #124]\n\t"
+ /* a[i+32] += m[32] * mu */
+ "LDR r12, [%[m], #128]\n\t"
+ "LDR r11, [%[a], #128]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #128]\n\t"
+ /* a[i+33] += m[33] * mu */
+ "LDR r12, [%[m], #132]\n\t"
+ "LDR r11, [%[a], #132]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #132]\n\t"
+ /* a[i+34] += m[34] * mu */
+ "LDR r12, [%[m], #136]\n\t"
+ "LDR r11, [%[a], #136]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #136]\n\t"
+ /* a[i+35] += m[35] * mu */
+ "LDR r12, [%[m], #140]\n\t"
+ "LDR r11, [%[a], #140]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #140]\n\t"
+ /* a[i+36] += m[36] * mu */
+ "LDR r12, [%[m], #144]\n\t"
+ "LDR r11, [%[a], #144]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #144]\n\t"
+ /* a[i+37] += m[37] * mu */
+ "LDR r12, [%[m], #148]\n\t"
+ "LDR r11, [%[a], #148]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #148]\n\t"
+ /* a[i+38] += m[38] * mu */
+ "LDR r12, [%[m], #152]\n\t"
+ "LDR r11, [%[a], #152]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #152]\n\t"
+ /* a[i+39] += m[39] * mu */
+ "LDR r12, [%[m], #156]\n\t"
+ "LDR r11, [%[a], #156]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #156]\n\t"
+ /* a[i+40] += m[40] * mu */
+ "LDR r12, [%[m], #160]\n\t"
+ "LDR r11, [%[a], #160]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #160]\n\t"
+ /* a[i+41] += m[41] * mu */
+ "LDR r12, [%[m], #164]\n\t"
+ "LDR r11, [%[a], #164]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #164]\n\t"
+ /* a[i+42] += m[42] * mu */
+ "LDR r12, [%[m], #168]\n\t"
+ "LDR r11, [%[a], #168]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #168]\n\t"
+ /* a[i+43] += m[43] * mu */
+ "LDR r12, [%[m], #172]\n\t"
+ "LDR r11, [%[a], #172]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #172]\n\t"
+ /* a[i+44] += m[44] * mu */
+ "LDR r12, [%[m], #176]\n\t"
+ "LDR r11, [%[a], #176]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #176]\n\t"
+ /* a[i+45] += m[45] * mu */
+ "LDR r12, [%[m], #180]\n\t"
+ "LDR r11, [%[a], #180]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #180]\n\t"
+ /* a[i+46] += m[46] * mu */
+ "LDR r12, [%[m], #184]\n\t"
+ "LDR r11, [%[a], #184]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #184]\n\t"
+ /* a[i+47] += m[47] * mu */
+ "LDR r12, [%[m], #188]\n\t"
+ "LDR r11, [%[a], #188]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #188]\n\t"
+ /* a[i+48] += m[48] * mu */
+ "LDR r12, [%[m], #192]\n\t"
+ "LDR r11, [%[a], #192]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #192]\n\t"
+ /* a[i+49] += m[49] * mu */
+ "LDR r12, [%[m], #196]\n\t"
+ "LDR r11, [%[a], #196]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #196]\n\t"
+ /* a[i+50] += m[50] * mu */
+ "LDR r12, [%[m], #200]\n\t"
+ "LDR r11, [%[a], #200]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #200]\n\t"
+ /* a[i+51] += m[51] * mu */
+ "LDR r12, [%[m], #204]\n\t"
+ "LDR r11, [%[a], #204]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #204]\n\t"
+ /* a[i+52] += m[52] * mu */
+ "LDR r12, [%[m], #208]\n\t"
+ "LDR r11, [%[a], #208]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #208]\n\t"
+ /* a[i+53] += m[53] * mu */
+ "LDR r12, [%[m], #212]\n\t"
+ "LDR r11, [%[a], #212]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #212]\n\t"
+ /* a[i+54] += m[54] * mu */
+ "LDR r12, [%[m], #216]\n\t"
+ "LDR r11, [%[a], #216]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #216]\n\t"
+ /* a[i+55] += m[55] * mu */
+ "LDR r12, [%[m], #220]\n\t"
+ "LDR r11, [%[a], #220]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #220]\n\t"
+ /* a[i+56] += m[56] * mu */
+ "LDR r12, [%[m], #224]\n\t"
+ "LDR r11, [%[a], #224]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #224]\n\t"
+ /* a[i+57] += m[57] * mu */
+ "LDR r12, [%[m], #228]\n\t"
+ "LDR r11, [%[a], #228]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #228]\n\t"
+ /* a[i+58] += m[58] * mu */
+ "LDR r12, [%[m], #232]\n\t"
+ "LDR r11, [%[a], #232]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #232]\n\t"
+ /* a[i+59] += m[59] * mu */
+ "LDR r12, [%[m], #236]\n\t"
+ "LDR r11, [%[a], #236]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #236]\n\t"
+ /* a[i+60] += m[60] * mu */
+ "LDR r12, [%[m], #240]\n\t"
+ "LDR r11, [%[a], #240]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #240]\n\t"
+ /* a[i+61] += m[61] * mu */
+ "LDR r12, [%[m], #244]\n\t"
+ "LDR r11, [%[a], #244]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #244]\n\t"
+ /* a[i+62] += m[62] * mu */
+ "LDR r12, [%[m], #248]\n\t"
+ "LDR r11, [%[a], #248]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #248]\n\t"
+ /* a[i+63] += m[63] * mu */
+ "LDR r12, [%[m], #252]\n\t"
+ "LDR r11, [%[a], #252]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #252]\n\t"
+ /* a[i+64] += m[64] * mu */
+ "LDR r12, [%[m], #256]\n\t"
+ "LDR r11, [%[a], #256]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #256]\n\t"
+ /* a[i+65] += m[65] * mu */
+ "LDR r12, [%[m], #260]\n\t"
+ "LDR r11, [%[a], #260]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #260]\n\t"
+ /* a[i+66] += m[66] * mu */
+ "LDR r12, [%[m], #264]\n\t"
+ "LDR r11, [%[a], #264]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #264]\n\t"
+ /* a[i+67] += m[67] * mu */
+ "LDR r12, [%[m], #268]\n\t"
+ "LDR r11, [%[a], #268]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #268]\n\t"
+ /* a[i+68] += m[68] * mu */
+ "LDR r12, [%[m], #272]\n\t"
+ "LDR r11, [%[a], #272]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #272]\n\t"
+ /* a[i+69] += m[69] * mu */
+ "LDR r12, [%[m], #276]\n\t"
+ "LDR r11, [%[a], #276]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #276]\n\t"
+ /* a[i+70] += m[70] * mu */
+ "LDR r12, [%[m], #280]\n\t"
+ "LDR r11, [%[a], #280]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #280]\n\t"
+ /* a[i+71] += m[71] * mu */
+ "LDR r12, [%[m], #284]\n\t"
+ "LDR r11, [%[a], #284]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #284]\n\t"
+ /* a[i+72] += m[72] * mu */
+ "LDR r12, [%[m], #288]\n\t"
+ "LDR r11, [%[a], #288]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #288]\n\t"
+ /* a[i+73] += m[73] * mu */
+ "LDR r12, [%[m], #292]\n\t"
+ "LDR r11, [%[a], #292]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #292]\n\t"
+ /* a[i+74] += m[74] * mu */
+ "LDR r12, [%[m], #296]\n\t"
+ "LDR r11, [%[a], #296]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #296]\n\t"
+ /* a[i+75] += m[75] * mu */
+ "LDR r12, [%[m], #300]\n\t"
+ "LDR r11, [%[a], #300]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #300]\n\t"
+ /* a[i+76] += m[76] * mu */
+ "LDR r12, [%[m], #304]\n\t"
+ "LDR r11, [%[a], #304]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #304]\n\t"
+ /* a[i+77] += m[77] * mu */
+ "LDR r12, [%[m], #308]\n\t"
+ "LDR r11, [%[a], #308]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #308]\n\t"
+ /* a[i+78] += m[78] * mu */
+ "LDR r12, [%[m], #312]\n\t"
+ "LDR r11, [%[a], #312]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #312]\n\t"
+ /* a[i+79] += m[79] * mu */
+ "LDR r12, [%[m], #316]\n\t"
+ "LDR r11, [%[a], #316]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #316]\n\t"
+ /* a[i+80] += m[80] * mu */
+ "LDR r12, [%[m], #320]\n\t"
+ "LDR r11, [%[a], #320]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #320]\n\t"
+ /* a[i+81] += m[81] * mu */
+ "LDR r12, [%[m], #324]\n\t"
+ "LDR r11, [%[a], #324]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #324]\n\t"
+ /* a[i+82] += m[82] * mu */
+ "LDR r12, [%[m], #328]\n\t"
+ "LDR r11, [%[a], #328]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #328]\n\t"
+ /* a[i+83] += m[83] * mu */
+ "LDR r12, [%[m], #332]\n\t"
+ "LDR r11, [%[a], #332]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #332]\n\t"
+ /* a[i+84] += m[84] * mu */
+ "LDR r12, [%[m], #336]\n\t"
+ "LDR r11, [%[a], #336]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #336]\n\t"
+ /* a[i+85] += m[85] * mu */
+ "LDR r12, [%[m], #340]\n\t"
+ "LDR r11, [%[a], #340]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #340]\n\t"
+ /* a[i+86] += m[86] * mu */
+ "LDR r12, [%[m], #344]\n\t"
+ "LDR r11, [%[a], #344]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #344]\n\t"
+ /* a[i+87] += m[87] * mu */
+ "LDR r12, [%[m], #348]\n\t"
+ "LDR r11, [%[a], #348]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #348]\n\t"
+ /* a[i+88] += m[88] * mu */
+ "LDR r12, [%[m], #352]\n\t"
+ "LDR r11, [%[a], #352]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #352]\n\t"
+ /* a[i+89] += m[89] * mu */
+ "LDR r12, [%[m], #356]\n\t"
+ "LDR r11, [%[a], #356]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #356]\n\t"
+ /* a[i+90] += m[90] * mu */
+ "LDR r12, [%[m], #360]\n\t"
+ "LDR r11, [%[a], #360]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #360]\n\t"
+ /* a[i+91] += m[91] * mu */
+ "LDR r12, [%[m], #364]\n\t"
+ "LDR r11, [%[a], #364]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #364]\n\t"
+ /* a[i+92] += m[92] * mu */
+ "LDR r12, [%[m], #368]\n\t"
+ "LDR r11, [%[a], #368]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #368]\n\t"
+ /* a[i+93] += m[93] * mu */
+ "LDR r12, [%[m], #372]\n\t"
+ "LDR r11, [%[a], #372]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #372]\n\t"
+ /* a[i+94] += m[94] * mu */
+ "LDR r12, [%[m], #376]\n\t"
+ "LDR r11, [%[a], #376]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #376]\n\t"
+ /* a[i+95] += m[95] * mu */
+ "LDR r12, [%[m], #380]\n\t"
+ "LDR r11, [%[a], #380]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #380]\n\t"
+ /* a[i+96] += m[96] * mu */
+ "LDR r12, [%[m], #384]\n\t"
+ "LDR r11, [%[a], #384]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #384]\n\t"
+ /* a[i+97] += m[97] * mu */
+ "LDR r12, [%[m], #388]\n\t"
+ "LDR r11, [%[a], #388]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #388]\n\t"
+ /* a[i+98] += m[98] * mu */
+ "LDR r12, [%[m], #392]\n\t"
+ "LDR r11, [%[a], #392]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #392]\n\t"
+ /* a[i+99] += m[99] * mu */
+ "LDR r12, [%[m], #396]\n\t"
+ "LDR r11, [%[a], #396]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #396]\n\t"
+ /* a[i+100] += m[100] * mu */
+ "LDR r12, [%[m], #400]\n\t"
+ "LDR r11, [%[a], #400]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #400]\n\t"
+ /* a[i+101] += m[101] * mu */
+ "LDR r12, [%[m], #404]\n\t"
+ "LDR r11, [%[a], #404]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #404]\n\t"
+ /* a[i+102] += m[102] * mu */
+ "LDR r12, [%[m], #408]\n\t"
+ "LDR r11, [%[a], #408]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #408]\n\t"
+ /* a[i+103] += m[103] * mu */
+ "LDR r12, [%[m], #412]\n\t"
+ "LDR r11, [%[a], #412]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #412]\n\t"
+ /* a[i+104] += m[104] * mu */
+ "LDR r12, [%[m], #416]\n\t"
+ "LDR r11, [%[a], #416]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #416]\n\t"
+ /* a[i+105] += m[105] * mu */
+ "LDR r12, [%[m], #420]\n\t"
+ "LDR r11, [%[a], #420]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #420]\n\t"
+ /* a[i+106] += m[106] * mu */
+ "LDR r12, [%[m], #424]\n\t"
+ "LDR r11, [%[a], #424]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #424]\n\t"
+ /* a[i+107] += m[107] * mu */
+ "LDR r12, [%[m], #428]\n\t"
+ "LDR r11, [%[a], #428]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #428]\n\t"
+ /* a[i+108] += m[108] * mu */
+ "LDR r12, [%[m], #432]\n\t"
+ "LDR r11, [%[a], #432]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #432]\n\t"
+ /* a[i+109] += m[109] * mu */
+ "LDR r12, [%[m], #436]\n\t"
+ "LDR r11, [%[a], #436]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #436]\n\t"
+ /* a[i+110] += m[110] * mu */
+ "LDR r12, [%[m], #440]\n\t"
+ "LDR r11, [%[a], #440]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #440]\n\t"
+ /* a[i+111] += m[111] * mu */
+ "LDR r12, [%[m], #444]\n\t"
+ "LDR r11, [%[a], #444]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #444]\n\t"
+ /* a[i+112] += m[112] * mu */
+ "LDR r12, [%[m], #448]\n\t"
+ "LDR r11, [%[a], #448]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #448]\n\t"
+ /* a[i+113] += m[113] * mu */
+ "LDR r12, [%[m], #452]\n\t"
+ "LDR r11, [%[a], #452]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #452]\n\t"
+ /* a[i+114] += m[114] * mu */
+ "LDR r12, [%[m], #456]\n\t"
+ "LDR r11, [%[a], #456]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #456]\n\t"
+ /* a[i+115] += m[115] * mu */
+ "LDR r12, [%[m], #460]\n\t"
+ "LDR r11, [%[a], #460]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #460]\n\t"
+ /* a[i+116] += m[116] * mu */
+ "LDR r12, [%[m], #464]\n\t"
+ "LDR r11, [%[a], #464]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #464]\n\t"
+ /* a[i+117] += m[117] * mu */
+ "LDR r12, [%[m], #468]\n\t"
+ "LDR r11, [%[a], #468]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #468]\n\t"
+ /* a[i+118] += m[118] * mu */
+ "LDR r12, [%[m], #472]\n\t"
+ "LDR r11, [%[a], #472]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #472]\n\t"
+ /* a[i+119] += m[119] * mu */
+ "LDR r12, [%[m], #476]\n\t"
+ "LDR r11, [%[a], #476]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #476]\n\t"
+ /* a[i+120] += m[120] * mu */
+ "LDR r12, [%[m], #480]\n\t"
+ "LDR r11, [%[a], #480]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #480]\n\t"
+ /* a[i+121] += m[121] * mu */
+ "LDR r12, [%[m], #484]\n\t"
+ "LDR r11, [%[a], #484]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #484]\n\t"
+ /* a[i+122] += m[122] * mu */
+ "LDR r12, [%[m], #488]\n\t"
+ "LDR r11, [%[a], #488]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #488]\n\t"
+ /* a[i+123] += m[123] * mu */
+ "LDR r12, [%[m], #492]\n\t"
+ "LDR r11, [%[a], #492]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #492]\n\t"
+ /* a[i+124] += m[124] * mu */
+ "LDR r12, [%[m], #496]\n\t"
+ "LDR r11, [%[a], #496]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #496]\n\t"
+ /* a[i+125] += m[125] * mu */
+ "LDR r12, [%[m], #500]\n\t"
+ "LDR r11, [%[a], #500]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #500]\n\t"
/* a[i+126] += m[126] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r12, [%[m], #504]\n\t"
+ "LDR r11, [%[a], #504]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #504]\n\t"
/* a[i+127] += m[127] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[127] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[127] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #504\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r12, [%[m], #508]\n\t"
+ "LDR r11, [%[a], #508]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #512]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #508]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #512]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x200\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_4096_mont_reduce_128_word\n\t"
+#else
+ "BLT.W L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - ca);
+ __asm__ __volatile__ (
+ "LDR r11, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r9, #0x0\n\t"
+ /* ca = 0 */
+ "MOV r3, #0x0\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_word:\n\t"
+ /* mu = a[i] * mp */
+ "LDR r10, [%[a]]\n\t"
+ "MUL r8, %[mp], r10\n\t"
+ /* j = 0 */
+ "MOV r12, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_4096_mont_reduce_128_mul:\n\t"
+ /* a[i+j+0] += m[j+0] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+1] += m[j+1] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+2] += m[j+2] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ /* a[i+j+3] += m[j+3] * mu */
+ "LDR r7, [%[m], r12]\n\t"
+ "LDR r10, [%[a], r12]\n\t"
+ "UMAAL r10, r4, r8, r7\n\t"
+ "STR r10, [%[a], r12]\n\t"
+ /* j += 1 */
+ "ADD r12, r12, #0x4\n\t"
+ "CMP r12, #0x200\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_4096_mont_reduce_128_mul\n\t"
+#else
+ "BLT.N L_sp_4096_mont_reduce_128_mul\n\t"
+#endif
+ "LDR r10, [%[a], #512]\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r3, r3, r3\n\t"
+ "STR r10, [%[a], #512]\n\t"
+ /* i += 1 */
+ "ADD r9, r9, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r9, #0x200\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_4096_mont_reduce_128_word\n\t"
+#else
+ "BLT.N L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+ /* Loop Done */
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
}
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -13150,7 +26594,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -13164,7 +26608,7 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -13180,39 +26624,44 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r5, #2\n\t"
- "lsl r5, r5, #8\n\t"
- "add r6, r6, r5\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r11, #0x0\n\t"
+ "ADD r12, %[a], #0x200\n\t"
+ "\n"
+ "L_sp_4096_sub_128_word:\n\t"
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC r11, r3, r3\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_4096_sub_128_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_4096_sub_128_word\n\t"
+#endif
+ "MOV %[r], r11\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#else
@@ -13222,342 +26671,253 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -13567,49 +26927,134 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)d1;
+}
+
+#else
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_4096_word_128_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_4096_word_128_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* Divide d in a and put remainder into r (m*d + r = a)
* m is not calculated as it is not needed at this time.
*
@@ -13619,8 +27064,8 @@ SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[256], t2[129];
sp_digit div, r1;
@@ -13682,6 +27127,7 @@ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const
}
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
+#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -13719,46 +27165,1457 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_4096_cmp_128(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add r6, r6, #252\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x1fc\n\t"
+ "\n"
+ "L_sp_4096_cmp_128_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_4096_cmp_128_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #508]\n\t"
+ "LDR r5, [%[b], #508]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #504]\n\t"
+ "LDR r5, [%[b], #504]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #500]\n\t"
+ "LDR r5, [%[b], #500]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #496]\n\t"
+ "LDR r5, [%[b], #496]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #492]\n\t"
+ "LDR r5, [%[b], #492]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #488]\n\t"
+ "LDR r5, [%[b], #488]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #484]\n\t"
+ "LDR r5, [%[b], #484]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #480]\n\t"
+ "LDR r5, [%[b], #480]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #476]\n\t"
+ "LDR r5, [%[b], #476]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #472]\n\t"
+ "LDR r5, [%[b], #472]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #468]\n\t"
+ "LDR r5, [%[b], #468]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #464]\n\t"
+ "LDR r5, [%[b], #464]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #460]\n\t"
+ "LDR r5, [%[b], #460]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #456]\n\t"
+ "LDR r5, [%[b], #456]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #452]\n\t"
+ "LDR r5, [%[b], #452]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #448]\n\t"
+ "LDR r5, [%[b], #448]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #444]\n\t"
+ "LDR r5, [%[b], #444]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #440]\n\t"
+ "LDR r5, [%[b], #440]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #436]\n\t"
+ "LDR r5, [%[b], #436]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #432]\n\t"
+ "LDR r5, [%[b], #432]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #428]\n\t"
+ "LDR r5, [%[b], #428]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #424]\n\t"
+ "LDR r5, [%[b], #424]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #420]\n\t"
+ "LDR r5, [%[b], #420]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #416]\n\t"
+ "LDR r5, [%[b], #416]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #412]\n\t"
+ "LDR r5, [%[b], #412]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #408]\n\t"
+ "LDR r5, [%[b], #408]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #404]\n\t"
+ "LDR r5, [%[b], #404]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #400]\n\t"
+ "LDR r5, [%[b], #400]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #396]\n\t"
+ "LDR r5, [%[b], #396]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #392]\n\t"
+ "LDR r5, [%[b], #392]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #388]\n\t"
+ "LDR r5, [%[b], #388]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #384]\n\t"
+ "LDR r5, [%[b], #384]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #380]\n\t"
+ "LDR r5, [%[b], #380]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #376]\n\t"
+ "LDR r5, [%[b], #376]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #372]\n\t"
+ "LDR r5, [%[b], #372]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #368]\n\t"
+ "LDR r5, [%[b], #368]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #364]\n\t"
+ "LDR r5, [%[b], #364]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #360]\n\t"
+ "LDR r5, [%[b], #360]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #356]\n\t"
+ "LDR r5, [%[b], #356]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #352]\n\t"
+ "LDR r5, [%[b], #352]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #348]\n\t"
+ "LDR r5, [%[b], #348]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #344]\n\t"
+ "LDR r5, [%[b], #344]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #340]\n\t"
+ "LDR r5, [%[b], #340]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #336]\n\t"
+ "LDR r5, [%[b], #336]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #332]\n\t"
+ "LDR r5, [%[b], #332]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #328]\n\t"
+ "LDR r5, [%[b], #328]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #324]\n\t"
+ "LDR r5, [%[b], #324]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #320]\n\t"
+ "LDR r5, [%[b], #320]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #316]\n\t"
+ "LDR r5, [%[b], #316]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #312]\n\t"
+ "LDR r5, [%[b], #312]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #308]\n\t"
+ "LDR r5, [%[b], #308]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #304]\n\t"
+ "LDR r5, [%[b], #304]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #300]\n\t"
+ "LDR r5, [%[b], #300]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #296]\n\t"
+ "LDR r5, [%[b], #296]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #292]\n\t"
+ "LDR r5, [%[b], #292]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #288]\n\t"
+ "LDR r5, [%[b], #288]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #284]\n\t"
+ "LDR r5, [%[b], #284]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #280]\n\t"
+ "LDR r5, [%[b], #280]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #276]\n\t"
+ "LDR r5, [%[b], #276]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #272]\n\t"
+ "LDR r5, [%[b], #272]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #268]\n\t"
+ "LDR r5, [%[b], #268]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #264]\n\t"
+ "LDR r5, [%[b], #264]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #260]\n\t"
+ "LDR r5, [%[b], #260]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #256]\n\t"
+ "LDR r5, [%[b], #256]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #252]\n\t"
+ "LDR r5, [%[b], #252]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #248]\n\t"
+ "LDR r5, [%[b], #248]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #244]\n\t"
+ "LDR r5, [%[b], #244]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #240]\n\t"
+ "LDR r5, [%[b], #240]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #236]\n\t"
+ "LDR r5, [%[b], #236]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #232]\n\t"
+ "LDR r5, [%[b], #232]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #228]\n\t"
+ "LDR r5, [%[b], #228]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #224]\n\t"
+ "LDR r5, [%[b], #224]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #220]\n\t"
+ "LDR r5, [%[b], #220]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #216]\n\t"
+ "LDR r5, [%[b], #216]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #212]\n\t"
+ "LDR r5, [%[b], #212]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #208]\n\t"
+ "LDR r5, [%[b], #208]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #204]\n\t"
+ "LDR r5, [%[b], #204]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #200]\n\t"
+ "LDR r5, [%[b], #200]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #196]\n\t"
+ "LDR r5, [%[b], #196]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #192]\n\t"
+ "LDR r5, [%[b], #192]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #188]\n\t"
+ "LDR r5, [%[b], #188]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #184]\n\t"
+ "LDR r5, [%[b], #184]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #180]\n\t"
+ "LDR r5, [%[b], #180]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #176]\n\t"
+ "LDR r5, [%[b], #176]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #172]\n\t"
+ "LDR r5, [%[b], #172]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #168]\n\t"
+ "LDR r5, [%[b], #168]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #164]\n\t"
+ "LDR r5, [%[b], #164]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #160]\n\t"
+ "LDR r5, [%[b], #160]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #156]\n\t"
+ "LDR r5, [%[b], #156]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #152]\n\t"
+ "LDR r5, [%[b], #152]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #148]\n\t"
+ "LDR r5, [%[b], #148]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #144]\n\t"
+ "LDR r5, [%[b], #144]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #140]\n\t"
+ "LDR r5, [%[b], #140]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #136]\n\t"
+ "LDR r5, [%[b], #136]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #132]\n\t"
+ "LDR r5, [%[b], #132]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #128]\n\t"
+ "LDR r5, [%[b], #128]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #124]\n\t"
+ "LDR r5, [%[b], #124]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "LDR r5, [%[b], #120]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "LDR r5, [%[b], #116]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "LDR r5, [%[b], #112]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "LDR r5, [%[b], #108]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "LDR r5, [%[b], #104]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "LDR r5, [%[b], #100]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "LDR r5, [%[b], #96]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "LDR r5, [%[b], #92]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "LDR r5, [%[b], #88]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "LDR r5, [%[b], #84]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "LDR r5, [%[b], #80]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "LDR r5, [%[b], #76]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "LDR r5, [%[b], #72]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "LDR r5, [%[b], #68]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Divide d in a and put remainder into r (m*d + r = a)
@@ -13770,8 +28627,8 @@ SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a, const sp_digit* b
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[256], t2[129];
sp_digit div, r1;
@@ -13816,6 +28673,7 @@ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_di
return sp_4096_div_128(a, m, NULL, r);
}
+#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
defined(WOLFSSL_HAVE_SP_DH)
#ifdef WOLFSSL_SP_SMALL
@@ -14279,6 +29137,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
}
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -14287,40 +29146,304 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
* b A single precision number to add.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b,
- sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #1\n\t"
- "lsl r5, r5, #8\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "adds r5, %[c], #-1\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "adcs r5, r5, r6\n\t"
- "mov %[c], #0\n\t"
- "adcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_4096_cond_add_64_words:\n\t"
+ "ADDS r5, r5, #0xffffffff\n\t"
+ "LDR r6, [%[a], r4]\n\t"
+ "LDR r7, [%[b], r4]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "ADCS r6, r6, r7\n\t"
+ "ADC r5, r8, r8\n\t"
+ "STR r6, [%[r], r4]\n\t"
+ "ADD r4, r4, #0x4\n\t"
+ "CMP r4, #0x100\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_4096_cond_add_64_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_4096_cond_add_64_words\n\t"
+#endif
+ "MOV %[r], r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r A single precision number representing conditional add result.
+ * a A single precision number to add with.
+ * b A single precision number to add.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r10, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADDS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "ADC %[r], r10, r10\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
/* RSA private key operation.
*
* in Array of bytes representing the number to exponentiate, base.
@@ -14635,798 +29758,791 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
#ifdef WOLFSSL_HAVE_SP_DH
#ifdef HAVE_FFDHE_4096
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
static void sp_4096_lshift_128(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r6, #31\n\t"
- "sub r6, r6, %[n]\n\t"
- "add %[a], %[a], #448\n\t"
- "add %[r], %[r], #448\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "lsr r4, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r4, r4, r6\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r4, [%[a], #60]\n\t"
- "str r3, [%[r], #68]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #56]\n\t"
- "str r2, [%[r], #64]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #52]\n\t"
- "str r4, [%[r], #60]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #48]\n\t"
- "str r3, [%[r], #56]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #44]\n\t"
- "str r2, [%[r], #52]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "str r4, [%[r], #48]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #36]\n\t"
- "str r3, [%[r], #44]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #32]\n\t"
- "str r2, [%[r], #40]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "str r4, [%[r], #36]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #24]\n\t"
- "str r3, [%[r], #32]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #20]\n\t"
- "str r2, [%[r], #28]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "str r4, [%[r], #24]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "str r3, [%[r], #20]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "str r2, [%[r], #16]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "str r4, [%[r], #12]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #0]\n\t"
- "str r3, [%[r], #8]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "str r2, [%[r], #68]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r4, [%[a], #60]\n\t"
- "str r3, [%[r], #68]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #56]\n\t"
- "str r2, [%[r], #64]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #52]\n\t"
- "str r4, [%[r], #60]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #48]\n\t"
- "str r3, [%[r], #56]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #44]\n\t"
- "str r2, [%[r], #52]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "str r4, [%[r], #48]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #36]\n\t"
- "str r3, [%[r], #44]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #32]\n\t"
- "str r2, [%[r], #40]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "str r4, [%[r], #36]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #24]\n\t"
- "str r3, [%[r], #32]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #20]\n\t"
- "str r2, [%[r], #28]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "str r4, [%[r], #24]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "str r3, [%[r], #20]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "str r2, [%[r], #16]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "str r4, [%[r], #12]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #0]\n\t"
- "str r3, [%[r], #8]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "str r2, [%[r], #68]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "sub %[a], %[a], #64\n\t"
- "sub %[r], %[r], #64\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "str r2, [%[r]]\n\t"
- "str r3, [%[r], #4]\n\t"
+ "RSB r7, %[n], #0x1f\n\t"
+ "LDR r5, [%[a], #508]\n\t"
+ "LSR r6, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r6, r6, r7\n\t"
+ "LDR r4, [%[a], #504]\n\t"
+ "STR r6, [%[r], #512]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #500]\n\t"
+ "STR r5, [%[r], #508]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #496]\n\t"
+ "STR r4, [%[r], #504]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #492]\n\t"
+ "STR r6, [%[r], #500]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #488]\n\t"
+ "STR r5, [%[r], #496]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #484]\n\t"
+ "STR r4, [%[r], #492]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #480]\n\t"
+ "STR r6, [%[r], #488]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #476]\n\t"
+ "STR r5, [%[r], #484]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #472]\n\t"
+ "STR r4, [%[r], #480]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #468]\n\t"
+ "STR r6, [%[r], #476]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #464]\n\t"
+ "STR r5, [%[r], #472]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #460]\n\t"
+ "STR r4, [%[r], #468]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #456]\n\t"
+ "STR r6, [%[r], #464]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #452]\n\t"
+ "STR r5, [%[r], #460]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #448]\n\t"
+ "STR r4, [%[r], #456]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #444]\n\t"
+ "STR r6, [%[r], #452]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #440]\n\t"
+ "STR r5, [%[r], #448]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #436]\n\t"
+ "STR r4, [%[r], #444]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #432]\n\t"
+ "STR r6, [%[r], #440]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #428]\n\t"
+ "STR r5, [%[r], #436]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #424]\n\t"
+ "STR r4, [%[r], #432]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #420]\n\t"
+ "STR r6, [%[r], #428]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #416]\n\t"
+ "STR r5, [%[r], #424]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #412]\n\t"
+ "STR r4, [%[r], #420]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #408]\n\t"
+ "STR r6, [%[r], #416]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #404]\n\t"
+ "STR r5, [%[r], #412]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #400]\n\t"
+ "STR r4, [%[r], #408]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #396]\n\t"
+ "STR r6, [%[r], #404]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #392]\n\t"
+ "STR r5, [%[r], #400]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #388]\n\t"
+ "STR r4, [%[r], #396]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #384]\n\t"
+ "STR r6, [%[r], #392]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #380]\n\t"
+ "STR r5, [%[r], #388]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #376]\n\t"
+ "STR r4, [%[r], #384]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #372]\n\t"
+ "STR r6, [%[r], #380]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #368]\n\t"
+ "STR r5, [%[r], #376]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #364]\n\t"
+ "STR r4, [%[r], #372]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #360]\n\t"
+ "STR r6, [%[r], #368]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #356]\n\t"
+ "STR r5, [%[r], #364]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #352]\n\t"
+ "STR r4, [%[r], #360]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #348]\n\t"
+ "STR r6, [%[r], #356]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #344]\n\t"
+ "STR r5, [%[r], #352]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #340]\n\t"
+ "STR r4, [%[r], #348]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #336]\n\t"
+ "STR r6, [%[r], #344]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #332]\n\t"
+ "STR r5, [%[r], #340]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #328]\n\t"
+ "STR r4, [%[r], #336]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #324]\n\t"
+ "STR r6, [%[r], #332]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #320]\n\t"
+ "STR r5, [%[r], #328]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #316]\n\t"
+ "STR r4, [%[r], #324]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #312]\n\t"
+ "STR r6, [%[r], #320]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #308]\n\t"
+ "STR r5, [%[r], #316]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #304]\n\t"
+ "STR r4, [%[r], #312]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #300]\n\t"
+ "STR r6, [%[r], #308]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #296]\n\t"
+ "STR r5, [%[r], #304]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #292]\n\t"
+ "STR r4, [%[r], #300]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #288]\n\t"
+ "STR r6, [%[r], #296]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #284]\n\t"
+ "STR r5, [%[r], #292]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #280]\n\t"
+ "STR r4, [%[r], #288]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #276]\n\t"
+ "STR r6, [%[r], #284]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #272]\n\t"
+ "STR r5, [%[r], #280]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #268]\n\t"
+ "STR r4, [%[r], #276]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #264]\n\t"
+ "STR r6, [%[r], #272]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #260]\n\t"
+ "STR r5, [%[r], #268]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #256]\n\t"
+ "STR r4, [%[r], #264]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #252]\n\t"
+ "STR r6, [%[r], #260]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #248]\n\t"
+ "STR r5, [%[r], #256]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #244]\n\t"
+ "STR r4, [%[r], #252]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #240]\n\t"
+ "STR r6, [%[r], #248]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #236]\n\t"
+ "STR r5, [%[r], #244]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #232]\n\t"
+ "STR r4, [%[r], #240]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #228]\n\t"
+ "STR r6, [%[r], #236]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #224]\n\t"
+ "STR r5, [%[r], #232]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #220]\n\t"
+ "STR r4, [%[r], #228]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #216]\n\t"
+ "STR r6, [%[r], #224]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #212]\n\t"
+ "STR r5, [%[r], #220]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #208]\n\t"
+ "STR r4, [%[r], #216]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #204]\n\t"
+ "STR r6, [%[r], #212]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #200]\n\t"
+ "STR r5, [%[r], #208]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #196]\n\t"
+ "STR r4, [%[r], #204]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #192]\n\t"
+ "STR r6, [%[r], #200]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #188]\n\t"
+ "STR r5, [%[r], #196]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #184]\n\t"
+ "STR r4, [%[r], #192]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #180]\n\t"
+ "STR r6, [%[r], #188]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #176]\n\t"
+ "STR r5, [%[r], #184]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #172]\n\t"
+ "STR r4, [%[r], #180]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #168]\n\t"
+ "STR r6, [%[r], #176]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #164]\n\t"
+ "STR r5, [%[r], #172]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #160]\n\t"
+ "STR r4, [%[r], #168]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #156]\n\t"
+ "STR r6, [%[r], #164]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #152]\n\t"
+ "STR r5, [%[r], #160]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #148]\n\t"
+ "STR r4, [%[r], #156]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #144]\n\t"
+ "STR r6, [%[r], #152]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #140]\n\t"
+ "STR r5, [%[r], #148]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #136]\n\t"
+ "STR r4, [%[r], #144]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #132]\n\t"
+ "STR r6, [%[r], #140]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #128]\n\t"
+ "STR r5, [%[r], #136]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #124]\n\t"
+ "STR r4, [%[r], #132]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "STR r6, [%[r], #128]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #116]\n\t"
+ "STR r5, [%[r], #124]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #112]\n\t"
+ "STR r4, [%[r], #120]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "STR r6, [%[r], #116]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #104]\n\t"
+ "STR r5, [%[r], #112]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #100]\n\t"
+ "STR r4, [%[r], #108]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "STR r6, [%[r], #104]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #92]\n\t"
+ "STR r5, [%[r], #100]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #88]\n\t"
+ "STR r4, [%[r], #96]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "STR r6, [%[r], #92]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #80]\n\t"
+ "STR r5, [%[r], #88]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #76]\n\t"
+ "STR r4, [%[r], #84]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "STR r6, [%[r], #80]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #68]\n\t"
+ "STR r5, [%[r], #76]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #64]\n\t"
+ "STR r4, [%[r], #72]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "STR r6, [%[r], #68]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #56]\n\t"
+ "STR r5, [%[r], #64]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #52]\n\t"
+ "STR r4, [%[r], #60]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "STR r6, [%[r], #56]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #44]\n\t"
+ "STR r5, [%[r], #52]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #40]\n\t"
+ "STR r4, [%[r], #48]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "STR r6, [%[r], #44]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #32]\n\t"
+ "STR r5, [%[r], #40]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #28]\n\t"
+ "STR r4, [%[r], #36]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "STR r6, [%[r], #32]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #20]\n\t"
+ "STR r5, [%[r], #28]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #16]\n\t"
+ "STR r4, [%[r], #24]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "STR r6, [%[r], #20]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #8]\n\t"
+ "STR r5, [%[r], #16]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "STR r4, [%[r], #12]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "STR r6, [%[r], #8]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "STR r4, [%[r]]\n\t"
+ "STR r5, [%[r], #4]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : [r] "r" (r), [a] "r" (a), [n] "r" (n)
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
);
}
@@ -15712,1032 +30828,1159 @@ static const sp_digit p256_b[8] = {
};
#endif
+#ifdef WOLFSSL_SP_SMALL
/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x40\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_256_mul_8_outer:\n\t"
+ "SUBS r3, r5, #0x1c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_256_mul_8_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_256_mul_8_inner_done\n\t"
+#else
+ "BGT.N L_sp_256_mul_8_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_256_mul_8_inner\n\t"
+#else
+ "BLT.N L_sp_256_mul_8_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_256_mul_8_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x34\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLE L_sp_256_mul_8_outer\n\t"
+#else
+ "BLE.N L_sp_256_mul_8_outer\n\t"
+#endif
+ "LDR lr, [%[a], #28]\n\t"
+ "LDR r11, [%[b], #28]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_256_mul_8_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_256_mul_8_store\n\t"
+#else
+ "BGT.N L_sp_256_mul_8_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
+ );
+}
+
+#else
+#ifdef WOLFSSL_SP_NO_UMAAL
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[8];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
+ "SUB sp, sp, #0x24\n\t"
+ "STR %[r], [sp, #32]\n\t"
+ "MOV %[r], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
/* A[0] * B[0] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "mov r5, #0\n\t"
- "str r3, [%[tmp], #0]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "UMULL r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "UMULL r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "UMULL r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "UMULL r9, r10, r12, lr\n\t"
+ "STR r3, [sp]\n\t"
/* A[0] * B[1] */
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r8\n\t"
+ "LDR lr, [%[b], #4]\n\t"
+ "MOV r11, %[r]\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r3, %[r], #0x0\n\t"
+ "UMLAL r10, r3, r12, lr\n\t"
/* A[1] * B[0] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #4]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * B[2] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[1] * B[1] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * B[0] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[tmp], #8]\n\t"
- "mov r5, #0\n\t"
- /* A[0] * B[3] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[1] * B[2] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * B[1] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * B[0] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[tmp], #12]\n\t"
- "mov r3, #0\n\t"
- /* A[0] * B[4] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[1] * B[3] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[2] * B[2] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[3] * B[1] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[4] * B[0] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #16]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * B[5] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[1] * B[4] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[2] * B[3] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[2] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * B[1] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[5] * B[0] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[tmp], #20]\n\t"
- "mov r5, #0\n\t"
- /* A[0] * B[6] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
/* A[1] * B[5] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[2] * B[4] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[3] * B[3] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[4] * B[2] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[1] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * B[0] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[tmp], #24]\n\t"
- "mov r3, #0\n\t"
- /* A[0] * B[7] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
/* A[1] * B[6] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[2] * B[5] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[3] * B[4] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[4] * B[3] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[5] * B[2] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[6] * B[1] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[7] * B[0] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #28]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[1] * B[7] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r4, %[r], #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "STR r5, [sp, #8]\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[2] * B[6] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[3] * B[5] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[4] * B[4] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[5] * B[3] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[6] * B[2] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[7] * B[1] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[r], #32]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[2] * B[7] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r5, %[r], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[3] * B[6] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[4] * B[5] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[5] * B[4] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * B[3] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[7] * B[2] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[r], #36]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[3] * B[7] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r6, %[r], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[4] * B[6] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[5] * B[5] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[6] * B[4] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- /* A[7] * B[3] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[r], #40]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[4] * B[7] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r7, %[r], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[5] * B[6] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[6] * B[5] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[7] * B[4] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[r], #44]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[5] * B[7] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r8, %[r], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[6] * B[6] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[7] * B[5] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[r], #48]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[6] * B[7] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r9, %[r], #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "LDR r12, [%[a], #28]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[7] * B[6] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[r], #52]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
/* A[7] * B[7] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r8\n\t"
- "str r5, [%[r], #56]\n\t"
- "str r3, [%[r], #60]\n\t"
- /* Transfer tmp to r */
- "ldr r3, [%[tmp], #0]\n\t"
- "ldr r4, [%[tmp], #4]\n\t"
- "ldr r5, [%[tmp], #8]\n\t"
- "ldr r6, [%[tmp], #12]\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "ldr r3, [%[tmp], #16]\n\t"
- "ldr r4, [%[tmp], #20]\n\t"
- "ldr r5, [%[tmp], #24]\n\t"
- "ldr r6, [%[tmp], #28]\n\t"
- "str r3, [%[r], #16]\n\t"
- "str r4, [%[r], #20]\n\t"
- "str r5, [%[r], #24]\n\t"
- "str r6, [%[r], #28]\n\t"
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r10, %[r], #0x0\n\t"
+ "UMLAL r9, r10, r12, lr\n\t"
+ "LDR %[r], [sp, #32]\n\t"
+ "ADD %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "SUB %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD sp, sp, #0x24\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+}
+
+#else
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x2c\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "STRD %[r], %[a], [sp, #36]\n\t"
+#else
+ "STR %[r], [sp, #36]\n\t"
+ "STR %[a], [sp, #40]\n\t"
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[b]\n\t"
+ "LDM %[a], {r0, r1, r2, r3}\n\t"
+ "LDM lr!, {r4, r5, r6}\n\t"
+ "UMULL r10, r11, r0, r4\n\t"
+ "UMULL r12, r7, r1, r4\n\t"
+ "UMAAL r11, r12, r0, r5\n\t"
+ "UMULL r8, r9, r2, r4\n\t"
+ "UMAAL r12, r8, r1, r5\n\t"
+ "UMAAL r12, r7, r0, r6\n\t"
+ "UMAAL r8, r9, r3, r4\n\t"
+ "STM sp, {r10, r11, r12}\n\t"
+ "UMAAL r7, r8, r2, r5\n\t"
+ "LDM lr!, {r4}\n\t"
+ "UMULL r10, r11, r1, r6\n\t"
+ "UMAAL r8, r9, r2, r6\n\t"
+ "UMAAL r7, r10, r0, r4\n\t"
+ "UMAAL r8, r11, r3, r5\n\t"
+ "STR r7, [sp, #12]\n\t"
+ "UMAAL r8, r10, r1, r4\n\t"
+ "UMAAL r9, r11, r3, r6\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "UMAAL r10, r11, r3, r4\n\t"
+ "LDM lr, {r4, r5, r6, r7}\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMLAL r8, r12, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r10, r12, r2, r4\n\t"
+ "UMAAL r11, r12, r3, r4\n\t"
+ "MOV r4, #0x0\n\t"
+ "UMLAL r9, r4, r0, r5\n\t"
+ "UMAAL r10, r4, r1, r5\n\t"
+ "UMAAL r11, r4, r2, r5\n\t"
+ "UMAAL r12, r4, r3, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r0, r6\n\t"
+ "UMAAL r11, r5, r1, r6\n\t"
+ "UMAAL r12, r5, r2, r6\n\t"
+ "UMAAL r4, r5, r3, r6\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r11, r6, r0, r7\n\t"
+ "LDR r0, [sp, #40]\n\t"
+ "UMAAL r12, r6, r1, r7\n\t"
+ "ADD r0, r0, #0x10\n\t"
+ "UMAAL r4, r6, r2, r7\n\t"
+ "SUB lr, lr, #0x10\n\t"
+ "UMAAL r5, r6, r3, r7\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "STR r6, [sp, #32]\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r8, r7, r0, r6\n\t"
+ "UMAAL r9, r7, r1, r6\n\t"
+ "STR r8, [sp, #16]\n\t"
+ "UMAAL r10, r7, r2, r6\n\t"
+ "UMAAL r11, r7, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r8, #0x0\n\t"
+ "UMLAL r9, r8, r0, r6\n\t"
+ "UMAAL r10, r8, r1, r6\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "UMAAL r11, r8, r2, r6\n\t"
+ "UMAAL r12, r8, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r10, r9, r0, r6\n\t"
+ "UMAAL r11, r9, r1, r6\n\t"
+ "STR r10, [sp, #24]\n\t"
+ "UMAAL r12, r9, r2, r6\n\t"
+ "UMAAL r4, r9, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r10, #0x0\n\t"
+ "UMLAL r11, r10, r0, r6\n\t"
+ "UMAAL r12, r10, r1, r6\n\t"
+ "STR r11, [sp, #28]\n\t"
+ "UMAAL r4, r10, r2, r6\n\t"
+ "UMAAL r5, r10, r3, r6\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r12, r7, r0, r11\n\t"
+ "UMAAL r4, r7, r1, r11\n\t"
+ "LDR r6, [sp, #32]\n\t"
+ "UMAAL r5, r7, r2, r11\n\t"
+ "UMAAL r6, r7, r3, r11\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r4, r8, r0, r11\n\t"
+ "UMAAL r5, r8, r1, r11\n\t"
+ "UMAAL r6, r8, r2, r11\n\t"
+ "UMAAL r7, r8, r3, r11\n\t"
+ "LDM lr, {r11, lr}\n\t"
+ "UMAAL r5, r9, r0, r11\n\t"
+ "UMAAL r6, r10, r0, lr\n\t"
+ "UMAAL r6, r9, r1, r11\n\t"
+ "UMAAL r7, r10, r1, lr\n\t"
+ "UMAAL r7, r9, r2, r11\n\t"
+ "UMAAL r8, r10, r2, lr\n\t"
+ "UMAAL r8, r9, r3, r11\n\t"
+ "UMAAL r9, r10, r3, lr\n\t"
+ "MOV r3, r12\n\t"
+ "LDR lr, [sp, #36]\n\t"
+ "ADD lr, lr, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "SUB lr, lr, #0x20\n\t"
+ "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD sp, sp, #0x2c\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
+/* Square a and put result in r. (r = a * a)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x40\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_256_sqr_8_outer:\n\t"
+ "SUBS r3, r5, #0x1c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_256_sqr_8_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_256_sqr_8_inner_done\n\t"
+#else
+ "BGT.N L_sp_256_sqr_8_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_256_sqr_8_inner\n\t"
+#else
+ "BLT.N L_sp_256_sqr_8_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_256_sqr_8_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x34\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLE L_sp_256_sqr_8_outer\n\t"
+#else
+ "BLE.N L_sp_256_sqr_8_outer\n\t"
+#endif
+ "LDR lr, [%[a], #28]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_256_sqr_8_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_256_sqr_8_store\n\t"
+#else
+ "BGT.N L_sp_256_sqr_8_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [tmp] "r" (tmp)
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
+#else
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[8];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- /* A[0] * A[0] */
- "ldr r6, [%[a], #0]\n\t"
- "umull r3, r4, r6, r6\n\t"
- "mov r5, #0\n\t"
- "str r3, [%[tmp], #0]\n\t"
- "mov r3, #0\n\t"
+ "SUB sp, sp, #0x44\n\t"
+ "STR %[r], [sp, #64]\n\t"
+ "MOV %[r], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
/* A[0] * A[1] */
- "ldr r8, [%[a], #4]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[tmp], #4]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * A[2] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- /* A[1] * A[1] */
- "ldr r6, [%[a], #4]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[tmp], #8]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[a], #4]\n\t"
+ "UMULL r4, r5, r12, lr\n\t"
/* A[0] * A[3] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
- /* A[1] * A[2] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #8]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adc r5, r5, r11\n\t"
- "str r3, [%[tmp], #12]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "UMULL r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "UMULL r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "UMULL r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "LDR lr, [%[a], #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[0] * A[4] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[a], #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[1] * A[3] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[2] */
- "ldr r6, [%[a], #8]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adc r3, r3, r11\n\t"
- "str r4, [%[tmp], #16]\n\t"
- "mov r4, #0\n\t"
- /* A[0] * A[5] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[1] * A[4] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[3] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r5, r5, r9\n\t"
- "adcs r3, r3, r10\n\t"
- "adc r4, r4, r11\n\t"
- "str r5, [%[tmp], #20]\n\t"
- "mov r5, #0\n\t"
- /* A[0] * A[6] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
/* A[1] * A[5] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[4] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[3] * A[3] */
- "ldr r6, [%[a], #12]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adc r5, r5, r11\n\t"
- "str r3, [%[tmp], #24]\n\t"
- "mov r3, #0\n\t"
- /* A[0] * A[7] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
/* A[1] * A[6] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[2] * A[5] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[3] * A[4] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adc r3, r3, r11\n\t"
- "str r4, [%[tmp], #28]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[1] * A[7] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r4, %[r], #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "LDR lr, [%[a], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
/* A[2] * A[6] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[3] * A[5] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[4] * A[4] */
- "ldr r6, [%[a], #16]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r5, r5, r9\n\t"
- "adcs r3, r3, r10\n\t"
- "adc r4, r4, r11\n\t"
- "str r5, [%[r], #32]\n\t"
- "mov r5, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[2] * A[7] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r5, %[r], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
/* A[3] * A[6] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[4] * A[5] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adc r5, r5, r11\n\t"
- "str r3, [%[r], #36]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[3] * A[7] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "mov r11, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r6, %[r], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[a], #20]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
/* A[4] * A[6] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r9, r9, r6\n\t"
- "adcs r10, r10, r8\n\t"
- "adc r11, r11, #0\n\t"
- /* A[5] * A[5] */
- "ldr r6, [%[a], #20]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "adds r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adc r11, r11, r11\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adc r3, r3, r11\n\t"
- "str r4, [%[r], #40]\n\t"
- "mov r4, #0\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
/* A[4] * A[7] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r7, %[r], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
/* A[5] * A[6] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r3, r3, r8\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [%[r], #44]\n\t"
- "mov r5, #0\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
/* A[5] * A[7] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[6] * A[6] */
- "ldr r6, [%[a], #24]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- "str r3, [%[r], #48]\n\t"
- "mov r3, #0\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r8, %[r], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
/* A[6] * A[7] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r3, r3, #0\n\t"
- "str r4, [%[r], #52]\n\t"
- "mov r4, #0\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "STM lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADC r10, %[r], #0x0\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV lr, sp\n\t"
+ /* A[0] * A[0] */
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "LDR r12, [%[a], #4]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "LDR r12, [%[a], #8]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "LDR r12, [%[a], #12]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, r12\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "LDR r12, [%[a], #16]\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "LDR r12, [%[a], #20]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "LDR r12, [%[a], #24]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
/* A[7] * A[7] */
- "ldr r6, [%[a], #28]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r5, r5, r6\n\t"
- "adc r3, r3, r8\n\t"
- "str r5, [%[r], #56]\n\t"
- "str r3, [%[r], #60]\n\t"
- /* Transfer tmp to r */
- "ldr r3, [%[tmp], #0]\n\t"
- "ldr r4, [%[tmp], #4]\n\t"
- "ldr r5, [%[tmp], #8]\n\t"
- "ldr r6, [%[tmp], #12]\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "ldr r3, [%[tmp], #16]\n\t"
- "ldr r4, [%[tmp], #20]\n\t"
- "ldr r5, [%[tmp], #24]\n\t"
- "ldr r6, [%[tmp], #28]\n\t"
- "str r3, [%[r], #16]\n\t"
- "str r4, [%[r], #20]\n\t"
- "str r5, [%[r], #24]\n\t"
- "str r6, [%[r], #28]\n\t"
- :
- : [r] "r" (r), [a] "r" (a), [tmp] "r" (tmp)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11"
- );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- sp_digit c = 0;
-
- __asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #32\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
-#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDR r12, [%[a], #28]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r12, r12\n\t"
+ "LDR %[r], [sp, #64]\n\t"
+ "ADD %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "SUB %[r], %[r], #0x20\n\t"
+ "STM %[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
-
- return c;
}
#else
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
- * b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
+SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "SUB sp, sp, #0x20\n\t"
+ "STR %[r], [sp, #28]\n\t"
+ "LDM %[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "UMULL r9, r10, r0, r0\n\t"
+ "UMULL r11, r12, r0, r1\n\t"
+ "ADDS r11, r11, r11\n\t"
+ "MOV lr, #0x0\n\t"
+ "UMAAL r10, r11, lr, lr\n\t"
+ "STM sp, {r9, r10}\n\t"
+ "MOV r8, lr\n\t"
+ "UMAAL r8, r12, r0, r2\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r8, r11, r1, r1\n\t"
+ "UMULL r9, r10, r0, r3\n\t"
+ "UMAAL r9, r12, r1, r2\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STRD r8, r9, [sp, #8]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r10, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r2, r2\n\t"
+ "STR r9, [sp, #16]\n\t"
+ "UMULL r9, r8, r0, r5\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r9, r10, r2, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r8, r0, r6\n\t"
+ "UMAAL r9, r12, r1, r5\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r3, r3\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "UMULL r0, r9, r0, r7\n\t"
+ "UMAAL r0, r8, r1, r6\n\t"
+ "UMAAL r0, r12, r2, r5\n\t"
+ "UMAAL r0, r10, r3, r4\n\t"
+ "ADCS r0, r0, r0\n\t"
+ "UMAAL r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "UMAAL r9, r8, r1, r7\n\t"
+ "UMAAL r9, r10, r2, r6\n\t"
+ "UMAAL r12, r9, r3, r5\n\t"
+ "ADCS r12, r12, r12\n\t"
+ "UMAAL r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "UMAAL r9, r8, r2, r7\n\t"
+ "UMAAL r10, r9, r3, r6\n\t"
+ "MOV r2, lr\n\t"
+ "UMAAL r10, r2, r4, r5\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "UMAAL r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "UMAAL r2, r8, r3, r7\n\t"
+ "UMAAL r2, r9, r4, r6\n\t"
+ "ADCS r3, r2, r2\n\t"
+ "UMAAL r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "MOV r1, lr\n\t"
+ "UMAAL r1, r8, r4, r7\n\t"
+ "UMAAL r1, r9, r5, r6\n\t"
+ "ADCS r4, r1, r1\n\t"
+ "UMAAL r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "UMAAL r8, r9, r5, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "MOV r5, lr\n\t"
+ "UMAAL r5, r9, r6, r7\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "UMAAL r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r5, r7, r7\n\t"
+ "ADCS r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ "LDR lr, [sp, #28]\n\t"
+ "ADD lr, lr, #0x1c\n\t"
+ "STM lr!, {r0, r12}\n\t"
+ "STM lr!, {r11}\n\t"
+ "STM lr!, {r10}\n\t"
+ "STM lr!, {r3, r4, r8, r9}\n\t"
+ "STM lr!, {r7}\n\t"
+ "SUB lr, lr, #0x40\n\t"
+ "LDM sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+ "STM lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+ "ADD sp, sp, #0x20\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
-
- return c;
}
+#endif /* WOLFSSL_SP_NO_UMAAL */
#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "add r6, r6, #32\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x20\n\t"
+ "\n"
+ "L_sp_256_add_8_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_256_add_8_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_256_add_8_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#else
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -16747,258 +31990,244 @@ SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
* a The number to convert.
* m The modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_256_mod_mul_norm_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
static int sp_256_mod_mul_norm_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "sub sp, sp, #24\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #12]\n\t"
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "ldr r9, [%[a], #24]\n\t"
- "ldr r10, [%[a], #28]\n\t"
+ "SUB sp, sp, #0x18\n\t"
+ "LDM %[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
/* Clear overflow and underflow */
- "mov r14, #0\n\t"
- "mov r12, #0\n\t"
+ "MOV r11, #0x0\n\t"
+ "MOV r12, #0x0\n\t"
/* t[0] = 1 1 0 -1 -1 -1 -1 0 */
- "adds r11, r2, r3\n\t"
- "adc r14, r14, #0\n\t"
- "subs r11, r11, r5\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r6\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r8\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r9\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r10, r2, r3\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "SUBS r10, r10, r5\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r6\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r7\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r8\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[0] */
- "str r11, [sp, #0]\n\t"
- "neg r12, r12\n\t"
- "mov r11, #0\n\t"
+ "STR r10, [sp]\n\t"
+ "neg r12, r12\n\t"
+ "MOV r10, #0x0\n\t"
/* t[1] = 0 1 1 0 -1 -1 -1 -1 */
- "adds r14, r14, r3\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r4\n\t"
- "adc r11, r11, #0\n\t"
- "subs r14, r14, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r6\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r8\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r9\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r10\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r11, r11, r3\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r4\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "SUBS r11, r11, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r11, r11, r6\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r7\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r8\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r9\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[1] */
- "str r14, [sp, #4]\n\t"
- "neg r12, r12\n\t"
- "mov r14, #0\n\t"
+ "STR r11, [sp, #4]\n\t"
+ "neg r12, r12\n\t"
+ "MOV r11, #0x0\n\t"
/* t[2] = 0 0 1 1 0 -1 -1 -1 */
- "adds r11, r11, r4\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r5\n\t"
- "adc r14, r14, #0\n\t"
- "subs r11, r11, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r8\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r9\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r10\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r10, r10, r4\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r5\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "SUBS r10, r10, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r10, r10, r7\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r8\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r9\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[2] */
- "str r11, [sp, #8]\n\t"
- "neg r12, r12\n\t"
- "mov r11, #0\n\t"
+ "STR r10, [sp, #8]\n\t"
+ "neg r12, r12\n\t"
+ "MOV r10, #0x0\n\t"
/* t[3] = -1 -1 0 2 2 1 0 -1 */
- "adds r14, r14, r5\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r5\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r6\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r6\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r8\n\t"
- "adc r11, r11, #0\n\t"
- "subs r14, r14, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r2\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r3\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r10\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r6\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r6\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r7\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "SUBS r11, r11, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r11, r11, r2\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r3\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r9\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[3] */
- "str r14, [sp, #12]\n\t"
- "neg r12, r12\n\t"
- "mov r14, #0\n\t"
+ "STR r11, [sp, #12]\n\t"
+ "neg r12, r12\n\t"
+ "MOV r11, #0x0\n\t"
/* t[4] = 0 -1 -1 0 2 2 1 0 */
- "adds r11, r11, r6\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r6\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r8\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r8\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r9\n\t"
- "adc r14, r14, #0\n\t"
- "subs r11, r11, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r3\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r4\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r10, r10, r6\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r6\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r7\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r7\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r8\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "SUBS r10, r10, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r10, r10, r3\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r4\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[4] */
- "str r11, [sp, #16]\n\t"
- "neg r12, r12\n\t"
- "mov r11, #0\n\t"
+ "STR r10, [sp, #16]\n\t"
+ "neg r12, r12\n\t"
+ "MOV r10, #0x0\n\t"
/* t[5] = 0 0 -1 -1 0 2 2 1 */
- "adds r14, r14, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r8\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r9\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r9\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r10\n\t"
- "adc r11, r11, #0\n\t"
- "subs r14, r14, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r4\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r5\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r11, r11, r7\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r7\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r8\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r8\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r9\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "SUBS r11, r11, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r11, r11, r4\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r5\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[5] */
- "str r14, [sp, #20]\n\t"
- "neg r12, r12\n\t"
- "mov r14, #0\n\t"
+ "STR r11, [sp, #20]\n\t"
+ "neg r12, r12\n\t"
+ "MOV r11, #0x0\n\t"
/* t[6] = -1 -1 0 0 0 1 3 2 */
- "adds r11, r11, r8\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r9\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r9\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r9\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r10\n\t"
- "adc r14, r14, #0\n\t"
- "adds r11, r11, r10\n\t"
- "adc r14, r14, #0\n\t"
- "subs r11, r11, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r2\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r11, r11, r3\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r10, r10, r7\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r8\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r8\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r8\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r9\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "ADDS r10, r10, r9\n\t"
+ "ADC r11, r11, #0x0\n\t"
+ "SUBS r10, r10, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r10, r10, r2\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r10, r10, r3\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[6] */
- "mov r9, r11\n\t"
- "neg r12, r12\n\t"
- "mov r11, #0\n\t"
+ "MOV r8, r10\n\t"
+ "neg r12, r12\n\t"
+ "MOV r10, #0x0\n\t"
/* t[7] = 1 0 -1 -1 -1 -1 0 3 */
- "adds r14, r14, r2\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r10\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r10\n\t"
- "adc r11, r11, #0\n\t"
- "adds r14, r14, r10\n\t"
- "adc r11, r11, #0\n\t"
- "subs r14, r14, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r4\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r5\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r6\n\t"
- "sbc r12, r12, #0\n\t"
- "subs r14, r14, r8\n\t"
- "sbc r12, r12, #0\n\t"
+ "ADDS r11, r11, r2\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r9\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r9\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "ADDS r11, r11, r9\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "SUBS r11, r11, r12\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUBS r11, r11, r4\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r5\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r6\n\t"
+ "SBC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r7\n\t"
+ "SBC r12, r12, #0x0\n\t"
/* Store t[7] */
/* Load intermediate */
- "ldr r2, [sp, #0]\n\t"
- "ldr r3, [sp, #4]\n\t"
- "ldr r4, [sp, #8]\n\t"
- "ldr r5, [sp, #12]\n\t"
- "ldr r6, [sp, #16]\n\t"
- "ldr r8, [sp, #20]\n\t"
- "neg r12, r12\n\t"
+ "LDM sp, {r2, r3, r4, r5, r6, r7}\n\t"
+ "neg r12, r12\n\t"
/* Add overflow */
/* Subtract underflow - add neg underflow */
- "adds r2, r2, r11\n\t"
- "adcs r3, r3, #0\n\t"
- "adcs r4, r4, #0\n\t"
- "adds r5, r5, r12\n\t"
- "adcs r6, r6, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adcs r9, r9, r12\n\t"
- "adcs r14, r14, r11\n\t"
- "mov r10, #0\n\t"
- "adc r10, r10, #0\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, r12\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, r12\n\t"
+ "ADCS r11, r11, r10\n\t"
+ "MOV r9, #0x0\n\t"
+ "ADC r9, r9, #0x0\n\t"
/* Subtract overflow */
/* Add underflow - subtract neg underflow */
- "subs r2, r2, r12\n\t"
- "sbcs r3, r3, #0\n\t"
- "sbcs r4, r4, #0\n\t"
- "subs r5, r5, r11\n\t"
- "sbcs r6, r6, #0\n\t"
- "sbcs r8, r8, #0\n\t"
- "sbcs r9, r9, r11\n\t"
- "sbcs r14, r14, r12\n\t"
- "mov r12, #0\n\t"
- "sbc r12, r12, #0\n\t"
+ "SUBS r2, r2, r12\n\t"
+ "SBCS r3, r3, #0x0\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, r10\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, r10\n\t"
+ "SBCS r11, r11, r12\n\t"
+ "MOV r12, #0x0\n\t"
+ "SBC r12, r12, #0x0\n\t"
"neg r12, r12\n\t"
/* Add overflow */
/* Subtract underflow - add neg underflow */
- "adds r2, r2, r10\n\t"
- "adcs r3, r3, #0\n\t"
- "adcs r4, r4, #0\n\t"
- "adds r5, r5, r12\n\t"
- "adcs r6, r6, #0\n\t"
- "adcs r8, r8, #0\n\t"
- "adcs r9, r9, r12\n\t"
- "adc r14, r14, r10\n\t"
+ "ADDS r2, r2, r9\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, r12\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, r12\n\t"
+ "ADC r11, r11, r9\n\t"
/* Subtract overflow */
/* Add underflow - subtract neg underflow */
- "subs r2, r2, r12\n\t"
- "sbcs r3, r3, #0\n\t"
- "sbcs r4, r4, #0\n\t"
- "subs r5, r5, r10\n\t"
- "sbcs r6, r6, #0\n\t"
- "sbcs r8, r8, #0\n\t"
- "sbcs r9, r9, r10\n\t"
- "sbc r14, r14, r12\n\t"
+ "SUBS r2, r2, r12\n\t"
+ "SBCS r3, r3, #0x0\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, r9\n\t"
+ "SBC r11, r11, r12\n\t"
/* Store result */
- "str r2, [%[r], #0]\n\t"
- "str r3, [%[r], #4]\n\t"
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
- "str r6, [%[r], #16]\n\t"
- "str r8, [%[r], #20]\n\t"
- "str r9, [%[r], #24]\n\t"
- "str r14, [%[r], #28]\n\t"
- "add sp, sp, #24\n\t"
+ "STM %[r], {r2, r3, r4, r5, r6, r7, r8, r11}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADD sp, sp, #0x18\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
-
- return MP_OKAY;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ return (uint32_t)(size_t)r;
}
/* Convert an mp_int to an array of sp_digit.
@@ -17011,14 +32240,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -17196,6 +32425,7 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
return err;
}
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -17203,1174 +32433,1389 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m, sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)mp;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x44\n\t"
+ "STR %[r], [sp, #64]\n\t"
+ "MOV %[r], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
+ /* A[0] * B[0] */
+ "LDR lr, [%[b]]\n\t"
+ "UMULL r3, r4, r12, lr\n\t"
+ /* A[0] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "UMULL r5, r6, r12, lr\n\t"
+ /* A[0] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "UMULL r7, r8, r12, lr\n\t"
+ /* A[0] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "UMULL r9, r10, r12, lr\n\t"
+ "STR r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "MOV r11, %[r]\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[0] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[0] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[0] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADC r3, %[r], #0x0\n\t"
+ "UMLAL r10, r3, r12, lr\n\t"
+ /* A[1] * B[0] */
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[1] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[1] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[1] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[1] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[1] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[1] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[1] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r4, %[r], #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * B[0] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "STR r5, [sp, #8]\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[2] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[2] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[2] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[2] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r5, %[r], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * B[0] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[3] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[3] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[3] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[3] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[3] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r6, %[r], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * B[0] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[4] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[4] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[4] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[4] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[4] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[4] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[4] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r7, %[r], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * B[0] */
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[5] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[5] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[5] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[5] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[5] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[5] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r8, %[r], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * B[0] */
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[6] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[6] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[6] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[6] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[6] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[6] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r9, %[r], #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ /* A[7] * B[0] */
+ "LDR r12, [%[a], #28]\n\t"
+ "LDR lr, [%[b]]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[7] * B[1] */
+ "LDR lr, [%[b], #4]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[7] * B[2] */
+ "LDR lr, [%[b], #8]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[7] * B[3] */
+ "LDR lr, [%[b], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[7] * B[4] */
+ "LDR lr, [%[b], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[7] * B[5] */
+ "LDR lr, [%[b], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[7] * B[6] */
+ "LDR lr, [%[b], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[7] * B[7] */
+ "LDR lr, [%[b], #28]\n\t"
+ "ADC r10, %[r], #0x0\n\t"
+ "UMLAL r9, r10, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* Start Reduction */
+ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "MOV r3, r11\n\t"
+ "MOV r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "SUB r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "MOV r0, r8\n\t"
+ "MOV r1, r9\n\t"
+ "MOV r2, r10\n\t"
+ "ADDS r8, r8, r5\n\t"
+ "ADCS r9, r9, r6\n\t"
+ "ADCS r10, r10, r7\n\t"
+ "ADCS r11, r11, r0\n\t"
+ "ADC r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "ADDS r0, r0, r5\n\t"
+ "ADCS r1, r1, r6\n\t"
+ "ADCS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "ADD r0, sp, #0x20\n\t"
+ "LDM r0, {r2, r3, r4}\n\t"
+ "ADDS r2, r2, lr\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STM r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "LDM r0, {r0, r1, r2, r3, r4}\n\t"
+ "ADDS r0, r0, lr\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r8\n\t"
+ "ADCS r1, r1, r9\n\t"
+ "ADCS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r10\n\t"
+ "ADCS r1, r1, r11\n\t"
+ "ADCS r2, r2, r12\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r0, [sp, #44]\n\t"
+ "STR r1, [sp, #48]\n\t"
+ "STR r2, [sp, #52]\n\t"
+ "STR r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "ADD r0, sp, #0x1c\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "SUBS r0, r0, r5\n\t"
+ "SBCS r1, r1, r6\n\t"
+ "SBCS r2, r2, r7\n\t"
+ "SBCS r3, r3, r8\n\t"
+ "ADD r0, sp, #0x2c\n\t"
+ "MOV r8, r4\n\t"
+ "LDM r0, {r4, r5, r6, r7}\n\t"
+ "SBCS r4, r4, r9\n\t"
+ "SBCS r5, r5, r10\n\t"
+ "SBCS r6, r6, r11\n\t"
+ "SBCS r7, r7, r12\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC lr, lr, #0x0\n\t"
+ /* mask m and sub from result if overflow */
+ "RSB lr, lr, #0x0\n\t"
+ "SUBS r1, r1, lr\n\t"
+ "SBCS r2, r2, lr\n\t"
+ "SBCS r3, r3, lr\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, lr, LSR #31\n\t"
+ "SBC r8, r8, lr\n\t"
+ "LDR %[r], [sp, #64]\n\t"
+ "STM %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
(void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)mp_p;
+#else
+ (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+}
+
+#else
+/* Multiply two Montgomery form numbers mod the modulus (prime).
+ * (r = a * b mod m)
+ *
+ * r Result of multiplication.
+ * a First number to multiply in Montgomery form.
+ * b Second number to multiply in Montgomery form.
+ * m Modulus (prime).
+ * mp Montgomery multiplier.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "sub sp, sp, #68\n\t"
- "mov r5, #0\n\t"
- /* A[0] * B[0] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r9, r10, r6, r8\n\t"
- "str r9, [sp, #0]\n\t"
- /* A[0] * B[1] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adc r11, r4, #0\n\t"
- /* A[1] * B[0] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, #0\n\t"
- "str r10, [sp, #4]\n\t"
- /* A[0] * B[2] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adc r14, r4, r14\n\t"
- /* A[1] * B[1] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, #0\n\t"
- /* A[2] * B[0] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- "str r11, [sp, #8]\n\t"
- /* A[0] * B[3] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
- /* A[1] * B[2] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[2] * B[1] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[3] * B[0] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- "str r14, [sp, #12]\n\t"
- /* A[0] * B[4] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, #0\n\t"
- /* A[1] * B[3] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[2] * B[2] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[3] * B[1] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[4] * B[0] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- "str r9, [sp, #16]\n\t"
- /* A[0] * B[5] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, #0\n\t"
- /* A[1] * B[4] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[2] * B[3] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[3] * B[2] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[4] * B[1] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[5] * B[0] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- "str r10, [sp, #20]\n\t"
- /* A[0] * B[6] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, #0\n\t"
- /* A[1] * B[5] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[2] * B[4] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[3] * B[3] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[4] * B[2] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[5] * B[1] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[6] * B[0] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- "str r11, [sp, #24]\n\t"
- /* A[0] * B[7] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
- /* A[1] * B[6] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[2] * B[5] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[3] * B[4] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[4] * B[3] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[5] * B[2] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[6] * B[1] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[7] * B[0] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #0]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- "str r14, [sp, #28]\n\t"
- /* A[1] * B[7] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, #0\n\t"
- /* A[2] * B[6] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[3] * B[5] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[4] * B[4] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[5] * B[3] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[6] * B[2] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[7] * B[1] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #4]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- "str r9, [sp, #32]\n\t"
- /* A[2] * B[7] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, #0\n\t"
- /* A[3] * B[6] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[4] * B[5] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[5] * B[4] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[6] * B[3] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[7] * B[2] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- "str r10, [sp, #36]\n\t"
- /* A[3] * B[7] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, #0\n\t"
- /* A[4] * B[6] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[5] * B[5] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[6] * B[4] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[7] * B[3] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- "str r11, [sp, #40]\n\t"
- /* A[4] * B[7] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
- /* A[5] * B[6] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[6] * B[5] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[7] * B[4] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- "str r14, [sp, #44]\n\t"
- /* A[5] * B[7] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, #0\n\t"
- /* A[6] * B[6] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[7] * B[5] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[6] * B[7] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, #0\n\t"
- /* A[7] * B[6] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[7] * B[7] */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[b], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adc r14, r4, r14\n\t"
- "str r9, [sp, #48]\n\t"
- "str r10, [sp, #52]\n\t"
- "str r11, [sp, #56]\n\t"
- "str r14, [sp, #60]\n\t"
+ "SUB sp, sp, #0x4c\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ "STRD %[r], %[a], [sp, #68]\n\t"
+#else
+ "STR %[r], [sp, #68]\n\t"
+ "STR %[a], [sp, #72]\n\t"
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+ "MOV lr, %[b]\n\t"
+ "LDM %[a], {r0, r1, r2, r3}\n\t"
+ "LDM lr!, {r4, r5, r6}\n\t"
+ "UMULL r10, r11, r0, r4\n\t"
+ "UMULL r12, r7, r1, r4\n\t"
+ "UMAAL r11, r12, r0, r5\n\t"
+ "UMULL r8, r9, r2, r4\n\t"
+ "UMAAL r12, r8, r1, r5\n\t"
+ "UMAAL r12, r7, r0, r6\n\t"
+ "UMAAL r8, r9, r3, r4\n\t"
+ "STM sp, {r10, r11, r12}\n\t"
+ "UMAAL r7, r8, r2, r5\n\t"
+ "LDM lr!, {r4}\n\t"
+ "UMULL r10, r11, r1, r6\n\t"
+ "UMAAL r8, r9, r2, r6\n\t"
+ "UMAAL r7, r10, r0, r4\n\t"
+ "UMAAL r8, r11, r3, r5\n\t"
+ "STR r7, [sp, #12]\n\t"
+ "UMAAL r8, r10, r1, r4\n\t"
+ "UMAAL r9, r11, r3, r6\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "UMAAL r10, r11, r3, r4\n\t"
+ "LDM lr, {r4, r5, r6, r7}\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMLAL r8, r12, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r10, r12, r2, r4\n\t"
+ "UMAAL r11, r12, r3, r4\n\t"
+ "MOV r4, #0x0\n\t"
+ "UMLAL r9, r4, r0, r5\n\t"
+ "UMAAL r10, r4, r1, r5\n\t"
+ "UMAAL r11, r4, r2, r5\n\t"
+ "UMAAL r12, r4, r3, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "UMLAL r10, r5, r0, r6\n\t"
+ "UMAAL r11, r5, r1, r6\n\t"
+ "UMAAL r12, r5, r2, r6\n\t"
+ "UMAAL r4, r5, r3, r6\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r11, r6, r0, r7\n\t"
+ "LDR r0, [sp, #72]\n\t"
+ "UMAAL r12, r6, r1, r7\n\t"
+ "ADD r0, r0, #0x10\n\t"
+ "UMAAL r4, r6, r2, r7\n\t"
+ "SUB lr, lr, #0x10\n\t"
+ "UMAAL r5, r6, r3, r7\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "STR r6, [sp, #64]\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r8, r7, r0, r6\n\t"
+ "UMAAL r9, r7, r1, r6\n\t"
+ "STR r8, [sp, #16]\n\t"
+ "UMAAL r10, r7, r2, r6\n\t"
+ "UMAAL r11, r7, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r8, #0x0\n\t"
+ "UMLAL r9, r8, r0, r6\n\t"
+ "UMAAL r10, r8, r1, r6\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "UMAAL r11, r8, r2, r6\n\t"
+ "UMAAL r12, r8, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r10, r9, r0, r6\n\t"
+ "UMAAL r11, r9, r1, r6\n\t"
+ "STR r10, [sp, #24]\n\t"
+ "UMAAL r12, r9, r2, r6\n\t"
+ "UMAAL r4, r9, r3, r6\n\t"
+ "LDM lr!, {r6}\n\t"
+ "MOV r10, #0x0\n\t"
+ "UMLAL r11, r10, r0, r6\n\t"
+ "UMAAL r12, r10, r1, r6\n\t"
+ "STR r11, [sp, #28]\n\t"
+ "UMAAL r4, r10, r2, r6\n\t"
+ "UMAAL r5, r10, r3, r6\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r12, r7, r0, r11\n\t"
+ "UMAAL r4, r7, r1, r11\n\t"
+ "LDR r6, [sp, #64]\n\t"
+ "UMAAL r5, r7, r2, r11\n\t"
+ "UMAAL r6, r7, r3, r11\n\t"
+ "LDM lr!, {r11}\n\t"
+ "UMAAL r4, r8, r0, r11\n\t"
+ "UMAAL r5, r8, r1, r11\n\t"
+ "UMAAL r6, r8, r2, r11\n\t"
+ "UMAAL r7, r8, r3, r11\n\t"
+ "LDM lr, {r11, lr}\n\t"
+ "UMAAL r5, r9, r0, r11\n\t"
+ "UMAAL r6, r10, r0, lr\n\t"
+ "UMAAL r6, r9, r1, r11\n\t"
+ "UMAAL r7, r10, r1, lr\n\t"
+ "UMAAL r7, r9, r2, r11\n\t"
+ "UMAAL r8, r10, r2, lr\n\t"
+ "UMAAL r8, r9, r3, r11\n\t"
+ "UMAAL r9, r10, r3, lr\n\t"
+ "MOV r3, r12\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
/* Start Reduction */
- "ldr r4, [sp, #0]\n\t"
- "ldr r5, [sp, #4]\n\t"
- "ldr r6, [sp, #8]\n\t"
- "ldr r8, [sp, #12]\n\t"
- "ldr r9, [sp, #16]\n\t"
- "ldr r10, [sp, #20]\n\t"
- "ldr r11, [sp, #24]\n\t"
- "ldr r14, [sp, #28]\n\t"
+ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "MOV r3, r11\n\t"
+ "MOV r4, r12\n\t"
/* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
/* - a[0] << 224 */
/* + (a[0]-a[1] * 2) << (6 * 32) */
- "adds r11, r11, r4\n\t"
- "adc r14, r14, r5\n\t"
- "adds r11, r11, r4\n\t"
- "adc r14, r14, r5\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
/* - a[0] << (7 * 32) */
- "sub r14, r14, r4\n\t"
+ "SUB r12, r12, r5\n\t"
/* + a[0]-a[4] << (3 * 32) */
- "mov %[a], r8\n\t"
- "mov %[b], r9\n\t"
- "adds r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r11, r11, %[a]\n\t"
- "adc r14, r14, %[b]\n\t"
- "str r4, [sp, #0]\n\t"
- "str r5, [sp, #4]\n\t"
- "str r6, [sp, #8]\n\t"
- "str r8, [sp, #12]\n\t"
- "str r9, [sp, #16]\n\t"
- "str r10, [sp, #20]\n\t"
+ "MOV r0, r8\n\t"
+ "MOV r1, r9\n\t"
+ "MOV r2, r10\n\t"
+ "ADDS r8, r8, r5\n\t"
+ "ADCS r9, r9, r6\n\t"
+ "ADCS r10, r10, r7\n\t"
+ "ADCS r11, r11, r0\n\t"
+ "ADC r12, r12, r1\n\t"
/* a += mu * m */
/* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
- "mov %[a], #0\n\t"
- /* a[6] += t[0] + t[3] */
- "ldr r3, [sp, #24]\n\t"
- "adds r3, r3, r4\n\t"
- "adc %[b], %[a], #0\n\t"
- "adds r3, r3, r8\n\t"
- "adc %[b], %[b], #0\n\t"
- "str r11, [sp, #24]\n\t"
- /* a[7] += t[1] + t[4] */
- "ldr r3, [sp, #28]\n\t"
- "adds r3, r3, %[b]\n\t"
- "adc %[b], %[a], #0\n\t"
- "adds r3, r3, r5\n\t"
- "adc %[b], %[b], #0\n\t"
- "adds r3, r3, r9\n\t"
- "adc %[b], %[b], #0\n\t"
- "str r14, [sp, #28]\n\t"
- "str r3, [sp, #64]\n\t"
- /* a[8] += t[0] + t[2] + t[5] */
- "ldr r3, [sp, #32]\n\t"
- "adds r3, r3, %[b]\n\t"
- "adc %[b], %[a], #0\n\t"
- "adds r3, r3, r4\n\t"
- "adc %[b], %[b], #0\n\t"
- "adds r3, r3, r6\n\t"
- "adc %[b], %[b], #0\n\t"
- "adds r3, r3, r10\n\t"
- "adc %[b], %[b], #0\n\t"
- "str r3, [sp, #32]\n\t"
- /* a[9] += t[1] + t[3] + t[6] */
- /* a[10] += t[2] + t[4] + t[7] */
- "ldr r3, [sp, #36]\n\t"
- "ldr r4, [sp, #40]\n\t"
- "adds r3, r3, %[b]\n\t"
- "adcs r4, r4, #0\n\t"
- "adc %[b], %[a], #0\n\t"
- "adds r3, r3, r5\n\t"
- "adcs r4, r4, r6\n\t"
- "adc %[b], %[b], #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc %[b], %[b], #0\n\t"
- "adds r3, r3, r11\n\t"
- "adcs r4, r4, r14\n\t"
- "adc %[b], %[b], #0\n\t"
- "str r3, [sp, #36]\n\t"
- "str r4, [sp, #40]\n\t"
- /* a[11] += t[3] + t[5] */
- /* a[12] += t[4] + t[6] */
- /* a[13] += t[5] + t[7] */
- /* a[14] += t[6] */
- "ldr r3, [sp, #44]\n\t"
- "ldr r4, [sp, #48]\n\t"
- "ldr r5, [sp, #52]\n\t"
- "ldr r6, [sp, #56]\n\t"
- "adds r3, r3, %[b]\n\t"
- "adcs r4, r4, #0\n\t"
- "adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
- "adc %[b], %[a], #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r11\n\t"
- "adc %[b], %[b], #0\n\t"
- "adds r3, r3, r10\n\t"
- "adcs r4, r4, r11\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, #0\n\t"
- "adc %[b], %[b], #0\n\t"
- "str r3, [sp, #44]\n\t"
- "str r4, [sp, #48]\n\t"
- "str r5, [sp, #52]\n\t"
- "str r6, [sp, #56]\n\t"
- /* a[15] += t[7] */
- "ldr r3, [sp, #60]\n\t"
- "adds r3, r3, %[b]\n\t"
- "adc %[b], %[a], #0\n\t"
- "adds r3, r3, r14\n\t"
- "adc %[b], %[b], #0\n\t"
- "str r3, [sp, #60]\n\t"
- "ldr r3, [sp, #64]\n\t"
- "ldr r4, [sp, #32]\n\t"
- "ldr r5, [sp, #36]\n\t"
- "ldr r6, [sp, #40]\n\t"
- "ldr r9, [sp, #0]\n\t"
- "ldr r10, [sp, #4]\n\t"
- "ldr r11, [sp, #8]\n\t"
- "ldr r14, [sp, #12]\n\t"
- "subs r3, r3, r9\n\t"
- "sbcs r4, r4, r10\n\t"
- "sbcs r5, r5, r11\n\t"
- "sbcs r6, r6, r14\n\t"
- "str r4, [sp, #32]\n\t"
- "str r5, [sp, #36]\n\t"
- "str r6, [sp, #40]\n\t"
- "ldr r3, [sp, #44]\n\t"
- "ldr r4, [sp, #48]\n\t"
- "ldr r5, [sp, #52]\n\t"
- "ldr r6, [sp, #56]\n\t"
- "ldr r8, [sp, #60]\n\t"
- "ldr r9, [sp, #16]\n\t"
- "ldr r10, [sp, #20]\n\t"
- "ldr r11, [sp, #24]\n\t"
- "ldr r14, [sp, #28]\n\t"
- "sbcs r3, r3, r9\n\t"
- "sbcs r4, r4, r10\n\t"
- "sbcs r5, r5, r11\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbc r8, r8, #0\n\t"
- "str r3, [sp, #44]\n\t"
- "str r4, [sp, #48]\n\t"
- "str r5, [sp, #52]\n\t"
- "str r6, [sp, #56]\n\t"
- "str r8, [sp, #60]\n\t"
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "ADDS r0, r0, r5\n\t"
+ "ADCS r1, r1, r6\n\t"
+ "ADCS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "ADD r0, sp, #0x20\n\t"
+ "LDM r0, {r2, r3, r4}\n\t"
+ "ADDS r2, r2, lr\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STM r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "LDM r0, {r0, r1, r2, r3, r4}\n\t"
+ "ADDS r0, r0, lr\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r8\n\t"
+ "ADCS r1, r1, r9\n\t"
+ "ADCS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r10\n\t"
+ "ADCS r1, r1, r11\n\t"
+ "ADCS r2, r2, r12\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r0, [sp, #44]\n\t"
+ "STR r1, [sp, #48]\n\t"
+ "STR r2, [sp, #52]\n\t"
+ "STR r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "ADD r0, sp, #0x1c\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "SUBS r0, r0, r5\n\t"
+ "SBCS r1, r1, r6\n\t"
+ "SBCS r2, r2, r7\n\t"
+ "SBCS r3, r3, r8\n\t"
+ "ADD r0, sp, #0x2c\n\t"
+ "MOV r8, r4\n\t"
+ "LDM r0, {r4, r5, r6, r7}\n\t"
+ "SBCS r4, r4, r9\n\t"
+ "SBCS r5, r5, r10\n\t"
+ "SBCS r6, r6, r11\n\t"
+ "SBCS r7, r7, r12\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC lr, lr, #0x0\n\t"
/* mask m and sub from result if overflow */
- "sub %[b], %[a], %[b]\n\t"
- "and %[a], %[b], #1\n\t"
- "ldr r3, [sp, #32]\n\t"
- "ldr r4, [sp, #36]\n\t"
- "ldr r5, [sp, #40]\n\t"
- "ldr r6, [sp, #44]\n\t"
- "ldr r8, [sp, #48]\n\t"
- "ldr r9, [sp, #52]\n\t"
- "ldr r10, [sp, #56]\n\t"
- "ldr r11, [sp, #60]\n\t"
- "subs r3, r3, %[b]\n\t"
- "sbcs r4, r4, %[b]\n\t"
- "sbcs r5, r5, %[b]\n\t"
- "sbcs r6, r6, #0\n\t"
- "sbcs r8, r8, #0\n\t"
- "sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, %[a]\n\t"
- "sbc r11, r11, %[b]\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
- "add sp, sp, #68\n\t"
- : [a] "+r" (a), [b] "+r" (b)
- : [r] "r" (r)
- : "memory", "r9", "r10", "r11", "r14", "r3", "r4", "r5", "r6", "r8"
+ "RSB lr, lr, #0x0\n\t"
+ "SUBS r1, r1, lr\n\t"
+ "SBCS r2, r2, lr\n\t"
+ "SBCS r3, r3, lr\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, lr, LSR #31\n\t"
+ "SBC r8, r8, lr\n\t"
+ "LDR %[r], [sp, #68]\n\t"
+ "STM %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x4c\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)mp_p;
+#else
+ (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
+#endif
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
*
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)mp;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x44\n\t"
+ "STR %[r], [sp, #64]\n\t"
+ "MOV %[r], #0x0\n\t"
+ "LDR r12, [%[a]]\n\t"
+ /* A[0] * A[1] */
+ "LDR lr, [%[a], #4]\n\t"
+ "UMULL r4, r5, r12, lr\n\t"
+ /* A[0] * A[3] */
+ "LDR lr, [%[a], #12]\n\t"
+ "UMULL r6, r7, r12, lr\n\t"
+ /* A[0] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "UMULL r8, r9, r12, lr\n\t"
+ /* A[0] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "UMULL r10, r3, r12, lr\n\t"
+ /* A[0] * A[2] */
+ "LDR lr, [%[a], #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[0] * A[4] */
+ "LDR lr, [%[a], #16]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[0] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[1] * A[2] */
+ "LDR r12, [%[a], #4]\n\t"
+ "LDR lr, [%[a], #8]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "STR r6, [sp, #12]\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[1] * A[3] */
+ "LDR lr, [%[a], #12]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, lr\n\t"
+ "STR r7, [sp, #16]\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[1] * A[4] */
+ "LDR lr, [%[a], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[1] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[1] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[1] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r4, %[r], #0x0\n\t"
+ "UMLAL r3, r4, r12, lr\n\t"
+ /* A[2] * A[3] */
+ "LDR r12, [%[a], #8]\n\t"
+ "LDR lr, [%[a], #12]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r8, r11, r12, lr\n\t"
+ "STR r8, [sp, #20]\n\t"
+ "ADDS r9, r9, r11\n\t"
+ /* A[2] * A[4] */
+ "LDR lr, [%[a], #16]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, lr\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "ADDS r10, r10, r11\n\t"
+ /* A[2] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[2] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[2] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r5, %[r], #0x0\n\t"
+ "UMLAL r4, r5, r12, lr\n\t"
+ /* A[3] * A[4] */
+ "LDR r12, [%[a], #12]\n\t"
+ "LDR lr, [%[a], #16]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r10, r11, r12, lr\n\t"
+ "STR r10, [sp, #28]\n\t"
+ "ADDS r3, r3, r11\n\t"
+ /* A[3] * A[5] */
+ "LDR lr, [%[a], #20]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, lr\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[3] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[3] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r6, %[r], #0x0\n\t"
+ "UMLAL r5, r6, r12, lr\n\t"
+ /* A[4] * A[5] */
+ "LDR r12, [%[a], #16]\n\t"
+ "LDR lr, [%[a], #20]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r4, r11, r12, lr\n\t"
+ "ADDS r5, r5, r11\n\t"
+ /* A[4] * A[6] */
+ "LDR lr, [%[a], #24]\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, lr\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[4] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r7, %[r], #0x0\n\t"
+ "UMLAL r6, r7, r12, lr\n\t"
+ /* A[5] * A[6] */
+ "LDR r12, [%[a], #20]\n\t"
+ "LDR lr, [%[a], #24]\n\t"
+ "MOV r11, #0x0\n\t"
+ "UMLAL r6, r11, r12, lr\n\t"
+ "ADDS r7, r7, r11\n\t"
+ /* A[5] * A[7] */
+ "LDR lr, [%[a], #28]\n\t"
+ "ADC r8, %[r], #0x0\n\t"
+ "UMLAL r7, r8, r12, lr\n\t"
+ /* A[6] * A[7] */
+ "LDR r12, [%[a], #24]\n\t"
+ "LDR lr, [%[a], #28]\n\t"
+ "MOV r9, #0x0\n\t"
+ "UMLAL r8, r9, r12, lr\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "STM lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADCS r3, r3, r3\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADC r10, %[r], #0x0\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "ADD lr, sp, #0x4\n\t"
+ "LDM lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "MOV lr, sp\n\t"
+ /* A[0] * A[0] */
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[1] * A[1] */
+ "LDR r12, [%[a], #4]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[2] * A[2] */
+ "LDR r12, [%[a], #8]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[3] * A[3] */
+ "LDR r12, [%[a], #12]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r9, r11, r12, r12\n\t"
+ "ADDS r10, r10, r11\n\t"
+ "STM lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ "LDM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* A[4] * A[4] */
+ "LDR r12, [%[a], #16]\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r3, r11, r12, r12\n\t"
+ "ADDS r4, r4, r11\n\t"
+ /* A[5] * A[5] */
+ "LDR r12, [%[a], #20]\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r5, r11, r12, r12\n\t"
+ "ADDS r6, r6, r11\n\t"
+ /* A[6] * A[6] */
+ "LDR r12, [%[a], #24]\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADC r11, %[r], #0x0\n\t"
+ "UMLAL r7, r11, r12, r12\n\t"
+ "ADDS r8, r8, r11\n\t"
+ /* A[7] * A[7] */
+ "LDR r12, [%[a], #28]\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADC r10, r10, #0x0\n\t"
+ "UMLAL r9, r10, r12, r12\n\t"
+ "ADD lr, sp, #0x20\n\t"
+ "STM lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+ /* Start Reduction */
+ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "MOV r3, r11\n\t"
+ "MOV r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "SUB r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "MOV r0, r8\n\t"
+ "MOV r1, r9\n\t"
+ "MOV r2, r10\n\t"
+ "ADDS r8, r8, r5\n\t"
+ "ADCS r9, r9, r6\n\t"
+ "ADCS r10, r10, r7\n\t"
+ "ADCS r11, r11, r0\n\t"
+ "ADC r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "ADDS r0, r0, r5\n\t"
+ "ADCS r1, r1, r6\n\t"
+ "ADCS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "ADD r0, sp, #0x20\n\t"
+ "LDM r0, {r2, r3, r4}\n\t"
+ "ADDS r2, r2, lr\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STM r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "LDM r0, {r0, r1, r2, r3, r4}\n\t"
+ "ADDS r0, r0, lr\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r8\n\t"
+ "ADCS r1, r1, r9\n\t"
+ "ADCS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r10\n\t"
+ "ADCS r1, r1, r11\n\t"
+ "ADCS r2, r2, r12\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r0, [sp, #44]\n\t"
+ "STR r1, [sp, #48]\n\t"
+ "STR r2, [sp, #52]\n\t"
+ "STR r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "ADD r0, sp, #0x1c\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "SUBS r0, r0, r5\n\t"
+ "SBCS r1, r1, r6\n\t"
+ "SBCS r2, r2, r7\n\t"
+ "SBCS r3, r3, r8\n\t"
+ "ADD r0, sp, #0x2c\n\t"
+ "MOV r8, r4\n\t"
+ "LDM r0, {r4, r5, r6, r7}\n\t"
+ "SBCS r4, r4, r9\n\t"
+ "SBCS r5, r5, r10\n\t"
+ "SBCS r6, r6, r11\n\t"
+ "SBCS r7, r7, r12\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC lr, lr, #0x0\n\t"
+ /* mask m and sub from result if overflow */
+ "RSB lr, lr, #0x0\n\t"
+ "SUBS r1, r1, lr\n\t"
+ "SBCS r2, r2, lr\n\t"
+ "SBCS r3, r3, lr\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, lr, LSR #31\n\t"
+ "SBC r8, r8, lr\n\t"
+ "LDR %[r], [sp, #64]\n\t"
+ "STM %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
(void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)mp_p;
+#else
+ (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+}
+
+#else
+/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
+ *
+ * r Result of squaring.
+ * a Number to square in Montgomery form.
+ * m Modulus (prime).
+ * mp Montgomery multiplier.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "sub sp, sp, #68\n\t"
- "mov r5, #0\n\t"
- /* A[0] * A[1] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #4]\n\t"
- "umull r10, r11, r6, r8\n\t"
- "str r10, [sp, #4]\n\t"
- /* A[0] * A[2] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adc r14, r4, #0\n\t"
- "str r11, [sp, #8]\n\t"
- /* A[0] * A[3] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adc r9, r4, #0\n\t"
- /* A[1] * A[2] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #8]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
- "str r14, [sp, #12]\n\t"
- /* A[0] * A[4] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adc r10, r4, r10\n\t"
- /* A[1] * A[3] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, #0\n\t"
- "str r9, [sp, #16]\n\t"
- /* A[0] * A[5] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adc r11, r4, r11\n\t"
- /* A[1] * A[4] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, #0\n\t"
- /* A[2] * A[3] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #12]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- "str r10, [sp, #20]\n\t"
- /* A[0] * A[6] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, #0\n\t"
- /* A[1] * A[5] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- /* A[2] * A[4] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- "str r11, [sp, #24]\n\t"
- /* A[0] * A[7] */
- "ldr r6, [%[a], #0]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
- /* A[1] * A[6] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[2] * A[5] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- /* A[3] * A[4] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #16]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- "str r14, [sp, #28]\n\t"
- /* A[1] * A[7] */
- "ldr r6, [%[a], #4]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, #0\n\t"
- /* A[2] * A[6] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- /* A[3] * A[5] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, r11\n\t"
- "str r9, [sp, #32]\n\t"
- /* A[2] * A[7] */
- "ldr r6, [%[a], #8]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, #0\n\t"
- /* A[3] * A[6] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- /* A[4] * A[5] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #20]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adcs r11, r4, r11\n\t"
- "adc r14, r5, r14\n\t"
- "str r10, [sp, #36]\n\t"
- /* A[3] * A[7] */
- "ldr r6, [%[a], #12]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, #0\n\t"
- /* A[4] * A[6] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r11, r3, r11\n\t"
- "adcs r14, r4, r14\n\t"
- "adc r9, r5, r9\n\t"
- "str r11, [sp, #40]\n\t"
- /* A[4] * A[7] */
- "ldr r6, [%[a], #16]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, #0\n\t"
- /* A[5] * A[6] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[a], #24]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r14, r3, r14\n\t"
- "adcs r9, r4, r9\n\t"
- "adc r10, r5, r10\n\t"
- "str r14, [sp, #44]\n\t"
- /* A[5] * A[7] */
- "ldr r6, [%[a], #20]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r9, r3, r9\n\t"
- "adcs r10, r4, r10\n\t"
- "adc r11, r5, #0\n\t"
- "str r9, [sp, #48]\n\t"
- /* A[6] * A[7] */
- "ldr r6, [%[a], #24]\n\t"
- "ldr r8, [%[a], #28]\n\t"
- "umull r3, r4, r6, r8\n\t"
- "adds r10, r3, r10\n\t"
- "adc r11, r4, r11\n\t"
- "str r10, [sp, #52]\n\t"
- "str r11, [sp, #56]\n\t"
- /* Double */
- "ldr r4, [sp, #4]\n\t"
- "ldr r6, [sp, #8]\n\t"
- "ldr r8, [sp, #12]\n\t"
- "ldr r9, [sp, #16]\n\t"
- "ldr r10, [sp, #20]\n\t"
- "ldr r11, [sp, #24]\n\t"
- "ldr r14, [sp, #28]\n\t"
- "ldr r12, [sp, #32]\n\t"
- "ldr r3, [sp, #36]\n\t"
- "adds r4, r4, r4\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r11, r11, r11\n\t"
- "adcs r14, r14, r14\n\t"
- "adcs r12, r12, r12\n\t"
- "adcs r3, r3, r3\n\t"
- "str r4, [sp, #4]\n\t"
- "str r6, [sp, #8]\n\t"
- "str r8, [sp, #12]\n\t"
- "str r9, [sp, #16]\n\t"
- "str r10, [sp, #20]\n\t"
- "str r11, [sp, #24]\n\t"
- "str r14, [sp, #28]\n\t"
- "str r12, [sp, #32]\n\t"
- "str r3, [sp, #36]\n\t"
- "ldr r4, [sp, #40]\n\t"
- "ldr r6, [sp, #44]\n\t"
- "ldr r8, [sp, #48]\n\t"
- "ldr r9, [sp, #52]\n\t"
- "ldr r10, [sp, #56]\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "str r4, [sp, #40]\n\t"
- "str r6, [sp, #44]\n\t"
- "str r8, [sp, #48]\n\t"
- "str r9, [sp, #52]\n\t"
- "str r10, [sp, #56]\n\t"
- "adc r11, r5, #0\n\t"
- "str r11, [sp, #60]\n\t"
- "ldr r4, [sp, #4]\n\t"
- "ldr r5, [sp, #8]\n\t"
- "ldr r12, [sp, #12]\n\t"
- /* A[0] * A[0] */
- "ldr r6, [%[a], #0]\n\t"
- "umull r9, r10, r6, r6\n\t"
- /* A[1] * A[1] */
- "ldr r6, [%[a], #4]\n\t"
- "umull r11, r14, r6, r6\n\t"
- "adds r10, r10, r4\n\t"
- "adcs r11, r11, r5\n\t"
- "adcs r14, r14, r12\n\t"
- "str r9, [sp, #0]\n\t"
- "str r10, [sp, #4]\n\t"
- "str r11, [sp, #8]\n\t"
- "str r14, [sp, #12]\n\t"
- "ldr r3, [sp, #16]\n\t"
- "ldr r4, [sp, #20]\n\t"
- "ldr r5, [sp, #24]\n\t"
- "ldr r12, [sp, #28]\n\t"
- /* A[2] * A[2] */
- "ldr r6, [%[a], #8]\n\t"
- "umull r9, r10, r6, r6\n\t"
- /* A[3] * A[3] */
- "ldr r6, [%[a], #12]\n\t"
- "umull r11, r14, r6, r6\n\t"
- "adcs r9, r9, r3\n\t"
- "adcs r10, r10, r4\n\t"
- "adcs r11, r11, r5\n\t"
- "adcs r14, r14, r12\n\t"
- "str r9, [sp, #16]\n\t"
- "str r10, [sp, #20]\n\t"
- "str r11, [sp, #24]\n\t"
- "str r14, [sp, #28]\n\t"
- "ldr r3, [sp, #32]\n\t"
- "ldr r4, [sp, #36]\n\t"
- "ldr r5, [sp, #40]\n\t"
- "ldr r12, [sp, #44]\n\t"
- /* A[4] * A[4] */
- "ldr r6, [%[a], #16]\n\t"
- "umull r9, r10, r6, r6\n\t"
- /* A[5] * A[5] */
- "ldr r6, [%[a], #20]\n\t"
- "umull r11, r14, r6, r6\n\t"
- "adcs r9, r9, r3\n\t"
- "adcs r10, r10, r4\n\t"
- "adcs r11, r11, r5\n\t"
- "adcs r14, r14, r12\n\t"
- "str r9, [sp, #32]\n\t"
- "str r10, [sp, #36]\n\t"
- "str r11, [sp, #40]\n\t"
- "str r14, [sp, #44]\n\t"
- "ldr r3, [sp, #48]\n\t"
- "ldr r4, [sp, #52]\n\t"
- "ldr r5, [sp, #56]\n\t"
- "ldr r12, [sp, #60]\n\t"
- /* A[6] * A[6] */
- "ldr r6, [%[a], #24]\n\t"
- "umull r9, r10, r6, r6\n\t"
- /* A[7] * A[7] */
- "ldr r6, [%[a], #28]\n\t"
- "umull r11, r14, r6, r6\n\t"
- "adcs r9, r9, r3\n\t"
- "adcs r10, r10, r4\n\t"
- "adcs r11, r11, r5\n\t"
- "adc r14, r14, r12\n\t"
- "str r9, [sp, #48]\n\t"
- "str r10, [sp, #52]\n\t"
- "str r11, [sp, #56]\n\t"
- "str r14, [sp, #60]\n\t"
+ "SUB sp, sp, #0x44\n\t"
+ "STR %[r], [sp, #64]\n\t"
+ "LDM %[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+ "UMULL r9, r10, r0, r0\n\t"
+ "UMULL r11, r12, r0, r1\n\t"
+ "ADDS r11, r11, r11\n\t"
+ "MOV lr, #0x0\n\t"
+ "UMAAL r10, r11, lr, lr\n\t"
+ "STM sp, {r9, r10}\n\t"
+ "MOV r8, lr\n\t"
+ "UMAAL r8, r12, r0, r2\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r8, r11, r1, r1\n\t"
+ "UMULL r9, r10, r0, r3\n\t"
+ "UMAAL r9, r12, r1, r2\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STRD r8, r9, [sp, #8]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r10, r0, r4\n\t"
+ "UMAAL r9, r12, r1, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r2, r2\n\t"
+ "STR r9, [sp, #16]\n\t"
+ "UMULL r9, r8, r0, r5\n\t"
+ "UMAAL r9, r12, r1, r4\n\t"
+ "UMAAL r9, r10, r2, r3\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, lr, lr\n\t"
+ "STR r9, [sp, #20]\n\t"
+ "MOV r9, lr\n\t"
+ "UMAAL r9, r8, r0, r6\n\t"
+ "UMAAL r9, r12, r1, r5\n\t"
+ "UMAAL r9, r10, r2, r4\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r11, r3, r3\n\t"
+ "STR r9, [sp, #24]\n\t"
+ "UMULL r0, r9, r0, r7\n\t"
+ "UMAAL r0, r8, r1, r6\n\t"
+ "UMAAL r0, r12, r2, r5\n\t"
+ "UMAAL r0, r10, r3, r4\n\t"
+ "ADCS r0, r0, r0\n\t"
+ "UMAAL r0, r11, lr, lr\n\t"
+ /* R[7] = r0 */
+ "UMAAL r9, r8, r1, r7\n\t"
+ "UMAAL r9, r10, r2, r6\n\t"
+ "UMAAL r12, r9, r3, r5\n\t"
+ "ADCS r12, r12, r12\n\t"
+ "UMAAL r12, r11, r4, r4\n\t"
+ /* R[8] = r12 */
+ "UMAAL r9, r8, r2, r7\n\t"
+ "UMAAL r10, r9, r3, r6\n\t"
+ "MOV r2, lr\n\t"
+ "UMAAL r10, r2, r4, r5\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "UMAAL r11, r10, lr, lr\n\t"
+ /* R[9] = r11 */
+ "UMAAL r2, r8, r3, r7\n\t"
+ "UMAAL r2, r9, r4, r6\n\t"
+ "ADCS r3, r2, r2\n\t"
+ "UMAAL r10, r3, r5, r5\n\t"
+ /* R[10] = r10 */
+ "MOV r1, lr\n\t"
+ "UMAAL r1, r8, r4, r7\n\t"
+ "UMAAL r1, r9, r5, r6\n\t"
+ "ADCS r4, r1, r1\n\t"
+ "UMAAL r3, r4, lr, lr\n\t"
+ /* R[11] = r3 */
+ "UMAAL r8, r9, r5, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "UMAAL r4, r8, r6, r6\n\t"
+ /* R[12] = r4 */
+ "MOV r5, lr\n\t"
+ "UMAAL r5, r9, r6, r7\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "UMAAL r8, r5, lr, lr\n\t"
+ /* R[13] = r8 */
+ "ADCS r9, r9, r9\n\t"
+ "UMAAL r9, r5, r7, r7\n\t"
+ "ADCS r7, r5, lr\n\t"
+ /* R[14] = r9 */
+ /* R[15] = r7 */
+ "MOV lr, sp\n\t"
+ "ADD lr, lr, #0x1c\n\t"
+ "STM lr!, {r0, r12}\n\t"
+ "STM lr!, {r11}\n\t"
+ "STM lr!, {r10}\n\t"
+ "STM lr!, {r3, r4, r8, r9}\n\t"
+ "STM lr!, {r7}\n\t"
/* Start Reduction */
- "ldr r4, [sp, #0]\n\t"
- "ldr r5, [sp, #4]\n\t"
- "ldr r6, [sp, #8]\n\t"
- "ldr r8, [sp, #12]\n\t"
- "ldr r9, [sp, #16]\n\t"
- "ldr r10, [sp, #20]\n\t"
- "ldr r11, [sp, #24]\n\t"
- "ldr r14, [sp, #28]\n\t"
+ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "MOV r3, r11\n\t"
+ "MOV r4, r12\n\t"
/* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
/* - a[0] << 224 */
/* + (a[0]-a[1] * 2) << (6 * 32) */
- "adds r11, r11, r4\n\t"
- "adc r14, r14, r5\n\t"
- "adds r11, r11, r4\n\t"
- "adc r14, r14, r5\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
/* - a[0] << (7 * 32) */
- "sub r14, r14, r4\n\t"
+ "SUB r12, r12, r5\n\t"
/* + a[0]-a[4] << (3 * 32) */
- "mov %[a], r8\n\t"
- "mov r12, r9\n\t"
- "adds r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r11, r11, %[a]\n\t"
- "adc r14, r14, r12\n\t"
- "str r4, [sp, #0]\n\t"
- "str r5, [sp, #4]\n\t"
- "str r6, [sp, #8]\n\t"
- "str r8, [sp, #12]\n\t"
- "str r9, [sp, #16]\n\t"
- "str r10, [sp, #20]\n\t"
+ "MOV r0, r8\n\t"
+ "MOV r1, r9\n\t"
+ "MOV r2, r10\n\t"
+ "ADDS r8, r8, r5\n\t"
+ "ADCS r9, r9, r6\n\t"
+ "ADCS r10, r10, r7\n\t"
+ "ADCS r11, r11, r0\n\t"
+ "ADC r12, r12, r1\n\t"
/* a += mu * m */
/* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
- "mov %[a], #0\n\t"
- /* a[6] += t[0] + t[3] */
- "ldr r3, [sp, #24]\n\t"
- "adds r3, r3, r4\n\t"
- "adc r12, %[a], #0\n\t"
- "adds r3, r3, r8\n\t"
- "adc r12, r12, #0\n\t"
- "str r11, [sp, #24]\n\t"
- /* a[7] += t[1] + t[4] */
- "ldr r3, [sp, #28]\n\t"
- "adds r3, r3, r12\n\t"
- "adc r12, %[a], #0\n\t"
- "adds r3, r3, r5\n\t"
- "adc r12, r12, #0\n\t"
- "adds r3, r3, r9\n\t"
- "adc r12, r12, #0\n\t"
- "str r14, [sp, #28]\n\t"
- "str r3, [sp, #64]\n\t"
- /* a[8] += t[0] + t[2] + t[5] */
- "ldr r3, [sp, #32]\n\t"
- "adds r3, r3, r12\n\t"
- "adc r12, %[a], #0\n\t"
- "adds r3, r3, r4\n\t"
- "adc r12, r12, #0\n\t"
- "adds r3, r3, r6\n\t"
- "adc r12, r12, #0\n\t"
- "adds r3, r3, r10\n\t"
- "adc r12, r12, #0\n\t"
- "str r3, [sp, #32]\n\t"
- /* a[9] += t[1] + t[3] + t[6] */
- /* a[10] += t[2] + t[4] + t[7] */
- "ldr r3, [sp, #36]\n\t"
- "ldr r4, [sp, #40]\n\t"
- "adds r3, r3, r12\n\t"
- "adcs r4, r4, #0\n\t"
- "adc r12, %[a], #0\n\t"
- "adds r3, r3, r5\n\t"
- "adcs r4, r4, r6\n\t"
- "adc r12, r12, #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adc r12, r12, #0\n\t"
- "adds r3, r3, r11\n\t"
- "adcs r4, r4, r14\n\t"
- "adc r12, r12, #0\n\t"
- "str r3, [sp, #36]\n\t"
- "str r4, [sp, #40]\n\t"
- /* a[11] += t[3] + t[5] */
- /* a[12] += t[4] + t[6] */
- /* a[13] += t[5] + t[7] */
- /* a[14] += t[6] */
- "ldr r3, [sp, #44]\n\t"
- "ldr r4, [sp, #48]\n\t"
- "ldr r5, [sp, #52]\n\t"
- "ldr r6, [sp, #56]\n\t"
- "adds r3, r3, r12\n\t"
- "adcs r4, r4, #0\n\t"
- "adcs r5, r5, #0\n\t"
- "adcs r6, r6, #0\n\t"
- "adc r12, %[a], #0\n\t"
- "adds r3, r3, r8\n\t"
- "adcs r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r11\n\t"
- "adc r12, r12, #0\n\t"
- "adds r3, r3, r10\n\t"
- "adcs r4, r4, r11\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, #0\n\t"
- "adc r12, r12, #0\n\t"
- "str r3, [sp, #44]\n\t"
- "str r4, [sp, #48]\n\t"
- "str r5, [sp, #52]\n\t"
- "str r6, [sp, #56]\n\t"
- /* a[15] += t[7] */
- "ldr r3, [sp, #60]\n\t"
- "adds r3, r3, r12\n\t"
- "adc r12, %[a], #0\n\t"
- "adds r3, r3, r14\n\t"
- "adc r12, r12, #0\n\t"
- "str r3, [sp, #60]\n\t"
- "ldr r3, [sp, #64]\n\t"
- "ldr r4, [sp, #32]\n\t"
- "ldr r5, [sp, #36]\n\t"
- "ldr r6, [sp, #40]\n\t"
- "ldr r9, [sp, #0]\n\t"
- "ldr r10, [sp, #4]\n\t"
- "ldr r11, [sp, #8]\n\t"
- "ldr r14, [sp, #12]\n\t"
- "subs r3, r3, r9\n\t"
- "sbcs r4, r4, r10\n\t"
- "sbcs r5, r5, r11\n\t"
- "sbcs r6, r6, r14\n\t"
- "str r4, [sp, #32]\n\t"
- "str r5, [sp, #36]\n\t"
- "str r6, [sp, #40]\n\t"
- "ldr r3, [sp, #44]\n\t"
- "ldr r4, [sp, #48]\n\t"
- "ldr r5, [sp, #52]\n\t"
- "ldr r6, [sp, #56]\n\t"
- "ldr r8, [sp, #60]\n\t"
- "ldr r9, [sp, #16]\n\t"
- "ldr r10, [sp, #20]\n\t"
- "ldr r11, [sp, #24]\n\t"
- "ldr r14, [sp, #28]\n\t"
- "sbcs r3, r3, r9\n\t"
- "sbcs r4, r4, r10\n\t"
- "sbcs r5, r5, r11\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbc r8, r8, #0\n\t"
- "str r3, [sp, #44]\n\t"
- "str r4, [sp, #48]\n\t"
- "str r5, [sp, #52]\n\t"
- "str r6, [sp, #56]\n\t"
- "str r8, [sp, #60]\n\t"
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "ADDS r0, r0, r5\n\t"
+ "ADCS r1, r1, r6\n\t"
+ "ADCS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "ADD r0, sp, #0x20\n\t"
+ "LDM r0, {r2, r3, r4}\n\t"
+ "ADDS r2, r2, lr\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STM r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "LDM r0, {r0, r1, r2, r3, r4}\n\t"
+ "ADDS r0, r0, lr\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r8\n\t"
+ "ADCS r1, r1, r9\n\t"
+ "ADCS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r10\n\t"
+ "ADCS r1, r1, r11\n\t"
+ "ADCS r2, r2, r12\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r0, [sp, #44]\n\t"
+ "STR r1, [sp, #48]\n\t"
+ "STR r2, [sp, #52]\n\t"
+ "STR r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "ADD r0, sp, #0x1c\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "SUBS r0, r0, r5\n\t"
+ "SBCS r1, r1, r6\n\t"
+ "SBCS r2, r2, r7\n\t"
+ "SBCS r3, r3, r8\n\t"
+ "ADD r0, sp, #0x2c\n\t"
+ "MOV r8, r4\n\t"
+ "LDM r0, {r4, r5, r6, r7}\n\t"
+ "SBCS r4, r4, r9\n\t"
+ "SBCS r5, r5, r10\n\t"
+ "SBCS r6, r6, r11\n\t"
+ "SBCS r7, r7, r12\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC lr, lr, #0x0\n\t"
/* mask m and sub from result if overflow */
- "sub r12, %[a], r12\n\t"
- "and %[a], r12, #1\n\t"
- "ldr r3, [sp, #32]\n\t"
- "ldr r4, [sp, #36]\n\t"
- "ldr r5, [sp, #40]\n\t"
- "ldr r6, [sp, #44]\n\t"
- "ldr r8, [sp, #48]\n\t"
- "ldr r9, [sp, #52]\n\t"
- "ldr r10, [sp, #56]\n\t"
- "ldr r11, [sp, #60]\n\t"
- "subs r3, r3, r12\n\t"
- "sbcs r4, r4, r12\n\t"
- "sbcs r5, r5, r12\n\t"
- "sbcs r6, r6, #0\n\t"
- "sbcs r8, r8, #0\n\t"
- "sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, %[a]\n\t"
- "sbc r11, r11, r12\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "str r8, [%[r], #16]\n\t"
- "str r9, [%[r], #20]\n\t"
- "str r10, [%[r], #24]\n\t"
- "str r11, [%[r], #28]\n\t"
- "add sp, sp, #68\n\t"
- : [a] "+r" (a)
- : [r] "r" (r)
- : "memory", "r9", "r10", "r11", "r14", "r3", "r4", "r5", "r6", "r8", "r12"
+ "RSB lr, lr, #0x0\n\t"
+ "SUBS r1, r1, lr\n\t"
+ "SBCS r2, r2, lr\n\t"
+ "SBCS r3, r3, lr\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, lr, LSR #31\n\t"
+ "SBC r8, r8, lr\n\t"
+ "LDR %[r], [sp, #64]\n\t"
+ "STM %[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)mp_p;
+#else
+ (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
+#endif
#if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
/* Square the Montgomery form number a number of times. (r = a ^ n mod m)
*
@@ -18378,10 +33823,10 @@ SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_8(r, a, m, mp);
for (; n > 1; n--) {
@@ -18474,44 +33919,137 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #28\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x1c\n\t"
+ "\n"
+ "L_sp_256_cmp_8_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_256_cmp_8_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Normalize the values in each word to 32.
@@ -18520,6 +34058,7 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
*/
#define sp_256_norm_8(a)
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -18528,265 +34067,695 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #32\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_256_cond_sub_8_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_256_cond_sub_8_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_256_cond_sub_8_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_SP_SMALL
+#define sp_256_mont_reduce_order_8 sp_256_mont_reduce_8
+
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Reduce the number back to 256 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)mp;
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r2, #0\n\t"
- "mov r1, #0\n\t"
+ "LDR lr, [%[m]]\n\t"
/* i = 0 */
- "mov r9, r2\n\t"
- "\n1:\n\t"
- "mov r4, #0\n\t"
- /* mu = a[i] * 1 (mp) = a[i] */
- "ldr r3, [%[a]]\n\t"
- /* a[i] += -1 * mu = -1 * a[i] => a[i] = 0 no carry */
- /* a[i+1] += -1 * mu */
- "ldr r6, [%[a], #4]\n\t"
- "mov r5, #0\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r2\n\t"
- "str r4, [%[a], #4]\n\t"
- /* a[i+2] += -1 * mu */
- "ldr r6, [%[a], #8]\n\t"
- "mov r4, #0\n\t"
- "adds r5, r5, r6\n\t"
- "adc r4, r4, r2\n\t"
- "str r5, [%[a], #8]\n\t"
- /* a[i+3] += 0 * mu */
- "ldr r6, [%[a], #12]\n\t"
- "mov r5, #0\n\t"
- "adds r4, r4, r3\n\t"
- "adc r5, r5, r2\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r2\n\t"
- "str r4, [%[a], #12]\n\t"
- /* a[i+4] += 0 * mu */
- "ldr r6, [%[a], #16]\n\t"
- "mov r4, #0\n\t"
- "adds r5, r5, r6\n\t"
- "adc r4, r4, r2\n\t"
- "str r5, [%[a], #16]\n\t"
- /* a[i+5] += 0 * mu */
- "ldr r6, [%[a], #20]\n\t"
- "mov r5, #0\n\t"
- "adds r4, r4, r6\n\t"
- "adc r5, r5, r2\n\t"
- "str r4, [%[a], #20]\n\t"
- /* a[i+6] += 1 * mu */
- "ldr r6, [%[a], #24]\n\t"
- "mov r4, #0\n\t"
- "adds r5, r5, r3\n\t"
- "adc r4, r4, r2\n\t"
- "adds r5, r5, r6\n\t"
- "adc r4, r4, r2\n\t"
- "str r5, [%[a], #24]\n\t"
- /* a[i+7] += -1 * mu */
- "ldr r6, [%[a], #28]\n\t"
- "ldr r8, [%[a], #32]\n\t"
- "adds r5, r1, r3\n\t"
- "mov r1, #0\n\t"
- "adc r1, r1, r2\n\t"
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, r2\n\t"
- "sbc r1, r1, r2\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc r1, r1, r2\n\t"
- "str r4, [%[a], #28]\n\t"
- "str r5, [%[a], #32]\n\t"
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_8_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r3, r3, #0x0\n\t"
/* i += 1 */
- "add r9, r9, #1\n\t"
- "add %[a], %[a], #4\n\t"
- "mov r6, #8\n\t"
- "cmp r9, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "sub %[a], %[a], #32\n\t"
- "mov r3, r1\n\t"
- "sub r1, r1, #1\n\t"
- "mvn r1, r1\n\t"
- "ldr r4, [%[a],#32]\n\t"
- "ldr r5, [%[a],#36]\n\t"
- "ldr r6, [%[a],#40]\n\t"
- "ldr r8, [%[a],#44]\n\t"
- "ldr r9, [%[a],#48]\n\t"
- "ldr r10, [%[a],#52]\n\t"
- "ldr r11, [%[a],#56]\n\t"
- "ldr r14, [%[a],#60]\n\t"
- "subs r4, r4, r1\n\t"
- "sbcs r5, r5, r1\n\t"
- "sbcs r6, r6, r1\n\t"
- "sbcs r8, r8, r2\n\t"
- "sbcs r9, r9, r2\n\t"
- "sbcs r10, r10, r2\n\t"
- "sbcs r11, r11, r3\n\t"
- "sbc r14, r14, r1\n\t"
- "str r4, [%[a],#0]\n\t"
- "str r5, [%[a],#4]\n\t"
- "str r6, [%[a],#8]\n\t"
- "str r8, [%[a],#12]\n\t"
- "str r9, [%[a],#16]\n\t"
- "str r10, [%[a],#20]\n\t"
- "str r11, [%[a],#24]\n\t"
- "str r14, [%[a],#28]\n\t"
- : [a] "+r" (a)
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x20\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_256_mont_reduce_8_word\n\t"
+#else
+ "BLT.W L_sp_256_mont_reduce_8_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_8_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #32]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #32]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x20\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_256_mont_reduce_8_word\n\t"
+#else
+ "BLT.W L_sp_256_mont_reduce_8_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
:
- : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+#endif
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+ __asm__ __volatile__ (
+ "SUB sp, sp, #0x44\n\t"
+ "STR %[a], [sp, #64]\n\t"
+ "MOV lr, sp\n\t"
+ "LDM %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "STM lr!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "LDM %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "STM lr, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ /* Start Reduction */
+ "LDM sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "MOV r3, r11\n\t"
+ "MOV r4, r12\n\t"
+ /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+ /* - a[0] << 224 */
+ /* + (a[0]-a[1] * 2) << (6 * 32) */
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ "ADDS r11, r11, r5\n\t"
+ "ADC r12, r12, r6\n\t"
+ /* - a[0] << (7 * 32) */
+ "SUB r12, r12, r5\n\t"
+ /* + a[0]-a[4] << (3 * 32) */
+ "MOV r0, r8\n\t"
+ "MOV r1, r9\n\t"
+ "MOV r2, r10\n\t"
+ "ADDS r8, r8, r5\n\t"
+ "ADCS r9, r9, r6\n\t"
+ "ADCS r10, r10, r7\n\t"
+ "ADCS r11, r11, r0\n\t"
+ "ADC r12, r12, r1\n\t"
+ /* a += mu * m */
+ /* += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+ /* a[0] = = t[0] */
+ /* a[1] = = t[1] */
+ /* a[2] = = t[2] */
+ /* a[3] += t[0] = t[3] */
+ /* a[4] += t[1] = t[4] */
+ /* a[5] += t[2] = t[5] */
+ /* a[6] += t[0] + t[3] = t[6] */
+ /* a[7] += t[1] + t[4] = t[7] + t[0] */
+ "ADDS r0, r0, r5\n\t"
+ "ADCS r1, r1, r6\n\t"
+ "ADCS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* a[8] += t[0] + t[2] + t[5] */
+ /* a[9] += t[1] + t[3] + t[6] */
+ /* a[10] += t[2] + t[4] + t[7] */
+ "ADD r0, sp, #0x20\n\t"
+ "LDM r0, {r2, r3, r4}\n\t"
+ "ADDS r2, r2, lr\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r7\n\t"
+ "ADCS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STM r0!, {r2, r3, r4}\n\t"
+ /* a[11] += t[3] + t[5] + carry */
+ /* a[12] += t[4] + t[6] */
+ /* a[13] += t[5] + t[7] */
+ /* a[14] += t[6] */
+ /* a[15] += t[7] */
+ "LDM r0, {r0, r1, r2, r3, r4}\n\t"
+ "ADDS r0, r0, lr\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "MOV lr, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r8\n\t"
+ "ADCS r1, r1, r9\n\t"
+ "ADCS r2, r2, r10\n\t"
+ "ADCS r3, r3, r11\n\t"
+ "ADCS r4, r4, r12\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r0, r0, r10\n\t"
+ "ADCS r1, r1, r11\n\t"
+ "ADCS r2, r2, r12\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "STR r0, [sp, #44]\n\t"
+ "STR r1, [sp, #48]\n\t"
+ "STR r2, [sp, #52]\n\t"
+ "STR r3, [sp, #56]\n\t"
+ /* a[7..15] - t[0..7] */
+ "ADD r0, sp, #0x1c\n\t"
+ "LDM r0, {r0, r1, r2, r3}\n\t"
+ "SUBS r0, r0, r5\n\t"
+ "SBCS r1, r1, r6\n\t"
+ "SBCS r2, r2, r7\n\t"
+ "SBCS r3, r3, r8\n\t"
+ "ADD r0, sp, #0x2c\n\t"
+ "MOV r8, r4\n\t"
+ "LDM r0, {r4, r5, r6, r7}\n\t"
+ "SBCS r4, r4, r9\n\t"
+ "SBCS r5, r5, r10\n\t"
+ "SBCS r6, r6, r11\n\t"
+ "SBCS r7, r7, r12\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBC lr, lr, #0x0\n\t"
+ /* mask m and sub from result if overflow */
+ "RSB lr, lr, #0x0\n\t"
+ "SUBS r1, r1, lr\n\t"
+ "SBCS r2, r2, lr\n\t"
+ "SBCS r3, r3, lr\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, lr, LSR #31\n\t"
+ "SBC r8, r8, lr\n\t"
+ "LDR %[a], [sp, #64]\n\t"
+ "STM %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADD sp, sp, #0x44\n\t"
+ : [a] "+r" (a)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
(void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)mp_p;
+#else
(void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Reduce the number back to 256 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #32\n\t"
- "\n1:\n\t"
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_order_8_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #24\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
- /* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
-#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
/* a[i+6] += m[6] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
/* a[i+7] += m[7] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[7] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[7] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #24\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x20\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_256_mont_reduce_order_8_word\n\t"
+#else
+ "BLT.W L_sp_256_mont_reduce_order_8_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - ca);
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_256_mont_reduce_order_8_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #32]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #32]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x20\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_256_mont_reduce_order_8_word\n\t"
+#else
+ "BLT.W L_sp_256_mont_reduce_order_8_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
}
+#endif
+#endif /* WOLFSSL_SP_SMALL */
/* Map the Montgomery form projective coordinate point to an affine point.
*
* r Resulting affine coordinate point.
@@ -18834,68 +34803,63 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldr r4, [%[a],#0]\n\t"
- "ldr r5, [%[a],#4]\n\t"
- "ldr r6, [%[a],#8]\n\t"
- "ldr r8, [%[a],#12]\n\t"
- "ldr r9, [%[b],#0]\n\t"
- "ldr r10, [%[b],#4]\n\t"
- "ldr r11, [%[b],#8]\n\t"
- "ldr r14, [%[b],#12]\n\t"
- "adds r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r11\n\t"
- "adcs r8, r8, r14\n\t"
- "str r4, [%[r],#0]\n\t"
- "str r5, [%[r],#4]\n\t"
- "str r6, [%[r],#8]\n\t"
- "str r8, [%[r],#12]\n\t"
- "ldr r4, [%[a],#16]\n\t"
- "ldr r5, [%[a],#20]\n\t"
- "ldr r6, [%[a],#24]\n\t"
- "ldr r8, [%[a],#28]\n\t"
- "ldr r9, [%[b],#16]\n\t"
- "ldr r10, [%[b],#20]\n\t"
- "ldr r11, [%[b],#24]\n\t"
- "ldr r14, [%[b],#28]\n\t"
- "adcs r4, r4, r9\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r11\n\t"
- "adcs r8, r8, r14\n\t"
- "adc r3, r12, #0\n\t"
- "sub r3, r12, r3\n\t"
- "and r12, r3, #1\n\t"
- "ldr r9, [%[r],#0]\n\t"
- "ldr r10, [%[r],#4]\n\t"
- "ldr r11, [%[r],#8]\n\t"
- "ldr r14, [%[r],#12]\n\t"
- "subs r9, r9, r3\n\t"
- "sbcs r10, r10, r3\n\t"
- "sbcs r11, r11, r3\n\t"
- "sbcs r14, r14, #0\n\t"
- "sbcs r4, r4, #0\n\t"
- "sbcs r5, r5, #0\n\t"
- "sbcs r6, r6, r12\n\t"
- "sbc r8, r8, r3\n\t"
- "str r9, [%[r],#0]\n\t"
- "str r10, [%[r],#4]\n\t"
- "str r11, [%[r],#8]\n\t"
- "str r14, [%[r],#12]\n\t"
- "str r4, [%[r],#16]\n\t"
- "str r5, [%[r],#20]\n\t"
- "str r6, [%[r],#24]\n\t"
- "str r8, [%[r],#28]\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "ADDS r5, r5, r3\n\t"
+ "ADCS r6, r6, r4\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "ADCS r7, r7, r3\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "ADCS r9, r9, r3\n\t"
+ "ADCS r10, r10, r4\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "ADCS r11, r11, r3\n\t"
+ "ADCS r12, r12, r4\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "RSB lr, lr, #0x0\n\t"
+ "SUBS r5, r5, lr\n\t"
+ "SBCS r6, r6, lr\n\t"
+ "SBCS r7, r7, lr\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, #0x0\n\t"
+ "SBCS r11, r11, lr, LSR #31\n\t"
+ "SBCS r12, r12, lr\n\t"
+ "SBC %[b], %[b], %[b]\n\t"
+ "SUB lr, lr, %[b]\n\t"
+ "SUBS r5, r5, lr\n\t"
+ "SBCS r6, r6, lr\n\t"
+ "SBCS r7, r7, lr\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, #0x0\n\t"
+ "SBCS r11, r11, lr, LSR #31\n\t"
+ "SBC r12, r12, lr\n\t"
+ "STM %[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r3", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
/* Double a Montgomery form number (r = a + a % m).
@@ -18904,51 +34868,58 @@ SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldr r4, [%[a],#0]\n\t"
- "ldr r5, [%[a],#4]\n\t"
- "ldr r6, [%[a],#8]\n\t"
- "ldr r8, [%[a],#12]\n\t"
- "ldr r9, [%[a],#16]\n\t"
- "ldr r10, [%[a],#20]\n\t"
- "ldr r11, [%[a],#24]\n\t"
- "ldr r14, [%[a],#28]\n\t"
- "adds r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r11, r11, r11\n\t"
- "adcs r14, r14, r14\n\t"
- "adc r3, r12, #0\n\t"
- "sub r3, r12, r3\n\t"
- "and r12, r3, #1\n\t"
- "subs r4, r4, r3\n\t"
- "sbcs r5, r5, r3\n\t"
- "sbcs r6, r6, r3\n\t"
- "sbcs r8, r8, #0\n\t"
- "sbcs r9, r9, #0\n\t"
- "sbcs r10, r10, #0\n\t"
- "sbcs r11, r11, r12\n\t"
- "sbc r14, r14, r3\n\t"
- "str r4, [%[r],#0]\n\t"
- "str r5, [%[r],#4]\n\t"
- "str r6, [%[r],#8]\n\t"
- "str r8, [%[r],#12]\n\t"
- "str r9, [%[r],#16]\n\t"
- "str r10, [%[r],#20]\n\t"
- "str r11, [%[r],#24]\n\t"
- "str r14, [%[r],#28]\n\t"
+ "MOV r2, #0x0\n\t"
+ "LDM %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "RSB r2, r2, #0x0\n\t"
+ "SUBS r4, r4, r2\n\t"
+ "SBCS r5, r5, r2\n\t"
+ "SBCS r6, r6, r2\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, r2, LSR #31\n\t"
+ "SBCS r11, r11, r2\n\t"
+ "SBC %[a], %[a], %[a]\n\t"
+ "SUB r2, r2, %[a]\n\t"
+ "SUBS r4, r4, r2\n\t"
+ "SBCS r5, r5, r2\n\t"
+ "SBCS r6, r6, r2\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, r2, LSR #31\n\t"
+ "SBC r11, r11, r2\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r3", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
/* Triple a Montgomery form number (r = a + a + a % m).
@@ -18957,83 +34928,90 @@ SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a, const
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldr r2, [%[a],#0]\n\t"
- "ldr r3, [%[a],#4]\n\t"
- "ldr r4, [%[a],#8]\n\t"
- "ldr r5, [%[a],#12]\n\t"
- "ldr r6, [%[a],#16]\n\t"
- "ldr r8, [%[a],#20]\n\t"
- "ldr r9, [%[a],#24]\n\t"
- "ldr r10, [%[a],#28]\n\t"
- "adds r2, r2, r2\n\t"
- "adcs r3, r3, r3\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "mov r11, #0\n\t"
- "mov r14, #0\n\t"
- "adc r11, r11, r11\n\t"
- "mov r12, r11\n\t"
- "sub r11, r11, #1\n\t"
- "mvn r11, r11\n\t"
- "subs r2, r2, r11\n\t"
- "sbcs r3, r3, r11\n\t"
- "sbcs r4, r4, r11\n\t"
- "sbcs r5, r5, r14\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbcs r8, r8, r14\n\t"
- "sbcs r9, r9, r12\n\t"
- "sbc r10, r10, r11\n\t"
- "ldr r12, [%[a],#0]\n\t"
- "ldr r14, [%[a],#4]\n\t"
- "adds r2, r2, r12\n\t"
- "adcs r3, r3, r14\n\t"
- "ldr r12, [%[a],#8]\n\t"
- "ldr r14, [%[a],#12]\n\t"
- "adcs r4, r4, r12\n\t"
- "adcs r5, r5, r14\n\t"
- "ldr r12, [%[a],#16]\n\t"
- "ldr r14, [%[a],#20]\n\t"
- "adcs r6, r6, r12\n\t"
- "adcs r8, r8, r14\n\t"
- "ldr r12, [%[a],#24]\n\t"
- "ldr r14, [%[a],#28]\n\t"
- "adcs r9, r9, r12\n\t"
- "adcs r10, r10, r14\n\t"
- "mov r11, #0\n\t"
- "mov r14, #0\n\t"
- "adc r11, r11, r11\n\t"
- "mov r12, r11\n\t"
- "sub r11, r11, #1\n\t"
- "mvn r11, r11\n\t"
- "subs r2, r2, r11\n\t"
- "str r2, [%[r],#0]\n\t"
- "sbcs r3, r3, r11\n\t"
- "str r3, [%[r],#4]\n\t"
- "sbcs r4, r4, r11\n\t"
- "str r4, [%[r],#8]\n\t"
- "sbcs r5, r5, r14\n\t"
- "str r5, [%[r],#12]\n\t"
- "sbcs r6, r6, r14\n\t"
- "str r6, [%[r],#16]\n\t"
- "sbcs r8, r8, r14\n\t"
- "str r8, [%[r],#20]\n\t"
- "sbcs r9, r9, r12\n\t"
- "str r9, [%[r],#24]\n\t"
- "sbc r10, r10, r11\n\t"
- "str r10, [%[r],#28]\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "RSB r12, r12, #0x0\n\t"
+ "SUBS r4, r4, r12\n\t"
+ "SBCS r5, r5, r12\n\t"
+ "SBCS r6, r6, r12\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, r12, LSR #31\n\t"
+ "SBCS r11, r11, r12\n\t"
+ "SBC r2, r2, r2\n\t"
+ "SUB r12, r12, r2\n\t"
+ "SUBS r4, r4, r12\n\t"
+ "SBCS r5, r5, r12\n\t"
+ "SBCS r6, r6, r12\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, r12, LSR #31\n\t"
+ "SBC r11, r11, r12\n\t"
+ "LDM %[a]!, {r2, r3}\n\t"
+ "ADDS r4, r4, r2\n\t"
+ "ADCS r5, r5, r3\n\t"
+ "LDM %[a]!, {r2, r3}\n\t"
+ "ADCS r6, r6, r2\n\t"
+ "ADCS r7, r7, r3\n\t"
+ "LDM %[a]!, {r2, r3}\n\t"
+ "ADCS r8, r8, r2\n\t"
+ "ADCS r9, r9, r3\n\t"
+ "LDM %[a]!, {r2, r3}\n\t"
+ "ADCS r10, r10, r2\n\t"
+ "ADCS r11, r11, r3\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "RSB r12, r12, #0x0\n\t"
+ "SUBS r4, r4, r12\n\t"
+ "SBCS r5, r5, r12\n\t"
+ "SBCS r6, r6, r12\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, r12, LSR #31\n\t"
+ "SBCS r11, r11, r12\n\t"
+ "SBC r2, r2, r2\n\t"
+ "SUB r12, r12, r2\n\t"
+ "SUBS r4, r4, r12\n\t"
+ "SBCS r5, r5, r12\n\t"
+ "SBCS r6, r6, r12\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, r12, LSR #31\n\t"
+ "SBC r11, r11, r12\n\t"
+ "STM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r11", "r12", "r14", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "r12", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
/* Subtract two Montgomery form numbers (r = a - b % m).
@@ -19043,154 +35021,122 @@ SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a, const
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldr r4, [%[a],#0]\n\t"
- "ldr r5, [%[a],#4]\n\t"
- "ldr r6, [%[a],#8]\n\t"
- "ldr r8, [%[a],#12]\n\t"
- "ldr r9, [%[b],#0]\n\t"
- "ldr r10, [%[b],#4]\n\t"
- "ldr r11, [%[b],#8]\n\t"
- "ldr r14, [%[b],#12]\n\t"
- "subs r4, r4, r9\n\t"
- "sbcs r5, r5, r10\n\t"
- "sbcs r6, r6, r11\n\t"
- "sbcs r8, r8, r14\n\t"
- "str r4, [%[r],#0]\n\t"
- "str r5, [%[r],#4]\n\t"
- "str r6, [%[r],#8]\n\t"
- "str r8, [%[r],#12]\n\t"
- "ldr r4, [%[a],#16]\n\t"
- "ldr r5, [%[a],#20]\n\t"
- "ldr r6, [%[a],#24]\n\t"
- "ldr r8, [%[a],#28]\n\t"
- "ldr r9, [%[b],#16]\n\t"
- "ldr r10, [%[b],#20]\n\t"
- "ldr r11, [%[b],#24]\n\t"
- "ldr r14, [%[b],#28]\n\t"
- "sbcs r4, r4, r9\n\t"
- "sbcs r5, r5, r10\n\t"
- "sbcs r6, r6, r11\n\t"
- "sbcs r8, r8, r14\n\t"
- "sbc r3, r12, #0\n\t"
- "and r12, r3, #1\n\t"
- "ldr r9, [%[r],#0]\n\t"
- "ldr r10, [%[r],#4]\n\t"
- "ldr r11, [%[r],#8]\n\t"
- "ldr r14, [%[r],#12]\n\t"
- "adds r9, r9, r3\n\t"
- "adcs r10, r10, r3\n\t"
- "adcs r11, r11, r3\n\t"
- "adcs r14, r14, #0\n\t"
- "adcs r4, r4, #0\n\t"
- "adcs r5, r5, #0\n\t"
- "adcs r6, r6, r12\n\t"
- "adc r8, r8, r3\n\t"
- "str r9, [%[r],#0]\n\t"
- "str r10, [%[r],#4]\n\t"
- "str r11, [%[r],#8]\n\t"
- "str r14, [%[r],#12]\n\t"
- "str r4, [%[r],#16]\n\t"
- "str r5, [%[r],#20]\n\t"
- "str r6, [%[r],#24]\n\t"
- "str r8, [%[r],#28]\n\t"
+ "MOV lr, #0x0\n\t"
+ "LDM %[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "SUBS r5, r5, r3\n\t"
+ "SBCS r6, r6, r4\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "SBCS r7, r7, r3\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "SBCS r9, r9, r3\n\t"
+ "SBCS r10, r10, r4\n\t"
+ "LDM %[b]!, {r3, r4}\n\t"
+ "SBCS r11, r11, r3\n\t"
+ "SBCS r12, r12, r4\n\t"
+ "SBC lr, lr, #0x0\n\t"
+ "ADDS r5, r5, lr\n\t"
+ "ADCS r6, r6, lr\n\t"
+ "ADCS r7, r7, lr\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, lr, LSR #31\n\t"
+ "ADCS r12, r12, lr\n\t"
+ "ADC lr, lr, #0x0\n\t"
+ "ADDS r5, r5, lr\n\t"
+ "ADCS r6, r6, lr\n\t"
+ "ADCS r7, r7, lr\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, lr, LSR #31\n\t"
+ "ADC r12, r12, lr\n\t"
+ "STM %[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (r), [a] "r" (a), [b] "r" (b)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r3", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
-#define sp_256_mont_sub_lower_8 sp_256_mont_sub_8
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
*
* r Result of division by 2.
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_256_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "ldr r8, [%[a], #0]\n\t"
- "lsl r8, r8, #31\n\t"
- "lsr r8, r8, #31\n\t"
- "mov r5, #0\n\t"
- "sub r5, r5, r8\n\t"
- "mov r8, #0\n\t"
- "lsl r6, r5, #31\n\t"
- "lsr r6, r6, #31\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "adds r3, r3, r5\n\t"
- "adcs r4, r4, r5\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "adcs r3, r3, r5\n\t"
- "adcs r4, r4, r8\n\t"
- "str r3, [%[r], #8]\n\t"
- "str r4, [%[r], #12]\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "adcs r3, r3, r8\n\t"
- "adcs r4, r4, r8\n\t"
- "str r3, [%[r], #16]\n\t"
- "str r4, [%[r], #20]\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "adcs r3, r3, r6\n\t"
- "adcs r4, r4, r5\n\t"
- "adc r8, r8, r8\n\t"
- "lsl r8, r8, #31\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, #31\n\t"
- "lsr r6, r4, #1\n\t"
- "lsl r4, r4, #31\n\t"
- "orr r5, r5, r4\n\t"
- "orr r6, r6, r8\n\t"
- "mov r8, r3\n\t"
- "str r5, [%[r], #24]\n\t"
- "str r6, [%[r], #28]\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, #31\n\t"
- "lsr r6, r4, #1\n\t"
- "lsl r4, r4, #31\n\t"
- "orr r5, r5, r4\n\t"
- "orr r6, r6, r8\n\t"
- "mov r8, r3\n\t"
- "str r5, [%[r], #16]\n\t"
- "str r6, [%[r], #20]\n\t"
- "ldr r3, [%[a], #8]\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, #31\n\t"
- "lsr r6, r4, #1\n\t"
- "lsl r4, r4, #31\n\t"
- "orr r5, r5, r4\n\t"
- "orr r6, r6, r8\n\t"
- "mov r8, r3\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "ldr r3, [%[r], #0]\n\t"
- "ldr r4, [%[r], #4]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsr r6, r4, #1\n\t"
- "lsl r4, r4, #31\n\t"
- "orr r5, r5, r4\n\t"
- "orr r6, r6, r8\n\t"
- "str r5, [%[r], #0]\n\t"
- "str r6, [%[r], #4]\n\t"
+ "LDM %[a], {r4, r5, r6, r7}\n\t"
+ "AND r3, r4, #0x1\n\t"
+ "RSB r8, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r8\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "STM %[r], {r4, r5, r6, r7}\n\t"
+ "LDRD r4, r5, [%[a], #16]\n\t"
+ "LDRD r6, r7, [%[a], #24]\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, r8, LSR #31\n\t"
+ "ADCS r7, r7, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "LSR r8, r4, #1\n\t"
+ "LSR r9, r5, #1\n\t"
+ "LSR r10, r6, #1\n\t"
+ "LSR r11, r7, #1\n\t"
+ "ORR r8, r8, r5, LSL #31\n\t"
+ "ORR r9, r9, r6, LSL #31\n\t"
+ "ORR r10, r10, r7, LSL #31\n\t"
+ "ORR r11, r11, r3, LSL #31\n\t"
+ "MOV r3, r4\n\t"
+ "STRD r8, r9, [%[r], #16]\n\t"
+ "STRD r10, r11, [%[r], #24]\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LSR r8, r4, #1\n\t"
+ "LSR r9, r5, #1\n\t"
+ "LSR r10, r6, #1\n\t"
+ "LSR r11, r7, #1\n\t"
+ "ORR r8, r8, r5, LSL #31\n\t"
+ "ORR r9, r9, r6, LSL #31\n\t"
+ "ORR r10, r10, r7, LSL #31\n\t"
+ "ORR r11, r11, r3, LSL #31\n\t"
+ "STM %[r], {r8, r9, r10, r11}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : [r] "r" (r), [a] "r" (a), [m] "r" (m)
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "cc"
);
}
@@ -19238,7 +35184,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_8(t2, t2, p256_mod);
+ sp_256_mont_div2_8(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
@@ -19248,7 +35194,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
/* X = X - Y */
sp_256_mont_sub_8(x, x, y, p256_mod);
/* Y = Y - X */
- sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+ sp_256_mont_sub_8(y, y, x, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -19271,7 +35217,8 @@ typedef struct sp_256_proj_point_dbl_8_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
@@ -19345,7 +35292,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_8(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -19370,7 +35317,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 16:
/* Y = Y - X */
- sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -19431,12 +35378,12 @@ static int sp_256_iszero_8(const sp_digit* a)
static void sp_256_proj_point_add_8(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*8;
- sp_digit* t3 = t + 4*8;
- sp_digit* t4 = t + 6*8;
- sp_digit* t5 = t + 8*8;
- sp_digit* t6 = t + 10*8;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*8;
+ sp_digit* t2 = t + 4*8;
+ sp_digit* t3 = t + 6*8;
+ sp_digit* t4 = t + 8*8;
+ sp_digit* t5 = t + 10*8;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
@@ -19458,17 +35405,9 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
sp_256_proj_point_dbl_8(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_8(t2, t2, t1, p256_mod);
@@ -19487,20 +35426,31 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
sp_256_mont_dbl_8(t3, y, p256_mod);
sp_256_mont_sub_8(x, x, t3, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+ sp_256_mont_sub_8(y, y, x, p256_mod);
sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(y, y, t5, p256_mod);
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -19546,12 +35496,12 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*8;
- ctx->t3 = t + 4*8;
- ctx->t4 = t + 6*8;
- ctx->t5 = t + 8*8;
- ctx->t6 = t + 10*8;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*8;
+ ctx->t2 = t + 4*8;
+ ctx->t3 = t + 6*8;
+ ctx->t4 = t + 8*8;
+ ctx->t5 = t + 10*8;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -19658,7 +35608,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+ sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -19671,22 +35621,28 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -19706,7 +35662,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
@@ -19958,8 +35914,6 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
}
#ifdef FP_ECC
-#define sp_256_mont_dbl_lower_8 sp_256_mont_dbl_8
-#define sp_256_mont_tpl_lower_8 sp_256_mont_tpl_8
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -19998,7 +35952,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+ sp_256_mont_tpl_8(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -20007,8 +35961,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_dbl_8(t2, b, p256_mod);
sp_256_mont_sub_8(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+ sp_256_mont_sub_8(t2, b, x, p256_mod);
+ sp_256_mont_dbl_8(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -20028,7 +35982,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_8(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+ sp_256_mont_tpl_8(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -20037,8 +35991,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_dbl_8(t2, b, p256_mod);
sp_256_mont_sub_8(x, x, t2, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
- sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+ sp_256_mont_sub_8(t2, b, x, p256_mod);
+ sp_256_mont_dbl_8(b, t2, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -20048,7 +36002,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
sp_256_mont_sub_8(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_8(y, y, p256_mod);
+ sp_256_mont_div2_8(y, y, p256_mod);
}
/* Convert the projective point to affine.
@@ -20094,12 +36048,12 @@ typedef struct sp_table_entry_256 {
static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*8;
- sp_digit* t3 = t + 4*8;
- sp_digit* t4 = t + 6*8;
- sp_digit* t5 = t + 8*8;
- sp_digit* t6 = t + 10*8;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*8;
+ sp_digit* t6 = t + 4*8;
+ sp_digit* t1 = t + 6*8;
+ sp_digit* t4 = t + 8*8;
+ sp_digit* t5 = t + 10*8;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -20115,13 +36069,9 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
sp_256_proj_point_dbl_8(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
@@ -20130,33 +36080,40 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_8(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_8(x, t1, t5, p256_mod);
- sp_256_mont_dbl_8(t1, t3, p256_mod);
- sp_256_mont_sub_8(x, x, t1, p256_mod);
+ sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_8(t2, t2, t1, p256_mod);
+ sp_256_mont_dbl_8(t5, t3, p256_mod);
+ sp_256_mont_sub_8(x, t2, t5, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_8(t3, t3, x, p256_mod);
+ sp_256_mont_sub_8(t3, t3, x, p256_mod);
sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_8(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_8(y, t3, t5, p256_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 8; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 8; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_8(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 8; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 8; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -20257,7 +36214,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_16_8(sp_point_256* r,
@@ -20452,7 +36409,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -20523,8 +36480,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -20677,7 +36634,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_256_get_entry_256_8(sp_point_256* r,
@@ -20872,7 +36829,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -20943,8 +36900,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -21061,7 +37018,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -21072,7 +37029,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -22610,7 +38567,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -22632,7 +38589,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -22691,38 +38648,32 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
*
* a A single precision integer.
*/
-SP_NOINLINE static void sp_256_add_one_8(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_add_one_8(sp_digit* a_p)
+#else
+static void sp_256_add_one_8(sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r2, #1\n\t"
- "ldr r1, [%[a], #0]\n\t"
- "adds r1, r1, r2\n\t"
- "mov r2, #0\n\t"
- "str r1, [%[a], #0]\n\t"
- "ldr r1, [%[a], #4]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #4]\n\t"
- "ldr r1, [%[a], #8]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #8]\n\t"
- "ldr r1, [%[a], #12]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #12]\n\t"
- "ldr r1, [%[a], #16]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #16]\n\t"
- "ldr r1, [%[a], #20]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #20]\n\t"
- "ldr r1, [%[a], #24]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #24]\n\t"
- "ldr r1, [%[a], #28]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #28]\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADDS r1, r1, #0x1\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ : [a] "+r" (a)
:
- : [a] "r" (a)
- : "memory", "r1", "r2"
+ : "memory", "r1", "r2", "r3", "r4", "cc"
);
}
@@ -22817,7 +38768,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -22825,7 +38776,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -23101,126 +39052,272 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_in_place_8(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #32\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x20\n\t"
+ "\n"
+ "L_sp_256_sub_in_pkace_8_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_256_sub_in_pkace_8_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_256_sub_in_pkace_8_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#else
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_in_place_8(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #32\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_256_mul_d_8_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_256_mul_d_8_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_256_mul_d_8_word\n\t"
+#endif
+ "STR r3, [%[r], #32]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "STR r5, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)d1;
}
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -23230,49 +39327,69 @@ SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_256_word_8_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_256_word_8_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -23308,8 +39425,8 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[16], t2[9];
sp_digit div, r1;
@@ -23492,7 +39609,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
sp_256_mont_sqr_n_order_8(t2, t3, 4);
/* t = a^ff = t2 * t3 */
sp_256_mont_mul_order_8(t, t2, t3);
- /* t3= a^ff00 = t ^ 2 ^ 8 */
+ /* t2= a^ff00 = t ^ 2 ^ 8 */
sp_256_mont_sqr_n_order_8(t2, t, 8);
/* t = a^ffff = t2 * t */
sp_256_mont_mul_order_8(t, t2, t);
@@ -23509,7 +39626,11 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
/* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
sp_256_mont_mul_order_8(t2, t2, t);
/* t2= a^ffffffff00000000ffffffffffffffffbce6 */
- for (i=127; i>=112; i--) {
+ sp_256_mont_sqr_order_8(t2, t2);
+ sp_256_mont_mul_order_8(t2, t2, a);
+ sp_256_mont_sqr_n_order_8(t2, t2, 5);
+ sp_256_mont_mul_order_8(t2, t2, t3);
+ for (i=121; i>=112; i--) {
sp_256_mont_sqr_order_8(t2, t2);
if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
sp_256_mont_mul_order_8(t2, t2, a);
@@ -23914,48 +40035,137 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
#endif /* HAVE_ECC_SIGN */
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r11, #0x0\n\t"
+ "ADD r12, %[a], #0x20\n\t"
+ "\n"
+ "L_sp_256_sub_8_word:\n\t"
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC r11, r3, r3\n\t"
+ "CMP %[a], r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_sp_256_sub_8_word\n\t"
+#else
+ "BNE.N L_sp_256_sub_8_word\n\t"
+#endif
+ "MOV %[r], r11\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
+#else
static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r10, #0\n\t"
- "mov r9, #0\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "ldr r5, [%[a], #24]\n\t"
- "ldr r6, [%[a], #28]\n\t"
- "lsr r7, r3, #1\n\t"
- "and r3, r3, #1\n\t"
- "lsr r8, r4, #1\n\t"
- "lsr r10, r5, #1\n\t"
- "lsr r14, r6, #1\n\t"
- "orr r7, r7, r4, lsl #31\n\t"
- "orr r8, r8, r5, lsl #31\n\t"
- "orr r10, r10, r6, lsl #31\n\t"
- "orr r14, r14, r9, lsl #31\n\t"
- "mov r9, r3\n\t"
- "str r7, [%[r], #16]\n\t"
- "str r8, [%[r], #20]\n\t"
- "str r10, [%[r], #24]\n\t"
- "str r14, [%[r], #28]\n\t"
- "ldr r3, [%[r], #0]\n\t"
- "ldr r4, [%[r], #4]\n\t"
- "ldr r5, [%[r], #8]\n\t"
- "ldr r6, [%[r], #12]\n\t"
- "lsr r7, r3, #1\n\t"
- "lsr r8, r4, #1\n\t"
- "lsr r10, r5, #1\n\t"
- "lsr r14, r6, #1\n\t"
- "orr r7, r7, r4, lsl #31\n\t"
- "orr r8, r8, r5, lsl #31\n\t"
- "orr r10, r10, r6, lsl #31\n\t"
- "orr r14, r14, r9, lsl #31\n\t"
- "str r7, [%[r], #0]\n\t"
- "str r8, [%[r], #4]\n\t"
- "str r10, [%[r], #8]\n\t"
- "str r14, [%[r], #12]\n\t"
+ "MOV r10, #0x0\n\t"
+ "LDRD r2, r3, [%[a], #16]\n\t"
+ "LDRD r4, r5, [%[a], #24]\n\t"
+ "LSR r6, r2, #1\n\t"
+ "LSR r7, r3, #1\n\t"
+ "LSR r8, r4, #1\n\t"
+ "LSR r9, r5, #1\n\t"
+ "ORR r6, r6, r3, lsl #31\n\t"
+ "ORR r7, r7, r4, lsl #31\n\t"
+ "ORR r8, r8, r5, lsl #31\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "MOV r10, r2\n\t"
+ "STRD r6, r7, [%[r], #16]\n\t"
+ "STRD r8, r9, [%[r], #24]\n\t"
+ "LDRD r2, r3, [%[a]]\n\t"
+ "LDRD r4, r5, [%[a], #8]\n\t"
+ "LSR r6, r2, #1\n\t"
+ "LSR r7, r3, #1\n\t"
+ "LSR r8, r4, #1\n\t"
+ "LSR r9, r5, #1\n\t"
+ "ORR r6, r6, r3, lsl #31\n\t"
+ "ORR r7, r7, r4, lsl #31\n\t"
+ "ORR r8, r8, r5, lsl #31\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "STRD r6, r7, [%[r]]\n\t"
+ "STRD r8, r9, [%[r], #8]\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10", "r14", "r9"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -23965,156 +40175,222 @@ static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus.
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
static void sp_256_div2_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r10, #0\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "ands r9, r3, #1\n\t"
- "beq 1f\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[a], #8]\n\t"
- "ldr r6, [%[a], #12]\n\t"
- "ldr r7, [%[m], #0]\n\t"
- "ldr r8, [%[m], #4]\n\t"
- "ldr r10, [%[m], #8]\n\t"
- "ldr r14, [%[m], #12]\n\t"
- "adds r3, r3, r7\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r14\n\t"
- "str r3, [%[r], #0]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #8]\n\t"
- "str r6, [%[r], #12]\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "ldr r5, [%[a], #24]\n\t"
- "ldr r6, [%[a], #28]\n\t"
- "ldr r7, [%[m], #16]\n\t"
- "ldr r8, [%[m], #20]\n\t"
- "ldr r10, [%[m], #24]\n\t"
- "ldr r14, [%[m], #28]\n\t"
- "adcs r3, r3, r7\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r10\n\t"
- "adcs r6, r6, r14\n\t"
- "adc r9, r10, r10\n\t"
- "b 2f\n\t"
- "\n1:\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "ldr r5, [%[a], #24]\n\t"
- "ldr r6, [%[a], #28]\n\t"
- "\n2:\n\t"
- "lsr r7, r3, #1\n\t"
- "and r3, r3, #1\n\t"
- "lsr r8, r4, #1\n\t"
- "lsr r10, r5, #1\n\t"
- "lsr r14, r6, #1\n\t"
- "orr r7, r7, r4, lsl #31\n\t"
- "orr r8, r8, r5, lsl #31\n\t"
- "orr r10, r10, r6, lsl #31\n\t"
- "orr r14, r14, r9, lsl #31\n\t"
- "mov r9, r3\n\t"
- "str r7, [%[r], #16]\n\t"
- "str r8, [%[r], #20]\n\t"
- "str r10, [%[r], #24]\n\t"
- "str r14, [%[r], #28]\n\t"
- "ldr r3, [%[r], #0]\n\t"
- "ldr r4, [%[r], #4]\n\t"
- "ldr r5, [%[r], #8]\n\t"
- "ldr r6, [%[r], #12]\n\t"
- "lsr r7, r3, #1\n\t"
- "lsr r8, r4, #1\n\t"
- "lsr r10, r5, #1\n\t"
- "lsr r14, r6, #1\n\t"
- "orr r7, r7, r4, lsl #31\n\t"
- "orr r8, r8, r5, lsl #31\n\t"
- "orr r10, r10, r6, lsl #31\n\t"
- "orr r14, r14, r9, lsl #31\n\t"
- "str r7, [%[r], #0]\n\t"
- "str r8, [%[r], #4]\n\t"
- "str r10, [%[r], #8]\n\t"
- "str r14, [%[r], #12]\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "ANDS r3, r4, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_div2_mod_8_even\n\t"
+#else
+ "BEQ.N L_sp_256_div2_mod_8_even\n\t"
+#endif
+ "LDM %[a]!, {r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "ADC r3, r12, r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_div2_mod_8_div2\n\t"
+#else
+ "B.N L_sp_256_div2_mod_8_div2\n\t"
+#endif
+ "\n"
+ "L_sp_256_div2_mod_8_even:\n\t"
+ "LDRD r4, r5, [%[a], #12]\n\t"
+ "LDRD r6, r7, [%[a], #20]\n\t"
+ "\n"
+ "L_sp_256_div2_mod_8_div2:\n\t"
+ "LSR r8, r4, #1\n\t"
+ "AND r4, r4, #0x1\n\t"
+ "LSR r9, r5, #1\n\t"
+ "LSR r10, r6, #1\n\t"
+ "LSR r11, r7, #1\n\t"
+ "ORR r8, r8, r5, lsl #31\n\t"
+ "ORR r9, r9, r6, lsl #31\n\t"
+ "ORR r10, r10, r7, lsl #31\n\t"
+ "ORR r11, r11, r3, lsl #31\n\t"
+ "MOV r3, r4\n\t"
+ "STRD r8, r9, [%[r], #16]\n\t"
+ "STRD r10, r11, [%[r], #24]\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LSR r8, r4, #1\n\t"
+ "LSR r9, r5, #1\n\t"
+ "LSR r10, r6, #1\n\t"
+ "LSR r11, r7, #1\n\t"
+ "ORR r8, r8, r5, lsl #31\n\t"
+ "ORR r9, r9, r6, lsl #31\n\t"
+ "ORR r10, r10, r7, lsl #31\n\t"
+ "ORR r11, r11, r3, lsl #31\n\t"
+ "STM %[r], {r8, r9, r10, r11}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : [r] "r" (r), [a] "r" (a), [m] "r" (m)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10", "r14", "r9"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
}
-static int sp_256_num_bits_8(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_256_num_bits_8(const sp_digit* a_p)
+#else
+static int sp_256_num_bits_8(const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- int r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldr r2, [%[a], #28]\n\t"
- "cmp r2, #0\n\t"
- "beq 7f\n\t"
- "mov r3, #256\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n7:\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "cmp r2, #0\n\t"
- "beq 6f\n\t"
- "mov r3, #224\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n6:\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "cmp r2, #0\n\t"
- "beq 5f\n\t"
- "mov r3, #192\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n5:\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "cmp r2, #0\n\t"
- "beq 4f\n\t"
- "mov r3, #160\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n4:\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "cmp r2, #0\n\t"
- "beq 3f\n\t"
- "mov r3, #128\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n3:\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "cmp r2, #0\n\t"
- "beq 2f\n\t"
- "mov r3, #96\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n2:\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "cmp r2, #0\n\t"
- "beq 1f\n\t"
- "mov r3, #64\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 9f\n\t"
- "\n1:\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "mov r3, #32\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "\n9:\n\t"
- : [r] "+r" (r)
- : [a] "r" (a)
- : "r2", "r3"
+ "LDR r1, [%[a], #28]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_7\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_7\n\t"
+#endif
+ "MOV r2, #0x100\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_7:\n\t"
+ "LDR r1, [%[a], #24]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_6\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_6\n\t"
+#endif
+ "MOV r2, #0xe0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_6:\n\t"
+ "LDR r1, [%[a], #20]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_5\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_5\n\t"
+#endif
+ "MOV r2, #0xc0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_5:\n\t"
+ "LDR r1, [%[a], #16]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_4\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_4\n\t"
+#endif
+ "MOV r2, #0xa0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_4:\n\t"
+ "LDR r1, [%[a], #12]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_3\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_3\n\t"
+#endif
+ "MOV r2, #0x80\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_3:\n\t"
+ "LDR r1, [%[a], #8]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_2\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_2\n\t"
+#endif
+ "MOV r2, #0x60\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_2:\n\t"
+ "LDR r1, [%[a], #4]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_256_num_bits_8_1\n\t"
+#else
+ "BEQ.N L_sp_256_num_bits_8_1\n\t"
+#endif
+ "MOV r2, #0x40\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_256_num_bits_8_9\n\t"
+#else
+ "B.N L_sp_256_num_bits_8_9\n\t"
+#endif
+ "\n"
+ "L_sp_256_num_bits_8_1:\n\t"
+ "LDR r1, [%[a]]\n\t"
+ "MOV r2, #0x20\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+ "\n"
+ "L_sp_256_num_bits_8_9:\n\t"
+ "MOV %[a], r4\n\t"
+ : [a] "+r" (a)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Non-constant time modular inversion.
@@ -24160,7 +40436,7 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_256_cmp_8(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
sp_256_sub_8(u, u, v);
o = sp_256_sub_8(b, b, d);
if (o != 0)
@@ -24237,7 +40513,7 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -24561,7 +40837,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -24589,19 +40865,21 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 8;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_8(t1, point->y);
(void)sp_256_mod_8(t1, t1, p256_mod);
sp_256_sqr_8(t2, point->x);
(void)sp_256_mod_8(t2, t2, p256_mod);
sp_256_mul_8(t2, t2, point->x);
(void)sp_256_mod_8(t2, t2, p256_mod);
- (void)sp_256_sub_8(t2, p256_mod, t2);
- sp_256_mont_add_8(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_8(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
sp_256_mont_add_8(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_8(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -24615,7 +40893,7 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -25200,401 +41478,2029 @@ static const sp_digit p384_b[12] = {
};
#endif
+#ifdef WOLFSSL_SP_SMALL
/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_384_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[12 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #48\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #44\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x60\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_384_mul_12_outer:\n\t"
+ "SUBS r3, r5, #0x2c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_384_mul_12_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_384_mul_12_inner_done\n\t"
+#else
+ "BGT.N L_sp_384_mul_12_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BLT L_sp_384_mul_12_inner\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BLT.N L_sp_384_mul_12_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_384_mul_12_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x54\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #88\n\t"
- "cmp r8, r6\n\t"
+ "BLE L_sp_384_mul_12_outer\n\t"
+#else
+ "BLE.N L_sp_384_mul_12_outer\n\t"
+#endif
+ "LDR lr, [%[a], #44]\n\t"
+ "LDR r11, [%[b], #44]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_384_mul_12_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BGT L_sp_384_mul_12_store\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BGT.N L_sp_384_mul_12_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
-/* Square a and put result in r. (r = a * a)
+#else
+/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
+ * b A single precision integer.
*/
-SP_NOINLINE static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_384_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #96\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #44\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #48\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
-#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
-#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #88\n\t"
- "cmp r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #92\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
-#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #96\n\t"
- "add sp, sp, r6\n\t"
+ "SUB sp, sp, #0x30\n\t"
+ /* A[0] * B[0] */
+ "LDR r11, [%[a]]\n\t"
+ "LDR r12, [%[b]]\n\t"
+ "UMULL r3, r4, r11, r12\n\t"
+ "MOV r5, #0x0\n\t"
+ "STR r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[0] */
+ "LDR r8, [%[a], #4]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ /* A[2] * B[0] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[1] */
+ "LDR r11, [%[a], #4]\n\t"
+ "LDR r12, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[2] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[0] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[2] */
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[1] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[0] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #12]\n\t"
+ /* A[4] * B[0] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[1] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[2] */
+ "LDR r11, [%[a], #8]\n\t"
+ "LDR r12, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[3] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[4] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #16]\n\t"
+ /* A[0] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[4] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[2] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[1] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[0] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #20]\n\t"
+ /* A[6] * B[0] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[1] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[2] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[3] */
+ "LDR r11, [%[a], #12]\n\t"
+ "LDR r12, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[4] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[5] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[0] * B[6] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #24]\n\t"
+ /* A[0] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[6] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[5] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[4] */
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[3] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[2] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[1] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[0] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* A[8] * B[0] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[1] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[2] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[3] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[4] */
+ "LDR r11, [%[a], #16]\n\t"
+ "LDR r12, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[5] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[6] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[7] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[8] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #32]\n\t"
+ /* A[0] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[8] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[7] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[6] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[4] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[3] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[2] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[1] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[0] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #36]\n\t"
+ /* A[10] * B[0] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[1] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[2] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[3] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[4] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[5] */
+ "LDR r11, [%[a], #20]\n\t"
+ "LDR r12, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[6] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[7] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[8] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[9] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[10] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #40]\n\t"
+ /* A[0] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[10] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[9] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[8] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[7] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[6] */
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[5] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[4] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[3] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[2] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[1] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[0] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #44]\n\t"
+ /* A[11] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[2] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[3] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[4] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[5] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[6] */
+ "LDR r11, [%[a], #24]\n\t"
+ "LDR r12, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[7] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[8] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[9] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[10] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[11] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #48]\n\t"
+ /* A[2] * B[11] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[10] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[9] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[8] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[6] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[5] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[4] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[3] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[2] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #52]\n\t"
+ /* A[11] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[4] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[5] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[6] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[7] */
+ "LDR r11, [%[a], #28]\n\t"
+ "LDR r12, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[8] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[9] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[10] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[11] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #56]\n\t"
+ /* A[4] * B[11] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[10] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[9] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[8] */
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[7] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[6] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[5] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[4] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #60]\n\t"
+ /* A[11] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[6] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[7] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[8] */
+ "LDR r11, [%[a], #32]\n\t"
+ "LDR r12, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[9] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[10] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[11] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #64]\n\t"
+ /* A[6] * B[11] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[10] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[8] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[7] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[6] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #68]\n\t"
+ /* A[11] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[8] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[9] */
+ "LDR r11, [%[a], #36]\n\t"
+ "LDR r12, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[10] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[11] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #72]\n\t"
+ /* A[8] * B[11] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[10] */
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[9] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[8] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #76]\n\t"
+ /* A[11] * B[9] */
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[10] */
+ "LDR r11, [%[a], #40]\n\t"
+ "LDR r12, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[11] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #80]\n\t"
+ /* A[10] * B[11] */
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[10] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #84]\n\t"
+ /* A[11] * B[11] */
+ "UMLAL r4, r5, r8, r9\n\t"
+ "STR r4, [%[r], #88]\n\t"
+ "STR r5, [%[r], #92]\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
+#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
- * b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #48\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "SUB sp, sp, #0x60\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_384_sqr_12_outer:\n\t"
+ "SUBS r3, r5, #0x2c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_384_sqr_12_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_384_sqr_12_inner_done\n\t"
+#else
+ "BGT.N L_sp_384_sqr_12_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BLT L_sp_384_sqr_12_inner\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BLT.N L_sp_384_sqr_12_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_384_sqr_12_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x54\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLE L_sp_384_sqr_12_outer\n\t"
+#else
+ "BLE.N L_sp_384_sqr_12_outer\n\t"
+#endif
+ "LDR lr, [%[a], #44]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_384_sqr_12_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_384_sqr_12_store\n\t"
+#else
+ "BGT.N L_sp_384_sqr_12_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- return c;
}
#else
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
- * b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "SUB sp, sp, #0x30\n\t"
+ /* A[0] * A[0] */
+ "LDR r10, [%[a]]\n\t"
+ "UMULL r8, r3, r10, r10\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r8, [sp]\n\t"
+ /* A[0] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #4]\n\t"
+ /* A[0] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #8]\n\t"
+ /* A[0] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [sp, #12]\n\t"
+ /* A[0] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[1] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[2] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #16]\n\t"
+ /* A[0] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #20]\n\t"
+ /* A[0] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #24]\n\t"
+ /* A[0] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #28]\n\t"
+ /* A[0] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #32]\n\t"
+ /* A[0] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #36]\n\t"
+ /* A[0] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #40]\n\t"
+ /* A[0] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #44]\n\t"
+ /* A[1] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[2] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #48]\n\t"
+ /* A[2] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[3] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #52]\n\t"
+ /* A[3] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[4] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #56]\n\t"
+ /* A[4] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[5] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #60]\n\t"
+ /* A[5] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[6] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #64]\n\t"
+ /* A[6] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[7] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ /* A[7] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [%[r], #72]\n\t"
+ /* A[8] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[9] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [%[r], #76]\n\t"
+ /* A[9] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ /* A[10] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [%[r], #84]\n\t"
+ /* A[11] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "UMLAL r3, r4, r10, r10\n\t"
+ "STR r3, [%[r], #88]\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
-
- return c;
}
#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "add r6, r6, #48\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x30\n\t"
+ "\n"
+ "L_sp_384_add_12_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_384_add_12_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_384_add_12_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#else
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -25710,14 +43616,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -25895,6 +43801,7 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
return err;
}
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -25903,143 +43810,385 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #48\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_384_cond_sub_12_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x30\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_384_cond_sub_12_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_384_cond_sub_12_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
#define sp_384_mont_reduce_order_12 sp_384_mont_reduce_12
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Reduce the number back to 384 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #48\n\t"
- "\n1:\n\t"
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_384_mont_reduce_12_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #40\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
- /* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
-#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
/* a[i+10] += m[10] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
/* a[i+11] += m[11] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[11] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[11] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #40\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x30\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_384_mont_reduce_12_word\n\t"
+#else
+ "BLT.W L_sp_384_mont_reduce_12_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 384 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - ca);
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_384_mont_reduce_12_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #48]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #48]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x30\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_384_mont_reduce_12_word\n\t"
+#else
+ "BLT.W L_sp_384_mont_reduce_12_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
}
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -26047,7 +44196,7 @@ SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -26061,7 +44210,7 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -26077,10 +44226,10 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_12(r, a, m, mp);
for (; n > 1; n--) {
@@ -26189,44 +44338,181 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_384_cmp_12(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #44\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x2c\n\t"
+ "\n"
+ "L_sp_384_cmp_12_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_384_cmp_12_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Normalize the values in each word to 32.
@@ -26282,9 +44568,19 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
sp_digit o;
o = sp_384_add_12(r, a, b);
@@ -26297,8 +44593,18 @@ SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
sp_digit o;
o = sp_384_add_12(r, a, a);
@@ -26311,8 +44617,18 @@ SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r, const sp_digit* a, const
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
sp_digit o;
o = sp_384_add_12(r, a, a);
@@ -26321,6 +44637,104 @@ SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const
sp_384_cond_sub_12(r, r, m, 0 - o);
}
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r11, #0x0\n\t"
+ "ADD r12, %[a], #0x30\n\t"
+ "\n"
+ "L_sp_384_sub_12_word:\n\t"
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC r11, r3, r3\n\t"
+ "CMP %[a], r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_sp_384_sub_12_word\n\t"
+#else
+ "BNE.N L_sp_384_sub_12_word\n\t"
+#endif
+ "MOV %[r], r11\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -26329,39 +44743,122 @@ SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const
* b A single precision number to add.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
- sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #48\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "adds r5, %[c], #-1\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "adcs r5, r5, r6\n\t"
- "mov %[c], #0\n\t"
- "adcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_384_cond_add_12_words:\n\t"
+ "ADDS r5, r5, #0xffffffff\n\t"
+ "LDR r6, [%[a], r4]\n\t"
+ "LDR r7, [%[b], r4]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "ADCS r6, r6, r7\n\t"
+ "ADC r5, r8, r8\n\t"
+ "STR r6, [%[r], r4]\n\t"
+ "ADD r4, r4, #0x4\n\t"
+ "CMP r4, #0x30\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_384_cond_add_12_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_384_cond_add_12_words\n\t"
+#endif
+ "MOV %[r], r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r A single precision number representing conditional add result.
+ * a A single precision number to add with.
+ * b A single precision number to add.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r10, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADDS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "ADC %[r], r10, r10\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
/* Subtract two Montgomery form numbers (r = a - b % m).
*
* r Result of subtration.
@@ -26369,69 +44866,89 @@ SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, c
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
sp_digit o;
o = sp_384_sub_12(r, a, b);
sp_384_cond_add_12(r, r, m, o);
}
-#define sp_384_mont_sub_lower_12 sp_384_mont_sub_12
+#ifdef WOLFSSL_SP_SMALL
+#else
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
+#else
static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "lsr r2, r2, #1\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r2, [%[r], #0]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r3, [%[r], #4]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r4, [%[r], #8]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r2, [%[r], #12]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r3, [%[r], #16]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r4, [%[r], #20]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r2, [%[r], #24]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r3, [%[r], #28]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r4, [%[r], #32]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r2, [%[r], #36]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "str r3, [%[r], #40]\n\t"
- "str r4, [%[r], #44]\n\t"
+ "LDM %[a], {r2, r3}\n\t"
+ "LSR r2, r2, #1\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "STR r2, [%[r]]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #12]\n\t"
+ "STR r3, [%[r], #4]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #16]\n\t"
+ "STR r4, [%[r], #8]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "STR r2, [%[r], #12]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #24]\n\t"
+ "STR r3, [%[r], #16]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #28]\n\t"
+ "STR r4, [%[r], #20]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "STR r2, [%[r], #24]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #36]\n\t"
+ "STR r3, [%[r], #28]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #40]\n\t"
+ "STR r4, [%[r], #32]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "STR r2, [%[r], #36]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "STR r3, [%[r], #40]\n\t"
+ "STR r4, [%[r], #44]\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4"
+ : "memory", "r2", "r3", "r4", "cc"
);
}
@@ -26441,7 +44958,7 @@ static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_384_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
{
sp_digit o;
@@ -26494,7 +45011,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_12(t2, t2, p384_mod);
+ sp_384_mont_div2_12(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -26504,7 +45021,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_12(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+ sp_384_mont_sub_12(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -26527,7 +45044,8 @@ typedef struct sp_384_proj_point_dbl_12_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
@@ -26601,7 +45119,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_12(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -26626,7 +45144,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -26689,12 +45207,12 @@ static int sp_384_iszero_12(const sp_digit* a)
static void sp_384_proj_point_add_12(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*12;
- sp_digit* t3 = t + 4*12;
- sp_digit* t4 = t + 6*12;
- sp_digit* t5 = t + 8*12;
- sp_digit* t6 = t + 10*12;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*12;
+ sp_digit* t2 = t + 4*12;
+ sp_digit* t3 = t + 6*12;
+ sp_digit* t4 = t + 8*12;
+ sp_digit* t5 = t + 10*12;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
@@ -26716,17 +45234,9 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
sp_384_proj_point_dbl_12(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_12(t2, t2, t1, p384_mod);
@@ -26745,20 +45255,31 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
sp_384_mont_dbl_12(t3, y, p384_mod);
sp_384_mont_sub_12(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+ sp_384_mont_sub_12(y, y, x, p384_mod);
sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(y, y, t5, p384_mod);
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -26804,12 +45325,12 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*12;
- ctx->t3 = t + 4*12;
- ctx->t4 = t + 6*12;
- ctx->t5 = t + 8*12;
- ctx->t6 = t + 10*12;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*12;
+ ctx->t2 = t + 4*12;
+ ctx->t3 = t + 6*12;
+ ctx->t4 = t + 8*12;
+ ctx->t5 = t + 10*12;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -26916,7 +45437,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -26929,22 +45450,28 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -26964,7 +45491,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
@@ -27240,8 +45767,6 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
}
#ifdef FP_ECC
-#define sp_384_mont_dbl_lower_12 sp_384_mont_dbl_12
-#define sp_384_mont_tpl_lower_12 sp_384_mont_tpl_12
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -27280,7 +45805,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+ sp_384_mont_tpl_12(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -27289,8 +45814,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_dbl_12(t2, b, p384_mod);
sp_384_mont_sub_12(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+ sp_384_mont_sub_12(t2, b, x, p384_mod);
+ sp_384_mont_dbl_12(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -27310,7 +45835,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_12(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+ sp_384_mont_tpl_12(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -27319,8 +45844,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_dbl_12(t2, b, p384_mod);
sp_384_mont_sub_12(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+ sp_384_mont_sub_12(t2, b, x, p384_mod);
+ sp_384_mont_dbl_12(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -27330,7 +45855,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
sp_384_mont_sub_12(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_12(y, y, p384_mod);
+ sp_384_mont_div2_12(y, y, p384_mod);
}
/* Convert the projective point to affine.
@@ -27376,12 +45901,12 @@ typedef struct sp_table_entry_384 {
static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*12;
- sp_digit* t3 = t + 4*12;
- sp_digit* t4 = t + 6*12;
- sp_digit* t5 = t + 8*12;
- sp_digit* t6 = t + 10*12;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*12;
+ sp_digit* t6 = t + 4*12;
+ sp_digit* t1 = t + 6*12;
+ sp_digit* t4 = t + 8*12;
+ sp_digit* t5 = t + 10*12;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -27397,13 +45922,9 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
sp_384_proj_point_dbl_12(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
@@ -27412,33 +45933,40 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_12(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_12(x, t1, t5, p384_mod);
- sp_384_mont_dbl_12(t1, t3, p384_mod);
- sp_384_mont_sub_12(x, x, t1, p384_mod);
+ sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_12(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_12(t5, t3, p384_mod);
+ sp_384_mont_sub_12(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_12(t3, t3, x, p384_mod);
+ sp_384_mont_sub_12(t3, t3, x, p384_mod);
sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_12(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_12(y, t3, t5, p384_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 12; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 12; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_12(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 12; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 12; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -27539,7 +46067,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_16_12(sp_point_384* r,
@@ -27750,7 +46278,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -27821,8 +46349,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -27975,7 +46503,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_384_get_entry_256_12(sp_point_384* r,
@@ -28186,7 +46714,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -28257,8 +46785,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -28375,7 +46903,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -28386,7 +46914,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -29924,7 +48452,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -29946,7 +48474,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -30005,50 +48533,38 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
*
* a A single precision integer.
*/
-SP_NOINLINE static void sp_384_add_one_12(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_add_one_12(sp_digit* a_p)
+#else
+static void sp_384_add_one_12(sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r2, #1\n\t"
- "ldr r1, [%[a], #0]\n\t"
- "adds r1, r1, r2\n\t"
- "mov r2, #0\n\t"
- "str r1, [%[a], #0]\n\t"
- "ldr r1, [%[a], #4]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #4]\n\t"
- "ldr r1, [%[a], #8]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #8]\n\t"
- "ldr r1, [%[a], #12]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #12]\n\t"
- "ldr r1, [%[a], #16]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #16]\n\t"
- "ldr r1, [%[a], #20]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #20]\n\t"
- "ldr r1, [%[a], #24]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #24]\n\t"
- "ldr r1, [%[a], #28]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #28]\n\t"
- "ldr r1, [%[a], #32]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #32]\n\t"
- "ldr r1, [%[a], #36]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #36]\n\t"
- "ldr r1, [%[a], #40]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #40]\n\t"
- "ldr r1, [%[a], #44]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #44]\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADDS r1, r1, #0x1\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ : [a] "+r" (a)
:
- : [a] "r" (a)
- : "memory", "r1", "r2"
+ : "memory", "r1", "r2", "r3", "r4", "cc"
);
}
@@ -30143,7 +48659,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -30151,7 +48667,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -30427,136 +48943,299 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_in_place_12(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #48\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x30\n\t"
+ "\n"
+ "L_sp_384_sub_in_pkace_12_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_384_sub_in_pkace_12_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_384_sub_in_pkace_12_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#else
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_in_place_12(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #48\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_384_mul_d_12_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x30\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_384_mul_d_12_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_384_mul_d_12_word\n\t"
+#endif
+ "STR r3, [%[r], #48]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "STR r3, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)d1;
}
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -30566,49 +49245,69 @@ SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_384_word_12_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_384_word_12_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -30648,8 +49347,8 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[24], t2[13];
sp_digit div, r1;
@@ -31231,245 +49930,328 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
* a Number to divide.
* m Modulus.
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
static void sp_384_div2_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "ldr r4, [%[a]]\n\t"
- "ands r8, r4, #1\n\t"
- "beq 1f\n\t"
- "mov r12, #0\n\t"
- "ldr r5, [%[a], #4]\n\t"
- "ldr r6, [%[a], #8]\n\t"
- "ldr r7, [%[a], #12]\n\t"
- "ldr r8, [%[m], #0]\n\t"
- "ldr r9, [%[m], #4]\n\t"
- "ldr r10, [%[m], #8]\n\t"
- "ldr r14, [%[m], #12]\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #0]\n\t"
- "str r5, [%[r], #4]\n\t"
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #20]\n\t"
- "ldr r6, [%[a], #24]\n\t"
- "ldr r7, [%[a], #28]\n\t"
- "ldr r8, [%[m], #16]\n\t"
- "ldr r9, [%[m], #20]\n\t"
- "ldr r10, [%[m], #24]\n\t"
- "ldr r14, [%[m], #28]\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #16]\n\t"
- "str r5, [%[r], #20]\n\t"
- "str r6, [%[r], #24]\n\t"
- "str r7, [%[r], #28]\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "ldr r5, [%[a], #36]\n\t"
- "ldr r6, [%[a], #40]\n\t"
- "ldr r7, [%[a], #44]\n\t"
- "ldr r8, [%[m], #32]\n\t"
- "ldr r9, [%[m], #36]\n\t"
- "ldr r10, [%[m], #40]\n\t"
- "ldr r14, [%[m], #44]\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #32]\n\t"
- "str r5, [%[r], #36]\n\t"
- "str r6, [%[r], #40]\n\t"
- "str r7, [%[r], #44]\n\t"
- "adc r8, r12, r12\n\t"
- "b 2f\n\t"
- "\n1:\n\t"
- "ldr r5, [%[a], #2]\n\t"
- "str r4, [%[r], #0]\n\t"
- "str r5, [%[r], #2]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[a], #6]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #6]\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #10]\n\t"
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #10]\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "ldr r5, [%[a], #14]\n\t"
- "str r4, [%[r], #12]\n\t"
- "str r5, [%[r], #14]\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #18]\n\t"
- "str r4, [%[r], #16]\n\t"
- "str r5, [%[r], #18]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "ldr r5, [%[a], #22]\n\t"
- "str r4, [%[r], #20]\n\t"
- "str r5, [%[r], #22]\n\t"
- "\n2:\n\t"
- "ldr r3, [%[r]]\n\t"
- "ldr r4, [%[r], #4]\n\t"
- "lsr r3, r3, #1\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #8]\n\t"
- "str r3, [%[r], #0]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r4, [%[r], #4]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r5, [%[r], #8]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #20]\n\t"
- "str r3, [%[r], #12]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r4, [%[r], #16]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r5, [%[r], #20]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #32]\n\t"
- "str r3, [%[r], #24]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r4, [%[r], #28]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r5, [%[r], #32]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #44]\n\t"
- "str r3, [%[r], #36]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "orr r5, r5, r8, lsl #31\n\t"
- "str r4, [%[r], #40]\n\t"
- "str r5, [%[r], #44]\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "ANDS r3, r4, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_div2_mod_12_even\n\t"
+#else
+ "BEQ.N L_sp_384_div2_mod_12_even\n\t"
+#endif
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "ADC r3, r12, r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_div2_mod_12_div2\n\t"
+#else
+ "B.N L_sp_384_div2_mod_12_div2\n\t"
+#endif
+ "\n"
+ "L_sp_384_div2_mod_12_even:\n\t"
+ "LDM %[a]!, {r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "\n"
+ "L_sp_384_div2_mod_12_div2:\n\t"
+ "SUB %[r], %[r], #0x30\n\t"
+ "LDRD r8, r9, [%[r]]\n\t"
+ "LSR r8, r8, #1\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #8]\n\t"
+ "STR r8, [%[r]]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #12]\n\t"
+ "STR r9, [%[r], #4]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #16]\n\t"
+ "STR r10, [%[r], #8]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #20]\n\t"
+ "STR r8, [%[r], #12]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #24]\n\t"
+ "STR r9, [%[r], #16]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #28]\n\t"
+ "STR r10, [%[r], #20]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #32]\n\t"
+ "STR r8, [%[r], #24]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #36]\n\t"
+ "STR r9, [%[r], #28]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #40]\n\t"
+ "STR r10, [%[r], #32]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #44]\n\t"
+ "STR r8, [%[r], #36]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "ORR r10, r10, r3, lsl #31\n\t"
+ "STR r9, [%[r], #40]\n\t"
+ "STR r10, [%[r], #44]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : [r] "r" (r), [a] "r" (a), [m] "r" (m)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
}
-static int sp_384_num_bits_12(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_384_num_bits_12(const sp_digit* a_p)
+#else
+static int sp_384_num_bits_12(const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- int r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldr r2, [%[a], #44]\n\t"
- "cmp r2, #0\n\t"
- "beq 11f\n\t"
- "mov r3, #384\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n11:\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "cmp r2, #0\n\t"
- "beq 10f\n\t"
- "mov r3, #352\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n10:\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "cmp r2, #0\n\t"
- "beq 9f\n\t"
- "mov r3, #320\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n9:\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "cmp r2, #0\n\t"
- "beq 8f\n\t"
- "mov r3, #288\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n8:\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "cmp r2, #0\n\t"
- "beq 7f\n\t"
- "mov r3, #256\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n7:\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "cmp r2, #0\n\t"
- "beq 6f\n\t"
- "mov r3, #224\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n6:\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "cmp r2, #0\n\t"
- "beq 5f\n\t"
- "mov r3, #192\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n5:\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "cmp r2, #0\n\t"
- "beq 4f\n\t"
- "mov r3, #160\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n4:\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "cmp r2, #0\n\t"
- "beq 3f\n\t"
- "mov r3, #128\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n3:\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "cmp r2, #0\n\t"
- "beq 2f\n\t"
- "mov r3, #96\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n2:\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "cmp r2, #0\n\t"
- "beq 1f\n\t"
- "mov r3, #64\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 13f\n\t"
- "\n1:\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "mov r3, #32\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "\n13:\n\t"
- : [r] "+r" (r)
- : [a] "r" (a)
- : "r2", "r3"
+ "LDR r1, [%[a], #44]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_11\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_11\n\t"
+#endif
+ "MOV r2, #0x180\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_11:\n\t"
+ "LDR r1, [%[a], #40]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_10\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_10\n\t"
+#endif
+ "MOV r2, #0x160\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_10:\n\t"
+ "LDR r1, [%[a], #36]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_9\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_9\n\t"
+#endif
+ "MOV r2, #0x140\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_9:\n\t"
+ "LDR r1, [%[a], #32]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_8\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_8\n\t"
+#endif
+ "MOV r2, #0x120\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_8:\n\t"
+ "LDR r1, [%[a], #28]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_7\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_7\n\t"
+#endif
+ "MOV r2, #0x100\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_7:\n\t"
+ "LDR r1, [%[a], #24]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_6\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_6\n\t"
+#endif
+ "MOV r2, #0xe0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_6:\n\t"
+ "LDR r1, [%[a], #20]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_5\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_5\n\t"
+#endif
+ "MOV r2, #0xc0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_5:\n\t"
+ "LDR r1, [%[a], #16]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_4\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_4\n\t"
+#endif
+ "MOV r2, #0xa0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_4:\n\t"
+ "LDR r1, [%[a], #12]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_3\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_3\n\t"
+#endif
+ "MOV r2, #0x80\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_3:\n\t"
+ "LDR r1, [%[a], #8]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_2\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_2\n\t"
+#endif
+ "MOV r2, #0x60\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_2:\n\t"
+ "LDR r1, [%[a], #4]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_384_num_bits_12_1\n\t"
+#else
+ "BEQ.N L_sp_384_num_bits_12_1\n\t"
+#endif
+ "MOV r2, #0x40\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_384_num_bits_12_13\n\t"
+#else
+ "B.N L_sp_384_num_bits_12_13\n\t"
+#endif
+ "\n"
+ "L_sp_384_num_bits_12_1:\n\t"
+ "LDR r1, [%[a]]\n\t"
+ "MOV r2, #0x20\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+ "\n"
+ "L_sp_384_num_bits_12_13:\n\t"
+ "MOV %[a], r4\n\t"
+ : [a] "+r" (a)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Non-constant time modular inversion.
@@ -31515,7 +50297,7 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_384_cmp_12(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
sp_384_sub_12(u, u, v);
o = sp_384_sub_12(b, b, d);
if (o != 0)
@@ -31596,7 +50378,7 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -31920,7 +50702,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -31948,19 +50730,21 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 12;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_12(t1, point->y);
(void)sp_384_mod_12(t1, t1, p384_mod);
sp_384_sqr_12(t2, point->x);
(void)sp_384_mod_12(t2, t2, p384_mod);
sp_384_mul_12(t2, t2, point->x);
(void)sp_384_mod_12(t2, t2, p384_mod);
- (void)sp_384_sub_12(t2, p384_mod, t2);
- sp_384_mont_add_12(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_12(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
sp_384_mont_add_12(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_12(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -31974,7 +50758,7 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -32601,429 +51385,3650 @@ static const sp_digit p521_b[17] = {
};
#endif
+#ifdef WOLFSSL_SP_SMALL
/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_521_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[17 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #68\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #64\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x88\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_521_mul_17_outer:\n\t"
+ "SUBS r3, r5, #0x40\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_521_mul_17_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_521_mul_17_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BGT.N L_sp_521_mul_17_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_521_mul_17_inner\n\t"
+#else
+ "BLT.N L_sp_521_mul_17_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_521_mul_17_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x7c\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #128\n\t"
- "cmp r8, r6\n\t"
+ "BLE L_sp_521_mul_17_outer\n\t"
+#else
+ "BLE.N L_sp_521_mul_17_outer\n\t"
+#endif
+ "LDR lr, [%[a], #64]\n\t"
+ "LDR r11, [%[b], #64]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "LDM sp!, {r6, r7}\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SUB r5, r5, #0x8\n\t"
+ "\n"
+ "L_sp_521_mul_17_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BGT L_sp_521_mul_17_store\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BGT.N L_sp_521_mul_17_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
-/* Square a and put result in r. (r = a * a)
+#else
+/* Multiply a and b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
+ * b A single precision integer.
*/
-SP_NOINLINE static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_521_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #136\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #64\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #68\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
-#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
-#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #128\n\t"
- "cmp r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #132\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
-#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #136\n\t"
- "add sp, sp, r6\n\t"
+ "SUB sp, sp, #0x44\n\t"
+ /* A[0] * B[0] */
+ "LDR r11, [%[a]]\n\t"
+ "LDR r12, [%[b]]\n\t"
+ "UMULL r3, r4, r11, r12\n\t"
+ "MOV r5, #0x0\n\t"
+ "STR r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[0] */
+ "LDR r8, [%[a], #4]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ /* A[2] * B[0] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[1] */
+ "LDR r11, [%[a], #4]\n\t"
+ "LDR r12, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[2] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[0] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[2] */
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[1] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[0] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #12]\n\t"
+ /* A[4] * B[0] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[1] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[2] */
+ "LDR r11, [%[a], #8]\n\t"
+ "LDR r12, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[3] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[4] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #16]\n\t"
+ /* A[0] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[4] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[2] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[1] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[0] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #20]\n\t"
+ /* A[6] * B[0] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[1] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[2] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[3] */
+ "LDR r11, [%[a], #12]\n\t"
+ "LDR r12, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[4] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[5] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[0] * B[6] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #24]\n\t"
+ /* A[0] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[6] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[5] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[4] */
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[3] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[2] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[1] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[0] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* A[8] * B[0] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[1] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[2] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[3] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[4] */
+ "LDR r11, [%[a], #16]\n\t"
+ "LDR r12, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[5] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[6] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[7] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[8] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #32]\n\t"
+ /* A[0] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[8] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[7] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[6] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[4] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[3] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[2] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[1] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[0] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #36]\n\t"
+ /* A[10] * B[0] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[1] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[2] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[3] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[4] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[5] */
+ "LDR r11, [%[a], #20]\n\t"
+ "LDR r12, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[6] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[7] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[8] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[9] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[10] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #40]\n\t"
+ /* A[0] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[10] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[9] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[8] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[7] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[6] */
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[5] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[4] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[3] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[2] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[1] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[0] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #44]\n\t"
+ /* A[12] * B[0] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[1] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[2] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[3] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[4] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[5] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[6] */
+ "LDR r11, [%[a], #24]\n\t"
+ "LDR r12, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[7] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[8] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[9] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[10] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[11] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[0] * B[12] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #48]\n\t"
+ /* A[0] * B[13] */
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[12] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[11] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[10] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[9] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[8] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[6] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[5] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[4] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[3] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[2] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[1] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[0] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #52]\n\t"
+ /* A[14] * B[0] */
+ "LDR r8, [%[a], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[1] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[2] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[3] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[4] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[5] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[6] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[7] */
+ "LDR r11, [%[a], #28]\n\t"
+ "LDR r12, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[8] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[9] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[10] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[11] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[12] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[13] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[14] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #56]\n\t"
+ /* A[0] * B[15] */
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[14] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[13] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[12] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[11] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[10] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[9] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[8] */
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[7] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[6] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[5] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[4] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[3] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[2] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[1] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[0] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #60]\n\t"
+ /* A[16] * B[0] */
+ "LDR r8, [%[a], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[1] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[2] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[3] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[4] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[5] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[6] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[7] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[8] */
+ "LDR r11, [%[a], #32]\n\t"
+ "LDR r12, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[9] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[10] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[11] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[12] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[13] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[14] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[15] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[16] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #64]\n\t"
+ /* A[1] * B[16] */
+ "LDR r8, [%[a], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[15] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[14] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[13] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[12] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[11] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[10] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[8] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[7] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[6] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[5] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[4] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[3] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[2] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[16] * B[1] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #68]\n\t"
+ /* A[16] * B[2] */
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[3] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[4] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[5] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[6] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[7] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[8] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[9] */
+ "LDR r11, [%[a], #36]\n\t"
+ "LDR r12, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[10] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[11] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[12] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[13] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[14] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[15] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[16] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #72]\n\t"
+ /* A[3] * B[16] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[15] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[14] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[13] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[12] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[11] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[10] */
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[9] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[8] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[7] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[6] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[5] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[4] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[16] * B[3] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #76]\n\t"
+ /* A[16] * B[4] */
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[5] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[6] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[7] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[8] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[9] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[10] */
+ "LDR r11, [%[a], #40]\n\t"
+ "LDR r12, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[11] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[12] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[13] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[14] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[15] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[16] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #80]\n\t"
+ /* A[5] * B[16] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[15] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[14] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[13] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[12] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[10] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[9] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[8] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[7] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[6] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[16] * B[5] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #84]\n\t"
+ /* A[16] * B[6] */
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[7] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[8] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[9] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[10] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[11] */
+ "LDR r11, [%[a], #44]\n\t"
+ "LDR r12, [%[b], #44]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[12] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[13] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[14] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[15] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[16] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #88]\n\t"
+ /* A[7] * B[16] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[15] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[14] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[13] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[12] */
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[11] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[10] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[9] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[8] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[16] * B[7] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #92]\n\t"
+ /* A[16] * B[8] */
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[9] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[10] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[11] */
+ "LDR r8, [%[a], #52]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[12] */
+ "LDR r11, [%[a], #48]\n\t"
+ "LDR r12, [%[b], #48]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[13] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[14] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[15] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[16] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #96]\n\t"
+ /* A[9] * B[16] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[15] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[14] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[13] */
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[12] */
+ "LDR r8, [%[a], #52]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[11] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[10] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[16] * B[9] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #100]\n\t"
+ /* A[16] * B[10] */
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[11] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[12] */
+ "LDR r8, [%[a], #56]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[13] */
+ "LDR r11, [%[a], #52]\n\t"
+ "LDR r12, [%[b], #52]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[14] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[15] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[16] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #104]\n\t"
+ /* A[11] * B[16] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[15] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[14] */
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[13] */
+ "LDR r8, [%[a], #56]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[12] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[16] * B[11] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #108]\n\t"
+ /* A[16] * B[12] */
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[13] */
+ "LDR r8, [%[a], #60]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[14] */
+ "LDR r11, [%[a], #56]\n\t"
+ "LDR r12, [%[b], #56]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[15] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[16] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #112]\n\t"
+ /* A[13] * B[16] */
+ "LDR r8, [%[a], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[15] */
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[14] */
+ "LDR r8, [%[a], #60]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[16] * B[13] */
+ "LDR r8, [%[a], #64]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #116]\n\t"
+ /* A[16] * B[14] */
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[15] */
+ "LDR r11, [%[a], #60]\n\t"
+ "LDR r12, [%[b], #60]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[16] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #64]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #120]\n\t"
+ /* A[15] * B[16] */
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[16] * B[15] */
+ "LDR r8, [%[a], #64]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #124]\n\t"
+ /* A[16] * B[16] */
+ "UMLAL r5, r3, r8, r9\n\t"
+ "STR r5, [%[r], #128]\n\t"
+ "STR r3, [%[r], #132]\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3}\n\t"
+ "STM %[r]!, {r3}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
}
+#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
- * b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #68\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "SUB sp, sp, #0x88\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_521_sqr_17_outer:\n\t"
+ "SUBS r3, r5, #0x40\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_521_sqr_17_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_521_sqr_17_inner_done\n\t"
+#else
+ "BGT.N L_sp_521_sqr_17_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BLT L_sp_521_sqr_17_inner\n\t"
+#else
+ "BLT.N L_sp_521_sqr_17_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_521_sqr_17_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x7c\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BLE L_sp_521_sqr_17_outer\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BLE.N L_sp_521_sqr_17_outer\n\t"
+#endif
+ "LDR lr, [%[a], #64]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "LDM sp!, {r6, r7}\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SUB r5, r5, #0x8\n\t"
+ "\n"
+ "L_sp_521_sqr_17_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_521_sqr_17_store\n\t"
+#else
+ "BGT.N L_sp_521_sqr_17_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- return c;
}
#else
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
*
* r A single precision integer.
* a A single precision integer.
- * b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r6, [%[b]]\n\t"
- "adcs r4, r4, r6\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "SUB sp, sp, #0x44\n\t"
+ /* A[0] * A[0] */
+ "LDR r10, [%[a]]\n\t"
+ "UMULL r8, r3, r10, r10\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r8, [sp]\n\t"
+ /* A[0] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #4]\n\t"
+ /* A[0] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #8]\n\t"
+ /* A[0] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [sp, #12]\n\t"
+ /* A[0] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[1] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[2] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #16]\n\t"
+ /* A[0] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #20]\n\t"
+ /* A[0] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #24]\n\t"
+ /* A[0] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #28]\n\t"
+ /* A[0] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #32]\n\t"
+ /* A[0] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #36]\n\t"
+ /* A[0] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #40]\n\t"
+ /* A[0] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #44]\n\t"
+ /* A[0] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #48]\n\t"
+ /* A[0] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #52]\n\t"
+ /* A[0] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #56]\n\t"
+ /* A[0] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #60]\n\t"
+ /* A[0] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #64]\n\t"
+ /* A[1] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[2] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ /* A[2] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[3] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #72]\n\t"
+ /* A[3] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[4] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #76]\n\t"
+ /* A[4] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[5] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ /* A[5] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[6] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #84]\n\t"
+ /* A[6] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[7] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #88]\n\t"
+ /* A[7] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[8] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ /* A[8] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[9] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[12] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #96]\n\t"
+ /* A[9] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[10] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[12] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #100]\n\t"
+ /* A[10] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[11] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[12] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[13] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #104]\n\t"
+ /* A[11] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[12] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[13] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #108]\n\t"
+ /* A[12] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[13] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[14] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [%[r], #112]\n\t"
+ /* A[13] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #116]\n\t"
+ /* A[14] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [%[r], #120]\n\t"
+ /* A[15] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [%[r], #124]\n\t"
+ /* A[16] * A[16] */
+ "LDR r10, [%[a], #64]\n\t"
+ "UMLAL r4, r2, r10, r10\n\t"
+ "STR r4, [%[r], #128]\n\t"
+ "STR r2, [%[r], #132]\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2}\n\t"
+ "STM %[r]!, {r2}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
-
- return c;
}
#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "add r6, r6, #68\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x40\n\t"
+ "\n"
+ "L_sp_521_add_17_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_521_add_17_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_521_add_17_word\n\t"
+#endif
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a], {r4}\n\t"
+ "LDM %[b], {r8}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC %[r], r4, #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#else
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r6, [%[b]]\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3}\n\t"
+ "LDM %[b]!, {r7}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
@@ -33055,14 +55060,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -33240,6 +55245,7 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
return err;
}
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -33248,322 +55254,765 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #68\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_521_cond_sub_17_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x44\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_521_cond_sub_17_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_521_cond_sub_17_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- return c;
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r8, [%[b]]\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "STR r6, [%[r]]\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
/* Reduce the number back to 521 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)mp;
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "sub sp, sp, #68\n\t"
- "mov r12, sp\n\t"
- "add r14, %[a], #64\n\t"
- "ldm r14!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
- "lsr r1, r1, #9\n\t"
- "orr r1, r1, r2, lsl #23\n\t"
- "lsr r2, r2, #9\n\t"
- "orr r2, r2, r3, lsl #23\n\t"
- "lsr r3, r3, #9\n\t"
- "orr r3, r3, r4, lsl #23\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r6, lsl #23\n\t"
- "lsr r6, r6, #9\n\t"
- "orr r6, r6, r7, lsl #23\n\t"
- "lsr r7, r7, #9\n\t"
- "orr r7, r7, r8, lsl #23\n\t"
- "lsr r8, r8, #9\n\t"
- "orr r8, r8, r9, lsl #23\n\t"
- "lsr r9, r9, #9\n\t"
- "orr r9, r9, r10, lsl #23\n\t"
- "stm r12!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
- "mov r1, r10\n\t"
- "ldm r14, {r2, r3, r4, r5, r6, r7, r8}\n\t"
- "lsr r1, r1, #9\n\t"
- "orr r1, r1, r2, lsl #23\n\t"
- "lsr r2, r2, #9\n\t"
- "orr r2, r2, r3, lsl #23\n\t"
- "lsr r3, r3, #9\n\t"
- "orr r3, r3, r4, lsl #23\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r6, lsl #23\n\t"
- "lsr r6, r6, #9\n\t"
- "orr r6, r6, r7, lsl #23\n\t"
- "lsr r7, r7, #9\n\t"
- "orr r7, r7, r8, lsl #23\n\t"
- "lsr r8, r8, #9\n\t"
- "stm r12!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
- "mov r14, sp\n\t"
- "ldm %[a], {r1, r2, r3, r4, r5, r6}\n\t"
- "ldm r14!, {r7, r8, r9, r10, r11, r12}\n\t"
- "adds r1, r1, r7\n\t"
- "adcs r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adcs r5, r5, r11\n\t"
- "adcs r6, r6, r12\n\t"
- "stm %[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
- "ldm %[a], {r1, r2, r3, r4, r5, r6}\n\t"
- "ldm r14!, {r7, r8, r9, r10, r11, r12}\n\t"
- "adcs r1, r1, r7\n\t"
- "adcs r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adcs r5, r5, r11\n\t"
- "adcs r6, r6, r12\n\t"
- "stm %[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
- "ldm %[a], {r1, r2, r3, r4, r5}\n\t"
- "ldm r14!, {r7, r8, r9, r10, r11}\n\t"
- "mov r14, #0x1ff\n\t"
- "and r5, r5, r14\n\t"
- "adcs r1, r1, r7\n\t"
- "adcs r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r10\n\t"
- "adcs r5, r5, r11\n\t"
- "lsr r12, r5, #9\n\t"
- "and r5, r5, r14\n\t"
- "stm %[a]!, {r1, r2, r3, r4, r5}\n\t"
- "sub %[a], %[a], #68\n\t"
- "mov r11, #0\n\t"
- "ldm %[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
- "adds r1, r1, r12\n\t"
- "adcs r2, r2, r11\n\t"
- "adcs r3, r3, r11\n\t"
- "adcs r4, r4, r11\n\t"
- "adcs r5, r5, r11\n\t"
- "adcs r6, r6, r11\n\t"
- "adcs r7, r7, r11\n\t"
- "adcs r8, r8, r11\n\t"
- "adcs r9, r9, r11\n\t"
- "stm %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
- "ldm %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
- "adcs r1, r1, r11\n\t"
- "adcs r2, r2, r11\n\t"
- "adcs r3, r3, r11\n\t"
- "adcs r4, r4, r11\n\t"
- "adcs r5, r5, r11\n\t"
- "adcs r6, r6, r11\n\t"
- "adcs r7, r7, r11\n\t"
- "adcs r8, r8, r11\n\t"
- "stm %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
- "add sp, sp, #68\n\t"
- "sub %[a], %[a], #68\n\t"
+ "SUB sp, sp, #0x44\n\t"
+ "MOV r12, sp\n\t"
+ /* Shift top down by 9 bits */
+ "ADD lr, %[a], #0x40\n\t"
+ /* 0-7 */
+ "LDM lr!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "LSR r1, r1, #9\n\t"
+ "ORR r1, r1, r2, LSL #23\n\t"
+ "LSR r2, r2, #9\n\t"
+ "ORR r2, r2, r3, LSL #23\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r4, LSL #23\n\t"
+ "LSR r4, r4, #9\n\t"
+ "ORR r4, r4, r5, LSL #23\n\t"
+ "LSR r5, r5, #9\n\t"
+ "ORR r5, r5, r6, LSL #23\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r8, LSL #23\n\t"
+ "LSR r8, r8, #9\n\t"
+ "ORR r8, r8, r9, LSL #23\n\t"
+ "STM r12!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "MOV r1, r9\n\t"
+ /* 8-16 */
+ "LDM lr!, {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "LSR r1, r1, #9\n\t"
+ "ORR r1, r1, r2, LSL #23\n\t"
+ "LSR r2, r2, #9\n\t"
+ "ORR r2, r2, r3, LSL #23\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r4, LSL #23\n\t"
+ "LSR r4, r4, #9\n\t"
+ "ORR r4, r4, r5, LSL #23\n\t"
+ "LSR r5, r5, #9\n\t"
+ "ORR r5, r5, r6, LSL #23\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r8, LSL #23\n\t"
+ "LSR r8, r8, #9\n\t"
+ "ORR r8, r8, r9, LSL #23\n\t"
+ "LSR r9, r9, #9\n\t"
+ "STM r12!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ /* Add top to bottom */
+ /* 0-5 */
+ "LDM %[a], {r1, r2, r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r7, r8, r9, r10, r11, r12}\n\t"
+ "ADDS r1, r1, r7\n\t"
+ "ADCS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADCS r4, r4, r10\n\t"
+ "ADCS r5, r5, r11\n\t"
+ "ADCS r6, r6, r12\n\t"
+ "STM %[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
+ /* 6-11 */
+ "LDM %[a], {r1, r2, r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r7, r8, r9, r10, r11, r12}\n\t"
+ "ADCS r1, r1, r7\n\t"
+ "ADCS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADCS r4, r4, r10\n\t"
+ "ADCS r5, r5, r11\n\t"
+ "ADCS r6, r6, r12\n\t"
+ "STM %[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
+ /* 12-16 */
+ "LDM %[a], {r1, r2, r3, r4, r5}\n\t"
+ "LDM sp!, {r7, r8, r9, r10, r11}\n\t"
+ "MOV lr, #0x1ff\n\t"
+ "AND r5, r5, lr\n\t"
+ "ADCS r1, r1, r7\n\t"
+ "ADCS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADCS r4, r4, r10\n\t"
+ "ADCS r5, r5, r11\n\t"
+ "LSR r12, r5, #9\n\t"
+ "AND r5, r5, lr\n\t"
+ "STM %[a]!, {r1, r2, r3, r4, r5}\n\t"
+ "SUB %[a], %[a], #0x44\n\t"
+ /* Add overflow */
+ /* 0-8 */
+ "LDM %[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ "ADDS r1, r1, r12\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+ /* 9-16 */
+ "LDM %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
: [a] "+r" (a)
:
- : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)mp_p;
+#else
+ (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Reduce the number back to 521 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #68\n\t"
- "\n1:\n\t"
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "sub r14, r11, #4\n\t"
- "cmp r10, r14\n\t"
- "bne L_521_mont_reduce_17_nomask\n\t"
- "mov r8, #0x1ff\n\t"
- "and %[mp], %[mp], r8\n\t"
- "L_521_mont_reduce_17_nomask:\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #64\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
- /* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
+ "MUL r10, %[mp], r4\n\t"
+ "CMP r11, #0x40\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
+ "BNE L_sp_521_mont_reduce_order_17_nomask\n\t"
#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+ "BNE.N L_sp_521_mont_reduce_order_17_nomask\n\t"
+#endif
+ "MOV r9, #0x1ff\n\t"
+ "AND r10, r10, r9\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_nomask:\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ "STR r4, [%[a]]\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
/* a[i+16] += m[16] * mu */
- "mov r5, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[16] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[16] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r4\n\t"
- "adcs r8, r8, r5\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- "mov r4, #0\n\t"
- /* Next word in a */
- "sub r10, r10, #60\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "sub r10, r10, #4\n\t"
- "ldr r4, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "ldr r5, [r10]\n\t"
- "lsr r4, r4, #9\n\t"
- "orr r4, r4, r5, lsl #23\n\t"
- "str r4, [r10], #4\n\t"
- "ldr r4, [r10]\n\t"
- "lsr r5, r5, #9\n\t"
- "orr r5, r5, r4, lsl #23\n\t"
- "str r5, [r10], #4\n\t"
- "lsr r4, r4, #9\n\t"
- "str r4, [r10]\n\t"
- "lsr %[ca], r4, #9\n\t"
- "sub %[a], r10, #64\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r6, r6, r8\n\t"
+ "ADCS r7, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "ADCS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x44\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_521_mont_reduce_order_17_word\n\t"
+#else
+ "BLT.W L_sp_521_mont_reduce_order_17_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "SUB %[a], %[a], #0x4\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #4]\n\t"
+ "LDR r6, [%[a], #8]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #8]\n\t"
+ "LDR r7, [%[a], #12]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #12]\n\t"
+ "LDR r6, [%[a], #16]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #16]\n\t"
+ "LDR r7, [%[a], #20]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #20]\n\t"
+ "LDR r6, [%[a], #24]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #24]\n\t"
+ "LDR r7, [%[a], #28]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #28]\n\t"
+ "LDR r6, [%[a], #32]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #32]\n\t"
+ "LDR r7, [%[a], #36]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #36]\n\t"
+ "LDR r6, [%[a], #40]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #40]\n\t"
+ "LDR r7, [%[a], #44]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #44]\n\t"
+ "LDR r6, [%[a], #48]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #48]\n\t"
+ "LDR r7, [%[a], #52]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #52]\n\t"
+ "LDR r6, [%[a], #56]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #56]\n\t"
+ "LDR r7, [%[a], #60]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "ORR r6, r6, r7, LSL #23\n\t"
+ "STR r6, [%[a], #60]\n\t"
+ "LDR r6, [%[a], #64]\n\t"
+ "LSR r7, r7, #9\n\t"
+ "ORR r7, r7, r6, LSL #23\n\t"
+ "STR r7, [%[a], #64]\n\t"
+ "LSR r6, r6, #9\n\t"
+ "STR r6, [%[a], #68]\n\t"
+ "LSR r3, r6, #9\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 521 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - ca);
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ "CMP r4, #0x40\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_sp_521_mont_reduce_order_17_nomask\n\t"
+#else
+ "BNE.N L_sp_521_mont_reduce_order_17_nomask\n\t"
+#endif
+ "MOV r12, #0x1ff\n\t"
+ "AND lr, lr, r12\n\t"
+ "\n"
+ "L_sp_521_mont_reduce_order_17_nomask:\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ "STR r6, [%[a]]\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #68]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #68]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x44\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_521_mont_reduce_order_17_word\n\t"
+#else
+ "BLT.W L_sp_521_mont_reduce_order_17_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "SUB %[a], %[a], #0x4\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "LDR r3, [%[a], #4]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #4]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #8]\n\t"
+ "LDR r3, [%[a], #12]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #16]\n\t"
+ "LDR r3, [%[a], #20]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #24]\n\t"
+ "LDR r3, [%[a], #28]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #32]\n\t"
+ "LDR r3, [%[a], #36]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #40]\n\t"
+ "LDR r3, [%[a], #44]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #48]\n\t"
+ "LDR r3, [%[a], #52]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #56]\n\t"
+ "LDR r3, [%[a], #60]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "ORR r12, r12, r3, LSL #23\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "LSR r3, r3, #9\n\t"
+ "ORR r3, r3, r12, LSL #23\n\t"
+ "STR r3, [%[a], #64]\n\t"
+ "LSR r12, r12, #9\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "LSR r5, r12, #9\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
}
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -33571,7 +56020,7 @@ SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit*
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -33585,7 +56034,7 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -33601,10 +56050,10 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_17(r, a, m, mp);
for (; n > 1; n--) {
@@ -33710,44 +56159,236 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_521_cmp_17(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #64\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x40\n\t"
+ "\n"
+ "L_sp_521_cmp_17_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_521_cmp_17_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Normalize the values in each word to 32.
@@ -33803,82 +56444,88 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4}\n\t"
- "ldm %[b]!, {r8}\n\t"
- "adcs r4, r4, r8\n\t"
- "mov r14, #0x1ff\n\t"
- "lsr r12, r4, #9\n\t"
- "and r4, r4, r14\n\t"
- "stm %[r]!, {r4}\n\t"
- "sub %[r], %[r], #68\n\t"
- "mov r14, #0\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r14\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r14\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r14\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4}\n\t"
- "adcs r4, r4, r14\n\t"
- "stm %[r]!, {r4}\n\t"
- "sub %[r], %[r], #68\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8}\n\t"
+ "LDM %[b]!, {r4}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "MOV r12, #0x1ff\n\t"
+ "LSR r3, r8, #9\n\t"
+ "AND r8, r8, r12\n\t"
+ "STM %[r]!, {r8}\n\t"
+ "SUB %[r], %[r], #0x44\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r3\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4}\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
/* Double a Montgomery form number (r = a + a % m).
@@ -33887,79 +56534,78 @@ SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r8, #0\n\t"
- "ldm %[a]!, {r2, r3, r4, r5, r6, r7}\n\t"
- "adds r2, r2, r2\n\t"
- "adcs r3, r3, r3\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "str r2, [%[r], #0]\n\t"
- "str r3, [%[r], #4]\n\t"
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
- "str r6, [%[r], #16]\n\t"
- "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r2, r3, r4, r5, r6, r7}\n\t"
- "adcs r2, r2, r2\n\t"
- "adcs r3, r3, r3\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "str r2, [%[r], #0]\n\t"
- "str r3, [%[r], #4]\n\t"
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #12]\n\t"
- "str r6, [%[r], #16]\n\t"
- "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r2, r3, r4, r5, r6}\n\t"
- "adcs r2, r2, r2\n\t"
- "adcs r3, r3, r3\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "mov r9, #0x1ff\n\t"
- "lsr r8, r6, #9\n\t"
- "and r6, r6, r9\n\t"
- "stm %[r]!, {r2, r3, r4, r5, r6}\n\t"
- "sub %[r], %[r], #68\n\t"
- "mov r9, #0\n\t"
- "ldm %[r], {r2, r3, r4, r5, r6, r7}\n\t"
- "adds r2, r2, r8\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r9\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r9\n\t"
- "adcs r7, r7, r9\n\t"
- "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
- "ldm %[r], {r2, r3, r4, r5, r6, r7}\n\t"
- "adcs r2, r2, r9\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r9\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r9\n\t"
- "adcs r7, r7, r9\n\t"
- "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
- "ldm %[r], {r2, r3, r4, r5, r6}\n\t"
- "adcs r2, r2, r9\n\t"
- "adcs r3, r3, r9\n\t"
- "adcs r4, r4, r9\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r9\n\t"
- "stm %[r]!, {r2, r3, r4, r5, r6}\n\t"
- "sub %[r], %[r], #68\n\t"
- "sub %[a], %[a], #68\n\t"
+ "MOV r2, #0x0\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "MOV r3, #0x1ff\n\t"
+ "LSR r2, r4, #9\n\t"
+ "AND r4, r4, r3\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "SUB %[r], %[r], #0x44\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r2\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "ADCS r5, r5, #0x0\n\t"
+ "ADCS r6, r6, #0x0\n\t"
+ "ADCS r7, r7, #0x0\n\t"
+ "ADCS r8, r8, #0x0\n\t"
+ "ADCS r9, r9, #0x0\n\t"
+ "ADCS r10, r10, #0x0\n\t"
+ "ADCS r11, r11, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4}\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
/* Triple a Montgomery form number (r = a + a + a % m).
@@ -33968,110 +56614,98 @@ SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a, const
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adds r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4}\n\t"
- "adcs r4, r4, r4\n\t"
- "stm %[r]!, {r4}\n\t"
- "sub %[r], %[r], #68\n\t"
- "sub %[a], %[a], #68\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adds r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8}\n\t"
- "ldm %[a]!, {r4}\n\t"
- "adcs r8, r8, r4\n\t"
- "mov r14, #0x1ff\n\t"
- "lsr r12, r8, #9\n\t"
- "and r8, r8, r14\n\t"
- "stm %[r]!, {r8}\n\t"
- "sub %[r], %[r], #68\n\t"
- "mov r14, #0\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adds r4, r4, r12\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r14\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r14\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "adcs r4, r4, r14\n\t"
- "adcs r5, r5, r14\n\t"
- "adcs r6, r6, r14\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4}\n\t"
- "adcs r4, r4, r14\n\t"
- "stm %[r]!, {r4}\n\t"
- "sub %[r], %[r], #68\n\t"
+ "MOV r2, #0x0\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "SUB %[r], %[r], #0x44\n\t"
+ "SUB %[a], %[a], #0x44\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4}\n\t"
+ "LDM %[a]!, {r8}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "MOV r3, #0x1ff\n\t"
+ "LSR r2, r4, #9\n\t"
+ "AND r4, r4, r3\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "SUB %[r], %[r], #0x44\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r2\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4}\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
+#else
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
/* Subtract two Montgomery form numbers (r = a - b % m).
@@ -34081,200 +56715,172 @@ SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a, const
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "subs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4}\n\t"
- "ldm %[b]!, {r8}\n\t"
- "sbcs r4, r4, r8\n\t"
- "mov r14, #0x1ff\n\t"
- "asr r12, r4, #9\n\t"
- "and r4, r4, r14\n\t"
- "neg r12, r12\n\t"
- "stm %[r]!, {r4}\n\t"
- "sub %[r], %[r], #68\n\t"
- "mov r14, #0\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "subs r4, r4, r12\n\t"
- "sbcs r5, r5, r14\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "sbcs r4, r4, r14\n\t"
- "sbcs r5, r5, r14\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "sbcs r4, r4, r14\n\t"
- "sbcs r5, r5, r14\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "sbcs r4, r4, r14\n\t"
- "sbcs r5, r5, r14\n\t"
- "sbcs r6, r6, r14\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4}\n\t"
- "sbcs r4, r4, r14\n\t"
- "stm %[r]!, {r4}\n\t"
- "sub %[r], %[r], #68\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "SUBS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[b]!, {r4, r5, r6, r7}\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "SBCS r9, r9, r5\n\t"
+ "SBCS r10, r10, r6\n\t"
+ "SBCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r8}\n\t"
+ "LDM %[b]!, {r4}\n\t"
+ "SBCS r8, r8, r4\n\t"
+ "MOV r12, #0x1ff\n\t"
+ "ASR r3, r8, #9\n\t"
+ "AND r8, r8, r12\n\t"
+ "neg r3, r3\n\t"
+ "STM %[r]!, {r8}\n\t"
+ "SUB %[r], %[r], #0x44\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r4, r4, r3\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, #0x0\n\t"
+ "SBCS r11, r11, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "SBCS r5, r5, #0x0\n\t"
+ "SBCS r6, r6, #0x0\n\t"
+ "SBCS r7, r7, #0x0\n\t"
+ "SBCS r8, r8, #0x0\n\t"
+ "SBCS r9, r9, #0x0\n\t"
+ "SBCS r10, r10, #0x0\n\t"
+ "SBCS r11, r11, #0x0\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[r], {r4}\n\t"
+ "SBCS r4, r4, #0x0\n\t"
+ "STM %[r]!, {r4}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-}
-
-#define sp_521_mont_sub_lower_17 sp_521_mont_sub_17
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r A single precision number representing conditional add result.
- * a A single precision number to add with.
- * b A single precision number to add.
- * m Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b,
- sp_digit m)
-{
- sp_digit c = 0;
-
- __asm__ __volatile__ (
- "mov r5, #68\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "adds r5, %[c], #-1\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "adcs r5, r5, r6\n\t"
- "mov %[c], #0\n\t"
- "adcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ (void)m_p;
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
- );
-
- return c;
+ (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
}
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
+#else
static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "lsr r2, r2, #1\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r2, [%[r], #0]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r3, [%[r], #4]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r4, [%[r], #8]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r2, [%[r], #12]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r3, [%[r], #16]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r4, [%[r], #20]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r2, [%[r], #24]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r3, [%[r], #28]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r4, [%[r], #32]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r2, [%[r], #36]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r3, [%[r], #40]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r4, [%[r], #44]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r2, [%[r], #48]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r3, [%[r], #52]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #64]\n\t"
- "str r4, [%[r], #56]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "str r2, [%[r], #60]\n\t"
- "str r3, [%[r], #64]\n\t"
+ "LDM %[a], {r2, r3}\n\t"
+ "LSR r2, r2, #1\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "STR r2, [%[r]]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #12]\n\t"
+ "STR r3, [%[r], #4]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #16]\n\t"
+ "STR r4, [%[r], #8]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "STR r2, [%[r], #12]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #24]\n\t"
+ "STR r3, [%[r], #16]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #28]\n\t"
+ "STR r4, [%[r], #20]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "STR r2, [%[r], #24]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #36]\n\t"
+ "STR r3, [%[r], #28]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #40]\n\t"
+ "STR r4, [%[r], #32]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "STR r2, [%[r], #36]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #48]\n\t"
+ "STR r3, [%[r], #40]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #52]\n\t"
+ "STR r4, [%[r], #44]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "STR r2, [%[r], #48]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #60]\n\t"
+ "STR r3, [%[r], #52]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #64]\n\t"
+ "STR r4, [%[r], #56]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "STR r2, [%[r], #60]\n\t"
+ "STR r3, [%[r], #64]\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4"
+ : "memory", "r2", "r3", "r4", "cc"
);
}
@@ -34284,13 +56890,14 @@ static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_521_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
{
- sp_digit o;
+ sp_digit o = a[0] & 1;
+
+ (void)m;
- o = sp_521_cond_add_17(r, a, m, 0 - (a[0] & 1));
sp_521_rshift1_17(r, r);
- r[16] |= o << 31;
+ r[16] |= o << 8;
}
/* Double the Montgomery form projective point p.
@@ -34337,7 +56944,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_17(t2, t2, p521_mod);
+ sp_521_mont_div2_17(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -34347,7 +56954,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_17(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+ sp_521_mont_sub_17(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -34370,7 +56977,8 @@ typedef struct sp_521_proj_point_dbl_17_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
@@ -34444,7 +57052,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_17(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -34469,7 +57077,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -34535,12 +57143,12 @@ static int sp_521_iszero_17(const sp_digit* a)
static void sp_521_proj_point_add_17(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*17;
- sp_digit* t3 = t + 4*17;
- sp_digit* t4 = t + 6*17;
- sp_digit* t5 = t + 8*17;
- sp_digit* t6 = t + 10*17;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*17;
+ sp_digit* t2 = t + 4*17;
+ sp_digit* t3 = t + 6*17;
+ sp_digit* t4 = t + 8*17;
+ sp_digit* t5 = t + 10*17;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
@@ -34562,17 +57170,9 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
sp_521_proj_point_dbl_17(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_17(t2, t2, t1, p521_mod);
@@ -34591,20 +57191,31 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
sp_521_mont_dbl_17(t3, y, p521_mod);
sp_521_mont_sub_17(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+ sp_521_mont_sub_17(y, y, x, p521_mod);
sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(y, y, t5, p521_mod);
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -34650,12 +57261,12 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*17;
- ctx->t3 = t + 4*17;
- ctx->t4 = t + 6*17;
- ctx->t5 = t + 8*17;
- ctx->t6 = t + 10*17;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*17;
+ ctx->t2 = t + 4*17;
+ ctx->t3 = t + 6*17;
+ ctx->t4 = t + 8*17;
+ ctx->t5 = t + 10*17;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -34762,7 +57373,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -34775,22 +57386,28 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -34810,7 +57427,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
@@ -35120,8 +57737,6 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
}
#ifdef FP_ECC
-#define sp_521_mont_dbl_lower_17 sp_521_mont_dbl_17
-#define sp_521_mont_tpl_lower_17 sp_521_mont_tpl_17
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -35160,7 +57775,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+ sp_521_mont_tpl_17(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -35169,8 +57784,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_dbl_17(t2, b, p521_mod);
sp_521_mont_sub_17(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+ sp_521_mont_sub_17(t2, b, x, p521_mod);
+ sp_521_mont_dbl_17(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -35190,7 +57805,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_17(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+ sp_521_mont_tpl_17(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -35199,8 +57814,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_dbl_17(t2, b, p521_mod);
sp_521_mont_sub_17(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+ sp_521_mont_sub_17(t2, b, x, p521_mod);
+ sp_521_mont_dbl_17(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -35210,7 +57825,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
sp_521_mont_sub_17(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_17(y, y, p521_mod);
+ sp_521_mont_div2_17(y, y, p521_mod);
}
/* Convert the projective point to affine.
@@ -35256,12 +57871,12 @@ typedef struct sp_table_entry_521 {
static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*17;
- sp_digit* t3 = t + 4*17;
- sp_digit* t4 = t + 6*17;
- sp_digit* t5 = t + 8*17;
- sp_digit* t6 = t + 10*17;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*17;
+ sp_digit* t6 = t + 4*17;
+ sp_digit* t1 = t + 6*17;
+ sp_digit* t4 = t + 8*17;
+ sp_digit* t5 = t + 10*17;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -35277,13 +57892,9 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
sp_521_proj_point_dbl_17(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
@@ -35292,33 +57903,40 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_17(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_17(x, t1, t5, p521_mod);
- sp_521_mont_dbl_17(t1, t3, p521_mod);
- sp_521_mont_sub_17(x, x, t1, p521_mod);
+ sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_17(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_17(t5, t3, p521_mod);
+ sp_521_mont_sub_17(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_17(t3, t3, x, p521_mod);
+ sp_521_mont_sub_17(t3, t3, x, p521_mod);
sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_17(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_17(y, t3, t5, p521_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 17; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 17; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_17(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 17; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 17; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -35419,7 +58037,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_16_17(sp_point_521* r,
@@ -35650,7 +58268,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -35721,8 +58339,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -35875,7 +58493,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
static void sp_521_get_entry_256_17(sp_point_521* r,
@@ -36106,7 +58724,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -36177,8 +58795,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -36295,7 +58913,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -36306,7 +58924,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -38388,7 +61006,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -38410,7 +61028,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -38469,65 +61087,47 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
*
* a A single precision integer.
*/
-SP_NOINLINE static void sp_521_add_one_17(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_add_one_17(sp_digit* a_p)
+#else
+static void sp_521_add_one_17(sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r2, #1\n\t"
- "ldr r1, [%[a], #0]\n\t"
- "adds r1, r1, r2\n\t"
- "mov r2, #0\n\t"
- "str r1, [%[a], #0]\n\t"
- "ldr r1, [%[a], #4]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #4]\n\t"
- "ldr r1, [%[a], #8]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #8]\n\t"
- "ldr r1, [%[a], #12]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #12]\n\t"
- "ldr r1, [%[a], #16]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #16]\n\t"
- "ldr r1, [%[a], #20]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #20]\n\t"
- "ldr r1, [%[a], #24]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #24]\n\t"
- "ldr r1, [%[a], #28]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #28]\n\t"
- "ldr r1, [%[a], #32]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #32]\n\t"
- "ldr r1, [%[a], #36]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #36]\n\t"
- "ldr r1, [%[a], #40]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #40]\n\t"
- "ldr r1, [%[a], #44]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #44]\n\t"
- "ldr r1, [%[a], #48]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #48]\n\t"
- "ldr r1, [%[a], #52]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #52]\n\t"
- "ldr r1, [%[a], #56]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #56]\n\t"
- "ldr r1, [%[a], #60]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #60]\n\t"
- "ldr r1, [%[a], #64]\n\t"
- "adcs r1, r1, r2\n\t"
- "str r1, [%[a], #64]\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADDS r1, r1, #0x1\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1, r2, r3, r4}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "ADCS r2, r2, #0x0\n\t"
+ "ADCS r3, r3, #0x0\n\t"
+ "ADCS r4, r4, #0x0\n\t"
+ "STM %[a]!, {r1, r2, r3, r4}\n\t"
+ "LDM %[a], {r1}\n\t"
+ "ADCS r1, r1, #0x0\n\t"
+ "STM %[a]!, {r1}\n\t"
+ : [a] "+r" (a)
:
- : [a] "r" (a)
- : "memory", "r1", "r2"
+ : "memory", "r1", "r2", "r3", "r4", "cc"
);
}
@@ -38623,7 +61223,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
(void)heap;
@@ -38631,7 +61231,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -38899,427 +61499,454 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
#endif /* HAVE_ECC_DHE */
#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
+static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r6, #32\n\t"
- "sub r6, r6, %[n]\n\t"
- "ldrd r2, r3, [%[a]]\n\t"
- "lsr r2, r2, %[n]\n\t"
- "lsl r5, r3, r6\n\t"
- "lsr r3, r3, %[n]\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r2, [%[r], #0]\n\t"
- "lsl r5, r4, r6\n\t"
- "lsr r4, r4, %[n]\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r3, [%[r], #4]\n\t"
- "lsl r5, r2, r6\n\t"
- "lsr r2, r2, %[n]\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsl r5, r3, r6\n\t"
- "lsr r3, r3, %[n]\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsl r5, r4, r6\n\t"
- "lsr r4, r4, %[n]\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsl r5, r2, r6\n\t"
- "lsr r2, r2, %[n]\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsl r5, r3, r6\n\t"
- "lsr r3, r3, %[n]\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsl r5, r4, r6\n\t"
- "lsr r4, r4, %[n]\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsl r5, r2, r6\n\t"
- "lsr r2, r2, %[n]\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsl r5, r3, r6\n\t"
- "lsr r3, r3, %[n]\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsl r5, r4, r6\n\t"
- "lsr r4, r4, %[n]\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsl r5, r2, r6\n\t"
- "lsr r2, r2, %[n]\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsl r5, r3, r6\n\t"
- "lsr r3, r3, %[n]\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsl r5, r4, r6\n\t"
- "lsr r4, r4, %[n]\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsl r5, r2, r6\n\t"
- "lsr r2, r2, %[n]\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r3, [%[a], #64]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsl r5, r3, r6\n\t"
- "lsr r3, r3, %[n]\n\t"
- "orr r2, r2, r5\n\t"
- "strd r2, r3, [%[r], #60]\n\t"
- :
- : [r] "r" (r), [a] "r" (a), [n] "r" (n)
- : "memory", "r2", "r3", "r4", "r5", "r6"
- );
+ "RSB r7, %[n], #0x20\n\t"
+ "LDRD r4, r5, [%[a]]\n\t"
+ "LSR r4, r4, %[n]\n\t"
+ "LSL r3, r5, r7\n\t"
+ "LSR r5, r5, %[n]\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r6, [%[a], #8]\n\t"
+ "STR r4, [%[a]]\n\t"
+ "LSL r3, r6, r7\n\t"
+ "LSR r6, r6, %[n]\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "LSL r3, r4, r7\n\t"
+ "LSR r4, r4, %[n]\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r5, [%[a], #16]\n\t"
+ "STR r6, [%[a], #8]\n\t"
+ "LSL r3, r5, r7\n\t"
+ "LSR r5, r5, %[n]\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r6, [%[a], #20]\n\t"
+ "STR r4, [%[a], #12]\n\t"
+ "LSL r3, r6, r7\n\t"
+ "LSR r6, r6, %[n]\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "STR r5, [%[a], #16]\n\t"
+ "LSL r3, r4, r7\n\t"
+ "LSR r4, r4, %[n]\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r5, [%[a], #28]\n\t"
+ "STR r6, [%[a], #20]\n\t"
+ "LSL r3, r5, r7\n\t"
+ "LSR r5, r5, %[n]\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r6, [%[a], #32]\n\t"
+ "STR r4, [%[a], #24]\n\t"
+ "LSL r3, r6, r7\n\t"
+ "LSR r6, r6, %[n]\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "STR r5, [%[a], #28]\n\t"
+ "LSL r3, r4, r7\n\t"
+ "LSR r4, r4, %[n]\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r5, [%[a], #40]\n\t"
+ "STR r6, [%[a], #32]\n\t"
+ "LSL r3, r5, r7\n\t"
+ "LSR r5, r5, %[n]\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r6, [%[a], #44]\n\t"
+ "STR r4, [%[a], #36]\n\t"
+ "LSL r3, r6, r7\n\t"
+ "LSR r6, r6, %[n]\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "STR r5, [%[a], #40]\n\t"
+ "LSL r3, r4, r7\n\t"
+ "LSR r4, r4, %[n]\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r5, [%[a], #52]\n\t"
+ "STR r6, [%[a], #44]\n\t"
+ "LSL r3, r5, r7\n\t"
+ "LSR r5, r5, %[n]\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r6, [%[a], #56]\n\t"
+ "STR r4, [%[a], #48]\n\t"
+ "LSL r3, r6, r7\n\t"
+ "LSR r6, r6, %[n]\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "STR r5, [%[a], #52]\n\t"
+ "LSL r3, r4, r7\n\t"
+ "LSR r4, r4, %[n]\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r5, [%[a], #64]\n\t"
+ "STR r6, [%[a], #56]\n\t"
+ "LSL r3, r5, r7\n\t"
+ "LSR r5, r5, %[n]\n\t"
+ "ORR r4, r4, r3\n\t"
+ "STRD r4, r5, [%[r], #60]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
+ :
+ : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
+ );
}
#endif
#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
#endif
#if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
static void sp_521_lshift_17(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r6, #31\n\t"
- "sub r6, r6, %[n]\n\t"
- "ldr r3, [%[a], #64]\n\t"
- "lsr r4, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r4, r4, r6\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r4, [%[r], #68]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r3, [%[r], #64]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r2, [%[r], #60]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r4, [%[r], #56]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r3, [%[r], #52]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r2, [%[r], #48]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r4, [%[r], #44]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r3, [%[r], #40]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r2, [%[r], #36]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r4, [%[r], #32]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r3, [%[r], #28]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r2, [%[r], #24]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r4, [%[r], #20]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r3, [%[r], #16]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "str r2, [%[r], #12]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "str r4, [%[r], #8]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "str r2, [%[r]]\n\t"
- "str r3, [%[r], #4]\n\t"
+ "RSB r7, %[n], #0x1f\n\t"
+ "LDR r5, [%[a], #64]\n\t"
+ "LSR r6, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r6, r6, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "STR r6, [%[r], #68]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #56]\n\t"
+ "STR r5, [%[r], #64]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #52]\n\t"
+ "STR r4, [%[r], #60]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "STR r6, [%[r], #56]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #44]\n\t"
+ "STR r5, [%[r], #52]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #40]\n\t"
+ "STR r4, [%[r], #48]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "STR r6, [%[r], #44]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #32]\n\t"
+ "STR r5, [%[r], #40]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #28]\n\t"
+ "STR r4, [%[r], #36]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "STR r6, [%[r], #32]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #20]\n\t"
+ "STR r5, [%[r], #28]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #16]\n\t"
+ "STR r4, [%[r], #24]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "STR r6, [%[r], #20]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #8]\n\t"
+ "STR r5, [%[r], #16]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "STR r4, [%[r], #12]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "STR r6, [%[r], #8]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "STR r4, [%[r]]\n\t"
+ "STR r5, [%[r], #4]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : [r] "r" (r), [a] "r" (a), [n] "r" (n)
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
);
}
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r6, #31\n\t"
- "sub r6, r6, %[n]\n\t"
- "ldr r3, [%[a], #132]\n\t"
- "lsr r4, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r4, r4, r6\n\t"
- "ldr r2, [%[a], #128]\n\t"
- "str r4, [%[r], #136]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #124]\n\t"
- "str r3, [%[r], #132]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #120]\n\t"
- "str r2, [%[r], #128]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #116]\n\t"
- "str r4, [%[r], #124]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #112]\n\t"
- "str r3, [%[r], #120]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #108]\n\t"
- "str r2, [%[r], #116]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #104]\n\t"
- "str r4, [%[r], #112]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #100]\n\t"
- "str r3, [%[r], #108]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #96]\n\t"
- "str r2, [%[r], #104]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #92]\n\t"
- "str r4, [%[r], #100]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #88]\n\t"
- "str r3, [%[r], #96]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #84]\n\t"
- "str r2, [%[r], #92]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #80]\n\t"
- "str r4, [%[r], #88]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #76]\n\t"
- "str r3, [%[r], #84]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #72]\n\t"
- "str r2, [%[r], #80]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #68]\n\t"
- "str r4, [%[r], #76]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #64]\n\t"
- "str r3, [%[r], #72]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "str r2, [%[r], #68]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "str r4, [%[r], #64]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r3, [%[r], #60]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r2, [%[r], #56]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "str r4, [%[r], #52]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r3, [%[r], #48]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r2, [%[r], #44]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "str r4, [%[r], #40]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r3, [%[r], #36]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r2, [%[r], #32]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "str r4, [%[r], #28]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r3, [%[r], #24]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r2, [%[r], #20]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "str r4, [%[r], #16]\n\t"
- "lsr r5, r2, #1\n\t"
- "lsl r2, r2, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r3, r3, r5\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "str r3, [%[r], #12]\n\t"
- "lsr r5, r4, #1\n\t"
- "lsl r4, r4, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r2, r2, r5\n\t"
- "ldr r3, [%[a], #0]\n\t"
- "str r2, [%[r], #8]\n\t"
- "lsr r5, r3, #1\n\t"
- "lsl r3, r3, %[n]\n\t"
- "lsr r5, r5, r6\n\t"
- "orr r4, r4, r5\n\t"
- "str r3, [%[r]]\n\t"
- "str r4, [%[r], #4]\n\t"
+ "RSB r7, %[n], #0x1f\n\t"
+ "LDR r5, [%[a], #132]\n\t"
+ "LSR r6, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r6, r6, r7\n\t"
+ "LDR r4, [%[a], #128]\n\t"
+ "STR r6, [%[r], #136]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #124]\n\t"
+ "STR r5, [%[r], #132]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #120]\n\t"
+ "STR r4, [%[r], #128]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "STR r6, [%[r], #124]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #112]\n\t"
+ "STR r5, [%[r], #120]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #108]\n\t"
+ "STR r4, [%[r], #116]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "STR r6, [%[r], #112]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #100]\n\t"
+ "STR r5, [%[r], #108]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #96]\n\t"
+ "STR r4, [%[r], #104]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "STR r6, [%[r], #100]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #88]\n\t"
+ "STR r5, [%[r], #96]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #84]\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "STR r6, [%[r], #88]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #76]\n\t"
+ "STR r5, [%[r], #84]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #72]\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "STR r6, [%[r], #76]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #64]\n\t"
+ "STR r5, [%[r], #72]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #60]\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "STR r6, [%[r], #64]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #52]\n\t"
+ "STR r5, [%[r], #60]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #48]\n\t"
+ "STR r4, [%[r], #56]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "STR r6, [%[r], #52]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #40]\n\t"
+ "STR r5, [%[r], #48]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #36]\n\t"
+ "STR r4, [%[r], #44]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "STR r6, [%[r], #40]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #28]\n\t"
+ "STR r5, [%[r], #36]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #24]\n\t"
+ "STR r4, [%[r], #32]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "STR r6, [%[r], #28]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #16]\n\t"
+ "STR r5, [%[r], #24]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a], #12]\n\t"
+ "STR r4, [%[r], #20]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "STR r6, [%[r], #16]\n\t"
+ "LSR r3, r4, #1\n\t"
+ "LSL r4, r4, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r5, r5, r3\n\t"
+ "LDR r6, [%[a], #4]\n\t"
+ "STR r5, [%[r], #12]\n\t"
+ "LSR r3, r6, #1\n\t"
+ "LSL r6, r6, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r4, r4, r3\n\t"
+ "LDR r5, [%[a]]\n\t"
+ "STR r4, [%[r], #8]\n\t"
+ "LSR r3, r5, #1\n\t"
+ "LSL r5, r5, %[n]\n\t"
+ "LSR r3, r3, r7\n\t"
+ "ORR r6, r6, r3\n\t"
+ "STR r5, [%[r]]\n\t"
+ "STR r6, [%[r], #4]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
:
- : [r] "r" (r), [a] "r" (a), [n] "r" (n)
- : "memory", "r2", "r3", "r4", "r5", "r6"
+ : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
);
}
@@ -39329,150 +61956,340 @@ static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_in_place_17(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #64\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x40\n\t"
+ "\n"
+ "L_sp_521_sub_in_pkace_17_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_521_sub_in_pkace_17_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_521_sub_in_pkace_17_word\n\t"
+#endif
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2}\n\t"
+ "LDM %[b]!, {r6}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "STM %[a]!, {r2}\n\t"
+ "SBC %[a], %[a], %[a]\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#else
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_in_place_17(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r3, r3, r5\n\t"
- "str r3, [%[a]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2}\n\t"
+ "LDM %[b]!, {r6}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "STM %[a]!, {r2}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #68\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_521_mul_d_17_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x44\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_521_mul_d_17_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_521_mul_d_17_word\n\t"
+#endif
+ "STR r3, [%[r], #68]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "STR r5, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)d1;
}
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -39482,49 +62299,69 @@ SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_521_word_17_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_521_word_17_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -39565,8 +62402,8 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[35];
sp_digit t2[18];
@@ -40171,339 +63008,567 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
#endif /* HAVE_ECC_SIGN */
#ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r11, #0x0\n\t"
+ "ADD r12, %[a], #0x40\n\t"
+ "\n"
+ "L_sp_521_sub_17_word:\n\t"
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC r11, r3, r3\n\t"
+ "CMP %[a], r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BNE L_sp_521_sub_17_word\n\t"
+#else
+ "BNE.N L_sp_521_sub_17_word\n\t"
+#endif
+ "RSBS r11, r11, #0x0\n\t"
+ "LDM %[a]!, {r3}\n\t"
+ "LDM %[b]!, {r7}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3}\n\t"
+ "LDM %[b]!, {r7}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
/* Divide the number by 2 mod the modulus. (r = a / 2 % m)
*
* r Result of division by 2.
* a Number to divide.
* m Modulus.
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
static void sp_521_div2_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "ldr r4, [%[a]]\n\t"
- "ands r8, r4, #1\n\t"
- "beq 1f\n\t"
- "mov r12, #0\n\t"
- "ldr r5, [%[a], #4]\n\t"
- "ldr r6, [%[a], #8]\n\t"
- "ldr r7, [%[a], #12]\n\t"
- "ldr r8, [%[m], #0]\n\t"
- "ldr r9, [%[m], #4]\n\t"
- "ldr r10, [%[m], #8]\n\t"
- "ldr r14, [%[m], #12]\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #0]\n\t"
- "str r5, [%[r], #4]\n\t"
- "str r6, [%[r], #8]\n\t"
- "str r7, [%[r], #12]\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #20]\n\t"
- "ldr r6, [%[a], #24]\n\t"
- "ldr r7, [%[a], #28]\n\t"
- "ldr r8, [%[m], #16]\n\t"
- "ldr r9, [%[m], #20]\n\t"
- "ldr r10, [%[m], #24]\n\t"
- "ldr r14, [%[m], #28]\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #16]\n\t"
- "str r5, [%[r], #20]\n\t"
- "str r6, [%[r], #24]\n\t"
- "str r7, [%[r], #28]\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "ldr r5, [%[a], #36]\n\t"
- "ldr r6, [%[a], #40]\n\t"
- "ldr r7, [%[a], #44]\n\t"
- "ldr r8, [%[m], #32]\n\t"
- "ldr r9, [%[m], #36]\n\t"
- "ldr r10, [%[m], #40]\n\t"
- "ldr r14, [%[m], #44]\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #32]\n\t"
- "str r5, [%[r], #36]\n\t"
- "str r6, [%[r], #40]\n\t"
- "str r7, [%[r], #44]\n\t"
- "ldr r4, [%[a], #48]\n\t"
- "ldr r5, [%[a], #52]\n\t"
- "ldr r6, [%[a], #56]\n\t"
- "ldr r7, [%[a], #60]\n\t"
- "ldr r8, [%[m], #48]\n\t"
- "ldr r9, [%[m], #52]\n\t"
- "ldr r10, [%[m], #56]\n\t"
- "ldr r14, [%[m], #60]\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "str r4, [%[r], #48]\n\t"
- "str r5, [%[r], #52]\n\t"
- "str r6, [%[r], #56]\n\t"
- "str r7, [%[r], #60]\n\t"
- "ldr r4, [%[a], #64]\n\t"
- "ldr r8, [%[m], #64]\n\t"
- "adcs r4, r4, r8\n\t"
- "str r4, [%[r], #64]\n\t"
- "adc r8, r12, r12\n\t"
- "b 2f\n\t"
- "\n1:\n\t"
- "ldr r5, [%[a], #2]\n\t"
- "str r4, [%[r], #0]\n\t"
- "str r5, [%[r], #2]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[a], #6]\n\t"
- "str r4, [%[r], #4]\n\t"
- "str r5, [%[r], #6]\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "ldr r5, [%[a], #10]\n\t"
- "str r4, [%[r], #8]\n\t"
- "str r5, [%[r], #10]\n\t"
- "ldr r4, [%[a], #12]\n\t"
- "ldr r5, [%[a], #14]\n\t"
- "str r4, [%[r], #12]\n\t"
- "str r5, [%[r], #14]\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "ldr r5, [%[a], #18]\n\t"
- "str r4, [%[r], #16]\n\t"
- "str r5, [%[r], #18]\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "ldr r5, [%[a], #22]\n\t"
- "str r4, [%[r], #20]\n\t"
- "str r5, [%[r], #22]\n\t"
- "ldr r4, [%[a], #24]\n\t"
- "ldr r5, [%[a], #26]\n\t"
- "str r4, [%[r], #24]\n\t"
- "str r5, [%[r], #26]\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "ldr r5, [%[a], #30]\n\t"
- "str r4, [%[r], #28]\n\t"
- "str r5, [%[r], #30]\n\t"
- "\n2:\n\t"
- "ldr r3, [%[r]]\n\t"
- "ldr r4, [%[r], #4]\n\t"
- "lsr r3, r3, #1\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #8]\n\t"
- "str r3, [%[r], #0]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #12]\n\t"
- "str r4, [%[r], #4]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #16]\n\t"
- "str r5, [%[r], #8]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #20]\n\t"
- "str r3, [%[r], #12]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #24]\n\t"
- "str r4, [%[r], #16]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #28]\n\t"
- "str r5, [%[r], #20]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #32]\n\t"
- "str r3, [%[r], #24]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #36]\n\t"
- "str r4, [%[r], #28]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #40]\n\t"
- "str r5, [%[r], #32]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #44]\n\t"
- "str r3, [%[r], #36]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #48]\n\t"
- "str r4, [%[r], #40]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #52]\n\t"
- "str r5, [%[r], #44]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r5, [%[a], #56]\n\t"
- "str r3, [%[r], #48]\n\t"
- "orr r4, r4, r5, lsl #31\n\t"
- "lsr r5, r5, #1\n\t"
- "ldr r3, [%[a], #60]\n\t"
- "str r4, [%[r], #52]\n\t"
- "orr r5, r5, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #64]\n\t"
- "str r5, [%[r], #56]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "orr r4, r4, r8, lsl #31\n\t"
- "str r3, [%[r], #60]\n\t"
- "str r4, [%[r], #64]\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "ANDS r3, r4, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_div2_mod_17_even\n\t"
+#else
+ "BEQ.N L_sp_521_div2_mod_17_even\n\t"
+#endif
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "LDM %[m]!, {r8}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "ADC r3, r12, r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_div2_mod_17_div2\n\t"
+#else
+ "B.N L_sp_521_div2_mod_17_div2\n\t"
+#endif
+ "\n"
+ "L_sp_521_div2_mod_17_even:\n\t"
+ "LDM %[a]!, {r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4}\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "\n"
+ "L_sp_521_div2_mod_17_div2:\n\t"
+ "SUB %[r], %[r], #0x44\n\t"
+ "LDRD r8, r9, [%[r]]\n\t"
+ "LSR r8, r8, #1\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #8]\n\t"
+ "STR r8, [%[r]]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #12]\n\t"
+ "STR r9, [%[r], #4]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #16]\n\t"
+ "STR r10, [%[r], #8]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #20]\n\t"
+ "STR r8, [%[r], #12]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #24]\n\t"
+ "STR r9, [%[r], #16]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #28]\n\t"
+ "STR r10, [%[r], #20]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #32]\n\t"
+ "STR r8, [%[r], #24]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #36]\n\t"
+ "STR r9, [%[r], #28]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #40]\n\t"
+ "STR r10, [%[r], #32]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #44]\n\t"
+ "STR r8, [%[r], #36]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #48]\n\t"
+ "STR r9, [%[r], #40]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #52]\n\t"
+ "STR r10, [%[r], #44]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "LDR r10, [%[r], #56]\n\t"
+ "STR r8, [%[r], #48]\n\t"
+ "ORR r9, r9, r10, lsl #31\n\t"
+ "LSR r10, r10, #1\n\t"
+ "LDR r8, [%[r], #60]\n\t"
+ "STR r9, [%[r], #52]\n\t"
+ "ORR r10, r10, r8, lsl #31\n\t"
+ "LSR r8, r8, #1\n\t"
+ "LDR r9, [%[r], #64]\n\t"
+ "STR r10, [%[r], #56]\n\t"
+ "ORR r8, r8, r9, lsl #31\n\t"
+ "LSR r9, r9, #1\n\t"
+ "ORR r9, r9, r3, lsl #31\n\t"
+ "STR r8, [%[r], #60]\n\t"
+ "STR r9, [%[r], #64]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : [r] "r" (r), [a] "r" (a), [m] "r" (m)
- : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
}
-static int sp_521_num_bits_17(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_521_num_bits_17(const sp_digit* a_p)
+#else
+static int sp_521_num_bits_17(const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- int r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldr r2, [%[a], #64]\n\t"
- "cmp r2, #0\n\t"
- "beq 16f\n\t"
- "mov r3, #544\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n16:\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "cmp r2, #0\n\t"
- "beq 15f\n\t"
- "mov r3, #512\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n15:\n\t"
- "ldr r2, [%[a], #56]\n\t"
- "cmp r2, #0\n\t"
- "beq 14f\n\t"
- "mov r3, #480\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n14:\n\t"
- "ldr r2, [%[a], #52]\n\t"
- "cmp r2, #0\n\t"
- "beq 13f\n\t"
- "mov r3, #448\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n13:\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "cmp r2, #0\n\t"
- "beq 12f\n\t"
- "mov r3, #416\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n12:\n\t"
- "ldr r2, [%[a], #44]\n\t"
- "cmp r2, #0\n\t"
- "beq 11f\n\t"
- "mov r3, #384\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n11:\n\t"
- "ldr r2, [%[a], #40]\n\t"
- "cmp r2, #0\n\t"
- "beq 10f\n\t"
- "mov r3, #352\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n10:\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "cmp r2, #0\n\t"
- "beq 9f\n\t"
- "mov r3, #320\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n9:\n\t"
- "ldr r2, [%[a], #32]\n\t"
- "cmp r2, #0\n\t"
- "beq 8f\n\t"
- "mov r3, #288\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n8:\n\t"
- "ldr r2, [%[a], #28]\n\t"
- "cmp r2, #0\n\t"
- "beq 7f\n\t"
- "mov r3, #256\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n7:\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "cmp r2, #0\n\t"
- "beq 6f\n\t"
- "mov r3, #224\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n6:\n\t"
- "ldr r2, [%[a], #20]\n\t"
- "cmp r2, #0\n\t"
- "beq 5f\n\t"
- "mov r3, #192\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n5:\n\t"
- "ldr r2, [%[a], #16]\n\t"
- "cmp r2, #0\n\t"
- "beq 4f\n\t"
- "mov r3, #160\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n4:\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "cmp r2, #0\n\t"
- "beq 3f\n\t"
- "mov r3, #128\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n3:\n\t"
- "ldr r2, [%[a], #8]\n\t"
- "cmp r2, #0\n\t"
- "beq 2f\n\t"
- "mov r3, #96\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n2:\n\t"
- "ldr r2, [%[a], #4]\n\t"
- "cmp r2, #0\n\t"
- "beq 1f\n\t"
- "mov r3, #64\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "b 18f\n\t"
- "\n1:\n\t"
- "ldr r2, [%[a], #0]\n\t"
- "mov r3, #32\n\t"
- "clz %[r], r2\n\t"
- "sub %[r], r3, %[r]\n\t"
- "\n18:\n\t"
- : [r] "+r" (r)
- : [a] "r" (a)
- : "r2", "r3"
+ "LDR r1, [%[a], #64]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_16\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_16\n\t"
+#endif
+ "MOV r2, #0x220\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_16:\n\t"
+ "LDR r1, [%[a], #60]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_15\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_15\n\t"
+#endif
+ "MOV r2, #0x200\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_15:\n\t"
+ "LDR r1, [%[a], #56]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_14\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_14\n\t"
+#endif
+ "MOV r2, #0x1e0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_14:\n\t"
+ "LDR r1, [%[a], #52]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_13\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_13\n\t"
+#endif
+ "MOV r2, #0x1c0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_13:\n\t"
+ "LDR r1, [%[a], #48]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_12\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_12\n\t"
+#endif
+ "MOV r2, #0x1a0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_12:\n\t"
+ "LDR r1, [%[a], #44]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_11\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_11\n\t"
+#endif
+ "MOV r2, #0x180\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_11:\n\t"
+ "LDR r1, [%[a], #40]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_10\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_10\n\t"
+#endif
+ "MOV r2, #0x160\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_10:\n\t"
+ "LDR r1, [%[a], #36]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_9\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_9\n\t"
+#endif
+ "MOV r2, #0x140\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_9:\n\t"
+ "LDR r1, [%[a], #32]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_8\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_8\n\t"
+#endif
+ "MOV r2, #0x120\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_8:\n\t"
+ "LDR r1, [%[a], #28]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_7\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_7\n\t"
+#endif
+ "MOV r2, #0x100\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_7:\n\t"
+ "LDR r1, [%[a], #24]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_6\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_6\n\t"
+#endif
+ "MOV r2, #0xe0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_6:\n\t"
+ "LDR r1, [%[a], #20]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_5\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_5\n\t"
+#endif
+ "MOV r2, #0xc0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_5:\n\t"
+ "LDR r1, [%[a], #16]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_4\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_4\n\t"
+#endif
+ "MOV r2, #0xa0\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_4:\n\t"
+ "LDR r1, [%[a], #12]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_3\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_3\n\t"
+#endif
+ "MOV r2, #0x80\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_3:\n\t"
+ "LDR r1, [%[a], #8]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_2\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_2\n\t"
+#endif
+ "MOV r2, #0x60\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_2:\n\t"
+ "LDR r1, [%[a], #4]\n\t"
+ "CMP r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BEQ L_sp_521_num_bits_17_1\n\t"
+#else
+ "BEQ.N L_sp_521_num_bits_17_1\n\t"
+#endif
+ "MOV r2, #0x40\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "B L_sp_521_num_bits_17_18\n\t"
+#else
+ "B.N L_sp_521_num_bits_17_18\n\t"
+#endif
+ "\n"
+ "L_sp_521_num_bits_17_1:\n\t"
+ "LDR r1, [%[a]]\n\t"
+ "MOV r2, #0x20\n\t"
+ "CLZ r4, r1\n\t"
+ "SUB r4, r2, r4\n\t"
+ "\n"
+ "L_sp_521_num_bits_17_18:\n\t"
+ "MOV %[a], r4\n\t"
+ : [a] "+r" (a)
+ :
+ : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Non-constant time modular inversion.
@@ -40549,7 +63614,7 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_521_cmp_17(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
sp_521_sub_17(u, u, v);
o = sp_521_sub_17(b, b, d);
if (o != 0)
@@ -40635,7 +63700,7 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -40966,7 +64031,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -40994,19 +64059,21 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 17;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_17(t1, point->y);
(void)sp_521_mod_17(t1, t1, p521_mod);
sp_521_sqr_17(t2, point->x);
(void)sp_521_mod_17(t2, t2, p521_mod);
sp_521_mul_17(t2, t2, point->x);
(void)sp_521_mod_17(t2, t2, p521_mod);
- (void)sp_521_sub_17(t2, p521_mod, t2);
- sp_521_mont_add_17(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_17(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
sp_521_mont_add_17(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_17(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -41020,7 +64087,7 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -41525,83 +64592,1807 @@ typedef struct sp_point_1024 {
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[16 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #64\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #60\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
-#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #120\n\t"
- "cmp r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "SUB sp, sp, #0x40\n\t"
+ /* A[0] * B[0] */
+ "LDR r11, [%[a]]\n\t"
+ "LDR r12, [%[b]]\n\t"
+ "UMULL r3, r4, r11, r12\n\t"
+ "MOV r5, #0x0\n\t"
+ "STR r3, [sp]\n\t"
+ /* A[0] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[0] */
+ "LDR r8, [%[a], #4]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #4]\n\t"
+ /* A[2] * B[0] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[1] */
+ "LDR r11, [%[a], #4]\n\t"
+ "LDR r12, [%[b], #4]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[2] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #8]\n\t"
+ /* A[0] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[2] */
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[1] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[0] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #12]\n\t"
+ /* A[4] * B[0] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[1] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[2] */
+ "LDR r11, [%[a], #8]\n\t"
+ "LDR r12, [%[b], #8]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[3] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[4] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #16]\n\t"
+ /* A[0] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[4] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[2] */
+ "LDR r8, [%[a], #12]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[1] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[0] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #20]\n\t"
+ /* A[6] * B[0] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[1] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[2] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[3] */
+ "LDR r11, [%[a], #12]\n\t"
+ "LDR r12, [%[b], #12]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[4] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[5] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[0] * B[6] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #24]\n\t"
+ /* A[0] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[6] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[5] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[4] */
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[3] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[2] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[1] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[0] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #28]\n\t"
+ /* A[8] * B[0] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[1] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[2] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[3] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[4] */
+ "LDR r11, [%[a], #16]\n\t"
+ "LDR r12, [%[b], #16]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[5] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[6] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[7] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[8] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #32]\n\t"
+ /* A[0] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[8] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[7] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[6] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[4] */
+ "LDR r8, [%[a], #20]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[3] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[2] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[1] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[0] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #36]\n\t"
+ /* A[10] * B[0] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[1] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[2] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[3] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[4] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[5] */
+ "LDR r11, [%[a], #20]\n\t"
+ "LDR r12, [%[b], #20]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[6] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[7] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[8] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[9] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[0] * B[10] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #40]\n\t"
+ /* A[0] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[10] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[9] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[8] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[7] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[6] */
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[5] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[4] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[3] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[2] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[1] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[0] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #44]\n\t"
+ /* A[12] * B[0] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[1] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[2] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[3] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[4] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[5] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[6] */
+ "LDR r11, [%[a], #24]\n\t"
+ "LDR r12, [%[b], #24]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[7] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[8] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[9] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[10] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[11] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[0] * B[12] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #48]\n\t"
+ /* A[0] * B[13] */
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[12] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[11] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[10] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[9] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[8] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[6] */
+ "LDR r8, [%[a], #28]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[5] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[4] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[3] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[2] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[1] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[0] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #52]\n\t"
+ /* A[14] * B[0] */
+ "LDR r8, [%[a], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[1] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[2] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[3] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[4] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[5] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[6] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[7] */
+ "LDR r11, [%[a], #28]\n\t"
+ "LDR r12, [%[b], #28]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[8] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[9] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[10] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[11] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[2] * B[12] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * B[13] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[0] * B[14] */
+ "LDR r8, [%[a]]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [sp, #56]\n\t"
+ /* A[0] * B[15] */
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[1] * B[14] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[2] * B[13] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[12] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[11] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[10] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[9] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[8] */
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[7] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[6] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[5] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[4] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[3] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[2] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[1] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[0] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b]]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [sp, #60]\n\t"
+ /* A[15] * B[1] */
+ "LDR r9, [%[b], #4]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[2] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[3] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[4] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[5] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[6] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[7] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[8] */
+ "LDR r11, [%[a], #32]\n\t"
+ "LDR r12, [%[b], #32]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[9] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[10] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[11] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[4] * B[12] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[3] * B[13] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[2] * B[14] */
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * B[15] */
+ "LDR r8, [%[a], #4]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #64]\n\t"
+ /* A[2] * B[15] */
+ "LDR r8, [%[a], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[3] * B[14] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[4] * B[13] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[12] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[11] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[10] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[8] */
+ "LDR r8, [%[a], #36]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[7] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[6] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[5] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[4] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[3] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[2] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #8]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #68]\n\t"
+ /* A[15] * B[3] */
+ "LDR r9, [%[b], #12]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[4] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[5] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[6] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[7] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[8] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[9] */
+ "LDR r11, [%[a], #36]\n\t"
+ "LDR r12, [%[b], #36]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[10] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[11] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[6] * B[12] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[5] * B[13] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[4] * B[14] */
+ "LDR r8, [%[a], #16]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[3] * B[15] */
+ "LDR r8, [%[a], #12]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #72]\n\t"
+ /* A[4] * B[15] */
+ "LDR r8, [%[a], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[5] * B[14] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[6] * B[13] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[12] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[11] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[10] */
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[9] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[8] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[7] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[6] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[5] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[4] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #16]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #76]\n\t"
+ /* A[15] * B[5] */
+ "LDR r9, [%[b], #20]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[6] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[7] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[8] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[9] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[10] */
+ "LDR r11, [%[a], #40]\n\t"
+ "LDR r12, [%[b], #40]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[11] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[8] * B[12] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[7] * B[13] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[6] * B[14] */
+ "LDR r8, [%[a], #24]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[5] * B[15] */
+ "LDR r8, [%[a], #20]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #80]\n\t"
+ /* A[6] * B[15] */
+ "LDR r8, [%[a], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[7] * B[14] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[8] * B[13] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[12] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[10] */
+ "LDR r8, [%[a], #44]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[9] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[8] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[7] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[6] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #24]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #84]\n\t"
+ /* A[15] * B[7] */
+ "LDR r9, [%[b], #28]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[8] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[9] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[10] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[11] */
+ "LDR r11, [%[a], #44]\n\t"
+ "LDR r12, [%[b], #44]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[10] * B[12] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[9] * B[13] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[8] * B[14] */
+ "LDR r8, [%[a], #32]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[7] * B[15] */
+ "LDR r8, [%[a], #28]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #88]\n\t"
+ /* A[8] * B[15] */
+ "LDR r8, [%[a], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[9] * B[14] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[10] * B[13] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[12] */
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[11] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[10] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[9] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[8] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #32]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #92]\n\t"
+ /* A[15] * B[9] */
+ "LDR r9, [%[b], #36]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[10] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[11] */
+ "LDR r8, [%[a], #52]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[12] * B[12] */
+ "LDR r11, [%[a], #48]\n\t"
+ "LDR r12, [%[b], #48]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[11] * B[13] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[10] * B[14] */
+ "LDR r8, [%[a], #40]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[9] * B[15] */
+ "LDR r8, [%[a], #36]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #96]\n\t"
+ /* A[10] * B[15] */
+ "LDR r8, [%[a], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[11] * B[14] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * B[13] */
+ "LDR r9, [%[b], #52]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[12] */
+ "LDR r8, [%[a], #52]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[11] */
+ "LDR r8, [%[a], #56]\n\t"
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[15] * B[10] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #40]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #100]\n\t"
+ /* A[15] * B[11] */
+ "LDR r9, [%[b], #44]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[14] * B[12] */
+ "LDR r8, [%[a], #56]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * B[13] */
+ "LDR r11, [%[a], #52]\n\t"
+ "LDR r12, [%[b], #52]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[12] * B[14] */
+ "LDR r8, [%[a], #48]\n\t"
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[11] * B[15] */
+ "LDR r8, [%[a], #44]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #104]\n\t"
+ /* A[12] * B[15] */
+ "LDR r8, [%[a], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[13] * B[14] */
+ "LDR r9, [%[b], #56]\n\t"
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[14] * B[13] */
+ "LDR r8, [%[a], #56]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ /* A[15] * B[12] */
+ "LDR r8, [%[a], #60]\n\t"
+ "LDR r9, [%[b], #48]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], #108]\n\t"
+ /* A[15] * B[13] */
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[14] * B[14] */
+ "LDR r11, [%[a], #56]\n\t"
+ "LDR r12, [%[b], #56]\n\t"
+ "UMULL r6, r7, r11, r12\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * B[15] */
+ "LDR r8, [%[a], #52]\n\t"
+ "LDR r9, [%[b], #60]\n\t"
+ "UMULL r6, r7, r8, r9\n\t"
+ "ADDS r4, r4, r6\n\t"
+ "ADCS r5, r5, r7\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #112]\n\t"
+ /* A[14] * B[15] */
+ "UMULL r6, r7, r11, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[15] * B[14] */
+ "LDR r8, [%[a], #60]\n\t"
+ "UMULL r6, r7, r8, r12\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r5, [%[r], #116]\n\t"
+ /* A[15] * B[15] */
+ "UMLAL r3, r4, r8, r9\n\t"
+ "STR r3, [%[r], #120]\n\t"
+ "STR r4, [%[r], #124]\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM sp!, {r3, r4, r5, r6}\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -41609,122 +66400,1150 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #128\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #60\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #64\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
-#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
-#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #120\n\t"
- "cmp r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #124\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
-#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #128\n\t"
- "add sp, sp, r6\n\t"
+ "SUB sp, sp, #0x40\n\t"
+ /* A[0] * A[0] */
+ "LDR r10, [%[a]]\n\t"
+ "UMULL r8, r3, r10, r10\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r8, [sp]\n\t"
+ /* A[0] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #4]\n\t"
+ /* A[0] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[1] * A[1] */
+ "LDR r10, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [sp, #8]\n\t"
+ /* A[0] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[1] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [sp, #12]\n\t"
+ /* A[0] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[1] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[2] * A[2] */
+ "LDR r10, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [sp, #16]\n\t"
+ /* A[0] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #20]\n\t"
+ /* A[0] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[3] */
+ "LDR r10, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #24]\n\t"
+ /* A[0] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #28]\n\t"
+ /* A[0] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[4] */
+ "LDR r10, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #32]\n\t"
+ /* A[0] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #36]\n\t"
+ /* A[0] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[5] */
+ "LDR r10, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #40]\n\t"
+ /* A[0] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #44]\n\t"
+ /* A[0] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[6] */
+ "LDR r10, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #48]\n\t"
+ /* A[0] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [sp, #52]\n\t"
+ /* A[0] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[7] */
+ "LDR r10, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [sp, #56]\n\t"
+ /* A[0] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a]]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[1] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[2] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [sp, #60]\n\t"
+ /* A[1] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #4]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[2] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[3] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[8] */
+ "LDR r10, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #64]\n\t"
+ /* A[2] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #8]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[3] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[4] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ /* A[3] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[4] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[5] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[9] */
+ "LDR r10, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #72]\n\t"
+ /* A[4] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[5] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[6] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #76]\n\t"
+ /* A[5] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[6] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[7] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[10] */
+ "LDR r10, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ /* A[6] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[7] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[8] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #84]\n\t"
+ /* A[7] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[8] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[9] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[11] */
+ "LDR r10, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #88]\n\t"
+ /* A[8] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r3, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[9] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[10] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r4, r4, r5\n\t"
+ "ADCS r2, r2, r6\n\t"
+ "ADC r3, r3, r7\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ /* A[9] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[10] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[11] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[12] * A[12] */
+ "LDR r10, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r5\n\t"
+ "ADCS r3, r3, r6\n\t"
+ "ADC r4, r4, r7\n\t"
+ "STR r2, [%[r], #96]\n\t"
+ /* A[10] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "UMULL r5, r6, r10, r12\n\t"
+ "MOV r2, #0x0\n\t"
+ "MOV r7, #0x0\n\t"
+ /* A[11] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* A[12] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r5, r5, r8\n\t"
+ "ADCS r6, r6, r9\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ "ADDS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADC r7, r7, r7\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADCS r4, r4, r6\n\t"
+ "ADC r2, r2, r7\n\t"
+ "STR r3, [%[r], #100]\n\t"
+ /* A[11] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[12] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* A[13] * A[13] */
+ "LDR r10, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #104]\n\t"
+ /* A[12] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ /* A[13] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "ADDS r2, r2, r8\n\t"
+ "ADCS r3, r3, r9\n\t"
+ "ADC r4, r4, #0x0\n\t"
+ "STR r2, [%[r], #108]\n\t"
+ /* A[13] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "MOV r2, #0x0\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ /* A[14] * A[14] */
+ "LDR r10, [%[a], #56]\n\t"
+ "UMULL r8, r9, r10, r10\n\t"
+ "ADDS r3, r3, r8\n\t"
+ "ADCS r4, r4, r9\n\t"
+ "ADC r2, r2, #0x0\n\t"
+ "STR r3, [%[r], #112]\n\t"
+ /* A[14] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "UMULL r8, r9, r10, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r2, r2, r9\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ "STR r4, [%[r], #116]\n\t"
+ /* A[15] * A[15] */
+ "LDR r10, [%[a], #60]\n\t"
+ "UMLAL r2, r3, r10, r10\n\t"
+ "STR r2, [%[r], #120]\n\t"
+ "STR r3, [%[r], #124]\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ "LDM sp!, {r2, r3, r4, r8}\n\t"
+ "STM %[r]!, {r2, r3, r4, r8}\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
);
}
@@ -41734,161 +67553,135 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
*
- * r A single precision integer.
- * a A single precision integer.
+ * a A single precision integer and result.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "subs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "ldm %[a], {r3, r4}\n\t"
- "ldm %[b]!, {r5, r6}\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "stm %[a]!, {r3, r4}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SUBS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC %[a], r9, r9\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
/* Add b to a into r. (r = a + b)
@@ -41897,100 +67690,82 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adds r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "adcs r4, r4, r6\n\t"
- "adcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADDS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "ADCS r3, r3, r7\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "MOV %[r], #0x0\n\t"
+ "ADC %[r], %[r], #0x0\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* AND m into each word of a and store in r.
@@ -42068,59 +67843,53 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SUBS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[a]!, {r3, r4, r5, r6}\n\t"
+ "LDM %[b]!, {r7, r8, r9, r10}\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "STM %[r]!, {r3, r4, r5, r6}\n\t"
+ "SBC %[r], r6, r6\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
/* Square a and put result in r. (r = a * a)
@@ -42166,83 +67935,99 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit tmp_arr[32 * 2];
- sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r10, %[a]\n\t"
- "mov r11, %[b]\n\t"
- "mov r6, #128\n\t"
- "add r6, r6, r10\n\t"
- "mov r14, r6\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r5, #0\n\t"
- "mov r6, #124\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov %[b], r9\n\t"
- "sub %[b], %[b], %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add %[b], %[b], r11\n\t"
- "\n2:\n\t"
- /* Multiply Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [%[b]]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply Done */
- "add %[a], %[a], #4\n\t"
- "sub %[b], %[b], #4\n\t"
- "cmp %[a], r14\n\t"
+ "SUB sp, sp, #0x100\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "LDR r11, [%[b]]\n\t"
+ "UMULL r8, r6, lr, r11\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_1024_mul_32_outer:\n\t"
+ "SUBS r3, r5, #0x7c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_1024_mul_32_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "LDR lr, [%[a], r4]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_1024_mul_32_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, r9\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
+ "BGT.N L_sp_1024_mul_32_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r12\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT L_sp_1024_mul_32_inner\n\t"
+#else
+ "BLT.N L_sp_1024_mul_32_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[b], r3]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_1024_mul_32_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0xf4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
+ "BLE L_sp_1024_mul_32_outer\n\t"
#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r], r8]\n\t"
- "mov %[a], r10\n\t"
- "mov %[b], r11\n\t"
+ "BLE.N L_sp_1024_mul_32_outer\n\t"
+#endif
+ "LDR lr, [%[a], #124]\n\t"
+ "LDR r11, [%[b], #124]\n\t"
+ "UMLAL r6, r7, lr, r11\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_1024_mul_32_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+ "BGT L_sp_1024_mul_32_store\n\t"
+#else
+ "BGT.N L_sp_1024_mul_32_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
-
- XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
}
/* Square a and put result in r. (r = a * a)
@@ -42250,124 +68035,91 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
* r A single precision integer.
* a A single precision integer.
*/
-SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mov r4, #0\n\t"
- "mov r5, #0\n\t"
- "mov r9, r3\n\t"
- "mov r12, %[r]\n\t"
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "neg r6, r6\n\t"
- "add sp, sp, r6\n\t"
- "mov r11, sp\n\t"
- "mov r10, %[a]\n\t"
- "\n1:\n\t"
- "mov %[r], #0\n\t"
- "mov r6, #124\n\t"
- "mov %[a], r9\n\t"
- "subs %[a], %[a], r6\n\t"
- "sbc r6, r6, r6\n\t"
- "mvn r6, r6\n\t"
- "and %[a], %[a], r6\n\t"
- "mov r2, r9\n\t"
- "sub r2, r2, %[a]\n\t"
- "add %[a], %[a], r10\n\t"
- "add r2, r2, r10\n\t"
- "\n2:\n\t"
- "cmp r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 4f\n\t"
-#else
- "beq.n 4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- /* Multiply * 2: Start */
- "ldr r6, [%[a]]\n\t"
- "ldr r8, [r2]\n\t"
- "umull r6, r8, r6, r8\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Multiply * 2: Done */
+ "SUB sp, sp, #0x100\n\t"
+ "LDR lr, [%[a]]\n\t"
+ "UMULL r8, r6, lr, lr\n\t"
+ "STR r8, [sp]\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r5, #0x4\n\t"
+ "\n"
+ "L_sp_1024_sqr_32_outer:\n\t"
+ "SUBS r3, r5, #0x7c\n\t"
+ "IT cc\n\t"
+ "MOVCC r3, #0x0\n\t"
+ "SUB r4, r5, r3\n\t"
+ "\n"
+ "L_sp_1024_sqr_32_inner:\n\t"
+ "LDR lr, [%[a], r3]\n\t"
+ "LDR r11, [%[a], r4]\n\t"
+ "UMULL r9, r10, lr, r11\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "ADD r3, r3, #0x4\n\t"
+ "SUB r4, r4, #0x4\n\t"
+ "CMP r3, r4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bal 5f\n\t"
-#else
- "bal.n 5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n4:\n\t"
- /* Square: Start */
- "ldr r6, [%[a]]\n\t"
- "umull r6, r8, r6, r6\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, %[r]\n\t"
- /* Square: Done */
- "\n5:\n\t"
- "add %[a], %[a], #4\n\t"
- "sub r2, r2, #4\n\t"
- "mov r6, #128\n\t"
- "add r6, r6, r10\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "beq 3f\n\t"
+ "BGT L_sp_1024_sqr_32_inner_done\n\t"
#else
- "beq.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "cmp %[a], r2\n\t"
+ "BGT.N L_sp_1024_sqr_32_inner_done\n\t"
+#endif
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bgt 3f\n\t"
+ "BLT L_sp_1024_sqr_32_inner\n\t"
#else
- "bgt.n 3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r8, r9\n\t"
- "add r8, r8, r10\n\t"
- "cmp %[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 2b\n\t"
-#else
- "ble.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "\n3:\n\t"
- "mov %[r], r11\n\t"
- "mov r8, r9\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "mov r5, #0\n\t"
- "add r8, r8, #4\n\t"
- "mov r9, r8\n\t"
- "mov r6, #248\n\t"
- "cmp r8, r6\n\t"
+ "BLT.N L_sp_1024_sqr_32_inner\n\t"
+#endif
+ "LDR lr, [%[a], r3]\n\t"
+ "UMULL r9, r10, lr, lr\n\t"
+ "ADDS r6, r6, r9\n\t"
+ "ADCS r7, r7, r10\n\t"
+ "ADC r8, r8, #0x0\n\t"
+ "\n"
+ "L_sp_1024_sqr_32_inner_done:\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "MOV r6, r7\n\t"
+ "MOV r7, r8\n\t"
+ "MOV r8, #0x0\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0xf4\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "ble 1b\n\t"
-#else
- "ble.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov %[a], r10\n\t"
- "str r3, [%[r], r8]\n\t"
- "mov %[r], r12\n\t"
- "mov %[a], r11\n\t"
- "mov r3, #252\n\t"
- "\n4:\n\t"
- "ldr r6, [%[a], r3]\n\t"
- "str r6, [%[r], r3]\n\t"
- "subs r3, r3, #4\n\t"
+ "BLE L_sp_1024_sqr_32_outer\n\t"
+#else
+ "BLE.N L_sp_1024_sqr_32_outer\n\t"
+#endif
+ "LDR lr, [%[a], #124]\n\t"
+ "UMLAL r6, r7, lr, lr\n\t"
+ "STR r6, [sp, r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "STR r7, [sp, r5]\n\t"
+ "\n"
+ "L_sp_1024_sqr_32_store:\n\t"
+ "LDM sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "STM %[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+ "SUBS r5, r5, #0x20\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 4b\n\t"
+ "BGT L_sp_1024_sqr_32_store\n\t"
#else
- "bge.n 4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "mov r6, #1\n\t"
- "lsl r6, r6, #8\n\t"
- "add sp, sp, r6\n\t"
+ "BGT.N L_sp_1024_sqr_32_store\n\t"
+#endif
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
);
}
@@ -42463,42 +68215,47 @@ static const sp_point_1024 p1024_base = {
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r8, %[a]\n\t"
- "add r8, r8, #128\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r3, [%[a]]\n\t"
- "ldr r4, [%[a], #4]\n\t"
- "ldr r5, [%[b]]\n\t"
- "ldr r6, [%[b], #4]\n\t"
- "sbcs r3, r3, r5\n\t"
- "sbcs r4, r4, r6\n\t"
- "str r3, [%[a]]\n\t"
- "str r4, [%[a], #4]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #8\n\t"
- "add %[b], %[b], #8\n\t"
- "cmp %[a], r8\n\t"
+ "MOV r10, #0x0\n\t"
+ "ADD r11, %[a], #0x80\n\t"
+ "\n"
+ "L_sp_1024_sub_in_pkace_32_word:\n\t"
+ "RSBS r10, r10, #0x0\n\t"
+ "LDM %[a], {r2, r3, r4, r5}\n\t"
+ "LDM %[b]!, {r6, r7, r8, r9}\n\t"
+ "SBCS r2, r2, r6\n\t"
+ "SBCS r3, r3, r7\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "STM %[a]!, {r2, r3, r4, r5}\n\t"
+ "SBC r10, r10, r10\n\t"
+ "CMP %[a], r11\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_1024_sub_in_pkace_32_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_1024_sub_in_pkace_32_word\n\t"
+#endif
+ "MOV %[a], r10\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r3", "r4", "r5", "r6", "r8"
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)a;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally subtract b from a using the mask m.
* m is -1 to subtract and 0 when not copying.
*
@@ -42507,39 +68264,192 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
* b A single precision number to subtract.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #128\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "sbcs r5, r5, r6\n\t"
- "sbcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "\n"
+ "L_sp_1024_cond_sub_32_words:\n\t"
+ "SUBS r4, r8, r4\n\t"
+ "LDR r6, [%[a], r5]\n\t"
+ "LDR r7, [%[b], r5]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "SBCS r6, r6, r7\n\t"
+ "SBC r4, r8, r8\n\t"
+ "STR r6, [%[r], r5]\n\t"
+ "ADD r5, r5, #0x4\n\t"
+ "CMP r5, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_1024_cond_sub_32_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_1024_cond_sub_32_words\n\t"
+#endif
+ "MOV %[r], r4\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
- return c;
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r A single precision number representing condition subtract result.
+ * a A single precision number to subtract from.
+ * b A single precision number to subtract.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r5, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SUBS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "SBCS r6, r6, r8\n\t"
+ "SBCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "SBC %[r], r5, r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
#ifdef WOLFSSL_SP_SMALL
/* Add b to a into r. (r = a + b)
*
@@ -42547,84 +68457,354 @@ SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
* a A single precision integer.
* b A single precision integer.
*/
-SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "mov r8, #0\n\t"
- "add r6, r6, #128\n\t"
- "sub r8, r8, #1\n\t"
- "\n1:\n\t"
- "adds %[c], %[c], r8\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "adcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "mov %[c], #0\n\t"
- "adc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADD r12, %[a], #0x80\n\t"
+ "\n"
+ "L_sp_1024_add_32_word:\n\t"
+ "ADDS r3, r3, #0xffffffff\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "MOV r4, #0x0\n\t"
+ "ADC r3, r4, #0x0\n\t"
+ "CMP %[a], r12\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
+ "BNE L_sp_1024_add_32_word\n\t"
#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ "BNE.N L_sp_1024_add_32_word\n\t"
+#endif
+ "MOV %[r], r3\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
:
- : "memory", "r4", "r5", "r6", "r8"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
);
-
- return c;
+ return (uint32_t)(size_t)r;
}
#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
/* Mul a by digit b into r. (r = a * b)
*
* r A single precision integer.
* a A single precision integer.
* b A single precision digit.
*/
-SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
- sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "add r9, %[a], #128\n\t"
/* A[0] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r5, r3, r6, %[b]\n\t"
- "mov r4, #0\n\t"
- "str r5, [%[r]], #4\n\t"
- /* A[0] * B - Done */
- "\n1:\n\t"
- "mov r5, #0\n\t"
- /* A[] * B */
- "ldr r6, [%[a]], #4\n\t"
- "umull r6, r8, r6, %[b]\n\t"
- "adds r3, r3, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc r5, r5, #0\n\t"
- /* A[] * B - Done */
- "str r3, [%[r]], #4\n\t"
- "mov r3, r4\n\t"
- "mov r4, r5\n\t"
- "cmp %[a], r9\n\t"
+ "LDR r8, [%[a]]\n\t"
+ "UMULL r5, r3, %[b], r8\n\t"
+ "MOV r4, #0x0\n\t"
+ "STR r5, [%[r]]\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r9, #0x4\n\t"
+ "\n"
+ "L_sp_1024_mul_d_32_word:\n\t"
+ /* A[i] * B */
+ "LDR r8, [%[a], r9]\n\t"
+ "UMULL r6, r7, %[b], r8\n\t"
+ "ADDS r3, r3, r6\n\t"
+ "ADCS r4, r4, r7\n\t"
+ "ADC r5, r5, #0x0\n\t"
+ "STR r3, [%[r], r9]\n\t"
+ "MOV r3, r4\n\t"
+ "MOV r4, r5\n\t"
+ "MOV r5, #0x0\n\t"
+ "ADD r9, r9, #0x4\n\t"
+ "CMP r9, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_1024_mul_d_32_word\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "str r3, [%[r]]\n\t"
- : [r] "+r" (r), [a] "+r" (a)
- : [b] "r" (b)
- : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_1024_mul_d_32_word\n\t"
+#endif
+ "STR r3, [%[r], #128]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+ );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r A single precision integer.
+ * a A single precision integer.
+ * b A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ /* A[0] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMULL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[1] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[2] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[3] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[4] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[5] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[6] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[7] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[8] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[9] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[10] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[11] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[12] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[13] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[14] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[15] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[16] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[17] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[18] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[19] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[20] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[21] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[22] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[23] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[24] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[25] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[26] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[27] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[28] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "MOV r3, #0x0\n\t"
+ /* A[29] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r5, r3, %[b], r8\n\t"
+ "STM %[r]!, {r5}\n\t"
+ "MOV r4, #0x0\n\t"
+ /* A[30] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r3, r4, %[b], r8\n\t"
+ "STM %[r]!, {r3}\n\t"
+ "MOV r5, #0x0\n\t"
+ /* A[31] * B */
+ "LDM %[a]!, {r8}\n\t"
+ "UMLAL r4, r5, %[b], r8\n\t"
+ "STM %[r]!, {r4}\n\t"
+ "STR r5, [%[r]]\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+ );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1 The high order half of the number to divide.
+ * d0 The low order half of the number to divide.
+ * div The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "LSR r8, %[div], #16\n\t"
+ "ADD r5, r8, #0x1\n\t"
+ "UDIV r6, %[d1], r5\n\t"
+ "LSL r7, %[div], #16\n\t"
+ "LSL r6, r6, #16\n\t"
+ "UMULL r3, r4, %[div], r6\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "SUBS r3, %[d1], r5\n\t"
+ "SBC r9, r9, r9\n\t"
+ "ADD r9, r9, #0x1\n\t"
+ "RSB r10, r9, #0x0\n\t"
+ "LSL r9, r9, #16\n\t"
+ "AND r7, r7, r10\n\t"
+ "AND r8, r8, r10\n\t"
+ "SUBS %[d0], %[d0], r7\n\t"
+ "ADD r6, r6, r9\n\t"
+ "SBC %[d1], %[d1], r8\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "UMULL r3, r4, %[div], r3\n\t"
+ "SUBS %[d0], %[d0], r3\n\t"
+ "SBC %[d1], %[d1], r4\n\t"
+ "LSL r4, %[d1], #16\n\t"
+ "LSR r3, %[d0], #16\n\t"
+ "ORR r3, r3, r4\n\t"
+ "UDIV r3, r3, r5\n\t"
+ "ADD r6, r6, r3\n\t"
+ "MUL r3, %[div], r3\n\t"
+ "SUB %[d0], %[d0], r3\n\t"
+ "UDIV r3, %[d0], %[div]\n\t"
+ "ADD %[d1], r6, r3\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
+ return (uint32_t)(size_t)d1;
}
+#else
/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
*
* d1 The high order half of the number to divide.
@@ -42634,49 +68814,69 @@ SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
*
* Note that this is an approximate div. It may give an answer 1 larger.
*/
-SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
- sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+ register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+ register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "lsr r6, %[div], #16\n\t"
- "add r6, r6, #1\n\t"
- "udiv r4, %[d1], r6\n\t"
- "lsl r8, r4, #16\n\t"
- "umull r4, r5, %[div], r8\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r5, %[d1], r6\n\t"
- "lsl r4, r5, #16\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "lsl r4, %[d1], #16\n\t"
- "orr r4, r4, %[d0], lsr #16\n\t"
- "udiv r4, r4, r6\n\t"
- "add r8, r8, r4\n\t"
- "umull r4, r5, %[div], r4\n\t"
- "subs %[d0], %[d0], r4\n\t"
- "sbc %[d1], %[d1], r5\n\t"
- "udiv r4, %[d0], %[div]\n\t"
- "add r8, r8, r4\n\t"
- "mov %[r], r8\n\t"
- : [r] "+r" (r)
- : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
- : "r4", "r5", "r6", "r8"
+ "LSR r5, %[div], #1\n\t"
+ "ADD r5, r5, #0x1\n\t"
+ "MOV r6, %[d0]\n\t"
+ "MOV r7, %[d1]\n\t"
+ /* Do top 32 */
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "MOV r3, #0x0\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ /* Next 30 bits */
+ "MOV r4, #0x1d\n\t"
+ "\n"
+ "L_div_1024_word_32_bit:\n\t"
+ "LSLS r6, r6, #1\n\t"
+ "ADC r7, r7, r7\n\t"
+ "SUBS r8, r5, r7\n\t"
+ "SBC r8, r8, r8\n\t"
+ "ADD r3, r3, r3\n\t"
+ "SUB r3, r3, r8\n\t"
+ "AND r8, r8, r5\n\t"
+ "SUBS r7, r7, r8\n\t"
+ "SUBS r4, r4, #0x1\n\t"
+ "bpl L_div_1024_word_32_bit\n\t"
+ "ADD r3, r3, r3\n\t"
+ "ADD r3, r3, #0x1\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "UMULL r6, r7, r3, %[div]\n\t"
+ "SUBS r9, %[d0], r6\n\t"
+ "SBC r10, %[d1], r7\n\t"
+ "ADD r3, r3, r10\n\t"
+ "SUBS r8, %[div], r9\n\t"
+ "SBC r8, r8, r8\n\t"
+ "SUB %[d1], r3, r8\n\t"
+ : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
);
- return r;
+ return (uint32_t)(size_t)d1;
}
+#endif
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -42714,44 +68914,401 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
* return -ve, 0 or +ve if a is less than, equal to or greater than b
* respectively.
*/
-SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r3, #0\n\t"
- "mvn r3, r3\n\t"
- "mov r6, #124\n\t"
- "\n1:\n\t"
- "ldr r8, [%[a], r6]\n\t"
- "ldr r5, [%[b], r6]\n\t"
- "and r8, r8, r3\n\t"
- "and r5, r5, r3\n\t"
- "mov r4, r8\n\t"
- "subs r8, r8, r5\n\t"
- "sbc r8, r8, r8\n\t"
- "add %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "subs r5, r5, r4\n\t"
- "sbc r8, r8, r8\n\t"
- "sub %[r], %[r], r8\n\t"
- "mvn r8, r8\n\t"
- "and r3, r3, r8\n\t"
- "sub r6, r6, #4\n\t"
- "cmp r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bge 1b\n\t"
+ "MOV r2, #0xffffffff\n\t"
+ "MOV r8, #0x1\n\t"
+ "MOV r7, #0x0\n\t"
+ "MOV r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+ "MOV r6, #0x7c\n\t"
+ "\n"
+ "L_sp_1024_cmp_32_words:\n\t"
+ "LDR r4, [%[a], r6]\n\t"
+ "LDR r5, [%[b], r6]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "SUBS r6, r6, #0x4\n\t"
+ "bcs L_sp_1024_cmp_32_words\n\t"
+ "EOR r2, r2, r3\n\t"
#else
- "bge.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [r] "+r" (r)
- : [a] "r" (a), [b] "r" (b)
- : "r3", "r4", "r5", "r6", "r8"
+ "LDR r4, [%[a], #124]\n\t"
+ "LDR r5, [%[b], #124]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #120]\n\t"
+ "LDR r5, [%[b], #120]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "LDR r5, [%[b], #116]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #112]\n\t"
+ "LDR r5, [%[b], #112]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #108]\n\t"
+ "LDR r5, [%[b], #108]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "LDR r5, [%[b], #104]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #100]\n\t"
+ "LDR r5, [%[b], #100]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #96]\n\t"
+ "LDR r5, [%[b], #96]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "LDR r5, [%[b], #92]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #88]\n\t"
+ "LDR r5, [%[b], #88]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #84]\n\t"
+ "LDR r5, [%[b], #84]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "LDR r5, [%[b], #80]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #76]\n\t"
+ "LDR r5, [%[b], #76]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #72]\n\t"
+ "LDR r5, [%[b], #72]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "LDR r5, [%[b], #68]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #64]\n\t"
+ "LDR r5, [%[b], #64]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #60]\n\t"
+ "LDR r5, [%[b], #60]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "LDR r5, [%[b], #56]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #52]\n\t"
+ "LDR r5, [%[b], #52]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #48]\n\t"
+ "LDR r5, [%[b], #48]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "LDR r5, [%[b], #44]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #40]\n\t"
+ "LDR r5, [%[b], #40]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #36]\n\t"
+ "LDR r5, [%[b], #36]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "LDR r5, [%[b], #32]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #28]\n\t"
+ "LDR r5, [%[b], #28]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #24]\n\t"
+ "LDR r5, [%[b], #24]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "LDR r5, [%[b], #20]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #16]\n\t"
+ "LDR r5, [%[b], #16]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #12]\n\t"
+ "LDR r5, [%[b], #12]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "LDR r5, [%[b], #8]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a], #4]\n\t"
+ "LDR r5, [%[b], #4]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[b]]\n\t"
+ "AND r4, r4, r3\n\t"
+ "AND r5, r5, r3\n\t"
+ "SUBS r4, r4, r5\n\t"
+ "IT hi\n\t"
+ "movhi r2, r8\n\t"
+ "IT lo\n\t"
+ "movlo r2, r3\n\t"
+ "IT ne\n\t"
+ "movne r3, r7\n\t"
+ "EOR r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+ "MOV %[a], r2\n\t"
+ : [a] "+r" (a), [b] "+r" (b)
+ :
+ : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
);
-
- return r;
+ return (uint32_t)(size_t)a;
}
/* Divide d in a and put remainder into r (m*d + r = a)
@@ -42763,8 +69320,8 @@ SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
* r Remainder from the division.
* returns MP_OKAY indicating success.
*/
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
- sp_digit* r)
+static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
+ sp_digit* m, sp_digit* r)
{
sp_digit t1[64], t2[33];
sp_digit div, r1;
@@ -42897,14 +69454,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 32
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 31);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 31);
}
#elif DIGIT_BIT > 32
unsigned int i;
@@ -43082,113 +69639,537 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
return err;
}
+#ifdef WOLFSSL_SP_NO_UMAAL
/* Reduce the number back to 1024 bits using Montgomery reduction.
*
* a A single precision number to reduce in place.
* m The single precision number representing the modulus.
* mp The digit representing the negative inverse of m mod 2^n.
*/
-SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
- sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r9, %[mp]\n\t"
- "mov r12, %[m]\n\t"
- "mov r10, %[a]\n\t"
- "mov r4, #0\n\t"
- "add r11, r10, #128\n\t"
- "\n1:\n\t"
+ "LDR lr, [%[m]]\n\t"
+ /* i = 0 */
+ "MOV r11, #0x0\n\t"
+ "MOV r3, #0x0\n\t"
+ "LDR r4, [%[a]]\n\t"
+ "LDR r5, [%[a], #4]\n\t"
+ "\n"
+ "L_sp_1024_mont_reduce_32_word:\n\t"
/* mu = a[i] * mp */
- "mov %[mp], r9\n\t"
- "ldr %[a], [r10]\n\t"
- "mul %[mp], %[mp], %[a]\n\t"
- "mov %[m], r12\n\t"
- "add r14, r10, #120\n\t"
- "\n2:\n\t"
- /* a[i+j] += m[j] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
- /* a[i+j+1] += m[j+1] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r4, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r4, r4, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r5, r5, %[a]\n\t"
- "adc r4, r4, #0\n\t"
- "str r5, [r10], #4\n\t"
- "cmp r10, r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 2b\n\t"
-#else
- "blt.n 2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+ "MUL r10, %[mp], r4\n\t"
+ /* a[i+0] += m[0] * mu */
+ "MOV r7, #0x0\n\t"
+ "UMLAL r4, r7, r10, lr\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r9, [%[m], #4]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r5, r6, r10, r9\n\t"
+ "MOV r4, r5\n\t"
+ "ADDS r4, r4, r7\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r9, [%[m], #8]\n\t"
+ "LDR r5, [%[a], #8]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r5, r7, r10, r9\n\t"
+ "ADDS r5, r5, r6\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r9, [%[m], #12]\n\t"
+ "LDR r12, [%[a], #12]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #12]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r9, [%[m], #16]\n\t"
+ "LDR r12, [%[a], #16]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #16]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r9, [%[m], #20]\n\t"
+ "LDR r12, [%[a], #20]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #20]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r9, [%[m], #24]\n\t"
+ "LDR r12, [%[a], #24]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #24]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r9, [%[m], #28]\n\t"
+ "LDR r12, [%[a], #28]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #28]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r9, [%[m], #32]\n\t"
+ "LDR r12, [%[a], #32]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #32]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r9, [%[m], #36]\n\t"
+ "LDR r12, [%[a], #36]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #36]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r9, [%[m], #40]\n\t"
+ "LDR r12, [%[a], #40]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #40]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r9, [%[m], #44]\n\t"
+ "LDR r12, [%[a], #44]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #44]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r9, [%[m], #48]\n\t"
+ "LDR r12, [%[a], #48]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #48]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r9, [%[m], #52]\n\t"
+ "LDR r12, [%[a], #52]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #52]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r9, [%[m], #56]\n\t"
+ "LDR r12, [%[a], #56]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #56]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r9, [%[m], #60]\n\t"
+ "LDR r12, [%[a], #60]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #60]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r9, [%[m], #64]\n\t"
+ "LDR r12, [%[a], #64]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #64]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r9, [%[m], #68]\n\t"
+ "LDR r12, [%[a], #68]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #68]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r9, [%[m], #72]\n\t"
+ "LDR r12, [%[a], #72]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #72]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r9, [%[m], #76]\n\t"
+ "LDR r12, [%[a], #76]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #76]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r9, [%[m], #80]\n\t"
+ "LDR r12, [%[a], #80]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #80]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r9, [%[m], #84]\n\t"
+ "LDR r12, [%[a], #84]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #84]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r9, [%[m], #88]\n\t"
+ "LDR r12, [%[a], #88]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #88]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r9, [%[m], #92]\n\t"
+ "LDR r12, [%[a], #92]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #92]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r9, [%[m], #96]\n\t"
+ "LDR r12, [%[a], #96]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #96]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r9, [%[m], #100]\n\t"
+ "LDR r12, [%[a], #100]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #100]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r9, [%[m], #104]\n\t"
+ "LDR r12, [%[a], #104]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #104]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r9, [%[m], #108]\n\t"
+ "LDR r12, [%[a], #108]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #108]\n\t"
+ "ADC r6, r6, #0x0\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r9, [%[m], #112]\n\t"
+ "LDR r12, [%[a], #112]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #112]\n\t"
+ "ADC r7, r7, #0x0\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r9, [%[m], #116]\n\t"
+ "LDR r12, [%[a], #116]\n\t"
+ "MOV r6, #0x0\n\t"
+ "UMLAL r12, r6, r10, r9\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #116]\n\t"
+ "ADC r6, r6, #0x0\n\t"
/* a[i+30] += m[30] * mu */
- "ldr %[a], [r10]\n\t"
- "mov r5, #0\n\t"
- /* Multiply m[j] and mu - Start */
- "ldr r8, [%[m]], #4\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds %[a], %[a], r6\n\t"
- "adc r5, r5, r8\n\t"
- /* Multiply m[j] and mu - Done */
- "adds r4, r4, %[a]\n\t"
- "adc r5, r5, #0\n\t"
- "str r4, [r10], #4\n\t"
+ "LDR r9, [%[m], #120]\n\t"
+ "LDR r12, [%[a], #120]\n\t"
+ "MOV r7, #0x0\n\t"
+ "UMLAL r12, r7, r10, r9\n\t"
+ "ADDS r12, r12, r6\n\t"
+ "STR r12, [%[a], #120]\n\t"
+ "ADC r7, r7, #0x0\n\t"
/* a[i+31] += m[31] * mu */
- "mov r4, %[ca]\n\t"
- "mov %[ca], #0\n\t"
- /* Multiply m[31] and mu - Start */
- "ldr r8, [%[m]]\n\t"
- "umull r6, r8, %[mp], r8\n\t"
- "adds r5, r5, r6\n\t"
- "adcs r4, r4, r8\n\t"
- "adc %[ca], %[ca], #0\n\t"
- /* Multiply m[31] and mu - Done */
- "ldr r6, [r10]\n\t"
- "ldr r8, [r10, #4]\n\t"
- "adds r6, r6, r5\n\t"
- "adcs r8, r8, r4\n\t"
- "adc %[ca], %[ca], #0\n\t"
- "str r6, [r10]\n\t"
- "str r8, [r10, #4]\n\t"
- /* Next word in a */
- "sub r10, r10, #120\n\t"
- "cmp r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
-#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- "ldr r6, [%[m]]\n\t"
- "subs r6, r6, r8\n\t"
- "neg %[ca], %[ca]\n\t"
- "sbc r6, r6, r6\n\t"
- "orr %[ca], %[ca], r6\n\t"
- "mov %[a], r10\n\t"
- "mov %[m], r12\n\t"
- : [ca] "+r" (ca), [a] "+r" (a)
- : [m] "r" (m), [mp] "r" (mp)
- : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+ "LDR r9, [%[m], #124]\n\t"
+ "LDR r12, [%[a], #124]\n\t"
+ "UMULL r8, r9, r10, r9\n\t"
+ "ADDS r7, r7, r8\n\t"
+ "ADCS r6, r9, r3\n\t"
+ "MOV r3, #0x0\n\t"
+ "ADC r3, r3, r3\n\t"
+ "ADDS r12, r12, r7\n\t"
+ "STR r12, [%[a], #124]\n\t"
+ "LDR r12, [%[a], #128]\n\t"
+ "ADCS r12, r12, r6\n\t"
+ "STR r12, [%[a], #128]\n\t"
+ "ADC r3, r3, #0x0\n\t"
+ /* i += 1 */
+ "ADD r11, r11, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r11, #0x80\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_1024_mont_reduce_32_word\n\t"
+#else
+ "BLT.W L_sp_1024_mont_reduce_32_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r4, [%[a]]\n\t"
+ "STR r5, [%[a], #4]\n\t"
+ "LDR r8, [%[m], #124]\n\t"
+ "SUBS r12, r8, r12\n\t"
+ "neg r3, r3\n\t"
+ "SBC r12, r12, r12\n\t"
+ "ORR r3, r3, r12\n\t"
+ "MOV %[mp], r3\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
);
+ sp_1024_cond_sub_32(a - 32, a, m, mp);
+}
+
+#else
+/* Reduce the number back to 1024 bits using Montgomery reduction.
+ *
+ * a A single precision number to reduce in place.
+ * m The single precision number representing the modulus.
+ * mp The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+ register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
- sp_1024_cond_sub_32(a - 32, a, m, ca);
+ __asm__ __volatile__ (
+ /* i = 0 */
+ "MOV r4, #0x0\n\t"
+ "MOV r5, #0x0\n\t"
+ "LDR r6, [%[a]]\n\t"
+ "LDR r7, [%[a], #4]\n\t"
+ "LDR r8, [%[a], #8]\n\t"
+ "LDR r9, [%[a], #12]\n\t"
+ "LDR r10, [%[a], #16]\n\t"
+ "\n"
+ "L_sp_1024_mont_reduce_32_word:\n\t"
+ /* mu = a[i] * mp */
+ "MUL lr, %[mp], r6\n\t"
+ /* a[i+0] += m[0] * mu */
+ "LDR r12, [%[m]]\n\t"
+ "MOV r3, #0x0\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+1] += m[1] * mu */
+ "LDR r12, [%[m], #4]\n\t"
+ "MOV r6, r7\n\t"
+ "UMAAL r6, r3, lr, r12\n\t"
+ /* a[i+2] += m[2] * mu */
+ "LDR r12, [%[m], #8]\n\t"
+ "MOV r7, r8\n\t"
+ "UMAAL r7, r3, lr, r12\n\t"
+ /* a[i+3] += m[3] * mu */
+ "LDR r12, [%[m], #12]\n\t"
+ "MOV r8, r9\n\t"
+ "UMAAL r8, r3, lr, r12\n\t"
+ /* a[i+4] += m[4] * mu */
+ "LDR r12, [%[m], #16]\n\t"
+ "MOV r9, r10\n\t"
+ "UMAAL r9, r3, lr, r12\n\t"
+ /* a[i+5] += m[5] * mu */
+ "LDR r12, [%[m], #20]\n\t"
+ "LDR r10, [%[a], #20]\n\t"
+ "UMAAL r10, r3, lr, r12\n\t"
+ /* a[i+6] += m[6] * mu */
+ "LDR r12, [%[m], #24]\n\t"
+ "LDR r11, [%[a], #24]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #24]\n\t"
+ /* a[i+7] += m[7] * mu */
+ "LDR r12, [%[m], #28]\n\t"
+ "LDR r11, [%[a], #28]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #28]\n\t"
+ /* a[i+8] += m[8] * mu */
+ "LDR r12, [%[m], #32]\n\t"
+ "LDR r11, [%[a], #32]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #32]\n\t"
+ /* a[i+9] += m[9] * mu */
+ "LDR r12, [%[m], #36]\n\t"
+ "LDR r11, [%[a], #36]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #36]\n\t"
+ /* a[i+10] += m[10] * mu */
+ "LDR r12, [%[m], #40]\n\t"
+ "LDR r11, [%[a], #40]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #40]\n\t"
+ /* a[i+11] += m[11] * mu */
+ "LDR r12, [%[m], #44]\n\t"
+ "LDR r11, [%[a], #44]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #44]\n\t"
+ /* a[i+12] += m[12] * mu */
+ "LDR r12, [%[m], #48]\n\t"
+ "LDR r11, [%[a], #48]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #48]\n\t"
+ /* a[i+13] += m[13] * mu */
+ "LDR r12, [%[m], #52]\n\t"
+ "LDR r11, [%[a], #52]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #52]\n\t"
+ /* a[i+14] += m[14] * mu */
+ "LDR r12, [%[m], #56]\n\t"
+ "LDR r11, [%[a], #56]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #56]\n\t"
+ /* a[i+15] += m[15] * mu */
+ "LDR r12, [%[m], #60]\n\t"
+ "LDR r11, [%[a], #60]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #60]\n\t"
+ /* a[i+16] += m[16] * mu */
+ "LDR r12, [%[m], #64]\n\t"
+ "LDR r11, [%[a], #64]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #64]\n\t"
+ /* a[i+17] += m[17] * mu */
+ "LDR r12, [%[m], #68]\n\t"
+ "LDR r11, [%[a], #68]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #68]\n\t"
+ /* a[i+18] += m[18] * mu */
+ "LDR r12, [%[m], #72]\n\t"
+ "LDR r11, [%[a], #72]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #72]\n\t"
+ /* a[i+19] += m[19] * mu */
+ "LDR r12, [%[m], #76]\n\t"
+ "LDR r11, [%[a], #76]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #76]\n\t"
+ /* a[i+20] += m[20] * mu */
+ "LDR r12, [%[m], #80]\n\t"
+ "LDR r11, [%[a], #80]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #80]\n\t"
+ /* a[i+21] += m[21] * mu */
+ "LDR r12, [%[m], #84]\n\t"
+ "LDR r11, [%[a], #84]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #84]\n\t"
+ /* a[i+22] += m[22] * mu */
+ "LDR r12, [%[m], #88]\n\t"
+ "LDR r11, [%[a], #88]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #88]\n\t"
+ /* a[i+23] += m[23] * mu */
+ "LDR r12, [%[m], #92]\n\t"
+ "LDR r11, [%[a], #92]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #92]\n\t"
+ /* a[i+24] += m[24] * mu */
+ "LDR r12, [%[m], #96]\n\t"
+ "LDR r11, [%[a], #96]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #96]\n\t"
+ /* a[i+25] += m[25] * mu */
+ "LDR r12, [%[m], #100]\n\t"
+ "LDR r11, [%[a], #100]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #100]\n\t"
+ /* a[i+26] += m[26] * mu */
+ "LDR r12, [%[m], #104]\n\t"
+ "LDR r11, [%[a], #104]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #104]\n\t"
+ /* a[i+27] += m[27] * mu */
+ "LDR r12, [%[m], #108]\n\t"
+ "LDR r11, [%[a], #108]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #108]\n\t"
+ /* a[i+28] += m[28] * mu */
+ "LDR r12, [%[m], #112]\n\t"
+ "LDR r11, [%[a], #112]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #112]\n\t"
+ /* a[i+29] += m[29] * mu */
+ "LDR r12, [%[m], #116]\n\t"
+ "LDR r11, [%[a], #116]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #116]\n\t"
+ /* a[i+30] += m[30] * mu */
+ "LDR r12, [%[m], #120]\n\t"
+ "LDR r11, [%[a], #120]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "STR r11, [%[a], #120]\n\t"
+ /* a[i+31] += m[31] * mu */
+ "LDR r12, [%[m], #124]\n\t"
+ "LDR r11, [%[a], #124]\n\t"
+ "UMAAL r11, r3, lr, r12\n\t"
+ "LDR lr, [%[a], #128]\n\t"
+ "MOV r12, #0x0\n\t"
+ "UMAAL r3, lr, r12, r12\n\t"
+ "STR r11, [%[a], #124]\n\t"
+ "ADDS r3, r3, r5\n\t"
+ "ADC r5, lr, #0x0\n\t"
+ "STR r3, [%[a], #128]\n\t"
+ /* i += 1 */
+ "ADD r4, r4, #0x4\n\t"
+ "ADD %[a], %[a], #0x4\n\t"
+ "CMP r4, #0x80\n\t"
+#ifdef __GNUC__
+ "BLT L_sp_1024_mont_reduce_32_word\n\t"
+#else
+ "BLT.W L_sp_1024_mont_reduce_32_word\n\t"
+#endif
+ /* Loop Done */
+ "STR r6, [%[a]]\n\t"
+ "STR r7, [%[a], #4]\n\t"
+ "STR r8, [%[a], #8]\n\t"
+ "STR r9, [%[a], #12]\n\t"
+ "STR r10, [%[a], #16]\n\t"
+ "LDR r12, [%[m], #124]\n\t"
+ "SUBS r3, r12, r3\n\t"
+ "neg r5, r5\n\t"
+ "SBC r3, r3, r3\n\t"
+ "ORR r5, r5, r3\n\t"
+ "MOV %[mp], r5\n\t"
+ : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+ :
+ : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+ );
+ sp_1024_cond_sub_32(a - 32, a, m, mp);
}
+#endif
/* Multiply two Montgomery form numbers mod the modulus (prime).
* (r = a * b mod m)
*
@@ -43196,7 +70177,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -43210,7 +70191,7 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -43333,166 +70314,175 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
* b Second number to add in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldr r14, [%[m], #124]\n\t"
- "adc r12, r12, #0\n\t"
- "subs r14, r14, r7\n\t"
- "neg r12, r12\n\t"
- "sbc r14, r14, r14\n\t"
- "sub %[r], %[r], #128\n\t"
- "orr r12, r14\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "subs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbc r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "sub %[r], %[r], #128\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDR r11, [%[m], #124]\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "SUBS r11, r11, r7\n\t"
+ "neg r12, r12\n\t"
+ "SBC r11, r11, r11\n\t"
+ "SUB %[r], %[r], #0x80\n\t"
+ "ORR r12, r12, r11\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SUBS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBC r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
@@ -43502,149 +70492,158 @@ SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, cons
* a Number to double in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adds r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldr r4, [%[m], #124]\n\t"
- "adc r12, r12, #0\n\t"
- "subs r4, r4, r14\n\t"
- "neg r12, r12\n\t"
- "sbc r4, r4, r4\n\t"
- "sub %[r], %[r], #128\n\t"
- "orr r12, r4\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "subs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbc r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "sub %[r], %[r], #128\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDR r4, [%[m], #124]\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "SUBS r4, r4, r11\n\t"
+ "neg r12, r12\n\t"
+ "SBC r4, r4, r4\n\t"
+ "SUB %[r], %[r], #0x80\n\t"
+ "ORR r12, r12, r4\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SUBS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBC r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
);
}
@@ -43654,304 +70653,313 @@ SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a, cons
* a Number to triple in Montgomery form.
* m Modulus (prime).
*/
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adds r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "adcs r4, r4, r4\n\t"
- "adcs r5, r5, r5\n\t"
- "adcs r6, r6, r6\n\t"
- "adcs r7, r7, r7\n\t"
- "adcs r8, r8, r8\n\t"
- "adcs r9, r9, r9\n\t"
- "adcs r10, r10, r10\n\t"
- "adcs r14, r14, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
- "ldr r4, [%[m], #124]\n\t"
- "adc r12, r12, #0\n\t"
- "subs r4, r4, r14\n\t"
- "neg r12, r12\n\t"
- "sbc r4, r4, r4\n\t"
- "sub %[r], %[r], #128\n\t"
- "orr r12, r4\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "subs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbc r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "sub %[r], %[r], #128\n\t"
- "sub %[m], %[m], #128\n\t"
- "sub %[a], %[a], #128\n\t"
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adds r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "adcs r8, r8, r4\n\t"
- "adcs r9, r9, r5\n\t"
- "adcs r10, r10, r6\n\t"
- "adcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldr r7, [%[m], #124]\n\t"
- "adc r12, r12, #0\n\t"
- "subs r7, r7, r14\n\t"
- "neg r12, r12\n\t"
- "sbc r7, r7, r7\n\t"
- "sub %[r], %[r], #128\n\t"
- "orr r12, r7\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "subs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbcs r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "ldm %[r], {r8, r9, r10, r14}\n\t"
- "ldm %[m]!, {r4, r5, r6, r7}\n\t"
- "and r4, r4, r12\n\t"
- "and r5, r5, r12\n\t"
- "and r6, r6, r12\n\t"
- "and r7, r7, r12\n\t"
- "sbcs r8, r8, r4\n\t"
- "sbcs r9, r9, r5\n\t"
- "sbcs r10, r10, r6\n\t"
- "sbc r14, r14, r7\n\t"
- "stm %[r]!, {r8, r9, r10, r14}\n\t"
- "sub %[r], %[r], #128\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADDS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "ADCS r4, r4, r4\n\t"
+ "ADCS r5, r5, r5\n\t"
+ "ADCS r6, r6, r6\n\t"
+ "ADCS r7, r7, r7\n\t"
+ "ADCS r8, r8, r8\n\t"
+ "ADCS r9, r9, r9\n\t"
+ "ADCS r10, r10, r10\n\t"
+ "ADCS r11, r11, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+ "LDR r4, [%[m], #124]\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "SUBS r4, r4, r11\n\t"
+ "neg r12, r12\n\t"
+ "SBC r4, r4, r4\n\t"
+ "SUB %[r], %[r], #0x80\n\t"
+ "ORR r12, r12, r4\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SUBS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBC r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "SUB %[r], %[r], #0x80\n\t"
+ "SUB %[m], %[m], #0x80\n\t"
+ "SUB %[a], %[a], #0x80\n\t"
+ "MOV r12, #0x0\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADDS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r8, r9, r10, r11}\n\t"
+ "ADCS r8, r8, r4\n\t"
+ "ADCS r9, r9, r5\n\t"
+ "ADCS r10, r10, r6\n\t"
+ "ADCS r11, r11, r7\n\t"
+ "STM %[r]!, {r8, r9, r10, r11}\n\t"
+ "LDR r7, [%[m], #124]\n\t"
+ "ADC r12, r12, #0x0\n\t"
+ "SUBS r7, r7, r11\n\t"
+ "neg r12, r12\n\t"
+ "SBC r7, r7, r7\n\t"
+ "SUB %[r], %[r], #0x80\n\t"
+ "ORR r12, r12, r7\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SUBS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBC r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
);
}
@@ -43962,165 +70970,173 @@ SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a, cons
* b Number to subtract with in Montgomery form.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
- const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "mov r12, #0\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "subs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[a]!, {r4, r5, r6, r7}\n\t"
- "ldm %[b]!, {r8, r9, r10, r14}\n\t"
- "sbcs r4, r4, r8\n\t"
- "sbcs r5, r5, r9\n\t"
- "sbcs r6, r6, r10\n\t"
- "sbcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "sbc r12, r12, r12\n\t"
- "sub %[r], %[r], #128\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adds r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adcs r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "ldm %[r], {r4, r5, r6, r7}\n\t"
- "ldm %[m]!, {r8, r9, r10, r14}\n\t"
- "and r8, r8, r12\n\t"
- "and r9, r9, r12\n\t"
- "and r10, r10, r12\n\t"
- "and r14, r14, r12\n\t"
- "adcs r4, r4, r8\n\t"
- "adcs r5, r5, r9\n\t"
- "adcs r6, r6, r10\n\t"
- "adc r7, r7, r14\n\t"
- "stm %[r]!, {r4, r5, r6, r7}\n\t"
- "sub %[r], %[r], #128\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SUBS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[a]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9, r10, r11}\n\t"
+ "SBCS r4, r4, r8\n\t"
+ "SBCS r5, r5, r9\n\t"
+ "SBCS r6, r6, r10\n\t"
+ "SBCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "SBC r12, r12, r12\n\t"
+ "SUB %[r], %[r], #0x80\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADDS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADCS r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
+ "LDM %[r], {r4, r5, r6, r7}\n\t"
+ "LDM %[m]!, {r8, r9, r10, r11}\n\t"
+ "AND r8, r8, r12\n\t"
+ "AND r9, r9, r12\n\t"
+ "AND r10, r10, r12\n\t"
+ "AND r11, r11, r12\n\t"
+ "ADCS r4, r4, r8\n\t"
+ "ADCS r5, r5, r9\n\t"
+ "ADCS r6, r6, r10\n\t"
+ "ADC r7, r7, r11\n\t"
+ "STM %[r]!, {r4, r5, r6, r7}\n\t"
: [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
:
- : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
);
}
-#define sp_1024_mont_sub_lower_32 sp_1024_mont_sub_32
+#ifdef WOLFSSL_SP_SMALL
/* Conditionally add a and b using the mask m.
* m is -1 to add and 0 when not.
*
@@ -44129,172 +71145,333 @@ SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, cons
* b A single precision number to add.
* m Mask value to apply.
*/
-SP_NOINLINE static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
- sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
- sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
__asm__ __volatile__ (
- "mov r5, #128\n\t"
- "mov r9, r5\n\t"
- "mov r8, #0\n\t"
- "\n1:\n\t"
- "ldr r6, [%[b], r8]\n\t"
- "and r6, r6, %[m]\n\t"
- "adds r5, %[c], #-1\n\t"
- "ldr r5, [%[a], r8]\n\t"
- "adcs r5, r5, r6\n\t"
- "mov %[c], #0\n\t"
- "adcs %[c], %[c], %[c]\n\t"
- "str r5, [%[r], r8]\n\t"
- "add r8, r8, #4\n\t"
- "cmp r8, r9\n\t"
+ "MOV r5, #0x0\n\t"
+ "MOV r8, #0x0\n\t"
+ "MOV r4, #0x0\n\t"
+ "\n"
+ "L_sp_1024_cond_add_32_words:\n\t"
+ "ADDS r5, r5, #0xffffffff\n\t"
+ "LDR r6, [%[a], r4]\n\t"
+ "LDR r7, [%[b], r4]\n\t"
+ "AND r7, r7, %[m]\n\t"
+ "ADCS r6, r6, r7\n\t"
+ "ADC r5, r8, r8\n\t"
+ "STR r6, [%[r], r4]\n\t"
+ "ADD r4, r4, #0x4\n\t"
+ "CMP r4, #0x80\n\t"
#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "blt 1b\n\t"
+ "BLT L_sp_1024_cond_add_32_words\n\t"
#else
- "blt.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c)
- : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
- : "memory", "r5", "r6", "r8", "r9"
+ "BLT.N L_sp_1024_cond_add_32_words\n\t"
+#endif
+ "MOV %[r], r5\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
);
+ return (uint32_t)(size_t)r;
+}
- return c;
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r A single precision number representing conditional add result.
+ * a A single precision number to add with.
+ * b A single precision number to add.
+ * m Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+ register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+ register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+ __asm__ __volatile__ (
+ "MOV r10, #0x0\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADDS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "LDM %[a]!, {r6, r7}\n\t"
+ "LDM %[b]!, {r8, r9}\n\t"
+ "AND r8, r8, %[m]\n\t"
+ "AND r9, r9, %[m]\n\t"
+ "ADCS r6, r6, r8\n\t"
+ "ADCS r7, r7, r9\n\t"
+ "STM %[r]!, {r6, r7}\n\t"
+ "ADC %[r], r10, r10\n\t"
+ : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+ :
+ : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+ );
+ return (uint32_t)(size_t)r;
}
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
+#else
static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+ register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+ register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
__asm__ __volatile__ (
- "ldr r2, [%[a]]\n\t"
- "ldr r3, [%[a], #4]\n\t"
- "lsr r2, r2, #1\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #8]\n\t"
- "str r2, [%[r], #0]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #12]\n\t"
- "str r3, [%[r], #4]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #16]\n\t"
- "str r4, [%[r], #8]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #20]\n\t"
- "str r2, [%[r], #12]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #24]\n\t"
- "str r3, [%[r], #16]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #28]\n\t"
- "str r4, [%[r], #20]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #32]\n\t"
- "str r2, [%[r], #24]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #36]\n\t"
- "str r3, [%[r], #28]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #40]\n\t"
- "str r4, [%[r], #32]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #44]\n\t"
- "str r2, [%[r], #36]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #48]\n\t"
- "str r3, [%[r], #40]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #52]\n\t"
- "str r4, [%[r], #44]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #56]\n\t"
- "str r2, [%[r], #48]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #60]\n\t"
- "str r3, [%[r], #52]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #64]\n\t"
- "str r4, [%[r], #56]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #68]\n\t"
- "str r2, [%[r], #60]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #72]\n\t"
- "str r3, [%[r], #64]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #76]\n\t"
- "str r4, [%[r], #68]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #80]\n\t"
- "str r2, [%[r], #72]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #84]\n\t"
- "str r3, [%[r], #76]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #88]\n\t"
- "str r4, [%[r], #80]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #92]\n\t"
- "str r2, [%[r], #84]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #96]\n\t"
- "str r3, [%[r], #88]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #100]\n\t"
- "str r4, [%[r], #92]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #104]\n\t"
- "str r2, [%[r], #96]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #108]\n\t"
- "str r3, [%[r], #100]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #112]\n\t"
- "str r4, [%[r], #104]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "ldr r4, [%[a], #116]\n\t"
- "str r2, [%[r], #108]\n\t"
- "orr r3, r3, r4, lsl #31\n\t"
- "lsr r4, r4, #1\n\t"
- "ldr r2, [%[a], #120]\n\t"
- "str r3, [%[r], #112]\n\t"
- "orr r4, r4, r2, lsl #31\n\t"
- "lsr r2, r2, #1\n\t"
- "ldr r3, [%[a], #124]\n\t"
- "str r4, [%[r], #116]\n\t"
- "orr r2, r2, r3, lsl #31\n\t"
- "lsr r3, r3, #1\n\t"
- "str r2, [%[r], #120]\n\t"
- "str r3, [%[r], #124]\n\t"
+ "LDM %[a], {r2, r3}\n\t"
+ "LSR r2, r2, #1\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #8]\n\t"
+ "STR r2, [%[r]]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #12]\n\t"
+ "STR r3, [%[r], #4]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #16]\n\t"
+ "STR r4, [%[r], #8]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #20]\n\t"
+ "STR r2, [%[r], #12]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #24]\n\t"
+ "STR r3, [%[r], #16]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #28]\n\t"
+ "STR r4, [%[r], #20]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #32]\n\t"
+ "STR r2, [%[r], #24]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #36]\n\t"
+ "STR r3, [%[r], #28]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #40]\n\t"
+ "STR r4, [%[r], #32]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #44]\n\t"
+ "STR r2, [%[r], #36]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #48]\n\t"
+ "STR r3, [%[r], #40]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #52]\n\t"
+ "STR r4, [%[r], #44]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #56]\n\t"
+ "STR r2, [%[r], #48]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #60]\n\t"
+ "STR r3, [%[r], #52]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #64]\n\t"
+ "STR r4, [%[r], #56]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #68]\n\t"
+ "STR r2, [%[r], #60]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #72]\n\t"
+ "STR r3, [%[r], #64]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #76]\n\t"
+ "STR r4, [%[r], #68]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #80]\n\t"
+ "STR r2, [%[r], #72]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #84]\n\t"
+ "STR r3, [%[r], #76]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #88]\n\t"
+ "STR r4, [%[r], #80]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #92]\n\t"
+ "STR r2, [%[r], #84]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #96]\n\t"
+ "STR r3, [%[r], #88]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #100]\n\t"
+ "STR r4, [%[r], #92]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #104]\n\t"
+ "STR r2, [%[r], #96]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #108]\n\t"
+ "STR r3, [%[r], #100]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #112]\n\t"
+ "STR r4, [%[r], #104]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "LDR r4, [%[a], #116]\n\t"
+ "STR r2, [%[r], #108]\n\t"
+ "ORR r3, r3, r4, lsl #31\n\t"
+ "LSR r4, r4, #1\n\t"
+ "LDR r2, [%[a], #120]\n\t"
+ "STR r3, [%[r], #112]\n\t"
+ "ORR r4, r4, r2, lsl #31\n\t"
+ "LSR r2, r2, #1\n\t"
+ "LDR r3, [%[a], #124]\n\t"
+ "STR r4, [%[r], #116]\n\t"
+ "ORR r2, r2, r3, lsl #31\n\t"
+ "LSR r3, r3, #1\n\t"
+ "STR r2, [%[r], #120]\n\t"
+ "STR r3, [%[r], #124]\n\t"
+ : [r] "+r" (r), [a] "+r" (a)
:
- : [r] "r" (r), [a] "r" (a)
- : "memory", "r2", "r3", "r4"
+ : "memory", "r2", "r3", "r4", "cc"
);
}
@@ -44304,7 +71481,7 @@ static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
* a Number to divide.
* m Modulus (prime).
*/
-SP_NOINLINE static void sp_1024_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
{
sp_digit o;
@@ -44357,7 +71534,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_32(t2, t2, p1024_mod);
+ sp_1024_mont_div2_32(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -44367,7 +71544,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_32(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+ sp_1024_mont_sub_32(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -44390,7 +71567,8 @@ typedef struct sp_1024_proj_point_dbl_32_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
@@ -44464,7 +71642,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_32(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -44489,7 +71667,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -44514,149 +71692,6 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- sp_digit c = 0;
-
- __asm__ __volatile__ (
- "mov r6, %[a]\n\t"
- "add r6, r6, #128\n\t"
- "\n1:\n\t"
- "mov r5, #0\n\t"
- "subs r5, r5, %[c]\n\t"
- "ldr r4, [%[a]]\n\t"
- "ldr r5, [%[b]]\n\t"
- "sbcs r4, r4, r5\n\t"
- "str r4, [%[r]]\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- "add %[a], %[a], #4\n\t"
- "add %[b], %[b], #4\n\t"
- "add %[r], %[r], #4\n\t"
- "cmp %[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
- "bne 1b\n\t"
-#else
- "bne.n 1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r4", "r5", "r6"
- );
-
- return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
- const sp_digit* b)
-{
- sp_digit c = 0;
-
- __asm__ __volatile__ (
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "subs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "ldm %[a]!, {r4, r5}\n\t"
- "ldm %[b]!, {r6, r8}\n\t"
- "sbcs r4, r4, r6\n\t"
- "sbcs r5, r5, r8\n\t"
- "stm %[r]!, {r4, r5}\n\t"
- "sbc %[c], %[c], %[c]\n\t"
- : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
- :
- : "memory", "r4", "r5", "r6", "r8"
- );
-
- return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
/* Compare two numbers to determine if they are equal.
* Constant time implementation.
*
@@ -44704,12 +71739,12 @@ static int sp_1024_iszero_32(const sp_digit* a)
static void sp_1024_proj_point_add_32(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*32;
- sp_digit* t3 = t + 4*32;
- sp_digit* t4 = t + 6*32;
- sp_digit* t5 = t + 8*32;
- sp_digit* t6 = t + 10*32;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*32;
+ sp_digit* t2 = t + 4*32;
+ sp_digit* t3 = t + 6*32;
+ sp_digit* t4 = t + 8*32;
+ sp_digit* t5 = t + 10*32;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -44731,17 +71766,9 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
sp_1024_proj_point_dbl_32(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
@@ -44760,20 +71787,31 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
sp_1024_mont_dbl_32(t3, y, p1024_mod);
sp_1024_mont_sub_32(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+ sp_1024_mont_sub_32(y, y, x, p1024_mod);
sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(y, y, t5, p1024_mod);
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -44819,12 +71857,12 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*32;
- ctx->t3 = t + 4*32;
- ctx->t4 = t + 6*32;
- ctx->t5 = t + 8*32;
- ctx->t6 = t + 10*32;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*32;
+ ctx->t2 = t + 4*32;
+ ctx->t3 = t + 6*32;
+ ctx->t4 = t + 8*32;
+ ctx->t5 = t + 10*32;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -44931,7 +71969,7 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -44944,22 +71982,28 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -45119,8 +72163,6 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g,
}
#if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-#define sp_1024_mont_dbl_lower_32 sp_1024_mont_dbl_32
-#define sp_1024_mont_tpl_lower_32 sp_1024_mont_tpl_32
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -45159,7 +72201,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+ sp_1024_mont_tpl_32(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45168,8 +72210,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_dbl_32(t2, b, p1024_mod);
sp_1024_mont_sub_32(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+ sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_32(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -45189,7 +72231,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+ sp_1024_mont_tpl_32(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45198,8 +72240,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_dbl_32(t2, b, p1024_mod);
sp_1024_mont_sub_32(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+ sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_32(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -45209,7 +72251,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
sp_1024_mont_sub_32(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_32(y, y, p1024_mod);
+ sp_1024_mont_div2_32(y, y, p1024_mod);
}
/* Convert the projective point to affine.
@@ -45255,12 +72297,12 @@ typedef struct sp_table_entry_1024 {
static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*32;
- sp_digit* t3 = t + 4*32;
- sp_digit* t4 = t + 6*32;
- sp_digit* t5 = t + 8*32;
- sp_digit* t6 = t + 10*32;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*32;
+ sp_digit* t6 = t + 4*32;
+ sp_digit* t1 = t + 6*32;
+ sp_digit* t4 = t + 8*32;
+ sp_digit* t5 = t + 10*32;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -45276,13 +72318,9 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
sp_1024_proj_point_dbl_32(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
@@ -45291,33 +72329,40 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_32(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_32(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_32(t1, t3, p1024_mod);
- sp_1024_mont_sub_32(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_32(t5, t3, p1024_mod);
+ sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_32(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_32(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_32(y, t3, t5, p1024_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 32; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 32; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 32; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 32; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -45548,7 +72593,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -45619,8 +72664,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -45903,7 +72948,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -45974,8 +73019,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -49729,7 +76774,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -49751,7 +76796,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -49967,7 +77012,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -49993,7 +77038,7 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
sp_1024_mont_add_32(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -52014,7 +79059,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
}
#endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -52129,7 +79174,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_32(t1, ty, p1024_mod);
+ sp_1024_mont_div2_32(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -52149,7 +79194,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_32(t1, t1, p1024_mod);
+ sp_1024_mont_div2_32(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -52567,7 +79612,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_32(t1, ty, p1024_mod);
+ sp_1024_mont_div2_32(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -52605,7 +79650,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_32(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -53416,7 +80461,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
}
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -53445,19 +80490,21 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 32;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_32(t1, point->y);
(void)sp_1024_mod_32(t1, t1, p1024_mod);
sp_1024_sqr_32(t2, point->x);
(void)sp_1024_mod_32(t2, t2, p1024_mod);
sp_1024_mul_32(t2, t2, point->x);
(void)sp_1024_mod_32(t2, t2, p1024_mod);
- (void)sp_1024_sub_32(t2, p1024_mod, t2);
- sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_32(t1, p1024_mod);
sp_1024_cond_sub_32(t1, t1, p1024_mod, ~(n >> 31));
sp_1024_norm_32(t1);
@@ -53474,7 +80521,7 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c
index c94da1bd..fd7b88c4 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c
@@ -1180,7 +1180,7 @@ SP_NOINLINE static void sp_256_mul_10(sp_digit* r, const sp_digit* a,
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
static void sp_256_mont_mul_10(sp_digit* r, const sp_digit* a, const sp_digit* b,
const sp_digit* m, sp_digit mp)
@@ -1281,7 +1281,7 @@ SP_NOINLINE static void sp_256_sqr_10(sp_digit* r, const sp_digit* a)
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
static void sp_256_mont_sqr_10(sp_digit* r, const sp_digit* a, const sp_digit* m,
sp_digit mp)
@@ -1297,7 +1297,7 @@ static void sp_256_mont_sqr_10(sp_digit* r, const sp_digit* a, const sp_digit* m
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
static void sp_256_mont_sqr_n_10(sp_digit* r, const sp_digit* a, int n,
const sp_digit* m, sp_digit mp)
@@ -4464,10 +4464,10 @@ int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32*
u2 = u2d;
tmp = tmpd;
- XMEMCPY(u2, r, 40);
- XMEMCPY(p2->x, x, 40);
- XMEMCPY(p2->y, y, 40);
- XMEMCPY(p2->z, z, 40);
+ XMEMCPY(u2, r, 40);
+ XMEMCPY(p2->x, x, 40);
+ XMEMCPY(p2->y, y, 40);
+ XMEMCPY(p2->z, z, 40);
sp_256_mul_10(s, s, p256_norm_order);
err = sp_256_mod_10(s, s, p256_order);
@@ -4492,7 +4492,7 @@ int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32*
/* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
/* Reload r and convert to Montgomery form. */
- XMEMCPY(u2, r, 40);
+ XMEMCPY(u2, r, 40);
err = sp_256_mod_mul_norm_10(u2, u2, p256_mod);
}
@@ -4503,7 +4503,7 @@ int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32*
*res = (int)(sp_256_cmp_10(p1->x, u1) == 0);
if (*res == 0) {
/* Reload r and add order. */
- XMEMCPY(u2, r, 40);
+ XMEMCPY(u2, r, 40);
carry = sp_256_add_10(u2, u2, p256_order);
/* Carry means result is greater than mod and is not valid. */
if (carry == 0) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c
index 37d554bf..94fc01c3 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c
@@ -197,7 +197,7 @@ This library provides single precision (SP) integer math functions.
while (0)
#else
/* Nothing to do as declared on stack. */
- #define FREE_SP_INT(n, h)
+ #define FREE_SP_INT(n, h) WC_DO_NOTHING
#endif
@@ -318,7 +318,7 @@ while (0)
FREE_DYN_SP_INT_ARRAY(n, h)
#else
/* Nothing to do as data declared on stack. */
- #define FREE_SP_INT_ARRAY(n, h)
+ #define FREE_SP_INT_ARRAY(n, h) WC_DO_NOTHING
#endif
@@ -1245,7 +1245,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
: [a] "r" (va), [b] "r" (vb), [c] "r" (vc) \
: "cc" \
)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH >= 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH >= 7)
/* Count leading zeros - instruction only available on ARMv7 and newer. */
#define SP_ASM_LZCNT(va, vn) \
__asm__ __volatile__ ( \
@@ -1272,7 +1272,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
sp_int_digit d)
{
sp_int_digit r = 0;
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
static const char debruijn32[32] = {
0, 31, 9, 30, 3, 8, 13, 29, 2, 5, 7, 21, 12, 24, 28, 19,
1, 10, 4, 14, 6, 22, 25, 20, 11, 15, 23, 26, 16, 27, 17, 18
@@ -1282,7 +1282,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
__asm__ __volatile__ (
/* Shift d so that top bit is set. */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
"ldr r4, %[m]\n\t"
"mov r5, %[d]\n\t"
"orr r5, r5, r5, lsr #1\n\t"
@@ -1291,8 +1291,8 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
"orr r5, r5, r5, lsr #8\n\t"
"orr r5, r5, r5, lsr #16\n\t"
"add r5, r5, #1\n\t"
- "mul r5, r5, r4\n\t"
- "lsr r5, r5, #27\n\t"
+ "mul r6, r5, r4\n\t"
+ "lsr r5, r6, #27\n\t"
"ldrb r5, [%[t], r5]\n\t"
#else
"clz r5, %[d]\n\t"
@@ -1352,7 +1352,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
"sbc r8, r8, r8\n\t"
"sub %[r], %[r], r8\n\t"
: [r] "+r" (r), [hi] "+r" (hi), [lo] "+r" (lo), [d] "+r" (d)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
: [t] "r" (debruijn32), [m] "m" (debruijn32_mul)
#else
:
@@ -4770,7 +4770,7 @@ WOLFSSL_LOCAL int sp_ModExp_4096(sp_int* base, sp_int* exp, sp_int* mod,
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
defined(OPENSSL_ALL)
-static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp);
+static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct);
#endif
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
defined(WOLFCRYPT_HAVE_ECCSI) || defined(WOLFCRYPT_HAVE_SAKKE) || \
@@ -4780,7 +4780,7 @@ static void _sp_mont_setup(const sp_int* m, sp_int_digit* rho);
/* Determine when mp_add_d is required. */
#if !defined(NO_PWDBASED) || defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \
- !defined(NO_DSA) || \
+ !defined(NO_DSA) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
defined(OPENSSL_EXTRA)
#define WOLFSSL_SP_ADD_D
@@ -5128,10 +5128,10 @@ static void _sp_copy_2_ct(const sp_int* a1, const sp_int* a2, sp_int* r1,
/* Copy data - constant time. */
for (i = 0; i < used; i++) {
- r1->dp[i] = (a1->dp[i] & ((sp_digit)wc_off_on_addr[y ])) +
- (a2->dp[i] & ((sp_digit)wc_off_on_addr[y^1]));
- r2->dp[i] = (a1->dp[i] & ((sp_digit)wc_off_on_addr[y^1])) +
- (a2->dp[i] & ((sp_digit)wc_off_on_addr[y ]));
+ r1->dp[i] = (a1->dp[i] & ((sp_int_digit)wc_off_on_addr[y ])) +
+ (a2->dp[i] & ((sp_int_digit)wc_off_on_addr[y^1]));
+ r2->dp[i] = (a1->dp[i] & ((sp_int_digit)wc_off_on_addr[y^1])) +
+ (a2->dp[i] & ((sp_int_digit)wc_off_on_addr[y ]));
}
/* Copy used. */
r1->used = (a1->used & ((int)wc_off_on_addr[y ])) +
@@ -5233,50 +5233,69 @@ int sp_exch(sp_int* a, sp_int* b)
* @param [in] b Second SP int to conditionally swap.
* @param [in] cnt Count of words to copy.
* @param [in] swap When value is 1 then swap.
+ * @param [in] t Temporary SP int to use in swap.
* @return MP_OKAY on success.
* @return MP_MEM when dynamic memory allocation fails.
*/
-int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
+int sp_cond_swap_ct_ex(sp_int* a, sp_int* b, int cnt, int swap, sp_int* t)
{
unsigned int i;
- int err = MP_OKAY;
sp_int_digit mask = (sp_int_digit)0 - (sp_int_digit)swap;
+
+ /* XOR other fields in sp_int into temp - mask set when swapping. */
+ t->used = (a->used ^ b->used) & (unsigned int)mask;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+ t->sign = (a->sign ^ b->sign) & (unsigned int)mask;
+#endif
+
+ /* XOR requested words into temp - mask set when swapping. */
+ for (i = 0; i < (unsigned int)cnt; i++) {
+ t->dp[i] = (a->dp[i] ^ b->dp[i]) & mask;
+ }
+
+ /* XOR temporary - when mask set then result will be b. */
+ a->used ^= t->used;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+ a->sign ^= t->sign;
+#endif
+ for (i = 0; i < (unsigned int)cnt; i++) {
+ a->dp[i] ^= t->dp[i];
+ }
+
+ /* XOR temporary - when mask set then result will be a. */
+ b->used ^= t->used;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+ b->sign ^= b->sign;
+#endif
+ for (i = 0; i < (unsigned int)cnt; i++) {
+ b->dp[i] ^= t->dp[i];
+ }
+
+ return MP_OKAY;
+}
+
+/* Conditional swap of SP int values in constant time.
+ *
+ * @param [in] a First SP int to conditionally swap.
+ * @param [in] b Second SP int to conditionally swap.
+ * @param [in] cnt Count of words to copy.
+ * @param [in] swap When value is 1 then swap.
+ * @return MP_OKAY on success.
+ * @return MP_MEM when dynamic memory allocation fails.
+ */
+int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
+{
+ int err = MP_OKAY;
DECL_SP_INT(t, (size_t)cnt);
/* Allocate temporary to hold masked xor of a and b. */
ALLOC_SP_INT(t, cnt, err, NULL);
- if (err == MP_OKAY) {
- /* XOR other fields in sp_int into temp - mask set when swapping. */
- t->used = (a->used ^ b->used) & (unsigned int)mask;
- #ifdef WOLFSSL_SP_INT_NEGATIVE
- t->sign = (a->sign ^ b->sign) & (unsigned int)mask;
- #endif
-
- /* XOR requested words into temp - mask set when swapping. */
- for (i = 0; i < (unsigned int)cnt; i++) {
- t->dp[i] = (a->dp[i] ^ b->dp[i]) & mask;
- }
-
- /* XOR temporary - when mask set then result will be b. */
- a->used ^= t->used;
- #ifdef WOLFSSL_SP_INT_NEGATIVE
- a->sign ^= t->sign;
- #endif
- for (i = 0; i < (unsigned int)cnt; i++) {
- a->dp[i] ^= t->dp[i];
- }
- /* XOR temporary - when mask set then result will be a. */
- b->used ^= t->used;
- #ifdef WOLFSSL_SP_INT_NEGATIVE
- b->sign ^= b->sign;
- #endif
- for (i = 0; i < (unsigned int)cnt; i++) {
- b->dp[i] ^= t->dp[i];
- }
+ if (err == MP_OKAY) {
+ err = sp_cond_swap_ct_ex(a, b, cnt, swap, t);
+ FREE_SP_INT(t, NULL);
}
- FREE_SP_INT(t, NULL);
return err;
}
#endif /* HAVE_ECC && ECC_TIMING_RESISTANT && !WC_NO_CACHE_RESISTANT */
@@ -5308,8 +5327,8 @@ int sp_abs(const sp_int* a, sp_int* r)
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
/* Compare absolute value of two multi-precision numbers.
*
- * @param [in] a SP integer.
- * @param [in] b SP integer.
+ * @param [in] a SP integer.
+ * @param [in] b SP integer.
*
* @return MP_GT when a is greater than b.
* @return MP_LT when a is less than b.
@@ -5354,8 +5373,8 @@ static int _sp_cmp_abs(const sp_int* a, const sp_int* b)
*
* Pointers are compared such that NULL is less than not NULL.
*
- * @param [in] a SP integer.
- * @param [in] b SP integer.
+ * @param [in] a SP integer.
+ * @param [in] b SP integer.
*
* @return MP_GT when a is greater than b.
* @return MP_LT when a is less than b.
@@ -5394,8 +5413,8 @@ int sp_cmp_mag(const sp_int* a, const sp_int* b)
*
* Assumes a and b are not NULL.
*
- * @param [in] a SP integer.
- * @param [in] a SP integer.
+ * @param [in] a SP integer.
+ * @param [in] b SP integer.
*
* @return MP_GT when a is greater than b.
* @return MP_LT when a is less than b.
@@ -5438,8 +5457,8 @@ static int _sp_cmp(const sp_int* a, const sp_int* b)
*
* Pointers are compared such that NULL is less than not NULL.
*
- * @param [in] a SP integer.
- * @param [in] a SP integer.
+ * @param [in] a SP integer.
+ * @param [in] b SP integer.
*
* @return MP_GT when a is greater than b.
* @return MP_LT when a is less than b.
@@ -5471,13 +5490,87 @@ int sp_cmp(const sp_int* a, const sp_int* b)
}
#endif
+#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
+ defined(WOLFSSL_ECC_GEN_REJECT_SAMPLING)
+/* Compare two multi-precision numbers in constant time.
+ *
+ * Assumes a and b are not NULL.
+ * Assumes a and b are positive.
+ *
+ * @param [in] a SP integer.
+ * @param [in] b SP integer.
+ * @param [in] n Number of digits to compare.
+ *
+ * @return MP_GT when a is greater than b.
+ * @return MP_LT when a is less than b.
+ * @return MP_EQ when a is equals b.
+ */
+static int _sp_cmp_ct(const sp_int* a, const sp_int* b, unsigned int n)
+{
+ int ret = MP_EQ;
+ int i;
+ int mask = -1;
+
+ for (i = n - 1; i >= 0; i--) {
+ sp_int_digit ad = a->dp[i] & ((sp_int_digit)0 - (i < (int)a->used));
+ sp_int_digit bd = b->dp[i] & ((sp_int_digit)0 - (i < (int)b->used));
+
+ ret |= mask & ((0 - (ad < bd)) & MP_LT);
+ mask &= 0 - (ret == MP_EQ);
+ ret |= mask & ((0 - (ad > bd)) & MP_GT);
+ mask &= 0 - (ret == MP_EQ);
+ }
+
+ return ret;
+}
+
+/* Compare two multi-precision numbers in constant time.
+ *
+ * Pointers are compared such that NULL is less than not NULL.
+ * Assumes a and b are positive.
+ * Assumes a and b have n digits set at sometime.
+ *
+ * @param [in] a SP integer.
+ * @param [in] b SP integer.
+ * @param [in] n Number of digits to compare.
+ *
+ * @return MP_GT when a is greater than b.
+ * @return MP_LT when a is less than b.
+ * @return MP_EQ when a is equals b.
+ */
+int sp_cmp_ct(const sp_int* a, const sp_int* b, unsigned int n)
+{
+ int ret;
+
+ /* Check pointers first. Both NULL returns equal. */
+ if (a == b) {
+ ret = MP_EQ;
+ }
+ /* Nothing is smaller than something. */
+ else if (a == NULL) {
+ ret = MP_LT;
+ }
+ /* Something is larger than nothing. */
+ else if (b == NULL) {
+ ret = MP_GT;
+ }
+ else
+ {
+ /* Compare values - a and b are not NULL. */
+ ret = _sp_cmp_ct(a, b, n);
+ }
+
+ return ret;
+}
+#endif /* HAVE_ECC && !WC_NO_RNG && WOLFSSL_ECC_GEN_REJECT_SAMPLING */
+
/*************************
* Bit check/set functions
*************************/
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
- (defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)) || \
- defined(OPENSSL_EXTRA)
+ ((defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_SM2)) && \
+ defined(HAVE_ECC)) || defined(OPENSSL_EXTRA)
/* Check if a bit is set
*
* When a is NULL, result is 0.
@@ -6327,7 +6420,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
if (r > SP_HALF_MAX) {
r = SP_HALF_MAX;
}
- /* Shift up result for trial division calucation. */
+ /* Shift up result for trial division calculation. */
r <<= SP_HALF_SIZE;
/* Calculate trial value. */
trial = r * (sp_int_word)d;
@@ -6447,7 +6540,7 @@ static void _sp_div_3(const sp_int* a, sp_int* r, sp_int_digit* rem)
}
/* Sum digits of sum. */
t = (t >> SP_WORD_SIZE) + (t & SP_MASK);
- /* Get top digit after multipling by (2^SP_WORD_SIZE) / 3. */
+ /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 3. */
tt = (sp_int_digit)((t * SP_DIV_3_CONST) >> SP_WORD_SIZE);
/* Subtract trial division. */
tr = (sp_int_digit)(t - (sp_int_word)tt * 3);
@@ -6479,7 +6572,7 @@ static void _sp_div_3(const sp_int* a, sp_int* r, sp_int_digit* rem)
#ifndef SQR_MUL_ASM
/* Combine remainder from last operation with this word. */
t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
- /* Get top digit after multipling by (2^SP_WORD_SIZE) / 3. */
+ /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 3. */
tt = (sp_int_digit)((t * SP_DIV_3_CONST) >> SP_WORD_SIZE);
/* Subtract trial division. */
tr = (sp_int_digit)(t - (sp_int_word)tt * 3);
@@ -6540,7 +6633,7 @@ static void _sp_div_10(const sp_int* a, sp_int* r, sp_int_digit* rem)
#ifndef SQR_MUL_ASM
/* Combine remainder from last operation with this word. */
t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
- /* Get top digit after multipling by (2^SP_WORD_SIZE) / 10. */
+ /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 10. */
tt = (sp_int_digit)((t * SP_DIV_10_CONST) >> SP_WORD_SIZE);
/* Subtract trial division. */
tr = (sp_int_digit)(t - (sp_int_word)tt * 10);
@@ -6566,7 +6659,7 @@ static void _sp_div_10(const sp_int* a, sp_int* r, sp_int_digit* rem)
#ifndef SQR_MUL_ASM
/* Combine remainder from last operation with this word. */
t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
- /* Get top digit after multipling by (2^SP_WORD_SIZE) / 10. */
+ /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 10. */
tt = (sp_int_digit)((t * SP_DIV_10_CONST) >> SP_WORD_SIZE);
/* Subtract trial division. */
tr = (sp_int_digit)(t - (sp_int_word)tt * 10);
@@ -6630,7 +6723,7 @@ static void _sp_div_small(const sp_int* a, sp_int_digit d, sp_int* r,
#ifndef SQR_MUL_ASM
/* Combine remainder from last operation with this word. */
t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
- /* Get top digit after multipling. */
+ /* Get top digit after multiplying. */
tt = (sp_int_digit)((t * m) >> SP_WORD_SIZE);
/* Subtract trial division. */
tr = (sp_int_digit)t - (sp_int_digit)(tt * d);
@@ -6657,7 +6750,7 @@ static void _sp_div_small(const sp_int* a, sp_int_digit d, sp_int* r,
#ifndef SQR_MUL_ASM
/* Combine remainder from last operation with this word. */
t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
- /* Get top digit after multipling. */
+ /* Get top digit after multiplying. */
tt = (sp_int_digit)((t * m) >> SP_WORD_SIZE);
/* Subtract trial division. */
tr = (sp_int_digit)t - (sp_int_digit)(tt * d);
@@ -7654,6 +7747,23 @@ int sp_submod(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
}
#endif /* WOLFSSL_SP_MATH_ALL */
+/* Constant time clamping/
+ *
+ * @param [in, out] a SP integer to clamp.
+ */
+static void sp_clamp_ct(sp_int* a)
+{
+ int i;
+ unsigned int used = a->used;
+ unsigned int mask = (unsigned int)-1;
+
+ for (i = (int)a->used - 1; i >= 0; i--) {
+ used -= ((unsigned int)(a->dp[i] == 0)) & mask;
+ mask &= (unsigned int)0 - (a->dp[i] == 0);
+ }
+ a->used = used;
+}
+
#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
/* Add two value and reduce: r = (a + b) % m
*
@@ -7807,7 +7917,7 @@ int sp_addmod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
r->sign = MP_ZPOS;
#endif /* WOLFSSL_SP_INT_NEGATIVE */
/* Remove leading zeros. */
- sp_clamp(r);
+ sp_clamp_ct(r);
#if 0
sp_print(r, "rma");
@@ -7818,11 +7928,13 @@ int sp_addmod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
}
#endif /* WOLFSSL_SP_MATH_ALL && HAVE_ECC */
-#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
-/* Sub b from a and reduce: r = (a - b) % m
- * Result is always positive.
+#if (defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)) || \
+ (defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
+ defined(WOLFCRYPT_HAVE_ECCSI) || defined(WOLFCRYPT_HAVE_SAKKE) || \
+ defined(OPENSSL_ALL))
+/* Sub b from a modulo m: r = (a - b) % m
*
- * r = a - b (mod m) - constant time (a < m and b < m, a, b and m are positive)
+ * Result is always positive.
*
* Assumes a, b, m and r are not NULL.
* m and r must not be the same pointer.
@@ -7834,9 +7946,9 @@ int sp_addmod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
*
* @return MP_OKAY on success.
*/
-int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
+static void _sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m,
+ unsigned int max, sp_int* r)
{
- int err = MP_OKAY;
#ifndef SQR_MUL_ASM
sp_int_sword w;
#else
@@ -7849,6 +7961,106 @@ int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
sp_int_digit mask_b = (sp_int_digit)-1;
unsigned int i;
+ /* In constant time, subtract b from a putting result in r. */
+#ifndef SQR_MUL_ASM
+ w = 0;
+#else
+ l = 0;
+ h = 0;
+#endif
+ for (i = 0; i < max; i++) {
+ /* Values past 'used' are not initialized. */
+ mask_a += (i == a->used);
+ mask_b += (i == b->used);
+
+ #ifndef SQR_MUL_ASM
+ /* Add a to and subtract b from current value. */
+ w += a->dp[i] & mask_a;
+ w -= b->dp[i] & mask_b;
+ /* Store low digit in result. */
+ r->dp[i] = (sp_int_digit)w;
+ /* Move high digit down. */
+ w >>= DIGIT_BIT;
+ #else
+ /* Add a and subtract b from current value. */
+ t = a->dp[i] & mask_a;
+ SP_ASM_ADDC_REG(l, h, t);
+ t = b->dp[i] & mask_b;
+ SP_ASM_SUBB_REG(l, h, t);
+ /* Store low digit in result. */
+ r->dp[i] = l;
+ /* Move high digit down. */
+ l = h;
+ /* High digit is 0 when positive or -1 on negative. */
+ h = (sp_int_digit)0 - (l >> (SP_WORD_SIZE - 1));
+ #endif
+ }
+ /* When w is negative then we need to add modulus to make result
+ * positive. */
+#ifndef SQR_MUL_ASM
+ mask = (sp_int_digit)0 - (w < 0);
+#else
+ mask = h;
+#endif
+
+ /* Constant time, conditionally, add modulus to difference. */
+#ifndef SQR_MUL_ASM
+ w = 0;
+#else
+ l = 0;
+#endif
+ for (i = 0; i < m->used; i++) {
+ #ifndef SQR_MUL_ASM
+ /* Add result and conditionally modulus to current value. */
+ w += r->dp[i];
+ w += m->dp[i] & mask;
+ /* Store low digit in result. */
+ r->dp[i] = (sp_int_digit)w;
+ /* Move high digit down. */
+ w >>= DIGIT_BIT;
+ #else
+ h = 0;
+ /* Add result and conditionally modulus to current value. */
+ SP_ASM_ADDC(l, h, r->dp[i]);
+ t = m->dp[i] & mask;
+ SP_ASM_ADDC_REG(l, h, t);
+ /* Store low digit in result. */
+ r->dp[i] = l;
+ /* Move high digit down. */
+ l = h;
+ #endif
+ }
+ /* Result will always have digits equal to or less than those in
+ * modulus. */
+ r->used = i;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+ r->sign = MP_ZPOS;
+#endif /* WOLFSSL_SP_INT_NEGATIVE */
+ /* Remove leading zeros. */
+ sp_clamp_ct(r);
+}
+#endif
+
+#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
+/* Sub b from a modulo m: r = (a - b) % m
+ * Result is always positive.
+ *
+ * r = a - b (mod m) - constant time (a < m and b < m, a, b and m are positive)
+ *
+ * Assumes a, b, m and r are not NULL.
+ * m and r must not be the same pointer.
+ *
+ * @param [in] a SP integer to subtract from
+ * @param [in] b SP integer to subtract.
+ * @param [in] m SP integer that is the modulus.
+ * @param [out] r SP integer to hold result.
+ *
+ * @return MP_OKAY on success.
+ */
+int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
+{
+ int err = MP_OKAY;
+
/* Check result is as big as modulus plus one digit. */
if (m->used > r->size) {
err = MP_VAL;
@@ -7865,82 +8077,7 @@ int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
sp_print(m, "m");
#endif
- /* In constant time, subtract b from a putting result in r. */
- #ifndef SQR_MUL_ASM
- w = 0;
- #else
- l = 0;
- h = 0;
- #endif
- for (i = 0; i < m->used; i++) {
- /* Values past 'used' are not initialized. */
- mask_a += (i == a->used);
- mask_b += (i == b->used);
-
- #ifndef SQR_MUL_ASM
- /* Add a to and subtract b from current value. */
- w += a->dp[i] & mask_a;
- w -= b->dp[i] & mask_b;
- /* Store low digit in result. */
- r->dp[i] = (sp_int_digit)w;
- /* Move high digit down. */
- w >>= DIGIT_BIT;
- #else
- /* Add a and subtract b from current value. */
- t = a->dp[i] & mask_a;
- SP_ASM_ADDC_REG(l, h, t);
- t = b->dp[i] & mask_b;
- SP_ASM_SUBB_REG(l, h, t);
- /* Store low digit in result. */
- r->dp[i] = l;
- /* Move high digit down. */
- l = h;
- /* High digit is 0 when positive or -1 on negative. */
- h = (sp_int_digit)0 - (l >> (SP_WORD_SIZE - 1));
- #endif
- }
- /* When w is negative then we need to add modulus to make result
- * positive. */
- #ifndef SQR_MUL_ASM
- mask = (sp_int_digit)0 - (w < 0);
- #else
- mask = h;
- #endif
- /* Constant time, conditionally, add modulus to difference. */
- #ifndef SQR_MUL_ASM
- w = 0;
- #else
- l = 0;
- #endif
- for (i = 0; i < m->used; i++) {
- #ifndef SQR_MUL_ASM
- /* Add result and conditionally modulus to current value. */
- w += r->dp[i];
- w += m->dp[i] & mask;
- /* Store low digit in result. */
- r->dp[i] = (sp_int_digit)w;
- /* Move high digit down. */
- w >>= DIGIT_BIT;
- #else
- h = 0;
- /* Add result and conditionally modulus to current value. */
- SP_ASM_ADDC(l, h, r->dp[i]);
- t = m->dp[i] & mask;
- SP_ASM_ADDC_REG(l, h, t);
- /* Store low digit in result. */
- r->dp[i] = l;
- /* Move high digit down. */
- l = h;
- #endif
- }
- /* Result will always have digits equal to or less than those in
- * modulus. */
- r->used = i;
- #ifdef WOLFSSL_SP_INT_NEGATIVE
- r->sign = MP_ZPOS;
- #endif /* WOLFSSL_SP_INT_NEGATIVE */
- /* Remove leading zeros. */
- sp_clamp(r);
+ _sp_submod_ct(a, b, m, m->used, r);
#if 0
sp_print(r, "rms");
@@ -8725,9 +8862,9 @@ int sp_mod(const sp_int* a, const sp_int* m, sp_int* r)
*
* Optimised code for when number of digits in a and b are the same.
*
- * @param [in] a SP integer to mulitply.
- * @param [in] b SP integer to mulitply by.
- * @param [out] r SP integer to hod reult.
+ * @param [in] a SP integer to multiply.
+ * @param [in] b SP integer to multiply by.
+ * @param [out] r SP integer to hold result.
*
* @return MP_OKAY otherwise.
* @return MP_MEM when dynamic memory allocation fails.
@@ -8804,9 +8941,9 @@ static int _sp_mul_nxn(const sp_int* a, const sp_int* b, sp_int* r)
/* Multiply a by b into r. r = a * b
*
- * @param [in] a SP integer to mulitply.
- * @param [in] b SP integer to mulitply by.
- * @param [out] r SP integer to hod reult.
+ * @param [in] a SP integer to multiply.
+ * @param [in] b SP integer to multiply by.
+ * @param [out] r SP integer to hold result.
*
* @return MP_OKAY otherwise.
* @return MP_MEM when dynamic memory allocation fails.
@@ -8882,9 +9019,9 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
#else
/* Multiply a by b into r. r = a * b
*
- * @param [in] a SP integer to mulitply.
- * @param [in] b SP integer to mulitply by.
- * @param [out] r SP integer to hod reult.
+ * @param [in] a SP integer to multiply.
+ * @param [in] b SP integer to multiply by.
+ * @param [out] r SP integer to hold result.
*
* @return MP_OKAY otherwise.
* @return MP_MEM when dynamic memory allocation fails.
@@ -12358,14 +12495,14 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
_sp_init_size(pre[i], m->used * 2 + 1);
err = sp_sqr(pre[i-1], pre[i]);
if (err == MP_OKAY) {
- err = _sp_mont_red(pre[i], m, mp);
+ err = _sp_mont_red(pre[i], m, mp, 0);
}
/* ..10 -> ..11 */
if (err == MP_OKAY) {
err = sp_mul(pre[i], a, pre[i]);
}
if (err == MP_OKAY) {
- err = _sp_mont_red(pre[i], m, mp);
+ err = _sp_mont_red(pre[i], m, mp, 0);
}
}
}
@@ -12397,7 +12534,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
int bit = sp_is_bit_set(e, (unsigned int)i);
/* 6.2. j += bit
- * Update count of consequitive 1 bits.
+ * Update count of consecutive 1 bits.
*/
j += bit;
/* 6.3. s += 1
@@ -12419,7 +12556,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
/* 6.4.2.1. t = (t ^ 2) mod m */
err = sp_sqr(t, t);
if (err == MP_OKAY) {
- err = _sp_mont_red(t, m, mp);
+ err = _sp_mont_red(t, m, mp, 0);
}
}
/* 6.4.3. s = 1 - bit */
@@ -12430,7 +12567,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
err = sp_mul(t, pre[j-1], t);
}
if (err == MP_OKAY) {
- err = _sp_mont_red(t, m, mp);
+ err = _sp_mont_red(t, m, mp, 0);
}
/* 6.4.5. j = 0
* Reset number of 1 bits seen.
@@ -12446,7 +12583,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
/* 7.1. t = (t ^ 2) mod m */
err = sp_sqr(t, t);
if (err == MP_OKAY) {
- err = _sp_mont_red(t, m, mp);
+ err = _sp_mont_red(t, m, mp, 0);
}
}
}
@@ -12455,7 +12592,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
if (j > 0) {
err = sp_mul(t, pre[j-1], r);
if (err == MP_OKAY) {
- err = _sp_mont_red(r, m, mp);
+ err = _sp_mont_red(r, m, mp, 0);
}
}
/* 9. Else r = t */
@@ -12868,7 +13005,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
t[3]);
err = sp_sqr(t[3], t[3]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[3], m, mp);
+ err = _sp_mont_red(t[3], m, mp, 0);
}
_sp_copy(t[3],
(sp_int*)(((size_t)t[0] & sp_off_on_addr[s^1]) +
@@ -12888,7 +13025,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
t[3]);
err = sp_mul(t[3], t[2], t[3]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[3], m, mp);
+ err = _sp_mont_red(t[3], m, mp, 0);
}
_sp_copy(t[3],
(sp_int*)(((size_t)t[0] & sp_off_on_addr[j^1]) +
@@ -12897,7 +13034,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
}
if (err == MP_OKAY) {
/* 7. t[1] = FromMont(t[1]) */
- err = _sp_mont_red(t[1], m, mp);
+ err = _sp_mont_red(t[1], m, mp, 0);
/* Reduction implementation returns number to range: 0..m-1. */
}
}
@@ -12998,7 +13135,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
/* 4.2. t[2] = t[0] * t[1] */
err = sp_mul(t[0], t[1], t[2]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[2], m, mp);
+ err = _sp_mont_red(t[2], m, mp, 0);
}
/* 4.3. t[3] = t[y] ^ 2 */
if (err == MP_OKAY) {
@@ -13008,7 +13145,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
err = sp_sqr(t[3], t[3]);
}
if (err == MP_OKAY) {
- err = _sp_mont_red(t[3], m, mp);
+ err = _sp_mont_red(t[3], m, mp, 0);
}
/* 4.4. t[y] = t[3], t[y^1] = t[2] */
if (err == MP_OKAY) {
@@ -13018,7 +13155,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
if (err == MP_OKAY) {
/* 5. t[0] = FromMont(t[0]) */
- err = _sp_mont_red(t[0], m, mp);
+ err = _sp_mont_red(t[0], m, mp, 0);
/* Reduction implementation returns number to range: 0..m-1. */
}
}
@@ -13088,7 +13225,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
DECL_SP_INT_ARRAY(t, m->used * 2 + 1, (1 << 6) + 1);
/* Window bits based on number of pre-calculations versus number of loop
- * calculcations.
+ * calculations.
* Exponents for RSA and DH will result in 6-bit windows.
*/
if (bits > 450) {
@@ -13170,7 +13307,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
}
/* Montgomery reduce square or multiplication result. */
if (err == MP_OKAY) {
- err = _sp_mont_red(t[i], m, mp);
+ err = _sp_mont_red(t[i], m, mp, 0);
}
}
@@ -13231,7 +13368,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
for (j = 0; (j < winBits) && (err == MP_OKAY); j++) {
err = sp_sqr(tr, tr);
if (err == MP_OKAY) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
}
@@ -13240,14 +13377,14 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
err = sp_mul(tr, t[y], tr);
}
if (err == MP_OKAY) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
}
}
if (err == MP_OKAY) {
/* 7. tr = FromMont(tr) */
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
/* Reduction implementation returns number to range: 0..m-1. */
}
}
@@ -13456,7 +13593,7 @@ static int _sp_exptmod_base_2(const sp_int* e, int digits, const sp_int* m,
err = sp_sqr(tr, tr);
if (err == MP_OKAY) {
if (useMont) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
else {
err = sp_mod(tr, m, tr);
@@ -13482,7 +13619,7 @@ static int _sp_exptmod_base_2(const sp_int* e, int digits, const sp_int* m,
/* 7. if Words(m) > 1 then tr = FromMont(tr) */
if ((err == MP_OKAY) && useMont) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
/* Reduction implementation returns number to range: 0..m-1. */
}
if (err == MP_OKAY) {
@@ -13777,7 +13914,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
bits = sp_count_bits(e);
/* Window bits based on number of pre-calculations versus number of loop
- * calculcations.
+ * calculations.
* Exponents for RSA and DH will result in 6-bit windows.
* Note: for 4096-bit values, 7-bit window is slightly better.
*/
@@ -13814,7 +13951,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
tr = t[preCnt + 0];
bm = t[preCnt + 1];
- /* Iniitialize all allocated */
+ /* Initialize all allocated */
for (i = 0; i < preCnt; i++) {
_sp_init_size(t[i], m->used * 2 + 1);
}
@@ -13861,7 +13998,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
for (i = 1; (i < winBits) && (err == MP_OKAY); i++) {
err = sp_sqr(t[0], t[0]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[0], m, mp);
+ err = _sp_mont_red(t[0], m, mp, 0);
}
}
/* For each table entry after first. */
@@ -13869,7 +14006,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
/* Multiply previous entry by the base in Mont form into table. */
err = sp_mul(t[i-1], bm, t[i]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[i], m, mp);
+ err = _sp_mont_red(t[i], m, mp, 0);
}
}
@@ -13953,7 +14090,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
for (; (err == MP_OKAY) && (sqrs > 0); sqrs--) {
err = sp_sqr(tr, tr);
if (err == MP_OKAY) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
}
@@ -13962,7 +14099,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
break;
}
- /* 4.4. Get top window bits from expononent and drop. */
+ /* 4.4. Get top window bits from exponent and drop. */
if (err == MP_OKAY) {
if (c == 0) {
/* Bits from next digit. */
@@ -13994,7 +14131,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
err = sp_mul(tr, t[y], tr);
}
if (err == MP_OKAY) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
}
@@ -14008,7 +14145,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
/* 5.1. Montogmery square result */
err = sp_sqr(tr, tr);
if (err == MP_OKAY) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
/* 5.2. If exponent bit set */
if ((err == MP_OKAY) && ((n >> c) & 1)) {
@@ -14017,7 +14154,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
*/
err = sp_mul(tr, bm, tr);
if (err == MP_OKAY) {
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
}
}
}
@@ -14026,7 +14163,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
if (err == MP_OKAY) {
/* 6. Convert result back from Montgomery form. */
- err = _sp_mont_red(tr, m, mp);
+ err = _sp_mont_red(tr, m, mp, 0);
/* Reduction implementation returns number to range: 0..m-1. */
}
}
@@ -14122,7 +14259,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
/* 3.1. Montgomery square result. */
err = sp_sqr(t[0], t[0]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[0], m, mp);
+ err = _sp_mont_red(t[0], m, mp, 0);
}
if (err == MP_OKAY) {
/* Get bit and index i. */
@@ -14132,14 +14269,14 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
/* 3.2.1. Montgomery multiply result by Mont of base. */
err = sp_mul(t[0], t[1], t[0]);
if (err == MP_OKAY) {
- err = _sp_mont_red(t[0], m, mp);
+ err = _sp_mont_red(t[0], m, mp, 0);
}
}
}
}
if (err == MP_OKAY) {
/* 4. Convert from Montgomery form. */
- err = _sp_mont_red(t[0], m, mp);
+ err = _sp_mont_red(t[0], m, mp, 0);
/* Reduction implementation returns number of range 0..m-1. */
}
}
@@ -14294,7 +14431,8 @@ int sp_div_2d(const sp_int* a, int e, sp_int* r, sp_int* rem)
}
#endif /* WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERIFY_ONLY */
-#if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
+#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
+ defined(HAVE_ECC)
/* The bottom e bits: r = a & ((1 << e) - 1)
*
* @param [in] a SP integer to reduce.
@@ -14364,7 +14502,7 @@ int sp_mod_2d(const sp_int* a, int e, sp_int* r)
return err;
}
-#endif /* WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERIFY_ONLY */
+#endif /* (WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERIFY_ONLY)) || HAVE_ECC */
#if (defined(WOLFSSL_SP_MATH_ALL) && (!defined(WOLFSSL_RSA_VERIFY_ONLY) || \
!defined(NO_DH))) || defined(OPENSSL_ALL)
@@ -14575,9 +14713,15 @@ static int _sp_sqr(const sp_int* a, sp_int* r)
}
#endif
if (err == MP_OKAY) {
+ #ifndef WOLFSSL_SP_INT_SQR_VOLATILE
sp_int_word w;
sp_int_word l;
sp_int_word h;
+ #else
+ volatile sp_int_word w;
+ volatile sp_int_word l;
+ volatile sp_int_word h;
+ #endif
#ifdef SP_WORD_OVERFLOW
sp_int_word o;
#endif
@@ -16970,10 +17114,11 @@ int sp_sqrmod(const sp_int* a, const sp_int* m, sp_int* r)
* @param [in,out] a SP integer to Montgomery reduce.
* @param [in] m SP integer that is the modulus.
* @param [in] mp SP integer digit that is the bottom digit of inv(-m).
+ * @param [in] ct Indicates operation must be constant time.
*
* @return MP_OKAY on success.
*/
-static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
+static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct)
{
#if !defined(SQR_MUL_ASM)
unsigned int i;
@@ -16990,8 +17135,17 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
bits = sp_count_bits(m);
/* Adding numbers into m->used * 2 digits - zero out unused digits. */
- for (i = a->used; i < m->used * 2; i++) {
- a->dp[i] = 0;
+ if (!ct) {
+ for (i = a->used; i < m->used * 2; i++) {
+ a->dp[i] = 0;
+ }
+ }
+ else {
+ for (i = 0; i < m->used * 2; i++) {
+ a->dp[i] &=
+ (sp_int_digit)
+ (sp_int_sdigit)ctMaskIntGTE((int)(a->used-1), (int)i);
+ }
}
/* Special case when modulus is 1 digit or less. */
@@ -17062,16 +17216,29 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
a->used = m->used * 2 + 1;
}
- /* Remove leading zeros. */
- sp_clamp(a);
- /* 3. a >>= NumBits(m) */
- (void)sp_rshb(a, bits, a);
+ if (!ct) {
+ /* Remove leading zeros. */
+ sp_clamp(a);
+ /* 3. a >>= NumBits(m) */
+ (void)sp_rshb(a, bits, a);
+ /* 4. a = a mod m */
+ if (_sp_cmp_abs(a, m) != MP_LT) {
+ _sp_sub_off(a, m, a, 0);
+ }
+ }
+ else {
+ /* 3. a >>= NumBits(m) */
+ (void)sp_rshb(a, bits, a);
+ /* Constant time clamping. */
+ sp_clamp_ct(a);
- /* 4. a = a mod m */
- if (_sp_cmp_abs(a, m) != MP_LT) {
- _sp_sub_off(a, m, a, 0);
+ /* 4. a = a mod m
+ * Always subtract but at a too high offset if a is less than m.
+ */
+ _sp_submod_ct(a, m, m, m->used + 1, a);
}
+
#if 0
sp_print(a, "rr");
#endif
@@ -17093,8 +17260,17 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
bits = sp_count_bits(m);
mask = ((sp_int_digit)1 << (bits & (SP_WORD_SIZE - 1))) - 1;
- for (i = a->used; i < m->used * 2; i++) {
- a->dp[i] = 0;
+ if (!ct) {
+ for (i = a->used; i < m->used * 2; i++) {
+ a->dp[i] = 0;
+ }
+ }
+ else {
+ for (i = 0; i < m->used * 2; i++) {
+ a->dp[i] &=
+ (sp_int_digit)
+ (sp_int_sdigit)ctMaskIntGTE((int)(a->used-1), (int)i);
+ }
}
if (m->used <= 1) {
@@ -17373,13 +17549,21 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
a->used = m->used * 2 + 1;
}
- /* Remove leading zeros. */
- sp_clamp(a);
- (void)sp_rshb(a, bits, a);
+ if (!ct) {
+ /* Remove leading zeros. */
+ sp_clamp(a);
+ (void)sp_rshb(a, bits, a);
+ /* a = a mod m */
+ if (_sp_cmp_abs(a, m) != MP_LT) {
+ _sp_sub_off(a, m, a, 0);
+ }
+ }
+ else {
+ (void)sp_rshb(a, bits, a);
+ /* Constant time clamping. */
+ sp_clamp_ct(a);
- /* a = a mod m */
- if (_sp_cmp_abs(a, m) != MP_LT) {
- _sp_sub_off(a, m, a, 0);
+ _sp_submod_ct(a, m, m, m->used + 1, a);
}
#if 0
@@ -17397,11 +17581,12 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
* @param [in,out] a SP integer to Montgomery reduce.
* @param [in] m SP integer that is the modulus.
* @param [in] mp SP integer digit that is the bottom digit of inv(-m).
+ * @param [in] ct Indicates operation must be constant time.
*
* @return MP_OKAY on success.
* @return MP_VAL when a or m is NULL or m is zero.
*/
-int sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
+int sp_mont_red_ex(sp_int* a, const sp_int* m, sp_int_digit mp, int ct)
{
int err;
@@ -17409,13 +17594,18 @@ int sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
if ((a == NULL) || (m == NULL) || sp_iszero(m)) {
err = MP_VAL;
}
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+ else if ((a->sign == MP_NEG) || (m->sign == MP_NEG)) {
+ err = MP_VAL;
+ }
+#endif
/* Ensure a has enough space for calculation. */
else if (a->size < m->used * 2 + 1) {
err = MP_VAL;
}
else {
/* Perform Montogomery Reduction. */
- err = _sp_mont_red(a, m, mp);
+ err = _sp_mont_red(a, m, mp, ct);
}
return err;
@@ -17598,7 +17788,7 @@ int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz)
a->used = (inSz + SP_WORD_SIZEOF - 1) / SP_WORD_SIZEOF;
#if defined(BIG_ENDIAN_ORDER) && !defined(WOLFSSL_SP_INT_DIGIT_ALIGN)
- /* Data endian matches respresentation of number.
+ /* Data endian matches representation of number.
* Directly copy if we don't have alignment issues.
*/
for (i = (int)(inSz-1); i > SP_WORD_SIZEOF-1; i -= SP_WORD_SIZEOF) {
@@ -17660,7 +17850,7 @@ int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz)
#endif /* LITTLE_ENDIAN_ORDER */
}
#endif
- sp_clamp(a);
+ sp_clamp_ct(a);
}
return err;
@@ -17755,6 +17945,73 @@ int sp_to_unsigned_bin_len(const sp_int* a, byte* out, int outSz)
return err;
}
+/* Convert the multi-precision number to an array of bytes in big-endian format.
+ *
+ * Constant-time implementation.
+ *
+ * The array must be large enough for encoded number - use mp_unsigned_bin_size
+ * to calculate the number of bytes required.
+ * Front-pads the output array with zeros to make number the size of the array.
+ *
+ * @param [in] a SP integer.
+ * @param [out] out Array to put encoding into.
+ * @param [in] outSz Size of the array in bytes.
+ *
+ * @return MP_OKAY on success.
+ * @return MP_VAL when a or out is NULL.
+ */
+int sp_to_unsigned_bin_len_ct(const sp_int* a, byte* out, int outSz)
+{
+ int err = MP_OKAY;
+
+ /* Validate parameters. */
+ if ((a == NULL) || (out == NULL) || (outSz < 0)) {
+ err = MP_VAL;
+ }
+
+#if SP_WORD_SIZE > 8
+ if (err == MP_OKAY) {
+ /* Start at the end of the buffer - least significant byte. */
+ int j;
+ unsigned int i;
+ sp_int_digit mask = (sp_int_digit)-1;
+ sp_int_digit d;
+
+ /* Put each digit in. */
+ i = 0;
+ for (j = outSz - 1; j >= 0; ) {
+ int b;
+ d = a->dp[i];
+ /* Place each byte of a digit into the buffer. */
+ for (b = 0; (j >= 0) && (b < SP_WORD_SIZEOF); b++) {
+ out[j--] = (byte)(d & mask);
+ d >>= 8;
+ }
+ mask &= (sp_int_digit)0 - (i < a->used - 1);
+ i += (unsigned int)(1 & mask);
+ }
+ }
+#else
+ if ((err == MP_OKAY) && ((unsigned int)outSz < a->used)) {
+ err = MP_VAL;
+ }
+ if (err == MP_OKAY) {
+ unsigned int i;
+ int j;
+ sp_int_digit mask = (sp_int_digit)-1;
+
+ i = 0;
+ for (j = outSz - 1; j >= 0; j--) {
+ out[j] = a->dp[i] & mask;
+ mask &= (sp_int_digit)0 - (i < a->used - 1);
+ i += (unsigned int)(1 & mask);
+ }
+ }
+#endif
+
+ return err;
+}
+
#if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
/* Store the number in big-endian format in array at an offset.
@@ -17882,7 +18139,7 @@ static int _sp_read_radix_10(sp_int* a, const char* in)
ch = in[i];
/* Check character is valid. */
if ((ch >= '0') && (ch <= '9')) {
- /* Assume '0'..'9' are continuous valus as characters. */
+ /* Assume '0'..'9' are continuous values as characters. */
ch -= '0';
}
else {
@@ -18476,7 +18733,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap)
*
* @param [in] a SP integer to check.
* @param [in] b SP integer that is a small prime.
- * @param [out] result MP_YES when number is likey prime.
+ * @param [out] result MP_YES when number is likely prime.
* MP_NO otherwise.
* @param [in] n1 SP integer temporary.
* @param [in] r SP integer temporary.
@@ -19006,7 +19263,7 @@ int sp_prime_is_prime_ex(const sp_int* a, int trials, int* result, WC_RNG* rng)
*
* a and b are positive integers.
*
- * Euclidian Algorithm:
+ * Euclidean Algorithm:
* 1. If a > b then a = b, b = a
* 2. u = a
* 3. v = b % a
@@ -19319,7 +19576,7 @@ word32 CheckRunTimeFastMath(void)
*/
void sp_memzero_add(const char* name, sp_int* sp)
{
- wc_MemZero_Add(name, sp->dp, sp->size * sizeof(sp_digit));
+ wc_MemZero_Add(name, sp->dp, sp->size * sizeof(sp_int_digit));
}
/* Check the memory in the data pointer for memory that must be zero.
@@ -19328,7 +19585,7 @@ void sp_memzero_add(const char* name, sp_int* sp)
*/
void sp_memzero_check(sp_int* sp)
{
- wc_MemZero_Check(sp->dp, sp->size * sizeof(sp_digit));
+ wc_MemZero_Check(sp->dp, sp->size * sizeof(sp_int_digit));
}
#endif /* WOLFSSL_CHECK_MEM_ZERO */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c
new file mode 100644
index 00000000..211b1439
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c
@@ -0,0 +1,33 @@
+/* sp_sm2_arm32.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c
new file mode 100644
index 00000000..5c84948a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c
@@ -0,0 +1,33 @@
+/* sp_sm2_arm64.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c
new file mode 100644
index 00000000..5d26e27b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c
@@ -0,0 +1,33 @@
+/* sp_sm2_armthumb.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c
new file mode 100644
index 00000000..41c40d1e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c
@@ -0,0 +1,33 @@
+/* sp_sm2_c32.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c
new file mode 100644
index 00000000..ee380165
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c
@@ -0,0 +1,33 @@
+/* sp_sm2_c64.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c
new file mode 100644
index 00000000..3bda85f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c
@@ -0,0 +1,33 @@
+/* sp_sm2_cortexm.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c
new file mode 100644
index 00000000..f73e4083
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c
@@ -0,0 +1,33 @@
+/* sp_sm2_x86_64.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S
new file mode 100644
index 00000000..6ddc3c77
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S
@@ -0,0 +1,33 @@
+/* sp_sm2_x86_64_asm.S
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c
index 862d1731..990a999c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c
@@ -52,6 +52,16 @@
#include <wolfssl/wolfcrypt/sp.h>
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__ asm
+#define __volatile__ volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__ __asm
+#define __volatile__ volatile
+#endif
+
#ifdef WOLFSSL_SP_X86_64_ASM
#define SP_PRINT_NUM(var, name, total, words, bits) \
do { \
@@ -116,14 +126,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -334,7 +344,7 @@ extern sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b);
#endif
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -400,7 +410,7 @@ extern void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp);
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -414,7 +424,7 @@ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -823,7 +833,7 @@ extern void sp_2048_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -839,7 +849,7 @@ SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -1091,7 +1101,7 @@ extern void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp);
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1105,7 +1115,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -1636,7 +1646,7 @@ extern void sp_2048_mont_reduce_avx2_32(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1652,7 +1662,7 @@ SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_2048_mont_sqr_avx2_32(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -1919,9 +1929,9 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
#else
sp_digit a[32 * 5];
#endif
- sp_digit* ah;
- sp_digit* m;
- sp_digit* r;
+ sp_digit* ah = NULL;
+ sp_digit* m = NULL;
+ sp_digit* r = NULL;
sp_digit e = 0;
int err = MP_OKAY;
#ifdef HAVE_INTEL_AVX2
@@ -2130,9 +2140,9 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
#else
sp_digit d[32 * 4];
#endif
- sp_digit* a;
- sp_digit* m;
- sp_digit* r;
+ sp_digit* a = NULL;
+ sp_digit* m = NULL;
+ sp_digit* r = NULL;
int err = MP_OKAY;
ASSERT_SAVED_VECTOR_REGISTERS();
@@ -2243,14 +2253,14 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
#else
sp_digit a[16 * 11];
#endif
- sp_digit* p;
- sp_digit* q;
- sp_digit* dp;
- sp_digit* dq;
- sp_digit* qi;
- sp_digit* tmpa;
- sp_digit* tmpb;
- sp_digit* r;
+ sp_digit* p = NULL;
+ sp_digit* q = NULL;
+ sp_digit* dp = NULL;
+ sp_digit* dq = NULL;
+ sp_digit* qi = NULL;
+ sp_digit* tmpa = NULL;
+ sp_digit* tmpb = NULL;
+ sp_digit* r = NULL;
sp_digit c;
int err = MP_OKAY;
#ifdef HAVE_INTEL_AVX2
@@ -3079,14 +3089,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -3336,7 +3346,7 @@ extern void sp_3072_sqr_avx2_48(sp_digit* r, const sp_digit* a);
#if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
#endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -3402,7 +3412,7 @@ extern void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m, sp_digit mp);
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3416,7 +3426,7 @@ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -3825,7 +3835,7 @@ extern void sp_3072_mont_reduce_avx2_24(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3841,7 +3851,7 @@ SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_avx2_24(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -4093,7 +4103,7 @@ extern void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp);
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4107,7 +4117,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -4586,7 +4596,7 @@ extern void sp_3072_mont_reduce_avx2_48(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4602,7 +4612,7 @@ SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_3072_mont_sqr_avx2_48(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -4817,9 +4827,9 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
#else
sp_digit a[48 * 5];
#endif
- sp_digit* ah;
- sp_digit* m;
- sp_digit* r;
+ sp_digit* ah = NULL;
+ sp_digit* m = NULL;
+ sp_digit* r = NULL;
sp_digit e = 0;
int err = MP_OKAY;
#ifdef HAVE_INTEL_AVX2
@@ -5028,9 +5038,9 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
#else
sp_digit d[48 * 4];
#endif
- sp_digit* a;
- sp_digit* m;
- sp_digit* r;
+ sp_digit* a = NULL;
+ sp_digit* m = NULL;
+ sp_digit* r = NULL;
int err = MP_OKAY;
ASSERT_SAVED_VECTOR_REGISTERS();
@@ -5141,14 +5151,14 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
#else
sp_digit a[24 * 11];
#endif
- sp_digit* p;
- sp_digit* q;
- sp_digit* dp;
- sp_digit* dq;
- sp_digit* qi;
- sp_digit* tmpa;
- sp_digit* tmpb;
- sp_digit* r;
+ sp_digit* p = NULL;
+ sp_digit* q = NULL;
+ sp_digit* dp = NULL;
+ sp_digit* dq = NULL;
+ sp_digit* qi = NULL;
+ sp_digit* tmpa = NULL;
+ sp_digit* tmpb = NULL;
+ sp_digit* r = NULL;
sp_digit c;
int err = MP_OKAY;
#ifdef HAVE_INTEL_AVX2
@@ -5977,14 +5987,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -6150,7 +6160,7 @@ extern void sp_4096_sqr_avx2_64(sp_digit* r, const sp_digit* a);
}
#endif
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
*
* a A single precision number.
* rho Bottom word of inverse.
@@ -6217,7 +6227,7 @@ extern void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp);
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -6231,7 +6241,7 @@ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -6710,7 +6720,7 @@ extern void sp_4096_mont_reduce_avx2_64(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -6726,7 +6736,7 @@ SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_4096_mont_sqr_avx2_64(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -6941,9 +6951,9 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
#else
sp_digit a[64 * 5];
#endif
- sp_digit* ah;
- sp_digit* m;
- sp_digit* r;
+ sp_digit* ah = NULL;
+ sp_digit* m = NULL;
+ sp_digit* r = NULL;
sp_digit e = 0;
int err = MP_OKAY;
#ifdef HAVE_INTEL_AVX2
@@ -7152,9 +7162,9 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
#else
sp_digit d[64 * 4];
#endif
- sp_digit* a;
- sp_digit* m;
- sp_digit* r;
+ sp_digit* a = NULL;
+ sp_digit* m = NULL;
+ sp_digit* r = NULL;
int err = MP_OKAY;
ASSERT_SAVED_VECTOR_REGISTERS();
@@ -7265,14 +7275,14 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
#else
sp_digit a[32 * 11];
#endif
- sp_digit* p;
- sp_digit* q;
- sp_digit* dp;
- sp_digit* dq;
- sp_digit* qi;
- sp_digit* tmpa;
- sp_digit* tmpb;
- sp_digit* r;
+ sp_digit* p = NULL;
+ sp_digit* q = NULL;
+ sp_digit* dp = NULL;
+ sp_digit* dq = NULL;
+ sp_digit* qi = NULL;
+ sp_digit* tmpa = NULL;
+ sp_digit* tmpb = NULL;
+ sp_digit* r = NULL;
sp_digit c;
int err = MP_OKAY;
#ifdef HAVE_INTEL_AVX2
@@ -8184,14 +8194,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -8397,10 +8407,10 @@ extern void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_4(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_4(r, a, m, mp);
for (; n > 1; n--) {
@@ -8591,14 +8601,14 @@ extern void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_256_mont_sub_lower_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
+extern void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_256_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_256_mont_rsb_sub_dbl_4(sp_digit* r, const sp_digit* a, sp_digit* b, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -8646,17 +8656,14 @@ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_4(t2, t2, p256_mod);
+ sp_256_mont_div2_4(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_4(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
sp_256_mont_sqr_4(x, t1, p256_mod, p256_mp_mod);
- /* X = X - Y */
- sp_256_mont_sub_4(x, x, y, p256_mod);
- /* X = X - Y */
- sp_256_mont_sub_4(x, x, y, p256_mod);
+ /* X = X - 2*Y */
/* Y = Y - X */
- sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_4(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -8679,7 +8686,8 @@ typedef struct sp_256_proj_point_dbl_4_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_4_ctx* ctx = (sp_256_proj_point_dbl_4_ctx*)sp_ctx->data;
@@ -8753,7 +8761,7 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_4(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_4(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -8767,18 +8775,15 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
ctx->state = 14;
break;
case 14:
- /* X = X - Y */
- sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
+ /* X = X - 2*Y */
+ /* Y = Y - X */
+ sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 15;
break;
case 15:
- /* X = X - Y */
- sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 16;
break;
case 16:
- /* Y = Y - X */
- sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -8803,27 +8808,6 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_tpl_lower_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_sub_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_dbl_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -8861,15 +8845,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+ sp_256_mont_tpl_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
/* X = A^2 - 2B */
sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -8889,15 +8873,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+ sp_256_mont_tpl_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
/* X = A^2 - 2B */
sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -8907,7 +8891,7 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
sp_256_mont_sub_4(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_4(y, y, p256_mod);
+ sp_256_mont_div2_4(y, y, p256_mod);
}
/* Compare two numbers to determine if they are equal.
@@ -8945,12 +8929,12 @@ static int sp_256_iszero_4(const sp_digit* a)
static void sp_256_proj_point_add_4(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*4;
- sp_digit* t3 = t + 4*4;
- sp_digit* t4 = t + 6*4;
- sp_digit* t5 = t + 8*4;
- sp_digit* t6 = t + 10*4;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*4;
+ sp_digit* t2 = t + 4*4;
+ sp_digit* t3 = t + 6*4;
+ sp_digit* t4 = t + 8*4;
+ sp_digit* t5 = t + 10*4;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
@@ -8972,17 +8956,9 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
sp_256_proj_point_dbl_4(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_4(t2, t2, t1, p256_mod);
@@ -8998,22 +8974,32 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
sp_256_mont_sqr_4(x, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(x, x, t5, p256_mod);
sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, y, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
sp_256_mont_mul_4(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(y, y, t5, p256_mod);
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 4; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -9059,12 +9045,12 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*4;
- ctx->t3 = t + 4*4;
- ctx->t4 = t + 6*4;
- ctx->t5 = t + 8*4;
- ctx->t6 = t + 10*4;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*4;
+ ctx->t2 = t + 4*4;
+ ctx->t3 = t + 6*4;
+ ctx->t4 = t + 8*4;
+ ctx->t5 = t + 10*4;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -9165,12 +9151,11 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
ctx->state = 20;
break;
case 20:
- sp_256_mont_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
+ /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
+ sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 21;
break;
case 21:
- /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -9183,22 +9168,28 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 4; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -9256,16 +9247,16 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+ sp_256_mont_tpl_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
x = r[j].x;
/* X = A^2 - 2B */
sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_4(r[j].z, z, y, p256_mod, p256_mp_mod);
z = r[j].z;
@@ -9279,7 +9270,7 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
sp_256_mont_sub_4(y, y, t1, p256_mod);
/* Y = Y/2 */
- sp_256_div2_4(r[j].y, y, p256_mod);
+ sp_256_mont_div2_4(r[j].y, y, p256_mod);
r[j].infinity = 0;
}
}
@@ -9353,8 +9344,8 @@ static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
sp_256_mont_sub_4(xs, xs, t1, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_256_mont_sub_lower_4(ys, ya, xs, p256_mod);
- sp_256_mont_sub_lower_4(ya, ya, xa, p256_mod);
+ sp_256_mont_sub_4(ys, ya, xs, p256_mod);
+ sp_256_mont_sub_4(ya, ya, xa, p256_mod);
sp_256_mont_mul_4(ya, ya, t4, p256_mod, p256_mp_mod);
sp_256_sub_4(t6, p256_mod, t6);
sp_256_mont_mul_4(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -9488,7 +9479,7 @@ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
+ t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -9616,10 +9607,10 @@ extern void sp_256_mont_sqr_avx2_4(sp_digit* r, const sp_digit* a, const sp_digi
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_256_mont_sqr_n_avx2_4(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_avx2_4(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_256_mont_sqr_avx2_4(r, a, m, mp);
for (; n > 1; n--) {
@@ -9709,7 +9700,7 @@ extern sp_digit sp_256_cond_sub_avx2_4(sp_digit* r, const sp_digit* a, const sp_
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_256_mont_reduce_avx2_order_4(sp_digit* a, const sp_digit* m, sp_digit mp);
+extern void sp_256_mont_reduce_order_avx2_4(sp_digit* a, const sp_digit* m, sp_digit mp);
#ifdef __cplusplus
}
#endif
@@ -9757,14 +9748,14 @@ static void sp_256_map_avx2_4(sp_point_256* r, const sp_point_256* p,
#define sp_256_mont_dbl_avx2_4 sp_256_mont_dbl_4
#define sp_256_mont_tpl_avx2_4 sp_256_mont_tpl_4
#define sp_256_mont_sub_avx2_4 sp_256_mont_sub_4
-#define sp_256_mont_sub_lower_avx2_4 sp_256_mont_sub_lower_4
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_256_div2_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_256_mont_div2_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
+#define sp_256_mont_rsb_sub_dbl_avx2_4 sp_256_mont_rsb_sub_dbl_4
/* Double the Montgomery form projective point p.
*
* r Result of doubling point.
@@ -9809,17 +9800,14 @@ static void sp_256_proj_point_dbl_avx2_4(sp_point_256* r, const sp_point_256* p,
/* T2 = Y * Y */
sp_256_mont_sqr_avx2_4(t2, y, p256_mod, p256_mp_mod);
/* T2 = T2/2 */
- sp_256_div2_avx2_4(t2, t2, p256_mod);
+ sp_256_mont_div2_avx2_4(t2, t2, p256_mod);
/* Y = Y * X */
sp_256_mont_mul_avx2_4(y, y, p->x, p256_mod, p256_mp_mod);
/* X = T1 * T1 */
sp_256_mont_sqr_avx2_4(x, t1, p256_mod, p256_mp_mod);
- /* X = X - Y */
- sp_256_mont_sub_avx2_4(x, x, y, p256_mod);
- /* X = X - Y */
- sp_256_mont_sub_avx2_4(x, x, y, p256_mod);
+ /* X = X - 2*Y */
/* Y = Y - X */
- sp_256_mont_sub_lower_avx2_4(y, y, x, p256_mod);
+ sp_256_mont_rsb_sub_dbl_avx2_4(x, x, y, p256_mod);
/* Y = Y * T1 */
sp_256_mont_mul_avx2_4(y, y, t1, p256_mod, p256_mp_mod);
/* Y = Y - T2 */
@@ -9842,7 +9830,8 @@ typedef struct sp_256_proj_point_dbl_avx2_4_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+ const sp_point_256* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_256_proj_point_dbl_avx2_4_ctx* ctx = (sp_256_proj_point_dbl_avx2_4_ctx*)sp_ctx->data;
@@ -9916,7 +9905,7 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
break;
case 11:
/* T2 = T2/2 */
- sp_256_div2_avx2_4(ctx->t2, ctx->t2, p256_mod);
+ sp_256_mont_div2_avx2_4(ctx->t2, ctx->t2, p256_mod);
ctx->state = 12;
break;
case 12:
@@ -9930,18 +9919,15 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
ctx->state = 14;
break;
case 14:
- /* X = X - Y */
- sp_256_mont_sub_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
+ /* X = X - 2*Y */
+ /* Y = Y - X */
+ sp_256_mont_rsb_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 15;
break;
case 15:
- /* X = X - Y */
- sp_256_mont_sub_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 16;
break;
case 16:
- /* Y = Y - X */
- sp_256_mont_sub_lower_avx2_4(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 17;
break;
case 17:
@@ -9966,9 +9952,6 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_256_mont_tpl_lower_avx2_4 sp_256_mont_tpl_lower_4
-#define sp_256_mont_sub_dbl_avx2_4 sp_256_mont_sub_dbl_4
-#define sp_256_mont_dbl_sub_avx2_4 sp_256_mont_dbl_sub_4
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -10006,15 +9989,15 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_avx2_4(a, t1, p256_mod);
+ sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
/* X = A^2 - 2B */
sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_avx2_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_avx2_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_avx2_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_avx2_4(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -10034,15 +10017,15 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_avx2_4(a, t1, p256_mod);
+ sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
/* X = A^2 - 2B */
sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_avx2_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_avx2_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_avx2_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_avx2_4(z, z, y, p256_mod, p256_mp_mod);
/* t1 = Y^4 */
@@ -10052,7 +10035,7 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_256_div2_avx2_4(y, y, p256_mod);
+ sp_256_mont_div2_avx2_4(y, y, p256_mod);
}
@@ -10066,12 +10049,12 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*4;
- sp_digit* t3 = t + 4*4;
- sp_digit* t4 = t + 6*4;
- sp_digit* t5 = t + 8*4;
- sp_digit* t6 = t + 10*4;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*4;
+ sp_digit* t2 = t + 4*4;
+ sp_digit* t3 = t + 6*4;
+ sp_digit* t4 = t + 8*4;
+ sp_digit* t5 = t + 10*4;
/* U1 = X1*Z2^2 */
sp_256_mont_sqr_avx2_4(t1, q->z, p256_mod, p256_mp_mod);
@@ -10093,17 +10076,9 @@ static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
sp_256_proj_point_dbl_avx2_4(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
@@ -10119,22 +10094,32 @@ static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
sp_256_mont_sqr_avx2_4(x, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_avx2_4(x, x, t5, p256_mod);
sp_256_mont_mul_avx2_4(t5, t5, t3, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_avx2_4(x, x, y, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_avx2_4(y, y, x, p256_mod);
+ sp_256_mont_rsb_sub_dbl_avx2_4(x, x, y, p256_mod);
sp_256_mont_mul_avx2_4(y, y, t4, p256_mod, p256_mp_mod);
sp_256_mont_sub_avx2_4(y, y, t5, p256_mod);
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 4; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -10180,12 +10165,12 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*4;
- ctx->t3 = t + 4*4;
- ctx->t4 = t + 6*4;
- ctx->t5 = t + 8*4;
- ctx->t6 = t + 10*4;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*4;
+ ctx->t2 = t + 4*4;
+ ctx->t3 = t + 6*4;
+ ctx->t4 = t + 8*4;
+ ctx->t5 = t + 10*4;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -10286,12 +10271,11 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
ctx->state = 20;
break;
case 20:
- sp_256_mont_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
+ /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
+ sp_256_mont_rsb_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
ctx->state = 21;
break;
case 21:
- /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_256_mont_sub_lower_avx2_4(ctx->y, ctx->y, ctx->x, p256_mod);
ctx->state = 22;
break;
case 22:
@@ -10304,22 +10288,28 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 4; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -10377,16 +10367,16 @@ static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r,
/* A = 3*(X^2 - W) */
sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
- sp_256_mont_tpl_lower_avx2_4(a, t1, p256_mod);
+ sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
/* B = X*Y^2 */
sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
x = r[j].x;
/* X = A^2 - 2B */
sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
- sp_256_mont_sub_dbl_avx2_4(x, x, b, p256_mod);
+ sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
/* B = 2.(B - X) */
- sp_256_mont_dbl_sub_avx2_4(b, b, x, p256_mod);
+ sp_256_mont_dbl_avx2_4(b, b, p256_mod);
/* Z = Z*Y */
sp_256_mont_mul_avx2_4(r[j].z, z, y, p256_mod, p256_mp_mod);
z = r[j].z;
@@ -10400,7 +10390,7 @@ static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r,
sp_256_mont_mul_avx2_4(y, b, a, p256_mod, p256_mp_mod);
sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
/* Y = Y/2 */
- sp_256_div2_avx2_4(r[j].y, y, p256_mod);
+ sp_256_mont_div2_avx2_4(r[j].y, y, p256_mod);
r[j].infinity = 0;
}
}
@@ -10474,8 +10464,8 @@ static void sp_256_proj_point_add_sub_avx2_4(sp_point_256* ra,
sp_256_mont_sub_avx2_4(xs, xs, t1, p256_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_256_mont_sub_lower_avx2_4(ys, ya, xs, p256_mod);
- sp_256_mont_sub_lower_avx2_4(ya, ya, xa, p256_mod);
+ sp_256_mont_sub_avx2_4(ys, ya, xs, p256_mod);
+ sp_256_mont_sub_avx2_4(ya, ya, xa, p256_mod);
sp_256_mont_mul_avx2_4(ya, ya, t4, p256_mod, p256_mp_mod);
sp_256_sub_4(t6, p256_mod, t6);
sp_256_mont_mul_avx2_4(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -10524,7 +10514,7 @@ static int sp_256_ecc_mulmod_win_add_sub_avx2_4(sp_point_256* r, const sp_point_
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
+ t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -10650,12 +10640,11 @@ typedef struct sp_table_entry_256 {
static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*4;
- sp_digit* t3 = t + 4*4;
- sp_digit* t4 = t + 6*4;
- sp_digit* t5 = t + 8*4;
- sp_digit* t6 = t + 10*4;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*4;
+ sp_digit* t6 = t + 4*4;
+ sp_digit* t1 = t + 6*4;
+ sp_digit* t4 = t + 8*4;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -10671,13 +10660,9 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
sp_256_proj_point_dbl_4(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_4(t2, t2, p->x, p256_mod);
@@ -10686,32 +10671,38 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_4(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_4(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_4(x, t1, t5, p256_mod);
- sp_256_mont_sub_dbl_4(x, x, t3, p256_mod);
+ sp_256_mont_sqr_4(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_4(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_4(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_4(t2, t2, t1, p256_mod);
+ sp_256_mont_rsb_sub_dbl_4(x, t2, t3, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_4(t3, t3, x, p256_mod);
sp_256_mont_mul_4(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_4(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_4(y, t3, t5, p256_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_256_mont_mul_4(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_4(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 4; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -10869,7 +10860,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
sp_digit* t = NULL;
#else
sp_point_256 rt[2];
- sp_digit t[2 * 4 * 6];
+ sp_digit t[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
int i;
@@ -10890,7 +10881,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -10994,7 +10985,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -11065,8 +11056,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
@@ -11074,13 +11065,13 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
#ifdef WOLFSSL_SP_SMALL_STACK
sp_digit* tmp;
#else
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_cache_256_t* cache;
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
if (tmp == NULL) {
err = MEMORY_E;
}
@@ -11137,12 +11128,11 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
const sp_point_256* p, const sp_point_256* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*4;
- sp_digit* t3 = t + 4*4;
- sp_digit* t4 = t + 6*4;
- sp_digit* t5 = t + 8*4;
- sp_digit* t6 = t + 10*4;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*4;
+ sp_digit* t6 = t + 4*4;
+ sp_digit* t1 = t + 6*4;
+ sp_digit* t4 = t + 8*4;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -11158,13 +11148,9 @@ static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
sp_256_proj_point_dbl_avx2_4(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_256_mont_sub_avx2_4(t2, t2, p->x, p256_mod);
@@ -11173,32 +11159,38 @@ static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
/* Z3 = H*Z1 */
sp_256_mont_mul_avx2_4(z, p->z, t2, p256_mod, p256_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_256_mont_sqr_avx2_4(t1, t4, p256_mod, p256_mp_mod);
- sp_256_mont_sqr_avx2_4(t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_mul_avx2_4(t3, p->x, t5, p256_mod, p256_mp_mod);
- sp_256_mont_mul_avx2_4(t5, t5, t2, p256_mod, p256_mp_mod);
- sp_256_mont_sub_avx2_4(x, t1, t5, p256_mod);
- sp_256_mont_sub_dbl_avx2_4(x, x, t3, p256_mod);
+ sp_256_mont_sqr_avx2_4(t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_avx2_4(t3, p->x, t1, p256_mod, p256_mp_mod);
+ sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
+ sp_256_mont_sqr_avx2_4(t2, t4, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
+ sp_256_mont_rsb_sub_dbl_avx2_4(x, t2, t3, p256_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_256_mont_sub_lower_avx2_4(t3, t3, x, p256_mod);
sp_256_mont_mul_avx2_4(t3, t3, t4, p256_mod, p256_mp_mod);
- sp_256_mont_mul_avx2_4(t5, t5, p->y, p256_mod, p256_mp_mod);
- sp_256_mont_sub_avx2_4(y, t3, t5, p256_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 4; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 4; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_256_mont_mul_avx2_4(t1, t1, p->y, p256_mod, p256_mp_mod);
+ sp_256_mont_sub_avx2_4(y, t3, t1, p256_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 4; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 4; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -11342,7 +11334,7 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256*
sp_digit* t = NULL;
#else
sp_point_256 rt[2];
- sp_digit t[2 * 4 * 6];
+ sp_digit t[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
int i;
@@ -11363,7 +11355,7 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256*
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -11445,8 +11437,8 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256*
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_256_ecc_mulmod_win_add_sub_avx2_4(r, g, k, map, ct, heap);
@@ -11454,13 +11446,13 @@ static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g, cons
#ifdef WOLFSSL_SP_SMALL_STACK
sp_digit* tmp;
#else
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_cache_256_t* cache;
int err = MP_OKAY;
#ifdef WOLFSSL_SP_SMALL_STACK
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
if (tmp == NULL) {
err = MEMORY_E;
}
@@ -11571,7 +11563,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -11582,7 +11574,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_256* point = NULL;
+ sp_point_256* point = NULL;
sp_digit* k = NULL;
#else
sp_point_256 point[2];
@@ -24101,7 +24093,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
sp_digit* tmp = NULL;
#else
sp_point_256 rt[2];
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
sp_digit* negy = NULL;
@@ -24120,7 +24112,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (tmp == NULL)
err = MEMORY_E;
@@ -24179,7 +24171,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
if (tmp != NULL)
#endif
{
- ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 6);
+ ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 5);
#ifdef WOLFSSL_SP_SMALL_STACK
XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
#endif
@@ -24235,7 +24227,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
sp_digit* tmp = NULL;
#else
sp_point_256 rt[2];
- sp_digit tmp[2 * 4 * 6];
+ sp_digit tmp[2 * 4 * 5];
#endif
sp_point_256* p = NULL;
sp_digit* negy = NULL;
@@ -24254,7 +24246,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
if (rt == NULL)
err = MEMORY_E;
if (err == MP_OKAY) {
- tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+ tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
DYNAMIC_TYPE_ECC);
if (tmp == NULL)
err = MEMORY_E;
@@ -24313,7 +24305,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
if (tmp != NULL)
#endif
{
- ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 6);
+ ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 5);
#ifdef WOLFSSL_SP_SMALL_STACK
XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
#endif
@@ -24409,7 +24401,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -24434,7 +24426,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
#endif
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -24600,7 +24592,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_256* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
#ifdef HAVE_INTEL_AVX2
word32 cpuid_flags = cpuid_get_flags();
#endif
@@ -24611,7 +24603,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -26012,7 +26004,7 @@ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -26400,7 +26392,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -26428,19 +26420,21 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 4;
+ /* y^2 - x^3 - a.x = b */
sp_256_sqr_4(t1, point->y);
(void)sp_256_mod_4(t1, t1, p256_mod);
sp_256_sqr_4(t2, point->x);
(void)sp_256_mod_4(t2, t2, p256_mod);
sp_256_mul_4(t2, t2, point->x);
(void)sp_256_mod_4(t2, t2, p256_mod);
- (void)sp_256_sub_4(t2, p256_mod, t2);
- sp_256_mont_add_4(t1, t1, t2, p256_mod);
+ sp_256_mont_sub_4(t1, t1, t2, p256_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_256_mont_add_4(t1, t1, point->x, p256_mod);
sp_256_mont_add_4(t1, t1, point->x, p256_mod);
sp_256_mont_add_4(t1, t1, point->x, p256_mod);
+
if (sp_256_cmp_4(t1, p256_b) != 0) {
err = MP_VAL;
}
@@ -26454,7 +26448,7 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -27289,14 +27283,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -27509,7 +27503,7 @@ extern void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -27523,7 +27517,7 @@ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -27539,10 +27533,10 @@ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_6(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_6(r, a, m, mp);
for (; n > 1; n--) {
@@ -27728,14 +27722,7 @@ extern void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_384_mont_sub_lower_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -27783,7 +27770,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_6(t2, t2, p384_mod);
+ sp_384_mont_div2_6(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_6(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -27793,7 +27780,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_6(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+ sp_384_mont_sub_6(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_6(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -27816,7 +27803,8 @@ typedef struct sp_384_proj_point_dbl_6_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_6_ctx* ctx = (sp_384_proj_point_dbl_6_ctx*)sp_ctx->data;
@@ -27890,7 +27878,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_6(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_6(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -27915,7 +27903,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -27940,20 +27928,6 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_dbl_lower_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_tpl_lower_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -27992,7 +27966,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+ sp_384_mont_tpl_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -28001,8 +27975,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
sp_384_mont_dbl_6(t2, b, p384_mod);
sp_384_mont_sub_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+ sp_384_mont_sub_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -28022,7 +27996,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+ sp_384_mont_tpl_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -28031,8 +28005,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
sp_384_mont_dbl_6(t2, b, p384_mod);
sp_384_mont_sub_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+ sp_384_mont_sub_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -28042,7 +28016,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
sp_384_mont_sub_6(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_6(y, y, p384_mod);
+ sp_384_mont_div2_6(y, y, p384_mod);
}
/* Compare two numbers to determine if they are equal.
@@ -28080,12 +28054,12 @@ static int sp_384_iszero_6(const sp_digit* a)
static void sp_384_proj_point_add_6(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*6;
- sp_digit* t3 = t + 4*6;
- sp_digit* t4 = t + 6*6;
- sp_digit* t5 = t + 8*6;
- sp_digit* t6 = t + 10*6;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*6;
+ sp_digit* t2 = t + 4*6;
+ sp_digit* t3 = t + 6*6;
+ sp_digit* t4 = t + 8*6;
+ sp_digit* t5 = t + 10*6;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
@@ -28107,17 +28081,9 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
sp_384_proj_point_dbl_6(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_6(t2, t2, t1, p384_mod);
@@ -28136,20 +28102,31 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
sp_384_mont_dbl_6(t3, y, p384_mod);
sp_384_mont_sub_6(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+ sp_384_mont_sub_6(y, y, x, p384_mod);
sp_384_mont_mul_6(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(y, y, t5, p384_mod);
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -28195,12 +28172,12 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*6;
- ctx->t3 = t + 4*6;
- ctx->t4 = t + 6*6;
- ctx->t5 = t + 8*6;
- ctx->t6 = t + 10*6;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*6;
+ ctx->t2 = t + 4*6;
+ ctx->t3 = t + 6*6;
+ ctx->t4 = t + 8*6;
+ ctx->t5 = t + 10*6;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -28307,7 +28284,7 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -28320,22 +28297,28 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -28394,7 +28377,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+ sp_384_mont_tpl_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -28404,8 +28387,8 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
sp_384_mont_dbl_6(t2, b, p384_mod);
sp_384_mont_sub_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+ sp_384_mont_sub_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_6(r[j].z, z, y, p384_mod, p384_mp_mod);
z = r[j].z;
@@ -28419,7 +28402,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
sp_384_mont_sub_6(y, y, t1, p384_mod);
/* Y = Y/2 */
- sp_384_div2_6(r[j].y, y, p384_mod);
+ sp_384_mont_div2_6(r[j].y, y, p384_mod);
r[j].infinity = 0;
}
}
@@ -28493,8 +28476,8 @@ static void sp_384_proj_point_add_sub_6(sp_point_384* ra,
sp_384_mont_sub_6(xs, xs, t1, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_384_mont_sub_lower_6(ys, ya, xs, p384_mod);
- sp_384_mont_sub_lower_6(ya, ya, xa, p384_mod);
+ sp_384_mont_sub_6(ys, ya, xs, p384_mod);
+ sp_384_mont_sub_6(ya, ya, xa, p384_mod);
sp_384_mont_mul_6(ya, ya, t4, p384_mod, p384_mp_mod);
sp_384_sub_6(t6, p384_mod, t6);
sp_384_mont_mul_6(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -28628,7 +28611,7 @@ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
+ t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -28751,7 +28734,7 @@ extern void sp_384_mont_reduce_order_avx2_6(sp_digit* a, const sp_digit* m, sp_d
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -28767,7 +28750,7 @@ SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -28784,10 +28767,10 @@ SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_384_mont_sqr_n_avx2_6(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_avx2_6(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_384_mont_sqr_avx2_6(r, a, m, mp);
for (; n > 1; n--) {
@@ -28933,11 +28916,10 @@ static void sp_384_map_avx2_6(sp_point_384* r, const sp_point_384* p,
#define sp_384_mont_dbl_avx2_6 sp_384_mont_dbl_6
#define sp_384_mont_tpl_avx2_6 sp_384_mont_tpl_6
#define sp_384_mont_sub_avx2_6 sp_384_mont_sub_6
-#define sp_384_mont_sub_lower_avx2_6 sp_384_mont_sub_lower_6
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_384_div2_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_384_mont_div2_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -28985,7 +28967,7 @@ static void sp_384_proj_point_dbl_avx2_6(sp_point_384* r, const sp_point_384* p,
/* T2 = Y * Y */
sp_384_mont_sqr_avx2_6(t2, y, p384_mod, p384_mp_mod);
/* T2 = T2/2 */
- sp_384_div2_avx2_6(t2, t2, p384_mod);
+ sp_384_mont_div2_avx2_6(t2, t2, p384_mod);
/* Y = Y * X */
sp_384_mont_mul_avx2_6(y, y, p->x, p384_mod, p384_mp_mod);
/* X = T1 * T1 */
@@ -28995,7 +28977,7 @@ static void sp_384_proj_point_dbl_avx2_6(sp_point_384* r, const sp_point_384* p,
/* X = X - Y */
sp_384_mont_sub_avx2_6(x, x, y, p384_mod);
/* Y = Y - X */
- sp_384_mont_sub_lower_avx2_6(y, y, x, p384_mod);
+ sp_384_mont_sub_avx2_6(y, y, x, p384_mod);
/* Y = Y * T1 */
sp_384_mont_mul_avx2_6(y, y, t1, p384_mod, p384_mp_mod);
/* Y = Y - T2 */
@@ -29018,7 +29000,8 @@ typedef struct sp_384_proj_point_dbl_avx2_6_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+ const sp_point_384* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_384_proj_point_dbl_avx2_6_ctx* ctx = (sp_384_proj_point_dbl_avx2_6_ctx*)sp_ctx->data;
@@ -29092,7 +29075,7 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
break;
case 11:
/* T2 = T2/2 */
- sp_384_div2_avx2_6(ctx->t2, ctx->t2, p384_mod);
+ sp_384_mont_div2_avx2_6(ctx->t2, ctx->t2, p384_mod);
ctx->state = 12;
break;
case 12:
@@ -29117,7 +29100,7 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
break;
case 16:
/* Y = Y - X */
- sp_384_mont_sub_lower_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 17;
break;
case 17:
@@ -29142,8 +29125,6 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_384_mont_dbl_lower_avx2_6 sp_384_mont_dbl_lower_6
-#define sp_384_mont_tpl_lower_avx2_6 sp_384_mont_tpl_lower_6
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -29182,7 +29163,7 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_avx2_6(a, t1, p384_mod);
+ sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -29191,8 +29172,8 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_avx2_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_avx2_6(b, t2, p384_mod);
+ sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_avx2_6(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -29212,7 +29193,7 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_avx2_6(a, t1, p384_mod);
+ sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -29221,8 +29202,8 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_avx2_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_avx2_6(b, t2, p384_mod);
+ sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_avx2_6(z, z, y, p384_mod, p384_mp_mod);
/* t1 = Y^4 */
@@ -29232,7 +29213,7 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_384_div2_avx2_6(y, y, p384_mod);
+ sp_384_mont_div2_avx2_6(y, y, p384_mod);
}
@@ -29246,12 +29227,12 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*6;
- sp_digit* t3 = t + 4*6;
- sp_digit* t4 = t + 6*6;
- sp_digit* t5 = t + 8*6;
- sp_digit* t6 = t + 10*6;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*6;
+ sp_digit* t2 = t + 4*6;
+ sp_digit* t3 = t + 6*6;
+ sp_digit* t4 = t + 8*6;
+ sp_digit* t5 = t + 10*6;
/* U1 = X1*Z2^2 */
sp_384_mont_sqr_avx2_6(t1, q->z, p384_mod, p384_mp_mod);
@@ -29273,17 +29254,9 @@ static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
sp_384_proj_point_dbl_avx2_6(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
@@ -29302,20 +29275,31 @@ static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
sp_384_mont_dbl_avx2_6(t3, y, p384_mod);
sp_384_mont_sub_avx2_6(x, x, t3, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_avx2_6(y, y, x, p384_mod);
+ sp_384_mont_sub_avx2_6(y, y, x, p384_mod);
sp_384_mont_mul_avx2_6(y, y, t4, p384_mod, p384_mp_mod);
sp_384_mont_sub_avx2_6(y, y, t5, p384_mod);
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -29361,12 +29345,12 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*6;
- ctx->t3 = t + 4*6;
- ctx->t4 = t + 6*6;
- ctx->t5 = t + 8*6;
- ctx->t6 = t + 10*6;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*6;
+ ctx->t2 = t + 4*6;
+ ctx->t3 = t + 6*6;
+ ctx->t4 = t + 8*6;
+ ctx->t5 = t + 10*6;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -29473,7 +29457,7 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_384_mont_sub_lower_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
+ sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
ctx->state = 22;
break;
case 22:
@@ -29486,22 +29470,28 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -29560,7 +29550,7 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
/* A = 3*(X^2 - W) */
sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
- sp_384_mont_tpl_lower_avx2_6(a, t1, p384_mod);
+ sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
/* B = X*Y^2 */
sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -29570,8 +29560,8 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
/* B = 2.(B - X) */
- sp_384_mont_sub_lower_avx2_6(t2, b, x, p384_mod);
- sp_384_mont_dbl_lower_avx2_6(b, t2, p384_mod);
+ sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
+ sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
/* Z = Z*Y */
sp_384_mont_mul_avx2_6(r[j].z, z, y, p384_mod, p384_mp_mod);
z = r[j].z;
@@ -29585,7 +29575,7 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
sp_384_mont_mul_avx2_6(y, b, a, p384_mod, p384_mp_mod);
sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
/* Y = Y/2 */
- sp_384_div2_avx2_6(r[j].y, y, p384_mod);
+ sp_384_mont_div2_avx2_6(r[j].y, y, p384_mod);
r[j].infinity = 0;
}
}
@@ -29659,8 +29649,8 @@ static void sp_384_proj_point_add_sub_avx2_6(sp_point_384* ra,
sp_384_mont_sub_avx2_6(xs, xs, t1, p384_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_384_mont_sub_lower_avx2_6(ys, ya, xs, p384_mod);
- sp_384_mont_sub_lower_avx2_6(ya, ya, xa, p384_mod);
+ sp_384_mont_sub_avx2_6(ys, ya, xs, p384_mod);
+ sp_384_mont_sub_avx2_6(ya, ya, xa, p384_mod);
sp_384_mont_mul_avx2_6(ya, ya, t4, p384_mod, p384_mp_mod);
sp_384_sub_6(t6, p384_mod, t6);
sp_384_mont_mul_avx2_6(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -29709,7 +29699,7 @@ static int sp_384_ecc_mulmod_win_add_sub_avx2_6(sp_point_384* r, const sp_point_
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
+ t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -29835,12 +29825,12 @@ typedef struct sp_table_entry_384 {
static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*6;
- sp_digit* t3 = t + 4*6;
- sp_digit* t4 = t + 6*6;
- sp_digit* t5 = t + 8*6;
- sp_digit* t6 = t + 10*6;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*6;
+ sp_digit* t6 = t + 4*6;
+ sp_digit* t1 = t + 6*6;
+ sp_digit* t4 = t + 8*6;
+ sp_digit* t5 = t + 10*6;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -29856,13 +29846,9 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
sp_384_proj_point_dbl_6(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_6(t2, t2, p->x, p384_mod);
@@ -29871,33 +29857,40 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_6(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_6(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_6(x, t1, t5, p384_mod);
- sp_384_mont_dbl_6(t1, t3, p384_mod);
- sp_384_mont_sub_6(x, x, t1, p384_mod);
+ sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_6(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_6(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_6(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_6(t5, t3, p384_mod);
+ sp_384_mont_sub_6(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_6(t3, t3, x, p384_mod);
+ sp_384_mont_sub_6(t3, t3, x, p384_mod);
sp_384_mont_mul_6(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_6(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_6(y, t3, t5, p384_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_384_mont_mul_6(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_6(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -30180,7 +30173,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -30251,8 +30244,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
@@ -30323,12 +30316,12 @@ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_
static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
const sp_point_384* p, const sp_point_384* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*6;
- sp_digit* t3 = t + 4*6;
- sp_digit* t4 = t + 6*6;
- sp_digit* t5 = t + 8*6;
- sp_digit* t6 = t + 10*6;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*6;
+ sp_digit* t6 = t + 4*6;
+ sp_digit* t1 = t + 6*6;
+ sp_digit* t4 = t + 8*6;
+ sp_digit* t5 = t + 10*6;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -30344,13 +30337,9 @@ static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
sp_384_proj_point_dbl_avx2_6(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_384_mont_sub_avx2_6(t2, t2, p->x, p384_mod);
@@ -30359,33 +30348,40 @@ static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
/* Z3 = H*Z1 */
sp_384_mont_mul_avx2_6(z, p->z, t2, p384_mod, p384_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_384_mont_sqr_avx2_6(t1, t4, p384_mod, p384_mp_mod);
- sp_384_mont_sqr_avx2_6(t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_mul_avx2_6(t3, p->x, t5, p384_mod, p384_mp_mod);
- sp_384_mont_mul_avx2_6(t5, t5, t2, p384_mod, p384_mp_mod);
- sp_384_mont_sub_avx2_6(x, t1, t5, p384_mod);
- sp_384_mont_dbl_avx2_6(t1, t3, p384_mod);
- sp_384_mont_sub_avx2_6(x, x, t1, p384_mod);
+ sp_384_mont_sqr_avx2_6(t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_avx2_6(t3, p->x, t1, p384_mod, p384_mp_mod);
+ sp_384_mont_mul_avx2_6(t1, t1, t2, p384_mod, p384_mp_mod);
+ sp_384_mont_sqr_avx2_6(t2, t4, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
+ sp_384_mont_dbl_avx2_6(t5, t3, p384_mod);
+ sp_384_mont_sub_avx2_6(x, t2, t5, p384_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_384_mont_sub_lower_avx2_6(t3, t3, x, p384_mod);
+ sp_384_mont_sub_avx2_6(t3, t3, x, p384_mod);
sp_384_mont_mul_avx2_6(t3, t3, t4, p384_mod, p384_mp_mod);
- sp_384_mont_mul_avx2_6(t5, t5, p->y, p384_mod, p384_mp_mod);
- sp_384_mont_sub_avx2_6(y, t3, t5, p384_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 6; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 6; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_384_mont_mul_avx2_6(t1, t1, p->y, p384_mod, p384_mp_mod);
+ sp_384_mont_sub_avx2_6(y, t3, t1, p384_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 6; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 6; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -30632,8 +30628,8 @@ static int sp_384_ecc_mulmod_stripe_avx2_6(sp_point_384* r, const sp_point_384*
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_384_ecc_mulmod_win_add_sub_avx2_6(r, g, k, map, ct, heap);
@@ -30758,7 +30754,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -30769,7 +30765,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_384* point = NULL;
+ sp_point_384* point = NULL;
sp_digit* k = NULL;
#else
sp_point_384 point[2];
@@ -49410,7 +49406,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -49435,7 +49431,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
#endif
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -49601,7 +49597,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_384* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
#ifdef HAVE_INTEL_AVX2
word32 cpuid_flags = cpuid_get_flags();
#endif
@@ -49612,7 +49608,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -50872,7 +50868,7 @@ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_384_cmp_6(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_384_cmp_6(u, v) >= 0))) {
sp_384_sub_6(u, u, v);
o = sp_384_sub_6(b, b, d);
if (o != 0)
@@ -50962,7 +50958,7 @@ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -51343,7 +51339,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -51371,19 +51367,21 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 6;
+ /* y^2 - x^3 - a.x = b */
sp_384_sqr_6(t1, point->y);
(void)sp_384_mod_6(t1, t1, p384_mod);
sp_384_sqr_6(t2, point->x);
(void)sp_384_mod_6(t2, t2, p384_mod);
sp_384_mul_6(t2, t2, point->x);
(void)sp_384_mod_6(t2, t2, p384_mod);
- (void)sp_384_sub_6(t2, p384_mod, t2);
- sp_384_mont_add_6(t1, t1, t2, p384_mod);
+ sp_384_mont_sub_6(t1, t1, t2, p384_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_384_mont_add_6(t1, t1, point->x, p384_mod);
sp_384_mont_add_6(t1, t1, point->x, p384_mod);
sp_384_mont_add_6(t1, t1, point->x, p384_mod);
+
if (sp_384_cmp_6(t1, p384_b) != 0) {
err = MP_VAL;
}
@@ -51397,7 +51395,7 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -52203,14 +52201,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -52416,10 +52414,10 @@ extern void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m,
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_9(r, a, m, mp);
for (; n > 1; n--) {
@@ -52620,11 +52618,10 @@ extern void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
#ifdef __cplusplus
}
#endif
-#define sp_521_mont_sub_lower_9 sp_521_mont_sub_9
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_521_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -52672,7 +52669,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_9(t2, t2, p521_mod);
+ sp_521_mont_div2_9(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -52682,7 +52679,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_9(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+ sp_521_mont_sub_9(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -52705,7 +52702,8 @@ typedef struct sp_521_proj_point_dbl_9_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -52779,7 +52777,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_9(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -52804,7 +52802,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -52829,8 +52827,6 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_521_mont_dbl_lower_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_lower_9 sp_521_mont_tpl_9
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -52869,7 +52865,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -52878,8 +52874,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -52899,7 +52895,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -52908,8 +52904,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -52919,7 +52915,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
sp_521_mont_sub_9(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_9(y, y, p521_mod);
+ sp_521_mont_div2_9(y, y, p521_mod);
}
/* Compare two numbers to determine if they are equal.
@@ -52959,12 +52955,12 @@ static int sp_521_iszero_9(const sp_digit* a)
static void sp_521_proj_point_add_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*9;
+ sp_digit* t2 = t + 4*9;
+ sp_digit* t3 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -52986,17 +52982,9 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
sp_521_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_9(t2, t2, t1, p521_mod);
@@ -53015,20 +53003,31 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
sp_521_mont_dbl_9(t3, y, p521_mod);
sp_521_mont_sub_9(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+ sp_521_mont_sub_9(y, y, x, p521_mod);
sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(y, y, t5, p521_mod);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -53074,12 +53073,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*9;
- ctx->t3 = t + 4*9;
- ctx->t4 = t + 6*9;
- ctx->t5 = t + 8*9;
- ctx->t6 = t + 10*9;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*9;
+ ctx->t2 = t + 4*9;
+ ctx->t3 = t + 6*9;
+ ctx->t4 = t + 8*9;
+ ctx->t5 = t + 10*9;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -53186,7 +53185,7 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -53199,22 +53198,28 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -53273,7 +53278,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+ sp_521_mont_tpl_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -53283,8 +53288,8 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
sp_521_mont_dbl_9(t2, b, p521_mod);
sp_521_mont_sub_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+ sp_521_mont_sub_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
z = r[j].z;
@@ -53298,7 +53303,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
sp_521_mont_sub_9(y, y, t1, p521_mod);
/* Y = Y/2 */
- sp_521_div2_9(r[j].y, y, p521_mod);
+ sp_521_mont_div2_9(r[j].y, y, p521_mod);
r[j].infinity = 0;
}
}
@@ -53372,8 +53377,8 @@ static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
sp_521_mont_sub_9(xs, xs, t1, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_521_mont_sub_lower_9(ys, ya, xs, p521_mod);
- sp_521_mont_sub_lower_9(ya, ya, xa, p521_mod);
+ sp_521_mont_sub_9(ys, ya, xs, p521_mod);
+ sp_521_mont_sub_9(ya, ya, xa, p521_mod);
sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
sp_521_sub_9(t6, p521_mod, t6);
sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -53507,7 +53512,7 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
+ t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -53635,10 +53640,10 @@ extern void sp_521_mont_sqr_avx2_9(sp_digit* r, const sp_digit* a, const sp_digi
* a Number to square in Montgomery form.
* n Number of times to square.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
-static void sp_521_mont_sqr_n_avx2_9(sp_digit* r, const sp_digit* a, int n,
- const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_avx2_9(sp_digit* r,
+ const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
{
sp_521_mont_sqr_avx2_9(r, a, m, mp);
for (; n > 1; n--) {
@@ -53789,11 +53794,10 @@ static void sp_521_map_avx2_9(sp_point_521* r, const sp_point_521* p,
#define sp_521_mont_dbl_avx2_9 sp_521_mont_dbl_9
#define sp_521_mont_tpl_avx2_9 sp_521_mont_tpl_9
#define sp_521_mont_sub_avx2_9 sp_521_mont_sub_9
-#define sp_521_mont_sub_lower_avx2_9 sp_521_mont_sub_avx2_9
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_521_div2_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_521_mont_div2_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -53841,7 +53845,7 @@ static void sp_521_proj_point_dbl_avx2_9(sp_point_521* r, const sp_point_521* p,
/* T2 = Y * Y */
sp_521_mont_sqr_avx2_9(t2, y, p521_mod, p521_mp_mod);
/* T2 = T2/2 */
- sp_521_div2_avx2_9(t2, t2, p521_mod);
+ sp_521_mont_div2_avx2_9(t2, t2, p521_mod);
/* Y = Y * X */
sp_521_mont_mul_avx2_9(y, y, p->x, p521_mod, p521_mp_mod);
/* X = T1 * T1 */
@@ -53851,7 +53855,7 @@ static void sp_521_proj_point_dbl_avx2_9(sp_point_521* r, const sp_point_521* p,
/* X = X - Y */
sp_521_mont_sub_avx2_9(x, x, y, p521_mod);
/* Y = Y - X */
- sp_521_mont_sub_lower_avx2_9(y, y, x, p521_mod);
+ sp_521_mont_sub_avx2_9(y, y, x, p521_mod);
/* Y = Y * T1 */
sp_521_mont_mul_avx2_9(y, y, t1, p521_mod, p521_mp_mod);
/* Y = Y - T2 */
@@ -53874,7 +53878,8 @@ typedef struct sp_521_proj_point_dbl_avx2_9_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+ const sp_point_521* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_521_proj_point_dbl_avx2_9_ctx* ctx = (sp_521_proj_point_dbl_avx2_9_ctx*)sp_ctx->data;
@@ -53948,7 +53953,7 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
break;
case 11:
/* T2 = T2/2 */
- sp_521_div2_avx2_9(ctx->t2, ctx->t2, p521_mod);
+ sp_521_mont_div2_avx2_9(ctx->t2, ctx->t2, p521_mod);
ctx->state = 12;
break;
case 12:
@@ -53973,7 +53978,7 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
break;
case 16:
/* Y = Y - X */
- sp_521_mont_sub_lower_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 17;
break;
case 17:
@@ -53998,8 +54003,6 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_521_mont_dbl_lower_avx2_9 sp_521_mont_dbl_avx2_9
-#define sp_521_mont_tpl_lower_avx2_9 sp_521_mont_tpl_avx2_9
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -54038,7 +54041,7 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_avx2_9(a, t1, p521_mod);
+ sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -54047,8 +54050,8 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_avx2_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_avx2_9(b, t2, p521_mod);
+ sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_avx2_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -54068,7 +54071,7 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_avx2_9(a, t1, p521_mod);
+ sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -54077,8 +54080,8 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_avx2_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_avx2_9(b, t2, p521_mod);
+ sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_avx2_9(z, z, y, p521_mod, p521_mp_mod);
/* t1 = Y^4 */
@@ -54088,7 +54091,7 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_521_div2_avx2_9(y, y, p521_mod);
+ sp_521_mont_div2_avx2_9(y, y, p521_mod);
}
@@ -54102,12 +54105,12 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*9;
+ sp_digit* t2 = t + 4*9;
+ sp_digit* t3 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* U1 = X1*Z2^2 */
sp_521_mont_sqr_avx2_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -54129,17 +54132,9 @@ static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
sp_521_proj_point_dbl_avx2_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
@@ -54158,20 +54153,31 @@ static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
sp_521_mont_dbl_avx2_9(t3, y, p521_mod);
sp_521_mont_sub_avx2_9(x, x, t3, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_avx2_9(y, y, x, p521_mod);
+ sp_521_mont_sub_avx2_9(y, y, x, p521_mod);
sp_521_mont_mul_avx2_9(y, y, t4, p521_mod, p521_mp_mod);
sp_521_mont_sub_avx2_9(y, y, t5, p521_mod);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -54217,12 +54223,12 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*9;
- ctx->t3 = t + 4*9;
- ctx->t4 = t + 6*9;
- ctx->t5 = t + 8*9;
- ctx->t6 = t + 10*9;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*9;
+ ctx->t2 = t + 4*9;
+ ctx->t3 = t + 6*9;
+ ctx->t4 = t + 8*9;
+ ctx->t5 = t + 10*9;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -54329,7 +54335,7 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_521_mont_sub_lower_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
+ sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
ctx->state = 22;
break;
case 22:
@@ -54342,22 +54348,28 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -54416,7 +54428,7 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
/* A = 3*(X^2 - W) */
sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
- sp_521_mont_tpl_lower_avx2_9(a, t1, p521_mod);
+ sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
/* B = X*Y^2 */
sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -54426,8 +54438,8 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
/* B = 2.(B - X) */
- sp_521_mont_sub_lower_avx2_9(t2, b, x, p521_mod);
- sp_521_mont_dbl_lower_avx2_9(b, t2, p521_mod);
+ sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
+ sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
/* Z = Z*Y */
sp_521_mont_mul_avx2_9(r[j].z, z, y, p521_mod, p521_mp_mod);
z = r[j].z;
@@ -54441,7 +54453,7 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
sp_521_mont_mul_avx2_9(y, b, a, p521_mod, p521_mp_mod);
sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
/* Y = Y/2 */
- sp_521_div2_avx2_9(r[j].y, y, p521_mod);
+ sp_521_mont_div2_avx2_9(r[j].y, y, p521_mod);
r[j].infinity = 0;
}
}
@@ -54515,8 +54527,8 @@ static void sp_521_proj_point_add_sub_avx2_9(sp_point_521* ra,
sp_521_mont_sub_avx2_9(xs, xs, t1, p521_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_521_mont_sub_lower_avx2_9(ys, ya, xs, p521_mod);
- sp_521_mont_sub_lower_avx2_9(ya, ya, xa, p521_mod);
+ sp_521_mont_sub_avx2_9(ys, ya, xs, p521_mod);
+ sp_521_mont_sub_avx2_9(ya, ya, xa, p521_mod);
sp_521_mont_mul_avx2_9(ya, ya, t4, p521_mod, p521_mp_mod);
sp_521_sub_9(t6, p521_mod, t6);
sp_521_mont_mul_avx2_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -54565,7 +54577,7 @@ static int sp_521_ecc_mulmod_win_add_sub_avx2_9(sp_point_521* r, const sp_point_
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
+ t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
(33+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -54691,12 +54703,12 @@ typedef struct sp_table_entry_521 {
static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*9;
+ sp_digit* t6 = t + 4*9;
+ sp_digit* t1 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -54712,13 +54724,9 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
sp_521_proj_point_dbl_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
@@ -54727,33 +54735,40 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_9(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_9(x, t1, t5, p521_mod);
- sp_521_mont_dbl_9(t1, t3, p521_mod);
- sp_521_mont_sub_9(x, x, t1, p521_mod);
+ sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_9(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_9(t5, t3, p521_mod);
+ sp_521_mont_sub_9(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_9(t3, t3, x, p521_mod);
+ sp_521_mont_sub_9(t3, t3, x, p521_mod);
sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_9(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_9(y, t3, t5, p521_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_9(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -55036,7 +55051,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -55107,8 +55122,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -55179,12 +55194,12 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_
static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
const sp_point_521* p, const sp_point_521* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*9;
- sp_digit* t3 = t + 4*9;
- sp_digit* t4 = t + 6*9;
- sp_digit* t5 = t + 8*9;
- sp_digit* t6 = t + 10*9;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*9;
+ sp_digit* t6 = t + 4*9;
+ sp_digit* t1 = t + 6*9;
+ sp_digit* t4 = t + 8*9;
+ sp_digit* t5 = t + 10*9;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -55200,13 +55215,9 @@ static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
sp_521_proj_point_dbl_avx2_9(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_521_mont_sub_avx2_9(t2, t2, p->x, p521_mod);
@@ -55215,33 +55226,40 @@ static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
/* Z3 = H*Z1 */
sp_521_mont_mul_avx2_9(z, p->z, t2, p521_mod, p521_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_521_mont_sqr_avx2_9(t1, t4, p521_mod, p521_mp_mod);
- sp_521_mont_sqr_avx2_9(t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_mul_avx2_9(t3, p->x, t5, p521_mod, p521_mp_mod);
- sp_521_mont_mul_avx2_9(t5, t5, t2, p521_mod, p521_mp_mod);
- sp_521_mont_sub_avx2_9(x, t1, t5, p521_mod);
- sp_521_mont_dbl_avx2_9(t1, t3, p521_mod);
- sp_521_mont_sub_avx2_9(x, x, t1, p521_mod);
+ sp_521_mont_sqr_avx2_9(t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_avx2_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+ sp_521_mont_mul_avx2_9(t1, t1, t2, p521_mod, p521_mp_mod);
+ sp_521_mont_sqr_avx2_9(t2, t4, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
+ sp_521_mont_dbl_avx2_9(t5, t3, p521_mod);
+ sp_521_mont_sub_avx2_9(x, t2, t5, p521_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_521_mont_sub_lower_avx2_9(t3, t3, x, p521_mod);
+ sp_521_mont_sub_avx2_9(t3, t3, x, p521_mod);
sp_521_mont_mul_avx2_9(t3, t3, t4, p521_mod, p521_mp_mod);
- sp_521_mont_mul_avx2_9(t5, t5, p->y, p521_mod, p521_mp_mod);
- sp_521_mont_sub_avx2_9(y, t3, t5, p521_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 9; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 9; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_521_mont_mul_avx2_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+ sp_521_mont_sub_avx2_9(y, t3, t1, p521_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 9; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 9; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -55488,8 +55506,8 @@ static int sp_521_ecc_mulmod_stripe_avx2_9(sp_point_521* r, const sp_point_521*
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_521_ecc_mulmod_win_add_sub_avx2_9(r, g, k, map, ct, heap);
@@ -55614,7 +55632,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
*
* km Scalar to multiply by.
* p Point to multiply.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -55625,7 +55643,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
{
#ifdef WOLFSSL_SP_SMALL_STACK
- sp_point_521* point = NULL;
+ sp_point_521* point = NULL;
sp_digit* k = NULL;
#else
sp_point_521 point[2];
@@ -90452,7 +90470,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -90477,7 +90495,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
#endif
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -90644,7 +90662,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
sp_point_521* infinity = NULL;
#endif
int err = MP_OKAY;
-
+
#ifdef HAVE_INTEL_AVX2
word32 cpuid_flags = cpuid_get_flags();
#endif
@@ -90655,7 +90673,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
#else
- point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
+ point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
#endif
if (point == NULL)
err = MEMORY_E;
@@ -91978,7 +91996,7 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
}
while (ut > 1 && vt > 1) {
- if (ut > vt || (ut == vt && sp_521_cmp_9(u, v) >= 0)) {
+ if ((ut > vt) || ((ut == vt) && (sp_521_cmp_9(u, v) >= 0))) {
sp_521_sub_9(u, u, v);
o = sp_521_sub_9(b, b, d);
if (o != 0)
@@ -92071,7 +92089,7 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
* p2 Public point and temporary.
* s Second part of signature as a number.
* u1 Temporary number.
- * u2 Temproray number.
+ * u2 Temporary number.
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
@@ -92459,7 +92477,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
#endif /* HAVE_ECC_VERIFY */
#ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -92487,19 +92505,21 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 9;
+ /* y^2 - x^3 - a.x = b */
sp_521_sqr_9(t1, point->y);
(void)sp_521_mod_9(t1, t1, p521_mod);
sp_521_sqr_9(t2, point->x);
(void)sp_521_mod_9(t2, t2, p521_mod);
sp_521_mul_9(t2, t2, point->x);
(void)sp_521_mod_9(t2, t2, p521_mod);
- (void)sp_521_sub_9(t2, p521_mod, t2);
- sp_521_mont_add_9(t1, t1, t2, p521_mod);
+ sp_521_mont_sub_9(t1, t1, t2, p521_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
sp_521_mont_add_9(t1, t1, point->x, p521_mod);
+
if (sp_521_cmp_9(t1, p521_b) != 0) {
err = MP_VAL;
}
@@ -92513,7 +92533,7 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
@@ -93488,14 +93508,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
{
#if DIGIT_BIT == 64
int i;
- int j = 0;
+ sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+ int o = 0;
for (i = 0; i < size; i++) {
- sp_digit mask =
- (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
- r[i] = a->dp[j] & mask;
- j += (int)(((sp_digit)1) -
- (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+ sp_digit mask = (sp_digit)0 - (j >> 63);
+ r[i] = a->dp[o] & mask;
+ j++;
+ o += (int)(j >> 63);
}
#elif DIGIT_BIT > 64
unsigned int i;
@@ -93694,7 +93714,7 @@ extern void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp);
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -93708,7 +93728,7 @@ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -93852,11 +93872,10 @@ extern void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit*
#ifdef __cplusplus
}
#endif
-#define sp_1024_mont_sub_lower_16 sp_1024_mont_sub_16
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_1024_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -93904,7 +93923,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
/* T2 = Y * Y */
sp_1024_mont_sqr_16(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_16(t2, t2, p1024_mod);
+ sp_1024_mont_div2_16(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_16(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -93914,7 +93933,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
/* X = X - Y */
sp_1024_mont_sub_16(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+ sp_1024_mont_sub_16(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_16(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -93937,7 +93956,8 @@ typedef struct sp_1024_proj_point_dbl_16_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_16_ctx* ctx = (sp_1024_proj_point_dbl_16_ctx*)sp_ctx->data;
@@ -94011,7 +94031,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_16(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_16(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -94036,7 +94056,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -94061,8 +94081,6 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_1024_mont_dbl_lower_16 sp_1024_mont_dbl_16
-#define sp_1024_mont_tpl_lower_16 sp_1024_mont_tpl_16
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -94101,7 +94119,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -94110,8 +94128,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
sp_1024_mont_dbl_16(t2, b, p1024_mod);
sp_1024_mont_sub_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -94131,7 +94149,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -94140,8 +94158,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
sp_1024_mont_dbl_16(t2, b, p1024_mod);
sp_1024_mont_sub_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -94151,16 +94169,9 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
sp_1024_mont_sub_16(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_16(y, y, p1024_mod);
+ sp_1024_mont_div2_16(y, y, p1024_mod);
}
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
/* Compare two numbers to determine if they are equal.
* Constant time implementation.
*
@@ -94201,12 +94212,12 @@ static int sp_1024_iszero_16(const sp_digit* a)
static void sp_1024_proj_point_add_16(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*16;
- sp_digit* t3 = t + 4*16;
- sp_digit* t4 = t + 6*16;
- sp_digit* t5 = t + 8*16;
- sp_digit* t6 = t + 10*16;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*16;
+ sp_digit* t2 = t + 4*16;
+ sp_digit* t3 = t + 6*16;
+ sp_digit* t4 = t + 8*16;
+ sp_digit* t5 = t + 10*16;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -94228,17 +94239,9 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
sp_1024_proj_point_dbl_16(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
@@ -94257,20 +94260,31 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
sp_1024_mont_dbl_16(t3, y, p1024_mod);
sp_1024_mont_sub_16(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+ sp_1024_mont_sub_16(y, y, x, p1024_mod);
sp_1024_mont_mul_16(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(y, y, t5, p1024_mod);
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -94316,12 +94330,12 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*16;
- ctx->t3 = t + 4*16;
- ctx->t4 = t + 6*16;
- ctx->t5 = t + 8*16;
- ctx->t6 = t + 10*16;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*16;
+ ctx->t2 = t + 4*16;
+ ctx->t3 = t + 6*16;
+ ctx->t4 = t + 8*16;
+ ctx->t5 = t + 10*16;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -94428,7 +94442,7 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -94441,22 +94455,28 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -94515,7 +94535,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -94525,8 +94545,8 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
sp_1024_mont_dbl_16(t2, b, p1024_mod);
sp_1024_mont_sub_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
z = r[j].z;
@@ -94540,7 +94560,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(y, y, t1, p1024_mod);
/* Y = Y/2 */
- sp_1024_div2_16(r[j].y, y, p1024_mod);
+ sp_1024_mont_div2_16(r[j].y, y, p1024_mod);
r[j].infinity = 0;
}
}
@@ -94614,8 +94634,8 @@ static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra,
sp_1024_mont_sub_16(xs, xs, t1, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_1024_mont_sub_lower_16(ys, ya, xs, p1024_mod);
- sp_1024_mont_sub_lower_16(ya, ya, xa, p1024_mod);
+ sp_1024_mont_sub_16(ys, ya, xs, p1024_mod);
+ sp_1024_mont_sub_16(ya, ya, xa, p1024_mod);
sp_1024_mont_mul_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_16(t6, p1024_mod, t6, p1024_mod);
sp_1024_mont_mul_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -94743,7 +94763,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_10
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
+ t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
(65+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -94868,7 +94888,7 @@ extern void sp_1024_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -94884,7 +94904,7 @@ SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
SP_NOINLINE static void sp_1024_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a,
const sp_digit* m, sp_digit mp)
@@ -95001,11 +95021,10 @@ extern void sp_1024_mont_sub_avx2_16(sp_digit* r, const sp_digit* a, const sp_di
#ifdef __cplusplus
}
#endif
-#define sp_1024_mont_sub_lower_avx2_16 sp_1024_mont_sub_avx2_16
#ifdef __cplusplus
extern "C" {
#endif
-extern void sp_1024_div2_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_1024_mont_div2_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
#ifdef __cplusplus
}
#endif
@@ -95053,7 +95072,7 @@ static void sp_1024_proj_point_dbl_avx2_16(sp_point_1024* r, const sp_point_1024
/* T2 = Y * Y */
sp_1024_mont_sqr_avx2_16(t2, y, p1024_mod, p1024_mp_mod);
/* T2 = T2/2 */
- sp_1024_div2_avx2_16(t2, t2, p1024_mod);
+ sp_1024_mont_div2_avx2_16(t2, t2, p1024_mod);
/* Y = Y * X */
sp_1024_mont_mul_avx2_16(y, y, p->x, p1024_mod, p1024_mp_mod);
/* X = T1 * T1 */
@@ -95063,7 +95082,7 @@ static void sp_1024_proj_point_dbl_avx2_16(sp_point_1024* r, const sp_point_1024
/* X = X - Y */
sp_1024_mont_sub_avx2_16(x, x, y, p1024_mod);
/* Y = Y - X */
- sp_1024_mont_sub_lower_avx2_16(y, y, x, p1024_mod);
+ sp_1024_mont_sub_avx2_16(y, y, x, p1024_mod);
/* Y = Y * T1 */
sp_1024_mont_mul_avx2_16(y, y, t1, p1024_mod, p1024_mp_mod);
/* Y = Y - T2 */
@@ -95086,7 +95105,8 @@ typedef struct sp_1024_proj_point_dbl_avx2_16_ctx {
* p Point to double.
* t Temporary ordinate data.
*/
-static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+ const sp_point_1024* p, sp_digit* t)
{
int err = FP_WOULDBLOCK;
sp_1024_proj_point_dbl_avx2_16_ctx* ctx = (sp_1024_proj_point_dbl_avx2_16_ctx*)sp_ctx->data;
@@ -95160,7 +95180,7 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
break;
case 11:
/* T2 = T2/2 */
- sp_1024_div2_avx2_16(ctx->t2, ctx->t2, p1024_mod);
+ sp_1024_mont_div2_avx2_16(ctx->t2, ctx->t2, p1024_mod);
ctx->state = 12;
break;
case 12:
@@ -95185,7 +95205,7 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
break;
case 16:
/* Y = Y - X */
- sp_1024_mont_sub_lower_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 17;
break;
case 17:
@@ -95210,8 +95230,6 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
return err;
}
#endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_1024_mont_dbl_lower_avx2_16 sp_1024_mont_dbl_avx2_16
-#define sp_1024_mont_tpl_lower_avx2_16 sp_1024_mont_tpl_avx2_16
/* Double the Montgomery form projective point p a number of times.
*
* r Result of repeated doubling of point.
@@ -95250,7 +95268,7 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_avx2_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -95259,8 +95277,8 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_avx2_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_avx2_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_avx2_16(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -95280,7 +95298,7 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_avx2_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -95289,8 +95307,8 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_avx2_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_avx2_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_avx2_16(z, z, y, p1024_mod, p1024_mp_mod);
/* t1 = Y^4 */
@@ -95300,7 +95318,7 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
#endif /* WOLFSSL_SP_SMALL */
/* Y = Y/2 */
- sp_1024_div2_avx2_16(y, y, p1024_mod);
+ sp_1024_mont_div2_avx2_16(y, y, p1024_mod);
}
@@ -95314,12 +95332,12 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*16;
- sp_digit* t3 = t + 4*16;
- sp_digit* t4 = t + 6*16;
- sp_digit* t5 = t + 8*16;
- sp_digit* t6 = t + 10*16;
+ sp_digit* t6 = t;
+ sp_digit* t1 = t + 2*16;
+ sp_digit* t2 = t + 4*16;
+ sp_digit* t3 = t + 6*16;
+ sp_digit* t4 = t + 8*16;
+ sp_digit* t5 = t + 10*16;
/* U1 = X1*Z2^2 */
sp_1024_mont_sqr_avx2_16(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -95341,17 +95359,9 @@ static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
sp_1024_proj_point_dbl_avx2_16(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t6;
sp_digit* y = t1;
sp_digit* z = t2;
- int i;
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
/* H = U2 - U1 */
sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
@@ -95370,20 +95380,31 @@ static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
sp_1024_mont_dbl_avx2_16(t3, y, p1024_mod);
sp_1024_mont_sub_avx2_16(x, x, t3, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_avx2_16(y, y, x, p1024_mod);
+ sp_1024_mont_sub_avx2_16(y, y, x, p1024_mod);
sp_1024_mont_mul_avx2_16(y, y, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_avx2_16(y, y, t5, p1024_mod);
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -95429,12 +95450,12 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
switch (ctx->state) {
case 0: /* INIT */
- ctx->t1 = t;
- ctx->t2 = t + 2*16;
- ctx->t3 = t + 4*16;
- ctx->t4 = t + 6*16;
- ctx->t5 = t + 8*16;
- ctx->t6 = t + 10*16;
+ ctx->t6 = t;
+ ctx->t1 = t + 2*16;
+ ctx->t2 = t + 4*16;
+ ctx->t3 = t + 6*16;
+ ctx->t4 = t + 8*16;
+ ctx->t5 = t + 10*16;
ctx->x = ctx->t6;
ctx->y = ctx->t1;
ctx->z = ctx->t2;
@@ -95541,7 +95562,7 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
break;
case 21:
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
- sp_1024_mont_sub_lower_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+ sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
ctx->state = 22;
break;
case 22:
@@ -95554,22 +95575,28 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
break;
case 24:
{
- int i;
- sp_digit maskp = 0 - (q->infinity & (!p->infinity));
- sp_digit maskq = 0 - (p->infinity & (!q->infinity));
- sp_digit maskt = ~(maskp | maskq);
-
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (ctx->x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (ctx->y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (ctx->z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
ctx->state = 25;
break;
}
@@ -95628,7 +95655,7 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
/* A = 3*(X^2 - W) */
sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
- sp_1024_mont_tpl_lower_avx2_16(a, t1, p1024_mod);
+ sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
/* B = X*Y^2 */
sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -95638,8 +95665,8 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
/* B = 2.(B - X) */
- sp_1024_mont_sub_lower_avx2_16(t2, b, x, p1024_mod);
- sp_1024_mont_dbl_lower_avx2_16(b, t2, p1024_mod);
+ sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
+ sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
/* Z = Z*Y */
sp_1024_mont_mul_avx2_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
z = r[j].z;
@@ -95653,7 +95680,7 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
sp_1024_mont_mul_avx2_16(y, b, a, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
/* Y = Y/2 */
- sp_1024_div2_avx2_16(r[j].y, y, p1024_mod);
+ sp_1024_mont_div2_avx2_16(r[j].y, y, p1024_mod);
r[j].infinity = 0;
}
}
@@ -95727,8 +95754,8 @@ static void sp_1024_proj_point_add_sub_avx2_16(sp_point_1024* ra,
sp_1024_mont_sub_avx2_16(xs, xs, t1, p1024_mod);
/* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
/* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
- sp_1024_mont_sub_lower_avx2_16(ys, ya, xs, p1024_mod);
- sp_1024_mont_sub_lower_avx2_16(ya, ya, xa, p1024_mod);
+ sp_1024_mont_sub_avx2_16(ys, ya, xs, p1024_mod);
+ sp_1024_mont_sub_avx2_16(ya, ya, xa, p1024_mod);
sp_1024_mont_mul_avx2_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
sp_1024_mont_sub_avx2_16(t6, p1024_mod, t6, p1024_mod);
sp_1024_mont_mul_avx2_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -95777,7 +95804,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_avx2_16(sp_point_1024* r, const sp_poi
(void)heap;
#ifdef WOLFSSL_SP_SMALL_STACK
- t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
+ t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
(65+2), heap, DYNAMIC_TYPE_ECC);
if (t == NULL)
err = MEMORY_E;
@@ -95907,12 +95934,12 @@ typedef struct sp_table_entry_1024 {
static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*16;
- sp_digit* t3 = t + 4*16;
- sp_digit* t4 = t + 6*16;
- sp_digit* t5 = t + 8*16;
- sp_digit* t6 = t + 10*16;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*16;
+ sp_digit* t6 = t + 4*16;
+ sp_digit* t1 = t + 6*16;
+ sp_digit* t4 = t + 8*16;
+ sp_digit* t5 = t + 10*16;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -95928,13 +95955,9 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
sp_1024_proj_point_dbl_16(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_16(t2, t2, p->x, p1024_mod);
@@ -95943,33 +95966,40 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_16(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_16(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_16(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_16(t1, t3, p1024_mod);
- sp_1024_mont_sub_16(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_16(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_16(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_16(t5, t3, p1024_mod);
+ sp_1024_mont_sub_16(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_16(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_16(t3, t3, x, p1024_mod);
sp_1024_mont_mul_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_16(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_16(y, t3, t5, p1024_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_1024_mont_mul_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_16(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -96221,7 +96251,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
/* Get the cache entry for the point.
*
- * g [in] Point scalar multipling.
+ * g [in] Point scalar multiplying.
* cache [out] Cache table to use.
*/
static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -96292,8 +96322,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
@@ -96364,12 +96394,12 @@ static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const
static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
{
- sp_digit* t1 = t;
- sp_digit* t2 = t + 2*16;
- sp_digit* t3 = t + 4*16;
- sp_digit* t4 = t + 6*16;
- sp_digit* t5 = t + 8*16;
- sp_digit* t6 = t + 10*16;
+ sp_digit* t2 = t;
+ sp_digit* t3 = t + 2*16;
+ sp_digit* t6 = t + 4*16;
+ sp_digit* t1 = t + 6*16;
+ sp_digit* t4 = t + 8*16;
+ sp_digit* t5 = t + 10*16;
/* Calculate values to subtract from P->x and P->y. */
/* U2 = X2*Z1^2 */
@@ -96385,13 +96415,9 @@ static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
sp_1024_proj_point_dbl_avx2_16(r, p, t);
}
else {
- sp_digit maskp;
- sp_digit maskq;
- sp_digit maskt;
sp_digit* x = t2;
- sp_digit* y = t5;
+ sp_digit* y = t3;
sp_digit* z = t6;
- int i;
/* H = U2 - X1 */
sp_1024_mont_sub_avx2_16(t2, t2, p->x, p1024_mod);
@@ -96400,33 +96426,40 @@ static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
/* Z3 = H*Z1 */
sp_1024_mont_mul_avx2_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
/* X3 = R^2 - H^3 - 2*X1*H^2 */
- sp_1024_mont_sqr_avx2_16(t1, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sqr_avx2_16(t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_avx2_16(t3, p->x, t5, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_avx2_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_avx2_16(x, t1, t5, p1024_mod);
- sp_1024_mont_dbl_avx2_16(t1, t3, p1024_mod);
- sp_1024_mont_sub_avx2_16(x, x, t1, p1024_mod);
+ sp_1024_mont_sqr_avx2_16(t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_avx2_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_mul_avx2_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sqr_avx2_16(t2, t4, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
+ sp_1024_mont_dbl_avx2_16(t5, t3, p1024_mod);
+ sp_1024_mont_sub_avx2_16(x, t2, t5, p1024_mod);
/* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
- sp_1024_mont_sub_lower_avx2_16(t3, t3, x, p1024_mod);
+ sp_1024_mont_sub_avx2_16(t3, t3, x, p1024_mod);
sp_1024_mont_mul_avx2_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
- sp_1024_mont_mul_avx2_16(t5, t5, p->y, p1024_mod, p1024_mp_mod);
- sp_1024_mont_sub_avx2_16(y, t3, t5, p1024_mod);
-
- maskp = 0 - (q->infinity & (!p->infinity));
- maskq = 0 - (p->infinity & (!q->infinity));
- maskt = ~(maskp | maskq);
- for (i = 0; i < 16; i++) {
- r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
- }
- for (i = 0; i < 16; i++) {
- r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+ sp_1024_mont_mul_avx2_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+ sp_1024_mont_sub_avx2_16(y, t3, t1, p1024_mod);
+ {
+ int i;
+ sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+ sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+ sp_digit maskt = ~(maskp | maskq);
+ sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+ for (i = 0; i < 16; i++) {
+ r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+ (x[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+ (y[i] & maskt);
+ }
+ for (i = 0; i < 16; i++) {
+ r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+ (z[i] & maskt);
+ }
+ r->z[0] |= inf;
+ r->infinity = (word32)inf;
}
- r->z[0] |= p->infinity & q->infinity;
- r->infinity = p->infinity & q->infinity;
}
}
@@ -96656,8 +96689,8 @@ static int sp_1024_ecc_mulmod_stripe_avx2_16(sp_point_1024* r, const sp_point_10
* heap Heap to use for allocation.
* returns MEMORY_E when memory allocation fails and MP_OKAY on success.
*/
-static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
- int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g,
+ const sp_digit* k, int map, int ct, void* heap)
{
#ifndef FP_ECC
return sp_1024_ecc_mulmod_win_add_sub_avx2_16(r, g, k, map, ct, heap);
@@ -100214,7 +100247,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
* the result. If map is true then convert result to affine coordinates.
*
* km Scalar to multiply by.
- * am Point to add to scalar mulitply result.
+ * am Point to add to scalar multiply result.
* inMont Point to add is in montgomery form.
* r Resulting point.
* map Indicates whether to convert result to affine.
@@ -100239,7 +100272,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
#endif
#ifdef WOLFSSL_SP_SMALL_STACK
- point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
+ point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
DYNAMIC_TYPE_ECC);
if (point == NULL)
err = MEMORY_E;
@@ -100488,7 +100521,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
return err;
}
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -100514,7 +100547,7 @@ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py,
sp_1024_mont_add_16(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -102280,7 +102313,7 @@ static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* r
#endif /* WOLFSSL_SP_SMALL */
#ifdef HAVE_INTEL_AVX2
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
*
* r.x = p.x - (p.y * q.y)
* r.y = (p.x * q.y) + p.y
@@ -102306,7 +102339,7 @@ static void sp_1024_proj_mul_qx1_avx2_16(sp_digit* px, sp_digit* py,
sp_1024_mont_add_avx2_16(py, t1, py, p1024_mod);
}
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
*
* px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
* py' = 2 * p.x * p.y
@@ -102559,7 +102592,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
return err;
}
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -102674,7 +102707,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_16(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_16(t1, ty, p1024_mod);
+ sp_1024_mont_div2_16(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -102694,7 +102727,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_16(t1, t1, p1024_mod);
+ sp_1024_mont_div2_16(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -103112,7 +103145,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_16(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_16(t1, ty, p1024_mod);
+ sp_1024_mont_div2_16(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -103150,7 +103183,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_16(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_16(p->y, p->y, p1024_mod);
}
/* Operations to perform based on order - 1.
@@ -103360,7 +103393,7 @@ static int sp_Pairing_x64_1024(const ecc_point* pm, const ecc_point* qm, mp_int*
#endif /* WOLFSSL_SP_SMALL */
#ifdef HAVE_INTEL_AVX2
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
*
* p.x' = (p.x * q.x) - (p.y * q.y)
* p.y' = (p.x * q.y) + (p.y * q.x)
@@ -103475,7 +103508,7 @@ static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy,
/* ty = 4 * p.y ^ 2 */
sp_1024_mont_sqr_avx2_16(ty, ry, p1024_mod, p1024_mp_mod);
/* t1 = 2 * p.y ^ 2 */
- sp_1024_div2_avx2_16(t1, ty, p1024_mod);
+ sp_1024_mont_div2_avx2_16(t1, ty, p1024_mod);
/* r.x -= 2 * (p.y ^ 2) */
sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
/* p'.z = p.y * 2 * p.z */
@@ -103495,7 +103528,7 @@ static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy,
/* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
sp_1024_mont_sqr_avx2_16(t1, ty, p1024_mod, p1024_mp_mod);
/* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
- sp_1024_div2_avx2_16(t1, t1, p1024_mod);
+ sp_1024_mont_div2_avx2_16(t1, t1, p1024_mod);
/* p'.y = 4 * p.y^2 * p.x */
sp_1024_mont_mul_avx2_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
/* p'.x = l^2 */
@@ -103913,7 +103946,7 @@ static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy,
/* ty = py ^ 2 */
sp_1024_mont_sqr_avx2_16(ty, p->y, p1024_mod, p1024_mp_mod);
/* t1 = py ^ 2 / 2 */
- sp_1024_div2_avx2_16(t1, ty, p1024_mod);
+ sp_1024_mont_div2_avx2_16(t1, ty, p1024_mod);
/* r.x -= py ^ 2 / 2 */
sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
/* p'.z = py * pz */
@@ -103951,7 +103984,7 @@ static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy,
}
/* p'.y = py' / 2 */
- sp_1024_div2_avx2_16(p->y, p->y, p1024_mod);
+ sp_1024_mont_div2_avx2_16(p->y, p->y, p1024_mod);
}
/*
@@ -105375,7 +105408,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
}
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* point EC point.
* heap Heap to use if dynamically allocating.
@@ -105404,19 +105437,21 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
if (err == MP_OKAY) {
t2 = t1 + 2 * 16;
+ /* y^2 - x^3 - a.x = b */
sp_1024_sqr_16(t1, point->y);
(void)sp_1024_mod_16(t1, t1, p1024_mod);
sp_1024_sqr_16(t2, point->x);
(void)sp_1024_mod_16(t2, t2, p1024_mod);
sp_1024_mul_16(t2, t2, point->x);
(void)sp_1024_mod_16(t2, t2, p1024_mod);
- (void)sp_1024_sub_16(t2, p1024_mod, t2);
- sp_1024_mont_add_16(t1, t1, t2, p1024_mod);
+ sp_1024_mont_sub_16(t1, t1, t2, p1024_mod);
+ /* y^2 - x^3 + 3.x = b, when a = -3 */
sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
+
n = sp_1024_cmp_16(t1, p1024_mod);
sp_1024_cond_sub_16(t1, t1, p1024_mod, ~(n >> 63));
sp_1024_norm_16(t1);
@@ -105433,7 +105468,7 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
return err;
}
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
*
* pX X ordinate of EC point.
* pY Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S
index 31db0102..6879391d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S
@@ -1,5 +1,5 @@
-/* sp_x86_64_asm
- *
+/* sp_x86_64_asm.S */
+/*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
@@ -55378,11 +55378,12 @@ _sp_256_mul_avx2_4:
pushq %rbx
movq %rdx, %rbp
movq (%rsi), %rdx
+ movq 8(%rbp), %r14
# A[0] * B[0]
mulxq (%rbp), %r8, %r9
xorq %rbx, %rbx
# A[0] * B[1]
- mulxq 8(%rbp), %rax, %r10
+ mulxq %r14, %rax, %r10
adcxq %rax, %r9
# A[0] * B[2]
mulxq 16(%rbp), %rax, %r11
@@ -55397,7 +55398,7 @@ _sp_256_mul_avx2_4:
xorq %rbx, %rbx
adcxq %rax, %r9
# A[1] * B[1]
- mulxq 8(%rbp), %rax, %r15
+ mulxq %r14, %rax, %r15
adoxq %rcx, %r10
adcxq %rax, %r10
# A[1] * B[2]
@@ -55416,7 +55417,7 @@ _sp_256_mul_avx2_4:
xorq %rbx, %rbx
adcxq %rax, %r10
# A[2] * B[1]
- mulxq 8(%rbp), %rax, %r15
+ mulxq %r14, %rax, %r15
adoxq %rcx, %r11
adcxq %rax, %r11
# A[2] * B[2]
@@ -55805,7 +55806,7 @@ _sp_256_cond_copy_4:
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -55981,11 +55982,10 @@ _sp_256_mont_mul_4:
adcq $0x00, %rbx
sbbq $0x00, %r9
movq $0xffffffff00000001, %rsi
- movq %r9, %rax
# mask m and sub from result if overflow
# m[0] = -1 & mask = mask
- shrq $32, %rax
# m[2] = 0 & mask = 0
+ movl %r9d, %eax
andq %r9, %rsi
subq %r9, %r13
sbbq %rax, %r14
@@ -56009,7 +56009,7 @@ _sp_256_mont_mul_4:
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -56163,11 +56163,10 @@ _sp_256_mont_sqr_4:
adcq $0x00, %r15
sbbq $0x00, %r8
movq $0xffffffff00000001, %rsi
- movq %r8, %rax
# mask m and sub from result if overflow
# m[0] = -1 & mask = mask
- shrq $32, %rax
# m[2] = 0 & mask = 0
+ movl %r8d, %eax
andq %r8, %rsi
subq %r8, %r12
sbbq %rax, %r13
@@ -56388,11 +56387,10 @@ _sp_256_mont_reduce_4:
adcq $0x00, %r15
sbbq $0x00, %r8
movq $0xffffffff00000001, %rbx
- movq %r8, %rax
# mask m and sub from result if overflow
# m[0] = -1 & mask = mask
- shrq $32, %rax
# m[2] = 0 & mask = 0
+ movl %r8d, %eax
andq %r8, %rbx
subq %r8, %r12
sbbq %rax, %r13
@@ -56543,13 +56541,12 @@ _sp_256_mont_add_4:
movq 16(%rsi), %r8
movq 24(%rsi), %r9
addq (%rdx), %rax
- movq $0xffffffff, %r10
adcq 8(%rdx), %rcx
movq $0xffffffff00000001, %r11
adcq 16(%rdx), %r8
adcq 24(%rdx), %r9
sbbq %rsi, %rsi
- andq %rsi, %r10
+ movl %esi, %r10d
andq %rsi, %r11
subq %rsi, %rax
sbbq %r10, %rcx
@@ -56593,13 +56590,13 @@ _sp_256_mont_dbl_4:
movq 16(%rsi), %rcx
movq 24(%rsi), %r8
addq %rdx, %rdx
- movq $0xffffffff, %r9
adcq %rax, %rax
movq $0xffffffff00000001, %r10
adcq %rcx, %rcx
+ movq %r8, %r11
adcq %r8, %r8
- sbbq %r11, %r11
- andq %r11, %r9
+ sarq $63, %r11
+ movl %r11d, %r9d
andq %r11, %r10
subq %r11, %rdx
sbbq %r9, %rax
@@ -56643,13 +56640,12 @@ _sp_256_mont_tpl_4:
movq 16(%rsi), %rcx
movq 24(%rsi), %r8
addq %rdx, %rdx
- movq $0xffffffff, %r9
adcq %rax, %rax
movq $0xffffffff00000001, %r10
adcq %rcx, %rcx
adcq %r8, %r8
sbbq %r11, %r11
- andq %r11, %r9
+ movl %r11d, %r9d
andq %r11, %r10
subq %r11, %rdx
sbbq %r9, %rax
@@ -56663,13 +56659,12 @@ _sp_256_mont_tpl_4:
sbbq $0x00, %rcx
sbbq %r10, %r8
addq (%rsi), %rdx
- movq $0xffffffff, %r9
adcq 8(%rsi), %rax
movq $0xffffffff00000001, %r10
adcq 16(%rsi), %rcx
adcq 24(%rsi), %r8
- sbbq %r11, %r11
- andq %r11, %r9
+ sbbq $0x00, %r11
+ movl %r11d, %r9d
andq %r11, %r10
subq %r11, %rdx
sbbq %r9, %rax
@@ -56714,13 +56709,12 @@ _sp_256_mont_sub_4:
movq 16(%rsi), %r8
movq 24(%rsi), %r9
subq (%rdx), %rax
- movq $0xffffffff, %r10
sbbq 8(%rdx), %rcx
movq $0xffffffff00000001, %r11
sbbq 16(%rdx), %r8
sbbq 24(%rdx), %r9
sbbq %rsi, %rsi
- andq %rsi, %r10
+ movl %esi, %r10d
andq %rsi, %r11
addq %rsi, %rax
adcq %r10, %rcx
@@ -56741,52 +56735,6 @@ _sp_256_mont_sub_4:
#ifndef __APPLE__
.size sp_256_mont_sub_4,.-sp_256_mont_sub_4
#endif /* __APPLE__ */
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * b is less than the modulus.
- *
- * r Result of subtration.
- * a Number to subtract from in Montgomery form.
- * b Number to subtract with in Montgomery form.
- * m Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl sp_256_mont_sub_lower_4
-.type sp_256_mont_sub_lower_4,@function
-.align 16
-sp_256_mont_sub_lower_4:
-#else
-.section __TEXT,__text
-.globl _sp_256_mont_sub_lower_4
-.p2align 4
-_sp_256_mont_sub_lower_4:
-#endif /* __APPLE__ */
- movq (%rsi), %rax
- movq 8(%rsi), %rcx
- movq 16(%rsi), %r8
- movq 24(%rsi), %r9
- subq (%rdx), %rax
- movq $0xffffffff, %r10
- sbbq 8(%rdx), %rcx
- movq $0xffffffff00000001, %r11
- sbbq 16(%rdx), %r8
- sbbq 24(%rdx), %r9
- sbbq %rsi, %rsi
- andq %rsi, %r10
- andq %rsi, %r11
- addq %rsi, %rax
- adcq %r10, %rcx
- movq %rax, (%rdi)
- adcq $0x00, %r8
- movq %rcx, 8(%rdi)
- adcq %r11, %r9
- movq %r8, 16(%rdi)
- movq %r9, 24(%rdi)
- repz retq
-#ifndef __APPLE__
-.size sp_256_mont_sub_lower_4,.-sp_256_mont_sub_lower_4
-#endif /* __APPLE__ */
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
*
* r Result of division by 2.
@@ -56795,26 +56743,25 @@ _sp_256_mont_sub_lower_4:
*/
#ifndef __APPLE__
.text
-.globl sp_256_div2_4
-.type sp_256_div2_4,@function
+.globl sp_256_mont_div2_4
+.type sp_256_mont_div2_4,@function
.align 16
-sp_256_div2_4:
+sp_256_mont_div2_4:
#else
.section __TEXT,__text
-.globl _sp_256_div2_4
+.globl _sp_256_mont_div2_4
.p2align 4
-_sp_256_div2_4:
+_sp_256_mont_div2_4:
#endif /* __APPLE__ */
movq (%rsi), %rdx
movq 8(%rsi), %rax
movq 16(%rsi), %rcx
movq 24(%rsi), %r8
- movq $0xffffffff, %r9
movq $0xffffffff00000001, %r10
movq %rdx, %r11
andq $0x01, %r11
negq %r11
- andq %r11, %r9
+ movl %r11d, %r9d
andq %r11, %r10
addq %r11, %rdx
adcq %r9, %rax
@@ -56832,72 +56779,7 @@ _sp_256_div2_4:
movq %r8, 24(%rdi)
repz retq
#ifndef __APPLE__
-.size sp_256_div2_4,.-sp_256_div2_4
-#endif /* __APPLE__ */
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * a is less than m.
- *
- * r Result of Tripling.
- * a Number to triple in Montgomery form.
- * m Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl sp_256_mont_tpl_lower_4
-.type sp_256_mont_tpl_lower_4,@function
-.align 16
-sp_256_mont_tpl_lower_4:
-#else
-.section __TEXT,__text
-.globl _sp_256_mont_tpl_lower_4
-.p2align 4
-_sp_256_mont_tpl_lower_4:
-#endif /* __APPLE__ */
- movq (%rsi), %rdx
- movq 8(%rsi), %rax
- movq 16(%rsi), %rcx
- movq 24(%rsi), %r8
- addq %rdx, %rdx
- movq $0xffffffff, %r9
- adcq %rax, %rax
- movq $0xffffffff00000001, %r10
- adcq %rcx, %rcx
- adcq %r8, %r8
- sbbq %r11, %r11
- andq %r11, %r9
- andq %r11, %r10
- subq %r11, %rdx
- sbbq %r9, %rax
- sbbq $0x00, %rcx
- sbbq %r10, %r8
- addq (%rsi), %rdx
- movq $0xffffffff, %r9
- adcq 8(%rsi), %rax
- movq $0xffffffff00000001, %r10
- adcq 16(%rsi), %rcx
- adcq 24(%rsi), %r8
- sbbq %r11, %r11
- andq %r11, %r9
- andq %r11, %r10
- subq %r11, %rdx
- sbbq %r9, %rax
- sbbq $0x00, %rcx
- sbbq %r10, %r8
- adcq $0x00, %r11
- andq %r11, %r9
- andq %r11, %r10
- subq %r11, %rdx
- sbbq %r9, %rax
- movq %rdx, (%rdi)
- sbbq $0x00, %rcx
- movq %rax, 8(%rdi)
- sbbq %r10, %r8
- movq %rcx, 16(%rdi)
- movq %r8, 24(%rdi)
- repz retq
-#ifndef __APPLE__
-.size sp_256_mont_tpl_lower_4,.-sp_256_mont_tpl_lower_4
+.size sp_256_mont_div2_4,.-sp_256_mont_div2_4
#endif /* __APPLE__ */
/* Two Montgomery numbers, subtract double second from first (r = a - 2.b % m).
*
@@ -56908,15 +56790,15 @@ _sp_256_mont_tpl_lower_4:
*/
#ifndef __APPLE__
.text
-.globl sp_256_mont_sub_dbl_4
-.type sp_256_mont_sub_dbl_4,@function
+.globl sp_256_mont_rsb_sub_dbl_4
+.type sp_256_mont_rsb_sub_dbl_4,@function
.align 16
-sp_256_mont_sub_dbl_4:
+sp_256_mont_rsb_sub_dbl_4:
#else
.section __TEXT,__text
-.globl _sp_256_mont_sub_dbl_4
+.globl _sp_256_mont_rsb_sub_dbl_4
.p2align 4
-_sp_256_mont_sub_dbl_4:
+_sp_256_mont_rsb_sub_dbl_4:
#endif /* __APPLE__ */
pushq %r12
pushq %r13
@@ -56931,42 +56813,40 @@ _sp_256_mont_sub_dbl_4:
movq 16(%rdx), %r12
movq 24(%rdx), %r13
addq %r10, %r10
- movq $0xffffffff, %r14
adcq %r11, %r11
movq $0xffffffff00000001, %r15
adcq %r12, %r12
adcq %r13, %r13
- sbbq %rdx, %rdx
- andq %rdx, %r14
- andq %rdx, %r15
- subq %rdx, %r10
+ sbbq %rsi, %rsi
+ movl %esi, %r14d
+ andq %rsi, %r15
+ subq %rsi, %r10
sbbq %r14, %r11
sbbq $0x00, %r12
sbbq %r15, %r13
- adcq $0x00, %rdx
- andq %rdx, %r14
- andq %rdx, %r15
- subq %rdx, %r10
+ adcq $0x00, %rsi
+ andq %rsi, %r14
+ andq %rsi, %r15
+ subq %rsi, %r10
sbbq %r14, %r11
sbbq $0x00, %r12
sbbq %r15, %r13
subq %r10, %rax
- movq $0xffffffff, %r14
sbbq %r11, %rcx
movq $0xffffffff00000001, %r15
sbbq %r12, %r8
sbbq %r13, %r9
- sbbq %rdx, %rdx
- andq %rdx, %r14
- andq %rdx, %r15
- addq %rdx, %rax
+ sbbq $0x00, %rsi
+ movl %esi, %r14d
+ andq %rsi, %r15
+ addq %rsi, %rax
adcq %r14, %rcx
adcq $0x00, %r8
adcq %r15, %r9
- adcq $0x00, %rdx
- andq %rdx, %r14
- andq %rdx, %r15
- addq %rdx, %rax
+ adcq $0x00, %rsi
+ andq %rsi, %r14
+ andq %rsi, %r15
+ addq %rsi, %rax
adcq %r14, %rcx
movq %rax, (%rdi)
adcq $0x00, %r8
@@ -56974,79 +56854,46 @@ _sp_256_mont_sub_dbl_4:
adcq %r15, %r9
movq %r8, 16(%rdi)
movq %r9, 24(%rdi)
+ movq (%rdx), %r10
+ movq 8(%rdx), %r11
+ movq 16(%rdx), %r12
+ movq 24(%rdx), %r13
+ subq %rax, %r10
+ sbbq %rcx, %r11
+ movq $0xffffffff00000001, %r15
+ sbbq %r8, %r12
+ sbbq %r9, %r13
+ sbbq %rsi, %rsi
+ movl %esi, %r14d
+ andq %rsi, %r15
+ addq %rsi, %r10
+ adcq %r14, %r11
+ adcq $0x00, %r12
+ adcq %r15, %r13
+ adcq $0x00, %rsi
+ andq %rsi, %r14
+ andq %rsi, %r15
+ addq %rsi, %r10
+ adcq %r14, %r11
+ movq %r10, (%rdx)
+ adcq $0x00, %r12
+ movq %r11, 8(%rdx)
+ adcq %r15, %r13
+ movq %r12, 16(%rdx)
+ movq %r13, 24(%rdx)
popq %r15
popq %r14
popq %r13
popq %r12
repz retq
#ifndef __APPLE__
-.size sp_256_mont_sub_dbl_4,.-sp_256_mont_sub_dbl_4
-#endif /* __APPLE__ */
-/* Two Montgomery numbers, subtract second from first and double.
- * (r = 2.(a - b) % m).
- *
- * b must have came from a mont_sub operation.
- *
- * r Result of subtration.
- * a Number to subtract from in Montgomery form.
- * b Number to subtract with in Montgomery form.
- * m Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl sp_256_mont_dbl_sub_4
-.type sp_256_mont_dbl_sub_4,@function
-.align 16
-sp_256_mont_dbl_sub_4:
-#else
-.section __TEXT,__text
-.globl _sp_256_mont_dbl_sub_4
-.p2align 4
-_sp_256_mont_dbl_sub_4:
-#endif /* __APPLE__ */
- movq (%rsi), %rax
- movq 8(%rsi), %rcx
- movq 16(%rsi), %r8
- movq 24(%rsi), %r9
- subq (%rdx), %rax
- movq $0xffffffff, %r10
- sbbq 8(%rdx), %rcx
- movq $0xffffffff00000001, %r11
- sbbq 16(%rdx), %r8
- sbbq 24(%rdx), %r9
- sbbq %rdx, %rdx
- andq %rdx, %r10
- andq %rdx, %r11
- addq %rdx, %rax
- adcq %r10, %rcx
- adcq $0x00, %r8
- adcq %r11, %r9
- addq %rax, %rax
- movq $0xffffffff, %r10
- adcq %rcx, %rcx
- movq $0xffffffff00000001, %r11
- adcq %r8, %r8
- adcq %r9, %r9
- sbbq %rdx, %rdx
- andq %rdx, %r10
- andq %rdx, %r11
- subq %rdx, %rax
- sbbq %r10, %rcx
- movq %rax, (%rdi)
- sbbq $0x00, %r8
- movq %rcx, 8(%rdi)
- sbbq %r11, %r9
- movq %r8, 16(%rdi)
- movq %r9, 24(%rdi)
- repz retq
-#ifndef __APPLE__
-.size sp_256_mont_dbl_sub_4,.-sp_256_mont_dbl_sub_4
+.size sp_256_mont_rsb_sub_dbl_4,.-sp_256_mont_rsb_sub_dbl_4
#endif /* __APPLE__ */
#ifndef WC_NO_CACHE_RESISTANT
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of point to retrieve.
*/
#ifndef __APPLE__
@@ -57115,7 +56962,7 @@ L_256_get_point_33_4_start_1:
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of point to retrieve.
*/
#ifndef __APPLE__
@@ -57174,7 +57021,7 @@ L_256_get_point_33_avx2_4_start:
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -57196,11 +57043,12 @@ _sp_256_mont_mul_avx2_4:
pushq %rbx
movq %rdx, %rbp
movq (%rsi), %rdx
+ movq 8(%rbp), %r14
# A[0] * B[0]
mulxq (%rbp), %r8, %r9
xorq %rbx, %rbx
# A[0] * B[1]
- mulxq 8(%rbp), %rax, %r10
+ mulxq %r14, %rax, %r10
adcxq %rax, %r9
# A[0] * B[2]
mulxq 16(%rbp), %rax, %r11
@@ -57215,7 +57063,7 @@ _sp_256_mont_mul_avx2_4:
xorq %rbx, %rbx
adcxq %rax, %r9
# A[1] * B[1]
- mulxq 8(%rbp), %rax, %r15
+ mulxq %r14, %rax, %r15
adoxq %rcx, %r10
adcxq %rax, %r10
# A[1] * B[2]
@@ -57234,7 +57082,7 @@ _sp_256_mont_mul_avx2_4:
xorq %rbx, %rbx
adcxq %rax, %r10
# A[2] * B[1]
- mulxq 8(%rbp), %rax, %r15
+ mulxq %r14, %rax, %r15
adoxq %rcx, %r11
adcxq %rax, %r11
# A[2] * B[2]
@@ -57324,11 +57172,10 @@ _sp_256_mont_mul_avx2_4:
adcq $0x00, %r15
sbbq $0x00, %r8
movq $0xffffffff00000001, %rsi
- movq %r8, %rax
# mask m and sub from result if overflow
# m[0] = -1 & mask = mask
- shrq $32, %rax
# m[2] = 0 & mask = 0
+ movl %r8d, %eax
andq %r8, %rsi
subq %r8, %r12
sbbq %rax, %r13
@@ -57355,7 +57202,7 @@ _sp_256_mont_mul_avx2_4:
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -57489,11 +57336,10 @@ _sp_256_mont_sqr_avx2_4:
adcq $0x00, %r15
sbbq $0x00, %r8
movq $0xffffffff00000001, %rsi
- movq %r8, %rax
# mask m and sub from result if overflow
# m[0] = -1 & mask = mask
- shrq $32, %rax
# m[2] = 0 & mask = 0
+ movl %r8d, %eax
andq %r8, %rsi
subq %r8, %r12
sbbq %rax, %r13
@@ -57577,15 +57423,15 @@ _sp_256_cond_sub_avx2_4:
*/
#ifndef __APPLE__
.text
-.globl sp_256_mont_reduce_avx2_order_4
-.type sp_256_mont_reduce_avx2_order_4,@function
+.globl sp_256_mont_reduce_order_avx2_4
+.type sp_256_mont_reduce_order_avx2_4,@function
.align 16
-sp_256_mont_reduce_avx2_order_4:
+sp_256_mont_reduce_order_avx2_4:
#else
.section __TEXT,__text
-.globl _sp_256_mont_reduce_avx2_order_4
+.globl _sp_256_mont_reduce_order_avx2_4
.p2align 4
-_sp_256_mont_reduce_avx2_order_4:
+_sp_256_mont_reduce_order_avx2_4:
#endif /* __APPLE__ */
pushq %r12
pushq %r13
@@ -57729,7 +57575,7 @@ _sp_256_mont_reduce_avx2_order_4:
popq %r12
repz retq
#ifndef __APPLE__
-.size sp_256_mont_reduce_avx2_order_4,.-sp_256_mont_reduce_avx2_order_4
+.size sp_256_mont_reduce_order_avx2_4,.-sp_256_mont_reduce_order_avx2_4
#endif /* __APPLE__ */
#endif /* HAVE_INTEL_AVX2 */
#ifdef HAVE_INTEL_AVX2
@@ -57741,26 +57587,25 @@ _sp_256_mont_reduce_avx2_order_4:
*/
#ifndef __APPLE__
.text
-.globl sp_256_div2_avx2_4
-.type sp_256_div2_avx2_4,@function
+.globl sp_256_mont_div2_avx2_4
+.type sp_256_mont_div2_avx2_4,@function
.align 16
-sp_256_div2_avx2_4:
+sp_256_mont_div2_avx2_4:
#else
.section __TEXT,__text
-.globl _sp_256_div2_avx2_4
+.globl _sp_256_mont_div2_avx2_4
.p2align 4
-_sp_256_div2_avx2_4:
+_sp_256_mont_div2_avx2_4:
#endif /* __APPLE__ */
movq (%rsi), %rdx
movq 8(%rsi), %rax
movq 16(%rsi), %rcx
movq 24(%rsi), %r8
- movq $0xffffffff, %r9
movq $0xffffffff00000001, %r10
movq %rdx, %r11
andq $0x01, %r11
negq %r11
- andq %r11, %r9
+ movl %r11d, %r9d
andq %r11, %r10
addq %r11, %rdx
adcq %r9, %rax
@@ -57778,14 +57623,14 @@ _sp_256_div2_avx2_4:
movq %r8, 24(%rdi)
repz retq
#ifndef __APPLE__
-.size sp_256_div2_avx2_4,.-sp_256_div2_avx2_4
+.size sp_256_mont_div2_avx2_4,.-sp_256_mont_div2_avx2_4
#endif /* __APPLE__ */
#endif /* HAVE_INTEL_AVX2 */
#ifndef WC_NO_CACHE_RESISTANT
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -57845,7 +57690,7 @@ L_256_get_entry_64_4_start_0:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -57895,7 +57740,7 @@ L_256_get_entry_64_avx2_4_start:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -57955,7 +57800,7 @@ L_256_get_entry_65_4_start_0:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -58463,11 +58308,12 @@ _sp_256_mont_mul_order_avx2_4:
pushq %rbx
movq %rdx, %rbp
movq (%rsi), %rdx
+ movq 8(%rbp), %r14
# A[0] * B[0]
mulxq (%rbp), %r8, %r9
xorq %rbx, %rbx
# A[0] * B[1]
- mulxq 8(%rbp), %rax, %r10
+ mulxq %r14, %rax, %r10
adcxq %rax, %r9
# A[0] * B[2]
mulxq 16(%rbp), %rax, %r11
@@ -58482,7 +58328,7 @@ _sp_256_mont_mul_order_avx2_4:
xorq %rbx, %rbx
adcxq %rax, %r9
# A[1] * B[1]
- mulxq 8(%rbp), %rax, %r15
+ mulxq %r14, %rax, %r15
adoxq %rcx, %r10
adcxq %rax, %r10
# A[1] * B[2]
@@ -58501,7 +58347,7 @@ _sp_256_mont_mul_order_avx2_4:
xorq %rbx, %rbx
adcxq %rax, %r10
# A[2] * B[1]
- mulxq 8(%rbp), %rax, %r15
+ mulxq %r14, %rax, %r15
adoxq %rcx, %r11
adcxq %rax, %r11
# A[2] * B[2]
@@ -60712,11 +60558,10 @@ _sp_384_mont_reduce_6:
# Subtract mod if carry
negq %r10
movq $0xfffffffffffffffe, %r9
- movq %r10, %rcx
+ movl %r10d, %ecx
movq %r10, %r8
- shrq $32, %rcx
- shlq $32, %r8
andq %r10, %r9
+ shlq $32, %r8
subq %rcx, %rbx
sbbq %r8, %rbp
sbbq %r9, %r11
@@ -60962,7 +60807,6 @@ _sp_384_mont_add_6:
movq 32(%rsi), %r10
movq 40(%rsi), %r11
addq (%rdx), %rax
- movq $0xffffffff, %r12
adcq 8(%rdx), %rcx
movq $0xffffffff00000000, %r13
adcq 16(%rdx), %r8
@@ -60971,7 +60815,7 @@ _sp_384_mont_add_6:
adcq 32(%rdx), %r10
adcq 40(%rdx), %r11
sbbq %rsi, %rsi
- andq %rsi, %r12
+ movl %esi, %r12d
andq %rsi, %r13
andq %rsi, %r14
subq %r12, %rax
@@ -61031,16 +60875,16 @@ _sp_384_mont_dbl_6:
movq 32(%rsi), %r9
movq 40(%rsi), %r10
addq %rdx, %rdx
- movq $0xffffffff, %r11
adcq %rax, %rax
movq $0xffffffff00000000, %r12
adcq %rcx, %rcx
movq $0xfffffffffffffffe, %r13
adcq %r8, %r8
adcq %r9, %r9
+ movq %r10, %r14
adcq %r10, %r10
- sbbq %r14, %r14
- andq %r14, %r11
+ sarq $63, %r14
+ movl %r14d, %r11d
andq %r14, %r12
andq %r14, %r13
subq %r11, %rdx
@@ -61100,7 +60944,6 @@ _sp_384_mont_tpl_6:
movq 32(%rsi), %r9
movq 40(%rsi), %r10
addq %rdx, %rdx
- movq $0xffffffff, %r11
adcq %rax, %rax
movq $0xffffffff00000000, %r12
adcq %rcx, %rcx
@@ -61109,7 +60952,7 @@ _sp_384_mont_tpl_6:
adcq %r9, %r9
adcq %r10, %r10
sbbq %r14, %r14
- andq %r14, %r11
+ movl %r14d, %r11d
andq %r14, %r12
andq %r14, %r13
subq %r11, %rdx
@@ -61130,7 +60973,6 @@ _sp_384_mont_tpl_6:
sbbq %r14, %r9
sbbq %r14, %r10
addq (%rsi), %rdx
- movq $0xffffffff, %r11
adcq 8(%rsi), %rax
movq $0xffffffff00000000, %r12
adcq 16(%rsi), %rcx
@@ -61139,7 +60981,7 @@ _sp_384_mont_tpl_6:
adcq 32(%rsi), %r9
adcq 40(%rsi), %r10
sbbq %r14, %r14
- andq %r14, %r11
+ movl %r14d, %r11d
andq %r14, %r12
andq %r14, %r13
subq %r11, %rdx
@@ -61200,7 +61042,6 @@ _sp_384_mont_sub_6:
movq 32(%rsi), %r10
movq 40(%rsi), %r11
subq (%rdx), %rax
- movq $0xffffffff, %r12
sbbq 8(%rdx), %rcx
movq $0xffffffff00000000, %r13
sbbq 16(%rdx), %r8
@@ -61209,7 +61050,7 @@ _sp_384_mont_sub_6:
sbbq 32(%rdx), %r10
sbbq 40(%rdx), %r11
sbbq %rsi, %rsi
- andq %rsi, %r12
+ movl %esi, %r12d
andq %rsi, %r13
andq %rsi, %r14
addq %r12, %rax
@@ -61241,68 +61082,6 @@ _sp_384_mont_sub_6:
#ifndef __APPLE__
.size sp_384_mont_sub_6,.-sp_384_mont_sub_6
#endif /* __APPLE__ */
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * b is less than the modulus.
- *
- * r Result of subtration.
- * a Number to subtract from in Montgomery form.
- * b Number to subtract with in Montgomery form.
- * m Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl sp_384_mont_sub_lower_6
-.type sp_384_mont_sub_lower_6,@function
-.align 16
-sp_384_mont_sub_lower_6:
-#else
-.section __TEXT,__text
-.globl _sp_384_mont_sub_lower_6
-.p2align 4
-_sp_384_mont_sub_lower_6:
-#endif /* __APPLE__ */
- pushq %r12
- pushq %r13
- pushq %r14
- movq (%rsi), %rax
- movq 8(%rsi), %rcx
- movq 16(%rsi), %r8
- movq 24(%rsi), %r9
- movq 32(%rsi), %r10
- movq 40(%rsi), %r11
- subq (%rdx), %rax
- movq $0xffffffff, %r12
- sbbq 8(%rdx), %rcx
- movq $0xffffffff00000000, %r13
- sbbq 16(%rdx), %r8
- movq $0xfffffffffffffffe, %r14
- sbbq 24(%rdx), %r9
- sbbq 32(%rdx), %r10
- sbbq 40(%rdx), %r11
- sbbq %rsi, %rsi
- andq %rsi, %r12
- andq %rsi, %r13
- andq %rsi, %r14
- addq %r12, %rax
- adcq %r13, %rcx
- movq %rax, (%rdi)
- adcq %r14, %r8
- movq %rcx, 8(%rdi)
- adcq %rsi, %r9
- movq %r8, 16(%rdi)
- adcq %rsi, %r10
- movq %r9, 24(%rdi)
- adcq %rsi, %r11
- movq %r10, 32(%rdi)
- movq %r11, 40(%rdi)
- popq %r14
- popq %r13
- popq %r12
- repz retq
-#ifndef __APPLE__
-.size sp_384_mont_sub_lower_6,.-sp_384_mont_sub_lower_6
-#endif /* __APPLE__ */
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
*
* r Result of division by 2.
@@ -61311,15 +61090,15 @@ _sp_384_mont_sub_lower_6:
*/
#ifndef __APPLE__
.text
-.globl sp_384_div2_6
-.type sp_384_div2_6,@function
+.globl sp_384_mont_div2_6
+.type sp_384_mont_div2_6,@function
.align 16
-sp_384_div2_6:
+sp_384_mont_div2_6:
#else
.section __TEXT,__text
-.globl _sp_384_div2_6
+.globl _sp_384_mont_div2_6
.p2align 4
-_sp_384_div2_6:
+_sp_384_mont_div2_6:
#endif /* __APPLE__ */
subq $48, %rsp
movq (%rsi), %r11
@@ -61378,165 +61157,13 @@ _sp_384_div2_6:
addq $48, %rsp
repz retq
#ifndef __APPLE__
-.size sp_384_div2_6,.-sp_384_div2_6
-#endif /* __APPLE__ */
-/* Double a Montgomery form number (r = a + a % m).
- *
- * a is less than m.
- *
- * r Result of doubling.
- * a Number to double in Montgomery form.
- * m Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl sp_384_mont_dbl_lower_6
-.type sp_384_mont_dbl_lower_6,@function
-.align 16
-sp_384_mont_dbl_lower_6:
-#else
-.section __TEXT,__text
-.globl _sp_384_mont_dbl_lower_6
-.p2align 4
-_sp_384_mont_dbl_lower_6:
-#endif /* __APPLE__ */
- pushq %r12
- pushq %r13
- pushq %r14
- movq (%rsi), %rdx
- movq 8(%rsi), %rax
- movq 16(%rsi), %rcx
- movq 24(%rsi), %r8
- movq 32(%rsi), %r9
- movq 40(%rsi), %r10
- addq %rdx, %rdx
- movq $0xffffffff, %r11
- adcq %rax, %rax
- movq $0xffffffff00000000, %r12
- adcq %rcx, %rcx
- movq $0xfffffffffffffffe, %r13
- adcq %r8, %r8
- adcq %r9, %r9
- adcq %r10, %r10
- sbbq %r14, %r14
- andq %r14, %r11
- andq %r14, %r12
- andq %r14, %r13
- subq %r11, %rdx
- sbbq %r12, %rax
- movq %rdx, (%rdi)
- sbbq %r13, %rcx
- movq %rax, 8(%rdi)
- sbbq %r14, %r8
- movq %rcx, 16(%rdi)
- sbbq %r14, %r9
- movq %r8, 24(%rdi)
- sbbq %r14, %r10
- movq %r9, 32(%rdi)
- movq %r10, 40(%rdi)
- popq %r14
- popq %r13
- popq %r12
- repz retq
-#ifndef __APPLE__
-.size sp_384_mont_dbl_lower_6,.-sp_384_mont_dbl_lower_6
-#endif /* __APPLE__ */
-/* Double a Montgomery form number (r = a + a % m).
- *
- * a is less than m.
- *
- * r Result of doubling.
- * a Number to double in Montgomery form.
- * m Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl sp_384_mont_tpl_lower_6
-.type sp_384_mont_tpl_lower_6,@function
-.align 16
-sp_384_mont_tpl_lower_6:
-#else
-.section __TEXT,__text
-.globl _sp_384_mont_tpl_lower_6
-.p2align 4
-_sp_384_mont_tpl_lower_6:
-#endif /* __APPLE__ */
- pushq %r12
- pushq %r13
- pushq %r14
- movq (%rsi), %rdx
- movq 8(%rsi), %rax
- movq 16(%rsi), %rcx
- movq 24(%rsi), %r8
- movq 32(%rsi), %r9
- movq 40(%rsi), %r10
- addq %rdx, %rdx
- movq $0xffffffff, %r11
- adcq %rax, %rax
- movq $0xffffffff00000000, %r12
- adcq %rcx, %rcx
- movq $0xfffffffffffffffe, %r13
- adcq %r8, %r8
- adcq %r9, %r9
- adcq %r10, %r10
- sbbq %r14, %r14
- andq %r14, %r11
- andq %r14, %r12
- andq %r14, %r13
- subq %r11, %rdx
- sbbq %r12, %rax
- movq %rdx, (%rdi)
- sbbq %r13, %rcx
- sbbq %r14, %r8
- sbbq %r14, %r9
- sbbq %r14, %r10
- addq (%rsi), %rdx
- movq $0xffffffff, %r11
- adcq 8(%rsi), %rax
- movq $0xffffffff00000000, %r12
- adcq 16(%rsi), %rcx
- movq $0xfffffffffffffffe, %r13
- adcq 24(%rsi), %r8
- adcq 32(%rsi), %r9
- adcq 40(%rsi), %r10
- sbbq %r14, %r14
- andq %r14, %r11
- andq %r14, %r12
- andq %r14, %r13
- subq %r11, %rdx
- sbbq %r12, %rax
- sbbq %r13, %rcx
- sbbq %r14, %r8
- sbbq %r14, %r9
- sbbq %r14, %r10
- adcq $0x00, %r14
- andq %r14, %r11
- andq %r14, %r12
- andq %r14, %r13
- subq %r11, %rdx
- sbbq %r12, %rax
- movq %rdx, (%rdi)
- sbbq %r13, %rcx
- movq %rax, 8(%rdi)
- sbbq %r14, %r8
- movq %rcx, 16(%rdi)
- sbbq %r14, %r9
- movq %r8, 24(%rdi)
- sbbq %r14, %r10
- movq %r9, 32(%rdi)
- movq %r10, 40(%rdi)
- popq %r14
- popq %r13
- popq %r12
- repz retq
-#ifndef __APPLE__
-.size sp_384_mont_tpl_lower_6,.-sp_384_mont_tpl_lower_6
+.size sp_384_mont_div2_6,.-sp_384_mont_div2_6
#endif /* __APPLE__ */
#ifndef WC_NO_CACHE_RESISTANT
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of point to retrieve.
*/
#ifndef __APPLE__
@@ -61636,7 +61263,7 @@ L_384_get_point_33_6_start_2:
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of point to retrieve.
*/
#ifndef __APPLE__
@@ -62098,15 +61725,15 @@ _sp_384_cond_sub_avx2_6:
*/
#ifndef __APPLE__
.text
-.globl sp_384_div2_avx2_6
-.type sp_384_div2_avx2_6,@function
+.globl sp_384_mont_div2_avx2_6
+.type sp_384_mont_div2_avx2_6,@function
.align 16
-sp_384_div2_avx2_6:
+sp_384_mont_div2_avx2_6:
#else
.section __TEXT,__text
-.globl _sp_384_div2_avx2_6
+.globl _sp_384_mont_div2_avx2_6
.p2align 4
-_sp_384_div2_avx2_6:
+_sp_384_mont_div2_avx2_6:
#endif /* __APPLE__ */
movq (%rsi), %r11
xorq %r10, %r10
@@ -62164,14 +61791,14 @@ _sp_384_div2_avx2_6:
movq %r9, 40(%rdi)
repz retq
#ifndef __APPLE__
-.size sp_384_div2_avx2_6,.-sp_384_div2_avx2_6
+.size sp_384_mont_div2_avx2_6,.-sp_384_mont_div2_avx2_6
#endif /* __APPLE__ */
#endif /* HAVE_INTEL_AVX2 */
#ifndef WC_NO_CACHE_RESISTANT
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -62241,7 +61868,7 @@ L_384_get_entry_64_6_start_0:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -62301,7 +61928,7 @@ L_384_get_entry_64_avx2_6_start:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -62371,7 +61998,7 @@ L_384_get_entry_65_6_start_0:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -65220,7 +64847,7 @@ _sp_521_cond_copy_9:
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -65817,7 +65444,7 @@ _sp_521_mont_mul_9:
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -67016,15 +66643,15 @@ _sp_521_mont_sub_9:
*/
#ifndef __APPLE__
.text
-.globl sp_521_div2_9
-.type sp_521_div2_9,@function
+.globl sp_521_mont_div2_9
+.type sp_521_mont_div2_9,@function
.align 16
-sp_521_div2_9:
+sp_521_mont_div2_9:
#else
.section __TEXT,__text
-.globl _sp_521_div2_9
+.globl _sp_521_mont_div2_9
.p2align 4
-_sp_521_div2_9:
+_sp_521_mont_div2_9:
#endif /* __APPLE__ */
pushq %r12
pushq %r13
@@ -67074,13 +66701,13 @@ _sp_521_div2_9:
popq %r12
repz retq
#ifndef __APPLE__
-.size sp_521_div2_9,.-sp_521_div2_9
+.size sp_521_mont_div2_9,.-sp_521_mont_div2_9
#endif /* __APPLE__ */
#ifndef WC_NO_CACHE_RESISTANT
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of point to retrieve.
*/
#ifndef __APPLE__
@@ -67225,7 +66852,7 @@ L_521_get_point_33_9_start_2:
/* Touch each possible point that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of point to retrieve.
*/
#ifndef __APPLE__
@@ -67326,7 +66953,7 @@ L_521_get_point_33_avx2_9_start:
* a First number to multiply in Montgomery form.
* b Second number to multiply in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -67941,7 +67568,7 @@ _sp_521_mont_mul_avx2_9:
* r Result of squaring.
* a Number to square in Montgomery form.
* m Modulus (prime).
- * mp Montgomery mulitplier.
+ * mp Montgomery multiplier.
*/
#ifndef __APPLE__
.text
@@ -68782,15 +68409,15 @@ L_521_mont_reduce_order_avx2_9_loop:
*/
#ifndef __APPLE__
.text
-.globl sp_521_div2_avx2_9
-.type sp_521_div2_avx2_9,@function
+.globl sp_521_mont_div2_avx2_9
+.type sp_521_mont_div2_avx2_9,@function
.align 16
-sp_521_div2_avx2_9:
+sp_521_mont_div2_avx2_9:
#else
.section __TEXT,__text
-.globl _sp_521_div2_avx2_9
+.globl _sp_521_mont_div2_avx2_9
.p2align 4
-_sp_521_div2_avx2_9:
+_sp_521_mont_div2_avx2_9:
#endif /* __APPLE__ */
pushq %r12
pushq %r13
@@ -68840,14 +68467,14 @@ _sp_521_div2_avx2_9:
popq %r12
repz retq
#ifndef __APPLE__
-.size sp_521_div2_avx2_9,.-sp_521_div2_avx2_9
+.size sp_521_mont_div2_avx2_9,.-sp_521_mont_div2_avx2_9
#endif /* __APPLE__ */
#endif /* HAVE_INTEL_AVX2 */
#ifndef WC_NO_CACHE_RESISTANT
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -68966,7 +68593,7 @@ L_521_get_entry_64_9_start_1:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -69044,7 +68671,7 @@ L_521_get_entry_64_avx2_9_start:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -69163,7 +68790,7 @@ L_521_get_entry_65_9_start_1:
/* Touch each possible entry that could be being copied.
*
* r Point to copy into.
- * table Table - start of the entires to access
+ * table Table - start of the entries to access
* idx Index of entry to retrieve.
*/
#ifndef __APPLE__
@@ -77693,15 +77320,15 @@ _sp_1024_mont_sub_16:
*/
#ifndef __APPLE__
.text
-.globl sp_1024_div2_16
-.type sp_1024_div2_16,@function
+.globl sp_1024_mont_div2_16
+.type sp_1024_mont_div2_16,@function
.align 16
-sp_1024_div2_16:
+sp_1024_mont_div2_16:
#else
.section __TEXT,__text
-.globl _sp_1024_div2_16
+.globl _sp_1024_mont_div2_16
.p2align 4
-_sp_1024_div2_16:
+_sp_1024_mont_div2_16:
#endif /* __APPLE__ */
subq $0x80, %rsp
movq (%rsi), %r11
@@ -77840,78 +77467,7 @@ _sp_1024_div2_16:
addq $0x80, %rsp
repz retq
#ifndef __APPLE__
-.size sp_1024_div2_16,.-sp_1024_div2_16
-#endif /* __APPLE__ */
-/* Sub b from a into r. (r = a - b)
- *
- * r A single precision integer.
- * a A single precision integer.
- * b A single precision integer.
- */
-#ifndef __APPLE__
-.text
-.globl sp_1024_sub_16
-.type sp_1024_sub_16,@function
-.align 16
-sp_1024_sub_16:
-#else
-.section __TEXT,__text
-.globl _sp_1024_sub_16
-.p2align 4
-_sp_1024_sub_16:
-#endif /* __APPLE__ */
- movq (%rsi), %rcx
- subq (%rdx), %rcx
- movq 8(%rsi), %r8
- movq %rcx, (%rdi)
- sbbq 8(%rdx), %r8
- movq 16(%rsi), %rcx
- movq %r8, 8(%rdi)
- sbbq 16(%rdx), %rcx
- movq 24(%rsi), %r8
- movq %rcx, 16(%rdi)
- sbbq 24(%rdx), %r8
- movq 32(%rsi), %rcx
- movq %r8, 24(%rdi)
- sbbq 32(%rdx), %rcx
- movq 40(%rsi), %r8
- movq %rcx, 32(%rdi)
- sbbq 40(%rdx), %r8
- movq 48(%rsi), %rcx
- movq %r8, 40(%rdi)
- sbbq 48(%rdx), %rcx
- movq 56(%rsi), %r8
- movq %rcx, 48(%rdi)
- sbbq 56(%rdx), %r8
- movq 64(%rsi), %rcx
- movq %r8, 56(%rdi)
- sbbq 64(%rdx), %rcx
- movq 72(%rsi), %r8
- movq %rcx, 64(%rdi)
- sbbq 72(%rdx), %r8
- movq 80(%rsi), %rcx
- movq %r8, 72(%rdi)
- sbbq 80(%rdx), %rcx
- movq 88(%rsi), %r8
- movq %rcx, 80(%rdi)
- sbbq 88(%rdx), %r8
- movq 96(%rsi), %rcx
- movq %r8, 88(%rdi)
- sbbq 96(%rdx), %rcx
- movq 104(%rsi), %r8
- movq %rcx, 96(%rdi)
- sbbq 104(%rdx), %r8
- movq 112(%rsi), %rcx
- movq %r8, 104(%rdi)
- sbbq 112(%rdx), %rcx
- movq 120(%rsi), %r8
- movq %rcx, 112(%rdi)
- sbbq 120(%rdx), %r8
- movq %r8, 120(%rdi)
- sbbq %rax, %rax
- repz retq
-#ifndef __APPLE__
-.size sp_1024_sub_16,.-sp_1024_sub_16
+.size sp_1024_mont_div2_16,.-sp_1024_mont_div2_16
#endif /* __APPLE__ */
#ifdef HAVE_INTEL_AVX2
/* Reduce the number back to 1024 bits using Montgomery reduction.
@@ -79028,15 +78584,15 @@ _sp_1024_mont_sub_avx2_16:
*/
#ifndef __APPLE__
.text
-.globl sp_1024_div2_avx2_16
-.type sp_1024_div2_avx2_16,@function
+.globl sp_1024_mont_div2_avx2_16
+.type sp_1024_mont_div2_avx2_16,@function
.align 16
-sp_1024_div2_avx2_16:
+sp_1024_mont_div2_avx2_16:
#else
.section __TEXT,__text
-.globl _sp_1024_div2_avx2_16
+.globl _sp_1024_mont_div2_avx2_16
.p2align 4
-_sp_1024_div2_avx2_16:
+_sp_1024_mont_div2_avx2_16:
#endif /* __APPLE__ */
movq (%rsi), %r11
xorq %r10, %r10
@@ -79174,7 +78730,7 @@ _sp_1024_div2_avx2_16:
movq %r9, 120(%rdi)
repz retq
#ifndef __APPLE__
-.size sp_1024_div2_avx2_16,.-sp_1024_div2_avx2_16
+.size sp_1024_mont_div2_avx2_16,.-sp_1024_mont_div2_avx2_16
#endif /* __APPLE__ */
#endif /* HAVE_INTEL_AVX2 */
/* Read big endian unsigned byte array into r.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm
index 66a7f003..fa6558cc 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm
@@ -1,5 +1,5 @@
-; /* sp_x86_64_asm
-; *
+; /* sp_x86_64_asm.asm */
+; /*
; * Copyright (C) 2006-2023 wolfSSL Inc.
; *
; * This file is part of wolfSSL.
@@ -54329,11 +54329,12 @@ sp_256_mul_avx2_4 PROC
mov rbp, r8
mov rax, rdx
mov rdx, QWORD PTR [rax]
+ mov r14, QWORD PTR [rbp+8]
; A[0] * B[0]
mulx r9, r8, QWORD PTR [rbp]
xor rbx, rbx
; A[0] * B[1]
- mulx r10, rdi, QWORD PTR [rbp+8]
+ mulx r10, rdi, r14
adcx r9, rdi
; A[0] * B[2]
mulx r11, rdi, QWORD PTR [rbp+16]
@@ -54348,7 +54349,7 @@ sp_256_mul_avx2_4 PROC
xor rbx, rbx
adcx r9, rdi
; A[1] * B[1]
- mulx r15, rdi, QWORD PTR [rbp+8]
+ mulx r15, rdi, r14
adox r10, rsi
adcx r10, rdi
; A[1] * B[2]
@@ -54367,7 +54368,7 @@ sp_256_mul_avx2_4 PROC
xor rbx, rbx
adcx r10, rdi
; A[2] * B[1]
- mulx r15, rdi, QWORD PTR [rbp+8]
+ mulx r15, rdi, r14
adox r11, rsi
adcx r11, rdi
; A[2] * B[2]
@@ -54716,7 +54717,7 @@ _text ENDS
; * a First number to multiply in Montgomery form.
; * b Second number to multiply in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_256_mont_mul_4 PROC
@@ -54884,11 +54885,10 @@ sp_256_mont_mul_4 PROC
adc rbx, 0
sbb r11, 0
mov r10, 18446744069414584321
- mov rax, r11
; mask m and sub from result if overflow
; m[0] = -1 & mask = mask
- shr rax, 32
; m[2] = 0 & mask = 0
+ mov eax, r11d
and r10, r11
sub r15, r11
sbb rdi, rax
@@ -54913,7 +54913,7 @@ _text ENDS
; * r Result of squaring.
; * a Number to square in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_256_mont_sqr_4 PROC
@@ -55060,11 +55060,10 @@ sp_256_mont_sqr_4 PROC
adc rsi, 0
sbb r10, 0
mov r8, 18446744069414584321
- mov rax, r10
; mask m and sub from result if overflow
; m[0] = -1 & mask = mask
- shr rax, 32
; m[2] = 0 & mask = 0
+ mov eax, r10d
and r8, r10
sub r14, r10
sbb r15, rax
@@ -55263,11 +55262,10 @@ sp_256_mont_reduce_4 PROC
adc rdi, 0
sbb r9, 0
mov rbx, 18446744069414584321
- mov rax, r9
; mask m and sub from result if overflow
; m[0] = -1 & mask = mask
- shr rax, 32
; m[2] = 0 & mask = 0
+ mov eax, r9d
and rbx, r9
sub r13, r9
sbb r14, rax
@@ -55404,13 +55402,12 @@ sp_256_mont_add_4 PROC
mov r10, QWORD PTR [rdx+16]
mov r11, QWORD PTR [rdx+24]
add rax, QWORD PTR [r8]
- mov r12, 4294967295
adc r9, QWORD PTR [r8+8]
mov r13, 18446744069414584321
adc r10, QWORD PTR [r8+16]
adc r11, QWORD PTR [r8+24]
sbb rdx, rdx
- and r12, rdx
+ mov r12d, edx
and r13, rdx
sub rax, rdx
sbb r9, r12
@@ -55447,13 +55444,13 @@ sp_256_mont_dbl_4 PROC
mov r9, QWORD PTR [rdx+16]
mov r10, QWORD PTR [rdx+24]
add rax, rax
- mov r11, 4294967295
adc r8, r8
mov r12, 18446744069414584321
adc r9, r9
+ mov r13, r10
adc r10, r10
- sbb r13, r13
- and r11, r13
+ sar r13, 63
+ mov r11d, r13d
and r12, r13
sub rax, r13
sbb r8, r11
@@ -55490,13 +55487,12 @@ sp_256_mont_tpl_4 PROC
mov r9, QWORD PTR [rdx+16]
mov r10, QWORD PTR [rdx+24]
add rax, rax
- mov r11, 4294967295
adc r8, r8
mov r12, 18446744069414584321
adc r9, r9
adc r10, r10
sbb r13, r13
- and r11, r13
+ mov r11d, r13d
and r12, r13
sub rax, r13
sbb r8, r11
@@ -55510,13 +55506,12 @@ sp_256_mont_tpl_4 PROC
sbb r9, 0
sbb r10, r12
add rax, QWORD PTR [rdx]
- mov r11, 4294967295
adc r8, QWORD PTR [rdx+8]
mov r12, 18446744069414584321
adc r9, QWORD PTR [rdx+16]
adc r10, QWORD PTR [rdx+24]
- sbb r13, r13
- and r11, r13
+ sbb r13, 0
+ mov r11d, r13d
and r12, r13
sub rax, r13
sbb r8, r11
@@ -55554,13 +55549,12 @@ sp_256_mont_sub_4 PROC
mov r10, QWORD PTR [rdx+16]
mov r11, QWORD PTR [rdx+24]
sub rax, QWORD PTR [r8]
- mov r12, 4294967295
sbb r9, QWORD PTR [r8+8]
mov r13, 18446744069414584321
sbb r10, QWORD PTR [r8+16]
sbb r11, QWORD PTR [r8+24]
sbb rdx, rdx
- and r12, rdx
+ mov r12d, edx
and r13, rdx
add rax, rdx
adc r9, r12
@@ -55582,45 +55576,6 @@ sp_256_mont_sub_4 PROC
ret
sp_256_mont_sub_4 ENDP
_text ENDS
-; /* Subtract two Montgomery form numbers (r = a - b % m).
-; *
-; * b is less than the modulus.
-; *
-; * r Result of subtration.
-; * a Number to subtract from in Montgomery form.
-; * b Number to subtract with in Montgomery form.
-; * m Modulus (prime).
-; */
-_text SEGMENT READONLY PARA
-sp_256_mont_sub_lower_4 PROC
- push r12
- push r13
- mov rax, QWORD PTR [rdx]
- mov r9, QWORD PTR [rdx+8]
- mov r10, QWORD PTR [rdx+16]
- mov r11, QWORD PTR [rdx+24]
- sub rax, QWORD PTR [r8]
- mov r12, 4294967295
- sbb r9, QWORD PTR [r8+8]
- mov r13, 18446744069414584321
- sbb r10, QWORD PTR [r8+16]
- sbb r11, QWORD PTR [r8+24]
- sbb rdx, rdx
- and r12, rdx
- and r13, rdx
- add rax, rdx
- adc r9, r12
- mov QWORD PTR [rcx], rax
- adc r10, 0
- mov QWORD PTR [rcx+8], r9
- adc r11, r13
- mov QWORD PTR [rcx+16], r10
- mov QWORD PTR [rcx+24], r11
- pop r13
- pop r12
- ret
-sp_256_mont_sub_lower_4 ENDP
-_text ENDS
; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
; *
; * r Result of division by 2.
@@ -55628,19 +55583,18 @@ _text ENDS
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_256_div2_4 PROC
+sp_256_mont_div2_4 PROC
push r12
push r13
mov rax, QWORD PTR [rdx]
mov r8, QWORD PTR [rdx+8]
mov r9, QWORD PTR [rdx+16]
mov r10, QWORD PTR [rdx+24]
- mov r11, 4294967295
mov r12, 18446744069414584321
mov r13, rax
and r13, 1
neg r13
- and r11, r13
+ mov r11d, r13d
and r12, r13
add rax, r13
adc r8, r11
@@ -55659,65 +55613,7 @@ sp_256_div2_4 PROC
pop r13
pop r12
ret
-sp_256_div2_4 ENDP
-_text ENDS
-; /* Triple a Montgomery form number (r = a + a + a % m).
-; *
-; * a is less than m.
-; *
-; * r Result of Tripling.
-; * a Number to triple in Montgomery form.
-; * m Modulus (prime).
-; */
-_text SEGMENT READONLY PARA
-sp_256_mont_tpl_lower_4 PROC
- push r12
- push r13
- mov rax, QWORD PTR [rdx]
- mov r8, QWORD PTR [rdx+8]
- mov r9, QWORD PTR [rdx+16]
- mov r10, QWORD PTR [rdx+24]
- add rax, rax
- mov r11, 4294967295
- adc r8, r8
- mov r12, 18446744069414584321
- adc r9, r9
- adc r10, r10
- sbb r13, r13
- and r11, r13
- and r12, r13
- sub rax, r13
- sbb r8, r11
- sbb r9, 0
- sbb r10, r12
- add rax, QWORD PTR [rdx]
- mov r11, 4294967295
- adc r8, QWORD PTR [rdx+8]
- mov r12, 18446744069414584321
- adc r9, QWORD PTR [rdx+16]
- adc r10, QWORD PTR [rdx+24]
- sbb r13, r13
- and r11, r13
- and r12, r13
- sub rax, r13
- sbb r8, r11
- sbb r9, 0
- sbb r10, r12
- adc r13, 0
- and r11, r13
- and r12, r13
- sub rax, r13
- sbb r8, r11
- mov QWORD PTR [rcx], rax
- sbb r9, 0
- mov QWORD PTR [rcx+8], r8
- sbb r10, r12
- mov QWORD PTR [rcx+16], r9
- mov QWORD PTR [rcx+24], r10
- pop r13
- pop r12
- ret
-sp_256_mont_tpl_lower_4 ENDP
+sp_256_mont_div2_4 ENDP
_text ENDS
; /* Two Montgomery numbers, subtract double second from first (r = a - 2.b % m).
; *
@@ -55727,7 +55623,7 @@ _text ENDS
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_256_mont_sub_dbl_4 PROC
+sp_256_mont_rsb_sub_dbl_4 PROC
push r12
push r13
push r14
@@ -55743,42 +55639,40 @@ sp_256_mont_sub_dbl_4 PROC
mov r14, QWORD PTR [r8+16]
mov r15, QWORD PTR [r8+24]
add r12, r12
- mov rdi, 4294967295
adc r13, r13
mov rsi, 18446744069414584321
adc r14, r14
adc r15, r15
- sbb r8, r8
- and rdi, r8
- and rsi, r8
- sub r12, r8
+ sbb rdx, rdx
+ mov edi, edx
+ and rsi, rdx
+ sub r12, rdx
sbb r13, rdi
sbb r14, 0
sbb r15, rsi
- adc r8, 0
- and rdi, r8
- and rsi, r8
- sub r12, r8
+ adc rdx, 0
+ and rdi, rdx
+ and rsi, rdx
+ sub r12, rdx
sbb r13, rdi
sbb r14, 0
sbb r15, rsi
sub rax, r12
- mov rdi, 4294967295
sbb r9, r13
mov rsi, 18446744069414584321
sbb r10, r14
sbb r11, r15
- sbb r8, r8
- and rdi, r8
- and rsi, r8
- add rax, r8
+ sbb rdx, 0
+ mov edi, edx
+ and rsi, rdx
+ add rax, rdx
adc r9, rdi
adc r10, 0
adc r11, rsi
- adc r8, 0
- and rdi, r8
- and rsi, r8
- add rax, r8
+ adc rdx, 0
+ and rdi, rdx
+ and rsi, rdx
+ add rax, rdx
adc r9, rdi
mov QWORD PTR [rcx], rax
adc r10, 0
@@ -55786,6 +55680,33 @@ sp_256_mont_sub_dbl_4 PROC
adc r11, rsi
mov QWORD PTR [rcx+16], r10
mov QWORD PTR [rcx+24], r11
+ mov r12, QWORD PTR [r8]
+ mov r13, QWORD PTR [r8+8]
+ mov r14, QWORD PTR [r8+16]
+ mov r15, QWORD PTR [r8+24]
+ sub r12, rax
+ sbb r13, r9
+ mov rsi, 18446744069414584321
+ sbb r14, r10
+ sbb r15, r11
+ sbb rdx, rdx
+ mov edi, edx
+ and rsi, rdx
+ add r12, rdx
+ adc r13, rdi
+ adc r14, 0
+ adc r15, rsi
+ adc rdx, 0
+ and rdi, rdx
+ and rsi, rdx
+ add r12, rdx
+ adc r13, rdi
+ mov QWORD PTR [r8], r12
+ adc r14, 0
+ mov QWORD PTR [r8+8], r13
+ adc r15, rsi
+ mov QWORD PTR [r8+16], r14
+ mov QWORD PTR [r8+24], r15
pop rsi
pop rdi
pop r15
@@ -55793,66 +55714,13 @@ sp_256_mont_sub_dbl_4 PROC
pop r13
pop r12
ret
-sp_256_mont_sub_dbl_4 ENDP
-_text ENDS
-; /* Two Montgomery numbers, subtract second from first and double.
-; * (r = 2.(a - b) % m).
-; *
-; * b must have came from a mont_sub operation.
-; *
-; * r Result of subtration.
-; * a Number to subtract from in Montgomery form.
-; * b Number to subtract with in Montgomery form.
-; * m Modulus (prime).
-; */
-_text SEGMENT READONLY PARA
-sp_256_mont_dbl_sub_4 PROC
- push r12
- push r13
- mov rax, QWORD PTR [rdx]
- mov r9, QWORD PTR [rdx+8]
- mov r10, QWORD PTR [rdx+16]
- mov r11, QWORD PTR [rdx+24]
- sub rax, QWORD PTR [r8]
- mov r12, 4294967295
- sbb r9, QWORD PTR [r8+8]
- mov r13, 18446744069414584321
- sbb r10, QWORD PTR [r8+16]
- sbb r11, QWORD PTR [r8+24]
- sbb r8, r8
- and r12, r8
- and r13, r8
- add rax, r8
- adc r9, r12
- adc r10, 0
- adc r11, r13
- add rax, rax
- mov r12, 4294967295
- adc r9, r9
- mov r13, 18446744069414584321
- adc r10, r10
- adc r11, r11
- sbb r8, r8
- and r12, r8
- and r13, r8
- sub rax, r8
- sbb r9, r12
- mov QWORD PTR [rcx], rax
- sbb r10, 0
- mov QWORD PTR [rcx+8], r9
- sbb r11, r13
- mov QWORD PTR [rcx+16], r10
- mov QWORD PTR [rcx+24], r11
- pop r13
- pop r12
- ret
-sp_256_mont_dbl_sub_4 ENDP
+sp_256_mont_rsb_sub_dbl_4 ENDP
_text ENDS
IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible point that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of point to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -55932,7 +55800,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible point that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of point to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -55990,7 +55858,7 @@ IFDEF HAVE_INTEL_AVX2
; * a First number to multiply in Montgomery form.
; * b Second number to multiply in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_256_mont_mul_avx2_4 PROC
@@ -56005,11 +55873,12 @@ sp_256_mont_mul_avx2_4 PROC
mov rbp, r8
mov rax, rdx
mov rdx, QWORD PTR [rax]
+ mov r14, QWORD PTR [rbp+8]
; A[0] * B[0]
mulx r9, r8, QWORD PTR [rbp]
xor rbx, rbx
; A[0] * B[1]
- mulx r10, rdi, QWORD PTR [rbp+8]
+ mulx r10, rdi, r14
adcx r9, rdi
; A[0] * B[2]
mulx r11, rdi, QWORD PTR [rbp+16]
@@ -56024,7 +55893,7 @@ sp_256_mont_mul_avx2_4 PROC
xor rbx, rbx
adcx r9, rdi
; A[1] * B[1]
- mulx r15, rdi, QWORD PTR [rbp+8]
+ mulx r15, rdi, r14
adox r10, rsi
adcx r10, rdi
; A[1] * B[2]
@@ -56043,7 +55912,7 @@ sp_256_mont_mul_avx2_4 PROC
xor rbx, rbx
adcx r10, rdi
; A[2] * B[1]
- mulx r15, rdi, QWORD PTR [rbp+8]
+ mulx r15, rdi, r14
adox r11, rsi
adcx r11, rdi
; A[2] * B[2]
@@ -56133,11 +56002,10 @@ sp_256_mont_mul_avx2_4 PROC
adc r15, 0
sbb r8, 0
mov rax, 18446744069414584321
- mov rdi, r8
; mask m and sub from result if overflow
; m[0] = -1 & mask = mask
- shr rdi, 32
; m[2] = 0 & mask = 0
+ mov edi, r8d
and rax, r8
sub r12, r8
sbb r13, rdi
@@ -56165,7 +56033,7 @@ IFDEF HAVE_INTEL_AVX2
; * r Result of squaring.
; * a Number to square in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_256_mont_sqr_avx2_4 PROC
@@ -56292,11 +56160,10 @@ sp_256_mont_sqr_avx2_4 PROC
adc r15, 0
sbb r8, 0
mov rax, 18446744069414584321
- mov rdi, r8
; mask m and sub from result if overflow
; m[0] = -1 & mask = mask
- shr rdi, 32
; m[2] = 0 & mask = 0
+ mov edi, r8d
and rax, r8
sub r12, r8
sbb r13, rdi
@@ -56373,7 +56240,7 @@ IFDEF HAVE_INTEL_AVX2
; * mp The digit representing the negative inverse of m mod 2^n.
; */
_text SEGMENT READONLY PARA
-sp_256_mont_reduce_avx2_order_4 PROC
+sp_256_mont_reduce_order_avx2_4 PROC
push r12
push r13
push r14
@@ -56521,7 +56388,7 @@ sp_256_mont_reduce_avx2_order_4 PROC
pop r13
pop r12
ret
-sp_256_mont_reduce_avx2_order_4 ENDP
+sp_256_mont_reduce_order_avx2_4 ENDP
_text ENDS
ENDIF
IFDEF HAVE_INTEL_AVX2
@@ -56532,19 +56399,18 @@ IFDEF HAVE_INTEL_AVX2
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_256_div2_avx2_4 PROC
+sp_256_mont_div2_avx2_4 PROC
push r12
push r13
mov rax, QWORD PTR [rdx]
mov r8, QWORD PTR [rdx+8]
mov r9, QWORD PTR [rdx+16]
mov r10, QWORD PTR [rdx+24]
- mov r11, 4294967295
mov r12, 18446744069414584321
mov r13, rax
and r13, 1
neg r13
- and r11, r13
+ mov r11d, r13d
and r12, r13
add rax, r13
adc r8, r11
@@ -56563,14 +56429,14 @@ sp_256_div2_avx2_4 PROC
pop r13
pop r12
ret
-sp_256_div2_avx2_4 ENDP
+sp_256_mont_div2_avx2_4 ENDP
_text ENDS
ENDIF
IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -56633,7 +56499,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -56678,7 +56544,7 @@ IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -56741,7 +56607,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -57150,11 +57016,12 @@ sp_256_mont_mul_order_avx2_4 PROC
mov rbp, r8
mov rax, rdx
mov rdx, QWORD PTR [rax]
+ mov r14, QWORD PTR [rbp+8]
; A[0] * B[0]
mulx r9, r8, QWORD PTR [rbp]
xor rbx, rbx
; A[0] * B[1]
- mulx r10, rdi, QWORD PTR [rbp+8]
+ mulx r10, rdi, r14
adcx r9, rdi
; A[0] * B[2]
mulx r11, rdi, QWORD PTR [rbp+16]
@@ -57169,7 +57036,7 @@ sp_256_mont_mul_order_avx2_4 PROC
xor rbx, rbx
adcx r9, rdi
; A[1] * B[1]
- mulx r15, rdi, QWORD PTR [rbp+8]
+ mulx r15, rdi, r14
adox r10, rsi
adcx r10, rdi
; A[1] * B[2]
@@ -57188,7 +57055,7 @@ sp_256_mont_mul_order_avx2_4 PROC
xor rbx, rbx
adcx r10, rdi
; A[2] * B[1]
- mulx r15, rdi, QWORD PTR [rbp+8]
+ mulx r15, rdi, r14
adox r11, rsi
adcx r11, rdi
; A[2] * B[2]
@@ -59310,11 +59177,10 @@ sp_384_mont_reduce_6 PROC
; Subtract mod if carry
neg r11
mov r10, 18446744073709551614
- mov r8, r11
+ mov r8d, r11d
mov r9, r11
- shr r8, 32
- shl r9, 32
and r10, r11
+ shl r9, 32
sub rbx, r8
sbb rbp, r9
sbb r12, r10
@@ -59533,7 +59399,6 @@ sp_384_mont_add_6 PROC
mov r12, QWORD PTR [rdx+32]
mov r13, QWORD PTR [rdx+40]
add rax, QWORD PTR [r8]
- mov r14, 4294967295
adc r9, QWORD PTR [r8+8]
mov r15, 18446744069414584320
adc r10, QWORD PTR [r8+16]
@@ -59542,7 +59407,7 @@ sp_384_mont_add_6 PROC
adc r12, QWORD PTR [r8+32]
adc r13, QWORD PTR [r8+40]
sbb rdx, rdx
- and r14, rdx
+ mov r14d, edx
and r15, rdx
and rdi, rdx
sub rax, r14
@@ -59595,16 +59460,16 @@ sp_384_mont_dbl_6 PROC
mov r11, QWORD PTR [rdx+32]
mov r12, QWORD PTR [rdx+40]
add rax, rax
- mov r13, 4294967295
adc r8, r8
mov r14, 18446744069414584320
adc r9, r9
mov r15, 18446744073709551614
adc r10, r10
adc r11, r11
+ mov rdi, r12
adc r12, r12
- sbb rdi, rdi
- and r13, rdi
+ sar rdi, 63
+ mov r13d, edi
and r14, rdi
and r15, rdi
sub rax, r13
@@ -59657,7 +59522,6 @@ sp_384_mont_tpl_6 PROC
mov r11, QWORD PTR [rdx+32]
mov r12, QWORD PTR [rdx+40]
add rax, rax
- mov r13, 4294967295
adc r8, r8
mov r14, 18446744069414584320
adc r9, r9
@@ -59666,7 +59530,7 @@ sp_384_mont_tpl_6 PROC
adc r11, r11
adc r12, r12
sbb rdi, rdi
- and r13, rdi
+ mov r13d, edi
and r14, rdi
and r15, rdi
sub rax, r13
@@ -59687,7 +59551,6 @@ sp_384_mont_tpl_6 PROC
sbb r11, rdi
sbb r12, rdi
add rax, QWORD PTR [rdx]
- mov r13, 4294967295
adc r8, QWORD PTR [rdx+8]
mov r14, 18446744069414584320
adc r9, QWORD PTR [rdx+16]
@@ -59696,7 +59559,7 @@ sp_384_mont_tpl_6 PROC
adc r11, QWORD PTR [rdx+32]
adc r12, QWORD PTR [rdx+40]
sbb rdi, rdi
- and r13, rdi
+ mov r13d, edi
and r14, rdi
and r15, rdi
sub rax, r13
@@ -59750,7 +59613,6 @@ sp_384_mont_sub_6 PROC
mov r12, QWORD PTR [rdx+32]
mov r13, QWORD PTR [rdx+40]
sub rax, QWORD PTR [r8]
- mov r14, 4294967295
sbb r9, QWORD PTR [r8+8]
mov r15, 18446744069414584320
sbb r10, QWORD PTR [r8+16]
@@ -59759,7 +59621,7 @@ sp_384_mont_sub_6 PROC
sbb r12, QWORD PTR [r8+32]
sbb r13, QWORD PTR [r8+40]
sbb rdx, rdx
- and r14, rdx
+ mov r14d, edx
and r15, rdx
and rdi, rdx
add rax, r14
@@ -59792,61 +59654,6 @@ sp_384_mont_sub_6 PROC
ret
sp_384_mont_sub_6 ENDP
_text ENDS
-; /* Subtract two Montgomery form numbers (r = a - b % m).
-; *
-; * b is less than the modulus.
-; *
-; * r Result of subtration.
-; * a Number to subtract from in Montgomery form.
-; * b Number to subtract with in Montgomery form.
-; * m Modulus (prime).
-; */
-_text SEGMENT READONLY PARA
-sp_384_mont_sub_lower_6 PROC
- push r12
- push r13
- push r14
- push r15
- push rdi
- mov rax, QWORD PTR [rdx]
- mov r9, QWORD PTR [rdx+8]
- mov r10, QWORD PTR [rdx+16]
- mov r11, QWORD PTR [rdx+24]
- mov r12, QWORD PTR [rdx+32]
- mov r13, QWORD PTR [rdx+40]
- sub rax, QWORD PTR [r8]
- mov r14, 4294967295
- sbb r9, QWORD PTR [r8+8]
- mov r15, 18446744069414584320
- sbb r10, QWORD PTR [r8+16]
- mov rdi, 18446744073709551614
- sbb r11, QWORD PTR [r8+24]
- sbb r12, QWORD PTR [r8+32]
- sbb r13, QWORD PTR [r8+40]
- sbb rdx, rdx
- and r14, rdx
- and r15, rdx
- and rdi, rdx
- add rax, r14
- adc r9, r15
- mov QWORD PTR [rcx], rax
- adc r10, rdi
- mov QWORD PTR [rcx+8], r9
- adc r11, rdx
- mov QWORD PTR [rcx+16], r10
- adc r12, rdx
- mov QWORD PTR [rcx+24], r11
- adc r13, rdx
- mov QWORD PTR [rcx+32], r12
- mov QWORD PTR [rcx+40], r13
- pop rdi
- pop r15
- pop r14
- pop r13
- pop r12
- ret
-sp_384_mont_sub_lower_6 ENDP
-_text ENDS
; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
; *
; * r Result of division by 2.
@@ -59854,7 +59661,7 @@ _text ENDS
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_384_div2_6 PROC
+sp_384_mont_div2_6 PROC
push r12
push r13
sub rsp, 48
@@ -59915,151 +59722,13 @@ sp_384_div2_6 PROC
pop r13
pop r12
ret
-sp_384_div2_6 ENDP
-_text ENDS
-; /* Double a Montgomery form number (r = a + a % m).
-; *
-; * a is less than m.
-; *
-; * r Result of doubling.
-; * a Number to double in Montgomery form.
-; * m Modulus (prime).
-; */
-_text SEGMENT READONLY PARA
-sp_384_mont_dbl_lower_6 PROC
- push r12
- push r13
- push r14
- push r15
- push rdi
- mov rax, QWORD PTR [rdx]
- mov r8, QWORD PTR [rdx+8]
- mov r9, QWORD PTR [rdx+16]
- mov r10, QWORD PTR [rdx+24]
- mov r11, QWORD PTR [rdx+32]
- mov r12, QWORD PTR [rdx+40]
- add rax, rax
- mov r13, 4294967295
- adc r8, r8
- mov r14, 18446744069414584320
- adc r9, r9
- mov r15, 18446744073709551614
- adc r10, r10
- adc r11, r11
- adc r12, r12
- sbb rdi, rdi
- and r13, rdi
- and r14, rdi
- and r15, rdi
- sub rax, r13
- sbb r8, r14
- mov QWORD PTR [rcx], rax
- sbb r9, r15
- mov QWORD PTR [rcx+8], r8
- sbb r10, rdi
- mov QWORD PTR [rcx+16], r9
- sbb r11, rdi
- mov QWORD PTR [rcx+24], r10
- sbb r12, rdi
- mov QWORD PTR [rcx+32], r11
- mov QWORD PTR [rcx+40], r12
- pop rdi
- pop r15
- pop r14
- pop r13
- pop r12
- ret
-sp_384_mont_dbl_lower_6 ENDP
-_text ENDS
-; /* Double a Montgomery form number (r = a + a % m).
-; *
-; * a is less than m.
-; *
-; * r Result of doubling.
-; * a Number to double in Montgomery form.
-; * m Modulus (prime).
-; */
-_text SEGMENT READONLY PARA
-sp_384_mont_tpl_lower_6 PROC
- push r12
- push r13
- push r14
- push r15
- push rdi
- mov rax, QWORD PTR [rdx]
- mov r8, QWORD PTR [rdx+8]
- mov r9, QWORD PTR [rdx+16]
- mov r10, QWORD PTR [rdx+24]
- mov r11, QWORD PTR [rdx+32]
- mov r12, QWORD PTR [rdx+40]
- add rax, rax
- mov r13, 4294967295
- adc r8, r8
- mov r14, 18446744069414584320
- adc r9, r9
- mov r15, 18446744073709551614
- adc r10, r10
- adc r11, r11
- adc r12, r12
- sbb rdi, rdi
- and r13, rdi
- and r14, rdi
- and r15, rdi
- sub rax, r13
- sbb r8, r14
- mov QWORD PTR [rcx], rax
- sbb r9, r15
- sbb r10, rdi
- sbb r11, rdi
- sbb r12, rdi
- add rax, QWORD PTR [rdx]
- mov r13, 4294967295
- adc r8, QWORD PTR [rdx+8]
- mov r14, 18446744069414584320
- adc r9, QWORD PTR [rdx+16]
- mov r15, 18446744073709551614
- adc r10, QWORD PTR [rdx+24]
- adc r11, QWORD PTR [rdx+32]
- adc r12, QWORD PTR [rdx+40]
- sbb rdi, rdi
- and r13, rdi
- and r14, rdi
- and r15, rdi
- sub rax, r13
- sbb r8, r14
- sbb r9, r15
- sbb r10, rdi
- sbb r11, rdi
- sbb r12, rdi
- adc rdi, 0
- and r13, rdi
- and r14, rdi
- and r15, rdi
- sub rax, r13
- sbb r8, r14
- mov QWORD PTR [rcx], rax
- sbb r9, r15
- mov QWORD PTR [rcx+8], r8
- sbb r10, rdi
- mov QWORD PTR [rcx+16], r9
- sbb r11, rdi
- mov QWORD PTR [rcx+24], r10
- sbb r12, rdi
- mov QWORD PTR [rcx+32], r11
- mov QWORD PTR [rcx+40], r12
- pop rdi
- pop r15
- pop r14
- pop r13
- pop r12
- ret
-sp_384_mont_tpl_lower_6 ENDP
+sp_384_mont_div2_6 ENDP
_text ENDS
IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible point that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of point to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -60170,7 +59839,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible point that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of point to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -60626,7 +60295,7 @@ IFDEF HAVE_INTEL_AVX2
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_384_div2_avx2_6 PROC
+sp_384_mont_div2_avx2_6 PROC
push r12
push r13
mov r13, QWORD PTR [rdx]
@@ -60686,14 +60355,14 @@ sp_384_div2_avx2_6 PROC
pop r13
pop r12
ret
-sp_384_div2_avx2_6 ENDP
+sp_384_mont_div2_avx2_6 ENDP
_text ENDS
ENDIF
IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -60774,7 +60443,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -60837,7 +60506,7 @@ IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -60918,7 +60587,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -63604,7 +63273,7 @@ _text ENDS
; * a First number to multiply in Montgomery form.
; * b Second number to multiply in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_521_mont_mul_9 PROC
@@ -64194,7 +63863,7 @@ _text ENDS
; * r Result of squaring.
; * a Number to square in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_521_mont_sqr_9 PROC
@@ -65318,7 +64987,7 @@ _text ENDS
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_521_div2_9 PROC
+sp_521_mont_div2_9 PROC
push r12
push r13
push r14
@@ -65370,13 +65039,13 @@ sp_521_div2_9 PROC
pop r13
pop r12
ret
-sp_521_div2_9 ENDP
+sp_521_mont_div2_9 ENDP
_text ENDS
IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible point that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of point to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -65536,7 +65205,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible point that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of point to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -65652,7 +65321,7 @@ IFDEF HAVE_INTEL_AVX2
; * a First number to multiply in Montgomery form.
; * b Second number to multiply in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_521_mont_mul_avx2_9 PROC
@@ -66262,7 +65931,7 @@ IFDEF HAVE_INTEL_AVX2
; * r Result of squaring.
; * a Number to square in Montgomery form.
; * m Modulus (prime).
-; * mp Montgomery mulitplier.
+; * mp Montgomery multiplier.
; */
_text SEGMENT READONLY PARA
sp_521_mont_sqr_avx2_9 PROC
@@ -67082,7 +66751,7 @@ IFDEF HAVE_INTEL_AVX2
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_521_div2_avx2_9 PROC
+sp_521_mont_div2_avx2_9 PROC
push r12
push r13
push r14
@@ -67134,14 +66803,14 @@ sp_521_div2_avx2_9 PROC
pop r13
pop r12
ret
-sp_521_div2_avx2_9 ENDP
+sp_521_mont_div2_avx2_9 ENDP
_text ENDS
ENDIF
IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -67273,7 +66942,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -67358,7 +67027,7 @@ IFNDEF WC_NO_CACHE_RESISTANT
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -67490,7 +67159,7 @@ IFDEF HAVE_INTEL_AVX2
; /* Touch each possible entry that could be being copied.
; *
; * r Point to copy into.
-; * table Table - start of the entires to access
+; * table Table - start of the entries to access
; * idx Index of entry to retrieve.
; */
_text SEGMENT READONLY PARA
@@ -75733,7 +75402,7 @@ _text ENDS
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_1024_div2_16 PROC
+sp_1024_mont_div2_16 PROC
push r12
push r13
sub rsp, 128
@@ -75874,67 +75543,7 @@ sp_1024_div2_16 PROC
pop r13
pop r12
ret
-sp_1024_div2_16 ENDP
-_text ENDS
-; /* Sub b from a into r. (r = a - b)
-; *
-; * r A single precision integer.
-; * a A single precision integer.
-; * b A single precision integer.
-; */
-_text SEGMENT READONLY PARA
-sp_1024_sub_16 PROC
- mov r9, QWORD PTR [rdx]
- sub r9, QWORD PTR [r8]
- mov r10, QWORD PTR [rdx+8]
- mov QWORD PTR [rcx], r9
- sbb r10, QWORD PTR [r8+8]
- mov r9, QWORD PTR [rdx+16]
- mov QWORD PTR [rcx+8], r10
- sbb r9, QWORD PTR [r8+16]
- mov r10, QWORD PTR [rdx+24]
- mov QWORD PTR [rcx+16], r9
- sbb r10, QWORD PTR [r8+24]
- mov r9, QWORD PTR [rdx+32]
- mov QWORD PTR [rcx+24], r10
- sbb r9, QWORD PTR [r8+32]
- mov r10, QWORD PTR [rdx+40]
- mov QWORD PTR [rcx+32], r9
- sbb r10, QWORD PTR [r8+40]
- mov r9, QWORD PTR [rdx+48]
- mov QWORD PTR [rcx+40], r10
- sbb r9, QWORD PTR [r8+48]
- mov r10, QWORD PTR [rdx+56]
- mov QWORD PTR [rcx+48], r9
- sbb r10, QWORD PTR [r8+56]
- mov r9, QWORD PTR [rdx+64]
- mov QWORD PTR [rcx+56], r10
- sbb r9, QWORD PTR [r8+64]
- mov r10, QWORD PTR [rdx+72]
- mov QWORD PTR [rcx+64], r9
- sbb r10, QWORD PTR [r8+72]
- mov r9, QWORD PTR [rdx+80]
- mov QWORD PTR [rcx+72], r10
- sbb r9, QWORD PTR [r8+80]
- mov r10, QWORD PTR [rdx+88]
- mov QWORD PTR [rcx+80], r9
- sbb r10, QWORD PTR [r8+88]
- mov r9, QWORD PTR [rdx+96]
- mov QWORD PTR [rcx+88], r10
- sbb r9, QWORD PTR [r8+96]
- mov r10, QWORD PTR [rdx+104]
- mov QWORD PTR [rcx+96], r9
- sbb r10, QWORD PTR [r8+104]
- mov r9, QWORD PTR [rdx+112]
- mov QWORD PTR [rcx+104], r10
- sbb r9, QWORD PTR [r8+112]
- mov r10, QWORD PTR [rdx+120]
- mov QWORD PTR [rcx+112], r9
- sbb r10, QWORD PTR [r8+120]
- mov QWORD PTR [rcx+120], r10
- sbb rax, rax
- ret
-sp_1024_sub_16 ENDP
+sp_1024_mont_div2_16 ENDP
_text ENDS
IFDEF HAVE_INTEL_AVX2
; /* Reduce the number back to 1024 bits using Montgomery reduction.
@@ -77012,7 +76621,7 @@ IFDEF HAVE_INTEL_AVX2
; * m Modulus (prime).
; */
_text SEGMENT READONLY PARA
-sp_1024_div2_avx2_16 PROC
+sp_1024_mont_div2_avx2_16 PROC
push r12
push r13
mov r13, QWORD PTR [rdx]
@@ -77152,7 +76761,7 @@ sp_1024_div2_avx2_16 PROC
pop r13
pop r12
ret
-sp_1024_div2_avx2_16 ENDP
+sp_1024_mont_div2_avx2_16 ENDP
_text ENDS
ENDIF
; /* Read big endian unsigned byte array into r.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c
index 2600b775..65bb57a9 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c
@@ -76,22 +76,22 @@ int wc_sphincs_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
if (ret == 0) {
if ((key->optim == FAST_VARIANT) && (key->level == 1)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128f_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128f_simple);
}
else if ((key->optim == FAST_VARIANT) && (key->level == 3)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192f_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192f_simple);
}
else if ((key->optim == FAST_VARIANT) && (key->level == 5)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256f_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256f_simple);
}
else if ((key->optim == SMALL_VARIANT) && (key->level == 1)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128s_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128s_simple);
}
else if ((key->optim == SMALL_VARIANT) && (key->level == 3)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192s_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192s_simple);
}
else if ((key->optim == SMALL_VARIANT) && (key->level == 5)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256s_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256s_simple);
}
if (oqssig == NULL) {
@@ -183,22 +183,22 @@ int wc_sphincs_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
if (ret == 0) {
if ((key->optim == FAST_VARIANT) && (key->level == 1)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128f_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128f_simple);
}
else if ((key->optim == FAST_VARIANT) && (key->level == 3)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192f_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192f_simple);
}
else if ((key->optim == FAST_VARIANT) && (key->level == 5)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256f_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256f_simple);
}
else if ((key->optim == SMALL_VARIANT) && (key->level == 1)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128s_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128s_simple);
}
else if ((key->optim == SMALL_VARIANT) && (key->level == 3)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192s_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192s_simple);
}
else if ((key->optim == SMALL_VARIANT) && (key->level == 5)) {
- oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256s_simple);
+ oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256s_simple);
}
if (oqssig == NULL) {
@@ -244,7 +244,7 @@ int wc_sphincs_init(sphincs_key* key)
/* Set the level of the sphincs private/public key.
*
* key [out] Sphincs key.
- * level [in] Either 2,3 or 5.
+ * level [in] Either 1, 3 or 5.
* optim [in] Either FAST_VARIANT or SMALL_VARIANT.
* returns BAD_FUNC_ARG when key is NULL or level or optim are bad values.
*/
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c
index 48d6b3bc..1b07f5d5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c
@@ -52,6 +52,39 @@
#include <wolfcrypt/src/asm.c> /* will define asm MACROS or C ones */
#include <wolfssl/wolfcrypt/wolfmath.h> /* common functions */
+#ifdef WOLFSSL_ESPIDF
+ #include <esp_log.h>
+ #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#endif
+
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
+ static const char* TAG = "TFM"; /* esp log breadcrumb */
+ #if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+ /* Each individual math HW can be turned on or off.
+ * Listed in order of complexity and historical difficulty. */
+ #define WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #define WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ #define WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #endif
+
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+ #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ #endif
+
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+ #endif
+
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+ #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ #endif
+
+ /* Note with HW there's a ESP_RSA_EXPT_XBITS setting
+ * as for some small numbers, SW may be faster.
+ * See ESP_LOGV messages for ESP_RSA_EXPT_XBITS values. */
+
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI */
+
#if defined(FREESCALE_LTC_TFM)
#include <wolfssl/wolfcrypt/port/nxp/ksdk_port.h>
#endif
@@ -139,11 +172,44 @@ int s_fp_add(fp_int *a, fp_int *b, fp_int *c)
c->used = y;
t = 0;
+#ifdef HONOR_MATH_USED_LENGTH
+ for (x = 0; x < y; x++) {
+ if ( (x < a->used) && (x < b->used) ) {
+ /* x is less than both [a].used and [b].used, so we add both */
+ t += ((fp_word)a->dp[x]) + ((fp_word)b->dp[x]);
+ }
+ else {
+ /* Here we honor the actual [a].used and [b].used values
+ * and NOT assume that values beyond [used] are zero. */
+ if ((x >= a->used) && (x < b->used)) {
+ /* x more than [a].used, [b] ok, so just add [b] */
+ t += /* ((fp_word)(0)) + */ ((fp_word)b->dp[x]);
+ }
+ else {
+ if ((x < a->used) && (x >= b->used)) {
+ /* x more than [b].used, [a] ok, so just add [a] */
+ t += ((fp_word)a->dp[x]) /* + (fp_word)(0) */;
+ }
+ else {
+ /* we should never get here, as a.used cannot be greater
+ * than b.used, while b.used is greater than a.used! */
+ /* t += 0 + 0 */
+ }
+ }
+ }
+ c->dp[x] = (fp_digit)t;
+ t >>= DIGIT_BIT;
+ }
+
+#else
+ /* the original code */
for (x = 0; x < y; x++) {
t += ((fp_word)a->dp[x]) + ((fp_word)b->dp[x]);
c->dp[x] = (fp_digit)t;
t >>= DIGIT_BIT;
}
+#endif /* HONOR_MATH_USED_LENGTH */
+
if (t != 0) {
if (x == FP_SIZE)
return FP_VAL;
@@ -229,15 +295,9 @@ void s_fp_sub(fp_int *a, fp_int *b, fp_int *c)
/* c = a * b */
int fp_mul(fp_int *A, fp_int *B, fp_int *C)
{
- int ret = 0;
+ int ret = FP_OKAY;
int y, yy, oldused;
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- ret = esp_mp_mul(A, B, C);
- if(ret != -2) return ret;
-#endif
-
oldused = C->used;
y = MAX(A->used, B->used);
@@ -249,6 +309,36 @@ int fp_mul(fp_int *A, fp_int *B, fp_int *C)
goto clean;
}
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+ if (esp_hw_validation_active()) {
+ ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
+ "during active validation.");
+ }
+ else {
+ ret = esp_mp_mul(A, B, C); /* HW accelerated multiply */
+ switch (ret) {
+ case MP_OKAY:
+ goto clean; /* success */
+ break;
+
+ case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+ case MP_HW_FALLBACK: /* forced fallback from HW to SW */
+ case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+ /* fall back to software, below */
+ break;
+
+ default:
+ /* Once we've failed, exit without trying to continue.
+ * We may have mangled operands: (e.g. Z = X * Z)
+ * Future implementation may consider saving operands,
+ * but errors should never occur. */
+ goto clean; /* error */
+ break;
+ }
+ }
+ /* fall through to software calcs */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
/* pick a comba (unrolled 4/8/16/32 x or rolled) based on the size
of the largest input. We also want to avoid doing excess mults if the
inputs are not close to the next power of two. That is, for example,
@@ -536,6 +626,7 @@ WC_INLINE static int fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C)
}
#endif
+/* C = (A * B) */
int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
{
int ret = 0;
@@ -602,6 +693,8 @@ int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
COMBA_FINI;
dst->used = pa;
+
+ /* warning: WOLFSSL_SP_INT_NEGATIVE may disable negative numbers */
dst->sign = A->sign ^ B->sign;
fp_clamp(dst);
fp_copy(dst, C);
@@ -1802,7 +1895,7 @@ int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y)
switch (nb->state) {
case TFM_EXPTMOD_NB_INIT:
- /* now setup montgomery */
+ /* now setup montgomery */
if ((err = fp_montgomery_setup(P, &nb->mp)) != FP_OKAY) {
nb->state = TFM_EXPTMOD_NB_INIT;
return err;
@@ -2158,6 +2251,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P,
#ifdef WOLFSSL_SMALL_STACK
XFREE(R, NULL, DYNAMIC_TYPE_BIGINT);
#endif
+
return err;
}
@@ -2993,13 +3087,11 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P,
#undef WINSIZE
#endif
-
+/* Y = (G * X) mod P */
int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
{
-
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- int x = fp_count_bits (X);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ int retHW = FP_OKAY;
#endif
/* handle modulus of zero and prevent overflows */
@@ -3019,12 +3111,37 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
return FP_OKAY;
}
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- if(x > EPS_RSA_EXPT_XBTIS) {
- return esp_mp_exptmod(G, X, x, P, Y);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ if (esp_hw_validation_active()) {
+ ESP_LOGV(TAG, "Skipping call to esp_mp_exptmod "
+ "during active validation.");
}
-#endif
+ else {
+ /* HW accelerated exptmod */
+ retHW = esp_mp_exptmod(G, X, P, Y);
+ switch (retHW) {
+ case MP_OKAY:
+ /* successfully computed in HW */
+ return retHW;
+ break;
+
+ case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+ case MP_HW_FALLBACK: /* forced fallback from HW to SW */
+ case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+ /* use software calc */
+ break;
+
+ default:
+ /* Once we've failed, exit without trying to continue.
+ * We may have mangled operands: (e.g. Z = X * Z)
+ * Future implementation may consider saving operands,
+ * but hard errors should never actually occur. */
+ return retHW; /* error */
+ break;
+ } /* switch */
+ } /* if validation check */
+ /* fall through to software calcs */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
if (X->sign == FP_NEG) {
#ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */
@@ -3049,11 +3166,11 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
if (err == FP_OKAY) {
fp_copy(X, &tmp[1]);
tmp[1].sign = FP_ZPOS;
-#ifdef TFM_TIMING_RESISTANT
+ #ifdef TFM_TIMING_RESISTANT
err = _fp_exptmod_ct(&tmp[0], &tmp[1], tmp[1].used, P, Y);
-#else
+ #else
err = _fp_exptmod_nct(&tmp[0], &tmp[1], P, Y);
-#endif
+ #endif
if ((err == 0) && (P->sign == FP_NEG)) {
err = fp_add(Y, P, Y);
}
@@ -3064,7 +3181,7 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
return err;
#else
return FP_VAL;
-#endif
+#endif /* POSITIVE_EXP_ONLY check */
}
else if (G->used == 1 && G->dp[0] == 2) {
return _fp_exptmod_base_2(X, X->used, P, Y);
@@ -3081,10 +3198,8 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
{
-
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- int x = fp_count_bits (X);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ int retHW = FP_OKAY;
#endif
/* handle modulus of zero and prevent overflows */
@@ -3104,12 +3219,30 @@ int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
return FP_OKAY;
}
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- if(x > EPS_RSA_EXPT_XBTIS) {
- return esp_mp_exptmod(G, X, x, P, Y);
- }
-#endif
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ retHW = esp_mp_exptmod(G, X, P, Y);
+ switch (retHW) {
+ case MP_OKAY:
+ /* successfully computed in HW */
+ return retHW;
+ break;
+
+ case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+ case MP_HW_FALLBACK: /* forced fallback from HW to SW */
+ case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+ /* use software calc */
+ break;
+
+ default:
+ /* Once we've failed, exit without trying to continue.
+ * We may have mangled operands: (e.g. Z = X * Z)
+ * Future implementation may consider saving operands,
+ * but hard errors should never actually occur. */
+ return retHW;
+ break;
+ } /* HW result switch */
+ /* falling through to SW: */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
if (X->sign == FP_NEG) {
#ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */
@@ -3166,26 +3299,50 @@ int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
int fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
{
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- int x = fp_count_bits (X);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ int retHW = FP_OKAY;
#endif
+ /* handle modulus of zero and prevent overflows */
+ if (fp_iszero(P) || (P->used > (FP_SIZE/2))) {
+ return FP_VAL;
+ }
+ if (fp_isone(P)) {
+ fp_set(Y, 0);
+ return FP_OKAY;
+ }
+ if (fp_iszero(X)) {
+ fp_set(Y, 1);
+ return FP_OKAY;
+ }
if (fp_iszero(G)) {
- fp_set(G, 0);
+ fp_set(Y, 0);
return FP_OKAY;
}
- /* prevent overflows */
- if (P->used > (FP_SIZE/2)) {
- return FP_VAL;
- }
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ retHW = esp_mp_exptmod(G, X, P, Y);
+ switch (retHW) {
+ case MP_OKAY:
+ /* successfully computed in HW */
+ return retHW;
+ break;
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- if(x > EPS_RSA_EXPT_XBTIS) {
- return esp_mp_exptmod(G, X, x, P, Y);
+ case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+ case MP_HW_FALLBACK: /* forced fallback from HW to SW */
+ case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+ /* use software calc */
+ break;
+
+ default:
+ /* Once we've failed, exit without trying to continue.
+ * We may have mangled operands: (e.g. Z = X * Z)
+ * Future implementation may consider saving operands,
+ * but hard errors should never actually occur. */
+ return retHW;
+ break;
}
+ /* falling through to SW: */
#endif
if (X->sign == FP_NEG) {
@@ -3271,6 +3428,36 @@ int fp_sqr(fp_int *A, fp_int *B)
goto clean;
}
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+ if (esp_hw_validation_active()) {
+ ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
+ "during active validation.");
+ }
+ else {
+ err = esp_mp_mul(A, A, B); /* HW accelerated multiply */
+ switch (err) {
+ case MP_OKAY:
+ goto clean; /* success */
+ break;
+
+ case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+ case MP_HW_FALLBACK: /* forced fallback from HW to SW */
+ case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+ /* fall back to software, below */
+ break;
+
+ default:
+ /* Once we've failed, exit without trying to continue.
+ * We may have mangled operands: (e.g. Z = X * Z)
+ * Future implementation may consider saving operands,
+ * but errors should never occur. */
+ goto clean; /* error */
+ break;
+ }
+ }
+ /* fall through to software calcs */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
#if defined(TFM_SQR3) && FP_SIZE >= 6
if (y <= 3) {
err = fp_sqr_comba3(A,B);
@@ -3864,8 +4051,16 @@ int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c)
/* zero the int */
fp_zero (a);
+ if (c < 0) {
+ return FP_VAL;
+ }
+
+ if (c == 0) {
+ return FP_OKAY;
+ }
+
/* if input b excess max, then truncate */
- if (c > 0 && (word32)c > maxC) {
+ if ((word32)c > maxC) {
int excess = (c - maxC);
c -= excess;
b += excess;
@@ -4394,6 +4589,9 @@ void fp_clear(fp_int *a)
void fp_forcezero (mp_int * a)
{
+ if (a == NULL)
+ return;
+
int size;
a->used = 0;
a->sign = FP_ZPOS;
@@ -4491,16 +4689,32 @@ int wolfcrypt_mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
#endif
{
- #if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- int A = fp_count_bits (a);
- int B = fp_count_bits (b);
+ int ret = MP_OKAY;
+#ifdef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+ ret = esp_mp_mulmod(a, b, c, d);
+ switch (ret) {
+ case MP_OKAY:
+ /* successfully computed in HW */
+ break;
- if( A >= ESP_RSA_MULM_BITS && B >= ESP_RSA_MULM_BITS)
- return esp_mp_mulmod(a, b, c, d);
- else
- #endif
- return fp_mulmod(a, b, c, d);
+ case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+ case MP_HW_FALLBACK: /* forced fallback from HW to SW */
+ case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+ /* use software calc */
+ ret = fp_mulmod(a, b, c, d);
+ break;
+
+ default:
+ /* Once we've failed, exit without trying to continue.
+ * We may have mangled operands: (e.g. Z = X * Z)
+ * Future implementation may consider saving operands,
+ * but hard errors should never actually occur. */
+ break;
+ }
+#else /* no HW */
+ ret = fp_mulmod(a, b, c, d);
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+ return ret;
}
/* d = a - b (mod c) */
@@ -4649,6 +4863,12 @@ int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
return MP_OKAY;
}
+int mp_mod_2d(fp_int* a, int b, fp_int* c)
+{
+ fp_mod_2d(a, b, c);
+ return MP_OKAY;
+}
+
/* copy (src = a) to (dst = b) */
void fp_copy(const fp_int *a, fp_int *b)
{
@@ -4704,12 +4924,12 @@ int mp_copy(const fp_int* a, fp_int* b)
return MP_OKAY;
}
-int mp_isodd(mp_int* a)
+int mp_isodd(const mp_int* a)
{
return fp_isodd(a);
}
-int mp_iszero(mp_int* a)
+int mp_iszero(const mp_int* a)
{
return fp_iszero(a);
}
@@ -4803,21 +5023,10 @@ int mp_montgomery_calc_normalization(mp_int *a, mp_int *b)
#endif /* WOLFSSL_KEY_GEN || HAVE_ECC */
-static int fp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
+static int fp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t)
{
int i;
mp_digit mask = (mp_digit)0 - m;
-#ifndef WOLFSSL_SMALL_STACK
- fp_int t[1];
-#else
- fp_int* t;
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
- t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT);
- if (t == NULL)
- return FP_MEM;
-#endif
t->used = (a->used ^ b->used) & mask;
for (i = 0; i < c; i++) {
@@ -4832,6 +5041,26 @@ static int fp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
b->dp[i] ^= t->dp[i];
}
+ return FP_OKAY;
+}
+
+
+static int fp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m)
+{
+#ifndef WOLFSSL_SMALL_STACK
+ fp_int t[1];
+#else
+ fp_int* t;
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+ t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT);
+ if (t == NULL)
+ return FP_MEM;
+#endif
+
+ fp_cond_swap_ct_ex(a, b, c, m, t);
+
#ifdef WOLFSSL_SMALL_STACK
XFREE(t, NULL, DYNAMIC_TYPE_BIGINT);
#endif
@@ -5422,7 +5651,12 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
#endif /* !NO_RSA || !NO_DSA || !NO_DH || WOLFSSL_KEY_GEN */
-int mp_cond_swap_ct(mp_int * a, mp_int * b, int c, int m)
+int mp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t)
+{
+ return fp_cond_swap_ct_ex(a, b, c, m, t);
+}
+
+int mp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m)
{
return fp_cond_swap_ct(a, b, c, m);
}
@@ -5825,15 +6059,8 @@ int mp_read_radix(mp_int *a, const char *str, int radix)
#endif /* !defined(NO_DSA) || defined(HAVE_ECC) */
-#ifdef HAVE_ECC
-
-/* fast math conversion */
-int mp_sqr(fp_int *A, fp_int *B)
-{
- return fp_sqr(A, B);
-}
+#if defined(HAVE_ECC) || (!defined(NO_RSA) && defined(WC_RSA_BLINDING))
-/* fast math conversion */
int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
{
return fp_montgomery_reduce(a, m, mp);
@@ -5851,6 +6078,17 @@ int mp_montgomery_setup(fp_int *a, fp_digit *rho)
return fp_montgomery_setup(a, rho);
}
+#endif /* HAVE_ECC || (!NO_RSA && WC_RSA_BLINDING) */
+
+#ifdef HAVE_ECC
+
+/* fast math conversion */
+int mp_sqr(fp_int *A, fp_int *B)
+{
+ return fp_sqr(A, B);
+}
+
+/* fast math conversion */
int mp_div_2(fp_int * a, fp_int * b)
{
fp_div_2(a, b);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c
new file mode 100644
index 00000000..60e8519d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c
@@ -0,0 +1,26 @@
+/* wc_lms.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_HAVE_LMS
+ #error "Contact wolfSSL to get the implementation of this file"
+#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c
index 6ae88d79..0d7bd6e2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c
@@ -74,7 +74,7 @@
#endif
-/* Maximim length of the EC parameter string. */
+/* Maximum length of the EC parameter string. */
#define MAX_EC_PARAM_LEN 16
@@ -403,11 +403,11 @@ static void pkcs11_val(const char* op, CK_ULONG val)
}
#else
/* Disable logging of PKCS#11 calls and return value. */
-#define PKCS11_RV(op, ev)
+#define PKCS11_RV(op, ev) WC_DO_NOTHING
/* Disable logging of PKCS#11 calls and value. */
-#define PKCS11_VAL(op, val)
+#define PKCS11_VAL(op, val) WC_DO_NOTHING
/* Disable logging of PKCS#11 template. */
-#define PKCS11_DUMP_TEMPLATE(name, templ, cnt)
+#define PKCS11_DUMP_TEMPLATE(name, templ, cnt) WC_DO_NOTHING
#endif
/**
@@ -3755,7 +3755,12 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
int ret = 0;
Pkcs11Token* token = (Pkcs11Token*)ctx;
Pkcs11Session session;
+
+#ifdef WOLFSSL_PKCS11_RW_TOKENS
+ int readWrite = 1;
+#else
int readWrite = 0;
+#endif
if (devId <= INVALID_DEVID || info == NULL || ctx == NULL)
ret = BAD_FUNC_ARG;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c
index b6b8c1fd..ef61df84 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c
@@ -61,9 +61,8 @@
#if defined(WOLFSSL_RENESAS_TSIP)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
#endif
#if defined(WOLFSSL_RENESAS_RX64_HASH)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h>
@@ -85,6 +84,9 @@
#if defined(WOLFSSL_CAAM)
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#endif
+#if defined(HAVE_ARIA)
+ #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+#endif
#if defined(WOLFSSL_DEVCRYPTO)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
@@ -171,7 +173,7 @@ int wolfCrypt_Init(void)
}
#endif
- #if defined(WOLFSSL_RENESAS_TSIP_CRYPT)
+ #if defined(WOLFSSL_RENESAS_TSIP)
ret = tsip_Open( );
if( ret != TSIP_SUCCESS ) {
WOLFSSL_MSG("RENESAS TSIP Open failed");
@@ -191,9 +193,8 @@ int wolfCrypt_Init(void)
}
#endif
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- ret = wc_sce_Open( );
+ #if defined(WOLFSSL_RENESAS_FSPSM)
+ ret = wc_fspsm_Open( );
if( ret != FSP_SUCCESS ) {
WOLFSSL_MSG("RENESAS SCE Open failed");
/* not return 1 since WOLFSSL_SUCCESS=1*/
@@ -367,6 +368,12 @@ int wolfCrypt_Init(void)
}
#endif
+#if defined(HAVE_ARIA)
+ if ((ret = wc_AriaInit()) != 0) {
+ return ret;
+ }
+#endif
+
#ifdef WOLFSSL_IMXRT_DCP
if ((ret = wc_dcp_init()) != 0) {
return ret;
@@ -385,7 +392,7 @@ int wolfCrypt_Init(void)
return ret;
}
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
long wolfCrypt_heap_peakAllocs_checkpoint(void) {
long ret = ourMemStats.peakAllocsTripOdometer;
ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs -
@@ -441,9 +448,8 @@ int wolfCrypt_Cleanup(void)
rx64_hw_Close();
#endif
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- wc_sce_Close();
+ #if defined(WOLFSSL_RENESAS_FSPSM)
+ wc_fspsm_Close();
#endif
#ifdef WOLFSSL_SCE
@@ -459,7 +465,7 @@ int wolfCrypt_Cleanup(void)
#ifdef WOLFSSL_SILABS_SE_ACCEL
ret = sl_se_deinit();
#endif
- #if defined(WOLFSSL_RENESAS_TSIP_CRYPT)
+ #if defined(WOLFSSL_RENESAS_TSIP)
tsip_Close();
#endif
#if defined(WOLFSSL_DEVCRYPTO)
@@ -477,7 +483,11 @@ int wolfCrypt_Cleanup(void)
Entropy_Final();
#endif
- #ifdef WOLFSSL_MEM_FAIL_COUNT
+ #ifdef WOLF_CRYPTO_CB
+ wc_CryptoCb_Cleanup();
+ #endif
+
+ #if defined(WOLFSSL_MEM_FAIL_COUNT) && defined(WOLFCRYPT_ONLY)
wc_MemFailCount_Free();
#endif
#ifdef WOLFSSL_CHECK_MEM_ZERO
@@ -963,6 +973,7 @@ XFILE z_fs_open(const char* filename, const char* mode)
file = (XFILE)XMALLOC(sizeof(*file), NULL, DYNAMIC_TYPE_FILE);
if (file != NULL) {
+ fs_file_t_init(file);
if (fs_open(file, filename, flags) != 0) {
XFREE(file, NULL, DYNAMIC_TYPE_FILE);
file = NULL;
@@ -1342,6 +1353,14 @@ int wolfSSL_CryptHwMutexUnLock(void)
compat_mutex_cb = cb;
return 0;
}
+
+ /* Gets the current callback function in use for locking/unlocking mutex
+ *
+ */
+ mutex_cb* wc_GetMutexCb(void)
+ {
+ return compat_mutex_cb;
+ }
#endif /* defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) */
#ifdef SINGLE_THREADED
@@ -1470,7 +1489,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
return 0;
}
-#elif defined(USE_WINDOWS_API)
+#elif defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS)
int wc_InitMutex(wolfSSL_Mutex* m)
{
@@ -1721,7 +1740,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
#ifdef WOLFSSL_USE_RWLOCK
int wc_InitRwLock(wolfSSL_RwLock* m)
{
- if (pthread_rwlock_init(m, 0) == 0)
+ if (pthread_rwlock_init(m, NULL) == 0)
return 0;
else
return BAD_MUTEX_E;
@@ -1762,7 +1781,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
int wc_InitMutex(wolfSSL_Mutex* m)
{
- if (pthread_mutex_init(m, 0) == 0)
+ if (pthread_mutex_init(m, NULL) == 0)
return 0;
else
return BAD_MUTEX_E;
@@ -2031,7 +2050,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
}
#elif defined(EBSNET)
-
+ #if (defined(RTPLATFORM) && (RTPLATFORM != 0))
int wc_InitMutex(wolfSSL_Mutex* m)
{
if (rtp_sig_mutex_alloc(m, "wolfSSL Mutex") == -1)
@@ -2072,6 +2091,66 @@ int wolfSSL_CryptHwMutexUnLock(void)
return(retval);
}
+ #else
+ static int rtip_semaphore_build(wolfSSL_Mutex *m)
+ {
+ KS_SEMAPHORE_BUILD(m)
+ return(RTP_TRUE);
+ }
+
+ int wc_InitMutex(wolfSSL_Mutex* m)
+ {
+ if (rtip_semaphore_build(m) == RTP_FALSE)
+ return BAD_MUTEX_E;
+ else
+ return 0;
+ }
+
+ int wc_FreeMutex(wolfSSL_Mutex* m)
+ {
+ KS_SEMAPHORE_FREE(*m);
+ return 0;
+ }
+
+ int wc_LockMutex(wolfSSL_Mutex* m)
+ {
+ if (KS_SEMAPHORE_GET(*m))
+ return 0;
+ else
+ return BAD_MUTEX_E;
+ }
+
+ int wc_UnLockMutex(wolfSSL_Mutex* m)
+ {
+ KS_SEMAPHORE_GIVE(*m);
+ return 0;
+ }
+ #endif
+ int ebsnet_fseek(int a, long b, int c)
+ {
+ int retval;
+
+ retval = (int)vf_lseek(a, b, c);
+ if (retval > 0)
+ retval = 0;
+ else
+ retval = -1;
+
+ return(retval);
+ }
+
+ int strcasecmp(const char *s1, const char *s2)
+ {
+ while (rtp_tolower(*s1) == rtp_tolower(*s2)) {
+ if (*s1 == '\0' || *s2 == '\0')
+ break;
+ s1++;
+ s2++;
+ }
+
+ return rtp_tolower(*(unsigned char *) s1) -
+ rtp_tolower(*(unsigned char *) s2);
+ }
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
@@ -2730,6 +2809,35 @@ int wolfSSL_CryptHwMutexUnLock(void)
return 0;
}
+#elif defined(NETOS)
+
+ int wc_InitMutex(wolfSSL_Mutex* m)
+ {
+ if (tx_mutex_create(&ready->mutex, "wolfSSL Lock", TX_INHERIT)
+ == TX_SUCCESS)
+ return 0;
+ else
+ return BAD_MUTEX_E;
+ }
+
+ int wc_FreeMutex(wolfSSL_Mutex* m)
+ {
+ if (tx_mutex_delete(&ready->mutex) == TX_SUCCESS)
+ return 0;
+ else
+ return BAD_MUTEX_E;
+ }
+
+ int wc_LockMutex(wolfSSL_Mutex* m)
+ {
+
+ }
+
+ int wc_UnLockMutex(wolfSSL_Mutex* m)
+ {
+
+ }
+
#elif defined(WOLFSSL_USER_MUTEX)
/* Use user own mutex */
@@ -2814,7 +2922,7 @@ time_t mynewt_time(time_t* timer)
#endif /* WOLFSSL_APACHE_MYNEWT */
#if defined(WOLFSSL_GMTIME)
-struct tm* gmtime(const time_t* timer)
+struct tm* gmtime_r(const time_t* timer, struct tm *ret)
{
#define YEAR0 1900
#define EPOCH_YEAR 1970
@@ -2828,8 +2936,6 @@ struct tm* gmtime(const time_t* timer)
{31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
};
- static struct tm st_time;
- struct tm* ret = &st_time;
time_t secs = *timer;
unsigned long dayclock, dayno;
int year = EPOCH_YEAR;
@@ -2863,6 +2969,12 @@ struct tm* gmtime(const time_t* timer)
return ret;
}
+
+struct tm* gmtime(const time_t* timer) {
+ static struct tm st_time;
+ return gmtime_r(timer, &st_time);
+}
+
#endif /* WOLFSSL_GMTIME */
@@ -3056,6 +3168,30 @@ time_t z_time(time_t * timer)
{
struct timespec ts;
+ #if defined(CONFIG_RTC) && \
+ (defined(CONFIG_PICOLIBC) || defined(CONFIG_NEWLIB_LIBC))
+ /* Try to obtain the actual time from an RTC */
+ static const struct device *rtc = DEVICE_DT_GET(DT_NODELABEL(rtc));
+
+ if (device_is_ready(rtc)) {
+ struct rtc_time rtc_time;
+ struct tm *tm_time = rtc_time_to_tm(&rtc_time);
+
+ int ret = rtc_get_time(rtc, &rtc_time);
+
+ if (ret == 0) {
+ time_t epochTime = mktime(tm_time);
+
+ if (timer != NULL)
+ *timer = epochTime;
+
+ return epochTime;
+ }
+ }
+ #endif
+
+ /* Fallback to uptime since boot. This works for relative times, but
+ * not for ASN.1 date validation */
if (clock_gettime(CLOCK_REALTIME, &ts) == 0)
if (timer != NULL)
*timer = ts.tv_sec;
@@ -3176,8 +3312,10 @@ time_t stm32_hal_time(time_t *t1)
HAL_RTC_GetTime(&hrtc, &time, FORMAT_BIN);
HAL_RTC_GetDate(&hrtc, &date, FORMAT_BIN);
- tm_time.tm_year = date.Year;
- tm_time.tm_mon = date.Month - 1; /* gm starts at 0 */
+ /* RTC year is 0-99 and "struct tm" is 1900+, so assume after year 2000 */
+ tm_time.tm_year = date.Year + 100;
+ /* RTC month is 1-12 and "struct tm" is 0-12, so subtract 1 */
+ tm_time.tm_mon = date.Month - 1;
tm_time.tm_mday = date.Date;
tm_time.tm_hour = time.Hours;
tm_time.tm_min = time.Minutes;
@@ -3284,3 +3422,521 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
#include <wolfcrypt/src/port/arm/cryptoCellHash.c> /* sha256 */
#endif
#endif
+
+
+#ifndef SINGLE_THREADED
+
+#if defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS)
+ int wolfSSL_NewThread(THREAD_TYPE* thread,
+ THREAD_CB cb, void* arg)
+ {
+ if (thread == NULL || cb == NULL)
+ return BAD_FUNC_ARG;
+
+ /* Use _beginthreadex instead of _beginthread because of:
+ * _beginthreadex is safer to use than _beginthread. If the thread
+ * that's generated by _beginthread exits quickly, the handle that's
+ * returned to the caller of _beginthread might be invalid or point
+ * to another thread. However, the handle that's returned by
+ * _beginthreadex has to be closed by the caller of _beginthreadex,
+ * so it's guaranteed to be a valid handle if _beginthreadex didn't
+ * return an error.*/
+ *thread = _beginthreadex(NULL, 0, cb, arg, 0, NULL);
+ if (*thread == 0) {
+ *thread = INVALID_THREAD_VAL;
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+
+#ifdef WOLFSSL_THREAD_NO_JOIN
+ int wolfSSL_NewThreadNoJoin(THREAD_CB_NOJOIN cb, void* arg)
+ {
+ THREAD_TYPE thread;
+
+ if (cb == NULL)
+ return BAD_FUNC_ARG;
+
+ thread = _beginthread(cb, 0, arg);
+ if (thread == -1L) {
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+#endif
+
+ int wolfSSL_JoinThread(THREAD_TYPE thread)
+ {
+ int ret = 0;
+
+ if (thread == INVALID_THREAD_VAL)
+ return BAD_FUNC_ARG;
+
+ /* We still want to attempt to close the thread handle even on error */
+ if (WaitForSingleObject((HANDLE)thread, INFINITE) == WAIT_FAILED)
+ ret = MEMORY_E;
+
+ if (CloseHandle((HANDLE)thread) == 0)
+ ret = MEMORY_E;
+
+ return ret;
+ }
+
+#ifdef WOLFSSL_COND
+ int wolfSSL_CondInit(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ cond->cond = CreateEventA(NULL, FALSE, FALSE, NULL);
+ if (cond->cond == NULL)
+ return MEMORY_E;
+
+ if (wc_InitMutex(&cond->mutex) != 0) {
+ if (CloseHandle(cond->cond) == 0)
+ return MEMORY_E;
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+
+ int wolfSSL_CondFree(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (CloseHandle(cond->cond) == 0)
+ return MEMORY_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondStart(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_LockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondSignal(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_UnLockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ if (SetEvent(cond->cond) == 0)
+ return MEMORY_E;
+
+ if (wc_LockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondWait(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_UnLockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ if (WaitForSingleObject(cond->cond, INFINITE) == WAIT_FAILED)
+ return MEMORY_E;
+
+ if (wc_LockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondEnd(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_UnLockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+#endif /* WOLFSSL_COND */
+
+#elif defined(WOLFSSL_TIRTOS)
+
+ int wolfSSL_NewThread(THREAD_TYPE* thread,
+ THREAD_CB cb, void* arg)
+ {
+ /* Initialize the defaults and set the parameters. */
+ Task_Params taskParams;
+ Task_Params_init(&taskParams);
+ taskParams.arg0 = (UArg)arg;
+ taskParams.stackSize = 65535;
+ *thread = Task_create((Task_FuncPtr)cb, &taskParams, NULL);
+ if (*thread == NULL) {
+ return MEMORY_E;
+ }
+ Task_yield();
+ return 0;
+ }
+
+ int wolfSSL_JoinThread(THREAD_TYPE thread)
+ {
+ while(1) {
+ if (Task_getMode(thread) == Task_Mode_TERMINATED) {
+ Task_sleep(5);
+ break;
+ }
+ Task_yield();
+ }
+ return 0;
+ }
+
+#elif defined(NETOS)
+
+ int wolfSSL_NewThread(THREAD_TYPE* thread,
+ THREAD_CB cb, void* arg)
+ {
+ /* For backwards compatibility allow using this declaration as well. */
+ #ifdef TESTSUITE_THREAD_STACK_SZ
+ #define WOLFSSL_NETOS_STACK_SZ TESTSUITE_THREAD_STACK_SZ
+ #endif
+ /* This can be adjusted by defining in user_settings.h, will default to
+ * 65k in the event it is undefined */
+ #ifndef WOLFSSL_NETOS_STACK_SZ
+ #define WOLFSSL_NETOS_STACK_SZ 65535
+ #endif
+ int result;
+
+ if (thread == NULL || cb == NULL)
+ return BAD_FUNC_ARG;
+
+ XMEMSET(thread, 0, sizeof(*thread));
+
+ thread->threadStack = (void *)XMALLOC(WOLFSSL_NETOS_STACK_SZ, NULL,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (thread->threadStack == NULL)
+ return MEMORY_E;
+
+
+ /* first create the idle thread:
+ * ARGS:
+ * Param1: pointer to thread
+ * Param2: name
+ * Param3 and 4: entry function and input
+ * Param5: pointer to thread stack
+ * Param6: stack size
+ * Param7 and 8: priority level and preempt threshold
+ * Param9 and 10: time slice and auto-start indicator */
+ result = tx_thread_create(&thread->tid,
+ "wolfSSL thread",
+ (entry_functionType)cb, (ULONG)arg,
+ thread->threadStack,
+ TESTSUITE_THREAD_STACK_SZ,
+ 2, 2,
+ 1, TX_AUTO_START);
+ if (result != TX_SUCCESS) {
+ free(thread->threadStack);
+ thread->threadStack = NULL;
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+
+ int wolfSSL_JoinThread(THREAD_TYPE thread)
+ {
+ /* TODO: maybe have to use tx_thread_delete? */
+ free(thread.threadStack);
+ thread.threadStack = NULL;
+ return 0;
+ }
+
+#elif defined(WOLFSSL_ZEPHYR)
+
+ int wolfSSL_NewThread(THREAD_TYPE* thread,
+ THREAD_CB cb, void* arg)
+ {
+ #ifndef WOLFSSL_ZEPHYR_STACK_SZ
+ #define WOLFSSL_ZEPHYR_STACK_SZ (24*1024)
+ #endif
+
+ if (thread == NULL || cb == NULL)
+ return BAD_FUNC_ARG;
+
+ XMEMSET(thread, 0, sizeof(*thread));
+
+ /* TODO: Use the following once k_thread_stack_alloc makes it into a
+ * release.
+ * thread->threadStack = k_thread_stack_alloc(WOLFSSL_ZEPHYR_STACK_SZ,
+ * 0);
+ */
+ thread->threadStack = (void*)XMALLOC(
+ Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ), 0,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (thread->threadStack == NULL)
+ return MEMORY_E;
+
+ /* k_thread_create does not return any error codes */
+ /* Casting to k_thread_entry_t should be fine since we just ignore the
+ * extra arguments being passed in */
+ k_thread_create(&thread->tid, thread->threadStack,
+ WOLFSSL_ZEPHYR_STACK_SZ, (k_thread_entry_t)cb, arg, NULL, NULL,
+ 5, 0, K_NO_WAIT);
+
+ return 0;
+ }
+
+ int wolfSSL_JoinThread(THREAD_TYPE thread)
+ {
+ int ret = 0;
+ int err;
+
+ err = k_thread_join(&thread.tid, K_FOREVER);
+ if (err != 0)
+ ret = MEMORY_E;
+
+ /* TODO: Use the following once k_thread_stack_free makes it into a
+ * release.
+ * err = k_thread_stack_free(thread.threadStack);
+ * if (err != 0)
+ * ret = MEMORY_E;
+ */
+ XFREE(thread.threadStack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+ thread.threadStack = NULL;
+
+ /* No thread resources to free. Everything is stored in thread.tid */
+
+ return ret;
+ }
+
+#ifdef WOLFSSL_COND
+ /* Use the pthreads translation layer for signaling */
+
+#endif /* WOLFSSL_COND */
+
+#elif defined(WOLFSSL_PTHREADS)
+
+ int wolfSSL_NewThread(THREAD_TYPE* thread,
+ THREAD_CB cb, void* arg)
+ {
+ if (thread == NULL || cb == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_create(thread, NULL, cb, arg) != 0)
+ return MEMORY_E;
+
+ return 0;
+ }
+
+#ifdef WOLFSSL_THREAD_NO_JOIN
+ int wolfSSL_NewThreadNoJoin(THREAD_CB_NOJOIN cb, void* arg)
+ {
+ THREAD_TYPE thread;
+ int ret;
+ XMEMSET(&thread, 0, sizeof(thread));
+ ret = wolfSSL_NewThread(&thread, cb, arg);
+ if (ret == 0)
+ ret = pthread_detach(thread);
+ return ret;
+ }
+#endif
+
+ int wolfSSL_JoinThread(THREAD_TYPE thread)
+ {
+ if (thread == INVALID_THREAD_VAL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_join(thread, NULL) != 0)
+ return MEMORY_E;
+
+ return 0;
+ }
+
+#ifdef WOLFSSL_COND
+ #ifndef __MACH__
+ /* Generic POSIX conditional */
+ int wolfSSL_CondInit(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_mutex_init(&cond->mutex, NULL) != 0)
+ return MEMORY_E;
+
+ if (pthread_cond_init(&cond->cond, NULL) != 0) {
+ /* Keep compilers happy that we are using the return code */
+ if (pthread_mutex_destroy(&cond->mutex) != 0)
+ return MEMORY_E;
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+
+ int wolfSSL_CondFree(COND_TYPE* cond)
+ {
+ int ret = 0;
+
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_mutex_destroy(&cond->mutex) != 0)
+ ret = MEMORY_E;
+
+ if (pthread_cond_destroy(&cond->cond) != 0)
+ ret = MEMORY_E;
+
+ return ret;
+ }
+
+ int wolfSSL_CondStart(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_mutex_lock(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondSignal(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_cond_signal(&cond->cond) != 0)
+ return MEMORY_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondWait(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_cond_wait(&cond->cond, &cond->mutex) != 0)
+ return MEMORY_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondEnd(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (pthread_mutex_unlock(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+ #else /* __MACH__ */
+ /* Apple style dispatch semaphore */
+ int wolfSSL_CondInit(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ /* dispatch_release() fails hard, with Trace/BPT trap signal, if the
+ * sem's internal count is less than the value passed in with
+ * dispatch_semaphore_create(). work around this by initing
+ * with 0, then incrementing it afterwards.
+ */
+ cond->cond = dispatch_semaphore_create(0);
+ if (cond->cond == NULL)
+ return MEMORY_E;
+
+ if (wc_InitMutex(&cond->mutex) != 0) {
+ dispatch_release(cond->cond);
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+
+ int wolfSSL_CondFree(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ dispatch_release(cond->cond);
+ cond->cond = NULL;
+
+ if (wc_FreeMutex(&cond->mutex) != 0) {
+ return MEMORY_E;
+ }
+
+ return 0;
+ }
+
+ int wolfSSL_CondStart(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_LockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondSignal(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_UnLockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ dispatch_semaphore_signal(cond->cond);
+
+ if (wc_LockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondWait(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_UnLockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ dispatch_semaphore_wait(cond->cond, DISPATCH_TIME_FOREVER);
+
+ if (wc_LockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+
+ int wolfSSL_CondEnd(COND_TYPE* cond)
+ {
+ if (cond == NULL)
+ return BAD_FUNC_ARG;
+
+ if (wc_UnLockMutex(&cond->mutex) != 0)
+ return BAD_MUTEX_E;
+
+ return 0;
+ }
+ #endif /* __MACH__ */
+#endif /* WOLFSSL_COND */
+
+#endif
+
+#endif /* SINGLE_THREADED */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c
new file mode 100644
index 00000000..545b531c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c
@@ -0,0 +1,26 @@
+/* wc_xmss.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_HAVE_XMSS
+ #error "Contact wolfSSL to get the implementation of this file"
+#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c
index 492d085a..01ddd113 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c
@@ -180,8 +180,12 @@ int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
else {
WOLF_EVENT* next = event->next;
WOLF_EVENT* prev = event->prev;
- next->prev = prev;
- prev->next = next;
+ if ((next == NULL) || (prev == NULL)) {
+ ret = BAD_STATE_E;
+ } else {
+ next->prev = prev;
+ prev->next = next;
+ }
}
queue->count--;
@@ -205,7 +209,7 @@ int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
}
#endif
- /* iterrate event queue */
+ /* iterate event queue */
for (event = queue->head; event != NULL; event = event->next)
{
/* optional filter based on context */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/test/test.c b/extra/wolfssl/wolfssl/wolfcrypt/test/test.c
index bcdf69e0..0d1bf239 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/test/test.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/test/test.c
@@ -19,6 +19,15 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+ * Some common, optional build settings:
+ * these can also be set in wolfssl/options.h or user_settings.h
+ * -------------------------------------------------------------
+ *
+ * set the default devId for cryptocb to the value instead of INVALID_DEVID
+ * WC_USE_DEVID=0x1234
+ */
+
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -49,13 +58,17 @@
#ifdef HAVE_STACK_SIZE_VERBOSE
#ifdef WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES
- static ssize_t max_relative_stack = WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES;
+ static WC_MAYBE_UNUSED ssize_t max_relative_stack =
+ WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES;
#else
- static ssize_t max_relative_stack = -1;
+ static WC_MAYBE_UNUSED ssize_t max_relative_stack = -1;
#endif
#endif
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+const byte const_byte_array[] = "A+Gd\0\0\0";
+#define CBPTR_EXPECTED 'A'
+
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
#ifdef WOLFSSL_TEST_MAX_RELATIVE_HEAP_ALLOCS
static ssize_t max_relative_heap_allocs = WOLFSSL_TEST_MAX_RELATIVE_HEAP_ALLOCS;
#else
@@ -83,8 +96,8 @@
heap_baselineBytes = wolfCrypt_heap_peakBytes_checkpoint(); \
}
#else
-#define PRINT_HEAP_CHECKPOINT()
-#endif
+#define PRINT_HEAP_CHECKPOINT() WC_DO_NOTHING
+#endif /* WOLFSSL_TRACK_MEMORY_VERBOSE && !WOLFSSL_STATIC_MEMORY */
#ifdef USE_FLAT_TEST_H
#ifdef HAVE_CONFIG_H
@@ -121,6 +134,7 @@
#include <time.h>
#include <sys/time.h>
#include <esp_log.h>
+ #include <wolfcrypt/port/Espressif/esp32-crypt.h> /* */
#elif defined(WOLFSSL_ZEPHYR)
#include <stdio.h>
@@ -186,6 +200,23 @@
#include <printx.h>
#undef printf
#define printf printx
+#elif defined(WOLFSSL_RENESAS_RSIP)
+ #ifndef TEST_SLEEP
+ #define TEST_SLEEP() vTaskDelay(50)
+ #endif
+ #undef vprintf
+ #define vprintf rsip_vprintf
+ #include <stdarg.h> /* for var args */
+ int rsip_vprintf(const char* restrict format, va_list args)
+ {
+ int ret;
+ char tmpBuf[80];
+
+ ret = XSNPRINTF(tmpBuf, sizeof(tmpBuf), format, args);
+ printf(tmpBuf);
+
+ return ret;
+ }
#else
#ifdef XMALLOC_USER
#include <stdlib.h> /* we're using malloc / free direct here */
@@ -254,6 +285,9 @@
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h>
#endif
+#ifdef WOLFSSL_SM2
+ #include <wolfssl/wolfcrypt/sm2.h>
+#endif
#ifdef HAVE_HPKE
#include <wolfssl/wolfcrypt/hpke.h>
#endif
@@ -278,6 +312,18 @@
#include <wolfssl/wolfcrypt/ext_kyber.h>
#endif
#endif
+#if defined(WOLFSSL_HAVE_XMSS)
+ #include <wolfssl/wolfcrypt/xmss.h>
+#ifdef HAVE_LIBXMSS
+ #include <wolfssl/wolfcrypt/ext_xmss.h>
+#endif
+#endif
+#if defined(WOLFSSL_HAVE_LMS)
+ #include <wolfssl/wolfcrypt/lms.h>
+#ifdef HAVE_LIBLMS
+ #include <wolfssl/wolfcrypt/ext_lms.h>
+#endif
+#endif
#ifdef WOLFCRYPT_HAVE_ECCSI
#include <wolfssl/wolfcrypt/eccsi.h>
#endif
@@ -290,6 +336,12 @@
#ifdef WOLFSSL_SHA3
#include <wolfssl/wolfcrypt/sha3.h>
#endif
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+#ifdef WOLFSSL_SM4
+ #include <wolfssl/wolfcrypt/sm4.h>
+#endif
#ifdef HAVE_LIBZ
#include <wolfssl/wolfcrypt/compress.h>
#endif
@@ -319,6 +371,9 @@
#ifdef HAVE_CAVIUM_OCTEON_SYNC
#include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
#endif
+ #ifdef HAVE_RENESAS_SYNC
+ #include <wolfssl/wolfcrypt/port/renesas/renesas_sync.h>
+ #endif
#endif
#ifdef _MSC_VER
@@ -389,7 +444,11 @@ static void initDefaultName(void);
#ifdef WOLFSSL_CAAM_DEVID
static int devId = WOLFSSL_CAAM_DEVID;
#else
+ #ifdef WC_USE_DEVID
+static int devId = WC_USE_DEVID;
+ #else
static int devId = INVALID_DEVID;
+ #endif
#endif
#ifdef HAVE_WNR
@@ -413,217 +472,275 @@ typedef struct testVector {
PRAGMA_GCC("GCC diagnostic ignored \"-Wunused-function\"")
PRAGMA_CLANG("clang diagnostic ignored \"-Wunused-function\"")
-WOLFSSL_TEST_SUBROUTINE int error_test(void);
-WOLFSSL_TEST_SUBROUTINE int base64_test(void);
-WOLFSSL_TEST_SUBROUTINE int base16_test(void);
-WOLFSSL_TEST_SUBROUTINE int asn_test(void);
-WOLFSSL_TEST_SUBROUTINE int md2_test(void);
-WOLFSSL_TEST_SUBROUTINE int md5_test(void);
-WOLFSSL_TEST_SUBROUTINE int md4_test(void);
-WOLFSSL_TEST_SUBROUTINE int sha_test(void);
-WOLFSSL_TEST_SUBROUTINE int sha224_test(void);
-WOLFSSL_TEST_SUBROUTINE int sha256_test(void);
-WOLFSSL_TEST_SUBROUTINE int sha512_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base16_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t asn_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md2_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md5_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md4_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha224_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void);
#if !defined(WOLFSSL_NOSHA512_224) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int sha512_224_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_224_test(void);
#endif
#if !defined(WOLFSSL_NOSHA512_256) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int sha512_256_test(void);
-#endif
-WOLFSSL_TEST_SUBROUTINE int sha384_test(void);
-WOLFSSL_TEST_SUBROUTINE int sha3_test(void);
-WOLFSSL_TEST_SUBROUTINE int shake128_test(void);
-WOLFSSL_TEST_SUBROUTINE int shake256_test(void);
-WOLFSSL_TEST_SUBROUTINE int hash_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void);
-WOLFSSL_TEST_SUBROUTINE int hmac_sha3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_256_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha384_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake128_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void);
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
+#if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) || \
+ defined(WOLFSSL_AFALG_XILINX_SHA3) || defined(WOLFSSL_AFALG_HASH_KEEP) || \
+ defined(WOLFSSL_AFALG_XILINX_RSA)
/* hkdf_test has issue with WOLFSSL_TEST_SUBROUTINE set on Xilinx with afalg */
-static int hkdf_test(void);
+static wc_test_ret_t hkdf_test(void);
+#else
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void);
#endif
-WOLFSSL_TEST_SUBROUTINE int sshkdf_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sshkdf_test(void);
#ifdef WOLFSSL_TLS13
-WOLFSSL_TEST_SUBROUTINE int tls13_kdf_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t x963kdf_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void);
+#ifdef WC_SRTP_KDF
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void);
#endif
-WOLFSSL_TEST_SUBROUTINE int x963kdf_test(void);
-WOLFSSL_TEST_SUBROUTINE int hpke_test(void);
-WOLFSSL_TEST_SUBROUTINE int arc4_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t arc4_test(void);
#ifdef WC_RC2
-WOLFSSL_TEST_SUBROUTINE int rc2_test(void);
-#endif
-WOLFSSL_TEST_SUBROUTINE int chacha_test(void);
-WOLFSSL_TEST_SUBROUTINE int XChaCha_test(void);
-WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void);
-WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void);
-WOLFSSL_TEST_SUBROUTINE int des_test(void);
-WOLFSSL_TEST_SUBROUTINE int des3_test(void);
-WOLFSSL_TEST_SUBROUTINE int aes_test(void);
-WOLFSSL_TEST_SUBROUTINE int aes192_test(void);
-WOLFSSL_TEST_SUBROUTINE int aes256_test(void);
-WOLFSSL_TEST_SUBROUTINE int aesofb_test(void);
-WOLFSSL_TEST_SUBROUTINE int cmac_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rc2_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha20_poly1305_aead_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesofb_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cmac_test(void);
#if defined(WOLFSSL_SIPHASH)
-WOLFSSL_TEST_SUBROUTINE int siphash_test(void);
-#endif
-WOLFSSL_TEST_SUBROUTINE int poly1305_test(void);
-WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void);
-WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void);
-WOLFSSL_TEST_SUBROUTINE int gmac_test(void);
-WOLFSSL_TEST_SUBROUTINE int aesccm_test(void);
-WOLFSSL_TEST_SUBROUTINE int aeskeywrap_test(void);
-WOLFSSL_TEST_SUBROUTINE int camellia_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t siphash_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t poly1305_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_default_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t gmac_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesccm_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aeskeywrap_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t camellia_test(void);
+#ifdef WOLFSSL_SM4
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm4_test(void);
+#endif
#ifdef WC_RSA_NO_PADDING
-WOLFSSL_TEST_SUBROUTINE int rsa_no_pad_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void);
#endif
-WOLFSSL_TEST_SUBROUTINE int rsa_test(void);
-WOLFSSL_TEST_SUBROUTINE int dh_test(void);
-WOLFSSL_TEST_SUBROUTINE int dsa_test(void);
-WOLFSSL_TEST_SUBROUTINE int srp_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void);
#ifndef WC_NO_RNG
-WOLFSSL_TEST_SUBROUTINE int random_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void);
#endif /* WC_NO_RNG */
-WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void);
-WOLFSSL_TEST_SUBROUTINE int ripemd_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void);
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
-WOLFSSL_TEST_SUBROUTINE int openssl_test(void); /* test mini api */
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void); /* test mini api */
-WOLFSSL_TEST_SUBROUTINE int openssl_pkey0_test(void);
-WOLFSSL_TEST_SUBROUTINE int openssl_pkey1_test(void);
-WOLFSSL_TEST_SUBROUTINE int openSSL_evpMD_test(void);
-WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void);
#endif
-WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void);
-WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void);
-WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void);
-WOLFSSL_TEST_SUBROUTINE int scrypt_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void);
+#if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void);
#ifdef HAVE_ECC
- WOLFSSL_TEST_SUBROUTINE int ecc_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void);
#if defined(HAVE_ECC_ENCRYPT) && defined(HAVE_AES_CBC) && \
(defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_256))
- WOLFSSL_TEST_SUBROUTINE int ecc_encrypt_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_encrypt_test(void);
#endif
#if defined(USE_CERT_BUFFERS_256) && !defined(WOLFSSL_ATECC508A) && \
!defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256) && \
defined(HAVE_ECC_VERIFY) && defined(HAVE_ECC_SIGN) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
/* skip for ATECC508/608A, cannot import private key buffers */
- WOLFSSL_TEST_SUBROUTINE int ecc_test_buffers(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test_buffers(void);
#endif
#endif
#ifdef HAVE_CURVE25519
- WOLFSSL_TEST_SUBROUTINE int curve25519_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void);
#endif
#ifdef HAVE_ED25519
- WOLFSSL_TEST_SUBROUTINE int ed25519_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void);
#endif
#ifdef HAVE_CURVE448
- WOLFSSL_TEST_SUBROUTINE int curve448_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve448_test(void);
#endif
#ifdef HAVE_ED448
- WOLFSSL_TEST_SUBROUTINE int ed448_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void);
#endif
#ifdef WOLFSSL_HAVE_KYBER
- WOLFSSL_TEST_SUBROUTINE int kyber_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t kyber_test(void);
+#endif
+#if defined(WOLFSSL_HAVE_XMSS)
+ #if !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test(void);
+ #endif
+ #if defined(WOLFSSL_XMSS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test_verify_only(void);
+ #endif
+#endif
+#if defined(WOLFSSL_HAVE_LMS)
+ #if !defined(WOLFSSL_LMS_VERIFY_ONLY)
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void);
+ #endif
+ #if defined(WOLFSSL_LMS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test_verify_only(void);
+ #endif
#endif
#ifdef WOLFCRYPT_HAVE_ECCSI
- WOLFSSL_TEST_SUBROUTINE int eccsi_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t eccsi_test(void);
#endif
#ifdef WOLFCRYPT_HAVE_SAKKE
- WOLFSSL_TEST_SUBROUTINE int sakke_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sakke_test(void);
#endif
#ifdef HAVE_BLAKE2
- WOLFSSL_TEST_SUBROUTINE int blake2b_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_test(void);
#endif
#ifdef HAVE_BLAKE2S
- WOLFSSL_TEST_SUBROUTINE int blake2s_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_test(void);
#endif
#ifdef HAVE_LIBZ
- WOLFSSL_TEST_SUBROUTINE int compress_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void);
#endif
#ifdef HAVE_PKCS7
#ifndef NO_PKCS7_ENCRYPTED_DATA
- WOLFSSL_TEST_SUBROUTINE int pkcs7encrypted_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void);
#endif
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
- WOLFSSL_TEST_SUBROUTINE int pkcs7compressed_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void);
#endif
- WOLFSSL_TEST_SUBROUTINE int pkcs7signed_test(void);
- WOLFSSL_TEST_SUBROUTINE int pkcs7enveloped_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7enveloped_test(void);
#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
- WOLFSSL_TEST_SUBROUTINE int pkcs7authenveloped_test(void);
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void);
#endif
#if !defined(NO_AES) && defined(HAVE_AES_CBC)
- WOLFSSL_TEST_SUBROUTINE int pkcs7callback_test(byte* cert, word32 certSz, byte* key,
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 certSz, byte* key,
word32 keySz);
#endif
#endif
#if !defined(NO_ASN_TIME) && !defined(NO_RSA) && defined(WOLFSSL_TEST_CERT) && \
!defined(NO_FILESYSTEM)
-WOLFSSL_TEST_SUBROUTINE int cert_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cert_test(void);
#endif
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT) && \
!defined(NO_FILESYSTEM) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int certext_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void);
#endif
#if defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int decodedCertCache_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void);
#endif
-WOLFSSL_TEST_SUBROUTINE int memory_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void);
#if defined(WOLFSSL_PUBLIC_MP) && \
((defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
defined(USE_FAST_MATH))
-WOLFSSL_TEST_SUBROUTINE int mp_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void);
#endif
#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_KEY_GEN)
-WOLFSSL_TEST_SUBROUTINE int prime_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void);
#endif
#if defined(ASN_BER_TO_DER) && \
(defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
defined(OPENSSL_EXTRA_X509_SMALL))
-WOLFSSL_TEST_SUBROUTINE int berder_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void);
#endif
-WOLFSSL_TEST_SUBROUTINE int logging_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void);
#if !defined(NO_ASN) && !defined(NO_ASN_TIME)
-WOLFSSL_TEST_SUBROUTINE int time_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t time_test(void);
#endif
#if defined(__INCLUDE_NUTTX_CONFIG_H)
-WOLFSSL_TEST_SUBROUTINE int wolfcrypt_mutex_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t wolfcrypt_mutex_test(void);
#else
-WOLFSSL_TEST_SUBROUTINE int mutex_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mutex_test(void);
#endif
#if defined(USE_WOLFSSL_MEMORY) && !defined(FREERTOS)
-WOLFSSL_TEST_SUBROUTINE int memcb_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memcb_test(void);
#endif
#ifdef WOLFSSL_CAAM_BLOB
-WOLFSSL_TEST_SUBROUTINE int blob_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blob_test(void);
+#endif
+#ifdef HAVE_ARIA
+#include "wolfssl/wolfcrypt/port/aria/aria-crypt.h"
+void printOutput(const char *strName, unsigned char *data, unsigned int dataSz);
+WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID);
#endif
#ifdef WOLF_CRYPTO_CB
-WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void);
#endif
#ifdef WOLFSSL_CERT_PIV
-WOLFSSL_TEST_SUBROUTINE int certpiv_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certpiv_test(void);
#endif
#ifdef WOLFSSL_AES_SIV
-WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void);
#endif
+#if defined(WOLFSSL_AES_EAX) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void);
+#endif /* WOLFSSL_AES_EAX */
+
/* General big buffer size for many tests. */
#define FOURK_BUF 4096
+#if defined(WOLFSSL_ESPIDF_ERROR_PAUSE)
+ /* When defined, pause at error condition rather than exit with error. */
+ #define ERROR_OUT(err, eLabel) \
+ do { \
+ ret = (err); \
+ esp_ShowExtendedSystemInfo(); \
+ ESP_LOGE("wolfcrypt_test", "ESP Error! ret = %d ", err); \
+ while (1) { \
+ vTaskDelay(60000); \
+ } \
+ /* Just to appease compiler, don't actually go to eLabel */ \
+ goto eLabel; \
+ } while (0)
+#else
+ #define ERROR_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
+#endif
-#define ERROR_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
+/* Not all unexpected conditions are actually errors .*/
+#define WARNING_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
-static void render_error_message(const char* msg, int es)
+static void render_error_message(const char* msg, wc_test_ret_t es)
{
(void)msg;
(void)es;
@@ -699,7 +816,7 @@ static void print_fiducials(void);
#ifdef HAVE_STACK_SIZE
static THREAD_RETURN err_sys(const char* msg, int es)
#else
-static int err_sys(const char* msg, int es)
+static wc_test_ret_t err_sys(const char* msg, wc_test_ret_t es)
#endif
{
render_error_message(msg, es);
@@ -716,7 +833,7 @@ static int err_sys(const char* msg, int es)
typedef struct func_args {
int argc;
char** argv;
- int return_code;
+ wc_test_ret_t return_code;
} func_args;
#endif /* !HAVE_WOLFCRYPT_TEST_OPTIONS */
@@ -784,7 +901,7 @@ static int rng_crypto_cb(int thisDevId, wc_CryptoInfo* info, void* ctx)
/* optional macro to add sleep between tests */
#ifndef TEST_SLEEP
-#define TEST_SLEEP()
+#define TEST_SLEEP() WC_DO_NOTHING
#else
#define TEST_PASS test_pass
#include <stdarg.h> /* for var args */
@@ -800,7 +917,7 @@ static int rng_crypto_cb(int thisDevId, wc_CryptoInfo* info, void* ctx)
}
#endif
-/* set test pass output to printf if not overriden */
+/* set test pass output to printf if not overridden */
#ifndef TEST_PASS
/* redirect to printf */
#define TEST_PASS(...) { \
@@ -822,11 +939,11 @@ static int rng_crypto_cb(int thisDevId, wc_CryptoInfo* info, void* ctx)
#ifdef HAVE_STACK_SIZE
THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args)
#else
-int wolfcrypt_test(void* args)
+wc_test_ret_t wolfcrypt_test(void* args)
#endif
{
- int ret;
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ wc_test_ret_t ret;
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
long heap_baselineAllocs, heap_baselineBytes;
#endif
#ifdef TEST_ALWAYS_RUN_TO_END
@@ -834,7 +951,7 @@ int wolfcrypt_test(void* args)
#endif
STACK_SIZE_INIT();
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
(void)wolfCrypt_heap_peakAllocs_checkpoint();
heap_baselineAllocs = wolfCrypt_heap_peakAllocs_checkpoint();
(void)wolfCrypt_heap_peakBytes_checkpoint();
@@ -843,6 +960,10 @@ int wolfcrypt_test(void* args)
printf("------------------------------------------------------------------------------\n");
printf(" wolfSSL version %s\n", LIBWOLFSSL_VERSION_STRING);
+#ifdef WOLF_CRYPTO_CB
+ if (devId != INVALID_DEVID)
+ printf(" CryptoCB with DevID:%X\n", devId);
+#endif
printf("------------------------------------------------------------------------------\n");
if (args) {
@@ -947,6 +1068,12 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
printf("Couldn't init the Cavium Octeon\n");
}
#endif
+#ifdef HAVE_RENESAS_SYNC
+ devId = wc_CryptoCb_CryptInitRenesasCmn(NULL, &guser_PKCbInfo);
+ if (devId == INVALID_DEVID) {
+ printf("Couldn't get the Renesas device ID\n");
+ }
+#endif
#endif
#if defined(WOLF_CRYPTO_CB) && !defined(HAVE_HASHDRBG) && \
@@ -1101,6 +1228,13 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
TEST_PASS("SHAKE256 test passed!\n");
#endif
+#ifdef WOLFSSL_SM3
+ if ( (ret = sm3_test()) != 0)
+ return err_sys("SM-3 test failed!\n", ret);
+ else
+ TEST_PASS("SM-3 test passed!\n");
+#endif
+
#ifndef NO_HASH_WRAPPER
if ( (ret = hash_test()) != 0)
TEST_FAIL("Hash test failed!\n", ret);
@@ -1223,8 +1357,16 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
TEST_PASS("HPKE test passed!\n");
#endif
+#if defined(WC_SRTP_KDF)
+ if ( (ret = srtpkdf_test()) != 0)
+ TEST_FAIL("SRTP KDF test failed!\n", ret);
+ else
+ TEST_PASS("SRTP KDF test passed!\n");
+#endif
+
#if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128) && \
- !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT)
+ !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) && \
+ !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
if ( (ret = gmac_test()) != 0)
TEST_FAIL("GMAC test failed!\n", ret);
else
@@ -1300,14 +1442,15 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
else
TEST_PASS("AES test passed!\n");
-#ifdef WOLFSSL_AES_192
+#if defined(WOLFSSL_AES_192) && \
+ !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
if ( (ret = aes192_test()) != 0)
TEST_FAIL("AES192 test failed!\n", ret);
else
TEST_PASS("AES192 test passed!\n");
#endif
-#ifdef WOLFSSL_AES_256
+#if defined(WOLFSSL_AES_256)
if ( (ret = aes256_test()) != 0)
TEST_FAIL("AES256 test failed!\n", ret);
else
@@ -1327,6 +1470,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
TEST_FAIL("AES-GCM test failed!\n", ret);
#endif
#if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) && \
+ !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
!defined(WOLFSSL_KCAPI_AES) && !(defined(WOLF_CRYPTO_CB) && \
(defined(HAVE_INTEL_QA_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC)))
if ((ret = aesgcm_default_test()) != 0) {
@@ -1358,6 +1502,31 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
#endif
#endif
+#if defined(WOLFSSL_AES_EAX) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+ if ( (ret = aes_eax_test()) != 0)
+ TEST_FAIL("AES-EAX test failed!\n", ret);
+ else
+ TEST_PASS("AES-EAX test passed!\n");
+#endif /* WOLFSSL_AES_EAX */
+
+#ifdef HAVE_ARIA
+ if ( (ret = ariagcm_test(MC_ALGID_ARIA_128BITKEY)) != 0)
+ TEST_FAIL("ARIA128 test failed!\n", ret);
+ else
+ TEST_PASS("ARIA128 test passed!\n");
+
+ if ( (ret = ariagcm_test(MC_ALGID_ARIA_192BITKEY)) != 0)
+ TEST_FAIL("ARIA192 test failed!\n", ret);
+ else
+ TEST_PASS("ARIA192 test passed!\n");
+
+ if ( (ret = ariagcm_test(MC_ALGID_ARIA_256BITKEY)) != 0)
+ TEST_FAIL("ARIA256 test failed!\n", ret);
+ else
+ TEST_PASS("ARIA256 test passed!\n");
+#endif
+
#ifdef HAVE_CAMELLIA
if ( (ret = camellia_test()) != 0)
TEST_FAIL("CAMELLIA test failed!\n", ret);
@@ -1365,7 +1534,14 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
TEST_PASS("CAMELLIA test passed!\n");
#endif
-#if !defined(NO_RSA)
+#ifdef WOLFSSL_SM4
+ if ( (ret = sm4_test()) != 0)
+ return err_sys("SM-4 test failed!\n", ret);
+ else
+ TEST_PASS("SM-4 test passed!\n");
+#endif
+
+#if !defined(NO_RSA) && !defined(HAVE_RENESAS_SYNC)
#ifdef WC_RSA_NO_PADDING
if ( (ret = rsa_no_pad_test()) != 0)
TEST_FAIL("RSA NOPAD test failed!\n", ret);
@@ -1522,6 +1698,38 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
TEST_PASS("KYBER test passed!\n");
#endif
+#if defined(WOLFSSL_HAVE_XMSS)
+ #if !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+ if ( (ret = xmss_test()) != 0)
+ TEST_FAIL("XMSS test failed!\n", ret);
+ else
+ TEST_PASS("XMSS test passed!\n");
+ #endif
+
+ #if defined(WOLFSSL_XMSS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+ if ( (ret = xmss_test_verify_only()) != 0)
+ TEST_FAIL("XMSS test failed!\n", ret);
+ else
+ TEST_PASS("XMSS test passed!\n");
+ #endif
+#endif /* if defined(WOLFSSL_HAVE_XMSS) */
+
+#if defined(WOLFSSL_HAVE_LMS)
+ #if !defined(WOLFSSL_LMS_VERIFY_ONLY)
+ if ( (ret = lms_test()) != 0)
+ TEST_FAIL("LMS test failed!\n", ret);
+ else
+ TEST_PASS("LMS test passed!\n");
+ #endif
+
+ #if defined(WOLFSSL_LMS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+ if ( (ret = lms_test_verify_only()) != 0)
+ TEST_FAIL("LMS test failed!\n", ret);
+ else
+ TEST_PASS("LMS test passed!\n");
+ #endif
+#endif /* if defined(WOLFSSL_HAVE_LMS) */
+
#ifdef WOLFCRYPT_HAVE_ECCSI
if ( (ret = eccsi_test()) != 0)
TEST_FAIL("ECCSI test failed!\n", ret);
@@ -1649,7 +1857,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
#if defined(WOLF_CRYPTO_CB) && \
!(defined(HAVE_INTEL_QAT_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC) || \
- defined(WOLFSSL_QNX_CAAM))
+ defined(WOLFSSL_QNX_CAAM) || defined(HAVE_RENESAS_SYNC))
if ( (ret = cryptocb_test()) != 0)
TEST_FAIL("crypto callback test failed!\n", ret);
else
@@ -1703,20 +1911,20 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
/* so overall tests can pull in test function */
#if defined(WOLFSSL_ESPIDF) || defined(_WIN32_WCE)
- int wolf_test_task(void)
+ wc_test_ret_t wolf_test_task(void)
#else
#ifndef NO_MAIN_FUNCTION
int main(int argc, char** argv)
{
- return wolfcrypt_test_main(argc, argv);
+ return (int)wolfcrypt_test_main(argc, argv);
}
#endif
- int wolfcrypt_test_main(int argc, char** argv)
+ wc_test_ret_t wolfcrypt_test_main(int argc, char** argv)
#endif
{
- int ret;
- func_args args;
+ wc_test_ret_t ret;
+ func_args args = { 0, 0, 0 };
#if defined(WOLFSSL_ESPIDF) || defined(WOLFSSL_SE050)
/* set dummy wallclock time. */
struct timeval utctime;
@@ -1782,7 +1990,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
args.argv = argv;
#endif
if ((ret = wolfCrypt_Init()) != 0) {
- printf("wolfCrypt_Init failed %d\n", ret);
+ printf("wolfCrypt_Init failed %d\n", (int)ret);
err_sys("Error with wolfCrypt_Init!\n", WC_TEST_RET_ENC_EC(ret));
}
@@ -1801,7 +2009,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
#endif
if ((ret = wolfCrypt_Cleanup()) != 0) {
- printf("wolfCrypt_Cleanup failed %d\n", ret);
+ printf("wolfCrypt_Cleanup failed %d\n", (int)ret);
err_sys("Error with wolfCrypt_Cleanup!\n", WC_TEST_RET_ENC_EC(ret));
}
@@ -1818,16 +2026,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
while (1);
#endif
-#ifdef WOLFSSL_ESPIDF
- /* ESP_LOGI to print takes up a lot less memory than printf */
- ESP_LOGI("wolfcrypt_test", "Exiting main with return code: % d\n", args.return_code);
-#endif
-
-/* everything else will use printf */
-#if !defined(WOLFSSL_ESPIDF)
-/* gate this for target platforms wishing to avoid printf reference */
- printf("Exiting main with return code: %d\n", args.return_code);
-#endif
+ printf("Exiting main with return code: %ld\n", (long int)args.return_code);
return args.return_code;
} /* wolfcrypt_test_main or wolf_test_task */
@@ -1845,11 +2044,11 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
#define SaveDerAndPem(d, dSz, fD, fP, pT) _SaveDerAndPem(d, dSz, NULL, NULL, pT, WC_TEST_RET_LN)
#endif
-static int _SaveDerAndPem(const byte* der, int derSz,
+static wc_test_ret_t _SaveDerAndPem(const byte* der, int derSz,
const char* fileDer, const char* filePem, int pemType, int calling_line)
{
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
- int ret;
+ wc_test_ret_t ret;
XFILE derFile;
derFile = XFOPEN(fileDer, "wb");
@@ -1915,7 +2114,7 @@ static int _SaveDerAndPem(const byte* der, int derSz,
}
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
-WOLFSSL_TEST_SUBROUTINE int error_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void)
{
const char* errStr;
char out[WOLFSSL_MAX_ERROR_SZ];
@@ -1935,9 +2134,8 @@ WOLFSSL_TEST_SUBROUTINE int error_test(void)
int i;
int j = 0;
/* Values that are not or no longer error codes. */
- int missing[] = { -122, -123, -124, -127, -128, -129, -159,
- -163, -164, -165, -166, -167, -168, -169, -233,
- 0 };
+ int missing[] = { -123, -124, -128, -129, -159, -163, -164,
+ -165, -166, -167, -168, -169, -233, 0 };
/* Check that all errors have a string and it's the same through the two
* APIs. Check that the values that are not errors map to the unknown
@@ -1980,9 +2178,9 @@ WOLFSSL_TEST_SUBROUTINE int error_test(void)
#ifndef NO_CODING
-WOLFSSL_TEST_SUBROUTINE int base64_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void)
{
- int ret;
+ wc_test_ret_t ret;
WOLFSSL_SMALL_STACK_STATIC const byte good[] = "A+Gd\0\0\0";
WOLFSSL_SMALL_STACK_STATIC const byte goodEnd[] = "A+Gd \r\n";
WOLFSSL_SMALL_STACK_STATIC const byte good_spaces[] = " A + G d \0";
@@ -2127,9 +2325,9 @@ WOLFSSL_TEST_SUBROUTINE int base64_test(void)
}
#ifdef WOLFSSL_BASE16
-WOLFSSL_TEST_SUBROUTINE int base16_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base16_test(void)
{
- int ret;
+ wc_test_ret_t ret;
WOLFSSL_SMALL_STACK_STATIC const byte testData[] = "SomeDataToEncode\n";
WOLFSSL_SMALL_STACK_STATIC const byte encodedTestData[] = "536F6D6544617461546F456E636F64650A00";
byte encoded[40];
@@ -2166,9 +2364,9 @@ WOLFSSL_TEST_SUBROUTINE int base16_test(void)
#endif /* !NO_CODING */
#ifndef NO_ASN
-WOLFSSL_TEST_SUBROUTINE int asn_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t asn_test(void)
{
- int ret;
+ wc_test_ret_t ret;
/* ASN1 encoded date buffer */
WOLFSSL_SMALL_STACK_STATIC const byte dateBuf[] = {0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31,
0x32, 0x30, 0x30, 0x37, 0x33, 0x37, 0x5a};
@@ -2211,9 +2409,9 @@ WOLFSSL_TEST_SUBROUTINE int asn_test(void)
#endif /* !NO_ASN */
#ifdef WOLFSSL_MD2
-WOLFSSL_TEST_SUBROUTINE int md2_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md2_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
Md2 md2;
byte hash[MD2_DIGEST_SIZE];
@@ -2299,9 +2497,9 @@ WOLFSSL_TEST_SUBROUTINE int md2_test(void)
#endif
#ifndef NO_MD5
-WOLFSSL_TEST_SUBROUTINE int md5_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md5_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
wc_Md5 md5, md5Copy;
byte hash[WC_MD5_DIGEST_SIZE];
byte hashcopy[WC_MD5_DIGEST_SIZE];
@@ -2429,7 +2627,7 @@ exit:
#ifndef NO_MD4
-WOLFSSL_TEST_SUBROUTINE int md4_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md4_test(void)
{
Md4 md4;
byte hash[MD4_DIGEST_SIZE];
@@ -2507,9 +2705,9 @@ WOLFSSL_TEST_SUBROUTINE int md4_test(void)
#ifndef NO_SHA
-WOLFSSL_TEST_SUBROUTINE int sha_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
wc_Sha sha, shaCopy;
byte hash[WC_SHA_DIGEST_SIZE];
byte hashcopy[WC_SHA_DIGEST_SIZE];
@@ -2637,10 +2835,10 @@ exit:
#endif /* NO_SHA */
#ifdef WOLFSSL_RIPEMD
-WOLFSSL_TEST_SUBROUTINE int ripemd_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void)
{
RipeMd ripemd;
- int ret;
+ wc_test_ret_t ret;
byte hash[RIPEMD_DIGEST_SIZE];
testVector a, b, c, d;
@@ -2744,7 +2942,7 @@ static const byte blake2b_vec[BLAKE2B_TESTS][BLAKE2B_OUTBYTES] =
-WOLFSSL_TEST_SUBROUTINE int blake2b_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_test(void)
{
Blake2b b2b;
byte digest[64];
@@ -2805,7 +3003,7 @@ static const byte blake2s_vec[BLAKE2S_TESTS][BLAKE2S_OUTBYTES] =
-WOLFSSL_TEST_SUBROUTINE int blake2s_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_test(void)
{
Blake2s b2s;
byte digest[32];
@@ -2839,12 +3037,12 @@ WOLFSSL_TEST_SUBROUTINE int blake2s_test(void)
#ifdef WOLFSSL_SHA224
-WOLFSSL_TEST_SUBROUTINE int sha224_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha224_test(void)
{
wc_Sha224 sha, shaCopy;
byte hash[WC_SHA224_DIGEST_SIZE];
byte hashcopy[WC_SHA224_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
testVector a, b, c;
testVector test_sha[3];
@@ -2913,12 +3111,12 @@ exit:
#ifndef NO_SHA256
-WOLFSSL_TEST_SUBROUTINE int sha256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void)
{
wc_Sha256 sha, shaCopy;
byte hash[WC_SHA256_DIGEST_SIZE];
byte hashcopy[WC_SHA256_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
testVector a, b, c;
testVector test_sha[3];
@@ -3029,7 +3227,7 @@ exit:
#ifdef WOLFSSL_SHA512
-WOLFSSL_TEST_SUBROUTINE int sha512_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void)
{
/*
** See https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA512.pdf
@@ -3037,7 +3235,7 @@ WOLFSSL_TEST_SUBROUTINE int sha512_test(void)
wc_Sha512 sha, shaCopy;
byte hash[WC_SHA512_DIGEST_SIZE];
byte hashcopy[WC_SHA512_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
testVector a, b, c;
testVector test_sha[3];
@@ -3165,7 +3363,7 @@ exit:
#if !defined(WOLFSSL_NOSHA512_224) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int sha512_224_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_224_test(void)
{
/*
** See https://csrc.nist.gov/Projects/cryptographic-standards-and-guidelines/example-values
@@ -3176,7 +3374,7 @@ WOLFSSL_TEST_SUBROUTINE int sha512_224_test(void)
wc_Sha512 sha, shaCopy;
byte hash[WC_SHA512_224_DIGEST_SIZE];
byte hashcopy[WC_SHA512_224_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
testVector a, b, c;
testVector test_sha[3];
@@ -3317,7 +3515,7 @@ exit:
#if !defined(WOLFSSL_NOSHA512_256) && \
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int sha512_256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_256_test(void)
{
/*
** See https://csrc.nist.gov/Projects/cryptographic-standards-and-guidelines/example-values
@@ -3327,7 +3525,7 @@ WOLFSSL_TEST_SUBROUTINE int sha512_256_test(void)
wc_Sha512 sha, shaCopy;
byte hash[WC_SHA512_256_DIGEST_SIZE];
byte hashcopy[WC_SHA512_256_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
testVector a, b, c;
testVector test_sha[3];
@@ -3469,12 +3667,12 @@ exit:
#ifdef WOLFSSL_SHA384
-WOLFSSL_TEST_SUBROUTINE int sha384_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha384_test(void)
{
wc_Sha384 sha, shaCopy;
byte hash[WC_SHA384_DIGEST_SIZE];
byte hashcopy[WC_SHA384_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
testVector a, b, c;
testVector test_sha[3];
@@ -3589,7 +3787,7 @@ exit:
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
-static int sha3_224_test(void)
+static wc_test_ret_t sha3_224_test(void)
{
wc_Sha3 sha;
byte hash[WC_SHA3_224_DIGEST_SIZE];
@@ -3597,7 +3795,7 @@ static int sha3_224_test(void)
testVector a, b, c;
testVector test_sha[3];
- int ret = 0;
+ wc_test_ret_t ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
a.input = "";
@@ -3677,7 +3875,7 @@ exit:
#endif /* WOLFSSL_NOSHA3_224 */
#ifndef WOLFSSL_NOSHA3_256
-static int sha3_256_test(void)
+static wc_test_ret_t sha3_256_test(void)
{
wc_Sha3 sha;
byte hash[WC_SHA3_256_DIGEST_SIZE];
@@ -3685,7 +3883,7 @@ static int sha3_256_test(void)
testVector a, b, c;
testVector test_sha[3];
- int ret = 0;
+ wc_test_ret_t ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
byte large_input[1024];
@@ -3798,7 +3996,7 @@ exit:
#endif /* WOLFSSL_NOSHA3_256 */
#ifndef WOLFSSL_NOSHA3_384
-static int sha3_384_test(void)
+static wc_test_ret_t sha3_384_test(void)
{
wc_Sha3 sha;
byte hash[WC_SHA3_384_DIGEST_SIZE];
@@ -3809,7 +4007,7 @@ static int sha3_384_test(void)
testVector a, b, c;
testVector test_sha[3];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
/*
@@ -3919,7 +4117,7 @@ exit:
#endif /* WOLFSSL_NOSHA3_384 */
#ifndef WOLFSSL_NOSHA3_512
-static int sha3_512_test(void)
+static wc_test_ret_t sha3_512_test(void)
{
wc_Sha3 sha;
byte hash[WC_SHA3_512_DIGEST_SIZE];
@@ -3927,7 +4125,7 @@ static int sha3_512_test(void)
testVector a, b, c;
testVector test_sha[3];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
/*
@@ -4020,9 +4218,9 @@ exit:
}
#endif /* WOLFSSL_NOSHA3_512 */
-WOLFSSL_TEST_SUBROUTINE int sha3_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha3_test(void)
{
- int ret;
+ wc_test_ret_t ret;
(void)ret;
@@ -4048,12 +4246,12 @@ WOLFSSL_TEST_SUBROUTINE int sha3_test(void)
#endif /* WOLFSSL_SHA3 */
#ifdef WOLFSSL_SHAKE128
-static int shake128_absorb_test(wc_Shake* sha, byte *large_input_buf,
+static wc_test_ret_t shake128_absorb_test(wc_Shake* sha, byte *large_input_buf,
size_t large_input_buf_size)
{
testVector a, b, c, d, e;
testVector test_sha[5];
- int ret = 0;
+ wc_test_ret_t ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
static const char large_digest[] =
@@ -4233,14 +4431,14 @@ exit:
return ret;
}
-WOLFSSL_TEST_SUBROUTINE int shake128_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake128_test(void)
{
wc_Shake sha;
byte hash[250];
testVector a, b, c, d, e;
testVector test_sha[5];
- int ret = 0;
+ wc_test_ret_t ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
#define SHAKE128_LARGE_INPUT_BUFSIZ 1024
@@ -4404,12 +4602,12 @@ exit:
#endif
#ifdef WOLFSSL_SHAKE256
-static int shake256_absorb_test(wc_Shake* sha, byte *large_input_buf,
+static wc_test_ret_t shake256_absorb_test(wc_Shake* sha, byte *large_input_buf,
size_t large_input_buf_size)
{
testVector a, b, c, d, e;
testVector test_sha[5];
- int ret = 0;
+ wc_test_ret_t ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
static const char large_digest[] =
@@ -4573,14 +4771,14 @@ exit:
return ret;
}
-WOLFSSL_TEST_SUBROUTINE int shake256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake256_test(void)
{
wc_Shake sha;
byte hash[250];
testVector a, b, c, d, e;
testVector test_sha[5];
- int ret = 0;
+ wc_test_ret_t ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
#define SHAKE256_LARGE_INPUT_BUFSIZ 1024
@@ -4740,8 +4938,170 @@ exit:
}
#endif
+#ifdef WOLFSSL_SM3
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm3_test(void)
+{
+ wc_Sm3 sm3, sm3Copy;
+ byte hash[WC_SM3_DIGEST_SIZE];
+ byte hashGet[WC_SM3_DIGEST_SIZE];
+ byte hashCopy[WC_SM3_DIGEST_SIZE];
+ wc_test_ret_t ret = 0;
+
+ testVector a, b, c;
+ testVector test_sm3[3];
+ int times = sizeof(test_sm3) / sizeof(struct testVector), i;
+
+ a.input = "";
+ a.output = "\x1a\xb2\x1d\x83\x55\xcf\xa1\x7f\x8e\x61\x19\x48\x31\xe8\x1a"
+ "\x8f\x22\xbe\xc8\xc7\x28\xfe\xfb\x74\x7e\xd0\x35\xeb\x50\x82"
+ "\xaa\x2b";
+ a.inLen = XSTRLEN(a.input);
+ a.outLen = WC_SM3_DIGEST_SIZE;
+
+ b.input = "abc";
+ b.output = "\x66\xc7\xf0\xf4\x62\xee\xed\xd9\xd1\xf2\xd4\x6b\xdc\x10\xe4"
+ "\xe2\x41\x67\xc4\x87\x5c\xf2\xf7\xa2\x29\x7d\xa0\x2b\x8f\x4b"
+ "\xa8\xe0";
+ b.inLen = XSTRLEN(b.input);
+ b.outLen = WC_SM3_DIGEST_SIZE;
+
+ c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+ c.output = "\x63\x9b\x6c\xc5\xe6\x4d\x9e\x37\xa3\x90\xb1\x92\xdf\x4f\xa1"
+ "\xea\x07\x20\xab\x74\x7f\xf6\x92\xb9\xf3\x8c\x4e\x66\xad\x7b"
+ "\x8c\x05";
+ c.inLen = XSTRLEN(c.input);
+ c.outLen = WC_SM3_DIGEST_SIZE;
+
+ test_sm3[0] = a;
+ test_sm3[1] = b;
+ test_sm3[2] = c;
+
+ ret = wc_InitSm3(&sm3, HEAP_HINT, devId);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_InitSm3(&sm3Copy, HEAP_HINT, devId);
+ if (ret != 0) {
+ wc_Sm3Free(&sm3);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Test all the KATs. */
+ for (i = 0; i < times; ++i) {
+ ret = wc_Sm3Update(&sm3, (byte*)test_sm3[i].input,
+ (word32)test_sm3[i].inLen);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ }
+ /* Get the final hash but leave ready for more updates. */
+ ret = wc_Sm3GetHash(&sm3, hashGet);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+
+ /* Make a copy of the hash. */
+ ret = wc_Sm3Copy(&sm3, &sm3Copy);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ /* Get the final hash with original. */
+ ret = wc_Sm3Final(&sm3, hash);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+
+ /* Get the final hash with copy. */
+ ret = wc_Sm3Final(&sm3Copy, hashCopy);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ /* Dispose of copy. */
+ wc_Sm3Free(&sm3Copy);
+
+ /* Check hashes match expected. */
+ if (XMEMCMP(hash, test_sm3[i].output, WC_SM3_DIGEST_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ if (XMEMCMP(hash, hashGet, WC_SM3_DIGEST_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ if (XMEMCMP(hash, hashCopy, WC_SM3_DIGEST_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ }
+
+#ifndef NO_LARGE_HASH_TEST
+ {
+ word32 sz;
+ byte large_input[1024];
+ #ifdef HASH_SIZE_LIMIT
+ const char* large_digest =
+ "\x6c\x42\x57\x64\x8e\x45\xf3\xb6\xc0\x83\xd3\x41\x83\x66\x51\xb4"
+ "\x50\xfe\x06\xb5\xb7\x1e\xd5\x0d\x41\xfc\x1e\xe5\xc6\x57\x95\x0f";
+
+ times = 20;
+ #else
+ const char* large_digest =
+ "\x34\x51\x3c\xde\x7c\x30\xb7\xc5\xaa\x97\x3b\xed\xb3\x16\xb9\x76"
+ "\x35\x46\x14\x80\x2a\x57\xca\xd9\x48\xf9\x93\xcc\x1f\xdd\xab\x79";
+
+ times = 100;
+ #endif
+
+ /* Set large input to something. */
+ for (i = 0; i < (int)sizeof(large_input); i++) {
+ large_input[i] = (byte)(i & 0xFF);
+ }
+
+ /* Hash a large number of times. */
+ for (i = 0; i < times; ++i) {
+ ret = wc_Sm3Update(&sm3, (byte*)large_input,
+ (word32)sizeof(large_input));
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ }
+ /* Calculate hash and compare to expected. */
+ ret = wc_Sm3Final(&sm3, hash);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit);
+ if (XMEMCMP(hash, large_digest, WC_SM3_DIGEST_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit);
+
+
+ /* Check updating with various sizes works. */
+ for (sz = 1; sz <= 64; sz++) {
+ /* Hash a large number of times. */
+ for (i = 0; i < times; ++i) {
+ word32 o;
+
+ /* Update sz bytes at a time from large input buffer. */
+ for (o = 0; o + sz <= (word32)sizeof(large_input); o += sz) {
+ ret = wc_Sm3Update(&sm3, (byte*)(large_input + o), sz);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(o), exit);
+ }
+ /* Check for left-overs. */
+ if (o < (word32)sizeof(large_input)) {
+ ret = wc_Sm3Update(&sm3, (byte*)(large_input + o),
+ (word32)sizeof(large_input) - o);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+ }
+ }
+
+ /* Calculate hash and compare to expected. */
+ ret = wc_Sm3Final(&sm3, hash);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(sz), exit);
+ if (XMEMCMP(hash, large_digest, WC_SM3_DIGEST_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_I(sz), exit);
+ }
+ }
+#endif /* NO_LARGE_HASH_TEST */
+
+exit:
+
+ wc_Sm3Free(&sm3);
+ wc_Sm3Free(&sm3Copy);
+
+ return ret;
+}
+#endif
+
#ifndef NO_HASH_WRAPPER
-WOLFSSL_TEST_SUBROUTINE int hash_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void)
{
wc_HashAlg hash;
int ret, exp_ret;
@@ -5050,7 +5410,7 @@ WOLFSSL_TEST_SUBROUTINE int hash_test(void)
#if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION >= 5))
-WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void)
{
Hmac hmac;
byte hash[WC_MD5_DIGEST_SIZE];
@@ -5065,7 +5425,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void)
testVector a, b, c;
testVector test_hmac[3];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@@ -5132,7 +5492,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void)
#endif /* !NO_HMAC && !NO_MD5 && (!HAVE_FIPS || (HAVE_FIPS_VERSION < 5)) */
#if !defined(NO_HMAC) && !defined(NO_SHA)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void)
{
Hmac hmac;
byte hash[WC_SHA_DIGEST_SIZE];
@@ -5149,7 +5509,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void)
testVector a, b, c;
testVector test_hmac[3];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@@ -5215,7 +5575,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void)
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void)
{
Hmac hmac;
byte hash[WC_SHA224_DIGEST_SIZE];
@@ -5237,7 +5597,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void)
testVector a, b, c, d;
testVector test_hmac[4];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@@ -5310,7 +5670,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void)
#if !defined(NO_HMAC) && !defined(NO_SHA256)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void)
{
Hmac hmac;
byte hash[WC_SHA256_DIGEST_SIZE];
@@ -5329,7 +5689,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
testVector a, b, c, d;
testVector test_hmac[4];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@@ -5404,7 +5764,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
#ifndef HAVE_FIPS
if ((ret = wc_HmacSizeByType(WC_SHA256)) != WC_SHA256_DIGEST_SIZE)
return WC_TEST_RET_ENC_EC(ret);
- if ((ret = wc_HmacSizeByType(20)) != BAD_FUNC_ARG)
+ if ((ret = wc_HmacSizeByType(21)) != BAD_FUNC_ARG)
return WC_TEST_RET_ENC_EC(ret);
#endif
if ((ret = wolfSSL_GetHmacMaxSize()) != WC_MAX_DIGEST_SIZE)
@@ -5416,7 +5776,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void)
{
Hmac hmac;
byte hash[WC_SHA384_DIGEST_SIZE];
@@ -5442,7 +5802,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void)
testVector a, b, c, d;
testVector test_hmac[4];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@@ -5523,7 +5883,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void)
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA512)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void)
{
Hmac hmac;
byte hash[WC_SHA512_DIGEST_SIZE];
@@ -5549,7 +5909,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void)
testVector a, b, c, d;
testVector test_hmac[4];
- int ret;
+ wc_test_ret_t ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@@ -5636,7 +5996,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void)
#if !defined(NO_HMAC) && defined(WOLFSSL_SHA3) && \
!defined(WOLFSSL_NOSHA3_224) && !defined(WOLFSSL_NOSHA3_256) && \
!defined(WOLFSSL_NOSHA3_384) && !defined(WOLFSSL_NOSHA3_512)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha3_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void)
{
Hmac hmac;
byte hash[WC_SHA3_512_DIGEST_SIZE];
@@ -5819,9 +6179,9 @@ typedef struct rc2TestVector {
int effectiveKeyBits; /* Up to 1024 bits supported */
} rc2TestVector;
-static int rc2_ecb_test(void)
+static wc_test_ret_t rc2_ecb_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte cipher[RC2_BLOCK_SIZE];
byte plain[RC2_BLOCK_SIZE];
@@ -5948,9 +6308,9 @@ static int rc2_ecb_test(void)
return 0;
}
-static int rc2_cbc_test(void)
+static wc_test_ret_t rc2_cbc_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte cipher[128];
byte plain[128];
@@ -6110,7 +6470,7 @@ static int rc2_cbc_test(void)
return WC_TEST_RET_ENC_NC;
}
- /* reset IV for decrypt, since overriden by encrypt operation */
+ /* reset IV for decrypt, since overridden by encrypt operation */
ret = wc_Rc2SetIV(&rc2, (byte*)test_rc2[j].iv);
if (ret != 0) {
return WC_TEST_RET_ENC_EC(ret);
@@ -6129,9 +6489,9 @@ static int rc2_cbc_test(void)
return 0;
}
-WOLFSSL_TEST_SUBROUTINE int rc2_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rc2_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
ret = rc2_ecb_test();
if (ret != 0) {
@@ -6144,11 +6504,11 @@ WOLFSSL_TEST_SUBROUTINE int rc2_test(void)
#ifndef NO_RC4
-WOLFSSL_TEST_SUBROUTINE int arc4_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t arc4_test(void)
{
byte cipher[16];
byte plain[16];
- int ret;
+ wc_test_ret_t ret;
const char* keys[] =
{
@@ -6232,7 +6592,7 @@ WOLFSSL_TEST_SUBROUTINE int arc4_test(void)
#endif
#ifdef HAVE_CHACHA
-WOLFSSL_TEST_SUBROUTINE int chacha_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha_test(void)
{
ChaCha enc;
ChaCha dec;
@@ -6241,7 +6601,7 @@ WOLFSSL_TEST_SUBROUTINE int chacha_test(void)
byte sliver[64];
byte input[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
word32 keySz = 32;
- int ret = 0;
+ wc_test_ret_t ret = 0;
int i;
int times = 4;
@@ -6618,9 +6978,9 @@ WOLFSSL_TEST_SUBROUTINE int chacha_test(void)
#ifdef HAVE_POLY1305
-WOLFSSL_TEST_SUBROUTINE int poly1305_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t poly1305_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int i;
byte tag[16];
Poly1305 enc;
@@ -6829,7 +7189,7 @@ WOLFSSL_TEST_SUBROUTINE int poly1305_test(void)
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha20_poly1305_aead_test(void)
{
/* Test #1 from Section 2.8.2 of draft-irtf-cfrg-chacha20-poly1305-10 */
/* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10 */
@@ -6994,7 +7354,7 @@ WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void)
byte generatedCiphertext[265]; /* max plaintext2/cipher2 */
byte generatedPlaintext[265]; /* max plaintext2/cipher2 */
byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
- int err;
+ wc_test_ret_t err;
ChaChaPoly_Aead aead;
@@ -7348,7 +7708,7 @@ WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void)
#ifndef NO_DES3
-WOLFSSL_TEST_SUBROUTINE int des_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
@@ -7379,7 +7739,7 @@ WOLFSSL_TEST_SUBROUTINE int des_test(void)
0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
};
- int ret;
+ wc_test_ret_t ret;
ret = wc_Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
if (ret != 0)
@@ -7443,7 +7803,7 @@ WOLFSSL_TEST_SUBROUTINE int des_test(void)
#ifndef NO_DES3
-WOLFSSL_TEST_SUBROUTINE int des3_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
@@ -7478,7 +7838,7 @@ WOLFSSL_TEST_SUBROUTINE int des3_test(void)
0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
};
- int ret;
+ wc_test_ret_t ret;
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
size_t i;
#endif
@@ -7592,7 +7952,7 @@ static const int fiducial1 = WC_TEST_RET_LN; /* source code reference point --
&& !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
/* pass in the function, key, iv, plain text and expected and this function
* tests that the encryption and decryption is successful */
-static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
+static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
const byte* iv, const byte* plain, int plainSz,
const byte* expected, int expectedSz)
{
@@ -7601,7 +7961,9 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
#else
EVP_CIPHER_CTX ctx[1];
#endif
- int idx, ret = 0, cipherSz;
+ int ctx_inited = 0;
+ int idx, cipherSz;
+ wc_test_ret_t ret = 0;
byte* cipher;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -7617,6 +7979,7 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
/* test encrypt */
EVP_CIPHER_CTX_init(ctx);
+ ctx_inited = 1;
if (EVP_CipherInit(ctx, type, key, iv, 1) == 0) {
ret = WC_TEST_RET_ENC_NC;
goto EVP_TEST_END;
@@ -7639,8 +8002,18 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
goto EVP_TEST_END;
}
+ ret = wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
+ ctx_inited = 0;
+ if (ret == WOLFSSL_SUCCESS)
+ ret = 0;
+ else {
+ ret = WC_TEST_RET_ENC_NC;
+ goto EVP_TEST_END;
+ }
+
/* test decrypt */
EVP_CIPHER_CTX_init(ctx);
+ ctx_inited = 1;
if (EVP_CipherInit(ctx, type, key, iv, 0) == 0) {
ret = WC_TEST_RET_ENC_NC;
goto EVP_TEST_END;
@@ -7667,6 +8040,13 @@ EVP_TEST_END:
if (cipher)
XFREE(cipher, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
(void)cipherSz;
+
+ if (ctx_inited) {
+ int cleanup_ret = wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
+ if (cleanup_ret != WOLFSSL_SUCCESS)
+ ret = WC_TEST_RET_ENC_NC;
+ }
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
wolfSSL_EVP_CIPHER_CTX_free(ctx);
#endif
@@ -7678,7 +8058,7 @@ EVP_TEST_END:
#ifdef WOLFSSL_AES_OFB
/* test vector from https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program/Block-Ciphers */
- WOLFSSL_TEST_SUBROUTINE int aesofb_test(void)
+ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesofb_test(void)
{
#ifdef WOLFSSL_AES_256
WOLFSSL_SMALL_STACK_STATIC const byte key1[] =
@@ -7775,7 +8155,7 @@ EVP_TEST_END:
#endif
byte plain [AES_BLOCK_SIZE * 4];
#endif
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
@@ -7802,6 +8182,14 @@ EVP_TEST_END:
}
#endif
+ ret = wc_AesInit(enc, HEAP_HINT, INVALID_DEVID);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+ ret = wc_AesInit(dec, HEAP_HINT, INVALID_DEVID);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
ret = wc_AesSetKey(enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -8044,7 +8432,7 @@ EVP_TEST_END:
#if defined(WOLFSSL_AES_CFB)
/* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation Methods an*/
- static int aescfb_test(void)
+ static wc_test_ret_t aescfb_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc = NULL;
@@ -8062,7 +8450,7 @@ EVP_TEST_END:
int dec_inited = 0;
byte plain [AES_BLOCK_SIZE * 4];
#endif
- int ret = 0;
+ wc_test_ret_t ret = 0;
WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
@@ -8369,7 +8757,7 @@ EVP_TEST_END:
}
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
- static int aescfb1_test(void)
+ static wc_test_ret_t aescfb1_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc = NULL;
@@ -8387,7 +8775,7 @@ EVP_TEST_END:
int dec_inited = 0;
byte plain [AES_BLOCK_SIZE];
#endif
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef WOLFSSL_AES_128
WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
@@ -8619,7 +9007,7 @@ EVP_TEST_END:
return ret;
}
- static int aescfb8_test(void)
+ static wc_test_ret_t aescfb8_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc = NULL;
@@ -8637,7 +9025,7 @@ EVP_TEST_END:
int dec_inited = 0;
byte plain [AES_BLOCK_SIZE];
#endif
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef WOLFSSL_AES_128
WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
@@ -8837,9 +9225,9 @@ EVP_TEST_END:
#endif /* WOLFSSL_AES_CFB */
-static int aes_key_size_test(void)
+static wc_test_ret_t aes_key_size_test(void)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *aes;
#else
@@ -8970,10 +9358,11 @@ static int aes_key_size_test(void)
return ret;
}
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
+
/* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */
#ifdef WOLFSSL_AES_128
-static int aes_xts_128_test(void)
+static wc_test_ret_t aes_xts_128_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XtsAes *aes = NULL;
@@ -8981,7 +9370,7 @@ static int aes_xts_128_test(void)
XtsAes aes[1];
#endif
int aes_inited = 0;
- int ret = 0;
+ wc_test_ret_t ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 2 + 8];
unsigned char cipher[AES_BLOCK_SIZE * 2 + 8];
@@ -9041,7 +9430,11 @@ static int aes_xts_128_test(void)
0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22
};
-#if !defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)
+ WOLFSSL_SMALL_STACK_STATIC unsigned char cp2[] = {
+ 0x2b, 0xf7, 0x2c, 0xf3, 0xeb, 0x85, 0xef, 0x7b,
+ 0x0b, 0x76, 0xa0, 0xaa, 0xf3, 0x3f, 0x25, 0x8b,
+ 0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a
+ };
WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = {
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
@@ -9068,8 +9461,6 @@ static int aes_xts_128_test(void)
0xB5, 0x5A, 0xDD, 0xCB, 0x80, 0xE0, 0xFC, 0xCD
};
-#endif /* !HAVE_FIPS || FIPS_VERSION_GE(5,3) */
-
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
@@ -9085,27 +9476,41 @@ static int aes_xts_128_test(void)
#endif
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
else
aes_inited = 1;
+ ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+ ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(c2, buf, sizeof(c2)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(c2, buf, sizeof(c2)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
XMEMSET(buf, 0, sizeof(buf));
- wc_AesXtsFree(aes);
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
@@ -9117,6 +9522,19 @@ static int aes_xts_128_test(void)
if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
/* partial block encryption test */
XMEMSET(cipher, 0, sizeof(cipher));
ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
@@ -9125,12 +9543,26 @@ static int aes_xts_128_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- wc_AesXtsFree(aes);
+ if (XMEMCMP(cp2, cipher, sizeof(cp2)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ XMEMSET(cipher, 0, sizeof(cipher));
+ ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(cp2, cipher, sizeof(cp2)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
/* partial block decrypt test */
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
@@ -9142,6 +9574,20 @@ static int aes_xts_128_test(void)
if (XMEMCMP(pp, buf, sizeof(pp)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ XMEMSET(buf, 0, sizeof(buf));
+ ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(pp, buf, sizeof(pp)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
/* NIST decrypt test vector */
XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1));
@@ -9153,6 +9599,20 @@ static int aes_xts_128_test(void)
if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ XMEMSET(buf, 0, sizeof(buf));
+ ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
/* fail case with decrypting using wrong key */
XMEMSET(buf, 0, sizeof(buf));
ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@@ -9164,12 +9624,9 @@ static int aes_xts_128_test(void)
if (XMEMCMP(p2, buf, sizeof(p2)) == 0) /* fail case with wrong key */
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
-
/* set correct key and retest */
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@@ -9181,18 +9638,11 @@ static int aes_xts_128_test(void)
if (XMEMCMP(p2, buf, sizeof(p2)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
-
-#if !defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)
-
/* Test ciphertext stealing in-place. */
XMEMCPY(buf, p3, sizeof(p3));
- ret = wc_AesXtsSetKey(aes, k3, sizeof(k3), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- else
- aes_inited = 1;
ret = wc_AesXtsEncrypt(aes, buf, buf, sizeof(p3), i3, sizeof(i3));
#if defined(WOLFSSL_ASYNC_CRYPT)
@@ -9203,10 +9653,7 @@ static int aes_xts_128_test(void)
if (XMEMCMP(c3, buf, sizeof(c3)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
-
- ret = wc_AesXtsSetKey(aes, k3, sizeof(k3), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, buf, sizeof(c3), i3, sizeof(i3));
@@ -9218,7 +9665,61 @@ static int aes_xts_128_test(void)
if (XMEMCMP(p3, buf, sizeof(p3)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-#endif /* !HAVE_FIPS || FIPS_VERSION_GE(5,3) */
+#if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \
+ !defined(WOLFSSL_AFALG)
+ {
+ #define LARGE_XTS_SZ 1024
+ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ byte* large_input = (byte *)XMALLOC(LARGE_XTS_SZ, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ #else
+ byte large_input[LARGE_XTS_SZ];
+ #endif
+ int i;
+ int j;
+ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ if (large_input == NULL)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out);
+ #endif
+
+ for (i = 0; i < (int)LARGE_XTS_SZ; i++)
+ large_input[i] = (byte)i;
+
+ for (j = 16; j < (int)LARGE_XTS_SZ; j++) {
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1,
+ sizeof(i1));
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1,
+ sizeof(i1));
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ for (i = 0; i < j; i++) {
+ if (large_input[i] != (byte)i) {
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ }
+ }
+ }
+ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ XFREE(large_input, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ #endif
+ }
+#endif /* !BENCH_EMBEDDED && !HAVE_CAVIUM &&
+ * !WOLFSSL_AFALG
+ */
out:
@@ -9236,7 +9737,7 @@ static int aes_xts_128_test(void)
#ifdef WOLFSSL_AES_256
-static int aes_xts_256_test(void)
+static wc_test_ret_t aes_xts_256_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XtsAes *aes = NULL;
@@ -9244,7 +9745,7 @@ static int aes_xts_256_test(void)
XtsAes aes[1];
#endif
int aes_inited = 0;
- int ret = 0;
+ wc_test_ret_t ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 3];
unsigned char cipher[AES_BLOCK_SIZE * 3];
@@ -9334,13 +9835,17 @@ static int aes_xts_256_test(void)
}
#endif
- XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
else
aes_inited = 1;
+
+ XMEMSET(buf, 0, sizeof(buf));
+ ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2));
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -9349,11 +9854,9 @@ static int aes_xts_256_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(c2, buf, sizeof(c2)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
@@ -9373,12 +9876,10 @@ static int aes_xts_256_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- wc_AesXtsFree(aes);
/* partial block decrypt test */
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
@@ -9400,11 +9901,9 @@ static int aes_xts_256_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@@ -9433,7 +9932,7 @@ static int aes_xts_256_test(void)
#if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256)
/* both 128 and 256 bit key test */
-static int aes_xts_sector_test(void)
+static wc_test_ret_t aes_xts_sector_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XtsAes *aes = NULL;
@@ -9441,7 +9940,7 @@ static int aes_xts_sector_test(void)
XtsAes aes[1];
#endif
int aes_inited = 0;
- int ret = 0;
+ wc_test_ret_t ret = 0;
unsigned char buf[AES_BLOCK_SIZE * 2];
/* 128 key tests */
@@ -9490,18 +9989,140 @@ static int aes_xts_sector_test(void)
};
word64 s2 = 187;
+#if !defined(BENCH_EMBEDDED) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+ /* Sector size for encrypt/decrypt consecutive sectors testcase */
+ word32 sectorSz = 512;
+
+ unsigned char data[550];
+
+ WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = {
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+ 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC unsigned char p3[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
+ 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
+ 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53,
+ 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
+ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
+ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x81, 0x82, 0x83,
+ 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
+ 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3,
+ 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb,
+ 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3,
+ 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
+ 0xfc, 0xfd, 0xfe, 0xff,
+
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
+ 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
+ 0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+ 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53,
+ 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
+ 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
+ 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
+ 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x81, 0x82, 0x83,
+ 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+ 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
+ 0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+ 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3,
+ 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+ 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb,
+ 0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+ 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3,
+ 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
+ 0xfc, 0xfd, 0xfe, 0xff,
+
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC unsigned char c3[] = {
+ 0xb9, 0x6b, 0x2b, 0xfd, 0x61, 0x87, 0x84, 0xd5, 0x26, 0xd2, 0x8c, 0x62,
+ 0x63, 0x01, 0xca, 0x46, 0xb1, 0x82, 0xfa, 0xdc, 0xbc, 0x32, 0x18, 0xe9,
+ 0xda, 0xe6, 0xda, 0xd1, 0x1a, 0x52, 0x77, 0xca, 0xdb, 0x0e, 0xbe, 0x37,
+ 0x88, 0x36, 0x1c, 0x87, 0x16, 0x60, 0xfe, 0xa8, 0x9e, 0xf6, 0x48, 0x64,
+ 0x94, 0x34, 0x64, 0xed, 0xf6, 0x9a, 0xc5, 0x28, 0xc9, 0xed, 0x64, 0x80,
+ 0x85, 0xd8, 0x93, 0xa7, 0x50, 0xb1, 0x9d, 0x2f, 0x1e, 0x34, 0xcc, 0xb4,
+ 0x03, 0xfb, 0x6b, 0x43, 0x21, 0xa8, 0x5b, 0xc6, 0x59, 0x13, 0xd2, 0xb5,
+ 0xf5, 0x7b, 0xf6, 0xb2, 0xa4, 0x7a, 0xd2, 0x50, 0x26, 0xcb, 0xa4, 0x83,
+ 0xc3, 0x56, 0xb0, 0xb1, 0x14, 0x34, 0x12, 0x1b, 0xea, 0x26, 0x97, 0x24,
+ 0x54, 0xcc, 0x32, 0x4c, 0xa4, 0xc2, 0xa3, 0x07, 0xfa, 0x30, 0xa9, 0xf0,
+ 0x91, 0x17, 0x60, 0x68, 0x88, 0x7f, 0x34, 0x7e, 0xbd, 0x20, 0x33, 0x95,
+ 0x6e, 0xc0, 0xb6, 0x2b, 0xff, 0x7e, 0x61, 0x35, 0x9a, 0x88, 0xff, 0xd9,
+ 0x69, 0x21, 0xe7, 0x8f, 0x45, 0x02, 0xf9, 0xd7, 0xeb, 0xa6, 0x53, 0xf1,
+ 0x73, 0x04, 0xf1, 0x0b, 0x85, 0xc6, 0x1f, 0x4a, 0x51, 0x2f, 0x95, 0x87,
+ 0x5a, 0x67, 0x37, 0xb2, 0x87, 0xf7, 0xbe, 0x2a, 0x17, 0x57, 0xca, 0xfc,
+ 0xdd, 0x5f, 0x37, 0x48, 0x78, 0xbd, 0xfa, 0x75, 0xc9, 0xfa, 0x86, 0x7e,
+ 0xc4, 0x0f, 0x60, 0x85, 0xce, 0x12, 0x44, 0x7c, 0xd9, 0xb2, 0x50, 0xd9,
+ 0x57, 0x85, 0xa5, 0xd7, 0x68, 0x59, 0x03, 0x09, 0x97, 0x2e, 0x8e, 0xa5,
+ 0xe3, 0x98, 0xac, 0x16, 0xfb, 0x6d, 0x54, 0xc5, 0x5d, 0x7a, 0x33, 0x44,
+ 0x0a, 0x39, 0x91, 0xcc, 0x9f, 0x67, 0xf9, 0x89, 0xbb, 0x62, 0x02, 0xc4,
+ 0x22, 0xec, 0xcf, 0x97, 0x69, 0x81, 0x3d, 0x00, 0xfd, 0xeb, 0x55, 0x08,
+ 0xa2, 0xff, 0x97, 0xaa, 0x79, 0xde, 0x3c, 0x8a, 0x78, 0x71, 0x73, 0xa2,
+ 0x98, 0x2f, 0xd8, 0x5c, 0x62, 0x1c, 0x5c, 0x23, 0x0a, 0xd1, 0xf1, 0x81,
+ 0x8a, 0x12, 0xe7, 0x4d, 0xdd, 0x4f, 0xd4, 0xf1, 0xe8, 0x0f, 0x25, 0x79,
+ 0x45, 0x4a, 0x49, 0x49, 0x7e, 0x56, 0x91, 0x4e, 0xaa, 0xba, 0x18, 0xe1,
+ 0xe4, 0xbe, 0x21, 0xdc, 0x58, 0x60, 0x6f, 0x6a, 0x7f, 0xdc, 0x5e, 0x74,
+ 0x47, 0xbf, 0xeb, 0x84, 0xc4, 0x1e, 0x5a, 0x61, 0x64, 0xc8, 0x63, 0x68,
+ 0xfa, 0x17, 0x9c, 0xac, 0x60, 0x1c, 0xa5, 0x6e, 0x00, 0x21, 0x93, 0x3c,
+ 0xd7, 0xbb, 0x73, 0x45, 0xf7, 0x34, 0x81, 0x6c, 0xfa, 0xf2, 0x33, 0xfd,
+ 0xb1, 0x40, 0x30, 0x6b, 0x30, 0xd1, 0x83, 0x5e, 0x2e, 0x7a, 0xce, 0xa6,
+ 0x12, 0x2a, 0x15, 0x03, 0x78, 0x29, 0xb9, 0x07, 0xae, 0xe7, 0xc2, 0x78,
+ 0x74, 0x72, 0xa5, 0x0e, 0x6b, 0x1f, 0x78, 0xf2, 0x5a, 0x69, 0xb6, 0x2b,
+ 0x99, 0x94, 0x1f, 0x89, 0xd1, 0x21, 0x14, 0x4a, 0x54, 0xab, 0x5a, 0x9f,
+ 0xaa, 0xa7, 0x96, 0x0a, 0x21, 0xce, 0x30, 0xb6, 0x70, 0x81, 0xe9, 0xd3,
+ 0x71, 0xc0, 0xf1, 0x15, 0xe2, 0xf6, 0xd3, 0xcc, 0x41, 0x15, 0x9d, 0xd5,
+ 0xa3, 0xa4, 0xe0, 0xf8, 0x62, 0xc4, 0x76, 0x65, 0x63, 0x89, 0xa7, 0xe2,
+ 0xfb, 0xf5, 0xc9, 0x80, 0x15, 0x5b, 0xc1, 0x59, 0xb2, 0xd0, 0x01, 0x3a,
+ 0xf9, 0xab, 0x5b, 0x79, 0x54, 0xed, 0x6b, 0xf9, 0x1d, 0x9d, 0x87, 0x63,
+ 0x80, 0x4f, 0xec, 0x9c, 0x4f, 0xad, 0x97, 0x04, 0xff, 0x62, 0x4a, 0x17,
+ 0xc0, 0x09, 0x2a, 0x2c, 0x23, 0x4b, 0xc3, 0xb6, 0x6d, 0xed, 0xdb, 0x1a,
+ 0x6f, 0x56, 0x2b, 0x78, 0x92, 0x3a, 0x5c, 0x7f, 0xb2, 0x63, 0xd3, 0xd5,
+ 0x1a, 0xbe, 0xc2, 0x34, 0xc8, 0xad, 0x36, 0xb7, 0x12, 0xb8, 0xe1, 0xb7,
+ 0x52, 0x7f, 0x16, 0x84, 0x2c, 0x47, 0x7e, 0xf2, 0xa5, 0x36, 0x2e, 0xad,
+ 0xe7, 0xbb, 0xc0, 0x6f, 0x27, 0x8e, 0x41, 0x08, 0x75, 0xe5, 0xff, 0xde,
+ 0x08, 0x9f, 0x8c, 0x91, 0xba, 0xc9, 0x9d, 0x9f, 0x27, 0x90, 0x50, 0x44,
+ 0x24, 0xe7, 0x3d, 0x6f
+ };
+
+ word64 s3 = 0x000000ffffffffff;
+#endif
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
#endif
- XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
else
aes_inited = 1;
+
+ XMEMSET(buf, 0, sizeof(buf));
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
ret = wc_AesXtsEncryptSector(aes, buf, p1, sizeof(p1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -9510,12 +10131,10 @@ static int aes_xts_sector_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
/* decrypt test */
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptSector(aes, buf, c1, sizeof(c1), s1);
@@ -9526,12 +10145,10 @@ static int aes_xts_sector_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
/* 256 bit key tests */
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsEncryptSector(aes, buf, p2, sizeof(p2), s2);
@@ -9542,12 +10159,10 @@ static int aes_xts_sector_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(c2, buf, sizeof(c2)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
/* decrypt test */
XMEMSET(buf, 0, sizeof(buf));
- ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptSector(aes, buf, c2, sizeof(c2), s2);
@@ -9559,7 +10174,41 @@ static int aes_xts_sector_test(void)
if (XMEMCMP(p2, buf, sizeof(p2)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- out:
+#if !defined(BENCH_EMBEDDED) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+ /* encrypt consecutive sectors test */
+ XMEMSET(data, 0, sizeof(buf));
+ ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ ret = wc_AesXtsEncryptConsecutiveSectors(aes, data, p3,
+ sizeof(p3), s3, sectorSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(c3, data, sizeof(c3)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+ /* decrypt consecutive sectors test */
+ XMEMSET(data, 0, sizeof(buf));
+ ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_DECRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ ret = wc_AesXtsDecryptConsecutiveSectors(aes, data, c3,
+ sizeof(c3), s3, sectorSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(p3, data, sizeof(p3)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+#endif /* !BENCH_EMBEDDED && (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) */
+
+out:
if (aes_inited)
wc_AesXtsFree(aes);
@@ -9576,7 +10225,7 @@ static int aes_xts_sector_test(void)
#ifdef WOLFSSL_AES_128
/* testing of bad arguments */
-static int aes_xts_args_test(void)
+static wc_test_ret_t aes_xts_args_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XtsAes *aes = NULL;
@@ -9584,7 +10233,7 @@ static int aes_xts_args_test(void)
XtsAes aes[1];
#endif
int aes_inited = 0;
- int ret;
+ wc_test_ret_t ret;
unsigned char buf[AES_BLOCK_SIZE * 2];
/* 128 key tests */
@@ -9611,20 +10260,22 @@ static int aes_xts_args_test(void)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
#endif
- if (wc_AesXtsSetKey(NULL, k1, sizeof(k1), AES_ENCRYPTION,
- HEAP_HINT, devId) == 0)
+ ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ else
+ aes_inited = 1;
+
+ if (wc_AesXtsSetKeyNoInit(NULL, k1, sizeof(k1), AES_ENCRYPTION) == 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- if (wc_AesXtsSetKey(aes, NULL, sizeof(k1), AES_ENCRYPTION,
- HEAP_HINT, devId) == 0)
+ if (wc_AesXtsSetKeyNoInit(aes, NULL, sizeof(k1), AES_ENCRYPTION) == 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
/* encryption operations */
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- else
- aes_inited = 1;
+
ret = wc_AesXtsEncryptSector(NULL, buf, p1, sizeof(p1), s1);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -9638,11 +10289,9 @@ static int aes_xts_args_test(void)
#endif
if (ret == 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesXtsFree(aes);
/* decryption operations */
- ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
- HEAP_HINT, devId);
+ ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1);
@@ -9674,14 +10323,14 @@ static int aes_xts_args_test(void)
return ret;
}
#endif /* WOLFSSL_AES_128 */
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!HAVE_FIPS || FIPS_VERSION_GE(5,3)) */
#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
-static int aes_cbc_test(void)
+static wc_test_ret_t aes_cbc_test(void)
{
byte cipher[AES_BLOCK_SIZE];
byte plain[AES_BLOCK_SIZE];
- int ret;
+ wc_test_ret_t ret;
WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
@@ -9722,7 +10371,7 @@ static int aes_cbc_test(void)
#endif
#if defined(HAVE_AES_ECB) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-static int aesecb_test(void)
+static wc_test_ret_t aesecb_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES);
@@ -9740,7 +10389,7 @@ static int aesecb_test(void)
int dec_inited = 0;
byte plain [AES_BLOCK_SIZE * 4];
#endif /* HAVE_AES_DECRYPT */
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if defined(WOLFSSL_AES_256)
{
@@ -9784,17 +10433,83 @@ static int aesecb_test(void)
if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesEcbEncrypt(enc, cipher, niPlain, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ ret = wc_AesEcbEncrypt(enc, cipher, niPlain, AES_BLOCK_SIZE);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesEcbEncrypt(enc, cipher, niPlain, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
XMEMSET(plain, 0, AES_BLOCK_SIZE);
ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE) != 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- }
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+ ret = wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+ ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+ }
out:
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -9826,9 +10541,9 @@ static int aesecb_test(void)
#endif /* HAVE_AES_ECB */
#ifdef WOLFSSL_AES_COUNTER
-static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
+static wc_test_ret_t aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
/* test vectors from "Recommendation for Block Cipher Modes of
* Operation" NIST Special Publication 800-38A */
@@ -10402,7 +11117,84 @@ static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
testVec[i].iv, AES_ENCRYPTION);
if (ret != 0) {
- ERROR_OUT(WC_TEST_RET_ENC_EC(i), out);
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+ }
+
+ ret = wc_AesCtrEncrypt(enc, cipher, testVec[i].plain, testVec[i].len);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+ ret = wc_AesCtrEncrypt(dec, plain, cipher, testVec[i].len);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+
+ if (XMEMCMP(plain, ctrPlain, testVec[i].len)) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+#if !(FIPS_VERSION_EQ(2,0) && defined(WOLFSSL_ARMASM))
+ if (XMEMCMP(cipher, testVec[i].cipher, testVec[i].len)) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+#endif
+ }
+
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ for (i = 0; i < AES_CTR_TEST_LEN; i++) {
+ if (testVec[i].key != NULL) {
+ ret = wc_AesSetKeyDirect(enc, testVec[i].key, testVec[i].keySz,
+ testVec[i].iv, AES_ENCRYPTION);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+ /* Ctr only uses encrypt, even on key setup */
+ ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
+ testVec[i].iv, AES_ENCRYPTION);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+ }
+
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesCtrEncrypt(enc, cipher, testVec[i].plain, testVec[i].len);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesCtrEncrypt(dec, plain, cipher, testVec[i].len);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+
+ if (XMEMCMP(plain, ctrPlain, testVec[i].len)) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+#if !(FIPS_VERSION_EQ(2,0) && defined(WOLFSSL_ARMASM))
+ if (XMEMCMP(cipher, testVec[i].cipher, testVec[i].len)) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+#endif
+ }
+
+ for (i = 0; i < AES_CTR_TEST_LEN; i++) {
+ if (testVec[i].key != NULL) {
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesSetKeyDirect(enc, testVec[i].key, testVec[i].keySz,
+ testVec[i].iv, AES_ENCRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+ }
+ /* Ctr only uses encrypt, even on key setup */
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
+ testVec[i].iv, AES_ENCRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0) {
+ ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
}
}
@@ -10425,13 +11217,16 @@ static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
#endif
}
+#endif /* DEBUG_VECTOR_REGISTER_ACCESS && WC_AES_C_DYNAMIC_FALLBACK */
+
+
out:
return ret;
}
#endif /* WOLFSSL_AES_COUNTER */
-WOLFSSL_TEST_SUBROUTINE int aes_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
{
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10451,7 +11246,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
byte plain [AES_BLOCK_SIZE * 4];
#endif /* HAVE_AES_DECRYPT */
#endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER || WOLFSSL_AES_DIRECT */
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef HAVE_AES_CBC
#ifdef WOLFSSL_AES_128
@@ -10466,8 +11261,13 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
};
-
- WOLFSSL_SMALL_STACK_STATIC const byte key[] = "0123456789abcdef "; /* align */
+ #ifdef HAVE_RENESAS_SYNC
+ const byte *key =
+ (byte*)guser_PKCbInfo.wrapped_key_aes128;
+ #else
+ WOLFSSL_SMALL_STACK_STATIC const
+ byte key[] = "0123456789abcdef "; /* align */
+ #endif
WOLFSSL_SMALL_STACK_STATIC const byte iv[] = "1234567890abcdef "; /* align */
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10501,6 +11301,35 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif
+#ifdef HAVE_AES_ECB
+ {
+ WOLFSSL_SMALL_STACK_STATIC const byte verify_ecb[AES_BLOCK_SIZE] = {
+ 0xd0, 0xc9, 0xd9, 0xc9, 0x40, 0xe8, 0x97, 0xb6,
+ 0xc8, 0x8c, 0x33, 0x3b, 0xb5, 0x8f, 0x85, 0xd1
+ };
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4);
+ ret = wc_AesEcbEncrypt(enc, cipher, msg, AES_BLOCK_SIZE);
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(cipher, verify_ecb, AES_BLOCK_SIZE))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ #ifdef HAVE_AES_DECRYPT
+ XMEMSET(plain, 0, AES_BLOCK_SIZE * 4);
+ ret = wc_AesEcbDecrypt(dec, plain, cipher, AES_BLOCK_SIZE);
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ #endif /* HAVE_AES_DECRYPT */
+ }
+#endif
+
XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4);
ret = wc_AesCbcEncrypt(enc, cipher, msg, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
@@ -10520,8 +11349,11 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
+ /* skipped because wrapped key use in case of renesas sm */
+ #ifndef HAVE_RENESAS_SYNC
if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ #endif
#endif /* WOLFSSL_AES_128 */
#if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT)
@@ -10641,6 +11473,57 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
break;
}
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ /* Iterate from one AES_BLOCK_SIZE of bigMsg through the whole
+ * message by AES_BLOCK_SIZE for each size of AES key. */
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ for (keySz = 16; keySz <= 32; keySz += 8) {
+ for (msgSz = AES_BLOCK_SIZE;
+ msgSz <= sizeof(bigMsg);
+ msgSz += AES_BLOCK_SIZE) {
+
+ XMEMSET(bigCipher, 0, sizeof(bigMsg));
+ XMEMSET(bigPlain, 0, sizeof(bigMsg));
+ ret = wc_AesSetKey(enc, bigKey, keySz, iv, AES_ENCRYPTION);
+ if (ret != 0) {
+ ret = WC_TEST_RET_ENC_EC(ret);
+ break;
+ }
+ ret = wc_AesSetKey(dec, bigKey, keySz, iv, AES_DECRYPTION);
+ if (ret != 0) {
+ ret = WC_TEST_RET_ENC_EC(ret);
+ break;
+ }
+
+ ret = wc_AesCbcEncrypt(enc, bigCipher, bigMsg, msgSz);
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret != 0) {
+ ret = WC_TEST_RET_ENC_EC(ret);
+ break;
+ }
+
+ ret = wc_AesCbcDecrypt(dec, bigPlain, bigCipher, msgSz);
+ #if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+ #endif
+ if (ret != 0) {
+ ret = WC_TEST_RET_ENC_EC(ret);
+ break;
+ }
+
+ if (XMEMCMP(bigPlain, bigMsg, msgSz)) {
+ ret = WC_TEST_RET_ENC_NC;
+ break;
+ }
+ }
+ if (ret != 0)
+ break;
+ }
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+#endif /* DEBUG_VECTOR_REGISTER_ACCESS && WC_AES_C_DYNAMIC_FALLBACK */
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(bigCipher, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(bigPlain, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -10652,7 +11535,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
#endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */
/* Test of AES IV state with encrypt/decrypt */
-#ifdef WOLFSSL_AES_128
+#if defined(WOLFSSL_AES_128) && !defined(HAVE_RENESAS_SYNC)
{
/* Test Vector from "NIST Special Publication 800-38A, 2001 Edition"
* https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38a.pdf
@@ -10692,9 +11575,10 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ #ifndef HAVE_RENESAS_SYNC
if (XMEMCMP(cipher, verify2, AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-
+ #endif
ret = wc_AesCbcEncrypt(enc, cipher + AES_BLOCK_SIZE,
msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
#if defined(WOLFSSL_ASYNC_CRYPT)
@@ -10733,7 +11617,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
#endif /* HAVE_AES_DECRYPT */
}
-#endif /* WOLFSSL_AES_128 */
+#endif /* WOLFSSL_AES_128 && !HAVE_RENESAS_SYNC */
#endif /* HAVE_AES_CBC */
#ifdef WOLFSSL_AES_COUNTER
@@ -10800,17 +11684,20 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
}
#endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
+#ifndef HAVE_RENESAS_SYNC
ret = aes_key_size_test();
if (ret != 0)
goto out;
+#endif
-#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) && \
+ !defined(HAVE_RENESAS_SYNC)
ret = aes_cbc_test();
if (ret != 0)
goto out;
#endif
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
#ifdef WOLFSSL_AES_128
ret = aes_xts_128_test();
if (ret != 0)
@@ -10887,7 +11774,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
}
#ifdef WOLFSSL_AES_192
-WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
{
#ifdef HAVE_AES_CBC
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10905,7 +11792,7 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
byte plain[AES_BLOCK_SIZE];
#endif
#endif /* HAVE_AES_CBC */
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef HAVE_AES_CBC
/* Test vectors from NIST Special Publication 800-38A, 2001 Edition
@@ -10966,6 +11853,9 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
#ifdef HAVE_AES_DECRYPT
XMEMSET(plain, 0, AES_BLOCK_SIZE);
ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
@@ -10979,9 +11869,6 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
}
#endif
- if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
- ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-
wc_AesFree(enc);
#ifdef HAVE_AES_DECRYPT
wc_AesFree(dec);
@@ -11003,7 +11890,7 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
-WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
{
#ifdef HAVE_AES_CBC
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -11021,7 +11908,7 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
byte plain[AES_BLOCK_SIZE];
#endif
#endif /* HAVE_AES_CBC */
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef HAVE_AES_CBC
/* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
@@ -11036,13 +11923,19 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6
};
-
+#ifdef HAVE_RENESAS_SYNC
+ byte *key =
+ (byte*)guser_PKCbInfo.wrapped_key_aes256;
+ int keySz = (256/8);
+#else
WOLFSSL_SMALL_STACK_STATIC byte key[] = {
0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
};
+ int keySz = (int)sizeof(key);
+#endif
WOLFSSL_SMALL_STACK_STATIC byte iv[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
@@ -11066,11 +11959,11 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif
- ret = wc_AesSetKey(enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
+ ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#ifdef HAVE_AES_DECRYPT
- ret = wc_AesSetKey(dec, key, (int) sizeof(key), iv, AES_DECRYPTION);
+ ret = wc_AesSetKey(dec, key, keySz, iv, AES_DECRYPTION);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif
@@ -11094,15 +11987,102 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
}
#endif
+#ifndef HAVE_RENESAS_SYNC
+ if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+ wc_AesFree(enc);
+#ifdef HAVE_AES_DECRYPT
+ wc_AesFree(dec);
+#endif
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+ ret = wc_AesSetKey(dec, key, keySz, iv, AES_DECRYPTION);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#endif
+
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ }
+#endif
+#ifndef HAVE_RENESAS_SYNC
if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
wc_AesFree(enc);
#ifdef HAVE_AES_DECRYPT
wc_AesFree(dec);
#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesSetKey(dec, key, keySz, iv, AES_DECRYPTION);
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#endif
+
+ XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+ ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+ XMEMSET(plain, 0, AES_BLOCK_SIZE);
+ ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ }
+#endif
+#ifndef HAVE_RENESAS_SYNC
+ if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
+ wc_AesFree(enc);
+#ifdef HAVE_AES_DECRYPT
+ wc_AesFree(dec);
+#endif
+
+#endif
+
out:
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (enc)
@@ -11122,11 +12102,12 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
-static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
+static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
byte* plain, int plainSz, byte* cipher, int cipherSz,
byte* aad, int aadSz, byte* tag, int tagSz)
{
- int ret, enc_inited = 0, dec_inited = 0;
+ wc_test_ret_t ret;
+ int enc_inited = 0, dec_inited = 0;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc = NULL;
Aes *dec = NULL;
@@ -11168,7 +12149,6 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
ret = wc_AesGcmEncrypt(enc, resultC, plain, plainSz, iv, ivSz,
resultT, tagSz, aad, aadSz);
-
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@@ -11181,6 +12161,23 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
if (XMEMCMP(tag, resultT, tagSz))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesGcmEncrypt(enc, resultC, plain, plainSz, iv, ivSz,
+ resultT, tagSz, aad, aadSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (cipher != NULL) {
+ if (XMEMCMP(cipher, resultC, cipherSz))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ }
+ if (XMEMCMP(tag, resultT, tagSz))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
#ifdef HAVE_AES_DECRYPT
ret = wc_AesGcmSetKey(dec, key, keySz);
@@ -11199,6 +12196,22 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
}
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+ ret = wc_AesGcmDecrypt(dec, resultP, resultC, cipherSz,
+ iv, ivSz, resultT, tagSz, aad, aadSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (plain != NULL) {
+ if (XMEMCMP(plain, resultP, plainSz))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ }
+#endif
+
#endif /* HAVE_AES_DECRYPT */
ret = 0;
@@ -11231,7 +12244,7 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
/* tests that only use 12 byte IV and 16 or less byte AAD
* test vectors are from NIST SP 800-38D
* https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES*/
-WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_default_test(void)
{
#ifdef WOLFSSL_AES_128
byte key1[] = {
@@ -11308,7 +12321,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void)
0x11, 0x64, 0xb2, 0xff
};
- int ret;
+ wc_test_ret_t ret;
ret = aesgcm_default_test_helper(key1, sizeof(key1), iv1, sizeof(iv1),
plain1, sizeof(plain1), cipher1, sizeof(cipher1),
aad1, sizeof(aad1), tag1, sizeof(tag1));
@@ -11332,7 +12345,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void)
return 0;
}
-WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc = NULL;
@@ -11369,6 +12382,10 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
#endif
#ifdef WOLFSSL_AES_256
+#ifdef HAVE_RENESAS_SYNC
+ const byte *k1 = (byte*)guser_PKCbInfo.wrapped_key_aes256;
+ int k1Sz = (int)(256/8);
+#else
WOLFSSL_SMALL_STACK_STATIC const byte k1[] =
{
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
@@ -11376,7 +12393,8 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
};
-
+ int k1Sz = (int)sizeof(k1);
+#endif
WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
{
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
@@ -11462,11 +12480,18 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
0x8e, 0x1a, 0xa2, 0x3b, 0x77, 0xcb, 0xaf, 0xe2
};
+#ifdef HAVE_RENESAS_SYNC
+ const byte *k3 =
+ (byte*)guser_PKCbInfo.wrapped_key_aes128;
+ int k3Sz = (int)(128/8);
+#else
WOLFSSL_SMALL_STACK_STATIC const byte k3[] =
{
0xbb, 0x01, 0xd7, 0x03, 0x81, 0x1c, 0x10, 0x1a,
0x35, 0xe0, 0xff, 0xd2, 0x91, 0xba, 0xf2, 0x4b
};
+ int k3Sz = (int)sizeof(k3);
+#endif
WOLFSSL_SMALL_STACK_STATIC const byte iv3[] =
{
@@ -11499,7 +12524,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
byte resultT[sizeof(t1) + AES_BLOCK_SIZE];
byte resultP[sizeof(p) + AES_BLOCK_SIZE];
byte resultC[sizeof(p) + AES_BLOCK_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef WOLFSSL_AES_256
#if !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC))
int alen;
@@ -11557,7 +12582,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#ifdef WOLFSSL_AES_256
- ret = wc_AesGcmSetKey(enc, k1, sizeof(k1));
+ ret = wc_AesGcmSetKey(enc, k1, k1Sz);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -11569,13 +12594,15 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifndef HAVE_RENESAS_SYNC
if (XMEMCMP(c1, resultC, sizeof(c1)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
if (XMEMCMP(t1, resultT, sizeof(t1)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
#ifdef HAVE_AES_DECRYPT
- ret = wc_AesGcmSetKey(dec, k1, sizeof(k1));
+ ret = wc_AesGcmSetKey(dec, k1, k1Sz);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -11613,15 +12640,15 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
- if (ret != 0)
- ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
if (XMEMCMP(large_input, large_outdec, BENCH_AESGCM_LARGE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
#endif /* HAVE_AES_DECRYPT */
#endif /* BENCH_AESGCM_LARGE */
#if defined(ENABLE_NON_12BYTE_IV_TEST) && defined(WOLFSSL_AES_256)
/* Variable IV length test */
- for (ivlen=1; ivlen<(int)sizeof(k1); ivlen++) {
+ for (ivlen=1; ivlen<k1Sz; ivlen++) {
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
ret = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p), k1,
(word32)ivlen, resultT, sizeof(t1), a, sizeof(a));
@@ -11683,7 +12710,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
}
/* Test unaligned memory of all potential arguments */
- ret = wc_AesGcmSetKey(enc, k1, sizeof(k1));
+ ret = wc_AesGcmSetKey(enc, k1, k1Sz);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -11700,7 +12727,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#ifdef HAVE_AES_DECRYPT
- ret = wc_AesGcmSetKey(dec, k1, sizeof(k1));
+ ret = wc_AesGcmSetKey(dec, k1, k1Sz);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -11798,12 +12825,44 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
+ /* Large buffer test */
+#ifdef BENCH_AESGCM_LARGE
+ wc_AesGcmSetKey(enc, k2, k3Sz);
+ wc_AesGcmSetKey(dec, k2, k3Sz);
+ /* setup test buffer */
+ for (alen=0; alen<BENCH_AESGCM_LARGE; alen++)
+ large_input[alen] = (byte)alen;
+
+ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+ ret = wc_AesGcmEncrypt(enc, large_output, large_input,
+ BENCH_AESGCM_LARGE, iv1, sizeof(iv1),
+ resultT, sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+#ifdef HAVE_AES_DECRYPT
+ ret = wc_AesGcmDecrypt(dec, large_outdec, large_output,
+ BENCH_AESGCM_LARGE, iv1, sizeof(iv1), resultT,
+ sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(large_input, large_outdec, BENCH_AESGCM_LARGE))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif /* HAVE_AES_DECRYPT */
+#endif /* BENCH_AESGCM_LARGE */
+
XMEMSET(resultT, 0, sizeof(resultT));
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_128
- wc_AesGcmSetKey(enc, k3, sizeof(k3));
+ wc_AesGcmSetKey(enc, k3, k3Sz);
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
ret = wc_AesGcmEncrypt(enc, resultC, p3, sizeof(p3), iv3, sizeof(iv3),
resultT, sizeof(t3), a3, sizeof(a3));
@@ -11812,10 +12871,12 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifndef HAVE_RENESAS_SYNC
if (XMEMCMP(c3, resultC, sizeof(c3)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
if (XMEMCMP(t3, resultT, sizeof(t3)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
#ifdef HAVE_AES_DECRYPT
ret = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(c3),
@@ -11828,6 +12889,38 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
if (XMEMCMP(p3, resultP, sizeof(p3)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
+
+ /* Large buffer test */
+#ifdef BENCH_AESGCM_LARGE
+ wc_AesGcmSetKey(enc, k3, k3Sz);
+ wc_AesGcmSetKey(dec, k3, k3Sz);
+ /* setup test buffer */
+ for (alen=0; alen<BENCH_AESGCM_LARGE; alen++)
+ large_input[alen] = (byte)alen;
+
+ /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+ ret = wc_AesGcmEncrypt(enc, large_output, large_input,
+ BENCH_AESGCM_LARGE, iv1, sizeof(iv1),
+ resultT, sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+#ifdef HAVE_AES_DECRYPT
+ ret = wc_AesGcmDecrypt(dec, large_outdec, large_output,
+ BENCH_AESGCM_LARGE, iv1, sizeof(iv1), resultT,
+ sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+ ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ if (XMEMCMP(large_input, large_outdec, BENCH_AESGCM_LARGE))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif /* HAVE_AES_DECRYPT */
+#endif /* BENCH_AESGCM_LARGE */
#endif /* WOLFSSL_AES_128 */
#endif /* ENABLE_NON_12BYTE_IV_TEST */
@@ -11839,7 +12932,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
- wc_AesGcmSetKey(enc, k1, sizeof(k1));
+ wc_AesGcmSetKey(enc, k1, k1Sz);
/* AES-GCM encrypt and decrypt both use AES encrypt internally */
ret = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p), iv1, sizeof(iv1),
resultT + 1, sizeof(t1) - 1, a, sizeof(a));
@@ -11848,11 +12941,12 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifndef HAVE_RENESAS_SYNC
if (XMEMCMP(c1, resultC, sizeof(c1)))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
if (XMEMCMP(t1, resultT + 1, sizeof(t1) - 1))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-
+#endif
#ifdef HAVE_AES_DECRYPT
ret = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
iv1, sizeof(iv1), resultT + 1, sizeof(t1) - 1, a, sizeof(a));
@@ -11884,7 +12978,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
XMEMSET(resultC, 0, sizeof(resultC));
XMEMSET(resultP, 0, sizeof(resultP));
- wc_AesGcmSetKey(enc, k1, sizeof(k1));
+ wc_AesGcmSetKey(enc, k1, k1Sz);
ret = wc_AesGcmSetIV(enc, sizeof(randIV), NULL, 0, &rng);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -11911,7 +13005,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
}
#ifdef HAVE_AES_DECRYPT
- wc_AesGcmSetKey(dec, k1, sizeof(k1));
+ wc_AesGcmSetKey(dec, k1, k1Sz);
ret = wc_AesGcmSetIV(dec, sizeof(randIV), NULL, 0, &rng);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -12088,9 +13182,9 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
}
#ifdef WOLFSSL_AES_128
-WOLFSSL_TEST_SUBROUTINE int gmac_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t gmac_test(void)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Gmac *gmac;
#else
@@ -12235,9 +13329,9 @@ WOLFSSL_TEST_SUBROUTINE int gmac_test(void)
#if defined(WOLFSSL_AES_256)
-static int aesccm_256_test(void)
+static wc_test_ret_t aesccm_256_test(void)
{
- int ret;
+ wc_test_ret_t ret;
/* Test vectors from NIST AES CCM 256-bit CAST Example #1 */
WOLFSSL_SMALL_STACK_STATIC const byte in_key[32] = {
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
@@ -12311,9 +13405,9 @@ static int aesccm_256_test(void)
#if defined(WOLFSSL_AES_128)
-static int aesccm_128_test(void)
+static wc_test_ret_t aesccm_128_test(void)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Aes *enc;
#else
@@ -12464,6 +13558,10 @@ static int aesccm_128_test(void)
XMEMSET(p2, 0, sizeof(p2));
XMEMSET(iv2, 0, sizeof(iv2));
+ ret = wc_AesInit(enc, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
#ifndef HAVE_SELFTEST
/* selftest build does not have wc_AesCcmSetNonce() or
* wc_AesCcmEncrypt_ex() */
@@ -12586,9 +13684,9 @@ static int aesccm_128_test(void)
}
#endif /* WOLFSSL_AES_128 */
-WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesccm_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef WOLFSSL_AES_128
if (ret == 0)
ret = aesccm_128_test();
@@ -12602,6 +13700,162 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
#endif /* HAVE_AESCCM */
+#if defined(WOLFSSL_AES_EAX) && \
+ (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void)
+{
+ typedef struct {
+ byte key[AES_256_KEY_SIZE];
+ int key_length;
+ byte iv[AES_BLOCK_SIZE];
+ int iv_length;
+ byte aad[AES_BLOCK_SIZE * 2];
+ int aad_length;
+ byte msg[AES_BLOCK_SIZE * 2];
+ int msg_length;
+ byte ct[AES_BLOCK_SIZE * 2];
+ int ct_length;
+ byte tag[AES_BLOCK_SIZE];
+ int tag_length;
+ int valid;
+ } AadVector;
+
+ /* A small selection of Google wycheproof vectors that use vectors
+ * from the original paper: eprint.iacr.org/2003/069
+ * https://github.com/google/wycheproof/blob/master/testvectors/aes_eax_test.json
+ */
+ WOLFSSL_SMALL_STACK_STATIC const AadVector vectors[] = {
+ /* Vector from paper - empty message with auth data */
+ {
+ /* key, key length */
+ {0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f,
+ 0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78}, 16,
+ /* iv, iv length */
+ {0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07,
+ 0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3}, 16,
+ /* aad, aad length */
+ {0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b}, 8,
+ /* msg, msg length */
+ {0}, 0,
+ /* ct, ct length */
+ {0}, 0,
+ /* tag, tag length */
+ {0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2,
+ 0x7b, 0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01}, 16,
+ /* valid */
+ 1,
+ },
+ /* Vector from paper - no auth data, valid auth tag */
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv , iv length */
+ {0x3c, 0x8c, 0xc2, 0x97, 0x0a, 0x00, 0x8f, 0x75,
+ 0xcc, 0x5b, 0xea, 0xe2, 0x84, 0x72, 0x58, 0xc2}, 16,
+ /* aad, aad length */
+ {0}, 0,
+ /* msg, msg length */
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+ 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+ /* ct, ct length */
+ {0x3c, 0x44, 0x1f, 0x32, 0xce, 0x07, 0x82, 0x23,
+ 0x64, 0xd7, 0xa2, 0x99, 0x0e, 0x50, 0xbb, 0x13,
+ 0xd7, 0xb0, 0x2a, 0x26, 0x96, 0x9e, 0x4a, 0x93,
+ 0x7e, 0x5e, 0x90, 0x73, 0xb0, 0xd9, 0xc9, 0x68}, 32,
+ /* tag, tag length */
+ {0xdb, 0x90, 0xbd, 0xb3, 0xda, 0x3d, 0x00, 0xaf,
+ 0xd0, 0xfc, 0x6a, 0x83, 0x55, 0x1d, 0xa9, 0x5e}, 16,
+ /* valid */
+ 1,
+ },
+ /* Vector from paper - no auth data with invalid auth tag */
+ {
+ /* key, key length */
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+ /* iv, iv length */
+ {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+ 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+ /* aad, aad length */
+ {0}, 0,
+ /* msg, msg length */
+ {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+ /* ct , ct length */
+ {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+ 0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+ /* tag, tag length */
+ {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+ 0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+ /* valid */
+ 0,
+ },
+ };
+
+ WOLFSSL_SMALL_STACK_STATIC byte ciphertext[sizeof(vectors[0].ct)];
+ WOLFSSL_SMALL_STACK_STATIC byte authtag[sizeof(vectors[0].tag)];
+ wc_test_ret_t ret;
+ int i;
+ int len;
+
+ for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) {
+
+ XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+ len = sizeof(authtag);
+ ret = wc_AesEaxEncryptAuth(vectors[i].key, vectors[i].key_length,
+ ciphertext,
+ vectors[i].msg, vectors[i].msg_length,
+ vectors[i].iv, vectors[i].iv_length,
+ authtag, len,
+ vectors[i].aad, vectors[i].aad_length);
+ if (ret != 0) {
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* check ciphertext matches vector */
+ if (XMEMCMP(ciphertext, vectors[i].ct, vectors[i].ct_length)) {
+ return WC_TEST_RET_ENC_NC;
+ }
+
+ /* check that tag matches vector only for vectors marked as valid */
+ ret = XMEMCMP(authtag, vectors[i].tag, len);
+ if (vectors[i].valid == 1 && ret != 0 ) {
+ return WC_TEST_RET_ENC_NC;
+ }
+ else if (vectors[i].valid == 0 && ret == 0) {
+ return WC_TEST_RET_ENC_NC;
+ }
+
+ XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+ ret = wc_AesEaxDecryptAuth(vectors[i].key, vectors[i].key_length,
+ ciphertext,
+ vectors[i].ct, vectors[i].ct_length,
+ vectors[i].iv, vectors[i].iv_length,
+ authtag, len,
+ vectors[i].aad, vectors[i].aad_length);
+ if (ret != 0) {
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* check decrypted ciphertext matches vector plaintext */
+ if (XMEMCMP(ciphertext, vectors[i].msg, vectors[i].msg_length)) {
+ return WC_TEST_RET_ENC_NC;
+ }
+
+ }
+ return 0;
+}
+
+#endif /* WOLFSSL_AES_EAX */
+
+
+
#ifdef HAVE_AES_KEYWRAP
#define MAX_KEYWRAP_TEST_OUTLEN 40
@@ -12616,7 +13870,7 @@ typedef struct keywrapVector {
word32 verifyLen;
} keywrapVector;
-WOLFSSL_TEST_SUBROUTINE int aeskeywrap_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aeskeywrap_test(void)
{
int wrapSz, plainSz, testSz, i;
@@ -12807,6 +14061,86 @@ WOLFSSL_TEST_SUBROUTINE int aeskeywrap_test(void)
#endif /* NO_AES */
+#ifdef HAVE_ARIA
+void printOutput(const char *strName, unsigned char *data, unsigned int dataSz)
+{
+ #ifndef DEBUG_WOLFSSL
+ (void)strName;
+ (void)data;
+ (void)dataSz;
+ #else
+ WOLFSSL_MSG_EX("%s (%d):", strName,dataSz);
+ WOLFSSL_BUFFER(data,dataSz);
+ #endif
+}
+
+WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID algo)
+{
+ int ret = 0;
+ byte data[] = TEST_STRING;
+ word32 dataSz = TEST_STRING_SZ;
+
+ /* Arbitrarily random long key that we will truncate to the right size */
+ byte key[] = { 0x1E, 0xCC, 0x95, 0xCB, 0xD3, 0x74, 0x58, 0x4F,
+ 0x6F, 0x8A, 0x70, 0x26, 0xF7, 0x3C, 0x8D, 0xB6,
+ 0xDC, 0x32, 0x76, 0x20, 0xCF, 0x05, 0x4A, 0xCF,
+ 0x11, 0x86, 0xCD, 0x23, 0x5E, 0xC1, 0x6E, 0x2B };
+ byte cipher[2*TEST_STRING_SZ], plain[TEST_STRING_SZ], ad[256], authTag[AES_BLOCK_SIZE];
+ word32 keySz, adSz = 256, authTagSz = sizeof(authTag);
+
+ wc_Aria aria;
+ XMEMSET((void *)&aria, 0, sizeof(aria));
+ ret = wc_AriaInitCrypt(&aria, algo);
+ if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+ ret = wc_AriaSetKey(&aria, key);
+ if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+ MC_GetObjectValue(aria.hSession, aria.hKey, key, &keySz);
+ printOutput("Key", key, keySz);
+
+ WC_RNG rng;
+
+ ret = wc_InitRng_ex(&rng, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+ ret = wc_AriaGcmSetIV(&aria, GCM_NONCE_MID_SZ, NULL, 0, &rng);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+ wc_FreeRng(&rng);
+
+ printOutput("Plaintext", data, sizeof(data));
+ XMEMSET(cipher, 0, sizeof(cipher));
+
+ ret = wc_AriaEncrypt(&aria, cipher, data, dataSz,
+ (byte *)aria.nonce, aria.nonceSz, ad, adSz,
+ authTag, authTagSz);
+ if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+ printOutput("Ciphertext", cipher, sizeof(cipher));
+ printOutput("AuthTag", authTag, sizeof(authTag));
+
+ XMEMSET(plain, 0, sizeof(plain));
+
+ ret = wc_AriaDecrypt(&aria, plain, cipher, dataSz,
+ (byte *)aria.nonce, aria.nonceSz, ad, adSz,
+ authTag, authTagSz);
+ if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+ printOutput("Plaintext", plain, sizeof(plain));
+
+ if (XMEMCMP(plain, data, dataSz) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC,out);
+out:
+ if (ret != 0) { wc_AriaFreeCrypt(&aria); }
+ else { ret = wc_AriaFreeCrypt(&aria); }
+
+ return ret;
+}
+#endif /* HAVE_ARIA */
+
#ifdef HAVE_CAMELLIA
@@ -12824,7 +14158,7 @@ typedef struct {
int errorCode;
} test_vector_t;
-WOLFSSL_TEST_SUBROUTINE int camellia_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t camellia_test(void)
{
/* Camellia ECB Test Plaintext */
WOLFSSL_SMALL_STACK_STATIC const byte pte[] =
@@ -13017,10 +14351,532 @@ WOLFSSL_TEST_SUBROUTINE int camellia_test(void)
}
#endif /* HAVE_CAMELLIA */
-#ifdef HAVE_XCHACHA
-WOLFSSL_TEST_SUBROUTINE int XChaCha_test(void) {
+#ifdef WOLFSSL_SM4
+#ifdef WOLFSSL_SM4_ECB
+static int sm4_ecb_test(void)
+{
+ /* draft-ribose-cfrg-sm4-10 A.2.1.1 */
+ WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c1_ecb[] = {
+ 0x5E, 0xC8, 0x14, 0x3D, 0xE5, 0x09, 0xCF, 0xF7,
+ 0xB5, 0x17, 0x9F, 0x8F, 0x47, 0x4B, 0x86, 0x19,
+ 0x2F, 0x1D, 0x30, 0x5A, 0x7F, 0xB1, 0x7D, 0xF9,
+ 0x85, 0xF8, 0x1C, 0x84, 0x82, 0x19, 0x23, 0x04
+ };
+
+ wc_Sm4 sm4;
+ byte enc[SM4_BLOCK_SIZE * 4];
+ byte dec[SM4_BLOCK_SIZE * 4];
+ int ret;
+
+ ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ /* Encrypt and decrypt with ECB. */
+ ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4EcbEncrypt(&sm4, enc, p1, sizeof(p1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c1_ecb, sizeof(c1_ecb)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4EcbDecrypt(&sm4, dec, enc, sizeof(c1_ecb));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ wc_Sm4Free(&sm4);
+
+ return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CBC
+static int sm4_cbc_test(void)
+{
+ /* draft-ribose-cfrg-sm4-10 A.2.2.1 */
+ WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c1_cbc[] = {
+ 0x78, 0xEB, 0xB1, 0x1C, 0xC4, 0x0B, 0x0A, 0x48,
+ 0x31, 0x2A, 0xAE, 0xB2, 0x04, 0x02, 0x44, 0xCB,
+ 0x4C, 0xB7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
+ 0x97, 0x9B, 0x0D, 0x15, 0xDC, 0x6A, 0x8F, 0x6D
+ };
+
+ wc_Sm4 sm4;
+ byte enc[SM4_BLOCK_SIZE * 4];
+ byte dec[SM4_BLOCK_SIZE * 4];
+ int ret;
+
+ ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ /* Encrypt and decrypt with CBC. */
+ ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4CbcEncrypt(&sm4, enc, p1, sizeof(p1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c1_cbc, sizeof(c1_cbc)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_Sm4CbcDecrypt(&sm4, dec, enc, sizeof(c1_cbc));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ /* Encrypt and decrypt in-place with CBC. */
+ ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ XMEMCPY(enc, p1, sizeof(p1));
+ ret = wc_Sm4CbcEncrypt(&sm4, enc, enc, sizeof(p1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c1_cbc, sizeof(c1_cbc)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_Sm4CbcDecrypt(&sm4, enc, enc, sizeof(c1_cbc));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, p1, sizeof(p1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ wc_Sm4Free(&sm4);
+
+ return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CTR
+static int sm4_ctr_test(void)
+{
+ /* draft-ribose-cfrg-sm4-10 A.2.5.1 */
+ WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p2[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c2_ctr[] = {
+ 0xAC, 0x32, 0x36, 0xCB, 0x97, 0x0C, 0xC2, 0x07,
+ 0x91, 0x36, 0x4C, 0x39, 0x5A, 0x13, 0x42, 0xD1,
+ 0xA3, 0xCB, 0xC1, 0x87, 0x8C, 0x6F, 0x30, 0xCD,
+ 0x07, 0x4C, 0xCE, 0x38, 0x5C, 0xDD, 0x70, 0xC7,
+ 0xF2, 0x34, 0xBC, 0x0E, 0x24, 0xC1, 0x19, 0x80,
+ 0xFD, 0x12, 0x86, 0x31, 0x0C, 0xE3, 0x7B, 0x92,
+ 0x6E, 0x02, 0xFC, 0xD0, 0xFA, 0xA0, 0xBA, 0xF3,
+ 0x8B, 0x29, 0x33, 0x85, 0x1D, 0x82, 0x45, 0x14
+ };
+
+ wc_Sm4 sm4;
+ byte enc[SM4_BLOCK_SIZE * 4];
+ byte dec[SM4_BLOCK_SIZE * 4];
+ int chunk;
+ int i;
+ int ret;
+
+ ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ /* Encrypt and decrypt using encrypt with CTR. */
+ ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4CtrEncrypt(&sm4, enc, p2, sizeof(p2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c2_ctr, sizeof(c2_ctr)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_Sm4CtrEncrypt(&sm4, dec, enc, sizeof(c2_ctr));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p2, sizeof(p2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ for (chunk = 1; chunk <= SM4_BLOCK_SIZE + 1; chunk++) {
+ ret = wc_Sm4SetIV(&sm4, i1);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_I(chunk);
+
+ XMEMSET(enc, 0, sizeof(enc));
+ for (i = 0; i + chunk <= (int)sizeof(p2); i += chunk) {
+ ret = wc_Sm4CtrEncrypt(&sm4, enc + i, p2 + i, chunk);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_I(i);
+ }
+ if (i < (int)sizeof(p2)) {
+ ret = wc_Sm4CtrEncrypt(&sm4, enc + i, p2 + i, sizeof(p2) - i);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_I(chunk);
+ }
+ if (XMEMCMP(enc, c2_ctr, sizeof(c2_ctr)) != 0)
+ return WC_TEST_RET_ENC_I(chunk);
+ }
+
+ wc_Sm4Free(&sm4);
+
+ return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_GCM
+static int sm4_gcm_test(void)
+{
+ WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte a1[] = {
+ 0xFF, 0xEE, 0xDD
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte tag1[] = {
+ 0x83, 0xb2, 0x91, 0xcf, 0x22, 0xc9, 0x5f, 0x89,
+ 0xde, 0x3d, 0x52, 0x8d, 0xd7, 0x13, 0x50, 0x89
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c1[] = {
+ 0xff, 0x8b, 0xb2, 0x3b, 0x0a, 0x0a, 0x12, 0xa4,
+ 0xa8, 0x4c, 0x4f, 0x67, 0x06, 0x81, 0xbb, 0x88,
+ 0x66, 0x17, 0xc7, 0x43, 0xbf, 0xae, 0x41, 0x40,
+ 0xec, 0x1e, 0x03, 0x85, 0x2b, 0x56, 0xa8, 0xc0
+ };
+ /* RFC8998 A.1. */
+ WOLFSSL_SMALL_STACK_STATIC const byte i2[] = {
+ 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0x00, 0x00,
+ 0x00, 0x00, 0xAB, 0xCD
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte k2[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p2[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte a2[] = {
+ 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+ 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+ 0xAB, 0xAD, 0xDA, 0xD2
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c2[] = {
+ 0x17, 0xF3, 0x99, 0xF0, 0x8C, 0x67, 0xD5, 0xEE,
+ 0x19, 0xD0, 0xDC, 0x99, 0x69, 0xC4, 0xBB, 0x7D,
+ 0x5F, 0xD4, 0x6F, 0xD3, 0x75, 0x64, 0x89, 0x06,
+ 0x91, 0x57, 0xB2, 0x82, 0xBB, 0x20, 0x07, 0x35,
+ 0xD8, 0x27, 0x10, 0xCA, 0x5C, 0x22, 0xF0, 0xCC,
+ 0xFA, 0x7C, 0xBF, 0x93, 0xD4, 0x96, 0xAC, 0x15,
+ 0xA5, 0x68, 0x34, 0xCB, 0xCF, 0x98, 0xC3, 0x97,
+ 0xB4, 0x02, 0x4A, 0x26, 0x91, 0x23, 0x3B, 0x8D
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte tag2[] = {
+ 0x83, 0xDE, 0x35, 0x41, 0xE4, 0xC2, 0xB5, 0x81,
+ 0x77, 0xE0, 0x65, 0xA9, 0xBF, 0x7B, 0x62, 0xEC
+ };
+
+ wc_Sm4 sm4;
+ byte enc[SM4_BLOCK_SIZE * 4];
+ byte dec[SM4_BLOCK_SIZE * 4];
+ byte tag[SM4_BLOCK_SIZE];
int ret;
+ ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ /* Encrypt and decrypt using encrypt with GCM. */
+ ret = wc_Sm4GcmSetKey(&sm4, k1, sizeof(k1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4GcmEncrypt(&sm4, enc, p1, sizeof(p1), i1, sizeof(i1), tag,
+ sizeof(tag), a1, sizeof(a1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c1, sizeof(c1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(tag, tag1, sizeof(tag1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4GcmDecrypt(&sm4, dec, enc, sizeof(c1), i1, sizeof(i1), tag,
+ sizeof(tag), a1, sizeof(a1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ /* RFC8998 test vector. */
+ ret = wc_Sm4GcmSetKey(&sm4, k2, sizeof(k2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4GcmEncrypt(&sm4, enc, p2, sizeof(p2), i2, sizeof(i2), tag,
+ sizeof(tag), a2, sizeof(a2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c2, sizeof(c2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(tag, tag2, sizeof(tag2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4GcmDecrypt(&sm4, dec, enc, sizeof(c2), i2, sizeof(i2), tag,
+ sizeof(tag), a2, sizeof(a2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p2, sizeof(p2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ wc_Sm4Free(&sm4);
+
+ return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CCM
+static int sm4_ccm_test(void)
+{
+ WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte a1[] = {
+ 0xFF, 0xEE, 0xDD
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte tag1[] = {
+ 0x9a, 0x98, 0x04, 0xb6, 0x0f, 0x19, 0x4a, 0x46,
+ 0xba, 0xed, 0xe6, 0x89, 0x69, 0x34, 0xad, 0x61
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c1[] = {
+ 0xbd, 0xc0, 0x72, 0x60, 0xda, 0x2d, 0x11, 0xdc,
+ 0x66, 0x33, 0xcc, 0xec, 0xb2, 0xf4, 0x53, 0x59,
+ 0x9e, 0xb1, 0xb3, 0x6b, 0x1f, 0x1c, 0xfb, 0x29,
+ 0xf5, 0x37, 0xfc, 0x00, 0xf2, 0x4e, 0x70, 0x6f
+ };
+ /* RFC8998 A.1. */
+ WOLFSSL_SMALL_STACK_STATIC const byte i2[] = {
+ 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0x00, 0x00,
+ 0x00, 0x00, 0xAB, 0xCD
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte k2[] = {
+ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte p2[] = {
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+ 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+ 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+ 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+ 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte a2[] = {
+ 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+ 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+ 0xAB, 0xAD, 0xDA, 0xD2
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte c2[] = {
+ 0x48, 0xAF, 0x93, 0x50, 0x1F, 0xA6, 0x2A, 0xDB,
+ 0xCD, 0x41, 0x4C, 0xCE, 0x60, 0x34, 0xD8, 0x95,
+ 0xDD, 0xA1, 0xBF, 0x8F, 0x13, 0x2F, 0x04, 0x20,
+ 0x98, 0x66, 0x15, 0x72, 0xE7, 0x48, 0x30, 0x94,
+ 0xFD, 0x12, 0xE5, 0x18, 0xCE, 0x06, 0x2C, 0x98,
+ 0xAC, 0xEE, 0x28, 0xD9, 0x5D, 0xF4, 0x41, 0x6B,
+ 0xED, 0x31, 0xA2, 0xF0, 0x44, 0x76, 0xC1, 0x8B,
+ 0xB4, 0x0C, 0x84, 0xA7, 0x4B, 0x97, 0xDC, 0x5B
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte tag2[] = {
+ 0x16, 0x84, 0x2D, 0x4F, 0xA1, 0x86, 0xF5, 0x6A,
+ 0xB3, 0x32, 0x56, 0x97, 0x1F, 0xA1, 0x10, 0xF4
+ };
+
+ wc_Sm4 sm4;
+ byte enc[SM4_BLOCK_SIZE * 4];
+ byte dec[SM4_BLOCK_SIZE * 4];
+ byte tag[SM4_BLOCK_SIZE];
+ int ret;
+
+ ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+ if (ret != 0)
+ return -6720;
+
+ /* Encrypt and decrypt using encrypt with CCM. */
+ ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4CcmEncrypt(&sm4, enc, p1, sizeof(p1), i1, sizeof(i1), tag,
+ sizeof(tag), a1, sizeof(a1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c1, sizeof(c1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(tag, tag1, sizeof(tag1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4CcmDecrypt(&sm4, dec, enc, sizeof(c1), i1, sizeof(i1), tag,
+ sizeof(tag), a1, sizeof(a1));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ /* RFC8998 test vector. */
+ ret = wc_Sm4SetKey(&sm4, k2, sizeof(k2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_Sm4CcmEncrypt(&sm4, enc, p2, sizeof(p2), i2, sizeof(i2), tag,
+ sizeof(tag), a2, sizeof(a2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(enc, c2, sizeof(c2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(tag, tag2, sizeof(tag2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_Sm4CcmDecrypt(&sm4, dec, enc, sizeof(c2), i2, sizeof(i2), tag,
+ sizeof(tag), a2, sizeof(a2));
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(dec, p2, sizeof(p2)) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ wc_Sm4Free(&sm4);
+
+ return 0;
+}
+#endif
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm4_test(void)
+{
+ wc_test_ret_t ret;
+
+#ifdef WOLFSSL_SM4_ECB
+ ret = sm4_ecb_test();
+ if (ret != 0)
+ return ret;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+ ret = sm4_cbc_test();
+ if (ret != 0)
+ return ret;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+ ret = sm4_ctr_test();
+ if (ret != 0)
+ return ret;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+ ret = sm4_gcm_test();
+ if (ret != 0)
+ return ret;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+ ret = sm4_ccm_test();
+ if (ret != 0)
+ return ret;
+#endif
+
+ return 0;
+}
+#endif
+
+#ifdef HAVE_XCHACHA
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void) {
+ wc_test_ret_t ret;
+
WOLFSSL_SMALL_STACK_STATIC const byte Plaintext[] = {
0x54, 0x68, 0x65, 0x20, 0x64, 0x68, 0x6f, 0x6c, 0x65, 0x20, 0x28, 0x70, 0x72, 0x6f, 0x6e, 0x6f, /* The dhole (prono */
0x75, 0x6e, 0x63, 0x65, 0x64, 0x20, 0x22, 0x64, 0x6f, 0x6c, 0x65, 0x22, 0x29, 0x20, 0x69, 0x73, /* unced "dole") is */
@@ -13125,8 +14981,8 @@ WOLFSSL_TEST_SUBROUTINE int XChaCha_test(void) {
#endif /* HAVE_XCHACHA */
#if defined(HAVE_XCHACHA) && defined(HAVE_POLY1305)
-WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void) {
- int ret;
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void) {
+ wc_test_ret_t ret;
WOLFSSL_SMALL_STACK_STATIC const byte Plaintext[] = {
0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, /* Ladies and Gentl */
@@ -13215,10 +15071,11 @@ WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void) {
#endif /* defined(HAVE_XCHACHA) && defined(HAVE_POLY1305) */
#ifndef WC_NO_RNG
-static int _rng_test(WC_RNG* rng, int errorOffset)
+static wc_test_ret_t _rng_test(WC_RNG* rng, int errorOffset)
{
byte block[32];
- int ret, i;
+ wc_test_ret_t ret;
+ int i;
XMEMSET(block, 0, sizeof(block));
@@ -13278,11 +15135,12 @@ exit:
return ret;
}
-static int random_rng_test(void)
+
+static wc_test_ret_t random_rng_test(void)
{
WC_RNG localRng;
WC_RNG* rng;
- int ret;
+ wc_test_ret_t ret;
rng = &localRng;
/* Test stack based RNG. */
@@ -13310,9 +15168,6 @@ static int random_rng_test(void)
if (rng == NULL)
return WC_TEST_RET_ENC_ERRNO;
- #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
- rng->devId = devId;
- #endif
ret = _rng_test(rng, WC_TEST_RET_ENC_NC);
wc_rng_free(rng);
@@ -13335,7 +15190,7 @@ static int seed_cb(OS_Seed* os, byte* output, word32 sz)
return 0;
}
-static int rng_seed_test(void)
+static wc_test_ret_t rng_seed_test(void)
{
#ifndef HAVE_FIPS
WOLFSSL_SMALL_STACK_STATIC const byte check[] =
@@ -13357,7 +15212,7 @@ static int rng_seed_test(void)
#endif
byte output[WC_SHA256_DIGEST_SIZE];
WC_RNG rng;
- int ret;
+ wc_test_ret_t ret;
ret = wc_SetSeed_Cb(seed_cb);
if (ret != 0) {
@@ -13390,7 +15245,7 @@ out:
#endif
-WOLFSSL_TEST_SUBROUTINE int random_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte test1Entropy[] =
{
@@ -13442,7 +15297,7 @@ WOLFSSL_TEST_SUBROUTINE int random_test(void)
};
byte output[WC_SHA256_DIGEST_SIZE * 4];
- int ret;
+ wc_test_ret_t ret;
ret = wc_RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
output, sizeof(output));
@@ -13507,7 +15362,7 @@ WOLFSSL_TEST_SUBROUTINE int random_test(void)
#else
-WOLFSSL_TEST_SUBROUTINE int random_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void)
{
/* Basic RNG generate block test */
return random_rng_test();
@@ -13547,9 +15402,42 @@ static int simple_mem_test(int sz)
}
#endif
-WOLFSSL_TEST_SUBROUTINE int memory_test(void)
+/* If successful, returns the first letter of the byte array `in`.
+**
+** This is a deceptively simple test of a read-only embedded Linux file system.
+** (e.g CFLAGS `-mfdpic` and `-mforce-l32`) for Xtensa Linux ESP32. When the
+** `-mforce-l32` is missing, access to `in` will fail with Illegal Instruction.
+** Const is on read-only memory-mapped file system, *not* loaded in app memory.
+**
+** Edit with caution. See PR #6523. */
+static wc_test_ret_t const_byte_ptr_test(const byte* in, word32 *outJ)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
+ volatile word32 j = -1; /* must be volatile to properly detect error */
+
+ ret = (wc_test_ret_t)*in; /* accessed *in value. */
+ (void)ret;
+ j = *outJ; /* Found index to use in const array. */
+
+ if (j == 0) {
+#ifdef WOLFSSL_DEBUG
+ printf("Testing const byte ptr reference...\n");
+#endif
+ /* although j is zero, in[0] does not detect the Illegal instruction */
+ ret = in[j]; /* The big test: can we actually access the `in` data? */
+ }
+ else {
+ ret = -1;
+ }
+
+ return ret;
+}
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void)
+{
+ wc_test_ret_t ret = 0;
+ word32 j = 0; /* used in embedded const pointer test */
+
#if defined(COMPLEX_MEM_TEST) || defined(WOLFSSL_STATIC_MEMORY)
int i;
#endif
@@ -13695,6 +15583,13 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
}
#endif
+ if (ret == 0) {
+ /* This test is only interesting on embedded R/O Flash systems */
+ if (const_byte_ptr_test(const_byte_array, &j) != CBPTR_EXPECTED) {
+ ret = 1;
+ }
+ }
+
return ret;
}
@@ -13763,8 +15658,10 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
#if !defined(NO_ASN) && !defined(NO_DH)
#if defined(WOLFSSL_DH_EXTRA) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
- static const char* dhKeyFile = CERT_ROOT "statickeys/dh-ffdhe2048.der";
- static const char* dhKeyPubFile = CERT_ROOT "statickeys/dh-ffdhe2048-pub.der";
+ #if !defined(USE_CERT_BUFFERS_2048)
+ static const char* dhKeyFile = CERT_ROOT "statickeys/dh-ffdhe2048.der";
+ static const char* dhKeyPubFile = CERT_ROOT "statickeys/dh-ffdhe2048-pub.der";
+ #endif
#endif
#endif
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
@@ -13951,15 +15848,12 @@ static void initDefaultName(void)
WOLFSSL_SMALL_STACK_STATIC const char certKeyUsage[] =
"digitalSignature,nonRepudiation";
#endif
- #if !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) && \
- !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_REQ) && \
- !defined(WOLFSSL_NO_MALLOC)
+ #if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && !defined(NO_ASN_TIME)
WOLFSSL_SMALL_STACK_STATIC const char certKeyUsage2[] =
"digitalSignature,nonRepudiation,keyEncipherment,keyAgreement";
#endif
#endif /* WOLFSSL_CERT_EXT */
-#endif /* WOLFSSL_CERT_GEN && (!NO_RSA || HAVE_ECC) || (WOLFSSL_TEST_CERT &&
- * (HAVE_ED25519 || HAVE_ED448)) */
+#endif /* WOLFSSL_CERT_GEN */
#ifndef NO_RSA
@@ -14022,9 +15916,9 @@ static int add_data(byte* certData, int offset, byte* data, byte length)
return offset + length;
}
-static int cert_asn1_test(void)
+static wc_test_ret_t cert_asn1_test(void)
{
- int ret;
+ wc_test_ret_t ret;
int len[3];
DecodedCert cert;
byte certData[114];
@@ -14078,14 +15972,14 @@ done:
return ret;
}
-WOLFSSL_TEST_SUBROUTINE int cert_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cert_test(void)
{
#if !defined(NO_FILESYSTEM)
DecodedCert cert;
byte* tmp;
size_t bytes;
XFILE file;
- int ret;
+ wc_test_ret_t ret;
tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL)
@@ -14156,13 +16050,13 @@ done:
#if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT) && \
!defined(NO_FILESYSTEM) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int certext_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void)
{
DecodedCert cert;
byte* tmp;
size_t bytes;
XFILE file;
- int ret;
+ wc_test_ret_t ret;
/* created from rsa_test : othercert.der */
byte skid_rsa[] = "\x33\xD8\x45\x66\xD7\x68\x87\x18\x7E\x54"
@@ -14351,9 +16245,9 @@ WOLFSSL_TEST_SUBROUTINE int certext_test(void)
#if defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && \
defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int decodedCertCache_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
Cert cert;
FILE* file;
byte* der;
@@ -14501,9 +16395,9 @@ WOLFSSL_TEST_SUBROUTINE int decodedCertCache_test(void)
#if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int rsa_flatten_test(RsaKey* key)
+static wc_test_ret_t rsa_flatten_test(RsaKey* key)
{
- int ret;
+ wc_test_ret_t ret;
byte e[RSA_TEST_BYTES];
byte n[RSA_TEST_BYTES];
word32 eSz = sizeof(e);
@@ -14570,9 +16464,6 @@ static int rsa_flatten_test(RsaKey* key)
* -101 = USER_CRYPTO_ERROR
*/
if (ret == 0)
-#elif defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- if (ret != 0)
#else
if (ret != RSA_BUFFER_E)
#endif
@@ -14596,9 +16487,9 @@ static int rsa_flatten_test(RsaKey* key)
#if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(NO_ASN) \
&& !defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int rsa_export_key_test(RsaKey* key)
+static wc_test_ret_t rsa_export_key_test(RsaKey* key)
{
- int ret;
+ wc_test_ret_t ret;
byte e[3];
word32 eSz = sizeof(e);
byte n[RSA_TEST_BYTES];
@@ -14672,9 +16563,9 @@ static int rsa_export_key_test(RsaKey* key)
#endif /* !HAVE_FIPS && !USER_RSA && !NO_ASN */
#ifndef NO_SIG_WRAPPER
-static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
+static wc_test_ret_t rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
word32 sigSz;
WOLFSSL_SMALL_STACK_STATIC const byte in[] = TEST_STRING;
WOLFSSL_SMALL_STACK_STATIC const byte hash[] = {
@@ -14867,10 +16758,11 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
#endif /* !NO_SIG_WRAPPER */
#ifdef WC_RSA_NONBLOCK
-static int rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
+static wc_test_ret_t rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
word32 outSz, byte* plain, word32 plainSz, WC_RNG* rng)
{
- int ret = 0, count;
+ wc_test_ret_t ret = 0;
+ int count;
int signSz = 0;
RsaNb nb;
byte* inlinePlain = NULL;
@@ -14954,9 +16846,9 @@ static int rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
#endif
#if !defined(HAVE_USER_RSA) && !defined(NO_ASN)
-static int rsa_decode_test(RsaKey* keyPub)
+static wc_test_ret_t rsa_decode_test(RsaKey* keyPub)
{
- int ret;
+ wc_test_ret_t ret;
word32 inSz;
word32 inOutIdx;
WOLFSSL_SMALL_STACK_STATIC const byte n[2] = { 0x00, 0x23 };
@@ -15024,11 +16916,12 @@ static int rsa_decode_test(RsaKey* keyPub)
goto done;
}
ret = wc_RsaPublicKeyDecodeRaw(n, (word32)-1, e, sizeof(e), keyPub);
-#if !defined(WOLFSSL_SP_MATH) & !defined(WOLFSSL_SP_MATH_ALL)
- if (ret != 0) {
+#if defined(USE_INTEGER_HEAP_MATH)
+ if (ret != 0)
#else
- if (ret != ASN_GETINT_E) {
+ if (ret != ASN_GETINT_E)
#endif
+ {
ret = WC_TEST_RET_ENC_EC(ret);
goto done;
}
@@ -15037,11 +16930,12 @@ static int rsa_decode_test(RsaKey* keyPub)
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
ret = wc_RsaPublicKeyDecodeRaw(n, sizeof(n), e, (word32)-1, keyPub);
-#if !defined(WOLFSSL_SP_MATH) & !defined(WOLFSSL_SP_MATH_ALL)
- if (ret != 0) {
+#if defined(USE_INTEGER_HEAP_MATH)
+ if (ret != 0)
#else
- if (ret != ASN_GETINT_E) {
+ if (ret != ASN_GETINT_E)
#endif
+ {
ret = WC_TEST_RET_ENC_EC(ret);
goto done;
}
@@ -15242,10 +17136,10 @@ done:
/* Need to create known good signatures to test with this. */
#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLF_CRYPTO_CB_ONLY_RSA)
-static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
+static wc_test_ret_t rsa_pss_test(WC_RNG* rng, RsaKey* key)
{
byte digest[WC_MAX_DIGEST_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
const char inStr[] = TEST_STRING;
word32 inLen = (word32)TEST_STRING_SZ;
word32 outSz;
@@ -15327,7 +17221,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
} while (ret == WC_PENDING_E);
if (ret <= 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
- outSz = ret;
+ outSz = (word32)ret;
XMEMCPY(sig, out, outSz);
plain = NULL;
@@ -15345,7 +17239,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
} while (ret == WC_PENDING_E);
if (ret <= 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
- plainSz = ret;
+ plainSz = (word32)ret;
TEST_SLEEP();
#if defined(HAVE_SELFTEST) && \
@@ -15407,7 +17301,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
} while (ret == WC_PENDING_E);
if (ret <= 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
- outSz = ret;
+ outSz = (word32)ret;
TEST_SLEEP();
do {
@@ -15422,7 +17316,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
} while (ret == WC_PENDING_E);
if (ret <= 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
- plainSz = ret;
+ plainSz = (word32)ret;
TEST_SLEEP();
do {
@@ -15461,7 +17355,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
} while (ret == WC_PENDING_E);
if (ret <= 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
- plainSz = ret;
+ plainSz = (word32)ret;
TEST_SLEEP();
#if defined(HAVE_SELFTEST) && \
@@ -15595,12 +17489,12 @@ exit_rsa_pss:
#endif
#ifdef WC_RSA_NO_PADDING
-WOLFSSL_TEST_SUBROUTINE int rsa_no_pad_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void)
{
WC_RNG rng;
byte* tmp = NULL;
size_t bytes;
- int ret;
+ wc_test_ret_t ret;
word32 inLen = 0;
word32 idx = 0;
word32 outSz = RSA_TEST_BYTES;
@@ -15823,11 +17717,11 @@ exit_rsa_nopadding:
#endif /* WC_RSA_NO_PADDING */
#if defined(WOLFSSL_HAVE_SP_RSA) && defined(USE_FAST_MATH)
-static int rsa_even_mod_test(WC_RNG* rng, RsaKey* key)
+static wc_test_ret_t rsa_even_mod_test(WC_RNG* rng, RsaKey* key)
{
byte* tmp = NULL;
size_t bytes;
- int ret;
+ wc_test_ret_t ret;
word32 inLen = 0;
#ifndef NO_ASN
word32 idx = 0;
@@ -15992,7 +17886,7 @@ exit_rsa_even_mod:
#endif /* WOLFSSL_HAVE_SP_RSA */
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_ASN_TIME)
-static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
+static wc_test_ret_t rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
RsaKey *caKey = (RsaKey *)XMALLOC(sizeof *caKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -16006,7 +17900,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
#endif
#endif
byte* der = NULL;
- int ret;
+ wc_test_ret_t ret;
Cert* myCert = NULL;
int certSz;
size_t bytes3;
@@ -16107,7 +18001,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
if (ret < 0) {
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
}
- certSz = ret;
+ certSz = (word32)ret;
#ifdef WOLFSSL_TEST_CERT
InitDecodedCert(decode, der, certSz, HEAP_HINT);
@@ -16266,7 +18160,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
} while (ret == WC_PENDING_E);
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
- certSz = ret;
+ certSz = (word32)ret;
#ifdef WOLFSSL_TEST_CERT
InitDecodedCert(decode, der, certSz, HEAP_HINT);
@@ -16309,7 +18203,7 @@ exit_rsa:
#if !defined(NO_RSA) && defined(HAVE_ECC) && !defined(NO_ECC_SECP) && \
defined(WOLFSSL_CERT_GEN)
/* Make Cert / Sign example for ECC cert and RSA CA */
-static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
+static wc_test_ret_t rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
RsaKey *caKey = (RsaKey *)XMALLOC(sizeof *caKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -16335,7 +18229,7 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
|| !defined(USE_CERT_BUFFERS_256)
XFILE file3;
#endif
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((caKey == NULL) || (caEccKey == NULL) || (caEccKeyPub == NULL)
@@ -16484,7 +18378,7 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
} while (ret == WC_PENDING_E);
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
- certSz = ret;
+ certSz = (word32)ret;
#ifdef WOLFSSL_TEST_CERT
InitDecodedCert(decode, der, certSz, 0);
@@ -16539,14 +18433,14 @@ exit_rsa:
#endif /* !NO_RSA && HAVE_ECC && WOLFSSL_CERT_GEN */
#ifdef WOLFSSL_KEY_GEN
-static int rsa_keygen_test(WC_RNG* rng)
+static wc_test_ret_t rsa_keygen_test(WC_RNG* rng)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
RsaKey *genKey = (RsaKey *)XMALLOC(sizeof *genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#else
RsaKey genKey[1];
#endif
- int ret;
+ wc_test_ret_t ret;
byte* der = NULL;
#ifndef WOLFSSL_CRYPTOCELL
word32 idx = 0;
@@ -16647,9 +18541,9 @@ exit_rsa:
(!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) \
&& !defined(WOLF_CRYPTO_CB_ONLY_RSA)
-static int rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
+static wc_test_ret_t rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
word32 idx = 0;
const char inStr[] = TEST_STRING;
const word32 inLen = (word32)TEST_STRING_SZ;
@@ -16891,7 +18785,7 @@ static int rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
TEST_SLEEP();
- idx = ret;
+ idx = (word32)ret;
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
@@ -16966,9 +18860,9 @@ exit_rsa:
#endif
#endif
-WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
{
- int ret;
+ wc_test_ret_t ret;
size_t bytes;
WC_RNG rng;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -17169,7 +19063,7 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
#ifdef WC_RSA_BLINDING
{
- int tmpret = ret;
+ wc_test_ret_t tmpret = ret;
ret = wc_RsaSetRNG(key, &rng);
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
@@ -17548,7 +19442,7 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
} while (ret == WC_PENDING_E);
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
- derSz = ret;
+ derSz = (word32)ret;
ret = SaveDerAndPem(der, derSz, certReqDerFile, certReqPemFile,
CERTREQ_TYPE);
@@ -17654,9 +19548,9 @@ exit_rsa:
#ifndef NO_DH
-static int dh_fips_generate_test(WC_RNG *rng)
+static wc_test_ret_t dh_fips_generate_test(WC_RNG *rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
DhKey *key = (DhKey *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#else
@@ -17866,9 +19760,9 @@ exit_gen_test:
return ret;
}
-static int dh_generate_test(WC_RNG *rng)
+static wc_test_ret_t dh_generate_test(WC_RNG *rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
DhKey *smallKey = NULL;
#else
@@ -17993,9 +19887,9 @@ typedef struct dh_pubvalue_test {
word32 len;
} dh_pubvalue_test;
-static int dh_test_check_pubvalue(void)
+static wc_test_ret_t dh_test_check_pubvalue(void)
{
- int ret;
+ wc_test_ret_t ret;
word32 i;
WOLFSSL_SMALL_STACK_STATIC const byte prime[] = {0x01, 0x00, 0x01};
WOLFSSL_SMALL_STACK_STATIC const byte pubValZero[] = { 0x00 };
@@ -18071,12 +19965,12 @@ static int dh_test_check_pubvalue(void)
(defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM32_ASM)))
#ifdef HAVE_PUBLIC_FFDHE
-static int dh_ffdhe_test(WC_RNG *rng, const DhParams* params)
+static wc_test_ret_t dh_ffdhe_test(WC_RNG *rng, const DhParams* params)
#else
-static int dh_ffdhe_test(WC_RNG *rng, int name)
+static wc_test_ret_t dh_ffdhe_test(WC_RNG *rng, int name)
#endif
{
- int ret;
+ wc_test_ret_t ret;
word32 privSz, pubSz, privSz2, pubSz2;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte *priv = (byte*)XMALLOC(MAX_DH_PRIV_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -18250,9 +20144,9 @@ done:
#endif /* !WC_NO_RNG */
#endif /* HAVE_FFDHE */
-WOLFSSL_TEST_SUBROUTINE int dh_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void)
{
- int ret;
+ wc_test_ret_t ret;
word32 bytes;
word32 idx = 0, privSz, pubSz, privSz2, pubSz2;
#ifndef WC_NO_RNG
@@ -18479,6 +20373,11 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
#else
byte tmp2[DH_TEST_TMP_SIZE];
#endif
+
+ #if defined(USE_CERT_BUFFERS_2048)
+ XMEMCPY(tmp, dh_ffdhe_statickey_der_2048, sizeof_dh_ffdhe_statickey_der_2048);
+ bytes = sizeof_dh_ffdhe_statickey_der_2048;
+ #else
XFILE file = XFOPEN(dhKeyFile, "rb");
if (!file)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
@@ -18486,7 +20385,7 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
XFCLOSE(file);
if (bytes == 0)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
-
+ #endif
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
tmp2 = (byte*)XMALLOC(DH_TEST_TMP_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp2 == NULL)
@@ -18510,6 +20409,10 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
/* DH Public Key - Export / Import */
+ #if defined(USE_CERT_BUFFERS_2048)
+ XMEMCPY(tmp, dh_ffdhe_pub_statickey_der_2048, sizeof_dh_ffdhe_pub_statickey_der_2048);
+ bytes = sizeof_dh_ffdhe_pub_statickey_der_2048;
+ #else
file = XFOPEN(dhKeyPubFile, "rb");
if (!file)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
@@ -18517,6 +20420,7 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
XFCLOSE(file);
if (bytes == 0)
ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
+ #endif
/* for HAVE_WOLF_BIGINT prevent leak */
wc_FreeDhKey(key);
@@ -18677,17 +20581,22 @@ done:
#ifndef NO_DSA
-WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void)
{
- int ret = 0, answer;
+ wc_test_ret_t ret = 0;
+ int answer;
word32 bytes;
word32 idx = 0;
WC_RNG rng;
+ int rng_inited = 0;
wc_Sha sha;
byte hash[WC_SHA_DIGEST_SIZE];
byte signature[40];
+ int key_inited = 0;
#ifdef WOLFSSL_KEY_GEN
byte* der = 0;
+ int derIn_inited = 0;
+ int genKey_inited = 0;
#endif
#define DSA_TEST_TMP_SIZE 1024
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -18697,6 +20606,7 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
DsaKey *derIn = (DsaKey *)XMALLOC(sizeof *derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
DsaKey *genKey = (DsaKey *)XMALLOC(sizeof *genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
+
if ((tmp == NULL) ||
(key == NULL)
#ifdef WOLFSSL_KEY_GEN
@@ -18745,6 +20655,7 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
ret = wc_InitDsaKey(key);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ key_inited = 1;
ret = wc_DsaPrivateKeyDecode(tmp, &idx, key, bytes);
if (ret != 0)
@@ -18757,6 +20668,7 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
#endif
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ rng_inited = 1;
ret = wc_DsaSign(hash, signature, key, &rng);
if (ret != 0)
@@ -18769,6 +20681,12 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
wc_FreeDsaKey(key);
+ key_inited = 0;
+
+ ret = wc_InitDsaKey_h(key, NULL);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ key_inited = 1;
#ifdef WOLFSSL_KEY_GEN
{
@@ -18777,70 +20695,43 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
ret = wc_InitDsaKey(genKey);
if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+ genKey_inited = 1;
ret = wc_MakeDsaParameters(&rng, 1024, genKey);
- if (ret != 0) {
- wc_FreeDsaKey(genKey);
+ if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- }
ret = wc_MakeDsaKey(&rng, genKey);
- if (ret != 0) {
- wc_FreeDsaKey(genKey);
+ if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- }
der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL) {
- wc_FreeDsaKey(genKey);
+ if (der == NULL)
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
- }
derSz = wc_DsaKeyToDer(genKey, der, FOURK_BUF);
- if (derSz < 0) {
- XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (derSz < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(derSz), out);
- }
ret = SaveDerAndPem(der, derSz, keyDerFile, keyPemFile,
DSA_PRIVATEKEY_TYPE);
- if (ret != 0) {
- XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- wc_FreeDsaKey(genKey);
+ if (ret != 0)
goto out;
- }
ret = wc_InitDsaKey(derIn);
- if (ret != 0) {
- XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- wc_FreeDsaKey(genKey);
+ if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
- }
+ derIn_inited = 1;
idx = 0;
ret = wc_DsaPrivateKeyDecode(der, &idx, derIn, derSz);
- if (ret != 0) {
- XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- wc_FreeDsaKey(derIn);
- wc_FreeDsaKey(genKey);
+ if (ret != 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
}
-
- }
#endif /* WOLFSSL_KEY_GEN */
out:
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
- if (key) {
-#endif
- ret = wc_InitDsaKey_h(key, NULL);
- if (ret != 0)
- ret = WC_TEST_RET_ENC_EC(ret);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
- }
-#endif
-
#ifdef WOLFSSL_KEY_GEN
if (der)
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -18849,29 +20740,39 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (tmp)
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
- if (key)
+ if (key) {
+ if (key_inited)
+ wc_FreeDsaKey(key);
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ }
#ifdef WOLFSSL_KEY_GEN
if (derIn) {
- wc_FreeDsaKey(derIn);
+ if (derIn_inited)
+ wc_FreeDsaKey(derIn);
XFREE(derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
if (genKey) {
- wc_FreeDsaKey(genKey);
+ if (genKey_inited)
+ wc_FreeDsaKey(genKey);
XFREE(genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
#else /* !WOLFSSL_SMALL_STACK || WOLFSSL_NO_MALLOC */
+ if (key_inited)
+ wc_FreeDsaKey(key);
#ifdef WOLFSSL_KEY_GEN
- wc_FreeDsaKey(derIn);
- wc_FreeDsaKey(genKey);
+ if (derIn_inited)
+ wc_FreeDsaKey(derIn);
+ if (genKey_inited)
+ wc_FreeDsaKey(genKey);
#endif
#endif
- wc_FreeRng(&rng);
+ if (rng_inited)
+ wc_FreeRng(&rng);
return ret;
}
@@ -18880,9 +20781,9 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
#ifdef WOLFCRYPT_HAVE_SRP
-static int generate_random_salt(byte *buf, word32 size)
+static wc_test_ret_t generate_random_salt(byte *buf, word32 size)
{
- int ret = WC_TEST_RET_ENC_NC;
+ wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
WC_RNG rng;
if(NULL == buf || !size)
@@ -18897,9 +20798,9 @@ static int generate_random_salt(byte *buf, word32 size)
return ret;
}
-static int srp_test_digest(SrpType dgstType)
+static wc_test_ret_t srp_test_digest(SrpType dgstType)
{
- int r;
+ wc_test_ret_t r;
byte clientPubKey[192]; /* A */
byte serverPubKey[192]; /* B */
@@ -19042,9 +20943,9 @@ static int srp_test_digest(SrpType dgstType)
return r;
}
-WOLFSSL_TEST_SUBROUTINE int srp_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void)
{
- int ret;
+ wc_test_ret_t ret;
#ifndef NO_SHA
ret = srp_test_digest(SRP_TYPE_SHA);
@@ -19075,7 +20976,7 @@ WOLFSSL_TEST_SUBROUTINE int srp_test(void)
#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
#if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY)
-static int openssl_aes_test(void)
+static wc_test_ret_t openssl_aes_test(void)
{
#ifdef HAVE_AES_CBC
#ifdef WOLFSSL_AES_128
@@ -19142,6 +21043,8 @@ static int openssl_aes_test(void)
if (total != 32)
return 3408;
+ EVP_CIPHER_CTX_cleanup(en);
+
total = 0;
EVP_CIPHER_CTX_init(de);
if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19179,6 +21082,8 @@ static int openssl_aes_test(void)
if (XMEMCMP(plain, cbcPlain, 18))
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(de);
+
/* test with encrypting/decrypting more than 16 bytes at once */
total = 0;
EVP_CIPHER_CTX_init(en);
@@ -19207,6 +21112,8 @@ static int openssl_aes_test(void)
if (total != 32)
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(en);
+
total = 0;
EVP_CIPHER_CTX_init(de);
if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19253,6 +21160,8 @@ static int openssl_aes_test(void)
plain[i] = i;
}
+ EVP_CIPHER_CTX_cleanup(de);
+
total = 0;
EVP_CIPHER_CTX_init(en);
if (EVP_CipherInit(en, EVP_aes_128_cbc(),
@@ -19273,6 +21182,8 @@ static int openssl_aes_test(void)
if (total != sizeof(plain))
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(en);
+
total = 0;
EVP_CIPHER_CTX_init(de);
if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19308,6 +21219,8 @@ static int openssl_aes_test(void)
}
}
+ EVP_CIPHER_CTX_cleanup(de);
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
wolfSSL_EVP_CIPHER_CTX_free(en);
wolfSSL_EVP_CIPHER_CTX_free(de);
@@ -19371,6 +21284,8 @@ static int openssl_aes_test(void)
if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) != 0)
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(en);
+
/* turn padding back on and do successful encrypt */
total = 0;
EVP_CIPHER_CTX_init(en);
@@ -19393,6 +21308,8 @@ static int openssl_aes_test(void)
return WC_TEST_RET_ENC_NC;
XMEMCPY(cipher, padded, EVP_TEST_BUF_SZ);
+ EVP_CIPHER_CTX_cleanup(en);
+
/* test out of bounds read on buffers w/o padding during decryption */
total = 0;
EVP_CIPHER_CTX_init(de);
@@ -19413,6 +21330,8 @@ static int openssl_aes_test(void)
if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) != 0)
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(de);
+
total = 0;
EVP_CIPHER_CTX_init(de);
if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19432,6 +21351,8 @@ static int openssl_aes_test(void)
if (XMEMCMP(padded, cbcPlain, EVP_TEST_BUF_SZ))
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(de);
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
wolfSSL_EVP_CIPHER_CTX_free(en);
wolfSSL_EVP_CIPHER_CTX_free(de);
@@ -19480,6 +21401,8 @@ static int openssl_aes_test(void)
if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(ctx);
+
EVP_CIPHER_CTX_init(ctx);
if (EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
return WC_TEST_RET_ENC_NC;
@@ -19490,6 +21413,8 @@ static int openssl_aes_test(void)
if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(ctx);
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
wolfSSL_EVP_CIPHER_CTX_free(ctx);
#endif
@@ -19497,6 +21422,8 @@ static int openssl_aes_test(void)
#endif /* WOLFSSL_AES_128 */
#endif /* HAVE_AES_CBC */
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
#if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
{ /* evp_cipher test: EVP_aes_256_ecb*/
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -19630,6 +21557,8 @@ static int openssl_aes_test(void)
}
#endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
/* EVP_Cipher with EVP_aes_xxx_ctr() */
#ifdef WOLFSSL_AES_COUNTER
{
@@ -19777,6 +21706,11 @@ static int openssl_aes_test(void)
AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4)
return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+
if (XMEMCMP(cipherBuff, ctrCipher, AES_BLOCK_SIZE*4))
return WC_TEST_RET_ENC_NC;
if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4))
@@ -19804,6 +21738,11 @@ static int openssl_aes_test(void)
AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4)
return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+
wolfSSL_EVP_CIPHER_CTX_free(p_en);
wolfSSL_EVP_CIPHER_CTX_free(p_de);
#endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
@@ -19842,6 +21781,11 @@ static int openssl_aes_test(void)
return WC_TEST_RET_ENC_NC;
if (XMEMCMP(cipherBuff, oddCipher, 9))
return WC_TEST_RET_ENC_NC;
+
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@@ -19866,6 +21810,11 @@ static int openssl_aes_test(void)
return WC_TEST_RET_ENC_NC;
if (XMEMCMP(ctr192Cipher, cipherBuff, sizeof(ctr192Cipher)))
return WC_TEST_RET_ENC_NC;
+
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
@@ -19891,6 +21840,11 @@ static int openssl_aes_test(void)
if (XMEMCMP(ctr256Cipher, cipherBuff, sizeof(ctr256Cipher)))
return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+ if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+ return WC_TEST_RET_ENC_NC;
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
wolfSSL_EVP_CIPHER_CTX_free(en);
wolfSSL_EVP_CIPHER_CTX_free(de);
@@ -19900,6 +21854,8 @@ static int openssl_aes_test(void)
}
#endif /* HAVE_AES_COUNTER */
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
#if defined(WOLFSSL_AES_CFB) && defined(WOLFSSL_AES_128)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -19975,15 +21931,18 @@ static int openssl_aes_test(void)
#endif
}
#endif /* WOLFSSL_AES_CFB && WOLFSSL_AES_128 */
+
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
return 0;
}
#endif /* !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) */
-WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void)
{
- int ret;
+ wc_test_ret_t ret;
EVP_MD_CTX md_ctx;
testVector a, b, c, d, e, f;
byte hash[WC_SHA256_DIGEST_SIZE*2]; /* max size */
@@ -20534,6 +22493,8 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
} /* end evp_cipher test */
#endif /* HAVE_AES_ECB && WOLFSSL_AES_128 */
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
#if defined(WOLFSSL_AES_DIRECT) && defined(WOLFSSL_AES_256)
/* enable HAVE_AES_DECRYPT for AES_encrypt/decrypt */
{
@@ -20609,6 +22570,8 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
#endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
/* EVP_Cipher with EVP_aes_xxx_ctr() */
#ifdef WOLFSSL_AES_COUNTER
{
@@ -20759,6 +22722,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4))
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(en);
+ EVP_CIPHER_CTX_cleanup(de);
+
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
p_en = wolfSSL_EVP_CIPHER_CTX_new();
if (p_en == NULL)
@@ -20781,6 +22747,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4)
return WC_TEST_RET_ENC_NC;
+ EVP_CIPHER_CTX_cleanup(p_en);
+ EVP_CIPHER_CTX_cleanup(p_de);
+
wolfSSL_EVP_CIPHER_CTX_free(p_en);
wolfSSL_EVP_CIPHER_CTX_free(p_de);
#endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
@@ -20819,6 +22788,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
return WC_TEST_RET_ENC_NC;
if (XMEMCMP(cipherBuff, oddCipher, 9))
return WC_TEST_RET_ENC_NC;
+
+ EVP_CIPHER_CTX_cleanup(en);
+ EVP_CIPHER_CTX_cleanup(de);
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@@ -20843,6 +22815,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
return WC_TEST_RET_ENC_NC;
if (XMEMCMP(ctr192Cipher, cipherBuff, sizeof(ctr192Cipher)))
return WC_TEST_RET_ENC_NC;
+
+ EVP_CIPHER_CTX_cleanup(en);
+ EVP_CIPHER_CTX_cleanup(de);
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
@@ -20867,6 +22842,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
return WC_TEST_RET_ENC_NC;
if (XMEMCMP(ctr256Cipher, cipherBuff, sizeof(ctr256Cipher)))
return WC_TEST_RET_ENC_NC;
+
+ EVP_CIPHER_CTX_cleanup(en);
+ EVP_CIPHER_CTX_cleanup(de);
#endif /* WOLFSSL_AES_256 */
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -21149,9 +23127,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
return 0;
}
-WOLFSSL_TEST_SUBROUTINE int openSSL_evpMD_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if !defined(NO_SHA256) && !defined(NO_SHA)
WOLFSSL_EVP_MD_CTX* ctx;
WOLFSSL_EVP_MD_CTX* ctx2;
@@ -21238,14 +23216,14 @@ static void show(const char *title, const char *p, unsigned int s) {
printf("\n");
}
#else
-#define show(a,b,c)
+#define show(a,b,c) WC_DO_NOTHING
#endif
#define FOURK_BUFF 4096
-WOLFSSL_TEST_SUBROUTINE int openssl_pkey0_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(NO_SHA)
byte* prvTmp;
byte* pubTmp;
@@ -21471,9 +23449,9 @@ openssl_pkey0_test_done:
}
-WOLFSSL_TEST_SUBROUTINE int openssl_pkey1_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
!defined(NO_SHA)
EVP_PKEY_CTX* dec = NULL;
@@ -21668,7 +23646,7 @@ openssl_pkey1_test_done:
}
-WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void)
{
#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(HAVE_USER_RSA)
byte* prvTmp;
@@ -21687,7 +23665,7 @@ WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void)
unsigned int sigSz;
const void* pt;
unsigned int count;
- int ret, ret1, ret2;
+ wc_test_ret_t ret, ret1, ret2;
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
XFILE keyFile;
@@ -21868,12 +23846,12 @@ WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void)
#ifndef NO_PWDBASED
#ifdef HAVE_SCRYPT
/* Test vectors taken from RFC 7914: scrypt PBKDF - Section 12. */
-WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void)
{
#ifdef HAVE_FIPS
/* RFC 7914 test vector keys are too short for FIPS. */
#else
- int ret;
+ wc_test_ret_t ret;
byte derived[64];
WOLFSSL_SMALL_STACK_STATIC const byte verify1[] = {
@@ -21886,6 +23864,7 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
0xe8, 0xd3, 0xe0, 0xfb, 0x2e, 0x0d, 0x36, 0x28,
0xcf, 0x35, 0xe2, 0x0c, 0x38, 0xd1, 0x89, 0x06
};
+#if !defined(BENCH_EMBEDDED)
WOLFSSL_SMALL_STACK_STATIC const byte verify2[] = {
0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
@@ -21896,6 +23875,7 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
};
+#endif
#if !defined(BENCH_EMBEDDED) && !defined(WOLFSSL_LINUXKM) && !defined(HAVE_INTEL_QA)
WOLFSSL_SMALL_STACK_STATIC const byte verify3[] = {
0x70, 0x23, 0xbd, 0xcb, 0x3a, 0xfd, 0x73, 0x48,
@@ -21930,16 +23910,18 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
if (XMEMCMP(derived, verify1, sizeof(verify1)) != 0)
return WC_TEST_RET_ENC_NC;
+#if !defined(BENCH_EMBEDDED)
ret = wc_scrypt(derived, (byte*)"password", 8, (byte*)"NaCl", 4, 10, 8, 16,
sizeof(verify2));
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (XMEMCMP(derived, verify2, sizeof(verify2)) != 0)
return WC_TEST_RET_ENC_NC;
+#endif
/* Test case with parallel overflowing */
ret = wc_scrypt(derived, (byte*)"password", 16, (byte*)"NaCl", 16, 2, 4, 8388608,
- sizeof(verify2));
+ sizeof(verify1));
if (ret != BAD_FUNC_ARG)
return WC_TEST_RET_ENC_EC(ret);
@@ -21962,12 +23944,14 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
#endif
#endif /* !BENCH_EMBEDDED && !defined(WOLFSSL_LINUXKM) && !HAVE_INTEL_QA */
+#if !defined(BENCH_EMBEDDED)
ret = wc_scrypt_ex(derived, (byte*)"password", 8, (byte*)"NaCl", 4, 1<<10,
8, 16, sizeof(verify2));
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
if (XMEMCMP(derived, verify2, sizeof(verify2)) != 0)
return WC_TEST_RET_ENC_NC;
+#endif
#endif /* !HAVE_FIPS */
@@ -21976,7 +23960,7 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
#endif
#ifdef HAVE_PKCS12
-WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
{
WOLFSSL_SMALL_STACK_STATIC const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
0x00, 0x00 };
@@ -22002,7 +23986,7 @@ WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void)
int id = 1;
int kLen = 24;
int iterations = 1;
- int ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8,
+ wc_test_ret_t ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8,
iterations, kLen, WC_SHA256, id);
if (ret < 0)
@@ -22030,7 +24014,7 @@ WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void)
#endif /* HAVE_PKCS12 */
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
-WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void)
{
char passwd[] = "passwordpassword";
WOLFSSL_SMALL_STACK_STATIC const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
@@ -22043,7 +24027,7 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void)
0x2d, 0xd4, 0xf9, 0x37, 0xd4, 0x95, 0x16, 0xa7, 0x2a, 0x9a, 0x21, 0xd1
};
- int ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt,
+ wc_test_ret_t ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt,
(int)sizeof(salt), iterations, kLen, WC_SHA256, HEAP_HINT, devId);
if (ret != 0)
return ret;
@@ -22057,7 +24041,7 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void)
#endif /* HAVE_PBKDF2 && !NO_SHA256 && !NO_HMAC */
#if defined(HAVE_PBKDF1) && !defined(NO_SHA)
-WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void)
{
char passwd[] = "password";
WOLFSSL_SMALL_STACK_STATIC const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
@@ -22070,7 +24054,7 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void)
0xAF, 0x10, 0xEB, 0xFB, 0x4A, 0x3D, 0x2A, 0x20
};
- int ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd,
+ wc_test_ret_t ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd,
(int)XSTRLEN(passwd), salt, (int)sizeof(salt), iterations, WC_SHA,
HEAP_HINT);
if (ret != 0)
@@ -22083,9 +24067,9 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void)
}
#endif /* HAVE_PBKDF2 && !NO_SHA */
-WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if defined(HAVE_PBKDF1) && !defined(NO_SHA)
ret = pbkdf1_test();
@@ -22114,10 +24098,16 @@ WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
#if defined(HAVE_HKDF) && !defined(NO_HMAC)
+#if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) || \
+ defined(WOLFSSL_AFALG_XILINX_SHA3) || defined(WOLFSSL_AFALG_HASH_KEEP) || \
+ defined(WOLFSSL_AFALG_XILINX_RSA)
/* hkdf_test has issue with WOLFSSL_TEST_SUBROUTINE set on Xilinx with afalg */
-static int hkdf_test(void)
+static wc_test_ret_t hkdf_test(void)
+#else
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
+#endif
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if !defined(NO_SHA) || !defined(NO_SHA256)
int L;
@@ -22343,9 +24333,9 @@ static const SshKdfTestVector sshKdfTestVectors[] = {
};
-int sshkdf_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sshkdf_test(void)
{
- int result = 0;
+ wc_test_ret_t result = 0;
word32 i;
word32 tc = sizeof(sshKdfTestVectors)/sizeof(SshKdfTestVector);
const SshKdfTestVector* tv = NULL;
@@ -22930,9 +24920,9 @@ static const char resMasterLabel[] = "res master";
static const char derivedLabel[] = "derived";
-WOLFSSL_TEST_SUBROUTINE int tls13_kdf_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
word32 i;
word32 tc = sizeof(tls13KdfTestVectors)/sizeof(Tls13KdfTestVector);
const Tls13KdfTestVector* tv = NULL;
@@ -23073,9 +25063,9 @@ static const int fiducial2 = WC_TEST_RET_LN; /* source code reference point --
#if defined(HAVE_ECC) && defined(HAVE_X963_KDF)
-WOLFSSL_TEST_SUBROUTINE int x963kdf_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t x963kdf_test(void)
{
- int ret;
+ wc_test_ret_t ret;
byte kek[128];
#ifndef NO_SHA
@@ -23219,9 +25209,9 @@ WOLFSSL_TEST_SUBROUTINE int x963kdf_test(void)
#if defined(HAVE_HPKE) && (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \
defined(HAVE_AESGCM)
-static int hpke_test_single(Hpke* hpke)
+static wc_test_ret_t hpke_test_single(Hpke* hpke)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int rngRet = 0;
WC_RNG rng[1];
const char* start_text = "this is a test";
@@ -23232,33 +25222,39 @@ static int hpke_test_single(Hpke* hpke)
void* receiverKey = NULL;
void* ephemeralKey = NULL;
#ifdef WOLFSSL_SMALL_STACK
- uint8_t *pubKey = NULL; /* public key */
+ byte *pubKey = NULL; /* public key */
word16 pubKeySz = (word16)HPKE_Npk_MAX;
#else
- uint8_t pubKey[HPKE_Npk_MAX]; /* public key */
+ byte pubKey[HPKE_Npk_MAX]; /* public key */
word16 pubKeySz = (word16)sizeof(pubKey);
#endif
rngRet = ret = wc_InitRng(rng);
if (ret != 0)
- return ret;
+ return WC_TEST_RET_ENC_EC(ret);
#ifdef WOLFSSL_SMALL_STACK
if (ret == 0) {
- pubKey = (uint8_t *)XMALLOC(pubKeySz, HEAP_HINT,
+ pubKey = (byte *)XMALLOC(pubKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
if (pubKey == NULL)
- ret = MEMORY_E;
+ ret = WC_TEST_RET_ENC_EC(MEMORY_E);
}
#endif
/* generate the keys */
- if (ret == 0)
+ if (ret == 0) {
ret = wc_HpkeGenerateKeyPair(hpke, &ephemeralKey, rng);
+ if (ret != 0)
+ ret = WC_TEST_RET_ENC_EC(ret);
+ }
- if (ret == 0)
+ if (ret == 0) {
ret = wc_HpkeGenerateKeyPair(hpke, &receiverKey, rng);
+ if (ret != 0)
+ ret = WC_TEST_RET_ENC_EC(ret);
+ }
/* seal */
if (ret == 0) {
@@ -23267,11 +25263,16 @@ static int hpke_test_single(Hpke* hpke)
(byte*)aad_text, (word32)XSTRLEN(aad_text),
(byte*)start_text, (word32)XSTRLEN(start_text),
ciphertext);
+ if (ret != 0)
+ ret = WC_TEST_RET_ENC_EC(ret);
}
/* export ephemeral key */
- if (ret == 0)
+ if (ret == 0) {
ret = wc_HpkeSerializePublicKey(hpke, ephemeralKey, pubKey, &pubKeySz);
+ if (ret != 0)
+ ret = WC_TEST_RET_ENC_EC(ret);
+ }
/* open with exported ephemeral key */
if (ret == 0) {
@@ -23280,10 +25281,15 @@ static int hpke_test_single(Hpke* hpke)
(byte*)aad_text, (word32)XSTRLEN(aad_text),
ciphertext, (word32)XSTRLEN(start_text),
plaintext);
+ if (ret != 0)
+ ret = WC_TEST_RET_ENC_EC(ret);
}
- if (ret == 0)
+ if (ret == 0) {
ret = XMEMCMP(plaintext, start_text, XSTRLEN(start_text));
+ if (ret != 0)
+ ret = WC_TEST_RET_ENC_NC;
+ }
if (ephemeralKey != NULL)
wc_HpkeFreeKey(hpke, hpke->kem, ephemeralKey, hpke->heap);
@@ -23302,9 +25308,9 @@ static int hpke_test_single(Hpke* hpke)
return ret;
}
-WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
Hpke hpke[1];
#if defined(HAVE_ECC)
@@ -23314,7 +25320,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
HPKE_AES_128_GCM, NULL);
if (ret != 0)
- return ret;
+ return WC_TEST_RET_ENC_EC(ret);
ret = hpke_test_single(hpke);
@@ -23329,7 +25335,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
HPKE_AES_128_GCM, NULL);
if (ret != 0)
- return ret;
+ return WC_TEST_RET_ENC_EC(ret);
ret = hpke_test_single(hpke);
@@ -23344,7 +25350,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
HPKE_AES_128_GCM, NULL);
if (ret != 0)
- return ret;
+ return WC_TEST_RET_ENC_EC(ret);
ret = hpke_test_single(hpke);
@@ -23359,7 +25365,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
HPKE_AES_256_GCM, NULL);
if (ret != 0)
- return ret;
+ return WC_TEST_RET_ENC_EC(ret);
ret = hpke_test_single(hpke);
@@ -23372,11 +25378,449 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
}
#endif /* HAVE_HPKE && HAVE_ECC && HAVE_AESGCM */
+#if defined(WC_SRTP_KDF)
+typedef struct Srtp_Kdf_Tv {
+ const unsigned char* key;
+ word32 keySz;
+ const unsigned char* salt;
+ word32 saltSz;
+ int kdfIdx;
+ const unsigned char* index;
+ const unsigned char* ke;
+ const unsigned char* ka;
+ const unsigned char* ks;
+ const unsigned char* index_c;
+ const unsigned char* ke_c;
+ const unsigned char* ka_c;
+ const unsigned char* ks_c;
+ word32 keSz;
+ word32 kaSz;
+ word32 ksSz;
+} Srtp_Kdf_Tv;
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
+{
+ wc_test_ret_t ret = 0;
+ /* 128-bit key, kdrIdx = -1 */
+ WOLFSSL_SMALL_STACK_STATIC const byte key_0[] = {
+ 0xc4, 0x80, 0x9f, 0x6d, 0x36, 0x98, 0x88, 0x72,
+ 0x8e, 0x26, 0xad, 0xb5, 0x32, 0x12, 0x98, 0x90
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte salt_0[] = {
+ 0x0e, 0x23, 0x00, 0x6c, 0x6c, 0x04, 0x4f, 0x56,
+ 0x62, 0x40, 0x0e, 0x9d, 0x1b, 0xd6
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_0[] = {
+ 0x48, 0x71, 0x65, 0x64, 0x9c, 0xca
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_0[] = {
+ 0xdc, 0x38, 0x21, 0x92, 0xab, 0x65, 0x10, 0x8a,
+ 0x86, 0xb2, 0x59, 0xb6, 0x1b, 0x3a, 0xf4, 0x6f
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_0[] = {
+ 0xb8, 0x39, 0x37, 0xfb, 0x32, 0x17, 0x92, 0xee,
+ 0x87, 0xb7, 0x88, 0x19, 0x3b, 0xe5, 0xa4, 0xe3,
+ 0xbd, 0x32, 0x6e, 0xe4
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_0[] = {
+ 0xf1, 0xc0, 0x35, 0xc0, 0x0b, 0x5a, 0x54, 0xa6,
+ 0x16, 0x92, 0xc0, 0x16, 0x27, 0x6c
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_c_0[] = {
+ 0x56, 0xf3, 0xf1, 0x97
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_c_0[] = {
+ 0xab, 0x5b, 0xe0, 0xb4, 0x56, 0x23, 0x5d, 0xcf,
+ 0x77, 0xd5, 0x08, 0x69, 0x29, 0xba, 0xfb, 0x38
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_c_0[] = {
+ 0xc5, 0x2f, 0xde, 0x0b, 0x80, 0xb0, 0xf0, 0xba,
+ 0xd8, 0xd1, 0x56, 0x45, 0xcb, 0x86, 0xe7, 0xc7,
+ 0xc3, 0xd8, 0x77, 0x0e
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_c_0[] = {
+ 0xde, 0xb5, 0xf8, 0x5f, 0x81, 0x33, 0x6a, 0x96,
+ 0x5e, 0xd3, 0x2b, 0xb7, 0xed, 0xe8
+ };
+ /* 192-bit key, kdrIdx = 0 */
+ WOLFSSL_SMALL_STACK_STATIC const byte key_1[] = {
+ 0xbb, 0x04, 0x5b, 0x1f, 0x53, 0xc6, 0x93, 0x2c,
+ 0x2b, 0xa6, 0x88, 0xf5, 0xe3, 0xf2, 0x24, 0x70,
+ 0xe1, 0x7d, 0x7d, 0xec, 0x8a, 0x93, 0x4d, 0xf2
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte salt_1[] = {
+ 0xe7, 0x22, 0xab, 0x92, 0xfc, 0x7c, 0x89, 0xb6,
+ 0x53, 0x8a, 0xf9, 0x3c, 0xb9, 0x52
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_1[] = {
+ 0xd7, 0x87, 0x8f, 0x33, 0xb1, 0x76
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_1[] = {
+ 0x2c, 0xc8, 0x3e, 0x54, 0xb2, 0x33, 0x89, 0xb3,
+ 0x71, 0x65, 0x0f, 0x51, 0x61, 0x65, 0xe4, 0x93,
+ 0x07, 0x4e, 0xb3, 0x47, 0xba, 0x2d, 0x60, 0x60
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_1[] = {
+ 0x2e, 0x80, 0xe4, 0x82, 0x55, 0xa2, 0xbe, 0x6d,
+ 0xe0, 0x46, 0xcc, 0xc1, 0x75, 0x78, 0x6e, 0x78,
+ 0xd1, 0xd1, 0x47, 0x08
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_1[] = {
+ 0xe0, 0xc1, 0xe6, 0xaf, 0x1e, 0x8d, 0x8c, 0xfe,
+ 0xe5, 0x60, 0x70, 0xb5, 0xe6, 0xea
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_c_1[] = {
+ 0x40, 0xbf, 0xd4, 0xa9
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_c_1[] = {
+ 0x94, 0x0f, 0x55, 0xce, 0x58, 0xd8, 0x16, 0x65,
+ 0xf0, 0xfa, 0x46, 0x40, 0x0c, 0xda, 0xb1, 0x11,
+ 0x9e, 0x69, 0xa0, 0x93, 0x4e, 0xd7, 0xf2, 0x84
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_c_1[] = {
+ 0xf5, 0x41, 0x6f, 0xc2, 0x65, 0xc5, 0xb3, 0xef,
+ 0xbb, 0x22, 0xc8, 0xfc, 0x6b, 0x00, 0x14, 0xb2,
+ 0xf3, 0x3b, 0x8e, 0x29
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_c_1[] = {
+ 0x35, 0xb7, 0x42, 0x43, 0xf0, 0x01, 0x01, 0xb4,
+ 0x68, 0xa1, 0x28, 0x80, 0x37, 0xf0
+ };
+ /* 256-bit key, kdrIdx = 1 */
+ WOLFSSL_SMALL_STACK_STATIC const byte key_2[] = {
+ 0x10, 0x38, 0x0a, 0xcd, 0xd6, 0x47, 0xab, 0xee,
+ 0xc0, 0xd4, 0x44, 0xf4, 0x7e, 0x51, 0x36, 0x02,
+ 0x79, 0xa8, 0x94, 0x80, 0x35, 0x40, 0xed, 0x50,
+ 0xf4, 0x45, 0x30, 0x3d, 0xb5, 0xf0, 0x2b, 0xbb
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte salt_2[] = {
+ 0xc7, 0x31, 0xf2, 0xc8, 0x40, 0x43, 0xb8, 0x74,
+ 0x8a, 0x61, 0x84, 0x7a, 0x25, 0x8a
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_2[] = {
+ 0x82, 0xf1, 0x84, 0x8c, 0xac, 0x42
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_2[] = {
+ 0xb2, 0x26, 0x60, 0xaf, 0x08, 0x23, 0x14, 0x98,
+ 0x91, 0xde, 0x5d, 0x87, 0x95, 0x61, 0xca, 0x8f,
+ 0x0e, 0xce, 0xfb, 0x68, 0x4d, 0xd6, 0x28, 0xcb,
+ 0x28, 0xe2, 0x27, 0x20, 0x2d, 0xff, 0x64, 0xbb
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_2[] = {
+ 0x12, 0x6f, 0x52, 0xe8, 0x07, 0x7f, 0x07, 0x84,
+ 0xa0, 0x61, 0x96, 0xf8, 0xee, 0x4d, 0x05, 0x57,
+ 0x65, 0xc7, 0x50, 0xc1
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_2[] = {
+ 0x18, 0x5a, 0x59, 0xe5, 0x91, 0x4d, 0xc9, 0x6c,
+ 0xfa, 0x5b, 0x36, 0x06, 0x8c, 0x9a
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_c_2[] = {
+ 0x31, 0x2d, 0x58, 0x15
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_c_2[] = {
+ 0x14, 0xf2, 0xc8, 0x25, 0x02, 0x79, 0x22, 0xa1,
+ 0x96, 0xb6, 0xf7, 0x07, 0x76, 0xa6, 0xa3, 0xc4,
+ 0x37, 0xdf, 0xa0, 0xf8, 0x78, 0x93, 0x2c, 0xfa,
+ 0xea, 0x35, 0xf0, 0xf3, 0x3f, 0x32, 0x6e, 0xfd
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_c_2[] = {
+ 0x6e, 0x3d, 0x4a, 0x99, 0xea, 0x2f, 0x9d, 0x13,
+ 0x4a, 0x1e, 0x71, 0x2e, 0x15, 0xc0, 0xca, 0xb6,
+ 0x35, 0x78, 0xdf, 0xa4
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_c_2[] = {
+ 0xae, 0xe4, 0xec, 0x18, 0x31, 0x70, 0x5d, 0x3f,
+ 0xdc, 0x97, 0x89, 0x88, 0xfd, 0xff
+ };
+ /* 128-bit key, kdrIdx = 8 */
+ WOLFSSL_SMALL_STACK_STATIC const byte key_3[] = {
+ 0x36, 0xb4, 0xde, 0xcb, 0x2e, 0x51, 0x23, 0x76,
+ 0xe0, 0x27, 0x7e, 0x3e, 0xc8, 0xf6, 0x54, 0x04
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte salt_3[] = {
+ 0x73, 0x26, 0xf4, 0x3f, 0xc0, 0xd9, 0xc6, 0xe3,
+ 0x2f, 0x92, 0x7d, 0x46, 0x12, 0x76
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_3[] = {
+ 0x44, 0x73, 0xb2, 0x2d, 0xb2, 0x60
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_3[] = {
+ 0x79, 0x91, 0x3d, 0x7b, 0x20, 0x5d, 0xea, 0xe2,
+ 0xeb, 0x46, 0x89, 0x68, 0x5a, 0x06, 0x73, 0x74
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_3[] = {
+ 0x2d, 0x2e, 0x97, 0x4e, 0x76, 0x8c, 0x62, 0xa6,
+ 0x57, 0x80, 0x13, 0x42, 0x0b, 0x51, 0xa7, 0x66,
+ 0xea, 0x31, 0x24, 0xe6
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_3[] = {
+ 0xcc, 0xd7, 0x31, 0xf6, 0x3b, 0xf3, 0x89, 0x8a,
+ 0x5b, 0x7b, 0xb5, 0x8b, 0x4c, 0x3f
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte index_c_3[] = {
+ 0x4a, 0x7d, 0xaa, 0x85
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ke_c_3[] = {
+ 0x34, 0x99, 0x71, 0xfe, 0x12, 0x93, 0xae, 0x8c,
+ 0x4a, 0xe9, 0x84, 0xe4, 0x93, 0x53, 0x63, 0x88
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ka_c_3[] = {
+ 0xa4, 0x53, 0x5e, 0x0a, 0x9c, 0xf2, 0xce, 0x13,
+ 0xef, 0x7a, 0x13, 0xee, 0x0a, 0xef, 0xba, 0x17,
+ 0x05, 0x18, 0xe3, 0xed
+ };
+ WOLFSSL_SMALL_STACK_STATIC const byte ks_c_3[] = {
+ 0xe1, 0x29, 0x4f, 0x61, 0x30, 0x3c, 0x4d, 0x46,
+ 0x5f, 0x5c, 0x81, 0x3c, 0x38, 0xb6
+ };
+ #define SRTP_TV_CNT 4
+ Srtp_Kdf_Tv tv[SRTP_TV_CNT] = {
+ { key_0, (word32)sizeof(key_0), salt_0, (word32)sizeof(salt_0), -1,
+ index_0, ke_0, ka_0, ks_0, index_c_0, ke_c_0, ka_c_0, ks_c_0,
+ 16, 20, 14 },
+ { key_1, (word32)sizeof(key_1), salt_1, (word32)sizeof(salt_1), 0,
+ index_1, ke_1, ka_1, ks_1, index_c_1, ke_c_1, ka_c_1, ks_c_1,
+ 24, 20, 14 },
+ { key_2, (word32)sizeof(key_2), salt_2, (word32)sizeof(salt_2), 1,
+ index_2, ke_2, ka_2, ks_2, index_c_2, ke_c_2, ka_c_2, ks_c_2,
+ 32, 20, 14 },
+ { key_3, (word32)sizeof(key_3), salt_3, (word32)sizeof(salt_3), 8,
+ index_3, ke_3, ka_3, ks_3, index_c_3, ke_c_3, ka_c_3, ks_c_3,
+ 16, 20, 14 },
+ };
+ int i;
+ int idx;
+ unsigned char keyE[32];
+ unsigned char keyA[20];
+ unsigned char keyS[14];
+
+ for (i = 0; (ret == 0) && (i < SRTP_TV_CNT); i++) {
+ #ifndef WOLFSSL_AES_128
+ if (tv[i].keySz == AES_128_KEY_SIZE) {
+ continue;
+ }
+ #endif
+ #ifndef WOLFSSL_AES_192
+ if (tv[i].keySz == AES_192_KEY_SIZE) {
+ continue;
+ }
+ #endif
+ #ifndef WOLFSSL_AES_256
+ if (tv[i].keySz == AES_256_KEY_SIZE) {
+ continue;
+ }
+ #endif
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+ tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_ENCRYPTION,
+ keyE, tv[i].keSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+ tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_MSG_AUTH,
+ keyA, tv[i].kaSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+ tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_SALT, keyS,
+ tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+ if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+ tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c,
+ WC_SRTCP_LABEL_ENCRYPTION, keyE, tv[i].keSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+ tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_MSG_AUTH,
+ keyA, tv[i].kaSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+
+ ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+ tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_SALT,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0)
+ return WC_TEST_RET_ENC_NC;
+ }
+
+#ifdef WOLFSSL_AES_128
+ i = 0;
+#elif defined(WOLFSSL_AES_192)
+ i = 1;
+#else
+ i = 2;
+#endif
+ ret = wc_SRTP_KDF(tv[i].key, 33, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, 33, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ 25, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ 25, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ -2, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ -2, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != BAD_FUNC_ARG)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, NULL, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, NULL, tv[i].keSz, keyA, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, NULL, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, NULL, tv[i].kaSz,
+ keyS, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ NULL, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+ tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+ NULL, tv[i].ksSz);
+ if (ret != 0)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ idx = wc_SRTP_KDF_kdr_to_idx(0);
+ if (idx != -1)
+ return WC_TEST_RET_ENC_NC;
+ for (i = 0; i < 32; i++) {
+ word32 kdr = 1U << i;
+ idx = wc_SRTP_KDF_kdr_to_idx(kdr);
+ if (idx != i)
+ return WC_TEST_RET_ENC_NC;
+ }
+
+ return 0;
+}
+#endif
+
#ifdef HAVE_ECC
/* size to use for ECC key gen tests */
#ifndef ECC_KEYGEN_SIZE
- #ifndef NO_ECC256
+ #if !defined(NO_ECC256) || defined(WOLFSSL_SM2)
#define ECC_KEYGEN_SIZE 32
#elif defined(HAVE_ECC384)
#define ECC_KEYGEN_SIZE 48
@@ -23433,9 +25877,10 @@ typedef struct eccVector {
} eccVector;
#if !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_test_vector_item(const eccVector* vector)
+static wc_test_ret_t ecc_test_vector_item(const eccVector* vector)
{
- int ret = 0, verify = 0;
+ wc_test_ret_t ret = 0;
+ int verify = 0;
word32 sigSz;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *userA = (ecc_key *)XMALLOC(sizeof *userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -23539,9 +25984,9 @@ done:
return ret;
}
-static int ecc_test_vector(int keySize)
+static wc_test_ret_t ecc_test_vector(int keySize)
{
- int ret;
+ wc_test_ret_t ret;
eccVector vec;
XMEMSET(&vec, 0, sizeof(vec));
@@ -23789,9 +26234,9 @@ static int ecc_test_vector(int keySize)
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)) \
&& (!defined(FIPS_VERSION_GE) || FIPS_VERSION_GE(5,3))
#if defined(HAVE_ECC256)
-static int ecc_test_deterministic_k(WC_RNG* rng)
+static wc_test_ret_t ecc_test_deterministic_k(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
#ifdef WOLFSSL_SMALL_STACK
ecc_key *key = NULL;
#else
@@ -23895,9 +26340,9 @@ done:
#ifdef WOLFSSL_PUBLIC_MP
#if defined(HAVE_ECC384)
/* KAT from RFC6979 */
-static int ecc384_test_deterministic_k(WC_RNG* rng)
+static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
#ifdef WOLFSSL_SMALL_STACK
ecc_key *key;
mp_int *r, *s, *expR, *expS;
@@ -24008,9 +26453,9 @@ done:
#if defined(HAVE_ECC521)
/* KAT from RFC6979 */
-static int ecc521_test_deterministic_k(WC_RNG* rng)
+static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
#ifdef WOLFSSL_SMALL_STACK
ecc_key *key;
mp_int *r, *s, *expR, *expS;
@@ -24067,7 +26512,7 @@ static int ecc521_test_deterministic_k(WC_RNG* rng)
}
ret = wc_ecc_init_ex(key, HEAP_HINT, devId);
if (ret != 0) {
- return ret;
+ return WC_TEST_RET_ENC_EC(ret);
}
key_inited = 1;
@@ -24132,9 +26577,9 @@ done:
#if defined(HAVE_ECC_SIGN) && defined(WOLFSSL_ECDSA_SET_K) && \
!defined(WOLFSSL_KCAPI_ECC)
-static int ecc_test_sign_vectors(WC_RNG* rng)
+static wc_test_ret_t ecc_test_sign_vectors(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *key = NULL;
#else
@@ -24232,9 +26677,9 @@ done:
#endif
#if defined(HAVE_ECC_CDH) && defined(HAVE_ECC_DHE)
-static int ecc_test_cdh_vectors(WC_RNG* rng)
+static wc_test_ret_t ecc_test_cdh_vectors(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *pub_key = (ecc_key *)XMALLOC(sizeof *pub_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ecc_key *priv_key = (ecc_key *)XMALLOC(sizeof *priv_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24336,7 +26781,7 @@ done:
#ifdef HAVE_ECC_KEY_IMPORT
/* returns 0 on success */
-static int ecc_test_make_pub(WC_RNG* rng)
+static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24357,7 +26802,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
const byte* msg = (const byte*)"test wolfSSL ECC public gen";
word32 x;
word32 tmpSz;
- int ret = 0;
+ wc_test_ret_t ret = 0;
ecc_point* pubPoint = NULL;
#ifdef HAVE_ECC_VERIFY
int verify = 0;
@@ -24612,9 +27057,9 @@ done:
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT) && \
!defined(WC_NO_RNG) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_test_key_decode(WC_RNG* rng, int keySize)
+static wc_test_ret_t ecc_test_key_decode(WC_RNG* rng, int keySize)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *eccKey = (ecc_key *)XMALLOC(sizeof *eccKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *tmpBuf = (byte *)XMALLOC(ECC_BUFSIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24648,7 +27093,7 @@ static int ecc_test_key_decode(WC_RNG* rng, int keySize)
if (ret < 0) {
goto done;
}
- tmpSz = ret;
+ tmpSz = (word32)ret;
ret = wc_ecc_init(eccKey);
if (ret != 0) {
@@ -24694,9 +27139,9 @@ static int ecc_test_key_decode(WC_RNG* rng, int keySize)
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT) && \
!defined(WC_NO_RNG) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_test_key_gen(WC_RNG* rng, int keySize)
+static wc_test_ret_t ecc_test_key_gen(WC_RNG* rng, int keySize)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int derSz;
#ifdef HAVE_PKCS8
word32 pkcs8Sz;
@@ -24711,41 +27156,40 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((der == NULL) || (userA == NULL))
- ERROR_OUT(MEMORY_E, done);
+ ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), done);
#endif
ret = wc_ecc_init_ex(userA, HEAP_HINT, devId);
if (ret != 0)
- goto done;
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
ret = wc_ecc_make_key(rng, keySize, userA);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0)
- goto done;
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
TEST_SLEEP();
ret = wc_ecc_check_key(userA);
if (ret != 0)
- goto done;
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
TEST_SLEEP();
derSz = wc_EccKeyToDer(userA, der, ECC_BUFSIZE);
if (derSz < 0) {
- ERROR_OUT(derSz, done);
+ ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
}
ret = SaveDerAndPem(der, derSz, eccCaKeyTempFile, eccCaKeyPemFile,
ECC_PRIVATEKEY_TYPE);
- if (ret != 0) {
- goto done;
- }
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
/* test export of public key */
derSz = wc_EccPublicKeyToDer(userA, der, ECC_BUFSIZE, 1);
if (derSz < 0) {
- ERROR_OUT(derSz, done);
+ ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
}
if (derSz == 0) {
ERROR_OUT(WC_TEST_RET_ENC_NC, done);
@@ -24755,7 +27199,7 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
/* test export of compressed public key */
derSz = wc_EccPublicKeyToDer_ex(userA, der, ECC_BUFSIZE, 1, 1);
if (derSz < 0) {
- ERROR_OUT(derSz, done);
+ ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
}
if (derSz == 0) {
ERROR_OUT(WC_TEST_RET_ENC_NC, done);
@@ -24763,16 +27207,15 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
#endif
ret = SaveDerAndPem(der, derSz, eccPubKeyDerFile, NULL, 0);
- if (ret != 0) {
- goto done;
- }
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
#ifdef HAVE_PKCS8
/* test export of PKCS#8 unencrypted private key */
pkcs8Sz = FOURK_BUF;
derSz = wc_EccPrivateKeyToPKCS8(userA, der, &pkcs8Sz);
if (derSz < 0) {
- ERROR_OUT(derSz, done);
+ ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
}
if (derSz == 0) {
@@ -24802,7 +27245,7 @@ done:
}
#endif /* HAVE_ECC_KEY_EXPORT && !NO_ASN_CRYPT */
-static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
+static wc_test_ret_t ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
int curve_id, const ecc_set_type* dp)
{
#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) && \
@@ -24826,7 +27269,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
int verify;
#endif /* HAVE_ECC_VERIFY */
#endif /* HAVE_ECC_SIGN */
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *userA = (ecc_key *)XMALLOC(sizeof *userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ecc_key *userB = (ecc_key *)XMALLOC(sizeof *userB, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24937,7 +27380,8 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
/* only perform the below tests if the key size matches */
if (dp == NULL && keySize > 0 && wc_ecc_size(userA) != keySize)
- ERROR_OUT(ECC_CURVE_OID_E, done);
+ /* Not an error, just not a key size match */
+ WARNING_OUT(ECC_CURVE_OID_E, done);
#ifdef HAVE_ECC_DHE
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
@@ -25243,12 +27687,12 @@ done:
#undef ECC_TEST_VERIFY_COUNT
#define ECC_TEST_VERIFY_COUNT 2
-static int ecc_test_curve(WC_RNG* rng, int keySize)
+static wc_test_ret_t ecc_test_curve(WC_RNG* rng, int keySize, int curve_id)
{
- int ret;
+ wc_test_ret_t ret;
- ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT,
- ECC_CURVE_DEF, NULL);
+ ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT, curve_id,
+ NULL);
if (ret < 0) {
if (ret == ECC_CURVE_OID_E) {
/* ignore error for curves not found */
@@ -25257,7 +27701,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
and HAVE_ECC_KOBLITZ */
}
else {
- printf("ecc_test_curve_size %d failed!: %d\n", keySize, ret);
+ printf("ecc_test_curve_size %d failed!\n", keySize);
return ret;
}
}
@@ -25266,7 +27710,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
#ifdef HAVE_ECC_VECTOR_TEST
ret = ecc_test_vector(keySize);
if (ret < 0) {
- printf("ecc_test_vector %d failed!: %d\n", keySize, ret);
+ printf("ecc_test_vector %d failed!\n", keySize);
return ret;
}
#endif
@@ -25279,7 +27723,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
/* ignore error for curves not found */
}
else {
- printf("ecc_test_key_decode %d failed!: %d\n", keySize, ret);
+ printf("ecc_test_key_decode %d failed!\n", keySize);
return ret;
}
}
@@ -25292,7 +27736,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
/* ignore error for curves not found */
}
else {
- printf("ecc_test_key_gen %d failed!: %d\n", keySize, ret);
+ printf("ecc_test_key_gen %d failed!\n", keySize);
return ret;
}
}
@@ -25305,9 +27749,9 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WOLFSSL_NO_MALLOC) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_point_test(void)
+static wc_test_ret_t ecc_point_test(void)
{
- int ret;
+ wc_test_ret_t ret;
ecc_point* point;
ecc_point* point2;
#ifdef HAVE_COMP_KEY
@@ -25548,9 +27992,9 @@ done:
#endif /* !WOLFSSL_ATECC508A && HAVE_ECC_KEY_IMPORT && HAVE_ECC_KEY_EXPORT */
#if !defined(NO_SIG_WRAPPER) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_sig_test(WC_RNG* rng, ecc_key* key)
+static wc_test_ret_t ecc_sig_test(WC_RNG* rng, ecc_key* key)
{
- int ret;
+ wc_test_ret_t ret;
word32 sigSz;
int size;
byte out[ECC_MAX_SIG_SIZE];
@@ -25602,9 +28046,9 @@ static int ecc_sig_test(WC_RNG* rng, ecc_key* key)
#if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_exp_imp_test(ecc_key* key)
+static wc_test_ret_t ecc_exp_imp_test(ecc_key* key)
{
- int ret;
+ wc_test_ret_t ret;
int curve_id;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *keyImp = (ecc_key *)XMALLOC(sizeof *keyImp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -25732,9 +28176,9 @@ done:
#if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT) && \
!defined(WOLFSSL_CRYPTOCELL) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_mulmod_test(ecc_key* key1)
+static wc_test_ret_t ecc_mulmod_test(ecc_key* key1)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *key2 = (ecc_key *)XMALLOC(sizeof *key2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
ecc_key *key3 = (ecc_key *)XMALLOC(sizeof *key3, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -25798,9 +28242,9 @@ done:
#if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_ssh_test(ecc_key* key, WC_RNG* rng)
+static wc_test_ret_t ecc_ssh_test(ecc_key* key, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
byte out[128];
word32 outLen = sizeof(out);
@@ -25845,17 +28289,17 @@ static int ecc_ssh_test(ecc_key* key, WC_RNG* rng)
}
#endif /* HAVE_ECC_DHE && !WC_NO_RNG */
-static int ecc_def_curve_test(WC_RNG *rng)
+static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#else
ecc_key key[1];
#endif
-#if ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
- (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT))) \
- && !defined(NO_ECC_SECP)
+#if !defined(NO_ECC_SECP) && \
+ ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
+ (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
word32 idx = 0;
#endif
@@ -25906,9 +28350,9 @@ static int ecc_def_curve_test(WC_RNG *rng)
(void)rng;
#endif /* !WC_NO_RNG */
-#if ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
- (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT))) \
- && !defined(NO_ECC_SECP)
+#if !defined(NO_ECC_SECP) && \
+ ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
+ (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
/* Use test ECC key - ensure real private "d" exists */
#ifdef USE_CERT_BUFFERS_256
ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key,
@@ -25963,9 +28407,9 @@ done:
#if defined(WOLFSSL_CERT_EXT) && \
(!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
-static int ecc_decode_test(void)
+static wc_test_ret_t ecc_decode_test(void)
{
- int ret;
+ wc_test_ret_t ret;
word32 inSz;
word32 inOutIdx;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -26170,9 +28614,9 @@ static const byte eccKeyExplicitCurve[] = {
0xac, 0xf0, 0x1d, 0x86, 0xf4, 0x2f, 0x65, 0x0b
};
-static int ecc_test_custom_curves(WC_RNG* rng)
+static wc_test_ret_t ecc_test_custom_curves(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
word32 inOutIdx;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -26226,7 +28670,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF,
&ecc_dp_brainpool256r1);
if (ret != 0) {
- printf("ECC test for custom curve failed! %d\n", ret);
+ printf("ECC test for custom curve failed!\n");
goto done;
}
#endif
@@ -26242,7 +28686,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
/* Test and demonstrate use of non-SECP curve */
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, curve_id, NULL);
if (ret < 0) {
- printf("ECC test for curve_id %d failed! %d\n", curve_id, ret);
+ printf("ECC test for curve_id %d failed!\n", curve_id);
goto done;
}
}
@@ -26277,12 +28721,556 @@ static int ecc_test_custom_curves(WC_RNG* rng)
}
#endif /* WOLFSSL_CUSTOM_CURVES */
+#ifdef WOLFSSL_SM2
+#ifdef HAVE_ECC_VERIFY
+#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_CUSTOM_CURVES)
+ #ifdef WOLFSSL_SM2
+ #ifdef HAVE_OID_ENCODING
+ #define CODED_SM2P256V1 {1,2,156,10197,1,301}
+ #define CODED_SM2P256V1_SZ 6
+ #else
+ #define CODED_SM2P256V1 {0x06,0x08,0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D}
+ #define CODED_SM2P256V1_SZ 10
+ #endif
+ #ifndef WOLFSSL_ECC_CURVE_STATIC
+ static const ecc_oid_t ecc_oid_sm2p256v1[] = CODED_SM2P256V1;
+ #else
+ #define ecc_oid_sm2p256v1 CODED_SM2P256V1
+ #endif
+ #define ecc_oid_sm2p256v1_sz CODED_SM2P256V1_SZ
+ #endif /* WOLFSSL_SM2 */
+ #define ECC_SM2P256V1_TEST 102
+static int test_sm2_verify_caseA2(void)
+{
+ ecc_key key;
+ int ret, res;
+ mp_int r,s;
+
+ /* test key values */
+ const char qx[] = "0AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A";
+ const char qy[] = "7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857";
+ const char d[] = "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263";
+
+ const ecc_set_type ecc_sm2_A2 = {
+ 32, /* size/bytes */
+ ECC_SM2P256V1_TEST, /* ID */
+ "SM2P256V1_TEST", /* curve name */
+
+ /* from test case A.2 in draft-shen-sm2-ecdsa-02 */
+ "8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", /* prime */
+ "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", /* A */
+ "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", /* B */
+ "8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", /* order n */
+ "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", /* Gx */
+ "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", /* Gy */
+ ecc_oid_sm2p256v1, /* oid/oidSz */
+ ecc_oid_sm2p256v1_sz,
+ ECC_SM2P256V1_OID, /* oid sum */
+ 1, /* cofactor */
+ };
+
+ /* use canned hash value hash = H(ZA||M) */
+ const byte hash[] = {
+ 0xB5,0x24,0xF5,0x52,0xCD,0x82,0xB8,0xB0,
+ 0x28,0x47,0x6E,0x00,0x5C,0x37,0x7F,0xB1,
+ 0x9A,0x87,0xE6,0xFC,0x68,0x2D,0x48,0xBB,
+ 0x5D,0x42,0xE3,0xD9,0xB9,0xEF,0xFE,0x76
+ };
+
+ /* canned r and s */
+ const byte rCan[] = {
+ 0x40,0xF1,0xEC,0x59,0xF7,0x93,0xD9,0xF4,
+ 0x9E,0x09,0xDC,0xEF,0x49,0x13,0x0D,0x41,
+ 0x94,0xF7,0x9F,0xB1,0xEE,0xD2,0xCA,0xA5,
+ 0x5B,0xAC,0xDB,0x49,0xC4,0xE7,0x55,0xD1
+ };
+
+ const byte sCan[] = {
+ 0x6F,0xC6,0xDA,0xC3,0x2C,0x5D,0x5C,0xF1,
+ 0x0C,0x77,0xDF,0xB2,0x0F,0x7C,0x2E,0xB6,
+ 0x67,0xA4,0x57,0x87,0x2F,0xB0,0x9E,0xC5,
+ 0x63,0x27,0xA6,0x7E,0xC7,0xDE,0xEB,0xE7
+ };
+ mp_init(&r);
+ mp_init(&s);
+
+ ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ ret = wc_ecc_set_custom_curve(&key, &ecc_sm2_A2);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ ret = wc_ecc_import_raw_ex(&key, qx, qy, d, ECC_SM2P256V1_TEST);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ mp_read_unsigned_bin(&r, rCan, sizeof(rCan));
+ mp_read_unsigned_bin(&s, sCan, sizeof(sCan));
+
+ ret = wc_ecc_sm2_verify_hash_ex(&r, &s, hash, sizeof(hash), &res, &key);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (res != 1)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+done:
+ mp_free(&r);
+ mp_free(&s);
+ wc_ecc_free(&key);
+ return ret;
+}
+#endif /* WOLFSSL_PUBLIC_MP && WOLFSSL_CUSTOM_CURVES */
+
+static int test_sm2_verify_case(void)
+{
+ ecc_key key;
+ int ret, res;
+
+ /* test key values */
+ const char qx[] = "637F1B135036C933DC3F7A8EBB1B7B2FD1DFBD268D4F894B5AD47DBDBECD558F";
+ const char qy[] = "E88101D08048E36CCBF61CA38DDF7ABA542B4486E99E49F3A7470A857A096433";
+
+ /* use canned hash value hash = H(ZA||M) */
+ const byte hash[] = {
+ 0x3B,0xFA,0x5F,0xFB,0xC4,0x27,0x8C,0x9D,
+ 0x02,0x3A,0x19,0xCB,0x1E,0xAA,0xD2,0xF1,
+ 0x50,0x69,0x5B,0x20
+ };
+
+ const byte sig[] = {
+ 0x30,0x45,0x02,0x21,0x00,0xD2,0xFC,0xA3,
+ 0x88,0xE3,0xDF,0xA3,0x00,0x73,0x9B,0x3C,
+ 0x2A,0x0D,0xAD,0x44,0xA2,0xFC,0x62,0xD5,
+ 0x6B,0x84,0x54,0xD8,0x40,0x22,0x62,0x3D,
+ 0x5C,0xA6,0x61,0x9B,0xE7,0x02,0x20,0x1D,
+ 0xB5,0xB5,0xD9,0xD8,0xF1,0x20,0xDD,0x97,
+ 0x92,0xBF,0x7E,0x9B,0x3F,0xE6,0x3C,0x4B,
+ 0x03,0xD8,0x80,0xBD,0xB7,0x27,0x7E,0x6A,
+ 0x84,0x23,0xDE,0x61,0x7C,0x8D,0xDC
+ };
+
+ const byte badSig[] = {
+ 0x30,0x45,0x02,0x21,0x00,0xD2,0xFC,0xA3,
+ 0x88,0xE3,0xDF,0xA3,0x00,0x73,0x9B,0x3C,
+ 0x2A,0x0D,0xAD,0x44,0xA2,0xFC,0x62,0xD5,
+ 0x6B,0x84,0x54,0xD8,0x40,0x22,0x62,0x3D,
+ 0x5C,0xA6,0x61,0x9B,0xE7,0x02,0x20,0x1D,
+ 0xB5,0xB5,0xE9,0xD8,0xF1,0x20,0xDD,0x97,
+ 0x92,0xBF,0x7E,0x9B,0x3F,0xE6,0x3C,0x4B,
+ 0x03,0xD8,0x80,0xBD,0xB7,0x27,0x7E,0x6A,
+ 0x84,0x23,0xDE,0x61,0x7C,0x8D,0xDC
+ };
+
+
+ ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ ret = wc_ecc_import_raw(&key, qx, qy, NULL, "SM2P256V1");
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ ret = wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), &res,
+ &key);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (res != 1)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+ /* now test a case that should fail */
+ ret = wc_ecc_sm2_verify_hash(badSig, sizeof(badSig), hash, sizeof(hash),
+ &res, &key);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (res == 1)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+done:
+ wc_ecc_free(&key);
+ return ret;
+}
+
+static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount)
+{
+ const ecc_set_type* dp = wc_ecc_get_curve_params(
+ wc_ecc_get_curve_idx(ECC_SM2P256V1));
+ int keySize = 32;
+ int curve_id = ECC_SM2P256V1;
+#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG)
+ WC_DECLARE_VAR(sharedA, byte, ECC_SHARED_SIZE, HEAP_HINT);
+ WC_DECLARE_VAR(sharedB, byte, ECC_SHARED_SIZE, HEAP_HINT);
+#endif
+#ifdef HAVE_ECC_KEY_EXPORT
+ #define ECC_KEY_EXPORT_BUF_SIZE (MAX_ECC_BYTES * 2 + 32)
+ WC_DECLARE_VAR(exportBuf, byte, ECC_KEY_EXPORT_BUF_SIZE, HEAP_HINT);
+#endif
+ word32 x = 0;
+#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG)
+ word32 y;
+#endif
+#ifdef HAVE_ECC_SIGN
+ WC_DECLARE_VAR(sig, byte, ECC_SIG_SIZE, HEAP_HINT);
+ WC_DECLARE_VAR(digest, byte, ECC_DIGEST_SIZE, HEAP_HINT);
+ int i;
+#ifdef HAVE_ECC_VERIFY
+ int verify;
+#endif /* HAVE_ECC_VERIFY */
+#endif /* HAVE_ECC_SIGN */
+ int ret;
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ ecc_key *userA = (ecc_key *)XMALLOC(sizeof *userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ ecc_key *userB = (ecc_key *)XMALLOC(sizeof *userB, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ ecc_key *pubKey = (ecc_key *)XMALLOC(sizeof *pubKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+#else
+ ecc_key userA[1];
+ ecc_key userB[1];
+ ecc_key pubKey[1];
+#endif
+#ifndef WC_NO_RNG
+ int curveSize;
+#endif
+
+#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
+#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG)
+ if (sharedA == NULL || sharedB == NULL)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+
+#ifdef HAVE_ECC_KEY_EXPORT
+ if (exportBuf == NULL)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+
+#ifdef HAVE_ECC_SIGN
+ if (sig == NULL || digest == NULL)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+#endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
+
+ (void)testVerifyCount;
+ (void)dp;
+ (void)x;
+
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ if ((userA == NULL) ||
+ (userB == NULL) ||
+ (pubKey == NULL))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+
+ XMEMSET(userA, 0, sizeof *userA);
+ XMEMSET(userB, 0, sizeof *userB);
+ XMEMSET(pubKey, 0, sizeof *pubKey);
+
+ ret = wc_ecc_init_ex(userA, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ ret = wc_ecc_init_ex(userB, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ ret = wc_ecc_init_ex(pubKey, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifndef WC_NO_RNG
+ ret = wc_ecc_sm2_make_key(rng, userA, WC_ECC_FLAG_NONE);
+ if (ret == ECC_CURVE_OID_E)
+ goto done; /* catch case, where curve is not supported */
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ TEST_SLEEP();
+
+ if (wc_ecc_get_curve_idx(curve_id) != -1) {
+ curveSize = wc_ecc_get_curve_size_from_id(userA->dp->id);
+ if (curveSize != userA->dp->size) {
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+ }
+ }
+
+ ret = wc_ecc_check_key(userA);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ TEST_SLEEP();
+
+ ret = wc_ecc_sm2_make_key(rng, userB, WC_ECC_FLAG_NONE);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ /* only perform the below tests if the key size matches */
+ if (dp == NULL && keySize > 0 && wc_ecc_size(userA) != keySize)
+ if (ret != 0) {
+ ret = ECC_CURVE_OID_E;
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ }
+
+#ifdef HAVE_ECC_DHE
+#if defined(ECC_TIMING_RESISTANT)
+ ret = wc_ecc_set_rng(userA, rng);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ ret = wc_ecc_set_rng(userB, rng);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+#endif
+
+ x = ECC_SHARED_SIZE;
+ ret = wc_ecc_sm2_shared_secret(userA, userB, sharedA, &x);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ y = ECC_SHARED_SIZE;
+ ret = wc_ecc_sm2_shared_secret(userB, userA, sharedB, &y);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (y != x)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+ if (XMEMCMP(sharedA, sharedB, x))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif /* HAVE_ECC_DHE */
+
+#ifdef HAVE_ECC_KEY_EXPORT
+ x = ECC_KEY_EXPORT_BUF_SIZE;
+ ret = wc_ecc_export_x963_ex(userA, exportBuf, &x, 0);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_KEY_IMPORT
+ ret = wc_ecc_import_x963_ex(exportBuf, x, pubKey, curve_id);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_DHE
+ y = ECC_SHARED_SIZE;
+ ret = wc_ecc_sm2_shared_secret(userB, pubKey, sharedB, &y);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (XMEMCMP(sharedA, sharedB, y))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif /* HAVE_ECC_DHE */
+
+ #ifdef HAVE_COMP_KEY
+ /* try compressed export / import too */
+ x = ECC_KEY_EXPORT_BUF_SIZE;
+ ret = wc_ecc_export_x963_ex(userA, exportBuf, &x, 1);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ wc_ecc_free(pubKey);
+
+ ret = wc_ecc_init_ex(pubKey, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ #endif
+ ret = wc_ecc_import_x963_ex(exportBuf, x, pubKey, curve_id);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ #ifdef HAVE_ECC_DHE
+ y = ECC_SHARED_SIZE;
+ ret = wc_ecc_sm2_shared_secret(userB, pubKey, sharedB, &y);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (XMEMCMP(sharedA, sharedB, y))
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+ #endif /* HAVE_ECC_DHE */
+
+#endif /* HAVE_ECC_KEY_IMPORT */
+#endif /* HAVE_ECC_KEY_EXPORT */
+#endif /* !WC_NO_RNG */
+
+#if !defined(ECC_TIMING_RESISTANT) || (defined(ECC_TIMING_RESISTANT) && \
+ !defined(WC_NO_RNG))
+#ifdef HAVE_ECC_SIGN
+ /* ECC w/out Shamir has issue with all 0 digest */
+ /* WC_BIGINT doesn't have 0 len well on hardware */
+ /* Cryptocell has issues with all 0 digest */
+#if defined(ECC_SHAMIR)
+ /* test DSA sign hash with zeros */
+ for (i = 0; i < (int)ECC_DIGEST_SIZE; i++) {
+ digest[i] = 0;
+ }
+
+ x = ECC_SIG_SIZE;
+ ret = wc_ecc_sm2_sign_hash(digest, ECC_DIGEST_SIZE, sig, &x, rng, userA);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_VERIFY
+ for (i = 0; i < testVerifyCount; i++) {
+ verify = 0;
+ ret = wc_ecc_sm2_verify_hash(sig, x, digest, ECC_DIGEST_SIZE, &verify,
+ userA);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ if (verify != 1)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+ }
+#endif /* HAVE_ECC_VERIFY */
+#endif /* ECC_SHAMIR */
+
+ /* test DSA sign hash with sequence (0,1,2,3,4,...) */
+ for (i = 0; i < (int)ECC_DIGEST_SIZE; i++) {
+ digest[i] = (byte)i;
+ }
+
+ x = ECC_SIG_SIZE;
+ ret = wc_ecc_sm2_sign_hash(digest, ECC_DIGEST_SIZE, sig, &x, rng, userA);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_VERIFY
+ for (i = 0; i < testVerifyCount; i++) {
+ verify = 0;
+ ret = wc_ecc_sm2_verify_hash(sig, x, digest, ECC_DIGEST_SIZE, &verify,
+ userA);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+ if (verify != 1)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+ }
+#endif /* HAVE_ECC_VERIFY */
+#endif /* HAVE_ECC_SIGN */
+#endif /* !ECC_TIMING_RESISTANT || (ECC_TIMING_RESISTANT && !WC_NO_RNG) */
+
+#if defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
+ x = ECC_KEY_EXPORT_BUF_SIZE;
+ ret = wc_ecc_export_private_only(userA, exportBuf, &x);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+#elif defined(HAVE_ECC_KEY_EXPORT)
+ (void)exportBuf;
+#endif /* HAVE_ECC_KEY_EXPORT */
+
+done:
+
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ if (userA != NULL) {
+ wc_ecc_free(userA);
+ XFREE(userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (userB != NULL) {
+ wc_ecc_free(userB);
+ XFREE(userB, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+ if (pubKey != NULL) {
+ wc_ecc_free(pubKey);
+ XFREE(pubKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ }
+#else
+ wc_ecc_free(pubKey);
+ wc_ecc_free(userB);
+ wc_ecc_free(userA);
+#endif
+
+#if defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)
+ WC_FREE_VAR(sharedA, HEAP_HINT);
+ WC_FREE_VAR(sharedB, HEAP_HINT);
+#endif
+#ifdef HAVE_ECC_KEY_EXPORT
+ WC_FREE_VAR(exportBuf, HEAP_HINT);
+#endif
+#ifdef HAVE_ECC_SIGN
+ WC_FREE_VAR(sig, HEAP_HINT);
+ WC_FREE_VAR(digest, HEAP_HINT);
+#endif
+
+ (void)keySize;
+ (void)curve_id;
+ (void)rng;
+
+ return ret;
+}
+#endif /* HAVE_ECC_VERIFY */
+
+static int test_sm2_create_digest(void)
+{
+ const byte msg[] = "message to sign";
+ const byte id[] = "0123456789";
+ const byte badId[] = "0123556789";
+ byte expected[] = {
+ 0xdd, 0x4d, 0x65, 0x49, 0xa3, 0x64, 0x76, 0xc0,
+ 0x73, 0x05, 0xdc, 0x05, 0x16, 0xb5, 0xee, 0x9f,
+ 0x82, 0xf9, 0xe9, 0x7d, 0x01, 0x1a, 0xdc, 0x88,
+ 0x5a, 0x59, 0x9c, 0x44, 0xcc, 0x47, 0xa4, 0x78
+ };
+ ecc_key key;
+ int ret;
+
+ /* test key values */
+ const char qx[] =
+ "af178b7b8740cc9d5b493fbd22049c12621bc27dcc5802e75ff4d045a4158baf";
+ const char qy[] =
+ "89933faf7a4798f48c5b9b4cd3a7693d54c9e05449946eb489c0dd50a5294805";
+ const char d[] =
+ "b3e66c2dbfb50c6ff6830c1fac4b51293a2562f9e667052b03df2d4b43c1f34a";
+ byte digest[WC_SHA256_DIGEST_SIZE];
+
+ ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ ret = wc_ecc_import_raw(&key, qx, qy, d, "SM2P256V1");
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ ret = wc_ecc_sm2_create_digest(id, (int)XSTRLEN((const char*)id),
+ msg, (int)XSTRLEN((const char*)msg), WC_HASH_TYPE_SHA256, digest,
+ WC_SHA256_DIGEST_SIZE, &key);
+ if (ret != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+ if (XMEMCMP(digest, expected, WC_SHA256_DIGEST_SIZE) != 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+ ret = wc_ecc_sm2_create_digest(badId, (int)XSTRLEN((const char*)badId),
+ msg, (int)XSTRLEN((const char*)msg), WC_HASH_TYPE_SHA256, digest,
+ WC_SHA256_DIGEST_SIZE, &key);
+ if (ret != 0)
+ goto done;
+
+ /* should be different than the previous ID used */
+ if (XMEMCMP(digest, expected, WC_SHA256_DIGEST_SIZE) == 0)
+ ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+done:
+ wc_ecc_free(&key);
+ return ret;
+}
+
+static int test_sm2_verify(void)
+{
+ int ret = 0;
+
+#ifdef HAVE_ECC_VERIFY
+#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_CUSTOM_CURVES)
+ ret = test_sm2_verify_caseA2();
+ if (ret != 0)
+ return ret;
+#endif
+
+ ret = test_sm2_verify_case();
+ if (ret != 0)
+ return ret;
+#endif /* HAVE_ECC_VERIFY */
+
+ ret = test_sm2_create_digest();
+
+ return ret;
+}
+#endif /* WOLFSSL_SM2 */
+
+
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_ECC_SECP) && !defined(NO_ASN_TIME)
/* Make Cert / Sign example for ECC cert and ECC CA */
-static int ecc_test_cert_gen(WC_RNG* rng)
+static wc_test_ret_t ecc_test_cert_gen(WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
Cert *myCert = (Cert *)XMALLOC(sizeof *myCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef WOLFSSL_TEST_CERT
@@ -26462,7 +29450,7 @@ static int ecc_test_cert_gen(WC_RNG* rng)
} while (ret == WC_PENDING_E);
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit);
- certSz = ret;
+ certSz = (word32)ret;
TEST_SLEEP();
#ifdef WOLFSSL_TEST_CERT
@@ -26515,9 +29503,9 @@ exit:
!defined(WOLFSSL_NO_MALLOC) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
(!defined(NO_ECC_SECP) || defined(WOLFSSL_CUSTOM_CURVES))
/* Test for the wc_ecc_key_new() and wc_ecc_key_free() functions. */
-static int ecc_test_allocator(WC_RNG* rng)
+static wc_test_ret_t ecc_test_allocator(WC_RNG* rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
ecc_key* key;
#ifdef WC_NO_RNG
word32 idx = 0;
@@ -26651,11 +29639,12 @@ static const byte p521PubKey[] = {
/* perform verify of signature and hash using public key */
/* key is public Qx + public Qy */
/* sig is r + s */
-static int crypto_ecc_verify(const byte *key, uint32_t keySz,
+static wc_test_ret_t crypto_ecc_verify(const byte *key, uint32_t keySz,
const byte *hash, uint32_t hashSz, const byte *sig, uint32_t sigSz,
uint32_t curveSz, int curveId)
{
- int ret, verify_res = 0, count = 0;
+ wc_test_ret_t ret;
+ int verify_res = 0, count = 0;
mp_int r, s;
ecc_key ecc;
ecc_nb_ctx_t nb_ctx;
@@ -26752,11 +29741,12 @@ static int crypto_ecc_verify(const byte *key, uint32_t keySz,
}
/* perform signature operation against hash using private key */
-static int crypto_ecc_sign(const byte *key, uint32_t keySz,
+static wc_test_ret_t crypto_ecc_sign(const byte *key, uint32_t keySz,
const byte *hash, uint32_t hashSz, byte *sig, uint32_t* sigSz,
uint32_t curveSz, int curveId, WC_RNG* rng)
{
- int ret, count = 0;
+ wc_test_ret_t ret;
+ int count = 0;
mp_int r, s;
ecc_key ecc;
ecc_nb_ctx_t nb_ctx;
@@ -26847,10 +29837,10 @@ static int crypto_ecc_sign(const byte *key, uint32_t keySz,
* don't have non-blocking versions of the key checking functions, yet.
*/
#if defined(HAVE_ECC_DHE) && !defined(WOLFSSL_VALIDATE_ECC_KEYGEN)
-static int ecc_test_nonblock_dhe(int curveId, word32 curveSz,
+static wc_test_ret_t ecc_test_nonblock_dhe(int curveId, word32 curveSz,
const byte* privKey, const byte* pubKey, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
ecc_key keyA;
ecc_key keyB;
ecc_nb_ctx_t nbCtxA;
@@ -26933,11 +29923,11 @@ static int ecc_test_nonblock_dhe(int curveId, word32 curveSz,
#endif /* HAVE_ECC_DHE && !WOLFSSL_VALIDATE_ECC_KEYGEN */
#if defined(HAVE_ECC_SIGN) && defined(HAVE_ECC_VERIFY)
-static int ecc_test_nonblock_ecdsa(int curveId, word32 curveSz,
+static wc_test_ret_t ecc_test_nonblock_ecdsa(int curveId, word32 curveSz,
const byte* privKey, word32 privKeySz, const byte* pubKey, word32 pubKeySz,
WC_RNG* rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte* sig = NULL;
word32 sigSz = curveSz * 2;
static const byte hash[] = {
@@ -26972,9 +29962,9 @@ static int ecc_test_nonblock_ecdsa(int curveId, word32 curveSz,
}
#endif /* HAVE_ECC_SIGN && HAVE_ECC_VERIFY */
-static int ecc_test_nonblock(WC_RNG* rng)
+static wc_test_ret_t ecc_test_nonblock(WC_RNG* rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
word32 i;
int curveIds[3] = {0, 0, 0};
word32 curveSzs[3] = {0, 0, 0};
@@ -27028,9 +30018,61 @@ static int ecc_test_nonblock(WC_RNG* rng)
}
#endif /* WC_ECC_NONBLOCK && WOLFSSL_HAVE_SP_ECC && WOLFSSL_PUBLIC_MP */
-WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
+#if !defined(NO_ASN) && !defined(HAVE_SELFTEST) && \
+ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION > 2)))
+static int ecc_test_raw_enc_dec(void)
{
int ret;
+ unsigned char r[1];
+ word32 rSz;
+ unsigned char s[1];
+ word32 sSz;
+ unsigned char rZero[] = { 0, 0, 0, 0 };
+ unsigned char sOne[] = { 0, 0, 1 };
+ unsigned char sigRaw[32];
+ word32 sigRawSz;
+ unsigned char expSig[] = { 0x30, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x01 };
+
+ sigRawSz = sizeof(sigRaw);
+ ret = wc_ecc_rs_raw_to_sig(rZero, sizeof(rZero), sOne, sizeof(sOne),
+ sigRaw, &sigRawSz);
+ if (ret != 0) {
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+ if (sigRawSz != sizeof(expSig)) {
+ return WC_TEST_RET_ENC_EC((int)sigRawSz);
+ }
+ if (XMEMCMP(sigRaw, expSig, sizeof(expSig)) != 0) {
+ return WC_TEST_RET_ENC_NC;
+ }
+
+ rSz = sizeof(r);
+ sSz = sizeof(s);
+ ret = wc_ecc_sig_to_rs(sigRaw, sigRawSz, r, &rSz, s, &sSz);
+ if (ret != 0) {
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+ if (rSz != 1) {
+ return WC_TEST_RET_ENC_EC((int)rSz);
+ }
+ if (sSz != 1) {
+ return WC_TEST_RET_ENC_EC((int)sSz);
+ }
+ if (r[0] != 0) {
+ return WC_TEST_RET_ENC_EC(r[0]);
+ }
+ if (s[0] != 1) {
+ return WC_TEST_RET_ENC_EC(s[0]);
+ }
+
+ return ret;
+}
+#endif
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void)
+{
+ wc_test_ret_t ret;
WC_RNG rng;
#if defined(WOLFSSL_CERT_EXT) && \
@@ -27053,44 +30095,51 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
#endif
#if (defined(HAVE_ECC112) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 112
- ret = ecc_test_curve(&rng, 14);
+ ret = ecc_test_curve(&rng, 14, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=14, Default\n");
goto done;
}
#endif /* HAVE_ECC112 */
#if (defined(HAVE_ECC128) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 128
- ret = ecc_test_curve(&rng, 16);
+ ret = ecc_test_curve(&rng, 16, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=16, Default\n");
goto done;
}
#endif /* HAVE_ECC128 */
#if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160
- ret = ecc_test_curve(&rng, 20);
+ ret = ecc_test_curve(&rng, 20, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=20, Default\n");
goto done;
}
#endif /* HAVE_ECC160 */
#if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192
- ret = ecc_test_curve(&rng, 24);
+ ret = ecc_test_curve(&rng, 24, ECC_CURVE_DEF);
+ printf("keySize=24, Default\n");
if (ret < 0) {
goto done;
}
#endif /* HAVE_ECC192 */
#if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224
- ret = ecc_test_curve(&rng, 28);
+ ret = ecc_test_curve(&rng, 28, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=28, Default\n");
goto done;
}
#endif /* HAVE_ECC224 */
#if (defined(HAVE_ECC239) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 239
- ret = ecc_test_curve(&rng, 30);
+ ret = ecc_test_curve(&rng, 30, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=30, Default\n");
goto done;
}
#endif /* HAVE_ECC239 */
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
- ret = ecc_test_curve(&rng, 32);
+ ret = ecc_test_curve(&rng, 32, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=32, Default\n");
goto done;
}
#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
@@ -27104,38 +30153,74 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
#if !defined(NO_ECC_SECP) || defined(WOLFSSL_CUSTOM_CURVES)
ret = ecc_def_curve_test(&rng);
if (ret < 0) {
+ printf("Default\n");
goto done;
}
#endif
#endif /* !NO_ECC256 */
#if (defined(HAVE_ECC320) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 320
- ret = ecc_test_curve(&rng, 40);
+ ret = ecc_test_curve(&rng, 40, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=40, Default\n");
goto done;
}
#endif /* HAVE_ECC320 */
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
- ret = ecc_test_curve(&rng, 48);
+ ret = ecc_test_curve(&rng, 48, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=48, Default\n");
goto done;
}
#endif /* HAVE_ECC384 */
#if (defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 512
- ret = ecc_test_curve(&rng, 64);
+ ret = ecc_test_curve(&rng, 64, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=64, Default\n");
goto done;
}
#endif /* HAVE_ECC512 */
#if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521
- ret = ecc_test_curve(&rng, 66);
+ ret = ecc_test_curve(&rng, 66, ECC_CURVE_DEF);
if (ret < 0) {
+ printf("keySize=66, Default\n");
goto done;
}
#endif /* HAVE_ECC521 */
+#ifdef WOLFSSL_SM2
+ ret = ecc_test_curve(&rng, 32, ECC_SM2P256V1);
+ if (ret < 0) {
+ printf("SM2\n");
+ goto done;
+ }
+#endif
+
+#if !defined(NO_ASN) && !defined(HAVE_SELFTEST) && \
+ (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+ (HAVE_FIPS_VERSION > 2)))
+ ret = ecc_test_raw_enc_dec();
+ if (ret != 0) {
+ printf("raw sig encode/decode\n");
+ goto done;
+ }
+#endif
#if defined(WOLFSSL_CUSTOM_CURVES)
ret = ecc_test_custom_curves(&rng);
if (ret != 0) {
+ printf("Custom\n");
+ goto done;
+ }
+#endif
+
+#if defined(WOLFSSL_SM2)
+ ret = test_sm2_verify();
+ if (ret != 0) {
+ printf("SM2 Verify\n");
+ goto done;
+ }
+ ret = ecc_sm2_test_curve(&rng, ECC_TEST_VERIFY_COUNT);
+ if (ret != 0) {
+ printf("SM2 test\n");
goto done;
}
#endif
@@ -27146,7 +30231,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
#ifdef HAVE_ECC256
ret = ecc_test_deterministic_k(&rng);
if (ret != 0) {
- printf("ecc_test_deterministic_k failed! %d\n", ret);
+ printf("ecc_test_deterministic_k failed!\n");
goto done;
}
#endif
@@ -27154,14 +30239,14 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
#if defined(HAVE_ECC384)
ret = ecc384_test_deterministic_k(&rng);
if (ret != 0) {
- printf("ecc384_test_deterministic_k failed! %d\n", ret);
+ printf("ecc384_test_deterministic_k failed!\n");
goto done;
}
#endif
#if defined(HAVE_ECC521)
ret = ecc521_test_deterministic_k(&rng);
if (ret != 0) {
- printf("ecc512_test_deterministic_k failed! %d\n", ret);
+ printf("ecc512_test_deterministic_k failed!\n");
goto done;
}
#endif
@@ -27172,7 +30257,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
!defined(WOLFSSL_KCAPI_ECC)
ret = ecc_test_sign_vectors(&rng);
if (ret != 0) {
- printf("ecc_test_sign_vectors failed! %d\n", ret);
+ printf("ecc_test_sign_vectors failed!\n");
goto done;
}
#endif
@@ -27180,7 +30265,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
defined(HAVE_ECC_DHE)
ret = ecc_test_cdh_vectors(&rng);
if (ret != 0) {
- printf("ecc_test_cdh_vectors failed! %d\n", ret);
+ printf("ecc_test_cdh_vectors failed!\n");
goto done;
}
#endif
@@ -27189,7 +30274,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
ret = ecc_test_make_pub(&rng);
if (ret != 0) {
- printf("ecc_test_make_pub failed!: %d\n", ret);
+ printf("ecc_test_make_pub failed!\n");
goto done;
}
#elif defined(HAVE_ECC_KEY_IMPORT)
@@ -27198,7 +30283,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
#if defined(WOLFSSL_CERT_GEN) && !defined(NO_ECC_SECP) && !defined(NO_ASN_TIME)
ret = ecc_test_cert_gen(&rng);
if (ret != 0) {
- printf("ecc_test_cert_gen failed!: %d\n", ret);
+ printf("ecc_test_cert_gen failed!\n");
goto done;
}
#endif
@@ -27207,7 +30292,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
defined(WOLFSSL_CUSTOM_CURVES))
ret = ecc_test_allocator(&rng);
if (ret != 0) {
- printf("ecc_test_allocator failed!: %d\n", ret);
+ printf("ecc_test_allocator failed!\n");
goto done;
}
#endif
@@ -27216,7 +30301,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
defined(HAVE_ECC_SIGN) && defined(HAVE_ECC_VERIFY)
ret = ecc_test_nonblock(&rng);
if (ret != 0) {
- printf("ecc_test_nonblock failed!: %d\n", ret);
+ printf("ecc_test_nonblock failed!\n");
goto done;
}
#endif
@@ -27231,7 +30316,7 @@ done:
(defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_256))
#if ((! defined(HAVE_FIPS)) || FIPS_VERSION_GE(5,3))
-static int ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
+static wc_test_ret_t ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte* plaintext;
@@ -27246,7 +30331,7 @@ static int ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
ecEncCtx* bCtx = NULL;
static const byte salt[16] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13,
14, 15};
- int ret = 0;
+ wc_test_ret_t ret = 0;
static const char message[] = "Hello wolfSSL!";
word32 plaintextLen;
word32 encryptLen = 128;
@@ -27353,9 +30438,9 @@ static int ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 256 && defined(WOLFSSL_AES_128)
-static int ecc_encrypt_kat(WC_RNG *rng)
+static wc_test_ret_t ecc_encrypt_kat(WC_RNG *rng)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#ifdef WOLFSSL_ECIES_OLD
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key* userA = NULL;
@@ -27591,10 +30676,10 @@ static int ecc_encrypt_kat(WC_RNG *rng)
}
#endif
-static int ecc_encrypt_e2e_test(WC_RNG* rng, ecc_key* userA, ecc_key* userB,
+static wc_test_ret_t ecc_encrypt_e2e_test(WC_RNG* rng, ecc_key* userA, ecc_key* userB,
byte encAlgo, byte kdfAlgo, byte macAlgo)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte msg[48];
byte plain[48];
#ifdef WOLFSSL_ECIES_OLD
@@ -27862,10 +30947,10 @@ done:
#endif /* !HAVE_FIPS || FIPS_VERSION_GE(5,3) */
-WOLFSSL_TEST_SUBROUTINE int ecc_encrypt_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_encrypt_test(void)
{
WC_RNG rng;
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
ecc_key *userA;
ecc_key *userB;
@@ -27942,6 +31027,22 @@ WOLFSSL_TEST_SUBROUTINE int ecc_encrypt_test(void)
printf("ECIES: AES_128_CBC, HKDF_SHA256, HMAC_SHA256\n");
}
}
+#ifdef HAVE_X963_KDF
+ if (ret == 0) {
+ ret = ecc_encrypt_e2e_test(&rng, userA, userB, ecAES_128_CBC,
+ ecKDF_X963_SHA256, ecHMAC_SHA256);
+ if (ret != 0) {
+ printf("ECIES: AES_128_CBC, KDF_X963_SHA256, HMAC_SHA256\n");
+ }
+ }
+ if (ret == 0) {
+ ret = ecc_encrypt_e2e_test(&rng, userA, userB, ecAES_128_CBC,
+ ecKDF_SHA256, ecHMAC_SHA256);
+ if (ret != 0) {
+ printf("ECIES: AES_128_CBC, KDF_SHA256, HMAC_SHA256\n");
+ }
+ }
+#endif
#endif
#ifdef WOLFSSL_AES_256
if (ret == 0) {
@@ -28007,7 +31108,7 @@ done:
!defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256) && \
defined(HAVE_ECC_VERIFY) && defined(HAVE_ECC_SIGN) && \
!defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
-WOLFSSL_TEST_SUBROUTINE int ecc_test_buffers(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test_buffers(void)
{
size_t bytes;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -28021,7 +31122,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test_buffers(void)
#endif
WC_RNG rng;
word32 idx = 0;
- int ret;
+ wc_test_ret_t ret;
/* pad our test message to 32 bytes so evenly divisible by AES_BLOCK_SZ */
byte in[] = "Everyone gets Friday off. ecc p";
word32 inLen = (word32)XSTRLEN((char*)in);
@@ -28186,7 +31287,7 @@ TEST_SLEEP();
#else
#define X25519_TEST_CNT 1
#endif
-static int curve25519_overflow_test(void)
+static wc_test_ret_t curve25519_overflow_test(void)
{
/* secret key for party a */
byte sa[X25519_TEST_CNT][32] = {
@@ -28297,7 +31398,7 @@ static int curve25519_overflow_test(void)
#endif
};
- int ret = 0;
+ wc_test_ret_t ret = 0;
int i;
word32 y;
byte shared[32];
@@ -28332,9 +31433,9 @@ static int curve25519_overflow_test(void)
*
* returns 0 on success and -ve on failure.
*/
-static int curve25519_check_public_test(void)
+static wc_test_ret_t curve25519_check_public_test(void)
{
- int ret;
+ wc_test_ret_t ret;
/* Little-endian values that will fail */
byte fail_le[][CURVE25519_KEYSIZE] = {
{
@@ -28452,9 +31553,9 @@ static int curve25519_check_public_test(void)
#if !defined(NO_ASN) && defined(HAVE_CURVE25519_KEY_EXPORT) && \
defined(HAVE_CURVE25519_KEY_IMPORT)
-static int curve255519_der_test(void)
+static wc_test_ret_t curve255519_der_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
/* certs/statickeys/x25519.der */
const byte kCurve25519PrivDer[] = {
0x30, 0x2E, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x6E,
@@ -28490,7 +31591,7 @@ static int curve255519_der_test(void)
outputSz = (word32)sizeof(output);
ret = wc_Curve25519PrivateKeyToDer(&key, output, outputSz);
if (ret >= 0) {
- outputSz = ret;
+ outputSz = (word32)ret;
ret = 0;
}
else {
@@ -28514,7 +31615,7 @@ static int curve255519_der_test(void)
outputSz = (word32)sizeof(output);
ret = wc_Curve25519PublicKeyToDer(&key, output, outputSz, 1);
if (ret >= 0) {
- outputSz = ret;
+ outputSz = (word32)ret;
ret = 0;
}
else {
@@ -28532,10 +31633,10 @@ static int curve255519_der_test(void)
}
#endif /* !NO_ASN && HAVE_CURVE25519_KEY_EXPORT && HAVE_CURVE25519_KEY_IMPORT */
-WOLFSSL_TEST_SUBROUTINE int curve25519_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void)
{
WC_RNG rng;
- int ret;
+ wc_test_ret_t ret;
#ifdef HAVE_CURVE25519_SHARED_SECRET
byte sharedA[32];
byte sharedB[32];
@@ -28621,13 +31722,13 @@ WOLFSSL_TEST_SUBROUTINE int curve25519_test(void)
/* find shared secret key */
x = sizeof(sharedA);
if ((ret = wc_curve25519_shared_secret(&userA, &userB, sharedA, &x)) != 0) {
- printf("wc_curve25519_shared_secret 1 %d\n", ret);
+ printf("wc_curve25519_shared_secret 1 failed\n");
return WC_TEST_RET_ENC_EC(ret);
}
y = sizeof(sharedB);
if ((ret = wc_curve25519_shared_secret(&userB, &userA, sharedB, &y)) != 0) {
- printf("wc_curve25519_shared_secret 2 %d\n", ret);
+ printf("wc_curve25519_shared_secret 2 failed\n");
return WC_TEST_RET_ENC_EC(ret);
}
@@ -28755,7 +31856,7 @@ WOLFSSL_TEST_SUBROUTINE int curve25519_test(void)
#ifdef HAVE_ED25519
#ifdef WOLFSSL_TEST_CERT
-static int ed25519_test_cert(void)
+static wc_test_ret_t ed25519_test_cert(void)
{
DecodedCert cert[2];
DecodedCert* serverCert = NULL;
@@ -28765,7 +31866,7 @@ static int ed25519_test_cert(void)
ed25519_key* pubKey = NULL;
int verify;
#endif /* HAVE_ED25519_VERIFY */
- int ret;
+ wc_test_ret_t ret;
byte* tmp;
size_t bytes;
XFILE file;
@@ -28853,14 +31954,14 @@ done:
return ret;
}
-static int ed25519_test_make_cert(void)
+static wc_test_ret_t ed25519_test_make_cert(void)
{
WC_RNG rng;
Cert cert;
DecodedCert decode;
ed25519_key key;
ed25519_key* privKey = NULL;
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte* tmp = NULL;
wc_InitCert_ex(&cert, HEAP_HINT, devId);
@@ -28907,7 +32008,7 @@ static int ed25519_test_make_cert(void)
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
- InitDecodedCert(&decode, tmp, ret, HEAP_HINT);
+ InitDecodedCert(&decode, tmp, (word32)ret, HEAP_HINT);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
FreeDecodedCert(&decode);
if (ret != 0)
@@ -28924,9 +32025,9 @@ done:
#if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_EXPORT) && \
defined(HAVE_ED25519_KEY_IMPORT)
-static int ed25519ctx_test(void)
+static wc_test_ret_t ed25519ctx_test(void)
{
- int ret;
+ wc_test_ret_t ret;
byte out[ED25519_SIG_SIZE];
word32 outlen;
#ifdef HAVE_ED25519_VERIFY
@@ -29024,9 +32125,9 @@ static int ed25519ctx_test(void)
return ret;
}
-static int ed25519ph_test(void)
+static wc_test_ret_t ed25519ph_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte out[ED25519_SIG_SIZE];
word32 outlen;
#ifdef HAVE_ED25519_VERIFY
@@ -29166,9 +32267,9 @@ static int ed25519ph_test(void)
}
#endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_EXPORT && HAVE_ED25519_KEY_IMPORT */
-WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void)
{
- int ret;
+ wc_test_ret_t ret;
WC_RNG rng;
#if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_EXPORT) &&\
defined(HAVE_ED25519_KEY_IMPORT)
@@ -29586,8 +32687,10 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
#if !defined(NO_ASN) && defined(HAVE_ED25519_SIGN)
wc_ed25519_init_ex(&key3, HEAP_HINT, devId);
#endif
+#ifdef HAVE_ED25519_MAKE_KEY
wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key2);
+#endif
/* helper functions for signature and key size */
keySz = wc_ed25519_size(&key);
@@ -29756,7 +32859,7 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
ret = ed25519_test_cert();
if (ret < 0)
return ret;
-#ifdef WOLFSSL_CERT_GEN
+#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY)
ret = ed25519_test_make_cert();
if (ret < 0)
return ret;
@@ -29774,7 +32877,7 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
*
* returns 0 on success and -ve on failure.
*/
-static int curve448_check_public_test(void)
+static wc_test_ret_t curve448_check_public_test(void)
{
/* Little-endian values that will fail */
byte fail_le[][CURVE448_KEY_SIZE] = {
@@ -29829,7 +32932,7 @@ static int curve448_check_public_test(void)
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
};
int i;
- int ret;
+ wc_test_ret_t ret;
/* Parameter checks */
/* NULL pointer */
@@ -29890,10 +32993,10 @@ static int curve448_check_public_test(void)
#endif /* HAVE_CURVE448_SHARED_SECRET && HAVE_CURVE448_KEY_IMPORT */
-WOLFSSL_TEST_SUBROUTINE int curve448_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve448_test(void)
{
WC_RNG rng;
- int ret;
+ wc_test_ret_t ret;
#ifdef HAVE_CURVE448_SHARED_SECRET
byte sharedA[CURVE448_KEY_SIZE];
byte sharedB[CURVE448_KEY_SIZE];
@@ -30109,7 +33212,7 @@ WOLFSSL_TEST_SUBROUTINE int curve448_test(void)
#ifdef HAVE_ED448
#ifdef WOLFSSL_TEST_CERT
-static int ed448_test_cert(void)
+static wc_test_ret_t ed448_test_cert(void)
{
DecodedCert cert[2];
DecodedCert* serverCert = NULL;
@@ -30119,7 +33222,7 @@ static int ed448_test_cert(void)
ed448_key* pubKey = NULL;
int verify;
#endif /* HAVE_ED448_VERIFY */
- int ret;
+ wc_test_ret_t ret;
byte* tmp;
size_t bytes;
XFILE file;
@@ -30207,14 +33310,14 @@ done:
return ret;
}
-static int ed448_test_make_cert(void)
+static wc_test_ret_t ed448_test_make_cert(void)
{
WC_RNG rng;
Cert cert;
DecodedCert decode;
ed448_key key;
ed448_key* privKey = NULL;
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte* tmp = NULL;
wc_InitCert_ex(&cert, HEAP_HINT, devId);
@@ -30261,7 +33364,7 @@ static int ed448_test_make_cert(void)
if (ret < 0)
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
- InitDecodedCert(&decode, tmp, ret, HEAP_HINT);
+ InitDecodedCert(&decode, tmp, (word32)ret, HEAP_HINT);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
FreeDecodedCert(&decode);
if (ret != 0)
@@ -30278,9 +33381,9 @@ done:
#if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_EXPORT) && \
defined(HAVE_ED448_KEY_IMPORT)
-static int ed448_ctx_test(void)
+static wc_test_ret_t ed448_ctx_test(void)
{
- int ret;
+ wc_test_ret_t ret;
byte out[ED448_SIG_SIZE];
word32 outlen;
#ifdef HAVE_ED448_VERIFY
@@ -30369,9 +33472,9 @@ static int ed448_ctx_test(void)
return 0;
}
-static int ed448ph_test(void)
+static wc_test_ret_t ed448ph_test(void)
{
- int ret;
+ wc_test_ret_t ret;
byte out[ED448_SIG_SIZE];
word32 outlen;
#ifdef HAVE_ED448_VERIFY
@@ -30541,9 +33644,9 @@ static int ed448ph_test(void)
}
#endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_EXPORT && HAVE_ED448_KEY_IMPORT */
-WOLFSSL_TEST_SUBROUTINE int ed448_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void)
{
- int ret;
+ wc_test_ret_t ret;
WC_RNG rng;
#if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_EXPORT) &&\
defined(HAVE_ED448_KEY_IMPORT)
@@ -31291,10 +34394,10 @@ WOLFSSL_TEST_SUBROUTINE int ed448_test(void)
#ifdef WOLFSSL_HAVE_KYBER
#ifdef WOLFSSL_WC_KYBER /* OQS and PQM4 do not support KATs */
#ifdef WOLFSSL_KYBER512
-static int kyber512_kat(void)
+static wc_test_ret_t kyber512_kat(void)
{
KyberKey key;
- int ret;
+ wc_test_ret_t ret;
byte priv[KYBER512_PRIVATE_KEY_SIZE];
byte pub[KYBER512_PUBLIC_KEY_SIZE];
byte ct[KYBER512_CIPHER_TEXT_SIZE];
@@ -31777,10 +34880,10 @@ static int kyber512_kat(void)
#endif /* WOLFSSL_KYBER512 */
#ifdef WOLFSSL_KYBER768
-static int kyber768_kat(void)
+static wc_test_ret_t kyber768_kat(void)
{
KyberKey key;
- int ret;
+ wc_test_ret_t ret;
byte priv[KYBER768_PRIVATE_KEY_SIZE];
byte pub[KYBER768_PUBLIC_KEY_SIZE];
byte ct[KYBER768_CIPHER_TEXT_SIZE];
@@ -32448,10 +35551,10 @@ static int kyber768_kat(void)
#endif /* WOLFSSL_KYBER768 */
#ifdef WOLFSSL_KYBER1024
-static int kyber1024_kat(void)
+static wc_test_ret_t kyber1024_kat(void)
{
KyberKey key;
- int ret;
+ wc_test_ret_t ret;
byte priv[KYBER1024_PRIVATE_KEY_SIZE];
byte pub[KYBER1024_PUBLIC_KEY_SIZE];
byte ct[KYBER1024_CIPHER_TEXT_SIZE];
@@ -33322,9 +36425,9 @@ static int kyber1024_kat(void)
#endif /* WOLFSSL_KYBER1024 */
#endif /* WOLFSSL_WC_KYBER */
-WOLFSSL_TEST_SUBROUTINE int kyber_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t kyber_test(void)
{
- int ret;
+ wc_test_ret_t ret;
KyberKey key;
WC_RNG rng;
int i;
@@ -33443,15 +36546,1106 @@ WOLFSSL_TEST_SUBROUTINE int kyber_test(void)
}
#endif /* WOLFSSL_HAVE_KYBER */
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+static enum wc_XmssRc xmss_write_key_mem(const byte * priv, word32 privSz,
+ void *context)
+{
+ /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! Production applications should
+ * write only to non-volatile storage. */
+ XMEMCPY(context, priv, privSz);
+ return WC_XMSS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static enum wc_XmssRc xmss_read_key_mem(byte * priv, word32 privSz,
+ void *context)
+{
+ /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! */
+ XMEMCPY(priv, context, privSz);
+ return WC_XMSS_RC_READ_TO_MEMORY;
+}
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test(void)
+{
+ int i = 0;
+ int j = 0;
+ int ret = -1;
+ int ret2 = -1;
+ XmssKey signingKey;
+ XmssKey verifyKey;
+ WC_RNG rng;
+ word32 pkSz = 0;
+ word32 skSz = 0;
+ word32 sigSz = 0;
+ word32 bufSz = 0;
+ unsigned char * sk = NULL;
+ unsigned char * old_sk = NULL;
+ const char * msg = "XMSS post quantum signature test";
+ word32 msgSz = (word32) XSTRLEN(msg);
+ const char * param = "XMSSMT-SHA2_20/4_256";
+ byte * sig = NULL;
+
+#ifndef HAVE_FIPS
+ ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
+#else
+ ret = wc_InitRng(&rng);
+#endif
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_Init(&signingKey, NULL, INVALID_DEVID);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_Init(&verifyKey, NULL, INVALID_DEVID);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ /* Set the parameter string to the signing key, and
+ * get sizes for secret key, pub key, and signature. */
+ ret = wc_XmssKey_SetParamStr(&signingKey, param);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_GetPubLen(&signingKey, &pkSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ if (pkSz != XMSS_SHA256_PUBLEN) {
+ return WC_TEST_RET_ENC_EC(pkSz);
+ }
+
+ ret = wc_XmssKey_GetPrivLen(&signingKey, &skSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_GetSigLen(&signingKey, &sigSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ /* Allocate signature array. */
+ sig = (byte *)XMALLOC(sigSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sig == NULL) { return WC_TEST_RET_ENC_ERRNO; }
+
+ bufSz = sigSz;
+
+#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
+ fprintf(stderr, "param: %s\n", param);
+ fprintf(stderr, "pkSz: %d\n", pkSz);
+ fprintf(stderr, "skSz: %d\n", skSz);
+ fprintf(stderr, "sigSz: %d\n", sigSz);
+#endif
+
+ /* Allocate current and old secret keys.*/
+ sk = (unsigned char *)XMALLOC(skSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (sk == NULL) { return WC_TEST_RET_ENC_ERRNO; }
+
+ old_sk = (unsigned char *)XMALLOC(skSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ if (old_sk == NULL) { return WC_TEST_RET_ENC_ERRNO; }
+
+ XMEMSET(sk, 0, skSz);
+ XMEMSET(old_sk, 0, skSz);
+ XMEMSET(sig, 0, sigSz);
+
+ ret = wc_XmssKey_SetWriteCb(&signingKey, xmss_write_key_mem);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_SetReadCb(&signingKey, xmss_read_key_mem);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_SetContext(&signingKey, (void *) sk);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_MakeKey(&signingKey, &rng);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ /* Export the pub to a verify key. */
+ ret = wc_XmssKey_ExportPub(&verifyKey, &signingKey);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ /* Repeat a few times to check that:
+ * 1. The secret key is mutated on each sign.
+ * 2. We can verify each new signature.
+ * Only do a few times, because the full signature space
+ * for this parameter set is huge. */
+ for (i = 0; i < 10; ++i) {
+ XMEMCPY(old_sk, sk, skSz);
+
+ ret = wc_XmssKey_Sign(&signingKey, sig, &sigSz, (byte *) msg, msgSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+ if (sigSz != bufSz) { return WC_TEST_RET_ENC_I(i); }
+
+ /* Old secret key and current secret key should not match. */
+ ret = XMEMCMP(old_sk, sk, skSz);
+ if (ret == 0) { return WC_TEST_RET_ENC_I(i); }
+
+ ret = wc_XmssKey_Verify(&verifyKey, sig, sigSz, (byte *) msg, msgSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+
+ /* Flip bits in a few places throughout the signature, stepping in multiple
+ * of hash size. These should all fail with -1. */
+ for (j = 0; j < (int) sigSz; j+= 4 * 32) {
+ sig[j] ^= 1;
+
+ ret2 = wc_XmssKey_Verify(&verifyKey, sig, sigSz, (byte *) msg,
+ msgSz);
+ if (ret2 != -1) {
+ /* Verify passed when it should have failed. */
+ return WC_TEST_RET_ENC_I(j);
+ }
+
+ /* Flip this spot back. */
+ sig[j] ^= 1;
+ }
+ }
+
+ /* Cleanup everything. */
+ if (sig != NULL) {
+ XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ sig = NULL;
+ }
+
+ if (sk != NULL) {
+ XFREE(sk, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ sk = NULL;
+ }
+
+ if (old_sk != NULL) {
+ XFREE(old_sk, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+ old_sk = NULL;
+ }
+
+ wc_XmssKey_Free(&signingKey);
+ wc_FreeRng(&rng);
+
+ return ret;
+}
+#endif /*if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)*/
+
+#if defined(WOLFSSL_HAVE_XMSS) && defined(WOLFSSL_XMSS_VERIFY_ONLY) && \
+ !defined(WOLFSSL_SMALL_STACK)
+
+/* A simple xmss verify only test using:
+ * XMSS-SHA2_10_256
+ * pub len: 68
+ * msg len: 32
+ * sig len: 2500
+ *
+ * These were generated with the test xmss_fast, from the unpatched
+ * xmss-reference repository:
+ * https://github.com/XMSS/xmss-reference
+ * */
+
+static byte xmss_pub[XMSS_SHA256_PUBLEN] =
+{
+ 0x00,0x00,0x00,0x01,0xA5,0x41,0x31,0x96,
+ 0x0A,0xF9,0xF3,0xB2,0x4B,0x2E,0x5B,0x3E,
+ 0xCA,0x74,0xAD,0x6C,0xA5,0x89,0xAD,0x2C,
+ 0x0E,0x96,0xB3,0x54,0xFB,0x5B,0x63,0x50,
+ 0x96,0x81,0xE2,0x59,0x72,0x10,0x09,0x54,
+ 0xBB,0x39,0xAC,0xEE,0x78,0xEF,0x95,0xEC,
+ 0x01,0x1D,0xF0,0x36,0x68,0xE2,0xC4,0xA5,
+ 0x2F,0x60,0x42,0x7E,0xD3,0x8E,0xAA,0x27,
+ 0xC9,0xB7,0x39,0x4E
+};
+
+static byte xmss_msg[32] =
+{
+ 0x07,0x9F,0x80,0x86,0xDB,0x76,0x27,0xDF,
+ 0xED,0x5B,0x2A,0x81,0x60,0x60,0x7D,0xB4,
+ 0xE8,0x7A,0x69,0x45,0x20,0x6B,0xA2,0x96,
+ 0xC0,0x21,0xA5,0x46,0x29,0x63,0x9B,0x37
+};
+
+/* This was actually the 5th signature produced from
+ * xmss_fast test in xmss-reference. */
+static byte xmss_sig[2500] =
+{
+ 0x00,0x00,0x00,0x05,0xF0,0x15,0x34,0xBA,
+ 0x92,0x03,0x6A,0xB9,0xA5,0x23,0x86,0x11,
+ 0xAE,0x65,0x0A,0x5C,0x78,0x2C,0xC9,0xBE,
+ 0x7E,0xA6,0xDC,0xA2,0x8B,0xA9,0x9C,0x50,
+ 0xF6,0x61,0x8D,0x9D,0xD7,0xE9,0xC0,0xF8,
+ 0x67,0xCD,0x8A,0xC4,0x9B,0x74,0x96,0x07,
+ 0x5D,0xF2,0xC9,0xCC,0x28,0x05,0xB1,0xBE,
+ 0x5E,0xA4,0xBA,0xBE,0xAB,0xD8,0x21,0x6B,
+ 0x21,0x5F,0xAB,0xB7,0x6C,0xEC,0x2F,0xC8,
+ 0xC6,0x74,0x3E,0x97,0x1B,0xC3,0x45,0x57,
+ 0xAF,0xAA,0x1E,0xA8,0xF2,0x86,0xA8,0xAA,
+ 0x43,0x6D,0x66,0xE9,0x81,0x14,0xDE,0x09,
+ 0x39,0xD2,0xAF,0xD1,0x4C,0xE7,0x75,0x18,
+ 0x0D,0xAA,0x29,0xA1,0x92,0x53,0xCC,0xE9,
+ 0xF3,0x0B,0x1E,0x3B,0xE2,0xAE,0x80,0x0C,
+ 0xE7,0x7A,0x7C,0x13,0x8A,0x28,0xC6,0x5F,
+ 0x0A,0xA4,0xA3,0x73,0x0A,0x3A,0xC2,0xA6,
+ 0x3B,0xB4,0x30,0x67,0xC0,0x36,0x18,0xA1,
+ 0x58,0xCD,0xAD,0x54,0x36,0x64,0xCE,0xFD,
+ 0x52,0xFF,0x70,0x7E,0x09,0xFB,0x13,0xA2,
+ 0xEA,0xDF,0x67,0x8D,0x6C,0x42,0xB2,0x78,
+ 0xF5,0x7D,0x5C,0x4B,0xF7,0x8E,0xCF,0x3E,
+ 0xB7,0xC6,0xC1,0x23,0xFA,0x65,0xDE,0xD2,
+ 0xFA,0x40,0x51,0x97,0x0D,0x52,0x32,0x76,
+ 0x7E,0x82,0x8D,0xD0,0xB9,0x1E,0x62,0xD9,
+ 0x1E,0xC1,0xDB,0x40,0x43,0x37,0x4A,0x23,
+ 0x8A,0x1D,0x35,0xFA,0xF4,0x53,0x11,0x5A,
+ 0xB5,0x6D,0x1E,0x8B,0x22,0xC8,0x7D,0x2A,
+ 0xE4,0x94,0xAA,0x25,0x20,0x40,0x96,0xDB,
+ 0x82,0x62,0xBA,0x8F,0x8B,0x45,0xCB,0x4F,
+ 0x35,0x88,0x33,0xEB,0xEF,0xB3,0xBA,0xA7,
+ 0x09,0x72,0xB3,0x4C,0xEC,0xF2,0xC3,0xC7,
+ 0x5E,0x02,0x6C,0x41,0x93,0xCB,0x3C,0x89,
+ 0x12,0x09,0x68,0x54,0x8E,0xEC,0x6A,0x7E,
+ 0x20,0xE1,0x70,0x3D,0x8C,0xEB,0xB4,0x36,
+ 0xBE,0x91,0xBE,0x97,0xB5,0xA6,0x34,0x16,
+ 0x95,0x0F,0x10,0x26,0xA9,0x13,0x80,0x88,
+ 0x9C,0xAA,0x68,0xEC,0x34,0x70,0x4A,0x15,
+ 0x9B,0x5E,0x57,0x05,0x87,0x1C,0xF8,0x35,
+ 0x45,0x29,0xE9,0x6E,0xF2,0x70,0x13,0x42,
+ 0x89,0x4E,0x77,0xC0,0x18,0xC7,0x55,0x6D,
+ 0xE7,0xFA,0x0D,0x63,0x83,0x16,0x19,0x01,
+ 0x2D,0xFD,0x31,0x14,0x94,0xCA,0x3E,0x0E,
+ 0xD6,0x11,0x34,0x81,0x57,0x58,0xEC,0x24,
+ 0xA4,0x17,0x63,0xD3,0x25,0x00,0xBF,0x7D,
+ 0x78,0x5D,0xC5,0xD8,0xC6,0xC1,0xBD,0x8C,
+ 0xD0,0x94,0x0A,0xB1,0x33,0xA5,0x4B,0x31,
+ 0x25,0xF5,0xAF,0xE7,0x84,0x26,0xAA,0x05,
+ 0xBB,0xF3,0x9A,0xAF,0x58,0x36,0x40,0xEF,
+ 0x3D,0xA2,0xBD,0xCA,0xA1,0x8D,0x2F,0x6D,
+ 0x54,0xD2,0x62,0x33,0x09,0xAE,0xE6,0x73,
+ 0xD6,0x44,0xE8,0x7C,0x5C,0x39,0x2B,0x78,
+ 0x94,0x14,0xC7,0xC9,0xAF,0xEC,0x77,0x36,
+ 0xA1,0x61,0x61,0xF1,0xD0,0x09,0xA2,0xEE,
+ 0xE7,0x55,0xD7,0x35,0x89,0x89,0x9B,0xCF,
+ 0xFA,0xA6,0x09,0x1E,0x3B,0xBD,0x5D,0xD9,
+ 0x25,0xE7,0xED,0xDD,0x7C,0xF0,0x1C,0x57,
+ 0xE0,0x06,0xBB,0x08,0x39,0x59,0xDF,0xD7,
+ 0xAF,0x4B,0x88,0x0D,0x87,0x8F,0x4A,0xF3,
+ 0x1C,0xD4,0x4B,0xB3,0xE2,0xF3,0x1B,0x86,
+ 0x4F,0xCD,0x35,0x75,0xE2,0x03,0xF9,0x1D,
+ 0xBF,0x3E,0xD1,0x7B,0xC7,0x23,0x11,0x75,
+ 0x5F,0x92,0x0D,0x98,0xEE,0x14,0xE1,0xDA,
+ 0x7A,0x02,0x17,0x47,0x6B,0x41,0xEA,0x47,
+ 0xA1,0xAF,0x06,0x79,0x1A,0x52,0x6F,0x19,
+ 0x31,0x70,0x71,0xBD,0xC2,0x61,0x8D,0xB7,
+ 0xEE,0x6B,0x69,0x2A,0xE8,0x21,0x7A,0x95,
+ 0xBE,0x86,0x2A,0xA1,0xF4,0xE2,0x2F,0x17,
+ 0x02,0xFD,0xAD,0x17,0x9F,0x0A,0x0A,0x78,
+ 0xA9,0x92,0x30,0x21,0x72,0x2B,0x28,0xF8,
+ 0xF2,0x3E,0x05,0xD5,0xAC,0xC0,0x82,0xF8,
+ 0xD2,0xDA,0xD0,0xA3,0xBC,0x93,0xDB,0xA5,
+ 0x46,0xDE,0x14,0x1E,0xD4,0x3A,0x5D,0x79,
+ 0x3D,0x31,0x4B,0x06,0xCE,0x22,0x29,0x3C,
+ 0x98,0xB6,0x18,0x8A,0xAE,0xF7,0xBA,0x22,
+ 0x88,0xA1,0xEE,0xC0,0x14,0x4C,0x4A,0xA0,
+ 0x57,0x0A,0xD3,0x18,0xA2,0x3D,0xDD,0xC7,
+ 0x83,0x73,0xFC,0x38,0x9B,0x31,0xA3,0xE1,
+ 0x17,0x76,0xA1,0xA2,0x69,0xFC,0xAB,0x08,
+ 0x80,0x72,0x8D,0xF5,0xE4,0x14,0xB7,0x6B,
+ 0x03,0xFF,0xE8,0x11,0x4B,0x06,0x55,0x7E,
+ 0x36,0x21,0x2F,0xD7,0x54,0x82,0xC9,0x31,
+ 0xB4,0x85,0x68,0x41,0xEF,0x75,0xB0,0x3A,
+ 0xEA,0x4F,0xE0,0xEC,0x72,0xCC,0x33,0x96,
+ 0xCE,0x7D,0xAD,0xDD,0x0D,0x27,0x05,0x6E,
+ 0xA2,0xD4,0x11,0x07,0xD8,0x7D,0x27,0xD4,
+ 0x80,0x8F,0x00,0x22,0xE4,0xFC,0x2C,0x9D,
+ 0xD5,0xD8,0x18,0x7F,0x4E,0xF4,0xB9,0x7F,
+ 0xEF,0xD6,0x00,0x08,0x5C,0x05,0x04,0x1E,
+ 0x9A,0xC6,0x8D,0xCC,0x19,0xD9,0x0B,0x06,
+ 0xCC,0x6A,0x17,0xE2,0x03,0x23,0xDB,0x1C,
+ 0xBC,0xA2,0xB9,0xA2,0x95,0x3C,0x73,0xD8,
+ 0xFF,0xE6,0x0E,0xAE,0x04,0xB2,0xFC,0x91,
+ 0x4F,0xEF,0x8A,0x58,0xB7,0x31,0x68,0x4C,
+ 0x1E,0xD0,0x5B,0x85,0xCC,0x03,0xDC,0xF4,
+ 0xAC,0xDB,0x03,0x9B,0x35,0x33,0x08,0x71,
+ 0xD0,0x50,0x8D,0xDC,0xE3,0x3A,0x98,0x40,
+ 0x41,0x80,0xDD,0x35,0xE1,0xA2,0xAF,0x14,
+ 0x9A,0xDB,0xD3,0x68,0x14,0xE2,0x50,0x7A,
+ 0x76,0x3F,0xE4,0xA4,0x1B,0xAA,0xC1,0x06,
+ 0x87,0x9A,0x92,0xF9,0xBE,0x9E,0x86,0x8C,
+ 0x92,0x1D,0x74,0xB1,0x7F,0x27,0x43,0xC0,
+ 0xEE,0x2E,0xC2,0x6C,0x6D,0xAA,0x0C,0x0E,
+ 0x71,0xC9,0x56,0xD6,0x3A,0x56,0xCB,0x90,
+ 0xD1,0x7E,0x6E,0x1C,0x6A,0x00,0x2D,0x02,
+ 0x2C,0x96,0xF0,0x2A,0x37,0x37,0x18,0x07,
+ 0x0B,0xF4,0xB4,0x8C,0x30,0xF2,0xA4,0xAB,
+ 0x66,0xFB,0x8B,0x22,0xC0,0x00,0x7E,0x05,
+ 0xB6,0xF9,0x95,0x49,0x33,0xA1,0xDC,0x97,
+ 0x0C,0x5C,0x61,0x46,0xE2,0xD7,0x87,0x4B,
+ 0xC4,0xC7,0x5F,0x26,0x06,0x84,0xD7,0x47,
+ 0x05,0xF1,0x33,0xFF,0x85,0x85,0xB2,0xBD,
+ 0x1F,0x44,0xC6,0xC2,0x7D,0x51,0xBE,0x0E,
+ 0xB5,0xC4,0x44,0x2F,0xFE,0x73,0x5F,0xF4,
+ 0xA4,0xEF,0xE2,0xF1,0x73,0x0B,0xEF,0x3E,
+ 0x2B,0xD7,0xCC,0x9F,0xDA,0x1A,0x7E,0x92,
+ 0x39,0xA1,0x55,0xBF,0x60,0x0A,0xDB,0x23,
+ 0x74,0xFE,0xE7,0x05,0x63,0xA9,0x85,0x52,
+ 0x9F,0xCC,0xC3,0xFF,0xF6,0x6C,0x1B,0x4E,
+ 0x4F,0x01,0xBD,0xC3,0xEB,0x37,0xEC,0x29,
+ 0x21,0x3B,0x2C,0xC9,0x2E,0x93,0x20,0x3E,
+ 0x19,0xC0,0x8B,0xE8,0x33,0xCD,0xC6,0x6A,
+ 0x6E,0x72,0x13,0x15,0xA1,0x90,0x20,0x0C,
+ 0x14,0x66,0xED,0xCC,0xA4,0xDD,0x7F,0x58,
+ 0x53,0xBC,0x4A,0x68,0xFC,0x86,0x3E,0xAA,
+ 0xF1,0x17,0x0F,0x3E,0x20,0x54,0x93,0xF4,
+ 0x98,0xBF,0xB4,0x07,0x05,0xBD,0x70,0xE7,
+ 0xD7,0x34,0xFD,0xE3,0x69,0xDF,0xCD,0xF5,
+ 0x1A,0x73,0x6E,0xC9,0x2B,0x21,0xFB,0xB8,
+ 0x7E,0x44,0x10,0x83,0x56,0xCE,0xD5,0x15,
+ 0x9A,0x75,0xFC,0x91,0x8E,0x6B,0x9E,0x1A,
+ 0x3A,0x33,0x39,0x35,0xB4,0x0D,0x74,0xF4,
+ 0xFB,0x4C,0x0E,0x37,0xFE,0x82,0x95,0x46,
+ 0x6B,0xD2,0x6E,0xEE,0xCD,0x4D,0x38,0xAF,
+ 0x0A,0xAA,0xF1,0xD5,0xA4,0x7C,0x04,0xD8,
+ 0xB9,0xDB,0x11,0x68,0x88,0x35,0x41,0xDE,
+ 0x31,0x33,0x0C,0xDC,0x2D,0x4C,0xA8,0x20,
+ 0xCC,0x2C,0x4C,0x63,0xAB,0xBA,0xDF,0x48,
+ 0x84,0xD5,0x25,0xBC,0x70,0xE3,0x49,0xAA,
+ 0x43,0xCA,0x8B,0xE7,0x9F,0xDD,0x20,0x76,
+ 0x9B,0x38,0xF4,0xBA,0x4D,0x4E,0x34,0x4A,
+ 0xAF,0x81,0xE7,0x0B,0xEC,0xE9,0x59,0xC1,
+ 0x35,0x22,0x7F,0x69,0x46,0x62,0xD2,0x18,
+ 0x6E,0x1F,0x79,0xD1,0xAD,0xC3,0x84,0x95,
+ 0x96,0xB2,0x18,0x58,0x5E,0x7E,0x0C,0x25,
+ 0x0A,0x0F,0x69,0xA3,0x1D,0xEC,0x29,0xCB,
+ 0xDA,0xA2,0xD1,0x1A,0x10,0xA5,0x52,0xC3,
+ 0x62,0x1E,0xC5,0x83,0xFF,0xA3,0x56,0xC2,
+ 0xFD,0x87,0x3B,0x57,0x52,0x98,0x36,0x95,
+ 0x77,0x6B,0xE5,0x49,0x10,0x8E,0x39,0xDD,
+ 0xCA,0x4B,0xB3,0x9F,0x4C,0x0C,0x11,0x62,
+ 0xF3,0x22,0x78,0xDB,0x48,0xEB,0x68,0xFE,
+ 0xE4,0x2A,0xE9,0xAA,0x8F,0x7A,0x2F,0x69,
+ 0xA5,0xC5,0x03,0x2D,0xEF,0x62,0xA8,0x71,
+ 0x65,0x06,0x40,0x84,0x10,0x0F,0xF2,0xED,
+ 0xBC,0x70,0x71,0x69,0x24,0xA2,0xBF,0x83,
+ 0x39,0xDD,0xFA,0xA2,0x7B,0xE5,0xEC,0x3D,
+ 0xFE,0x3B,0x52,0x6E,0x3D,0x82,0xA6,0x2A,
+ 0x86,0x01,0x61,0x51,0x63,0xBF,0xF9,0x0A,
+ 0x06,0x72,0xF1,0xD5,0x39,0x0C,0xBA,0xC9,
+ 0x78,0xC6,0x77,0x22,0xE4,0x96,0x6E,0xB1,
+ 0x48,0x62,0x84,0x62,0x2D,0xEA,0x49,0x56,
+ 0x50,0x86,0x3F,0x90,0xC3,0x01,0x42,0x45,
+ 0xED,0xE6,0x9A,0x65,0x19,0x93,0x7F,0x48,
+ 0x16,0xF2,0x50,0xA7,0x70,0xB3,0xF5,0xDB,
+ 0x0E,0x5E,0x22,0x9E,0x64,0x04,0x26,0x69,
+ 0xC1,0x16,0xEE,0x65,0x08,0x82,0x27,0x65,
+ 0xEC,0x3D,0xDF,0x51,0x5E,0x2D,0xE8,0x76,
+ 0xF2,0xE3,0xE4,0x24,0x04,0x88,0x06,0x0F,
+ 0xB2,0x7B,0x9B,0x72,0x3D,0x4C,0x7D,0x6A,
+ 0x1F,0xB2,0xA2,0xD2,0x35,0xD6,0x40,0x25,
+ 0xC2,0x0B,0x25,0xF9,0xDF,0x26,0xE4,0xDC,
+ 0xFB,0xB1,0x84,0x84,0x77,0x1B,0x45,0x51,
+ 0x60,0xD5,0xF0,0xB6,0x09,0xE6,0xBC,0xE3,
+ 0x1C,0x70,0x96,0x2C,0xD3,0x9D,0x7D,0x7F,
+ 0xB1,0x70,0xDA,0x79,0xB8,0x74,0x99,0xBF,
+ 0x84,0x95,0xCC,0x93,0xD7,0x51,0xDD,0x66,
+ 0xD3,0x70,0x0C,0x75,0x86,0x09,0x06,0xFD,
+ 0x66,0x14,0x80,0xCD,0xF3,0x59,0xB4,0x92,
+ 0x5F,0xE4,0xEE,0x00,0xA8,0xB0,0x8B,0x5C,
+ 0x3E,0xDB,0x8A,0x9C,0x0B,0xB5,0x99,0xC2,
+ 0x0D,0x81,0x09,0x06,0x6C,0x28,0xC0,0x7E,
+ 0xA5,0x07,0x70,0x64,0xD7,0x41,0xF4,0xC3,
+ 0x66,0x61,0x1C,0xA8,0x51,0xF6,0x3C,0xBA,
+ 0xE0,0x94,0xA3,0x11,0x8C,0x2E,0xBA,0x13,
+ 0xB2,0x47,0x48,0x93,0xB4,0x1A,0x2C,0x9A,
+ 0x6E,0x8E,0x30,0x66,0x7B,0xD3,0xBB,0x3B,
+ 0x5D,0x97,0x0D,0xE4,0xEA,0x24,0x28,0x9E,
+ 0xB4,0x88,0xCE,0x1D,0x7D,0x6F,0x39,0xB3,
+ 0x87,0x21,0xE5,0x08,0x93,0xF0,0xD4,0x9D,
+ 0x2D,0x91,0xC9,0xFD,0x0C,0x74,0x34,0xB4,
+ 0x1F,0xFE,0xDA,0xDC,0x10,0x5B,0x8D,0x2B,
+ 0x87,0xD3,0x42,0xB4,0xAE,0x32,0x9C,0xAE,
+ 0x4C,0x99,0xD8,0xED,0x44,0x41,0x07,0xE0,
+ 0x8F,0xBD,0xA5,0x7C,0x5A,0xDF,0x91,0x29,
+ 0x00,0xB5,0x4B,0xC3,0x3A,0x40,0x6C,0x48,
+ 0xAB,0x2A,0xF3,0x02,0xCB,0xB3,0x69,0xDA,
+ 0x06,0x0C,0x4D,0x5C,0x45,0xC3,0x28,0xAC,
+ 0x7A,0x01,0xD4,0xF8,0xCB,0x07,0x63,0x89,
+ 0x09,0x34,0x78,0xA7,0x14,0x39,0xCF,0x2D,
+ 0x94,0x8D,0x7A,0x4E,0x4E,0xBD,0xC4,0x32,
+ 0xAB,0x21,0xC9,0xDA,0x3F,0x5F,0x04,0x6B,
+ 0x14,0x40,0x18,0x18,0x2F,0xF9,0x46,0x17,
+ 0x57,0x54,0x9B,0x28,0x7B,0xBD,0xF9,0xA2,
+ 0x13,0xAC,0x69,0x24,0xB1,0x31,0x39,0xBF,
+ 0x8D,0x75,0xC3,0xFD,0x03,0x54,0x5A,0xFD,
+ 0xD4,0x7A,0xB7,0x56,0x4F,0x66,0x43,0x57,
+ 0x1B,0xFB,0xF9,0x92,0x7A,0x83,0xE6,0xFF,
+ 0xB4,0xBA,0x83,0xD2,0x61,0x8E,0x4A,0x82,
+ 0x82,0xA8,0xF5,0x0C,0xD2,0x43,0x53,0xA8,
+ 0x85,0x0A,0xD4,0x69,0x7B,0x04,0x71,0x3B,
+ 0x80,0x49,0x27,0x47,0x12,0xB6,0xB0,0xEA,
+ 0x90,0x0A,0xFA,0xA8,0xC8,0x78,0x61,0xDE,
+ 0x30,0x12,0xBB,0xDC,0xA6,0x57,0x56,0x30,
+ 0x6E,0xF1,0xA8,0x3B,0xF6,0x09,0x07,0xEA,
+ 0x31,0xE2,0x08,0x23,0x31,0x0F,0xD4,0x34,
+ 0xE3,0x60,0xC2,0x2B,0xDB,0x5A,0x99,0xCF,
+ 0xD4,0x6B,0x4E,0x75,0x65,0x35,0xE8,0x8B,
+ 0x93,0x7D,0xCA,0x11,0x47,0xF0,0x3E,0x11,
+ 0x5C,0xD1,0xEE,0x4B,0x11,0xB4,0x65,0x2B,
+ 0x6B,0x79,0xC0,0x86,0x60,0xA4,0x4B,0x24,
+ 0xA0,0x5C,0x70,0x34,0xC3,0x7C,0xE7,0x4F,
+ 0x97,0x89,0x4D,0xFE,0x22,0x89,0x3A,0xE9,
+ 0x07,0xB9,0x1A,0x86,0xB8,0x7A,0x12,0x38,
+ 0xE1,0x24,0x46,0xBC,0x9B,0x21,0xCD,0xAC,
+ 0x30,0xAB,0x98,0x21,0x31,0xC5,0x17,0x3F,
+ 0x1E,0x56,0xC3,0x18,0xCE,0xF0,0xA1,0xCC,
+ 0xFF,0x9D,0xA8,0x53,0xAF,0x74,0x77,0x54,
+ 0x02,0x9A,0x8F,0xA4,0xD4,0xBD,0xB2,0x1A,
+ 0xBA,0x52,0x2E,0x19,0xBE,0x49,0x11,0x45,
+ 0x02,0x01,0x7A,0xBF,0x28,0xD6,0x18,0xED,
+ 0xBD,0xCE,0xE4,0xDE,0xB5,0xF1,0x53,0x5D,
+ 0x65,0xF9,0x5F,0x83,0x8F,0x2D,0xF2,0x82,
+ 0xA0,0x2D,0x28,0xD3,0x0A,0x9E,0x0F,0x7F,
+ 0xC7,0xC4,0x43,0x7F,0xC3,0x0E,0x06,0xEB,
+ 0x4E,0xB4,0x2D,0xFA,0xDD,0x48,0xAB,0xF4,
+ 0x7D,0x41,0x48,0x33,0x5A,0xE6,0x70,0x02,
+ 0xE7,0x71,0x8D,0xD9,0x6B,0x0C,0x5A,0x8F,
+ 0xA4,0xC1,0xB7,0x4E,0x96,0x83,0xD6,0xA7,
+ 0x1D,0xF1,0x88,0xB3,0x6E,0xF4,0x12,0xA9,
+ 0xF6,0x31,0x69,0x66,0xFE,0xFE,0x02,0xF2,
+ 0x86,0x6D,0xBB,0x57,0x51,0x8C,0x4C,0xE9,
+ 0x7C,0x92,0x3E,0x3A,0xD3,0x2D,0xA8,0x82,
+ 0x53,0x84,0x26,0x89,0xBB,0xCC,0x13,0x12,
+ 0x3D,0x94,0xBB,0xDF,0x3D,0x4C,0xDF,0x27,
+ 0x9B,0x1F,0xB8,0xB6,0xE4,0xEA,0xA2,0x07,
+ 0xF8,0x4D,0x42,0x8F,0x29,0x90,0xFE,0x21,
+ 0x20,0xE9,0x55,0x02,0xAD,0x90,0xA7,0x77,
+ 0x4E,0x29,0xB6,0xD9,0x14,0x94,0xB2,0x25,
+ 0xA4,0xB2,0x0E,0x96,0x31,0xAB,0x9E,0x93,
+ 0x49,0xAC,0xA9,0xCB,0x68,0x22,0xBA,0xB8,
+ 0x57,0x5C,0x9D,0x65,0xC1,0xF1,0xFC,0x99,
+ 0x7C,0x3C,0xE9,0xEA,0x4B,0x29,0x22,0x2F,
+ 0xDB,0x17,0x21,0x8D,0xB0,0x13,0xBF,0xEE,
+ 0x7D,0xE4,0x8B,0x6D,0x17,0xE0,0x53,0x92,
+ 0x0B,0x32,0x6B,0xB1,0x65,0x2E,0xA7,0x83,
+ 0xFD,0x62,0x62,0xE3,0xAA,0x81,0xE8,0xD6,
+ 0xF7,0xB1,0x30,0x65,0x80,0x9F,0x77,0x1E,
+ 0x4A,0xEA,0xE8,0x45,0x32,0x12,0x3A,0xFB,
+ 0x22,0xE9,0xA9,0xF6,0xCB,0xAB,0xA8,0x0C,
+ 0x20,0xA8,0x7C,0xF9,0xF7,0x53,0xC1,0xB4,
+ 0xC0,0x5D,0x06,0x45,0xDD,0x7E,0xA7,0x34,
+ 0xA1,0x21,0xC2,0x62,0xAB,0x22,0x45,0x3D,
+ 0x73,0x4C,0x26,0xD1,0x1A,0xB2,0xF0,0xB2,
+ 0x6D,0x11,0x70,0x58,0xAA,0xF5,0xA4,0xF5,
+ 0xF8,0x0B,0x3D,0xC1,0xF6,0x17,0x70,0x15,
+ 0xCD,0x72,0x02,0x7E,0x4E,0x94,0x96,0x0A,
+ 0x56,0xCC,0xA5,0xA3,0xB3,0x7E,0xDD,0x5A,
+ 0x72,0xD2,0xFB,0xAC,0x3D,0x0E,0x66,0x65,
+ 0xE9,0x08,0x6C,0xB0,0x1C,0xE2,0x1A,0x82,
+ 0xF6,0xF3,0x34,0x89,0x73,0x02,0x5B,0x42,
+ 0x6D,0x40,0x61,0xB6,0xE0,0xE6,0x53,0x32,
+ 0xA5,0x72,0x17,0x4F,0x3B,0x51,0x4F,0xBC,
+ 0x00,0xE0,0x69,0x26,0xA9,0xAE,0x83,0xE3,
+ 0x73,0x7F,0x71,0x97,0xE0,0xDC,0x7C,0x63,
+ 0x9C,0x85,0x5F,0xDF,0x7D,0xE4,0x6C,0xD8,
+ 0xA9,0x3A,0x6F,0x5E,0x4A,0x2E,0xB0,0xE7,
+ 0x8B,0x45,0xE2,0x90,0x05,0x37,0xE8,0xAB,
+ 0x49,0x48,0x4C,0xC0,0x59,0x1D,0x8C,0x46,
+ 0x5B,0x84,0xE0,0x83,0xCE,0xEA,0x4B,0xF9,
+ 0xD4,0xDC,0x63,0xDF,0x79,0xB7,0x5C,0x11,
+ 0x25,0x7F,0x90,0x2E,0x0A,0x38,0x03,0xEA,
+ 0xEA,0xA1,0x26,0x52,0x20,0x19,0xA3,0xBE,
+ 0xFC,0x9D,0xB7,0x6E,0xA6,0x58,0x8E,0x6D,
+ 0xC5,0x58,0xE9,0xED,0x2F,0x55,0x43,0x8B,
+ 0x03,0x8B,0xE6,0xA4,0xC2,0x25,0x4B,0x36,
+ 0xBA,0xD3,0x27,0x48,0x40,0x2E,0x87,0xA2,
+ 0xD4,0x12,0xC6,0x05,0x36,0x03,0x11,0x51,
+ 0xD1,0xF2,0xAC,0x71,0x2C,0xB6,0xC3,0xA5,
+ 0x57,0x0F,0xAF,0x4B,0xBD,0xCD,0x47,0x4C,
+ 0x3A,0x52,0x6F,0x47,0xE7,0x0B,0xB7,0xD5,
+ 0xF7,0xA6,0x39,0x63,0x82,0x08,0x4C,0x41,
+ 0x0E,0x2A,0x52,0x42,0x5A,0xEA,0x59,0xC7,
+ 0x94,0xFB,0xD0,0x88,0x47,0x27,0xF6,0x97,
+ 0x03,0x9E,0x29,0xB8,0x3A,0x67,0xE6,0xF3,
+ 0x95,0xA7,0x42,0xC1,0x96,0xD1,0x9A,0xA6,
+ 0xF0,0x09,0x0C,0xEA,0xE0,0xAB,0x0F,0x15,
+ 0xE9,0xC3,0xEB,0xA5,0x89,0x86,0x98,0x32,
+ 0x83,0xAB,0x30,0x33,0xAE,0x90,0x8D,0x2E,
+ 0xB3,0xAA,0x91,0xA6,0xD9,0xA4,0x4A,0x54,
+ 0xE0,0xD3,0x08,0xCC,0x79,0xCE,0xE4,0x15,
+ 0x31,0xA6,0xCE,0x61,0xCF,0x03,0x06,0xEE,
+ 0x8E,0xE2,0x64,0x29,0xD1,0x54,0x9B,0xD0,
+ 0x5F,0x09,0x2B,0x8B,0xD5,0xF8,0xD4,0x7D,
+ 0xF1,0x97,0x32,0xD9,0xEA,0x5A,0x0E,0x10,
+ 0x8C,0x4D,0xFB,0x55,0xE6,0x27,0x0C,0xBA,
+ 0xC1,0x73,0xC1,0x73,0xE3,0x1C,0x09,0xB3,
+ 0x6F,0xB4,0x12,0xFA,0xF3,0x29,0xDC,0x23,
+ 0x32,0xED,0x80,0x87,0x83,0xC2,0xF6,0x07,
+ 0xB5,0xA9,0x22,0xDE,0x66,0x1A,0xA7,0x4A,
+ 0x86,0xF1,0x39,0x9B,0xF4,0xE7,0x50,0x15,
+ 0x4A,0x55,0x3C,0x93,0xB9,0xF9,0xFD,0xDC,
+ 0xB3,0x5D,0x73,0x52
+};
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test_verify_only(void)
+{
+ int ret = -1;
+ int ret2 = -1;
+ int j = 0;
+ XmssKey verifyKey;
+ word32 pkSz = 0;
+ word32 sigSz = 0;
+ const char * param = "XMSS-SHA2_10_256";
+
+ ret = wc_XmssKey_Init(&verifyKey, NULL, INVALID_DEVID);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_SetParamStr(&verifyKey, param);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_GetPubLen(&verifyKey, &pkSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ if (pkSz != XMSS_SHA256_PUBLEN) {
+ return WC_TEST_RET_ENC_EC(pkSz);
+ }
+
+ ret = wc_XmssKey_GetSigLen(&verifyKey, &sigSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
+ fprintf(stderr, "param: %s\n", param);
+ fprintf(stderr, "pkSz: %d\n", pkSz);
+ fprintf(stderr, "sigSz: %d\n", sigSz);
+#endif
+
+ if (sigSz != sizeof(xmss_sig)) {
+ return WC_TEST_RET_ENC_EC(sigSz);
+ }
+
+ ret = wc_XmssKey_ImportPubRaw(&verifyKey, xmss_pub, XMSS_SHA256_PUBLEN);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+ (byte *) xmss_msg, sizeof(xmss_msg));
+ if (ret != 0) {
+ printf("error: wc_XmssKey_Verify returned %d, expected 0\n", ret);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Flip bits in message. This should fail. */
+ xmss_msg[sizeof(xmss_msg) / 2] ^= 1;
+ ret2 = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+ (byte *) xmss_msg, sizeof(xmss_msg));
+ if (ret2 != -1) {
+ printf("error: wc_XmssKey_Verify returned %d, expected -1\n", ret2);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Flip it back. This should pass again. */
+ xmss_msg[sizeof(xmss_msg) / 2] ^= 1;
+ ret = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+ (byte *) xmss_msg, sizeof(xmss_msg));
+ if (ret != 0) {
+ printf("error: wc_XmssKey_Verify returned %d, expected 0\n", ret);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Flip bits in a few places throughout the signature, stepping in multiple
+ * of hash size. These should all fail with -1. */
+ for (j = 0; j < (int) sizeof(xmss_sig); j+= 4 * 32) {
+ xmss_sig[j] ^= 1;
+
+ ret2 = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+ (byte *) xmss_msg, sizeof(xmss_msg));
+ if (ret2 != -1) {
+ /* Verify passed when it should have failed. */
+ return WC_TEST_RET_ENC_I(j);
+ }
+
+ /* Flip this spot back. */
+ xmss_sig[j] ^= 1;
+ }
+
+ /* Cleanup everything. */
+ wc_XmssKey_Free(&verifyKey);
+
+ return ret;
+}
+#endif /* if defined(WOLFSSL_HAVE_XMSS) && defined(WOLFSSL_XMSS_VERIFY_ONLY) &&
+ * !defined(WOLFSSL_SMALL_STACK) */
+
+
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+static int lms_write_key_mem(const byte * priv, word32 privSz, void *context)
+{
+ /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! Production applications should
+ * write only to non-volatile storage. */
+ XMEMCPY(context, priv, privSz);
+ return WC_LMS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static int lms_read_key_mem(byte * priv, word32 privSz, void *context)
+{
+ /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+ * BE USED FOR TESTING PURPOSES! */
+ XMEMCPY(priv, context, privSz);
+ return WC_LMS_RC_READ_TO_MEMORY;
+}
+
+/* LMS signature sizes are a function of their parameters. This
+ * test has a signature of 8688 bytes. */
+#define WC_TEST_LMS_SIG_LEN (8688)
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void)
+{
+ int i = 0;
+ int j = 0;
+ int ret = -1;
+ int ret2 = -1;
+ int sigsLeft = 0;
+ LmsKey signingKey;
+ LmsKey verifyKey;
+ WC_RNG rng;
+ word32 sigSz = 0;
+ const char * msg = "LMS HSS post quantum signature test";
+ word32 msgSz = (word32) XSTRLEN(msg);
+ unsigned char priv[HSS_MAX_PRIVATE_KEY_LEN];
+ unsigned char old_priv[HSS_MAX_PRIVATE_KEY_LEN];
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+ byte * sig = XMALLOC(WC_TEST_LMS_SIG_LEN, HEAP_HINT,
+ DYNAMIC_TYPE_TMP_BUFFER);
+ if (sig == NULL) {
+ return WC_TEST_RET_ENC_ERRNO;
+ }
+#else
+ byte sig[WC_TEST_LMS_SIG_LEN];
+#endif
+
+ XMEMSET(priv, 0, sizeof(priv));
+ XMEMSET(old_priv, 0, sizeof(old_priv));
+ XMEMSET(sig, 0, WC_TEST_LMS_SIG_LEN);
+
+#ifndef HAVE_FIPS
+ ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
+#else
+ ret = wc_InitRng(&rng);
+#endif
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ /* This test:
+ * levels: 1
+ * height: 5
+ * winternitz: 1
+ *
+ * max sigs: 2 ** (1 * 5) = 32
+ * signature length: 8688
+ */
+
+ ret = wc_LmsKey_Init(&signingKey, NULL, INVALID_DEVID);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_Init(&verifyKey, NULL, INVALID_DEVID);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_SetParameters(&signingKey, 1, 5, 1);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_SetWriteCb(&signingKey, lms_write_key_mem);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_SetReadCb(&signingKey, lms_read_key_mem);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_SetContext(&signingKey, (void *) priv);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_MakeKey(&signingKey, &rng);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ XMEMCPY(old_priv, priv, sizeof(priv));
+
+ ret = wc_LmsKey_ExportPub(&verifyKey, &signingKey);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_GetSigLen(&verifyKey, &sigSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ if (sigSz != WC_TEST_LMS_SIG_LEN) {
+ printf("error: got %d, expected %d\n", sigSz, WC_TEST_LMS_SIG_LEN);
+ return WC_TEST_RET_ENC_EC(sigSz);
+ }
+
+ /* 2 ** 5 should be the max number of signatures */
+ for (i = 0; i < 32; ++i) {
+ /* We should have remaining signstures. */
+ sigsLeft = wc_LmsKey_SigsLeft(&signingKey);
+ if (sigsLeft == 0) {
+ return WC_TEST_RET_ENC_EC(sigsLeft);
+ }
+
+ /* Sign with key. The private key will be updated on every signature. */
+ ret = wc_LmsKey_Sign(&signingKey, sig, &sigSz, (byte *) msg, msgSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+
+ /* The updated private key should not match the old one. */
+ if (XMEMCMP(old_priv, priv, sizeof(priv)) == 0) {
+ printf("error: current priv key should not match old: %d\n", i);
+ return WC_TEST_RET_ENC_I(i);
+ }
+
+ XMEMCPY(old_priv, priv, sizeof(priv));
+
+ ret = wc_LmsKey_Verify(&verifyKey, sig, sigSz, (byte *) msg, msgSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+
+ /* Flip bits in a few places throughout the signature, stepping in multiple
+ * of hash size. These should all fail with -1. */
+ for (j = 0; j < (int) sigSz; j+= 4 * 32) {
+ sig[j] ^= 1;
+
+ ret2 = wc_LmsKey_Verify(&verifyKey, sig, sigSz, (byte *) msg,
+ msgSz);
+ if (ret2 != -1) {
+ /* Verify passed when it should have failed. */
+ return WC_TEST_RET_ENC_I(j);
+ }
+
+ /* Flip this spot back. */
+ sig[j] ^= 1;
+ }
+ }
+
+ /* This should be the last signature. */
+ sigsLeft = wc_LmsKey_SigsLeft(&signingKey);
+ if (sigsLeft != 0) {
+ return WC_TEST_RET_ENC_EC(sigsLeft);
+ }
+
+ wc_LmsKey_Free(&signingKey);
+ wc_LmsKey_Free(&verifyKey);
+
+ wc_FreeRng(&rng);
+
+ return ret;
+}
+
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
+
+#if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_LMS_VERIFY_ONLY) && \
+ !defined(WOLFSSL_SMALL_STACK)
+
+/* A simple LMS verify only test.
+ *
+ * Note: LMS signature sizes are a function of their parameters. This
+ * test has a signature of 1456 bytes:
+ * levels: 1
+ * height: 10
+ * winternitz: 8
+ * max sigs: 2 ** (1 * 10) = 1024
+ * signature length: 1456
+ * */
+
+/* "wolfSSL LMS example message!" without null terminator. */
+static byte lms_msg[28] =
+{
+ 0x77,0x6F,0x6C,0x66,0x53,0x53,0x4C,0x20,
+ 0x4C,0x4D,0x53,0x20,0x65,0x78,0x61,0x6D,
+ 0x70,0x6C,0x65,0x20,0x6D,0x65,0x73,0x73,
+ 0x61,0x67,0x65,0x21
+};
+
+static byte lms_L1H10W8_pub[HSS_MAX_PUBLIC_KEY_LEN] =
+{
+ 0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x06,
+ 0x00,0x00,0x00,0x04,0xA1,0x26,0x76,0xF8,
+ 0xBB,0x0B,0xC0,0x82,0x21,0x71,0x0B,0x2E,
+ 0x8C,0xA6,0xEF,0x12,0xED,0x41,0x0E,0x8C,
+ 0xAF,0x11,0x93,0x34,0x7B,0x49,0x79,0xB7,
+ 0xDE,0x63,0x1C,0xFE,0x1F,0xD1,0x17,0x49,
+ 0xCD,0x5C,0xD4,0x26,0xA0,0x53,0x26,0x1A,
+ 0xC5,0xB4,0x8F,0x23
+};
+
+#define LMS_L1H10W8_SIGLEN (1456)
+
+static byte lms_L1H10W8_sig[LMS_L1H10W8_SIGLEN] =
+{
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+ 0x00,0x00,0x00,0x04,0x18,0x70,0x09,0x2E,
+ 0x21,0xC9,0x6A,0xC9,0x5C,0xB6,0xB0,0xAA,
+ 0xC3,0xED,0x6E,0x66,0x2F,0xCC,0x45,0x81,
+ 0xBC,0xBA,0x44,0x96,0x1C,0xBF,0x4E,0xFB,
+ 0x7A,0x46,0xFB,0xBE,0x9A,0x0C,0xE4,0x50,
+ 0x90,0xC7,0x92,0xAC,0x53,0xAE,0x53,0x76,
+ 0x29,0xA6,0x65,0xF1,0x09,0xED,0x1A,0x8E,
+ 0x03,0x2E,0x5A,0x06,0x51,0xE3,0x1E,0xE6,
+ 0xF6,0xFE,0x3A,0x6E,0xD1,0x92,0x31,0x1D,
+ 0xA1,0x6A,0x5C,0x30,0x3A,0xC7,0xFD,0x5B,
+ 0xFE,0x71,0x2C,0x5C,0x2F,0x5B,0x5B,0xCF,
+ 0xBC,0x7F,0xBF,0x6C,0xAF,0x44,0x8A,0xAE,
+ 0x14,0x60,0xAB,0x88,0xED,0x0E,0x4F,0xF8,
+ 0xC7,0x1B,0x74,0x28,0x72,0xB3,0x96,0xA6,
+ 0xE6,0x46,0x22,0x82,0xCF,0x1F,0x4D,0xA6,
+ 0xEA,0x22,0x06,0x07,0x52,0xF5,0x26,0x16,
+ 0x0B,0x90,0xE3,0xFF,0x64,0xA9,0xE4,0x61,
+ 0x1E,0x9C,0x12,0x9C,0xF6,0xD4,0x63,0x29,
+ 0xEA,0x02,0xF7,0x18,0x52,0x79,0x6C,0x43,
+ 0xDC,0xCF,0x43,0x23,0xB9,0xCC,0x4A,0x25,
+ 0x9D,0x10,0xAF,0xA3,0xE6,0x47,0x5A,0x1C,
+ 0xFE,0x68,0x89,0xAF,0x1B,0x2D,0x88,0x3E,
+ 0xCA,0xDC,0x70,0xEA,0xAC,0x11,0x00,0x8A,
+ 0x6E,0xE0,0xC7,0xD0,0xD2,0x1A,0x36,0x18,
+ 0x97,0xB3,0x5F,0x0E,0x75,0x48,0x28,0xF8,
+ 0xA8,0xF5,0x90,0xD1,0xA1,0x84,0xFB,0xA4,
+ 0xAD,0x50,0xBE,0xE9,0x39,0x8C,0xC5,0xA1,
+ 0x67,0x51,0xA1,0x8C,0xD6,0x6B,0x97,0x1F,
+ 0x47,0x99,0xEE,0xE0,0x70,0x01,0xC7,0x07,
+ 0x50,0xF3,0x5E,0x3F,0xE7,0x06,0xD6,0x8D,
+ 0x26,0xD6,0x5A,0x59,0x18,0x72,0x6B,0x12,
+ 0xD2,0xAF,0x9B,0xB4,0x2B,0xD0,0xB2,0xF2,
+ 0x96,0x2F,0x40,0xEA,0xBE,0xE6,0xAC,0x1F,
+ 0xB8,0x33,0xC2,0x76,0xDC,0x8C,0xAC,0xC1,
+ 0x46,0x5E,0x04,0x84,0x1B,0xC8,0xB9,0x65,
+ 0x8D,0xAD,0x96,0xB5,0xB1,0xF6,0x17,0x4A,
+ 0x19,0x87,0xE7,0xBF,0x29,0xC7,0x9B,0xB9,
+ 0xD6,0x11,0x2C,0x92,0x2F,0xB7,0x24,0xD5,
+ 0x01,0x1D,0x80,0x37,0x54,0xED,0x33,0x32,
+ 0xAB,0x7A,0x12,0xD4,0x02,0x1D,0x27,0x52,
+ 0x89,0xDB,0x32,0xBF,0x61,0xD4,0xBB,0xB4,
+ 0x46,0x78,0x1B,0x64,0x17,0x84,0x4B,0x8A,
+ 0xBA,0xC6,0xC1,0xCF,0xC7,0x5D,0x8F,0x93,
+ 0xC5,0x9A,0x27,0x90,0xAC,0x17,0x98,0xFF,
+ 0xC8,0x22,0x59,0x55,0x90,0xB2,0x29,0x39,
+ 0xA0,0xBE,0x00,0x23,0x55,0x6B,0xDA,0x83,
+ 0xD8,0x5B,0x57,0x7C,0x67,0x1B,0xC3,0x6B,
+ 0x6D,0xC7,0x9B,0x2B,0x9E,0xB7,0x95,0xB3,
+ 0xF0,0x1B,0x89,0x5A,0xD7,0x4B,0x67,0xAF,
+ 0xDC,0x9E,0xCF,0x7E,0x1A,0xBA,0x1B,0xB9,
+ 0x3B,0x7A,0xDD,0x3F,0x0D,0xEE,0x4C,0x0B,
+ 0xD1,0x4F,0x34,0xF2,0x93,0xF7,0x21,0x64,
+ 0x2C,0x07,0x00,0x15,0x4F,0xE3,0x6A,0x9F,
+ 0x08,0x52,0xC2,0x65,0x47,0x1F,0x34,0x64,
+ 0x66,0x07,0xBC,0xEA,0xAF,0x9B,0xAA,0x39,
+ 0x15,0x8B,0x08,0x8C,0x24,0x41,0x9B,0x46,
+ 0x1B,0x5B,0x91,0x11,0xC4,0xFD,0xA9,0x88,
+ 0x35,0x0E,0x7D,0xAF,0xFD,0xB7,0x90,0x7E,
+ 0xD7,0x29,0x02,0x0A,0xDC,0xC8,0x3F,0xC0,
+ 0xFD,0x97,0xAF,0x50,0x49,0xA6,0x5E,0x12,
+ 0xC1,0xCD,0xEC,0x52,0xC5,0x51,0xF2,0x80,
+ 0x17,0x61,0xC7,0x7E,0xBE,0xD1,0x1B,0x65,
+ 0xA4,0xAB,0x92,0x8D,0x89,0xB2,0xC5,0x8F,
+ 0xFF,0xA5,0x6F,0xFA,0x62,0x75,0xE4,0xA1,
+ 0xD4,0x22,0xA8,0x9E,0x40,0x04,0x27,0x1F,
+ 0xCC,0x81,0xBA,0x28,0x67,0xA0,0x1C,0x80,
+ 0xEB,0xCA,0xB0,0x61,0xA5,0x48,0xD0,0x8A,
+ 0x25,0xEB,0x9E,0x67,0x8C,0x8E,0x9B,0xD1,
+ 0xAD,0xBB,0xC3,0xEA,0xD3,0xD4,0xC5,0x12,
+ 0x7B,0xDD,0x00,0x57,0x7F,0xF6,0xF7,0xF6,
+ 0x3C,0x05,0xCF,0xFC,0x12,0xE1,0x93,0x05,
+ 0xE5,0x9B,0x79,0x87,0x69,0xD8,0x82,0xD9,
+ 0xD7,0x1D,0x41,0x73,0xE4,0x52,0x1D,0x3E,
+ 0xE5,0x8C,0x8D,0x34,0xE1,0x75,0xA9,0xF1,
+ 0x9D,0x09,0xA2,0x5B,0xEF,0xDA,0x96,0x6E,
+ 0x76,0x3D,0xEA,0x50,0xD9,0xCF,0x4F,0xAC,
+ 0xAD,0x1D,0x35,0x72,0x1B,0x88,0x8B,0xCD,
+ 0x8C,0x8A,0x8A,0xE0,0x96,0x04,0xD8,0xBB,
+ 0x28,0x43,0x16,0x77,0x60,0x98,0x63,0xF9,
+ 0xB9,0x71,0x46,0xB7,0xE1,0xA7,0xA9,0x84,
+ 0xC3,0x65,0x82,0xE1,0x1B,0x67,0x04,0x2D,
+ 0x55,0x6B,0xF9,0xC0,0x79,0x09,0x09,0xE7,
+ 0xFD,0x06,0x4D,0x09,0x9B,0x1A,0xCE,0x35,
+ 0xFA,0x27,0x6F,0x2F,0x01,0x65,0x0D,0xA0,
+ 0x97,0x59,0x11,0xF0,0x48,0xD2,0xE7,0x46,
+ 0xBE,0xB4,0x0A,0xA3,0xE2,0x75,0x0E,0x09,
+ 0x94,0xD9,0x69,0x28,0xD4,0xDA,0x64,0xBA,
+ 0xFE,0xA4,0xB9,0xF0,0xBA,0xEB,0xBA,0xAC,
+ 0xA8,0xF9,0xD3,0x82,0x4C,0x36,0x80,0xFA,
+ 0xE5,0xF6,0x76,0xC3,0x80,0xFA,0x90,0x29,
+ 0xF4,0x85,0xA4,0xC6,0x25,0x22,0x79,0x7E,
+ 0x39,0x1E,0x30,0xB8,0x65,0x72,0xCF,0xE1,
+ 0x99,0xF0,0x75,0xE8,0x09,0xB4,0x92,0x96,
+ 0x1B,0x68,0x50,0x88,0xF1,0x2C,0x97,0xE3,
+ 0x2D,0x26,0x8F,0xC5,0x30,0xCF,0x24,0xCB,
+ 0xB2,0x60,0x77,0xDC,0x02,0x72,0x0D,0xD9,
+ 0x2E,0xF2,0x52,0xEA,0x00,0xF6,0x32,0x65,
+ 0xA5,0xC6,0x43,0x29,0x29,0x69,0xAB,0x27,
+ 0x0C,0x39,0xDF,0x76,0x3E,0x93,0x95,0xB1,
+ 0x2C,0xA2,0x0D,0x18,0xCE,0xA0,0x97,0x10,
+ 0x3C,0x90,0xC0,0xEF,0x0E,0x04,0xA6,0xC8,
+ 0xA0,0x21,0x3C,0x0B,0x22,0x77,0x7A,0x66,
+ 0xA5,0x90,0x25,0xA4,0x09,0x3E,0xD5,0x27,
+ 0x1F,0x6C,0x99,0x85,0x5C,0xA2,0x99,0x7A,
+ 0x25,0xEE,0x8D,0x32,0x3D,0xD3,0xDC,0xF5,
+ 0x00,0x5A,0x34,0x61,0xB6,0xCD,0x4E,0xBC,
+ 0x26,0x36,0xFB,0x44,0x97,0x35,0xBD,0x06,
+ 0x7D,0x2E,0x4A,0xA2,0xDC,0x24,0xFE,0x70,
+ 0x0A,0xF9,0x57,0xE3,0xEE,0xAB,0xD1,0x17,
+ 0xF3,0x7C,0xD6,0x37,0x26,0xFA,0x83,0x9F,
+ 0xDD,0xB2,0xE1,0xD7,0xF9,0xC7,0x0E,0x15,
+ 0x01,0xA6,0x58,0x32,0x98,0x04,0x32,0xD4,
+ 0xDE,0xB9,0xEF,0x09,0xFA,0xE4,0x5A,0xD7,
+ 0xDD,0x09,0x1C,0xC9,0xAC,0xB8,0x6A,0xF5,
+ 0x00,0x5D,0x6B,0x95,0x12,0x8C,0x2F,0xCC,
+ 0xD8,0xB9,0x50,0x3A,0xEB,0x74,0x86,0xD2,
+ 0x3F,0xA1,0x05,0x8F,0x6E,0xEF,0xF5,0xA4,
+ 0xD6,0x6E,0x53,0xFA,0x9E,0xFA,0xCE,0xDB,
+ 0x99,0x46,0xE7,0xC5,0xDA,0x92,0x51,0x4F,
+ 0x22,0x07,0xF3,0xA5,0x38,0x26,0xD3,0xEC,
+ 0xD6,0x01,0xDD,0x31,0x3A,0x48,0x93,0xF6,
+ 0x69,0x4F,0xD8,0xF6,0xC2,0x91,0xA5,0x7C,
+ 0xDF,0x51,0x64,0xF1,0x3B,0x79,0xBC,0x0A,
+ 0x2C,0xDC,0x33,0x5A,0x29,0xF6,0xB2,0x09,
+ 0x66,0xCA,0x24,0x9F,0x1A,0x18,0xF3,0x76,
+ 0x4C,0x5E,0x0B,0x81,0x7F,0x29,0x84,0xD8,
+ 0x7A,0xA8,0xD6,0x11,0xAC,0xEC,0xD9,0x07,
+ 0x91,0xEC,0xB6,0x6D,0xEC,0xDB,0xBE,0x6F,
+ 0x9F,0xC5,0x19,0x5E,0x56,0x87,0x20,0x80,
+ 0x75,0xD5,0x64,0xE9,0x80,0xBF,0x2D,0xD5,
+ 0x94,0x9F,0x8C,0xA4,0x54,0x41,0xAB,0xB1,
+ 0x8E,0xAD,0x51,0xE4,0x3C,0x24,0xF7,0x1D,
+ 0xFE,0x02,0x48,0x7C,0x6D,0xED,0xF1,0xAC,
+ 0xD9,0x79,0x42,0xE5,0x3A,0xCF,0x6A,0x4C,
+ 0x6D,0xE2,0x13,0xD2,0x2B,0x9D,0xAB,0x1F,
+ 0x70,0xD3,0xC0,0x6F,0x81,0xE9,0x9A,0x86,
+ 0x33,0x39,0x60,0xE7,0x6A,0x00,0x1F,0x97,
+ 0xEB,0xE5,0x1D,0x0D,0x66,0x15,0xC9,0xA2,
+ 0xB1,0xC0,0xF0,0x2E,0xF4,0x07,0xA2,0x2E,
+ 0x49,0x92,0x95,0x13,0xA3,0x18,0x46,0x25,
+ 0xB9,0x3C,0xA1,0x4B,0x00,0x00,0x00,0x06,
+ 0xAB,0xAA,0xF9,0x3F,0x7E,0x21,0xF4,0x0E,
+ 0xCE,0xFD,0xE0,0x44,0xAC,0xC7,0x1A,0x30,
+ 0x22,0x9D,0x0A,0xD7,0x96,0x2D,0x8F,0x9A,
+ 0x99,0x1F,0x40,0x75,0x7F,0x62,0xF9,0xC1,
+ 0x81,0x7B,0x4A,0x1B,0xFA,0xD6,0x87,0xB9,
+ 0xEF,0x58,0x48,0xE4,0x5C,0x79,0xE5,0xB1,
+ 0x2C,0x59,0xA4,0x42,0xDB,0xA6,0x53,0x70,
+ 0x80,0x61,0x17,0xD4,0xD3,0x77,0xBD,0x53,
+ 0x26,0x7C,0x0E,0x0E,0xFF,0x30,0x4B,0xD0,
+ 0x86,0xFC,0x02,0x20,0x24,0x46,0x5B,0xF5,
+ 0xE3,0x99,0x73,0x85,0x60,0x00,0x36,0x47,
+ 0x17,0xEE,0x0C,0xD2,0x80,0x71,0x46,0x0E,
+ 0x2B,0xB0,0xEF,0x7F,0xFE,0x3B,0xE5,0xE1,
+ 0x87,0xC2,0xAF,0x1A,0x6F,0x63,0xF4,0x5A,
+ 0xC4,0x16,0xF7,0xAD,0x07,0x70,0x71,0x85,
+ 0x7D,0x3D,0x67,0x08,0xB8,0xD8,0xE2,0xF0,
+ 0xA1,0xAC,0xD2,0x94,0x7D,0x93,0x03,0xDD,
+ 0x54,0xF9,0x64,0x19,0xB3,0xED,0x24,0x22,
+ 0x01,0xD7,0x12,0x5E,0xC1,0x2B,0x39,0x10,
+ 0x13,0xE2,0x56,0x1C,0xEE,0xF4,0x2A,0x49,
+ 0x7B,0xFB,0x36,0x8D,0xF8,0xAF,0x60,0xDF,
+ 0x10,0xF0,0x72,0xA2,0xED,0xB6,0x53,0x88,
+ 0xA9,0x0C,0xED,0x9C,0x18,0x33,0x7D,0x65,
+ 0x9B,0xB2,0x9C,0x3E,0xE9,0x1E,0x43,0x51,
+ 0x7E,0xBE,0x01,0x95,0xF6,0x60,0x65,0xBE,
+ 0xD1,0xF4,0xE2,0x83,0x6B,0xCA,0x7A,0x70,
+ 0x41,0x83,0x72,0xC0,0x23,0x51,0x13,0x11,
+ 0x2D,0xF9,0xC0,0x0D,0x7D,0x73,0x76,0xA5,
+ 0x30,0x83,0x68,0x10,0x35,0xA2,0x18,0x22,
+ 0x4E,0x21,0x93,0x27,0x6A,0x19,0x28,0x83,
+ 0x7F,0xDD,0xDD,0xFF,0xC3,0x8A,0x64,0x00,
+ 0x5F,0x1C,0x0D,0xF8,0xBB,0xD7,0x15,0xB9,
+ 0xEF,0xE0,0x07,0x62,0x05,0x9E,0xCF,0xFC,
+ 0x08,0x52,0x1E,0x65,0x41,0x56,0x6A,0xEB,
+ 0x81,0x53,0x30,0x7B,0xF2,0xFD,0x65,0xFF,
+ 0xA2,0x14,0xF5,0x62,0x1E,0x24,0x48,0x47,
+ 0xA5,0x41,0x80,0xB4,0xC5,0xDC,0xB2,0xB4,
+ 0x2D,0x17,0xE7,0xBE,0x49,0x53,0x7A,0x25,
+ 0xC5,0x0D,0x19,0x59,0xF4,0x88,0x59,0xED,
+ 0x92,0x13,0xEE,0x7A,0x4F,0x12,0x98,0x4C
+};
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test_verify_only(void)
+{
+ int ret = -1;
+ int ret2 = -1;
+ int j = 0;
+ LmsKey verifyKey;
+ word32 sigSz = 0;
+ word32 msgSz = sizeof(lms_msg);
+ word32 pubLen = 0;
+ int levels = 0;
+ int height = 0;
+ int winternitz = 0;
+
+ ret = wc_LmsKey_Init(&verifyKey, NULL, INVALID_DEVID);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_SetParameters(&verifyKey, 1, 10, 8);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ ret = wc_LmsKey_ImportPubRaw(&verifyKey, lms_L1H10W8_pub,
+ HSS_MAX_PUBLIC_KEY_LEN);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ /* Verify parameters, pub length, and sig length are correct. */
+ ret = wc_LmsKey_GetParameters(&verifyKey, &levels, &height, &winternitz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ if (levels != 1 || height != 10 || winternitz != 8) {
+ printf("error: invalid LMS parameters: L%d-H%d-W%d\n", levels, height,
+ winternitz);
+ return -1;
+ }
+
+ ret = wc_LmsKey_GetPubLen(&verifyKey, &pubLen);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ if (pubLen != HSS_MAX_PUBLIC_KEY_LEN) {
+ printf("error: got %d, expected %d\n", pubLen, HSS_MAX_PUBLIC_KEY_LEN);
+ return WC_TEST_RET_ENC_EC(pubLen);
+ }
+
+ ret = wc_LmsKey_GetSigLen(&verifyKey, &sigSz);
+ if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+ if (sigSz != LMS_L1H10W8_SIGLEN) {
+ printf("error: got %d, expected %d\n", sigSz, LMS_L1H10W8_SIGLEN);
+ return WC_TEST_RET_ENC_EC(sigSz);
+ }
+
+ ret = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig, LMS_L1H10W8_SIGLEN,
+ (byte *) lms_msg, msgSz);
+ if (ret != 0) {
+ printf("error: wc_LmsKey_Verify returned %d\n", ret);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Flip bits in message. This should fail. */
+ lms_msg[msgSz / 2] ^= 1;
+ ret2 = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig, LMS_L1H10W8_SIGLEN,
+ (byte *) lms_msg, msgSz);
+ if (ret2 != -1) {
+ printf("error: wc_LmsKey_Verify returned %d, expected -1\n", ret2);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Flip it back. This should pass again. */
+ lms_msg[msgSz / 2] ^= 1;
+ ret = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig, LMS_L1H10W8_SIGLEN,
+ (byte *) lms_msg, msgSz);
+ if (ret != 0) {
+ printf("error: wc_LmsKey_Verify returned %d, expected 0\n", ret);
+ return WC_TEST_RET_ENC_EC(ret);
+ }
+
+ /* Flip bits in a few places throughout the signature, stepping in multiple
+ * of hash size. These should all fail with -1. */
+ for (j = 0; j < (int) sigSz; j+= 4 * 32) {
+ lms_L1H10W8_sig[j] ^= 1;
+
+ ret2 = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig,
+ LMS_L1H10W8_SIGLEN,
+ (byte *) lms_msg, msgSz);
+ if (ret2 != -1) {
+ /* Verify passed when it should have failed. */
+ return WC_TEST_RET_ENC_I(j);
+ }
+
+ /* Flip this spot back. */
+ lms_L1H10W8_sig[j] ^= 1;
+ }
+
+ wc_LmsKey_Free(&verifyKey);
+ return ret;
+}
+
+#endif /* if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_LMS_VERIFY_ONLY) &&
+ * !defined(WOLFSSL_SMALL_STACK) */
+
static const int fiducial3 = WC_TEST_RET_LN; /* source code reference point --
* see print_fiducials() below.
*/
#ifdef WOLFCRYPT_HAVE_ECCSI
-static int eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk,
+static wc_test_ret_t eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk,
ecc_point* pvt)
{
- int ret;
+ wc_test_ret_t ret;
byte id[1] = { 0x00 };
int valid;
word32 sz;
@@ -33867,9 +38061,9 @@ static int eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk,
}
/* RFC 6507: Appendix A */
-static int eccsi_kat_verify_test(EccsiKey* key, ecc_point* pvt)
+static wc_test_ret_t eccsi_kat_verify_test(EccsiKey* key, ecc_point* pvt)
{
- int ret;
+ wc_test_ret_t ret;
int verified;
const byte msg[] = { 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x00 };
word32 msgSz = sizeof(msg);
@@ -33949,9 +38143,9 @@ static int eccsi_kat_verify_test(EccsiKey* key, ecc_point* pvt)
return 0;
}
-static int eccsi_enc_dec_pair_test(EccsiKey* priv, mp_int* ssk, ecc_point* pvt)
+static wc_test_ret_t eccsi_enc_dec_pair_test(EccsiKey* priv, mp_int* ssk, ecc_point* pvt)
{
- int ret;
+ wc_test_ret_t ret;
byte data[32 * 3];
word32 sz;
ecc_point* decPvt = NULL;
@@ -34050,9 +38244,9 @@ out:
return ret;
}
-static int eccsi_imp_exp_key_test(EccsiKey* priv)
+static wc_test_ret_t eccsi_imp_exp_key_test(EccsiKey* priv)
{
- int ret;
+ wc_test_ret_t ret;
byte data[32 * 3];
byte out[32 * 3];
word32 sz;
@@ -34108,9 +38302,9 @@ static int eccsi_imp_exp_key_test(EccsiKey* priv)
return 0;
}
-static int eccsi_imp_exp_pubkey_test(EccsiKey* key1, EccsiKey* key2)
+static wc_test_ret_t eccsi_imp_exp_pubkey_test(EccsiKey* key1, EccsiKey* key2)
{
- int ret;
+ wc_test_ret_t ret;
byte data[32 * 2 + 1];
byte pubData[32 * 2 + 1];
word32 sz;
@@ -34154,10 +38348,10 @@ static int eccsi_imp_exp_pubkey_test(EccsiKey* key1, EccsiKey* key2)
return 0;
}
-static int eccsi_make_key_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
+static wc_test_ret_t eccsi_make_key_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
mp_int* ssk, ecc_point* pvt)
{
- int ret;
+ wc_test_ret_t ret;
char mail[] = "test@wolfssl.com";
byte* id = (byte*)mail;
word32 idSz = (word32) XSTRLEN(mail);
@@ -34193,10 +38387,10 @@ static int eccsi_make_key_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
return 0;
}
-static int eccsi_sign_verify_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
+static wc_test_ret_t eccsi_sign_verify_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
mp_int* ssk, ecc_point* pvt)
{
- int ret;
+ wc_test_ret_t ret;
byte hashPriv[WC_MAX_DIGEST_SIZE];
byte hashPub[WC_MAX_DIGEST_SIZE];
byte hashSz;
@@ -34348,9 +38542,9 @@ static int eccsi_sign_verify_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
return 0;
}
-int eccsi_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t eccsi_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
WC_RNG rng;
int rng_inited = 0;
EccsiKey* priv = NULL;
@@ -34457,9 +38651,9 @@ int eccsi_test(void)
#endif /* WOLFCRYPT_HAVE_ECCSI */
#ifdef WOLFCRYPT_HAVE_SAKKE
-static int sakke_api_test(WC_RNG* rng, SakkeKey* key, ecc_point* rsk)
+static wc_test_ret_t sakke_api_test(WC_RNG* rng, SakkeKey* key, ecc_point* rsk)
{
- int ret;
+ wc_test_ret_t ret;
byte id[1] = { 0x00 };
int valid;
byte data[256];
@@ -34893,7 +39087,7 @@ static int sakke_api_test(WC_RNG* rng, SakkeKey* key, ecc_point* rsk)
return 0;
}
-static int sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
+static wc_test_ret_t sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
{
WOLFSSL_SMALL_STACK_STATIC const byte pubData[] = {
0x59, 0x58, 0xEF, 0x1B, 0x16, 0x79, 0xBF, 0x09,
@@ -35013,7 +39207,7 @@ static int sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
0x89, 0xE0, 0xBC, 0x66, 0x1A, 0xA1, 0xE9, 0x16,
0x38, 0xE6, 0xAC, 0xC8, 0x4E, 0x49, 0x65, 0x07
};
- int ret;
+ wc_test_ret_t ret;
int valid;
byte pubKey[sizeof(pubData) + 1];
word32 sz = sizeof(pubKey);
@@ -35127,7 +39321,7 @@ static int sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
return 0;
}
-static int sakke_kat_encapsulate_test(SakkeKey* key)
+static wc_test_ret_t sakke_kat_encapsulate_test(SakkeKey* key)
{
static const byte pubData[] = {
0x59, 0x58, 0xEF, 0x1B, 0x16, 0x79, 0xBF, 0x09,
@@ -35214,7 +39408,7 @@ static int sakke_kat_encapsulate_test(SakkeKey* key)
0x89, 0xE0, 0xBC, 0x66, 0x1A, 0xA1, 0xE9, 0x16,
0x38, 0xE6, 0xAC, 0xC8, 0x4E, 0x49, 0x65, 0x07
};
- int ret;
+ wc_test_ret_t ret;
byte auth[257];
word16 authSz = sizeof(auth);
@@ -35241,10 +39435,10 @@ static int sakke_kat_encapsulate_test(SakkeKey* key)
return 0;
}
-static int sakke_make_key_test(SakkeKey* priv, SakkeKey* pub, SakkeKey* key,
+static wc_test_ret_t sakke_make_key_test(SakkeKey* priv, SakkeKey* pub, SakkeKey* key,
WC_RNG* rng, ecc_point* rsk)
{
- int ret;
+ wc_test_ret_t ret;
byte data[440];
byte pubData[257];
word32 sz;
@@ -35387,10 +39581,10 @@ static int sakke_make_key_test(SakkeKey* priv, SakkeKey* pub, SakkeKey* key,
return 0;
}
-static int sakke_op_test(SakkeKey* priv, SakkeKey* pub, WC_RNG* rng,
+static wc_test_ret_t sakke_op_test(SakkeKey* priv, SakkeKey* pub, WC_RNG* rng,
ecc_point* rsk)
{
- int ret;
+ wc_test_ret_t ret;
byte ssv[16];
word16 ssvSz;
byte auth[257];
@@ -35503,9 +39697,9 @@ static int sakke_op_test(SakkeKey* priv, SakkeKey* pub, WC_RNG* rng,
return 0;
}
-int sakke_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sakke_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
WC_RNG rng;
int rng_inited = 0;
SakkeKey* priv = NULL;
@@ -35623,7 +39817,7 @@ typedef struct CMAC_Test_Case {
word32 tSz;
} CMAC_Test_Case;
-WOLFSSL_TEST_SUBROUTINE int cmac_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cmac_test(void)
{
#ifdef WOLFSSL_AES_128
WOLFSSL_SMALL_STACK_STATIC const byte k128[] =
@@ -35775,7 +39969,7 @@ WOLFSSL_TEST_SUBROUTINE int cmac_test(void)
byte tag[AES_BLOCK_SIZE];
const CMAC_Test_Case* tc;
word32 i, tagSz;
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if ((cmac = (Cmac *)XMALLOC(sizeof *cmac, HEAP_HINT, DYNAMIC_TYPE_CMAC)) == NULL)
@@ -36066,9 +40260,9 @@ static const unsigned char siphash_r16[64][SIPHASH_MAC_SIZE_16] = {
};
#endif
-WOLFSSL_TEST_SUBROUTINE int siphash_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t siphash_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int i;
#if WOLFSSL_SIPHASH_CROUNDS == 2 && WOLFSSL_SIPHASH_DROUNDS == 4
unsigned char res[SIPHASH_MAC_SIZE_16];
@@ -36426,9 +40620,9 @@ static const byte sample_text_gz[] = {
0x6F, 0x86, 0x43, 0x51, 0xB6, 0x11, 0x00, 0x00
};
-WOLFSSL_TEST_SUBROUTINE int compress_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
word32 dSz = sizeof(sample_text);
word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
byte *c;
@@ -36536,7 +40730,7 @@ exit:
*
* Returns 0 on success, negative on error
*/
-static int pkcs7_load_certs_keys(
+static wc_test_ret_t pkcs7_load_certs_keys(
byte* rsaClientCertBuf, word32* rsaClientCertBufSz,
byte* rsaClientPrivKeyBuf, word32* rsaClientPrivKeyBufSz,
byte* rsaServerCertBuf, word32* rsaServerCertBufSz,
@@ -36935,7 +41129,8 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
byte* aad, word32 aadSz, byte* authTag, word32 authTagSz,
byte* in, int inSz, byte* out, void* usrCtx)
{
- int keyId = -1, ret, keySz;
+ wc_test_ret_t ret;
+ int keyId = -1, keySz;
word32 keyIdSz = 8;
const byte* key;
byte keyIdRaw[8];
@@ -37028,7 +41223,7 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
#ifdef WOLFSSL_AES_256
case AES256CBCb:
if ((keySz != 32 ) || (ivSz != AES_BLOCK_SIZE))
- ERROR_OUT(BAD_FUNC_ARG, out);
+ WARNING_OUT(BAD_FUNC_ARG, out);
break;
#endif
#ifdef WOLFSSL_AES_128
@@ -37061,19 +41256,20 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
(void)aadSz;
(void)authTag;
(void)authTagSz;
- return ret;
+ return (int)ret;
}
#endif /* !NO_AES && HAVE_AES_CBC */
#define PKCS7_BUF_SIZE 2048
-static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
+static wc_test_ret_t pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
byte* rsaPrivKey, word32 rsaPrivKeySz,
byte* eccCert, word32 eccCertSz,
byte* eccPrivKey, word32 eccPrivKeySz)
{
- int ret = 0, testSz = 0, i;
+ wc_test_ret_t ret = 0;
+ int testSz = 0, i;
int envelopedSz, decodedSz;
byte *enveloped = NULL;
@@ -37542,9 +41738,9 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
}
-WOLFSSL_TEST_SUBROUTINE int pkcs7enveloped_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7enveloped_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte* rsaCert = NULL;
byte* rsaPrivKey = NULL;
@@ -37686,12 +41882,13 @@ typedef struct {
} pkcs7AuthEnvelopedVector;
-static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
+static wc_test_ret_t pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
byte* rsaPrivKey, word32 rsaPrivKeySz,
byte* eccCert, word32 eccCertSz,
byte* eccPrivKey, word32 eccPrivKeySz)
{
- int ret = 0, testSz = 0, i;
+ wc_test_ret_t ret = 0;
+ int testSz = 0, i;
int envelopedSz, decodedSz;
byte *enveloped = NULL;
@@ -37724,7 +41921,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
#endif
#if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \
- defined(WOLFSSL_SHA512)
+ defined(WOLFSSL_SHA512) && defined(HAVE_AESGCM)
WOLFSSL_SMALL_STACK_STATIC const byte optionalUkm[] = {
0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
};
@@ -37827,7 +42024,12 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
"pkcs7authEnvelopedDataAES256GCM_IANDS.der");
#endif
- #endif /* NO_AES */
+ #else /* NO_AES || !HAVE_AESGCM */
+ (void)rsaCert;
+ (void)rsaCertSz;
+ (void)rsaPrivKey;
+ (void)rsaPrivKeySz;
+ #endif /* NO_AES || !HAVE_AESGCM */
#endif
/* key agreement key encryption technique*/
@@ -38242,9 +42444,9 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
return ret;
}
-WOLFSSL_TEST_SUBROUTINE int pkcs7authenveloped_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte* rsaCert = NULL;
byte* rsaPrivKey = NULL;
@@ -38349,7 +42551,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
word32 keyIdSz, byte* orginKey, word32 orginKeySz,
byte* out, word32 outSz, int keyWrapAlgo, int type, int direction)
{
- int ret;
+ wc_test_ret_t ret;
if (cek == NULL || out == NULL)
return BAD_FUNC_ARG;
@@ -38372,7 +42574,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
ret = wc_AesKeyUnWrap(p7DefKey, sizeof(p7DefKey), cek, cekSz,
out, outSz, NULL);
if (ret <= 0)
- return ret;
+ return (int)ret;
break;
default:
@@ -38384,14 +42586,14 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
(void)direction;
(void)orginKey; /* used with KAKRI */
(void)orginKeySz;
- return ret;
+ return (int)ret;
}
/* returns key size on success */
-static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
+static wc_test_ret_t getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
{
- int ret;
+ wc_test_ret_t ret;
word32 atrSz;
byte atr[256];
@@ -38444,10 +42646,10 @@ static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
/* create a KEKRI enveloped data
* return size on success */
-static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
+static wc_test_ret_t envelopedData_encrypt(byte* in, word32 inSz, byte* out,
word32 outSz)
{
- int ret;
+ wc_test_ret_t ret;
PKCS7* pkcs7;
WOLFSSL_SMALL_STACK_STATIC const byte keyId[] = { 0x00 };
@@ -38467,7 +42669,7 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
sizeof(p7DefKey), (byte*)keyId,
sizeof(keyId), NULL, NULL, 0, NULL, 0, 0);
if (ret < 0) {
- printf("wc_PKCS7_AddRecipient_KEKRI() failed, ret = %d\n", ret);
+ printf("wc_PKCS7_AddRecipient_KEKRI() failed\n");
wc_PKCS7_Free(pkcs7);
return WC_TEST_RET_ENC_EC(ret);
}
@@ -38475,7 +42677,7 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
/* encode envelopedData, returns size */
ret = wc_PKCS7_EncodeEnvelopedData(pkcs7, out, outSz);
if (ret <= 0) {
- printf("wc_PKCS7_EncodeEnvelopedData() failed, ret = %d\n", ret);
+ printf("wc_PKCS7_EncodeEnvelopedData() failed\n");
wc_PKCS7_Free(pkcs7);
return WC_TEST_RET_ENC_EC(ret);
@@ -38491,11 +42693,12 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
* keyHint is the KeyID to be set in the fwDecryptKeyID attribute
* returns size of buffer output on success
*/
-static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
+static wc_test_ret_t generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
word32 encryptKeySz, byte keyHint, byte* cert, word32 certSz,
byte* key, word32 keySz)
{
- int ret, attribNum = 1;
+ wc_test_ret_t ret;
+ int attribNum = 1;
PKCS7* pkcs7;
/* KEY ID
@@ -38532,7 +42735,7 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
if (ret <= 0) {
return ret;
}
- attribs[1].valueSz = ret;
+ attribs[1].valueSz = (int)ret;
attribNum++;
}
@@ -38574,7 +42777,7 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
return WC_TEST_RET_ENC_EC(ret);
} else {
- *outSz = ret;
+ *outSz = (int)ret;
}
wc_PKCS7_Free(pkcs7);
@@ -38586,9 +42789,9 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
/* test verification and decryption of PKCS7 bundle
* return 0 on success
*/
-static int verifyBundle(byte* derBuf, word32 derSz, int keyHint)
+static wc_test_ret_t verifyBundle(byte* derBuf, word32 derSz, int keyHint)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int usrCtx = 1; /* test value to pass as user context to callback */
PKCS7* pkcs7 = NULL;
byte* sid = NULL;
@@ -38674,7 +42877,7 @@ static int verifyBundle(byte* derBuf, word32 derSz, int keyHint)
if (ret < 0)
goto out;
pkcs7->encryptionKey = key;
- pkcs7->encryptionKeySz = ret;
+ pkcs7->encryptionKeySz = (int)ret;
}
else {
decodedSz = PKCS7_BUF_SIZE;
@@ -38709,10 +42912,10 @@ static int verifyBundle(byte* derBuf, word32 derSz, int keyHint)
}
-WOLFSSL_TEST_SUBROUTINE int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
word32 derSz;
byte *derBuf = (byte *)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -38781,9 +42984,9 @@ typedef struct {
} pkcs7EncryptedVector;
-WOLFSSL_TEST_SUBROUTINE int pkcs7encrypted_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int i, testSz;
int encryptedSz, decodedSz, attribIdx;
PKCS7* pkcs7;
@@ -39049,9 +43252,9 @@ typedef struct {
} pkcs7CompressedVector;
-WOLFSSL_TEST_SUBROUTINE int pkcs7compressed_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int i, testSz;
int compressedSz, decodedSz;
PKCS7* pkcs7;
@@ -39195,7 +43398,7 @@ typedef struct {
} pkcs7SignedVector;
-static int pkcs7signed_run_vectors(
+static wc_test_ret_t pkcs7signed_run_vectors(
byte* rsaClientCertBuf, word32 rsaClientCertBufSz,
byte* rsaClientPrivKeyBuf, word32 rsaClientPrivKeyBufSz,
byte* rsaServerCertBuf, word32 rsaServerCertBufSz,
@@ -39205,7 +43408,8 @@ static int pkcs7signed_run_vectors(
byte* eccClientCertBuf, word32 eccClientCertBufSz,
byte* eccClientPrivKeyBuf, word32 eccClientPrivKeyBufSz)
{
- int ret, testSz = 0, i;
+ wc_test_ret_t ret;
+ int testSz = 0, i;
int encodedSz;
byte* out = NULL;
word32 outSz;
@@ -39706,7 +43910,7 @@ static int pkcs7signed_run_vectors(
}
-static int pkcs7signed_run_SingleShotVectors(
+static wc_test_ret_t pkcs7signed_run_SingleShotVectors(
byte* rsaClientCertBuf, word32 rsaClientCertBufSz,
byte* rsaClientPrivKeyBuf, word32 rsaClientPrivKeyBufSz,
byte* rsaServerCertBuf, word32 rsaServerCertBufSz,
@@ -39716,7 +43920,8 @@ static int pkcs7signed_run_SingleShotVectors(
byte* eccClientCertBuf, word32 eccClientCertBufSz,
byte* eccClientPrivKeyBuf, word32 eccClientPrivKeyBufSz)
{
- int ret, testSz = 0, i;
+ wc_test_ret_t ret;
+ int testSz = 0, i;
int encodedSz;
byte* out = NULL;
word32 outSz;
@@ -40245,9 +44450,9 @@ static int pkcs7signed_run_SingleShotVectors(
}
-WOLFSSL_TEST_SUBROUTINE int pkcs7signed_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte* rsaClientCertBuf = NULL;
byte* rsaServerCertBuf = NULL;
@@ -40394,10 +44599,10 @@ WOLFSSL_TEST_SUBROUTINE int pkcs7signed_test(void)
/* Maximum number of bytes in a number to test. */
#define MP_MAX_TEST_BYTE_LEN 32
-static int randNum(mp_int* n, int len, WC_RNG* rng, void* heap)
+static wc_test_ret_t randNum(mp_int* n, int len, WC_RNG* rng, void* heap)
{
byte d[MP_MAX_TEST_BYTE_LEN];
- int ret;
+ wc_test_ret_t ret;
(void)heap;
@@ -40414,12 +44619,12 @@ static int randNum(mp_int* n, int len, WC_RNG* rng, void* heap)
}
#if defined(WOLFSSL_SP_MATH_ALL) || !defined(USE_FAST_MATH)
-static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng)
{
int i, j;
mp_digit rem;
mp_digit rem2;
- int ret;
+ wc_test_ret_t ret;
#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
@@ -40508,9 +44713,9 @@ static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng)
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
(!defined WOLFSSL_SP_MATH && !defined(WOLFSSL_SP_MATH_ALL) && \
(defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)))
-static int mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i, j;
int size;
char str[30];
@@ -40587,9 +44792,9 @@ static int mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng)
#if defined(WOLFSSL_SP_MATH_ALL) || (!defined WOLFSSL_SP_MATH && \
defined(HAVE_ECC))
-static int mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i, j;
int size;
char str[30];
@@ -40674,10 +44879,10 @@ static int mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng)
}
#endif
-static int mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
+static wc_test_ret_t mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
{
int i;
- int ret;
+ wc_test_ret_t ret;
ret = randNum(a, 4, rng, NULL);
if (ret != 0)
@@ -40711,10 +44916,10 @@ static int mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
return 0;
}
-static int mp_test_add_sub_d(mp_int* a, mp_int* r1)
+static wc_test_ret_t mp_test_add_sub_d(mp_int* a, mp_int* r1)
{
int i, j;
- int ret;
+ wc_test_ret_t ret;
for (i = 0; i <= DIGIT_BIT * 2; i++) {
mp_zero(a);
@@ -40751,7 +44956,7 @@ static int mp_test_add_sub_d(mp_int* a, mp_int* r1)
return 0;
}
-static int mp_test_read_to_bin(mp_int* a)
+static wc_test_ret_t mp_test_read_to_bin(mp_int* a)
{
WOLFSSL_SMALL_STACK_STATIC const byte in[16] = {
0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7, 0x08,
@@ -40760,7 +44965,7 @@ static int mp_test_read_to_bin(mp_int* a)
byte out[24];
int i, j, k;
const byte* p;
- int ret;
+ wc_test_ret_t ret;
for (i = 0; i < (int)sizeof(in); i++) {
p = in + sizeof(in) - i;
@@ -40798,7 +45003,7 @@ static int mp_test_read_to_bin(mp_int* a)
}
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_set_int(mp_int* a)
+static wc_test_ret_t mp_test_set_int(mp_int* a)
{
#if SP_ULONG_BITS == 64
unsigned long n = 0xfedcba9876543210UL;
@@ -40817,7 +45022,7 @@ static int mp_test_set_int(mp_int* a)
byte exp[1] = { 0xfe };
byte out[1] = { 0 };
#endif
- int ret;
+ wc_test_ret_t ret;
ret = mp_set_int(a, n);
if (ret != 0)
@@ -40837,7 +45042,7 @@ static int mp_test_set_int(mp_int* a)
#endif
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
{
byte buffer[16];
#if defined(HAVE_ECC) || defined(WOLFSSL_SP_MATH_ALL)
@@ -40850,7 +45055,7 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
defined(HAVE_COMP_KEY)
char decStr[] = "0987654321";
#endif
- int ret;
+ wc_test_ret_t ret;
#ifdef WOLFSSL_SP_MATH_ALL
mp_digit rho;
int size;
@@ -41852,10 +46057,10 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
#endif
#if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_set_is_bit(mp_int* a)
+static wc_test_ret_t mp_test_set_is_bit(mp_int* a)
{
int i, j;
- int ret;
+ wc_test_ret_t ret;
mp_zero(a);
for (i = 0; i <= DIGIT_BIT * 2; i++) {
@@ -41944,9 +46149,9 @@ static int mp_test_set_is_bit(mp_int* a)
}
#endif /* !WOLFSSL_SP_MATH || WOLFSSL_SP_MATH_ALL */
-static int mp_test_cmp(mp_int* a, mp_int* b)
+static wc_test_ret_t mp_test_cmp(mp_int* a, mp_int* b)
{
- int ret;
+ wc_test_ret_t ret;
mp_zero(a);
mp_zero(b);
@@ -42017,13 +46222,74 @@ static int mp_test_cmp(mp_int* a, mp_int* b)
return WC_TEST_RET_ENC_NC;
#endif
+#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
+ defined(WOLFSSL_ECC_GEN_REJECT_SAMPLING)
+ mp_zero(a);
+ mp_zero(b);
+ ret = mp_cmp_ct(a, b, 1);
+ if (ret != MP_EQ)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(a, a, a->used);
+ if (ret != MP_EQ)
+ return WC_TEST_RET_ENC_EC(ret);
+
+#ifdef WOLFSSL_SP_MATH_ALL
+ ret = mp_cmp_ct(a, NULL, a->used);
+ if (ret != MP_GT)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(NULL, a, a->used);
+ if (ret != MP_LT)
+ return WC_TEST_RET_ENC_EC(ret);
+#endif
+
+ mp_read_radix(a, "1", MP_RADIX_HEX);
+ ret = mp_cmp_ct(a, b, 1);
+ if (ret != MP_GT)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(b, a, 1);
+ if (ret != MP_LT)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ mp_read_radix(a, "0123456789abcdef0123456789abcdef", MP_RADIX_HEX);
+ ret = mp_cmp_ct(a, b, a->used);
+ if (ret != MP_GT)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(b, a, a->used);
+ if (ret != MP_LT)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ mp_read_radix(b, "1123456789abcdef0123456789abcdef", MP_RADIX_HEX);
+ ret = mp_cmp_ct(b, a, a->used);
+ if (ret != MP_GT)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(a, b, a->used);
+ if (ret != MP_LT)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ mp_read_radix(b, "0123456789abcdef0123456789abcdf0", MP_RADIX_HEX);
+ ret = mp_cmp_ct(b, a, a->used);
+ if (ret != MP_GT)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(a, b, a->used);
+ if (ret != MP_LT)
+ return WC_TEST_RET_ENC_EC(ret);
+
+ mp_read_radix(b, "0123456789abcdf0", MP_RADIX_HEX);
+ ret = mp_cmp_ct(a, b, a->used);
+ if (ret != MP_GT)
+ return WC_TEST_RET_ENC_EC(ret);
+ ret = mp_cmp_ct(b, a, a->used);
+ if (ret != MP_LT)
+ return WC_TEST_RET_ENC_EC(ret);
+#endif
+
return 0;
}
#if !defined(NO_DH) || defined(HAVE_ECC) || !defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
+static wc_test_ret_t mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i, j, k;
#ifndef WOLFSSL_SP_MATH
@@ -42092,10 +46358,10 @@ static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
#if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
-static int mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
+static wc_test_ret_t mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i, j, k;
mp_zero(a);
@@ -42231,9 +46497,9 @@ static int mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
#if defined(WOLFSSL_KEY_GEN) && (!defined(NO_DH) || !defined(NO_DSA)) && \
!defined(WC_NO_RNG)
-static int mp_test_prime(mp_int* a, WC_RNG* rng)
+static wc_test_ret_t mp_test_prime(mp_int* a, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int res;
ret = mp_rand_prime(a, 1, rng, NULL);
@@ -42335,10 +46601,10 @@ static int mp_test_prime(mp_int* a, WC_RNG* rng)
#endif
#if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING)
-static int mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp,
+static wc_test_ret_t mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp,
WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i;
WOLFSSL_SMALL_STACK_STATIC const int kat[][3] = {
{ 1, 1, 1 }, { 2, 1, 2 }, { 1, 2, 2 }, { 2, 4, 4 }, { 4, 2, 4 },
@@ -42421,9 +46687,9 @@ static int mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp,
#if (!defined(WOLFSSL_SP_MATH) && !defined(USE_FAST_MATH)) || \
defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_mod_2d(mp_int* a, mp_int* r, mp_int* t, WC_RNG* rng)
+static wc_test_ret_t mp_test_mod_2d(mp_int* a, mp_int* r, mp_int* t, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i;
int j;
@@ -42506,9 +46772,9 @@ static int mp_test_mod_2d(mp_int* a, mp_int* r, mp_int* t, WC_RNG* rng)
#if defined(WOLFSSL_SP_MATH_ALL) || defined(OPENSSL_EXTRA) || \
(defined(HAVE_ECC) && defined(HAVE_COMP_KEY))
-static int mp_test_mod_d(mp_int* a, WC_RNG* rng)
+static wc_test_ret_t mp_test_mod_d(mp_int* a, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
mp_digit r;
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
mp_digit rem;
@@ -42555,10 +46821,10 @@ static int mp_test_mod_d(mp_int* a, WC_RNG* rng)
}
#endif
-static int mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2,
+static wc_test_ret_t mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2,
WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
int i;
for (i = 1; i < 16; i++) {
@@ -42644,9 +46910,9 @@ static int mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2,
#if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \
defined(OPENSSL_EXTRA)
-static int mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
+static wc_test_ret_t mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
{
- int ret;
+ wc_test_ret_t ret;
mp_set(a, 0);
mp_set(m, 1);
@@ -42755,9 +47021,9 @@ static int mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
#if !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH) || \
(defined(HAVE_ECC) && defined(HAVE_COMP_KEY)) || defined(OPENSSL_EXTRA)
-static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r)
+static wc_test_ret_t mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r)
{
- int ret;
+ wc_test_ret_t ret;
mp_set(b, 0x2);
mp_set(e, 0x3);
@@ -42885,9 +47151,9 @@ static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r)
#if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
defined(HAVE_ECC) || (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
-static int mp_test_mont(mp_int* a, mp_int* m, mp_int* n, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_mont(mp_int* a, mp_int* m, mp_int* n, mp_int* r, WC_RNG* rng)
{
- int ret;
+ wc_test_ret_t ret;
mp_digit mp;
static int exp[] = { 7, 8, 16, 27, 32, 64,
127, 128, 255, 256,
@@ -42995,11 +47261,11 @@ static int mp_test_mont(mp_int* a, mp_int* m, mp_int* n, mp_int* r, WC_RNG* rng)
}
#endif
-WOLFSSL_TEST_SUBROUTINE int mp_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void)
{
WC_RNG rng;
int rng_inited = 0;
- int ret;
+ wc_test_ret_t ret;
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
int i, j;
#ifndef WOLFSSL_SP_MATH
@@ -43244,7 +47510,9 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void)
if ((ret = mp_test_set_is_bit(a)) != 0)
goto done;
#endif
-#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
+#if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \
+ (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
+ !defined(WOLFSSL_RSA_PUBLIC_ONLY))
if ((ret = mp_test_div(a, b, r1, r2, &rng)) != 0)
goto done;
#endif
@@ -43383,9 +47651,9 @@ static const unsigned char controlPrime[] = {
static const unsigned char testOne[] = { 1 };
-static int GenerateNextP(mp_int* p1, mp_int* p2, int k)
+static wc_test_ret_t GenerateNextP(mp_int* p1, mp_int* p2, int k)
{
- int ret;
+ wc_test_ret_t ret;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int *ki = (mp_int *)XMALLOC(sizeof(*ki), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -43428,7 +47696,7 @@ static int GenerateNextP(mp_int* p1, mp_int* p2, int k)
}
-static int GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
+static wc_test_ret_t GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
const pairs_t* ecPairs, int ecPairsSz,
const int* k)
{
@@ -43437,7 +47705,8 @@ static int GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
#else
mp_int x[1], y[1];
#endif
- int ret, i;
+ wc_test_ret_t ret;
+ int i;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
if (((x = (mp_int *)XMALLOC(sizeof(*x), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)) == NULL) ||
@@ -43504,7 +47773,7 @@ static int GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
return ret;
}
-WOLFSSL_TEST_SUBROUTINE int prime_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void)
{
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int *n = (mp_int *)XMALLOC(sizeof *n, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER),
@@ -43517,7 +47786,8 @@ WOLFSSL_TEST_SUBROUTINE int prime_test(void)
p2[1],
p3[1];
#endif
- int ret, isPrime = 0;
+ wc_test_ret_t ret;
+ int isPrime = 0;
WC_RNG rng;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -43657,9 +47927,9 @@ typedef struct berDerTestData {
word32 outSz;
} berDerTestData;
-WOLFSSL_TEST_SUBROUTINE int berder_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void)
{
- int ret;
+ wc_test_ret_t ret;
int i;
word32 len = 0, l;
byte out[32];
@@ -43775,9 +48045,9 @@ static void my_Logging_cb(const int logLevel, const char *const logMessage)
}
#endif /* DEBUG_WOLFSSL */
-WOLFSSL_TEST_SUBROUTINE int logging_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void)
{
- int ret;
+ wc_test_ret_t ret;
#ifdef DEBUG_WOLFSSL
const char* msg = "Testing, testing. 1, 2, 3, 4 ...";
byte a[8] = { 1, 2, 3, 4, 5, 6, 7, 8 };
@@ -43841,9 +48111,9 @@ WOLFSSL_TEST_SUBROUTINE int logging_test(void)
}
#if defined(__INCLUDE_NUTTX_CONFIG_H)
-WOLFSSL_TEST_SUBROUTINE int wolfcrypt_mutex_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t wolfcrypt_mutex_test(void)
#else
-WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mutex_test(void)
#endif
{
#ifdef WOLFSSL_PTHREADS
@@ -43851,7 +48121,7 @@ WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
#endif
#if defined(WOLFSSL_PTHREADS) || (!defined(WOLFSSL_NO_MALLOC) && \
!defined(WOLFSSL_USER_MUTEX) && defined(WOLFSSL_STATIC_MEMORY))
- int ret;
+ wc_test_ret_t ret;
#endif
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_USER_MUTEX)
#ifndef WOLFSSL_STATIC_MEMORY
@@ -43913,9 +48183,9 @@ WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_LINUXKM) && \
!defined(WOLFSSL_STATIC_MEMORY)
-static int malloc_cnt = 0;
-static int realloc_cnt = 0;
-static int free_cnt = 0;
+static wc_test_ret_t malloc_cnt = 0;
+static wc_test_ret_t realloc_cnt = 0;
+static wc_test_ret_t free_cnt = 0;
#ifdef WOLFSSL_DEBUG_MEMORY
static void *my_Malloc_cb(size_t size, const char* func, unsigned int line)
@@ -43975,9 +48245,9 @@ static void *my_Realloc_cb(void *ptr, size_t size)
}
#endif /* !WOLFSSL_NO_MALLOC */
-WOLFSSL_TEST_SUBROUTINE int memcb_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memcb_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_LINUXKM) && \
!defined(WOLFSSL_STATIC_MEMORY)
byte* b = NULL;
@@ -44046,9 +48316,9 @@ exit_memcb:
#if defined(WOLFSSL_CAAM_BLOB)
-WOLFSSL_TEST_SUBROUTINE int blob_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blob_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
byte out[112];
byte blob[112];
word32 outSz;
@@ -44133,9 +48403,9 @@ typedef struct {
* ctx callback ctx
* returen 0 on success, otherwise return negative
*/
-static int rsa_onlycb_test(myCryptoDevCtx *ctx)
+static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if !defined(NO_RSA)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -44295,9 +48565,9 @@ exit_onlycb:
* ctx callback ctx
* returen 0 on success, otherwise return negative
*/
-static int ecc_onlycb_test(myCryptoDevCtx *ctx)
+static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
#if defined(HAVE_ECC)
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -44830,7 +49100,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->pk.curve25519.private_key->devId = devIdArg;
}
#endif /* HAVE_CURVE25519 */
- #ifdef HAVE_ED25519
+ #if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
if (info->pk.type == WC_PK_TYPE_ED25519_KEYGEN) {
/* set devId to invalid, so software is used */
info->pk.ed25519kg.key->devId = INVALID_DEVID;
@@ -45241,9 +49511,9 @@ static int myCryptoCbFind(int currentId, int algoType)
#endif /* WOLF_CRYPTO_CB_FIND */
-WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
{
- int ret = 0;
+ wc_test_ret_t ret = 0;
int origDevId = devId;
myCryptoDevCtx myCtx;
@@ -45337,7 +49607,7 @@ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void)
#endif
#endif
#ifndef NO_PWDBASED
- #if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
+ #if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
if (ret == 0)
ret = pbkdf2_test();
#endif
@@ -45355,9 +49625,9 @@ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void)
#endif /* WOLF_CRYPTO_CB */
#ifdef WOLFSSL_CERT_PIV
-WOLFSSL_TEST_SUBROUTINE int certpiv_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certpiv_test(void)
{
- int ret;
+ wc_test_ret_t ret;
wc_CertPIV piv;
/* Template for Identiv PIV cert, nonce and signature */
@@ -45371,7 +49641,7 @@ WOLFSSL_TEST_SUBROUTINE int certpiv_test(void)
0x0B, 0x01, 0x00, /* Nonce */
0x0C, 0x01, 0x00, /* Signed Nonce */
};
- /* PIV certificate data including certificate, info and error dectection. */
+ /* PIV certificate data including certificate, info and error detection. */
WOLFSSL_SMALL_STACK_STATIC const byte pivCert[] = {
0x53, 0x09, /* NIST PIV Cert */
0x70, 0x02, /* Certificate */
@@ -45444,10 +49714,10 @@ static time_t time_cb(time_t* t)
return 99;
}
-WOLFSSL_TEST_SUBROUTINE int time_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t time_test(void)
{
time_t t;
- int ret;
+ wc_test_ret_t ret;
ret = wc_SetTimeCb(time_cb);
if (ret != 0)
@@ -45486,7 +49756,7 @@ typedef struct {
#define AES_SIV_TEST_VECTORS 7
-WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void)
{
/* These test vectors come from chrony 4.1's SIV unit tests. */
WOLFSSL_SMALL_STACK_STATIC const AesSivTestVector testVectors[AES_SIV_TEST_VECTORS] = {
@@ -45570,7 +49840,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void)
byte computedCiphertext[82];
byte computedPlaintext[82];
byte siv[AES_BLOCK_SIZE];
- int ret = 0;
+ wc_test_ret_t ret = 0;
for (i = 0; i < AES_SIV_TEST_VECTORS; ++i) {
ret = wc_AesSivEncrypt(testVectors[i].key, testVectors[i].keySz,
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/test/test.h b/extra/wolfssl/wolfssl/wolfcrypt/test/test.h
index d49f5f01..b58beca0 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/test/test.h
+++ b/extra/wolfssl/wolfssl/wolfcrypt/test/test.h
@@ -23,19 +23,28 @@
#ifndef WOLFCRYPT_TEST_H
#define WOLFCRYPT_TEST_H
+#include <wolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
+#ifdef WC_TEST_RET_CUSTOM_TYPE
+ typedef WC_TEST_RET_CUSTOM_TYPE wc_test_ret_t;
+#else
+ typedef sword32 wc_test_ret_t;
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
#ifdef HAVE_STACK_SIZE
THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args);
#else
-int wolfcrypt_test(void* args);
+wc_test_ret_t wolfcrypt_test(void* args);
#endif
#ifndef NO_MAIN_DRIVER
-int wolfcrypt_test_main(int argc, char** argv);
+wc_test_ret_t wolfcrypt_test_main(int argc, char** argv);
#endif
#if defined(WOLFSSL_ESPIDF) || defined(_WIN32_WCE)
@@ -44,13 +53,13 @@ int wolf_test_task(void);
#ifndef WC_TEST_RET_HAVE_CUSTOM_MACROS
-#define WC_TEST_RET_TAG_NC 0
-#define WC_TEST_RET_TAG_EC 1
-#define WC_TEST_RET_TAG_ERRNO 2
-#define WC_TEST_RET_TAG_I 3
+#define WC_TEST_RET_TAG_NC 0L
+#define WC_TEST_RET_TAG_EC 1L
+#define WC_TEST_RET_TAG_ERRNO 2L
+#define WC_TEST_RET_TAG_I 3L
#define WC_TEST_RET_ENC(line, i, tag) \
- (-((line) + ((int)((unsigned)(i) & 0x7ff) * 100000) + ((tag) << 29)))
+ ((wc_test_ret_t)(-((wc_test_ret_t)(line) + ((wc_test_ret_t)((word32)(i) & 0x7ffL) * 100000L) + ((wc_test_ret_t)(tag) << 29L))))
#ifndef WC_TEST_RET_LN
#define WC_TEST_RET_LN __LINE__
@@ -74,16 +83,16 @@ int wolf_test_task(void);
#define WC_TEST_RET_ENC_ERRNO WC_TEST_RET_ENC_NC
#endif
-#define WC_TEST_RET_DEC_TAG(x) ((-(x)) >> 29)
+#define WC_TEST_RET_DEC_TAG(x) ((-(x)) >> 29L)
/* decode line number */
-#define WC_TEST_RET_DEC_LN(x) (((-(x)) & ~(3 << 29)) % 100000)
+#define WC_TEST_RET_DEC_LN(x) ((int)(((-(x)) & ~(3L << 29L)) % 100000L))
/* decode integer or errno */
-#define WC_TEST_RET_DEC_I(x) (((-(x)) & ~(3 << 29)) / 100000)
+#define WC_TEST_RET_DEC_I(x) ((int)((((-(x)) & ~(3L << 29L)) / 100000L)))
/* decode error code */
-#define WC_TEST_RET_DEC_EC(x) (-WC_TEST_RET_DEC_I(x))
+#define WC_TEST_RET_DEC_EC(x) ((int)(-WC_TEST_RET_DEC_I(x)))
#endif /* !WC_TEST_RET_HAVE_CUSTOM_MACROS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c
index bb70dc78..66357372 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c
@@ -25,7 +25,7 @@
#endif
#include <wolfssl/options.h>
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifndef NO_RSA
@@ -37,11 +37,11 @@
#endif
#include "user_rsa.h"
-#ifdef DEBUG_WOLFSSL /* debug done without variadric to allow older compilers */
+#ifdef DEBUG_WOLFSSL /* debug done without variadic to allow older compilers */
#include <stdio.h>
#define USER_DEBUG(x) printf x
#else
- #define USER_DEBUG(x)
+ #define USER_DEBUG(x) WC_DO_NOTHING
#endif
#define ASN_INTEGER 0x02
@@ -2042,7 +2042,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
IppStatus ret;
int scratchSz;
- int i; /* for trys on calling make key */
+ int i; /* for tries on calling make key */
int ctxSz;
IppsBigNumState* pSrcPublicExp = NULL;
@@ -2178,7 +2178,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
goto makeKeyEnd;
}
- /* call IPP to generate keys, if inseficent entropy error call again */
+ /* call IPP to generate keys, if insufficient entropy error call again */
ret = ippStsInsufficientEntropy;
while (ret == ippStsInsufficientEntropy) {
ret = ippsRSA_GenerateKeys(pSrcPublicExp, key->n, key->e,
diff --git a/extra/wolfssl/wolfssl/wolfssl.rc b/extra/wolfssl/wolfssl/wolfssl.rc
index d9c9a3e4..d9a8b919 100644
--- a/extra/wolfssl/wolfssl/wolfssl.rc
+++ b/extra/wolfssl/wolfssl/wolfssl.rc
Binary files differ
diff --git a/extra/wolfssl/wolfssl/wolfssl.vcproj b/extra/wolfssl/wolfssl/wolfssl.vcproj
index cca7ea49..c75b2f93 100644
--- a/extra/wolfssl/wolfssl/wolfssl.vcproj
+++ b/extra/wolfssl/wolfssl/wolfssl.vcproj
@@ -42,7 +42,7 @@
Name="VCCLCompilerTool"
Optimization="0"
AdditionalIncludeDirectories="./;./IDE/WIN"
- PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
MinimalRebuild="true"
BasicRuntimeChecks="3"
RuntimeLibrary="3"
@@ -107,7 +107,7 @@
Optimization="2"
EnableIntrinsicFunctions="true"
AdditionalIncludeDirectories="./;./IDE/WIN"
- PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+ PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
RuntimeLibrary="2"
EnableFunctionLevelLinking="true"
UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/wolfssl.vcxproj b/extra/wolfssl/wolfssl/wolfssl.vcxproj
index e3a80499..b5e9b076 100644
--- a/extra/wolfssl/wolfssl/wolfssl.vcxproj
+++ b/extra/wolfssl/wolfssl/wolfssl.vcxproj
@@ -148,7 +148,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -162,7 +162,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -183,7 +183,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -197,7 +197,7 @@
<ClCompile>
<Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
<PrecompiledHeader>
@@ -217,7 +217,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader />
@@ -230,7 +230,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -248,7 +248,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -262,7 +262,7 @@
<Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
- <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+ <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader>
@@ -299,6 +299,7 @@
<ClCompile Include="wolfcrypt\src\curve25519.c" />
<ClCompile Include="wolfcrypt\src\curve448.c" />
<ClCompile Include="wolfcrypt\src\cpuid.c" />
+ <ClCompile Include="wolfcrypt\src\cryptocb.c" />
<ClCompile Include="wolfcrypt\src\des3.c" />
<ClCompile Include="wolfcrypt\src\dh.c" />
<ClCompile Include="wolfcrypt\src\dsa.c" />
diff --git a/extra/wolfssl/wolfssl/wolfssl/certs_test.h b/extra/wolfssl/wolfssl/wolfssl/certs_test.h
index a7c23559..09ed4b12 100644
--- a/extra/wolfssl/wolfssl/wolfssl/certs_test.h
+++ b/extra/wolfssl/wolfssl/wolfssl/certs_test.h
@@ -100,9 +100,9 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024);
static const unsigned char client_cert_der_1024[] =
{
0x30, 0x82, 0x04, 0x18, 0x30, 0x82, 0x03, 0x81, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x41, 0x1F, 0xEC, 0xCF, 0x49,
- 0x20, 0x14, 0x81, 0xDC, 0xAB, 0x32, 0x02, 0x01, 0x6A, 0xCD,
- 0x18, 0xBD, 0xF5, 0xE3, 0x53, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x59, 0xF2, 0xEA, 0x44, 0x08,
+ 0xB5, 0x12, 0x30, 0xA0, 0x96, 0x93, 0xD1, 0xD1, 0x7F, 0xE1,
+ 0xEC, 0x49, 0x75, 0x9B, 0xA2, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -120,10 +120,10 @@ static const unsigned char client_cert_der_1024[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -180,8 +180,8 @@ static const unsigned char client_cert_der_1024[] =
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
- 0x41, 0x1F, 0xEC, 0xCF, 0x49, 0x20, 0x14, 0x81, 0xDC, 0xAB,
- 0x32, 0x02, 0x01, 0x6A, 0xCD, 0x18, 0xBD, 0xF5, 0xE3, 0x53,
+ 0x59, 0xF2, 0xEA, 0x44, 0x08, 0xB5, 0x12, 0x30, 0xA0, 0x96,
+ 0x93, 0xD1, 0xD1, 0x7F, 0xE1, 0xEC, 0x49, 0x75, 0x9B, 0xA2,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -191,20 +191,20 @@ static const unsigned char client_cert_der_1024[] =
0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
- 0x03, 0x81, 0x81, 0x00, 0x64, 0x0E, 0x1B, 0xA2, 0xB2, 0x39,
- 0xCC, 0xDF, 0x9C, 0x63, 0x48, 0x4B, 0x58, 0x2C, 0xE5, 0xAF,
- 0xE2, 0xBA, 0xD2, 0x74, 0x37, 0xF8, 0xA0, 0xC8, 0x2F, 0x62,
- 0x36, 0x84, 0x49, 0x55, 0xD6, 0x8D, 0x2B, 0x4D, 0x96, 0x4F,
- 0xB4, 0x2E, 0x83, 0xF9, 0x00, 0xE8, 0xCB, 0x7E, 0x04, 0xF1,
- 0x19, 0xF2, 0x00, 0x24, 0x0D, 0x2B, 0xBA, 0x30, 0x89, 0x7F,
- 0x8A, 0xE3, 0x64, 0xE2, 0xD5, 0x1B, 0x5A, 0x0A, 0x9D, 0x26,
- 0xDB, 0xE8, 0x6A, 0x60, 0xC2, 0x79, 0xAA, 0xAD, 0x8D, 0xF1,
- 0x1C, 0x2A, 0x33, 0xD4, 0x66, 0x42, 0x98, 0x7A, 0x94, 0xD4,
- 0xB7, 0x2D, 0x0B, 0xCB, 0xF5, 0xB5, 0x62, 0xAE, 0xE1, 0x88,
- 0x47, 0xAD, 0xEE, 0x8D, 0x32, 0xB5, 0x60, 0x1A, 0x5B, 0xA1,
- 0xD3, 0xA1, 0x58, 0xCC, 0x0C, 0x40, 0x30, 0x0D, 0x05, 0xCB,
- 0x4B, 0xD2, 0xE1, 0xD7, 0xCA, 0x63, 0xDE, 0xA8, 0x78, 0x56,
- 0x96, 0xE7
+ 0x03, 0x81, 0x81, 0x00, 0x45, 0x63, 0x6F, 0xF9, 0xED, 0xF4,
+ 0x12, 0x3C, 0x3C, 0xC5, 0x2C, 0x51, 0x08, 0x94, 0x61, 0x7E,
+ 0x08, 0xE8, 0x32, 0x46, 0x2B, 0x22, 0x02, 0xD0, 0xE8, 0x2B,
+ 0xA4, 0x23, 0x15, 0x48, 0x47, 0x87, 0x5D, 0x72, 0xAB, 0x38,
+ 0xD5, 0x34, 0xB9, 0xFC, 0xF4, 0x86, 0x93, 0x49, 0x95, 0xD8,
+ 0x81, 0x32, 0x1C, 0x21, 0xE3, 0xEF, 0xB8, 0x40, 0xC5, 0x87,
+ 0x02, 0xE8, 0x28, 0xAA, 0x54, 0x93, 0x2D, 0x8A, 0xE9, 0x1E,
+ 0xDD, 0x5D, 0x11, 0xF8, 0xBF, 0xCA, 0x4E, 0x33, 0x20, 0x56,
+ 0x4E, 0x6F, 0x53, 0xBB, 0x79, 0xB0, 0xDA, 0x65, 0xA1, 0x4B,
+ 0x9F, 0xC8, 0x55, 0xFA, 0x53, 0x26, 0x84, 0xC6, 0x1E, 0x0A,
+ 0x5E, 0x7A, 0x6E, 0xF2, 0x2D, 0x2A, 0x81, 0xA5, 0xD0, 0x2B,
+ 0xEC, 0xD5, 0x8E, 0xB9, 0xF0, 0xC7, 0x57, 0xD7, 0xD6, 0x14,
+ 0x1A, 0x3B, 0xDC, 0x09, 0x41, 0xB4, 0x9D, 0x0D, 0x72, 0x20,
+ 0x44, 0x79
};
static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024);
@@ -418,9 +418,9 @@ static const int sizeof_ca_key_der_1024 = sizeof(ca_key_der_1024);
static const unsigned char ca_cert_der_1024[] =
{
0x30, 0x82, 0x04, 0x09, 0x30, 0x82, 0x03, 0x72, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x0E, 0x75, 0x3B, 0x39, 0xAD,
- 0x1F, 0x53, 0xD1, 0x85, 0x3B, 0x05, 0x3B, 0x11, 0x62, 0x4F,
- 0xDC, 0x7B, 0x11, 0x72, 0x11, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x5C, 0x44, 0x2B, 0xBF, 0xD3,
+ 0xA8, 0x2A, 0xD8, 0xFD, 0x54, 0xC9, 0xCD, 0xAA, 0x7F, 0xF7,
+ 0xD4, 0x59, 0x07, 0xAA, 0xDD, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -438,9 +438,9 @@ static const unsigned char ca_cert_der_1024[] =
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10,
0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73,
0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D,
- 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31,
- 0x31, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81,
+ 0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30,
+ 0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x30, 0x81,
0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
@@ -496,9 +496,9 @@ static const unsigned char ca_cert_der_1024[] =
0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
- 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x0E, 0x75, 0x3B, 0x39, 0xAD,
- 0x1F, 0x53, 0xD1, 0x85, 0x3B, 0x05, 0x3B, 0x11, 0x62, 0x4F,
- 0xDC, 0x7B, 0x11, 0x72, 0x11, 0x30, 0x0C, 0x06, 0x03, 0x55,
+ 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x5C, 0x44, 0x2B, 0xBF, 0xD3,
+ 0xA8, 0x2A, 0xD8, 0xFD, 0x54, 0xC9, 0xCD, 0xAA, 0x7F, 0xF7,
+ 0xD4, 0x59, 0x07, 0xAA, 0xDD, 0x30, 0x0C, 0x06, 0x03, 0x55,
0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30,
0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13,
0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E,
@@ -507,20 +507,20 @@ static const unsigned char ca_cert_der_1024[] =
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
- 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0xB8,
- 0x80, 0xBF, 0xB2, 0xF5, 0x83, 0x95, 0x51, 0x81, 0x6A, 0x7E,
- 0x41, 0x87, 0x29, 0xD7, 0xC3, 0xC9, 0xC6, 0x9B, 0x60, 0xE4,
- 0x65, 0xA1, 0x04, 0x97, 0x1D, 0x1B, 0x3B, 0xE9, 0x27, 0xFA,
- 0x43, 0xD6, 0x89, 0x6A, 0x3C, 0x9E, 0xBF, 0x28, 0xD1, 0x75,
- 0x37, 0x21, 0xF3, 0x0D, 0x64, 0x17, 0xB2, 0xA3, 0x2D, 0x83,
- 0x52, 0xFF, 0x57, 0xF0, 0x42, 0xA9, 0x48, 0xAA, 0xD8, 0x84,
- 0xEA, 0x0D, 0x80, 0x05, 0x71, 0x0A, 0xAA, 0x23, 0xB4, 0x6C,
- 0xC6, 0xD6, 0x7F, 0x13, 0x4A, 0xF4, 0x82, 0xB9, 0xE2, 0x81,
- 0xAE, 0x46, 0x8C, 0x59, 0xFB, 0xC3, 0x8C, 0x6D, 0x5B, 0xF3,
- 0x32, 0xEC, 0x86, 0xF0, 0x6E, 0xDA, 0x2A, 0x78, 0xAB, 0xF2,
- 0x36, 0xFB, 0x48, 0xFA, 0x74, 0x09, 0x0E, 0x19, 0xC2, 0xBF,
- 0xEB, 0xCC, 0xFB, 0xA9, 0x05, 0xC1, 0xC9, 0xE1, 0xAB, 0x8B,
- 0x79, 0xF6, 0xF1, 0xAD, 0x4A, 0x9F, 0xAA
+ 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x70,
+ 0x7D, 0x83, 0x94, 0xD0, 0xEE, 0xE1, 0x19, 0x8B, 0x17, 0xCA,
+ 0x79, 0x87, 0x12, 0x5B, 0x7F, 0x70, 0xA3, 0x51, 0x20, 0x4F,
+ 0x21, 0x99, 0x71, 0x69, 0x21, 0x28, 0x55, 0x61, 0x70, 0x85,
+ 0x54, 0x21, 0xA9, 0x70, 0xA2, 0xA9, 0x12, 0xDB, 0x44, 0x11,
+ 0x44, 0xE7, 0x41, 0x00, 0x70, 0x80, 0xB5, 0x37, 0x0C, 0x7E,
+ 0x78, 0x8F, 0x88, 0x64, 0xBC, 0xE5, 0xC0, 0x44, 0xA7, 0xA5,
+ 0x3D, 0xDB, 0x62, 0xC4, 0xD6, 0xCD, 0xAA, 0x4B, 0xAC, 0xFB,
+ 0x01, 0x46, 0xBB, 0xEC, 0xCB, 0x6F, 0x01, 0x67, 0xB4, 0x65,
+ 0xF3, 0x5E, 0x53, 0x39, 0x64, 0x99, 0x9B, 0x68, 0x80, 0x14,
+ 0x91, 0xA4, 0xA4, 0xEB, 0x04, 0xF3, 0x76, 0x9A, 0x7D, 0xB4,
+ 0x38, 0x05, 0x9C, 0xA5, 0xE0, 0xBC, 0x7E, 0xD9, 0xD2, 0xD3,
+ 0xD4, 0xE8, 0xC3, 0x9F, 0x38, 0x4B, 0x6C, 0x29, 0x94, 0xBE,
+ 0x35, 0xBD, 0x30, 0x1F, 0xB5, 0xB7, 0x3D
};
static const int sizeof_ca_cert_der_1024 = sizeof(ca_cert_der_1024);
@@ -613,9 +613,9 @@ static const unsigned char server_cert_der_1024[] =
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17,
- 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31,
- 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39,
- 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30,
+ 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32, 0x32, 0x31,
+ 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39,
+ 0x30, 0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x30,
0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74,
@@ -671,9 +671,9 @@ static const unsigned char server_cert_der_1024[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x82, 0x14, 0x0E, 0x75, 0x3B, 0x39, 0xAD, 0x1F, 0x53, 0xD1,
- 0x85, 0x3B, 0x05, 0x3B, 0x11, 0x62, 0x4F, 0xDC, 0x7B, 0x11,
- 0x72, 0x11, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+ 0x82, 0x14, 0x5C, 0x44, 0x2B, 0xBF, 0xD3, 0xA8, 0x2A, 0xD8,
+ 0xFD, 0x54, 0xC9, 0xCD, 0xAA, 0x7F, 0xF7, 0xD4, 0x59, 0x07,
+ 0xAA, 0xDD, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -682,20 +682,20 @@ static const unsigned char server_cert_der_1024[] =
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06,
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
- 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0xC0, 0x94, 0x34, 0x0D,
- 0x41, 0xA3, 0x03, 0x17, 0x05, 0x08, 0xD9, 0x54, 0xD9, 0xA2,
- 0xF0, 0xE9, 0x22, 0x58, 0x25, 0x50, 0x10, 0x6D, 0xDA, 0x09,
- 0x2D, 0x7D, 0xFC, 0x0D, 0xC0, 0x13, 0x35, 0x0E, 0x96, 0x7F,
- 0x1E, 0x38, 0xA1, 0x11, 0x97, 0x42, 0xDF, 0x83, 0x07, 0x05,
- 0xCE, 0xD6, 0xDE, 0x90, 0x22, 0xAB, 0x0F, 0x6D, 0x56, 0x90,
- 0x02, 0x9A, 0xA5, 0xCF, 0x5A, 0x9B, 0x96, 0x66, 0x0F, 0x71,
- 0xED, 0xB2, 0x72, 0x7A, 0xE4, 0x9D, 0x61, 0x9F, 0x2A, 0x45,
- 0xB8, 0x51, 0xB9, 0xA6, 0xEE, 0xD6, 0x73, 0x2A, 0x03, 0xF4,
- 0x03, 0x32, 0x6E, 0x19, 0x6E, 0x70, 0x48, 0x6B, 0x72, 0x29,
- 0x30, 0x19, 0x87, 0x06, 0x30, 0xD6, 0x2F, 0x19, 0xF5, 0x39,
- 0x78, 0x2F, 0x2F, 0xC2, 0x49, 0x38, 0x5A, 0xD8, 0x38, 0x06,
- 0xF9, 0xFE, 0xBF, 0x45, 0xEA, 0x7B, 0xE6, 0x7B, 0xA6, 0x0B,
- 0xB5, 0xBA, 0x06, 0x80
+ 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x35, 0x2E, 0x7B, 0x57,
+ 0x7B, 0x64, 0x70, 0x53, 0xE0, 0x81, 0xED, 0xF4, 0xAC, 0xB3,
+ 0x3A, 0x3B, 0xBA, 0x82, 0x8D, 0xA2, 0x31, 0xD9, 0xD4, 0xAC,
+ 0xD1, 0x8A, 0x6D, 0x35, 0x41, 0x15, 0xB3, 0xE8, 0x06, 0x91,
+ 0xCA, 0x2A, 0xF7, 0xFF, 0x28, 0x0E, 0x3D, 0xCD, 0xE7, 0x28,
+ 0xF0, 0x07, 0xC0, 0x78, 0x62, 0x9E, 0x88, 0x3D, 0xDC, 0x98,
+ 0xF0, 0x8C, 0x89, 0xA7, 0x1C, 0x5B, 0x77, 0x37, 0xB2, 0x55,
+ 0x38, 0xB2, 0x60, 0x42, 0xE8, 0x02, 0x81, 0xBF, 0x7C, 0xC3,
+ 0x54, 0x86, 0x7E, 0xE4, 0x2F, 0x7D, 0x74, 0x74, 0x27, 0xF7,
+ 0x9A, 0xE2, 0x8D, 0xA9, 0x2F, 0x7C, 0x82, 0x31, 0x41, 0xF1,
+ 0xCB, 0x48, 0xA0, 0x05, 0x00, 0x26, 0x3D, 0xA4, 0x6B, 0x27,
+ 0x43, 0x4C, 0x3F, 0x6F, 0x2F, 0x41, 0x2E, 0xEE, 0xBA, 0x0D,
+ 0x8F, 0x39, 0x42, 0x0D, 0x2D, 0x76, 0x00, 0x12, 0x4C, 0xF9,
+ 0x49, 0x2D, 0x7F, 0xED
};
static const int sizeof_server_cert_der_1024 = sizeof(server_cert_der_1024);
@@ -869,9 +869,9 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048);
static const unsigned char client_cert_der_2048[] =
{
0x30, 0x82, 0x05, 0x1D, 0x30, 0x82, 0x04, 0x05, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03,
- 0x7D, 0x4C, 0x07, 0x84, 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90,
- 0xDC, 0x48, 0x8D, 0xEA, 0x53, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03,
+ 0x5A, 0xEC, 0x55, 0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6,
+ 0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -889,10 +889,10 @@ static const unsigned char client_cert_der_2048[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -962,9 +962,9 @@ static const unsigned char client_cert_der_2048[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x82, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03, 0x7D, 0x4C, 0x07,
- 0x84, 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90, 0xDC, 0x48, 0x8D,
- 0xEA, 0x53, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+ 0x82, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55,
+ 0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59,
+ 0xB8, 0xE8, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -973,33 +973,33 @@ static const unsigned char client_cert_der_2048[] =
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06,
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
- 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x36, 0xCB, 0xBC,
- 0xC5, 0x52, 0x9A, 0x66, 0xCD, 0x91, 0x4D, 0x8F, 0x27, 0x9F,
- 0xB3, 0x64, 0x80, 0x0E, 0x64, 0xB4, 0xCB, 0x1A, 0xCD, 0x75,
- 0x9E, 0x82, 0x7C, 0x55, 0x67, 0xD8, 0x9F, 0x90, 0xA3, 0x34,
- 0x96, 0x99, 0x43, 0xF7, 0x49, 0x53, 0xA2, 0x58, 0x85, 0xA0,
- 0xB3, 0x83, 0x4F, 0xAF, 0xB8, 0x15, 0x8A, 0x88, 0x1E, 0xF3,
- 0x60, 0xF4, 0x7C, 0x94, 0xB5, 0x58, 0x68, 0xF1, 0x2A, 0x13,
- 0x80, 0x34, 0xC2, 0x6F, 0xA5, 0xF8, 0x7E, 0x76, 0x16, 0x81,
- 0x4F, 0x36, 0x8B, 0xC3, 0x59, 0xBD, 0x51, 0xDD, 0x60, 0x87,
- 0xD7, 0x1D, 0x96, 0x44, 0x69, 0x07, 0x3C, 0x8F, 0x28, 0x56,
- 0xB1, 0x11, 0x5C, 0x4E, 0x81, 0x3F, 0x57, 0x25, 0xFD, 0x65,
- 0xDD, 0x07, 0xCF, 0x17, 0x0A, 0x01, 0x7E, 0x4E, 0x3F, 0x8E,
- 0x73, 0xDB, 0xFE, 0xF4, 0xF2, 0xC5, 0xFF, 0xA3, 0x76, 0xA8,
- 0x74, 0x46, 0x2E, 0x47, 0x0D, 0xB0, 0xED, 0x0A, 0xC0, 0xC5,
- 0x0A, 0x65, 0xD3, 0xDC, 0x62, 0xB2, 0xE0, 0x1E, 0x8E, 0xBD,
- 0xF3, 0xBD, 0xAF, 0xAF, 0x66, 0x84, 0x36, 0x92, 0xE2, 0x3B,
- 0x80, 0xD0, 0x57, 0xA6, 0x41, 0xA3, 0x62, 0xD1, 0xA6, 0x6D,
- 0x14, 0x6C, 0xCD, 0x82, 0xB1, 0xC1, 0xC1, 0x35, 0x55, 0xAE,
- 0x59, 0x49, 0xA8, 0x26, 0x52, 0xBD, 0xEF, 0x1B, 0x2C, 0x1F,
- 0x9D, 0x39, 0x04, 0xD2, 0x82, 0xA0, 0x6B, 0x39, 0x71, 0x59,
- 0x33, 0x82, 0xBA, 0x55, 0x6C, 0x97, 0xF2, 0x1B, 0x5B, 0xE0,
- 0x4D, 0xE2, 0xCF, 0x89, 0xE7, 0x26, 0xB8, 0x2C, 0x6C, 0x9F,
- 0x83, 0xD6, 0xED, 0x4E, 0x2F, 0x75, 0xA9, 0x30, 0x4E, 0x01,
- 0x95, 0x0D, 0x4F, 0x83, 0x5E, 0xC8, 0xAF, 0x7F, 0x67, 0xEA,
- 0x53, 0xBF, 0xCA, 0x9B, 0x1F, 0xD4, 0xFF, 0x36, 0x97, 0x02,
- 0x71, 0x8E, 0x33, 0xDE, 0xE2, 0x58, 0x27, 0xAA, 0x70, 0x0C,
- 0x5B, 0xDE, 0x0E
+ 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x89, 0x84, 0xEB,
+ 0x6A, 0x70, 0x3B, 0x2A, 0x6E, 0xA8, 0x8B, 0xF2, 0x92, 0x79,
+ 0x97, 0x5C, 0xBD, 0x98, 0x8B, 0x71, 0xDB, 0xDB, 0x7C, 0xDF,
+ 0xDB, 0xA4, 0x2C, 0x59, 0xD3, 0xA6, 0x75, 0x41, 0xC2, 0x06,
+ 0xB6, 0x17, 0x1E, 0x0C, 0x1F, 0x7D, 0x0B, 0x7F, 0x58, 0x3E,
+ 0xC1, 0xE7, 0x0C, 0xF0, 0x62, 0x92, 0x77, 0xAB, 0x99, 0x79,
+ 0x7B, 0x85, 0xF4, 0xD9, 0x6C, 0xD0, 0x0E, 0xE5, 0x8B, 0x13,
+ 0x35, 0x65, 0x9E, 0xD7, 0x9A, 0x51, 0x98, 0xE4, 0x49, 0x44,
+ 0x51, 0xC8, 0xE3, 0xE0, 0x9A, 0xFF, 0xC2, 0xCB, 0x3D, 0x81,
+ 0xEB, 0xEE, 0xF4, 0x1A, 0xD1, 0x96, 0x4B, 0xE9, 0x7D, 0xDE,
+ 0x5B, 0xF2, 0x64, 0x40, 0xAD, 0xE1, 0xD9, 0xD6, 0xB7, 0xE1,
+ 0xEB, 0xA9, 0x3A, 0x52, 0x29, 0x89, 0xAA, 0x07, 0x37, 0x96,
+ 0x44, 0xE3, 0x23, 0x49, 0xF3, 0xBE, 0xF3, 0x0D, 0x70, 0xD1,
+ 0xA2, 0xCE, 0x78, 0x86, 0x22, 0xFC, 0x76, 0x00, 0x84, 0x1D,
+ 0xFA, 0x8B, 0x8A, 0xD2, 0x43, 0x93, 0x88, 0xFA, 0xEE, 0x22,
+ 0xCC, 0xA6, 0x86, 0xF5, 0x3F, 0x24, 0xF1, 0xD4, 0x70, 0x05,
+ 0x4F, 0x3B, 0x18, 0x32, 0x50, 0x67, 0xC1, 0x80, 0x77, 0x0D,
+ 0x3C, 0x78, 0x75, 0x35, 0xD0, 0xFD, 0x60, 0xF3, 0xED, 0xA1,
+ 0x30, 0xD0, 0x62, 0x25, 0x99, 0x6B, 0x80, 0x56, 0x17, 0x3D,
+ 0xB4, 0xAF, 0x1D, 0xDF, 0xAB, 0x48, 0x21, 0xC1, 0xD2, 0x0B,
+ 0x6B, 0x94, 0xA7, 0x33, 0xD1, 0xD0, 0x82, 0xB7, 0x3B, 0x92,
+ 0xEB, 0x9D, 0xD6, 0x6C, 0x32, 0x81, 0x5E, 0x07, 0x3C, 0x46,
+ 0x34, 0x32, 0x7B, 0xEA, 0x22, 0xDB, 0xA6, 0xA3, 0x18, 0x69,
+ 0x7C, 0xAD, 0x17, 0xE4, 0xC8, 0xA9, 0x8F, 0xA8, 0xBA, 0x67,
+ 0xAF, 0x99, 0x39, 0xEF, 0x6E, 0x0C, 0xF8, 0xA9, 0xB3, 0xBD,
+ 0xAB, 0x71, 0x94, 0xE0, 0x41, 0xAA, 0xA4, 0x2D, 0x72, 0x60,
+ 0x51, 0xD1, 0x5C
};
static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048);
@@ -1098,6 +1098,107 @@ static const unsigned char dh_pub_key_der_2048[] =
};
static const int sizeof_dh_pub_key_der_2048 = sizeof(dh_pub_key_der_2048);
+/* ./certs/statickeys/dh-ffdhe2048.der, 2048-bit */
+static const unsigned char dh_ffdhe_statickey_der_2048[] =
+{
+ 0x30, 0x82, 0x01, 0x3F, 0x02, 0x01, 0x00, 0x30, 0x82, 0x01,
+ 0x17, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+ 0x03, 0x01, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01,
+ 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xAD,
+ 0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 0xAF, 0xDC, 0x56,
+ 0x20, 0x27, 0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 0xCE,
+ 0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33,
+ 0xFB, 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D,
+ 0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 0xF6, 0x81, 0xB2,
+ 0x02, 0xAE, 0xC4, 0x61, 0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5,
+ 0xFD, 0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E,
+ 0xD0, 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 0xB5,
+ 0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 0x0C,
+ 0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 0xA6, 0x89, 0xDA, 0xF3,
+ 0xEF, 0xE8, 0x72, 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7,
+ 0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 0xBC,
+ 0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9,
+ 0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 0xB7, 0x60,
+ 0xD7, 0xF4, 0x68, 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D,
+ 0xF4, 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 0x0B,
+ 0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 0x9E, 0x02, 0xFC,
+ 0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28,
+ 0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83,
+ 0xFF, 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3,
+ 0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 0xB5, 0xFC,
+ 0xBC, 0x2E, 0xC2, 0x20, 0x05, 0xC5, 0x8E, 0xF1, 0x83, 0x7D,
+ 0x16, 0x83, 0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF,
+ 0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x02, 0x01, 0x02,
+ 0x04, 0x1F, 0x02, 0x1D, 0x5C, 0xFB, 0x86, 0xF7, 0xFA, 0x51,
+ 0x02, 0x79, 0x71, 0x9E, 0xC0, 0x29, 0x98, 0x03, 0xCF, 0x3E,
+ 0x65, 0x46, 0xF6, 0x34, 0xB8, 0xB0, 0xC1, 0x55, 0x3A, 0xF7,
+ 0xC8, 0x43, 0xB8
+};
+static const int sizeof_dh_ffdhe_statickey_der_2048 = sizeof(dh_ffdhe_statickey_der_2048);
+
+/* ./certs/statickeys/dh-ffdhe2048-pub.der, 2048-bit */
+static const unsigned char dh_ffdhe_pub_statickey_der_2048[] =
+{
+ 0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17, 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x03, 0x01, 0x30,
+ 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xAD, 0xF8, 0x54, 0x58,
+ 0xA2, 0xBB, 0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D,
+ 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+ 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93,
+ 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 0x2F, 0xE3, 0x63,
+ 0x63, 0x0C, 0x75, 0xD8, 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4,
+ 0x61, 0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+ 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 0x85, 0x63,
+ 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13, 0x5E,
+ 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6,
+ 0x8B, 0x77, 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+ 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 0x30, 0xAC,
+ 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82,
+ 0xB3, 0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8,
+ 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+ 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE, 0x56,
+ 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 0x0B, 0x07, 0xA7, 0xC8,
+ 0xEE, 0x0A, 0x6D, 0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7,
+ 0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+ 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F,
+ 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, 0x3B, 0x1B,
+ 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2,
+ 0x20, 0x05, 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+ 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 0x88, 0x6B,
+ 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0x02, 0x01, 0x02, 0x03, 0x82, 0x01,
+ 0x05, 0x00, 0x02, 0x82, 0x01, 0x00, 0x4D, 0x3F, 0x4C, 0xE4,
+ 0x6C, 0x46, 0x71, 0xFF, 0x61, 0x02, 0x73, 0x0B, 0x65, 0x4F,
+ 0x46, 0xE7, 0x2E, 0x0F, 0x9E, 0x41, 0x04, 0x55, 0x41, 0x51,
+ 0x89, 0xA9, 0x5E, 0x84, 0xBC, 0x7A, 0x0A, 0x35, 0x34, 0x15,
+ 0xBE, 0xB1, 0xC3, 0x1E, 0xCD, 0xC7, 0x5A, 0x17, 0x98, 0x5F,
+ 0xFF, 0x96, 0x3D, 0x1B, 0x9B, 0xFA, 0xCC, 0x1F, 0x1E, 0xA7,
+ 0x22, 0x8B, 0x95, 0xEE, 0x2B, 0xD4, 0x74, 0xE2, 0x63, 0xE2,
+ 0xFD, 0x9C, 0xAA, 0x4F, 0xBE, 0x64, 0x69, 0x83, 0x31, 0x5E,
+ 0x90, 0x5C, 0x85, 0x5D, 0xB2, 0x99, 0xE0, 0x05, 0xB5, 0xF2,
+ 0xB6, 0x19, 0xCD, 0x06, 0xCD, 0xA8, 0xB3, 0x59, 0x8D, 0x87,
+ 0x84, 0x7F, 0x8F, 0x09, 0xEE, 0xBD, 0x61, 0x6F, 0xC5, 0xCD,
+ 0xB8, 0x9C, 0xA7, 0x15, 0x97, 0xD0, 0x44, 0x2E, 0x2D, 0x2E,
+ 0x32, 0x20, 0xC5, 0x3B, 0xDF, 0x50, 0x6F, 0x8D, 0x17, 0xB8,
+ 0x84, 0xA3, 0x67, 0x24, 0x7E, 0xA3, 0xEC, 0x8C, 0x08, 0x78,
+ 0x6C, 0x25, 0x88, 0x02, 0xD3, 0xA0, 0x68, 0xCE, 0x1A, 0x25,
+ 0x46, 0x2E, 0x9B, 0x4C, 0x82, 0xF4, 0xEB, 0xB3, 0xC9, 0x1D,
+ 0x17, 0x0C, 0x92, 0x94, 0x54, 0x0F, 0xB5, 0xDF, 0x3F, 0x71,
+ 0x45, 0x33, 0x97, 0x4D, 0x87, 0x1A, 0x4B, 0x40, 0x0A, 0x71,
+ 0xB4, 0x19, 0xBE, 0x33, 0xBD, 0xCF, 0xF3, 0x15, 0x63, 0x06,
+ 0x37, 0x5C, 0xA1, 0x9D, 0xC0, 0xE7, 0xA7, 0x8B, 0xD3, 0xA2,
+ 0x6B, 0x3F, 0xF1, 0x42, 0xC8, 0x36, 0x6B, 0x0A, 0x43, 0x8B,
+ 0xE9, 0xD0, 0x8C, 0xCD, 0x0F, 0x31, 0xCD, 0x22, 0xE7, 0x39,
+ 0xC8, 0x8D, 0xEB, 0x5D, 0x91, 0x8B, 0x06, 0x6E, 0x1F, 0x07,
+ 0xDB, 0xAB, 0x2B, 0x4F, 0x85, 0xF8, 0xBB, 0x55, 0xE3, 0xBD,
+ 0x70, 0x51, 0x5C, 0x73, 0x66, 0x5D, 0xD1, 0xB6, 0xF8, 0x44,
+ 0x10, 0xE0, 0xF2, 0x09, 0x1C, 0x6D, 0x02, 0x5D, 0xFC, 0x7A,
+ 0x08, 0x82
+};
+static const int sizeof_dh_ffdhe_pub_statickey_der_2048 = sizeof(dh_ffdhe_pub_statickey_der_2048);
+
/* ./certs/dsa-pubkey-2048.der, 2048-bit */
static const unsigned char dsa_pub_key_der_2048[] =
{
@@ -1535,9 +1636,9 @@ static const int sizeof_ca_key_der_2048 = sizeof(ca_key_der_2048);
static const unsigned char ca_cert_der_2048[] =
{
0x30, 0x82, 0x04, 0xFF, 0x30, 0x82, 0x03, 0xE7, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x2C, 0x80, 0xCE, 0xDB, 0x47,
- 0x9D, 0x07, 0x66, 0x92, 0x3D, 0x68, 0xD7, 0xCA, 0xAC, 0x90,
- 0x4F, 0xCA, 0x69, 0x41, 0x4B, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x33, 0x44, 0x1A, 0xA8, 0x6C,
+ 0x01, 0xEC, 0xF6, 0x60, 0xF2, 0x70, 0x51, 0x0A, 0x4C, 0xD1,
+ 0x14, 0xFA, 0xBC, 0xE9, 0x44, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -1554,10 +1655,10 @@ static const unsigned char ca_cert_der_2048[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -1625,9 +1726,9 @@ static const unsigned char ca_cert_der_2048[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x82, 0x14, 0x2C, 0x80, 0xCE, 0xDB, 0x47, 0x9D, 0x07, 0x66,
- 0x92, 0x3D, 0x68, 0xD7, 0xCA, 0xAC, 0x90, 0x4F, 0xCA, 0x69,
- 0x41, 0x4B, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+ 0x82, 0x14, 0x33, 0x44, 0x1A, 0xA8, 0x6C, 0x01, 0xEC, 0xF6,
+ 0x60, 0xF2, 0x70, 0x51, 0x0A, 0x4C, 0xD1, 0x14, 0xFA, 0xBC,
+ 0xE9, 0x44, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -1636,33 +1737,33 @@ static const unsigned char ca_cert_der_2048[] =
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06,
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
- 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xAE, 0xB0, 0xA4,
- 0x35, 0x8E, 0x8A, 0x1B, 0xA6, 0xEB, 0xB3, 0xA2, 0x57, 0xCF,
- 0x3A, 0x1F, 0xDC, 0x6E, 0xBC, 0xD2, 0xD0, 0xA6, 0x4A, 0x8F,
- 0x88, 0x0A, 0x6E, 0x74, 0xD5, 0xD1, 0x7C, 0xD1, 0x44, 0xB1,
- 0xD4, 0x3B, 0x17, 0x03, 0x09, 0x5A, 0x46, 0xED, 0x08, 0x08,
- 0xCF, 0xF1, 0xFD, 0x20, 0x07, 0x67, 0xC0, 0x97, 0xEC, 0x35,
- 0xF3, 0x75, 0xCA, 0x20, 0x61, 0x98, 0x3E, 0xF5, 0x4D, 0xBE,
- 0xE6, 0x9D, 0x75, 0x1E, 0xE4, 0x03, 0xAD, 0x8C, 0xA6, 0x1E,
- 0x3D, 0xEC, 0xE4, 0x1A, 0x92, 0x5B, 0xF9, 0xA3, 0xAD, 0x83,
- 0xCA, 0x4F, 0xCD, 0xAA, 0x38, 0xBB, 0x6E, 0xAE, 0xAD, 0xFA,
- 0xA7, 0x46, 0xF1, 0x8B, 0x73, 0xEC, 0x09, 0x23, 0xBC, 0xF2,
- 0x18, 0xE5, 0xB7, 0x92, 0x86, 0x3E, 0xA4, 0x75, 0x60, 0xC7,
- 0x3D, 0x0F, 0x3F, 0x83, 0x00, 0xC3, 0x06, 0x08, 0x9C, 0xD1,
- 0x54, 0xD6, 0xBA, 0x6D, 0x95, 0x3D, 0x34, 0xA1, 0xBE, 0x24,
- 0x91, 0xCC, 0x20, 0x03, 0x11, 0x5B, 0x72, 0x1C, 0xD4, 0x65,
- 0xD0, 0x11, 0x88, 0x75, 0x26, 0x04, 0x26, 0xEF, 0x66, 0x70,
- 0xE6, 0x3B, 0x38, 0x87, 0x9C, 0x53, 0x71, 0x1B, 0x09, 0x51,
- 0x70, 0x50, 0x99, 0x4C, 0x31, 0x0C, 0x62, 0x44, 0x57, 0x30,
- 0x60, 0x04, 0xFC, 0x12, 0x2C, 0xA3, 0x24, 0xB4, 0xF7, 0x11,
- 0xD5, 0x0E, 0xB5, 0x21, 0x0B, 0xED, 0x86, 0x11, 0x67, 0x4D,
- 0x36, 0xFA, 0x57, 0xA0, 0x59, 0x55, 0x21, 0xB3, 0x6D, 0xE4,
- 0x77, 0x5E, 0xEC, 0x7E, 0xF0, 0x09, 0x13, 0x8E, 0x99, 0x98,
- 0xB2, 0xE1, 0x82, 0xB6, 0x4B, 0x3E, 0x0F, 0x41, 0xA6, 0x0C,
- 0xCD, 0x49, 0x99, 0x7E, 0xE4, 0x8A, 0xCB, 0x37, 0xED, 0x53,
- 0xCF, 0x86, 0x5D, 0xA9, 0x26, 0xA8, 0xE5, 0x01, 0x25, 0x5A,
- 0xB4, 0xBC, 0x25, 0x35, 0xF1, 0xFA, 0x5A, 0x5C, 0xCE, 0xD4,
- 0xB8, 0x9A, 0x2C
+ 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2D, 0xFC, 0xF9,
+ 0x32, 0x5A, 0xBE, 0xD6, 0x9D, 0x42, 0x8B, 0x86, 0x4E, 0x67,
+ 0x22, 0xC3, 0x50, 0x2D, 0xCB, 0x14, 0x27, 0x1D, 0x94, 0xF3,
+ 0xCD, 0x88, 0x42, 0xDA, 0x41, 0x1C, 0x39, 0x24, 0x67, 0xA7,
+ 0x92, 0x4D, 0x27, 0xEA, 0x56, 0x82, 0x19, 0xBF, 0x11, 0xB2,
+ 0x43, 0xA4, 0x8D, 0x5D, 0x87, 0xB2, 0x27, 0x64, 0x66, 0x82,
+ 0x81, 0xDF, 0xC4, 0xFD, 0x5B, 0x62, 0xB0, 0xC2, 0x4D, 0x9D,
+ 0x29, 0xF2, 0x41, 0x32, 0xCC, 0x2E, 0xB5, 0xDA, 0x38, 0x06,
+ 0x1B, 0xE8, 0x7F, 0x8C, 0x6E, 0x3D, 0x80, 0x1E, 0x00, 0x56,
+ 0x49, 0xBF, 0x39, 0xE0, 0xDA, 0x68, 0x2F, 0xC4, 0xFD, 0x00,
+ 0xE6, 0xD1, 0x81, 0x1A, 0xD1, 0x4A, 0xBB, 0x76, 0x52, 0xCE,
+ 0x4D, 0x24, 0x9D, 0xC4, 0xA3, 0xA7, 0xF1, 0x65, 0x14, 0x2F,
+ 0x1F, 0xA8, 0x2D, 0xC6, 0xCB, 0xCE, 0xB1, 0xA7, 0x89, 0x74,
+ 0x26, 0x27, 0xC3, 0xF3, 0xA3, 0x84, 0x4C, 0x34, 0x01, 0x14,
+ 0x03, 0x7D, 0x16, 0x3A, 0xC8, 0x8B, 0x25, 0x2E, 0x7B, 0x90,
+ 0xCC, 0x46, 0xB1, 0x52, 0x34, 0xBA, 0x93, 0x6E, 0xEF, 0xFE,
+ 0x43, 0xA3, 0xAD, 0xC6, 0x6F, 0x51, 0xFB, 0xBA, 0xEA, 0x38,
+ 0xE3, 0x6F, 0xD6, 0xEE, 0x63, 0x62, 0x36, 0xEA, 0x5E, 0x08,
+ 0xB4, 0xE2, 0x2A, 0x46, 0x89, 0xE3, 0xAE, 0xB3, 0xB4, 0x06,
+ 0xEF, 0x63, 0x7A, 0x6E, 0x5D, 0xDD, 0xC9, 0xEC, 0x02, 0x4F,
+ 0xF7, 0x64, 0xC0, 0x27, 0x07, 0xB4, 0x6F, 0x4A, 0x18, 0x72,
+ 0x5B, 0x34, 0x74, 0x7C, 0xD0, 0xA9, 0x04, 0x8F, 0x40, 0x8B,
+ 0x6A, 0x39, 0xD2, 0x6B, 0x1A, 0x01, 0xF2, 0x01, 0xA8, 0x81,
+ 0x34, 0x3A, 0xE5, 0xB0, 0x55, 0xD1, 0x3C, 0x95, 0xCA, 0xB0,
+ 0x82, 0xD6, 0xED, 0x98, 0x28, 0x15, 0x59, 0x7E, 0x95, 0xA7,
+ 0x69, 0xC7, 0xB5, 0x7B, 0xEC, 0x01, 0xA7, 0x4D, 0xE6, 0xB9,
+ 0xA2, 0xFE, 0x35
};
static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
@@ -1670,9 +1771,9 @@ static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
static const unsigned char ca_cert_chain_der[] =
{
0x30, 0x82, 0x03, 0xFA, 0x30, 0x82, 0x03, 0x63, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x5C, 0x79, 0xE0, 0x7D, 0x3D,
- 0xBC, 0xB0, 0xFE, 0x85, 0xCF, 0xA0, 0x28, 0xE9, 0xF6, 0x27,
- 0xDD, 0x0C, 0xBF, 0xA3, 0x36, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x5D, 0x82, 0xE6, 0x32, 0x61,
+ 0xE7, 0x3B, 0x5E, 0x77, 0x3D, 0xDA, 0xA6, 0xF3, 0xFC, 0x54,
+ 0xB5, 0x04, 0xD4, 0x10, 0x4E, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -1689,10 +1790,10 @@ static const unsigned char ca_cert_chain_der[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -1747,8 +1848,8 @@ static const unsigned char ca_cert_chain_der[] =
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
- 0x5C, 0x79, 0xE0, 0x7D, 0x3D, 0xBC, 0xB0, 0xFE, 0x85, 0xCF,
- 0xA0, 0x28, 0xE9, 0xF6, 0x27, 0xDD, 0x0C, 0xBF, 0xA3, 0x36,
+ 0x5D, 0x82, 0xE6, 0x32, 0x61, 0xE7, 0x3B, 0x5E, 0x77, 0x3D,
+ 0xDA, 0xA6, 0xF3, 0xFC, 0x54, 0xB5, 0x04, 0xD4, 0x10, 0x4E,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -1758,20 +1859,20 @@ static const unsigned char ca_cert_chain_der[] =
0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
- 0x03, 0x81, 0x81, 0x00, 0x84, 0x96, 0x5D, 0x69, 0x2C, 0xEF,
- 0x4C, 0x96, 0xD6, 0x90, 0xB8, 0xE5, 0x98, 0x2F, 0x35, 0x84,
- 0xE3, 0x05, 0x83, 0xE2, 0x69, 0xA3, 0xBF, 0x39, 0xF8, 0xD3,
- 0x2A, 0xB5, 0x50, 0x16, 0xCB, 0xD6, 0x02, 0x5B, 0x1B, 0x9B,
- 0x7F, 0x84, 0x87, 0xB0, 0x71, 0xC3, 0xC5, 0xC6, 0xDF, 0xBF,
- 0xAE, 0xC5, 0x19, 0x18, 0x23, 0x5E, 0x71, 0x52, 0xED, 0x00,
- 0xC5, 0x75, 0x22, 0xDA, 0x46, 0x3A, 0x80, 0x7C, 0xF9, 0x63,
- 0xE7, 0x15, 0x6D, 0xD5, 0x0B, 0x1C, 0x0A, 0x9C, 0xCC, 0x23,
- 0xEC, 0x51, 0xAE, 0x2B, 0xB5, 0x47, 0x02, 0x42, 0xF4, 0x8E,
- 0x06, 0x89, 0xE9, 0x71, 0x52, 0x16, 0x04, 0x0C, 0xBC, 0xC8,
- 0x05, 0x2A, 0xE5, 0xAC, 0xE8, 0x0F, 0xC8, 0xCD, 0x22, 0x02,
- 0x7E, 0x7A, 0x63, 0x55, 0x10, 0x0B, 0x8C, 0xB9, 0x02, 0x9B,
- 0x17, 0x62, 0xA7, 0x84, 0x26, 0x24, 0xDB, 0xEF, 0x34, 0x1E,
- 0xF9, 0x0D
+ 0x03, 0x81, 0x81, 0x00, 0x23, 0x19, 0xF7, 0x04, 0xB7, 0x99,
+ 0x84, 0x86, 0xCE, 0x45, 0x9E, 0xA4, 0x55, 0x2D, 0x14, 0xAC,
+ 0xC5, 0x1C, 0x2D, 0x2F, 0x8D, 0xD3, 0x14, 0x81, 0x91, 0x27,
+ 0x1C, 0x0C, 0x3C, 0x44, 0x14, 0x8B, 0x99, 0x46, 0xF2, 0x43,
+ 0xB3, 0x51, 0x33, 0x1B, 0xFA, 0x77, 0x95, 0x07, 0x5C, 0xE4,
+ 0x3C, 0x11, 0x17, 0x55, 0x57, 0xBF, 0x9D, 0xF4, 0xB5, 0xD4,
+ 0xAD, 0x7C, 0xB1, 0x82, 0x62, 0x77, 0xC8, 0xAA, 0x02, 0xEE,
+ 0x73, 0xEE, 0x77, 0x67, 0xD5, 0xB5, 0x58, 0xD7, 0x19, 0x6F,
+ 0x0F, 0xFD, 0x8B, 0xFC, 0xD4, 0x32, 0xFF, 0x86, 0x48, 0xF8,
+ 0x49, 0x5B, 0xD8, 0xF1, 0xFB, 0x36, 0x28, 0x27, 0xC1, 0x7D,
+ 0xDD, 0x0F, 0xFF, 0x7F, 0x95, 0x16, 0x5B, 0x85, 0xCA, 0x3E,
+ 0x9B, 0xDC, 0x78, 0xB7, 0x6B, 0xB1, 0xF1, 0x75, 0xFA, 0x61,
+ 0xDA, 0xCE, 0x8A, 0x4E, 0x5F, 0x90, 0x7C, 0x38, 0x9E, 0x31,
+ 0x00, 0x66
};
static const int sizeof_ca_cert_chain_der = sizeof(ca_cert_chain_der);
@@ -1922,10 +2023,10 @@ static const unsigned char server_cert_der_2048[] =
0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
- 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32,
- 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17,
- 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31,
- 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
+ 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32,
+ 0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17,
+ 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31,
+ 0x39, 0x32, 0x38, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
@@ -1992,9 +2093,9 @@ static const unsigned char server_cert_der_2048[] =
0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
- 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2C,
- 0x80, 0xCE, 0xDB, 0x47, 0x9D, 0x07, 0x66, 0x92, 0x3D, 0x68,
- 0xD7, 0xCA, 0xAC, 0x90, 0x4F, 0xCA, 0x69, 0x41, 0x4B, 0x30,
+ 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x33,
+ 0x44, 0x1A, 0xA8, 0x6C, 0x01, 0xEC, 0xF6, 0x60, 0xF2, 0x70,
+ 0x51, 0x0A, 0x4C, 0xD1, 0x14, 0xFA, 0xBC, 0xE9, 0x44, 0x30,
0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03,
0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11,
0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D,
@@ -2004,32 +2105,32 @@ static const unsigned char server_cert_der_2048[] =
0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
- 0x82, 0x01, 0x01, 0x00, 0xB9, 0x10, 0xF0, 0xBE, 0xFE, 0xC8,
- 0x67, 0x5E, 0x7D, 0x0F, 0x36, 0x33, 0xC7, 0x17, 0x2A, 0x01,
- 0xC4, 0xBB, 0x74, 0x83, 0x4C, 0xBC, 0xBB, 0xE2, 0xBA, 0x92,
- 0x82, 0x3A, 0xD9, 0x2D, 0x8C, 0x0E, 0xE3, 0x75, 0x1B, 0xC0,
- 0x14, 0xAA, 0x40, 0x1E, 0xA8, 0x11, 0x7D, 0x94, 0x9C, 0x3D,
- 0x74, 0x7A, 0x3B, 0x16, 0x7B, 0xD8, 0x9D, 0xF0, 0xE8, 0x7D,
- 0x1D, 0xFA, 0x3B, 0x14, 0x42, 0x20, 0xE3, 0x05, 0xA3, 0xFD,
- 0xB1, 0x0C, 0xF1, 0x2A, 0xC4, 0x00, 0x50, 0x8D, 0x1E, 0x97,
- 0x93, 0x6A, 0xDE, 0x82, 0x13, 0x24, 0x9E, 0x2B, 0xFA, 0x08,
- 0x85, 0xE3, 0x4F, 0x40, 0xFD, 0x63, 0xC7, 0x3D, 0xE9, 0xBD,
- 0x6F, 0x7C, 0x03, 0x98, 0x85, 0xFE, 0xB4, 0x51, 0x5D, 0x7F,
- 0x8C, 0x83, 0xB3, 0xAD, 0x4A, 0x88, 0xE9, 0xF3, 0x4C, 0x33,
- 0x84, 0x77, 0xD3, 0x02, 0x35, 0x59, 0xE3, 0x4E, 0x64, 0xA1,
- 0xB7, 0xBB, 0xFB, 0xF8, 0xFB, 0x14, 0x2A, 0xAE, 0x36, 0xBF,
- 0xD9, 0x82, 0xE7, 0xCB, 0x98, 0x48, 0x16, 0xC8, 0x81, 0xD6,
- 0xA0, 0xF1, 0x74, 0x14, 0xE3, 0x74, 0x4A, 0x72, 0x4A, 0xF1,
- 0x6F, 0xDD, 0xBE, 0x86, 0x1E, 0x20, 0xF3, 0x05, 0x16, 0x83,
- 0x1F, 0xAA, 0x7C, 0x59, 0x35, 0x97, 0x24, 0xB8, 0x27, 0xB7,
- 0x56, 0x9F, 0x30, 0x2E, 0x90, 0xE0, 0x19, 0xE0, 0x21, 0xCA,
- 0x9D, 0x3F, 0xDA, 0x99, 0x07, 0x94, 0x79, 0x49, 0x53, 0x14,
- 0x5C, 0xA2, 0x2C, 0x56, 0x5B, 0xB2, 0x55, 0x68, 0x5C, 0x1F,
- 0x91, 0x58, 0x9A, 0xCD, 0x53, 0xB5, 0xEA, 0x63, 0x5A, 0x72,
- 0x49, 0x41, 0xCC, 0x76, 0x9F, 0x88, 0x35, 0x86, 0x0D, 0x60,
- 0x5D, 0xE5, 0x91, 0xBD, 0xAC, 0x6F, 0xCF, 0xD5, 0x92, 0x27,
- 0x72, 0x4A, 0x21, 0xF4, 0x58, 0x98, 0x8E, 0x3B, 0xD2, 0x29,
- 0xE6, 0xEE, 0xFA, 0xE6, 0xB0, 0x6C, 0x8B, 0x1E, 0xE0, 0x54
+ 0x82, 0x01, 0x01, 0x00, 0x4A, 0xFF, 0xB9, 0xE5, 0x85, 0x9B,
+ 0xDA, 0x53, 0x66, 0x7F, 0x07, 0x22, 0xBF, 0xB6, 0x19, 0xEA,
+ 0x42, 0xEB, 0xA4, 0x11, 0x07, 0x62, 0xFF, 0x39, 0x5F, 0x33,
+ 0x37, 0x3A, 0x87, 0x26, 0x71, 0x3D, 0x13, 0xB2, 0xCA, 0xB8,
+ 0x64, 0x38, 0x7B, 0x8A, 0x99, 0x48, 0x0E, 0xA5, 0xA4, 0x6B,
+ 0xB1, 0x99, 0x6E, 0xE0, 0x46, 0x51, 0xBD, 0x19, 0x52, 0xAD,
+ 0xBC, 0xA6, 0x7E, 0x2A, 0x7A, 0x7C, 0x23, 0xA7, 0xCC, 0xDB,
+ 0x5E, 0x43, 0x7D, 0x6B, 0x04, 0xC8, 0xB7, 0xDD, 0x95, 0xAD,
+ 0xF0, 0x91, 0x80, 0x59, 0xC5, 0x19, 0x91, 0x26, 0x27, 0x91,
+ 0xB8, 0x48, 0x1C, 0xEB, 0x55, 0xB6, 0xAA, 0x7D, 0xA4, 0x38,
+ 0xF1, 0x03, 0xBC, 0x6C, 0x8B, 0xAA, 0x94, 0xD6, 0x3C, 0x05,
+ 0x7A, 0x96, 0xC5, 0x06, 0xF1, 0x26, 0x14, 0x2E, 0x75, 0xFB,
+ 0xDD, 0xE5, 0x35, 0xB3, 0x01, 0x2C, 0xB3, 0xAD, 0x62, 0x5A,
+ 0x21, 0x9A, 0x08, 0xBE, 0x56, 0xFC, 0xF9, 0xA2, 0x42, 0x87,
+ 0x86, 0xE5, 0xA9, 0xC5, 0x99, 0xCF, 0xAE, 0x14, 0xBE, 0xE0,
+ 0xB9, 0x08, 0x24, 0x0D, 0x1D, 0x5C, 0xD6, 0x14, 0xE1, 0x4C,
+ 0x9F, 0x40, 0xB3, 0xA9, 0xE9, 0x2D, 0x52, 0x8B, 0x4C, 0xBF,
+ 0xAC, 0x44, 0x31, 0x67, 0xC1, 0x8D, 0x06, 0x85, 0xEC, 0x0F,
+ 0xE4, 0x99, 0xD7, 0x4B, 0x7B, 0x21, 0x06, 0x66, 0xD4, 0xE4,
+ 0xF5, 0x9D, 0xFF, 0x8E, 0xF0, 0x86, 0x39, 0x58, 0x1D, 0xA4,
+ 0x5B, 0xE2, 0x63, 0xEF, 0x7C, 0xC9, 0x18, 0x87, 0xA8, 0x02,
+ 0x25, 0x10, 0x3E, 0x87, 0x28, 0xF9, 0xF5, 0xEF, 0x47, 0x9E,
+ 0xA5, 0x80, 0x08, 0x11, 0x90, 0x68, 0xFE, 0xD1, 0xA3, 0xA8,
+ 0x51, 0xB9, 0x37, 0xFF, 0xD5, 0xCA, 0x7C, 0x87, 0x7F, 0x6B,
+ 0xBC, 0x2C, 0x12, 0xC8, 0xC5, 0x85, 0x8B, 0xFC, 0x0C, 0xC6,
+ 0xB9, 0x86, 0xB8, 0xC9, 0x04, 0xC3, 0x51, 0x37, 0xD2, 0x4F
};
static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048);
@@ -2634,9 +2735,9 @@ static const int sizeof_client_keypub_der_3072 = sizeof(client_keypub_der_3072);
static const unsigned char client_cert_der_3072[] =
{
0x30, 0x82, 0x06, 0x1D, 0x30, 0x82, 0x04, 0x85, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x03, 0x33, 0x56, 0x6E, 0x5F,
- 0xE0, 0x69, 0x69, 0x99, 0x6B, 0xEB, 0xD0, 0xEB, 0x47, 0xCF,
- 0xF2, 0x05, 0x3F, 0x98, 0x15, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x0B, 0x5C, 0x9F, 0x12, 0x25,
+ 0x90, 0xAA, 0x52, 0xC0, 0xDF, 0xE1, 0xE1, 0x1F, 0xED, 0xA9,
+ 0x31, 0x01, 0x0A, 0x09, 0x8B, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -2654,10 +2755,10 @@ static const unsigned char client_cert_der_3072[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -2740,8 +2841,8 @@ static const unsigned char client_cert_der_3072[] =
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
- 0x03, 0x33, 0x56, 0x6E, 0x5F, 0xE0, 0x69, 0x69, 0x99, 0x6B,
- 0xEB, 0xD0, 0xEB, 0x47, 0xCF, 0xF2, 0x05, 0x3F, 0x98, 0x15,
+ 0x0B, 0x5C, 0x9F, 0x12, 0x25, 0x90, 0xAA, 0x52, 0xC0, 0xDF,
+ 0xE1, 0xE1, 0x1F, 0xED, 0xA9, 0x31, 0x01, 0x0A, 0x09, 0x8B,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -2751,45 +2852,45 @@ static const unsigned char client_cert_der_3072[] =
0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
- 0x03, 0x82, 0x01, 0x81, 0x00, 0x90, 0xE4, 0x43, 0x8E, 0xBE,
- 0x9D, 0xDE, 0x45, 0x4E, 0xDF, 0xDF, 0x8D, 0xE7, 0x7C, 0x2D,
- 0x1B, 0xA9, 0x1A, 0xEF, 0x90, 0x15, 0xFB, 0xD3, 0xA9, 0x99,
- 0xA8, 0x5B, 0xD7, 0xF9, 0xB8, 0x95, 0x19, 0xFE, 0xE0, 0x00,
- 0x09, 0xC1, 0xE3, 0xE8, 0x27, 0x82, 0x11, 0x7C, 0x39, 0x23,
- 0x92, 0x38, 0x45, 0x86, 0x6D, 0x77, 0xC2, 0x83, 0x8C, 0x1A,
- 0x0F, 0x4B, 0xC5, 0x94, 0x0D, 0xE9, 0x17, 0x28, 0x8C, 0xCF,
- 0x8F, 0x6D, 0xE9, 0x43, 0x82, 0x0F, 0x31, 0x67, 0xBB, 0xD5,
- 0xD7, 0x3F, 0x0B, 0xCE, 0xCE, 0x22, 0xF4, 0xA8, 0x5B, 0x84,
- 0x8D, 0xFD, 0xD2, 0xCB, 0xD6, 0xDC, 0xEE, 0x31, 0xF3, 0xE7,
- 0x26, 0xB7, 0x58, 0x6A, 0xC5, 0x9E, 0xFF, 0x89, 0x5F, 0xF6,
- 0x70, 0xFB, 0x6B, 0x02, 0xBA, 0x79, 0x6A, 0x9A, 0x12, 0x1B,
- 0x82, 0x94, 0x1B, 0x02, 0x22, 0x30, 0x7D, 0x74, 0x44, 0x46,
- 0x25, 0x85, 0xA1, 0xA8, 0x7D, 0xA0, 0xAB, 0xC3, 0xA7, 0x9E,
- 0x08, 0xA3, 0xD7, 0x5C, 0x42, 0xA2, 0xAF, 0x96, 0x42, 0x9C,
- 0x76, 0x9B, 0x8D, 0xEC, 0x08, 0x68, 0x71, 0x95, 0x92, 0xA5,
- 0xB9, 0xAA, 0x12, 0xF9, 0xC5, 0x62, 0xAC, 0x8E, 0x4F, 0xDF,
- 0xCC, 0xB7, 0x53, 0xE3, 0xC4, 0x70, 0x74, 0x9B, 0x38, 0xD2,
- 0xE9, 0xDA, 0x3F, 0xEF, 0xC4, 0x55, 0x01, 0x9A, 0xB9, 0x3E,
- 0xC4, 0x33, 0xE7, 0x33, 0xDB, 0x0F, 0xBA, 0x55, 0x84, 0x0F,
- 0x3C, 0x4C, 0xA5, 0x85, 0xEC, 0x5A, 0xF2, 0x98, 0x75, 0xE0,
- 0xEB, 0x47, 0xB8, 0x4B, 0xD3, 0x85, 0x63, 0xDC, 0xB0, 0x29,
- 0x85, 0x51, 0x62, 0xBF, 0x6A, 0x61, 0x9B, 0x40, 0x01, 0x66,
- 0x0D, 0x72, 0x42, 0xBD, 0x4F, 0xE0, 0xC6, 0x31, 0xA6, 0x06,
- 0xDF, 0xC1, 0xE9, 0x8A, 0xA0, 0x57, 0xC7, 0x4D, 0x4F, 0xE7,
- 0xC0, 0x45, 0x7F, 0x7F, 0xA7, 0x53, 0xCA, 0x90, 0x1D, 0x70,
- 0xA8, 0x46, 0x95, 0x99, 0xEF, 0x19, 0xEE, 0xE2, 0x45, 0x35,
- 0x1A, 0xDC, 0x0D, 0xCB, 0xC3, 0xB0, 0xD5, 0x88, 0x8B, 0xB9,
- 0x9F, 0xB5, 0xEA, 0xC1, 0xFE, 0x5E, 0x7A, 0xC1, 0x83, 0xC8,
- 0x74, 0xF5, 0x1A, 0x29, 0x52, 0x38, 0x5D, 0x14, 0xEA, 0x17,
- 0x2D, 0x39, 0xF6, 0x19, 0x16, 0xC4, 0x91, 0xB0, 0xE7, 0x18,
- 0x36, 0x56, 0xA0, 0x64, 0x75, 0x8D, 0x66, 0x57, 0x48, 0x1B,
- 0x38, 0xF2, 0xA0, 0x01, 0xB1, 0x44, 0x32, 0x34, 0xA5, 0x0E,
- 0xBC, 0x28, 0x46, 0x77, 0xED, 0x65, 0xC1, 0x75, 0x34, 0xF8,
- 0x06, 0x12, 0x45, 0x1A, 0x70, 0x78, 0x81, 0xD1, 0x55, 0x27,
- 0xCF, 0xAD, 0xB3, 0xD4, 0x5A, 0x97, 0x43, 0x88, 0x02, 0xBB,
- 0x93, 0xBA, 0x17, 0x42, 0x51, 0x59, 0x52, 0x13, 0xEC, 0xFC,
- 0xEF, 0x6B, 0x53, 0xF7, 0xF2, 0x41, 0x8A, 0x42, 0x06, 0x56,
- 0xE2, 0xF4, 0x97, 0xD2, 0x22, 0x31, 0x02, 0x2A, 0x47
+ 0x03, 0x82, 0x01, 0x81, 0x00, 0x14, 0x27, 0x57, 0x47, 0x12,
+ 0xA4, 0x78, 0xA2, 0xC9, 0xDC, 0x93, 0xF8, 0x47, 0xEE, 0xF4,
+ 0xFD, 0x66, 0x80, 0x13, 0x43, 0x9E, 0xDE, 0x23, 0x8C, 0xF7,
+ 0x3F, 0xFE, 0x46, 0x9C, 0x85, 0x58, 0x2A, 0x6F, 0x8D, 0x22,
+ 0x92, 0x8C, 0xD6, 0x36, 0xCA, 0x90, 0x4F, 0x45, 0xC3, 0xAB,
+ 0x78, 0xCA, 0x3C, 0xFE, 0xD0, 0xF5, 0x0F, 0x6D, 0x00, 0xFE,
+ 0x3B, 0x42, 0xB0, 0x86, 0x0B, 0x75, 0xF2, 0x7C, 0xD3, 0xC7,
+ 0xDB, 0x0B, 0x70, 0xE8, 0xEC, 0xB7, 0xBF, 0x26, 0x30, 0xA8,
+ 0x19, 0x67, 0xBD, 0x74, 0x03, 0xCF, 0xD1, 0x08, 0x8E, 0x9C,
+ 0xD5, 0x1B, 0x45, 0x28, 0xB2, 0x67, 0x8E, 0x3A, 0xA5, 0x27,
+ 0xC9, 0x1B, 0x6A, 0xE9, 0x93, 0xCE, 0x94, 0xC0, 0x00, 0x0C,
+ 0xE8, 0xF1, 0x76, 0x02, 0xA4, 0x30, 0x72, 0xA8, 0xFD, 0x55,
+ 0x1C, 0xD1, 0xB8, 0x25, 0xF1, 0x62, 0xF6, 0xBA, 0x28, 0xFD,
+ 0x30, 0xB1, 0x11, 0x63, 0xF7, 0xB3, 0x78, 0x54, 0x09, 0x04,
+ 0xC1, 0x66, 0x12, 0xC7, 0x01, 0xAE, 0x99, 0xE3, 0x55, 0xC4,
+ 0x29, 0xBD, 0x1B, 0x1A, 0xDA, 0xB9, 0x77, 0xFD, 0x04, 0xDB,
+ 0xB1, 0x68, 0x56, 0x35, 0x65, 0xE1, 0xAA, 0x67, 0xC8, 0xAC,
+ 0xBE, 0xE5, 0xF8, 0x27, 0xFB, 0xB4, 0x51, 0x4F, 0x38, 0xE5,
+ 0xDE, 0x09, 0xA6, 0x81, 0xA9, 0xEF, 0xDC, 0xD6, 0x4A, 0x96,
+ 0x47, 0xB8, 0x38, 0x14, 0xF8, 0x25, 0x5D, 0xAC, 0xF3, 0xE5,
+ 0x3B, 0xF2, 0x1B, 0x70, 0x32, 0x3B, 0x2D, 0xFA, 0x20, 0xCA,
+ 0x2E, 0xA5, 0xCA, 0x13, 0x9D, 0x84, 0xD2, 0xD4, 0x35, 0x16,
+ 0x58, 0x6E, 0x52, 0x5E, 0x09, 0x61, 0x83, 0xC2, 0xE2, 0x56,
+ 0x2C, 0xAB, 0x52, 0xBF, 0x54, 0xDC, 0xBD, 0xF3, 0xBF, 0xA7,
+ 0x16, 0x6E, 0x0E, 0xCA, 0x68, 0x54, 0xD1, 0x5C, 0x4D, 0x06,
+ 0x7A, 0x93, 0x47, 0x1C, 0xCC, 0xA9, 0x66, 0xDA, 0x69, 0x0F,
+ 0xF9, 0x1F, 0x25, 0x64, 0x29, 0x40, 0x97, 0x50, 0x3B, 0xCF,
+ 0x0C, 0x50, 0x9B, 0x4D, 0xFF, 0x60, 0xBC, 0xD3, 0xE4, 0xA0,
+ 0xB7, 0x64, 0xC6, 0x66, 0x2A, 0xF6, 0x02, 0xE2, 0x3F, 0x92,
+ 0x31, 0x3B, 0xD7, 0xEA, 0x1A, 0xC3, 0x1A, 0x0C, 0x19, 0x88,
+ 0xAB, 0x5F, 0x74, 0xB7, 0x9D, 0x7B, 0x8D, 0x4D, 0x3A, 0x84,
+ 0x43, 0xF2, 0x67, 0xB1, 0xBE, 0xA0, 0x9E, 0xFD, 0x3D, 0xAA,
+ 0xC1, 0x38, 0x1A, 0xDF, 0xAC, 0x30, 0xFE, 0x63, 0x69, 0xAF,
+ 0xD6, 0xF2, 0x21, 0x63, 0x11, 0x63, 0x29, 0xAC, 0x63, 0x9E,
+ 0x9F, 0x9F, 0xC4, 0x53, 0xB3, 0xDB, 0x78, 0xC0, 0x2D, 0x79,
+ 0x68, 0x1F, 0xD2, 0xD1, 0x36, 0xD1, 0xFB, 0xE3, 0xC0, 0xA7,
+ 0x31, 0xEB, 0x15, 0x63, 0x99, 0x0B, 0x93, 0x9D, 0x87, 0xC7,
+ 0xFE, 0x56, 0x5D, 0xFC, 0xE7, 0x29, 0x2A, 0x9E, 0x15, 0xBE,
+ 0xEF, 0x54, 0xE7, 0x0F, 0x6D, 0x9B, 0x36, 0xB6, 0x17
};
static const int sizeof_client_cert_der_3072 = sizeof(client_cert_der_3072);
@@ -3103,189 +3204,189 @@ static const int sizeof_client_keypub_der_4096 = sizeof(client_keypub_der_4096);
/* ./certs/4096/client-cert.der, 4096-bit */
static const unsigned char client_cert_der_4096[] =
{
- 0x30, 0x82, 0x07, 0x1B, 0x30, 0x82, 0x05, 0x03, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x13, 0x31, 0xFE, 0x22, 0xAF, 0x75,
- 0x2F, 0xDC, 0x63, 0xBD, 0xE4, 0x94, 0xF2, 0x94, 0x38, 0xC3,
- 0x0D, 0x7D, 0x9A, 0xD1, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
- 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
- 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
- 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
- 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74,
- 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
- 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61,
- 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A,
- 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F,
- 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03,
- 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72,
- 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39,
- 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
- 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66,
- 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30,
- 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
- 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
- 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
- 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32,
- 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x34,
- 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
- 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
- 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
- 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
- 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A,
- 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03,
- 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53,
- 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30,
- 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72,
- 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D,
- 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
- 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77,
- 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
- 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
- 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
- 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06,
- 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
- 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02,
- 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, 0xE4,
- 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, 0xFC,
- 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, 0x71,
- 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, 0x13,
- 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, 0xAF,
- 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, 0x12,
- 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, 0x74,
- 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, 0x2E,
- 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, 0xBE,
- 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, 0xC5,
- 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, 0xC1,
- 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, 0x13,
- 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, 0xD5,
- 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, 0x05,
- 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, 0x48,
- 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, 0xCD,
- 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, 0x3F,
- 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, 0x18,
- 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, 0xF4,
- 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, 0xC2,
- 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, 0x80,
- 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, 0x51,
- 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, 0x81,
- 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, 0x8E,
- 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, 0xAA,
- 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, 0x8E,
- 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, 0xFD,
- 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, 0x8B,
- 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, 0x9C,
- 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, 0x88,
- 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, 0x0B,
- 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, 0x47,
- 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, 0xB1,
- 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, 0xD6,
- 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, 0x85,
- 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, 0x51,
- 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, 0x94,
- 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, 0x62,
- 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, 0xE8,
- 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, 0xC4,
- 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, 0xBD,
- 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, 0x9B,
- 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, 0xEE,
- 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, 0x44,
- 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, 0x26,
- 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, 0xB2,
- 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, 0x7B,
- 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, 0xAE,
- 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, 0x17,
- 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, 0xC9,
- 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, 0x0E,
- 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, 0x03,
- 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4E, 0x30, 0x82, 0x01,
- 0x4A, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16,
- 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31,
- 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16,
- 0xA5, 0x6E, 0x30, 0x81, 0xDD, 0x06, 0x03, 0x55, 0x1D, 0x23,
- 0x04, 0x81, 0xD5, 0x30, 0x81, 0xD2, 0x80, 0x14, 0xFA, 0x54,
- 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, 0xE7,
- 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, 0x81,
- 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30,
- 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
- 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
- 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
- 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42,
- 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13,
- 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C,
- 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31,
- 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10,
- 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E,
- 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16,
- 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77,
- 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
- 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86,
- 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69,
- 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
- 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x31, 0xFE, 0x22,
- 0xAF, 0x75, 0x2F, 0xDC, 0x63, 0xBD, 0xE4, 0x94, 0xF2, 0x94,
- 0x38, 0xC3, 0x0D, 0x7D, 0x9A, 0xD1, 0x30, 0x0C, 0x06, 0x03,
- 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF,
- 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30,
- 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65,
- 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01,
- 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30,
- 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
- 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
- 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
- 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01,
- 0x00, 0xDD, 0x6B, 0x7F, 0xCA, 0xDC, 0x80, 0xE0, 0x6D, 0xE2,
- 0x5F, 0x6C, 0x32, 0x01, 0x2F, 0x8F, 0x3A, 0xE9, 0x41, 0x5F,
- 0x35, 0xC6, 0xBB, 0xA9, 0xA5, 0x84, 0x57, 0xEE, 0xA4, 0x21,
- 0x4F, 0xB3, 0xB9, 0xAE, 0x24, 0xDC, 0xD1, 0x80, 0x30, 0x7A,
- 0x2A, 0x7F, 0x7E, 0xFC, 0x6C, 0xBE, 0x50, 0xD3, 0x5A, 0x51,
- 0x2D, 0xE6, 0xFD, 0x15, 0xDB, 0x9D, 0xFF, 0xFA, 0xCA, 0xC0,
- 0xCF, 0xBE, 0x97, 0x59, 0xD0, 0x83, 0x20, 0xCE, 0x3A, 0xD8,
- 0x10, 0xFE, 0x41, 0xD5, 0xA9, 0x6B, 0x19, 0xE2, 0x9F, 0x28,
- 0xFE, 0xC0, 0x21, 0x75, 0x47, 0x46, 0x94, 0x31, 0x6A, 0xC4,
- 0xC4, 0x52, 0x3B, 0x02, 0x73, 0xC4, 0x47, 0x2A, 0xB5, 0xCE,
- 0x65, 0x6D, 0x58, 0xC7, 0xFA, 0x3E, 0x0A, 0x6F, 0xE1, 0xA8,
- 0xA1, 0x3B, 0x33, 0x8A, 0x6F, 0xCA, 0x4A, 0xEF, 0x52, 0x88,
- 0x09, 0xCA, 0xB2, 0xF2, 0x1D, 0x3D, 0x69, 0xF5, 0x5B, 0x80,
- 0x4F, 0x29, 0x66, 0xB1, 0x25, 0xC7, 0xEB, 0xD1, 0xBB, 0xDF,
- 0xCF, 0x91, 0xC8, 0xCE, 0x58, 0x3B, 0x9D, 0x10, 0x5B, 0x8E,
- 0x55, 0x93, 0x5A, 0x32, 0xED, 0x0B, 0xC7, 0x7F, 0xC8, 0xF5,
- 0xF2, 0x7F, 0x0A, 0xCE, 0xAD, 0xBB, 0xDB, 0x43, 0x2A, 0x92,
- 0xF6, 0xF2, 0xA0, 0x34, 0x8E, 0x7C, 0x22, 0x4A, 0x5A, 0xF9,
- 0x84, 0xB0, 0x88, 0xE3, 0xA4, 0x2A, 0xBF, 0x23, 0x3A, 0xEC,
- 0xAA, 0x32, 0x77, 0xC9, 0xAB, 0xBC, 0x4B, 0xBB, 0x82, 0xBC,
- 0xC0, 0x07, 0xE6, 0xFC, 0xCF, 0x33, 0x72, 0x8F, 0xB2, 0x4E,
- 0xDA, 0x2B, 0x7E, 0x08, 0x44, 0x72, 0x2B, 0xA0, 0xC7, 0x3A,
- 0x7E, 0x6F, 0xB4, 0x31, 0xB1, 0x3A, 0x34, 0xC3, 0x5C, 0xBE,
- 0x9C, 0x85, 0xD8, 0x82, 0x99, 0x35, 0x92, 0xB4, 0xB4, 0x31,
- 0x24, 0x31, 0xDF, 0xFB, 0x17, 0xDB, 0x1D, 0x3B, 0xA7, 0xD1,
- 0xE2, 0xA4, 0x44, 0xC7, 0x3F, 0x6B, 0x17, 0x1C, 0x32, 0xCC,
- 0xF9, 0x48, 0xF0, 0xC0, 0x38, 0x45, 0xE8, 0xF5, 0x84, 0x6C,
- 0x59, 0x29, 0x5A, 0xEC, 0x38, 0x43, 0x10, 0x97, 0x67, 0x76,
- 0xB5, 0x60, 0xB7, 0x8C, 0x42, 0x11, 0x44, 0x9A, 0x62, 0x87,
- 0xDB, 0x02, 0xAA, 0xE7, 0x1E, 0xEC, 0x9F, 0x6B, 0x7F, 0xC5,
- 0xFA, 0x9E, 0x03, 0x80, 0x73, 0x74, 0x20, 0xE9, 0x7A, 0xE1,
- 0x3F, 0x49, 0x41, 0xBB, 0xC4, 0x9A, 0x70, 0x14, 0xA1, 0x13,
- 0x2A, 0x90, 0xEF, 0x06, 0xCC, 0x9D, 0xBA, 0x32, 0x94, 0x8C,
- 0xA9, 0x95, 0x45, 0xA4, 0x89, 0x04, 0xD2, 0x68, 0xB9, 0x13,
- 0xFD, 0x73, 0x43, 0xEA, 0xC5, 0xEE, 0x7F, 0x00, 0x75, 0xF0,
- 0xCA, 0x4D, 0x91, 0xD3, 0x04, 0x72, 0xE6, 0xAF, 0xC8, 0xAD,
- 0x43, 0x11, 0x70, 0x36, 0x45, 0xAA, 0xB5, 0x46, 0xA6, 0xBF,
- 0xAC, 0x6C, 0x20, 0x86, 0x3E, 0x5E, 0x66, 0xA5, 0x15, 0x6A,
- 0xA2, 0x58, 0xE6, 0x6F, 0xE8, 0xAE, 0xB4, 0x1D, 0x67, 0xDA,
- 0x18, 0xD6, 0xAD, 0xDE, 0x11, 0x9C, 0xF3, 0xD1, 0xA4, 0x06,
- 0x3F, 0xD5, 0x01, 0xFD, 0x3D, 0xB8, 0xFD, 0x14, 0x0F, 0x1A,
- 0xE8, 0x7E, 0xB4, 0xA3, 0x2B, 0x8B, 0x52, 0x4C, 0x71, 0x72,
- 0x5E, 0x7C, 0x9E, 0x23, 0xFF, 0x50, 0x83, 0x7D, 0x5B, 0xEC,
- 0x60, 0xD5, 0xAD, 0xA5, 0x44, 0x0B, 0xDD, 0x66, 0xCC, 0xA5,
- 0xF8, 0x0C, 0x65, 0xDB, 0xB2, 0x76, 0x1E, 0x1C, 0x01, 0x87,
- 0xCB, 0x1C, 0x76, 0x17, 0x5D, 0x12, 0xCD, 0x28, 0xDC, 0x20,
- 0xE0, 0x3A, 0xC8, 0x65, 0xFE, 0xDD, 0xE3, 0xBC, 0x6A, 0x8B,
- 0x24, 0x6B, 0x86, 0xA7, 0x2D, 0xBC, 0x4F, 0x26, 0x3F, 0xD7,
- 0x3F, 0x04, 0xBF, 0xA4, 0x5D, 0x06, 0x52, 0xB5, 0xE4, 0xFD,
- 0x85, 0xB0, 0x2C, 0x52, 0xAC, 0x99, 0x49, 0xEF, 0x56, 0x76,
- 0x2A, 0x7C, 0xE3, 0xD8, 0x8E, 0xE4, 0xEB, 0xB2, 0xDB, 0xC1,
- 0x54, 0x20, 0x64
+ 0x30, 0x82, 0x07, 0x1D, 0x30, 0x82, 0x05, 0x05, 0xA0, 0x03,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x2F, 0x36, 0x54, 0x05, 0x64,
+ 0x52, 0xDD, 0x0E, 0x75, 0x75, 0x33, 0x7C, 0xB2, 0xCE, 0x9F,
+ 0x5C, 0x48, 0x9B, 0xAB, 0x0E, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+ 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
+ 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
+ 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
+ 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E,
+ 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
+ 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D,
+ 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04,
+ 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
+ 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06,
+ 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67,
+ 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30,
+ 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
+ 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C,
+ 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F,
+ 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
+ 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+ 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
+ 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
+ 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
+ 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F,
+ 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06,
+ 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66,
+ 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19,
+ 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50,
+ 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67,
+ 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06,
+ 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+ 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+ 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+ 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E,
+ 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
+ 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D,
+ 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
+ 0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82,
+ 0x02, 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31,
+ 0xE4, 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79,
+ 0xFC, 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86,
+ 0x71, 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17,
+ 0x13, 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D,
+ 0xAF, 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A,
+ 0x12, 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46,
+ 0x74, 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C,
+ 0x2E, 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B,
+ 0xBE, 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66,
+ 0xC5, 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB,
+ 0xC1, 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99,
+ 0x13, 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4,
+ 0xD5, 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17,
+ 0x05, 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28,
+ 0x48, 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7,
+ 0xCD, 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5,
+ 0x3F, 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0,
+ 0x18, 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C,
+ 0xF4, 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7,
+ 0xC2, 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D,
+ 0x80, 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED,
+ 0x51, 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E,
+ 0x81, 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3,
+ 0x8E, 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5,
+ 0xAA, 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1,
+ 0x8E, 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2,
+ 0xFD, 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A,
+ 0x8B, 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C,
+ 0x9C, 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5,
+ 0x88, 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C,
+ 0x0B, 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6,
+ 0x47, 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26,
+ 0xB1, 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21,
+ 0xD6, 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9,
+ 0x85, 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3,
+ 0x51, 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76,
+ 0x94, 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3,
+ 0x62, 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31,
+ 0xE8, 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57,
+ 0xC4, 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA,
+ 0xBD, 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54,
+ 0x9B, 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F,
+ 0xEE, 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6,
+ 0x44, 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9,
+ 0x26, 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13,
+ 0xB2, 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5,
+ 0x7B, 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB,
+ 0xAE, 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C,
+ 0x17, 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9,
+ 0xC9, 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD,
+ 0x0E, 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02,
+ 0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82,
+ 0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04,
+ 0x16, 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7,
+ 0x31, 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56,
+ 0x16, 0xA5, 0x6E, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D,
+ 0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0xFA,
+ 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD,
+ 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1,
+ 0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B,
+ 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
+ 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08,
+ 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31,
+ 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07,
+ 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30,
+ 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F,
+ 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36,
+ 0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C,
+ 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69,
+ 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30,
+ 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+ 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+ 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A,
+ 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10,
+ 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73,
+ 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2F, 0x36,
+ 0x54, 0x05, 0x64, 0x52, 0xDD, 0x0E, 0x75, 0x75, 0x33, 0x7C,
+ 0xB2, 0xCE, 0x9F, 0x5C, 0x48, 0x9B, 0xAB, 0x0E, 0x30, 0x0C,
+ 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+ 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04,
+ 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70,
+ 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00,
+ 0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04,
+ 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+ 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+ 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+ 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82,
+ 0x02, 0x01, 0x00, 0xC2, 0x72, 0x38, 0x27, 0xF0, 0x5C, 0x45,
+ 0x04, 0x4B, 0x09, 0x0E, 0x5D, 0x98, 0x6E, 0x38, 0x6A, 0xBC,
+ 0xFB, 0xA8, 0x85, 0x4F, 0xF2, 0x04, 0x38, 0x63, 0x4F, 0x86,
+ 0x4F, 0x3C, 0xF5, 0xFD, 0xF8, 0xCD, 0x89, 0x09, 0x76, 0x72,
+ 0x47, 0x97, 0xDF, 0xF8, 0x17, 0x6A, 0x81, 0x3A, 0xB2, 0xB4,
+ 0xFC, 0xAC, 0xE9, 0xFC, 0xE2, 0x47, 0x9B, 0x07, 0x6D, 0x9C,
+ 0x53, 0xED, 0xD8, 0x64, 0xBC, 0x6C, 0x4D, 0xA9, 0xBD, 0x3E,
+ 0x5E, 0xCD, 0x61, 0xBC, 0x8E, 0x82, 0x20, 0xB2, 0x50, 0xBC,
+ 0x9E, 0x72, 0xE6, 0x9F, 0x40, 0xFF, 0x6C, 0x4B, 0x38, 0xF8,
+ 0x4B, 0x82, 0x0F, 0x7E, 0x49, 0xCD, 0x45, 0x5C, 0xCD, 0x44,
+ 0xDE, 0x47, 0x25, 0xB3, 0x57, 0xD0, 0x1A, 0x0D, 0x8D, 0x4D,
+ 0xC7, 0xEA, 0x23, 0xFA, 0x03, 0xE8, 0x86, 0xD8, 0x37, 0x89,
+ 0x84, 0x2E, 0xE8, 0x53, 0x7A, 0x77, 0xBE, 0x94, 0xEC, 0x70,
+ 0xE7, 0xC4, 0x7B, 0x8F, 0x6F, 0x28, 0x67, 0x33, 0x89, 0xEC,
+ 0xC9, 0xDF, 0x98, 0x6D, 0x4A, 0xD9, 0xC6, 0x7B, 0xD3, 0xB5,
+ 0x82, 0xD0, 0x8A, 0xCE, 0x8F, 0x06, 0xBF, 0xA2, 0xF7, 0xDE,
+ 0x4A, 0x45, 0x22, 0x6F, 0xFF, 0x41, 0x6F, 0x08, 0xF5, 0xC3,
+ 0x65, 0x25, 0x27, 0xFB, 0x43, 0x3E, 0xCC, 0x25, 0x0A, 0xD3,
+ 0x3D, 0xD2, 0x34, 0x9F, 0x89, 0x6B, 0xE2, 0x97, 0x9C, 0x42,
+ 0xD9, 0x3E, 0x64, 0x03, 0x45, 0x5F, 0x07, 0x95, 0xED, 0x1A,
+ 0x70, 0x6A, 0xBE, 0x3E, 0x7F, 0x7F, 0x16, 0xBE, 0x47, 0xA6,
+ 0x6D, 0x3B, 0x0D, 0x27, 0xB3, 0x89, 0xB1, 0xF1, 0xF6, 0xCE,
+ 0x99, 0x71, 0x18, 0xB6, 0xC0, 0xC5, 0x9E, 0x76, 0x7A, 0x8E,
+ 0xFB, 0x4A, 0xBE, 0x4F, 0xCD, 0xBC, 0x21, 0xA9, 0x4E, 0x9C,
+ 0xFC, 0x48, 0x86, 0xFF, 0xE4, 0x63, 0x14, 0x96, 0x3A, 0xEB,
+ 0xC8, 0x48, 0xAE, 0x27, 0xBD, 0x43, 0x0C, 0x27, 0x85, 0xE1,
+ 0x25, 0x1A, 0x69, 0x48, 0x6C, 0xE7, 0x11, 0xF8, 0xF3, 0x68,
+ 0x9D, 0xEE, 0x15, 0x1A, 0xBE, 0xAD, 0x46, 0x33, 0x24, 0x3D,
+ 0xBE, 0xB8, 0x0E, 0x6E, 0x4D, 0xEF, 0x12, 0xB6, 0xAE, 0x1B,
+ 0x88, 0xBD, 0x0E, 0xA6, 0xFF, 0x91, 0x08, 0xDC, 0xED, 0xAF,
+ 0xFA, 0x13, 0x2B, 0xF2, 0xB4, 0x2C, 0xEA, 0x72, 0xC2, 0x85,
+ 0xD6, 0xEE, 0x64, 0x09, 0xE1, 0x4E, 0x1A, 0x5A, 0xBD, 0xC2,
+ 0x44, 0xC2, 0x95, 0x82, 0x59, 0x0A, 0xD8, 0x27, 0xBC, 0x48,
+ 0x4A, 0x8A, 0xA3, 0xC3, 0x77, 0xAC, 0x92, 0xB6, 0x8B, 0x0B,
+ 0x13, 0xE2, 0x87, 0xEC, 0x21, 0x7E, 0x7E, 0x52, 0x29, 0x51,
+ 0x5C, 0x59, 0xE1, 0xC8, 0xDB, 0x05, 0xCE, 0x9E, 0xF4, 0x36,
+ 0xD8, 0x63, 0x42, 0x45, 0x71, 0x9A, 0xEE, 0x0E, 0x24, 0xB0,
+ 0xBA, 0xA5, 0xA5, 0xAA, 0xC9, 0xEE, 0x9E, 0xA3, 0xE3, 0xE9,
+ 0x7F, 0xC6, 0x64, 0x6C, 0x9E, 0x65, 0x78, 0x88, 0xF2, 0x61,
+ 0x6F, 0xD3, 0x3B, 0x9E, 0x0D, 0x16, 0xFA, 0xAD, 0xC2, 0x58,
+ 0xAC, 0xBC, 0x14, 0xB1, 0xF7, 0x6F, 0xDB, 0xB9, 0x7E, 0x79,
+ 0x81, 0xF1, 0xF8, 0xE9, 0x41, 0x5B, 0xFE, 0xD9, 0xE2, 0x89,
+ 0x86, 0x5C, 0x01, 0x03, 0x5D, 0x0C, 0xD9, 0xA9, 0xD6, 0xDF,
+ 0x4B, 0x26, 0x5C, 0xAE, 0xE6, 0xDF, 0xB5, 0xC9, 0xF0, 0x86,
+ 0xCA, 0x7B, 0x80, 0xDB, 0x6A, 0x86, 0xFD, 0xA9, 0x00, 0x46,
+ 0x32, 0x39, 0x5A, 0x72, 0xC4, 0x67, 0x20, 0xDB, 0xD8, 0x7A,
+ 0x5D, 0x2D, 0x78, 0xB9, 0xA7, 0xDE, 0x7F, 0xF4, 0x7A, 0x5B,
+ 0x0F, 0x38, 0xB0, 0x9E, 0x1A, 0xAE, 0xC5, 0xCC, 0xFF, 0x61,
+ 0x5E, 0xEC, 0xF1, 0x0D, 0xF7, 0x0A, 0x22, 0xBB, 0xCB, 0x08,
+ 0x2B, 0x91, 0x58, 0x77, 0x1F, 0x90, 0x2B, 0xA3, 0x78, 0xBE,
+ 0xEF, 0x4D, 0xD8, 0x8D, 0xE8, 0xF7, 0x31, 0xF8, 0x92, 0x84,
+ 0xE5, 0xB2, 0x2A, 0xE8, 0x3A
};
static const int sizeof_client_cert_der_4096 = sizeof(client_cert_der_4096);
@@ -5764,17 +5865,17 @@ static const int sizeof_bench_dilithium_level5_key = sizeof(bench_dilithium_leve
static const unsigned char bench_sphincs_fast_level1_key[] =
{
0x30, 0x71, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06, 0x2B,
- 0xCE, 0x0F, 0x06, 0x07, 0x04, 0x04, 0x62, 0x04, 0x60, 0x59,
- 0xE0, 0xD4, 0x1F, 0x22, 0x74, 0xBD, 0xAC, 0x46, 0x01, 0xE4,
- 0x8C, 0x89, 0xB7, 0x39, 0x20, 0x9F, 0x6F, 0x96, 0xC4, 0xE7,
- 0x78, 0x0F, 0xA1, 0x7D, 0xEC, 0xE8, 0xD5, 0xC3, 0xDD, 0x45,
- 0x13, 0x56, 0xCF, 0xEA, 0x68, 0x70, 0x2A, 0xFF, 0xDA, 0x9A,
- 0xA3, 0x2B, 0xEC, 0x4D, 0xBF, 0x7D, 0x09, 0xC0, 0xCC, 0xF4,
- 0x2F, 0xF2, 0xAC, 0x74, 0xDF, 0x0E, 0x20, 0x9D, 0xC2, 0x9E,
- 0xD1, 0xB4, 0x12, 0x56, 0xCF, 0xEA, 0x68, 0x70, 0x2A, 0xFF,
- 0xDA, 0x9A, 0xA3, 0x2B, 0xEC, 0x4D, 0xBF, 0x7D, 0x09, 0xC0,
- 0xCC, 0xF4, 0x2F, 0xF2, 0xAC, 0x74, 0xDF, 0x0E, 0x20, 0x9D,
- 0xC2, 0x9E, 0xD1, 0xB4, 0x12
+ 0xCE, 0x0F, 0x06, 0x07, 0x0D, 0x04, 0x62, 0x04, 0x60, 0xD8,
+ 0xC4, 0x6E, 0x8D, 0x3B, 0xB7, 0xE7, 0x48, 0x8D, 0x6F, 0x0C,
+ 0x3D, 0xDF, 0xAB, 0x79, 0xB6, 0x62, 0xAE, 0x89, 0x19, 0x6F,
+ 0x5E, 0xF9, 0xD3, 0x3A, 0x69, 0xBA, 0xFF, 0x4C, 0x46, 0xDE,
+ 0xAA, 0x7C, 0x40, 0x79, 0x8C, 0xE1, 0xE5, 0x30, 0xE6, 0xDF,
+ 0x4E, 0x23, 0x5E, 0x14, 0xDB, 0x0A, 0x48, 0x4E, 0xF6, 0x57,
+ 0xCE, 0x45, 0x8F, 0x8B, 0x1D, 0x68, 0x63, 0xAA, 0x24, 0xA4,
+ 0xE1, 0x0D, 0xFB, 0x7C, 0x40, 0x79, 0x8C, 0xE1, 0xE5, 0x30,
+ 0xE6, 0xDF, 0x4E, 0x23, 0x5E, 0x14, 0xDB, 0x0A, 0x48, 0x4E,
+ 0xF6, 0x57, 0xCE, 0x45, 0x8F, 0x8B, 0x1D, 0x68, 0x63, 0xAA,
+ 0x24, 0xA4, 0xE1, 0x0D, 0xFB
};
static const int sizeof_bench_sphincs_fast_level1_key = sizeof(bench_sphincs_fast_level1_key);
@@ -5782,22 +5883,22 @@ static const int sizeof_bench_sphincs_fast_level1_key = sizeof(bench_sphincs_fas
static const unsigned char bench_sphincs_fast_level3_key[] =
{
0x30, 0x81, 0xA3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
- 0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x03, 0x04, 0x81, 0x93, 0x04,
- 0x81, 0x90, 0x00, 0x8E, 0xB0, 0x75, 0x2E, 0xC5, 0x61, 0x66,
- 0xEE, 0x01, 0xEE, 0x97, 0x13, 0xD7, 0x65, 0x69, 0xEA, 0x5C,
- 0x23, 0xAA, 0x6E, 0x86, 0x04, 0xE9, 0x2A, 0xEC, 0x8C, 0xA3,
- 0xB7, 0x28, 0xEB, 0xDF, 0x0E, 0x77, 0x07, 0x59, 0x3F, 0xB6,
- 0x10, 0xB3, 0xCC, 0xE1, 0x09, 0x64, 0xC4, 0x42, 0x37, 0x71,
- 0xDC, 0xB4, 0x20, 0x2D, 0x03, 0x00, 0x6C, 0x4C, 0x3F, 0xE3,
- 0x80, 0x28, 0xEC, 0x90, 0xF9, 0xDB, 0x50, 0xFC, 0x0A, 0x58,
- 0xC2, 0x81, 0xE2, 0x17, 0x06, 0x7A, 0x58, 0xBB, 0x21, 0x90,
- 0xC8, 0xE6, 0x64, 0x8B, 0xF4, 0x68, 0x70, 0x1D, 0xE2, 0xAB,
- 0x8F, 0x50, 0x4D, 0xEE, 0x29, 0xD7, 0x15, 0x5E, 0xDC, 0xB4,
- 0x20, 0x2D, 0x03, 0x00, 0x6C, 0x4C, 0x3F, 0xE3, 0x80, 0x28,
- 0xEC, 0x90, 0xF9, 0xDB, 0x50, 0xFC, 0x0A, 0x58, 0xC2, 0x81,
- 0xE2, 0x17, 0x06, 0x7A, 0x58, 0xBB, 0x21, 0x90, 0xC8, 0xE6,
- 0x64, 0x8B, 0xF4, 0x68, 0x70, 0x1D, 0xE2, 0xAB, 0x8F, 0x50,
- 0x4D, 0xEE, 0x29, 0xD7, 0x15, 0x5E
+ 0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x0A, 0x04, 0x81, 0x93, 0x04,
+ 0x81, 0x90, 0xB2, 0x3A, 0x67, 0xA6, 0x4B, 0x8E, 0xB9, 0xEF,
+ 0xAD, 0x99, 0xE4, 0x3D, 0x65, 0xE8, 0xEE, 0xCF, 0xAC, 0xCF,
+ 0x2F, 0xDE, 0xBC, 0x11, 0x67, 0x8D, 0x8F, 0x8D, 0x3E, 0x99,
+ 0x31, 0x67, 0xED, 0x31, 0x6A, 0x05, 0x47, 0xC1, 0xDA, 0xC5,
+ 0x14, 0x17, 0xA1, 0x93, 0x83, 0x44, 0x58, 0x09, 0x80, 0x3A,
+ 0x47, 0x67, 0x42, 0x6D, 0x4C, 0xB7, 0xC8, 0x7D, 0x37, 0xF3,
+ 0x90, 0xF7, 0x46, 0x92, 0xB6, 0x26, 0xF7, 0x4E, 0x0D, 0x8D,
+ 0xB8, 0xCA, 0x8B, 0xA8, 0x20, 0x5D, 0x67, 0x85, 0xD2, 0x83,
+ 0x2C, 0x2A, 0x38, 0x1F, 0x57, 0x89, 0x76, 0x8C, 0x6D, 0x88,
+ 0xCE, 0x18, 0x4F, 0xA7, 0x88, 0x48, 0x7C, 0x0D, 0x47, 0x67,
+ 0x42, 0x6D, 0x4C, 0xB7, 0xC8, 0x7D, 0x37, 0xF3, 0x90, 0xF7,
+ 0x46, 0x92, 0xB6, 0x26, 0xF7, 0x4E, 0x0D, 0x8D, 0xB8, 0xCA,
+ 0x8B, 0xA8, 0x20, 0x5D, 0x67, 0x85, 0xD2, 0x83, 0x2C, 0x2A,
+ 0x38, 0x1F, 0x57, 0x89, 0x76, 0x8C, 0x6D, 0x88, 0xCE, 0x18,
+ 0x4F, 0xA7, 0x88, 0x48, 0x7C, 0x0D
};
static const int sizeof_bench_sphincs_fast_level3_key = sizeof(bench_sphincs_fast_level3_key);
@@ -5805,27 +5906,27 @@ static const int sizeof_bench_sphincs_fast_level3_key = sizeof(bench_sphincs_fas
static const unsigned char bench_sphincs_fast_level5_key[] =
{
0x30, 0x81, 0xD3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
- 0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x03, 0x04, 0x81, 0xC3, 0x04,
- 0x81, 0xC0, 0x91, 0x8B, 0xB7, 0x1A, 0x08, 0x61, 0x50, 0x70,
- 0x26, 0x71, 0xCD, 0x36, 0x10, 0xE2, 0xB8, 0x95, 0x0D, 0xA7,
- 0x57, 0xC7, 0x18, 0xFF, 0x55, 0xA4, 0x16, 0x9D, 0x3C, 0xF8,
- 0xA3, 0x48, 0xB0, 0x9B, 0xFD, 0x22, 0xBE, 0x20, 0x3D, 0x88,
- 0x96, 0x0B, 0xF1, 0x6D, 0x05, 0x8A, 0x1B, 0x71, 0xCE, 0xCD,
- 0x31, 0x01, 0xEA, 0xAC, 0x62, 0x61, 0x1F, 0x4A, 0xC1, 0x62,
- 0x05, 0x36, 0xBB, 0x7F, 0xEF, 0x5B, 0x42, 0x8B, 0xC6, 0xCD,
- 0xEF, 0xCE, 0xE1, 0x00, 0x39, 0x4F, 0x01, 0xBC, 0x03, 0x94,
- 0x00, 0xA8, 0x7F, 0x22, 0xB9, 0x9F, 0x79, 0x51, 0x25, 0x61,
- 0x1B, 0x43, 0x47, 0x52, 0xD0, 0x39, 0x2B, 0x93, 0xC5, 0xD4,
- 0x2A, 0xE1, 0xEF, 0x0B, 0x01, 0x36, 0xC3, 0x54, 0xC8, 0xDE,
- 0xF4, 0xA2, 0x6F, 0x4C, 0x4B, 0xEC, 0x5D, 0x9D, 0xEE, 0xC9,
- 0xFA, 0xBE, 0xFA, 0x5F, 0xC4, 0x89, 0xC1, 0xFC, 0xEB, 0xA8,
- 0x42, 0x8B, 0xC6, 0xCD, 0xEF, 0xCE, 0xE1, 0x00, 0x39, 0x4F,
- 0x01, 0xBC, 0x03, 0x94, 0x00, 0xA8, 0x7F, 0x22, 0xB9, 0x9F,
- 0x79, 0x51, 0x25, 0x61, 0x1B, 0x43, 0x47, 0x52, 0xD0, 0x39,
- 0x2B, 0x93, 0xC5, 0xD4, 0x2A, 0xE1, 0xEF, 0x0B, 0x01, 0x36,
- 0xC3, 0x54, 0xC8, 0xDE, 0xF4, 0xA2, 0x6F, 0x4C, 0x4B, 0xEC,
- 0x5D, 0x9D, 0xEE, 0xC9, 0xFA, 0xBE, 0xFA, 0x5F, 0xC4, 0x89,
- 0xC1, 0xFC, 0xEB, 0xA8
+ 0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x0A, 0x04, 0x81, 0xC3, 0x04,
+ 0x81, 0xC0, 0xAB, 0xD3, 0xFD, 0x3B, 0x17, 0x00, 0xCD, 0xD5,
+ 0xB2, 0xEE, 0xD2, 0x36, 0xE5, 0xF7, 0x1D, 0xDC, 0xC8, 0x42,
+ 0xDB, 0x53, 0x6A, 0x8A, 0x0D, 0x6D, 0xD2, 0x3C, 0x1C, 0x7C,
+ 0x98, 0x4D, 0x73, 0xC8, 0xAB, 0x2E, 0xAA, 0x7A, 0xC0, 0x26,
+ 0xC4, 0x0D, 0x7E, 0xB4, 0xD3, 0xBB, 0x13, 0xF4, 0x6E, 0xFE,
+ 0x0E, 0xA5, 0xA4, 0x58, 0x57, 0xA2, 0xDD, 0x99, 0x62, 0xB9,
+ 0xBA, 0xC2, 0x5B, 0x26, 0xED, 0x6E, 0x99, 0xFA, 0x11, 0x0E,
+ 0xCF, 0x33, 0x54, 0x85, 0x56, 0x0C, 0xEB, 0x2A, 0xB0, 0xAA,
+ 0xEB, 0x74, 0x14, 0x89, 0x1A, 0xB9, 0x38, 0xF5, 0x29, 0x66,
+ 0x28, 0x28, 0x17, 0xF5, 0x72, 0x42, 0xEE, 0xC0, 0x14, 0x59,
+ 0xA0, 0x72, 0x9B, 0x9B, 0x1E, 0x7F, 0x70, 0x70, 0xBB, 0x89,
+ 0x0C, 0x7E, 0x87, 0x8B, 0x83, 0x80, 0x2B, 0x66, 0x58, 0x64,
+ 0x1D, 0x94, 0xAF, 0x58, 0xB5, 0x23, 0x2C, 0xA1, 0xE9, 0x95,
+ 0x99, 0xFA, 0x11, 0x0E, 0xCF, 0x33, 0x54, 0x85, 0x56, 0x0C,
+ 0xEB, 0x2A, 0xB0, 0xAA, 0xEB, 0x74, 0x14, 0x89, 0x1A, 0xB9,
+ 0x38, 0xF5, 0x29, 0x66, 0x28, 0x28, 0x17, 0xF5, 0x72, 0x42,
+ 0xEE, 0xC0, 0x14, 0x59, 0xA0, 0x72, 0x9B, 0x9B, 0x1E, 0x7F,
+ 0x70, 0x70, 0xBB, 0x89, 0x0C, 0x7E, 0x87, 0x8B, 0x83, 0x80,
+ 0x2B, 0x66, 0x58, 0x64, 0x1D, 0x94, 0xAF, 0x58, 0xB5, 0x23,
+ 0x2C, 0xA1, 0xE9, 0x95
};
static const int sizeof_bench_sphincs_fast_level5_key = sizeof(bench_sphincs_fast_level5_key);
@@ -5833,17 +5934,17 @@ static const int sizeof_bench_sphincs_fast_level5_key = sizeof(bench_sphincs_fas
static const unsigned char bench_sphincs_small_level1_key[] =
{
0x30, 0x71, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06, 0x2B,
- 0xCE, 0x0F, 0x06, 0x07, 0x0A, 0x04, 0x62, 0x04, 0x60, 0x44,
- 0x7A, 0xCF, 0xB9, 0x03, 0xF2, 0xB2, 0x41, 0xBC, 0x1A, 0xE6,
- 0x75, 0x29, 0x04, 0xDA, 0x6C, 0x6E, 0x08, 0x17, 0x1E, 0x46,
- 0x75, 0xE8, 0x32, 0x23, 0xCD, 0x11, 0xC8, 0x88, 0xF7, 0x00,
- 0x11, 0x4C, 0xBD, 0x14, 0x62, 0xC2, 0x4B, 0x83, 0x36, 0xDE,
- 0x61, 0x78, 0x7F, 0x09, 0x16, 0x97, 0x98, 0x3D, 0x52, 0x70,
- 0x7F, 0xED, 0x86, 0xDB, 0x75, 0x42, 0x52, 0xF3, 0xB1, 0xAE,
- 0x70, 0x7F, 0xD3, 0x4C, 0xBD, 0x14, 0x62, 0xC2, 0x4B, 0x83,
- 0x36, 0xDE, 0x61, 0x78, 0x7F, 0x09, 0x16, 0x97, 0x98, 0x3D,
- 0x52, 0x70, 0x7F, 0xED, 0x86, 0xDB, 0x75, 0x42, 0x52, 0xF3,
- 0xB1, 0xAE, 0x70, 0x7F, 0xD3
+ 0xCE, 0x0F, 0x06, 0x07, 0x10, 0x04, 0x62, 0x04, 0x60, 0xFF,
+ 0x26, 0x56, 0x65, 0xAC, 0x6C, 0x0B, 0x72, 0x2D, 0x8D, 0xB8,
+ 0x29, 0x4A, 0x15, 0x7E, 0xEF, 0x55, 0xFD, 0xBE, 0xF4, 0xC0,
+ 0xE6, 0x6F, 0x2B, 0x7A, 0x97, 0x60, 0x51, 0x1C, 0xCB, 0x82,
+ 0x43, 0x44, 0xDE, 0x14, 0x3D, 0x4F, 0xE7, 0x3C, 0x1C, 0xB3,
+ 0xBB, 0x9F, 0xE8, 0x9F, 0x8F, 0xA4, 0xAD, 0xB9, 0x52, 0xC1,
+ 0x31, 0xF7, 0xC1, 0x86, 0x7E, 0x73, 0xFB, 0x9E, 0x72, 0x57,
+ 0x8A, 0xD7, 0x44, 0x44, 0xDE, 0x14, 0x3D, 0x4F, 0xE7, 0x3C,
+ 0x1C, 0xB3, 0xBB, 0x9F, 0xE8, 0x9F, 0x8F, 0xA4, 0xAD, 0xB9,
+ 0x52, 0xC1, 0x31, 0xF7, 0xC1, 0x86, 0x7E, 0x73, 0xFB, 0x9E,
+ 0x72, 0x57, 0x8A, 0xD7, 0x44
};
static const int sizeof_bench_sphincs_small_level1_key = sizeof(bench_sphincs_small_level1_key);
@@ -5851,22 +5952,22 @@ static const int sizeof_bench_sphincs_small_level1_key = sizeof(bench_sphincs_sm
static const unsigned char bench_sphincs_small_level3_key[] =
{
0x30, 0x81, 0xA3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
- 0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x07, 0x04, 0x81, 0x93, 0x04,
- 0x81, 0x90, 0x7E, 0x80, 0x20, 0x6C, 0x20, 0xAE, 0x7D, 0xAB,
- 0xC1, 0x4E, 0x15, 0x51, 0x0C, 0xDD, 0x96, 0xAC, 0xFB, 0xD2,
- 0x5B, 0xF1, 0xEB, 0x51, 0xDC, 0xC3, 0xB3, 0x92, 0x33, 0xC2,
- 0x54, 0x59, 0x4F, 0xB2, 0x33, 0x7C, 0x10, 0xC6, 0xA3, 0x49,
- 0x8D, 0x07, 0x52, 0xB2, 0xA1, 0x14, 0x0C, 0x54, 0x21, 0xD4,
- 0xB1, 0xCC, 0xBD, 0xB1, 0x20, 0xAC, 0xF1, 0xBD, 0xF5, 0x60,
- 0x2F, 0x07, 0x98, 0x57, 0x4E, 0x31, 0x6F, 0x42, 0x84, 0xCE,
- 0x71, 0x72, 0x74, 0x20, 0xDF, 0x38, 0x39, 0xFB, 0xD3, 0xEE,
- 0xAD, 0xFB, 0xB6, 0x2B, 0x60, 0x61, 0x85, 0xF1, 0x2A, 0x59,
- 0x00, 0xA5, 0xCA, 0xC8, 0xE3, 0x3F, 0x96, 0xE9, 0xB1, 0xCC,
- 0xBD, 0xB1, 0x20, 0xAC, 0xF1, 0xBD, 0xF5, 0x60, 0x2F, 0x07,
- 0x98, 0x57, 0x4E, 0x31, 0x6F, 0x42, 0x84, 0xCE, 0x71, 0x72,
- 0x74, 0x20, 0xDF, 0x38, 0x39, 0xFB, 0xD3, 0xEE, 0xAD, 0xFB,
- 0xB6, 0x2B, 0x60, 0x61, 0x85, 0xF1, 0x2A, 0x59, 0x00, 0xA5,
- 0xCA, 0xC8, 0xE3, 0x3F, 0x96, 0xE9
+ 0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x0C, 0x04, 0x81, 0x93, 0x04,
+ 0x81, 0x90, 0x59, 0xC1, 0x44, 0x8A, 0x5F, 0xF3, 0xF1, 0xB3,
+ 0xB8, 0xFF, 0x98, 0x7F, 0x86, 0x4A, 0x4C, 0x19, 0xFC, 0x51,
+ 0xB8, 0x12, 0x87, 0x9C, 0x52, 0xD6, 0x7F, 0xD6, 0xB0, 0xA9,
+ 0xF7, 0xED, 0x44, 0x26, 0xAF, 0xC2, 0xCE, 0x47, 0xD9, 0xE3,
+ 0x95, 0x1A, 0xE6, 0x11, 0xC1, 0x37, 0x67, 0xA5, 0x89, 0xDD,
+ 0x37, 0x6A, 0xE9, 0xC3, 0x8C, 0x9B, 0x3E, 0xBA, 0xB1, 0x76,
+ 0x4A, 0x5A, 0xEE, 0xCD, 0x96, 0x66, 0xF2, 0x53, 0xDA, 0x8C,
+ 0x89, 0x69, 0xBF, 0xBF, 0xF9, 0xA5, 0xBC, 0x7D, 0x80, 0xA8,
+ 0x97, 0x63, 0x90, 0x55, 0x58, 0x6C, 0x0A, 0x52, 0x61, 0x0B,
+ 0xF3, 0xBC, 0xE1, 0x1F, 0xB4, 0xA6, 0x5F, 0x9F, 0x37, 0x6A,
+ 0xE9, 0xC3, 0x8C, 0x9B, 0x3E, 0xBA, 0xB1, 0x76, 0x4A, 0x5A,
+ 0xEE, 0xCD, 0x96, 0x66, 0xF2, 0x53, 0xDA, 0x8C, 0x89, 0x69,
+ 0xBF, 0xBF, 0xF9, 0xA5, 0xBC, 0x7D, 0x80, 0xA8, 0x97, 0x63,
+ 0x90, 0x55, 0x58, 0x6C, 0x0A, 0x52, 0x61, 0x0B, 0xF3, 0xBC,
+ 0xE1, 0x1F, 0xB4, 0xA6, 0x5F, 0x9F
};
static const int sizeof_bench_sphincs_small_level3_key = sizeof(bench_sphincs_small_level3_key);
@@ -5874,27 +5975,27 @@ static const int sizeof_bench_sphincs_small_level3_key = sizeof(bench_sphincs_sm
static const unsigned char bench_sphincs_small_level5_key[] =
{
0x30, 0x81, 0xD3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
- 0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x07, 0x04, 0x81, 0xC3, 0x04,
- 0x81, 0xC0, 0x5E, 0xEA, 0x46, 0x6D, 0xE5, 0xA1, 0x70, 0x07,
- 0xF0, 0x5C, 0x59, 0xD5, 0xD7, 0x37, 0x06, 0xC7, 0xD6, 0x1C,
- 0xEA, 0x06, 0x15, 0x6E, 0xB3, 0x07, 0x71, 0x34, 0xE8, 0xD4,
- 0x13, 0x65, 0x58, 0xAE, 0xAC, 0xE9, 0x32, 0x26, 0x76, 0xCD,
- 0x2C, 0x3D, 0x11, 0xF7, 0xAB, 0x8A, 0x84, 0x4F, 0x56, 0x6F,
- 0x2F, 0x63, 0x82, 0x1A, 0x37, 0xAA, 0xAA, 0x49, 0x50, 0xC8,
- 0xA5, 0x92, 0x6E, 0x3F, 0xD6, 0x67, 0xEA, 0x5C, 0x18, 0x8A,
- 0x99, 0xD2, 0xB6, 0xE3, 0xD7, 0x68, 0x9E, 0x65, 0x21, 0xDD,
- 0xE3, 0x44, 0x8B, 0x32, 0x30, 0x31, 0xA8, 0xF2, 0xBB, 0xED,
- 0xC0, 0x3E, 0x1A, 0x7B, 0x36, 0xD8, 0xAD, 0x2A, 0xA4, 0x81,
- 0xAC, 0xD3, 0x08, 0xAC, 0x54, 0x2A, 0xAC, 0xAA, 0x1B, 0x64,
- 0x58, 0x7B, 0x94, 0xE0, 0x16, 0x36, 0xC9, 0x92, 0x09, 0x6A,
- 0x8C, 0x4D, 0xE3, 0xAB, 0x0F, 0x1C, 0xE8, 0x77, 0x1F, 0xE5,
- 0xEA, 0x5C, 0x18, 0x8A, 0x99, 0xD2, 0xB6, 0xE3, 0xD7, 0x68,
- 0x9E, 0x65, 0x21, 0xDD, 0xE3, 0x44, 0x8B, 0x32, 0x30, 0x31,
- 0xA8, 0xF2, 0xBB, 0xED, 0xC0, 0x3E, 0x1A, 0x7B, 0x36, 0xD8,
- 0xAD, 0x2A, 0xA4, 0x81, 0xAC, 0xD3, 0x08, 0xAC, 0x54, 0x2A,
- 0xAC, 0xAA, 0x1B, 0x64, 0x58, 0x7B, 0x94, 0xE0, 0x16, 0x36,
- 0xC9, 0x92, 0x09, 0x6A, 0x8C, 0x4D, 0xE3, 0xAB, 0x0F, 0x1C,
- 0xE8, 0x77, 0x1F, 0xE5
+ 0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x0C, 0x04, 0x81, 0xC3, 0x04,
+ 0x81, 0xC0, 0x53, 0xE5, 0x25, 0x41, 0x1C, 0xCB, 0x8F, 0xAF,
+ 0x83, 0xBE, 0x64, 0x43, 0x70, 0x4E, 0x1D, 0x86, 0xF8, 0xFA,
+ 0xEA, 0x65, 0x9B, 0x45, 0xBC, 0xF1, 0x79, 0x57, 0x87, 0x51,
+ 0x2F, 0x6D, 0x50, 0xB8, 0x0D, 0x9A, 0x9F, 0x8C, 0xE8, 0x9B,
+ 0xE8, 0xFA, 0x1E, 0xF0, 0xA1, 0x98, 0xCA, 0x8B, 0x34, 0xD4,
+ 0x71, 0x53, 0xF0, 0xA7, 0x1D, 0xD6, 0x0D, 0xDF, 0x63, 0x61,
+ 0xA7, 0x12, 0x80, 0x64, 0xF7, 0x73, 0x14, 0x03, 0xD4, 0x54,
+ 0x01, 0x9D, 0x9D, 0x5D, 0x42, 0xC1, 0x2B, 0x91, 0xC3, 0xA2,
+ 0xD3, 0x12, 0x67, 0x35, 0x3B, 0xD7, 0x67, 0x31, 0xD5, 0xDC,
+ 0xDF, 0x4C, 0x4C, 0xAA, 0x45, 0xA8, 0x5D, 0x1E, 0xFB, 0x9E,
+ 0x34, 0x5D, 0x4B, 0x83, 0x77, 0xBF, 0x52, 0x8A, 0xDB, 0x67,
+ 0x7A, 0x52, 0xA4, 0x02, 0x29, 0xEB, 0x34, 0x9A, 0x4E, 0x86,
+ 0x25, 0x66, 0xFF, 0xA0, 0x79, 0x47, 0xBE, 0x94, 0xC2, 0x69,
+ 0x14, 0x03, 0xD4, 0x54, 0x01, 0x9D, 0x9D, 0x5D, 0x42, 0xC1,
+ 0x2B, 0x91, 0xC3, 0xA2, 0xD3, 0x12, 0x67, 0x35, 0x3B, 0xD7,
+ 0x67, 0x31, 0xD5, 0xDC, 0xDF, 0x4C, 0x4C, 0xAA, 0x45, 0xA8,
+ 0x5D, 0x1E, 0xFB, 0x9E, 0x34, 0x5D, 0x4B, 0x83, 0x77, 0xBF,
+ 0x52, 0x8A, 0xDB, 0x67, 0x7A, 0x52, 0xA4, 0x02, 0x29, 0xEB,
+ 0x34, 0x9A, 0x4E, 0x86, 0x25, 0x66, 0xFF, 0xA0, 0x79, 0x47,
+ 0xBE, 0x94, 0xC2, 0x69
};
static const int sizeof_bench_sphincs_small_level5_key = sizeof(bench_sphincs_small_level5_key);
@@ -5940,10 +6041,10 @@ static const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256);
/* ./certs/client-ecc-cert.der, ECC */
static const unsigned char cliecc_cert_der_256[] =
{
- 0x30, 0x82, 0x03, 0x5E, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x59, 0xE6, 0x5A, 0x21, 0xE0,
- 0xC4, 0x3F, 0x67, 0x06, 0x9B, 0x21, 0x43, 0x3E, 0x76, 0xCA,
- 0xF0, 0x3F, 0x68, 0x5B, 0x53, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+ 0x30, 0x82, 0x03, 0x5D, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x37, 0x67, 0x2A, 0x05, 0x24,
+ 0xB5, 0x2B, 0xB6, 0xAE, 0x40, 0x6B, 0xE1, 0x75, 0xE0, 0x97,
+ 0xCC, 0x1D, 0x12, 0x8B, 0x2A, 0x30, 0x0A, 0x06, 0x08, 0x2A,
0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D,
0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55,
@@ -5959,10 +6060,10 @@ static const unsigned char cliecc_cert_der_256[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06,
0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C,
@@ -6008,9 +6109,9 @@ static const unsigned char cliecc_cert_der_256[] =
0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
- 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x59, 0xE6, 0x5A, 0x21, 0xE0,
- 0xC4, 0x3F, 0x67, 0x06, 0x9B, 0x21, 0x43, 0x3E, 0x76, 0xCA,
- 0xF0, 0x3F, 0x68, 0x5B, 0x53, 0x30, 0x0C, 0x06, 0x03, 0x55,
+ 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x37, 0x67, 0x2A, 0x05, 0x24,
+ 0xB5, 0x2B, 0xB6, 0xAE, 0x40, 0x6B, 0xE1, 0x75, 0xE0, 0x97,
+ 0xCC, 0x1D, 0x12, 0x8B, 0x2A, 0x30, 0x0C, 0x06, 0x03, 0x55,
0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30,
0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13,
0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E,
@@ -6019,14 +6120,14 @@ static const unsigned char cliecc_cert_der_256[] =
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04,
- 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x70,
- 0xF8, 0x0E, 0x6E, 0x91, 0xC9, 0x09, 0x77, 0x25, 0x8C, 0xBA,
- 0x99, 0x6D, 0x54, 0x2D, 0xA8, 0x52, 0x87, 0x17, 0x51, 0x24,
- 0x8B, 0x13, 0x92, 0x89, 0x7D, 0xC9, 0xBA, 0xB4, 0x43, 0x2E,
- 0x48, 0x02, 0x21, 0x00, 0xAB, 0x41, 0x13, 0x3A, 0xD5, 0xEB,
- 0x68, 0x66, 0x36, 0x56, 0x7C, 0x75, 0x5D, 0x37, 0xE3, 0xF6,
- 0x27, 0x7F, 0x54, 0xD5, 0x42, 0x80, 0x29, 0xDB, 0xE5, 0x9B,
- 0x16, 0x8A, 0xD3, 0xC2, 0xAD, 0xD6
+ 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x7A,
+ 0x6D, 0xC5, 0xBD, 0x6F, 0x9D, 0x54, 0x4F, 0xC5, 0x4C, 0xD0,
+ 0x12, 0x8C, 0x31, 0x3B, 0xB6, 0x17, 0x80, 0x9E, 0xC7, 0x34,
+ 0xF8, 0xC5, 0xDA, 0xFB, 0x61, 0x23, 0x35, 0xE6, 0x93, 0x35,
+ 0xB4, 0x02, 0x20, 0x1B, 0x6A, 0x86, 0xC4, 0x11, 0xBE, 0x7C,
+ 0x15, 0xA7, 0x5E, 0xAB, 0x85, 0xEE, 0xB7, 0x8C, 0x20, 0xDC,
+ 0xEB, 0x17, 0xA3, 0xF2, 0x66, 0x63, 0xAA, 0x6B, 0x67, 0xE0,
+ 0x62, 0x1F, 0x17, 0x3E, 0xAC
};
static const int sizeof_cliecc_cert_der_256 = sizeof(cliecc_cert_der_256);
@@ -6065,13 +6166,32 @@ static const unsigned char ecc_key_pub_der_256[] =
};
static const int sizeof_ecc_key_pub_der_256 = sizeof(ecc_key_pub_der_256);
+/* ./certs/statickeys/ecc-secp256r1.der, ECC */
+static const unsigned char ecc_secp_r1_statickey_der_256[] =
+{
+ 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xD3, 0x6B, 0xC6,
+ 0x68, 0x76, 0xDE, 0xD8, 0x97, 0x95, 0xF6, 0xD9, 0x8E, 0x2F,
+ 0x41, 0x73, 0x53, 0xF8, 0x03, 0x57, 0xED, 0x90, 0x80, 0x19,
+ 0xEB, 0xAA, 0x4A, 0x91, 0x8A, 0x8F, 0x31, 0x63, 0x45, 0xA0,
+ 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x07, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x58, 0xA0, 0x80,
+ 0x7C, 0x51, 0xEC, 0xDD, 0x41, 0x5F, 0x93, 0xA8, 0x7A, 0x60,
+ 0x47, 0x47, 0xE9, 0xCF, 0x5A, 0x40, 0xE4, 0xDD, 0x37, 0xEC,
+ 0xCA, 0xA7, 0x10, 0x1C, 0x43, 0xDA, 0xE8, 0x73, 0x8C, 0x28,
+ 0xF5, 0xC9, 0xEC, 0x1A, 0x33, 0x0B, 0x26, 0x2E, 0x97, 0x80,
+ 0x2E, 0xE0, 0xB8, 0x01, 0x91, 0x16, 0xB4, 0xCC, 0x02, 0x18,
+ 0xB5, 0x1D, 0xCC, 0xBA, 0x3C, 0xED, 0x04, 0xC9, 0xA8, 0x92,
+ 0x37
+};
+static const int sizeof_ecc_secp_r1_statickey_der_256 = sizeof(ecc_secp_r1_statickey_der_256);
+
/* ./certs/server-ecc-comp.der, ECC */
static const unsigned char serv_ecc_comp_der_256[] =
{
0x30, 0x82, 0x03, 0x77, 0x30, 0x82, 0x03, 0x1D, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x04, 0xD0, 0xEE, 0xF8, 0x6F,
- 0x67, 0x42, 0xA9, 0x6F, 0x3F, 0xD2, 0x7D, 0x6E, 0x7B, 0xCE,
- 0x29, 0xCE, 0x14, 0xD2, 0x1B, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x21, 0xD7, 0x53, 0x80, 0x24,
+ 0x5C, 0xEB, 0xBF, 0xC0, 0xA4, 0x40, 0xF4, 0x42, 0x19, 0x3B,
+ 0x83, 0xFD, 0x58, 0xC5, 0xA6, 0x30, 0x0A, 0x06, 0x08, 0x2A,
0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0,
0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
@@ -6089,10 +6209,10 @@ static const unsigned char serv_ecc_comp_der_256[] =
0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
- 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32,
- 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x34,
- 0x39, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06,
+ 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31, 0x33,
+ 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D, 0x32,
+ 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39, 0x32,
+ 0x38, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@@ -6139,8 +6259,8 @@ static const unsigned char serv_ecc_comp_der_256[] =
0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
- 0x04, 0xD0, 0xEE, 0xF8, 0x6F, 0x67, 0x42, 0xA9, 0x6F, 0x3F,
- 0xD2, 0x7D, 0x6E, 0x7B, 0xCE, 0x29, 0xCE, 0x14, 0xD2, 0x1B,
+ 0x21, 0xD7, 0x53, 0x80, 0x24, 0x5C, 0xEB, 0xBF, 0xC0, 0xA4,
+ 0x40, 0xF4, 0x42, 0x19, 0x3B, 0x83, 0xFD, 0x58, 0xC5, 0xA6,
0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -6150,14 +6270,14 @@ static const unsigned char serv_ecc_comp_der_256[] =
0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A,
0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00,
- 0x30, 0x45, 0x02, 0x21, 0x00, 0x8D, 0x97, 0x8F, 0xD4, 0x70,
- 0xBF, 0x10, 0x7A, 0x3F, 0xF4, 0x35, 0xBB, 0x8E, 0x6D, 0x39,
- 0x5B, 0xA1, 0x02, 0xEE, 0x32, 0xDA, 0x02, 0x91, 0x57, 0x02,
- 0x0B, 0x43, 0x08, 0x3E, 0x61, 0xDA, 0xF1, 0x02, 0x20, 0x73,
- 0x55, 0x17, 0x84, 0x06, 0x34, 0x0E, 0x9B, 0xCD, 0x55, 0xC4,
- 0x6D, 0x3B, 0x26, 0xA3, 0xED, 0x3A, 0x8B, 0xBA, 0x22, 0xE3,
- 0xDC, 0x35, 0xFB, 0x8C, 0x0F, 0xB7, 0xBA, 0x6C, 0x63, 0x9D,
- 0xE1
+ 0x30, 0x45, 0x02, 0x20, 0x57, 0x1A, 0x59, 0xBC, 0xC9, 0x45,
+ 0x0A, 0x46, 0xE6, 0x16, 0xDA, 0x17, 0xCE, 0xC3, 0x0A, 0x57,
+ 0x57, 0xF2, 0x3D, 0x15, 0xCD, 0xCA, 0x1B, 0xA7, 0xA8, 0x39,
+ 0x2E, 0x9D, 0x09, 0xF3, 0x3E, 0xA0, 0x02, 0x21, 0x00, 0xDE,
+ 0xA3, 0x3A, 0x4D, 0x88, 0x38, 0x2B, 0x3A, 0x84, 0xDE, 0x2F,
+ 0x0A, 0x81, 0x14, 0x57, 0x7F, 0x7F, 0x2E, 0xD6, 0xA5, 0x4D,
+ 0x61, 0x10, 0x69, 0xB9, 0xA2, 0xC6, 0x51, 0xCD, 0x80, 0x4A,
+ 0x63
};
static const int sizeof_serv_ecc_comp_der_256 = sizeof(serv_ecc_comp_der_256);
@@ -6182,10 +6302,10 @@ static const unsigned char serv_ecc_rsa_der_256[] =
0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
- 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32,
- 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17,
- 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31,
- 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30,
+ 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32,
+ 0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17,
+ 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31,
+ 0x39, 0x32, 0x38, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
@@ -6233,9 +6353,9 @@ static const unsigned char serv_ecc_rsa_der_256[] =
0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
- 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2C,
- 0x80, 0xCE, 0xDB, 0x47, 0x9D, 0x07, 0x66, 0x92, 0x3D, 0x68,
- 0xD7, 0xCA, 0xAC, 0x90, 0x4F, 0xCA, 0x69, 0x41, 0x4B, 0x30,
+ 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x33,
+ 0x44, 0x1A, 0xA8, 0x6C, 0x01, 0xEC, 0xF6, 0x60, 0xF2, 0x70,
+ 0x51, 0x0A, 0x4C, 0xD1, 0x14, 0xFA, 0xBC, 0xE9, 0x44, 0x30,
0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03,
0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11,
0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D,
@@ -6245,32 +6365,32 @@ static const unsigned char serv_ecc_rsa_der_256[] =
0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
- 0x82, 0x01, 0x01, 0x00, 0x44, 0xDA, 0x4D, 0xA2, 0xD3, 0x96,
- 0x51, 0x31, 0x35, 0x74, 0x21, 0xD5, 0x27, 0x0D, 0xAB, 0x72,
- 0xEB, 0xD8, 0x24, 0x11, 0x3C, 0x52, 0x07, 0x01, 0x51, 0xE8,
- 0x26, 0x11, 0x39, 0xDA, 0xAC, 0x57, 0xCA, 0xE3, 0x8D, 0x8C,
- 0x91, 0x16, 0x28, 0xE3, 0x7B, 0xFE, 0x58, 0x76, 0x0A, 0x3E,
- 0x9D, 0xAC, 0xF3, 0xCE, 0x9F, 0x5A, 0xFF, 0x07, 0xC9, 0xA1,
- 0x27, 0x9A, 0x9A, 0x5C, 0xDB, 0x82, 0xBA, 0x0E, 0xD0, 0x80,
- 0xBC, 0xCF, 0xB1, 0x34, 0x6A, 0x26, 0xAF, 0x15, 0x7A, 0x21,
- 0xF6, 0xA9, 0x48, 0x3C, 0xC6, 0x02, 0xD0, 0x4E, 0x32, 0xAC,
- 0x75, 0x17, 0x60, 0x19, 0x45, 0x12, 0x37, 0x5D, 0x75, 0x65,
- 0x84, 0xCA, 0xE8, 0x40, 0x73, 0xF5, 0x1C, 0x71, 0x82, 0xAE,
- 0xE2, 0x3A, 0x1C, 0xD7, 0x4C, 0x59, 0xF2, 0x83, 0x16, 0x1F,
- 0x77, 0x02, 0x91, 0xCC, 0x9C, 0xAA, 0xC9, 0xE7, 0x72, 0x6B,
- 0xFF, 0x40, 0x7E, 0xDA, 0x35, 0x65, 0x47, 0xBD, 0x55, 0x90,
- 0xC8, 0xC8, 0x21, 0xB2, 0xFB, 0x89, 0xD4, 0xD4, 0xCC, 0x39,
- 0x02, 0x54, 0x20, 0x83, 0x17, 0x46, 0xEB, 0x5F, 0x60, 0x58,
- 0x35, 0x4E, 0xCA, 0x24, 0x8D, 0x0B, 0x77, 0x10, 0xB0, 0x4A,
- 0x2A, 0x51, 0xA9, 0xD0, 0x74, 0x27, 0x35, 0x61, 0x76, 0x0F,
- 0x94, 0x2C, 0x0B, 0x10, 0x1D, 0xB8, 0x4A, 0x3E, 0x38, 0x95,
- 0x17, 0x0A, 0x0A, 0x7E, 0xC6, 0x35, 0xC3, 0x68, 0x89, 0xC0,
- 0x82, 0x8B, 0x61, 0xB8, 0xE6, 0x2F, 0xF9, 0xC8, 0x58, 0x96,
- 0xC7, 0x1F, 0xEB, 0x1D, 0x2F, 0x09, 0x34, 0x5F, 0xBF, 0x76,
- 0xAF, 0x00, 0x6C, 0x33, 0x80, 0x10, 0x5B, 0xA0, 0xD2, 0x76,
- 0x6F, 0xE2, 0x4C, 0x96, 0xB6, 0x2D, 0xDC, 0xC0, 0x21, 0x43,
- 0x6E, 0xF3, 0x58, 0x2A, 0x4B, 0xA6, 0xEF, 0x15, 0xB5, 0xCA,
- 0x00, 0x28, 0x1A, 0xC6, 0xE0, 0x31, 0xF0, 0x5D, 0x99, 0x70
+ 0x82, 0x01, 0x01, 0x00, 0x16, 0xB7, 0xD3, 0x9C, 0x7C, 0x6E,
+ 0xD2, 0xB7, 0x79, 0xAA, 0x5A, 0x16, 0x0B, 0x1E, 0xDA, 0xD0,
+ 0xF7, 0xDF, 0x64, 0xC9, 0x3C, 0xB8, 0x41, 0x24, 0x4B, 0x1B,
+ 0xC2, 0x83, 0x5E, 0xDF, 0xDE, 0xA8, 0x8A, 0x7C, 0xEB, 0x07,
+ 0x75, 0x20, 0xF6, 0xF3, 0x4C, 0xBD, 0x3F, 0x2E, 0xF0, 0xF0,
+ 0xDA, 0x4B, 0xC5, 0xD2, 0xC4, 0xF8, 0xDB, 0x34, 0x75, 0xE2,
+ 0x32, 0xB4, 0x34, 0x92, 0x8A, 0x7F, 0xD7, 0x84, 0xEA, 0xDF,
+ 0x99, 0xCA, 0x64, 0xE6, 0x7C, 0x68, 0x05, 0x1C, 0x75, 0xDE,
+ 0x3F, 0x06, 0x65, 0x5D, 0xFC, 0x29, 0xC9, 0x73, 0x0F, 0x4A,
+ 0xAD, 0xFD, 0xBC, 0x0D, 0x91, 0x37, 0x67, 0x63, 0x55, 0x65,
+ 0x93, 0x99, 0x56, 0x84, 0x25, 0x1B, 0xF1, 0x50, 0x03, 0x31,
+ 0x2D, 0x48, 0xAD, 0xA3, 0x38, 0x91, 0x29, 0x88, 0xB8, 0x72,
+ 0x08, 0x4C, 0x11, 0x36, 0x35, 0x20, 0x13, 0x78, 0x98, 0xD8,
+ 0x84, 0x30, 0xC5, 0x7B, 0x70, 0x24, 0x45, 0x8C, 0xE1, 0x55,
+ 0x80, 0x06, 0x5F, 0x19, 0x57, 0x89, 0x58, 0x1C, 0x2A, 0x40,
+ 0xFB, 0xF3, 0xA6, 0xBF, 0xEA, 0x41, 0x7A, 0x79, 0x2C, 0xAB,
+ 0xFE, 0xB6, 0x16, 0x5D, 0xD5, 0xFA, 0x32, 0x50, 0x9D, 0x89,
+ 0xF2, 0xCC, 0x87, 0x7A, 0x57, 0xCF, 0x4D, 0x38, 0xC4, 0xD5,
+ 0x33, 0x9A, 0x4D, 0x83, 0xC9, 0x00, 0xB8, 0x36, 0x66, 0x14,
+ 0x76, 0x20, 0xC1, 0x7A, 0xC7, 0xF7, 0x0A, 0x94, 0x69, 0xCE,
+ 0x0A, 0x0F, 0x81, 0x04, 0x12, 0x5F, 0x71, 0xD0, 0xD1, 0xFF,
+ 0x08, 0xD0, 0x89, 0x6F, 0xAC, 0x45, 0xD3, 0x06, 0x23, 0xA0,
+ 0x76, 0x88, 0xAD, 0x5D, 0x9A, 0x7A, 0x8C, 0x1F, 0x61, 0xD4,
+ 0xD8, 0x21, 0x1D, 0x8E, 0x05, 0x89, 0xD1, 0xD4, 0xD6, 0x86,
+ 0x5B, 0x4B, 0x43, 0xE6, 0x03, 0x4A, 0x10, 0x48, 0xF4, 0x1B,
+ 0x9D, 0x3B, 0x76, 0xD8, 0x2C, 0xAD, 0xFA, 0x33, 0xA5, 0x70
};
static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256);
@@ -6278,7 +6398,7 @@ static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256);
/* ./certs/server-ecc.der, ECC */
static const unsigned char serv_ecc_der_256[] =
{
- 0x30, 0x82, 0x02, 0xA1, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03,
+ 0x30, 0x82, 0x02, 0xA2, 0x30, 0x82, 0x02, 0x48, 0xA0, 0x03,
0x02, 0x01, 0x02, 0x02, 0x01, 0x03, 0x30, 0x0A, 0x06, 0x08,
0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81,
0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
@@ -6296,56 +6416,56 @@ static const unsigned char serv_ecc_der_256[] =
0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
- 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32,
- 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17,
- 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31,
- 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+ 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32,
+ 0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17,
+ 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31,
+ 0x39, 0x32, 0x38, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F,
0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07,
0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31,
- 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
- 0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
- 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
- 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
- 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66,
- 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30,
- 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
- 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
- 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
- 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
- 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
- 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC,
- 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
- 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B,
- 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02,
- 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97,
- 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02,
- 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89,
- 0xD8, 0xA3, 0x81, 0x89, 0x30, 0x81, 0x86, 0x30, 0x1D, 0x06,
- 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D,
- 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B,
- 0x4A, 0x25, 0x02, 0x23, 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x1F,
- 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
- 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18, 0xB9,
- 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3, 0xA5,
- 0x21, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01,
- 0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03, 0x55,
- 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03,
- 0xA8, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C,
- 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
- 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
- 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06,
- 0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
- 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21,
- 0x00, 0xCF, 0x3A, 0x17, 0x97, 0xD4, 0xBE, 0x7C, 0x50, 0xE1,
- 0xBE, 0x1B, 0x53, 0x95, 0x7B, 0xA3, 0xB8, 0xC6, 0x73, 0xC4,
- 0x34, 0xE0, 0x73, 0x5A, 0xDB, 0x3E, 0xCB, 0x3A, 0xB6, 0xA8,
- 0xF1, 0xCD, 0xBF, 0x02, 0x20, 0x2B, 0xE6, 0xF9, 0x65, 0xB2,
- 0xAB, 0x0F, 0xBB, 0x2B, 0x36, 0x5C, 0xCC, 0x2E, 0x19, 0xA9,
- 0x59, 0x1C, 0x6F, 0x6F, 0xCE, 0x9B, 0x7A, 0xE6, 0x5B, 0x65,
- 0x31, 0x33, 0x80, 0x05, 0xCB, 0x7C, 0x96
+ 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08,
+ 0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C,
+ 0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45,
+ 0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
+ 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C,
+ 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F,
+ 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
+ 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+ 0x6D, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
+ 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE,
+ 0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33,
+ 0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3,
+ 0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA,
+ 0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+ 0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B,
+ 0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11,
+ 0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34,
+ 0x89, 0xD8, 0xA3, 0x81, 0x89, 0x30, 0x81, 0x86, 0x30, 0x1D,
+ 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D,
+ 0x5D, 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15,
+ 0x2B, 0x4A, 0x25, 0x02, 0x23, 0xEF, 0xB2, 0x89, 0x30, 0x30,
+ 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16,
+ 0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18,
+ 0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3,
+ 0xA5, 0x21, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01,
+ 0x01, 0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03,
+ 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02,
+ 0x03, 0xA8, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04,
+ 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+ 0x07, 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48,
+ 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02,
+ 0x06, 0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE,
+ 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02,
+ 0x21, 0x00, 0x86, 0xBD, 0x87, 0x16, 0xD2, 0x9C, 0x66, 0xE7,
+ 0x5E, 0x5C, 0x28, 0x0E, 0x5F, 0xEF, 0x94, 0x61, 0x2F, 0xD4,
+ 0x21, 0x6D, 0x8E, 0xC3, 0x94, 0x0A, 0x1E, 0xB5, 0x6A, 0x1D,
+ 0xC6, 0x04, 0x87, 0xC6, 0x02, 0x20, 0x66, 0x46, 0xC4, 0x29,
+ 0xD9, 0x8E, 0xEB, 0x0B, 0xF7, 0x5B, 0x32, 0x13, 0xEB, 0x0A,
+ 0xEA, 0x47, 0x99, 0x4B, 0x74, 0x56, 0xBA, 0x21, 0x97, 0xB1,
+ 0x67, 0x75, 0x5C, 0xF3, 0xF3, 0xC0, 0x88, 0xAA
};
static const int sizeof_serv_ecc_der_256 = sizeof(serv_ecc_der_256);
@@ -6371,10 +6491,10 @@ static const int sizeof_ca_ecc_key_der_256 = sizeof(ca_ecc_key_der_256);
/* ./certs/ca-ecc-cert.der, ECC */
static const unsigned char ca_ecc_cert_der_256[] =
{
- 0x30, 0x82, 0x02, 0x96, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x65, 0x67, 0x42, 0x4C, 0x06,
- 0xE7, 0xE4, 0xC3, 0x68, 0x01, 0xA9, 0x94, 0xA9, 0x07, 0xE6,
- 0xFE, 0xBD, 0x2C, 0xD6, 0x3D, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+ 0x30, 0x82, 0x02, 0x95, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x0F, 0x17, 0x46, 0x70, 0xFD,
+ 0xC2, 0x70, 0xD1, 0xF9, 0x42, 0x49, 0x9C, 0x1A, 0xC3, 0x5D,
+ 0xDD, 0x30, 0xC8, 0x5F, 0x85, 0x30, 0x0A, 0x06, 0x08, 0x2A,
0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97,
0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
@@ -6391,10 +6511,10 @@ static const unsigned char ca_ecc_cert_der_256[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A,
0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E,
@@ -6430,14 +6550,14 @@ static const unsigned char ca_ecc_cert_der_256[] =
0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F,
0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30,
0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
- 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xB0,
- 0x12, 0x16, 0x03, 0x26, 0x79, 0xD4, 0x6B, 0x94, 0xD9, 0x7E,
- 0xCA, 0xE1, 0x2D, 0x24, 0x64, 0xEF, 0x11, 0x6E, 0xF2, 0x12,
- 0x81, 0xE4, 0xCE, 0x1D, 0x77, 0x7D, 0xCA, 0x5C, 0x47, 0x50,
- 0x62, 0x02, 0x21, 0x00, 0x80, 0xBF, 0x46, 0x3C, 0x5D, 0xD8,
- 0xE5, 0xAB, 0x47, 0xCE, 0xA2, 0x19, 0xBD, 0x21, 0xDE, 0x85,
- 0x6F, 0xAB, 0xC9, 0x8F, 0x01, 0xF3, 0xAB, 0x1B, 0xB9, 0xE1,
- 0x53, 0xD6, 0x24, 0x77, 0xA6, 0x4D
+ 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xC8,
+ 0x64, 0x7F, 0xEE, 0x4B, 0xBE, 0x83, 0x48, 0x13, 0xEA, 0x92,
+ 0xF8, 0x1A, 0x82, 0x1E, 0x85, 0xB1, 0x5A, 0xA4, 0x1C, 0xE3,
+ 0xE8, 0xEA, 0x25, 0x44, 0x6F, 0xE7, 0x70, 0xFD, 0xEB, 0xF3,
+ 0x76, 0x02, 0x20, 0x44, 0x02, 0xA2, 0xEC, 0xC5, 0xA1, 0xAE,
+ 0xE2, 0xA4, 0x8A, 0xD9, 0x13, 0x95, 0x2B, 0xA6, 0x5B, 0x09,
+ 0x57, 0x86, 0x61, 0x42, 0x96, 0x97, 0xF0, 0x95, 0x62, 0x0C,
+ 0x03, 0xE6, 0x53, 0x04, 0x25
};
static const int sizeof_ca_ecc_cert_der_256 = sizeof(ca_ecc_cert_der_256);
@@ -6467,10 +6587,10 @@ static const int sizeof_ca_ecc_key_der_384 = sizeof(ca_ecc_key_der_384);
/* ./certs/ca-ecc384-cert.der, ECC */
static const unsigned char ca_ecc_cert_der_384[] =
{
- 0x30, 0x82, 0x02, 0xD1, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x0A, 0xF8, 0xC7, 0xEE, 0x86,
- 0x55, 0x2F, 0x18, 0x21, 0xBF, 0x88, 0x49, 0x50, 0x03, 0x5A,
- 0xFC, 0x2D, 0x93, 0x31, 0x0A, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+ 0x30, 0x82, 0x02, 0xD2, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x2E, 0xEA, 0xF0, 0x11, 0x40,
+ 0x1E, 0xAD, 0xFA, 0xA7, 0x85, 0x68, 0x65, 0x7A, 0x25, 0x2B,
+ 0x13, 0xB7, 0x61, 0xD7, 0x80, 0x30, 0x0A, 0x06, 0x08, 0x2A,
0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97,
0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
@@ -6487,10 +6607,10 @@ static const unsigned char ca_ecc_cert_der_384[] =
0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
- 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
- 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
- 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
+ 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+ 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+ 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x38, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A,
0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E,
@@ -6529,17 +6649,17 @@ static const unsigned char ca_ecc_cert_der_384[] =
0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01,
0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A,
0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03,
- 0x03, 0x67, 0x00, 0x30, 0x64, 0x02, 0x30, 0x03, 0x31, 0x8C,
- 0xD3, 0x04, 0xF5, 0xB2, 0xBF, 0xBD, 0xA2, 0x27, 0x6A, 0xFF,
- 0xDD, 0x7F, 0xBD, 0x88, 0xD5, 0x3E, 0x09, 0x9A, 0xCF, 0xDA,
- 0x79, 0x95, 0x6B, 0x32, 0x6F, 0xFA, 0x98, 0xD8, 0x48, 0x8B,
- 0x99, 0x91, 0xFE, 0x39, 0x9E, 0x7B, 0x35, 0x2C, 0x78, 0x32,
- 0xBA, 0xA3, 0x0B, 0x65, 0x1C, 0x02, 0x30, 0x3E, 0x6A, 0x10,
- 0x8C, 0x57, 0x47, 0x85, 0x73, 0x3C, 0xEB, 0x2A, 0x02, 0xB2,
- 0x27, 0x62, 0x1F, 0x44, 0x52, 0x2B, 0xB1, 0x34, 0x3F, 0x9C,
- 0x78, 0x70, 0x0A, 0x59, 0x01, 0x3E, 0xAD, 0xC0, 0x08, 0xBC,
- 0xD5, 0xD1, 0xA6, 0xC0, 0xDD, 0x2C, 0x8B, 0x2A, 0x8B, 0xF4,
- 0x04, 0xAD, 0xD3, 0x01, 0xE6
+ 0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, 0x00, 0xBD, 0x2E,
+ 0x67, 0x71, 0x54, 0xBE, 0xB8, 0x5E, 0x29, 0x19, 0xD3, 0x18,
+ 0xF7, 0xE1, 0xAE, 0x79, 0xF0, 0xCC, 0x09, 0xC3, 0x91, 0xC0,
+ 0x81, 0xAB, 0xD7, 0xB7, 0x21, 0xF8, 0x4F, 0xDA, 0xBC, 0xAD,
+ 0x0E, 0xFC, 0x3D, 0x54, 0x32, 0x21, 0x3A, 0x67, 0xC5, 0x26,
+ 0x35, 0xE9, 0x33, 0xB2, 0x58, 0xD2, 0x02, 0x30, 0x64, 0x2F,
+ 0xFB, 0x10, 0xD0, 0x65, 0xB5, 0xAC, 0xBB, 0xB3, 0x41, 0x64,
+ 0x24, 0xEB, 0x0A, 0x6B, 0xAE, 0xA4, 0xED, 0x3E, 0xC8, 0x62,
+ 0x81, 0x45, 0x97, 0x92, 0xAD, 0x61, 0xEB, 0x69, 0x54, 0xCE,
+ 0x42, 0x83, 0xBB, 0x68, 0x23, 0x20, 0xF7, 0xB2, 0x5A, 0x55,
+ 0x0C, 0xD4, 0xE6, 0x13, 0x42, 0x61
};
static const int sizeof_ca_ecc_cert_der_384 = sizeof(ca_ecc_cert_der_384);
@@ -6628,9 +6748,9 @@ static const unsigned char server_ed25519_cert[] =
0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26,
0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77,
0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30, 0x1E, 0x17, 0x0D,
- 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37,
- 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31,
- 0x31, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81,
+ 0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32, 0x32, 0x31, 0x39,
+ 0x32, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30,
+ 0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x39, 0x5A, 0x30, 0x81,
0xB8, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
@@ -6668,14 +6788,14 @@ static const unsigned char server_ed25519_cert[] =
0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8,
0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30,
- 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x36,
- 0x3F, 0x8D, 0x2F, 0x28, 0xBD, 0x51, 0x83, 0xB8, 0xD8, 0x9C,
- 0x09, 0x64, 0xC4, 0x77, 0xFD, 0xCD, 0xC6, 0xC3, 0x86, 0xB0,
- 0x8D, 0x81, 0xE3, 0xE9, 0xCE, 0x7A, 0x2A, 0x32, 0x15, 0xE9,
- 0xF9, 0x6A, 0x75, 0x1A, 0xA0, 0x5E, 0x71, 0x62, 0x72, 0xDE,
- 0x46, 0x11, 0xA8, 0x9D, 0xDB, 0x80, 0x6B, 0x73, 0x38, 0x61,
- 0x0C, 0xF3, 0x24, 0x11, 0x45, 0xC9, 0xA1, 0xD3, 0xD2, 0x3B,
- 0x05, 0xD5, 0x05
+ 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x22,
+ 0xD7, 0x34, 0xAC, 0x33, 0x65, 0x8B, 0x18, 0xA4, 0x34, 0xF9,
+ 0x3A, 0xE6, 0xCE, 0xC1, 0x77, 0xA6, 0x3D, 0x2A, 0x2A, 0xEE,
+ 0x22, 0xAD, 0x6E, 0xFC, 0x36, 0xFC, 0x98, 0x8D, 0x8A, 0xFD,
+ 0x3F, 0xCB, 0xA9, 0x74, 0x01, 0x25, 0x96, 0x05, 0xE1, 0x39,
+ 0x13, 0x8B, 0xD9, 0x05, 0x6D, 0xC9, 0xBA, 0x0E, 0x5D, 0x36,
+ 0xBF, 0x39, 0x03, 0x57, 0x2A, 0x55, 0xFC, 0xE3, 0x53, 0xC3,
+ 0x1B, 0xE1, 0x0B
};
static const int sizeof_server_ed25519_cert = sizeof(server_ed25519_cert);
@@ -6711,10 +6831,10 @@ static const unsigned char ca_ed25519_cert[] =
0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
- 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31,
- 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A,
- 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31,
- 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0xB4, 0x31, 0x0B,
+ 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31,
+ 0x32, 0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x39, 0x5A,
+ 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32,
+ 0x31, 0x39, 0x32, 0x39, 0x5A, 0x30, 0x81, 0xB4, 0x31, 0x0B,
0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08,
0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31,
@@ -6748,13 +6868,13 @@ static const unsigned char ca_ed25519_cert[] =
0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06,
0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
0x02, 0x01, 0x86, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70,
- 0x03, 0x41, 0x00, 0x40, 0x01, 0x0F, 0x0B, 0x8D, 0xD6, 0xAA,
- 0xDC, 0x2C, 0xB3, 0x40, 0x22, 0xE7, 0x78, 0xEF, 0x1C, 0x8B,
- 0x08, 0x27, 0xEE, 0xD9, 0xD7, 0xB6, 0x91, 0xB3, 0x2D, 0x3D,
- 0xAC, 0xB9, 0x50, 0xFB, 0x2F, 0xB5, 0x25, 0x63, 0x5A, 0x1A,
- 0x3D, 0x3E, 0xCD, 0x81, 0xA1, 0xA9, 0xE7, 0xD5, 0xA1, 0x4A,
- 0x19, 0xB8, 0x4C, 0xB0, 0x1D, 0x3C, 0x8A, 0xE3, 0x47, 0xC0,
- 0xF6, 0x41, 0x95, 0xE6, 0x59, 0x23, 0x08
+ 0x03, 0x41, 0x00, 0xE6, 0x71, 0xA0, 0x59, 0x63, 0xB4, 0x31,
+ 0x31, 0x1F, 0x75, 0x06, 0xCE, 0xF1, 0x89, 0xF0, 0xE7, 0xA2,
+ 0xDB, 0xA8, 0xC1, 0xE4, 0xC8, 0x61, 0x38, 0x0C, 0xE6, 0xE9,
+ 0xE7, 0xB9, 0x9F, 0xCE, 0xE2, 0xF5, 0x49, 0xA3, 0xF5, 0x04,
+ 0x1E, 0x85, 0xF7, 0x7D, 0x10, 0xFB, 0x1D, 0xEE, 0xB6, 0xDC,
+ 0x5E, 0x51, 0xF1, 0x82, 0x33, 0xA4, 0xED, 0xE0, 0x0A, 0x65,
+ 0x09, 0x2B, 0x0E, 0x1E, 0xB2, 0xAF, 0x0B
};
static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert);
@@ -6762,9 +6882,9 @@ static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert);
static const unsigned char client_ed25519_cert[] =
{
0x30, 0x82, 0x03, 0x9F, 0x30, 0x82, 0x03, 0x51, 0xA0, 0x03,
- 0x02, 0x01, 0x02, 0x02, 0x14, 0x69, 0xAC, 0xB8, 0xB4, 0xF7,
- 0xE4, 0x11, 0xCB, 0xC5, 0x63, 0xB2, 0xCC, 0x2A, 0xA8, 0xE2,
- 0x0F, 0x55, 0xEE, 0x86, 0x86, 0x30, 0x05, 0x06, 0x03, 0x2B,
+ 0x02, 0x01, 0x02, 0x02, 0x14, 0x31, 0xE6, 0x4A, 0xB1, 0x6B,
+ 0x4E, 0x2E, 0x77, 0x7B, 0xD6, 0xE3, 0x94, 0x8A, 0xCF, 0x02,
+ 0xB7, 0x58, 0x5A, 0xFB, 0xAB, 0x30, 0x05, 0x06, 0x03, 0x2B,
0x65, 0x70, 0x30, 0x81, 0xB8, 0x31, 0x0B, 0x30, 0x09, 0x06,
0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
@@ -6784,9 +6904,9 @@ static const unsigned char client_ed25519_cert[] =
0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A,
0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01,
0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30,
- 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32,
- 0x31, 0x31, 0x37, 0x35, 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x35,
- 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30,
+ 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32,
+ 0x32, 0x31, 0x39, 0x32, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x36,
+ 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x39,
0x5A, 0x30, 0x81, 0xB8, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03,
0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30,
0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F,
@@ -6837,9 +6957,9 @@ static const unsigned char client_ed25519_cert[] =
0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06,
0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01,
0x01, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
- 0x82, 0x14, 0x69, 0xAC, 0xB8, 0xB4, 0xF7, 0xE4, 0x11, 0xCB,
- 0xC5, 0x63, 0xB2, 0xCC, 0x2A, 0xA8, 0xE2, 0x0F, 0x55, 0xEE,
- 0x86, 0x86, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+ 0x82, 0x14, 0x31, 0xE6, 0x4A, 0xB1, 0x6B, 0x4E, 0x2E, 0x77,
+ 0x7B, 0xD6, 0xE3, 0x94, 0x8A, 0xCF, 0x02, 0xB7, 0x58, 0x5A,
+ 0xFB, 0xAB, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -6847,14 +6967,14 @@ static const unsigned char client_ed25519_cert[] =
0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x05, 0x06,
- 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x2E, 0x4A, 0xB8,
- 0x2A, 0xF0, 0x75, 0xEE, 0x31, 0x6A, 0x51, 0x0A, 0x6A, 0x54,
- 0x5B, 0x45, 0x6E, 0xAC, 0x03, 0xA8, 0xA9, 0x9A, 0xD4, 0xD6,
- 0x38, 0x02, 0xEB, 0x76, 0xB6, 0xA7, 0x66, 0x86, 0xEA, 0xE9,
- 0xF3, 0x6F, 0x31, 0x4E, 0xE4, 0x50, 0xD1, 0x75, 0xFE, 0x88,
- 0x3F, 0x23, 0x9D, 0x76, 0xD9, 0x9C, 0x07, 0x14, 0x13, 0x16,
- 0x30, 0xC3, 0x40, 0x51, 0x06, 0xDA, 0xA5, 0x39, 0x5F, 0x0A,
- 0x09
+ 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x92, 0xAC, 0x52,
+ 0xCF, 0x34, 0xC2, 0x76, 0x8A, 0x78, 0xF7, 0xEF, 0xDA, 0x3F,
+ 0x79, 0xE9, 0x66, 0xD1, 0xDE, 0xE1, 0xD7, 0x56, 0xB5, 0x4B,
+ 0xCF, 0xA7, 0xC2, 0x03, 0xAF, 0xCC, 0x23, 0x11, 0x4B, 0x44,
+ 0x0C, 0x33, 0xCE, 0x45, 0xE0, 0x33, 0xEB, 0xCC, 0xC9, 0xF8,
+ 0x38, 0x5B, 0x19, 0x6F, 0x86, 0x4D, 0x97, 0x30, 0xD1, 0x55,
+ 0x6E, 0xCB, 0x5F, 0x39, 0xC9, 0xA3, 0x22, 0x16, 0x66, 0x5F,
+ 0x07
};
static const int sizeof_client_ed25519_cert = sizeof(client_ed25519_cert);
@@ -6871,5 +6991,31 @@ static const int sizeof_client_ed25519_key = sizeof(client_ed25519_key);
#endif /* HAVE_ED25519 */
+#if defined(USE_CERT_BUFFERS_25519)
+
+/* ./certs/statickeys/x25519.der, CURVE25519 */
+static const unsigned char x25519_statickey_der[] =
+{
+ 0x30, 0x2E, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B,
+ 0x65, 0x6E, 0x04, 0x22, 0x04, 0x20, 0x78, 0x8E, 0x31, 0x5C,
+ 0x33, 0xA9, 0x19, 0xC0, 0x5E, 0x36, 0x70, 0x1B, 0xA4, 0xE8,
+ 0xEF, 0xC1, 0x89, 0x8C, 0xB3, 0x15, 0xC6, 0x79, 0xD3, 0xAC,
+ 0x22, 0x00, 0xAE, 0xFA, 0xB3, 0xB7, 0x0F, 0x78
+};
+static const int sizeof_x25519_statickey_der = sizeof(x25519_statickey_der);
+
+/* ./certs/statickeys/x25519-pub.der, CURVE25519 */
+static const unsigned char x25519_pub_statickey_der[] =
+{
+ 0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x6E, 0x03,
+ 0x21, 0x00, 0x09, 0xBC, 0x8C, 0xC7, 0x45, 0x0D, 0xC1, 0xC2,
+ 0x02, 0x57, 0x9A, 0x68, 0x3A, 0xFD, 0x7A, 0xA8, 0xA5, 0x2F,
+ 0xF0, 0x99, 0x39, 0x98, 0xEA, 0x26, 0xA2, 0x5B, 0x38, 0xFD,
+ 0x96, 0xDB, 0x2A, 0x26
+};
+static const int sizeof_x25519_pub_statickey_der = sizeof(x25519_pub_statickey_der);
+
+#endif /* USE_CERT_BUFFERS_25519 */
+
#endif /* WOLFSSL_CERTS_TEST_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/crl.h b/extra/wolfssl/wolfssl/wolfssl/crl.h
index e68aa79c..4b4dcc27 100644
--- a/extra/wolfssl/wolfssl/wolfssl/crl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/crl.h
@@ -42,6 +42,9 @@ WOLFSSL_LOCAL int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type,
WOLFSSL_LOCAL int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz,
int type, int verify);
WOLFSSL_LOCAL int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert);
+WOLFSSL_LOCAL int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash,
+ byte* serial, int serialSz, byte* serialHash, const byte* extCrlInfo,
+ int extCrlInfoSz, void* issuerName);
#ifdef __cplusplus
diff --git a/extra/wolfssl/wolfssl/wolfssl/error-ssl.h b/extra/wolfssl/wolfssl/wolfssl/error-ssl.h
index 9a6a9cf2..e579bfb6 100644
--- a/extra/wolfssl/wolfssl/wolfssl/error-ssl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/error-ssl.h
@@ -191,7 +191,8 @@ enum wolfSSL_ErrorCodes {
COMPRESSION_ERROR = -502, /* compression mismatch */
KEY_SHARE_ERROR = -503, /* key share mismatch */
POST_HAND_AUTH_ERROR = -504, /* client won't do post-hand auth */
- HRR_COOKIE_ERROR = -505 /* HRR msg cookie mismatch */
+ HRR_COOKIE_ERROR = -505, /* HRR msg cookie mismatch */
+ UNSUPPORTED_CERTIFICATE = -506 /* unsupported certificate type */
/* end negotiation parameter errors only 10 for now */
/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
diff --git a/extra/wolfssl/wolfssl/wolfssl/internal.h b/extra/wolfssl/wolfssl/wolfssl/internal.h
index dbe64dda..f59da64f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/internal.h
+++ b/extra/wolfssl/wolfssl/wolfssl/internal.h
@@ -55,9 +55,15 @@
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && defined(OPENSSL_EXTRA)
#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
#endif
+#ifdef HAVE_ARIA
+ #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+#endif
#ifdef HAVE_CAMELLIA
#include <wolfssl/wolfcrypt/camellia.h>
#endif
+#ifdef WOLFSSL_SM4
+ #include <wolfssl/wolfcrypt/sm4.h>
+#endif
#include <wolfssl/wolfcrypt/logging.h>
#ifndef NO_HMAC
#include <wolfssl/wolfcrypt/hmac.h>
@@ -83,6 +89,9 @@
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
#endif
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
#ifdef HAVE_AESGCM
#include <wolfssl/wolfcrypt/sha512.h>
#endif
@@ -95,6 +104,9 @@
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h>
#endif
+#ifdef WOLFSSL_SM2
+ #include <wolfssl/wolfcrypt/sm2.h>
+#endif
#ifndef NO_DH
#include <wolfssl/wolfcrypt/dh.h>
#endif
@@ -267,6 +279,10 @@
#include <wolfssl/wolfcrypt/hpke.h>
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+#include <wolfssl/sniffer.h>
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -640,6 +656,10 @@
#endif
#endif
#endif /* NO_AES */
+ #ifdef HAVE_ARIA
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ #endif /* HAVE_ARIA */
#if !defined(NO_RC4) && !defined(WSSL_HARDEN_TLS)
/* MUST NOT negotiate RC4 cipher suites
* https://www.rfc-editor.org/rfc/rfc9325#section-4.1 */
@@ -840,6 +860,17 @@
#endif
#endif
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ #ifdef WOLFSSL_SM4_CBC
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+ #endif
+ #ifdef WOLFSSL_SM4_GCM
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+ #endif
+ #ifdef WOLFSSL_SM4_CCM
+ #define BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+ #endif
+ #endif
#endif
#if defined(WOLFSSL_TLS13)
@@ -872,6 +903,16 @@
#define BUILD_TLS_SHA384_SHA384
#endif
#endif
+
+ #ifdef WOLFSSL_SM3
+ #ifdef WOLFSSL_SM4_GCM
+ #define BUILD_TLS_SM4_GCM_SM3
+ #endif
+
+ #ifdef WOLFSSL_SM4_CCM
+ #define BUILD_TLS_SM4_CCM_SM3
+ #endif
+ #endif
#endif
#if !defined(WOLFCRYPT_ONLY) && defined(NO_PSK) && \
@@ -924,6 +965,11 @@
#define NO_AESGCM_AEAD
#endif
+#if defined(BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256) || \
+ defined(BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384)
+ #define BUILD_ARIA
+#endif
+
#if defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) || \
defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \
defined(BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256) || \
@@ -969,8 +1015,10 @@
#if defined(WOLFSSL_MAX_STRENGTH) || \
(defined(HAVE_AESGCM) && !defined(NO_AESGCM_AEAD)) || \
defined(HAVE_AESCCM) || \
+ defined(HAVE_ARIA) || \
(defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
!defined(NO_CHAPOL_AEAD)) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \
(defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER))
#define HAVE_AEAD
@@ -999,6 +1047,13 @@
#undef WSSL_HARDEN_TLS
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
+#define SSL_CA_NAMES(ssl) ((ssl)->client_ca_names != NULL ? (ssl)->client_ca_names : \
+ (ssl)->ctx->client_ca_names)
+#else
+#define WOLFSSL_NO_CA_NAMES
+#endif
+
/* actual cipher values, 2nd byte */
enum {
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x16,
@@ -1140,6 +1195,21 @@ enum {
TLS_SHA256_SHA256 = 0xB4,
TLS_SHA384_SHA384 = 0xB5,
+ /* ARIA-GCM, first byte is 0xC0 (ECC_BYTE)
+ * See: https://www.rfc-editor.org/rfc/rfc6209.html#section-5
+ */
+ TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 0x5c,
+ TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 0x5d,
+
+ /* TLS v1.3 SM cipher suites - 0x00 (CIPHER_BYTE) is first byte */
+ TLS_SM4_GCM_SM3 = 0xC6,
+ TLS_SM4_CCM_SM3 = 0xC7,
+
+ /* TLS v1.2 SM cipher suites - 0xE0 (SM_BYTE) is first byte */
+ TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3 = 0x11,
+ TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3 = 0x51,
+ TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3 = 0x52,
+
/* Fallback SCSV (Signaling Cipher Suite Value) */
TLS_FALLBACK_SCSV = 0x56,
/* Renegotiation Indication Extension Special Suite */
@@ -1395,6 +1465,15 @@ enum {
#define DTLS_AEAD_AES_CCM_FAIL_LIMIT w64From32(0x00B5, 0x04F3)
#define DTLS_AEAD_AES_CCM_FAIL_KU_LIMIT w64From32(0x005A, 0x8279)
+/* Limit is (2^22 - 1) full messages [2^36 - 31 octets]
+ * https://www.rfc-editor.org/rfc/rfc8998.html#name-aead_sm4_gcm
+ */
+#define AEAD_SM4_GCM_LIMIT w64From32(0, (1 << 22) - 1)
+/* Limit is (2^10 - 1) full messages [2^24 - 1 octets]
+ * https://www.rfc-editor.org/rfc/rfc8998.html#name-aead_sm4_ccm
+ */
+#define AEAD_SM4_CCM_LIMIT w64From32(0, (1 << 10) - 1)
+
#if defined(WOLFSSL_TLS13) || !defined(NO_PSK)
#define TLS13_TICKET_NONCE_MAX_SZ 255
@@ -1432,6 +1511,7 @@ enum Misc {
CHACHA_BYTE = 0xCC, /* ChaCha first cipher suite */
TLS13_BYTE = 0x13, /* TLS v1.3 first byte of cipher suite */
ECDHE_PSK_BYTE = 0xD0, /* RFC 8442 */
+ SM_BYTE = 0xE0, /* SM first byte - private range */
SEND_CERT = 1,
SEND_BLANK_CERT = 2,
@@ -1572,7 +1652,8 @@ enum Misc {
DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */
DTLS_EXPORT_STATE_PRO = 166,/* wolfSSL protocol for serialized state */
TLS_EXPORT_PRO = 167,/* wolfSSL protocol for serialized TLS */
- DTLS_EXPORT_OPT_SZ = 61, /* amount of bytes used from Options */
+ DTLS_EXPORT_OPT_SZ = 62, /* amount of bytes used from Options */
+ DTLS_EXPORT_OPT_SZ_4 = 61, /* amount of bytes used from Options */
TLS_EXPORT_OPT_SZ = 65, /* amount of bytes used from Options */
DTLS_EXPORT_OPT_SZ_3 = 60, /* amount of bytes used from Options */
DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2),
@@ -1585,8 +1666,9 @@ enum Misc {
WOLFSSL_EXPORT_SPC_SZ = 16, /* amount of bytes used from CipherSpecs */
#endif
WOLFSSL_EXPORT_LEN = 2, /* 2 bytes for length and protocol */
- WOLFSSL_EXPORT_VERSION = 4, /* wolfSSL version for serialized session */
+ WOLFSSL_EXPORT_VERSION = 5, /* wolfSSL version for serialized session */
+ WOLFSSL_EXPORT_VERSION_4 = 4, /* 5.6.4 release and before */
/* older export versions supported */
WOLFSSL_EXPORT_VERSION_3 = 3, /* wolfSSL version before TLS 1.3 addition */
@@ -1611,21 +1693,16 @@ enum Misc {
SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
TLS_MAX_PAD_SZ = 255, /* Max padding in TLS */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- MAX_SYM_KEY_SIZE = AES_256_KEY_SIZE,
-#else
- #if defined(HAVE_NULL_CIPHER) && defined(WOLFSSL_TLS13)
- #if defined(WOLFSSL_SHA384) && WC_MAX_SYM_KEY_SIZE < 48
- MAX_SYM_KEY_SIZE = WC_SHA384_DIGEST_SIZE,
- #elif !defined(NO_SHA256) && WC_MAX_SYM_KEY_SIZE < 32
- MAX_SYM_KEY_SIZE = WC_SHA256_DIGEST_SIZE,
- #else
- MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
- #endif
+#if defined(HAVE_NULL_CIPHER) && defined(WOLFSSL_TLS13)
+ #if defined(WOLFSSL_SHA384) && WC_MAX_SYM_KEY_SIZE < 48
+ MAX_SYM_KEY_SIZE = WC_SHA384_DIGEST_SIZE,
+ #elif !defined(NO_SHA256) && WC_MAX_SYM_KEY_SIZE < 32
+ MAX_SYM_KEY_SIZE = WC_SHA256_DIGEST_SIZE,
#else
MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
#endif
+#else
+ MAX_SYM_KEY_SIZE = WC_MAX_SYM_KEY_SIZE,
#endif
#if defined(HAVE_SELFTEST) && \
@@ -1651,6 +1728,9 @@ enum Misc {
AESGCM_IMP_IV_SZ = 4, /* Size of GCM/CCM AEAD implicit IV */
AESGCM_EXP_IV_SZ = 8, /* Size of GCM/CCM AEAD explicit IV */
AESGCM_NONCE_SZ = AESGCM_EXP_IV_SZ + AESGCM_IMP_IV_SZ,
+ GCM_IMP_IV_SZ = 4, /* Size of GCM/CCM AEAD implicit IV */
+ GCM_EXP_IV_SZ = 8, /* Size of GCM/CCM AEAD explicit IV */
+ GCM_NONCE_SZ = GCM_EXP_IV_SZ + GCM_IMP_IV_SZ,
CHACHA20_IMP_IV_SZ = 12, /* Size of ChaCha20 AEAD implicit IV */
CHACHA20_NONCE_SZ = 12, /* Size of ChacCha20 nonce */
@@ -1663,6 +1743,11 @@ enum Misc {
AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */
AESCCM_NONCE_SZ = 12,
+ SM4_GCM_AUTH_SZ = 16, /* SM4-GCM Auth Tag length */
+ SM4_GCM_NONCE_SZ = 12, /* SM4 GCM Nonce length */
+ SM4_CCM_AUTH_SZ = 16, /* SM4-CCM Auth Tag length */
+ SM4_CCM_NONCE_SZ = 12, /* SM4 CCM Nonce length */
+
CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */
CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */
CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */
@@ -1681,7 +1766,7 @@ enum Misc {
#ifndef ECDHE_SIZE /* allow this to be overridden at compile-time */
ECDHE_SIZE = 32, /* ECDHE server size defaults to 256 bit */
#endif
- MAX_EXPORT_ECC_SZ = 256, /* Export ANS X9.62 max future size */
+ MAX_EXPORT_ECC_SZ = 256, /* Export ANSI X9.62 max future size */
MAX_CURVE_NAME_SZ = 16, /* Maximum size of curve name string */
NEW_SA_MAJOR = 8, /* Most significant byte used with new sig algos */
@@ -1689,6 +1774,8 @@ enum Misc {
ED25519_SA_MINOR = 7, /* Least significant byte for ED25519 */
ED448_SA_MAJOR = 8, /* Most significant byte for ED448 */
ED448_SA_MINOR = 8, /* Least significant byte for ED448 */
+ SM2_SA_MAJOR = 7, /* Most significant byte for SM2 with SM3 */
+ SM2_SA_MINOR = 8, /* Least significant byte for SM2 with SM3 */
PQC_SA_MAJOR = 0xFE,/* Most significant byte used with PQC sig algs */
@@ -1737,13 +1824,6 @@ enum Misc {
MAX_WOLFSSL_FILE_SIZE = 1024UL * 1024UL * 4, /* 4 mb file size alloc limit */
#endif
-#if defined(HAVE_PQC)
- MAX_X509_SIZE = 8*1024, /* max static x509 buffer size; dilithium is big */
-#elif defined(WOLFSSL_HAPROXY)
- MAX_X509_SIZE = 3072, /* max static x509 buffer size */
-#else
- MAX_X509_SIZE = 2048, /* max static x509 buffer size */
-#endif
CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */
NO_SNIFF = 0, /* not sniffing */
@@ -1876,6 +1956,15 @@ enum Misc {
#define SESSIDX_IDX_MASK 0x0F
#endif
+#ifndef MAX_X509_SIZE
+ #if defined(HAVE_PQC)
+ #define MAX_X509_SIZE (8*1024) /* max static x509 buffer size; dilithium is big */
+ #elif defined(WOLFSSL_HAPROXY)
+ #define MAX_X509_SIZE 3072 /* max static x509 buffer size */
+ #else
+ #define MAX_X509_SIZE 2048 /* max static x509 buffer size */
+ #endif
+#endif
/* max cert chain peer depth */
#ifndef MAX_CHAIN_DEPTH
@@ -1929,11 +2018,19 @@ enum Misc {
#define MAX_ENCRYPT_SZ ENCRYPT_LEN
-#define WOLFSSL_ASSERT_SIZEOF_GE(x, y) do { \
- typedef char _args_test_[sizeof((x)) >= sizeof((y)) ? 1 : -1]; \
- (void)sizeof(_args_test_); \
+/* A static check to assert a relation between x and y */
+#define WOLFSSL_ASSERT_TEST(x, y, op) do { \
+ typedef char _args_test_[(x) op (y) ? 1 : -1]; \
+ (void)sizeof(_args_test_); \
} while(0)
+#define WOLFSSL_ASSERT_EQ(x, y) WOLFSSL_ASSERT_TEST(x, y, ==)
+
+#define WOLFSSL_ASSERT_SIZEOF_TEST(x, y, op) \
+ WOLFSSL_ASSERT_TEST(sizeof((x)), sizeof((y)), op)
+
+#define WOLFSSL_ASSERT_SIZEOF_GE(x, y) WOLFSSL_ASSERT_SIZEOF_TEST(x, y, >=)
+
/* states. Adding state before HANDSHAKE_DONE will break session importing */
enum states {
NULL_STATE = 0,
@@ -2040,6 +2137,9 @@ WOLFSSL_LOCAL void InitSSL_CTX_Suites(WOLFSSL_CTX* ctx);
WOLFSSL_LOCAL int InitSSL_Suites(WOLFSSL* ssl);
WOLFSSL_LOCAL int InitSSL_Side(WOLFSSL* ssl, word16 side);
+
+WOLFSSL_LOCAL int DoHandShakeMsgType(WOLFSSL* ssl, byte* input,
+ word32* inOutIdx, byte type, word32 size, word32 totalSz);
/* for sniffer */
WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size, word32 totalSz, int sniff);
@@ -2050,8 +2150,7 @@ WOLFSSL_LOCAL int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOut
WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx,
int sniff);
/* TLS v1.3 needs these */
-WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID,
- Suites* clSuites);
+WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, Suites* clSuites);
#ifdef WOLFSSL_TLS13
WOLFSSL_LOCAL byte SuiteMac(const byte* suite);
#endif
@@ -2093,7 +2192,9 @@ WOLFSSL_LOCAL int MatchDomainName(const char* pattern, int len, const char* str
#ifndef NO_CERTS
WOLFSSL_LOCAL int CheckForAltNames(DecodedCert* dCert, const char* domain, int* checkCN);
WOLFSSL_LOCAL int CheckIPAddr(DecodedCert* dCert, const char* ipasc);
+WOLFSSL_LOCAL void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType);
#endif
+WOLFSSL_LOCAL int SetupTicket(WOLFSSL* ssl);
WOLFSSL_LOCAL int CreateTicket(WOLFSSL* ssl);
WOLFSSL_LOCAL int HashRaw(WOLFSSL* ssl, const byte* output, int sz);
WOLFSSL_LOCAL int HashOutput(WOLFSSL* ssl, const byte* output, int sz,
@@ -2112,6 +2213,8 @@ WOLFSSL_LOCAL int ALPN_Select(WOLFSSL* ssl);
WOLFSSL_LOCAL int ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input,
word16 sz); /* needed by sniffer */
+WOLFSSL_LOCAL int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
+ word16 sz); /* needed by sniffer */
#ifdef WOLFSSL_TLS13
WOLFSSL_LOCAL int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
@@ -2251,6 +2354,10 @@ WOLFSSL_LOCAL void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
int haveRSAsig, int haveFalconSig,
int haveDilithiumSig, int haveAnon,
int tls1_2, int keySz, word16* len);
+/* use wolfSSL_API visibility to be able to test in tests/api.c */
+WOLFSSL_API void InitSuitesHashSigAlgo_ex2(byte* hashSigAlgo, int have,
+ int tls1_2, int keySz,
+ word16* len);
WOLFSSL_LOCAL int AllocateCtxSuites(WOLFSSL_CTX* ctx);
WOLFSSL_LOCAL int AllocateSuites(WOLFSSL* ssl);
WOLFSSL_LOCAL void InitSuites(Suites* suites, ProtocolVersion pv, int keySz,
@@ -2340,7 +2447,9 @@ struct WOLFSSL_OCSP {
typedef struct CRL_Entry CRL_Entry;
-#ifdef NO_SHA
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ #define CRL_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+#elif defined(NO_SHA)
#define CRL_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#else
#define CRL_DIGEST_SIZE WC_SHA_DIGEST_SIZE
@@ -2358,7 +2467,16 @@ typedef struct CRL_Entry CRL_Entry;
#endif
/* Complete CRL */
struct CRL_Entry {
+ byte* toBeSigned;
+ byte* signature;
+#if defined(OPENSSL_EXTRA)
+ WOLFSSL_X509_NAME* issuer; /* X509_NAME type issuer */
+#endif
CRL_Entry* next; /* next entry */
+ wolfSSL_Mutex verifyMutex;
+ /* DupCRL_Entry copies data after the `verifyMutex` member. Using the mutex
+ * as the marker because clang-tidy doesn't like taking the sizeof a
+ * pointer. */
byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */
/* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */
/* restore the hash here if needed for optimized comparisons */
@@ -2378,9 +2496,7 @@ struct CRL_Entry {
int totalCerts; /* number on list */
int version; /* version of certificate */
int verified;
- byte* toBeSigned;
word32 tbsSz;
- byte* signature;
word32 signatureSz;
word32 signatureOID;
#if !defined(NO_SKID) && !defined(NO_ASN)
@@ -2388,9 +2504,6 @@ struct CRL_Entry {
byte extAuthKeyId[KEYID_SIZE];
#endif
int crlNumber; /* CRL number extension */
-#if defined(OPENSSL_EXTRA)
- WOLFSSL_X509_NAME* issuer; /* X509_NAME type issuer */
-#endif
};
@@ -2407,6 +2520,19 @@ struct CRL_Monitor {
#undef HAVE_CRL_MONITOR
#endif
+/* PEM and DER possible */
+#define WOLFSSL_CRL_MONITORS_LEN (2)
+
+#if defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__)
+typedef int wolfSSL_CRL_mfd_t; /* monitor fd, -1 if no init yet */
+/* mfd for bsd is kqueue fd, eventfd for linux */
+#define WOLFSSL_CRL_MFD_INIT_VAL (-1)
+#elif defined(_MSC_VER)
+typedef HANDLE wolfSSL_CRL_mfd_t; /* monitor fd, INVALID_HANDLE_VALUE if
+ * no init yet */
+#define WOLFSSL_CRL_MFD_INIT_VAL (INVALID_HANDLE_VALUE)
+#endif
+
/* wolfSSL CRL controller */
struct WOLFSSL_CRL {
WOLFSSL_CERT_MANAGER* cm; /* pointer back to cert manager */
@@ -2415,12 +2541,12 @@ struct WOLFSSL_CRL {
#ifdef HAVE_CRL_IO
CbCrlIO crlIOCb;
#endif
- wolfSSL_Mutex crlLock; /* CRL list lock */
- CRL_Monitor monitors[2]; /* PEM and DER possible */
+ wolfSSL_RwLock crlLock; /* CRL list lock */
+ CRL_Monitor monitors[WOLFSSL_CRL_MONITORS_LEN];
#ifdef HAVE_CRL_MONITOR
- pthread_cond_t cond; /* condition to signal setup */
- pthread_t tid; /* monitoring thread */
- int mfd; /* monitor fd, -1 if no init yet */
+ COND_TYPE cond; /* condition to signal setup */
+ THREAD_TYPE tid; /* monitoring thread */
+ wolfSSL_CRL_mfd_t mfd;
int setup; /* thread is setup predicate */
#endif
void* heap; /* heap hint for dynamic memory */
@@ -2507,7 +2633,7 @@ WOLFSSL_LOCAL int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm,
const void* mem, int sz);
WOLFSSL_LOCAL int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_LOCAL int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
- long sz, int format, int err_val);
+ long sz, int format, int prev_err);
#ifndef NO_CERTS
@@ -2649,10 +2775,9 @@ typedef struct Keys {
tsip_hmac_sha_key_index_t tsip_server_write_MAC_secret;
#endif
-#ifdef WOLFSSL_RENESAS_SCEPROTECT
-
- sce_hmac_sha_wrapped_key_t sce_client_write_MAC_secret;
- sce_hmac_sha_wrapped_key_t sce_server_write_MAC_secret;
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+ FSPSM_HMAC_WKEY fspsm_client_write_MAC_secret;
+ FSPSM_HMAC_WKEY fspsm_server_write_MAC_secret;
#endif
} Keys;
@@ -2681,6 +2806,10 @@ typedef enum {
#endif
TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
TLSX_STATUS_REQUEST_V2 = 0x0011, /* a.k.a. OCSP stapling v2 */
+#ifdef HAVE_RPK
+ TLSX_CLIENT_CERTIFICATE_TYPE = 0x0013, /* RFC8446 */
+ TLSX_SERVER_CERTIFICATE_TYPE = 0x0014, /* RFC8446 */
+#endif
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
TLSX_ENCRYPT_THEN_MAC = 0x0016, /* RFC 7366 */
#endif
@@ -2700,6 +2829,9 @@ typedef enum {
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
TLSX_PSK_KEY_EXCHANGE_MODES = 0x002d,
#endif
+ #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+ TLSX_CERTIFICATE_AUTHORITIES = 0x002f,
+ #endif
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
TLSX_POST_HANDSHAKE_AUTH = 0x0031,
#endif
@@ -2723,6 +2855,36 @@ typedef enum {
#endif
} TLSX_Type;
+/* TLS Certificate type defined RFC7250
+ * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3
+ */
+#if defined(HAVE_RPK)
+typedef struct RpkConfig {
+ /* user's preference */
+ byte preferred_ClientCertTypeCnt;
+ byte preferred_ClientCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+ byte preferred_ServerCertTypeCnt;
+ byte preferred_ServerCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+ /* reflect to client_certificate_type extension in xxxHello */
+} RpkConfig;
+
+typedef struct RpkState {
+ byte sending_ClientCertTypeCnt;
+ byte sending_ClientCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+ /* reflect to server_certificate_type extension in xxxHello */
+ byte sending_ServerCertTypeCnt;
+ byte sending_ServerCertTypes[MAX_SERVER_CERT_TYPE_CNT];
+ /* client_certificate_type extension in received yyyHello */
+ byte received_ClientCertTypeCnt;
+ byte received_ClientCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+ /* server_certificate_type extension in received yyyHello */
+ byte received_ServerCertTypeCnt;
+ byte received_ServerCertTypes[MAX_SERVER_CERT_TYPE_CNT];
+ /* set if Raw-public-key cert is loaded as own certificate */
+ int isRPKLoaded;
+} RpkState;
+#endif /* HAVE_RPK */
+
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
typedef enum {
@@ -2929,7 +3091,7 @@ typedef struct {
union {
OcspRequest ocsp;
} request;
-#if defined(WOLFSSL_TLS13)
+#ifdef WOLFSSL_TLS13
buffer response;
#endif
} CertificateStatusRequest;
@@ -3084,6 +3246,10 @@ typedef struct InternalTicket {
#ifdef WOLFSSL_TICKET_HAVE_ID
byte id[ID_LEN];
#endif
+#ifdef OPENSSL_EXTRA
+ byte sessionCtxSz; /* sessionCtx length */
+ byte sessionCtx[ID_LEN]; /* app specific context id */
+#endif /* OPENSSL_EXTRA */
} InternalTicket;
#ifndef WOLFSSL_TICKET_EXTRA_PADDING_SZ
@@ -3194,10 +3360,11 @@ WOLFSSL_LOCAL int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group,
word16 len, byte* data, KeyShareEntry **kse, TLSX** extensions);
WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl);
WOLFSSL_LOCAL int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl,
- TLSX** extensions);
+ TLSX** extensions);
WOLFSSL_LOCAL int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse);
WOLFSSL_LOCAL int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
- KeyShareEntry** kse, byte* searched);
+ byte cipherSuite0, byte cipherSuite, KeyShareEntry** kse,
+ byte* searched);
WOLFSSL_LOCAL int TLSX_KeyShare_Setup(WOLFSSL *ssl, KeyShareEntry* clientKSE);
WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl, int* doHelloRetry);
WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* sclientKSEclientKSEsl);
@@ -3369,8 +3536,8 @@ struct WOLFSSL_CTX {
DerBuffer* certificate;
DerBuffer* certChain;
/* chain after self, in DER, with leading size for each cert */
- #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
- WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
+ #ifndef WOLFSSL_NO_CA_NAMES
+ WOLF_STACK_OF(WOLFSSL_X509_NAME)* client_ca_names;
#endif
#ifdef OPENSSL_EXTRA
WOLF_STACK_OF(WOLFSSL_X509)* x509Chain;
@@ -3412,7 +3579,7 @@ struct WOLFSSL_CTX {
byte sendVerify:2; /* for client side (can not be single bit) */
byte haveRSA:1; /* RSA available */
byte haveECC:1; /* ECC available */
- byte haveDH:1; /* server DH parms set by user */
+ byte haveDH:1; /* server DH params set by user */
byte haveECDSAsig:1; /* server cert signed w/ ECDSA */
byte haveFalconSig:1; /* server cert signed w/ Falcon */
byte haveDilithiumSig:1;/* server cert signed w/ Dilithium */
@@ -3468,7 +3635,10 @@ struct WOLFSSL_CTX {
#endif
word16 minProto:1; /* sets min to min available */
word16 maxProto:1; /* sets max to max available */
-
+#if defined(HAVE_RPK)
+ RpkConfig rpkConfig;
+ RpkState rpkState;
+#endif /* HAVE_RPK */
#ifdef WOLFSSL_SRTP
word16 dtlsSrtpProfiles; /* DTLS-with-SRTP mode
* (list of selected profiles - up to 16) */
@@ -3499,11 +3669,13 @@ struct WOLFSSL_CTX {
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
word32 disabledCurves; /* curves disabled by user */
#endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
byte sessionCtx[ID_LEN]; /* app session context ID */
+ byte sessionCtxSz;
+#endif
+#ifdef OPENSSL_EXTRA
const unsigned char *alpn_cli_protos;/* ALPN client protocol list */
unsigned int alpn_cli_protos_len;
- byte sessionCtxSz;
byte cbioFlag; /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */
CallbackInfoState* CBIS; /* used to get info about SSL state */
WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/
@@ -3755,6 +3927,9 @@ struct WOLFSSL_CTX {
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
WOLFSSL_EchConfig* echConfigs;
#endif
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+ byte doAppleNativeCertValidationFlag:1;
+#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
};
WOLFSSL_LOCAL
@@ -3824,6 +3999,14 @@ enum KeyExchangeAlgorithm {
ecc_static_diffie_hellman_kea /* for verify suite only */
};
+/* Used with InitSuitesHashSigAlgo_ex2 */
+#define SIG_ECDSA 0x01
+#define SIG_RSA 0x02
+#define SIG_SM2 0x04
+#define SIG_FALCON 0x08
+#define SIG_DILITHIUM 0x10
+#define SIG_ANON 0x20
+
/* Supported Authentication Schemes */
enum SignatureAlgorithm {
anonymous_sa_algo = 0,
@@ -3839,6 +4022,7 @@ enum SignatureAlgorithm {
dilithium_level2_sa_algo = 14,
dilithium_level3_sa_algo = 15,
dilithium_level5_sa_algo = 16,
+ sm2_sa_algo = 17,
invalid_sa_algo = 255
};
@@ -3854,6 +4038,18 @@ enum SigAlgRsaPss {
pss_sha512 = 0x0b,
};
+#ifdef WOLFSSL_SM2
+ /* Default SM2 signature ID. */
+ #define TLS12_SM2_SIG_ID ((byte*)"1234567812345678")
+ /* Length of default SM2 signature ID. */
+ #define TLS12_SM2_SIG_ID_SZ 16
+
+ /* https://www.rfc-editor.org/rfc/rfc8998.html#name-sm2-signature-scheme */
+ /* ID to use when signing/verifying TLS v1.3 data. */
+ #define TLS13_SM2_SIG_ID ((byte*)"TLSv1.3+GM+Cipher+Suite")
+ /* Length of ID to use when signing/verifying TLS v1.3 data. */
+ #define TLS13_SM2_SIG_ID_SZ 23
+#endif
/* Supported ECC Curve Types */
enum EccCurves {
@@ -3885,8 +4081,8 @@ enum CipherType { aead };
#endif
-#if defined(BUILD_AES) || defined(BUILD_AESGCM) || (defined(HAVE_CHACHA) && \
- defined(HAVE_POLY1305)) || defined(WOLFSSL_TLS13)
+#if defined(BUILD_AES) || defined(BUILD_AESGCM) || defined(HAVE_ARIA) || \
+ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(WOLFSSL_TLS13)
#define CIPHER_NONCE
#endif
@@ -3915,10 +4111,12 @@ typedef struct Ciphers {
#endif
#if defined(BUILD_AES) || defined(BUILD_AESGCM)
Aes* aes;
- #if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && \
- !defined(WOLFSSL_NO_TLS12)
- byte* additional;
- #endif
+#endif
+#if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && !defined(WOLFSSL_NO_TLS12)
+ byte* additional;
+#endif
+#ifdef HAVE_ARIA
+ wc_Aria* aria;
#endif
#ifdef CIPHER_NONCE
byte* nonce;
@@ -3929,6 +4127,9 @@ typedef struct Ciphers {
#ifdef HAVE_CHACHA
ChaCha* chacha;
#endif
+#ifdef WOLFSSL_SM4
+ wc_Sm4* sm4;
+#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER) && !defined(NO_HMAC)
Hmac* hmac;
#endif
@@ -3987,6 +4188,9 @@ typedef struct Hashes {
#ifdef WOLFSSL_SHA512
byte sha512[WC_SHA512_DIGEST_SIZE];
#endif
+ #ifdef WOLFSSL_SM3
+ byte sm3[WC_SM3_DIGEST_SIZE];
+ #endif
} Hashes;
WOLFSSL_LOCAL int BuildCertHashes(const WOLFSSL* ssl, Hashes* hashes);
@@ -4002,6 +4206,9 @@ typedef union Digest {
#ifdef WOLFSSL_SHA512
wc_Sha512 sha512;
#endif
+#ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+#endif
} Digest;
#endif
@@ -4123,10 +4330,10 @@ struct WOLFSSL_SESSION {
word16 idLen; /* serverID length */
byte serverID[SERVER_ID_LEN]; /* for easier client lookup */
#endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
byte sessionCtxSz; /* sessionCtx length */
byte sessionCtx[ID_LEN]; /* app specific context id */
-#endif /* OPENSSL_EXTRA */
+#endif /* WOLFSSL_SESSION_ID_CTX */
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
byte peerVerifyRet; /* cert verify error */
#endif
@@ -4407,13 +4614,19 @@ struct Options {
word16 failNoCertxPSK:1; /* fail for no cert except with PSK */
word16 downgrade:1; /* allow downgrade of versions */
word16 resuming:1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+ word16 resumed:1; /* resuming may be reset on SCR */
+#endif
word16 isPSK:1;
word16 haveSessionId:1; /* server may not send */
word16 tls:1; /* using TLS ? */
word16 tls1_1:1; /* using TLSv1.1+ ? */
word16 tls1_3:1; /* using TLSv1.3+ ? */
+ word16 seenUnifiedHdr:1; /* received msg with unified header */
word16 dtls:1; /* using datagrams ? */
+#ifdef WOLFSSL_DTLS
word16 dtlsStateful:1; /* allow stateful processing ? */
+#endif
word16 connReset:1; /* has the peer reset */
word16 isClosed:1; /* if we consider conn closed */
word16 closeNotify:1; /* we've received a close notify */
@@ -4422,7 +4635,7 @@ struct Options {
word16 usingCompression:1; /* are we using compression */
word16 haveRSA:1; /* RSA available */
word16 haveECC:1; /* ECC available */
- word16 haveDH:1; /* server DH parms set by user */
+ word16 haveDH:1; /* server DH params set by user */
word16 haveECDSAsig:1; /* server ECDSA signed cert */
word16 haveStaticECC:1; /* static server ECC private key */
word16 haveFalconSig:1; /* server Falcon signed cert */
@@ -4497,7 +4710,8 @@ struct Options {
word16 sentChangeCipher:1; /* Change Cipher Spec sent */
#endif
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
- ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+ ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+ (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
(defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
word16 cacheMessages:1; /* Cache messages for sign/verify */
#endif
@@ -4523,6 +4737,12 @@ struct Options {
#ifdef WOLFSSL_DTLS13
word16 dtls13SendMoreAcks:1; /* Send more acks during the
* handshake process */
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+ word16 dtls13NoHrrOnResume:1;
+#endif
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ word16 dtls13ChFrag:1;
+#endif
#endif
#ifdef WOLFSSL_TLS13
word16 tls13MiddleBoxCompat:1; /* TLSv1.3 middlebox compatibility */
@@ -4536,6 +4756,13 @@ struct Options {
#ifdef WOLFSSL_SEND_HRR_COOKIE
word16 cookieGood:1;
#endif
+#if defined(HAVE_DANE)
+ word16 useDANE:1;
+#endif /* HAVE_DANE */
+#if defined(HAVE_RPK)
+ RpkConfig rpkConfig;
+ RpkState rpkState;
+#endif /* HAVE_RPK */
/* need full byte values for this section */
byte processReply; /* nonblocking resume */
@@ -4613,8 +4840,8 @@ typedef struct Arrays {
!defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)
byte tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE];
#endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT)
- byte sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE];
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+ byte fspsm_masterSecret[FSPSM_TLS_MASTERSECRET_SIZE];
#endif
#ifdef WOLFSSL_DTLS
byte cookie[MAX_COOKIE_LEN];
@@ -4711,7 +4938,7 @@ struct WOLFSSL_X509_NAME {
WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */
WOLFSSL_X509* x509; /* x509 that struct belongs to */
#endif /* OPENSSL_EXTRA */
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
byte raw[ASN_NAME_MAX];
int rawLen;
@@ -4919,6 +5146,7 @@ typedef struct DtlsMsg {
byte type;
byte fragBucketListCount;
byte ready:1;
+ byte encrypted:1;
} DtlsMsg;
@@ -4976,8 +5204,12 @@ typedef struct HS_Hashes {
#ifdef WOLFSSL_SHA512
wc_Sha512 hashSha512; /* sha512 hash of handshake msgs */
#endif
-#if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
- !defined(WOLFSSL_NO_CLIENT_AUTH)
+#ifdef WOLFSSL_SM3
+ wc_Sm3 hashSm3; /* sm3 hash of handshake msgs */
+#endif
+#if (defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+ (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
+ !defined(WOLFSSL_NO_CLIENT_AUTH)
byte* messages; /* handshake messages */
int length; /* length of handshake messages' data */
int prevLen; /* length of messages but last */
@@ -5144,7 +5376,7 @@ typedef struct Dtls13Rtx {
typedef struct CIDInfo CIDInfo;
#endif /* WOLFSSL_DTLS_CID */
-/* The idea is to re-use the context suites object whenever possible to save
+/* The idea is to reuse the context suites object whenever possible to save
* space. */
#define WOLFSSL_SUITES(ssl) \
((const Suites*) ((ssl)->suites != NULL ? \
@@ -5154,10 +5386,16 @@ typedef struct CIDInfo CIDInfo;
/* wolfSSL ssl type */
struct WOLFSSL {
WOLFSSL_CTX* ctx;
+#if defined(WOLFSSL_HAPROXY)
+ WOLFSSL_CTX* initial_ctx; /* preserve session key materials */
+#endif
Suites* suites; /* Only need during handshake. Can be NULL when
* re-using the context's object. When WOLFSSL
* object needs separate instance of suites use
* AllocateSuites(). */
+#ifdef OPENSSL_EXTRA
+ const Suites* clSuites;
+#endif
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLF_STACK_OF(WOLFSSL_CIPHER)* suitesStack; /* stack of available cipher
* suites */
@@ -5198,13 +5436,13 @@ struct WOLFSSL {
WOLFSSL_HEAP_HINT heap_hint;
#endif
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
- ClientHelloGoodCb chGoodCb; /* notify user we parsed a verified
- * ClientHello */
- void* chGoodCtx; /* user ClientHello cb context */
+ ClientHelloGoodCb chGoodCb; /* notify user we parsed a verified
+ * ClientHello that passed basic tests */
+ void* chGoodCtx; /* user ClientHello cb context */
#endif
#ifndef NO_HANDSHAKE_DONE_CB
- HandShakeDoneCb hsDoneCb; /* notify user handshake done */
- void* hsDoneCtx; /* user handshake cb context */
+ HandShakeDoneCb hsDoneCb; /* notify user handshake done */
+ void* hsDoneCtx; /* user handshake cb context */
#endif
#ifdef WOLFSSL_ASYNC_IO
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -5238,6 +5476,7 @@ struct WOLFSSL {
word32 timeout; /* session timeout */
word32 fragOffset; /* fragment offset */
word16 curSize;
+ word32 curStartIdx;
byte verifyDepth;
RecordLayerHeader curRL;
MsgsReceived msgsReceived; /* peer messages received */
@@ -5246,31 +5485,34 @@ struct WOLFSSL {
CipherSpecs specs;
Keys keys;
Options options;
+#ifdef WOLFSSL_SESSION_ID_CTX
+ byte sessionCtx[ID_LEN]; /* app session context ID */
+ byte sessionCtxSz; /* size of sessionCtx stored */
+#endif
#ifdef OPENSSL_EXTRA
CallbackInfoState* CBIS; /* used to get info about SSL state */
int cbmode; /* read or write on info callback */
int cbtype; /* event type in info callback */
WOLFSSL_BIO* biord; /* socket bio read to free/close */
WOLFSSL_BIO* biowr; /* socket bio write to free/close */
- byte sessionCtx[ID_LEN]; /* app session context ID */
WOLFSSL_X509_VERIFY_PARAM* param; /* verification parameters*/
#endif
#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
word32 disabledCurves; /* curves disabled by user */
#endif
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+ defined(OPENSSL_ALL)
unsigned long peerVerifyRet;
#endif
#ifdef OPENSSL_EXTRA
byte readAhead;
- byte sessionCtxSz; /* size of sessionCtx stored */
#ifdef HAVE_PK_CALLBACKS
void* loggingCtx; /* logging callback argument */
#endif
#endif /* OPENSSL_EXTRA */
#ifndef NO_RSA
RsaKey* peerRsaKey;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
void* RenesasUserCtx;
byte* peerSceTsipEncRsaKeyIndex;
#endif
@@ -5349,7 +5591,6 @@ struct WOLFSSL {
DtlsMsg* dtls_tx_msg;
DtlsMsg* dtls_rx_msg_list;
void* IOCB_CookieCtx; /* gen cookie ctx */
- word32 dtls_expected_rx;
#ifdef WOLFSSL_SESSION_EXPORT
wc_dtls_export dtls_export; /* export function for session */
#endif
@@ -5575,9 +5816,6 @@ struct WOLFSSL {
word32 earlyDataSz;
byte earlyDataStatus;
#endif
-#ifdef OPENSSL_ALL
- long verifyCallbackResult;
-#endif
#if defined(OPENSSL_EXTRA)
WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */
WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */
@@ -5602,8 +5840,8 @@ struct WOLFSSL {
byte clientFinished_len;
byte serverFinished_len;
#endif
-#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
- WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
+#ifndef WOLFSSL_NO_CA_NAMES
+ WOLF_STACK_OF(WOLFSSL_X509_NAME)* client_ca_names;
#endif
#if defined(WOLFSSL_IOTSAFE) && defined(HAVE_PK_CALLBACKS)
IOTSAFE iotsafe;
@@ -5635,6 +5873,11 @@ struct WOLFSSL {
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
WOLFSSL_EchConfig* echConfigs;
#endif
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+ SSLSnifferSecretCb snifferSecretCb;
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
};
/*
@@ -5659,16 +5902,24 @@ struct WOLFSSL {
* Always use SSL specific objects when available and revert to CTX otherwise.
*/
#ifdef WOLFSSL_LOCAL_X509_STORE
-#define SSL_CM(ssl) ((ssl)->x509_store_pt ? (ssl)->x509_store_pt->cm : (ssl)->ctx->cm)
+#define SSL_CM(ssl) ((ssl)->x509_store_pt ? (ssl)->x509_store_pt->cm : \
+ ((ssl)->ctx->x509_store_pt ? (ssl)->ctx->x509_store_pt->cm : \
+ (ssl)->ctx->cm))
#define SSL_STORE(ssl) ((ssl)->x509_store_pt ? (ssl)->x509_store_pt : \
((ssl)->ctx->x509_store_pt ? (ssl)->ctx->x509_store_pt : \
&(ssl)->ctx->x509_store))
+#define CTX_STORE(ctx) ((ctx)->x509_store_pt ? (ctx)->x509_store_pt : \
+ &(ctx)->x509_store)
#else
#define SSL_CM(ssl) (ssl)->ctx->cm
#endif
-
-#define SSL_CA_NAMES(ssl) ((ssl)->ca_names != NULL ? (ssl)->ca_names : \
- (ssl)->ctx->ca_names)
+/* Issue warning when we are modifying the overall context CM */
+#define SSL_CM_WARNING(ssl) \
+ do { \
+ if (SSL_CM( (ssl) ) == (ssl)->ctx->cm) { \
+ WOLFSSL_MSG("Modifying SSL_CTX CM not SSL specific CM"); \
+ } \
+ } while (0)
WOLFSSL_LOCAL int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup);
WOLFSSL_LOCAL int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup);
@@ -5768,6 +6019,16 @@ enum ProvisionSide {
PROVISION_CLIENT_SERVER = 3
};
+/* cipher requirements */
+enum {
+ REQUIRES_RSA,
+ REQUIRES_DHE,
+ REQUIRES_ECC,
+ REQUIRES_ECC_STATIC,
+ REQUIRES_PSK,
+ REQUIRES_RSA_SIG,
+ REQUIRES_AEAD
+};
static const byte kTlsClientStr[SIZEOF_SENDER+1] = { 0x43, 0x4C, 0x4E, 0x54, 0x00 }; /* CLNT */
static const byte kTlsServerStr[SIZEOF_SENDER+1] = { 0x53, 0x52, 0x56, 0x52, 0x00 }; /* SRVR */
@@ -5851,7 +6112,7 @@ WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side);
WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
WOLFSSL_LOCAL int IsAtLeastTLSv1_3(ProtocolVersion pv);
-WOLFSSL_LOCAL int IsEncryptionOn(WOLFSSL* ssl, int isSend);
+WOLFSSL_LOCAL int IsEncryptionOn(const WOLFSSL* ssl, int isSend);
WOLFSSL_LOCAL int TLSv1_3_Capable(WOLFSSL* ssl);
WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl);
@@ -5859,6 +6120,7 @@ WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree);
WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl);
WOLFSSL_LOCAL byte* GetOutputBuffer(WOLFSSL* ssl);
+WOLFSSL_LOCAL int CipherRequires(byte first, byte second, int requirement);
WOLFSSL_LOCAL int VerifyClientSuite(word16 havePSK, byte cipherSuite0,
byte cipherSuite);
@@ -5917,6 +6179,14 @@ WOLFSSL_LOCAL WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA *rsa, WC_RNG **tmpRNG,
ecc_key* pub_key, byte* pubKeyDer, word32* pubKeySz, byte* out,
word32* outlen, int side);
#endif /* HAVE_ECC */
+ #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ WOLFSSL_LOCAL int Sm2wSm3Sign(WOLFSSL* ssl, const byte* id, word32 idSz,
+ const byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key,
+ DerBuffer* keyBufInfo);
+ WOLFSSL_LOCAL int Sm2wSm3Verify(WOLFSSL* ssl, const byte* id,
+ word32 idSz, const byte* in, word32 inSz, const byte* out,
+ word32 outSz, ecc_key* key, buffer* keyBufInfo);
+ #endif /* WOLFSSL_SM2 && WOLFSSL_SM3 */
#ifdef HAVE_ED25519
WOLFSSL_LOCAL int Ed25519CheckPubKey(WOLFSSL* ssl);
WOLFSSL_LOCAL int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
@@ -5946,8 +6216,14 @@ WOLFSSL_LOCAL WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA *rsa, WC_RNG **tmpRNG,
DecodedCert* cert);
#endif
- WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash);
- #ifndef NO_SKID
+ #ifndef GetCA
+ WOLFSSL_LOCAL Signer* GetCA(void* vp, byte* hash);
+ #endif
+ #ifdef WOLFSSL_AKID_NAME
+ WOLFSSL_LOCAL Signer* GetCAByAKID(void* vp, const byte* issuer,
+ word32 issuerSz, const byte* serial, word32 serialSz);
+ #endif
+ #if !defined(NO_SKID) && !defined(GetCAByName)
WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash);
#endif
#endif /* !NO_CERTS */
@@ -5958,6 +6234,9 @@ WOLFSSL_LOCAL int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes,
WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep);
WOLFSSL_LOCAL int CheckAvailableSize(WOLFSSL *ssl, int size);
WOLFSSL_LOCAL int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
+WOLFSSL_LOCAL int MsgCheckEncryption(WOLFSSL* ssl, byte type, byte encrypted);
+WOLFSSL_LOCAL int EarlySanityCheckMsgReceived(WOLFSSL* ssl, byte type,
+ word32 msgSz);
#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret);
#endif
@@ -5972,6 +6251,7 @@ WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret);
WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
#ifndef NO_WOLFSSL_CLIENT
+ WOLFSSL_LOCAL int HaveUniqueSessionObj(WOLFSSL* ssl);
WOLFSSL_LOCAL int SendClientHello(WOLFSSL* ssl);
WOLFSSL_LOCAL int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size);
@@ -5996,7 +6276,7 @@ WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
WOLFSSL_LOCAL int DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch,
const byte* data, byte type,
word32 fragOffset, word32 fragSz, void* heap,
- word32 totalLen);
+ word32 totalLen, byte encrypted);
/* Use WOLFSSL_API to enable src/api.c testing */
WOLFSSL_API DtlsMsg* DtlsMsgFind(DtlsMsg* head, word16 epoch, word32 seq);
@@ -6025,7 +6305,7 @@ WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
#if !defined(NO_WOLFSSL_SERVER)
WOLFSSL_LOCAL int DoClientHelloStateless(WOLFSSL* ssl,
- const byte* input, word32* inOutIdx, word32 helloSz);
+ const byte* input, word32 helloSz, byte isFirstCHFrag, byte* tls13);
#endif /* !defined(NO_WOLFSSL_SERVER) */
#endif /* WOLFSSL_DTLS */
@@ -6053,6 +6333,10 @@ WOLFSSL_LOCAL word32 LowResTimer(void);
WOLFSSL_LOCAL int FindSuiteSSL(const WOLFSSL* ssl, byte* suite);
+WOLFSSL_LOCAL void DecodeSigAlg(const byte* input, byte* hashAlgo,
+ byte* hsType);
+WOLFSSL_LOCAL enum wc_HashType HashAlgoToType(int hashAlgo);
+
#ifndef NO_CERTS
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag,
void* heap);
@@ -6231,6 +6515,7 @@ WOLFSSL_LOCAL word32 nid2oid(int nid, int grp);
#ifdef WOLFSSL_DTLS
WOLFSSL_API int wolfSSL_DtlsUpdateWindow(word16 cur_hi, word32 cur_lo,
word16* next_hi, word32* next_lo, word32 *window);
+WOLFSSL_LOCAL int DtlsUpdateWindow(WOLFSSL* ssl);
WOLFSSL_LOCAL void DtlsResetState(WOLFSSL *ssl);
WOLFSSL_LOCAL int DtlsIgnoreError(int err);
WOLFSSL_LOCAL void DtlsSetSeqNumForReply(WOLFSSL* ssl);
@@ -6294,9 +6579,12 @@ WOLFSSL_LOCAL int Dtls13HashHandshake(WOLFSSL* ssl, const byte* input,
WOLFSSL_LOCAL int Dtls13HashClientHello(const WOLFSSL* ssl, byte* hash,
int* hashSz, const byte* body, word32 length, CipherSpecs* specs);
WOLFSSL_LOCAL void Dtls13FreeFsmResources(WOLFSSL* ssl);
+WOLFSSL_LOCAL void Dtls13RtxFlushBuffered(WOLFSSL* ssl,
+ byte keepNewSessionTicket);
WOLFSSL_LOCAL int Dtls13RtxTimeout(WOLFSSL* ssl);
WOLFSSL_LOCAL int Dtls13ProcessBufferedMessages(WOLFSSL* ssl);
WOLFSSL_LOCAL int Dtls13CheckAEADFailLimit(WOLFSSL* ssl);
+WOLFSSL_LOCAL int Dtls13UpdateWindowRecordRecvd(WOLFSSL* ssl);
#endif /* WOLFSSL_DTLS13 */
#ifdef WOLFSSL_STATIC_EPHEMERAL
@@ -6375,6 +6663,17 @@ WOLFSSL_LOCAL int wolfSSL_quic_keys_active(WOLFSSL* ssl, enum encrypt_side side)
#define WOLFSSL_IS_QUIC(s) 0
#endif /* WOLFSSL_QUIC (else) */
+#if defined(SHOW_SECRETS) && defined(WOLFSSL_SSLKEYLOGFILE)
+WOLFSSL_LOCAL int tls13ShowSecrets(WOLFSSL* ssl, int id, const unsigned char* secret,
+ int secretSz, void* ctx);
+#endif
+
+/* Optional Pre-Master-Secret logging for Wireshark */
+#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_SSLKEYLOGFILE)
+#ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+ #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log"
+#endif
+#endif
#if defined(WOLFSSL_TLS13) && !defined(NO_PSK)
WOLFSSL_LOCAL int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk,
diff --git a/extra/wolfssl/wolfssl/wolfssl/ocsp.h b/extra/wolfssl/wolfssl/wolfssl/ocsp.h
index 8afb196c..4dff068b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/ocsp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/ocsp.h
@@ -53,15 +53,19 @@ typedef struct OcspRequest WOLFSSL_OCSP_REQUEST;
WOLFSSL_LOCAL int InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic);
-WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
- WOLFSSL_BUFFER_INFO* responseBuffer);
+WOLFSSL_LOCAL int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert);
WOLFSSL_LOCAL int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
- WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl);
+ WOLFSSL* ssl);
WOLFSSL_LOCAL int CheckOcspRequest(WOLFSSL_OCSP* ocsp,
- OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer);
+ OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer,
+ void* heap);
WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
- OcspEntry *entry, OcspRequest *ocspRequest);
+ OcspEntry *entry, OcspRequest *ocspRequest,
+ void* heap);
+
+WOLFSSL_LOCAL int CheckOcspResponder(OcspResponse *bs, DecodedCert *cert,
+ void* vp);
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h b/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h
index caecd8be..38e71ae5 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h
@@ -33,6 +33,14 @@
#ifndef NO_AES
#include <wolfssl/wolfcrypt/aes.h>
+
+#if !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) && \
+ defined(WC_AESFREE_IS_MANDATORY)
+#define WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+#endif
+
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
#include <wolfssl/openssl/ssl.h> /* for size_t */
#ifdef __cplusplus
@@ -95,6 +103,8 @@ WOLFSSL_API void wolfSSL_AES_decrypt(
} /* extern "C" */
#endif
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
#endif /* NO_AES */
#endif /* WOLFSSL_AES_H_ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h b/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h
index c2a0e9bc..e6f5a709 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h
@@ -52,6 +52,9 @@
#define BIO_ctrl_pending wolfSSL_BIO_ctrl_pending
#define BIO_wpending wolfSSL_BIO_wpending
#define BIO_get_mem_ptr wolfSSL_BIO_get_mem_ptr
+#ifdef OPENSSL_ALL
+#define BIO_set_mem_buf wolfSSL_BIO_set_mem_buf
+#endif
#define BIO_int_ctrl wolfSSL_BIO_int_ctrl
#define BIO_reset wolfSSL_BIO_reset
#define BIO_s_file wolfSSL_BIO_s_file
@@ -79,6 +82,8 @@
#define BIO_puts wolfSSL_BIO_puts
#define BIO_should_retry wolfSSL_BIO_should_retry
+#define BIO_should_read wolfSSL_BIO_should_read
+#define BIO_should_write wolfSSL_BIO_should_write
#define BIO_TYPE_FILE WOLFSSL_BIO_FILE
#define BIO_TYPE_BIO WOLFSSL_BIO_BIO
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h b/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h
index b8a37368..973b8556 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h
@@ -30,7 +30,7 @@
#ifndef WOLFSSL_BN_H_
#define WOLFSSL_BN_H_
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/wolfmath.h>
#ifdef __cplusplus
@@ -271,7 +271,7 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_mod_inverse wolfSSL_BN_mod_inverse
-#define BN_set_flags(x1, x2)
+#define BN_set_flags(x1, x2) WC_DO_NOTHING
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
#define BN_get_rfc2409_prime_768 wolfSSL_DH_768_prime
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h b/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h
index 7a4e1d8a..f57626f3 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h
@@ -97,7 +97,7 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETT
#define SSLeay wolfSSLeay
#define OpenSSL_version_num wolfSSL_OpenSSL_version_num
-#ifdef WOLFSSL_QT
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_HITCH)
#define SSLEAY_VERSION 0x10001000L
#else
#define SSLEAY_VERSION 0x0090600fL
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h b/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h
index 065c63ce..23ef5e9a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h
@@ -24,6 +24,7 @@
#ifndef WOLFSSL_EC_H_
#define WOLFSSL_EC_H_
+#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/openssl/bn.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/ecc.h>
@@ -264,6 +265,9 @@ WOLFSSL_API
int wolfSSL_EC_METHOD_get_field_type(const WOLFSSL_EC_METHOD *meth);
WOLFSSL_API
WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group);
+WOLFSSL_LOCAL
+int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
+ WOLFSSL_EC_POINT *point);
WOLFSSL_API
int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
const WOLFSSL_EC_POINT *p,
@@ -352,7 +356,7 @@ typedef WOLFSSL_EC_BUILTIN_CURVE EC_builtin_curve;
#define EC_GROUP_order_bits wolfSSL_EC_GROUP_order_bits
#define EC_GROUP_method_of wolfSSL_EC_GROUP_method_of
#ifndef NO_WOLFSSL_STUB
-#define EC_GROUP_set_point_conversion_form(...)
+#define EC_GROUP_set_point_conversion_form(...) WC_DO_NOTHING
#endif
#define EC_METHOD_get_field_type wolfSSL_EC_METHOD_get_field_type
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h b/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h
index ba147ff7..243513c7 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h
@@ -6,5 +6,4 @@
/* ENGINE_load_builtin_engines not needed, as all builtin engines are already
loaded into memory and used on startup. */
-#define ENGINE_load_builtin_engines()
-
+#define ENGINE_load_builtin_engines() WC_DO_NOTHING
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h b/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h
index 4b8bcf33..bdeabf25 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h
@@ -30,7 +30,7 @@
#ifndef WOLFSSL_EVP_H_
#define WOLFSSL_EVP_H_
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifdef WOLFSSL_PREFIX
#include "prefix_evp.h"
@@ -49,6 +49,7 @@
#include <wolfssl/openssl/dsa.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/openssl/dh.h>
+#include <wolfssl/openssl/opensslv.h>
#include <wolfssl/openssl/compat_types.h>
#include <wolfssl/wolfcrypt/aes.h>
@@ -57,11 +58,21 @@
#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/pwdbased.h>
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+#ifdef WOLFSSL_SM4
+ #include <wolfssl/wolfcrypt/sm4.h>
+#endif
#if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
#include <wolfssl/wolfcrypt/coding.h>
#endif
+#ifdef HAVE_ARIA
+ #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -91,6 +102,8 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_384(void);
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_512(void);
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sm3(void);
+
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
@@ -134,6 +147,11 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ccm(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
+#if defined(HAVE_ARIA)
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_128_gcm(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_192_gcm(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_256_gcm(void);
+#endif
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void);
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
@@ -149,7 +167,21 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20_poly1305(void);
#define WOLFSSL_EVP_CHACHA_IV_BYTES (CHACHA_IV_BYTES + sizeof(word32))
WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20(void);
#endif
-
+#ifdef WOLFSSL_SM4_ECB
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ecb(void);
+#endif
+#ifdef WOLFSSL_SM4_CBC
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_cbc(void);
+#endif
+#ifdef WOLFSSL_SM4_CTR
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ctr(void);
+#endif
+#ifdef WOLFSSL_SM4_GCM
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_gcm(void);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ccm(void);
+#endif
typedef union {
#ifndef NO_MD4
@@ -186,6 +218,9 @@ typedef union {
#ifndef WOLFSSL_NOSHA3_512
WOLFSSL_SHA3_512_CTX sha3_512;
#endif
+ #ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+ #endif
} WOLFSSL_Hasher;
@@ -211,6 +246,9 @@ typedef union {
XtsAes xts;
#endif
#endif
+#ifdef HAVE_ARIA
+ wc_Aria aria;
+#endif
#ifndef NO_DES3
Des des;
Des3 des3;
@@ -225,6 +263,9 @@ typedef union {
#ifdef HAVE_CHACHA
ChaCha chacha;
#endif
+#ifdef WOLFSSL_SM4
+ wc_Sm4 sm4;
+#endif
} WOLFSSL_Cipher;
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -266,6 +307,11 @@ typedef union {
#define NID_camellia_256_cbc 753
#define NID_chacha20_poly1305 1018
#define NID_chacha20 1019
+#define NID_sm4_ecb 1133
+#define NID_sm4_cbc 1134
+#define NID_sm4_ctr 1139
+#define NID_sm4_gcm 1248
+#define NID_sm4_ccm 1249
#define NID_md5WithRSA 104
#define NID_md2WithRSAEncryption 9
#define NID_md5WithRSAEncryption 99
@@ -303,6 +349,7 @@ typedef union {
#define NID_shake256 1101
#define NID_sha1 64
#define NID_sha224 675
+#define NID_sm3 1143
#define NID_md2 77
#define NID_md4 257
#define NID_md5 40
@@ -346,6 +393,11 @@ typedef union {
#define NID_auth_srp 1052
#define NID_auth_null 1054
#define NID_auth_any 1055
+/* Curve */
+#define NID_aria_128_gcm 1123
+#define NID_aria_192_gcm 1124
+#define NID_aria_256_gcm 1125
+#define NID_sm2 1172
#define NID_X9_62_id_ecPublicKey EVP_PKEY_EC
#define NID_rsaEncryption EVP_PKEY_RSA
@@ -360,52 +412,60 @@ typedef union {
#define EVP_PKEY_PRINT_INDENT_MAX 128
enum {
- AES_128_CBC_TYPE = 1,
- AES_192_CBC_TYPE = 2,
- AES_256_CBC_TYPE = 3,
- AES_128_CTR_TYPE = 4,
- AES_192_CTR_TYPE = 5,
- AES_256_CTR_TYPE = 6,
- AES_128_ECB_TYPE = 7,
- AES_192_ECB_TYPE = 8,
- AES_256_ECB_TYPE = 9,
- DES_CBC_TYPE = 10,
- DES_ECB_TYPE = 11,
- DES_EDE3_CBC_TYPE = 12,
- DES_EDE3_ECB_TYPE = 13,
- ARC4_TYPE = 14,
- NULL_CIPHER_TYPE = 15,
- EVP_PKEY_RSA = 16,
- EVP_PKEY_DSA = 17,
- EVP_PKEY_EC = 18,
- AES_128_GCM_TYPE = 21,
- AES_192_GCM_TYPE = 22,
- AES_256_GCM_TYPE = 23,
- EVP_PKEY_DH = NID_dhKeyAgreement,
- EVP_PKEY_HMAC = NID_hmac,
- EVP_PKEY_CMAC = NID_cmac,
- EVP_PKEY_HKDF = NID_hkdf,
- EVP_PKEY_FALCON = 300, /* Randomly picked value. */
- EVP_PKEY_DILITHIUM= 301, /* Randomly picked value. */
- AES_128_CFB1_TYPE = 24,
- AES_192_CFB1_TYPE = 25,
- AES_256_CFB1_TYPE = 26,
- AES_128_CFB8_TYPE = 27,
- AES_192_CFB8_TYPE = 28,
- AES_256_CFB8_TYPE = 29,
- AES_128_CFB128_TYPE = 30,
- AES_192_CFB128_TYPE = 31,
- AES_256_CFB128_TYPE = 32,
- AES_128_OFB_TYPE = 33,
- AES_192_OFB_TYPE = 34,
- AES_256_OFB_TYPE = 35,
- AES_128_XTS_TYPE = 36,
- AES_256_XTS_TYPE = 37,
+ AES_128_CBC_TYPE = 1,
+ AES_192_CBC_TYPE = 2,
+ AES_256_CBC_TYPE = 3,
+ AES_128_CTR_TYPE = 4,
+ AES_192_CTR_TYPE = 5,
+ AES_256_CTR_TYPE = 6,
+ AES_128_ECB_TYPE = 7,
+ AES_192_ECB_TYPE = 8,
+ AES_256_ECB_TYPE = 9,
+ DES_CBC_TYPE = 10,
+ DES_ECB_TYPE = 11,
+ DES_EDE3_CBC_TYPE = 12,
+ DES_EDE3_ECB_TYPE = 13,
+ ARC4_TYPE = 14,
+ NULL_CIPHER_TYPE = 15,
+ EVP_PKEY_RSA = 16,
+ EVP_PKEY_DSA = 17,
+ EVP_PKEY_EC = 18,
+ AES_128_GCM_TYPE = 21,
+ AES_192_GCM_TYPE = 22,
+ AES_256_GCM_TYPE = 23,
+ EVP_PKEY_DH = NID_dhKeyAgreement,
+ EVP_PKEY_HMAC = NID_hmac,
+ EVP_PKEY_CMAC = NID_cmac,
+ EVP_PKEY_HKDF = NID_hkdf,
+ EVP_PKEY_FALCON = 300, /* Randomly picked value. */
+ EVP_PKEY_DILITHIUM = 301, /* Randomly picked value. */
+ AES_128_CFB1_TYPE = 24,
+ AES_192_CFB1_TYPE = 25,
+ AES_256_CFB1_TYPE = 26,
+ AES_128_CFB8_TYPE = 27,
+ AES_192_CFB8_TYPE = 28,
+ AES_256_CFB8_TYPE = 29,
+ AES_128_CFB128_TYPE = 30,
+ AES_192_CFB128_TYPE = 31,
+ AES_256_CFB128_TYPE = 32,
+ AES_128_OFB_TYPE = 33,
+ AES_192_OFB_TYPE = 34,
+ AES_256_OFB_TYPE = 35,
+ AES_128_XTS_TYPE = 36,
+ AES_256_XTS_TYPE = 37,
CHACHA20_POLY1305_TYPE = 38,
- CHACHA20_TYPE = 39,
- AES_128_CCM_TYPE = 40,
- AES_192_CCM_TYPE = 41,
- AES_256_CCM_TYPE = 42
+ CHACHA20_TYPE = 39,
+ AES_128_CCM_TYPE = 40,
+ AES_192_CCM_TYPE = 41,
+ AES_256_CCM_TYPE = 42,
+ SM4_ECB_TYPE = 43,
+ SM4_CBC_TYPE = 44,
+ SM4_CTR_TYPE = 45,
+ SM4_GCM_TYPE = 46,
+ SM4_CCM_TYPE = 47,
+ ARIA_128_GCM_TYPE = 48,
+ ARIA_192_GCM_TYPE = 49,
+ ARIA_256_GCM_TYPE = 50
};
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
@@ -421,6 +481,8 @@ struct WOLFSSL_EVP_CIPHER_CTX {
#if !defined(NO_AES)
/* working iv pointer into cipher */
ALIGN16 unsigned char iv[AES_BLOCK_SIZE];
+#elif defined(WOLFSSL_SM4)
+ ALIGN16 unsigned char iv[SM4_BLOCK_SIZE];
#elif defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ALIGN16 unsigned char iv[CHACHA20_POLY1305_AEAD_IV_SIZE];
#elif !defined(NO_DES3)
@@ -433,10 +495,12 @@ struct WOLFSSL_EVP_CIPHER_CTX {
int lastUsed;
#if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_AESGCM) || \
defined (WOLFSSL_AES_XTS) || (defined(HAVE_CHACHA) || \
- defined(HAVE_POLY1305) || defined(HAVE_AESCCM))
+ defined(HAVE_POLY1305) || defined(HAVE_AESCCM)) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
#define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
int ivSz;
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
byte* authBuffer;
int authBufferLen;
byte* authIn;
@@ -445,16 +509,20 @@ struct WOLFSSL_EVP_CIPHER_CTX {
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
byte* key; /* used in partial Init()s */
#endif
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
- (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \
+ (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
+#elif defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+ ALIGN16 unsigned char authTag[SM4_BLOCK_SIZE];
#else
ALIGN16 unsigned char authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
#endif
int authTagSz;
#endif
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+ defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
byte authIvGenEnable:1;
byte authIncIv:1;
#endif
@@ -786,6 +854,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_hkdf_mode(WOLFSSL_EVP_PKEY_CTX* ctx,
#define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER 0x20
#define WOLFSSL_EVP_CIPH_NO_PADDING 0x100
#define WOLFSSL_EVP_CIPH_VARIABLE_LENGTH 0x200
+#define WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED 0x400
#define WOLFSSL_EVP_CIPH_TYPE_INIT 0xff
@@ -877,6 +946,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
#define EVP_ripemd160 wolfSSL_EVP_ripemd160
#define EVP_shake128 wolfSSL_EVP_shake128
#define EVP_shake256 wolfSSL_EVP_shake256
+#define EVP_sm3 wolfSSL_EVP_sm3
#define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt
#define EVP_sha3_224 wolfSSL_EVP_sha3_224
@@ -923,6 +993,14 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
#define EVP_rc4 wolfSSL_EVP_rc4
#define EVP_chacha20 wolfSSL_EVP_chacha20
#define EVP_chacha20_poly1305 wolfSSL_EVP_chacha20_poly1305
+#define EVP_aria_128_gcm wolfSSL_EVP_aria_128_gcm
+#define EVP_aria_192_gcm wolfSSL_EVP_aria_192_gcm
+#define EVP_aria_256_gcm wolfSSL_EVP_aria_256_gcm
+#define EVP_sm4_ecb wolfSSL_EVP_sm4_ecb
+#define EVP_sm4_cbc wolfSSL_EVP_sm4_cbc
+#define EVP_sm4_ctr wolfSSL_EVP_sm4_ctr
+#define EVP_sm4_gcm wolfSSL_EVP_sm4_gcm
+#define EVP_sm4_ccm wolfSSL_EVP_sm4_ccm
#define EVP_enc_null wolfSSL_EVP_enc_null
#define EVP_MD_size wolfSSL_EVP_MD_size
@@ -941,7 +1019,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
#define EVP_MD_block_size wolfSSL_EVP_MD_block_size
#define EVP_MD_type wolfSSL_EVP_MD_type
#ifndef NO_WOLFSSL_STUB
-#define EVP_MD_CTX_set_flags(...)
+#define EVP_MD_CTX_set_flags(...) WC_DO_NOTHING
#endif
#define EVP_Digest wolfSSL_EVP_Digest
@@ -1124,7 +1202,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
#define EVP_CTRL_CCM_SET_MSGLEN 0x15
#define EVP_PKEY_print_public wolfSSL_EVP_PKEY_print_public
-#define EVP_PKEY_print_private(arg1, arg2, arg3, arg4)
+#define EVP_PKEY_print_private(arg1, arg2, arg3, arg4) WC_DO_NOTHING
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h b/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h
index 24526568..5f8d8f7c 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h
@@ -23,7 +23,7 @@
#ifndef WOLFSSL_OBJECTS_H_
#define WOLFSSL_OBJECTS_H_
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifndef OPENSSL_EXTRA_SSL_GUARD
#define OPENSSL_EXTRA_SSL_GUARD
#include <wolfssl/ssl.h>
@@ -62,7 +62,7 @@
#define i2t_ASN1_OBJECT wolfSSL_i2t_ASN1_OBJECT
/* not required for wolfSSL */
-#define OPENSSL_load_builtin_modules()
+#define OPENSSL_load_builtin_modules() WC_DO_NOTHING
#define NID_ad_OCSP 178
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h b/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
index 7584273c..c43e507b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
@@ -24,6 +24,8 @@
#ifndef WOLFSSL_OPENSSLV_H_
#define WOLFSSL_OPENSSLV_H_
+#include <wolfssl/wolfcrypt/settings.h>
+
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
/* api version compatibility */
@@ -37,7 +39,7 @@
defined(WOLFSSL_RSYSLOG) || defined(WOLFSSL_KRB) || defined(HAVE_STUNNEL)
/* For Apache httpd, Use 1.1.0 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10100003L
-#elif defined(WOLFSSL_QT) || defined(WOLFSSL_PYTHON)
+#elif defined(WOLFSSL_QT) || defined(WOLFSSL_PYTHON) || defined(WOLFSSL_KRB)
/* For Qt and Python 3.8.5 compatibility */
#define OPENSSL_VERSION_NUMBER 0x10101000L
#elif defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_FFMPEG)
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h b/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h
index cc3622b7..7284948a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h
@@ -54,6 +54,8 @@
#define RSA_PSS_SALTLEN_DIGEST (-1)
/* Old max salt length */
#define RSA_PSS_SALTLEN_MAX_SIGN (-2)
+/* Verification only value to indicate to discover salt length. */
+#define RSA_PSS_SALTLEN_AUTO (-2)
/* Max salt length */
#define RSA_PSS_SALTLEN_MAX (-3)
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h b/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h
index 6498231e..c3644149 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h
@@ -41,8 +41,8 @@
#define CTX_SHA_HW_ADDER sizeof(STM32_HASH_Context)
#elif defined(WOLFSSL_IMXRT1170_CAAM)
#define CTX_SHA_HW_ADDER (sizeof(caam_hash_ctx_t) + sizeof(caam_handle_t))
-#elif defined(WOLFSSL_ESPWROOM32) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#elif defined(WOLFSSL_ESP32) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
#define CTX_SHA_HW_ADDER sizeof(WC_ESP32SHA)
#else
#define CTX_SHA_HW_ADDER 0
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h b/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h
index d9ada762..77874c77 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h
@@ -29,6 +29,8 @@
#ifndef WOLFSSL_OPENSSL_H_
#define WOLFSSL_OPENSSL_H_
+#include <wolfssl/wolfcrypt/types.h>
+
/* wolfssl_openssl compatibility layer */
#ifndef OPENSSL_EXTRA_SSL_GUARD
#define OPENSSL_EXTRA_SSL_GUARD
@@ -165,6 +167,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
#define CRYPTO_WRITE 0x08
#define CRYPTO_set_locking_callback wolfSSL_set_locking_callback
+#define CRYPTO_get_locking_callback wolfSSL_get_locking_callback
#define CRYPTO_set_dynlock_create_callback wolfSSL_set_dynlock_create_callback
#define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback
#define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
@@ -783,6 +786,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define BIO_method_type wolfSSL_BIO_method_type
#define BIO_set_ssl wolfSSL_BIO_set_ssl
#define BIO_get_ssl wolfSSL_BIO_get_ssl
+#define BIO_new_ssl wolfSSL_BIO_new_ssl
#define BIO_new_ssl_connect wolfSSL_BIO_new_ssl_connect
#define BIO_set_conn_hostname wolfSSL_BIO_set_conn_hostname
#define BIO_eof wolfSSL_BIO_eof
@@ -885,6 +889,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define ASN1_UTF8STRING_free wolfSSL_ASN1_STRING_free
#define ASN1_UTF8STRING_set wolfSSL_ASN1_STRING_set
+#define ASN1_IA5STRING WOLFSSL_ASN1_STRING
+#define ASN1_IA5STRING_new wolfSSL_ASN1_STRING_new
+#define ASN1_IA5STRING_free wolfSSL_ASN1_STRING_free
+#define ASN1_IA5STRING_set wolfSSL_ASN1_STRING_set
+
#define ASN1_PRINTABLE_type(...) V_ASN1_PRINTABLESTRING
#define ASN1_UTCTIME_pr wolfSSL_ASN1_UTCTIME_pr
@@ -899,6 +908,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_client_CA_list wolfSSL_CTX_set_client_CA_list
#define SSL_CTX_set_client_cert_cb wolfSSL_CTX_set_client_cert_cb
#define SSL_CTX_set_cert_store wolfSSL_CTX_set_cert_store
+#ifdef OPENSSL_ALL
+#define SSL_CTX_set1_verify_cert_store wolfSSL_CTX_set1_verify_cert_store
+#endif
#define SSL_set0_verify_cert_store wolfSSL_set0_verify_cert_store
#define SSL_set1_verify_cert_store wolfSSL_set1_verify_cert_store
#define SSL_CTX_get_cert_store(x) wolfSSL_CTX_get_cert_store ((WOLFSSL_CTX*) (x))
@@ -913,6 +925,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define SSL_CTX_set_timeout(ctx, to) \
wolfSSL_CTX_set_timeout(ctx, (unsigned int)(to))
#define SSL_CTX_set_info_callback wolfSSL_CTX_set_info_callback
+#define SSL_set_info_callback wolfSSL_set_info_callback
#define SSL_CTX_set_alpn_protos wolfSSL_CTX_set_alpn_protos
#define SSL_CTX_keylog_cb_func wolfSSL_CTX_keylog_cb_func
@@ -1083,6 +1096,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
wolfSSL_SESSION_get_ticket_lifetime_hint
#define SSL_SESSION_set_timeout wolfSSL_SSL_SESSION_set_timeout
#define SSL_SESSION_get_timeout wolfSSL_SESSION_get_timeout
+#define SSL_SESSION_set_time wolfSSL_SESSION_set_time
#define SSL_SESSION_get_time wolfSSL_SESSION_get_time
#define SSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index
@@ -1092,16 +1106,16 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define PEM_do_header wolfSSL_PEM_do_header
/*#if OPENSSL_API_COMPAT < 0x10100000L*/
-#define CONF_modules_free()
-#define ENGINE_cleanup()
+#define CONF_modules_free() WC_DO_NOTHING
+#define ENGINE_cleanup() WC_DO_NOTHING
#define SSL_CTX_need_tmp_RSA(ctx) 0
#define SSL_CTX_set_tmp_rsa(ctx,rsa) 1
#define SSL_need_tmp_RSA(ssl) 0
#define SSL_set_tmp_rsa(ssl,rsa) 1
/*#endif*/
-#define CONF_modules_unload(a)
-#define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file
+#define CONF_modules_unload(a) WC_DO_NOTHING
+#define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file
#define SSL_get_hit wolfSSL_session_reused
@@ -1233,7 +1247,8 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_CTX_set_tlsext_max_fragment_length \
wolfSSL_CTX_set_tlsext_max_fragment_length
#define SSL_get_server_random wolfSSL_get_server_random
-#define SSL_get_server_tmp_key wolfSSL_get_server_tmp_key
+#define SSL_get_server_tmp_key wolfSSL_get_peer_tmp_key
+#define SSL_get_peer_tmp_key wolfSSL_get_peer_tmp_key
#define SSL_CTX_set_min_proto_version wolfSSL_CTX_set_min_proto_version
#define SSL_CTX_set_max_proto_version wolfSSL_CTX_set_max_proto_version
@@ -1268,6 +1283,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_CTRL_SET_GROUPS 91
#define SSL_CTRL_GET_PEER_TMP_KEY 109
#define SSL_CTRL_GET_SERVER_TMP_KEY SSL_CTRL_GET_PEER_TMP_KEY
+#define SSL_CTRL_GET_CHAIN_CERTS 115
#define SSL_CTRL_SET_MIN_PROTO_VERSION 123
#define SSL_CTRL_SET_MAX_PROTO_VERSION 124
#define SSL_CTRL_GET_MIN_PROTO_VERSION 125
@@ -1353,6 +1369,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define GENERAL_NAME_dup wolfSSL_GENERAL_NAME_dup
#define GENERAL_NAME_print wolfSSL_GENERAL_NAME_print
#define GENERAL_NAME_set0_othername wolfSSL_GENERAL_NAME_set0_othername
+#define GENERAL_NAME_set0_value wolfSSL_GENERAL_NAME_set0_value
#define sk_GENERAL_NAME_push wolfSSL_sk_GENERAL_NAME_push
#define sk_GENERAL_NAME_value wolfSSL_sk_GENERAL_NAME_value
@@ -1380,6 +1397,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define sk_ASN1_OBJECT_pop_free wolfSSL_sk_ASN1_OBJECT_pop_free
#define GENERAL_NAME_free wolfSSL_GENERAL_NAME_free
#define GENERAL_NAMES_free wolfSSL_GENERAL_NAMES_free
+#define EXTENDED_KEY_USAGE_free wolfSSL_EXTENDED_KEY_USAGE_free
#define AUTHORITY_INFO_ACCESS_free wolfSSL_AUTHORITY_INFO_ACCESS_free
#define AUTHORITY_INFO_ACCESS_pop_free wolfSSL_AUTHORITY_INFO_ACCESS_pop_free
@@ -1510,6 +1528,11 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_R_UNEXPECTED_MESSAGE OUT_OF_ORDER_E
#define SSL_R_UNEXPECTED_RECORD SANITY_MSG_E
#define SSL_R_UNKNOWN_ALERT_TYPE BUFFER_ERROR
+#define SSL_R_BAD_DIGEST_LENGTH BUFFER_ERROR
+#define SSL_R_BAD_PACKET_LENGTH BUFFER_ERROR
+#define SSL_R_DATA_LENGTH_TOO_LONG BUFFER_ERROR
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG BUFFER_ERROR
+#define SSL_R_BAD_LENGTH BUFFER_ERROR
#define SSL_R_UNKNOWN_PROTOCOL VERSION_ERROR
#define SSL_R_WRONG_VERSION_NUMBER VERSION_ERROR
#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC ENCRYPT_ERROR
@@ -1519,6 +1542,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_R_CERTIFICATE_VERIFY_FAILED VERIFY_CERT_ERROR
#define SSL_R_CERT_CB_ERROR CLIENT_CERT_CB_ERROR
#define SSL_R_NULL_SSL_METHOD_PASSED BAD_FUNC_ARG
+#define SSL_R_CCS_RECEIVED_EARLY OUT_OF_ORDER_E
#ifdef HAVE_SESSION_TICKET
#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
@@ -1529,6 +1553,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_OP_SINGLE_DH_USE WOLFSSL_OP_SINGLE_DH_USE
#define SSL_OP_SINGLE_ECDH_USE WOLFSSL_OP_SINGLE_ECDH_USE
#define SSL_OP_CIPHER_SERVER_PREFERENCE WOLFSSL_OP_CIPHER_SERVER_PREFERENCE
+#define SSL_OP_NO_RENEGOTIATION WOLFSSL_OP_NO_RENEGOTIATION
#define OPENSSL_config wolfSSL_OPENSSL_config
#define OPENSSL_memdup wolfSSL_OPENSSL_memdup
@@ -1540,6 +1565,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#define SSL_get_wbio wolfSSL_SSL_get_wbio
#define SSL_do_handshake wolfSSL_SSL_do_handshake
#define SSL_in_init wolfSSL_SSL_in_init
+#define SSL_in_before wolfSSL_SSL_in_before
#define SSL_in_connect_init wolfSSL_SSL_in_connect_init
#define SSL_get0_session wolfSSL_SSL_get0_session
#define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
@@ -1637,8 +1663,8 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE;
#endif
#ifndef NO_WOLFSSL_STUB
-#define OBJ_create_objects(...)
-#define sk_SSL_COMP_free(...)
+#define OBJ_create_objects(...) WC_DO_NOTHING
+#define sk_SSL_COMP_free(...) WC_DO_NOTHING
#endif
#define OBJ_dup wolfSSL_ASN1_OBJECT_dup
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h b/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h
index f794a327..a603ce68 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h
@@ -74,47 +74,41 @@
* satisfy OpenSSL compatibility consumers to prevent compilation errors.
* The list was taken from
* https://github.com/openssl/openssl/blob/master/include/openssl/x509_vfy.h.in
+ * One requirement for HAProxy is that the values should be literal constants.
*/
-#define X509_V_OK WOLFSSL_X509_V_OK
+#define X509_V_OK 0
#define X509_V_ERR_UNSPECIFIED 1
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
#define X509_V_ERR_UNABLE_TO_GET_CRL 3
#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
-#define X509_V_ERR_CERT_SIGNATURE_FAILURE \
- WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE
+#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
-#define X509_V_ERR_CERT_NOT_YET_VALID WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID
-#define X509_V_ERR_CERT_HAS_EXPIRED WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED
+#define X509_V_ERR_CERT_NOT_YET_VALID 9
+#define X509_V_ERR_CERT_HAS_EXPIRED 10
#define X509_V_ERR_CRL_NOT_YET_VALID 11
#define X509_V_ERR_CRL_HAS_EXPIRED 12
-#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD \
- WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
-#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD \
- WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
+#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
#define X509_V_ERR_OUT_OF_MEM 17
-#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT \
- WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
+#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
-#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY \
- WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
-#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE \
- WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
-#define X509_V_ERR_CERT_CHAIN_TOO_LONG WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG
-#define X509_V_ERR_CERT_REVOKED WOLFSSL_X509_V_ERR_CERT_REVOKED
-#define X509_V_ERR_NO_ISSUER_PUBLIC_KEY WOLFSSL_X509_V_ERR_INVALID_CA
-#define X509_V_ERR_PATH_LENGTH_EXCEEDED WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED
+#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+#define X509_V_ERR_CERT_REVOKED 23
+#define X509_V_ERR_NO_ISSUER_PUBLIC_KEY 24
+#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
#define X509_V_ERR_INVALID_PURPOSE 26
#define X509_V_ERR_CERT_UNTRUSTED 27
-#define X509_V_ERR_CERT_REJECTED WOLFSSL_X509_V_ERR_CERT_REJECTED
+#define X509_V_ERR_CERT_REJECTED 28
/* These are 'informational' when looking for issuer cert */
-#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH \
- WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH
+#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
#define X509_V_ERR_AKID_SKID_MISMATCH 30
#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h b/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h
index 30c95393..c9c9ad85 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h
@@ -24,6 +24,7 @@
#ifndef WOLFSSL_x509v3_H
#define WOLFSSL_x509v3_H
+#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/openssl/compat_types.h>
#include <wolfssl/openssl/conf.h>
#include <wolfssl/openssl/bio.h>
@@ -159,8 +160,8 @@ WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_a2i_IPADDRESS(const char* ipa);
#define X509V3_EXT_conf_nid wolfSSL_X509V3_EXT_conf_nid
#define X509V3_set_ctx wolfSSL_X509V3_set_ctx
#ifndef NO_WOLFSSL_STUB
-#define X509V3_set_nconf(...)
-#define X509V3_EXT_cleanup(...)
+#define X509V3_set_nconf(...) WC_DO_NOTHING
+#define X509V3_EXT_cleanup(...) WC_DO_NOTHING
#endif
#define X509V3_set_ctx_test(ctx) wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
#define X509V3_set_ctx_nodb wolfSSL_X509V3_set_ctx_nodb
diff --git a/extra/wolfssl/wolfssl/wolfssl/quic.h b/extra/wolfssl/wolfssl/wolfssl/quic.h
index 87195116..c1462cba 100644
--- a/extra/wolfssl/wolfssl/wolfssl/quic.h
+++ b/extra/wolfssl/wolfssl/wolfssl/quic.h
@@ -52,7 +52,7 @@ typedef struct wolfssl_quic_method_t WOLFSSL_QUIC_METHOD;
struct wolfssl_quic_method_t {
/**
- * Provide secrets to the QUIC stack when they becaome available in the SSL
+ * Provide secrets to the QUIC stack when they become available in the SSL
* instance during handshake processing. read/write secrets have the same
* length. A call may only provide one, passing NULL as the other.
*/
diff --git a/extra/wolfssl/wolfssl/wolfssl/sniffer.h b/extra/wolfssl/wolfssl/wolfssl/sniffer.h
index 5fe023f6..3b5f2373 100644
--- a/extra/wolfssl/wolfssl/wolfssl/sniffer.h
+++ b/extra/wolfssl/wolfssl/wolfssl/sniffer.h
@@ -313,6 +313,35 @@ SSL_SNIFFER_API int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents,
#endif /* WOLFSSL_ASYNC_CRYPT */
+#ifdef WOLFSSL_SNIFFER_KEYLOGFILE
+
+typedef enum {
+ SNIFFER_SECRET_TLS12_MASTER_SECRET,
+#if defined(WOLFSSL_TLS13)
+ SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET,
+ SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+ SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+ SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET,
+ SNIFFER_SECRET_SERVER_TRAFFIC_SECRET,
+#endif /* WOLFSSL_TLS13 */
+ SNIFFER_SECRET_NUM_SECRET_TYPES
+} SnifferSecretType;
+
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_CreateKeyLogSnifferServer(const char* address,
+ int port,
+ char* error);
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile,
+ char* error);
+
+typedef int (*SSLSnifferSecretCb)(unsigned char* client_random,
+ int type,
+ unsigned char* output_secret);
+
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
#ifdef __cplusplus
diff --git a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h
index bea4c130..841241d9 100644
--- a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h
+++ b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h
@@ -142,6 +142,8 @@
#define SNIFFER_KEY_SETUP_STR 96
#define UNSUPPORTED_TLS_VER_STR 97
#define KEY_MISMATCH_STR 98
+
+#define KEYLOG_FILE_INVALID 99
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
diff --git a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc
index 113aee59..dca40db8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc
+++ b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc
@@ -1,5 +1,5 @@
-STRINGTABLE
+STRINGTABLE
{
1, "Out of Memory"
2, "New SSL Sniffer Server Registered"
@@ -60,7 +60,7 @@ STRINGTABLE
48, "Wrong Protocol type"
49, "Packet Short for header processing"
50, "Got Unknown Record Type"
-
+
51, "Can't Open Trace File"
52, "Session in Fatal Error State"
53, "Partial SSL record received"
@@ -72,7 +72,7 @@ STRINGTABLE
58, "Received an Overlap Duplicate Packet"
59, "Received an Overlap Reassembly Begin Duplicate Packet"
60, "Received an Overlap Reassembly End Duplicate Packet"
-
+
61, "Missed the Client Hello Entirely"
62, "Got Hello Request msg"
63, "Got Session Ticket msg"
@@ -118,4 +118,6 @@ STRINGTABLE
96, "Setting up keys"
97, "Unsupported TLS Version"
98, "Server Client Key Mismatch"
+
+ 99, "Invalid or missing keylog file"
}
diff --git a/extra/wolfssl/wolfssl/wolfssl/ssl.h b/extra/wolfssl/wolfssl/wolfssl/ssl.h
index 648cdbce..907b3691 100644
--- a/extra/wolfssl/wolfssl/wolfssl/ssl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/ssl.h
@@ -525,6 +525,9 @@ struct WOLFSSL_BIO_METHOD {
wolfssl_BIO_meth_ctrl_info_cb ctrlInfoCb;
};
+#define WOLFSSL_BIO_METHOD_INIT(bio_type) \
+ { bio_type, { 0 }, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
+
/* wolfSSL BIO type */
typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg,
int iarg, long larg, long return_value);
@@ -1061,8 +1064,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(
#define WOLFSSL_LOAD_FLAG_IGNORE_ERR 0x00000001
#define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002
#define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY 0x00000004
-#if defined(WOLFSSL_QT)
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
#define WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR 0x00000008
+#endif
+#if defined(WOLFSSL_QT)
#define WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE 0x00000010
#endif
@@ -1181,18 +1186,20 @@ WOLFSSL_API int wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
WOLFSSL_API int wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_request_certificate(WOLFSSL* ssl);
-WOLFSSL_API int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
-WOLFSSL_API int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
-
WOLFSSL_API int wolfSSL_preferred_group(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
int count);
WOLFSSL_API int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SUPPORTED_CURVES)
WOLFSSL_API int wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups,
int count);
WOLFSSL_API int wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count);
+
+#ifdef HAVE_ECC
+WOLFSSL_API int wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
+WOLFSSL_API int wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
+#endif
#endif
WOLFSSL_API int wolfSSL_connect_TLSv13(WOLFSSL* ssl);
@@ -1233,6 +1240,7 @@ WOLFSSL_API int wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *
WOLFSSL_ABI WOLFSSL_API int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t);
+WOLFSSL_API long wolfSSL_SESSION_set_time(WOLFSSL_SESSION *ses, long t);
WOLFSSL_ABI WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
WOLFSSL_ABI WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm);
WOLFSSL_API void wolfSSL_CTX_flush_sessions(WOLFSSL_CTX* ctx, long tm);
@@ -1470,8 +1478,10 @@ typedef struct WOLFSSL_SRTP_PROTECTION_PROFILE {
} WOLFSSL_SRTP_PROTECTION_PROFILE;
/* Compatibility API's for SRTP */
-WOLFSSL_API int wolfSSL_CTX_set_tlsext_use_srtp(WOLFSSL_CTX* ctx, const char*);
-WOLFSSL_API int wolfSSL_set_tlsext_use_srtp(WOLFSSL* ssl, const char*);
+WOLFSSL_API int wolfSSL_CTX_set_tlsext_use_srtp(WOLFSSL_CTX* ctx,
+ const char* profile_str);
+WOLFSSL_API int wolfSSL_set_tlsext_use_srtp(WOLFSSL* ssl,
+ const char* wolfSSL_set_tlsext_use_srtp);
WOLFSSL_API const WOLFSSL_SRTP_PROTECTION_PROFILE*
wolfSSL_get_selected_srtp_profile(WOLFSSL* ssl);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_SRTP_PROTECTION_PROFILE)*
@@ -1479,7 +1489,7 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_SRTP_PROTECTION_PROFILE)*
/* Non standard API for getting the SRTP session keys using KDF */
WOLFSSL_API int wolfSSL_export_dtls_srtp_keying_material(WOLFSSL* ssl,
- unsigned char*, size_t*);
+ unsigned char* out, size_t* olen);
#endif /* WOLFSSL_SRTP */
WOLFSSL_API int wolfSSL_dtls_get_drop_stats(WOLFSSL* ssl,
@@ -1518,6 +1528,7 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap);
WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk);
WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk);
+WOLFSSL_API WOLFSSL_STACK* wolfSSL_shallow_sk_dup(WOLFSSL_STACK* sk);
WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx);
WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
@@ -1561,6 +1572,8 @@ WOLFSSL_API WOLFSSL_GENERAL_NAMES* wolfSSL_GENERAL_NAMES_dup(
WOLFSSL_API int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
WOLFSSL_ASN1_OBJECT* oid,
WOLFSSL_ASN1_TYPE* value);
+WOLFSSL_API void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a,
+ int type, void *value);
WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_GENERAL_NAME_new(void *cmpFunc);
WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk,
@@ -1574,6 +1587,7 @@ WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_free(WOLFSSL_STACK* sk);
WOLFSSL_API void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES* name);
WOLFSSL_API int wolfSSL_GENERAL_NAME_print(WOLFSSL_BIO* out,
WOLFSSL_GENERAL_NAME* name);
+WOLFSSL_API void wolfSSL_EXTENDED_KEY_USAGE_free(WOLFSSL_STACK * sk);
WOLFSSL_API WOLFSSL_DIST_POINT* wolfSSL_DIST_POINT_new(void);
WOLFSSL_API void wolfSSL_DIST_POINT_free(WOLFSSL_DIST_POINT* dp);
@@ -1646,7 +1660,7 @@ WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX* ctx,
WOLFSSL_SESSION* session);
WOLFSSL_API int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session,
const WOLFSSL_CIPHER* cipher);
-WOLFSSL_API int wolfSSL_is_init_finished(WOLFSSL* ssl);
+WOLFSSL_API int wolfSSL_is_init_finished(const WOLFSSL* ssl);
WOLFSSL_API const char* wolfSSL_get_version(const WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
@@ -1683,7 +1697,7 @@ WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port,
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD* method);
#else
-WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD* method);
#endif
WOLFSSL_API int wolfSSL_BIO_free(WOLFSSL_BIO* bio);
WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO* bio);
@@ -1739,6 +1753,8 @@ WOLFSSL_API void wolfSSL_BIO_set_shutdown(WOLFSSL_BIO* bio, int shut);
WOLFSSL_API int wolfSSL_BIO_get_shutdown(WOLFSSL_BIO* bio);
WOLFSSL_API void wolfSSL_BIO_clear_retry_flags(WOLFSSL_BIO* bio);
WOLFSSL_API int wolfSSL_BIO_should_retry(WOLFSSL_BIO *bio);
+WOLFSSL_API int wolfSSL_BIO_should_read(WOLFSSL_BIO *bio);
+WOLFSSL_API int wolfSSL_BIO_should_write(WOLFSSL_BIO *bio);
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_meth_new(int type, const char* name);
WOLFSSL_API void wolfSSL_BIO_meth_free(WOLFSSL_BIO_METHOD* biom);
@@ -1774,6 +1790,7 @@ WOLFSSL_API long wolfSSL_BIO_set_conn_hostname(WOLFSSL_BIO* b, char* name);
WOLFSSL_API long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port);
WOLFSSL_API long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b);
WOLFSSL_API int wolfSSL_BIO_do_accept(WOLFSSL_BIO *b);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_ssl(WOLFSSL_CTX* ctx, int client);
WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_ssl_connect(WOLFSSL_CTX* ctx);
WOLFSSL_API long wolfSSL_BIO_do_handshake(WOLFSSL_BIO *b);
@@ -1796,6 +1813,10 @@ WOLFSSL_API int wolfSSL_BIO_tell(WOLFSSL_BIO* bio);
WOLFSSL_API int wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
+#ifdef OPENSSL_ALL
+WOLFSSL_API int wolfSSL_BIO_set_mem_buf(WOLFSSL_BIO* bio, WOLFSSL_BUF_MEM* bufMem,
+ int closeFlag);
+#endif
WOLFSSL_API int wolfSSL_BIO_get_len(WOLFSSL_BIO *bio);
#endif
@@ -1815,8 +1836,10 @@ WOLFSSL_API int wolfSSL_COMP_add_compression_method(int method, void* data);
WOLFSSL_API unsigned long wolfSSL_thread_id(void);
WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void));
-WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*,
- int));
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+WOLFSSL_API void wolfSSL_set_locking_callback(mutex_cb* f);
+WOLFSSL_API mutex_cb* wolfSSL_get_locking_callback(void);
+#endif
WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)
(const char*, int));
WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int,
@@ -2100,6 +2123,19 @@ WOLFSSL_API void wolfSSL_CTX_set_client_cert_cb(WOLFSSL_CTX *ctx, client_cert_cb
typedef int (*CertSetupCallback)(WOLFSSL* ssl, void*);
WOLFSSL_API void wolfSSL_CTX_set_cert_cb(WOLFSSL_CTX* ctx,
CertSetupCallback cb, void *arg);
+WOLFSSL_API int wolfSSL_get_client_suites_sigalgs(const WOLFSSL* ssl,
+ const byte** suites, word16* suiteSz,
+ const byte** hashSigAlgo, word16* hashSigAlgoSz);
+typedef struct WOLFSSL_CIPHERSUITE_INFO {
+ byte rsaAuth:1;
+ byte eccAuth:1;
+ byte eccStatic:1;
+ byte psk:1;
+} WOLFSSL_CIPHERSUITE_INFO;
+WOLFSSL_API WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
+ byte second);
+WOLFSSL_API int wolfSSL_get_sigalg_info(byte first,
+ byte second, int* hashAlgo, int* sigAlgo);
WOLFSSL_LOCAL int CertSetupCbWrapper(WOLFSSL* ssl);
WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(
@@ -2148,6 +2184,8 @@ WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);
WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
void (*f)(const WOLFSSL* ssl, int type, int val));
+WOLFSSL_API void wolfSSL_set_info_callback(WOLFSSL* ssl,
+ void (*f)(const WOLFSSL* ssl, int type, int val));
WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void);
WOLFSSL_API int wolfSSL_GET_REASON(int);
@@ -2250,26 +2288,27 @@ enum {
WOLFSSL_OP_TLS_D5_BUG = 0x00000080,
WOLFSSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000100,
WOLFSSL_OP_TLS_ROLLBACK_BUG = 0x00000200,
+ WOLFSSL_OP_NO_RENEGOTIATION = 0x00000400,
WOLFSSL_OP_EPHEMERAL_RSA = 0x00000800,
- WOLFSSL_OP_NO_SSLv3 = 0x00001000,
- WOLFSSL_OP_NO_TLSv1 = 0x00002000,
+ WOLFSSL_OP_NO_SSLv3 = 0x00001000,
+ WOLFSSL_OP_NO_TLSv1 = 0x00002000,
WOLFSSL_OP_PKCS1_CHECK_1 = 0x00004000,
WOLFSSL_OP_PKCS1_CHECK_2 = 0x00008000,
WOLFSSL_OP_NETSCAPE_CA_DN_BUG = 0x00010000,
WOLFSSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 0x00020000,
- WOLFSSL_OP_SINGLE_DH_USE = 0x00040000,
+ WOLFSSL_OP_SINGLE_DH_USE = 0x00040000,
WOLFSSL_OP_NO_TICKET = 0x00080000,
WOLFSSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00100000,
WOLFSSL_OP_NO_QUERY_MTU = 0x00200000,
WOLFSSL_OP_COOKIE_EXCHANGE = 0x00400000,
WOLFSSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00800000,
- WOLFSSL_OP_SINGLE_ECDH_USE = 0x01000000,
- WOLFSSL_OP_CIPHER_SERVER_PREFERENCE = 0x02000000,
- WOLFSSL_OP_NO_TLSv1_1 = 0x04000000,
- WOLFSSL_OP_NO_TLSv1_2 = 0x08000000,
- WOLFSSL_OP_NO_COMPRESSION = 0x10000000,
- WOLFSSL_OP_NO_TLSv1_3 = 0x20000000,
- WOLFSSL_OP_NO_SSLv2 = 0x40000000,
+ WOLFSSL_OP_SINGLE_ECDH_USE = 0x01000000,
+ WOLFSSL_OP_CIPHER_SERVER_PREFERENCE = 0x02000000,
+ WOLFSSL_OP_NO_TLSv1_1 = 0x04000000,
+ WOLFSSL_OP_NO_TLSv1_2 = 0x08000000,
+ WOLFSSL_OP_NO_COMPRESSION = 0x10000000,
+ WOLFSSL_OP_NO_TLSv1_3 = 0x20000000,
+ WOLFSSL_OP_NO_SSLv2 = 0x40000000,
WOLFSSL_OP_ALL =
(WOLFSSL_OP_MICROSOFT_SESS_ID_BUG
| WOLFSSL_OP_NETSCAPE_CHALLENGE_BUG
@@ -2285,7 +2324,7 @@ enum {
};
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
- defined(HAVE_WEBSERVER)
+ defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
/* for compatibility these must be macros */
#define SSL_OP_MICROSOFT_SESS_ID_BUG WOLFSSL_OP_MICROSOFT_SESS_ID_BUG
@@ -2386,8 +2425,8 @@ enum {
* limit the possibility of an infinite retry loop
*/
SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */
- /* Errors used in wolfSSL.
- * Should map the defines in wolfssl/openssl/x509.h
+ /* Errors used in wolfSSL. utilize the values from the defines in
+ * wolfssl/openssl/x509.h, but without the WOLFSSL_ prefix.
*/
WOLFSSL_X509_V_OK = 0,
WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE = 7,
@@ -2535,7 +2574,9 @@ enum { /* ssl Constants */
WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR = 0x0008,
WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 0x0100,
WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE = 0x0200,
- WOLFSSL_SESS_CACHE_NO_INTERNAL = 0x0300,
+ WOLFSSL_SESS_CACHE_NO_INTERNAL =
+ (WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE |
+ WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP),
WOLFSSL_ERROR_WANT_READ = 2,
WOLFSSL_ERROR_WANT_WRITE = 3,
@@ -3227,7 +3268,11 @@ enum BulkCipherAlgorithm {
wolfssl_aes_gcm = 7,
wolfssl_aes_ccm = 8,
wolfssl_chacha = 9,
- wolfssl_camellia = 10
+ wolfssl_camellia = 10,
+ wolfssl_sm4_cbc = 11,
+ wolfssl_sm4_gcm = 12,
+ wolfssl_sm4_ccm = 13,
+ wolfssl_aria_gcm = 14
};
@@ -3235,7 +3280,8 @@ enum BulkCipherAlgorithm {
enum KDF_MacAlgorithm {
wolfssl_sha256 = 4, /* needs to match hash.h wc_MACAlgorithm */
wolfssl_sha384,
- wolfssl_sha512
+ wolfssl_sha512,
+ wolfssl_sm3 = 9
};
@@ -3541,70 +3587,73 @@ WOLFSSL_API void wolfSSL_CTX_SetPerformTlsRecordProcessingCb(WOLFSSL_CTX* ctx,
WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm);
- WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* f,
- const char* d);
+ WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm,
+ const char* f, const char* d);
WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* in, long sz, int format, int userChain,
- word32 flags);
+ const unsigned char* buff, long sz, int format, int userChain,
+ word32 flags);
WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* in, long sz, int format);
+ const unsigned char* buff, long sz, int format);
WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
#ifdef WOLFSSL_TRUST_PEER_CERT
- WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm);
+ WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(
+ WOLFSSL_CERT_MANAGER* cm);
#endif
- WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* f,
- int format);
+ WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm,
+ const char* f, int format);
WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* buff, long sz, int format);
+ const unsigned char* buff, long sz, int format);
WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
- unsigned char* der, int sz);
+ const unsigned char* der, int sz);
WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
- int options);
+ int options);
WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm,
- VerifyCallback vc);
+ VerifyCallback vc);
WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm,
- const char* path, int type, int monitor);
+ const char* path, int type, int monitor);
WOLFSSL_API int wolfSSL_CertManagerLoadCRLFile(WOLFSSL_CERT_MANAGER* cm,
- const char* file, int type);
+ const char* file, int type);
WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
- const unsigned char* buff, long sz, int type);
+ const unsigned char* buff, long sz, int type);
WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm,
- CbMissingCRL cb);
+ CbMissingCRL cb);
WOLFSSL_API int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm);
#ifdef HAVE_CRL_IO
WOLFSSL_API int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm,
- CbCrlIO cb);
+ CbCrlIO cb);
#endif
#if defined(HAVE_OCSP)
- WOLFSSL_API int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER* cm,
- byte *response, int responseSz, WOLFSSL_BUFFER_INFO *responseBuffer,
- CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest);
+ WOLFSSL_API int wolfSSL_CertManagerCheckOCSPResponse(
+ WOLFSSL_CERT_MANAGER* cm, unsigned char *response, int responseSz,
+ WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
+ OcspEntry *entry, OcspRequest *ocspRequest);
#endif
WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
- unsigned char* der, int sz);
+ const unsigned char* der, int sz);
WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
- int options);
+ int options);
WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm);
- WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
- const char* url);
+ WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(
+ WOLFSSL_CERT_MANAGER* cm, const char* url);
WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
- CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx);
+ CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx);
WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling(
- WOLFSSL_CERT_MANAGER* cm);
+ WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_CertManagerDisableOCSPStapling(
- WOLFSSL_CERT_MANAGER* cm);
+ WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_CertManagerEnableOCSPMustStaple(
- WOLFSSL_CERT_MANAGER* cm);
+ WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API int wolfSSL_CertManagerDisableOCSPMustStaple(
- WOLFSSL_CERT_MANAGER* cm);
+ WOLFSSL_CERT_MANAGER* cm);
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \
!defined(NO_FILESYSTEM)
-WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm);
+WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(
+ WOLFSSL_CERT_MANAGER* cm);
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs(
- WOLFSSL_X509_STORE_CTX* ctx, WOLFSSL_X509_NAME* name);
+ WOLFSSL_X509_STORE_CTX* ctx, WOLFSSL_X509_NAME* name);
#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl);
@@ -3895,8 +3944,12 @@ enum {
WOLFSSL_ECC_BRAINPOOLP512R1 = 28,
WOLFSSL_ECC_X25519 = 29,
WOLFSSL_ECC_X448 = 30,
- WOLFSSL_ECC_MAX = 30,
+ WOLFSSL_ECC_SM2P256V1 = 41,
+ WOLFSSL_ECC_MAX = 41,
+ WOLFSSL_ECC_MAX_AVAIL = 46,
+ /* Update use of disabled curves when adding value greater than 46. */
+ WOLFSSL_FFDHE_START = 256,
WOLFSSL_FFDHE_2048 = 256,
WOLFSSL_FFDHE_3072 = 257,
WOLFSSL_FFDHE_4096 = 258,
@@ -3961,8 +4014,10 @@ WOLFSSL_API int wolfSSL_NoKeyShares(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx);
+#ifdef HAVE_SECURE_RENEGOTIATION
WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_SecureResume(WOLFSSL* ssl);
+#endif
WOLFSSL_API long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl);
#endif
@@ -4226,6 +4281,7 @@ WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
const WOLFSSL_X509_NAME* y);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
+WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME* name);
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to);
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
@@ -4337,6 +4393,10 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509) *wolfSSL_get0_verified_chain(
const WOLFSSL *ssl);
WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
WOLFSSL_X509_STORE* str);
+#ifdef OPENSSL_ALL
+WOLFSSL_API int wolfSSL_CTX_set1_verify_cert_store(WOLFSSL_CTX* ctx,
+ WOLFSSL_X509_STORE* str);
+#endif
WOLFSSL_API int wolfSSL_set0_verify_cert_store(WOLFSSL *ssl,
WOLFSSL_X509_STORE* str);
WOLFSSL_API int wolfSSL_set1_verify_cert_store(WOLFSSL *ssl,
@@ -4357,7 +4417,9 @@ WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio);
WOLFSSL_API int wolfSSL_BIO_supports_pending(const WOLFSSL_BIO *bio);
WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
-WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey);
+/* Definition for backwards comaptiblity */
+#define wolfSSL_get_server_tmp_key wolfSSL_get_peer_tmp_key
+WOLFSSL_API int wolfSSL_get_peer_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey);
WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX* ctx, int version);
WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX* ctx, int version);
@@ -4895,6 +4957,7 @@ WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL* ssl);
#else
WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL* ssl);
#endif
+WOLFSSL_API int wolfSSL_SSL_in_before(const WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl);
#ifndef NO_SESSION_CACHE
@@ -4964,6 +5027,13 @@ WOLFSSL_API int wolfSSL_select_next_proto(unsigned char **out,
const unsigned char *in, unsigned int inlen,
const unsigned char *client,
unsigned int client_len);
+WOLFSSL_API void wolfSSL_set_alpn_select_cb(WOLFSSL *ssl,
+ int (*cb) (WOLFSSL *ssl,
+ const unsigned char **out,
+ unsigned char *outlen,
+ const unsigned char *in,
+ unsigned int inlen,
+ void *arg), void *arg);
WOLFSSL_API void wolfSSL_CTX_set_alpn_select_cb(WOLFSSL_CTX *ctx,
int (*cb) (WOLFSSL *ssl,
const unsigned char **out,
@@ -5103,6 +5173,29 @@ WOLFSSL_API int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
const unsigned char** key, unsigned int* keySz);
#endif
+#ifdef HAVE_RPK
+/* cert type for client_certificate_type/server_certificate_type extensions */
+enum {
+ WOLFSSL_CERT_TYPE_UNKNOWN = -1,
+ WOLFSSL_CERT_TYPE_X509 = 0,
+ WOLFSSL_CERT_TYPE_RPK = 2,
+};
+#define MAX_CLIENT_CERT_TYPE_CNT 2
+#define MAX_SERVER_CERT_TYPE_CNT 2
+
+WOLFSSL_API int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx,
+ const char* buf, int len);
+WOLFSSL_API int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx,
+ const char* buf, int len);
+WOLFSSL_API int wolfSSL_set_client_cert_type(WOLFSSL* ssl,
+ const char* buf, int len);
+WOLFSSL_API int wolfSSL_set_server_cert_type(WOLFSSL* ssl,
+ const char* buf, int len);
+WOLFSSL_API int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
+WOLFSSL_API int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
+#endif /* HAVE_RPK */
+
+
#if defined(OPENSSL_EXTRA)
#ifndef WOLFCRYPT_ONLY
WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx);
@@ -5158,6 +5251,13 @@ WOLFSSL_API int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
unsigned int bufferSz);
#endif /* defined(WOLFSSL_DTLS_CID) */
+#ifdef WOLFSSL_DTLS_CH_FRAG
+ WOLFSSL_API int wolfSSL_dtls13_allow_ch_frag(WOLFSSL *ssl, int enabled);
+#endif
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+ WOLFSSL_API int wolfSSL_dtls13_no_hrr_on_resume(WOLFSSL *ssl, int enabled);
+#endif
+
/* */
#define SSL2_VERSION 0x0002
#define SSL3_VERSION 0x0300
diff --git a/extra/wolfssl/wolfssl/wolfssl/test.h b/extra/wolfssl/wolfssl/wolfssl/test.h
index fff63630..5265e87f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/test.h
+++ b/extra/wolfssl/wolfssl/wolfssl/test.h
@@ -28,6 +28,9 @@
#ifndef wolfSSL_TEST_H
#define wolfSSL_TEST_H
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
+
#ifdef FUSION_RTOS
#include <fclstdio.h>
#include <fclstdlib.h>
@@ -182,7 +185,9 @@
#include <sys/ioctl.h>
#include <sys/time.h>
#include <sys/socket.h>
- #include <pthread.h>
+ #ifdef HAVE_PTHREAD
+ #include <pthread.h>
+ #endif
#include <fcntl.h>
#ifdef TEST_IPV6
#include <netdb.h>
@@ -248,7 +253,7 @@
#elif defined(WOLFSSL_TIRTOS)
#define WOLFSSL_SOCKET_INVALID ((SOCKET_T)-1)
#else
- #define WOLFSSL_SOCKET_INVALID (SOCKET_T)(0)
+ #define WOLFSSL_SOCKET_INVALID (SOCKET_T)(-1)
#endif
#endif /* WOLFSSL_SOCKET_INVALID */
@@ -358,13 +363,13 @@ err_sys_with_errno(const char* msg)
} \
} while(0)
-#define PTHREAD_CHECK_RET(...) do { \
- int _pthread_ret = (__VA_ARGS__); \
- if (_pthread_ret != 0) { \
- errno = _pthread_ret; \
+#define THREAD_CHECK_RET(...) do { \
+ int _thread_ret = (__VA_ARGS__); \
+ if (_thread_ret != 0) { \
+ errno = _thread_ret; \
fprintf(stderr, "%s L%d error %d for \"%s\"\n", \
- __FILE__, __LINE__, _pthread_ret, #__VA_ARGS__); \
- err_sys("pthread call failed"); \
+ __FILE__, __LINE__, _thread_ret, #__VA_ARGS__); \
+ err_sys("thread call failed"); \
} \
} while(0)
@@ -529,12 +534,13 @@ typedef struct tcp_ready {
word16 ready; /* predicate */
word16 port;
char* srfName; /* server ready file name */
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
- pthread_mutex_t mutex;
- pthread_cond_t cond;
+#ifndef SINGLE_THREADED
+#ifdef WOLFSSL_COND
+ wolfSSL_Mutex mutex;
+ COND_TYPE cond;
+#else /* No signaling available, rely only on the mutex */
+ wolfSSL_Mutex mutex;
#endif
-#ifdef NETOS
- TX_MUTEX mutex;
#endif
} tcp_ready;
@@ -543,12 +549,12 @@ static WC_INLINE void InitTcpReady(tcp_ready* ready)
ready->ready = 0;
ready->port = 0;
ready->srfName = NULL;
-#ifdef SINGLE_THREADED
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_mutex_init(&ready->mutex, 0));
- PTHREAD_CHECK_RET(pthread_cond_init(&ready->cond, 0));
-#elif defined(NETOS)
- tx_mutex_create(&ready->mutex, "wolfSSL Lock", TX_INHERIT);
+
+#ifndef SINGLE_THREADED
+ THREAD_CHECK_RET(wc_InitMutex(&ready->mutex));
+ #ifdef WOLFSSL_COND
+ THREAD_CHECK_RET(wolfSSL_CondInit(&ready->cond));
+ #endif
#endif
}
@@ -558,13 +564,11 @@ static WC_INLINE void InitTcpReady(tcp_ready* ready)
static WC_INLINE void FreeTcpReady(tcp_ready* ready)
{
-#ifdef SINGLE_THREADED
- (void)ready;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
- PTHREAD_CHECK_RET(pthread_mutex_destroy(&ready->mutex));
- PTHREAD_CHECK_RET(pthread_cond_destroy(&ready->cond));
-#elif defined(NETOS)
- tx_mutex_delete(&ready->mutex);
+#ifndef SINGLE_THREADED
+ THREAD_CHECK_RET(wc_FreeMutex(&ready->mutex));
+#ifdef WOLFSSL_COND
+ THREAD_CHECK_RET(wolfSSL_CondFree(&ready->cond));
+#endif
#else
(void)ready;
#endif
@@ -599,14 +603,14 @@ typedef struct callback_functions {
unsigned char doUdp:1;
} callback_functions;
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
typedef struct srtp_test_helper {
- pthread_mutex_t mutex;
- pthread_cond_t cond;
+ wolfSSL_Mutex mutex;
+ COND_TYPE cond;
uint8_t* server_srtp_ekm;
size_t server_srtp_ekm_size;
} srtp_test_helper;
-#endif
+#endif /* WOLFSSL_SRTP WOLFSSL_COND */
typedef struct func_args {
int argc;
@@ -614,7 +618,7 @@ typedef struct func_args {
int return_code;
tcp_ready* signal;
callback_functions *callbacks;
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
srtp_test_helper* srtp_helper;
#endif
} func_args;
@@ -627,14 +631,10 @@ typedef struct func_args {
void wait_tcp_ready(func_args* args);
-#ifdef WOLFSSL_ZEPHYR
-typedef void THREAD_FUNC(void*, void*, void*);
-#else
-typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*);
-#endif
-
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread);
+#ifndef SINGLE_THREADED
+void start_thread(THREAD_CB fun, func_args* args, THREAD_TYPE* thread);
void join_thread(THREAD_TYPE thread);
+#endif
typedef int (*cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
@@ -643,6 +643,19 @@ void test_wolfSSL_client_server_nofail_ex(callback_functions* client_cb,
void test_wolfSSL_client_server_nofail(callback_functions* client_cb,
callback_functions* server_cb);
+/* Return
+ * tmpDir on success
+ * NULL on failure */
+char* create_tmp_dir(char* tmpDir, int len);
+/* Remaining functions return
+ * 0 on success
+ * -1 on failure */
+int rem_dir(const char* dirName);
+int rem_file(const char* fileName);
+int copy_file(const char* in, const char* out);
+
+void signal_ready(tcp_ready* ready);
+
/* wolfSSL */
#ifndef TEST_IPV6
static const char* const wolfSSLIP = "127.0.0.1";
@@ -655,15 +668,15 @@ static const word16 wolfSSLPort = 11111;
extern int myoptind;
extern char* myoptarg;
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
static WC_INLINE void srtp_helper_init(srtp_test_helper *srtp)
{
srtp->server_srtp_ekm_size = 0;
srtp->server_srtp_ekm = NULL;
- PTHREAD_CHECK_RET(pthread_mutex_init(&srtp->mutex, 0));
- PTHREAD_CHECK_RET(pthread_cond_init(&srtp->cond, 0));
+ THREAD_CHECK_RET(wc_InitMutex(&srtp->mutex));
+ THREAD_CHECK_RET(wolfSSL_CondInit(&srtp->cond));
}
/**
@@ -678,19 +691,17 @@ static WC_INLINE void srtp_helper_init(srtp_test_helper *srtp)
static WC_INLINE void srtp_helper_get_ekm(srtp_test_helper *srtp,
uint8_t **ekm, size_t *size)
{
- PTHREAD_CHECK_RET(pthread_mutex_lock(&srtp->mutex));
-
- if (srtp->server_srtp_ekm == NULL)
- PTHREAD_CHECK_RET(pthread_cond_wait(&srtp->cond, &srtp->mutex));
-
+ THREAD_CHECK_RET(wolfSSL_CondStart(&srtp->cond));
+ if (srtp->server_srtp_ekm == NULL) {
+ THREAD_CHECK_RET(wolfSSL_CondWait(&srtp->cond));
+ }
*ekm = srtp->server_srtp_ekm;
*size = srtp->server_srtp_ekm_size;
/* reset */
srtp->server_srtp_ekm = NULL;
srtp->server_srtp_ekm_size = 0;
-
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&srtp->mutex));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&srtp->cond));
}
/**
@@ -707,22 +718,21 @@ static WC_INLINE void srtp_helper_get_ekm(srtp_test_helper *srtp,
static WC_INLINE void srtp_helper_set_ekm(srtp_test_helper *srtp,
uint8_t *ekm, size_t size)
{
- PTHREAD_CHECK_RET(pthread_mutex_lock(&srtp->mutex));
-
+ THREAD_CHECK_RET(wolfSSL_CondStart(&srtp->cond));
srtp->server_srtp_ekm_size = size;
srtp->server_srtp_ekm = ekm;
- PTHREAD_CHECK_RET(pthread_cond_signal(&srtp->cond));
-
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&srtp->mutex));
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&srtp->cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&srtp->cond));
}
static WC_INLINE void srtp_helper_free(srtp_test_helper *srtp)
{
- PTHREAD_CHECK_RET(pthread_mutex_destroy(&srtp->mutex));
- PTHREAD_CHECK_RET(pthread_cond_destroy(&srtp->cond));
+ THREAD_CHECK_RET(wc_FreeMutex(&srtp->mutex));
+ THREAD_CHECK_RET(wolfSSL_CondFree(&srtp->cond));
}
-#endif /* WOLFSSL_SRTP && !SINGLE_THREADED && POSIX_THREADS */
+#endif /* WOLFSSL_SRTP && WOLFSSL_COND */
+
/**
*
@@ -1215,7 +1225,7 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
#ifndef TEST_IPV6
/* peer could be in human readable form */
- if ( ((size_t)peer != INADDR_ANY) && isalpha((int)peer[0])) {
+ if ( ((size_t)peer != INADDR_ANY) && isalpha((unsigned char)peer[0])) {
#ifdef WOLFSSL_USE_POPEN_HOST
char host_ipaddr[4] = { 127, 0, 0, 1 };
int found = 1;
@@ -1417,554 +1427,7 @@ static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp)
#if defined(WOLFSSL_WOLFSENTRY_HOOKS) && defined(WOLFSENTRY_H)
-#include <wolfsentry/wolfsentry_util.h>
-
-#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
-#include <wolfsentry/wolfsentry_json.h>
-#endif
-
-#if defined(WOLFSENTRY_VERSION_GE)
-#if WOLFSENTRY_VERSION_GE(0, 8, 0)
-#define HAVE_WOLFSENTRY_API_0v8
-#endif
-#endif
-
-#ifndef HAVE_WOLFSENTRY_API_0v8
-#define WOLFSENTRY_CONTEXT_ARGS_OUT_EX(x) (x)
-#define WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(x, y) (x)
-#endif
-
-struct wolfsentry_data {
- WOLFSENTRY_SOCKADDR(128) remote;
- WOLFSENTRY_SOCKADDR(128) local;
- wolfsentry_route_flags_t flags;
- void *heap;
- int alloctype;
-};
-
-static void free_wolfsentry_data(struct wolfsentry_data *data) {
- XFREE(data, data->heap, data->alloctype);
-}
-
-static struct wolfsentry_context *wolfsentry = NULL;
-
-static int wolfsentry_data_index = -1;
-
-static WC_INLINE int wolfsentry_store_endpoints(
- WOLFSSL *ssl,
- SOCKADDR_IN_T *remote,
- SOCKADDR_IN_T *local,
- int proto,
- wolfsentry_route_flags_t flags,
- struct wolfsentry_data **wolfsentry_data_out)
-{
- struct wolfsentry_data *wolfsentry_data = (struct wolfsentry_data *)XMALLOC(
- sizeof *wolfsentry_data, NULL, DYNAMIC_TYPE_SOCKADDR);
- if (wolfsentry_data == NULL)
- return WOLFSSL_FAILURE;
-
- wolfsentry_data->heap = NULL;
- wolfsentry_data->alloctype = DYNAMIC_TYPE_SOCKADDR;
-
-#ifdef TEST_IPV6
- if ((sizeof wolfsentry_data->remote.addr < sizeof remote->sin6_addr) ||
- (sizeof wolfsentry_data->local.addr < sizeof local->sin6_addr))
- return WOLFSSL_FAILURE;
- wolfsentry_data->remote.sa_family = wolfsentry_data->local.sa_family = remote->sin6_family;
- wolfsentry_data->remote.sa_port = ntohs(remote->sin6_port);
- wolfsentry_data->local.sa_port = ntohs(local->sin6_port);
- if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_ADDR_WILDCARD)) {
- wolfsentry_data->remote.addr_len = 0;
- XMEMSET(wolfsentry_data->remote.addr, 0, sizeof remote->sin6_addr);
- } else {
- wolfsentry_data->remote.addr_len = sizeof remote->sin6_addr * BITS_PER_BYTE;
- XMEMCPY(wolfsentry_data->remote.addr, &remote->sin6_addr, sizeof remote->sin6_addr);
- }
- if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD)) {
- wolfsentry_data->local.addr_len = 0;
- XMEMSET(wolfsentry_data->local.addr, 0, sizeof local->sin6_addr);
- } else {
- wolfsentry_data->local.addr_len = sizeof local->sin6_addr * BITS_PER_BYTE;
- XMEMCPY(wolfsentry_data->local.addr, &local->sin6_addr, sizeof local->sin6_addr);
- }
-#else
- if ((sizeof wolfsentry_data->remote.addr < sizeof remote->sin_addr) ||
- (sizeof wolfsentry_data->local.addr < sizeof local->sin_addr))
- return WOLFSSL_FAILURE;
- wolfsentry_data->remote.sa_family = wolfsentry_data->local.sa_family = remote->sin_family;
- wolfsentry_data->remote.sa_port = ntohs(remote->sin_port);
- wolfsentry_data->local.sa_port = ntohs(local->sin_port);
- if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_ADDR_WILDCARD)) {
- wolfsentry_data->remote.addr_len = 0;
- XMEMSET(wolfsentry_data->remote.addr, 0, sizeof remote->sin_addr);
- } else {
- wolfsentry_data->remote.addr_len = sizeof remote->sin_addr * BITS_PER_BYTE;
- XMEMCPY(wolfsentry_data->remote.addr, &remote->sin_addr, sizeof remote->sin_addr);
- }
- if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD)) {
- wolfsentry_data->local.addr_len = 0;
- XMEMSET(wolfsentry_data->local.addr, 0, sizeof local->sin_addr);
- } else {
- wolfsentry_data->local.addr_len = sizeof local->sin_addr * BITS_PER_BYTE;
- XMEMCPY(wolfsentry_data->local.addr, &local->sin_addr, sizeof local->sin_addr);
- }
-#endif
- wolfsentry_data->remote.sa_proto = wolfsentry_data->local.sa_proto = proto;
- wolfsentry_data->remote.interface = wolfsentry_data->local.interface = 0;
- wolfsentry_data->flags = flags;
-
- if (wolfSSL_set_ex_data_with_cleanup(
- ssl, wolfsentry_data_index, wolfsentry_data,
- (wolfSSL_ex_data_cleanup_routine_t)free_wolfsentry_data) !=
- WOLFSSL_SUCCESS) {
- free_wolfsentry_data(wolfsentry_data);
- return WOLFSSL_FAILURE;
- }
-
- if (wolfsentry_data_out != NULL)
- *wolfsentry_data_out = wolfsentry_data;
-
- return WOLFSSL_SUCCESS;
-}
-
-static int wolfSentry_NetworkFilterCallback(
- WOLFSSL *ssl,
- struct wolfsentry_context *_wolfsentry,
- wolfSSL_netfilter_decision_t *decision)
-{
- struct wolfsentry_data *data;
- char inet_ntop_buf[INET6_ADDRSTRLEN], inet_ntop_buf2[INET6_ADDRSTRLEN];
- wolfsentry_errcode_t ret;
- wolfsentry_action_res_t action_results;
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
- WOLFSENTRY_THREAD_HEADER(WOLFSENTRY_THREAD_FLAG_NONE);
- if (WOLFSENTRY_THREAD_GET_ERROR < 0) {
- fprintf(stderr, "wolfsentry thread init error: "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(WOLFSENTRY_THREAD_GET_ERROR));
- return WOLFSSL_FAILURE;
- }
-#endif /* WOLFSENTRY_THREADSAFE && HAVE_WOLFSENTRY_API_0v8 */
-
- if ((data = wolfSSL_get_ex_data(ssl, wolfsentry_data_index)) == NULL)
- return WOLFSSL_FAILURE;
-
- ret = wolfsentry_route_event_dispatch(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(_wolfsentry),
- (const struct wolfsentry_sockaddr *)&data->remote,
- (const struct wolfsentry_sockaddr *)&data->local,
- data->flags,
- NULL /* event_label */,
- 0 /* event_label_len */,
- NULL /* caller_context */,
- NULL /* id */,
- NULL /* inexact_matches */,
- &action_results);
-
- if (ret >= 0) {
- if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_REJECT))
- *decision = WOLFSSL_NETFILTER_REJECT;
- else if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_ACCEPT))
- *decision = WOLFSSL_NETFILTER_ACCEPT;
- else
- *decision = WOLFSSL_NETFILTER_PASS;
- } else {
- fprintf(stderr, "wolfsentry_route_event_dispatch error "
- WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
- *decision = WOLFSSL_NETFILTER_PASS;
- }
-
- printf("wolfSentry got network filter callback: family=%d proto=%d rport=%d"
- " lport=%d raddr=%s laddr=%s interface=%d; decision=%d (%s)\n",
- data->remote.sa_family,
- data->remote.sa_proto,
- data->remote.sa_port,
- data->local.sa_port,
- inet_ntop(data->remote.sa_family, data->remote.addr, inet_ntop_buf,
- sizeof inet_ntop_buf),
- inet_ntop(data->local.sa_family, data->local.addr, inet_ntop_buf2,
- sizeof inet_ntop_buf2),
- data->remote.interface,
- *decision,
- *decision == WOLFSSL_NETFILTER_REJECT ? "REJECT" :
- *decision == WOLFSSL_NETFILTER_ACCEPT ? "ACCEPT" :
- *decision == WOLFSSL_NETFILTER_PASS ? "PASS" :
- "???");
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
- ret = WOLFSENTRY_THREAD_TAILER(WOLFSENTRY_THREAD_FLAG_NONE);
- if (ret < 0) {
- fprintf(stderr, "wolfsentry thread exit error: "
- WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
- }
-#endif
-
- return WOLFSSL_SUCCESS;
-}
-
-static int wolfsentry_setup(
- struct wolfsentry_context **_wolfsentry,
- const char *_wolfsentry_config_path,
- wolfsentry_route_flags_t route_flags)
-{
- wolfsentry_errcode_t ret;
-
-#ifdef HAVE_WOLFSENTRY_API_0v8
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_THREAD_HEADER(WOLFSENTRY_THREAD_FLAG_NONE);
- if (WOLFSENTRY_THREAD_GET_ERROR < 0) {
- fprintf(stderr, "wolfsentry thread init error: "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(WOLFSENTRY_THREAD_GET_ERROR));
- err_sys("unable to initialize wolfSentry thread context");
- }
-#endif
- ret = wolfsentry_init(wolfsentry_build_settings,
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(NULL /* hpi */),
- NULL /* default config */,
- _wolfsentry);
-#else
- ret = wolfsentry_init(NULL /* hpi */, NULL /* default config */,
- _wolfsentry);
-#endif
- if (ret < 0) {
- fprintf(stderr, "wolfsentry_init() returned " WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
- err_sys("unable to initialize wolfSentry");
- }
-
- if (wolfsentry_data_index < 0)
- wolfsentry_data_index = wolfSSL_get_ex_new_index(0, NULL, NULL, NULL,
- NULL);
-
-#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
- if (_wolfsentry_config_path != NULL) {
- unsigned char buf[512];
- char err_buf[512];
- struct wolfsentry_json_process_state *jps;
-
- FILE *f = fopen(_wolfsentry_config_path, "r");
-
- if (f == NULL) {
- fprintf(stderr, "fopen(%s): %s\n",_wolfsentry_config_path,strerror(errno));
- err_sys("unable to open wolfSentry config file");
- }
-
- if ((ret = wolfsentry_config_json_init(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
- WOLFSENTRY_CONFIG_LOAD_FLAG_NONE,
- &jps)) < 0) {
- fprintf(stderr, "wolfsentry_config_json_init() returned "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
- err_sys("error while initializing wolfSentry config parser");
- }
-
- for (;;) {
- size_t n = fread(buf, 1, sizeof buf, f);
- if ((n < sizeof buf) && ferror(f)) {
- fprintf(stderr,"fread(%s): %s\n",_wolfsentry_config_path, strerror(errno));
- err_sys("error while reading wolfSentry config file");
- }
-
- ret = wolfsentry_config_json_feed(jps, buf, n, err_buf, sizeof err_buf);
- if (ret < 0) {
- fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf);
- err_sys("error while loading wolfSentry config file");
- }
- if ((n < sizeof buf) && feof(f))
- break;
- }
- fclose(f);
-
- if ((ret = wolfsentry_config_json_fini(&jps, err_buf, sizeof err_buf)) < 0) {
- fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf);
- err_sys("error while loading wolfSentry config file");
- }
-
- } else
-#endif /* !NO_FILESYSTEM && !WOLFSENTRY_NO_JSON */
- {
- struct wolfsentry_route_table *table;
-
-#ifdef WOLFSENTRY_THREADSAFE
- ret = WOLFSENTRY_SHARED_EX(*_wolfsentry);
- if (ret < 0) {
- fprintf(stderr, "wolfsentry shared lock op failed: "
- WOLFSENTRY_ERROR_FMT ".\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
- return ret;
- }
-#endif
-
- if ((ret = wolfsentry_route_get_main_table(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
- &table)) < 0)
- {
- fprintf(stderr, "wolfsentry_route_get_main_table() returned "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_WARN_ON_FAILURE(
- wolfsentry_context_unlock(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
- return ret;
- }
-
- if (WOLFSENTRY_MASKIN_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT)) {
- WOLFSENTRY_SOCKADDR(128) remote, local;
- wolfsentry_ent_id_t id;
- wolfsentry_action_res_t action_results;
-
- if ((ret = wolfsentry_route_table_default_policy_set(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
- table,
- WOLFSENTRY_ACTION_RES_ACCEPT))
- < 0) {
- fprintf(stderr,
- "wolfsentry_route_table_default_policy_set() returned "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_WARN_ON_FAILURE(
- wolfsentry_context_unlock(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
- return ret;
- }
-
- XMEMSET(&remote, 0, sizeof remote);
- XMEMSET(&local, 0, sizeof local);
-#ifdef TEST_IPV6
- remote.sa_family = local.sa_family = AF_INET6;
- remote.addr_len = 128;
- XMEMCPY(remote.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
-#else
- remote.sa_family = local.sa_family = AF_INET;
- remote.addr_len = 32;
- XMEMCPY(remote.addr, "\177\000\000\001", 4);
-#endif
-
- if ((ret = wolfsentry_route_insert
- (WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
- NULL /* caller_context */,
- (const struct wolfsentry_sockaddr *)&remote,
- (const struct wolfsentry_sockaddr *)&local,
- route_flags |
- WOLFSENTRY_ROUTE_FLAG_GREENLISTED |
- WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD|
- WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD,
- 0 /* event_label_len */, 0 /* event_label */, &id,
- &action_results)) < 0) {
- fprintf(stderr, "wolfsentry_route_insert() returned "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_WARN_ON_FAILURE(
- wolfsentry_context_unlock(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
- return ret;
- }
- } else if (WOLFSENTRY_MASKIN_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN)) {
- WOLFSENTRY_SOCKADDR(128) remote, local;
- wolfsentry_ent_id_t id;
- wolfsentry_action_res_t action_results;
-
- if ((ret = wolfsentry_route_table_default_policy_set(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry), table,
- WOLFSENTRY_ACTION_RES_REJECT|WOLFSENTRY_ACTION_RES_STOP))
- < 0) {
- fprintf(stderr,
- "wolfsentry_route_table_default_policy_set() returned "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_WARN_ON_FAILURE(
- wolfsentry_context_unlock(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
- return ret;
- }
-
- XMEMSET(&remote, 0, sizeof remote);
- XMEMSET(&local, 0, sizeof local);
-#ifdef TEST_IPV6
- remote.sa_family = local.sa_family = AF_INET6;
- remote.addr_len = 128;
- XMEMCPY(remote.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
-#else
- remote.sa_family = local.sa_family = AF_INET;
- remote.addr_len = 32;
- XMEMCPY(remote.addr, "\177\000\000\001", 4);
-#endif
-
- if ((ret = wolfsentry_route_insert
- (WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
- NULL /* caller_context */,
- (const struct wolfsentry_sockaddr *)&remote,
- (const struct wolfsentry_sockaddr *)&local,
- route_flags |
- WOLFSENTRY_ROUTE_FLAG_GREENLISTED |
- WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD|
- WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD |
- WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD,
- 0 /* event_label_len */, 0 /* event_label */, &id,
- &action_results)) < 0) {
- fprintf(stderr, "wolfsentry_route_insert() returned "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_WARN_ON_FAILURE(
- wolfsentry_context_unlock(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
- return ret;
- }
- }
-#ifdef WOLFSENTRY_THREADSAFE
- WOLFSENTRY_WARN_ON_FAILURE(
- wolfsentry_context_unlock(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
- }
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
- ret = WOLFSENTRY_THREAD_TAILER(WOLFSENTRY_THREAD_FLAG_NONE);
- if (ret < 0) {
- fprintf(stderr, "wolfsentry thread exit error: "
- WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
- }
-#endif
-
- return 0;
-}
-
-static WC_INLINE int tcp_connect_with_wolfSentry(
- SOCKET_T* sockfd,
- const char* ip,
- word16 port,
- int udp,
- int sctp,
- WOLFSSL* ssl,
- struct wolfsentry_context *_wolfsentry)
-{
- SOCKADDR_IN_T remote_addr;
- struct wolfsentry_data *wolfsentry_data;
- char inet_ntop_buf[INET6_ADDRSTRLEN], inet_ntop_buf2[INET6_ADDRSTRLEN];
- wolfsentry_errcode_t ret;
- wolfsentry_action_res_t action_results;
- wolfSSL_netfilter_decision_t decision;
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
- WOLFSENTRY_THREAD_HEADER(WOLFSENTRY_THREAD_FLAG_NONE);
- if (WOLFSENTRY_THREAD_GET_ERROR < 0) {
- fprintf(stderr, "wolfsentry thread init error: "
- WOLFSENTRY_ERROR_FMT "\n",
- WOLFSENTRY_ERROR_FMT_ARGS(WOLFSENTRY_THREAD_GET_ERROR));
- err_sys("unable to initialize wolfSentry thread context");
- }
-#endif
-
- build_addr(&remote_addr, ip, port, udp, sctp);
-
- {
- SOCKADDR_IN_T local_addr;
-#ifdef TEST_IPV6
- local_addr.sin6_port = 0;
-#else
- local_addr.sin_port = 0;
-#endif
- ((struct sockaddr *)&local_addr)->sa_family = ((struct sockaddr *)&remote_addr)->sa_family;
-
- if (wolfsentry_store_endpoints(
- ssl, &remote_addr, &local_addr,
- udp ? IPPROTO_UDP : IPPROTO_TCP,
- WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT|
- WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD|
- WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD, &wolfsentry_data) != WOLFSSL_SUCCESS)
- return WOLFSSL_FAILURE;
- }
-
- ret = wolfsentry_route_event_dispatch(
- WOLFSENTRY_CONTEXT_ARGS_OUT_EX(_wolfsentry),
- (const struct wolfsentry_sockaddr *)&wolfsentry_data->remote,
- (const struct wolfsentry_sockaddr *)&wolfsentry_data->local,
- wolfsentry_data->flags,
- NULL /* event_label */,
- 0 /* event_label_len */,
- NULL /* caller_context */,
- NULL /* id */,
- NULL /* inexact_matches */,
- &action_results);
-
- if (ret < 0) {
- fprintf(stderr, "wolfsentry_route_event_dispatch error "
- WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
- decision = WOLFSSL_NETFILTER_PASS;
- } else {
- if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_REJECT))
- decision = WOLFSSL_NETFILTER_REJECT;
- else if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_ACCEPT))
- decision = WOLFSSL_NETFILTER_ACCEPT;
- else
- decision = WOLFSSL_NETFILTER_PASS;
- }
-
- printf("wolfSentry callin from tcp_connect_with_wolfSentry: family=%d proto=%d rport=%d"
- " lport=%d raddr=%s laddr=%s interface=%d; decision=%d (%s)\n",
- wolfsentry_data->remote.sa_family,
- wolfsentry_data->remote.sa_proto,
- wolfsentry_data->remote.sa_port,
- wolfsentry_data->local.sa_port,
- inet_ntop(wolfsentry_data->remote.sa_family, wolfsentry_data->remote.addr, inet_ntop_buf,
- sizeof inet_ntop_buf),
- inet_ntop(wolfsentry_data->local.sa_family, wolfsentry_data->local.addr, inet_ntop_buf2,
- sizeof inet_ntop_buf2),
- wolfsentry_data->remote.interface,
- decision,
- decision == WOLFSSL_NETFILTER_REJECT ? "REJECT" :
- decision == WOLFSSL_NETFILTER_ACCEPT ? "ACCEPT" :
- decision == WOLFSSL_NETFILTER_PASS ? "PASS" :
- "???");
-
- if (decision == WOLFSSL_NETFILTER_REJECT)
- return SOCKET_FILTERED_E;
-
- if (udp) {
- wolfSSL_dtls_set_peer(ssl, &remote_addr, sizeof(remote_addr));
- }
- tcp_socket(sockfd, udp, sctp);
-
- if (!udp) {
- if (connect(*sockfd, (const struct sockaddr*)&remote_addr, sizeof(remote_addr)) != 0)
- err_sys_with_errno("tcp connect failed");
- }
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
- ret = WOLFSENTRY_THREAD_TAILER(WOLFSENTRY_THREAD_FLAG_NONE);
- if (ret < 0) {
- fprintf(stderr, "wolfsentry thread exit error: "
- WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
- }
-#endif
-
- return WOLFSSL_SUCCESS;
-}
-
-#define tcp_connect(sockfd, ip, port, udp, sctp, ssl) \
- tcp_connect_with_wolfSentry(sockfd, ip, port, udp, sctp, ssl, wolfsentry)
+#include <wolfsentry/wolfssl_test.h>
#else /* !WOLFSSL_WOLFSENTRY_HOOKS */
@@ -2187,7 +1650,8 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
err_sys_with_errno("tcp bind failed");
- #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
+ #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS) && \
+ !defined(SINGLE_THREADED)
if (port == 0) {
socklen_t len = sizeof(addr);
if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
@@ -2198,31 +1662,24 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
#endif
}
}
+ #else
+ (void)port;
#endif
if (args != NULL && args->signal != NULL) {
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
- /* signal ready to accept data */
+#ifndef SINGLE_THREADED
tcp_ready* ready = args->signal;
- PTHREAD_CHECK_RET(pthread_mutex_lock(&ready->mutex));
- ready->ready = 1;
- ready->port = port;
- PTHREAD_CHECK_RET(pthread_cond_signal(&ready->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&ready->mutex));
-#elif defined (WOLFSSL_TIRTOS)
- /* Need mutex? */
- tcp_ready* ready = args->signal;
- ready->ready = 1;
- ready->port = port;
-#elif defined(NETOS)
- tcp_ready* ready = args->signal;
- (void)tx_mutex_get(&ready->mutex, TX_WAIT_FOREVER);
+ #ifdef WOLFSSL_COND
+ THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+ #endif
ready->ready = 1;
ready->port = port;
- (void)tx_mutex_put(&ready->mutex);
-#else
- (void)port;
-#endif
+ #ifdef WOLFSSL_COND
+ /* signal ready to accept data */
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+ #endif
+#endif /* !SINGLE_THREADED */
}
else {
fprintf(stderr, "args or args->signal was NULL. Not setting ready info.");
@@ -2248,36 +1705,22 @@ static WC_INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
if(do_listen) {
tcp_listen(sockfd, &port, useAnyAddr, udp, sctp);
- #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+#ifndef SINGLE_THREADED
/* signal ready to tcp_accept */
if (args)
ready = args->signal;
if (ready) {
- PTHREAD_CHECK_RET(pthread_mutex_lock(&ready->mutex));
- ready->ready = 1;
- ready->port = port;
- PTHREAD_CHECK_RET(pthread_cond_signal(&ready->cond));
- PTHREAD_CHECK_RET(pthread_mutex_unlock(&ready->mutex));
- }
- #elif defined (WOLFSSL_TIRTOS)
- /* Need mutex? */
- if (args)
- ready = args->signal;
- if (ready) {
- ready->ready = 1;
- ready->port = port;
- }
- #elif defined(NETOS)
- /* signal ready to tcp_accept */
- if (args)
- ready = args->signal;
- if (ready) {
- (void)tx_mutex_get(&ready->mutex, TX_WAIT_FOREVER);
+ #ifdef WOLFSSL_COND
+ THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+ #endif
ready->ready = 1;
ready->port = port;
- (void)tx_mutex_put(&ready->mutex);
+ #ifdef WOLFSSL_COND
+ THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+ THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+ #endif
}
- #endif
+#endif /* !SINGLE_THREADED */
if (ready_file) {
#if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) && \
@@ -2313,7 +1756,7 @@ static WC_INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
static WC_INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
{
- #ifdef USE_WINDOWS_API
+ #if defined(USE_WINDOWS_API) || defined(EBSNET)
unsigned long blocking = 1;
int ret = ioctlsocket(*sockfd, FIONBIO, &blocking);
if (ret == SOCKET_ERROR)
@@ -2574,7 +2017,7 @@ static WC_INLINE unsigned int my_psk_client_cs_cb(WOLFSSL* ssl,
#ifdef WOLFSSL_PSK_MULTI_ID_PER_CS
/* Multiple calls for each cipher suite. First identity byte indicates the
- * number of identites seen so far for cipher suite. */
+ * number of identities seen so far for cipher suite. */
if (identity[0] != 0) {
return 0;
}
@@ -2897,7 +2340,8 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
char buffer[WOLFSSL_MAX_ERROR_SZ];
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_X509* peer;
-#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM)
+#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM) && \
+ !defined(OPENSSL_EXTRA_X509_SMALL)
WOLFSSL_BIO* bio = NULL;
WOLFSSL_STACK* sk = NULL;
X509* x509 = NULL;
@@ -2942,7 +2386,8 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
-#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM)
+#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM) && \
+ !defined(OPENSSL_EXTRA_X509_SMALL)
/* avoid printing duplicate certs */
if (store->depth == 1) {
int i;
@@ -3224,6 +2669,11 @@ static WC_INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
iv = wolfSSL_GetServerWriteIV(ssl);
}
+ ret = wc_AesInit(&encCtx->aes, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ fprintf(stderr, "AesInit failed in myMacEncryptCb\n");
+ return ret;
+ }
ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
if (ret != 0) {
fprintf(stderr, "AesSetKey failed in myMacEncryptCb\n");
@@ -3280,6 +2730,11 @@ static WC_INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
iv = wolfSSL_GetServerWriteIV(ssl);
}
+ ret = wc_AesInit(&decCtx->aes, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ fprintf(stderr, "AesInit failed in myDecryptVerifyCb\n");
+ return ret;
+ }
ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
if (ret != 0) {
fprintf(stderr, "AesSetKey failed in myDecryptVerifyCb\n");
@@ -3374,6 +2829,11 @@ static WC_INLINE int myEncryptMacCb(WOLFSSL* ssl, unsigned char* macOut,
iv = wolfSSL_GetServerWriteIV(ssl);
}
+ ret = wc_AesInit(&encCtx->aes, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ fprintf(stderr, "AesInit failed in myMacEncryptCb\n");
+ return ret;
+ }
ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
if (ret != 0) {
fprintf(stderr, "AesSetKey failed in myMacEncryptCb\n");
@@ -3472,6 +2932,11 @@ static WC_INLINE int myVerifyDecryptCb(WOLFSSL* ssl,
iv = wolfSSL_GetServerWriteIV(ssl);
}
+ ret = wc_AesInit(&decCtx->aes, NULL, INVALID_DEVID);
+ if (ret != 0) {
+ fprintf(stderr, "AesInit failed in myDecryptVerifyCb\n");
+ return ret;
+ }
ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
if (ret != 0) {
fprintf(stderr, "AesSetKey failed in myDecryptVerifyCb\n");
@@ -3496,6 +2961,7 @@ static WC_INLINE int myVerifyDecryptCb(WOLFSSL* ssl,
static WC_INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
{
+#if !defined(NO_HMAC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
AtomicEncCtx* encCtx;
AtomicDecCtx* decCtx;
@@ -3511,7 +2977,6 @@ static WC_INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
}
XMEMSET(decCtx, 0, sizeof(AtomicDecCtx));
-#if !defined(NO_HMAC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
wolfSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb);
wolfSSL_SetMacEncryptCtx(ssl, encCtx);
@@ -3547,7 +3012,7 @@ static WC_INLINE void FreeAtomicUser(WOLFSSL* ssl)
if (decCtx != NULL) {
if (decCtx->keySetup == 1)
wc_AesFree(&decCtx->aes);
- free(decCtx);
+ free(decCtx);
}
}
@@ -3613,7 +3078,7 @@ typedef struct PkCbInfo {
#if defined(DEBUG_PK_CB) || defined(TEST_PK_PRIVKEY)
#define WOLFSSL_PKMSG(...) printf(__VA_ARGS__)
#else
- #define WOLFSSL_PKMSG(...)
+ #define WOLFSSL_PKMSG(...) WC_DO_NOTHING
#endif
#ifdef HAVE_ECC
@@ -5283,210 +4748,4 @@ void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName);
#define DTLS_CID_BUFFER_SIZE 256
-#if !defined(NO_FILESYSTEM) && ( \
- defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET) \
- && defined(WOLFSSL_TLS13) && \
- (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
- || \
- (defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
- !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)) \
- || \
- (defined(HAVE_SECURE_RENEGOTIATION) && \
- !defined(NO_RSA) && \
- defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
- defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
- defined(HAVE_AESGCM)) \
- ) || \
- (defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TLS12) && \
- !defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) && \
- !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
- !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)) || \
- (defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) && \
- !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
- !defined(NO_RSA) && !defined(SINGLE_THREADED) && \
- !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT))
-#define TEST_MEMIO_BUF_SZ (64 * 1024)
-struct test_memio_ctx
-{
- byte c_buff[TEST_MEMIO_BUF_SZ];
- int c_len;
- const char* c_ciphers;
- byte s_buff[TEST_MEMIO_BUF_SZ];
- int s_len;
- const char* s_ciphers;
-};
-
-static WC_INLINE int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
- void *ctx)
-{
- struct test_memio_ctx *test_ctx;
- byte *buf;
- int *len;
-
- test_ctx = (struct test_memio_ctx*)ctx;
-
- if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
- buf = test_ctx->c_buff;
- len = &test_ctx->c_len;
- }
- else {
- buf = test_ctx->s_buff;
- len = &test_ctx->s_len;
- }
-
- if ((unsigned)(*len + sz) > TEST_MEMIO_BUF_SZ)
- return WOLFSSL_CBIO_ERR_WANT_READ;
-
- XMEMCPY(buf + *len, data, sz);
- *len += sz;
-
- return sz;
-}
-
-static WC_INLINE int test_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
- void *ctx)
-{
- struct test_memio_ctx *test_ctx;
- int read_sz;
- byte *buf;
- int *len;
-
- test_ctx = (struct test_memio_ctx*)ctx;
-
- if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
- buf = test_ctx->s_buff;
- len = &test_ctx->s_len;
- }
- else {
- buf = test_ctx->c_buff;
- len = &test_ctx->c_len;
- }
-
- if (*len == 0)
- return WOLFSSL_CBIO_ERR_WANT_READ;
-
- read_sz = sz < *len ? sz : *len;
-
- XMEMCPY(data, buf, read_sz);
- XMEMMOVE(buf, buf + read_sz, *len - read_sz);
-
- *len -= read_sz;
-
- return read_sz;
-}
-
-static WC_INLINE int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
- int max_rounds, int *rounds)
-{
- byte handshake_complete = 0, hs_c = 0, hs_s = 0;
- int ret, err;
-
- if (rounds != NULL)
- *rounds = 0;
- while (!handshake_complete && max_rounds > 0) {
- if (!hs_c) {
- ret = wolfSSL_connect(ssl_c);
- if (ret == WOLFSSL_SUCCESS) {
- hs_c = 1;
- }
- else {
- err = wolfSSL_get_error(ssl_c, ret);
- if (err != WOLFSSL_ERROR_WANT_READ &&
- err != WOLFSSL_ERROR_WANT_WRITE)
- return -1;
- }
- }
- if (!hs_s) {
- ret = wolfSSL_accept(ssl_s);
- if (ret == WOLFSSL_SUCCESS) {
- hs_s = 1;
- }
- else {
- err = wolfSSL_get_error(ssl_s, ret);
- if (err != WOLFSSL_ERROR_WANT_READ &&
- err != WOLFSSL_ERROR_WANT_WRITE)
- return -1;
- }
- }
- handshake_complete = hs_c && hs_s;
- max_rounds--;
- if (rounds != NULL)
- *rounds = *rounds + 1;
- }
-
- if (!handshake_complete)
- return -1;
-
- return 0;
-}
-
-static WC_INLINE int test_memio_setup(struct test_memio_ctx *ctx,
- WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
- method_provider method_c, method_provider method_s)
-{
- int ret;
-
- if (ctx_c != NULL && *ctx_c == NULL) {
- *ctx_c = wolfSSL_CTX_new(method_c());
- if (*ctx_c == NULL)
- return -1;
-#ifndef NO_CERTS
- ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
-#endif /* NO_CERTS */
- wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
- wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
- if (ctx->c_ciphers != NULL) {
- ret = wolfSSL_CTX_set_cipher_list(*ctx_c, ctx->c_ciphers);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
- }
- }
-
- if (ctx_s != NULL && *ctx_s == NULL) {
- *ctx_s = wolfSSL_CTX_new(method_s());
- if (*ctx_s == NULL)
- return -1;
-#ifndef NO_CERTS
- ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
- WOLFSSL_FILETYPE_PEM);
- if (ret != WOLFSSL_SUCCESS)
- return- -1;
- ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
- WOLFSSL_FILETYPE_PEM);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
-#endif
- wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
- wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
- if (ctx->s_ciphers != NULL) {
- ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
- if (ret != WOLFSSL_SUCCESS)
- return -1;
- }
- }
-
- if (ctx_c != NULL && ssl_c != NULL) {
- *ssl_c = wolfSSL_new(*ctx_c);
- if (*ssl_c == NULL)
- return -1;
- wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
- wolfSSL_SetIOReadCtx(*ssl_c, ctx);
- }
- if (ctx_s != NULL && ssl_s != NULL) {
- *ssl_s = wolfSSL_new(*ctx_s);
- if (*ssl_s == NULL)
- return -1;
- wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
- wolfSSL_SetIOReadCtx(*ssl_s, ctx);
-#if !defined(NO_DH)
- SetDH(*ssl_s);
-#endif
- }
-
- return 0;
-}
-#endif
-
#endif /* wolfSSL_TEST_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/version.h b/extra/wolfssl/wolfssl/wolfssl/version.h
index 424d8d27..c0cad152 100644
--- a/extra/wolfssl/wolfssl/wolfssl/version.h
+++ b/extra/wolfssl/wolfssl/wolfssl/version.h
@@ -28,8 +28,8 @@
extern "C" {
#endif
-#define LIBWOLFSSL_VERSION_STRING "5.6.3"
-#define LIBWOLFSSL_VERSION_HEX 0x05006003
+#define LIBWOLFSSL_VERSION_STRING "5.6.6"
+#define LIBWOLFSSL_VERSION_HEX 0x05006006
#ifdef __cplusplus
}
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
index 90cb8a86..75653bad 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
@@ -36,6 +36,33 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <wolfssl/wolfcrypt/types.h>
+#if !defined(NO_AES) || defined(WOLFSSL_SM4)
+typedef struct Gcm {
+ ALIGN16 byte H[16];
+#ifdef OPENSSL_EXTRA
+ word32 aadH[4]; /* additional authenticated data GHASH */
+ word32 aadLen; /* additional authenticated data len */
+#endif
+#ifdef GCM_TABLE
+ /* key-based fast multiplication table. */
+ ALIGN16 byte M0[256][16];
+#elif defined(GCM_TABLE_4BIT)
+ #if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
+ ALIGN16 byte M0[16][16];
+ #else
+ ALIGN16 byte M0[32][16];
+ #endif
+#endif /* GCM_TABLE */
+} Gcm;
+
+WOLFSSL_LOCAL void GenerateM0(Gcm* gcm);
+#ifdef WOLFSSL_ARMASM
+WOLFSSL_LOCAL void GMULT(byte* X, byte* Y);
+#endif
+WOLFSSL_LOCAL void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
+ word32 cSz, byte* s, word32 sSz);
+#endif
+
#ifndef NO_AES
#if defined(HAVE_FIPS) && \
@@ -43,18 +70,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
-/* included for fips @wc_fips */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-#include <cyassl/ctaocrypt/aes.h>
-#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
- #define WOLFSSL_AES_COUNTER
-#endif
-#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
- #define WOLFSSL_AES_DIRECT
-#endif
-#endif
-
#ifndef WC_NO_RNG
#include <wolfssl/wolfcrypt/random.h>
#endif
@@ -117,15 +132,21 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
#include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
#endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
- defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)) ||\
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#include <wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h>
#endif
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+#endif
+
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
#include <wolfssl/wolfcrypt/port/maxim/maxq10xx.h>
#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -184,11 +205,53 @@ enum {
WOLF_ENUM_DUMMY_LAST_ELEMENT(AES)
};
+#ifdef WC_AES_BITSLICED
+ #ifdef WC_AES_BS_WORD_SIZE
+ #define BS_WORD_SIZE WC_AES_BS_WORD_SIZE
+ #elif defined(NO_64BIT)
+ #define BS_WORD_SIZE 32
+ #else
+ #define BS_WORD_SIZE 64
+ #endif
+
+ /* Number of bits to a block. */
+ #define AES_BLOCK_BITS (AES_BLOCK_SIZE * 8)
+ /* Number of bytes of input that can be processed in one call. */
+ #define BS_BLOCK_SIZE (AES_BLOCK_SIZE * BS_WORD_SIZE)
+ /* Number of words in a block. */
+ #define BS_BLOCK_WORDS (AES_BLOCK_BITS / BS_WORD_SIZE)
+
+ #if BS_WORD_SIZE == 64
+ typedef word64 bs_word;
+ #define BS_WORD_SHIFT 6
+ #define bs_bswap(x) ByteReverseWord64(x)
+ #elif BS_WORD_SIZE == 32
+ typedef word32 bs_word;
+ #define BS_WORD_SHIFT 5
+ #define bs_bswap(x) ByteReverseWord32(x)
+ #elif BS_WORD_SIZE == 16
+ typedef word16 bs_word;
+ #define BS_WORD_SHIFT 4
+ #define bs_bswap(x) ByteReverseWord16(x)
+ #elif BS_WORD_SIZE == 8
+ typedef word8 bs_word;
+ #define BS_WORD_SHIFT 3
+ #define bs_bswap(x) (x)
+ #else
+ #error "Word size not supported"
+ #endif
+#endif
struct Aes {
- /* AESNI needs key first, rounds 2nd, not sure why yet */
ALIGN16 word32 key[60];
+#ifdef WC_AES_BITSLICED
+ /* Extra key schedule space required for bit-slicing technique. */
+ ALIGN16 bs_word bs_key[15 * AES_BLOCK_SIZE * BS_WORD_SIZE];
+#endif
word32 rounds;
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+ word32 key_C_fallback[60];
+#endif
int keylen;
ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
@@ -199,11 +262,7 @@ struct Aes {
word32 nonceSz;
#endif
#ifdef HAVE_AESGCM
- ALIGN16 byte H[AES_BLOCK_SIZE];
-#ifdef OPENSSL_EXTRA
- word32 aadH[4]; /* additional authenticated data GHASH */
- word32 aadLen; /* additional authenticated data len */
-#endif
+ Gcm gcm;
#ifdef WOLFSSL_SE050
sss_symmetric_t aes_ctx; /* used as the function context */
@@ -212,16 +271,6 @@ struct Aes {
byte keyIdSet;
byte useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
#endif
-#ifdef GCM_TABLE
- /* key-based fast multiplication table. */
- ALIGN16 byte M0[256][AES_BLOCK_SIZE];
-#elif defined(GCM_TABLE_4BIT)
- #if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
- ALIGN16 byte M0[16][AES_BLOCK_SIZE];
- #else
- ALIGN16 byte M0[32][AES_BLOCK_SIZE];
- #endif
-#endif /* GCM_TABLE */
#ifdef HAVE_CAVIUM_OCTEON_SYNC
word32 y0;
#endif
@@ -292,13 +341,13 @@ struct Aes {
#if defined(WOLFSSL_CRYPTOCELL)
aes_context_t ctx;
#endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
- defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+ defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)) ||\
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
TSIP_AES_CTX ctx;
#endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- SCE_AES_CTX ctx;
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ FSPSM_AES_CTX ctx;
#endif
#if defined(WOLFSSL_IMXRT_DCP)
dcp_handle_t handle;
@@ -331,6 +380,11 @@ struct Aes {
byte nonceSet:1;
byte ctrSet:1;
#endif
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+ void *CipherLifecycleTag; /* used for dummy allocation and initialization,
+ * trackable by sanitizers.
+ */
+#endif
};
#ifndef WC_AES_TYPE_DEFINED
@@ -345,6 +399,26 @@ typedef struct XtsAes {
} XtsAes;
#endif
+#if (!defined(WC_AESFREE_IS_MANDATORY)) && \
+ (defined(WC_DEBUG_CIPHER_LIFECYCLE) || \
+ (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)) || \
+ defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES) || \
+ defined(WOLFSSL_KCAPI_AES) || \
+ (defined(WOLFSSL_DEVCRYPTO) && \
+ (defined(WOLFSSL_DEVCRYPTO_AES) || \
+ defined(WOLFSSL_DEVCRYPTO_CBC))) || \
+ defined(WOLFSSL_IMXRT_DCP) || \
+ (defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \
+ !defined(WOLFSSL_AESNI)) || \
+ (defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)) || \
+ (defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)) || \
+ defined(WOLFSSL_MAXQ10XX_CRYPTO) || \
+ ((defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+ defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)))
+#define WC_AESFREE_IS_MANDATORY
+#endif
+
#ifdef HAVE_AESGCM
typedef struct Gmac {
Aes aes;
@@ -414,16 +488,13 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
+ WOLFSSL_API int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+ const byte* iv, int dir);
+
#endif
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
- WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
- WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
- const byte* iv, int dir);
-#elif defined(BUILDING_WOLFSSL)
+#if defined(BUILDING_WOLFSSL)
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesEncryptDirect(Aes* aes, byte* out,
const byte* in);
WOLFSSL_API WARN_UNUSED_RESULT int wc_AesDecryptDirect(Aes* aes, byte* out,
@@ -505,8 +576,6 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
const byte* authIn, word32 authInSz,
const byte* authTag, word32 authTagSz);
#endif /* WC_NO_RNG */
- WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
- word32 cSz, byte* s, word32 sSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
WOLFSSL_LOCAL int wc_AesCcmCheckTagSize(int sz);
@@ -529,6 +598,7 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
+
#ifdef HAVE_AES_KEYWRAP
WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
const byte* in, word32 inSz,
@@ -550,6 +620,11 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
#ifdef WOLFSSL_AES_XTS
+WOLFSSL_API int wc_AesXtsInit(XtsAes* aes, void* heap, int devId);
+
+WOLFSSL_API int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key,
+ word32 len, int dir);
+
WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
word32 len, int dir, void* heap, int devId);
@@ -565,6 +640,14 @@ WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
const byte* in, word32 sz, const byte* i, word32 iSz);
+WOLFSSL_API int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes,
+ byte* out, const byte* in, word32 sz, word64 sector,
+ word32 sectorSz);
+
+WOLFSSL_API int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes,
+ byte* out, const byte* in, word32 sz, word64 sector,
+ word32 sectorSz);
+
WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
#endif
@@ -590,6 +673,71 @@ int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
const byte* in, word32 inSz, byte* siv, byte* out);
#endif
+#ifdef WOLFSSL_AES_EAX
+
+/* Because of the circular dependency between AES and CMAC, we need to prevent
+ * inclusion of AES EAX from CMAC to avoid a recursive inclusion */
+#ifndef WOLF_CRYPT_CMAC_H
+#include <wolfssl/wolfcrypt/cmac.h>
+struct AesEax {
+ Aes aes;
+ Cmac nonceCmac;
+ Cmac aadCmac;
+ Cmac ciphertextCmac;
+ byte nonceCmacFinal[AES_BLOCK_SIZE];
+ byte aadCmacFinal[AES_BLOCK_SIZE];
+ byte ciphertextCmacFinal[AES_BLOCK_SIZE];
+ byte prefixBuf[AES_BLOCK_SIZE];
+};
+#endif /* !defined(WOLF_CRYPT_CMAC_H) */
+
+typedef struct AesEax AesEax;
+
+/* One-shot API */
+WOLFSSL_API int wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ /* output computed auth tag */
+ byte* authTag, word32 authTagSz,
+ /* input data to authenticate (header) */
+ const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
+ const byte* in, word32 inSz,
+ const byte* nonce, word32 nonceSz,
+ /* auth tag to verify against */
+ const byte* authTag, word32 authTagSz,
+ /* input data to authenticate (header) */
+ const byte* authIn, word32 authInSz);
+
+/* Incremental API */
+WOLFSSL_API int wc_AesEaxInit(AesEax* eax,
+ const byte* key, word32 keySz,
+ const byte* nonce, word32 nonceSz,
+ const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
+ const byte* in, word32 inSz,
+ const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
+ const byte* in, word32 inSz,
+ const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxAuthDataUpdate(AesEax* eax,
+ const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxEncryptFinal(AesEax* eax,
+ byte* authTag, word32 authTagSz);
+
+WOLFSSL_API int wc_AesEaxDecryptFinal(AesEax* eax,
+ const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxFree(AesEax* eax);
+
+#endif /* WOLFSSL_AES_EAX */
+
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h
index 24d8362c..351517e4 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h
@@ -45,12 +45,6 @@ that can be serialized and deserialized in a cross-platform way.
#include <wolfssl/wolfcrypt/wolfmath.h>
-/* fips declare of RsaPrivateKeyDecode @wc_fips */
-#if defined(HAVE_FIPS) && !defined(NO_RSA) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- #include <cyassl/ctaocrypt/rsa.h>
-#endif
-
#ifndef NO_DH
#include <wolfssl/wolfcrypt/dh.h>
#endif
@@ -64,6 +58,9 @@ that can be serialized and deserialized in a cross-platform way.
#include <wolfssl/wolfcrypt/md5.h>
#endif
#include <wolfssl/wolfcrypt/sha256.h>
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
#include <wolfssl/wolfcrypt/asn_public.h> /* public interface */
#if defined(NO_SHA) && defined(NO_SHA256)
@@ -139,6 +136,7 @@ enum ASN_Tags {
ASN_DIR_TYPE = 0x04,
ASN_URI_TYPE = 0x06, /* the value 6 is from GeneralName OID */
ASN_IP_TYPE = 0x07, /* the value 7 is from GeneralName OID */
+ ASN_RID_TYPE = 0x08,
/* PKCS #7 types */
ASN_ENC_CONTENT = 0x00,
@@ -707,8 +705,10 @@ enum DN_Tags {
ASN_DNQUALIFIER = 0x2e, /* dnQualifier */
#endif /* WOLFSSL_CERT_NAME_ALL */
- ASN_EMAIL_NAME = 0x98, /* not actual OID (see attrEmailOid) */
- ASN_CUSTOM_NAME = 0x99, /* not actual OID (see CertOidField) */
+
+ ASN_CONTENT_TYPE = 0x97, /* not actual OID (see attrPkcs9ContentTypeOid) */
+ ASN_EMAIL_NAME = 0x98, /* not actual OID (see attrEmailOid) */
+ ASN_CUSTOM_NAME = 0x99, /* not actual OID (see CertOidField) */
/* pilot attribute types
* OID values of 0.9.2342.19200300.100.1.* */
@@ -765,6 +765,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
#define WOLFSSL_USER_ID "/UID="
#define WOLFSSL_DOMAIN_COMPONENT "/DC="
#define WOLFSSL_FAVOURITE_DRINK "/favouriteDrink="
+#define WOLFSSL_CONTENT_TYPE "/contentType="
#if defined(WOLFSSL_APACHE_HTTPD)
/* otherName strings */
@@ -897,13 +898,22 @@ enum ECC_TYPES
#endif
#endif
+/* Maximum OID dotted form size. */
+#define ASN1_OID_DOTTED_MAX_SZ 16
+
+#ifndef WOLFSSL_ASN_MAX_LENGTH_SZ
+ #define WOLFSSL_ASN_MAX_LENGTH_SZ 5 /* 1 byte length + 4 bytes of number */
+#endif
+
enum Misc_ASN {
MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */
MAX_IV_SIZE = 64, /* MAX PKCS Iv length */
ASN_BOOL_SIZE = 2, /* including type */
ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */
ASN_ECC_CONTEXT_SZ = 2, /* Content specific type + 1 byte len */
-#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ KEYID_SIZE = WC_SM3_DIGEST_SIZE,
+#elif defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
KEYID_SIZE = WC_SHA256_DIGEST_SIZE,
#else
KEYID_SIZE = WC_SHA_DIGEST_SIZE,
@@ -937,18 +947,18 @@ enum Misc_ASN {
#endif
MAX_SIG_SZ = 256,
MAX_ALGO_SZ = 20,
- MAX_SHORT_SZ = 6, /* asn int + byte len + 4 byte length */
- MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */
- MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
- MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
- MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */
- MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */
- MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
+ MAX_LENGTH_SZ = WOLFSSL_ASN_MAX_LENGTH_SZ, /* Max length size for DER encoding */
+ MAX_SHORT_SZ = (1 + MAX_LENGTH_SZ), /* asn int + byte len + 4 byte length */
+ MAX_SEQ_SZ = (1 + MAX_LENGTH_SZ), /* enum(seq | con) + length(5) */
+ MAX_SET_SZ = (1 + MAX_LENGTH_SZ), /* enum(set | con) + length(5) */
+ MAX_OCTET_STR_SZ = (1 + MAX_LENGTH_SZ), /* enum(set | con) + length(5) */
+ MAX_EXP_SZ = (1 + MAX_LENGTH_SZ), /* enum(contextspec|con|exp) + length(5) */
+ MAX_PRSTR_SZ = (1 + MAX_LENGTH_SZ), /* enum(prstr) + length(5) */
MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
- MAX_ENCODED_DIG_ASN_SZ= 9, /* enum(bit or octet) + length(4) */
+ MAX_ENCODED_DIG_ASN_SZ = (5 + MAX_LENGTH_SZ), /* enum(bit or octet) + length(5) */
MAX_ENCODED_DIG_SZ = 64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */
- MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
- MAX_DSA_INT_SZ = 389, /* DSA raw sz 3072 for bits + tag + len(4) */
+ MAX_RSA_INT_SZ = (512 + 1 + MAX_LENGTH_SZ), /* RSA raw sz 4096 for bits + tag + len(5) */
+ MAX_DSA_INT_SZ = (384 + 1 + MAX_LENGTH_SZ), /* DSA raw sz 3072 for bits + tag + len(5) */
MAX_DSA_PUBKEY_SZ = (DSA_PUB_INTS * MAX_DSA_INT_SZ) + (2 * MAX_SEQ_SZ) +
2 + MAX_LENGTH_SZ, /* Maximum size of a DSA public
key taken from wc_SetDsaPublicKey. */
@@ -998,7 +1008,6 @@ enum Misc_ASN {
MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,
#endif
- MAX_AIA_SZ = 2, /* Max Authority Info Access extension size*/
OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
@@ -1085,7 +1094,8 @@ enum Hash_Sum {
SHA3_384h = 422,
SHA3_512h = 423,
SHAKE128h = 424,
- SHAKE256h = 425
+ SHAKE256h = 425,
+ SM3h = 640
};
#if !defined(NO_DES3) || !defined(NO_AES)
@@ -1119,6 +1129,7 @@ enum Key_Sum {
RSAPSSk = 654,
RSAESOAEPk = 651, /* 1.2.840.113549.1.1.7 */
ECDSAk = 518,
+ SM2k = 667,
ED25519k = 256, /* 1.3.101.112 */
X25519k = 254, /* 1.3.101.110 */
ED448k = 257, /* 1.3.101.113 */
@@ -1359,6 +1370,10 @@ struct DNS_entry {
#if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
char* ipString; /* human readable form of IP address */
#endif
+#if defined(OPENSSL_ALL)
+ char* ridString; /* human readable form of registeredID */
+#endif
+
#ifdef WOLFSSL_FPKI
int oidSum; /* provide oid sum for verification */
#endif
@@ -1405,7 +1420,7 @@ enum SignatureState {
#endif
#endif /* HAVE_PK_CALLBACKS */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
defined(HAVE_PK_CALLBACKS)
typedef struct tagCertAttribute {
byte verifyByTSIP_SCE;
@@ -1478,7 +1493,7 @@ struct SignatureCtx {
#endif
#endif /* HAVE_PK_CALLBACKS */
#ifndef NO_RSA
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
defined(HAVE_PK_CALLBACKS)
CertAttribute CertAtt;
#endif
@@ -1653,6 +1668,12 @@ struct DecodedCert {
int extCrlInfoSz; /* length of the URI */
byte extSubjKeyId[KEYID_SIZE]; /* Subject Key ID */
byte extAuthKeyId[KEYID_SIZE]; /* Authority Key ID */
+#ifdef WOLFSSL_AKID_NAME
+ const byte* extAuthKeyIdIssuer; /* Authority Key ID authorityCertIssuer */
+ word32 extAuthKeyIdIssuerSz; /* Authority Key ID authorityCertIssuer length */
+ const byte* extAuthKeyIdIssuerSN; /* Authority Key ID authorityCertSerialNumber */
+ word32 extAuthKeyIdIssuerSNSz; /* Authority Key ID authorityCertSerialNumber length */
+#endif
byte pathLength; /* CA basic constraint path length */
byte maxPathLen; /* max_path_len see RFC 5280 section
* 6.1.2 "Initialization" - (k) for
@@ -1699,6 +1720,9 @@ struct DecodedCert {
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
word32 pkCurveOID; /* Public Key's curve OID */
+ #ifdef WOLFSSL_CUSTOM_CURVES
+ int pkCurveSize; /* Public Key's curve size */
+ #endif
#endif /* HAVE_ECC */
const byte* beforeDate;
int beforeDateLen;
@@ -1846,7 +1870,7 @@ struct DecodedCert {
#ifndef NO_CERTS
SignatureCtx sigCtx;
#endif
-#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
byte* sce_tsip_encRsaKeyIdx;
#endif
#ifdef WOLFSSL_MAXQ10XX_TLS
@@ -1907,13 +1931,18 @@ struct DecodedCert {
#ifdef WOLFSSL_CERT_REQ
byte isCSR : 1; /* Do we intend on parsing a CSR? */
#endif
+#ifdef HAVE_RPK
+ byte isRPK : 1; /* indicate the cert is Raw-Public-Key cert in RFC7250 */
+#endif
#if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
&& defined(HAVE_OID_DECODING)
wc_UnknownExtCallback unknownExtCallback;
#endif
};
-#ifdef NO_SHA
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ #define SIGNER_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+#elif defined(NO_SHA)
#define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#else
#define SIGNER_DIGEST_SIZE WC_SHA_DIGEST_SIZE
@@ -1926,8 +1955,6 @@ struct Signer {
word32 keyOID; /* key type */
word16 keyUsage;
byte maxPathLen;
- byte pathLength;
- byte pathLengthSet : 1;
byte selfSigned : 1;
const byte* publicKey;
int nameLen;
@@ -1938,17 +1965,26 @@ struct Signer {
#endif /* IGNORE_NAME_CONSTRAINTS */
byte subjectNameHash[SIGNER_DIGEST_SIZE];
/* sha hash of names in certificate */
+ #if defined(HAVE_OCSP) || defined(HAVE_CRL)
+ byte issuerNameHash[SIGNER_DIGEST_SIZE];
+ /* sha hash of issuer names in certificate.
+ * Used in OCSP to check for authorized
+ * responders. */
+ #endif
#ifndef NO_SKID
byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
- /* sha hash of names in certificate */
+ /* sha hash of key in certificate */
#endif
#ifdef HAVE_OCSP
byte subjectKeyHash[KEYID_SIZE];
#endif
+#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
+ byte serialHash[SIGNER_DIGEST_SIZE]; /* serial number hash */
+#endif
#ifdef WOLFSSL_SIGNER_DER_CERT
DerBuffer* derCert;
#endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
word32 cm_idx;
#endif
Signer* next;
@@ -2021,7 +2057,10 @@ typedef enum MimeStatus
#endif /* HAVE_SMIME */
+WOLFSSL_LOCAL int HashIdAlg(word32 oidSum);
WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
+WOLFSSL_LOCAL int CalcHashId_ex(const byte* data, word32 len, byte* hash,
+ int hashAlg);
WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
@@ -2076,6 +2115,7 @@ WOLFSSL_LOCAL int DecodeToKey(DecodedCert* cert, int verify);
#ifdef WOLFSSL_ASN_TEMPLATE
WOLFSSL_LOCAL int DecodeCert(DecodedCert* cert, int verify, int* criticalExt);
#endif
+WOLFSSL_LOCAL int TryDecodeRPKToKey(DecodedCert* cert);
WOLFSSL_LOCAL int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate);
WOLFSSL_LOCAL const byte* OidFromId(word32 id, word32 type, word32* oidSz);
@@ -2159,12 +2199,17 @@ WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
int* version, word32 maxIdx);
WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
word32 maxIdx);
+WOLFSSL_ASN_API int GetASNInt(const byte* input, word32* inOutIdx, int* len,
+ word32 maxIdx);
#ifdef HAVE_OID_ENCODING
+ WOLFSSL_API int wc_EncodeObjectId(const word16* in, word32 inSz,
+ byte* out, word32* outSz);
WOLFSSL_LOCAL int EncodeObjectId(const word16* in, word32 inSz,
byte* out, word32* outSz);
#endif
-#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT)
+#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT) || \
+ defined(OPENSSL_ALL)
WOLFSSL_LOCAL int DecodeObjectId(const byte* in, word32 inSz,
word16* out, word32* outSz);
#endif
@@ -2207,6 +2252,8 @@ WOLFSSL_LOCAL int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
#endif
WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
int maxIdx);
+WOLFSSL_LOCAL int GetNameHash_ex(const byte* source, word32* idx, byte* hash,
+ int maxIdx, word32 sigOID);
WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der);
WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
const byte* pubKey, word32 pubKeySz, enum Key_Sum ks);
@@ -2260,6 +2307,14 @@ WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap);
WOLFSSL_LOCAL void FreeDer(DerBuffer** der);
+#if (defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)) || \
+ (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
+WOLFSSL_LOCAL int ParseKeyUsageStr(const char* value, word16* keyUsage,
+ void* heap);
+WOLFSSL_LOCAL int ParseExtKeyUsageStr(const char* value, byte* extKeyUsage,
+ void* heap);
+#endif /* (CERT_GEN && CERT_EXT) || (OPENSSL_ALL || OPENSSL_EXTRA) */
+
#endif /* !NO_CERTS */
#ifdef HAVE_SMIME
@@ -2364,7 +2419,9 @@ struct CertStatus {
typedef struct OcspEntry OcspEntry;
-#ifdef NO_SHA
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+#define OCSP_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+#elif defined(NO_SHA)
#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#else
#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE
@@ -2427,11 +2484,19 @@ struct OcspResponse {
struct OcspRequest {
byte issuerHash[KEYID_SIZE];
byte issuerKeyHash[KEYID_SIZE];
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+ int hashSz;
+#endif
byte* serial; /* copy of the serial number in source cert */
int serialSz;
#ifdef OPENSSL_EXTRA
WOLFSSL_ASN1_INTEGER* serialInt;
#endif
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+ defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
+ defined(HAVE_LIGHTY)
+ void* cid; /* WOLFSSL_OCSP_CERTID kept to free */
+#endif
byte* url; /* copy of the extAuthInfo in source cert */
int urlSz;
@@ -2566,11 +2631,12 @@ enum PBESTypes {
PBE_AES128_CBC = 5,
PBE_SHA1_40RC2_CBC = 6,
- PBE_SHA1_RC4_128_SUM = 657,
- PBE_SHA1_DES3_SUM = 659,
- PBE_MD5_DES_SUM = 651,
- PBE_SHA1_DES_SUM = 658,
- PBES2_SUM = 661,
+ PBE_SHA1_RC4_128_SUM = 657,
+ PBE_SHA1_DES3_SUM = 659,
+ PBE_SHA1_40RC2_CBC_SUM = 662,
+ PBE_MD5_DES_SUM = 651,
+ PBE_SHA1_DES_SUM = 658,
+ PBES2_SUM = 661,
PBES2 = 13, /* algo ID */
PBES1_MD5_DES = 3,
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h
index 21399b8f..a4395ed0 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h
@@ -104,6 +104,7 @@ enum Ecc_Sum {
ECC_SECP256R1_OID = 526,
ECC_SECP256K1_OID = 186,
ECC_BRAINPOOLP256R1_OID = 104,
+ ECC_SM2P256V1_OID = 667,
ECC_X25519_OID = 365,
ECC_ED25519_OID = 256,
ECC_BRAINPOOLP320R1_OID = 106,
@@ -116,6 +117,26 @@ enum Ecc_Sum {
};
+enum EncPkcs8Types {
+ ENC_PKCS8_VER_PKCS12 = 1,
+ ENC_PKCS8_VER_PKCS5 = 5,
+
+ ENC_PKCS8_PBES2 = 13,
+
+ ENC_PKCS8_PBE_SHA1_RC4_128 = 1,
+ ENC_PKCS8_PBE_SHA1_DES = 2,
+ ENC_PKCS8_PBE_SHA1_DES3 = 3,
+ ENC_PKCS8_PBE_SHA1_40RC2_CBC = 6,
+
+ ENC_PKCS8_PBES1_MD5_DES = 3,
+ ENC_PKCS8_PBES1_SHA1_DES = 10,
+
+ ENC_PKCS8_ALG_AES128CBC = 414,
+ ENC_PKCS8_ALG_AES256CBC = 454,
+ ENC_PKCS8_ALG_DES = 69,
+ ENC_PKCS8_ALG_DES3 = 652
+};
+
/* Certificate file Type */
enum CertType {
CERT_TYPE = 0,
@@ -154,7 +175,8 @@ enum CertType {
SPHINCS_SMALL_LEVEL1_TYPE,
SPHINCS_SMALL_LEVEL3_TYPE,
SPHINCS_SMALL_LEVEL5_TYPE,
- ECC_PARAM_TYPE
+ ECC_PARAM_TYPE,
+ CHAIN_CERT_TYPE
};
@@ -187,6 +209,8 @@ enum Ctc_SigType {
CTC_RSASSAPSS = 654,
+ CTC_SM3wSM2 = 740, /* 1.2.156.10197.1.501 */
+
CTC_ED25519 = 256,
CTC_ED448 = 257,
@@ -368,7 +392,9 @@ typedef struct CertExtension {
} CertExtension;
#endif
-#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || \
+ defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_CERT_EXT) || \
+ defined(WOLFSSL_CERT_REQ)
typedef struct CertName {
char country[CTC_NAME_SIZE];
char countryEnc;
@@ -422,6 +448,7 @@ typedef struct CertName {
#ifndef NUM_CUSTOM_EXT
#define NUM_CUSTOM_EXT 16
+#endif /* NUM_CUSTOM_EXT */
/* for user to fill for certificate generation */
typedef struct Cert {
@@ -503,6 +530,9 @@ typedef struct Cert {
byte* der; /* Pointer to buffer of current DecodedCert cache */
void* heap; /* heap hint */
byte basicConstSet:1; /* Indicator for when Basic Constraint is set */
+#ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
+ byte isCaSet:1; /* Indicator for when isCA is set */
+#endif
byte pathLenSet:1; /* Indicator for when path length is set */
#ifdef WOLFSSL_ALT_NAMES
byte altNamesCrit:1; /* Indicator of criticality of SAN extension */
@@ -618,7 +648,6 @@ WOLFSSL_API int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
#endif
#endif /* WOLFSSL_CERT_EXT */
-#endif /* WOLFSSL_CERT_GEN */
WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
const byte** date, byte* format, int* length);
@@ -723,6 +752,8 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
WOLFSSL_ABI
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx,
ecc_key* key, word32 inSz);
+ WOLFSSL_LOCAL int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
+ int pubIn, int curveIn);
WOLFSSL_ABI
WOLFSSL_API int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen);
WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
@@ -911,9 +942,6 @@ WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert,
WOLFSSL_API int wc_GetFASCNFromCert(struct DecodedCert* cert,
byte* fascn, word32* fascnSz);
#endif /* WOLFSSL_FPKI */
-#ifdef __cplusplus
- } /* extern "C" */
-#endif
#if !defined(XFPRINTF) || defined(NO_FILESYSTEM) || \
defined(NO_STDIO_FILESYSTEM) && defined(WOLFSSL_ASN_PRINT)
@@ -1015,4 +1043,8 @@ WOLFSSL_API int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts,
#endif /* WOLFSSL_ASN_PRINT */
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
#endif /* WOLF_CRYPT_ASN_PUBLIC_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h
index 679952ba..5fbda43c 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h
@@ -98,10 +98,16 @@ WOLFSSL_API
int wc_CmacUpdate(Cmac* cmac,
const byte* in, word32 inSz);
WOLFSSL_API
+int wc_CmacFinalNoFree(Cmac* cmac,
+ byte* out, word32* outSz);
+WOLFSSL_API
int wc_CmacFinal(Cmac* cmac,
byte* out, word32* outSz);
WOLFSSL_API
+int wc_CmacFree(Cmac* cmac);
+
+WOLFSSL_API
int wc_AesCmacGenerate(byte* out, word32* outSz,
const byte* in, word32 inSz,
const byte* key, word32 keySz);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h
index c1b4307f..cf38444f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h
@@ -72,13 +72,23 @@
#include <wolfssl/wolfcrypt/sha512.h>
#endif
+#ifdef WOLF_CRYPTO_CB_CMD
+/* CryptoCb Commands */
+enum wc_CryptoCbCmdType {
+ WC_CRYPTOCB_CMD_TYPE_NONE = 0,
+ WC_CRYPTOCB_CMD_TYPE_REGISTER,
+ WC_CRYPTOCB_CMD_TYPE_UNREGISTER,
+
+ WC_CRYPTOCB_CMD_TYPE_MAX = WC_CRYPTOCB_CMD_TYPE_UNREGISTER
+};
+#endif
+
/* Crypto Information Structure for callbacks */
typedef struct wc_CryptoInfo {
int algo_type; /* enum wc_AlgoType */
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
union {
#endif
-#if !defined(NO_RSA) || defined(HAVE_ECC)
struct {
int type; /* enum wc_PkType */
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
@@ -195,7 +205,6 @@ typedef struct wc_CryptoInfo {
};
#endif
} pk;
-#endif /* !NO_RSA || HAVE_ECC */
#if !defined(NO_AES) || !defined(NO_DES3)
struct {
int type; /* enum wc_CipherType */
@@ -356,6 +365,12 @@ typedef struct wc_CryptoInfo {
int type;
} cmac;
#endif
+#ifdef WOLF_CRYPTO_CB_CMD
+ struct { /* uses wc_AlgoType=ALGO_NONE */
+ int type; /* enum wc_CryptoCbCmdType */
+ void *ctx;
+ } cmd;
+#endif
#if HAVE_ANONYMOUS_INLINE_AGGREGATES
};
#endif
@@ -365,6 +380,7 @@ typedef struct wc_CryptoInfo {
typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
+WOLFSSL_LOCAL void wc_CryptoCb_Cleanup(void);
WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx);
WOLFSSL_API int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h
index 7f6bed03..3b25a9df 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h
@@ -61,9 +61,9 @@ typedef struct {
/* ECC point, the internal structure is Little endian
* the mathematical functions used the endianness */
typedef struct ECPoint {
- byte point[CURVE25519_KEYSIZE];
+ ALIGN16 byte point[CURVE25519_KEYSIZE];
#ifdef FREESCALE_LTC_ECC
- byte pointY[CURVE25519_KEYSIZE];
+ ALIGN16 byte pointY[CURVE25519_KEYSIZE];
#endif
byte pointSz;
} ECPoint;
@@ -80,13 +80,14 @@ struct curve25519_key {
curve in dp */
const curve25519_set_type* dp; /* domain parameters, either points to
curves (idx >= 0) or user supplied */
- ECPoint p; /* public point for key */
- byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
+ ECPoint p; /* public point for key */
+ ALIGN16 byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif
#if defined(WOLF_CRYPTO_CB)
+ void* devCtx;
int devId;
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
index 96e154dd..d5b12321 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
@@ -35,12 +35,6 @@
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- /* included for fips @wc_fips */
- #include <cyassl/ctaocrypt/des3.h>
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
index 1709b597..5f67d2d6 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
@@ -107,7 +107,7 @@
#define MAX_ECC_BITS_NEEDED 384
#elif defined(HAVE_ECC320)
#define MAX_ECC_BITS_NEEDED 320
-#elif !defined(NO_ECC256)
+#elif !defined(NO_ECC256) || defined(WOLFSSL_SM2)
#define MAX_ECC_BITS_NEEDED 256
#elif defined(HAVE_ECC239)
#define MAX_ECC_BITS_NEEDED 239
@@ -243,6 +243,9 @@ typedef enum ecc_curve_id {
ECC_BRAINPOOLP384R1,
ECC_BRAINPOOLP512R1,
+ /* SM2 */
+ ECC_SM2P256V1,
+
/* Twisted Edwards Curves */
#ifdef HAVE_CURVE25519
ECC_X25519,
@@ -502,6 +505,7 @@ struct ecc_key {
byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
#endif
#if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
+ void* devCtx;
int devId;
#endif
#if defined(HAVE_PKCS11)
@@ -892,8 +896,12 @@ enum ecEncAlgo {
};
enum ecKdfAlgo {
- ecHKDF_SHA256 = 1, /* default */
- ecHKDF_SHA1 = 2
+ ecHKDF_SHA256 = 1, /* default */
+ ecHKDF_SHA1 = 2,
+ ecKDF_X963_SHA1 = 3,
+ ecKDF_X963_SHA256 = 4,
+ ecKDF_SHA1 = 5,
+ ecKDF_SHA256 = 6
};
enum ecMacAlgo {
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h
index 8306f44b..0d6ef49f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h
@@ -85,12 +85,12 @@ enum {
/* An ED25519 Key */
struct ed25519_key {
- byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
- byte k[ED25519_PRV_KEY_SIZE]; /* private key : 32 secret -- 32 public */
+ ALIGN16 byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
+ ALIGN16 byte k[ED25519_PRV_KEY_SIZE]; /* private key: 32 secret, 32 pub */
#ifdef FREESCALE_LTC_ECC
/* uncompressed point coordinates */
- byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
- byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
+ ALIGN16 byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
+ ALIGN16 byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
#endif
#ifdef WOLFSSL_SE050
word32 keyId;
@@ -103,6 +103,7 @@ struct ed25519_key {
WC_ASYNC_DEV asyncDev;
#endif
#if defined(WOLF_CRYPTO_CB)
+ void* devCtx;
int devId;
#endif
void *heap;
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h
index a5845fbe..b45671d7 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h
@@ -92,6 +92,7 @@ struct ed448_key {
WC_ASYNC_DEV asyncDev;
#endif
#if defined(WOLF_CRYPTO_CB)
+ void* devCtx;
int devId;
#endif
void *heap;
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h
index 5c062efd..d29ac13b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h
@@ -33,11 +33,6 @@ the error status.
#include <wolfssl/wolfcrypt/types.h>
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- #include <cyassl/ctaocrypt/error-crypt.h>
-#endif /* HAVE_FIPS V1 */
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -54,7 +49,7 @@ enum {
BAD_MUTEX_E = -106, /* Bad mutex operation */
WC_TIMEOUT_E = -107, /* timeout error */
WC_PENDING_E = -108, /* wolfCrypt operation pending (would block) */
- WC_NOT_PENDING_E = -109, /* wolfCrypt operation not pending */
+ WC_NO_PENDING_E = -109, /* no asynchronous operation pending */
MP_INIT_E = -110, /* mp_init error state */
MP_READ_E = -111, /* mp_read error state */
@@ -69,8 +64,11 @@ enum {
MP_CMP_E = -120, /* mp_cmp error state */
MP_ZERO_E = -121, /* got a mp zero result, not expected */
+ AES_EAX_AUTH_E = -122, /* AES-EAX Authentication check failure */
+
MEMORY_E = -125, /* out of memory error */
VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */
+ FIPS_DEGRADED_E = -127, /* FIPS Module in degraded mode */
RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */
RSA_BUFFER_E = -131, /* RSA buffer error, output too small or
@@ -240,19 +238,19 @@ enum {
BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */
ECDSA_KAT_FIPS_E = -280, /* ECDSA KAT failure */
RSA_PAT_FIPS_E = -281, /* RSA Pairwise failure */
- KDF_TLS12_KAT_FIPS_E = -282, /* TLS12 KDF KAT failure */
- KDF_TLS13_KAT_FIPS_E = -283, /* TLS13 KDF KAT failure */
+ KDF_TLS12_KAT_FIPS_E = -282, /* TLS12 KDF KAT failure */
+ KDF_TLS13_KAT_FIPS_E = -283, /* TLS13 KDF KAT failure */
KDF_SSH_KAT_FIPS_E = -284, /* SSH KDF KAT failure */
DHE_PCT_E = -285, /* DHE Pairwise Consistency Test failure */
ECC_PCT_E = -286, /* ECDHE Pairwise Consistency Test failure */
FIPS_PRIVATE_KEY_LOCKED_E = -287, /* Cannot export private key. */
PROTOCOLCB_UNAVAILABLE = -288, /* Protocol callback unavailable */
- AES_SIV_AUTH_E = -289, /* AES-SIV authentication failed */
- NO_VALID_DEVID = -290, /* no valid device ID */
+ AES_SIV_AUTH_E = -289, /* AES-SIV authentication failed */
+ NO_VALID_DEVID = -290, /* no valid device ID */
- IO_FAILED_E = -291, /* Input/output failure */
- SYSLIB_FAILED_E = -292, /* System/library call failed */
- USE_HW_PSK = -293, /* Callback return to indicate HW has PSK */
+ IO_FAILED_E = -291, /* Input/output failure */
+ SYSLIB_FAILED_E = -292, /* System/library call failed */
+ USE_HW_PSK = -293, /* Callback return to indicate HW has PSK */
ENTROPY_RT_E = -294, /* Entropy Repetition Test failed */
ENTROPY_APT_E = -295, /* Entropy Adaptive Proportion Test failed */
@@ -260,7 +258,10 @@ enum {
ASN_DEPTH_E = -296, /* Invalid ASN.1 - depth check */
ASN_LEN_E = -297, /* ASN.1 length invalid */
- WC_LAST_E = -297, /* Update this to indicate last error */
+ SM4_GCM_AUTH_E = -298, /* SM4-GCM Authentication check failure */
+ SM4_CCM_AUTH_E = -299, /* SM4-CCM Authentication check failure */
+
+ WC_LAST_E = -299, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h
new file mode 100644
index 00000000..ccdfdcb3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h
@@ -0,0 +1,65 @@
+/* ext_lms.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef EXT_LMS_H
+#define EXT_LMS_H
+
+#ifdef WOLFSSL_HAVE_LMS
+#include <wolfssl/wolfcrypt/lms.h>
+
+#if !defined(HAVE_LIBLMS)
+#error "This code requires liblms"
+#endif
+
+/* hash-sigs LMS HSS includes */
+#include <hss.h>
+
+#if defined(WOLFSSL_WC_LMS)
+#error "This code is incompatible with wolfCrypt's implementation of LMS."
+#endif
+
+/*
+ * The hash-sigs LMS lib supports from MIN_HSS_LEVELS to MAX_HSS_LEVELS
+ * number of levels of Merkle trees. It allows for the tree height and
+ * winternitz parameter to be unique per level.
+ */
+
+/* hss structs */
+typedef struct hss_working_key hss_working_key;
+typedef struct hss_extra_info hss_extra_info;
+
+struct LmsKey {
+ unsigned levels; /* Number of tree levels. */
+ param_set_t lm_type[MAX_HSS_LEVELS]; /* Height param per level. */
+ param_set_t lm_ots_type[MAX_HSS_LEVELS]; /* Winternitz param per level. */
+ unsigned char pub[HSS_MAX_PUBLIC_KEY_LEN];
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+ hss_working_key * working_key;
+ write_private_key_cb write_private_key; /* Callback to write/update key. */
+ read_private_key_cb read_private_key; /* Callback to read key. */
+ void * context; /* Context arg passed to callbacks. */
+ hss_extra_info info;
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+ enum wc_LmsState state;
+};
+
+#endif /* WOLFSSL_HAVE_LMS */
+#endif /* EXT_LMS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h
new file mode 100644
index 00000000..9abf1583
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h
@@ -0,0 +1,56 @@
+/* ext_xmss.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef EXT_XMSS_H
+#define EXT_XMSS_H
+
+#ifdef WOLFSSL_HAVE_XMSS
+#include <wolfssl/wolfcrypt/xmss.h>
+
+#if !defined(HAVE_LIBXMSS)
+ #error "This code requires libxmss"
+#endif
+
+#include <xmss.h>
+#include <params.h>
+
+#if defined(WOLFSSL_WC_XMSS)
+ #error "This code is incompatible with wolfCrypt's implementation of XMSS."
+#endif
+
+struct XmssKey {
+ unsigned char pk[XMSS_SHA256_PUBLEN];
+ uint32_t oid;
+ int is_xmssmt;
+ xmss_params params;
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+ /* The secret key length is a function of xmss_params. */
+ unsigned char * sk;
+ word32 sk_len;
+ write_private_key_cb write_private_key; /* Callback to write/update key. */
+ read_private_key_cb read_private_key; /* Callback to read key. */
+ void * context; /* Context arg passed to callbacks. */
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+ enum wc_XmssState state;
+};
+
+#endif /* WOLFSSL_HAVE_XMSS */
+#endif /* EXT_XMSS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h
index 09aa4e8d..c925d7da 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h
@@ -66,7 +66,7 @@ WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a);
#if !defined(CURVED448_128BIT)
WOLFSSL_LOCAL void fe448_reduce(fe448*);
#else
-#define fe448_reduce(a)
+#define fe448_reduce(a) WC_DO_NOTHING
#endif
WOLFSSL_LOCAL void fe448_neg(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_add(fe448* r, const fe448* a, const fe448* b);
@@ -93,7 +93,7 @@ WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448* r, const fe448* a);
WOLFSSL_LOCAL void fe448_init(void);
WOLFSSL_LOCAL int curve448(byte* r, const byte* n, const byte* a);
-#define fe448_reduce(a)
+#define fe448_reduce(a) WC_DO_NOTHING
WOLFSSL_LOCAL void fe448_neg(word8* r, const word8* a);
WOLFSSL_LOCAL void fe448_add(word8* r, const word8* a, const word8* b);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h
index 45daa003..cdd27db5 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h
@@ -120,28 +120,6 @@ WOLFSSL_LOCAL word64 load_3(const unsigned char *in);
WOLFSSL_LOCAL word64 load_4(const unsigned char *in);
#ifdef CURVED25519_ASM
-WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py,
- const fe pz, const fe pt);
-WOLFSSL_LOCAL void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px,
- const fe py, const fe pz, const fe pt);
-WOLFSSL_LOCAL void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px,
- const fe py, const fe pz);
-WOLFSSL_LOCAL void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px,
- const fe py, const fe pz, const fe pt,
- const fe qxy2d, const fe qyplusx,
- const fe qyminusx);
-WOLFSSL_LOCAL void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px,
- const fe py, const fe pz, const fe pt,
- const fe qxy2d, const fe qyplusx,
- const fe qyminusx);
-WOLFSSL_LOCAL void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px,
- const fe py, const fe pz, const fe pt, const fe qz,
- const fe qt2d, const fe qyplusx,
- const fe qyminusx);
-WOLFSSL_LOCAL void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px,
- const fe py, const fe pz, const fe pt, const fe qz,
- const fe qt2d, const fe qyplusx,
- const fe qyminusx);
WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b);
#endif /* CURVED25519_ASM */
#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h
index 5e819d4c..dc37477d 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h
@@ -77,10 +77,10 @@ enum FipsCastStateId {
};
enum FipsModeId {
- FIPS_MODE_INIT,
- FIPS_MODE_NORMAL,
- FIPS_MODE_DEGRADED,
- FIPS_MODE_FAILED
+ FIPS_MODE_INIT = 0,
+ FIPS_MODE_NORMAL = 1,
+ FIPS_MODE_DEGRADED = 2,
+ FIPS_MODE_FAILED = 3
};
@@ -92,6 +92,7 @@ WOLFSSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
/* Public get status functions */
WOLFSSL_API int wolfCrypt_GetStatus_fips(void);
+WOLFSSL_API int wolfCrypt_GetMode_fips(void);
WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void);
#ifdef HAVE_FORCE_FIPS_FAILURE
@@ -105,6 +106,7 @@ WOLFSSL_LOCAL int DoKnownAnswerTests(char* base16_hash, int base16_hashSz); /* F
WOLFSSL_API int wc_RunCast_fips(int type);
WOLFSSL_API int wc_GetCastStatus_fips(int type);
+WOLFSSL_API int wc_RunAllCast_fips(void);
#ifdef __cplusplus
} /* extern "C" */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h
index 69bd60c7..0c6ce8dd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h
@@ -46,15 +46,15 @@ Representations:
*/
#ifdef ED25519_SMALL
- typedef byte ge[F25519_SIZE];
+ ALIGN16 typedef byte ge[F25519_SIZE];
#elif defined(CURVED25519_ASM_64BIT)
- typedef sword64 ge[4];
+ ALIGN16 typedef sword64 ge[4];
#elif defined(CURVED25519_ASM_32BIT)
- typedef sword32 ge[8];
+ ALIGN16 typedef sword32 ge[8];
#elif defined(CURVED25519_128BIT)
- typedef sword64 ge[5];
+ ALIGN16 typedef sword64 ge[5];
#else
- typedef sword32 ge[10];
+ ALIGN16 typedef sword32 ge[10];
#endif
typedef struct {
@@ -70,6 +70,9 @@ typedef struct {
ge T;
} ge_p3;
+#ifdef __cplusplus
+ extern "C" {
+#endif
WOLFSSL_LOCAL int ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
word32 keySz);
@@ -82,7 +85,11 @@ WOLFSSL_LOCAL void sc_reduce(byte* s);
WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
const byte* c);
WOLFSSL_LOCAL void ge_tobytes(unsigned char *s,const ge_p2 *h);
+#ifndef GE_P3_TOBYTES_IMPL
+#define ge_p3_tobytes(s, h) ge_tobytes((s), (const ge_p2 *)(h))
+#else
WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *s,const ge_p3 *h);
+#endif
#ifndef ED25519_SMALL
@@ -105,9 +112,23 @@ typedef struct {
ge Z;
ge T2d;
} ge_cached;
-
#endif /* !ED25519_SMALL */
+#ifdef CURVED25519_ASM
+void ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p);
+void ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p);
+void ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p);
+#define ge_p3_dbl(r, p) ge_p2_dbl((ge_p1p1 *)(r), (ge_p2 *)(p))
+void ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q);
+void ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q);
+void ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
+void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
#endif /* HAVE_ED25519 */
#endif /* WOLF_CRYPT_GE_OPERATIONS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
index 71a21c2e..b8079ba2 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
@@ -55,6 +55,9 @@
#if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
#include <wolfssl/wolfcrypt/blake2.h>
#endif
+#ifdef WOLFSSL_SM3
+ #include <wolfssl/wolfcrypt/sm3.h>
+#endif
#ifdef __cplusplus
@@ -76,7 +79,8 @@ enum wc_MACAlgorithm {
sha384_mac,
sha512_mac,
rmd_mac,
- blake2b_mac
+ blake2b_mac,
+ sm3_mac,
};
enum wc_HashFlags {
@@ -112,6 +116,9 @@ typedef union {
#ifdef WOLFSSL_SHA3
wc_Sha3 sha3;
#endif
+ #ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+ #endif
} wc_HashAlg;
#endif /* !NO_HASH_WRAPPER */
@@ -132,6 +139,9 @@ typedef union {
#elif !defined(NO_SHA256)
#define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA256_BLOCK_SIZE
+#elif defined(WOLFSSL_SM3)
+ #define WC_MAX_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+ #define WC_MAX_BLOCK_SIZE WC_SM3_BLOCK_SIZE
#elif defined(WOLFSSL_SHA224)
#define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
#define WC_MAX_BLOCK_SIZE WC_SHA224_BLOCK_SIZE
@@ -226,6 +236,10 @@ WOLFSSL_API int wc_Shake256Hash(const byte* data, word32 len, byte* hash,
#endif
#endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+WOLFSSL_API int wc_Sm3Hash(const byte* data, word32 len, byte* hash);
+#endif
+
#endif /* !NO_HASH_WRAPPER */
#if defined(WOLFSSL_HASH_KEEP)
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
index b17e40f4..f325dd35 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
@@ -31,14 +31,6 @@
#ifndef NO_HMAC
#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* for fips @wc_fips */
- #include <cyassl/ctaocrypt/hmac.h>
- #define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
-#endif
-
-
-#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
#endif
@@ -144,6 +136,9 @@ typedef union {
#ifdef WOLFSSL_SHA3
wc_Sha3 sha3;
#endif
+#ifdef WOLFSSL_SM3
+ wc_Sm3 sm3;
+#endif
} wc_HmacHash;
/* Hmac digest */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am
index c8d831c5..dfdc80ac 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am
@@ -75,9 +75,20 @@ nobase_include_HEADERS+= \
wolfssl/wolfcrypt/cryptocb.h \
wolfssl/wolfcrypt/kyber.h \
wolfssl/wolfcrypt/wc_kyber.h \
- wolfssl/wolfcrypt/ext_kyber.h
+ wolfssl/wolfcrypt/ext_kyber.h \
+ wolfssl/wolfcrypt/sm2.h \
+ wolfssl/wolfcrypt/sm3.h \
+ wolfssl/wolfcrypt/sm4.h \
+ wolfssl/wolfcrypt/lms.h \
+ wolfssl/wolfcrypt/wc_lms.h \
+ wolfssl/wolfcrypt/ext_lms.h \
+ wolfssl/wolfcrypt/xmss.h \
+ wolfssl/wolfcrypt/wc_xmss.h \
+ wolfssl/wolfcrypt/ext_xmss.h
noinst_HEADERS+= \
+ wolfssl/wolfcrypt/port/aria/aria-crypt.h \
+ wolfssl/wolfcrypt/port/aria/aria-cryptocb.h \
wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
wolfssl/wolfcrypt/port/ti/ti-hash.h \
wolfssl/wolfcrypt/port/ti/ti-ccm.h \
@@ -99,7 +110,8 @@ noinst_HEADERS+= \
wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h \
wolfssl/wolfcrypt/port/arm/cryptoCell.h \
wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h \
- wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h \
+ wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h \
+ wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h \
wolfssl/wolfcrypt/port/Renesas/renesas_sync.h \
wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h \
wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h \
@@ -127,6 +139,11 @@ if BUILD_DEVCRYPTO
nobase_include_HEADERS+= wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h
endif
+if BUILD_ARIA
+nobase_include_HEADERS+= wolfssl/wolfcrypt/port/aria/aria-crypt.h
+nobase_include_HEADERS+= wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
+endif
+
if BUILD_ASYNCCRYPT
nobase_include_HEADERS+= wolfssl/wolfcrypt/async.h
endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
index 3ec64ae6..243d3f0d 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
@@ -69,7 +69,7 @@ extern "C" {
#else
/* C on the other hand doesn't care */
-#define OPT_CAST(x)
+#define OPT_CAST(x) /* null expansion */
#endif /* __cplusplus */
@@ -206,7 +206,7 @@ typedef int mp_err;
#define NEW_MP_INT_SIZE(name, bits, heap, type) \
XMEMSET(name, 0, sizeof(mp_int))
/* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)
+#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
/* Initialize an mp_int. */
#define INIT_MP_INT_SIZE(name, bits) \
mp_init(name)
@@ -313,6 +313,7 @@ MP_API int mp_unsigned_bin_size(const mp_int * a);
MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+#define mp_to_unsigned_bin_len_ct mp_to_unsigned_bin_len
MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
MP_API int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
MP_API int mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P,
@@ -329,6 +330,8 @@ MP_API int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
MP_API void mp_zero (mp_int * a);
MP_API void mp_clamp (mp_int * a);
MP_API int mp_exch (mp_int * a, mp_int * b);
+MP_API int mp_cond_swap_ct_ex (mp_int * a, mp_int * b, int c, int m,
+ mp_int * t);
MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
MP_API void mp_rshd (mp_int * a, int b);
MP_API void mp_rshb (mp_int * a, int b);
@@ -341,6 +344,7 @@ int fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
MP_API int mp_cmp_mag (mp_int * a, mp_int * b);
MP_API int mp_cmp (mp_int * a, mp_int * b);
+#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
MP_API int mp_cmp_d(mp_int * a, mp_digit b);
MP_API int mp_set (mp_int * a, mp_digit b);
MP_API int mp_is_bit_set (mp_int * a, mp_digit b);
@@ -363,6 +367,7 @@ MP_API int mp_montgomery_setup (mp_int * n, mp_digit * rho);
int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
MP_API int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
#define mp_montgomery_reduce_ex(x, n, rho, ct) mp_montgomery_reduce (x, n, rho)
+#define mp_montgomery_reduce_ct(x, n, rho) mp_montgomery_reduce (x, n, rho)
MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
MP_API int mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
MP_API int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
@@ -406,7 +411,7 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#ifdef WOLFSSL_DEBUG_MATH
MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
#else
- #define mp_dump(desc, a, verbose)
+ #define mp_dump(desc, a, verbose) WC_DO_NOTHING
#endif
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h
index b1a64fe5..6a6a8569 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h
@@ -105,6 +105,42 @@ WOLFSSL_API int wc_SSH_KDF(byte hashId, byte keyId,
#endif /* WOLFSSL_WOLFSSH */
+#ifdef WC_SRTP_KDF
+/* Label values for purpose. */
+#define WC_SRTP_LABEL_ENCRYPTION 0x00
+#define WC_SRTP_LABEL_MSG_AUTH 0x01
+#define WC_SRTP_LABEL_SALT 0x02
+#define WC_SRTCP_LABEL_ENCRYPTION 0x03
+#define WC_SRTCP_LABEL_MSG_AUTH 0x04
+#define WC_SRTCP_LABEL_SALT 0x05
+#define WC_SRTP_LABEL_HDR_ENCRYPTION 0x06
+#define WC_SRTP_LABEL_HDR_SALT 0x07
+
+/* Length of index for SRTP KDF. */
+#define WC_SRTP_INDEX_LEN 6
+/* Length of index for SRTCP KDF. */
+#define WC_SRTCP_INDEX_LEN 4
+
+/* Maximum length of salt that can be used with SRTP/SRTCP. */
+#define WC_SRTP_MAX_SALT 14
+
+WOLFSSL_API int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt,
+ word32 saltSz, int kdrIdx, const byte* index, byte* key1, word32 key1Sz,
+ byte* key2, word32 key2Sz, byte* key3, word32 key3Sz);
+WOLFSSL_API int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt,
+ word32 saltSz, int kdrIdx, const byte* index, byte* key1, word32 key1Sz,
+ byte* key2, word32 key2Sz, byte* key3, word32 key3Sz);
+WOLFSSL_API int wc_SRTP_KDF_label(const byte* key, word32 keySz,
+ const byte* salt, word32 saltSz, int kdrIdx, const byte* index, byte label,
+ byte* outKey, word32 outKeySz);
+WOLFSSL_API int wc_SRTCP_KDF_label(const byte* key, word32 keySz,
+ const byte* salt, word32 saltSz, int kdrIdx, const byte* index, byte label,
+ byte* outKey, word32 outKeySz);
+
+WOLFSSL_API int wc_SRTP_KDF_kdr_to_idx(word32 kdr);
+
+#endif /* WC_SRTP_KDF */
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h
new file mode 100644
index 00000000..483f349c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h
@@ -0,0 +1,144 @@
+/* lms.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/lms.h
+ */
+
+#ifndef WOLF_CRYPT_LMS_H
+#define WOLF_CRYPT_LMS_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef WOLFSSL_HAVE_LMS
+
+typedef struct LmsKey LmsKey;
+
+/* Private key write and read callbacks. */
+typedef int (*write_private_key_cb)(const byte * priv, word32 privSz, void *context);
+typedef int (*read_private_key_cb)(byte * priv, word32 privSz, void *context);
+
+/* Return codes returned by private key callbacks. */
+enum wc_LmsRc {
+ WC_LMS_RC_NONE,
+ WC_LMS_RC_BAD_ARG, /* Bad arg in read or write callback. */
+ WC_LMS_RC_WRITE_FAIL, /* Write or update private key failed. */
+ WC_LMS_RC_READ_FAIL, /* Read private key failed. */
+ WC_LMS_RC_SAVED_TO_NV_MEMORY, /* Wrote private key to nonvolatile storage. */
+ WC_LMS_RC_READ_TO_MEMORY /* Read private key from storage. */
+};
+
+/* LMS/HSS signatures are defined by 3 parameters:
+ * levels: number of levels of Merkle trees.
+ * height: height of an individual Merkle tree.
+ * winternitz: number of bits from hash used in a Winternitz chain.
+ *
+ * The acceptable parameter values are those in RFC8554:
+ * levels = {1..8}
+ * height = {5, 10, 15, 20, 25}
+ * winternitz = {1, 2, 4, 8}
+ *
+ * The number of available signatures is:
+ * N = 2 ** (levels * height)
+ *
+ * Signature sizes are determined by levels and winternitz
+ * parameters primarily, and height to a lesser extent:
+ * - Larger levels values increase signature size significantly.
+ * - Larger height values increase signature size moderately.
+ * - Larger winternitz values will reduce the signature size, at
+ * the expense of longer key generation and sign/verify times.
+ *
+ * Key generation time is strongly determined by the height of
+ * the first level tree. A 3 level, 5 height tree is much faster
+ * than 1 level, 15 height at initial key gen, even if the number
+ * of available signatures is the same.
+ * */
+
+/* Predefined LMS/HSS parameter sets for convenience.
+ *
+ * Not predefining a set with Winternitz=1, because the signatures
+ * will be large. */
+enum wc_LmsParm {
+ WC_LMS_PARM_NONE = 0,
+ WC_LMS_PARM_L1_H15_W2 = 1, /* 1 level Merkle tree of 15 height. */
+ WC_LMS_PARM_L1_H15_W4 = 2,
+ WC_LMS_PARM_L2_H10_W2 = 3, /* 2 level Merkle tree of 10 height. */
+ WC_LMS_PARM_L2_H10_W4 = 4,
+ WC_LMS_PARM_L2_H10_W8 = 5,
+ WC_LMS_PARM_L3_H5_W2 = 6, /* 3 level Merkle tree of 5 height. */
+ WC_LMS_PARM_L3_H5_W4 = 7,
+ WC_LMS_PARM_L3_H5_W8 = 8,
+ WC_LMS_PARM_L3_H10_W4 = 9, /* 3 level Merkle tree of 10 height. */
+ WC_LMS_PARM_L4_H5_W8 = 10, /* 4 level Merkle tree of 5 height. */
+};
+
+/* enum wc_LmsState is to help track the state of an LMS/HSS Key. */
+enum wc_LmsState {
+ WC_LMS_STATE_FREED, /* Key has been freed from memory. */
+ WC_LMS_STATE_INITED, /* Key has been inited, ready to set params.*/
+ WC_LMS_STATE_PARMSET, /* Params are set, ready to MakeKey or Reload. */
+ WC_LMS_STATE_OK, /* Able to sign signatures and verify. */
+ WC_LMS_STATE_VERIFYONLY, /* A public only LmsKey. */
+ WC_LMS_STATE_BAD, /* Can't guarantee key's state. */
+ WC_LMS_STATE_NOSIGS /* Signatures exhausted. */
+};
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+WOLFSSL_API int wc_LmsKey_Init(LmsKey * key, void * heap, int devId);
+WOLFSSL_API int wc_LmsKey_SetLmsParm(LmsKey * key, enum wc_LmsParm lmsParm);
+WOLFSSL_API int wc_LmsKey_SetParameters(LmsKey * key, int levels,
+ int height, int winternitz);
+WOLFSSL_API int wc_LmsKey_GetParameters(const LmsKey * key, int * levels,
+ int * height, int * winternitz);
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+WOLFSSL_API int wc_LmsKey_SetWriteCb(LmsKey * key,
+ write_private_key_cb write_cb);
+WOLFSSL_API int wc_LmsKey_SetReadCb(LmsKey * key,
+ read_private_key_cb read_cb);
+WOLFSSL_API int wc_LmsKey_SetContext(LmsKey * key, void * context);
+WOLFSSL_API int wc_LmsKey_MakeKey(LmsKey * key, WC_RNG * rng);
+WOLFSSL_API int wc_LmsKey_Reload(LmsKey * key);
+WOLFSSL_API int wc_LmsKey_GetPrivLen(const LmsKey * key, word32 * len);
+WOLFSSL_API int wc_LmsKey_Sign(LmsKey * key, byte * sig, word32 * sigSz,
+ const byte * msg, int msgSz);
+WOLFSSL_API int wc_LmsKey_SigsLeft(LmsKey * key);
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+WOLFSSL_API void wc_LmsKey_Free(LmsKey * key);
+WOLFSSL_API int wc_LmsKey_GetSigLen(const LmsKey * key, word32 * len);
+WOLFSSL_API int wc_LmsKey_GetPubLen(const LmsKey * key, word32 * len);
+WOLFSSL_API int wc_LmsKey_ExportPub(LmsKey * keyDst, const LmsKey * keySrc);
+WOLFSSL_API int wc_LmsKey_ExportPubRaw(const LmsKey * key, byte * out,
+ word32 * outLen);
+WOLFSSL_API int wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in,
+ word32 inLen);
+WOLFSSL_API int wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz,
+ const byte * msg, int msgSz);
+WOLFSSL_API const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm);
+WOLFSSL_API const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsRc);
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_HAVE_LMS */
+#endif /* WOLF_CRYPT_LMS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
index d47abec8..498b605e 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
@@ -100,6 +100,8 @@ WOLFSSL_API int wolfSSL_Debugging_ON(void);
/* turn logging off */
WOLFSSL_API void wolfSSL_Debugging_OFF(void);
+WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix);
+
#ifdef HAVE_WC_INTROSPECTION
WOLFSSL_API const char *wolfSSL_configure_args(void);
WOLFSSL_API const char *wolfSSL_global_cflags(void);
@@ -107,11 +109,12 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#if (defined(OPENSSL_EXTRA) && !defined(_WIN32) && \
- !defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE)
+ !defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE) \
+ || defined(HAVE_MEMCACHED)
#define WOLFSSL_HAVE_ERROR_QUEUE
#endif
-#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || defined(HAVE_MEMCACHED)
WOLFSSL_LOCAL int wc_LoggingInit(void);
WOLFSSL_LOCAL int wc_LoggingCleanup(void);
WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
@@ -133,7 +136,7 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,
size_t len, void *u), void *u);
#endif
-#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
+#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE || HAVE_MEMCACHED */
#ifdef WOLFSSL_FUNC_TIME
/* WARNING: This code is only to be used for debugging performance.
@@ -144,9 +147,9 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API void WOLFSSL_END(int funcNum);
WOLFSSL_API void WOLFSSL_TIME(int count);
#else
- #define WOLFSSL_START(n)
- #define WOLFSSL_END(n)
- #define WOLFSSL_TIME(n)
+ #define WOLFSSL_START(n) WC_DO_NOTHING
+ #define WOLFSSL_END(n) WC_DO_NOTHING
+ #define WOLFSSL_TIME(n) WC_DO_NOTHING
#endif
#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY)
@@ -166,25 +169,25 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
#define WOLFSSL_STUB(m) \
WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented))
WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void);
-#if !defined(_WIN32) && defined(XVSNPRINTF)
+#if defined(XVSNPRINTF)
WOLFSSL_API void WOLFSSL_MSG_EX(const char* fmt, ...);
#define HAVE_WOLFSSL_MSG_EX
#else
- #define WOLFSSL_MSG_EX(...) do{} while(0)
+ #define WOLFSSL_MSG_EX(...) WC_DO_NOTHING
#endif
WOLFSSL_API void WOLFSSL_MSG(const char* msg);
WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length);
#else
- #define WOLFSSL_ENTER(m)
- #define WOLFSSL_LEAVE(m, r)
- #define WOLFSSL_STUB(m)
+ #define WOLFSSL_ENTER(m) WC_DO_NOTHING
+ #define WOLFSSL_LEAVE(m, r) WC_DO_NOTHING
+ #define WOLFSSL_STUB(m) WC_DO_NOTHING
#define WOLFSSL_IS_DEBUG_ON() 0
- #define WOLFSSL_MSG_EX(...) do{} while(0)
- #define WOLFSSL_MSG(m) do{} while(0)
- #define WOLFSSL_BUFFER(b, l) do{} while(0)
+ #define WOLFSSL_MSG_EX(...) WC_DO_NOTHING
+ #define WOLFSSL_MSG(m) WC_DO_NOTHING
+ #define WOLFSSL_BUFFER(b, l) WC_DO_NOTHING
#endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
@@ -202,8 +205,8 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
#else
- #define WOLFSSL_ERROR(e)
- #define WOLFSSL_ERROR_MSG(m)
+ #define WOLFSSL_ERROR(e) (void)(e)
+ #define WOLFSSL_ERROR_MSG(m) (void)(m)
#endif /* DEBUG_WOLFSSL | OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
OPENSSL_EXTRA */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h
index 483f14ab..58575642 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h
@@ -24,8 +24,6 @@
#ifndef WOLFSSL_MEM_TRACK_H
#define WOLFSSL_MEM_TRACK_H
-#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
-
/* The memory tracker overrides the wolfSSL memory callback system and uses a
* static to track the total, peak and currently allocated bytes.
*
@@ -61,7 +59,9 @@
*/
#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/wolfcrypt/types.h"
#include "wolfssl/wolfcrypt/logging.h"
+#include "wolfssl/wolfcrypt/error-crypt.h"
#include "wolfssl/wolfcrypt/memory.h"
#if defined(WOLFSSL_TRACK_MEMORY) || defined(HAVE_STACK_SIZE) || \
@@ -77,13 +77,14 @@
#endif
#endif
-#if defined(WOLFSSL_TRACK_MEMORY)
- #define DO_MEM_STATS
- #if (defined(__linux__) && !defined(WOLFSSL_LINUXKM)) || defined(__MACH__)
- #define DO_MEM_LIST
- #endif
-#endif
+/* Track Memory */
+#if defined(WOLFSSL_TRACK_MEMORY) && defined(USE_WOLFSSL_MEMORY) && \
+ !defined(WOLFSSL_STATIC_MEMORY)
+#define DO_MEM_STATS
+#if (defined(__linux__) && !defined(WOLFSSL_LINUXKM)) || defined(__MACH__)
+ #define DO_MEM_LIST
+#endif
typedef struct memoryStats {
long totalAllocs; /* number of allocations */
@@ -93,12 +94,12 @@ typedef struct memoryStats {
long currentBytes; /* total current bytes in use */
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
long peakAllocsTripOdometer; /* peak number of concurrent allocations,
- * subject to reset by
- * wolfCrypt_heap_peak_checkpoint()
- */
+ * subject to reset by
+ * wolfCrypt_heap_peak_checkpoint()
+ */
long peakBytesTripOdometer; /* peak concurrent bytes, subject to reset
- * by wolfCrypt_heap_peak_checkpoint()
- */
+ * by wolfCrypt_heap_peak_checkpoint()
+ */
#endif
} memoryStats;
@@ -119,7 +120,8 @@ typedef struct memHint {
typedef struct memoryTrack {
union {
memHint hint;
- byte alignit[sizeof(memHint) + ((16-1) & ~(16-1))]; /* make sure we have strong alignment */
+ /* make sure we have strong alignment */
+ byte alignit[sizeof(memHint) + ((16-1) & ~(16-1))];
} u;
} memoryTrack;
@@ -132,7 +134,7 @@ typedef struct memoryList {
} memoryList;
#endif
-#if defined(WOLFSSL_TRACK_MEMORY)
+
static memoryStats ourMemStats;
#ifdef DO_MEM_LIST
@@ -140,7 +142,6 @@ static memoryStats ourMemStats;
static memoryList ourMemList;
static pthread_mutex_t memLock = PTHREAD_MUTEX_INITIALIZER;
#endif
-#endif
#ifdef WOLFSSL_DEBUG_MEMORY
static WC_INLINE void* TrackMalloc(size_t sz, const char* func,
@@ -169,7 +170,8 @@ static WC_INLINE void* TrackMalloc(size_t sz)
#ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT
- wc_mem_printf("Alloc: %p -> %u at %s:%d\n", header->thisMemory, (word32)sz, func, line);
+ wc_mem_printf("Alloc: %p -> %u at %s:%d\n",
+ header->thisMemory, (word32)sz, func, line);
#else
(void)func;
(void)line;
@@ -180,18 +182,23 @@ static WC_INLINE void* TrackMalloc(size_t sz)
ourMemStats.totalAllocs++;
ourMemStats.totalBytes += sz;
ourMemStats.currentBytes += sz;
+#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs -
+ ourMemStats.totalDeallocs) {
+ ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs -
+ ourMemStats.totalDeallocs;
+ }
+ if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes)
+#endif
+ {
#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
- if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs - ourMemStats.totalDeallocs)
- ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs - ourMemStats.totalDeallocs;
- if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes) {
ourMemStats.peakBytesTripOdometer = ourMemStats.currentBytes;
#endif
if (ourMemStats.currentBytes > ourMemStats.peakBytes)
ourMemStats.peakBytes = ourMemStats.currentBytes;
- #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
}
- #endif
-#endif
+#endif /* DO_MEM_STATS */
+
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0) {
#ifdef WOLFSSL_DEBUG_MEMORY
@@ -214,7 +221,7 @@ static WC_INLINE void* TrackMalloc(size_t sz)
pthread_mutex_unlock(&memLock);
}
-#endif
+#endif /* DO_MEM_LIST */
return header->thisMemory;
}
@@ -332,7 +339,6 @@ static WC_INLINE void* TrackRealloc(void* ptr, size_t sz)
return ret;
}
-#ifdef WOLFSSL_TRACK_MEMORY
static wolfSSL_Malloc_cb mfDefault = NULL;
static wolfSSL_Free_cb ffDefault = NULL;
static wolfSSL_Realloc_cb rfDefault = NULL;
@@ -353,27 +359,26 @@ static WC_INLINE int InitMemoryTracker(void)
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0)
- {
-#endif
-
-#ifdef DO_MEM_STATS
- ourMemStats.totalAllocs = 0;
- ourMemStats.totalDeallocs = 0;
- ourMemStats.totalBytes = 0;
- ourMemStats.peakBytes = 0;
- ourMemStats.currentBytes = 0;
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
- ourMemStats.peakAllocsTripOdometer = 0;
- ourMemStats.peakBytesTripOdometer = 0;
-#endif
#endif
+ {
+ #ifdef DO_MEM_STATS
+ ourMemStats.totalAllocs = 0;
+ ourMemStats.totalDeallocs = 0;
+ ourMemStats.totalBytes = 0;
+ ourMemStats.peakBytes = 0;
+ ourMemStats.currentBytes = 0;
+ #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+ ourMemStats.peakAllocsTripOdometer = 0;
+ ourMemStats.peakBytesTripOdometer = 0;
+ #endif
+ #endif /* DO_MEM_STATS */
-#ifdef DO_MEM_LIST
- XMEMSET(&ourMemList, 0, sizeof(ourMemList));
+ #ifdef DO_MEM_LIST
+ XMEMSET(&ourMemList, 0, sizeof(ourMemList));
- pthread_mutex_unlock(&memLock);
+ pthread_mutex_unlock(&memLock);
+ #endif
}
-#endif
return ret;
}
@@ -382,36 +387,38 @@ static WC_INLINE void ShowMemoryTracker(void)
{
#ifdef DO_MEM_LIST
if (pthread_mutex_lock(&memLock) == 0)
- {
-#endif
-
-#ifdef DO_MEM_STATS
- wc_mem_printf("total Allocs = %9ld\n", ourMemStats.totalAllocs);
- wc_mem_printf("total Deallocs = %9ld\n", ourMemStats.totalDeallocs);
- wc_mem_printf("total Bytes = %9ld\n", ourMemStats.totalBytes);
- wc_mem_printf("peak Bytes = %9ld\n", ourMemStats.peakBytes);
- wc_mem_printf("current Bytes = %9ld\n", ourMemStats.currentBytes);
#endif
+ {
+ #ifdef DO_MEM_STATS
+ wc_mem_printf("total Allocs = %9ld\n", ourMemStats.totalAllocs);
+ wc_mem_printf("total Deallocs = %9ld\n", ourMemStats.totalDeallocs);
+ wc_mem_printf("total Bytes = %9ld\n", ourMemStats.totalBytes);
+ wc_mem_printf("peak Bytes = %9ld\n", ourMemStats.peakBytes);
+ wc_mem_printf("current Bytes = %9ld\n", ourMemStats.currentBytes);
+ #endif
-#ifdef DO_MEM_LIST
- if (ourMemList.count > 0) {
- /* print list of allocations */
- memHint* header;
- for (header = ourMemList.head; header != NULL; header = header->next) {
- #ifdef WOLFSSL_DEBUG_MEMORY
- wc_mem_printf("Leak: Ptr %p, Size %u, Func %s, Line %d\n",
- (byte*)header + sizeof(memHint), (unsigned int)header->thisSize,
- header->func, header->line);
-#else
- wc_mem_printf("Leak: Ptr %p, Size %u\n",
- (byte*)header + sizeof(memHint), (unsigned int)header->thisSize);
-#endif
+ #ifdef DO_MEM_LIST
+ if (ourMemList.count > 0) {
+ /* print list of allocations */
+ memHint* header;
+ for (header = ourMemList.head;
+ header != NULL;
+ header = header->next) {
+ #ifdef WOLFSSL_DEBUG_MEMORY
+ wc_mem_printf("Leak: Ptr %p, Size %u, Func %s, Line %d\n",
+ (byte*)header + sizeof(memHint),
+ (unsigned int)header->thisSize, header->func, header->line);
+ #else
+ wc_mem_printf("Leak: Ptr %p, Size %u\n",
+ (byte*)header + sizeof(memHint),
+ (unsigned int)header->thisSize);
+ #endif
+ }
}
- }
- pthread_mutex_unlock(&memLock);
+ pthread_mutex_unlock(&memLock);
+ #endif
}
-#endif
}
static WC_INLINE int CleanupMemoryTracker(void)
@@ -419,9 +426,8 @@ static WC_INLINE int CleanupMemoryTracker(void)
/* restore default allocators */
return wolfSSL_SetAllocators(mfDefault, ffDefault, rfDefault);
}
-#endif /* WOLFSSL_TRACK_MEMORY */
-
-#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_STATIC_MEMORY */
+#endif /* WOLFSSL_TRACK_MEMORY && USE_WOLFSSL_MEMORY && \
+ !WOLFSSL_STATIC_MEMORY */
#ifdef HAVE_STACK_SIZE
@@ -432,10 +438,6 @@ static WC_INLINE int CleanupMemoryTracker(void)
#include <sched.h>
#include <unistd.h>
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-
typedef void* (*thread_func)(void* args);
#define STACK_CHECK_VAL 0x01
@@ -557,7 +559,8 @@ int StackSizeHWMReset(void)
_ret = StackSizeHWMReset(); \
if ((max >= 0) && (HWM > (ssize_t)(max))) { \
wc_mem_printf( \
- " relative stack usage at %s L%d exceeds designated max %ld bytes.\n", \
+ " relative stack usage at %s L%d exceeds designated " \
+ "max %ld bytes.\n", \
__FILE__, __LINE__, (long int)(max)); \
_ret = -1; \
} \
@@ -720,7 +723,8 @@ static WC_INLINE int StackSizeCheck_launch(struct func_args* args,
return 0;
}
-static WC_INLINE int StackSizeCheck_reap(pthread_t threadId, void *stack_context)
+static WC_INLINE int StackSizeCheck_reap(pthread_t threadId,
+ void *stack_context)
{
struct stack_size_debug_context *shim_args =
(struct stack_size_debug_context *)stack_context;
@@ -755,7 +759,6 @@ static WC_INLINE int StackSizeCheck_reap(pthread_t threadId, void *stack_context
return (int)((size_t)status);
}
-
#endif /* HAVE_STACK_SIZE */
@@ -799,13 +802,13 @@ static WC_INLINE void StackTrap(void)
#define STACK_SIZE_CHECKPOINT(...) (__VA_ARGS__)
#endif
#ifndef STACK_SIZE_CHECKPOINT_MSG
-#define STACK_SIZE_CHECKPOINT_MSG(msg)
+#define STACK_SIZE_CHECKPOINT_MSG(msg) WC_DO_NOTHING
#endif
#ifndef STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK
#define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) (__VA_ARGS__, 0)
#endif
#ifndef STACK_SIZE_INIT
-#define STACK_SIZE_INIT()
+#define STACK_SIZE_INIT() WC_DO_NOTHING
#endif
#endif /* WOLFSSL_MEM_TRACK_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h
index 15978b83..cf832731 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h
@@ -251,9 +251,189 @@ WOLFSSL_LOCAL void wc_MemZero_Add(const char* name, const void* addr,
WOLFSSL_LOCAL void wc_MemZero_Check(void* addr, size_t len);
#endif
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleInit(void **CipherLifecycleTag,
+ void *heap);
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleCheck(void *CipherLifecycleTag,
+ int abort_p);
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
+ void *heap, int abort_p);
+#else
+#define wc_debug_CipherLifecycleInit(CipherLifecycleTag, heap) \
+ ((void)(CipherLifecycleTag), (void)(heap), 0)
+#define wc_debug_CipherLifecycleCheck(CipherLifecycleTag, abort_p) \
+ ((void)(CipherLifecycleTag), (void)(abort_p), 0)
+#define wc_debug_CipherLifecycleFree(CipherLifecycleTag, heap, abort_p) \
+ ((void)(CipherLifecycleTag), (void)(heap), (void)(abort_p), 0)
+#endif
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS
+ WOLFSSL_API extern THREAD_LS_T int wc_svr_count;
+ WOLFSSL_API extern THREAD_LS_T const char *wc_svr_last_file;
+ WOLFSSL_API extern THREAD_LS_T int wc_svr_last_line;
+
+ #ifdef DEBUG_VECTOR_REGISTERS_ABORT_ON_FAIL
+ #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE abort();
+ #elif defined(DEBUG_VECTOR_REGISTERS_EXIT_ON_FAIL)
+ #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE exit(1);
+ #else
+ #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE
+ #endif
+
+ #define SAVE_VECTOR_REGISTERS(fail_clause) { \
+ int _svr_ret = wc_debug_vector_registers_retval; \
+ if (_svr_ret != 0) { fail_clause } \
+ ++wc_svr_count; \
+ if (wc_svr_count > 5) { \
+ fprintf(stderr, \
+ ("%s @ L%d : incr : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ } \
+ wc_svr_last_file = __FILE__; \
+ wc_svr_last_line = __LINE__; \
+ }
+
+ WOLFSSL_API extern THREAD_LS_T int wc_debug_vector_registers_retval;
+
+#ifndef WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL
+#define WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL 0
+#endif
+#define WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(x) do { \
+ if (((x) != 0) && (wc_svr_count > 0)) { \
+ fprintf(stderr, \
+ ("%s @ L%d : incr : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ } \
+ wc_debug_vector_registers_retval = (x); \
+ } while (0)
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
+ #ifndef WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED
+ #define WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED 0
+ #endif
+ WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void);
+
+ #define SAVE_VECTOR_REGISTERS2(...) ({ \
+ int _svr2_val = SAVE_VECTOR_REGISTERS2_fuzzer(); \
+ if (_svr2_val == 0) { \
+ ++wc_svr_count; \
+ if (wc_svr_count > 5) { \
+ fprintf(stderr, \
+ ("%s @ L%d : incr : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ } \
+ wc_svr_last_file = __FILE__; \
+ wc_svr_last_line = __LINE__; \
+ _svr2_val = 0; \
+ } \
+ _svr2_val; \
+ })
+
+#else
+
+ #define SAVE_VECTOR_REGISTERS2(...) ({ \
+ int _svr2_val; \
+ if (wc_debug_vector_registers_retval != 0) { \
+ if (wc_svr_count > 0) { \
+ fprintf(stderr, \
+ ("%s @ L%d : incr : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ } \
+ _svr2_val = wc_debug_vector_registers_retval; \
+ } else { \
+ ++wc_svr_count; \
+ if (wc_svr_count > 5) { \
+ fprintf(stderr, \
+ ("%s @ L%d : incr : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ } \
+ wc_svr_last_file = __FILE__; \
+ wc_svr_last_line = __LINE__; \
+ _svr2_val = 0; \
+ } \
+ _svr2_val; \
+ })
+
+#endif
+
+ #define ASSERT_SAVED_VECTOR_REGISTERS(fail_clause) do { \
+ if (wc_svr_count <= 0) { \
+ fprintf(stderr, \
+ ("ASSERT_SAVED_VECTOR_REGISTERS : %s @ L%d : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ { fail_clause } \
+ } \
+ } while (0)
+ #define ASSERT_RESTORED_VECTOR_REGISTERS(fail_clause) do { \
+ if (wc_svr_count != 0) { \
+ fprintf(stderr, \
+ ("ASSERT_RESTORED_VECTOR_REGISTERS : %s @ L%d" \
+ " : wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ { fail_clause } \
+ } \
+ } while (0)
+ #define RESTORE_VECTOR_REGISTERS(...) do { \
+ --wc_svr_count; \
+ if ((wc_svr_count > 4) || (wc_svr_count < 0)) { \
+ fprintf(stderr, \
+ ("%s @ L%d : decr : " \
+ "wc_svr_count %d (last op %s L%d)\n"), \
+ __FILE__, \
+ __LINE__, \
+ wc_svr_count, \
+ wc_svr_last_file, \
+ wc_svr_last_line); \
+ DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
+ } \
+ wc_svr_last_file = __FILE__; \
+ wc_svr_last_line = __LINE__; \
+ } while(0)
+#endif
+
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_MEMORY_H */
-
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h
index e433a1a3..8901733f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h
@@ -102,12 +102,13 @@ void ByteReverseWords64(word64* out, const word64* in, word32 byteCount);
void c32to24(word32 in, word24 out);
-void c16toa(word16 u16, byte* c);
-void c32toa(word32 u32, byte* c);
-void c24to32(const word24 u24, word32* u32);
-void ato16(const byte* c, word16* u16);
-void ato24(const byte* c, word32* u24);
-void ato32(const byte* c, word32* u32);
+void c16toa(word16 wc_u16, byte* c);
+void c32toa(word32 wc_u32, byte* c);
+void c24to32(const word24 wc_u24, word32* wc_u32);
+void ato16(const byte* c, word16* wc_u16);
+void ato24(const byte* c, word32* wc_u24);
+void ato32(const byte* c, word32* wc_u32);
+void ato32le(const byte* c, word32* wc_u32);
word32 btoi(byte b);
WOLFSSL_LOCAL signed char HexCharToByte(char ch);
@@ -156,6 +157,26 @@ WOLFSSL_LOCAL void w64Zero(w64wrapper *a);
#define WC_MISC_STATIC static
+/* Declarations for user defined functions */
+#ifdef WOLFSSL_NO_FORCE_ZERO
+void ForceZero(void* mem, word32 len);
+#endif
+#ifdef WOLFSSL_NO_CONST_CMP
+int ConstantCompare(const byte* a, const byte* b, int length);
+#endif
+#ifdef WOLFSSL_NO_INT_ENCODE
+void c32to24(word32 in, word24 out);
+void c16toa(word16 wc_u16, byte* c);
+void c32toa(word32 wc_u32, byte* c);
+#endif
+#ifdef WOLFSSL_NO_INT_DECODE
+void c24to32(const word24 wc_u24, word32* wc_u32);
+void ato24(const byte* c, word32* wc_u24);
+void ato16(const byte* c, word16* wc_u16);
+void ato32(const byte* c, word32* wc_u32);
+void ato32le(const byte* c, word32* wc_u32);
+word32 btoi(byte b);
+#endif
#endif /* NO_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h
index 8f28fdba..1e2733c8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h
@@ -341,6 +341,7 @@ struct PKCS7 {
byte* cachedEncryptedContent;
word32 cachedEncryptedContentSz;
word16 contentCRLF:1; /* have content line endings been converted to CRLF */
+ word16 contentIsPkcs7Type:1; /* eContent follows PKCS#7 RFC not CMS */
/* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */
};
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
index 4f61000a..f8d88ef8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
@@ -22,108 +22,580 @@
#define __ESP32_CRYPT_H__
-#include "wolfssl/wolfcrypt/settings.h"
-#include <wolfssl/wolfcrypt/types.h> /* for MATH_INT_T */
+/* WOLFSSL_USER_SETTINGS must be defined, typically in the CMakeLists.txt:
+ *
+ * set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS") */
+#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
+
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+
+#ifndef WOLFSSL_USER_SETTINGS
+ #error "WOLFSSL_USER_SETTINGS must be defined for Espressif targts"
+#endif
-#include "esp_idf_version.h"
-#include "esp_types.h"
-#include "esp_log.h"
+#include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/types.h> /* for MATH_INT_T */
+
+/* Espressif */
+#include <esp_idf_version.h>
+#include <esp_types.h>
+#include <esp_log.h>
+
+/* exit codes to be used in tfm.c, sp_int.c, integer.c, etc.
+ *
+ * see wolfssl/wolfcrypt/error-crypt.h
+ *
+ * WC_HW_E - generic hardware failure. Consider falling back to SW.
+ * WC_HW_WAIT_E - waited too long for HW, fall back to SW
+ */
+
+/* Exit codes only used in Espressif port: */
+enum {
+ ESP_MP_HW_FALLBACK = (WC_LAST_E - 2),
+ ESP_MP_HW_VALIDATION_ACTIVE = (WC_LAST_E - 3)
+};
+
+/* MP_HW_FALLBACK: signal to caller to fall back to SW for math:
+ * algorithm not supported in SW
+ * known state needing only SW, (e.g. ctx copy)
+ * any other reason to force SW (was -108)*/
+#define MP_HW_FALLBACK ESP_MP_HW_FALLBACK
+
+/* MP_HW_VALIDATION_ACTIVE this is informative only:
+ * typically also means "MP_HW_FALLBACK": fall back to SW.
+ * optional HW validation active, so compute in SW to compare.
+ * fall back to SW, typically only used during debugging. (was -109)
+ */
+#define MP_HW_VALIDATION_ACTIVE ESP_MP_HW_VALIDATION_ACTIVE
+
+/*
+*******************************************************************************
+*******************************************************************************
+** Global Settings:
+**
+** Settings that start with "CONFIG_" are typically defined in sdkconfig.h
+**
+** Primary Settings:
+**
+** WC_NO_HARDEN
+** Disables some timing resistance / side-channel attack prevention.
+**
+** NO_ESPIDF_DEFAULT
+** When defined, disables some default definitions. See wolfcrypt/settings.h
+**
+** NO_ESP32_CRYPT
+** When defined, disables all hardware acceleration on the ESP32
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH
+** Used to disabled only hash hardware, all algorithms: SHA2, etc.
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
+** When defined, disables only SHA hardware acceleration, uses SW.
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+** When defined, disables only SHA-224 hardware acceleration, uses SW.
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+** When defined, disables only SHA-384 hardware acceleration, uses SW.
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
+** When defined, disables only SHA-256 hardware acceleration, uses SW.
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+** When defined, disables only SHA-512 hardware acceleration, uses SW.
+**
+** WOLFSSL_NOSHA512_224
+** Define to disable SHA-512/224
+**
+** WOLFSSL_NOSHA512_256
+** Define to disable SHA-512/512
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI
+** Defined in wolfSSL settings.h: this turns on or off esp32_mp math library.
+** Unless turned off, this is enabled by default for the ESP32
+**
+** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+** Turns off hardware acceleration esp_mp_mul()
+**
+** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+** Turns off hardware acceleration esp_mp_exptmod()
+**
+** NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+** Turns off hardware acceleration esp_mp_mulmod()
+**
+** NO_WOLFSSL_ESP32_CRYPT_AES
+** Used to disable only AES hardware algorithms. Software used instead.
+**
+*******************************************************************************
+** Math library settings: TFM
+*******************************************************************************
+** Listed in increasing order of complexity:
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+** When defined, use hardware acceleration esp_mp_mul()
+** for Large Number Multiplication: Z = X * Y
+** Currently defined by default in tfm.c, see above to disable.
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+** When defined, use hardware acceleration esp_mp_exptmod()
+** for Large Number Modular Exponentiation Z = X^Y mod M
+** Currently defined by default in tfm.c, see above to disable.
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+** When defined, use hardware acceleration esp_mp_mulmod()
+** for Large Number Modular Multiplication: Z = X * Y mod M
+** Currently defined by default in tfm.c, see above to disable.
+**
+**
+*******************************************************************************
+** Optional Settings:
+*******************************************************************************
+**
+** WOLFSSL_HW_METRICS
+** Enables metric counters for calls to HW, success, fall back, oddities.
+**
+** WOLFSSL_HAS_METRICS
+** Indicates that we actually have metrics to show. Useful for old wolfSSL
+** libraries tested with newer examples, or when all HW turned off.
+**
+** DEBUG_WOLFSSL
+** Turns on development testing. Validates HW accelerated results to software
+** - Automatically turns on WOLFSSL_HW_METRICS
+**
+** DEBUG_WOLFSSL_SHA_MUTEX
+** Turns on diagnostic messages for SHA mutex. Note that given verbosity,
+** there may be TLS timing issues encountered. Use with caution.
+**
+** LOG_LOCAL_LEVEL
+** Debugging. Default value is ESP_LOG_DEBUG
+**
+** ESP_VERIFY_MEMBLOCK
+** Used to re-read data from registers in esp32_mp & verify written contents
+** actually match the source data.
+**
+** WOLFSSL_ESP32_CRYPT_DEBUG
+** When defined, enables hardware cryptography debugging.
+**
+** WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+** Shows a warning when mulm falls back for minimum number of bits.
+**
+** NO_HW_MATH_TEST
+** Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED.
+**
+** NO_ESP_MP_MUL_EVEN_ALT_CALC
+** Used during Z = X × Y mod M
+** By default, even moduli use a two step HW esp_mp_mul with SW mp_mod.
+** Enable this to instead fall back to pure software mp_mulmod.
+**
+** NO_RECOVER_SOFTWARE_CALC
+** When defined, will NOT recover software calculation result when not
+** matched with hardware. Useful only during development. Needs DEBUG_WOLFSSL
+**
+** ESP_PROHIBIT_SMALL_X
+** When set to 1 X operands less than 8 bits will fall back to SW.
+**
+** ESP_NO_ERRATA_MITIGATION
+** Disable all errata mitigation code.
+**
+** USE_ESP_DPORT_ACCESS_READ_BUFFER
+** Sets ESP_NO_ERRATA_MITIGATION and uses esp_dport_access_read_buffer()
+**
+** ESP_MONITOR_HW_TASK_LOCK
+** Although wolfSSL is in general not fully thread safe, this option
+** enables some features that can be useful in a multi-threaded environment.
+**
+*******************************************************************************
+** Settings used from <esp_idf_version.h>
+** see .\esp-idf\v[N]\components\esp_common\include
+*******************************************************************************
+**
+** ESP_IDF_VERSION_MAJOR
+** Espressif ESP-IDF Version (e.g. 4, 5)
+**
+*******************************************************************************
+** Settings used from ESP-IDF (sdkconfig.h)
+*******************************************************************************
+**
+** CONFIG_IDF_TARGET_[SoC]
+** CONFIG_IDF_TARGET_ESP32
+** CONFIG_IDF_TARGET_ESP32C2
+** CONFIG_IDF_TARGET_ESP32C3
+** CONFIG_IDF_TARGET_ESP32C6
+** CONFIG_IDF_TARGET_ESP32S2
+** CONFIG_IDF_TARGET_ESP32S3
+** CONFIG_IDF_TARGET_ESP32H2
+**
+]*******************************************************************************
+** Informative settings. Not meant to be edited:
+*******************************************************************************
+**
+** HW_MATH_ENABLED
+** Used to detect if any hardware math acceleration algorithms are used.
+** This is typically only used to flag wolfCrypt tests to run HW tests.
+** See NO_HW_MATH_TEST.
+**
+*******************************************************************************
+*/
+#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
#undef LOG_LOCAL_LEVEL
#define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
#else
#undef LOG_LOCAL_LEVEL
- #define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
+ #define LOG_LOCAL_LEVEL CONFIG_LOG_DEFAULT_LEVEL
#endif
#include <freertos/FreeRTOS.h>
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
- /* no includes for ESP32C3 at this time (no HW implemented yet) */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+ /* there's no SHA-224 HW on the ESP32 */
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
#include "soc/dport_reg.h"
- #include "soc/hwcrypto_reg.h"
+ #include <soc/hwcrypto_reg.h>
+
+ #if ESP_IDF_VERSION_MAJOR < 5
+ #include <soc/cpu.h>
+ #endif
+
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
- #include "esp_private/periph_ctrl.h"
+ #include <esp_private/periph_ctrl.h>
#else
- #include "driver/periph_ctrl.h"
+ #include <driver/periph_ctrl.h>
#endif
-#else
- #include "soc/dport_reg.h"
- #include "soc/hwcrypto_reg.h"
+
+ #if ESP_IDF_VERSION_MAJOR >= 4
+ #include <esp32/rom/ets_sys.h>
+ #else
+ #include <rom/ets_sys.h>
+ #endif
+ #define ESP_PROHIBIT_SMALL_X FALSE
+ /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+ * single QFN 4x4 mm package. Out of released documentation, Technical
+ * Reference Manual as well as ESP-IDF Programming Guide is applicable
+ * to both ESP32-C2 and ESP8684.
+ *
+ * Note there is not currently an expected CONFIG_IDF_TARGET_ESP8684.
+ * The ESP8684 is detected with CONFIG_IDF_TARGET_ESP32C2.
+ * The macro is included for clarity, and possible future rename. */
+
+ /* #define NO_ESP32_CRYPT */
+ /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+ #define NO_WOLFSSL_ESP32_CRYPT_AES /* No AES HW */
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* No RSA HW*/
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL /* No RSA, so no mp_mul */
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD /* No RSA, so no mp_mulmod */
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD /* No RSA, no mp_exptmod */
+
+ #include <soc/dport_access.h>
+ #include <soc/hwcrypto_reg.h>
#if ESP_IDF_VERSION_MAJOR < 5
- #include "soc/cpu.h"
+ #include <soc/cpu.h>
#endif
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
- #include "esp_private/periph_ctrl.h"
+ #include <esp_private/periph_ctrl.h>
#else
- #include "driver/periph_ctrl.h"
+ #include <driver/periph_ctrl.h>
#endif
#if ESP_IDF_VERSION_MAJOR >= 4
- #include <esp32/rom/ets_sys.h>
+ /* #include <esp32/rom/ets_sys.h> */
#else
#include <rom/ets_sys.h>
#endif
+/* If for some reason there's a desire to disable specific HW on the C2: */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C2 */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C2 */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C2 */
+
+ /* Code will fall back to SW with warning if these are removed:
+ * Note there is no SHA384/SHA512 HW on ESP32-C3 */
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ /***** END CONFIG_IDF_TARGET_ESP32C2 aka CONFIG_IDF_TARGET_ESP8684 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ #include <soc/dport_access.h>
+ #include <soc/hwcrypto_reg.h>
+
+ #if ESP_IDF_VERSION_MAJOR < 5
+ #include <soc/cpu.h>
+ #endif
+
+ #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+ #include <esp_private/periph_ctrl.h>
+ #else
+ #include <driver/periph_ctrl.h>
+ #endif
+
+ #if ESP_IDF_VERSION_MAJOR >= 4
+ /* #include <esp32/rom/ets_sys.h> */
+ #else
+ #include <rom/ets_sys.h>
+ #endif
+
+/* If for some reason there's a desire to disable specific HW on the C3: */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there is SHA HW on C3 */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there is SHA224 HW on C3 */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there is SHA256 HW on C3 */
+
+ /* Code will fall back to SW with warning if these are removed:
+ * Note there is no SHA384/SHA512 HW on ESP32-C3 */
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ #include <soc/dport_access.h>
+ #include <soc/hwcrypto_reg.h>
+
+ #if ESP_IDF_VERSION_MAJOR < 5
+ #include <soc/cpu.h>
+ #endif
+
+ #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+ #include <esp_private/periph_ctrl.h>
+ #else
+ #include <driver/periph_ctrl.h>
+ #endif
+
+ #if ESP_IDF_VERSION_MAJOR >= 4
+ /* #include <esp32/rom/ets_sys.h> */
+ #else
+ #include <rom/ets_sys.h>
+ #endif
+
+/* If for some reason there's a desire to disable specific SHA HW on the C6: */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA there *is* SHA HW on C6 */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 there *is* SHA224 HW on C6 */
+/* #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 */
+/* #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256 there *is* SHA225 HW on C6 */
+
+ /* Code will fall back to SW with warning if these are removed:
+ * note there is no SHA384/SHA512 HW on C6 */
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ #include "soc/dport_reg.h"
+ #include <soc/hwcrypto_reg.h>
+ #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+ #include <esp_private/periph_ctrl.h>
+ #else
+ #include <driver/periph_ctrl.h>
+ #endif
+ #define ESP_PROHIBIT_SMALL_X 0
+ /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ #include "soc/dport_reg.h"
+ #include <soc/hwcrypto_reg.h>
+ #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+ #include <esp_private/periph_ctrl.h>
+ #else
+ #include <driver/periph_ctrl.h>
+ #endif
+ #define ESP_PROHIBIT_SMALL_X 0
+
+#else
+ /* not yet supported. no HW */
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+ #undef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+ /***** END CONFIG_IDF_TARGET_[x] config unknown *****/
+
+#endif /* CONFIG_IDF_TARGET target check */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \
+ defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \
+ defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+ #warning "MP_MUL, MULMOD, EXPTMOD all turned off. " && \
+ "Define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI to disable all math HW"
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #endif
+#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+
+#if defined(USE_ESP_DPORT_ACCESS_READ_BUFFER)
+ #define ESP_NO_ERRATA_MITIGATION
#endif
+#ifdef SINGLE_THREADED
+ #undef ESP_MONITOR_HW_TASK_LOCK
+#else
+ /* Unless explicitly disabled, monitor task lock when not single thread. */
+ #ifndef ESP_DISABLE_HW_TASK_LOCK
+ #define ESP_MONITOR_HW_TASK_LOCK
+ #endif
+#endif
#ifdef __cplusplus
- extern "C" {
+extern "C"
+{
#endif
-int esp_ShowExtendedSystemInfo(void);
+/*
+******************************************************************************
+** Some common esp utilities
+******************************************************************************
+*/
-int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
-int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBloxkTime);
-int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
+ WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo(void);
-#ifndef NO_AES
+ /* Compare MATH_INT_T A to MATH_INT_T B
+ * During debug, the strings name_A and name_B can help
+ * identify variable name. */
+ WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A,
+ char* name_B, MATH_INT_T* B);
+
+ /* Show MATH_INT_T value attributes. */
+ WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X);
+
+ /* Show MATH_INT_T value.
+ *
+ * Calls esp_show_mp_attributes().
+ *
+ * During debug, the string name_A can help
+ * identify variable name. */
+ WOLFSSL_LOCAL int esp_show_mp(char* name_X, MATH_INT_T* X);
+
+ /* To use a Mutex, it must first be initialized. */
+ WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
+
+ /* Take the mutex to indicate the HW is in use. Wait up to [block_time].
+ * When the HW in use the mutex will be locked. */
+ WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex,
+ TickType_t block_time);
+ /* Release the mutex to indicate the HW is no longer in use. */
+ WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
+
+ /* Validation active check. When active, we'll fall back to SW. */
+ WOLFSSL_LOCAL int esp_hw_validation_active(void);
+
+/*
+*******************************************************************************
+** AES features:
+*******************************************************************************
+*/
+
+#ifndef NO_AES
#if ESP_IDF_VERSION_MAJOR >= 4
#include "esp32/rom/aes.h"
#else
#include "rom/aes.h"
#endif
- typedef enum tagES32_AES_PROCESS {
- ESP32_AES_LOCKHW = 1,
+ typedef enum tagES32_AES_PROCESS /* TODO what's this ? */
+ {
+ ESP32_AES_LOCKHW = 1,
ESP32_AES_UPDATEKEY_ENCRYPT = 2,
ESP32_AES_UPDATEKEY_DECRYPT = 3,
ESP32_AES_UNLOCKHW = 4
} ESP32_AESPROCESS;
struct Aes; /* see aes.h */
- int wc_esp32AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz);
- int wc_esp32AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz);
- int wc_esp32AesEncrypt(struct Aes *aes, const byte* in, byte* out);
- int wc_esp32AesDecrypt(struct Aes *aes, const byte* in, byte* out);
-
+#if defined(WOLFSSL_HW_METRICS)
+ WOLFSSL_LOCAL int esp_hw_show_aes_metrics(void);
+ WOLFSSL_LOCAL int wc_esp32AesUnupportedLengthCountAdd(void);
#endif
-
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+ WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen);
+ WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes);
+
+ WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(struct Aes* aes,
+ byte* out,
+ const byte* in,
+ word32 sz);
+ WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(struct Aes* aes,
+ byte* out,
+ const byte* in,
+ word32 sz);
+ WOLFSSL_LOCAL int wc_esp32AesEncrypt( struct Aes* aes,
+ const byte* in,
+ byte* out);
+ WOLFSSL_LOCAL int wc_esp32AesDecrypt( struct Aes* aes,
+ const byte* in,
+ byte* out);
+#endif /* ! NO_AES */
+
+#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
void wc_esp32TimerStart(void);
- uint64_t wc_esp32elapsedTime(void);
+ uint64_t wc_esp32elapsedTime(void);
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
+#endif /* WOLFSSL_ESP32_CRYPT_DEBUG */
-#if !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) && \
+/*
+*******************************************************************************
+** Cryptographic hash algorithms (e.g. SHA[x]):
+*******************************************************************************
+*/
+
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
(!defined(NO_SHA) || !defined(NO_SHA256) || \
defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) \
)
- /* RAW hash function APIs are not implemented with esp32 hardware acceleration*/
- #define WOLFSSL_NO_HASH_RAW
#define SHA_CTX ETS_SHAContext
#if ESP_IDF_VERSION_MAJOR >= 4
- #include "esp32/rom/sha.h"
- #elif defined(CONFIG_IDF_TARGET_ESP32S3)
- #include "esp32s3/rom/sha.h"
+ #if defined(CONFIG_IDF_TARGET_ESP32)
+ #include "esp32/rom/sha.h"
+ #define WC_ESP_SHA_TYPE enum SHA_TYPE
+ #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP8684)
+ #include "esp32c2/rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #elif defined(CONFIG_IDF_TARGET_ESP32C3)
+ #include "esp32c3/rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #elif defined(CONFIG_IDF_TARGET_ESP32C6)
+ #include "esp32c6/rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+ #include "esp32h2/rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #elif defined(CONFIG_IDF_TARGET_ESP32S2)
+ #include "esp32s2/rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #elif defined(CONFIG_IDF_TARGET_ESP32S3)
+ #include "esp32s3/rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #else
+ #include "rom/sha.h"
+ #define WC_ESP_SHA_TYPE SHA_TYPE
+ #endif
#else
#include "rom/sha.h"
#endif
@@ -136,6 +608,7 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
ESP32_SHA_HW = 1,
ESP32_SHA_SW = 2,
ESP32_SHA_HW_COPY = 3,
+ ESP32_SHA_FREED = 4,
ESP32_SHA_FAIL_NEED_UNROLL = -1
} ESP32_MODE;
@@ -143,6 +616,9 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
{
/* pointer to object the initialized HW; to track copies */
void* initializer;
+#ifndef SINGLE_THREADED
+ void* task_owner;
+#endif
/* an ESP32_MODE value; typically:
** 0 init,
@@ -154,56 +630,86 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
**
** the Espressif type: SHA1, SHA256, etc.
*/
- enum SHA_TYPE sha_type;
+
+ WC_ESP_SHA_TYPE sha_type;
/* we'll keep track of our own locks.
** actual enable/disable only occurs for ref_counts[periph] == 0
**
** see ref_counts[periph] in periph_ctrl.c */
- byte lockDepth:7; /* 7 bits for a small number, pack with below. */
+ byte lockDepth : 7; /* 7 bits for a small number, pack with below. */
/* 0 (false) this is NOT first block.
** 1 (true ) this is first block. */
- byte isfirstblock:1; /* 1 bit only for true / false */
+ byte isfirstblock : 1; /* 1 bit only for true / false */
} WC_ESP32SHA;
- int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type);
- int esp_sha_init_ctx(WC_ESP32SHA* ctx);
- int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
- int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
+ WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
+ WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx,
+ enum wc_HashType hash_type);
+ WOLFSSL_LOCAL int esp_sha_init_ctx(WC_ESP32SHA* ctx);
+ WOLFSSL_LOCAL int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
+ WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
+
+ /* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */
+ WOLFSSL_LOCAL int esp_sha_hw_islocked(WC_ESP32SHA* ctx);
+ WOLFSSL_LOCAL int esp_sha_call_count();
+ WOLFSSL_LOCAL int esp_sha_lock_count();
+ WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx);
+ WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx);
struct wc_Sha;
- int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
- int esp_sha_digest_process(struct wc_Sha* sha, byte blockprocess);
- int esp_sha_process(struct wc_Sha* sha, const byte* data);
+ WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
+ WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha,
+ byte blockprocess);
+ WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
+
+#ifdef WOLFSSL_DEBUG_MUTEX
+ /* testing HW release in task that did not lock */
+ extern WC_ESP32SHA* stray_ctx;
+#endif
- #ifndef NO_SHA256
- struct wc_Sha256;
- int esp_sha224_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst);
- int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst);
- int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockprocess);
- int esp_sha256_process(struct wc_Sha256* sha, const byte* data);
- int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256, const byte* data);
- #endif
+#ifndef NO_SHA256
+ struct wc_Sha256;
+ WOLFSSL_LOCAL int esp_sha224_ctx_copy(struct wc_Sha256* src,
+ struct wc_Sha256* dst);
+ WOLFSSL_LOCAL int esp_sha256_ctx_copy(struct wc_Sha256* src,
+ struct wc_Sha256* dst);
+ WOLFSSL_LOCAL int esp_sha256_digest_process(struct wc_Sha256* sha,
+ byte blockprocess);
+ WOLFSSL_LOCAL int esp_sha256_process(struct wc_Sha256* sha,
+ const byte* data);
+ WOLFSSL_LOCAL int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256,
+ const byte* data);
+#endif
- /* TODO do we really call esp_sha512_process for WOLFSSL_SHA384 ? */
#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
- struct wc_Sha512;
- int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst);
- int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst);
- int esp_sha512_process(struct wc_Sha512* sha);
- int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc);
- #endif
+ struct wc_Sha512;
+ WOLFSSL_LOCAL int esp_sha384_ctx_copy(struct wc_Sha512* src,
+ struct wc_Sha512* dst);
+ WOLFSSL_LOCAL int esp_sha512_ctx_copy(struct wc_Sha512* src,
+ struct wc_Sha512* dst);
+ WOLFSSL_LOCAL int esp_sha512_process(struct wc_Sha512* sha);
+ WOLFSSL_LOCAL int esp_sha512_digest_process(struct wc_Sha512* sha,
+ byte blockproc);
+#endif
-#endif /* NO_SHA && */
+#endif /* NO_SHA && etc */
+/*
+*******************************************************************************
+** RSA Big Math
+*******************************************************************************
+*/
+
#if !defined(NO_RSA) || defined(HAVE_ECC)
#if !defined(ESP_RSA_TIMEOUT_CNT)
#define ESP_RSA_TIMEOUT_CNT 0x249F00
#endif
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
/*
* The parameter names in the Espressif implementation are arbitrary.
*
@@ -214,29 +720,143 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
/* Z = (X ^ Y) mod M : Espressif generic notation */
/* Y = (G ^ X) mod P : wolfSSL DH reference notation */
- int esp_mp_exptmod(MATH_INT_T* X, /* G */
- MATH_INT_T* Y, /* X */
- word32 Xbits, /* Ys typically = mp_count_bits (X) */
- MATH_INT_T* M, /* P */
- MATH_INT_T* Z); /* Y */
-
- /* Z = X * Y */
- int esp_mp_mul(MATH_INT_T* X,
- MATH_INT_T* Y,
- MATH_INT_T* Z);
+ WOLFSSL_LOCAL int esp_mp_exptmod(MATH_INT_T* X, /* G */
+ MATH_INT_T* Y, /* X */
+ MATH_INT_T* M, /* P */
+ MATH_INT_T* Z); /* Y */
+ /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
+ #undef HW_MATH_ENABLED
+ #define HW_MATH_ENABLED
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+ /* Z = X * Y */
+ WOLFSSL_LOCAL int esp_mp_mul(MATH_INT_T* X,
+ MATH_INT_T* Y,
+ MATH_INT_T* Z);
+ /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
+ #undef HW_MATH_ENABLED
+ #define HW_MATH_ENABLED
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
/* Z = X * Y (mod M) */
- int esp_mp_mulmod(MATH_INT_T* X,
- MATH_INT_T* Y,
- MATH_INT_T* M,
- MATH_INT_T* Z);
+ WOLFSSL_LOCAL int esp_mp_mulmod(MATH_INT_T* X,
+ MATH_INT_T* Y,
+ MATH_INT_T* M,
+ MATH_INT_T* Z);
+ /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
+ #undef HW_MATH_ENABLED
+ #define HW_MATH_ENABLED
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
#endif /* !NO_RSA || HAVE_ECC*/
+
+/* Optionally enable some metrics to count interesting usage */
+/*
+*******************************************************************************
+** Usage metrics
+*******************************************************************************
+*/
+#ifdef WOLFSSL_HW_METRICS
+ #define WOLFSSL_HAS_METRICS
+
+ /* Allow sha256 code to keep track of SW fallback during active HW */
+ WOLFSSL_LOCAL int esp_sw_sha256_count_add();
+
+ /* show MP HW Metrics*/
+ WOLFSSL_LOCAL int esp_hw_show_mp_metrics(void);
+
+ /* show SHA HW Metrics*/
+ WOLFSSL_LOCAL int esp_hw_show_sha_metrics(void);
+
+ /* show all HW Metrics*/
+ WOLFSSL_LOCAL int esp_hw_show_metrics(void);
+#endif
+
+/*
+ * Errata Mitigation. See
+ * https://www.espressif.com/sites/default/files/documentation/esp32_errata_en.pdf
+ * https://www.espressif.com/sites/default/files/documentation/esp32-c3_errata_en.pdf
+ * https://www.espressif.com/sites/default/files/documentation/esp32-s3_errata_en.pdf
+ */
+#define ESP_MP_HW_LOCK_MAX_DELAY ( TickType_t ) 0xffUL
+
+#if defined(CONFIG_IDF_TARGET_ESP32) && !defined(ESP_NO_ERRATA_MITIGATION)
+ /* some of these may be tuned for specific silicon versions */
+ #define ESP_EM__MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
+ #define ESP_EM__MP_HW_WAIT_DONE {__asm__ __volatile__("memw");}
+ #define ESP_EM__POST_SP_MP_HW_LOCK {__asm__ __volatile__("memw");}
+ #define ESP_EM__PRE_MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
+ #define ESP_EM__PRE_DPORT_READ {__asm__ __volatile__("memw");}
+ #define ESP_EM__PRE_DPORT_WRITE {__asm__ __volatile__("memw");}
+
+ /* Non-FIFO read may not be needed in chip revision v3.0. */
+ #define ESP_EM__READ_NON_FIFO_REG {DPORT_SEQUENCE_REG_READ(0x3FF40078);}
+
+ /* When the CPU frequency is 160 MHz, add six �nop� between two consecutive
+ ** FIFO reads. When the CPU frequency is 240 MHz, add seven �nop� between
+ ** two consecutive FIFO reads. See 3.16 */
+ #if defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80)
+ #define ESP_EM__3_16 { \
+ __asm__ __volatile__("memw"); \
+ __asm__ __volatile__("nop"); /* 1 */ \
+ __asm__ __volatile__("nop"); /* 2 */ \
+ __asm__ __volatile__("nop"); /* 3 */ \
+ __asm__ __volatile__("nop"); /* 4 */ \
+ __asm__ __volatile__("nop"); /* 5 */ \
+ };
+ #elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160)
+ #define ESP_EM__3_16 { \
+ __asm__ __volatile__("memw"); \
+ __asm__ __volatile__("nop"); /* 1 */ \
+ __asm__ __volatile__("nop"); /* 2 */ \
+ __asm__ __volatile__("nop"); /* 3 */ \
+ __asm__ __volatile__("nop"); /* 4 */ \
+ __asm__ __volatile__("nop"); /* 5 */ \
+ __asm__ __volatile__("nop"); /* 6 */ \
+ __asm__ __volatile__("nop"); /* 7 */ \
+ __asm__ __volatile__("nop"); /* 8 */ \
+ };
+ #elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240)
+ #define ESP_EM__3_16 { \
+ __asm__ __volatile__("memw"); \
+ __asm__ __volatile__("nop"); /* 1 */ \
+ __asm__ __volatile__("nop"); /* 2 */ \
+ __asm__ __volatile__("nop"); /* 3 */ \
+ __asm__ __volatile__("nop"); /* 4 */ \
+ __asm__ __volatile__("nop"); /* 5 */ \
+ __asm__ __volatile__("nop"); /* 6 */ \
+ __asm__ __volatile__("nop"); /* 7 */ \
+ __asm__ __volatile__("nop"); /* 8 */ \
+ __asm__ __volatile__("nop"); /* 9 */ \
+ };
+ #else
+ #define ESP_EM__3_16 {};
+ #endif
+
+ #define ESP_EM__POST_PROCESS_START { ESP_EM__3_16 };
+ #define ESP_EM__DPORT_FIFO_READ { ESP_EM__3_16 };
+#else
+ #define ESP_EM__3_16 {};
+ #define ESP_EM__MP_HW_WAIT_CLEAN {};
+ #define ESP_EM__MP_HW_WAIT_DONE {};
+ #define ESP_EM__POST_SP_MP_HW_LOCK {};
+ #define ESP_EM__PRE_MP_HW_WAIT_CLEAN {};
+ #define ESP_EM__POST_PROCESS_START {};
+ #define ESP_EM__DPORT_FIFO_READ {};
+ #define ESP_EM__READ_NON_FIFO_REG {};
+ #define ESP_EM__PRE_DPORT_READ {};
+ #define ESP_EM__PRE_DPORT_WRITE {};
+#endif
+
/* end c++ wrapper */
#ifdef __cplusplus
}
#endif
+#endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
+
#endif /* __ESP32_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h
new file mode 100644
index 00000000..9671fafa
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h
@@ -0,0 +1,345 @@
+/* renesas-fspsm-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef __RENESAS_FSPSM_CRYPT_H__
+#define __RENESAS_FSPSM_CRYPT_H__
+
+
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE -1
+#define MAX_FSPSM_CBINDEX 5
+
+typedef void* FSPSM_W_KEYVAR;
+
+/* flsgas related to TLS */
+struct FSPSM_tls_flg_ST {
+ uint8_t pk_key_set:1;
+ uint8_t session_key_set:1;
+};
+
+/* flags Crypt Only */
+struct FSPSM_key_flg_ST {
+ uint8_t aes256_installedkey_set:1;
+ uint8_t aes128_installedkey_set:1;
+ uint8_t rsapri2048_installedkey_set:1;
+ uint8_t rsapub2048_installedkey_set:1;
+ uint8_t rsapri1024_installedkey_set:1;
+ uint8_t rsapub1024_installedkey_set:1;
+ uint8_t message_type:1;/*message 0, hashed 1*/
+};
+
+typedef struct FSPSM_tag_ST {
+ /* unique number for each session */
+ int devId;
+ #if defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+ !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ /* out from R_SCE_TLS_ServerKeyExchangeVerify */
+ uint32_t
+ encrypted_ephemeral_ecdh_public_key[FSPSM_TLS_ENCRYPTED_ECCPUBKEY_SZ];
+ /* out from R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate */
+ sce_tls_p256_ecc_wrapped_key_t ecc_p256_wrapped_key;
+ uint8_t ecc_ecdh_public_key[HW_SCE_ECC_PUBLIC_KEY_BYTE_SIZE];
+
+ uint32_t masterSecret[FSPSM_TLS_MASTERSECRET_SIZE/4];
+ uint8_t clientRandom[FSPSM_TLS_CLIENTRANDOM_SZ];
+ uint8_t serverRandom[FSPSM_TLS_SERVERRANDOM_SZ];
+ uint8_t cipher;
+
+ #endif
+
+ /* installed key handling */
+ /* aes */
+ FSPSM_W_KEYVAR wrapped_key_aes256;
+ FSPSM_W_KEYVAR wrapped_key_aes128;
+
+ #if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+ /* rsa */
+ FSPSM_W_KEYVAR wrapped_key_rsapri2048;
+ FSPSM_W_KEYVAR wrapped_key_rsapub2048;
+ FSPSM_W_KEYVAR wrapped_key_rsapri1024;
+ FSPSM_W_KEYVAR wrapped_key_rsapub1024;
+ #endif
+
+ #if defined(WOLFSSL_RENESAS_RSIP)
+ uint8_t hash_type;
+ #endif
+ /* key status flags */
+ /* flag whether encrypted ec key is set */
+ union {
+ uint8_t chr;
+ struct FSPSM_tls_flg_ST bits;
+ } keyflgs_tls;
+ /* key status flags */
+ /* flags shows status if wrapped keys are installed */
+ union {
+ uint8_t chr;
+ struct FSPSM_key_flg_ST bits;
+ } keyflgs_crypt;
+} FSPSM_ST;
+
+typedef struct tagPKCbInfo {
+ FSPSM_ST *user_PKCbInfo[MAX_FSPSM_CBINDEX];
+ uint32_t num_session;
+} FSPSM_ST_PKC;
+
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+typedef struct
+{
+ uint8_t *encrypted_provisioning_key;
+ uint8_t *iv;
+ uint8_t *encrypted_user_tls_key;
+ uint32_t encrypted_user_tls_key_type;
+ FSPSM_CACERT_PUB_WKEY user_rsa2048_tls_wrappedkey;
+} fspsm_key_data;
+#endif
+
+struct WOLFSSL;
+struct WOLFSSL_CTX;
+struct ecc_key;
+
+WOLFSSL_LOCAL int wc_fspsm_Open();
+WOLFSSL_LOCAL void wc_fspsm_Close();
+WOLFSSL_LOCAL int wc_fspsm_hw_lock();
+WOLFSSL_LOCAL void wc_fspsm_hw_unlock( void );
+WOLFSSL_LOCAL int wc_fspsm_usable(const struct WOLFSSL *ssl,
+ uint8_t session_key_generated);
+
+typedef struct {
+ FSPSM_AES_PWKEY wrapped_key;
+ word32 keySize;
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+ byte setup;
+#endif
+} FSPSM_AES_CTX;
+
+struct Aes;
+WOLFSSL_LOCAL void wc_fspsm_Aesfree(struct Aes* aes);
+WOLFSSL_LOCAL int wc_fspsm_AesCbcEncrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz);
+WOLFSSL_LOCAL int wc_fspsm_AesCbcDecrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz);
+
+WOLFSSL_LOCAL int wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ byte* iv, word32 ivSz,
+ byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz,
+ void* ctx);
+
+WOLFSSL_LOCAL int wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
+ const byte* in, word32 sz,
+ const byte* iv, word32 ivSz,
+ const byte* authTag, word32 authTagSz,
+ const byte* authIn, word32 authInSz,
+ void* ctx);
+
+#if (!defined(NO_SHA) || !defined(NO_SHA256) || defined(WOLFSSL_SH224) || \
+ defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+
+typedef enum {
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ FSPSM_SHA256 = 1,
+#elif defined(WOLFSSL_RENESAS_RSIP)
+ FSPSM_SHA1 = RSIP_HASH_TYPE_SHA1,
+ FSPSM_SHA224 = RSIP_HASH_TYPE_SHA224,
+ FSPSM_SHA256 = RSIP_HASH_TYPE_SHA256,
+ FSPSM_SHA384 = RSIP_HASH_TYPE_SHA384,
+ FSPSM_SHA512 = RSIP_HASH_TYPE_SHA512,
+ FSPSM_SHA512_224 = RSIP_HASH_TYPE_SHA512_224,
+ FSPSM_SHA512_256 = RSIP_HASH_TYPE_SHA512_256,
+#endif
+} FSPSM_SHA_TYPE;
+
+typedef struct {
+ void* heap;
+ word32 sha_type;
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+ word32 used;
+ word32 len;
+ byte* msg;
+#endif
+#if defined(WOLFSSL_RENESAS_RSIP)
+ FSPSM_SHA_HANDLE handle;
+#endif
+#if defined(WOLF_CRYPTO_CB)
+ word32 flags;
+ int devId;
+#endif
+} wolfssl_FSPSM_Hash;
+
+/* RAW hash function APIs are not implemented with SCE */
+#undef WOLFSSL_NO_HASH_RAW
+#define WOLFSSL_NO_HASH_RAW
+
+#if !defined(NO_SHA) && defined(WOLFSSL_RENESAS_RSIP)
+ typedef wolfssl_FSPSM_Hash wc_Sha;
+#endif
+
+#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_RENESAS_RSIP)
+ typedef wolfssl_FSPSM_Hash wc_Sha224;
+ #define WC_SHA224_TYPE_DEFINED
+#endif
+
+#if !defined(NO_SHA256) && \
+ (defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_RSIP))
+ typedef wolfssl_FSPSM_Hash wc_Sha256;
+#endif
+
+#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_RENESAS_RSIP)
+ typedef wolfssl_FSPSM_Hash wc_Sha384;
+ #define WC_SHA384_TYPE_DEFINED
+#endif
+
+#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_RENESAS_RSIP)
+ typedef wolfssl_FSPSM_Hash wc_Sha512;
+ typedef wolfssl_FSPSM_Hash wc_Sha512_224;
+ typedef wolfssl_FSPSM_Hash wc_Sha512_256;
+ #define WC_SHA512_TYPE_DEFINED
+#endif
+
+#endif /* NO_SHA */
+
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+ !defined(WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY)
+
+WOLFSSL_LOCAL int wc_fspsm_tls_RootCertVerify(
+ const uint8_t* cert, uint32_t cert_len,
+ uint32_t key_n_start, uint32_t key_n_len,
+ uint32_t key_e_start, uint32_t key_e_len,
+ uint32_t cm_row);
+
+WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
+ const uint8_t* cert, uint32_t certSz,
+ const uint8_t* signature, uint32_t sigSz,
+ uint32_t key_n_start, uint32_t key_n_len,
+ uint32_t key_e_start, uint32_t key_e_len,
+ uint8_t* sce_encRsaKeyIdx);
+
+
+WOLFSSL_LOCAL int wc_fspsm_generatePremasterSecret(
+ uint8_t* premaster,
+ uint32_t preSz);
+
+WOLFSSL_LOCAL int wc_fspsm_generateEncryptPreMasterSecret(
+ struct WOLFSSL* ssl,
+ uint8_t* out,
+ uint32_t* outSz);
+
+WOLFSSL_LOCAL int wc_fspsm_Sha256GenerateHmac(
+ const struct WOLFSSL *ssl,
+ const uint8_t* myInner,
+ uint32_t innerSz,
+ const uint8_t* in,
+ uint32_t sz,
+ uint8_t* digest);
+
+WOLFSSL_LOCAL int wc_fspsm_Sha256VerifyHmac(
+ const struct WOLFSSL *ssl,
+ const uint8_t* message,
+ uint32_t messageSz,
+ uint32_t macSz,
+ uint32_t content);
+
+WOLFSSL_LOCAL int wc_fspsm_storeKeyCtx(
+ struct WOLFSSL* ssl,
+ FSPSM_ST* info);
+
+WOLFSSL_LOCAL int wc_fspsm_generateVerifyData(
+ const uint8_t* ms, /* master secret */
+ const uint8_t* side,
+ const uint8_t* handshake_hash,
+ uint8_t* hashes /* out */);
+
+WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(
+ struct WOLFSSL* ssl,
+ FSPSM_ST* cbInfo,
+ int devId);
+
+WOLFSSL_LOCAL int wc_fspsm_generateMasterSecret(
+ uint8_t cipherSuiteFirst,
+ uint8_t cipherSuite,
+ const uint8_t *pr, /* pre-master */
+ const uint8_t *cr, /* client random */
+ const uint8_t *sr, /* server random */
+ uint8_t *ms);
+
+WOLFSSL_LOCAL int wc_fspsm_RsaVerifyTLS(struct WOLFSSL* ssl, byte* sig,
+ uint32_t sigSz, uint8_t** out,
+ const byte* key, uint32_t keySz, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(struct WOLFSSL* ssl,
+ const uint8_t* sig, uint32_t sigSz,
+ const uint8_t* hash, uint32_t hashSz,
+ const uint8_t* key, uint32_t keySz,
+ int* result, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_tls_CertVerify(
+ const uint8_t* cert, uint32_t certSz,
+ const uint8_t* signature, uint32_t sigSz,
+ uint32_t key_n_start,uint32_t key_n_len,
+ uint32_t key_e_start,uint32_t key_e_len,
+ uint8_t* fspsm_encPublickey);
+
+/* Callback for EccShareSecret */
+WOLFSSL_LOCAL int fspsm_EccSharedSecret(struct WOLFSSL* ssl,
+ struct ecc_key* otherKey,
+ uint8_t* pubKeyDer, unsigned int* pubKeySz,
+ uint8_t* out, unsigned int* outlen, int side, void* ctx);
+
+/* user API */
+WOLFSSL_API void FSPSM_INFORM_FUNC(
+ uint8_t* encrypted_provisioning_key,
+ uint8_t* iv,
+ uint8_t* encrypted_user_tls_key,
+ uint32_t encrypted_user_tls_key_type);
+
+WOLFSSL_API void FSPSM_CALLBACK_FUNC(struct WOLFSSL_CTX* ctx);
+WOLFSSL_API int FSPSM_CALLBACK_CTX_FUNC(struct WOLFSSL* ssl, void* user_ctx);
+WOLFSSL_API void FSPSM_INFORM_CERT_SIGN(const uint8_t *sign);
+
+
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS &&
+ * !WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY */
+
+typedef struct FSPSM_RSA_CTX {
+ FSPSM_RSA1024_WPI_KEY *wrapped_pri1024_key;
+ FSPSM_RSA1024_WPB_KEY *wrapped_pub1024_key;
+ FSPSM_RSA2048_WPI_KEY *wrapped_pri2048_key;
+ FSPSM_RSA2048_WPB_KEY *wrapped_pub2048_key;
+ word32 keySz;
+} FSPSM_RSA_CTX;
+
+/* rsa */
+struct RsaKey;
+struct WC_RNG;
+WOLFSSL_LOCAL void wc_fspsm_RsaKeyFree(struct RsaKey *key);
+WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
+ word32 *outLen, int type, struct RsaKey* key, struct WC_RNG* rng);
+WOLFSSL_LOCAL int wc_fspsm_MakeRsaKey(struct RsaKey* key, int size, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
+ word32* outLen, struct RsaKey* key, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
+ word32* outLen,struct RsaKey* key, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 size);
+#endif /* __RENESAS_FSPSM_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h
new file mode 100644
index 00000000..b110343f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h
@@ -0,0 +1,325 @@
+/* renesas-fsp-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef __RENESAS_FSP_CRYPT_H__
+#define __RENESAS_FSP_CRYPT_H__
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/logging.h>
+
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+
+ #include "r_sce.h"
+
+ #define FSPSM_W_KEYVAR renesas_sce_wrappedkey
+ #define FSPSM_tls_flg_ST sce_keyflgs_tls
+ #define FSPSM_key_flg_ST sce_keyflgs_cryt
+ #define FSPSM_tag_ST tagUser_SCEPKCbInfo
+ #define FSPSM_ST User_SCEPKCbInfo
+ #define FSPSM_ST_PKC SCE_PKCbInfo
+
+ /* map SCE API to macro */
+ #define FSPSM_INSTANCE sce_instance_ctrl_t
+ #define gFSPSM_ctrl sce_ctrl
+ #define FSPSM_CONFIG sce_cfg_t
+ #define gFSPSM_cfg sce_cfg
+ #define H_INSTANCE _handle
+ #define FSPSM_OPEN R_SCE_Open
+ #define FSPSM_CLOSE R_SCE_Close
+
+ /* rand generation func */
+ #define R_RANDOM_GEN(b) R_SCE_RandomNumberGenerate(b)
+
+ #define FSPSM_ROOTCA_RSA2048 \
+ R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall
+ #define FSPSM_TLS_SVRKEYExVfy R_SCE_TLS_ServerKeyExchangeVerify
+ #define FSPSM_TLS_ECCS256R1_KPG \
+ R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate
+ #define FSPSM_TLS_PREMASTERGEN \
+ R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1
+ /* hmac */
+ #define FSPSM_S256HMAC_GInt R_SCE_SHA256HMAC_GenerateInit
+ #define FSPSM_S256HMAC_GUp R_SCE_SHA256HMAC_GenerateUpdate
+ #define FSPSM_S256HMAC_GFnl R_SCE_SHA256HMAC_GenerateFinal
+ #define FSPSM_S256HMAC_VInt R_SCE_SHA256HMAC_VerifyInit
+ #define FSPSM_S256HMAC_VUp R_SCE_SHA256HMAC_VerifyUpdate
+ #define FSPSM_S256HMAC_VFnl R_SCE_SHA256HMAC_VerifyFinal
+ #define FSPSM_HMAC_HANDLE sce_hmac_sha_handle_t
+ #define FSPSM_HMAC_WKEY sce_hmac_sha_wrapped_key_t
+
+ /* TLS */
+ #define FSPSM_SESSIONKEY_GEN_FUNC R_SCE_TLS_SessionKeyGenerate
+ #define FSPSM_MASTERSECRET_GEN_FUNC R_SCE_TLS_MasterSecretGenerate
+ #define FSPSM_PREGEN_FUNC R_SCE_TLS_PreMasterSecretGenerateForRSA2048
+ #define FSPSM_PREGENENC_FUNC R_SCE_TLS_PreMasterSecretEncryptWithRSA2048
+
+ /* certificate */
+ #define FSPSM_TLSCERT_VRY R_SCE_TLS_CertificateVerify
+ #define FSPSM_TLSROOTCERT_VRY R_SCE_TLS_RootCertificateVerify
+ #define FSPSM_CACERT_PUB_WKEY \
+ sce_tls_ca_certification_public_wrapped_key_t
+
+ /* verify data */
+ #define FSPSM_VERIFY_DATA_FUNC R_SCE_TLS_VerifyDataGenerate
+
+ /* aes */
+ #define FSPSM_AES_WKEY sce_aes_wrapped_key_t
+ #define FSPSM_AES_PWKEY sce_aes_wrapped_key_t*
+ #define FSPSM_AESGCM_HANDLE sce_gcm_handle_t
+ #define FSPSM_AES_HANDLE sce_aes_handle_t
+ /* aes 128 cbc */
+ #define FSPSM_AES128CBCEnc_Init R_SCE_AES128CBC_EncryptInit
+ #define FSPSM_AES128CBCEnc_Up R_SCE_AES128CBC_EncryptUpdate
+ #define FSPSM_AES128CBCEnc_Final R_SCE_AES128CBC_EncryptFinal
+ #define FSPSM_AES128CBCDec_Init R_SCE_AES128CBC_DecryptInit
+ #define FSPSM_AES128CBCDec_Up R_SCE_AES128CBC_DecryptUpdate
+ #define FSPSM_AES128CBCDec_Final R_SCE_AES128CBC_DecryptFinal
+
+ /* aes 256 cbc */
+ #define FSPSM_AES256CBCEnc_Init R_SCE_AES256CBC_EncryptInit
+ #define FSPSM_AES256CBCEnc_Up R_SCE_AES256CBC_EncryptUpdate
+ #define FSPSM_AES256CBCEnc_Final R_SCE_AES256CBC_EncryptFinal
+ #define FSPSM_AES256CBCDec_Init R_SCE_AES256CBC_DecryptInit
+ #define FSPSM_AES256CBCDec_Up R_SCE_AES256CBC_DecryptUpdate
+ #define FSPSM_AES256CBCDec_Final R_SCE_AES256CBC_DecryptFinal
+
+ /* aes128 gcm */
+ #define FSPSM_AES128GCMEnc_Init R_SCE_AES128GCM_EncryptInit
+ #define FSPSM_AES128GCMEnc_Up R_SCE_AES128GCM_EncryptUpdate
+ #define FSPSM_AES128GCMEnc_Final R_SCE_AES128GCM_EncryptFinal
+ #define FSPSM_AES128GCMDec_Init R_SCE_AES128GCM_DecryptInit
+ #define FSPSM_AES128GCMDec_Up R_SCE_AES128GCM_DecryptUpdate
+ #define FSPSM_AES128GCMDec_Final R_SCE_AES128GCM_DecryptFinal
+
+ /* aes256 gcm */
+ #define FSPSM_AES256GCMEnc_Init R_SCE_AES256GCM_EncryptInit
+ #define FSPSM_AES256GCMEnc_Up R_SCE_AES256GCM_EncryptUpdate
+ #define FSPSM_AES256GCMEnc_Final R_SCE_AES256GCM_EncryptFinal
+ #define FSPSM_AES256GCMDec_Init R_SCE_AES256GCM_DecryptInit
+ #define FSPSM_AES256GCMDec_Up R_SCE_AES256GCM_DecryptUpdate
+ #define FSPSM_AES256GCMDec_Final R_SCE_AES256GCM_DecryptFinal
+
+ /* rsa */
+ /* rsa data */
+ #define FSPSM_RSA_DATA sce_rsa_byte_data_t
+ /* rsa 1024 key */
+ #define FSPSM_RSA1024_WPA_KEY sce_rsa1024_wrapped_pair_key_t
+ #define FSPSM_RSA1024_WPB_KEY sce_rsa1024_public_wrapped_key_t
+ #define FSPSM_RSA1024_WPI_KEY sce_rsa1024_private_wrapped_key_t
+ /* rsa 2048 key */
+ #define FSPSM_RSA2048_WPA_KEY sce_rsa2048_wrapped_pair_key_t
+ #define FSPSM_RSA2048_WPB_KEY sce_rsa2048_public_wrapped_key_t
+ #define FSPSM_RSA2048_WPI_KEY sce_rsa2048_private_wrapped_key_t
+
+ /* rsa key gen */
+ #define FSPSM_RSA1024_KEYPA_GEN(x,y) R_SCE_RSA1024_WrappedKeyPairGenerate\
+ (x)
+ #define FSPSM_RSA2048_KEYPA_GEN(x,y) R_SCE_RSA2048_WrappedKeyPairGenerate\
+ (x)
+
+ /* rsa function */
+ #define FSPSM_RSA1024_PKCSENC_FUNC(p,c,k) R_SCE_RSAES_PKCS1024_Encrypt\
+ (p,c,k)
+ #define FSPSM_RSA2048_PKCSENC_FUNC(p,c,k) R_SCE_RSAES_PKCS2048_Encrypt\
+ (p,c,k)
+ #define FSPSM_RSA1024_PKCSDEC_FUNC(p,c,k,l) R_SCE_RSAES_PKCS1024_Decrypt\
+ (p,c,k)
+ #define FSPSM_RSA2048_PKCSDEC_FUNC(p,c,k,l) R_SCE_RSAES_PKCS2048_Decrypt\
+ (p,c,k)
+ #define FSPSM_RSA1024_SIGN_FUNC(m,s,k,t) \
+ R_SCE_RSASSA_PKCS1024_SignatureGenerate(m,s,k,t)
+ #define FSPSM_RSA2048_SIGN_FUNC(m,s,k,t) \
+ R_SCE_RSASSA_PKCS2048_SignatureGenerate(m,s,k,t)
+ #define FSPSM_RSA1024_VRY_FUNC(m,s,k,t) \
+ R_SCE_RSASSA_PKCS1024_SignatureVerify(m,s,k,t)
+ #define FSPSM_RSA2048_VRY_FUNC(m,s,k,t) \
+ R_SCE_RSASSA_PKCS2048_SignatureVerify(m,s,k,t)
+ /* sha */
+ #define FSPSM_SHA_HANDLE sce_sha_md5_handle_t
+ #define FSPSM_SHA256_Init R_SCE_SHA256_Init
+ #define FSPSM_SHA256_Up R_SCE_SHA256_Update
+ #define FSPSM_SHA256_Final R_SCE_SHA256_Final
+
+ /* user API */
+ #define FSPSM_INFORM_FUNC wc_sce_inform_user_keys
+ #define FSPSM_CALLBACK_FUNC wc_sce_set_callbacks
+ #define FSPSM_CALLBACK_CTX_FUNC wc_sce_set_callback_ctx
+ #define FSPSM_INFORM_CERT_SIGN wc_sce_inform_cert_sign
+
+#elif defined(WOLFSSL_RENESAS_RSIP)
+
+ #include "r_rsip.h"
+
+ /* structure, type so on */
+ #define FSPSM_W_KEYVAR renesas_rsip_wrappedkey
+ #define FSPSM_tls_flg_ST rsip_keyflgs_tls
+ #define FSPSM_key_flg_ST rsip_keyflgs_cryt
+ #define FSPSM_tag_ST tagUser_RSIPPKCbInfo
+ #define FSPSM_ST User_RSIPPKCbInfo
+ #define FSPSM_ST_PKC RSIP_PKCbInfo
+ #define FSPSM_KEY_TYPE rsip_key_type_t
+
+ #define FSPSM_INSTANCE rsip_instance_ctrl_t
+ #define gFSPSM_ctrl rsip_ctrl
+ #define FSPSM_CONFIG rsip_cfg_t
+ #define gFSPSM_cfg rsip_cfg
+ #define H_INSTANCE gFSPSM_ctrl
+ #define FSPSM_OPEN R_RSIP_Open
+ #define FSPSM_CLOSE R_RSIP_Close
+
+ /* rnd generation func */
+ #define R_RANDOM_GEN(b) R_RSIP_RandomNumberGenerate(&gFSPSM_ctrl,b)
+ /* sha 1*/
+ #define FSPSM_SHA_HANDLE rsip_sha_handle_t
+ #define FSPSM_SHA1_Init _R_RSIP_SHA1_GenerateInit
+ #define FSPSM_SHA1_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA1_Final _R_RSIP_SHA_GenerateFinal
+
+ /* sha 224 */
+ #define FSPSM_SHA224_Init _R_RSIP_SHA224_GenerateInit
+ #define FSPSM_SHA224_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA224_Final _R_RSIP_SHA_GenerateFinal
+
+ /* sha 256 */
+ #define FSPSM_SHA256_Init _R_RSIP_SHA256_GenerateInit
+ #define FSPSM_SHA256_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA256_Final _R_RSIP_SHA_GenerateFinal
+
+ /* sha 384 */
+ #define FSPSM_SHA384_Init _R_RSIP_SHA384_GenerateInit
+ #define FSPSM_SHA384_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA384_Final _R_RSIP_SHA_GenerateFinal
+
+ /* sha 512 */
+ #define FSPSM_SHA512_Init _R_RSIP_SHA512_GenerateInit
+ #define FSPSM_SHA512_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA512_Final _R_RSIP_SHA_GenerateFinal
+
+ /* sha 512 224*/
+ #define FSPSM_SHA512_224_Init _R_RSIP_SHA512_224_GenerateInit
+ #define FSPSM_SHA512_224_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA512_224_Final _R_RSIP_SHA_GenerateFinal
+
+ /* sha 512 256 */
+ #define FSPSM_SHA512_256_Init _R_RSIP_SHA512_256_GenerateInit
+ #define FSPSM_SHA512_256_Up _R_RSIP_SHA_GenerateUpdate
+ #define FSPSM_SHA512_256_Final _R_RSIP_SHA_GenerateFinal
+ /* aes */
+ #define FSPSM_AES_WKEY rsip_wrapped_key_t
+ #define FSPSM_AES_PWKEY rsip_wrapped_key_t*
+ #define FSPSM_AESGCM_HANDLE rsip_instance_ctrl_t*
+ #define FSPSM_AES_HANDLE rsip_instance_ctrl_t*
+ #define FSPSM_AES_KEYGEN_FUNC _R_RSIP_KeyGenerate
+
+ /* aes 128 cbc */
+ /* mode : RSIP_AES_MODE_CBC */
+ #define FSPSM_AES128CBCEnc_Init _R_RSIP_AESCBC_Cipher_EncryptInit
+ #define FSPSM_AES128CBCEnc_Up _R_RSIP_AESCBC_Cipher_EncryptUpdate
+ #define FSPSM_AES128CBCEnc_Final _R_RSIP_AESCBC_Cipher_EncryptFinal
+ #define FSPSM_AES128CBCDec_Init _R_RSIP_AESCBC_Cipher_DecryptInit
+ #define FSPSM_AES128CBCDec_Up _R_RSIP_AESCBC_Cipher_DecryptUpdate
+ #define FSPSM_AES128CBCDec_Final _R_RSIP_AESCBC_Cipher_DecryptFinal
+
+ /* aes 256 cbc */
+ /* mode : RSIP_AES_MODE_CBC */
+ #define FSPSM_AES256CBCEnc_Init _R_RSIP_AESCBC_Cipher_EncryptInit
+ #define FSPSM_AES256CBCEnc_Up _R_RSIP_AESCBC_Cipher_EncryptUpdate
+ #define FSPSM_AES256CBCEnc_Final _R_RSIP_AESCBC_Cipher_EncryptFinal
+ #define FSPSM_AES256CBCDec_Init _R_RSIP_AESCBC_Cipher_DecryptInit
+ #define FSPSM_AES256CBCDec_Up _R_RSIP_AESCBC_Cipher_DecryptUpdate
+ #define FSPSM_AES256CBCDec_Final _R_RSIP_AESCBC_Cipher_DecryptFinal
+
+ /* aes128 gcm */
+ #define FSPSM_AES128GCMEnc_Init _R_RSIP_AES_GCM_EncryptInit
+ #define FSPSM_AES128GCMEnc_Up _R_RSIP_AES_GCM_EncryptUpdate
+ #define FSPSM_AES128GCMEnc_Final _R_RSIP_AES_GCM_EncryptFinal
+ #define FSPSM_AES128GCMDec_Init _R_RSIP_AES_GCM_DecryptInit
+ #define FSPSM_AES128GCMDec_Up _R_RSIP_AES_GCM_DecryptUpdate
+ #define FSPSM_AES128GCMDec_Final _R_RSIP_AES_GCM_DecryptFinal
+
+ /* aes256 gcm */
+ #define FSPSM_AES256GCMEnc_Init _R_RSIP_AES_GCM_EncryptInit
+ #define FSPSM_AES256GCMEnc_Up _R_RSIP_AES_GCM_EncryptUpdate
+ #define FSPSM_AES256GCMEnc_Final _R_RSIP_AES_GCM_EncryptFinal
+ #define FSPSM_AES256GCMDec_Init _R_RSIP_AES_GCM_DecryptInit
+ #define FSPSM_AES256GCMDec_Up _R_RSIP_AES_GCM_DecryptUpdate
+ #define FSPSM_AES256GCMDec_Final _R_RSIP_AES_GCM_DecryptFinal
+
+ /* rsa */
+ /* rsa data */
+ typedef struct {
+ uint8_t *pdata;
+ uint32_t data_length;
+ uint32_t data_type;/* no use for RSIP */
+ uint32_t hash_type;/* for rsip, hash type */
+ } tmpRSIP_RSA_DATA;
+
+ #define FSPSM_RSA_DATA tmpRSIP_RSA_DATA
+
+ /* rsa 1024 key */
+ #define FSPSM_RSA1024_WPA_KEY rsip_wrapped_key_t
+ #define FSPSM_RSA1024_WPB_KEY rsip_wrapped_key_t
+ #define FSPSM_RSA1024_WPI_KEY rsip_wrapped_key_t
+ /* rsa 2048 key */
+ #define FSPSM_RSA2048_WPA_KEY rsip_wrapped_key_t
+ #define FSPSM_RSA2048_WPB_KEY rsip_wrapped_key_t
+ #define FSPSM_RSA2048_WPI_KEY rsip_wrapped_key_t
+
+ /* rsa key gen */
+ #define FSPSM_RSA1024_KEYPA_GEN(x,y) R_RSIP_KeyPairGenerate\
+ (&gFSPSM_ctrl, RSIP_KEY_PAIR_TYPE_RSA_1024,\
+ x,y)
+ #define FSPSM_RSA2048_KEYPA_GEN(x,y) R_RSIP_KeyPairGenerate\
+ (&gFSPSM_ctrl, RSIP_KEY_PAIR_TYPE_RSA_2048,\
+ x,y)
+
+ /* rsa function */
+ /* encrypt */
+ #define FSPSM_RSA1024_PKCSENC_FUNC(p,c,k) R_RSIP_RSAES_PKCS1_V1_5_Encrypt\
+ (&gFSPSM_ctrl, k, (uint8_t const *const)(p)->pdata, \
+ (uint32_t const)(p)->data_length, \
+ (uint8_t *const)(c)->pdata);
+
+ #define FSPSM_RSA2048_PKCSENC_FUNC(p,c,k) FSPSM_RSA1024_PKCSENC_FUNC(p,c,k)
+ /* decrypt */
+ #define FSPSM_RSA1024_PKCSDEC_FUNC(c,p,k,l) R_RSIP_RSAES_PKCS1_V1_5_Decrypt\
+ (&gFSPSM_ctrl, k, (uint8_t const *const)(c)->pdata, \
+ (uint8_t *const)(p)->pdata,\
+ (uint32_t *const)l, \
+ (uint32_t const)(p)->data_length);
+ #define FSPSM_RSA2048_PKCSDEC_FUNC(c,p,k,l) \
+ FSPSM_RSA1024_PKCSDEC_FUNC(c,p,k,l)
+
+ /* sign */
+ #define FSPSM_RSA1024_SIGN_FUNC(m,s,k,t) R_RSIP_RSASSA_PKCS1_V1_5_Sign\
+ (&gFSPSM_ctrl, k, (m)->hash_type, (uint8_t const *const)(m)->pdata,\
+ (uint8_t *const)(s)->pdata)
+ #define FSPSM_RSA2048_SIGN_FUNC(m,s,k,t) FSPSM_RSA1024_SIGN_FUNC(m,s,k,t)
+
+ /* verify */
+ #define FSPSM_RSA1024_VRY_FUNC(s,m,k,t) R_RSIP_RSASSA_PKCS1_V1_5_Verify\
+ (&gFSPSM_ctrl, k, (m)->hash_type, (uint8_t const *const)(m)->pdata,\
+ (uint8_t *const)(s)->pdata)
+ #define FSPSM_RSA2048_VRY_FUNC(s,m,k,t) FSPSM_RSA1024_VRY_FUNC(s,m,k,t)
+
+#endif
+
+#endif /* __RENESAS_FSP_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h
deleted file mode 100644
index 35847131..00000000
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h
+++ /dev/null
@@ -1,278 +0,0 @@
-/* renesas-sce-crypt.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-#ifndef __RENESAS_SCE_CRYPT_H__
-#define __RENESAS_SCE_CRYPT_H__
-
-#include "r_sce.h"
-#include <wolfssl/wolfcrypt/settings.h>
-#include <wolfssl/wolfcrypt/logging.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define SCE_SESSIONKEY_NONCE_SIZE 8
-#define WOLFSSL_SCE_ILLEGAL_CIPHERSUITE -1
-
-#define MAX_SCE_CBINDEX 5
-
-typedef void* renesas_sce_wrappedkey;
-
-/* flsgas related to TLS */
-struct sce_keyflgs_tls {
- uint8_t pk_key_set:1;
- uint8_t session_key_set:1;
-};
-
-/* flags Crypt Only */
-struct sce_keyflgs_cryt {
- uint8_t aes256_installedkey_set:1;
- uint8_t aes128_installedkey_set:1;
- uint8_t rsapri2048_installedkey_set:1;
- uint8_t rsapub2048_installedkey_set:1;
- uint8_t rsapri1024_installedkey_set:1;
- uint8_t rsapub1024_installedkey_set:1;
- uint8_t message_type:1;/*message 0, hashed 1*/
-};
-
-typedef struct tagUser_SCEPKCbInfo {
- /* unique number for each session */
- int devId;
- #if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
- !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- /* out from R_SCE_TLS_ServerKeyExchangeVerify */
- uint32_t encrypted_ephemeral_ecdh_public_key[SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ];
- /* out from R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate */
- sce_tls_p256_ecc_wrapped_key_t ecc_p256_wrapped_key;
- uint8_t ecc_ecdh_public_key[HW_SCE_ECC_PUBLIC_KEY_BYTE_SIZE];
-
- uint32_t sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE/4];
- uint8_t sce_clientRandom[SCE_TLS_CLIENTRANDOM_SZ];
- uint8_t sce_serverRandom[SCE_TLS_SERVERRANDOM_SZ];
- uint8_t sce_cipher;
-
- #endif
-
- /* installed key handling */
- /* aes */
- renesas_sce_wrappedkey sce_wrapped_key_aes256;
- renesas_sce_wrappedkey sce_wrapped_key_aes128;
-
- #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- /* rsa */
- renesas_sce_wrappedkey sce_wrapped_key_rsapri2048;
- renesas_sce_wrappedkey sce_wrapped_key_rsapub2048;
- renesas_sce_wrappedkey sce_wrapped_key_rsapri1024;
- renesas_sce_wrappedkey sce_wrapped_key_rsapub1024;
- #endif
-
- /* key status flags */
- /* flag whether encrypted ec key is set */
- union {
- uint8_t chr;
- struct sce_keyflgs_tls bits;
- } keyflgs_tls;
- /* key status flags */
- /* flags shows status if wrapped keys are installed */
- union {
- uint8_t chr;
- struct sce_keyflgs_cryt bits;
- } keyflgs_crypt;
-
-} User_SCEPKCbInfo;
-
-typedef struct tagSCE_PKCbInfo {
- User_SCEPKCbInfo *user_PKCbInfo[MAX_SCE_CBINDEX];
- uint32_t num_session;
-} SCE_PKCbInfo;
-
-typedef struct
-{
- uint8_t *encrypted_provisioning_key;
- uint8_t *iv;
- uint8_t *encrypted_user_tls_key;
- uint32_t encrypted_user_tls_key_type;
- sce_tls_ca_certification_public_wrapped_key_t user_rsa2048_tls_wrappedkey;
-} sce_key_data;
-
-struct WOLFSSL;
-struct WOLFSSL_CTX;
-struct ecc_key;
-
-WOLFSSL_LOCAL int wc_sce_Open();
-WOLFSSL_LOCAL void wc_sce_Close();
-WOLFSSL_LOCAL int wc_sce_hw_lock();
-WOLFSSL_LOCAL void wc_sce_hw_unlock( void );
-WOLFSSL_LOCAL int wc_sce_usable(const struct WOLFSSL *ssl,
- uint8_t session_key_generated);
-
-typedef struct {
- sce_aes_wrapped_key_t sce_wrapped_key;
- word32 keySize;
- byte setup;
-} SCE_AES_CTX;
-
-struct Aes;
-WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in,
- word32 sz);
-WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in,
- word32 sz);
-
-WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
- const byte* in, word32 sz,
- byte* iv, word32 ivSz,
- byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz,
- void* ctx);
-
-WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
- const byte* in, word32 sz,
- const byte* iv, word32 ivSz,
- const byte* authTag, word32 authTagSz,
- const byte* authIn, word32 authInSz,
- void* ctx);
-
-#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
-
-typedef enum {
- SCE_SHA256 = 1,
-} SCE_SHA_TYPE;
-
-typedef struct {
- byte* msg;
- void* heap;
- word32 used;
- word32 len;
- word32 sha_type;
-#if defined(WOLF_CRYPTO_CB)
- word32 flags;
- int devId;
-#endif
-} wolfssl_SCE_Hash;
-
-/* RAW hash function APIs are not implemented with SCE */
-#undef WOLFSSL_NO_HASH_RAW
-#define WOLFSSL_NO_HASH_RAW
-
-typedef wolfssl_SCE_Hash wc_Sha256;
-
-#endif /* NO_SHA */
-
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
- !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPT_ONLY)
-
-WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
- const uint8_t* cert, uint32_t cert_len,
- uint32_t key_n_start, uint32_t key_n_len,
- uint32_t key_e_start, uint32_t key_e_len,
- uint32_t cm_row);
-
-WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
- const uint8_t* cert, uint32_t certSz,
- const uint8_t* signature, uint32_t sigSz,
- uint32_t key_n_start, uint32_t key_n_len,
- uint32_t key_e_start, uint32_t key_e_len,
- uint8_t* sce_encRsaKeyIdx);
-
-
-WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(
- uint8_t* premaster,
- uint32_t preSz);
-
-WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
- struct WOLFSSL* ssl,
- uint8_t* out,
- uint32_t* outSz);
-
-WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(
- const struct WOLFSSL *ssl,
- const uint8_t* myInner,
- uint32_t innerSz,
- const uint8_t* in,
- uint32_t sz,
- uint8_t* digest);
-
-WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(
- const struct WOLFSSL *ssl,
- const uint8_t* message,
- uint32_t messageSz,
- uint32_t macSz,
- uint32_t content);
-
-WOLFSSL_LOCAL int wc_sce_storeKeyCtx(
- struct WOLFSSL* ssl,
- User_SCEPKCbInfo* info);
-
-WOLFSSL_LOCAL int wc_sce_generateVerifyData(
- const uint8_t* ms, /* master secret */
- const uint8_t* side,
- const uint8_t* handshake_hash,
- uint8_t* hashes /* out */);
-
-WOLFSSL_LOCAL int wc_sce_generateSessionKey(
- struct WOLFSSL* ssl,
- User_SCEPKCbInfo* cbInfo,
- int devId);
-
-WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
- uint8_t cipherSuiteFirst,
- uint8_t cipherSuite,
- const uint8_t *pr, /* pre-master */
- const uint8_t *cr, /* client random */
- const uint8_t *sr, /* server random */
- uint8_t *ms);
-
-WOLFSSL_LOCAL int wc_SCE_RsaVerify(struct WOLFSSL* ssl, byte* sig, uint32_t sigSz,
- uint8_t** out, const byte* key, uint32_t keySz, void* ctx);
-WOLFSSL_LOCAL int wc_SCE_EccVerify(struct WOLFSSL* ssl, const uint8_t* sig, uint32_t sigSz,
- const uint8_t* hash, uint32_t hashSz, const uint8_t* key, uint32_t keySz,
- int* result, void* ctx);
-/* Callback for EccShareSecret */
-WOLFSSL_LOCAL int SCE_EccSharedSecret(struct WOLFSSL* ssl, struct ecc_key* otherKey,
- uint8_t* pubKeyDer, unsigned int* pubKeySz,
- uint8_t* out, unsigned int* outlen, int side, void* ctx);
-
-/* user API */
-WOLFSSL_API void wc_sce_inform_user_keys(
- uint8_t* encrypted_provisioning_key,
- uint8_t* iv,
- uint8_t* encrypted_user_tls_key,
- uint32_t encrypted_user_tls_key_type);
-
-WOLFSSL_API void wc_sce_set_callbacks(struct WOLFSSL_CTX* ctx);
-WOLFSSL_API int wc_sce_set_callback_ctx(struct WOLFSSL* ssl, void* user_ctx);
-WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign);
-
-/* rsa */
-struct RsaKey;
-struct WC_RNG;
-WOLFSSL_API int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
- word32 outLen, int type, struct RsaKey* key, struct WC_RNG* rng, void* ctx);
-WOLFSSL_API int wc_sce_MakeRsaKey(int size, void* ctx);
-WOLFSSL_API int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
- word32* outLen, struct RsaKey* key, void* ctx);
-WOLFSSL_API int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
- word32* outLen,struct RsaKey* key, void* ctx);
-
-#endif /* WOLFSSL_RENESAS_SCEPROTECT &&
- * !WOLFSSL_RENESAS_SCEPROTECT_CRYPT_ONLY */
-
-#endif /* __RENESAS_SCE_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
index bd588108..6b1bbfda 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
@@ -21,7 +21,8 @@
#ifndef __RENESAS_TSIP_CRYPT_H__
#define __RENESAS_TSIP_CRYPT_H__
-#if !defined(WOLFCRYPT_ONLY)
+#if !defined(WOLFCRYPT_ONLY) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#if defined(WOLFSSL_RENESAS_TSIP_IAREWRX)
#include "r_bsp/mcu/all/r_rx_compiler.h"
@@ -29,7 +30,8 @@
#include "r_tsip_rx_if.h"
#endif
-#if defined(WOLFSSL_RENESAS_TSIP)
+#if defined(WOLFSSL_RENESAS_TSIP) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#include "r_tsip_rx_if.h"
#endif
@@ -69,7 +71,7 @@ enum {
l_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23,
l_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0x27,
l_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b,
- l_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f,
+ l_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f,
l_TLS_AES_128_GCM_SHA256 = 0x01,
l_TLS_AES_128_CCM_SHA256 = 0x04,
};
@@ -88,6 +90,10 @@ typedef enum {
TSIP_KEY_TYPE_RSA2048 = 0,
TSIP_KEY_TYPE_RSA4096 = 1,
TSIP_KEY_TYPE_ECDSAP256 = 2,
+ #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ TSIP_KEY_TYPE_RSA1024 = 3,
+ #endif
+
} wolfssl_TSIP_KEY_TYPE;
struct WOLFSSL;
@@ -114,14 +120,28 @@ typedef struct MsgBag
byte buff[MSGBAG_SIZE];
} MsgBag;
-
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+
+ typedef void* renesas_tsip_key;
+
+ /* flags Crypt Only */
+ struct tsip_keyflgs_cryt {
+ uint8_t aes256_key_set:1;
+ uint8_t aes128_key_set:1;
+ uint8_t rsapri2048_key_set:1;
+ uint8_t rsapub2048_key_set:1;
+ uint8_t rsapri1024_key_set:1;
+ uint8_t rsapub1024_key_set:1;
+ uint8_t message_type:1;/*message 0, hashed 1*/
+ };
+#endif
/*
* TsipUserCtx holds mainly keys used for TLS handshake in TSIP specific format.
*/
typedef struct TsipUserCtx {
/* unique number for each session */
int devId;
-
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
/* 0:working as a TLS client, 1: as a server */
byte side;
@@ -139,12 +159,13 @@ typedef struct TsipUserCtx {
/* handle is used as work area for Tls13 handshake */
tsip_tls13_handle_t handle13;
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
/* client key pair wrapped by provisioning key */
byte* wrappedPrivateKey;
byte* wrappedPublicKey;
- int wrappedKeyType;
+ int wrappedKeyType;
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
#if !defined(NO_RSA)
/* RSA-2048bit private and public key-index for client authentication */
tsip_rsa2048_private_key_index_t Rsa2048PrivateKeyIdx;
@@ -227,7 +248,27 @@ typedef struct TsipUserCtx {
uint32_t tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE/4];
uint8_t tsip_clientRandom[TSIP_TLS_CLIENTRANDOM_SZ];
uint8_t tsip_serverRandom[TSIP_TLS_SERVERRANDOM_SZ];
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+/* for tsip crypt only mode */
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+
+ renesas_tsip_key rsa1024pri_keyIdx;
+ renesas_tsip_key rsa1024pub_keyIdx;
+ renesas_tsip_key rsa2048pri_keyIdx;
+ renesas_tsip_key rsa2048pub_keyIdx;
+
+ /* sign/verify hash type :
+ * md5, sha1 or sha256
+ */
+ int sing_hash_type;
+
+ /* flags shows status if tsip keys are installed */
+ union {
+ uint8_t chr;
+ struct tsip_keyflgs_cryt bits;
+ } keyflgs_crypt;
+
+#endif
/* installed key handling */
tsip_aes_key_index_t user_aes256_key_index;
uint8_t user_aes256_key_set:1;
@@ -238,6 +279,7 @@ typedef struct TsipUserCtx {
uint32_t tsip_cipher;
/* flags */
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
#if !defined(NO_RSA)
uint8_t ClientRsa2048PrivKey_set:1;
uint8_t ClientRsa2048PubKey_set:1;
@@ -264,7 +306,7 @@ typedef struct TsipUserCtx {
uint8_t ServerWriteTrafficKey_set:1;
uint8_t ClientWriteTrafficKey_set:1;
uint8_t session_key_set:1;
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
} TsipUserCtx;
@@ -289,7 +331,7 @@ typedef struct
uint32_t encrypted_user_private_key_type;
uint8_t * encrypted_user_public_key;
uint32_t encrypted_user_public_key_type;
- tsip_ecc_private_key_index_t client_private_key_index;
+ tsip_ecc_private_key_index_t client_private_key_index;
tsip_tls_ca_certification_public_key_index_t user_rsa2048_tls_pubindex;
} tsip_key_data;
@@ -321,10 +363,21 @@ WOLFSSL_API int tsip_set_callback_ctx(struct WOLFSSL* ssl, void* user_ctx);
WOLFSSL_API int tsip_set_clientPrivateKeyEnc(const byte* key, int keyType);
#if defined(WOLF_PRIVATE_KEY_ID)
-WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+WOLFSSL_API int tsip_use_PublicKey_buffer_TLS(WOLFSSL* ssl,
+ const char* keyBuf, int keyBufLen, int keyType);
+WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
+ const char* keyBuf, int keyBufLen, int keyType);
+#endif
+
+#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+WOLFSSL_API int tsip_use_PubicKey_buffer_crypt(TsipUserCtx *uc,
const char* keyBuf, int keyBufLen, int keyType);
-WOLFSSL_API int tsip_use_PublicKey_buffer(struct WOLFSSL* ssl,
+WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
const char* keyBuf, int keyBufLen, int keyType);
+#endif
+
#endif /* WOLF_PRIVATE_KEY_ID */
#if (WOLFSSL_RENESAS_TSIP_VER >=109)
@@ -345,7 +398,6 @@ WOLFSSL_API void tsip_inform_user_keys(
#endif
-
/*----------------------------------------------------*/
/* internal use functions */
/*----------------------------------------------------*/
@@ -489,7 +541,7 @@ WOLFSSL_LOCAL int wc_tsip_generateVerifyData(
const uint8_t* side,
const uint8_t* handshake_hash,
uint8_t* hashes);
-
+#ifndef NO_AES
WOLFSSL_LOCAL int wc_tsip_AesCbcEncrypt(
Aes* aes,
byte* out,
@@ -517,7 +569,7 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz,
void* ctx);
-
+#endif /* NO_AES */
WOLFSSL_LOCAL int wc_tsip_ShaXHmacVerify(
const WOLFSSL *ssl,
const byte* message,
@@ -583,8 +635,11 @@ WOLFSSL_LOCAL int wc_tsip_generateSessionKey(
TsipUserCtx* ctx,
int devId);
+WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx);
+WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info,
+ TsipUserCtx* tuc);
-
+WOLFSSL_LOCAL int wc_tsip_GenerateRandBlock(byte* output, word32 size);
#if defined(WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG)
byte *ret2err(word32 ret);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
index ffd7d725..1213eeee 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
@@ -44,7 +44,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in,
WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message,
word32 messageSz, word32 macSz, word32 content, void* ctx);
WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
- unsigned int sigSz, const unsigned char* hash, unsigned int hashSz,
+ unsigned int sigSz, const unsigned char* hash, unsigned int hashSz,
const unsigned char* key, unsigned int keySz, int* result, void* ctx);
WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl,
unsigned char* sig, unsigned int sigSz,
@@ -68,6 +68,7 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigne
int* result, void* ctx);
/* Common Methods */
+WOLFSSL_LOCAL void* Renesas_cmn_GetCbCtxBydevId(int devId);
int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx);
void wc_CryptoCb_CleanupRenesasCmn(int* id);
int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
@@ -75,4 +76,8 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
word32 key_e_len, word32 cm_row);
WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl);
WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx);
+WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
+ const byte *handshake_hash, word32 hashSz,
+ byte *hashes, void* ctx);
+WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx);
#endif /* __RENESAS_CMN_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h
index bdf941fd..365abf5a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h
@@ -25,8 +25,8 @@
#ifdef HAVE_RENESAS_SYNC
struct WOLFSSL;
-struct User_SCEPKCbInfo;
-extern User_SCEPKCbInfo guser_PKCbInfo;
+struct FSPSM_ST;
+extern FSPSM_ST guser_PKCbInfo;
WOLFSSL_API int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx);
WOLFSSL_API void wc_CryptoCb_CleanupRenesasCmn(int* id);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
index fb9f79df..93738780 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
@@ -63,7 +63,8 @@ typedef wolfssl_TSIP_Hash wc_Sha256;
#endif /* NO_SHA */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) ||\
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
#include "r_tsip_rx_if.h"
typedef struct {
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h
new file mode 100644
index 00000000..9d49b875
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h
@@ -0,0 +1,80 @@
+/* aria-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/port/aria/aria-crypt.h
+*/
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher implementation for
+encrypting and decrypting data.
+
+*/
+#ifndef WOLF_CRYPT_ARIA_CRYPT_H
+#define WOLF_CRYPT_ARIA_CRYPT_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "mcapi.h"
+#include "mcapi_error.h"
+
+#define ARIA_128_KEY_SIZE 16
+#define ARIA_192_KEY_SIZE 24
+#define ARIA_256_KEY_SIZE 32
+
+#define ARIA_BLOCK_SIZE 16
+#define ARIA_GCM_AUTH_SZ 16
+
+#define WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(x) (x+ARIA_GCM_AUTH_SZ)
+
+typedef struct {
+ MC_HSESSION hSession;
+ MC_ALGID algo;
+ MC_HOBJECT hKey;
+ word32 nonce[ARIA_BLOCK_SIZE / sizeof(word32)];
+ word32 nonceSz;
+} wc_Aria;
+
+WOLFSSL_API int wc_AriaInitCrypt(wc_Aria* aria, MC_ALGID algo);
+WOLFSSL_API int wc_AriaFreeCrypt(wc_Aria* aria);
+WOLFSSL_API int wc_AriaSetKey(wc_Aria* aria, byte* key);
+WOLFSSL_API int wc_AriaGcmSetExtIV(wc_Aria* aria, const byte* iv, word32 ivSz);
+WOLFSSL_API int wc_AriaGcmSetIV(wc_Aria* aria, word32 ivSz,
+ const byte* ivFixed, word32 ivFixedSz,
+ WC_RNG* rng);
+
+WOLFSSL_API int wc_AriaEncrypt(wc_Aria *aria, byte* out, byte* in, word32 inSz,
+ byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+ byte* authTag, word32 authTagSz);
+WOLFSSL_API int wc_AriaDecrypt(wc_Aria *aria, byte* out, byte* in, word32 inSz,
+ byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+ byte* authTag, word32 authTagSz);
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ARIA_CRYPT_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
new file mode 100644
index 00000000..01e18b07
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
@@ -0,0 +1,69 @@
+/* aria-cryptocb.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
+*/
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher implementation for
+signing, verifying and hashing data.
+
+*/
+#ifndef WOLF_CRYPT_ARIA_CRYPTOCB_H
+#define WOLF_CRYPT_ARIA_CRYPTOCB_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/cryptocb.h>
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+#include "mcapi.h"
+#include "mcapi_error.h"
+
+int wc_AriaInit(void);
+int wc_AriaInitSha(MC_HSESSION* hSession, MC_ALGID algo);
+int wc_AriaShaUpdate(MC_HSESSION hSession, byte* data, word32 len);
+int wc_AriaShaFinal(MC_HSESSION hSession, byte* out, word32* len);
+int wc_AriaFree(MC_HSESSION* hSession, MC_HOBJECT *obj1);
+
+int wc_AriaSign(byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key);
+int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz, int* res, ecc_key* key);
+int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outSz);
+
+#ifndef ARIA_KEYASN1_MAXSZ
+#define ARIA_KEYASN1_MAXSZ 128
+#endif
+
+#ifdef WOLF_CRYPTO_CB
+
+#define WOLFSSL_ARIA_DEVID 8
+int wc_AriaCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx);
+#endif
+
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ARIA_CRYPTOCB_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h
index e3e277d5..3f5174eb 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h
@@ -54,8 +54,8 @@
#define WOLFSSL_MSG(in) printf("%s\n", (in))
void DEBUG_PRINT_ARRAY(void* a, int aSz, char* str);
#else
- #define WOLFSSL_MSG(in)
- #define DEBUG_PRINT_ARRAY(a,aSz,str)
+ #define WOLFSSL_MSG(in) do {} while (0)
+ #define DEBUG_PRINT_ARRAY(a,aSz,str) do {} while (0)
#endif
#define CAAM_PAGE_MAX 6
@@ -455,5 +455,6 @@ struct DESCSTRUCT {
#define MAX_ECDSA_SIGN_ADDR 8
#define BLACK_KEY_MAC_SZ 16
#define BLACK_BLOB_KEYMOD_SZ 16
-#define RED_BLOB_KEYMOD_SZ 8
+#define RED_BLOB_KEYMOD_SZ 16
+#define SM_BLOB_KEYMOD_SZ 8
#endif /* CAAM_DRIVER_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h
index d3016f4a..55d1fccd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h
@@ -47,7 +47,7 @@
#define CAAM_ADDRESS uintptr_t
#define Success 1
#define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() do {} while (0)
#define MemoryMapMayNotBeEmpty -1
#define CAAM_WAITING -2
#define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h
index ba9d7513..6c96edc4 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h
@@ -91,8 +91,9 @@ WOLFSSL_API int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz,
#define WC_CAAM_MAC_SZ 16
#define WC_CAAM_BLOB_RED 1
#define WC_CAAM_BLOB_BLACK 2
-#define WC_CAAM_RED_KEYMOD_SZ 8
+#define WC_CAAM_RED_KEYMOD_SZ 16
#define WC_CAAM_BLACK_KEYMOD_SZ 16
+#define WC_SM_BLOB_KEYMOD_SZ 8
#define WC_CAAM_MAX_ENTROPY 44
#if !defined(WOLFSSL_QNX_CAAM) && !defined(WOLFSSL_SECO_CAAM) && \
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h
index 7cdda7f5..c1f13672 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h
@@ -24,7 +24,7 @@
#ifndef WOLFCAAM_FSL_NXP_H
#define WOLFCAAM_FSL_NXP_H
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifdef WOLFSSL_IMXRT1170_CAAM
@@ -44,7 +44,7 @@
#define Boolean int
#define Success 1
#define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() WC_DO_NOTHING
#define MemoryMapMayNotBeEmpty -1
#define CAAM_WAITING -2
#define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h
index 1e329c66..6eee6b2c 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h
@@ -24,7 +24,7 @@
#ifndef WOLFCAAM_QNX_H
#define WOLFCAAM_QNX_H
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifdef WOLFSSL_QNX_CAAM
#include <sys/iofunc.h>
@@ -35,7 +35,7 @@
#define Boolean int
#define Success 1
#define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() WC_DO_NOTHING
#define MemoryMapMayNotBeEmpty -1
#define CAAM_WAITING -2
#define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h
index bebfb3f3..d07c0549 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h
@@ -24,7 +24,7 @@
#ifndef WOLFCAAM_SECO_H
#define WOLFCAAM_SECO_H
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#ifdef WOLFSSL_SECO_CAAM
@@ -38,7 +38,7 @@
#define Boolean int
#define Success 1
#define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() WC_DO_NOTHING
#define MemoryMapMayNotBeEmpty -1
#define CAAM_WAITING -2
#define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h
index a987527e..cfd841fe 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h
@@ -27,11 +27,5 @@
#include <wolfssl/wolfcrypt/port/kcapi/wc_kcapi.h>
#include <wolfssl/wolfcrypt/hmac.h>
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacInit(Hmac* hmac, void* heap, int devId);
-void HmacFree(Hmac* hmac);
-#endif
-
#endif /* WOLF_CRYPT_KCAPI_HMAC_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h
index 59e650f8..886d823a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h
@@ -42,7 +42,7 @@
#include <config.h>
#endif
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
/* PSA implementation takes over the Sha struct and Sha functions implementation
completely. Devoiding the struct of the DevId field and hooks to make
@@ -78,8 +78,8 @@
void PSA_LOCK(void);
void PSA_UNLOCK(void);
#else
-#define PSA_LOCK()
-#define PSA_UNLOCK()
+#define PSA_LOCK() WC_DO_NOTHING
+#define PSA_UNLOCK() WC_DO_NOTHING
#endif
int wc_psa_init(void);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h
index 4820b577..43cd0f09 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h
@@ -44,20 +44,19 @@ int silabs_ecc_verify_hash (const byte* sig, word32 siglen,
int* stat, ecc_key* key);
-
int silabs_ecc_make_key(ecc_key* key, int keysize);
-int silabs_ecc_import(ecc_key* key, word32 keysize);
-
-int silabs_ecc_import_private(ecc_key* key, word32 keysize);
-
-int silabs_ecc_sig_to_rs(ecc_key* key, word32 keySz);
-
-int silabs_ecc_import_private_raw(ecc_key* key, word32 keySz, const char* d, int encType);
+int silabs_ecc_import(ecc_key* key, word32 keysize, int pub, int priv);
+int silabs_ecc_export_public(ecc_key* key, sl_se_key_descriptor_t* seKey);
int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
byte* out, word32* outlen);
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+int silabs_ecc_load_vault(ecc_key* key);
+#endif
+
+
#endif /* WOLFSSL_SILABS_SE_ACCEL */
#endif /* _SILABS_ECC_H_ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h
index 6da76ac7..de502a9b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h
@@ -22,45 +22,75 @@
#ifndef _SILABS_HASH_H_
#define _SILABS_HASH_H_
-#include <em_device.h>
+#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_SILABS_SE_ACCEL)
+#include <em_device.h>
+
#include <wolfssl/wolfcrypt/types.h>
#include <sl_se_manager.h>
#include <sl_se_manager_hash.h>
-#if defined(SL_SE_HASH_SHA384) && !defined(NO_SHA384)
-#define WOLFSSL_SILABS_SHA384
+/* workaround to detect older Gecko SDK version 3 */
+#if !defined(WOLFSSL_SILABS_SE_ACCEL_3) && !defined(SL_SE_PRF_HMAC_SHA1)
+ /* Use streaming instead of new multipart */
+ #define WOLFSSL_SILABS_SE_ACCEL_3
#endif
-#if defined(SL_SE_HASH_SHA512) && !defined(NO_SHA384)
-#define WOLFSSL_SILABS_SHA512
+/* Enable SHA2-2384 and SHA2-512 if HW supports and enabled */
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+ #ifdef WOLFSSL_SHA384
+ #define WOLFSSL_SILABS_SHA384
+ #endif
+ #ifdef WOLFSSL_SHA512
+ #define WOLFSSL_SILABS_SHA512
+ #endif
#endif
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+/* Gecko SDK v3 uses "streaming" interface */
typedef struct {
- sl_se_hash_streaming_context_t hash_ctx;
- sl_se_command_context_t cmd_ctx;
- union hash_type_ctx_u {
- sl_se_sha1_streaming_context_t sha1_ctx;
- sl_se_sha224_streaming_context_t sha224_ctx;
- sl_se_sha256_streaming_context_t sha256_ctx;
-#ifdef WOLFSSL_SILABS_SHA384
- sl_se_sha384_streaming_context_t sha384_ctx;
-#endif
-#ifdef WOLFSSL_SILABS_SHA512
- sl_se_sha512_streaming_context_t sha512_ctx;
-#endif
- } hash_type_ctx;
+ sl_se_hash_streaming_context_t hash_ctx;
+ sl_se_command_context_t cmd_ctx;
+ union hash_type_ctx_u {
+ sl_se_sha1_streaming_context_t sha1_ctx;
+ sl_se_sha224_streaming_context_t sha224_ctx;
+ sl_se_sha256_streaming_context_t sha256_ctx;
+ #ifdef WOLFSSL_SILABS_SHA384
+ sl_se_sha384_streaming_context_t sha384_ctx;
+ #endif
+ #ifdef WOLFSSL_SILABS_SHA512
+ sl_se_sha512_streaming_context_t sha512_ctx;
+ #endif
+ } hash_type_ctx;
+} wc_silabs_sha_t;
+#else
+/* Gecko SDK v4 or later uses "multipart" interface */
+typedef struct {
+ sl_se_command_context_t cmd_ctx;
+ union hash_type_ctx_u {
+ sl_se_sha1_multipart_context_t sha1_ctx;
+ sl_se_sha224_multipart_context_t sha224_ctx;
+ sl_se_sha256_multipart_context_t sha256_ctx;
+ #ifdef WOLFSSL_SILABS_SHA384
+ sl_se_sha384_multipart_context_t sha384_ctx;
+ #endif
+ #ifdef WOLFSSL_SILABS_SHA512
+ sl_se_sha512_multipart_context_t sha512_ctx;
+ #endif
+ } hash_type_ctx;
} wc_silabs_sha_t;
+#endif
-int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type);
-int wc_silabs_se_hash_update (wc_silabs_sha_t* sha, const byte* data, word32 len);
-int wc_silabs_se_hash_final (wc_silabs_sha_t* sha, byte* hash);
+int wc_silabs_se_hash_init(wc_silabs_sha_t* sha, enum wc_HashType type);
+int wc_silabs_se_hash_update(wc_silabs_sha_t* sha, const byte* data,
+ word32 len);
+int wc_silabs_se_hash_final(wc_silabs_sha_t* sha, byte* hash, word32 len);
-#endif /* defined(WOLFSSL_SILABS_SE_ACCEL) */
+#endif /* WOLFSSL_SILABS_SE_ACCEL */
#endif /* _SILABS_HASH_H_ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h
index 1bcb7749..44666304 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h
@@ -131,9 +131,13 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
#define STM32_CRYPTO_AES_GCM
#endif
- #if defined(WOLFSSL_STM32WB)
+ #if defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32WL)
#define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
- #define CRYP AES1
+ #ifdef WOLFSSL_STM32WB
+ #define CRYP AES1
+ #else
+ #define CRYP AES
+ #endif
#define STM32_HAL_V2
#endif
#if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
@@ -168,9 +172,11 @@ int wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
struct Aes;
#ifdef WOLFSSL_STM32_CUBEMX
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_HandleTypeDef* hcryp);
+ void wc_Stm32_Aes_Cleanup(void);
#else /* Standard Peripheral Library */
int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_InitTypeDef* cryptInit,
CRYP_KeyInitTypeDef* keyInit);
+ void wc_Stm32_Aes_Cleanup(void);
#endif /* WOLFSSL_STM32_CUBEMX */
#endif /* !NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h
index a9fb8bc2..c2379060 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h
@@ -27,7 +27,7 @@
#include <config.h>
#endif
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
#if defined(WOLFSSL_TI_CRYPT) || defined(WOLFSSL_TI_HASH)
@@ -37,8 +37,8 @@ int wolfSSL_TI_CCMInit(void) ;
void wolfSSL_TI_lockCCM(void) ;
void wolfSSL_TI_unlockCCM(void) ;
#else
-#define wolfSSL_TI_lockCCM()
-#define wolfSSL_TI_unlockCCM()
+#define wolfSSL_TI_lockCCM() WC_DO_NOTHING
+#define wolfSSL_TI_unlockCCM() WC_DO_NOTHING
#endif
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h
index 1cb35183..41203c2b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h
@@ -37,8 +37,8 @@ extern "C" {
#define XIL_CAST_U64(v) ((u64)(UINTPTR)(v))
#ifdef XSECURE_CACHE_DISABLE
-#define WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(p, l) do{}while(0)
-#define WOLFSSL_XIL_DCACHE_FLUSH_RANGE(p, l) do{}while(0)
+#define WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(p, l) WC_DO_NOTHING
+#define WOLFSSL_XIL_DCACHE_FLUSH_RANGE(p, l) WC_DO_NOTHING
#else
#define WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(p, l) \
do{ Xil_DCacheInvalidateRange((p), (l)); }while(0)
@@ -51,7 +51,7 @@ extern "C" {
#include <unistd.h>
#define WOLFSSL_XIL_SLEEP(n) do{ sleep(n); }while(0)
#else
-#define WOLFSSL_XIL_SLEEP(n) do{}while(0)
+#define WOLFSSL_XIL_SLEEP(n) WC_DO_NOTHING
#endif
/* Provide our own message macro since the Versal PLM maybe
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
index b7d75884..8cd599bd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
@@ -35,12 +35,6 @@
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
-/* included for fips @wc_fips */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-#include <cyassl/ctaocrypt/random.h>
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h
index a904c8a6..acdc3bb7 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h
@@ -63,17 +63,9 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
#include "user_rsa.h"
#else
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* for fips @wc_fips */
-#include <cyassl/ctaocrypt/rsa.h>
-#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
- #define WOLFSSL_KEY_GEN
-#endif
-#else
- #include <wolfssl/wolfcrypt/wolfmath.h>
- #include <wolfssl/wolfcrypt/random.h>
-#endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */
+#include <wolfssl/wolfcrypt/wolfmath.h>
+#include <wolfssl/wolfcrypt/random.h>
+
#if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
#include <wolfssl/wolfcrypt/fips.h>
@@ -102,6 +94,10 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ #include <wolfssl/wolfcrypt/port/renesas/renesas-fspsm-crypt.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -213,6 +209,7 @@ struct RsaKey {
byte keyIdSet;
#endif
#ifdef WOLF_CRYPTO_CB
+ void* devCtx;
int devId;
#endif
#if defined(HAVE_PKCS11)
@@ -263,6 +260,9 @@ struct RsaKey {
#if defined(WOLFSSL_DEVCRYPTO_RSA)
WC_CRYPTODEV ctx;
#endif
+#if defined(WOLFSSL_RENESAS_FSPSM)
+ FSPSM_RSA_CTX ctx;
+#endif
};
#ifndef WC_RSAKEY_TYPE_DEFINED
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
index 47e3b736..5eacd6c8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
@@ -224,7 +224,7 @@
/* #define WOLFSSL_ESPIDF */
/* Uncomment next line if using Espressif ESP32-WROOM-32 */
-/* #define WOLFSSL_ESPWROOM32 */
+/* #define WOLFSSL_ESP32 */
/* Uncomment next line if using Espressif ESP32-WROOM-32SE */
/* #define WOLFSSL_ESPWROOM32SE */
@@ -297,7 +297,11 @@
#if FIPS_VERSION_LT(2,0)
#define WC_RNG RNG
#else
- #ifndef WOLFSSL_STM32L4
+ /* RNG needs to be defined to WC_RNG anytime another library on the
+ * system or other set of headers included by wolfSSL already defines
+ * RNG. Examples are:
+ * wolfEngine, wolfProvider and potentially other use-cases */
+ #ifndef RNG
#define RNG WC_RNG
#endif
#endif
@@ -312,6 +316,45 @@
#endif
#endif
+/* OpenSSL compat layer */
+#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_COEXIST)
+#undef WOLFSSL_ALWAYS_VERIFY_CB
+#define WOLFSSL_ALWAYS_VERIFY_CB
+
+#undef WOLFSSL_VERIFY_CB_ALL_CERTS
+#define WOLFSSL_VERIFY_CB_ALL_CERTS
+
+#undef WOLFSSL_EXTRA_ALERTS
+#define WOLFSSL_EXTRA_ALERTS
+
+#undef HAVE_EXT_CACHE
+#define HAVE_EXT_CACHE
+
+#undef WOLFSSL_FORCE_CACHE_ON_TICKET
+#define WOLFSSL_FORCE_CACHE_ON_TICKET
+
+#undef WOLFSSL_AKID_NAME
+#define WOLFSSL_AKID_NAME
+
+#undef HAVE_CTS
+#define HAVE_CTS
+
+#undef WOLFSSL_SESSION_ID_CTX
+#define WOLFSSL_SESSION_ID_CTX
+#endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */
+
+/* Special small OpenSSL compat layer for certs */
+#ifdef OPENSSL_EXTRA_X509_SMALL
+#undef WOLFSSL_EKU_OID
+#define WOLFSSL_EKU_OID
+
+#undef WOLFSSL_MULTI_ATTRIB
+#define WOLFSSL_MULTI_ATTRIB
+
+#undef WOLFSSL_NO_OPENSSL_RAND_CB
+#define WOLFSSL_NO_OPENSSL_RAND_CB
+#endif /* OPENSSL_EXTRA_X509_SMALL */
+
#if defined(_WIN32) && !defined(_M_X64) && \
defined(HAVE_AESGCM) && defined(WOLFSSL_AESNI)
@@ -339,41 +382,108 @@
#endif
#if defined(WOLFSSL_ESPIDF)
- #define FREERTOS
- #define WOLFSSL_LWIP
- #define NO_WRITEV
#define SIZEOF_LONG_LONG 8
- #define NO_WOLFSSL_DIR
- #define WOLFSSL_NO_CURRDIR
+ #ifndef NO_ESPIDF_DEFAULT
+ #define FREERTOS
+ #define WOLFSSL_LWIP
+ #define NO_WRITEV
+ #define NO_WOLFSSL_DIR
+ #define WOLFSSL_NO_CURRDIR
- #define TFM_TIMING_RESISTANT
- #define ECC_TIMING_RESISTANT
- #define WC_RSA_BLINDING
+ #define TFM_TIMING_RESISTANT
+ #define ECC_TIMING_RESISTANT
+ #define WC_RSA_BLINDING
+ #define WC_NO_CACHE_RESISTANT
+ #endif /* !WOLFSSL_ESPIDF_NO_DEFAULT */
+
+#if defined(WOLFSSL_ESPWROOM32)
+ /* WOLFSSL_ESPWROOM32 is a legacy macro gate.
+ ** Not be be confused with WOLFSSL_ESPWROOM32SE, naming a specific board */
+ #undef WOLFSSL_ESP32
+ #define WOLFSSL_ESP32
+#endif
+
+#if defined(NO_ESP32WROOM32_CRYPT)
+ #undef NO_ESP32WROOM32_CRYPT
+ #define NO_ESP32_CRYPT
+ #error "Please use NO_ESP32_CRYPT not NO_ESP32WROOM32_CRYPT"
+#endif
+
+#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+ #undef NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
+ #define NO_WOLFSSL_ESP32_CRYPT_HASH
+ #error "Please use NO_WOLFSSL_ESP32_CRYPT_HASH not NO_ESP32WROOM32_CRYPT"
+#endif
+
+#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+ #undef NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
+ #define NO_WOLFSSL_ESP32_CRYPT_AES
+ #error "Please use NO_WOLFSSL_ESP32_CRYPT_AES" \
+ " not " "NO_WOLFSSL_ESP32WROOM32_CRYPT_AES"
+#endif
-#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
- #ifndef NO_ESP32WROOM32_CRYPT
- #define WOLFSSL_ESP32WROOM32_CRYPT
+#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
+ #undef NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+ #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+ #error "Please use NO_WOLFSSL_ESP32_CRYPT_RSA_PRI" \
+ " not " "NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI"
+#endif
+
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+ #ifndef NO_ESP32_CRYPT
+ #define WOLFSSL_ESP32_CRYPT
#if defined(ESP32_USE_RSA_PRIMITIVE) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
- #define WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+ !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+ #define WOLFSSL_ESP32_CRYPT_RSA_PRI
#define WOLFSSL_SMALL_STACK
#endif
- #endif
-#endif
+ #endif
+
+ #if defined(WOLFSSL_SP_RISCV32)
+ #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+ defined(CONFIG_IDF_TARGET_ESP32C3) || \
+ defined(CONFIG_IDF_TARGET_ESP32C6)
+ /* ok, only the known C2, C3, C6 chips allowed */
+ #else
+ #error "WOLFSSL_SP_RISCV32 can only be used on RISC-V architecture"
+ #endif
+ #endif
+ #if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+ /* SM settings */
+ #undef WOLFSSL_BASE16
+ #define WOLFSSL_BASE16 /* required for WOLFSSL_SM2 */
+
+ #undef WOLFSSL_SM4_ECB
+ #define WOLFSSL_SM4_ECB
+
+ #undef WOLFSSL_SM4_CBC
+ #define WOLFSSL_SM4_CBC
+
+ #undef WOLFSSL_SM4_CTR
+ #define WOLFSSL_SM4_CTR
+
+ #undef WOLFSSL_SM4_GCM
+ #define WOLFSSL_SM4_GCM
+
+ #undef WOLFSSL_SM4_CCM
+ #define WOLFSSL_SM4_CCM
+
+ #undef HAVE_POLY1305
+ #define HAVE_POLY1305
+
+ #undef HAVE_CHACHA
+ #define HAVE_CHACHA
+
+ #undef HAVE_AESGCM
+ #define HAVE_AESGCM
+ #endif /* SM */
+#endif /* defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE) */
#endif /* WOLFSSL_ESPIDF */
-#if defined(WOLFCRYPT_ONLY)
- #undef WOLFSSL_RENESAS_TSIP
-#endif /* WOLFCRYPT_ONLY */
#if defined(WOLFSSL_RENESAS_TSIP)
#define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE 64
#define TSIP_TLS_MASTERSECRET_SIZE 80 /* 20 words */
#define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in byte */
- #if !defined(NO_RENESAS_TSIP_CRYPT) && defined(WOLFSSL_RENESAS_RX65N)
- #define WOLFSSL_RENESAS_TSIP_CRYPT
- #define WOLFSSL_RENESAS_TSIP_TLS
- #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
- #endif
#endif /* WOLFSSL_RENESAS_TSIP */
#if !defined(WOLFSSL_NO_HASH_RAW) && defined(WOLFSSL_RENESAS_RX64_HASH)
@@ -382,15 +492,15 @@
#endif
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
- #define SCE_TLS_MASTERSECRET_SIZE 80 /* 20 words */
+ #define FSPSM_TLS_MASTERSECRET_SIZE 80 /* 20 words */
#define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE 64
- #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in bytes */
- #define SCE_TLS_CLIENTRANDOM_SZ 36 /* in bytes */
- #define SCE_TLS_SERVERRANDOM_SZ 36 /* in bytes */
- #define SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ 96 /* in bytes */
+ #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in bytes */
+ #define FSPSM_TLS_CLIENTRANDOM_SZ 36 /* in bytes */
+ #define FSPSM_TLS_SERVERRANDOM_SZ 36 /* in bytes */
+ #define FSPSM_TLS_ENCRYPTED_ECCPUBKEY_SZ 96 /* in bytes */
- #define WOLFSSL_RENESAS_SCEPROTECT_ECC
- #if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
+ #define WOLFSSL_RENESAS_FSPSM_ECC
+ #if defined(WOLFSSL_RENESAS_FSPSM_ECC)
#define HAVE_PK_CALLBACKS
/* #define DEBUG_PK_CB */
#endif
@@ -559,8 +669,8 @@
#ifdef WOLFSSL_PICOTCP_DEMO
#define WOLFSSL_STM32
#define TFM_TIMING_RESISTANT
- #define XMALLOC(s, h, type) PICO_ZALLOC((s))
- #define XFREE(p, h, type) PICO_FREE((p))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), PICO_ZALLOC((s)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), PICO_FREE((p)))
#define SINGLE_THREADED
#define NO_WRITEV
#define WOLFSSL_USER_IO
@@ -747,9 +857,9 @@ extern void *uITRON4_malloc(size_t sz) ;
extern void *uITRON4_realloc(void *p, size_t sz) ;
extern void uITRON4_free(void *p) ;
-#define XMALLOC(sz, heap, type) uITRON4_malloc(sz)
-#define XREALLOC(p, sz, heap, type) uITRON4_realloc(p, sz)
-#define XFREE(p, heap, type) uITRON4_free(p)
+#define XMALLOC(sz, heap, type) ((void)(heap), (void)(type), uITRON4_malloc(sz))
+#define XREALLOC(p, sz, heap, type) ((void)(heap), (void)(type), uITRON4_realloc(p, sz))
+#define XFREE(p, heap, type) ((void)(heap), (void)(type), uITRON4_free(p))
#endif
#if defined(WOLFSSL_uTKERNEL2)
@@ -759,9 +869,9 @@ extern void uITRON4_free(void *p) ;
void* uTKernel_malloc(unsigned int sz);
void* uTKernel_realloc(void *p, unsigned int sz);
void uTKernel_free(void *p);
- #define XMALLOC(s, h, type) uTKernel_malloc((s))
- #define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n))
- #define XFREE(p, h, type) uTKernel_free((p))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), uTKernel_malloc((s)))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), uTKernel_realloc((p), (n)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), uTKernel_free((p)))
#endif
#ifndef NO_STDIO_FGETS_REMAP
@@ -791,9 +901,9 @@ extern void uITRON4_free(void *p) ;
#if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER) && \
!defined(NO_WOLFSSL_MEMORY)
#include <stdlib.h>
- #define XMALLOC(s, h, type) malloc((s))
- #define XFREE(p, h, type) free((p))
- #define XREALLOC(p, n, h, t) realloc((p), (n))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), malloc((s)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), free((p)))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n)))
#endif
#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
@@ -812,16 +922,16 @@ extern void uITRON4_free(void *p) ;
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
!defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFSSL_TRACK_MEMORY)
- #define XMALLOC(s, h, type) pvPortMalloc((s))
- #define XFREE(p, h, type) vPortFree((p))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), pvPortMalloc((s)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), vPortFree((p)))
#if defined(WOLFSSL_ESPIDF)
/* In IDF, realloc(p, n) is equivalent to
* heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */
- #define XREALLOC(p, n, h, t) realloc((p), (n))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n)))
/* FreeRTOS pvPortRealloc() implementation can be found here:
* https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
#elif defined(USE_INTEGER_HEAP_MATH) || defined(OPENSSL_EXTRA)
- #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
#endif
#endif
@@ -918,7 +1028,7 @@ extern void uITRON4_free(void *p) ;
#define SINGLE_THREADED
#endif
- #if (RTPLATFORM)
+ #if (defined(RTPLATFORM) && (RTPLATFORM != 0))
#if (!RTP_LITTLE_ENDIAN)
#define BIG_ENDIAN_ORDER
#endif
@@ -937,9 +1047,13 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
- #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
- #define XFREE(p, h, type) (rtp_free(p))
- #define XREALLOC(p, n, h, t) (rtp_realloc((p), (n)))
+ #if (WINMSP3)
+ #define strtok_r strtok_s
+ #endif
+
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), ((void *)rtp_malloc((s), SSL_PRO_MALLOC)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), rtp_free(p))
+ #define XREALLOC(p, n, h, t) ((void)(h), rtp_realloc((p), (n), (t)))
#if (WINMSP3)
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
@@ -999,14 +1113,14 @@ extern void uITRON4_free(void *p) ;
#endif
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
!defined(WOLFSSL_STATIC_MEMORY)
- #define XMALLOC(s, h, type) pvPortMalloc((s))
- #define XFREE(p, h, type) vPortFree((p))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), pvPortMalloc((s)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), vPortFree((p)))
/* FreeRTOS pvPortRealloc() implementation can be found here:
https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
#if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \
defined(HAVE_ED448)
- #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
#endif
#endif
#endif
@@ -1062,8 +1176,8 @@ extern void uITRON4_free(void *p) ;
#if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
#define XMALLOC_OVERRIDE
- #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
- #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
+ #define XMALLOC(s, h, t) ((void)(h), (void)(t), (void *)_mem_alloc_system((s)))
+ #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#endif
#ifdef USE_FAST_MATH
@@ -1093,8 +1207,8 @@ extern void uITRON4_free(void *p) ;
#include <mutex.h>
#endif
- #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
- #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
+ #define XMALLOC(s, h, t) ((void)(h), (void)(t), (void *)_mem_alloc_system((s)))
+ #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));}
#define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */
#define MQX_FILE_PTR FILE *
@@ -1107,8 +1221,8 @@ extern void uITRON4_free(void *p) ;
#define WOLFSSL_CRYPT_HW_MUTEX 1
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY)
- #define XMALLOC(s, h, type) pvPortMalloc((s))
- #define XFREE(p, h, type) vPortFree((p))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), pvPortMalloc((s)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), vPortFree((p)))
#endif
/* #define USER_TICKS */
@@ -1363,7 +1477,7 @@ extern void uITRON4_free(void *p) ;
defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) || \
defined(WOLFSSL_STM32G0) || defined(WOLFSSL_STM32U5) || \
- defined(WOLFSSL_STM32H5)
+ defined(WOLFSSL_STM32H5) || defined(WOLFSSL_STM32WL)
#define SIZEOF_LONG_LONG 8
#ifndef CHAR_BIT
@@ -1383,7 +1497,8 @@ extern void uITRON4_free(void *p) ;
#define STM32_CRYPTO
#if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
- defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32U5)
+ defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32U5) || \
+ defined(WOLFSSL_STM32WL)
#define NO_AES_192 /* hardware does not support 192-bit */
#endif
#endif
@@ -1414,6 +1529,8 @@ extern void uITRON4_free(void *p) ;
#include "stm32h7xx_hal.h"
#elif defined(WOLFSSL_STM32WB)
#include "stm32wbxx_hal.h"
+ #elif defined(WOLFSSL_STM32WL)
+ #include "stm32wlxx_hal.h"
#elif defined(WOLFSSL_STM32G0)
#include "stm32g0xx_hal.h"
#elif defined(WOLFSSL_STM32U5)
@@ -1428,6 +1545,11 @@ extern void uITRON4_free(void *p) ;
#ifndef STM32_HAL_TIMEOUT
#define STM32_HAL_TIMEOUT 0xFF
#endif
+
+ #if defined(WOLFSSL_STM32_PKA) && !defined(WOLFSSL_SP_INT_NEGATIVE)
+ /* enable the negative support for abs(a) |a| */
+ #define WOLFSSL_SP_INT_NEGATIVE
+ #endif
#else
#if defined(WOLFSSL_STM32F2)
#include "stm32f2xx.h"
@@ -1524,6 +1646,7 @@ extern void uITRON4_free(void *p) ;
#ifdef MICRIUM
#include <stdlib.h>
#include <os.h>
+ #include <app_cfg.h>
#if defined(RTOS_MODULE_NET_AVAIL) || (APP_CFG_TCPIP_EN == DEF_ENABLED)
#include <net_cfg.h>
#include <net_sock.h>
@@ -1761,9 +1884,9 @@ extern void uITRON4_free(void *p) ;
#define NO_SESSION_CACHE
#define NO_ERROR_STRINGS
#define XMALLOC_USER
- #define XMALLOC(sz, heap, type) os_malloc(sz)
- #define XREALLOC(p, sz, heap, type) os_realloc(p, sz)
- #define XFREE(p, heap, type) os_free(p)
+ #define XMALLOC(sz, heap, type) ((void)(heap), (void)(type), os_malloc(sz))
+ #define XREALLOC(p, sz, heap, type) ((void)(heap), (void)(type), os_realloc(p, sz))
+ #define XFREE(p, heap, type) ((void)(heap), (void)(type), os_free(p))
#endif /*(WOLFSSL_APACHE_MYNEWT)*/
@@ -1876,11 +1999,13 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
-#ifdef _MSC_VER
- #ifndef HAVE_SSIZE_T
- #include <BaseTsd.h>
- typedef SSIZE_T ssize_t;
- #endif
+#if defined(NO_WC_SSIZE_TYPE) || defined(ssize_t)
+ /* ssize_t comes from system headers or user_settings.h */
+#elif defined(WC_SSIZE_TYPE)
+ typedef WC_SSIZE_TYPE ssize_t;
+#elif defined(_MSC_VER)
+ #include <BaseTsd.h>
+ typedef SSIZE_T ssize_t;
#endif
/* If DCP is used without SINGLE_THREADED, enforce WOLFSSL_CRYPT_HW_MUTEX */
@@ -1899,9 +2024,9 @@ extern void uITRON4_free(void *p) ;
#include "RTOS.h"
#if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
!defined(WOLFSSL_STATIC_MEMORY)
- #define XMALLOC(s, h, type) OS_HEAP_malloc((s))
- #define XFREE(p, h, type) OS_HEAP_free((p))
- #define XREALLOC(p, n, h, t) OS_HEAP_realloc(((p), (n))
+ #define XMALLOC(s, h, type) ((void)(h), (void)(type), OS_HEAP_malloc((s)))
+ #define XFREE(p, h, type) ((void)(h), (void)(type), OS_HEAP_free((p)))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), OS_HEAP_realloc(((p), (n)))
#endif
#endif
@@ -2014,8 +2139,6 @@ extern void uITRON4_free(void *p) ;
#pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
#endif
-
-
/* ---------------------------------------------------------------------------
* Math Library Selection (in order of preference)
* ---------------------------------------------------------------------------
@@ -2027,17 +2150,22 @@ extern void uITRON4_free(void *p) ;
* Constant time: Always
* Enable: WOLFSSL_SP_MATH_ALL
*/
+ #undef USE_FAST_MATH
+ #undef USE_INTEGER_HEAP_MATH
#elif defined(WOLFSSL_SP_MATH)
/* 2) SP Math with restricted key sizes: wolfSSL proprietary math
* implementation (sp_*.c).
* Constant time: Always
* Enable: WOLFSSL_SP_MATH
*/
+ #undef USE_FAST_MATH
+ #undef USE_INTEGER_HEAP_MATH
#elif defined(USE_FAST_MATH)
/* 3) Tom's Fast Math: Stack based (tfm.c)
* Constant time: Only with TFM_TIMING_RESISTANT
* Enable: USE_FAST_MATH
*/
+ #undef USE_INTEGER_HEAP_MATH
#elif defined(USE_INTEGER_HEAP_MATH)
/* 4) Integer Heap Math: Heap based (integer.c)
* Constant time: Not supported
@@ -2078,6 +2206,9 @@ extern void uITRON4_free(void *p) ;
#ifdef WOLFSSL_SP_MATH
/* for single precision math only make sure the enabled key sizes are
* included in the ECC curve table */
+ #if defined(WOLFSSL_SP_NO_256) && !defined(NO_ECC256)
+ #define NO_ECC256
+ #endif
#if defined(WOLFSSL_SP_384) && !defined(HAVE_ECC384)
#define HAVE_ECC384
#endif
@@ -2184,8 +2315,15 @@ extern void uITRON4_free(void *p) ;
/* Ed25519 Configs */
#ifdef HAVE_ED25519
- /* By default enable sign, verify, key export and import */
+ /* By default enable make key, sign, verify, key export and import */
+ #ifndef NO_ED25519_MAKE_KEY
+ #undef HAVE_ED25519_MAKE_KEY
+ #define HAVE_ED25519_MAKE_KEY
+ #endif
#ifndef NO_ED25519_SIGN
+ #ifndef HAVE_ED25519_MAKE_KEY
+ #error "Need HAVE_ED25519_MAKE_KEY with HAVE_ED25519_SIGN"
+ #endif
#undef HAVE_ED25519_SIGN
#define HAVE_ED25519_SIGN
#endif
@@ -2421,6 +2559,7 @@ extern void uITRON4_free(void *p) ;
/* Asynchronous Crypto */
#ifdef WOLFSSL_ASYNC_CRYPT
#if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
+ !defined(WOLF_CRYPTO_CB) && !defined(HAVE_PK_CALLBACKS) && \
!defined(WOLFSSL_ASYNC_CRYPT_SW)
#error No async backend defined with WOLFSSL_ASYNC_CRYPT!
#endif
@@ -2602,6 +2741,11 @@ extern void uITRON4_free(void *p) ;
#endif
#endif
+/* Make sure setting OPENSSL_ALL also sets OPENSSL_EXTRA. */
+#if defined(OPENSSL_ALL) && !defined(OPENSSL_EXTRA)
+ #define OPENSSL_EXTRA
+#endif
+
#ifdef HAVE_SNI
#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
#endif
@@ -2848,6 +2992,12 @@ extern void uITRON4_free(void *p) ;
#error Small stack cannot be used with no malloc (WOLFSSL_NO_MALLOC)
#endif
+/* If malloc is disabled make sure it is also disabled in SP math */
+#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_SP_NO_MALLOC) && \
+ (defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL))
+ #define WOLFSSL_SP_NO_MALLOC
+#endif
+
/* Enable DH Extra for QT, openssl all, openssh and static ephemeral */
/* Allows export/import of DH key and params as DER */
#if !defined(NO_DH) && !defined(WOLFSSL_DH_EXTRA) && \
@@ -2922,7 +3072,9 @@ extern void uITRON4_free(void *p) ;
#define HAVE_PQC
#define HAVE_FALCON
#define HAVE_DILITHIUM
-#define HAVE_SPHINCS
+#ifndef WOLFSSL_NO_SPHINCS
+ #define HAVE_SPHINCS
+#endif
#ifndef WOLFSSL_HAVE_KYBER
#define WOLFSSL_HAVE_KYBER
#define WOLFSSL_KYBER512
@@ -2948,6 +3100,15 @@ extern void uITRON4_free(void *p) ;
#error Please do not define both HAVE_LIBOQS and HAVE_PQM4.
#endif
+#if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \
+ !defined(WOLFSSL_DTLS_CH_FRAG)
+#warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \
+ "fail.Use --enable-dtls-frag-ch to enable it."
+#endif
+#if !defined(WOLFSSL_DTLS13) && defined(WOLFSSL_DTLS_CH_FRAG)
+#error "WOLFSSL_DTLS_CH_FRAG only works with DTLS 1.3"
+#endif
+
/* SRTP requires DTLS */
#if defined(WOLFSSL_SRTP) && !defined(WOLFSSL_DTLS)
#error The SRTP extension requires DTLS
@@ -2990,6 +3151,10 @@ extern void uITRON4_free(void *p) ;
#error "ConnectionID is supported for DTLSv1.3 only"
#endif
+#if defined(WOLFSSL_QUIC) && defined(WOLFSSL_CALLBACKS)
+ #error WOLFSSL_QUIC is incompatible with WOLFSSL_CALLBACKS.
+#endif
+
/* RSA Key Checking is disabled by default unless WOLFSSL_RSA_KEY_CHECK is
* defined or FIPS v2 3389, FIPS v5 or later.
* Not allowed for:
@@ -3065,11 +3230,6 @@ extern void uITRON4_free(void *p) ;
/* Turning off WOLFSSL_SYS_CA_CERTS b/c NO_CERTS is defined */
#undef WOLFSSL_SYS_CA_CERTS
#endif
-
- #if defined(__APPLE__) && !defined(HAVE_SECURITY_SECTRUSTSETTINGS_H)
- /* Turning off WOLFSSL_SYS_CA_CERTS b/c no Security/SecTrustSettings.h header */
- #undef WOLFSSL_SYS_CA_CERTS
- #endif
#endif /* WOLFSSL_SYS_CA_CERTS */
#if defined(SESSION_CACHE_DYNAMIC_MEM) && defined(PERSIST_SESSION_CACHE)
@@ -3093,6 +3253,7 @@ extern void uITRON4_free(void *p) ;
/* Ciphersuite check done in internal.h */
#endif
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
index 1b181f52..65cc60ec 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
@@ -36,18 +36,6 @@
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-#define wc_Sha Sha
-#define WC_SHA SHA
-#define WC_SHA_BLOCK_SIZE SHA_BLOCK_SIZE
-#define WC_SHA_DIGEST_SIZE SHA_DIGEST_SIZE
-#define WC_SHA_PAD_SIZE SHA_PAD_SIZE
-
-/* for fips @wc_fips */
-#include <cyassl/ctaocrypt/sha.h>
-#endif
-
#ifdef FREESCALE_LTC_SHA
#include "fsl_ltc.h"
#endif
@@ -78,7 +66,7 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT
+#ifdef WOLFSSL_ESP32_CRYPT
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#endif
#if defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -110,11 +98,15 @@ enum {
#elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
#include "wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h"
#elif defined(WOLFSSL_RENESAS_RX64_HASH)
#include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
#else
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
@@ -173,8 +165,8 @@ struct wc_Sha {
word32 len;
#endif
#endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
WC_ESP32SHA ctx;
#endif
#ifdef WOLFSSL_HASH_FLAGS
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
index 51a91a05..454290c4 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
@@ -37,26 +37,6 @@
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- #define wc_Sha256 Sha256
- #define WC_SHA256 SHA256
- #define WC_SHA256_BLOCK_SIZE SHA256_BLOCK_SIZE
- #define WC_SHA256_DIGEST_SIZE SHA256_DIGEST_SIZE
- #define WC_SHA256_PAD_SIZE SHA256_PAD_SIZE
-
- #ifdef WOLFSSL_SHA224
- #define wc_Sha224 Sha224
- #define WC_SHA224 SHA224
- #define WC_SHA224_BLOCK_SIZE SHA224_BLOCK_SIZE
- #define WC_SHA224_DIGEST_SIZE SHA224_DIGEST_SIZE
- #define WC_SHA224_PAD_SIZE SHA224_PAD_SIZE
- #endif
-
- /* for fips @wc_fips */
- #include <cyassl/ctaocrypt/sha256.h>
-#endif
-
#ifdef FREESCALE_LTC_SHA
#include "fsl_ltc.h"
#endif
@@ -97,7 +77,7 @@
#if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH)
#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
#endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
+#if defined(WOLFSSL_ESP32_CRYPT)
#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
#endif
#if defined(WOLFSSL_CRYPTOCELL)
@@ -150,13 +130,14 @@ enum {
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
#elif defined(WOLFSSL_AFALG_HASH)
#include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h"
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+ defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
#include "wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h"
#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
- defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
- !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
- #include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
+ defined(WOLFSSL_RENESAS_RSIP)) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
#elif defined(WOLFSSL_RENESAS_RX64_HASH)
#include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
#else
@@ -169,6 +150,11 @@ enum {
#include <wolfssl/wolfcrypt/port/maxim/maxq10xx.h>
#endif
+#ifdef HAVE_ARIA
+ #include "mcapi.h"
+ #include "mcapi_error.h"
+#endif
+
/* wc_Sha256 digest */
struct wc_Sha256 {
#ifdef FREESCALE_LTC_SHA
@@ -214,8 +200,10 @@ struct wc_Sha256 {
word32 used;
word32 len;
#endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
WC_ESP32SHA ctx;
#endif
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
@@ -235,6 +223,9 @@ struct wc_Sha256 {
caam_hash_ctx_t ctx;
caam_handle_t hndl;
#endif
+#ifdef HAVE_ARIA
+ MC_HSESSION hSession;
+#endif
#ifdef WOLFSSL_HASH_FLAGS
word32 flags; /* enum wc_HashFlags in hash.h */
#endif
@@ -329,4 +320,3 @@ WOLFSSL_API int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst);
#endif /* NO_SHA256 */
#endif /* WOLF_CRYPT_SHA256_H */
-
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h
index 07411b01..1c943d94 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h
@@ -37,33 +37,6 @@
#include <wolfssl/wolfcrypt/fips.h>
#endif /* HAVE_FIPS_VERSION >= 2 */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- #ifdef WOLFSSL_SHA512
- #define wc_Sha512 Sha512
- #define WC_SHA512 SHA512
- #define WC_SHA512_BLOCK_SIZE SHA512_BLOCK_SIZE
- #define WC_SHA512_DIGEST_SIZE SHA512_DIGEST_SIZE
- #define WC_SHA512_PAD_SIZE SHA512_PAD_SIZE
- #define wc_Sha512_224 Sha512_224
- #define wc_Sha512_256 Sha512_256
- #endif /* WOLFSSL_SHA512 */
- #ifdef WOLFSSL_SHA384
- #define wc_Sha384 Sha384
- #define WC_SHA384 SHA384
- #define WC_SHA384_BLOCK_SIZE SHA384_BLOCK_SIZE
- #define WC_SHA384_DIGEST_SIZE SHA384_DIGEST_SIZE
- #define WC_SHA384_PAD_SIZE SHA384_PAD_SIZE
- #endif /* WOLFSSL_SHA384 */
-
- #define CYASSL_SHA512
- #if defined(WOLFSSL_SHA384)
- #define CYASSL_SHA384
- #endif
- /* for fips @wc_fips */
- #include <cyassl/ctaocrypt/sha512.h>
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif
@@ -75,7 +48,7 @@
#ifdef WOLFSSL_ASYNC_CRYPT
#include <wolfssl/wolfcrypt/async.h>
#endif
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT
+#ifdef WOLFSSL_ESP32_CRYPT
#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
#endif
#if defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -146,10 +119,18 @@ enum {
#if defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
#include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+ !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+ #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
+
#else
#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
#include "wolfssl/wolfcrypt/port/nxp/se050_port.h"
#endif
+#ifdef HAVE_ARIA
+ #include "mcapi.h"
+ #include "mcapi_error.h"
+#endif
/* wc_Sha512 digest */
struct wc_Sha512 {
#ifdef WOLFSSL_PSOC6_CRYPTO
@@ -172,8 +153,9 @@ struct wc_Sha512 {
#ifdef WOLFSSL_SMALL_STACK_CACHE
word64* W;
#endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
- !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+ !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
WC_ESP32SHA ctx;
#endif
#if defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -201,6 +183,9 @@ struct wc_Sha512 {
caam_hash_ctx_t ctx;
caam_handle_t hndl;
#endif
+#ifdef HAVE_ARIA
+ MC_HSESSION hSession;
+#endif
#endif /* WOLFSSL_PSOC6_CRYPTO */
};
@@ -218,6 +203,23 @@ struct wc_Sha512 {
#ifdef WOLFSSL_SHA512
+#ifdef WOLFSSL_ARMASM
+#ifdef __aarch64__
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA512
+ void Transform_Sha512_Len_neon(wc_Sha512* sha512, const byte* data,
+ word32 len);
+ #define Transform_Sha512_Len Transform_Sha512_Len_neon
+#else
+ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data,
+ word32 len);
+ #define Transform_Sha512_Len Transform_Sha512_Len_crypto
+#endif
+#else
+extern void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
+ word32 len);
+#endif
+#endif
+
WOLFSSL_API int wc_InitSha512(wc_Sha512* sha);
WOLFSSL_API int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId);
WOLFSSL_API int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len);
@@ -342,4 +344,3 @@ WOLFSSL_API int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst);
#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
#endif /* WOLF_CRYPT_SHA512_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_superclass.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm2.h
index 90a652b2..87167f42 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_superclass.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm2.h
@@ -1,4 +1,4 @@
-/* mpi_superclass.h
+/* sm2.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,9 +19,9 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifdef WOLFSSL_SM2
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
-/* super class file for PK algos */
-
-#include <wolfssl/wolfcrypt/mpi_superclass.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/des.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm3.h
index ac3ec545..2b3fc503 100644
--- a/extra/wolfssl/wolfssl/cyassl/openssl/des.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm3.h
@@ -1,4 +1,4 @@
-/* des.h
+/* sm3.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,10 +19,9 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifdef WOLFSSL_SM3
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
-/* des.h defines mini des openssl compatibility layer
- *
- */
+#endif
-#include <wolfssl/openssl/des.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/hmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm4.h
index 8cbd560f..f3e66cb8 100644
--- a/extra/wolfssl/wolfssl/cyassl/openssl/hmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm4.h
@@ -1,4 +1,4 @@
-/* hmac.h
+/* sm4.h
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
@@ -19,10 +19,9 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+#ifdef WOLFSSL_SM4
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
-/* hmac.h defines mini hamc openssl compatibility layer
- *
- */
+#endif
-#include <wolfssl/openssl/hmac.h>
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h
index 3d44dccf..88e9a069 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h
@@ -24,6 +24,7 @@
#define WOLF_CRYPT_SP_H
#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
defined(WOLFSSL_HAVE_SP_ECC)
@@ -41,7 +42,11 @@
#include <wolfssl/wolfcrypt/wolfmath.h>
#include <wolfssl/wolfcrypt/sp_int.h>
-#include <wolfssl/wolfcrypt/ecc.h>
+#if defined(HAVE_ECC) && defined(WOLFSSL_HAVE_SP_ECC)
+ #include <wolfssl/wolfcrypt/ecc.h>
+#else
+ #undef WOLFSSL_HAVE_SP_ECC
+#endif
#ifdef noinline
#define SP_NOINLINE noinline
@@ -326,6 +331,36 @@ WOLFSSL_LOCAL int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY);
WOLFSSL_LOCAL int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
const mp_int* privm, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_sm2_256(const mp_int* km, const ecc_point* gm,
+ ecc_point* rm, int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_add_sm2_256(const mp_int* km, const ecc_point* gm,
+ const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_base_sm2_256(const mp_int* km, ecc_point* rm,
+ int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_sm2_256(const mp_int* km,
+ const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_make_key_sm2_256(WC_RNG* rng, mp_int* priv,
+ ecc_point* pub, void* heap);
+WOLFSSL_LOCAL int sp_ecc_secret_gen_sm2_256(const mp_int* priv,
+ const ecc_point* pub, byte* out, word32* outlen, void* heap);
+WOLFSSL_LOCAL int sp_ecc_sign_sm2_256(const byte* hash, word32 hashLen,
+ WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km,
+ void* heap);
+WOLFSSL_LOCAL int sp_ecc_verify_sm2_256(const byte* hash, word32 hashLen,
+ const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r,
+ const mp_int* sm, int* res, void* heap);
+WOLFSSL_LOCAL int sp_ecc_is_point_sm2_256(const mp_int* pX, const mp_int* pY);
+WOLFSSL_LOCAL int sp_ecc_check_key_sm2_256(const mp_int* pX, const mp_int* pY,
+ const mp_int* privm, void* heap);
+WOLFSSL_LOCAL int sp_ecc_proj_add_point_sm2_256(mp_int* pX, mp_int* pY,
+ mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY,
+ mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_sm2_256(mp_int* pX, mp_int* pY,
+ mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_map_sm2_256(mp_int* pX, mp_int* pY, mp_int* pZ);
+WOLFSSL_LOCAL int sp_ecc_uncompress_sm2_256(mp_int* xm, int odd, mp_int* ym);
+
#endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2 && !WOLFSSL_SP_ARM[32|64]_ASM */
#ifdef WOLFSSL_SP_NONBLOCK
@@ -366,6 +401,39 @@ WOLFSSL_LOCAL int sp_ecc_verify_521_nb(sp_ecc_ctx_t* ctx, const byte* hash,
const mp_int* r, const mp_int* sm, int* res, void* heap);
#endif /* WOLFSSL_SP_NONBLOCK */
+#ifdef HAVE_ECC_SM2
+
+WOLFSSL_LOCAL int sp_ecc_mulmod_sm2_256(mp_int* km, ecc_point* gm,
+ ecc_point* rm, int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_base_sm2_256(mp_int* km, ecc_point* rm, int map,
+ void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_make_key_sm2_256(WC_RNG* rng, mp_int* priv,
+ ecc_point* pub, void* heap);
+WOLFSSL_LOCAL int sp_ecc_secret_gen_sm2_256(mp_int* priv, ecc_point* pub,
+ byte* out, word32* outlen, void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_sign_sm2_256(const byte* hash, word32 hashLen,
+ WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap);
+WOLFSSL_LOCAL int sp_ecc_verify_sm2_256(const byte* hash, word32 hashLen,
+ mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res,
+ void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_is_point_sm2_256(mp_int* pX, mp_int* pY);
+WOLFSSL_LOCAL int sp_ecc_check_key_sm2_256(mp_int* pX, mp_int* pY,
+ mp_int* privm, void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_proj_add_point_sm2_256(mp_int* pX, mp_int* pY,
+ mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY,
+ mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_sm2_256(mp_int* pX, mp_int* pY,
+ mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_map_sm2_256(mp_int* pX, mp_int* pY, mp_int* pZ);
+WOLFSSL_LOCAL int sp_ecc_uncompress_sm2_256(mp_int* xm, int odd, mp_int* ym);
+
+#endif
+
+
#endif /* WOLFSSL_HAVE_SP_ECC */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h
index 1a9704f8..e768d0cd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h
@@ -37,6 +37,10 @@ This library provides single precision (SP) integer math functions.
extern "C" {
#endif
+#if defined(WOLFSSL_SP_ARM_ARCH) && !defined(WOLFSSL_ARM_ARCH)
+ #define WOLFSSL_ARM_ARCH WOLFSSL_SP_ARM_ARCH
+#endif
+
#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
!defined(WOLFSSL_SP_INT_NEGATIVE)
#define WOLFSSL_SP_INT_NEGATIVE
@@ -174,6 +178,13 @@ extern "C" {
#define WOLFSSL_SP_DIV_WORD_HALF
#endif
+/* Detect Cortex M3 (no UMAAL) */
+#if defined(WOLFSSL_SP_ARM_CORTEX_M_ASM) && defined(__ARM_ARCH_7M__)
+ #undef WOLFSSL_SP_NO_UMAAL
+ #define WOLFSSL_SP_NO_UMAAL
+#endif
+
+
/* Make sure WOLFSSL_SP_ASM build option defined when requested */
#if !defined(WOLFSSL_SP_ASM) && ( \
defined(WOLFSSL_SP_X86_64_ASM) || defined(WOLFSSL_SP_ARM32_ASM) || \
@@ -548,9 +559,9 @@ typedef struct sp_ecc_ctx {
/* No filesystem, no output
* TODO: Use logging API?
*/
- #define sp_print(a, s)
- #define sp_print_digit(a, s)
- #define sp_print_int(a, s)
+ #define sp_print(a, s) WC_DO_NOTHING
+ #define sp_print_digit(a, s) WC_DO_NOTHING
+ #define sp_print_int(a, s) WC_DO_NOTHING
#endif /* !NO_FILESYSTEM */
@@ -656,7 +667,7 @@ typedef struct sp_ecc_ctx {
/* Sets the multi-precision number negative.
*
* Negative support not compiled in, so does nothing. */
-#define sp_setneg(a) do{}while(0)
+#define sp_setneg(a) WC_DO_NOTHING
#else
/* Returns whether multi-precision number is negative.
*
@@ -830,7 +841,7 @@ while (0)
#define NEW_MP_INT_SIZE(name, bits, heap, type) \
XMEMSET(name, 0, MP_INT_SIZEOF(MP_BITS_CNT(bits)))
/* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)
+#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
/* Type to force compiler to not complain about size. */
#define MP_INT_SIZE sp_int_minimal
#endif
@@ -924,6 +935,8 @@ MP_API int sp_init_copy (sp_int* r, const sp_int* a);
MP_API int sp_copy(const sp_int* a, sp_int* r);
MP_API int sp_exch(sp_int* a, sp_int* b);
MP_API int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap);
+MP_API int sp_cond_swap_ct_ex(sp_int* a, sp_int* b, int cnt, int swap,
+ sp_int* t);
#ifdef WOLFSSL_SP_INT_NEGATIVE
MP_API int sp_abs(const sp_int* a, sp_int* r);
@@ -932,6 +945,7 @@ MP_API int sp_abs(const sp_int* a, sp_int* r);
MP_API int sp_cmp_mag(const sp_int* a, const sp_int* b);
#endif
MP_API int sp_cmp(const sp_int* a, const sp_int* b);
+MP_API int sp_cmp_ct(const sp_int* a, const sp_int* b, unsigned int n);
MP_API int sp_is_bit_set(const sp_int* a, unsigned int b);
MP_API int sp_count_bits(const sp_int* a);
@@ -1017,14 +1031,17 @@ MP_API int sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
#if defined(WOLFSSL_SP_MATH_ALL) || defined(OPENSSL_ALL)
MP_API int sp_div_2d(const sp_int* a, int e, sp_int* r, sp_int* rem);
-MP_API int sp_mod_2d(const sp_int* a, int e, sp_int* r);
MP_API int sp_mul_2d(const sp_int* a, int e, sp_int* r);
#endif
+#if defined(WOLFSSL_SP_MATH_ALL) || defined(HAVE_ECC) || defined(OPENSSL_ALL)
+MP_API int sp_mod_2d(const sp_int* a, int e, sp_int* r);
+#endif
MP_API int sp_sqr(const sp_int* a, sp_int* r);
MP_API int sp_sqrmod(const sp_int* a, const sp_int* m, sp_int* r);
-MP_API int sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp);
+MP_API int sp_mont_red_ex(sp_int* a, const sp_int* m, sp_int_digit mp, int ct);
+#define sp_mont_red(a, m, mp) sp_mont_red_ex(a, m, mp, 0)
MP_API int sp_mont_setup(const sp_int* m, sp_int_digit* rho);
MP_API int sp_mont_norm(sp_int* norm, const sp_int* m);
@@ -1032,6 +1049,7 @@ MP_API int sp_unsigned_bin_size(const sp_int* a);
MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz);
MP_API int sp_to_unsigned_bin(const sp_int* a, byte* out);
MP_API int sp_to_unsigned_bin_len(const sp_int* a, byte* out, int outSz);
+MP_API int sp_to_unsigned_bin_len_ct(const sp_int* a, byte* out, int outSz);
#ifdef WOLFSSL_SP_MATH_ALL
MP_API int sp_to_unsigned_bin_at_pos(int o, const sp_int* a,
unsigned char* out);
@@ -1071,7 +1089,8 @@ WOLFSSL_LOCAL void sp_memzero_check(sp_int* sp);
#define mp_div_3(a, r, rem) sp_div_d(a, 3, r, rem)
#define mp_rshb(A,x) sp_rshb(A,x,A)
#define mp_is_bit_set(a,b) sp_is_bit_set(a,(unsigned int)(b))
-#define mp_montgomery_reduce sp_mont_red
+#define mp_montgomery_reduce(a, m, mp) sp_mont_red_ex(a, m, mp, 0)
+#define mp_montgomery_reduce_ct(a, m, mp) sp_mont_red_ex(a, m, mp, 1)
#define mp_montgomery_setup sp_mont_setup
#define mp_montgomery_calc_normalization sp_mont_norm
@@ -1100,8 +1119,10 @@ WOLFSSL_LOCAL void sp_memzero_check(sp_int* sp);
#define mp_init_copy sp_init_copy
#define mp_exch sp_exch
#define mp_cond_swap_ct sp_cond_swap_ct
+#define mp_cond_swap_ct_ex sp_cond_swap_ct_ex
#define mp_cmp_mag sp_cmp_mag
#define mp_cmp sp_cmp
+#define mp_cmp_ct sp_cmp_ct
#define mp_count_bits sp_count_bits
#define mp_cnt_lsb sp_cnt_lsb
#define mp_leading_bit sp_leading_bit
@@ -1144,6 +1165,7 @@ WOLFSSL_LOCAL void sp_memzero_check(sp_int* sp);
#define mp_read_unsigned_bin sp_read_unsigned_bin
#define mp_to_unsigned_bin sp_to_unsigned_bin
#define mp_to_unsigned_bin_len sp_to_unsigned_bin_len
+#define mp_to_unsigned_bin_len_ct sp_to_unsigned_bin_len_ct
#define mp_to_unsigned_bin_at_pos sp_to_unsigned_bin_at_pos
#define mp_read_radix sp_read_radix
#define mp_tohex sp_tohex
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h
index c1f558f9..958d8529 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h
@@ -24,12 +24,12 @@
*/
/* Interfaces for Sphincs:
- * - SPHINCS_FAST_LEVEL1 (AKA SPHINCS+-SHAKE256-128f-simple)
- * - SPHINCS_FAST_LEVEL3 (AKA SPHINCS+-SHAKE256-192f-simple)
- * - SPHINCS_FAST_LEVEL5 (AKA SPHINCS+-SHAKE256-256f-simple)
- * - SPHINCS_SMALL_LEVEL1 (AKA SPHINCS+-SHAKE256-128s-simple)
- * - SPHINCS_SMALL_LEVEL3 (AKA SPHINCS+-SHAKE256-192s-simple)
- * - SPHINCS_SMALL_LEVEL5 (AKA SPHINCS+-SHAKE256-256s-simple)
+ * - SPHINCS_FAST_LEVEL1 (AKA SPHINCS+-SHAKE-128f-simple)
+ * - SPHINCS_FAST_LEVEL3 (AKA SPHINCS+-SHAKE-192f-simple)
+ * - SPHINCS_FAST_LEVEL5 (AKA SPHINCS+-SHAKE-256f-simple)
+ * - SPHINCS_SMALL_LEVEL1 (AKA SPHINCS+-SHAKE-128s-simple)
+ * - SPHINCS_SMALL_LEVEL3 (AKA SPHINCS+-SHAKE-192s-simple)
+ * - SPHINCS_SMALL_LEVEL5 (AKA SPHINCS+-SHAKE-256s-simple)
*/
#ifndef WOLF_CRYPT_SPHINCS_H
@@ -51,23 +51,23 @@
#ifdef HAVE_LIBOQS
-#define SPHINCS_FAST_LEVEL1_SIG_SIZE OQS_SIG_sphincs_shake256_128f_simple_length_signature
-#define SPHINCS_FAST_LEVEL3_SIG_SIZE OQS_SIG_sphincs_shake256_192f_simple_length_signature
-#define SPHINCS_FAST_LEVEL5_SIG_SIZE OQS_SIG_sphincs_shake256_256f_simple_length_signature
-#define SPHINCS_SMALL_LEVEL1_SIG_SIZE OQS_SIG_sphincs_shake256_128s_simple_length_signature
-#define SPHINCS_SMALL_LEVEL3_SIG_SIZE OQS_SIG_sphincs_shake256_192s_simple_length_signature
-#define SPHINCS_SMALL_LEVEL5_SIG_SIZE OQS_SIG_sphincs_shake256_256s_simple_length_signature
+#define SPHINCS_FAST_LEVEL1_SIG_SIZE OQS_SIG_sphincs_shake_128f_simple_length_signature
+#define SPHINCS_FAST_LEVEL3_SIG_SIZE OQS_SIG_sphincs_shake_192f_simple_length_signature
+#define SPHINCS_FAST_LEVEL5_SIG_SIZE OQS_SIG_sphincs_shake_256f_simple_length_signature
+#define SPHINCS_SMALL_LEVEL1_SIG_SIZE OQS_SIG_sphincs_shake_128s_simple_length_signature
+#define SPHINCS_SMALL_LEVEL3_SIG_SIZE OQS_SIG_sphincs_shake_192s_simple_length_signature
+#define SPHINCS_SMALL_LEVEL5_SIG_SIZE OQS_SIG_sphincs_shake_256s_simple_length_signature
-#define SPHINCS_LEVEL1_KEY_SIZE OQS_SIG_sphincs_shake256_128f_simple_length_secret_key
-#define SPHINCS_LEVEL1_PUB_KEY_SIZE OQS_SIG_sphincs_shake256_128f_simple_length_public_key
+#define SPHINCS_LEVEL1_KEY_SIZE OQS_SIG_sphincs_shake_128f_simple_length_secret_key
+#define SPHINCS_LEVEL1_PUB_KEY_SIZE OQS_SIG_sphincs_shake_128f_simple_length_public_key
#define SPHINCS_LEVEL1_PRV_KEY_SIZE (SPHINCS_LEVEL1_PUB_KEY_SIZE+SPHINCS_LEVEL1_KEY_SIZE)
-#define SPHINCS_LEVEL3_KEY_SIZE OQS_SIG_sphincs_shake256_192f_simple_length_secret_key
-#define SPHINCS_LEVEL3_PUB_KEY_SIZE OQS_SIG_sphincs_shake256_192f_simple_length_public_key
+#define SPHINCS_LEVEL3_KEY_SIZE OQS_SIG_sphincs_shake_192f_simple_length_secret_key
+#define SPHINCS_LEVEL3_PUB_KEY_SIZE OQS_SIG_sphincs_shake_192f_simple_length_public_key
#define SPHINCS_LEVEL3_PRV_KEY_SIZE (SPHINCS_LEVEL3_PUB_KEY_SIZE+SPHINCS_LEVEL3_KEY_SIZE)
-#define SPHINCS_LEVEL5_KEY_SIZE OQS_SIG_sphincs_shake256_256f_simple_length_secret_key
-#define SPHINCS_LEVEL5_PUB_KEY_SIZE OQS_SIG_sphincs_shake256_256f_simple_length_public_key
+#define SPHINCS_LEVEL5_KEY_SIZE OQS_SIG_sphincs_shake_256f_simple_length_secret_key
+#define SPHINCS_LEVEL5_PUB_KEY_SIZE OQS_SIG_sphincs_shake_256f_simple_length_public_key
#define SPHINCS_LEVEL5_PRV_KEY_SIZE (SPHINCS_LEVEL5_PUB_KEY_SIZE+SPHINCS_LEVEL5_KEY_SIZE)
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h
index 94912a3c..dc6d55a1 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h
@@ -290,6 +290,8 @@
#define FP_MASK (fp_digit)(-1)
#define FP_DIGIT_MAX FP_MASK
#define FP_SIZE (FP_MAX_SIZE/DIGIT_BIT)
+#define MP_SIZE (FP_MAX_SIZE/DIGIT_BIT) /* for compatibility with SP_INT */
+
#define FP_MAX_PRIME_SIZE (FP_MAX_BITS/(2*CHAR_BIT))
/* In terms of FP_MAX_BITS, it is double the size possible for a number
@@ -356,7 +358,7 @@ while (0)
#define NEW_MP_INT_SIZE(name, bits, heap, type) \
XMEMSET(name, 0, sizeof(mp_int))
/* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)
+#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
#endif
/* Initialize an mp_int. */
@@ -836,18 +838,20 @@ MP_API int mp_2expt(mp_int* a, int b);
MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
MP_API int mp_cmp(mp_int *a, mp_int *b);
+#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
MP_API int mp_cmp_d(mp_int *a, mp_digit b);
MP_API int mp_unsigned_bin_size(const mp_int * a);
MP_API int mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
MP_API int mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
MP_API int mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+#define mp_to_unsigned_bin_len_ct mp_to_unsigned_bin_len
MP_API int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
MP_API int mp_sub_d(fp_int *a, fp_digit b, fp_int *c);
MP_API int mp_copy(const fp_int* a, fp_int* b);
-MP_API int mp_isodd(mp_int* a);
-MP_API int mp_iszero(mp_int* a);
+MP_API int mp_isodd(const mp_int* a);
+MP_API int mp_iszero(const mp_int* a);
MP_API int mp_count_bits(const mp_int *a);
MP_API int mp_leading_bit(mp_int *a);
MP_API int mp_set_int(mp_int *a, unsigned long b);
@@ -861,19 +865,20 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
#ifdef WOLFSSL_DEBUG_MATH
MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
#else
- #define mp_dump(desc, a, verbose)
+ #define mp_dump(desc, a, verbose) WC_DO_NOTHING
#endif
#if defined(OPENSSL_EXTRA) || !defined(NO_DSA) || defined(HAVE_ECC)
MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
#endif
+#define mp_montgomery_reduce_ct(a, m, mp) \
+ mp_montgomery_reduce_ex(a, m, mp, 1)
+MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
+MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
+MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
#ifdef HAVE_ECC
MP_API int mp_sqr(fp_int *a, fp_int *b);
- MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
- MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp,
- int ct);
- MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
MP_API int mp_div_2(fp_int * a, fp_int * b);
MP_API int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c);
#endif
@@ -899,10 +904,12 @@ MP_API int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
MP_API int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap);
MP_API int mp_exch(mp_int *a, mp_int *b);
#endif /* WOLFSSL_KEY_GEN */
-MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
+MP_API int mp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t);
+MP_API int mp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m);
MP_API int mp_cnt_lsb(fp_int *a);
MP_API int mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
+MP_API int mp_mod_2d(fp_int *a, int b, fp_int *c);
MP_API int mp_mod_d(fp_int* a, fp_digit b, fp_digit* c);
MP_API int mp_lshd (mp_int * a, int b);
MP_API int mp_abs(mp_int* a, mp_int* b);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
index 05943d0a..0d41354e 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
@@ -131,7 +131,7 @@ decouple library dependencies with standard string, memory and so on.
#if defined(WOLF_C89) || defined(WOLF_NO_TRAILING_ENUM_COMMAS)
#define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) _wolf_ ## prefix ## _enum_dummy_last_element
#else
- #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix)
+ #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) /* null expansion */
#endif
/* helpers for stringifying the expanded value of a macro argument rather
@@ -316,6 +316,16 @@ typedef struct w64wrapper {
#endif
#endif /* WC_MAYBE_UNUSED */
+ #ifndef WC_DO_NOTHING
+ #define WC_DO_NOTHING do {} while (0)
+ #ifdef _MSC_VER
+ /* disable buggy MSC warning around while(0),
+ *"warning C4127: conditional expression is constant"
+ */
+ #pragma warning(disable: 4127)
+ #endif
+ #endif
+
/* use inlining if compiler allows */
#ifndef WC_INLINE
#ifndef NO_INLINE
@@ -416,6 +426,8 @@ typedef struct w64wrapper {
#define XSTR_SIZEOF(x) (sizeof(x) - 1) /* -1 to not count the null char */
+ #define XELEM_CNT(x) (sizeof((x))/sizeof(*(x)))
+
/* idea to add global alloc override by Moises Guimaraes */
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
@@ -476,7 +488,7 @@ typedef struct w64wrapper {
#elif defined(WOLFSSL_TELIT_M2MB)
/* Telit M2MB SDK requires use m2mb_os API's, not std malloc/free */
/* Use of malloc/free will cause CPU reboot */
- #define XMALLOC(s, h, t) ((void)h, (void)t, m2mb_os_malloc((s)))
+ #define XMALLOC(s, h, t) ((void)(h), (void)(t), m2mb_os_malloc((s)))
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) m2mb_os_free(xp)
#else
@@ -493,24 +505,25 @@ typedef struct w64wrapper {
fprintf(stderr, "wolfSSL_malloc failed");
return NULL;
};
- #define XMALLOC(s, h, t) malloc_check((s))
- #define XFREE(p, h, t)
- #define XREALLOC(p, n, h, t) (NULL)
+ #define XMALLOC(s, h, t) ((void)(h), (void)(t), malloc_check((s)))
+ #define XFREE(p, h, t) (void)(h); (void)(t)
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), NULL)
#else
- #define XMALLOC(s, h, t) (NULL)
- #define XFREE(p, h, t)
- #define XREALLOC(p, n, h, t) (NULL)
+ #define XMALLOC(s, h, t) ((void)(s), (void)(h), (void)(t), NULL)
+ #define XFREE(p, h, t) (void)(p); (void)(h); (void)(t)
+ #define XREALLOC(p, n, h, t) ((void)(p), (void)(n), (void)(h), (void)(t), NULL)
#endif
#else
- /* just use plain C stdlib stuff if desired */
- #include <stdlib.h>
- #define XMALLOC(s, h, t) malloc((size_t)(s))
- #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
- #define XFREE(p, h, t) free(xp)
- #else
- #define XFREE(p, h, t) {void* xp = (p); if (xp) free(xp);}
- #endif
- #define XREALLOC(p, n, h, t) realloc((p), (size_t)(n))
+ /* just use plain C stdlib stuff if desired */
+ #include <stdlib.h>
+ #define XMALLOC(s, h, t) ((void)(h), (void)(t), malloc((size_t)(s)))
+ #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
+ #define XFREE(p, h, t) ((void)(h), (void)(t), free(p))
+ #else
+ #define XFREE(p, h, t) {void* xp = (p); (void)(h); if (xp) free(xp);}
+ #endif
+ #define XREALLOC(p, n, h, t) \
+ ((void)(h), (void)(t), realloc((p), (size_t)(n)))
#endif
#elif defined(WOLFSSL_LINUXKM)
@@ -547,19 +560,19 @@ typedef struct w64wrapper {
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) ((void)(h), (void)(t), wolfSSL_Malloc((s), __func__, __LINE__))
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
- #define XFREE(p, h, t) wolfSSL_Free(xp, __func__, __LINE__)
+ #define XFREE(p, h, t) ((void)(h), (void)(t), wolfSSL_Free(xp, __func__, __LINE__))
#else
- #define XFREE(p, h, t) {void* xp = (p); if (xp) wolfSSL_Free(xp, __func__, __LINE__);}
+ #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if (xp) wolfSSL_Free(xp, __func__, __LINE__);}
#endif
- #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), wolfSSL_Realloc((p), (n), __func__, __LINE__))
#else
#define XMALLOC(s, h, t) ((void)(h), (void)(t), wolfSSL_Malloc((s)))
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
- #define XFREE(p, h, t) wolfSSL_Free(p)
+ #define XFREE(p, h, t) ((void)(h), (void)(t), wolfSSL_Free(p))
#else
- #define XFREE(p, h, t) {void* xp = (p); if (xp) wolfSSL_Free(xp);}
+ #define XFREE(p, h, t) {void* xp = (p); (void)(h); (void)(t); if (xp) wolfSSL_Free(xp);}
#endif
- #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
+ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), wolfSSL_Realloc((p), (n)))
#endif /* WOLFSSL_DEBUG_MEMORY */
#endif /* WOLFSSL_STATIC_MEMORY */
#endif
@@ -605,9 +618,9 @@ typedef struct w64wrapper {
VAR_TYPE VAR_NAME[VAR_SIZE]
#define WC_DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
VAR_TYPE VAR_NAME[VAR_ITEMS][VAR_SIZE]
- #define WC_INIT_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) do {} while(0)
- #define WC_FREE_VAR(VAR_NAME, HEAP) do {} while(0) /* nothing to free, its stack */
- #define WC_FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) do {} while(0) /* nothing to free, its stack */
+ #define WC_INIT_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) WC_DO_NOTHING
+ #define WC_FREE_VAR(VAR_NAME, HEAP) WC_DO_NOTHING /* nothing to free, its stack */
+ #define WC_FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) WC_DO_NOTHING /* nothing to free, its stack */
#define WC_DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
@@ -748,15 +761,8 @@ typedef struct w64wrapper {
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
debugging is turned on */
+ #ifndef XSNPRINTF
#ifndef USE_WINDOWS_API
- #ifndef XSNPRINTF
- #if defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \
- (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
- defined(WOLFSSL_CERT_EXT) || defined(HAVE_PKCS7))
- /* case where stdio is not included else where but is needed
- for snprintf */
- #include <stdio.h>
- #endif
#if defined(WOLFSSL_ESPIDF) && \
(!defined(NO_ASN_TIME) && defined(HAVE_PKCS7))
#include<stdarg.h>
@@ -786,11 +792,12 @@ typedef struct w64wrapper {
}
#define XSNPRINTF _xsnprintf_
#elif defined(WOLF_C89)
+ #include <stdio.h>
#define XSPRINTF sprintf
#else
+ #include <stdio.h>
#define XSNPRINTF snprintf
#endif
- #endif
#else
#if defined(_MSC_VER) || defined(__CYGWIN__) || defined(__MINGW32__)
#if defined(_MSC_VER) && (_MSC_VER >= 1900)
@@ -826,6 +833,7 @@ typedef struct w64wrapper {
#define XSNPRINTF snprintf
#endif /* _MSC_VER */
#endif /* USE_WINDOWS_API */
+ #endif /* !XSNPRINTF */
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
defined(HAVE_ALPN) || defined(WOLFSSL_SNIFFER)
@@ -1005,13 +1013,17 @@ typedef struct w64wrapper {
DYNAMIC_TYPE_SESSION = 96,
DYNAMIC_TYPE_DILITHIUM = 97,
DYNAMIC_TYPE_SPHINCS = 98,
- DYNAMIC_TYPE_SNIFFER_SERVER = 1000,
- DYNAMIC_TYPE_SNIFFER_SESSION = 1001,
- DYNAMIC_TYPE_SNIFFER_PB = 1002,
- DYNAMIC_TYPE_SNIFFER_PB_BUFFER = 1003,
- DYNAMIC_TYPE_SNIFFER_TICKET_ID = 1004,
- DYNAMIC_TYPE_SNIFFER_NAMED_KEY = 1005,
- DYNAMIC_TYPE_SNIFFER_KEY = 1006
+ DYNAMIC_TYPE_SM4_BUFFER = 99,
+ DYNAMIC_TYPE_DEBUG_TAG = 100,
+ DYNAMIC_TYPE_SNIFFER_SERVER = 1000,
+ DYNAMIC_TYPE_SNIFFER_SESSION = 1001,
+ DYNAMIC_TYPE_SNIFFER_PB = 1002,
+ DYNAMIC_TYPE_SNIFFER_PB_BUFFER = 1003,
+ DYNAMIC_TYPE_SNIFFER_TICKET_ID = 1004,
+ DYNAMIC_TYPE_SNIFFER_NAMED_KEY = 1005,
+ DYNAMIC_TYPE_SNIFFER_KEY = 1006,
+ DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE = 1007,
+ DYNAMIC_TYPE_AES_EAX = 1008,
};
/* max error buffer string size */
@@ -1063,7 +1075,7 @@ typedef struct w64wrapper {
WC_HASH_TYPE_SHA3_512 = 13,
WC_HASH_TYPE_BLAKE2B = 14,
WC_HASH_TYPE_BLAKE2S = 19,
- WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S
+ WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S,
#ifndef WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_224
#endif
@@ -1100,12 +1112,19 @@ typedef struct w64wrapper {
#endif
#ifdef WOLFSSL_SHAKE128
WC_HASH_TYPE_SHAKE128 = 18,
+ #undef _WC_HASH_TYPE_MAX
+ #define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHAKE128
#endif
#ifdef WOLFSSL_SHAKE256
WC_HASH_TYPE_SHAKE256 = 19,
#undef _WC_HASH_TYPE_MAX
#define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHAKE256
#endif
+ #ifdef WOLFSSL_SM3
+ WC_HASH_TYPE_SM3 = 20,
+ #undef _WC_HASH_TYPE_MAX
+ #define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SM3
+ #endif
WC_HASH_TYPE_MAX = _WC_HASH_TYPE_MAX
#undef _WC_HASH_TYPE_MAX
@@ -1197,9 +1216,9 @@ typedef struct w64wrapper {
#elif defined(XASM_LINK)
/* keep user-supplied definition */
#elif defined(WOLFSSL_NO_ASM)
- #define XASM_LINK(f)
+ #define XASM_LINK(f) /* null expansion */
#elif defined(_MSC_VER)
- #define XASM_LINK(f)
+ #define XASM_LINK(f) /* null expansion */
#elif defined(__APPLE__)
#define XASM_LINK(f) asm("_" f)
#elif defined(__GNUC__)
@@ -1335,15 +1354,23 @@ typedef struct w64wrapper {
#define WOLFSSL_THREAD
#elif defined(WOLFSSL_TIRTOS)
typedef void THREAD_RETURN;
+ #define WOLFSSL_THREAD_VOID_RETURN
typedef Task_Handle THREAD_TYPE;
#define WOLFSSL_THREAD
#elif defined(WOLFSSL_ZEPHYR)
typedef void THREAD_RETURN;
- typedef struct k_thread THREAD_TYPE;
+ #define WOLFSSL_THREAD_VOID_RETURN
+ typedef struct {
+ struct k_thread tid;
+ k_thread_stack_t* threadStack;
+ } THREAD_TYPE;
#define WOLFSSL_THREAD
#elif defined(NETOS)
typedef UINT THREAD_RETURN;
- typedef TX_THREAD THREAD_TYPE;
+ typedef struct {
+ TX_THREAD tid;
+ void* threadStack;
+ } THREAD_TYPE;
#define WOLFSSL_THREAD
#define INFINITE TX_WAIT_FOREVER
#define WAIT_OBJECT_0 TX_NO_WAIT
@@ -1351,23 +1378,124 @@ typedef struct w64wrapper {
typedef unsigned int THREAD_RETURN;
typedef size_t THREAD_TYPE;
#define WOLFSSL_THREAD
- #elif (defined(_POSIX_THREADS) || defined(HAVE_PTHREAD)) && \
- !defined(__MINGW32__)
+ #elif defined(WOLFSSL_PTHREADS)
+ #ifndef __MACH__
+ #include <pthread.h>
+ typedef struct COND_TYPE {
+ pthread_mutex_t mutex;
+ pthread_cond_t cond;
+ } COND_TYPE;
+ #else
+ #include <dispatch/dispatch.h>
+ typedef struct COND_TYPE {
+ wolfSSL_Mutex mutex;
+ dispatch_semaphore_t cond;
+ } COND_TYPE;
+ #endif
typedef void* THREAD_RETURN;
typedef pthread_t THREAD_TYPE;
+ #define WOLFSSL_COND
#define WOLFSSL_THREAD
- #define INFINITE (-1)
- #define WAIT_OBJECT_0 0L
+ #ifndef HAVE_SELFTEST
+ #define WOLFSSL_THREAD_NO_JOIN
+ #endif
#elif defined(FREERTOS)
typedef unsigned int THREAD_RETURN;
typedef TaskHandle_t THREAD_TYPE;
#define WOLFSSL_THREAD
+ #elif defined(USE_WINDOWS_API)
+ typedef unsigned THREAD_RETURN;
+ typedef uintptr_t THREAD_TYPE;
+ typedef struct COND_TYPE {
+ wolfSSL_Mutex mutex;
+ HANDLE cond;
+ } COND_TYPE;
+ #define WOLFSSL_COND
+ #define INVALID_THREAD_VAL ((THREAD_TYPE)(INVALID_HANDLE_VALUE))
+ #define WOLFSSL_THREAD __stdcall
+ #if !defined(__MINGW32__)
+ #define WOLFSSL_THREAD_NO_JOIN __cdecl
+ #endif
#else
typedef unsigned int THREAD_RETURN;
typedef size_t THREAD_TYPE;
#define WOLFSSL_THREAD __stdcall
#endif
+
+ #ifndef SINGLE_THREADED
+ /* Necessary headers should already be included. */
+
+ #ifndef INVALID_THREAD_VAL
+ #define INVALID_THREAD_VAL ((THREAD_TYPE)(-1))
+ #endif
+
+ #ifndef WOLFSSL_THREAD_VOID_RETURN
+ #define WOLFSSL_RETURN_FROM_THREAD(x) return (THREAD_RETURN)(x)
+ #else
+ #define WOLFSSL_RETURN_FROM_THREAD(x) \
+ do { (void)(x); return; } while(0)
+ #endif
+
+ /* List of defines/types and what they mean:
+ * THREAD_RETURN - return type of a thread callback
+ * THREAD_TYPE - type that should be passed into thread handling API
+ * INVALID_THREAD_VAL - a value that THREAD_TYPE can be checked against
+ * to check if the value is an invalid thread
+ * WOLFSSL_THREAD - attribute that should be used to declare thread
+ * callbacks
+ * WOLFSSL_THREAD_NO_JOIN - attribute that should be used to declare
+ * thread callbacks that don't require cleanup
+ * WOLFSSL_COND - defined if this system supports signaling
+ * COND_TYPE - type that should be passed into the signaling API
+ * WOLFSSL_THREAD_VOID_RETURN - defined if the thread callback has a
+ * void return
+ * WOLFSSL_RETURN_FROM_THREAD - define used to correctly return from a
+ * thread callback
+ * THREAD_CB - thread callback type for regular threading API
+ * THREAD_CB_NOJOIN - thread callback type for threading API that don't
+ * require cleanup
+ *
+ * Other defines/types are specific for the threading implementation
+ */
+
+ /* Internal wolfSSL threading interface. It does NOT need to be ported
+ * during initial porting efforts. This is a very basic interface. Some
+ * areas don't use this interface on purpose as they need more control
+ * over threads.
+ *
+ * It is currently used for:
+ * - CRL monitor
+ * - Testing
+ * - Entropy generation */
+
+ /* We don't support returns from threads */
+ typedef THREAD_RETURN (WOLFSSL_THREAD *THREAD_CB)(void* arg);
+ WOLFSSL_API int wolfSSL_NewThread(THREAD_TYPE* thread,
+ THREAD_CB cb, void* arg);
+ #ifdef WOLFSSL_THREAD_NO_JOIN
+ /* Create a thread that will be automatically cleaned up. We can't
+ * return a handle/pointer to the new thread because there are no
+ * guarantees for how long it will be valid. */
+ typedef THREAD_RETURN (WOLFSSL_THREAD_NO_JOIN *THREAD_CB_NOJOIN)
+ (void* arg);
+ WOLFSSL_API int wolfSSL_NewThreadNoJoin(THREAD_CB_NOJOIN cb,
+ void* arg);
+ #endif
+ WOLFSSL_API int wolfSSL_JoinThread(THREAD_TYPE thread);
+
+ #ifdef WOLFSSL_COND
+ WOLFSSL_API int wolfSSL_CondInit(COND_TYPE* cond);
+ WOLFSSL_API int wolfSSL_CondFree(COND_TYPE* cond);
+ WOLFSSL_API int wolfSSL_CondSignal(COND_TYPE* cond);
+ WOLFSSL_API int wolfSSL_CondWait(COND_TYPE* cond);
+ WOLFSSL_API int wolfSSL_CondStart(COND_TYPE* cond);
+ WOLFSSL_API int wolfSSL_CondEnd(COND_TYPE* cond);
+ #endif
+ #else
+ #define WOLFSSL_RETURN_FROM_THREAD(x) return (THREAD_RETURN)(x)
+ #endif /* SINGLE_THREADED */
+
#if defined(HAVE_STACK_SIZE)
#define EXIT_TEST(ret) return (THREAD_RETURN)((size_t)(ret))
#else
@@ -1413,9 +1541,9 @@ typedef struct w64wrapper {
#define PRAGMA(str) PRAGMA_GCC(str)
#define PRAGMA_DIAG_POP PRAGMA_GCC_DIAG_POP
#else
- #define PRAGMA_GCC_DIAG_PUSH
- #define PRAGMA_GCC(str)
- #define PRAGMA_GCC_DIAG_POP
+ #define PRAGMA_GCC_DIAG_PUSH /* null expansion */
+ #define PRAGMA_GCC(str) /* null expansion */
+ #define PRAGMA_GCC_DIAG_POP /* null expansion */
#endif
#ifdef __clang__
@@ -1426,119 +1554,47 @@ typedef struct w64wrapper {
#define PRAGMA(str) PRAGMA_CLANG(str)
#define PRAGMA_DIAG_POP PRAGMA_CLANG_DIAG_POP
#else
- #define PRAGMA_CLANG_DIAG_PUSH
- #define PRAGMA_CLANG(str)
- #define PRAGMA_CLANG_DIAG_POP
+ #define PRAGMA_CLANG_DIAG_PUSH /* null expansion */
+ #define PRAGMA_CLANG(str) /* null expansion */
+ #define PRAGMA_CLANG_DIAG_POP /* null expansion */
#endif
#ifndef PRAGMA_DIAG_PUSH
- #define PRAGMA_DIAG_PUSH
+ #define PRAGMA_DIAG_PUSH /* null expansion */
#endif
#ifndef PRAGMA
- #define PRAGMA(str)
+ #define PRAGMA(str) /* null expansion */
#endif
#ifndef PRAGMA_DIAG_POP
- #define PRAGMA_DIAG_POP
+ #define PRAGMA_DIAG_POP /* null expansion */
#endif
- #ifdef DEBUG_VECTOR_REGISTER_ACCESS
- WOLFSSL_API extern THREAD_LS_T int wc_svr_count;
- WOLFSSL_API extern THREAD_LS_T const char *wc_svr_last_file;
- WOLFSSL_API extern THREAD_LS_T int wc_svr_last_line;
-
- #ifdef DEBUG_VECTOR_REGISTERS_ABORT_ON_FAIL
- #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE abort();
- #elif defined(DEBUG_VECTOR_REGISTERS_EXIT_ON_FAIL)
- #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE exit(1);
- #else
- #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE
- #endif
-
- #define SAVE_VECTOR_REGISTERS(...) { \
- ++wc_svr_count; \
- if (wc_svr_count > 5) { \
- fprintf(stderr, \
- "%s @ L%d : incr : wc_svr_count %d (last op %s L%d)\n", \
- __FILE__, \
- __LINE__, \
- wc_svr_count, \
- wc_svr_last_file, \
- wc_svr_last_line); \
- DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
- } \
- wc_svr_last_file = __FILE__; \
- wc_svr_last_line = __LINE__; \
- }
- #define ASSERT_SAVED_VECTOR_REGISTERS(fail_clause) { \
- if (wc_svr_count <= 0) { \
- fprintf(stderr, \
- "ASSERT_SAVED_VECTOR_REGISTERS : %s @ L%d : wc_svr_count %d (last op %s L%d)\n", \
- __FILE__, \
- __LINE__, \
- wc_svr_count, \
- wc_svr_last_file, \
- wc_svr_last_line); \
- DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
- { fail_clause } \
- } \
- }
- #define ASSERT_RESTORED_VECTOR_REGISTERS(fail_clause) { \
- if (wc_svr_count != 0) { \
- fprintf(stderr, \
- "ASSERT_RESTORED_VECTOR_REGISTERS : %s @ L%d : wc_svr_count %d (last op %s L%d)\n", \
- __FILE__, \
- __LINE__, \
- wc_svr_count, \
- wc_svr_last_file, \
- wc_svr_last_line); \
- DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
- { fail_clause } \
- } \
- }
- #define RESTORE_VECTOR_REGISTERS(...) { \
- --wc_svr_count; \
- if ((wc_svr_count > 4) || (wc_svr_count < 0)) { \
- fprintf(stderr, \
- "%s @ L%d : decr : wc_svr_count %d (last op %s L%d)\n", \
- __FILE__, \
- __LINE__, \
- wc_svr_count, \
- wc_svr_last_file, \
- wc_svr_last_line); \
- DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE \
- } \
- wc_svr_last_file = __FILE__; \
- wc_svr_last_line = __LINE__; \
- }
- #else
- #ifdef _MSC_VER
- /* disable buggy MSC warning around while(0),
- *"warning C4127: conditional expression is constant"
- */
- #pragma warning(disable: 4127)
- #endif
- #ifndef SAVE_VECTOR_REGISTERS
- #define SAVE_VECTOR_REGISTERS(...) do{}while(0)
- #endif
- #ifndef ASSERT_SAVED_VECTOR_REGISTERS
- #define ASSERT_SAVED_VECTOR_REGISTERS(...) do{}while(0)
- #endif
- #ifndef ASSERT_RESTORED_VECTOR_REGISTERS
- #define ASSERT_RESTORED_VECTOR_REGISTERS(...) do{}while(0)
- #endif
- #ifndef RESTORE_VECTOR_REGISTERS
- #define RESTORE_VECTOR_REGISTERS() do{}while(0)
- #endif
+ #ifndef SAVE_VECTOR_REGISTERS
+ #define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
+ #endif
+ #ifndef SAVE_VECTOR_REGISTERS2
+ #define SAVE_VECTOR_REGISTERS2() 0
+ #endif
+ #ifndef WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL
+ #define WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(x) WC_DO_NOTHING
+ #endif
+ #ifndef ASSERT_SAVED_VECTOR_REGISTERS
+ #define ASSERT_SAVED_VECTOR_REGISTERS(...) WC_DO_NOTHING
+ #endif
+ #ifndef ASSERT_RESTORED_VECTOR_REGISTERS
+ #define ASSERT_RESTORED_VECTOR_REGISTERS(...) WC_DO_NOTHING
+ #endif
+ #ifndef RESTORE_VECTOR_REGISTERS
+ #define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
#endif
-
#if FIPS_VERSION_GE(5,1)
#define WC_SPKRE_F(x,y) wolfCrypt_SetPrivateKeyReadEnable_fips((x),(y))
#define PRIVATE_KEY_LOCK() WC_SPKRE_F(0,WC_KEYTYPE_ALL)
#define PRIVATE_KEY_UNLOCK() WC_SPKRE_F(1,WC_KEYTYPE_ALL)
#else
- #define PRIVATE_KEY_LOCK() do{}while(0)
- #define PRIVATE_KEY_UNLOCK() do{}while(0)
+ #define PRIVATE_KEY_LOCK() WC_DO_NOTHING
+ #define PRIVATE_KEY_UNLOCK() WC_DO_NOTHING
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
index 68b9b76e..6ee10dfc 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
@@ -25,17 +25,6 @@
#ifndef WOLF_CRYPT_VISIBILITY_H
#define WOLF_CRYPT_VISIBILITY_H
-
-/* for compatibility and so that fips is using same name of macro @wc_fips */
-/* The following visibility wrappers are for old FIPS. New FIPS should use
- * the same as a non-FIPS build. */
-#if defined(HAVE_FIPS) && \
- (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- #include <cyassl/ctaocrypt/visibility.h>
- #define WOLFSSL_API CYASSL_API
- #define WOLFSSL_LOCAL CYASSL_LOCAL
-#else
-
/* WOLFSSL_API is used for the public API symbols.
It either imports or exports (or does nothing for static builds)
@@ -76,8 +65,6 @@
#endif
#endif /* BUILDING_WOLFSSL */
-#endif /* HAVE_FIPS */
-
/* WOLFSSL_ABI is used for public API symbols that must not change
* their signature. This tag is used for all APIs that are a
* part of the fixed ABI.
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h
new file mode 100644
index 00000000..a0e06e41
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h
@@ -0,0 +1,23 @@
+/* wc_lms.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#error "Contact wolfSSL to get the implementation of this file"
+
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h
index 7b452841..5240effa 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h
@@ -60,6 +60,9 @@
/* THREADING/MUTEX SECTION */
#ifdef USE_WINDOWS_API
+ #if defined(WOLFSSL_PTHREADS)
+ #include <pthread.h>
+ #endif
#ifdef WOLFSSL_GAME_BUILD
#include "system/xtl.h"
#else
@@ -77,6 +80,9 @@
#endif
#endif /* WOLFSSL_SGX */
#endif
+ #ifndef SINGLE_THREADED
+ #include <process.h>
+ #endif
#elif defined(THREADX)
#ifndef SINGLE_THREADED
#ifdef NEED_THREADX_TYPES
@@ -224,7 +230,7 @@
signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
xSemaphoreHandle mutex;
} wolfSSL_Mutex;
- #elif defined(USE_WINDOWS_API)
+ #elif defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS)
typedef CRITICAL_SECTION wolfSSL_Mutex;
#elif defined(MAXQ10XX_MUTEX)
#include <sys/mman.h>
@@ -237,6 +243,7 @@
typedef pthread_rwlock_t wolfSSL_RwLock;
#endif
typedef pthread_mutex_t wolfSSL_Mutex;
+ #define WOLFSSL_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
#elif defined(THREADX)
typedef TX_MUTEX wolfSSL_Mutex;
#elif defined(WOLFSSL_DEOS)
@@ -244,7 +251,11 @@
#elif defined(MICRIUM)
typedef OS_MUTEX wolfSSL_Mutex;
#elif defined(EBSNET)
- typedef RTP_MUTEX wolfSSL_Mutex;
+ #if (defined(RTPLATFORM) && (RTPLATFORM != 0))
+ typedef RTP_MUTEX wolfSSL_Mutex;
+ #else
+ typedef KS_RTIPSEM wolfSSL_Mutex;
+ #endif
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
typedef MUTEX_STRUCT wolfSSL_Mutex;
#elif defined(FREESCALE_FREE_RTOS)
@@ -349,7 +360,7 @@ typedef struct wolfSSL_Ref {
(ref)->count = 1; \
*(err) = 0; \
} while(0)
-#define wolfSSL_RefFree(ref)
+#define wolfSSL_RefFree(ref) WC_DO_NOTHING
#define wolfSSL_RefInc(ref, err) \
do { \
(ref)->count++; \
@@ -369,7 +380,7 @@ typedef struct wolfSSL_Ref {
wolfSSL_Atomic_Int_Init(&(ref)->count, 1); \
*(err) = 0; \
} while(0)
-#define wolfSSL_RefFree(ref)
+#define wolfSSL_RefFree(ref) WC_DO_NOTHING
#define wolfSSL_RefInc(ref, err) \
do { \
(void)wolfSSL_Atomic_Int_FetchAdd(&(ref)->count, 1); \
@@ -440,6 +451,7 @@ typedef void (mutex_cb)(int flag, int type, const char* file, int line);
WOLFSSL_API int wc_LockMutex_ex(int flag, int type, const char* file, int line);
WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb);
+WOLFSSL_API mutex_cb* wc_GetMutexCb(void);
#endif
/* main crypto initialization function */
@@ -474,6 +486,8 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XSEEK_END VSEEK_END
#define XBADFILE -1
#define XFGETS(b,s,f) -2 /* Not ported yet */
+ #define XSNPRINTF rtp_snprintf
+ #define XFPRINTF fprintf
#elif defined(LSR_FS)
#include <fs.h>
@@ -615,7 +629,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XFREAD fread
#define XFWRITE fwrite
#define XFCLOSE fclose
- #define XSEEK_END SEEK_SET
+ #define XSEEK_SET SEEK_SET
#define XSEEK_END SEEK_END
#define XBADFILE NULL
#define XFGETS fgets
@@ -729,10 +743,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#ifndef MAX_FILENAME_SZ
- #define MAX_FILENAME_SZ 256 /* max file name length */
+ #define MAX_FILENAME_SZ (260 + 1) /* max file name length */
#endif
#ifndef MAX_PATH
- #define MAX_PATH 256
+ #define MAX_PATH (260 + 1)
#endif
WOLFSSL_LOCAL int wc_FileLoad(const char* fname, unsigned char** buf,
@@ -856,7 +870,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#include "os.h" /* dc_rtc_api needs */
#include "dc_rtc_api.h" /* to get current time */
- /* uses parital <time.h> structures */
+ /* uses partial <time.h> structures */
#define XTIME(tl) (0)
#define XGMTIME(c, t) rtpsys_gmtime((c))
@@ -968,7 +982,15 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#ifndef _POSIX_C_SOURCE
#include <zephyr/posix/time.h>
#else
- #include <sys/time.h>
+ #include <time.h>
+ #endif
+
+ #if defined(CONFIG_RTC)
+ #if defined(CONFIG_PICOLIBC) || defined(CONFIG_NEWLIB_LIBC)
+ #include <zephyr/drivers/rtc.h>
+ #else
+ #warning "RTC support needs picolibc or newlib (nano)"
+ #endif
#endif
time_t z_time(time_t *timer);
@@ -1041,6 +1063,11 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XTIME(tl) time((tl))
#endif
#endif
+
+#if defined(WOLFSSL_GMTIME) && !defined(HAVE_GMTIME_R)
+ #define HAVE_GMTIME_R
+#endif
+
#if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
/* Always use gmtime_r if available. */
#if defined(HAVE_GMTIME_S)
@@ -1106,8 +1133,9 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);
#elif defined(WOLFSSL_GMTIME)
struct tm* gmtime(const time_t* timer);
+ struct tm* gmtime_r(const time_t* timer, struct tm *ret);
#endif
-#endif /* NO_ASN_TIME */
+#endif /* !NO_ASN_TIME */
#ifndef WOLFSSL_LEANPSK
@@ -1151,6 +1179,23 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
#endif
#endif
+
+ /* AFTER user_settings.h is loaded,
+ ** determine if POSIX multi-threaded: HAVE_PTHREAD */
+ #if defined(SINGLE_THREADED) || defined(__MINGW32__)
+ /* Never HAVE_PTHREAD in single thread, or non-POSIX mode.
+ ** Reminder: MING32 is win32 threads, not POSIX threads */
+ #undef HAVE_PTHREAD
+ #else
+ /* _POSIX_THREADS is defined by unistd.h so this check needs to happen
+ * after we include all the platform relevant libs. */
+ #ifdef _POSIX_THREADS
+ /* HAVE_PTHREAD == POSIX threads capable and enabled. */
+ #undef HAVE_PTHREAD
+ #define HAVE_PTHREAD 1
+ #endif
+ #endif
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h
new file mode 100644
index 00000000..96274d79
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h
@@ -0,0 +1,23 @@
+/* wc_xmss.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#error "Contact wolfSSL to get the implementation of this file"
+
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h
new file mode 100644
index 00000000..70f26c48
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h
@@ -0,0 +1,152 @@
+/* xmss.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+ \file wolfssl/wolfcrypt/xmss.h
+ */
+
+#ifndef WOLF_CRYPT_XMSS_H
+#define WOLF_CRYPT_XMSS_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef WOLFSSL_HAVE_XMSS
+
+/* Note on XMSS/XMSS^MT pub/priv key sizes:
+ * - The XMSS/XMSS^MT pub key has a defined format and size.
+ * - The XMSS/XMSS^MT private key is implementation and parameter
+ * specific. It does not have a standardized format or size.
+ *
+ * The XMSS/XMSS^MT public and secret key format and length is:
+ * PK = OID || root || SEED;
+ * PK_len = 4 + 2 * n
+ *
+ * SK = OID || (implementation defined)
+ * SK_len = 4 + (implementation defined)
+ *
+ * where n is the number of bytes in the hash function, which is 32
+ * in this SHA256 implementation.
+ *
+ * However the private key is implementation specific. For example,
+ * in xmss-reference the private key size varies from 137 bytes to
+ * 1377 bytes between slow and fast implementations with param name
+ * "XMSSMT-SHA2_20/2_256".
+ *
+ * References:
+ * - RFC 8391
+ * - Table 2 of Kampanakis, Fluhrer, IACR, 2017.
+ * */
+
+#define XMSS_SHA256_PUBLEN (68)
+
+/* Supported XMSS/XMSS^MT parameter set names:
+ * We are supporting all SHA256 parameter sets with n=32 and
+ * Winternitz=16, from RFC 8391 and NIST SP 800-208.
+ *
+ * ----------------------------------------------------------
+ * | Name OID n w len h d |
+ * XMSS: | "XMSS-SHA2_10_256" 0x00000001 32 16 67 10 1 |
+ * | "XMSS-SHA2_16_256" 0x00000002 32 16 67 16 1 |
+ * | "XMSS-SHA2_20_256" 0x00000003 32 16 67 20 1 |
+ * | |
+ * XMSSMT: | "XMSSMT-SHA2_20/2_256" 0x00000001 32 16 67 20 2 |
+ * | "XMSSMT-SHA2_20/4_256" 0x00000002 32 16 67 20 4 |
+ * | "XMSSMT-SHA2_40/2_256" 0x00000003 32 16 67 40 2 |
+ * | "XMSSMT-SHA2_40/4_256" 0x00000004 32 16 67 40 4 |
+ * | "XMSSMT-SHA2_40/8_256" 0x00000005 32 16 67 40 8 |
+ * | "XMSSMT-SHA2_60/3_256" 0x00000006 32 16 67 60 3 |
+ * | "XMSSMT-SHA2_60/6_256" 0x00000007 32 16 67 60 6 |
+ * | "XMSSMT-SHA2_60/12_256" 0x00000008 32 16 67 60 12 |
+ * ----------------------------------------------------------
+ *
+ * Note that some XMSS and XMSSMT names do have overlapping OIDs.
+ *
+ * References:
+ * 1. NIST SP 800-208
+ * 2. RFC 8391
+ * */
+
+#define XMSS_NAME_LEN (16) /* strlen("XMSS-SHA2_10_256") */
+#define XMSSMT_NAME_MIN_LEN (20) /* strlen("XMSSMT-SHA2_20/2_256") */
+#define XMSSMT_NAME_MAX_LEN (21) /* strlen("XMSSMT-SHA2_60/12_256") */
+
+typedef struct XmssKey XmssKey;
+
+/* Return codes returned by private key callbacks. */
+enum wc_XmssRc {
+ WC_XMSS_RC_NONE,
+ WC_XMSS_RC_BAD_ARG, /* Bad arg in read or write callback. */
+ WC_XMSS_RC_WRITE_FAIL, /* Write or update private key failed. */
+ WC_XMSS_RC_READ_FAIL, /* Read private key failed. */
+ WC_XMSS_RC_SAVED_TO_NV_MEMORY, /* Wrote private key to nonvolatile storage. */
+ WC_XMSS_RC_READ_TO_MEMORY /* Read private key from storage. */
+};
+
+/* enum wc_XmssState is to help track the state of an XMSS Key. */
+enum wc_XmssState {
+ WC_XMSS_STATE_FREED, /* Key has been freed from memory. */
+ WC_XMSS_STATE_INITED, /* Key has been inited, ready to set params.*/
+ WC_XMSS_STATE_PARMSET, /* Params are set, ready to MakeKey or Reload. */
+ WC_XMSS_STATE_OK, /* Able to sign signatures and verify. */
+ WC_XMSS_STATE_VERIFYONLY, /* A public only XmssKey. */
+ WC_XMSS_STATE_BAD, /* Can't guarantee key's state. */
+ WC_XMSS_STATE_NOSIGS /* Signatures exhausted. */
+};
+
+/* Private key write and read callbacks. */
+typedef enum wc_XmssRc (*write_private_key_cb)(const byte * priv, word32 privSz, void *context);
+typedef enum wc_XmssRc (*read_private_key_cb)(byte * priv, word32 privSz, void *context);
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+WOLFSSL_API int wc_XmssKey_Init(XmssKey * key, void * heap, int devId);
+WOLFSSL_API int wc_XmssKey_SetParamStr(XmssKey * key, const char * str);
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+WOLFSSL_API int wc_XmssKey_SetWriteCb(XmssKey * key,
+ write_private_key_cb write_cb);
+WOLFSSL_API int wc_XmssKey_SetReadCb(XmssKey * key,
+ read_private_key_cb read_cb);
+WOLFSSL_API int wc_XmssKey_SetContext(XmssKey * key, void * context);
+WOLFSSL_API int wc_XmssKey_MakeKey(XmssKey * key, WC_RNG * rng);
+WOLFSSL_API int wc_XmssKey_Reload(XmssKey * key);
+WOLFSSL_API int wc_XmssKey_GetPrivLen(const XmssKey * key, word32 * len);
+WOLFSSL_API int wc_XmssKey_Sign(XmssKey * key, byte * sig, word32 * sigSz,
+ const byte * msg, int msgSz);
+WOLFSSL_API int wc_XmssKey_SigsLeft(XmssKey * key);
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+WOLFSSL_API void wc_XmssKey_Free(XmssKey * key);
+WOLFSSL_API int wc_XmssKey_GetSigLen(const XmssKey * key, word32 * len);
+WOLFSSL_API int wc_XmssKey_GetPubLen(const XmssKey * key, word32 * len);
+WOLFSSL_API int wc_XmssKey_ExportPub(XmssKey * keyDst, const XmssKey * keySrc);
+WOLFSSL_API int wc_XmssKey_ExportPubRaw(const XmssKey * key, byte * out,
+ word32 * outLen);
+WOLFSSL_API int wc_XmssKey_ImportPubRaw(XmssKey * key, const byte * in,
+ word32 inLen);
+WOLFSSL_API int wc_XmssKey_Verify(XmssKey * key, const byte * sig, word32 sigSz,
+ const byte * msg, int msgSz);
+#ifdef __cplusplus
+ } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_HAVE_XMSS */
+#endif /* WOLF_CRYPT_XMSS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfio.h b/extra/wolfssl/wolfssl/wolfssl/wolfio.h
index f783fd03..9a8b5113 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfio.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfio.h
@@ -26,6 +26,8 @@
#ifndef WOLFSSL_IO_H
#define WOLFSSL_IO_H
+#include <wolfssl/ssl.h>
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -169,7 +171,8 @@
#endif
#if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) ||\
- defined(WOLFSSL_RENESAS_RA6M4)
+ defined(WOLFSSL_RENESAS_RA6M4) || \
+ defined(WOLFSSL_RENESAS_RZN2L)
/* Uses FREERTOS_TCP */
#include <errno.h>
#endif
@@ -381,6 +384,13 @@
#define XSOCKLENT socklen_t
#endif
#endif
+ #ifndef XSOCKOPT_TYPE_OPTVAL_TYPE
+ #ifdef USE_WINDOWS_API
+ #define XSOCKOPT_TYPE_OPTVAL_TYPE void*
+ #else
+ #define XSOCKOPT_TYPE_OPTVAL_TYPE char*
+ #endif
+ #endif
/* Socket Addr Support */
#ifdef HAVE_SOCKADDR
@@ -429,7 +439,7 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
extern int closesocket(int);
#define CloseSocket(s) closesocket(s)
#endif
- #define StartTCP()
+ #define StartTCP() WC_DO_NOTHING
#elif defined(FUSION_RTOS)
#ifndef CloseSocket
#define CloseSocket(s) do { \
@@ -441,7 +451,7 @@ WOLFSSL_API int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
#ifndef CloseSocket
#define CloseSocket(s) close(s)
#endif
- #define StartTCP()
+ #define StartTCP() WC_DO_NOTHING
#ifdef FREERTOS_TCP_WINSIM
extern int close(int);
#endif
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/README.md b/extra/wolfssl/wolfssl/wrapper/Ada/README.md
new file mode 100644
index 00000000..0af9eafc
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/README.md
@@ -0,0 +1,116 @@
+# Ada Binding Example
+The source code for the Ada/SPARK binding of the WolfSSL library
+is the WolfSSL Ada package in the wolfssl.ads and wolfssl.adb files.
+
+The source code here also demonstrates a TLS v1.3 server and client
+using the WolfSSL Ada binding. The implementation is cross-platform
+and compiles on Linux, Mac OS X and Windows.
+
+Security: The WolfSSL Ada binding avoids usage of the
+Secondary Stack. The GNAT compiler has a number of hardening
+features for example Stack Scrubbing; the compiler can generate
+code to zero-out stack frames used by subprograms.
+Unfortunately this works well for the primary stack but not
+for the secondary stack. The GNAT User's Guide recommends
+avoiding the secondary stack using the restriction
+No_Secondary_Stack (see the GNAT configuration file gnat.adc
+which instructs compilation of the WolfSSL Ada binding under
+this restriction).
+
+Portability: The WolfSSL Ada binding makes no usage of controlled types
+and has no dependency upon the Ada.Finalization package.
+Lighter Ada run-times for embedded systems often have
+the restriction No_Finalization. The WolfSSL Ada binding has
+been developed with maximum portability in mind.
+
+Not only can the WolfSSL Ada binding be used in Ada applications but
+also SPARK applications (a subset of the Ada language suitable
+formal verification). To formally verify the Ada code in this repository
+open the client.gpr with GNAT Studio and then select
+SPARK -> Prove All Sources and use Proof Level 2.
+
+```
+Summary of SPARK analysis
+=========================
+
+---------------------------------------------------------------------------------------------------------------
+SPARK Analysis results Total Flow CodePeer Provers Justified Unproved
+---------------------------------------------------------------------------------------------------------------
+Data Dependencies 2 2 . . . .
+Flow Dependencies . . . . . .
+Initialization 15 15 . . . .
+Non-Aliasing . . . . . .
+Run-time Checks 58 . . 58 (CVC4 85%, Trivial 15%) . .
+Assertions 6 . . 6 (CVC4) . .
+Functional Contracts 91 . . 91 (CVC4) . .
+LSP Verification . . . . . .
+Termination . . . . . .
+Concurrency . . . . . .
+---------------------------------------------------------------------------------------------------------------
+Total 172 17 (10%) . 155 (90%) . .
+```
+
+## Compiler and Build System installation
+
+### GNAT Community Edition 2021
+Download and install the GNAT community Edition 2021 compiler and studio:
+https://www.adacore.com/download
+
+Linux Install:
+
+```sh
+chmod +x gnat-2021-20210519-x86_64-linux-bin
+./gnat-2021-20210519-x86_64-linux-bin
+```
+
+```sh
+export PATH="/opt/GNAT/2021/bin:$PATH"
+cd wrapper/Ada
+gprclean
+gprbuild default.gpr
+gprbuild client.gpr
+
+cd obj/
+./tls_server_main &
+./tls_client_main 127.0.0.1
+```
+
+On Windows, build the executables with:
+```sh
+gprbuild -XOS=Windows default.gpr
+gprbuild -XOS=Windows client.gpr
+```
+
+
+### GNAT FSF Compiler and GPRBuild manual installation
+In May 2022 AdaCore announced the end of the GNAT Community releases.
+Pre-built binaries for the GNAT FSF compiler and GPRBuild can be
+downloaded and manually installed from here:
+https://github.com/alire-project/GNAT-FSF-builds/releases
+Make sure the executables for the compiler and GPRBuild are on the PATH
+and use gprbuild to build the source code.
+
+## Files
+The TLS v1.3 client example in the Ada/SPARK programming language
+using the WolfSSL library can be found in the files:
+tls_client_main.adb
+tls_client.ads
+tls_client.adb
+
+The TLS v1.3 server example in the Ada/SPARK programming language
+using the WolfSSL library can be found in the files:
+tls_server_main.adb
+tls_server.ads
+tls_server.adb
+
+A feature of the Ada language that is not part of SPARK is exceptions.
+Some packages of the Ada standard library and GNAT specific packages
+provided by the GNAT compiler can therefore not be used directly but
+need to be put into wrapper packages that does not raise exceptions.
+The packages that provide access to sockets and command line arguments
+to applications implemented in the SPARK programming language can be
+found in the files:
+spark_sockets.ads
+spark_sockets.adb
+spark_terminal.ads
+spark_terminal.adb
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c b/extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c
new file mode 100644
index 00000000..0becb0e7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c
@@ -0,0 +1,105 @@
+/* ada_binding.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+
+/* These functions give access to the integer values of the enumeration
+ constants used in WolfSSL. These functions make it possible
+ for the WolfSSL implementation to change the values of the constants
+ without the need to make a corresponding change in the Ada code. */
+extern int get_wolfssl_error_want_read(void);
+extern int get_wolfssl_error_want_write(void);
+extern int get_wolfssl_max_error_size (void);
+extern int get_wolfssl_success(void);
+extern int get_wolfssl_failure(void);
+extern int get_wolfssl_verify_none(void);
+extern int get_wolfssl_verify_peer(void);
+extern int get_wolfssl_verify_fail_if_no_peer_cert(void);
+extern int get_wolfssl_verify_client_once(void);
+extern int get_wolfssl_verify_post_handshake(void);
+extern int get_wolfssl_verify_fail_except_psk(void);
+extern int get_wolfssl_verify_default(void);
+
+extern int get_wolfssl_filetype_asn1(void);
+extern int get_wolfssl_filetype_pem(void);
+extern int get_wolfssl_filetype_default(void);
+
+extern int get_wolfssl_error_want_read(void) {
+ return WOLFSSL_ERROR_WANT_READ;
+}
+
+extern int get_wolfssl_error_want_write(void) {
+ return WOLFSSL_ERROR_WANT_WRITE;
+}
+
+extern int get_wolfssl_max_error_size(void) {
+ return WOLFSSL_MAX_ERROR_SZ;
+}
+
+extern int get_wolfssl_success(void) {
+ return WOLFSSL_SUCCESS;
+}
+
+extern int get_wolfssl_failure(void) {
+ return WOLFSSL_FAILURE;
+}
+
+extern int get_wolfssl_verify_none(void) {
+ return WOLFSSL_VERIFY_NONE;
+}
+
+extern int get_wolfssl_verify_peer(void) {
+ return WOLFSSL_VERIFY_PEER;
+}
+
+extern int get_wolfssl_verify_fail_if_no_peer_cert(void) {
+ return WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+}
+
+extern int get_wolfssl_verify_client_once(void) {
+ return WOLFSSL_VERIFY_CLIENT_ONCE;
+}
+
+extern int get_wolfssl_verify_post_handshake(void) {
+ return WOLFSSL_VERIFY_POST_HANDSHAKE;
+}
+
+extern int get_wolfssl_verify_fail_except_psk(void) {
+ return WOLFSSL_VERIFY_FAIL_EXCEPT_PSK;
+}
+
+extern int get_wolfssl_verify_default(void) {
+ return WOLFSSL_VERIFY_DEFAULT;
+}
+
+extern int get_wolfssl_filetype_asn1(void) {
+ return WOLFSSL_FILETYPE_ASN1;
+}
+
+extern int get_wolfssl_filetype_pem(void) {
+ return WOLFSSL_FILETYPE_PEM;
+}
+
+extern int get_wolfssl_filetype_default(void) {
+ return WOLFSSL_FILETYPE_DEFAULT;
+}
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/client.gpr b/extra/wolfssl/wolfssl/wrapper/Ada/client.gpr
new file mode 100644
index 00000000..b8360a07
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/client.gpr
@@ -0,0 +1,78 @@
+project Client is
+ type OS_Kind is ("Windows", "Linux_Or_Mac");
+
+ OS : OS_Kind := external ("OS", "Linux_Or_Mac");
+
+ for Languages use ("C", "Ada");
+
+ for Source_Dirs use (".",
+ "../../",
+ "../../src",
+ "../../wolfcrypt/src");
+
+ for Object_Dir use "obj";
+
+ for Main use ("tls_client_main.adb");
+
+ package Naming is
+ for Spec_Suffix ("C") use ".h";
+ end Naming;
+
+ package Compiler is
+ for Switches ("C") use
+ ("-DWOLFSSL_USER_SETTINGS", -- Use the user_settings.h file.
+ "-Wno-pragmas",
+ "-Wall",
+ "-Wextra",
+ "-Wunknown-pragmas",
+ "--param=ssp-buffer-size=1",
+ "-Waddress",
+ "-Warray-bounds",
+ "-Wbad-function-cast",
+ "-Wchar-subscripts",
+ "-Wcomment",
+ "-Wfloat-equal",
+ "-Wformat-security",
+ "-Wformat=2",
+ "-Wmaybe-uninitialized",
+ "-Wmissing-field-initializers",
+ "-Wmissing-noreturn",
+ "-Wmissing-prototypes",
+ "-Wnested-externs",
+ "-Wnormalized=id",
+ "-Woverride-init",
+ "-Wpointer-arith",
+ "-Wpointer-sign",
+ "-Wshadow",
+ "-Wsign-compare",
+ "-Wstrict-overflow=1",
+ "-Wstrict-prototypes",
+ "-Wswitch-enum",
+ "-Wundef",
+ "-Wunused",
+ "-Wunused-result",
+ "-Wunused-variable",
+ "-Wwrite-strings",
+ "-fwrapv");
+
+ for Switches ("Ada") use ("-g");
+ end Compiler;
+
+ package Linker is
+ case OS is
+ when "Windows" =>
+ for Switches ("Ada") use
+ ("-lm", -- To include the math library (used by WolfSSL).
+ "-lcrypt32"); -- Needed on Windows.
+
+ when "Linux_Or_Mac" =>
+ for Switches ("Ada") use
+ ("-lm"); -- To include the math library (used by WolfSSL).
+ end case;
+ end Linker;
+
+ package Binder is
+ for Switches ("Ada") use ("-Es"); -- To include stack traces.
+ end Binder;
+
+end Client;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/default.gpr b/extra/wolfssl/wolfssl/wrapper/Ada/default.gpr
new file mode 100644
index 00000000..bbd3b34f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/default.gpr
@@ -0,0 +1,90 @@
+project Default is
+
+ type OS_Kind is ("Windows", "Linux_Or_Mac");
+
+ OS : OS_Kind := external ("OS", "Linux_Or_Mac");
+
+ for Languages use ("C", "Ada");
+
+ for Source_Dirs use (".",
+ "../../",
+ "../../src",
+ "../../wolfcrypt/src");
+
+ -- Don't build the tls client application because it makes use
+ -- of the Secondary Stack due to usage of the Ada.Command_Line
+ -- package. All other Ada source code does not use the secondary stack.
+ for Excluded_Source_Files use ("tls_client_main.adb",
+ "tls_client.ads",
+ "tls_client.adb");
+
+ for Object_Dir use "obj";
+
+ for Main use ("tls_server_main.adb");
+
+ package Naming is
+ for Spec_Suffix ("C") use ".h";
+ end Naming;
+
+ package Builder is
+ for Global_Configuration_Pragmas use "gnat.adc";
+ end Builder;
+
+ package Compiler is
+ for Switches ("C") use
+ ("-DWOLFSSL_USER_SETTINGS", -- Use the user_settings.h file.
+ "-Wno-pragmas",
+ "-Wall",
+ "-Wextra",
+ "-Wunknown-pragmas",
+ "--param=ssp-buffer-size=1",
+ "-Waddress",
+ "-Warray-bounds",
+ "-Wbad-function-cast",
+ "-Wchar-subscripts",
+ "-Wcomment",
+ "-Wfloat-equal",
+ "-Wformat-security",
+ "-Wformat=2",
+ "-Wmaybe-uninitialized",
+ "-Wmissing-field-initializers",
+ "-Wmissing-noreturn",
+ "-Wmissing-prototypes",
+ "-Wnested-externs",
+ "-Wnormalized=id",
+ "-Woverride-init",
+ "-Wpointer-arith",
+ "-Wpointer-sign",
+ "-Wshadow",
+ "-Wsign-compare",
+ "-Wstrict-overflow=1",
+ "-Wstrict-prototypes",
+ "-Wswitch-enum",
+ "-Wundef",
+ "-Wunused",
+ "-Wunused-result",
+ "-Wunused-variable",
+ "-Wwrite-strings",
+ "-fwrapv");
+
+ for Switches ("Ada") use ("-g");
+ end Compiler;
+
+ package Linker is
+ case OS is
+ when "Windows" =>
+ for Switches ("Ada") use
+ ("-lm", -- To include the math library (used by WolfSSL).
+ "-lcrypt32"); -- Needed on Windows.
+
+ when "Linux_Or_Mac" =>
+ for Switches ("Ada") use
+ ("-lm"); -- To include the math library (used by WolfSSL).
+ end case;
+ end Linker;
+
+ package Binder is
+ for Switches ("Ada") use ("-Es"); -- To include stack traces.
+ end Binder;
+
+end Default;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc b/extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc
new file mode 100644
index 00000000..e479c000
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc
@@ -0,0 +1 @@
+pragma Restrictions (No_Secondary_Stack);
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/include.am b/extra/wolfssl/wolfssl/wrapper/Ada/include.am
new file mode 100644
index 00000000..3701e581
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/include.am
@@ -0,0 +1,17 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= wrapper/Ada/README.md
+EXTRA_DIST+= wrapper/Ada/default.gpr
+EXTRA_DIST+= wrapper/Ada/gnat.adc
+EXTRA_DIST+= wrapper/Ada/ada_binding.c
+EXTRA_DIST+= wrapper/Ada/tls_client_main.adb
+EXTRA_DIST+= wrapper/Ada/tls_client.adb
+EXTRA_DIST+= wrapper/Ada/tls_client.ads
+EXTRA_DIST+= wrapper/Ada/tls_server_main.adb
+EXTRA_DIST+= wrapper/Ada/tls_server.adb
+EXTRA_DIST+= wrapper/Ada/tls_server.ads
+EXTRA_DIST+= wrapper/Ada/user_settings.h
+EXTRA_DIST+= wrapper/Ada/wolfssl.adb
+EXTRA_DIST+= wrapper/Ada/wolfssl.ads
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb
new file mode 100644
index 00000000..e315f230
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb
@@ -0,0 +1,138 @@
+-- spark_sockets.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Interfaces.C;
+
+package body SPARK_Sockets is
+
+ function Inet_Addr (Image : String) return Optional_Inet_Addr is
+ A : Inet_Addr_Type;
+ begin
+ A := GNAT.Sockets.Inet_Addr (Image);
+ return (Exists => True, Addr => A);
+ exception
+ when others =>
+ return (Exists => False);
+ end Inet_Addr;
+
+ procedure Create_Socket (Socket : in out Optional_Socket) is
+ S : Socket_Type;
+ begin
+ GNAT.Sockets.Create_Socket (S);
+ Socket := (Exists => True, Socket => S);
+ exception
+ when others =>
+ Socket := (Exists => False);
+ end Create_Socket;
+
+ function Connect_Socket (Socket : Socket_Type;
+ Server : Sock_Addr_Type)
+ return Subprogram_Result is
+ begin
+ GNAT.Sockets.Connect_Socket (Socket, Server);
+ return Success;
+ exception
+ when others =>
+ return Failure;
+ end Connect_Socket;
+
+ function To_C (Socket : Socket_Type) return Integer is
+ begin
+ -- The call to GNAT.Sockets.To_C can never raise an exception.
+ return GNAT.Sockets.To_C (Socket);
+ end To_C;
+
+ procedure Close_Socket (Socket : in out Optional_Socket) is
+ begin
+ GNAT.Sockets.Close_Socket (Socket.Socket);
+ Socket := (Exists => False);
+ end Close_Socket;
+
+ function Set_Socket_Option (Socket : Socket_Type;
+ Level : Level_Type;
+ Option : Option_Type)
+ return Subprogram_Result is
+ begin
+ GNAT.Sockets.Set_Socket_Option (Socket, Level, Option);
+ return Success;
+ exception
+ when others =>
+ return Failure;
+ end Set_Socket_Option;
+
+ function Bind_Socket (Socket : Socket_Type;
+ Address : Sock_Addr_Type)
+ return Subprogram_Result is
+ begin
+ GNAT.Sockets.Bind_Socket (Socket, Address);
+ return Success;
+ exception
+ when others =>
+ return Failure;
+ end Bind_Socket;
+
+ function Listen_Socket (Socket : Socket_Type;
+ Length : Natural) return Subprogram_Result is
+ begin
+ GNAT.Sockets.Listen_Socket (Socket, Length);
+ return Success;
+ exception
+ when others =>
+ return Failure;
+ end Listen_Socket;
+
+ procedure Accept_Socket (Server : Socket_Type;
+ Socket : out Optional_Socket;
+ Address : out Sock_Addr_Type;
+ Result : out Subprogram_Result) is
+ C : Socket_Type;
+ begin
+ GNAT.Sockets.Accept_Socket (Server, C, Address);
+ Socket := (Exists => True, Socket => C);
+ Result := Success;
+ exception
+ when others =>
+ Socket := (Exists => False);
+ Address := (Family => GNAT.Sockets.Family_Unspec);
+ Result := Failure;
+ end Accept_Socket;
+
+ procedure To_C (Item : String;
+ Target : out Byte_Array;
+ Count : out Byte_Index) is
+ begin
+ Interfaces.C.To_C (Item => Item,
+ Target => Target,
+ Count => Count,
+ Append_Nul => False);
+ end To_C;
+
+ procedure To_Ada (Item : Byte_Array;
+ Target : out String;
+ Count : out Natural) is
+ begin
+ Interfaces.C.To_Ada (Item => Item,
+ Target => Target,
+ Count => Count,
+ Trim_Nul => False);
+ end To_Ada;
+
+end SPARK_Sockets;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads
new file mode 100644
index 00000000..ee9864c6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads
@@ -0,0 +1,137 @@
+-- spark_sockets.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+-- GNAT Library packages.
+with GNAT.Sockets;
+
+-- The WolfSSL package.
+with WolfSSL;
+
+-- This is a wrapper package around the GNAT.Sockets package.
+-- GNAT.Sockets raises exceptions to signal errors but exceptions
+-- are not supported by SPARK. This package converts raised exceptions
+-- into returned enumeration values by functions indicating success
+-- or failure.
+--
+-- The intended use of this package is to demonstrate the usage
+-- of the WolfSSL Ada binding in Ada/SPARK code.
+package SPARK_Sockets with SPARK_Mode is
+
+ subtype Byte_Array is WolfSSL.Byte_Array;
+ subtype Byte_Index is WolfSSL.Byte_Index; use type Byte_Index;
+
+ subtype Port_Type is GNAT.Sockets.Port_Type;
+
+ subtype Level_Type is GNAT.Sockets.Level_Type;
+
+ subtype Socket_Type is GNAT.Sockets.Socket_Type;
+ subtype Option_Name is GNAT.Sockets.Option_Name;
+ subtype Option_Type is GNAT.Sockets.Option_Type;
+ subtype Family_Type is GNAT.Sockets.Family_Type;
+
+ subtype Sock_Addr_Type is GNAT.Sockets.Sock_Addr_Type;
+ subtype Inet_Addr_Type is GNAT.Sockets.Inet_Addr_Type;
+
+ Socket_Error : exception renames GNAT.Sockets.Socket_Error;
+
+ Reuse_Address : Option_Name renames GNAT.Sockets.Reuse_Address;
+
+ Socket_Level : Level_Type renames GNAT.Sockets.Socket_Level;
+
+ Family_Inet : Family_Type renames GNAT.Sockets.Family_Inet;
+ use type GNAT.Sockets.Family_Type;
+
+ Any_Inet_Addr : Inet_Addr_Type renames GNAT.Sockets.Any_Inet_Addr;
+
+ subtype Subprogram_Result is WolfSSL.Subprogram_Result;
+ use type Subprogram_Result;
+
+ Success : Subprogram_Result renames WolfSSL.Success;
+ Failure : Subprogram_Result renames WolfSSL.Failure;
+
+ type Optional_Inet_Addr (Exists : Boolean := False) is record
+ case Exists is
+ when True => Addr : Inet_Addr_Type;
+ when False => null;
+ end case;
+ end record;
+
+ function Inet_Addr (Image : String) return Optional_Inet_Addr;
+
+ type Optional_Socket (Exists : Boolean := False) is record
+ case Exists is
+ when True => Socket : Socket_Type;
+ when False => null;
+ end case;
+ end record;
+
+ procedure Create_Socket (Socket : in out Optional_Socket) with
+ Pre => not Socket.Exists;
+
+ function Connect_Socket (Socket : Socket_Type;
+ Server : Sock_Addr_Type)
+ return Subprogram_Result;
+
+ function To_C (Socket : Socket_Type) return Integer with Inline;
+
+ -- Close a socket and more specifically a non-connected socket.
+ procedure Close_Socket (Socket : in out Optional_Socket) with
+ Pre => Socket.Exists,
+ Post => not Socket.Exists;
+
+ function Set_Socket_Option (Socket : Socket_Type;
+ Level : Level_Type;
+ Option : Option_Type)
+ return Subprogram_Result;
+ -- Manipulate socket options.
+
+ function Bind_Socket (Socket : Socket_Type;
+ Address : Sock_Addr_Type)
+ return Subprogram_Result;
+
+ function Listen_Socket (Socket : Socket_Type;
+ Length : Natural) return Subprogram_Result;
+ -- To accept connections, a socket is first created with
+ -- Create_Socket, a willingness to accept incoming connections and
+ -- a queue Length for incoming connections are specified.
+ -- The queue length of 15 is an example value that should be
+ -- appropriate in usual cases. It can be adjusted according to each
+ -- application's particular requirements.
+
+ procedure Accept_Socket (Server : Socket_Type;
+ Socket : out Optional_Socket;
+ Address : out Sock_Addr_Type;
+ Result : out Subprogram_Result) with
+ Post => (if Result = Success then Socket.Exists else not Socket.Exists);
+
+ procedure To_C (Item : String;
+ Target : out Byte_Array;
+ Count : out Byte_Index) with
+ Pre => Item'Length <= Target'Length,
+ Post => Count <= Target'Last;
+
+ procedure To_Ada (Item : Byte_Array;
+ Target : out String;
+ Count : out Natural) with
+ Pre => Item'Length <= Target'Length,
+ Post => Count <= Target'Last;
+
+end SPARK_Sockets;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb
new file mode 100644
index 00000000..14bfb4b1
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb
@@ -0,0 +1,18 @@
+package body SPARK_Terminal is
+
+ procedure Set_Exit_Status (Status : Exit_Status) is
+ begin
+ Ada.Command_Line.Set_Exit_Status (Status);
+ end Set_Exit_Status;
+
+ function Argument_Count return Natural is
+ begin
+ return Ada.Command_Line.Argument_Count;
+ end Argument_Count;
+
+ function Argument (Number : Positive) return String is
+ begin
+ return Ada.Command_Line.Argument (Number);
+ end Argument;
+
+end SPARK_Terminal;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads
new file mode 100644
index 00000000..1c516ca7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads
@@ -0,0 +1,43 @@
+-- spark_sockets.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Ada.Command_Line;
+
+-- SPARK wrapper package around Ada.Command_Line and Interfaces.C
+-- packages because these packages lack contracts in their specification
+-- files that SPARK can use to verify the context in which
+-- subprograms can safely be called.
+package SPARK_Terminal with SPARK_Mode is
+
+ subtype Exit_Status is Ada.Command_Line.Exit_Status;
+
+ Exit_Status_Success : Exit_Status renames Ada.Command_Line.Success;
+ Exit_Status_Failure : Exit_Status renames Ada.Command_Line.Failure;
+
+ procedure Set_Exit_Status (Status : Exit_Status) with
+ Global => null;
+
+ function Argument_Count return Natural;
+
+ function Argument (Number : Positive) return String with
+ Pre => Number <= Argument_Count;
+
+end SPARK_Terminal;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb
new file mode 100644
index 00000000..88f5a60d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb
@@ -0,0 +1,328 @@
+-- tls_client.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+-- Ada Standard Library packages.
+with Ada.Characters.Handling;
+with Ada.Strings.Bounded;
+with Ada.Text_IO;
+with Interfaces.C;
+
+with SPARK_Terminal;
+
+package body Tls_Client with SPARK_Mode is
+
+ use type WolfSSL.Mode_Type;
+ use type WolfSSL.Byte_Index;
+ use type WolfSSL.Byte_Array;
+ use type WolfSSL.Subprogram_Result;
+
+ subtype Byte_Index is WolfSSL.Byte_Index;
+
+ Success : WolfSSL.Subprogram_Result renames WolfSSL.Success;
+
+ subtype Byte_Type is WolfSSL.Byte_Type;
+
+ package Natural_IO is new Ada.Text_IO.Integer_IO (Natural);
+
+ procedure Put (Text : String) is
+ begin
+ Ada.Text_IO.Put (Text);
+ end Put;
+
+ procedure Put (Number : Natural) is
+ begin
+ Natural_IO.Put (Item => Number, Width => 0, Base => 10);
+ end Put;
+
+ procedure Put (Number : Byte_Index) is
+ begin
+ Natural_IO.Put (Item => Natural (Number), Width => 0, Base => 10);
+ end Put;
+
+ procedure Put_Line (Text : String) is
+ begin
+ Ada.Text_IO.Put_Line (Text);
+ end Put_Line;
+
+ procedure New_Line is
+ begin
+ Ada.Text_IO.New_Line;
+ end New_Line;
+
+ subtype Exit_Status is SPARK_Terminal.Exit_Status;
+
+ Exit_Status_Success : Exit_Status renames SPARK_Terminal.Exit_Status_Success;
+ Exit_Status_Failure : Exit_Status renames SPARK_Terminal.Exit_Status_Failure;
+
+ procedure Set (Status : Exit_Status) with Global => null is
+ begin
+ SPARK_Terminal.Set_Exit_Status (Status);
+ end Set;
+
+ subtype Port_Type is SPARK_Sockets.Port_Type;
+
+ subtype Level_Type is SPARK_Sockets.Level_Type;
+
+ subtype Socket_Type is SPARK_Sockets.Socket_Type;
+ subtype Option_Name is SPARK_Sockets.Option_Name;
+ subtype Option_Type is SPARK_Sockets.Option_Type;
+ subtype Family_Type is SPARK_Sockets.Family_Type;
+
+ subtype Sock_Addr_Type is SPARK_Sockets.Sock_Addr_Type;
+ subtype Inet_Addr_Type is SPARK_Sockets.Inet_Addr_Type;
+
+ use type Family_Type;
+
+ Socket_Error : exception renames SPARK_Sockets.Socket_Error;
+
+ Reuse_Address : Option_Name renames SPARK_Sockets.Reuse_Address;
+
+ Socket_Level : Level_Type renames SPARK_Sockets.Socket_Level;
+
+ Family_Inet : Family_Type renames SPARK_Sockets.Family_Inet;
+
+ Any_Inet_Addr : Inet_Addr_Type renames SPARK_Sockets.Any_Inet_Addr;
+
+ CERT_FILE : constant String := "../../../certs/client-cert.pem";
+ KEY_FILE : constant String := "../../../certs/client-key.pem";
+ CA_FILE : constant String := "../../../certs/ca-cert.pem";
+
+ subtype Byte_Array is WolfSSL.Byte_Array;
+
+ function Argument_Count return Natural renames
+ SPARK_Terminal.Argument_Count;
+
+ function Argument (Number : Positive) return String with
+ Pre => Number <= Argument_Count;
+
+ function Argument (Number : Positive) return String is
+ begin
+ return SPARK_Terminal.Argument (Number);
+ end Argument;
+
+ procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
+ Ctx : in out WolfSSL.Context_Type;
+ Client : in out SPARK_Sockets.Optional_Socket) is
+ A : Sock_Addr_Type;
+ C : SPARK_Sockets.Optional_Socket renames Client;
+ D : Byte_Array (1 .. 200);
+ P : constant Port_Type := 11111;
+
+ Addr : SPARK_Sockets.Optional_Inet_Addr;
+
+ Count : WolfSSL.Byte_Index;
+
+ Text : String (1 .. 200);
+ Last : Natural;
+
+ Input : WolfSSL.Read_Result;
+ Output : WolfSSL.Write_Result;
+
+ Result : WolfSSL.Subprogram_Result;
+ begin
+ Result := WolfSSL.Initialize;
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to initialize the WolfSSL library.");
+ return;
+ end if;
+
+ if Argument_Count < 1 then
+ Put_Line ("usage: tcl_client <IPv4 address>");
+ return;
+ end if;
+ SPARK_Sockets.Create_Socket (C);
+ if not C.Exists then
+ Put_Line ("ERROR: Failed to create socket.");
+ return;
+ end if;
+
+ Addr := SPARK_Sockets.Inet_Addr (Argument (1));
+ if not Addr.Exists or
+ (Addr.Exists and then Addr.Addr.Family /= Family_Inet)
+ then
+ Put_Line ("ERROR: please specify IPv4 address.");
+ SPARK_Sockets.Close_Socket (C);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+ A := (Family => Family_Inet,
+ Addr => Addr.Addr,
+ Port => P);
+
+ Result := SPARK_Sockets.Connect_Socket (Socket => C.Socket,
+ Server => A);
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to connect to server.");
+ SPARK_Sockets.Close_Socket (C);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Create and initialize WOLFSSL_CTX.
+ WolfSSL.Create_Context (Method => WolfSSL.TLSv1_3_Client_Method,
+ Context => Ctx);
+ if not WolfSSL.Is_Valid (Ctx) then
+ Put_Line ("ERROR: failed to create WOLFSSL_CTX.");
+ SPARK_Sockets.Close_Socket (C);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Load client certificate into WOLFSSL_CTX.
+ Result := WolfSSL.Use_Certificate_File (Context => Ctx,
+ File => CERT_FILE,
+ Format => WolfSSL.Format_Pem);
+ if Result /= Success then
+ Put ("ERROR: failed to load ");
+ Put (CERT_FILE);
+ Put (", please check the file.");
+ New_Line;
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Load client key into WOLFSSL_CTX.
+ Result := WolfSSL.Use_Private_Key_File (Context => Ctx,
+ File => KEY_FILE,
+ Format => WolfSSL.Format_Pem);
+ if Result /= Success then
+ Put ("ERROR: failed to load ");
+ Put (KEY_FILE);
+ Put (", please check the file.");
+ New_Line;
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Load CA certificate into WOLFSSL_CTX.
+ Result := WolfSSL.Load_Verify_Locations (Context => Ctx,
+ File => CA_FILE,
+ Path => "");
+ if Result /= Success then
+ Put ("ERROR: failed to load ");
+ Put (CA_FILE);
+ Put (", please check the file.");
+ New_Line;
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Create a WOLFSSL object.
+ WolfSSL.Create_WolfSSL (Context => Ctx, Ssl => Ssl);
+ if not WolfSSL.Is_Valid (Ssl) then
+ Put_Line ("ERROR: failed to create WOLFSSL object.");
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Attach wolfSSL to the socket.
+ Result := WolfSSL.Attach (Ssl => Ssl,
+ Socket => SPARK_Sockets.To_C (C.Socket));
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to set the file descriptor.");
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Ssl);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ Result := WolfSSL.Connect (Ssl);
+ if Result /= Success then
+ Put_Line ("ERROR: failed to connect to wolfSSL.");
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Ssl);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ Put ("Message for server: ");
+ Ada.Text_IO.Get_Line (Text, Last);
+
+ SPARK_Sockets.To_C (Item => Text (1 .. Last),
+ Target => D,
+ Count => Count);
+ Output := WolfSSL.Write (Ssl => Ssl,
+ Data => D (1 .. Count));
+ if not Output.Success then
+ Put ("ERROR: write failure");
+ New_Line;
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Ssl);
+ WolfSSL.Free (Context => Ctx);
+ return;
+ end if;
+
+ if Natural (Output.Bytes_Written) < Last then
+ Put ("ERROR: failed to write entire message");
+ New_Line;
+ Put (Output.Bytes_Written);
+ Put (" bytes of ");
+ Put (Last);
+ Put ("bytes were sent");
+ New_Line;
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Ssl);
+ WolfSSL.Free (Context => Ctx);
+ return;
+ end if;
+
+ Input := WolfSSL.Read (Ssl);
+ if not Input.Success then
+ Put_Line ("Read error.");
+ Set (Exit_Status_Failure);
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Ssl);
+ WolfSSL.Free (Context => Ctx);
+ return;
+ end if;
+ if Input.Buffer'Length > Text'Length then
+ SPARK_Sockets.To_Ada (Item => Input.Buffer (1 .. 200),
+ Target => Text,
+ Count => Last);
+ else
+ SPARK_Sockets.To_Ada (Item => Input.Buffer,
+ Target => Text,
+ Count => Last);
+ end if;
+ Put ("Server: ");
+ Put (Text (1 .. Last));
+ New_Line;
+
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Ssl);
+ WolfSSL.Free (Context => Ctx);
+ Result := WolfSSL.Finalize;
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to finalize the WolfSSL library.");
+ end if;
+ end Run;
+
+end Tls_Client;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads
new file mode 100644
index 00000000..50a52b3c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads
@@ -0,0 +1,37 @@
+-- tls_client.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+-- The WolfSSL package.
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+
+package Tls_Client with SPARK_Mode is
+
+ procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
+ Ctx : in out WolfSSL.Context_Type;
+ Client : in out SPARK_Sockets.Optional_Socket) with
+ Pre => (not Client.Exists and not
+ WolfSSL.Is_Valid (Ssl) and not WolfSSL.Is_Valid (Ctx)),
+ Post => (not Client.Exists and not WolfSSL.Is_Valid (Ssl) and
+ not WolfSSL.Is_Valid (Ctx));
+
+end Tls_Client;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb
new file mode 100644
index 00000000..ab50dab8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb
@@ -0,0 +1,33 @@
+-- tls_client_main.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Tls_Client; pragma Elaborate_All (Tls_Client);
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+-- Application entry point for the Ada translation of the
+-- tls client v1.3 example in C.
+procedure Tls_Client_Main is
+ Ssl : WolfSSL.WolfSSL_Type;
+ Ctx : WolfSSL.Context_Type;
+ C : SPARK_Sockets.Optional_Socket;
+begin
+ Tls_Client.Run (Ssl, Ctx, Client => C);
+end Tls_Client_Main;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb
new file mode 100644
index 00000000..2858f26f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb
@@ -0,0 +1,330 @@
+-- tls_server.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+-- Ada Standard Library packages.
+with Ada.Characters.Handling;
+with Ada.Strings.Bounded;
+with Ada.Text_IO.Bounded_IO;
+
+with SPARK_Terminal; pragma Elaborate_All (SPARK_Terminal);
+
+package body Tls_Server with SPARK_Mode is
+
+ use type WolfSSL.Mode_Type;
+ use type WolfSSL.Byte_Index;
+ use type WolfSSL.Byte_Array;
+ use type WolfSSL.Subprogram_Result;
+
+ Success : WolfSSL.Subprogram_Result renames WolfSSL.Success;
+
+ procedure Put (Char : Character) is
+ begin
+ Ada.Text_IO.Put (Char);
+ end Put;
+
+ procedure Put (Text : String) is
+ begin
+ Ada.Text_IO.Put (Text);
+ end Put;
+
+ procedure Put_Line (Text : String) is
+ begin
+ Ada.Text_IO.Put_Line (Text);
+ end Put_Line;
+
+ procedure New_Line is
+ begin
+ Ada.Text_IO.New_Line;
+ end New_Line;
+
+ subtype Exit_Status is SPARK_Terminal.Exit_Status;
+
+ Exit_Status_Success : Exit_Status renames SPARK_Terminal.Exit_Status_Success;
+ Exit_Status_Failure : Exit_Status renames SPARK_Terminal.Exit_Status_Failure;
+
+ procedure Set (Status : Exit_Status) with Global => null is
+ begin
+ SPARK_Terminal.Set_Exit_Status (Status);
+ end Set;
+
+ subtype Port_Type is SPARK_Sockets.Port_Type;
+
+ subtype Level_Type is SPARK_Sockets.Level_Type;
+
+ subtype Socket_Type is SPARK_Sockets.Socket_Type;
+ subtype Option_Name is SPARK_Sockets.Option_Name;
+ subtype Option_Type is SPARK_Sockets.Option_Type;
+ subtype Family_Type is SPARK_Sockets.Family_Type;
+
+ subtype Sock_Addr_Type is SPARK_Sockets.Sock_Addr_Type;
+ subtype Inet_Addr_Type is SPARK_Sockets.Inet_Addr_Type;
+
+ Socket_Error : exception renames SPARK_Sockets.Socket_Error;
+
+ Reuse_Address : Option_Name renames SPARK_Sockets.Reuse_Address;
+
+ Socket_Level : Level_Type renames SPARK_Sockets.Socket_Level;
+
+ Family_Inet : Family_Type renames SPARK_Sockets.Family_Inet;
+
+ Any_Inet_Addr : Inet_Addr_Type renames SPARK_Sockets.Any_Inet_Addr;
+
+ CERT_FILE : constant String := "../../../certs/server-cert.pem";
+ KEY_FILE : constant String := "../../../certs/server-key.pem";
+ CA_FILE : constant String := "../../../certs/client-cert.pem";
+
+ subtype Byte_Array is WolfSSL.Byte_Array;
+
+ Reply : constant Byte_Array := "I hear ya fa shizzle!";
+
+ procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
+ Ctx : in out WolfSSL.Context_Type;
+ L : in out SPARK_Sockets.Optional_Socket;
+ C : in out SPARK_Sockets.Optional_Socket) is
+ A : Sock_Addr_Type;
+ P : constant Port_Type := 11111;
+
+ Ch : Character;
+
+ Result : WolfSSL.Subprogram_Result;
+ Shall_Continue : Boolean := True;
+
+ Input : WolfSSL.Read_Result;
+ Output : WolfSSL.Write_Result;
+ Option : Option_Type;
+ begin
+ Result := WolfSSL.Initialize;
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to initialize the WolfSSL library.");
+ return;
+ end if;
+
+ SPARK_Sockets.Create_Socket (Socket => L);
+ if not L.Exists then
+ Put_Line ("ERROR: Failed to create socket.");
+ return;
+ end if;
+
+ Option := (Name => Reuse_Address, Enabled => True);
+ Result := SPARK_Sockets.Set_Socket_Option (Socket => L.Socket,
+ Level => Socket_Level,
+ Option => Option);
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to set socket option.");
+ SPARK_Sockets.Close_Socket (L);
+ return;
+ end if;
+
+ A := (Family => Family_Inet,
+ Addr => Any_Inet_Addr,
+ Port => P);
+ Result := SPARK_Sockets.Bind_Socket (Socket => L.Socket,
+ Address => A);
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to bind socket.");
+ SPARK_Sockets.Close_Socket (L);
+ return;
+ end if;
+
+ Result := SPARK_Sockets.Listen_Socket (Socket => L.Socket,
+ Length => 5);
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to configure listener socket.");
+ SPARK_Sockets.Close_Socket (L);
+ return;
+ end if;
+
+ -- Create and initialize WOLFSSL_CTX.
+ WolfSSL.Create_Context (Method => WolfSSL.TLSv1_3_Server_Method,
+ Context => Ctx);
+ if not WolfSSL.Is_Valid (Ctx) then
+ Put_Line ("ERROR: failed to create WOLFSSL_CTX.");
+ SPARK_Sockets.Close_Socket (L);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Require mutual authentication.
+ WolfSSL.Set_Verify
+ (Context => Ctx,
+ Mode => WolfSSL.Verify_Peer & WolfSSL.Verify_Fail_If_No_Peer_Cert);
+
+ -- Load server certificates into WOLFSSL_CTX.
+ Result := WolfSSL.Use_Certificate_File (Context => Ctx,
+ File => CERT_FILE,
+ Format => WolfSSL.Format_Pem);
+ if Result /= Success then
+ Put ("ERROR: failed to load ");
+ Put (CERT_FILE);
+ Put (", please check the file.");
+ New_Line;
+ SPARK_Sockets.Close_Socket (L);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Load server key into WOLFSSL_CTX.
+ Result := WolfSSL.Use_Private_Key_File (Context => Ctx,
+ File => KEY_FILE,
+ Format => WolfSSL.Format_Pem);
+ if Result /= Success then
+ Put ("ERROR: failed to load ");
+ Put (KEY_FILE);
+ Put (", please check the file.");
+ New_Line;
+ SPARK_Sockets.Close_Socket (L);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Load client certificate as "trusted" into WOLFSSL_CTX.
+ Result := WolfSSL.Load_Verify_Locations (Context => Ctx,
+ File => CA_FILE,
+ Path => "");
+ if Result /= Success then
+ Put ("ERROR: failed to load ");
+ Put (CA_FILE);
+ Put (", please check the file.");
+ New_Line;
+ SPARK_Sockets.Close_Socket (L);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ while Shall_Continue loop
+ pragma Loop_Invariant (not C.Exists);
+ pragma Loop_Invariant (not WolfSSL.Is_Valid (Ssl));
+ pragma Loop_Invariant (WolfSSL.Is_Valid (Ctx));
+
+ Put_Line ("Waiting for a connection...");
+ SPARK_Sockets.Accept_Socket (Server => L.Socket,
+ Socket => C,
+ Address => A,
+ Result => Result);
+ if Result /= Success then
+ Put_Line ("ERROR: failed to accept the connection.");
+ SPARK_Sockets.Close_Socket (L);
+ WolfSSL.Free (Context => Ctx);
+ return;
+ end if;
+
+ -- Create a WOLFSSL object.
+ WolfSSL.Create_WolfSSL (Context => Ctx, Ssl => Ssl);
+ if not WolfSSL.Is_Valid (Ssl) then
+ Put_Line ("ERROR: failed to create WOLFSSL object.");
+ SPARK_Sockets.Close_Socket (L);
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Attach wolfSSL to the socket.
+ Result := WolfSSL.Attach (Ssl => Ssl,
+ Socket => SPARK_Sockets.To_C (C.Socket));
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to set the file descriptor.");
+ WolfSSL.Free (Ssl);
+ SPARK_Sockets.Close_Socket (L);
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Establish TLS connection.
+ Result := WolfSSL.Accept_Connection (Ssl);
+ if Result /= Success then
+ Put_Line ("Accept error.");
+ WolfSSL.Free (Ssl);
+ SPARK_Sockets.Close_Socket (L);
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ Put_Line ("Client connected successfully.");
+
+ Input := WolfSSL.Read (Ssl);
+ if not Input.Success then
+ Put_Line ("Read error.");
+ WolfSSL.Free (Ssl);
+ SPARK_Sockets.Close_Socket (L);
+ SPARK_Sockets.Close_Socket (C);
+ WolfSSL.Free (Context => Ctx);
+ Set (Exit_Status_Failure);
+ return;
+ end if;
+
+ -- Print to stdout any data the client sends.
+ for I in Input.Buffer'Range loop
+ Ch := Character (Input.Buffer (I));
+ if Ada.Characters.Handling.Is_Graphic (Ch) then
+ Put (Ch);
+ else
+ null;
+ -- Ignore the "newline" characters at end of message.
+ end if;
+ end loop;
+ New_Line;
+
+ -- Check for server shutdown command.
+ if Input.Last >= 8 then
+ if Input.Buffer (1 .. 8) = "shutdown" then
+ Put_Line ("Shutdown command issued!");
+ Shall_Continue := False;
+ end if;
+ end if;
+
+ Output := WolfSSL.Write (Ssl, Reply);
+ if not Output.Success then
+ Put_Line ("ERROR: write failure.");
+ elsif Output.Bytes_Written /= Reply'Length then
+ Put_Line ("ERROR: failed to write full response.");
+ end if;
+
+ for I in 1 .. 3 loop
+ Result := WolfSSL.Shutdown (Ssl);
+ exit when Result = Success;
+ delay 0.001; -- Delay is expressed in seconds.
+ end loop;
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to shutdown WolfSSL context.");
+ end if;
+ WolfSSL.Free (Ssl);
+ SPARK_Sockets.Close_Socket (C);
+
+ Put_Line ("Shutdown complete.");
+ end loop;
+ SPARK_Sockets.Close_Socket (L);
+ WolfSSL.Free (Context => Ctx);
+ Result := WolfSSL.Finalize;
+ if Result /= Success then
+ Put_Line ("ERROR: Failed to finalize the WolfSSL library.");
+ return;
+ end if;
+ end Run;
+
+end Tls_Server;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads
new file mode 100644
index 00000000..142fad2c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads
@@ -0,0 +1,39 @@
+-- tls_server.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+-- SPARK wrapper package around GNAT Library packages.
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+
+-- The WolfSSL package.
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+
+package Tls_Server with SPARK_Mode is
+
+ procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
+ Ctx : in out WolfSSL.Context_Type;
+ L : in out SPARK_Sockets.Optional_Socket;
+ C : in out SPARK_Sockets.Optional_Socket) with
+ Pre => (not C.Exists and not L.Exists and not
+ WolfSSL.Is_Valid (Ssl) and not WolfSSL.Is_Valid (Ctx)),
+ Post => (not C.Exists and not L.Exists and not
+ WolfSSL.Is_Valid (Ssl) and not WolfSSL.Is_Valid (Ctx));
+
+end Tls_Server;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb
new file mode 100644
index 00000000..80b3a88d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb
@@ -0,0 +1,39 @@
+-- tls_server_main.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Tls_Server; pragma Elaborate_All (Tls_Server);
+
+-- SPARK wrapper package around GNAT Library packages.
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+
+-- The WolfSSL package.
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+
+-- Application entry point for the Ada translation of the
+-- tls server v1.3 example in C.
+procedure Tls_Server_Main is
+ Ssl : WolfSSL.WolfSSL_Type;
+ Ctx : WolfSSL.Context_Type;
+ L : SPARK_Sockets.Optional_Socket;
+ C : SPARK_Sockets.Optional_Socket;
+begin
+ Tls_Server.Run (Ssl, Ctx, L, C);
+end Tls_Server_Main;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h b/extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h
new file mode 100644
index 00000000..df4ada44
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h
@@ -0,0 +1,385 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* should be renamed to user_settings.h for customer use
+ * generated from configure options ./configure --enable-all
+ *
+ * Cleaned up by David Garske
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Usually comes from configure -> config.h */
+#define HAVE_SYS_TIME_H
+
+/* Features */
+#define SINGLE_THREADED
+#define WOLFSSL_IGNORE_FILE_WARN /* Ignore *.c include warnings */
+#define WOLFSSL_PUBLIC_MP /* Make math API's public */
+#define WOLFSSL_ENCRYPTED_KEYS /* Support for encrypted keys PKCS8 */
+//#define WOLFSSL_SYS_CA_CERTS /* Enable ability to load CA certs from OS */
+
+#if 0 /* Not needed */
+ #define KEEP_PEER_CERT /* Retain peer's certificate */
+ #define KEEP_OUR_CERT /* Keep our certificate */
+ #define WOLFSSL_ALWAYS_VERIFY_CB /* Always call verify callback (configured via wolfSSL_CTX_set_verify API) */
+ #define WOLFSSL_VERIFY_CB_ALL_CERTS /* Call verify callback for all intermediate certs */
+ #define WOLFSSL_ALWAYS_KEEP_SNI
+ #define WOLFSSL_EXTRA_ALERTS /* Allow sending other TLS alerts */
+ #define HAVE_EX_DATA /* Enable "extra" EX data API's for user information in CTX/WOLFSSL */
+ #define HAVE_EXT_CACHE
+ #define ATOMIC_USER /* Enable Atomic Record Layer callbacks */
+ #define HAVE_PK_CALLBACKS /* Enable public key callbacks */
+ #define WOLFSSL_ALT_NAMES /* Allow alternate cert chain validation to any trusted cert (not entire chain presented by peer) */
+ #define HAVE_NULL_CIPHER /* Enable use of TLS cipher suites without cipher (clear text / no encryption) */
+ #define WOLFSSL_HAVE_CERT_SERVICE
+ #define WOLFSSL_JNI
+ #define WOLFSSL_SEP /* certificate policy set extension */
+ #define WOLFCRYPT_HAVE_SRP
+ #define WOLFSSL_HAVE_WOLFSCEP
+ #define HAVE_PKCS7
+ #define WOLFSSL_SIGNER_DER_CERT
+ #define WOLFSSL_TRUST_PEER_CERT
+ #define WOLFSSL_WOLFSSH
+ #define WC_NO_ASYNC_THREADING
+#endif
+
+/* TLS Features */
+#define WOLFSSL_TLS13
+#define WOLFSSL_EITHER_SIDE /* allow generic server/client method for WOLFSSL_CTX new */
+#define WOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE
+
+/* DTLS */
+#if 0
+ #define WOLFSSL_DTLS
+ #define WOLFSSL_MULTICAST
+
+ /* DTLS v1.3 is not yet included with enable-all */
+ //#define WOLFSSL_DTLS13
+#endif
+
+/* DG Disabled SSLv3 and TLSv1.0 - should avoid using */
+//#define WOLFSSL_ALLOW_SSLV3
+//#define WOLFSSL_ALLOW_TLSV10
+
+/* TLS Extensions */
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_ONE_TIME_AUTH
+#define HAVE_SNI
+#define HAVE_ALPN
+#define HAVE_MAX_FRAGMENT
+#define HAVE_TRUNCATED_HMAC
+#define HAVE_SESSION_TICKET
+#define WOLFSSL_TICKET_HAVE_ID
+#define WOLFSSL_FORCE_CACHE_ON_TICKET
+#define HAVE_EXTENDED_MASTER
+#define HAVE_TRUSTED_CA
+#define HAVE_ENCRYPT_THEN_MAC
+#define WOLFSSL_POST_HANDSHAKE_AUTH
+#define WOLFSSL_SEND_HRR_COOKIE /* Used by DTLS v1.3 */
+#define HAVE_ANON /* anon cipher suites */
+#define HAVE_FALLBACK_SCSV /* TLS_FALLBACK_SCSV */
+#define WOLFSSL_EARLY_DATA
+#define HAVE_SERVER_RENEGOTIATION_INFO
+
+/* TLS Session Cache */
+#define SESSION_CERTS
+#define PERSIST_SESSION_CACHE
+#define PERSIST_CERT_CACHE
+
+/* Key and Certificate Generation */
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_MULTI_ATTRIB
+#define HAVE_SMIME
+#define WOLFSSL_DER_LOAD
+#define ASN_BER_TO_DER /* BER to DER support */
+#define WOLFSSL_HAVE_ISSUER_NAMES /* Store pointers to issuer name components and their lengths and encodings */
+#define WOLFSSL_SUBJ_DIR_ATTR /* Enable support for SubjectDirectoryAttributes extension */
+#define WOLFSSL_SUBJ_INFO_ACC /* Enable support for SubjectInfoAccess extension */
+#define WOLFSSL_CERT_NAME_ALL /* Adds more certificate name capability at the cost of taking up more memory. Adds initials, givenname, dnQualifer for example */
+#define WOLFSSL_FPKI /* Enable support for FPKI (Federal PKI) extensions */
+#define WOLFSSL_AKID_NAME /* Enable support for full AuthorityKeyIdentifier extension. Only supports copying full AKID from an existing certificate */
+#define HAVE_CTS /* Ciphertext stealing interface */
+#define WOLFSSL_PEM_TO_DER
+#define WOLFSSL_DER_TO_PEM
+#define WOLFSSL_CUSTOM_OID
+#define HAVE_OID_ENCODING
+#define WOLFSSL_ASN_TEMPLATE
+
+/* Certificate Revocation */
+#define HAVE_OCSP
+#define HAVE_CERTIFICATE_STATUS_REQUEST
+#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
+#define HAVE_CRL
+#define HAVE_CRL_IO
+#define HAVE_IO_TIMEOUT
+//#define HAVE_CRL_MONITOR /* DG Disabled (Monitors CRL files on filesystem) - not portable feature */
+
+
+#if 1
+ /* sp_int.c */
+ #define WOLFSSL_SP_MATH_ALL
+#else
+ /* Fast math key size 4096-bit max */
+ #define USE_FAST_MATH
+#endif
+//#define HAVE___UINT128_T 1 /* DG commented: May not be portable */
+
+/* Max Sizes */
+#define RSA_MAX_SIZE 4096
+#define FP_MAX_BITS 8192
+#define SP_INT_BITS 4096
+
+
+/* Timing Resistance */
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
+/* DH Key Sizes */
+#define HAVE_FFDHE_2048
+#define HAVE_FFDHE_3072
+#define WOLFSSL_DH_EXTRA /* Enable additional DH key import/export */
+#define HAVE_DH_DEFAULT_PARAMS
+
+/* ECC Features */
+#define HAVE_ECC
+#define TFM_ECC256
+#define ECC_SHAMIR
+#define WOLFSSL_CUSTOM_CURVES /* enable other curves (not just prime) */
+#define HAVE_ECC_SECPR2
+#define HAVE_ECC_SECPR3
+#define HAVE_ECC_BRAINPOOL
+#define HAVE_ECC_KOBLITZ
+#define HAVE_ECC_CDH /* Co-factor */
+#define HAVE_COMP_KEY /* Compressed key support */
+#define FP_ECC /* Fixed point caching - speed repeated operations against same key */
+#define HAVE_ECC_ENCRYPT
+#define WOLFCRYPT_HAVE_ECCSI
+#define WOLFCRYPT_HAVE_SAKKE
+#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
+
+/* RSA */
+#define WC_RSA_PSS
+#define WOLFSSL_PSS_LONG_SALT
+#define WC_RSA_NO_PADDING
+
+/* AES */
+#define HAVE_AES_DECRYPT
+#define HAVE_AES_ECB
+#define WOLFSSL_AES_DIRECT
+#define WOLFSSL_AES_COUNTER
+#define HAVE_AESGCM
+#define GCM_TABLE_4BIT
+#define WOLFSSL_AESGCM_STREAM
+#define HAVE_AESCCM
+#define WOLFSSL_AES_OFB
+#define WOLFSSL_AES_CFB
+#define WOLFSSL_AES_XTS
+#define HAVE_AES_KEYWRAP
+#define WOLFSSL_AES_CBC_LENGTH_CHECKS
+#define WOLFSSL_USE_ALIGN
+#define WOLFSSL_AES_SIV
+
+/* Hashing */
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA512
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHAKE256
+#define WOLFSSL_SHA3
+#define WOLFSSL_HASH_FLAGS /* enable hash flag API's */
+#define WOLFSSL_SHAKE256
+
+/* Additional Algorithms */
+#define HAVE_HASHDRBG
+#define HAVE_CURVE25519
+#define HAVE_ED25519
+#define WOLFSSL_ED25519_STREAMING_VERIFY
+#define CURVED25519_SMALL
+#define HAVE_ED448
+#define WOLFSSL_ED448_STREAMING_VERIFY
+#define HAVE_CURVE448
+#define HAVE_POLY1305
+#define HAVE_CHACHA
+#define HAVE_XCHACHA
+#define HAVE_HKDF
+#define HAVE_X963_KDF
+#define WOLFSSL_CMAC
+#define WOLFSSL_DES_ECB
+#define HAVE_BLAKE2
+#define HAVE_BLAKE2B
+#define HAVE_BLAKE2S
+#define WOLFSSL_SIPHASH
+#define HAVE_KEYING_MATERIAL
+#define WOLFSSL_HAVE_PRF
+
+/* Encrypted Client Hello */
+#define HAVE_HPKE
+#define HAVE_ECH
+
+/* Non-Standard Algorithms (DG disabled) */
+//#define HAVE_CAMELLIA
+//#define WOLFSSL_RIPEMD
+//#define HAVE_SCRYPT
+//#define WOLFSSL_MD2
+//#define WOLFSSL_ALLOW_RC4
+
+/* Encoding */
+#define WOLFSSL_BASE16
+#define WOLFSSL_BASE64_ENCODE
+
+
+/* Openssl compatibility */
+#if 0 /* DG Disabled */
+ /* Openssl compatibility API's */
+ #define OPENSSL_EXTRA
+ #define OPENSSL_ALL
+ #define HAVE_OPENSSL_CMD
+ #define SSL_TXT_TLSV1_2
+ #define SSL_TXT_TLSV1_1
+ #define OPENSSL_NO_SSL2
+ #define OPENSSL_NO_SSL3
+ #define NO_OLD_RNGNAME
+ #define NO_OLD_WC_NAMES
+ #define NO_OLD_SSL_NAMES
+ #define NO_OLD_SHA_NAMES
+ #define NO_OLD_MD5_NAME
+ #define OPENSSL_NO_EC /* macro to enable ECC in openssl */
+ #define WOLFSSL_VERBOSE_ERRORS
+ #define ERROR_QUEUE_PER_THREAD
+ #define WOLFSSL_ERROR_CODE_OPENSSL
+ #define HAVE_WOLFSSL_SSL_H 1
+ #define OPENSSL_COMPATIBLE_DEFAULTS
+
+ /* Openssl compatibility application specific */
+ #define WOLFSSL_LIBWEBSOCKETS
+ #define WOLFSSL_OPENSSH
+ #define WOLFSSL_QT
+ #define FORTRESS
+ #define HAVE_WEBSERVER
+ #define HAVE_LIGHTY
+ #define WOLFSSL_NGINX
+ #define WOLFSSL_HAPROXY
+ #define HAVE_STUNNEL
+ #define WOLFSSL_ASIO
+ #define ASIO_USE_WOLFSSL
+ #define BOOST_ASIO_USE_WOLFSSL
+ #define WOLFSSL_OPENVPN
+
+ #define NO_WOLFSSL_STUB
+#endif
+
+/* TLS static cipher support - off by default */
+#if 0
+ #define WOLFSSL_STATIC_RSA
+ #define WOLFSSL_STATIC_DH
+ #define WOLFSSL_STATIC_PSK
+#endif
+
+/* TLS sniffer support - off by default */
+#if 0
+ #define WOLFSSL_STATIC_EPHEMERAL
+ #define WOLFSSL_SNIFFER
+#endif
+
+/* Deprecated */
+#define NO_DSA
+#define NO_MD4
+#define NO_MD5
+#define NO_OLD_TLS
+
+/* Used to manually test disable edge cases */
+#ifdef TEST_DISABLES
+ #define NO_SESSION_CACHE
+
+ //#define NO_ECC256
+ //#define NO_ECC_KEY_EXPORT
+ //#define NO_ECC_DHE
+ //#define NO_ECC_SIGN
+ //#define NO_ECC_VERIFY
+
+ //#define NO_RSA
+ #define NO_DH
+
+ #define NO_SHA
+ #define NO_SHA256
+ #ifdef NO_SHA256
+ #undef WOLFSSL_SHA224
+ #endif
+ #define NO_SHA512
+ #ifdef NO_SHA512
+ #undef WOLFSSL_SHA384
+ #undef WOLFSSL_SHA512
+ #undef HAVE_ED25519
+ #endif
+
+ //#define NO_KDF
+ //#define NO_HMAC
+
+ #define NO_RC4
+ #define NO_DES3
+ //#define NO_AES
+ #define NO_AES_CBC
+ #define WOLFSSL_NO_SHAKE128
+
+ #define NO_PSK
+ #define NO_PWDBASED
+
+ //#define WOLFSSL_NO_TLS12
+
+ //#define NO_64BIT
+ #define WOLFSSL_SP_NO_MALLOC
+ #define NO_FILESYSTEM
+ #define NO_WRITEV
+
+ #define NO_ERROR_STRINGS
+ //#define NO_WOLFSSL_CLIENT
+ //#define NO_WOLFSSL_SERVER
+
+ #define NO_MULTIBYTE_PRINT
+ //#define NO_ASN_TIME
+ //#define NO_ASN_CRYPT
+ //#define NO_CODING
+ #define NO_SIG_WRAPPER
+ //#define NO_HASH_WRAPPER
+ //#define WC_NO_HARDEN
+
+ //#define NO_CERTS
+ //#define NO_ASN
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif /* WOLFSSL_USER_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb
new file mode 100644
index 00000000..f1eac8f8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb
@@ -0,0 +1,688 @@
+-- wolfssl.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Interfaces.C.Strings;
+
+package body WolfSSL is
+
+ subtype size_t is Interfaces.C.size_t; use type size_t;
+
+ subtype long is Interfaces.C.long;
+ subtype unsigned_long is Interfaces.C.unsigned_long;
+
+ WOLFSSL_SUCCESS : constant int := Get_WolfSSL_Success;
+
+ function Initialize_WolfSSL return int with
+ Convention => C,
+ External_Name => "wolfSSL_Init",
+ Import => True;
+
+ function Finalize_WolfSSL return int with
+ Convention => C,
+ External_Name => "wolfSSL_Cleanup",
+ Import => True;
+
+ function Initialize return Subprogram_Result is
+ Result : constant int := Initialize_WolfSSL;
+ begin
+ return Subprogram_Result (Result);
+ end Initialize;
+
+ function Finalize return Subprogram_Result is
+ Result : constant int := Finalize_WolfSSL;
+ begin
+ return Subprogram_Result (Result);
+ end Finalize;
+
+ function Is_Valid (Context : Context_Type) return Boolean is
+ begin
+ return Context /= null;
+ end Is_Valid;
+
+ function WolfTLSv1_2_Server_Method return Method_Type with
+ Convention => C,
+ External_Name => "wolfTLSv1_2_server_method",
+ Import => True;
+
+ function TLSv1_2_Server_Method return Method_Type is
+ begin
+ return WolfTLSv1_2_Server_Method;
+ end TLSv1_2_Server_Method;
+
+ function WolfTLSv1_2_Client_Method return Method_Type with
+ Convention => C,
+ External_Name => "wolfTLSv1_2_client_method",
+ Import => True;
+
+ function TLSv1_2_Client_Method return Method_Type is
+ begin
+ return WolfTLSv1_2_Client_Method;
+ end TLSv1_2_Client_Method;
+
+ function WolfTLSv1_3_Server_Method return Method_Type with
+ Convention => C,
+ External_Name => "wolfTLSv1_3_server_method",
+ Import => True;
+
+ function TLSv1_3_Server_Method return Method_Type is
+ begin
+ return WolfTLSv1_3_Server_Method;
+ end TLSv1_3_Server_Method;
+
+ function WolfTLSv1_3_Client_Method return Method_Type with
+ Convention => C,
+ External_Name => "wolfTLSv1_3_client_method",
+ Import => True;
+
+ function TLSv1_3_Client_Method return Method_Type is
+ begin
+ return WolfTLSv1_3_Client_Method;
+ end TLSv1_3_Client_Method;
+
+ function WolfSSL_CTX_new (Method : Method_Type)
+ return Context_Type with
+ Convention => C, External_Name => "wolfSSL_CTX_new", Import => True;
+
+ procedure Create_Context (Method : Method_Type;
+ Context : out Context_Type) is
+ begin
+ Context := WolfSSL_CTX_new (Method);
+ end Create_Context;
+
+ procedure WolfSSL_CTX_free (Context : Context_Type) with
+ Convention => C, External_Name => "wolfSSL_CTX_free", Import => True;
+
+ procedure Free (Context : in out Context_Type) is
+ begin
+ WolfSSL_CTX_free (Context);
+ Context := null;
+ end Free;
+
+ type Opaque_X509_Store_Context is limited null record;
+ type X509_Store_Context is access Opaque_X509_Store_Context with
+ Convention => C;
+
+ type Verify_Callback is access function
+ (A : int;
+ Context : X509_Store_Context)
+ return int
+ with Convention => C;
+
+ procedure WolfSSL_CTX_Set_Verify (Context : Context_Type;
+ Mode : int;
+ Callback : Verify_Callback) with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_set_verify",
+ Import => True;
+ -- This function sets the verification method for remote peers and
+ -- also allows a verify callback to be registered with the SSL
+ -- context. The verify callback will be called only when a
+ -- verification failure has occurred. If no verify callback is
+ -- desired, the NULL pointer can be used for verify_callback.
+ -- The verification mode of peer certificates is a logically OR'd
+ -- list of flags. The possible flag values include:
+ -- SSL_VERIFY_NONE Client mode: the client will not verify the
+ -- certificate received from the server and the handshake will
+ -- continue as normal. Server mode: the server will not send a
+ -- certificate request to the client. As such, client verification
+ -- will not be enabled. SSL_VERIFY_PEER Client mode: the client will
+ -- verify the certificate received from the server during the
+ -- handshake. This is turned on by default in wolfSSL, therefore,
+ -- using this option has no effect. Server mode: the server will send
+ -- a certificate request to the client and verify the client
+ -- certificate received. SSL_VERIFY_FAIL_IF_NO_PEER_CERT Client mode:
+ -- no effect when used on the client side. Server mode:
+ -- the verification will fail on the server side if the client fails
+ -- to send a certificate when requested to do so (when using
+ -- SSL_VERIFY_PEER on the SSL server).
+ -- SSL_VERIFY_FAIL_EXCEPT_PSK Client mode: no effect when used on
+ -- the client side. Server mode: the verification is the same as
+ -- SSL_VERIFY_FAIL_IF_NO_PEER_CERT except in the case of a
+ -- PSK connection. If a PSK connection is being made then the
+ -- connection will go through without a peer cert.
+
+ function "&" (Left, Right : Mode_Type) return Mode_Type is
+ L : constant Unsigned_32 := Unsigned_32 (Left);
+ R : constant Unsigned_32 := Unsigned_32 (Right);
+ begin
+ return Mode_Type (L and R);
+ end "&";
+
+ procedure Set_Verify (Context : Context_Type;
+ Mode : Mode_Type) is
+ begin
+ WolfSSL_CTX_Set_Verify (Context => Context,
+ Mode => int (Mode),
+ Callback => null);
+ end Set_Verify;
+
+ function Use_Certificate_File (Context : Context_Type;
+ File : char_array;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_use_certificate_file",
+ Import => True;
+
+ function Use_Certificate_File (Context : Context_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result is
+ Ctx : constant Context_Type := Context;
+ C : size_t;
+ F : char_array (1 .. File'Length + 1);
+ Result : int;
+ begin
+ Interfaces.C.To_C (Item => File,
+ Target => F,
+ Count => C,
+ Append_Nul => True);
+ Result := Use_Certificate_File (Ctx, F (1 .. C), int (Format));
+ return Subprogram_Result (Result);
+ end Use_Certificate_File;
+
+ function Use_Certificate_Buffer (Context : Context_Type;
+ Input : char_array;
+ Size : long;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_use_certificate_buffer",
+ Import => True;
+
+ function Use_Certificate_Buffer (Context : Context_Type;
+ Input : char_array;
+ Format : File_Format)
+ return Subprogram_Result is
+ Result : int;
+ begin
+ Result := Use_Certificate_Buffer (Context, Input,
+ Input'Length, int (Format));
+ return Subprogram_Result (Result);
+ end Use_Certificate_Buffer;
+
+ function Use_Private_Key_File (Context : Context_Type;
+ File : char_array;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_use_PrivateKey_file",
+ Import => True;
+
+ function Use_Private_Key_File (Context : Context_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result is
+ Ctx : constant Context_Type := Context;
+ C : size_t;
+ F : char_array (1 .. File'Length + 1);
+ Result : int;
+ begin
+ Interfaces.C.To_C (Item => File,
+ Target => F,
+ Count => C,
+ Append_Nul => True);
+ Result := Use_Private_Key_File (Ctx, F (1 .. C), int (Format));
+ return Subprogram_Result (Result);
+ end Use_Private_Key_File;
+
+ function Use_Private_Key_Buffer (Context : Context_Type;
+ Input : char_array;
+ Size : long;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_use_PrivateKey_buffer",
+ Import => True;
+
+ function Use_Private_Key_Buffer (Context : Context_Type;
+ Input : Byte_Array;
+ Format : File_Format)
+ return Subprogram_Result is
+ Result : int;
+ begin
+ Result := Use_Private_Key_Buffer (Context, Input,
+ Input'Length, int (Format));
+ return Subprogram_Result (Result);
+ end Use_Private_Key_Buffer;
+
+ function Load_Verify_Locations1
+ (Context : Context_Type;
+ File : char_array;
+ Path : char_array) return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_load_verify_locations",
+ Import => True;
+ -- This function loads PEM-formatted CA certificate files into
+ -- the SSL context (WOLFSSL_CTX). These certificates will be treated
+ -- as trusted root certificates and used to verify certs received
+ -- from peers during the SSL handshake. The root certificate file,
+ -- provided by the file argument, may be a single certificate or a
+ -- file containing multiple certificates. If multiple CA certs are
+ -- included in the same file, wolfSSL will load them in the same order
+ -- they are presented in the file. The path argument is a pointer to
+ -- the name of a directory that contains certificates of trusted
+ -- root CAs. If the value of file is not NULL, path may be specified
+ -- as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was
+ -- not defined when building the library, wolfSSL will load all
+ -- CA certificates located in the given directory. This function will
+ -- attempt to load all files in the directory. This function expects
+ -- PEM formatted CERT_TYPE file with header "--BEGIN CERTIFICATE--".
+
+ subtype char_array_ptr is Interfaces.C.Strings.char_array_access;
+
+ function Load_Verify_Locations2
+ (Context : Context_Type;
+ File : char_array;
+ Path : char_array_ptr) return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_load_verify_locations",
+ Import => True;
+
+ function Load_Verify_Locations3
+ (Context : Context_Type;
+ File : char_array_ptr;
+ Path : char_array) return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_load_verify_locations",
+ Import => True;
+
+ function Load_Verify_Locations4
+ (Context : Context_Type;
+ File : char_array_ptr;
+ Path : char_array_ptr) return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_load_verify_locations",
+ Import => True;
+
+ function Load_Verify_Locations (Context : Context_Type;
+ File : String;
+ Path : String)
+ return Subprogram_Result is
+ Ctx : constant Context_Type := Context;
+ FC : size_t; -- File Count, specifies the characters used in F.
+ F : aliased char_array := (1 .. File'Length + 1 => '#');
+
+ PC : size_t; -- Path Count, specifies the characters used in P.
+ P : aliased char_array := (1 .. Path'Length + 1 => '#');
+
+ Result : int;
+ begin
+ if File = "" then
+ if Path = "" then
+ Result := Load_Verify_Locations4 (Ctx, null, null);
+ else
+ Interfaces.C.To_C (Item => Path,
+ Target => P,
+ Count => PC,
+ Append_Nul => True);
+ Result := Load_Verify_Locations3 (Ctx, null, P);
+ end if;
+ else
+ Interfaces.C.To_C (Item => File,
+ Target => F,
+ Count => FC,
+ Append_Nul => True);
+ if Path = "" then
+ Result := Load_Verify_Locations2 (Ctx, F, null);
+ else
+ Interfaces.C.To_C (Item => Path,
+ Target => P,
+ Count => PC,
+ Append_Nul => True);
+ Interfaces.C.To_C (Item => Path,
+ Target => P,
+ Count => PC,
+ Append_Nul => True);
+ Result := Load_Verify_Locations1 (Context => Ctx,
+ File => F,
+ Path => P);
+ end if;
+ end if;
+ return Subprogram_Result (Result);
+ end Load_Verify_Locations;
+
+ function Load_Verify_Buffer
+ (Context : Context_Type;
+ Input : char_array;
+ Size : int;
+ Format : int) return int with
+ Convention => C,
+ External_Name => "wolfSSL_CTX_load_verify_buffer",
+ Import => True;
+
+ function Load_Verify_Buffer (Context : Context_Type;
+ Input : Byte_Array;
+ Format : File_Format)
+ return Subprogram_Result is
+ Result : int;
+ begin
+ Result := Load_Verify_Buffer (Context => Context,
+ Input => Input,
+ Size => Input'Length,
+ Format => int(Format));
+ return Subprogram_Result (Result);
+ end Load_Verify_Buffer;
+
+ function Is_Valid (Ssl : WolfSSL_Type) return Boolean is
+ begin
+ return Ssl /= null;
+ end Is_Valid;
+
+ function WolfSSL_New (Context : Context_Type)
+ return WolfSSL_Type with
+ Convention => C,
+ External_Name => "wolfSSL_new",
+ Import => True;
+
+ procedure Create_WolfSSL (Context : Context_Type;
+ Ssl : out WolfSSL_Type) is
+ begin
+ Ssl := WolfSSL_New (Context);
+ end Create_WolfSSL;
+
+ function Use_Certificate_File (Ssl : WolfSSL_Type;
+ File : char_array;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_use_certificate_file",
+ Import => True;
+
+ function Use_Certificate_File (Ssl : WolfSSL_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result is
+ C : size_t;
+ F : char_array (1 .. File'Length + 1);
+ Result : int;
+ begin
+ Interfaces.C.To_C (Item => File,
+ Target => F,
+ Count => C,
+ Append_Nul => True);
+ Result := Use_Certificate_File (Ssl, F (1 .. C), int (Format));
+ return Subprogram_Result (Result);
+ end Use_Certificate_File;
+
+ function Use_Certificate_Buffer (Ssl : WolfSSL_Type;
+ Input : char_array;
+ Size : long;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_use_certificate_buffer",
+ Import => True;
+
+ function Use_Certificate_Buffer (Ssl : WolfSSL_Type;
+ Input : char_array;
+ Format : File_Format)
+ return Subprogram_Result is
+ Result : int;
+ begin
+ Result := Use_Certificate_Buffer (Ssl, Input,
+ Input'Length, int (Format));
+ return Subprogram_Result (Result);
+ end Use_Certificate_Buffer;
+
+ function Use_Private_Key_File (Ssl : WolfSSL_Type;
+ File : char_array;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_use_PrivateKey_file",
+ Import => True;
+
+ function Use_Private_Key_File (Ssl : WolfSSL_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result is
+ C : size_t;
+ F : char_array (1 .. File'Length + 1);
+ Result : int;
+ begin
+ Interfaces.C.To_C (Item => File,
+ Target => F,
+ Count => C,
+ Append_Nul => True);
+ Result := Use_Private_Key_File (Ssl, F (1 .. C), int (Format));
+ return Subprogram_Result (Result);
+ end Use_Private_Key_File;
+
+ function Use_Private_Key_Buffer (Ssl : WolfSSL_Type;
+ Input : char_array;
+ Size : long;
+ Format : int)
+ return int with
+ Convention => C,
+ External_Name => "wolfSSL_use_PrivateKey_buffer",
+ Import => True;
+
+ function Use_Private_Key_Buffer (Ssl : WolfSSL_Type;
+ Input : Byte_Array;
+ Format : File_Format)
+ return Subprogram_Result is
+ Result : int;
+ begin
+ Result := Use_Private_Key_Buffer (Ssl, Input,
+ Input'Length, int (Format));
+ return Subprogram_Result (Result);
+ end Use_Private_Key_Buffer;
+
+ function WolfSSL_Set_Fd (Ssl : WolfSSL_Type; Fd : int) return int with
+ Convention => C,
+ External_Name => "wolfSSL_set_fd",
+ Import => True;
+
+ function Attach (Ssl : WolfSSL_Type;
+ Socket : Integer)
+ return Subprogram_Result is
+ Result : int := WolfSSL_Set_Fd (Ssl, int (Socket));
+ begin
+ return Subprogram_Result (Result);
+ end Attach;
+
+ procedure WolfSSL_Keep_Arrays (Ssl : WolfSSL_Type) with
+ Convention => C,
+ External_Name => "wolfSSL_KeepArrays",
+ Import => True;
+
+ procedure Keep_Arrays (Ssl : WolfSSL_Type) is
+ begin
+ WolfSSL_Keep_Arrays (Ssl);
+ end Keep_Arrays;
+
+ function WolfSSL_Accept (Ssl : WolfSSL_Type) return int with
+ Convention => C,
+ External_Name => "wolfSSL_accept",
+ Import => True;
+
+ function Accept_Connection (Ssl : WolfSSL_Type)
+ return Subprogram_Result is
+ Result : int := WolfSSL_Accept (Ssl);
+ begin
+ return Subprogram_Result (Result);
+ end Accept_Connection;
+
+ procedure WolfSSL_Free_Arrays (Ssl : WolfSSL_Type) with
+ Convention => C,
+ External_Name => "wolfSSL_FreeArrays",
+ Import => True;
+
+ procedure Free_Arrays (Ssl : WolfSSL_Type) is
+ begin
+ WolfSSL_Free_Arrays (Ssl);
+ end Free_Arrays;
+
+ function WolfSSL_Read (Ssl : WolfSSL_Type;
+ Data : out char_array;
+ Sz : int) return int with
+ Convention => C,
+ External_Name => "wolfSSL_read",
+ Import => True;
+ -- This function reads sz bytes from the SSL session (ssl) internal
+ -- read buffer into the buffer data. The bytes read are removed from
+ -- the internal receive buffer. If necessary wolfSSL_read() will
+ -- negotiate an SSL/TLS session if the handshake has not already
+ -- been performed yet by wolfSSL_connect() or wolfSSL_accept().
+ -- The SSL/TLS protocol uses SSL records which have a maximum size
+ -- of 16kB (the max record size can be controlled by the
+ -- MAX_RECORD_SIZE define in /wolfssl/internal.h). As such, wolfSSL
+ -- needs to read an entire SSL record internally before it is able
+ -- to process and decrypt the record. Because of this, a call to
+ -- wolfSSL_read() will only be able to return the maximum buffer
+ -- size which has been decrypted at the time of calling. There may
+ -- be additional not-yet-decrypted data waiting in the internal
+ -- wolfSSL receive buffer which will be retrieved and decrypted with
+ -- the next call to wolfSSL_read(). If sz is larger than the number
+ -- of bytes in the internal read buffer, SSL_read() will return
+ -- the bytes available in the internal read buffer. If no bytes are
+ -- buffered in the internal read buffer yet, a call to wolfSSL_read()
+ -- will trigger processing of the next record.
+ --
+ -- The integer returned is the number of bytes read upon success.
+ -- 0 will be returned upon failure. This may be caused by a either
+ -- a clean (close notify alert) shutdown or just that the peer closed
+ -- the connection. Call wolfSSL_get_error() for the specific
+ -- error code. SSL_FATAL_ERROR will be returned upon failure when
+ -- either an error occurred or, when using non-blocking sockets,
+ -- the SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE error was received
+ -- and and the application needs to call wolfSSL_read() again.
+ -- Use wolfSSL_get_error() to get a specific error code.
+
+ function Read (Ssl : WolfSSL_Type) return Read_Result is
+ Data : char_array (1 .. Byte_Index'Last);
+ Size : int;
+ begin
+ Size := WolfSSL_Read (Ssl, Data, int (Byte_Index'Last));
+ if Size <= 0 then
+ return (Success => False,
+ Last => 0,
+ Code => Subprogram_Result (Size));
+ else
+ return (Success => True,
+ Last => Byte_Index (Size),
+ Buffer => Data (1 .. Byte_Index (Size)));
+ end if;
+ end Read;
+
+ function WolfSSL_Write (Ssl : WolfSSL_Type;
+ Data : char_array;
+ Sz : int) return int with
+ Convention => C,
+ External_Name => "wolfSSL_write",
+ Import => True;
+
+ function Write (Ssl : WolfSSL_Type;
+ Data : Byte_Array) return Write_Result is
+ Size : constant int := Data'Length;
+ Result : int;
+ begin
+ Result := WolfSSL_Write (Ssl, Data, Size);
+ if Result > 0 then
+ return (Success => True,
+ Bytes_Written => Byte_Index (Result));
+ else
+ return (Success => False, Code => Subprogram_Result (Result));
+ end if;
+ end Write;
+
+ function WolfSSL_Shutdown (Ssl : WolfSSL_Type) return int with
+ Convention => C,
+ External_Name => "wolfSSL_shutdown",
+ Import => True;
+
+ function Shutdown (Ssl : WolfSSL_Type) return Subprogram_Result is
+ Result : constant int := WolfSSL_Shutdown (Ssl);
+ begin
+ return Subprogram_Result (Result);
+ end Shutdown;
+
+ function WolfSSL_Connect (Ssl : WolfSSL_Type) return int with
+ Convention => C,
+ External_Name => "wolfSSL_connect",
+ Import => True;
+
+ function Connect (Ssl : WolfSSL_Type) return Subprogram_Result is
+ Result : constant int := WolfSSL_Connect (Ssl);
+ begin
+ return Subprogram_Result (Result);
+ end Connect;
+
+ procedure WolfSSL_Free (Ssl : WolfSSL_Type) with
+ Convention => C,
+ External_Name => "wolfSSL_free",
+ Import => True;
+
+ procedure Free (Ssl : in out WolfSSL_Type) is
+ begin
+ if Ssl /= null then
+ WolfSSL_Free (Ssl);
+ end if;
+ Ssl := null;
+ end Free;
+
+ function WolfSSL_Get_Error (Ssl : WolfSSL_Type;
+ Ret : int) return int with
+ Convention => C,
+ External_Name => "wolfSSL_get_error",
+ Import => True;
+
+ function Get_Error (Ssl : WolfSSL_Type;
+ Result : Subprogram_Result) return Error_Code is
+ begin
+ return Error_Code (WolfSSL_Get_Error (Ssl, int (Result)));
+ end Get_Error;
+
+ procedure WolfSSL_Error_String (Error : unsigned_long;
+ Data : out Byte_Array;
+ Size : unsigned_long) with
+ Convention => C,
+ External_Name => "wolfSSL_ERR_error_string_n",
+ Import => True;
+
+ function Error (Code : Error_Code) return Error_Message is
+ S : String (1 .. Error_Message_Index'Last);
+ B : Byte_Array (1 .. size_t (Error_Message_Index'Last));
+ C : Natural;
+ begin
+ WolfSSL_Error_String (Error => unsigned_long (Code),
+ Data => B,
+ Size => unsigned_long (B'Last));
+ Interfaces.C.To_Ada (Item => B,
+ Target => S,
+ Count => C,
+ Trim_Nul => True);
+ return (Last => C,
+ Text => S (1 .. C));
+ end Error;
+
+ function Get_WolfSSL_Max_Error_Size return int with
+ Convention => C,
+ External_Name => "get_wolfssl_max_error_size",
+ Import => True;
+
+ function Max_Error_Size return Natural is
+ begin
+ return Natural (Get_WolfSSL_Max_Error_Size);
+ end Max_Error_Size;
+
+end WolfSSL;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads
new file mode 100644
index 00000000..a3f536e5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads
@@ -0,0 +1,606 @@
+-- wolfssl.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Interfaces.C;
+
+-- This package is annotated "with SPARK_Mode" that SPARK can verify
+-- the API of this package is used correctly.
+package WolfSSL with SPARK_Mode is
+
+ type Subprogram_Result is new Integer;
+ Success : constant Subprogram_Result;
+ Failure : constant Subprogram_Result;
+
+ function Initialize return Subprogram_Result;
+ -- Initializes the wolfSSL library for use. Must be called once per
+ -- application and before any other call to the library.
+
+ function Finalize return Subprogram_Result;
+ -- Un-initializes the wolfSSL library from further use.
+ -- Doesn't have to be called, though it will free any resources
+ -- used by the library.
+
+ subtype char_array is Interfaces.C.char_array; -- Remove?
+
+ subtype Byte_Type is Interfaces.C.char;
+ subtype Byte_Index is Interfaces.C.size_t range 0 .. 16_000;
+ subtype Byte_Array is Interfaces.C.char_array;
+
+ type Context_Type is limited private;
+ -- Instances of this type are called SSL Contexts.
+
+ function Is_Valid (Context : Context_Type) return Boolean;
+ -- Indicates if the SSL Context has successfully been initialized.
+ -- If initialized, the SSL Context has allocated resources
+ -- that needs to be deallocated before application exit.
+
+ type Method_Type is limited private;
+
+ function TLSv1_2_Server_Method return Method_Type;
+ -- This function is used to indicate that the application is a server
+ -- and will only support the TLS 1.2 protocol.
+
+ function TLSv1_2_Client_Method return Method_Type;
+ -- This function is used to indicate that the application is a client
+ -- and will only support the TLS 1.2 protocol.
+
+ function TLSv1_3_Server_Method return Method_Type;
+ -- This function is used to indicate that the application is a server
+ -- and will only support the TLS 1.3 protocol.
+
+ function TLSv1_3_Client_Method return Method_Type;
+ -- This function is used to indicate that the application is a client
+ -- and will only support the TLS 1.3 protocol.
+
+ procedure Create_Context (Method : Method_Type;
+ Context : out Context_Type);
+ -- This function creates a new SSL context, taking a desired SSL/TLS
+ -- protocol method for input.
+ -- If successful Is_Valid (Context) = True, otherwise False.
+
+ procedure Free (Context : in out Context_Type) with
+ Pre => Is_Valid (Context),
+ Post => not Is_Valid (Context);
+ -- This function frees an allocated SSL Context object.
+
+ type Mode_Type is private;
+
+ function "&" (Left, Right : Mode_Type) return Mode_Type;
+
+ Verify_None : constant Mode_Type;
+ -- Client mode: the client will not verify the certificate received
+ -- from the server and the handshake will continue as normal.
+ --
+ -- Server mode: the server will not send a certificate request to
+ -- the client. As such, client verification will not be enabled.
+
+ Verify_Peer : constant Mode_Type;
+ -- Client mode: the client will verify the certificate received from
+ -- the server during the handshake. This is turned on by default
+ -- in wolfSSL, therefore, using this option has no effect.
+ --
+ -- Server mode: the server will send a certificate request to
+ -- the client and verify the client certificate received.
+
+ Verify_Fail_If_No_Peer_Cert : constant Mode_Type;
+ -- Client mode: no effect when used on the client side.
+ --
+ -- Server mode: the verification will fail on the server side if
+ -- the client fails to send a certificate when requested to do so
+ -- (when using Verify_Peer on the SSL server).
+
+ Verify_Client_Once : constant Mode_Type;
+
+ Verify_Post_Handshake : constant Mode_Type;
+
+ Verify_Fail_Except_Psk : constant Mode_Type;
+ -- Client mode: no effect when used on the client side.
+ --
+ -- Server mode: the verification is the same as
+ -- Verify_Fail_If_No_Peer_Cert except in the case of a PSK connection.
+ -- If a PSK connection is being made then the connection
+ -- will go through without a peer cert.
+
+ Verify_Default : constant Mode_Type;
+
+ procedure Set_Verify (Context : Context_Type;
+ Mode : Mode_Type) with
+ Pre => Is_Valid (Context);
+ -- This function sets the verification method for remote peers
+
+ type File_Format is private;
+
+ Format_Asn1 : constant File_Format;
+ Format_Pem : constant File_Format;
+ Format_Default : constant File_Format;
+
+ function Use_Certificate_File (Context : Context_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Context);
+ -- This function loads a certificate file into the SSL context.
+ -- The file is provided by the file argument. The format argument
+ -- specifies the format type of the file, either ASN1 or
+ -- PEM file types. Please see the examples for proper usage.
+
+ function Use_Certificate_Buffer (Context : Context_Type;
+ Input : char_array;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Context);
+ -- This function loads a certificate buffer into the SSL Context.
+ -- It behaves like the non-buffered version (Use_Certificate_File),
+ -- only differing in its ability to be called with a buffer as input
+ -- instead of a file. The buffer is provided by the Input argument.
+ -- Format specifies the format type of the buffer; ASN1 or PEM.
+ -- Please see the examples for proper usage.
+
+ function Use_Private_Key_File (Context : Context_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Context);
+ -- This function loads a private key file into the SSL context.
+ -- The file is provided by the File argument. The Format argument
+ -- specifies the format type of the file - ASN1 or PEM.
+ -- Please see the examples for proper usage.
+
+ function Use_Private_Key_Buffer (Context : Context_Type;
+ Input : Byte_Array;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Context);
+ -- This function loads a private key buffer into the SSL Context.
+ -- It behaves like the non-buffered version (Use_Private_Key_File),
+ -- only differing in its ability to be called with a buffer as input
+ -- instead of a file. The buffer is provided by the Input argument.
+ -- Format specifies the format type of the buffer; ASN1 or PEM.
+ -- Please see the examples for proper usage.
+
+ function Load_Verify_Locations (Context : Context_Type;
+ File : String;
+ Path : String)
+ return Subprogram_Result with
+ Pre => Is_Valid (Context);
+ -- This function loads PEM-formatted CA certificate files into
+ -- the SSL context. These certificates will be treated as trusted
+ -- root certificates and used to verify certs received from peers
+ -- during the SSL handshake. The root certificate file,
+ -- provided by the File argument, may be a single certificate or
+ -- a file containing multiple certificates. If multiple CA certs
+ -- are included in the same file, wolfSSL will load them in the same
+ -- order they are presented in the file. The path argument is
+ -- a pointer to the name of a directory that contains certificates
+ -- of trusted root CAs. If the value of File is not empty "",
+ -- path may be specified as "" if not needed. If path is specified
+ -- and NO_WOLFSSL_DIR was not defined when building the library,
+ -- wolfSSL will load all CA certificates located in the given
+ -- directory. This function will attempt to load all files in
+ -- the directory. This function expects PEM formatted CERT_TYPE file
+ -- with header "--BEGIN CERTIFICATE--".
+
+ function Load_Verify_Buffer (Context : Context_Type;
+ Input : Byte_Array;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Context);
+ -- This function loads a CA certificate buffer into the SSL
+ -- Context. It behaves like the non-buffered version, only differing
+ -- in its ability to be called with a buffer as input instead of
+ -- a file. The buffer is provided by the Input argument.
+ -- Format specifies the format type of the buffer; ASN1 or PEM.
+ -- More than one CA certificate may be loaded
+ -- per buffer as long as the format is in PEM.
+ -- Please see the examples for proper usage.
+
+ type WolfSSL_Type is limited private;
+ -- Instances of this type are called SSL Sessions.
+
+ function Is_Valid (Ssl : WolfSSL_Type) return Boolean;
+ -- Indicates if the SSL Session has successfully been initialized.
+ -- If initialized, the SSL Session has allocated resources
+ -- that needs to be deallocated before application exit.
+
+ procedure Create_WolfSSL (Context : Context_Type;
+ Ssl : out WolfSSL_Type) with
+ Pre => Is_Valid (Context);
+ -- This function creates a new SSL session, taking an already created
+ -- SSL context as input.
+ -- If successful Is_Valid (Ssl) = True, otherwise False.
+
+ function Use_Certificate_File (Ssl : WolfSSL_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function loads a certificate file into the SSL session.
+ -- The certificate file is provided by the file argument.
+ -- The format argument specifies the format type of the file
+ -- either ASN1 or PEM.
+
+ function Use_Certificate_Buffer (Ssl : WolfSSL_Type;
+ Input : char_array;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function loads a certificate buffer into the SSL session
+ -- object. It behaves like the non-buffered version, only differing
+ -- in its ability to be called with a buffer as input instead
+ -- of a file. The buffer is provided by the Input argument.
+ -- Format specifies the format type of the buffer; ASN1 or PEM.
+ -- Please see the examples for proper usage.
+
+ function Use_Private_Key_File (Ssl : WolfSSL_Type;
+ File : String;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function loads a private key file into the SSL session.
+ -- The key file is provided by the File argument. The Format argument
+ -- specifies the format type of the file - ASN1 or PEM.
+
+ function Use_Private_Key_Buffer (Ssl : WolfSSL_Type;
+ Input : Byte_Array;
+ Format : File_Format)
+ return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function loads a private key buffer into the SSL session
+ -- object. It behaves like the non-buffered version, only differing
+ -- in its ability to be called with a buffer as input instead
+ -- of a file. The buffer is provided by the Input argument.
+ -- Format specifies the format type of the buffer; ASN1 or PEM.
+ -- Please see the examples for proper usage.
+
+ function Attach (Ssl : WolfSSL_Type;
+ Socket : Integer)
+ return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- Attach wolfSSL to the socket.
+ --
+ -- This function assigns a file descriptor (Socket) as
+ -- the input/output facility for the SSL connection.
+ -- Typically this will be a socket file descriptor.
+
+ procedure Keep_Arrays (Ssl : WolfSSL_Type) with
+ Pre => Is_Valid (Ssl);
+ -- Normally, at the end of the SSL handshake, wolfSSL frees
+ -- temporary arrays. Calling this function before the handshake
+ -- begins will prevent wolfSSL from freeing temporary arrays.
+ -- Temporary arrays may be needed for things such as
+ -- wolfSSL_get_keys() or PSK hints. When the user is done with
+ -- temporary arrays, either Free_Arrays(..) may be called to free
+ -- the resources immediately, or alternatively the resources will
+ -- be freed when the associated SSL object is freed.
+
+ procedure Free_Arrays (Ssl : WolfSSL_Type) with
+ Pre => Is_Valid (Ssl);
+ -- Normally, at the end of the SSL handshake, wolfSSL frees temporary
+ -- arrays. If Keep_Arrays(..) has been called before the handshake,
+ -- wolfSSL will not free temporary arrays. This function explicitly
+ -- frees temporary arrays and should be called when the user is done
+ -- with temporary arrays and does not want to wait for the SSL object
+ -- to be freed to free these resources.
+
+ function Accept_Connection (Ssl : WolfSSL_Type)
+ return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- The name of this function is not Accept (..) because the word
+ -- "accept" is a reserved keyword in the Ada language.
+ --
+ -- This function is called on the server side and waits for an
+ -- SSL client to initiate the SSL/TLS handshake. When this function
+ -- is called, the underlying communication channel has already been
+ -- set up. This function works with both blocking and
+ -- non-blocking I/O. When the underlying I/O is non-blocking,
+ -- Accept_Connection (..) will return when the underlying I/O could
+ -- not satisfy the needs of Accept_Connection (..) to continue
+ -- the handshake. In this case, a call to Get_Error(..) will
+ -- yield either Error_Want_Read or Error_Want_Write.
+ -- The calling process must then repeat the call to
+ -- Accept_Connection (..) when data is available to read and
+ -- wolfSSL will pick up where it left off. When using a
+ -- non_blocking socket, nothing needs to be done, but select() can
+ -- be used to check for the required condition.
+ -- If the underlying I/O is blocking, Accept_Connection (..) will
+ -- only return once the handshake has been finished or
+ -- an error occurred.
+
+ -- This record type has discriminants with default values to be able
+ -- to compile this code under the restriction No Secondary Stack.
+ type Read_Result (Success : Boolean := False;
+ Last : Byte_Index := Byte_Index'Last) is record
+ case Success is
+ when True => Buffer : Byte_Array (1 .. Last);
+ when False => Code : Subprogram_Result; -- Error code
+ end case;
+ end record;
+
+ function Read (Ssl : WolfSSL_Type) return Read_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function reads a number of bytes from the SSL session (ssl)
+ -- internal read buffer into the buffer data. The bytes read are
+ -- removed from the internal receive buffer.
+ -- If necessary Read(..) will negotiate an SSL/TLS session
+ -- if the handshake has not already
+ -- been performed yet by Connect(..) or Accept_Connection (..).
+ -- The SSL/TLS protocol uses SSL records which have a maximum size
+ -- of 16kB (the max record size can be controlled by the
+ -- MAX_RECORD_SIZE define in /wolfssl/internal.h). As such, wolfSSL
+ -- needs to read an entire SSL record internally before it is able
+ -- to process and decrypt the record. Because of this, a call to
+ -- Read(..) will only be able to return the maximum buffer
+ -- size which has been decrypted at the time of calling. There may
+ -- be additional not-yet-decrypted data waiting in the internal
+ -- wolfSSL receive buffer which will be retrieved and decrypted with
+ -- the next call to Read(..).
+
+ -- This record type has discriminants with default values to be able
+ -- to compile this code under the restriction No Secondary Stack.
+ type Write_Result (Success : Boolean := False) is record
+ case Success is
+ when True => Bytes_Written : Byte_Index;
+ when False => Code : Subprogram_Result; -- Error code
+ end case;
+ end record;
+
+ function Write (Ssl : WolfSSL_Type;
+ Data : Byte_Array) return Write_Result with
+ Pre => Is_Valid (Ssl);
+ -- The number of bytes written is returned.
+ -- This function writes bytes from the buffer, Data,
+ -- to the SSL connection, ssl. If necessary, Write(..) will
+ -- negotiate an SSL/TLS session if the handshake has not already
+ -- been performed yet by Connect(..) or Accept_Connection(..).
+ -- Write(..) works with both blocking and non-blocking I/O.
+ -- When the underlying I/O is non-blocking, Write(..) will return
+ -- when the underlying I/O could not satisfy the needs of Write(..)
+ -- to continue. In this case, a call to Get_Error(..) will
+ -- yield either Error_Want_Read or Error_Want_Write.
+ -- The calling process must then repeat the call to Write(..)
+ -- when the underlying I/O is ready. If the underlying I/O is
+ -- blocking, Write(..) will only return once the buffer data
+ -- has been completely written or an error occurred.
+
+ function Shutdown (Ssl : WolfSSL_Type) return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function shuts down an active SSL/TLS connection using
+ -- the SSL session, ssl. This function will try to send a
+ -- "close notify" alert to the peer. The calling application can
+ -- choose to wait for the peer to send its "close notify" alert
+ -- in response or just go ahead and shut down the underlying
+ -- connection after directly calling wolfSSL_shutdown (to save
+ -- resources). Either option is allowed by the TLS specification.
+ -- If the underlying connection will be used again in the future,
+ -- the complete two_directional shutdown procedure must be performed
+ -- to keep synchronization intact between the peers.
+ -- Shutdown(..) works with both blocking and non_blocking I/O.
+ -- When the underlying I/O is non_blocking, Shutdown(..) will
+ -- return an error if the underlying I/O could not satisfy the needs
+ -- of Shutdown(..) to continue. In this case, a call to
+ -- Get_Error(..) will yield either Error_Want_Read or
+ -- Error_Want_Write. The calling process must then repeat
+ -- the call to Shutdown() when the underlying I/O is ready.
+
+ procedure Free (Ssl : in out WolfSSL_Type) with
+ Pre => Is_Valid (Ssl),
+ Post => not Is_Valid (Ssl);
+ -- Frees the resources allocated by the SSL session object.
+
+ function Connect (Ssl : WolfSSL_Type) return Subprogram_Result with
+ Pre => Is_Valid (Ssl);
+ -- This function is called on the client side and initiates
+ -- an SSL/TLS handshake with a server. When this function is called,
+ -- the underlying communication channel has already been set up.
+ -- Connect(..) works with both blocking and non_blocking I/O.
+ -- When the underlying I/O is non_blocking, Connect(..) will
+ -- return when the underlying I/O could not satisfy the needs
+ -- of wolfSSL_connect to continue the handshake. In this case,
+ -- a call to Get_Error(..) will yield either
+ -- Error_Want_Read or SSL_ERROR_WANT_WRITE. The calling process
+ -- must then repeat the call to Connect(..) when
+ -- the underlying I/O is ready and wolfSSL will pick up where
+ -- it left off. When using a non_blocking socket, nothing needs
+ -- to be done, but select() can be used to check for the required
+ -- condition. If the underlying I/O is blocking, Connect(..)
+ -- will only return once the handshake has been finished or an error
+ -- occurred. wolfSSL takes a different approach to certificate
+ -- verification than OpenSSL does. The default policy for the client
+ -- is to verify the server, this means that if you don't load CAs
+ -- to verify the server you'll get a connect error,
+ -- unable to verify. It you want to mimic OpenSSL behavior
+ -- of having SSL_connect succeed even if verifying the server fails
+ -- and reducing security you can do this by calling:
+ -- Set_Verify (Ctx, Verify_None, 0); before calling
+ -- Create_WolfSSL(...); Though it's not recommended.
+
+ type Error_Code is new Integer;
+
+ Error_Want_Read : constant Error_Code;
+ Error_Want_Write : constant Error_Code;
+
+ function Get_Error (Ssl : WolfSSL_Type;
+ Result : Subprogram_Result) return Error_Code;
+ -- This function returns a unique error code describing why
+ -- the previous API function call (Connect, Accept_Connection,
+ -- Read, Write, etc.) resulted in an error return code.
+ -- After Get_Error is called and returns the unique error code,
+ -- wolfSSL_ERR_error_string() may be called to get a human readable
+ -- error string.
+
+ subtype Error_Message_Index is Natural range 0 .. 80;
+ -- The default error message length is 80 in WolfSSL unless
+ -- configured to another value. See the result
+ -- of the Max_Error_Size function.
+
+ type Error_Message (Last : Error_Message_Index := 0) is record
+ Text : String (1 .. Last);
+ end record;
+
+ function Error (Code : Error_Code) return Error_Message;
+ -- This function converts an error code returned by Get_Error(..)
+ -- into a more human readable error string. Code is the error code
+ -- returned by Get_error(). The maximum length of error strings is
+ -- 80 characters by default, as defined by MAX_ERROR_SZ
+ -- is wolfssl/wolfcrypt/error.h.
+
+ function Max_Error_Size return Natural;
+ -- Returns the value of the defined MAX_ERROR_SZ integer
+ -- in wolfssl/wolfcrypt/error.h.
+
+private
+ pragma SPARK_Mode (Off);
+
+ subtype int is Interfaces.C.int; use type int;
+
+ type Opaque_Method is limited null record;
+ type Opaque_Context is limited null record;
+ type Opaque_WolfSSL is limited null record;
+
+ -- Access-to-object types with convention C uses the same amount of
+ -- memory for storing pointers as is done in the C programming
+ -- language. The following access type definitions are used in
+ -- the Ada binding to the WolfSSL library:
+ type Context_Type is access Opaque_Context with Convention => C;
+ type Method_Type is access Opaque_Method with Convention => C;
+ type WolfSSL_Type is access Opaque_WolfSSL with Convention => C;
+
+ subtype Unsigned_32 is Interfaces.Unsigned_32; use type Unsigned_32;
+
+ type Mode_Type is new Unsigned_32;
+
+ -- The following imported subprograms are used to initialize
+ -- the constants defined in the public part of this package
+ -- specification. They cannot therefore be moved to the body
+ -- of this package.
+
+ function WolfSSL_Verify_None return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_none",
+ Import => True;
+
+ function WolfSSL_Verify_Peer return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_peer",
+ Import => True;
+
+ function WolfSSL_Verify_Fail_If_No_Peer_Cert return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_fail_if_no_peer_cert",
+ Import => True;
+
+ function WolfSSL_Verify_Client_Once return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_client_once",
+ Import => True;
+
+ function WolfSSL_Verify_Post_Handshake return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_post_handshake",
+ Import => True;
+
+ function WolfSSL_Verify_Fail_Except_Psk return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_fail_except_psk",
+ Import => True;
+
+ function WolfSSL_Verify_Default return int with
+ Convention => C,
+ External_Name => "get_wolfssl_verify_default",
+ Import => True;
+
+ Verify_None : constant Mode_Type := Mode_Type (WolfSSL_Verify_None);
+ Verify_Peer : constant Mode_Type := Mode_Type (WolfSSL_Verify_Peer);
+
+ Verify_Fail_If_No_Peer_Cert : constant Mode_Type :=
+ Mode_Type (WolfSSL_Verify_Fail_If_No_Peer_Cert);
+
+ Verify_Client_Once : constant Mode_Type :=
+ Mode_Type (WolfSSL_Verify_Client_Once);
+
+ Verify_Post_Handshake : constant Mode_Type :=
+ Mode_Type (WolfSSL_Verify_Post_Handshake);
+
+ Verify_Fail_Except_Psk : constant Mode_Type :=
+ Mode_Type (WolfSSL_Verify_Fail_Except_Psk);
+
+ Verify_Default : constant Mode_Type :=
+ Mode_Type (WolfSSL_Verify_Default);
+
+ type File_Format is new Unsigned_32;
+
+ function WolfSSL_Filetype_Asn1 return int with
+ Convention => C,
+ External_Name => "get_wolfssl_filetype_asn1",
+ Import => True;
+
+ function WolfSSL_Filetype_Pem return int with
+ Convention => C,
+ External_Name => "get_wolfssl_filetype_pem",
+ Import => True;
+
+ function WolfSSL_Filetype_Default return int with
+ Convention => C,
+ External_Name => "get_wolfssl_filetype_default",
+ Import => True;
+
+ Format_Asn1 : constant File_Format :=
+ File_Format (WolfSSL_Filetype_Asn1);
+
+ Format_Pem : constant File_Format :=
+ File_Format (WolfSSL_Filetype_Pem);
+
+ Format_Default : constant File_Format :=
+ File_Format (WolfSSL_Filetype_Default);
+
+ function Get_WolfSSL_Success return int with
+ Convention => C,
+ External_Name => "get_wolfssl_success",
+ Import => True;
+
+ function Get_WolfSSL_Failure return int with
+ Convention => C,
+ External_Name => "get_wolfssl_failure",
+ Import => True;
+
+ Success : constant Subprogram_Result :=
+ Subprogram_Result (Get_WolfSSL_Success);
+
+ Failure : constant Subprogram_Result :=
+ Subprogram_Result (Get_WolfSSL_Failure);
+
+ function Get_WolfSSL_Error_Want_Read return int with
+ Convention => C,
+ External_Name => "get_wolfssl_error_want_read",
+ Import => True;
+
+ function Get_WolfSSL_Error_Want_Write return int with
+ Convention => C,
+ External_Name => "get_wolfssl_error_want_write",
+ Import => True;
+
+ Error_Want_Read : constant Error_Code :=
+ Error_Code (Get_WolfSSL_Error_Want_Read);
+
+ Error_Want_Write : constant Error_Code :=
+ Error_Code (Get_WolfSSL_Error_Want_Write);
+
+end WolfSSL;
diff --git a/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs b/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
index d47305eb..34cdc242 100644
--- a/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
+++ b/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
@@ -725,7 +725,7 @@ namespace wolfSSL.CSharp {
int ret;
byte[] msg;
- buf.Clear(); /* Clear incomming buffer */
+ buf.Clear(); /* Clear incoming buffer */
if (sslCtx == IntPtr.Zero)
{
@@ -1760,7 +1760,7 @@ namespace wolfSSL.CSharp {
/// Used to load in the private key from a file
/// </summary>
/// <param name="ctx">CTX structure for TLS/SSL connections </param>
- /// <param name="fileKey">Name of the file, includeing absolute directory</param>
+ /// <param name="fileKey">Name of the file, including absolute directory</param>
/// <param name="type">Type of file ie PEM or DER</param>
/// <returns>1 on success</returns>
public static int CTX_use_PrivateKey_file(IntPtr ctx, string fileKey, int type)
diff --git a/extra/wolfssl/wolfssl/wrapper/include.am b/extra/wolfssl/wolfssl/wrapper/include.am
index d966d4bd..0bdcbc78 100644
--- a/extra/wolfssl/wolfssl/wrapper/include.am
+++ b/extra/wolfssl/wolfssl/wrapper/include.am
@@ -2,6 +2,7 @@
# included from Top Level Makefile.am
# All paths should be given relative to the root
+include wrapper/Ada/include.am
include wrapper/CSharp/include.am
EXTRA_DIST+= wrapper/python/README.md
diff --git a/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt b/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt
index 36b19b95..bf8fe1a7 100644
--- a/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt
@@ -113,9 +113,12 @@ if(CONFIG_WOLFSSL)
zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/port/st/stm32.c)
zephyr_library_link_libraries(wolfSSL)
-
- add_definitions(-DWOLFSSL_USER_SETTINGS)
- add_definitions(-DWOLFSSL_ZEPHYR)
+
+ target_compile_definitions(wolfSSL INTERFACE WOLFSSL_ZEPHYR)
+ target_compile_definitions(wolfSSL INTERFACE WOLFSSL_USER_SETTINGS)
+ if(CONFIG_WOLFSSL_DEBUG)
+ target_compile_definitions(wolfSSL INTERFACE DEBUG_WOLFSSL)
+ endif()
else()
assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.")
diff --git a/extra/wolfssl/wolfssl/zephyr/Kconfig b/extra/wolfssl/wolfssl/zephyr/Kconfig
index 47e1e949..6d58cc02 100644
--- a/extra/wolfssl/wolfssl/zephyr/Kconfig
+++ b/extra/wolfssl/wolfssl/zephyr/Kconfig
@@ -24,7 +24,7 @@ config WOLFSSL_PROMPTLESS
Symbol to disable the prompt for WOLFSSL selection.
This symbol may be used internally in a Kconfig tree to hide the
wolfSSL menu prompt and instead handle the selection of WOLFSSL from
- dependent sub-configurations and thus preven stuck symbol behavior.
+ dependent sub-configurations and thus prevent stuck symbol behavior.
menuconfig WOLFSSL
diff --git a/extra/wolfssl/wolfssl/zephyr/README.md b/extra/wolfssl/wolfssl/zephyr/README.md
index ec2f0fd1..098d51c9 100644
--- a/extra/wolfssl/wolfssl/zephyr/README.md
+++ b/extra/wolfssl/wolfssl/zephyr/README.md
@@ -60,6 +60,14 @@ then "Open Terminal".
## Build and Run wolfCrypt Test Application
+If you want to run build apps without running `west zephyr-export` then it is
+possible by setting the `CMAKE_PREFIX_PATH` variable to the location of the
+zephyr sdk and building from the `zephyr` directory. For example:
+
+```
+CMAKE_PREFIX_PATH=/path/to/zephyr-sdk-<VERSION> west build -p always -b qemu_x86 ../modules/crypto/wolfssl/zephyr/samples/wolfssl_test/
+```
+
build and execute `wolfssl_test`
```
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf
index 2cf27140..15d4ebba 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf
@@ -1,7 +1,5 @@
-
# Configure stack and heap sizes
CONFIG_MAIN_STACK_SIZE=32768
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
# Pthreads
CONFIG_PTHREAD_IPC=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml
index 8b45f178..4c5d1fce 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml
@@ -2,9 +2,14 @@ sample:
description: wolfCrypt benchmark sample app
name: wolfCrypt benchmark
common:
- min_flash: 65
- min_ram: 36
tags: crypto wolfssl userspace random
+ harness: console
+ harness_config:
+ type: one_line
+ regex:
+ - "Benchmark complete"
tests:
- crypto.wolfssl_benchmark:
- platform_allow: qemu_x86 nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp
+ sample.crypto.wolfssl_benchmark:
+ platform_allow: qemu_x86
+ integration_platforms:
+ - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf
index c2f99743..a989213b 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf
@@ -1,7 +1,7 @@
# Configure stack and heap sizes
CONFIG_MAIN_STACK_SIZE=32768
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=16384
# Pthreads
CONFIG_PTHREAD_IPC=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml
index 72069ff6..a1c4f819 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml
@@ -2,9 +2,14 @@ sample:
description: wolfCrypt test sample app
name: wolfCrypt test
common:
- min_flash: 65
- min_ram: 36
- tags: crypto wolfssl userspace random
+ harness: console
+ harness_config:
+ type: one_line
+ regex:
+ - "Exiting main with return code: 0"
tests:
- crypto.wolfssl_test:
- platform_allow: qemu_x86 nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp
+ sample.crypto.wolfssl_test:
+ timeout: 120
+ platform_allow: qemu_x86
+ integration_platforms:
+ - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf
index 9ca0cef9..f8b0f292 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf
@@ -2,7 +2,7 @@
CONFIG_MAIN_STACK_SIZE=16384
CONFIG_ENTROPY_GENERATOR=y
CONFIG_INIT_STACKS=y
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192
+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=8192
# General config
CONFIG_NEWLIB_LIBC=y
@@ -23,9 +23,6 @@ CONFIG_NET_SOCKETS_POSIX_NAMES=y
CONFIG_NET_TEST=y
CONFIG_NET_LOOPBACK=y
-CONFIG_DNS_RESOLVER=y
-CONFIG_DNS_SERVER_IP_ADDRESSES=y
-CONFIG_DNS_SERVER1="192.0.2.2"
# Network driver config
CONFIG_TEST_RANDOM_GENERATOR=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml
index 86f7f9a7..ea002827 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml
@@ -1,9 +1,16 @@
-common:
- harness: crypto
- tags: crypto
sample:
description: wolfSSL TLS test application
name: wolfSSL TLS Test
+common:
+ harness: console
+ harness_config:
+ type: multi_line
+ regex:
+ - "Server Return: 0"
+ - "Client Return: 0"
tests:
- test:
- platform_whitelist: qemu_x86
+ sample.crypto.wolfssl_tls_sock:
+ timeout: 60
+ platform_allow: qemu_x86
+ integration_platforms:
+ - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
index 8e71527d..7be36532 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
@@ -33,12 +33,8 @@
#define BUFFER_SIZE 2048
#define STATIC_MEM_SIZE (192*1024)
-#define THREAD_STACK_SIZE (24*1024)
#define MAX_SEND_SIZE 256
-/* The stack to use in the server's thread. */
-K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
-
#ifdef WOLFSSL_STATIC_MEMORY
static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER;
static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT;
@@ -292,20 +288,6 @@ static void wolfssl_memstats(WOLFSSL* ssl)
#endif
}
-
-/* Start the server thread. */
-void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread)
-{
- k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack),
- func, args, NULL, NULL, 5, 0, K_NO_WAIT);
-}
-
-void join_thread(THREAD_TYPE thread)
-{
- /* Threads are handled in the kernel. */
-}
-
-
int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd)
{
int ret = 0;
@@ -350,7 +332,7 @@ int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd)
}
/* Thread to do the server operations. */
-void server_thread(void* arg1, void* arg2, void* arg3)
+void server_thread(void* arg1)
{
int ret = 0;
WOLFSSL_CTX* server_ctx = NULL;
@@ -509,12 +491,18 @@ int main()
#endif
/* Start server */
- start_thread(server_thread, NULL, &serverThread);
+ if (wolfSSL_NewThread(&serverThread, server_thread, NULL) != 0) {
+ printf("Failed to start server thread\n");
+ return -1;
+ }
k_sleep(Z_TIMEOUT_TICKS(100));
client_thread();
- join_thread(serverThread);
+ if (wolfSSL_JoinThread(serverThread) != 0) {
+ printf("Failed to join server thread\n");
+ return -1;
+ }
wolfSSL_Cleanup();
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf
index e675b38a..4a1e290a 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf
@@ -2,7 +2,7 @@
CONFIG_MAIN_STACK_SIZE=16384
CONFIG_ENTROPY_GENERATOR=y
CONFIG_INIT_STACKS=y
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=65536
+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=65536
# Pthreads
CONFIG_PTHREAD_IPC=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml
index 86f7f9a7..270648b6 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml
@@ -1,9 +1,18 @@
-common:
- harness: crypto
- tags: crypto
sample:
description: wolfSSL TLS test application
name: wolfSSL TLS Test
+common:
+ harness: console
+ harness_config:
+ type: multi_line
+ regex:
+ - "Server Return: 0"
+ - "Server Error: 0"
+ - "Client Return: 0"
+ - "Client Error: 0"
tests:
- test:
- platform_whitelist: qemu_x86
+ sample.crypto.wolfssl_tls_thread:
+ timeout: 60
+ platform_allow: qemu_x86
+ integration_platforms:
+ - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
index 57990ab9..490e3362 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
@@ -44,10 +44,6 @@
#define BUFFER_SIZE 2048
#define STATIC_MEM_SIZE (192*1024)
-#define THREAD_STACK_SIZE (24*1024)
-
-/* The stack to use in the server's thread. */
-K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
#ifdef WOLFSSL_STATIC_MEMORY
static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER;
@@ -515,22 +511,8 @@ static void wolfssl_memstats(WOLFSSL* ssl)
#endif
}
-
-/* Start the server thread. */
-void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread)
-{
- k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack),
- func, args, NULL, NULL, 5, 0, K_NO_WAIT);
-}
-
-void join_thread(THREAD_TYPE thread)
-{
- /* Threads are handled in the kernel. */
-}
-
-
/* Thread to do the server operations. */
-void server_thread(void* arg1, void* arg2, void* arg3)
+void server_thread(void* arg1)
{
int ret = 0;
WOLFSSL_CTX* server_ctx = NULL;
@@ -602,7 +584,10 @@ int main()
wc_InitMutex(&server_mutex);
/* Start server */
- start_thread(server_thread, NULL, &serverThread);
+ if (wolfSSL_NewThread(&serverThread, server_thread, NULL) != 0) {
+ printf("Failed to start server thread\n");
+ return -1;
+ }
#ifdef WOLFSSL_STATIC_MEMORY
if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
@@ -643,8 +628,10 @@ int main()
printf("Client Return: %d\n", ret);
printf("Client Error: %d\n", wolfSSL_get_error(client_ssl, ret));
-
- join_thread(serverThread);
+ if (wolfSSL_JoinThread(serverThread) != 0) {
+ printf("Failed to join server thread\n");
+ return -1;
+ }
#ifdef WOLFSSL_STATIC_MEMORY
printf("Client Memory Stats\n");
diff --git a/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h b/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h
index 1ebad1e7..32a28bbc 100644
--- a/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h
+++ b/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h
@@ -28,9 +28,6 @@
extern "C" {
#endif
-#undef WOLFSSL_ZEPHYR
-#define WOLFSSL_ZEPHYR
-
#if 0
#undef SINGLE_THREADED
#define SINGLE_THREADED
@@ -147,11 +144,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_ECC
#endif
-#if defined(CONFIG_WOLFSSL_DEBUG)
-#undef DEBUG_WOLFSSL
-#define DEBUG_WOLFSSL
-#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/extra/wolfssl/wolfssl/zephyr/user_settings.h b/extra/wolfssl/wolfssl/zephyr/user_settings.h
index f5b00526..ba0ba9b2 100644
--- a/extra/wolfssl/wolfssl/zephyr/user_settings.h
+++ b/extra/wolfssl/wolfssl/zephyr/user_settings.h
@@ -33,9 +33,6 @@
extern "C" {
#endif
-#undef WOLFSSL_ZEPHYR
-#define WOLFSSL_ZEPHYR
-
#if 0
#undef SINGLE_THREADED
#define SINGLE_THREADED
@@ -140,11 +137,6 @@ extern "C" {
#define WOLFSSL_HAVE_SP_ECC
#endif
-#if defined(CONFIG_WOLFSSL_DEBUG)
-#undef DEBUG_WOLFSSL
-#define DEBUG_WOLFSSL
-#endif
-
#ifdef __cplusplus
}
#endif